public/grafana
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4de97e0a274edf4e910a8fc227ab8a9907dbf979
grafana/pkg
T
History
Yuri Tseretyan 28a284f40b [release-12.3.1] Alerting: Fix contact points issue (#115427) 
Alerting: Protect sensitive fields of contact points from unauthorized modification
- Introduce a new permission alert.notifications.receivers.protected:write. The permission is granted to contact point administrators.
- Introduce field Protected to NotifierOption
- Introduce DiffReport for models.Integrations with focus on Settings. The diff report is extended with methods that return all keys that are different between two settings.
- Add new annotation 'grafana.com/access/CanModifyProtected' to Receiver model
- Update receiver service to enforce the permission and return status 403 if unauthorized user modifies protected field
- Update receiver testing API to enforce permission and return status 403 if unauthorized user modifies protected field.
- Update UI to disable protected fields if user cannot modify them

Co-authored-by: Sonia Aguilar <soniaaguilarpeiron@gmail.com>
2025-12-16 18:49:10 +00:00
..
aggregator
[release-12.3.1] Dependencies: Bump Go to v1.25.5 (#114751)
2025-12-03 11:14:35 +01:00
api
[release-12.3.1] Alerting: Fix contact points issue (#115427)
2025-12-16 18:49:10 +00:00
apimachinery
[release-12.3.1] Dependencies: Bump Go to v1.25.5 (#114751)
2025-12-03 11:14:35 +01:00
apis
SQL Expressions: Add endpoint to get Schemas (#108864)
2025-10-30 10:05:12 -04:00
apiserver
[release-12.3.1] Dependencies: Bump Go to v1.25.5 (#114751)
2025-12-03 11:14:35 +01:00
build
[release-12.3.1] Dependencies: Bump Go to v1.25.5 (#114751)
2025-12-03 11:14:35 +01:00
bus
Hackaton: Add more unit tests, take 3 (#101525)
2025-03-05 08:00:12 +01:00
clientauth/middleware
Log error from token exchange middleware (#112125)
2025-10-08 07:59:46 +00:00
cmd
Revert "chore(tracing): Initialize tracing early, before wire" (#112758)
2025-10-21 21:23:09 +00:00
codegen
[release-12.3.1] Dependencies: Bump Go to v1.25.5 (#114751)
2025-12-03 11:14:35 +01:00
components
Authz: Remove legacy API Key permissions (#110860)
2025-09-12 13:59:37 +02:00
configprovider
Configprovider: Update the interface to propagate errors (#110814)
2025-09-11 17:26:54 +03:00
events
Chore: Remove unused bus.Bus events (#110738)
2025-09-08 10:47:16 +00:00
expr
SQL Expressions: Add Functions to Allow list (#113291)
2025-10-31 10:45:56 -04:00
extensions
Access: Add CoreRole/Role Delete/Update hooks for OpenFGA (#112839)
2025-10-27 17:20:59 +00:00
generated
Chore: Upgrade k8s.io/api v0.34.1 and grafana-app-sdk v0.43.1 (#111009)
2025-09-16 13:35:20 +03:00
ifaces/gcsifaces
infra
feat: allow service_name override (#112875)
2025-10-23 14:36:23 +00:00
kinds
Dashboard Controls: Add annotations to the dashboard controls menu (#112816)
2025-11-03 11:33:44 +01:00
login/social
Chore: Update authlib (#110880)
2025-09-15 12:45:15 +02:00
middleware
[release-12.3.1] Tracing: Fix excluding paths from tracing (#115399)
2025-12-16 15:17:13 +01:00
mocks/mock_gcsifaces
Chore: use any rather than interface{} (#74066)
2023-08-30 18:46:47 +03:00
models
Auth: Attach external session info to Grafana session (#93849)
2024-10-08 11:03:29 +02:00
modules
Background Services: Remove dskitBackgroundServices toggle (#111255)
2025-09-26 15:16:06 -04:00
operators
Provisioning: concurrent deletes in finalizers and 404 handling (#113155)
2025-10-30 11:55:36 +01:00
plugins
[release-12.3.1] Dependencies: Bump Go to v1.25.5 (#114751)
2025-12-03 11:14:35 +01:00
promlib
[release-12.3.1] Dependencies: Bump Go to v1.25.5 (#114751)
2025-12-03 11:14:35 +01:00
registry
[release-12.3.1] Alerting: Fix contact points issue (#115427)
2025-12-16 18:49:10 +00:00
semconv
[release-12.3.1] Dependencies: Bump Go to v1.25.5 (#114751)
2025-12-03 11:14:35 +01:00
server
Provisioning: allow access check to proceed even when non access policy (#112946)
2025-11-02 13:14:08 -08:00
services
[release-12.3.1] Alerting: Fix contact points issue (#115427)
2025-12-16 18:49:10 +00:00
setting
Secrets: Refactor data_key_id out of the encoded secure value payload (#112077)
2025-10-30 23:04:32 -04:00
storage
[release-12.3.1] Secrets: Fix MariaDB syntax error due to unsupported CTE syntax (#113769)
2025-11-12 17:56:02 +01:00
tests
[release-12.3.1] Alerting: Fix contact points issue (#115427)
2025-12-16 18:49:10 +00:00
tsdb
[release-12.3.1] Azure: Improved column handling in logs query builder (#114841)
2025-12-04 14:01:19 +00:00
util
Chore: Update gocloud.dev, removing opencensus (#113056)
2025-10-28 09:10:37 +00:00
web
Security: Fixes for CVE-2025-6197 and CVE-2025-6023 (#108330)
2025-07-18 09:06:26 -06:00
README.md
ruleguard.rules.go

README.md

This directory contains the code for the Grafana backend.

The contributor documentation for Grafana's backend is in /contribute/backend/README.md.

Reference in New Issue View Git Blame Copy Permalink