public/grafana
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
29,898 Commits 655 Branches 650 Tags
7a96df875b7c272f7cf8cd366529ed056eb6a42e
Commit Graph

337 Commits

Author SHA1 Message Date
Samuel 846b9327a5 LDAP: Added reload endpoint for LDAP config (#15470) 
* 4843 - Added reload endpoint for LDAP config

closes #4843

* Refactor to make the reload work after master drifted
 2019-05-03 14:53:07 +02:00
Carl Bergquist 9660356638 Auth: Enable retries and transaction for some db calls for auth tokens (#16785) 
the WithSession wrapper handles retries and connection
management so the caller dont have to worry about it.
 2019-04-30 14:42:01 +02:00
Oleg Gaidarenko 62b85a886e LDAP Refactoring to support syncronizing more than one user at a time. (#16705) 
* Feature: add cron setting for the ldap settings

* Move ldap configuration read to special function

* Introduce cron setting (no docs for it yet, pending approval)

* Chore: duplicate ldap module as a service

* Feature: implement active sync

This is very early preliminary implementation of active sync.
There is only one thing that's going right for this code - it works.

Aside from that, there is no tests, error handling, docs, transactions,
it's very much duplicative and etc.

But this is the overall direction with architecture I'm going for

* Chore: introduce login service

* Chore: gradually switch to ldap service

* Chore: use new approach for auth_proxy

* Chore: use new approach along with refactoring

* Chore: use new ldap interface for auth_proxy

* Chore: improve auth_proxy and subsequently ldap

* Chore: more of the refactoring bits

* Chore: address comments from code review

* Chore: more refactoring stuff

* Chore: make linter happy

* Chore: add cron dep for grafana enterprise

* Chore: initialize config package var

* Chore: disable gosec for now

* Chore: update dependencies

* Chore: remove unused module

* Chore: address review comments

* Chore: make linter happy
 2019-04-26 15:47:16 +03:00
Oleg Gaidarenko db584b3d28 Chore: remove session storage references (#16445) 
* Chore: remove session storage references

* Small refactoring of the settings module

* Update docs - remove references for the session storage

* Update config files (sample and default configs)

* Add tests for warning during the config load on defined storage cache

* Remove all references to session storage

* Remove macaron session dependency

* Remove leftovers

* Fix: address review comments

* Fix: remove old deps

* Fix: add skipStaticRootValidation = true to tests

* Fix: improve the docs and warning message

As per discussion in here - https://github.com/grafana/grafana/pull/16445/files#r273026255

* Chore: make linter happy

Fixes #16148
Ref #16114
 2019-04-22 18:58:24 +03:00
Oleg Gaidarenko 318182ccc9 Chore: refactor auth proxy (#16504) 
* Chore: refactor auth proxy

Introduced the helper struct for auth_proxy middleware.
Added couple unit-tests, but it seems "integration" tests already cover
most of the code paths.

Although it might be good idea to test every bit of it, hm.
Haven't refactored the extraction of the header logic that much

Fixes #16147

* Fix: make linters happy
 2019-04-16 14:09:18 +02:00
Oleg Gaidarenko 67cbc7d4cf Chore: use remote cache instead of session storage (#16114) 
Replaces session storage in auth_proxy middleware with remote cache

Fixes #15161
 2019-04-08 14:31:46 +03:00
Leonard Gram 6589a4e55f teams: better names for api permissions. 2019-03-19 14:01:20 +01:00
Hugo Häggmark 782b5b6a3a teams: viewers and editors can view teams 2019-03-19 14:01:14 +01:00
Leonard Gram 22e098b830 teams: editors can work with teams. 2019-03-19 13:57:22 +01:00
Marcus Efraimsson 8029e48588 support get user tokens/revoke all user tokens in UserTokenService 2019-03-08 15:15:17 +01:00
Johannes Schill a81d5486b0 Viewers with viewers_can_edit should be able to access /explore (#15787) 
* fix: Viewers with viewers_can_edit should be able to access /explore #15773

* refactoring initial PR a bit to simplify function and reduce duplication
 2019-03-05 12:41:01 +01:00
bergquist 8a3a3cccc3 moves metric package to /infra 
ref #14679
 2019-02-24 21:12:51 +01:00
Carl Bergquist dcec61e1b4 Merge pull request #15378 from grafana/auth_token_quotas 
use authTokenService for session quotas restrictions
 2019-02-12 15:38:57 +01:00
bergquist e163aadfe4 use authtoken for session quota restrictions 
closes #15360
 2019-02-12 15:10:55 +01:00
bergquist 1310d356fc removes unused session code 2019-02-12 12:33:54 +01:00
Marcus Efraimsson 836501186f fix 2019-02-06 17:30:17 +01:00
Marcus Efraimsson 8678620730 move UserToken and UserTokenService to models package 2019-02-06 16:55:12 +01:00
Marcus Efraimsson a60124a88c change UserToken from interface to struct 2019-02-06 16:30:50 +01:00
Marcus Efraimsson 44275d9660 middleware fix 2019-02-06 08:45:01 +01:00
Marcus Efraimsson 871c84d195 changes needed for api/middleware due to configuration settings 2019-02-05 21:14:23 +01:00
Marcus Efraimsson d53e64a32c move auth token middleware/hooks to middleware package 
fix/adds auth token middleware tests
 2019-02-05 00:21:05 +01:00
bergquist 88ca54eba9 renames signout function 2019-01-31 16:26:36 +01:00
bergquist 43ac79685a delete auth token on signout 2019-01-31 16:13:35 +01:00
Mario Trangoni b7628f2060 pkg/util/{filepath.go,shortid_generator.go}: Fix golint issues 
See,
$ gometalinter --vendor --deadline 10m --disable-all --enable=golint  ./...
filepath.go:12:5⚠️ error var WalkSkipDir should have name of the form ErrFoo (golint)
shortid_generator.go:11:5⚠️ var validUidPattern should be validUIDPattern (golint)
shortid_generator.go:19:6⚠️ func IsValidShortUid should be IsValidShortUID (golint)
shortid_generator.go:24:6⚠️ func GenerateShortUid should be GenerateShortUID (golint)
 2019-01-28 22:37:44 +01:00
bergquist 9ae306e417 use defer to make sure we always release session data 2019-01-24 13:48:36 +01:00
bergquist f257101c41 removes unused/commented code 2019-01-24 11:26:45 +01:00
bergquist 5998646da5 restrict session usage to auth_proxy 2019-01-23 14:56:48 +01:00
bergquist c3ff3d644c fixes nil ref in tests 2019-01-22 16:16:32 +01:00
Marcus Efraimsson 59d0c19ba8 passing middleware tests 2019-01-22 13:51:55 +01:00
Marcus Efraimsson 4096449aec extract auth token interface and remove auth token from context 2019-01-22 12:00:33 +01:00
bergquist 55b3013eb3 moves initWithToken to auth package 2019-01-21 11:37:44 +01:00
Marcus Efraimsson 734a7d38b2 set cookie name from configuration 2019-01-21 11:21:43 +01:00
Marcus Efraimsson 0d1e3759eb mixor fixes 2019-01-21 10:20:23 +01:00
Marcus Efraimsson f3125b447b dead code 2019-01-21 10:20:23 +01:00
bergquist 47a7d93fd9 moves rotation into auth since both happens before c.Next() 2019-01-21 08:59:01 +01:00
bergquist fd937e3d95 remove maxage from session token 2019-01-17 21:03:27 +01:00
Marcus Efraimsson 81879f0162 fix broken code 2019-01-17 20:29:26 +01:00
Marcus Efraimsson 97c7963f17 fix cannot set cookie when response is written 2019-01-17 20:27:53 +01:00
bergquist c2accfa4c0 inital code for rotate 2019-01-17 17:11:52 +01:00
bergquist aba6148c43 login users based on token cookie 2019-01-16 16:44:40 +01:00
Jacob Richard 34d3086ec8 Adding tests for auth proxy CIDR support 2018-12-18 21:16:29 -06:00
Jacob Richard 0b50582b56 Adding CIDR capability to auth_proxy whitelist 2018-12-17 23:43:14 -06:00
Torkel Ödegaard 34c70ca7ce fix for issue with error view in production builds 2018-11-20 13:47:45 +01:00
Marcus Efraimsson 5882e5bb46 Merge pull request #13900 from marefr/ds_cache_refactor 
Datasource proxy cache refactor
 2018-11-05 11:02:31 +01:00
Torkel Ödegaard b415d82611 fixed to template PR issues, #13938 2018-11-02 10:49:46 +01:00
Marcus Efraimsson cfb061ddab refactor datasource caching 2018-10-30 09:31:56 +01:00
Mario Trangoni e673337cb9 pkg/middleware/middleware.go: Fix empty branch warning. 
See,
$ gometalinter --vendor --deadline 10m --disable-all --enable=megacheck ./...
pkg/middleware/middleware.go:46:3⚠️ empty branch (SA9003) (megacheck)
 2018-10-19 19:49:04 +02:00
Torkel Ödegaard abef94b0da made it possible to have frontend code in symlinked folders that can add routes 2018-10-11 12:36:04 +02:00
Mario Trangoni dde650905d Fix megacheck issue unused code. 
I removed some code, and commented out other one.

See,
$ gometalinter --vendor --disable-all --disable=gotype --enable=megacheck --deadline 6m ./... | grep unused
pkg/api/avatar/avatar.go:100:26⚠️ func (*CacheServer).mustInt is unused (U1000) (megacheck)
pkg/api/folder_test.go:136:6⚠️ func callGetFolderByUID is unused (U1000) (megacheck)
pkg/api/folder_test.go:141:6⚠️ func callDeleteFolder is unused (U1000) (megacheck)
pkg/api/live/hub.go:40:15⚠️ func (*hub).removeConnection is unused (U1000) (megacheck)
pkg/components/imguploader/azureblobuploader.go:130:5⚠️ var client is unused (U1000) (megacheck)
pkg/middleware/middleware_test.go:438:28⚠️ func (*scenarioContext).withInvalidApiKey is unused (U1000) (megacheck)
pkg/services/alerting/ticker.go:40:18⚠️ func (*Ticker).updateOffset is unused (U1000) (megacheck)
pkg/services/notifications/notifications_test.go:12:6⚠️ type testTriggeredAlert is unused (U1000) (megacheck)
pkg/services/sqlstore/dashboard_service_integration_test.go:935:6⚠️ type scenarioContext is unused (U1000) (megacheck)
pkg/services/sqlstore/dashboard_service_integration_test.go:939:6⚠️ type scenarioFunc is unused (U1000) (megacheck)
pkg/services/sqlstore/dashboard_service_integration_test.go:941:6⚠️ func dashboardGuardianScenario is unused (U1000) (megacheck)
pkg/services/sqlstore/transactions_test.go:13:6⚠️ type testQuery is unused (U1000) (megacheck)
 2018-10-01 18:23:59 +02:00
bergquist 12c9860882 string formating fixes 2018-08-28 22:33:38 +02:00