* use new log group picker also for non cross-account queries
* cleanup and add comment
* remove not used code
* remove not used test
* add error message when trying to set log groups before saving
* fix bugs from pr feedback
* add more tests
* fix broken test
* PermissionFilter: Handle all search type and only check one action for dashboards
* PermissionFilter: Still handle multiple action but take short cut when
only one action is required
* Add auth labels and access control metadata to org users search results
* Fix search result JSON model
* Org users: Use API for pagination
* Fix default page size
* Refactor: UsersListPage to functional component
* Refactor: update UsersTable component code style
* Add pagination to the /orgs/{org_id}/users endpoint
* Use pagination on the AdminEditOrgPage
* Add /orgs/{org_id}/users/search endpoint to prevent breaking API
* Use existing search store method
* Remove unnecessary error
* Remove unused
* Add query param to search endpoint
* Fix endpoint docs
* Minor refactor
* Fix number of pages calculation
* Use SearchOrgUsers for all org users methods
* Refactor: GetOrgUsers as a service method
* Minor refactor: rename orgId => orgID
* Fix integration tests
* Fix tests
* Use preferred package header for generated code
> To convey to humans and machine tools that code is generated, generated source should have a line that matches the following regular expression (in Go syntax):
> `^// Code generated .* DO NOT EDIT\.$`
https://pkg.go.dev/cmd/go#hdr-Generate_Go_files_by_processing_source
Co-authored-by: sam boyer <sdboyer@grafana.com>
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
* Regenerate files with updated header
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
Signed-off-by: Jack Baldry <jack.baldry@grafana.com>
Co-authored-by: sam boyer <sdboyer@grafana.com>
* protect /connection url paths with permissions
These permissions match the original ones at /datasources and /plugins
* add Connections section to navtree only if user has permissions
This commit works only when the easystart plugin is not present.
I'll see what I can do when it is present in the next commit(s).
* update datasources page permissions
The datasources page have Explore buttons on datasource entries,
therefore it makes sense to show this page for those, who can't edit or
create datasources but have explore permissions.
This applies for the traditional Editor role.
* DataSourcesList: link to edit page only if has right to write
If the user doesn't have rights to write datasources, then it's better
to not create a link from cards to the edit page. This way they won't
see the configuration of the data sources either, which is a desirable
outcome.
Also, I moved the query for DataSourcesExplore permission out from the
DataSourcesListView component in the DataSourcesList component, next to
the other permission queries - for the sake of consistency.
* fix permissions for connect data
This way it matches the permissions of the "Plugins" page.
* fix applinks test
* Remove Raw references
* Remove more raws
* Re-generate files
* Remove raw folder from veneer
* Fix import
* Fix lint
* Bring back raw folder in grafana-schema
* Another lint
* Remove use of "Structured" word in kinds
* Delete unused function and remove some structured words
* Bunch more removals of structured name
Co-authored-by: sam boyer <sdboyer@grafana.com>
This commit adds a customizable timeout for screenshots called
capture_timeout. The default value is 10 seconds, and the maximum
value is 30 seconds. This timeout should be less than the minimum
Interval of all Evaluation Groups to avoid back pressure on alert
rule evaluation.
* Update config store to split between active and history tables
* Migrations to fix up indexes
* Implement migration from old format to new
* Move add migrations call
* Delete duplicated rows
* Explicitly map fields
* Quote the column name because it's a reserved word
* Lift migrations to top
* Use XORM for nearly everything, avoid any non trivial raw SQL
* Touch up indexes and zero out IDs on move
* Drop TODO that's already completed
* Fix assignment of IDs
* AuthN: Add boilderplate for render auth client
* AuthN: Implement test function for render auth client
* AuthN: Implement Authenticate for render arender auth client
* ContextHandler: Perform render auth if flag is enabled
* refactor(pluginhelp): rewrite as functional component with useAsync
* mimic old behaviour
* feat(pluginhelp): display message if backend returned an empty string
Co-authored-by: Jack Westbrook <jack.westbrook@gmail.com>
* AuthN: Add basic auth client boilerplate
* AuthN: Implement test function for basic auth client
* AuthN: Implement the authentication method for basic auth
* AuthN: Add tests for basic auth authentication
* ContextHandler: perform basic auth authentication through authn service
if feature toggle is enabled
* AuthN: Add providers for sync services and pass required dependencies
* Alerting: Prevent short uid collision in legacy migration when db is case-insensitive
Two factors come into play that cause sporadic uid conflicts during legacy alert migration:
- MySQL and MySQL-compatible backends use case-insensitive collation.
- Our short uid generator is not a uniform RNG and generates uids in such a way that generations in quick succession have a higher probability of creating similar uids.
Normally we would be guaranteed unique short uid generation, however if the source alphabet contains
duplicate characters (for example, if we use case-insensitive comparison) this guarantee is void.
Generating even ~1000 uids in quick succession is nearly guaranteed to create a case-insensitive
duplicate.
chore (dashboardversion service): remove (one) join from store implementations
We return the userID from the dashboardservice store; the service (or api) layer can use that to get the user's login when needed.
The DashboardVersion struct is the database object; the DashboardVersionDTO is the object that should be sent to the API layer.
In the future I'd like to move DashboardVersion to dashverimpl and un-export it, but there are a few places that Insert directly into that table, not all of which are test fixtures, so that should wait until we clean up at least the DashboardService's use of it.
- Create new ctxLogProviders for each scenario to support
go test -count=n for n>1. Currently, it just kept adding providers for
every new run, which would make it add way more key-value pairs to
the provider than necessary.
- Adding a helper method to the scenario to make it easier to set up tests
for logging and easier to read the tests. I also flattened the test file, to
reduce the complexity of each test function.
* add xorm and xorm/core as package
* remove mssql and oracle as driver
* fix some typo
* remove unittest
* remove some cache
* restore the removed part
* remove logfile
`X-Dashboard-Uid`, `X-Datasource-Uid`, `X-Grafana-Org-Id`, `X-Panel-Id` are very useful headers set
by Grafana front-end that we would like to see on the data source as
well. This is so that it would be possible to pinpoint from where slow
queries are coming in Mimir/Thanos/Cortex/etc., for example. Relevant
Mimir code lines:
0a94f26203/pkg/frontend/transport/handler.go (L182-L184)
Tested manually that with these changes the headers are visible.
* Correctly set filter values in portal URL
* Refactor to include dimensions as a part of AzureMonitor query
* Correctly set splitting value in URL
- Add type for dimension filters object
* Update tests
* Don't test dimensions
* feat(grafana-cli): add a flag to control the admin user's ID for reset-admin-password
Since this is now more permissive, I've also added validation that the requested user is an admin.
* slight refactor to support testing
Automatically forward core plugin request HTTP headers in outgoing HTTP requests.
Core datasource plugin authors don't have to specifically handle forwarding of HTTP
headers, e.g. do not have to "hardcode" the header-names in the datasource plugin,
if not having custom needs.
Fixes#57065
* refactor email to not use simplejson
* add tests
* split integration test and unit test + more unit-tests
* Remove outdated comment
Co-authored-by: Armand Grillet <2117580+armandgrillet@users.noreply.github.com>
* AuthN: Replicate functionallity to get org id for request
* Authn: parse org id for the request and populate the auth request with
it
* AuthN: add simple mock for client to use in test
* AuthN: add tests to verify that authentication is called with correct
org id
* AuthN: Add ClientParams to mock
* AuthN: Fix flaky org id selection
* add user sync
* add org user sync
* add client params
* merge remaining conflicts
* remove change to report.go
* update comments
* add basic tests for user ID population
* add tests for auth ID find
* add tests for user sync create and update
* add tests for orgsync
* satisfy lint
* add userID guards
Log a useful msg if no oauth provider configured
When a user doesn't configure an OAuth provider and uses auto login, Grafana logs a misleading message indicating that he has multiple providers configured.
* GoogleCloudMonitoring: Migrate queries to the new format
* Refactor Aligment and AligmentFunction components (#60235)
* Adapt CloudMonitoringDatasource and CloudMonitoringAnnotationSupport (#60177)
* Fix: avoid migration for new queries (#60375)
* Move preprocessor handling to the backend (#60383)
* Other fixes and new function (#60411)
* Adapt components to the new API (#60451)
* Split metrics query type in time series list and query (#60475)
* Clean up metricQuery references (#60478)
* More bug fixes (#60525)
* SQL Datasources: Use health check for config test
* Remove unnecessary test
* Fix test errors
* Revert mysql go driver update
* Use transform query error
* Use TransformQueryError from sql_engine
Time range added for public dashboard:
- Enable/Disable switch added in public dashboard configuration.
- Time range picker shown in public dashboard for viewer user
* RBAC: Add fake for permissions service
* ServiceAccount: Rewrite create api tests
* ServiceAccount: Rewrite api delete tests
* ServiceAccount: Rewrite api test for RetriveServiceAccount
* ServiceAccount: Refactor UpdateServiceAccount api test
* ServiceAccount: Refactor CreateToken api test
* ServiceAccount: refactor delete token api tests
* ServiceAccount: rewrite list tokens api test
* Remove test helper that is not used any more
* ServiceAccount: remove unused test helpers
* AuthN: Add functionallity to test if auth client should be used
* AuthN: Add bolierplate client for api keys and register it
* AuthN: Add tests for api key client
* Inject service
* AuthN: Update client names
* ContextHandler: Set authn service
* AuthN: Implement authentication for api key client
* ContextHandler: Use authn service for api keys if flag is enabled
* AuthN: refactor authentication method to return additional value to
indicate if client could perform authentication
* update prefixes
* Add namespaced id to identity
* AuthN: Expand the Identity struct to include required fields from signed
in user
* Add error for disabled service account
* Add function to write error response based on errutil.Error
* Add error to log
* Return errors based on errutil.Error
* pass error
* update log message
* Fix namespaced ids
* Add tests
* Lint
* introduce alias for json.RawMessage with name RawMessage. This is needed to keep raw JSON and implement a marshaler for YAML, which does not seem to be used but there are tests that fail.
* replace usage of simplejson with RawMessage in NotificationChannelConfig
* remove usage of simplejson in tests
* change migration code to convert simplejson to raw message
* chore: remove unused test helper from sqlstore
TimeNow() is no longer used in any tests in this package.
* chore: move sqlstore.SQLBuilder to the infra/db package
This required some minor refactoring; we need to be a little more explicit about passing around the dialect and engine. On the other hand, that's a few fewer uses of the `dialect` global constant!
* chore: move UserDeletions into the only package using it
* cleanup around moving sqlbuilder
* remove dialect and sqlog global vars
* rename userDeletions to serviceAccountDeletions
* Refactor parse query to functions
* Move parsing to new file
* Create empty result variable and use it when returning early
* Fix linting
* Revert "Create empty result variable and use it when returning early"
This reverts commit 36a503f66e.
* Set Dashboard and Panel IDs on rule group replacement
* fix comments and abbreviate test variable name
* Update pkg/services/ngalert/provisioning/alert_rules.go
Co-authored-by: Jean-Philippe Quéméner <JohnnyQQQQ@users.noreply.github.com>
Co-authored-by: Jean-Philippe Quéméner <JohnnyQQQQ@users.noreply.github.com>
* Update config store to split between active and history tables
* Migrations to fix up indexes
* Implement migration from old format to new
* Move add migrations call
* Delete duplicated rows
* Explicitly map fields
* Quote the column name because it's a reserved word
* Lift migrations to top
* introduce Logger interface local to channles + implementaton that wraps the Grafana logger
* make NewFactoryConfig accept LoggerFactory
* add logger field to FactoryConfig
* update usages of log.Logger to internal interface
* Guardian: Use dashboard UID instead of ID
* Apply suggestions from code review
Introduce several guardian constructors and each time use
the most appropriate one.
Grafana would forward the X-Grafana-User header to backend plugin request when
dataproxy.send_user_header is enabled. In addition, X-Grafana-User will be automatically
forwarded in outgoing HTTP requests for core/builtin HTTP datasources.
Use grafana-plugin-sdk-go v0.147.0.
Fixes#47734
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
* ProxyUtil: Populate X-Grafana-Referer header
* ProxyUtil: Move Referer/Origin header removal
So that the removal and setting X-Grafana-Referer logic applies to all
proxied requests and not just datasource proxy.
* ProxyUtil: Test to guard against multiline headers
* ProxyUtil: Explicitly check injected header isn't parsed
* Move and rename genversions.go and tests
* Fix lint - bring back cli.Exit
* Move package.json and fix tests
* Add necessary env vars for promote event
* Implement backtesting engine that can process regular rule specification (with queries to datasource) as well as special kind of rules that have data frame instead of query.
* declare a new API endpoint and model
* add feature toggle `alertingBacktesting`
* Elasticsearch: Fix ordering in raw_document and add logic for raw_data
* Add comments
* Fix raw data request to use correct timefield
* Fix linting
* Add raw data as metric type
* Fix linting
* Elasticsearch: Add defaults for log query
* Add higlight
* Fix lint
* Add snapshot test
* Implement correct query for logs
* Update
* Adjust naming and comments
* Fix lint
* Remove ifs
* initial commit
* clean up
* fix a bug and add tests
* more tests
* undo some unintended changes
* undo some unintended changes
* linting
* PR feedback - add user ID to search options
* simplify the query
* Apply suggestions from code review
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* remove unneeded formatting changes
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* Move truncation code to util to mirror upstream
* Resolve merge conflicts
* Align logging of alert key
* Update tests and fix field passing bug
* Remove superfluous newline in test now that we trim whitespace
* Uptake minor log changes from upstream
* RBAC: Add benchmarks to search all users given a specific permission
* Add missing time
* Inline benchmarks
* Make bench setup memory efficient
* fix user id
* comment
* Ran 10K_10k and got a better time this time
* change comment to pass linting
* change comment to pass linting
* Update pkg/services/accesscontrol/acimpl/service_bench_test.go
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
* refactor: renaming of files from database to store
* refactor: make service account store private
- moves store interface to manager package
- adds an interface to the ProvideAPI constructor
- refactors tests to use the store when necessary
- adds mocks for the new interface implementations in the tests package
* wip
* refactor: make fakestore in service
* wip
* wip
* wip
* working tests
* trailing whitespaces
* Update pkg/services/serviceaccounts/api/api.go
* Update pkg/services/serviceaccounts/tests/common.go
* Update pkg/services/serviceaccounts/tests/common.go
* refactor: doc string for retriever
* fix import unused
* remove: serviceaccount from featuretoggle
* added: back legacy serviceaccounts feature toggle
* added: docs
* refactor: make query for the SearchQuery
* add: validation of service input fields
* add validation
* Remove TraceID tab when TraceQL is enabled. Use TraceQL editor to query for trace IDs by checking whether the content is an hex only string
* Highlight valid trace IDs in traceql editor
* Update trace and span links to use TraceQL tab when feature flag is enabled
* Remove traceqlEditor feature flag.
* Remove traceId query type from Tempo and replace it with traceQl
* Elasticsearch: Fix ordering in raw_document and add logic for raw_data
* Add comments
* Fix raw data request to use correct timefield
* Fix linting
* Add raw data as metric type
* Fix linting
* Hopefully fix lint
* Datasource settings: Add deprecation notice for database field
* SQL Datasources: Migrate from settings.database to settings.jsonData.database
* Check jsonData first
* Remove comment from docs
* add stats and licensing under admin -> general when topnav is enabled
* add ldap to users and access
* use ID instead of Id
* add enterprise licensing node
* Kinds: Generate JSON report
* Kinds: Add Validate/Write support for JSON report
* Kinds: Report format
* Kinds: Report new line
* Kinds: Use kindsys.SomeKindMeta to generate the report
* Move kinds report generation to the end
* Re-structure kinds report JSON output
* Make prettier to ignore kinds json report
* Minor on kinds report generation
* Fix toggles_gen test
Removes request/response connection/hop headers for call resource in similar
manner as Go's reverse proxy functions. Also removes Prometheus datasource
custom call resource header manipulation in regards to hop-by-hop headers.
Fixes#60076
Ref #58646
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
This change marks tests in the `sender` package that use an external
process as integration tests instead of unit tests. This speeds up the
package's unit tests by about 20 seconds.
This change also reduces the number of alert instances in the `store`
package's bulk write integration test from 20_000 to 10_000. This is
still enough to exercise the bulk-write code but speeds up the package
tests from about 250s to 130s.
Put together, integration tests go to about 160s while also speeding up
unit tests by 20s.
This commit better defines how we set states in resultNormal,
resultAlerting, resultError and resultNoData. It changes the existing
code to call methods such as SetAlerting, SetPending, SetNormal,
SetError and NoData instead of assigning values to each individual field
whenever the state is changed. This should make it easier to understand
what fields should be set for which states and avoid cases where states are
missing, or have additional unexpected fields.
Before this change, the alerting provisioning system incorrectly used
the QuotaTarget to check if alerting's request quota had been reached.
The quota service requires the QuotaTargetSrv, which is what's
registered with the service at startup time. This is leading to errors
in the provisioning system.
* block move operation that could introduce more than 8 level of depth, forbid circular reference
* move getHeight to store, mock store in service
* fix linter
