Following discussion in grafana/grafana-enterprise#1292, removing
org-scoped users scopes to make it clear that the local organization is
the default and the alternative to that is a global scope (for a select
few endpoints)
In the case permissions has been added on dashboard(s). Later permissions for the
parent folder of the dashboard is edited in such a way that dashboard in that folder
has a permission that is a duplicate of an inherited one. This PR changes so that
duplicate permissions are now filtered out from /api/dashboards/id/<dashboard id>/permissions.
Duplicate permission are not filtered out if the permission on dashboard is higher
than on the inherited folder.
Fixes#33296
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Encapsulate settings with a provider with support for runtime reloads
* SettingsProvider: reload is controlled by the services
* naive impl of reload handlers for settings
* working naive detection on new changes
* Trigger settings reload from API endpoint
* validation step added
* validation of settings
* Fix linting errors
* Replace DB_Varchar by DB_NVarchar
* Reduce settings columns (section, key) lenghts
* wip db update logic
* Db Settings: separate updates and removals
* Fix: removes incorrectly added code
* Minor code improvements
* Runtime settings: moved oss -> ee
* Remove no longer used setting.Cfg SAML-related fields
* Rename file setting/settings.go => setting/provider.go
* Apply suggestions from code review
Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>
* Minor code improvements on OSS settings provider
* Fix some login API tests
* Correct some GoDoc comments
* Apply suggestions from code review
Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>
Co-authored-by: Leonard Gram <leo@xlson.com>
Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>
Before these changes the request tracing was added for each route
registered using the routing.RouteRegister, see code. This had the
consequence that middleware executed earlier/later in the request
pipeline was not part of the request tracing middleware life-cycle
which measures the duration of requests among other things.
In the logger middleware we do extract the current distributed trace
identifier, if available, and set that on request info/error log messages.
With these changes we can extract the current distributed trace identifier,
if available, and set that on the contextual HTTP request logger
(models.ReqContext.Logger) which would improve the possibility to correlate
all HTTP request log messages with traces.
In addition, the request tracing middleware is now executed first and last in
the request pipeline and should therefore result in more accurate timing
measurements (request duration).
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Expose user permissions to the frontend
* Do not include empty scope
* Extend ContextSrv with hasPermission() method
* Add access control types
* Fix type error (make permissions optional)
* Fallback if access control disabled
* Move UserPermission to types
* Simplify hasPermission()
* [Alerting]: Use common properties for all rules
* Add Labels in rules
* Fix update ruleGroup API
Return 400 Bad Request response
when the request contains a UID that does not exist
* Check permissions and return namespace id
* Apply suggestions from code review
Co-authored-by: gotjosh <josue@grafana.com>
* Move db package WIP
* Implement OSS access control
* Register OSS access control
* Fix linter error in tests
* Fix linter error in evaluator
* Simplify OSS tests
* Optimize builtin roles
* Chore: add comments to the exported functions
* Remove init from ossaccesscontrol package (moved to ext)
* Add access control as a dependency for http server
* Modify middleware to receive fallback function
* Middleware: refactor fallback function call
* Move unused models to enterprise
* Simplify AccessControl type
* Chore: use bool IsDisabled() method instead of CanBeDisabled interface
* FrontendMetrics: Adds new backend api that frontend can use to push frontend measurements and counters to prometheus
* FrontendMetrics: Adds new backend api that frontend can use to push frontend measurements and counters to prometheus
* Fix naming
* change to histogram
* Fixed go lint
* return 400 bad request if id and orgId is invalid
Signed-off-by: bergquist <carl.bergquist@gmail.com>
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Initial commit
* Progress
* Update
* Progress
* updates
* Minor fix
* fixed ts issue
* fixed e2e tests
* More explorations
* Making progress
* Panel options and field options unified
* With nested categories
* Starting to find something
* fix paddings
* Progress
* Breakthrough ux layout
* Progress
* Updates
* New way of composing options with search
* added regex search
* Refactoring to react note tree
* Show overrides
* Adding overrides radio button support
* Added popular view
* Separate stat/gauge/bargauge options into value options and display options
* Initial work on getting library panels into viz picker flow
* Fixed issues switching to panel library panel
* Move search input put of LibraryPanelsView
* Changing design again to have content inside boxes
* Style updates
* Refactoring to fix scroll issue
* Option category naming
* Fixed FilterInput issue
* Updated snapshots
* Fix padding
* Updated viz picker design
* Unify library panel an viz picker card
* Updated card with delete action
* Major refactoring back to an object model instead of searching and filtering react node tree
* More refactoring
* Show option category in label when searching
* Nice logic for categories rendering when searching or when only child
* Make getSuggestions more lazy for DataLinksEditor
* Add missing repeat options and handle conditional options
* Prepping options category to be more flexibly and control state from outside
* Added option count to search result
* Minor style tweak
* Added button to close viz picker
* Rewrote overrides to enable searching overrides
* New search engine and tests
* Searching overrides works
* Hide radio buttons while searching
* Added angular options back
* Added memoize for all options so they are not rebuilt for every search key stroke
* Added back support for category counters
* Started unit test work
* Refactoring and base popular options list
* Initial update to e2e test, more coming to add e2e test for search features
* Minor fix
* Review updates
* Fixing category open states
* Unit test progress
* Do not show visualization list mode radio button if library panels is not enabled
* Use boolean
* More unit tests
* Increase library panels per page count and give search focus when switching list mode
* field config change test and search test
* Feedback updates
* Minor tweaks
* Minor refactorings
* More minimal override collapse state
This pull request migrates testdata to coreplugin streaming capabilities,
this is mostly a working concept of streaming plugins at the moment,
the work will continue in the following pull requests.
* Fix LoginService.UpsertUser user creation
* Fix API AdminCreateUser user creation
* Add missing underscore import
* Fix API CompleteInvite user creation
* Fix API SignUpStep2 user creation
Fix encoded characters in URL path should be proxied as encoded in the data proxy.
Fixes#26870Fixes#31438
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Add revoked_at field to user auth token to allow soft revokes
* Allow soft token revocations
* Update token revocations and tests
* Return error info on revokedTokenErr
* Override session cookie only when no revokedErr nor API request
* Display modal on revoked token error
* Feedback: Refactor TokenRevokedModal to FC
* Add GetUserRevokedTokens into UserTokenService
* Backendsrv: adds tests and refactors soft token path
* Apply feedback
* Write redirect cookie on token revoked error
* Update TokenRevokedModal style
* Return meaningful error info
* Some UI changes
* Update backend_srv tests
* Minor style fix on backend_srv tests
* Replace deprecated method usage to publish events
* Fix backend_srv tests
* Apply suggestions from code review
Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>
Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com>
* Apply suggestions from code review
* Apply suggestions from code review
Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com>
* Minor style fix after PR suggestion commit
* Apply suggestions from code review
Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>
* Prettier fixes
Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com>
Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>
Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>
* Refactor: adds permissions for library panel creation
* Refactor: checks folder permissions for patch requests
* Chore: changes after PR comments
* Refactor: adds permissions to delete
* Refactor: moves get all permission tests out of get all tests
* Chore: move out get all tests to a separate file
* Refactor: adds permissions to get handler
* Refactor: fixes a bug with getting library panels in General folder
* Refactor: adds permissions for connect/disconnect
* Refactor: adds permissions and tests for get connected dashboards
* Tests: adds tests for connected dashboards in General Folder
* LibraryPanels: Deletes library panels during folder deletion
* LibraryPanels: Deletes library panels during folder deletion
* Update pkg/api/folder.go
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Update pkg/services/librarypanels/librarypanels_permissions_test.go
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Chore: updates after PR comments
* Chore: forgot to change some function signatures
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Run post-friendly request with set method first
* Improve messaging, retry only when post and specific status code
* Add comments
* Fix backend
* Update public/app/plugins/datasource/prometheus/datasource.ts
* Replace DataSourcesListItem with Card
* Add tests
* Remove unused styles
* Make card heading semi bold
* Make heading semi-bold
* Show type name instead of type id
* Fix key warning
* Update Card
* Fix tests
* Make typeName optional
* remove styling that was just a test
* Make typeName non-optional and fix tests
* Update list key
Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
* LibraryPanels: Disconnect before connect during dashboard save
* Tests: fixed test
* Chore: updates after PR comments
* Chore: changes from context.Background() to c.Context.Req.Context()
* Chore: fixes lint issue
* Cfg: fix hidden users initialization
* add tests
* do not call isHiddenUser function for non-user permission
* do not call isHiddenUser function for non-user permission
* break out new and edit
* changed model to match new model in backend
* AlertingNG: API modifications (#30683)
* Fix API consistency
* Change eval alert definition to POST request
* Fix eval endpoint to accept custom now parameter
* Change JSON input property for create/update endpoints
* model adjustments
* set mixed datasource, fix put url
* update snapshots
* remove edit and add landing page
* remove snapshot tests ans snapshots
* wrap linkbutton in array
Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>
Co-authored-by: Sofia Papagiannaki <sofia@grafana.com>
* Introduce PluginRequestValidator abstraction with a NoOp implementation
* Update PluginRequestValidator abstraction to use the dsURL instead
* Inject PluginRequestValidator into the HTTPServer and validate requests going through data source proxy
* Inject PluginRequestValidator into the BackendPluginManager and validate requests going through it
* Validate requests going through QueryMetrics & QueryMetricsV2
* Validate BackendPluginManager health requests
* Fix backend plugins manager tests
* Validate requests going through alerting service
* Fix tests
* fix tests
* goimports
Co-authored-by: Leonard Gram <leo@xlson.com>
* CDN: Initial poc support for serving assets over a CDN
* Minor fix
* added build path and test
* fix lint error
* Added edition to cdn path
* Move master builds to a separate path
* Added error handling for the url parsing, changed setting name, and added docs
* Updated sample.ini
* Some property renames
* updated
* Minor update to html
* index template improvements
* Update docs/sources/administration/configuration.md
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
* Update docs/sources/administration/configuration.md
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
* Added ContentDeliveryPrefix to Licence service
* updated docs
* Updated test mock
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
Converts the core testdata data source to use the SDK contracts and by that
implementing a backend plugin in core Grafana in similar manner as an external one.
Co-authored-by: Will Browne <will.browne@grafana.com>
Co-authored-by: Marcus Efraimsson <marefr@users.noreply.github.com>
Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
* Expressions: remove feature toggle, add experimental badge
* Make button only show for backend and mixed data sources
Co-authored-by: Peter Holmberg <peter.hlmbrg@gmail.com>
Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
* Auth: add error for expired token
* Auth: save token error into context data
* Auth: send full user and req context to CreateToken
* Auth: add token ID in context
* add TokenExpiredError struct
* update auth tests
* remove most of the changes to CreateToken func
* clean up
* Login: add requestURI in CreateToken ctx
* update RequestURIKey comment
* Chore: moves common and response into separate packages
* Chore: moves common and response into separate packages
* Update pkg/api/utils/common.go
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Chore: changes after PR comments
* Chore: move wrap to routing package
* Chore: move functions in common to response package
* Chore: move functions in common to response package
* Chore: formats imports
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* SQLStore: customise the limit of retrieved datasources per organisation
* update all suggestions regarding nil or 0 as default
* Apply suggestions from code review
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* correct default.ini description + adding unittest
* Apply suggestions from code review
Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>
* modify unittest name
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>
* PanelLibrary: Adds get to the API
* Refactor: adds tests for get and getAll and cleans up other tests
* Refactor: changed name on DTO
* Update pkg/services/librarypanels/api.go
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Update pkg/services/librarypanels/database.go
* create page and sidebar entry
* add components for query editor and definition
* split pane things
* add reducer and action
* implement split pane and update ui actions
* making things pretty
* Unify toolbar
* minor tweak to title prefix and some padding
* can create definitions
* fix default state
* add notificaion channel
* add wrappers to get correct spacing between panes
* include or exclude description
* implement query editor
* start on query result component
* update from master
* some cleanup and remove expressions touch ups
Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
