* User: remove unused function
* User: Remove UpdatePermissions and support IsGrafanaAdmin flag in Update function instead
* User: Remove Disable function and use Update instead
* [LDAP] Disable removed users on login
* Fix tests
* Add test for user disabling
* Add tests for disabling user behind auth proxy
* Linting.
* Rename setup func
* Account for reviews comments
Co-authored-by: Kalle Persson <kalle.persson@grafana.com>
---------
Co-authored-by: Kalle Persson <kalle.persson@grafana.com>
* Search sql filter draft, unfinished
* Search works for empty roles
* Add current AuthModule to SignedInUser
* clean up, changes to the search
* Use constant prefixes
* Change AuthModule to AuthenticatedBy
* Add tests for using the permissions from the SignedInUser
* Refactor and simplify code
* Fix sql generation for pg and mysql
* Fixes, clean up
* Add test for empty permission list
* Fix
* Fix any vs all in case of edit permission
* Update pkg/services/authn/authn.go
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* Update pkg/services/sqlstore/permissions/dashboard_test.go
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* Fixes, changes based on the review
---------
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* AuthN: Add flag to control org role syncs
* JWT: Only sync org roles if the skip flag for jwt is false
* LDAP: Only sync org role if skip flag for ldap is false
* OAuth: Skip org roles sync if no roles were provided by upstream service
* Grafana: Set SyncOrgRoles to true for authentication through proxy with grafana as backend
* AuthN: Update comments for ClientParams
* AuthN: Update flag name from SyncTeamMembers to SyncTeams
* UserSync: rename function and fix order of parameters so it is correct
* UserSync: Fix so we skip check if no authModule or authID is passed
* UserSync: move quota check to create user function
* UserSync: Move FetchSyncedUserHook to UserSync
* UserSync: Move last seen user hook to user sync service
* ApiKey: Implement last seen hook as a client hook instead
* structure dtos and private methods
* add basic LDAP service
* use LDAP service in ldap debug API
* lower non fatal error
* remove unused globals
* wip
* remove final globals
* fix tests to use cfg enabled
* restructure errors
* remove logger from globals
* use ldap service in authn
* use ldap service in context handler
* fix failed tests
* fix ldap middleware provides
* fix provides in auth_test.go
* AuthN: set up boilerplate for proxy client
* AuthN: Implement Test for proxy client
* AuthN: parse accept list in constructor
* AuthN: add proxy client interface
* AuthN: handle error
* AuthN: Implement the proxy client interface for ldap
* AuthN: change reciever name
* AuthN: add grafana as a proxy client
* AuthN: for error returned
* AuthN: add tests for grafana proxy auth
* AuthN: swap order of grafan and ldap auth
* AuthN: Parse additional proxy headers in proxy client and pass down
* AuthN: add the ability to register post login hooks
* AuthN: add a guard for the user id
* AuthN: Add helper to create external user info from identity
* AuthN: Pass auth request to password clients
* AuthN: set auth module and username in metadata
