* Add org_mapping and org_attribute_path to the UI
* Add validators, allow setting org mapping to only Grafana Admins
* comment
* Address feedback, improve validation, fix FE test, lint
Adds more spans for timing in accesscontrol and remove permission deduplicating code after benchmarking
---------
Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
Co-authored-by: Dave Henderson <dave.henderson@grafana.com>
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
* keep config in a separate struct in LDAP
* implement reload function for LDAP
* remove param from sso service constructor
* update unit tests
* add feature flag
* remove nil params
* address feedback
* add unit test for disabled config
* chore(perf): Pre-allocate where possible (enable prealloc linter)
Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
* fix TestAlertManagers_buildRedactedAMs
Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
* prealloc a slice that appeared after rebase
Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
---------
Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
* add root and client certificate value fields for LDAP
* update error messages for connection error
* add LDAP fallback strategy for SSO settings service
* fix params for sso service provider
* fix params for sso service provider
* sort imports
* sort imports
* replace json.Number with int64 in config map
* remove type assertions
* Social: link to OrgRoleMapper
* OIDC: support Generic Oauth org to role mappings
Fixes: #73448
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
* Handle when getAllOrgs fails in the org_role_mapper
* Add more tests
* OIDC: ensure orgs are evaluated from API when not from token
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
* OIDC: ensure AutoAssignOrg is applied with OrgMapping without RoleAttributeStrict
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
* Extend docs
* Fix test, lint
---------
Signed-off-by: Mathieu Parent <math.parent@gmail.com>
Co-authored-by: Mihaly Gyongyosi <mgyongyosi@users.noreply.github.com>
* Feature Flags: use FeatureToggles interface where possible
Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
* Replace TestFeatureToggles with existing WithFeatures
Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
---------
Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
* replace sqlstore with db interface in a few packages
* remove from stats
* remove sqlstore in admin test
* remove sqlstore from api plugin tests
* fix another createUser
* remove sqlstore in publicdashboards
* remove sqlstore from orgs
* clean up orguser test
* more clean up in sso
* clean up service accounts
* further cleanup
* more cleanup in accesscontrol
* last cleanup in accesscontrol
* clean up teams
* more removals
* split cfg from db in testenv
* few remaining fixes
* fix test with bus
* pass cfg for testing inside db as an option
* set query retries when no opts provided
* revert golden test data
* rebase and rollback
* add strategy and tests
* use settings provider service and remove multiple providers strategy
* Move SAML strategy to ssosettings service
* Update codeowners file
* reload from settings provider
* add saml as configurable provider
* Add new SAML strategy
* rename old saml settings interface
* update saml string references
* use OSS license
* validate saml provider depends on license for List
* add tests for list rendering including saml
* change the licensing validation to service init
* replace service struct for provider
* fix mergeSettings() in case the db contains empty strings
* use correct github urls in test
* overwrite only urls
* update comment for mergeSettings()
* add strategy and tests
* use settings provider service and remove multiple providers strategy
* update codeowners file
* reload from settings provider
* query OAuth info from a new instance
* add `hd` validation flag
* add `disable_hd_validation` to settings map
* update documentation
---------
Co-authored-by: Jo <joao.guerreiro@grafana.com>
* streamline initialization of test databases, support on-disk sqlite test db
* clean up test databases
* introduce testsuite helper
* use testsuite everywhere we use a test db
* update documentation
* improve error handling
* disable entity integration test until we can figure out locking error
* Chore: Fix data race within tests of SSO Setting implementation
* Chore: fix data race within tests to allow parallel testing
* Chore: rollback changes runtime code to test a different approach
* Chore: Fix data race in SSO Setting implementation Upsert method
* Chore: fix typo in comment
* Reload after deletion of the current settings
* Add grafana_ssosettings_setting_reload_failure_total counter
* Returns successfully if data reload failed
* Add AuthNSvc reload handling
* Working, need to add test
* Remove commented out code
* Add Reload implementation to connectors
* Align and add tests, refactor
* Add more tests, linting
* Add extra checks + tests to oauth client
* Clean up based on reviews
* Move config instantiation into newSocialBase
* Use specific error
* first touches
* Merge missing SSO settings to support Advanced Auth pages
* fix
* Update secrets correctly
* Add test for upsert with redactedsecret
* Verify decryption in the List tests
* reload SSO settings for HA setups
* remove check for grafana HA
* add unit tests
* fetch all sso settings with one sql query
* register background service
