* Move legacy accesscontrol to middleware layer
* Remove bus usage for this endpoint
* Add tests for legacy accesscontrol
* Fix tests for org user and remove one more bus usage
* Added test for FolderAdmin as suggested in the review
Fix bug with engine cache not updating after data source updated, introduced in #36635.
Removes the SQL engine cache because since #36635 we already have instance caching in place using the SDK instance manager.
This also adds support for disposing cached SQL/xorm engines before a query happens to a data source that has been updated. Done by letting the SQL engine implementing the InstanceDisposer interface.
Fixes#37299
* pass url parameters through context.Context
* fix url param names without colon prefix
* change context params to vars
* replace url vars in tests using new api
* rename vars to params
* add some comments
* rename seturlvars to seturlparams
* Chore: GetDashboardQuery should be dispatched using DispatchCtx
* Fix after merge
* Changes after review
* Various fixes
* Use GetDashboardCtx function instead of GetDashboard
* Alerting: Refactor & fix unified alerting metrics structure
Fixes and refactors the metrics structure we have for the ngalert service. Now, each component has its own metric struct that includes the JUST the metrics it uses. Additionally, I have fixed the configuration metrics and added new metrics to determine if we have discovered and started all the necessary configurations of an instance.
This allows us to alert on `grafana_alerting_discovered_configurations - grafana_alerting_active_configurations != 0` to know whether an alertmanager instance did not start successfully.
* Support `role_attribute_path` for GitLab OAuth
Allow role mapping for GitLab accounts.
Example:
[auth.gitlab]
role_attribute_path = is_admin && 'Admin' || 'Viewer'
* Support `role_attribute_path` for GitLab OAuth
Allow role mapping for GitLab accounts.
Example:
[auth.gitlab]
role_attribute_path = is_admin && 'Admin' || 'Viewer'
* docs: add docs for role_attribute_path
* Apply suggestions from code review
Co-authored-by: Peter Leitzen <splattael@users.noreply.github.com>
* docs: update example
example should suggest a full configuration
* Apply suggestions from code review
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* Apply suggestions from code review
Co-authored-by: Fiona Artiaga <89225282+GrafanaWriter@users.noreply.github.com>
* docs: add suggestions from tech writers
Co-authored-by: Henry Sachs <Henry.Sachs@deutschebahn.com>
Co-authored-by: Henry Sachs <henrysachs@gmail.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Co-authored-by: Fiona Artiaga <89225282+GrafanaWriter@users.noreply.github.com>
* OAuth: clarify role & group paths prefer id_token over userinfo api (#39066)
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
Co-authored-by: Kevin Minehart <kmineh0151@gmail.com>
* warn on linux
* add warning for grpc plugins
* add windows support
* update go.mod
* reorganize imports
* update naming
* remove Windows logic
* simplify and add check for when UID and EUID don't match
* fix build
* tidy go.mod
* feedback
* cleanup + migrate
Adds a new setting dataproxy.row_limit that allows an operator to limit the
amount of rows being processed/accepted in response to database queries
originating from SQL data sources.
Closes#38975
Ref #39095
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
* Introduce response_limit for datasource responses
* Fix lint
* Fix tests
* Add case where limit <= 0 - added parametrized tests
* Add max_bytes_reader.go
* Use new httpclient.MaxBytesReader instead of net/http one
* Fixes according to reviewer's comments
* Add tests for max_bytes_reader
* Add small piece in configuration.md
* Further fixes according to reviewer's comments
* Fix linting - fix test
* Alerting: Persist notification log and silences to the database
This removes the dependency of having persistent disk to run grafana alerting. Instead of regularly flushing the notification log and silences to disk we now flush the binary content of those files to the database encoded as a base64 string.
