public/grafana
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
62,065 Commits 655 Branches 650 Tags
f2f1663dba8a5f6884df19bebd2dbe61c831d8d5
Commit Graph

10 Commits

Author SHA1 Message Date
Cory Forseth a0085b6cab skip auth check when server is running in insecure mode (#107820) 
* skip auth check when server is running in insecure mode

* add some useful logs

* lint
 2025-07-16 13:06:47 -04:00
Karl Persson 14886410d6 Zanzana: Use shared auth interceptor for zanzana and pass tracer (#100968) 
* Use shared auth interceptor for zanzana and pass tracer
 2025-02-20 16:07:06 +01:00
Alexander Zobnin fcb88f6ccc Zanzana: revert cluster store for fixed roles (#100958) 
* Zanzana: revert cluster store for fixed roles

* update go workspace
 2025-02-19 13:53:25 +01:00
Karl Persson 0f9b107201 Zanzana: Consistently add context (#98862) 
* Zanzana: Reworks how contextuals are loaded

* Cleanup listObjectWithStream

* Run list test with streaming enabled
 2025-01-13 12:11:51 +01:00
Alexander Zobnin 5922015fec Zanzana: Setup GRPC authentication in client/server mode (#98680) 
* Zanzana: Setup GRPC authentication in client/server mode

* don't use grpcutils

* refactor

Co-authored-by: Karl Persson <kalle.persson@grafana.com>

* Add a namespace stub for in-proc mode

Co-authored-by: Karl Persson <kalle.persson@grafana.com>

* Read parameters from config

* authorize server requests

* add namespace to the tests context

* use stack id from config

* simplify authorize func

* properly format namespace

* return Unauthenticated if namespace is empty

* use insecure cred only in dev env

* check request namespace

* Use CallCredentials API for client auth

* provide config

* fail if stack id is missing

* improve error message

* use insecure connection by default

---------

Co-authored-by: Karl Persson <kalle.persson@grafana.com>
 2025-01-13 10:02:15 +01:00
Karl Persson 9ed4bf3cd2 Zanzana: Support sub resources (#98201) 
* Create and use common ResourceInfo struct

* Add support for formatting group resource with subresource

* Add initial support for handling subresource

* Add test for checking subresource for generic resource

* Bump authlib
 2025-01-07 15:16:14 +01:00
Karl Persson 87ba9c60b2 Zanzana: change type name from namespace to group_resource (#97741) 
* Change type name from namespace to group_resource

* update function names and test descriptions
 2024-12-10 15:21:54 +01:00
Karl Persson be54c69fd4 Zanzana: Remove create relation from generic resources (#97042) 
Remove create relation from generic resources.

We cant have a create relation to a resource because they don't exist yet. So
in oder to check create we either have to have that permissions on a folder or the namespace
 2024-11-27 09:02:29 +01:00
Karl Persson 11a4a366c6 Zanzana: Optimize batch check (#96669) 
* Restructure check code so we only check namespace access once for each GroupResource during for batch
 2024-11-19 14:39:46 +01:00
Alexander Zobnin 1366197522 Zanzana: Search with check server side (#96268) 
* pass zclient into dashboard service

* Search then check implementation

* Use GetNamespace() for user

* remove unused orgID

* simple batch check

* refactor

* add tests

* fix batchCheckItem

* client implements batch check

* use batch check in search

* remove unused

* remove All field from response

* refactor: extract checkNamespace

* fix search result uniqueness

* comment fix

* Apply suggestions from code review

Co-authored-by: Karl Persson <kalle.persson@grafana.com>

* refactor

* cleanup

* remove unnecessary check

* fix tests

* fix protobuf def

* Fix query page

* fix type

---------

Co-authored-by: Karl Persson <kalle.persson@grafana.com>
 2024-11-18 14:01:28 +01:00