* move access control api to SignedInUser interface
* remove unused code
* add logic for reading perms from a specific org
* move the specific org logic to org_user.go
* add a comment
---------
Co-authored-by: IevaVasiljeva <ieva.vasiljeva@grafana.com>
* remove unused HasAdmin and HasEdit permission methods
* remove legacy AC from HasAccess method
* remove unused function
* update alerting tests to work with RBAC
* refactor(pluginhelp): rewrite as functional component with useAsync
* mimic old behaviour
* feat(pluginhelp): display message if backend returned an empty string
Co-authored-by: Jack Westbrook <jack.westbrook@gmail.com>
* Add phlare datasource
* Rename
* Add parca
* Add self field to parca
* Make sure phlare works with add to dashboard flow
* Add profiling category and hide behind feature flag
* Update description and logos
* Update phlare icon
* Cleanup logging
* Clean up logging
* Fix for shift+enter
* onRunQuery to set label
* Update type naming
* Fix lint
* Fix test and quality issues
Co-authored-by: Joey Tawadrous <joey.tawadrous@grafana.com>
* RBAC: Allow app plugins restriction
Co-authored-by: Kalle Persson <kalle.persson@grafana.com>
* Moving declaration to HttpServer
Co-Authored-By: marefr <marcus.efraimsson@gmail.com>
* Picking changes from the other branch
Co-authored-by: Alexander Zobnin <alexanderzobnin@gmail.com>
* Rename plugins.settings to plugins
Co-authored-by: Kalle Persson <kalle.persson@grafana.com>
* Account for PluginAdminExternalManageEnabled
Co-authored-by: Will Browne <will.browne@grafana.com>
* Set metadata on instantiation
Co-authored-by: Jguer <joao.guerreiro@grafana.com>
Co-authored-by: Kalle Persson <kalle.persson@grafana.com>
Co-authored-by: marefr <marcus.efraimsson@gmail.com>
Co-authored-by: Alexander Zobnin <alexanderzobnin@gmail.com>
Co-authored-by: Will Browne <will.browne@grafana.com>
Co-authored-by: Jguer <joao.guerreiro@grafana.com>
* Change nav structure when topnav is enable to do initial tests with new information architecture
* Support for nested sections
* Updated
* sentance case
* Progress on plugin challange
* Rewrite to functional component
* Progress
* Updates
* Progress
* Progress on things
* missing file
* Fixing issue with runtime, need to use setter way to set component exposed via runtime
* Move PageLayoutType to grafana/data
* Fixing breadcrumb issue, adding more tests
* reverted backend change
* fix recursive issue with cleanup
* installer -> repo
* add semver format checking
* add plugin callbacks in test
* remove newline
* post install only scans new directories
* remove unused stuff
* everything in own package
* add missing cli params
* make grafana version part of the API
* resolve conflicts
* tidy up logger
* fix cli and tidy log statements
* rename log package
* update struct name
* fix linter issue
* fs -> filestore
* reorder imports
* alias import
* fix test
* fix test
* inline var
* revert jsonc file
* make repo dep of manager
* actually inject the thing
* accept all args for compatability checks
* accept compat from store
* pass os + arch vals
* don't inject fs
* tidy up
* tidy up
* merge with main and tidy fs storage
* fix test
* fix packages
* fix comment + field name
* update fs naming
* fixed wire
* remove unused func
* fix mocks
* fix storage test
* renaming
* fix log line
* fix test
* re-order field
* tidying
* add test for update with same version
* fix wire for CLI
* remove use of ioutil
* don't pass field
* small tidy
* ignore code scanning warn
* fix testdata link
* update lgtm code
* Chore: Add user service method SetUsingOrg
* Chore: Add user service method GetSignedInUserWithCacheCtx
* Use method GetSignedInUserWithCacheCtx from user service
* Fix lint after rebase
* Fix lint
* Fix lint error
* roll back some changes
* Roll back changes in api and middleware
* Add xorm tags to SignedInUser ID fields
* Move SignedInUser to user service and RoleType and Roles to org
* Use go naming convention for roles
* Fix some imports and leftovers
* Fix ldap debug test
* Fix lint
* Fix lint 2
* Fix lint 3
* Fix type and not needed conversion
* Clean up messages in api tests
* Clean up api tests 2
* Only require create and permissions for new data source page
* Let users with permissions to create data sources list non-core plugins
* Keep the admin check as fallback when using rbac as well
* adds oauth support to call resource requests
* adds oauth docs for call resource
* fixes case where dsUID is empty
* improve datasource error handling
Refactors GetPluginDashboards/LoadPluginDashboard by moving database
interaction from plugin management to the plugindashboards service.
Fixes#44553
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
* Use PluginSettingsService instead of SQLStore in plugins
* Fix pluginproxy use of pluginsettings methods
* Fix additional pluginsettings methods
* Remove dispatch from plugindashboards
* Fix lint and adjust mock
* Remove unused pluginsettings
* Rename pluginsetting Service and ServiceImpl and add binding to wire
* Move pluginsettings binding in wire file
* * Teams: Appropriately apply user id filter in /api/teams/:id and /api/teams/search
* Teams: Ensure that users searching for teams are only able see teams they have access to
* Teams: Require teamGuardian admin privileges to list team members
* Teams: Prevent org viewers from administering teams
* Teams: Add org_id condition to team count query
* Teams: clarify permission requirements in teams api docs
* Teams: expand scenarios for team search tests
* Teams: mock teamGuardian in tests
Co-authored-by: Dan Cech <dcech@grafana.com>
* remove duplicate WHERE statement
* Fix for CVE-2022-21702
(cherry picked from commit 202d7c190082c094bc1dc13f7fe9464746c37f9e)
* Lint and test fixes
(cherry picked from commit 3e6b67d5504abf4a1d7b8d621f04d062c048e981)
* check content type properly
(cherry picked from commit 70b4458892bf2f776302720c10d24c9ff34edd98)
* basic csrf origin check
(cherry picked from commit 3adaa5ff39832364f6390881fb5b42ad47df92e1)
* compare origin to host
(cherry picked from commit 5443892699e8ed42836bb2b9a44744ff3e970f42)
* simplify url parsing
(cherry picked from commit b2ffbc9513fed75468628370a48b929d30af2b1d)
* check csrf for GET requests, only compare origin
(cherry picked from commit 8b81dc12d8f8a1f07852809c5b4d44f0f0b1d709)
* parse content type properly
(cherry picked from commit 16f76f4902e6f2188bea9606c68b551af186bdc0)
* mentioned get in the comment
(cherry picked from commit a7e61811ef8ae558ce721e2e3fed04ce7a5a5345)
* add content-type: application/json to test HTTP requests
* fix pluginproxy test
* Fix linter when comparing errors
Co-authored-by: Kevin Minehart <kmineh0151@gmail.com>
Co-authored-by: Dan Cech <dcech@grafana.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Co-authored-by: Serge Zaitsev <serge.zaitsev@grafana.com>
Co-authored-by: Vardan Torosyan <vardants@gmail.com>
Moves/refactor Grafana specific functionality related to plugin dashboards
out to specific services for importing dashboards and keep app plugin dashboards
up-to-date.
Fixes#44257
