Plugin Proxy: Narrow data source config to DataSourceProxySettings
The data source proxy only needs a handful of fields from setting.Cfg.
Introduce a focused DataSourceProxySettings struct that exposes only
those fields, load Azure settings lazily via a resolver callback so the
proxy avoids touching Azure configuration unless an Azure-authenticated
route is matched, and pass the new struct through the datasource proxy
service in place of *setting.Cfg.
* Data Source: Add forward_user_agent option to preserve client User-Agent
* Update pkg/api/pluginproxy/ds_proxy.go
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
* Data Source: Fix gofmt and add test for empty DataProxyUserAgent
---------
Co-authored-by: Will Browne <wbrowne@users.noreply.github.com>
* extra data source read methods
* update tests
* more tests
* fix more tests; actually initialize retriever instead of sending nil
* moving GetAllDataSources isn't strictly required, so keep to minimal changes
* better name for retriever logger
Co-authored-by: Dafydd <72009875+dafydd-t@users.noreply.github.com>
* add compile-time check for DS retriever impl
---------
Co-authored-by: Dafydd <72009875+dafydd-t@users.noreply.github.com>
Co-authored-by: Stephanie Hingtgen <stephanie.hingtgen@grafana.com>
* Moving things around
* Copy parseURL function to where it's used
* Update test
* Remove experimental-strip-types
* Revert "Remove experimental-strip-types"
This reverts commit 70fbc1c0cd.
* Trigger build
* automatically rename integration tests to follow the common convention
* name tests differently
* alter column type to bigint
* update another column to bigint
* add another alter
* fix subquery for mysql
* Sanitize paths before evaluating access to route
* use util.CleanRelativePath
---------
Co-authored-by: Andres Martinez Gotor <andres.martinez@grafana.com>
* RBAC: Remove accessControlOnCall feature toggle
* Leave the other one in place
* Tests
* frontend
* Readd empty ft to frontend test
* Remove legacy RBAC check
* Fix test
* no need for context
* Remove unused variable
* Remove unecessary param
* remove unecessary param from tests
* More tests :D
* Zanzana: Remove usage from legacy access control
* remove unused
* remove zanzana client from services where it's not used
* remove unused metrics
* fix linter
* reenable ext-jwt-client
* fixup settings struct
* add user and service auth
* lint up
* add user auth to grafana ext
* fixes
* Populate token permissions
Co-authored-by: jguer <joao.guerreiro@grafana.com>
* fix tests
* fix lint
* small prealloc
* small prealloc
* use special namespace for access policies
* fix access policy auth
* fix tests
* fix uncalled settings expander
* add feature toggle
* small feedback fixes
* rename entitlements to permissions
* add authlibn
* allow viewing the signed in user info for non user namespace
* fix invalid namespacedID
* use authlib as verifier for tokens
* Update pkg/services/authn/clients/ext_jwt.go
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* Update pkg/services/authn/clients/ext_jwt_test.go
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* fix parameter names
* change asserts to normal package
* add rule for assert
* fix ownerships
* Local diff
* test and lint
* Fix test
* Fix ac test
* Fix pluginproxy test
* Revert testdata changes
* Force revert on test data
---------
Co-authored-by: gamab <gabriel.mabille@grafana.com>
Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com>
* streamline initialization of test databases, support on-disk sqlite test db
* clean up test databases
* introduce testsuite helper
* use testsuite everywhere we use a test db
* update documentation
* improve error handling
* disable entity integration test until we can figure out locking error
* Plugins: Add client middlware that forwards the signed grafana id token if present
* DsProxy: Set grafana id header if id token exists
* Add util function to apply id token to header
* Only add id forwarding middleware if feature toggle is enabled
* Add feature toggles to ds proxy and check if id forwarding is enabled
* Clean up test setup
* Change to use backend.ForwardHTTPHeaders interface
* PluginProxy: Forward signed identity when feature toggle is enabled
* PluginProxy: forrward signed id header
* chore: add alias for InitTestDB and Session
Adds an alias for the sqlstore InitTestDB and Session, and updates tests using these to reduce dependencies on the sqlstore.Store.
* next pass of removing sqlstore imports
* last little bit
* remove mockstore where possible
* Refactor migrations and tests for secrets kvstore
* Use fake secrets store as a shortcut on tests
* Update wire
* Use global migration logger
* Fix ds proxy tests
* Fix linting issues
* Rename data source test setup function
* Chore: Add user service method SetUsingOrg
* Chore: Add user service method GetSignedInUserWithCacheCtx
* Use method GetSignedInUserWithCacheCtx from user service
* Fix lint after rebase
* Fix lint
* Fix lint error
* roll back some changes
* Roll back changes in api and middleware
* Add xorm tags to SignedInUser ID fields
