* add validation of team header values w. regex
* apply valid headers
* refactor testcases to account for badly formatted json
* refactoring to move validation code close to the validation itself
* removed tes
* Update pkg/api/datasources_test.go
Co-authored-by: Alexander Zobnin <alexanderzobnin@gmail.com>
* Update pkg/api/datasources.go
Co-authored-by: Alexander Zobnin <alexanderzobnin@gmail.com>
* review comments
* review during pairing
---------
Co-authored-by: Alexander Zobnin <alexanderzobnin@gmail.com>
* introduce data source admin role and fix frontend check
* introduce fixed roles for data source creator and team reader
* add documentation
* undo an unintended change
* Add teamHeaders for datasource proxy requests
* adds validation for the teamHeaders
* added tests for applying teamHeaders
* remove previous implementation
* validation for header values being set to authproxy
* removed unnecessary checks
* newline
* Add middleware for injecting headers on the data source backend
* renamed feature toggle
* Get user teams from context
* Fix feature toggle name
* added test for validation of the auth headers and fixed evaluation to cover headers
* renaming of teamHeaders to teamHTTPHeaders
* use of header set for non-existing header and add for existing headers
* moves types into datasources
* fixed unchecked errors
* Refactor
* Add tests for data model
* Update pkg/api/datasources.go
Co-authored-by: Victor Cinaglia <victor@grafana.com>
* Update pkg/api/datasources.go
Co-authored-by: Victor Cinaglia <victor@grafana.com>
---------
Co-authored-by: Alexander Zobnin <alexanderzobnin@gmail.com>
Co-authored-by: Victor Cinaglia <victor@grafana.com>
fetch fresh permissions for global in AuthorizeInOrgMiddleware
Update pkg/services/accesscontrol/authorize_in_org_test.go
do not load viewer permissions in global ID
* Move errors to error file
* Move check for both empty username and email to user service
* Move check for empty email and username to user service Update
* Wrap inner error
* Set username in test
* Unfurl OrgRole in pkg/api to allow using identity.Requester interface
* Unfurl Email in pkg/api to allow using identity.Requester interface
* Update UserID in pkg/api to allow using identity.Requester interface
* fix authed test
* fix datasource tests
* guard login
* fix preferences anon testing
* fix anonymous index rendering
* do not error with user id 0
* Plugins: Add client middlware that forwards the signed grafana id token if present
* DsProxy: Set grafana id header if id token exists
* Add util function to apply id token to header
* Only add id forwarding middleware if feature toggle is enabled
* Add feature toggles to ds proxy and check if id forwarding is enabled
* Clean up test setup
* Change to use backend.ForwardHTTPHeaders interface
* PluginProxy: Forward signed identity when feature toggle is enabled
* PluginProxy: forrward signed id header
* Teams: Implement backend sorting
* Add docs
* Make name ordering case insensitive
* lint
* Fix no lowercasing on memberCount
* Add test to double check the filters or correctly OrderBy
* User: Add sort option to user search
* Switch to an approach that uses the dashboard search options
* Cable user sort on the org endpoint
* Alias user table with u in org store
* Add test and cover orgs/:orgID/users/search endpoint
* Add test to userimpl store
* Simplify the store_test with sortopts.ParseSortQueryParam
* Account for PR feedback
* Positive check
* Update docs
* Update docs
* Switch to ErrOrFallback
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
---------
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
