* Quota: Extend service to set limit on alerts
* Add test for applying quota to alert rules
* Apply suggestions from code review
Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
* Get used alert quota only if naglert is enabled
* Set alert limit to zero if nglalert is not enabled
Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
A set of fixes for the GET alert and groups endpoints.
- First, is the fact that the default values where not being for the query params. I've introduced a new method in the Grafana context that allow us to do this.
- Second, is the fact that alerts were never being transitioned to active. To my surprise this is actually done by the inhibitor in the pipeline - if an alert is not muted, or inhibited then it's active.
- Third, I have added an integration test to cover for regressions.
Signed-off-by: Josue Abreu <josue@grafana.com>
* Chore: Collect elasticsearch version usage stats
* Fix lint error
* use GetDataSources from sqlstore
* Apply review suggestions
* Return error if datasource type is not specified
* Update pkg/services/sqlstore/datasource.go
* fix undefined var
* Add revoked_at field to user auth token to allow soft revokes
* Allow soft token revocations
* Update token revocations and tests
* Return error info on revokedTokenErr
* Override session cookie only when no revokedErr nor API request
* Display modal on revoked token error
* Feedback: Refactor TokenRevokedModal to FC
* Add GetUserRevokedTokens into UserTokenService
* Backendsrv: adds tests and refactors soft token path
* Apply feedback
* Write redirect cookie on token revoked error
* Update TokenRevokedModal style
* Return meaningful error info
* Some UI changes
* Update backend_srv tests
* Minor style fix on backend_srv tests
* Replace deprecated method usage to publish events
* Fix backend_srv tests
* Apply suggestions from code review
Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>
Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com>
* Apply suggestions from code review
* Apply suggestions from code review
Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com>
* Minor style fix after PR suggestion commit
* Apply suggestions from code review
Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>
* Prettier fixes
Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com>
Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>
Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>
* Introduce PluginRequestValidator abstraction with a NoOp implementation
* Update PluginRequestValidator abstraction to use the dsURL instead
* Inject PluginRequestValidator into the HTTPServer and validate requests going through data source proxy
* Inject PluginRequestValidator into the BackendPluginManager and validate requests going through it
* Validate requests going through QueryMetrics & QueryMetricsV2
* Validate BackendPluginManager health requests
* Fix backend plugins manager tests
* Validate requests going through alerting service
* Fix tests
* fix tests
* goimports
Co-authored-by: Leonard Gram <leo@xlson.com>
* CDN: Initial poc support for serving assets over a CDN
* Minor fix
* added build path and test
* fix lint error
* Added edition to cdn path
* Move master builds to a separate path
* Added error handling for the url parsing, changed setting name, and added docs
* Updated sample.ini
* Some property renames
* updated
* Minor update to html
* index template improvements
* Update docs/sources/administration/configuration.md
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
* Update docs/sources/administration/configuration.md
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
* Added ContentDeliveryPrefix to Licence service
* updated docs
* Updated test mock
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
* Usage Stats: Remove unused method for getting user stats
This was used in enterprise codebase, but is not longer in use, thus can be safely removed.
* Force refresh user stats in tests
* Auth: add error for expired token
* Auth: save token error into context data
* Auth: send full user and req context to CreateToken
* Auth: add token ID in context
* add TokenExpiredError struct
* update auth tests
* remove most of the changes to CreateToken func
* clean up
* Login: add requestURI in CreateToken ctx
* update RequestURIKey comment
Replace hard-coded `GF_ENTERPRISE_LICENSE_TEXT` with a
`map[string]string` to allow the licensing service to allow sending any
environment variable through to the plugins for licensing purposes.
* Auth: Add Content-Type to SigV4 header allowlist
* add MT headers to permitted headers
* add Kibana API header to allowlist
* add Content-Length header to allow list
* SQLStore: customise the limit of retrieved datasources per organisation
* update all suggestions regarding nil or 0 as default
* Apply suggestions from code review
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* correct default.ini description + adding unittest
* Apply suggestions from code review
Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>
* modify unittest name
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>
* Add fake TeamSyncService
* Change SyncTeams dispatch to direct method call
* Remove SyncTeamsCommand struct
* Move TeamSyncService to a separate package
* Remove context from SyncTeams args
* Add comments to teamsyncgroup package
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* Replace TeamSyncService with TeamSyncFunc
* Remove unnecessary error check
* Add a test
* Fix test input
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* middleware: Move context handler to own service
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
Co-authored-by: Emil Tullsted <sakjur@users.noreply.github.com>
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
* DataSourceSettings: Add servername field to DataSource TLS config
A DNS lookup URL can be provided in the DataSource URL field in order
to dynamically load balance between multiple instances of a DataSource.
When using mutual TLS, Golang's TLS config implementation checks that
the certificate's common name (< 1.15) or subject alternative name
(>= 1.15) has the same value as the domain being accessed. If the DNS
entry is dynamically generated for a specific environment, the
certificate cannot be generated with a name matching the dynamic
DNS URL. As such, Golang offers a servername field that can be set to
overwrite what value is used when checking against the certificate's
common name (or subject alternative name). Without this change, Skip
TLS Verify must be set to true in order for the DataSource to work,
removing some of the benefits gained by using mutual TLS.
This commit adds the ability to set Grafana's internal Golang TLS config
servername field from the UI or a provisioned DataSource.
The servername field is optional and the existing behavior is retained if
the field is not set.
Co-authored-by: Dana Pruitt <dpruitt@vmware.com>
Co-authored-by: Jeremy Alvis <jalvis@pivotal.io>
* Update docs with PR review changes
Co-authored-by: Jeremy Alvis <jalvis@pivotal.io>
Co-authored-by: Dana Pruitt <dpruitt@vmware.com>
* Update with additional PR requested changes
* Minor updates based on PR change requests
Co-authored-by: Dana Pruitt <dpruitt@vmware.com>
* Add an option to hide certain users in the UI
* revert changes for admin users routes
* fix sqlstore function name
* Improve slice management
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* Hidden users: convert slice to map
* filter with user logins instead of IDs
* put HiddenUsers in Cfg struct
* hide hidden users from dashboards/folders permissions list
* Update conf/defaults.ini
Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
* fix params order
* fix tests
* fix dashboard/folder update with hidden user
* add team tests
* add dashboard and folder permissions tests
* fixes after merge
* fix tests
* API: add test for org users endpoints
* update hidden users management for dashboard / folder permissions
* improve dashboard / folder permissions tests
* fixes after merge
* Guardian: add hidden acl tests
* API: add team members tests
* fix team sql syntax for postgres
* api tests update
* fix linter error
* fix tests errors after merge
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
Co-authored-by: Leonard Gram <leo@xlson.com>
* improve reduce transformer
* add measurment classes
* sync with new grafana measure format
* use address for live
* use plural in URL
* set the field name
* fix build
* find changes
* POST http to channel
* Yarn: Update lock file (#28014)
* Loki: Run instant query only in Explore (#27974)
* Run instant query only in Explore
* Replace forEach with for loop
* don't cast
* Docs: Fixed row display in table (#28031)
* Plugins: Let descendant plugins inherit their root's signature (#27970)
* plugins: Let descendant plugins inherit their root's signature
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
* Registry: Fix service shutdown mode trigger location (#28025)
* Add Alex Khomenko as member (#28032)
* show history
* fix confirm
* fix confirm
* add tests
* fix lint
* add more errors
* set values
* remove unrelated changes
* unrelated changes
* Update pkg/models/live.go
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Update pkg/models/live.go
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Update pkg/services/live/live.go
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Update pkg/services/live/pluginHandler.go
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Update pkg/services/live/pluginHandler.go
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Update pkg/services/live/pluginHandler.go
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* use measurments for testdata endpoints
* add live to testdata
* add live to testdata
* Update pkg/services/live/channel.go
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Apply suggestions from code review
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* update comment formats
* uprevert testdata
* Apply suggestions from code review
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
Co-authored-by: Hugo Häggmark <hugo.haggmark@grafana.com>
* Apply suggestions from code review
* CloudWatch: Add EC2CapacityReservations Namespace (#28309)
* API: Fix short URLs (#28300)
* API: Fix short URLs
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
* Chore: Add cloud-middleware as code owners (#28310)
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
* SQLStore: Run tests as integration tests (#28265)
* sqlstore: Run tests as integration tests
* Truncate database instead of re-creating it on each test
* Fix test description
See https://github.com/grafana/grafana/pull/12129
* Fix lint issues
* Fix postgres dialect after review suggestion
* Rename and document functions after review suggestion
* Add periods
* Fix auto-increment value for mysql dialect
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* Drone: Fix grafana-mixin linting (#28308)
* Drone: Fix Starlark script
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
* grafana-mixin: Move build logic to scripts
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
* Drone: Use mixin scripts
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
* CI build image: Install jsonnetfmt and mixtool
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
* Makefile: Print commands
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
* should only ignore the file in the grafana mixin root folder (#28306)
Signed-off-by: bergquist <carl.bergquist@gmail.com>
* fix: for graph size not taking up full height or width
* Graph NG: fix toggling queries and extract Graph component from graph3 panel (#28290)
* Fix issue when data and config is not in sync
* Extract GraphNG component from graph panel and add some tests coverage
* Update packages/grafana-ui/src/components/uPlot/hooks.test.ts
* Update packages/grafana-ui/src/components/uPlot/hooks.test.ts
* Update packages/grafana-ui/src/components/uPlot/hooks.test.ts
* Fix grid color and annotations refresh
* Drone: Use ${DRONE_TAG} in release pipelines, since it should work (#28299)
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
* Explore: respect min_refresh_interval (#27988)
* Explore: respect min_refresh_interval
Fixes#27494
* fixup! Explore: respect min_refresh_interval
* fixup! Explore: respect min_refresh_interval
* UI: export defaultIntervals from refresh picker
* fixup! Explore: respect min_refresh_interval
Co-authored-by: Zoltán Bedi <zoltan.bedi@gmail.com>
* Loki: Base maxDataPoints limits on query type (#28298)
* Base maxLines and maxDataPoints based on query type
* Allow overriding the limit to higher value
* Bump tree-kill from 1.2.1 to 1.2.2 (#27405)
Bumps [tree-kill](https://github.com/pkrumins/node-tree-kill) from 1.2.1 to 1.2.2.
- [Release notes](https://github.com/pkrumins/node-tree-kill/releases)
- [Commits](https://github.com/pkrumins/node-tree-kill/compare/v1.2.1...v1.2.2)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Bump handlebars from 4.4.3 to 4.7.6 (#27416)
Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.4.3 to 4.7.6.
- [Release notes](https://github.com/wycats/handlebars.js/releases)
- [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md)
- [Commits](https://github.com/wycats/handlebars.js/compare/v4.4.3...v4.7.6)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Build(deps): Bump http-proxy from 1.18.0 to 1.18.1 (#27507)
Bumps [http-proxy](https://github.com/http-party/node-http-proxy) from 1.18.0 to 1.18.1.
- [Release notes](https://github.com/http-party/node-http-proxy/releases)
- [Changelog](https://github.com/http-party/node-http-proxy/blob/master/CHANGELOG.md)
- [Commits](https://github.com/http-party/node-http-proxy/compare/1.18.0...1.18.1)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Automation: Add backport github action (#28318)
* BackendSrv: Fixes queue countdown when unsubscribe is before response (#28323)
* GraphNG: Use AxisSide enum (#28320)
* IssueTriage: Needs more info automation and messages (#28137)
* IssueTriage: Needs more info automation and messages
* Updated
* Updated
* Updated wording
* SAML: IdP-initiated SSO docs (#28280)
* SAML: IdP-initiated SSO docs
* Update docs/sources/enterprise/saml.md
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* Apply suggestions from code review
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* Loki: Run instant query only when doing metric query (#28325)
* Run instant query only when doing metric query
* Update public/app/plugins/datasource/loki/datasource.ts
Co-authored-by: Ivana Huckova <30407135+ivanahuckova@users.noreply.github.com>
Co-authored-by: Ivana Huckova <30407135+ivanahuckova@users.noreply.github.com>
* Automation: Tweaks to more info message (#28332)
* AlertingNG: remove warn/crit from eval prototype (#28334)
and misc cleanup
* area/grafana/toolkit: update e2e docker image (#28335)
* add xvfb to image
* comment out toolkit inclusion
* add latest tag
* update packages for cypress
* cleanup script
* Update auth-proxy.md (#28339)
Fix a minor grammar mistake: 'handling' to 'handle'.
* Git: Create .gitattributes for windows line endings (#28340)
With this set, Windows users will have text files converted from Windows style line endings (\r\n) to Unix style line endings (\n) when they’re added to the repository.
https://www.edwardthomson.com/blog/git_for_windows_line_endings.html
* Docs: Add docs for valuepicker (#28327)
* Templating: Replace all '$tag' in tag values query (#28343)
* Docs: Add missing records from grafana-ui 7.2.1 CHANGELOG (#28302)
* Dashboard links: Places drop down list so it's always visible (#28330)
* calculating whether to place the list on the right or left edge of the parent
* change naming and add import of createRef
* Automation: Update backport github action trigger (#28352)
It seems like GitHub has solved the problem of running github actions on PRs from forks with access to secrets.
https://github.blog/2020-08-03-github-actions-improvements-for-fork-and-pull-request-workflows/#improvements-for-public-repository-forks
If I change the event that triggers it to pull_request_target the action is run in the context of the base instead of the merged PR branch
* ColorSchemes: Adds more color schemes and text colors that depend on the background (#28305)
* Adding more color modes and text colors that depend on the background color
* Updates
* Updated
* Another big value fix
* Fixing unit tests
* Updated
* Updated test
* Update
* Updated
* Updated
* Updated
* Updated
* Added new demo dashboard
* Updated
* updated
* Updated
* Updateed
* added beta notice
* Fixed e2e test
* Fix typos
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
* revert pseduo code
* apply feedback
* remove HTTP for now
* fix backend test
* change to datasource
* clear input for streams
* fix docs?
* consistent measure vs measurements
* better jsdocs
* fix a few jsdoc errors
* fix comment style
* Remove commented out code
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
* Clean up code
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
* Clean up code
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
* Clean up code
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
* Clean up code
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
* Clean up code
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
* Clean up code
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
* Clean up code
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
* Update pkg/models/live.go
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Fix build
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
* set the stringField
Co-authored-by: Torkel Ödegaard <torkel@grafana.org>
Co-authored-by: Ivana Huckova <30407135+ivanahuckova@users.noreply.github.com>
Co-authored-by: ozhuang <ozhuang.95@gmail.com>
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
Co-authored-by: Amos Law <ahlaw.dev@gmail.com>
Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
Co-authored-by: Hugo Häggmark <hugo.haggmark@grafana.com>
Co-authored-by: The Rock Guy <fabian.bracco@gvcgroup.com.au>
Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
Co-authored-by: Carl Bergquist <carl@grafana.com>
Co-authored-by: Jack Westbrook <jack.westbrook@gmail.com>
Co-authored-by: Dominik Prokop <dominik.prokop@grafana.com>
Co-authored-by: Elliot Pryde <elliot.pryde@elliotpryde.com>
Co-authored-by: Zoltán Bedi <zoltan.bedi@gmail.com>
Co-authored-by: Andrej Ocenas <mr.ocenas@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Alexander Zobnin <alexanderzobnin@gmail.com>
Co-authored-by: Kyle Brandt <kyle@grafana.com>
Co-authored-by: Brian Gann <briangann@users.noreply.github.com>
Co-authored-by: J-F-Far <joel.f.farthing@gmail.com>
Co-authored-by: acoder77 <73009264+acoder77@users.noreply.github.com>
Co-authored-by: Peter Holmberg <peterholmberg@users.noreply.github.com>
Co-authored-by: Krzysztof Dąbrowski <krzysdabro@live.com>
Co-authored-by: maknik <mooniczkam@gmail.com>
* Alerting: Return proper status code when trying to create an Alert Notification where the name or UID already exists.
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
* intial frontend resolution/redirection logic
* backend scaffolding
* enough of the frontend to actually test end to end
* bugfixes
* add tests
* cleanup
* explore too hard for now
* fix build
* Docs: add docs
* FE test
* redirect directly from backend
* validate incoming uids
* add last_seen_at
* format documentation
* more documentation feedback
* very shaky migration of get route to middleware
* persist unix timestamps
* add id, orgId to table
* fixes for orgId scoping
* whoops forgot the middleware
* only redirect to absolute URLs under the AppUrl domain
* move lookup route to /goto/:uid, stop manually setting 404 response code
* renaming things according to PR feedback
* tricky deletion
* sneaky readd
* fix test
* more BE renaming
* FE updates -- no more @ts-ignore hacking :) and accounting for subpath
* Simplify code
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
* Short URLs: Drop usage of bus
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
* ShortURLService: Make injectable
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
* Rename file
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
* Add handling of url parsing and creating of full shortURL to backend
* Update test, remove unused imports
* Update pkg/api/short_urls.go
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Add correct import
* Pass context to short url service
* Remove not needed error log
* Rename dto and field to denote URL rather than path
* Update api docs based on feedback/suggestion
* Rename files to singular
* Revert to send relative path to backend
* Fixes after review
* Return dto when creating short URL that includes the full url
Use full url to provide shorten URL to the user
* Fix after review
* Fix relative url path when creating new short url
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
Co-authored-by: Ivana <ivana.huckova@gmail.com>
Co-authored-by: Ivana Huckova <30407135+ivanahuckova@users.noreply.github.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* expire with existng cleanup service
* expire with new temp user service
* make Drone happy :)
* add expiry status
* remove other approach
* cleanup
* add test for idempotency
* add migration from datetime to unix ts
* update cmd names
* change lifetime config to duration
* remove unnecessart formatting
* add comment
* update docs
* remove max bound and introduce min error
* simplify sql
* remove comment
* allow any outstanding to exist for at least 24 hours
* revert created ts change
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* add extra state check to cleanup step
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* end 2 end
* fix import
* refactor
* introduce securedata
* check err
* use testify instead of convey
* cleanup test
* cleanup test
* blob time
* rename funcs
* New feature toggle for enabling alerting NG
* Initial commit
* Modify evaluate alert API request
* Check for unique labels in alert execution result dataframes
* Remove print statement
* Additional minor fixes/comments
* Fix lint issues
* Add API endpoint for evaluating panel queries
* Push missing renaming
* add refId for condition to API
* add refId for condition to API
* switch dashboard based eval to get method
* add from/to params to dashboard based eval
* add from/to params to eval endpoint
Co-authored-by: kyle <kyle@grafana.com>
Prefixes SigV4 json data and secure json data keys with sigV4 to make
sure they don't collide with any other settings. Also minor fixes to UI.
Ref #27552
* Alerting API: Send back 404 not found error for update and delete endpoints
* Alerting API: send back alert notification id for delete with uid endpoint
* API: first version to send events about login actions
* API: improve login actions events
* Login: update auth test with new behavior
* Login: update auth test for auth module
* Login OAuth: improve functions structure
* API: make struct public to use for saml
* API: add send login log tests for grafana and ldap login
* API: remove log from tests
* Login API: fix test linting
* Update pkg/api/login_oauth.go
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* Login API: refactor using defer
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* Stats: Cache based stats implementation
* Stats: Correct logic and add larger scale test
* Stats: linter
* Stats: SQL implementation
* Stats: cleanup SQL
* Stats: Tab -> Spaces
* Update pkg/services/sqlstore/stats.go
Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>
* Stats: Quote 'user' table with dialect.Quote
* Stats: Ensure test is run as integration test
* Stats: Use boolean value
...because if (v) { true } else { false } is unnecessary at best.
Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>
* API: Improve error handling (#26934)
* New ErrUserAlreadyExists error has been introduced
* Create user endpoint returns 412 Precondition Failed on ErrUserAlreadyExists errors
* Make ErrUserAlreadyExists error message clearer
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* Use errors.Is instead of equality comparator on AdminCreateUser handler
* Improve sqlstore/user test definition
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Improve sqlstore/user tests for ErrUserAlreadyExists cases
* Remove no needed string fmt and err declaration on sqlstore/user tests
* Code improvements for sqlstore/user tests
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Use err.Error() instead of sentinel error value on AdminCreateUser
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Add ErrUserAlreadyExists handling for signup & org invite use cases
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
Support storing sensitive notification settings securely/encrypted.
Move slack notifier url and api token to secure settings.
Migrating slack notifier to store token and url encrypted is currently
a manual process by saving an existing slack alert notification channel.
saving an existing slack alert notification channel will reset the stored
non-secure url and token.
Closes#25113
Ref #25967
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* Update backend
* Update frontend
* Keep old plugin id
* Update docs
* Place doc images to a new directory
* Legacy support for stackdriver-auto alignment
* Consistent plugin name
* Apply suggestions from code review
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Co-authored-by: Tobias Skarhed <1438972+tskarhed@users.noreply.github.com>
* Update docs
* Update public/app/plugins/datasource/cloud-monitoring/README.md
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* Add reference to the data source formerly being named Stackdriver
* Update pkg/models/datasource.go
Co-authored-by: Carl Bergquist <carl@grafana.com>
* Fix gofmt
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Co-authored-by: Tobias Skarhed <1438972+tskarhed@users.noreply.github.com>
Co-authored-by: Carl Bergquist <carl@grafana.com>
For backend data sources executing in the backend (not through data proxy) make
sure that the timeout applies to cached HTTP client.
Fixes#25863
Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
* Allow API to assign new user to a specific organization
* Add defer block to test
* Add API tests and return 400 instead of 500 for bad orgId
* Minor test improvements
* AlertNotifications: Translate notifications IDs to UIDs in alert Rule builder
* Avoid shadowing errors, raise validation error on non-existing notification id
* create a cache for notification Uids to minimize db overhead
* add cache usage test
* avoid caching empty notification Uids
* isolate db in alert notificationUid caching tests
* Stats: add active user count query
* License: add info in settings
* Stats: Retrieve active users stats for different roles
+ Clean files and tests
* Stats: add dialect.Quote in queries
* Stats: improve tests (require instead of assert)
* Stats: improve tests (require instead of assert)
This feature would provide a way for administrators to limit the minimum
dashboard refresh interval globally.
Filters out the refresh intervals available in the time picker that are lower
than the set minimum refresh interval in the configuration .ini file
Adds the minimum refresh interval as available in the time picker.
If the user tries to enter a refresh interval that is lower than the minimum
in the URL, defaults to the minimum interval.
When trying to update the JSON via the API, rejects the update if the
dashboard's refresh interval is lower than the minimum.
When trying to update a dashboard via provisioning having a lower
refresh interval than the minimum, defaults to the minimum interval
and logs a warning.
Fixes#3356
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* Implement Azure AD oauth
* Use go-jose and cleanup
* Update go-jose in go.mod
* cleanup
* Add unit tests
* Fix scopes
* Add documentation page
* Improve documentation
* Convert extract_role into function.
* Do not use upn and replace unique_name with preferred_username
* Configure login button
* Use official microsoft icon and color from branding guideline.
* Add Azure AD config section in sample.ini.
When an alert is sent by e-mail, the process sends an e-mail to
each recipient separately. This PR is a single delivery to all recipients.
For companies that use e-mail extensively, this is necessary in order
not to overload the sending queue.
Replaces #18013Fixes#12650
Co-authored-by: Henrique Oliveira <holiiveira@users.noreply.github.com>
* refactor to multiple rows
* added name for org user struct
* added name getorgusers
* added user name to tableview
* made test pass
* updated userMocks to user name field
* added missing UsersTable snapshot
* added name on teammembers page, be able to search query for name, login and email
* added the updated snapshots
* conform to same sorting as output form
* conform to previous way of using it
* sort first by login and after by email, as it was before
* Licensing: supplies a service to handle licensing information
* Licensing: uses the license service further
Uses the license service instead of settings.isEnterprise:
- external team members
- saml
- usage stats
* Licensing: fixes broken tests due to new Licensing service dependency
* Licensing: fixes linting errors
* Licensing: exposes license expiry information to the frontend
* API: Add `updatedAt` to api/users/:id
This adds the timestamp of when a particular user was last updated to
the `api/users/:id` endpoint.
This helps our administrators understand when was the user information last
updated. Particularly when it comes from external systems e.g. LDAP
Adds the definition of `GetTeamsForLDAPGroupCommand` which handles the lookup of team information based on LDAP groupDNs.
This is an Enterprise only feature. To diferentiate,a response will contain the `team` key as `null` on OSS while on Enterprise the key will contain an empty array `[]` when no teams are found.
* Move the ReloadLDAPCfg function to the debug file
Appears to be a better suite place for this.
* LDAP: Return the server information when we find a specific user
We allow you to specify multiple LDAP servers as part of LDAP authentication integration. As part of searching for specific users, we need to understand from which server they come from. Returning the server configuration as part of the search will help us do two things:
- Understand in which server we found the user
- Have access the groups specified as part of the server configuration
* LDAP: Adds the /api/admin/ldap/:username endpoint
This endpoint returns a user found within the configured LDAP server(s). Moreso, it provides the mapping information for the user to help administrators understand how the users would be created within Grafana based on the current configuration.
No changes are executed or saved to the database, this is all an in-memory representation of how the final result would look like.
Existing /api/alert-notifications now requires at least editor access.
Existing /api/alert-notifiers now requires at least editor access.
New /api/alert-notifications/lookup returns less information than
/api/alert-notifications and can be access by any authenticated user.
Existing /api/org/users now requires org admin role.
New /api/org/users/lookup returns less information than
/api/org/users and can be access by users that are org admins,
admin in any folder or admin of any team.
UserPicker component now uses /api/org/users/lookup instead
of /api/org/users.
Fixes#17318
* Fix CreateTeam api endpoint
No team member should be created for requests
authenticated by API tokens.
* Update middleware test
Assert that `isAnonymous` is set for `SignedInUser`
authenticated via API key.
* Add test for team creation
Assert that no team member is created if the signed in user
is anomymous.
* Revert "Fix CreateTeam api endpoint"
This reverts commit 9fcc4e67f5.
* Revert "Update middleware test"
This reverts commit 75f767e58d.
* Fix CreateTeam api endpoint
No team member should be created for requests
authenticated by API tokens.
* Update team test
* Change error to warning and update tests
* Add support for `is_disabled` to `CreateUser()`
* Add support for `is_disabled` to `SearchUsers()`
Had to add it as a `string` type not as `bool`, since if that's property
is omitted, we would have add it to SQL request, which might be dangerous
* Restructure desctructive tests and add more
* API: Duplicate API Key Name Handle With Useful HTTP Code
* 17447: make changes requested during review
- use dialect.IsUniqueContraintViolation
- change if statement to match others
- return error properly
* Revert "17447: make changes requested during review"
This reverts commit a4a674ea83.
* API: useful http code on duplicate api key error w/ tests
* API: API Key Duplicate Handling
fixed small typo associated with error
* Users: show badges for each auth provider
* Chore: don't use functions in angular bindings
* Users: minor style changes to labels
* Chore: convert auth labels on the backed side, deduplicate frontend code
* Users: use authLabels everywhere instead of authModule
* User: fix edit user page style
* Users: minor fixes after review
* Teams: show proper label for each auth provider
Teams: don't sore AuthModule in team_member table, use JOIN to get it instead
* Teams: fix AddTeamMember after last changes
* Teams: add more auth provider labels
* Teams: show external sync badge if LDAP is not enabled
* Teams: tests for getting auth module
* Build: use golangci-lint as a make command
* Since gometalinter was deprecated in favor of golangci-lint so it was
replaced by it. Responsibilities held by the gometalinter was moved to
golangci-lint
* There was some changes in implementation (that was also mentioned in
the code comment) between the tools, which uncovered couple errors
in the code. Those issues were either solved or disabled by
the inline comments
* Introduce the golangci-lint config, to make their
configuration more manageable
* Build: replace backend-lint.sh script with make
* Modify backend to allow expiration of API Keys
* Add middleware test for expired api keys
* Modify frontend to enable expiration of API Keys
* Fix frontend tests
* Fix migration and add index for `expires` field
* Add api key tests for database access
* Substitude time.Now() by a mock for test usage
* Front-end modifications
* Change input label to `Time to live`
* Change input behavior to comply with the other similar
* Add tooltip
* Modify AddApiKey api call response
Expiration should be *time.Time instead of string
* Present expiration date in the selected timezone
* Use kbn for transforming intervals to seconds
* Use `assert` library for tests
* Frontend fixes
Add checks for empty/undefined/null values
* Change expires column from datetime to integer
* Restrict api key duration input
It should be interval not number
* AddApiKey must complain if SecondsToLive is negative
* Declare ErrInvalidApiKeyExpiration
* Move configuration to auth section
* Update docs
* Eliminate alias for models in modified files
* Omit expiration from api response if empty
* Eliminate Goconvey from test file
* Fix test
Do not sleep, use mocked timeNow() instead
* Remove index for expires from api_key table
The index should be anyway on both org_id and expires fields.
However this commit eliminates completely the index for now
since not many rows are expected to be in this table.
* Use getTimeZone function
* Minor change in api key listing
The frontend should display a message instead of empty string
if the key does not expire.
* batch disable users
* batch revoke users tokens
* split batch disable user and revoke token
* API: get users with auth info and isExternal flag
* fix tests for batch disable users
* Users: refactor /api/users/search endpoint
* Users: use alias for "user" table
* Chore: add BatchDisableUsers() to the bus
* Users: order user list by id explicitly
* Users: return AuthModule from /api/users/:id endpoint
* Users: do not return unused fields
* Users: fix SearchUsers method after last changes
* User: return auth module as array for future purposes
* User: tests for SearchUsers()
* User: return only latest auth module in SearchUsers()
* User: fix JOIN, get only most recent auth module
* Users: add is_disabled column
* Users: disable users removed from LDAP
* Auth: return ErrInvalidCredentials for failed LDAP auth
* User: return isDisabled flag in user search api
* User: mark disabled users at the server admin page
* Chore: refactor according to review
* Auth: prevent disabled user from login
* Auth: re-enable user when it found in ldap
* User: add api endpoint for disabling user
* User: use separate endpoints to disable/enable user
* User: disallow disabling external users
* User: able do disable users from admin UI
* Chore: refactor based on review
* Chore: use more clear error check when disabling user
* Fix login tests
* Tests for disabling user during the LDAP login
* Tests for disable user API
* Tests for login with disabled user
* Remove disable user UI stub
* Sync with latest LDAP refactoring
* Add file path to metadata and show it in dialogs
* Make path relative to config directory
* Fix tests
* Add test for the relative path
* Refactor to use path relative to provisioner path
* Change return types
* Rename attribute
* Small fixes from review
* Chore: remove session storage references
* Small refactoring of the settings module
* Update docs - remove references for the session storage
* Update config files (sample and default configs)
* Add tests for warning during the config load on defined storage cache
* Remove all references to session storage
* Remove macaron session dependency
* Remove leftovers
* Fix: address review comments
* Fix: remove old deps
* Fix: add skipStaticRootValidation = true to tests
* Fix: improve the docs and warning message
As per discussion in here - https://github.com/grafana/grafana/pull/16445/files#r273026255
* Chore: make linter happy
Fixes#16148
Ref #16114
* Store passwords in secureJsonData
* Revert unnecessary refactors
* Fix for nil jsonSecureData value
* Remove copied encryption code from migration
* Fix wrong field reference
* Remove migration and provisioning changes
* Use password getters in datasource proxy
* Refactor password handling in datasource configs
* Add provisioning warnings
* Update documentation
* Remove migration command, moved to separate PR
* Remove unused code
* Set the upgrade version
* Remove unused code
* Remove double reference
* Unprovision dashboard in case of DisableDeletion = true
* Rename command struct
* Handle removed provision files
* Allow html in confirm-modal
* Do not show confirm button without onConfirm
* Show dialog on deleting provisioned dashboard
* Changed DeleteDashboard to DeleteProvisionedDashboard
* Remove unreachable return
* Add provisioned checks to API
* Remove filter func
* Fix and add tests for deleting dashboards
* Change delete confirm text
* Added and used pkg/errors for error wrapping
Fixes so it's possible to create new notification channel and providing uid.
Fixes better error/result handling when updating a notifcation channel.
Fixes#16372
Ref #16219#16012
Now returns uid in response to get notification channel by id.
Adds GET/PUT/DELETE support for notification channel by uid,
/api/alert-notifications/uid/:uid.
Break apart alerting and alert notification http api docs in two
pages and update documentation to make it up to date
with current implementation.
Fixes#16012
as noted, sessions might not be a good name for this metrics.
while devices would be a better name for users I think we should
align the name with the code as much as possible. The ui listing
all auth_tokens per user should probarbly say "devices" instead
* master: (250 commits)
Firing off an action instead of listening to location changes
Changes after PR Comments
Made ExplorerToolbar connected and refactored away responsabilities from Explore
Removed some split complexity
Fixed some more styling
Fixed close split look and feel
Fixed position of Closesplit
Fixed small issue with TimePicker dropdown position
Simplified some styles and dom elements
Fixed some more with the sidemenu open and smaller screens
Fixed so heading looks good with closed sidemenu
Restructure of component and styling
Refactored out ExploreToolbar from Explore
Fixed reinitialise of Explore
changelog: add notes about closing #13929
changelog: add notes about closing #14558
changelog: add notes about closing #14484
changelog: add notes about closing #13765
changelog: add notes about closing #11503
changelog: add notes about closing #4075
...
If notification state is pending and last update of state was made
less than a minute ago. In the case of a grafana instance is shut down/crashes
between setting pending state and before sending the notification/marks as complete
this logic should allow the notification to be sent after some time instead of
being left in an inconsistent state where no notifications are being sent.
