* model fixed roles for dashboards and folders
* Correctly translate fixed role assignments
* minor refactor
* assign fixed roles to teams
* fix linter errors
* Migrate general folder permissions for fixed roles
* fix dashboards:create permission
* Access control: Use composite cache key for team permissions
* use composite key for teams
* use cache for hotpath (getCachedUserPermissions)
* fix linter
* fix sorting
---------
Co-authored-by: Jeff Levin <jeff@levinology.com>
* add uid to template and populate it
* update delete method to support both uid and name
* update UpdateTemplate to support search by UID and fallback to name + support renaming of the template
* update upsert to exit if template not found and uid is specified
* update Get method to address by name or uid
---------
Co-authored-by: Matthew Jacobson <matthew.jacobson@grafana.com>
* Replace global authz abstraction with one compatible with uid scope
* Replace GettableApiReceiver with models.Receiver in receiver_svc
* GrafanaIntegrationConfig -> models.Integration
* Implement Create/Update methods
* Add optimistic concurrency to receiver API
* Add scope to ReceiversRead & ReceiversReadSecrets
migrates existing permissions to include implicit global scope
* Add receiver create, update, delete actions
* Check if receiver is used by rules before delete
* On receiver name change update in routes and notification settings
* Improve errors
* Linting
* Include read permissions are requirements for create/update/delete
* Alias ngalert/models to ngmodels to differentiate from v0alpha1 model
* Ensure integration UIDs are valid, unique, and generated if empty
* Validate integration settings on create/update
* Leverage UidToName to GetReceiver instead of GetReceivers
* Remove some unnecessary uses of simplejson
* alerting.notifications.receiver -> alerting.notifications.receivers
* validator -> provenanceValidator
* Only validate the modified receiver
stops existing invalid receivers from preventing modification of a valid
receiver.
* Improve error in Integration.Encrypt
* Remove scope from alert.notifications.receivers:create
* Add todos for receiver renaming
* Use receiverAC precondition checks in k8s api
* Linting
* Optional optimistic concurrency for delete
* make update-workspace
* More specific auth checks in k8s authorize.go
* Add debug log when delete optimistic concurrency is skipped
* Improve error message on authorizer.DecisionDeny
* Keep error for non-forbidden errutil errors
* WIP
* Validate new field, and add value in provisioning if not defined in correct spot
* Simplify logic, use correct value
* fix tests
* Fix linter errors
* fix swagger and tests
* 😬
* Auto-generation isnt doing this..
* Fix linter
* test if nullable is the issue…
* Change structure on the frontend fields
* Try with backtick
* try programatic quoting
* Try only quote non-ints
* quoting, no backticks
* Remove debugging
* feat(nameHeaders): add feature flag
* add safe parsing of headers
* use headers in loki datasource
* Loki: add option to pass headers to Loki
* Loki: add datasource tests for dashboard names
* cleanup
* DataSourceWithBackend: add test
* rename to `sanitizeHeader`
* Loki: add condition when to add headers
* Loki: add e2e tests
* Loki: change test name
* feat: Add new read filtering to datasources guardian
* Apply suggestion to use datasources read guardian check for frontend settings
---------
Co-authored-by: Eric Leijonmarck <eric.leijonmarck@gmail.com>
* chore: add tracing to quote API and service methods with contexts
I also fixed a typo (overriden -> overridden) and removed a method that looked like it wasn't useful anymore. (It seemed to exist to return an error, but never returned an error, and so just added many lines of unnecessary error checking).
* chore: Bump Go to 1.23.0
Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
* update swagger files
Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
* chore: update .bingo/README.md formatting to satisfy prettier
Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
* chore(lint): Fix new lint errors found by golangci-lint 1.60.1 and Go 1.23
Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
* keep golden file
* update openapi
* add name to expected output
* chore(lint): rearrange imports to a sensible order
Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
---------
Signed-off-by: Dave Henderson <dave.henderson@grafana.com>
Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
* chore: add spans to publicdashboards service methods
* add tracing to test service
* test fixture whackamole
* move tracer to a package var
* Update pkg/services/publicdashboards/service/service.go
Co-authored-by: Dave Henderson <dave.henderson@grafana.com>
---------
Co-authored-by: Dave Henderson <dave.henderson@grafana.com>
* update oauthtoken service to use remote cache and server lock
* remove token cache
* retry is lock is held by an in-flight refresh
* refactor token renewal to avoid race condition
* re-add refresh token expiry cache, but in SyncOauthTokenHook
* Add delta to the cache ttl
* Fix merge
* Change lockTimeConfig
* Always set the token from within the server lock
* Improvements
* early return when user is not authed by OAuth or refresh is disabled
* Allow more time for token refresh, tracing
* Retry on Mysql Deadlock error 1213
* Update pkg/services/authn/authnimpl/sync/oauth_token_sync.go
Co-authored-by: Dan Cech <dcech@grafana.com>
* Update pkg/services/authn/authnimpl/sync/oauth_token_sync.go
Co-authored-by: Dan Cech <dcech@grafana.com>
* Add settings for configuring min wait time between retries
* Add docs for the new setting
* Clean up
* Update docs/sources/setup-grafana/configure-grafana/_index.md
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
---------
Co-authored-by: Mihaly Gyongyosi <mgyongyosi@users.noreply.github.com>
Co-authored-by: Christopher Moyer <35463610+chri2547@users.noreply.github.com>
* add RenameTimeIntervalInNotificationSettings to storage
* update dependencies when the time interval is renamed
---------
Co-authored-by: William Wernert <william.wernert@grafana.com>
maicon
Stephanie Hingtgen
Alexander Zobnin
Ryan McKinley
Alexander Akhmetov
Yuri Tseretyan
Eric Leijonmarck
Alexander Weaver
Matthew Jacobson
Julien Duchesne
Kristina
Kyle Brandt
Karl Persson
Arati R.
Tito Lins
Sven Grossmann
Christian Inkster
Andres Martinez Gotor
William Wernert
Aaron Godin
Ieva
Kristin Laemmert
Dave Henderson
Fayzal Ghantiwala
Will Browne
Ida Štambuk
linoman
Todd Treece
Dan Cech
Jeff Levin