* replace dashboardid with dashboardUID in annotation API
* add some tests
* modify some docs and add uid into get endpoint
* rebase with main
* add map for avoiding too much retrieve on dashboards
* Replace sequential IDs with UID for dashboard permossion
* Add back endpoint with id
* Rename parameter from dashboarUid->uid and add swagger definitions for endpoints
* Generate swagger json
* Add deprecated to swagger and docs
* Add deprecated comment in the api.go
* Add model for POST body
* Fix model post body for endpoint
* Generate spec with enterprise
* pass in user to attribute scope resolver
* add SQL filter to annotation listing
* check annotation FGAC permissions before exposing them for commenting
* remove the requirement to be able to list all annotations from annotation listing endpoint
* adding tests for annotation listing
* remove changes that got moved to a different PR
* unused var
* Update pkg/services/sqlstore/annotation.go
Co-authored-by: Ezequiel Victorero <evictorero@gmail.com>
* remove unneeded check
* remove unneeded check
* undo accidental change
* undo accidental change
* doc update
* move tests
* redo the approach for passing the user in for scope resolution
* accidental change
* cleanup
* error handling
Co-authored-by: Ezequiel Victorero <evictorero@gmail.com>
* First attempt at creating new navbar_preferences table in db
* Apply to every nav item instead of just home
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* Chore: introduce initTestDB options for features
* fix unit tests
* Add another unit test and some logic for detecting if a preference already exists
* tidy up
* Only override IsFeatureToggleEnabled if it's defined
* Extract setNavPreferences out into it's own function, initialise features correctly
* Make the linter happy
* Use new structure
* user essentials mob! 🔱
* user essentials mob! 🔱
* Split NavbarPreferences from Preferences
* user essentials mob! 🔱
* user essentials mob! 🔱
* Fix lint error
* Start adding tests
* Change internal db structure to be a generic json object
* GetJsonData -> GetPreferencesJsonData
* Stop using simplejson + add some more unit tests
* Update pkg/api/preferences.go
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* Updates following review comments
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* Change patch to upsert, add a unit test
* remove commented out code
* introduce patch user/org preferences methods
* Return Navbar preferences in the get call
* Fix integration test by instantiating JsonData
* Address review comments
* Rename HideFromNavbar -> Hide
* add swagger:model comment
* Add patch to the preferences documentation
* Add openapi annotations
* Add a short description
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* Update unit tests
* remove unneeded url
* remove outdated comment
* Update integration tests
* update generated swagger
Co-authored-by: Alexandra Vargas <alexa1866@gmail.com>
Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* Query history: Add starring and unstarring API
* Return dto with starred info when commenting
* Add documentation for starring and unstarring of query
* Return dto when starring/unstarring
* Update documentation
* Update deleting with unstarring
* Check queryUID length in queryhistory
* Fix linting issues
* Update docs/sources/http_api/query_history.md
Co-authored-by: Piotr Jamróz <pm.jamroz@gmail.com>
* Update docs/sources/http_api/query_history.md
Co-authored-by: Piotr Jamróz <pm.jamroz@gmail.com>
Co-authored-by: Piotr Jamróz <pm.jamroz@gmail.com>
* filter teams for editors to only show the teams that they are members of
* frontend changes to only allow clicking on teams that the user can edit
* update frontend test snapshots
* extend docs
* reword
* remove the comment for now
* Update backend tests
* reword the warning, and add it back in
* docs feedback
Co-authored-by: gamab <gabi.mabs@gmail.com>
* docs for teams with FGAC
* Update docs/sources/enterprise/access-control/fine-grained-access-control-references.md
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* Update access_controls.md
Update the parameter table for deleting custom roles to make it explicit that the `global` query parameter is handled by this endpoint/should be specified when deleting a globally-scoped role.
* Update docs/sources/http_api/access_control.md
Co-authored-by: Karl Persson <kalle.persson92@gmail.com>
Co-authored-by: achatterjee-grafana <aparajita.chatterjee@grafana.com>
* * Teams: Appropriately apply user id filter in /api/teams/:id and /api/teams/search
* Teams: Ensure that users searching for teams are only able see teams they have access to
* Teams: Require teamGuardian admin privileges to list team members
* Teams: Prevent org viewers from administering teams
* Teams: Add org_id condition to team count query
* Teams: clarify permission requirements in teams api docs
* Teams: expand scenarios for team search tests
* Teams: mock teamGuardian in tests
Co-authored-by: Dan Cech <dcech@grafana.com>
* remove duplicate WHERE statement
* Fix for CVE-2022-21702
(cherry picked from commit 202d7c190082c094bc1dc13f7fe9464746c37f9e)
* Lint and test fixes
(cherry picked from commit 3e6b67d5504abf4a1d7b8d621f04d062c048e981)
* check content type properly
(cherry picked from commit 70b4458892bf2f776302720c10d24c9ff34edd98)
* basic csrf origin check
(cherry picked from commit 3adaa5ff39832364f6390881fb5b42ad47df92e1)
* compare origin to host
(cherry picked from commit 5443892699e8ed42836bb2b9a44744ff3e970f42)
* simplify url parsing
(cherry picked from commit b2ffbc9513fed75468628370a48b929d30af2b1d)
* check csrf for GET requests, only compare origin
(cherry picked from commit 8b81dc12d8f8a1f07852809c5b4d44f0f0b1d709)
* parse content type properly
(cherry picked from commit 16f76f4902e6f2188bea9606c68b551af186bdc0)
* mentioned get in the comment
(cherry picked from commit a7e61811ef8ae558ce721e2e3fed04ce7a5a5345)
* add content-type: application/json to test HTTP requests
* fix pluginproxy test
* Fix linter when comparing errors
Co-authored-by: Kevin Minehart <kmineh0151@gmail.com>
Co-authored-by: Dan Cech <dcech@grafana.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Co-authored-by: Serge Zaitsev <serge.zaitsev@grafana.com>
Co-authored-by: Vardan Torosyan <vardants@gmail.com>
* Library Elements API GET by name returns array
Making a GET request to the Library Elements HTTP API `api/library-elements/name/:name` will return an **array** of Library Element objects, but the documentation says it will return a Library Element object.
Example cURL POST request:
`curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer XXXXXXXXXXX" -d @request.json "https://my.grafana.net/api/library-elements/"`
request.json
```json
{
"model": {},
"kind": 1,
"name": "testing description3",
"uid": "basic3",
"id": 12345,
"version": 2
}
```
Example cURL GET request:
`curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer XXXXXXXX" -d @request "https://my/api/library-elements/name/testing description3"`
Example response:
```json
{
"result": [
{
. . .
}
]
}
```
* Library Elements API fix bracket spacing
* Create config to enable/disable query history
* Create add to query history functionality
* Add documentation
* Add test
* Refactor
* Add test
* Fix built errors and linting errors
* Refactor
* Remove old tests
* Refactor, adjust based on feedback, add new test
* Update default value
* API: return resource ID when deleting datasource and library element
* keep status codes consistent
* fix element ID
* add test
* improve response struct
* update endpoints documentation
* LibraryElementIDResponse -> DeleteLibraryElementResponse
* document licensing permissions and roles
* Update docs/sources/enterprise/access-control/fine-grained-access-control-references.md
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* Update docs/sources/enterprise/access-control/permissions.md
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* update action name for "licensing.reports:read"
* put licensing editor role back in, more table formatting
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* Add input to specify min step
* Add stepInterval to as input to component
* Add onBlur to Input component
* Loki: add functionality for min step
* Loki: change name on props to step to make it more clear
* Loki: add resolution as a query option
* Loki: Add min,max,exact as step options
* Loki: add functionality for different step modes
* Loki: fix bug where step function isn't working
* Loki: fix bug where exact step isn't working
* Loki: change width of step input field
* Loki: add tests for adjustInterval function
* Loki: add check for max step oprio to make sure it's not below the safe interval
* Loki: fix bug with some tests
* Loki: fix bug with tests
* Explore: add tooltip to loki step function
* Loki: remove resolution as a logs option
* Loki: update snapshots
* Fix failing tests
* Loki: add select component for choosing resolution
* Loki: add functionality for calculating correct interval with resolution applied
* Loki: remove functionality for step mode
* Loki: remove tests for step mode
* Loki: add tooltip to line limit and resolution
* Loki: add backend support for resolution
* Loki: fixed backend bug where resolution was undefined
* Loki: add check for resolution
