* initial passwordless client
* passwordless login page
* Working basic e2e flow
* Add todo comments
* Improve the passwordless login flow
* improved passwordless login, backend for passwordless signup
* add expiration to emails
* update email templates & render username & name fields on signup
* improve email templates
* change login page text while awaiting passwordless code
* fix merge conflicts
* use claims.TypeUser
* add initial passwordless tests
* better error messages
* simplified error name
* remove completed TODOs
* linting & minor test improvements & rename passwordless routes
* more linting fixes
* move code generation to its own func, use locationService to get query params
* fix ampersand in email templates & use passwordless api routes in LoginCtrl
* txt emails more closely match html email copy
* move passwordless auth behind experimental feature toggle
* fix PasswordlessLogin property failing typecheck
* make update-workspace
* user correct placeholder
* Update emails/templates/passwordless_verify_existing_user.txt
Co-authored-by: Dan Cech <dcech@grafana.com>
* Update emails/templates/passwordless_verify_existing_user.mjml
Co-authored-by: Dan Cech <dcech@grafana.com>
* Update emails/templates/passwordless_verify_new_user.txt
Co-authored-by: Dan Cech <dcech@grafana.com>
* Update emails/templates/passwordless_verify_new_user.txt
Co-authored-by: Dan Cech <dcech@grafana.com>
* Update emails/templates/passwordless_verify_new_user.mjml
Co-authored-by: Dan Cech <dcech@grafana.com>
* use & in email templates
* Update emails/templates/passwordless_verify_existing_user.txt
Co-authored-by: Dan Cech <dcech@grafana.com>
* remove IP address validation
* struct for passwordless settings
* revert go.work.sum changes
* mock locationService.getSearch in failing test
---------
Co-authored-by: Mihaly Gyongyosi <mgyongyosi@users.noreply.github.com>
Co-authored-by: Dan Cech <dcech@grafana.com>
* no orgname
* format code
* update unit test
* delete contextSrv
* fix unit test
* run prettier
---------
Co-authored-by: Laura Benz <laura.benz@grafana.com>
* Use a enable configuration to enable frontend sandbox
* Modify settings to load enableFrontendSandbox
* Check for signature type
* Update commment
* Fix e2e tests for the frontend sandbox
* Modify logic so a custom check function is used instead of a list of checks
* Fixes flaky test
* fix comment
* Update comment
* Empty commit
* Empty commit
* build(webpack): extract css imports into files including node_modules
* feat(webassets): add cssfiles to entrypoint assets for extracted css files
* feat(views): add entrypoint css link tags to html templates
* feat(webassets): set CDN prefix for CSS files
* test(webassets): trim down sample-assets-manifest, fix failing snapshot tests
* Update pkg/api/webassets/webassets_test.go
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* build(webpack): remove css module loader
---------
Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
* Plugins: Pass hashes for SRI to frontend
* Add SRI hashes to frontendsettings DTOs
* Add docstring
* TestSriHashes
* Fix typo
* Changed SriHashes to ModuleHash
* update loader_test compareOpts
* update ModuleHash error message
* Add TestModuleHash/no_module.js
* Add omitEmpty to moduleHash
* Add ModuleHash to api/plugins/${pluginId}/settings
* moved ModuleHash field
* feat(plugins): add moduleHash to bootData and plugin types
* feat(plugins): if moduleHash is available apply it to systemjs importmap
* Calculate ModuleHash for CDN provisioned plugins
* Add ModuleHash tests for TestCalculate
* adjust test case name
* removed .envrc
* Fix signature verification failing for internal plugins
* fix tests
* Add pluginsFilesystemSriChecks feature togglemk
* renamed FilesystemSriChecksEnabled
* refactor(plugin_loader): prefer extending type declaration over ts-error
* added a couple more tests
* Removed unused features
* Removed unused argument from signature.DefaultCalculator call
* Removed unused argument from bootstrap.DefaultConstructFunc
* Moved ModuleHash to pluginassets service
* update docstring
* lint
* Removed cdn dependency from manifest.Signature
* add tests
* fix extra parameters in tests
* "fix" tests
* removed outdated test
* removed unused cdn dependency in signature.DefaultCalculator
* reduce diff
* Cache returned values
* Add support for deeply nested plugins (more than 1 hierarchy level)
* simplify cache usage
* refactor TestService_ModuleHash_Cache
* removed unused testdata
* re-generate feature toggles
* use version for module hash cache
* Renamed feature toggle to pluginsSriChecks and use it for both cdn and filesystem
* Removed app/types/system-integrity.d.ts
* re-generate feature toggles
* re-generate feature toggles
* feat(plugins): put systemjs integrity hash behind feature flag
---------
Co-authored-by: Jack Westbrook <jack.westbrook@gmail.com>
* feat: add extensions to the backend plugin model
* feat: update the frontend plugin types
* feat(pluginContext): return a `null` if there is no context found
This will be necessary to understand if a certain hook is running inside a plugin context or not.
* feat: add utility functions for checking extension configs
* tests: fix failing tests due to the type updates
* feat(AddedComponentsRegistry): validate plugin meta-info
* feat(AddedLinksRegistry): validate meta-info
* feat(ExposedComponentsRegistry): validate meta-info
* feat(usePluginComponent): add meta-info validation
* feat(usePluginComponents): add meta-info validation
* feat(usePluginLinks): add meta-info validation
* fix: only validate meta-info in registries if dev mode is enabled
* tests: add unit tests for the restrictions functionality
* tests: fix Go tests
* fix(tests): revert accidental changes
* fix: run goimports
* fix: api tests
* add nested app so that meta data can bested e2e tested
* refactor(types): extract the ExtensionInfo into a separate type
* refactor(extensions/utils): use Array.prototype.some() instead of .find()
* refactor(usePluginLinks): update warning message
* feat(usePluginExtensions()): validate plugin meta-info
* Wip
* fix(e2e): E2E tests for extensions
* fix(extensions): allow multiple "/" slashes in the extension point id
* fix(extensions/validators): stop validating the plugin id pattern
---------
Co-authored-by: Erik Sundell <erik.sundell87@gmail.com>
* do it all
* feat(plugins): move loadingStrategy to ds pluginMeta and add to plugin settings endpoint
* support child plugins and update tests
* use relative path for nested plugins
* feat(plugins): support nested plugins in the plugin loader cache by extracting pluginId from path
* feat(grafana-data): add plugin loading strategy to plugin meta and export
* feat(plugins): pass down loadingStrategy to fe plugin loader
* refactor(plugins): make PluginLoadingStrategy an enum
* feat(plugins): add the loading strategy to the fe plugin loader cache
* feat(plugins): load fe plugin js assets as script tags based on be loadingStrategy
* add more tests
* feat(plugins): add loading strategy to plugin preloader
* feat(plugins): make loadingStrategy a maybe and provide fetch fallback
* test(alerting): update config.apps mocks to include loadingStrategy
* fix format
---------
Co-authored-by: Jack Westbrook <jack.westbrook@gmail.com>
* Get custom cloud list from grafana-azure-sdk-go for frontend settings
* Remove getAzureClouds() and call CustomClouds() directly
* remove unused type
* Unify how the version is shown in the UI
* use versionString in dashboard help bundles
* fix lint
* remove comment
* fix test types
* make test less flakey
* Remove kinds verification for kind-registry
* Read plugin's json information with json library instead of use thema binding
* Remove grafanaplugin unification
* Don't use kindsys for extract the slot name
* Fix IsGroup
* Remove all plugindef generation
* Refactor schema interfaces
* Pushed this change from a different branch by mistake...
* Create small plugin definition structure adding additional information for plugins registration
* Add some validation checks
* Delete unused code
* Fix imports lint
* add drawer for auth settings
* add StrongPasswordField component
* Add style to different behaviours
* update style for component
* add componenet to ChangePasswordForm
* pass the event handlers to the child component
* add style for label container
* expose strong password policy config option to front end
* enforce password validation with config option
* Introduce environment.local_filesystem_available
* Only show TLS client cert, client key, client ca when local_filesystem_available is true
* Rename LocalFSAvailable to LocalFileSystemAvailable
* add password service interface
* add password service implementation
* add tests for password service
* add password service wiring
* add feature toggle
* Rework from service interface to static function
* Replace previous password validations
* Add codeowners to password service
* add error logs
* update config files
---------
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
* Add definition of external service registration
* Add style and tables for permissions needed
* Add external service registration to local without counterpart
* Add feature toggle check
* Add feature flag check in the backend as well
* Add the disclaimer for permissions
---------
Co-authored-by: Gabriel MABILLE <gabriel.mabille@grafana.com>
* Configure SkipOrgRoleSync from OAuthInfo
* Remove skipOrgRoleSync from socialbase and connectors
* Add test to socialimpl.ProvideService
* Deprecate AuthSettings' fields
* clean up misleading init of frontendsettings.Auth
* Anonymous: Add device limiter
* break auth if limit reached
* fix typo
* refactored const to make it clearer with expiration
* anon device limit for config
---------
Co-authored-by: Eric Leijonmarck <eric.leijonmarck@gmail.com>
* Chore: Remove FolderID from DTO Folder
* chore: add OrgID field to an instance of SaveDashboardCommand
* chore: add another OrgID to pair with the FolderUID:
* chore: add OrgId to Folder struct and expectedParentOrgIDs to testCase struct, unsure if last part is necessary
* Fix folder test, add expected orgID
* chore: regen specs
---------
Co-authored-by: Ida Furjesova <ida.furjesova@grafana.com>
* Folders: Show folders user has access to at the root level
* Refactor
* Refactor
* Hide parent folders user has no access to
* Skip expensive computation if possible
* Fix tests
* Fix potential nil access
* Fix duplicated folders
* Fix linter error
* Fix querying folders if no managed permissions set
* Update benchmark
* Add special shared with me folder and fetch available non-root folders on demand
* Fix parents query
* Improve db query for folders
* Reset benchmark changes
* Fix permissions for shared with me folder
* Simplify dedup
* Add option to include shared folder permission to user's permissions
* Fix nil UID
* Remove duplicated folders from shared list
* Folders: Fix fetching empty folder
* Nested folders: Show dashboards with directly assigned permissions
* Fix slow dashboards fetch
* Refactor
* Fix cycle dependencies
* Move shared folder to models
* Fix shared folder links
* Refactor
* Use feature flag for permissions
* Use feature flag
* Review comments
* Expose shared folder UID through frontend settings
* Add frontend type for sharedWithMeFolderUID option
* Refactor: apply review suggestions
* Fix parent uid for shared folder
* Fix listing shared dashboards for users with access to all folders
* Prevent creating folder with "shared" UID
* Add tests for shared folders
* Add test for shared dashboards
* Fix linter
* Add metrics for shared with me folder
* Add metrics for shared with me dashboards
* Fix tests
* Tests: add metrics as a dependency
* Fix access control metadata for shared with me folder
* Use constant for shared with me
* Optimize parent folders access check, fetch all folders in one query.
* Use labels for metrics
* remove use of SignedInUserCopies
* add extra safety to not cross assign permissions
unwind circular dependency
dashboardacl->dashboardaccess
fix missing import
* correctly set teams for permissions
* fix missing inits
* nit: check err
* exit early for api keys
