Following discussion in grafana/grafana-enterprise#1292, removing
org-scoped users scopes to make it clear that the local organization is
the default and the alternative to that is a global scope (for a select
few endpoints)
In the case permissions has been added on dashboard(s). Later permissions for the
parent folder of the dashboard is edited in such a way that dashboard in that folder
has a permission that is a duplicate of an inherited one. This PR changes so that
duplicate permissions are now filtered out from /api/dashboards/id/<dashboard id>/permissions.
Duplicate permission are not filtered out if the permission on dashboard is higher
than on the inherited folder.
Fixes#33296
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Encapsulate settings with a provider with support for runtime reloads
* SettingsProvider: reload is controlled by the services
* naive impl of reload handlers for settings
* working naive detection on new changes
* Trigger settings reload from API endpoint
* validation step added
* validation of settings
* Fix linting errors
* Replace DB_Varchar by DB_NVarchar
* Reduce settings columns (section, key) lenghts
* wip db update logic
* Db Settings: separate updates and removals
* Fix: removes incorrectly added code
* Minor code improvements
* Runtime settings: moved oss -> ee
* Remove no longer used setting.Cfg SAML-related fields
* Rename file setting/settings.go => setting/provider.go
* Apply suggestions from code review
Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>
* Minor code improvements on OSS settings provider
* Fix some login API tests
* Correct some GoDoc comments
* Apply suggestions from code review
Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>
Co-authored-by: Leonard Gram <leo@xlson.com>
Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>
Before these changes the request tracing was added for each route
registered using the routing.RouteRegister, see code. This had the
consequence that middleware executed earlier/later in the request
pipeline was not part of the request tracing middleware life-cycle
which measures the duration of requests among other things.
In the logger middleware we do extract the current distributed trace
identifier, if available, and set that on request info/error log messages.
With these changes we can extract the current distributed trace identifier,
if available, and set that on the contextual HTTP request logger
(models.ReqContext.Logger) which would improve the possibility to correlate
all HTTP request log messages with traces.
In addition, the request tracing middleware is now executed first and last in
the request pipeline and should therefore result in more accurate timing
measurements (request duration).
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Expose user permissions to the frontend
* Do not include empty scope
* Extend ContextSrv with hasPermission() method
* Add access control types
* Fix type error (make permissions optional)
* Fallback if access control disabled
* Move UserPermission to types
* Simplify hasPermission()
* [Alerting]: Use common properties for all rules
* Add Labels in rules
* Fix update ruleGroup API
Return 400 Bad Request response
when the request contains a UID that does not exist
* Check permissions and return namespace id
* Apply suggestions from code review
Co-authored-by: gotjosh <josue@grafana.com>
* Move db package WIP
* Implement OSS access control
* Register OSS access control
* Fix linter error in tests
* Fix linter error in evaluator
* Simplify OSS tests
* Optimize builtin roles
* Chore: add comments to the exported functions
* Remove init from ossaccesscontrol package (moved to ext)
* Add access control as a dependency for http server
* Modify middleware to receive fallback function
* Middleware: refactor fallback function call
* Move unused models to enterprise
* Simplify AccessControl type
* Chore: use bool IsDisabled() method instead of CanBeDisabled interface
* FrontendMetrics: Adds new backend api that frontend can use to push frontend measurements and counters to prometheus
* FrontendMetrics: Adds new backend api that frontend can use to push frontend measurements and counters to prometheus
* Fix naming
* change to histogram
* Fixed go lint
* return 400 bad request if id and orgId is invalid
Signed-off-by: bergquist <carl.bergquist@gmail.com>
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Initial commit
* Progress
* Update
* Progress
* updates
* Minor fix
* fixed ts issue
* fixed e2e tests
* More explorations
* Making progress
* Panel options and field options unified
* With nested categories
* Starting to find something
* fix paddings
* Progress
* Breakthrough ux layout
* Progress
* Updates
* New way of composing options with search
* added regex search
* Refactoring to react note tree
* Show overrides
* Adding overrides radio button support
* Added popular view
* Separate stat/gauge/bargauge options into value options and display options
* Initial work on getting library panels into viz picker flow
* Fixed issues switching to panel library panel
* Move search input put of LibraryPanelsView
* Changing design again to have content inside boxes
* Style updates
* Refactoring to fix scroll issue
* Option category naming
* Fixed FilterInput issue
* Updated snapshots
* Fix padding
* Updated viz picker design
* Unify library panel an viz picker card
* Updated card with delete action
* Major refactoring back to an object model instead of searching and filtering react node tree
* More refactoring
* Show option category in label when searching
* Nice logic for categories rendering when searching or when only child
* Make getSuggestions more lazy for DataLinksEditor
* Add missing repeat options and handle conditional options
* Prepping options category to be more flexibly and control state from outside
* Added option count to search result
* Minor style tweak
* Added button to close viz picker
* Rewrote overrides to enable searching overrides
* New search engine and tests
* Searching overrides works
* Hide radio buttons while searching
* Added angular options back
* Added memoize for all options so they are not rebuilt for every search key stroke
* Added back support for category counters
* Started unit test work
* Refactoring and base popular options list
* Initial update to e2e test, more coming to add e2e test for search features
* Minor fix
* Review updates
* Fixing category open states
* Unit test progress
* Do not show visualization list mode radio button if library panels is not enabled
* Use boolean
* More unit tests
* Increase library panels per page count and give search focus when switching list mode
* field config change test and search test
* Feedback updates
* Minor tweaks
* Minor refactorings
* More minimal override collapse state
This pull request migrates testdata to coreplugin streaming capabilities,
this is mostly a working concept of streaming plugins at the moment,
the work will continue in the following pull requests.
* Fix LoginService.UpsertUser user creation
* Fix API AdminCreateUser user creation
* Add missing underscore import
* Fix API CompleteInvite user creation
* Fix API SignUpStep2 user creation
Fix encoded characters in URL path should be proxied as encoded in the data proxy.
Fixes#26870Fixes#31438
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>
* Add revoked_at field to user auth token to allow soft revokes
* Allow soft token revocations
* Update token revocations and tests
* Return error info on revokedTokenErr
* Override session cookie only when no revokedErr nor API request
* Display modal on revoked token error
* Feedback: Refactor TokenRevokedModal to FC
* Add GetUserRevokedTokens into UserTokenService
* Backendsrv: adds tests and refactors soft token path
* Apply feedback
* Write redirect cookie on token revoked error
* Update TokenRevokedModal style
* Return meaningful error info
* Some UI changes
* Update backend_srv tests
* Minor style fix on backend_srv tests
* Replace deprecated method usage to publish events
* Fix backend_srv tests
* Apply suggestions from code review
Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>
Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com>
* Apply suggestions from code review
* Apply suggestions from code review
Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com>
* Minor style fix after PR suggestion commit
* Apply suggestions from code review
Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>
* Prettier fixes
Co-authored-by: Hugo Häggmark <hugo.haggmark@gmail.com>
Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>
Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>
