* Zanzana: Search with list
* Allow to pass werb into list request
* split list search into 2 functions
* fix listing resources
* remove unused
* refactor
* remove unused function
* Add more logging to reconciler
* Fix search for users with access to all resources
* fix findFoldersZanzanaList
* search for folders as well by default
* refactor
* use compile for list and search
* remove list from client
* remove only from client
* remove list from interface
* run compile once
* refactor
* refactor
* add search tests
* fix tests
* Fix linter
* Remove collectors
* Remove zanzana search check, we need to rewrite that part to the new schema
* Only use generic resource schema and cleanup code we don't want to keep / need to re-write
* add admin permissions upon creation of a folder w. SA
* Update pkg/services/folder/folderimpl/folder.go
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
* Grant service account permissions for creation of dashboards
* Grant service account admin permissions upon creating a datasource
* fetch user using the userservice with the userid
* Revert "fetch user using the userservice with the userid"
This reverts commit 23cba78752.
* revert back to original datasource creation
---------
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
* Rewrite zanzana collector to fetch all available pages
* Register access control as a background service
* If zanzana is enabled we run Syncs and start Reconciliation job
* Update pkg/services/authz/zanzana/client/client.go
Co-authored-by: Alexander Zobnin <alexanderzobnin@gmail.com>
* Use server lock when doing performing reconciliation
* Pass parent folder as a contextual tuple in Check request
* Search by listing folders and dashboards
* skip dashboards listing if limit reached
* remove unused
* add some comments
* only add ContextualTuples if parent provided
* Remove parent relation for dashboards from schema and perform separate checks
* Add folder store to dashboard permissions
* Include folder store in annotation scope resolver
* Add folder store when initialising library elements
* Include folder store in search v2 service initialisation
* Include folder store in GetInheritedScopes
* Add folder store to folder permissions provider
* Include cfg, folder permissions in folder service
* Move setting of folder permissions for folder service create method
* Export folder store implementation
* Rename folder store
* Add folder store as a parameter to folder service
* Add folder store to dash service implementation
* Fix folder store comments
* Revert "chore: add replDB to team service (#91799)"
This reverts commit c6ae2d7999.
* Revert "experiment: use read replica for Get and Find Dashboards (#91706)"
This reverts commit 54177ca619.
* Revert "QuotaService: refactor to use ReplDB for Get queries (#91333)"
This reverts commit 299c142f6a.
* Revert "refactor replCfg to look more like plugins/plugin config (#91142)"
This reverts commit ac0b4bb34d.
* Revert "chore (replstore): fix registration with multiple sql drivers, again (#90990)"
This reverts commit daedb358dd.
* Revert "Chore (sqlstore): add validation and testing for repl config (#90683)"
This reverts commit af19f039b6.
* Revert "ReplStore: Add support for round robin load balancing between multiple read replicas (#90530)"
This reverts commit 27b52b1507.
* Revert "DashboardStore: Use ReplDB and get dashboard quotas from the ReadReplica (#90235)"
This reverts commit 8a6107cd35.
* Revert "accesscontrol service read replica (#89963)"
This reverts commit 77a4869fca.
* Revert "Fix: add mapping for the new mysqlRepl driver (#89551)"
This reverts commit ab5a079bcc.
* Revert "fix: sql instrumentation dual registration error (#89508)"
This reverts commit d988f5c3b0.
* Revert "Experimental Feature Toggle: databaseReadReplica (#89232)"
This reverts commit 50244ed4a1.
* Refactor identity struct to store type in separate field
* Update ResolveIdentity to take string representation of typedID
* Add IsIdentityType to requester interface
* Use IsIdentityType from interface
* Remove usage of TypedID
* Remote typedID struct
* fix GetInternalID
* Cfg: Move rbac settings to own struct
* Cfg: Add setting to control if resource should generate managed permissions when created
* Dashboards: Check if we should generate default permissions when dashboard is created
* Folders: Check if we should generate default permissions when folder is created
* Datasource: Check if we should generate default permissions when datasource is created
* ServiceAccount: Check if we should generate default permissions when service account is created
* Cfg: Add option to specify resources for wich we should default seed
* ManagedPermissions: Move providers to their own files
* Dashboards: Default seed all possible managed permissions if configured
* Folders: Default seed all possible managed permissions if configured
* Cfg: Remove service account from list
* RBAC: Move utility function
* remove managed permission settings from the config file examples, change the setting names
* remove ini file changes from the PR
* fix setting reading
* fix linting errors
* fix tests
* fix wildcard role seeding
---------
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
Co-authored-by: jguer <me@jguer.space>
* check that a user doesn't have higher plugin access on the destination folder than they have on the source folder when moving folders
* Update pkg/services/folder/folderimpl/folder_test.go
---------
Co-authored-by: Jo <joao.guerreiro@grafana.com>
* filter the k6 folder out in the SQL queries rather than during post processing to ensure that the correct number of results is always returned
* linting
* Fix restoring dashboard to root folder
* use a root folder representation instead of nil
* change root folder by general folder
---------
Co-authored-by: Ezequiel Victorero <ezequiel.victorero@grafana.com>
* iam-716 - prevent a folder move operation when the folder's uid or any of its parents uids begin with k6-app
* fox folder move check and only list non-k6 folders to users
* adding tests for moving
* add a test for listing folders
* fix the other tests
* use method that adds folder parent
---------
Co-authored-by: IevaVasiljeva <ieva.vasiljeva@grafana.com>
* Folders: Optionally include fullpath in service responses
* Alerting: Export folder fullpath instead of title
* Escape separator in folder title
* Add support for provisiong alret rules into subfolders
* Use FolderService for creating folders during provisioning
* Export WithFullpath() folder service function
---------
Co-authored-by: Tania B <yalyna.ts@gmail.com>
Co-authored-by: Yuri Tseretyan <yuriy.tseretyan@grafana.com>
* make cfg private in sqlstore
* fix db init in tests
* fix case
* fix folder test init
* fix imports
* make another Cfg private
* remove another Cfg
* remove unused variable
* use store cfg, it has side-effects
* fix mutated cfg in tests
* replace sqlstore with db interface in a few packages
* remove from stats
* remove sqlstore in admin test
* remove sqlstore from api plugin tests
* fix another createUser
* remove sqlstore in publicdashboards
* remove sqlstore from orgs
* clean up orguser test
* more clean up in sso
* clean up service accounts
* further cleanup
* more cleanup in accesscontrol
* last cleanup in accesscontrol
* clean up teams
* more removals
* split cfg from db in testenv
* few remaining fixes
* fix test with bus
* pass cfg for testing inside db as an option
* set query retries when no opts provided
* revert golden test data
* rebase and rollback
* Implement run migration endpoint
* Refactor RunMigration method into separate methods
* Save migration runs fix lint
* Minor changes
* Refactor how to use cms endpoint
* fix interface
* complete merge
* add individual items
* adds tracing to getMigration
* linter
* updated swagger definition with the latest changes
* CloudMigrations: Implement core API handlers for cloud migrations and migration runs (#85407)
* implement delete
* add auth token encryption
* implement token validation
* call token validation during migration creation
* implement get migration status
* implement list migration runs
* fix bug
* finish parse domain func
* fix urls
* fix typo
* fix encoding and decoding
* remove double decryption
* add missing slash
* fix id returned by create function
* inject missing services
* finish implementing (as far as I can tell right now) data migration and response handling
* comment out broken test, needs a rewrite
* add a few final touches
* get dashboard migration to work properly
* changed runMigration to a POST
* swagger
* swagger
* swagger
---------
Co-authored-by: Michael Mandrus <michael.mandrus@grafana.com>
Co-authored-by: Leonard Gram <leo@xlson.com>
Co-authored-by: Michael Mandrus <41969079+mmandrus@users.noreply.github.com>
* Folders: Allow listing folders with write permission
* Check for subfolder access if parent does not have
* Add test
* GetFolders: fix ordering
* Apply suggestion from code review
