* initial cut at migration from plugin
* create new migration from plugin
* only migrate to or from, not both
* remove cfg check from plugin migration itself
* update comments, clean up secret after migration
* add better error handling
* hook up REST API with migrations
* Minor fixes
* fix wire injection issue
* modify migrator to access plugin calls directly. create unit tests
* change pre-migration checks in admin api
* stop plugin after migrating from it
* fix compile issues after merge
* add comment about migration
* fix linting issue
* bleh, fix unit test
* fix another unit test
* update plugin error fatal flag after a migration from the plugin
* add extra logging to migration
* make linter happy
Co-authored-by: Leandro Deveikis <leandro.deveikis@gmail.com>
* RBAC: Rename interface to Store
* RBAC: Move ranme scopeInjector
* RBAC: Rename files to service
* RBAC: Rename to service
* RBAC: Split up accesscontrol into two components
* RBAC: Add DeclareFixedRoles to AccessControl interface
* Wire: Fix wire bindings
* RBAC: Move resolvers to root
* RBAC: Remove invalid test
* RBAC: Inject access control service
* RBAC: Implement the RoleRegistry interface in fake
* Move license check to secret store plugin
* Use shouldUseRemoteSecretsPlugin for migration
* Encapsulate plugin startup logic in sync.Once
* Remove global logger from startup functions
* Fix issues with wire and secrets plugin check
* Remove todo for plugin fatal error
* Rename fatalErr variable to be less confusing
* Fix merge conflicts
* Fix issue with grafana-cli wire and opentsdb
* Remove duplicated import on remote plugin
* Rename plugin check in favor of error return value
* Remove unnecessary import on grafana-cli wireexts_oss
* Remove unnecessary import on grafana wireexts_oss
* Reset sync.Once during test setup
* Remove unrelated opentsdb change on grafana-cli wire
* Readd opentsdb change on grafana-cli wire
* pkg/web: closure-style middlewares
Switches the middleware execution model from web.Handlers in a slice to
web.Middleware.
Middlewares are temporarily kept in a slice to preserve ordering, but
prior to execution they are applied, forming a giant call-stack, giving
granular control over the execution flow.
* pkg/middleware: adapt to web.Middleware
* pkg/middleware/recovery: use c.Req over req
c.Req gets updated by future handlers, while req stays static.
The current recovery implementation needs this newer information
* pkg/web: correct middleware ordering
* pkg/webtest: adapt middleware
* pkg/web/hack: set w and r onto web.Context
By adopting std middlewares, it may happen they invoke next(w,r) without
putting their modified w,r into the web.Context, leading old-style
handlers to operate on outdated fields.
pkg/web now takes care of this
* pkg/middleware: selectively use future context
* pkg/web: accept closure-style on Use()
* webtest: Middleware testing
adds a utility function to web/webtest to obtain a http.ResponseWriter,
http.Request and http.Handler the same as a middleware that runs would receive
* *: cleanup
* pkg/web: don't wrap Middleware from Router
* pkg/web: require chain to write response
* *: remove temp files
* webtest: don't require chain write
* *: cleanup
* move apikey store into a separate service
* add apikey service to wire graph
* fix linter
* switch api to use apikey service
* fix provideservice in tests
* add apikey service test double
* try different sql syntax
* rolling back the dialect
* trigger drone
* trigger drone
* Remove user from preferences, stars, orguser, team member
* Fix lint
* Add Delete user from org and dashboard acl
* Delete user from user auth
* Add DeleteUser to quota
* Add test files and adjust user auth store
* Rename package in wire for user auth
* Import Quota Service interface in other services
* do the same in tests
* fix lint tests
* Fix tests
* Add some tests
* Rename InsertUser and DeleteUser to InsertOrgUser and DeleteOrgUser
* Rename DeleteUser to DeleteByUser in quota
* changing a method name in few additional places
* Fix in other places
* Fix lint
* Fix tests
* Chore: Split Delete User method
* Add fakes for userauth
* Add mock for access control Delete User permossion, use interface
* Use interface for ream guardian
* Add simple fake for dashboard acl
* Add go routines, clean up, use interfaces
* fix lint
* Update pkg/services/user/userimpl/user_test.go
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Update pkg/services/user/userimpl/user_test.go
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Update pkg/services/user/userimpl/user_test.go
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Add wrapper for not service account error
* fix indentation
* Use fmt for error wrapper
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Remove user from preferences, stars, orguser, team member
* Fix lint
* Add Delete user from org and dashboard acl
* Delete user from user auth
* Add DeleteUser to quota
* Add test files and adjust user auth store
* Rename package in wire for user auth
* Import Quota Service interface in other services
* do the same in tests
* fix lint tests
* Fix tests
* Add some tests
* Rename InsertUser and DeleteUser to InsertOrgUser and DeleteOrgUser
* Rename DeleteUser to DeleteByUser in quota
* changing a method name in few additional places
* Fix in other places
* Fix lint
* Fix tests
* Rename DeleteOrgUser to DeleteUserFromAll
* Update pkg/services/org/orgimpl/org_test.go
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* Update pkg/services/preference/prefimpl/inmemory_test.go
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* Rename Acl to ACL
* Fix wire after merge with main
* Move test to uni test
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
This PR moves public dashboards into its own self contained service including API, Service, Database, and Models. Routes are mounted on the Grafana HTTPServer by the API service at injection time with wire.go. The main route that loads the frontend for public dashboards is still handled by the API package.
Co-authored-by: Jesse Weaver <jesse.weaver@grafana.com>
Co-authored-by: Owen Smallwood <owen.smallwood@grafana.com>
* passes id and uid to PublicDashboardDatasource
* betterer results
* If for a public dashboard, return the PublicDashboardDataSource first or else getDatasourceSrv.get() will fail bc of no authed user.
Added some unit tests for resolving the uid from the many possible datasource types.
* updates betterer
* Exports DashboardService. Adds method to DashboardService to build anonymous user for use with public dashboards where there is no authed user. Adds method on dashboard_queries to get all dashboard uids from a dashboard.
* refactors to get unique datasource uids
* Adds tests for getting all unique datasource uids off a dashboard
* adds test for building anonymous user with read and query actions that are scoped to each datasource uid in the dashboard
* updates casing of DashboardService
* updates test case to have additional panel with a different datasource
* gives default interval to public dashboard data source
* add special handling on the plugin gathering side to check whether secrets manager plugins are enabled or not
* show disabled badge in front end if the plugin is not enabled
* Only show error in disabled badge hover if one is present (otherwise it shows "undefined")
* refactor to make use of fields already available in the DTO
* fix typo
* if there is no error returned for the plugin, just show 'disabled'
* fix typo
* Update public/app/features/plugins/admin/components/Badges/PluginDisabledBadge.tsx
Co-authored-by: Levente Balogh <balogh.levente.hu@gmail.com>
* Update frontendsettings.go
add clarifying comment
* fix unit test
* rework task to use new frontend property combined with plugin type to determine if the plugin should be disabled
* Update helpers.test.ts
revert test change
* fix unit test
* bogus commit to trigger precommit
* undo commit
* run precommit manually
Co-authored-by: Levente Balogh <balogh.levente.hu@gmail.com>
* coremodel: Generate static registry
* Actually make codegen work
Also, remove the per-coremodel assignability test from generator set.
* Make wire gen depend on cue gen
This is necessary now that we're generating a wire set as part of
coremodel registry generation.
* Add wire inject bits to http server
* s/staticregistry/registry/
* move to static and dynamic wording
* Move registry type into registry package
* Use static registry in http handler
* Oi comments
* ServiceAccounts: able to get upgrade status
* Banner with API keys migration info
* Show API keys migration info on Service accounts page
* Migrate individual API keys
* Use transaction for key migration
* Migrate all api keys to service accounts
* Hide api keys after migration
* Migrate API keys separately for each org
* Revert API key
* Revert key API method
* Rename migration actions and reducers
* Fix linter errors
* Tests for migrating single API key
* Tests for migrating all api keys
* More tests
* Fix reverting tokens
* API: rename convert to migrate
* Add api route descriptions to methods
* rearrange methods in api.go
* Refactor: rename and move some methods
* Prevent assigning tokens to non-existing service accounts
* Refactor: ID TO Id
* Refactor: fix error message
* Delete service account if migration failed
* Fix linter errors
* backend/sqlstore split: move dashboard snapshot funcs to dashboardsnapshotservice
This commit moves the dashboard snapshot related sql functions in the dashboardsnapshots service. I split the dashboards package up so the interfaces live in dashboarsnapshots and the store and service implementations are in their own packages. This took some minor refactoring, but none of the actual underlying code has changed, just where it lives.
* Remove crufty scuemata bits
Buhbye to: cue/ dir with old definitions, CI steps for checking unnecessary
things, and the original dashboard scuemata file.
* Remove grafana-cli cue subcommand
* Remove old testdata
* Don't swallow errors from codegen
* Small nits and tweaks to cuectx package
* WIP - refactor pluggen to use Thema
Also consolidate the embed.FS in the repo root.
* Finish halfway rename
* Convert all panel models.cue to thema
* Rewrite pluggen to use Thema
* Remove pkg/schema, and trim command
* Remove schemaloader service and usages
Will be replaced by coremodel-centric hydrate/dehydrate system Soon™.
* Remove schemaloader from wire
* Remove hangover field on histogram models.cue
* Fix lint errors, some vestiges of trim service
* Remove unused cuetsify cli command
* API: Migrate CSRF to service and support additional options
* minor
* public Csrf service to use in tests
* WIP
* remove fmt
* comment
* WIP
* remove fmt prints
* todo add prefix slash
* remove fmt prints
* linting fix
* remove trimPrefix
Co-authored-by: Eric Leijonmarck <eric.leijonmarck@gmail.com>
Co-authored-by: IevaVasiljeva <ieva.vasiljeva@grafana.com>
* Add store split for Get Dashboard version method
* Implement dashboard version service
* Fix api tests
* Remove GetDashboarVersion from sqlstore
* Add fakes for Get dashboard version
* Fix sqlstore test
* Add Get Dashboard store test
* Add dashver service test
* Remove useless comments
* Add coremodelValidation feature flag
* coremodels: use stubs when feature flag is off
* api: validate dashboards on save
* Need pointer receiver for FeatureManager
* Update dashboard Go model
* Align doc comments
* Include CoremodelRegistry in test
* Wedge coremodel in on all test cases, ugh
* Ugh fix comment again
* Update pkg/framework/coremodel/staticregistry/provide.go
Co-authored-by: Artur Wierzbicki <wierzbicki.artur.94@gmail.com>
* Update Thema (and its deps) for better errs
* omg whitespace
Co-authored-by: Artur Wierzbicki <wierzbicki.artur.94@gmail.com>
* #45498: add entity events table
* #45498: add entity events service
* #45498: hook up entity events service to http server
* #45498: use `dashboards.id` rather than `uid` and `org_id` in grn
* Update pkg/services/entityevents/service.go
Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
* #45498: move entityeventsservice to services/store
* #45498: add null check
* #45498: rename
* #45498: fix comment
* #45498: switch grn back to uid
* Search: listen for updates (#47719)
* #45498: wire entity event service with searchv2
* load last event id before building index for org 1
* fix service init in integration tests
* depend on required subset of event store methods
* Update pkg/services/sqlstore/migrations/entity_events_mig.go
Co-authored-by: Alexander Emelin <frvzmb@gmail.com>
* #45498: pointer receiver
* #45498: mockery!
* #45498: add entity events service to background services
* dashboard query pagination, allow queries while re-indexing
* log level cleanups, use rlock, add comments
* fix lint, check feature toggle in search v2 service
* use unix time for event created column
* add missing changes for created column
* fix integration tests init
* log re-index execution times on info level
* #45498: fix entityEventsService tests
* #45498: save events on dashboard delete
* use camel case for log labels
* formatting
* #45498: rename grn to entityid
* #45498: add `IsDisabled` to entityEventsService
* #45498: remove feature flag from migration
* better context usage, fix capacity, comments/cleanups
* replace print with logger
* Revert "#45498: remove feature flag from migration"
This reverts commit ed23968898.
* revert:revert:revert conditional feature flag
Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
Co-authored-by: Alexander Emelin <frvzmb@gmail.com>
* Implement preference service
* Adjust wire.go
* Fix integration test user
* Fix api pref tests
* Fix a11y error
Co-authored-by: Alexandra Vargas <alexa1866@gmail.com>
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* Use Wiring to initialize Avatar Cache Server
Create AvatarCacheServer Provider function and pass it in as an
argument to HTTPServer. Also convert CacheServer to a singleton
so that we keep all cached Avatar info in one place for easier access
* Refactor avatar cache server and add 'isCustom' check
Avatar cache server needs to perform two similar fetches
back-to-back; break up functions to allow for easy reuse.
Then add handling to see if a user has a custom avatar.
* Add additional accessors so that /recents api can easily use the cache
* Minor mods to avatar server to facilitiate unit testing
* add unit tests for avatar fetching
* add error handling in case we somehow fetch gravatars while they are disabled
* linting: read error return value in unit test
* Use http package status codes
Co-authored-by: Ezequiel Victorero <evictorero@gmail.com>
* Use http package status codes
Co-authored-by: Ezequiel Victorero <evictorero@gmail.com>
* Use http package status codes
Co-authored-by: Ezequiel Victorero <evictorero@gmail.com>
* Incorporate suggestions from PR
-avoid mutating arguments
-change error handler function to private and make name more descriptive
Co-authored-by: Ezequiel Victorero <evictorero@gmail.com>
Refactors GetPluginDashboards/LoadPluginDashboard by moving database
interaction from plugin management to the plugindashboards service.
Fixes#44553
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
* Chore: Remove deprecated no-op option PreferServerCipherSuites
from the tls configs.
Per golang docs: "PreferServerCipherSuites is a legacy field and has no effect."
* Add actions and scopes
* add resource service for dashboard and folder
* Add dashboard guardian with fgac permission evaluation
* Add CanDelete function to guardian interface
* Add CanDelete property to folder and dashboard dto and set values
* change to correct function name
* Add accesscontrol to folder endpoints
* add access control to dashboard endpoints
* check access for nav links
* Add fixed roles for dashboard and folders
* use correct package
* add hack to override guardian Constructor if accesscontrol is enabled
* Add services
* Add function to handle api backward compatability
* Add permissionServices to HttpServer
* Set permission when new dashboard is created
* Add default permission when creating new dashboard
* Set default permission when creating folder and dashboard
* Add access control filter for dashboard search
* Add to accept list
* Add accesscontrol to dashboardimport
* Disable access control in tests
* Add check to see if user is allow to create a dashboard
* Use SetPermissions
* Use function to set several permissions at once
* remove permissions for folder and dashboard on delete
* update required permission
* set permission for provisioning
* Add CanCreate to dashboard guardian and set correct permisisons for
provisioning
* Dont set admin on folder / dashboard creation
* Add dashboard and folder permission migrations
* Add tests for CanCreate
* Add roles and update descriptions
* Solve uid to id for dashboard and folder permissions
* Add folder and dashboard actions to permission filter
* Handle viewer_can_edit flag
* set folder and dashboard permissions services
* Add dashboard permissions when importing a new dashboard
* Set access control permissions on provisioning
* Pass feature flags and only set permissions if access control is enabled
* only add default permissions for folders and dashboards without folders
* Batch create permissions in migrations
* Remove `dashboards:edit` action
* Remove unused function from interface
* Update pkg/services/guardian/accesscontrol_guardian_test.go
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
