* remove placeholder image
* improve http client options
* add http clients options for webhook notifier
* ensure http is only used in dev mode
* cleanup errors
This commit renames "Message templates" to "Notification templates"
in the user interface as it suggests that these templates cannot
be used to template anything other than the message. However, message
templates are much more general and can be used to template other fields
too such as the subject of an email, or the title of a Slack message.
* feat: add a new modal for displaying no-access info
* feat(CardGrid): add an onClick handler for items
* feat: open a no-access modal when clicking on a connection in the catlog
* feat: update permissions
Open a "No access" modal when the user clicks a connection type but has no permissions creating a datasource out of it
* test: add tests for opening the No Access modal
* test: fix the user permissions in tests
* Wip
* Revert "Wip"
This reverts commit 7f080c7f77.
* Add new config option
* Add frontend control
* Condition new auth broker with config option
* Condition old auth broker with config option
Co-authored-by: Jo <joao.guerreiro@grafana.com>
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* Create loki client type and ping method
* Expose TestConnection on client
* Configure and ping Loki URL
* Close response body reader if present
* Add 30 second timeout
* Remove duplicate close
* AUthN: Add last seen sync hooks for user / service account and move api
key last seen to own hook
* ContextHandler: only run sync for last seen if auth.Service is not
enabled
* AuthN: set up boilerplate for proxy client
* AuthN: Implement Test for proxy client
* AuthN: parse accept list in constructor
* AuthN: add proxy client interface
* AuthN: handle error
* AuthN: Implement the proxy client interface for ldap
* AuthN: change reciever name
* AuthN: add grafana as a proxy client
* AuthN: for error returned
* AuthN: add tests for grafana proxy auth
* AuthN: swap order of grafan and ldap auth
* AuthN: Parse additional proxy headers in proxy client and pass down
* AuthN: Create password client wrapper and use that on in basic auth
client
* AuthN: fix basic auth client test
* AuthN: Add tests for form authentication
* API: Inject authn service
* Login: If authnService feature flag is enabled use authn login
* Login: Handle token creation errors
* add feature flag `alertingNoNormalState`
* update instance database to support exclusion of state in list operation
* do not save normal state and delete transitions to normal
* update get methods to filter out normal state
* AuthN: add the ability to register post login hooks
* AuthN: add a guard for the user id
* AuthN: Add helper to create external user info from identity
* AuthN: Pass auth request to password clients
* AuthN: set auth module and username in metadata
* Chore: Move team models to models pkg
* Fix ACL tests
* More ACL tests
* Change Id to ID in conflict user command test
* Remove team from models
* Fix ac test lint
* Alerting: Improve legacy migration to include send reminder & frequency
Legacy channel frequency is migrated to the channel's migrated route's
repeat interval if send reminder is true. If send reminder is false, we
pseudo-disable the repeat interval by setting it to a large value (1y).
If there were no default channels, the root notification policy is still
created with the default 4h repeat interval.
* PermissionFilter: Handle all search type and only check one action for dashboards
* PermissionFilter: Still handle multiple action but take short cut when
only one action is required
* Add auth labels and access control metadata to org users search results
* Fix search result JSON model
* Org users: Use API for pagination
* Fix default page size
* Refactor: UsersListPage to functional component
* Refactor: update UsersTable component code style
* Add pagination to the /orgs/{org_id}/users endpoint
* Use pagination on the AdminEditOrgPage
* Add /orgs/{org_id}/users/search endpoint to prevent breaking API
* Use existing search store method
* Remove unnecessary error
* Remove unused
* Add query param to search endpoint
* Fix endpoint docs
* Minor refactor
* Fix number of pages calculation
* Use SearchOrgUsers for all org users methods
* Refactor: GetOrgUsers as a service method
* Minor refactor: rename orgId => orgID
* Fix integration tests
* Fix tests
* protect /connection url paths with permissions
These permissions match the original ones at /datasources and /plugins
* add Connections section to navtree only if user has permissions
This commit works only when the easystart plugin is not present.
I'll see what I can do when it is present in the next commit(s).
* update datasources page permissions
The datasources page have Explore buttons on datasource entries,
therefore it makes sense to show this page for those, who can't edit or
create datasources but have explore permissions.
This applies for the traditional Editor role.
* DataSourcesList: link to edit page only if has right to write
If the user doesn't have rights to write datasources, then it's better
to not create a link from cards to the edit page. This way they won't
see the configuration of the data sources either, which is a desirable
outcome.
Also, I moved the query for DataSourcesExplore permission out from the
DataSourcesListView component in the DataSourcesList component, next to
the other permission queries - for the sake of consistency.
* fix permissions for connect data
This way it matches the permissions of the "Plugins" page.
* fix applinks test
This commit adds a customizable timeout for screenshots called
capture_timeout. The default value is 10 seconds, and the maximum
value is 30 seconds. This timeout should be less than the minimum
Interval of all Evaluation Groups to avoid back pressure on alert
rule evaluation.
* Update config store to split between active and history tables
* Migrations to fix up indexes
* Implement migration from old format to new
* Move add migrations call
* Delete duplicated rows
* Explicitly map fields
* Quote the column name because it's a reserved word
* Lift migrations to top
* Use XORM for nearly everything, avoid any non trivial raw SQL
* Touch up indexes and zero out IDs on move
* Drop TODO that's already completed
* Fix assignment of IDs
* AuthN: Add boilderplate for render auth client
* AuthN: Implement test function for render auth client
* AuthN: Implement Authenticate for render arender auth client
* ContextHandler: Perform render auth if flag is enabled
* AuthN: Add basic auth client boilerplate
* AuthN: Implement test function for basic auth client
* AuthN: Implement the authentication method for basic auth
* AuthN: Add tests for basic auth authentication
* ContextHandler: perform basic auth authentication through authn service
if feature toggle is enabled
* AuthN: Add providers for sync services and pass required dependencies
* Alerting: Prevent short uid collision in legacy migration when db is case-insensitive
Two factors come into play that cause sporadic uid conflicts during legacy alert migration:
- MySQL and MySQL-compatible backends use case-insensitive collation.
- Our short uid generator is not a uniform RNG and generates uids in such a way that generations in quick succession have a higher probability of creating similar uids.
Normally we would be guaranteed unique short uid generation, however if the source alphabet contains
duplicate characters (for example, if we use case-insensitive comparison) this guarantee is void.
Generating even ~1000 uids in quick succession is nearly guaranteed to create a case-insensitive
duplicate.
chore (dashboardversion service): remove (one) join from store implementations
We return the userID from the dashboardservice store; the service (or api) layer can use that to get the user's login when needed.
The DashboardVersion struct is the database object; the DashboardVersionDTO is the object that should be sent to the API layer.
In the future I'd like to move DashboardVersion to dashverimpl and un-export it, but there are a few places that Insert directly into that table, not all of which are test fixtures, so that should wait until we clean up at least the DashboardService's use of it.
`X-Dashboard-Uid`, `X-Datasource-Uid`, `X-Grafana-Org-Id`, `X-Panel-Id` are very useful headers set
by Grafana front-end that we would like to see on the data source as
well. This is so that it would be possible to pinpoint from where slow
queries are coming in Mimir/Thanos/Cortex/etc., for example. Relevant
Mimir code lines:
0a94f26203/pkg/frontend/transport/handler.go (L182-L184)
Tested manually that with these changes the headers are visible.
Automatically forward core plugin request HTTP headers in outgoing HTTP requests.
Core datasource plugin authors don't have to specifically handle forwarding of HTTP
headers, e.g. do not have to "hardcode" the header-names in the datasource plugin,
if not having custom needs.
Fixes#57065
* refactor email to not use simplejson
* add tests
* split integration test and unit test + more unit-tests
* Remove outdated comment
Co-authored-by: Armand Grillet <2117580+armandgrillet@users.noreply.github.com>
* AuthN: Replicate functionallity to get org id for request
* Authn: parse org id for the request and populate the auth request with
it
* AuthN: add simple mock for client to use in test
* AuthN: add tests to verify that authentication is called with correct
org id
* AuthN: Add ClientParams to mock
* AuthN: Fix flaky org id selection
* add user sync
* add org user sync
* add client params
* merge remaining conflicts
* remove change to report.go
* update comments
* add basic tests for user ID population
* add tests for auth ID find
* add tests for user sync create and update
* add tests for orgsync
* satisfy lint
* add userID guards
Time range added for public dashboard:
- Enable/Disable switch added in public dashboard configuration.
- Time range picker shown in public dashboard for viewer user
