* WIP: working as expected, has to be tested
* Rename query param, small changes
* Remove unused code
* Address feedback
* Cleanup
* Use the feature toggle to control the behaviour
* Use the toggle on the FE too
* Prevent the extra redirect/reload
Co-authored-by: Josh Hunt <joshhunt@users.noreply.github.com>
* Return to login if user is not authenticated
* Add tracking issue
* Align BE redirect constructor to locationSvc
* allow post URL
* check for config
* allow relative paths
* add allowed internal pattern; add checks for method
* update defaults.ini
* add custom header
* update config comment
* use globbing, switch to older middleware - deprecated call
* add codeowner
* update to use current api, add test
* update fall through logic
* Update pkg/middleware/validate_action_url.go
Co-authored-by: Dan Cech <dcech@grafana.com>
* Update pkg/middleware/validate_action_url.go
Co-authored-by: Dan Cech <dcech@grafana.com>
* add more tests
* Update pkg/middleware/validate_action_url_test.go
Co-authored-by: Dan Cech <dcech@grafana.com>
* fix request headers
* add additional tests for all verbs
* fix request headers++
* throw error when method is unknown
---------
Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
Co-authored-by: Brian Gann <bkgann@gmail.com>
Co-authored-by: Brian Gann <briangann@users.noreply.github.com>
Co-authored-by: Dan Cech <dcech@grafana.com>
* Refactor identity struct to store type in separate field
* Update ResolveIdentity to take string representation of typedID
* Add IsIdentityType to requester interface
* Use IsIdentityType from interface
* Remove usage of TypedID
* Remote typedID struct
* fix GetInternalID
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
Co-authored-by: Dan Cech <dcech@grafana.com>
Co-authored-by: Andres Martinez Gotor <andres.martinez@grafana.com>
* Chore: Replace response status with const var
* Apply suggestions from code review
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Add net/http import
---------
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Dashboards: Fix tests when authn broker is enabled.
StarService was not configured for tests, the call was guarded by !c.IsSignedIn
* Change default to be anon user to match expectations from tests
* OAuth: rewrite tests to work with authn.Service
* Setup template renderer by default
* Extract cookie options from cfg instead of relying on global variables
* Fix test to work with authn service
* Middleware: rewrite auth tests
* Remvoe session cookie if we cannot refresh access token
This PR adds /api/gnet to the list of ignored paths in the gzip middleware.
Without this, when gzip is enabled (`server.enable_gzip = true`), responses
from the gnet proxy are double compressed: once by grafana.com and once by
Grafana itself. With this change we only do one round of compression for these
endpoints.
To test this out, try a request like this with `server.enable_gzip = true`
(after setting `GCOM_TOKEN` to a valid grafana.com token; you may need to
change the 'bsull' slug, too):
curl -v --user admin:admin \
-H "X-Api-Key: $GCOM_TOKEN" \
-H 'Accept-Encoding: gzip' \
localhost:3000/api/gnet/instances/bsull/provisioned-plugins/grafana-ml-app | gzip -d
Note that there are two Content-Encoding: gzip headers before this PR, and
the output is still compressed even after the `gzip -d`. After this PR things
look as expected.
* Allow setting role as None
Co-authored-by: gamab <gabi.mabs@gmail.com>
Seeking for places where role.None would be used
Co-authored-by: Jguer <joao.guerreiro@grafana.com>
Adding None role to the frontend
Co-authored-by: Jguer <joao.guerreiro@grafana.com>
unify org role declaration and remove from add permission
fix backend test
fix backend lint
* remove role none from frontend
* Simplify checks
Co-authored-by: Kalle Persson <kalle.persson@grafana.com>
* nits
---------
Co-authored-by: Kalle Persson <kalle.persson@grafana.com>
