* Add enterprise hooks
* wip...
* undo
* update wire gen
* remove old hook thing
* move build info into seperate func
* align fs context middleware with grafana, setting SignedInUser
* Call IndexDataHooks to get modified build info
* update tests
* go workspace
* idk, reset workspace files or whatever
* conditionally mount license
* support loading decoupled plugins from cdn
---------
Co-authored-by: Ashley Harrison <ashley.harrison@grafana.com>
* wip
* wip
* wip
(cherry picked from commit 8cedf25892)
* Search seems to be working, the validation is still wip
* Use keyword.Name analyzer for Filterable fields
* Only string fields should be indexed with keyword analyzer
* Change search query for email and login fields to use term query
* Remove unnecessary Exact from the resource protobuf definitions
Co-Authored-By: Ryan McKinley <ryantxu@gmail.com>
* Add legacy search support to the API
* Tests for legacy search, validate and integration tests for user
* Lint
* Add snapshot tests to userDocumentBuilder
* Address CodeQL issues
* Improvements, handle Mode2, tests should pass
* Change default limit from 0 to 1 for requests
* Cleanup
* Add fixme
* Update pkg/registry/apis/iam/register.go
Co-authored-by: Stephanie Hingtgen <stephanie.hingtgen@grafana.com>
* Update pkg/registry/apis/iam/user/legacy_search.go
Co-authored-by: Stephanie Hingtgen <stephanie.hingtgen@grafana.com>
---------
Co-authored-by: Ryan McKinley <ryantxu@gmail.com>
Co-authored-by: Stephanie Hingtgen <stephanie.hingtgen@grafana.com>
* implement the update method for team bindings
* fix lint error
* add integration tests
* add integration test for non existing team binding
* try to fix lint error
As part of migrating Grafana's authorization system to Zanzana (OpenFGA), we need to ensure that role permissions defined in the IAM API are automatically synced to the authorization backend. Without this sync, roles created through the API would not be enforced by Zanzana, creating an inconsistency between defined permissions and actual authorization decisions.
This is a critical piece of the dual-write pattern during the migration to Zanzana, ensuring that:
Role permissions are immediately available for authorization checks
The legacy RBAC system and new Zanzana system remain in sync
Users experience consistent permission enforcement regardless of which backend is queried
safe to revert
* Skip informers if Provisioning disable controllers is enabled
* Hydrate requester correctly for Grafana Live
* revert to old code because eventualRestConfig provider issues
---------
Co-authored-by: Charandas Batra <charandas.batra@grafana.com>
* fix: SQLite truncate with retry/backoff on busy/locked errors
* fix: use retryer package for retrying SQLite TruncateDBTables
* fix: use dskit/backoff package to return last error
* fix: do not log number of attempts
* go get github.com/grafana/grafana-plugin-sdk-go@v0.281.0
* make update-workspace
* updated failing unit test
* disable deprecation warnings
* datasources: allow underscore-prefixed local time range
* updated go.work.sum
* [APIServer] Add the method RegisterAPIInstaller to the APIRegistrar interface, and implement it in the builder. This allows new installer-based apps to register themselves in enterprise.
* Rename RegisterAPIInstaller to RegisterAppInstaller
Mihai Turdean
Andreas Christou
Josh Hunt
Denis Vodopianov
Ieva
Matheus Macabu
Ashley Harrison
Todd Treece
Jo
Kevin Minehart
Mihai Doarna
Gilles De Mey
Gareth
Gábor Farkas
Yuri Tseretyan
Costa Alexoglou
Misi
Selene
Rafael Bortolon Paulovic
Peter Štibraný
Tania
xavi
Serge Zaitsev
Andres Martinez Gotor
Hugo Häggmark
Roberto Jiménez Sánchez
Dave Henderson
Rafael Bortolon Paulovic
Will Assis
Jack Baldry
Georges Chaudy
Austin Pond
owensmallwood
dependabot[bot]
Stephanie Hingtgen