* Users: add is_disabled column
* Users: disable users removed from LDAP
* Auth: return ErrInvalidCredentials for failed LDAP auth
* User: return isDisabled flag in user search api
* User: mark disabled users at the server admin page
* Chore: refactor according to review
* Auth: prevent disabled user from login
* Auth: re-enable user when it found in ldap
* User: add api endpoint for disabling user
* User: use separate endpoints to disable/enable user
* User: disallow disabling external users
* User: able do disable users from admin UI
* Chore: refactor based on review
* Chore: use more clear error check when disabling user
* Fix login tests
* Tests for disabling user during the LDAP login
* Tests for disable user API
* Tests for login with disabled user
* Remove disable user UI stub
* Sync with latest LDAP refactoring
* fix: azuremonitor adds multi-sub support to alerting
* fix: AzureMonitor missing parameter in metadata func
getMetricMetadata function when called in the query ctrl
was missing a parameter for Subscription Id.
Also, made some tweaks to what happens when a chained
dropdown is changed to not reset all the fields that
are dependent on it.
Adds logs scenario which is quite basic and not that smart
to begin with. This will hopefully ease development of
Explore and support for logs in Grafana.
This makes sure the scenarios returned from API are sorted in a consistent
way and by that makes the values in scenario drop down always presented
ordered instead of jumping around.
* incapsulates multipleldap logic under one module
* abstracts users upsert and get logic
* changes some of the text error messages and import sort sequence
* heavily refactors the LDAP module – LDAP module now only deals with LDAP related behaviour
* integrates affected auth_proxy module and their tests
* refactoring of the auth_proxy logic
* Chore: explore possibilities of using makefile
This is an exploratory commit - I wanted to see how
revive/gosec linters could be integrated with makefile and our build scripts.
Looks better then I expected :)
* Chore: make revive happy
Revive execution was not supplied with path, if you restore there is couple
errors that were popping up - so I fixed them
* Chore: make revive happy
* remotecache: avoid race condition in set
since set called the database twice without transactions another
operation could insert a value before the first operation completed.
which would raise an error on insert since the data have been inserted
by the other request.
closes#17079
This adds support for using templated/dynamic urls in routes.
* refactor interpolateString into utils and add interpolation support for app plugin routes.
* cleanup and add error check for url parse failure
* add docs for interpolated route urls
Closes#16835
This fixes a regression introduced in #16646 where using Elasticsearch
pre-v7.0 and alerting resulted in an error when trying to deserialize the
response of total number of hits.
Total number of hits is not in use by the backend so we're removing it
for now to make ES 6 and 7 being able to deserialize search responses
without errors.
Closes#15622
When allow_embedding is false (default) the Grafana backend
will set the http header `X-Frame-Options: deny` in all responses
to non-static content which will instruct browser to not allow
Grafana to be embedded in `<frame>`, `<iframe>`,
`<embed>` or `<object>`.
Closes#14189
Currently all API requests set Cache-control: no-cache to avoid browsers
caching sensitive data. This fixes so that all responses returned from
backend not are cached using http headers. The exception is the data proxy
where we don't add these http headers in case datasource backend needs
to control whether data can be cached or not.
Fixes#16845
A new parameter `queryMode` is added to the InfluxDB datasource to provide a way to use POST instead of GET when querying the database. This prevents to get any error when querying the database with a heavy request.
Default configuration is kept to GET for backward compatibility. Tests and documentation have been added for this new behaviour.
If Grafana rotates the user's auth token during a request to the data
source proxy it will set the Set-Cookie header with new auth token in
response before proxying the request to the datasource.
Before this fix the Set-Cookie response header was cleared after the
proxied request was finished to make sure that proxied datasources
cannot affect cookies in users browsers. This had the consequence
of accidentally also clearing the new auth token set in Set-Cookie
header.
With this fix the original Set-Cookie value in response header is now
restored after the proxied datasource request is finished. The existing
logic of clearing Set-Cookie response header from proxied request
have been left intact.
Fixes#16757
* Add file path to metadata and show it in dialogs
* Make path relative to config directory
* Fix tests
* Add test for the relative path
* Refactor to use path relative to provisioner path
* Change return types
* Rename attribute
* Small fixes from review
* Provisioning: Trying to fix test
* Use better sync strategy for test
* Lower the timeout
* Remove commented code
Co-Authored-By: aocenas <mr.ocenas@gmail.com>
