grafana

Commit Graph

Author	SHA1	Message	Date
Marcus Efraimsson	1c1427520d	Security: Add new setting allow_embedding (#16853 ) When allow_embedding is false (default) the Grafana backend will set the http header `X-Frame-Options: deny` in all responses to non-static content which will instruct browser to not allow Grafana to be embedded in `<frame>`, `<iframe>`, `<embed>` or `<object>`. Closes #14189	6 years ago
Marcus Efraimsson	f778c1d971	Security: Responses from backend should not be cached (#16848 ) Currently all API requests set Cache-control: no-cache to avoid browsers caching sensitive data. This fixes so that all responses returned from backend not are cached using http headers. The exception is the data proxy where we don't add these http headers in case datasource backend needs to control whether data can be cached or not. Fixes #16845	6 years ago
Carl Bergquist	9660356638	Auth: Enable retries and transaction for some db calls for auth tokens (#16785 ) the WithSession wrapper handles retries and connection management so the caller dont have to worry about it.	6 years ago
Oleg Gaidarenko	db584b3d28	Chore: remove session storage references (#16445 ) * Chore: remove session storage references * Small refactoring of the settings module * Update docs - remove references for the session storage * Update config files (sample and default configs) * Add tests for warning during the config load on defined storage cache * Remove all references to session storage * Remove macaron session dependency * Remove leftovers * Fix: address review comments * Fix: remove old deps * Fix: add skipStaticRootValidation = true to tests * Fix: improve the docs and warning message As per discussion in here - https://github.com/grafana/grafana/pull/16445/files#r273026255 * Chore: make linter happy Fixes #16148 Ref #16114	6 years ago
Oleg Gaidarenko	318182ccc9	Chore: refactor auth proxy (#16504 ) * Chore: refactor auth proxy Introduced the helper struct for auth_proxy middleware. Added couple unit-tests, but it seems "integration" tests already cover most of the code paths. Although it might be good idea to test every bit of it, hm. Haven't refactored the extraction of the header logic that much Fixes #16147 * Fix: make linters happy	6 years ago
Oleg Gaidarenko	67cbc7d4cf	Chore: use remote cache instead of session storage (#16114 ) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161	6 years ago
Marcus Efraimsson	8029e48588	support get user tokens/revoke all user tokens in UserTokenService	6 years ago
bergquist	e163aadfe4	use authtoken for session quota restrictions closes #15360	6 years ago
Marcus Efraimsson	836501186f	fix	6 years ago
Marcus Efraimsson	8678620730	move UserToken and UserTokenService to models package	6 years ago
Marcus Efraimsson	a60124a88c	change UserToken from interface to struct	6 years ago
Marcus Efraimsson	871c84d195	changes needed for api/middleware due to configuration settings	6 years ago
Marcus Efraimsson	d53e64a32c	move auth token middleware/hooks to middleware package fix/adds auth token middleware tests	6 years ago
bergquist	88ca54eba9	renames signout function	6 years ago
bergquist	43ac79685a	delete auth token on signout	6 years ago
bergquist	5998646da5	restrict session usage to auth_proxy	6 years ago
Marcus Efraimsson	59d0c19ba8	passing middleware tests	6 years ago
Marcus Efraimsson	81879f0162	fix broken code	6 years ago
Jacob Richard	34d3086ec8	Adding tests for auth proxy CIDR support	7 years ago
Torkel Ödegaard	b415d82611	fixed to template PR issues, #13938	7 years ago
Mario Trangoni	dde650905d	Fix megacheck issue unused code. I removed some code, and commented out other one. See, $ gometalinter --vendor --disable-all --disable=gotype --enable=megacheck --deadline 6m ./... \| grep unused pkg/api/avatar/avatar.go💯26⚠️ func (CacheServer).mustInt is unused (U1000) (megacheck) pkg/api/folder_test.go:136:6⚠️ func callGetFolderByUID is unused (U1000) (megacheck) pkg/api/folder_test.go:141:6⚠️ func callDeleteFolder is unused (U1000) (megacheck) pkg/api/live/hub.go:40:15⚠️ func (hub).removeConnection is unused (U1000) (megacheck) pkg/components/imguploader/azureblobuploader.go:130:5⚠️ var client is unused (U1000) (megacheck) pkg/middleware/middleware_test.go:438:28⚠️ func (scenarioContext).withInvalidApiKey is unused (U1000) (megacheck) pkg/services/alerting/ticker.go:40:18⚠️ func (Ticker).updateOffset is unused (U1000) (megacheck) pkg/services/notifications/notifications_test.go:12:6⚠️ type testTriggeredAlert is unused (U1000) (megacheck) pkg/services/sqlstore/dashboard_service_integration_test.go:935:6⚠️ type scenarioContext is unused (U1000) (megacheck) pkg/services/sqlstore/dashboard_service_integration_test.go:939:6⚠️ type scenarioFunc is unused (U1000) (megacheck) pkg/services/sqlstore/dashboard_service_integration_test.go:941:6⚠️ func dashboardGuardianScenario is unused (U1000) (megacheck) pkg/services/sqlstore/transactions_test.go:13:6⚠️ type testQuery is unused (U1000) (megacheck)	7 years ago
Marcus Efraimsson	8af5da7383	Revert "auth proxy: use real ip when validating white listed ip's"	7 years ago
Dan Cech	3056d9a80e	support passing api token in Basic auth password (#12416 )	7 years ago
Marcus Efraimsson	b418e14bd9	make sure to use real ip when validating white listed ip's	7 years ago
Karsten Weiss	de8696d5d3	Outdent code after if block that ends with return (golint) This commit fixes the following golint warnings: pkg/bus/bus.go:64:9: if block ends with a return statement, so drop this else and outdent its block pkg/bus/bus.go:84:9: if block ends with a return statement, so drop this else and outdent its block pkg/components/dynmap/dynmap.go:137:10: if block ends with a return statement, so drop this else and outdent its block pkg/components/dynmap/dynmap.go:177:9: if block ends with a return statement, so drop this else and outdent its block pkg/components/dynmap/dynmap.go:183:10: if block ends with a return statement, so drop this else and outdent its block pkg/components/dynmap/dynmap.go:199:9: if block ends with a return statement, so drop this else and outdent its block pkg/components/dynmap/dynmap.go:208:9: if block ends with a return statement, so drop this else and outdent its block (move short variable declaration to its own line if necessary) pkg/components/dynmap/dynmap.go:236:9: if block ends with a return statement, so drop this else and outdent its block pkg/components/dynmap/dynmap.go:242:10: if block ends with a return statement, so drop this else and outdent its block pkg/components/dynmap/dynmap.go:257:9: if block ends with a return statement, so drop this else and outdent its block pkg/components/dynmap/dynmap.go:263:10: if block ends with a return statement, so drop this else and outdent its block pkg/components/dynmap/dynmap.go:278:9: if block ends with a return statement, so drop this else and outdent its block pkg/components/dynmap/dynmap.go:284:10: if block ends with a return statement, so drop this else and outdent its block pkg/components/dynmap/dynmap.go:299:9: if block ends with a return statement, so drop this else and outdent its block pkg/components/dynmap/dynmap.go:331:9: if block ends with a return statement, so drop this else and outdent its block pkg/components/dynmap/dynmap.go:350:9: if block ends with a return statement, so drop this else and outdent its block pkg/components/dynmap/dynmap.go:356:10: if block ends with a return statement, so drop this else and outdent its block pkg/components/dynmap/dynmap.go:366:12: if block ends with a return statement, so drop this else and outdent its block pkg/components/dynmap/dynmap.go:390:9: if block ends with a return statement, so drop this else and outdent its block pkg/components/dynmap/dynmap.go:396:10: if block ends with a return statement, so drop this else and outdent its block pkg/components/dynmap/dynmap.go:405:12: if block ends with a return statement, so drop this else and outdent its block pkg/components/dynmap/dynmap.go:427:9: if block ends with a return statement, so drop this else and outdent its block pkg/components/dynmap/dynmap.go:433:10: if block ends with a return statement, so drop this else and outdent its block pkg/components/dynmap/dynmap.go:442:12: if block ends with a return statement, so drop this else and outdent its block pkg/components/dynmap/dynmap.go:459:9: if block ends with a return statement, so drop this else and outdent its block pkg/components/dynmap/dynmap.go:465:10: if block ends with a return statement, so drop this else and outdent its block pkg/components/dynmap/dynmap.go:474:12: if block ends with a return statement, so drop this else and outdent its block pkg/components/dynmap/dynmap.go:491:9: if block ends with a return statement, so drop this else and outdent its block pkg/components/dynmap/dynmap.go:497:10: if block ends with a return statement, so drop this else and outdent its block pkg/components/dynmap/dynmap.go:506:12: if block ends with a return statement, so drop this else and outdent its block pkg/components/dynmap/dynmap.go:523:9: if block ends with a return statement, so drop this else and outdent its block pkg/components/dynmap/dynmap.go:529:10: if block ends with a return statement, so drop this else and outdent its block pkg/components/dynmap/dynmap.go:538:12: if block ends with a return statement, so drop this else and outdent its block pkg/components/dynmap/dynmap.go:555:9: if block ends with a return statement, so drop this else and outdent its block pkg/components/dynmap/dynmap.go:561:10: if block ends with a return statement, so drop this else and outdent its block pkg/components/dynmap/dynmap.go:570:12: if block ends with a return statement, so drop this else and outdent its block pkg/login/ldap.go:55:11: if block ends with a return statement, so drop this else and outdent its block (move short variable declaration to its own line if necessary) pkg/login/ldap_test.go:372:10: if block ends with a return statement, so drop this else and outdent its block pkg/middleware/middleware_test.go:213:12: if block ends with a return statement, so drop this else and outdent its block pkg/plugins/dashboard_importer.go:153:11: if block ends with a return statement, so drop this else and outdent its block (move short variable declaration to its own line if necessary) pkg/plugins/dashboards_updater.go:39:9: if block ends with a return statement, so drop this else and outdent its block (move short variable declaration to its own line if necessary) pkg/plugins/dashboards_updater.go:121:10: if block ends with a return statement, so drop this else and outdent its block (move short variable declaration to its own line if necessary) pkg/plugins/plugins.go:210:9: if block ends with a return statement, so drop this else and outdent its block (move short variable declaration to its own line if necessary) pkg/plugins/plugins.go:235:9: if block ends with a return statement, so drop this else and outdent its block (move short variable declaration to its own line if necessary) pkg/services/alerting/eval_context.go:111:9: if block ends with a return statement, so drop this else and outdent its block (move short variable declaration to its own line if necessary) pkg/services/alerting/notifier.go:92:9: if block ends with a return statement, so drop this else and outdent its block (move short variable declaration to its own line if necessary) pkg/services/alerting/notifier.go:98:9: if block ends with a return statement, so drop this else and outdent its block (move short variable declaration to its own line if necessary) pkg/services/alerting/notifier.go:122:10: if block ends with a return statement, so drop this else and outdent its block (move short variable declaration to its own line if necessary) pkg/services/alerting/rule.go:108:10: if block ends with a return statement, so drop this else and outdent its block (move short variable declaration to its own line if necessary) pkg/services/alerting/rule.go:118:10: if block ends with a return statement, so drop this else and outdent its block (move short variable declaration to its own line if necessary) pkg/services/alerting/rule.go:121:11: if block ends with a return statement, so drop this else and outdent its block (move short variable declaration to its own line if necessary) pkg/services/alerting/notifiers/telegram.go:94:10: if block ends with a return statement, so drop this else and outdent its block pkg/services/sqlstore/annotation.go:34:11: if block ends with a return statement, so drop this else and outdent its block (move short variable declaration to its own line if necessary) pkg/services/sqlstore/annotation.go:99:11: if block ends with a return statement, so drop this else and outdent its block (move short variable declaration to its own line if necessary) pkg/services/sqlstore/dashboard_test.go:107:13: if block ends with a return statement, so drop this else and outdent its block pkg/services/sqlstore/plugin_setting.go:78:10: if block ends with a return statement, so drop this else and outdent its block pkg/services/sqlstore/preferences.go:91:10: if block ends with a return statement, so drop this else and outdent its block pkg/services/sqlstore/user.go:50:10: if block ends with a return statement, so drop this else and outdent its block pkg/services/sqlstore/migrator/migrator.go:106:11: if block ends with a return statement, so drop this else and outdent its block (move short variable declaration to its own line if necessary) pkg/services/sqlstore/migrator/postgres_dialect.go:48:10: if block ends with a return statement, so drop this else and outdent its block pkg/tsdb/time_range.go:59:9: if block ends with a return statement, so drop this else and outdent its block (move short variable declaration to its own line if necessary) pkg/tsdb/time_range.go:67:9: if block ends with a return statement, so drop this else and outdent its block (move short variable declaration to its own line if necessary) pkg/tsdb/cloudwatch/metric_find_query.go:225:9: if block ends with a return statement, so drop this else and outdent its block pkg/util/filepath.go:68:11: if block ends with a return statement, so drop this else and outdent its block (move short variable declaration to its own line if necessary)	7 years ago
Dan Cech	52503d9cb5	refactor authproxy & ldap integration, address comments	7 years ago
Dan Cech	d837be91ec	switch to passing ReqContext as a property	7 years ago
Dan Cech	a1b1d2fe80	switch to Result	7 years ago
Dan Cech	d5dd1c9bca	update auth proxy	7 years ago
Dan Cech	1c5afa731f	shared library for managing external user accounts	7 years ago
Julian Kornberger	391868c5d6	Use net.SplitHostPort to support IPv6 - Add some tests - Make error message more helpful	7 years ago
Daniel Lee	3ca1e06509	session: fork Macaron mysql session middleware This changes forks the mysql part of the Macaron session middleware. In the forked mysql file: - takes in a config setting for SetConnMaxLifetime (this solves wait_timeout problem if it is set to a shorter interval than wait_timeout) - removes the panic when an error is returned in the Exist function. - retries the exist query once - retries the GC query once	7 years ago
Dan Cech	c0ecdee375	rename Context to ReqContext	7 years ago
Dan Cech	338655dd37	move Context and session out of middleware	7 years ago
Marcus Efraimsson	a99331cdb9	dashboards: redirect from old url used to load dashboard to new url If legacy backend routes (/dashboard/db/<slug> and /dashboard-solo/db/<slug>) are requested we try to redirect to new routes with a 301 Moved Permanently #7883	7 years ago
Daniel Lee	0d85c63fff	middleware: recovery handles panics in all handlers Also, changes the order of the middleware so that recovery is after the gzip middleware. Otherwise, a 200 OK is returned instead of a 500 error.	8 years ago
Daniel Lee	e6f9546a7c	api: add no cache headers for IE11 Adds pragma and expires headers for API calls so that IE11 does not cache GET calls. Ref #5356	8 years ago
Daniel Lee	74093c700f	api: adds no-cache header for GET requests Fixes #5356. Internet Explorer aggressively caches GET requests which means that all API calls fetching data are cached. This fix adds a Cache-Control header with the value no-cache to all GET requests to the API.	8 years ago
bergquist	5174d050f2	middlware: change org when url contains orgid closes #6948 ref #1613	8 years ago
Utkarsh Bhatnagar	bd20dc6c4c	Fixed failing tests (#6941 )	9 years ago
Seuf	ae27c17c68	Auth Proxy improvements - adds the option to use ldap groups for authorization in combination with an auth proxy - adds an option to limit where auth proxy requests come from by configure a list of ip's - fixes a security issue, session could be reused	9 years ago
bergquist	16fa631ea0	tech(tests): remove unused code that breaks gorename	9 years ago
bergquist	b17298c97c	test(alerting): remove unused code to enable gorename	9 years ago
Torkel Ödegaard	bdb67d4909	fix(build): fixed dependency and build issue	10 years ago
bergquist	4fe72ebf69	feat(macaron): upgrades macaron version	10 years ago
Torkel Ödegaard	ae0f8c77d1	Auth: You can now authenicate against api with username / password using basic auth, Closes #2218	10 years ago
Torkel Ödegaard	be589d81c7	Auth: Support for user authentication via reverse proxy header (like X-Authenticated-User, or X-WEBAUTH-USER), Closes #1921	10 years ago
Torkel Ödegaard	ba883d25fe	More middleware unit tests cover all current auth mechanisms	10 years ago
Torkel Ödegaard	f416e2d1ac	More middleware unit test, starting to look really good	10 years ago
Torkel Ödegaard	cb8110cd48	Refactoring, worked on middleware unit tests, and began thinking about api unit tests, #1921	10 years ago

1 2

51 Commits (87688930a259c305d1f28271b426d862bfd5d938)