* Add ApprovalForce to AuthCodeOptions
* Extract access token validity check to a function
* Refactor
* Oauth: set options internally instead of exposing new function
* Align tests
* Remove unused function
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
* Add wrapper around sqlstore method GetUserByLogin
* Use new method from user service
* Fix lint
* Fix lint 2
* fix middleware basic auth test
* Fix grafana login returning a user by login
* Remove GetUserByLogin from store interface
* Merge commit
* Implement disableSecretsCompatibility flag
* Allow secret deletion right after migration
* Use dialect.Quote for secure_json_data on secret deletion
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Set secure_json_data to NULL instead of empty json
* Run toggles_gen_test and use generated flag variable
* Add ID to delete data source secrets command on function call
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Remove extra query to get datasource on secret deletion
* Fix linting issues with CHANGELOG.md
* Use empty json string when deleting secure json data
* Implement secret migration as a background process
* Refactor secret migration as a background service
* Refactor migration to be inside secret store
* Re-add secret deletion function removed on merge
* Try using transaction to fix db lock during tests
* Disable migration for pipeline debugging
* Try adding sleep to fix database lock
* Remove unecessary time sleep from migration
* Fix merge issue, replace models with datasources
* Try event listener approach
* Fix merge issue, replace models with datasources
* Fix linting issues with unchecked error
* Remove unecessary trainling new line
* Increase wait interval on background secret migration
* Rename secret store migration folder for consistency
* Convert background migration to blocking
* Fix number of arguments on server tests
* Check error value of secret migration provider
* Fix linting issue with method varaible
* Revert unintended change on background services
* Move secret migration service provider to wire.go
* Remove unecessary else from datasource service
* Move transaction inside loop on secret migration
* Remove unecessary GetServices function
* Remove unecessary interface after method removal
* Rename Run to Migrate on secret migration interface
* Rename secret migrations service variable on server
* Use MustBool on datasource secret migration
* Revert changes to GetDataSources
* Implement GetAllDataSources function
* Remove DeleteDataSourceSecrets function
* Move datasource secret migration to datasource service
* Remove unecessary properties from datasource secret migration
* Make DecryptLegacySecrets a private method
* Remove context canceled check on secret migrator
* Log error when fail to unmarshal datasource secret
* Add necessary fields to update command on migration
* Handle high availability on secret migration
* Use kvstore for datasource secret migration status
* Add error check for migration status set on kvstore
* Remove NewSecretMigrationService from server tests
* Use const for strings on datasource secrets migration
* Test all cases for datasources secret migrations
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* AccessControl: Make the built-in role definitions public
* Add context to RegisterFixedRoles
Co-authored-by: Jguer <joao.guerreiro@grafana.com>
* Making BuiltInRolesWithParents public to the AccessControl package
Co-authored-by: Jguer <joao.guerreiro@grafana.com>
Co-authored-by: Jguer <joao.guerreiro@grafana.com>
* API: Using go-swagger for extracting OpenAPI specification from source code
* Merge Grafana Alerting spec
* Include enterprise endpoints (if enabled)
* Serve SwaggerUI under feature flag
* Fix building dev docker images
* Configure swaggerUI
* Add missing json tags
Co-authored-by: Ying WANG <ying.wang@grafana.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Fixing a couple bugs, adds some tests and hopefully decrease
lock contention when logging.
Switching from using sync.RWMutex to go-kit SwapLogger.
Fixes bug when creating a new logger from an existing one that
screwed up the keyvals and/or lost the logger name.
Ref #44681
* context all the things
* apply feedback
* rollback some alerting changes
* rollback some alerting changes #2
* more rollbacks
* more rollbacks #2
* more rollbacks #3
* more rollbacks #4
* fix integration test
* add missing context
* add missing and remove incorrect dispatch
Fixes#30144
Co-authored-by: dsotirakis <sotirakis.dim@gmail.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Co-authored-by: Ida Furjesova <ida.furjesova@grafana.com>
Co-authored-by: Jack Westbrook <jack.westbrook@gmail.com>
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
Co-authored-by: Leon Sorokin <leeoniya@gmail.com>
Co-authored-by: Andrej Ocenas <mr.ocenas@gmail.com>
Co-authored-by: spinillos <selenepinillos@gmail.com>
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
Co-authored-by: Leonard Gram <leo@xlson.com>
* AccessControl: Implement a way to register fixed roles
* Add context to register func
* Use FixedRoleGrantsMap instead of FixedRoleGrants
* Removed FixedRoles map to sync.map
* Wrote test for accesscontrol and provisioning
* Use mutexes+map instead of sync maps
* Create a sync map struct out of a Map and a Mutex
* Create a sync map struct for grants as well
* Validate builtin roles
* Make validation public to access control
* Handle errors consistently with what seeder does
* Keep errors consistant amongst accesscontrol impl
* Handle registration error
* Reverse the registration direction thanks to a RoleRegistrant interface
* Removed sync map in favor for simple maps since registration now happens during init
* Work on the Registrant interface
* Remove the Register Role from the interface to have services returning their registrations instead
* Adding context to RegisterRegistrantsRoles and update descriptions
* little bit of cosmetics
* Making sure provisioning is ran after role registration
* test for role registration
* Change the accesscontrol interface to use a variadic
* check if accesscontrol is enabled
* Add a new test for RegisterFixedRoles and fix assign which was buggy
* Moved RegistrationList def to roles.go
* Change provisioning role's description
* Better comment on RegisterFixedRoles
* Correct comment on ValidateFixedRole
* Simplify helper func to removeRoleHelper
* Add log to saveFixedRole and assignFixedRole
Co-authored-by: Vardan Torosyan <vardants@gmail.com>
Co-authored-by: Jeremy Price <Jeremy.price@grafana.com>
* wip
* Auth Info: refactored out into it's own service
* Auth: adds extension point where users are being mapped
* Update pkg/services/login/authinfoservice/service.go
Co-authored-by: Joan López de la Franca Beltran <joanjan14@gmail.com>
* Update pkg/services/login/authinfoservice/service.go
Co-authored-by: Joan López de la Franca Beltran <joanjan14@gmail.com>
* Auth: simplified code
* moved most authinfo stuff to its own package
* added back code
* linter
* simplified
Co-authored-by: Joan López de la Franca Beltran <joanjan14@gmail.com>
Uses new httpclient package from grafana-plugin-sdk-go introduced
via grafana/grafana-plugin-sdk-go#328.
Replaces the GetHTTPClient, GetTransport, GetTLSConfig methods defined
on DataSource model.
Longer-term the goal is to migrate core HTTP backend data sources to use the
SDK contracts and using httpclient.Provider for creating HTTP clients and such.
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* tests: Undo cleanup in goroutine
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
* Server: Implement timeout waiting for it to shut down
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
Before these changes the request tracing was added for each route
registered using the routing.RouteRegister, see code. This had the
consequence that middleware executed earlier/later in the request
pipeline was not part of the request tracing middleware life-cycle
which measures the duration of requests among other things.
In the logger middleware we do extract the current distributed trace
identifier, if available, and set that on request info/error log messages.
With these changes we can extract the current distributed trace identifier,
if available, and set that on the contextual HTTP request logger
(models.ReqContext.Logger) which would improve the possibility to correlate
all HTTP request log messages with traces.
In addition, the request tracing middleware is now executed first and last in
the request pipeline and should therefore result in more accurate timing
measurements (request duration).
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Move db package WIP
* Implement OSS access control
* Register OSS access control
* Fix linter error in tests
* Fix linter error in evaluator
* Simplify OSS tests
* Optimize builtin roles
* Chore: add comments to the exported functions
* Remove init from ossaccesscontrol package (moved to ext)
* Add access control as a dependency for http server
* Modify middleware to receive fallback function
* Middleware: refactor fallback function call
* Move unused models to enterprise
* Simplify AccessControl type
* Chore: use bool IsDisabled() method instead of CanBeDisabled interface
* Fix LoginService.UpsertUser user creation
* Fix API AdminCreateUser user creation
* Add missing underscore import
* Fix API CompleteInvite user creation
* Fix API SignUpStep2 user creation
* Alerting NG: prototype v2 (WIP)
* Separate eval package
* Modify eval alert definition endpoint
* Disable migration if ngalert is not enabled
* Remove premature test
* Fix lint issues
* Delete obsolete struct
* Apply suggestions from code review
* Update pkg/services/ngalert/ngalert.go
Co-authored-by: Kyle Brandt <kyle@grafana.com>
* Add API endpoint for listing alert definitions
* Introduce index for alert_definition table
* make ds object for expression to avoid panic
* wrap error
* Update pkg/services/ngalert/eval/eval.go
* Swith to backend.DataQuery
* Export TransformWrapper callback
* Fix lint issues
* Update pkg/services/ngalert/ngalert.go
Co-authored-by: Kyle Brandt <kyle@grafana.com>
* Validate alert definitions before storing them
* Introduce AlertQuery
* Add test
* Add QueryType in AlertQuery
* Accept only float64 (seconds) durations
* Apply suggestions from code review
* Get rid of bus
* Do not export symbols
* Fix failing test
* Fix failure due to service initialization order
Introduce MediumHigh service priority and assign it to backendplugin
service
* Fix test
* Apply suggestions from code review
* Fix renamed reference
Co-authored-by: Kyle Brandt <kyle@grafana.com>
