Commit Graph

280 Commits

Author SHA1 Message Date
Marcus Efraimsson
3d1c624c12 WIP: Protect against brute force (frequent) login attempts (#10031)
* db: add login attempt migrations

* db: add possibility to create login attempts

* db: add possibility to retrieve login attempt count per username

* auth: validation and update of login attempts for invalid credentials

If login attempt count for user authenticating is 5 or more the last 5 minutes
we temporarily block the user access to login

* db: add possibility to delete expired login attempts

* cleanup: Delete login attempts older than 10 minutes

The cleanup job are running continuously and triggering each 10 minute

* fix typo: rename consequent to consequent

* auth: enable login attempt validation for ldap logins

* auth: disable login attempts validation by configuration

Setting is named DisableLoginAttemptsValidation and is false by default
Config disable_login_attempts_validation is placed under security section
#7616

* auth: don't run cleanup of login attempts if feature is disabled

#7616

* auth: rename settings.go to ldap_settings.go

* auth: refactor AuthenticateUser

Extract grafana login, ldap login and login attemp validation together
with their tests to separate files.
Enables testing of many more aspects when authenticating a user.
#7616

* auth: rename login attempt validation to brute force login protection

Setting DisableLoginAttemptsValidation => DisableBruteForceLoginProtection
Configuration disable_login_attempts_validation => disable_brute_force_login_protection
#7616
2018-01-26 10:41:41 +01:00
bergquist
1508755422 cfg: remove local as default image uploader
ref #9967
2018-01-24 21:31:07 +01:00
bergquist
5546828b9f cfg: adds info about local img uploader to docs 2018-01-22 11:11:30 +01:00
Martin Szulecki
c82e23d96e imguploader: Add support for new internal image store (#6922) 2018-01-12 21:40:12 +01:00
Mahmoud Saada
af15e3c0d0 Implement Azure Blob external image uploader 2017-12-27 08:53:00 -05:00
Carl Bergquist
35106537f2 Replace Read Only Editor role with ViewersCanEdit setting (#10166)
* removes readonly editor role

* adds viewersCanEdit setting

This enable you to allow viewers to edit/inspect
dashboards in grafana in their own browser without
allowing them to save dashboards

* remove read only editor option from all dropdowns

* migrates all read only viewers to viewers

* docs: replace readOnlyEditor with viewersCanEdit
2017-12-13 18:53:42 +01:00
bergquist
5f5cdad97a improve error handling for datasources as cfg 2017-12-08 10:50:11 +01:00
bergquist
c766802325 improve sample datasource.yaml 2017-12-08 10:28:38 +01:00
bergquist
79d7213e11 fixes issue with datasource/dash as cfg and gitignore 2017-12-08 06:52:47 +01:00
bergquist
5006f9e4c5 dashboards as cfg: update docs to use /provisioning 2017-12-07 15:55:00 +01:00
bergquist
2e610cb256 dashboards as cfg: move dash/ds config files to /provisioning/* 2017-12-07 15:27:01 +01:00
bergquist
361acd3fa1 dashboards as cfg: include cfg files in dist packages 2017-12-07 15:27:01 +01:00
bergquist
2a18345eb2 dashboards as cfg: disable loading dashboards from disk by default 2017-12-07 15:27:01 +01:00
bergquist
d69b63cbc0 dashboards as cfg: read first cfg version 2017-12-07 15:27:01 +01:00
saady
767b460ff1 [GCS] Support for gcs path 2017-11-21 17:22:40 +00:00
Torkel Ödegaard
98b4074c16 refactoring: minor refactor of clean up dashboard history PR #9882 2017-11-17 14:41:44 +01:00
Torkel Ödegaard
aaa465a100 Merge branch 'feat-9671' of https://github.com/alexanderzobnin/grafana into alexanderzobnin-feat-9671 2017-11-17 14:16:49 +01:00
Carl Bergquist
9ea5af578e
Merge pull request #9504 from grafana/datasource_as_cfg
Datasources as configuration
2017-11-16 16:13:02 +01:00
bergquist
c60915c146 datasources as cfg: adds docs for all jsondata and secure_json fields 2017-11-16 14:22:52 +01:00
bergquist
87983021e2 datasources as cfg: convert yaml map into json for jsonData 2017-11-16 13:23:42 +01:00
bergquist
bfd8afaf13 docs: update metrics api path 2017-11-16 09:38:37 +01:00
bergquist
6267ef1391 datasource as cfg: fixes typos 2017-11-15 14:30:32 +01:00
bergquist
06a37d0023 datasource as cfg: show deletes first in example 2017-11-15 14:30:32 +01:00
bergquist
ebbfc529e0 datasource as cfg: support globbing 2017-11-15 14:30:32 +01:00
bergquist
0f136a940c datasource as cfg: enable editable ds's 2017-11-15 14:30:32 +01:00
bergquist
b72cdae563 datasource as cfg: add org_id to example config 2017-11-15 14:30:32 +01:00
bergquist
dc002abe4c datasource as cfg: test for reading all properties 2017-11-15 14:30:32 +01:00
bergquist
c9bfa781fd datasource as cfg: improve name for this feature 2017-11-15 14:30:32 +01:00
bergquist
ba4bbd1d47 datasource as cfg: refactor tests to use yaml files 2017-11-15 14:30:32 +01:00
bergquist
0f29b8ac83 datasources as cfg: tests for insert/updating datasources 2017-11-15 14:30:32 +01:00
bergquist
39b6c04643 datasource as cfg: basic implementation 2017-11-15 14:30:32 +01:00
Alexander Zobnin
a0a1f4aacd dashboard history: refactor after review 2017-11-15 13:36:36 +03:00
Alexander Zobnin
08e2bbef83 dashboard history: clean up dashboard version history 2017-11-14 18:22:18 +03:00
Furtchet
a51b1e8951 Update the config key to database_log_queries so it is more descriptive, as suggested in #9785. 2017-11-06 08:01:31 -06:00
Furtchet
5fdfa3ff7e MySQL Performance when using GF_DATABASE_URL
Set MaxIdleConn and MaxOpenConn when using the GF_DATABASE_URL configuration. Also added GF_DATABASE_DEBUG flag to print SQL statements and SQL execution times.
See #9784 for the details.
2017-11-03 14:05:32 -05:00
bergquist
dea631bedc tech: remove rabbitmq event publisher
closes #9645
2017-10-24 14:10:23 +02:00
Ricard Clau
e4541a7fd1 support for s3 path (#9151) 2017-10-04 21:04:20 +02:00
Torkel Ödegaard
eaefa3c1fa s3: minor fix for PR #9223 2017-09-27 09:43:32 +02:00
Torkel Ödegaard
50d82155ed Merge branch 'master' of https://github.com/williamjoy/grafana into williamjoy-master 2017-09-27 09:37:26 +02:00
Tobias Hintze
af79d046db introduce smtp config option for EHLO identity 2017-09-24 20:48:20 +02:00
William
88a8991722 config bucket and region for s3 uploader
this is to support cn-north-1 region as it can get s3 url programatically.
also keeps support 'bucket_url' for backward compatiblity
2017-09-19 04:57:25 -04:00
bergquist
bcf784375b make it possible to configure sampler type 2017-09-18 11:08:58 +02:00
bergquist
f37a595f68 make samplerconfig.param configurable 2017-09-18 11:08:58 +02:00
bergquist
ec29b469e4 adds custom tags from settings 2017-09-18 11:08:58 +02:00
bergquist
935dad653c set example port to zipkin default 2017-09-18 11:08:58 +02:00
bergquist
a234e894bb makes jaeger tracing configurable 2017-09-18 11:08:58 +02:00
Konstantin Chukhlomin
fcdf282090 GCS support via JSON API 2017-09-15 16:11:02 +02:00
Konstantin Chukhlomin
72d7c4d620 Added GCS support #8370 2017-09-15 16:11:02 +02:00
Torkel Ödegaard
a47b31ac62 fix: MySQL/Postgress max_idle_conn default was wrongly set to zero, which does not mean unlimited but zero, which in practice disables connection pooling, not good. now max idle conn is set to golang's default which is 2, fixes #8513 2017-08-08 16:17:52 +02:00
Torkel Ödegaard
06e87c151f feat: added settings to sample ini #8768 2017-07-31 15:04:47 +02:00