Commit Graph

2976 Commits

Author SHA1 Message Date
Christian Segundo
707198227c
Auth: Log a more useful msg if no OAuth provider configured (#56722)
Log a useful msg if no oauth provider configured

When a user doesn't configure an OAuth provider and uses auto login, Grafana logs a misleading message indicating that he has multiple providers configured.
2022-12-20 14:35:43 +01:00
Sofia Papagiannaki
55b014974d
Nested folders: Refactor folder update (#60323)
* Nested folders: Refactor folder update

* Apply suggestions from code review
2022-12-20 15:00:33 +02:00
Jo
2c7410c87d
Admin: Add support bundles (#60536)
* Add support bundles

Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
Co-authored-by: Kalle Persson <kalle.persson@grafana.com>

* tweak code owners

* rename and lint frontend

* lint

* fix backend lint

* register feature flag

* add feature toggle. fix small backend issues

Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
Co-authored-by: Kalle Persson <kalle.persson@grafana.com>
2022-12-20 11:13:37 +01:00
juanicabanas
6f609dbced
PublicDashboards: Time range setting added (#60487)
Time range added for public dashboard: 

- Enable/Disable switch added in public dashboard configuration.
- Time range picker shown in public dashboard for viewer user
2022-12-19 17:38:37 +03:00
Sofia Papagiannaki
b1ef5ab320
Nested Folders: Support listing nested folder children (#58566)
* Nested Folders: Support listing nested folder children

* Filter out subfolders with no permissions

* Apply suggestion from code review
2022-12-19 10:52:04 +02:00
Sofia Papagiannaki
11d8bcbea9
Guardian: Introduce additional constructors (#59577)
* Guardian: Use dashboard UID instead of ID

* Apply suggestions from code review

Introduce several guardian constructors and each time use
the most appropriate one.
2022-12-15 16:34:17 +02:00
Marcus Efraimsson
6478d0a5ef
Plugins: Forward user header (X-Grafana-User) in backend plugin requests (#58646)
Grafana would forward the X-Grafana-User header to backend plugin request when 
dataproxy.send_user_header is enabled. In addition, X-Grafana-User will be automatically
forwarded in outgoing HTTP requests for core/builtin HTTP datasources. 
Use grafana-plugin-sdk-go v0.147.0.

Fixes #47734

Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
2022-12-15 15:28:25 +01:00
Ryan McKinley
cf055ab4ec
k8s: Add a dev only feature flag and simple service to get a client (#60204) 2022-12-13 07:41:16 -08:00
Domas
c2cea076ee
Chore: Add deprecation warnings for Sentry (#60165) 2022-12-13 16:41:42 +02:00
Dan Cech
fe3ae49cce
Backend: Consistently use context RemoteAddr function to determine remote address. (#60201)
consistently use context RemoteAddr function to determine remote address
2022-12-13 09:33:05 -05:00
Dominik Prokop
239888f229
Snapshots: Build snapshot originalUrl on the backend (#60232)
* Snapshots: Fix originalUrl spoof security issue

* Store relative URL only & validate UID

* use existing modal management tools

* Dummy commit to nudge CI

* Remove unused hooks file

* Fix import after backport

* Backport fixes

Co-authored-by: kay delaney <kay@grafana.com>
2022-12-13 05:48:54 -08:00
Serge Zaitsev
af7d293eaf
Chore: Remove Store interface and use db.DB instead (#60160)
* Chore: Remove Store interface and use db.DB instead

* use old-style session exec
2022-12-13 11:03:36 +01:00
Ryan McKinley
b2c4af16d7
Git: Update experimental workflow POC (#60049) 2022-12-08 13:57:33 -05:00
Kristin Laemmert
70fbf47022
chore: remove CreateUser from sqlstore & replace with userService.CreateUserForTests (#59910) 2022-12-07 11:03:22 -05:00
Karl Persson
22be025284
Auth: Add anonymous authn client (#59637)
* Authn: Add Client interface and Reqeust and Identity structures

* Authn: Implement Authenticate method in service

* Authn: Add tracing

* Authn: Add logger

* AuthN: Implement Anonymous client
2022-12-02 15:10:03 +01:00
Will Browne
76233f9997
Plugins: Unexport PluginDir field from PluginDTO (#59190)
* unexport pluginDir from dto

* more err checks

* tidy

* fix tests

* fix dboard file tests

* fix import

* fix tests

* apply PR feedback

* combine interfaces

* fix logs and clean up test

* filepath clean

* use fs.File

* rm explicit type
2022-12-02 13:46:55 +01:00
Karl Persson
6d1bcd9f40
DataSourcePermissions: Handle licensing properly for ds permissions (#59694)
* RBAC: add viewer grand if dspermissions enforcement is not enabled

* RBAC: Change permissions based on role prefix

* RBAC: Add option to for permission service to add a license middleware

* RBAC: Remove actions from query struct
2022-12-02 13:19:14 +01:00
Sasha Melentyev
f0adc69ada
Chore: Change fmt.Errorf to errors.New when there is no formatting required (#58600)
Signed-off-by: Sasha Melentyev <sasha@melentyev.io>
2022-12-01 20:51:12 +01:00
Marcus Efraimsson
6dbe3b555f
Plugins: Refactor forward of cookies, OAuth token and header modifications by introducing client middlewares (#58132)
Adding support for backend plugin client middlewares. This allows headers in outgoing 
backend plugin and HTTP requests to be modified using client middlewares.

The following client middlewares added:
Forward cookies: Will forward incoming HTTP request Cookies to outgoing plugins.Client 
and HTTP requests if the datasource has enabled forwarding of cookies (keepCookies).
Forward OAuth token: Will set OAuth token headers on outgoing plugins.Client and HTTP 
requests if the datasource has enabled Forward OAuth Identity (oauthPassThru).
Clear auth headers: Will clear any outgoing HTTP headers that was part of the incoming 
HTTP request and used when authenticating to Grafana.
The current suggested way to register client middlewares is to have a separate package, 
pluginsintegration, responsible for bootstrap/instantiate the backend plugin client with 
middlewares and/or longer term bootstrap/instantiate plugin management. 

Fixes #54135
Related to #47734
Related to #57870
Related to #41623
Related to #57065
2022-12-01 19:08:36 +01:00
Ryan McKinley
14a080ec12
EntityStore: Rename ObjectStore to EntityStore (part 2) (#59616) 2022-11-30 17:52:15 -05:00
Ryan McKinley
5dc7b01f9d
EntityStore: Rename ObjectStore to EntityStore (part 1) (#59613) 2022-11-30 13:42:42 -08:00
João Calisto
bba42b113c
Middleware: Add Custom Headers to HTTP responses (#59018)
* Middleware: Add Custom Headers to HTTP responses

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* Update conf/defaults.ini

Co-authored-by: Dave Henderson <dave.henderson@grafana.com>

* Update conf/sample.ini

Co-authored-by: Dave Henderson <dave.henderson@grafana.com>

* Update _index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
Co-authored-by: Dave Henderson <dave.henderson@grafana.com>
2022-11-30 17:12:34 +00:00
Serge Zaitsev
9cdb6b07c7
Chore: Move stats service into a standalone packge from sqlstore (#59574)
* move original stats service into a separate package

* add stats service to wire

* move GetAdminStats

* switch to using stats.Service

* add missing package

* fix api tests
2022-11-30 18:11:07 +01:00
Gabriel MABILLE
bf49c20050
RBAC: Add an endpoint to list all user permissions (#57644)
* RBAC: Add an endpoint to see all user permissions

Co-authored-by: Joey Orlando <joey.orlando@grafana.com>

* Fix mock

* Add feature flag

* Fix merging

* Return normal permissions instead of simplified ones

* Fix test

* Fix tests

* Fix tests

* Create benchtests

* Split function to get basic roles

* Comments

* Reorg

* Add two more tests to the bench

* bench comment

* Re-ran the test

* Rename GetUsersPermissions to SearchUsersPermissions and prepare search options

* Remove from model unused struct

* Start adding option to get permissions by Action+Scope

* Wrong import

* Action and Scope

* slightly tweak users permissions actionPrefix query param validation logic

* Fix xor check

* Lint

* Account for suggeston

Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>

* Add search

* Remove comment on global scope

* use union all and update test to make it run on all dbs

* Fix MySQL needs a space

* Account for suggestion.

Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>

Co-authored-by: Joey Orlando <joey.orlando@grafana.com>
Co-authored-by: Joey Orlando <joseph.t.orlando@gmail.com>
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
2022-11-30 15:38:49 +01:00
Alex Khomenko
c3d13a0e2f
Admin: Combine org and admin user pages (#59365)
* Admin: Add unified users page

* Admin: Combine admin and org components

* Admin: Add combined route

* Admin: Show combined page in nav

* Admin: Update translation

* Admin: Update description

* Admin: Update description on backend

* Admin: Update translations

* Admin: Use dynamic imports
2022-11-30 15:24:53 +02:00
Jack Westbrook
207b2993b2
Plugins Catalog: Only allow admins to access plugins catalog (#57101)
* feat(plugins-catalog): only allow admins to access plugins catalog routes

* add backend check

* fix(plugins-catalog): update route role access to include server admins

Co-authored-by: Will Browne <will.browne@grafana.com>
2022-11-30 09:41:28 +01:00
linoman
6cc56311d9
Auth: Display id Provider label in orgs/users view (#58033)
* Add frontend test

* Add frontend label component

* Adjust backend tests

* Retrieve auth IDP labels for users at org/users.

Co-authored-by: Misi <mgyongyosi@users.noreply.github.com>
Co-authored-by: Kalle <kalleep@users.noreply.github.com>
Co-authored-by: Jo <Jguer@users.noreply.github.com>
2022-11-29 15:20:28 +01:00
Karl Persson
a4a5307722
Login: Remove CreateUser from LoginService (#59464)
* LoginService: remove create user and use user.Service instead

* Fix tests
2022-11-29 10:20:44 +01:00
Gabriel MABILLE
d279b6d7b0
Fix: Allow creating snapshot with no dashboard id (#58669) 2022-11-29 09:29:27 +01:00
Denis Limarev
b814c66c1d
Perfomance: add preallocation for some slices (#59263)
add preallocation for some slices
2022-11-28 13:10:24 +01:00
Serge Zaitsev
5b861faec3
Chore: Reduce the usage of sqlstore.createorg and use orgservice instead (#59356)
* remove legacy createorg from org service

* remove another createorg from orgimpl

* remove createorg from api pref tests

* remove createorg from api org tests

* fix tests

* remove createorg from annotations test

* remove createorg from team tests

* remove createorg from service accounts

* remove createorg from accesscontrol tests

* remove createorg from provisioning

* Use quotaservice from sc.hs
2022-11-28 12:05:46 +01:00
Ieva
a8bae3f0b0
Access Control: Clear user's permission cache after resource creation (#59101)
* refresh user's permission cache after resource creation

* clear the cache instead of reloading the permissions

* don't error if can't clear cache

* fix tests

* fix tests again
2022-11-24 14:38:55 +00:00
Sofia Papagiannaki
8e6d343981
Nested Folders: Some API fixes (#59298)
* Nested Folders: Fix API responses

* Fix panic during deletions

* Add test
2022-11-24 08:59:47 -05:00
Karl Persson
83c101dc34
LoginAttempts: Reset attempts on successfull password reset (#59215)
* LoginAttempt: Add function to reset attemtps for username

* PasswordReset: Reset attempts on successful password reset
2022-11-23 16:57:18 +01:00
Sofia Papagiannaki
ad96b240fc
Nested Folder: Enforce maximum nested folder depth (#59213)
* Nested Folder: Enforce maximum nested folder depth

* Cleanup

* Fix logging
2022-11-23 09:44:45 -05:00
Serge Zaitsev
c2e847d0b0
Chore: Remove createorgwithmember (#59161)
remove createorgwithmember
2022-11-23 10:37:04 +01:00
Sofia Papagiannaki
02b6b09121
Nested Folders: Set user in the API level (#59148) 2022-11-23 11:13:47 +02:00
Serge Zaitsev
b875ca08c6
SQLStore: Make addOrgUser private (#59142)
make addOrgUser private
2022-11-22 17:02:39 +00:00
Serge Zaitsev
7ff41cde9a
Chore: Fix status codes for nested folders (#59087)
* check for errutil errors first

* a better fix
2022-11-22 16:06:39 +02:00
Denis Limarev
4d8287b319
Performance: add preallocation for some slice/map (#57860)
This change preallocates slices and maps where the size of the data is known before the object is created.

Co-authored-by: Joe Blubaugh <joe.blubaugh@grafana.com>
2022-11-22 20:24:36 +08:00
Josh Hunt
460be70261
Internationalization: Change locale preference to language (#58359)
* backend locale -> language

* frontend locale -> language

* sample.ini and tests

* fix few last locale -> language

* fix few last locale -> language
2022-11-22 12:18:34 +00:00
Karl Persson
062c5b805c
Auth: Merge ActiveAuthTokenService into UserAuthTokenService (#59032)
* Auth: Merge UserTokenService and ActiveAuthTokenService

* Auth: Rename function
2022-11-22 10:58:59 +01:00
linoman
f8f61c1a69
Auth: Add expiry date for service accounts access tokens (#58885)
* Add new configuration option for SA tokens

* Add new expiry date option to frontend components

* Add backend validation


Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
2022-11-22 10:08:40 +01:00
ying-jeanne
ba8124ef93
Chore: Fix SQLx failure when starting the server with newDBLibrary enabled (#58985)
change the weekstart to pointer

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
2022-11-21 16:53:56 +02:00
Karl Persson
b3406a8273
Auth: Remove userauth service (#58941)
* Auth: remove userauth service

* Use Revoke user tokens from UserAuthTokenService
* Add function to delete user auth info to UserAuthInfo service
2022-11-18 14:40:26 +01:00
Misi
9c98314e9f
OAuth: Refactor OAuth parameters handling to support obtaining refresh tokens for Google OAuth (#58782)
* Add ApprovalForce to AuthCodeOptions

* Extract access token validity check to a function

* Refactor

* Oauth: set options internally instead of exposing new function

* Align tests

* Remove unused function

Co-authored-by: Karl Persson <kalle.persson@grafana.com>
2022-11-18 10:12:17 +01:00
Karl Persson
fef1e1d5bc
Auth: Refactor auth package (#58920)
* Auth: move interface to its own file

* Auth: move to test package

* Auth: move quota consts to auth file

* Auth: move service to impl package

* Auth: move interfaces and related models to auth package

* Auth: Create sub package and type alias to avoid circular dependency
2022-11-18 09:56:06 +01:00
Sofia Papagiannaki
ab36252c86
Quota: Fix failure when checking session limits (#58865) 2022-11-17 00:30:27 +01:00
João Calisto
f254a37d35
Middleware: Add CSP Report Only support (#58074)
* Middleware: Add CSP Report Only support

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

* Update csp documentation wording

* Update conf/sample.ini

Co-authored-by: Dave Henderson <dave.henderson@grafana.com>

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Dave Henderson <dave.henderson@grafana.com>

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Dave Henderson <dave.henderson@grafana.com>

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Dave Henderson <dave.henderson@grafana.com>

* Update pkg/middleware/csp.go

Co-authored-by: Dave Henderson <dave.henderson@grafana.com>

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
Co-authored-by: Dave Henderson <dave.henderson@grafana.com>
2022-11-16 17:11:26 +00:00
Sofia Papagiannaki
93b4b9154e
Chore: Restore folder properties (#58743)
* Chore: Fix folder URL

* Restore more folder properties

* Fixup
2022-11-15 12:58:12 +02:00