grafana/pkg/api/annotations.go

package api

import (
	"context"
	"errors"
	"net/http"
	"strconv"
	"strings"

	"github.com/grafana/grafana/pkg/api/dtos"
	"github.com/grafana/grafana/pkg/api/response"
	"github.com/grafana/grafana/pkg/services/accesscontrol"
	"github.com/grafana/grafana/pkg/services/annotations"
	"github.com/grafana/grafana/pkg/services/auth/identity"
	contextmodel "github.com/grafana/grafana/pkg/services/contexthandler/model"
	"github.com/grafana/grafana/pkg/services/dashboards"
	"github.com/grafana/grafana/pkg/services/featuremgmt"
	"github.com/grafana/grafana/pkg/services/folder"
	"github.com/grafana/grafana/pkg/services/guardian"
	"github.com/grafana/grafana/pkg/services/user"
	"github.com/grafana/grafana/pkg/util"
	"github.com/grafana/grafana/pkg/web"
)

// swagger:route GET /annotations annotations getAnnotations
//
// Find Annotations.
//
// Starting in Grafana v6.4 regions annotations are now returned in one entity that now includes the timeEnd property.
//
// Responses:
// 200: getAnnotationsResponse
// 401: unauthorisedError
// 500: internalServerError
func (hs *HTTPServer) GetAnnotations(c *contextmodel.ReqContext) response.Response {
	query := &annotations.ItemQuery{
		From:         c.QueryInt64("from"),
		To:           c.QueryInt64("to"),
		OrgID:        c.SignedInUser.GetOrgID(),
		UserID:       c.QueryInt64("userId"),
		AlertID:      c.QueryInt64("alertId"),
		DashboardID:  c.QueryInt64("dashboardId"),
		DashboardUID: c.Query("dashboardUID"),
		PanelID:      c.QueryInt64("panelId"),
		Limit:        c.QueryInt64("limit"),
		Tags:         c.QueryStrings("tags"),
		Type:         c.Query("type"),
		MatchAny:     c.QueryBool("matchAny"),
		SignedInUser: c.SignedInUser,
	}

	// When dashboard UID present in the request, we ignore dashboard ID
	if query.DashboardUID != "" {
		dq := dashboards.GetDashboardQuery{UID: query.DashboardUID, OrgID: c.SignedInUser.GetOrgID()}
		dqResult, err := hs.DashboardService.GetDashboard(c.Req.Context(), &dq)
		if err != nil {
			return response.Error(http.StatusBadRequest, "Invalid dashboard UID in annotation request", err)
		} else {
			query.DashboardID = dqResult.ID
		}
	}

	items, err := hs.annotationsRepo.Find(c.Req.Context(), query)
	if err != nil {
		return response.Error(http.StatusInternalServerError, "Failed to get annotations", err)
	}

	// since there are several annotations per dashboard, we can cache dashboard uid
	dashboardCache := make(map[int64]*string)
	for _, item := range items {
		if item.Email != "" {
			item.AvatarURL = dtos.GetGravatarUrl(hs.Cfg, item.Email)
		}

		if item.DashboardID != 0 {
			if val, ok := dashboardCache[item.DashboardID]; ok {
				item.DashboardUID = val
			} else {
				query := dashboards.GetDashboardQuery{ID: item.DashboardID, OrgID: c.SignedInUser.GetOrgID()}
				queryResult, err := hs.DashboardService.GetDashboard(c.Req.Context(), &query)
				if err == nil && queryResult != nil {
					item.DashboardUID = &queryResult.UID
					dashboardCache[item.DashboardID] = &queryResult.UID
				}
			}
		}
	}

	return response.JSON(http.StatusOK, items)
}

type AnnotationError struct {
	message string
}

func (e *AnnotationError) Error() string {
	return e.message
}

// swagger:route POST /annotations annotations postAnnotation
//
// Create Annotation.
//
// Creates an annotation in the Grafana database. The dashboardId and panelId fields are optional. If they are not specified then an organization annotation is created and can be queried in any dashboard that adds the Grafana annotations data source. When creating a region annotation include the timeEnd property.
// The format for `time` and `timeEnd` should be epoch numbers in millisecond resolution.
// The response for this HTTP request is slightly different in versions prior to v6.4. In prior versions you would also get an endId if you where creating a region. But in 6.4 regions are represented using a single event with time and timeEnd properties.
//
// Responses:
// 200: postAnnotationResponse
// 400: badRequestError
// 401: unauthorisedError
// 403: forbiddenError
// 500: internalServerError
func (hs *HTTPServer) PostAnnotation(c *contextmodel.ReqContext) response.Response {
	cmd := dtos.PostAnnotationsCmd{}
	if err := web.Bind(c.Req, &cmd); err != nil {
		return response.Error(http.StatusBadRequest, "bad request data", err)
	}

	// overwrite dashboardId when dashboardUID is not empty
	if cmd.DashboardUID != "" {
		query := dashboards.GetDashboardQuery{OrgID: c.SignedInUser.GetOrgID(), UID: cmd.DashboardUID}
		queryResult, err := hs.DashboardService.GetDashboard(c.Req.Context(), &query)
		if err == nil {
			cmd.DashboardId = queryResult.ID
		}
	}

	if canSave, err := hs.canCreateAnnotation(c, cmd.DashboardId); err != nil || !canSave {
		if !hs.Features.IsEnabled(c.Req.Context(), featuremgmt.FlagAnnotationPermissionUpdate) {
			return dashboardGuardianResponse(err)
		} else if err != nil {
			return response.Error(http.StatusInternalServerError, "Error while checking annotation permissions", err)
		} else {
			return response.Error(http.StatusForbidden, "Access denied to save the annotation", nil)
		}
	}

	if cmd.Text == "" {
		err := &AnnotationError{"text field should not be empty"}
		return response.Error(http.StatusBadRequest, "Failed to save annotation", err)
	}

	userID, err := identity.UserIdentifier(c.SignedInUser.GetNamespacedID())
	if err != nil {
		return response.Error(http.StatusInternalServerError, "Failed to save annotation", err)
	}

	item := annotations.Item{
		OrgID:       c.SignedInUser.GetOrgID(),
		UserID:      userID,
		DashboardID: cmd.DashboardId,
		PanelID:     cmd.PanelId,
		Epoch:       cmd.Time,
		EpochEnd:    cmd.TimeEnd,
		Text:        cmd.Text,
		Data:        cmd.Data,
		Tags:        cmd.Tags,
	}

	if err := hs.annotationsRepo.Save(c.Req.Context(), &item); err != nil {
		if errors.Is(err, annotations.ErrTimerangeMissing) {
			return response.Error(http.StatusBadRequest, "Failed to save annotation", err)
		}
		return response.ErrOrFallback(http.StatusInternalServerError, "Failed to save annotation", err)
	}

	startID := item.ID

	return response.JSON(http.StatusOK, util.DynMap{
		"message": "Annotation added",
		"id":      startID,
	})
}

func formatGraphiteAnnotation(what string, data string) string {
	text := what
	if data != "" {
		text = text + "\n" + data
	}
	return text
}

// swagger:route POST /annotations/graphite annotations postGraphiteAnnotation
//
// Create Annotation in Graphite format.
//
// Creates an annotation by using Graphite-compatible event format. The `when` and `data` fields are optional. If `when` is not specified then the current time will be used as annotation’s timestamp. The `tags` field can also be in prior to Graphite `0.10.0` format (string with multiple tags being separated by a space).
//
// Responses:
// 200: postAnnotationResponse
// 400: badRequestError
// 401: unauthorisedError
// 403: forbiddenError
// 500: internalServerError
func (hs *HTTPServer) PostGraphiteAnnotation(c *contextmodel.ReqContext) response.Response {
	cmd := dtos.PostGraphiteAnnotationsCmd{}
	if err := web.Bind(c.Req, &cmd); err != nil {
		return response.Error(http.StatusBadRequest, "bad request data", err)
	}
	if cmd.What == "" {
		err := &AnnotationError{"what field should not be empty"}
		return response.Error(http.StatusBadRequest, "Failed to save Graphite annotation", err)
	}

	text := formatGraphiteAnnotation(cmd.What, cmd.Data)

	// Support tags in prior to Graphite 0.10.0 format (string of tags separated by space)
	var tagsArray []string
	switch tags := cmd.Tags.(type) {
	case string:
		if tags != "" {
			tagsArray = strings.Split(tags, " ")
		} else {
			tagsArray = []string{}
		}
	case []any:
		for _, t := range tags {
			if tagStr, ok := t.(string); ok {
				tagsArray = append(tagsArray, tagStr)
			} else {
				err := &AnnotationError{"tag should be a string"}
				return response.Error(http.StatusBadRequest, "Failed to save Graphite annotation", err)
			}
		}
	default:
		err := &AnnotationError{"unsupported tags format"}
		return response.Error(http.StatusBadRequest, "Failed to save Graphite annotation", err)
	}

	userID, err := identity.UserIdentifier(c.SignedInUser.GetNamespacedID())
	if err != nil {
		return response.Error(http.StatusInternalServerError, "Failed to save Graphite annotation", err)
	}

	item := annotations.Item{
		OrgID:  c.SignedInUser.GetOrgID(),
		UserID: userID,
		Epoch:  cmd.When * 1000,
		Text:   text,
		Tags:   tagsArray,
	}

	if err := hs.annotationsRepo.Save(c.Req.Context(), &item); err != nil {
		return response.ErrOrFallback(http.StatusInternalServerError, "Failed to save Graphite annotation", err)
	}

	return response.JSON(http.StatusOK, util.DynMap{
		"message": "Graphite annotation added",
		"id":      item.ID,
	})
}

// swagger:route PUT /annotations/{annotation_id} annotations updateAnnotation
//
// Update Annotation.
//
// Updates all properties of an annotation that matches the specified id. To only update certain property, consider using the Patch Annotation operation.
//
// Responses:
// 200: okResponse
// 400: badRequestError
// 401: unauthorisedError
// 403: forbiddenError
// 500: internalServerError
func (hs *HTTPServer) UpdateAnnotation(c *contextmodel.ReqContext) response.Response {
	cmd := dtos.UpdateAnnotationsCmd{}
	if err := web.Bind(c.Req, &cmd); err != nil {
		return response.Error(http.StatusBadRequest, "bad request data", err)
	}

	annotationID, err := strconv.ParseInt(web.Params(c.Req)[":annotationId"], 10, 64)
	if err != nil {
		return response.Error(http.StatusBadRequest, "annotationId is invalid", err)
	}

	annotation, resp := findAnnotationByID(c.Req.Context(), hs.annotationsRepo, annotationID, c.SignedInUser)
	if resp != nil {
		return resp
	}

	if !hs.Features.IsEnabled(c.Req.Context(), featuremgmt.FlagAnnotationPermissionUpdate) {
		if canSave, err := hs.canSaveAnnotation(c, annotation); err != nil || !canSave {
			return dashboardGuardianResponse(err)
		}
	}

	userID, err := identity.UserIdentifier(c.SignedInUser.GetNamespacedID())
	if err != nil {
		return response.Error(http.StatusInternalServerError,
			"Failed to update annotation", err)
	}

	item := annotations.Item{
		OrgID:    c.SignedInUser.GetOrgID(),
		UserID:   userID,
		ID:       annotationID,
		Epoch:    cmd.Time,
		EpochEnd: cmd.TimeEnd,
		Text:     cmd.Text,
		Tags:     cmd.Tags,
		Data:     annotation.Data,
	}

	if cmd.Data != nil {
		item.Data = cmd.Data
	}

	if err := hs.annotationsRepo.Update(c.Req.Context(), &item); err != nil {
		return response.ErrOrFallback(http.StatusInternalServerError, "Failed to update annotation", err)
	}

	return response.Success("Annotation updated")
}

// swagger:route PATCH /annotations/{annotation_id} annotations patchAnnotation
//
// Patch Annotation.
//
// Updates one or more properties of an annotation that matches the specified ID.
// This operation currently supports updating of the `text`, `tags`, `time` and `timeEnd` properties.
// This is available in Grafana 6.0.0-beta2 and above.
//
// Responses:
// 200: okResponse
// 401: unauthorisedError
// 403: forbiddenError
// 404: notFoundError
// 500: internalServerError
func (hs *HTTPServer) PatchAnnotation(c *contextmodel.ReqContext) response.Response {
	cmd := dtos.PatchAnnotationsCmd{}
	if err := web.Bind(c.Req, &cmd); err != nil {
		return response.Error(http.StatusBadRequest, "bad request data", err)
	}
	annotationID, err := strconv.ParseInt(web.Params(c.Req)[":annotationId"], 10, 64)
	if err != nil {
		return response.Error(http.StatusBadRequest, "annotationId is invalid", err)
	}

	annotation, resp := findAnnotationByID(c.Req.Context(), hs.annotationsRepo, annotationID, c.SignedInUser)
	if resp != nil {
		return resp
	}

	if !hs.Features.IsEnabled(c.Req.Context(), featuremgmt.FlagAnnotationPermissionUpdate) {
		if canSave, err := hs.canSaveAnnotation(c, annotation); err != nil || !canSave {
			return dashboardGuardianResponse(err)
		}
	}

	userID, err := identity.UserIdentifier(c.SignedInUser.GetNamespacedID())
	if err != nil {
		return response.Error(http.StatusInternalServerError,
			"Failed to update annotation", err)
	}

	existing := annotations.Item{
		OrgID:    c.SignedInUser.GetOrgID(),
		UserID:   userID,
		ID:       annotationID,
		Epoch:    annotation.Time,
		EpochEnd: annotation.TimeEnd,
		Text:     annotation.Text,
		Tags:     annotation.Tags,
		Data:     annotation.Data,
	}

	if cmd.Tags != nil {
		existing.Tags = cmd.Tags
	}

	if cmd.Text != "" && cmd.Text != existing.Text {
		existing.Text = cmd.Text
	}

	if cmd.Time > 0 && cmd.Time != existing.Epoch {
		existing.Epoch = cmd.Time
	}

	if cmd.TimeEnd > 0 && cmd.TimeEnd != existing.EpochEnd {
		existing.EpochEnd = cmd.TimeEnd
	}

	if cmd.Data != nil {
		existing.Data = cmd.Data
	}

	if err := hs.annotationsRepo.Update(c.Req.Context(), &existing); err != nil {
		return response.ErrOrFallback(http.StatusInternalServerError, "Failed to update annotation", err)
	}

	return response.Success("Annotation patched")
}

// swagger:route POST /annotations/mass-delete annotations massDeleteAnnotations
//
// Delete multiple annotations.
//
// Responses:
// 200: okResponse
// 401: unauthorisedError
// 500: internalServerError
func (hs *HTTPServer) MassDeleteAnnotations(c *contextmodel.ReqContext) response.Response {
	cmd := dtos.MassDeleteAnnotationsCmd{}
	err := web.Bind(c.Req, &cmd)
	if err != nil {
		return response.Error(http.StatusBadRequest, "bad request data", err)
	}

	if cmd.DashboardUID != "" {
		query := dashboards.GetDashboardQuery{OrgID: c.SignedInUser.GetOrgID(), UID: cmd.DashboardUID}
		queryResult, err := hs.DashboardService.GetDashboard(c.Req.Context(), &query)
		if err == nil {
			cmd.DashboardId = queryResult.ID
		}
	}

	if (cmd.DashboardId != 0 && cmd.PanelId == 0) || (cmd.PanelId != 0 && cmd.DashboardId == 0) {
		err := &AnnotationError{message: "DashboardId and PanelId are both required for mass delete"}
		return response.Error(http.StatusBadRequest, "bad request data", err)
	}

	var deleteParams *annotations.DeleteParams

	// validations only for RBAC. A user can mass delete all annotations in a (dashboard + panel) or a specific annotation
	// if has access to that dashboard.
	var dashboardId int64

	if cmd.AnnotationId != 0 {
		annotation, respErr := findAnnotationByID(c.Req.Context(), hs.annotationsRepo, cmd.AnnotationId, c.SignedInUser)
		if respErr != nil {
			return respErr
		}
		dashboardId = annotation.DashboardID
		deleteParams = &annotations.DeleteParams{
			OrgID: c.SignedInUser.GetOrgID(),
			ID:    cmd.AnnotationId,
		}
	} else {
		dashboardId = cmd.DashboardId
		deleteParams = &annotations.DeleteParams{
			OrgID:       c.SignedInUser.GetOrgID(),
			DashboardID: cmd.DashboardId,
			PanelID:     cmd.PanelId,
		}
	}

	canSave, err := hs.canMassDeleteAnnotations(c, dashboardId)
	if err != nil || !canSave {
		if !hs.Features.IsEnabled(c.Req.Context(), featuremgmt.FlagAnnotationPermissionUpdate) {
			return dashboardGuardianResponse(err)
		} else if err != nil {
			return response.Error(http.StatusInternalServerError, "Error while checking annotation permissions", err)
		} else {
			return response.Error(http.StatusForbidden, "Access denied to mass delete annotations", nil)
		}
	}

	err = hs.annotationsRepo.Delete(c.Req.Context(), deleteParams)

	if err != nil {
		return response.Error(http.StatusInternalServerError, "Failed to delete annotations", err)
	}

	return response.Success("Annotations deleted")
}

// swagger:route GET /annotations/{annotation_id} annotations getAnnotationByID
//
// Get Annotation by ID.
//
// Responses:
// 200: getAnnotationByIDResponse
// 401: unauthorisedError
// 500: internalServerError
func (hs *HTTPServer) GetAnnotationByID(c *contextmodel.ReqContext) response.Response {
	annotationID, err := strconv.ParseInt(web.Params(c.Req)[":annotationId"], 10, 64)
	if err != nil {
		return response.Error(http.StatusBadRequest, "annotationId is invalid", err)
	}

	annotation, resp := findAnnotationByID(c.Req.Context(), hs.annotationsRepo, annotationID, c.SignedInUser)
	if resp != nil {
		return resp
	}

	if annotation.Email != "" {
		annotation.AvatarURL = dtos.GetGravatarUrl(hs.Cfg, annotation.Email)
	}

	return response.JSON(http.StatusOK, annotation)
}

// swagger:route DELETE /annotations/{annotation_id} annotations deleteAnnotationByID
//
// Delete Annotation By ID.
//
// Deletes the annotation that matches the specified ID.
//
// Responses:
// 200: okResponse
// 401: unauthorisedError
// 403: forbiddenError
// 500: internalServerError
func (hs *HTTPServer) DeleteAnnotationByID(c *contextmodel.ReqContext) response.Response {
	annotationID, err := strconv.ParseInt(web.Params(c.Req)[":annotationId"], 10, 64)
	if err != nil {
		return response.Error(http.StatusBadRequest, "annotationId is invalid", err)
	}

	if !hs.Features.IsEnabled(c.Req.Context(), featuremgmt.FlagAnnotationPermissionUpdate) {
		annotation, resp := findAnnotationByID(c.Req.Context(), hs.annotationsRepo, annotationID, c.SignedInUser)
		if resp != nil {
			return resp
		}

		if canSave, err := hs.canSaveAnnotation(c, annotation); err != nil || !canSave {
			return dashboardGuardianResponse(err)
		}
	}

	err = hs.annotationsRepo.Delete(c.Req.Context(), &annotations.DeleteParams{
		OrgID: c.SignedInUser.GetOrgID(),
		ID:    annotationID,
	})
	if err != nil {
		return response.Error(http.StatusInternalServerError, "Failed to delete annotation", err)
	}

	return response.Success("Annotation deleted")
}

func (hs *HTTPServer) canSaveAnnotation(c *contextmodel.ReqContext, annotation *annotations.ItemDTO) (bool, error) {
	if annotation.GetType() == annotations.Dashboard {
		return canEditDashboard(c, annotation.DashboardID)
	} else {
		return true, nil
	}
}

func canEditDashboard(c *contextmodel.ReqContext, dashboardID int64) (bool, error) {
	guard, err := guardian.New(c.Req.Context(), dashboardID, c.SignedInUser.GetOrgID(), c.SignedInUser)
	if err != nil {
		return false, err
	}

	if canEdit, err := guard.CanEdit(); err != nil || !canEdit {
		return false, err
	}

	return true, nil
}

func findAnnotationByID(ctx context.Context, repo annotations.Repository, annotationID int64, user *user.SignedInUser) (*annotations.ItemDTO, response.Response) {
	query := &annotations.ItemQuery{
		AnnotationID: annotationID,
		OrgID:        user.OrgID,
		SignedInUser: user,
	}
	items, err := repo.Find(ctx, query)

	if err != nil {
		return nil, response.Error(http.StatusInternalServerError, "Failed to find annotation", err)
	}

	if len(items) == 0 {
		return nil, response.Error(http.StatusNotFound, "Annotation not found", nil)
	}

	return items[0], nil
}

// swagger:route GET /annotations/tags annotations getAnnotationTags
//
// Find Annotations Tags.
//
// Find all the event tags created in the annotations.
//
// Responses:
// 200: getAnnotationTagsResponse
// 401: unauthorisedError
// 500: internalServerError
func (hs *HTTPServer) GetAnnotationTags(c *contextmodel.ReqContext) response.Response {
	query := &annotations.TagsQuery{
		OrgID: c.SignedInUser.GetOrgID(),
		Tag:   c.Query("tag"),
		Limit: c.QueryInt64("limit"),
	}

	result, err := hs.annotationsRepo.FindTags(c.Req.Context(), query)
	if err != nil {
		return response.Error(http.StatusInternalServerError, "Failed to find annotation tags", err)
	}

	return response.JSON(http.StatusOK, annotations.GetAnnotationTagsResponse{Result: result})
}

// AnnotationTypeScopeResolver provides an ScopeAttributeResolver able to
// resolve annotation types. Scope "annotations:id:<id>" will be translated to "annotations:type:<type>,
// where <type> is the type of annotation with id <id>.
// If annotationPermissionUpdate feature toggle is enabled, dashboard annotation scope will be resolved to the corresponding
// dashboard and folder scopes (eg, "dashboards:uid:<annotation_dashboard_uid>", "folders:uid:<parent_folder_uid>" etc).
func AnnotationTypeScopeResolver(annotationsRepo annotations.Repository, features featuremgmt.FeatureToggles, dashSvc dashboards.DashboardService, folderSvc folder.Service) (string, accesscontrol.ScopeAttributeResolver) {
	prefix := accesscontrol.ScopeAnnotationsProvider.GetResourceScope("")
	return prefix, accesscontrol.ScopeAttributeResolverFunc(func(ctx context.Context, orgID int64, initialScope string) ([]string, error) {
		scopeParts := strings.Split(initialScope, ":")
		if scopeParts[0] != accesscontrol.ScopeAnnotationsRoot || len(scopeParts) != 3 {
			return nil, accesscontrol.ErrInvalidScope
		}

		annotationIdStr := scopeParts[2]
		annotationId, err := strconv.Atoi(annotationIdStr)
		if err != nil {
			return nil, accesscontrol.ErrInvalidScope
		}

		// tempUser is used to resolve annotation type.
		// The annotation doesn't get returned to the real user, so real user's permissions don't matter here.
		tempUser := &user.SignedInUser{
			OrgID: orgID,
			Permissions: map[int64]map[string][]string{
				orgID: {
					dashboards.ActionDashboardsRead:     {dashboards.ScopeDashboardsAll},
					accesscontrol.ActionAnnotationsRead: {accesscontrol.ScopeAnnotationsAll},
				},
			},
		}

		if features.IsEnabled(ctx, featuremgmt.FlagAnnotationPermissionUpdate) {
			tempUser = &user.SignedInUser{
				OrgID: orgID,
				Permissions: map[int64]map[string][]string{
					orgID: {
						accesscontrol.ActionAnnotationsRead: {accesscontrol.ScopeAnnotationsTypeOrganization, dashboards.ScopeDashboardsAll},
					},
				},
			}
		}

		annotation, resp := findAnnotationByID(ctx, annotationsRepo, int64(annotationId), tempUser)
		if resp != nil {
			return nil, errors.New("could not resolve annotation type")
		}

		if !features.IsEnabled(ctx, featuremgmt.FlagAnnotationPermissionUpdate) {
			switch annotation.GetType() {
			case annotations.Organization:
				return []string{accesscontrol.ScopeAnnotationsTypeOrganization}, nil
			case annotations.Dashboard:
				return []string{accesscontrol.ScopeAnnotationsTypeDashboard}, nil
			}
		}

		if annotation.DashboardID == 0 {
			return []string{accesscontrol.ScopeAnnotationsTypeOrganization}, nil
		} else {
			dashboard, err := dashSvc.GetDashboard(ctx, &dashboards.GetDashboardQuery{ID: annotation.DashboardID, OrgID: orgID})
			if err != nil {
				return nil, err
			}
			scopes := []string{dashboards.ScopeDashboardsProvider.GetResourceScopeUID(dashboard.UID)}
			// Append dashboard parent scopes if dashboard is in a folder or the general scope if dashboard is not in a folder
			if dashboard.FolderUID != "" {
				scopes = append(scopes, dashboards.ScopeFoldersProvider.GetResourceScopeUID(dashboard.FolderUID))
				inheritedScopes, err := dashboards.GetInheritedScopes(ctx, orgID, dashboard.FolderUID, folderSvc)
				if err != nil {
					return nil, err
				}
				scopes = append(scopes, inheritedScopes...)
			} else {
				scopes = append(scopes, dashboards.ScopeFoldersProvider.GetResourceScopeUID(folder.GeneralFolderUID))
			}
			return scopes, nil
		}
	})
}

func (hs *HTTPServer) canCreateAnnotation(c *contextmodel.ReqContext, dashboardId int64) (bool, error) {
	if hs.Features.IsEnabled(c.Req.Context(), featuremgmt.FlagAnnotationPermissionUpdate) {
		if dashboardId != 0 {
			evaluator := accesscontrol.EvalPermission(accesscontrol.ActionAnnotationsCreate, dashboards.ScopeDashboardsProvider.GetResourceScope(strconv.FormatInt(dashboardId, 10)))
			return hs.AccessControl.Evaluate(c.Req.Context(), c.SignedInUser, evaluator)
		} else { // organization annotations
			evaluator := accesscontrol.EvalPermission(accesscontrol.ActionAnnotationsCreate, accesscontrol.ScopeAnnotationsTypeOrganization)
			return hs.AccessControl.Evaluate(c.Req.Context(), c.SignedInUser, evaluator)
		}
	}

	if dashboardId != 0 {
		evaluator := accesscontrol.EvalPermission(accesscontrol.ActionAnnotationsCreate, accesscontrol.ScopeAnnotationsTypeDashboard)
		if canSave, err := hs.AccessControl.Evaluate(c.Req.Context(), c.SignedInUser, evaluator); err != nil || !canSave {
			return canSave, err
		}

		return canEditDashboard(c, dashboardId)
	} else { // organization annotations
		evaluator := accesscontrol.EvalPermission(accesscontrol.ActionAnnotationsCreate, accesscontrol.ScopeAnnotationsTypeOrganization)
		return hs.AccessControl.Evaluate(c.Req.Context(), c.SignedInUser, evaluator)
	}
}

func (hs *HTTPServer) canMassDeleteAnnotations(c *contextmodel.ReqContext, dashboardID int64) (bool, error) {
	if hs.Features.IsEnabled(c.Req.Context(), featuremgmt.FlagAnnotationPermissionUpdate) {
		if dashboardID == 0 {
			evaluator := accesscontrol.EvalPermission(accesscontrol.ActionAnnotationsDelete, accesscontrol.ScopeAnnotationsTypeOrganization)
			return hs.AccessControl.Evaluate(c.Req.Context(), c.SignedInUser, evaluator)
		} else {
			evaluator := accesscontrol.EvalPermission(accesscontrol.ActionAnnotationsDelete, dashboards.ScopeDashboardsProvider.GetResourceScope(strconv.FormatInt(dashboardID, 10)))
			return hs.AccessControl.Evaluate(c.Req.Context(), c.SignedInUser, evaluator)
		}
	}

	if dashboardID == 0 {
		evaluator := accesscontrol.EvalPermission(accesscontrol.ActionAnnotationsDelete, accesscontrol.ScopeAnnotationsTypeOrganization)
		return hs.AccessControl.Evaluate(c.Req.Context(), c.SignedInUser, evaluator)
	} else {
		evaluator := accesscontrol.EvalPermission(accesscontrol.ActionAnnotationsDelete, accesscontrol.ScopeAnnotationsTypeDashboard)
		canSave, err := hs.AccessControl.Evaluate(c.Req.Context(), c.SignedInUser, evaluator)
		if err != nil || !canSave {
			return false, err
		}

		canSave, err = canEditDashboard(c, dashboardID)
		if err != nil || !canSave {
			return false, err
		}
	}

	return true, nil
}

// swagger:parameters getAnnotationByID
type GetAnnotationByIDParams struct {
	// in:path
	// required:true
	AnnotationID string `json:"annotation_id"`
}

// swagger:parameters deleteAnnotationByID
type DeleteAnnotationByIDParams struct {
	// in:path
	// required:true
	AnnotationID string `json:"annotation_id"`
}

// swagger:parameters getAnnotations
type GetAnnotationsParams struct {
	// Find annotations created after specific epoch datetime in milliseconds.
	// in:query
	// required:false
	From int64 `json:"from"`
	// Find annotations created before specific epoch datetime in milliseconds.
	// in:query
	// required:false
	To int64 `json:"to"`
	// Limit response to annotations created by specific user.
	// in:query
	// required:false
	UserID int64 `json:"userId"`
	// Find annotations for a specified alert.
	// in:query
	// required:false
	AlertID int64 `json:"alertId"`
	// Find annotations that are scoped to a specific dashboard
	// in:query
	// required:false
	DashboardID int64 `json:"dashboardId"`
	// Find annotations that are scoped to a specific dashboard
	// in:query
	// required:false
	DashboardUID string `json:"dashboardUID"`
	// Find annotations that are scoped to a specific panel
	// in:query
	// required:false
	PanelID int64 `json:"panelId"`
	// Max limit for results returned.
	// in:query
	// required:false
	Limit int64 `json:"limit"`
	// Use this to filter organization annotations. Organization annotations are annotations from an annotation data source that are not connected specifically to a dashboard or panel. You can filter by multiple tags.
	// in:query
	// required:false
	// type: array
	// collectionFormat: multi
	Tags []string `json:"tags"`
	// Return alerts or user created annotations
	// in:query
	// required:false
	// Description:
	// * `alert`
	// * `annotation`
	// enum: alert,annotation
	Type string `json:"type"`
	// Match any or all tags
	// in:query
	// required:false
	MatchAny bool `json:"matchAny"`
}

// swagger:parameters getAnnotationTags
type GetAnnotationTagsParams struct {
	// Tag is a string that you can use to filter tags.
	// in:query
	// required:false
	Tag string `json:"tag"`
	// Max limit for results returned.
	// in:query
	// required:false
	// default: 100
	Limit string `json:"limit"`
}

// swagger:parameters massDeleteAnnotations
type MassDeleteAnnotationsParams struct {
	// in:body
	// required:true
	Body dtos.MassDeleteAnnotationsCmd `json:"body"`
}

// swagger:parameters postAnnotation
type PostAnnotationParams struct {
	// in:body
	// required:true
	Body dtos.PostAnnotationsCmd `json:"body"`
}

// swagger:parameters postGraphiteAnnotation
type PostGraphiteAnnotationParams struct {
	// in:body
	// required:true
	Body dtos.PostGraphiteAnnotationsCmd `json:"body"`
}

// swagger:parameters updateAnnotation
type UpdateAnnotationParams struct {
	// in:path
	// required:true
	AnnotationID string `json:"annotation_id"`
	// in:body
	// required:true
	Body dtos.UpdateAnnotationsCmd `json:"body"`
}

// swagger:parameters patchAnnotation
type PatchAnnotationParams struct {
	// in:path
	// required:true
	AnnotationID string `json:"annotation_id"`
	// in:body
	// required:true
	Body dtos.PatchAnnotationsCmd `json:"body"`
}

// swagger:response getAnnotationsResponse
type GetAnnotationsResponse struct {
	// The response message
	// in: body
	Body []*annotations.ItemDTO `json:"body"`
}

// swagger:response getAnnotationByIDResponse
type GetAnnotationByIDResponse struct {
	// The response message
	// in: body
	Body *annotations.ItemDTO `json:"body"`
}

// swagger:response postAnnotationResponse
type PostAnnotationResponse struct {
	// The response message
	// in: body
	Body struct {
		// ID Identifier of the created annotation.
		// required: true
		// example: 65
		ID int64 `json:"id"`

		// Message Message of the created annotation.
		// required: true
		Message string `json:"message"`
	} `json:"body"`
}

// swagger:response getAnnotationTagsResponse
type GetAnnotationTagsResponse struct {
	// The response message
	// in: body
	Body annotations.GetAnnotationTagsResponse `json:"body"`
}
-												feat(annotations): added support to show grafana stored annotations in graphs, #5982

											
										
										
											2016-09-08 04:25:45 -05:00
+								package api
 								import (
-												Access control: FGAC for annotation updates (#46462)

* proposal

* PR feedback

* fix canSave bug

* update scope naming

* linting

* linting

Co-authored-by: Ezequiel Victorero <ezequiel.victorero@grafana.com>
											
										
										
											2022-03-18 11:33:21 -05:00
+									"context"
-												API: Return 400 on invalid Annotation requests (#32429)

Signed-off-by: bergquist <carl.bergquist@gmail.com>
											
										
										
											2021-03-29 08:47:16 -05:00
+									"errors"
-												Chore: Refactor api handlers to use web.Bind (#42199)

* Chore: Refactor api handlers to use web.Bind

* fix comments

* fix comment

* trying to fix most of the tests and force routing.Wrap type check

* fix library panels tests

* fix frontend logging tests

* allow passing nil as a response to skip writing

* return nil instead of the response

* rewrite login handler function types

* remove handlerFuncCtx

* make linter happy

* remove old bindings from the libraryelements

* restore comments
											
										
										
											2021-11-29 03:18:01 -06:00
+									"net/http"
-												Remove Macaron ParamsInt64 function from code base (#43810)

* draft commit

* change all calls

* Compilation errors
											
										
										
											2022-01-14 10:55:57 -06:00
+									"strconv"
-												annotations: add endpoint for writing graphite-like events (#9495)

* annotations: add endpoint for writing graphite-like events

* annotations: fix new line handling in tooltip

* annotations: support tags in prior to Graphite 0.10.0 format

											
										
										
											2017-10-12 03:12:15 -05:00
+									"strings"
-												feat(annotations): added support to show grafana stored annotations in graphs, #5982

											
										
										
											2016-09-08 04:25:45 -05:00
+									"github.com/grafana/grafana/pkg/api/dtos"
-												Chore: Moves common and response into separate packages (#30298)

* Chore: moves common and response into separate packages

* Chore: moves common and response into separate packages

* Update pkg/api/utils/common.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Chore: changes after PR comments

* Chore: move wrap to routing package

* Chore: move functions in common to response package

* Chore: move functions in common to response package

* Chore: formats imports

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
											
										
										
											2021-01-15 07:43:20 -06:00
+									"github.com/grafana/grafana/pkg/api/response"
-												Access control: FGAC for annotation updates (#46462)

* proposal

* PR feedback

* fix canSave bug

* update scope naming

* linting

* linting

Co-authored-by: Ezequiel Victorero <ezequiel.victorero@grafana.com>
											
										
										
											2022-03-18 11:33:21 -05:00
+									"github.com/grafana/grafana/pkg/services/accesscontrol"
-												feat(annotations): added support to show grafana stored annotations in graphs, #5982

											
										
										
											2016-09-08 04:25:45 -05:00
+									"github.com/grafana/grafana/pkg/services/annotations"
-												Identity: Unfurl UserID and Email in pkg/api to user identity.Requester (#76112)

* Unfurl OrgRole in pkg/api to allow using identity.Requester interface

* Unfurl Email in pkg/api to allow using identity.Requester interface

* Update UserID in pkg/api to allow using identity.Requester interface

* fix authed test

* fix datasource tests

* guard login

* fix preferences anon testing

* fix anonymous index rendering

* do not error with user id 0
											
										
										
											2023-10-09 09:07:28 -05:00
+									"github.com/grafana/grafana/pkg/services/auth/identity"
-												Chore: Move ReqContext to contexthandler service (#62102)

* Chore: Move ReqContext to contexthandler service

* Rename package to contextmodel

* Generate ngalert files

* Remove unused imports
											
										
										
											2023-01-27 01:50:36 -06:00
+									contextmodel "github.com/grafana/grafana/pkg/services/contexthandler/model"
-												Access Control: Move dashboard actions and create scope provider (#48618)

* Move dashboard actions and create scope provider
											
										
										
											2022-05-04 09:12:09 -05:00
+									"github.com/grafana/grafana/pkg/services/dashboards"
-												Annotations: Update annotation scope resolver to resolve annotation scopes to dash and folder scopes (#78222)

* update annotation scope resolver to resolve dashboard annotation scopes to dash and folder scopes

* Update annotations.go

remove unwanted changes

* remove unwanted change

* use switch statement
											
										
										
											2023-11-17 03:57:25 -06:00
+									"github.com/grafana/grafana/pkg/services/featuremgmt"
 									"github.com/grafana/grafana/pkg/services/folder"
-												dashfolders: permissions for saving annotations

ref #10275 Use folder permissions instead of hard coded
permissions on the annotations routes.

											
										
										
											2017-12-20 17:52:21 -06:00
+									"github.com/grafana/grafana/pkg/services/guardian"
-												Move SignedInUser to user service and RoleType and Roles to org (#53445)

* Move SignedInUser to user service and RoleType and Roles to org

* Use go naming convention for roles

* Fix some imports and leftovers

* Fix ldap debug test

* Fix lint

* Fix lint 2

* Fix lint 3

* Fix type and not needed conversion

* Clean up messages in api tests

* Clean up api tests 2
											
										
										
											2022-08-10 04:56:48 -05:00
+									"github.com/grafana/grafana/pkg/services/user"
-												fix: return id from api when creating new annotation/graphite annotation, fixes #9798

When creating a region annotation the response will include both
id (region start id) and endId (region end id), if not only id.

											
										
										
											2017-11-16 07:24:56 -06:00
+									"github.com/grafana/grafana/pkg/util"
-												Chore: Refactor api handlers to use web.Bind (#42199)

* Chore: Refactor api handlers to use web.Bind

* fix comments

* fix comment

* trying to fix most of the tests and force routing.Wrap type check

* fix library panels tests

* fix frontend logging tests

* allow passing nil as a response to skip writing

* return nil instead of the response

* rewrite login handler function types

* remove handlerFuncCtx

* make linter happy

* remove old bindings from the libraryelements

* restore comments
											
										
										
											2021-11-29 03:18:01 -06:00
+									"github.com/grafana/grafana/pkg/web"
-												feat(annotations): added support to show grafana stored annotations in graphs, #5982

											
										
										
											2016-09-08 04:25:45 -05:00
+								)
-												Chore: Move swagger definitions to the handlers (#52643)


											
										
										
											2022-07-27 08:54:37 -05:00
+								// swagger:route GET /annotations annotations getAnnotations
 								//
 								// Find Annotations.
 								//
 								// Starting in Grafana v6.4 regions annotations are now returned in one entity that now includes the timeEnd property.
 								//
 								// Responses:
 								// 200: getAnnotationsResponse
 								// 401: unauthorisedError
 								// 500: internalServerError
-												Chore: Move ReqContext to contexthandler service (#62102)

* Chore: Move ReqContext to contexthandler service

* Rename package to contextmodel

* Generate ngalert files

* Remove unused imports
											
										
										
											2023-01-27 01:50:36 -06:00
+								func (hs *HTTPServer) GetAnnotations(c *contextmodel.ReqContext) response.Response {
-												feat(annotations): added support to show grafana stored annotations in graphs, #5982

											
										
										
											2016-09-08 04:25:45 -05:00
+									query := &annotations.ItemQuery{
-												Access control: SQL filtering for annotation listing (#47467)

* pass in user to attribute scope resolver

* add SQL filter to annotation listing

* check annotation FGAC permissions before exposing them for commenting

* remove the requirement to be able to list all annotations from annotation listing endpoint

* adding tests for annotation listing

* remove changes that got moved to a different PR

* unused var

* Update pkg/services/sqlstore/annotation.go

Co-authored-by: Ezequiel Victorero <evictorero@gmail.com>

* remove unneeded check

* remove unneeded check

* undo accidental change

* undo accidental change

* doc update

* move tests

* redo the approach for passing the user in for scope resolution

* accidental change

* cleanup

* error handling

Co-authored-by: Ezequiel Victorero <evictorero@gmail.com>
											
										
										
											2022-04-11 07:18:38 -05:00
+										From:         c.QueryInt64("from"),
 										To:           c.QueryInt64("to"),
-												Auth: Unfurl OrgID in pkg/api to allow using identity.Requester interface (#76108)

Unfurl OrgID in pkg/api to allow using identity.Requester interface
											
										
										
											2023-10-06 04:34:36 -05:00
+										OrgID:        c.SignedInUser.GetOrgID(),
-												Rename Id to ID for annotation models (#62886)

* Rename Id to ID for annotation models

* Add xorm tags

* Rename Id to ID for API key models

* Add xorm tags
											
										
										
											2023-02-03 10:23:09 -06:00
+										UserID:       c.QueryInt64("userId"),
 										AlertID:      c.QueryInt64("alertId"),
 										DashboardID:  c.QueryInt64("dashboardId"),
 										DashboardUID: c.Query("dashboardUID"),
 										PanelID:      c.QueryInt64("panelId"),
-												Access control: SQL filtering for annotation listing (#47467)

* pass in user to attribute scope resolver

* add SQL filter to annotation listing

* check annotation FGAC permissions before exposing them for commenting

* remove the requirement to be able to list all annotations from annotation listing endpoint

* adding tests for annotation listing

* remove changes that got moved to a different PR

* unused var

* Update pkg/services/sqlstore/annotation.go

Co-authored-by: Ezequiel Victorero <evictorero@gmail.com>

* remove unneeded check

* remove unneeded check

* undo accidental change

* undo accidental change

* doc update

* move tests

* redo the approach for passing the user in for scope resolution

* accidental change

* cleanup

* error handling

Co-authored-by: Ezequiel Victorero <evictorero@gmail.com>
											
										
										
											2022-04-11 07:18:38 -05:00
+										Limit:        c.QueryInt64("limit"),
 										Tags:         c.QueryStrings("tags"),
 										Type:         c.Query("type"),
 										MatchAny:     c.QueryBool("matchAny"),
 										SignedInUser: c.SignedInUser,
-												feat(annotations): added support to show grafana stored annotations in graphs, #5982

											
										
										
											2016-09-08 04:25:45 -05:00
+									}
-												Chore: Add dashboard UID as query parameter of Get annotation endpoint (#52764)

* Chore: Add dashboard uid as query parameter of Get annotation endpoint

* Update pkg/api/annotations.go

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>

* update the dashboarUID

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
											
										
										
											2022-07-26 20:52:34 -05:00
+									// When dashboard UID present in the request, we ignore dashboard ID
-												Rename Id to ID for annotation models (#62886)

* Rename Id to ID for annotation models

* Add xorm tags

* Rename Id to ID for API key models

* Add xorm tags
											
										
										
											2023-02-03 10:23:09 -06:00
+									if query.DashboardUID != "" {
-												Auth: Unfurl OrgID in pkg/api to allow using identity.Requester interface (#76108)

Unfurl OrgID in pkg/api to allow using identity.Requester interface
											
										
										
											2023-10-06 04:34:36 -05:00
+										dq := dashboards.GetDashboardQuery{UID: query.DashboardUID, OrgID: c.SignedInUser.GetOrgID()}
-												Chore: Remove Result from dashboard models (#61997)

* Chore: Remove Result from dashboard models

* Fix lint tests

* Fix dashboard service tests

* Fix API tests

* Remove commented out code

* Chore: Merge main - cleanup
											
										
										
											2023-01-25 03:36:26 -06:00
+										dqResult, err := hs.DashboardService.GetDashboard(c.Req.Context(), &dq)
-												Chore: Add dashboard UID as query parameter of Get annotation endpoint (#52764)

* Chore: Add dashboard uid as query parameter of Get annotation endpoint

* Update pkg/api/annotations.go

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>

* update the dashboarUID

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
											
										
										
											2022-07-26 20:52:34 -05:00
+										if err != nil {
-												Chore: remove dashboardsFromStorage (#65058)


											
										
										
											2023-03-20 11:36:49 -05:00
+											return response.Error(http.StatusBadRequest, "Invalid dashboard UID in annotation request", err)
-												Storage: Avoid UID errors from annotations api when loading dashboards from storage (#54346)


											
										
										
											2022-08-26 17:09:56 -05:00
+										} else {
-												Rename Id to ID for annotation models (#62886)

* Rename Id to ID for annotation models

* Add xorm tags

* Rename Id to ID for API key models

* Add xorm tags
											
										
										
											2023-02-03 10:23:09 -06:00
+											query.DashboardID = dqResult.ID
-												Chore: Add dashboard UID as query parameter of Get annotation endpoint (#52764)

* Chore: Add dashboard uid as query parameter of Get annotation endpoint

* Update pkg/api/annotations.go

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>

* update the dashboarUID

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
											
										
										
											2022-07-26 20:52:34 -05:00
+										}
 									}
-												Chore: SQL store split for annotations (#55089)

* Chore: SQL store split for annotations

* Apply suggestion from code review
											
										
										
											2022-09-19 02:54:37 -05:00
+									items, err := hs.annotationsRepo.Find(c.Req.Context(), query)
-												feat(annotations): added support to show grafana stored annotations in graphs, #5982

											
										
										
											2016-09-08 04:25:45 -05:00
+									if err != nil {
-												Grafana: Replace magic number with a constant variable in response status (#80132)

* Chore: Replace response status with const var

* Apply suggestions from code review

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>

* Add net/http import

---------

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
											
										
										
											2024-02-27 10:39:51 -06:00
+										return response.Error(http.StatusInternalServerError, "Failed to get annotations", err)
-												feat(annotations): added support to show grafana stored annotations in graphs, #5982

											
										
										
											2016-09-08 04:25:45 -05:00
+									}
-												Chore : Replace dashboardid with dashboardUID in annotation API (#48481)

* replace dashboardid with dashboardUID in annotation API

* add some tests

* modify some docs and add uid into get endpoint

* rebase with main

* add map for avoiding too much retrieve on dashboards
											
										
										
											2022-05-02 04:35:36 -05:00
+									// since there are several annotations per dashboard, we can cache dashboard uid
 									dashboardCache := make(map[int64]*string)
-												feat(annotations): added support to show grafana stored annotations in graphs, #5982

											
										
										
											2016-09-08 04:25:45 -05:00
+									for _, item := range items {
-												Create annotations (#8197)

* annotations: add 25px space for events section

* annotations: restored create annotation action

* annotations: able to use fa icons as event markers

* annotations: initial emoji support from twemoji lib

* annotations: adjust fa icon position

* annotations: initial emoji picker

* annotation: include user info into annotation requests

* annotation: add icon info

* annotation: display user info in tooltip

* annotation: fix region saving

* annotation: initial region markers

* annotation: fix region clearing (add flot-temp-elem class)

* annotation: adjust styles a bit

* annotations: minor fixes

* annoations: removed userId look in loop, need a sql join or a user cache for this

* annotation: fix invisible events

* lib: changed twitter emoij lib to be npm dependency

* annotation: add icon picker to Add Annotation dialog

* annotation: save icon to annotation table

* annotation: able to set custom icon for annotation added by user

* annotations: fix emoji after library upgrade (switch to 72px)

* emoji: temporary remove bad code points

* annotations: improve icon picker

* annotations: icon show icon picker at the top

* annotations: use svg for emoji

* annotations: fix region drawing when add annotation editor opened

* annotations: use flot lib for drawing region fill

* annotations: move regions building into event_manager

* annotations: don't draw additional space if no events are got

* annotations: deduplicate events

* annotations: properly render cut regions

* annotations: fix cut region building

* annotations: refactor

* annotations: adjust event section size

* add-annotations: fix undefined default icon

* create-annotations:  edit event (frontend part)

* fixed bug causes error when hover event marker

* create-annotations:  update event (backend)

* ignore grafana-server debug binary in git (created VS Code)

* create-annotations: use PUT request for updating annotation.

* create-annotations: fixed time format when editing existing event

* create-annotations: support for region update

* create-annotations: fix bug with limit and event type

* create-annotations: delete annotation

* create-annotations: show only selected icon in edit mode

* create-annotations: show event editor only for users with at least Editor role

* create-annotations: handle double-sized emoji codepoints

* create-annotations: refactor

use CP_SEPARATOR from emojiDef

* create-annotations: update emoji list, add categories.

* create-annotations: copy SVG emoji into public/vendor/npm and use it as a base path

* create-annotations: initial tabs for emoji picker

* emoji-picker: adjust styles

* emoji-picker: minor refactor

* emoji-picker: refactor - rename and move into one directory

* emoji-picker: build emoji elements on app load, not on picker open

* emoji-picker: fix emoji searching

* emoji-picker: refactor

* emoji-picker: capitalize category name

* emoji-picker: refactor

move buildEmojiElem() into emoji_converter.ts for future reuse.

* jquery.flot.events: refactor

use buildEmojiElem() for making emojis, remove unused code for font awesome based icons.

* emoji_converter: handle converting error

* tech: updated

* merged with master

* shore: clean up some stuff

* annotation: wip tags

* annotation: filtering by tags

* tags: parse out spaces etc. from a tags string

* annotations: use tagsinput component for tag filtering

* annotation: wip work on how we query alert & panel annotations

* annotations: support for updating tags in an annotation

* linting

* annotations: work on unifying how alert history annotations and manual panel annotations are created

* tslint: fixes

* tags: create tag on blur as well

Currently, the tags directive only creates the tag when the
user presses enter. This change means the tag is created on
blur as well (when the user clicks outside the input field).

* annotations: fix update after refactoring

* annotations: progress on how alert annotations are fetched

* annotations: minor progress

* annotations: progress

* annotation: minor progress

* annotations: move tag parsing from tooltip to ds

Instead of parsing a tag string into an array in the annotation_tooltip
class, this moves the parsing to the datasources. InfluxDB ds already
does that parsing. Graphite now has it.

* annotations: more work on querying

* annotations: change from tags as string to array

when saving in the db and in the api.

* annotations: delete tag link if removed on edit

* annotation: more work on depricating annotation title

* annotations: delete tag links on delete

* annotations: fix for find

* annotation: added user to annotation tooltip and added alertName to annoation dto

* annotations: use id from route instead from cmd for updating

* annotations: http api docs

* create annotation: last edits

* annotations: minor fix for querying annotations before dashboard saved

* annotations: fix for popover placement when legend is on the side (and doubel render pass is causing original marker to be removed)

* annotations: changing how the built in query gets added

* annotation: added time to header in edit mode

* tests: fixed jshint built issue

											
										
										
											2017-10-07 03:31:39 -05:00
+										if item.Email != "" {
-												Chore: Remove public vars in setting package (#81018)

Removes the public variable setting.SecretKey plus some other ones. 
Introduces some new functions for creating setting.Cfg.
											
										
										
											2024-01-23 05:36:22 -06:00
+											item.AvatarURL = dtos.GetGravatarUrl(hs.Cfg, item.Email)
-												Create annotations (#8197)

* annotations: add 25px space for events section

* annotations: restored create annotation action

* annotations: able to use fa icons as event markers

* annotations: initial emoji support from twemoji lib

* annotations: adjust fa icon position

* annotations: initial emoji picker

* annotation: include user info into annotation requests

* annotation: add icon info

* annotation: display user info in tooltip

* annotation: fix region saving

* annotation: initial region markers

* annotation: fix region clearing (add flot-temp-elem class)

* annotation: adjust styles a bit

* annotations: minor fixes

* annoations: removed userId look in loop, need a sql join or a user cache for this

* annotation: fix invisible events

* lib: changed twitter emoij lib to be npm dependency

* annotation: add icon picker to Add Annotation dialog

* annotation: save icon to annotation table

* annotation: able to set custom icon for annotation added by user

* annotations: fix emoji after library upgrade (switch to 72px)

* emoji: temporary remove bad code points

* annotations: improve icon picker

* annotations: icon show icon picker at the top

* annotations: use svg for emoji

* annotations: fix region drawing when add annotation editor opened

* annotations: use flot lib for drawing region fill

* annotations: move regions building into event_manager

* annotations: don't draw additional space if no events are got

* annotations: deduplicate events

* annotations: properly render cut regions

* annotations: fix cut region building

* annotations: refactor

* annotations: adjust event section size

* add-annotations: fix undefined default icon

* create-annotations:  edit event (frontend part)

* fixed bug causes error when hover event marker

* create-annotations:  update event (backend)

* ignore grafana-server debug binary in git (created VS Code)

* create-annotations: use PUT request for updating annotation.

* create-annotations: fixed time format when editing existing event

* create-annotations: support for region update

* create-annotations: fix bug with limit and event type

* create-annotations: delete annotation

* create-annotations: show only selected icon in edit mode

* create-annotations: show event editor only for users with at least Editor role

* create-annotations: handle double-sized emoji codepoints

* create-annotations: refactor

use CP_SEPARATOR from emojiDef

* create-annotations: update emoji list, add categories.

* create-annotations: copy SVG emoji into public/vendor/npm and use it as a base path

* create-annotations: initial tabs for emoji picker

* emoji-picker: adjust styles

* emoji-picker: minor refactor

* emoji-picker: refactor - rename and move into one directory

* emoji-picker: build emoji elements on app load, not on picker open

* emoji-picker: fix emoji searching

* emoji-picker: refactor

* emoji-picker: capitalize category name

* emoji-picker: refactor

move buildEmojiElem() into emoji_converter.ts for future reuse.

* jquery.flot.events: refactor

use buildEmojiElem() for making emojis, remove unused code for font awesome based icons.

* emoji_converter: handle converting error

* tech: updated

* merged with master

* shore: clean up some stuff

* annotation: wip tags

* annotation: filtering by tags

* tags: parse out spaces etc. from a tags string

* annotations: use tagsinput component for tag filtering

* annotation: wip work on how we query alert & panel annotations

* annotations: support for updating tags in an annotation

* linting

* annotations: work on unifying how alert history annotations and manual panel annotations are created

* tslint: fixes

* tags: create tag on blur as well

Currently, the tags directive only creates the tag when the
user presses enter. This change means the tag is created on
blur as well (when the user clicks outside the input field).

* annotations: fix update after refactoring

* annotations: progress on how alert annotations are fetched

* annotations: minor progress

* annotations: progress

* annotation: minor progress

* annotations: move tag parsing from tooltip to ds

Instead of parsing a tag string into an array in the annotation_tooltip
class, this moves the parsing to the datasources. InfluxDB ds already
does that parsing. Graphite now has it.

* annotations: more work on querying

* annotations: change from tags as string to array

when saving in the db and in the api.

* annotations: delete tag link if removed on edit

* annotation: more work on depricating annotation title

* annotations: delete tag links on delete

* annotations: fix for find

* annotation: added user to annotation tooltip and added alertName to annoation dto

* annotations: use id from route instead from cmd for updating

* annotations: http api docs

* create annotation: last edits

* annotations: minor fix for querying annotations before dashboard saved

* annotations: fix for popover placement when legend is on the side (and doubel render pass is causing original marker to be removed)

* annotations: changing how the built in query gets added

* annotation: added time to header in edit mode

* tests: fixed jshint built issue

											
										
										
											2017-10-07 03:31:39 -05:00
+										}
-												Chore : Replace dashboardid with dashboardUID in annotation API (#48481)

* replace dashboardid with dashboardUID in annotation API

* add some tests

* modify some docs and add uid into get endpoint

* rebase with main

* add map for avoiding too much retrieve on dashboards
											
										
										
											2022-05-02 04:35:36 -05:00
-												Rename Id to ID for annotation models (#62886)

* Rename Id to ID for annotation models

* Add xorm tags

* Rename Id to ID for API key models

* Add xorm tags
											
										
										
											2023-02-03 10:23:09 -06:00
+										if item.DashboardID != 0 {
 											if val, ok := dashboardCache[item.DashboardID]; ok {
-												Chore : Replace dashboardid with dashboardUID in annotation API (#48481)

* replace dashboardid with dashboardUID in annotation API

* add some tests

* modify some docs and add uid into get endpoint

* rebase with main

* add map for avoiding too much retrieve on dashboards
											
										
										
											2022-05-02 04:35:36 -05:00
+												item.DashboardUID = val
 											} else {
-												Auth: Unfurl OrgID in pkg/api to allow using identity.Requester interface (#76108)

Unfurl OrgID in pkg/api to allow using identity.Requester interface
											
										
										
											2023-10-06 04:34:36 -05:00
+												query := dashboards.GetDashboardQuery{ID: item.DashboardID, OrgID: c.SignedInUser.GetOrgID()}
-												Chore: Remove Result from dashboard models (#61997)

* Chore: Remove Result from dashboard models

* Fix lint tests

* Fix dashboard service tests

* Fix API tests

* Remove commented out code

* Chore: Merge main - cleanup
											
										
										
											2023-01-25 03:36:26 -06:00
+												queryResult, err := hs.DashboardService.GetDashboard(c.Req.Context(), &query)
 												if err == nil && queryResult != nil {
 													item.DashboardUID = &queryResult.UID
-												Rename Id to ID for annotation models (#62886)

* Rename Id to ID for annotation models

* Add xorm tags

* Rename Id to ID for API key models

* Add xorm tags
											
										
										
											2023-02-03 10:23:09 -06:00
+													dashboardCache[item.DashboardID] = &queryResult.UID
-												Chore : Replace dashboardid with dashboardUID in annotation API (#48481)

* replace dashboardid with dashboardUID in annotation API

* add some tests

* modify some docs and add uid into get endpoint

* rebase with main

* add map for avoiding too much retrieve on dashboards
											
										
										
											2022-05-02 04:35:36 -05:00
+												}
 											}
 										}
-												feat(annotations): added support to show grafana stored annotations in graphs, #5982

											
										
										
											2016-09-08 04:25:45 -05:00
+									}
-												fix status code 200 (#47818)


											
										
										
											2022-04-15 07:01:58 -05:00
+									return response.JSON(http.StatusOK, items)
-												feat(annotations): added support to show grafana stored annotations in graphs, #5982

											
										
										
											2016-09-08 04:25:45 -05:00
+								}
-												feat(alerting): added clear history button to alert state history view, #6244

											
										
										
											2016-10-14 02:33:16 -05:00
-												Access Control: adding FGAC validation to mass delete annotation endpoint (#46846)

* Access Control: adding FGAC validation to mass delete annotation endpoint
											
										
										
											2022-03-23 16:39:00 -05:00
+								type AnnotationError struct {
-												Fixes for annotations API (#9577)

* annotations: throw error if no text specified and set default time to Now() if empty, #9571

* annotations: fix saving graphite event with empty string tags

* docs: add /api/annotations/graphite endpoint docs, #9571

											
										
										
											2017-10-18 03:13:02 -05:00
+									message string
 								}
-												Access Control: adding FGAC validation to mass delete annotation endpoint (#46846)

* Access Control: adding FGAC validation to mass delete annotation endpoint
											
										
										
											2022-03-23 16:39:00 -05:00
+								func (e *AnnotationError) Error() string {
-												Fixes for annotations API (#9577)

* annotations: throw error if no text specified and set default time to Now() if empty, #9571

* annotations: fix saving graphite event with empty string tags

* docs: add /api/annotations/graphite endpoint docs, #9571

											
										
										
											2017-10-18 03:13:02 -05:00
+									return e.message
 								}
-												Chore: Move swagger definitions to the handlers (#52643)


											
										
										
											2022-07-27 08:54:37 -05:00
+								// swagger:route POST /annotations annotations postAnnotation
 								//
 								// Create Annotation.
 								//
 								// Creates an annotation in the Grafana database. The dashboardId and panelId fields are optional. If they are not specified then an organization annotation is created and can be queried in any dashboard that adds the Grafana annotations data source. When creating a region annotation include the timeEnd property.
 								// The format for `time` and `timeEnd` should be epoch numbers in millisecond resolution.
 								// The response for this HTTP request is slightly different in versions prior to v6.4. In prior versions you would also get an endId if you where creating a region. But in 6.4 regions are represented using a single event with time and timeEnd properties.
 								//
 								// Responses:
 								// 200: postAnnotationResponse
 								// 400: badRequestError
 								// 401: unauthorisedError
 								// 403: forbiddenError
 								// 500: internalServerError
-												Chore: Move ReqContext to contexthandler service (#62102)

* Chore: Move ReqContext to contexthandler service

* Rename package to contextmodel

* Generate ngalert files

* Remove unused imports
											
										
										
											2023-01-27 01:50:36 -06:00
+								func (hs *HTTPServer) PostAnnotation(c *contextmodel.ReqContext) response.Response {
-												Chore: Refactor api handlers to use web.Bind (#42199)

* Chore: Refactor api handlers to use web.Bind

* fix comments

* fix comment

* trying to fix most of the tests and force routing.Wrap type check

* fix library panels tests

* fix frontend logging tests

* allow passing nil as a response to skip writing

* return nil instead of the response

* rewrite login handler function types

* remove handlerFuncCtx

* make linter happy

* remove old bindings from the libraryelements

* restore comments
											
										
										
											2021-11-29 03:18:01 -06:00
+									cmd := dtos.PostAnnotationsCmd{}
 									if err := web.Bind(c.Req, &cmd); err != nil {
 										return response.Error(http.StatusBadRequest, "bad request data", err)
 									}
-												Access control: FGAC for annotation updates (#46462)

* proposal

* PR feedback

* fix canSave bug

* update scope naming

* linting

* linting

Co-authored-by: Ezequiel Victorero <ezequiel.victorero@grafana.com>
											
										
										
											2022-03-18 11:33:21 -05:00
-												Chore : Replace dashboardid with dashboardUID in annotation API (#48481)

* replace dashboardid with dashboardUID in annotation API

* add some tests

* modify some docs and add uid into get endpoint

* rebase with main

* add map for avoiding too much retrieve on dashboards
											
										
										
											2022-05-02 04:35:36 -05:00
+									// overwrite dashboardId when dashboardUID is not empty
 									if cmd.DashboardUID != "" {
-												Auth: Unfurl OrgID in pkg/api to allow using identity.Requester interface (#76108)

Unfurl OrgID in pkg/api to allow using identity.Requester interface
											
										
										
											2023-10-06 04:34:36 -05:00
+										query := dashboards.GetDashboardQuery{OrgID: c.SignedInUser.GetOrgID(), UID: cmd.DashboardUID}
-												Chore: Remove Result from dashboard models (#61997)

* Chore: Remove Result from dashboard models

* Fix lint tests

* Fix dashboard service tests

* Fix API tests

* Remove commented out code

* Chore: Merge main - cleanup
											
										
										
											2023-01-25 03:36:26 -06:00
+										queryResult, err := hs.DashboardService.GetDashboard(c.Req.Context(), &query)
-												Chore : Replace dashboardid with dashboardUID in annotation API (#48481)

* replace dashboardid with dashboardUID in annotation API

* add some tests

* modify some docs and add uid into get endpoint

* rebase with main

* add map for avoiding too much retrieve on dashboards
											
										
										
											2022-05-02 04:35:36 -05:00
+										if err == nil {
-												Chore: Remove Result from dashboard models (#61997)

* Chore: Remove Result from dashboard models

* Fix lint tests

* Fix dashboard service tests

* Fix API tests

* Remove commented out code

* Chore: Merge main - cleanup
											
										
										
											2023-01-25 03:36:26 -06:00
+											cmd.DashboardId = queryResult.ID
-												Chore : Replace dashboardid with dashboardUID in annotation API (#48481)

* replace dashboardid with dashboardUID in annotation API

* add some tests

* modify some docs and add uid into get endpoint

* rebase with main

* add map for avoiding too much retrieve on dashboards
											
										
										
											2022-05-02 04:35:36 -05:00
+										}
 									}
-												check that the user has RBAC permissions to save dashboard annotation (#47882)


											
										
										
											2022-04-20 02:43:42 -05:00
+									if canSave, err := hs.canCreateAnnotation(c, cmd.DashboardId); err != nil || !canSave {
-												Annotations: Remove dashboard permission checks for annotations (#78352)

remove checks for access to dashboard if FlagAnnotationPermissionUpdate is enabled
											
										
										
											2023-11-23 04:47:37 -06:00
+										if !hs.Features.IsEnabled(c.Req.Context(), featuremgmt.FlagAnnotationPermissionUpdate) {
 											return dashboardGuardianResponse(err)
 										} else if err != nil {
 											return response.Error(http.StatusInternalServerError, "Error while checking annotation permissions", err)
 										} else {
 											return response.Error(http.StatusForbidden, "Access denied to save the annotation", nil)
 										}
-												dashfolders: permissions for saving annotations

ref #10275 Use folder permissions instead of hard coded
permissions on the annotations routes.

											
										
										
											2017-12-20 17:52:21 -06:00
+									}
-												Fixes for annotations API (#9577)

* annotations: throw error if no text specified and set default time to Now() if empty, #9571

* annotations: fix saving graphite event with empty string tags

* docs: add /api/annotations/graphite endpoint docs, #9571

											
										
										
											2017-10-18 03:13:02 -05:00
+									if cmd.Text == "" {
-												Access Control: adding FGAC validation to mass delete annotation endpoint (#46846)

* Access Control: adding FGAC validation to mass delete annotation endpoint
											
										
										
											2022-03-23 16:39:00 -05:00
+										err := &AnnotationError{"text field should not be empty"}
-												Grafana: Replace magic number with a constant variable in response status (#80132)

* Chore: Replace response status with const var

* Apply suggestions from code review

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>

* Add net/http import

---------

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
											
										
										
											2024-02-27 10:39:51 -06:00
+										return response.Error(http.StatusBadRequest, "Failed to save annotation", err)
-												Fixes for annotations API (#9577)

* annotations: throw error if no text specified and set default time to Now() if empty, #9571

* annotations: fix saving graphite event with empty string tags

* docs: add /api/annotations/graphite endpoint docs, #9571

											
										
										
											2017-10-18 03:13:02 -05:00
+									}
-												Identity: Unfurl UserID and Email in pkg/api to user identity.Requester (#76112)

* Unfurl OrgRole in pkg/api to allow using identity.Requester interface

* Unfurl Email in pkg/api to allow using identity.Requester interface

* Update UserID in pkg/api to allow using identity.Requester interface

* fix authed test

* fix datasource tests

* guard login

* fix preferences anon testing

* fix anonymous index rendering

* do not error with user id 0
											
										
										
											2023-10-09 09:07:28 -05:00
+									userID, err := identity.UserIdentifier(c.SignedInUser.GetNamespacedID())
 									if err != nil {
 										return response.Error(http.StatusInternalServerError, "Failed to save annotation", err)
 									}
-												graph(add annotation): initial backend implementation #1286

											
										
										
											2017-04-10 12:22:58 -05:00
+									item := annotations.Item{
-												Auth: Unfurl OrgID in pkg/api to allow using identity.Requester interface (#76108)

Unfurl OrgID in pkg/api to allow using identity.Requester interface
											
										
										
											2023-10-06 04:34:36 -05:00
+										OrgID:       c.SignedInUser.GetOrgID(),
-												Identity: Unfurl UserID and Email in pkg/api to user identity.Requester (#76112)

* Unfurl OrgRole in pkg/api to allow using identity.Requester interface

* Unfurl Email in pkg/api to allow using identity.Requester interface

* Update UserID in pkg/api to allow using identity.Requester interface

* fix authed test

* fix datasource tests

* guard login

* fix preferences anon testing

* fix anonymous index rendering

* do not error with user id 0
											
										
										
											2023-10-09 09:07:28 -05:00
+										UserID:      userID,
-												Rename Id to ID for annotation models (#62886)

* Rename Id to ID for annotation models

* Add xorm tags

* Rename Id to ID for API key models

* Add xorm tags
											
										
										
											2023-02-03 10:23:09 -06:00
+										DashboardID: cmd.DashboardId,
 										PanelID:     cmd.PanelId,
-												convert epoch to milliseconds

											
										
										
											2018-03-22 10:21:47 -05:00
+										Epoch:       cmd.Time,
-												Annotations: use a single row to represent a region (#17673)

* SQLite migrations

* cleanup

* migrate end times

* switch to update with a query

* real migration

* anno migrations

* remove old docs

* set isRegion from time changes

* use <> for is not

* add comment and fix index decleration

* single validation place

* add test

* fix test

* add upgrading docs

* use AnnotationEvent

* fix import

* remove regionId from typescript

											
										
										
											2019-08-16 03:49:30 -05:00
+										EpochEnd:    cmd.TimeEnd,
-												graph(add annotation): initial backend implementation #1286

											
										
										
											2017-04-10 12:22:58 -05:00
+										Text:        cmd.Text,
-												Create annotations (#8197)

* annotations: add 25px space for events section

* annotations: restored create annotation action

* annotations: able to use fa icons as event markers

* annotations: initial emoji support from twemoji lib

* annotations: adjust fa icon position

* annotations: initial emoji picker

* annotation: include user info into annotation requests

* annotation: add icon info

* annotation: display user info in tooltip

* annotation: fix region saving

* annotation: initial region markers

* annotation: fix region clearing (add flot-temp-elem class)

* annotation: adjust styles a bit

* annotations: minor fixes

* annoations: removed userId look in loop, need a sql join or a user cache for this

* annotation: fix invisible events

* lib: changed twitter emoij lib to be npm dependency

* annotation: add icon picker to Add Annotation dialog

* annotation: save icon to annotation table

* annotation: able to set custom icon for annotation added by user

* annotations: fix emoji after library upgrade (switch to 72px)

* emoji: temporary remove bad code points

* annotations: improve icon picker

* annotations: icon show icon picker at the top

* annotations: use svg for emoji

* annotations: fix region drawing when add annotation editor opened

* annotations: use flot lib for drawing region fill

* annotations: move regions building into event_manager

* annotations: don't draw additional space if no events are got

* annotations: deduplicate events

* annotations: properly render cut regions

* annotations: fix cut region building

* annotations: refactor

* annotations: adjust event section size

* add-annotations: fix undefined default icon

* create-annotations:  edit event (frontend part)

* fixed bug causes error when hover event marker

* create-annotations:  update event (backend)

* ignore grafana-server debug binary in git (created VS Code)

* create-annotations: use PUT request for updating annotation.

* create-annotations: fixed time format when editing existing event

* create-annotations: support for region update

* create-annotations: fix bug with limit and event type

* create-annotations: delete annotation

* create-annotations: show only selected icon in edit mode

* create-annotations: show event editor only for users with at least Editor role

* create-annotations: handle double-sized emoji codepoints

* create-annotations: refactor

use CP_SEPARATOR from emojiDef

* create-annotations: update emoji list, add categories.

* create-annotations: copy SVG emoji into public/vendor/npm and use it as a base path

* create-annotations: initial tabs for emoji picker

* emoji-picker: adjust styles

* emoji-picker: minor refactor

* emoji-picker: refactor - rename and move into one directory

* emoji-picker: build emoji elements on app load, not on picker open

* emoji-picker: fix emoji searching

* emoji-picker: refactor

* emoji-picker: capitalize category name

* emoji-picker: refactor

move buildEmojiElem() into emoji_converter.ts for future reuse.

* jquery.flot.events: refactor

use buildEmojiElem() for making emojis, remove unused code for font awesome based icons.

* emoji_converter: handle converting error

* tech: updated

* merged with master

* shore: clean up some stuff

* annotation: wip tags

* annotation: filtering by tags

* tags: parse out spaces etc. from a tags string

* annotations: use tagsinput component for tag filtering

* annotation: wip work on how we query alert & panel annotations

* annotations: support for updating tags in an annotation

* linting

* annotations: work on unifying how alert history annotations and manual panel annotations are created

* tslint: fixes

* tags: create tag on blur as well

Currently, the tags directive only creates the tag when the
user presses enter. This change means the tag is created on
blur as well (when the user clicks outside the input field).

* annotations: fix update after refactoring

* annotations: progress on how alert annotations are fetched

* annotations: minor progress

* annotations: progress

* annotation: minor progress

* annotations: move tag parsing from tooltip to ds

Instead of parsing a tag string into an array in the annotation_tooltip
class, this moves the parsing to the datasources. InfluxDB ds already
does that parsing. Graphite now has it.

* annotations: more work on querying

* annotations: change from tags as string to array

when saving in the db and in the api.

* annotations: delete tag link if removed on edit

* annotation: more work on depricating annotation title

* annotations: delete tag links on delete

* annotations: fix for find

* annotation: added user to annotation tooltip and added alertName to annoation dto

* annotations: use id from route instead from cmd for updating

* annotations: http api docs

* create annotation: last edits

* annotations: minor fix for querying annotations before dashboard saved

* annotations: fix for popover placement when legend is on the side (and doubel render pass is causing original marker to be removed)

* annotations: changing how the built in query gets added

* annotation: added time to header in edit mode

* tests: fixed jshint built issue

											
										
										
											2017-10-07 03:31:39 -05:00
+										Data:        cmd.Data,
 										Tags:        cmd.Tags,
-												graph(add annotation): initial backend implementation #1286

											
										
										
											2017-04-10 12:22:58 -05:00
+									}
-												Chore: SQL store split for annotations (#55089)

* Chore: SQL store split for annotations

* Apply suggestion from code review
											
										
										
											2022-09-19 02:54:37 -05:00
+									if err := hs.annotationsRepo.Save(c.Req.Context(), &item); err != nil {
-												API: Return 400 on invalid Annotation requests (#32429)

Signed-off-by: bergquist <carl.bergquist@gmail.com>
											
										
										
											2021-03-29 08:47:16 -05:00
+										if errors.Is(err, annotations.ErrTimerangeMissing) {
-												Grafana: Replace magic number with a constant variable in response status (#80132)

* Chore: Replace response status with const var

* Apply suggestions from code review

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>

* Add net/http import

---------

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
											
										
										
											2024-02-27 10:39:51 -06:00
+											return response.Error(http.StatusBadRequest, "Failed to save annotation", err)
-												API: Return 400 on invalid Annotation requests (#32429)

Signed-off-by: bergquist <carl.bergquist@gmail.com>
											
										
										
											2021-03-29 08:47:16 -05:00
+										}
-												Grafana: Replace magic number with a constant variable in response status (#80132)

* Chore: Replace response status with const var

* Apply suggestions from code review

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>

* Add net/http import

---------

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
											
										
										
											2024-02-27 10:39:51 -06:00
+										return response.ErrOrFallback(http.StatusInternalServerError, "Failed to save annotation", err)
-												graph(add annotation): initial backend implementation #1286

											
										
										
											2017-04-10 12:22:58 -05:00
+									}
-												Rename Id to ID for annotation models (#62886)

* Rename Id to ID for annotation models

* Add xorm tags

* Rename Id to ID for API key models

* Add xorm tags
											
										
										
											2023-02-03 10:23:09 -06:00
+									startID := item.ID
-												fix: return id from api when creating new annotation/graphite annotation, fixes #9798

When creating a region annotation the response will include both
id (region start id) and endId (region end id), if not only id.

											
										
										
											2017-11-16 07:24:56 -06:00
-												fix status code 200 (#47818)


											
										
										
											2022-04-15 07:01:58 -05:00
+									return response.JSON(http.StatusOK, util.DynMap{
-												fix: return id from api when creating new annotation/graphite annotation, fixes #9798

When creating a region annotation the response will include both
id (region start id) and endId (region end id), if not only id.

											
										
										
											2017-11-16 07:24:56 -06:00
+										"message": "Annotation added",
 										"id":      startID,
 									})
-												graph(add annotation): initial backend implementation #1286

											
										
										
											2017-04-10 12:22:58 -05:00
+								}
-												annotations: add endpoint for writing graphite-like events (#9495)

* annotations: add endpoint for writing graphite-like events

* annotations: fix new line handling in tooltip

* annotations: support tags in prior to Graphite 0.10.0 format

											
										
										
											2017-10-12 03:12:15 -05:00
+								func formatGraphiteAnnotation(what string, data string) string {
-												Fixes for annotations API (#9577)

* annotations: throw error if no text specified and set default time to Now() if empty, #9571

* annotations: fix saving graphite event with empty string tags

* docs: add /api/annotations/graphite endpoint docs, #9571

											
										
										
											2017-10-18 03:13:02 -05:00
+									text := what
 									if data != "" {
 										text = text + "\n" + data
 									}
 									return text
-												annotations: add endpoint for writing graphite-like events (#9495)

* annotations: add endpoint for writing graphite-like events

* annotations: fix new line handling in tooltip

* annotations: support tags in prior to Graphite 0.10.0 format

											
										
										
											2017-10-12 03:12:15 -05:00
+								}
-												Chore: Move swagger definitions to the handlers (#52643)


											
										
										
											2022-07-27 08:54:37 -05:00
+								// swagger:route POST /annotations/graphite annotations postGraphiteAnnotation
 								//
 								// Create Annotation in Graphite format.
 								//
 								// Creates an annotation by using Graphite-compatible event format. The `when` and `data` fields are optional. If `when` is not specified then the current time will be used as annotation’s timestamp. The `tags` field can also be in prior to Graphite `0.10.0` format (string with multiple tags being separated by a space).
 								//
 								// Responses:
 								// 200: postAnnotationResponse
 								// 400: badRequestError
 								// 401: unauthorisedError
 								// 403: forbiddenError
 								// 500: internalServerError
-												Chore: Move ReqContext to contexthandler service (#62102)

* Chore: Move ReqContext to contexthandler service

* Rename package to contextmodel

* Generate ngalert files

* Remove unused imports
											
										
										
											2023-01-27 01:50:36 -06:00
+								func (hs *HTTPServer) PostGraphiteAnnotation(c *contextmodel.ReqContext) response.Response {
-												Chore: Refactor api handlers to use web.Bind (#42199)

* Chore: Refactor api handlers to use web.Bind

* fix comments

* fix comment

* trying to fix most of the tests and force routing.Wrap type check

* fix library panels tests

* fix frontend logging tests

* allow passing nil as a response to skip writing

* return nil instead of the response

* rewrite login handler function types

* remove handlerFuncCtx

* make linter happy

* remove old bindings from the libraryelements

* restore comments
											
										
										
											2021-11-29 03:18:01 -06:00
+									cmd := dtos.PostGraphiteAnnotationsCmd{}
 									if err := web.Bind(c.Req, &cmd); err != nil {
 										return response.Error(http.StatusBadRequest, "bad request data", err)
 									}
-												Fixes for annotations API (#9577)

* annotations: throw error if no text specified and set default time to Now() if empty, #9571

* annotations: fix saving graphite event with empty string tags

* docs: add /api/annotations/graphite endpoint docs, #9571

											
										
										
											2017-10-18 03:13:02 -05:00
+									if cmd.What == "" {
-												Access Control: adding FGAC validation to mass delete annotation endpoint (#46846)

* Access Control: adding FGAC validation to mass delete annotation endpoint
											
										
										
											2022-03-23 16:39:00 -05:00
+										err := &AnnotationError{"what field should not be empty"}
-												Grafana: Replace magic number with a constant variable in response status (#80132)

* Chore: Replace response status with const var

* Apply suggestions from code review

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>

* Add net/http import

---------

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
											
										
										
											2024-02-27 10:39:51 -06:00
+										return response.Error(http.StatusBadRequest, "Failed to save Graphite annotation", err)
-												Fixes for annotations API (#9577)

* annotations: throw error if no text specified and set default time to Now() if empty, #9571

* annotations: fix saving graphite event with empty string tags

* docs: add /api/annotations/graphite endpoint docs, #9571

											
										
										
											2017-10-18 03:13:02 -05:00
+									}
-												annotations: add endpoint for writing graphite-like events (#9495)

* annotations: add endpoint for writing graphite-like events

* annotations: fix new line handling in tooltip

* annotations: support tags in prior to Graphite 0.10.0 format

											
										
										
											2017-10-12 03:12:15 -05:00
+									text := formatGraphiteAnnotation(cmd.What, cmd.Data)
 									// Support tags in prior to Graphite 0.10.0 format (string of tags separated by space)
 									var tagsArray []string
 									switch tags := cmd.Tags.(type) {
 									case string:
-												Fixes for annotations API (#9577)

* annotations: throw error if no text specified and set default time to Now() if empty, #9571

* annotations: fix saving graphite event with empty string tags

* docs: add /api/annotations/graphite endpoint docs, #9571

											
										
										
											2017-10-18 03:13:02 -05:00
+										if tags != "" {
 											tagsArray = strings.Split(tags, " ")
 										} else {
 											tagsArray = []string{}
 										}
-												Chore: use any rather than interface{} (#74066)


											
										
										
											2023-08-30 10:46:47 -05:00
+									case []any:
-												annotations: add endpoint for writing graphite-like events (#9495)

* annotations: add endpoint for writing graphite-like events

* annotations: fix new line handling in tooltip

* annotations: support tags in prior to Graphite 0.10.0 format

											
										
										
											2017-10-12 03:12:15 -05:00
+										for _, t := range tags {
 											if tagStr, ok := t.(string); ok {
 												tagsArray = append(tagsArray, tagStr)
 											} else {
-												Access Control: adding FGAC validation to mass delete annotation endpoint (#46846)

* Access Control: adding FGAC validation to mass delete annotation endpoint
											
										
										
											2022-03-23 16:39:00 -05:00
+												err := &AnnotationError{"tag should be a string"}
-												Grafana: Replace magic number with a constant variable in response status (#80132)

* Chore: Replace response status with const var

* Apply suggestions from code review

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>

* Add net/http import

---------

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
											
										
										
											2024-02-27 10:39:51 -06:00
+												return response.Error(http.StatusBadRequest, "Failed to save Graphite annotation", err)
-												annotations: add endpoint for writing graphite-like events (#9495)

* annotations: add endpoint for writing graphite-like events

* annotations: fix new line handling in tooltip

* annotations: support tags in prior to Graphite 0.10.0 format

											
										
										
											2017-10-12 03:12:15 -05:00
+											}
 										}
 									default:
-												Access Control: adding FGAC validation to mass delete annotation endpoint (#46846)

* Access Control: adding FGAC validation to mass delete annotation endpoint
											
										
										
											2022-03-23 16:39:00 -05:00
+										err := &AnnotationError{"unsupported tags format"}
-												Grafana: Replace magic number with a constant variable in response status (#80132)

* Chore: Replace response status with const var

* Apply suggestions from code review

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>

* Add net/http import

---------

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
											
										
										
											2024-02-27 10:39:51 -06:00
+										return response.Error(http.StatusBadRequest, "Failed to save Graphite annotation", err)
-												annotations: add endpoint for writing graphite-like events (#9495)

* annotations: add endpoint for writing graphite-like events

* annotations: fix new line handling in tooltip

* annotations: support tags in prior to Graphite 0.10.0 format

											
										
										
											2017-10-12 03:12:15 -05:00
+									}
-												Identity: Unfurl UserID and Email in pkg/api to user identity.Requester (#76112)

* Unfurl OrgRole in pkg/api to allow using identity.Requester interface

* Unfurl Email in pkg/api to allow using identity.Requester interface

* Update UserID in pkg/api to allow using identity.Requester interface

* fix authed test

* fix datasource tests

* guard login

* fix preferences anon testing

* fix anonymous index rendering

* do not error with user id 0
											
										
										
											2023-10-09 09:07:28 -05:00
+									userID, err := identity.UserIdentifier(c.SignedInUser.GetNamespacedID())
 									if err != nil {
 										return response.Error(http.StatusInternalServerError, "Failed to save Graphite annotation", err)
 									}
-												annotations: add endpoint for writing graphite-like events (#9495)

* annotations: add endpoint for writing graphite-like events

* annotations: fix new line handling in tooltip

* annotations: support tags in prior to Graphite 0.10.0 format

											
										
										
											2017-10-12 03:12:15 -05:00
+									item := annotations.Item{
-												Auth: Unfurl OrgID in pkg/api to allow using identity.Requester interface (#76108)

Unfurl OrgID in pkg/api to allow using identity.Requester interface
											
										
										
											2023-10-06 04:34:36 -05:00
+										OrgID:  c.SignedInUser.GetOrgID(),
-												Identity: Unfurl UserID and Email in pkg/api to user identity.Requester (#76112)

* Unfurl OrgRole in pkg/api to allow using identity.Requester interface

* Unfurl Email in pkg/api to allow using identity.Requester interface

* Update UserID in pkg/api to allow using identity.Requester interface

* fix authed test

* fix datasource tests

* guard login

* fix preferences anon testing

* fix anonymous index rendering

* do not error with user id 0
											
										
										
											2023-10-09 09:07:28 -05:00
+										UserID: userID,
-												convert graphite epoch to ms

											
										
										
											2018-04-09 06:58:09 -05:00
+										Epoch:  cmd.When * 1000,
-												annotations: add endpoint for writing graphite-like events (#9495)

* annotations: add endpoint for writing graphite-like events

* annotations: fix new line handling in tooltip

* annotations: support tags in prior to Graphite 0.10.0 format

											
										
										
											2017-10-12 03:12:15 -05:00
+										Text:   text,
 										Tags:   tagsArray,
 									}
-												Chore: StoreSplit tag service (#55453)

* move tag service outside

* fix dashboard

* fix test

* lint

* fix linter

* remove spew
											
										
										
											2022-09-21 07:04:01 -05:00
+									if err := hs.annotationsRepo.Save(c.Req.Context(), &item); err != nil {
-												Grafana: Replace magic number with a constant variable in response status (#80132)

* Chore: Replace response status with const var

* Apply suggestions from code review

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>

* Add net/http import

---------

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
											
										
										
											2024-02-27 10:39:51 -06:00
+										return response.ErrOrFallback(http.StatusInternalServerError, "Failed to save Graphite annotation", err)
-												annotations: add endpoint for writing graphite-like events (#9495)

* annotations: add endpoint for writing graphite-like events

* annotations: fix new line handling in tooltip

* annotations: support tags in prior to Graphite 0.10.0 format

											
										
										
											2017-10-12 03:12:15 -05:00
+									}
-												fix status code 200 (#47818)


											
										
										
											2022-04-15 07:01:58 -05:00
+									return response.JSON(http.StatusOK, util.DynMap{
-												fix: return id from api when creating new annotation/graphite annotation, fixes #9798

When creating a region annotation the response will include both
id (region start id) and endId (region end id), if not only id.

											
										
										
											2017-11-16 07:24:56 -06:00
+										"message": "Graphite annotation added",
-												Rename Id to ID for annotation models (#62886)

* Rename Id to ID for annotation models

* Add xorm tags

* Rename Id to ID for API key models

* Add xorm tags
											
										
										
											2023-02-03 10:23:09 -06:00
+										"id":      item.ID,
-												fix: return id from api when creating new annotation/graphite annotation, fixes #9798

When creating a region annotation the response will include both
id (region start id) and endId (region end id), if not only id.

											
										
										
											2017-11-16 07:24:56 -06:00
+									})
-												annotations: add endpoint for writing graphite-like events (#9495)

* annotations: add endpoint for writing graphite-like events

* annotations: fix new line handling in tooltip

* annotations: support tags in prior to Graphite 0.10.0 format

											
										
										
											2017-10-12 03:12:15 -05:00
+								}
-												Chore: Move swagger definitions to the handlers (#52643)


											
										
										
											2022-07-27 08:54:37 -05:00
+								// swagger:route PUT /annotations/{annotation_id} annotations updateAnnotation
 								//
 								// Update Annotation.
 								//
 								// Updates all properties of an annotation that matches the specified id. To only update certain property, consider using the Patch Annotation operation.
 								//
 								// Responses:
 								// 200: okResponse
 								// 400: badRequestError
 								// 401: unauthorisedError
 								// 403: forbiddenError
 								// 500: internalServerError
-												Chore: Move ReqContext to contexthandler service (#62102)

* Chore: Move ReqContext to contexthandler service

* Rename package to contextmodel

* Generate ngalert files

* Remove unused imports
											
										
										
											2023-01-27 01:50:36 -06:00
+								func (hs *HTTPServer) UpdateAnnotation(c *contextmodel.ReqContext) response.Response {
-												Chore: Refactor api handlers to use web.Bind (#42199)

* Chore: Refactor api handlers to use web.Bind

* fix comments

* fix comment

* trying to fix most of the tests and force routing.Wrap type check

* fix library panels tests

* fix frontend logging tests

* allow passing nil as a response to skip writing

* return nil instead of the response

* rewrite login handler function types

* remove handlerFuncCtx

* make linter happy

* remove old bindings from the libraryelements

* restore comments
											
										
										
											2021-11-29 03:18:01 -06:00
+									cmd := dtos.UpdateAnnotationsCmd{}
 									if err := web.Bind(c.Req, &cmd); err != nil {
 										return response.Error(http.StatusBadRequest, "bad request data", err)
 									}
-												Remove Macaron ParamsInt64 function from code base (#43810)

* draft commit

* change all calls

* Compilation errors
											
										
										
											2022-01-14 10:55:57 -06:00
 									annotationID, err := strconv.ParseInt(web.Params(c.Req)[":annotationId"], 10, 64)
 									if err != nil {
 										return response.Error(http.StatusBadRequest, "annotationId is invalid", err)
 									}
-												Create annotations (#8197)

* annotations: add 25px space for events section

* annotations: restored create annotation action

* annotations: able to use fa icons as event markers

* annotations: initial emoji support from twemoji lib

* annotations: adjust fa icon position

* annotations: initial emoji picker

* annotation: include user info into annotation requests

* annotation: add icon info

* annotation: display user info in tooltip

* annotation: fix region saving

* annotation: initial region markers

* annotation: fix region clearing (add flot-temp-elem class)

* annotation: adjust styles a bit

* annotations: minor fixes

* annoations: removed userId look in loop, need a sql join or a user cache for this

* annotation: fix invisible events

* lib: changed twitter emoij lib to be npm dependency

* annotation: add icon picker to Add Annotation dialog

* annotation: save icon to annotation table

* annotation: able to set custom icon for annotation added by user

* annotations: fix emoji after library upgrade (switch to 72px)

* emoji: temporary remove bad code points

* annotations: improve icon picker

* annotations: icon show icon picker at the top

* annotations: use svg for emoji

* annotations: fix region drawing when add annotation editor opened

* annotations: use flot lib for drawing region fill

* annotations: move regions building into event_manager

* annotations: don't draw additional space if no events are got

* annotations: deduplicate events

* annotations: properly render cut regions

* annotations: fix cut region building

* annotations: refactor

* annotations: adjust event section size

* add-annotations: fix undefined default icon

* create-annotations:  edit event (frontend part)

* fixed bug causes error when hover event marker

* create-annotations:  update event (backend)

* ignore grafana-server debug binary in git (created VS Code)

* create-annotations: use PUT request for updating annotation.

* create-annotations: fixed time format when editing existing event

* create-annotations: support for region update

* create-annotations: fix bug with limit and event type

* create-annotations: delete annotation

* create-annotations: show only selected icon in edit mode

* create-annotations: show event editor only for users with at least Editor role

* create-annotations: handle double-sized emoji codepoints

* create-annotations: refactor

use CP_SEPARATOR from emojiDef

* create-annotations: update emoji list, add categories.

* create-annotations: copy SVG emoji into public/vendor/npm and use it as a base path

* create-annotations: initial tabs for emoji picker

* emoji-picker: adjust styles

* emoji-picker: minor refactor

* emoji-picker: refactor - rename and move into one directory

* emoji-picker: build emoji elements on app load, not on picker open

* emoji-picker: fix emoji searching

* emoji-picker: refactor

* emoji-picker: capitalize category name

* emoji-picker: refactor

move buildEmojiElem() into emoji_converter.ts for future reuse.

* jquery.flot.events: refactor

use buildEmojiElem() for making emojis, remove unused code for font awesome based icons.

* emoji_converter: handle converting error

* tech: updated

* merged with master

* shore: clean up some stuff

* annotation: wip tags

* annotation: filtering by tags

* tags: parse out spaces etc. from a tags string

* annotations: use tagsinput component for tag filtering

* annotation: wip work on how we query alert & panel annotations

* annotations: support for updating tags in an annotation

* linting

* annotations: work on unifying how alert history annotations and manual panel annotations are created

* tslint: fixes

* tags: create tag on blur as well

Currently, the tags directive only creates the tag when the
user presses enter. This change means the tag is created on
blur as well (when the user clicks outside the input field).

* annotations: fix update after refactoring

* annotations: progress on how alert annotations are fetched

* annotations: minor progress

* annotations: progress

* annotation: minor progress

* annotations: move tag parsing from tooltip to ds

Instead of parsing a tag string into an array in the annotation_tooltip
class, this moves the parsing to the datasources. InfluxDB ds already
does that parsing. Graphite now has it.

* annotations: more work on querying

* annotations: change from tags as string to array

when saving in the db and in the api.

* annotations: delete tag link if removed on edit

* annotation: more work on depricating annotation title

* annotations: delete tag links on delete

* annotations: fix for find

* annotation: added user to annotation tooltip and added alertName to annoation dto

* annotations: use id from route instead from cmd for updating

* annotations: http api docs

* create annotation: last edits

* annotations: minor fix for querying annotations before dashboard saved

* annotations: fix for popover placement when legend is on the side (and doubel render pass is causing original marker to be removed)

* annotations: changing how the built in query gets added

* annotation: added time to header in edit mode

* tests: fixed jshint built issue

											
										
										
											2017-10-07 03:31:39 -05:00
-												Chore: SQL store split for annotations (#55089)

* Chore: SQL store split for annotations

* Apply suggestion from code review
											
										
										
											2022-09-19 02:54:37 -05:00
+									annotation, resp := findAnnotationByID(c.Req.Context(), hs.annotationsRepo, annotationID, c.SignedInUser)
-												Access control: adding FGAC to annotation GET endpoints and fixed roles (#45102)

* Access control: adding FGAC to annotation GET endpoints and fixed roles

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
											
										
										
											2022-02-11 12:43:29 -06:00
+									if resp != nil {
-												dashfolders: permissions for saving annotations

ref #10275 Use folder permissions instead of hard coded
permissions on the annotations routes.

											
										
										
											2017-12-20 17:52:21 -06:00
+										return resp
 									}
-												Annotations: Remove dashboard permission checks for annotations (#78352)

remove checks for access to dashboard if FlagAnnotationPermissionUpdate is enabled
											
										
										
											2023-11-23 04:47:37 -06:00
+									if !hs.Features.IsEnabled(c.Req.Context(), featuremgmt.FlagAnnotationPermissionUpdate) {
 										if canSave, err := hs.canSaveAnnotation(c, annotation); err != nil || !canSave {
 											return dashboardGuardianResponse(err)
 										}
-												Access control: adding FGAC to annotation GET endpoints and fixed roles (#45102)

* Access control: adding FGAC to annotation GET endpoints and fixed roles

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
											
										
										
											2022-02-11 12:43:29 -06:00
+									}
-												Identity: Unfurl UserID and Email in pkg/api to user identity.Requester (#76112)

* Unfurl OrgRole in pkg/api to allow using identity.Requester interface

* Unfurl Email in pkg/api to allow using identity.Requester interface

* Update UserID in pkg/api to allow using identity.Requester interface

* fix authed test

* fix datasource tests

* guard login

* fix preferences anon testing

* fix anonymous index rendering

* do not error with user id 0
											
										
										
											2023-10-09 09:07:28 -05:00
+									userID, err := identity.UserIdentifier(c.SignedInUser.GetNamespacedID())
 									if err != nil {
 										return response.Error(http.StatusInternalServerError,
 											"Failed to update annotation", err)
 									}
-												Create annotations (#8197)

* annotations: add 25px space for events section

* annotations: restored create annotation action

* annotations: able to use fa icons as event markers

* annotations: initial emoji support from twemoji lib

* annotations: adjust fa icon position

* annotations: initial emoji picker

* annotation: include user info into annotation requests

* annotation: add icon info

* annotation: display user info in tooltip

* annotation: fix region saving

* annotation: initial region markers

* annotation: fix region clearing (add flot-temp-elem class)

* annotation: adjust styles a bit

* annotations: minor fixes

* annoations: removed userId look in loop, need a sql join or a user cache for this

* annotation: fix invisible events

* lib: changed twitter emoij lib to be npm dependency

* annotation: add icon picker to Add Annotation dialog

* annotation: save icon to annotation table

* annotation: able to set custom icon for annotation added by user

* annotations: fix emoji after library upgrade (switch to 72px)

* emoji: temporary remove bad code points

* annotations: improve icon picker

* annotations: icon show icon picker at the top

* annotations: use svg for emoji

* annotations: fix region drawing when add annotation editor opened

* annotations: use flot lib for drawing region fill

* annotations: move regions building into event_manager

* annotations: don't draw additional space if no events are got

* annotations: deduplicate events

* annotations: properly render cut regions

* annotations: fix cut region building

* annotations: refactor

* annotations: adjust event section size

* add-annotations: fix undefined default icon

* create-annotations:  edit event (frontend part)

* fixed bug causes error when hover event marker

* create-annotations:  update event (backend)

* ignore grafana-server debug binary in git (created VS Code)

* create-annotations: use PUT request for updating annotation.

* create-annotations: fixed time format when editing existing event

* create-annotations: support for region update

* create-annotations: fix bug with limit and event type

* create-annotations: delete annotation

* create-annotations: show only selected icon in edit mode

* create-annotations: show event editor only for users with at least Editor role

* create-annotations: handle double-sized emoji codepoints

* create-annotations: refactor

use CP_SEPARATOR from emojiDef

* create-annotations: update emoji list, add categories.

* create-annotations: copy SVG emoji into public/vendor/npm and use it as a base path

* create-annotations: initial tabs for emoji picker

* emoji-picker: adjust styles

* emoji-picker: minor refactor

* emoji-picker: refactor - rename and move into one directory

* emoji-picker: build emoji elements on app load, not on picker open

* emoji-picker: fix emoji searching

* emoji-picker: refactor

* emoji-picker: capitalize category name

* emoji-picker: refactor

move buildEmojiElem() into emoji_converter.ts for future reuse.

* jquery.flot.events: refactor

use buildEmojiElem() for making emojis, remove unused code for font awesome based icons.

* emoji_converter: handle converting error

* tech: updated

* merged with master

* shore: clean up some stuff

* annotation: wip tags

* annotation: filtering by tags

* tags: parse out spaces etc. from a tags string

* annotations: use tagsinput component for tag filtering

* annotation: wip work on how we query alert & panel annotations

* annotations: support for updating tags in an annotation

* linting

* annotations: work on unifying how alert history annotations and manual panel annotations are created

* tslint: fixes

* tags: create tag on blur as well

Currently, the tags directive only creates the tag when the
user presses enter. This change means the tag is created on
blur as well (when the user clicks outside the input field).

* annotations: fix update after refactoring

* annotations: progress on how alert annotations are fetched

* annotations: minor progress

* annotations: progress

* annotation: minor progress

* annotations: move tag parsing from tooltip to ds

Instead of parsing a tag string into an array in the annotation_tooltip
class, this moves the parsing to the datasources. InfluxDB ds already
does that parsing. Graphite now has it.

* annotations: more work on querying

* annotations: change from tags as string to array

when saving in the db and in the api.

* annotations: delete tag link if removed on edit

* annotation: more work on depricating annotation title

* annotations: delete tag links on delete

* annotations: fix for find

* annotation: added user to annotation tooltip and added alertName to annoation dto

* annotations: use id from route instead from cmd for updating

* annotations: http api docs

* create annotation: last edits

* annotations: minor fix for querying annotations before dashboard saved

* annotations: fix for popover placement when legend is on the side (and doubel render pass is causing original marker to be removed)

* annotations: changing how the built in query gets added

* annotation: added time to header in edit mode

* tests: fixed jshint built issue

											
										
										
											2017-10-07 03:31:39 -05:00
+									item := annotations.Item{
-												Auth: Unfurl OrgID in pkg/api to allow using identity.Requester interface (#76108)

Unfurl OrgID in pkg/api to allow using identity.Requester interface
											
										
										
											2023-10-06 04:34:36 -05:00
+										OrgID:    c.SignedInUser.GetOrgID(),
-												Identity: Unfurl UserID and Email in pkg/api to user identity.Requester (#76112)

* Unfurl OrgRole in pkg/api to allow using identity.Requester interface

* Unfurl Email in pkg/api to allow using identity.Requester interface

* Update UserID in pkg/api to allow using identity.Requester interface

* fix authed test

* fix datasource tests

* guard login

* fix preferences anon testing

* fix anonymous index rendering

* do not error with user id 0
											
										
										
											2023-10-09 09:07:28 -05:00
+										UserID:   userID,
-												Rename Id to ID for annotation models (#62886)

* Rename Id to ID for annotation models

* Add xorm tags

* Rename Id to ID for API key models

* Add xorm tags
											
										
										
											2023-02-03 10:23:09 -06:00
+										ID:       annotationID,
-												Annotations: use a single row to represent a region (#17673)

* SQLite migrations

* cleanup

* migrate end times

* switch to update with a query

* real migration

* anno migrations

* remove old docs

* set isRegion from time changes

* use <> for is not

* add comment and fix index decleration

* single validation place

* add test

* fix test

* add upgrading docs

* use AnnotationEvent

* fix import

* remove regionId from typescript

											
										
										
											2019-08-16 03:49:30 -05:00
+										Epoch:    cmd.Time,
 										EpochEnd: cmd.TimeEnd,
 										Text:     cmd.Text,
 										Tags:     cmd.Tags,
-												[Bug] Fix annotations update/patch (#60385)

* fix annotations update/patch

* verify that when update doesn't contain data, we will not update data
											
										
										
											2022-12-26 08:53:52 -06:00
+										Data:     annotation.Data,
 									}
 									if cmd.Data != nil {
 										item.Data = cmd.Data
-												Create annotations (#8197)

* annotations: add 25px space for events section

* annotations: restored create annotation action

* annotations: able to use fa icons as event markers

* annotations: initial emoji support from twemoji lib

* annotations: adjust fa icon position

* annotations: initial emoji picker

* annotation: include user info into annotation requests

* annotation: add icon info

* annotation: display user info in tooltip

* annotation: fix region saving

* annotation: initial region markers

* annotation: fix region clearing (add flot-temp-elem class)

* annotation: adjust styles a bit

* annotations: minor fixes

* annoations: removed userId look in loop, need a sql join or a user cache for this

* annotation: fix invisible events

* lib: changed twitter emoij lib to be npm dependency

* annotation: add icon picker to Add Annotation dialog

* annotation: save icon to annotation table

* annotation: able to set custom icon for annotation added by user

* annotations: fix emoji after library upgrade (switch to 72px)

* emoji: temporary remove bad code points

* annotations: improve icon picker

* annotations: icon show icon picker at the top

* annotations: use svg for emoji

* annotations: fix region drawing when add annotation editor opened

* annotations: use flot lib for drawing region fill

* annotations: move regions building into event_manager

* annotations: don't draw additional space if no events are got

* annotations: deduplicate events

* annotations: properly render cut regions

* annotations: fix cut region building

* annotations: refactor

* annotations: adjust event section size

* add-annotations: fix undefined default icon

* create-annotations:  edit event (frontend part)

* fixed bug causes error when hover event marker

* create-annotations:  update event (backend)

* ignore grafana-server debug binary in git (created VS Code)

* create-annotations: use PUT request for updating annotation.

* create-annotations: fixed time format when editing existing event

* create-annotations: support for region update

* create-annotations: fix bug with limit and event type

* create-annotations: delete annotation

* create-annotations: show only selected icon in edit mode

* create-annotations: show event editor only for users with at least Editor role

* create-annotations: handle double-sized emoji codepoints

* create-annotations: refactor

use CP_SEPARATOR from emojiDef

* create-annotations: update emoji list, add categories.

* create-annotations: copy SVG emoji into public/vendor/npm and use it as a base path

* create-annotations: initial tabs for emoji picker

* emoji-picker: adjust styles

* emoji-picker: minor refactor

* emoji-picker: refactor - rename and move into one directory

* emoji-picker: build emoji elements on app load, not on picker open

* emoji-picker: fix emoji searching

* emoji-picker: refactor

* emoji-picker: capitalize category name

* emoji-picker: refactor

move buildEmojiElem() into emoji_converter.ts for future reuse.

* jquery.flot.events: refactor

use buildEmojiElem() for making emojis, remove unused code for font awesome based icons.

* emoji_converter: handle converting error

* tech: updated

* merged with master

* shore: clean up some stuff

* annotation: wip tags

* annotation: filtering by tags

* tags: parse out spaces etc. from a tags string

* annotations: use tagsinput component for tag filtering

* annotation: wip work on how we query alert & panel annotations

* annotations: support for updating tags in an annotation

* linting

* annotations: work on unifying how alert history annotations and manual panel annotations are created

* tslint: fixes

* tags: create tag on blur as well

Currently, the tags directive only creates the tag when the
user presses enter. This change means the tag is created on
blur as well (when the user clicks outside the input field).

* annotations: fix update after refactoring

* annotations: progress on how alert annotations are fetched

* annotations: minor progress

* annotations: progress

* annotation: minor progress

* annotations: move tag parsing from tooltip to ds

Instead of parsing a tag string into an array in the annotation_tooltip
class, this moves the parsing to the datasources. InfluxDB ds already
does that parsing. Graphite now has it.

* annotations: more work on querying

* annotations: change from tags as string to array

when saving in the db and in the api.

* annotations: delete tag link if removed on edit

* annotation: more work on depricating annotation title

* annotations: delete tag links on delete

* annotations: fix for find

* annotation: added user to annotation tooltip and added alertName to annoation dto

* annotations: use id from route instead from cmd for updating

* annotations: http api docs

* create annotation: last edits

* annotations: minor fix for querying annotations before dashboard saved

* annotations: fix for popover placement when legend is on the side (and doubel render pass is causing original marker to be removed)

* annotations: changing how the built in query gets added

* annotation: added time to header in edit mode

* tests: fixed jshint built issue

											
										
										
											2017-10-07 03:31:39 -05:00
+									}
-												Chore: SQL store split for annotations (#55089)

* Chore: SQL store split for annotations

* Apply suggestion from code review
											
										
										
											2022-09-19 02:54:37 -05:00
+									if err := hs.annotationsRepo.Update(c.Req.Context(), &item); err != nil {
-												Grafana: Replace magic number with a constant variable in response status (#80132)

* Chore: Replace response status with const var

* Apply suggestions from code review

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>

* Add net/http import

---------

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
											
										
										
											2024-02-27 10:39:51 -06:00
+										return response.ErrOrFallback(http.StatusInternalServerError, "Failed to update annotation", err)
-												Create annotations (#8197)

* annotations: add 25px space for events section

* annotations: restored create annotation action

* annotations: able to use fa icons as event markers

* annotations: initial emoji support from twemoji lib

* annotations: adjust fa icon position

* annotations: initial emoji picker

* annotation: include user info into annotation requests

* annotation: add icon info

* annotation: display user info in tooltip

* annotation: fix region saving

* annotation: initial region markers

* annotation: fix region clearing (add flot-temp-elem class)

* annotation: adjust styles a bit

* annotations: minor fixes

* annoations: removed userId look in loop, need a sql join or a user cache for this

* annotation: fix invisible events

* lib: changed twitter emoij lib to be npm dependency

* annotation: add icon picker to Add Annotation dialog

* annotation: save icon to annotation table

* annotation: able to set custom icon for annotation added by user

* annotations: fix emoji after library upgrade (switch to 72px)

* emoji: temporary remove bad code points

* annotations: improve icon picker

* annotations: icon show icon picker at the top

* annotations: use svg for emoji

* annotations: fix region drawing when add annotation editor opened

* annotations: use flot lib for drawing region fill

* annotations: move regions building into event_manager

* annotations: don't draw additional space if no events are got

* annotations: deduplicate events

* annotations: properly render cut regions

* annotations: fix cut region building

* annotations: refactor

* annotations: adjust event section size

* add-annotations: fix undefined default icon

* create-annotations:  edit event (frontend part)

* fixed bug causes error when hover event marker

* create-annotations:  update event (backend)

* ignore grafana-server debug binary in git (created VS Code)

* create-annotations: use PUT request for updating annotation.

* create-annotations: fixed time format when editing existing event

* create-annotations: support for region update

* create-annotations: fix bug with limit and event type

* create-annotations: delete annotation

* create-annotations: show only selected icon in edit mode

* create-annotations: show event editor only for users with at least Editor role

* create-annotations: handle double-sized emoji codepoints

* create-annotations: refactor

use CP_SEPARATOR from emojiDef

* create-annotations: update emoji list, add categories.

* create-annotations: copy SVG emoji into public/vendor/npm and use it as a base path

* create-annotations: initial tabs for emoji picker

* emoji-picker: adjust styles

* emoji-picker: minor refactor

* emoji-picker: refactor - rename and move into one directory

* emoji-picker: build emoji elements on app load, not on picker open

* emoji-picker: fix emoji searching

* emoji-picker: refactor

* emoji-picker: capitalize category name

* emoji-picker: refactor

move buildEmojiElem() into emoji_converter.ts for future reuse.

* jquery.flot.events: refactor

use buildEmojiElem() for making emojis, remove unused code for font awesome based icons.

* emoji_converter: handle converting error

* tech: updated

* merged with master

* shore: clean up some stuff

* annotation: wip tags

* annotation: filtering by tags

* tags: parse out spaces etc. from a tags string

* annotations: use tagsinput component for tag filtering

* annotation: wip work on how we query alert & panel annotations

* annotations: support for updating tags in an annotation

* linting

* annotations: work on unifying how alert history annotations and manual panel annotations are created

* tslint: fixes

* tags: create tag on blur as well

Currently, the tags directive only creates the tag when the
user presses enter. This change means the tag is created on
blur as well (when the user clicks outside the input field).

* annotations: fix update after refactoring

* annotations: progress on how alert annotations are fetched

* annotations: minor progress

* annotations: progress

* annotation: minor progress

* annotations: move tag parsing from tooltip to ds

Instead of parsing a tag string into an array in the annotation_tooltip
class, this moves the parsing to the datasources. InfluxDB ds already
does that parsing. Graphite now has it.

* annotations: more work on querying

* annotations: change from tags as string to array

when saving in the db and in the api.

* annotations: delete tag link if removed on edit

* annotation: more work on depricating annotation title

* annotations: delete tag links on delete

* annotations: fix for find

* annotation: added user to annotation tooltip and added alertName to annoation dto

* annotations: use id from route instead from cmd for updating

* annotations: http api docs

* create annotation: last edits

* annotations: minor fix for querying annotations before dashboard saved

* annotations: fix for popover placement when legend is on the side (and doubel render pass is causing original marker to be removed)

* annotations: changing how the built in query gets added

* annotation: added time to header in edit mode

* tests: fixed jshint built issue

											
										
										
											2017-10-07 03:31:39 -05:00
+									}
-												Chore: Moves common and response into separate packages (#30298)

* Chore: moves common and response into separate packages

* Chore: moves common and response into separate packages

* Update pkg/api/utils/common.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Chore: changes after PR comments

* Chore: move wrap to routing package

* Chore: move functions in common to response package

* Chore: move functions in common to response package

* Chore: formats imports

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
											
										
										
											2021-01-15 07:43:20 -06:00
+									return response.Success("Annotation updated")
-												Create annotations (#8197)

* annotations: add 25px space for events section

* annotations: restored create annotation action

* annotations: able to use fa icons as event markers

* annotations: initial emoji support from twemoji lib

* annotations: adjust fa icon position

* annotations: initial emoji picker

* annotation: include user info into annotation requests

* annotation: add icon info

* annotation: display user info in tooltip

* annotation: fix region saving

* annotation: initial region markers

* annotation: fix region clearing (add flot-temp-elem class)

* annotation: adjust styles a bit

* annotations: minor fixes

* annoations: removed userId look in loop, need a sql join or a user cache for this

* annotation: fix invisible events

* lib: changed twitter emoij lib to be npm dependency

* annotation: add icon picker to Add Annotation dialog

* annotation: save icon to annotation table

* annotation: able to set custom icon for annotation added by user

* annotations: fix emoji after library upgrade (switch to 72px)

* emoji: temporary remove bad code points

* annotations: improve icon picker

* annotations: icon show icon picker at the top

* annotations: use svg for emoji

* annotations: fix region drawing when add annotation editor opened

* annotations: use flot lib for drawing region fill

* annotations: move regions building into event_manager

* annotations: don't draw additional space if no events are got

* annotations: deduplicate events

* annotations: properly render cut regions

* annotations: fix cut region building

* annotations: refactor

* annotations: adjust event section size

* add-annotations: fix undefined default icon

* create-annotations:  edit event (frontend part)

* fixed bug causes error when hover event marker

* create-annotations:  update event (backend)

* ignore grafana-server debug binary in git (created VS Code)

* create-annotations: use PUT request for updating annotation.

* create-annotations: fixed time format when editing existing event

* create-annotations: support for region update

* create-annotations: fix bug with limit and event type

* create-annotations: delete annotation

* create-annotations: show only selected icon in edit mode

* create-annotations: show event editor only for users with at least Editor role

* create-annotations: handle double-sized emoji codepoints

* create-annotations: refactor

use CP_SEPARATOR from emojiDef

* create-annotations: update emoji list, add categories.

* create-annotations: copy SVG emoji into public/vendor/npm and use it as a base path

* create-annotations: initial tabs for emoji picker

* emoji-picker: adjust styles

* emoji-picker: minor refactor

* emoji-picker: refactor - rename and move into one directory

* emoji-picker: build emoji elements on app load, not on picker open

* emoji-picker: fix emoji searching

* emoji-picker: refactor

* emoji-picker: capitalize category name

* emoji-picker: refactor

move buildEmojiElem() into emoji_converter.ts for future reuse.

* jquery.flot.events: refactor

use buildEmojiElem() for making emojis, remove unused code for font awesome based icons.

* emoji_converter: handle converting error

* tech: updated

* merged with master

* shore: clean up some stuff

* annotation: wip tags

* annotation: filtering by tags

* tags: parse out spaces etc. from a tags string

* annotations: use tagsinput component for tag filtering

* annotation: wip work on how we query alert & panel annotations

* annotations: support for updating tags in an annotation

* linting

* annotations: work on unifying how alert history annotations and manual panel annotations are created

* tslint: fixes

* tags: create tag on blur as well

Currently, the tags directive only creates the tag when the
user presses enter. This change means the tag is created on
blur as well (when the user clicks outside the input field).

* annotations: fix update after refactoring

* annotations: progress on how alert annotations are fetched

* annotations: minor progress

* annotations: progress

* annotation: minor progress

* annotations: move tag parsing from tooltip to ds

Instead of parsing a tag string into an array in the annotation_tooltip
class, this moves the parsing to the datasources. InfluxDB ds already
does that parsing. Graphite now has it.

* annotations: more work on querying

* annotations: change from tags as string to array

when saving in the db and in the api.

* annotations: delete tag link if removed on edit

* annotation: more work on depricating annotation title

* annotations: delete tag links on delete

* annotations: fix for find

* annotation: added user to annotation tooltip and added alertName to annoation dto

* annotations: use id from route instead from cmd for updating

* annotations: http api docs

* create annotation: last edits

* annotations: minor fix for querying annotations before dashboard saved

* annotations: fix for popover placement when legend is on the side (and doubel render pass is causing original marker to be removed)

* annotations: changing how the built in query gets added

* annotation: added time to header in edit mode

* tests: fixed jshint built issue

											
										
										
											2017-10-07 03:31:39 -05:00
+								}
-												Chore: Move swagger definitions to the handlers (#52643)


											
										
										
											2022-07-27 08:54:37 -05:00
+								// swagger:route PATCH /annotations/{annotation_id} annotations patchAnnotation
 								//
-												Chore: fix formating for swagger definitions (#54993)


											
										
										
											2022-09-12 02:40:35 -05:00
+								// Patch Annotation.
-												Chore: Move swagger definitions to the handlers (#52643)


											
										
										
											2022-07-27 08:54:37 -05:00
+								//
 								// Updates one or more properties of an annotation that matches the specified ID.
 								// This operation currently supports updating of the `text`, `tags`, `time` and `timeEnd` properties.
 								// This is available in Grafana 6.0.0-beta2 and above.
 								//
 								// Responses:
 								// 200: okResponse
 								// 401: unauthorisedError
 								// 403: forbiddenError
 								// 404: notFoundError
 								// 500: internalServerError
-												Chore: Move ReqContext to contexthandler service (#62102)

* Chore: Move ReqContext to contexthandler service

* Rename package to contextmodel

* Generate ngalert files

* Remove unused imports
											
										
										
											2023-01-27 01:50:36 -06:00
+								func (hs *HTTPServer) PatchAnnotation(c *contextmodel.ReqContext) response.Response {
-												Chore: Refactor api handlers to use web.Bind (#42199)

* Chore: Refactor api handlers to use web.Bind

* fix comments

* fix comment

* trying to fix most of the tests and force routing.Wrap type check

* fix library panels tests

* fix frontend logging tests

* allow passing nil as a response to skip writing

* return nil instead of the response

* rewrite login handler function types

* remove handlerFuncCtx

* make linter happy

* remove old bindings from the libraryelements

* restore comments
											
										
										
											2021-11-29 03:18:01 -06:00
+									cmd := dtos.PatchAnnotationsCmd{}
 									if err := web.Bind(c.Req, &cmd); err != nil {
 										return response.Error(http.StatusBadRequest, "bad request data", err)
 									}
-												Remove Macaron ParamsInt64 function from code base (#43810)

* draft commit

* change all calls

* Compilation errors
											
										
										
											2022-01-14 10:55:57 -06:00
+									annotationID, err := strconv.ParseInt(web.Params(c.Req)[":annotationId"], 10, 64)
 									if err != nil {
 										return response.Error(http.StatusBadRequest, "annotationId is invalid", err)
 									}
-												Added PATCH verb end point for annotation op

Added new PATCH verb annotation endpoint

Removed unwanted fmt

Added test cases for PATCH verb annotation endpoint

Fixed formatting issue

Check arr len before proceeding

Updated doc to include PATCH verb annotation endpt

											
										
										
											2019-01-27 05:49:22 -06:00
-												Chore: SQL store split for annotations (#55089)

* Chore: SQL store split for annotations

* Apply suggestion from code review
											
										
										
											2022-09-19 02:54:37 -05:00
+									annotation, resp := findAnnotationByID(c.Req.Context(), hs.annotationsRepo, annotationID, c.SignedInUser)
-												Access control: adding FGAC to annotation GET endpoints and fixed roles (#45102)

* Access control: adding FGAC to annotation GET endpoints and fixed roles

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
											
										
										
											2022-02-11 12:43:29 -06:00
+									if resp != nil {
-												Added PATCH verb end point for annotation op

Added new PATCH verb annotation endpoint

Removed unwanted fmt

Added test cases for PATCH verb annotation endpoint

Fixed formatting issue

Check arr len before proceeding

Updated doc to include PATCH verb annotation endpt

											
										
										
											2019-01-27 05:49:22 -06:00
+										return resp
 									}
-												Annotations: Remove dashboard permission checks for annotations (#78352)

remove checks for access to dashboard if FlagAnnotationPermissionUpdate is enabled
											
										
										
											2023-11-23 04:47:37 -06:00
+									if !hs.Features.IsEnabled(c.Req.Context(), featuremgmt.FlagAnnotationPermissionUpdate) {
 										if canSave, err := hs.canSaveAnnotation(c, annotation); err != nil || !canSave {
 											return dashboardGuardianResponse(err)
 										}
-												Added PATCH verb end point for annotation op

Added new PATCH verb annotation endpoint

Removed unwanted fmt

Added test cases for PATCH verb annotation endpoint

Fixed formatting issue

Check arr len before proceeding

Updated doc to include PATCH verb annotation endpt

											
										
										
											2019-01-27 05:49:22 -06:00
+									}
-												Identity: Unfurl UserID and Email in pkg/api to user identity.Requester (#76112)

* Unfurl OrgRole in pkg/api to allow using identity.Requester interface

* Unfurl Email in pkg/api to allow using identity.Requester interface

* Update UserID in pkg/api to allow using identity.Requester interface

* fix authed test

* fix datasource tests

* guard login

* fix preferences anon testing

* fix anonymous index rendering

* do not error with user id 0
											
										
										
											2023-10-09 09:07:28 -05:00
+									userID, err := identity.UserIdentifier(c.SignedInUser.GetNamespacedID())
 									if err != nil {
 										return response.Error(http.StatusInternalServerError,
 											"Failed to update annotation", err)
 									}
-												Added PATCH verb end point for annotation op

Added new PATCH verb annotation endpoint

Removed unwanted fmt

Added test cases for PATCH verb annotation endpoint

Fixed formatting issue

Check arr len before proceeding

Updated doc to include PATCH verb annotation endpt

											
										
										
											2019-01-27 05:49:22 -06:00
+									existing := annotations.Item{
-												Auth: Unfurl OrgID in pkg/api to allow using identity.Requester interface (#76108)

Unfurl OrgID in pkg/api to allow using identity.Requester interface
											
										
										
											2023-10-06 04:34:36 -05:00
+										OrgID:    c.SignedInUser.GetOrgID(),
-												Identity: Unfurl UserID and Email in pkg/api to user identity.Requester (#76112)

* Unfurl OrgRole in pkg/api to allow using identity.Requester interface

* Unfurl Email in pkg/api to allow using identity.Requester interface

* Update UserID in pkg/api to allow using identity.Requester interface

* fix authed test

* fix datasource tests

* guard login

* fix preferences anon testing

* fix anonymous index rendering

* do not error with user id 0
											
										
										
											2023-10-09 09:07:28 -05:00
+										UserID:   userID,
-												Rename Id to ID for annotation models (#62886)

* Rename Id to ID for annotation models

* Add xorm tags

* Rename Id to ID for API key models

* Add xorm tags
											
										
										
											2023-02-03 10:23:09 -06:00
+										ID:       annotationID,
-												Access control: adding FGAC to annotation GET endpoints and fixed roles (#45102)

* Access control: adding FGAC to annotation GET endpoints and fixed roles

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
											
										
										
											2022-02-11 12:43:29 -06:00
+										Epoch:    annotation.Time,
 										EpochEnd: annotation.TimeEnd,
 										Text:     annotation.Text,
 										Tags:     annotation.Tags,
-												[Bug] Fix annotations update/patch (#60385)

* fix annotations update/patch

* verify that when update doesn't contain data, we will not update data
											
										
										
											2022-12-26 08:53:52 -06:00
+										Data:     annotation.Data,
-												Added PATCH verb end point for annotation op

Added new PATCH verb annotation endpoint

Removed unwanted fmt

Added test cases for PATCH verb annotation endpoint

Fixed formatting issue

Check arr len before proceeding

Updated doc to include PATCH verb annotation endpt

											
										
										
											2019-01-27 05:49:22 -06:00
+									}
 									if cmd.Tags != nil {
 										existing.Tags = cmd.Tags
 									}
 									if cmd.Text != "" && cmd.Text != existing.Text {
 										existing.Text = cmd.Text
 									}
 									if cmd.Time > 0 && cmd.Time != existing.Epoch {
 										existing.Epoch = cmd.Time
 									}
-												Annotations: use a single row to represent a region (#17673)

* SQLite migrations

* cleanup

* migrate end times

* switch to update with a query

* real migration

* anno migrations

* remove old docs

* set isRegion from time changes

* use <> for is not

* add comment and fix index decleration

* single validation place

* add test

* fix test

* add upgrading docs

* use AnnotationEvent

* fix import

* remove regionId from typescript

											
										
										
											2019-08-16 03:49:30 -05:00
+									if cmd.TimeEnd > 0 && cmd.TimeEnd != existing.EpochEnd {
 										existing.EpochEnd = cmd.TimeEnd
-												Added PATCH verb end point for annotation op

Added new PATCH verb annotation endpoint

Removed unwanted fmt

Added test cases for PATCH verb annotation endpoint

Fixed formatting issue

Check arr len before proceeding

Updated doc to include PATCH verb annotation endpt

											
										
										
											2019-01-27 05:49:22 -06:00
+									}
-												[Bug] Fix annotations update/patch (#60385)

* fix annotations update/patch

* verify that when update doesn't contain data, we will not update data
											
										
										
											2022-12-26 08:53:52 -06:00
+									if cmd.Data != nil {
 										existing.Data = cmd.Data
 									}
-												Chore: SQL store split for annotations (#55089)

* Chore: SQL store split for annotations

* Apply suggestion from code review
											
										
										
											2022-09-19 02:54:37 -05:00
+									if err := hs.annotationsRepo.Update(c.Req.Context(), &existing); err != nil {
-												Grafana: Replace magic number with a constant variable in response status (#80132)

* Chore: Replace response status with const var

* Apply suggestions from code review

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>

* Add net/http import

---------

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
											
										
										
											2024-02-27 10:39:51 -06:00
+										return response.ErrOrFallback(http.StatusInternalServerError, "Failed to update annotation", err)
-												Added PATCH verb end point for annotation op

Added new PATCH verb annotation endpoint

Removed unwanted fmt

Added test cases for PATCH verb annotation endpoint

Fixed formatting issue

Check arr len before proceeding

Updated doc to include PATCH verb annotation endpt

											
										
										
											2019-01-27 05:49:22 -06:00
+									}
-												Chore: Moves common and response into separate packages (#30298)

* Chore: moves common and response into separate packages

* Chore: moves common and response into separate packages

* Update pkg/api/utils/common.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Chore: changes after PR comments

* Chore: move wrap to routing package

* Chore: move functions in common to response package

* Chore: move functions in common to response package

* Chore: formats imports

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
											
										
										
											2021-01-15 07:43:20 -06:00
+									return response.Success("Annotation patched")
-												Added PATCH verb end point for annotation op

Added new PATCH verb annotation endpoint

Removed unwanted fmt

Added test cases for PATCH verb annotation endpoint

Fixed formatting issue

Check arr len before proceeding

Updated doc to include PATCH verb annotation endpt

											
										
										
											2019-01-27 05:49:22 -06:00
+								}
-												Chore: Move swagger definitions to the handlers (#52643)


											
										
										
											2022-07-27 08:54:37 -05:00
+								// swagger:route POST /annotations/mass-delete annotations massDeleteAnnotations
 								//
 								// Delete multiple annotations.
 								//
 								// Responses:
 								// 200: okResponse
 								// 401: unauthorisedError
 								// 500: internalServerError
-												Chore: Move ReqContext to contexthandler service (#62102)

* Chore: Move ReqContext to contexthandler service

* Rename package to contextmodel

* Generate ngalert files

* Remove unused imports
											
										
										
											2023-01-27 01:50:36 -06:00
+								func (hs *HTTPServer) MassDeleteAnnotations(c *contextmodel.ReqContext) response.Response {
-												Access Control: adding FGAC validation to mass delete annotation endpoint (#46846)

* Access Control: adding FGAC validation to mass delete annotation endpoint
											
										
										
											2022-03-23 16:39:00 -05:00
+									cmd := dtos.MassDeleteAnnotationsCmd{}
 									err := web.Bind(c.Req, &cmd)
 									if err != nil {
 										return response.Error(http.StatusBadRequest, "bad request data", err)
 									}
-												Chore : Replace dashboardid with dashboardUID in annotation API (#48481)

* replace dashboardid with dashboardUID in annotation API

* add some tests

* modify some docs and add uid into get endpoint

* rebase with main

* add map for avoiding too much retrieve on dashboards
											
										
										
											2022-05-02 04:35:36 -05:00
+									if cmd.DashboardUID != "" {
-												Auth: Unfurl OrgID in pkg/api to allow using identity.Requester interface (#76108)

Unfurl OrgID in pkg/api to allow using identity.Requester interface
											
										
										
											2023-10-06 04:34:36 -05:00
+										query := dashboards.GetDashboardQuery{OrgID: c.SignedInUser.GetOrgID(), UID: cmd.DashboardUID}
-												Chore: Remove Result from dashboard models (#61997)

* Chore: Remove Result from dashboard models

* Fix lint tests

* Fix dashboard service tests

* Fix API tests

* Remove commented out code

* Chore: Merge main - cleanup
											
										
										
											2023-01-25 03:36:26 -06:00
+										queryResult, err := hs.DashboardService.GetDashboard(c.Req.Context(), &query)
-												Chore : Replace dashboardid with dashboardUID in annotation API (#48481)

* replace dashboardid with dashboardUID in annotation API

* add some tests

* modify some docs and add uid into get endpoint

* rebase with main

* add map for avoiding too much retrieve on dashboards
											
										
										
											2022-05-02 04:35:36 -05:00
+										if err == nil {
-												Chore: Remove Result from dashboard models (#61997)

* Chore: Remove Result from dashboard models

* Fix lint tests

* Fix dashboard service tests

* Fix API tests

* Remove commented out code

* Chore: Merge main - cleanup
											
										
										
											2023-01-25 03:36:26 -06:00
+											cmd.DashboardId = queryResult.ID
-												Chore : Replace dashboardid with dashboardUID in annotation API (#48481)

* replace dashboardid with dashboardUID in annotation API

* add some tests

* modify some docs and add uid into get endpoint

* rebase with main

* add map for avoiding too much retrieve on dashboards
											
										
										
											2022-05-02 04:35:36 -05:00
+										}
 									}
-												Access Control: adding FGAC validation to mass delete annotation endpoint (#46846)

* Access Control: adding FGAC validation to mass delete annotation endpoint
											
										
										
											2022-03-23 16:39:00 -05:00
+									if (cmd.DashboardId != 0 && cmd.PanelId == 0) || (cmd.PanelId != 0 && cmd.DashboardId == 0) {
 										err := &AnnotationError{message: "DashboardId and PanelId are both required for mass delete"}
-												Chore: Refactor api handlers to use web.Bind (#42199)

* Chore: Refactor api handlers to use web.Bind

* fix comments

* fix comment

* trying to fix most of the tests and force routing.Wrap type check

* fix library panels tests

* fix frontend logging tests

* allow passing nil as a response to skip writing

* return nil instead of the response

* rewrite login handler function types

* remove handlerFuncCtx

* make linter happy

* remove old bindings from the libraryelements

* restore comments
											
										
										
											2021-11-29 03:18:01 -06:00
+										return response.Error(http.StatusBadRequest, "bad request data", err)
 									}
-												Access Control: adding FGAC validation to mass delete annotation endpoint (#46846)

* Access Control: adding FGAC validation to mass delete annotation endpoint
											
										
										
											2022-03-23 16:39:00 -05:00
 									var deleteParams *annotations.DeleteParams
-												feat(alerting): added clear history button to alert state history view, #6244

											
										
										
											2016-10-14 02:33:16 -05:00
-												Rename FGAC to RBAC in the codebase (#48051)


											
										
										
											2022-04-21 07:31:02 -05:00
+									// validations only for RBAC. A user can mass delete all annotations in a (dashboard + panel) or a specific annotation
-												Access Control: adding FGAC validation to mass delete annotation endpoint (#46846)

* Access Control: adding FGAC validation to mass delete annotation endpoint
											
										
										
											2022-03-23 16:39:00 -05:00
+									// if has access to that dashboard.
-												RBAC: remove some `IsDisabled` checks (#69272)

* remove some access contorl IsDisabled() checks

* cleaning up tests

* update tests

* linting
											
										
										
											2023-05-31 03:58:57 -05:00
+									var dashboardId int64
-												Access Control: adding FGAC validation to mass delete annotation endpoint (#46846)

* Access Control: adding FGAC validation to mass delete annotation endpoint
											
										
										
											2022-03-23 16:39:00 -05:00
-												RBAC: remove some `IsDisabled` checks (#69272)

* remove some access contorl IsDisabled() checks

* cleaning up tests

* update tests

* linting
											
										
										
											2023-05-31 03:58:57 -05:00
+									if cmd.AnnotationId != 0 {
 										annotation, respErr := findAnnotationByID(c.Req.Context(), hs.annotationsRepo, cmd.AnnotationId, c.SignedInUser)
 										if respErr != nil {
 											return respErr
-												Access Control: adding FGAC validation to mass delete annotation endpoint (#46846)

* Access Control: adding FGAC validation to mass delete annotation endpoint
											
										
										
											2022-03-23 16:39:00 -05:00
+										}
-												RBAC: remove some `IsDisabled` checks (#69272)

* remove some access contorl IsDisabled() checks

* cleaning up tests

* update tests

* linting
											
										
										
											2023-05-31 03:58:57 -05:00
+										dashboardId = annotation.DashboardID
 										deleteParams = &annotations.DeleteParams{
-												Auth: Unfurl OrgID in pkg/api to allow using identity.Requester interface (#76108)

Unfurl OrgID in pkg/api to allow using identity.Requester interface
											
										
										
											2023-10-06 04:34:36 -05:00
+											OrgID: c.SignedInUser.GetOrgID(),
-												RBAC: remove some `IsDisabled` checks (#69272)

* remove some access contorl IsDisabled() checks

* cleaning up tests

* update tests

* linting
											
										
										
											2023-05-31 03:58:57 -05:00
+											ID:    cmd.AnnotationId,
-												Access Control: adding FGAC validation to mass delete annotation endpoint (#46846)

* Access Control: adding FGAC validation to mass delete annotation endpoint
											
										
										
											2022-03-23 16:39:00 -05:00
+										}
-												RBAC: remove some `IsDisabled` checks (#69272)

* remove some access contorl IsDisabled() checks

* cleaning up tests

* update tests

* linting
											
										
										
											2023-05-31 03:58:57 -05:00
+									} else {
 										dashboardId = cmd.DashboardId
-												Access Control: adding FGAC validation to mass delete annotation endpoint (#46846)

* Access Control: adding FGAC validation to mass delete annotation endpoint
											
										
										
											2022-03-23 16:39:00 -05:00
+										deleteParams = &annotations.DeleteParams{
-												Auth: Unfurl OrgID in pkg/api to allow using identity.Requester interface (#76108)

Unfurl OrgID in pkg/api to allow using identity.Requester interface
											
										
										
											2023-10-06 04:34:36 -05:00
+											OrgID:       c.SignedInUser.GetOrgID(),
-												Rename Id to ID for annotation models (#62886)

* Rename Id to ID for annotation models

* Add xorm tags

* Rename Id to ID for API key models

* Add xorm tags
											
										
										
											2023-02-03 10:23:09 -06:00
+											DashboardID: cmd.DashboardId,
 											PanelID:     cmd.PanelId,
-												Access Control: adding FGAC validation to mass delete annotation endpoint (#46846)

* Access Control: adding FGAC validation to mass delete annotation endpoint
											
										
										
											2022-03-23 16:39:00 -05:00
+										}
 									}
-												RBAC: remove some `IsDisabled` checks (#69272)

* remove some access contorl IsDisabled() checks

* cleaning up tests

* update tests

* linting
											
										
										
											2023-05-31 03:58:57 -05:00
+									canSave, err := hs.canMassDeleteAnnotations(c, dashboardId)
 									if err != nil || !canSave {
-												Annotations: Remove dashboard permission checks for annotations (#78352)

remove checks for access to dashboard if FlagAnnotationPermissionUpdate is enabled
											
										
										
											2023-11-23 04:47:37 -06:00
+										if !hs.Features.IsEnabled(c.Req.Context(), featuremgmt.FlagAnnotationPermissionUpdate) {
 											return dashboardGuardianResponse(err)
 										} else if err != nil {
 											return response.Error(http.StatusInternalServerError, "Error while checking annotation permissions", err)
 										} else {
 											return response.Error(http.StatusForbidden, "Access denied to mass delete annotations", nil)
 										}
-												RBAC: remove some `IsDisabled` checks (#69272)

* remove some access contorl IsDisabled() checks

* cleaning up tests

* update tests

* linting
											
										
										
											2023-05-31 03:58:57 -05:00
+									}
-												Chore: SQL store split for annotations (#55089)

* Chore: SQL store split for annotations

* Apply suggestion from code review
											
										
										
											2022-09-19 02:54:37 -05:00
+									err = hs.annotationsRepo.Delete(c.Req.Context(), deleteParams)
-												feat(alerting): added clear history button to alert state history view, #6244

											
										
										
											2016-10-14 02:33:16 -05:00
 									if err != nil {
-												Grafana: Replace magic number with a constant variable in response status (#80132)

* Chore: Replace response status with const var

* Apply suggestions from code review

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>

* Add net/http import

---------

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
											
										
										
											2024-02-27 10:39:51 -06:00
+										return response.Error(http.StatusInternalServerError, "Failed to delete annotations", err)
-												feat(alerting): added clear history button to alert state history view, #6244

											
										
										
											2016-10-14 02:33:16 -05:00
+									}
-												Chore: Moves common and response into separate packages (#30298)

* Chore: moves common and response into separate packages

* Chore: moves common and response into separate packages

* Update pkg/api/utils/common.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Chore: changes after PR comments

* Chore: move wrap to routing package

* Chore: move functions in common to response package

* Chore: move functions in common to response package

* Chore: formats imports

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
											
										
										
											2021-01-15 07:43:20 -06:00
+									return response.Success("Annotations deleted")
-												feat(alerting): added clear history button to alert state history view, #6244

											
										
										
											2016-10-14 02:33:16 -05:00
+								}
-												Create annotations (#8197)

* annotations: add 25px space for events section

* annotations: restored create annotation action

* annotations: able to use fa icons as event markers

* annotations: initial emoji support from twemoji lib

* annotations: adjust fa icon position

* annotations: initial emoji picker

* annotation: include user info into annotation requests

* annotation: add icon info

* annotation: display user info in tooltip

* annotation: fix region saving

* annotation: initial region markers

* annotation: fix region clearing (add flot-temp-elem class)

* annotation: adjust styles a bit

* annotations: minor fixes

* annoations: removed userId look in loop, need a sql join or a user cache for this

* annotation: fix invisible events

* lib: changed twitter emoij lib to be npm dependency

* annotation: add icon picker to Add Annotation dialog

* annotation: save icon to annotation table

* annotation: able to set custom icon for annotation added by user

* annotations: fix emoji after library upgrade (switch to 72px)

* emoji: temporary remove bad code points

* annotations: improve icon picker

* annotations: icon show icon picker at the top

* annotations: use svg for emoji

* annotations: fix region drawing when add annotation editor opened

* annotations: use flot lib for drawing region fill

* annotations: move regions building into event_manager

* annotations: don't draw additional space if no events are got

* annotations: deduplicate events

* annotations: properly render cut regions

* annotations: fix cut region building

* annotations: refactor

* annotations: adjust event section size

* add-annotations: fix undefined default icon

* create-annotations:  edit event (frontend part)

* fixed bug causes error when hover event marker

* create-annotations:  update event (backend)

* ignore grafana-server debug binary in git (created VS Code)

* create-annotations: use PUT request for updating annotation.

* create-annotations: fixed time format when editing existing event

* create-annotations: support for region update

* create-annotations: fix bug with limit and event type

* create-annotations: delete annotation

* create-annotations: show only selected icon in edit mode

* create-annotations: show event editor only for users with at least Editor role

* create-annotations: handle double-sized emoji codepoints

* create-annotations: refactor

use CP_SEPARATOR from emojiDef

* create-annotations: update emoji list, add categories.

* create-annotations: copy SVG emoji into public/vendor/npm and use it as a base path

* create-annotations: initial tabs for emoji picker

* emoji-picker: adjust styles

* emoji-picker: minor refactor

* emoji-picker: refactor - rename and move into one directory

* emoji-picker: build emoji elements on app load, not on picker open

* emoji-picker: fix emoji searching

* emoji-picker: refactor

* emoji-picker: capitalize category name

* emoji-picker: refactor

move buildEmojiElem() into emoji_converter.ts for future reuse.

* jquery.flot.events: refactor

use buildEmojiElem() for making emojis, remove unused code for font awesome based icons.

* emoji_converter: handle converting error

* tech: updated

* merged with master

* shore: clean up some stuff

* annotation: wip tags

* annotation: filtering by tags

* tags: parse out spaces etc. from a tags string

* annotations: use tagsinput component for tag filtering

* annotation: wip work on how we query alert & panel annotations

* annotations: support for updating tags in an annotation

* linting

* annotations: work on unifying how alert history annotations and manual panel annotations are created

* tslint: fixes

* tags: create tag on blur as well

Currently, the tags directive only creates the tag when the
user presses enter. This change means the tag is created on
blur as well (when the user clicks outside the input field).

* annotations: fix update after refactoring

* annotations: progress on how alert annotations are fetched

* annotations: minor progress

* annotations: progress

* annotation: minor progress

* annotations: move tag parsing from tooltip to ds

Instead of parsing a tag string into an array in the annotation_tooltip
class, this moves the parsing to the datasources. InfluxDB ds already
does that parsing. Graphite now has it.

* annotations: more work on querying

* annotations: change from tags as string to array

when saving in the db and in the api.

* annotations: delete tag link if removed on edit

* annotation: more work on depricating annotation title

* annotations: delete tag links on delete

* annotations: fix for find

* annotation: added user to annotation tooltip and added alertName to annoation dto

* annotations: use id from route instead from cmd for updating

* annotations: http api docs

* create annotation: last edits

* annotations: minor fix for querying annotations before dashboard saved

* annotations: fix for popover placement when legend is on the side (and doubel render pass is causing original marker to be removed)

* annotations: changing how the built in query gets added

* annotation: added time to header in edit mode

* tests: fixed jshint built issue

											
										
										
											2017-10-07 03:31:39 -05:00
-												Chore: Move swagger definitions to the handlers (#52643)


											
										
										
											2022-07-27 08:54:37 -05:00
+								// swagger:route GET /annotations/{annotation_id} annotations getAnnotationByID
 								//
-												Chore: fix formating for swagger definitions (#54993)


											
										
										
											2022-09-12 02:40:35 -05:00
+								// Get Annotation by ID.
-												Chore: Move swagger definitions to the handlers (#52643)


											
										
										
											2022-07-27 08:54:37 -05:00
+								//
 								// Responses:
 								// 200: getAnnotationByIDResponse
 								// 401: unauthorisedError
 								// 500: internalServerError
-												Chore: Move ReqContext to contexthandler service (#62102)

* Chore: Move ReqContext to contexthandler service

* Rename package to contextmodel

* Generate ngalert files

* Remove unused imports
											
										
										
											2023-01-27 01:50:36 -06:00
+								func (hs *HTTPServer) GetAnnotationByID(c *contextmodel.ReqContext) response.Response {
-												AnnotationsApi: GET /api/annotations/:annotationId (#47739)


											
										
										
											2022-05-16 10:16:36 -05:00
+									annotationID, err := strconv.ParseInt(web.Params(c.Req)[":annotationId"], 10, 64)
 									if err != nil {
 										return response.Error(http.StatusBadRequest, "annotationId is invalid", err)
 									}
-												Chore: SQL store split for annotations (#55089)

* Chore: SQL store split for annotations

* Apply suggestion from code review
											
										
										
											2022-09-19 02:54:37 -05:00
+									annotation, resp := findAnnotationByID(c.Req.Context(), hs.annotationsRepo, annotationID, c.SignedInUser)
-												AnnotationsApi: GET /api/annotations/:annotationId (#47739)


											
										
										
											2022-05-16 10:16:36 -05:00
+									if resp != nil {
 										return resp
 									}
 									if annotation.Email != "" {
-												Chore: Remove public vars in setting package (#81018)

Removes the public variable setting.SecretKey plus some other ones. 
Introduces some new functions for creating setting.Cfg.
											
										
										
											2024-01-23 05:36:22 -06:00
+										annotation.AvatarURL = dtos.GetGravatarUrl(hs.Cfg, annotation.Email)
-												AnnotationsApi: GET /api/annotations/:annotationId (#47739)


											
										
										
											2022-05-16 10:16:36 -05:00
+									}
-												Grafana: Replace magic number with a constant variable in response status (#80132)

* Chore: Replace response status with const var

* Apply suggestions from code review

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>

* Add net/http import

---------

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
											
										
										
											2024-02-27 10:39:51 -06:00
+									return response.JSON(http.StatusOK, annotation)
-												AnnotationsApi: GET /api/annotations/:annotationId (#47739)


											
										
										
											2022-05-16 10:16:36 -05:00
+								}
-												Chore: Move swagger definitions to the handlers (#52643)


											
										
										
											2022-07-27 08:54:37 -05:00
+								// swagger:route DELETE /annotations/{annotation_id} annotations deleteAnnotationByID
 								//
 								// Delete Annotation By ID.
 								//
 								// Deletes the annotation that matches the specified ID.
 								//
 								// Responses:
 								// 200: okResponse
 								// 401: unauthorisedError
 								// 403: forbiddenError
 								// 500: internalServerError
-												Chore: Move ReqContext to contexthandler service (#62102)

* Chore: Move ReqContext to contexthandler service

* Rename package to contextmodel

* Generate ngalert files

* Remove unused imports
											
										
										
											2023-01-27 01:50:36 -06:00
+								func (hs *HTTPServer) DeleteAnnotationByID(c *contextmodel.ReqContext) response.Response {
-												Remove Macaron ParamsInt64 function from code base (#43810)

* draft commit

* change all calls

* Compilation errors
											
										
										
											2022-01-14 10:55:57 -06:00
+									annotationID, err := strconv.ParseInt(web.Params(c.Req)[":annotationId"], 10, 64)
 									if err != nil {
 										return response.Error(http.StatusBadRequest, "annotationId is invalid", err)
 									}
-												Create annotations (#8197)

* annotations: add 25px space for events section

* annotations: restored create annotation action

* annotations: able to use fa icons as event markers

* annotations: initial emoji support from twemoji lib

* annotations: adjust fa icon position

* annotations: initial emoji picker

* annotation: include user info into annotation requests

* annotation: add icon info

* annotation: display user info in tooltip

* annotation: fix region saving

* annotation: initial region markers

* annotation: fix region clearing (add flot-temp-elem class)

* annotation: adjust styles a bit

* annotations: minor fixes

* annoations: removed userId look in loop, need a sql join or a user cache for this

* annotation: fix invisible events

* lib: changed twitter emoij lib to be npm dependency

* annotation: add icon picker to Add Annotation dialog

* annotation: save icon to annotation table

* annotation: able to set custom icon for annotation added by user

* annotations: fix emoji after library upgrade (switch to 72px)

* emoji: temporary remove bad code points

* annotations: improve icon picker

* annotations: icon show icon picker at the top

* annotations: use svg for emoji

* annotations: fix region drawing when add annotation editor opened

* annotations: use flot lib for drawing region fill

* annotations: move regions building into event_manager

* annotations: don't draw additional space if no events are got

* annotations: deduplicate events

* annotations: properly render cut regions

* annotations: fix cut region building

* annotations: refactor

* annotations: adjust event section size

* add-annotations: fix undefined default icon

* create-annotations:  edit event (frontend part)

* fixed bug causes error when hover event marker

* create-annotations:  update event (backend)

* ignore grafana-server debug binary in git (created VS Code)

* create-annotations: use PUT request for updating annotation.

* create-annotations: fixed time format when editing existing event

* create-annotations: support for region update

* create-annotations: fix bug with limit and event type

* create-annotations: delete annotation

* create-annotations: show only selected icon in edit mode

* create-annotations: show event editor only for users with at least Editor role

* create-annotations: handle double-sized emoji codepoints

* create-annotations: refactor

use CP_SEPARATOR from emojiDef

* create-annotations: update emoji list, add categories.

* create-annotations: copy SVG emoji into public/vendor/npm and use it as a base path

* create-annotations: initial tabs for emoji picker

* emoji-picker: adjust styles

* emoji-picker: minor refactor

* emoji-picker: refactor - rename and move into one directory

* emoji-picker: build emoji elements on app load, not on picker open

* emoji-picker: fix emoji searching

* emoji-picker: refactor

* emoji-picker: capitalize category name

* emoji-picker: refactor

move buildEmojiElem() into emoji_converter.ts for future reuse.

* jquery.flot.events: refactor

use buildEmojiElem() for making emojis, remove unused code for font awesome based icons.

* emoji_converter: handle converting error

* tech: updated

* merged with master

* shore: clean up some stuff

* annotation: wip tags

* annotation: filtering by tags

* tags: parse out spaces etc. from a tags string

* annotations: use tagsinput component for tag filtering

* annotation: wip work on how we query alert & panel annotations

* annotations: support for updating tags in an annotation

* linting

* annotations: work on unifying how alert history annotations and manual panel annotations are created

* tslint: fixes

* tags: create tag on blur as well

Currently, the tags directive only creates the tag when the
user presses enter. This change means the tag is created on
blur as well (when the user clicks outside the input field).

* annotations: fix update after refactoring

* annotations: progress on how alert annotations are fetched

* annotations: minor progress

* annotations: progress

* annotation: minor progress

* annotations: move tag parsing from tooltip to ds

Instead of parsing a tag string into an array in the annotation_tooltip
class, this moves the parsing to the datasources. InfluxDB ds already
does that parsing. Graphite now has it.

* annotations: more work on querying

* annotations: change from tags as string to array

when saving in the db and in the api.

* annotations: delete tag link if removed on edit

* annotation: more work on depricating annotation title

* annotations: delete tag links on delete

* annotations: fix for find

* annotation: added user to annotation tooltip and added alertName to annoation dto

* annotations: use id from route instead from cmd for updating

* annotations: http api docs

* create annotation: last edits

* annotations: minor fix for querying annotations before dashboard saved

* annotations: fix for popover placement when legend is on the side (and doubel render pass is causing original marker to be removed)

* annotations: changing how the built in query gets added

* annotation: added time to header in edit mode

* tests: fixed jshint built issue

											
										
										
											2017-10-07 03:31:39 -05:00
-												Annotations: Remove dashboard permission checks for annotations (#78352)

remove checks for access to dashboard if FlagAnnotationPermissionUpdate is enabled
											
										
										
											2023-11-23 04:47:37 -06:00
+									if !hs.Features.IsEnabled(c.Req.Context(), featuremgmt.FlagAnnotationPermissionUpdate) {
 										annotation, resp := findAnnotationByID(c.Req.Context(), hs.annotationsRepo, annotationID, c.SignedInUser)
 										if resp != nil {
 											return resp
 										}
-												dashfolders: permissions for saving annotations

ref #10275 Use folder permissions instead of hard coded
permissions on the annotations routes.

											
										
										
											2017-12-20 17:52:21 -06:00
-												Annotations: Remove dashboard permission checks for annotations (#78352)

remove checks for access to dashboard if FlagAnnotationPermissionUpdate is enabled
											
										
										
											2023-11-23 04:47:37 -06:00
+										if canSave, err := hs.canSaveAnnotation(c, annotation); err != nil || !canSave {
 											return dashboardGuardianResponse(err)
 										}
-												Access control: adding FGAC to annotation GET endpoints and fixed roles (#45102)

* Access control: adding FGAC to annotation GET endpoints and fixed roles

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
											
										
										
											2022-02-11 12:43:29 -06:00
+									}
-												Chore: SQL store split for annotations (#55089)

* Chore: SQL store split for annotations

* Apply suggestion from code review
											
										
										
											2022-09-19 02:54:37 -05:00
+									err = hs.annotationsRepo.Delete(c.Req.Context(), &annotations.DeleteParams{
-												Auth: Unfurl OrgID in pkg/api to allow using identity.Requester interface (#76108)

Unfurl OrgID in pkg/api to allow using identity.Requester interface
											
										
										
											2023-10-06 04:34:36 -05:00
+										OrgID: c.SignedInUser.GetOrgID(),
-												Rename Id to ID for annotation models (#62886)

* Rename Id to ID for annotation models

* Add xorm tags

* Rename Id to ID for API key models

* Add xorm tags
											
										
										
											2023-02-03 10:23:09 -06:00
+										ID:    annotationID,
-												Create annotations (#8197)

* annotations: add 25px space for events section

* annotations: restored create annotation action

* annotations: able to use fa icons as event markers

* annotations: initial emoji support from twemoji lib

* annotations: adjust fa icon position

* annotations: initial emoji picker

* annotation: include user info into annotation requests

* annotation: add icon info

* annotation: display user info in tooltip

* annotation: fix region saving

* annotation: initial region markers

* annotation: fix region clearing (add flot-temp-elem class)

* annotation: adjust styles a bit

* annotations: minor fixes

* annoations: removed userId look in loop, need a sql join or a user cache for this

* annotation: fix invisible events

* lib: changed twitter emoij lib to be npm dependency

* annotation: add icon picker to Add Annotation dialog

* annotation: save icon to annotation table

* annotation: able to set custom icon for annotation added by user

* annotations: fix emoji after library upgrade (switch to 72px)

* emoji: temporary remove bad code points

* annotations: improve icon picker

* annotations: icon show icon picker at the top

* annotations: use svg for emoji

* annotations: fix region drawing when add annotation editor opened

* annotations: use flot lib for drawing region fill

* annotations: move regions building into event_manager

* annotations: don't draw additional space if no events are got

* annotations: deduplicate events

* annotations: properly render cut regions

* annotations: fix cut region building

* annotations: refactor

* annotations: adjust event section size

* add-annotations: fix undefined default icon

* create-annotations:  edit event (frontend part)

* fixed bug causes error when hover event marker

* create-annotations:  update event (backend)

* ignore grafana-server debug binary in git (created VS Code)

* create-annotations: use PUT request for updating annotation.

* create-annotations: fixed time format when editing existing event

* create-annotations: support for region update

* create-annotations: fix bug with limit and event type

* create-annotations: delete annotation

* create-annotations: show only selected icon in edit mode

* create-annotations: show event editor only for users with at least Editor role

* create-annotations: handle double-sized emoji codepoints

* create-annotations: refactor

use CP_SEPARATOR from emojiDef

* create-annotations: update emoji list, add categories.

* create-annotations: copy SVG emoji into public/vendor/npm and use it as a base path

* create-annotations: initial tabs for emoji picker

* emoji-picker: adjust styles

* emoji-picker: minor refactor

* emoji-picker: refactor - rename and move into one directory

* emoji-picker: build emoji elements on app load, not on picker open

* emoji-picker: fix emoji searching

* emoji-picker: refactor

* emoji-picker: capitalize category name

* emoji-picker: refactor

move buildEmojiElem() into emoji_converter.ts for future reuse.

* jquery.flot.events: refactor

use buildEmojiElem() for making emojis, remove unused code for font awesome based icons.

* emoji_converter: handle converting error

* tech: updated

* merged with master

* shore: clean up some stuff

* annotation: wip tags

* annotation: filtering by tags

* tags: parse out spaces etc. from a tags string

* annotations: use tagsinput component for tag filtering

* annotation: wip work on how we query alert & panel annotations

* annotations: support for updating tags in an annotation

* linting

* annotations: work on unifying how alert history annotations and manual panel annotations are created

* tslint: fixes

* tags: create tag on blur as well

Currently, the tags directive only creates the tag when the
user presses enter. This change means the tag is created on
blur as well (when the user clicks outside the input field).

* annotations: fix update after refactoring

* annotations: progress on how alert annotations are fetched

* annotations: minor progress

* annotations: progress

* annotation: minor progress

* annotations: move tag parsing from tooltip to ds

Instead of parsing a tag string into an array in the annotation_tooltip
class, this moves the parsing to the datasources. InfluxDB ds already
does that parsing. Graphite now has it.

* annotations: more work on querying

* annotations: change from tags as string to array

when saving in the db and in the api.

* annotations: delete tag link if removed on edit

* annotation: more work on depricating annotation title

* annotations: delete tag links on delete

* annotations: fix for find

* annotation: added user to annotation tooltip and added alertName to annoation dto

* annotations: use id from route instead from cmd for updating

* annotations: http api docs

* create annotation: last edits

* annotations: minor fix for querying annotations before dashboard saved

* annotations: fix for popover placement when legend is on the side (and doubel render pass is causing original marker to be removed)

* annotations: changing how the built in query gets added

* annotation: added time to header in edit mode

* tests: fixed jshint built issue

											
										
										
											2017-10-07 03:31:39 -05:00
+									})
 									if err != nil {
-												Grafana: Replace magic number with a constant variable in response status (#80132)

* Chore: Replace response status with const var

* Apply suggestions from code review

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>

* Add net/http import

---------

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
											
										
										
											2024-02-27 10:39:51 -06:00
+										return response.Error(http.StatusInternalServerError, "Failed to delete annotation", err)
-												Create annotations (#8197)

* annotations: add 25px space for events section

* annotations: restored create annotation action

* annotations: able to use fa icons as event markers

* annotations: initial emoji support from twemoji lib

* annotations: adjust fa icon position

* annotations: initial emoji picker

* annotation: include user info into annotation requests

* annotation: add icon info

* annotation: display user info in tooltip

* annotation: fix region saving

* annotation: initial region markers

* annotation: fix region clearing (add flot-temp-elem class)

* annotation: adjust styles a bit

* annotations: minor fixes

* annoations: removed userId look in loop, need a sql join or a user cache for this

* annotation: fix invisible events

* lib: changed twitter emoij lib to be npm dependency

* annotation: add icon picker to Add Annotation dialog

* annotation: save icon to annotation table

* annotation: able to set custom icon for annotation added by user

* annotations: fix emoji after library upgrade (switch to 72px)

* emoji: temporary remove bad code points

* annotations: improve icon picker

* annotations: icon show icon picker at the top

* annotations: use svg for emoji

* annotations: fix region drawing when add annotation editor opened

* annotations: use flot lib for drawing region fill

* annotations: move regions building into event_manager

* annotations: don't draw additional space if no events are got

* annotations: deduplicate events

* annotations: properly render cut regions

* annotations: fix cut region building

* annotations: refactor

* annotations: adjust event section size

* add-annotations: fix undefined default icon

* create-annotations:  edit event (frontend part)

* fixed bug causes error when hover event marker

* create-annotations:  update event (backend)

* ignore grafana-server debug binary in git (created VS Code)

* create-annotations: use PUT request for updating annotation.

* create-annotations: fixed time format when editing existing event

* create-annotations: support for region update

* create-annotations: fix bug with limit and event type

* create-annotations: delete annotation

* create-annotations: show only selected icon in edit mode

* create-annotations: show event editor only for users with at least Editor role

* create-annotations: handle double-sized emoji codepoints

* create-annotations: refactor

use CP_SEPARATOR from emojiDef

* create-annotations: update emoji list, add categories.

* create-annotations: copy SVG emoji into public/vendor/npm and use it as a base path

* create-annotations: initial tabs for emoji picker

* emoji-picker: adjust styles

* emoji-picker: minor refactor

* emoji-picker: refactor - rename and move into one directory

* emoji-picker: build emoji elements on app load, not on picker open

* emoji-picker: fix emoji searching

* emoji-picker: refactor

* emoji-picker: capitalize category name

* emoji-picker: refactor

move buildEmojiElem() into emoji_converter.ts for future reuse.

* jquery.flot.events: refactor

use buildEmojiElem() for making emojis, remove unused code for font awesome based icons.

* emoji_converter: handle converting error

* tech: updated

* merged with master

* shore: clean up some stuff

* annotation: wip tags

* annotation: filtering by tags

* tags: parse out spaces etc. from a tags string

* annotations: use tagsinput component for tag filtering

* annotation: wip work on how we query alert & panel annotations

* annotations: support for updating tags in an annotation

* linting

* annotations: work on unifying how alert history annotations and manual panel annotations are created

* tslint: fixes

* tags: create tag on blur as well

Currently, the tags directive only creates the tag when the
user presses enter. This change means the tag is created on
blur as well (when the user clicks outside the input field).

* annotations: fix update after refactoring

* annotations: progress on how alert annotations are fetched

* annotations: minor progress

* annotations: progress

* annotation: minor progress

* annotations: move tag parsing from tooltip to ds

Instead of parsing a tag string into an array in the annotation_tooltip
class, this moves the parsing to the datasources. InfluxDB ds already
does that parsing. Graphite now has it.

* annotations: more work on querying

* annotations: change from tags as string to array

when saving in the db and in the api.

* annotations: delete tag link if removed on edit

* annotation: more work on depricating annotation title

* annotations: delete tag links on delete

* annotations: fix for find

* annotation: added user to annotation tooltip and added alertName to annoation dto

* annotations: use id from route instead from cmd for updating

* annotations: http api docs

* create annotation: last edits

* annotations: minor fix for querying annotations before dashboard saved

* annotations: fix for popover placement when legend is on the side (and doubel render pass is causing original marker to be removed)

* annotations: changing how the built in query gets added

* annotation: added time to header in edit mode

* tests: fixed jshint built issue

											
										
										
											2017-10-07 03:31:39 -05:00
+									}
-												Chore: Moves common and response into separate packages (#30298)

* Chore: moves common and response into separate packages

* Chore: moves common and response into separate packages

* Update pkg/api/utils/common.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Chore: changes after PR comments

* Chore: move wrap to routing package

* Chore: move functions in common to response package

* Chore: move functions in common to response package

* Chore: formats imports

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
											
										
										
											2021-01-15 07:43:20 -06:00
+									return response.Success("Annotation deleted")
-												Create annotations (#8197)

* annotations: add 25px space for events section

* annotations: restored create annotation action

* annotations: able to use fa icons as event markers

* annotations: initial emoji support from twemoji lib

* annotations: adjust fa icon position

* annotations: initial emoji picker

* annotation: include user info into annotation requests

* annotation: add icon info

* annotation: display user info in tooltip

* annotation: fix region saving

* annotation: initial region markers

* annotation: fix region clearing (add flot-temp-elem class)

* annotation: adjust styles a bit

* annotations: minor fixes

* annoations: removed userId look in loop, need a sql join or a user cache for this

* annotation: fix invisible events

* lib: changed twitter emoij lib to be npm dependency

* annotation: add icon picker to Add Annotation dialog

* annotation: save icon to annotation table

* annotation: able to set custom icon for annotation added by user

* annotations: fix emoji after library upgrade (switch to 72px)

* emoji: temporary remove bad code points

* annotations: improve icon picker

* annotations: icon show icon picker at the top

* annotations: use svg for emoji

* annotations: fix region drawing when add annotation editor opened

* annotations: use flot lib for drawing region fill

* annotations: move regions building into event_manager

* annotations: don't draw additional space if no events are got

* annotations: deduplicate events

* annotations: properly render cut regions

* annotations: fix cut region building

* annotations: refactor

* annotations: adjust event section size

* add-annotations: fix undefined default icon

* create-annotations:  edit event (frontend part)

* fixed bug causes error when hover event marker

* create-annotations:  update event (backend)

* ignore grafana-server debug binary in git (created VS Code)

* create-annotations: use PUT request for updating annotation.

* create-annotations: fixed time format when editing existing event

* create-annotations: support for region update

* create-annotations: fix bug with limit and event type

* create-annotations: delete annotation

* create-annotations: show only selected icon in edit mode

* create-annotations: show event editor only for users with at least Editor role

* create-annotations: handle double-sized emoji codepoints

* create-annotations: refactor

use CP_SEPARATOR from emojiDef

* create-annotations: update emoji list, add categories.

* create-annotations: copy SVG emoji into public/vendor/npm and use it as a base path

* create-annotations: initial tabs for emoji picker

* emoji-picker: adjust styles

* emoji-picker: minor refactor

* emoji-picker: refactor - rename and move into one directory

* emoji-picker: build emoji elements on app load, not on picker open

* emoji-picker: fix emoji searching

* emoji-picker: refactor

* emoji-picker: capitalize category name

* emoji-picker: refactor

move buildEmojiElem() into emoji_converter.ts for future reuse.

* jquery.flot.events: refactor

use buildEmojiElem() for making emojis, remove unused code for font awesome based icons.

* emoji_converter: handle converting error

* tech: updated

* merged with master

* shore: clean up some stuff

* annotation: wip tags

* annotation: filtering by tags

* tags: parse out spaces etc. from a tags string

* annotations: use tagsinput component for tag filtering

* annotation: wip work on how we query alert & panel annotations

* annotations: support for updating tags in an annotation

* linting

* annotations: work on unifying how alert history annotations and manual panel annotations are created

* tslint: fixes

* tags: create tag on blur as well

Currently, the tags directive only creates the tag when the
user presses enter. This change means the tag is created on
blur as well (when the user clicks outside the input field).

* annotations: fix update after refactoring

* annotations: progress on how alert annotations are fetched

* annotations: minor progress

* annotations: progress

* annotation: minor progress

* annotations: move tag parsing from tooltip to ds

Instead of parsing a tag string into an array in the annotation_tooltip
class, this moves the parsing to the datasources. InfluxDB ds already
does that parsing. Graphite now has it.

* annotations: more work on querying

* annotations: change from tags as string to array

when saving in the db and in the api.

* annotations: delete tag link if removed on edit

* annotation: more work on depricating annotation title

* annotations: delete tag links on delete

* annotations: fix for find

* annotation: added user to annotation tooltip and added alertName to annoation dto

* annotations: use id from route instead from cmd for updating

* annotations: http api docs

* create annotation: last edits

* annotations: minor fix for querying annotations before dashboard saved

* annotations: fix for popover placement when legend is on the side (and doubel render pass is causing original marker to be removed)

* annotations: changing how the built in query gets added

* annotation: added time to header in edit mode

* tests: fixed jshint built issue

											
										
										
											2017-10-07 03:31:39 -05:00
+								}
-												Chore: Move ReqContext to contexthandler service (#62102)

* Chore: Move ReqContext to contexthandler service

* Rename package to contextmodel

* Generate ngalert files

* Remove unused imports
											
										
										
											2023-01-27 01:50:36 -06:00
+								func (hs *HTTPServer) canSaveAnnotation(c *contextmodel.ReqContext, annotation *annotations.ItemDTO) (bool, error) {
-												check that the user has RBAC permissions to save dashboard annotation (#47882)


											
										
										
											2022-04-20 02:43:42 -05:00
+									if annotation.GetType() == annotations.Dashboard {
-												Rename Id to ID for annotation models (#62886)

* Rename Id to ID for annotation models

* Add xorm tags

* Rename Id to ID for API key models

* Add xorm tags
											
										
										
											2023-02-03 10:23:09 -06:00
+										return canEditDashboard(c, annotation.DashboardID)
-												check that the user has RBAC permissions to save dashboard annotation (#47882)


											
										
										
											2022-04-20 02:43:42 -05:00
+									} else {
 										return true, nil
 									}
 								}
-												Chore: Move ReqContext to contexthandler service (#62102)

* Chore: Move ReqContext to contexthandler service

* Rename package to contextmodel

* Generate ngalert files

* Remove unused imports
											
										
										
											2023-01-27 01:50:36 -06:00
+								func canEditDashboard(c *contextmodel.ReqContext, dashboardID int64) (bool, error) {
-												Auth: Unfurl OrgID in pkg/api to allow using identity.Requester interface (#76108)

Unfurl OrgID in pkg/api to allow using identity.Requester interface
											
										
										
											2023-10-06 04:34:36 -05:00
+									guard, err := guardian.New(c.Req.Context(), dashboardID, c.SignedInUser.GetOrgID(), c.SignedInUser)
-												Guardian: Introduce additional constructors (#59577)

* Guardian: Use dashboard UID instead of ID

* Apply suggestions from code review

Introduce several guardian constructors and each time use
the most appropriate one.
											
										
										
											2022-12-15 08:34:17 -06:00
+									if err != nil {
 										return false, err
 									}
-												Access control: FGAC for annotation updates (#46462)

* proposal

* PR feedback

* fix canSave bug

* update scope naming

* linting

* linting

Co-authored-by: Ezequiel Victorero <ezequiel.victorero@grafana.com>
											
										
										
											2022-03-18 11:33:21 -05:00
+									if canEdit, err := guard.CanEdit(); err != nil || !canEdit {
 										return false, err
-												dashfolders: permissions for saving annotations

ref #10275 Use folder permissions instead of hard coded
permissions on the annotations routes.

											
										
										
											2017-12-20 17:52:21 -06:00
+									}
 									return true, nil
 								}
-												Move SignedInUser to user service and RoleType and Roles to org (#53445)

* Move SignedInUser to user service and RoleType and Roles to org

* Use go naming convention for roles

* Fix some imports and leftovers

* Fix ldap debug test

* Fix lint

* Fix lint 2

* Fix lint 3

* Fix type and not needed conversion

* Clean up messages in api tests

* Clean up api tests 2
											
										
										
											2022-08-10 04:56:48 -05:00
+								func findAnnotationByID(ctx context.Context, repo annotations.Repository, annotationID int64, user *user.SignedInUser) (*annotations.ItemDTO, response.Response) {
-												Access control: SQL filtering for annotation listing (#47467)

* pass in user to attribute scope resolver

* add SQL filter to annotation listing

* check annotation FGAC permissions before exposing them for commenting

* remove the requirement to be able to list all annotations from annotation listing endpoint

* adding tests for annotation listing

* remove changes that got moved to a different PR

* unused var

* Update pkg/services/sqlstore/annotation.go

Co-authored-by: Ezequiel Victorero <evictorero@gmail.com>

* remove unneeded check

* remove unneeded check

* undo accidental change

* undo accidental change

* doc update

* move tests

* redo the approach for passing the user in for scope resolution

* accidental change

* cleanup

* error handling

Co-authored-by: Ezequiel Victorero <evictorero@gmail.com>
											
										
										
											2022-04-11 07:18:38 -05:00
+									query := &annotations.ItemQuery{
-												Rename Id to ID for annotation models (#62886)

* Rename Id to ID for annotation models

* Add xorm tags

* Rename Id to ID for API key models

* Add xorm tags
											
										
										
											2023-02-03 10:23:09 -06:00
+										AnnotationID: annotationID,
 										OrgID:        user.OrgID,
-												Access control: SQL filtering for annotation listing (#47467)

* pass in user to attribute scope resolver

* add SQL filter to annotation listing

* check annotation FGAC permissions before exposing them for commenting

* remove the requirement to be able to list all annotations from annotation listing endpoint

* adding tests for annotation listing

* remove changes that got moved to a different PR

* unused var

* Update pkg/services/sqlstore/annotation.go

Co-authored-by: Ezequiel Victorero <evictorero@gmail.com>

* remove unneeded check

* remove unneeded check

* undo accidental change

* undo accidental change

* doc update

* move tests

* redo the approach for passing the user in for scope resolution

* accidental change

* cleanup

* error handling

Co-authored-by: Ezequiel Victorero <evictorero@gmail.com>
											
										
										
											2022-04-11 07:18:38 -05:00
+										SignedInUser: user,
 									}
 									items, err := repo.Find(ctx, query)
-												dashfolders: permissions for saving annotations

ref #10275 Use folder permissions instead of hard coded
permissions on the annotations routes.

											
										
										
											2017-12-20 17:52:21 -06:00
-												Access control: adding FGAC to annotation GET endpoints and fixed roles (#45102)

* Access control: adding FGAC to annotation GET endpoints and fixed roles

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
											
										
										
											2022-02-11 12:43:29 -06:00
+									if err != nil {
-												Grafana: Replace magic number with a constant variable in response status (#80132)

* Chore: Replace response status with const var

* Apply suggestions from code review

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>

* Add net/http import

---------

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
											
										
										
											2024-02-27 10:39:51 -06:00
+										return nil, response.Error(http.StatusInternalServerError, "Failed to find annotation", err)
-												Access control: adding FGAC to annotation GET endpoints and fixed roles (#45102)

* Access control: adding FGAC to annotation GET endpoints and fixed roles

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
											
										
										
											2022-02-11 12:43:29 -06:00
+									}
-												dashfolders: permissions for saving annotations

ref #10275 Use folder permissions instead of hard coded
permissions on the annotations routes.

											
										
										
											2017-12-20 17:52:21 -06:00
-												Access control: adding FGAC to annotation GET endpoints and fixed roles (#45102)

* Access control: adding FGAC to annotation GET endpoints and fixed roles

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
											
										
										
											2022-02-11 12:43:29 -06:00
+									if len(items) == 0 {
-												Grafana: Replace magic number with a constant variable in response status (#80132)

* Chore: Replace response status with const var

* Apply suggestions from code review

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>

* Add net/http import

---------

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
											
										
										
											2024-02-27 10:39:51 -06:00
+										return nil, response.Error(http.StatusNotFound, "Annotation not found", nil)
-												dashfolders: permissions for saving annotations

ref #10275 Use folder permissions instead of hard coded
permissions on the annotations routes.

											
										
										
											2017-12-20 17:52:21 -06:00
+									}
-												Access control: adding FGAC to annotation GET endpoints and fixed roles (#45102)

* Access control: adding FGAC to annotation GET endpoints and fixed roles

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
											
										
										
											2022-02-11 12:43:29 -06:00
+									return items[0], nil
-												dashfolders: permissions for saving annotations

ref #10275 Use folder permissions instead of hard coded
permissions on the annotations routes.

											
										
										
											2017-12-20 17:52:21 -06:00
+								}
-												Annotations: Adds tags endpoint (#36199)

* Annotations: Adds tags endpoint

* Chore: fixes sql  statement

* Refactor: adds count to the api

* Chore: changes after PR comments

* Refactor: changes after PR comments
											
										
										
											2021-06-30 06:42:54 -05:00
-												Chore: Move swagger definitions to the handlers (#52643)


											
										
										
											2022-07-27 08:54:37 -05:00
+								// swagger:route GET /annotations/tags annotations getAnnotationTags
 								//
 								// Find Annotations Tags.
 								//
 								// Find all the event tags created in the annotations.
 								//
 								// Responses:
 								// 200: getAnnotationTagsResponse
 								// 401: unauthorisedError
 								// 500: internalServerError
-												Chore: Move ReqContext to contexthandler service (#62102)

* Chore: Move ReqContext to contexthandler service

* Rename package to contextmodel

* Generate ngalert files

* Remove unused imports
											
										
										
											2023-01-27 01:50:36 -06:00
+								func (hs *HTTPServer) GetAnnotationTags(c *contextmodel.ReqContext) response.Response {
-												Annotations: Adds tags endpoint (#36199)

* Annotations: Adds tags endpoint

* Chore: fixes sql  statement

* Refactor: adds count to the api

* Chore: changes after PR comments

* Refactor: changes after PR comments
											
										
										
											2021-06-30 06:42:54 -05:00
+									query := &annotations.TagsQuery{
-												Auth: Unfurl OrgID in pkg/api to allow using identity.Requester interface (#76108)

Unfurl OrgID in pkg/api to allow using identity.Requester interface
											
										
										
											2023-10-06 04:34:36 -05:00
+										OrgID: c.SignedInUser.GetOrgID(),
-												Annotations: Adds tags endpoint (#36199)

* Annotations: Adds tags endpoint

* Chore: fixes sql  statement

* Refactor: adds count to the api

* Chore: changes after PR comments

* Refactor: changes after PR comments
											
										
										
											2021-06-30 06:42:54 -05:00
+										Tag:   c.Query("tag"),
 										Limit: c.QueryInt64("limit"),
 									}
-												Chore: SQL store split for annotations (#55089)

* Chore: SQL store split for annotations

* Apply suggestion from code review
											
										
										
											2022-09-19 02:54:37 -05:00
+									result, err := hs.annotationsRepo.FindTags(c.Req.Context(), query)
-												Annotations: Adds tags endpoint (#36199)

* Annotations: Adds tags endpoint

* Chore: fixes sql  statement

* Refactor: adds count to the api

* Chore: changes after PR comments

* Refactor: changes after PR comments
											
										
										
											2021-06-30 06:42:54 -05:00
+									if err != nil {
-												Grafana: Replace magic number with a constant variable in response status (#80132)

* Chore: Replace response status with const var

* Apply suggestions from code review

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>

* Add net/http import

---------

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
											
										
										
											2024-02-27 10:39:51 -06:00
+										return response.Error(http.StatusInternalServerError, "Failed to find annotation tags", err)
-												Annotations: Adds tags endpoint (#36199)

* Annotations: Adds tags endpoint

* Chore: fixes sql  statement

* Refactor: adds count to the api

* Chore: changes after PR comments

* Refactor: changes after PR comments
											
										
										
											2021-06-30 06:42:54 -05:00
+									}
-												fix status code 200 (#47818)


											
										
										
											2022-04-15 07:01:58 -05:00
+									return response.JSON(http.StatusOK, annotations.GetAnnotationTagsResponse{Result: result})
-												Annotations: Adds tags endpoint (#36199)

* Annotations: Adds tags endpoint

* Chore: fixes sql  statement

* Refactor: adds count to the api

* Chore: changes after PR comments

* Refactor: changes after PR comments
											
										
										
											2021-06-30 06:42:54 -05:00
+								}
-												Access control: FGAC for annotation updates (#46462)

* proposal

* PR feedback

* fix canSave bug

* update scope naming

* linting

* linting

Co-authored-by: Ezequiel Victorero <ezequiel.victorero@grafana.com>
											
										
										
											2022-03-18 11:33:21 -05:00
-												Access Control: Refactor scope resolvers with support to resolve into several scopes (#48202)

* Refactor Scope resolver to support resolving into several scopes

* Change permission evaluator to match at least one of passed scopes
											
										
										
											2022-05-02 02:29:30 -05:00
+								// AnnotationTypeScopeResolver provides an ScopeAttributeResolver able to
-												Access control: FGAC for annotation updates (#46462)

* proposal

* PR feedback

* fix canSave bug

* update scope naming

* linting

* linting

Co-authored-by: Ezequiel Victorero <ezequiel.victorero@grafana.com>
											
										
										
											2022-03-18 11:33:21 -05:00
+								// resolve annotation types. Scope "annotations:id:<id>" will be translated to "annotations:type:<type>,
 								// where <type> is the type of annotation with id <id>.
-												Annotations: Update annotation scope resolver to resolve annotation scopes to dash and folder scopes (#78222)

* update annotation scope resolver to resolve dashboard annotation scopes to dash and folder scopes

* Update annotations.go

remove unwanted changes

* remove unwanted change

* use switch statement
											
										
										
											2023-11-17 03:57:25 -06:00
+								// If annotationPermissionUpdate feature toggle is enabled, dashboard annotation scope will be resolved to the corresponding
 								// dashboard and folder scopes (eg, "dashboards:uid:<annotation_dashboard_uid>", "folders:uid:<parent_folder_uid>" etc).
-												FeatureFlags: Use interface rather than manager (#80000)


											
										
										
											2024-01-09 12:38:06 -06:00
+								func AnnotationTypeScopeResolver(annotationsRepo annotations.Repository, features featuremgmt.FeatureToggles, dashSvc dashboards.DashboardService, folderSvc folder.Service) (string, accesscontrol.ScopeAttributeResolver) {
-												Access Control: Refactor scope resolvers with support to resolve into several scopes (#48202)

* Refactor Scope resolver to support resolving into several scopes

* Change permission evaluator to match at least one of passed scopes
											
										
										
											2022-05-02 02:29:30 -05:00
+									prefix := accesscontrol.ScopeAnnotationsProvider.GetResourceScope("")
 									return prefix, accesscontrol.ScopeAttributeResolverFunc(func(ctx context.Context, orgID int64, initialScope string) ([]string, error) {
-												Access control: FGAC for annotation updates (#46462)

* proposal

* PR feedback

* fix canSave bug

* update scope naming

* linting

* linting

Co-authored-by: Ezequiel Victorero <ezequiel.victorero@grafana.com>
											
										
										
											2022-03-18 11:33:21 -05:00
+										scopeParts := strings.Split(initialScope, ":")
 										if scopeParts[0] != accesscontrol.ScopeAnnotationsRoot || len(scopeParts) != 3 {
-												Access Control: Refactor scope resolvers with support to resolve into several scopes (#48202)

* Refactor Scope resolver to support resolving into several scopes

* Change permission evaluator to match at least one of passed scopes
											
										
										
											2022-05-02 02:29:30 -05:00
+											return nil, accesscontrol.ErrInvalidScope
-												Access control: FGAC for annotation updates (#46462)

* proposal

* PR feedback

* fix canSave bug

* update scope naming

* linting

* linting

Co-authored-by: Ezequiel Victorero <ezequiel.victorero@grafana.com>
											
										
										
											2022-03-18 11:33:21 -05:00
+										}
 										annotationIdStr := scopeParts[2]
 										annotationId, err := strconv.Atoi(annotationIdStr)
 										if err != nil {
-												Access Control: Refactor scope resolvers with support to resolve into several scopes (#48202)

* Refactor Scope resolver to support resolving into several scopes

* Change permission evaluator to match at least one of passed scopes
											
										
										
											2022-05-02 02:29:30 -05:00
+											return nil, accesscontrol.ErrInvalidScope
-												Access control: FGAC for annotation updates (#46462)

* proposal

* PR feedback

* fix canSave bug

* update scope naming

* linting

* linting

Co-authored-by: Ezequiel Victorero <ezequiel.victorero@grafana.com>
											
										
										
											2022-03-18 11:33:21 -05:00
+										}
-												Access control: SQL filtering for annotation listing (#47467)

* pass in user to attribute scope resolver

* add SQL filter to annotation listing

* check annotation FGAC permissions before exposing them for commenting

* remove the requirement to be able to list all annotations from annotation listing endpoint

* adding tests for annotation listing

* remove changes that got moved to a different PR

* unused var

* Update pkg/services/sqlstore/annotation.go

Co-authored-by: Ezequiel Victorero <evictorero@gmail.com>

* remove unneeded check

* remove unneeded check

* undo accidental change

* undo accidental change

* doc update

* move tests

* redo the approach for passing the user in for scope resolution

* accidental change

* cleanup

* error handling

Co-authored-by: Ezequiel Victorero <evictorero@gmail.com>
											
										
										
											2022-04-11 07:18:38 -05:00
+										// tempUser is used to resolve annotation type.
 										// The annotation doesn't get returned to the real user, so real user's permissions don't matter here.
-												Move SignedInUser to user service and RoleType and Roles to org (#53445)

* Move SignedInUser to user service and RoleType and Roles to org

* Use go naming convention for roles

* Fix some imports and leftovers

* Fix ldap debug test

* Fix lint

* Fix lint 2

* Fix lint 3

* Fix type and not needed conversion

* Clean up messages in api tests

* Clean up api tests 2
											
										
										
											2022-08-10 04:56:48 -05:00
+										tempUser := &user.SignedInUser{
-												Chore: Add user service method SetUsingOrg and GetSignedInUserWithCacheCtx (#53343)

* Chore: Add user service method SetUsingOrg

* Chore: Add user service method GetSignedInUserWithCacheCtx

* Use method GetSignedInUserWithCacheCtx from user service

* Fix lint after rebase

* Fix lint

* Fix lint error

* roll back some changes

* Roll back changes in api and middleware

* Add xorm tags to SignedInUser ID fields
											
										
										
											2022-08-11 06:28:55 -05:00
+											OrgID: orgID,
-												Access control: SQL filtering for annotation listing (#47467)

* pass in user to attribute scope resolver

* add SQL filter to annotation listing

* check annotation FGAC permissions before exposing them for commenting

* remove the requirement to be able to list all annotations from annotation listing endpoint

* adding tests for annotation listing

* remove changes that got moved to a different PR

* unused var

* Update pkg/services/sqlstore/annotation.go

Co-authored-by: Ezequiel Victorero <evictorero@gmail.com>

* remove unneeded check

* remove unneeded check

* undo accidental change

* undo accidental change

* doc update

* move tests

* redo the approach for passing the user in for scope resolution

* accidental change

* cleanup

* error handling

Co-authored-by: Ezequiel Victorero <evictorero@gmail.com>
											
										
										
											2022-04-11 07:18:38 -05:00
+											Permissions: map[int64]map[string][]string{
 												orgID: {
-												Access Control: Move dashboard actions and create scope provider (#48618)

* Move dashboard actions and create scope provider
											
										
										
											2022-05-04 09:12:09 -05:00
+													dashboards.ActionDashboardsRead:     {dashboards.ScopeDashboardsAll},
-												Access control: SQL filtering for annotation listing (#47467)

* pass in user to attribute scope resolver

* add SQL filter to annotation listing

* check annotation FGAC permissions before exposing them for commenting

* remove the requirement to be able to list all annotations from annotation listing endpoint

* adding tests for annotation listing

* remove changes that got moved to a different PR

* unused var

* Update pkg/services/sqlstore/annotation.go

Co-authored-by: Ezequiel Victorero <evictorero@gmail.com>

* remove unneeded check

* remove unneeded check

* undo accidental change

* undo accidental change

* doc update

* move tests

* redo the approach for passing the user in for scope resolution

* accidental change

* cleanup

* error handling

Co-authored-by: Ezequiel Victorero <evictorero@gmail.com>
											
										
										
											2022-04-11 07:18:38 -05:00
+													accesscontrol.ActionAnnotationsRead: {accesscontrol.ScopeAnnotationsAll},
 												},
 											},
 										}
-												Annotations: Update annotation scope resolver to resolve annotation scopes to dash and folder scopes (#78222)

* update annotation scope resolver to resolve dashboard annotation scopes to dash and folder scopes

* Update annotations.go

remove unwanted changes

* remove unwanted change

* use switch statement
											
										
										
											2023-11-17 03:57:25 -06:00
+										if features.IsEnabled(ctx, featuremgmt.FlagAnnotationPermissionUpdate) {
 											tempUser = &user.SignedInUser{
 												OrgID: orgID,
 												Permissions: map[int64]map[string][]string{
 													orgID: {
 														accesscontrol.ActionAnnotationsRead: {accesscontrol.ScopeAnnotationsTypeOrganization, dashboards.ScopeDashboardsAll},
 													},
 												},
 											}
 										}
-												Chore: SQL store split for annotations (#55089)

* Chore: SQL store split for annotations

* Apply suggestion from code review
											
										
										
											2022-09-19 02:54:37 -05:00
+										annotation, resp := findAnnotationByID(ctx, annotationsRepo, int64(annotationId), tempUser)
-												Access control: FGAC for annotation updates (#46462)

* proposal

* PR feedback

* fix canSave bug

* update scope naming

* linting

* linting

Co-authored-by: Ezequiel Victorero <ezequiel.victorero@grafana.com>
											
										
										
											2022-03-18 11:33:21 -05:00
+										if resp != nil {
-												Access Control: Refactor scope resolvers with support to resolve into several scopes (#48202)

* Refactor Scope resolver to support resolving into several scopes

* Change permission evaluator to match at least one of passed scopes
											
										
										
											2022-05-02 02:29:30 -05:00
+											return nil, errors.New("could not resolve annotation type")
-												Access control: FGAC for annotation updates (#46462)

* proposal

* PR feedback

* fix canSave bug

* update scope naming

* linting

* linting

Co-authored-by: Ezequiel Victorero <ezequiel.victorero@grafana.com>
											
										
										
											2022-03-18 11:33:21 -05:00
+										}
-												Annotations: Update annotation scope resolver to resolve annotation scopes to dash and folder scopes (#78222)

* update annotation scope resolver to resolve dashboard annotation scopes to dash and folder scopes

* Update annotations.go

remove unwanted changes

* remove unwanted change

* use switch statement
											
										
										
											2023-11-17 03:57:25 -06:00
+										if !features.IsEnabled(ctx, featuremgmt.FlagAnnotationPermissionUpdate) {
 											switch annotation.GetType() {
 											case annotations.Organization:
 												return []string{accesscontrol.ScopeAnnotationsTypeOrganization}, nil
 											case annotations.Dashboard:
 												return []string{accesscontrol.ScopeAnnotationsTypeDashboard}, nil
 											}
 										}
 										if annotation.DashboardID == 0 {
-												Access Control: Refactor scope resolvers with support to resolve into several scopes (#48202)

* Refactor Scope resolver to support resolving into several scopes

* Change permission evaluator to match at least one of passed scopes
											
										
										
											2022-05-02 02:29:30 -05:00
+											return []string{accesscontrol.ScopeAnnotationsTypeOrganization}, nil
-												Access control: FGAC for annotation updates (#46462)

* proposal

* PR feedback

* fix canSave bug

* update scope naming

* linting

* linting

Co-authored-by: Ezequiel Victorero <ezequiel.victorero@grafana.com>
											
										
										
											2022-03-18 11:33:21 -05:00
+										} else {
-												Annotations: Update annotation scope resolver to resolve annotation scopes to dash and folder scopes (#78222)

* update annotation scope resolver to resolve dashboard annotation scopes to dash and folder scopes

* Update annotations.go

remove unwanted changes

* remove unwanted change

* use switch statement
											
										
										
											2023-11-17 03:57:25 -06:00
+											dashboard, err := dashSvc.GetDashboard(ctx, &dashboards.GetDashboardQuery{ID: annotation.DashboardID, OrgID: orgID})
 											if err != nil {
 												return nil, err
 											}
 											scopes := []string{dashboards.ScopeDashboardsProvider.GetResourceScopeUID(dashboard.UID)}
 											// Append dashboard parent scopes if dashboard is in a folder or the general scope if dashboard is not in a folder
 											if dashboard.FolderUID != "" {
 												scopes = append(scopes, dashboards.ScopeFoldersProvider.GetResourceScopeUID(dashboard.FolderUID))
 												inheritedScopes, err := dashboards.GetInheritedScopes(ctx, orgID, dashboard.FolderUID, folderSvc)
 												if err != nil {
 													return nil, err
 												}
 												scopes = append(scopes, inheritedScopes...)
 											} else {
 												scopes = append(scopes, dashboards.ScopeFoldersProvider.GetResourceScopeUID(folder.GeneralFolderUID))
 											}
 											return scopes, nil
-												Access control: FGAC for annotation updates (#46462)

* proposal

* PR feedback

* fix canSave bug

* update scope naming

* linting

* linting

Co-authored-by: Ezequiel Victorero <ezequiel.victorero@grafana.com>
											
										
										
											2022-03-18 11:33:21 -05:00
+										}
-												Access Control: Refactor scope resolvers with support to resolve into several scopes (#48202)

* Refactor Scope resolver to support resolving into several scopes

* Change permission evaluator to match at least one of passed scopes
											
										
										
											2022-05-02 02:29:30 -05:00
+									})
-												Access control: FGAC for annotation updates (#46462)

* proposal

* PR feedback

* fix canSave bug

* update scope naming

* linting

* linting

Co-authored-by: Ezequiel Victorero <ezequiel.victorero@grafana.com>
											
										
										
											2022-03-18 11:33:21 -05:00
+								}
-												Adding FGAC annotations validation for creation and deletion (#46736)

Access Control: Adding FGAC annotations validation for creation and deletion
Co-authored-by: IevaVasiljeva <ieva.vasiljeva@grafana.com>
											
										
										
											2022-03-21 12:28:39 -05:00
-												Chore: Move ReqContext to contexthandler service (#62102)

* Chore: Move ReqContext to contexthandler service

* Rename package to contextmodel

* Generate ngalert files

* Remove unused imports
											
										
										
											2023-01-27 01:50:36 -06:00
+								func (hs *HTTPServer) canCreateAnnotation(c *contextmodel.ReqContext, dashboardId int64) (bool, error) {
-												Annotations: Remove dashboard permission checks for annotations (#78352)

remove checks for access to dashboard if FlagAnnotationPermissionUpdate is enabled
											
										
										
											2023-11-23 04:47:37 -06:00
+									if hs.Features.IsEnabled(c.Req.Context(), featuremgmt.FlagAnnotationPermissionUpdate) {
 										if dashboardId != 0 {
 											evaluator := accesscontrol.EvalPermission(accesscontrol.ActionAnnotationsCreate, dashboards.ScopeDashboardsProvider.GetResourceScope(strconv.FormatInt(dashboardId, 10)))
 											return hs.AccessControl.Evaluate(c.Req.Context(), c.SignedInUser, evaluator)
 										} else { // organization annotations
 											evaluator := accesscontrol.EvalPermission(accesscontrol.ActionAnnotationsCreate, accesscontrol.ScopeAnnotationsTypeOrganization)
 											return hs.AccessControl.Evaluate(c.Req.Context(), c.SignedInUser, evaluator)
 										}
 									}
-												check that the user has RBAC permissions to save dashboard annotation (#47882)


											
										
										
											2022-04-20 02:43:42 -05:00
+									if dashboardId != 0 {
-												RBAC: remove some `IsDisabled` checks (#69272)

* remove some access contorl IsDisabled() checks

* cleaning up tests

* update tests

* linting
											
										
										
											2023-05-31 03:58:57 -05:00
+										evaluator := accesscontrol.EvalPermission(accesscontrol.ActionAnnotationsCreate, accesscontrol.ScopeAnnotationsTypeDashboard)
 										if canSave, err := hs.AccessControl.Evaluate(c.Req.Context(), c.SignedInUser, evaluator); err != nil || !canSave {
 											return canSave, err
-												check that the user has RBAC permissions to save dashboard annotation (#47882)


											
										
										
											2022-04-20 02:43:42 -05:00
+										}
-												Guardian: Introduce additional constructors (#59577)

* Guardian: Use dashboard UID instead of ID

* Apply suggestions from code review

Introduce several guardian constructors and each time use
the most appropriate one.
											
										
										
											2022-12-15 08:34:17 -06:00
-												check that the user has RBAC permissions to save dashboard annotation (#47882)


											
										
										
											2022-04-20 02:43:42 -05:00
+										return canEditDashboard(c, dashboardId)
 									} else { // organization annotations
-												RBAC: remove some `IsDisabled` checks (#69272)

* remove some access contorl IsDisabled() checks

* cleaning up tests

* update tests

* linting
											
										
										
											2023-05-31 03:58:57 -05:00
+										evaluator := accesscontrol.EvalPermission(accesscontrol.ActionAnnotationsCreate, accesscontrol.ScopeAnnotationsTypeOrganization)
 										return hs.AccessControl.Evaluate(c.Req.Context(), c.SignedInUser, evaluator)
-												check that the user has RBAC permissions to save dashboard annotation (#47882)


											
										
										
											2022-04-20 02:43:42 -05:00
+									}
-												Adding FGAC annotations validation for creation and deletion (#46736)

Access Control: Adding FGAC annotations validation for creation and deletion
Co-authored-by: IevaVasiljeva <ieva.vasiljeva@grafana.com>
											
										
										
											2022-03-21 12:28:39 -05:00
+								}
-												Access Control: adding FGAC validation to mass delete annotation endpoint (#46846)

* Access Control: adding FGAC validation to mass delete annotation endpoint
											
										
										
											2022-03-23 16:39:00 -05:00
-												Chore: Move ReqContext to contexthandler service (#62102)

* Chore: Move ReqContext to contexthandler service

* Rename package to contextmodel

* Generate ngalert files

* Remove unused imports
											
										
										
											2023-01-27 01:50:36 -06:00
+								func (hs *HTTPServer) canMassDeleteAnnotations(c *contextmodel.ReqContext, dashboardID int64) (bool, error) {
-												Annotations: Remove dashboard permission checks for annotations (#78352)

remove checks for access to dashboard if FlagAnnotationPermissionUpdate is enabled
											
										
										
											2023-11-23 04:47:37 -06:00
+									if hs.Features.IsEnabled(c.Req.Context(), featuremgmt.FlagAnnotationPermissionUpdate) {
 										if dashboardID == 0 {
 											evaluator := accesscontrol.EvalPermission(accesscontrol.ActionAnnotationsDelete, accesscontrol.ScopeAnnotationsTypeOrganization)
 											return hs.AccessControl.Evaluate(c.Req.Context(), c.SignedInUser, evaluator)
 										} else {
 											evaluator := accesscontrol.EvalPermission(accesscontrol.ActionAnnotationsDelete, dashboards.ScopeDashboardsProvider.GetResourceScope(strconv.FormatInt(dashboardID, 10)))
 											return hs.AccessControl.Evaluate(c.Req.Context(), c.SignedInUser, evaluator)
 										}
 									}
-												Access Control: adding FGAC validation to mass delete annotation endpoint (#46846)

* Access Control: adding FGAC validation to mass delete annotation endpoint
											
										
										
											2022-03-23 16:39:00 -05:00
+									if dashboardID == 0 {
 										evaluator := accesscontrol.EvalPermission(accesscontrol.ActionAnnotationsDelete, accesscontrol.ScopeAnnotationsTypeOrganization)
 										return hs.AccessControl.Evaluate(c.Req.Context(), c.SignedInUser, evaluator)
 									} else {
 										evaluator := accesscontrol.EvalPermission(accesscontrol.ActionAnnotationsDelete, accesscontrol.ScopeAnnotationsTypeDashboard)
 										canSave, err := hs.AccessControl.Evaluate(c.Req.Context(), c.SignedInUser, evaluator)
 										if err != nil || !canSave {
 											return false, err
 										}
-												check that the user has RBAC permissions to save dashboard annotation (#47882)


											
										
										
											2022-04-20 02:43:42 -05:00
+										canSave, err = canEditDashboard(c, dashboardID)
-												Access Control: adding FGAC validation to mass delete annotation endpoint (#46846)

* Access Control: adding FGAC validation to mass delete annotation endpoint
											
										
										
											2022-03-23 16:39:00 -05:00
+										if err != nil || !canSave {
 											return false, err
 										}
 									}
 									return true, nil
 								}
-												Chore: Move swagger definitions to the handlers (#52643)


											
										
										
											2022-07-27 08:54:37 -05:00
 								// swagger:parameters getAnnotationByID
 								type GetAnnotationByIDParams struct {
 									// in:path
 									// required:true
 									AnnotationID string `json:"annotation_id"`
 								}
 								// swagger:parameters deleteAnnotationByID
 								type DeleteAnnotationByIDParams struct {
 									// in:path
 									// required:true
 									AnnotationID string `json:"annotation_id"`
 								}
 								// swagger:parameters getAnnotations
 								type GetAnnotationsParams struct {
 									// Find annotations created after specific epoch datetime in milliseconds.
 									// in:query
 									// required:false
 									From int64 `json:"from"`
 									// Find annotations created before specific epoch datetime in milliseconds.
 									// in:query
 									// required:false
 									To int64 `json:"to"`
 									// Limit response to annotations created by specific user.
 									// in:query
 									// required:false
 									UserID int64 `json:"userId"`
 									// Find annotations for a specified alert.
 									// in:query
 									// required:false
 									AlertID int64 `json:"alertId"`
 									// Find annotations that are scoped to a specific dashboard
 									// in:query
 									// required:false
 									DashboardID int64 `json:"dashboardId"`
 									// Find annotations that are scoped to a specific dashboard
 									// in:query
 									// required:false
 									DashboardUID string `json:"dashboardUID"`
 									// Find annotations that are scoped to a specific panel
 									// in:query
 									// required:false
 									PanelID int64 `json:"panelId"`
 									// Max limit for results returned.
 									// in:query
 									// required:false
 									Limit int64 `json:"limit"`
 									// Use this to filter organization annotations. Organization annotations are annotations from an annotation data source that are not connected specifically to a dashboard or panel. You can filter by multiple tags.
 									// in:query
 									// required:false
 									// type: array
 									// collectionFormat: multi
 									Tags []string `json:"tags"`
 									// Return alerts or user created annotations
 									// in:query
 									// required:false
 									// Description:
 									// * `alert`
 									// * `annotation`
 									// enum: alert,annotation
 									Type string `json:"type"`
 									// Match any or all tags
 									// in:query
 									// required:false
 									MatchAny bool `json:"matchAny"`
 								}
 								// swagger:parameters getAnnotationTags
 								type GetAnnotationTagsParams struct {
 									// Tag is a string that you can use to filter tags.
 									// in:query
 									// required:false
 									Tag string `json:"tag"`
 									// Max limit for results returned.
 									// in:query
 									// required:false
 									// default: 100
 									Limit string `json:"limit"`
 								}
 								// swagger:parameters massDeleteAnnotations
 								type MassDeleteAnnotationsParams struct {
 									// in:body
 									// required:true
 									Body dtos.MassDeleteAnnotationsCmd `json:"body"`
 								}
 								// swagger:parameters postAnnotation
 								type PostAnnotationParams struct {
 									// in:body
 									// required:true
 									Body dtos.PostAnnotationsCmd `json:"body"`
 								}
 								// swagger:parameters postGraphiteAnnotation
 								type PostGraphiteAnnotationParams struct {
 									// in:body
 									// required:true
 									Body dtos.PostGraphiteAnnotationsCmd `json:"body"`
 								}
 								// swagger:parameters updateAnnotation
 								type UpdateAnnotationParams struct {
 									// in:path
 									// required:true
 									AnnotationID string `json:"annotation_id"`
 									// in:body
 									// required:true
 									Body dtos.UpdateAnnotationsCmd `json:"body"`
 								}
 								// swagger:parameters patchAnnotation
 								type PatchAnnotationParams struct {
 									// in:path
 									// required:true
 									AnnotationID string `json:"annotation_id"`
 									// in:body
 									// required:true
 									Body dtos.PatchAnnotationsCmd `json:"body"`
 								}
 								// swagger:response getAnnotationsResponse
 								type GetAnnotationsResponse struct {
 									// The response message
 									// in: body
 									Body []*annotations.ItemDTO `json:"body"`
 								}
 								// swagger:response getAnnotationByIDResponse
 								type GetAnnotationByIDResponse struct {
 									// The response message
 									// in: body
 									Body *annotations.ItemDTO `json:"body"`
 								}
 								// swagger:response postAnnotationResponse
 								type PostAnnotationResponse struct {
 									// The response message
 									// in: body
 									Body struct {
 										// ID Identifier of the created annotation.
 										// required: true
 										// example: 65
 										ID int64 `json:"id"`
 										// Message Message of the created annotation.
 										// required: true
 										Message string `json:"message"`
 									} `json:"body"`
 								}
 								// swagger:response getAnnotationTagsResponse
 								type GetAnnotationTagsResponse struct {
 									// The response message
 									// in: body
 									Body annotations.GetAnnotationTagsResponse `json:"body"`
 								}