* RBAC: Use query struct in tests
* RBAC: If access control enforcement is disabled don't filter out users
when fetching permissions
(cherry picked from commit 9adaf1565c)
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
`pkg/web` triggers a panic when a http handler chain does not return any
response to the client.
This has been put in place, because it usually means a middleware along
the way did not call the next one.
In this specific case however, the handlers meant to return 200, but did
not do so explicitely, instead relying on the default behavior of `net/http`
(cherry picked from commit beaaabd770)
Co-authored-by: sh0rez <me@shorez.de>
* RBAC: Allow access to dashboards when user has dashboards create
* Remove eval any that I didn't add on purpose
(cherry picked from commit 3963ed3754)
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* Plugins: Remove support for V1 manifests
* Plugins: Make proxy endpoints not leak sensitive HTTP headers
* Security: Fix do not forward login cookie in outgoing requests
(cherry picked from commit 4539c33fce)
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
* Alerting: Improve notification policies created during migration
Previously, migrated legacy alerts were connected to notification policies through
a `rule_uid` label in a 1:1 fashion. While this correctly mimicked pre-migration routing,
it didn't create a notification policy structure that is easy to view/modify. In addition,
having one policy per migrated alert is, in some ways, counter to the recommended approach of
Unified Alerting.
This change replaces `rule_uid`-based migrated notification policies with a private
label called `__contacts__`. This label stores a list of double quoted strings containing the names of
all contact points an AlertRule should route to (based on legacy notification channels). Finally,
one notification policy is created per contact point with each matching AlertRules via regex on this
`__contacts__` label.
The result is a simpler, clearer, and easier to modify notification policy structure, with the
added benefit that you can see which contact points an AlertRule is being routed to from the
AlertRule creation page.
(cherry picked from commit 0db339d82f)
Co-authored-by: Matthew Jacobson <matthew.jacobson@grafana.com>
* RBAC: Change the generate uid function to be deterministic so we can avoid collision
* RBAC: Use fmt.Errorf
* RBAC: Add comment
* RBAC: Export GenerateManagedRoleUID
(cherry picked from commit 21792fdf37)
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
* (WIP) switch to fork AM, first implementation of the API, generate spec
* get receivers avoiding race conditions
* use latest version of our forked AM, tests
* make linter happy, delete TODO comment
* update number of expected paths to += 2
* delete unused endpoint code, code review comments, tests
* Update pkg/services/ngalert/notifier/alertmanager.go
Co-authored-by: Matthew Jacobson <matthew.jacobson@grafana.com>
* remove call to fmt.Println
* clear naming for fields
* shorter variable names in GetReceivers
Co-authored-by: Matthew Jacobson <matthew.jacobson@grafana.com>
(cherry picked from commit 09f8e026a1)
The email notifier was incorrectly handling Windows filepaths. This is
fixed by using the `path/filepath` package.
(cherry picked from commit c7c640d903)
Co-authored-by: Joe Blubaugh <joe.blubaugh@grafana.com>
When testing a rule within the legacy alerting the `timeMs` field could
sometimes show negative (and/or wrongly calculated) durations. This happens if the alert evaluation crosses a second boundary. This change uses the full timestamp to compute the eval duration.
(cherry picked from commit 95b9fa3346)
Co-authored-by: Jorge Luis Betancourt <jorge-luis.betancourt@trivago.com>
Previously, two tests were not explicitly marked as integration tests
and so were not run against all 3 supported databases in the CI
environment.
(cherry picked from commit 7312a2dab0)
Co-authored-by: Joe Blubaugh <joe.blubaugh@grafana.com>
This commit fixes a bug where changing the Folder or Rule Group of an existing rule returns the following error in PostgreSQL "pq: missing FROM-clause for table a"
(cherry picked from commit 762688d67f)
Co-authored-by: George Robinson <george.robinson@grafana.com>
* Correlation: only return correlation for which both source and targe ds exist
* add test
(cherry picked from commit d07abdd23c)
Co-authored-by: Giordano Ricci <me@giordanoricci.com>
* Move role types to a separate package
* Make role type singular and remove _ from directory name
* Add orguser methods to org service
* Fix fake method
Grot (@grafanabot)
Jo
Marcus Efraimsson
juanicabanas
Santiago
George Robinson
Artur Wierzbicki
Yuriy Tseretyan
Joe Blubaugh
Tania
Maksim Nabokikh
idafurjes
Jean-Philippe Quéméner
Ashley Harrison