Commit Graph

28 Commits

Author SHA1 Message Date
Jeremy Price
e8e1a0b50b
Revert "Revert "AccessControl: Implement a way to register fixed roles (#35641)" (#37397)" (#37535)
This reverts commit 55efeb0c02.
2021-08-04 14:44:37 +02:00
Emil Tullstedt
55efeb0c02
Revert "AccessControl: Implement a way to register fixed roles (#35641)" (#37397)
This reverts commit 88c11f1cc0.
2021-07-30 13:58:49 +02:00
Gabriel MABILLE
88c11f1cc0
AccessControl: Implement a way to register fixed roles (#35641)
* AccessControl: Implement a way to register fixed roles

* Add context to register func

* Use FixedRoleGrantsMap instead of FixedRoleGrants

* Removed FixedRoles map to sync.map


* Wrote test for accesscontrol and provisioning

* Use mutexes+map instead of sync maps

* Create a sync map struct out of a Map and a Mutex

* Create a sync map struct for grants as well

* Validate builtin roles

* Make validation public to access control

* Handle errors consistently with what seeder does

* Keep errors consistant amongst accesscontrol impl

* Handle registration error

* Reverse the registration direction thanks to a RoleRegistrant interface

* Removed sync map in favor for simple maps since registration now happens during init

* Work on the Registrant interface

* Remove the Register Role from the interface to have services returning their registrations instead

* Adding context to RegisterRegistrantsRoles and update descriptions

* little bit of cosmetics

* Making sure provisioning is ran after role registration

* test for role registration

* Change the accesscontrol interface to use a variadic

* check if accesscontrol is enabled

* Add a new test for RegisterFixedRoles and fix assign which was buggy

* Moved RegistrationList def to roles.go

* Change provisioning role's description

* Better comment on RegisterFixedRoles

* Correct comment on ValidateFixedRole

* Simplify helper func to removeRoleHelper

* Add log to saveFixedRole and assignFixedRole

Co-authored-by: Vardan Torosyan <vardants@gmail.com>
Co-authored-by: Jeremy Price <Jeremy.price@grafana.com>
2021-07-30 09:52:09 +02:00
Leonard Gram
d51b2630c7
Auth: creates a hook in the user mapping flow (#37190)
* wip

* Auth Info: refactored out into it's own service

* Auth: adds extension point where users are being mapped

* Update pkg/services/login/authinfoservice/service.go

Co-authored-by: Joan López de la Franca Beltran <joanjan14@gmail.com>

* Update pkg/services/login/authinfoservice/service.go

Co-authored-by: Joan López de la Franca Beltran <joanjan14@gmail.com>

* Auth: simplified code

* moved most authinfo stuff to its own package

* added back code

* linter

* simplified

Co-authored-by: Joan López de la Franca Beltran <joanjan14@gmail.com>
2021-07-29 10:18:42 +02:00
idafurjes
60ac54d969
Chore: Refactor OAuth/social package to service (#35403)
* Creating SocialService

* Add GetOAuthProviders as socialService method

* Add OAuthTokenService

* Add GetOAuthHttpClient method to SocialService

* Rename services, access socialMap from GetConnector

* Fix tests by mocking oauthtoken methods

* Move NewAuthService into Init

* Move OAuthService to social pkg

* Refactor OAuthService to OAuthProvider

* Fix nil map error, rename file, simplify tests

* Fix bug for Forward OAuth Identify

* Remove file after rebase
2021-07-07 08:54:17 +02:00
idafurjes
1f5a28ec63
Chore: Remove global setting var from azure ad oath (#35040)
* Remove global setting var from azure ad oath

* Remove more glob var from social

* Use GrafanaComURL from cfg
2021-06-08 16:08:25 +02:00
Marcus Efraimsson
348e76fc8e
Datasource: Shared HTTP client provider for core backend data sources and any data source using the data source proxy (#33439)
Uses new httpclient package from grafana-plugin-sdk-go introduced 
via grafana/grafana-plugin-sdk-go#328. 
Replaces the GetHTTPClient, GetTransport, GetTLSConfig methods defined 
on DataSource model.
Longer-term the goal is to migrate core HTTP backend data sources to use the 
SDK contracts and using httpclient.Provider for creating HTTP clients and such.

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-05-19 23:53:41 +02:00
Arve Knudsen
ec3d8b590a
Server: Implement timeout waiting for server to shut down (#33333)
* tests: Undo cleanup in goroutine

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Server: Implement timeout waiting for it to shut down

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-04-30 10:55:59 +02:00
Marcus Efraimsson
caa420f92f
Chore: Improve request distributed tracing middleware (#33033)
Before these changes the request tracing was added for each route 
registered using the routing.RouteRegister, see code. This had the 
consequence that middleware executed earlier/later in the request 
pipeline was not part of the request tracing middleware life-cycle 
which measures the duration of requests among other things.
In the logger middleware we do extract the current distributed trace 
identifier, if available, and set that on request info/error log messages.
With these changes we can extract the current distributed trace identifier, 
if available, and set that on the contextual HTTP request logger 
(models.ReqContext.Logger) which would improve the possibility to correlate 
all HTTP request log messages with traces.
In addition, the request tracing middleware is now executed first and last in 
the request pipeline and should therefore result in more accurate timing 
measurements (request duration).

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-04-20 15:22:22 +02:00
Alexander Emelin
7c182b1d2d
Chore: Refactor Server Run and Shutdown (#32611) 2021-04-07 10:44:06 +03:00
Alexander Zobnin
823f0bc460
Access Control: move features to Enterprise (#32640)
* Move db package WIP

* Implement OSS access control

* Register OSS access control

* Fix linter error in tests

* Fix linter error in evaluator

* Simplify OSS tests

* Optimize builtin roles

* Chore: add comments to the exported functions

* Remove init from ossaccesscontrol package (moved to ext)

* Add access control as a dependency for http server

* Modify middleware to receive fallback function

* Middleware: refactor fallback function call

* Move unused models to enterprise

* Simplify AccessControl type

* Chore: use bool IsDisabled() method instead of CanBeDisabled interface
2021-04-06 16:49:09 +03:00
Vladimir Kochnev
39a3b0d0b0
Auth: support JWT Authentication (#29995) 2021-03-31 08:40:44 -07:00
Alexander Zobnin
784425c2ee
Fix access control service init (#32492)
* Fix access control service init

* Chore: use assert from testify package
2021-03-30 15:14:43 +02:00
Joan López de la Franca Beltran
b2e82a4f37
Login: Replace command dispatch by explicit call (#32088)
* Fix LoginService.UpsertUser user creation

* Fix API AdminCreateUser user creation

* Add missing underscore import

* Fix API CompleteInvite user creation

* Fix API SignUpStep2 user creation
2021-03-18 17:16:56 +01:00
Arve Knudsen
a2eda798e7
PluginManager: Make remaining plugin state non-global (#32094)
* PluginDashboards: Use plugin manager interface

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* PluginManager: Make panels non-global

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* PluginManager: Make apps non-global

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* PluginManager: Make static routes non-global

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* PluginManager: Make pluginTypes non-global

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-03-18 13:53:01 +01:00
Arve Knudsen
50b649a869
Middleware: Add CSP support (#29740)
* Middleware: Add support for CSP

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

Co-authored by @iOrcohen
2021-01-12 07:42:32 +01:00
Arve Knudsen
25048ebdf8
Chore: Add CloudWatch HTTP API tests (#29691)
* CloudWatch: Add HTTP API tests

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2021-01-07 11:36:13 +01:00
Arve Knudsen
c2cad26ca9
Chore: Disable default golangci-lint filter (#29751)
* Disable default golangci-lint filter

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Chore: Fix linter warnings

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-12-15 09:32:06 +01:00
Hugo Häggmark
562a1c36b1
PanelLibrary: Adds library_panel table (#29565)
* PanelLibrary: Adds panellib table

* Refactor: removes drop table migration

* Refactor: fixes spelling mistake

* Refactor: changes after PR comments

* Refactor: some more renames
2020-12-03 15:18:10 +01:00
Carl Bergquist
b7aa6fed1d
Instrumentation: Add examplars for request histograms (#29357)
Signed-off-by: bergquist <carl.bergquist@gmail.com>
2020-12-01 15:04:59 +01:00
Arve Knudsen
294770f411
Chore: Handle wrapped errors (#29223)
* Chore: Handle wrapped errors

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
2020-11-19 13:34:28 +01:00
Sofia Papagiannaki
43f580c299
AlertingNG: manage and evaluate alert definitions via the API (#28377)
* Alerting NG: prototype v2 (WIP)

* Separate eval package

* Modify eval alert definition endpoint

* Disable migration if ngalert is not enabled

* Remove premature test

* Fix lint issues

* Delete obsolete struct

* Apply suggestions from code review

* Update pkg/services/ngalert/ngalert.go

Co-authored-by: Kyle Brandt <kyle@grafana.com>

* Add API endpoint for listing alert definitions

* Introduce index for alert_definition table

* make ds object for expression to avoid panic

* wrap error

* Update pkg/services/ngalert/eval/eval.go

* Swith to backend.DataQuery

* Export TransformWrapper callback

* Fix lint issues

* Update pkg/services/ngalert/ngalert.go

Co-authored-by: Kyle Brandt <kyle@grafana.com>

* Validate alert definitions before storing them

* Introduce AlertQuery

* Add test

* Add QueryType in AlertQuery

* Accept only float64 (seconds) durations

* Apply suggestions from code review

* Get rid of bus

* Do not export symbols

* Fix failing test

* Fix failure due to service initialization order

Introduce MediumHigh service priority and assign it to backendplugin
service

* Fix test

* Apply suggestions from code review

* Fix renamed reference

Co-authored-by: Kyle Brandt <kyle@grafana.com>
2020-11-12 15:11:30 +02:00
Arve Knudsen
3d3a7cbba8
Chore: Fix staticcheck issues (#28860)
* Chore: Fix issues reported by staticcheck

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Undo changes

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Chore: Fix issues reported by staticcheck

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix test

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>

* Fix test

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-11-05 13:07:06 +01:00
kay delaney
c4c5b2dc61
CloudWatch Logs queue and websocket support (#28176)
CloudWatch Logs queue and websocket support
2020-10-28 08:36:57 +00:00
Carl Bergquist
edbaa9d681
Instrumentation: Add histogram for request duration (#28364)
Signed-off-by: bergquist <carl.bergquist@gmail.com>
2020-10-20 09:44:38 +02:00
Carl Bergquist
89ebb97fca
Instrumentation: Adds environment_info metric (#28355)
Signed-off-by: bergquist <carl.bergquist@gmail.com>

Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-10-19 16:58:16 +02:00
Amos Law
3a498e80ff
Registry: Fix service shutdown mode trigger location (#28025) 2020-10-05 13:30:46 +02:00
Arve Knudsen
d53fe64913
Server: Support custom TCP listener (#27066)
* Server: Support custom TCP listener

Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2020-08-21 10:41:10 +02:00