IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-15 01:53:33 -06:00
Code Issues Packages Projects Releases Wiki Activity
d62170e4ce
grafana/public/app/core/services/context_srv.ts

264 lines
7.6 KiB
TypeScript
Raw Normal View History

Performance: Standardize lodash imports to use destructured members (#33040) * Performance: Standardize lodash imports to use destructured members Changes lodash imports of the form `import x from 'lodash/x'` to `import { x } from 'lodash'` to reduce bundle size. * Remove unnecessary _ import from Graph component * Enforce lodash import style * Fix remaining lodash imports
2021-04-21 02:38:00 -05:00
import { extend } from 'lodash';
Chore: ESlint import order (#44959) * Add and configure eslint-plugin-import * Fix the lint:ts npm command * Autofix + prettier all the files * Manually fix remaining files * Move jquery code in jest-setup to external file to safely reorder imports * Resolve issue caused by circular dependencies within Prometheus * Update .betterer.results * Fix missing // @ts-ignore * ignore iconBundle.ts * Fix missing // @ts-ignore
2022-04-22 08:33:13 -05:00
Chore: Pass signed `user_hash` to Intercom via Rudderstack (#63921) * move analytics identifiers to backend * implement hash function * grab secret from env * expose and retrieve intercom secret from config * concat email with appUrl to ensure uniqueness * revert to just using email * Revert "revert to just using email" This reverts commit 8f10f9b1bcb6da80c8002cd8e402217cf455634b. * add docstring
2023-03-03 08:39:53 -06:00
import { AnalyticsSettings, OrgRole, rangeUtil, WithAccessControlMetadata } from '@grafana/data';
AccessControl: Add endpoint to get user permissions (#45309) * AccessControl: Add endpoint to get user permissions Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> Co-authored-by: Kalle Persson <kalle.persson@grafana.com> Co-authored-by: Eric Leijonmarck <eric.leijonmarck@gmail.com> Co-authored-by: Alexander Zobnin <alexanderzobnin@gmail.com> * Fix SA tests * Linter is wrong :p * Wait I was wrong * Adding the route for teams:creator too Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> Co-authored-by: Kalle Persson <kalle.persson@grafana.com> Co-authored-by: Eric Leijonmarck <eric.leijonmarck@gmail.com> Co-authored-by: Alexander Zobnin <alexanderzobnin@gmail.com>
2022-02-11 10:40:43 -06:00
import { featureEnabled, getBackendSrv } from '@grafana/runtime';
ClientTokenRotation: Rotate only expired tokens (#74010) * ClientTokenRotation: Rotate only expired tokens * Don't expose getSessionExpiry
2023-08-30 06:43:52 -05:00
import { getSessionExpiry } from 'app/core/utils/auth';
Chore: ESlint import order (#44959) * Add and configure eslint-plugin-import * Fix the lint:ts npm command * Autofix + prettier all the files * Manually fix remaining files * Move jquery code in jest-setup to external file to safely reorder imports * Resolve issue caused by circular dependencies within Prometheus * Update .betterer.results * Fix missing // @ts-ignore * ignore iconBundle.ts * Fix missing // @ts-ignore
2022-04-22 08:33:13 -05:00
import { AccessControlAction, UserPermission } from 'app/types';
Chore: Add type info for grafana boot data (#45322) Co-authored-by: Levente Balogh <balogh.levente.hu@gmail.com>
2022-03-30 04:48:58 -05:00
import { CurrentUserInternal } from 'app/types/config';
Chore: ESlint import order (#44959) * Add and configure eslint-plugin-import * Fix the lint:ts npm command * Autofix + prettier all the files * Manually fix remaining files * Move jquery code in jest-setup to external file to safely reorder imports * Resolve issue caused by circular dependencies within Prometheus * Update .betterer.results * Fix missing // @ts-ignore * ignore iconBundle.ts * Fix missing // @ts-ignore
2022-04-22 08:33:13 -05:00
import config from '../../core/config';
feat(prefs): moved context srv to typescript
2016-04-03 07:27:35 -05:00
Dashboards: Support an auto refresh interval that is based on the query range (#70479)
2023-06-26 11:46:23 -05:00
// When set to auto, the interval will be based on the query range
// NOTE: this is defined here rather than TimeSrv so we avoid circular dependencies
export const AutoRefreshInterval = 'auto';
Preferences: Add theme preference to match system theme (#61986) * user essentials mob! :trident: lastFile:pkg/api/preferences.go * user essentials mob! :trident: * user essentials mob! :trident: lastFile:packages/grafana-data/src/types/config.ts * user essentials mob! :trident: lastFile:public/app/core/services/echo/utils.test.ts * user essentials mob! :trident: * user essentials mob! :trident: lastFile:public/views/index-template.html * user essentials mob! :trident: * Restore currentUser.lightTheme for backwards compat * fix types * Apply suggestions from code review Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com> * cleanup * cleanup --------- Co-authored-by: Ashley Harrison <ashley.harrison@grafana.com> Co-authored-by: Joao Silva <joao.silva@grafana.com> Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
2023-01-30 03:51:51 -06:00
export class User implements Omit<CurrentUserInternal, 'lightTheme'> {
Chore: Add type info for grafana boot data (#45322) Co-authored-by: Levente Balogh <balogh.levente.hu@gmail.com>
2022-03-30 04:48:58 -05:00
isSignedIn: boolean;
teams: remov permission select for non admin users
2019-03-12 07:46:52 -05:00
id: number;
Echo: mechanism for collecting custom events lazily (#20365) * Introduce Echo for collecting frontend metrics * Update public/app/core/services/echo/Echo.ts Co-Authored-By: Peter Holmberg <peterholmberg@users.noreply.github.com> * Custom meta when adding event * Rename consumer to backend * Remove buffer from Echo * Minor tweaks * Update package.json * Update public/app/app.ts * Update public/app/app.ts * Collect paint metrics when collecting tti. Remove echoBackendFactory * Update yarn.lock * Move Echo interfaces to runtime * progress on meta and echo * Collect meta analytics events * Move MetaanalyticsBackend to enterprise repo * Fixed unit tests * Removed unused type from test * Fixed issues with chunk loading (reverted index-template changes) * Restored changes * Fixed webpack prod
2019-12-05 01:30:39 -06:00
login: string;
Chore: Add type info for grafana boot data (#45322) Co-authored-by: Levente Balogh <balogh.levente.hu@gmail.com>
2022-03-30 04:48:58 -05:00
email: string;
name: string;
Analytics: Identify users to Rudderstack by externalUserId where available (#47325) * wip * tests * move util, fix test * fixes * Update public/app/core/services/echo/utils.ts Co-authored-by: kay delaney <45561153+kaydelaney@users.noreply.github.com> Co-authored-by: kay delaney <45561153+kaydelaney@users.noreply.github.com>
2022-04-05 10:41:22 -05:00
externalUserId: string;
Preferences: Add theme preference to match system theme (#61986) * user essentials mob! :trident: lastFile:pkg/api/preferences.go * user essentials mob! :trident: * user essentials mob! :trident: lastFile:packages/grafana-data/src/types/config.ts * user essentials mob! :trident: lastFile:public/app/core/services/echo/utils.test.ts * user essentials mob! :trident: * user essentials mob! :trident: lastFile:public/views/index-template.html * user essentials mob! :trident: * Restore currentUser.lightTheme for backwards compat * fix types * Apply suggestions from code review Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com> * cleanup * cleanup --------- Co-authored-by: Ashley Harrison <ashley.harrison@grafana.com> Co-authored-by: Joao Silva <joao.silva@grafana.com> Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
2023-01-30 03:51:51 -06:00
theme: string;
Reactify sidebar (#13091) * created react component and moved markdown * extracting components * Broke out parts into components * tests * Flattened file structure * Tests * made instances typed in test * typing * function instead of variable * updated user model with missing properties * added full set of properties to user mock * redone from variable to function * refactor: minor refactorings of #13091 * removed logging
2018-09-04 10:24:08 -05:00
orgCount: number;
Chore: Add type info for grafana boot data (#45322) Co-authored-by: Levente Balogh <balogh.levente.hu@gmail.com>
2022-03-30 04:48:58 -05:00
orgId: number;
orgName: string;
orgRole: OrgRole | '';
isGrafanaAdmin: boolean;
gravatarUrl: string;
feat(templating): progress on variable system refactoring, #6048
2016-09-19 04:34:08 -05:00
timezone: string;
Chore: Add type info for grafana boot data (#45322) Co-authored-by: Levente Balogh <balogh.levente.hu@gmail.com>
2022-03-30 04:48:58 -05:00
weekStart: string;
locale: string;
Internationalization: Change locale preference to language (#58359) * backend locale -> language * frontend locale -> language * sample.ini and tests * fix few last locale -> language * fix few last locale -> language
2022-11-22 06:18:34 -06:00
language: string;
ux(getting started): progress on getting started panel and persited help flag states, #6466
2016-11-09 03:41:39 -06:00
helpFlags1: number;
dashboard: show save as button if can edit and has edit permission to folders
2018-04-30 08:38:46 -05:00
hasEditPermissionInFolders: boolean;
Access control: expose permissions to the frontend (#32954) * Expose user permissions to the frontend * Do not include empty scope * Extend ContextSrv with hasPermission() method * Add access control types * Fix type error (make permissions optional) * Fallback if access control disabled * Move UserPermission to types * Simplify hasPermission()
2021-04-16 08:02:16 -05:00
permissions?: UserPermission;
Chore: Pass signed `user_hash` to Intercom via Rudderstack (#63921) * move analytics identifiers to backend * implement hash function * grab secret from env * expose and retrieve intercom secret from config * concat email with appUrl to ensure uniqueness * revert to just using email * Revert "revert to just using email" This reverts commit 8f10f9b1bcb6da80c8002cd8e402217cf455634b. * add docstring
2023-03-03 08:39:53 -06:00
analytics: AnalyticsSettings;
Chore: Add type info for grafana boot data (#45322) Co-authored-by: Levente Balogh <balogh.levente.hu@gmail.com>
2022-03-30 04:48:58 -05:00
fiscalYearStartMonth: number;
ClientTokenRotation: Don't rotate session cookie for authproxy (#72496) * ClientTokenRotation: Don't rotate session cookie for authproxy * Account for config option auth.proxy enable_login_token * Limit amount of changes on devenv * Fix tests by moving authenticatedBy up * Uncomment nginx conf
2023-07-28 08:32:58 -05:00
authenticatedBy: string;
feat(prefs): moved context srv to typescript
2016-04-03 07:27:35 -05:00
constructor() {
Chore: Reduces strict errors (#33012) * Chore: reduces strict error in OptionPicker tests * Chore: reduces strict errors in FormDropdownCtrl * Chore: reduces has no initializer and is not definitely assigned in the constructor errors * Chore: reduces has no initializer and is not definitely assigned in the constructor errors * Chore: lowers strict count limit * Tests: updates snapshots * Tests: updates snapshots * Chore: updates after PR comments * Refactor: removes throw and changes signature for DashboardSrv.getCurrent
2021-04-15 07:21:06 -05:00
this.id = 0;
this.isGrafanaAdmin = false;
this.isSignedIn = false;
this.orgRole = '';
this.orgId = 0;
this.orgName = '';
this.login = '';
Analytics: Identify users to Rudderstack by externalUserId where available (#47325) * wip * tests * move util, fix test * fixes * Update public/app/core/services/echo/utils.ts Co-authored-by: kay delaney <45561153+kaydelaney@users.noreply.github.com> Co-authored-by: kay delaney <45561153+kaydelaney@users.noreply.github.com>
2022-04-05 10:41:22 -05:00
this.externalUserId = '';
Chore: Reduces strict errors (#33012) * Chore: reduces strict error in OptionPicker tests * Chore: reduces strict errors in FormDropdownCtrl * Chore: reduces has no initializer and is not definitely assigned in the constructor errors * Chore: reduces has no initializer and is not definitely assigned in the constructor errors * Chore: lowers strict count limit * Tests: updates snapshots * Tests: updates snapshots * Chore: updates after PR comments * Refactor: removes throw and changes signature for DashboardSrv.getCurrent
2021-04-15 07:21:06 -05:00
this.orgCount = 0;
this.timezone = '';
Add fiscal years and search to time picker (#39073) * Add search to time picker * implement fiscal datemath Co-authored-by: Dominik Prokop <dominik.prokop@grafana.com>
2021-09-30 02:40:02 -05:00
this.fiscalYearStartMonth = 0;
Chore: Reduces strict errors (#33012) * Chore: reduces strict error in OptionPicker tests * Chore: reduces strict errors in FormDropdownCtrl * Chore: reduces has no initializer and is not definitely assigned in the constructor errors * Chore: reduces has no initializer and is not definitely assigned in the constructor errors * Chore: lowers strict count limit * Tests: updates snapshots * Tests: updates snapshots * Chore: updates after PR comments * Refactor: removes throw and changes signature for DashboardSrv.getCurrent
2021-04-15 07:21:06 -05:00
this.helpFlags1 = 0;
Preferences: Add theme preference to match system theme (#61986) * user essentials mob! :trident: lastFile:pkg/api/preferences.go * user essentials mob! :trident: * user essentials mob! :trident: lastFile:packages/grafana-data/src/types/config.ts * user essentials mob! :trident: lastFile:public/app/core/services/echo/utils.test.ts * user essentials mob! :trident: * user essentials mob! :trident: lastFile:public/views/index-template.html * user essentials mob! :trident: * Restore currentUser.lightTheme for backwards compat * fix types * Apply suggestions from code review Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com> * cleanup * cleanup --------- Co-authored-by: Ashley Harrison <ashley.harrison@grafana.com> Co-authored-by: Joao Silva <joao.silva@grafana.com> Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
2023-01-30 03:51:51 -06:00
this.theme = 'dark';
Chore: Reduces strict errors (#33012) * Chore: reduces strict error in OptionPicker tests * Chore: reduces strict errors in FormDropdownCtrl * Chore: reduces has no initializer and is not definitely assigned in the constructor errors * Chore: reduces has no initializer and is not definitely assigned in the constructor errors * Chore: lowers strict count limit * Tests: updates snapshots * Tests: updates snapshots * Chore: updates after PR comments * Refactor: removes throw and changes signature for DashboardSrv.getCurrent
2021-04-15 07:21:06 -05:00
this.hasEditPermissionInFolders = false;
Chore: Add type info for grafana boot data (#45322) Co-authored-by: Levente Balogh <balogh.levente.hu@gmail.com>
2022-03-30 04:48:58 -05:00
this.email = '';
this.name = '';
this.locale = '';
Internationalization: Change locale preference to language (#58359) * backend locale -> language * frontend locale -> language * sample.ini and tests * fix few last locale -> language * fix few last locale -> language
2022-11-22 06:18:34 -06:00
this.language = '';
Chore: Add type info for grafana boot data (#45322) Co-authored-by: Levente Balogh <balogh.levente.hu@gmail.com>
2022-03-30 04:48:58 -05:00
this.weekStart = '';
this.gravatarUrl = '';
Chore: Pass signed `user_hash` to Intercom via Rudderstack (#63921) * move analytics identifiers to backend * implement hash function * grab secret from env * expose and retrieve intercom secret from config * concat email with appUrl to ensure uniqueness * revert to just using email * Revert "revert to just using email" This reverts commit 8f10f9b1bcb6da80c8002cd8e402217cf455634b. * add docstring
2023-03-03 08:39:53 -06:00
this.analytics = {
identifier: '',
};
ClientTokenRotation: Don't rotate session cookie for authproxy (#72496) * ClientTokenRotation: Don't rotate session cookie for authproxy * Account for config option auth.proxy enable_login_token * Limit amount of changes on devenv * Fix tests by moving authenticatedBy up * Uncomment nginx conf
2023-07-28 08:32:58 -05:00
this.authenticatedBy = '';
Chore: Add type info for grafana boot data (#45322) Co-authored-by: Levente Balogh <balogh.levente.hu@gmail.com>
2022-03-30 04:48:58 -05:00
feat(prefs): moved context srv to typescript
2016-04-03 07:27:35 -05:00
if (config.bootData.user) {
Performance: Standardize lodash imports to use destructured members (#33040) * Performance: Standardize lodash imports to use destructured members Changes lodash imports of the form `import x from 'lodash/x'` to `import { x } from 'lodash'` to reduce bundle size. * Remove unnecessary _ import from Graph component * Enforce lodash import style * Fix remaining lodash imports
2021-04-21 02:38:00 -05:00
extend(this, config.bootData.user);
feat(prefs): moved context srv to typescript
2016-04-03 07:27:35 -05:00
}
}
}
export class ContextSrv {
user: User;
Chore: more any/type assertion improvements (#57450) * more friday any/type assertion improvements * Apply suggestions from code review Co-authored-by: Marcus Andersson <marcus.andersson@grafana.com> * Update public/app/angular/promiseToDigest.test.ts Co-authored-by: Marcus Andersson <marcus.andersson@grafana.com> Co-authored-by: Marcus Andersson <marcus.andersson@grafana.com>
2022-10-25 04:04:35 -05:00
isSignedIn: boolean;
isGrafanaAdmin: boolean;
isEditor: boolean;
sidemenu: responsive sidemenu view for smallest breakpoint For the smallest breakpoint, expands the sidemenu to be width 100% and to be toggled on or off rather than visible all the time.
2017-12-04 05:37:00 -06:00
sidemenuSmallBreakpoint = false;
dashboard: show save as button if can edit and has edit permission to folders
2018-04-30 08:38:46 -05:00
hasEditPermissionInFolders: boolean;
Dashboard: Adds support for a global minimum dashboard refresh interval (#19416) This feature would provide a way for administrators to limit the minimum dashboard refresh interval globally. Filters out the refresh intervals available in the time picker that are lower than the set minimum refresh interval in the configuration .ini file Adds the minimum refresh interval as available in the time picker. If the user tries to enter a refresh interval that is lower than the minimum in the URL, defaults to the minimum interval. When trying to update the JSON via the API, rejects the update if the dashboard's refresh interval is lower than the minimum. When trying to update a dashboard via provisioning having a lower refresh interval than the minimum, defaults to the minimum interval and logs a warning. Fixes #3356 Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
2020-02-28 07:32:01 -06:00
minRefreshInterval: string;
feat(prefs): moved context srv to typescript
2016-04-03 07:27:35 -05:00
Auth: Add feature flag to move token rotation to client (#65060) * FeatureToggle: Add toggle to use a new way of rotating tokens * API: Add endpoints to perform token rotation, one endpoint for api request and one endpoint for redirectsd * Auth: Aling not authorized handling between auth middleware and access control middleware * API: add utility function to get redirect for login * API: Handle token rotation redirect for login page * Frontend: Add job scheduling for token rotation and make call to token rotation as fallback in retry request * ContextHandler: Prevent in-request rotation if feature flag is enabled and check if token needs to be rotated * AuthN: Prevent in-request rotation if feature flag is enabled and check if token needs to be rotated * Cookies: Add option NotHttpOnly * AuthToken: Add helper function to get next rotation time and another function to check if token need to be rotated * AuthN: Add function to delete session cookie and set expiry cookie Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
2023-03-23 08:39:04 -05:00
private tokenRotationJobId = 0;
feat(prefs): moved context srv to typescript
2016-04-03 07:27:35 -05:00
constructor() {
fix(): fixed failing unit test
2016-04-03 09:12:43 -05:00
if (!config.bootData) {
Navigation: share logic between `buildBreadcrumbs` and `usePageTitle` (#58819) * simplify usePageTitle logic a bit * use buildBreadcrumbs logic in usePageTitle * always add home item to navTree, fix some tests * fix remaining unit tests
2022-11-22 10:48:07 -06:00
config.bootData = { user: {}, settings: {}, navTree: [] } as any;
fix(): fixed failing unit test
2016-04-03 09:12:43 -05:00
}
feat(prefs): moved context srv to typescript
2016-04-03 07:27:35 -05:00
this.user = new User();
this.isSignedIn = this.user.isSignedIn;
this.isGrafanaAdmin = this.user.isGrafanaAdmin;
prettier: change to single quoting
2017-12-20 05:33:33 -06:00
this.isEditor = this.hasRole('Editor') || this.hasRole('Admin');
dashboard: show save as button if can edit and has edit permission to folders
2018-04-30 08:38:46 -05:00
this.hasEditPermissionInFolders = this.user.hasEditPermissionInFolders;
Dashboard: Adds support for a global minimum dashboard refresh interval (#19416) This feature would provide a way for administrators to limit the minimum dashboard refresh interval globally. Filters out the refresh intervals available in the time picker that are lower than the set minimum refresh interval in the configuration .ini file Adds the minimum refresh interval as available in the time picker. If the user tries to enter a refresh interval that is lower than the minimum in the URL, defaults to the minimum interval. When trying to update the JSON via the API, rejects the update if the dashboard's refresh interval is lower than the minimum. When trying to update a dashboard via provisioning having a lower refresh interval than the minimum, defaults to the minimum interval and logs a warning. Fixes #3356 Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
2020-02-28 07:32:01 -06:00
this.minRefreshInterval = config.minRefreshInterval;
Auth: Add feature flag to move token rotation to client (#65060) * FeatureToggle: Add toggle to use a new way of rotating tokens * API: Add endpoints to perform token rotation, one endpoint for api request and one endpoint for redirectsd * Auth: Aling not authorized handling between auth middleware and access control middleware * API: add utility function to get redirect for login * API: Handle token rotation redirect for login page * Frontend: Add job scheduling for token rotation and make call to token rotation as fallback in retry request * ContextHandler: Prevent in-request rotation if feature flag is enabled and check if token needs to be rotated * AuthN: Prevent in-request rotation if feature flag is enabled and check if token needs to be rotated * Cookies: Add option NotHttpOnly * AuthToken: Add helper function to get next rotation time and another function to check if token need to be rotated * AuthN: Add function to delete session cookie and set expiry cookie Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
2023-03-23 08:39:04 -05:00
Authn: client token rotation schedule (#72809) * ClientTokenRotation: Only rotate the token if we have a session expiry time * ContextSrv: Remove guard
2023-08-04 03:58:56 -05:00
this.scheduleTokenRotationJob();
feat(prefs): moved context srv to typescript
2016-04-03 07:27:35 -05:00
}
AccessControl: Add endpoint to get user permissions (#45309) * AccessControl: Add endpoint to get user permissions Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> Co-authored-by: Kalle Persson <kalle.persson@grafana.com> Co-authored-by: Eric Leijonmarck <eric.leijonmarck@gmail.com> Co-authored-by: Alexander Zobnin <alexanderzobnin@gmail.com> * Fix SA tests * Linter is wrong :p * Wait I was wrong * Adding the route for teams:creator too Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> Co-authored-by: Kalle Persson <kalle.persson@grafana.com> Co-authored-by: Eric Leijonmarck <eric.leijonmarck@gmail.com> Co-authored-by: Alexander Zobnin <alexanderzobnin@gmail.com>
2022-02-11 10:40:43 -06:00
async fetchUserPermissions() {
try {
AccessControl: Remove legacy frontend AC checks (#76187) * remove legacy ac checks * fix RBAC disabled tests * add permissions for tests to work * fix unifiedalertstatesworker test
2023-10-09 11:10:06 -05:00
this.user.permissions = await getBackendSrv().get('/api/access-control/user/actions', {
reloadcache: true,
});
AccessControl: Add endpoint to get user permissions (#45309) * AccessControl: Add endpoint to get user permissions Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> Co-authored-by: Kalle Persson <kalle.persson@grafana.com> Co-authored-by: Eric Leijonmarck <eric.leijonmarck@gmail.com> Co-authored-by: Alexander Zobnin <alexanderzobnin@gmail.com> * Fix SA tests * Linter is wrong :p * Wait I was wrong * Adding the route for teams:creator too Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> Co-authored-by: Kalle Persson <kalle.persson@grafana.com> Co-authored-by: Eric Leijonmarck <eric.leijonmarck@gmail.com> Co-authored-by: Alexander Zobnin <alexanderzobnin@gmail.com>
2022-02-11 10:40:43 -06:00
} catch (e) {
console.error(e);
}
}
Dashboard: Ignore changes to dashboard when the user session expires (#30897) When the user session expires, and the 401 triggers a page reload to get the user to the login page, ChangeTracker will interfer. By setting the user as logged out in the context when the session is timed out, we can ignore the changes in ChangeTracker.
2021-02-04 08:29:38 -06:00
/**
* Indicate the user has been logged out
*/
setLoggedOut() {
Auth: Add feature flag to move token rotation to client (#65060) * FeatureToggle: Add toggle to use a new way of rotating tokens * API: Add endpoints to perform token rotation, one endpoint for api request and one endpoint for redirectsd * Auth: Aling not authorized handling between auth middleware and access control middleware * API: add utility function to get redirect for login * API: Handle token rotation redirect for login page * Frontend: Add job scheduling for token rotation and make call to token rotation as fallback in retry request * ContextHandler: Prevent in-request rotation if feature flag is enabled and check if token needs to be rotated * AuthN: Prevent in-request rotation if feature flag is enabled and check if token needs to be rotated * Cookies: Add option NotHttpOnly * AuthToken: Add helper function to get next rotation time and another function to check if token need to be rotated * AuthN: Add function to delete session cookie and set expiry cookie Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
2023-03-23 08:39:04 -05:00
this.cancelTokenRotationJob();
Dashboard: Ignore changes to dashboard when the user session expires (#30897) When the user session expires, and the 401 triggers a page reload to get the user to the login page, ChangeTracker will interfer. By setting the user as logged out in the context when the session is timed out, we can ignore the changes in ChangeTracker.
2021-02-04 08:29:38 -06:00
this.user.isSignedIn = false;
this.isSignedIn = false;
Auth: Add feature flag to move token rotation to client (#65060) * FeatureToggle: Add toggle to use a new way of rotating tokens * API: Add endpoints to perform token rotation, one endpoint for api request and one endpoint for redirectsd * Auth: Aling not authorized handling between auth middleware and access control middleware * API: add utility function to get redirect for login * API: Handle token rotation redirect for login page * Frontend: Add job scheduling for token rotation and make call to token rotation as fallback in retry request * ContextHandler: Prevent in-request rotation if feature flag is enabled and check if token needs to be rotated * AuthN: Prevent in-request rotation if feature flag is enabled and check if token needs to be rotated * Cookies: Add option NotHttpOnly * AuthToken: Add helper function to get next rotation time and another function to check if token need to be rotated * AuthN: Add function to delete session cookie and set expiry cookie Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
2023-03-23 08:39:04 -05:00
window.location.reload();
Dashboard: Ignore changes to dashboard when the user session expires (#30897) When the user session expires, and the 401 triggers a page reload to get the user to the login page, ChangeTracker will interfer. By setting the user as logged out in the context when the session is timed out, we can ignore the changes in ChangeTracker.
2021-02-04 08:29:38 -06:00
}
Chore: Fixed no implicit any Typescript errors (#16799)
2019-04-28 02:58:12 -05:00
hasRole(role: string) {
Allow non-FGAC fallback to server admin role (#42175)
2021-11-30 17:26:05 -06:00
if (role === 'ServerAdmin') {
return this.isGrafanaAdmin;
} else {
return this.user.orgRole === role;
}
feat(prefs): moved context srv to typescript
2016-04-03 07:27:35 -05:00
}
AccessControl: introduce a different accesscontrol check (licensed or not) (#44777) Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
2022-02-03 09:27:53 -06:00
licensedAccessControlEnabled(): boolean {
AccessControl: Remove legacy frontend AC checks (#76187) * remove legacy ac checks * fix RBAC disabled tests * add permissions for tests to work * fix unifiedalertstatesworker test
2023-10-09 11:10:06 -05:00
return featureEnabled('accesscontrol');
Add new role picker to admin/users page (#40631) * Very simple role picker * Style radio button * Separate component for the built-in roles selector * Custom component instead of Select * refactor * Custom input for role picker * Refactor * Able to select built-in role * Add checkboxes for role selector * Filter out fixed and internal roles * Add action buttons * Implement role search * Fix selecting roles * Pass custom roles to update * User role picker * Some UX work on role picker * Clear search query on close * Blur input when closed * Add roles counter * Refactor * Add disabled state for picker * Adjust disabled styles * Replace ChangeOrgButton with role picker on admin/users page * Remove unused code * Apply suggestions from code review Suggestions from the @Clarity-89 Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com> * Refactor: fix some errors after applying review suggestions * Show fixed roles in the picker * Show applied fixed roles * Fix role counter * Fix checkbox selection * Use specific Role type for menu options * Fix menu when roles list is empty * Fix radio button name * Make fixed roles from built-in role disabled * Make whole menu scrollable * Add BuiltInRole type * Simplify appliedRoles * Simplify options and props * Do not select and disable inherited fixed roles * Enable selecting fixed role * Add description tooltip * Fix role param name * Export common input styles from grafana/ui * Add ValueContainer * Use value container * Refactor appliedRoles logic * Optimise role rendering * Display selected roles * Fix tooltip position * Use OrgRole type * Optimise role rendering * Use radio button from grafana UI * Submenu WIP * Role picker submenu WIP * Hide role description * Tweak styles * Implement submenu selection * Disable role selection if it's inherited * Show new role picker only in Enterprise * Fix types * Use orgid when fetching/updating roles * Use orgId in all access control requests * Styles for partially checked checkbox * Tweak group option styles * Role picker menu: refactor * Reorganize roles in menu * Fix input behaviour * Hide groups on search * Remove unused components * Refactor * Fix group selection * Remove icons from role tags * Add spacing for menu sections * Rename clear all to clear in submenu * Tweak menu width * Show changes in the input when selecting roles * Exclude inherited roles from selection * Increase menu height * Change built-in role in input on select * Include inherited roles to the built-in role selection * refcator import * Refactor role picker to be able to pass roles and builtin roles getters * Add role picker to the org users page * Show inherited builtin roles in the popup * Filter out managed roles * Fix displaying initial builtin roles * Show tooltip only for non-builtin roles * Set min width for focused input * Do not disable inherited roles (by design) * Only show picker if access control enabled * Fix tests * Only close menu on click outside or on indicator click * Open submenu on hover * Don't search on empty query * Do not open/close menu on click * Refactor * Apply suggestions from code review Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com> * Fix formatting * Apply suggestions * Add more space for close menu sign * Tune tooltip styles * Move tooltip to the right side of option * Use info sign instead of question Co-authored-by: Clarity-89 <homes89@ukr.net> Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>
2021-11-17 09:22:40 -06:00
}
AccessControl: Add accesscontrol metadata to datasources DTOs (#42675) * AccessControl: Provide scope to frontend * Covering datasources with accesscontrol metadata * Write benchmark tests for GetResourcesMetadata * Add accesscontrol util and interface * Add the hasPermissionInMetadata function in the frontend access control code * Use IsDisabled rather that performing a feature toggle check Co-authored-by: Karl Persson <kalle.persson@grafana.com>
2021-12-15 05:08:15 -06:00
// Checks whether user has required permission
hasPermissionInMetadata(action: AccessControlAction | string, object: WithAccessControlMetadata): boolean {
return !!object.accessControl?.[action];
}
Access control: expose permissions to the frontend (#32954) * Expose user permissions to the frontend * Do not include empty scope * Extend ContextSrv with hasPermission() method * Add access control types * Fix type error (make permissions optional) * Fallback if access control disabled * Move UserPermission to types * Simplify hasPermission()
2021-04-16 08:02:16 -05:00
// Checks whether user has required permission
Access control: Move enterprise-specific access control actions (#33781) * Access control: add reporting permissions * Move enterprise-specific access control actions
2021-05-06 08:28:38 -05:00
hasPermission(action: AccessControlAction | string): boolean {
Access control: Make Admin/Users UI working with the permissions (#33176) * API: authorize admin/users views * Render admin/users components based on user's permissions * Add LDAP permissions (required by admin/user page) * Extend default admin role by LDAP permissions * Show/hide LDAP debug views * Render LDAP debug page if user has access * Authorize LDAP debug view * fix permissions definitions * Add LDAP page permissions * remove ambiguous permissions check * Hide logout buttons in sessions table * Add org/users permissions * Use org permissions for managing user roles in orgs * Apply permissions to org/users * Apply suggestions from review * Fix tests * remove scopes from the frontend * Tweaks according to review * Handle /invites endpoints
2021-04-22 05:19:41 -05:00
return !!this.user.permissions?.[action];
Access control: expose permissions to the frontend (#32954) * Expose user permissions to the frontend * Do not include empty scope * Extend ContextSrv with hasPermission() method * Add access control types * Fix type error (make permissions optional) * Fallback if access control disabled * Move UserPermission to types * Simplify hasPermission()
2021-04-16 08:02:16 -05:00
}
suppress refresh when user is inactive (#7219)
2017-01-11 12:46:34 -06:00
isGrafanaVisible() {
AccessControl: frontend changes for adding FGAC to licensing (#39484) * refactor licenseURL function to use context and export permission evaluation fction * remove provisioning file * refactor licenseURL to take in a bool to avoid circular dependencies * remove function for appending nav link, as it was only used once and move the function to create admin node * better argument names * create a function for permission checking * extend permission checking when displaying server stats * enable the use of enterprise access control actions when evaluating permissions * import ordering * move licensing FGAC action definitions to models package to allow access from oss * move evaluatePermissions for routes to context serve * change permission evaluator to take in more permissions * move licensing FGAC actions again to appease wire * avoid index out of bounds issue in case no children are passed in when creating server admin node * simplify syntax for permission checking Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com> * update loading state for server stats * linting * more linting * fix test * fix a frontend test * update "licensing.reports:read" action naming * UI doesn't allow reading only licensing reports and not the rest of licensing info Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>
2021-10-05 08:54:26 -05:00
return document.visibilityState === undefined || document.visibilityState === 'visible';
suppress refresh when user is inactive (#7219)
2017-01-11 12:46:34 -06:00
}
Dashboard: Adds support for a global minimum dashboard refresh interval (#19416) This feature would provide a way for administrators to limit the minimum dashboard refresh interval globally. Filters out the refresh intervals available in the time picker that are lower than the set minimum refresh interval in the configuration .ini file Adds the minimum refresh interval as available in the time picker. If the user tries to enter a refresh interval that is lower than the minimum in the URL, defaults to the minimum interval. When trying to update the JSON via the API, rejects the update if the dashboard's refresh interval is lower than the minimum. When trying to update a dashboard via provisioning having a lower refresh interval than the minimum, defaults to the minimum interval and logs a warning. Fixes #3356 Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
2020-02-28 07:32:01 -06:00
// checks whether the passed interval is longer than the configured minimum refresh rate
isAllowedInterval(interval: string) {
Dashboards: Support an auto refresh interval that is based on the query range (#70479)
2023-06-26 11:46:23 -05:00
if (!config.minRefreshInterval || interval === AutoRefreshInterval) {
Dashboard: Adds support for a global minimum dashboard refresh interval (#19416) This feature would provide a way for administrators to limit the minimum dashboard refresh interval globally. Filters out the refresh intervals available in the time picker that are lower than the set minimum refresh interval in the configuration .ini file Adds the minimum refresh interval as available in the time picker. If the user tries to enter a refresh interval that is lower than the minimum in the URL, defaults to the minimum interval. When trying to update the JSON via the API, rejects the update if the dashboard's refresh interval is lower than the minimum. When trying to update a dashboard via provisioning having a lower refresh interval than the minimum, defaults to the minimum interval and logs a warning. Fixes #3356 Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
2020-02-28 07:32:01 -06:00
return true;
}
RangeUtils: migrate logic from kbn to grafana/data (#27347)
2020-09-03 01:54:06 -05:00
return rangeUtil.intervalToMs(interval) >= rangeUtil.intervalToMs(config.minRefreshInterval);
Dashboard: Adds support for a global minimum dashboard refresh interval (#19416) This feature would provide a way for administrators to limit the minimum dashboard refresh interval globally. Filters out the refresh intervals available in the time picker that are lower than the set minimum refresh interval in the configuration .ini file Adds the minimum refresh interval as available in the time picker. If the user tries to enter a refresh interval that is lower than the minimum in the URL, defaults to the minimum interval. When trying to update the JSON via the API, rejects the update if the dashboard's refresh interval is lower than the minimum. When trying to update a dashboard via provisioning having a lower refresh interval than the minimum, defaults to the minimum interval and logs a warning. Fixes #3356 Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
2020-02-28 07:32:01 -06:00
}
getValidInterval(interval: string) {
if (!this.isAllowedInterval(interval)) {
return config.minRefreshInterval;
}
return interval;
}
Explore: Decouple TimeSrv from Explore (#73559)
2023-09-04 08:08:52 -05:00
getValidIntervals(intervals: string[]): string[] {
if (this.minRefreshInterval) {
return intervals.filter((str) => str !== '').filter(this.isAllowedInterval);
}
return intervals;
}
Added function hasAccessToExplore in ContextSrv and refactored tests
2019-01-21 03:50:34 -06:00
hasAccessToExplore() {
AccessControl: Remove legacy frontend AC checks (#76187) * remove legacy ac checks * fix RBAC disabled tests * add permissions for tests to work * fix unifiedalertstatesworker test
2023-10-09 11:10:06 -05:00
return this.hasPermission(AccessControlAction.DataSourcesExplore) && config.exploreEnabled;
Added function hasAccessToExplore in ContextSrv and refactored tests
2019-01-21 03:50:34 -06:00
}
AccessControl: frontend changes for adding FGAC to licensing (#39484) * refactor licenseURL function to use context and export permission evaluation fction * remove provisioning file * refactor licenseURL to take in a bool to avoid circular dependencies * remove function for appending nav link, as it was only used once and move the function to create admin node * better argument names * create a function for permission checking * extend permission checking when displaying server stats * enable the use of enterprise access control actions when evaluating permissions * import ordering * move licensing FGAC action definitions to models package to allow access from oss * move evaluatePermissions for routes to context serve * change permission evaluator to take in more permissions * move licensing FGAC actions again to appease wire * avoid index out of bounds issue in case no children are passed in when creating server admin node * simplify syntax for permission checking Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com> * update loading state for server stats * linting * more linting * fix test * fix a frontend test * update "licensing.reports:read" action naming * UI doesn't allow reading only licensing reports and not the rest of licensing info Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>
2021-10-05 08:54:26 -05:00
Chore: remove legacy ac fallback from the route registration (#74464) remove legacy ac fallback from the routes
2023-09-06 10:57:22 -05:00
// evaluates access control permissions, granting access if the user has any of them
evaluatePermission(actions: string[]) {
AccessControl: frontend changes for adding FGAC to licensing (#39484) * refactor licenseURL function to use context and export permission evaluation fction * remove provisioning file * refactor licenseURL to take in a bool to avoid circular dependencies * remove function for appending nav link, as it was only used once and move the function to create admin node * better argument names * create a function for permission checking * extend permission checking when displaying server stats * enable the use of enterprise access control actions when evaluating permissions * import ordering * move licensing FGAC action definitions to models package to allow access from oss * move evaluatePermissions for routes to context serve * change permission evaluator to take in more permissions * move licensing FGAC actions again to appease wire * avoid index out of bounds issue in case no children are passed in when creating server admin node * simplify syntax for permission checking Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com> * update loading state for server stats * linting * more linting * fix test * fix a frontend test * update "licensing.reports:read" action naming * UI doesn't allow reading only licensing reports and not the rest of licensing info Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>
2021-10-05 08:54:26 -05:00
if (actions.some((action) => this.hasPermission(action))) {
return [];
}
// Hack to reject when user does not have permission
return ['Reject'];
}
Auth: Add feature flag to move token rotation to client (#65060) * FeatureToggle: Add toggle to use a new way of rotating tokens * API: Add endpoints to perform token rotation, one endpoint for api request and one endpoint for redirectsd * Auth: Aling not authorized handling between auth middleware and access control middleware * API: add utility function to get redirect for login * API: Handle token rotation redirect for login page * Frontend: Add job scheduling for token rotation and make call to token rotation as fallback in retry request * ContextHandler: Prevent in-request rotation if feature flag is enabled and check if token needs to be rotated * AuthN: Prevent in-request rotation if feature flag is enabled and check if token needs to be rotated * Cookies: Add option NotHttpOnly * AuthToken: Add helper function to get next rotation time and another function to check if token need to be rotated * AuthN: Add function to delete session cookie and set expiry cookie Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
2023-03-23 08:39:04 -05:00
// schedules a job to perform token ration in the background
private scheduleTokenRotationJob() {
AuthN: Fix url token auth when clientTokenRotation is enabled (#71073) * ContextSrv: No longer try to rotate token if we are using auth_token in url Also extract the logic to check if we should schedule the job into its own function
2023-07-05 10:08:49 -05:00
// check if we can schedula the token rotation job
if (this.canScheduleRotation()) {
Auth: Add feature flag to move token rotation to client (#65060) * FeatureToggle: Add toggle to use a new way of rotating tokens * API: Add endpoints to perform token rotation, one endpoint for api request and one endpoint for redirectsd * Auth: Aling not authorized handling between auth middleware and access control middleware * API: add utility function to get redirect for login * API: Handle token rotation redirect for login page * Frontend: Add job scheduling for token rotation and make call to token rotation as fallback in retry request * ContextHandler: Prevent in-request rotation if feature flag is enabled and check if token needs to be rotated * AuthN: Prevent in-request rotation if feature flag is enabled and check if token needs to be rotated * Cookies: Add option NotHttpOnly * AuthToken: Add helper function to get next rotation time and another function to check if token need to be rotated * AuthN: Add function to delete session cookie and set expiry cookie Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
2023-03-23 08:39:04 -05:00
// get the time token is going to expire
ClientTokenRotation: Rotate only expired tokens (#74010) * ClientTokenRotation: Rotate only expired tokens * Don't expose getSessionExpiry
2023-08-30 06:43:52 -05:00
let expires = getSessionExpiry();
Auth: Add feature flag to move token rotation to client (#65060) * FeatureToggle: Add toggle to use a new way of rotating tokens * API: Add endpoints to perform token rotation, one endpoint for api request and one endpoint for redirectsd * Auth: Aling not authorized handling between auth middleware and access control middleware * API: add utility function to get redirect for login * API: Handle token rotation redirect for login page * Frontend: Add job scheduling for token rotation and make call to token rotation as fallback in retry request * ContextHandler: Prevent in-request rotation if feature flag is enabled and check if token needs to be rotated * AuthN: Prevent in-request rotation if feature flag is enabled and check if token needs to be rotated * Cookies: Add option NotHttpOnly * AuthToken: Add helper function to get next rotation time and another function to check if token need to be rotated * AuthN: Add function to delete session cookie and set expiry cookie Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
2023-03-23 08:39:04 -05:00
// because this job is scheduled for every tab we have open that shares a session we try
// to distribute the scheduling of the job. For now this can be between 1 and 20 seconds
const expiresWithDistribution = expires - Math.floor(Math.random() * (20 - 1) + 1);
// nextRun is when the job should be scheduled for
let nextRun = expiresWithDistribution * 1000 - Date.now();
// @ts-ignore
this.tokenRotationJobId = setTimeout(() => {
// if we have a new expiry time from the expiry cookie another tab have already performed the rotation
// so the only thing we need to do is reschedule the job and exit
ClientTokenRotation: Rotate only expired tokens (#74010) * ClientTokenRotation: Rotate only expired tokens * Don't expose getSessionExpiry
2023-08-30 06:43:52 -05:00
if (getSessionExpiry() > expires) {
Auth: Add feature flag to move token rotation to client (#65060) * FeatureToggle: Add toggle to use a new way of rotating tokens * API: Add endpoints to perform token rotation, one endpoint for api request and one endpoint for redirectsd * Auth: Aling not authorized handling between auth middleware and access control middleware * API: add utility function to get redirect for login * API: Handle token rotation redirect for login page * Frontend: Add job scheduling for token rotation and make call to token rotation as fallback in retry request * ContextHandler: Prevent in-request rotation if feature flag is enabled and check if token needs to be rotated * AuthN: Prevent in-request rotation if feature flag is enabled and check if token needs to be rotated * Cookies: Add option NotHttpOnly * AuthToken: Add helper function to get next rotation time and another function to check if token need to be rotated * AuthN: Add function to delete session cookie and set expiry cookie Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
2023-03-23 08:39:04 -05:00
this.scheduleTokenRotationJob();
return;
}
this.rotateToken().then();
}, nextRun);
}
}
AuthN: Fix url token auth when clientTokenRotation is enabled (#71073) * ContextSrv: No longer try to rotate token if we are using auth_token in url Also extract the logic to check if we should schedule the job into its own function
2023-07-05 10:08:49 -05:00
private canScheduleRotation() {
// skip if user is not signed in, this happens on login page or when using anonymous auth
if (!this.isSignedIn) {
return false;
}
// skip if feature toggle is not enabled
if (!config.featureToggles.clientTokenRotation) {
return false;
}
Authn: client token rotation schedule (#72809) * ClientTokenRotation: Only rotate the token if we have a session expiry time * ContextSrv: Remove guard
2023-08-04 03:58:56 -05:00
// skip if there is no session to rotate
// if a user has a session but not yet a session expiry cookie, can happen during upgrade
// from an older version of grafana, we never schedule the job and the fallback logic
// in backend_srv will take care of rotations until first rotation has been made and
// page has been reloaded.
ClientTokenRotation: Rotate only expired tokens (#74010) * ClientTokenRotation: Rotate only expired tokens * Don't expose getSessionExpiry
2023-08-30 06:43:52 -05:00
if (getSessionExpiry() === 0) {
Auth: Don't rotate session cookie from frontend for JWT Auth (#72744) Skip client token rotation for JWT auth
2023-08-03 02:18:44 -05:00
return false;
}
AuthN: Fix url token auth when clientTokenRotation is enabled (#71073) * ContextSrv: No longer try to rotate token if we are using auth_token in url Also extract the logic to check if we should schedule the job into its own function
2023-07-05 10:08:49 -05:00
return true;
}
Auth: Add feature flag to move token rotation to client (#65060) * FeatureToggle: Add toggle to use a new way of rotating tokens * API: Add endpoints to perform token rotation, one endpoint for api request and one endpoint for redirectsd * Auth: Aling not authorized handling between auth middleware and access control middleware * API: add utility function to get redirect for login * API: Handle token rotation redirect for login page * Frontend: Add job scheduling for token rotation and make call to token rotation as fallback in retry request * ContextHandler: Prevent in-request rotation if feature flag is enabled and check if token needs to be rotated * AuthN: Prevent in-request rotation if feature flag is enabled and check if token needs to be rotated * Cookies: Add option NotHttpOnly * AuthToken: Add helper function to get next rotation time and another function to check if token need to be rotated * AuthN: Add function to delete session cookie and set expiry cookie Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
2023-03-23 08:39:04 -05:00
private cancelTokenRotationJob() {
if (config.featureToggles.clientTokenRotation && this.tokenRotationJobId > 0) {
clearTimeout(this.tokenRotationJobId);
}
}
private rotateToken() {
// We directly use fetch here to bypass the request queue from backendSvc
AuthN: Make clientTokenRotation work when Grafana is accessible on a sub url (#69385) Fix clientTokenRotation for auth-proxy
2023-06-01 10:06:00 -05:00
return fetch(config.appSubUrl + '/api/user/auth-tokens/rotate', { method: 'POST' })
Auth: Add feature flag to move token rotation to client (#65060) * FeatureToggle: Add toggle to use a new way of rotating tokens * API: Add endpoints to perform token rotation, one endpoint for api request and one endpoint for redirectsd * Auth: Aling not authorized handling between auth middleware and access control middleware * API: add utility function to get redirect for login * API: Handle token rotation redirect for login page * Frontend: Add job scheduling for token rotation and make call to token rotation as fallback in retry request * ContextHandler: Prevent in-request rotation if feature flag is enabled and check if token needs to be rotated * AuthN: Prevent in-request rotation if feature flag is enabled and check if token needs to be rotated * Cookies: Add option NotHttpOnly * AuthToken: Add helper function to get next rotation time and another function to check if token need to be rotated * AuthN: Add function to delete session cookie and set expiry cookie Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
2023-03-23 08:39:04 -05:00
.then((res) => {
if (res.status === 200) {
this.scheduleTokenRotationJob();
return;
}
if (res.status === 401) {
this.setLoggedOut();
return;
}
})
.catch((e) => {
console.error(e);
});
}
feat(prefs): moved context srv to typescript
2016-04-03 07:27:35 -05:00
}
Dashboard: Unsaved changes warning shown for anyone that can save (#33145) * Dashboard: Unsaved changes warning shown for anyone that can save * Refactor: changes the order in function
2021-04-20 02:55:46 -05:00
let contextSrv = new ContextSrv();
tech: ran pretttier on all typescript files
2017-12-19 09:06:54 -06:00
export { contextSrv };
feat(prefs): moved context srv to typescript
2016-04-03 07:27:35 -05:00
Dashboard: Unsaved changes warning shown for anyone that can save (#33145) * Dashboard: Unsaved changes warning shown for anyone that can save * Refactor: changes the order in function
2021-04-20 02:55:46 -05:00
export const setContextSrv = (override: ContextSrv) => {
if (process.env.NODE_ENV !== 'test') {
Chore: Add type info for grafana boot data (#45322) Co-authored-by: Levente Balogh <balogh.levente.hu@gmail.com>
2022-03-30 04:48:58 -05:00
throw new Error('contextSrv can be only overridden in test environment');
Dashboard: Unsaved changes warning shown for anyone that can save (#33145) * Dashboard: Unsaved changes warning shown for anyone that can save * Refactor: changes the order in function
2021-04-20 02:55:46 -05:00
}
contextSrv = override;
};
Reference in New Issue Copy Permalink