* Auth: prevent auto_login redirect if user is already authenticated
Before attempting an auto-login for OAuth, verifies if current context has already been
authenticated.
Fixes: #72476
Co-authored-by: Karl Persson <kalle.persson92@gmail.com>
* calculate cacheID instead of literals
* use mocked clocks
* advance clocks with the eval results
* use clearer timestamp aliases
* make expected state labels be more clear to read
Co-authored-by: Matthew Jacobson <matthew.jacobson@grafana.com>
* sets skip_org_role_sync to true for google
* add google skiporgrolesync and sets to true always
* add field
* Update docs/sources/setup-grafana/configure-security/configure-authentication/google/index.md
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* add AKS to words
* script back to mina
---------
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
This is preparative work for extending the grafana server cli command to target individual dskit modules that seemed worth breaking into this smaller PR. This moves the CLI flags and various reusable chunks of code into variables and methods.
* add termination stage
* uid -> pluginID (for now)
* also fix fakes
* add simple test
* Fix logger name
Co-authored-by: Giuseppe Guerra <giuseppe.guerra@grafana.com>
* inline stop func call
Co-authored-by: Giuseppe Guerra <giuseppe.guerra@grafana.com>
---------
Co-authored-by: Giuseppe Guerra <giuseppe.guerra@grafana.com>
* Search: Attempt to support folderUID filter
* Search: Use folder UID instead of ID for searching folders
* Update swagger
* Fix JSON property casing
* Add integration test
* Remove redundant query condition
* Fix frontend test
* Fix listing dashboards in General/root
* Add support for fetching top level folders
using `folderUIDs=` (empty string) query parameter
* Add deprecation notice
* Send uid of general in sql.ts
* Use 'general' for query folderUIDs query param for fetching folder
* Add tests
* Fix FolderUIDFilter
---------
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* add missing cfg for skiporgrolesync
* add google skiporgrolesync
* removed google skip
* update docs to reflect google
* remove docs update for google
* Do not update statistics at service collector startup
* Configurable collector interval
* Introduce initial random delay
* Prevent reporting metrics until the stats have been collected
* Apply suggestion from code review
* Add influxdbSqlSupport feature toggle
* Add SQL option to the config page
* Add SQL backend
* Add metadata support in config page
* Implement unified querying
* Fix healthcheck query
* fsql tests
* secure grpc by default
* code cleanup
* Query handing for sql mode
* Implement a placeholder sql editor
* Fix query language dropdown
* drop in SQL editor
* switch to use rawSql, get sql editor working
* fix healthcheck
* WIP
* memoize component to stop unwanted rerender onQuery
* dont reinit datasource on each render of the editor
* remove useless memo
* clean up
* Fix the link
* Alpha state warning
* Remove console.logs
* update model for fsql
* remove unused
---------
Co-authored-by: Galen <galen.kistler@grafana.com>
* Add tests
* Fix query for nested folders with zero self-contained permissions
* Fix query behind permissionsFilterRemoveSubquery flag
* Apply suggestion from code review
* Add feature flag
* Introduce interface and dummy implementation
* Add tests for the new filter
* accessControlDashboardPermissionFilterNoFolderSubquery implementation
* join only if it's necessary
* force ordering for tests
* Temporarily enable new query for benchmarks
* lock down server admin role updates on the frontend if the user is externally synced
* add tests
* lock Grafana Server admin role updates from the backend
* rename variables
* check that the user has auth info
* add LDAP to providers for which Grafana Server admin role can be synced
* linting
* differentiate collector and agent better
* Add back the max packet size
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
---------
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Modify Content-Security-Policy for Swagger UI
* check if CSP is empty
Co-authored-by: João Calisto <joao.calisto@grafana.com>
* check if CSP is empty in swagger.go
---------
Co-authored-by: João Calisto <joao.calisto@grafana.com>
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* add folder data migration, fix unique index
* fix unique index
* pass a fake store in tests
* pass store into other providers in tests
* and now with alerting!
* fixed: added id token expiry check to oauth token sync
* use go-jose and id token in cache
* Update pkg/services/authn/authnimpl/sync/oauth_token_sync.go
* refactored getOAuthTokenCacheTTL and added unit tests
* Small changes to oauth_token_sync
* Remove unnecessary contexthandler changes
---------
Co-authored-by: linoman <2051016+linoman@users.noreply.github.com>
Co-authored-by: Mihaly Gyongyosi <mgyongyosi@users.noreply.github.com>
* Lucene: add dependency
* ModifyQuery: use Lucene parser to detect key:values in queries
* ModifyQuery: use Lucene parser to remove filters
* Remove test code
* Modify query: switch to recursive implementation
* Modify query: implement remove filter
* Update query normalizing function
* FlagElasticToggleableFilters: remove feature flag
* Remove unused feature flag from test
* Elasticsearch: escape quotes in filter values
* RBAC: Make the SplitScope migration concurrent
* Benchmark multiple alternatives: (updates in a loop, batch update, concurrent batch update)
* Only keep batching since mysql 5.7 does not seem to support concurrent batching
* Update pkg/services/accesscontrol/migrator/migrator.go
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
---------
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
