* Remove user from preferences, stars, orguser, team member
* Fix lint
* Add Delete user from org and dashboard acl
* Delete user from user auth
* Add DeleteUser to quota
* Add test files and adjust user auth store
* Rename package in wire for user auth
* Import Quota Service interface in other services
* do the same in tests
* fix lint tests
* Fix tests
* Add some tests
* Rename InsertUser and DeleteUser to InsertOrgUser and DeleteOrgUser
* Rename DeleteUser to DeleteByUser in quota
* changing a method name in few additional places
* Fix in other places
* Fix lint
* Fix tests
* Chore: Split Delete User method
* Add fakes for userauth
* Add mock for access control Delete User permossion, use interface
* Use interface for ream guardian
* Add simple fake for dashboard acl
* Add go routines, clean up, use interfaces
* fix lint
* Update pkg/services/user/userimpl/user_test.go
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Update pkg/services/user/userimpl/user_test.go
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Update pkg/services/user/userimpl/user_test.go
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Add wrapper for not service account error
* fix indentation
* Use fmt for error wrapper
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Remove user from preferences, stars, orguser, team member
* Fix lint
* Add Delete user from org and dashboard acl
* Delete user from user auth
* Add DeleteUser to quota
* Add test files and adjust user auth store
* Rename package in wire for user auth
* Import Quota Service interface in other services
* do the same in tests
* fix lint tests
* Fix tests
* Add some tests
* Rename InsertUser and DeleteUser to InsertOrgUser and DeleteOrgUser
* Rename DeleteUser to DeleteByUser in quota
* changing a method name in few additional places
* Fix in other places
* Fix lint
* Fix tests
* Rename DeleteOrgUser to DeleteUserFromAll
* Update pkg/services/org/orgimpl/org_test.go
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* Update pkg/services/preference/prefimpl/inmemory_test.go
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* Rename Acl to ACL
* Fix wire after merge with main
* Move test to uni test
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
This PR moves public dashboards into its own self contained service including API, Service, Database, and Models. Routes are mounted on the Grafana HTTPServer by the API service at injection time with wire.go. The main route that loads the frontend for public dashboards is still handled by the API package.
Co-authored-by: Jesse Weaver <jesse.weaver@grafana.com>
Co-authored-by: Owen Smallwood <owen.smallwood@grafana.com>
* passes id and uid to PublicDashboardDatasource
* betterer results
* If for a public dashboard, return the PublicDashboardDataSource first or else getDatasourceSrv.get() will fail bc of no authed user.
Added some unit tests for resolving the uid from the many possible datasource types.
* updates betterer
* Exports DashboardService. Adds method to DashboardService to build anonymous user for use with public dashboards where there is no authed user. Adds method on dashboard_queries to get all dashboard uids from a dashboard.
* refactors to get unique datasource uids
* Adds tests for getting all unique datasource uids off a dashboard
* adds test for building anonymous user with read and query actions that are scoped to each datasource uid in the dashboard
* updates casing of DashboardService
* updates test case to have additional panel with a different datasource
* gives default interval to public dashboard data source
* add special handling on the plugin gathering side to check whether secrets manager plugins are enabled or not
* show disabled badge in front end if the plugin is not enabled
* Only show error in disabled badge hover if one is present (otherwise it shows "undefined")
* refactor to make use of fields already available in the DTO
* fix typo
* if there is no error returned for the plugin, just show 'disabled'
* fix typo
* Update public/app/features/plugins/admin/components/Badges/PluginDisabledBadge.tsx
Co-authored-by: Levente Balogh <balogh.levente.hu@gmail.com>
* Update frontendsettings.go
add clarifying comment
* fix unit test
* rework task to use new frontend property combined with plugin type to determine if the plugin should be disabled
* Update helpers.test.ts
revert test change
* fix unit test
* bogus commit to trigger precommit
* undo commit
* run precommit manually
Co-authored-by: Levente Balogh <balogh.levente.hu@gmail.com>
* coremodel: Generate static registry
* Actually make codegen work
Also, remove the per-coremodel assignability test from generator set.
* Make wire gen depend on cue gen
This is necessary now that we're generating a wire set as part of
coremodel registry generation.
* Add wire inject bits to http server
* s/staticregistry/registry/
* move to static and dynamic wording
* Move registry type into registry package
* Use static registry in http handler
* Oi comments
* ServiceAccounts: able to get upgrade status
* Banner with API keys migration info
* Show API keys migration info on Service accounts page
* Migrate individual API keys
* Use transaction for key migration
* Migrate all api keys to service accounts
* Hide api keys after migration
* Migrate API keys separately for each org
* Revert API key
* Revert key API method
* Rename migration actions and reducers
* Fix linter errors
* Tests for migrating single API key
* Tests for migrating all api keys
* More tests
* Fix reverting tokens
* API: rename convert to migrate
* Add api route descriptions to methods
* rearrange methods in api.go
* Refactor: rename and move some methods
* Prevent assigning tokens to non-existing service accounts
* Refactor: ID TO Id
* Refactor: fix error message
* Delete service account if migration failed
* Fix linter errors
* backend/sqlstore split: move dashboard snapshot funcs to dashboardsnapshotservice
This commit moves the dashboard snapshot related sql functions in the dashboardsnapshots service. I split the dashboards package up so the interfaces live in dashboarsnapshots and the store and service implementations are in their own packages. This took some minor refactoring, but none of the actual underlying code has changed, just where it lives.
* Remove crufty scuemata bits
Buhbye to: cue/ dir with old definitions, CI steps for checking unnecessary
things, and the original dashboard scuemata file.
* Remove grafana-cli cue subcommand
* Remove old testdata
* Don't swallow errors from codegen
* Small nits and tweaks to cuectx package
* WIP - refactor pluggen to use Thema
Also consolidate the embed.FS in the repo root.
* Finish halfway rename
* Convert all panel models.cue to thema
* Rewrite pluggen to use Thema
* Remove pkg/schema, and trim command
* Remove schemaloader service and usages
Will be replaced by coremodel-centric hydrate/dehydrate system Soon™.
* Remove schemaloader from wire
* Remove hangover field on histogram models.cue
* Fix lint errors, some vestiges of trim service
* Remove unused cuetsify cli command
* API: Migrate CSRF to service and support additional options
* minor
* public Csrf service to use in tests
* WIP
* remove fmt
* comment
* WIP
* remove fmt prints
* todo add prefix slash
* remove fmt prints
* linting fix
* remove trimPrefix
Co-authored-by: Eric Leijonmarck <eric.leijonmarck@gmail.com>
Co-authored-by: IevaVasiljeva <ieva.vasiljeva@grafana.com>
* Add store split for Get Dashboard version method
* Implement dashboard version service
* Fix api tests
* Remove GetDashboarVersion from sqlstore
* Add fakes for Get dashboard version
* Fix sqlstore test
* Add Get Dashboard store test
* Add dashver service test
* Remove useless comments
* Add coremodelValidation feature flag
* coremodels: use stubs when feature flag is off
* api: validate dashboards on save
* Need pointer receiver for FeatureManager
* Update dashboard Go model
* Align doc comments
* Include CoremodelRegistry in test
* Wedge coremodel in on all test cases, ugh
* Ugh fix comment again
* Update pkg/framework/coremodel/staticregistry/provide.go
Co-authored-by: Artur Wierzbicki <wierzbicki.artur.94@gmail.com>
* Update Thema (and its deps) for better errs
* omg whitespace
Co-authored-by: Artur Wierzbicki <wierzbicki.artur.94@gmail.com>
* #45498: add entity events table
* #45498: add entity events service
* #45498: hook up entity events service to http server
* #45498: use `dashboards.id` rather than `uid` and `org_id` in grn
* Update pkg/services/entityevents/service.go
Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
* #45498: move entityeventsservice to services/store
* #45498: add null check
* #45498: rename
* #45498: fix comment
* #45498: switch grn back to uid
* Search: listen for updates (#47719)
* #45498: wire entity event service with searchv2
* load last event id before building index for org 1
* fix service init in integration tests
* depend on required subset of event store methods
* Update pkg/services/sqlstore/migrations/entity_events_mig.go
Co-authored-by: Alexander Emelin <frvzmb@gmail.com>
* #45498: pointer receiver
* #45498: mockery!
* #45498: add entity events service to background services
* dashboard query pagination, allow queries while re-indexing
* log level cleanups, use rlock, add comments
* fix lint, check feature toggle in search v2 service
* use unix time for event created column
* add missing changes for created column
* fix integration tests init
* log re-index execution times on info level
* #45498: fix entityEventsService tests
* #45498: save events on dashboard delete
* use camel case for log labels
* formatting
* #45498: rename grn to entityid
* #45498: add `IsDisabled` to entityEventsService
* #45498: remove feature flag from migration
* better context usage, fix capacity, comments/cleanups
* replace print with logger
* Revert "#45498: remove feature flag from migration"
This reverts commit ed23968898e27d65cfc5187acbcb1e8976c848a5.
* revert:revert:revert conditional feature flag
Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
Co-authored-by: Alexander Emelin <frvzmb@gmail.com>
* Implement preference service
* Adjust wire.go
* Fix integration test user
* Fix api pref tests
* Fix a11y error
Co-authored-by: Alexandra Vargas <alexa1866@gmail.com>
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>
* Use Wiring to initialize Avatar Cache Server
Create AvatarCacheServer Provider function and pass it in as an
argument to HTTPServer. Also convert CacheServer to a singleton
so that we keep all cached Avatar info in one place for easier access
* Refactor avatar cache server and add 'isCustom' check
Avatar cache server needs to perform two similar fetches
back-to-back; break up functions to allow for easy reuse.
Then add handling to see if a user has a custom avatar.
* Add additional accessors so that /recents api can easily use the cache
* Minor mods to avatar server to facilitiate unit testing
* add unit tests for avatar fetching
* add error handling in case we somehow fetch gravatars while they are disabled
* linting: read error return value in unit test
* Use http package status codes
Co-authored-by: Ezequiel Victorero <evictorero@gmail.com>
* Use http package status codes
Co-authored-by: Ezequiel Victorero <evictorero@gmail.com>
* Use http package status codes
Co-authored-by: Ezequiel Victorero <evictorero@gmail.com>
* Incorporate suggestions from PR
-avoid mutating arguments
-change error handler function to private and make name more descriptive
Co-authored-by: Ezequiel Victorero <evictorero@gmail.com>
Refactors GetPluginDashboards/LoadPluginDashboard by moving database
interaction from plugin management to the plugindashboards service.
Fixes#44553
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
* Chore: Remove deprecated no-op option PreferServerCipherSuites
from the tls configs.
Per golang docs: "PreferServerCipherSuites is a legacy field and has no effect."
* Add actions and scopes
* add resource service for dashboard and folder
* Add dashboard guardian with fgac permission evaluation
* Add CanDelete function to guardian interface
* Add CanDelete property to folder and dashboard dto and set values
* change to correct function name
* Add accesscontrol to folder endpoints
* add access control to dashboard endpoints
* check access for nav links
* Add fixed roles for dashboard and folders
* use correct package
* add hack to override guardian Constructor if accesscontrol is enabled
* Add services
* Add function to handle api backward compatability
* Add permissionServices to HttpServer
* Set permission when new dashboard is created
* Add default permission when creating new dashboard
* Set default permission when creating folder and dashboard
* Add access control filter for dashboard search
* Add to accept list
* Add accesscontrol to dashboardimport
* Disable access control in tests
* Add check to see if user is allow to create a dashboard
* Use SetPermissions
* Use function to set several permissions at once
* remove permissions for folder and dashboard on delete
* update required permission
* set permission for provisioning
* Add CanCreate to dashboard guardian and set correct permisisons for
provisioning
* Dont set admin on folder / dashboard creation
* Add dashboard and folder permission migrations
* Add tests for CanCreate
* Add roles and update descriptions
* Solve uid to id for dashboard and folder permissions
* Add folder and dashboard actions to permission filter
* Handle viewer_can_edit flag
* set folder and dashboard permissions services
* Add dashboard permissions when importing a new dashboard
* Set access control permissions on provisioning
* Pass feature flags and only set permissions if access control is enabled
* only add default permissions for folders and dashboards without folders
* Batch create permissions in migrations
* Remove `dashboards:edit` action
* Remove unused function from interface
* Update pkg/services/guardian/accesscontrol_guardian_test.go
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
* Create DashAlertService service
* Remove no used dashboard service from plugin's manager that generates dependency cycle in Enterprise
* Remove bus for dashboard permissions
* Remove bus from dashboard extractor service
* Add missing argument
* Fix wire
* Fix lint
* More goimports
* Use datasource service instead sql calls
* Fix integration test
* Use PluginSettingsService instead of SQLStore in plugins
* Fix pluginproxy use of pluginsettings methods
* Fix additional pluginsettings methods
* Remove dispatch from plugindashboards
* Fix lint and adjust mock
* Remove unused pluginsettings
* Rename pluginsetting Service and ServiceImpl and add binding to wire
* Move pluginsettings binding in wire file
* Add providers to folder and dashboard services
* Refactor folder and dashboard services
* Move store implementation to its own file due wire cannot allow us to cast to SQLStore
* Add store in some places and more missing dependencies
* Bad merge fix
* Remove old functions from tests and few fixes
* Fix provisioning
* Remove store from http server and some test fixes
* Test fixes
* Fix dashboard and folder tests
* Fix library tests
* Fix provisioning tests
* Fix plugins manager tests
* Fix alert and org users tests
* Refactor service package and more test fixes
* Fix dashboard_test tets
* Fix api tests
* Some lint fixes
* Fix lint
* More lint :/
* Move dashboard integration tests to dashboards service and fix dependencies
* Lint + tests
* More integration tests fixes
* Lint
* Lint again
* Fix tests again and again anda again
* Update searchstore_test
* Fix goimports
* More go imports
* More imports fixes
* Fix lint
* Move UnprovisionDashboard function into dashboard service and remove bus
* Use search service instead of bus
* Fix test
* Fix go imports
* Use nil in tests
* Remove bus from datasource api
* Add DatasourcePermissionService and use it in api
* Fix wire and rename
* Fix import in wire
* Fix bug
* Rename Service to OSS service
* Roll back fix
* * Teams: Appropriately apply user id filter in /api/teams/:id and /api/teams/search
* Teams: Ensure that users searching for teams are only able see teams they have access to
* Teams: Require teamGuardian admin privileges to list team members
* Teams: Prevent org viewers from administering teams
* Teams: Add org_id condition to team count query
* Teams: clarify permission requirements in teams api docs
* Teams: expand scenarios for team search tests
* Teams: mock teamGuardian in tests
Co-authored-by: Dan Cech <dcech@grafana.com>
* remove duplicate WHERE statement
* Fix for CVE-2022-21702
(cherry picked from commit 202d7c190082c094bc1dc13f7fe9464746c37f9e)
* Lint and test fixes
(cherry picked from commit 3e6b67d5504abf4a1d7b8d621f04d062c048e981)
* check content type properly
(cherry picked from commit 70b4458892bf2f776302720c10d24c9ff34edd98)
* basic csrf origin check
(cherry picked from commit 3adaa5ff39832364f6390881fb5b42ad47df92e1)
* compare origin to host
(cherry picked from commit 5443892699e8ed42836bb2b9a44744ff3e970f42)
* simplify url parsing
(cherry picked from commit b2ffbc9513fed75468628370a48b929d30af2b1d)
* check csrf for GET requests, only compare origin
(cherry picked from commit 8b81dc12d8f8a1f07852809c5b4d44f0f0b1d709)
* parse content type properly
(cherry picked from commit 16f76f4902e6f2188bea9606c68b551af186bdc0)
* mentioned get in the comment
(cherry picked from commit a7e61811ef8ae558ce721e2e3fed04ce7a5a5345)
* add content-type: application/json to test HTTP requests
* fix pluginproxy test
* Fix linter when comparing errors
Co-authored-by: Kevin Minehart <kmineh0151@gmail.com>
Co-authored-by: Dan Cech <dcech@grafana.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Co-authored-by: Serge Zaitsev <serge.zaitsev@grafana.com>
Co-authored-by: Vardan Torosyan <vardants@gmail.com>
