* Test composition simplification from last PR
* Policies use proper API model everywhere
* Expose policy provenance in API, miss some dep injection
* Complete injection
* fix args
* Tests for provenance value
* Extract test helpers so tests are very readable
* Single source adapter struct that was copied in 3 places
* Drop redundant test
* Resolve merge conflicts on changelog
(cherry picked from commit 8310789ef1)
Co-authored-by: Alexander Weaver <weaver.alex.d@gmail.com>
* Alerting: Refactor GET/POST alerting config routes to be more extensible (#47229)
* Refactor GET am config to be extensible
* Extract post config route
* Fix tests
* Remove temporary duplication
* Fix broken test due to layer shift
* Fix duplicated error message
* Properly return 400 on config rejection
* Revert weird half method extraction
* Move things to notifier package and avoid redundant interface
* Simplify documentation
* Split encryption service and depend on minimal abstractions
* Properly initialize things all the way up to the composition root
* Encryption -> Crypto
* Address misc feedback
* Missing docstring
* Few more simple polish improvements
* Unify on MultiOrgAlertmanager. Discover bug in existing test
* Fix rebase conflicts
* Misc feedback, renames, docs
* Access crypto hanging off MultiOrgAlertmanager rather than having a separate API to initialize
(cherry picked from commit 758364e78b)
* Empty commit to kick PR build
Co-authored-by: Alexander Weaver <weaver.alex.d@gmail.com>
* refactor RBAC checks
* fix a test
* another test fix
* and another
(cherry picked from commit 68ca5b2e05)
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
This commit adds a new method GetRuleGroups to RuleStore which returns the set of rule groups across all organizations.
(cherry picked from commit d66fc6ed1a)
Co-authored-by: George Robinson <george.robinson@grafana.com>
* refactor: renaming service-accounts to serviceAccounts
* refactor: renaming service-accounts to serviceAccounts in docs
* tests
(cherry picked from commit 8677552dda)
Co-authored-by: Eric Leijonmarck <eric.leijonmarck@gmail.com>
Adds tests for:
what circumstances should trigger alert migration from legacy alerting to unified alerting.
the execution of the migration itself.
Co-authored-by: gotjosh <josue.abreu@gmail.com>
Co-authored-by: Matthew Jacobson <matthew.jacobson@grafana.com>
Before this change, notifications generated by the Grafana Alertmanager
pointed to '/alerting/:ruleID/edit'. This change instead points them to
the view path '/alerting/grafana/:ruleID/view'. The view page has a
better UX, including timeseries display. It's also where many alert
state improvements will land in the next few versions of Grafana.
Fixes#45301
Signed-off-by: Joe Blubaugh <joe.blubaugh@grafana.com>
(cherry picked from commit 3d91047e6e)
Co-authored-by: Joe Blubaugh <joe.blubaugh@grafana.com>
* Update API Keys UI to adjust based on users permissions
Since API Keys support now RBAC we need to ensure that UI
is adjusted based on the user permissions.
* Applying PR suggestions
(cherry picked from commit cbd2d09d70)
Co-authored-by: Vardan Torosyan <vardants@gmail.com>
* Create fixed roles for reading API Keys and service accounts
* Handle PR comments and fix the listing of token
(cherry picked from commit 782ec05d8c)
Co-authored-by: Vardan Torosyan <vardants@gmail.com>
* WIP
* fix: bug for saving name did not remove edit
* refactor: better error msg
* Display the column Roles even when user can't see the role picker
* Remove spaces when building the search query request
* Disable Edit button and fix token addition and deletion
* Fix the error message text
Co-authored-by: Vardan Torosyan <vardants@gmail.com>
(cherry picked from commit b43e9b50b4)
Co-authored-by: Eric Leijonmarck <eric.leijonmarck@gmail.com>
* use common traceID context value for opentracing and opentelemetry
* support sampled trace IDs as well
* inject traceID into NormalResponse on errors
* Finally the test passed
* fix the test
* fix linter
* change the function parameter
Co-authored-by: Ying WANG <ying.wang@grafana.com>
(cherry picked from commit 41012af997)
Co-authored-by: Serge Zaitsev <serge.zaitsev@grafana.com>
* Alerting: unwrap upsert into insert and update function
* add changelog entry
* remove changelog entry
* rename upsertrule to updaterule
* use directly alertrule model for inserts
* add test for updating a rule with a conflicting name
(cherry picked from commit 060ccacbf9)
Co-authored-by: Jean-Philippe Quéméner <JohnnyQQQQ@users.noreply.github.com>
* add check for access to rule's data source in GET APIs
* use more general method GetAlertRules instead of GetNamespaceAlertRules.
* remove unused GetNamespaceAlertRules.
Tests:
* create a method to generate permissions for rules
* extract method to create RuleSrv
* add tests for RouteGetNamespaceRulesConfig
(cherry picked from commit af9353caec)
Co-authored-by: Yuriy Tseretyan <yuriy.tseretyan@grafana.com>
* forbid setting role higher than user's role
* change response code
* can assign API key permissions to non-admin users
* add: assign viewer role directly upon creation
* refactor: add AddSATcommand infavor of AddAPIkey
* refactor: frontend fixes for ServiceAccountToken
Co-authored-by: eleijonmarck <eric.leijonmarck@gmail.com>
(cherry picked from commit a245531f0c)
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
* Chore: remove bus from contexthandler
* remove bus from orgredirect
(cherry picked from commit 2cf88cfec8)
Co-authored-by: Serge Zaitsev <serge.zaitsev@grafana.com>
* Chore: Remove bus from alerting rule
* fix alerting tests
* fix provide service
(cherry picked from commit b31c7d3654)
Co-authored-by: Serge Zaitsev <serge.zaitsev@grafana.com>
* Chore: Remove bus from dashboards provisioning
* fix symlink test, make it run on darwin
* remove unused mock
(cherry picked from commit ad432108e6)
Co-authored-by: Serge Zaitsev <serge.zaitsev@grafana.com>
* Chore: Remove bus from contexthandler
* fix tests
* try different wire binding
* maybe remove a few more dispatches
* fix tests
(cherry picked from commit d153d896c5)
Co-authored-by: Serge Zaitsev <serge.zaitsev@grafana.com>
* move validation at the beginning of method
* remove usage of GetOrgRuleGroups because it is not necessary. All information is already available in memory.
* remove unused method
(cherry picked from commit 48519f9ebb)
Co-authored-by: Yuriy Tseretyan <yuriy.tseretyan@grafana.com>
This PR removes golang.org context imports under pkg/services/* and replaces them with the stdlib context.
Closes#44178
(cherry picked from commit bda3dd24e4)
Co-authored-by: Kristin Laemmert <mildwonkey@users.noreply.github.com>
* pass in user to attribute scope resolver
* add SQL filter to annotation listing
* check annotation FGAC permissions before exposing them for commenting
* remove the requirement to be able to list all annotations from annotation listing endpoint
* adding tests for annotation listing
* remove changes that got moved to a different PR
* unused var
* Update pkg/services/sqlstore/annotation.go
Co-authored-by: Ezequiel Victorero <evictorero@gmail.com>
* remove unneeded check
* remove unneeded check
* undo accidental change
* undo accidental change
* doc update
* move tests
* redo the approach for passing the user in for scope resolution
* accidental change
* cleanup
* error handling
Co-authored-by: Ezequiel Victorero <evictorero@gmail.com>
(cherry picked from commit ef4c2672b3)
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
* AccessControl: Remove package variables for roles and grants
Co-authored-by: Jguer <joao.guerreiro@grafana.com>
* Check for inheritance during role registration
Co-authored-by: Jguer <joao.guerreiro@grafana.com>
* Moving back role definition to accessscontrol
* Make settings reader role public
Co-authored-by: Jguer <joao.guerreiro@grafana.com>
* Nits
Co-authored-by: Jguer <joao.guerreiro@grafana.com>
* Forgot to update this
* Account for declaration error
* Fixing pkg/api init ossac
* Account for error in tests
* Update test to verify inheritance
* Nits.
* Place br inheritance behind a feature toggle
* Parent -> Parents
* Nit.
Co-authored-by: Jguer <joao.guerreiro@grafana.com>
* Clean up orgId when user organization is removed
* Add a test for removing user org
* Fix linting errors
* Update comment
* Fix linting errors
* Make removing user org more explicit
* Base-line API for provisioning notification policies
* Wire API up, some simple tests
* Return provenance status through API
* Fix missing call
* Transactions
* Clarity in package dependencies
* Unify receivers in definitions
* Fix issue introduced by receiver change
* Drop unused internal test implementation
* FGAC hooks for provisioning routes
* Polish, swap names
* Asserting on number of exposed routes
* Don't bubble up updated object
* Integrate with new concurrency token feature in store
* Back out duplicated changes
* Remove redundant tests
* Regenerate and create unit tests for API layer
* Integration tests for auth
* Address linter errors
* Put route behind toggle
* Use alternative store API and fix feature toggle in tests
* Fixes, polish
* Fix whitespace
* Re-kick drone
* Rename services to provisioning
* Alerting: Accurately set value for prom-compatible APIs
Sets the value fields for the prometheus compatible API based on a combination of condition `refID` and the values extracted from the different frames.
* Fix an extra test
* Ensure a consitent ordering
* Address review comments
* address review comments
* Fix inherited scopes for dashboard to use folder uid
* Add inherited evaluators
* Slight modification of the commments
* Add test for inheritance
* Nit.
* extract shared function from tests
* Nit. Extra line
* Remove unused comment
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
Co-authored-by: gamab <gabi.mabs@gmail.com>
Grot (@grafanabot)
Yuriy Tseretyan
Serge Zaitsev
Will Browne
Gabriel MABILLE
Piotr Jamróz
Alexander Weaver
gotjosh
Josh Hunt
Jguer