grafana

Commit Graph

Author	SHA1	Message	Date
Serge Zaitsev	57fcfd578d	Chore: replace macaron with web package (#40136 ) * replace macaron with web package * add web.go	4 years ago
Selene	da813877fb	Create search filters by interface (#39843 ) * Extract search users to a new service * Fix wire provider * Fix common_test and remove RouteRegister * Remove old endpoints * Fix test * Create search filters using interfaces * Move Enterprise filter, rename filter for filters and allow use filters with params * Each filter has unique key * Back activeLast30Days filter to OSS * Fix tests * Delete unusued param * Move filters to searchusers service and small refactor * Fix tests	4 years ago
Selene	02702eb82d	Extract search users functions into a service (#39002 ) * Extract search users to a new service * Fix wire provider * Fix common_test and remove RouteRegister * Remove old endpoints * Fix test * Add indexes to dashboards and orgs tables * Fix lint	4 years ago
idafurjes	65ebb04cf3	Chore: Add context to org users (#39526 ) * Add context to org users * Fix go lint * Roll back xorm refactor * Use WithTransactionalDbSession * Update sqlstore.go Fix typo * Update org_users.go Fix typo	4 years ago
Gabriel MABILLE	9f29241a0c	AccessControl: add one-dimensional permissions to datasources (#38070 ) * AccessControl: add one-dimensional permissions to datasources in the backend * AccessControl: add one-dimensional permissions to datasources in the frontend (#38080) Co-authored-by: Hugo Häggmark <hugo.haggmark@grafana.com>	4 years ago
Arve Knudsen	78596a6756	Migrate to Wire for dependency injection (#32289 ) Fixes #30144 Co-authored-by: dsotirakis <sotirakis.dim@gmail.com> Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> Co-authored-by: Ida Furjesova <ida.furjesova@grafana.com> Co-authored-by: Jack Westbrook <jack.westbrook@gmail.com> Co-authored-by: Will Browne <wbrowne@users.noreply.github.com> Co-authored-by: Leon Sorokin <leeoniya@gmail.com> Co-authored-by: Andrej Ocenas <mr.ocenas@gmail.com> Co-authored-by: spinillos <selenepinillos@gmail.com> Co-authored-by: Karl Persson <kalle.persson@grafana.com> Co-authored-by: Leonard Gram <leo@xlson.com>	4 years ago
Gabriel MABILLE	f9273d0d37	AccessControl: Add a mock (#38515 )	4 years ago
Karl Persson	7ebf4027a7	Access Control: refactor permission evaluator to be more flexible (#35996 ) * add a more flexible way to create permissions * update interface for accesscontrol to use new eval interface * use new eval interface * update middleware to use new eval interface * remove evaluator function and move metrics to service * add tests for accesscontrol middleware * Remove failed function from interface and update inejct to create a new evaluator * Change name * Support Several sopes for a permission * use evaluator and update fakeAccessControl * Implement String that will return string representation of permissions for an evaluator Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>	4 years ago
Serge Zaitsev	707d3536f0	Macaron: Strip down renderer middleware (#37627 ) * strip down macaron renderer * inline renderHTML * remove IndentJSON parameter * replace renderer with a html/template set * fix failing test * fix renderer paths in tests * make template reloading even simpler * unify ignored gzip path lookup * fix csp middleware usage	4 years ago
Jeremy Price	e8e1a0b50b	Revert "Revert "AccessControl: Implement a way to register fixed roles (#35641 )" (#37397 )" (#37535 ) This reverts commit `55efeb0c02`.	4 years ago
Emil Tullstedt	55efeb0c02	Revert "AccessControl: Implement a way to register fixed roles (#35641 )" (#37397 ) This reverts commit `88c11f1cc0`.	4 years ago
Gabriel MABILLE	88c11f1cc0	AccessControl: Implement a way to register fixed roles (#35641 ) * AccessControl: Implement a way to register fixed roles * Add context to register func * Use FixedRoleGrantsMap instead of FixedRoleGrants * Removed FixedRoles map to sync.map * Wrote test for accesscontrol and provisioning * Use mutexes+map instead of sync maps * Create a sync map struct out of a Map and a Mutex * Create a sync map struct for grants as well * Validate builtin roles * Make validation public to access control * Handle errors consistently with what seeder does * Keep errors consistant amongst accesscontrol impl * Handle registration error * Reverse the registration direction thanks to a RoleRegistrant interface * Removed sync map in favor for simple maps since registration now happens during init * Work on the Registrant interface * Remove the Register Role from the interface to have services returning their registrations instead * Adding context to RegisterRegistrantsRoles and update descriptions * little bit of cosmetics * Making sure provisioning is ran after role registration * test for role registration * Change the accesscontrol interface to use a variadic * check if accesscontrol is enabled * Add a new test for RegisterFixedRoles and fix assign which was buggy * Moved RegistrationList def to roles.go * Change provisioning role's description * Better comment on RegisterFixedRoles * Correct comment on ValidateFixedRole * Simplify helper func to removeRoleHelper * Add log to saveFixedRole and assignFixedRole Co-authored-by: Vardan Torosyan <vardants@gmail.com> Co-authored-by: Jeremy Price <Jeremy.price@grafana.com>	4 years ago
Karl Persson	395b942134	Access Control: Add fine-grained access control to GET stats and settings handlers (#35622 ) * add accesscontrol action for stats read * use accesscontrol middleware for stats route * add fixed role with permissions to read sever stats * add accesscontrol action for settings read * use accesscontrol middleware for settings route * add fixed role with permissions to read settings * add accesscontrol tests for AdminGetSettings and AdminGetStats * add ability to scope settings * add tests for AdminGetSettings	4 years ago
Karl Persson	36c997a625	Access Control: Add fine-grained access control to ldap handlers (#35525 ) * Add new accesscontrol action for ldap config reload * Update ldapAdminEditRole with new ldap config reload permission * wrap /ldap/reload with accesscontrol authorize middleware * document new action and update fixed:ldap:admin:edit with said action * add fake accesscontrol implementation for tests * Add accesscontrol tests for ldap handlers Co-authored-by: Ursula Kallio <73951760+osg-grafana@users.noreply.github.com>	4 years ago
Vladimir Kochnev	39a3b0d0b0	Auth: support JWT Authentication (#29995 )	4 years ago
Hugo Häggmark	3d41267fc4	Chore: Moves common and response into separate packages (#30298 ) * Chore: moves common and response into separate packages * Chore: moves common and response into separate packages * Update pkg/api/utils/common.go Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com> * Chore: changes after PR comments * Chore: move wrap to routing package * Chore: move functions in common to response package * Chore: move functions in common to response package * Chore: formats imports Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com>	5 years ago
Arve Knudsen	dd2d206d99	Backend: Remove more globals (#29644 ) Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>	5 years ago
Arve Knudsen	12661e8a9d	Move middleware context handler logic to service (#29605 ) * middleware: Move context handler to own service Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> Co-authored-by: Emil Tullsted <sakjur@users.noreply.github.com> Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>	5 years ago
Agnès Toulet	22788d1d86	Add an option to hide certain users in the UI (#28942 ) * Add an option to hide certain users in the UI * revert changes for admin users routes * fix sqlstore function name * Improve slice management Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com> * Hidden users: convert slice to map * filter with user logins instead of IDs * put HiddenUsers in Cfg struct * hide hidden users from dashboards/folders permissions list * Update conf/defaults.ini Co-authored-by: Torkel Ödegaard <torkel@grafana.com> * fix params order * fix tests * fix dashboard/folder update with hidden user * add team tests * add dashboard and folder permissions tests * fixes after merge * fix tests * API: add test for org users endpoints * update hidden users management for dashboard / folder permissions * improve dashboard / folder permissions tests * fixes after merge * Guardian: add hidden acl tests * API: add team members tests * fix team sql syntax for postgres * api tests update * fix linter error * fix tests errors after merge Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com> Co-authored-by: Torkel Ödegaard <torkel@grafana.com> Co-authored-by: Leonard Gram <leo@xlson.com>	5 years ago
Arve Knudsen	cb62e69997	Chore: Convert API tests to standard Go lib (#29009 ) * Chore: Convert tests to standard Go lib Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>	5 years ago
Arve Knudsen	164242f5fd	Data sources: Don't fail if URL doesn't specify protocol (#24497 )	5 years ago
Carl Bergquist	3fdd2648b1	Chore: Avoid aliasing importing models in api package (#22492 )	5 years ago
Marcus Efraimsson	d0a80c59f3	Rendering: Store render key in remote cache (#22031 ) By storing render key in remote cache it will enable image renderer to use public facing url or load balancer url to render images and thereby remove the requirement of image renderer having to use the url of the originating Grafana instance when running HA setup (multiple Grafana instances). Fixes #17704 Ref grafana/grafana-image-renderer#91	5 years ago
Sofia Papagiannaki	78ca55f3d7	Fix: Break redirect loop if oauth_auto_login = true and OAuth login fails (#17974 ) * Add tests for login view * Fix OAuth auto login redirect loop login_error cookie is only set when the OAuth login fails for some reason. Therefore, the login view should return immediately if a login_error cookie exists before trying to login the user using OAuth again. * Fix test Use 'index-template' instead of 'index' for testing * Add some comments	6 years ago
Oleg Gaidarenko	67cbc7d4cf	Chore: use remote cache instead of session storage (#16114 ) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161	6 years ago
Marcus Efraimsson	0cd5a6772d	feat(api): support list/revoke auth token in admin/current user api	6 years ago
Marcus Efraimsson	1d1b617cee	remove unused code	6 years ago
Marcus Efraimsson	d53e64a32c	move auth token middleware/hooks to middleware package fix/adds auth token middleware tests	6 years ago
bergquist	88ca54eba9	renames signout function	6 years ago
bergquist	43ac79685a	delete auth token on signout	6 years ago
bergquist	5998646da5	restrict session usage to auth_proxy	7 years ago
Marcus Efraimsson	59d0c19ba8	passing middleware tests	7 years ago
Marcus Efraimsson	81879f0162	fix broken code	7 years ago
Leonard Gram	5e08bf5130	test: fixed usage of wrap in tests.	7 years ago
Dan Cech	417db13efb	Fix dashboard snapshot deletion (#12025 ) * fix issue deleting dashboard snapshots by deleteKey, add dedicated endopoint for authenticated requests, update frontend, tests & docs.	7 years ago
Daniel Lee	3ca1e06509	session: fork Macaron mysql session middleware This changes forks the mysql part of the Macaron session middleware. In the forked mysql file: - takes in a config setting for SetConnMaxLifetime (this solves wait_timeout problem if it is set to a shorter interval than wait_timeout) - removes the panic when an error is returned in the Exist function. - retries the exist query once - retries the GC query once	7 years ago
Dan Cech	c0ecdee375	rename Context to ReqContext	7 years ago
Dan Cech	338655dd37	move Context and session out of middleware	7 years ago
Daniel Lee	a00a42d9ee	api: extract api test code to common_test.go	8 years ago
Daniel Lee	fa18b0053d	WIP: delete permission in API	8 years ago
Daniel Lee	f1e1da39e3	WIP: get Dashboard Permissions The guardian class checks if the user is allowed to get the permissions for a dashboard.	8 years ago
Daniel Lee	193d468ed3	admin: adds paging to global user list Currently there is a limit of 1000 users in the global user list. This change introduces paging so that an admin can see all users and not just the first 1000. Adds a new route to the api - /api/users/search that returns a list of users and a total count. It takes two parameters perpage and page that enable paging. Fixes #7469	8 years ago
Daniel Lee	1294b203e6	admin: adds paging to global user list Currently there is a limit of 1000 users in the global user list. This change introduces paging so that an admin can see all users and not just the first 1000. Adds a new route to the api - /api/users/search that returns a list of users and a total count. It takes two parameters perpage and page that enable paging. Fixes #7469	8 years ago
Daniel Lee	fbc3c3dd32	api: removes import alias + some unused fields	9 years ago
Daniel Lee	cbd1455c42	fix(api): case insensitive sort for datasources The data source list is case sensitive when sorted. This changes the sort to be case insensitive. The test only tests the handler, not the routing or database query.	9 years ago

39 Commits (35432b1183fcf1f435e33b7121e286e5726a2c4c)