* Remove delete suer from store interface
* Remove get signed in user with cache ctx from store interface
* Support options when setting up access control tests
* Fix broken tests
* Fix lint
* Add user fake to middleware
* Fix middleware tests, remove usertest being initialised twice
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
* Chore: Remove disable user and searchusers methods from store interface
* Remove disable batch user from sqlstore interface
* Remove sqlstore from search store
* Fix lint
* Chore: Add user service method SetUsingOrg
* Chore: Add user service method GetSignedInUserWithCacheCtx
* Use method GetSignedInUserWithCacheCtx from user service
* Fix lint after rebase
* Fix lint
* Fix lint error
* roll back some changes
* Roll back changes in api and middleware
* Add xorm tags to SignedInUser ID fields
* Move license check to secret store plugin
* Use shouldUseRemoteSecretsPlugin for migration
* Encapsulate plugin startup logic in sync.Once
* Remove global logger from startup functions
* Fix issues with wire and secrets plugin check
* Remove todo for plugin fatal error
* Rename fatalErr variable to be less confusing
* Fix merge conflicts
* Fix issue with grafana-cli wire and opentsdb
* Remove duplicated import on remote plugin
* Rename plugin check in favor of error return value
* Remove unnecessary import on grafana-cli wireexts_oss
* Remove unnecessary import on grafana wireexts_oss
* Reset sync.Once during test setup
* Remove unrelated opentsdb change on grafana-cli wire
* Readd opentsdb change on grafana-cli wire
* Move SignedInUser to user service and RoleType and Roles to org
* Use go naming convention for roles
* Fix some imports and leftovers
* Fix ldap debug test
* Fix lint
* Fix lint 2
* Fix lint 3
* Fix type and not needed conversion
* Clean up messages in api tests
* Clean up api tests 2
* Only SLO user if the user is using SAML
* only one source of truth for auth module info
* ensure SAML is also enabled and not only SLO
* move auth module naming to auth module login package
* use constants in other previously unused spots
* pkg/web: closure-style middlewares
Switches the middleware execution model from web.Handlers in a slice to
web.Middleware.
Middlewares are temporarily kept in a slice to preserve ordering, but
prior to execution they are applied, forming a giant call-stack, giving
granular control over the execution flow.
* pkg/middleware: adapt to web.Middleware
* pkg/middleware/recovery: use c.Req over req
c.Req gets updated by future handlers, while req stays static.
The current recovery implementation needs this newer information
* pkg/web: correct middleware ordering
* pkg/webtest: adapt middleware
* pkg/web/hack: set w and r onto web.Context
By adopting std middlewares, it may happen they invoke next(w,r) without
putting their modified w,r into the web.Context, leading old-style
handlers to operate on outdated fields.
pkg/web now takes care of this
* pkg/middleware: selectively use future context
* pkg/web: accept closure-style on Use()
* webtest: Middleware testing
adds a utility function to web/webtest to obtain a http.ResponseWriter,
http.Request and http.Handler the same as a middleware that runs would receive
* *: cleanup
* pkg/web: don't wrap Middleware from Router
* pkg/web: require chain to write response
* *: remove temp files
* webtest: don't require chain write
* *: cleanup
* Adding OpenApi target to makefile, to covert swagger spec into OpenAPI 3
* Adding endpoint to server swaggerui with new openapi3 specs
* Passing output file as parameter for OpenApi3 specs
* Implement workaround for missing host and prefix domain
* Add wrapper around sqlstore method GetUserByLogin
* Use new method from user service
* Fix lint
* Fix lint 2
* fix middleware basic auth test
* Fix grafana login returning a user by login
* Remove GetUserByLogin from store interface
* Merge commit
* Update annotations.md
A minor change to include the required fields when creating a new annotation via the annotations API. The error message when fields are missing is not descriptive and there is no indication in the current documentation (that I can see anyway) that would indicate these fields are required.
* Update annotations.md
Update required json body fields to only include fields that are actually required.
* Add required field in Swagger
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Remove user from preferences, stars, orguser, team member
* Fix lint
* Add Delete user from org and dashboard acl
* Delete user from user auth
* Add DeleteUser to quota
* Add test files and adjust user auth store
* Rename package in wire for user auth
* Import Quota Service interface in other services
* do the same in tests
* fix lint tests
* Fix tests
* Add some tests
* Rename InsertUser and DeleteUser to InsertOrgUser and DeleteOrgUser
* Rename DeleteUser to DeleteByUser in quota
* changing a method name in few additional places
* Fix in other places
* Fix lint
* Fix tests
* Chore: Split Delete User method
* Add fakes for userauth
* Add mock for access control Delete User permossion, use interface
* Use interface for ream guardian
* Add simple fake for dashboard acl
* Add go routines, clean up, use interfaces
* fix lint
* Update pkg/services/user/userimpl/user_test.go
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Update pkg/services/user/userimpl/user_test.go
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Update pkg/services/user/userimpl/user_test.go
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* Split get user by ID
* Use new method in api
* Add tests
* Aplly emthod in auth info service
* Fix lint and some tests
* Fix get user by ID
* Fix lint
Remove unused fakes
* Use split get user id in admin users
* Use GetbyID in cli commands
* Clean up after merge
* Remove commented out code
* Clena up imports
* add back )
* Fix wire generation for runner after merge with main
Co-authored-by: Sofia Papagiannaki <1632407+papagian@users.noreply.github.com>
* move apikey store into a separate service
* add apikey service to wire graph
* fix linter
* switch api to use apikey service
* fix provideservice in tests
* add apikey service test double
* try different sql syntax
* rolling back the dialect
* trigger drone
* trigger drone
* Auth: check of auth_token in url and resolve user if present
* check if auth_token is passed in url
* Auth: Pass auth_token for request if present in path
* no need to decode token in index
* temp
* use loadURLToken and set authorization header
* cache token in memory and strip it from url
* Use loadURLToken
* Keep token in url
* strip sensitive query strings from url used by context logger
* adapt login by url to jwt token
* add jwt iframe devenv
* add jwt iframe devenv instructions
* add access note
* add test for cleaning request
* ensure jwt token is not carried into handlers
* do not reshuffle queries, might be important
* add correct db dump location
* prefer set token instead of cached token
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
Co-authored-by: Karl Persson <kalle.persson@grafana.com>
Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
idafurjes
Ivan Ortega Alba
Kat Yang
Andres Martinez Gotor
Karl Persson
Guilherme Caulada
owensmallwood
Jo
Serge Zaitsev
sh0rez
Krzysztof Dąbrowski
Ieva
lean.dev
Levente Balogh
sam boyer
Kyle Brandt
Sofia Papagiannaki
Harry Tennent
Ashley Harrison
Jean-Philippe Quéméner
Alexander Emelin
Konrad Lalik
Ryan McKinley
ying-jeanne
Giordano Ricci
Torkel Ödegaard