Commit Graph

67 Commits

Author SHA1 Message Date
Sofia Papagiannaki
7dbcd5ecd0
NestedFolders: Return full folder hierarchy in Folder response (#66835)
* Delete redundant struct

* Include parent folders in DTO

* Add test

* Update swagger
2023-04-25 11:22:20 +03:00
Ieva
5d7433d820
RBAC: Make access control metadata for folders work with nested folders (#66464)
* remove metadata for single folder listing

* extendTests

* remove ac metadata from dash and folder search results

* remove test

* remove one more test

* put ac metadata back for single folder API responses

* extend tests

* remove ac metadata from folder frontend object

* undo unneeded change

* PR feedback

Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>

---------

Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
2023-04-21 15:05:11 +01:00
Sofia Papagiannaki
c65cd5833a
Nested folders: Fix move (#65526)
* Nested Folders: Fix move response

Fix JSON tags to be consistent with the GET endpoint

* Add API test for moving to root folder

* Allow move to root folder

* Fix failure message

* Update OpenAPI specification
2023-03-30 11:46:11 +03:00
Ieva
7860ca6c3d
RBAC: protect folder creation and moving (#64636)
* protect moving folders to a subfolder and creating folders in a subfolder

* folder update endpoint isn't used for folder parent update

* lint

* move permission check logic to services, fix tests

* linting
2023-03-20 11:04:22 +00:00
Jo
6b6cf5f4b7
Cfg: Move ViewersCanEdit into cfg (#64876)
move ViewersCanEdit into cfg
2023-03-16 10:54:01 +01:00
Ryan McKinley
b1e58eb47e
Chore: Replace short UID generation with more standard UUIDs (#62731) 2023-02-06 20:44:37 -05:00
Ieva
ee3d742c7d
RBAC: inherit folder permissions when resolving managed permissions (#62244)
* add nested folder scope inheritance to managed permission services

* add a more specific erorr

* remove circular dependencies

* use errutil for returning erorr

* fix tests

* fix tests

* define a new error in ac package
2023-01-30 14:19:42 +00:00
idafurjes
3bda112c5f
Chore: Move search model from models package to search service (#62215)
* Chore: Move search model from models package to search service

* Remove unused imports

* Cleanup after merge
2023-01-30 15:17:53 +01:00
idafurjes
6c5a573772
Chore: Move ReqContext to contexthandler service (#62102)
* Chore: Move ReqContext to contexthandler service

* Rename package to contextmodel

* Generate ngalert files

* Remove unused imports
2023-01-27 08:50:36 +01:00
idafurjes
b54b80f473
Chore: Remove Result from dashboard models (#61997)
* Chore: Remove Result from dashboard models

* Fix lint tests

* Fix dashboard service tests

* Fix API tests

* Remove commented out code

* Chore: Merge main - cleanup
2023-01-25 10:36:26 +01:00
idafurjes
421976e919
Chore: Remove folders from models pkg (#61853) 2023-01-25 09:14:32 +01:00
Sofia Papagiannaki
c7a7ebd3e0
Chore: Drop search service dependency from folder service (#61789)
* Chore: Drop search service dependency from folder service
2023-01-23 14:09:09 +02:00
idafurjes
68445a7c77
Chore: Remove dashboard ACL from models (#61749)
* Remove dashboard ACL from models

* Remove unused comment
2023-01-20 14:58:47 +01:00
Serge Zaitsev
fa36591380
Chore: Remove mockstore and use dbtest instead (#61629)
* remove mockstore and use dbtest instead

* fix wire

* remove unused expected fields

* fix more tests in alerting

* fix api tests
2023-01-18 16:01:25 +01:00
idafurjes
7c2522c477
Chore: Move dashboard models to dashboard pkg (#61458)
* Copy dashboard models to dashboard pkg

* Use some models from current pkg instead of models

* Adjust api pkg

* Adjust pkg services

* Fix lint
2023-01-16 16:33:55 +01:00
Sofia Papagiannaki
55b014974d
Nested folders: Refactor folder update (#60323)
* Nested folders: Refactor folder update

* Apply suggestions from code review
2022-12-20 15:00:33 +02:00
Sofia Papagiannaki
b1ef5ab320
Nested Folders: Support listing nested folder children (#58566)
* Nested Folders: Support listing nested folder children

* Filter out subfolders with no permissions

* Apply suggestion from code review
2022-12-19 10:52:04 +02:00
Sofia Papagiannaki
11d8bcbea9
Guardian: Introduce additional constructors (#59577)
* Guardian: Use dashboard UID instead of ID

* Apply suggestions from code review

Introduce several guardian constructors and each time use
the most appropriate one.
2022-12-15 16:34:17 +02:00
Ieva
a8bae3f0b0
Access Control: Clear user's permission cache after resource creation (#59101)
* refresh user's permission cache after resource creation

* clear the cache instead of reloading the permissions

* don't error if can't clear cache

* fix tests

* fix tests again
2022-11-24 14:38:55 +00:00
Sofia Papagiannaki
9855e74b92
Chore: Refactor quota service (#58643)
Chore: Refactor quota service (#57586)

* Chore: refactore quota service

* Apply suggestions from code review
2022-11-14 21:08:10 +02:00
idafurjes
080ea88af7
Nested Folders: Support getting of nested folder in folder service wh… (#58597)
* Nested Folders: Support getting of nested folder in folder service when feature flag is set

* Fix lint

* Fix some tests

* Fix ngalert test

* ngalert fix

* Fix API tests

* Fix some tests and lint

* Fix lint 2

* Fix library elements and panels

* Add access control to get folder

* Cleanup and minor test change
2022-11-11 14:28:24 +01:00
Sofia Papagiannaki
bf5a08e039
API: Support creating a nested folder (#58508)
* API: Support nested folder creation

* Update swagger

* fixup

* Update pkg/api/dtos/folder.go

Co-authored-by: Serge Zaitsev <serge.zaitsev@grafana.com>

* Fix some tests

* create legacy folder url from title and uid

Co-authored-by: idafurjes <36131195+idafurjes@users.noreply.github.com>
Co-authored-by: Serge Zaitsev <serge.zaitsev@grafana.com>
Co-authored-by: Ida Furjesova <ida.furjesova@grafana.com>
2022-11-10 04:41:03 -05:00
ying-jeanne
accb4dea55
[Nested Folder] Delete folder methode (#58444)
* transfer DeleteFolder changes from larger PR

* finish some thingies

* add the simplest delete logics

* some intermedia steps

* fix tests

* add test

* fix some comments

Co-authored-by: yangkb09 <yangkb09@gmail.com>
2022-11-10 03:42:32 -05:00
Sofia Papagiannaki
96cdf77995
Revert "Chore: Refactor quota service (#57586)" (#58394)
This reverts commit 326ea86a57.
2022-11-08 11:52:07 +02:00
Sofia Papagiannaki
326ea86a57
Chore: Refactor quota service (#57586)
* Chore: refactore quota service

* Apply suggestions from code review
2022-11-08 10:25:34 +02:00
Serge Zaitsev
53baecd71f
Chore: Move folder service into a separate package (#56591)
* Chore: move folder service interface into a separate package

* copy implementation into a standalone package

* move implementation and tests to the new folder package

* remove leftovers from wire

* add test doubles for folder service

* fix tests in library panels/elements

* fix provideservice in ngalert
2022-10-10 21:47:53 +02:00
Serge Zaitsev
305d494902
Chore: Switch over to team.Service instead of sqlstore (#55497)
* switch to using team service

* trying to fix tests

* more tests to fix

* add missing teamtest package
2022-09-20 18:58:04 +02:00
idafurjes
a14621fff6
Chore: Add user service method SetUsingOrg and GetSignedInUserWithCacheCtx (#53343)
* Chore: Add user service method SetUsingOrg

* Chore: Add user service method GetSignedInUserWithCacheCtx

* Use method GetSignedInUserWithCacheCtx from user service

* Fix lint after rebase

* Fix lint

* Fix lint error

* roll back some changes

* Roll back changes in api and middleware

* Add xorm tags to SignedInUser ID fields
2022-08-11 13:28:55 +02:00
idafurjes
6afad51761
Move SignedInUser to user service and RoleType and Roles to org (#53445)
* Move SignedInUser to user service and RoleType and Roles to org

* Use go naming convention for roles

* Fix some imports and leftovers

* Fix ldap debug test

* Fix lint

* Fix lint 2

* Fix lint 3

* Fix type and not needed conversion

* Clean up messages in api tests

* Clean up api tests 2
2022-08-10 11:56:48 +02:00
idafurjes
f5cace8bbd
Rename Acl to ACL (#52342)
* Rename Acl to ACL

* Fix yaml files

* Add xorm tags and fix test
2022-07-18 15:14:58 +02:00
idafurjes
17ec9cac83
Add delete user from other services/stores (#51912)
* Remove user from preferences, stars, orguser, team member

* Fix lint

* Add Delete user from org and dashboard acl

* Delete user from user auth

* Add DeleteUser to quota

* Add test files and adjust user auth store

* Rename package in wire for user auth

* Import Quota Service interface in other services

* do the same in tests

* fix lint tests

* Fix tests

* Add some tests

* Rename InsertUser and DeleteUser to InsertOrgUser and DeleteOrgUser

* Rename DeleteUser to DeleteByUser in quota

* changing a method name in few additional places

* Fix in other places

* Fix lint

* Fix tests

* Rename DeleteOrgUser to DeleteUserFromAll

* Update pkg/services/org/orgimpl/org_test.go

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>

* Update pkg/services/preference/prefimpl/inmemory_test.go

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>

* Rename Acl to ACL

* Fix wire after merge with main

* Move test to uni test

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
2022-07-15 18:06:44 +02:00
Kristin Laemmert
9de00c8eb2
chore/backend: move dashboard errors to dashboard service (#51593)
* chore/backend: move dashboard errors to dashboard service

Dashboard-related models are slowly moving out of the models package and into dashboard services. This commit moves dashboard-related errors; the rest will come in later commits.

There are no logical code changes, this is only a structural (package) move.

* lint lint lint
2022-06-30 09:31:54 -04:00
Víctor Martínez Bevià
a7f1ca133e
Init legacy guardian when creating folder scenario (#50800) 2022-06-28 11:09:25 +03:00
Karl Persson
2698e37291
RBAC: Add access control metadata to folder dtos (#51158)
* RBAC: Add access control metadata to Folder dto

* Add access control metadata to folder dto response

* Add test to verify that access control metadata is attached

* Attach access control metadata to multiple folders

* Add access control metadata to frontend folder dto
2022-06-22 10:29:26 +02:00
Serge Zaitsev
e86b6662a1
Chore: Remove bus.Bus field (#47695)
* Chore: Remove bus.Bus field

* fix integration test
2022-04-13 15:24:13 +02:00
Serge Zaitsev
18e93c7077
Chore: Remove bus (#47511)
* Chore: Remove bus

* remove unused const
2022-04-08 16:15:06 +02:00
Karl Persson
4982ca3b1d
Access control: Use access control for dashboard and folder (#44702)
* Add actions and scopes

* add resource service for dashboard and folder

* Add dashboard guardian with fgac permission evaluation

* Add CanDelete function to guardian interface

* Add CanDelete property to folder and dashboard dto and set values

* change to correct function name

* Add accesscontrol to folder endpoints

* add access control to dashboard endpoints

* check access for nav links

* Add fixed roles for dashboard and folders

* use correct package

* add hack to override guardian Constructor if accesscontrol is enabled

* Add services

* Add function to handle api backward compatability

* Add permissionServices to HttpServer

* Set permission when new dashboard is created

* Add default permission when creating new dashboard

* Set default permission when creating folder and dashboard

* Add access control filter for dashboard search

* Add to accept list

* Add accesscontrol to dashboardimport

* Disable access control in tests

* Add check to see if user is allow to create a dashboard

* Use SetPermissions

* Use function to set several permissions at once

* remove permissions for folder and dashboard on delete

* update required permission

* set permission for provisioning

* Add CanCreate to dashboard guardian and set correct permisisons for
provisioning

* Dont set admin on folder / dashboard creation

* Add dashboard and folder permission migrations

* Add tests for CanCreate

* Add roles and update descriptions

* Solve uid to id for dashboard and folder permissions

* Add folder and dashboard actions to permission filter

* Handle viewer_can_edit flag

* set folder and dashboard permissions services

* Add dashboard permissions when importing a new dashboard

* Set access control permissions on provisioning

* Pass feature flags and only set permissions if access control is enabled

* only add default permissions for folders and dashboards without folders

* Batch create permissions in migrations


* Remove `dashboards:edit` action

* Remove unused function from interface

* Update pkg/services/guardian/accesscontrol_guardian_test.go

Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
2022-03-03 15:05:47 +01:00
Selene
d5b98772ed
Dashboards: Refactor service to make it injectable by wire (#44588)
* Add providers to folder and dashboard services

* Refactor folder and dashboard services

* Move store implementation to its own file due wire cannot allow us to cast to SQLStore

* Add store in some places and more missing dependencies

* Bad merge fix

* Remove old functions from tests and few fixes

* Fix provisioning

* Remove store from http server and some test fixes

* Test fixes

* Fix dashboard and folder tests

* Fix library tests

* Fix provisioning tests

* Fix plugins manager tests

* Fix alert and org users tests

* Refactor service package and more test fixes

* Fix dashboard_test tets

* Fix api tests

* Some lint fixes

* Fix lint

* More lint :/

* Move dashboard integration tests to dashboards service and fix dependencies

* Lint + tests

* More integration tests fixes

* Lint

* Lint again

* Fix tests again and again anda again

* Update searchstore_test

* Fix goimports

* More go imports

* More imports fixes

* Fix lint

* Move UnprovisionDashboard function into dashboard service and remove bus

* Use search service instead of bus

* Fix test

* Fix go imports

* Use nil in tests
2022-02-16 14:15:44 +01:00
Dimitris Sotirakis
605d056136
Security: Sync security changes on main (#45083)
* * Teams: Appropriately apply user id filter in /api/teams/:id and /api/teams/search
* Teams: Ensure that users searching for teams are only able see teams they have access to
* Teams: Require teamGuardian admin privileges to list team members
* Teams: Prevent org viewers from administering teams
* Teams: Add org_id condition to team count query
* Teams: clarify permission requirements in teams api docs
* Teams: expand scenarios for team search tests
* Teams: mock teamGuardian in tests

Co-authored-by: Dan Cech <dcech@grafana.com>

* remove duplicate WHERE statement

* Fix for CVE-2022-21702

(cherry picked from commit 202d7c190082c094bc1dc13f7fe9464746c37f9e)

* Lint and test fixes

(cherry picked from commit 3e6b67d5504abf4a1d7b8d621f04d062c048e981)

* check content type properly

(cherry picked from commit 70b4458892bf2f776302720c10d24c9ff34edd98)

* basic csrf origin check

(cherry picked from commit 3adaa5ff39832364f6390881fb5b42ad47df92e1)

* compare origin to host

(cherry picked from commit 5443892699e8ed42836bb2b9a44744ff3e970f42)

* simplify url parsing

(cherry picked from commit b2ffbc9513fed75468628370a48b929d30af2b1d)

* check csrf for GET requests, only compare origin

(cherry picked from commit 8b81dc12d8f8a1f07852809c5b4d44f0f0b1d709)

* parse content type properly

(cherry picked from commit 16f76f4902e6f2188bea9606c68b551af186bdc0)

* mentioned get in the comment

(cherry picked from commit a7e61811ef8ae558ce721e2e3fed04ce7a5a5345)

* add content-type: application/json to test HTTP requests

* fix pluginproxy test

* Fix linter when comparing errors

Co-authored-by: Kevin Minehart <kmineh0151@gmail.com>
Co-authored-by: Dan Cech <dcech@grafana.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Co-authored-by: Serge Zaitsev <serge.zaitsev@grafana.com>
Co-authored-by: Vardan Torosyan <vardants@gmail.com>
2022-02-09 13:44:38 +01:00
Serge Zaitsev
d9cdcb550e
Chore: Refactor api handlers to use web.Bind (#42199)
* Chore: Refactor api handlers to use web.Bind

* fix comments

* fix comment

* trying to fix most of the tests and force routing.Wrap type check

* fix library panels tests

* fix frontend logging tests

* allow passing nil as a response to skip writing

* return nil instead of the response

* rewrite login handler function types

* remove handlerFuncCtx

* make linter happy

* remove old bindings from the libraryelements

* restore comments
2021-11-29 10:18:01 +01:00
Marcus Efraimsson
fa9857499b
Chore: GetDashboardQuery should be dispatched using DispatchCtx (#36877)
* Chore: GetDashboardQuery should be dispatched using DispatchCtx

* Fix after merge

* Changes after review

* Various fixes

* Use GetDashboardCtx function instead of GetDashboard
2021-09-14 16:08:04 +02:00
Sofia Papagiannaki
b96dd1877c
Folder API: optionally force deleting Grafana 8 alerts when deleting a folder (or error) (#36427)
* Folder API: Add an optional query parameter for allowing deleting a  folder containing rules

* Update frontend

- Set forceDeleteRules=true when frontend deletes a folder
- Improve modal text

* Update docs

* Apply suggestions from code review

Co-authored-by: gotjosh <josue@grafana.com>
Co-authored-by: Nathan Rodman <nathanrodman@gmail.com>
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
2021-07-22 12:27:13 +03:00
Sofia Papagiannaki
7815ed511f
Alerting: Refactor API endpoints for fetching alert rules (#37055)
* Refactor ruler API endpoint for listing rules

* Refactor prometheus API endpoint for listing rules

* Update HTTP API docs
2021-07-22 09:53:14 +03:00
Dimitris Sotirakis
a18d3007a7
Folders: Return 409 Conflict status when folder already exists (#36429)
* Return 409 Conflict when trying to post folder that already exists

* Fix tests

* Update documentation for new error message in folders api
2021-07-06 11:11:29 +02:00
Arve Knudsen
87c3a2b790
PluginManager: Make Plugins, Renderer and DataSources non-global (#31866)
* PluginManager: Make Plugins and DataSources non-global

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix integration tests

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Replace outdated command

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* DashboardService: Ensure it gets constructed with necessary parameters

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix build

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* DashboardService: Ensure it gets constructed with necessary parameters

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Remove dead code

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix test

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix test

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Remove FocusConvey

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix test

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Remove dead code

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Undo interface changes

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Backend: Move tsdbifaces.RequestHandler to plugins.DataRequestHandler

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Rename to DataSourceCount

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Consolidate dashboard interfaces into one

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix tests

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix tests

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix test

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix tests

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix tests

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix tests

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix tests

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix dashboard integration tests

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-03-17 16:06:10 +01:00
Hugo Häggmark
3d41267fc4
Chore: Moves common and response into separate packages (#30298)
* Chore: moves common and response into separate packages

* Chore: moves common and response into separate packages

* Update pkg/api/utils/common.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Chore: changes after PR comments

* Chore: move wrap to routing package

* Chore: move functions in common to response package

* Chore: move functions in common to response package

* Chore: formats imports

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-01-15 14:43:20 +01:00
Arve Knudsen
cb62e69997
Chore: Convert API tests to standard Go lib (#29009)
* Chore: Convert tests to standard Go lib

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
2020-11-13 09:52:38 +01:00
gastonqiu
f427f90a45
Chore: Aggregate save dashboard error (#26443)
* Chore: Aggregate save dashboard error
* Use errors package for error detection

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>
2020-07-21 11:12:01 +02:00
Arve Knudsen
3651a8e976
Chore: Disable scopelint for tests (#25923)
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-06-30 11:05:47 +02:00
Arve Knudsen
d1e6214a4a
Chore: Enable scopelint Go linter (#25896)
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-06-29 17:04:38 +02:00