The problem here is that without the orgID we ignore the lookup of the existing notification channel just before updating and end up failing the update because there is no channel available.
(cherry picked from commit 8bf2e642aa)
Co-authored-by: gotjosh <josue.abreu@gmail.com>
* show teams page for user who can't list teams but can create teams
* Fixing buttons and routes
* Small refactor
Co-authored-by: gamab <gabi.mabs@gmail.com>
(cherry picked from commit 6fb3aac2e1)
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
* AccessControl: Filter team members
* Modify GetTeamMembersByUser comment
* Fix postgres failing test due to quoting
* Rename GetTeamMembersByUser to GetUserTeamMemberships
* Update TeamStore interface
(cherry picked from commit 78fc0258b1)
Fixes a problem where server hangs if setting
GF_DATABASE_LOG_QUERIES=true.
Ref #44925
(cherry picked from commit ca311bf94f)
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Fixes log filters that contains comments should not be enabled
(cherry picked from commit 2082eeb72f)
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* Revert fixed roles and service accounts
* Leave the fixed role for service accounts
(cherry picked from commit f38f10416a)
Co-authored-by: Vardan Torosyan <vardants@gmail.com>
* Security: Sync security changes on main (#45083)
* * Teams: Appropriately apply user id filter in /api/teams/:id and /api/teams/search
* Teams: Ensure that users searching for teams are only able see teams they have access to
* Teams: Require teamGuardian admin privileges to list team members
* Teams: Prevent org viewers from administering teams
* Teams: Add org_id condition to team count query
* Teams: clarify permission requirements in teams api docs
* Teams: expand scenarios for team search tests
* Teams: mock teamGuardian in tests
Co-authored-by: Dan Cech <dcech@grafana.com>
* remove duplicate WHERE statement
* Fix for CVE-2022-21702
(cherry picked from commit 202d7c190082c094bc1dc13f7fe9464746c37f9e)
* Lint and test fixes
(cherry picked from commit 3e6b67d5504abf4a1d7b8d621f04d062c048e981)
* check content type properly
(cherry picked from commit 70b4458892bf2f776302720c10d24c9ff34edd98)
* basic csrf origin check
(cherry picked from commit 3adaa5ff39832364f6390881fb5b42ad47df92e1)
* compare origin to host
(cherry picked from commit 5443892699e8ed42836bb2b9a44744ff3e970f42)
* simplify url parsing
(cherry picked from commit b2ffbc9513fed75468628370a48b929d30af2b1d)
* check csrf for GET requests, only compare origin
(cherry picked from commit 8b81dc12d8f8a1f07852809c5b4d44f0f0b1d709)
* parse content type properly
(cherry picked from commit 16f76f4902e6f2188bea9606c68b551af186bdc0)
* mentioned get in the comment
(cherry picked from commit a7e61811ef8ae558ce721e2e3fed04ce7a5a5345)
* add content-type: application/json to test HTTP requests
* fix pluginproxy test
* Fix linter when comparing errors
Co-authored-by: Kevin Minehart <kmineh0151@gmail.com>
Co-authored-by: Dan Cech <dcech@grafana.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Co-authored-by: Serge Zaitsev <serge.zaitsev@grafana.com>
Co-authored-by: Vardan Torosyan <vardants@gmail.com>
(cherry picked from commit 605d056136)
* Apply suggestions from code review
* remove uneeded test fix from patch
Co-authored-by: Dimitris Sotirakis <sotirakis.dim@gmail.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Co-authored-by: jguer <joao.guerreiro@grafana.com>
* hide team role column
* hide or disable the role picker as needed
* add SWL filtering for role listing
(cherry picked from commit 4f4b1cb5ea)
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
* use latest sigv4 changes
* update configuration docs
* lint
* reformat lint ignore
* specific version for docs
(cherry picked from commit fc42dfe396)
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
* API: Using go-swagger for extracting OpenAPI specification from source code
* Merge Grafana Alerting spec
* Include enterprise endpoints (if enabled)
* Serve SwaggerUI under feature flag
* Fix building dev docker images
* Configure swaggerUI
* Add missing json tags
Co-authored-by: Ying WANG <ying.wang@grafana.com>
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
(cherry picked from commit 35fe58de37)
Fixing a couple bugs, adds some tests and hopefully decrease
lock contention when logging.
Switching from using sync.RWMutex to go-kit SwapLogger.
Fixes bug when creating a new logger from an existing one that
screwed up the keyvals and/or lost the logger name.
Ref #44681
(cherry picked from commit 05ea825c76)
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* Fix evaluation of alert rules for datasources with custom headers
* Fix unit tests
* Fix integration tests
* Evaluator fields should be package private
(cherry picked from commit 9df43abbb5)
Co-authored-by: George Robinson <george.robinson@grafana.com>
Re-adding back Azure authentication support to Prometheus datasource
after the datasource query logic was rewritten from plugin.json routes to
Go backend.
Ref #35857
(cherry picked from commit 85ea1a5d64)
Co-authored-by: Sergey Kostrukov <sekost@microsoft.com>
* add actions for team group sync
* extend the hook to allow specifying whether the user is external
* move user struct to type package
* interface for permission service to allow mocking it
* reuse existing permissions
* test fix
* refactor
* linting
(cherry picked from commit 602d62ebcc)
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
* Encryption: Add support for data keys re-encryption
* Add tests for data keys re-encryption
* Update code after refactorings
Co-authored-by: Leonard Gram <leo@xlson.com>
(cherry picked from commit b2655750e8)
Co-authored-by: Joan López de la Franca Beltran <5459617+joanlopez@users.noreply.github.com>
* Encryption: CLI rollback command
* Update flag reference to 'featuremgmt' pkg
* Update feature toggles usage
* Clean up data keys table after envelope encryption rollback
(cherry picked from commit f8105efff3)
Co-authored-by: Joan López de la Franca Beltran <5459617+joanlopez@users.noreply.github.com>
* do not store evaluation string in Evaluation.
* reduce number of buckets to store for a single state
(cherry picked from commit 984c95de63)
Co-authored-by: Yuriy Tseretyan <tceretian@gmail.com>
Moves the request tracing middleware earlier in the chain, just after the tracing middleware
and before the log middleware. With these changes we'll be able to track
authentication/authorization status failures that currently exits early and don't execute the
request tracing middleware. In addition, there might be some other routes now being tracked
with this that we didn't do before.
Fixes#39590
(cherry picked from commit 0092d10764)
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* (WIP) send alerts to external, internal, or both alertmanagers
* Modify admin configuration endpoint, update swagger docs
* Integration test for admin config updated
* Code review changes
* Fix alertmanagers choice not changing bug, add unit test
* Add AlertmanagersChoice as enum in swagger, code review changes
* Fix API and tests errors
* Change enum from int to string, use 'SendAlertsTo' instead of 'AlertmanagerChoice' where necessary
* Fix tests to reflect last changes
* Keep senders running when alerts are handled just internally
* Check if any external AM has been discovered before sending alerts, update tests
* remove duplicate data from logs
* update comment
* represent alertmanagers choice as an int instead of a string
* default alertmanagers choice to all alertmanagers, test cases
* update definitions and generate spec
Grot (@grafanabot)
Sofia Papagiannaki
Ieva
Gabriel MABILLE
Vardan Torosyan
George Robinson
Eric Leijonmarck
Kyle Brandt
Joan López de la Franca Beltran
Konrad Lalik
Ryan McKinley
Santiago