grafana

Commit Graph

Author	SHA1	Message	Date
idafurjes	da72a4ed2e	Chore move Filter to user service (#53588 )	4 years ago
idafurjes	6afad51761	Move SignedInUser to user service and RoleType and Roles to org (#53445 ) * Move SignedInUser to user service and RoleType and Roles to org * Use go naming convention for roles * Fix some imports and leftovers * Fix ldap debug test * Fix lint * Fix lint 2 * Fix lint 3 * Fix type and not needed conversion * Clean up messages in api tests * Clean up api tests 2	4 years ago
idafurjes	d3d8fdd878	Chore: Move user errors to user service (#52460 ) * Move user not found err to user service * User ErrCaseInsensitive from user pkg * User ErrUserAlreadyExists from user pkg * User ErrLastGrafanaAdmin from user pkg * Remove errors from model	4 years ago
idafurjes	6c43eb0b4d	Split Create User (#50502 ) * Split Create User * Use new create user and User from package user * Add service to wire * Making create user work * Replace user from user pkg * One more * Move Insert to orguser Service/Store * Remove unnecessary conversion * Cleaunp * Fix Get User and add fakes * Fixing get org id for user logic, adding fakes and other adjustments * Add some tests for ourguser service and store * Fix insert org logic * Add comment about deprecation * Fix after merge with main * Move orguser service/store to org service/store * Remove orguser from wire * Unimplement new Create user and use User from pkg user * Fix wire generation * Fix lint * Fix lint - use only User and CrateUserCommand from user pkg * Remove User and CreateUserCommand from models * Fix lint 2	4 years ago
Jguer	0689c5839a	Auth: Add option for case insensitive login (#49262 ) * add case insensitive option * treat id as case insensitive * Users: Add integration tests for case insensitive querying * Prefer config struct to global variable * change key to case_insensitive_login * impede conflicting users from logging in * add tests for impeding user retrieval if conflicting * nits and picks Co-authored-by: gamab <gabi.mabs@gmail.com> * Add check in transaction for conflicting user Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> * add update tests * skip on mysql * add custom messages for user admin view Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> * nit: extra else * linting mistake Co-authored-by: gamab <gabi.mabs@gmail.com> Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>	4 years ago
Eric Leijonmarck	555867135b	Access control: Using RBAC to filter users in list view that you have read access to (#47963 ) * Add SQL filter for global user search * Remove scope requirements from endpoints Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> Co-authored-by: Ieva <ieva.vasiljeva@grafana.com> Co-authored-by: Karl Persson <kalle.persson@grafana.com>	4 years ago
Eric Leijonmarck	673a2ab49e	fix: bug where disabled didnt disable the use of service account (#47688 )	4 years ago
Piotr Jamróz	8490fd77e3	Users: clean up OrgId when all user orgs are removed (#46003 ) * Clean up orgId when user organization is removed * Add a test for removing user org * Fix linting errors * Update comment * Fix linting errors * Make removing user org more explicit	4 years ago
Josh Hunt	71db5115f4	User: Expose GCOM user ID as externalUserId in grafanaBootData (#47307 ) * user essentials mob! 🔱 * user essentials mob! 🔱 * user essentials mob! 🔱 * user essentials mob! 🔱 * user essentials mob! 🔱 * fix sql indtent Co-authored-by: Joao Silva <joao.silva@grafana.com> Co-authored-by: Ashley Harrison <ashley.harrison@grafana.com>	4 years ago
Karl Persson	77393121ca	ingore permissions in json serialization (#46295 )	4 years ago
J Guerreiro	056e143664	AccessControl: Present user edit actions according to AC metadata (#43602 ) * AccessControl: Add user metadata to user detail view * AccessControl: Do not present delete or disable buttons based on ac metadata in admin/users * AccessControl: do not allow password changing or user editing without permission * AccessControl: Fetch global:users scope for admin * AccessControl: optimize org.user metadata fetch * Chore: early return if ac metadata is not available	4 years ago
Karl Persson	9558c09a7c	Access Control: Store permissions on SignedInUser (#43040 ) * add permission structure to signedinuser * add middleware to load user permissions into signedinuser struct * apply LoadPermissionsMiddleware to http server * check for permissions in signedinuser struct Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>	5 years ago
Eric Leijonmarck	4fd3dd41bc	ServiceAccounts: Delete ServiceAccount (#40470 ) * Add extra fields to OSS types to support enterprise * WIP service accounts * Update public/app/features/api-keys/ApiKeysForm.tsx Co-authored-by: Hugo Häggmark <hugo.haggmark@grafana.com> * Create a service account at the same time as the API key * Use service account credentials when accessing API with APIkey * Throw better error * Use Boolean for "create service account button" * Add GetRole to service, merge RoleDTO and Role structs This patch merges the identical OSS and Enterprise data structures, which improves the code for two reasons: 1. Makes switching between OSS and Enterprise easier 2. Reduces the chance of incompatibilities developing between the same functions in OSS and Enterprise * Start work cloning permissions onto service account * If API key is not linked to a service account, continue login as usual * Fallback to old auth if no service account linked to key * Commented * Add CloneUserToServiceAccount * Update mock.go * Put graphical bits behind a feature toggle * Start adding LinkAPIKeyToServiceAccount * Update pkg/models/user.go Co-authored-by: Eric Leijonmarck <eric.leijonmarck@gmail.com> * Update pkg/api/apikey.go Co-authored-by: Eric Leijonmarck <eric.leijonmarck@gmail.com> * Update pkg/api/apikey.go Co-authored-by: Eric Leijonmarck <eric.leijonmarck@gmail.com> * Finish LinkAPIKeyToServiceAccount * Update comment * Handle api key link error * Update pkg/services/sqlstore/apikey.go Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com> * Feature toggle * Update pkg/services/accesscontrol/accesscontrol.go Co-authored-by: Ieva <ieva.vasiljeva@grafana.com> * Not needed (yet) * Better error messages for OSS accesscontrol * Set an invalid user id as default * ServiceAccountId should be string * Re-arrange field names * ServiceAccountId is integer * Update ossaccesscontrol.go * Linter * Remove fronend edits * Remove console log * Update ApiKeysForm.tsx * feat: add serviceaccount deletion * feat: make sure we do not accidently delete serviceaccount * feat: ServiceAccount Type * refactor: userDeletions function * refactor: serviceaccount deletions\ * refactor: error name and removed attribute for userDeletecommand * refactor:: remove serviceaccount type for now * WIP * add mocked function * Remove unnecessary db query, move to right place * Update pkg/services/accesscontrol/mock/mock.go Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> * Update pkg/services/accesscontrol/mock/mock.go Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> * Update pkg/services/accesscontrol/mock/mock.go Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> * Better error messages * Better and correcter error messages * add mocked function * refactor: move function call, add error msg * add IsServiceAccount and fix table * add service accounts package * WIP * WIP * working serviceaccountsapi registration * WIP tests * test * test working * test running for service * moved the error out of the models package * fixed own review * linting errors * Update pkg/services/serviceaccounts/database/database.go Co-authored-by: Jeremy Price <Jeremy.price@grafana.com> * tests running for api * WIP * WIP * removed unused secrets background svc * removed background svc for serviceaccount infavor or wire.go * serviceaccounts manager tests * registering as backend service Co-authored-by: Jeremy Price <jeremy.price@grafana.com> Co-authored-by: Hugo Häggmark <hugo.haggmark@grafana.com> Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com> Co-authored-by: Ieva <ieva.vasiljeva@grafana.com> Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>	5 years ago
Jeremy Price	6dbb6408d4	Access Control: Add service accounts (#38994 ) * Add extra fields to OSS types to support enterprise * Create a service account at the same time as the API key * Use service account credentials when accessing API with APIkey * Add GetRole to service, merge RoleDTO and Role structs This patch merges the identical OSS and Enterprise data structures, which improves the code for two reasons: 1. Makes switching between OSS and Enterprise easier 2. Reduces the chance of incompatibilities developing between the same functions in OSS and Enterprise * If API key is not linked to a service account, continue login as usual * Fallback to old auth if no service account linked to key * Add CloneUserToServiceAccount * Adding LinkAPIKeyToServiceAccount * Handle api key link error * Better error messages for OSS accesscontrol * Set an invalid user id as default * Re-arrange field names * ServiceAccountId is integer * Better error messages Co-authored-by: Hugo Häggmark <hugo.haggmark@grafana.com> Co-authored-by: Eric Leijonmarck <eric.leijonmarck@gmail.com> Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com> Co-authored-by: Ieva <ieva.vasiljeva@grafana.com> Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>	5 years ago
Selene	da813877fb	Create search filters by interface (#39843 ) * Extract search users to a new service * Fix wire provider * Fix common_test and remove RouteRegister * Remove old endpoints * Fix test * Create search filters using interfaces * Move Enterprise filter, rename filter for filters and allow use filters with params * Each filter has unique key * Back activeLast30Days filter to OSS * Fix tests * Delete unusued param * Move filters to searchusers service and small refactor * Fix tests	5 years ago
Selene	e47a60f511	Add filter to search users by active (#38637 ) * Add filter to search users by active * Fix query	5 years ago
Leonard Gram	d51b2630c7	Auth: creates a hook in the user mapping flow (#37190 ) * wip * Auth Info: refactored out into it's own service * Auth: adds extension point where users are being mapped * Update pkg/services/login/authinfoservice/service.go Co-authored-by: Joan López de la Franca Beltran <joanjan14@gmail.com> * Update pkg/services/login/authinfoservice/service.go Co-authored-by: Joan López de la Franca Beltran <joanjan14@gmail.com> * Auth: simplified code * moved most authinfo stuff to its own package * added back code * linter * simplified Co-authored-by: Joan López de la Franca Beltran <joanjan14@gmail.com>	5 years ago
Ryan McKinley	1dd9e9b184	Live: support a dashboard gitops channel (#33291 )	5 years ago
Joan López de la Franca Beltran	5c07df9f4b	Chore: Replace Command dispatches by explicit calls (#32131 ) * Clean up GetProvisionedDashboardDataByIdQuery * Clean up SaveProvisionedDashboardCommand * Clean up & fix AddTeamMemberCommand usages * Clean up & fix UpdateUserPermissionsCommand usages * Lint imports	5 years ago
Arve Knudsen	676d393ec9	Chore: Fix issues reported by staticcheck; enable stylecheck linter (#28866 ) * Chore: Fix issues reported by staticcheck Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> * Apply suggestions from code review Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>	6 years ago
Arve Knudsen	3d3a7cbba8	Chore: Fix staticcheck issues (#28860 ) * Chore: Fix issues reported by staticcheck Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> * Undo changes Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> * Chore: Fix issues reported by staticcheck Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> * Fix test Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> * Fix test Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>	6 years ago
Joan López de la Franca Beltran	ef631582ba	Users: Improve conflict error handling (#26958 ) * API: Improve error handling (#26934) * New ErrUserAlreadyExists error has been introduced * Create user endpoint returns 412 Precondition Failed on ErrUserAlreadyExists errors * Make ErrUserAlreadyExists error message clearer Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com> * Use errors.Is instead of equality comparator on AdminCreateUser handler * Improve sqlstore/user test definition Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com> * Improve sqlstore/user tests for ErrUserAlreadyExists cases * Remove no needed string fmt and err declaration on sqlstore/user tests * Code improvements for sqlstore/user tests Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com> * Use err.Error() instead of sentinel error value on AdminCreateUser Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com> * Add ErrUserAlreadyExists handling for signup & org invite use cases Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com> Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>	6 years ago
Arve Knudsen	d4e4cb4c71	Chore: Enable Go linter gocritic (#26224 ) * Chore: Enable gocritic linter Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>	6 years ago
Mario Trangoni	5116420e9a	Fix misspell issues (#23905 ) * Fix misspell issues See, $ golangci-lint run --timeout 10m --disable-all -E misspell ./... Signed-off-by: Mario Trangoni <mjtrangoni@gmail.com> * Fix codespell issues See, $ codespell -S './.git' -L 'uint,thru,pres,unknwon,serie,referer,uptodate,durationm' Signed-off-by: Mario Trangoni <mjtrangoni@gmail.com> ci please? * non-empty commit - ci? * Trigger build Co-authored-by: bergquist <carl.bergquist@gmail.com> Co-authored-by: Kyle Brandt <kyle@grafana.com>	6 years ago
Émile Fugulin	d721dd13cd	Allow API to assign new user to a specific organization (#21775 ) * Allow API to assign new user to a specific organization * Add defer block to test * Add API tests and return 400 instead of 500 for bad orgId * Minor test improvements	6 years ago
Alexander Zobnin	8505d90768	Admin: New Admin User page (#20498 ) * admin: user page to react WIP * admin user page: basic view * admin user page: refactor, extract orgs and permissions components * admin user: change sessions actions styles * admin user: add disable button * user admin: add change grafana admin action * user admin: able to change org role and remove org * user admin: confirm force logout * user admin: change org button style * user admin: add confirm modals for critical actions * user admin: lock down ldap user info * user admin: align with latest design changes * user admin: add LDAP sync * admin user: confirm button * user admin: add to org modal * user admin: fix ConfirmButton story * admin user: handle grafana admin change * ConfirmButton: make styled component * ConfirmButton: completely styled component * User Admin: permissions section refactor * admin user: refactor (orgs and sessions) * ConfirmButton: able to set confirm variant * admin user: inline org removal * admin user: show ldap sync info only for ldap users * admin user: edit profile * ConfirmButton: some fixes after review * Chore: fix storybook build * admin user: rename handlers * admin user: remove LdapUserPage import from routes * Chore: fix ConfirmButton tests * Chore: fix user api endpoint tests * Chore: update failed test snapshots * admin user: redux actions WIP * admin user: use new ConfirmModal component for user profile * admin user: use new ConfirmModal component for sessions * admin user: use lockMessage * ConfirmButton: use primary button as default * admin user: fix ActionButton color * UI: use Icon component for Modal * UI: refactor ConfirmModal after Modal changes * UI: add link button variant * UI: able to use custom ConfirmButton * Chore: fix type errors after ConfirmButton refactor * Chore: revert Graph component changes (works with TS 3.7) * Chore: use Forms.Button instead of ActionButton * admin user: align items * admin user: align add to org modal * UI: organization picker component * admin user: use org picker for AddToOrgModal * admin user: org actions * admin user: connect sessions actions * admin user: updateUserPermissions action * admin user: enable delete user action * admin user: sync ldap user * Chore: refactor, remove unused code * Chore: refactor, move api calls to actions * admin user: set user password action * Chore: refactor, remove unused components * admin user: set input focus on edit * admin user: pass user into debug LDAP mapping * UserAdminPage: Ux changes * UserAdminPage: align buttons to the left * UserAdminPage: align delete user button * UserAdminPage: swap add to org modal buttons * UserAdminPage: set password field to empty when editing * UserAdminPage: fix tests * Updated button border * Chore: fix ConfirmButton after changes introduced in #21092 Co-authored-by: Torkel Ödegaard <torkel@grafana.com>	6 years ago
Rafael George	e1b2bf711d	API: Add createdAt field to /api/users/:id (#19475 ) It would help for auditing purposes to have the user's created date exposed via the API along with the other fields already exposed via the API.	7 years ago
gotjosh	fa007423e3	API: Add `updatedAt` to api/users/:id (#19004 ) * API: Add `updatedAt` to api/users/:id This adds the timestamp of when a particular user was last updated to the `api/users/:id` endpoint. This helps our administrators understand when was the user information last updated. Particularly when it comes from external systems e.g. LDAP	7 years ago
Sofia Papagiannaki	7520166f17	API: Minor fix for team creation endpoint when using API key (#18252 ) * Fix CreateTeam api endpoint No team member should be created for requests authenticated by API tokens. * Update middleware test Assert that `isAnonymous` is set for `SignedInUser` authenticated via API key. * Add test for team creation Assert that no team member is created if the signed in user is anomymous. * Revert "Fix CreateTeam api endpoint" This reverts commit `9fcc4e67f5`. * Revert "Update middleware test" This reverts commit `75f767e58d`. * Fix CreateTeam api endpoint No team member should be created for requests authenticated by API tokens. * Update team test * Change error to warning and update tests	7 years ago
Oleg Gaidarenko	d9f01cb822	SQLStore: use bool pointer instead of string (#18111 )	7 years ago
Oleg Gaidarenko	8e0f091f14	SQLStore: allow to look for `is_disabled` flag (#18032 ) * Add support for `is_disabled` to `CreateUser()` * Add support for `is_disabled` to `SearchUsers()` Had to add it as a `string` type not as `bool`, since if that's property is omitted, we would have add it to SQL request, which might be dangerous * Restructure desctructive tests and add more	7 years ago
Alexander Zobnin	5f0a7f43c3	Users: show badges for each auth provider (#17869 ) * Users: show badges for each auth provider * Chore: don't use functions in angular bindings * Users: minor style changes to labels * Chore: convert auth labels on the backed side, deduplicate frontend code * Users: use authLabels everywhere instead of authModule * User: fix edit user page style * Users: minor fixes after review	7 years ago
Alexander Zobnin	dad894f1cc	API: get list of users with additional auth info (#17305 ) * batch disable users * batch revoke users tokens * split batch disable user and revoke token * API: get users with auth info and isExternal flag * fix tests for batch disable users * Users: refactor /api/users/search endpoint * Users: use alias for "user" table * Chore: add BatchDisableUsers() to the bus * Users: order user list by id explicitly * Users: return AuthModule from /api/users/:id endpoint * Users: do not return unused fields * Users: fix SearchUsers method after last changes * User: return auth module as array for future purposes * User: tests for SearchUsers() * User: return only latest auth module in SearchUsers() * User: fix JOIN, get only most recent auth module	7 years ago
Oleg Gaidarenko	c853ef7318	SQLStore: extend `user.SearchUsers` method (#17514 ) * SQLStore: extend `user.SearchUsers` method Allow `user.SearchUsers` to search users based on their auth type	7 years ago
Alexander Zobnin	60ddad8fdb	Batch disable users (#17254 ) * batch disable users * batch revoke users tokens * split batch disable user and revoke token * fix tests for batch disable users * Chore: add BatchDisableUsers() to the bus	7 years ago
Alexander Zobnin	2d03815770	Users: Disable users removed from LDAP (#16820 ) * Users: add is_disabled column * Users: disable users removed from LDAP * Auth: return ErrInvalidCredentials for failed LDAP auth * User: return isDisabled flag in user search api * User: mark disabled users at the server admin page * Chore: refactor according to review * Auth: prevent disabled user from login * Auth: re-enable user when it found in ldap * User: add api endpoint for disabling user * User: use separate endpoints to disable/enable user * User: disallow disabling external users * User: able do disable users from admin UI * Chore: refactor based on review * Chore: use more clear error check when disabling user * Fix login tests * Tests for disabling user during the LDAP login * Tests for disable user API * Tests for login with disabled user * Remove disable user UI stub * Sync with latest LDAP refactoring	7 years ago
danielbh	d1b8f13c66	feat: #11067 prevent removing last grafana admin permissions	8 years ago
Marcus Efraimsson	70ddf93688	include teams on signed in user	8 years ago
Torkel Ödegaard	a8a5f8181b	fix: viewers can edit now works correctly	9 years ago
Torkel Ödegaard	2797e8e2d0	profile: use name or fallback for profile page	9 years ago
Torkel Ödegaard	011c582ebb	minor user avatar stuff	9 years ago
Torkel Ödegaard	95f5c84a57	ux: making org visibile in profile view	9 years ago
Torkel Ödegaard	e8a20643d6	feat: store last seen date for users and present in stats and user lists, closes #9007	9 years ago
Denis Doria	5aac2d2078	Include user Id on the lookup api (#8698 ) Implements feature request #8682	9 years ago
Torkel Ödegaard	3fe031d25d	refactoring: Dashboard guardian	9 years ago
Dan Cech	f490c5f12c	use X-Grafana-Org-Id header to ensure backend uses correct org (#8122 )	9 years ago
Daniel Lee	193d468ed3	admin: adds paging to global user list Currently there is a limit of 1000 users in the global user list. This change introduces paging so that an admin can see all users and not just the first 1000. Adds a new route to the api - /api/users/search that returns a list of users and a total count. It takes two parameters perpage and page that enable paging. Fixes #7469	9 years ago
Daniel Lee	1294b203e6	admin: adds paging to global user list Currently there is a limit of 1000 users in the global user list. This change introduces paging so that an admin can see all users and not just the first 1000. Adds a new route to the api - /api/users/search that returns a list of users and a total count. It takes two parameters perpage and page that enable paging. Fixes #7469	9 years ago
bergquist	96e8ecfa7b	feat(cli): adds command to reset admin password closes #5479	10 years ago
Torkel Ödegaard	fb57bf77da	ux(getting started): progress on getting started panel and persited help flag states, #6466	10 years ago

1 2

77 Commits (29fcc463336f7f0e00e94de6fe1cc6350c4eb0da)