Commit Graph

3702 Commits

Author SHA1 Message Date
Stephanie Hingtgen
b12c731d59
Stars: Add dashboard_uid and org_id to table (#96408) 2024-11-15 09:51:31 -06:00
Ryan McKinley
cc6d057a18
Provisioning: Rename k8s origin metadata to repo (#96524) 2024-11-15 17:26:14 +03:00
Arati R.
2e62f75166
K8s/Folders: Allow recursive creation of DTO (#96439)
* Fix toDTO
* Remove conversion function for folder dto
* Convert toDTO to a standalone function

---------

Co-authored-by: Jean-Philippe Quéméner <JohnnyQQQQ@users.noreply.github.com>
2024-11-15 15:21:57 +01:00
colin-stuart
6abe99efd6
Auth: Passwordless Login Option Using Magic Links (#95436)
* initial passwordless client

* passwordless login page

* Working basic e2e flow

* Add todo comments

* Improve the passwordless login flow

* improved passwordless login, backend for passwordless signup

* add expiration to emails

* update email templates & render username & name fields on signup

* improve email templates

* change login page text while awaiting passwordless code

* fix merge conflicts

* use claims.TypeUser

* add initial passwordless tests

* better error messages

* simplified error name

* remove completed TODOs

* linting & minor test improvements & rename passwordless routes

* more linting fixes

* move code generation to its own func, use locationService to get query params

* fix ampersand in email templates & use passwordless api routes in LoginCtrl

* txt emails more closely match html email copy

* move passwordless auth behind experimental feature toggle

* fix PasswordlessLogin property failing typecheck

* make update-workspace

* user correct placeholder

* Update emails/templates/passwordless_verify_existing_user.txt

Co-authored-by: Dan Cech <dcech@grafana.com>

* Update emails/templates/passwordless_verify_existing_user.mjml

Co-authored-by: Dan Cech <dcech@grafana.com>

* Update emails/templates/passwordless_verify_new_user.txt

Co-authored-by: Dan Cech <dcech@grafana.com>

* Update emails/templates/passwordless_verify_new_user.txt

Co-authored-by: Dan Cech <dcech@grafana.com>

* Update emails/templates/passwordless_verify_new_user.mjml

Co-authored-by: Dan Cech <dcech@grafana.com>

* use &amp; in email templates

* Update emails/templates/passwordless_verify_existing_user.txt

Co-authored-by: Dan Cech <dcech@grafana.com>

* remove IP address validation

* struct for passwordless settings

* revert go.work.sum changes

* mock locationService.getSearch in failing test

---------

Co-authored-by: Mihaly Gyongyosi <mgyongyosi@users.noreply.github.com>
Co-authored-by: Dan Cech <dcech@grafana.com>
2024-11-14 08:50:55 -05:00
Ivana Huckova
4d0a7637b2
Zipkin: Run health check through backend (#96031)
* Zipkin: Run health check through backend

* Mark some errors as downstream

* Update pkg/tsdb/zipkin/zipkin.go

Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>

* Use errors.New where error formatting is not needed

* Remove executable in plugin.json

* Fix joining the path

* Keep logger as global and then create from context

* Close the res body

---------

Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
2024-11-07 16:48:00 +01:00
Todd Treece
517a1bef08
Playlist: Migrate to App SDK (#95691) 2024-11-04 14:18:49 -05:00
Jo
9f43724b57
AccessControl: Use UIDs for Resource permissions frontend (#95552)
* frontend can use uids to set resource permissions

* lint

* add uids to folder acl

* Update public/app/core/components/Select/UserPicker.tsx

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>

* simplify conditions

---------

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
2024-10-31 16:17:13 +01:00
Jo
90d2f4659e
Users: Allow specifying user UIDs in params (#95424)
* add user ID API translation

* add uid to user frontend

* use users' UIDs in admin pages

* fix ldapSync page

* use global user search for user by UID

* remove active org filtering

* remove orgID params
2024-10-30 14:14:42 +01:00
Josh Hunt
189802d3c3
EchoSrv: Add BrowserConsoleBackend to log analytics events (#95554)
* EchoSrv: Add BrowserConsoleBackend to log analytics events

* rename config name

* warn on non-scalar property values
2024-10-29 18:20:54 +00:00
Ryan McKinley
2f40fd6741
Dashboards: Remove unique name constraints (#90687) 2024-10-29 08:58:39 +03:00
jackyin
6f888720de
Alert: unexpected error log occur (#95491) 2024-10-28 15:34:07 +01:00
Misi
fedcf47702
User: Check SignedInUser OrgID in RevokeInvite (#95476)
Check SignedInUser OrgID in RevokeInvite
2024-10-28 13:20:17 +01:00
Arati R.
4a13580a2f
K8s/Folders: Fix folder status error message (#95464)
* Fix folder status error message
* Add test for folder creation response message
* Add TestFoldersCreateAPIEndpointK8S fixes
* Fix message returned when user has no permissions
2024-10-28 12:33:56 +01:00
Eric Leijonmarck
b1e1297bb3
LBAC for datasources: Move validation of rules from datasources to LBAC Rules (#94622)
* FIX: Remove the checks for lbac rules inside of datasources

* Remove json validation for lbac rules

* Preserve lbac rules in updates

* Refactored test to remove the table structure

* refactor: change to allow naming and concise override instead of complex branching

* refactor to make sure we set an empty field for updates

* bugfix

* check for datasources.JsonData

* fix merge

* add datasource to check for field presence only

* add function call for readability
2024-10-25 10:07:53 +01:00
jackyin
008c51b5b1
SignupInvitedPage: Show orgName (#94940)
* no orgname

* format code

* update unit test

* delete contextSrv

* fix unit test

* run prettier

---------

Co-authored-by: Laura Benz <laura.benz@grafana.com>
2024-10-23 16:49:27 +03:00
linoman
3270a9c959
Session Refactor: Add auth module label to session's list (#94958)
* Add AuthModule to token API

* Add badge to UserSessions

* Change idp label rendering

* Render IdP label for User Profile page

* Add i18n labels
2024-10-22 10:57:36 +02:00
Arati R.
f3a93a0303
K8s/Folders: Enhance k8s folder update (#95033)
* Put folder update behind feature toggle
* Set more fields when doing k8s update
* Check update in folder tests
* Uncomment remaining k8s handler methods
2024-10-21 19:08:03 +02:00
Arati R.
8abfcdbb78
Ks8/Folders: Fix status codes returned on create (#95055)
* Fix status codes returned by k8s folder handler
* Add test for status code when creating duplicate folder
2024-10-21 13:07:11 -03:00
Esteban Beltran
f248a55576
Frontend Sandbox: Create a plugin sandbox enable registry. Use enable list instead of disable list (#94809)
* Use a enable configuration to enable frontend sandbox

* Modify settings to load enableFrontendSandbox

* Check for signature type

* Update commment

* Fix e2e tests for the frontend sandbox

* Modify logic so a custom check function is used instead of a list of checks

* Fixes flaky test

* fix comment

* Update comment

* Empty commit

* Empty commit
2024-10-17 16:56:50 +02:00
Karl Persson
4083b2208e
Zanzana: periodic sync of team members (#94752)
* Rewrite zanzana collector to fetch all available pages

* Register access control as a background service

* If zanzana is enabled we run Syncs and start Reconciliation job

* Update pkg/services/authz/zanzana/client/client.go

Co-authored-by: Alexander Zobnin <alexanderzobnin@gmail.com>

* Use server lock when doing performing reconciliation
2024-10-17 15:28:33 +02:00
Ashley Harrison
ba6829f4a7
Topnav: Remove from feature toggle registry + hardcode in config (#94736)
remove topnav from feature toggle registry + hardcode to true
2024-10-17 10:18:30 +01:00
Misi
50a635bc7e
Auth: Introduce authn.SSOClientConfig to get client config from SSOSettings service (#94618)
* wip

* possible solution

* Separate interface for SSO settings clients

* Rename interface

* Fix tests

* Rename

* Change GetClientConfig to comma ok idiom
2024-10-16 16:27:44 +02:00
Jack Westbrook
cfb46c8003
Frontend: Extract CSS imports into files (#94655)
* build(webpack): extract css imports into files including node_modules

* feat(webassets): add cssfiles to entrypoint assets for extracted css files

* feat(views): add entrypoint css link tags to html templates

* feat(webassets): set CDN prefix for CSS files

* test(webassets): trim down sample-assets-manifest, fix failing snapshot tests

* Update pkg/api/webassets/webassets_test.go

Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>

* build(webpack): remove css module loader

---------

Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
2024-10-16 11:10:34 +02:00
Arati R.
65fc7cf004
K8s/Folders: Fix mode 2 folder creation (#94796)
* Use user UID as identifier instead of ID
* Remove malformed error
2024-10-16 10:44:09 +02:00
Arati R.
011978e81b
K8s/Folders: Remove folder service from client (#94450)
* Support getting full path of UIDs
* Use full path to set parents field
* Update get folder test
* Add folder store test for getting with full path UIDs
* Add test for parsing parent titles
* Test nested folder create payload
2024-10-10 13:22:57 +02:00
Scott Lepper
c2fb2dcfbe
wire up unified search from the ui; add basic search support (#94358)
* wire up search from the ui;  add basic search support
2024-10-08 13:09:56 -04:00
Misi
bd7850853e
Auth: Attach external session info to Grafana session (#93849)
* initial from poc changes

* wip

* Remove public external session service

* Update swagger

* Fix merge

* Cleanup

* Add backgroud service for cleanup

* Add auth_module to user_external_session

* Add tests for token revocation functions

* Add secret migration capabilities for user_external_session fields

* Cleanup, refactor to address feedback

* Fix test
2024-10-08 11:03:29 +02:00
Arati R.
ea5cf7c51f
Unified Storage /Folders: Allow Unified Storage subfolders creation (#94327)
* Add parents field to folder DTO
* Allow subfolder creation when folder flag is enabled
* Update UnstructuredToLegacyFolder
* Include parents field when creating folder
2024-10-07 16:48:56 +02:00
Misi
0539ccf10d
Auth: Fix redirection when auto_login is enabled (#94311)
* Fix for SAML auto login

* Fix for OAuth auto login
2024-10-07 14:59:00 +02:00
Arati R.
5a9bd1d1cf
K8s/Folders: Fix folder create payload (#94273)
* Fix createdBy and updatedBy
* Fix refreshing permission cache
* Update created time
* Fix user identifier parsing
2024-10-07 13:32:25 +03:00
maicon
261be0facd
UniStore: Evaluate Folder DTO attributes (#93968)
* UniStore: Evaluate Folder DTO attributes

* Handle AccessControl

* Reduce the number of parameters to newToFolderDto

* Detach Metadata helpers from HTTPServer

* Add tests

---------

Signed-off-by: Maicon Costa <maiconscosta@gmail.com>
2024-10-07 12:08:16 +02:00
Giuseppe Guerra
0db65d229e
Plugins: Add Subresource Integrity checks (#93024)
* Plugins: Pass hashes for SRI to frontend

* Add SRI hashes to frontendsettings DTOs

* Add docstring

* TestSriHashes

* Fix typo

* Changed SriHashes to ModuleHash

* update loader_test compareOpts

* update ModuleHash error message

* Add TestModuleHash/no_module.js

* Add omitEmpty to moduleHash

* Add ModuleHash to api/plugins/${pluginId}/settings

* moved ModuleHash field

* feat(plugins): add moduleHash to bootData and plugin types

* feat(plugins): if moduleHash is available apply it to systemjs importmap

* Calculate ModuleHash for CDN provisioned plugins

* Add ModuleHash tests for TestCalculate

* adjust test case name

* removed .envrc

* Fix signature verification failing for internal plugins

* fix tests

* Add pluginsFilesystemSriChecks feature togglemk

* renamed FilesystemSriChecksEnabled

* refactor(plugin_loader): prefer extending type declaration over ts-error

* added a couple more tests

* Removed unused features

* Removed unused argument from signature.DefaultCalculator call

* Removed unused argument from bootstrap.DefaultConstructFunc

* Moved ModuleHash to pluginassets service

* update docstring

* lint

* Removed cdn dependency from manifest.Signature

* add tests

* fix extra parameters in tests

* "fix" tests

* removed outdated test

* removed unused cdn dependency in signature.DefaultCalculator

* reduce diff

* Cache returned values

* Add support for deeply nested plugins (more than 1 hierarchy level)

* simplify cache usage

* refactor TestService_ModuleHash_Cache

* removed unused testdata

* re-generate feature toggles

* use version for module hash cache

* Renamed feature toggle to pluginsSriChecks and use it for both cdn and filesystem

* Removed app/types/system-integrity.d.ts

* re-generate feature toggles

* re-generate feature toggles

* feat(plugins): put systemjs integrity hash behind feature flag

---------

Co-authored-by: Jack Westbrook <jack.westbrook@gmail.com>
2024-10-04 14:55:09 +02:00
Arati R.
f403bc57d5
K8s/Folders: Clear permissions cache on create (#94214)
* Clear user permissions cache after folder creation
* Use k8s client only for create
2024-10-04 11:26:36 +02:00
Levente Balogh
6096f46774
Plugin Extensions: Require meta-data to be defined in plugin.json during development mode (#93429)
* feat: add extensions to the backend plugin model

* feat: update the frontend plugin types

* feat(pluginContext): return a `null` if there is no context found

This will be necessary to understand if a certain hook is running inside a plugin context or not.

* feat: add utility functions for checking extension configs

* tests: fix failing tests due to the type updates

* feat(AddedComponentsRegistry): validate plugin meta-info

* feat(AddedLinksRegistry): validate  meta-info

* feat(ExposedComponentsRegistry): validate meta-info

* feat(usePluginComponent): add meta-info validation

* feat(usePluginComponents): add meta-info validation

* feat(usePluginLinks): add meta-info validation

* fix: only validate meta-info in registries if dev mode is enabled

* tests: add unit tests for the restrictions functionality

* tests: fix Go tests

* fix(tests): revert accidental changes

* fix: run goimports

* fix: api tests

* add nested app so that meta data can bested e2e tested

* refactor(types): extract the ExtensionInfo into a separate type

* refactor(extensions/utils): use Array.prototype.some() instead of .find()

* refactor(usePluginLinks): update warning message

* feat(usePluginExtensions()): validate plugin meta-info

* Wip

* fix(e2e): E2E tests for extensions

* fix(extensions): allow multiple "/" slashes in the extension point id

* fix(extensions/validators): stop validating the plugin id pattern

---------

Co-authored-by: Erik Sundell <erik.sundell87@gmail.com>
2024-10-04 08:41:26 +02:00
Arati R.
e399fe6d09
Folders: Set folder creation permission as part of legacy create (#94040)
* Add folder store to dashboard permissions
* Include folder store in annotation scope resolver
* Add folder store when initialising library elements
* Include folder store in search v2 service initialisation
* Include folder store in GetInheritedScopes
* Add folder store to folder permissions provider
* Include cfg, folder permissions in folder service
* Move setting of folder permissions for folder service create method
2024-10-01 14:03:02 +02:00
Marcus Efraimsson
b7a7f2bd62
Plugins: Use handler middleware from the SDK (#93445)
updates sdk to v0.251.0
2024-09-30 16:33:15 +02:00
Arati R.
ed75aea21d
Folders: Export folder store implementation (#93897)
* Export folder store implementation

* Rename folder store

* Add folder store as a parameter to folder service

* Add folder store to dash service implementation

* Fix folder store comments
2024-09-30 10:28:47 +02:00
Misi
7e94d05d39
Auth: Fix token rotation redirect when session storage redirect is enabled (#93906)
Fix token rotation redirect when session storage redirect is enabled
2024-09-27 14:57:46 +02:00
Matheus Macabu
fcb17379ea
LibraryElements: add fake service implementation and replace its usage in Dashboard API (#93783)
* LibraryElements: add fake service implementation

* Dashboards: replace fake LibraryElements implementation
2024-09-27 14:22:29 +02:00
Tobias Skarhed
f49b4d35f2
OAuth: Add custom unauthorized message option in configuration (#93717)
* read custom message from config

* Read error key from bootdata

* oopsie

* Remove console.log

* Update docs and sample/default inis

* Add default key value to the config
2024-09-27 12:11:27 +02:00
Gabriel MABILLE
7928245eb6
ManagedServiceAccounts: Add a config option to disable the feature on-prem (#93571)
* ManagedServiceAccounts: Add a config option to disabled by default

* Update log in pkg/services/extsvcauth/registry/service.go

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
2024-09-27 09:11:59 +02:00
Matheus Macabu
40bcd0df41
LibraryElements: export GetAllElements to service (#93782) 2024-09-27 08:48:56 +02:00
Jeff Levin
a21a232a8e
Revert read replica POC (#93551)
* Revert "chore: add replDB to team service (#91799)"

This reverts commit c6ae2d7999.

* Revert "experiment: use read replica for Get and Find Dashboards (#91706)"

This reverts commit 54177ca619.

* Revert "QuotaService: refactor to use ReplDB for Get queries (#91333)"

This reverts commit 299c142f6a.

* Revert "refactor replCfg to look more like plugins/plugin config (#91142)"

This reverts commit ac0b4bb34d.

* Revert "chore (replstore): fix registration with multiple sql drivers, again (#90990)"

This reverts commit daedb358dd.

* Revert "Chore (sqlstore): add validation and testing for repl config (#90683)"

This reverts commit af19f039b6.

* Revert "ReplStore: Add support for round robin load balancing between multiple read replicas (#90530)"

This reverts commit 27b52b1507.

* Revert "DashboardStore: Use ReplDB and get dashboard quotas from the ReadReplica (#90235)"

This reverts commit 8a6107cd35.

* Revert "accesscontrol service read replica (#89963)"

This reverts commit 77a4869fca.

* Revert "Fix: add mapping for the new mysqlRepl driver (#89551)"

This reverts commit ab5a079bcc.

* Revert "fix: sql instrumentation dual registration error (#89508)"

This reverts commit d988f5c3b0.

* Revert "Experimental Feature Toggle: databaseReadReplica (#89232)"

This reverts commit 50244ed4a1.
2024-09-25 15:21:39 -08:00
Todd Treece
177965704d
Storage: Test mode 5 (#93714) 2024-09-25 08:29:17 -04:00
Arati R.
2c26053be8
K8s/Folders: Convert additional fields when creating k8s resources (#93395)
* Add separate folder registration function
* Convert to k8s resource directly after legacy create
* Use create command when creating folders
* Set additional fields when converting to k8s resource
* Add created/updated timestamps during conversion
* Refactor UnstructuredToLegacyFolderDTO
* Return errors when doing k8s conversions
2024-09-25 08:56:15 +02:00
Misi
d411ce2664
Auth: Use sessionStorage instead of cookie for automatic redirection (#92759)
* WIP: working as expected, has to be tested

* Rename query param, small changes

* Remove unused code

* Address feedback

* Cleanup

* Use the feature toggle to control the behaviour

* Use the toggle on the FE too

* Prevent the extra redirect/reload

 Co-authored-by: Josh Hunt <joshhunt@users.noreply.github.com>

* Return to login if user is not authenticated

* Add tracking issue

* Align BE redirect constructor to locationSvc
2024-09-24 18:38:09 +02:00
Oscar Kilhed
9adb7b03a7
Remove buildstamp from build hash. Version and commit should be enough (#93658)
Remove buildstamp from build hash, version and commit should be enough
2024-09-24 17:10:29 +02:00
Alexander Zobnin
5e713673e1
Annotations: Optimize search by tags (#93547)
* Annotations: Optimize search on large number of dashboards

* refactor

* fix batch size

* Return early if no annotations found

* revert go.mod

* return nil in case of error

* Move default limit to the API package

* fix empty access control filter

* Set default limit to 100

* optimize query when number of annotations is less than limit

* Update pkg/services/annotations/annotationsimpl/annotations.go

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>

* remove limit from store since it's set in API

* set default limit in Find method (do not break tests)

* Only add limit to the query if it's set

* use limit trick for all searches without dashboard filter

* set default page if not provided

---------

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
2024-09-23 17:29:29 +02:00
lean.dev
5522c3a01b
Grafana: Adds support for PKCS1 encrypted certs (#93451) 2024-09-19 15:03:06 -03:00
Will Browne
362ffff591
Plugins: Avoid returning 404 for AutoEnabled apps (#93436)
avoid errors for autoenabled apps
2024-09-19 14:00:34 +01:00