* Configure SkipOrgRoleSync from OAuthInfo
* Remove skipOrgRoleSync from socialbase and connectors
* Add test to socialimpl.ProvideService
* Deprecate AuthSettings' fields
* clean up misleading init of frontendsettings.Auth
* Move errors to error file
* Move check for both empty username and email to user service
* Move check for empty email and username to user service Update
* Wrap inner error
* Set username in test
* lock down server admin role updates on the frontend if the user is externally synced
* add tests
* lock Grafana Server admin role updates from the backend
* rename variables
* check that the user has auth info
* add LDAP to providers for which Grafana Server admin role can be synced
* linting
* fix: disable orgrolepicker if externaluser is synced
* add disable to role picker
* just took me 2 hours to center the icon
* wip
* fix: check externallySyncedUser for API call
* remove check from store
* add: tests
* refactor authproxy and made tests run
* add: feature toggle
* set feature toggle for tests
* add: IsProviderEnabled
* refactor: featuretoggle name
* IsProviderEnabled tests
* add specific tests for isProviderEnabled
* fix: org_user tests
* add: owner to featuretoggle
* add missing authlabels
* remove fmt
* feature toggle
* change config
* add test for a different authmodule
* test refactor
* gen feature toggle again
* fix basic auth user able to change the org role
* test for basic auth role
* make err.base to error
* lowered lvl of log and input mesg
* Setting: Remove global DisableLoginForm and add it to cfg
* Setting: Remove unused BasicAuthEnabled global
* Setting: Remove global OAuthAutoLogin and use from cfg
* Setting: Remove global AnonymousEnabled
* Setting: Remove global values for AuthProxy settings
* Chore: Move team models to models pkg
* Fix ACL tests
* More ACL tests
* Change Id to ID in conflict user command test
* Remove team from models
* Fix ac test lint
* fix: email and username trimming and invitation validation
* Trim leading and trailing whitespaces from email and username on signup
* Check whether the provided email address is the same as where the invitation sent
* Align tests
Co-authored-by: Mihaly Gyongyosi <mgyongyosi@users.noreply.github.com>
* Chore: Remove GetUserByEmail and GetUserByLogin from sqlstore
Rename GetUserProfile to GetProfile
* Fix lint
* Skip test for mysql
* Add missing method to sqlstore mock
* UserService: update callers to use the UserService instead of calling sqlstore directly
There is one major change hiding in this PR. UserService.Delete originally called a number of services to delete user-related records. I moved everything except the actual call to the user table, and moved those into the API. This was done to avoid dependencies cycles; many of our services depend on the user service, so the user service itself should have as few dependencies as possible.
* Chore: Add user service method SetUsingOrg
* Chore: Add user service method GetSignedInUserWithCacheCtx
* Use method GetSignedInUserWithCacheCtx from user service
* Fix lint after rebase
* Fix lint
* Fix lint error
* roll back some changes
* Roll back changes in api and middleware
* Add xorm tags to SignedInUser ID fields
* Move SignedInUser to user service and RoleType and Roles to org
* Use go naming convention for roles
* Fix some imports and leftovers
* Fix ldap debug test
* Fix lint
* Fix lint 2
* Fix lint 3
* Fix type and not needed conversion
* Clean up messages in api tests
* Clean up api tests 2
* Only SLO user if the user is using SAML
* only one source of truth for auth module info
* ensure SAML is also enabled and not only SLO
* move auth module naming to auth module login package
* use constants in other previously unused spots
* Add wrapper around sqlstore method GetUserByLogin
* Use new method from user service
* Fix lint
* Fix lint 2
* fix middleware basic auth test
* Fix grafana login returning a user by login
* Remove GetUserByLogin from store interface
* Merge commit
* Remove user from preferences, stars, orguser, team member
* Fix lint
* Add Delete user from org and dashboard acl
* Delete user from user auth
* Add DeleteUser to quota
* Add test files and adjust user auth store
* Rename package in wire for user auth
* Import Quota Service interface in other services
* do the same in tests
* fix lint tests
* Fix tests
* Add some tests
* Rename InsertUser and DeleteUser to InsertOrgUser and DeleteOrgUser
* Rename DeleteUser to DeleteByUser in quota
* changing a method name in few additional places
* Fix in other places
* Fix lint
* Fix tests
* Chore: Split Delete User method
* Add fakes for userauth
* Add mock for access control Delete User permossion, use interface
* Use interface for ream guardian
* Add simple fake for dashboard acl
* Add go routines, clean up, use interfaces
* fix lint
* Update pkg/services/user/userimpl/user_test.go
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Update pkg/services/user/userimpl/user_test.go
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Update pkg/services/user/userimpl/user_test.go
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Split get user by ID
* Use new method in api
* Add tests
* Aplly emthod in auth info service
* Fix lint and some tests
* Fix get user by ID
* Fix lint
Remove unused fakes
* Use split get user id in admin users
* Use GetbyID in cli commands
* Clean up after merge
* Remove commented out code
* Clena up imports
* add back )
* Fix wire generation for runner after merge with main
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Move user not found err to user service
* User ErrCaseInsensitive from user pkg
* User ErrUserAlreadyExists from user pkg
* User ErrLastGrafanaAdmin from user pkg
* Remove errors from model
* Split Create User
* Use new create user and User from package user
* Add service to wire
* Making create user work
* Replace user from user pkg
* One more
* Move Insert to orguser Service/Store
* Remove unnecessary conversion
* Cleaunp
* Fix Get User and add fakes
* Fixing get org id for user logic, adding fakes and other adjustments
* Add some tests for ourguser service and store
* Fix insert org logic
* Add comment about deprecation
* Fix after merge with main
* Move orguser service/store to org service/store
* Remove orguser from wire
* Unimplement new Create user and use User from pkg user
* Fix wire generation
* Fix lint
* Fix lint - use only User and CrateUserCommand from user pkg
* Remove User and CreateUserCommand from models
* Fix lint 2
* add case insensitive option
* treat id as case insensitive
* Users: Add integration tests for case insensitive querying
* Prefer config struct to global variable
* change key to case_insensitive_login
* impede conflicting users from logging in
* add tests for impeding user retrieval if conflicting
* nits and picks
Co-authored-by: gamab <gabi.mabs@gmail.com>
* Add check in transaction for conflicting user
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* add update tests
* skip on mysql
* add custom messages for user admin view
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* nit: extra else
* linting mistake
Co-authored-by: gamab <gabi.mabs@gmail.com>
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* update action names
* correctly retrieve teams for signed in user
* remove test
* undo swagger changes
* undo swagger changes pt2
* add migration from old action names to the new ones
* rename from list to read
* linting
* also update alertign actions
* fix migration
* Add option to set ResourceAttribute for a permissions service
* Use prefix in access control sql filter to parse scopes
* Use prefix in access control metadata to check access
* AccessControl: Add endpoint to get user permissions
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
Co-authored-by: Kalle Persson <kalle.persson@grafana.com>
Co-authored-by: Eric Leijonmarck <eric.leijonmarck@gmail.com>
Co-authored-by: Alexander Zobnin <alexanderzobnin@gmail.com>
* Fix SA tests
* Linter is wrong :p
* Wait I was wrong
* Adding the route for teams:creator too
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
Co-authored-by: Kalle Persson <kalle.persson@grafana.com>
Co-authored-by: Eric Leijonmarck <eric.leijonmarck@gmail.com>
Co-authored-by: Alexander Zobnin <alexanderzobnin@gmail.com>
* Chore: Remove bus from user api
* Adu authinfoservice interface
* User authinfoservice.Service instead of authinfoservice.Implementation in HTTPServer
* Rename Implementation to authInfoService
* AccessControl: Add user metadata to user detail view
* AccessControl: Do not present delete or disable buttons based on ac metadata in admin/users
* AccessControl: do not allow password changing or user editing without permission
* AccessControl: Fetch global:users scope for admin
* AccessControl: optimize org.user metadata fetch
* Chore: early return if ac metadata is not available
* Chore: Refactor api handlers to use web.Bind
* fix comments
* fix comment
* trying to fix most of the tests and force routing.Wrap type check
* fix library panels tests
* fix frontend logging tests
* allow passing nil as a response to skip writing
* return nil instead of the response
* rewrite login handler function types
* remove handlerFuncCtx
* make linter happy
* remove old bindings from the libraryelements
* restore comments