grafana

Commit Graph

Author	SHA1	Message	Date
Karl Persson	062c5b805c	Auth: Merge ActiveAuthTokenService into UserAuthTokenService (#59032 ) * Auth: Merge UserTokenService and ActiveAuthTokenService * Auth: Rename function	3 years ago
Karl Persson	fef1e1d5bc	Auth: Refactor auth package (#58920 ) * Auth: move interface to its own file * Auth: move to test package * Auth: move quota consts to auth file * Auth: move service to impl package * Auth: move interfaces and related models to auth package * Auth: Create sub package and type alias to avoid circular dependency	3 years ago
Sofia Papagiannaki	ab36252c86	Quota: Fix failure when checking session limits (#58865 )	3 years ago
João Calisto	f254a37d35	Middleware: Add CSP Report Only support (#58074 ) * Middleware: Add CSP Report Only support * Update docs/sources/setup-grafana/configure-grafana/_index.md Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com> * Update docs/sources/setup-grafana/configure-grafana/_index.md Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com> * Update csp documentation wording * Update conf/sample.ini Co-authored-by: Dave Henderson <dave.henderson@grafana.com> * Update docs/sources/setup-grafana/configure-grafana/_index.md Co-authored-by: Dave Henderson <dave.henderson@grafana.com> * Update docs/sources/setup-grafana/configure-grafana/_index.md Co-authored-by: Dave Henderson <dave.henderson@grafana.com> * Update docs/sources/setup-grafana/configure-grafana/_index.md Co-authored-by: Dave Henderson <dave.henderson@grafana.com> * Update pkg/middleware/csp.go Co-authored-by: Dave Henderson <dave.henderson@grafana.com> Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com> Co-authored-by: Dave Henderson <dave.henderson@grafana.com>	3 years ago
Sofia Papagiannaki	9855e74b92	Chore: Refactor quota service (#58643 ) Chore: Refactor quota service (#57586) * Chore: refactore quota service * Apply suggestions from code review	3 years ago
Misi	4915d21c25	OAuth: Feature toggle for access token expiration check and docs (#58179 ) * Add feature toggle for access token expiration check * Add docs for configuring refresh tokens * Update docs * Update docs based on review Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com> * Improve documentation * Change access_type default to Offline * Update docs/sources/setup-grafana/configure-security/configure-authentication/gitlab/index.md Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com> * Update docs/sources/setup-grafana/configure-security/configure-authentication/google/index.md Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com> * Update pkg/services/featuremgmt/registry.go Co-authored-by: Eric Leijonmarck <eric.leijonmarck@gmail.com> * Regenerate toggles * Update Generic OAuth docs Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com> Co-authored-by: Eric Leijonmarck <eric.leijonmarck@gmail.com>	3 years ago
Sofia Papagiannaki	96cdf77995	Revert "Chore: Refactor quota service (#57586 )" (#58394 ) This reverts commit `326ea86a57`.	3 years ago
Sofia Papagiannaki	326ea86a57	Chore: Refactor quota service (#57586 ) * Chore: refactore quota service * Apply suggestions from code review	3 years ago
Kristina	5d7d54d076	Auth: Write the redirect cookie if denied - do not write a blank redirect (#57381 ) * Write the redirect cookie if denied - do not write a blank redirect * Remove redundant code, reverse polarity	3 years ago
Marcus Efraimsson	6f8fcae01b	[main] Plugin fixes (#57399 ) * Plugins: Remove support for V1 manifests * Plugins: Make proxy endpoints not leak sensitive HTTP headers * Security: Fix do not forward login cookie in outgoing requests (cherry picked from commit `4539c33fce`) Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>	3 years ago
Kristin Laemmert	05709ce411	chore: remove sqlstore & mockstore dependencies from (most) packages (#57087 ) * chore: add alias for InitTestDB and Session Adds an alias for the sqlstore InitTestDB and Session, and updates tests using these to reduce dependencies on the sqlstore.Store. * next pass of removing sqlstore imports * last little bit * remove mockstore where possible	3 years ago
Misi	9c954d06ab	Auth: Refresh OAuth access_token automatically using the refresh_token (#56076 ) * Verify OAuth token expiration for oauth users in the ctx handler middleware * Use refresh token to get a new access token * Refactor oauth_token.go * Add tests for the middleware changes * Align other tests * Add tests, wip * Add more tests * Add InvalidateOAuthTokens method * Fix ExpiryDate update to default * Invalidate OAuth tokens during logout * Improve logout * Add more comments * Cleanup * Fix import order * Add error to HasOAuthEntry return values * add dev debug logs * Fix tests Co-authored-by: jguer <joao.guerreiro@grafana.com>	3 years ago
Misi	1de0f4453e	Chore: Make NewCookieOptions exported in cookies.go (#56476 )	3 years ago
idafurjes	bc7a383252	Remove org methods from sqlstore interface (#56358 ) * Remove org methods from sqlstore interface * Remove some mocks * Fix some tests	3 years ago
Kat Yang	7715672fb3	Chore: use org service methods (#55768 ) * Chore: use org service methods * fix tests * fix errors * adjust func signatures for getbyname * 💩 * Use the same fake service to get the user in AC and in HS * Fix middleware test * Fix more middleware test * Fix api tests Co-authored-by: gamab <gabi.mabs@gmail.com> Co-authored-by: Ida Furjesova <ida.furjesova@grafana.com>	3 years ago
Torkel Ödegaard	e31cb93ec0	NavTree: Make it possible to configure where in nav tree plugins live (#55484 ) * NewIA: Plugin nav config * progress * Progress * Things are working * Add monitoring node * Add alerts and incidents * added experiment with standalone page * Refactoring by adding a type for navtree root * First test working * More tests * more tests * Progress on richer config and sorting * Sort weight working * Path config * Improving logic for not including admin or cfg nodes, making it the last step so that enterprise can add admin nodes without having to worry about the section not existing * fixed index routes * removed file * Fixes * Fixing tests * Fixing more tests and adding support for weight config * Updates * Remove unused fake * More fixes * Minor tweak * Minor fix * Can now control position using sortweight even when existing items have no sortweight * Added tests for frontend standalone page logic * more tests * Remove unused fake and fixed lint issue * Moving reading settings to navtree impl package * remove nav_id setting prefix * Remove old test file * Fix trailing newline * Fixed bug with adding nil node * fixing lint issue * remove some code we have to rethink * move read settings to PrivideService and switch to util.SplitString	3 years ago
Kristin Laemmert	701f6d5436	UserService: use the UserService instead of calling sqlstore directly (#55745 ) * UserService: update callers to use the UserService instead of calling sqlstore directly There is one major change hiding in this PR. UserService.Delete originally called a number of services to delete user-related records. I moved everything except the actual call to the user table, and moved those into the API. This was done to avoid dependencies cycles; many of our services depend on the user service, so the user service itself should have as few dependencies as possible.	3 years ago
Torkel Ödegaard	09f4068849	NavTree: Refactor out the navtree building from api/index.go and into it's own service (#55552 )	3 years ago
Sofia Papagiannaki	55ef34bee4	Instrumentation: Add api/health to the unnamed handlers (#55478 )	3 years ago
Serge Zaitsev	305d494902	Chore: Switch over to team.Service instead of sqlstore (#55497 ) * switch to using team service * trying to fix tests * more tests to fix * add missing teamtest package	3 years ago
Marcus Efraimsson	862a6a2fa6	Logging: Introduce API for contextual logging (#55198 ) Introduces a FromContext method on the log.Logger interface that allows contextual key/value pairs to be attached, e.g. per request, so that any logger using this API will automatically get the per request context attached. The proposal makes the traceID available for contextual logger , if available, and would allow logs originating from a certain HTTP request to be correlated with traceID. In addition, when tracing not enabled, skip adding traceID=00000000000000000000000000000000 to logs.	3 years ago
Domas	b5c67fe0dd	Frontend logging: handle logging endpoints without expensive middleware (#54960 )	3 years ago
Nicholas Wiersma	faf8eb3afb	JWT: Allow conventional bearer token in Authorization header (#54821 ) * fix: allow JWT to accept standard bearer token * fix: linter issues * fix: linter gosec false positive * fix: refactor logic into JWT handler * fix: move bearer trimming earlier	3 years ago
Nicholas Wiersma	9e704fec3c	JWT: Add support for assigning org roles (#54277 ) * feat: allow jwt role to be set * chore: update documentation * fix: cr suggestions * fix: lint issues * respect org auto assign and default org ID * add server admin to devenv Co-authored-by: jguer <joao.guerreiro@grafana.com>	3 years ago
Carl Bergquist	78978048c3	Instrumentation: log the total number of db queries per request (#54647 ) Signed-off-by: bergquist <carl.bergquist@gmail.com> Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com> Co-authored-by: Dave Henderson <dave.henderson@grafana.com>	3 years ago
Serge Zaitsev	927ddf9376	Chore: Move login attempt methods to separate service (#54479 ) * Chore: Move login attempt methods to separate service * attempt to fix tests * fix syntax * better time mocking * initialise now func	3 years ago
Carl Bergquist	ab59f3cb1a	metrics: add operation name used in metrics/tracing for middlewares (#53949 ) Signed-off-by: bergquist <carl.bergquist@gmail.com>	3 years ago
idafurjes	fa2e74cd6e	Chore: Remove GetSignedInUserWithCacheCtx from store interface (#53734 ) * Remove delete suer from store interface * Remove get signed in user with cache ctx from store interface * Support options when setting up access control tests * Fix broken tests * Fix lint * Add user fake to middleware * Fix middleware tests, remove usertest being initialised twice Co-authored-by: Karl Persson <kalle.persson@grafana.com>	3 years ago
zhichli	806fb8ab7a	Tracing: Fix OpenTelemetry Jaeger context propagation (#53269 ) * fix otel jaeger context propagation * add back launch.json * add back launch.json	3 years ago
idafurjes	a14621fff6	Chore: Add user service method SetUsingOrg and GetSignedInUserWithCacheCtx (#53343 ) * Chore: Add user service method SetUsingOrg * Chore: Add user service method GetSignedInUserWithCacheCtx * Use method GetSignedInUserWithCacheCtx from user service * Fix lint after rebase * Fix lint * Fix lint error * roll back some changes * Roll back changes in api and middleware * Add xorm tags to SignedInUser ID fields	3 years ago
Jo	062d255124	Handle ioutil deprecations (#53526 ) * replace ioutil.ReadFile -> os.ReadFile * replace ioutil.ReadAll -> io.ReadAll * replace ioutil.TempFile -> os.CreateTemp * replace ioutil.NopCloser -> io.NopCloser * replace ioutil.WriteFile -> os.WriteFile * replace ioutil.TempDir -> os.MkdirTemp * replace ioutil.Discard -> io.Discard	3 years ago
idafurjes	6afad51761	Move SignedInUser to user service and RoleType and Roles to org (#53445 ) * Move SignedInUser to user service and RoleType and Roles to org * Use go naming convention for roles * Fix some imports and leftovers * Fix ldap debug test * Fix lint * Fix lint 2 * Fix lint 3 * Fix type and not needed conversion * Clean up messages in api tests * Clean up api tests 2	3 years ago
sh0rez	534ece064b	pkg/web: closure-style middlewares (#51238 ) * pkg/web: closure-style middlewares Switches the middleware execution model from web.Handlers in a slice to web.Middleware. Middlewares are temporarily kept in a slice to preserve ordering, but prior to execution they are applied, forming a giant call-stack, giving granular control over the execution flow. * pkg/middleware: adapt to web.Middleware * pkg/middleware/recovery: use c.Req over req c.Req gets updated by future handlers, while req stays static. The current recovery implementation needs this newer information * pkg/web: correct middleware ordering * pkg/webtest: adapt middleware * pkg/web/hack: set w and r onto web.Context By adopting std middlewares, it may happen they invoke next(w,r) without putting their modified w,r into the web.Context, leading old-style handlers to operate on outdated fields. pkg/web now takes care of this * pkg/middleware: selectively use future context * pkg/web: accept closure-style on Use() * webtest: Middleware testing adds a utility function to web/webtest to obtain a http.ResponseWriter, http.Request and http.Handler the same as a middleware that runs would receive * : cleanup pkg/web: don't wrap Middleware from Router * pkg/web: require chain to write response * : remove temp files webtest: don't require chain write * *: cleanup	3 years ago
idafurjes	0c5b71694f	Chore: Add user service method UpdateLastSeenAt (#53309 ) * Chore: Add user service method UpdateLastSeenAt * Fix lint	3 years ago
Serge Zaitsev	191ab3bb01	Chore: Move api key models into apikey service package (#53241 ) * Chore: move api key models into apikey service package * force table name for api key	3 years ago
idafurjes	1ecbe22751	Chore: Add user service method GetByLogin (#53204 ) * Add wrapper around sqlstore method GetUserByLogin * Use new method from user service * Fix lint * Fix lint 2 * fix middleware basic auth test * Fix grafana login returning a user by login * Remove GetUserByLogin from store interface * Merge commit	3 years ago
Serge Zaitsev	64488f6b90	Chore: split APIKey store (#52781 ) * move apikey store into a separate service * add apikey service to wire graph * fix linter * switch api to use apikey service * fix provideservice in tests * add apikey service test double * try different sql syntax * rolling back the dialect * trigger drone * trigger drone	3 years ago
Jo	c2d3c90bc8	Auth: Implement Token URL JWT Auth (#52662 ) * Auth: check of auth_token in url and resolve user if present * check if auth_token is passed in url * Auth: Pass auth_token for request if present in path * no need to decode token in index * temp * use loadURLToken and set authorization header * cache token in memory and strip it from url * Use loadURLToken * Keep token in url * strip sensitive query strings from url used by context logger * adapt login by url to jwt token * add jwt iframe devenv * add jwt iframe devenv instructions * add access note * add test for cleaning request * ensure jwt token is not carried into handlers * do not reshuffle queries, might be important * add correct db dump location * prefer set token instead of cached token Co-authored-by: Ieva <ieva.vasiljeva@grafana.com> Co-authored-by: Karl Persson <kalle.persson@grafana.com> Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>	3 years ago
Carl Bergquist	732cc99480	instrumentation: add buckets to catch very slow requests (#51492 ) Signed-off-by: bergquist <carl.bergquist@gmail.com>	3 years ago
idafurjes	d3d8fdd878	Chore: Move user errors to user service (#52460 ) * Move user not found err to user service * User ErrCaseInsensitive from user pkg * User ErrUserAlreadyExists from user pkg * User ErrLastGrafanaAdmin from user pkg * Remove errors from model	3 years ago
idafurjes	17ec9cac83	Add delete user from other services/stores (#51912 ) * Remove user from preferences, stars, orguser, team member * Fix lint * Add Delete user from org and dashboard acl * Delete user from user auth * Add DeleteUser to quota * Add test files and adjust user auth store * Rename package in wire for user auth * Import Quota Service interface in other services * do the same in tests * fix lint tests * Fix tests * Add some tests * Rename InsertUser and DeleteUser to InsertOrgUser and DeleteOrgUser * Rename DeleteUser to DeleteByUser in quota * changing a method name in few additional places * Fix in other places * Fix lint * Fix tests * Rename DeleteOrgUser to DeleteUserFromAll * Update pkg/services/org/orgimpl/org_test.go Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com> * Update pkg/services/preference/prefimpl/inmemory_test.go Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com> * Rename Acl to ACL * Fix wire after merge with main * Move test to uni test Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com>	3 years ago
Emil Tullstedt	06bd8b8e7a	CSRF: Fix additional headers option (#50629 ) * CSRF: Fix additional headers option * fix: type assertion on error fail on wrapped error * Update pkg/middleware/csrf/csrf_test.go Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com> * update test Co-authored-by: eleijonmarck <eric.leijonmarck@gmail.com>	3 years ago
Jeff Levin	eacee08135	public dashboards: move into into its own service (#51358 ) This PR moves public dashboards into its own self contained service including API, Service, Database, and Models. Routes are mounted on the Grafana HTTPServer by the API service at injection time with wire.go. The main route that loads the frontend for public dashboards is still handled by the API package. Co-authored-by: Jesse Weaver <jesse.weaver@grafana.com> Co-authored-by: Owen Smallwood <owen.smallwood@grafana.com>	3 years ago
Ieva	75873d05d7	Access Control: Allow dashboard admins to query org users (#51652 ) * allow dashboard admins to query org users * rename one more variable	3 years ago
idafurjes	6c43eb0b4d	Split Create User (#50502 ) * Split Create User * Use new create user and User from package user * Add service to wire * Making create user work * Replace user from user pkg * One more * Move Insert to orguser Service/Store * Remove unnecessary conversion * Cleaunp * Fix Get User and add fakes * Fixing get org id for user logic, adding fakes and other adjustments * Add some tests for ourguser service and store * Fix insert org logic * Add comment about deprecation * Fix after merge with main * Move orguser service/store to org service/store * Remove orguser from wire * Unimplement new Create user and use User from pkg user * Fix wire generation * Fix lint * Fix lint - use only User and CrateUserCommand from user pkg * Remove User and CreateUserCommand from models * Fix lint 2	3 years ago
Serge Zaitsev	ae9491c3a7	Chore: Make test tracer noop and return no errors (#50797 )	3 years ago
Carl Bergquist	b8b6d0e1a1	Instrumentation: Define handlers for requests that are not handled with named handlers (#50613 ) Signed-off-by: bergquist <carl.bergquist@gmail.com> Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com> Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>	3 years ago
Carl Bergquist	2d6e69226b	Instrumentation: Add feature toggle for logging requests instrumented as unknown (#50566 ) Signed-off-by: bergquist <carl.bergquist@gmail.com>	3 years ago
owensmallwood	cfdea1ee30	PublicDashboards: Frontend routing for public dashboards (#48834 ) * add isPublic to dashboard * refactor routes to use route group and add placeholder method for sharing apii * add sharing pane and utils for public dashboard config to sharing modal * Sharing modal now persists data through the api * moves ShareDashboard endpoint to new file and starts adding tests * generates mocks. Adds tests for public dashboard feature flag * Adds ability to pass in array of features to enable for the test * test to update public flag on dashboard WIP * Adds mock for SaveDashboardSharingConfig * Fixes tests. Had to use FakeDashboardService * Adds React tests for public dashboards toggle * removes semicolons * refactors SharePublic component to use hooks * rename from `share publicly` to `public dashboard config` * checkpoint. debugging tests. need to verify name changes * checkpoint. test bugs fixed. need to finish returning proper response codes * finish renaming. fix test * Update pkg/api/api.go Co-authored-by: Torkel Ödegaard <torkel@grafana.com> * update backend url * rename internal objects and commands. fix configuration modal labels * add endpoint for retrieving public dashboard configuration and populate the frontend state from it * add test for dashboardCanBePublic * adds backend routes * copy DashboardPage component into component for public dashboards. WIP * adds react routes, and doesnt render main nav bar when viewing a public route * removes extra react route from testing * updates component name * Wrap the original dashboard component so we can pass props relevant to public dashboards, turn kiosk mode on/off, etc * Wraps DashboardPage in PublicDashboardPage component. DashboardPage gets rendered in kiosk mode when public prop is passed. * removes commented out code from exploratory work * Makes public dashboard routes require no auth * extracts helper to own util file to check if were viewing a public page * Hides panel dropdown when its being viewed publicly * formatting * use function from utils file for determining if publicly viewed. If public, hides app notifications, searchwrapper, and commandpalette. * adds unit tests for util function used to see if page is being viewed publicly * cant added annotations to panel when being publicly viewed * removes useless comment * hides backend and frontend pubdash routes behind feature flag * consider feature flag when checking url path to see if on public dashboard * renames function * still render app notifications when in public view * Extract pubdash route logic into own file * fixes failing tests * Determines path using location locationUtils. This covers the case when grafana is being hosted on a subpath. Updates tests. * renames pubdash web route to be more understandable * rename route * fixes failing test * fixes failing test. Needed to update pubdash urls * sets flag on grafana boot config for if viewing public dashboard. Removes hacky check that looks at the url * fixes failing tests. Uses config to determine if viewing public dashboard * renders the blue panel timeInfo on public dashboard panel * Extracts conditional logic for rendering components out into their own functions * removes publicDashboardView check, and uses dashboard meta instead * the timeInfo is always displayed on the panel * After fetch of public dashboard dto, the meta isPublic flag gets set and used to determine if viewing public dashboard for child components. Fixes tests for PanelHeader. * Fixes failing test. Needed to add isPublic flag to dashboard meta. Co-authored-by: Jeff Levin <jeff@levinology.com> Co-authored-by: Torkel Ödegaard <torkel@grafana.com>	3 years ago
Emil Tullstedt	3e81fa0716	API: Migrate CSRF to service and support additional options (#48120 ) * API: Migrate CSRF to service and support additional options * minor * public Csrf service to use in tests * WIP * remove fmt * comment * WIP * remove fmt prints * todo add prefix slash * remove fmt prints * linting fix * remove trimPrefix Co-authored-by: Eric Leijonmarck <eric.leijonmarck@gmail.com> Co-authored-by: IevaVasiljeva <ieva.vasiljeva@grafana.com>	3 years ago

1 2 3 4 5 ...

445 Commits (b3b7cba0fe04317eb68e60884de7a03baf0113a4)