Commit Graph

1089 Commits

Author SHA1 Message Date
Jeff Levin
52ed651958
public dashboards: insert default public dashboard config into database on save (#49131)
This PR adds endpoints for saving and retrieving a public dashboard configuration and and api endpoint to retrieve the public dashboard.

All of this is highly experimental and APIs will change. Notably, we will be removing isPublic from the dashboard model and moving it over to the public dashboard table in the next release.

Further context can be found here: https://github.com/grafana/grafana/pull/49131#issuecomment-1145456952
2022-06-02 18:27:23 -08:00
owensmallwood
cfdea1ee30
PublicDashboards: Frontend routing for public dashboards (#48834)
* add isPublic to dashboard

* refactor routes to use route group and add placeholder method for sharing apii

* add sharing pane and utils for public dashboard config to sharing modal

* Sharing modal now persists data through the api

* moves ShareDashboard endpoint to new file and starts adding tests

* generates mocks. Adds tests for public dashboard feature flag

* Adds ability to pass in array of features to enable for the test

* test to update public flag on dashboard WIP

* Adds mock for SaveDashboardSharingConfig

* Fixes tests. Had to use FakeDashboardService

* Adds React tests for public dashboards toggle

* removes semicolons

* refactors SharePublic component to use hooks

* rename from `share publicly` to `public dashboard config`

* checkpoint. debugging tests. need to verify name changes

* checkpoint. test bugs fixed. need to finish returning proper response codes

* finish renaming. fix test

* Update pkg/api/api.go

Co-authored-by: Torkel Ödegaard <torkel@grafana.com>

* update backend url

* rename internal objects and commands. fix configuration modal labels

* add endpoint for retrieving public dashboard configuration and populate the frontend state from it

* add test for dashboardCanBePublic

* adds backend routes

* copy DashboardPage component into component for public dashboards. WIP

* adds react routes, and doesnt render main nav bar when viewing a public route

* removes extra react route from testing

* updates component name

* Wrap the original dashboard component so we can pass props relevant to public dashboards, turn kiosk mode on/off, etc

* Wraps DashboardPage in PublicDashboardPage component. DashboardPage gets rendered in kiosk mode when public prop is passed.

* removes commented out code from exploratory work

* Makes public dashboard routes require no auth

* extracts helper to own util file to check if were viewing a public page

* Hides panel dropdown when its being viewed publicly

* formatting

* use function from utils file for determining if publicly viewed. If public, hides app notifications, searchwrapper, and commandpalette.

* adds unit tests for util function used to see if page is being viewed publicly

* cant added annotations to panel when being publicly viewed

* removes useless comment

* hides backend and frontend pubdash routes behind feature flag

* consider feature flag when checking url path to see if on public dashboard

* renames function

* still render app notifications when in public view

* Extract pubdash route logic into own file

* fixes failing tests

* Determines path using location locationUtils. This covers the case when grafana is being hosted on a subpath. Updates tests.

* renames pubdash web route to be more understandable

* rename route

* fixes failing test

* fixes failing test. Needed to update pubdash urls

* sets flag on grafana boot config for if viewing public dashboard. Removes hacky check that looks at the url

* fixes failing tests. Uses config to determine if viewing public dashboard

* renders the blue panel timeInfo on public dashboard panel

* Extracts conditional logic for rendering components out into their own functions

* removes publicDashboardView check, and uses dashboard meta instead

* the timeInfo is always displayed on the panel

* After fetch of public dashboard dto, the meta isPublic flag gets set and used to determine if viewing public dashboard for child components. Fixes tests for PanelHeader.

* Fixes failing test. Needed to add isPublic flag to dashboard meta.

Co-authored-by: Jeff Levin <jeff@levinology.com>
Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
2022-06-02 14:57:55 -06:00
Ryan McKinley
d452322aa8
Search (SQL): support dashboardUID query parameter (#50121) 2022-06-02 12:56:01 -07:00
Ieva
5dbea9996b
RBAC: Make RBAC action names more consistent (#49730)
* update action names

* correctly retrieve teams for signed in user

* remove test

* undo swagger changes

* undo swagger changes pt2

* add migration from old action names to the new ones

* rename from list to read

* linting

* also update alertign actions

* fix migration
2022-06-02 13:14:48 +01:00
Kristin Laemmert
2edfbb7767
sqlstore split: dashboard permissions (#49962)
* backend/sqlstore split: remove unused GetDashboardPermissionsForUser from sqlstore
* remove debugging line
* backend/sqlstore: move dashboard permission related functions to dashboard service
2022-06-01 14:16:26 -04:00
Marcus Efraimsson
a7813275a5
Plugins: Support headers field for check health (#49930) 2022-05-31 17:58:06 +02:00
idafurjes
3ba928e6b0
Remove preferences from models (#49879) 2022-05-31 11:29:30 +02:00
Karl Persson
5caf97be40
AccessControl: Replace IsEnterprise checks with license checks (#49572) 2022-05-25 20:40:41 +02:00
Joan López de la Franca Beltran
e43879e55d
Encryption: Add support for multiple data keys per day (#47765)
* Add database migrations

* Use short uids as data key ids

* Add support for manual data key rotation

* Fix duplicated mutex unlocks

* Fix migration

* Manage current data keys per name

* Adjust key re-encryption and test

* Modify rename column migration for MySQL compatibility

* Refactor secrets manager and data keys cache

* Multiple o11y adjustments

* Fix stats query

* Apply suggestions from code review

Co-authored-by: Tania <yalyna.ts@gmail.com>

* Fix linter

* Docs: Rotate data encryption keys API endpoint

Co-authored-by: Tania <yalyna.ts@gmail.com>
2022-05-23 13:13:55 +02:00
Jeff Levin
c7f8c2cc73
add isPublic to dashboard (#48012)
adds toggle to make a dashboard public

* config struct for public dashboard config
* api endpoints for public dashboard configuration
* ui for toggling public dashboard on and off
* load public dashboard config on share modal

Co-authored-by: Owen Smallwood <owen.smallwood@grafana.com>
Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
2022-05-17 14:11:55 -08:00
Kat Yang
719af24235
Refactor: Add UID endpoint for dashboard versions and restore (#48364)
* Refactor: Add UID endpoint for dashboard versions and restore

* Fix: User dashID instead of dash.id

* 💩

* Move apiCmd error handling outside of dashUID check

* fix the panic in test

* Fix handler and update docs

Co-authored-by: Kat Yang <yangkb09@users.noreply.github.com>

* Docs: add deprecated warning to restore and version docs

* Fix hyperlink text

* Add swagger endpoints for restore and versions

* Add deprecated tag on swagger for both endpoints

* Fix: Update access control to be dashboards

* Return UID in response; Update docs to reflect this; Implement Ying suggestion

* Update docs/sources/http_api/dashboard_versions.md

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>

* Update pkg/models/dashboard_version.go

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>

* Update pkg/models/dashboard_version.go

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>

* Update query to refer to DashboardUID

Co-authored-by: Ying WANG <ying.wang@grafana.com>
Co-authored-by: Sofia Papagiannaki <sofia@grafana.com>
Co-authored-by: Kat Yang <yangkb09@users.noreply.github.com>
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
2022-05-17 12:57:27 -04:00
Kat Yang
9a0f2ec449
Refactor: Add UID endpoint for get dashboard version (#48600)
* Refactor: Add UID endpoint for get dashboard version

* Add initial docs language

* Add new endpoint in swagger

* Change access control to dashboards

* Add parameters to swagger endpoint

* Return UID in response; Update docs to reflect this; Implement Ying suggestion

* Update docs/sources/http_api/dashboard_versions.md

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>

* Update pkg/api/api.go

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>

* Update pkg/models/dashboard_version.go

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>

* Rename UID to DashboardUID for clarity; use dashUID in method

Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
2022-05-17 12:59:02 +02:00
Selene
43e34f3086
Dashboards: Allow to retrieve dashboards by uid (#48522)
* Add the possibility to get the dashboards by uid

* Fix
2022-05-17 09:37:44 +02:00
Jesse Weaver
85af8ce2ec
[Public Dashboards] Extract queries from dashboards (#48602) 2022-05-16 13:08:42 -06:00
Eric Leijonmarck
555867135b
Access control: Using RBAC to filter users in list view that you have read access to (#47963)
* Add SQL filter for global user search

* Remove scope requirements from endpoints

Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
2022-05-13 09:26:34 +02:00
Joan López de la Franca Beltran
9826a694a8
Encryption: Add Prometheus metrics (#48603) 2022-05-06 10:21:55 +02:00
Krzysztof Dąbrowski
c41397a6e7
LDAP: validate organization role during parsing (#37188)
* LDAP: validate organization role during parsing

* Trigger a new build

* Check if grafana_admin is present
2022-05-04 09:35:10 +02:00
Karl Persson
6c6137f45a
Access control: Pass access control metadata for api keys (#48445)
* Move ApiKeyDTO to dtos package

* Add access control filter to api keys

* pass user in GetApiKeysQuery

* Add api key metadata to DTO

* Remove scope all requirement from get api keys endpoint

* Handle api key access control metadata in frondend
2022-04-29 15:30:24 +02:00
Sofia Papagiannaki
e58a015baf
Swagger: annotate RoleType as enumeration (#47902) 2022-04-20 10:27:25 +03:00
Serge Zaitsev
41012af997
Tracing: Use common traceID context value for opentracing and opentelemetry (#46411)
* use common traceID context value for opentracing and opentelemetry

* support sampled trace IDs as well

* inject traceID into NormalResponse on errors

* Finally the test passed

* fix the test

* fix linter

* change the function parameter

Co-authored-by: Ying WANG <ying.wang@grafana.com>
2022-04-14 17:54:49 +02:00
Eric Leijonmarck
673a2ab49e
fix: bug where disabled didnt disable the use of service account (#47688) 2022-04-13 13:40:58 +01:00
Ivana Huckova
201557c6fc
Query history: Save user preferences in database (#47506) 2022-04-12 11:42:42 +02:00
Gabriel MABILLE
f7305965a4
AccessControl: Remove package lists for roles and grants (#47141)
* AccessControl: Remove package variables for roles and grants

Co-authored-by: Jguer <joao.guerreiro@grafana.com>

* Check for inheritance during role registration

Co-authored-by: Jguer <joao.guerreiro@grafana.com>

* Moving back role definition to accessscontrol

* Make settings reader role public

Co-authored-by: Jguer <joao.guerreiro@grafana.com>

* Nits

Co-authored-by: Jguer <joao.guerreiro@grafana.com>

* Forgot to update this

* Account for declaration error

* Fixing pkg/api init ossac

* Account for error in tests

* Update test to verify inheritance

* Nits.

* Place br inheritance behind a feature toggle

* Parent -> Parents

* Nit.

Co-authored-by: Jguer <joao.guerreiro@grafana.com>
2022-04-06 09:31:14 +02:00
Piotr Jamróz
8490fd77e3
Users: clean up OrgId when all user orgs are removed (#46003)
* Clean up orgId when user organization is removed

* Add a test for removing user org

* Fix linting errors

* Update comment

* Fix linting errors

* Make removing user org more explicit
2022-04-06 08:35:58 +02:00
Josh Hunt
71db5115f4
User: Expose GCOM user ID as externalUserId in grafanaBootData (#47307)
* user essentials mob! 🔱

* user essentials mob! 🔱

* user essentials mob! 🔱

* user essentials mob! 🔱

* user essentials mob! 🔱

* fix sql indtent

Co-authored-by: Joao Silva <joao.silva@grafana.com>
Co-authored-by: Ashley Harrison <ashley.harrison@grafana.com>
2022-04-05 14:44:33 +01:00
Karl Persson
a5e4a533fa
Access control: use uid for dashboard and folder scopes (#46807)
* use uid:s for folder and dashboard permissions

* evaluate folder and dashboard permissions based on uids

* add dashboard.uid to accept list

* Check for exact suffix

* Check parent folder on create

* update test

* drop dashboard:create actions with dashboard scope

* fix typo

* AccessControl: test id 0 scope conversion

* AccessControl: store only parent folder UID

* AccessControl: extract general as a constant

* FolderServices: Prevent creation of a folder uid'd general

* FolderServices: Test folder creation prevention

* Update pkg/services/guardian/accesscontrol_guardian.go

* FolderServices: fix mock call expect

* FolderServices: remove uneeded mocks

Co-authored-by: jguer <joao.guerreiro@grafana.com>
2022-03-30 15:14:26 +02:00
Emil Tullstedt
0e5ac29763
Data sources: Grant creator edit permissions to data source by default (#46168)
* Data sources: Sent user ID when creating data source

* Data sources: Grant a data source creator edit permissions

* Use edit permisison and only append if user id is in command

Co-authored-by: Karl Persson <kalle.persson@grafana.com>
2022-03-21 17:16:05 +01:00
ying-jeanne
0d5a6c2194
remove bus from search and avoid import cycle (#46789)
* fix the import cicle

* fix some unittest

* fix removal bus from search
2022-03-21 23:54:30 +08:00
Ashley Harrison
586272e5f0
Navigation: Introduce a preferences table to store Navbar preferences (#44914)
* First attempt at creating new navbar_preferences table in db

* Apply to every nav item instead of just home

* user essentials mob! 🔱

* user essentials mob! 🔱

* user essentials mob! 🔱

* user essentials mob! 🔱

* user essentials mob! 🔱

* user essentials mob! 🔱

* user essentials mob! 🔱

* user essentials mob! 🔱

* user essentials mob! 🔱

* user essentials mob! 🔱

* user essentials mob! 🔱

* user essentials mob! 🔱

* user essentials mob! 🔱

* user essentials mob! 🔱

* user essentials mob! 🔱

* user essentials mob! 🔱

* user essentials mob! 🔱

* user essentials mob! 🔱

* user essentials mob! 🔱

* user essentials mob! 🔱

* user essentials mob! 🔱

* user essentials mob! 🔱

* user essentials mob! 🔱

* user essentials mob! 🔱

* user essentials mob! 🔱

* user essentials mob! 🔱

* user essentials mob! 🔱

* user essentials mob! 🔱

* Chore: introduce initTestDB options for features

* fix unit tests

* Add another unit test and some logic for detecting if a preference already exists

* tidy up

* Only override IsFeatureToggleEnabled if it's defined

* Extract setNavPreferences out into it's own function, initialise features correctly

* Make the linter happy

* Use new structure

* user essentials mob! 🔱

* user essentials mob! 🔱

* Split NavbarPreferences from Preferences

* user essentials mob! 🔱

* user essentials mob! 🔱

* Fix lint error

* Start adding tests

* Change internal db structure to be a generic json object

* GetJsonData -> GetPreferencesJsonData

* Stop using simplejson + add some more unit tests

* Update pkg/api/preferences.go

Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>

* Updates following review comments

* user essentials mob! 🔱

* user essentials mob! 🔱

* user essentials mob! 🔱

* user essentials mob! 🔱

* Change patch to upsert, add a unit test

* remove commented out code

* introduce patch user/org preferences methods

* Return Navbar preferences in the get call

* Fix integration test by instantiating JsonData

* Address review comments

* Rename HideFromNavbar -> Hide

* add swagger:model comment

* Add patch to the preferences documentation

* Add openapi annotations

* Add a short description

* user essentials mob! 🔱

* user essentials mob! 🔱

* user essentials mob! 🔱

* user essentials mob! 🔱

* Update unit tests

* remove unneeded url

* remove outdated comment

* Update integration tests

* update generated swagger

Co-authored-by: Alexandra Vargas <alexa1866@gmail.com>
Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
2022-03-17 12:07:20 +00:00
Jguer
ef9fe26886
Service accounts: Split user and service account database (#46442)
* ServiceAccounts: remove unused endpoint

* ServiceAccounts: remove usage of getOrgUsers from service accounts

* use dialect for boolean str true in delete

* return service account results directly

* Move Service Account Deletions to sa package

Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
Co-authored-by: gamab <gabi.mabs@gmail.com>

* Move service account methods to service accounts

Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
Co-authored-by: gamab <gabi.mabs@gmail.com>

* Service accounts should not interfere with users

Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>

* filter service accounts in user services

* mispell fix

* fix overextended lines

Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>

* fix variable

Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
Co-authored-by: gamab <gabi.mabs@gmail.com>
2022-03-14 18:24:07 +01:00
Yuriy Tseretyan
9465eb1b3a
Folder store (#46431)
* create FolderStore
* update usages to provide context
* implement methods to get folder by ID and UID
* update folder service to use store methods
2022-03-14 11:21:42 -04:00
Jeff Levin
5d2f34d8e2
ValidatedQueries: start of validated queries API (#44731)
* adds an api endpoint for use with public dashboards that validates orgId, dashboard, and panel when running a query. This feature is in ALPHA and should not be enabled yet. Testing is based on new mock sqlstore.

Co-authored-by: Jesse Weaver <jesse.weaver@grafana.com>
Co-authored-by: Leandro Deveikis <leandro.deveikis@gmail.com>
2022-03-07 09:33:01 -09:00
Karl Persson
77393121ca
ingore permissions in json serialization (#46295) 2022-03-07 16:35:57 +01:00
Giordano Ricci
09f48173fe
Explore: allow users to save Explore state to a new panel in a new dashboard (#45148)
* Add Button & Form

* Save to new dashboard

* minor adjustements

* move modal to a separate component

* handle dashboard name related errors

* pick visualization based on query results

* lift state

* fix types

* Add Open & Close tests

* Add submit test

* add navigation tests

* add tests for API errors

* remove console log

* create wrapper component for AddToDashboardButton

* remove unused mapped prop

* add wrapper test

* rename isActive to isVisible

* invert control over save & redirect logic

* remove leftover commented code

* cleanup setup parameters

* reorganize code & improve tests

* Remove option to add to existing dashboard

* UI tweaks

* disable button if no queries

* Fix tests

* better accessible tests

* handle submission errors

* improve addToDashboard types

* use dashboardSrv' saveDashboard

* remove leftover test helper

* fix typo

Co-authored-by: Piotr Jamróz <pm.jamroz@gmail.com>

* Apply suggestions from code review

Co-authored-by: Kristina <kristina.durivage@grafana.com>

Co-authored-by: Piotr Jamróz <pm.jamroz@gmail.com>
Co-authored-by: Kristina <kristina.durivage@grafana.com>
2022-03-03 08:54:06 +00:00
Yuriy Tseretyan
016d9e14ed
Add missing option "OK" for Error state (#45262)
* Add missing OK option to models
* add ok to legacy legacy UI does not support it but it is possible to do so via provisioning.
* use enums in migration so linter would catch missing cases
2022-03-02 19:07:55 -05:00
J Guerreiro
5cb03d6e62
Separate API key store from SA token store (#45862)
* ServiceAccounts: Fix token-apikey cross deletion

* ServiceAccounts: separate API key store and service account token store

* ServiceAccounts: hide service account tokens from API Keys page

* ServiceAccounts: uppercase statement

* ServiceAccounts: fix and add new tests for SAT store

* ServiceAccounts: remove service account ID from add API key

* ServiceAccounts: clear up errors
2022-02-28 11:30:45 +01:00
J Guerreiro
e201b777c2
Service Accounts: small typo and dto fixes (#45677)
* ServiceAccounts: respect js casing and small fixes to displayed values

* ServiceAccounts: fix typos on service account

* ServiceAccounts: fix missing orgID in service account

* ServiceAccounts: Small fixes to dtos for profile

* ServiceAccounts: use result org id

* ServiceAccounts: return value is always nil
2022-02-22 14:58:42 +01:00
Artur Wierzbicki
6c76aa71e8
Previews: capability check (#44601)
* add SQL migrations

* dashboard previews from sql: poc

* added todos

* refactor: use the same enums where possible

* use useEffect, always return json

* added todo

* refactor + delete files after use

* refactor + fix manual thumbnail upload

* refactor: move all interactions with sqlStore to thumbnail repo

* refactor: remove file operations in thumb crawler/service

* refactor: fix dashboard_thumbs sql store

* refactor: extracted thumbnail fetching/updating to a hook

* refactor: store thumbnails in redux store

* refactor: store thumbnails in redux store

* refactor: private'd repo methods

* removed redux storage, saving images as blobs

* allow for configurable rendering timeouts

* added 1) query for dashboards with stale thumbnails, 2) command for marking thumbnails as stale

* use sql-based queue in crawler

* ui for marking thumbnails as stale

* replaced `stale` boolean prop with `state` enum

* introduce rendering session

* compilation errors

* fix crawler stop button

* rename thumbnail state frozen to locked

* #44449: fix merge conflicts

* #44449: remove thumb methods from `Store` interface

* #44449: clean filepath, defer file closing

* #44449: fix rendering.Theme cyclic import

* #44449: linting

* #44449: linting

* #44449: mutex'd crawlerStatus access

* #44449: added integration tests for `sqlstore.dashboard_thumbs`

* #44449: added comments to explain the `ThumbnailState` enum

* #44449: use os.ReadFile rather then os.Open

* #44449: always enable dashboardPreviews feature during integration tests

* #44449: add /previews/system-requirements API

* #44449: remove sleep time, adjust number of threads

* #44449: review fix: add `orgId` to `DashboardThumbnailMeta`

* #44449: review fix: automatic parsing of thumbnailState

* #44449: update returned json

* #44449: UI changes - dashboard previews sytem req check

* #44449: lint fixes

* #44449: fix tests

* #44449: typo

* #44449: fix getSystemRequirements API: return 200 even if we plugin version is invalid

* #44449: fix getSystemRequirements API: don't return SemverConstraint on error

* #44449: fix getSystemRequirements API

* #44449: fix previews sytem requirements text

* #44449: add `doThumbnailsExist` to repo

* #44449: remove redux api

* #44449: add missing model

* #44449: implement frontedsettings-driven capability check

* #44449: simplify

* #44449: revert test changes

* #44449: add dummy setup settings

* #44449: implicit typing over `FC<Props>`

* #44449: refactor conditionals

* #44449: replace `getText` with a react component

* #44449: fix component interface

* #44449: add onRemove to `PreviewsSystemRequirements` alert

* #44449: add bottom/top margin to previewSystemRequirements modal

* #44449: merge conflict fix

* #44449: remove console.log

Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
Co-authored-by: Alexander Emelin <frvzmb@gmail.com>
2022-02-16 21:49:50 +04:00
Selene
d5b98772ed
Dashboards: Refactor service to make it injectable by wire (#44588)
* Add providers to folder and dashboard services

* Refactor folder and dashboard services

* Move store implementation to its own file due wire cannot allow us to cast to SQLStore

* Add store in some places and more missing dependencies

* Bad merge fix

* Remove old functions from tests and few fixes

* Fix provisioning

* Remove store from http server and some test fixes

* Test fixes

* Fix dashboard and folder tests

* Fix library tests

* Fix provisioning tests

* Fix plugins manager tests

* Fix alert and org users tests

* Refactor service package and more test fixes

* Fix dashboard_test tets

* Fix api tests

* Some lint fixes

* Fix lint

* More lint :/

* Move dashboard integration tests to dashboards service and fix dependencies

* Lint + tests

* More integration tests fixes

* Lint

* Lint again

* Fix tests again and again anda again

* Update searchstore_test

* Fix goimports

* More go imports

* More imports fixes

* Fix lint

* Move UnprovisionDashboard function into dashboard service and remove bus

* Use search service instead of bus

* Fix test

* Fix go imports

* Use nil in tests
2022-02-16 14:15:44 +01:00
Artur Wierzbicki
0276b029fc
Previews: crawler as a background service (#44891)
* add SQL migrations

* dashboard previews from sql: poc

* added todos

* refactor: use the same enums where possible

* use useEffect, always return json

* added todo

* refactor + delete files after use

* refactor + fix manual thumbnail upload

* refactor: move all interactions with sqlStore to thumbnail repo

* refactor: remove file operations in thumb crawler/service

* refactor: fix dashboard_thumbs sql store

* refactor: extracted thumbnail fetching/updating to a hook

* refactor: store thumbnails in redux store

* refactor: store thumbnails in redux store

* refactor: private'd repo methods

* removed redux storage, saving images as blobs

* allow for configurable rendering timeouts

* added 1) query for dashboards with stale thumbnails, 2) command for marking thumbnails as stale

* use sql-based queue in crawler

* ui for marking thumbnails as stale

* replaced `stale` boolean prop with `state` enum

* introduce rendering session

* compilation errors

* fix crawler stop button

* rename thumbnail state frozen to locked

* #44449: fix merge conflicts

* #44449: remove thumb methods from `Store` interface

* #44449: clean filepath, defer file closing

* #44449: fix rendering.Theme cyclic import

* #44449: linting

* #44449: linting

* #44449: mutex'd crawlerStatus access

* #44449: added integration tests for `sqlstore.dashboard_thumbs`

* #44449: added comments to explain the `ThumbnailState` enum

* #44449: use os.ReadFile rather then os.Open

* #44449: always enable dashboardPreviews feature during integration tests

* #44449: remove sleep time, adjust number of threads

* #44449: review fix: add `orgId` to `DashboardThumbnailMeta`

* #44449: review fix: automatic parsing of thumbnailState

* #44449: lint fixes

* #44449: crawler as a background service v0.1

* #44449: use ServerLockService

* #44449: use ServerLockService

* #44449: review fix: prefer `WithDbSession` over `WithTransactionalDbSession`

* #44449: review fix: add a comment explaining source of the filepath

* #44449: review fix: added filepath validation

* #44449: fix FindDashboardsWithStaleThumbnails to include `theme` and `kind` in search params

* #44449: fix FindDashboardsWithStaleThumbnails to include `theme` and `kind` in search params

* #44449: create function for crawler on demand

* #44449: improve crawler logging

* #44449: fix wire

* #44449: uncomment dummy thumb service, fix ticker interval

* #44449: prevent race condition

* #44449: improve logging

* #44449: fix theme

* #44449: review fixes https://github.com/grafana/grafana/pull/45063/files @fzambia

* #44449: add missing unlock

* #44449: merge

* #44449: review fix - logger @fzambia https://github.com/grafana/grafana/pull/45063/files

* #44449: formatting

* #44449: merge conflict fix

* #44449: merge conflict fix

* #44449: merge conflict fix

* #44449: naming fix

* #44449: update authOpts

* #44449: change authOpts.role back to admin

* #44449: fix `walk` signature, move ctx to a first argument

* #44449: add `dashboardPreviewsScheduler` feature flag

Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
Co-authored-by: Alexander Emelin <frvzmb@gmail.com>
2022-02-10 22:45:00 +04:00
Gabriel MABILLE
78fc0258b1
AccessControl: Implement SQL filters for team members filtering (#44898)
* AccessControl: Filter team members

* Modify GetTeamMembersByUser comment

* Fix postgres failing test due to quoting

* Rename GetTeamMembersByUser to GetUserTeamMemberships

* Update TeamStore interface
2022-02-09 17:46:37 +01:00
Dimitris Sotirakis
605d056136
Security: Sync security changes on main (#45083)
* * Teams: Appropriately apply user id filter in /api/teams/:id and /api/teams/search
* Teams: Ensure that users searching for teams are only able see teams they have access to
* Teams: Require teamGuardian admin privileges to list team members
* Teams: Prevent org viewers from administering teams
* Teams: Add org_id condition to team count query
* Teams: clarify permission requirements in teams api docs
* Teams: expand scenarios for team search tests
* Teams: mock teamGuardian in tests

Co-authored-by: Dan Cech <dcech@grafana.com>

* remove duplicate WHERE statement

* Fix for CVE-2022-21702

(cherry picked from commit 202d7c190082c094bc1dc13f7fe9464746c37f9e)

* Lint and test fixes

(cherry picked from commit 3e6b67d5504abf4a1d7b8d621f04d062c048e981)

* check content type properly

(cherry picked from commit 70b4458892bf2f776302720c10d24c9ff34edd98)

* basic csrf origin check

(cherry picked from commit 3adaa5ff39832364f6390881fb5b42ad47df92e1)

* compare origin to host

(cherry picked from commit 5443892699e8ed42836bb2b9a44744ff3e970f42)

* simplify url parsing

(cherry picked from commit b2ffbc9513fed75468628370a48b929d30af2b1d)

* check csrf for GET requests, only compare origin

(cherry picked from commit 8b81dc12d8f8a1f07852809c5b4d44f0f0b1d709)

* parse content type properly

(cherry picked from commit 16f76f4902e6f2188bea9606c68b551af186bdc0)

* mentioned get in the comment

(cherry picked from commit a7e61811ef8ae558ce721e2e3fed04ce7a5a5345)

* add content-type: application/json to test HTTP requests

* fix pluginproxy test

* Fix linter when comparing errors

Co-authored-by: Kevin Minehart <kmineh0151@gmail.com>
Co-authored-by: Dan Cech <dcech@grafana.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Co-authored-by: Serge Zaitsev <serge.zaitsev@grafana.com>
Co-authored-by: Vardan Torosyan <vardants@gmail.com>
2022-02-09 13:44:38 +01:00
Artur Wierzbicki
a025109647
Dash previews: populate crawler queue from SQL query (#44083)
* add SQL migrations

* dashboard previews from sql: poc

* added todos

* refactor: use the same enums where possible

* use useEffect, always return json

* added todo

* refactor + delete files after use

* refactor + fix manual thumbnail upload

* refactor: move all interactions with sqlStore to thumbnail repo

* refactor: remove file operations in thumb crawler/service

* refactor: fix dashboard_thumbs sql store

* refactor: extracted thumbnail fetching/updating to a hook

* refactor: store thumbnails in redux store

* refactor: store thumbnails in redux store

* refactor: private'd repo methods

* removed redux storage, saving images as blobs

* allow for configurable rendering timeouts

* added 1) query for dashboards with stale thumbnails, 2) command for marking thumbnails as stale

* use sql-based queue in crawler

* ui for marking thumbnails as stale

* replaced `stale` boolean prop with `state` enum

* introduce rendering session

* compilation errors

* fix crawler stop button

* rename thumbnail state frozen to locked

* #44449: fix merge conflicts

* #44449: remove thumb methods from `Store` interface

* #44449: clean filepath, defer file closing

* #44449: fix rendering.Theme cyclic import

* #44449: linting

* #44449: linting

* #44449: mutex'd crawlerStatus access

* #44449: added integration tests for `sqlstore.dashboard_thumbs`

* #44449: added comments to explain the `ThumbnailState` enum

* #44449: use os.ReadFile rather then os.Open

* #44449: always enable dashboardPreviews feature during integration tests

* #44449: remove sleep time, adjust number of threads

* #44449: review fix: add `orgId` to `DashboardThumbnailMeta`

* #44449: review fix: automatic parsing of thumbnailState

* #44449: lint fixes

* #44449: review fix: prefer `WithDbSession` over `WithTransactionalDbSession`

* #44449: review fix: add a comment explaining source of the filepath

* #44449: review fix: added filepath validation

* #44449: review fixes https://github.com/grafana/grafana/pull/45063/files @fzambia

Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
Co-authored-by: Alexander Emelin <frvzmb@gmail.com>
2022-02-09 13:23:32 +04:00
Sofia Papagiannaki
35fe58de37
API: Extract OpenAPI specification from source code using go-swagger (#40528)
* API: Using go-swagger for extracting OpenAPI specification from source code

* Merge Grafana Alerting spec

* Include enterprise endpoints (if enabled)

* Serve SwaggerUI under feature flag

* Fix building dev docker images

* Configure swaggerUI

* Add missing json tags

Co-authored-by: Ying WANG <ying.wang@grafana.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
2022-02-08 13:38:43 +01:00
J Guerreiro
94820e1f29
Add/Delete API keys to Service accounts (#44871)
* ServiceAccounts: move token handlers to specific file

* ServiceAccounts: move Add API key to Service account

* APIKeys: api keys can still be used even when service accounts are enabled

* APIKeys: legacy endpoint can't be used to add SA tokens

* ServiceAccount: add tests for creation with nil and non-nil service account ids

* ServiceAccounts: fix unnasigned cfg and AC typo

* Test: test service account token adding

* fix linting error

* ServiceAccounts: Handle Token deletion

* rename token funcs

* rename token funcs and api wrapping

* add token deletion tests

* review

Co-authored-by: eleijonmarck <eric.leijonmarck@gmail.com>

* remove bus

* Update pkg/api/apikey.go

Co-authored-by: eleijonmarck <eric.leijonmarck@gmail.com>
2022-02-07 14:51:54 +01:00
Gabriel MABILLE
8217d6d206
AccessControl: Change teams permissions page when accesscontrol is enabled (#43971)
* AccessControl: Change teams permissions page when frontend is hit

* Implement frontend changes for group sync

* Changing the org/teams/edit permissions

Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>

* Fixing routes

Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>

* Use props straight away no need to go through the state

Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>

* Update public/app/features/teams/TeamPages.tsx

Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>
2022-02-03 17:49:39 +01:00
Selene
875e0736ec
LDAP: Use an interface instead of a bus to get group teams (#42165)
* Remove bus for GetTeams for LDAP

* Fix lint
2022-02-01 12:03:21 +01:00
Santiago
7ed82ac049
Check for empty URLs when creating/updating a data source (#42837)
* checks for empty URLs added

* check for TimeSeriesTypeNot to fix InfluxDB alerts

* log a warning when a data frame is ignored

* fix: add brittle Prometheus URL input selector

needs a proper aria-label or test-data-id selector

* test: add URL input aria-label

needs to use the grafana/e2e-selectors package

* test: run ci

* add URL validation for specific data sources, e2e tests

* Update pkg/api/datasource/validation.go

Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>

* delete duplicated logs

* delete unnecessary leading newline

Co-authored-by: gillesdemey <gilles.de.mey@gmail.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
2022-01-31 12:39:55 -03:00
Gabriel MABILLE
d4f682190f
AccessControl: Implement teams resource service (#43951)
* AccessControl: cover team permissions

Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>

* Add background service as a consumer to resource_services

Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>

* Define actions in roles.go

Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>

* Remove action from accesscontrol model

 Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>

* As suggested by kalle

* move some changes from branch to the skeleton PR

* Add background service as a consumer to resource_services

Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>

* moving resourceservice to the main wire file pt2

* move team related actions so that they can be reused

* PR feedback

* fix

* typo

* Access Control: adding hooks for team member endpoints (#43991)

* AccessControl: cover team permissions

Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>

* Add background service as a consumer to resource_services

Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>

* Define actions in roles.go

Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>

* Remove action from accesscontrol model

 Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>

* As suggested by kalle

* add access control to list and add team member endpoint, and hooks for adding team members

* member permission type is 0

* add ID scope for team permission checks

* add more team actions, use Member for member permission name

* protect team member update endpoint with FGAC permissions

* update SQL functions for teams and the corresponding tests

* also protect team member removal endpoint with FGAC permissions and add a hook to permission service

* a few small fixes, provide team permission service to test setup

* AccessControl: cover team permissions

Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>

* Add background service as a consumer to resource_services

Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>

* Define actions in roles.go

Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>

* Remove action from accesscontrol model

 Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>

* As suggested by kalle

* move some changes from branch to the skeleton PR

* remove resource services from wireexts

* remove unneeded actions

* linting fix

* remove comments

* feedback fixes

* feedback

* simplifying

* remove team member within the same transaction

* fix a mistake with the error

* call the correct sql fction

* linting

* Access control: tests for team member endpoints (#44177)

* tests for team member endpoints

* clean up and fix the tests

* fixing tests take 2

* don't import enterprise test license

* don't import enterprise test license

* remove unused variable

Co-authored-by: gamab <gabi.mabs@gmail.com>
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>

Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com>
2022-01-26 14:48:41 +00:00
Agnès Toulet
65bdb3a899
FeatureFlags: Revert managing feature flags outside of settings.Cfg (#44382)
* Revert "FeatureToggles: register all enterprise feature toggles (#44336)"

This reverts commit f53b3fb007.

* Revert "FeatureFlags: manage feature flags outside of settings.Cfg (#43692)"

This reverts commit f94c0decbd.
2022-01-24 16:08:05 +01:00
Ryan McKinley
f53b3fb007
FeatureToggles: register all enterprise feature toggles (#44336) 2022-01-21 20:36:28 +01:00
Ryan McKinley
f94c0decbd
FeatureFlags: manage feature flags outside of settings.Cfg (#43692) 2022-01-20 13:42:05 -08:00
Katarina Yang
61974383d7
Refactor: Change sqlstore.inTransaction to SQLStore.WithTransactionalDBSession in alert files (#43815)
* Refactor: Change sqlstore.inTransaction to SQLStore.WithTransactionalDBSession in alert files

* Fix: Revert second SaveAlerts back to normal func

* Refactor: Update tests so functions are now SQLStore methods

* Fix: Refactor pauseAlert and pauseAllAlerts to be SQLStore methods

* Fix: Refactor SaveAlerts to be SQLStore method

* Refactor: Update SaveAlerts func signature to have correct arguments

* Refactor: Define sqlStore

* Chore: Delete commented out code

* Chore: Remove unused SaveAlertsCommand
2022-01-19 19:25:52 +00:00
J Guerreiro
7dab52869e
ServiceAccounts: Add detail view of service account (#44164)
* ServiceAccounts: Add detail view of service account

Co-authored-by: eleijonmarck <eric.leijonmarck@gmail.com>

* ServiceAccount: Make detail view scopeID

Co-authored-by: eleijonmarck <eric.leijonmarck@gmail.com>

* ServiceAccount: fix lint error

Co-authored-by: eleijonmarck <eric.leijonmarck@gmail.com>

Co-authored-by: eleijonmarck <eric.leijonmarck@gmail.com>
2022-01-19 10:23:46 +01:00
Karl Persson
f999910dc6
Access control: Add access control sql filter to org user queries (#43961)
* Add access control SQL filter to org user queries
2022-01-13 14:40:32 +01:00
Jeremy Price
e894837b7e
Accesscontrol: Remove service account creation code from addapikey (#43900)
* Remove service account creation code from addapikey
Co-authored-by: J Guerreiro <joao.guerreiro@grafana.com>
2022-01-12 15:18:57 +01:00
Eric Leijonmarck
6409e761b5
List serviceaccounts (#43672)
* Serviceaccounts: feat - tabview for serviceaccounts

* WIP

* feat: listing all service accounts

* refactor: needed to remove showInvitees as not present in serviceaccounts

* add token column in the list

* add token to orgserviceaccount

* Update pkg/services/serviceaccounts/api/api.go
2022-01-12 13:23:00 +01:00
Dan Cech
34f757ba5a
switch to using featureEnabled for enterprise features (#41559)
* switch to using featureEnabled for enterprise features
2022-01-07 15:11:23 -05:00
J Guerreiro
056e143664
AccessControl: Present user edit actions according to AC metadata (#43602)
* AccessControl: Add user metadata to user detail view

* AccessControl: Do not present delete or disable buttons based on ac metadata in admin/users

* AccessControl: do not allow password changing or user editing without permission

* AccessControl: Fetch global:users scope for admin

* AccessControl: optimize org.user metadata fetch

* Chore: early return if ac metadata is not available
2022-01-05 09:59:17 +01:00
J Guerreiro
3d4fafcf70
AccessControl: Add access control metadata to org user DTOs (#43362)
* AccessControl: Add access control metadata to OrgUserDTO

* AccessControl: get User AC metadata

* AccessControl: return User Access Control metadata when requested
2021-12-22 18:46:33 +01:00
J Guerreiro
a1b8b5d123
Usage stats: Count API keys (#42883)
* Stats: add api key count to usage stats

* Chore: correctly capitalize struct member
2021-12-22 17:37:45 +01:00
Karl Persson
c3ca2d214d
Access control: Refactor managed permission system to create api and frontend components (#42540)
* Refactor resource permissions
* Add frondend components for resource permissions

Co-authored-by: kay delaney <45561153+kaydelaney@users.noreply.github.com>
Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
2021-12-20 09:52:24 +01:00
Sofia Papagiannaki
c4aaf5f9d1
API: prevent provisioned dashboard from being updated (#41894) 2021-12-17 10:31:52 -05:00
Alexander Emelin
f4cc353225
Live: proxy subscribe data for subscribe and runstream plugin calls (#42824)
Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
2021-12-14 20:12:00 +03:00
Karl Persson
9558c09a7c
Access Control: Store permissions on SignedInUser (#43040)
* add permission structure to signedinuser

* add middleware to load user permissions into signedinuser struct

* apply LoadPermissionsMiddleware to http server

* check for permissions in signedinuser struct

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
2021-12-14 16:05:59 +01:00
Leonard Gram
5d18834deb
OAuth: persisting the id token (#42938)
* OAuth: persisting the id token

* OAuth: verifies that the idtoken gets persistet in the database
2021-12-14 15:22:10 +01:00
Karl Persson
d623285fcc
Access Control: Rename fixed roles (#41288)
* Rename fixed roles
* Update descriptions
* Update docs for fixed roles and permissions

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>
2021-11-17 15:40:39 +01:00
Eric Leijonmarck
4fd3dd41bc
ServiceAccounts: Delete ServiceAccount (#40470)
* Add extra fields to OSS types to support enterprise

* WIP service accounts

* Update public/app/features/api-keys/ApiKeysForm.tsx

Co-authored-by: Hugo Häggmark <hugo.haggmark@grafana.com>

* Create a service account at the same time as the API key

* Use service account credentials when accessing API with APIkey

* Throw better error

* Use Boolean for "create service account button"

* Add GetRole to service, merge RoleDTO and Role structs

This patch merges the identical OSS and Enterprise data structures, which improves the code for two reasons:

1.  Makes switching between OSS and Enterprise easier
2.  Reduces the chance of incompatibilities developing between the same functions in OSS and Enterprise

* Start work cloning permissions onto service account

* If API key is not linked to a service account, continue login as usual

* Fallback to old auth if no service account linked to key

* Commented

* Add CloneUserToServiceAccount

* Update mock.go

* Put graphical bits behind a feature toggle

* Start adding LinkAPIKeyToServiceAccount

* Update pkg/models/user.go

Co-authored-by: Eric Leijonmarck <eric.leijonmarck@gmail.com>

* Update pkg/api/apikey.go

Co-authored-by: Eric Leijonmarck <eric.leijonmarck@gmail.com>

* Update pkg/api/apikey.go

Co-authored-by: Eric Leijonmarck <eric.leijonmarck@gmail.com>

* Finish LinkAPIKeyToServiceAccount

* Update comment

* Handle api key link error

* Update pkg/services/sqlstore/apikey.go

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>

* Feature toggle

* Update pkg/services/accesscontrol/accesscontrol.go

Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>

* Not needed (yet)

* Better error messages for OSS accesscontrol

* Set an invalid user id as default

* ServiceAccountId should be string

* Re-arrange field names

* ServiceAccountId is integer

* Update ossaccesscontrol.go

* Linter

* Remove fronend edits

* Remove console log

* Update ApiKeysForm.tsx

* feat: add serviceaccount deletion

* feat: make sure we do not accidently delete serviceaccount

* feat: ServiceAccount Type

* refactor: userDeletions function

* refactor: serviceaccount deletions\

* refactor: error name and removed attribute for userDeletecommand

* refactor:: remove serviceaccount type for now

* WIP

* add mocked function

* Remove unnecessary db query, move to right place

* Update pkg/services/accesscontrol/mock/mock.go

Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>

* Update pkg/services/accesscontrol/mock/mock.go

Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>

* Update pkg/services/accesscontrol/mock/mock.go

Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>

* Better error messages

* Better and correcter error messages

* add mocked function

* refactor: move function call, add error msg

* add IsServiceAccount and fix table

* add service accounts package

* WIP

* WIP

* working serviceaccountsapi registration

* WIP tests

* test

* test working

* test running for service

* moved the error out of the models package

* fixed own review

* linting errors

* Update pkg/services/serviceaccounts/database/database.go

Co-authored-by: Jeremy Price <Jeremy.price@grafana.com>

* tests running for api

* WIP

* WIP

* removed unused secrets background svc

* removed background svc for serviceaccount infavor or wire.go

* serviceaccounts manager tests

* registering as backend service

Co-authored-by: Jeremy Price <jeremy.price@grafana.com>
Co-authored-by: Hugo Häggmark <hugo.haggmark@grafana.com>
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
2021-11-11 15:10:24 +00:00
Guilherme Caulada
5afaf8930c
Add monthlyActiveUsers to stats API and usage report (#41289)
Closes grafana/grafana-enterprise-partnerships-team#7
2021-11-03 18:59:05 -03:00
Jeremy Price
6dbb6408d4
Access Control: Add service accounts (#38994)
* Add extra fields to OSS types to support enterprise

* Create a service account at the same time as the API key

* Use service account credentials when accessing API with APIkey

* Add GetRole to service, merge RoleDTO and Role structs

This patch merges the identical OSS and Enterprise data structures, which improves the code for two reasons:

1.  Makes switching between OSS and Enterprise easier
2.  Reduces the chance of incompatibilities developing between the same functions in OSS and Enterprise

* If API key is not linked to a service account, continue login as usual

* Fallback to old auth if no service account linked to key

* Add CloneUserToServiceAccount

* Adding LinkAPIKeyToServiceAccount

* Handle api key link error

* Better error messages for OSS accesscontrol

* Set an invalid user id as default

* Re-arrange field names

* ServiceAccountId is integer

* Better error messages

Co-authored-by: Hugo Häggmark <hugo.haggmark@grafana.com>
Co-authored-by: Eric Leijonmarck <eric.leijonmarck@gmail.com>
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
2021-10-20 14:36:11 +02:00
Guilherme Caulada
a9faab6b09
Dashboard: Add week start option to global and dashboard preferences (#40010)
* Add global week start option to shared preferences

* Add default_week_start to configuration docs

* Add week start option to dashboards

* Add week start argument to tsdb time range parser

* Fix strict check issues

* Add tests for week start

* Change wording on default_week_start documentation

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

* Update week_start column to be a nullable field

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>

* Update configuration to include browser option

* Update WeekStartPicker container selector

Co-authored-by: Hugo Häggmark <hugo.haggmark@grafana.com>

* Add menuShouldPortal to WeekStartPicker to remove deprecation warning

Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>

* Add inputId to WeekStartPicker

* Use e2e selector on WeekStartPicker aria-label

* Simplify WeekStartPicker onChange condition

* Specify value type on WeekStartPicker weekStarts

* Remove setWeekStart side effect from reducer

* Fix updateLocale failing to reset week start

* Store week start as string to handle empty values

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
Co-authored-by: Hugo Häggmark <hugo.haggmark@grafana.com>
Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>
2021-10-18 10:27:14 -03:00
Jesse Weaver
5af96544f3
Forbid creation of dashboard permissions with both a user and a team (#40104)
These permissions could be created through the API but would not show
correctly in the UI.
2021-10-13 12:16:58 -06:00
Ben RUBSON
3d9e2d8c82
Application: Make error-template title configurable (#40310)
* Fix error-template title

as in index-template.html

* Test: fix for AppTitle

Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com>
2021-10-13 08:35:01 +02:00
Giordano Ricci
24af3593a2
AWS: add OpenSearch to AWS services (#40290) 2021-10-11 15:53:04 +01:00
Serge Zaitsev
57fcfd578d
Chore: replace macaron with web package (#40136)
* replace macaron with web package

* add web.go
2021-10-11 14:30:59 +02:00
Joan López de la Franca Beltran
722c414fef
Encryption: Refactor securejsondata.SecureJsonData to stop relying on global functions (#38865)
* Encryption: Add support to encrypt/decrypt sjd

* Add datasources.Service as a proxy to datasources db operations

* Encrypt ds.SecureJsonData before calling SQLStore

* Move ds cache code into ds service

* Fix tlsmanager tests

* Fix pluginproxy tests

* Remove some securejsondata.GetEncryptedJsonData usages

* Add pluginsettings.Service as a proxy for plugin settings db operations

* Add AlertNotificationService as a proxy for alert notification db operations

* Remove some securejsondata.GetEncryptedJsonData usages

* Remove more securejsondata.GetEncryptedJsonData usages

* Fix lint errors

* Minor fixes

* Remove encryption global functions usages from ngalert

* Fix lint errors

* Minor fixes

* Minor fixes

* Remove securejsondata.DecryptedValue usage

* Refactor the refactor

* Remove securejsondata.DecryptedValue usage

* Move securejsondata to migrations package

* Move securejsondata to migrations package

* Minor fix

* Fix integration test

* Fix integration tests

* Undo undesired changes

* Fix tests

* Add context.Context into encryption methods

* Fix tests

* Fix tests

* Fix tests

* Trigger CI

* Fix test

* Add names to params of encryption service interface

* Remove bus from CacheServiceImpl

* Add logging

* Add keys to logger

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>

* Add missing key to logger

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>

* Undo changes in markdown files

* Fix formatting

* Add context to secrets service

* Rename decryptSecureJsonData to decryptSecureJsonDataFn

* Name args in GetDecryptedValueFn

* Add template back to NewAlertmanagerNotifier

* Copy GetDecryptedValueFn to ngalert

* Add logging to pluginsettings

* Fix pluginsettings test

Co-authored-by: Tania B <yalyna.ts@gmail.com>
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
2021-10-07 17:33:50 +03:00
Selene
da813877fb
Create search filters by interface (#39843)
* Extract search users to a new service

* Fix wire provider

* Fix common_test and remove RouteRegister

* Remove old endpoints

* Fix test

* Create search filters using interfaces

* Move Enterprise filter, rename filter for filters and allow use filters with params

* Each filter has unique key

* Back activeLast30Days filter to OSS

* Fix tests

* Delete unusued param

* Move filters to searchusers service and small refactor

* Fix tests
2021-10-07 16:06:16 +02:00
Ieva
52220b2470
AccessControl: frontend changes for adding FGAC to licensing (#39484)
* refactor licenseURL function to use context and export permission evaluation fction

* remove provisioning file

* refactor licenseURL to take in a bool to avoid circular dependencies

* remove function for appending nav link, as it was only used once and move the function to create admin node

* better argument names

* create a function for permission checking

* extend permission checking when displaying server stats

* enable the use of enterprise access control actions when evaluating permissions

* import ordering

* move licensing FGAC action definitions to models package to allow access from oss

* move evaluatePermissions for routes to context serve

* change permission evaluator to take in more permissions

* move licensing FGAC actions again to appease wire

* avoid index out of bounds issue in case no children are passed in when creating server admin node

* simplify syntax for permission checking

Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>

* update loading state for server stats

* linting

* more linting

* fix test

* fix a frontend test

* update "licensing.reports:read" action naming

* UI doesn't allow reading only licensing reports and not the rest of licensing info

Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>
2021-10-05 14:54:26 +01:00
Sofia Papagiannaki
012d4f0905
Alerting: Remove ngalert feature toggle and introduce two new settings for enabling Grafana 8 alerts and disabling them for specific organisations (#38746)
* Remove `ngalert` feature toggle

* Update frontend

Remove all references of ngalert feature toggle

* Update docs

* Disable unified alerting for specific orgs

* Add backend tests

* Apply suggestions from code review

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

* Disabled unified alerting by default

* Ensure backward compatibility with old ngalert feature toggle

* Apply suggestions from code review

Co-authored-by: gotjosh <josue@grafana.com>
2021-09-29 16:16:40 +02:00
Dan Cech
9dfd469afc
add daily active counts to stats (#38842)
* add daily active counts to stats

* standardize on int64, update tests
2021-09-13 10:29:35 -04:00
Serge Zaitsev
e1e385b318
Chore: Remove untyped data map from macaron context (#39077) 2021-09-13 15:41:03 +02:00
Ryan McKinley
9aa03acfa6
Chore: remove sql testdata (#38945) 2021-09-07 16:35:52 -07:00
Joan López de la Franca Beltran
6cfb640a0b
Chore: Refactor securedata to remove global encryption calls from dashboard snapshots (#38714)
* Add encryption service

* Add tests for encryption service

* Inject encryption service into http server

* Replace encryption global function usage in login tests

* Migrate to Wire

* Move Encryption bindings to OSS Wire set

* Chore: Refactor securedata to remove global encryption calls from dashboard snapshots

* Fix dashboard snapshot tests

* Remove no longer user test

* Add dashboard snapshots service tests

* Refactor service initialization

* Set up dashboard snapshots service as a background service

Co-authored-by: Tania B <yalyna.ts@gmail.com>
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
2021-09-01 13:05:15 +02:00
Serge Zaitsev
c3ab2fdeb7
Macaron: remove custom Request type (#37874)
* remove macaron.Request, use http.Request instead

* remove com dependency from bindings module

* fix another c.Req.Request
2021-09-01 11:18:30 +02:00
Selene
e47a60f511
Add filter to search users by active (#38637)
* Add filter to search users by active

* Fix query
2021-08-31 11:35:16 +02:00
Arve Knudsen
78596a6756
Migrate to Wire for dependency injection (#32289)
Fixes #30144

Co-authored-by: dsotirakis <sotirakis.dim@gmail.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Co-authored-by: Ida Furjesova <ida.furjesova@grafana.com>
Co-authored-by: Jack Westbrook <jack.westbrook@gmail.com>
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
Co-authored-by: Leon Sorokin <leeoniya@gmail.com>
Co-authored-by: Andrej Ocenas <mr.ocenas@gmail.com>
Co-authored-by: spinillos <selenepinillos@gmail.com>
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
Co-authored-by: Leonard Gram <leo@xlson.com>
2021-08-25 15:11:22 +02:00
Will Browne
697ac937c6
fix with global config state (#37293) 2021-08-17 12:16:34 +02:00
Serge Zaitsev
707d3536f0
Macaron: Strip down renderer middleware (#37627)
* strip down macaron renderer

* inline renderHTML

* remove IndentJSON parameter

* replace renderer with a html/template set

* fix failing test

* fix renderer paths in tests

* make template reloading even simpler

* unify ignored gzip path lookup

* fix csp middleware usage
2021-08-10 13:29:46 +02:00
Leonard Gram
d51b2630c7
Auth: creates a hook in the user mapping flow (#37190)
* wip

* Auth Info: refactored out into it's own service

* Auth: adds extension point where users are being mapped

* Update pkg/services/login/authinfoservice/service.go

Co-authored-by: Joan López de la Franca Beltran <joanjan14@gmail.com>

* Update pkg/services/login/authinfoservice/service.go

Co-authored-by: Joan López de la Franca Beltran <joanjan14@gmail.com>

* Auth: simplified code

* moved most authinfo stuff to its own package

* added back code

* linter

* simplified

Co-authored-by: Joan López de la Franca Beltran <joanjan14@gmail.com>
2021-07-29 10:18:42 +02:00
Sergey Kostrukov
c1963024ec
Infra: Azure authentication in HttpClientProvider (#36932)
* Azure middleware in HttpClientProxy

* Azure authentication under feature flag

* Minor fixes

* Add prefixes to not clash with JsonData

* Return error if JsonData cannot be parsed

* Return original string if URL invalid

* Tests for datasource_cache
2021-07-22 21:43:10 +01:00
Sofia Papagiannaki
b96dd1877c
Folder API: optionally force deleting Grafana 8 alerts when deleting a folder (or error) (#36427)
* Folder API: Add an optional query parameter for allowing deleting a  folder containing rules

* Update frontend

- Set forceDeleteRules=true when frontend deletes a folder
- Improve modal text

* Update docs

* Apply suggestions from code review

Co-authored-by: gotjosh <josue@grafana.com>
Co-authored-by: Nathan Rodman <nathanrodman@gmail.com>
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
2021-07-22 12:27:13 +03:00
Djairho Geuens
4cadbba686
Email: Allow configuration of content types for email notifications (#34530)
* Alerting: Allow configuration of content types for email notifications

* Fix lint error

* Improves email templates

* Improve configuration documentation

Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>

* Improve code comments

Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>

* Improve configuration documentation

Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>

* Improve email template

* Remove unnecessary predeclaration

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Adds handling for unrecognized content type

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Move utility function outside of util package

* Fixes syntax

* Remove unused package

* Fix lint error

* improve email templates

* Fix test

* Alerting: Allow configuration of content types for email notifications

* Fix lint error

* Improves email templates

* Improve configuration documentation

Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>

* Improve code comments

Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>

* Improve configuration documentation

Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>

* Improve email template

* Remove unnecessary predeclaration

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Adds handling for unrecognized content type

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Move utility function outside of util package

* Fixes syntax

* Remove unused package

* Fix lint error

* improve email templates

* Fix test

* Fix comment style

Co-authored-by: Ganesh Vernekar <15064823+codesome@users.noreply.github.com>

* Fix template formatting

* Add test and improve error handling

* Fix test

* Fix formatting

* Fix formatting

* Improve documentation and regenerates txt template

* Update docs/sources/administration/configuration.md

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

Co-authored-by: Djairho Geuens <djairho.geuens@ae.be>
Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
Co-authored-by: Ganesh Vernekar <15064823+codesome@users.noreply.github.com>
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
2021-07-19 13:31:51 +03:00
Selene
1c74bb3992
UsageStats: Extend usage stats for count permissions in folders and dashborads (#36065)
* Add usage stats for permissions for dashboards and folders

* Change double quotes for simple ones
2021-07-16 10:14:33 +02:00
Marcus Efraimsson
a6b2e1865c
Datasource: Improve default timeout settings for HTTP client provider (#36621)
Make sure that default timeout settings are based on configuration
parameters. This now applies for core data sources using old TSDB
contracts and new SDK contracts. Before it was only applied for old TSDB
contracts.
Also moves global setting variables to non-global (setting.Cfg).
2021-07-15 14:30:06 +02:00
Dimitris Sotirakis
069fb0cf38
HTTP Client: Introduce dataproxy_max_idle_connections config variable (#35864)
* Introduce dataproxy_max_idle_connections config var

* Fix according to reviewer's comments

* Fix according to reviewer's comments - round 2

* Remove unused const

* Bring back MaxIdleConnsPerHost

* Fixes according to reviewer's comments
2021-07-07 13:13:53 +03:00
Javier Palomo
6531424c72
Datasource: Add support for max_conns_per_host in dataproxy settings (#35520)
Allow configuring dataproxy.max_conns_per_host for HTTP data sources.

Ref #35519
Ref #35257
2021-06-11 14:18:08 +02:00
Marcus Efraimsson
d15d87db8a
Datasource: Fix storing timeout option as numeric (#35441)
#31871 introduced support for configuring timeout in seconds
for HTTP data sources. That had a bug where backend expected
a numeric timeout value where it was actually stored as a
string. This should resolve this by requiring input to be
numbers, storing input as numeric and falling back to string
value if there's no numeric value.

Ref #31871
2021-06-10 10:27:14 +02:00
Marcus Efraimsson
f76f426da3
Chore: Refactor Prometheus HTTP client middleware (#34473)
Following #33439 this refactors the Prometheus HTTP transport 
which is replaced by HTTP client middleware.
2021-05-27 12:43:21 +02:00
Serge Zaitsev
ef0fab9aa5
Expose folder UID in dashboards API response (#33991)
* expose folder UID in dashboards API response, import dashboards into folders by folder UID

* handle bad folder UID as 400 error

* 12591:Add tests for request with folderUid

* Use more descriptive error status for missing folders

Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>

* return 400 when folder id is missing

* put error checking in the right place this time

* mention folderUid in the docs

* Clarify usage of folderUid and folderId when both present

Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>

* Capitalise UID

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

* mention folder UID in the metadata for a GET response

Co-authored-by: Ida Furjesova <ida.furjesova@grafana.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
2021-05-26 10:20:13 -04:00
Dimitris Sotirakis
91657dad18
HTTP Client: Make ResponseHeaderTimeout default timeout in http client (#34597)
* HTTP Client: Add `ResponseHeaderTimeout` - split from `DialContext` timeout

* Fixes according to reviewer's comments

* Use grafana-plugin-sdk-go v0.100.0
2021-05-25 11:32:41 +03:00
Hugo Häggmark
7204a64717
LibraryElements: Creates usage stats for panels and variables (#34476)
* LibraryPanels: Adds usage collection

* Refactor: renames Panel and Variable consts

* Chore: initialize stats

* Refactor: moves library element migrations to migration namespace
2021-05-24 06:11:01 +02:00
Marcus Efraimsson
348e76fc8e
Datasource: Shared HTTP client provider for core backend data sources and any data source using the data source proxy (#33439)
Uses new httpclient package from grafana-plugin-sdk-go introduced 
via grafana/grafana-plugin-sdk-go#328. 
Replaces the GetHTTPClient, GetTransport, GetTLSConfig methods defined 
on DataSource model.
Longer-term the goal is to migrate core HTTP backend data sources to use the 
SDK contracts and using httpclient.Provider for creating HTTP clients and such.

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-05-19 23:53:41 +02:00
Kyle Brandt
e291203528
Alerting: a usage stat for ualerting (#34390)
collects `stats.alert_rules.count` , where alert_rules is the nextgen system
2021-05-19 10:31:25 -04:00
idafurjes
f2fcf721eb
32540: Add org users with pagination (#33788)
* Add model for search org user and add handler for dispatch

* 32540_org_users_with_pagination: Add endpoint for search org users

* 32540_org_users_with_pagination: Add test for org user search handler

* 32540_org_users_with_pagination: fix indentation

* 32540_org_users_with_pagination: Remove newline

* 32540_org_users_with_pagination: Remove empty line

* 32540_org_users_with_pagination: Fix indentation

* Update pkg/api/org_users.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/api/org_users.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/models/org_user.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/api/org_users_test.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/api/org_users_test.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* 32540_org_users_with_pagination: Use hs.SQLStore.SearchOrgUsers instead of bus

* Add model for search org user and add handler for dispatch

* 32540_org_users_with_pagination: Add endpoint for search org users

* 32540_org_users_with_pagination: Add test for org user search handler

* 32540_org_users_with_pagination: fix indentation

* 32540_org_users_with_pagination: Remove newline

* 32540_org_users_with_pagination: Remove empty line

* 32540_org_users_with_pagination: Fix indentation

* Update pkg/api/org_users.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/api/org_users.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/models/org_user.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/api/org_users_test.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/api/org_users_test.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* 32540_org_users_with_pagination: Use hs.SQLStore.SearchOrgUsers instead of bus

* 32540_org_users_with_pagination: Add test for the sqlstore

* 32540_org_users_with_pagination: Fix sqlstore test

* Update pkg/api/org_users.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/api/org_users_test.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/api/org_users_test.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/services/sqlstore/org_users.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/services/sqlstore/org_users.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/services/sqlstore/org_test.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* Update pkg/services/sqlstore/org_test.go

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>

* 32540: Fix search org users method

* 32540: Fix sqlstore test

* 32540: Fix go-lint

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-05-12 14:10:35 +02:00
Alexander Emelin
95a356a840
Live: using organisation IDs throughout stack (#33714) 2021-05-11 22:03:04 +03:00
Sofia Papagiannaki
540f110220
[Alerting]: Extend quota service to optionally set limits on alerts (#33283)
* Quota: Extend service to set limit on alerts

* Add test for applying quota to alert rules

* Apply suggestions from code review

Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>

* Get used alert quota only if naglert is enabled

* Set alert limit to zero if nglalert is not enabled
Co-authored-by: Diana Payton <52059945+oddlittlebird@users.noreply.github.com>
2021-05-04 19:16:28 +03:00
Alexander Emelin
0c2bcbf2bc
Live: persisting last message in cache for broadcast scope (#32938) 2021-04-30 11:06:33 -07:00
ying-jeanne
748778fff0
new endpoint to post/get trimmed dashboard json (#33465)
* new endpoint to post/get trimed dashboard json

* add isdisabled check in dashboard.go
2021-04-28 19:38:33 +08:00
Christian Haudum
076e2ce06a
Return 404 when deleting non-existing API key (#33346)
The server needs to return a HTTP 404 (Not Found) when an API key that does not exist is deleted.
2021-04-28 13:30:09 +02:00
Ryan McKinley
1dd9e9b184
Live: support a dashboard gitops channel (#33291) 2021-04-23 21:55:31 +02:00
gotjosh
23c7e7ab60
Alerting: Various fixes for the alerts endpoint (#33182)
A set of fixes for the GET alert and groups endpoints.

- First, is the fact that the default values where not being for the query params. I've introduced a new method in the Grafana context that allow us to do this.
- Second, is the fact that alerts were never being transitioned to active. To my surprise this is actually done by the inhibitor in the pipeline - if an alert is not muted, or inhibited then it's active.
- Third, I have added an integration test to cover for regressions.

Signed-off-by: Josue Abreu <josue@grafana.com>
2021-04-21 06:34:42 -04:00
Alexander Emelin
a92bcce9de
Live: push scope to demultiplex incoming data to stream channels (#32808) 2021-04-08 12:40:06 -07:00
Arseny Smalyuk
8e70d5d181
Add timeout option to datasource config (#31871) 2021-04-07 10:46:19 -04:00
Alexander Emelin
93292f6eef
Live: update Streaming plugin definitions, put frame schema in subscribe result data (#32561)
Co-authored-by: Torkel Ödegaard <torkel@grafana.org>
Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
2021-04-02 19:41:45 +03:00
Vladimir Kochnev
39a3b0d0b0
Auth: support JWT Authentication (#29995) 2021-03-31 08:40:44 -07:00
Ryan McKinley
f456c32f92
Chore: remove measurement.go (#32526) 2021-03-31 07:52:19 -07:00
Alexander Emelin
da05b7a07b
Live: http publish, refactor live interfaces (#32317) 2021-03-30 13:23:29 +03:00
Alexander Zobnin
20bd591bea
Access control: Basic structure and functionality behind feature toggle (#31893)
Co-authored-by: Alexander Zobnin <alexander.zobnin@grafana.com>
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
Co-authored-by: Arve Knudsen <arve.knudsen@grafana.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@grafana.com>
2021-03-22 13:22:48 +01:00
Joan López de la Franca Beltran
5c07df9f4b
Chore: Replace Command dispatches by explicit calls (#32131)
* Clean up GetProvisionedDashboardDataByIdQuery

* Clean up SaveProvisionedDashboardCommand

* Clean up & fix AddTeamMemberCommand usages

* Clean up & fix UpdateUserPermissionsCommand usages

* Lint imports
2021-03-19 09:14:14 +01:00
Arve Knudsen
87c3a2b790
PluginManager: Make Plugins, Renderer and DataSources non-global (#31866)
* PluginManager: Make Plugins and DataSources non-global

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix integration tests

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Replace outdated command

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* DashboardService: Ensure it gets constructed with necessary parameters

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix build

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* DashboardService: Ensure it gets constructed with necessary parameters

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Remove dead code

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix test

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix test

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Remove FocusConvey

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix test

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Remove dead code

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Undo interface changes

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Backend: Move tsdbifaces.RequestHandler to plugins.DataRequestHandler

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Rename to DataSourceCount

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Consolidate dashboard interfaces into one

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix tests

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix tests

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix test

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix tests

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix tests

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix tests

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix tests

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix dashboard integration tests

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-03-17 16:06:10 +01:00
Giordano Ricci
0c2045109e
Chore: Collect elasticsearch version usage stats (#31787)
* Chore: Collect elasticsearch version usage stats

* Fix lint error

* use GetDataSources from sqlstore

* Apply review suggestions

* Return error if datasource type is not specified

* Update pkg/services/sqlstore/datasource.go

* fix undefined var
2021-03-17 09:14:53 +00:00
Joan López de la Franca Beltran
610999cfa2
Auth: Allow soft token revocation (#31601)
* Add revoked_at field to user auth token to allow soft revokes

* Allow soft token revocations

* Update token revocations and tests

* Return error info on revokedTokenErr

* Override session cookie only when no revokedErr nor API request

* Display modal on revoked token error

* Feedback: Refactor TokenRevokedModal to FC

* Add GetUserRevokedTokens into UserTokenService

* Backendsrv: adds tests and refactors soft token path

* Apply feedback

* Write redirect cookie on token revoked error

* Update TokenRevokedModal style

* Return meaningful error info

* Some UI changes

* Update backend_srv tests

* Minor style fix on backend_srv tests

* Replace deprecated method usage to publish events

* Fix backend_srv tests

* Apply suggestions from code review

Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>
Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com>

* Apply suggestions from code review

* Apply suggestions from code review

Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com>

* Minor style fix after PR suggestion commit

* Apply suggestions from code review

Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>

* Prettier fixes

Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com>
Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>
Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>
2021-03-16 17:44:02 +01:00
Joan López de la Franca Beltran
01b4048026
Usage Stats: Report usage for all signed plugins (#31545)
* Report usage for all the signed plugins

* Remove no longer used code

* Fix tests by manipulating the global state

* Minor test fix
2021-03-04 15:43:43 +01:00
Agnès Toulet
663d44fe82
Login: handle custom token creation error messages (#31283)
* Login: handle custom token creation errors

* Login: handle external error for OAuth responses
2021-02-25 15:30:51 +01:00
Joan López de la Franca Beltran
6415d2802e
Plugins: Requests validator (#30445)
* Introduce PluginRequestValidator abstraction with a NoOp implementation

* Update PluginRequestValidator abstraction to use the dsURL instead

* Inject PluginRequestValidator into the HTTPServer and validate requests going through data source proxy

* Inject PluginRequestValidator into the BackendPluginManager and validate requests going through it

* Validate requests going through QueryMetrics & QueryMetricsV2

* Validate BackendPluginManager health requests

* Fix backend plugins manager tests

* Validate requests going through alerting service

* Fix tests

* fix tests

* goimports

Co-authored-by: Leonard Gram <leo@xlson.com>
2021-02-03 20:47:45 +01:00
Will Browne
3b7b49a4aa
Auth: Use SigV4 lib from grafana-aws-sdk (#30713)
* replace with lib

* remove test + apply feedback
2021-02-01 16:07:27 +01:00
Torkel Ödegaard
c04bc805b5
CDN: Adds support for serving assets over a CDN (#30691)
* CDN: Initial poc support for serving assets over a CDN

* Minor fix

* added build path and test

* fix lint error

* Added edition to cdn path

* Move master builds to a separate path

* Added error handling for the url parsing, changed setting name, and added docs

* Updated sample.ini

* Some property renames

* updated

* Minor update to html

* index template improvements

* Update docs/sources/administration/configuration.md

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

* Update docs/sources/administration/configuration.md

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>

* Added ContentDeliveryPrefix to Licence service

* updated docs

* Updated test mock

Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
2021-02-01 10:13:09 +01:00
Vardan Torosyan
1d399b89ea
Usage Stats: Remove unused method for getting user stats (#30074)
* Usage Stats: Remove unused method for getting user stats

This was used in enterprise codebase, but is not longer in use, thus can be safely removed.

* Force refresh user stats in tests
2021-01-26 14:13:25 +01:00
Agnès Toulet
2a70c73025
Auth: add expired token error and update CreateToken function (#30203)
* Auth: add error for expired token

* Auth: save token error into context data

* Auth: send full user and req context to CreateToken

* Auth: add token ID in context

* add TokenExpiredError struct

* update auth tests

* remove most of the changes to CreateToken func

* clean up

* Login: add requestURI in CreateToken ctx

* update RequestURIKey comment
2021-01-19 17:55:53 +01:00
Emil Tullstedt
af27dd7e7d
Licensing: Send map of environment variables to plugins (#30347)
Replace hard-coded `GF_ENTERPRISE_LICENSE_TEXT` with a
`map[string]string` to allow the licensing service to allow sending any
environment variable through to the plugins for licensing purposes.
2021-01-18 14:42:39 +01:00
Alexander Zobnin
d6b468187e
Plugins: Add Open Distro to the list of data sources supported by sigv4 (#30308) 2021-01-15 17:01:29 +03:00
Will Browne
a0a1422b2d
Auth: Add missing request headers to SigV4 middleware allowlist (#30115)
* Auth: Add Content-Type to SigV4 header allowlist

* add MT headers to permitted headers

* add Kibana API header to allowlist

* add Content-Length header to allow list
2021-01-14 09:06:09 +01:00
Kyle Brandt
1c1a800bc0
API: Add by UID routes for data sources (#29884)
- also add Get by UID+OrgID to datasource cache
- Refactor backend commands for Delete and Get to be unified
2021-01-13 13:16:27 -05:00
Arve Knudsen
50b649a869
Middleware: Add CSP support (#29740)
* Middleware: Add support for CSP

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

Co-authored by @iOrcohen
2021-01-12 07:42:32 +01:00
ying-jeanne
2a9c625c9f
Alerting: improve alerting default datasource search when extracting alerts (#29993)
* improve alerting search datasource

* correct the xorm get usage

* adding default datasource unittest
2021-01-07 21:33:17 +01:00
Emil Hessman
2d803ee57e
Chore: Rewrite models datasource cache test to standard library (#30040) 2021-01-06 09:21:42 +01:00
Emil Hessman
d2b3bcf32f
Chore: Rewrite models tags test to standard library (#30041) 2021-01-05 17:20:41 +01:00
Emil Hessman
71899a0ed7
Chore: Rewrite models dashboards test to standard library (#30023) 2021-01-01 13:29:40 +01:00
Emil Hessman
4f3a7bb0fa
Chore: Rewrite models dashboard acl test to standard library (#30022) 2021-01-01 13:22:48 +01:00
Emil Hessman
8e1196e3ed
Chore: Rewrite models alert test to standard library (#30021) 2021-01-01 13:18:47 +01:00
ying-jeanne
375e8e4fd0
SQLStore: customise the limit of retrieved datasources per organisation (#29358)
* SQLStore: customise the limit of retrieved datasources per organisation

* update all suggestions regarding nil or 0 as default

* Apply suggestions from code review

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>

* correct default.ini description + adding unittest

* Apply suggestions from code review

Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>

* modify unittest name

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com>
2020-12-28 12:24:42 +01:00
Tania B
551f96089b
Remove the bus from teamgroupsync (#29810)
* Add fake TeamSyncService

* Change SyncTeams dispatch to direct method call

* Remove SyncTeamsCommand struct

* Move TeamSyncService to a separate package

* Remove context from SyncTeams args

* Add comments to teamsyncgroup package

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>

* Replace TeamSyncService with TeamSyncFunc

* Remove unnecessary error check

* Add a test

* Fix test input

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
2020-12-23 14:42:20 +02:00
Arve Knudsen
dd2d206d99
Backend: Remove more globals (#29644)
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-12-15 19:09:04 +01:00
Arve Knudsen
c2cad26ca9
Chore: Disable default golangci-lint filter (#29751)
* Disable default golangci-lint filter

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Chore: Fix linter warnings

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-12-15 09:32:06 +01:00
Arve Knudsen
12661e8a9d
Move middleware context handler logic to service (#29605)
* middleware: Move context handler to own service

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

Co-authored-by: Emil Tullsted <sakjur@users.noreply.github.com>
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
2020-12-11 11:44:44 +01:00
Jeremy Alvis
f021f97c31
DataSourceSettings: Add servername field to DataSource TLS config (#29279)
* DataSourceSettings: Add servername field to DataSource TLS config

A DNS lookup URL can be provided in the DataSource URL field in order
to dynamically load balance between multiple instances of a DataSource.
When using mutual TLS, Golang's TLS config implementation checks that
the certificate's common name (< 1.15) or subject alternative name
(>= 1.15) has the same value as the domain being accessed. If the DNS
entry is dynamically generated for a specific environment, the
certificate cannot be generated with a name matching the dynamic
DNS URL. As such, Golang offers a servername field that can be set to
overwrite what value is used when checking against the certificate's
common name (or subject alternative name). Without this change, Skip
TLS Verify must be set to true in order for the DataSource to work,
removing some of the benefits gained by using mutual TLS.

This commit adds the ability to set Grafana's internal Golang TLS config
servername field from the UI or a provisioned DataSource.

The servername field is optional and the existing behavior is retained if
the field is not set.

Co-authored-by: Dana Pruitt <dpruitt@vmware.com>
Co-authored-by: Jeremy Alvis <jalvis@pivotal.io>

* Update docs with PR review changes

Co-authored-by: Jeremy Alvis <jalvis@pivotal.io>
Co-authored-by: Dana Pruitt <dpruitt@vmware.com>

* Update with additional PR requested changes

* Minor updates based on PR change requests

Co-authored-by: Dana Pruitt <dpruitt@vmware.com>
2020-12-10 16:07:05 +01:00
Will Browne
31d64d9074
Auth: Add SigV4 header allowlist to reduce chances of verification issues (#29650)
* enforce allowlist

* fix default auth selection

* add Host and comment
2020-12-09 10:45:57 +01:00
Arve Knudsen
f55818ca70
Chore: Enable exhaustive linter (#29458)
* Chore: Enable exhaustive linter

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-12-01 09:53:27 +01:00
taciomcosta
10ff4eecef
Backend: fix IPv6 address parsing erroneous (#28585)
* Backend: Fix parsing of client IP address

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-11-25 07:55:22 +01:00
Agnès Toulet
22788d1d86
Add an option to hide certain users in the UI (#28942)
* Add an option to hide certain users in the UI

* revert changes for admin users routes

* fix sqlstore function name

* Improve slice management

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>

* Hidden users: convert slice to map

* filter with user logins instead of IDs

* put HiddenUsers in Cfg struct

* hide hidden users from dashboards/folders permissions list

* Update conf/defaults.ini

Co-authored-by: Torkel Ödegaard <torkel@grafana.com>

* fix params order

* fix tests

* fix dashboard/folder update with hidden user

* add team tests

* add dashboard and folder permissions tests

* fixes after merge

* fix tests

* API: add test for org users endpoints

* update hidden users management for dashboard / folder permissions

* improve dashboard / folder permissions tests

* fixes after merge

* Guardian: add hidden acl tests

* API: add team members tests

* fix team sql syntax for postgres

* api tests update

* fix linter error

* fix tests errors after merge

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
Co-authored-by: Torkel Ödegaard <torkel@grafana.com>
Co-authored-by: Leonard Gram <leo@xlson.com>
2020-11-24 12:10:32 +01:00