* Reload after deletion of the current settings
* Add grafana_ssosettings_setting_reload_failure_total counter
* Returns successfully if data reload failed
* Plugin: handle colon character in path
url.Parse() does not handle the given input correctly when the input
contains a colon character. The user will see the following error
message when trying to use remote cluster in Elasticsearch:
```
level=warn msg="Failed for create plugin resource request" error="parse \"foo-*,*:foo-*/_mapping\": first path segment in URL cannot contain colon" traceID=
```
As far as I can tell, we only want to set the path here + rawquery so
avoid url.Parse() altogether.
* Add more tests
---------
Co-authored-by: Giuseppe Guerra <giuseppe@guerra.in>
* add annotation permissions to dashboard managed role and add migrations for annotation permissions
* fix a bug with conditional access level definitions
* add tests
* Update pkg/services/sqlstore/migrations/accesscontrol/dashboard_permissions.go
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* apply feedback
* add batching, fix tests and a typo
* add one more test
* undo unneeded change
* undo unwanted change
* only check the default basic permissions for non-OSS instances
* account for all wildcards and simplify the check a bit
* error handling and extra conditionals to avoid test failures
* fix a bug with admin permissions not appearing for folders
* fix the OSS check
---------
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* Remove folderID from service tests
* Remove folderID from ngalert migration tests
* Remove tests related to folderIDs
* Roll back change
Before removing FolderID from this test, we need to adjust the code
* Remove FolderID from publicdashboard pkg
* Add back annotations test
* RBAC: Search add user login filter
* Switch to a userService resolving instead
* Remove unused error
* Fallback to use the cache
* account for userID filter
* Account for the error
* snake case
* Add test cases
* Add api tests
* Fix return on error
* Re-order imports
* Folders: Expose function for getting all org folders with specific UIDs
* lint
* Fix test
* fixup
* Apply suggestion from code review
* Remove changes in alerting scheduler
* fixup
* fixup after merge with main
* Add batching
* Use strings.Builder
* Return all org folders if UIDs is empty
* Filter out not accessible folders by the user
* Remove comment
* Fix batching when count is zero
* Do not include dashboard permissions
* Add some tests
* fix test
* Use batch request for folders
* Use batch request to deduplicate folders
* Refactor
* Fix after merging main
* Refactor
---------
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Check the value type before casting it to the string
* set visualization as table by default
* append all values for show diagnostics
* golangci-lint
* append metadata only to first frame
* Add API test
* Add move tests
* Fix create folder
* Fix move
* Fix test
* Drop and re-create index so that allows a folder to contain a dashboard and a subfolder with same name
* Get folder by title defaults to root folder and optionally fetches folder by provided parent folder
* Apply suggestions from code review
* Folders: Expose function for getting all org folders with specific UIDs
* Return all org folders if UIDs is empty
* Filter out not accessible folders by the user
* Modify query to optionally returning a string that contains the UIDs of all parent folders separated by slash.
* Alerting: Add action, scope, role_id to permission table
The existing role_id, action, scope index has the wrong ordering to be most
effectively used in dashboard/folder permission requests.
On a large tests set, the slow database calls were on the order of ~30-40ms, so
when performed individually they don't have that large of a latency impact.
However, when done in bulk in the migration this adds up to some very slow
requests.
After the index is added these same database calls are reduced to ~4-5ms
* Change index to action, scope, role_id
* Make new index unique and drop [role_id, action, scope] index
* Alerting: During legacy migration reduce the number of created silences
During legacy migration every migrated rule was given a label rule_uid=<uid>.
This was used to silence DatasourceError/DatasourceNoData alerts for
migrated rules that had either ExecutionErrorState/NoDataState set to
keep_state, respectively.
This could potentially create a large amount of silences and a high cardinality
label. Both of these scenarios have poor outcomes for CPU load and latency in
unified alerting.
Instead, this change creates one label per ExecutionErrorState/NoDataState when
they are set to keep_state as well as two silence rules, if rules with said
labels were created during migration. These silence rules are:
- __legacy_silence_error_keep_state__ = true
- __legacy_silence_nodata_keep_state__ = true
This will drastically reduce the number of created silence rules in most cases
as well as not create the potentially high cardinality label `rule_uid`.
