* Fix dashboard alert and nootifier migration for MySQL
* Fix POSTing Alertmanager configuration if no current configuration exists
in case the default configuration has not be stored yet
or has failed to get stored
* Change CreatedAt field type
* [Alerting]: forbid viewers for updating rules if viewers can edit
check for CanSave instead of CanEdit
* Clear ngalert tables when deleting the folder
* Apply suggestions from code review
* Log failure to check save permission
Co-authored-by: gotjosh <josue@grafana.com>
Rules/notifications/etc migration will now be activated with feature flag alone.
When the feature flag is enabled dashboard alerts are migrated into the system.
When the feature flag is removed, all migrated and newly created alerts in the new system are deleted.
makes it so the feature flag can be turned on off, and the migration will be cleared and rerun. All existing NG alert rules, configuration settings, etc are removed when disabling the feature flag.
for https://github.com/grafana/alerting-squad/issues/142
Co-authored-by: Sofia Papagiannaki <sofia@grafana.com>
* add isolation level db configuration parameter
* add isolation_level to default.ini and sample.ini
* add note that only mysql supports isolation levels for now
* mention isolation_level in the documentation
* Update docs/sources/administration/configuration.md
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
* use a common way to redact sensitive values before logging them
* fix panic on missing testCase.err, simplify require checks
* fix a silly typo
* combine readConfig and buildConnectionString methods, as they are closely related
Convert SQL data sources to return data frames.
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
Co-authored-by: Will Browne <will.browne@grafana.com>
Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com>
* Quota: Extend service to set limit on alerts
* Add test for applying quota to alert rules
* Apply suggestions from code review
Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
* Get used alert quota only if naglert is enabled
* Set alert limit to zero if nglalert is not enabled
Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
* Not complete, put migration behind env flag for now:
UALERT_MIG=iDidBackup
* Important to backup, and not expect the same DB to keep working until the env trigger is removed.
* Alerting: Migrate dashboard alert permissions
* Do not use imported models
* Change folder titles
Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>
* [Alerting]: Use title instead of slug for retrieving the namespace
* Apply suggestions from code review
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Add special check for generic oauth case
* Converted from Convey to testify
* Fix according to reviewer's comments
* More changes according to reviewer's comments
* Handle error if user is not found
* Move generic oauth test from user_test.go to user_auth_test.go
* Update pkg/services/sqlstore/user_auth_test.go
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* Created genericOAuthModule const
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* SQLStore: Close session in withDbSession
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
* SQLStore.WithDbSession: Never use session from context
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
* Chore: Collect elasticsearch version usage stats
* Fix lint error
* use GetDataSources from sqlstore
* Apply review suggestions
* Return error if datasource type is not specified
* Update pkg/services/sqlstore/datasource.go
* fix undefined var
* Add revoked_at field to user auth token to allow soft revokes
* Allow soft token revocations
* Update token revocations and tests
* Return error info on revokedTokenErr
* Override session cookie only when no revokedErr nor API request
* Display modal on revoked token error
* Feedback: Refactor TokenRevokedModal to FC
* Add GetUserRevokedTokens into UserTokenService
* Backendsrv: adds tests and refactors soft token path
* Apply feedback
* Write redirect cookie on token revoked error
* Update TokenRevokedModal style
* Return meaningful error info
* Some UI changes
* Update backend_srv tests
* Minor style fix on backend_srv tests
* Replace deprecated method usage to publish events
* Fix backend_srv tests
* Apply suggestions from code review
Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>
Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com>
* Apply suggestions from code review
* Apply suggestions from code review
Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com>
* Minor style fix after PR suggestion commit
* Apply suggestions from code review
Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>
* Prettier fixes
Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com>
Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>
Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>
* Chore(deps): Bump xorm.io/xorm from 0.8.1 to 0.8.2
Bumps xorm.io/xorm from 0.8.1 to 0.8.2.
Signed-off-by: dependabot[bot] <support@github.com>
* Fix limit for snapshots
* Fix limit for org and users
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* Usage Stats: Remove unused method for getting user stats
This was used in enterprise codebase, but is not longer in use, thus can be safely removed.
* Force refresh user stats in tests
* update go-mssqldb package
* mssql: support for Windows integrated security
Adds a dropdown to the config page to choose between
SQL Server auth and Windows auth. If the login/username
is empty then the go-mssqldb driver will use single sign on
(Windows integrated security) if on Windows.
* mssql: update ds - don't ignore the user column
* SQLStore: customise the limit of retrieved datasources per organisation
* update all suggestions regarding nil or 0 as default
* Apply suggestions from code review
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* correct default.ini description + adding unittest
* Apply suggestions from code review
Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>
* modify unittest name
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>
* Always use cache: stop passing skipCache among ngalert functions
* Add updated column
* Scheduler initial draft
* Add retry on failure
* Allow settting/updating alert definition interval
Set default interval if no interval is provided during alert definition creation.
Keep existing alert definition interval if no interval is provided during alert definition update.
* Parameterise alerting.Ticker to run on custom interval
* Allow updating alert definition interval without having to provide the queries and expressions
* Add schedule tests
* Use xorm tags for having initialisms with consistent case in Go
* Add ability to pause/unpause the scheduler
* Add alert definition versioning
* Optimise scheduler to fetch alert definition only when it's necessary
* Change MySQL data column to mediumtext
* Delete alert definition versions
* Increase default scheduler interval to 10 seconds
* Fix setting OrgID on updates
* Add validation for alert definition name length
* Recreate tables
* middleware: Move context handler to own service
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
Co-authored-by: Emil Tullsted <sakjur@users.noreply.github.com>
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
* Add an option to hide certain users in the UI
* revert changes for admin users routes
* fix sqlstore function name
* Improve slice management
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* Hidden users: convert slice to map
* filter with user logins instead of IDs
* put HiddenUsers in Cfg struct
* hide hidden users from dashboards/folders permissions list
* Update conf/defaults.ini
Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
* fix params order
* fix tests
* fix dashboard/folder update with hidden user
* add team tests
* add dashboard and folder permissions tests
* fixes after merge
* fix tests
* API: add test for org users endpoints
* update hidden users management for dashboard / folder permissions
* improve dashboard / folder permissions tests
* fixes after merge
* Guardian: add hidden acl tests
* API: add team members tests
* fix team sql syntax for postgres
* api tests update
* fix linter error
* fix tests errors after merge
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
Co-authored-by: Leonard Gram <leo@xlson.com>
The annotation_tag and alert_rule_tag tables did not have
PRIMARY KEY defined what cause problems with migration to
MariaDB with Galera setup with
innodb_force_primary_key=1
Or MySQL > 8.0.13 with
sql_require_primary_key=ON
Which can manifest as follows:
MariaDB
Error 1173: This table type requires a primary key
MySQL
ERROR 3750 (HY000): Unable to create or change a table
without a primary key, when the system variable 'sql_require_primary_key' is set.
Extra reading for curious:
https://jfg-mysql.blogspot.com/2017/08/danger-no-pk-with-RBR-and-mariadb-protection.htmlFixes#12971
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* Alerting: Return proper status code when trying to create an Alert Notification where the name or UID already exists.
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
* sqlstore: Run tests as integration tests
* Truncate database instead of re-creating it on each test
* Fix test description
See https://github.com/grafana/grafana/pull/12129
* Fix lint issues
* Fix postgres dialect after review suggestion
* Rename and document functions after review suggestion
* Add periods
* Fix auto-increment value for mysql dialect
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* intial frontend resolution/redirection logic
* backend scaffolding
* enough of the frontend to actually test end to end
* bugfixes
* add tests
* cleanup
* explore too hard for now
* fix build
* Docs: add docs
* FE test
* redirect directly from backend
* validate incoming uids
* add last_seen_at
* format documentation
* more documentation feedback
* very shaky migration of get route to middleware
* persist unix timestamps
* add id, orgId to table
* fixes for orgId scoping
* whoops forgot the middleware
* only redirect to absolute URLs under the AppUrl domain
* move lookup route to /goto/:uid, stop manually setting 404 response code
* renaming things according to PR feedback
* tricky deletion
* sneaky readd
* fix test
* more BE renaming
* FE updates -- no more @ts-ignore hacking :) and accounting for subpath
* Simplify code
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
* Short URLs: Drop usage of bus
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
* ShortURLService: Make injectable
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
* Rename file
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
* Add handling of url parsing and creating of full shortURL to backend
* Update test, remove unused imports
* Update pkg/api/short_urls.go
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Add correct import
* Pass context to short url service
* Remove not needed error log
* Rename dto and field to denote URL rather than path
* Update api docs based on feedback/suggestion
* Rename files to singular
* Revert to send relative path to backend
* Fixes after review
* Return dto when creating short URL that includes the full url
Use full url to provide shorten URL to the user
* Fix after review
* Fix relative url path when creating new short url
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
Co-authored-by: Ivana <ivana.huckova@gmail.com>
Co-authored-by: Ivana Huckova <30407135+ivanahuckova@users.noreply.github.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Add non-unique indices to alert_notification_state and alert_rule_tag tables for
column alert_id.
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Fixes#22890
* expire with existng cleanup service
* expire with new temp user service
* make Drone happy :)
* add expiry status
* remove other approach
* cleanup
* add test for idempotency
* add migration from datetime to unix ts
* update cmd names
* change lifetime config to duration
* remove unnecessart formatting
* add comment
* update docs
* remove max bound and introduce min error
* simplify sql
* remove comment
* allow any outstanding to exist for at least 24 hours
* revert created ts change
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* add extra state check to cleanup step
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* end 2 end
* fix import
* refactor
* introduce securedata
* check err
* use testify instead of convey
* cleanup test
* cleanup test
* blob time
* rename funcs
Add a default timezone that the administrator can set in the settings.
This setting is be used as default for the users timezone preference.
Can be used when creating Grafana instances without administrator
intervention, in order to give user the correct default timezone.
Fixes#25654
* Alerting API: Send back 404 not found error for update and delete endpoints
* Alerting API: send back alert notification id for delete with uid endpoint
* Add support for local time formats in graph panel
* Enfore 24h format for backward compatibility
* Use existing Intl.DateTimeFormatOptions
* Pre-generate time scale, add tests
* Move localTimeFormat, add local format to units
* updated default fallback
* #25602, use navigator.languages to enforce locale in formatting
* Making options
* Worked new system settings
* things are working
* Local browser time formats working
* Support parsing dates in different formats
* settings updated
* Settings starting to work
* Fixed graph issue
* Logs fix
* refactored settings a bit
* Updated and name change
* Progress
* Changed config names
* Updated
* Updated
* Updated test
* Synced description
* fixed ts issue
* Added version notice
* Ts fix
* Updated heatmap and test
* Updated snapshot
* Updated
* fixed ts issue
* Fixes
Co-authored-by: Alex Shpak <alex-shpak@users.noreply.github.com>
* Stats: Cache based stats implementation
* Stats: Correct logic and add larger scale test
* Stats: linter
* Stats: SQL implementation
* Stats: cleanup SQL
* Stats: Tab -> Spaces
* Update pkg/services/sqlstore/stats.go
Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>
* Stats: Quote 'user' table with dialect.Quote
* Stats: Ensure test is run as integration test
* Stats: Use boolean value
...because if (v) { true } else { false } is unnecessary at best.
Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>
* API: Improve error handling (#26934)
* New ErrUserAlreadyExists error has been introduced
* Create user endpoint returns 412 Precondition Failed on ErrUserAlreadyExists errors
* Make ErrUserAlreadyExists error message clearer
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* Use errors.Is instead of equality comparator on AdminCreateUser handler
* Improve sqlstore/user test definition
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Improve sqlstore/user tests for ErrUserAlreadyExists cases
* Remove no needed string fmt and err declaration on sqlstore/user tests
* Code improvements for sqlstore/user tests
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Use err.Error() instead of sentinel error value on AdminCreateUser
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Add ErrUserAlreadyExists handling for signup & org invite use cases
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
Support storing sensitive notification settings securely/encrypted.
Move slack notifier url and api token to secure settings.
Migrating slack notifier to store token and url encrypted is currently
a manual process by saving an existing slack alert notification channel.
saving an existing slack alert notification channel will reset the stored
non-secure url and token.
Closes#25113
Ref #25967
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* Allow API to assign new user to a specific organization
* Add defer block to test
* Add API tests and return 400 instead of 500 for bad orgId
* Minor test improvements
