* Add showPolicies prop
* Add manage permissions component for easier reuse within alerting
* Add method for checking whether to show access control within alerting
* Remove accidental console.log from main
* Tweak styling for contact point width and add manage permissions drawer
* Improve typing for access control type response
* Add basic test for manage permissions on contact points list
* Only show manage permissions if grafana AM and alertingApiServer is enabled
* Update i18n
* Add test utils for turning features on and back off
* Add access control handlers
* Update tests with new util
* Pass AM in and add tests
* Receiver OSS resource permissions
There is a complication that is not fully addressed: Viewer defaults to read:*
and Editor defaults to read+write+delete:*
This is different to other resource permissions where non-admin are not granted
any global permissions and instead access is handled solely by resource-specific
permissions that are populated on create and removed on delete.
This allows them to easily remove permission to view or edit a single resource
from basic roles.
The reason this is tricky here is that we have multiple APIs that can
create/delete receivers: config api, provisioning api, and k8s receivers api.
Config api in particular is not well-equipped to determine when creates/deletes
are happening and thus ensuring that the proper resource-specific permissions
are created/deleted is finicky.
We would also have to create a migration to populate resource-specific
permissions for all current receivers. This migration would need to be reset so
it can run again if the flag is disabled.
* Add access control permissions
* Pass in contact point ID to receivers form
* Temporarily remove access control check for contact points
* Include access control metadata in k8s receiver List & Get
GET: Always included.
LIST: Included by adding a label selector with value `grafana.com/accessControl`
* Include new permissions for contact points navbar
* Fix receiver creator fixed role to not give global read
* Include in-use metadata in k8s receiver List & Get
GET: Always included.
LIST: Included by adding a label selector with value `grafana.com/inUse`
* Add receiver creator permission to receiver writer
* Add receiver creator permission to navbar
* Always allow listing receivers, don't return 403
* Remove receiver read precondition from receiver create
Otherwise, Creator role will not be able to create their first receiver
* Update routes permissions
* Add further support for RBAC in contact points
* Update routes permissions
* Update contact points header logic
* Back out test feature toggle refactor
Not working atm, not sure why
* Tidy up imports
* Update mock permissions
* Revert more test changes
* Update i18n
* Sync inuse metadata pr
* Add back canAdmin permissions after main merge
* Split out check for policies navtree item
* Tidy up utils and imports and fix rules in use
* Fix contact point tests and act warnings
* Add missing ReceiverPermissionAdmin after merge conflict
* Move contact points permissions
* Only show contact points filter when permissions are correct
* Move to constants
* Fallback to empty array and remove labelSelectors (not needed)
* Allow `toAbility` to take multiple actions
* Show builtin alertmanager if contact points permission
* Add empty state and hide templates if missing permissions
* Translations
* Tidy up mock data
* Fix tests and templates permission
* Update message for unused contact points
* Don't return 403 when user lists receivers and has access to none
* Fix receiver create not adding empty uid permissions
* Move SetDefaultPermissions to ReceiverPermissionService
* Have SetDefaultPermissions use uid from string
Fixes circular dependency
* Add FakeReceiverPermissionsService and fix test wiring
* Implement resource permission handling in provisioning API and renames
Create: Sets to default permissions
Delete: Removes permissions
Update: If receiver name is modified and the new name doesn't exist, it copies
the permissions from the old receiver to the newly created one. If old receiver
is now empty, it removes the old permissions as well.
* Split contact point permissions checks for read/modify
* Generalise getting annotation values from k8s entities
* Proxy RouteDeleteAlertingConfig through MultiOrgAlertmanager
* Cleanup permissions on config api reset and restore
* Cleanup permissions on config api POST
note this is still not available with feature flag enabled
* Gate the permission manager behind FF until initial migration is added
* Sync changes from config api PR
* Switch to named export
* Revert unnecessary changes
* Revert Filter auth change and implement in k8s api only
* Don't allow new scoped permissions to give access without FF
Prevents complications around mixed support for the scoped permissions causing
oddities in the UI.
* Fix integration tests to account for list permission change
* Move to `permissions` file
* Add additional tests for contact points
* Fix redirect for viewer on edit page
* Combine alerting test utils and move to new file location
* Allow new permissions to access provisioning export paths with FF
* Always allow exporting if its grafana flavoured
* Fix logic for showing auto generated policies
* Fix delete logic for contact point only referenced by a rule
* Suppress warning message when renaming a contact point
* Clear team and role perm cache on receiver rename
Prevents temporarily broken UI permissions after rename when a user's source of
elevated permissions comes from a cached team or basic role permission.
* Debug log failed cache clear on CopyPermissions
---------
Co-authored-by: Matt Jacobson <matthew.jacobson@grafana.com>
* feat: add setup guide in home tab
* chore: add feature toggle for setup guide
* chore: add feature toggle for sub menu
* chore: run pretier
* chore: run i18n
* chore: run generated files again
* chore: update description
* chore: update comment to trigger test flow
* chore: trigger test
* chore: fix styling
* feat: supporting code for groupsync extension UI
* Add result of running i18n extraction
* Place the UI behind a feature toggle as well as the license feature
* Also add access checks to route loading of groupsync route with feature toggle
* Add access check on permissions to show External group sync in nav
* fix: New version of multiOrgRoleOptions hook
* Remove OSS route definition
* Apply feedback on nav title
* chore: Bump Go to 1.23.0
Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
* update swagger files
Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
* chore: update .bingo/README.md formatting to satisfy prettier
Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
* chore(lint): Fix new lint errors found by golangci-lint 1.60.1 and Go 1.23
Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
* keep golden file
* update openapi
* add name to expected output
* chore(lint): rearrange imports to a sensible order
Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
---------
Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
* Navigation: Show list of pinned ites on the navigation
* Rename section to 'Bookmarks'
* Internationalization
* Rename everything to bookmarks
* Update public/app/core/reducers/navBarTree.ts
Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>
* Ignore empty message as well
* Dont update navigation if there is an error patching
---------
Co-authored-by: Alex Khomenko <Clarity-89@users.noreply.github.com>
* Implement EventDetails for expanded rows and pagination on the events list
* Add test for getPanelDataForRule function
* prettier
* refactor EventState component
* create interfaces for props
* Add missing translations
* Update some comments
* Add plus button in alertrulename , to add it into the filter
* Add plus button to add filters from the list labels and alert name
* Add clear labels filter button
* run prettier
* fix RBAC checks
* Update AlertLabels onLabelClick functionality
* add limit=0 in useCombinedRule call
* Add filter by state
* remove plus button in labels
* Fix state filter
* Add filter by previous state
* fix some errors after solving conflicts
* Add comments and remove some type assertions
* Update the number of transitions calculation to be for each instance
* Add tests for state filters
* remove type assertion
* Address review comments
* Update returnTo prop in alert list view url
* Update translations
* address review comments
* prettier
* update cursor to pointer
* Address Deyan review comments
* address review pr comments from Deyan
* fix label styles
* Visualize expanded row as a state graph and address some pr review comments
* Add warning when limit of events is reached and rename onClickLabel
* Update texts
* Fix translations
* Update some Labels in the expanded states visualization
* move getPanelDataForRule to a separate file
* Add header to the list of events
* Move HistoryErrorMessage to a separate file
* remove getPanelDataForRule function and test
* add comment
* fitler by instance label results shown inthe state chart
* remove defaults.ini changes
* fix having single event on time state chart
---------
Co-authored-by: Gilles De Mey <gilles.de.mey@gmail.com>
* WIP
* Add barchart panel with scenes
* Fix timerange in barchart panel
* Refactor: component names
* Remove not used css styles and rename panel title
* Remove unnecessary HistoryEventsListObject class and update text in labels filter
* add padding top for filter
* Add translations
* update limit labels constant
* Update showing state reason
* Fix scene object
* Address review comments
* Update icons
* use endpoints instead of the autogenerated hook
* Address review comments
* Add tooltip for alert name
* use private polling interval
* fix autogenerated translations
* Address pr rewview comments
* Address review comments
* Update text in placeholder
* Rename variable and remove spaces in Trans children
* add strategy and tests
* use settings provider service and remove multiple providers strategy
* Move SAML strategy to ssosettings service
* Update codeowners file
* reload from settings provider
* add saml as configurable provider
* Add new SAML strategy
* rename old saml settings interface
* update saml string references
* use OSS license
* validate saml provider depends on license for List
* add tests for list rendering including saml
* change the licensing validation to service init
* replace service struct for provider
* Unify how the version is shown in the UI
* use versionString in dashboard help bundles
* fix lint
* remove comment
* fix test types
* make test less flakey
Removes legacy alerting, so long and thanks for all the fish! 🐟
---------
Co-authored-by: Matthew Jacobson <matthew.jacobson@grafana.com>
Co-authored-by: Sonia Aguilar <soniaAguilarPeiron@users.noreply.github.com>
Co-authored-by: Armand Grillet <armandgrillet@users.noreply.github.com>
Co-authored-by: William Wernert <rwwiv@users.noreply.github.com>
Co-authored-by: Yuri Tseretyan <yuriy.tseretyan@grafana.com>
* remove toggle
* remove code not behind toggle
* remove old MegaMenu
* rename DockedMegaMenu -> MegaMenu and clean up go code
* fix backend test
* run yarn i18n:extract
* fix some unit tests
* fix remaining unit tests
* fix remaining e2e/unit tests
