* OAuth: Add strict role mapping
By default the user is assigned the role Viewer if role_attribute_path
doesn't return a role, which is not always desirable. This commit adds a
strict mode, which deny the user access if a role isn't returned.
Fix#26626
* Update docs/sources/auth/generic-oauth.md
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* Update docs/sources/auth/generic-oauth.md
* Update .gitignore file with WAN
* Removed WAN from .gitignore
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
Co-authored-by: achatterjee-grafana <aparajita.chatterjee@grafana.com>
* CDN: Initial poc support for serving assets over a CDN
* Minor fix
* added build path and test
* fix lint error
* Added edition to cdn path
* Move master builds to a separate path
* Added error handling for the url parsing, changed setting name, and added docs
* Updated sample.ini
* Some property renames
* updated
* Minor update to html
* index template improvements
* Update docs/sources/administration/configuration.md
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
* Update docs/sources/administration/configuration.md
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
* Added ContentDeliveryPrefix to Licence service
* updated docs
* Updated test mock
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
* SQLStore: customise the limit of retrieved datasources per organisation
* update all suggestions regarding nil or 0 as default
* Apply suggestions from code review
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* correct default.ini description + adding unittest
* Apply suggestions from code review
Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>
* modify unittest name
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>
* Add an option to hide certain users in the UI
* revert changes for admin users routes
* fix sqlstore function name
* Improve slice management
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* Hidden users: convert slice to map
* filter with user logins instead of IDs
* put HiddenUsers in Cfg struct
* hide hidden users from dashboards/folders permissions list
* Update conf/defaults.ini
Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
* fix params order
* fix tests
* fix dashboard/folder update with hidden user
* add team tests
* add dashboard and folder permissions tests
* fixes after merge
* fix tests
* API: add test for org users endpoints
* update hidden users management for dashboard / folder permissions
* improve dashboard / folder permissions tests
* fixes after merge
* Guardian: add hidden acl tests
* API: add team members tests
* fix team sql syntax for postgres
* api tests update
* fix linter error
* fix tests errors after merge
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
Co-authored-by: Leonard Gram <leo@xlson.com>
* expire with existng cleanup service
* expire with new temp user service
* make Drone happy :)
* add expiry status
* remove other approach
* cleanup
* add test for idempotency
* add migration from datetime to unix ts
* update cmd names
* change lifetime config to duration
* remove unnecessart formatting
* add comment
* update docs
* remove max bound and introduce min error
* simplify sql
* remove comment
* allow any outstanding to exist for at least 24 hours
* revert created ts change
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* add extra state check to cleanup step
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Add a default timezone that the administrator can set in the settings.
This setting is be used as default for the users timezone preference.
Can be used when creating Grafana instances without administrator
intervention, in order to give user the correct default timezone.
Fixes#25654
Allows login_maximum_inactive_lifetime_duration and
login_maximum_lifetime_duration to be configured using
time.Duration-compatible values while retaining backward compatibility.
Fixes#17554
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Enables creating signed URLs when uploading images to Google Cloud Storage.
By using signed urls, not only is the public URL expiration configurable but the
images in the bucket are not publicly accessible.
Fixes#26773
Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
* Add support for local time formats in graph panel
* Enfore 24h format for backward compatibility
* Use existing Intl.DateTimeFormatOptions
* Pre-generate time scale, add tests
* Move localTimeFormat, add local format to units
* updated default fallback
* #25602, use navigator.languages to enforce locale in formatting
* Making options
* Worked new system settings
* things are working
* Local browser time formats working
* Support parsing dates in different formats
* settings updated
* Settings starting to work
* Fixed graph issue
* Logs fix
* refactored settings a bit
* Updated and name change
* Progress
* Changed config names
* Updated
* Updated
* Updated test
* Synced description
* fixed ts issue
* Added version notice
* Ts fix
* Updated heatmap and test
* Updated snapshot
* Updated
* fixed ts issue
* Fixes
Co-authored-by: Alex Shpak <alex-shpak@users.noreply.github.com>
60s can be too short if the oauth provider is slow
for some reason and its defintly too slow if the
OAuth provider requires 2FA.
Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
For backend data sources executing in the backend (not through data proxy) make
sure that the timeout applies to cached HTTP client.
Fixes#25863
Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
* Settings: Add setting for hiding version number for anonymous users
Fixes#12925
* Hide version string from footer when unavailable
* Settings: Test frontend settings with hide version for anonymous users
* Settings: Add hide version variable to frontend settings
* Make AnonymousHideVersion non-global
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
* Settings: Improve test neighbor friendliness, reset state before and after
* Settings: Use T.Cleanup
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
grafana-plugin-model is legacy and is replaced by new backend
plugins SDK and architecture. Renderer is not part of SDK and
we want to keep it that way for now since it's highly unlikely there
will be more than one kind of renderer plugin.
So this PR adds support for renderer plugin v2.
Also adds support sending a Device Scale Factor parameter to the
plugin v2 remote rendering service and by that replaces #22474.
Adds support sending a Headers parameter to the plugin v2 and
remote rendering service which for now only include
Accect-Language header (the user locale in browser when using
Grafana), ref grafana/grafana-image-renderer#45.
Fixes health check json details response.
Adds image renderer plugin configuration settings in defaults.ini
and sample.ini.
Co-Authored-By: Arve Knudsen <arve.knudsen@gmail.com>
* Add integration with Jeager
Add Jaeger datasource and modify derived fields in loki to allow for opening a trace in Jager in separate split.
Modifies build so that this branch docker images are pushed to docker hub
Add a traceui dir with docker-compose and provision files for demoing.:wq
* Enable docker logger plugin to send logs to loki
* Add placeholder zipkin datasource
* Fixed rebase issues, added enhanceDataFrame to non-legacy code path
* Trace selector for jaeger query field
* Fix logs default mode for Loki
* Fix loading jaeger query field services on split
* Updated grafana image in traceui/compose file
* Fix prettier error
* Hide behind feature flag, clean up unused code.
* Fix tests
* Fix tests
* Cleanup code and review feedback
* Remove traceui directory
* Remove circle build changes
* Fix feature toggles object
* Fix merge issues
* Add trace ui in Explore
* WIP
* WIP
* WIP
* Make jaeger datasource return trace data instead of link
* Allow js in jest tests
* Return data from Jaeger datasource
* Take yarn.lock from master
* Fix missing component
* Update yarn lock
* Fix some ts and lint errors
* Fix merge
* Fix type errors
* Make tests pass again
* Add tests
* Fix es5 compatibility
* Add header with minimap
* Fix sizing issue due to column resizer handle
* Fix issues with sizing, search functionality, duplicate react, tests
* Refactor TraceView component, fix tests
* Fix type errors
* Add dark theme styling
* Add tests for hooks
* More color changes
* Fix tests to deal with additional theme wrappers.
* Add memoization
* Fix duplicate identifier
Co-authored-by: David Kaltschmidt <david.kaltschmidt@gmail.com>