Commit Graph

514 Commits

Author SHA1 Message Date
Karl Persson
c4cfee8d96
User: support setting org and help flags though update function (#86535)
* User: Support setting active org through update function

* User: add support to update help flags through update function
2024-04-29 08:53:05 +02:00
Karl Persson
0fa983ad8e
AuthN: Use typed namespace id inside authn package (#86048)
* authn: Use typed namespace id inside package
2024-04-24 09:57:34 +02:00
Alex Khomenko
44e1bce55a
Feature toggles: Remove dashboardEmbed toggle (#86587) 2024-04-19 12:48:08 +02:00
carrychair
0913324668
Chore: Remove repetitive words (#84132)
remove repetitive words

Signed-off-by: carrychair <linghuchong404@gmail.com>
2024-03-11 08:55:18 -04:00
김은빈
96dfb385ca
Grafana: Replace magic number with a constant variable in response status (#80132)
* Chore: Replace response status with const var

* Apply suggestions from code review

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>

* Add net/http import

---------

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
2024-02-27 18:39:51 +02:00
Torkel Ödegaard
8f36f905ee
SceneSolo: Minor fixes (#82289)
* SceneSolo: Minor fixes

* remove logging
2024-02-12 16:23:12 +01:00
Carl Bergquist
c9de794d7f
instrumentation: these features have been enabled for a while (#81617)
Signed-off-by: bergquist <carl.bergquist@gmail.com>
2024-02-06 00:29:41 -08:00
Marcus Efraimsson
6768c6c059
Chore: Remove public vars in setting package (#81018)
Removes the public variable setting.SecretKey plus some other ones. 
Introduces some new functions for creating setting.Cfg.
2024-01-23 12:36:22 +01:00
Torkel Ödegaard
e924627659
Frontend: Reload the browser when backend configuration/assets change (#79057)
* Detect frontend asset changes

* Update

* merge main

* Frontend: Detect new assets / versions / config changes (#79258)

* avoid first check

* Updates and add tests

* Update

* Update

* Updated code

* refine

* use context

---------

Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
2024-01-04 08:00:07 +01:00
Will Browne
0b511aaace
Plugins: Add backend check for app page role access (#78269)
* add backend check for roles

* tidy

* fix tests

* incorporate rbac

* fix linter

* apply PR feedback

* add tests

* fix logic

* add comment

* apply PR feedback
2023-12-18 16:12:46 +01:00
Ezequiel Victorero
864d91ed3e
Export: Remove no-store headers in pdf and image previews (#78844) 2023-12-18 09:21:57 -03:00
Torkel Ödegaard
ed128ea964
Frontend: Foundations for multi tenant frontend (#78815)
* Frontend: Foundations for multi tenant frontend

* improve manifest parsing for multi-tenant frontend (#78876)

* add test

* add test

* ??

* Updates

* Added cache

* test cleanup

* lint

* fix test

* fix error templates

* cleanup

* remove copy

* revert changes to list testdata

* comment cleanup

* prepare integration tests

* Remove integrety

---------

Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
2023-12-05 08:34:22 +01:00
Oscar Kilhed
4c4f11f4b3
Avatar: Allow browser caching of /avatar/ (#78314)
don't set no-store headers to /avatar/
2023-11-22 17:41:54 +01:00
Ryan McKinley
f69fd3726b
FeatureToggles: Add context and and an explicit global check (#78081) 2023-11-14 12:50:27 -08:00
Gabriel MABILLE
420fb56fda
RBAC: Fix plugins pages access-control (#76321)
* RBAC: Fix plugins pages access-control

* Better comment

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>

* Add a small comment on connections/datasources routes

---------

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
2023-10-12 10:46:43 +02:00
Jo
dcd0c6b11e
Identity: Unfurl OrgID in pkg/services to allow using identity.Requester interface (#76113)
Unfurl OrgID in pkg/services to allow using identity.Requester interface
2023-10-09 10:40:19 +02:00
Carl Bergquist
0fc403d116
Instrumentation: Enable native histograms for HTTP requests (#75731)
Signed-off-by: bergquist <carl.bergquist@gmail.com>
2023-10-03 20:23:55 +02:00
Marcus Efraimsson
e4c1a7a141
Tracing: Standardize on otel tracing (#75528) 2023-10-03 14:54:20 +02:00
Carl Bergquist
3c8cea0764
instrumentation: rename team to grafana_team to improve alert routing. (#75860)
Signed-off-by: bergquist <carl.bergquist@gmail.com>
2023-10-03 12:25:01 +02:00
Karl Persson
7a38090bc0
AuthN: Fix namespaces for anonymous and render (#75661)
* AuthN: remove IsAnonymous from identity struct and set correct namespace for anonymous and render

* Don't parse user id for render namespace
2023-09-29 09:10:33 +02:00
Marcus Efraimsson
0128d0403f
Tracing: Use tracing.InitializeTracerForTest (#75479) 2023-09-27 09:51:57 +02:00
Carl Bergquist
e5fbc4a4cd
web: add slo group to request meta (#74765)
Signed-off-by: bergquist <carl.bergquist@gmail.com>
2023-09-22 11:52:28 +03:00
Marcus Efraimsson
8ee43f3705
Instrumentation: Add status_source label to request metrics/logs (#74114)
Ref #68480

Co-authored-by: Giuseppe Guerra <giuseppe.guerra@grafana.com>
2023-09-11 12:13:13 +02:00
Ryan McKinley
025b2f3011
Chore: use any rather than interface{} (#74066) 2023-08-30 18:46:47 +03:00
Carl Bergquist
bd7523381e
web: removes unused function from request metadata (#73910)
Signed-off-by: bergquist <carl.bergquist@gmail.com>
2023-08-28 13:40:21 +02:00
Marcus Efraimsson
040b7d2571
Chore: Add errutils helpers (#73577)
Add helpers for the errutil package in favor of errutil.NewBase.
2023-08-22 12:52:24 +02:00
Carl Bergquist
243b757168
Middleware: Add team metadata to HTTP handlers (#71010)
Signed-off-by: bergquist <carl.bergquist@gmail.com>
2023-08-16 15:05:19 +02:00
Karl Persson
e53e22ef2a
Contexthandler: Remove code that is no longer used (#73101)
* Contexthandler: remove dead code

* Contexthandler: Add tests

* Update pkg/tests/api/alerting/api_alertmanager_test.go

Co-authored-by: Jo <joao.guerreiro@grafana.com>

---------

Co-authored-by: Jo <joao.guerreiro@grafana.com>
2023-08-09 15:17:59 +02:00
Karl Persson
144e4887ee
Auth: Use authn.Service for all tests (#72921)
* Dashboards: Fix tests when authn broker is enabled.
StarService was not configured for tests, the call was guarded by !c.IsSignedIn

* Change default to be anon user to match expectations from tests

* OAuth: rewrite tests to work with authn.Service

* Setup template renderer by default

* Extract cookie options from cfg instead of relying on global variables

* Fix test to work with authn service

* Middleware: rewrite auth tests

* Remvoe session cookie if we cannot refresh access token
2023-08-09 08:54:52 +02:00
Ben Sully
51c94bccd7
api: ignore /api/gnet proxy when gzipping responses (#71437)
This PR adds /api/gnet to the list of ignored paths in the gzip middleware.

Without this, when gzip is enabled (`server.enable_gzip = true`), responses
from the gnet proxy are double compressed: once by grafana.com and once by
Grafana itself. With this change we only do one round of compression for these
endpoints.

To test this out, try a request like this with `server.enable_gzip = true`
(after setting `GCOM_TOKEN` to a valid grafana.com token; you may need to
change the 'bsull' slug, too):

    curl -v --user admin:admin \
        -H "X-Api-Key: $GCOM_TOKEN" \
        -H 'Accept-Encoding: gzip' \
        localhost:3000/api/gnet/instances/bsull/provisioned-plugins/grafana-ml-app | gzip -d

Note that there are two Content-Encoding: gzip headers before this PR, and
the output is still compressed even after the `gzip -d`. After this PR things
look as expected.
2023-07-13 07:51:25 +01:00
Alex Khomenko
420b19e0e4
Dashboards: Add dashboard embed route (#69596)
* Dashboard embed: Set up route

* Dashboard embed: Cleanup

* Dashboard embed: Separate routes

* Dashboard embed: Render dashboard page

* Dashboard embed: Add toolbar

* Dashboard embed: Send JSON on save

* Dashboard embed: Add JSON param

* Dashboard embed: Make the dashboard editable

* Fix sending dashboard to remote server

* Add notifications

* Add "dashboardEmbed" feature toggle

* Use the toggle

* Update toggles

* Add toggle on backend

* Add get JSON endpoint

* Add drawer

* Close drawer on success

* Update toggles

* Cleanup

* Update toggle

* Allow embedding for the d-embed url

* Allow embedding via custom X-Allow-Embedding header

* Use callbackUrl

* Cleanup

* Update public/app/features/dashboard/containers/EmbeddedDashboardPage.tsx

Co-authored-by: kay delaney <45561153+kaydelaney@users.noreply.github.com>

* Use theme for spacing

* Update toggles

* Update public/app/features/dashboard/components/EmbeddedDashboard/SaveDashboardForm.tsx

Co-authored-by: Polina Boneva <13227501+polibb@users.noreply.github.com>

* Add select data source modal

---------

Co-authored-by: kay delaney <45561153+kaydelaney@users.noreply.github.com>
Co-authored-by: Polina Boneva <13227501+polibb@users.noreply.github.com>
2023-07-06 17:43:20 +03:00
Jo
d6c468c1c2
Auth: Add empty role definition (#64694)
* Allow setting role as None

Co-authored-by: gamab <gabi.mabs@gmail.com>

Seeking for places where role.None would be used

Co-authored-by: Jguer <joao.guerreiro@grafana.com>

Adding None role to the frontend

Co-authored-by: Jguer <joao.guerreiro@grafana.com>

unify org role declaration and remove from add permission

fix backend test

fix backend lint

* remove role none from frontend

* Simplify checks

Co-authored-by: Kalle Persson <kalle.persson@grafana.com>

* nits

---------

Co-authored-by: Kalle Persson <kalle.persson@grafana.com>
2023-07-06 15:40:06 +02:00
Michael Mandrus
66d2214c3b
Config: Add configuration option to define custom user-facing general error message for certain error types (#70023)
---------

Co-authored-by: Summer Wollin <summer.wollin@grafana.com>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
Co-authored-by: Arati R. <33031346+suntala@users.noreply.github.com>
2023-06-16 10:46:47 -05:00
Ieva
4980b64274
RBAC: Remove legacy ac from authorization middleware (#68898)
remove legacy AC fallback from RBAC middleware, and some unused auth logic
2023-05-24 09:49:42 +01:00
Carl Bergquist
692bb9ed1a
Instrumentation: Add support for instrumenting database queries (#66022)
Signed-off-by: bergquist <carl.bergquist@gmail.com>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
2023-04-28 15:19:06 +02:00
Kristian Bremberg
35407142d0
Feature: Trusted Types support (#64975)
* Draft: Feature: Trusted Types support

* remove trusted-types package

* Create policy before jQuery and Angular is loaded and add feature flag

* Add trustedTypePolicies

* Sanitize scriptURL

* Add TT meta tag for test env

* Move trusted types into core

* Add DOMParser support for TrustedHTML

* Seperate RSS sanitization and add better TrustedHTML support

* Get test CSP header from config

* Remove dompurify dep from core

* Add documentation for trusted types

* Apply suggestions from code review

Co-authored-by: Kristian Bremberg <114284895+KristianGrafana@users.noreply.github.com>

* Add comment about Github discussion thread and things breaking

* Remove changes from News panel

* Remove TT feature toggle

* Expose TT and CSPReportOnly to frontend

* Log errors in console when CSP report only is enabled

* Log error for reporting and remove test mode

* Only insert CSP header in HTML for dev env

* Update docs

---------

Co-authored-by: Tobias Skarhed <tobias.skarhed@gmail.com>
Co-authored-by: Tobias Skarhed <1438972+tskarhed@users.noreply.github.com>
2023-04-27 18:20:37 +02:00
Bruno
d4715a6f04
CSRF middleware: Add flag to skip login cookie check (#66806)
* CSRF middleware: add flag to skip login cookie check

* Update docs/sources/setup-grafana/configure-grafana/_index.md

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>

---------

Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
2023-04-24 10:11:08 -03:00
Torkel Ödegaard
57701fd2f2
ServeFromSubPath: Redirect to URL with subpath when subpath missing (#66724)
* ServeFromSubPath: Redirect to URL with subpath when subpath missing

* Review fixes

* Added tests

* Use constant

* change to useMiddleware

* Update pkg/middleware/subpath_redirect.go

---------

Co-authored-by: Carl Bergquist <carl.bergquist@gmail.com>
2023-04-24 09:55:55 +02:00
Michael Mandrus
5626461b3c
Caching: Refactor enterprise query caching middleware to a wire service (#65616)
* define initial service and add to wire

* update caching service interface

* add skipQueryCache header handler and update metrics query function to use it

* add caching service as a dependency to query service

* working caching impl

* propagate cache status to frontend in response

* beginning of improvements suggested by Lean - separate caching logic from query logic.

* more changes to simplify query function

* Decided to revert renaming of function

* Remove error status from cache request

* add extra documentation

* Move query caching duration metric to query package

* add a little bit of documentation

* wip: convert resource caching

* Change return type of query service QueryData to a QueryDataResponse with Headers

* update codeowners

* change X-Cache value to const

* use resource caching in endpoint handlers

* write resource headers to response even if it's not a cache hit

* fix panic caused by lack of nil check

* update unit test

* remove NONE header - shouldn't show up in OSS

* Convert everything to use the plugin middleware

* revert a few more things

* clean up unused vars

* start reverting resource caching, start to implement in plugin middleware

* revert more, fix typo

* Update caching interfaces - resource caching now has a separate cache method

* continue wiring up new resource caching conventions - still in progress

* add more safety to implementation

* remove some unused objects

* remove some code that I left in by accident

* add some comments, fix codeowners, fix duplicate registration

* fix source of panic in resource middleware

* Update client decorator test to provide an empty response object

* create tests for caching middleware

* fix unit test

* Update pkg/services/caching/service.go

Co-authored-by: Arati R. <33031346+suntala@users.noreply.github.com>

* improve error message in error log

* quick docs update

* Remove use of mockery. Update return signature to return an explicit hit/miss bool

* create unit test for empty request context

* rename caching metrics to make it clear they pertain to caching

* Update pkg/services/pluginsintegration/clientmiddleware/caching_middleware.go

Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>

* Add clarifying comments to cache skip middleware func

* Add comment pointing to the resource cache update call

* fix unit tests (missing dependency)

* try to fix mystery syntax error

* fix a panic

* Caching: Introduce feature toggle to caching service refactor (#66323)

* introduce new feature toggle

* hide calls to new service behind a feature flag

* remove licensing flag from toggle (misunderstood what it was for)

* fix unit tests

* rerun toggle gen

---------

Co-authored-by: Arati R. <33031346+suntala@users.noreply.github.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
2023-04-12 12:30:33 -04:00
Gábor Farkas
4ded937c79
Show traceids for failing and successful requests (#64903)
* tracing: show backend trace ids in frontend

* better trace id naming

Co-authored-by: Sven Grossmann <sven.grossmann@grafana.com>

* better trace id naming

Co-authored-by: Sven Grossmann <sven.grossmann@grafana.com>

* better trace id naming

Co-authored-by: Sven Grossmann <sven.grossmann@grafana.com>

* added feature flag

* bind functionality to the feature flag

* use non-generic name for traceid header

* fixed tests

* loki: do not create empty fields

* do not add empty fields

* fixed graphite test mock data

* added unit-tests to queryResponse

* added unit-tests for backend_srv

* more typescript-friendly check

* added unit-tests for runRequest

---------

Co-authored-by: Sven Grossmann <sven.grossmann@grafana.com>
2023-04-05 09:13:24 +02:00
Emil Tullstedt
be9361cb9e
Logger: Add feature toggle for errors in HTTP request logs (#64425) 2023-03-31 15:38:09 +02:00
Will Browne
31d6416157
Plugins: Migrate licensing and access control to pkg/services/pluginsintegration package (#65258)
* migrate licensing + access control

* update package name
2023-03-27 11:15:37 +02:00
Karl Persson
382b24742a
Auth: Add feature flag to move token rotation to client (#65060)
* FeatureToggle: Add toggle to use a new way of rotating tokens

* API: Add endpoints to perform token rotation, one endpoint for api request and one endpoint for redirectsd

* Auth: Aling not authorized handling between auth middleware and access
control middleware

* API: add utility function to get redirect for login

* API: Handle token rotation redirect for login page

* Frontend: Add job scheduling for token rotation and make call to token rotation as fallback in retry request

* ContextHandler: Prevent in-request rotation if feature flag is enabled and check if token needs to be rotated

* AuthN: Prevent in-request rotation if feature flag is enabled and check if token needs to be rotated

* Cookies: Add option NotHttpOnly

* AuthToken: Add helper function to get next rotation time and another function to check if token need to be rotated

* AuthN: Add function to delete session cookie and set expiry cookie

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
2023-03-23 14:39:04 +01:00
Eric Leijonmarck
3cd952b8ba
Auth: Fix orgrole picker disabled if isSynced user (#64033)
* fix: disable orgrolepicker if externaluser is synced

* add disable to role picker

* just took me 2 hours to center the icon

* wip

* fix: check externallySyncedUser for API call

* remove check from store

* add: tests

* refactor authproxy and made tests run

* add: feature toggle

* set feature toggle for tests

* add: IsProviderEnabled

* refactor: featuretoggle name

* IsProviderEnabled tests

* add specific tests for isProviderEnabled

* fix: org_user tests

* add: owner to featuretoggle

* add missing authlabels

* remove fmt

* feature toggle

* change config

* add test for a different authmodule

* test refactor

* gen feature toggle again

* fix basic auth user able to change the org role

* test for basic auth role

* make err.base to error

* lowered lvl of log and input mesg
2023-03-22 17:41:59 +00:00
Jo
6b6cf5f4b7
Cfg: Move ViewersCanEdit into cfg (#64876)
move ViewersCanEdit into cfg
2023-03-16 10:54:01 +01:00
Carl Bergquist
eb507dca89
Remotecache: rename setbytearray/getbytearray to set/get and remove codec (#64470)
Signed-off-by: bergquist <carl.bergquist@gmail.com>
2023-03-10 13:57:29 +01:00
Will Browne
88666f9bbd
Plugins: Fix Cache-Control header response for public/plugins/* assets API (#64051)
* fix caching

* fixeroo

* simplify

* undo changes

* fix test
2023-03-06 12:42:18 -05:00
Galen Kistler
e58bef15ac
API: Cache-Control (browser caching) for datasource resources: part 2 (#63060)
* Check if header string contains "public" or "private" target values
2023-02-27 15:55:22 -05:00
Jo
ff78103a24
Authn: Anon session service (#63052)
* add anon sessions package

* add usage stat fn

* implement count for cache

* add anonservice to authn broker

* lint

* add tests for remote cache count

* move anon service to services

* wrap tagging in goroutine

* make func used
2023-02-21 16:21:18 +01:00
Jo
d4cfbd9fd3
LDAP: Move LDAP globals to Config (#63255)
* structure dtos and private methods

* add basic LDAP service

* use LDAP service in ldap debug API

* lower non fatal error

* remove unused globals

* wip

* remove final globals

* fix tests to use cfg enabled

* restructure errors

* remove logger from globals

* use ldap service in authn

* use ldap service in context handler

* fix failed tests

* fix ldap middleware provides

* fix provides in auth_test.go
2023-02-10 19:01:55 +01:00