* Created PluginSecretMigrationService to be able to migrate from the secrets table from the database to the secret plugin. Added migration which takes all the secrets at the sql store and stores it in the plugin. Then deletes all the secrets from the sql
* Added secretsKVStoreSQL.GetAll() method to return all the secrets at the sql table
* Renaming kvstore_test.go as sql_test.go, adding GetAll test case. Fixing decryption of keys
This commit fixes push notifications for Slack which used to show "This content cannot be displayed". The text field is shown in both the message and the push notification.
* Storage: add special users for system branding access
* Storage: explicit global org id
* Storage: initialize org storages with global org id
* Storage: add comments
* Storage: simplify - use orgId: 1 for systembranding
* Remove user from preferences, stars, orguser, team member
* Fix lint
* Add Delete user from org and dashboard acl
* Delete user from user auth
* Add DeleteUser to quota
* Add test files and adjust user auth store
* Rename package in wire for user auth
* Import Quota Service interface in other services
* do the same in tests
* fix lint tests
* Fix tests
* Add some tests
* Rename InsertUser and DeleteUser to InsertOrgUser and DeleteOrgUser
* Rename DeleteUser to DeleteByUser in quota
* changing a method name in few additional places
* Fix in other places
* Fix lint
* Fix tests
* Chore: Split Delete User method
* Add fakes for userauth
* Add mock for access control Delete User permossion, use interface
* Use interface for ream guardian
* Add simple fake for dashboard acl
* Add go routines, clean up, use interfaces
* fix lint
* Update pkg/services/user/userimpl/user_test.go
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Update pkg/services/user/userimpl/user_test.go
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Update pkg/services/user/userimpl/user_test.go
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Add wrapper for not service account error
* fix indentation
* Use fmt for error wrapper
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* move fake FakeExternalAlertmanager to sender package
* move tests from scheduler to router
* update alerts router to have all fields private
* update scheduler tests to use sender mock
This changes the API codegen template (controller-api.mustache) to simplify some names. When this package was created, most APIs "forked" to either a Grafana backend implementation or a "Lotex" remote implementation. As we have added APIs it's no longer the case. Provisioning, configuration, and testing APIs do not fork, and we are likely to add additional APIs that don't fork.
This change replaces {{classname}}ForkingService with {{classname}} for interface names, and names the concrete implementation {{classname}}Handler. It changes the implied implementation of a route handler from fork{{nickname}} to handle{{nickname}}. So PrometheusApiForkingService becomes PrometheusApi, ForkedPrometheusApi becomes PrometheusApiHandler and forkRouteGetGrafanaAlertStatuses becomes handleRouteGetGrafanaAlertStatuses
It also renames some files - APIs that do no forking go from forked_{{name}}.go to {{name}}.go and APIs that still fork go from forked_{{name}}.go to forking_{{name}}.go to capture the idea that those files a "doing forking" rather than "are a fork of something."
Signed-off-by: Joe Blubaugh <joe.blubaugh@grafana.com>
* Encryption: Move secrets migrations into secrets.Migrator
* Encryption: Refactor secrets.Service initialization
* Encryption: Add support to run secrets migrations even when EE is disabled
* Encryption: Expose secrets migrations through HTTP API
* Update docs
* Fix docs links
* Some adjustments to makes errors explicit through HTTP response
* Encryption: Move secrets migrations into secrets.Migrator
* Encryption: Refactor secrets.Service initialization
* Encryption: Add support to run secrets migrations even when EE is disabled
* Init EE providers on-demand (only when needed)
* Add multiple tests + some adjustments
* Apply feedback
* handler for update message in rule evaluation routine ignores the message if its version greater or equal.
* replace messages to update the channel if it is not empty
* Remove user from preferences, stars, orguser, team member
* Fix lint
* Add Delete user from org and dashboard acl
* Delete user from user auth
* Add DeleteUser to quota
* Add test files and adjust user auth store
* Rename package in wire for user auth
* Import Quota Service interface in other services
* do the same in tests
* fix lint tests
* Fix tests
* Add some tests
* Rename InsertUser and DeleteUser to InsertOrgUser and DeleteOrgUser
* Rename DeleteUser to DeleteByUser in quota
* changing a method name in few additional places
* Fix in other places
* Fix lint
* Fix tests
* Rename DeleteOrgUser to DeleteUserFromAll
* Update pkg/services/org/orgimpl/org_test.go
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* Update pkg/services/preference/prefimpl/inmemory_test.go
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* Rename Acl to ACL
* Fix wire after merge with main
* Move test to uni test
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
Fix: Prefer pointer to struct in lookup
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
Fix: user email for ldap
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
Fix: Use only login for lookup in LDAP
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
Fix: use user email for ldap
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
fix remaining test
fix nit picks
* add tests for cache getOrCreate
* update ProcessEvalResults to accept extra lables
* extract to getRuleExtraLabels
* move populating of constant rule labels to extra labels
* add the migration
* Update pkg/services/sqlstore/migrations/accesscontrol/dashboard_permissions.go
Co-authored-by: Eric Leijonmarck <eric.leijonmarck@gmail.com>
Co-authored-by: Eric Leijonmarck <eric.leijonmarck@gmail.com>
* feat: make azure experimental the default
* feat: combine metrics query editor rows
fix: linter errors
* chore: remove test loop for DimensionFields test
without setting function map from alertmanager we receive error:
method=PUT path=/api/v1/provisioning/templates/slack.message status=400
level=error msg="invalid object specification: invalid template: template: :1: function \"toUpper\" not defined"
So for validation we should use the same settings as alertmanager do
for templates internally.
This commit fixes a bug where the state did not change from Alerting to Error if the evaluation result returned an error, or from Error to Alerting if evaluations stopped returning errors.
* update decrypt secrets function signature and add secrets error handling
* remove a couple instances of unnecessary logging since errors are properly handled now
* add unit test
* fix linting issues
* SQLstore: Fix fetching and deleting an inexistent playlist
xorm's session.Get() does not return an error if the raw does not exist.
It returns a boolean instead.
The playlist `sqlstore.GetPlaylist()` used to check only the error and in case
of inexistent UID didn't return an error.
* AlertRule to return condition
* update ConditionEval to not return an error because it's always nil
* make getExprRequest private
* refactor executeCondition to just converter and move execution to the ConditionEval as this makes code more readable.
* log error if results have errors
* change signature of evaluate function to not return an error
* Implement disableSecretsCompatibility flag
* Allow secret deletion right after migration
* Use dialect.Quote for secure_json_data on secret deletion
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Set secure_json_data to NULL instead of empty json
* Run toggles_gen_test and use generated flag variable
* Add ID to delete data source secrets command on function call
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Remove extra query to get datasource on secret deletion
* Fix linting issues with CHANGELOG.md
* Use empty json string when deleting secure json data
* Implement secret migration as a background process
* Refactor secret migration as a background service
* Refactor migration to be inside secret store
* Re-add secret deletion function removed on merge
* Try using transaction to fix db lock during tests
* Disable migration for pipeline debugging
* Try adding sleep to fix database lock
* Remove unecessary time sleep from migration
* Fix merge issue, replace models with datasources
* Try event listener approach
* Fix merge issue, replace models with datasources
* Fix linting issues with unchecked error
* Remove unecessary trainling new line
* Increase wait interval on background secret migration
* Rename secret store migration folder for consistency
* Convert background migration to blocking
* Fix number of arguments on server tests
* Check error value of secret migration provider
* Fix linting issue with method varaible
* Revert unintended change on background services
* Move secret migration service provider to wire.go
* Remove unecessary else from datasource service
* Move transaction inside loop on secret migration
* Remove unecessary GetServices function
* Remove unecessary interface after method removal
* Rename Run to Migrate on secret migration interface
* Rename secret migrations service variable on server
* Use MustBool on datasource secret migration
* Revert changes to GetDataSources
* Implement GetAllDataSources function
* Remove DeleteDataSourceSecrets function
* Move datasource secret migration to datasource service
* Remove unecessary properties from datasource secret migration
* Make DecryptLegacySecrets a private method
* Remove context canceled check on secret migrator
* Log error when fail to unmarshal datasource secret
* Add necessary fields to update command on migration
* Handle high availability on secret migration
* Use kvstore for datasource secret migration status
* Add error check for migration status set on kvstore
* Remove NewSecretMigrationService from server tests
* Use const for strings on datasource secrets migration
* Test all cases for datasources secret migrations
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Introduce AlertsRouter in the sender package, and move all fields and methods related to notifications out of the scheduler to this router.
* Introduce a new interface AlertsSender in the schedule package and replace calls of anonymous function `notify` inside the ruleRoutine to calling methods of that interface.
* Rename interface Scheduler in api package to ExternalAlertmanagerProvider, and replace scheduler with AlertRouter as struct that implements the interface.
* Define query param and regenerate
* Add query struct for contact points
* Filter contact points by name in query
* Document that name filter is optional
* Alerting: Add config disabled_labels to disable reserved labels
[unified_alerting.reserved_labels]
disabled_labels
* Replace IsGrafanaFolderDisabled with more generic IsReservedLabelDisabled
* Simplify SchedulerCfg by including UnifiedAlertingSettings
* Alerting: Update default route groupBy to [grafana_folder, alertname]
Default group by for new routes and migrations is now [grafana_folder, alertname]
* Define route and run codegen
* Wire up HTTP layer
* Update API layer and test fakes
* Implement reset of policy tree
* Implement service layer test and authorization bindings
* API layer testing
* Be more specific when injecting settings
* init
* support template variables
* support variables without curly braces
* add todo for `__all` case
* fix `$__all` case for non-multivalue
* extract some functions
* fix flakinesss
* support `$__all` and `default` template variables
* add todo
* compilation fix
Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
* Org: use constants for status codes
* ServiceAccounts: Avoid creating new orgs for service accounts
* Document createUserBehavior
* Update pkg/services/sqlstore/org_users_test.go
* add doc string to flag
* Playing around
* This is getting interesting
* Updates
* Updated
* Observable experiments
* This is tricky
* VizPanel panel renderer
* New model progress
* Maybe this could be something
* Updated
* Rename
* updates
* Updated
* Query runners? not sure
* Updated
* updates
* flex box layout starting to work
* Testing
* Tested an action
* Parent context sort of working
* Progress
* Progress
* Updated
* Starting to work
* Things are working
* Scene list, nested scene demo
* Progress on repeats
* Moving things
* Pretty big progress
* More things working
* Great progress
* Progress
* Name changing
* Minor tweaks
* Simplified sizing
* Move toggleDirection to SceneFlexLayout
* add feature flag (#50990)
* removed new useObservable hook
* Rename folder and feature toggle to scenes
* Caching scenes so you can go back to another scene without having to re-query data
* Fix issue with subs on re-mount
* Fixing test
* Added SceneCanvasText to play around with layout elements with size based on content
* Scene: Edit mode and component edit wrapper that handles selection (#51078)
* First step for scene variables
* Started playing around with a scene edit mode
* Better way to set component
* Progress on edit mode
* Update
* Progress on edit mode
* Progress on editor
* Progress on editor
* Updates
* More working
* Progress
* Minor update
* removed unnessary file
* Moving things around
* Updated
* Making time range separate from time picker
* minor rename of methods
* The most basic variable start
* Minor renames
* Fixed interpolate issue if not found at closest level
* An embryo of event model and url sync handling
* Update url sync types
* Removed unnessary any type arg
Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
Co-authored-by: Dominik Prokop <dominik.prokop@grafana.com>
This PR moves public dashboards into its own self contained service including API, Service, Database, and Models. Routes are mounted on the Grafana HTTPServer by the API service at injection time with wire.go. The main route that loads the frontend for public dashboards is still handled by the API package.
Co-authored-by: Jesse Weaver <jesse.weaver@grafana.com>
Co-authored-by: Owen Smallwood <owen.smallwood@grafana.com>
* passes id and uid to PublicDashboardDatasource
* betterer results
* If for a public dashboard, return the PublicDashboardDataSource first or else getDatasourceSrv.get() will fail bc of no authed user.
Added some unit tests for resolving the uid from the many possible datasource types.
* updates betterer
* Exports DashboardService. Adds method to DashboardService to build anonymous user for use with public dashboards where there is no authed user. Adds method on dashboard_queries to get all dashboard uids from a dashboard.
* refactors to get unique datasource uids
* Adds tests for getting all unique datasource uids off a dashboard
* adds test for building anonymous user with read and query actions that are scoped to each datasource uid in the dashboard
* updates casing of DashboardService
* updates test case to have additional panel with a different datasource
* gives default interval to public dashboard data source
* add custom title in wecom channel
* add wecom test case and setting config in ui
* Update pkg/services/ngalert/notifier/channels/wecom_test.go
Co-authored-by: Matthew Jacobson <JacobsonMT@gmail.com>
* change version in comment
* Update pkg/services/ngalert/notifier/available_channels.go
Co-authored-by: Matthew Jacobson <JacobsonMT@gmail.com>
* format
Co-authored-by: Matthew Jacobson <JacobsonMT@gmail.com>
* Revert "Serviceaccounts: #48995
Do not display service accounts assigned to team (#48995)"
This reverts commit cbf71fbd7f.
* fix: test to not include more actions than necessary
* adding service accounts to teams - backend and frontend changes
* also support SA addition through the old team membership endpoints
* fix tests
* tests
* serviceaccounts permission tests
* serviceaccounts permission service tests run
* added back test that was removed by accident
* lint
* refactor: add testoptionsTeams
* fix a bug
* service account picker change
* explicitly set SA managed permissions to false for dash and folders
* lint
* allow team creator to list service accounts
Co-authored-by: IevaVasiljeva <ieva.vasiljeva@grafana.com>
* Alerting: validate that the receiver exist when updating routing tree
* rename interface
* add missing file
* change constructor
* fix e2e tests
* only import package once
* add unit test for bug
* wording
* close response body
* Update pkg/services/ngalert/api/tooling/definitions/alertmanager_validation.go
* refactor to remove database roundtrip
* Copy delete user permission to access control service
* Update pkg/services/accesscontrol/database/database_test.go
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* UsageStats: fixed elasticsearch version number
- The version numbering was changed from plain numbers to a semver-ish approach
* added missing version assertion
* adapted tests
