* #45498: add entity events table
* #45498: add entity events service
* #45498: hook up entity events service to http server
* #45498: use `dashboards.id` rather than `uid` and `org_id` in grn
* Update pkg/services/entityevents/service.go
Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
* #45498: move entityeventsservice to services/store
* #45498: add null check
* #45498: rename
* #45498: fix comment
* #45498: switch grn back to uid
* Search: listen for updates (#47719)
* #45498: wire entity event service with searchv2
* load last event id before building index for org 1
* fix service init in integration tests
* depend on required subset of event store methods
* Update pkg/services/sqlstore/migrations/entity_events_mig.go
Co-authored-by: Alexander Emelin <frvzmb@gmail.com>
* #45498: pointer receiver
* #45498: mockery!
* #45498: add entity events service to background services
* dashboard query pagination, allow queries while re-indexing
* log level cleanups, use rlock, add comments
* fix lint, check feature toggle in search v2 service
* use unix time for event created column
* add missing changes for created column
* fix integration tests init
* log re-index execution times on info level
* #45498: fix entityEventsService tests
* #45498: save events on dashboard delete
* use camel case for log labels
* formatting
* #45498: rename grn to entityid
* #45498: add `IsDisabled` to entityEventsService
* #45498: remove feature flag from migration
* better context usage, fix capacity, comments/cleanups
* replace print with logger
* Revert "#45498: remove feature flag from migration"
This reverts commit ed23968898.
* revert:revert:revert conditional feature flag
Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
Co-authored-by: Alexander Emelin <frvzmb@gmail.com>
* Add actions and scopes
* add resource service for dashboard and folder
* Add dashboard guardian with fgac permission evaluation
* Add CanDelete function to guardian interface
* Add CanDelete property to folder and dashboard dto and set values
* change to correct function name
* Add accesscontrol to folder endpoints
* add access control to dashboard endpoints
* check access for nav links
* Add fixed roles for dashboard and folders
* use correct package
* add hack to override guardian Constructor if accesscontrol is enabled
* Add services
* Add function to handle api backward compatability
* Add permissionServices to HttpServer
* Set permission when new dashboard is created
* Add default permission when creating new dashboard
* Set default permission when creating folder and dashboard
* Add access control filter for dashboard search
* Add to accept list
* Add accesscontrol to dashboardimport
* Disable access control in tests
* Add check to see if user is allow to create a dashboard
* Use SetPermissions
* Use function to set several permissions at once
* remove permissions for folder and dashboard on delete
* update required permission
* set permission for provisioning
* Add CanCreate to dashboard guardian and set correct permisisons for
provisioning
* Dont set admin on folder / dashboard creation
* Add dashboard and folder permission migrations
* Add tests for CanCreate
* Add roles and update descriptions
* Solve uid to id for dashboard and folder permissions
* Add folder and dashboard actions to permission filter
* Handle viewer_can_edit flag
* set folder and dashboard permissions services
* Add dashboard permissions when importing a new dashboard
* Set access control permissions on provisioning
* Pass feature flags and only set permissions if access control is enabled
* only add default permissions for folders and dashboards without folders
* Batch create permissions in migrations
* Remove `dashboards:edit` action
* Remove unused function from interface
* Update pkg/services/guardian/accesscontrol_guardian_test.go
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
* Query history: Add starring and unstarring API
* Return dto with starred info when commenting
* Add documentation for starring and unstarring of query
* Return dto when starring/unstarring
* Update documentation
* Update deleting with unstarring
* Check queryUID length in queryhistory
* Fix linting issues
* Update docs/sources/http_api/query_history.md
Co-authored-by: Piotr Jamróz <pm.jamroz@gmail.com>
* Update docs/sources/http_api/query_history.md
Co-authored-by: Piotr Jamróz <pm.jamroz@gmail.com>
Co-authored-by: Piotr Jamróz <pm.jamroz@gmail.com>
* add SQL migrations
* dashboard previews from sql: poc
* added todos
* refactor: use the same enums where possible
* use useEffect, always return json
* added todo
* refactor + delete files after use
* refactor + fix manual thumbnail upload
* refactor: move all interactions with sqlStore to thumbnail repo
* refactor: remove file operations in thumb crawler/service
* refactor: fix dashboard_thumbs sql store
* refactor: extracted thumbnail fetching/updating to a hook
* refactor: store thumbnails in redux store
* refactor: store thumbnails in redux store
* refactor: private'd repo methods
* removed redux storage, saving images as blobs
* allow for configurable rendering timeouts
* added 1) query for dashboards with stale thumbnails, 2) command for marking thumbnails as stale
* use sql-based queue in crawler
* ui for marking thumbnails as stale
* replaced `stale` boolean prop with `state` enum
* introduce rendering session
* compilation errors
* fix crawler stop button
* rename thumbnail state frozen to locked
* #44449: fix merge conflicts
* #44449: remove thumb methods from `Store` interface
* #44449: clean filepath, defer file closing
* #44449: fix rendering.Theme cyclic import
* #44449: linting
* #44449: linting
* #44449: mutex'd crawlerStatus access
* #44449: added integration tests for `sqlstore.dashboard_thumbs`
* #44449: added comments to explain the `ThumbnailState` enum
* #44449: use os.ReadFile rather then os.Open
* #44449: always enable dashboardPreviews feature during integration tests
* #44449: remove sleep time, adjust number of threads
* #44449: review fix: add `orgId` to `DashboardThumbnailMeta`
* #44449: review fix: automatic parsing of thumbnailState
* #44449: lint fixes
* #44449: review fix: prefer `WithDbSession` over `WithTransactionalDbSession`
* #44449: review fix: add a comment explaining source of the filepath
* #44449: review fix: added filepath validation
* #44449: review fixes https://github.com/grafana/grafana/pull/45063/files @fzambia
Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
Co-authored-by: Alexander Emelin <frvzmb@gmail.com>
* Create config to enable/disable query history
* Create add to query history functionality
* Add documentation
* Add test
* Refactor
* Add test
* Fix built errors and linting errors
* Refactor
* Remove old tests
* Refactor, adjust based on feedback, add new test
* Update default value
* update AlertingEnabled and UnifiedAlertingSettings.Enabled to be pointers
* add a pseudo migration to fix the AlertingEnabled and UnifiedAlertingSettings.Enabled if the latter is not defined
* update the default configuration file to make default value for both 'enabled' flags be undefined
Misc
* update Migrator to expose DB engine. This is needed for a ualert migration to access the database while the list of migrations is created.
* add more verbose failure when migrations do not match
Co-authored-by: gotjosh <josue@grafana.com>
Co-authored-by: Yuriy Tseretyan <yuriy.tseretyan@grafana.com>
Co-authored-by: gillesdemey <gilles.de.mey@gmail.com>
* Add secrets service
* Revert accidental changes in util encryption
* Make minor changes
Move functional options to models
Revert renaming types to models
* Add context
* Minor change in GetDataKey
* Use CreateDataKeyWithDBSession in CreateDataKey
* Handle empty DEK name in DeleteDataKey
* Rename defaultProvider
* Remove secrets store service
* add key/value store service
* don't export kvStoreSQL, consumers should interact with KVStore & NamespacedKVStore
* add del method, avoid ErrNotFound (#38627)
* switch value column to medium text
Co-authored-by: Alexander Emelin <frvzmb@gmail.com>
Fixes#30144
Co-authored-by: dsotirakis <sotirakis.dim@gmail.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Co-authored-by: Ida Furjesova <ida.furjesova@grafana.com>
Co-authored-by: Jack Westbrook <jack.westbrook@gmail.com>
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
Co-authored-by: Leon Sorokin <leeoniya@gmail.com>
Co-authored-by: Andrej Ocenas <mr.ocenas@gmail.com>
Co-authored-by: spinillos <selenepinillos@gmail.com>
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
Co-authored-by: Leonard Gram <leo@xlson.com>
* Alerting: modify table and accessors to limit org access appropriately
* Update migration to create multiple Alertmanager configs
* Apply suggestions from code review
Co-authored-by: gotjosh <josue@grafana.com>
* replace mg.ClearMigrationEntry()
mg.ClearMigrationEntry() would create a new session.
This commit introduces a new migration for clearing an entry from migration log for replacing mg.ClearMigrationEntry() so that all dashboard alert migration operations will run inside the same transaction.
It adds also `SkipMigrationLog()` in Migrator interface for skipping adding an entry in the migration_log.
Co-authored-by: gotjosh <josue@grafana.com>
* Not complete, put migration behind env flag for now:
UALERT_MIG=iDidBackup
* Important to backup, and not expect the same DB to keep working until the env trigger is removed.
* Alerting: Migrate dashboard alert permissions
* Do not use imported models
* Change folder titles
Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>
* intial frontend resolution/redirection logic
* backend scaffolding
* enough of the frontend to actually test end to end
* bugfixes
* add tests
* cleanup
* explore too hard for now
* fix build
* Docs: add docs
* FE test
* redirect directly from backend
* validate incoming uids
* add last_seen_at
* format documentation
* more documentation feedback
* very shaky migration of get route to middleware
* persist unix timestamps
* add id, orgId to table
* fixes for orgId scoping
* whoops forgot the middleware
* only redirect to absolute URLs under the AppUrl domain
* move lookup route to /goto/:uid, stop manually setting 404 response code
* renaming things according to PR feedback
* tricky deletion
* sneaky readd
* fix test
* more BE renaming
* FE updates -- no more @ts-ignore hacking :) and accounting for subpath
* Simplify code
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
* Short URLs: Drop usage of bus
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
* ShortURLService: Make injectable
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
* Rename file
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
* Add handling of url parsing and creating of full shortURL to backend
* Update test, remove unused imports
* Update pkg/api/short_urls.go
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Add correct import
* Pass context to short url service
* Remove not needed error log
* Rename dto and field to denote URL rather than path
* Update api docs based on feedback/suggestion
* Rename files to singular
* Revert to send relative path to backend
* Fixes after review
* Return dto when creating short URL that includes the full url
Use full url to provide shorten URL to the user
* Fix after review
* Fix relative url path when creating new short url
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
Co-authored-by: Ivana <ivana.huckova@gmail.com>
Co-authored-by: Ivana Huckova <30407135+ivanahuckova@users.noreply.github.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* db: add login attempt migrations
* db: add possibility to create login attempts
* db: add possibility to retrieve login attempt count per username
* auth: validation and update of login attempts for invalid credentials
If login attempt count for user authenticating is 5 or more the last 5 minutes
we temporarily block the user access to login
* db: add possibility to delete expired login attempts
* cleanup: Delete login attempts older than 10 minutes
The cleanup job are running continuously and triggering each 10 minute
* fix typo: rename consequent to consequent
* auth: enable login attempt validation for ldap logins
* auth: disable login attempts validation by configuration
Setting is named DisableLoginAttemptsValidation and is false by default
Config disable_login_attempts_validation is placed under security section
#7616
* auth: don't run cleanup of login attempts if feature is disabled
#7616
* auth: rename settings.go to ldap_settings.go
* auth: refactor AuthenticateUser
Extract grafana login, ldap login and login attemp validation together
with their tests to separate files.
Enables testing of many more aspects when authenticating a user.
#7616
* auth: rename login attempt validation to brute force login protection
Setting DisableLoginAttemptsValidation => DisableBruteForceLoginProtection
Configuration disable_login_attempts_validation => disable_brute_force_login_protection
#7616
* annotations: add 25px space for events section
* annotations: restored create annotation action
* annotations: able to use fa icons as event markers
* annotations: initial emoji support from twemoji lib
* annotations: adjust fa icon position
* annotations: initial emoji picker
* annotation: include user info into annotation requests
* annotation: add icon info
* annotation: display user info in tooltip
* annotation: fix region saving
* annotation: initial region markers
* annotation: fix region clearing (add flot-temp-elem class)
* annotation: adjust styles a bit
* annotations: minor fixes
* annoations: removed userId look in loop, need a sql join or a user cache for this
* annotation: fix invisible events
* lib: changed twitter emoij lib to be npm dependency
* annotation: add icon picker to Add Annotation dialog
* annotation: save icon to annotation table
* annotation: able to set custom icon for annotation added by user
* annotations: fix emoji after library upgrade (switch to 72px)
* emoji: temporary remove bad code points
* annotations: improve icon picker
* annotations: icon show icon picker at the top
* annotations: use svg for emoji
* annotations: fix region drawing when add annotation editor opened
* annotations: use flot lib for drawing region fill
* annotations: move regions building into event_manager
* annotations: don't draw additional space if no events are got
* annotations: deduplicate events
* annotations: properly render cut regions
* annotations: fix cut region building
* annotations: refactor
* annotations: adjust event section size
* add-annotations: fix undefined default icon
* create-annotations: edit event (frontend part)
* fixed bug causes error when hover event marker
* create-annotations: update event (backend)
* ignore grafana-server debug binary in git (created VS Code)
* create-annotations: use PUT request for updating annotation.
* create-annotations: fixed time format when editing existing event
* create-annotations: support for region update
* create-annotations: fix bug with limit and event type
* create-annotations: delete annotation
* create-annotations: show only selected icon in edit mode
* create-annotations: show event editor only for users with at least Editor role
* create-annotations: handle double-sized emoji codepoints
* create-annotations: refactor
use CP_SEPARATOR from emojiDef
* create-annotations: update emoji list, add categories.
* create-annotations: copy SVG emoji into public/vendor/npm and use it as a base path
* create-annotations: initial tabs for emoji picker
* emoji-picker: adjust styles
* emoji-picker: minor refactor
* emoji-picker: refactor - rename and move into one directory
* emoji-picker: build emoji elements on app load, not on picker open
* emoji-picker: fix emoji searching
* emoji-picker: refactor
* emoji-picker: capitalize category name
* emoji-picker: refactor
move buildEmojiElem() into emoji_converter.ts for future reuse.
* jquery.flot.events: refactor
use buildEmojiElem() for making emojis, remove unused code for font awesome based icons.
* emoji_converter: handle converting error
* tech: updated
* merged with master
* shore: clean up some stuff
* annotation: wip tags
* annotation: filtering by tags
* tags: parse out spaces etc. from a tags string
* annotations: use tagsinput component for tag filtering
* annotation: wip work on how we query alert & panel annotations
* annotations: support for updating tags in an annotation
* linting
* annotations: work on unifying how alert history annotations and manual panel annotations are created
* tslint: fixes
* tags: create tag on blur as well
Currently, the tags directive only creates the tag when the
user presses enter. This change means the tag is created on
blur as well (when the user clicks outside the input field).
* annotations: fix update after refactoring
* annotations: progress on how alert annotations are fetched
* annotations: minor progress
* annotations: progress
* annotation: minor progress
* annotations: move tag parsing from tooltip to ds
Instead of parsing a tag string into an array in the annotation_tooltip
class, this moves the parsing to the datasources. InfluxDB ds already
does that parsing. Graphite now has it.
* annotations: more work on querying
* annotations: change from tags as string to array
when saving in the db and in the api.
* annotations: delete tag link if removed on edit
* annotation: more work on depricating annotation title
* annotations: delete tag links on delete
* annotations: fix for find
* annotation: added user to annotation tooltip and added alertName to annoation dto
* annotations: use id from route instead from cmd for updating
* annotations: http api docs
* create annotation: last edits
* annotations: minor fix for querying annotations before dashboard saved
* annotations: fix for popover placement when legend is on the side (and doubel render pass is causing original marker to be removed)
* annotations: changing how the built in query gets added
* annotation: added time to header in edit mode
* tests: fixed jshint built issue
Breaks some stuff like selected dash in the search result.
In dashboard search, if the user is not searching then the result is
returned as a tree structure. No ACL's or user group ux yet.
A simple version control system for dashboards. Closes#1504.
Goals
1. To create a new dashboard version every time a dashboard is saved.
2. To allow users to view all versions of a given dashboard.
3. To allow users to rollback to a previous version of a dashboard.
4. To allow users to compare two versions of a dashboard.
Usage
Navigate to a dashboard, and click the settings cog. From there, click
the "Changelog" button to be brought to the Changelog view. In this
view, a table containing each version of a dashboard can be seen. Each
entry in the table represents a dashboard version. A selectable
checkbox, the version number, date created, name of the user who created
that version, and commit message is shown in the table, along with a
button that allows a user to restore to a previous version of that
dashboard. If a user wants to restore to a previous version of their
dashboard, they can do so by clicking the previously mentioned button.
If a user wants to compare two different versions of a dashboard, they
can do so by clicking the checkbox of two different dashboard versions,
then clicking the "Compare versions" button located below the dashboard.
From there, the user is brought to a view showing a summary of the
dashboard differences. Each summarized change contains a link that can
be clicked to take the user a JSON diff highlighting the changes line by
line.
Overview of Changes
Backend Changes
- A `dashboard_version` table was created to store each dashboard
version, along with a dashboard version model and structs to represent
the queries and commands necessary for the dashboard version API
methods.
- API endpoints were created to support working with dashboard
versions.
- Methods were added to create, update, read, and destroy dashboard
versions in the database.
- Logic was added to compute the diff between two versions, and
display it to the user.
- The dashboard migration logic was updated to save a "Version
1" of each existing dashboard in the database.
Frontend Changes
- New views
- Methods to pull JSON and HTML from endpoints
New API Endpoints
Each endpoint requires the authorization header to be sent in
the format,
```
Authorization: Bearer <jwt>
```
where `<jwt>` is a JSON web token obtained from the Grafana
admin panel.
`GET "/api/dashboards/db/:dashboardId/versions?orderBy=<string>&limit=<int>&start=<int>"`
Get all dashboard versions for the given dashboard ID. Accepts
three URL parameters:
- `orderBy` String to order the results by. Possible values
are `version`, `created`, `created_by`, `message`. Default
is `versions`. Ordering is always in descending order.
- `limit` Maximum number of results to return
- `start` Position in results to start from
`GET "/api/dashboards/db/:dashboardId/versions/:id"`
Get an individual dashboard version by ID, for the given
dashboard ID.
`POST "/api/dashboards/db/:dashboardId/restore"`
Restore to the given dashboard version. Post body is of
content-type `application/json`, and must contain.
```json
{
"dashboardId": <int>,
"version": <int>
}
```
`GET "/api/dashboards/db/:dashboardId/compare/:versionA...:versionB"`
Compare two dashboard versions by ID for the given
dashboard ID, returning a JSON delta formatted
representation of the diff. The URL format follows
what GitHub does. For example, visiting
[/api/dashboards/db/18/compare/22...33](http://ec2-54-80-139-44.compute-1.amazonaws.com:3000/api/dashboards/db/18/compare/22...33)
will return the diff between versions 22 and 33 for
the dashboard ID 18.
Dependencies Added
- The Go package [gojsondiff](https://github.com/yudai/gojsondiff)
was added and vendored.
