* Remove dashbpard version from models
* Fix lint
* Fix api & sqlstore tests
* Remove integration tags
* Fix lint again
* Add integration test to correct namespace
* Lont fix 2
* Change Id to ID in dashVersionMeta
This PR adds endpoints for saving and retrieving a public dashboard configuration and and api endpoint to retrieve the public dashboard.
All of this is highly experimental and APIs will change. Notably, we will be removing isPublic from the dashboard model and moving it over to the public dashboard table in the next release.
Further context can be found here: https://github.com/grafana/grafana/pull/49131#issuecomment-1145456952
* add isPublic to dashboard
* refactor routes to use route group and add placeholder method for sharing apii
* add sharing pane and utils for public dashboard config to sharing modal
* Sharing modal now persists data through the api
* moves ShareDashboard endpoint to new file and starts adding tests
* generates mocks. Adds tests for public dashboard feature flag
* Adds ability to pass in array of features to enable for the test
* test to update public flag on dashboard WIP
* Adds mock for SaveDashboardSharingConfig
* Fixes tests. Had to use FakeDashboardService
* Adds React tests for public dashboards toggle
* removes semicolons
* refactors SharePublic component to use hooks
* rename from `share publicly` to `public dashboard config`
* checkpoint. debugging tests. need to verify name changes
* checkpoint. test bugs fixed. need to finish returning proper response codes
* finish renaming. fix test
* Update pkg/api/api.go
Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
* update backend url
* rename internal objects and commands. fix configuration modal labels
* add endpoint for retrieving public dashboard configuration and populate the frontend state from it
* add test for dashboardCanBePublic
* adds backend routes
* copy DashboardPage component into component for public dashboards. WIP
* adds react routes, and doesnt render main nav bar when viewing a public route
* removes extra react route from testing
* updates component name
* Wrap the original dashboard component so we can pass props relevant to public dashboards, turn kiosk mode on/off, etc
* Wraps DashboardPage in PublicDashboardPage component. DashboardPage gets rendered in kiosk mode when public prop is passed.
* removes commented out code from exploratory work
* Makes public dashboard routes require no auth
* extracts helper to own util file to check if were viewing a public page
* Hides panel dropdown when its being viewed publicly
* formatting
* use function from utils file for determining if publicly viewed. If public, hides app notifications, searchwrapper, and commandpalette.
* adds unit tests for util function used to see if page is being viewed publicly
* cant added annotations to panel when being publicly viewed
* removes useless comment
* hides backend and frontend pubdash routes behind feature flag
* consider feature flag when checking url path to see if on public dashboard
* renames function
* still render app notifications when in public view
* Extract pubdash route logic into own file
* fixes failing tests
* Determines path using location locationUtils. This covers the case when grafana is being hosted on a subpath. Updates tests.
* renames pubdash web route to be more understandable
* rename route
* fixes failing test
* fixes failing test. Needed to update pubdash urls
* sets flag on grafana boot config for if viewing public dashboard. Removes hacky check that looks at the url
* fixes failing tests. Uses config to determine if viewing public dashboard
* renders the blue panel timeInfo on public dashboard panel
* Extracts conditional logic for rendering components out into their own functions
* removes publicDashboardView check, and uses dashboard meta instead
* the timeInfo is always displayed on the panel
* After fetch of public dashboard dto, the meta isPublic flag gets set and used to determine if viewing public dashboard for child components. Fixes tests for PanelHeader.
* Fixes failing test. Needed to add isPublic flag to dashboard meta.
Co-authored-by: Jeff Levin <jeff@levinology.com>
Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
* update action names
* correctly retrieve teams for signed in user
* remove test
* undo swagger changes
* undo swagger changes pt2
* add migration from old action names to the new ones
* rename from list to read
* linting
* also update alertign actions
* fix migration
* backend/sqlstore split: remove unused GetDashboardPermissionsForUser from sqlstore
* remove debugging line
* backend/sqlstore: move dashboard permission related functions to dashboard service
* Add database migrations
* Use short uids as data key ids
* Add support for manual data key rotation
* Fix duplicated mutex unlocks
* Fix migration
* Manage current data keys per name
* Adjust key re-encryption and test
* Modify rename column migration for MySQL compatibility
* Refactor secrets manager and data keys cache
* Multiple o11y adjustments
* Fix stats query
* Apply suggestions from code review
Co-authored-by: Tania <yalyna.ts@gmail.com>
* Fix linter
* Docs: Rotate data encryption keys API endpoint
Co-authored-by: Tania <yalyna.ts@gmail.com>
adds toggle to make a dashboard public
* config struct for public dashboard config
* api endpoints for public dashboard configuration
* ui for toggling public dashboard on and off
* load public dashboard config on share modal
Co-authored-by: Owen Smallwood <owen.smallwood@grafana.com>
Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
* Refactor: Add UID endpoint for dashboard versions and restore
* Fix: User dashID instead of dash.id
* 💩
* Move apiCmd error handling outside of dashUID check
* fix the panic in test
* Fix handler and update docs
Co-authored-by: Kat Yang <yangkb09@users.noreply.github.com>
* Docs: add deprecated warning to restore and version docs
* Fix hyperlink text
* Add swagger endpoints for restore and versions
* Add deprecated tag on swagger for both endpoints
* Fix: Update access control to be dashboards
* Return UID in response; Update docs to reflect this; Implement Ying suggestion
* Update docs/sources/http_api/dashboard_versions.md
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Update pkg/models/dashboard_version.go
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Update pkg/models/dashboard_version.go
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Update query to refer to DashboardUID
Co-authored-by: Ying WANG <ying.wang@grafana.com>
Co-authored-by: Sofia Papagiannaki <sofia@grafana.com>
Co-authored-by: Kat Yang <yangkb09@users.noreply.github.com>
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Refactor: Add UID endpoint for get dashboard version
* Add initial docs language
* Add new endpoint in swagger
* Change access control to dashboards
* Add parameters to swagger endpoint
* Return UID in response; Update docs to reflect this; Implement Ying suggestion
* Update docs/sources/http_api/dashboard_versions.md
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Update pkg/api/api.go
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Update pkg/models/dashboard_version.go
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Rename UID to DashboardUID for clarity; use dashUID in method
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Add SQL filter for global user search
* Remove scope requirements from endpoints
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
* Move ApiKeyDTO to dtos package
* Add access control filter to api keys
* pass user in GetApiKeysQuery
* Add api key metadata to DTO
* Remove scope all requirement from get api keys endpoint
* Handle api key access control metadata in frondend
* use common traceID context value for opentracing and opentelemetry
* support sampled trace IDs as well
* inject traceID into NormalResponse on errors
* Finally the test passed
* fix the test
* fix linter
* change the function parameter
Co-authored-by: Ying WANG <ying.wang@grafana.com>
* AccessControl: Remove package variables for roles and grants
Co-authored-by: Jguer <joao.guerreiro@grafana.com>
* Check for inheritance during role registration
Co-authored-by: Jguer <joao.guerreiro@grafana.com>
* Moving back role definition to accessscontrol
* Make settings reader role public
Co-authored-by: Jguer <joao.guerreiro@grafana.com>
* Nits
Co-authored-by: Jguer <joao.guerreiro@grafana.com>
* Forgot to update this
* Account for declaration error
* Fixing pkg/api init ossac
* Account for error in tests
* Update test to verify inheritance
* Nits.
* Place br inheritance behind a feature toggle
* Parent -> Parents
* Nit.
Co-authored-by: Jguer <joao.guerreiro@grafana.com>
* Clean up orgId when user organization is removed
* Add a test for removing user org
* Fix linting errors
* Update comment
* Fix linting errors
* Make removing user org more explicit
* use uid:s for folder and dashboard permissions
* evaluate folder and dashboard permissions based on uids
* add dashboard.uid to accept list
* Check for exact suffix
* Check parent folder on create
* update test
* drop dashboard:create actions with dashboard scope
* fix typo
* AccessControl: test id 0 scope conversion
* AccessControl: store only parent folder UID
* AccessControl: extract general as a constant
* FolderServices: Prevent creation of a folder uid'd general
* FolderServices: Test folder creation prevention
* Update pkg/services/guardian/accesscontrol_guardian.go
* FolderServices: fix mock call expect
* FolderServices: remove uneeded mocks
Co-authored-by: jguer <joao.guerreiro@grafana.com>
* Data sources: Sent user ID when creating data source
* Data sources: Grant a data source creator edit permissions
* Use edit permisison and only append if user id is in command
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
* First attempt at creating new navbar_preferences table in db
* Apply to every nav item instead of just home
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* Chore: introduce initTestDB options for features
* fix unit tests
* Add another unit test and some logic for detecting if a preference already exists
* tidy up
* Only override IsFeatureToggleEnabled if it's defined
* Extract setNavPreferences out into it's own function, initialise features correctly
* Make the linter happy
* Use new structure
* user essentials mob! 🔱
* user essentials mob! 🔱
* Split NavbarPreferences from Preferences
* user essentials mob! 🔱
* user essentials mob! 🔱
* Fix lint error
* Start adding tests
* Change internal db structure to be a generic json object
* GetJsonData -> GetPreferencesJsonData
* Stop using simplejson + add some more unit tests
* Update pkg/api/preferences.go
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* Updates following review comments
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* Change patch to upsert, add a unit test
* remove commented out code
* introduce patch user/org preferences methods
* Return Navbar preferences in the get call
* Fix integration test by instantiating JsonData
* Address review comments
* Rename HideFromNavbar -> Hide
* add swagger:model comment
* Add patch to the preferences documentation
* Add openapi annotations
* Add a short description
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* Update unit tests
* remove unneeded url
* remove outdated comment
* Update integration tests
* update generated swagger
Co-authored-by: Alexandra Vargas <alexa1866@gmail.com>
Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* ServiceAccounts: remove unused endpoint
* ServiceAccounts: remove usage of getOrgUsers from service accounts
* use dialect for boolean str true in delete
* return service account results directly
* Move Service Account Deletions to sa package
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
Co-authored-by: gamab <gabi.mabs@gmail.com>
* Move service account methods to service accounts
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
Co-authored-by: gamab <gabi.mabs@gmail.com>
* Service accounts should not interfere with users
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* filter service accounts in user services
* mispell fix
* fix overextended lines
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* fix variable
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
Co-authored-by: gamab <gabi.mabs@gmail.com>
* adds an api endpoint for use with public dashboards that validates orgId, dashboard, and panel when running a query. This feature is in ALPHA and should not be enabled yet. Testing is based on new mock sqlstore.
Co-authored-by: Jesse Weaver <jesse.weaver@grafana.com>
Co-authored-by: Leandro Deveikis <leandro.deveikis@gmail.com>
* Add missing OK option to models
* add ok to legacy legacy UI does not support it but it is possible to do so via provisioning.
* use enums in migration so linter would catch missing cases
* ServiceAccounts: Fix token-apikey cross deletion
* ServiceAccounts: separate API key store and service account token store
* ServiceAccounts: hide service account tokens from API Keys page
* ServiceAccounts: uppercase statement
* ServiceAccounts: fix and add new tests for SAT store
* ServiceAccounts: remove service account ID from add API key
* ServiceAccounts: clear up errors
* ServiceAccounts: respect js casing and small fixes to displayed values
* ServiceAccounts: fix typos on service account
* ServiceAccounts: fix missing orgID in service account
* ServiceAccounts: Small fixes to dtos for profile
* ServiceAccounts: use result org id
* ServiceAccounts: return value is always nil
* Add providers to folder and dashboard services
* Refactor folder and dashboard services
* Move store implementation to its own file due wire cannot allow us to cast to SQLStore
* Add store in some places and more missing dependencies
* Bad merge fix
* Remove old functions from tests and few fixes
* Fix provisioning
* Remove store from http server and some test fixes
* Test fixes
* Fix dashboard and folder tests
* Fix library tests
* Fix provisioning tests
* Fix plugins manager tests
* Fix alert and org users tests
* Refactor service package and more test fixes
* Fix dashboard_test tets
* Fix api tests
* Some lint fixes
* Fix lint
* More lint :/
* Move dashboard integration tests to dashboards service and fix dependencies
* Lint + tests
* More integration tests fixes
* Lint
* Lint again
* Fix tests again and again anda again
* Update searchstore_test
* Fix goimports
* More go imports
* More imports fixes
* Fix lint
* Move UnprovisionDashboard function into dashboard service and remove bus
* Use search service instead of bus
* Fix test
* Fix go imports
* Use nil in tests
* AccessControl: Filter team members
* Modify GetTeamMembersByUser comment
* Fix postgres failing test due to quoting
* Rename GetTeamMembersByUser to GetUserTeamMemberships
* Update TeamStore interface
* * Teams: Appropriately apply user id filter in /api/teams/:id and /api/teams/search
* Teams: Ensure that users searching for teams are only able see teams they have access to
* Teams: Require teamGuardian admin privileges to list team members
* Teams: Prevent org viewers from administering teams
* Teams: Add org_id condition to team count query
* Teams: clarify permission requirements in teams api docs
* Teams: expand scenarios for team search tests
* Teams: mock teamGuardian in tests
Co-authored-by: Dan Cech <dcech@grafana.com>
* remove duplicate WHERE statement
* Fix for CVE-2022-21702
(cherry picked from commit 202d7c190082c094bc1dc13f7fe9464746c37f9e)
* Lint and test fixes
(cherry picked from commit 3e6b67d5504abf4a1d7b8d621f04d062c048e981)
* check content type properly
(cherry picked from commit 70b4458892bf2f776302720c10d24c9ff34edd98)
* basic csrf origin check
(cherry picked from commit 3adaa5ff39832364f6390881fb5b42ad47df92e1)
* compare origin to host
(cherry picked from commit 5443892699e8ed42836bb2b9a44744ff3e970f42)
* simplify url parsing
(cherry picked from commit b2ffbc9513fed75468628370a48b929d30af2b1d)
* check csrf for GET requests, only compare origin
(cherry picked from commit 8b81dc12d8f8a1f07852809c5b4d44f0f0b1d709)
* parse content type properly
(cherry picked from commit 16f76f4902e6f2188bea9606c68b551af186bdc0)
* mentioned get in the comment
(cherry picked from commit a7e61811ef8ae558ce721e2e3fed04ce7a5a5345)
* add content-type: application/json to test HTTP requests
* fix pluginproxy test
* Fix linter when comparing errors
Co-authored-by: Kevin Minehart <kmineh0151@gmail.com>
Co-authored-by: Dan Cech <dcech@grafana.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Co-authored-by: Serge Zaitsev <serge.zaitsev@grafana.com>
Co-authored-by: Vardan Torosyan <vardants@gmail.com>
* add SQL migrations
* dashboard previews from sql: poc
* added todos
* refactor: use the same enums where possible
* use useEffect, always return json
* added todo
* refactor + delete files after use
* refactor + fix manual thumbnail upload
* refactor: move all interactions with sqlStore to thumbnail repo
* refactor: remove file operations in thumb crawler/service
* refactor: fix dashboard_thumbs sql store
* refactor: extracted thumbnail fetching/updating to a hook
* refactor: store thumbnails in redux store
* refactor: store thumbnails in redux store
* refactor: private'd repo methods
* removed redux storage, saving images as blobs
* allow for configurable rendering timeouts
* added 1) query for dashboards with stale thumbnails, 2) command for marking thumbnails as stale
* use sql-based queue in crawler
* ui for marking thumbnails as stale
* replaced `stale` boolean prop with `state` enum
* introduce rendering session
* compilation errors
* fix crawler stop button
* rename thumbnail state frozen to locked
* #44449: fix merge conflicts
* #44449: remove thumb methods from `Store` interface
* #44449: clean filepath, defer file closing
* #44449: fix rendering.Theme cyclic import
* #44449: linting
* #44449: linting
* #44449: mutex'd crawlerStatus access
* #44449: added integration tests for `sqlstore.dashboard_thumbs`
* #44449: added comments to explain the `ThumbnailState` enum
* #44449: use os.ReadFile rather then os.Open
* #44449: always enable dashboardPreviews feature during integration tests
* #44449: remove sleep time, adjust number of threads
* #44449: review fix: add `orgId` to `DashboardThumbnailMeta`
* #44449: review fix: automatic parsing of thumbnailState
* #44449: lint fixes
* #44449: review fix: prefer `WithDbSession` over `WithTransactionalDbSession`
* #44449: review fix: add a comment explaining source of the filepath
* #44449: review fix: added filepath validation
* #44449: review fixes https://github.com/grafana/grafana/pull/45063/files @fzambia
Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
Co-authored-by: Alexander Emelin <frvzmb@gmail.com>
* API: Using go-swagger for extracting OpenAPI specification from source code
* Merge Grafana Alerting spec
* Include enterprise endpoints (if enabled)
* Serve SwaggerUI under feature flag
* Fix building dev docker images
* Configure swaggerUI
* Add missing json tags
Co-authored-by: Ying WANG <ying.wang@grafana.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* ServiceAccounts: move token handlers to specific file
* ServiceAccounts: move Add API key to Service account
* APIKeys: api keys can still be used even when service accounts are enabled
* APIKeys: legacy endpoint can't be used to add SA tokens
* ServiceAccount: add tests for creation with nil and non-nil service account ids
* ServiceAccounts: fix unnasigned cfg and AC typo
* Test: test service account token adding
* fix linting error
* ServiceAccounts: Handle Token deletion
* rename token funcs
* rename token funcs and api wrapping
* add token deletion tests
* review
Co-authored-by: eleijonmarck <eric.leijonmarck@gmail.com>
* remove bus
* Update pkg/api/apikey.go
Co-authored-by: eleijonmarck <eric.leijonmarck@gmail.com>
* AccessControl: Change teams permissions page when frontend is hit
* Implement frontend changes for group sync
* Changing the org/teams/edit permissions
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
* Fixing routes
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
* Use props straight away no need to go through the state
Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>
* Update public/app/features/teams/TeamPages.tsx
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>
* checks for empty URLs added
* check for TimeSeriesTypeNot to fix InfluxDB alerts
* log a warning when a data frame is ignored
* fix: add brittle Prometheus URL input selector
needs a proper aria-label or test-data-id selector
* test: add URL input aria-label
needs to use the grafana/e2e-selectors package
* test: run ci
* add URL validation for specific data sources, e2e tests
* Update pkg/api/datasource/validation.go
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* delete duplicated logs
* delete unnecessary leading newline
Co-authored-by: gillesdemey <gilles.de.mey@gmail.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
