opensource/grafana
1
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-07-29 17:12:29 +08:00
Code Issues Packages Projects Releases Wiki Activity
60,232 Commits 2,380 Branches 619 Tags
Commit Graph

27 Commits

Author SHA1 Message Date
Gabriel MABILLE
3d543a336f IAM: Register CoreRole apis (#106924) 
* IAM: Register CoreRole apis

* one line store instantiation

* Small refactor for readability

* Add authorizer for CoreRole

* Nit

* Error strings should not end with punctiation

* Account for error

* Switch to use the local resource client

* error should not start with upper casing

* noopStorageErr should have a name starting with err

* Update workspace

* I don't know why I don't have the same output as the CI 🤷

* Dependency xOwnership

* imports

* Import order

* Rename alias to make it clear this is legacy
 2025-06-26 10:11:28 +02:00
Stephanie Hingtgen
ef6e28b955 K8s: Make v0alpha1 opt-in (#107056) 2025-06-20 16:37:17 -05:00
Matheus Macabu
fc9f32a9f6 SQLTemplates: Add helper to ensure all templates have a test-case (#103964) 
* SQLTemplates: Add helper to ensure all templates have a test-case associated

* UnifiedStorage: Add missing sql template test case

* LegacyDashboards: Add sql templates fs to test cases for exhaustiveness check

* RBACStore: Add sql templates fs to test cases for exhaustiveness check

* LegacyIAM: Add missing sql template test cases
 2025-04-22 11:21:51 +02:00
Jo
afcb551562 TeamMember: Treat null permission as member (#104195) 2025-04-21 06:41:30 -05:00
Mariell Hoversholm
757be6365a CI: Bump golangci-lint to 2.0.2 (#103572) 2025-04-10 14:42:23 +02:00
Ryan McKinley
04fb9f534e Dashboards: Only expose LibraryPanels and search on v0 (not v1+v2) (#103335) 2025-04-03 20:24:12 +03:00
Karl Persson
fa74d1c36d Authn: Sync authlib and update how we construct authn client interceptor (#101124) 
* Sync authlib and update how we construct authn client interceptor

* Remove namespace from checker
 2025-02-26 09:22:09 +01:00
Ashley Harrison
e0151528a4 API client generation: Update iam client (#99963) 
* update generated iam client

* update API

* with meta api

* regenerate client

* with identify ref

---------

Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
 2025-02-03 13:40:36 +00:00
Ryan McKinley
b636b81b16 K8s/IAM: Use raw handler for display (not rest.Connector) (#99898) 2025-02-03 14:24:35 +03:00
Ryan McKinley
d8b6ded101 K8s: use deprecatedInternalID label rather than SQL annotation (#99263) 2025-01-21 12:38:14 +03:00
Ryan McKinley
680e6bc1f8 Authlib: Use types package rather than claims (#99243) 2025-01-21 12:06:55 +03:00
Alexander Zobnin
cbb688e910 Zanzana: Remove usage from legacy access control (#98883) 
* Zanzana: Remove usage from legacy access control

* remove unused

* remove zanzana client from services where it's not used

* remove unused metrics

* fix linter
 2025-01-14 10:26:15 +01:00
Ryan McKinley
5f39d2eeb0 K8s: Make GetAPIRoutes an optional interface (#97531) 2024-12-07 03:08:18 +03:00
Karl Persson
3990637af9 IAM: remove duplicated functions (#96989) 
* Remove duplicated function and use the one provided by claims package
 2024-11-26 09:22:45 +01:00
Ryan McKinley
cc6d057a18 Provisioning: Rename k8s origin metadata to repo (#96524) 2024-11-15 17:26:14 +03:00
Karl Persson
a82d01214d Auth: Update authlib (#94947) 
* Update authlib
 2024-10-18 13:36:21 +02:00
Ryan McKinley
36c38b5310 APIServer: add prometheus.Registerer to every init request (#94684) 2024-10-15 07:46:08 +03:00
Karl Persson
86fc8da703 RBAC: Add legacy authorization checks to teams (#94524) 
* Setup team authorization for teams

* Add list filter for teams
 2024-10-10 16:47:31 +02:00
Karl Persson
d75a9b6aeb User: Pass name to list users to filter out the correct one (#94153) 
Pass name to list users to filter out the correct one
 2024-10-02 17:02:32 +02:00
Adela Almasan
f9f85131a9 FieldConfig: Add support for Actions (#92874) 
Co-authored-by: Leon Sorokin <leeoniya@gmail.com>
 2024-09-27 23:12:37 -05:00
Karl Persson
0160f4f72c RBAC: Add legacy authorization checks to service accounts (#93753) 
* Extract a helper funtion to perform list with authorization checks

* Add k8s verb to utils package

* Construct default mapping when no custom mapping is passed

* Configure authorization checks for service accounts

* Fix helper and add filtering to service accounts
 2024-09-27 15:53:11 +02:00
Karl Persson
c28b37a67b RBAC: Add option to skip rbac check for specified verbs (#93654) 
* Add option to skip rbac check for specified verbs
 2024-09-24 15:13:04 +02:00
Charandas
db97da3465 K8s: handle multiple versions of the same group in standalone mode (#93199) 2024-09-23 19:07:52 -07:00
Karl Persson
2e38329026 RBAC: Add required component to perform access control checks for user api when running single tenant (#93104) 
* Unexport store and create new constructor function

* Add ResourceAuthorizer and LegacyAccessClient

* Configure checks for user store

* List with checks if AccessClient is configured

* Allow system user service account to read all users

---------

Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
 2024-09-23 11:26:44 +02:00
Karl Persson
bc20592fd4 IAM: Add and use identity ref (#92978) 
* Add and use identity ref

---------

Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
 2024-09-05 16:10:23 +02:00
Karl Persson
2bfa607ad0 ServiceAccount: Update service account api resource and add service account token (#92972) 
* Create own legacy store function to list service accounts and update api model

* Add service account tokens as a sub resource for service accounts
 2024-09-05 13:43:54 +02:00
Ryan McKinley
9338e40dc3 K8s/IAM: Move identity.grafana.app to iam.grafana.app (#92929) 2024-09-05 09:43:54 +03:00