Clean up meta.Authorize and AuthErrors

influxdata · Jul 16, 2015 · e490ea0 · e490ea0
1 parent 4caf5ba
commit e490ea0
Show file tree

Hide file tree

Showing 3 changed files with 8 additions and 35 deletions.
diff --git a/meta/data.go b/meta/data.go
@@ -986,8 +986,11 @@ type UserInfo struct {
 
 // Authorize returns true if the user is authorized and false if not.
 func (ui *UserInfo) Authorize(privilege influxql.Privilege, database string) bool {
+	if ui.Admin {
+		return true
+	}
 	p, ok := ui.Privileges[database]
-	return (ok && p >= privilege) || (ui.Admin)
+	return ok && (p == privilege || p == influxql.AllPrivileges)
 }
 
 // clone returns a deep copy of si.

diff --git a/meta/errors.go b/meta/errors.go
@@ -114,18 +114,3 @@ func lookupError(err error) error {
 	}
 	return err
 }
-
-// AuthError represents an authorization error.
-type AuthError struct {
-	text string
-}
-
-// NewAuthError returns a new instance of AuthError.
-func NewAuthError(text string) AuthError {
-	return AuthError{text: text}
-}
-
-// Error returns the text of the error.
-func (e AuthError) Error() string {
-	return e.text
-}
diff --git a/services/httpd/handler.go b/services/httpd/handler.go
@@ -233,34 +233,19 @@ func (h *Handler) serveQuery(w http.ResponseWriter, r *http.Request, user *meta.
 	w.Header().Add("content-type", "application/json")
 	results, err := h.QueryExecutor.ExecuteQuery(query, db, chunkSize)
 
-	if _, ok := err.(meta.AuthError); ok {
-		w.WriteHeader(http.StatusUnauthorized)
-		return
-	} else if err != nil {
+	if err != nil {
 		w.WriteHeader(http.StatusInternalServerError)
 		return
 	}
 
 	// if we're not chunking, this will be the in memory buffer for all results before sending to client
 	resp := Response{Results: make([]*influxql.Result, 0)}
-	statusWritten := false
+
+	// Status header is OK once this point is reached.
+	w.WriteHeader(http.StatusOK)
 
 	// pull all results from the channel
 	for r := range results {
-		// write the status header based on the first result returned in the channel
-		if !statusWritten {
-			status := http.StatusOK
-
-			if r != nil && r.Err != nil {
-				if _, ok := r.Err.(meta.AuthError); ok {
-					status = http.StatusUnauthorized
-				}
-			}
-
-			w.WriteHeader(status)
-			statusWritten = true
-		}
-
 		// Ignore nil results.
 		if r == nil {
 			continue