* add function to static function to static service
* find email and login claims with jmespath
* rename configuration files
* Replace JWTClaims struct for map
* check for subclaims error
Terraform Issue: grafana/terraform-provider-grafana#1007
Nested routes should be allowed to inherit the contact point from the root (or direct parent) route but this fails in the provisioning API (it works in the UI)
* Bench testing search user perm
* Add BenchmarkSearchUsersPermissions_1K_1K
* Clarify benchmark searches by action prefix
* Make MySQL more efficient
* Move all filter options
* Expand after assignments union
* update comments
* Add cloud migration endpoints
* Built auth into creating a migration.
* Added more detail to the migration result model
* goimports
* Update pkg/services/cloudmigration/api/api.go
Co-authored-by: lean.dev <34773040+leandro-deveikis@users.noreply.github.com>
* Update pkg/services/cloudmigration/api/api.go
Co-authored-by: lean.dev <34773040+leandro-deveikis@users.noreply.github.com>
---------
Co-authored-by: Leonard Gram <leo@xlson.com>
Co-authored-by: lean.dev <34773040+leandro-deveikis@users.noreply.github.com>
* vendor latest wire into pkg/build
* use vendored wire in builds
* fix wire import path
* remove wire from bingo
* also support google/wire import
* make prettier happy
* change package in tess
* add debug walk for drone
* add wire_gen in tests
* remove debug walk
* restore imports
* add strategy and tests
* use settings provider service and remove multiple providers strategy
* Move SAML strategy to ssosettings service
* Update codeowners file
* reload from settings provider
* add saml as configurable provider
* Add new SAML strategy
* rename old saml settings interface
* update saml string references
* use OSS license
* validate saml provider depends on license for List
* add tests for list rendering including saml
* change the licensing validation to service init
* replace service struct for provider
* add feature toggle usePrometheusFrontendPackage
* add feature toggle logic to Prometheus module
* use config editor with package and remove configOverhaul feature toggle
* update betterer because we will be removing other files as we replace with files from @grafana/prometheus
* fix exemplar ds picker selector
* add more description to ts-ignore
* remove go.work.sum change
* copy go.work.sum from main
* update go.work.sum after talking with ismail
* put back the promlib entry
---------
Co-authored-by: ismail simsek <ismailsimsek09@gmail.com>
* allow users with regular actions access provisioning API paths
* update methods that read rules
skip new authorization logic if user CanReadAllRules to avoid performance impact on file-provisioning
update all methods to accept identity.Requester that contains all permissions and is required by access control.
* create deltas for single rul e
* update modify methods
skip new authorization logic if user CanWriteAllRules to avoid performance impact on file-provisioning
update all methods to accept identity.Requester that contains all permissions and is required by access control.
* implement RuleAccessControlService in provisioning
* update file provisioning user to have all permissions to bypass authz
* update provisioning API to return errutil errors correctly
---------
Co-authored-by: Alexander Weaver <weaver.alex.d@gmail.com>
* Alerting: Implement ApplyConfig for remote primary mode (forked AM)
* add TODO for saving the config hash in other config-related methods
* fix bad method receiver name (m -> am)
* tests
* add mutex
* remove sync loop
* Enable nestedFolders by default
* Make nestedFolders GA
Co-authored-by: Timur Olzhabayev <timur.olzhabayev@grafana.com>
* regenerate files
* also update docs
* skip failing test
---------
Co-authored-by: Timur Olzhabayev <timur.olzhabayev@grafana.com>
* Chore: Remove unused dependenices in plugin client middlewares
* refactor logger middleware to remove cfg dependency
* hack to make tracing work in api group builders
* display teams to team reader if they also have the access to list team permissions
* fix a typo in the docs
* enable annotationPermissionUpdate by default
* update wording
Adds support for logs (specify level), metrics (enable metrics and Prometheus /metrics endpoint
and traces (jaeger or otlp) for standalone API server. This will allow any grafana core service
part of standalone apiserver to use logging, metrics and traces as normal.
* require "folders:read" and "alert.rules:read" in all rules API requests (write and read).
* add check for permissions "folders:read" and "alert.rules:read" to AuthorizeAccessToRuleGroup and HasAccessToRuleGroup
* check only access to datasource in rule testing API
---------
Co-authored-by: William Wernert <william.wernert@grafana.com>
* (WIP) Alerting: Decrypt secrets before sending configuration to the remote Alertmanager
* refactor, fix tests
* test decrypting secrets
* tidy up
* test SendConfiguration, quote keys, refactor tests
* make linter happy
* decrypt configuration before comparing
* copy configuration struct before decrypting
* reduce diff in TestCompareAndSendConfiguration
* clean up remote/alertmanager.go
* make linter happy
* avoid serializing into JSON to copy struct
* codeowners
* add support for listing resource history
* make watch handle custom label selectors properly
* fix tests
* Apply suggestions from code review
Co-authored-by: Diego Augusto Molina <diegoaugustomolina@gmail.com>
* properly handle special characters in json label matcher
* tidy up
---------
Co-authored-by: Diego Augusto Molina <diegoaugustomolina@gmail.com>
* Unify how the version is shown in the UI
* use versionString in dashboard help bundles
* fix lint
* remove comment
* fix test types
* make test less flakey
* Add function to get the namespaced id
* Add function to resolve an identity through authn.Service from org and namespace id
* Switch to resolve identity for re-authenticate in another org
* bug: fix migration to account for duplicate entries
* refactoring to create test folder for user migrations
* fix migration log
* added the migration
* additional tests
* added extSrv tests
* Folders: Allow listing folders with write permission
* Check for subfolder access if parent does not have
* Add test
* GetFolders: fix ordering
* Apply suggestion from code review
* ExtSvcAccounts: Fix External Service Accounts Login check
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
* Remove service accounts assignments and permissions on delete
* Fix first set of tests
* Fix second batch of tests
* Fix third batch of tests
---------
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
Removes legacy alerting, so long and thanks for all the fish! 🐟
---------
Co-authored-by: Matthew Jacobson <matthew.jacobson@grafana.com>
Co-authored-by: Sonia Aguilar <soniaAguilarPeiron@users.noreply.github.com>
Co-authored-by: Armand Grillet <armandgrillet@users.noreply.github.com>
Co-authored-by: William Wernert <rwwiv@users.noreply.github.com>
Co-authored-by: Yuri Tseretyan <yuriy.tseretyan@grafana.com>
* Update template names
* Add verifier that we can use to start verify process
* Use userVerifier when verifying email on update
* Add tests
---------
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
