* Service account: Ensure that you can revert only service accounts which you can access
* Remove prettier messup with docs
* Remove prettier messup with docs
* Prettier run
* Move user not found err to user service
* User ErrCaseInsensitive from user pkg
* User ErrUserAlreadyExists from user pkg
* User ErrLastGrafanaAdmin from user pkg
* Remove errors from model
* Org: use constants for status codes
* ServiceAccounts: Avoid creating new orgs for service accounts
* Document createUserBehavior
* Update pkg/services/sqlstore/org_users_test.go
* add doc string to flag
* Split Create User
* Use new create user and User from package user
* Add service to wire
* Making create user work
* Replace user from user pkg
* One more
* Move Insert to orguser Service/Store
* Remove unnecessary conversion
* Cleaunp
* Fix Get User and add fakes
* Fixing get org id for user logic, adding fakes and other adjustments
* Add some tests for ourguser service and store
* Fix insert org logic
* Add comment about deprecation
* Fix after merge with main
* Move orguser service/store to org service/store
* Remove orguser from wire
* Unimplement new Create user and use User from pkg user
* Fix wire generation
* Fix lint
* Fix lint - use only User and CrateUserCommand from user pkg
* Remove User and CreateUserCommand from models
* Fix lint 2
* ServiceAccounts: able to get upgrade status
* Banner with API keys migration info
* Show API keys migration info on Service accounts page
* Migrate individual API keys
* Use transaction for key migration
* Migrate all api keys to service accounts
* Hide api keys after migration
* Migrate API keys separately for each org
* Revert API key
* Revert key API method
* Rename migration actions and reducers
* Fix linter errors
* Tests for migrating single API key
* Tests for migrating all api keys
* More tests
* Fix reverting tokens
* API: rename convert to migrate
* Add api route descriptions to methods
* rearrange methods in api.go
* Refactor: rename and move some methods
* Prevent assigning tokens to non-existing service accounts
* Refactor: ID TO Id
* Refactor: fix error message
* Delete service account if migration failed
* Fix linter errors
* update action names
* correctly retrieve teams for signed in user
* remove test
* undo swagger changes
* undo swagger changes pt2
* add migration from old action names to the new ones
* rename from list to read
* linting
* also update alertign actions
* fix migration
* ServiceAccounts: refactor ServiceAccountRoleRow
* Refactor ServiceAccountRoleRow
* Refactor ServiceAccountProfile
* Refactor components
* Change service accounts icon
* Refine service accounts page header
* Improve service accounts filtering
* Change delete button style
* Tweak account id
* Auto focus name field when create service account
* Add disable/enable button
* Enable/disable service accounts
* Optimize updating service account (do not fetch all)
* Remove status column (replace by enable/disable button)
* Add banner with service accounts description
* Add tokens from main page
* Update tokens count when add token from main page
* Fix action buttons column
* Fix tokens count when change role
* Refine table row classes
* Fix buttons
* Simplify working with state
* Show message when service account updated
* Able to filter disabled accounts
* Mark disabled accounts in a table
* Refine disabled account view
* Move non-critical components to separate folder
* Remove confusing focusing
* Fix date picker position when creating new token
* DatePicker: able to set minimum date that can be selected
* Don't allow to select expiration dates prior today
* Set tomorrow as a default token expiration date
* Fix displaying expiration period
* Rename Add token button
* Refine page styles
* Show modal when disabling SA from main page
* Arrange role picker
* Refine SA page styles
* Generate default token name
* More smooth navigation between SA pages
* Stop loading indicator in case of error
* Remove legacy styles usage
* Tweaks after code review
Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>
* Get rid of useDisapatch in favor of mapDispatchToProps
* Tests for ServiceAccountsListPage
* Tests for service account page
* Show new role picker only with license
* Get rid of deprecated css classes
* Apply suggestion from code review
Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>
* Fix service accounts icon
* Tests for service account create page
* Return service account info when update
* Add behaviour tests for ServiceAccountsListPage
* Fix disabled cursor on confirm button
* More behavior tests for service account page
* Temporary disable service account migration banner
* Use safe where condition
Co-authored-by: Jguer <joao.guerreiro@grafana.com>
* Apply review suggestions
Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>
* Remove autofocus from search
Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>
Co-authored-by: Jguer <joao.guerreiro@grafana.com>
* pkg/web: store http.Handler internally
* pkg/web: remove injection
Removes any injection code from pkg/web.
It already was no longer functional, as we already only injected into
`http.Handler`, meaning we only inject ctx.Req and ctx.Resp.
Any other types (*Context, *ReqContext) were already accessed using the
http.Request.Context.Value() method.
* *: remove type mappings
Removes any call to the previously removed TypeMapper, as those were
non-functional already.
* pkg/web: remove Context.Invoke
was no longer used outside of pkg/web and also no longer functional
* Add prefixed API key gen.
* Retrieve API Key by hash
* Handle prefixed API keys for login
* Add placeholder key generator
* fix spelling
* add get by hash sqlstore test
* reformat query
* quote usage of reserved keyword key
* use constant
* improve error handling and pre-select key type
Co-authored-by: Victor Cinaglia <victor@grafana.com>
* nits
Co-authored-by: Victor Cinaglia <victor@grafana.com>
Makes `pkg/web` only accept handles from the following set:
```go
handlerStd = func(http.ResponseWriter, *http.Request)
handlerStdCtx = func(http.ResponseWriter, *http.Request, *web.Context)
handlerStdReqCtx = func(http.ResponseWriter, *http.Request, *models.ReqContext)
handlerReqCtx = func(*models.ReqContext)
handlerReqCtxRes = func(*models.ReqContext) Response
handlerCtx = func(*web.Context)
```
This is a first step to reducing above set to only `http.Handler`.
---
Due to a cyclic import situation between `pkg/models` and `pkg/web`, parts of this PR were put into `pkg/api/response`, even though they definitely do not belong there. This however is _temporary_ until we untangle `models.ReqContext`.
* reduce the usage of access control flag further by removing it from SQL store methods
* fixing tests
* fix another test
* linting
* remove AC feature toggle use from API keys
* remove unneeded function
* Update API Keys UI to adjust based on users permissions
Since API Keys support now RBAC we need to ensure that UI
is adjusted based on the user permissions.
* Applying PR suggestions
* WIP
* fix: bug for saving name did not remove edit
* refactor: better error msg
* Display the column Roles even when user can't see the role picker
* Remove spaces when building the search query request
* Disable Edit button and fix token addition and deletion
* Fix the error message text
Co-authored-by: Vardan Torosyan <vardants@gmail.com>
* forbid setting role higher than user's role
* change response code
* can assign API key permissions to non-admin users
* add: assign viewer role directly upon creation
* refactor: add AddSATcommand infavor of AddAPIkey
* refactor: frontend fixes for ServiceAccountToken
Co-authored-by: eleijonmarck <eric.leijonmarck@gmail.com>
* Add option to set ResourceAttribute for a permissions service
* Use prefix in access control sql filter to parse scopes
* Use prefix in access control metadata to check access
* Refactor to ServiceAccounts Query
* filtering expiredtokens on backend
* WIP
* WIP
* WIP
* fix: missing that we do not cover for no service accounts
* fix: wrong link
* feat: filter able to get only service accounts with expired tokens
* refactor: naming
* Update pkg/services/serviceaccounts/models.go
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* goimported
* Update pkg/services/serviceaccounts/api/api.go
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* Stats: do not count SAs as users
* Stats: implement basic service account metrics
* Stats: do not count service account tokens as api keys
* Stats: fix metric names
* Stats: add SA stats test
* rename user to sa
* ServiceAccounts: remove unused endpoint
* ServiceAccounts: remove usage of getOrgUsers from service accounts
* use dialect for boolean str true in delete
* return service account results directly
* Move Service Account Deletions to sa package
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
Co-authored-by: gamab <gabi.mabs@gmail.com>
* Move service account methods to service accounts
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
Co-authored-by: gamab <gabi.mabs@gmail.com>
* Service accounts should not interfere with users
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* filter service accounts in user services
* mispell fix
* fix overextended lines
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* fix variable
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
Co-authored-by: gamab <gabi.mabs@gmail.com>
* ServiceAccounts: modernize SA creation interface
* ServiceAccounts: improve service account ID generation
* ServiceAccounts: remove unused method
* ServiceAccounts: Make SA ID display name dependent
* ServiceAccounts: Add tests for Service Account creation
* trim trailing whitespace
* Update pkg/services/serviceaccounts/api/api.go
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
* Update pkg/services/serviceaccounts/api/api.go
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
* ServiceAccounts: Delete/Disable service account from details page
* ServiceAccounts: capitalize viewable messages from UI
* ServiceAccounts: Link new update endpoint to details page
* ServiceAccounts: reimplement service account retrieve to include is_disabled and only target service accounts
* Cleanup styles
* Fix modal show
* ServiceAccounts: simplify handler functions
* Apply suggestions from code review
Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>
Co-authored-by: Clarity-89 <homes89@ukr.net>
Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>
* ServiceAccounts: Fix token-apikey cross deletion
* ServiceAccounts: separate API key store and service account token store
* ServiceAccounts: hide service account tokens from API Keys page
* ServiceAccounts: uppercase statement
* ServiceAccounts: fix and add new tests for SAT store
* ServiceAccounts: remove service account ID from add API key
* ServiceAccounts: clear up errors
