Commit Graph

60 Commits

Author SHA1 Message Date
Ieva
d8b66d5c4b
RBAC: remove some IsDisabled checks (#69272)
* remove some access contorl IsDisabled() checks

* cleaning up tests

* update tests

* linting
2023-05-31 09:58:57 +01:00
Jo
6b6cf5f4b7
Cfg: Move ViewersCanEdit into cfg (#64876)
move ViewersCanEdit into cfg
2023-03-16 10:54:01 +01:00
idafurjes
982939111b
Rename Id to ID for annotation models (#62886)
* Rename Id to ID for annotation models

* Add xorm tags

* Rename Id to ID for API key models

* Add xorm tags
2023-02-03 17:23:09 +01:00
idafurjes
6c5a573772
Chore: Move ReqContext to contexthandler service (#62102)
* Chore: Move ReqContext to contexthandler service

* Rename package to contextmodel

* Generate ngalert files

* Remove unused imports
2023-01-27 08:50:36 +01:00
Kristin Laemmert
e8b8a9e276
chore: move dashboard_acl models into dashboard service (#62151) 2023-01-26 08:46:30 -05:00
idafurjes
b54b80f473
Chore: Remove Result from dashboard models (#61997)
* Chore: Remove Result from dashboard models

* Fix lint tests

* Fix dashboard service tests

* Fix API tests

* Remove commented out code

* Chore: Merge main - cleanup
2023-01-25 10:36:26 +01:00
idafurjes
68445a7c77
Chore: Remove dashboard ACL from models (#61749)
* Remove dashboard ACL from models

* Remove unused comment
2023-01-20 14:58:47 +01:00
Serge Zaitsev
fa36591380
Chore: Remove mockstore and use dbtest instead (#61629)
* remove mockstore and use dbtest instead

* fix wire

* remove unused expected fields

* fix more tests in alerting

* fix api tests
2023-01-18 16:01:25 +01:00
idafurjes
7c2522c477
Chore: Move dashboard models to dashboard pkg (#61458)
* Copy dashboard models to dashboard pkg

* Use some models from current pkg instead of models

* Adjust api pkg

* Adjust pkg services

* Fix lint
2023-01-16 16:33:55 +01:00
Karl Persson
e0c7ef3481
RBAC: Rewrite rbac annotations test (#61036)
* API: Rewrite annotation rbac tests to not use mocked access control

* API: rewrite mass deletion rbac tests
2023-01-09 09:59:14 +01:00
Sofia Papagiannaki
11d8bcbea9
Guardian: Introduce additional constructors (#59577)
* Guardian: Use dashboard UID instead of ID

* Apply suggestions from code review

Introduce several guardian constructors and each time use
the most appropriate one.
2022-12-15 16:34:17 +02:00
Serge Zaitsev
af7d293eaf
Chore: Remove Store interface and use db.DB instead (#60160)
* Chore: Remove Store interface and use db.DB instead

* use old-style session exec
2022-12-13 11:03:36 +01:00
Serge Zaitsev
5b861faec3
Chore: Reduce the usage of sqlstore.createorg and use orgservice instead (#59356)
* remove legacy createorg from org service

* remove another createorg from orgimpl

* remove createorg from api pref tests

* remove createorg from api org tests

* fix tests

* remove createorg from annotations test

* remove createorg from team tests

* remove createorg from service accounts

* remove createorg from accesscontrol tests

* remove createorg from provisioning

* Use quotaservice from sc.hs
2022-11-28 12:05:46 +01:00
Serge Zaitsev
c2e847d0b0
Chore: Remove createorgwithmember (#59161)
remove createorgwithmember
2022-11-23 10:37:04 +01:00
Kristin Laemmert
05709ce411
chore: remove sqlstore & mockstore dependencies from (most) packages (#57087)
* chore: add alias for InitTestDB and Session

Adds an alias for the sqlstore InitTestDB and Session, and updates tests using these to reduce dependencies on the sqlstore.Store.

* next pass of removing sqlstore imports
* last little bit
* remove mockstore where possible
2022-10-19 09:02:15 -04:00
Serge Zaitsev
305d494902
Chore: Switch over to team.Service instead of sqlstore (#55497)
* switch to using team service

* trying to fix tests

* more tests to fix

* add missing teamtest package
2022-09-20 18:58:04 +02:00
Sofia Papagiannaki
754eea20b3
Chore: SQL store split for annotations (#55089)
* Chore: SQL store split for annotations

* Apply suggestion from code review
2022-09-19 10:54:37 +03:00
Karl Persson
c08fe3a53c
RBAC: Enable rbac when creating new settings (#53531)
* Settings: Set RBACEnabled to true by default

* Remove accessControlEnabledFlag and explicitly set to false when needed

* Disable rbac for tests
2022-08-11 15:37:31 +02:00
idafurjes
a14621fff6
Chore: Add user service method SetUsingOrg and GetSignedInUserWithCacheCtx (#53343)
* Chore: Add user service method SetUsingOrg

* Chore: Add user service method GetSignedInUserWithCacheCtx

* Use method GetSignedInUserWithCacheCtx from user service

* Fix lint after rebase

* Fix lint

* Fix lint error

* roll back some changes

* Roll back changes in api and middleware

* Add xorm tags to SignedInUser ID fields
2022-08-11 13:28:55 +02:00
idafurjes
6afad51761
Move SignedInUser to user service and RoleType and Roles to org (#53445)
* Move SignedInUser to user service and RoleType and Roles to org

* Use go naming convention for roles

* Fix some imports and leftovers

* Fix ldap debug test

* Fix lint

* Fix lint 2

* Fix lint 3

* Fix type and not needed conversion

* Clean up messages in api tests

* Clean up api tests 2
2022-08-10 11:56:48 +02:00
idafurjes
f5cace8bbd
Rename Acl to ACL (#52342)
* Rename Acl to ACL

* Fix yaml files

* Add xorm tags and fix test
2022-07-18 15:14:58 +02:00
owensmallwood
0b4af38bfa
Public Dashboards: Query Caching (#51403)
* passes id and uid to PublicDashboardDatasource

* betterer results

* If for a public dashboard, return the PublicDashboardDataSource first or else getDatasourceSrv.get() will fail bc of no authed user.

Added some unit tests for resolving the uid from the many possible datasource types.

* updates betterer

* Exports DashboardService. Adds method to DashboardService to build anonymous user for use with public dashboards where there is no authed user. Adds method on dashboard_queries to get all dashboard uids from a dashboard.

* refactors to get unique datasource uids

* Adds tests for getting all unique datasource uids off a dashboard

* adds test for building anonymous user with read and query actions that are scoped to each datasource uid in the dashboard

* updates casing of DashboardService

* updates test case to have additional panel with a different datasource

* gives default interval to public dashboard data source
2022-07-06 12:42:39 -06:00
Karl Persson
44ffbfd6aa
RBAC: Refactor GetUserPermissions to use []accesscontrol.Permission (#50683)
* Return slice of permissions instead of slice of pointers for permissions
2022-06-14 10:17:48 +02:00
Kristin Laemmert
2edfbb7767
sqlstore split: dashboard permissions (#49962)
* backend/sqlstore split: remove unused GetDashboardPermissionsForUser from sqlstore
* remove debugging line
* backend/sqlstore: move dashboard permission related functions to dashboard service
2022-06-01 14:16:26 -04:00
Kristin Laemmert
8c753999df
chore: replace artisanal FakeDashboardService with generated mock (#49276)
* chore: replace handmade FakeDashboardService with generated mock

Maintaining a handcrafted FakeDashboardService is not sustainable now that we are in the process of moving the dashboard-related functions out of sqlstore.

* remove dialect global variable
2022-05-23 11:14:27 -04:00
Kristin Laemmert
1df340ff28
backend/services: Move GetDashboard from sqlstore to dashboard service (#48971)
* rename folder to match package name
* backend/sqlstore: move GetDashboard into DashboardService

This is a stepping-stone commit which copies the GetDashboard function - which lets us remove the sqlstore from the interfaces in dashboards - without changing any other callers.
* checkpoint: moving GetDashboard calls into dashboard service
* finish refactoring api tests for dashboardService.GetDashboard
2022-05-17 14:52:22 -04:00
Scott Bock
3d922a4e67
AnnotationsApi: GET /api/annotations/:annotationId (#47739) 2022-05-16 17:16:36 +02:00
ying-jeanne
bde368be55
Chore : Replace dashboardid with dashboardUID in annotation API (#48481)
* replace dashboardid with dashboardUID in annotation API

* add some tests

* modify some docs and add uid into get endpoint

* rebase with main

* add map for avoiding too much retrieve on dashboards
2022-05-02 11:35:36 +02:00
Karl Persson
de50f39c12
Access Control: Refactor scope resolvers with support to resolve into several scopes (#48202)
* Refactor Scope resolver to support resolving into several scopes

* Change permission evaluator to match at least one of passed scopes
2022-05-02 09:29:30 +02:00
Vardan Torosyan
a0553de8dd
Rename FGAC to RBAC in the codebase (#48051) 2022-04-21 14:31:02 +02:00
Ieva
1588cd393a
check that the user has RBAC permissions to save dashboard annotation (#47882) 2022-04-20 09:43:42 +02:00
Serge Zaitsev
18e93c7077
Chore: Remove bus (#47511)
* Chore: Remove bus

* remove unused const
2022-04-08 16:15:06 +02:00
Ieva
bc9b5325a0
update docs, simplify actions and scopes (#47067) 2022-04-04 13:53:58 +01:00
Kat Yang
90f2233ea9
Chore: Remove global database engine variable from annotation (#46940)
* Chore: Remove global database engine variable from annotation

* 💩
2022-03-25 13:23:09 -04:00
Ezequiel Victorero
c5f295b5b3
Access Control: adding FGAC validation to mass delete annotation endpoint (#46846)
* Access Control: adding FGAC validation to mass delete annotation endpoint
2022-03-23 18:39:00 -03:00
ying-jeanne
adc0cbf176
remove global variable in annotation (#46746)
* remove global varaible in annotation

* remove todo

* replace intransaction with withdbtransaction

* fix typo
2022-03-22 19:20:57 +08:00
Ezequiel Victorero
c717320942
Adding FGAC annotations validation for creation and deletion (#46736)
Access Control: Adding FGAC annotations validation for creation and deletion
Co-authored-by: IevaVasiljeva <ieva.vasiljeva@grafana.com>
2022-03-21 14:28:39 -03:00
Serge Zaitsev
fec634a091
Chore: Remove bus.Dispatch from guardian package (#46711)
* replace bus in guardian with sqlstore

* fix a couple of tests

* replace bus in the rest of the tests

* allow init guardian from other packages

* make linter happy

* init guardian in library elements

* fix another test in libraryelements

* fix more tests

* move guardian mock one level deeper

* fix more tests

* rename init functions
2022-03-21 10:49:49 +01:00
Ieva
f2450575b3
Access control: FGAC for annotation updates (#46462)
* proposal

* PR feedback

* fix canSave bug

* update scope naming

* linting

* linting

Co-authored-by: Ezequiel Victorero <ezequiel.victorero@grafana.com>
2022-03-18 17:33:21 +01:00
Ezequiel Victorero
4f815e3d8e
Access control: adding FGAC to annotation GET endpoints and fixed roles (#45102)
* Access control: adding FGAC to annotation GET endpoints and fixed roles

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
2022-02-11 15:43:29 -03:00
Dimitris Sotirakis
605d056136
Security: Sync security changes on main (#45083)
* * Teams: Appropriately apply user id filter in /api/teams/:id and /api/teams/search
* Teams: Ensure that users searching for teams are only able see teams they have access to
* Teams: Require teamGuardian admin privileges to list team members
* Teams: Prevent org viewers from administering teams
* Teams: Add org_id condition to team count query
* Teams: clarify permission requirements in teams api docs
* Teams: expand scenarios for team search tests
* Teams: mock teamGuardian in tests

Co-authored-by: Dan Cech <dcech@grafana.com>

* remove duplicate WHERE statement

* Fix for CVE-2022-21702

(cherry picked from commit 202d7c190082c094bc1dc13f7fe9464746c37f9e)

* Lint and test fixes

(cherry picked from commit 3e6b67d5504abf4a1d7b8d621f04d062c048e981)

* check content type properly

(cherry picked from commit 70b4458892bf2f776302720c10d24c9ff34edd98)

* basic csrf origin check

(cherry picked from commit 3adaa5ff39832364f6390881fb5b42ad47df92e1)

* compare origin to host

(cherry picked from commit 5443892699e8ed42836bb2b9a44744ff3e970f42)

* simplify url parsing

(cherry picked from commit b2ffbc9513fed75468628370a48b929d30af2b1d)

* check csrf for GET requests, only compare origin

(cherry picked from commit 8b81dc12d8f8a1f07852809c5b4d44f0f0b1d709)

* parse content type properly

(cherry picked from commit 16f76f4902e6f2188bea9606c68b551af186bdc0)

* mentioned get in the comment

(cherry picked from commit a7e61811ef8ae558ce721e2e3fed04ce7a5a5345)

* add content-type: application/json to test HTTP requests

* fix pluginproxy test

* Fix linter when comparing errors

Co-authored-by: Kevin Minehart <kmineh0151@gmail.com>
Co-authored-by: Dan Cech <dcech@grafana.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Co-authored-by: Serge Zaitsev <serge.zaitsev@grafana.com>
Co-authored-by: Vardan Torosyan <vardants@gmail.com>
2022-02-09 13:44:38 +01:00
idafurjes
1b286e6bb5
Remove bus from quota, preferences, plugins, user_token (#44762)
* Remove bus from quota, preferences, plugins, user_token

* Bind sqlstore.Store to *sqlstore.SQLStore

* Fix test

* Fix sqlstore wire injection, dependency
2022-02-03 09:20:20 +01:00
idafurjes
7936c4c522
Rename AddHandlerCtx to AddHandler (#43557) 2021-12-28 16:08:07 +01:00
idafurjes
e6123bc3ef
Replace AddHandler with AddHandlerCtx in tests (#42585) 2021-12-01 15:43:31 +01:00
Serge Zaitsev
d9cdcb550e
Chore: Refactor api handlers to use web.Bind (#42199)
* Chore: Refactor api handlers to use web.Bind

* fix comments

* fix comment

* trying to fix most of the tests and force routing.Wrap type check

* fix library panels tests

* fix frontend logging tests

* allow passing nil as a response to skip writing

* return nil instead of the response

* rewrite login handler function types

* remove handlerFuncCtx

* make linter happy

* remove old bindings from the libraryelements

* restore comments
2021-11-29 10:18:01 +01:00
Hugo Häggmark
63f9231de1
Annotations: Adds tags endpoint (#36199)
* Annotations: Adds tags endpoint

* Chore: fixes sql  statement

* Refactor: adds count to the api

* Chore: changes after PR comments

* Refactor: changes after PR comments
2021-06-30 13:42:54 +02:00
Hugo Häggmark
3d41267fc4
Chore: Moves common and response into separate packages (#30298)
* Chore: moves common and response into separate packages

* Chore: moves common and response into separate packages

* Update pkg/api/utils/common.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Chore: changes after PR comments

* Chore: move wrap to routing package

* Chore: move functions in common to response package

* Chore: move functions in common to response package

* Chore: formats imports

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-01-15 14:43:20 +01:00
Arve Knudsen
cb62e69997
Chore: Convert API tests to standard Go lib (#29009)
* Chore: Convert tests to standard Go lib

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
2020-11-13 09:52:38 +01:00
Carl Bergquist
3fdd2648b1
Chore: Avoid aliasing importing models in api package (#22492) 2020-03-04 12:57:20 +01:00
Ryan McKinley
6335509a23 Annotations: use a single row to represent a region (#17673)
* SQLite migrations

* cleanup

* migrate end times

* switch to update with a query

* real migration

* anno migrations

* remove old docs

* set isRegion from time changes

* use <> for is not

* add comment and fix index decleration

* single validation place

* add test

* fix test

* add upgrading docs

* use AnnotationEvent

* fix import

* remove regionId from typescript
2019-08-16 10:49:30 +02:00