Commit Graph

3527 Commits

Author SHA1 Message Date
Karl Persson
152cb47692
AuthN: Add IsAuthenticatedBy to identity interface and replace checks (#85262)
Add IsAuthenticatedBy to identity interface and replace checks
2024-03-27 15:22:13 +01:00
Jo
7649d93d17
AuthProxy: Fix missing session for ldap auth proxy users (#85090)
fix missing session for ldap auth proxy users
2024-03-26 09:24:24 +01:00
Bruno
a2e21eac8c
Cloud migrations: create endpoint to create an access token (#84690)
* fix merge conflicts

* make token expiration configurable
2024-03-25 12:43:28 -03:00
linoman
fc205db466
samlsettings: api integration (#84300)
* add strategy and tests

* use settings provider service and remove multiple providers strategy

* Move SAML strategy to ssosettings service

* Update codeowners file

* reload from settings provider

* add saml as configurable provider

* Add new SAML strategy

* rename old saml settings interface

* update saml string references

* use OSS license

* validate saml provider depends on license for List

* add tests for list rendering including saml

* change the licensing validation to service init

* replace service struct for provider
2024-03-25 10:54:45 +01:00
Ezequiel Victorero
c57c033522
Snapshots: Viewers can not create a Snapshot (#84952) 2024-03-22 14:31:01 -03:00
Eric Leijonmarck
2f7fd729ef
Auth: Enable case insensitive logins/emails by default (#84840)
* wip

* wip

* wip

* wip postgres tests
2024-03-22 16:45:18 +01:00
chalapat
65c0669f01
Server: Reload TLS certs without a server restart (#83589)
* server: reload of grafana server certs when renewed without restart.

Signed-off-by: Rao, B V Chalapathi <b_v_chalapathi.rao@nokia.com>

* server: reload of grafana server certs when renewed without restart.

Signed-off-by: Rao, B V Chalapathi <b_v_chalapathi.rao@nokia.com>

* Update http_server.go

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* Update http_server.go

Address the comments

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Dan Cech <dan@aussiedan.com>

* Update http_server.go

Align the spaces

* Update http_server.go

* Update http_server.go

* Update pkg/api/http_server.go

Co-authored-by: Dan Cech <dan@aussiedan.com>

---------

Signed-off-by: Rao, B V Chalapathi <b_v_chalapathi.rao@nokia.com>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
Co-authored-by: Dan Cech <dan@aussiedan.com>
2024-03-22 17:13:22 +02:00
Eric Leijonmarck
bb792ff540
Auth: Remove oauth skip org role sync (#84972)
* remove oauth wide skip org role sync

* we are warning from config

* set it to false

* removed from config ini files and updated docs
2024-03-22 15:34:05 +01:00
Andreas Christou
6bb7ab261a
AzureMonitor: User authentication support (#81918)
* Stub out frontend user auth

* Stub out backend user auth

* Add context

* Reorganise files

* Refactor app registration form

* Alert for user auth service principal credentials

* AzureMonitor: Add flag for enabling/disabling fallback credentials for current user authentication (#82332)

* Rename field

* Add fallback setting

* Update tests and mock

* Remove duplicate setting line

* Update name of property

* Update frontend settings

* Update docs and default config files

* Update azure-sdk

* Fix lint

* Update test

* Bump dependency

* Update configuration

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* Docs review

* AzureMonitor: User authentication frontend updates (#83107)

* Rename field

* Add fallback setting

* Update tests and mock

* Remove duplicate setting line

* Update name of property

* Update frontend settings

* Update docs and default config files

* Add alerts to query editor

- Add authenticatedBy property to grafana/data
- Update mocks
- Update query editor to disable it under certain circumstances
- Update tests

* Add separate FallbackCredentials component

- Reset AppRegistrationCredentials component to only handle clientsecret credentials
- Update AzureCredentialsForm
- Update selectors
- Update tests
- Update credentials utility functions logic

* Alert when fallback credentials disabled

* Update condition

* Update azure-sdk

* Fix lint

* Update test

* Remove unneeded conditions

* Set auth type correctly

* Legacy cloud options

* Fix client secret

* Remove accidental import

* Bump dependency

* Add tests

* Don't use VerticalGroup component

* Remove unused import

* Fix lint

* Appropriately set oAuthPassThru and disableGrafanaCache properties

* Clear azureCredentials on authType change

* Correctly retrieve secret

* Fix bug in authTypeOptions

* Update public/app/plugins/datasource/azuremonitor/components/ConfigEditor/CurrentUserFallbackCredentials.tsx

Co-authored-by: Andrew Hackmann <5140848+bossinc@users.noreply.github.com>

* Update public/app/plugins/datasource/azuremonitor/components/QueryEditor/QueryEditor.tsx

Co-authored-by: Andrew Hackmann <5140848+bossinc@users.noreply.github.com>

* Update public/app/plugins/datasource/azuremonitor/components/ConfigEditor/CurrentUserFallbackCredentials.tsx

Co-authored-by: Andrew Hackmann <5140848+bossinc@users.noreply.github.com>

* Add documentation links

* Fix broken link

---------

Co-authored-by: Andrew Hackmann <5140848+bossinc@users.noreply.github.com>

* AzureMonitor: Update docs for current user authentication (#83440)

* Rename field

* Add fallback setting

* Update tests and mock

* Remove duplicate setting line

* Update name of property

* Update frontend settings

* Update docs and default config files

* Add alerts to query editor

- Add authenticatedBy property to grafana/data
- Update mocks
- Update query editor to disable it under certain circumstances
- Update tests

* Add separate FallbackCredentials component

- Reset AppRegistrationCredentials component to only handle clientsecret credentials
- Update AzureCredentialsForm
- Update selectors
- Update tests
- Update credentials utility functions logic

* Alert when fallback credentials disabled

* Update condition

* Update azure-sdk

* Fix lint

* Update test

* Remove unneeded conditions

* Set auth type correctly

* Legacy cloud options

* Fix client secret

* Remove accidental import

* Bump dependency

* Add tests

* Don't use VerticalGroup component

* Remove unused import

* Update docs

* Fix lint

* Appropriately set oAuthPassThru and disableGrafanaCache properties

* Clear azureCredentials on authType change

* Correctly retrieve secret

* Feedback

* Spelling

* Update docs/sources/datasources/azure-monitor/_index.md

Co-authored-by: Larissa Wandzura <126723338+lwandz13@users.noreply.github.com>

* Update docs/sources/datasources/azure-monitor/_index.md

Co-authored-by: Larissa Wandzura <126723338+lwandz13@users.noreply.github.com>

* Update docs/sources/datasources/azure-monitor/_index.md

Co-authored-by: Larissa Wandzura <126723338+lwandz13@users.noreply.github.com>

* Update docs/sources/datasources/azure-monitor/_index.md

Co-authored-by: Larissa Wandzura <126723338+lwandz13@users.noreply.github.com>

---------

Co-authored-by: Larissa Wandzura <126723338+lwandz13@users.noreply.github.com>

* Docs review

* Update docs with additional configuration information

* Fix to appropriately hide the query editor

* Typo

* Update isCredentialsComplete

* Update test

---------

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
Co-authored-by: Andrew Hackmann <5140848+bossinc@users.noreply.github.com>
Co-authored-by: Larissa Wandzura <126723338+lwandz13@users.noreply.github.com>
2024-03-19 16:32:24 +00:00
Andreas Christou
7c3f621688
Chore: Update grafana-azure-sdk-go (#84741)
* Update grafana-azure-sdk-go

* Update test
2024-03-19 14:56:40 +00:00
Josh Hunt
f2628bfad4
Whitelabelling: Override version in UI from config (#84392)
* Unify how the version is shown in the UI

* use versionString in dashboard help bundles

* fix lint

* remove comment

* fix test types

* make test less flakey
2024-03-15 18:39:13 +02:00
Karl Persson
d4e802dd47
Authn: Add function to resolve identity from org and namespace id (#84555)
* Add function to get the namespaced id

* Add function to resolve an identity through authn.Service from org and namespace id

* Switch to resolve identity for re-authenticate in another org
2024-03-15 15:08:15 +01:00
Sofia Papagiannaki
1208888bb6
Folders: Allow listing folders with write permission (#83527)
* Folders: Allow listing folders with write permission

* Check for subfolder access if parent does not have

* Add test

* GetFolders: fix ordering

* Apply suggestion from code review
2024-03-15 14:05:27 +02:00
Karl Persson
ebf455d107
RBAC: Don't refetch permissions when searching for users in authenticated org (#84546)
Don't refetch permissions when searching for users in authenticated org
2024-03-15 10:36:16 +01:00
Gilles De Mey
8765c48389
Alerting: Remove legacy alerting (#83671)
Removes legacy alerting, so long and thanks for all the fish! 🐟

---------

Co-authored-by: Matthew Jacobson <matthew.jacobson@grafana.com>
Co-authored-by: Sonia Aguilar <soniaAguilarPeiron@users.noreply.github.com>
Co-authored-by: Armand Grillet <armandgrillet@users.noreply.github.com>
Co-authored-by: William Wernert <rwwiv@users.noreply.github.com>
Co-authored-by: Yuri Tseretyan <yuriy.tseretyan@grafana.com>
2024-03-14 15:36:35 +01:00
Karl Persson
8d9521fb6d
Refactor: Email verification (#84393)
* Update template names

* Add verifier that we can use to start verify process

* Use userVerifier when verifying email on update

* Add tests
---------

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
2024-03-14 13:25:28 +01:00
Will Browne
225ac8003c
Plugins: Tidy config struct (#84168)
* tidy plugins config usage

* fix tests
2024-03-11 16:28:46 +01:00
Josh Hunt
1ab8857e48
E2C: Add cloud migration is_target server config option (#83419) 2024-03-11 14:29:44 +02:00
Selene
1181141b40
Schemas: Refactor plugin's metadata (#83696)
* Remove kinds verification for kind-registry

* Read plugin's json information with json library instead of use thema binding

* Remove grafanaplugin unification

* Don't use kindsys for extract the slot name

* Fix IsGroup

* Remove all plugindef generation

* Refactor schema interfaces

* Pushed this change from a different branch by mistake...

* Create small plugin definition structure adding additional information for plugins registration

* Add some validation checks

* Delete unused code

* Fix imports lint
2024-03-07 11:09:19 +01:00
Sofia Papagiannaki
b8d8662bd9
Swagger: Re-generate the enterprise specification if enterprise is cloned (#81730)
* Swagger: Re-generate the enterprise specification if enterprise is cloned successfully

* API change to trigger the swagger CI step execution

* Swagger: Silence logs
2024-03-07 12:07:35 +02:00
linoman
8e827afb8c
Password Policy: Validate strong password upon update (#83959)
* add drawer for auth settings

* add StrongPasswordField component

* Add style to different behaviours

* update style for component

* add componenet to ChangePasswordForm

* pass the event handlers to the child component

* add style for label container

* expose strong password policy config option to front end

* enforce password validation with config option
2024-03-07 01:56:48 -06:00
Alexander Weaver
7a171fd14a
Regenerate openapidocs at 1.21.8 to match ci (#84037)
* Regenerate openapidocs at 1.21.8 to match ci

* Adjust trigger to work on the actual outputted files

* Also put go.mod and go.sum in the triggers

* manually fix

* Make an arbitrary change rather than touching the trigger to force a run

* Drop all triggers - run all the time

* Print diff - taken from @papagian's PR

* Manual fixes to swagger doc

---------

Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
2024-03-06 16:08:45 -06:00
Carl Bergquist
b3efb4217e
Cfg: Adds experimental scope grafana.ini settings (#83174)
Signed-off-by: bergquist <carl.bergquist@gmail.com>
2024-03-05 16:41:19 +01:00
Alexander Zobnin
82a88cc83f
Access control: Extend GetUserPermissions() to query permissions in org (#83392)
* Access control: Extend GetUserPermissions() to query permissions in specific org

* Use db query to fetch permissions in org

* refactor

* refactor

* use conditional join

* minor refactor

* Add test cases

* Search permissions correctly in OSS vs Enterprise

* Get permissions from memory

* Refactor

* remove unused func

* Add tests for GetUserPermissionsInOrg

* fix linter
2024-03-04 13:29:13 +01:00
owensmallwood
0dfdb2ae47
Revert "Add FolderUID for library elements" (#83776)
Revert "Add FolderUID for library elements (#79572)"

This reverts commit 2532047e7a.
2024-03-01 18:16:43 +02:00
Jo
0aebb9ee39
Misc: Remove unused params and impossible logic (#83756)
* remove unused params and impossible logic

* remove unused param
2024-03-01 12:08:00 +01:00
Jo
36a19bfa83
AuthProxy: Allow disabling Auth Proxy cache (#83755)
* extract auth proxy settings

* simplify auth proxy methods

* add doc mentions
2024-03-01 11:31:06 +01:00
Misi
75b020c19d
Cfg: Add a setting to configure if the local file system is available (#83616)
* Introduce environment.local_filesystem_available

* Only show TLS client cert, client key, client ca when local_filesystem_available is true

* Rename LocalFSAvailable to LocalFileSystemAvailable
2024-03-01 10:39:50 +01:00
idafurjes
2532047e7a
Add FolderUID for library elements (#79572)
* Add FolderUID in missing places for libraryelements

* Add migration for FolderUID in library elements table

* Add Folder UIDs tolibrary panels

* Adjust dashboard import with folder uid

* Fix lint

* Rename back FolderUID to UID

* Remove default

* Check if folderUID is nil

* Add unique indes on org_id,folder_uid,name and kind

* Update pkg/services/libraryelements/database.go

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>

* Fix folder integration test, with unique index on library elements

* Make folder uids nullable and rewrite migration query

* Use dashboard uid instead of folder_uid

* Adjust test

---------

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
2024-03-01 10:16:33 +01:00
김은빈
96dfb385ca
Grafana: Replace magic number with a constant variable in response status (#80132)
* Chore: Replace response status with const var

* Apply suggestions from code review

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>

* Add net/http import

---------

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
2024-02-27 18:39:51 +02:00
Will Browne
5edd96ae77
Plugins: Refactor plugin config into separate env var and request scoped services (#83261)
* seperate services for env + req

* merge with main

* fix tests

* undo changes to golden file

* fix linter

* remove unused fields

* split out new config struct

* provide config

* undo go mod changes

* more renaming

* fix tests

* undo bra.toml changes

* update go.work.sum

* undo changes

* trigger

* apply PR feedback
2024-02-27 12:38:02 +01:00
Khushi Jain
d02de5ddb9
Image Rendering: Add settings for default width, height and scale (#82040)
* Add Image width & height

* ability to change default width, height and scale

* default ini

* Update conf/defaults.ini

Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>

* Update pkg/setting/setting.go

Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>

* Update pkg/setting/setting.go

Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>

* Added docs, changed frontend

* Update conf/defaults.ini

Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>

* Update conf/defaults.ini

Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>

* Update conf/defaults.ini

Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>

* Update pkg/api/dtos/frontend_settings.go

Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>

* Update pkg/api/frontendsettings.go

Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>

* Update pkg/api/render.go

Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>

* add query float 64

* Update packages/grafana-runtime/src/config.ts

Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>

* Update public/app/features/dashboard/components/ShareModal/utils.ts

Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>

* spacing

* fix tests

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

---------

Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
2024-02-26 13:27:34 +01:00
Serge Zaitsev
d0679f0993
Chore: Add support bundle for folders (#83360)
* add support bundle for folders

* fix ProvideService in tests

* add a test for collector
2024-02-26 11:27:22 +01:00
Agnès Toulet
8d68159b52
Public Dashboards: Disable email-sharing when there is no license (#80887)
* PublicDashboards: Disable email-shared dashboards when feature is disabled

* fix pubdash creation when it was email-shared

* add feature name const in OSS

* update doc

* Update service.go

* fix test & linter

* fix test

* Update query_test.go

* update tests

* fix imports

* fix doc linter issues

* Update docs/sources/administration/enterprise-licensing/_index.md

* fix after merge
2024-02-22 09:34:14 +01:00
Ryan McKinley
809c1eaddb
Snapshots: delete from same org (#83111)
delete in org
2024-02-21 08:04:15 -05:00
Torkel Ödegaard
64e0a4282e
DataQuery: Track panel plugin id not type (#83091) 2024-02-21 09:38:42 +01:00
Xavi Lacasa
46c26bbd0b
Auth: Fix email verification bypass when using basic authentication (#82914) 2024-02-16 18:54:59 +01:00
Karl Persson
9e04fd0fb7
AuthToken: Remove client token rotation feature toggle (#82886)
* Remove usage of client token rotation flag

* Remove client token rotation feature toggle
2024-02-16 15:03:37 +01:00
linoman
ac84069071
Password policy (#82268)
* add password service interface

* add password service implementation

* add tests for password service

* add password service wiring

* add feature toggle

* Rework from service interface to static function

* Replace previous password validations

* Add codeowners to password service

* add error logs

* update config files


---------

Co-authored-by: Karl Persson <kalle.persson@grafana.com>
2024-02-16 04:58:05 -06:00
Gabriel MABILLE
846eadff63
RBAC Search: Replace userLogin filter by namespacedID filter (#81810)
* Add namespace ID

* Refactor and add tests

* Rename maxOneOption -> atMostOneOption

* Add ToDo

* Remove UserLogin & UserID for NamespaceID

Co-authored-by: jguer <joao.guerreiro@grafana.com>

* Remove unecessary import of the userSvc

* Update pkg/services/accesscontrol/acimpl/service.go

* fix 1 -> userID

* Update pkg/services/accesscontrol/accesscontrol.go

---------

Co-authored-by: jguer <joao.guerreiro@grafana.com>
2024-02-16 11:42:36 +01:00
Sofia Papagiannaki
69f604f7fa
Chore: Fix benchmarks (#82714) 2024-02-16 10:40:39 +02:00
Ieva
4d53385d5f
RBAC: allow listing permissions on the root folder (#82184)
* allow returning AC metadata for the root folder

* add a test

* share the reserved root folder UID with frontend
2024-02-15 16:13:14 +00:00
Karl Persson
1315c67c8b
Team/User: UID migrations (#82298)
* Add user uid migration to run on every startup to protect against empty values in a upgrade downgrade scenario

* Add team uid migration to run on every startup to protect against empty values in a upgrade downgrade scenario

* Run team uid migration
2024-02-12 14:48:29 +01:00
Will Browne
788b9afda3
Plugins: Make it possible to support multiple plugin versions (#82116)
* first pass

* use version in more places

* add comment

* update installer

* fix wire

* fix tests

* tidy

* simplify changes

* fix in mem

* remove unused step

* fix step dupe logic for child plugins + add tests
2024-02-12 12:47:49 +01:00
Jo
6f62d970e3
JWT Authentication: Add support for specifying groups in auth.jwt for teamsync (#82175)
* merge JSON search logic

* document public methods

* improve test coverage

* use separate JWT setting struct

* correct use of cfg.JWTAuth

* add group tests

* fix DynMap typing

* add settings to default ini

* add groups option to devenv path

* fix test

* lint

* revert jwt-proxy change

* remove redundant check

* fix parallel test
2024-02-09 16:35:58 +01:00
Dan Cech
790e1feb93
Chore: Update test database initialization (#81673)
* streamline initialization of test databases, support on-disk sqlite test db

* clean up test databases

* introduce testsuite helper

* use testsuite everywhere we use a test db

* update documentation

* improve error handling

* disable entity integration test until we can figure out locking error
2024-02-09 09:35:39 -05:00
Agnès Toulet
28e66b4ad8
Rendering: Adds PDF support behind feature toggle (#81811)
* start pdf refactor

* Update AppChrome.tsx

* Update AppChrome.tsx

* add encoding param to rendering grpc service

* fix plugin mode

* clean up

* fix backend tests

* fix lint errors

* Support pdf encoding in render http api

---------

Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
2024-02-08 13:09:34 +01:00
Tania
14a36b4040
Folders: Forbid performing operations on folders via dashboards HTTP API (#81264)
* Forbid creating folders via dashboard api

* Update delete endpoint

* Update docs
2024-02-04 01:16:19 +01:00
Ryan McKinley
ba3ee60711
K8s: Allow more control over the final openapi results (#81829) 2024-02-02 14:19:45 -08:00
Sofia Papagiannaki
cf6ebb0548
Swagger: Remove redundant annotation (#81780) 2024-02-02 15:11:23 +02:00