* Dashboards: Fix tests when authn broker is enabled.
StarService was not configured for tests, the call was guarded by !c.IsSignedIn
* Change default to be anon user to match expectations from tests
* OAuth: rewrite tests to work with authn.Service
* Setup template renderer by default
* Extract cookie options from cfg instead of relying on global variables
* Fix test to work with authn service
* Middleware: rewrite auth tests
* Remvoe session cookie if we cannot refresh access token
* Auth: prevent auto_login redirect if user is already authenticated
Before attempting an auto-login for OAuth, verifies if current context has already been
authenticated.
Fixes: #72476
Co-authored-by: Karl Persson <kalle.persson92@gmail.com>
* add termination stage
* uid -> pluginID (for now)
* also fix fakes
* add simple test
* Fix logger name
Co-authored-by: Giuseppe Guerra <giuseppe.guerra@grafana.com>
* inline stop func call
Co-authored-by: Giuseppe Guerra <giuseppe.guerra@grafana.com>
---------
Co-authored-by: Giuseppe Guerra <giuseppe.guerra@grafana.com>
* Search: Attempt to support folderUID filter
* Search: Use folder UID instead of ID for searching folders
* Update swagger
* Fix JSON property casing
* Add integration test
* Remove redundant query condition
* Fix frontend test
* Fix listing dashboards in General/root
* Add support for fetching top level folders
using `folderUIDs=` (empty string) query parameter
* Add deprecation notice
* Send uid of general in sql.ts
* Use 'general' for query folderUIDs query param for fetching folder
* Add tests
* Fix FolderUIDFilter
---------
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Add feature flag
* Introduce interface and dummy implementation
* Add tests for the new filter
* accessControlDashboardPermissionFilterNoFolderSubquery implementation
* join only if it's necessary
* force ordering for tests
* Temporarily enable new query for benchmarks
* lock down server admin role updates on the frontend if the user is externally synced
* add tests
* lock Grafana Server admin role updates from the backend
* rename variables
* check that the user has auth info
* add LDAP to providers for which Grafana Server admin role can be synced
* linting
* Modify Content-Security-Policy for Swagger UI
* check if CSP is empty
Co-authored-by: João Calisto <joao.calisto@grafana.com>
* check if CSP is empty in swagger.go
---------
Co-authored-by: João Calisto <joao.calisto@grafana.com>
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* add a new feature toggle for locking down role sync for users managed by GCom
* protect the frontend and the backend using the new feature toggle
* fix merge
* Expose library element service's folder service
* Register library panels, add count implementation
* Expand folder counts test
* Update registry deletion method interface
* Allow getting library elements from any folder
* Add test for library panel deletion
* Add test for library panel counting
* add a feature toggle
* add the fields for attribute, kind and identifier to permission
Co-authored-by: Kalle Persson <kalle.persson@grafana.com>
* set the new fields when new permissions are stored
* add migrations
Co-authored-by: Kalle Persson <kalle.persson@grafana.com>
* remove comments
* Update pkg/services/accesscontrol/migrator/migrator.go
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* feedback: put column migrations behind the feature toggle, added an index, changed how wildcard scopes are split
* PR feedback: add a comment and revert an accidentally changed file
* PR feedback: handle the case with : in resource identifier
* switch from checking feature toggle through cfg to checking it through featuremgmt
* don't put the column migrations behind a feature toggle after all - this breaks permission queries from db
---------
Co-authored-by: Kalle Persson <kalle.persson@grafana.com>
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* chore: wrap HTTP server in a dskit module
Much of the logic from this comes from the POC branch, so:
- credit for this work goes to everyone else
- mistakes are my own
This is needed to support microservice deployment modes.
* added an arbitrarily-chosen 30second timeout
* add grafana-apiserver
* remove watchset & move provisioning and http server to background
services
* remove scheme
* otel fixes (#70874)
* remove module ProvideRegistry test
* use certgenerator from apiserver package
* Control collector/pdata from going to v1.0.0-rc8 (as Tempo 1.5.1 would have it)
* Plugins: Angular detector: Remote patterns fetching
* Renamed PatternType to GCOMPatternType
* Renamed files
* Renamed more files
* Moved files again
* Add type checks, unexport GCOM structs
* Cache failures, update log messages, fix GCOM URL
* Fail silently for unknown pattern types, update docstrings
* Fix tests
* Rename gcomPattern.Value to gcomPattern.Pattern
* Refactoring
* Add FlagPluginsRemoteAngularDetectionPatterns feature flag
* Fix tests
* Re-generate feature flags
* Add TestProvideInspector, renamed TestDefaultStaticDetectorsInspector
* Add TestProvideInspector
* Add TestContainsBytesDetector and TestRegexDetector
* Renamed getter to provider
* More tests
* TestStaticDetectorsProvider, TestSequenceDetectorsProvider
* GCOM tests
* Lint
* Made detector.detect unexported, updated docstrings
* Allow changing grafana.com URL
* Fix API path, add more logs
* Update tryUpdateRemoteDetectors docstring
* Use angulardetector http client
* Return false, nil if module.js does not exist
* Chore: Split angualrdetector into angularinspector and angulardetector packages
Moved files around, changed references and fixed tests:
- Split the old angulardetector package into angular/angulardetector and angular/angularinspector
- angulardetector provides the detection structs/interfaces (Detector, DetectorsProvider...)
- angularinspector provides the actual angular detection service used directly in pluginsintegration
- Exported most of the stuff that was private and now put into angulardetector, as it is not required by angularinspector
* Renamed detector.go -> angulardetector.go and inspector.go -> angularinspector.go
Forgot to rename those two files to match the package's names
* Renamed angularinspector.ProvideInspector to angularinspector.ProvideService
* Renamed "harcoded" to "static" and "remote" to "dynamic"
from PR review, matches the same naming schema used for signing keys fetching
* Fix merge conflict on updated angular patterns
* Removed GCOM cache
* Renamed Detect to DetectAngular and Detector to AngularDetector
* Fix call to NewGCOMDetectorsProvider in newDynamicInspector
* Removed unused test function newError500GCOMScenario
* Added angularinspector service definition in pluginsintegration
* Moved dynamic inspector into pluginsintegration
* Move gcom angulardetectorsprovider into pluginsintegration
* Log errUnknownPatternType at debug level
* re-generate feature flags
* fix error log
