* Allow oauth email attribute name to be configurable
Signed-off-by: Bob Shannon <bshannon@palantir.com>
* Document e-mail determination steps for generic oauth
* Add reference to email_attribute_name
* Re-add e-mail determination docs to new generic-oauth page
* Inherit default e-mail attribute from defaults.ini
* auth: never authenticate passwords shorter than 4 chars.
* auth: refactoring password length check.
* auth: does not authenticate when password is empty.
* auth: removes unneccesary change.
* improve remote image rendering
- determine "domain" during Init() so we are not re-parsing settings
on every request
- if using http-mode via a rednererUrl, then use the AppUrl for the
page that the renderer loads. When in http-mode the renderer is likely
running on another server so trying to use the localhost or even the
specific IP:PORT grafana is listening on wont work.
- apply the request timeout via a context rather then directly on the http client.
- use a global http client so we can take advantage of connection re-use
- log and handle errors better.
* ensure imagesDir exists
* allow users to define callback_url for remote rendering
- allow users to define the url that a remote rendering service
should use for connecting back to the grafana instance.
By default the "root_url" is used.
* improve remote image rendering
- determine "domain" during Init() so we are not re-parsing settings
on every request
- if using http-mode via a rednererUrl, then use the AppUrl for the
page that the renderer loads. When in http-mode the renderer is likely
running on another server so trying to use the localhost or even the
specific IP:PORT grafana is listening on wont work.
- apply the request timeout via a context rather then directly on the http client.
- use a global http client so we can take advantage of connection re-use
- log and handle errors better.
* ensure imagesDir exists
* allow users to define callback_url for remote rendering
- allow users to define the url that a remote rendering service
should use for connecting back to the grafana instance.
By default the "root_url" is used.
* rendering: fixed issue with renderKey where userId and orgId was in mixed up, added test for RenderCallbackUrl reading logic
* Reopen log files after receiving a SIGHUP signal
Implements a system signals listener in log.FileLogWriter.
After receiving a SIGHUP signal from the system, the listener will close the current log file and then open it again.
The listener will finishes after receiving a SIGINT, SIGKILL or SIGTERM signal.
Closesgrafana/grafana#2497
* Move the SIGHUP handling to the main file
Allows for dynamic urls for plugin routes. There are a few plugins
where the route url should be configurable and this change allows
using jsonData fields in the url field for a route in the
plugin.json file for a plugin.
Set `BasicUserInfo.Id` in the value returned by
`SocialGitlab.UserInfo()`, in case the email address of the user changes
in GitLab. That way, the user association won't be lost in Grafana.
GitLab could already be used as an authentication backend by properly
configuring `auth.generic_oauth`, but then there was no way to authorize
users based on their GitLab group membership.
This commit adds a `auth.gitlab` backend, similar to `auth.github`, with
an `allowed_groups` option that can be set to a list of groups whose
members should be allowed access to Grafana.
