* Renamed target -> id and href -> path after feedback.
* fixed type issues in test page.
* chore(pluginschemajson): update extensions props target -> id
* this is the final.
* fixed typings...again...
---------
Co-authored-by: Jack Westbrook <jack.westbrook@gmail.com>
* fix(dashboard version service): add DashboardUID to query and responses
The DashboardUID was not populated in the response from Get and ListDashboardVersions. This adds the DashboardUID to the Get query (it was already in List) and populated the DashboardUID in the returned DashboardVersionDTOs.
* added extensions to plugin.json and exposing it via frontend settings.
* added extensions to the plugin.json schema.
* changing the extensions in frontend settings to a map instead of an array.
* wip
* feat(pluginregistry): begin wiring up registry
* feat(pluginextensions): prevent duplicate links and clean up
* added test case for link extensions.
* added tests and implemented the getPluginLink function.
* wip
* feat(pluginextensions): expose plugin extension registry
* fix(pluginextensions): appease the typescript gods post rename
* renamed file and will throw error if trying to call setExtensionsRegistry if trying to call it twice.
* added reafactorings.
* fixed failing test.
* minor refactorings to make sure we only include extensions if the app is enabled.
* fixed some nits.
* Update public/app/features/plugins/extensions/registry.test.ts
Co-authored-by: Levente Balogh <balogh.levente.hu@gmail.com>
* Update packages/grafana-runtime/src/services/pluginExtensions/registry.ts
Co-authored-by: Levente Balogh <balogh.levente.hu@gmail.com>
* Update packages/grafana-runtime/src/services/pluginExtensions/registry.ts
Co-authored-by: Levente Balogh <balogh.levente.hu@gmail.com>
* Update public/app/features/plugins/extensions/registry.test.ts
Co-authored-by: Levente Balogh <balogh.levente.hu@gmail.com>
* Moved types for extensions from data to runtime.
* added a small example on how you could consume link extensions.
* renamed after feedback from levi.
* updated the plugindef.cue.
* using the generated plugin def.
* added tests for apps and extensions.
* fixed linting issues.
* wip
* wip
* wip
* wip
* test(extensions): fix up failing tests
* feat(extensions): freeze registry extension arrays, include type in registry items
* added restrictions in the pugindef cue schema.
* wip
* added required fields.
* added key to uniquely identify each item.
* test(pluginextensions): align tests with implementation
* chore(schema): refresh reference.md
---------
Co-authored-by: Jack Westbrook <jack.westbrook@gmail.com>
Co-authored-by: Levente Balogh <balogh.levente.hu@gmail.com>
* add bundle registry service to avoid dependency cycles
* move user support bundle collector to user service
* move usage stat bundle implementation to usage stats
* add info for background service
* fix remaining imports
* whitespace
* reorganize auth usage stats
* usage stat privilege elevators
* stat count of modified role
* cfg related info
* add authn anon client
* kv store
* ensure anon enabled is collected even if client is not registered
* fix usage stats test
* *Create Caching Config interface and OSS impl
*Create front-end facing DS Cache config
*Populate Caching Config on Datasource DTO
*Update OSS wire deps
* fix unit test
* handle query caching TTL override on the frontend
* Make sure the override works with pubdash
* move caching config to the right place in the ds info
* move caching config logic to enterprise index hook
* move queryCachingTTL to pubdash query payload
* Remove from metadata (not needed)
* rename struct and add comment
* remove invalid wire dependency
* manual revert of 395c74b
* fix frontend test
* fix backend test
* fix tests for real this time
* truly fix frontend test
* fix back end unit test for real
* remove result field from alert notification commands and queries
* fix a few more tests
* ok, linter
* remove alert result fields
* fix api calls
* et tu, linter
* Config: Make frontend settings a struct rather than map
remove frontend settings to setting package
remove frontend settings struct to dtos package
rearrange structs to avoid cycles
rename getFrontendSettings fn
omitempty
fix login test
fix middleware test
* wip some enterprise types
* cleanup, moved structs from enterprise
* ci
* add nested folder scope inheritance to managed permission services
* add a more specific erorr
* remove circular dependencies
* use errutil for returning erorr
* fix tests
* fix tests
* define a new error in ac package
* AuthN: Update signature of redirect client and RedirectURL function
* OAuth: use authn.Service to perform oauth authentication and login if feature toggle is enabled
* AuthN: register oauth clients
* AuthN: set auth module metadata
* AuthN: add logs for failed login attempts
* AuthN: Don't use enable disabled setting
* OAuth: only run hooks when authnService feature toggle is disabled
* OAuth: Add function to handle oauth errors from authn.Service
* WIP
* Update pkg/services/login/authinfo.go
* fix: merge
* change order to internal last
* adds: docs
* add: configuration for defaults and sample
* Update docs/sources/setup-grafana/configure-grafana/_index.md
Co-authored-by: Jo <joao.guerreiro@grafana.com>
* Update docs/sources/setup-grafana/configure-grafana/_index.md
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
---------
Co-authored-by: Jo <joao.guerreiro@grafana.com>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
This adds provisioning endpoints for downloading alert rules and alert rule groups in a
format that is compatible with file provisioning. Each endpoint supports both json and
yaml response types via Accept header as well as a query parameter
download=true/false that will set Content-Disposition to recommend initiating a download
or inline display.
This also makes some package changes to keep structs with potential to drift closer
together. Eventually, other alerting file structs should also move into this new file
package, but the rest require some refactoring that is out of scope for this PR.
The old GrafanaComURL setting didn't have the /api suffix so needed it
adding on by the proxy director, but the new GrafanaComAPIURL setting is
assumed to already point directly to the API and doesn't need an
additional suffix.
This is the only place in the codebase that GrafanaComAPIURL is used.
* Add config to remove Snapshot functionality (frontend is hidden and validation in the backend)
* Add test cases
* Remove unused mock on the test
* Moving Snapshot config from globar variables to settings.Cfg
* Removing warnings on code
* API: Add reqSignedIn to router groups
* AuthN: Add fall through in context handler
* AuthN: Add IsAnonymous field
* AuthN: add priority to context aware clients
* ContextHandler: Add comment
* AuthN: Add a simple priority queue
* AuthN: Add Name to client interface
* AuthN: register clients with function
* AuthN: update mock and fake to implement interface
* AuthN: rewrite test without reflection
* AuthN: add comment
* AuthN: fix queue insert
* AuthN: rewrite tests
* AuthN: make the queue generic so we can reuse it for hooks
* ContextHandler: Add fixme for auth headers
* AuthN: remove unused variable
* AuthN: use multierror
* AuthN: write proper tests for queue
* AuthN: Add queue item that can store the value and priority
Co-authored-by: Jo <joao.guerreiro@grafana.com>
* Access Control: Add folder service dependency to the dashboard/folder resolvers
* Expose the function fetching parents to folder interface
* Add generic prepend utility
* Modify dashboard resolvers to return inherited scopes
* add: skip_org_role_sync setting for github
* fix: frontend
* rearranged tests
* refactor: assignGrafanaAdmin skip also
* Add: tests for allowGrafanaAdmin
- both for the case when both settings are set and the setting for only
allowGrafanaAdmin
* Apply suggestions from code review
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* Update docs/sources/setup-grafana/configure-grafana/_index.md
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* Update pkg/login/social/github_oauth.go
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
* added vairable inside scope
* Update docs/sources/setup-grafana/configure-security/configure-authentication/github/index.md
* Update docs/sources/setup-grafana/configure-security/configure-authentication/github/index.md
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
During the review of the initial PR adding this (#59506) I removed
a new global variable from the setting package, but forgot to update
the reference to the new setting, so the API URL wasn't actually
being used. This PR updates the proxy endpoint to use the API
URL correctly.
Aside: I'm not a huge fan of how the error is being ignored when parsing
the URL, but I think that should be addressed in a separate PR if anyone
has a suggestion for how we should handle it. (Should we check that the
URL is valid when parsing config?)
* rename routes and fix access control for support bundles
* AccessControl: Hide menu if not authorized
* AccessControl: Add AC guards for create and delete
* lint
* feat: add a new modal for displaying no-access info
* feat(CardGrid): add an onClick handler for items
* feat: open a no-access modal when clicking on a connection in the catlog
* feat: update permissions
Open a "No access" modal when the user clicks a connection type but has no permissions creating a datasource out of it
* test: add tests for opening the No Access modal
* test: fix the user permissions in tests
* Wip
* Revert "Wip"
This reverts commit 7f080c7f77.
* Add new config option
* Add frontend control
* Condition new auth broker with config option
* Condition old auth broker with config option
Co-authored-by: Jo <joao.guerreiro@grafana.com>
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* AuthN: Create password client wrapper and use that on in basic auth
client
* AuthN: fix basic auth client test
* AuthN: Add tests for form authentication
* API: Inject authn service
* Login: If authnService feature flag is enabled use authn login
* Login: Handle token creation errors
* [WIP] Auth: add backend skipOrgRoleSync to AzureAD OAuth
- add: skipOrgRoleSync
- rename: skipOrgRoleSync to skipOrgRoleSyncBase (to make it clear that
it is the base version of SocialBase)
- add: tests for skipOrgRoleSync in AzureAD
TODO:
- [ ] frontend changes
* add: docs
* refactor: remove role from basicinfo
* add: settings for grafanacom
* add: settigns for frontend
* add: logic for azureAD user skip org role
* add: docs for skip_org_role_sync
* refactor: docs a bit
* add: tests for userinfo
* refactor: to only extract if skiporgrolesync false
* refactor: based on review comments
* Update docs/sources/setup-grafana/configure-grafana/_index.md
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* Update docs/sources/setup-grafana/configure-grafana/_index.md
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* API: Rewrite legacy access control and rbac tests for current org
endpoint
* API: Rewrite legacy and rbac endpoint tests for update current and
target org
* API: rewrite access control tests for create org
* API: Rewrite delete org api access control tests
* API: rewrite search org access control tests to not use mocked access
control
* API: Rewrite get org and get org by name access control tests to not use
mocked access control
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
* Chore: Move team models to models pkg
* Fix ACL tests
* More ACL tests
* Change Id to ID in conflict user command test
* Remove team from models
* Fix ac test lint
* Add auth labels and access control metadata to org users search results
* Fix search result JSON model
* Org users: Use API for pagination
* Fix default page size
* Refactor: UsersListPage to functional component
* Refactor: update UsersTable component code style
* Add pagination to the /orgs/{org_id}/users endpoint
* Use pagination on the AdminEditOrgPage
* Add /orgs/{org_id}/users/search endpoint to prevent breaking API
* Use existing search store method
* Remove unnecessary error
* Remove unused
* Add query param to search endpoint
* Fix endpoint docs
* Minor refactor
* Fix number of pages calculation
* Use SearchOrgUsers for all org users methods
* Refactor: GetOrgUsers as a service method
* Minor refactor: rename orgId => orgID
* Fix integration tests
* Fix tests
* protect /connection url paths with permissions
These permissions match the original ones at /datasources and /plugins
* add Connections section to navtree only if user has permissions
This commit works only when the easystart plugin is not present.
I'll see what I can do when it is present in the next commit(s).
* update datasources page permissions
The datasources page have Explore buttons on datasource entries,
therefore it makes sense to show this page for those, who can't edit or
create datasources but have explore permissions.
This applies for the traditional Editor role.
* DataSourcesList: link to edit page only if has right to write
If the user doesn't have rights to write datasources, then it's better
to not create a link from cards to the edit page. This way they won't
see the configuration of the data sources either, which is a desirable
outcome.
Also, I moved the query for DataSourcesExplore permission out from the
DataSourcesListView component in the DataSourcesList component, next to
the other permission queries - for the sake of consistency.
* fix permissions for connect data
This way it matches the permissions of the "Plugins" page.
* fix applinks test
* refactor(pluginhelp): rewrite as functional component with useAsync
* mimic old behaviour
* feat(pluginhelp): display message if backend returned an empty string
Co-authored-by: Jack Westbrook <jack.westbrook@gmail.com>
The DashboardVersion struct is the database object; the DashboardVersionDTO is the object that should be sent to the API layer.
In the future I'd like to move DashboardVersion to dashverimpl and un-export it, but there are a few places that Insert directly into that table, not all of which are test fixtures, so that should wait until we clean up at least the DashboardService's use of it.
Log a useful msg if no oauth provider configured
When a user doesn't configure an OAuth provider and uses auto login, Grafana logs a misleading message indicating that he has multiple providers configured.
