Merge branch 'master' into docs_v5.0

CHANGELOG.md

@@ -1,4 +1,6 @@
-# 5.0.0 (unreleased / master branch)
+# 5.0.0-beta2 (unrelased)
+
+# 5.0.0-beta1 (2018-02-05)
 
 Grafana v5.0 is going to be the biggest and most foundational release Grafana has ever had, coming with a ton of UX improvements, a new dashboard grid engine, dashboard folders, user teams and permissions. Checkout out this [video preview](https://www.youtube.com/watch?v=BC_YRNpqj5k) of Grafana v5.
 
@@ -9,6 +11,7 @@ Grafana v5.0 is going to be the biggest and most foundational release Grafana ha
 - **Templating**: Vertical repeat direction for panel repeats.
 - **UX**: Major update to page header and navigation
 - **Dashboard settings**: Combine dashboard settings views into one with side menu, [#9750](https://github.com/grafana/grafana/issues/9750)
+- **Persistent dashboard url's**: New url's for dashboards that allows renaming dashboards without breaking links. [#7883](https://github.com/grafana/grafana/issues/7883)
 
 ## Breaking changes
 
@@ -19,7 +22,7 @@ From `/etc/grafana/datasources` to `/etc/grafana/provisioning/datasources` when
 * **Pagerduty** The notifier now defaults to not auto resolve incidents. More details at [#10222](https://github.com/grafana/grafana/issues/10222)
 
 * **HTTP API**
-- `GET /api/alerts` property dashboardUri renamed to url and is now the full url (that is including app sub url). 
+  - `GET /api/alerts` property dashboardUri renamed to url and is now the full url (that is including app sub url).
 
 ## New Dashboard Grid
 

docs/sources/administration/permissions.md

@@ -102,6 +102,17 @@ Permissions for a dashboard:
 - `user1 Can Admin (inherited from parent folder)`
 - `user1 Can Edit`
 
-
 Result: You cannot override to a lower permission. `user1` has Admin permission as the highest permission always wins.
+
 - **View**: Can only view existing dashboars/folders.
+- You cannot override permissions for users with **Org Admin Role**
+- A more specific permission with lower permission level will not have any effect if a more general rule exists with higher permission level. For example if "Everyone with Editor Role Can Edit" exists in the ACL list then **John Doe** will still have Edit permission even after you have specifically added a permission for this user with the permission set to **View**. You need to remove or lower the permission level of the more general rule.
+
+### Data source permissions
+
+Permissions on dashboards and folders **do not** include permissions on data sources. A user with `Viewer` role
+can still issue any possible query to a data source, not just those queries that exist on dashboards he/she has access to.
+We hope to add permissions on data sources in a future release. Until then **do not** view dashboard permissions as a secure
+way to restrict user data access. Dashboard permissions only limits what dashboards & folders a user can view & edit not which
+data sources a user can access nor what queries a user can issue.
+

docs/sources/guides/whats-new-in-v5.md

@@ -12,6 +12,8 @@ weight = -6
 
 # What's New in Grafana v5.0
 
+> Out in beta: [Download now!](https://www.youtube.com/watch?v=Izr0IBgoTZQ)
+
 This is the most substantial update that Grafana has ever seen. This article will detail the major new features and enhancements.
 
 - [New Dashboard Layout Engine]({{< relref "#new-dashboard-layout-engine" >}}) enables a much easier drag, drop and resize experience and new types of layouts.
@@ -85,7 +87,11 @@ We hope to do more with teams in future releases like integration with LDAP and
 
 {{< docs-imagebox img="/img/docs/v50/folder_permissions.png" max-width="1000px" class="docs-image--right" >}}
 
-You can assign permissions to folders and dashboards. The default user role-based permissions can be removed and replaced with specific teams or users enabling more control over what a user can see and edit.
+You can assign permissions to folders and dashboards. The default user role-based permissions can be removed and
+replaced with specific teams or users enabling more control over what a user can see and edit.
+
+Dashboard permissions only limits what dashboards & folders a user can view & edit not which
+data sources a user can access nor what queries a user can issue.
 
 <div class="clearfix"></div>
 
@@ -111,10 +117,17 @@ in sync with dashboards in Grafana's database. The dashboard provisioner has mul
 which makes it possible to star them, use one as the home dashboard, set permissions and other features in Grafana that
 expects the dashboards to exist in the database. More info in the [dashboard provisioning docs](/administration/provisioning/#dashboards)
 
-# Dashboard model & API
+# Dashboard model, new url structure & API changes
 
-We are introducing a new identifier (`uid`) in the dashboard JSON model. The new identifier will be a 9-12 character long unique id.
-We are also changing the route for getting dashboards to use this `uid` instead of the slug that the current route and API are using.
-We will keep supporting the old route for backward compatibility. This will make it possible to change the title on dashboards without breaking links.
-Sharing dashboards between instances becomes much easier since the uid is unique (unique enough). This might seem like a small change,
-but we are incredibly excited about it since it will make it much easier to manage, collaborate and navigate between dashboards.
+We are introducing a new unique identifier (`uid`) in the dashboard JSON model. It's automatically
+generated if not provided when creating a dashboard and will have a length of 9-12 characters.
+
+The unique identifier allows having consistent URL's for accessing dashboards and sharing them
+between instances. The new routes and API's for accessing dashboards will use the `uid` instead
+of the `slug`. We'll keep supporting the old routes for accessing dashboards for backward
+compatibility, but please note that we'll deprecate the old slug-based routes in the future.
+This means that changing the title of dashboards will not break any bookmarked links.
+
+Sharing dashboards between instances becomes much easier since the `uid` is unique (unique enough).
+This might seem like a small change, but we are incredibly excited about it since it will make it
+much easier to manage, collaborate and navigate between dashboards.