* Extract search users to a new service
* Fix wire provider
* Fix common_test and remove RouteRegister
* Remove old endpoints
* Fix test
* Add indexes to dashboards and orgs tables
* Fix lint
* Add encryption service
* Add tests for encryption service
* Inject encryption service into http server
* Replace encryption global function usage in login tests
* Apply suggestions from code review
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* Migrate to Wire
* Undo non-desired changes
* Move Encryption bindings to OSS Wire set
Co-authored-by: Joan López de la Franca Beltran <joanjan14@gmail.com>
Co-authored-by: Joan López de la Franca Beltran <5459617+joanlopez@users.noreply.github.com>
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* simplify some dependency injection in macaron
* remove unused internal server error handler from macaron
* remove internal server error handler from the router
* remove unused combo router api
* remove unused parts of the macaron router
Fixes#30144
Co-authored-by: dsotirakis <sotirakis.dim@gmail.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Co-authored-by: Ida Furjesova <ida.furjesova@grafana.com>
Co-authored-by: Jack Westbrook <jack.westbrook@gmail.com>
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
Co-authored-by: Leon Sorokin <leeoniya@gmail.com>
Co-authored-by: Andrej Ocenas <mr.ocenas@gmail.com>
Co-authored-by: spinillos <selenepinillos@gmail.com>
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
Co-authored-by: Leonard Gram <leo@xlson.com>
Introduces org-level isolation for the Alertmanager and its components.
Silences, Alerts and Contact points are not separated by org and are not shared between them.
Co-authored with @davidmparrott and @papagian
* AccessControl: Implement a way to register fixed roles
* Add context to register func
* Use FixedRoleGrantsMap instead of FixedRoleGrants
* Removed FixedRoles map to sync.map
* Wrote test for accesscontrol and provisioning
* Use mutexes+map instead of sync maps
* Create a sync map struct out of a Map and a Mutex
* Create a sync map struct for grants as well
* Validate builtin roles
* Make validation public to access control
* Handle errors consistently with what seeder does
* Keep errors consistant amongst accesscontrol impl
* Handle registration error
* Reverse the registration direction thanks to a RoleRegistrant interface
* Removed sync map in favor for simple maps since registration now happens during init
* Work on the Registrant interface
* Remove the Register Role from the interface to have services returning their registrations instead
* Adding context to RegisterRegistrantsRoles and update descriptions
* little bit of cosmetics
* Making sure provisioning is ran after role registration
* test for role registration
* Change the accesscontrol interface to use a variadic
* check if accesscontrol is enabled
* Add a new test for RegisterFixedRoles and fix assign which was buggy
* Moved RegistrationList def to roles.go
* Change provisioning role's description
* Better comment on RegisterFixedRoles
* Correct comment on ValidateFixedRole
* Simplify helper func to removeRoleHelper
* Add log to saveFixedRole and assignFixedRole
Co-authored-by: Vardan Torosyan <vardants@gmail.com>
Co-authored-by: Jeremy Price <Jeremy.price@grafana.com>
* WIP: intial structure
* Refactor: adds create library element endpoint
* Feature: adds delete library element
* wip
* Refactor: adds get api
* Refactor: adds get all api
* Refactor: adds patch api
* Refactor: changes to library_element_connection
* Refactor: add get connections api
* wip: in the middle of refactor
* wip
* Refactor: consolidating both api:s
* Refactor: points front end to library elements api
* Tests: Fixes broken test
* Fix: fixes delete library elements in folder and adds tests
* Refactor: changes order of tabs in manage folder
* Refactor: fixes so link does not cover whole card
* Update pkg/services/libraryelements/libraryelements.go
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Update pkg/services/libraryelements/libraryelements_permissions_test.go
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Update pkg/services/libraryelements/database.go
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Chore: changes after PR comments
* Update libraryelements.go
* Chore: updates after PR comments
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Encapsulate settings with a provider with support for runtime reloads
* SettingsProvider: reload is controlled by the services
* naive impl of reload handlers for settings
* working naive detection on new changes
* Trigger settings reload from API endpoint
* validation step added
* validation of settings
* Fix linting errors
* Replace DB_Varchar by DB_NVarchar
* Reduce settings columns (section, key) lenghts
* wip db update logic
* Db Settings: separate updates and removals
* Fix: removes incorrectly added code
* Minor code improvements
* Runtime settings: moved oss -> ee
* Remove no longer used setting.Cfg SAML-related fields
* Rename file setting/settings.go => setting/provider.go
* Apply suggestions from code review
Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>
* Minor code improvements on OSS settings provider
* Fix some login API tests
* Correct some GoDoc comments
* Apply suggestions from code review
Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>
Co-authored-by: Leonard Gram <leo@xlson.com>
Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>
Before these changes the request tracing was added for each route
registered using the routing.RouteRegister, see code. This had the
consequence that middleware executed earlier/later in the request
pipeline was not part of the request tracing middleware life-cycle
which measures the duration of requests among other things.
In the logger middleware we do extract the current distributed trace
identifier, if available, and set that on request info/error log messages.
With these changes we can extract the current distributed trace identifier,
if available, and set that on the contextual HTTP request logger
(models.ReqContext.Logger) which would improve the possibility to correlate
all HTTP request log messages with traces.
In addition, the request tracing middleware is now executed first and last in
the request pipeline and should therefore result in more accurate timing
measurements (request duration).
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Move db package WIP
* Implement OSS access control
* Register OSS access control
* Fix linter error in tests
* Fix linter error in evaluator
* Simplify OSS tests
* Optimize builtin roles
* Chore: add comments to the exported functions
* Remove init from ossaccesscontrol package (moved to ext)
* Add access control as a dependency for http server
* Modify middleware to receive fallback function
* Middleware: refactor fallback function call
* Move unused models to enterprise
* Simplify AccessControl type
* Chore: use bool IsDisabled() method instead of CanBeDisabled interface
This pull request migrates testdata to coreplugin streaming capabilities,
this is mostly a working concept of streaming plugins at the moment,
the work will continue in the following pull requests.
* Fix LoginService.UpsertUser user creation
* Fix API AdminCreateUser user creation
* Add missing underscore import
* Fix API CompleteInvite user creation
* Fix API SignUpStep2 user creation
* Introduce PluginRequestValidator abstraction with a NoOp implementation
* Update PluginRequestValidator abstraction to use the dsURL instead
* Inject PluginRequestValidator into the HTTPServer and validate requests going through data source proxy
* Inject PluginRequestValidator into the BackendPluginManager and validate requests going through it
* Validate requests going through QueryMetrics & QueryMetricsV2
* Validate BackendPluginManager health requests
* Fix backend plugins manager tests
* Validate requests going through alerting service
* Fix tests
* fix tests
* goimports
Co-authored-by: Leonard Gram <leo@xlson.com>
* middleware: Move context handler to own service
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
Co-authored-by: Emil Tullsted <sakjur@users.noreply.github.com>
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
* Alerting NG: prototype v2 (WIP)
* Separate eval package
* Modify eval alert definition endpoint
* Disable migration if ngalert is not enabled
* Remove premature test
* Fix lint issues
* Delete obsolete struct
* Apply suggestions from code review
* Update pkg/services/ngalert/ngalert.go
Co-authored-by: Kyle Brandt <kyle@grafana.com>
* Add API endpoint for listing alert definitions
* Introduce index for alert_definition table
* make ds object for expression to avoid panic
* wrap error
* Update pkg/services/ngalert/eval/eval.go
* Swith to backend.DataQuery
* Export TransformWrapper callback
* Fix lint issues
* Update pkg/services/ngalert/ngalert.go
Co-authored-by: Kyle Brandt <kyle@grafana.com>
* Validate alert definitions before storing them
* Introduce AlertQuery
* Add test
* Add QueryType in AlertQuery
* Accept only float64 (seconds) durations
* Apply suggestions from code review
* Get rid of bus
* Do not export symbols
* Fix failing test
* Fix failure due to service initialization order
Introduce MediumHigh service priority and assign it to backendplugin
service
* Fix test
* Apply suggestions from code review
* Fix renamed reference
Co-authored-by: Kyle Brandt <kyle@grafana.com>
* Backend: Adds route for well-known change password URL
* Include 'dashboard/new' in backend routes
* Move index route handler registration out of "not logged in views" section
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
