* Allow API to assign new user to a specific organization
* Add defer block to test
* Add API tests and return 400 instead of 500 for bad orgId
* Minor test improvements
* AlertNotifications: Translate notifications IDs to UIDs in alert Rule builder
* Avoid shadowing errors, raise validation error on non-existing notification id
* create a cache for notification Uids to minimize db overhead
* add cache usage test
* avoid caching empty notification Uids
* isolate db in alert notificationUid caching tests
* Stats: add active user count query
* License: add info in settings
* Stats: Retrieve active users stats for different roles
+ Clean files and tests
* Stats: add dialect.Quote in queries
* Stats: improve tests (require instead of assert)
* Stats: improve tests (require instead of assert)
This feature would provide a way for administrators to limit the minimum
dashboard refresh interval globally.
Filters out the refresh intervals available in the time picker that are lower
than the set minimum refresh interval in the configuration .ini file
Adds the minimum refresh interval as available in the time picker.
If the user tries to enter a refresh interval that is lower than the minimum
in the URL, defaults to the minimum interval.
When trying to update the JSON via the API, rejects the update if the
dashboard's refresh interval is lower than the minimum.
When trying to update a dashboard via provisioning having a lower
refresh interval than the minimum, defaults to the minimum interval
and logs a warning.
Fixes#3356
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* Implement Azure AD oauth
* Use go-jose and cleanup
* Update go-jose in go.mod
* cleanup
* Add unit tests
* Fix scopes
* Add documentation page
* Improve documentation
* Convert extract_role into function.
* Do not use upn and replace unique_name with preferred_username
* Configure login button
* Use official microsoft icon and color from branding guideline.
* Add Azure AD config section in sample.ini.
When an alert is sent by e-mail, the process sends an e-mail to
each recipient separately. This PR is a single delivery to all recipients.
For companies that use e-mail extensively, this is necessary in order
not to overload the sending queue.
Replaces #18013Fixes#12650
Co-authored-by: Henrique Oliveira <holiiveira@users.noreply.github.com>
* refactor to multiple rows
* added name for org user struct
* added name getorgusers
* added user name to tableview
* made test pass
* updated userMocks to user name field
* added missing UsersTable snapshot
* added name on teammembers page, be able to search query for name, login and email
* added the updated snapshots
* conform to same sorting as output form
* conform to previous way of using it
* sort first by login and after by email, as it was before
* Licensing: supplies a service to handle licensing information
* Licensing: uses the license service further
Uses the license service instead of settings.isEnterprise:
- external team members
- saml
- usage stats
* Licensing: fixes broken tests due to new Licensing service dependency
* Licensing: fixes linting errors
* Licensing: exposes license expiry information to the frontend
* API: Add `updatedAt` to api/users/:id
This adds the timestamp of when a particular user was last updated to
the `api/users/:id` endpoint.
This helps our administrators understand when was the user information last
updated. Particularly when it comes from external systems e.g. LDAP
Adds the definition of `GetTeamsForLDAPGroupCommand` which handles the lookup of team information based on LDAP groupDNs.
This is an Enterprise only feature. To diferentiate,a response will contain the `team` key as `null` on OSS while on Enterprise the key will contain an empty array `[]` when no teams are found.
* Move the ReloadLDAPCfg function to the debug file
Appears to be a better suite place for this.
* LDAP: Return the server information when we find a specific user
We allow you to specify multiple LDAP servers as part of LDAP authentication integration. As part of searching for specific users, we need to understand from which server they come from. Returning the server configuration as part of the search will help us do two things:
- Understand in which server we found the user
- Have access the groups specified as part of the server configuration
* LDAP: Adds the /api/admin/ldap/:username endpoint
This endpoint returns a user found within the configured LDAP server(s). Moreso, it provides the mapping information for the user to help administrators understand how the users would be created within Grafana based on the current configuration.
No changes are executed or saved to the database, this is all an in-memory representation of how the final result would look like.
Existing /api/alert-notifications now requires at least editor access.
Existing /api/alert-notifiers now requires at least editor access.
New /api/alert-notifications/lookup returns less information than
/api/alert-notifications and can be access by any authenticated user.
Existing /api/org/users now requires org admin role.
New /api/org/users/lookup returns less information than
/api/org/users and can be access by users that are org admins,
admin in any folder or admin of any team.
UserPicker component now uses /api/org/users/lookup instead
of /api/org/users.
Fixes#17318
* Fix CreateTeam api endpoint
No team member should be created for requests
authenticated by API tokens.
* Update middleware test
Assert that `isAnonymous` is set for `SignedInUser`
authenticated via API key.
* Add test for team creation
Assert that no team member is created if the signed in user
is anomymous.
* Revert "Fix CreateTeam api endpoint"
This reverts commit 9fcc4e67f5.
* Revert "Update middleware test"
This reverts commit 75f767e58d.
* Fix CreateTeam api endpoint
No team member should be created for requests
authenticated by API tokens.
* Update team test
* Change error to warning and update tests
* Add support for `is_disabled` to `CreateUser()`
* Add support for `is_disabled` to `SearchUsers()`
Had to add it as a `string` type not as `bool`, since if that's property
is omitted, we would have add it to SQL request, which might be dangerous
* Restructure desctructive tests and add more
* API: Duplicate API Key Name Handle With Useful HTTP Code
* 17447: make changes requested during review
- use dialect.IsUniqueContraintViolation
- change if statement to match others
- return error properly
* Revert "17447: make changes requested during review"
This reverts commit a4a674ea83.
* API: useful http code on duplicate api key error w/ tests
* API: API Key Duplicate Handling
fixed small typo associated with error
* Users: show badges for each auth provider
* Chore: don't use functions in angular bindings
* Users: minor style changes to labels
* Chore: convert auth labels on the backed side, deduplicate frontend code
* Users: use authLabels everywhere instead of authModule
* User: fix edit user page style
* Users: minor fixes after review
* Teams: show proper label for each auth provider
Teams: don't sore AuthModule in team_member table, use JOIN to get it instead
* Teams: fix AddTeamMember after last changes
* Teams: add more auth provider labels
* Teams: show external sync badge if LDAP is not enabled
* Teams: tests for getting auth module
* Build: use golangci-lint as a make command
* Since gometalinter was deprecated in favor of golangci-lint so it was
replaced by it. Responsibilities held by the gometalinter was moved to
golangci-lint
* There was some changes in implementation (that was also mentioned in
the code comment) between the tools, which uncovered couple errors
in the code. Those issues were either solved or disabled by
the inline comments
* Introduce the golangci-lint config, to make their
configuration more manageable
* Build: replace backend-lint.sh script with make
* Modify backend to allow expiration of API Keys
* Add middleware test for expired api keys
* Modify frontend to enable expiration of API Keys
* Fix frontend tests
* Fix migration and add index for `expires` field
* Add api key tests for database access
* Substitude time.Now() by a mock for test usage
* Front-end modifications
* Change input label to `Time to live`
* Change input behavior to comply with the other similar
* Add tooltip
* Modify AddApiKey api call response
Expiration should be *time.Time instead of string
* Present expiration date in the selected timezone
* Use kbn for transforming intervals to seconds
* Use `assert` library for tests
* Frontend fixes
Add checks for empty/undefined/null values
* Change expires column from datetime to integer
* Restrict api key duration input
It should be interval not number
* AddApiKey must complain if SecondsToLive is negative
* Declare ErrInvalidApiKeyExpiration
* Move configuration to auth section
* Update docs
* Eliminate alias for models in modified files
* Omit expiration from api response if empty
* Eliminate Goconvey from test file
* Fix test
Do not sleep, use mocked timeNow() instead
* Remove index for expires from api_key table
The index should be anyway on both org_id and expires fields.
However this commit eliminates completely the index for now
since not many rows are expected to be in this table.
* Use getTimeZone function
* Minor change in api key listing
The frontend should display a message instead of empty string
if the key does not expire.
* batch disable users
* batch revoke users tokens
* split batch disable user and revoke token
* API: get users with auth info and isExternal flag
* fix tests for batch disable users
* Users: refactor /api/users/search endpoint
* Users: use alias for "user" table
* Chore: add BatchDisableUsers() to the bus
* Users: order user list by id explicitly
* Users: return AuthModule from /api/users/:id endpoint
* Users: do not return unused fields
* Users: fix SearchUsers method after last changes
* User: return auth module as array for future purposes
* User: tests for SearchUsers()
* User: return only latest auth module in SearchUsers()
* User: fix JOIN, get only most recent auth module
* Users: add is_disabled column
* Users: disable users removed from LDAP
* Auth: return ErrInvalidCredentials for failed LDAP auth
* User: return isDisabled flag in user search api
* User: mark disabled users at the server admin page
* Chore: refactor according to review
* Auth: prevent disabled user from login
* Auth: re-enable user when it found in ldap
* User: add api endpoint for disabling user
* User: use separate endpoints to disable/enable user
* User: disallow disabling external users
* User: able do disable users from admin UI
* Chore: refactor based on review
* Chore: use more clear error check when disabling user
* Fix login tests
* Tests for disabling user during the LDAP login
* Tests for disable user API
* Tests for login with disabled user
* Remove disable user UI stub
* Sync with latest LDAP refactoring
* Add file path to metadata and show it in dialogs
* Make path relative to config directory
* Fix tests
* Add test for the relative path
* Refactor to use path relative to provisioner path
* Change return types
* Rename attribute
* Small fixes from review
* Chore: remove session storage references
* Small refactoring of the settings module
* Update docs - remove references for the session storage
* Update config files (sample and default configs)
* Add tests for warning during the config load on defined storage cache
* Remove all references to session storage
* Remove macaron session dependency
* Remove leftovers
* Fix: address review comments
* Fix: remove old deps
* Fix: add skipStaticRootValidation = true to tests
* Fix: improve the docs and warning message
As per discussion in here - https://github.com/grafana/grafana/pull/16445/files#r273026255
* Chore: make linter happy
Fixes#16148
Ref #16114
* Store passwords in secureJsonData
* Revert unnecessary refactors
* Fix for nil jsonSecureData value
* Remove copied encryption code from migration
* Fix wrong field reference
* Remove migration and provisioning changes
* Use password getters in datasource proxy
* Refactor password handling in datasource configs
* Add provisioning warnings
* Update documentation
* Remove migration command, moved to separate PR
* Remove unused code
* Set the upgrade version
* Remove unused code
* Remove double reference
* Unprovision dashboard in case of DisableDeletion = true
* Rename command struct
* Handle removed provision files
* Allow html in confirm-modal
* Do not show confirm button without onConfirm
* Show dialog on deleting provisioned dashboard
* Changed DeleteDashboard to DeleteProvisionedDashboard
* Remove unreachable return
* Add provisioned checks to API
* Remove filter func
* Fix and add tests for deleting dashboards
* Change delete confirm text
* Added and used pkg/errors for error wrapping
Fixes so it's possible to create new notification channel and providing uid.
Fixes better error/result handling when updating a notifcation channel.
Fixes#16372
Ref #16219#16012
Now returns uid in response to get notification channel by id.
Adds GET/PUT/DELETE support for notification channel by uid,
/api/alert-notifications/uid/:uid.
Break apart alerting and alert notification http api docs in two
pages and update documentation to make it up to date
with current implementation.
Fixes#16012
as noted, sessions might not be a good name for this metrics.
while devices would be a better name for users I think we should
align the name with the code as much as possible. The ui listing
all auth_tokens per user should probarbly say "devices" instead
* master: (250 commits)
Firing off an action instead of listening to location changes
Changes after PR Comments
Made ExplorerToolbar connected and refactored away responsabilities from Explore
Removed some split complexity
Fixed some more styling
Fixed close split look and feel
Fixed position of Closesplit
Fixed small issue with TimePicker dropdown position
Simplified some styles and dom elements
Fixed some more with the sidemenu open and smaller screens
Fixed so heading looks good with closed sidemenu
Restructure of component and styling
Refactored out ExploreToolbar from Explore
Fixed reinitialise of Explore
changelog: add notes about closing #13929
changelog: add notes about closing #14558
changelog: add notes about closing #14484
changelog: add notes about closing #13765
changelog: add notes about closing #11503
changelog: add notes about closing #4075
...
If notification state is pending and last update of state was made
less than a minute ago. In the case of a grafana instance is shut down/crashes
between setting pending state and before sending the notification/marks as complete
this logic should allow the notification to be sent after some time instead of
being left in an inconsistent state where no notifications are being sent.
GitLab could already be used as an authentication backend by properly
configuring `auth.generic_oauth`, but then there was no way to authorize
users based on their GitLab group membership.
This commit adds a `auth.gitlab` backend, similar to `auth.github`, with
an `allowed_groups` option that can be set to a list of groups whose
members should be allowed access to Grafana.
* Rewriting team pages in react
* teams to react progress
* teams: getting team by id returns same DTO as search, needed for AvatarUrl
* teams: progress on new team pages
* fix: team test
* listing team members and removing team members now works
* teams: team member page now works
* ux: fixed adding team member issue
* refactoring TeamPicker to conform to react coding styles better
* teams: very close to being done with team page rewrite
* minor style tweak
* ux: polish to team pages
* feature: team pages in react & everything working
* fix: removed flickering when changing tabs by always rendering PageHeader
* enable ee build on pr/master
* step1: of including group sync
* disable commit pinning for now
* fixes broken build
* enable team to ldap group sync
* avoid returning error for missing external handler
* services: allow routes to be added before http server start
* services: allows services to add their own migrations
* moves db migrations to ee code base
* build using master branch in ee
* disable enterprise build in .bra.toml
[skip ci]
* removes team sync extensions
* removes commented line
* master: (30 commits)
changelog: add notes about closing #11882
renamed variable in tests
added comment, variableChange -> variableValueChange
added a test
added if to check if new variable has been added
Gravatar fallback does not respect 'AppSubUrl'-setting (#12149)
change admin password after first login
changelog: adds note about closing #11958
revert: reverted singlestat panel position change PR #12004
Revert "provisioning: turn relative symlinked path into absolut paths"
provisioning: turn relative symlinked path into absolut paths
changelog: adds note about closing #11670
elasticsearch: sort bucket keys to fix issue wth response parser tests
docs: what's new in v5.2
changelog: add notes about closing #11167
docs: docker secrets support. (#12141)
alerting: show alerts for user with Viewer role
datasource: added option no-direct-access to ds-http-settings diretive, closes#12138
provisioning: adds fallback if evalsymlink/abs fails
tests: uses different paths depending on os
...
This commit fixes the following golint warnings:
pkg/api/avatar/avatar.go:229:12: should omit type *http.Client from declaration of var client; it will be inferred from the right-hand side
pkg/login/brute_force_login_protection.go:13:26: should omit type time.Duration from declaration of var loginAttemptsWindow; it will be inferred from the right-hand side
pkg/metrics/graphitebridge/graphite.go:58:26: should omit type []string from declaration of var metricCategoryPrefix; it will be inferred from the right-hand side
pkg/metrics/graphitebridge/graphite.go:69:22: should omit type []string from declaration of var trimMetricPrefix; it will be inferred from the right-hand side
pkg/models/alert.go:37:36: should omit type error from declaration of var ErrCannotChangeStateOnPausedAlert; it will be inferred from the right-hand side
pkg/models/alert.go:38:36: should omit type error from declaration of var ErrRequiresNewState; it will be inferred from the right-hand side
pkg/models/datasource.go:61:28: should omit type map[string]bool from declaration of var knownDatasourcePlugins; it will be inferred from the right-hand side
pkg/plugins/update_checker.go:16:13: should omit type http.Client from declaration of var httpClient; it will be inferred from the right-hand side
pkg/services/alerting/engine.go:103:24: should omit type time.Duration from declaration of var unfinishedWorkTimeout; it will be inferred from the right-hand side
pkg/services/alerting/engine.go:105:19: should omit type time.Duration from declaration of var alertTimeout; it will be inferred from the right-hand side
pkg/services/alerting/engine.go:106:19: should omit type int from declaration of var alertMaxAttempts; it will be inferred from the right-hand side
pkg/services/alerting/notifier.go:143:23: should omit type map[string]*NotifierPlugin from declaration of var notifierFactories; it will be inferred from the right-hand side
pkg/services/alerting/rule.go:136:24: should omit type map[string]ConditionFactory from declaration of var conditionFactories; it will be inferred from the right-hand side
pkg/services/alerting/conditions/evaluator.go:12:15: should omit type []string from declaration of var defaultTypes; it will be inferred from the right-hand side
pkg/services/alerting/conditions/evaluator.go:13:15: should omit type []string from declaration of var rangedTypes; it will be inferred from the right-hand side
pkg/services/alerting/notifiers/opsgenie.go:44:19: should omit type string from declaration of var opsgenieAlertURL; it will be inferred from the right-hand side
pkg/services/alerting/notifiers/pagerduty.go:43:23: should omit type string from declaration of var pagerdutyEventApiUrl; it will be inferred from the right-hand side
pkg/services/alerting/notifiers/telegram.go:21:17: should omit type string from declaration of var telegramApiUrl; it will be inferred from the right-hand side
pkg/services/provisioning/dashboards/config_reader_test.go:11:24: should omit type string from declaration of var simpleDashboardConfig; it will be inferred from the right-hand side
pkg/services/provisioning/dashboards/config_reader_test.go:12:24: should omit type string from declaration of var oldVersion; it will be inferred from the right-hand side
pkg/services/provisioning/dashboards/config_reader_test.go:13:24: should omit type string from declaration of var brokenConfigs; it will be inferred from the right-hand side
pkg/services/provisioning/dashboards/file_reader.go:22:30: should omit type time.Duration from declaration of var checkDiskForChangesInterval; it will be inferred from the right-hand side
pkg/services/provisioning/dashboards/file_reader.go:24:23: should omit type error from declaration of var ErrFolderNameMissing; it will be inferred from the right-hand side
pkg/services/provisioning/datasources/config_reader_test.go:15:34: should omit type string from declaration of var twoDatasourcesConfig; it will be inferred from the right-hand side
pkg/services/provisioning/datasources/config_reader_test.go:16:34: should omit type string from declaration of var twoDatasourcesConfigPurgeOthers; it will be inferred from the right-hand side
pkg/services/provisioning/datasources/config_reader_test.go:17:34: should omit type string from declaration of var doubleDatasourcesConfig; it will be inferred from the right-hand side
pkg/services/provisioning/datasources/config_reader_test.go:18:34: should omit type string from declaration of var allProperties; it will be inferred from the right-hand side
pkg/services/provisioning/datasources/config_reader_test.go:19:34: should omit type string from declaration of var versionZero; it will be inferred from the right-hand side
pkg/services/provisioning/datasources/config_reader_test.go:20:34: should omit type string from declaration of var brokenYaml; it will be inferred from the right-hand side
pkg/services/sqlstore/stats.go:16:25: should omit type time.Duration from declaration of var activeUserTimeLimit; it will be inferred from the right-hand side
pkg/services/sqlstore/migrator/mysql_dialect.go:69:14: should omit type bool from declaration of var hasLen1; it will be inferred from the right-hand side
pkg/services/sqlstore/migrator/mysql_dialect.go:70:14: should omit type bool from declaration of var hasLen2; it will be inferred from the right-hand side
pkg/services/sqlstore/migrator/postgres_dialect.go:95:14: should omit type bool from declaration of var hasLen1; it will be inferred from the right-hand side
pkg/services/sqlstore/migrator/postgres_dialect.go:96:14: should omit type bool from declaration of var hasLen2; it will be inferred from the right-hand side
pkg/setting/setting.go:42:15: should omit type string from declaration of var Env; it will be inferred from the right-hand side
pkg/setting/setting.go:161:18: should omit type bool from declaration of var LdapAllowSignup; it will be inferred from the right-hand side
pkg/setting/setting.go:473:30: should omit type bool from declaration of var skipStaticRootValidation; it will be inferred from the right-hand side
pkg/tsdb/interval.go:14:21: should omit type time.Duration from declaration of var defaultMinInterval; it will be inferred from the right-hand side
pkg/tsdb/interval.go:15:21: should omit type time.Duration from declaration of var year; it will be inferred from the right-hand side
pkg/tsdb/interval.go:16:21: should omit type time.Duration from declaration of var day; it will be inferred from the right-hand side
pkg/tsdb/cloudwatch/credentials.go:26:24: should omit type map[string]cache from declaration of var awsCredentialCache; it will be inferred from the right-hand side
pkg/tsdb/influxdb/query.go:15:27: should omit type *regexp.Regexp from declaration of var regexpOperatorPattern; it will be inferred from the right-hand side
pkg/tsdb/influxdb/query.go:16:27: should omit type *regexp.Regexp from declaration of var regexpMeasurementPattern; it will be inferred from the right-hand side
pkg/tsdb/mssql/mssql_test.go:25:14: should omit type string from declaration of var serverIP; it will be inferred from the right-hand side
* master:
changelog: adds note about closing #11613 and #11602
fix: sign in link should have target self to trigger full page reload, fixes#11626
codespell: exclude by words instead of files
Use sort.Strings() (gosimple)
Remove unused return value assignment (gosimple)
Remove unnecessary fmt.Sprintf() calls (gosimple)
Merge variable declaration with assignment (gosimple)
Use fmt.Errorf() (gosimple)
Simplify make() (gosimple)
Use raw strings to avoid double escapes (gosimple)
Simplify if expression (gosimple)
Simplify comparison to bool constant (gosimple)
Simplify error returns (gosimple)
Remove redundant break statements (gosimple)
This fixes:
pkg/cmd/grafana-cli/commands/install_command.go:36:11: should use fmt.Errorf(...) instead of errors.New(fmt.Sprintf(...)) (S1028)
pkg/models/org_user.go:53:11: should use fmt.Errorf(...) instead of errors.New(fmt.Sprintf(...)) (S1028)
pkg/services/notifications/mailer.go:138:16: should use fmt.Errorf(...) instead of errors.New(fmt.Sprintf(...)) (S1028)
This fixes:
build.go:553:6: should omit comparison to bool constant, can be simplified to !strings.Contains(path, ".sha256") (S1002)
pkg/cmd/grafana-cli/commands/ls_command.go:27:5: should omit comparison to bool constant, can be simplified to !pluginDirInfo.IsDir() (S1002)
pkg/components/dynmap/dynmap_test.go:24:5: should omit comparison to bool constant, can be simplified to !value (S1002)
pkg/components/dynmap/dynmap_test.go:122:14: should omit comparison to bool constant, can be simplified to b (S1002)
pkg/components/dynmap/dynmap_test.go:125:14: should omit comparison to bool constant, can be simplified to !b (S1002)
pkg/components/dynmap/dynmap_test.go:128:14: should omit comparison to bool constant, can be simplified to !b (S1002)
pkg/models/org_user.go:51:5: should omit comparison to bool constant, can be simplified to !(*r).IsValid() (S1002)
pkg/plugins/datasource/wrapper/datasource_plugin_wrapper_test.go:77:12: should omit comparison to bool constant, can be simplified to !haveBool (S1002)
pkg/services/alerting/conditions/evaluator.go:23:9: should omit comparison to bool constant, can be simplified to !reducedValue.Valid (S1002)
pkg/services/alerting/conditions/evaluator.go:48:5: should omit comparison to bool constant, can be simplified to !reducedValue.Valid (S1002)
pkg/services/alerting/conditions/evaluator.go:91:5: should omit comparison to bool constant, can be simplified to !reducedValue.Valid (S1002)
pkg/services/alerting/conditions/query.go:56:6: should omit comparison to bool constant, can be simplified to !reducedValue.Valid (S1002)
pkg/services/alerting/extractor.go:107:20: should omit comparison to bool constant, can be simplified to !enabled.MustBool() (S1002)
pkg/services/alerting/notifiers/telegram.go:222:41: should omit comparison to bool constant, can be simplified to this.UploadImage (S1002)
pkg/services/sqlstore/apikey.go:58:12: should omit comparison to bool constant, can be simplified to !has (S1002)
pkg/services/sqlstore/apikey.go:72:12: should omit comparison to bool constant, can be simplified to !has (S1002)
pkg/services/sqlstore/dashboard.go:66:33: should omit comparison to bool constant, can be simplified to !cmd.Overwrite (S1002)
pkg/services/sqlstore/dashboard.go:175:12: should omit comparison to bool constant, can be simplified to !has (S1002)
pkg/services/sqlstore/dashboard.go:311:13: should omit comparison to bool constant, can be simplified to !has (S1002)
pkg/services/sqlstore/dashboard.go:444:12: should omit comparison to bool constant, can be simplified to !exists (S1002)
pkg/services/sqlstore/dashboard.go:472:12: should omit comparison to bool constant, can be simplified to !exists (S1002)
pkg/services/sqlstore/dashboard.go:554:32: should omit comparison to bool constant, can be simplified to !cmd.Overwrite (S1002)
pkg/services/sqlstore/dashboard_snapshot.go:83:12: should omit comparison to bool constant, can be simplified to !has (S1002)
pkg/services/sqlstore/plugin_setting.go:39:12: should omit comparison to bool constant, can be simplified to !has (S1002)
pkg/services/sqlstore/quota.go:34:12: should omit comparison to bool constant, can be simplified to !has (S1002)
pkg/services/sqlstore/quota.go:111:6: should omit comparison to bool constant, can be simplified to !has (S1002)
pkg/services/sqlstore/quota.go:136:12: should omit comparison to bool constant, can be simplified to !has (S1002)
pkg/services/sqlstore/quota.go:213:6: should omit comparison to bool constant, can be simplified to !has (S1002)
pkg/services/sqlstore/temp_user.go:129:12: should omit comparison to bool constant, can be simplified to !has (S1002)
pkg/services/sqlstore/user.go:157:12: should omit comparison to bool constant, can be simplified to !has (S1002)
pkg/services/sqlstore/user.go:182:5: should omit comparison to bool constant, can be simplified to !has (S1002)
pkg/services/sqlstore/user.go:191:12: should omit comparison to bool constant, can be simplified to !has (S1002)
pkg/services/sqlstore/user.go:212:12: should omit comparison to bool constant, can be simplified to !has (S1002)
pkg/services/sqlstore/user.go:307:12: should omit comparison to bool constant, can be simplified to !has (S1002)
pkg/social/generic_oauth.go:185:5: should omit comparison to bool constant, can be simplified to !s.extractToken(&data, token) (S1002)
pkg/tsdb/mssql/mssql.go:148:39: should omit comparison to bool constant, can be simplified to ok (S1002)
pkg/tsdb/mssql/mssql.go:212:6: should omit comparison to bool constant, can be simplified to !query.Model.Get("fillNull").MustBool(false) (S1002)
pkg/tsdb/mssql/mssql.go:247:56: should omit comparison to bool constant, can be simplified to ok (S1002)
pkg/tsdb/mssql/mssql.go:274:7: should omit comparison to bool constant, can be simplified to !exist (S1002)
pkg/tsdb/mssql/mssql.go:282:8: should omit comparison to bool constant, can be simplified to !exist (S1002)
pkg/tsdb/mysql/mysql.go:221:6: should omit comparison to bool constant, can be simplified to !query.Model.Get("fillNull").MustBool(false) (S1002)
pkg/tsdb/mysql/mysql.go:256:56: should omit comparison to bool constant, can be simplified to ok (S1002)
pkg/tsdb/mysql/mysql.go:283:7: should omit comparison to bool constant, can be simplified to !exist (S1002)
pkg/tsdb/mysql/mysql.go:291:8: should omit comparison to bool constant, can be simplified to !exist (S1002)
pkg/tsdb/postgres/postgres.go:134:39: should omit comparison to bool constant, can be simplified to ok (S1002)
pkg/tsdb/postgres/postgres.go:201:6: should omit comparison to bool constant, can be simplified to !query.Model.Get("fillNull").MustBool(false) (S1002)
pkg/tsdb/postgres/postgres.go:236:56: should omit comparison to bool constant, can be simplified to ok (S1002)
pkg/tsdb/postgres/postgres.go:263:7: should omit comparison to bool constant, can be simplified to !exist (S1002)
pkg/tsdb/postgres/postgres.go:271:8: should omit comparison to bool constant, can be simplified to !exist (S1002)
the GetProvisionedDashboardQuery wasent used for anything
else than check if a dashboard is provisioned or not. So
we simplified this query to make it more maintainable.
Snapshot cleanup did not work due to time.Now syntax error. Added test
for it as well to catch any future errors.
Added error and debug logging so that it is possible to see any errors in the future.
Removed an unused configuration value and deprecated the remove expired snapshots
setting.
If creating a new folder/dashboard created/updated and createdby/updatedby should always be set.
If updating an existing folder/dashboard updated and updatedby should always be set.
Admins can see all snapshots. Other roles can only see their own
snapshots.
Added permission check for deleting snapshots - admins can delete
any snapshot, other roles can delete their own snapshots or
snapshots that they have access to via dashboard permissions.
* dashboards: new command for validating dashboard before update
Removes validation logic from saveDashboard and later on use the new command for validating
dashboard before saving a dashboard. This due to the fact that we need to validate permissions
for overwriting other dashboards by uid and title.
* dashboards: use the new command for validating dashboard before saving
Had to refactor dashboard provisioning a bit to be able to sidetrack the permission validation
in a somewhat reasonable way.
Adds some initial tests of the dashboard repository, but needs to be extended later. At least
now you can mock the dashboard guardian
* dashboards: removes validation logic in the save dashboard api layer
Use the dashboard repository solely for create/update dashboards and let it do all
the validation. One exception regarding quota validation which still is in api layer
since that logic is in a macaron middleware.
Need to move out-commented api tests later.
* dashboards: fix database tests for validate and saving dashboards
* dashboards: rename dashboard repository to dashboard service
Split the old dashboard repository interface in two new interfaces, IDashboardService and
IDashboardProvisioningService. Makes it more explicit when using it from the provisioning package
and there's no possibility of calling an incorrect method for saving a dashboard.
* database: make the InitTestDB function available to use from other packages
* dashboards: rename ValidateDashboardForUpdateCommand and some refactoring
* dashboards: integration tests of dashboard service
* dashboard: fix sqlstore test due to folder exist validation
* dashboards: move dashboard service integration tests to sqlstore package
Had to move it to the sqlstore package due to concurrency problems when running
against mysql and postgres. Using InitTestDB from two packages added conflicts
when clearing and running migrations on the test database
* dashboards: refactor how to find id to be used for save permission check
* dashboards: remove duplicated dashboard tests
* dashboards: cleanup dashboard service integration tests
* dashboards: handle save dashboard errors and return correct http status
* fix: remove log statement
* dashboards: import dashboard should use dashboard service
Had to move alerting commands to models package due to problems with import cycles of packages.
* dashboards: cleanup dashboard api tests and add some tests for post dashboard
* dashboards: rename dashboard service interfaces
* dashboards: rename dashboard guardian interface
* enables overwrite if dashboard allready exist in folder
* dashboard: Don't allow creating a folder named General
* dashboards: update logic for save/update dashboard
No id and uid creates a new dashboard/folder.
No id and uid, with an existing title in folder allows overwrite
of dashboard.
Id without uid, allows update of existing dashboard/folder without
overwrite.
Uid without id allows update of existing dashboard/folder without
overwrite.
Id without uid, with an existing title in folder allows overwrite
of dashboard/folder and updated will have the uid of overwritten.
Uid without id, with an existing title in folder allows overwrite
of dashboard/folder and new will have the same uid as provided.
Trying to change an existing folder to a dashboard yields error.
Trying to change an existing dashboard to a folder yields error.
* dashboards: include folder id when confirmed to save with overwrite
* dashboards: fixes due to new url structure
Return importedUrl property in response to importing dashboards and
getting plugin dashboards and use this for redirects/links in the
frontend.
* dashfolders: hide permissions in settings if folder has changed
and the dashboard has not been saved yet. Otherwise the use will
see stale permissions from the original folder.
* dashfolders: return folder url for inherited permissions
Since we're already have possibility to get a dashboard by slug
it makes little sense to have a separate endpoint in api for
retrieving uid by slug.
#7883
Introduces new url in api /dashboards/<uid> for fetching dashboard by unique id
Leave the old dashboard by slug url /dashboards/db/<slug> for backward
compatibility and for supporting fallback
WIP for #7883
* db: add login attempt migrations
* db: add possibility to create login attempts
* db: add possibility to retrieve login attempt count per username
* auth: validation and update of login attempts for invalid credentials
If login attempt count for user authenticating is 5 or more the last 5 minutes
we temporarily block the user access to login
* db: add possibility to delete expired login attempts
* cleanup: Delete login attempts older than 10 minutes
The cleanup job are running continuously and triggering each 10 minute
* fix typo: rename consequent to consequent
* auth: enable login attempt validation for ldap logins
* auth: disable login attempts validation by configuration
Setting is named DisableLoginAttemptsValidation and is false by default
Config disable_login_attempts_validation is placed under security section
#7616
* auth: don't run cleanup of login attempts if feature is disabled
#7616
* auth: rename settings.go to ldap_settings.go
* auth: refactor AuthenticateUser
Extract grafana login, ldap login and login attemp validation together
with their tests to separate files.
Enables testing of many more aspects when authenticating a user.
#7616
* auth: rename login attempt validation to brute force login protection
Setting DisableLoginAttemptsValidation => DisableBruteForceLoginProtection
Configuration disable_login_attempts_validation => disable_brute_force_login_protection
#7616
Instead of returning all folders a user has some sort of access to,
this change creates a new end point that returns folders the user
has write access to. This new endpoint is used in the folder picker
* teams: add db migration for email column in teams table
* teams: /teams should render index page with a 200 OK
* teams: additional backend functionality for team and team members
Possibility to save/update email for teams.
Possibility to retrive avatar url when searching for teams.
Possibility to retrive avatar url when searching for team members.
* teams: display team avatar and team member avatars
Possibility to save and update email for a team
* teams: create team on separate page instead of modal dialog
* removes readonly editor role
* adds viewersCanEdit setting
This enable you to allow viewers to edit/inspect
dashboards in grafana in their own browser without
allowing them to save dashboards
* remove read only editor option from all dropdowns
* migrates all read only viewers to viewers
* docs: replace readOnlyEditor with viewersCanEdit
simple solution for waiting for all go sub routines to
finish before closing Grafana. We would use errGroup
here as well but I dont like spreading context's all
over the place.
closes#10131
I renamed `tlsAuth` to `tlsClientAuth` to better describe the fact that
this variable is used to enable TLS client authentication (as opposed to
server authentication) in c04d95f35.
However, changing the name breaks backwards compatibility for existing
installations using this feature and Grafana does not have a
standardised way of migrating changes in the schema:
https://github.com/grafana/grafana/pull/9377#issuecomment-333063543
For reasons of expediency given the severity of the bug (not verifying
TLS), keep the old name.
In c04d95f35 I changed the default for datasource HTTP requests so that
TLS is always verified.
This commit adds a checkbox to allow an admin to explicitly skip TLS
verification, for testing purposes.
* add postgresql datasource
* add rest of files for postgres datasource
* fix timeseries query, remove unused code
* consistent naming, refactoring
* s/mysql/postgres/
* s/mysql/postgres/
* couple more tests
* tests for more datatypes
* fix macros for postgres
* add __timeSec macro
* add frontend for postgres datasource
* adjust documentation
* fix formatting
* add proper plugin description
* merge editor changes from mysql
* port changes from mysql datasource
* set proper defaultQuery for postgres
* add time_sec to timeseries query
accept int for value for timeseries query
* revert allowing time_sec and handle int or float values as unix
timestamp for "time" column
* fix tslint error
* handle decimal values in timeseries query
* allow setting sslmode for postgres datasource
* use type switch for handling data types
* fix value for timeseries query
* refactor timeseries queries to make them more flexible
* remove debug statement from inner loop in type conversion
* use plain for loop in getTypedRowData
* fix timeseries queries
* adjust postgres datasource to tsdb refactoring
* adjust postgres datasource to frontend changes
* update lib/pq to latest version
* move type conversion to getTypedRowData
* handle address types cidr, inet and macaddr
* adjust response parser and docs for annotations
* convert unknown types to string
* add documentation for postgres datasource
* add another example query with metric column
* set more helpful default query
* update help text in query editor
* handle NULL in value column of timeseries query
* add __timeGroup macro
* add test for __timeGroup macro
* document __timeGroup and set proper default query for annotations
* fix typos in docs
* add postgres to list of datasources
* add postgres to builtInPlugins
* mysql: refactoring as prep for merging postgres
Refactors out the initialization of the xorm engine and the query logic
for an sql data source.
* mysql: rename refactoring + test update
* postgres:refactor to use SqlEngine(same as mysql)
Refactored to use a common base class with the MySql data source.
Other changes from the original PR:
- Changed time column to be time_sec to allow other time units in the
future and to be the same as MySQL
- Changed integration test to test the main Query method rather than
the private transformToTable method
- Changed the __timeSec macro name to __timeEpoch
- Renamed PostgresExecutor to PostgresQueryEndpoint
Fixes#9209 (the original PR)
* postgres: encrypt password on config page
With some other cosmetic changes to the config page:
- placeholder texts
- reset button for the password after it has been encrypted.
- default value for the sslmode field.
* postgres: change back col name to time from time_sec
* postgres mysql: remove annotation title
Title has been removed from annotations
* postgres: fix images for docs page
* postgres mysql: fix specs
* annotations: add 25px space for events section
* annotations: restored create annotation action
* annotations: able to use fa icons as event markers
* annotations: initial emoji support from twemoji lib
* annotations: adjust fa icon position
* annotations: initial emoji picker
* annotation: include user info into annotation requests
* annotation: add icon info
* annotation: display user info in tooltip
* annotation: fix region saving
* annotation: initial region markers
* annotation: fix region clearing (add flot-temp-elem class)
* annotation: adjust styles a bit
* annotations: minor fixes
* annoations: removed userId look in loop, need a sql join or a user cache for this
* annotation: fix invisible events
* lib: changed twitter emoij lib to be npm dependency
* annotation: add icon picker to Add Annotation dialog
* annotation: save icon to annotation table
* annotation: able to set custom icon for annotation added by user
* annotations: fix emoji after library upgrade (switch to 72px)
* emoji: temporary remove bad code points
* annotations: improve icon picker
* annotations: icon show icon picker at the top
* annotations: use svg for emoji
* annotations: fix region drawing when add annotation editor opened
* annotations: use flot lib for drawing region fill
* annotations: move regions building into event_manager
* annotations: don't draw additional space if no events are got
* annotations: deduplicate events
* annotations: properly render cut regions
* annotations: fix cut region building
* annotations: refactor
* annotations: adjust event section size
* add-annotations: fix undefined default icon
* create-annotations: edit event (frontend part)
* fixed bug causes error when hover event marker
* create-annotations: update event (backend)
* ignore grafana-server debug binary in git (created VS Code)
* create-annotations: use PUT request for updating annotation.
* create-annotations: fixed time format when editing existing event
* create-annotations: support for region update
* create-annotations: fix bug with limit and event type
* create-annotations: delete annotation
* create-annotations: show only selected icon in edit mode
* create-annotations: show event editor only for users with at least Editor role
* create-annotations: handle double-sized emoji codepoints
* create-annotations: refactor
use CP_SEPARATOR from emojiDef
* create-annotations: update emoji list, add categories.
* create-annotations: copy SVG emoji into public/vendor/npm and use it as a base path
* create-annotations: initial tabs for emoji picker
* emoji-picker: adjust styles
* emoji-picker: minor refactor
* emoji-picker: refactor - rename and move into one directory
* emoji-picker: build emoji elements on app load, not on picker open
* emoji-picker: fix emoji searching
* emoji-picker: refactor
* emoji-picker: capitalize category name
* emoji-picker: refactor
move buildEmojiElem() into emoji_converter.ts for future reuse.
* jquery.flot.events: refactor
use buildEmojiElem() for making emojis, remove unused code for font awesome based icons.
* emoji_converter: handle converting error
* tech: updated
* merged with master
* shore: clean up some stuff
* annotation: wip tags
* annotation: filtering by tags
* tags: parse out spaces etc. from a tags string
* annotations: use tagsinput component for tag filtering
* annotation: wip work on how we query alert & panel annotations
* annotations: support for updating tags in an annotation
* linting
* annotations: work on unifying how alert history annotations and manual panel annotations are created
* tslint: fixes
* tags: create tag on blur as well
Currently, the tags directive only creates the tag when the
user presses enter. This change means the tag is created on
blur as well (when the user clicks outside the input field).
* annotations: fix update after refactoring
* annotations: progress on how alert annotations are fetched
* annotations: minor progress
* annotations: progress
* annotation: minor progress
* annotations: move tag parsing from tooltip to ds
Instead of parsing a tag string into an array in the annotation_tooltip
class, this moves the parsing to the datasources. InfluxDB ds already
does that parsing. Graphite now has it.
* annotations: more work on querying
* annotations: change from tags as string to array
when saving in the db and in the api.
* annotations: delete tag link if removed on edit
* annotation: more work on depricating annotation title
* annotations: delete tag links on delete
* annotations: fix for find
* annotation: added user to annotation tooltip and added alertName to annoation dto
* annotations: use id from route instead from cmd for updating
* annotations: http api docs
* create annotation: last edits
* annotations: minor fix for querying annotations before dashboard saved
* annotations: fix for popover placement when legend is on the side (and doubel render pass is causing original marker to be removed)
* annotations: changing how the built in query gets added
* annotation: added time to header in edit mode
* tests: fixed jshint built issue
