Fixes#30144
Co-authored-by: dsotirakis <sotirakis.dim@gmail.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Co-authored-by: Ida Furjesova <ida.furjesova@grafana.com>
Co-authored-by: Jack Westbrook <jack.westbrook@gmail.com>
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
Co-authored-by: Leon Sorokin <leeoniya@gmail.com>
Co-authored-by: Andrej Ocenas <mr.ocenas@gmail.com>
Co-authored-by: spinillos <selenepinillos@gmail.com>
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
Co-authored-by: Leonard Gram <leo@xlson.com>
Introduces org-level isolation for the Alertmanager and its components.
Silences, Alerts and Contact points are not separated by org and are not shared between them.
Co-authored with @davidmparrott and @papagian
* add a more flexible way to create permissions
* update interface for accesscontrol to use new eval interface
* use new eval interface
* update middleware to use new eval interface
* remove evaluator function and move metrics to service
* add tests for accesscontrol middleware
* Remove failed function from interface and update inejct to create a new
evaluator
* Change name
* Support Several sopes for a permission
* use evaluator and update fakeAccessControl
* Implement String that will return string representation of permissions
for an evaluator
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* Add check before delete org
* Fix comment
* Simpify check if signed in user belongs to the org
* Add check on login if user has and existing org
change error code to 400, when org can not be deleted
* Roll back last commit, regarding an different issue
* Group alertmangaer alerts by custom grouping
* Filter am groups
* Style filter components
* Style filter bar and add clear functionality
* rename components to alert group
* use query params for group filters
* filter style improvements
* add tests for group by
* Add grouping banner to better highlight groupings
* clean up hook logic
* Pass Access info to datasourceInstance
* Update packages/grafana-data/src/types/datasource.ts
Co-authored-by: Giordano Ricci <me@giordanoricci.com>
* Type access as direct | proxy
* Fix tests where mocking datasourceInstance, include access
* Pass access to data source instance mocks
* Update comment
* Pass access to data source instance mocks
Co-authored-by: Giordano Ricci <me@giordanoricci.com>
* simplify toggle + add link to server admin
* feat(catalog): org admins can configure plugin apps, cannot install/uninstall plugins
* fix(catalog): dont show buttons if user doesn't have install permissions
* feat(catalog): cater for accessing catalog via /plugins and /admin/plugins
* feat(catalog): use location for list links and match.url to define breadcrumb links
* test(catalog): mock isGrafanaAdmin for PluginDetails tests
* test(catalog): preserve default bootdata in PluginDetails mock
* refactor(catalog): move orgAdmin check out of state and make easier to reason with
Co-authored-by: Will Browne <will.browne@grafana.com>
* AccessControl: Implement a way to register fixed roles
* Add context to register func
* Use FixedRoleGrantsMap instead of FixedRoleGrants
* Removed FixedRoles map to sync.map
* Wrote test for accesscontrol and provisioning
* Use mutexes+map instead of sync maps
* Create a sync map struct out of a Map and a Mutex
* Create a sync map struct for grants as well
* Validate builtin roles
* Make validation public to access control
* Handle errors consistently with what seeder does
* Keep errors consistant amongst accesscontrol impl
* Handle registration error
* Reverse the registration direction thanks to a RoleRegistrant interface
* Removed sync map in favor for simple maps since registration now happens during init
* Work on the Registrant interface
* Remove the Register Role from the interface to have services returning their registrations instead
* Adding context to RegisterRegistrantsRoles and update descriptions
* little bit of cosmetics
* Making sure provisioning is ran after role registration
* test for role registration
* Change the accesscontrol interface to use a variadic
* check if accesscontrol is enabled
* Add a new test for RegisterFixedRoles and fix assign which was buggy
* Moved RegistrationList def to roles.go
* Change provisioning role's description
* Better comment on RegisterFixedRoles
* Correct comment on ValidateFixedRole
* Simplify helper func to removeRoleHelper
* Add log to saveFixedRole and assignFixedRole
Co-authored-by: Vardan Torosyan <vardants@gmail.com>
Co-authored-by: Jeremy Price <Jeremy.price@grafana.com>
* pick changes from PR 33811, use UID in dashboard navlinks
* use proper spelling for UID
* add uid to the plugin schema
* Update docs/sources/developers/plugins/plugin.schema.json
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
Make sure that default timeout settings are based on configuration
parameters. This now applies for core data sources using old TSDB
contracts and new SDK contracts. Before it was only applied for old TSDB
contracts.
Also moves global setting variables to non-global (setting.Cfg).
* Replace analytics service with Echo backend
* Add Rudderstack integration and general pageview and interaction Echo events
* Update conf/defaults.ini
Co-authored-by: Dan Cech <dcech@grafana.com>
* Update packages/grafana-runtime/src/types/analytics.ts
Co-authored-by: Dan Cech <dcech@grafana.com>
* Update conf/defaults.ini
Co-authored-by: Dan Cech <dcech@grafana.com>
* Update tests
* Force cla check
Co-authored-by: Dan Cech <dcech@grafana.com>
* moved the plugins admin to core and used the plugins toggle to decide which version to use.
* reverted change.
* changed so the library tab is the default one.
* fixing navigation.
#
* fixed so we have the proper header.
* including the core plugins
* fixed so we display logos for local plugins.
* fixed so we have a working version of plugin catalog.
* removed console logs.
* reverted changes.
* fixing failed test.
* add macaron code to the code base
* remove unused secure cookies support from macaron
* clean up modules
* remove com dependency
* fix silly typos
* little cleanup, remove recovery middleware
* remove logger middleware
* remove static handler and remove unused context methods
* bring inject into macaron codebase
* remove unused applicator
* add back macaron license
* more cleanups in macaron code
* remove unused injector Set method
* remove unused context methods: param to int conversion, body helper type, cookie helpers
* remove action from context
* remove complex environment handling, we only use Env variable
* restore ReplaceAllParams to fix the tests
* Add alertmanager notifications tab
* Link to silences page from am alert
* Include summary for alertmanager group
* Fix colors for am state
* Add horizontal dividing line
* PR feedback
* Add basic unit test for alert notificaitons
* Rename Notificaitons component file
* Polling interval to groups
* Add alertmanager notifications tab
* Link to silences page from am alert
* Include summary for alertmanager group
* PR feedback
* Add basic unit test for alert notificaitons
* Rename Notificaitons component file
* Alerting: make alertmanager notifications view responsive (#36067)
* refac DynamicTableWithGuidelines
* more responsiveness fixes
* Add more to tests
* Add loading and alert state for notifications
Co-authored-by: Domas <domas.lapinskas@grafana.com>
* add fixed role for datasource read operations
* Add action for datasource explore
* add authorize middleware to explore index route
* add fgac support for explore navlink
* update hasAccessToExplore to check if accesscontrol is enable and evalute action if it is
* add getExploreRoles to evalute roles based onaccesscontrol, viewersCanEdit and default
* create function to evaluate permissions or using fallback if accesscontrol is disabled
* change hasAccess to prop and derive the value in mapStateToProps
* add test case to ensure buttons is not rendered when user does not have access
* Only hide return with changes button
* remove internal links if user does not have access to explorer
Co-authored-by: Ivana Huckova <30407135+ivanahuckova@users.noreply.github.com>
* add accesscontrol action for stats read
* use accesscontrol middleware for stats route
* add fixed role with permissions to read sever stats
* add accesscontrol action for settings read
* use accesscontrol middleware for settings route
* add fixed role with permissions to read settings
* add accesscontrol tests for AdminGetSettings and AdminGetStats
* add ability to scope settings
* add tests for AdminGetSettings
* Add new accesscontrol action for ldap config reload
* Update ldapAdminEditRole with new ldap config reload permission
* wrap /ldap/reload with accesscontrol authorize middleware
* document new action and update fixed:ldap:admin:edit with said action
* add fake accesscontrol implementation for tests
* Add accesscontrol tests for ldap handlers
Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>
this should help Live to be enabled by default but still
do not affect setups with lots of simultenious users. To
properly handle many WS connections Grafana administrators
should tune infrastructure a bit - for example increase a
number of open files for a process. Will be in more details
in documentation.
* click out to gcom when config enabled
* set to false
* fix styling for uninstall
* remove advertising config + simplify callout URL
* add entry to configuration.md
* update config name
* update lingo
* expose folder UID in dashboards API response, import dashboards into folders by folder UID
* handle bad folder UID as 400 error
* 12591:Add tests for request with folderUid
* Use more descriptive error status for missing folders
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* return 400 when folder id is missing
* put error checking in the right place this time
* mention folderUid in the docs
* Clarify usage of folderUid and folderId when both present
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* Capitalise UID
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
* mention folder UID in the metadata for a GET response
Co-authored-by: Ida Furjesova <ida.furjesova@grafana.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
Uses new httpclient package from grafana-plugin-sdk-go introduced
via grafana/grafana-plugin-sdk-go#328.
Replaces the GetHTTPClient, GetTransport, GetTLSConfig methods defined
on DataSource model.
Longer-term the goal is to migrate core HTTP backend data sources to use the
SDK contracts and using httpclient.Provider for creating HTTP clients and such.
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Update dashboard_snapshot.go
This is to address: https://github.com/grafana/grafana/issues/33665
The key and deleteKey fields are not honoured when creating a snapshot with external:true set
* removed whitespace
* add uninstall flow
* add install flow
* small cleanup
* smaller-footprint solution
* cleanup + make bp start auto
* fix interface contract
* improve naming
* accept version arg
* ensure use of shared logger
* make installer a field
* add plugin decommissioning
* add basic error checking
* fix api docs
* making initialization idempotent
* add mutex
* fix comment
* fix test
* add test for decommission
* improve existing test
* add more test coverage
* more tests
* change test func to use read lock
* refactoring + adding test asserts
* improve purging old install flow
* improve dupe checking
* change log name
* skip over dupe scanned
* make test assertion more flexible
* remove trailing line
* fix pointer receiver name
* update comment
* add context to API
* add config flag
* add base http api test + fix update functionality
* simplify existing check
* clean up test
* refactor tests based on feedback
* add single quotes to errs
* use gcmp in tests + fix logo issue
* make plugin list testing more flexible
* address feedback
* fix API test
* fix linter
* undo preallocate
* Update docs/sources/administration/configuration.md
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
* Update docs/sources/administration/configuration.md
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
* Update docs/sources/administration/configuration.md
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
* fix linting issue in test
* add docs placeholder
* update install notes
* Update docs/sources/plugins/marketplace.md
Co-authored-by: Marcus Olsson <marcus.olsson@hey.com>
* update access wording
* add more placeholder docs
* add link to more info
* PR feedback - improved errors, refactor, lock fix
* improve err details
* propagate plugin version errors
* don't autostart renderer
* add H1
* fix imports
Co-authored-by: achatterjee-grafana <70489351+achatterjee-grafana@users.noreply.github.com>
Co-authored-by: Marcus Olsson <marcus.olsson@hey.com>
* Rendering: add CSV rendering support
* Rendering: save csv files into a separate folder
* add missing field
* Renderer: get filename from renderer plugin
* apply PR suggestions
* Rendering: remove old PhantomJS error
* Rendering: separate RenderCSV and Render functions
* fix alerting test
* Rendering: fix handling error in HTTP mode
* apply PR feedback
* Update pkg/services/rendering/http_mode.go
Co-authored-by: Joan López de la Franca Beltran <joanjan14@gmail.com>
* apply PR feedback
* Update rendering metrics with type label
* Rendering: return error if not able to parse header
* Rendering: update grpc generated file
* Rendering: use context.WithTimeout to render CSV too
Co-authored-by: Joan López de la Franca Beltran <joanjan14@gmail.com>
* WIP: intial structure
* Refactor: adds create library element endpoint
* Feature: adds delete library element
* wip
* Refactor: adds get api
* Refactor: adds get all api
* Refactor: adds patch api
* Refactor: changes to library_element_connection
* Refactor: add get connections api
* wip: in the middle of refactor
* wip
* Refactor: consolidating both api:s
* Refactor: points front end to library elements api
* Tests: Fixes broken test
* Fix: fixes delete library elements in folder and adds tests
* Refactor: changes order of tabs in manage folder
* Refactor: fixes so link does not cover whole card
* Update pkg/services/libraryelements/libraryelements.go
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Update pkg/services/libraryelements/libraryelements_permissions_test.go
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Update pkg/services/libraryelements/database.go
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Chore: changes after PR comments
* Update libraryelements.go
* Chore: updates after PR comments
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* use a common way to redact sensitive values before logging them
* fix panic on missing testCase.err, simplify require checks
* fix a silly typo
* combine readConfig and buildConnectionString methods, as they are closely related
