* WIP
* Set public_suffix to a pre Ruby 2.6 version
* we don't need to install python
* Stretch->Buster
* Bump versions in lib.star
* Manually update linter
Sort of messy, but the .mod-file need to contain all dependencies that
use 1.16+ features, otherwise they're assumed to be compiled with
-lang=go1.16 and cannot access generics et al.
Bingo doesn't seem to understand that, but it's possible to manually
update things to get Bingo happy.
* undo reformatting
* Various lint improvements
* More from the linter
* goimports -w ./pkg/
* Disable gocritic
* Add/modify linter exceptions
* lint + flatten nested list
Go 1.19 doesn't support nested lists, and there wasn't an obvious workaround.
https://go.dev/doc/comment#lists
* Add disabled column to Org's Users table
* fix typo
* Change column order
* Add test for testing whether GetOrgUsers populates the DTO correctly
* Remove type assertion
* Move SignedInUser to user service and RoleType and Roles to org
* Use go naming convention for roles
* Fix some imports and leftovers
* Fix ldap debug test
* Fix lint
* Fix lint 2
* Fix lint 3
* Fix type and not needed conversion
* Clean up messages in api tests
* Clean up api tests 2
* Only SLO user if the user is using SAML
* only one source of truth for auth module info
* ensure SAML is also enabled and not only SLO
* move auth module naming to auth module login package
* use constants in other previously unused spots
* Previews: datasource permissions
* lint
* simplify - force non-null `ds_uids`
* add `canBeDisabled` to search service
* add `IncludeThumbnailsWithEmptyDsUids`
* remove force refresh migration
* refactor main preview service
* add safeguard
* revert ticker interval
* update testdata
* fix test
* add mock search service
* add datasources lookup test
* update migration
* extract ds lookup to its own package to avoid cyclic imports
* lint
* fix dashbaord extract, use the real datasource lookup in tests. IS IT BULLETPROOF YET?!
* fix dashbaord extract, use the real datasource lookup in tests. IS IT BULLETPROOF YET?!
* remove stale log
* consistent casing
* pass context to `createServiceAccount`
* filter out the special grafana ds
* Fix get legacy alert response
* Swagger: Fix get folder by UID response
* Fix conflicting swagger model Alert
Reanme legacy alerting swagger model to LegacyAlert to differentiate it
from the prometheus Alert
* Bump grafana-plugin-sdk-go
* Fix get folder response
* Use go-swagger command for merging the specifications and remove merge_specs script
* Move user not found err to user service
* User ErrCaseInsensitive from user pkg
* User ErrUserAlreadyExists from user pkg
* User ErrLastGrafanaAdmin from user pkg
* Remove errors from model
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
Fix: Prefer pointer to struct in lookup
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
Fix: user email for ldap
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
Fix: Use only login for lookup in LDAP
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
Fix: use user email for ldap
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
fix remaining test
fix nit picks
Fixes public dashboards bug. When panel targets have no datasource, the datasource on the panel can be a json object or a string and will get added to the targets for pubdash.
* Org: use constants for status codes
* ServiceAccounts: Avoid creating new orgs for service accounts
* Document createUserBehavior
* Update pkg/services/sqlstore/org_users_test.go
* add doc string to flag
This PR moves public dashboards into its own self contained service including API, Service, Database, and Models. Routes are mounted on the Grafana HTTPServer by the API service at injection time with wire.go. The main route that loads the frontend for public dashboards is still handled by the API package.
Co-authored-by: Jesse Weaver <jesse.weaver@grafana.com>
Co-authored-by: Owen Smallwood <owen.smallwood@grafana.com>
* passes id and uid to PublicDashboardDatasource
* betterer results
* If for a public dashboard, return the PublicDashboardDataSource first or else getDatasourceSrv.get() will fail bc of no authed user.
Added some unit tests for resolving the uid from the many possible datasource types.
* updates betterer
* Exports DashboardService. Adds method to DashboardService to build anonymous user for use with public dashboards where there is no authed user. Adds method on dashboard_queries to get all dashboard uids from a dashboard.
* refactors to get unique datasource uids
* Adds tests for getting all unique datasource uids off a dashboard
* adds test for building anonymous user with read and query actions that are scoped to each datasource uid in the dashboard
* updates casing of DashboardService
* updates test case to have additional panel with a different datasource
* gives default interval to public dashboard data source
* chore/backend: move dashboard errors to dashboard service
Dashboard-related models are slowly moving out of the models package and into dashboard services. This commit moves dashboard-related errors; the rest will come in later commits.
There are no logical code changes, this is only a structural (package) move.
* lint lint lint
* Split Create User
* Use new create user and User from package user
* Add service to wire
* Making create user work
* Replace user from user pkg
* One more
* Move Insert to orguser Service/Store
* Remove unnecessary conversion
* Cleaunp
* Fix Get User and add fakes
* Fixing get org id for user logic, adding fakes and other adjustments
* Add some tests for ourguser service and store
* Fix insert org logic
* Add comment about deprecation
* Fix after merge with main
* Move orguser service/store to org service/store
* Remove orguser from wire
* Unimplement new Create user and use User from pkg user
* Fix wire generation
* Fix lint
* Fix lint - use only User and CrateUserCommand from user pkg
* Remove User and CreateUserCommand from models
* Fix lint 2
* add case insensitive option
* treat id as case insensitive
* Users: Add integration tests for case insensitive querying
* Prefer config struct to global variable
* change key to case_insensitive_login
* impede conflicting users from logging in
* add tests for impeding user retrieval if conflicting
* nits and picks
Co-authored-by: gamab <gabi.mabs@gmail.com>
* Add check in transaction for conflicting user
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* add update tests
* skip on mysql
* add custom messages for user admin view
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* nit: extra else
* linting mistake
Co-authored-by: gamab <gabi.mabs@gmail.com>
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
This PR completes public dashboards v1 functionality and simplifies public dashboard conventions. It exists as a large PR so that we are not making constant changes to the database schema.
models.PublicDashboardConfig model replaced with models.PublicDashboard directly
dashboard_public_config table renamed to dashboard_public
models.Dashboard.IsPublic removed from the dashboard and replaced with models.PublicDashboard.isEnabled
Routing now uses a uuid v4 as an access token for viewing a public dashboard anonymously, PublicDashboard.Uid only used as database identifier
Frontend utilizes uuid for auth'd operations and access token for anonymous access
Default to time range defined on dashboard when viewing public dashboard
Add audit fields to public dashboard
Co-authored-by: Owen Smallwood <owen.smallwood@grafana.com>, Ezequiel Victorero <ezequiel.victorero@grafana.com>, Jesse Weaver <jesse.weaver@grafana.com>
* backend/dashboard snapshots: refactor leftover models and mocks
* Move all dashboard snapshot-related models into the dashboardsnapshotservice package
* Remove leftover dashboard-related mocks from the mockstore
* Add protobuf config and generated code, and client wrapper
* wire up loading of secretsmanager plugin, using renderer plugin as a model
* update kvstore provider to check if we should use the grpc plugin. return false always in OSS
* add OSS remote plugin check
* refactor wire gen file
* log which secrets manager is being used
* Fix argument types for remote checker
* Turns out if err != nil, then the result is always nil. Return empty values if there is an error.
* remove duplicate import
* ensure atomicity by adding secret management as a step to sql operations and rolling back if necessary
* Update pkg/services/secrets/kvstore/kvstore.go
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* Update pkg/services/secrets/kvstore/kvstore.go
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* refactor RemotePluginCheck interface to just return the Plugin client directly
* rename struct to something less silly
* add special error handling for remote secrets management
* switch to errors.as instead of type inference
* remove unnecessary rollback call
* just declare error once
* refactor .proto file according to prior PR suggestions
* re-generate protobuf files and fix compilation errors
* only wrap (ergo display in the front end) errors that are user friendly from the plugin
* rename error type to suggest user friendly only
* rename plugin functions to be more descriptive
* change delete message name
* Revert "change delete message name"
This reverts commit 8ca978301e.
* Revert "rename plugin functions to be more descriptive"
This reverts commit 4355c9b9ff.
* fix pointer to pointer problem
* change plugin user error to just hold a string
* fix sequencing problem with datasource updates
* clean up some return statements
* need to wrap multiple transactions with the InTransaction() func in order to keep the lock
* make linter happy
* revert input var name
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* backend/api: refactor PlaylistId to PlaylistUid
* Add org_id to Get and Update playlist functions
Fix migration - no longer pad the uid; fix mysql syntax
The relevant tests are passing using postgres, mysql and the default sqllite backends, but there are a number of other failing tests when using postgres and myself so I'm not entirely confident with those results.
* fix bad query in GetPlaylistItem and add a test that would have caught the mistake in the first place. Reverted the playlist_uid column addition in playlist_item; it became unnecessary after this PR.
Added default value to the new UID column based on PR feedback.
* break this PRs migration into its own function
* Playlists: Update UI to use the updated API
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
This PR adds endpoints for public dashboards to retrieve data from the backend (trusted) query engine. It works by executing queries defined on the backend without any user input and does not support template variables.
* Public dashboard query API
* Create new API on service for building metric request
* Flesh out testing, implement BuildPublicDashboardMetricRequest
* Test for errors and missing panels
* Refactor tests, add supporting code for multiple datasources
* Handle queries from multiple datasources
* Explicitly pass no user for querying public dashboard
Co-authored-by: Jeff Levin <jeff@levinology.com>
* Remove dashbpard version from models
* Fix lint
* Fix api & sqlstore tests
* Remove integration tags
* Fix lint again
* Add integration test to correct namespace
* Lont fix 2
* Change Id to ID in dashVersionMeta
This PR adds endpoints for saving and retrieving a public dashboard configuration and and api endpoint to retrieve the public dashboard.
All of this is highly experimental and APIs will change. Notably, we will be removing isPublic from the dashboard model and moving it over to the public dashboard table in the next release.
Further context can be found here: https://github.com/grafana/grafana/pull/49131#issuecomment-1145456952
* add isPublic to dashboard
* refactor routes to use route group and add placeholder method for sharing apii
* add sharing pane and utils for public dashboard config to sharing modal
* Sharing modal now persists data through the api
* moves ShareDashboard endpoint to new file and starts adding tests
* generates mocks. Adds tests for public dashboard feature flag
* Adds ability to pass in array of features to enable for the test
* test to update public flag on dashboard WIP
* Adds mock for SaveDashboardSharingConfig
* Fixes tests. Had to use FakeDashboardService
* Adds React tests for public dashboards toggle
* removes semicolons
* refactors SharePublic component to use hooks
* rename from `share publicly` to `public dashboard config`
* checkpoint. debugging tests. need to verify name changes
* checkpoint. test bugs fixed. need to finish returning proper response codes
* finish renaming. fix test
* Update pkg/api/api.go
Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
* update backend url
* rename internal objects and commands. fix configuration modal labels
* add endpoint for retrieving public dashboard configuration and populate the frontend state from it
* add test for dashboardCanBePublic
* adds backend routes
* copy DashboardPage component into component for public dashboards. WIP
* adds react routes, and doesnt render main nav bar when viewing a public route
* removes extra react route from testing
* updates component name
* Wrap the original dashboard component so we can pass props relevant to public dashboards, turn kiosk mode on/off, etc
* Wraps DashboardPage in PublicDashboardPage component. DashboardPage gets rendered in kiosk mode when public prop is passed.
* removes commented out code from exploratory work
* Makes public dashboard routes require no auth
* extracts helper to own util file to check if were viewing a public page
* Hides panel dropdown when its being viewed publicly
* formatting
* use function from utils file for determining if publicly viewed. If public, hides app notifications, searchwrapper, and commandpalette.
* adds unit tests for util function used to see if page is being viewed publicly
* cant added annotations to panel when being publicly viewed
* removes useless comment
* hides backend and frontend pubdash routes behind feature flag
* consider feature flag when checking url path to see if on public dashboard
* renames function
* still render app notifications when in public view
* Extract pubdash route logic into own file
* fixes failing tests
* Determines path using location locationUtils. This covers the case when grafana is being hosted on a subpath. Updates tests.
* renames pubdash web route to be more understandable
* rename route
* fixes failing test
* fixes failing test. Needed to update pubdash urls
* sets flag on grafana boot config for if viewing public dashboard. Removes hacky check that looks at the url
* fixes failing tests. Uses config to determine if viewing public dashboard
* renders the blue panel timeInfo on public dashboard panel
* Extracts conditional logic for rendering components out into their own functions
* removes publicDashboardView check, and uses dashboard meta instead
* the timeInfo is always displayed on the panel
* After fetch of public dashboard dto, the meta isPublic flag gets set and used to determine if viewing public dashboard for child components. Fixes tests for PanelHeader.
* Fixes failing test. Needed to add isPublic flag to dashboard meta.
Co-authored-by: Jeff Levin <jeff@levinology.com>
Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
* update action names
* correctly retrieve teams for signed in user
* remove test
* undo swagger changes
* undo swagger changes pt2
* add migration from old action names to the new ones
* rename from list to read
* linting
* also update alertign actions
* fix migration
* backend/sqlstore split: remove unused GetDashboardPermissionsForUser from sqlstore
* remove debugging line
* backend/sqlstore: move dashboard permission related functions to dashboard service
* Add database migrations
* Use short uids as data key ids
* Add support for manual data key rotation
* Fix duplicated mutex unlocks
* Fix migration
* Manage current data keys per name
* Adjust key re-encryption and test
* Modify rename column migration for MySQL compatibility
* Refactor secrets manager and data keys cache
* Multiple o11y adjustments
* Fix stats query
* Apply suggestions from code review
Co-authored-by: Tania <yalyna.ts@gmail.com>
* Fix linter
* Docs: Rotate data encryption keys API endpoint
Co-authored-by: Tania <yalyna.ts@gmail.com>
adds toggle to make a dashboard public
* config struct for public dashboard config
* api endpoints for public dashboard configuration
* ui for toggling public dashboard on and off
* load public dashboard config on share modal
Co-authored-by: Owen Smallwood <owen.smallwood@grafana.com>
Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
* Refactor: Add UID endpoint for dashboard versions and restore
* Fix: User dashID instead of dash.id
* 💩
* Move apiCmd error handling outside of dashUID check
* fix the panic in test
* Fix handler and update docs
Co-authored-by: Kat Yang <yangkb09@users.noreply.github.com>
* Docs: add deprecated warning to restore and version docs
* Fix hyperlink text
* Add swagger endpoints for restore and versions
* Add deprecated tag on swagger for both endpoints
* Fix: Update access control to be dashboards
* Return UID in response; Update docs to reflect this; Implement Ying suggestion
* Update docs/sources/http_api/dashboard_versions.md
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Update pkg/models/dashboard_version.go
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Update pkg/models/dashboard_version.go
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Update query to refer to DashboardUID
Co-authored-by: Ying WANG <ying.wang@grafana.com>
Co-authored-by: Sofia Papagiannaki <sofia@grafana.com>
Co-authored-by: Kat Yang <yangkb09@users.noreply.github.com>
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Refactor: Add UID endpoint for get dashboard version
* Add initial docs language
* Add new endpoint in swagger
* Change access control to dashboards
* Add parameters to swagger endpoint
* Return UID in response; Update docs to reflect this; Implement Ying suggestion
* Update docs/sources/http_api/dashboard_versions.md
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Update pkg/api/api.go
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Update pkg/models/dashboard_version.go
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Rename UID to DashboardUID for clarity; use dashUID in method
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Add SQL filter for global user search
* Remove scope requirements from endpoints
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
* Move ApiKeyDTO to dtos package
* Add access control filter to api keys
* pass user in GetApiKeysQuery
* Add api key metadata to DTO
* Remove scope all requirement from get api keys endpoint
* Handle api key access control metadata in frondend
* use common traceID context value for opentracing and opentelemetry
* support sampled trace IDs as well
* inject traceID into NormalResponse on errors
* Finally the test passed
* fix the test
* fix linter
* change the function parameter
Co-authored-by: Ying WANG <ying.wang@grafana.com>
* AccessControl: Remove package variables for roles and grants
Co-authored-by: Jguer <joao.guerreiro@grafana.com>
* Check for inheritance during role registration
Co-authored-by: Jguer <joao.guerreiro@grafana.com>
* Moving back role definition to accessscontrol
* Make settings reader role public
Co-authored-by: Jguer <joao.guerreiro@grafana.com>
* Nits
Co-authored-by: Jguer <joao.guerreiro@grafana.com>
* Forgot to update this
* Account for declaration error
* Fixing pkg/api init ossac
* Account for error in tests
* Update test to verify inheritance
* Nits.
* Place br inheritance behind a feature toggle
* Parent -> Parents
* Nit.
Co-authored-by: Jguer <joao.guerreiro@grafana.com>
* Clean up orgId when user organization is removed
* Add a test for removing user org
* Fix linting errors
* Update comment
* Fix linting errors
* Make removing user org more explicit
* use uid:s for folder and dashboard permissions
* evaluate folder and dashboard permissions based on uids
* add dashboard.uid to accept list
* Check for exact suffix
* Check parent folder on create
* update test
* drop dashboard:create actions with dashboard scope
* fix typo
* AccessControl: test id 0 scope conversion
* AccessControl: store only parent folder UID
* AccessControl: extract general as a constant
* FolderServices: Prevent creation of a folder uid'd general
* FolderServices: Test folder creation prevention
* Update pkg/services/guardian/accesscontrol_guardian.go
* FolderServices: fix mock call expect
* FolderServices: remove uneeded mocks
Co-authored-by: jguer <joao.guerreiro@grafana.com>
* Data sources: Sent user ID when creating data source
* Data sources: Grant a data source creator edit permissions
* Use edit permisison and only append if user id is in command
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
* First attempt at creating new navbar_preferences table in db
* Apply to every nav item instead of just home
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* Chore: introduce initTestDB options for features
* fix unit tests
* Add another unit test and some logic for detecting if a preference already exists
* tidy up
* Only override IsFeatureToggleEnabled if it's defined
* Extract setNavPreferences out into it's own function, initialise features correctly
* Make the linter happy
* Use new structure
* user essentials mob! 🔱
* user essentials mob! 🔱
* Split NavbarPreferences from Preferences
* user essentials mob! 🔱
* user essentials mob! 🔱
* Fix lint error
* Start adding tests
* Change internal db structure to be a generic json object
* GetJsonData -> GetPreferencesJsonData
* Stop using simplejson + add some more unit tests
* Update pkg/api/preferences.go
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* Updates following review comments
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* Change patch to upsert, add a unit test
* remove commented out code
* introduce patch user/org preferences methods
* Return Navbar preferences in the get call
* Fix integration test by instantiating JsonData
* Address review comments
* Rename HideFromNavbar -> Hide
* add swagger:model comment
* Add patch to the preferences documentation
* Add openapi annotations
* Add a short description
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* user essentials mob! 🔱
* Update unit tests
* remove unneeded url
* remove outdated comment
* Update integration tests
* update generated swagger
Co-authored-by: Alexandra Vargas <alexa1866@gmail.com>
Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* ServiceAccounts: remove unused endpoint
* ServiceAccounts: remove usage of getOrgUsers from service accounts
* use dialect for boolean str true in delete
* return service account results directly
* Move Service Account Deletions to sa package
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
Co-authored-by: gamab <gabi.mabs@gmail.com>
* Move service account methods to service accounts
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
Co-authored-by: gamab <gabi.mabs@gmail.com>
* Service accounts should not interfere with users
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* filter service accounts in user services
* mispell fix
* fix overextended lines
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* fix variable
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
Co-authored-by: gamab <gabi.mabs@gmail.com>
* adds an api endpoint for use with public dashboards that validates orgId, dashboard, and panel when running a query. This feature is in ALPHA and should not be enabled yet. Testing is based on new mock sqlstore.
Co-authored-by: Jesse Weaver <jesse.weaver@grafana.com>
Co-authored-by: Leandro Deveikis <leandro.deveikis@gmail.com>
* Add missing OK option to models
* add ok to legacy legacy UI does not support it but it is possible to do so via provisioning.
* use enums in migration so linter would catch missing cases
* ServiceAccounts: Fix token-apikey cross deletion
* ServiceAccounts: separate API key store and service account token store
* ServiceAccounts: hide service account tokens from API Keys page
* ServiceAccounts: uppercase statement
* ServiceAccounts: fix and add new tests for SAT store
* ServiceAccounts: remove service account ID from add API key
* ServiceAccounts: clear up errors
* ServiceAccounts: respect js casing and small fixes to displayed values
* ServiceAccounts: fix typos on service account
* ServiceAccounts: fix missing orgID in service account
* ServiceAccounts: Small fixes to dtos for profile
* ServiceAccounts: use result org id
* ServiceAccounts: return value is always nil
* Add providers to folder and dashboard services
* Refactor folder and dashboard services
* Move store implementation to its own file due wire cannot allow us to cast to SQLStore
* Add store in some places and more missing dependencies
* Bad merge fix
* Remove old functions from tests and few fixes
* Fix provisioning
* Remove store from http server and some test fixes
* Test fixes
* Fix dashboard and folder tests
* Fix library tests
* Fix provisioning tests
* Fix plugins manager tests
* Fix alert and org users tests
* Refactor service package and more test fixes
* Fix dashboard_test tets
* Fix api tests
* Some lint fixes
* Fix lint
* More lint :/
* Move dashboard integration tests to dashboards service and fix dependencies
* Lint + tests
* More integration tests fixes
* Lint
* Lint again
* Fix tests again and again anda again
* Update searchstore_test
* Fix goimports
* More go imports
* More imports fixes
* Fix lint
* Move UnprovisionDashboard function into dashboard service and remove bus
* Use search service instead of bus
* Fix test
* Fix go imports
* Use nil in tests
* AccessControl: Filter team members
* Modify GetTeamMembersByUser comment
* Fix postgres failing test due to quoting
* Rename GetTeamMembersByUser to GetUserTeamMemberships
* Update TeamStore interface
* * Teams: Appropriately apply user id filter in /api/teams/:id and /api/teams/search
* Teams: Ensure that users searching for teams are only able see teams they have access to
* Teams: Require teamGuardian admin privileges to list team members
* Teams: Prevent org viewers from administering teams
* Teams: Add org_id condition to team count query
* Teams: clarify permission requirements in teams api docs
* Teams: expand scenarios for team search tests
* Teams: mock teamGuardian in tests
Co-authored-by: Dan Cech <dcech@grafana.com>
* remove duplicate WHERE statement
* Fix for CVE-2022-21702
(cherry picked from commit 202d7c190082c094bc1dc13f7fe9464746c37f9e)
* Lint and test fixes
(cherry picked from commit 3e6b67d5504abf4a1d7b8d621f04d062c048e981)
* check content type properly
(cherry picked from commit 70b4458892bf2f776302720c10d24c9ff34edd98)
* basic csrf origin check
(cherry picked from commit 3adaa5ff39832364f6390881fb5b42ad47df92e1)
* compare origin to host
(cherry picked from commit 5443892699e8ed42836bb2b9a44744ff3e970f42)
* simplify url parsing
(cherry picked from commit b2ffbc9513fed75468628370a48b929d30af2b1d)
* check csrf for GET requests, only compare origin
(cherry picked from commit 8b81dc12d8f8a1f07852809c5b4d44f0f0b1d709)
* parse content type properly
(cherry picked from commit 16f76f4902e6f2188bea9606c68b551af186bdc0)
* mentioned get in the comment
(cherry picked from commit a7e61811ef8ae558ce721e2e3fed04ce7a5a5345)
* add content-type: application/json to test HTTP requests
* fix pluginproxy test
* Fix linter when comparing errors
Co-authored-by: Kevin Minehart <kmineh0151@gmail.com>
Co-authored-by: Dan Cech <dcech@grafana.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Co-authored-by: Serge Zaitsev <serge.zaitsev@grafana.com>
Co-authored-by: Vardan Torosyan <vardants@gmail.com>
* add SQL migrations
* dashboard previews from sql: poc
* added todos
* refactor: use the same enums where possible
* use useEffect, always return json
* added todo
* refactor + delete files after use
* refactor + fix manual thumbnail upload
* refactor: move all interactions with sqlStore to thumbnail repo
* refactor: remove file operations in thumb crawler/service
* refactor: fix dashboard_thumbs sql store
* refactor: extracted thumbnail fetching/updating to a hook
* refactor: store thumbnails in redux store
* refactor: store thumbnails in redux store
* refactor: private'd repo methods
* removed redux storage, saving images as blobs
* allow for configurable rendering timeouts
* added 1) query for dashboards with stale thumbnails, 2) command for marking thumbnails as stale
* use sql-based queue in crawler
* ui for marking thumbnails as stale
* replaced `stale` boolean prop with `state` enum
* introduce rendering session
* compilation errors
* fix crawler stop button
* rename thumbnail state frozen to locked
* #44449: fix merge conflicts
* #44449: remove thumb methods from `Store` interface
* #44449: clean filepath, defer file closing
* #44449: fix rendering.Theme cyclic import
* #44449: linting
* #44449: linting
* #44449: mutex'd crawlerStatus access
* #44449: added integration tests for `sqlstore.dashboard_thumbs`
* #44449: added comments to explain the `ThumbnailState` enum
* #44449: use os.ReadFile rather then os.Open
* #44449: always enable dashboardPreviews feature during integration tests
* #44449: remove sleep time, adjust number of threads
* #44449: review fix: add `orgId` to `DashboardThumbnailMeta`
* #44449: review fix: automatic parsing of thumbnailState
* #44449: lint fixes
* #44449: review fix: prefer `WithDbSession` over `WithTransactionalDbSession`
* #44449: review fix: add a comment explaining source of the filepath
* #44449: review fix: added filepath validation
* #44449: review fixes https://github.com/grafana/grafana/pull/45063/files @fzambia
Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
Co-authored-by: Alexander Emelin <frvzmb@gmail.com>
* API: Using go-swagger for extracting OpenAPI specification from source code
* Merge Grafana Alerting spec
* Include enterprise endpoints (if enabled)
* Serve SwaggerUI under feature flag
* Fix building dev docker images
* Configure swaggerUI
* Add missing json tags
Co-authored-by: Ying WANG <ying.wang@grafana.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* ServiceAccounts: move token handlers to specific file
* ServiceAccounts: move Add API key to Service account
* APIKeys: api keys can still be used even when service accounts are enabled
* APIKeys: legacy endpoint can't be used to add SA tokens
* ServiceAccount: add tests for creation with nil and non-nil service account ids
* ServiceAccounts: fix unnasigned cfg and AC typo
* Test: test service account token adding
* fix linting error
* ServiceAccounts: Handle Token deletion
* rename token funcs
* rename token funcs and api wrapping
* add token deletion tests
* review
Co-authored-by: eleijonmarck <eric.leijonmarck@gmail.com>
* remove bus
* Update pkg/api/apikey.go
Co-authored-by: eleijonmarck <eric.leijonmarck@gmail.com>
* AccessControl: Change teams permissions page when frontend is hit
* Implement frontend changes for group sync
* Changing the org/teams/edit permissions
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
* Fixing routes
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
* Use props straight away no need to go through the state
Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>
* Update public/app/features/teams/TeamPages.tsx
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>
* checks for empty URLs added
* check for TimeSeriesTypeNot to fix InfluxDB alerts
* log a warning when a data frame is ignored
* fix: add brittle Prometheus URL input selector
needs a proper aria-label or test-data-id selector
* test: add URL input aria-label
needs to use the grafana/e2e-selectors package
* test: run ci
* add URL validation for specific data sources, e2e tests
* Update pkg/api/datasource/validation.go
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* delete duplicated logs
* delete unnecessary leading newline
Co-authored-by: gillesdemey <gilles.de.mey@gmail.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* AccessControl: cover team permissions
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
* Add background service as a consumer to resource_services
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
* Define actions in roles.go
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
* Remove action from accesscontrol model
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
* As suggested by kalle
* move some changes from branch to the skeleton PR
* Add background service as a consumer to resource_services
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
* moving resourceservice to the main wire file pt2
* move team related actions so that they can be reused
* PR feedback
* fix
* typo
* Access Control: adding hooks for team member endpoints (#43991)
* AccessControl: cover team permissions
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
* Add background service as a consumer to resource_services
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
* Define actions in roles.go
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
* Remove action from accesscontrol model
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
* As suggested by kalle
* add access control to list and add team member endpoint, and hooks for adding team members
* member permission type is 0
* add ID scope for team permission checks
* add more team actions, use Member for member permission name
* protect team member update endpoint with FGAC permissions
* update SQL functions for teams and the corresponding tests
* also protect team member removal endpoint with FGAC permissions and add a hook to permission service
* a few small fixes, provide team permission service to test setup
* AccessControl: cover team permissions
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
* Add background service as a consumer to resource_services
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
* Define actions in roles.go
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
* Remove action from accesscontrol model
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
* As suggested by kalle
* move some changes from branch to the skeleton PR
* remove resource services from wireexts
* remove unneeded actions
* linting fix
* remove comments
* feedback fixes
* feedback
* simplifying
* remove team member within the same transaction
* fix a mistake with the error
* call the correct sql fction
* linting
* Access control: tests for team member endpoints (#44177)
* tests for team member endpoints
* clean up and fix the tests
* fixing tests take 2
* don't import enterprise test license
* don't import enterprise test license
* remove unused variable
Co-authored-by: gamab <gabi.mabs@gmail.com>
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
* Refactor: Change sqlstore.inTransaction to SQLStore.WithTransactionalDBSession in alert files
* Fix: Revert second SaveAlerts back to normal func
* Refactor: Update tests so functions are now SQLStore methods
* Fix: Refactor pauseAlert and pauseAllAlerts to be SQLStore methods
* Fix: Refactor SaveAlerts to be SQLStore method
* Refactor: Update SaveAlerts func signature to have correct arguments
* Refactor: Define sqlStore
* Chore: Delete commented out code
* Chore: Remove unused SaveAlertsCommand
* Serviceaccounts: feat - tabview for serviceaccounts
* WIP
* feat: listing all service accounts
* refactor: needed to remove showInvitees as not present in serviceaccounts
* add token column in the list
* add token to orgserviceaccount
* Update pkg/services/serviceaccounts/api/api.go
* AccessControl: Add user metadata to user detail view
* AccessControl: Do not present delete or disable buttons based on ac metadata in admin/users
* AccessControl: do not allow password changing or user editing without permission
* AccessControl: Fetch global:users scope for admin
* AccessControl: optimize org.user metadata fetch
* Chore: early return if ac metadata is not available
* AccessControl: Add access control metadata to OrgUserDTO
* AccessControl: get User AC metadata
* AccessControl: return User Access Control metadata when requested
