monitoring_controller_policy.rb 738 B

1234567891011121314151617181920212223242526272829303132333435363738394041424344
  1. # Copyright (C) 2012-2023 Zammad Foundation, https://zammad-foundation.org/
  2. class Controllers::MonitoringControllerPolicy < Controllers::ApplicationControllerPolicy
  3. def health_check?
  4. token_or_permission?
  5. end
  6. def status?
  7. token_or_permission?
  8. end
  9. def amount_check?
  10. token_or_permission?
  11. end
  12. def token?
  13. monitoring_admin?
  14. end
  15. def restart_failed_jobs?
  16. monitoring_admin?
  17. end
  18. private
  19. def user_required?
  20. false
  21. end
  22. def token_or_permission?
  23. return monitoring_admin? if user.present?
  24. valid_token_param?
  25. end
  26. def valid_token_param?
  27. Setting.get('monitoring_token') == record.params[:token]
  28. end
  29. def monitoring_admin?
  30. user&.permissions?('admin.monitoring')
  31. end
  32. end