Commit Graph

420 Commits

Author SHA1 Message Date
Ryan McKinley
4d1b969a5c
GEL: include the expression count in the request (#20114) 2019-10-31 16:22:00 -07:00
Ryan McKinley
861eb72113 transform: add expressions to query editor (w/ feature flag) (#20072)
for use with gel which is not released yet.
2019-10-30 14:38:28 -04:00
Kyle Brandt
009d58c4a2
Plugins: Transform plugin support (#20036)
currently temporary separate http api
2019-10-29 12:22:31 -04:00
Marcus Efraimsson
771f21ed09 api: new v2 metrics query endpoint
Requests to endpoint will currently will error unless expressions feature flag is true.

Co-authored-by: Sofia Papagiannaki <papagian@gmail.com>
2019-10-25 09:28:26 -04:00
Amarnath Karthi
74557a4c40 Dashboard: Allows the d-solo route to be used without slug (#19640)
Allows the d-solo route to be used with UID and without 
a slug.

Fixes #11617
2019-10-14 18:21:44 +02:00
Alexander Zobnin
494b4aaf88 LDAP: only show tab if LDAP is enabled (#19156)
* LDAP: add nav link only if ldap enabled

* LDAP: /admin/ldap required admin permissions
2019-09-17 10:27:55 +02:00
Dominik Prokop
97ff75732d
Routing: Update routing to require sign in on every route (#19118)
* Update routing to require sign in on every route

* Review update
2019-09-16 14:06:50 +02:00
gotjosh
7b7b95341e
LDAP: Allow an user to be synchronised against LDAP (#18976)
* LDAP: Allow an user to be synchronised against LDAP
This PR introduces the /ldap/sync/:id endpoint. It allows a user to be synchronized against LDAP on demand.

A few things to note are:

LDAP needs to be enabled for the sync to work
It only works against users that originally authenticated against LDAP
If the user is the Grafana admin and it needs to be disabled - it will not sync the information
Includes a tiny refactor that favours the JSONEq assertion helper instead of manually parsing JSON strings.
2019-09-13 16:26:25 +01:00
gotjosh
7c6dd1868b
LDAP: Add API endpoint to query the LDAP server(s) status (#18868)
* LDAP: Add API endpoint to query the LDAP server(s) status|

This endpoint returns the current status(es) of the configured LDAP server(s).

The status of each server is verified by dialling and if no error is returned we assume the server is operational.

This is the last piece I'll produce as an API before moving into #18759 and see the view come to life.
2019-09-04 15:29:14 +01:00
gotjosh
0cbbb43222
LDAP: Add API endpoint to debug user mapping from LDAP (#18833)
* Move the ReloadLDAPCfg function to the debug file

Appears to be a better suite place for this.

* LDAP: Return the server information when we find a specific user

We allow you to specify multiple LDAP servers as part of LDAP authentication integration. As part of searching for specific users, we need to understand from which server they come from. Returning the server configuration as part of the search will help us do two things:

- Understand in which server we found the user
- Have access the groups specified as part of the server configuration

* LDAP: Adds the /api/admin/ldap/:username endpoint

This endpoint returns a user found within the configured LDAP server(s). Moreso, it provides the mapping information for the user to help administrators understand how the users would be created within Grafana based on the current configuration.

No changes are executed or saved to the database, this is all an in-memory representation of how the final result would look like.
2019-09-03 18:34:44 +01:00
Marcus Efraimsson
964c2e722f
Snapshot: Fix http api (#18830)
(cherry picked from commit be2e2330f5)
2019-09-02 15:15:46 +02:00
Ryan McKinley
6335509a23 Annotations: use a single row to represent a region (#17673)
* SQLite migrations

* cleanup

* migrate end times

* switch to update with a query

* real migration

* anno migrations

* remove old docs

* set isRegion from time changes

* use <> for is not

* add comment and fix index decleration

* single validation place

* add test

* fix test

* add upgrading docs

* use AnnotationEvent

* fix import

* remove regionId from typescript
2019-08-16 10:49:30 +02:00
Marcus Efraimsson
8fd153edb7
API: Restrict anonymous user information access (#18422)
Existing /api/alert-notifications now requires at least editor access.
Existing /api/alert-notifiers now requires at least editor access.
New /api/alert-notifications/lookup returns less information than
/api/alert-notifications and can be access by any authenticated user.
Existing /api/org/users now requires org admin role.
New /api/org/users/lookup returns less information than
/api/org/users and can be access by users that are org admins,
admin in any folder or admin of any team.
UserPicker component now uses /api/org/users/lookup instead
of /api/org/users.

Fixes #17318
2019-08-12 20:03:48 +02:00
Sofia Papagiannaki
dc9ec7dc91
Auth: Allow expiration of API keys (#17678)
* Modify backend to allow expiration of API Keys

* Add middleware test for expired api keys

* Modify frontend to enable expiration of API Keys

* Fix frontend tests

* Fix migration and add index for `expires` field

* Add api key tests for database access

* Substitude time.Now() by a mock for test usage

* Front-end modifications

* Change input label to `Time to live`
* Change input behavior to comply with the other similar
* Add tooltip

* Modify AddApiKey api call response

Expiration should be *time.Time instead of string

* Present expiration date in the selected timezone

* Use kbn for transforming intervals to seconds

* Use `assert` library for tests

* Frontend fixes

Add checks for empty/undefined/null values

* Change expires column from datetime to integer

* Restrict api key duration input

It should be interval not number

* AddApiKey must complain if SecondsToLive is negative

* Declare ErrInvalidApiKeyExpiration

* Move configuration to auth section

* Update docs

* Eliminate alias for models in modified files

* Omit expiration from api response if empty

* Eliminate Goconvey from test file

* Fix test

Do not sleep, use mocked timeNow() instead

* Remove index for expires from api_key table

The index should be anyway on both org_id and expires fields.
However this commit eliminates completely the index for now
since not many rows are expected to be in this table.

* Use getTimeZone function

* Minor change in api key listing

The frontend should display a message instead of empty string
if the key does not expire.
2019-06-26 09:47:03 +03:00
Alexander Zobnin
a3a7916597
Auth: Logout disabled user (#17166)
* Feature: revoke user token when disabled

* Chore: fix linter error
2019-05-23 15:54:47 +03:00
Oleg Gaidarenko
9b7f9dd9be
LDAP: consistently name the LDAP entities (#17203) 2019-05-22 15:30:03 +03:00
Alexander Zobnin
2d03815770
Users: Disable users removed from LDAP (#16820)
* Users: add is_disabled column

* Users: disable users removed from LDAP

* Auth: return ErrInvalidCredentials for failed LDAP auth

* User: return isDisabled flag in user search api

* User: mark disabled users at the server admin page

* Chore: refactor according to review

* Auth: prevent disabled user from login

* Auth: re-enable user when it found in ldap

* User: add api endpoint for disabling user

* User: use separate endpoints to disable/enable user

* User: disallow disabling external users

* User: able do disable users from admin UI

* Chore: refactor based on review

* Chore: use more clear error check when disabling user

* Fix login tests

* Tests for disabling user during the LDAP login

* Tests for disable user API

* Tests for login with disabled user

* Remove disable user UI stub

* Sync with latest LDAP refactoring
2019-05-21 14:52:49 +03:00
Samuel
846b9327a5 LDAP: Added reload endpoint for LDAP config (#15470)
* 4843 - Added reload endpoint for LDAP config

closes #4843

* Refactor to make the reload work after master drifted
2019-05-03 14:53:07 +02:00
Ryan McKinley
013f1b8d19
App Plugins: support react pages and tabs (#16586) 2019-05-02 10:15:39 -07:00
Andrej Ocenas
eb82a75668
Provisioning: Show file path of provisioning file in save/delete dialogs (#16706)
* Add file path to metadata and show it in dialogs

* Make path relative to config directory

* Fix tests

* Add test for the relative path

* Refactor to use path relative to provisioner path

* Change return types

* Rename attribute

* Small fixes from review
2019-04-30 13:32:18 +02:00
Andrej Ocenas
42b745a098
Provisioning: Add API endpoint to reload provisioning configs (#16579)
* Add api to reaload provisioning

* Refactor and simplify the polling code

* Add test for the provisioning service

* Fix provider initialization and move some code to file reader

* Simplify the code and move initialization

* Remove unused code

* Update comment

* Add comment

* Change error messages

* Add DashboardProvisionerFactory type

* Update imports

* Use new assert lib

* Use mutext for synchronizing the reloading

* Fix typo

Co-Authored-By: aocenas <mr.ocenas@gmail.com>

* Add docs about the new api
2019-04-25 09:06:44 +02:00
Torkel Ödegaard
8b0dd4244b
Search: Fixes search limits and adds a page parameter (#16458)
* Search: Fixes search limits and adds a page parameter

This adds a page parameter to search api without adding
any major breaking change.

It does at an api validation error when trying to use
a limit beyond 5000. This is a breaking change. We could
remove this and have it only in the docs and describe that this
is a limit that grafana will apply silently.

Fixes #16049

* Fix: Corrected wrong array slice change

* Docs: minor docs fix

* Search: fixed folder tests

* Fixed: Moved limit to correct inner query

* Search: moving limit check and page check

* Search: limit in handler is no longer needed
2019-04-17 13:07:50 +02:00
Andrej Ocenas
2d7fc55df7
Provisioning: Do not allow deletion of provisioned dashboards (#16211)
* Unprovision dashboard in case of DisableDeletion = true

* Rename command struct

* Handle removed provision files

* Allow html in confirm-modal

* Do not show confirm button without onConfirm

* Show dialog on deleting provisioned dashboard

* Changed DeleteDashboard to DeleteProvisionedDashboard

* Remove unreachable return

* Add provisioned checks to API

* Remove filter func

* Fix and add tests for deleting dashboards

* Change delete confirm text

* Added and used pkg/errors for error wrapping
2019-04-10 13:29:10 +02:00
Marcus Efraimsson
2ae63e70c0
Alerting: Notification channel http api enhancements (#16219)
Now returns uid in response to get notification channel by id.
Adds GET/PUT/DELETE support for notification channel by uid, 
  /api/alert-notifications/uid/:uid.
Break apart alerting and alert notification http api docs in two 
  pages and update documentation to make it up to date
  with current implementation.

Fixes #16012
2019-03-26 18:37:02 +07:00
Leonard Gram
adf0390b2c teams: local access to bus, moving away from dep on global. 2019-03-19 14:01:20 +01:00
Leonard Gram
6589a4e55f teams: better names for api permissions. 2019-03-19 14:01:20 +01:00
Hugo Häggmark
b60e71c28b teams: moved logic for searchteams to backend 2019-03-19 14:01:15 +01:00
Hugo Häggmark
782b5b6a3a teams: viewers and editors can view teams 2019-03-19 14:01:14 +01:00
Leonard Gram
21d3d27452 teams: editors can't remove the last admin from a team. 2019-03-19 14:01:13 +01:00
Hugo Häggmark
a90b3e331e config: updated feature toggle name 2019-03-19 13:59:39 +01:00
Leonard Gram
23231e6d51 teams: added delete team guard 2019-03-19 13:57:29 +01:00
Leonard Gram
8e7a8282c1 teams: removed feature toggle as it is already in middleware 2019-03-19 13:57:28 +01:00
Leonard Gram
2a88052c14 teams: can update team members permission. 2019-03-19 13:57:23 +01:00
Leonard Gram
af4994ba16 teams: editor added as admin for created teams. 2019-03-19 13:57:22 +01:00
Leonard Gram
22e098b830 teams: editors can work with teams. 2019-03-19 13:57:22 +01:00
Leonard Gram
c8c004095c permissions: broken out func for making creator admin. 2019-03-19 13:57:21 +01:00
Marcus Efraimsson
0cd5a6772d
feat(api): support list/revoke auth token in admin/current user api 2019-03-08 15:15:38 +01:00
Johannes Schill
a81d5486b0 Viewers with viewers_can_edit should be able to access /explore (#15787)
* fix: Viewers with viewers_can_edit should be able to access /explore #15773

* refactoring initial PR a bit to simplify function and reduce duplication
2019-03-05 12:41:01 +01:00
Marcus Efraimsson
5638c67be8
org admins should only be able to access org admin pages 2019-03-04 15:51:18 +01:00
Marcus Efraimsson
a29b99b96b
only editor/admin should have access to alert list/notifications pages 2019-03-04 15:48:07 +01:00
bergquist
e163aadfe4 use authtoken for session quota restrictions
closes #15360
2019-02-12 15:10:55 +01:00
SamuelToh
a7a964ec19 Added PATCH verb end point for annotation op
Added new PATCH verb annotation endpoint

Removed unwanted fmt

Added test cases for PATCH verb annotation endpoint

Fixed formatting issue

Check arr len before proceeding

Updated doc to include PATCH verb annotation endpt
2019-02-05 09:43:17 +10:00
Marcus Efraimsson
cfd8eb5167
now /api/login/ping returns Response 2019-02-04 17:37:07 +01:00
Marcus Efraimsson
8764fb5aa6
inject login/logout hooks 2019-01-15 15:16:20 +01:00
supercharlesliu
fb5c59c611 Add GET /api/users/:id/teams for orgAdmin 2018-11-19 17:08:10 +08:00
Marcus Efraimsson
f560c3297e
Merge pull request #14034 from grafana/12550_team_preferences
Team preferences support
2018-11-15 07:35:10 -08:00
Torkel Ödegaard
480da34279 filter out alpha plugins in api call, fixes #14030 2018-11-15 11:10:47 +01:00
Marcus Efraimsson
5f9fecd254
feat: team preferences 2018-11-12 20:01:53 +01:00
Torkel Ödegaard
dddbe62d6c Merge branch 'master' into react-panels-step1 2018-10-19 09:15:37 +02:00
Peter Holmberg
ee0cc9bd77 Merge branch 'master' into data-source-instance-to-react 2018-10-16 12:14:11 +02:00