* #45498: add entity events table
* #45498: add entity events service
* #45498: hook up entity events service to http server
* #45498: use `dashboards.id` rather than `uid` and `org_id` in grn
* Update pkg/services/entityevents/service.go
Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
* #45498: move entityeventsservice to services/store
* #45498: add null check
* #45498: rename
* #45498: fix comment
* #45498: switch grn back to uid
* Search: listen for updates (#47719)
* #45498: wire entity event service with searchv2
* load last event id before building index for org 1
* fix service init in integration tests
* depend on required subset of event store methods
* Update pkg/services/sqlstore/migrations/entity_events_mig.go
Co-authored-by: Alexander Emelin <frvzmb@gmail.com>
* #45498: pointer receiver
* #45498: mockery!
* #45498: add entity events service to background services
* dashboard query pagination, allow queries while re-indexing
* log level cleanups, use rlock, add comments
* fix lint, check feature toggle in search v2 service
* use unix time for event created column
* add missing changes for created column
* fix integration tests init
* log re-index execution times on info level
* #45498: fix entityEventsService tests
* #45498: save events on dashboard delete
* use camel case for log labels
* formatting
* #45498: rename grn to entityid
* #45498: add `IsDisabled` to entityEventsService
* #45498: remove feature flag from migration
* better context usage, fix capacity, comments/cleanups
* replace print with logger
* Revert "#45498: remove feature flag from migration"
This reverts commit ed23968898e27d65cfc5187acbcb1e8976c848a5.
* revert:revert:revert conditional feature flag
Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
Co-authored-by: Alexander Emelin <frvzmb@gmail.com>
* Add test for decrypted values on datasource service
* Add debug log when fail to parse secure json fields
* Fix minor import issue
* Refactor encJson to json and simplejson to sjson on tests
* wip: Implement kvstore for secrets
* wip: Refactor kvstore for secrets
* wip: Add format key function to secrets kvstore sql
* wip: Add migration for secrets kvstore
* Remove unused Key field from secrets kvstore
* Remove secret values from debug logs
* Integrate unified secrets with datasources
* Fix minor issues and tests for kvstore
* Create test service helper for secret store
* Remove encryption tests from datasources
* Move secret operations after datasources
* Fix datasource proxy tests
* Fix legacy data tests
* Add Name to all delete data source commands
* Implement decryption cache on sql secret store
* Fix minor issue with cache and tests
* Use secret type on secret store datasource operations
* Add comments to make create and update clear
* Rename itemFound variable to isFound
* Improve secret deletion and cache management
* Add base64 encoding to sql secret store
* Move secret retrieval to decrypted values function
* Refactor decrypt secure json data functions
* Fix expr tests
* Fix datasource tests
* Fix plugin proxy tests
* Fix query tests
* Fix metrics api tests
* Remove unused fake secrets service from query tests
* Add rename function to secret store
* Add check for error renaming secret
* Remove bus from tests to fix merge conflicts
* Add background secrets migration to datasources
* Get datasource secure json fields from secrets
* Move migration to secret store
* Revert "Move migration to secret store"
This reverts commit 7c3f872072e9aff601fb9d639127d468c03f97ef.
* Add secret service to datasource service on tests
* Fix datasource tests
* Remove merge conflict on wire
* Add ctx to data source http transport on prometheus stats collector
* Add ctx to data source http transport on stats collector test
* Replace sequential IDs with UID for dashboard permossion
* Add back endpoint with id
* Rename parameter from dashboarUid->uid and add swagger definitions for endpoints
* Generate swagger json
* Add deprecated to swagger and docs
* Add deprecated comment in the api.go
* Add model for POST body
* Fix model post body for endpoint
* Generate spec with enterprise
* Implement preference service
* Adjust wire.go
* Fix integration test user
* Fix api pref tests
* Fix a11y error
Co-authored-by: Alexandra Vargas <alexa1866@gmail.com>
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* Update API Keys UI to adjust based on users permissions
Since API Keys support now RBAC we need to ensure that UI
is adjusted based on the user permissions.
* Applying PR suggestions
* use common traceID context value for opentracing and opentelemetry
* support sampled trace IDs as well
* inject traceID into NormalResponse on errors
* Finally the test passed
* fix the test
* fix linter
* change the function parameter
Co-authored-by: Ying WANG <ying.wang@grafana.com>
* forbid setting role higher than user's role
* change response code
* can assign API key permissions to non-admin users
* add: assign viewer role directly upon creation
* refactor: add AddSATcommand infavor of AddAPIkey
* refactor: frontend fixes for ServiceAccountToken
Co-authored-by: eleijonmarck <eric.leijonmarck@gmail.com>
* Nav: Show overlay icons based on allowed list
* user essentials mob! 🔱
* Navigation: clean up and use new backend prop to show plus icons and
improve visual styling
* Nav: Fix top padding
* refactor to not use showIconInNavbar in NavBarMenuItem
* remove a missed bit
* refactor icon into const
Co-authored-by: Ashley Harrison <ashley.harrison@grafana.com>
* Update golangci-lint to v1.45.2
Version 1.45.0 added support for Go 1.18:
https://github.com/golangci/golangci-lint/blob/master/CHANGELOG.md#v1450
Signed-off-by: Marcelo E. Magallon <marcelo.magallon@grafana.com>
* Linter: fix some lints issue for golangci-lint version 1.45.2
Co-authored-by: Marcelo E. Magallon <marcelo.magallon@grafana.com>
Co-authored-by: Gábor Farkas <gabor.farkas@gmail.com>
* AccessControl: Make the built-in role definitions public
* Add context to RegisterFixedRoles
Co-authored-by: Jguer <joao.guerreiro@grafana.com>
* Making BuiltInRolesWithParents public to the AccessControl package
Co-authored-by: Jguer <joao.guerreiro@grafana.com>
Co-authored-by: Jguer <joao.guerreiro@grafana.com>
* pass in user to attribute scope resolver
* add SQL filter to annotation listing
* check annotation FGAC permissions before exposing them for commenting
* remove the requirement to be able to list all annotations from annotation listing endpoint
* adding tests for annotation listing
* remove changes that got moved to a different PR
* unused var
* Update pkg/services/sqlstore/annotation.go
Co-authored-by: Ezequiel Victorero <evictorero@gmail.com>
* remove unneeded check
* remove unneeded check
* undo accidental change
* undo accidental change
* doc update
* move tests
* redo the approach for passing the user in for scope resolution
* accidental change
* cleanup
* error handling
Co-authored-by: Ezequiel Victorero <evictorero@gmail.com>
For a proxied request, e.g. Grafana's datasource or plugin proxy:
If the request is cancelled, e.g. from the browser, the HTTP status code is
now 499 Client closed request instead of 502 Bad gateway.
If the request times out, e.g. takes longer time than allowed, the HTTP status
code is now 504 Gateway timeout instead of 502 Bad gateway.
This also means that request metrics and logs will get their status codes
adjusted according to above.
Fixes#46337Fixes#46338
* add FGAC actions for silences table
* redirect users without permissions
* add permissions checks to routes
* add fgac to notifications and contact points
* fgac for notification policies
* fix mute timing authorization
* use consistent naming for checking grafana alertmanager
* tests for fgac in contact points and notification policies
* bump up timeout on rule editor test
* use new permissions util
* break out route evaluation into util
* Remove test timeout
* Change permissions for the alert-notifiers endpoint
* Use signed in handler for alert-notifiers when unified alerting enabled
Co-authored-by: Konrad Lalik <konrad.lalik@grafana.com>
* AccessControl: Remove package variables for roles and grants
Co-authored-by: Jguer <joao.guerreiro@grafana.com>
* Check for inheritance during role registration
Co-authored-by: Jguer <joao.guerreiro@grafana.com>
* Moving back role definition to accessscontrol
* Make settings reader role public
Co-authored-by: Jguer <joao.guerreiro@grafana.com>
* Nits
Co-authored-by: Jguer <joao.guerreiro@grafana.com>
* Forgot to update this
* Account for declaration error
* Fixing pkg/api init ossac
* Account for error in tests
* Update test to verify inheritance
* Nits.
* Place br inheritance behind a feature toggle
* Parent -> Parents
* Nit.
Co-authored-by: Jguer <joao.guerreiro@grafana.com>
* Use Wiring to initialize Avatar Cache Server
Create AvatarCacheServer Provider function and pass it in as an
argument to HTTPServer. Also convert CacheServer to a singleton
so that we keep all cached Avatar info in one place for easier access
* Refactor avatar cache server and add 'isCustom' check
Avatar cache server needs to perform two similar fetches
back-to-back; break up functions to allow for easy reuse.
Then add handling to see if a user has a custom avatar.
* Add additional accessors so that /recents api can easily use the cache
* Minor mods to avatar server to facilitiate unit testing
* add unit tests for avatar fetching
* add error handling in case we somehow fetch gravatars while they are disabled
* linting: read error return value in unit test
* Use http package status codes
Co-authored-by: Ezequiel Victorero <evictorero@gmail.com>
* Use http package status codes
Co-authored-by: Ezequiel Victorero <evictorero@gmail.com>
* Use http package status codes
Co-authored-by: Ezequiel Victorero <evictorero@gmail.com>
* Incorporate suggestions from PR
-avoid mutating arguments
-change error handler function to private and make name more descriptive
Co-authored-by: Ezequiel Victorero <evictorero@gmail.com>
