f326b79cc1
Security: Add gosec G304 auditing annotations ( #29578 )
...
* Security: Add gosec G304 auditing annotations
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com >
* add G304 auditing comment
Signed-off-by: bergquist <carl.bergquist@gmail.com >
* add G304 auditing comment
Signed-off-by: bergquist <carl.bergquist@gmail.com >
* add G304 auditing comment
Signed-off-by: bergquist <carl.bergquist@gmail.com >
* add G304 auditing comment
Signed-off-by: bergquist <carl.bergquist@gmail.com >
* add G304 auditing comment
Signed-off-by: bergquist <carl.bergquist@gmail.com >
* add G304 auditing comment
Signed-off-by: bergquist <carl.bergquist@gmail.com >
* add G304 auditing comment
Signed-off-by: bergquist <carl.bergquist@gmail.com >
* add G304 auditing comment
Signed-off-by: bergquist <carl.bergquist@gmail.com >
* Add gosec annotations
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com >
* add G304 auditing comment
Signed-off-by: bergquist <carl.bergquist@gmail.com >
* add G304 auditing comment
Signed-off-by: bergquist <carl.bergquist@gmail.com >
* Add gosec annotations
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com >
* add G304 auditing comment
Signed-off-by: bergquist <carl.bergquist@gmail.com >
* add G304 auditing comment
Signed-off-by: bergquist <carl.bergquist@gmail.com >
* add G304 auditing comment
Signed-off-by: bergquist <carl.bergquist@gmail.com >
* Add gosec annotations
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com >
* space
Signed-off-by: bergquist <carl.bergquist@gmail.com >
* Add gosec annotations
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com >
Co-authored-by: bergquist <carl.bergquist@gmail.com >
2020-12-03 22:13:06 +01:00
f2b7fbc32a
Chore: Check errors from Close calls ( #29562 )
...
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com >
2020-12-03 10:11:14 +01:00
aa70a38391
Dashboards: hide playlist edit functionality from viewers and snapshots link from unauthenticated users ( #28992 )
...
* feat: hide snapshots menu item from viewers
* feat(playlists): prevent viewers from creating/editing playlists
* feat: prevent viewers seeing playlist nav link if no playlists
* refactor(playlist): rename isViewer property to canEditPlaylists
* revert(playlists): put back note if viewer and no playlists
* refactor(snapshots): consider admin/editor permission in folders/dashboards for displaying menu item
* feat(snapshots): only show snapshot nav item if user is signed in
* fix(snapshots): revert snapshots to previous state if delete snapshot api error
2020-12-02 15:51:22 +01:00
4edb1364e9
fixes bug with invalid handler name for metrics ( #29529 )
...
closes https://github.com/grafana/grafana/issues/29487
Signed-off-by: bergquist <carl.bergquist@gmail.com >
2020-12-02 13:42:17 +01:00
b7aa6fed1d
Instrumentation: Add examplars for request histograms ( #29357 )
...
Signed-off-by: bergquist <carl.bergquist@gmail.com >
2020-12-01 15:04:59 +01:00
f55818ca70
Chore: Enable exhaustive linter ( #29458 )
...
* Chore: Enable exhaustive linter
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com >
2020-12-01 09:53:27 +01:00
cffc1b13ad
adds tracing for all bus calls that passes ctx ( #29434 )
...
Signed-off-by: bergquist <carl.bergquist@gmail.com >
2020-11-27 14:58:45 +01:00
c22a39ab2d
Plugins: Add support for includes' icon ( #29416 )
...
* Plugins: Add support for includes' icon
* Docs: Add plugin includes' icon reference
2020-11-27 10:48:37 +01:00
bec3fbea47
remove insecure cipher suit as default option ( #29378 )
...
G402 (CWE-295): TLS Bad Cipher Suite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
Signed-off-by: bergquist <carl.bergquist@gmail.com >
2020-11-26 12:22:50 +01:00
aebe8985c5
prefer server cipher suites ( #29379 )
...
G402 (CWE-295): TLS PreferServerCipherSuites set false.
Signed-off-by: bergquist <carl.bergquist@gmail.com >
2020-11-25 14:56:34 +01:00
10ff4eecef
Backend: fix IPv6 address parsing erroneous ( #28585 )
...
* Backend: Fix parsing of client IP address
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com >
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com >
2020-11-25 07:55:22 +01:00
22788d1d86
Add an option to hide certain users in the UI ( #28942 )
...
* Add an option to hide certain users in the UI
* revert changes for admin users routes
* fix sqlstore function name
* Improve slice management
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com >
* Hidden users: convert slice to map
* filter with user logins instead of IDs
* put HiddenUsers in Cfg struct
* hide hidden users from dashboards/folders permissions list
* Update conf/defaults.ini
Co-authored-by: Torkel Ödegaard <torkel@grafana.com >
* fix params order
* fix tests
* fix dashboard/folder update with hidden user
* add team tests
* add dashboard and folder permissions tests
* fixes after merge
* fix tests
* API: add test for org users endpoints
* update hidden users management for dashboard / folder permissions
* improve dashboard / folder permissions tests
* fixes after merge
* Guardian: add hidden acl tests
* API: add team members tests
* fix team sql syntax for postgres
* api tests update
* fix linter error
* fix tests errors after merge
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com >
Co-authored-by: Torkel Ödegaard <torkel@grafana.com >
Co-authored-by: Leonard Gram <leo@xlson.com >
2020-11-24 12:10:32 +01:00
763e958d9d
Login: Fixes redirect url encoding issues of # %23 being unencoded after login ( #29299 )
2020-11-24 07:27:08 +01:00
702cb90846
make it possible to hide change password link in profile menu ( #29246 )
...
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com >
2020-11-20 17:01:10 +01:00
294770f411
Chore: Handle wrapped errors ( #29223 )
...
* Chore: Handle wrapped errors
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com >
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com >
2020-11-19 13:34:28 +01:00
0cb29d337a
Expressions: Move GEL into core as expressions ( #29072 )
...
* comes from grafana/gel-app
* remove transform plugin code
* move __expr__ and -100 constants to expr pkg
* set OrgID on request plugin context
* use gtime for resample duration
* in resample, rename "rule" to "window", use gtime for duration, parse duration before exec
* remove gel entry from plugins-bundled/external.json
which creates an empty array for plugins
2020-11-19 07:17:00 -05:00
006868339d
Backend: Fix build ( #29206 )
...
* Backend: Fix build
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com >
2020-11-18 16:16:58 +01:00
2939caf9a2
Permissions: Validate against Team/User permission role update ( #29101 )
...
* validate against role field update
* lowercase error string
* make all msgs consistent style
* fix wording
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com >
* sayonara simple json
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com >
2020-11-18 15:36:41 +01:00
15a6508d4a
trace user login and datasource name instead of id ( #29183 )
...
id's are not very helpful when debugging a system.
Signed-off-by: bergquist <carl.bergquist@gmail.com >
2020-11-18 09:21:45 +01:00
52c154a221
Backend: Rename variables for style conformance ( #29097 )
...
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com >
2020-11-17 17:09:14 +01:00
4dd7b7a82d
Chore: Remove unused Go code ( #28852 )
...
* Chore: Remove more unused Go code
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com >
2020-11-17 11:51:31 +01:00
8c765e8068
API: Rewrite tests from goconvey ( #29091 )
...
* API: Rewrite tests from goconvey
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com >
* Fix test
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com >
* Fix tests
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com >
2020-11-17 11:31:35 +01:00
967e9b39e8
Fix panic when using complex dynamic URLs in app plugin routes ( #27977 )
...
* remove unused function to interpolate URLs
* share function to add headers between ds/plugin proxies
* stop performing unnecessary plugin setting lookup
* fix bug causing runtime errors when using complex templated URLs
* lower case util functions not used outside of pluginproxy package
* change test URL to a (valid) dummy URL to make intent clearer
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com >
2020-11-17 10:56:42 +01:00
fbf0d2c086
Plugin proxy: Handle URL parsing errors ( #29093 )
...
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com >
2020-11-13 19:38:09 +01:00
e503188b6f
Data source proxy: Convert 401 from data source to 400 ( #28962 )
...
* Data source proxy: Convert 401 from data source to 400
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com >
2020-11-13 13:21:43 +01:00
cb62e69997
Chore: Convert API tests to standard Go lib ( #29009 )
...
* Chore: Convert tests to standard Go lib
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com >
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com >
2020-11-13 09:52:38 +01:00
43f580c299
AlertingNG: manage and evaluate alert definitions via the API ( #28377 )
...
* Alerting NG: prototype v2 (WIP)
* Separate eval package
* Modify eval alert definition endpoint
* Disable migration if ngalert is not enabled
* Remove premature test
* Fix lint issues
* Delete obsolete struct
* Apply suggestions from code review
* Update pkg/services/ngalert/ngalert.go
Co-authored-by: Kyle Brandt <kyle@grafana.com >
* Add API endpoint for listing alert definitions
* Introduce index for alert_definition table
* make ds object for expression to avoid panic
* wrap error
* Update pkg/services/ngalert/eval/eval.go
* Swith to backend.DataQuery
* Export TransformWrapper callback
* Fix lint issues
* Update pkg/services/ngalert/ngalert.go
Co-authored-by: Kyle Brandt <kyle@grafana.com >
* Validate alert definitions before storing them
* Introduce AlertQuery
* Add test
* Add QueryType in AlertQuery
* Accept only float64 (seconds) durations
* Apply suggestions from code review
* Get rid of bus
* Do not export symbols
* Fix failing test
* Fix failure due to service initialization order
Introduce MediumHigh service priority and assign it to backendplugin
service
* Fix test
* Apply suggestions from code review
* Fix renamed reference
Co-authored-by: Kyle Brandt <kyle@grafana.com >
2020-11-12 15:11:30 +02:00
76df096791
Logging: Log frontend errors ( #28073 )
...
* basic frontend Sentry integration
* backend endpoint to capture sentry events
* WIP!
* log user email for frontend logs
* remove debug logging
* lint fixes
* Fix type exports & property names
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com >
* additional struct naming fix
* rename log endpoint, config section & interface
* add sentry sample rate to config
* refac to use EchoSrv
* log user id
* backend tests
* tests for SentryEchoBackend
* sentry echo backend tests
* CustomEndpointTransport tests
* Update pkg/api/frontend_logging_test.go
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com >
* Update conf/defaults.ini
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com >
* Update pkg/api/frontend_logging_test.go
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com >
* don't export unnecesasrily
* update go.sum
* get rid of Convey in tests, use stdlib
* add sentry config to sample.ini
* cleanup to set orig logging handler in test
* Apply suggestions from code review
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com >
* PR feedback changes
* lock sentry version
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com >
2020-11-12 12:29:43 +01:00
b5379c5335
Chore: Fix SQL related Go variable naming ( #28887 )
...
* Chore: Fix variable naming
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com >
2020-11-11 06:21:08 +01:00
b2dcf06b60
Backend: Adds route for well-known change password URL ( #28788 )
...
* Backend: Adds route for well-known change password URL
* Include 'dashboard/new' in backend routes
* Move index route handler registration out of "not logged in views" section
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com >
2020-11-10 22:36:35 +00:00
2c246276fd
API: replace SendLoginLogCommand with LoginHook ( #28777 )
...
* API: replace SendLoginLogCommand with LoginHook
* LoginInfo: Query -> LoginUsername
2020-11-06 10:01:13 +01:00
676d393ec9
Chore: Fix issues reported by staticcheck; enable stylecheck linter ( #28866 )
...
* Chore: Fix issues reported by staticcheck
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com >
* Apply suggestions from code review
Co-authored-by: Emil Tullstedt <emil.tullstedt@grafana.com >
2020-11-05 15:37:11 +01:00
3d3a7cbba8
Chore: Fix staticcheck issues ( #28860 )
...
* Chore: Fix issues reported by staticcheck
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com >
* Undo changes
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com >
* Chore: Fix issues reported by staticcheck
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com >
* Fix test
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com >
* Fix test
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com >
2020-11-05 13:07:06 +01:00
7897c6b7d5
Chore: Fix staticcheck issues ( #28854 )
...
* Chore: Fix issues reported by staticcheck
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com >
* Undo changes
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com >
2020-11-05 11:57:20 +01:00
9b90ff2961
Disable selecting enterprise plugins with no license ( #28758 )
...
* Add unlicensed property to plugins
* Disable selecting unlicensed plugin
* Add customizable plugin market place url
* License: workaround enabled only in enterprise
* linter
* Move licensing info to front end
* Update pkg/services/licensing/oss.go
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com >
* Update pkg/services/licensing/oss.go
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com >
* Update pkg/setting/setting.go
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com >
* Update pkg/setting/setting.go
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com >
* Update pkg/api/frontendsettings.go
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com >
* Update sample.ini
* Update docs
* Update packages/grafana-runtime/src/config.ts
Co-authored-by: Torkel Ödegaard <torkel@grafana.org >
* Update public/app/features/datasources/state/buildCategories.ts
Co-authored-by: Torkel Ödegaard <torkel@grafana.org >
* Update pkg/api/frontendsettings.go
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com >
* Update pkg/setting/setting.go
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com >
* Fix spelling
Co-authored-by: Leonard Gram <leo@xlson.com >
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com >
Co-authored-by: Torkel Ödegaard <torkel@grafana.org >
2020-11-05 12:55:40 +02:00
574553ec7b
Chore: Fix issues found by staticcheck ( #28802 )
...
* Fix linting issues
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com >
2020-11-05 11:29:39 +01:00
dff84f6a31
Chore: Remove dead code ( #28664 )
...
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com >
2020-11-05 11:00:00 +01:00
5fcff1a4c7
Provisioning: Fixed problem with getting started panel being added to custom home dashboard ( #28750 )
...
* Provisioning: Fixed problem with getting started panel being added to custom home dashboard
* Fixed comment
* Update pkg/api/dashboard.go
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com >
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com >
2020-11-02 16:12:22 +01:00
c4c5b2dc61
CloudWatch Logs queue and websocket support ( #28176 )
...
CloudWatch Logs queue and websocket support
2020-10-28 08:36:57 +00:00
60d40fa99b
Short URL: Update last seen at when visiting a short URL ( #28565 )
...
Ref #28248
Co-authored-by: Sofia Papagiannaki <papagian@users.noreply.github.com >
2020-10-27 16:16:06 +01:00
65b5086a59
API: add login username in SendLoginLogCommand ( #28544 )
...
* API: add login username in Login actions
* LoginUser -> LoginUsername
* fix test
2020-10-26 15:47:01 +01:00
b3a868169b
OAuth: Support Forward OAuth Identity for backend data source plugins ( #27055 )
...
Adds support for the Forward OAuth Identity feature in backend data source plugins.
Earlier this feature has only been supported for non-backend data source plugins.
Fixes #26023
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com >
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com >
2020-10-24 01:34:38 +02:00
1bee9f4168
Plugins: Track plugin signing errors and expose them to the frontend ( #28219 )
...
* first pass
* return list
* types and cleanup
* add to plugin page and add styles
* update comment
* update comment
* fix component path
* simplify error component
* simplify error struct
* fix tests
* don't export and fix string()
* update naming
* remove frontend
* introduce phantom loader
* track single error
* remove error from base
* remove unused struct
* remove unnecessary filter
* add errors endpoint
* Update set log to use id field
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com >
* skip adding BE plugins
* remove errs from plugin + ds list
* remove unnecessary fields
* add signature state to panels
* remove unused code
* apply PR feedback
* update comment
* merge dto with model
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com >
2020-10-23 16:45:43 +02:00
077eab1b24
Chore: Use net.JoinHostPort ( #28421 )
...
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com >
2020-10-22 07:34:26 +02:00
4084b53f91
plugins: Don't exit on duplicate plugin ( #28390 )
...
* plugins: Don't exit on duplicate plugin
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com >
* Add missing files
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com >
* Fix test
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com >
2020-10-21 12:39:41 +02:00
13e67660f5
API: Query database from /api/health endpoint ( #28349 )
2020-10-21 11:06:19 +02:00
5bc6c447e3
Alerting: Return proper status code when trying to create alert notification channel with duplicate name or uid ( #28043 )
...
* Alerting: Return proper status code when trying to create an Alert Notification where the name or UID already exists.
Co-authored-by: Arve Knudsen <arve.knudsen@gmail.com >
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com >
2020-10-20 13:53:48 +02:00
d13c6b4c5a
OAuth: Able to skip auto login ( #28357 )
...
* OAuth: able to skip auto login
* OAuth: tests for internal login param
* OAuth: rename internal -> disableAutoLogin
* OAuth: update log message
* OAuth: fix tests
2020-10-20 14:51:06 +03:00
89d10c706a
Plugins: Compose filesystem paths with filepath.Join ( #28375 )
...
* plugins: Fix filesystem path composition
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com >
* plugins: Use filepath.Join to join filesystem paths
Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com >
2020-10-19 17:35:31 +02:00
44a795cb17
AlertingNG: remove warn/crit from eval prototype ( #28334 )
...
and misc cleanup
2020-10-16 12:33:57 -04:00
Arve Knudsen
Jack Westbrook
Carl Bergquist
Carl Bergquist
Joan López de la Franca Beltran
taciomcosta
Agnès Toulet
Torkel Ödegaard
Kyle Brandt
Will Browne
Victor Cinaglia
Sofia Papagiannaki
Domas
kay delaney
Alex Khomenko
Marcus Efraimsson
Bill Oley
Emil Hessman
jgulick48
Alexander Zobnin