grafana

Commit Graph

Author	SHA1	Message	Date
Mariell Hoversholm	757be6365a	CI: Bump golangci-lint to 2.0.2 (#103572 )	8 months ago
xavi	ec29f6cb60	Add OpenAPI annotations for query params of `getOrgUsersForCurrentOrg` API route (#101419 )	10 months ago
Karl Persson	be60ef0500	IDToken: cache invalidation (#100592 ) * Make org role part of id token cache key. This way we will always sign a new token when it changes * Remove calls to remove id token	10 months ago
Misi	ee0a1391df	Auth: Add OrgRole to ID token (#100383 ) * Changes for Users and ServiceAccounts * Align tests	10 months ago
xavi	345757c3ae	Auth: Fix SAML user IsExternallySynced not being set correctly (#98487 )	11 months ago
Jo	9f43724b57	AccessControl: Use UIDs for Resource permissions frontend (#95552 ) * frontend can use uids to set resource permissions * lint * add uids to folder acl * Update public/app/core/components/Select/UserPicker.tsx Co-authored-by: Ieva <ieva.vasiljeva@grafana.com> * simplify conditions --------- Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>	1 year ago
Karl Persson	d4e802dd47	Authn: Add function to resolve identity from org and namespace id (#84555 ) * Add function to get the namespaced id * Add function to resolve an identity through authn.Service from org and namespace id * Switch to resolve identity for re-authenticate in another org	2 years ago
Karl Persson	ebf455d107	RBAC: Don't refetch permissions when searching for users in authenticated org (#84546 ) Don't refetch permissions when searching for users in authenticated org	2 years ago
Alexander Zobnin	82a88cc83f	Access control: Extend GetUserPermissions() to query permissions in org (#83392 ) * Access control: Extend GetUserPermissions() to query permissions in specific org * Use db query to fetch permissions in org * refactor * refactor * use conditional join * minor refactor * Add test cases * Search permissions correctly in OSS vs Enterprise * Get permissions from memory * Refactor * remove unused func * Add tests for GetUserPermissionsInOrg * fix linter	2 years ago
김은빈	96dfb385ca	Grafana: Replace magic number with a constant variable in response status (#80132 ) * Chore: Replace response status with const var * Apply suggestions from code review Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com> * Add net/http import --------- Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>	2 years ago
Marcus Efraimsson	6768c6c059	Chore: Remove public vars in setting package (#81018 ) Removes the public variable setting.SecretKey plus some other ones. Introduces some new functions for creating setting.Cfg.	2 years ago
Misi	ce1450d4d3	Chore: Configure SkipOrgRoleSync from OAuthInfo for OAuth connectors (#79443 ) * Configure SkipOrgRoleSync from OAuthInfo * Remove skipOrgRoleSync from socialbase and connectors * Add test to socialimpl.ProvideService * Deprecate AuthSettings' fields * clean up misleading init of frontendsettings.Auth	2 years ago
Ieva	eca45f6492	Chore: remove `gcomOnlyExternalOrgRoleSync` feature toggle (#78001 ) remove gcomOnlyExternalOrgRoleSync feature toggle	2 years ago
Vardan Torosyan	d624a5d490	Chore: Replace grafana-authnz-team with identity-access-team as code owners (#77609 ) * Chore: Replace grafana-authnz-team with identity-access-team as code owner * Chore: Replace grafana-authnz-team with identity-access-team as code owner * Fix the failing test	2 years ago
Gabriel MABILLE	96cbe70b14	User: Support `sort` query param for user and org user, search endpoints (#75229 ) * User: Add sort option to user search * Switch to an approach that uses the dashboard search options * Cable user sort on the org endpoint * Alias user table with u in org store * Add test and cover orgs/:orgID/users/search endpoint * Add test to userimpl store * Simplify the store_test with sortopts.ParseSortQueryParam * Account for PR feedback * Positive check * Update docs * Update docs * Switch to ErrOrFallback Co-authored-by: Karl Persson <kalle.persson@grafana.com> --------- Co-authored-by: Karl Persson <kalle.persson@grafana.com>	2 years ago
Jo	5eed495cce	Chore: Port user services to identity.Requester (#73851 ) * port api key api to signedinuser * port users to signed in user interface * fix tests	2 years ago
Jo	26339f978b	Auth: Move access control API to SignedInUser interface (#73144 ) * move access control api to SignedInUser interface * remove unused code * add logic for reading perms from a specific org * move the specific org logic to org_user.go * add a comment --------- Co-authored-by: IevaVasiljeva <ieva.vasiljeva@grafana.com>	2 years ago
Ieva	f7c6491f73	Auth: add a feature toggle for locking user roles for users synced through GCom (#72202 ) * add a new feature toggle for locking down role sync for users managed by GCom * protect the frontend and the backend using the new feature toggle * fix merge	2 years ago
Ieva	e9ba6922c0	Auth: Lock organization roles for users who are managed through an external auth provider (#72204 ) remove onlyExternalOrgRoleSync feature flag	2 years ago
Ieva	a65cb4d808	RBAC: remove simple RBAC disabled checks (#71137 ) * remove simple RBAC disabled checks * fixing tests * remove old AC tests	2 years ago
Serge Zaitsev	46605a3791	Chore: Fix authinfo api after result field removal (#65487 ) fix authinfo api after result field removal	3 years ago
Eric Leijonmarck	3cd952b8ba	Auth: Fix orgrole picker disabled if isSynced user (#64033 ) * fix: disable orgrolepicker if externaluser is synced * add disable to role picker * just took me 2 hours to center the icon * wip * fix: check externallySyncedUser for API call * remove check from store * add: tests * refactor authproxy and made tests run * add: feature toggle * set feature toggle for tests * add: IsProviderEnabled * refactor: featuretoggle name * IsProviderEnabled tests * add specific tests for isProviderEnabled * fix: org_user tests * add: owner to featuretoggle * add missing authlabels * remove fmt * feature toggle * change config * add test for a different authmodule * test refactor * gen feature toggle again * fix basic auth user able to change the org role * test for basic auth role * make err.base to error * lowered lvl of log and input mesg	3 years ago
Jo	12d192d80e	AccessControl: Clear user permission cache for update org user role (#62745 ) * clear user permission cache for update org user role * check enabled state of ac	3 years ago
Kristin Laemmert	9256a520a4	chore: move user_auth models to (mostly) login service (#62269 ) * chore: move user_auth models to (mostly) login service	3 years ago
idafurjes	6c5a573772	Chore: Move ReqContext to contexthandler service (#62102 ) * Chore: Move ReqContext to contexthandler service * Rename package to contextmodel * Generate ngalert files * Remove unused imports	3 years ago
Sofia Papagiannaki	4b634fadcf	Chore: Fix Swagger and OpenAPI specifications (#61669 ) * Add go-swagger annotations for route * Re-generate Swagger and OpenAPI specs	3 years ago
idafurjes	7dcb502b33	Chore: Remove org model duplicates (#61025 ) Remove org model duplicates	3 years ago
Alexander Zobnin	f1b5014efd	Preferences: Add pagination to org configuration page (#60896 ) * Add auth labels and access control metadata to org users search results * Fix search result JSON model * Org users: Use API for pagination * Fix default page size * Refactor: UsersListPage to functional component * Refactor: update UsersTable component code style * Add pagination to the /orgs/{org_id}/users endpoint * Use pagination on the AdminEditOrgPage * Add /orgs/{org_id}/users/search endpoint to prevent breaking API * Use existing search store method * Remove unnecessary error * Remove unused * Add query param to search endpoint * Fix endpoint docs * Minor refactor * Fix number of pages calculation * Use SearchOrgUsers for all org users methods * Refactor: GetOrgUsers as a service method * Minor refactor: rename orgId => orgID * Fix integration tests * Fix tests	3 years ago
linoman	6cc56311d9	Auth: Display id Provider label in orgs/users view (#58033 ) * Add frontend test * Add frontend label component * Adjust backend tests * Retrieve auth IDP labels for users at org/users. Co-authored-by: Misi <mgyongyosi@users.noreply.github.com> Co-authored-by: Kalle <kalleep@users.noreply.github.com> Co-authored-by: Jo <Jguer@users.noreply.github.com>	3 years ago
idafurjes	846a4510b4	Chore: Use org service methods (#55738 ) * Chore: Use org service methods * Fix loginservice test * User Serach from org service * Fix test	3 years ago
idafurjes	178cd0a232	Use OrgUser method from org service (#55674 ) * Use OrgUser method from org service * Use GetOrgUser from org service	3 years ago
idafurjes	883c7a802b	Chore: Use AddUserOrg from org service (#55657 ) * Chore: Copy methods from sqlstore to org store * Rename method, add test * Add comments of tests * Chore: Add methods from sqlstore to org service interface * Avoiding import cycle * Add and remove some methods * User AddOrgUSer from org service in api * Fix test function calls	3 years ago
Sofia Papagiannaki	b157fcdd87	Chore: fix formating for swagger definitions (#54993 )	3 years ago
Karl Persson	55c7b8add2	RBAC: Split up service into several components (#54002 ) * RBAC: Rename interface to Store * RBAC: Move ranme scopeInjector * RBAC: Rename files to service * RBAC: Rename to service * RBAC: Split up accesscontrol into two components * RBAC: Add DeclareFixedRoles to AccessControl interface * Wire: Fix wire bindings * RBAC: Move resolvers to root * RBAC: Remove invalid test * RBAC: Inject access control service * RBAC: Implement the RoleRegistry interface in fake	3 years ago
Karl Persson	57d87389e0	RBAC: Remove user permissions in org when user is removed (#53782 ) * RBAC: Add orgID to DeleteUserPermissions * RBAC: Refactor query to delete all permissions in specified org, 0 deletes all permissions * Delete user permission in org when user is removed * Remove call to delete permissions in frontend * Remove user permissions if removed orgs is detected during oauth sync Co-authored-by: Jo <joao.guerreiro@grafana.com>	3 years ago
idafurjes	a14621fff6	Chore: Add user service method SetUsingOrg and GetSignedInUserWithCacheCtx (#53343 ) * Chore: Add user service method SetUsingOrg * Chore: Add user service method GetSignedInUserWithCacheCtx * Use method GetSignedInUserWithCacheCtx from user service * Fix lint after rebase * Fix lint * Fix lint error * roll back some changes * Roll back changes in api and middleware * Add xorm tags to SignedInUser ID fields	3 years ago
idafurjes	6afad51761	Move SignedInUser to user service and RoleType and Roles to org (#53445 ) * Move SignedInUser to user service and RoleType and Roles to org * Use go naming convention for roles * Fix some imports and leftovers * Fix ldap debug test * Fix lint * Fix lint 2 * Fix lint 3 * Fix type and not needed conversion * Clean up messages in api tests * Clean up api tests 2	3 years ago
idafurjes	1ecbe22751	Chore: Add user service method GetByLogin (#53204 ) * Add wrapper around sqlstore method GetUserByLogin * Use new method from user service * Fix lint * Fix lint 2 * fix middleware basic auth test * Fix grafana login returning a user by login * Remove GetUserByLogin from store interface * Merge commit	3 years ago
Sofia Papagiannaki	7ba076de10	Chore: Move swagger definitions to the handlers (#52643 )	3 years ago
idafurjes	6c43eb0b4d	Split Create User (#50502 ) * Split Create User * Use new create user and User from package user * Add service to wire * Making create user work * Replace user from user pkg * One more * Move Insert to orguser Service/Store * Remove unnecessary conversion * Cleaunp * Fix Get User and add fakes * Fixing get org id for user logic, adding fakes and other adjustments * Add some tests for ourguser service and store * Fix insert org logic * Add comment about deprecation * Fix after merge with main * Move orguser service/store to org service/store * Remove orguser from wire * Unimplement new Create user and use User from pkg user * Fix wire generation * Fix lint * Fix lint - use only User and CrateUserCommand from user pkg * Remove User and CreateUserCommand from models * Fix lint 2	4 years ago
Ieva	0c0cf36ab8	Access control: role checks before updates (#51449 ) * add role checks * linting	4 years ago
Karl Persson	5caf97be40	AccessControl: Replace IsEnterprise checks with license checks (#49572 )	4 years ago
ying-jeanne	7ddae870e7	fix status code 200 (#47818 )	4 years ago
Gabriel MABILLE	3440e7c8f7	AccessControl: Fix locked role picker in orgs/edit page (#46539 ) * AccessControl: Fix locked role picker in orgs/edit page * Use correct org when computing metadata	4 years ago
Karl Persson	7ab1ef8d6e	Access Control: Support other attributes than id for resource permissions (#46727 ) * Add option to set ResourceAttribute for a permissions service * Use prefix in access control sql filter to parse scopes * Use prefix in access control metadata to check access	4 years ago
Gabriel MABILLE	14bee49f9a	AccessControl: Compute metadata from context permissions (#45578 ) * AccessControl: Compute metadata from context permissions * Remove nil Co-authored-by: Jguer <joao.guerreiro@grafana.com> * Check user permissions are set Co-authored-by: Jguer <joao.guerreiro@grafana.com>	4 years ago
Gabriel MABILLE	6fbf346747	AccessControl: Add endpoint to get user permissions (#45309 ) * AccessControl: Add endpoint to get user permissions Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> Co-authored-by: Kalle Persson <kalle.persson@grafana.com> Co-authored-by: Eric Leijonmarck <eric.leijonmarck@gmail.com> Co-authored-by: Alexander Zobnin <alexanderzobnin@gmail.com> * Fix SA tests * Linter is wrong :p * Wait I was wrong * Adding the route for teams:creator too Co-authored-by: ievaVasiljeva <ieva.vasiljeva@grafana.com> Co-authored-by: Kalle Persson <kalle.persson@grafana.com> Co-authored-by: Eric Leijonmarck <eric.leijonmarck@gmail.com> Co-authored-by: Alexander Zobnin <alexanderzobnin@gmail.com>	4 years ago
ying-jeanne	7422789ec7	Remove Macaron ParamsInt64 function from code base (#43810 ) * draft commit * change all calls * Compilation errors	4 years ago
Karl Persson	f999910dc6	Access control: Add access control sql filter to org user queries (#43961 ) * Add access control SQL filter to org user queries	4 years ago
J Guerreiro	6bbf85e2e9	AccessControl: verify metadata map is not null (#43743 )	4 years ago

1 2

80 Commits (5bda17e7c1cb313eb96266f2fdda73a6b35c3977)