* Refactor identity struct to store type in separate field
* Update ResolveIdentity to take string representation of typedID
* Add IsIdentityType to requester interface
* Use IsIdentityType from interface
* Remove usage of TypedID
* Remote typedID struct
* fix GetInternalID
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
Co-authored-by: Dan Cech <dcech@grafana.com>
Co-authored-by: Andres Martinez Gotor <andres.martinez@grafana.com>
* Chore: Replace response status with const var
* Apply suggestions from code review
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Add net/http import
---------
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Dashboards: Fix tests when authn broker is enabled.
StarService was not configured for tests, the call was guarded by !c.IsSignedIn
* Change default to be anon user to match expectations from tests
* OAuth: rewrite tests to work with authn.Service
* Setup template renderer by default
* Extract cookie options from cfg instead of relying on global variables
* Fix test to work with authn service
* Middleware: rewrite auth tests
* Remvoe session cookie if we cannot refresh access token
This PR adds /api/gnet to the list of ignored paths in the gzip middleware.
Without this, when gzip is enabled (`server.enable_gzip = true`), responses
from the gnet proxy are double compressed: once by grafana.com and once by
Grafana itself. With this change we only do one round of compression for these
endpoints.
To test this out, try a request like this with `server.enable_gzip = true`
(after setting `GCOM_TOKEN` to a valid grafana.com token; you may need to
change the 'bsull' slug, too):
curl -v --user admin:admin \
-H "X-Api-Key: $GCOM_TOKEN" \
-H 'Accept-Encoding: gzip' \
localhost:3000/api/gnet/instances/bsull/provisioned-plugins/grafana-ml-app | gzip -d
Note that there are two Content-Encoding: gzip headers before this PR, and
the output is still compressed even after the `gzip -d`. After this PR things
look as expected.
* Allow setting role as None
Co-authored-by: gamab <gabi.mabs@gmail.com>
Seeking for places where role.None would be used
Co-authored-by: Jguer <joao.guerreiro@grafana.com>
Adding None role to the frontend
Co-authored-by: Jguer <joao.guerreiro@grafana.com>
unify org role declaration and remove from add permission
fix backend test
fix backend lint
* remove role none from frontend
* Simplify checks
Co-authored-by: Kalle Persson <kalle.persson@grafana.com>
* nits
---------
Co-authored-by: Kalle Persson <kalle.persson@grafana.com>
* Draft: Feature: Trusted Types support
* remove trusted-types package
* Create policy before jQuery and Angular is loaded and add feature flag
* Add trustedTypePolicies
* Sanitize scriptURL
* Add TT meta tag for test env
* Move trusted types into core
* Add DOMParser support for TrustedHTML
* Seperate RSS sanitization and add better TrustedHTML support
* Get test CSP header from config
* Remove dompurify dep from core
* Add documentation for trusted types
* Apply suggestions from code review
Co-authored-by: Kristian Bremberg <114284895+KristianGrafana@users.noreply.github.com>
* Add comment about Github discussion thread and things breaking
* Remove changes from News panel
* Remove TT feature toggle
* Expose TT and CSPReportOnly to frontend
* Log errors in console when CSP report only is enabled
* Log error for reporting and remove test mode
* Only insert CSP header in HTML for dev env
* Update docs
---------
Co-authored-by: Tobias Skarhed <tobias.skarhed@gmail.com>
Co-authored-by: Tobias Skarhed <1438972+tskarhed@users.noreply.github.com>
* define initial service and add to wire
* update caching service interface
* add skipQueryCache header handler and update metrics query function to use it
* add caching service as a dependency to query service
* working caching impl
* propagate cache status to frontend in response
* beginning of improvements suggested by Lean - separate caching logic from query logic.
* more changes to simplify query function
* Decided to revert renaming of function
* Remove error status from cache request
* add extra documentation
* Move query caching duration metric to query package
* add a little bit of documentation
* wip: convert resource caching
* Change return type of query service QueryData to a QueryDataResponse with Headers
* update codeowners
* change X-Cache value to const
* use resource caching in endpoint handlers
* write resource headers to response even if it's not a cache hit
* fix panic caused by lack of nil check
* update unit test
* remove NONE header - shouldn't show up in OSS
* Convert everything to use the plugin middleware
* revert a few more things
* clean up unused vars
* start reverting resource caching, start to implement in plugin middleware
* revert more, fix typo
* Update caching interfaces - resource caching now has a separate cache method
* continue wiring up new resource caching conventions - still in progress
* add more safety to implementation
* remove some unused objects
* remove some code that I left in by accident
* add some comments, fix codeowners, fix duplicate registration
* fix source of panic in resource middleware
* Update client decorator test to provide an empty response object
* create tests for caching middleware
* fix unit test
* Update pkg/services/caching/service.go
Co-authored-by: Arati R. <33031346+suntala@users.noreply.github.com>
* improve error message in error log
* quick docs update
* Remove use of mockery. Update return signature to return an explicit hit/miss bool
* create unit test for empty request context
* rename caching metrics to make it clear they pertain to caching
* Update pkg/services/pluginsintegration/clientmiddleware/caching_middleware.go
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* Add clarifying comments to cache skip middleware func
* Add comment pointing to the resource cache update call
* fix unit tests (missing dependency)
* try to fix mystery syntax error
* fix a panic
* Caching: Introduce feature toggle to caching service refactor (#66323)
* introduce new feature toggle
* hide calls to new service behind a feature flag
* remove licensing flag from toggle (misunderstood what it was for)
* fix unit tests
* rerun toggle gen
---------
Co-authored-by: Arati R. <33031346+suntala@users.noreply.github.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
