Commit Graph

2535 Commits

Author SHA1 Message Date
Will Browne
dbef103fb9
check is grafana admin (#34773) 2021-05-27 11:08:16 +02:00
Kevin Minehart
3aba08f708
hide caching settings when its disabled (#34756) 2021-05-26 12:27:28 -05:00
Serge Zaitsev
ef0fab9aa5
Expose folder UID in dashboards API response (#33991)
* expose folder UID in dashboards API response, import dashboards into folders by folder UID

* handle bad folder UID as 400 error

* 12591:Add tests for request with folderUid

* Use more descriptive error status for missing folders

Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>

* return 400 when folder id is missing

* put error checking in the right place this time

* mention folderUid in the docs

* Clarify usage of folderUid and folderId when both present

Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>

* Capitalise UID

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

* mention folder UID in the metadata for a GET response

Co-authored-by: Ida Furjesova <ida.furjesova@grafana.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
2021-05-26 10:20:13 -04:00
Joan López de la Franca Beltran
b74a502dc4
API: Use SettingsProvider on GET settings handler (#34632) 2021-05-25 15:35:43 +02:00
Sergey Kostrukov
a337f70469
AzureMonitor: Fix Azure token provider national clouds (#34615)
* Fix AAD authority for sovereign clouds

* Update Azure SDK with scopes fix

* Credential initialization in cache
2021-05-25 08:19:08 +02:00
Hugo Häggmark
7b17801047
LibraryPanels: Fixes error when importing plugin dashboard (#34557) 2021-05-24 09:31:34 +02:00
Torkel Ödegaard
d0769397b2
Histogram: Fix crash when state was undefined (when combine was enabled) (#34514) 2021-05-20 17:36:20 +02:00
Ryan McKinley
a91edd7267
Plugin Admin App: make the catalog look like internal component (#34341)
* Allow Route component usage in app plugins

* i tried

* fix catalog app

* fix catalog app

* fix catalog app

* cleanup imports

* plugin catalog enabled to plugin admin

* rename plugin catalog to plugin admin

* expose catalog url

* update text

* import from react-router-dom

* fix imports -- add logging

* merge changes

* avoid onNavUpdate

* Fixed onNavChange issues

* fix library imports

* more links

Co-authored-by: Dominik Prokop <dominik.prokop@grafana.com>
Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
2021-05-20 10:42:26 +02:00
Hugo Häggmark
740f1ab3e2
LibraryPanels: Fixes connections after dashboard import (#34461) 2021-05-20 09:40:23 +02:00
Ryan McKinley
b02403e3fc
TestData: use new format for random walk example (#34441) 2021-05-19 21:59:43 -07:00
Marcus Efraimsson
348e76fc8e
Datasource: Shared HTTP client provider for core backend data sources and any data source using the data source proxy (#33439)
Uses new httpclient package from grafana-plugin-sdk-go introduced 
via grafana/grafana-plugin-sdk-go#328. 
Replaces the GetHTTPClient, GetTransport, GetTLSConfig methods defined 
on DataSource model.
Longer-term the goal is to migrate core HTTP backend data sources to use the 
SDK contracts and using httpclient.Provider for creating HTTP clients and such.

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-05-19 23:53:41 +02:00
ying-jeanne
c61dd82163
make featureconfig open (#34395) 2021-05-19 18:24:31 +02:00
Alexander Emelin
e799257637
Live: stream resubmit on ds change, fix old ds settings in RunStream (#34130) 2021-05-18 21:39:56 +03:00
Sergey Kostrukov
c1b8a10f41
Plugins: Fix Azure token provider cache panic and auth param nil value (#34252)
* More tests for token cache

* Safeguarding from panic and concurrency fixes

* Update Azure dependencies

* Fix interpolation of empty plugin data
2021-05-18 15:36:58 +02:00
Ryan McKinley
de5cd4a7d3
Timeline: split "periodic" mode into its own panel (#34171) 2021-05-17 13:00:04 -07:00
Ryan McKinley
edcefe1c8e
Chore: Rename "marketplace" app to "catalog" (#34149) 2021-05-17 08:27:56 -07:00
Domas
7a2dff741b
Alerting: Global config form for cloud alert manager (#34074) 2021-05-17 10:50:29 +02:00
Domas
8a0dbd0127
Alerting: enforce roles on frontend (#33997) 2021-05-17 11:15:17 +03:00
Sergey Kostrukov
81f6c806e1
Azure token provider with support for Managed Identities (#33807)
* Azure token provider

* Configuration for Azure token provider

* Authentication via Azure SDK for Go

* Fix typo

* ConcurrentTokenCache for Azure credentials

* Resolve AAD authority for selected Azure cloud

* Fixes

* Generic AccessToken and fixes

* Tests and wordings

* Tests for getAccessToken

* Tests for getClientSecretCredential

* Tests for token cache
2021-05-14 13:59:07 +02:00
wengelbrecht-grafana
2fc9c6ca58
Fix key and deleteKey being ignored when creating a snapshot with external=true set (#33686)
* Update dashboard_snapshot.go

This is to address: https://github.com/grafana/grafana/issues/33665

The key and deleteKey fields are not honoured when creating a snapshot with external:true set

* removed whitespace
2021-05-13 15:39:43 -07:00
Owen Diehl
baca873a84
extracts alertmanager from DI, including migrations (#34071)
* extracts alertmanager from DI, including migrations

* includes alertmanager Run method in ngalert

* removes 3s test shutdown timeout

* lint
2021-05-13 14:01:38 -04:00
Will Browne
c39d6ad97d
Plugins: Enable plugin runtime install/uninstall capabilities (#33836)
* add uninstall flow

* add install flow

* small cleanup

* smaller-footprint solution

* cleanup + make bp start auto

* fix interface contract

* improve naming

* accept version arg

* ensure use of shared logger

* make installer a field

* add plugin decommissioning

* add basic error checking

* fix api docs

* making initialization idempotent

* add mutex

* fix comment

* fix test

* add test for decommission

* improve existing test

* add more test coverage

* more tests

* change test func to use read lock

* refactoring + adding test asserts

* improve purging old install flow

* improve dupe checking

* change log name

* skip over dupe scanned

* make test assertion more flexible

* remove trailing line

* fix pointer receiver name

* update comment

* add context to API

* add config flag

* add base http api test + fix update functionality

* simplify existing check

* clean up test

* refactor tests based on feedback

* add single quotes to errs

* use gcmp in tests + fix logo issue

* make plugin list testing more flexible

* address feedback

* fix API test

* fix linter

* undo preallocate

* Update docs/sources/administration/configuration.md

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

* Update docs/sources/administration/configuration.md

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

* Update docs/sources/administration/configuration.md

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

* fix linting issue in test

* add docs placeholder

* update install notes

* Update docs/sources/plugins/marketplace.md

Co-authored-by: Marcus Olsson <marcus.olsson@hey.com>

* update access wording

* add more placeholder docs

* add link to more info

* PR feedback - improved errors, refactor, lock fix

* improve err details

* propagate plugin version errors

* don't autostart renderer

* add H1

* fix imports

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
Co-authored-by: Marcus Olsson <marcus.olsson@hey.com>
2021-05-12 20:05:16 +02:00
Agnès Toulet
ec71919e7b
Rendering: add CSV support (#33729)
* Rendering: add CSV rendering support

* Rendering: save csv files into a separate folder

* add missing field

* Renderer: get filename from renderer plugin

* apply PR suggestions

* Rendering: remove old PhantomJS error

* Rendering: separate RenderCSV and Render functions

* fix alerting test

* Rendering: fix handling error in HTTP mode

* apply PR feedback

* Update pkg/services/rendering/http_mode.go

Co-authored-by: Joan López de la Franca Beltran <joanjan14@gmail.com>

* apply PR feedback

* Update rendering metrics with type label

* Rendering: return error if not able to parse header

* Rendering: update grpc generated file

* Rendering: use context.WithTimeout to render CSV too

Co-authored-by: Joan López de la Franca Beltran <joanjan14@gmail.com>
2021-05-12 17:16:57 +02:00
Sergey Kostrukov
81ad9769fa
AzureMonitor: Azure settings in Grafana server config (#33728)
* Azure cloud settings

* Fix typos

* Grouped Azure settings

* Doc fixes

* Some settings are not needed

* Updated cloud name aliases
2021-05-12 16:23:37 +02:00
idafurjes
f2fcf721eb
32540: Add org users with pagination (#33788)
* Add model for search org user and add handler for dispatch

* 32540_org_users_with_pagination: Add endpoint for search org users

* 32540_org_users_with_pagination: Add test for org user search handler

* 32540_org_users_with_pagination: fix indentation

* 32540_org_users_with_pagination: Remove newline

* 32540_org_users_with_pagination: Remove empty line

* 32540_org_users_with_pagination: Fix indentation

* Update pkg/api/org_users.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/api/org_users.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/models/org_user.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/api/org_users_test.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/api/org_users_test.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* 32540_org_users_with_pagination: Use hs.SQLStore.SearchOrgUsers instead of bus

* Add model for search org user and add handler for dispatch

* 32540_org_users_with_pagination: Add endpoint for search org users

* 32540_org_users_with_pagination: Add test for org user search handler

* 32540_org_users_with_pagination: fix indentation

* 32540_org_users_with_pagination: Remove newline

* 32540_org_users_with_pagination: Remove empty line

* 32540_org_users_with_pagination: Fix indentation

* Update pkg/api/org_users.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/api/org_users.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/models/org_user.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/api/org_users_test.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/api/org_users_test.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* 32540_org_users_with_pagination: Use hs.SQLStore.SearchOrgUsers instead of bus

* 32540_org_users_with_pagination: Add test for the sqlstore

* 32540_org_users_with_pagination: Fix sqlstore test

* Update pkg/api/org_users.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/api/org_users_test.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/api/org_users_test.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/services/sqlstore/org_users.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/services/sqlstore/org_users.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/services/sqlstore/org_test.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/services/sqlstore/org_test.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* 32540: Fix search org users method

* 32540: Fix sqlstore test

* 32540: Fix go-lint

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-05-12 14:10:35 +02:00
Hugo Häggmark
69d9f427e1
LibraryPanels: removes feature toggle (#33839)
* WIP: intial structure

* Refactor: adds create library element endpoint

* Feature: adds delete library element

* wip

* Refactor: adds get api

* Refactor: adds get all api

* Refactor: adds patch api

* Refactor: changes to library_element_connection

* Refactor: add get connections api

* wip: in the middle of refactor

* wip

* Refactor: consolidating both api:s

* Refactor: points front end to library elements api

* Tests: Fixes broken test

* LibraryPanels: removes feature toggle

* Fix: fixes delete library elements in folder and adds tests

* Tests: fixes snapshot

* Refactor: adds service interfaces so they can be easily mocked

* Refactor: changes order of tabs in manage folder

* Refactor: fixes so link does not cover whole card

* Refactor: fixes index string name

* Update pkg/services/libraryelements/libraryelements.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/services/libraryelements/libraryelements_permissions_test.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/services/libraryelements/database.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Chore: changes after PR comments

* Update libraryelements.go

* Update libraryelements.go

* Chore: updates after PR comments

* Chore: trying to fix build error

* Refactor: fixed stupid mistake

* Update libraryelements.go

* Chore: tries to fix build errors

* Refactor: trying to fix MySQL key length

* Update libraryelements.go

* Update pkg/services/libraryelements/libraryelements.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/services/librarypanels/librarypanels.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Refactor: changes after PR comments

* Refactor: changes after PR comments

* Tests: fixes tests

* Refactor: renames connections to connectedDashboards

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-05-12 08:48:17 +02:00
Alexander Emelin
95a356a840
Live: using organisation IDs throughout stack (#33714) 2021-05-11 22:03:04 +03:00
Alexander Zobnin
a015bb3a23
Access Control: Fix side menu links (#33945) 2021-05-11 21:10:07 +03:00
Emil Tullstedt
68cdbb611f
Access control: Use global scope for users permissions (#33941)
Quick fix. We eventually will want to make users endpoints more aware of
the access control system.
2021-05-11 20:04:29 +02:00
Hugo Häggmark
f1b2c750e5
LibraryElements: Adds library elements api and tables (#33741)
* WIP: intial structure

* Refactor: adds create library element endpoint

* Feature: adds delete library element

* wip

* Refactor: adds get api

* Refactor: adds get all api

* Refactor: adds patch api

* Refactor: changes to library_element_connection

* Refactor: add get connections api

* wip: in the middle of refactor

* wip

* Refactor: consolidating both api:s

* Refactor: points front end to library elements api

* Tests: Fixes broken test

* Fix: fixes delete library elements in folder and adds tests

* Refactor: changes order of tabs in manage folder

* Refactor: fixes so link does not cover whole card

* Update pkg/services/libraryelements/libraryelements.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/services/libraryelements/libraryelements_permissions_test.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/services/libraryelements/database.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Chore: changes after PR comments

* Update libraryelements.go

* Chore: updates after PR comments

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-05-11 07:10:19 +02:00
Serge Zaitsev
da13f88862
Redact sensitive values before logging them (#33829)
* use a common way to redact sensitive values before logging them

* fix panic on missing testCase.err, simplify require checks

* fix a silly typo

* combine readConfig and buildConnectionString methods, as they are closely related
2021-05-10 17:03:10 +02:00
Sergey Kostrukov
1790737cf1
Plugins: AuthType in route configuration and params interpolation (#33674)
* AuthType in route configuration

* Pass interpolated auth parameters to token provider

* Unit tests

* Update after review

Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>

Fixes #33669
Closed #33732
2021-05-06 22:05:23 +02:00
Vardan Torosyan
2a98ac1ab4
Access control: Fix scopes in the API routes (#33750) 2021-05-05 16:52:21 +02:00
Torkel Ödegaard
dbcfebac56
TimeSeries: Make timeseries the default panel and remove beta state (#33639)
* TimeSeries: Make timeseries the default panel and remove beta state

* rename old graph

* Updated panel descriptions, fixed e2e tests

* Updated text

* Fixed e2e

* Fixing e2e tests
2021-05-05 13:19:14 +02:00
Ryan McKinley
33e4f8d7ac
Live: remove feature toggle and enable by default (#33654) 2021-05-04 08:44:55 -07:00
Hugo Häggmark
c6d4d14a89
LibraryPanels: Adds folder filter to manage library panel page (#33560)
* LibraryPanels: Adds folder filter

* Refactor: Adds folder filter to library search

* Refactor: splits huge function into smaller functions

* LibraryPanels: Adds Panels Page to Manage Folder tabs (#33618)

* Chore: adds tests to LibraryPanelsSearch

* Refactor: Adds reducer and tests

* Chore: changes GrafanaThemeV2

* Refactor: pulls everything behind the feature toggle

* Chore: removes clear icon from FolderFilter

* Chore: adds filter to SortPicker

* Refactor: using useAsync instead
2021-05-04 13:59:40 +02:00
Ganesh Vernekar
918552d34b
NGAlert: Send list of available ngalert notification channels via API (#33489)
Signed-off-by: Ganesh Vernekar <ganeshvern@gmail.com>
2021-05-04 13:58:39 +02:00
kay delaney
2cc66e548a
Library panels: Normalize feature name as "Library panels" (#33540) 2021-05-04 09:00:44 +01:00
ying-jeanne
22b2d3c38a
frontend for trim/apply defaults and some bug fixing (#33561)
* remove empty object and workaround on list

* frontend

* add toggle on frontend
2021-05-04 15:03:42 +08:00
Torkel Ödegaard
578283078b
PanelEdit: Improves viz picker ux, auto close on click (#33633)
* PanelEdit: Improves viz picker ux, auto close on click

* Fixing strict ts error

* Updated e2e
2021-05-03 16:49:09 +02:00
Sergey Kostrukov
19f520d891
PluginProxy: Split implementations of token providers (#32820)
* Split implementations of token providers

* Fix imports

* Fix code racing in unit tests
2021-05-03 13:46:32 +01:00
Emil Tullstedt
4496ae496e
Access control: Clean up users scopes (#33532)
Following discussion in grafana/grafana-enterprise#1292, removing
org-scoped users scopes to make it clear that the local organization is
the default and the alternative to that is a global scope (for a select
few endpoints)
2021-05-03 10:27:12 +02:00
Sofia Papagiannaki
fcd674ec58
Fix deleting prom rules endpoints via ds_proxy (#33491) 2021-04-29 10:20:51 +03:00
Marcus Efraimsson
7e6db1ee7e
Permissions: Fix inherited folder permissions can prevent new permissions being added to a dashboard (#33329)
In the case permissions has been added on dashboard(s). Later permissions for the 
parent folder of the dashboard is edited in such a way that dashboard in that folder 
has a permission that is a duplicate of an inherited one. This PR changes so that 
duplicate permissions are now filtered out from /api/dashboards/id/<dashboard id>/permissions.
Duplicate permission are not filtered out if the permission on dashboard is higher 
than on the inherited folder.

Fixes #33296

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-04-28 14:42:18 +02:00
ying-jeanne
748778fff0
new endpoint to post/get trimmed dashboard json (#33465)
* new endpoint to post/get trimed dashboard json

* add isdisabled check in dashboard.go
2021-04-28 19:38:33 +08:00
Christian Haudum
076e2ce06a
Return 404 when deleting non-existing API key (#33346)
The server needs to return a HTTP 404 (Not Found) when an API key that does not exist is deleted.
2021-04-28 13:30:09 +02:00
Joan López de la Franca Beltran
c41b08bd59
Settings: Encapsulate settings within an extensible provider (#32219)
* Encapsulate settings with a provider with support for runtime reloads

* SettingsProvider: reload is controlled by the services

* naive impl of reload handlers for settings

* working naive detection on new changes

* Trigger settings reload from API endpoint

* validation step added

* validation of settings

* Fix linting errors

* Replace DB_Varchar by DB_NVarchar

* Reduce settings columns (section, key) lenghts

* wip db update logic

* Db Settings: separate updates and removals

* Fix: removes incorrectly added code

* Minor code improvements

* Runtime settings: moved oss -> ee

* Remove no longer used setting.Cfg SAML-related fields

* Rename file setting/settings.go => setting/provider.go

* Apply suggestions from code review

Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>

* Minor code improvements on OSS settings provider

* Fix some login API tests

* Correct some GoDoc comments

* Apply suggestions from code review

Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>

Co-authored-by: Leonard Gram <leo@xlson.com>
Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>
2021-04-28 11:26:58 +02:00
Alexander Emelin
7501a2deb6
Live: pure websocket push endpoint (#33339) 2021-04-26 13:17:49 +03:00
Ryan McKinley
1dd9e9b184
Live: support a dashboard gitops channel (#33291) 2021-04-23 21:55:31 +02:00
Arve Knudsen
6408b55a7c
Slack: Use chat.postMessage API by default (#32511)
* Slack: Use only chat.postMessage API

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Slack: Check for response error

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Slack: Support custom webhook URL

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Simplify

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix tests

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Rewrite tests to use stdlib

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/services/alerting/notifiers/slack.go

Co-authored-by: Dimitris Sotirakis <sotirakis.dim@gmail.com>

* Clarify URL field name

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix linting issue

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix test

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix up new Slack notifier

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Improve tests

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix lint

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Slack: Make token not required

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Alerting: Send validation errors back to client

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Document how token is required

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Make recipient required when using Slack API

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix field description

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

Co-authored-by: Dimitris Sotirakis <sotirakis.dim@gmail.com>
2021-04-22 16:00:21 +02:00
Alexander Zobnin
0e020a40a5
Access control: Fix invite endpoint permissions (#33262) 2021-04-22 16:15:57 +03:00
Alexander Zobnin
a7e721e987
Access control: Make Admin/Users UI working with the permissions (#33176)
* API: authorize admin/users views

* Render admin/users components based on user's permissions

* Add LDAP permissions (required by admin/user page)

* Extend default admin role by LDAP permissions

* Show/hide LDAP debug views

* Render LDAP debug page if user has access

* Authorize LDAP debug view

* fix permissions definitions

* Add LDAP page permissions

* remove ambiguous permissions check

* Hide logout buttons in sessions table

* Add org/users permissions

* Use org permissions for managing user roles in orgs

* Apply permissions to org/users

* Apply suggestions from review

* Fix tests

* remove scopes from the frontend

* Tweaks according to review

* Handle /invites endpoints
2021-04-22 13:19:41 +03:00
Will Browne
c37a3bebb7
Plugins: Serve static assets directly instead of through middleware handler (#32779)
* removed static routes from macaron

* move path src to plugins pkg

* use plugin details

* remove dead code

* fixes

* use clean from std lib

* reformat imports

* remove caching headers + add security checks

* revert using no cache header middleware

* add cache-control headers

* add 404 check

* use new var for subsequent file handling
2021-04-21 15:17:23 +02:00
Marcus Efraimsson
caa420f92f
Chore: Improve request distributed tracing middleware (#33033)
Before these changes the request tracing was added for each route 
registered using the routing.RouteRegister, see code. This had the 
consequence that middleware executed earlier/later in the request 
pipeline was not part of the request tracing middleware life-cycle 
which measures the duration of requests among other things.
In the logger middleware we do extract the current distributed trace 
identifier, if available, and set that on request info/error log messages.
With these changes we can extract the current distributed trace identifier, 
if available, and set that on the contextual HTTP request logger 
(models.ReqContext.Logger) which would improve the possibility to correlate 
all HTTP request log messages with traces.
In addition, the request tracing middleware is now executed first and last in 
the request pipeline and should therefore result in more accurate timing 
measurements (request duration).

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-04-20 15:22:22 +02:00
Domas
60b469f836
Alerting: receivers page + template list (#33112) 2021-04-19 13:02:58 +03:00
Alexander Zobnin
41f6af96c4
Access control: Build navigation links with access control (#33024)
* Build nav links with access control

* Break up getNavTree (reduce cyclomatic complexity)

* Fix tests

* Use only ActionUsersRead permissions

* Remove unused permissions definitions

* Chore: remove unused fallbacks

* Fix linter error
2021-04-19 12:23:29 +03:00
Alexander Zobnin
8b843eb0a6
Access control: expose permissions to the frontend (#32954)
* Expose user permissions to the frontend

* Do not include empty scope

* Extend ContextSrv with hasPermission() method

* Add access control types

* Fix type error (make permissions optional)

* Fallback if access control disabled

* Move UserPermission to types

* Simplify hasPermission()
2021-04-16 16:02:16 +03:00
Sofia Papagiannaki
6bbb2fd4ba
[Alerting]: Several modifications in alert rules (#32983)
* [Alerting]: Use common properties for all rules

* Add Labels in rules

* Fix update ruleGroup API

Return 400 Bad Request response
when the request contains a UID that does not exist

* Check permissions and return namespace id

* Apply suggestions from code review

Co-authored-by: gotjosh <josue@grafana.com>
2021-04-15 15:54:37 +03:00
Owen Diehl
dadccdda06
Allows posting to prom rules endpoints via ds_proxy (#32946)
* allows posting to prom rules endpoints via ds_proxy

* prom proxy routes via plugin and fix proxy route matching bug

* bump ci
2021-04-14 13:06:20 -04:00
Vardan Torosyan
9f82eac833
Access control: Add access control based permissions to admins/users (#32409)
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
2021-04-14 16:31:27 +02:00
Jack Westbrook
bd74953f0d
Plugins: Allow a non-dashboard page to be the default home page (#32926)
* feat: introduce home page redirect if default dashboard

* style: clean up

* Apply suggestions from code review

Co-authored-by: Hugo Häggmark <hugo.haggmark@grafana.com>

* chore(dashboard): remove obsolete setting import

* docs(config): add home_page description

Co-authored-by: Hugo Häggmark <hugo.haggmark@grafana.com>
2021-04-13 15:27:51 +02:00
Hugo Häggmark
7d07599dc1
LibraryPanels: Adds initial section and Page to Dashboard submenu (#32876)
* LibraryPanels: Adds initial section and Page to Dashboard submenu

* Refactor: adds perPage as prop

* Chore: renames OrgActionBar

* Chore: updates after PR comments

* Chore: updates snapshot
2021-04-12 09:30:29 +02:00
Domas
e6a98ce1e4
Alerting: bootstrap silences page (#32810) 2021-04-09 13:44:26 +03:00
Arve Knudsen
51e4106d1d
API: Fix paths starting with double leading slash or slash and backslash (#32830)
* API: Fix paths starting with double leading slash or slash and backslash

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-04-09 11:49:38 +02:00
Zoltán Bedi
7a2ab93e7a
Prometheus: Allow exemplars endpoint in data source proxy (#32802) 2021-04-08 18:10:59 +02:00
Arve Knudsen
7032ecce2a
Server: Disambiguate redirects to server relative paths (#32788)
* Server: Disambiguate redirects to server relative paths

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-04-08 15:05:42 +02:00
Domas
a56293142a
Alerting: unified alerting frontend (#32708) 2021-04-07 08:42:43 +03:00
Alexander Zobnin
823f0bc460
Access Control: move features to Enterprise (#32640)
* Move db package WIP

* Implement OSS access control

* Register OSS access control

* Fix linter error in tests

* Fix linter error in evaluator

* Simplify OSS tests

* Optimize builtin roles

* Chore: add comments to the exported functions

* Remove init from ossaccesscontrol package (moved to ext)

* Add access control as a dependency for http server

* Modify middleware to receive fallback function

* Middleware: refactor fallback function call

* Move unused models to enterprise

* Simplify AccessControl type

* Chore: use bool IsDisabled() method instead of CanBeDisabled interface
2021-04-06 16:49:09 +03:00
Alexander Emelin
54ad791c7e
Live: expose HTTP push endpoint that will read influx line protocol and publish to websocket (#32311)
Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
2021-04-05 19:04:46 +03:00
Torkel Ödegaard
d42a5b2561
FrontendMetrics: Adds new backend api that frontend can use to push frontend measurements and counters to prometheus (#32593)
* FrontendMetrics: Adds new backend api that frontend can use to push frontend measurements and counters to prometheus

* FrontendMetrics: Adds new backend api that frontend can use to push frontend measurements and counters to prometheus

* Fix naming

* change to histogram

* Fixed go lint
2021-04-01 20:04:02 +02:00
Vladimir Kochnev
39a3b0d0b0
Auth: support JWT Authentication (#29995) 2021-03-31 08:40:44 -07:00
Ryan McKinley
1446d094b8
API: return query results as JSON rather than base64 encoded Arrow (#32303) 2021-03-31 08:35:03 -07:00
Marcus Efraimsson
aad43869c3
Plugins: Support set body content in plugin routes (#32551)
Adds support for overriding the body and length in plugin routes.
2021-03-31 16:38:35 +02:00
Alexander Emelin
da05b7a07b
Live: http publish, refactor live interfaces (#32317) 2021-03-30 13:23:29 +03:00
Diana Payton
4bf97e9f59
Edit UI text (#32450)
* UI text edits

* Update index.go
2021-03-29 20:30:11 +02:00
Carl Bergquist
5ec530f3fc
API: Return 409 on datasource version conflict (#32425)
Signed-off-by: bergquist <carl.bergquist@gmail.com>
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
2021-03-29 16:03:15 +02:00
Carl Bergquist
e1458391bb
API: Return 400 on invalid Annotation requests (#32429)
Signed-off-by: bergquist <carl.bergquist@gmail.com>
2021-03-29 15:47:16 +02:00
Carl Bergquist
eb241b960f
API: Datasource endpoint should return 400 bad request if id and orgId is invalid (#32392)
* return 400 bad request if id and orgId is invalid

Signed-off-by: bergquist <carl.bergquist@gmail.com>
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-03-29 08:56:58 +02:00
Torkel Ödegaard
9d6c8f8512
PanelEdit: v8 Panel Edit UX (#32124)
* Initial commit

* Progress

* Update

* Progress

* updates

* Minor fix

* fixed ts issue

* fixed e2e tests

* More explorations

* Making progress

* Panel options and field options unified

* With nested categories

* Starting to find something

* fix paddings

* Progress

* Breakthrough ux layout

* Progress

* Updates

* New way of composing options with search

* added regex search

* Refactoring to react note tree

* Show overrides

* Adding overrides radio button support

* Added popular view

* Separate stat/gauge/bargauge options into value options and display options

* Initial work on getting library panels into viz picker flow

* Fixed issues switching to panel library panel

* Move search input put of LibraryPanelsView

* Changing design again to have content inside boxes

* Style updates

* Refactoring to fix scroll issue

* Option category naming

* Fixed FilterInput issue

* Updated snapshots

* Fix padding

* Updated viz picker design

* Unify library panel an viz picker card

* Updated card with delete action

* Major refactoring back to an object model instead of searching and filtering react node tree

* More refactoring

* Show option category in label when searching

* Nice logic for categories rendering when searching or when only child

* Make getSuggestions more lazy for DataLinksEditor

* Add missing repeat options and handle conditional options

* Prepping options category to be more flexibly and control state from outside

* Added option count to search result

* Minor style tweak

* Added button to close viz picker

* Rewrote overrides to enable searching overrides

* New search engine and tests

* Searching overrides works

* Hide radio buttons while searching

* Added angular options back

* Added memoize for all options so they are not rebuilt for every search key stroke

* Added back support for category counters

* Started unit test work

* Refactoring and base popular options list

* Initial update to e2e test, more coming to add e2e test for search features

* Minor fix

* Review updates

* Fixing category open states

* Unit test progress

* Do not show visualization list mode radio button if library panels is not enabled

* Use boolean

* More unit tests

* Increase library panels per page count and give search focus when switching list mode

* field config change test and search test

* Feedback updates

* Minor tweaks

* Minor refactorings

* More minimal override collapse state
2021-03-25 08:33:13 +01:00
Alexander Emelin
336bc559a3
Basic streaming plugin support (#31940)
This pull request migrates testdata to coreplugin streaming capabilities,
this is mostly a working concept of streaming plugins at the moment, 
the work will continue in the following pull requests.
2021-03-23 20:24:08 +03:00
Alexander Zobnin
20bd591bea
Access control: Basic structure and functionality behind feature toggle (#31893)
Co-authored-by: Alexander Zobnin <alexander.zobnin@grafana.com>
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
Co-authored-by: Arve Knudsen <arve.knudsen@grafana.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@grafana.com>
2021-03-22 13:22:48 +01:00
Owen Diehl
93d0f7163f
[Alerting] Forking LoTex ruler (#32138)
* updates alerting api to master

* skeleton for lotex ruler

* withPath helper & legacyRulerPrefix const

* forked ruler

* wires up proxy

* safeMacaronWrapper

* working proxy

* jsonExtractor

* lint
2021-03-19 10:32:13 -04:00
Carl Bergquist
862cd473eb
HttpServer: Make read timeout configurable but disabled by default (#31575)
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
2021-03-19 11:21:52 +01:00
Joan López de la Franca Beltran
5c07df9f4b
Chore: Replace Command dispatches by explicit calls (#32131)
* Clean up GetProvisionedDashboardDataByIdQuery

* Clean up SaveProvisionedDashboardCommand

* Clean up & fix AddTeamMemberCommand usages

* Clean up & fix UpdateUserPermissionsCommand usages

* Lint imports
2021-03-19 09:14:14 +01:00
Joan López de la Franca Beltran
b2e82a4f37
Login: Replace command dispatch by explicit call (#32088)
* Fix LoginService.UpsertUser user creation

* Fix API AdminCreateUser user creation

* Add missing underscore import

* Fix API CompleteInvite user creation

* Fix API SignUpStep2 user creation
2021-03-18 17:16:56 +01:00
Arve Knudsen
a2eda798e7
PluginManager: Make remaining plugin state non-global (#32094)
* PluginDashboards: Use plugin manager interface

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* PluginManager: Make panels non-global

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* PluginManager: Make apps non-global

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* PluginManager: Make static routes non-global

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* PluginManager: Make pluginTypes non-global

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-03-18 13:53:01 +01:00
Owen Diehl
7a4ab13a79
API Response implements http.ResponseWriter (#32046)
* rename response.Header -> response.SetHeader to free up method name for http.ResponseWriter ifc

* normalresponse implements http.ResponseWriter
2021-03-17 13:12:28 -04:00
Owen Diehl
36614b03f7
Data Source Proxy: Migrate proxy to its own service and make more extensible (#31927)
* datasource proxy extensions

* revert normalresponse extensions

* data proxy service impl

* lint

* api datasource proxy method

* moves datasource proxy tests into correct new pkg
2021-03-17 13:10:40 -04:00
Arve Knudsen
87c3a2b790
PluginManager: Make Plugins, Renderer and DataSources non-global (#31866)
* PluginManager: Make Plugins and DataSources non-global

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix integration tests

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Replace outdated command

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* DashboardService: Ensure it gets constructed with necessary parameters

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix build

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* DashboardService: Ensure it gets constructed with necessary parameters

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Remove dead code

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix test

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix test

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Remove FocusConvey

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix test

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Remove dead code

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Undo interface changes

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Backend: Move tsdbifaces.RequestHandler to plugins.DataRequestHandler

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Rename to DataSourceCount

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Consolidate dashboard interfaces into one

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix tests

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix tests

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix test

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix tests

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix tests

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix tests

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix tests

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix dashboard integration tests

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-03-17 16:06:10 +01:00
Marcus Efraimsson
c0edf88f9f
Data proxy: Fix encoded characters in URL path should be proxied encoded (#30597)
Fix encoded characters in URL path should be proxied as encoded in the data proxy.

Fixes #26870 
Fixes #31438

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-03-17 12:17:41 +01:00
Joan López de la Franca Beltran
610999cfa2
Auth: Allow soft token revocation (#31601)
* Add revoked_at field to user auth token to allow soft revokes

* Allow soft token revocations

* Update token revocations and tests

* Return error info on revokedTokenErr

* Override session cookie only when no revokedErr nor API request

* Display modal on revoked token error

* Feedback: Refactor TokenRevokedModal to FC

* Add GetUserRevokedTokens into UserTokenService

* Backendsrv: adds tests and refactors soft token path

* Apply feedback

* Write redirect cookie on token revoked error

* Update TokenRevokedModal style

* Return meaningful error info

* Some UI changes

* Update backend_srv tests

* Minor style fix on backend_srv tests

* Replace deprecated method usage to publish events

* Fix backend_srv tests

* Apply suggestions from code review

Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>
Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com>

* Apply suggestions from code review

* Apply suggestions from code review

Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com>

* Minor style fix after PR suggestion commit

* Apply suggestions from code review

Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>

* Prettier fixes

Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com>
Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>
Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>
2021-03-16 17:44:02 +01:00
Marcus Efraimsson
a97637a133
Snapshots: Fix usage of sign in link from the snapshot page (#31986)
Fix redirect to login page from snapshot page when not authenticated.

Fixes #28547
2021-03-16 16:46:34 +01:00
Arve Knudsen
1716de88b5
DashboardService: Consolidate constructors (#31886)
* DashboardService: Consolidate constructors

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-03-12 11:51:02 +01:00
Arve Knudsen
47f13abf7a
Backend: Migrate to using non-global configuration (#31856)
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-03-10 12:41:29 +01:00
Arve Knudsen
b79e61656a
Introduce TSDB service (#31520)
* Introduce TSDB service

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

Co-authored-by: Erik Sundell <erik.sundell87@gmail.com>
Co-authored-by: Will Browne <will.browne@grafana.com>
Co-authored-by: Torkel Ödegaard <torkel@grafana.org>
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
Co-authored-by: Zoltán Bedi <zoltan.bedi@gmail.com>
2021-03-08 07:02:49 +01:00
Hugo Häggmark
4bc6a7c407
LibraryPanels: Deletes library panels during folder deletion (#31572)
* Refactor: adds permissions for library panel creation

* Refactor: checks folder permissions for patch requests

* Chore: changes after PR comments

* Refactor: adds permissions to delete

* Refactor: moves get all permission tests out of get all tests

* Chore: move out get all tests to a separate file

* Refactor: adds permissions to get handler

* Refactor: fixes a bug with getting library panels in General folder

* Refactor: adds permissions for connect/disconnect

* Refactor: adds permissions and tests for get connected dashboards

* Tests: adds tests for connected dashboards in General Folder

* LibraryPanels: Deletes library panels during folder deletion

* LibraryPanels: Deletes library panels during folder deletion

* Update pkg/api/folder.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/services/librarypanels/librarypanels_permissions_test.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Chore: updates after PR comments

* Chore: forgot to change some function signatures

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-03-02 10:34:01 +01:00
Torkel Ödegaard
7428668835
Profile: Fixes profile preferences being accessible when anonymous access was enabled (#31516)
* Profile: Fixes profile preferences page being available when anonymous access was enabled

* Minor change

* Renamed property
2021-02-27 18:04:28 +01:00
Agnès Toulet
663d44fe82
Login: handle custom token creation error messages (#31283)
* Login: handle custom token creation errors

* Login: handle external error for OAuth responses
2021-02-25 15:30:51 +01:00
Torkel Ödegaard
584886fa46
AppPlugins: Options to disable showing config page in nav (#31354)
* AppPlugins: Options to disable showing config page in nav

* rename

* Added autoEnabled

* updated

* Things are working sort of

* Simplify
2021-02-25 10:00:21 +01:00
Erik Sundell
1b149523ed
AWS: Add aws plugin configuration (#31312)
* add new conf and make sure its passed to frontend

* change auth provider name

* goimports

* fixed after feedback

* more updates after feedback

* Update docs/sources/administration/configuration.md

Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>

* Update docs/sources/administration/configuration.md

Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>

* Update docs/sources/administration/configuration.md

Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>

* Update docs/sources/administration/configuration.md

Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>

* Update docs/sources/administration/configuration.md

Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>

* Update conf/sample.ini

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update docs/sources/administration/configuration.md

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/setting/setting.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* updates after pr feedback

* Update conf/defaults.ini

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update conf/defaults.ini

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update conf/sample.ini

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-02-24 18:08:13 +01:00
Ivana Huckova
dce67db6ba
Prometheus: Use configured HTTP method for /series and /labels endpoints (#31401)
* Run post-friendly request with set method first

* Improve messaging, retry only when post and specific status code

* Add comments

* Fix backend

* Update public/app/plugins/datasource/prometheus/datasource.ts
2021-02-23 16:31:03 +01:00
Alex Khomenko
6db4b40d5b
Data source list: Use Card component (#31326)
* Replace DataSourcesListItem with Card

* Add tests

* Remove unused styles

* Make card heading semi bold

* Make heading semi-bold

* Show type name instead of type id

* Fix key warning

* Update Card

* Fix tests

* Make typeName optional

* remove styling that was just a test

* Make typeName non-optional and fix tests

* Update list key

Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
2021-02-22 14:02:10 +02:00
Arve Knudsen
6e549bc95d
Chore: Remove gotest.tools dependency (#31391)
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-02-22 11:53:15 +01:00
Torkel Ödegaard
3e55c967ee
Theming: Support for runtime theme switching and hooks for custom themes (#31301)
* WIP Custom themes

* Load custom themes from URL and via event

* Dynamic page background

* Header color change

* Fixing tests and emotion warnings

* Fixed test

* moving cx to getStyles

* Review fixes

* minor change
2021-02-20 09:02:06 +01:00
Leonard Gram
fe74c51d68
SAML: single logout only enabled in enterprise (#31325) 2021-02-19 10:00:30 +01:00
Hugo Häggmark
06e6bcf091
LibraryPanels: Disconnect before connect during dashboard save (#31235)
* LibraryPanels: Disconnect before connect during dashboard save

* Tests: fixed test

* Chore: updates after PR comments

* Chore: changes from context.Background() to c.Context.Req.Context()

* Chore: fixes lint issue
2021-02-16 13:00:56 +01:00
Arve Knudsen
d27a72f859
IPv6: Support host address configured with enclosing square brackets (#31226)
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-02-15 17:55:41 +01:00
Agnès Toulet
7f1f559929
Permissions: Fix team and role permissions on folders/dashboards not displayed for non Grafana Admin users (#31132)
* Cfg: fix hidden users initialization

* add tests

* do not call isHiddenUser function for non-user permission

* do not call isHiddenUser function for non-user permission
2021-02-12 16:08:18 +01:00
Domas
5c9a10d423
Logging: sourcemap transform asset urls from CDN in logged stacktraces (#31115) 2021-02-11 11:00:55 +02:00
Agnès Toulet
3303e28b38
Search: add sort information in dashboard results (#30609)
* Search: add SortMeta in dashboard results

* fix integration tests

* trim SortMeta

* fix searchstore tests

* Update pkg/services/sqlstore/dashboard.go

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
2021-02-11 08:49:16 +01:00
Arve Knudsen
b99127be82
PluginManager: Remove some global state (#31081)
* PluginManager: Remove global state

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-02-10 13:31:47 +01:00
Peter Holmberg
aaf5710748
AlertingNG: Edit Alert Definition (#30676)
* break out new and edit

* changed model to match new model in backend

* AlertingNG: API modifications (#30683)

* Fix API consistency

* Change eval alert definition to POST request

* Fix eval endpoint to accept custom now parameter

* Change JSON input property for create/update endpoints

* model adjustments

* set mixed datasource, fix put url

* update snapshots

* remove edit and add landing page

* remove snapshot tests ans snapshots

* wrap linkbutton in array

Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>
Co-authored-by: Sofia Papagiannaki <sofia@grafana.com>
2021-02-04 09:13:02 +01:00
Domas
21817055bd
Logging: sourcemap support for frontend stacktraces (#30590) 2021-02-04 08:37:28 +02:00
Joan López de la Franca Beltran
6415d2802e
Plugins: Requests validator (#30445)
* Introduce PluginRequestValidator abstraction with a NoOp implementation

* Update PluginRequestValidator abstraction to use the dsURL instead

* Inject PluginRequestValidator into the HTTPServer and validate requests going through data source proxy

* Inject PluginRequestValidator into the BackendPluginManager and validate requests going through it

* Validate requests going through QueryMetrics & QueryMetricsV2

* Validate BackendPluginManager health requests

* Fix backend plugins manager tests

* Validate requests going through alerting service

* Fix tests

* fix tests

* goimports

Co-authored-by: Leonard Gram <leo@xlson.com>
2021-02-03 20:47:45 +01:00
Torkel Ödegaard
561a0a2995
CDN: Fix passing correct prefix to GetContentDeliveryURL (#30777) 2021-02-01 11:00:53 +01:00
Torkel Ödegaard
c04bc805b5
CDN: Adds support for serving assets over a CDN (#30691)
* CDN: Initial poc support for serving assets over a CDN

* Minor fix

* added build path and test

* fix lint error

* Added edition to cdn path

* Move master builds to a separate path

* Added error handling for the url parsing, changed setting name, and added docs

* Updated sample.ini

* Some property renames

* updated

* Minor update to html

* index template improvements

* Update docs/sources/administration/configuration.md

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

* Update docs/sources/administration/configuration.md

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

* Added ContentDeliveryPrefix to Licence service

* updated docs

* Updated test mock

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
2021-02-01 10:13:09 +01:00
Marcus Efraimsson
043d6cd584
Backend Plugins: Convert test data source to use SDK contracts (#29916)
Converts the core testdata data source to use the SDK contracts and by that 
implementing a backend plugin in core Grafana in similar manner as an external one.

Co-authored-by: Will Browne <will.browne@grafana.com>
Co-authored-by: Marcus Efraimsson <marefr@users.noreply.github.com>
Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
2021-01-29 18:33:23 +01:00
Marcus Efraimsson
f62eb28f3e
Datasource: Use json-iterator configuration compatible with standard library (#30732)
This will make sure that any map keys in JSON is ordered in /api/ds/query response.
2021-01-29 15:31:19 +01:00
Sofia Papagiannaki
9ada4b6052
Expressions: Add option to disable feature (#30541)
* Expressions: Add option to disable feature

* Apply suggestions from code review

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
2021-01-22 19:27:33 +02:00
Hugo Häggmark
b7b6632a4d
PanelLibrary: adding library panels to Dashboard Api (#30278)
* Wip: First naive impl

* Chore: fix after merge

* Chore: changes after PR comments

* Chore: removes unused types

* Chore: adds feature toggle

* Refactor: adds library panels cleanup and connect when storing dashboards

* Refactor: adds feature toggle

* Update pkg/services/librarypanels/librarypanels.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/services/librarypanels/librarypanels.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Refactor: adds disconnect library panels when deleting a dashboard

* Chore: changes after PR comments

* Tests: adds tests for LoadLibraryPanelsForDashboard

* Tests: adds tests for CleanLibraryPanelsForDashboard

* Tests: adds tests for ConnectLibraryPanelsForDashboard

* Tests: adds tests for DisconnectLibraryPanelsForDashboard and small refactor

* Update pkg/services/librarypanels/librarypanels_test.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/services/librarypanels/librarypanels_test.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/services/librarypanels/librarypanels_test.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/services/librarypanels/librarypanels_test.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Refactor: deletes all connections in one call and connects all in the same transaction

* Chore: adds better comments

* Chore: changes after PR comments

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-01-20 09:28:10 +01:00
Kyle Brandt
d4edcd1838
Expressions: Remove feature toggle (#30316)
* Expressions: remove feature toggle, add experimental badge
* Make button only show for backend and mixed data sources

Co-authored-by: Peter Holmberg <peter.hlmbrg@gmail.com>
Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
2021-01-19 14:18:06 -05:00
Agnès Toulet
2a70c73025
Auth: add expired token error and update CreateToken function (#30203)
* Auth: add error for expired token

* Auth: save token error into context data

* Auth: send full user and req context to CreateToken

* Auth: add token ID in context

* add TokenExpiredError struct

* update auth tests

* remove most of the changes to CreateToken func

* clean up

* Login: add requestURI in CreateToken ctx

* update RequestURIKey comment
2021-01-19 17:55:53 +01:00
Hugo Häggmark
3d41267fc4
Chore: Moves common and response into separate packages (#30298)
* Chore: moves common and response into separate packages

* Chore: moves common and response into separate packages

* Update pkg/api/utils/common.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Chore: changes after PR comments

* Chore: move wrap to routing package

* Chore: move functions in common to response package

* Chore: move functions in common to response package

* Chore: formats imports

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-01-15 14:43:20 +01:00
Kyle Brandt
1c1a800bc0
API: Add by UID routes for data sources (#29884)
- also add Get by UID+OrgID to datasource cache
- Refactor backend commands for Delete and Get to be unified
2021-01-13 13:16:27 -05:00
Arve Knudsen
0e2f1fe3f5
Metrics API: Use jsoniter for JSON encoding (#30250)
* QueryMetricsV2: Stream response

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* API: Use jsoniter instead of standard JSON package

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-01-13 15:20:25 +01:00
Arve Knudsen
50b649a869
Middleware: Add CSP support (#29740)
* Middleware: Add support for CSP

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

Co-authored by @iOrcohen
2021-01-12 07:42:32 +01:00
Torkel Ödegaard
ba158e72df
GraphNG: Minor polish & updates to new time series panel and move it from alpha to beta (#30163)
* GraphNG: Minor polish & updates to new time series panel

* Fixed gradient default

* Updated snapshot
2021-01-10 17:41:20 +01:00
Arve Knudsen
25048ebdf8
Chore: Add CloudWatch HTTP API tests (#29691)
* CloudWatch: Add HTTP API tests

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-01-07 11:36:13 +01:00
ying-jeanne
388d00873f
[dashboard api] manage error when data in dashboard table is not valid json (#29999)
* retrieve dashboard api

* Apply suggestions from code review

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/api/dashboard.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-01-04 14:41:17 +01:00
ying-jeanne
375e8e4fd0
SQLStore: customise the limit of retrieved datasources per organisation (#29358)
* SQLStore: customise the limit of retrieved datasources per organisation

* update all suggestions regarding nil or 0 as default

* Apply suggestions from code review

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>

* correct default.ini description + adding unittest

* Apply suggestions from code review

Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>

* modify unittest name

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>
2020-12-28 12:24:42 +01:00
Arve Knudsen
216b6b01f4
RedirectResponse: Implement all of api.Response (#29946)
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-12-21 13:44:22 +01:00
Hugo Häggmark
433b861093
PanelLibrary: Adds get and getAll to the api (#29772)
* PanelLibrary: Adds get to the API

* Refactor: adds tests for get and getAll and cleans up other tests

* Refactor: changed name on DTO

* Update pkg/services/librarypanels/api.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/services/librarypanels/database.go
2020-12-21 09:40:27 +01:00
Emil Hessman
e598c9e6d9
Chore: Remove duplicate interpolateString test (#29941) 2020-12-21 07:53:31 +01:00
Arve Knudsen
dd2d206d99
Backend: Remove more globals (#29644)
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-12-15 19:09:04 +01:00
Arve Knudsen
c2cad26ca9
Chore: Disable default golangci-lint filter (#29751)
* Disable default golangci-lint filter

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Chore: Fix linter warnings

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-12-15 09:32:06 +01:00
Arve Knudsen
ac09baae7d
Chore: Use Header.Set method instead of Header.Add (#29804)
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-12-14 15:13:01 +01:00
Peter Holmberg
6118ab415d
Alerting: Next gen Alerting page (#28397)
* create page and sidebar entry

* add components for query editor and definition

* split pane things

* add reducer and action

* implement split pane and update ui actions

* making things pretty

* Unify toolbar

* minor tweak to title prefix and some padding

* can create definitions

* fix default state

* add notificaion channel

* add wrappers to get correct spacing between panes

* include or exclude description

* implement query editor

* start on query result component

* update from master

* some cleanup and remove expressions touch ups

Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
2020-12-11 14:49:14 +01:00
Will Browne
a515c54404
Plugins: Add support for signature manifest V2 (#29240)
* add support for signing manifest v2

* add log and fix var name

* shorten comment

* improve comment

* remove unnecessary param

* improve naming

* reformat

* rename var

* refactor test

* remove unnecessary assert

* simplify test requirements

* add more test cases

* address feedback

* revert naming

* flip tracking missing

* fix check

* Trigger Build
2020-12-11 12:57:57 +01:00
Arve Knudsen
12661e8a9d
Move middleware context handler logic to service (#29605)
* middleware: Move context handler to own service

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

Co-authored-by: Emil Tullsted <sakjur@users.noreply.github.com>
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
2020-12-11 11:44:44 +01:00
Arve Knudsen
8b21290164
Chore: Disable gosec on certain line (#29382)
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-12-10 11:53:21 +01:00
Domas
70d68c156d
Logging: log frontend errors caught by ErrorBoundary, including component stack (#29345)
* log component stack on error boundary

* test for error boundary

* PR feedback fixes
2020-12-10 10:50:37 +01:00
Domas
7d9a528184
Logging: rate limit fronted logging endpoint (#29272)
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
2020-12-09 16:22:24 +01:00
Agnès Toulet
924212b42b
API: add Status() to RedirectResponse (#29722) 2020-12-09 15:08:53 +01:00
Hugo Häggmark
941ba1d2f7
PanelLibrary: Adds api and db to create Library/Shared/Reusable Panel (#29642)
* PanelLibrary: Adds panellib table

* Refactor: removes drop table migration

* Refactor: fixes spelling mistake

* Refactor: changes after PR comments

* Refactor: some more renames

* PanelLibrary: Adds api and db to create Library/Shared/Reusable Panel

* Refactor: reverts SqlStore change and uses RegisterOverride instead

* Refactor: fixes lint error

* Refactor: fixes imports

* Refactor: reverts unintentional changes

* Refactor: Adds repository

* Revert "Refactor: Adds repository"

This reverts commit 4c46e8a6c4.

* Refactor: changes after PR comments

* Refactor: Simplfies further

* Chore: fixes linting

* Chore: Changes after PR comments

* Update pkg/services/librarypanels/api.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Chore: fixes import after commited suggestion

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-12-09 13:10:18 +01:00
Tania B
c869ae5791
Support svg embedded favicons in whitelabeling (#29436)
* Fix favicon embedding in whitelabeling

* Fix formatting
2020-12-07 12:23:53 +02:00
Agnès Toulet
d92beeee3d
API: add ID to snapshot API responses (#29600)
* API: add ID to snapshot API responses

* API: update snapshot tests
2020-12-04 16:22:58 +01:00
Torkel Ödegaard
3d6380a0aa
QueryGroup & DataSourceSrv & DataSourcePicker changes simplify usage, error handling and reduce duplication, support for uid (#29542)
* Starting moving more stuff into data source picker

* WIP progress

* Progress on datasource picker rethink

* Things are working now some details to figure out

* Removed commented part

* Complex work on getting data source lists

* Fixed variable support showing correct data sources

* Tried fixing dashboard import but failed

* Fixes

* Fixed import dashboard

* Fixed unit test

* Fixed explore test

* Fixed test

* Fix

* fixed more tests

* fixed more tests

* fixed showing which option is default in picker

* Changed query variable to use data source picker, updated tests and e2e

* Fixed more tests

* Updated snapshots, had wrong typescript version
2020-12-04 14:24:55 +01:00
Arve Knudsen
f326b79cc1
Security: Add gosec G304 auditing annotations (#29578)
* Security: Add gosec G304 auditing annotations

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* add G304 auditing comment

Signed-off-by: bergquist <carl.bergquist@gmail.com>

* add G304 auditing comment

Signed-off-by: bergquist <carl.bergquist@gmail.com>

* add G304 auditing comment

Signed-off-by: bergquist <carl.bergquist@gmail.com>

* add G304 auditing comment

Signed-off-by: bergquist <carl.bergquist@gmail.com>

* add G304 auditing comment

Signed-off-by: bergquist <carl.bergquist@gmail.com>

* add G304 auditing comment

Signed-off-by: bergquist <carl.bergquist@gmail.com>

* add G304 auditing comment

Signed-off-by: bergquist <carl.bergquist@gmail.com>

* add G304 auditing comment

Signed-off-by: bergquist <carl.bergquist@gmail.com>

* Add gosec annotations

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* add G304 auditing comment

Signed-off-by: bergquist <carl.bergquist@gmail.com>

* add G304 auditing comment

Signed-off-by: bergquist <carl.bergquist@gmail.com>

* Add gosec annotations

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* add G304 auditing comment

Signed-off-by: bergquist <carl.bergquist@gmail.com>

* add G304 auditing comment

Signed-off-by: bergquist <carl.bergquist@gmail.com>

* add G304 auditing comment

Signed-off-by: bergquist <carl.bergquist@gmail.com>

* Add gosec annotations

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* space

Signed-off-by: bergquist <carl.bergquist@gmail.com>

* Add gosec annotations

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

Co-authored-by: bergquist <carl.bergquist@gmail.com>
2020-12-03 22:13:06 +01:00
Arve Knudsen
f2b7fbc32a
Chore: Check errors from Close calls (#29562)
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-12-03 10:11:14 +01:00
Jack Westbrook
aa70a38391
Dashboards: hide playlist edit functionality from viewers and snapshots link from unauthenticated users (#28992)
* feat: hide snapshots menu item from viewers

* feat(playlists): prevent viewers from creating/editing playlists

* feat: prevent viewers seeing playlist nav link if no playlists

* refactor(playlist): rename isViewer property to canEditPlaylists

* revert(playlists): put back note if viewer and no playlists

* refactor(snapshots): consider admin/editor permission in folders/dashboards for displaying menu item

* feat(snapshots): only show snapshot nav item if user is signed in

* fix(snapshots): revert snapshots to previous state if delete snapshot api error
2020-12-02 15:51:22 +01:00
Carl Bergquist
4edb1364e9
fixes bug with invalid handler name for metrics (#29529)
closes https://github.com/grafana/grafana/issues/29487

Signed-off-by: bergquist <carl.bergquist@gmail.com>
2020-12-02 13:42:17 +01:00
Carl Bergquist
b7aa6fed1d
Instrumentation: Add examplars for request histograms (#29357)
Signed-off-by: bergquist <carl.bergquist@gmail.com>
2020-12-01 15:04:59 +01:00
Arve Knudsen
f55818ca70
Chore: Enable exhaustive linter (#29458)
* Chore: Enable exhaustive linter

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-12-01 09:53:27 +01:00
Carl Bergquist
cffc1b13ad
adds tracing for all bus calls that passes ctx (#29434)
Signed-off-by: bergquist <carl.bergquist@gmail.com>
2020-11-27 14:58:45 +01:00
Joan López de la Franca Beltran
c22a39ab2d
Plugins: Add support for includes' icon (#29416)
* Plugins: Add support for includes' icon

* Docs: Add plugin includes' icon reference
2020-11-27 10:48:37 +01:00
Carl Bergquist
bec3fbea47
remove insecure cipher suit as default option (#29378)
G402 (CWE-295):  TLS Bad Cipher Suite  TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA

Signed-off-by: bergquist <carl.bergquist@gmail.com>
2020-11-26 12:22:50 +01:00
Carl Bergquist
aebe8985c5
prefer server cipher suites (#29379)
G402 (CWE-295):  TLS PreferServerCipherSuites set false.

Signed-off-by: bergquist <carl.bergquist@gmail.com>
2020-11-25 14:56:34 +01:00
taciomcosta
10ff4eecef
Backend: fix IPv6 address parsing erroneous (#28585)
* Backend: Fix parsing of client IP address

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-11-25 07:55:22 +01:00
Agnès Toulet
22788d1d86
Add an option to hide certain users in the UI (#28942)
* Add an option to hide certain users in the UI

* revert changes for admin users routes

* fix sqlstore function name

* Improve slice management

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>

* Hidden users: convert slice to map

* filter with user logins instead of IDs

* put HiddenUsers in Cfg struct

* hide hidden users from dashboards/folders permissions list

* Update conf/defaults.ini

Co-authored-by: Torkel Ödegaard <torkel@grafana.com>

* fix params order

* fix tests

* fix dashboard/folder update with hidden user

* add team tests

* add dashboard and folder permissions tests

* fixes after merge

* fix tests

* API: add test for org users endpoints

* update hidden users management for dashboard / folder permissions

* improve dashboard / folder permissions tests

* fixes after merge

* Guardian: add hidden acl tests

* API: add team members tests

* fix team sql syntax for postgres

* api tests update

* fix linter error

* fix tests errors after merge

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
Co-authored-by: Leonard Gram <leo@xlson.com>
2020-11-24 12:10:32 +01:00
Torkel Ödegaard
763e958d9d
Login: Fixes redirect url encoding issues of # %23 being unencoded after login (#29299) 2020-11-24 07:27:08 +01:00
Carl Bergquist
702cb90846
make it possible to hide change password link in profile menu (#29246)
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
2020-11-20 17:01:10 +01:00
Arve Knudsen
294770f411
Chore: Handle wrapped errors (#29223)
* Chore: Handle wrapped errors

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
2020-11-19 13:34:28 +01:00
Kyle Brandt
0cb29d337a
Expressions: Move GEL into core as expressions (#29072)
* comes from grafana/gel-app
* remove transform plugin code
* move __expr__ and -100 constants to expr pkg
* set OrgID on request plugin context
* use gtime for resample duration
* in resample, rename "rule" to "window", use gtime for duration, parse duration before exec
* remove gel entry from plugins-bundled/external.json
which creates an empty array for plugins
2020-11-19 07:17:00 -05:00
Arve Knudsen
006868339d
Backend: Fix build (#29206)
* Backend: Fix build

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-11-18 16:16:58 +01:00
Will Browne
2939caf9a2
Permissions: Validate against Team/User permission role update (#29101)
* validate against role field update

* lowercase error string

* make all msgs consistent style

* fix wording

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* sayonara simple json

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-11-18 15:36:41 +01:00
Carl Bergquist
15a6508d4a
trace user login and datasource name instead of id (#29183)
id's are not very helpful when debugging a system.

Signed-off-by: bergquist <carl.bergquist@gmail.com>
2020-11-18 09:21:45 +01:00
Arve Knudsen
52c154a221
Backend: Rename variables for style conformance (#29097)
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-11-17 17:09:14 +01:00
Arve Knudsen
4dd7b7a82d
Chore: Remove unused Go code (#28852)
* Chore: Remove more unused Go code

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-11-17 11:51:31 +01:00
Arve Knudsen
8c765e8068
API: Rewrite tests from goconvey (#29091)
* API: Rewrite tests from goconvey

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix test

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix tests

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-11-17 11:31:35 +01:00
Victor Cinaglia
967e9b39e8
Fix panic when using complex dynamic URLs in app plugin routes (#27977)
* remove unused function to interpolate URLs

* share function to add headers between ds/plugin proxies

* stop performing unnecessary plugin setting lookup

* fix bug causing runtime errors when using complex templated URLs

* lower case util functions not used outside of pluginproxy package

* change test URL to a (valid) dummy URL to make intent clearer

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-11-17 10:56:42 +01:00
Arve Knudsen
fbf0d2c086
Plugin proxy: Handle URL parsing errors (#29093)
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-11-13 19:38:09 +01:00
Arve Knudsen
e503188b6f
Data source proxy: Convert 401 from data source to 400 (#28962)
* Data source proxy: Convert 401 from data source to 400

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-11-13 13:21:43 +01:00
Arve Knudsen
cb62e69997
Chore: Convert API tests to standard Go lib (#29009)
* Chore: Convert tests to standard Go lib

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
2020-11-13 09:52:38 +01:00
Sofia Papagiannaki
43f580c299
AlertingNG: manage and evaluate alert definitions via the API (#28377)
* Alerting NG: prototype v2 (WIP)

* Separate eval package

* Modify eval alert definition endpoint

* Disable migration if ngalert is not enabled

* Remove premature test

* Fix lint issues

* Delete obsolete struct

* Apply suggestions from code review

* Update pkg/services/ngalert/ngalert.go

Co-authored-by: Kyle Brandt <kyle@grafana.com>

* Add API endpoint for listing alert definitions

* Introduce index for alert_definition table

* make ds object for expression to avoid panic

* wrap error

* Update pkg/services/ngalert/eval/eval.go

* Swith to backend.DataQuery

* Export TransformWrapper callback

* Fix lint issues

* Update pkg/services/ngalert/ngalert.go

Co-authored-by: Kyle Brandt <kyle@grafana.com>

* Validate alert definitions before storing them

* Introduce AlertQuery

* Add test

* Add QueryType in AlertQuery

* Accept only float64 (seconds) durations

* Apply suggestions from code review

* Get rid of bus

* Do not export symbols

* Fix failing test

* Fix failure due to service initialization order

Introduce MediumHigh service priority and assign it to backendplugin
service

* Fix test

* Apply suggestions from code review

* Fix renamed reference

Co-authored-by: Kyle Brandt <kyle@grafana.com>
2020-11-12 15:11:30 +02:00
Domas
76df096791
Logging: Log frontend errors (#28073)
* basic frontend  Sentry integration

* backend endpoint to capture sentry events

* WIP!

* log user email for frontend logs

* remove debug logging

* lint fixes

* Fix type exports & property names

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* additional struct naming fix

* rename log endpoint, config section & interface

* add sentry sample rate to config

* refac to use EchoSrv

* log user id

* backend tests

* tests for SentryEchoBackend

* sentry echo backend tests

* CustomEndpointTransport tests

* Update pkg/api/frontend_logging_test.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update conf/defaults.ini

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/api/frontend_logging_test.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* don't export unnecesasrily

* update go.sum

* get rid of Convey in tests, use stdlib

* add sentry config to sample.ini

* cleanup to set orig logging handler in test

* Apply suggestions from code review

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* PR feedback changes

* lock sentry version

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-11-12 12:29:43 +01:00
Arve Knudsen
b5379c5335
Chore: Fix SQL related Go variable naming (#28887)
* Chore: Fix variable naming

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-11-11 06:21:08 +01:00
kay delaney
b2dcf06b60
Backend: Adds route for well-known change password URL (#28788)
* Backend: Adds route for well-known change password URL

* Include 'dashboard/new' in backend routes

* Move index route handler registration out of "not logged in views" section

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-11-10 22:36:35 +00:00
Agnès Toulet
2c246276fd
API: replace SendLoginLogCommand with LoginHook (#28777)
* API: replace SendLoginLogCommand with LoginHook

* LoginInfo: Query -> LoginUsername
2020-11-06 10:01:13 +01:00
Arve Knudsen
676d393ec9
Chore: Fix issues reported by staticcheck; enable stylecheck linter (#28866)
* Chore: Fix issues reported by staticcheck

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Apply suggestions from code review

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
2020-11-05 15:37:11 +01:00
Arve Knudsen
3d3a7cbba8
Chore: Fix staticcheck issues (#28860)
* Chore: Fix issues reported by staticcheck

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Undo changes

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Chore: Fix issues reported by staticcheck

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix test

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix test

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-11-05 13:07:06 +01:00
Arve Knudsen
7897c6b7d5
Chore: Fix staticcheck issues (#28854)
* Chore: Fix issues reported by staticcheck

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Undo changes

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-11-05 11:57:20 +01:00
Alex Khomenko
9b90ff2961
Disable selecting enterprise plugins with no license (#28758)
* Add unlicensed property to plugins

* Disable selecting unlicensed plugin

* Add customizable plugin market place url

* License: workaround enabled only in enterprise

* linter

* Move licensing info to front end

* Update pkg/services/licensing/oss.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/services/licensing/oss.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/setting/setting.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/setting/setting.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/api/frontendsettings.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update sample.ini

* Update docs

* Update packages/grafana-runtime/src/config.ts

Co-authored-by: Torkel Ödegaard <torkel@grafana.org>

* Update public/app/features/datasources/state/buildCategories.ts

Co-authored-by: Torkel Ödegaard <torkel@grafana.org>

* Update pkg/api/frontendsettings.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/setting/setting.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix spelling

Co-authored-by: Leonard Gram <leo@xlson.com>
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
Co-authored-by: Torkel Ödegaard <torkel@grafana.org>
2020-11-05 12:55:40 +02:00
Arve Knudsen
574553ec7b
Chore: Fix issues found by staticcheck (#28802)
* Fix linting issues

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-11-05 11:29:39 +01:00
Arve Knudsen
dff84f6a31
Chore: Remove dead code (#28664)
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-11-05 11:00:00 +01:00
Torkel Ödegaard
5fcff1a4c7
Provisioning: Fixed problem with getting started panel being added to custom home dashboard (#28750)
* Provisioning: Fixed problem with getting started panel being added to custom home dashboard

* Fixed comment

* Update pkg/api/dashboard.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-11-02 16:12:22 +01:00
kay delaney
c4c5b2dc61
CloudWatch Logs queue and websocket support (#28176)
CloudWatch Logs queue and websocket support
2020-10-28 08:36:57 +00:00
Marcus Efraimsson
60d40fa99b
Short URL: Update last seen at when visiting a short URL (#28565)
Ref #28248

Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>
2020-10-27 16:16:06 +01:00
Agnès Toulet
65b5086a59
API: add login username in SendLoginLogCommand (#28544)
* API: add login username in Login actions

* LoginUser -> LoginUsername

* fix test
2020-10-26 15:47:01 +01:00
Bill Oley
b3a868169b
OAuth: Support Forward OAuth Identity for backend data source plugins (#27055)
Adds support for the Forward OAuth Identity feature in backend data source plugins. 
Earlier this feature has only been supported for non-backend data source plugins.

Fixes #26023

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
2020-10-24 01:34:38 +02:00
Will Browne
1bee9f4168
Plugins: Track plugin signing errors and expose them to the frontend (#28219)
* first pass

* return list

* types and cleanup

* add to plugin page and add styles

* update comment

* update comment

* fix component path

* simplify error component

* simplify error struct

* fix tests

* don't export and fix string()

* update naming

* remove frontend

* introduce phantom loader

* track single error

* remove error from base

* remove unused struct

* remove unnecessary filter

* add errors endpoint

* Update set log to use id field

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* skip adding BE plugins

* remove errs from plugin + ds list

* remove unnecessary fields

* add signature state to panels

* remove unused code

* apply PR feedback

* update comment

* merge dto with model

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-10-23 16:45:43 +02:00
Arve Knudsen
077eab1b24
Chore: Use net.JoinHostPort (#28421)
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-10-22 07:34:26 +02:00
Arve Knudsen
4084b53f91
plugins: Don't exit on duplicate plugin (#28390)
* plugins: Don't exit on duplicate plugin

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Add missing files

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix test

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-10-21 12:39:41 +02:00
Emil Hessman
13e67660f5
API: Query database from /api/health endpoint (#28349) 2020-10-21 11:06:19 +02:00
jgulick48
5bc6c447e3
Alerting: Return proper status code when trying to create alert notification channel with duplicate name or uid (#28043)
* Alerting: Return proper status code when trying to create an Alert Notification where the name or UID already exists.

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-10-20 13:53:48 +02:00
Alexander Zobnin
d13c6b4c5a
OAuth: Able to skip auto login (#28357)
* OAuth: able to skip auto login

* OAuth: tests for internal login param

* OAuth: rename internal -> disableAutoLogin

* OAuth: update log message

* OAuth: fix tests
2020-10-20 14:51:06 +03:00
Arve Knudsen
89d10c706a
Plugins: Compose filesystem paths with filepath.Join (#28375)
* plugins: Fix filesystem path composition

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* plugins: Use filepath.Join to join filesystem paths

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-10-19 17:35:31 +02:00
Kyle Brandt
44a795cb17
AlertingNG: remove warn/crit from eval prototype (#28334)
and misc cleanup
2020-10-16 12:33:57 -04:00
Arve Knudsen
a2c7c5b912
API: Fix short URLs (#28300)
* API: Fix short URLs

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-10-16 09:22:24 +02:00
Pete Davids
65940c7726
Dashboard: Allow shortlink generation (#27409)
* intial frontend resolution/redirection logic

* backend scaffolding

* enough of the frontend to actually test end to end

* bugfixes

* add tests

* cleanup

* explore too hard for now

* fix build

* Docs: add docs

* FE test

* redirect directly from backend

* validate incoming uids

* add last_seen_at

* format documentation

* more documentation feedback

* very shaky migration of get route to middleware

* persist unix timestamps

* add id, orgId to table

* fixes for orgId scoping

* whoops forgot the middleware

* only redirect to absolute URLs under the AppUrl domain

* move lookup route to /goto/:uid, stop manually setting 404 response code

* renaming things according to PR feedback

* tricky deletion

* sneaky readd

* fix test

* more BE renaming

* FE updates -- no more @ts-ignore hacking :) and accounting for subpath

* Simplify code

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Short URLs: Drop usage of bus

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* ShortURLService: Make injectable

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Rename file

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Add handling of url parsing and creating of full shortURL to backend

* Update test, remove unused imports

* Update pkg/api/short_urls.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Add correct import

* Pass context to short url service

* Remove not needed error log

* Rename dto and field to denote URL rather than path

* Update api docs based on feedback/suggestion

* Rename files to singular

* Revert to send relative path to backend

* Fixes after review

* Return dto when creating short URL that includes the full url

Use full url to provide shorten URL to the user

* Fix after review

* Fix relative url path when creating new short url

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
Co-authored-by: Ivana <ivana.huckova@gmail.com>
Co-authored-by: Ivana Huckova <30407135+ivanahuckova@users.noreply.github.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
2020-10-14 12:48:48 +02:00
Will Browne
ef22ff7315
Snapshots: Store dashboard data encrypted in the database (#28129)
* end 2 end

* fix import

* refactor

* introduce securedata

* check err

* use testify instead of convey

* cleanup test

* cleanup test

* blob time

* rename funcs
2020-10-13 10:19:42 +02:00
Sofia Papagiannaki
4acbcd7053
AlertingNG: POC of evaluator under feature flag. (#27922)
* New feature toggle for enabling alerting NG

* Initial commit

* Modify evaluate alert API request

* Check for unique labels in alert execution result dataframes

* Remove print statement

* Additional minor fixes/comments

* Fix lint issues

* Add API endpoint for evaluating panel queries

* Push missing renaming

* add refId for condition to API

* add refId for condition to API

* switch dashboard based eval to get method

* add from/to params to dashboard based eval

* add from/to params to  eval endpoint

Co-authored-by: kyle <kyle@grafana.com>
2020-10-12 21:51:39 +03:00
Ryan McKinley
2567e5202a
Live: remove admin pages, add alpha panel (#28101) 2020-10-08 08:42:15 -07:00
Alexander Zobnin
b55a51e270
SAML Single Logout (#27995)
* SAML: single logout WIP

* SAML: sign SAML requests

* SAML: remove unnecessary logs

* fix go mod file

* Docs: Single Logout

* SAML: use api endpoint for single logout

* Apply suggestions from code review

Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>

* SAML: save context for single logout

* Chore: add SAML dependencies

Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
2020-10-08 17:42:55 +03:00
Will Browne
7d63b2c473
Auth: Add Sigv4 auth option to datasources (#27552)
* create transport chain

* add frontend

* remove log

* inline field updates

* allow ARN, Credentials + Keys auth in frontend

* configure credentials

* add tests and refactor

* update frontend json field names

* fix tests

* fix comment

* add app config flag

* refactor tests

* add return field for tests

* add flag for UI display

* update comment

* move logic

* fix config

* pass config through props

* update docs

* pr feedback and add docs coverage

* shorten settings filename

* fix imports

* revert docs changes

* remove log line

* wrap up next as round tripper

* only propagate required config

* remove unused import

* remove ARN option and replace with default chain

* make ARN role assume as supplemental

* update docs

* refactor flow

* sign body when necessary

* remove unnecessary wrapper

* remove newline

* Apply suggestions from code review

* PR fixes

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-10-08 10:03:20 +02:00
Ryan McKinley
726bb4477b
Live: cleanup and simple changes (#28028) 2020-10-04 23:53:52 -07:00
Arve Knudsen
a078e40238
Settings: Rename constants/variables to follow Go naming standards (#28002)
* settings: Rename constants/variables to follow Go naming standards
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-10-02 15:45:45 +02:00
Carl Bergquist
a28a2fba51
healthchecks should work regardless domain (#27981) 2020-10-02 07:14:26 +02:00
Ryan McKinley
8a5fc00330
Live: broadcast events when dashboard is saved (#27583)
Co-authored-by: kay delaney <45561153+kaydelaney@users.noreply.github.com>
Co-authored-by: Torkel Ödegaard <torkel@grafana.org>
2020-10-01 10:46:14 -07:00
Ryan McKinley
93a01eb1d9
Live: improved channel state (#27672) 2020-09-23 08:02:01 -07:00
Arve Knudsen
a5d9196a53
Chore/fix lint issues (#27704)
* Chore: Fix linting issues

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-09-22 16:22:19 +02:00
Domas
564d7ecea7
DataProxy: Ignore empty URL's in plugin routes (#27653)
This adds a check to see if plugin route URL is empty, and in such case 
does not modify request schema and host of the request to be proxied.
This behavior is now the same as in the plugin proxy.
2020-09-18 13:22:07 +02:00
Carl Bergquist
6dc73a6712
add /healthz endpoint (#27536)
kuberentes (and Im sure other orchastrators does as well) support two
kind of checks. readiness checks and liveness checks. Grafanas current
`/api/health` endpoint requires database access which might not
always be required for the instance to be considered active.
2020-09-18 13:03:18 +02:00
Hansuuuuuuuuuu
8d971ab2f2
Auth: Replace maximum inactive/lifetime settings of days to duration (#27150)
Allows login_maximum_inactive_lifetime_duration and 
login_maximum_lifetime_duration to be configured using 
time.Duration-compatible values while retaining backward compatibility.

Fixes #17554

Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
2020-09-14 15:57:38 +02:00
Agnès Toulet
eb970a4985
Org API: enrich add user to org endpoints with user ID in the response (#27551) 2020-09-14 08:58:23 +02:00
Agnès Toulet
0c4b7d3f5d
Alerting API: send 404 not found error and enrich delete with UID endpoint response with alert notification ID (#27550)
* Alerting API: Send back 404 not found error for update and delete endpoints

* Alerting API: send back alert notification id for delete with uid endpoint
2020-09-11 18:04:43 +02:00
Bill Oley
19caa100dc
OAuth: Fix token refresh failure when custom SSL settings are configured for OAuth provider (#27523)
OAuth token refresh fails when custom SSL settings are configured for 
oauth provider. These changes makes sure that custom SSL settings 
are applied for HTTP client before refreshing token.

Fixes #27514
2020-09-11 17:25:03 +02:00
Marcus Efraimsson
1983de962c
BootData: Fix nav tree sort regression (#27533)
#26395 introduced a regression regarding sort order of nav tree
items set in Grafana boot data and used for rendering the sidemenu.
This fixes so that sort happens after RunIndexDataHooks is called
in case the hook make changes to the nav tree.
2020-09-11 15:17:41 +02:00
Arve Knudsen
4b1eb6e5c7
Chore: Enable gocyclo linter (#26395)
* Chore: Enable gocyclo linter

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* API: Fix linting issue

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* API: Refactor to reduce complexity

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix type assertion

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-09-07 22:10:06 +02:00
Kamal Galrani
f6c31c2e10
Fixes signup workflow and UI (#26263)
* fixes signup flow

* Apply suggestions from code review

Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com>

* Update ForgottenPassword.tsx

* fixes build failure

* fixes build failure

Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com>
2020-09-07 18:24:46 +03:00
Agnès Toulet
6dd109b927
API: return resource ID for auth key creation, folder permissions update and user invite complete endpoints (#27419)
* API: add ID to auth key and folder endpoints

* API: add test for folder permissions update

* API: add created user id for /invite/complete endpoint
2020-09-07 17:06:11 +02:00
Torkel Ödegaard
61bd33c241
System: Date formating options (#27216)
* Add support for local time formats in graph panel

* Enfore 24h format for backward compatibility

* Use existing Intl.DateTimeFormatOptions

* Pre-generate time scale, add tests

* Move localTimeFormat, add local format to units

* updated default fallback

* #25602, use navigator.languages to enforce locale in formatting

* Making options

* Worked new system settings

* things are working

* Local browser time formats working

* Support parsing dates in different formats

* settings updated

* Settings starting to work

* Fixed graph issue

* Logs fix

* refactored settings a bit

* Updated and name change

* Progress

* Changed config names

* Updated

* Updated

* Updated test

* Synced description

* fixed ts issue

* Added version notice

* Ts fix

* Updated heatmap and test

* Updated snapshot

* Updated

* fixed ts issue

* Fixes

Co-authored-by: Alex Shpak <alex-shpak@users.noreply.github.com>
2020-09-07 16:19:33 +02:00
Agnès Toulet
a9daaadd50
API: send Login actions (#27249)
* API: first version to send events about login actions

* API: improve login actions events

* Login: update auth test with new behavior

* Login: update auth test for auth module

* Login OAuth: improve functions structure

* API: make struct public to use for saml

* API: add send login log tests for grafana and ldap login

* API: remove log from tests

* Login API: fix test linting

* Update pkg/api/login_oauth.go

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>

* Login API: refactor using defer

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
2020-09-04 14:54:59 +02:00
Arve Knudsen
d53fe64913
Server: Support custom TCP listener (#27066)
* Server: Support custom TCP listener

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-08-21 10:41:10 +02:00
Hugo Häggmark
9e357d84a4
BackendSrv: Queues data source requests but passes through api requests (#26947)
* Refactor: initial commit

* wip

* Refactor: getting into a simpler model

* Refactor: adds some comments

* Refactor: renames statuses according to PR comments

* Refactor: adds more comments

* Tests: adds tests for FetchQueue

* Tests: adds tests for ResponseQueue

* Tests: adds tests for FetchQueueWorker

* Tests: simplified the tests for ResponseQueue

* Refactor: adds http2 scenario

* Refactor: using Cfg instead of global variable

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Refactor: reverted change in frontendsettings.go

* Tests: fix test mocks

* Fix: changes how cfg.Protocol gets its value

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-08-20 11:32:10 +02:00
Arve Knudsen
a2fbffe48a
Server: Add health check route (#26999)
* Server: Add health check route

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Server: Remove health check middleware

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-08-18 14:58:08 +02:00
Sean Lafferty
900eb8070e
Proxy: Fix updating refresh token in OAuth pass-thru (#26885)
* Handle updating refresh token in oauth pass-thru

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-08-17 18:38:32 +02:00
Emil Tullstedt
b68634fbb4
Tests: Batch of GoConvey to Testify conversions (#27008) 2020-08-14 14:43:25 +02:00
Sofia Papagiannaki
7ad1e3663c
Playlists: Remove API validation for empty playlists and remove redundant API call (#26982)
* Remove validation from empty playlists

* Remove redundant API call

Frontend used to call /api/playlists/:id/items directly after /api/playlists/:id but items are already included in the first response
2020-08-14 11:59:50 +03:00
Joan López de la Franca Beltran
ef631582ba
Users: Improve conflict error handling (#26958)
* API: Improve error handling (#26934)

* New ErrUserAlreadyExists error has been introduced

* Create user endpoint returns 412 Precondition Failed on ErrUserAlreadyExists errors

* Make ErrUserAlreadyExists error message clearer

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>

* Use errors.Is instead of equality comparator on AdminCreateUser handler

* Improve sqlstore/user test definition

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Improve sqlstore/user tests for ErrUserAlreadyExists cases

* Remove no needed string fmt and err declaration on sqlstore/user tests

* Code improvements for sqlstore/user tests

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Use err.Error() instead of sentinel error value on AdminCreateUser

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Add ErrUserAlreadyExists handling for signup & org invite use cases

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-08-13 14:38:54 +02:00
Arve Knudsen
1698c74ec1
Chore: Fix tests for Go 1.15 (#26957)
* Chore: Fix tests for Go 1.15
2020-08-12 17:45:03 +02:00
Benjamin Blattberg
3403db190d
API: Support paging in the admin orgs list API (#26932)
* Add page/limit to org search

* Update docs

* Fix test per PR feedback
2020-08-12 10:59:07 +03:00
Arve Knudsen
7589b1b517
OAuth: Refactor user syncing (#26721)
* OAuth: Refactor user syncing

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Don't ignore error

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-07-31 20:29:27 +02:00
Arve Knudsen
5a6afd9096
OAuth: Add some debug logs (#26716)
* OAuth: Add some debug logs

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-07-31 09:41:13 +02:00
Agnès Toulet
8dc75f79f7
API: Enrich endpoints with ID (#26691) 2020-07-31 08:22:09 +02:00
Agnès Toulet
7a5464fe10
Chore: use Wrap for all admin API (#26673)
* Chore: use Wrap for all admin API

* API: fix admin tests
2020-07-29 18:00:14 +02:00
Ryan McKinley
339138d61a
Live: include a streaming event manager (#26537) 2020-07-27 00:26:16 -07:00
Torkel Ödegaard
3defb4441e
Settings: Remove global variable (#26613) 2020-07-26 23:36:36 -07:00
Arve Knudsen
94d0934e90
CloudWatch: Fix a few API status codes (#26578)
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-07-24 12:34:56 +02:00
Agnès Toulet
1ba95183f6
HTTPServer: add possibility to use additional middlewares (#26514) 2020-07-23 09:54:07 +02:00
Arve Knudsen
3a8854b1b9
API: Recognize dashboard errors when saving a folder (#26499)
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-07-23 08:15:47 +02:00
Arve Knudsen
4c56eb3991
Chore: Enable goprintffuncname and nakedret linters (#26376)
* Chore: Enable goprintffuncname linter
* Chore: Enable nakedret linter

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-07-23 08:14:39 +02:00
gastonqiu
f427f90a45
Chore: Aggregate save dashboard error (#26443)
* Chore: Aggregate save dashboard error
* Use errors package for error detection

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>
2020-07-21 11:12:01 +02:00
Arve Knudsen
d4e4cb4c71
Chore: Enable Go linter gocritic (#26224)
* Chore: Enable gocritic linter

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-07-16 14:39:01 +02:00
Arve Knudsen
5fe27ee959
Fix back-end tests on Windows (#26355)
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-07-15 20:09:03 +02:00
Kamal Galrani
6a0f530fdf
fixes spelling error (#26253) 2020-07-11 08:56:02 +02:00
Mitsuhiro Tanda
292c985b76
Alerting: Support storing sensitive notifier settings securely/encrypted (#25114)
Support storing sensitive notification settings securely/encrypted.
Move slack notifier url and api token to secure settings.
Migrating slack notifier to store token and url encrypted is currently 
a manual process by saving an existing slack alert notification channel.
saving an existing slack alert notification channel will reset the stored 
non-secure url and token.

Closes #25113
Ref #25967

Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
2020-07-08 10:17:05 +02:00
Arve Knudsen
41d432b5ae
Chore: Enable whitespace linter (#25903)
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-07-06 20:17:28 +02:00
Arve Knudsen
3651a8e976
Chore: Disable scopelint for tests (#25923)
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-06-30 11:05:47 +02:00
Arve Knudsen
d1e6214a4a
Chore: Enable scopelint Go linter (#25896)
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-06-29 17:04:38 +02:00
Arve Knudsen
5070f7a75b
Chore: Start harmonizing linting with plugin SDK (#25854)
* Chore: Harmonize linting with plugin SDK

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Chore: Fix linting issues

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-06-29 14:08:32 +02:00
Carl Bergquist
703f728c0c
Dashboards: Make path to default dashboard configurable (#25595)
Closes #25463

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
2020-06-22 18:00:39 +02:00
Marcus Efraimsson
cc95754e0d
Provisioning: Adds support for enabling app plugins (#25649)
Adds support for enabling app plugins using provisioning. 

Ref #11409

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
2020-06-22 17:49:13 +02:00
Torkel Ödegaard
d6ed8c522c
Dashboard: Redirects for old edit & view panel urls (#25653) 2020-06-17 12:51:41 +02:00
Arve Knudsen
d352c213b3
API: Recognize MSSQL data source URLs (#25629)
* API: Recognize MSSQL URLs

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Move MSSQL URL validation into mssql package

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-06-17 11:17:11 +02:00
Emil Tullstedt
80e9546cec
Settings: Add setting for hiding version number for anonymous users (#24919)
* Settings: Add setting for hiding version number for anonymous users

Fixes #12925

* Hide version string from footer when unavailable

* Settings: Test frontend settings with hide version for anonymous users

* Settings: Add hide version variable to frontend settings

* Make AnonymousHideVersion non-global

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Settings: Improve test neighbor friendliness, reset state before and after

* Settings: Use T.Cleanup

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-06-17 07:39:50 +02:00
Sofia Papagiannaki
fefbbc65a8
Auth: Add support for forcing authentication in anonymous mode and modify SignIn to use it instead of redirect (#25567)
* Forbid additional redirect urls

* Optionally force login in anonymous mode

* Update LoginCtrl page to ignore redirect parameter

* Modify SignIn to set forceLogin query instead of redirect

* Pass appUrl to frontend and use URL API for updating url query

* Apply suggestions from code review

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix SignIn test

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-06-16 16:33:44 +03:00
Robbert Gurdeep Singh
034abaa73a
Security: Use Header.Set and Header.Del for X-Grafana-User header (#25495)
This ensures that the X-Grafana-User header can be trusted.
If the configuration enabled the setting of this header, the
server can now trust that X-Grafana-User is set/unset by Grafana.
Before this, an anonymous user could simply set the X-Grafana-User
header themselves (using the developer tool for example)
2020-06-11 21:15:17 +02:00
Marcus Efraimsson
c0f3b2929c
Backend plugins: Refactor to allow shared contract between core and external backend plugins (#25472)
Refactor to allow shared contract between core and external backend plugins 
allowing core backend data sources in Grafana to be implemented in same 
way as an external backend plugin.
Use v0.67.0 of sdk.
Add tests for verifying plugin is restarted when process is killed.
Enable strict linting for backendplugin packages
2020-06-11 16:14:05 +02:00
Marcus Efraimsson
ba953be95f
Only allow 32 hexadecimal digits for the avatar hash (#25322)
(cherry picked from commit 7a9c0e31ec)
2020-06-03 15:56:13 +02:00
Arve Knudsen
07582a8e85
Chore: Fix various spelling errors in back-end code (#25241)
* Chore: Fix various spelling errors in back-end code
Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>
Co-authored-by: Josh Soref <jsoref@users.noreply.github.com>>
2020-06-01 17:11:25 +02:00
Ryan McKinley
b73d237bf8
Query: do not require datasource name and id (#24718) 2020-05-14 20:05:16 -07:00
Peter Holmberg
36fa54a288
Onboarding: New getting started panel (#23826)
* image and card component

* change height of getting started panel

* progress

* setup basic step

* advanced steps

* step forward and backward

* do checks

* fix button size

* minor styling on butttons

* add correct links

* save tutorial click in localstorage

* types and gradients

* fix gradients

* use spacing variable

* lots of responsiveness

* add links to help

* Getting started work

* redo according to split panel design

* minor touch ups

* new background images

* split up docs card to different hrefs

* welcome bar touch ups

* hide icon on small screens

* transparent false on welcome banner

* fix urls

* source tag in welcome urls

* move images to panel dir, removed unused images

* Nicer loading message

* make the cards look nicer on wide screens

* append utm tag on render instead

* replace width with margin

* new background image for light

* remove target on a element

* removing buttonselect, add tag to href

* more polishing

Co-authored-by: Dominik Prokop <dominik.prokop@grafana.com>
Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
2020-05-13 08:00:40 +02:00
Arve Knudsen
164242f5fd
Data sources: Don't fail if URL doesn't specify protocol (#24497) 2020-05-12 13:04:18 +02:00
Marcus Efraimsson
224aa4dde8
Backend plugins: Fix incorrect JSON Unmarshal (#24243) 2020-05-05 11:54:50 +02:00
Marcus Efraimsson
890e1d8f94
Backend plugins: Send query type to backend plugins (#24120)
Use v0.60.0 of sdk.
2020-05-05 10:32:34 +02:00
Mario Trangoni
5116420e9a
Fix misspell issues (#23905)
* Fix misspell issues

See,
$ golangci-lint run --timeout 10m --disable-all -E misspell ./...

Signed-off-by: Mario Trangoni <mjtrangoni@gmail.com>

* Fix codespell issues

See,
$ codespell -S './.git*' -L 'uint,thru,pres,unknwon,serie,referer,uptodate,durationm'

Signed-off-by: Mario Trangoni <mjtrangoni@gmail.com>

* ci please?

* non-empty commit - ci?

* Trigger build

Co-authored-by: bergquist <carl.bergquist@gmail.com>
Co-authored-by: Kyle Brandt <kyle@grafana.com>
2020-04-29 21:37:21 +02:00
Marcus Efraimsson
76650e60e4
Image Rendering: New setting to control render request concurrency (#23950)
Fixes #23806

Co-Authored-By: Torkel Ödegaard <torkel@grafana.com>
Co-Authored-By: Arve Knudsen <arve.knudsen@gmail.com>
2020-04-27 17:25:08 +02:00
Daniel Lee
52154b465b
dsproxy: adds support for url params for plugin routes (#23503)
* dsproxy: adds support for url params for plugin routes

* docs: fixes after review

* pluginproxy: rename Params to URLParams

* Update pkg/plugins/app_plugin.go

Co-Authored-By: Arve Knudsen <arve.knudsen@gmail.com>

* Apply suggestions from code review

Co-Authored-By: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
Co-Authored-By: Arve Knudsen <arve.knudsen@gmail.com>

* pluginproxy: rename struct

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
2020-04-24 10:32:13 +02:00
Kyle Brandt
80e1191ca0
Backend Plugins: (breaking change) Add PluginContext (#23788)
* breaking change for newer backend plugins
* use exported protobuf converters and sdk types to reduce duplicate code
* uses grafana-plugin-sdk-go@v0.54.0
2020-04-23 14:08:21 -04:00
Arve Knudsen
7d88018531
DataSourceProxy: Handle URL parsing error (#23731)
* pluginproxy: Handle URL parsing error
* pkg/api: Validate data source URLs
* pkg/api: Return 400 for URL validation error
2020-04-22 10:30:06 +02:00
Marcus Efraimsson
871ad73414
Backend plugins: Renderer v2 plugin (#23625)
grafana-plugin-model is legacy and is replaced by new backend 
plugins SDK and architecture. Renderer is not part of SDK and 
we want to keep it that way for now since it's highly unlikely there 
will be more than one kind of renderer plugin.
So this PR adds support for renderer plugin v2.
Also adds support sending a Device Scale Factor parameter to the 
plugin v2 remote rendering service and by that replaces #22474.
Adds support sending a Headers parameter to the plugin v2 and
remote rendering service which for now only include 
Accect-Language header (the user locale in browser when using 
Grafana), ref grafana/grafana-image-renderer#45.
Fixes health check json details response.
Adds image renderer plugin configuration settings in defaults.ini 
and sample.ini.

Co-Authored-By: Arve Knudsen <arve.knudsen@gmail.com>
2020-04-21 16:16:41 +02:00
Emil Tullstedt
55c306eb6d
Refactor search (#23550)
Co-Authored-By: Arve Knudsen <arve.knudsen@grafana.com>
Co-Authored-By: Leonard Gram <leonard.gram@grafana.com>
2020-04-20 16:20:45 +02:00
Andrej Ocenas
e5dd7efdee
Provisioning: Allows specifying uid for datasource and use that in derived fields (#23585)
* Add uid to datasource

* Fix uid passing when provisioning

* Better error handling and Uid column type change

* Fix test and strict null error counts

* Add backend tests

* Add tests

* Fix strict null checks

* Update test

* Improve tests

* Update pkg/services/sqlstore/datasource.go

Co-Authored-By: Arve Knudsen <arve.knudsen@gmail.com>

* Variable rename

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-04-20 15:48:38 +02:00
Alexander Zobnin
f023e7a399
SAML Role and Team sync (open source part) (#23391)
* SAML: add default params for role and team sync

* SAML: add org_mapping option

* SAML: support allowed_organizations option

* Chore: expose RedirectWithError from HTTPServer

* Chore: return RedirectResponse (fix superfluous response.writeheader message)

* HTTPServer: expose ValidateRedirectTo() and CookieOptionsFromCfg()

* Config: move SAML section to the enterprise
2020-04-17 10:48:37 +03:00
Carl Bergquist
5fc255bd89
Linting fixes for provisoning (#23600) 2020-04-16 05:46:20 +02:00
Marcus Efraimsson
6e313e7d37
Image Rendering: Remove PhantomJS support (#23460)
Removes all references and usage of PhantomJS #23375.
Remove direct link rendered image e2e smoke test for now.
Docker: Fix installing chrome in ubuntu custom docker image.
Improve handling of image renderer not available/installed #23593.
Add PhantomJS breaking change and upgrading notes.
Use grabpl v0.2.10.

Closes #13802

Co-authored-by: Kyle Brandt <kyle@grafana.com>
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
2020-04-15 22:17:41 +02:00
Émile Fugulin
d721dd13cd
Allow API to assign new user to a specific organization (#21775)
* Allow API to assign new user to a specific organization

* Add defer block to test

* Add API tests and return 400 instead of 500 for bad orgId

* Minor test improvements
2020-04-15 12:11:45 +03:00
Carl Bergquist
80f40040b0
Linting fixes for dashboard provsioning (#23576) 2020-04-15 08:12:52 +02:00
Carl Bergquist
754dfdfa87
Lower log level for some startup logs statements (#23517) 2020-04-14 12:18:45 +02:00
Ryan McKinley
468f5d15ab
Plugins: add a signature status flag (#23420) 2020-04-09 00:00:16 -07:00
Ivana Huckova
431f454d57
@grafana/ui: Create Icon component and replace part of the icons (#23402)
* Part1: Unicons implementation (#23197)

* Create a new Icon component

* Update icons in main sidebar

* Update icons in Useful links and in react components on  main site

* Update icons in Useful links and in main top navigation

* Adjust sizing

* Update panel navigation and timepicker

* Update icons in Panel menu

* NewPanelEditor: Fixed so that test alert rule works in new edit mode (#23179)

* Update icons in add panel widget

* Resolve merge conflict

* Fix part of the test errors and type errors

* Fix storybook errors

* Update getAvailableIcons import in storybook knobs

* Fix import path

* Fix SyntaxError: Cannot use import statement outside a module in test environment error

* Remove dynamic imports

* Remove types as using @ts-ignore

* Update snapshot test

* Add @iconscout/react-unicons to the shouldExclude list as it is blundled with es2015 syntax

* Remove color prop from icon, remove color implemetation in mono icons

* Update navbar styling

* Move toPascalCase to utils/string

Co-authored-by: Torkel Ödegaard <torkel@grafana.com>

* Resolve type errors resulted from merge

* Part2: Unicons implementation (#23266)

* Create a new Icon component

* Update icons in main sidebar

* Update icons in Useful links and in react components on  main site

* Update icons in Useful links and in main top navigation

* Adjust sizing

* Update panel navigation and timepicker

* Update icons in Panel menu

* Update icons in add panel widget

* Resolve merge conflict

* Fix part of the test errors and type errors

* Fix storybook errors

* Update getAvailableIcons import in storybook knobs

* Fix import path

* Fix SyntaxError: Cannot use import statement outside a module in test environment error

* Remove dynamic imports

* Remove types as using @ts-ignore

* Update snapshot test

* Add @iconscout/react-unicons to the shouldExclude list as it is blundled with es2015 syntax

* Implment icons in Tabs

* Implement icons in search items and  empty  list

* Update buttons

* Update button-related snapshot tests

* Update icons in modals and page headers

* Create anfular wrapper and update all icons on search screen

* Update sizing, remove colors, update snapshot tests

* Remove color prop from icon, remove color implemetation in mono icons

* Remove color props from monochrome icons

* Complete update of icons for search screen

* Update icons for infor tooltips, playlist, permissions

* Support temporarly font awesome icons used in enterprise grafana

* Part1: Unicons implementation (#23197)

* Create a new Icon component

* Update icons in main sidebar

* Update icons in Useful links and in react components on  main site

* Update icons in Useful links and in main top navigation

* Adjust sizing

* Update panel navigation and timepicker

* Update icons in Panel menu

* NewPanelEditor: Fixed so that test alert rule works in new edit mode (#23179)

* Update icons in add panel widget

* Resolve merge conflict

* Fix part of the test errors and type errors

* Fix storybook errors

* Update getAvailableIcons import in storybook knobs

* Fix import path

* Fix SyntaxError: Cannot use import statement outside a module in test environment error

* Remove dynamic imports

* Remove types as using @ts-ignore

* Update snapshot test

* Add @iconscout/react-unicons to the shouldExclude list as it is blundled with es2015 syntax

* Remove color prop from icon, remove color implemetation in mono icons

* Update navbar styling

* Move toPascalCase to utils/string

Co-authored-by: Torkel Ödegaard <torkel@grafana.com>

* Icons update

* Add optional chaining to for isFontAwesome variable

Co-authored-by: Torkel Ödegaard <torkel@grafana.com>

* Part3:  Unicons implementation (#23356)

* Create a new Icon component

* Update icons in main sidebar

* Update icons in Useful links and in react components on  main site

* Update icons in Useful links and in main top navigation

* Adjust sizing

* Update panel navigation and timepicker

* Update icons in Panel menu

* Update icons in add panel widget

* Resolve merge conflict

* Fix part of the test errors and type errors

* Fix storybook errors

* Update getAvailableIcons import in storybook knobs

* Fix import path

* Fix SyntaxError: Cannot use import statement outside a module in test environment error

* Remove dynamic imports

* Remove types as using @ts-ignore

* Update snapshot test

* Add @iconscout/react-unicons to the shouldExclude list as it is blundled with es2015 syntax

* Implment icons in Tabs

* Implement icons in search items and  empty  list

* Update buttons

* Update button-related snapshot tests

* Update icons in modals and page headers

* Create anfular wrapper and update all icons on search screen

* Update sizing, remove colors, update snapshot tests

* Remove color prop from icon, remove color implemetation in mono icons

* Remove color props from monochrome icons

* Complete update of icons for search screen

* Update icons for infor tooltips, playlist, permissions

* Support temporarly font awesome icons used in enterprise grafana

* Part1: Unicons implementation (#23197)

* Create a new Icon component

* Update icons in main sidebar

* Update icons in Useful links and in react components on  main site

* Update icons in Useful links and in main top navigation

* Adjust sizing

* Update panel navigation and timepicker

* Update icons in Panel menu

* NewPanelEditor: Fixed so that test alert rule works in new edit mode (#23179)

* Update icons in add panel widget

* Resolve merge conflict

* Fix part of the test errors and type errors

* Fix storybook errors

* Update getAvailableIcons import in storybook knobs

* Fix import path

* Fix SyntaxError: Cannot use import statement outside a module in test environment error

* Remove dynamic imports

* Remove types as using @ts-ignore

* Update snapshot test

* Add @iconscout/react-unicons to the shouldExclude list as it is blundled with es2015 syntax

* Remove color prop from icon, remove color implemetation in mono icons

* Update navbar styling

* Move toPascalCase to utils/string

Co-authored-by: Torkel Ödegaard <torkel@grafana.com>

* Update icons in Explore

* Update icons in alerting

* Update + and x buttons

* Update icons in configurations and settings

* Update close icons

* Update icons in rich history

* Update alert messages

* Add optional chaining to for isFontAwesome variable

* Remove icon mock, set up jest.config

* Fix navbar plus icon

* Fir enable-bacground to enableBackgournd

Co-authored-by: Torkel Ödegaard <torkel@grafana.com>

* Merge remote branch origin master to icons-unicons

* Revert "Merge remote branch origin master to icons-unicons"

This reverts commit 3f25d50a39.

* Size-up dashnav icons

* Fix alerting icons, panel headers, update tests

* Fix typecheck error

* Adjustments - add panel icon, spacing

* Set TerserPlugin sourceMap to false to prevent running out of memory when publishing storybook

Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
2020-04-08 14:33:31 +02:00
Erik Sundell
d94796a022
Auth: Remove trailing / in cookies' path (#22265) (#22265)
According to the stackoverflow answer below, it is recommended to not
include a trailing / in cookies' path. By removing the trailing / for
our cookies path value, people's browsers visiting grafana will pass the
cookie not only to /grafana/ sub paths but also to /grafana sub paths.

This commit avoids the situation where a user would visit
http://localhost/grafana, get redirected to
http://localhost/grafana/login, and following login get redirected back
to http://localhost/grafana, but since the grafana_session cookie isn't
passed along get redirected back once more to
http://localhost/grafana/login.

ref: https://stackoverflow.com/questions/36131023/setting-a-slash-on-cookie-path/53784228#53784228
ref: https://tools.ietf.org/html/rfc6265#section-5.1.4
2020-04-06 17:56:19 +03:00
John McBride
b017e437d8
Fix typo in oauth error (#23270)
fixes: #23269
2020-04-02 08:24:59 +02:00
rtrompier
474dac1501
OAuth : Introduce new setting for configuring max age of OAuth state cookie (#23195)
* Cookie : Increase duration to avoid error

When using oauth2 authentication with multifactor, the 60s delay may be too short

* Introduce new setting for OAuth state cookie max age

Co-authored-by: Sofia Papagiannaki <sofia@grafana.com>
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-03-30 17:44:58 +03:00
huanggze
69c5efcf00
Cleanup: move interface ProvisioningService into provisioning package (#23061) 2020-03-25 14:14:24 +01:00
Carl Bergquist
3798ac903d
Upgrade golangci-lint and fixes some linting errors. (#22909)
Example: https://play.golang.org/p/cfPIPG3BwjJ
2020-03-23 13:37:53 +01:00
Carl Bergquist
579abad9cc
Plugins: Return jsondetails as an json object instead of raw json on datasource healthchecks. (#22859) 2020-03-18 12:08:52 +01:00
Marcus Efraimsson
60e3437fc1
Backend plugins: Exclude plugin metrics in Grafana's metrics endpoint (#22857)
Excludes backend plugin metrics in Grafana's metrics endpoint
Adds /api/:pluginId/metrics endpoint for retrieving metrics
from backend plugin as Prometheus text-based exposition format.

Fixes #22814
2020-03-18 12:08:20 +01:00
Dominik Prokop
f345d7f6a3
Plugins: Hide plugins page from viewers, and limit /api/plugins to only core plugins when called by viewer role (#21901)
* Hide plugins list from viewers

* Made /api/plugins only return core plugins for users with viewer role

Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
2020-03-16 15:40:46 +01:00
Ryan McKinley
c65db9bf25
Chore: remove expressions flag and allow (#22764) 2020-03-13 07:43:25 -07:00
Carl Bergquist
ebc9549cbc
Add support for sending health check to datasource plugins. (#22771)
closes #21519
ref grafana/grafana-plugin-sdk-go#93
2020-03-13 12:31:44 +01:00
Sofia Papagiannaki
be022d4239
API: Fix redirect issues (#22285)
* Revert "API: Fix redirect issue when configured to use a subpath (#21652)" (#22671)

This reverts commit 0e2d874ecf.

* Fix redirect validation (#22675)

* Chore: Add test for parse of app url and app sub url

Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>

* Fix redirect: prepend subpath only if it's missing (#22676)

* Validate redirect in login oauth (#22677)

* Fix invalid redirect for authenticated user (#22678)

* Login: Use correct path for OAuth logos

Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
2020-03-11 11:04:48 +02:00
Carl Bergquist
5f94d31da9
Send jsondata for Datasources on DatasourceConfig for backend plugins (#22681)
ref https://github.com/grafana/grafana-plugin-sdk-go/pull/84
2020-03-10 15:18:27 +01:00
Carl Bergquist
1dcfaf25fc
Adds signed in user to backend v2 plugins requests (#22584)
closes #12043
2020-03-06 14:37:36 +01:00
Marcus Efraimsson
4ff613a432
Backend Plugins: Support handling of streaming resource response (#22580)
Use v0.19.0 of SDK.
Support handling of streaming resource response.
Disable gzip/compression middleware for resources 
to allow chunked/streaming response to clients the gzip
middleware had to be disabled since it buffers the full
response before sending it to the client.

Closes #22569

Co-Authored-By: Arve Knudsen <arve.knudsen@gmail.com>
2020-03-06 01:44:07 +07:00
Carl Bergquist
3fdd2648b1
Chore: Avoid aliasing importing models in api package (#22492) 2020-03-04 12:57:20 +01:00
Marcus Efraimsson
e6cec8dbdc
Backend plugins: Prepare and clean request headers before resource calls (#22321)
Moves common request proxy utilities to proxyutil package with
support for removing X-Forwarded-Host, X-Forwarded-Port,
X-Forwarded-Proto headers, setting X-Forwarded-For header
and cleaning Cookie header.
Using the proxyutil package to prepare and clean request
headers before resource calls.

Closes #21512
2020-03-03 11:45:16 +01:00
Mohit Gupta
94951df1c1
API: Include IP address when logging request error (#21596)
Includes IP address when logging request error, for example 
when a user fails to login.

Fixes #21310
2020-03-02 09:43:16 +01:00
lfroment
72628c8ea0
Dashboard: Adds support for a global minimum dashboard refresh interval (#19416)
This feature would provide a way for administrators to limit the minimum 
dashboard refresh interval globally.
Filters out the refresh intervals available in the time picker that are lower 
than the set minimum refresh interval in the configuration .ini file
Adds the minimum refresh interval as available in the time picker.
If the user tries to enter a refresh interval that is lower than the minimum 
in the URL, defaults to the minimum interval.
When trying to update the JSON via the API, rejects the update if the 
dashboard's refresh interval is lower than the minimum.
When trying to update a dashboard via provisioning having a lower 
refresh interval than the minimum, defaults to the minimum interval 
and logs a warning. 

Fixes #3356

Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
2020-02-28 14:32:01 +01:00
Carl Bergquist
67ec9edcc8
chore: avoid alias for models in plugins (#22483) 2020-02-28 12:51:21 +01:00
Ryan McKinley
0606555ba1
App Plugins: support react pages in nav (#22428) 2020-02-27 09:10:21 -08:00
Martin
cffcc95be0
pkg/api/pluginproxy: Access token provider should handle access tokens without ExpiresOn field (#19928)
* pkg/api/pluginproxy: Add support for expire_in field in access-token

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-02-26 15:59:02 +01:00
Agnès Toulet
1dd404a1fb
Core: Make application title customizable for WL (#22401)
* Core: Add custom app title

* Docs: Update White Labeling title customization

* Core: set back export for Branding types
2020-02-25 15:18:37 +01:00
Marcus Efraimsson
d0a80c59f3
Rendering: Store render key in remote cache (#22031)
By storing render key in remote cache it will enable
image renderer to use public facing url or load
balancer url to render images and thereby remove
the requirement of image renderer having to use the
url of the originating Grafana instance when running
HA setup (multiple Grafana instances).

Fixes #17704
Ref grafana/grafana-image-renderer#91
2020-02-19 19:47:39 +01:00
Marcus Efraimsson
9d7c74ef91
Backend Plugins: Provide proper plugin config to plugins (#21985)
Properly provides plugin configs to backend plugins.
Uses v0.16.0 of grafana-plugin-sdk-go-

Ref #21512
Ref #19667
2020-02-19 19:17:05 +01:00
Arve Knudsen
8d1bef3769
OAuth: Enforce auto_assign_org_id setting when role mapping enabled using Generic OAuth (#22268)
* OAuth: Make use of auto_assign_org_id setting
2020-02-19 17:38:53 +01:00
Adrian Coveney
39e0ce305b
Reorder cipher suites for better security (#22101)
Put the cipher suites with Forward Secrecy at or nearer the top, keeping any TLS v1.3 suites at the top, following best practice guides for the ordering of the rest. There is no change to the selection of suites only reordering.
2020-02-18 18:58:36 +01:00
Carl Bergquist
ff9556229a
Data proxy: Log proxy errors using Grafana logger (#22174)
Now any errors logged by http.ReverseProxy are forwarded to 
Grafana's logger and includes more contextual information like
level (error), user id, org id, username, proxy path, referer and 
IP address.

Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
2020-02-18 13:26:01 +01:00
Tobias Skarhed
0c4dae321c
Migrations: Signup page (#21514)
* Start Angular migration

* Add SignupCtrl

* Change name signup

* Add backend call

* Put form in separate file

* Add form model

* Start using react-hook-forms

* Add FormModel to state

* Reduxify

* Connect nav with Redux

* Fix routing and navModel

* Fetch state options on mount

* Add default values and add button margin

* Add errror messages

* Fix title

* Remove files and cleanup

* Add Signup tests

* Add boot config assingnAutoOrg and verifyEmailEnabled

* Remove onmount call

* Remove ctrl and move everything to SignupForm

* Make routeParams optional for testing

* Remove name if it is empty

* Set username

* Make function component

* Fix subpath issues and add link button

* Move redux to SignupPage
2020-02-17 11:13:13 +01:00
Brian Gann
0e2d874ecf
API: Fix redirect issue when configured to use a subpath (#21652)
* request uri will contain the subpath
2020-02-14 14:51:35 +01:00
twendt
ff6a082e23
Auth: Azure AD OAuth (#20030)
* Implement Azure AD oauth

* Use go-jose and cleanup

* Update go-jose in go.mod

* cleanup

* Add unit tests

* Fix scopes

* Add documentation page

* Improve documentation

* Convert extract_role into function.

* Do not use upn and replace unique_name with preferred_username

* Configure login button

* Use official microsoft icon and color from branding guideline.

* Add Azure AD config section in sample.ini.
2020-02-13 12:12:25 +03:00
Leonard Gram
59530e4758
Quota: Makes sure we provide the request context to the quota service (#21949)
It was missing for ldap_login which means that the first signup failed
for users with LDAP+quota enabled. There's also potential cases where we
can't provide a request context (background jobs) which is also covered,
but needs a refactoring.
2020-02-06 08:49:58 +02:00
Marcus Efraimsson
0390b5601e
Backend plugins: Implement support for resources (#21805)
Implements initial support for resources using v0.14.0 of SDK.

Ref #21512
2020-01-31 11:15:50 +01:00
Marcus Efraimsson
6e80315531
Image Rendering: Fix render of graph panel legend aligned to the right using Grafana image renderer plugin/service (#21854)
Don't render class body--phantomjs on body element when 
PhantomJS renderer not is in use.

Fixes #21830
2020-01-30 17:35:32 +01:00
Emil Tullstedt
3fabbbff4d
Footer: Display Grafana edition (#21717)
Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
2020-01-27 09:24:44 +01:00
Marcus Efraimsson
63a912629d
Admin: Viewer should not see link to teams in side menu (#21716)
Fixes so that viewers don't see a link to teams in side menu when
editors_can_admin setting is enabled.
2020-01-24 12:00:52 +01:00
Torkel Ödegaard
15b2bf3e5c
Dashboards: Default Home Dashboard Update (#21534)
* HomeLinks: WIP panel for getting started links

* Progress

* progress

* Updated styling

* Updated default home dashboard

* Update light card styles

* Tweaks based on feedback
2020-01-17 09:43:17 +01:00
Emil Tullstedt
29687903f8
Admin: Add promotional page for Grafana Enterprise (#21422)
Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
2020-01-15 14:50:44 +01:00
Anthony Woods
f56f54b1a3 Auth: Rotate auth tokens at the end of requests (#21347)
By rotating the auth tokens at the end of the request we ensure
that there is minimum delay between a new token being generated
and the client receiving it.
Adds auth token slow load test which uses random latency for all 
tsdb queries..
Cleans up datasource proxy response handling.
DefaultHandler in middleware tests should write a response, the 
responseWriter BeforeFuncs wont get executed unless a response
is written.

Fixes #18644 

Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
2020-01-15 13:03:12 +01:00
Marcus Efraimsson
54c9b11ae8
Fix importing plugin dashboards (#21501)
#21350 introduced a bug regarding import of plugin dashboards. 
This should fix this and add custom validation if not importing 
plugin dashboard and dashboard property is missing.

Ref #21350

Co-Authored-By: Arve Knudsen <arve.knudsen@gmail.com>
2020-01-15 12:10:02 +01:00
Marcus Efraimsson
a1579283a6
Add disabled option for cookie samesite attribute (#21472)
Breaking change: If disabled the cookie samesite cookie attribute
will not be set, but if none the attribute will be set and is a
breaking change compared to before where none did not render the
attribute. This was due to a known issue in Safari.

Co-Authored-By: Arve Knudsen <arve.knudsen@gmail.com>
Co-Authored-By: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>

Fixes #19847
2020-01-14 17:41:54 +01:00
Arve Knudsen
d26075644c
ImportDashboardCommand: Validate JSON fields (#21350)
* ImportDashboardCommand: Validate JSON fields
2020-01-14 16:26:54 +01:00
Sofia Papagiannaki
d135f1229d
Alerting: new min_interval_seconds options to enforce a minimum eval frequency (#21188)
* add min_interval_seconds setting to alerting config

It will let operator enforce a minimum time for the scheduler to enqueue evaluations

* Introduce UI modifications

* Update docs

Co-authored-by: Martin <uepoch@users.noreply.github.com>
2020-01-14 11:13:34 +02:00
Alexander Zobnin
8505d90768 Admin: New Admin User page (#20498)
* admin: user page to react WIP

* admin user page: basic view

* admin user page: refactor, extract orgs and permissions components

* admin user: change sessions actions styles

* admin user: add disable button

* user admin: add change grafana admin action

* user admin: able to change org role and remove org

* user admin: confirm force logout

* user admin: change org button style

* user admin: add confirm modals for critical actions

* user admin: lock down ldap user info

* user admin: align with latest design changes

* user admin: add LDAP sync

* admin user: confirm button

* user admin: add to org modal

* user admin: fix ConfirmButton story

* admin user: handle grafana admin change

* ConfirmButton: make styled component

* ConfirmButton: completely styled component

* User Admin: permissions section refactor

* admin user: refactor (orgs and sessions)

* ConfirmButton: able to set confirm variant

* admin user: inline org removal

* admin user: show ldap sync info only for ldap users

* admin user: edit profile

* ConfirmButton: some fixes after review

* Chore: fix storybook build

* admin user: rename handlers

* admin user: remove LdapUserPage import from routes

* Chore: fix ConfirmButton tests

* Chore: fix user api endpoint tests

* Chore: update failed test snapshots

* admin user: redux actions WIP

* admin user: use new ConfirmModal component for user profile

* admin user: use new ConfirmModal component for sessions

* admin user: use lockMessage

* ConfirmButton: use primary button as default

* admin user: fix ActionButton color

* UI: use Icon component for Modal

* UI: refactor ConfirmModal after Modal changes

* UI: add link button variant

* UI: able to use custom ConfirmButton

* Chore: fix type errors after ConfirmButton refactor

* Chore: revert Graph component changes (works with TS 3.7)

* Chore: use Forms.Button instead of ActionButton

* admin user: align items

* admin user: align add to org modal

* UI: organization picker component

* admin user: use org picker for AddToOrgModal

* admin user: org actions

* admin user: connect sessions actions

* admin user: updateUserPermissions action

* admin user: enable delete user action

* admin user: sync ldap user

* Chore: refactor, remove unused code

* Chore: refactor, move api calls to actions

* admin user: set user password action

* Chore: refactor, remove unused components

* admin user: set input focus on edit

* admin user: pass user into debug LDAP mapping

* UserAdminPage: Ux changes

* UserAdminPage: align buttons to the left

* UserAdminPage: align delete user button

* UserAdminPage: swap add to org modal buttons

* UserAdminPage: set password field to empty when editing

* UserAdminPage: fix tests

* Updated button border

* Chore: fix ConfirmButton after changes introduced in #21092

Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
2020-01-13 17:10:19 +01:00
Torkel Ödegaard
35679d4689
Logos: Refactoring a bit how logos are rendered (#21421) 2020-01-10 22:15:16 +01:00
Jeffrey Descan
c5f906f472 Security: refactor 'redirect_to' cookie to use 'Secure' flag (#19787)
* Refactor redirect_to cookie with secure flag in middleware

* Refactor redirect_to cookie with secure flag in api/login

* Refactor redirect_to cookie with secure flag in api/login_oauth

* Removed the deletion of 'Set-Cookie' header to prevent logout

* Removed the deletion of 'Set-Cookie' at top of api/login.go

* Add HttpOnly flag on redirect_to cookies where missing

* Refactor duplicated code

* Add tests

* Refactor cookie options

* Replace local function for deleting cookie

* Delete redundant calls

Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>
2020-01-10 15:55:30 +02:00
Pavlos Daoglou
53007e07e3 ApiUser: Fix response when enabling, disabling or deleting a nonexistent user (#21391)
* ApiUser: Fix response when enabling, disabling or deleting a nonexistent user
2020-01-10 11:43:44 +01:00
Torkel Ödegaard
91ea3b15fa
Footer: Single footer component for both react & angular pages (#21389)
* Footer: Single footer implementation for both react & angular pages

* Export type

* Updates

* Use footer links in help menu

* Updates & Fixes

* Updated snapshot

* updated snapshot
2020-01-09 11:25:52 +01:00
vikkyomkar
3866f609ce API: Added alert state validation before changing its state (#21375)
* added alert state validation before changing its state

* modified boolean condition

* converted most occurring string into const

* referred the const of alert models
2020-01-09 11:18:51 +01:00
Boris Granveaud
b8b618241e Rendering: Fix panel PNG rendering when using sub url & serve_from_sub_path = true (#21306)
* Rendering: fix dashboard rendering when using sub url

* rollback on render.go: no need to add sub-path
2020-01-06 08:12:18 +01:00
Ryan McKinley
104c2e3636 Metrictank: fix bundled dashboard (#21209)
* update metrictank dashboard

* Restored dashboard datasource variable, and improved error handling in the import api handler

Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
2019-12-20 11:42:47 +01:00
Sofia Papagiannaki
b12dc890b8
API: Validate redirect_to cookie has valid (Grafana) url (#21057)
* Restrict redirect_to to valid relative paths

* Add tests
2019-12-12 17:08:34 +02:00
Jiajun Huang
5e34e061d5 use https for fetch gravatar by default (#20964) 2019-12-10 08:59:11 +01:00
Arve Knudsen
abc7893fdc
Server: Return 404 when non-pending invite is requested (#20863)
Server API: Return 404 when non-pending invite is requested
2019-12-04 13:01:37 +01:00
Torkel Ödegaard
87d19787b4
Profile: Remove sign-out tab from profile page (#20802)
* Profile: Remove sign-out tab

* Fixed formatting

* Updated formatting
2019-12-02 18:03:28 +01:00
Guangzhe Huang
71792d698b Cleanup: use the local variable (#20767)
Signed-off-by: huanggze <loganhuang@yunify.com>
2019-11-29 07:34:20 -08:00
Arve Knudsen
3c7cfbebe8
Server: Defer wg.Done call to ensure it's called (#20700) 2019-11-27 13:42:15 +01:00
Arve Knudsen
29d27fbaf0
Server: Clean up startup logic/error checking (#20679)
* Server: Clean up startup logic/error checking
2019-11-27 12:07:21 +01:00
Marcus Efraimsson
3fc5f4552a CloudWatch: Fix high CPU load (#20579)
* Cache decrypted securejsondata
* Models: Add datasource cache tests
2019-11-22 14:21:23 +01:00
Sofia Papagiannaki
d1c523838b
API: Optionally list expired keys (#20468)
* API: Optionally list expired keys

* Update docs
2019-11-20 13:14:57 +02:00
Jon Gyllenswärd
7a8c6a9b54
Reporting: Handle timeouts in rendering (#20415)
* Added timeout in grpc call to plugins for rendering
2019-11-18 16:58:15 +01:00
Arve Knudsen
82f4fc2783
Fail when server is unable to bind port (#20409)
* Server: Return error when unable to bind port
* Server: Exit if a service fails
* Build: Remove graceful kill from Bra config
2019-11-18 09:49:08 +01:00
Marcus Efraimsson
dfa2f3d2fb
Chore: Log actual error when oauth pass thru fails (#20419)
Logs the actual error when failing to retreive access token
when OAuth pass true is enabled for a datasource.

Ref: #20407
2019-11-15 17:14:53 +01:00
Emil Tullstedt
d4e013fd44
NavLinks: Make ordering in navigation configurable (#20382)
The ordering of links in the navigation bar is currently based the order of the slice containing the navigation tree. Since Grafana supports adding more links to the navigation bar with `RunIndexDataHooks` which runs at the very end of the function this means that any link registered through a hook will be placed last in the slice and be displayed last in the menu. With this PR the ordering can be specified with a weight which allows for placing links created by extensions in a more intuitive place where applicable.

Stable sorting is used to ensure that the current FIFO ordering is preserved when either no weight is set or two items shares the same weight.
2019-11-15 09:28:55 +01:00
Arve Knudsen
3a8cd7b76c Avatar: Don't log failure to add existing item to cache (#19947)
Checks if avatar was found in cache before trying to add it to cache.

Fixes #19946
2019-11-12 18:49:09 +01:00
Torkel Ödegaard
be2bf1a297
AuthProxy: Can now login with auth proxy and get a login token (#20175)
* AuthProxy: Can now login with auth proxy and get a login token

* added unit tests

* renamed setting and updated docs

* AuthProxy: minor tweak

* Fixed tests and namings

* spellfix

* fix

* remove unused setting, probably from merge conflict

* fix
2019-11-07 17:48:56 +01:00
gotjosh
e4afc8d518 LDAP: Fixing sync issues (#19446)
The arching goal of this commit is to enable single user
synchronisation with LDAP. Also, it included minor fixes of style,
error messages and minor bug fixing.

The changes are:

- bug: The `multildap` package has its own errors when the user is
  not found. We fixed the conditional branch on this error by asserting
on the `multildap` errors as opposed to the `ldap` one

- bug: The previous interface usage of `RevokeAllUserTokens` did not
  work as expected. This replaces the manual injection of the service by
leveraging the service injected as part of the `server` struct.

- chore: Better error messages around not finding the user in LDAP.

- fix: Enable the single sync button and disable it when we receive an
  error from LDAP. Please note, that you can enable it by dispatching
the error. This allows you to try again without having to reload the
page.

- fix: Move the sync info to the top, then move the sync button above
  that information and clearfix to have more harmony with the UI.
2019-11-07 14:31:44 +01:00
Jon Gyllenswärd
b489c75aaf
Provisioning: fix for cannot save provisioned dashboard (#20218)
Provisioning of dashboards now always overwrite existing ones and does not look at the configuration `allowUiUpdates` anymore
2019-11-07 10:49:24 +01:00
Martin Reinhardt
7a3d1c0e4b OAuth: Generic OAuth role mapping support (#17149)
Adds support for Generic OAuth role mapping. A new 
configuration setting for generic oauth is added named 
role_attribute_path which accepts a JMESPath expression.
Only Grafana roles named Viewer, Editor or Admin are
accepted.

Closes #9766
2019-11-05 21:56:42 +01:00
Leonard Gram
730bedf36f
LDAP Debug: No longer shows incorrectly matching groups based on role (#20018)
* LDAP Debug: No longer shows incorrectly matching groups based on role

Org Role was used as a shortcut to figure out what groups were matching
and which weren't. That lead to too all groups matching a specific role
to show up for a user if that user got that role.

* LDAP Debug: Fixes ordering of matches

The order of groups in the ldap.toml file is important, only the first
match for an organisation will be used. This means we have to iterate
based on the config and stop matching when a match is found.

We might want to think about showing further matches as potential
matches that are shadowed by the first match. That would possibly make
it easier to understand why one match is used instead of another one.

* LDAP Debug: never display more than one match for the same LDAP group/mapping.

* LDAP Debug: show all matches, even if they aren't used

* Update public/app/features/admin/ldap/LdapUserGroups.tsx

Co-Authored-By: gotjosh <josue.abreu@gmail.com>

* Update public/app/features/admin/ldap/LdapUserGroups.tsx

Co-Authored-By: gotjosh <josue.abreu@gmail.com>
2019-11-01 15:42:22 +01:00
Leonard Gram
992b4b8adf
Licensing service (#19903)
* Licensing: supplies a service to handle licensing information

* Licensing: uses the license service further

Uses the license service instead of settings.isEnterprise:
- external team members
- saml
- usage stats

* Licensing: fixes broken tests due to new Licensing service dependency

* Licensing: fixes linting errors

* Licensing: exposes license expiry information to the frontend
2019-11-01 14:56:12 +01:00
Kyle Brandt
750e8d27bf api/dashboard: fix panic on UI save (#20137) 2019-11-01 07:57:03 +01:00
Ryan McKinley
4d1b969a5c
GEL: include the expression count in the request (#20114) 2019-10-31 16:22:00 -07:00
Jon Gyllenswärd
a45ce36566
Allow saving of provisioned dashboards (#19820)
Allows saving of provisioned dashboards if the config value allowUiUpdates is set to true

Fixes #11778
2019-10-31 14:27:31 +01:00
Ryan McKinley
861eb72113 transform: add expressions to query editor (w/ feature flag) (#20072)
for use with gel which is not released yet.
2019-10-30 14:38:28 -04:00
Kyle Brandt
009d58c4a2
Plugins: Transform plugin support (#20036)
currently temporary separate http api
2019-10-29 12:22:31 -04:00
Marcus Efraimsson
771f21ed09 api: new v2 metrics query endpoint
Requests to endpoint will currently will error unless expressions feature flag is true.

Co-authored-by: Sofia Papagiannaki <papagian@gmail.com>
2019-10-25 09:28:26 -04:00
Arve Knudsen
35e0e078b7
pkg/util: Check errors (#19832)
* pkg/util: Check errors
* pkg/services: DRY up code
2019-10-23 10:40:12 +02:00
Oleg Utkin
de5038441f API: Fix logging of dynamic listening port (#19644)
Logs the real (dynamic) HTTP port when configured 
Grafana using setting.HttpPort = 0.

Fixes #16709
2019-10-22 13:07:43 +02:00
Amarnath Karthi
74557a4c40 Dashboard: Allows the d-solo route to be used without slug (#19640)
Allows the d-solo route to be used with UID and without 
a slug.

Fixes #11617
2019-10-14 18:21:44 +02:00
Weeco
8cd93f0b88 Datasource: Add custom headers on alerting queries (#19508)
* Add custom headers on alerting queries

Reference issue #15381

Signed-off-by: Martin Schneppenheim <martin.schneppenheim@rewe-digital.com>

* Fix datasource transport tests

* Migrate decrypting header test to models pkg

* Check correct header

* Add HTTP transport test

Fixes #15381
2019-10-11 14:28:52 +02:00
Arve Knudsen
0a2d5e16dd
pkg/api: Check errors (#19657)
* pkg/api: Check errors
* pkg/api: Remove unused function HashEmail
2019-10-08 18:57:53 +02:00
gotjosh
4181b30b75
API: Add createdAt and updatedAt to api/users/lookup (#19496)
* API: Add `createdAt` and `updatedAt` to api/users/lookup

In the past, we have added both `updatedAt` (#19004) and `createdAt` (#19475) to /api/users/:id

Turns out, api/users/lookup uses the same DTO for both. This fixes the serialization of both `createdAt` and `updatedAt`for this endpoint.

Also, adds a test to ensure no further regressions.

* Updated API documentation
2019-09-30 20:54:09 +01:00
Rafael George
e1b2bf711d API: Add createdAt field to /api/users/:id (#19475)
It would help for auditing purposes to have the user's created date exposed via the API along with the other fields already exposed via the API.
2019-09-28 12:12:33 +01:00
Marcus Efraimsson
00e7c7c4b7
Testdata: Rename package to circumvent convention in go (#19409)
Before this change the tests for test datasource was not run.
2019-09-27 16:18:24 +02:00
gotjosh
b20a258b72
LDAP: Show non-matched groups returned from LDAP (#19208)
* LDAP: Show all LDAP groups

* Use the returned LDAP groups as the reference when debugging LDAP

We need to use the LDAP groups returned as the main reference for
assuming what we were able to match and what wasn't. Before, we were
using the configured groups in LDAP TOML configuration file.

* s/User name/Username

* Add a title to for the LDAP mapping results

* LDAP: UI Updates to debug view

* LDAP: Make it explicit when we weren't able to match teams
2019-09-19 16:13:38 +01:00
Leonard Gram
dd794625dd
API: adds redirect helper to simplify http redirects (#19180) 2019-09-17 19:28:35 +02:00
Sofia Papagiannaki
b5f0a5d5ca
Api: Readonly datasources should not be created via the API (#19006)
* Readonly datasources should not be created via the API

* Return correct `ReadOnly` value in GetDataSourceByName
2019-09-17 12:29:43 +03:00
Alexander Zobnin
494b4aaf88 LDAP: only show tab if LDAP is enabled (#19156)
* LDAP: add nav link only if ldap enabled

* LDAP: /admin/ldap required admin permissions
2019-09-17 10:27:55 +02:00
Peter Holmberg
3c61b563c3 Ldap: Add LDAP debug page (#18759)
* Add items for navmodel and basic page

* add reducer and actions

* adding user mapping table component

* adding components for ldap tables

* add alert box on error

* close error alert box

* LDAP status page: connect APIs WIP

* LDAP debug: fetch connection status from API

* LDAP debug: fetch user info from API

* LDAP debug: improve connection error view

* LDAP debug: connection error tweaks

* LDAP debug: fix role mapping view

* LDAP debug: role mapping view tweaks

* LDAP debug: add bulk-sync button stub

* LDAP debug: minor refactor

* LDAP debug: show user teams

* LDAP debug: user info refactor

* LDAP debug: initial user page

* LDAP debug: minor refactor, remove unused angular wrapper

* LDAP debug: add sessions to user page

* LDAP debug: tweak user page

* LDAP debug: tweak view for disabled user

* LDAP debug: get sync info from API

* LDAP debug: user sync info

* LDAP debug: sync user button

* LDAP debug: clear error on page load

* LDAP debug: add user last sync info

* LDAP debug: actions refactor

* LDAP debug: roles and teams style tweaks

* Pass showAttributeMapping to LdapUserTeams

* LDAP debug: hide bulk sync button

* LDAP debug: refactor sessions component

* LDAP debug: fix loading user sessions

* LDAP debug: hide sync user button

* LDAP debug: fix fetching unavailable /ldap-sync-status endpoint

* LDAP debug: revert accidentally added fix

* LDAP debug: show error when LDAP is not enabled

* LDAP debug: refactor, move ldap components into ldap/ folder

* LDAP debug: styles refactoring

* LDAP debug: ldap reducer tests

* LDAP debug: ldap user reducer tests

* LDAP debug: fix connection error placement

* Text update

* LdapUser: Minor UI changes moving things around

* AlertBox: Removed icon-on-top as everywhere else it is centered, want to have it be consistent
2019-09-16 18:56:01 +03:00
Dominik Prokop
97ff75732d
Routing: Update routing to require sign in on every route (#19118)
* Update routing to require sign in on every route

* Review update
2019-09-16 14:06:50 +02:00
Dominik Prokop
44a2a648c6
Login: fix login page failing when navigating from reset password views (#19124) 2019-09-16 13:38:03 +02:00
gotjosh
7b7b95341e
LDAP: Allow an user to be synchronised against LDAP (#18976)
* LDAP: Allow an user to be synchronised against LDAP
This PR introduces the /ldap/sync/:id endpoint. It allows a user to be synchronized against LDAP on demand.

A few things to note are:

LDAP needs to be enabled for the sync to work
It only works against users that originally authenticated against LDAP
If the user is the Grafana admin and it needs to be disabled - it will not sync the information
Includes a tiny refactor that favours the JSONEq assertion helper instead of manually parsing JSON strings.
2019-09-13 16:26:25 +01:00
548017
09b434bdd0 Auth: Allow inviting existing users when login form is disabled (#19048)
Allow api to accept inviting existing users when login form is disabled.
UI shows invite button when login form is disabled.
2019-09-12 18:45:50 +02:00
gotjosh
fa007423e3
API: Add updatedAt to api/users/:id (#19004)
* API: Add `updatedAt` to api/users/:id

This adds the timestamp of when a particular user was last updated to
the `api/users/:id` endpoint.

This helps our administrators understand when was the user information last
updated. Particularly when it comes from external systems e.g. LDAP
2019-09-11 13:43:05 +01:00
Ryan McKinley
7d32caeac2 Transformers: configure result transformations after query(alpha) (#18740) 2019-09-09 08:58:57 +02:00
gotjosh
10fe101add
LDAP: Fetch teams in debug view (#18951)
Adds the definition of `GetTeamsForLDAPGroupCommand` which handles the lookup of team information based on LDAP groupDNs.

This is an Enterprise only feature. To diferentiate,a response will contain the `team` key as `null` on OSS while on Enterprise the key will contain an empty array `[]` when no teams are found.
2019-09-08 11:48:47 +01:00
gotjosh
7c6dd1868b
LDAP: Add API endpoint to query the LDAP server(s) status (#18868)
* LDAP: Add API endpoint to query the LDAP server(s) status|

This endpoint returns the current status(es) of the configured LDAP server(s).

The status of each server is verified by dialling and if no error is returned we assume the server is operational.

This is the last piece I'll produce as an API before moving into #18759 and see the view come to life.
2019-09-04 15:29:14 +01:00
gotjosh
0cbbb43222
LDAP: Add API endpoint to debug user mapping from LDAP (#18833)
* Move the ReloadLDAPCfg function to the debug file

Appears to be a better suite place for this.

* LDAP: Return the server information when we find a specific user

We allow you to specify multiple LDAP servers as part of LDAP authentication integration. As part of searching for specific users, we need to understand from which server they come from. Returning the server configuration as part of the search will help us do two things:

- Understand in which server we found the user
- Have access the groups specified as part of the server configuration

* LDAP: Adds the /api/admin/ldap/:username endpoint

This endpoint returns a user found within the configured LDAP server(s). Moreso, it provides the mapping information for the user to help administrators understand how the users would be created within Grafana based on the current configuration.

No changes are executed or saved to the database, this is all an in-memory representation of how the final result would look like.
2019-09-03 18:34:44 +01:00
Marcus Efraimsson
964c2e722f
Snapshot: Fix http api (#18830)
(cherry picked from commit be2e2330f5)
2019-09-02 15:15:46 +02:00
kay delaney
fb0cec5591
Backend: Adds support for HTTP/2 (#18358)
* Backend: Adds support for HTTP/2

* Adds mozilla recommended ciphers

* Updates sample.ini and config documentation
2019-08-16 16:06:54 +01:00
Ryan McKinley
6335509a23 Annotations: use a single row to represent a region (#17673)
* SQLite migrations

* cleanup

* migrate end times

* switch to update with a query

* real migration

* anno migrations

* remove old docs

* set isRegion from time changes

* use <> for is not

* add comment and fix index decleration

* single validation place

* add test

* fix test

* add upgrading docs

* use AnnotationEvent

* fix import

* remove regionId from typescript
2019-08-16 10:49:30 +02:00
Marcus Efraimsson
8fd153edb7
API: Restrict anonymous user information access (#18422)
Existing /api/alert-notifications now requires at least editor access.
Existing /api/alert-notifiers now requires at least editor access.
New /api/alert-notifications/lookup returns less information than
/api/alert-notifications and can be access by any authenticated user.
Existing /api/org/users now requires org admin role.
New /api/org/users/lookup returns less information than
/api/org/users and can be access by users that are org admins,
admin in any folder or admin of any team.
UserPicker component now uses /api/org/users/lookup instead
of /api/org/users.

Fixes #17318
2019-08-12 20:03:48 +02:00
Sofia Papagiannaki
4e29357d15
Backend: Do not set SameSite cookie attribute if cookie_samesite is none (#18462)
* Do not set SameSite login_error cookie attribute if cookie_samesite is none

* Do not set SameSite grafana_session cookie attribute if cookie_samesite is none

* Update middleware tests
2019-08-09 09:10:08 +03:00
Sofia Papagiannaki
7520166f17
API: Minor fix for team creation endpoint when using API key (#18252)
* Fix CreateTeam api endpoint

No team member should be created for requests
authenticated by API tokens.

* Update middleware test

Assert that `isAnonymous` is set for `SignedInUser`
authenticated via API key.

* Add test for team creation

Assert that no team member is created if the signed in user
is anomymous.

* Revert "Fix CreateTeam api endpoint"

This reverts commit 9fcc4e67f5.

* Revert "Update middleware test"

This reverts commit 75f767e58d.

* Fix CreateTeam api endpoint

No team member should be created for requests
authenticated by API tokens.

* Update team test

* Change error to warning and update tests
2019-08-08 11:27:47 +03:00
Sofia Papagiannaki
269c1fb107
Do not set SameSite for OAuth cookie if cookie_samesite is None (#18392) 2019-08-06 09:50:20 +03:00
Torkel Ödegaard
f3fb178efa Navigation: Fixed double settings menus (#18349) 2019-08-02 14:02:59 +02:00
Sofia Papagiannaki
69b7b8bb46 Fix OAuth error due to SameSite cookie policy (#18332)
The `oauth_state` cookie used to be created with the SameSite value set
according to the `cookie_samesite` configuration.
However, due to a Safari bug SameSite=None or SameSite=invalid are treated
as Strict which results in "missing saved state" OAuth login failures
because the cookie is not sent with the redirect requests to the OAuth
provider.
This commit always creates the `oauth_state` cookie with SameSite=Lax
to compensate for this.
2019-08-01 15:47:04 +02:00
gotjosh
2f240a11ce SAML: Only show SAML login button on Enterprise version (#18270)
SAML Authentication is an Enterprise only feature. This change enables
the SAML login button to only be shown on enterprise.
2019-07-26 11:05:02 +02:00
Andrej Ocenas
7f1214ac46
Permissions: Show plugins in nav for non admin users but hide plugin configuration (#18234)
Allow non admins to see plugins list but only with readme. Any config tabs are hidden from the plugin page. Also plugin panel does not show action buttons (like Enable) for non admins.
2019-07-25 16:54:26 +02:00
Oleg Gaidarenko
d16fd58bdb
Auth: do not expose disabled user disabled status (#18229)
Fixes #17947
2019-07-23 13:12:55 +03:00
Alexander Zobnin
ccf11fb7a2
SAML: add auth provider label (#18197) 2019-07-19 17:13:29 +03:00
Oleg Gaidarenko
75fa1f0207 Metrics: use consistent naming for exported variables (#18134)
* Metrics: remove unused metrics

Metric `M_Grafana_Version` is not used anywhere, nor the mentioned
`M_Grafana_Build_Version`. Seems to be an artefact?

* Metrics: make the naming consistent

* Metrics: add comments to exported vars

* Metrics: use proper naming

Fixes #18110
2019-07-16 16:58:46 +02:00
Oleg Gaidarenko
09eb9a45ce
Metrics: add LDAP active sync summary metric (#18079) 2019-07-15 08:33:48 +03:00
Anthony Templeton
3680b95b44 Auth: Duplicate API Key Name Handle With Useful HTTP Code (#17905)
* API: Duplicate API Key Name Handle With Useful HTTP Code

* 17447: make changes requested during review

- use dialect.IsUniqueContraintViolation
- change if statement to match others
- return error properly

* Revert "17447: make changes requested during review"

This reverts commit a4a674ea83.

* API: useful http code on duplicate api key error w/ tests

* API: API Key Duplicate Handling

fixed small typo associated with error
2019-07-11 11:20:34 +03:00
Sofia Papagiannaki
f2ad3242be
API: Minor fix for nil pointer when trying to log error during creating new dashboard via the API (#18003)
* Minor fix for nil pointer when trying to log error

* Do not return error if a dashboard is created

Only log the failures

* Do not return error if the folder is created

Only log the failures
2019-07-11 09:45:29 +03:00
Alexander Zobnin
5f0a7f43c3
Users: show badges for each auth provider (#17869)
* Users: show badges for each auth provider

* Chore: don't use functions in angular bindings

* Users: minor style changes to labels

* Chore: convert auth labels on the backed side, deduplicate frontend code

* Users: use authLabels everywhere instead of authModule

* User: fix edit user page style

* Users: minor fixes after review
2019-07-10 12:06:51 +03:00
Sofia Papagiannaki
78ca55f3d7
Fix: Break redirect loop if oauth_auto_login = true and OAuth login fails (#17974)
* Add tests for login view

* Fix OAuth auto login redirect loop

login_error cookie is only set when the OAuth login fails
for some reason. Therefore, the login view should return
immediately if a login_error cookie exists before trying
to login the user using OAuth again.

* Fix test

Use 'index-template' instead of 'index' for testing

* Add some comments
2019-07-09 09:37:24 +03:00
Marcus Efraimsson
962d4daabd
Api: Fix auth tokens returning wrong seenAt value (#17980)
Changes so a non-set seenAt property gets the createdAt value.

Fixes #17953
2019-07-08 14:30:02 +02:00
Leonard Gram
b67905a963
Auth: saml enabled check. (#17960) 2019-07-05 16:39:52 +02:00
Leonard Gram
e574147b1e Auth: SAML login button. (#17932)
* Auth: SAML login button.

* Fixed ts issue
2019-07-05 15:24:52 +02:00
Alexander Zobnin
48d5a1bcd3 OAuth: deny login for disabled users (#17957) 2019-07-05 11:35:04 +02:00
Alexander Zobnin
3d848d0fdf
Teams: show proper label for each auth provider (#17860)
* Teams: show proper label for each auth provider

Teams: don't sore AuthModule in team_member table, use JOIN to get it instead

* Teams: fix AddTeamMember after last changes

* Teams: add more auth provider labels

* Teams: show external sync badge if LDAP is not enabled

* Teams: tests for getting auth module
2019-07-03 16:52:10 +03:00
Anthony Templeton
0d2be0a7ed Logging: Login and Logout logging actions (#17760) (#17883) 2019-07-03 15:16:00 +02:00
Oleg Gaidarenko
caa1314f44
Build: use golangci-lint as a make command (#17739)
* Build: use golangci-lint as a make command

* Since gometalinter was deprecated in favor of golangci-lint so it was
  replaced by it. Responsibilities held by the gometalinter was moved to
  golangci-lint

* There was some changes in implementation (that was also mentioned in
  the code comment) between the tools, which uncovered couple errors
  in the code. Those issues were either solved or disabled by
  the inline comments

* Introduce the golangci-lint config, to make their
  configuration more manageable

* Build: replace backend-lint.sh script with make
2019-07-02 16:06:59 +03:00
Alexander Zobnin
c2affdee1e
OAuth: return github teams as a part of user info (enable team sync) (#17797)
* OAuth: github team sync POC

* OAuth: minor refactor of github module

* OAuth: able to use team shorthands for github team sync

* support passing a list of groups via auth-proxy header
2019-07-01 12:30:17 +03:00
Sofia Papagiannaki
dc9ec7dc91
Auth: Allow expiration of API keys (#17678)
* Modify backend to allow expiration of API Keys

* Add middleware test for expired api keys

* Modify frontend to enable expiration of API Keys

* Fix frontend tests

* Fix migration and add index for `expires` field

* Add api key tests for database access

* Substitude time.Now() by a mock for test usage

* Front-end modifications

* Change input label to `Time to live`
* Change input behavior to comply with the other similar
* Add tooltip

* Modify AddApiKey api call response

Expiration should be *time.Time instead of string

* Present expiration date in the selected timezone

* Use kbn for transforming intervals to seconds

* Use `assert` library for tests

* Frontend fixes

Add checks for empty/undefined/null values

* Change expires column from datetime to integer

* Restrict api key duration input

It should be interval not number

* AddApiKey must complain if SecondsToLive is negative

* Declare ErrInvalidApiKeyExpiration

* Move configuration to auth section

* Update docs

* Eliminate alias for models in modified files

* Omit expiration from api response if empty

* Eliminate Goconvey from test file

* Fix test

Do not sleep, use mocked timeNow() instead

* Remove index for expires from api_key table

The index should be anyway on both org_id and expires fields.
However this commit eliminates completely the index for now
since not many rows are expected to be in this table.

* Use getTimeZone function

* Minor change in api key listing

The frontend should display a message instead of empty string
if the key does not expire.
2019-06-26 09:47:03 +03:00
Alexander Zobnin
dad894f1cc
API: get list of users with additional auth info (#17305)
* batch disable users

* batch revoke users tokens

* split batch disable user and revoke token

* API: get users with auth info and isExternal flag

* fix tests for batch disable users

* Users: refactor /api/users/search endpoint

* Users: use alias for "user" table

* Chore: add BatchDisableUsers() to the bus

* Users: order user list by id explicitly

* Users: return AuthModule from /api/users/:id endpoint

* Users: do not return unused fields

* Users: fix SearchUsers method after last changes

* User: return auth module as array for future purposes

* User: tests for SearchUsers()

* User: return only latest auth module in SearchUsers()

* User: fix JOIN, get only most recent auth module
2019-06-25 18:29:07 +03:00
Marcus Efraimsson
5713048f48
Alerting: Improve alert rule testing (#16286)
* tsdb: add support for setting debug flag of tsdb query

* alerting: adds debug flag in eval context

Debug flag is set when testing an alert rule and this debug
flag is used to return more debug information in test aler rule
response. This debug flag is also provided to tsdb queries so
datasources can optionally add support for returning additional
debug data

* alerting: improve test alert rule ui

Adds buttons for expand/collapse json and copy json to clipboard,
very similar to how the query inspector works.

* elasticsearch: implement support for tsdb query debug flag

* elasticsearch: embedding client response in struct

* alerting: return proper query model when testing rule
2019-06-25 08:52:17 +02:00
Marcus Efraimsson
eecd8d1064 Elasticsearch: Visualize logs in Explore (#17605)
* explore: try to use existing mode when switching datasource

* elasticsearch: initial explore logs support

* Elasticsearch: Adds ElasticsearchOptions type
Updates tests accordingly

* Elasticsearch: Adds typing to query method

* Elasticsearch: Makes maxConcurrentShardRequests optional

* Explore: Allows empty query for elasticsearch datasource

* Elasticsearch: Unifies ElasticsearchQuery interface definition
Removes check for context === 'explore'

* Elasticsearch: Removes context property from ElasticsearchQuery interface
Adds field property
Removes metricAggs property
Adds typing to metrics property

* Elasticsearch: Runs default 'empty' query when 'clear all' button is pressed

* Elasticsearch: Removes index property from ElasticsearchOptions interface

* Elasticsearch: Removes commented code from ElasticsearchQueryField.tsx

* Elasticsearch: Adds comment warning usage of for...in to elastic_response.ts

* Elasticsearch: adds tests related to log queries
2019-06-24 21:15:03 +01:00
Oleg Gaidarenko
1b1d951495 LDAP: refactoring (#17479)
* LDAP: use only one struct

* Use only models.ExternalUserInfo

* Add additional helper method :/

* Move all the helpers to one module

* LDAP: refactoring

* Rename some of the public methods and change their behaviour

* Remove outdated methods

* Simplify logic

* More tests
  There is no and never were tests for settings.go, added tests for helper
  methods (cover is now about 100% for them). Added tests for the main
  LDAP logic, but there is some stuff to add. Dial() is not tested and not
  decoupled. It might be a challenge to do it properly

* Restructure tests:
   * they wouldn't depend on external modules
   * more consistent naming
   * logical division

* More guards for erroneous paths

* Login: make login service an explicit dependency

* LDAP: remove no longer needed test helper fns

* LDAP: remove useless import

* LDAP: Use new interface in multildap module

* LDAP: corrections for the groups of multiple users

* In case there is several users their groups weren't detected correctly

* Simplify helpers module
2019-06-13 16:47:51 +02:00
Carl Bergquist
6809d2bb29
codestyle: moves cache to infra (#17519) 2019-06-13 10:55:38 +02:00
Maxim Ivanov
151fe240fc OAuth: Fix for wrong user token updated on OAuth refresh in DS proxy (#17541) 2019-06-12 13:47:38 +02:00
Mario Trangoni
ab4e1526b3 Codestyle: Fix some goconst issues (#17530)
Signed-off-by: Mario Trangoni <mjtrangoni@gmail.com>
2019-06-12 07:27:47 +02:00
Shavonn Brown
a20309d7d2
Feature: Parse user agent string in user auth token api response (#16… (#17504)
* Feature: Parse user agent string in user auth token api response (#16222)

* Adding UA Parser Go modules attempt (#16222)

* Bring user agent vals up per req

* fix tests

* doc update

* update to flatten, no maps

* update doc
2019-06-11 14:12:52 +02:00
Mario Trangoni
87760d4fde Codestyle: Fix govet issues (#17178)
ref #10381

Signed-off-by: Mario Trangoni <mjtrangoni@gmail.com>
2019-06-04 22:00:05 +02:00
Carl Bergquist
d8736a2547
Alerting: golint fixes for alerting (#17246) 2019-06-03 10:25:58 +02:00
Abhilash Gnan
04d473b3e5 HTTP Server: Serve Grafana with a custom URL path prefix (#17048)
Adds a new [server] setting `serve_from_sub_path`. By enabling 
this setting and using a subpath in `root_url` setting, e.g.
`root_url = http://localhost:3000/grafana`, Grafana will be accessible 
on `http://localhost:3000/grafana`. By default it is set to `false` 
for compatibility reasons.

Closes #16623
2019-05-27 17:47:29 +02:00
Alexander Zobnin
a3a7916597
Auth: Logout disabled user (#17166)
* Feature: revoke user token when disabled

* Chore: fix linter error
2019-05-23 15:54:47 +03:00
Oleg Gaidarenko
9b7f9dd9be
LDAP: consistently name the LDAP entities (#17203) 2019-05-22 15:30:03 +03:00
CodeLingo Bot
3ff3e0f2ac Defer closing of files (#17213)
Signed-off-by: CodeLingo Bot <bot@codelingo.io>
2019-05-22 08:48:47 +02:00
Alexander Zobnin
2d03815770
Users: Disable users removed from LDAP (#16820)
* Users: add is_disabled column

* Users: disable users removed from LDAP

* Auth: return ErrInvalidCredentials for failed LDAP auth

* User: return isDisabled flag in user search api

* User: mark disabled users at the server admin page

* Chore: refactor according to review

* Auth: prevent disabled user from login

* Auth: re-enable user when it found in ldap

* User: add api endpoint for disabling user

* User: use separate endpoints to disable/enable user

* User: disallow disabling external users

* User: able do disable users from admin UI

* Chore: refactor based on review

* Chore: use more clear error check when disabling user

* Fix login tests

* Tests for disabling user during the LDAP login

* Tests for disable user API

* Tests for login with disabled user

* Remove disable user UI stub

* Sync with latest LDAP refactoring
2019-05-21 14:52:49 +03:00
Marcus Efraimsson
c82df97bb2
testdata: scenarios returned are now sorted in a consistent way (#17181)
This makes sure the scenarios returned from API are sorted in a consistent
way and by that makes the values in scenario drop down always presented
ordered instead of jumping around.
2019-05-21 09:20:57 +02:00
zhulongcheng
2fff8f77dc move log package to /infra (#17023)
ref #14679

Signed-off-by: zhulongcheng <zhulongcheng.me@gmail.com>
2019-05-13 08:45:54 +02:00
Ryan McKinley
1d7bb2a763 DataSourceApi: convert interface to abstract class (#16979)
* DataSourceApi as class

* add diff signature

* Prometheus: moved directUrl to jsonData
2019-05-10 11:37:43 +02:00
Ryan McKinley
56702902a1 Plugins: Remove dataFormats key and add skipDataQuery (#16984) 2019-05-10 07:46:14 +02:00
zhulongcheng
7ebbeb09cb Snapshot: use given key and deleteKey (#16876)
Signed-off-by: zhulongcheng <zhulongcheng.me@gmail.com>
2019-05-09 11:53:04 +02:00
Torkel Ödegaard
e1d408a66f
AddDataSource: Updated page design & categories (#16971)
* minor refactoring

* Added category

* Minor progress

* Progres

* Updated descriptions

* Added custom sort

* NewDataSource: progress

* Updated design

* NewDataSource: Updated design

* Updated link

* Feedback changes
2019-05-09 11:45:39 +02:00
Carl Bergquist
a86b8c8a04
http: remove dualstack since its deprecated (#16940)
Deprecated: Fast Fallback is enabled by default. To
disable, set FallbackDelay to a negative value.

https://golang.org/src/net/dial.go
2019-05-08 10:37:48 +02:00
Ryan McKinley
17ce1273ca AppPlugin: Menu Edit Url Fix (#16934) 2019-05-08 09:38:40 +02:00
Brian Gann
b07d0b1026 Plugins: Support templated urls in routes (#16599)
This adds support for using templated/dynamic urls in routes.
* refactor interpolateString into utils and add interpolation support for app plugin routes.
* cleanup and add error check for url parse failure
* add docs for interpolated route urls

Closes #16835
2019-05-07 18:55:39 +02:00
Marcus Efraimsson
f778c1d971
Security: Responses from backend should not be cached (#16848)
Currently all API requests set Cache-control: no-cache to avoid browsers 
caching sensitive data. This fixes so that all responses returned from 
backend not are cached using http headers. The exception is the data proxy 
where we don't add these http headers in case datasource backend needs 
to control whether data can be cached or not.

Fixes #16845
2019-05-06 09:22:59 +02:00
Samuel
846b9327a5 LDAP: Added reload endpoint for LDAP config (#15470)
* 4843 - Added reload endpoint for LDAP config

closes #4843

* Refactor to make the reload work after master drifted
2019-05-03 14:53:07 +02:00
Ryan McKinley
013f1b8d19
App Plugins: support react pages and tabs (#16586) 2019-05-02 10:15:39 -07:00
Marcus Efraimsson
e210725d3d
DataProxy: Restore Set-Cookie header after proxy request (#16838)
If Grafana rotates the user's auth token during a request to the data 
source proxy it will set the Set-Cookie header with new auth token in 
response before proxying the request to the datasource.
Before this fix the Set-Cookie response header was cleared after the 
proxied request was finished to make sure that proxied datasources 
cannot affect cookies in users browsers. This had the consequence 
of accidentally also clearing the new auth token set in Set-Cookie 
header.
With this fix the original Set-Cookie value in response header is now 
restored after the proxied datasource request is finished. The existing
logic of clearing Set-Cookie response header from proxied request 
have been left intact.

Fixes #16757
2019-05-01 16:32:03 +02:00
Carl Bergquist
9660356638
Auth: Enable retries and transaction for some db calls for auth tokens (#16785)
the WithSession wrapper handles retries and connection
management so the caller dont have to worry about it.
2019-04-30 14:42:01 +02:00
Andrej Ocenas
eb82a75668
Provisioning: Show file path of provisioning file in save/delete dialogs (#16706)
* Add file path to metadata and show it in dialogs

* Make path relative to config directory

* Fix tests

* Add test for the relative path

* Refactor to use path relative to provisioner path

* Change return types

* Rename attribute

* Small fixes from review
2019-04-30 13:32:18 +02:00
Andrej Ocenas
42b745a098
Provisioning: Add API endpoint to reload provisioning configs (#16579)
* Add api to reaload provisioning

* Refactor and simplify the polling code

* Add test for the provisioning service

* Fix provider initialization and move some code to file reader

* Simplify the code and move initialization

* Remove unused code

* Update comment

* Add comment

* Change error messages

* Add DashboardProvisionerFactory type

* Update imports

* Use new assert lib

* Use mutext for synchronizing the reloading

* Fix typo

Co-Authored-By: aocenas <mr.ocenas@gmail.com>

* Add docs about the new api
2019-04-25 09:06:44 +02:00
Marcus Efraimsson
7dadebb3f0
playlist: fix loading dashboards by tag (#16727)
Fixes #16704
2019-04-24 10:10:16 +02:00
Torkel Ödegaard
8b0dd4244b
Search: Fixes search limits and adds a page parameter (#16458)
* Search: Fixes search limits and adds a page parameter

This adds a page parameter to search api without adding
any major breaking change.

It does at an api validation error when trying to use
a limit beyond 5000. This is a breaking change. We could
remove this and have it only in the docs and describe that this
is a limit that grafana will apply silently.

Fixes #16049

* Fix: Corrected wrong array slice change

* Docs: minor docs fix

* Search: fixed folder tests

* Fixed: Moved limit to correct inner query

* Search: moving limit check and page check

* Search: limit in handler is no longer needed
2019-04-17 13:07:50 +02:00
Carl Bergquist
490515aec6
build: partially replace gometalinter with golangci-lint (#16610)
we still use gometalinter for goconst since it doesn't 
report errors for duplicated in test files
2019-04-16 10:27:07 +02:00
Andrej Ocenas
66f6e16916
Security: Store datasource passwords encrypted in secureJsonData (#16175)
* Store passwords in secureJsonData

* Revert unnecessary refactors

* Fix for nil jsonSecureData value

* Remove copied encryption code from migration

* Fix wrong field reference

* Remove migration and provisioning changes

* Use password getters in datasource proxy

* Refactor password handling in datasource configs

* Add provisioning warnings

* Update documentation

* Remove migration command, moved to separate PR

* Remove unused code

* Set the upgrade version

* Remove unused code

* Remove double reference
2019-04-15 11:11:17 +02:00
Carl Bergquist
9134251417
build: upgrades to golang 1.12.4 (#16545)
fix govet issue in golang 1.12.4
2019-04-15 09:18:28 +02:00
Ryan McKinley
3c21a121eb Plugins: Unifying alpha state & options for all plugins (#16530)
* app pages

* app pages

* workign example

* started alpha support

* remove app stuff

* show warning on alpha/beta panels

* put app back on plugin file

* fix go

* add enum for PluginType and PluginIncludeType

* Refactoring and moving settings to plugins section

fixes #16529
2019-04-12 13:46:42 +02:00
Carl Bergquist
30dcf0f6c5
Revert "Build: Upgrades to go 1.12.3 (#16491)" (#16544)
This reverts commit 44b365028f.
2019-04-12 11:17:31 +02:00
Carl Bergquist
44b365028f
Build: Upgrades to go 1.12.3 (#16491)
fixes go vet issue that 1.12.3 detects
2019-04-12 09:44:02 +02:00
Ryan McKinley
d6887bf77f Plugins: Optionally preload some plugins during frontend app boot (#15266)
* auto load

* update comments

* gofmt

* use preload from json

* fix formatting

* change general plugin loader to app

* Refactoring: Plugin preloading #15266
2019-04-11 08:02:22 +02:00
Andrej Ocenas
2d7fc55df7
Provisioning: Do not allow deletion of provisioned dashboards (#16211)
* Unprovision dashboard in case of DisableDeletion = true

* Rename command struct

* Handle removed provision files

* Allow html in confirm-modal

* Do not show confirm button without onConfirm

* Show dialog on deleting provisioned dashboard

* Changed DeleteDashboard to DeleteProvisionedDashboard

* Remove unreachable return

* Add provisioned checks to API

* Remove filter func

* Fix and add tests for deleting dashboards

* Change delete confirm text

* Added and used pkg/errors for error wrapping
2019-04-10 13:29:10 +02:00
Oleg Gaidarenko
67cbc7d4cf
Chore: use remote cache instead of session storage (#16114)
Replaces session storage in auth_proxy middleware with remote cache

Fixes #15161
2019-04-08 14:31:46 +03:00
Marcus Efraimsson
5da1faf454
Alerting: Notification channel http api fixes (#16379)
Fixes so it's possible to create new notification channel and providing uid.
Fixes better error/result handling when updating a notifcation channel.

Fixes #16372
Ref #16219 #16012
2019-04-04 17:52:40 +02:00