Merge branch 'main' into test/uplot-utils-test

* fix: Service Map environment filter not working with DOT_METRICS_ENABLED

When DOT_METRICS_ENABLED is active, resource attribute keys use dot notation
(e.g. resource_deployment.environment) instead of underscore notation
(e.g. resource_deployment_environment). The whilelistedKeys array only
contained underscore-notation keys, causing getVisibleQueries and
mappingWithRoutesAndKeys to filter out valid queries on the Service Map.

- Add dot-notation variants to whilelistedKeys for environment, k8s cluster
  name, and k8s namespace
- Remove unnecessary onBlur handler from environment Select component
- Add unit tests for whilelistedKeys and mappingWithRoutesAndKeys

Closes #10226

* chore: run perttify

---------

Co-authored-by: srikanthccv <srikanth.chekuri92@gmail.com>

.github/CODEOWNERS

@@ -133,5 +133,8 @@
 /frontend/src/pages/PublicDashboard/ @SigNoz/pulse-frontend
 /frontend/src/container/PublicDashboardContainer/ @SigNoz/pulse-frontend
 
-## UplotV2 
-/frontend/src/lib/uPlotV2/ @SigNoz/pulse-frontend
+## Dashboard Libs + Components
+/frontend/src/lib/uPlotV2/ @SigNoz/pulse-frontend
+/frontend/src/lib/dashboard/ @SigNoz/pulse-frontend
+/frontend/src/lib/dashboardVariables/ @SigNoz/pulse-frontend
+/frontend/src/components/NewSelect/ @SigNoz/pulse-frontend

cmd/community/server.go

@@ -18,8 +18,6 @@ import (
 	"github.com/SigNoz/signoz/pkg/modules/dashboard"
 	"github.com/SigNoz/signoz/pkg/modules/dashboard/impldashboard"
 	"github.com/SigNoz/signoz/pkg/modules/organization"
-	"github.com/SigNoz/signoz/pkg/modules/role"
-	"github.com/SigNoz/signoz/pkg/modules/role/implrole"
 	"github.com/SigNoz/signoz/pkg/querier"
 	"github.com/SigNoz/signoz/pkg/query-service/app"
 	"github.com/SigNoz/signoz/pkg/queryparser"
@@ -78,18 +76,15 @@ func runServer(ctx context.Context, config signoz.Config, logger *slog.Logger) e
 		func(ctx context.Context, providerSettings factory.ProviderSettings, store authtypes.AuthNStore, licensing licensing.Licensing) (map[authtypes.AuthNProvider]authn.AuthN, error) {
 			return signoz.NewAuthNs(ctx, providerSettings, store, licensing)
 		},
-		func(ctx context.Context, sqlstore sqlstore.SQLStore) factory.ProviderFactory[authz.AuthZ, authz.Config] {
+		func(ctx context.Context, sqlstore sqlstore.SQLStore, _ licensing.Licensing, _ dashboard.Module) factory.ProviderFactory[authz.AuthZ, authz.Config] {
 			return openfgaauthz.NewProviderFactory(sqlstore, openfgaschema.NewSchema().Get(ctx))
 		},
-		func(store sqlstore.SQLStore, settings factory.ProviderSettings, analytics analytics.Analytics, orgGetter organization.Getter, _ role.Setter, _ role.Granter, queryParser queryparser.QueryParser, _ querier.Querier, _ licensing.Licensing) dashboard.Module {
+		func(store sqlstore.SQLStore, settings factory.ProviderSettings, analytics analytics.Analytics, orgGetter organization.Getter, queryParser queryparser.QueryParser, _ querier.Querier, _ licensing.Licensing) dashboard.Module {
 			return impldashboard.NewModule(impldashboard.NewStore(store), settings, analytics, orgGetter, queryParser)
 		},
 		func(_ licensing.Licensing) factory.ProviderFactory[gateway.Gateway, gateway.Config] {
 			return noopgateway.NewProviderFactory()
 		},
-		func(store sqlstore.SQLStore, authz authz.AuthZ, licensing licensing.Licensing, _ []role.RegisterTypeable) role.Setter {
-			return implrole.NewSetter(implrole.NewStore(store), authz)
-		},
 	)
 	if err != nil {
 		logger.ErrorContext(ctx, "failed to create signoz", "error", err)

cmd/enterprise/server.go

@@ -14,7 +14,6 @@ import (
 	enterpriselicensing "github.com/SigNoz/signoz/ee/licensing"
 	"github.com/SigNoz/signoz/ee/licensing/httplicensing"
 	"github.com/SigNoz/signoz/ee/modules/dashboard/impldashboard"
-	"github.com/SigNoz/signoz/ee/modules/role/implrole"
 	enterpriseapp "github.com/SigNoz/signoz/ee/query-service/app"
 	"github.com/SigNoz/signoz/ee/sqlschema/postgressqlschema"
 	"github.com/SigNoz/signoz/ee/sqlstore/postgressqlstore"
@@ -29,8 +28,6 @@ import (
 	"github.com/SigNoz/signoz/pkg/modules/dashboard"
 	pkgimpldashboard "github.com/SigNoz/signoz/pkg/modules/dashboard/impldashboard"
 	"github.com/SigNoz/signoz/pkg/modules/organization"
-	"github.com/SigNoz/signoz/pkg/modules/role"
-	pkgimplrole "github.com/SigNoz/signoz/pkg/modules/role/implrole"
 	"github.com/SigNoz/signoz/pkg/querier"
 	"github.com/SigNoz/signoz/pkg/queryparser"
 	"github.com/SigNoz/signoz/pkg/signoz"
@@ -118,18 +115,15 @@ func runServer(ctx context.Context, config signoz.Config, logger *slog.Logger) e
 
 			return authNs, nil
 		},
-		func(ctx context.Context, sqlstore sqlstore.SQLStore) factory.ProviderFactory[authz.AuthZ, authz.Config] {
-			return openfgaauthz.NewProviderFactory(sqlstore, openfgaschema.NewSchema().Get(ctx))
+		func(ctx context.Context, sqlstore sqlstore.SQLStore, licensing licensing.Licensing, dashboardModule dashboard.Module) factory.ProviderFactory[authz.AuthZ, authz.Config] {
+			return openfgaauthz.NewProviderFactory(sqlstore, openfgaschema.NewSchema().Get(ctx), licensing, dashboardModule)
 		},
-		func(store sqlstore.SQLStore, settings factory.ProviderSettings, analytics analytics.Analytics, orgGetter organization.Getter, roleSetter role.Setter, granter role.Granter, queryParser queryparser.QueryParser, querier querier.Querier, licensing licensing.Licensing) dashboard.Module {
-			return impldashboard.NewModule(pkgimpldashboard.NewStore(store), settings, analytics, orgGetter, roleSetter, granter, queryParser, querier, licensing)
+		func(store sqlstore.SQLStore, settings factory.ProviderSettings, analytics analytics.Analytics, orgGetter organization.Getter, queryParser queryparser.QueryParser, querier querier.Querier, licensing licensing.Licensing) dashboard.Module {
+			return impldashboard.NewModule(pkgimpldashboard.NewStore(store), settings, analytics, orgGetter, queryParser, querier, licensing)
 		},
 		func(licensing licensing.Licensing) factory.ProviderFactory[gateway.Gateway, gateway.Config] {
 			return httpgateway.NewProviderFactory(licensing)
 		},
-		func(store sqlstore.SQLStore, authz authz.AuthZ, licensing licensing.Licensing, registry []role.RegisterTypeable) role.Setter {
-			return implrole.NewSetter(pkgimplrole.NewStore(store), authz, licensing, registry)
-		},
 	)
 
 	if err != nil {

docs/api/openapi.yml

@@ -607,6 +607,178 @@ paths:
       summary: Update auth domain
       tags:
       - authdomains
+  /api/v1/fields/keys:
+    get:
+      deprecated: false
+      description: This endpoint returns field keys
+      operationId: GetFieldsKeys
+      parameters:
+      - in: query
+        name: signal
+        schema:
+          type: string
+      - in: query
+        name: source
+        schema:
+          type: string
+      - in: query
+        name: limit
+        schema:
+          type: integer
+      - in: query
+        name: startUnixMilli
+        schema:
+          format: int64
+          type: integer
+      - in: query
+        name: endUnixMilli
+        schema:
+          format: int64
+          type: integer
+      - in: query
+        name: fieldContext
+        schema:
+          type: string
+      - in: query
+        name: fieldDataType
+        schema:
+          type: string
+      - in: query
+        name: metricName
+        schema:
+          type: string
+      - in: query
+        name: searchText
+        schema:
+          type: string
+      responses:
+        "200":
+          content:
+            application/json:
+              schema:
+                properties:
+                  data:
+                    $ref: '#/components/schemas/TelemetrytypesGettableFieldKeys'
+                  status:
+                    type: string
+                type: object
+          description: OK
+        "401":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Unauthorized
+        "403":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Forbidden
+        "500":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Internal Server Error
+      security:
+      - api_key:
+        - VIEWER
+      - tokenizer:
+        - VIEWER
+      summary: Get field keys
+      tags:
+      - fields
+  /api/v1/fields/values:
+    get:
+      deprecated: false
+      description: This endpoint returns field values
+      operationId: GetFieldsValues
+      parameters:
+      - in: query
+        name: signal
+        schema:
+          type: string
+      - in: query
+        name: source
+        schema:
+          type: string
+      - in: query
+        name: limit
+        schema:
+          type: integer
+      - in: query
+        name: startUnixMilli
+        schema:
+          format: int64
+          type: integer
+      - in: query
+        name: endUnixMilli
+        schema:
+          format: int64
+          type: integer
+      - in: query
+        name: fieldContext
+        schema:
+          type: string
+      - in: query
+        name: fieldDataType
+        schema:
+          type: string
+      - in: query
+        name: metricName
+        schema:
+          type: string
+      - in: query
+        name: searchText
+        schema:
+          type: string
+      - in: query
+        name: name
+        schema:
+          type: string
+      - in: query
+        name: existingQuery
+        schema:
+          type: string
+      responses:
+        "200":
+          content:
+            application/json:
+              schema:
+                properties:
+                  data:
+                    $ref: '#/components/schemas/TelemetrytypesGettableFieldValues'
+                  status:
+                    type: string
+                type: object
+          description: OK
+        "401":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Unauthorized
+        "403":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Forbidden
+        "500":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Internal Server Error
+      security:
+      - api_key:
+        - VIEWER
+      - tokenizer:
+        - VIEWER
+      summary: Get field values
+      tags:
+      - fields
   /api/v1/getResetPasswordToken/{id}:
     get:
       deprecated: false
@@ -4244,6 +4416,60 @@ components:
           format: date-time
           type: string
       type: object
+    TelemetrytypesGettableFieldKeys:
+      properties:
+        complete:
+          type: boolean
+        keys:
+          additionalProperties:
+            items:
+              $ref: '#/components/schemas/TelemetrytypesTelemetryFieldKey'
+            type: array
+          nullable: true
+          type: object
+      type: object
+    TelemetrytypesGettableFieldValues:
+      properties:
+        complete:
+          type: boolean
+        values:
+          $ref: '#/components/schemas/TelemetrytypesTelemetryFieldValues'
+      type: object
+    TelemetrytypesTelemetryFieldKey:
+      properties:
+        description:
+          type: string
+        fieldContext:
+          type: string
+        fieldDataType:
+          type: string
+        name:
+          type: string
+        signal:
+          type: string
+        unit:
+          type: string
+      type: object
+    TelemetrytypesTelemetryFieldValues:
+      properties:
+        boolValues:
+          items:
+            type: boolean
+          type: array
+        numberValues:
+          items:
+            format: double
+            type: number
+          type: array
+        relatedValues:
+          items:
+            type: string
+          type: array
+        stringValues:
+          items:
+            type: string
+          type: array
+      type: object
     TypesChangePasswordRequest:
       properties:
         newPassword:

ee/authz/openfgaauthz/provider.go

@@ -2,12 +2,18 @@ package openfgaauthz
 
 import (
 	"context"
+	"slices"
 
+	"github.com/SigNoz/signoz/ee/authz/openfgaserver"
 	"github.com/SigNoz/signoz/pkg/authz"
+	"github.com/SigNoz/signoz/pkg/authz/authzstore/sqlauthzstore"
 	pkgopenfgaauthz "github.com/SigNoz/signoz/pkg/authz/openfgaauthz"
+	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/factory"
+	"github.com/SigNoz/signoz/pkg/licensing"
 	"github.com/SigNoz/signoz/pkg/sqlstore"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
+	"github.com/SigNoz/signoz/pkg/types/roletypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 	openfgav1 "github.com/openfga/api/proto/openfga/v1"
 	openfgapkgtransformer "github.com/openfga/language/pkg/go/transformer"
@@ -15,84 +21,320 @@ import (
 
 type provider struct {
 	pkgAuthzService authz.AuthZ
+	openfgaServer   *openfgaserver.Server
+	licensing       licensing.Licensing
+	store           roletypes.Store
+	registry        []authz.RegisterTypeable
 }
 
-func NewProviderFactory(sqlstore sqlstore.SQLStore, openfgaSchema []openfgapkgtransformer.ModuleFile) factory.ProviderFactory[authz.AuthZ, authz.Config] {
+func NewProviderFactory(sqlstore sqlstore.SQLStore, openfgaSchema []openfgapkgtransformer.ModuleFile, licensing licensing.Licensing, registry ...authz.RegisterTypeable) factory.ProviderFactory[authz.AuthZ, authz.Config] {
 	return factory.NewProviderFactory(factory.MustNewName("openfga"), func(ctx context.Context, ps factory.ProviderSettings, config authz.Config) (authz.AuthZ, error) {
-		return newOpenfgaProvider(ctx, ps, config, sqlstore, openfgaSchema)
+		return newOpenfgaProvider(ctx, ps, config, sqlstore, openfgaSchema, licensing, registry)
 	})
 }
 
-func newOpenfgaProvider(ctx context.Context, settings factory.ProviderSettings, config authz.Config, sqlstore sqlstore.SQLStore, openfgaSchema []openfgapkgtransformer.ModuleFile) (authz.AuthZ, error) {
+func newOpenfgaProvider(ctx context.Context, settings factory.ProviderSettings, config authz.Config, sqlstore sqlstore.SQLStore, openfgaSchema []openfgapkgtransformer.ModuleFile, licensing licensing.Licensing, registry []authz.RegisterTypeable) (authz.AuthZ, error) {
 	pkgOpenfgaAuthzProvider := pkgopenfgaauthz.NewProviderFactory(sqlstore, openfgaSchema)
 	pkgAuthzService, err := pkgOpenfgaAuthzProvider.New(ctx, settings, config)
 	if err != nil {
 		return nil, err
 	}
 
+	openfgaServer, err := openfgaserver.NewOpenfgaServer(ctx, pkgAuthzService)
+	if err != nil {
+		return nil, err
+	}
+
 	return &provider{
 		pkgAuthzService: pkgAuthzService,
+		openfgaServer:   openfgaServer,
+		licensing:       licensing,
+		store:           sqlauthzstore.NewSqlAuthzStore(sqlstore),
+		registry:        registry,
 	}, nil
 }
 
 func (provider *provider) Start(ctx context.Context) error {
-	return provider.pkgAuthzService.Start(ctx)
+	return provider.openfgaServer.Start(ctx)
 }
 
 func (provider *provider) Stop(ctx context.Context) error {
-	return provider.pkgAuthzService.Stop(ctx)
+	return provider.openfgaServer.Stop(ctx)
 }
 
 func (provider *provider) Check(ctx context.Context, tuple *openfgav1.TupleKey) error {
-	return provider.pkgAuthzService.Check(ctx, tuple)
+	return provider.openfgaServer.Check(ctx, tuple)
 }
 
-func (provider *provider) CheckWithTupleCreation(ctx context.Context, claims authtypes.Claims, orgID valuer.UUID, relation authtypes.Relation, typeable authtypes.Typeable, selectors []authtypes.Selector, _ []authtypes.Selector) error {
-	subject, err := authtypes.NewSubject(authtypes.TypeableUser, claims.UserID, orgID, nil)
-	if err != nil {
-		return err
-	}
-
-	tuples, err := typeable.Tuples(subject, relation, selectors, orgID)
-	if err != nil {
-		return err
-	}
-
-	err = provider.BatchCheck(ctx, tuples)
-	if err != nil {
-		return err
-	}
-
-	return nil
+func (provider *provider) CheckWithTupleCreation(ctx context.Context, claims authtypes.Claims, orgID valuer.UUID, relation authtypes.Relation, typeable authtypes.Typeable, selectors []authtypes.Selector, roleSelectors []authtypes.Selector) error {
+	return provider.openfgaServer.CheckWithTupleCreation(ctx, claims, orgID, relation, typeable, selectors, roleSelectors)
 }
 
-func (provider *provider) CheckWithTupleCreationWithoutClaims(ctx context.Context, orgID valuer.UUID, relation authtypes.Relation, typeable authtypes.Typeable, selectors []authtypes.Selector, _ []authtypes.Selector) error {
-	subject, err := authtypes.NewSubject(authtypes.TypeableAnonymous, authtypes.AnonymousUser.String(), orgID, nil)
-	if err != nil {
-		return err
-	}
-
-	tuples, err := typeable.Tuples(subject, relation, selectors, orgID)
-	if err != nil {
-		return err
-	}
-
-	err = provider.BatchCheck(ctx, tuples)
-	if err != nil {
-		return err
-	}
-
-	return nil
+func (provider *provider) CheckWithTupleCreationWithoutClaims(ctx context.Context, orgID valuer.UUID, relation authtypes.Relation, typeable authtypes.Typeable, selectors []authtypes.Selector, roleSelectors []authtypes.Selector) error {
+	return provider.openfgaServer.CheckWithTupleCreationWithoutClaims(ctx, orgID, relation, typeable, selectors, roleSelectors)
 }
 
 func (provider *provider) BatchCheck(ctx context.Context, tuples []*openfgav1.TupleKey) error {
-	return provider.pkgAuthzService.BatchCheck(ctx, tuples)
+	return provider.openfgaServer.BatchCheck(ctx, tuples)
 }
 
 func (provider *provider) ListObjects(ctx context.Context, subject string, relation authtypes.Relation, typeable authtypes.Typeable) ([]*authtypes.Object, error) {
-	return provider.pkgAuthzService.ListObjects(ctx, subject, relation, typeable)
+	return provider.openfgaServer.ListObjects(ctx, subject, relation, typeable)
 }
 
 func (provider *provider) Write(ctx context.Context, additions []*openfgav1.TupleKey, deletions []*openfgav1.TupleKey) error {
-	return provider.pkgAuthzService.Write(ctx, additions, deletions)
+	return provider.openfgaServer.Write(ctx, additions, deletions)
+}
+
+func (provider *provider) Get(ctx context.Context, orgID valuer.UUID, id valuer.UUID) (*roletypes.Role, error) {
+	return provider.pkgAuthzService.Get(ctx, orgID, id)
+}
+
+func (provider *provider) GetByOrgIDAndName(ctx context.Context, orgID valuer.UUID, name string) (*roletypes.Role, error) {
+	return provider.pkgAuthzService.GetByOrgIDAndName(ctx, orgID, name)
+}
+
+func (provider *provider) List(ctx context.Context, orgID valuer.UUID) ([]*roletypes.Role, error) {
+	return provider.pkgAuthzService.List(ctx, orgID)
+}
+
+func (provider *provider) ListByOrgIDAndNames(ctx context.Context, orgID valuer.UUID, names []string) ([]*roletypes.Role, error) {
+	return provider.pkgAuthzService.ListByOrgIDAndNames(ctx, orgID, names)
+}
+
+func (provider *provider) Grant(ctx context.Context, orgID valuer.UUID, name string, subject string) error {
+	return provider.pkgAuthzService.Grant(ctx, orgID, name, subject)
+}
+
+func (provider *provider) ModifyGrant(ctx context.Context, orgID valuer.UUID, existingRoleName string, updatedRoleName string, subject string) error {
+	return provider.pkgAuthzService.ModifyGrant(ctx, orgID, existingRoleName, updatedRoleName, subject)
+}
+
+func (provider *provider) Revoke(ctx context.Context, orgID valuer.UUID, name string, subject string) error {
+	return provider.pkgAuthzService.Revoke(ctx, orgID, name, subject)
+}
+
+func (provider *provider) CreateManagedRoles(ctx context.Context, orgID valuer.UUID, managedRoles []*roletypes.Role) error {
+	return provider.pkgAuthzService.CreateManagedRoles(ctx, orgID, managedRoles)
+}
+
+func (provider *provider) CreateManagedUserRoleTransactions(ctx context.Context, orgID valuer.UUID, userID valuer.UUID) error {
+	tuples := make([]*openfgav1.TupleKey, 0)
+
+	grantTuples, err := provider.getManagedRoleGrantTuples(orgID, userID)
+	if err != nil {
+		return err
+	}
+	tuples = append(tuples, grantTuples...)
+
+	managedRoleTuples, err := provider.getManagedRoleTransactionTuples(orgID)
+	if err != nil {
+		return err
+	}
+	tuples = append(tuples, managedRoleTuples...)
+
+	return provider.Write(ctx, tuples, nil)
+}
+
+func (provider *provider) Create(ctx context.Context, orgID valuer.UUID, role *roletypes.Role) error {
+	_, err := provider.licensing.GetActive(ctx, orgID)
+	if err != nil {
+		return errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
+	}
+
+	return provider.store.Create(ctx, roletypes.NewStorableRoleFromRole(role))
+}
+
+func (provider *provider) GetOrCreate(ctx context.Context, orgID valuer.UUID, role *roletypes.Role) (*roletypes.Role, error) {
+	_, err := provider.licensing.GetActive(ctx, orgID)
+	if err != nil {
+		return nil, errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
+	}
+
+	existingRole, err := provider.store.GetByOrgIDAndName(ctx, role.OrgID, role.Name)
+	if err != nil {
+		if !errors.Ast(err, errors.TypeNotFound) {
+			return nil, err
+		}
+	}
+
+	if existingRole != nil {
+		return roletypes.NewRoleFromStorableRole(existingRole), nil
+	}
+
+	err = provider.store.Create(ctx, roletypes.NewStorableRoleFromRole(role))
+	if err != nil {
+		return nil, err
+	}
+
+	return role, nil
+}
+
+func (provider *provider) GetResources(_ context.Context) []*authtypes.Resource {
+	typeables := make([]authtypes.Typeable, 0)
+	for _, register := range provider.registry {
+		typeables = append(typeables, register.MustGetTypeables()...)
+	}
+	// role module cannot self register itself!
+	typeables = append(typeables, provider.MustGetTypeables()...)
+
+	resources := make([]*authtypes.Resource, 0)
+	for _, typeable := range typeables {
+		resources = append(resources, &authtypes.Resource{Name: typeable.Name(), Type: typeable.Type()})
+	}
+
+	return resources
+}
+
+func (provider *provider) GetObjects(ctx context.Context, orgID valuer.UUID, id valuer.UUID, relation authtypes.Relation) ([]*authtypes.Object, error) {
+	storableRole, err := provider.store.Get(ctx, orgID, id)
+	if err != nil {
+		return nil, err
+	}
+
+	objects := make([]*authtypes.Object, 0)
+	for _, resource := range provider.GetResources(ctx) {
+		if slices.Contains(authtypes.TypeableRelations[resource.Type], relation) {
+			resourceObjects, err := provider.
+				ListObjects(
+					ctx,
+					authtypes.MustNewSubject(authtypes.TypeableRole, storableRole.ID.String(), orgID, &authtypes.RelationAssignee),
+					relation,
+					authtypes.MustNewTypeableFromType(resource.Type, resource.Name),
+				)
+			if err != nil {
+				return nil, err
+			}
+
+			objects = append(objects, resourceObjects...)
+		}
+	}
+
+	return objects, nil
+}
+
+func (provider *provider) Patch(ctx context.Context, orgID valuer.UUID, role *roletypes.Role) error {
+	_, err := provider.licensing.GetActive(ctx, orgID)
+	if err != nil {
+		return errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
+	}
+
+	return provider.store.Update(ctx, orgID, roletypes.NewStorableRoleFromRole(role))
+}
+
+func (provider *provider) PatchObjects(ctx context.Context, orgID valuer.UUID, name string, relation authtypes.Relation, additions, deletions []*authtypes.Object) error {
+	_, err := provider.licensing.GetActive(ctx, orgID)
+	if err != nil {
+		return errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
+	}
+
+	additionTuples, err := roletypes.GetAdditionTuples(name, orgID, relation, additions)
+	if err != nil {
+		return err
+	}
+
+	deletionTuples, err := roletypes.GetDeletionTuples(name, orgID, relation, deletions)
+	if err != nil {
+		return err
+	}
+
+	err = provider.Write(ctx, additionTuples, deletionTuples)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (provider *provider) Delete(ctx context.Context, orgID valuer.UUID, id valuer.UUID) error {
+	_, err := provider.licensing.GetActive(ctx, orgID)
+	if err != nil {
+		return errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
+	}
+
+	storableRole, err := provider.store.Get(ctx, orgID, id)
+	if err != nil {
+		return err
+	}
+
+	role := roletypes.NewRoleFromStorableRole(storableRole)
+	err = role.CanEditDelete()
+	if err != nil {
+		return err
+	}
+
+	return provider.store.Delete(ctx, orgID, id)
+}
+
+func (provider *provider) MustGetTypeables() []authtypes.Typeable {
+	return []authtypes.Typeable{authtypes.TypeableRole, roletypes.TypeableResourcesRoles}
+}
+
+func (provider *provider) getManagedRoleGrantTuples(orgID valuer.UUID, userID valuer.UUID) ([]*openfgav1.TupleKey, error) {
+	tuples := []*openfgav1.TupleKey{}
+
+	// Grant the admin role to the user
+	adminSubject := authtypes.MustNewSubject(authtypes.TypeableUser, userID.String(), orgID, nil)
+	adminTuple, err := authtypes.TypeableRole.Tuples(
+		adminSubject,
+		authtypes.RelationAssignee,
+		[]authtypes.Selector{
+			authtypes.MustNewSelector(authtypes.TypeRole, roletypes.SigNozAdminRoleName),
+		},
+		orgID,
+	)
+	if err != nil {
+		return nil, err
+	}
+	tuples = append(tuples, adminTuple...)
+
+	// Grant the admin role to the anonymous user
+	anonymousSubject := authtypes.MustNewSubject(authtypes.TypeableAnonymous, authtypes.AnonymousUser.String(), orgID, nil)
+	anonymousTuple, err := authtypes.TypeableRole.Tuples(
+		anonymousSubject,
+		authtypes.RelationAssignee,
+		[]authtypes.Selector{
+			authtypes.MustNewSelector(authtypes.TypeRole, roletypes.SigNozAnonymousRoleName),
+		},
+		orgID,
+	)
+	if err != nil {
+		return nil, err
+	}
+	tuples = append(tuples, anonymousTuple...)
+
+	return tuples, nil
+}
+
+func (provider *provider) getManagedRoleTransactionTuples(orgID valuer.UUID) ([]*openfgav1.TupleKey, error) {
+	transactionsByRole := make(map[string][]*authtypes.Transaction)
+	for _, register := range provider.registry {
+		for roleName, txns := range register.MustGetManagedRoleTransactions() {
+			transactionsByRole[roleName] = append(transactionsByRole[roleName], txns...)
+		}
+	}
+
+	tuples := make([]*openfgav1.TupleKey, 0)
+	for roleName, transactions := range transactionsByRole {
+		for _, txn := range transactions {
+			typeable := authtypes.MustNewTypeableFromType(txn.Object.Resource.Type, txn.Object.Resource.Name)
+			txnTuples, err := typeable.Tuples(
+				authtypes.MustNewSubject(
+					authtypes.TypeableRole,
+					roleName,
+					orgID,
+					&authtypes.RelationAssignee,
+				),
+				txn.Relation,
+				[]authtypes.Selector{txn.Object.Selector},
+				orgID,
+			)
+			if err != nil {
+				return nil, err
+			}
+			tuples = append(tuples, txnTuples...)
+		}
+	}
+
+	return tuples, nil
 }

ee/authz/openfgaserver/server.go

@@ -0,0 +1,83 @@
+package openfgaserver
+
+import (
+	"context"
+
+	"github.com/SigNoz/signoz/pkg/authz"
+	"github.com/SigNoz/signoz/pkg/types/authtypes"
+	"github.com/SigNoz/signoz/pkg/valuer"
+	openfgav1 "github.com/openfga/api/proto/openfga/v1"
+)
+
+type Server struct {
+	pkgAuthzService authz.AuthZ
+}
+
+func NewOpenfgaServer(ctx context.Context, pkgAuthzService authz.AuthZ) (*Server, error) {
+
+	return &Server{
+		pkgAuthzService: pkgAuthzService,
+	}, nil
+}
+
+func (server *Server) Start(ctx context.Context) error {
+	return server.pkgAuthzService.Start(ctx)
+}
+
+func (server *Server) Stop(ctx context.Context) error {
+	return server.pkgAuthzService.Stop(ctx)
+}
+
+func (server *Server) Check(ctx context.Context, tuple *openfgav1.TupleKey) error {
+	return server.pkgAuthzService.Check(ctx, tuple)
+}
+
+func (server *Server) CheckWithTupleCreation(ctx context.Context, claims authtypes.Claims, orgID valuer.UUID, relation authtypes.Relation, typeable authtypes.Typeable, selectors []authtypes.Selector, _ []authtypes.Selector) error {
+	subject, err := authtypes.NewSubject(authtypes.TypeableUser, claims.UserID, orgID, nil)
+	if err != nil {
+		return err
+	}
+
+	tuples, err := typeable.Tuples(subject, relation, selectors, orgID)
+	if err != nil {
+		return err
+	}
+
+	err = server.BatchCheck(ctx, tuples)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (server *Server) CheckWithTupleCreationWithoutClaims(ctx context.Context, orgID valuer.UUID, relation authtypes.Relation, typeable authtypes.Typeable, selectors []authtypes.Selector, _ []authtypes.Selector) error {
+	subject, err := authtypes.NewSubject(authtypes.TypeableAnonymous, authtypes.AnonymousUser.String(), orgID, nil)
+	if err != nil {
+		return err
+	}
+
+	tuples, err := typeable.Tuples(subject, relation, selectors, orgID)
+	if err != nil {
+		return err
+	}
+
+	err = server.BatchCheck(ctx, tuples)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (server *Server) BatchCheck(ctx context.Context, tuples []*openfgav1.TupleKey) error {
+	return server.pkgAuthzService.BatchCheck(ctx, tuples)
+}
+
+func (server *Server) ListObjects(ctx context.Context, subject string, relation authtypes.Relation, typeable authtypes.Typeable) ([]*authtypes.Object, error) {
+	return server.pkgAuthzService.ListObjects(ctx, subject, relation, typeable)
+}
+
+func (server *Server) Write(ctx context.Context, additions []*openfgav1.TupleKey, deletions []*openfgav1.TupleKey) error {
+	return server.pkgAuthzService.Write(ctx, additions, deletions)
+}

ee/modules/dashboard/impldashboard/module.go

@@ -11,7 +11,6 @@ import (
 	"github.com/SigNoz/signoz/pkg/modules/dashboard"
 	pkgimpldashboard "github.com/SigNoz/signoz/pkg/modules/dashboard/impldashboard"
 	"github.com/SigNoz/signoz/pkg/modules/organization"
-	"github.com/SigNoz/signoz/pkg/modules/role"
 	"github.com/SigNoz/signoz/pkg/querier"
 	"github.com/SigNoz/signoz/pkg/queryparser"
 	"github.com/SigNoz/signoz/pkg/types"
@@ -26,13 +25,11 @@ type module struct {
 	pkgDashboardModule dashboard.Module
 	store              dashboardtypes.Store
 	settings           factory.ScopedProviderSettings
-	roleSetter         role.Setter
-	granter            role.Granter
 	querier            querier.Querier
 	licensing          licensing.Licensing
 }
 
-func NewModule(store dashboardtypes.Store, settings factory.ProviderSettings, analytics analytics.Analytics, orgGetter organization.Getter, roleSetter role.Setter, granter role.Granter, queryParser queryparser.QueryParser, querier querier.Querier, licensing licensing.Licensing) dashboard.Module {
+func NewModule(store dashboardtypes.Store, settings factory.ProviderSettings, analytics analytics.Analytics, orgGetter organization.Getter, queryParser queryparser.QueryParser, querier querier.Querier, licensing licensing.Licensing) dashboard.Module {
 	scopedProviderSettings := factory.NewScopedProviderSettings(settings, "github.com/SigNoz/signoz/ee/modules/dashboard/impldashboard")
 	pkgDashboardModule := pkgimpldashboard.NewModule(store, settings, analytics, orgGetter, queryParser)
 
@@ -40,8 +37,6 @@ func NewModule(store dashboardtypes.Store, settings factory.ProviderSettings, an
 		pkgDashboardModule: pkgDashboardModule,
 		store:              store,
 		settings:           scopedProviderSettings,
-		roleSetter:         roleSetter,
-		granter:            granter,
 		querier:            querier,
 		licensing:          licensing,
 	}
@@ -61,29 +56,6 @@ func (module *module) CreatePublic(ctx context.Context, orgID valuer.UUID, publi
 		return errors.Newf(errors.TypeAlreadyExists, dashboardtypes.ErrCodePublicDashboardAlreadyExists, "dashboard with id %s is already public", storablePublicDashboard.DashboardID)
 	}
 
-	role, err := module.roleSetter.GetOrCreate(ctx, orgID, roletypes.NewRole(roletypes.SigNozAnonymousRoleName, roletypes.SigNozAnonymousRoleDescription, roletypes.RoleTypeManaged, orgID))
-	if err != nil {
-		return err
-	}
-
-	err = module.granter.Grant(ctx, orgID, roletypes.SigNozAnonymousRoleName, authtypes.MustNewSubject(authtypes.TypeableAnonymous, authtypes.AnonymousUser.StringValue(), orgID, nil))
-	if err != nil {
-		return err
-	}
-
-	additionObject := authtypes.MustNewObject(
-		authtypes.Resource{
-			Name: dashboardtypes.TypeableMetaResourcePublicDashboard.Name(),
-			Type: authtypes.TypeMetaResource,
-		},
-		authtypes.MustNewSelector(authtypes.TypeMetaResource, publicDashboard.ID.String()),
-	)
-
-	err = module.roleSetter.PatchObjects(ctx, orgID, role.Name, authtypes.RelationRead, []*authtypes.Object{additionObject}, nil)
-	if err != nil {
-		return err
-	}
-
 	err = module.store.CreatePublic(ctx, dashboardtypes.NewStorablePublicDashboardFromPublicDashboard(publicDashboard))
 	if err != nil {
 		return err
@@ -128,6 +100,7 @@ func (module *module) GetPublicDashboardSelectorsAndOrg(ctx context.Context, id
 
 	return []authtypes.Selector{
 		authtypes.MustNewSelector(authtypes.TypeMetaResource, id.StringValue()),
+		authtypes.MustNewSelector(authtypes.TypeMetaResource, authtypes.WildCardSelectorString),
 	}, storableDashboard.OrgID, nil
 }
 
@@ -190,29 +163,6 @@ func (module *module) DeletePublic(ctx context.Context, orgID valuer.UUID, dashb
 		return errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
 	}
 
-	publicDashboard, err := module.GetPublic(ctx, orgID, dashboardID)
-	if err != nil {
-		return err
-	}
-
-	role, err := module.roleSetter.GetOrCreate(ctx, orgID, roletypes.NewRole(roletypes.SigNozAnonymousRoleName, roletypes.SigNozAnonymousRoleDescription, roletypes.RoleTypeManaged, orgID))
-	if err != nil {
-		return err
-	}
-
-	deletionObject := authtypes.MustNewObject(
-		authtypes.Resource{
-			Name: dashboardtypes.TypeableMetaResourcePublicDashboard.Name(),
-			Type: authtypes.TypeMetaResource,
-		},
-		authtypes.MustNewSelector(authtypes.TypeMetaResource, publicDashboard.ID.String()),
-	)
-
-	err = module.roleSetter.PatchObjects(ctx, orgID, role.Name, authtypes.RelationRead, nil, []*authtypes.Object{deletionObject})
-	if err != nil {
-		return err
-	}
-
 	err = module.store.DeletePublic(ctx, dashboardID.StringValue())
 	if err != nil {
 		return err
@@ -250,10 +200,6 @@ func (module *module) GetByMetricNames(ctx context.Context, orgID valuer.UUID, m
 	return module.pkgDashboardModule.GetByMetricNames(ctx, orgID, metricNames)
 }
 
-func (module *module) MustGetTypeables() []authtypes.Typeable {
-	return module.pkgDashboardModule.MustGetTypeables()
-}
-
 func (module *module) List(ctx context.Context, orgID valuer.UUID) ([]*dashboardtypes.Dashboard, error) {
 	return module.pkgDashboardModule.List(ctx, orgID)
 }
@@ -266,34 +212,27 @@ func (module *module) LockUnlock(ctx context.Context, orgID valuer.UUID, id valu
 	return module.pkgDashboardModule.LockUnlock(ctx, orgID, id, updatedBy, role, lock)
 }
 
-func (module *module) deletePublic(ctx context.Context, orgID valuer.UUID, dashboardID valuer.UUID) error {
-	publicDashboard, err := module.store.GetPublic(ctx, dashboardID.String())
-	if err != nil {
-		return err
-	}
-
-	role, err := module.roleSetter.GetOrCreate(ctx, orgID, roletypes.NewRole(roletypes.SigNozAnonymousRoleName, roletypes.SigNozAnonymousRoleDescription, roletypes.RoleTypeManaged, orgID))
-	if err != nil {
-		return err
-	}
-
-	deletionObject := authtypes.MustNewObject(
-		authtypes.Resource{
-			Name: dashboardtypes.TypeableMetaResourcePublicDashboard.Name(),
-			Type: authtypes.TypeMetaResource,
-		},
-		authtypes.MustNewSelector(authtypes.TypeMetaResource, publicDashboard.ID.String()),
-	)
-
-	err = module.roleSetter.PatchObjects(ctx, orgID, role.Name, authtypes.RelationRead, nil, []*authtypes.Object{deletionObject})
-	if err != nil {
-		return err
-	}
-
-	err = module.store.DeletePublic(ctx, dashboardID.StringValue())
-	if err != nil {
-		return err
-	}
-
-	return nil
+func (module *module) MustGetTypeables() []authtypes.Typeable {
+	return module.pkgDashboardModule.MustGetTypeables()
+}
+
+func (module *module) MustGetManagedRoleTransactions() map[string][]*authtypes.Transaction {
+	return map[string][]*authtypes.Transaction{
+		roletypes.SigNozAnonymousRoleName: {
+			{
+				Relation: authtypes.RelationRead,
+				Object: *authtypes.MustNewObject(
+					authtypes.Resource{
+						Type: authtypes.TypeMetaResource,
+						Name: dashboardtypes.TypeableMetaResourcePublicDashboard.Name(),
+					},
+					authtypes.MustNewSelector(authtypes.TypeMetaResource, "*"),
+				),
+			},
+		},
+	}
+}
+
+func (module *module) deletePublic(ctx context.Context, _ valuer.UUID, dashboardID valuer.UUID) error {
+	return module.store.DeletePublic(ctx, dashboardID.StringValue())
 }

ee/modules/role/implrole/setter.go

@@ -1,165 +0,0 @@
-package implrole
-
-import (
-	"context"
-	"slices"
-
-	"github.com/SigNoz/signoz/pkg/authz"
-	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/SigNoz/signoz/pkg/licensing"
-	"github.com/SigNoz/signoz/pkg/modules/role"
-	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/roletypes"
-	"github.com/SigNoz/signoz/pkg/valuer"
-)
-
-type setter struct {
-	store     roletypes.Store
-	authz     authz.AuthZ
-	licensing licensing.Licensing
-	registry  []role.RegisterTypeable
-}
-
-func NewSetter(store roletypes.Store, authz authz.AuthZ, licensing licensing.Licensing, registry []role.RegisterTypeable) role.Setter {
-	return &setter{
-		store:     store,
-		authz:     authz,
-		licensing: licensing,
-		registry:  registry,
-	}
-}
-
-func (setter *setter) Create(ctx context.Context, orgID valuer.UUID, role *roletypes.Role) error {
-	_, err := setter.licensing.GetActive(ctx, orgID)
-	if err != nil {
-		return errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
-	}
-
-	return setter.store.Create(ctx, roletypes.NewStorableRoleFromRole(role))
-}
-
-func (setter *setter) GetOrCreate(ctx context.Context, orgID valuer.UUID, role *roletypes.Role) (*roletypes.Role, error) {
-	_, err := setter.licensing.GetActive(ctx, orgID)
-	if err != nil {
-		return nil, errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
-	}
-
-	existingRole, err := setter.store.GetByOrgIDAndName(ctx, role.OrgID, role.Name)
-	if err != nil {
-		if !errors.Ast(err, errors.TypeNotFound) {
-			return nil, err
-		}
-	}
-
-	if existingRole != nil {
-		return roletypes.NewRoleFromStorableRole(existingRole), nil
-	}
-
-	err = setter.store.Create(ctx, roletypes.NewStorableRoleFromRole(role))
-	if err != nil {
-		return nil, err
-	}
-
-	return role, nil
-}
-
-func (setter *setter) GetResources(_ context.Context) []*authtypes.Resource {
-	typeables := make([]authtypes.Typeable, 0)
-	for _, register := range setter.registry {
-		typeables = append(typeables, register.MustGetTypeables()...)
-	}
-	// role module cannot self register itself!
-	typeables = append(typeables, setter.MustGetTypeables()...)
-
-	resources := make([]*authtypes.Resource, 0)
-	for _, typeable := range typeables {
-		resources = append(resources, &authtypes.Resource{Name: typeable.Name(), Type: typeable.Type()})
-	}
-
-	return resources
-}
-
-func (setter *setter) GetObjects(ctx context.Context, orgID valuer.UUID, id valuer.UUID, relation authtypes.Relation) ([]*authtypes.Object, error) {
-	storableRole, err := setter.store.Get(ctx, orgID, id)
-	if err != nil {
-		return nil, err
-	}
-
-	objects := make([]*authtypes.Object, 0)
-	for _, resource := range setter.GetResources(ctx) {
-		if slices.Contains(authtypes.TypeableRelations[resource.Type], relation) {
-			resourceObjects, err := setter.
-				authz.
-				ListObjects(
-					ctx,
-					authtypes.MustNewSubject(authtypes.TypeableRole, storableRole.ID.String(), orgID, &authtypes.RelationAssignee),
-					relation,
-					authtypes.MustNewTypeableFromType(resource.Type, resource.Name),
-				)
-			if err != nil {
-				return nil, err
-			}
-
-			objects = append(objects, resourceObjects...)
-		}
-	}
-
-	return objects, nil
-}
-
-func (setter *setter) Patch(ctx context.Context, orgID valuer.UUID, role *roletypes.Role) error {
-	_, err := setter.licensing.GetActive(ctx, orgID)
-	if err != nil {
-		return errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
-	}
-
-	return setter.store.Update(ctx, orgID, roletypes.NewStorableRoleFromRole(role))
-}
-
-func (setter *setter) PatchObjects(ctx context.Context, orgID valuer.UUID, name string, relation authtypes.Relation, additions, deletions []*authtypes.Object) error {
-	_, err := setter.licensing.GetActive(ctx, orgID)
-	if err != nil {
-		return errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
-	}
-
-	additionTuples, err := roletypes.GetAdditionTuples(name, orgID, relation, additions)
-	if err != nil {
-		return err
-	}
-
-	deletionTuples, err := roletypes.GetDeletionTuples(name, orgID, relation, deletions)
-	if err != nil {
-		return err
-	}
-
-	err = setter.authz.Write(ctx, additionTuples, deletionTuples)
-	if err != nil {
-		return err
-	}
-
-	return nil
-}
-
-func (setter *setter) Delete(ctx context.Context, orgID valuer.UUID, id valuer.UUID) error {
-	_, err := setter.licensing.GetActive(ctx, orgID)
-	if err != nil {
-		return errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
-	}
-
-	storableRole, err := setter.store.Get(ctx, orgID, id)
-	if err != nil {
-		return err
-	}
-
-	role := roletypes.NewRoleFromStorableRole(storableRole)
-	err = role.CanEditDelete()
-	if err != nil {
-		return err
-	}
-
-	return setter.store.Delete(ctx, orgID, id)
-}
-
-func (setter *setter) MustGetTypeables() []authtypes.Typeable {
-	return []authtypes.Typeable{authtypes.TypeableRole, roletypes.TypeableResourcesRoles}
-}

ee/query-service/app/api/api.go

@@ -9,7 +9,6 @@ import (
 	"github.com/SigNoz/signoz/ee/query-service/integrations/gateway"
 	"github.com/SigNoz/signoz/ee/query-service/usage"
 	"github.com/SigNoz/signoz/pkg/alertmanager"
-	"github.com/SigNoz/signoz/pkg/apis/fields"
 	"github.com/SigNoz/signoz/pkg/global"
 	"github.com/SigNoz/signoz/pkg/http/middleware"
 	querierAPI "github.com/SigNoz/signoz/pkg/querier"
@@ -56,7 +55,6 @@ func NewAPIHandler(opts APIHandlerOptions, signoz *signoz.SigNoz) (*APIHandler,
 		FluxInterval:                  opts.FluxInterval,
 		AlertmanagerAPI:               alertmanager.NewAPI(signoz.Alertmanager),
 		LicensingAPI:                  httplicensing.NewLicensingAPI(signoz.Licensing),
-		FieldsAPI:                     fields.NewAPI(signoz.Instrumentation.ToProviderSettings(), signoz.TelemetryStore),
 		Signoz:                        signoz,
 		QuerierAPI:                    querierAPI.NewAPI(signoz.Instrumentation.ToProviderSettings(), signoz.Querier, signoz.Analytics),
 		QueryParserAPI:                queryparser.NewAPI(signoz.Instrumentation.ToProviderSettings(), signoz.QueryParser),

ee/query-service/app/server.go

@@ -211,7 +211,7 @@ func (s Server) HealthCheckStatus() chan healthcheck.Status {
 
 func (s *Server) createPublicServer(apiHandler *api.APIHandler, web web.Web) (*http.Server, error) {
 	r := baseapp.NewRouter()
-	am := middleware.NewAuthZ(s.signoz.Instrumentation.Logger(), s.signoz.Modules.OrgGetter, s.signoz.Authz, s.signoz.Modules.RoleGetter)
+	am := middleware.NewAuthZ(s.signoz.Instrumentation.Logger(), s.signoz.Modules.OrgGetter, s.signoz.Authz)
 
 	r.Use(otelmux.Middleware(
 		"apiserver",
@@ -237,7 +237,6 @@ func (s *Server) createPublicServer(apiHandler *api.APIHandler, web web.Web) (*h
 	apiHandler.RegisterLogsRoutes(r, am)
 	apiHandler.RegisterIntegrationRoutes(r, am)
 	apiHandler.RegisterCloudIntegrationsRoutes(r, am)
-	apiHandler.RegisterFieldsRoutes(r, am)
 	apiHandler.RegisterQueryRangeV3Routes(r, am)
 	apiHandler.RegisterInfraMetricsRoutes(r, am)
 	apiHandler.RegisterQueryRangeV4Routes(r, am)

ee/query-service/rules/anomaly.go

@@ -15,7 +15,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/query-service/common"
 	"github.com/SigNoz/signoz/pkg/query-service/model"
 	"github.com/SigNoz/signoz/pkg/transition"
-	ruletypes "github.com/SigNoz/signoz/pkg/types/ruletypes"
+	"github.com/SigNoz/signoz/pkg/types/ruletypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 
 	querierV2 "github.com/SigNoz/signoz/pkg/query-service/app/querier/v2"
@@ -63,6 +63,8 @@ type AnomalyRule struct {
 	seasonality anomaly.Seasonality
 }
 
+var _ baserules.Rule = (*AnomalyRule)(nil)
+
 func NewAnomalyRule(
 	id string,
 	orgID valuer.UUID,
@@ -490,7 +492,7 @@ func (r *AnomalyRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 			continue
 		}
 
-		if a.State == model.StatePending && ts.Sub(a.ActiveAt) >= r.HoldDuration() {
+		if a.State == model.StatePending && ts.Sub(a.ActiveAt) >= r.HoldDuration().Duration() {
 			a.State = model.StateFiring
 			a.FiredAt = ts
 			state := model.StateFiring
@@ -553,7 +555,7 @@ func (r *AnomalyRule) String() string {
 	ar := ruletypes.PostableRule{
 		AlertName:         r.Name(),
 		RuleCondition:     r.Condition(),
-		EvalWindow:        ruletypes.Duration(r.EvalWindow()),
+		EvalWindow:        r.EvalWindow(),
 		Labels:            r.Labels().Map(),
 		Annotations:       r.Annotations().Map(),
 		PreferredChannels: r.PreferredChannels(),

ee/query-service/rules/anomaly_test.go

@@ -40,7 +40,7 @@ func TestAnomalyRule_NoData_AlertOnAbsent(t *testing.T) {
 	// Test basic AlertOnAbsent functionality (without AbsentFor grace period)
 
 	baseTime := time.Unix(1700000000, 0)
-	evalWindow := 5 * time.Minute
+	evalWindow := valuer.MustParseTextDuration("5m")
 	evalTime := baseTime.Add(5 * time.Minute)
 
 	target := 500.0
@@ -50,8 +50,8 @@ func TestAnomalyRule_NoData_AlertOnAbsent(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  RuleTypeAnomaly,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: ruletypes.Duration(evalWindow),
-			Frequency:  ruletypes.Duration(1 * time.Minute),
+			EvalWindow: evalWindow,
+			Frequency:  valuer.MustParseTextDuration("1m"),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompareOp: ruletypes.ValueIsAbove,
@@ -147,7 +147,7 @@ func TestAnomalyRule_NoData_AbsentFor(t *testing.T) {
 	// 3. Alert fires only if t2 - t1 > AbsentFor
 
 	baseTime := time.Unix(1700000000, 0)
-	evalWindow := 5 * time.Minute
+	evalWindow := valuer.MustParseTextDuration("5m")
 
 	// Set target higher than test data so regular threshold alerts don't fire
 	target := 500.0
@@ -157,8 +157,8 @@ func TestAnomalyRule_NoData_AbsentFor(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  RuleTypeAnomaly,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: ruletypes.Duration(evalWindow),
-			Frequency:  ruletypes.Duration(time.Minute),
+			EvalWindow: evalWindow,
+			Frequency:  valuer.MustParseTextDuration("1m"),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompareOp:     ruletypes.ValueIsAbove,

ee/query-service/rules/manager.go

@@ -48,7 +48,7 @@ func PrepareTaskFunc(opts baserules.PrepareTaskOptions) (baserules.Task, error)
 		rules = append(rules, tr)
 
 		// create ch rule task for evaluation
-		task = newTask(baserules.TaskTypeCh, opts.TaskName, time.Duration(evaluation.GetFrequency()), rules, opts.ManagerOpts, opts.NotifyFunc, opts.MaintenanceStore, opts.OrgID)
+		task = newTask(baserules.TaskTypeCh, opts.TaskName, evaluation.GetFrequency().Duration(), rules, opts.ManagerOpts, opts.NotifyFunc, opts.MaintenanceStore, opts.OrgID)
 
 	} else if opts.Rule.RuleType == ruletypes.RuleTypeProm {
 
@@ -72,7 +72,7 @@ func PrepareTaskFunc(opts baserules.PrepareTaskOptions) (baserules.Task, error)
 		rules = append(rules, pr)
 
 		// create promql rule task for evaluation
-		task = newTask(baserules.TaskTypeProm, opts.TaskName, time.Duration(evaluation.GetFrequency()), rules, opts.ManagerOpts, opts.NotifyFunc, opts.MaintenanceStore, opts.OrgID)
+		task = newTask(baserules.TaskTypeProm, opts.TaskName, evaluation.GetFrequency().Duration(), rules, opts.ManagerOpts, opts.NotifyFunc, opts.MaintenanceStore, opts.OrgID)
 
 	} else if opts.Rule.RuleType == ruletypes.RuleTypeAnomaly {
 		// create anomaly rule
@@ -96,7 +96,7 @@ func PrepareTaskFunc(opts baserules.PrepareTaskOptions) (baserules.Task, error)
 		rules = append(rules, ar)
 
 		// create anomaly rule task for evaluation
-		task = newTask(baserules.TaskTypeCh, opts.TaskName, time.Duration(evaluation.GetFrequency()), rules, opts.ManagerOpts, opts.NotifyFunc, opts.MaintenanceStore, opts.OrgID)
+		task = newTask(baserules.TaskTypeCh, opts.TaskName, evaluation.GetFrequency().Duration(), rules, opts.ManagerOpts, opts.NotifyFunc, opts.MaintenanceStore, opts.OrgID)
 
 	} else {
 		return nil, fmt.Errorf("unsupported rule type %s. Supported types: %s, %s", opts.Rule.RuleType, ruletypes.RuleTypeProm, ruletypes.RuleTypeThreshold)
@@ -213,8 +213,7 @@ func TestNotification(opts baserules.PrepareTestRuleOptions) (int, *basemodel.Ap
 	return alertsFound, nil
 }
 
-// newTask returns an appropriate group for
-// rule type
+// newTask returns an appropriate group for the rule type
 func newTask(taskType baserules.TaskType, name string, frequency time.Duration, rules []baserules.Rule, opts *baserules.ManagerOptions, notify baserules.NotifyFunc, maintenanceStore ruletypes.MaintenanceStore, orgID valuer.UUID) baserules.Task {
 	if taskType == baserules.TaskTypeCh {
 		return baserules.NewRuleTask(name, "", frequency, rules, opts, notify, maintenanceStore, orgID)

frontend/src/components/NewSelect/CustomMultiSelect.tsx

@@ -140,10 +140,7 @@ const CustomMultiSelect: React.FC<CustomMultiSelectProps> = ({
 	}, [selectedValues, allAvailableValues, enableAllSelection]);
 
 	// Define allOptionShown earlier in the code
-	const allOptionShown = useMemo(
-		() => value === ALL_SELECTED_VALUE || value === 'ALL',
-		[value],
-	);
+	const allOptionShown = value === ALL_SELECTED_VALUE;
 
 	// Value passed to the underlying Ant Select component
 	const displayValue = useMemo(

frontend/src/constants/theme.ts

@@ -34,159 +34,230 @@ const themeColors = {
 		cyan: '#00FFFF',
 	},
 	chartcolors: {
-		radicalRed: '#FF1A66',
+		// Blues (3)
 		dodgerBlue: '#2F80ED',
-		mediumOrchid: '#BB6BD9',
-		seaBuckthorn: '#F2994A',
-		seaGreen: '#219653',
-		turquoiseBlue: '#56CCF2',
-		festivalOrange: '#F2C94C',
-		silver: '#BDBDBD',
-		outrageousOrange: '#FF6633',
-		roseBud: '#FFB399',
-		canary: '#FFFF99',
-		deepSkyBlue: '#00B3E6',
-		goldTips: '#E6B333',
 		royalBlue: '#3366E6',
-		avocado: '#999966',
-		mintGreen: '#99FF99',
-		chestnut: '#B34D4D',
-		lima: '#80B300',
-		olive: '#809900',
-		beautyBush: '#E6B3B3',
-		danube: '#6680B3',
-		oliveDrab: '#66991A',
-		lavenderRose: '#FF99E6',
-		electricLime: '#CCFF1A',
-		robin: '#3F5ECC',
-		harleyOrange: '#E6331A',
-		turquoise: '#33FFCC',
-		gladeGreen: '#66994D',
-		hemlock: '#66664D',
-		vidaLoca: '#4D8000',
-		rust: '#B33300',
-		red: '#FF0000', // Adding more colors, we need to get better colors from design team
-		blue: '#0000FF',
-		green: '#00FF00',
-		yellow: '#FFFF00',
-		purple: '#800080',
-		cyan: '#00FFFF',
-		magenta: '#FF00FF',
-		orange: '#FFA500',
-		pink: '#FFC0CB',
-		brown: '#A52A2A',
-		teal: '#008080',
-		lime: '#00FF00',
-		maroon: '#800000',
-		navy: '#000080',
-		aquamarine: '#7FFFD4',
-		darkSeaGreen: '#8FBC8F',
-		gray: '#808080',
-		skyBlue: '#87CEEB',
-		indigo: '#4B0082',
-		slateGray: '#708090',
-		chocolate: '#D2691E',
-		tomato: '#FF6347',
 		steelBlue: '#4682B4',
-		peru: '#CD853F',
-		darkOliveGreen: '#556B2F',
-		indianRed: '#CD5C5C',
-		mediumSlateBlue: '#7B68EE',
-		rosyBrown: '#BC8F8F',
-		darkSlateGray: '#2F4F4F',
-		mediumAquamarine: '#66CDAA',
-		lavender: '#E6E6FA',
-		thistle: '#D8BFD8',
-		salmon: '#FA8072',
-		darkSalmon: '#E9967A',
-		paleVioletRed: '#DB7093',
-		mediumPurple: '#9370DB',
-		darkOrchid: '#9932CC',
-		lawnGreen: '#7CFC00',
+
+		// Teals / Cyans (3)
+		turquoise: '#00CEC9',
+		lagoon: '#1ABC9C',
+		cyanBright: '#22A6F2',
+
+		// Greens (3)
+		emeraldGreen: '#27AE60',
 		mediumSeaGreen: '#3CB371',
-		lightCoral: '#F08080',
-		gold: '#FFD700',
-		sandyBrown: '#F4A460',
-		darkKhaki: '#BDB76B',
-		cornflowerBlue: '#6495ED',
-		mediumVioletRed: '#C71585',
-		paleGreen: '#98FB98',
+		limeGreen: '#A3E635',
+
+		// Yellows / Golds (3)
+		festivalYellow: '#F2C94C',
+		sunflower: '#FFD93D',
+		warmAmber: '#FFCA28',
+
+		// Oranges (3)
+		festivalOrange: '#F2994A',
+		coralOrange: '#E17055',
+		pumpkin: '#FF7F50',
+
+		// Reds (3)
+		radicalRed: '#FF1A66',
+		crimsonRed: '#EB5757',
+		fireRed: '#E10600',
+
+		// Pinks (3)
+		hotPink: '#E84393',
+		rosePink: '#FD79A8',
+		blush: '#FF7EB6',
+
+		// Purples / Violets (3)
+		mediumPurple: '#BB6BD9',
+		royalPurple: '#9B51E0',
+		orchid: '#DA77F2',
+
+		// Accent / Neon / Unique Colors (3)
+		neonViolet: '#C77DFF',
+		electricPurple: '#6C5CE7',
+		arcticBlue: '#48DBFB',
+
+		// Extended palette — systematic variations to reach 100 colors
+		blue1: '#1F63E0',
+		blue2: '#3A7AED',
+		blue3: '#5A9DF5',
+		cyan1: '#00B0AA',
+		cyan2: '#33D6C2',
+		cyan3: '#66E9DA',
+		green1: '#1E8449',
+		green2: '#2ECC71',
+		green3: '#58D68D',
+		yellow1: '#F1C40F',
+		yellow2: '#F7DC6F',
+		yellow3: '#F9E79F',
+		orange1: '#D35400',
+		orange2: '#E67E22',
+		orange3: '#F5B041',
+		red1: '#C0392B',
+		red2: '#E74C3C',
+		red3: '#EC7063',
+		pink1: '#D81B60',
+		pink2: '#E91E63',
+		pink3: '#F06292',
+		purple1: '#8E44AD',
+		purple2: '#9B59B6',
+		purple3: '#BB8FCE',
+		teal1: '#009688',
+		teal2: '#1ABC9C',
+		teal3: '#48C9B0',
+		lime1: '#A3E635',
+		lime2: '#B9F18D',
+		lime3: '#D4FFB0',
+		gold1: '#F39C12',
+		gold2: '#F1C40F',
+		gold3: '#F7DC6F',
+		coral1: '#E67E22',
+		coral2: '#F39C12',
+		coral3: '#F5B041',
+		crimson1: '#C0392B',
+		crimson2: '#E74C3C',
+		crimson3: '#EC7063',
+		violet1: '#8E44AD',
+		violet2: '#9B59B6',
+		violet3: '#BB8FCE',
+		aqua1: '#00BFFF',
+		aqua2: '#1E90FF',
+		aqua3: '#63B8FF',
+		forest1: '#27AE60',
+		forest2: '#2ECC71',
+		forest3: '#58D68D',
+		blush1: '#FF6F91',
+		blush2: '#FF85A2',
+		blush3: '#FFA0B3',
+		lavender1: '#9B59B6',
+		lavender2: '#AF7AC5',
+		lavender3: '#C39BD3',
+		tomato1: '#E74C3C',
+		tomato2: '#EC7063',
+		tomato3: '#F1948A',
+		salmon1: '#FF6B6B',
+		salmon2: '#FF8787',
+		salmon3: '#FFA1A1',
+		mustard1: '#F1C40F',
+		mustard2: '#F7DC6F',
+		mustard3: '#F9E79F',
+		teal4: '#1ABC9C',
+		teal5: '#48C9B0',
+		teal6: '#76D7C4',
+		magenta1: '#D6336C',
+		magenta2: '#E84393',
+		magenta3: '#F06292',
+		violet4: '#7D3C98',
+		violet5: '#8E44AD',
+		violet6: '#9B59B6',
+		green4: '#229954',
+		green5: '#27AE60',
+		green6: '#52BE80',
+		blue4: '#2874A6',
+		blue5: '#2E86C1',
+		blue6: '#3498DB',
+		red4: '#C0392B',
+		red5: '#E74C3C',
+		red6: '#EC7063',
+		orange4: '#D35400',
+		orange5: '#E67E22',
+		orange6: '#EB984E',
+		pink4: '#C2185B',
+		pink5: '#D81B60',
+		pink6: '#E91E63',
+		gold4: '#B7950B',
+		gold5: '#F1C40F',
+		gold6: '#F4D03F',
 	},
 	lightModeColor: {
-		radicalRed: '#FF1A66',
-		dodgerBlueDark: '#0C6EED',
-		steelgrey: '#2f4b7c',
-		steelpurple: '#665191',
-		steelindigo: '#a05195',
-		steelpink: '#d45087',
-		steelcoral: '#f95d6a',
-		steelorange: '#ff7c43',
-		steelgold: '#ffa600',
-		steelrust: '#de425b',
-		steelgreen: '#41967e',
-		mediumOrchidDark: '#C326FD',
-		seaBuckthornDark: '#E66E05',
-		seaGreen: '#219653',
-		turquoiseBlueDark: '#0099CC',
-		silverDark: '#757575',
-		outrageousOrangeDark: '#F9521A',
-		roseBudDark: '#EB6437',
-		deepSkyBlueDark: '#0595BD',
-		royalBlue: '#3366E6',
-		avocadoDark: '#8E8E29',
-		mintGreenDark: '#00C700',
-		chestnut: '#B34D4D',
-		limaDark: '#6E9900',
-		olive: '#809900',
-		beautyBushDark: '#E25555',
-		danube: '#6680B3',
-		oliveDrab: '#66991A',
-		lavenderRoseDark: '#F024BD',
-		electricLimeDark: '#84A800',
-		robin: '#3F5ECC',
-		harleyOrange: '#E6331A',
-		gladeGreen: '#66994D',
-		hemlock: '#66664D',
-		vidaLoca: '#4D8000',
-		rust: '#B33300',
-		red: '#FF0000', // Adding more colors, we need to get better colors from design team
-		blue: '#0000FF',
-		green: '#00FF00',
-		purple: '#800080',
-		magentaDark: '#EB00EB',
-		pinkDark: '#FF3D5E',
-		brown: '#A52A2A',
-		teal: '#008080',
-		limeDark: '#07A207',
-		maroon: '#800000',
-		navy: '#000080',
-		gray: '#808080',
-		skyBlueDark: '#0CA7E4',
-		indigo: '#4B0082',
-		slateGray: '#708090',
-		chocolate: '#D2691E',
-		tomato: '#FF6347',
-		steelBlue: '#4682B4',
-		peruDark: '#D16E0A',
-		darkOliveGreen: '#556B2F',
-		indianRed: '#CD5C5C',
-		mediumSlateBlue: '#7B68EE',
-		rosyBrownDark: '#CB4848',
-		darkSlateGray: '#2F4F4F',
-		fuchsia: '#FF0AFF',
-		salmonDark: '#FF432E',
-		darkSalmonDark: '#D26541',
-		paleVioletRedDark: '#E83089',
-		mediumPurple: '#9370DB',
-		darkOrchid: '#9932CC',
-		mediumSeaGreenDark: '#109E50',
-		lightCoralDark: '#F85959',
-		gold: '#FFD700',
-		sandyBrownDark: '#D97117',
-		darkKhakiDark: '#99900A',
-		cornflowerBlueDark: '#3371E6',
-		mediumVioletRed: '#C71585',
-		paleGreenDark: '#0D910D',
+		radicalRed: '#D81B60',
+
+		dodgerBlueDark: '#1E5BD9',
+		steelgrey: '#344B6B',
+		steelpurple: '#5E548E',
+		steelindigo: '#8E4A7C',
+		steelpink: '#B63A6F',
+		steelcoral: '#E14B5A',
+		steelorange: '#E76F2F',
+		steelgold: '#E09B00',
+		steelrust: '#C93A50',
+		steelgreen: '#2F7D69',
+
+		mediumOrchidDark: '#8E24AA',
+		seaBuckthornDark: '#C75A00',
+		seaGreen: '#1E7F5A',
+		turquoiseBlueDark: '#007EA7',
+		silverDark: '#5F5F5F',
+		outrageousOrangeDark: '#E64A19',
+		roseBudDark: '#D84315',
+		deepSkyBlueDark: '#0277BD',
+		royalBlue: '#2A4FDB',
+
+		avocadoDark: '#6B6B1E',
+		mintGreenDark: '#2E9E55',
+		chestnut: '#8B3A3A',
+		limaDark: '#5C7F00',
+		olive: '#6E7F00',
+		beautyBushDark: '#C93C3C',
+
+		danube: '#4F6FB3',
+		oliveDrab: '#4F7F1A',
+		lavenderRoseDark: '#B0178F',
+		electricLimeDark: '#6B8F00',
+		robin: '#2F4FCC',
+
+		harleyOrange: '#CC2E12',
+		gladeGreen: '#4F7F46',
+		hemlock: '#5C5C45',
+		vidaLoca: '#3D6B00',
+		rust: '#993300',
+
+		red: '#C62828',
+		blue: '#1A237E',
+		green: '#1B7F3A',
+		purple: '#6A1B9A',
+		magentaDark: '#B000B5',
+		pinkDark: '#C2185B',
+
+		brown: '#7A3A1E',
+		teal: '#006D6F',
+		limeDark: '#4C8C2B',
+		maroon: '#6D1B1B',
+		navy: '#0D1B5E',
+		gray: '#616161',
+
+		skyBlueDark: '#0288D1',
+		indigo: '#303F9F',
+		slateGray: '#556B7C',
+		chocolate: '#9C4A1A',
+		tomato: '#E53935',
+		steelBlue: '#3A6EA5',
+
+		peruDark: '#B35E00',
+		darkOliveGreen: '#445B1F',
+		indianRed: '#B04040',
+		mediumSlateBlue: '#5C6BC0',
+		rosyBrownDark: '#A94444',
+		darkSlateGray: '#2E4A4A',
+
+		fuchsia: '#C511C5',
+		salmonDark: '#E64A3C',
+		darkSalmonDark: '#C85A3A',
+		paleVioletRedDark: '#C2186A',
+
+		mediumPurple: '#7E57C2',
+		darkOrchid: '#7B1FA2',
+		mediumSeaGreenDark: '#2E8B57',
+		lightCoralDark: '#E57373',
+
+		gold: '#D4AF37',
+		sandyBrownDark: '#C76A15',
+		darkKhakiDark: '#8A7F00',
+		cornflowerBlueDark: '#355FCC',
+		mediumVioletRed: '#AD1457',
+		paleGreenDark: '#2E7D32',
 	},
 	errorColor: '#d32f2f',
 	royalGrey: '#888888',

frontend/src/container/DashboardContainer/DashboardSettings/DashboardVariableSettings/VariableItem/VariableItem.tsx

@@ -18,8 +18,8 @@ import { useWidgetsByDynamicVariableId } from 'hooks/dashboard/useWidgetsByDynam
 import { getWidgetsHavingDynamicVariableAttribute } from 'hooks/dashboard/utils';
 import { useGetFieldValues } from 'hooks/dynamicVariables/useGetFieldValues';
 import { useIsDarkMode } from 'hooks/useDarkMode';
-import { commaValuesParser } from 'lib/dashbaordVariables/customCommaValuesParser';
-import sortValues from 'lib/dashbaordVariables/sortVariableValues';
+import { commaValuesParser } from 'lib/dashboardVariables/customCommaValuesParser';
+import sortValues from 'lib/dashboardVariables/sortVariableValues';
 import { isEmpty, map } from 'lodash-es';
 import {
 	ArrowLeft,

frontend/src/container/DashboardContainer/DashboardVariablesSelection/CustomVariableInput.tsx

@@ -1,10 +1,11 @@
-import { memo, useMemo } from 'react';
-import { commaValuesParser } from 'lib/dashbaordVariables/customCommaValuesParser';
-import sortValues from 'lib/dashbaordVariables/sortVariableValues';
+import { memo, useEffect, useMemo } from 'react';
+import { commaValuesParser } from 'lib/dashboardVariables/customCommaValuesParser';
+import sortValues from 'lib/dashboardVariables/sortVariableValues';
 
 import SelectVariableInput from './SelectVariableInput';
 import { useDashboardVariableSelectHelper } from './useDashboardVariableSelectHelper';
 import { VariableItemProps } from './VariableItem';
+import { customVariableSelectStrategy } from './variableSelectStrategy/customVariableSelectStrategy';
 
 type CustomVariableInputProps = Pick<
 	VariableItemProps,
@@ -29,16 +30,31 @@ function CustomVariableInput({
 		onChange,
 		onDropdownVisibleChange,
 		handleClear,
+		applyDefaultIfNeeded,
 	} = useDashboardVariableSelectHelper({
 		variableData,
 		optionsData,
 		onValueUpdate,
+		strategy: customVariableSelectStrategy,
 	});
 
+	// Apply default on mount — options are available synchronously for custom variables
+	// eslint-disable-next-line react-hooks/exhaustive-deps
+	useEffect(applyDefaultIfNeeded, []);
+
+	const selectOptions = useMemo(
+		() =>
+			optionsData.map((option) => ({
+				label: option.toString(),
+				value: option.toString(),
+			})),
+		[optionsData],
+	);
+
 	return (
 		<SelectVariableInput
 			variableId={variableData.id}
-			options={optionsData}
+			options={selectOptions}
 			value={value}
 			onChange={onChange}
 			onDropdownVisibleChange={onDropdownVisibleChange}

frontend/src/container/DashboardContainer/DashboardVariablesSelection/DashboardVariableSelection.tsx

@@ -13,7 +13,6 @@ import { AppState } from 'store/reducers';
 import { IDashboardVariable } from 'types/api/dashboard/getAll';
 import { GlobalReducer } from 'types/reducer/globalTime';
 
-import DynamicVariableSelection from './DynamicVariableSelection';
 import { onUpdateVariableNode } from './util';
 import VariableItem from './VariableItem';
 
@@ -153,14 +152,7 @@ function DashboardVariableSelection(): JSX.Element | null {
 			{sortedVariablesArray.map((variable) => {
 				const key = `${variable.name}${variable.id}${variable.order}`;
 
-				return variable.type === 'DYNAMIC' ? (
-					<DynamicVariableSelection
-						key={key}
-						existingVariables={dashboardVariables}
-						variableData={variable}
-						onValueUpdate={onValueUpdate}
-					/>
-				) : (
+				return (
 					<VariableItem
 						key={key}
 						existingVariables={dashboardVariables}

frontend/src/container/DashboardContainer/DashboardVariablesSelection/DynamicVariableInput.tsx

@@ -0,0 +1,343 @@
+import { memo, useCallback, useMemo, useState } from 'react';
+import { useQuery } from 'react-query';
+import { useSelector } from 'react-redux';
+import { getFieldValues } from 'api/dynamicVariables/getFieldValues';
+import { SOMETHING_WENT_WRONG } from 'constants/api';
+import { DEBOUNCE_DELAY } from 'constants/queryBuilderFilterConfig';
+import { REACT_QUERY_KEY } from 'constants/reactQueryKeys';
+import useDebounce from 'hooks/useDebounce';
+import { isEmpty } from 'lodash-es';
+import { AppState } from 'store/reducers';
+import { GlobalReducer } from 'types/reducer/globalTime';
+import { isRetryableError as checkIfRetryableError } from 'utils/errorUtils';
+
+import SelectVariableInput from './SelectVariableInput';
+import { useDashboardVariableSelectHelper } from './useDashboardVariableSelectHelper';
+import { getOptionsForDynamicVariable } from './util';
+import { VariableItemProps } from './VariableItem';
+import { dynamicVariableSelectStrategy } from './variableSelectStrategy/dynamicVariableSelectStrategy';
+
+import './DashboardVariableSelection.styles.scss';
+
+type DynamicVariableInputProps = Pick<
+	VariableItemProps,
+	'variableData' | 'onValueUpdate' | 'existingVariables'
+>;
+
+// eslint-disable-next-line sonarjs/cognitive-complexity
+function DynamicVariableInput({
+	variableData,
+	onValueUpdate,
+	existingVariables,
+}: DynamicVariableInputProps): JSX.Element {
+	const [optionsData, setOptionsData] = useState<(string | number | boolean)[]>(
+		[],
+	);
+
+	const [errorMessage, setErrorMessage] = useState<null | string>(null);
+	const [isRetryableError, setIsRetryableError] = useState<boolean>(true);
+
+	const [isComplete, setIsComplete] = useState<boolean>(false);
+
+	const [filteredOptionsData, setFilteredOptionsData] = useState<
+		(string | number | boolean)[]
+	>([]);
+
+	const [relatedValues, setRelatedValues] = useState<string[]>([]);
+	const [originalRelatedValues, setOriginalRelatedValues] = useState<string[]>(
+		[],
+	);
+
+	// Track dropdown open state for auto-checking new values
+	const [isDropdownOpen, setIsDropdownOpen] = useState<boolean>(false);
+
+	const [apiSearchText, setApiSearchText] = useState<string>('');
+
+	const debouncedApiSearchText = useDebounce(apiSearchText, DEBOUNCE_DELAY);
+
+	// Build a memoized list of all currently available option strings (normalized + related)
+	const allAvailableOptionStrings = useMemo(
+		() => [
+			...new Set([
+				...optionsData.map((v) => v.toString()),
+				...relatedValues.map((v) => v.toString()),
+			]),
+		],
+		[optionsData, relatedValues],
+	);
+
+	const {
+		value,
+		tempSelection,
+		setTempSelection,
+		handleClear,
+		enableSelectAll,
+		defaultValue,
+		applyDefaultIfNeeded,
+		onChange,
+		onDropdownVisibleChange,
+	} = useDashboardVariableSelectHelper({
+		variableData,
+		optionsData,
+		onValueUpdate,
+		strategy: dynamicVariableSelectStrategy,
+		allAvailableOptionStrings,
+	});
+
+	// Create a dependency key from all dynamic variables
+	const dynamicVariablesKey = useMemo(() => {
+		if (!existingVariables) {
+			return 'no_variables';
+		}
+
+		const dynamicVars = Object.values(existingVariables)
+			.filter((v) => v.type === 'DYNAMIC')
+			.map(
+				(v) => `${v.name || 'unnamed'}:${JSON.stringify(v.selectedValue || null)}`,
+			)
+			.join('|');
+
+		return dynamicVars || 'no_dynamic_variables';
+	}, [existingVariables]);
+
+	const { maxTime, minTime } = useSelector<AppState, GlobalReducer>(
+		(state) => state.globalTime,
+	);
+
+	// existing query is the query made from the other dynamic variables around this one with there current values
+	// for e.g. k8s.namespace.name IN ["zeus", "gene"] AND doc_op_type IN ["test"]
+	// eslint-disable-next-line sonarjs/cognitive-complexity
+	const existingQuery = useMemo(() => {
+		if (!existingVariables || !variableData.dynamicVariablesAttribute) {
+			return '';
+		}
+
+		const queryParts: string[] = [];
+
+		Object.entries(existingVariables).forEach(([, variable]) => {
+			// Skip the current variable being processed
+			if (variable.id === variableData.id) {
+				return;
+			}
+
+			// Only include dynamic variables that have selected values and are not selected as ALL
+			if (
+				variable.type === 'DYNAMIC' &&
+				variable.dynamicVariablesAttribute &&
+				variable.selectedValue &&
+				!isEmpty(variable.selectedValue) &&
+				(variable.showALLOption ? !variable.allSelected : true)
+			) {
+				const attribute = variable.dynamicVariablesAttribute;
+				const values = Array.isArray(variable.selectedValue)
+					? variable.selectedValue
+					: [variable.selectedValue];
+
+				// Filter out empty values and convert to strings
+				const validValues = values
+					.filter((val) => val !== null && val !== undefined && val !== '')
+					.map((val) => val.toString());
+
+				if (validValues.length > 0) {
+					// Format values for query - wrap strings in quotes, keep numbers as is
+					const formattedValues = validValues.map((val) => {
+						// Check if value is a number
+						const numValue = Number(val);
+						if (!Number.isNaN(numValue) && Number.isFinite(numValue)) {
+							return val; // Keep as number
+						}
+						// Escape single quotes and wrap in quotes
+						return `'${val.replace(/'/g, "\\'")}'`;
+					});
+
+					if (formattedValues.length === 1) {
+						queryParts.push(`${attribute} = ${formattedValues[0]}`);
+					} else {
+						queryParts.push(`${attribute} IN [${formattedValues.join(', ')}]`);
+					}
+				}
+			}
+		});
+
+		return queryParts.join(' AND ');
+	}, [
+		existingVariables,
+		variableData.id,
+		variableData.dynamicVariablesAttribute,
+	]);
+
+	// Wrap the hook's onDropdownVisibleChange to also track isDropdownOpen and handle cleanup
+	const handleSelectDropdownVisibilityChange = useCallback(
+		(visible: boolean): void => {
+			setIsDropdownOpen(visible);
+
+			onDropdownVisibleChange(visible);
+
+			if (!visible) {
+				setFilteredOptionsData(optionsData);
+				setRelatedValues(originalRelatedValues);
+				setApiSearchText('');
+			}
+		},
+		[onDropdownVisibleChange, optionsData, originalRelatedValues],
+	);
+
+	const { isLoading, refetch } = useQuery(
+		[
+			REACT_QUERY_KEY.DASHBOARD_BY_ID,
+			variableData.name || `variable_${variableData.id}`,
+			dynamicVariablesKey,
+			minTime,
+			maxTime,
+			debouncedApiSearchText,
+			variableData.dynamicVariablesSource,
+			variableData.dynamicVariablesAttribute,
+		],
+		{
+			enabled:
+				variableData.type === 'DYNAMIC' &&
+				!!variableData.dynamicVariablesSource &&
+				!!variableData.dynamicVariablesAttribute,
+			queryFn: () =>
+				getFieldValues(
+					variableData.dynamicVariablesSource?.toLowerCase() === 'all telemetry'
+						? undefined
+						: (variableData.dynamicVariablesSource?.toLowerCase() as
+								| 'traces'
+								| 'logs'
+								| 'metrics'),
+					variableData.dynamicVariablesAttribute,
+					debouncedApiSearchText,
+					minTime,
+					maxTime,
+					existingQuery,
+				),
+			onSuccess: (data) => {
+				const newNormalizedValues = data.data?.normalizedValues || [];
+				const newRelatedValues = data.data?.relatedValues || [];
+
+				if (!debouncedApiSearchText) {
+					setOptionsData(newNormalizedValues);
+					setIsComplete(data.data?.complete || false);
+				}
+				setFilteredOptionsData(newNormalizedValues);
+				setRelatedValues(newRelatedValues);
+				setOriginalRelatedValues(newRelatedValues);
+
+				// Only run auto-check logic when necessary to avoid performance issues
+				if (variableData.allSelected && isDropdownOpen) {
+					// Build the latest full list from API (normalized + related)
+					const latestValues = [
+						...new Set([
+							...newNormalizedValues.map((v) => v.toString()),
+							...newRelatedValues.map((v) => v.toString()),
+						]),
+					];
+
+					// Update temp selection to exactly reflect latest API values when ALL is active
+					const currentStrings = Array.isArray(tempSelection)
+						? tempSelection.map((v) => v.toString())
+						: tempSelection
+						? [tempSelection.toString()]
+						: [];
+					const areSame =
+						currentStrings.length === latestValues.length &&
+						latestValues.every((v) => currentStrings.includes(v));
+					if (!areSame) {
+						setTempSelection(latestValues);
+					}
+				}
+
+				// Apply default if no value is selected (e.g., new variable, first load)
+				if (!debouncedApiSearchText) {
+					const allNewOptions = [
+						...new Set([
+							...newNormalizedValues.map((v) => v.toString()),
+							...newRelatedValues.map((v) => v.toString()),
+						]),
+					];
+					applyDefaultIfNeeded(allNewOptions);
+				}
+			},
+			onError: (error: any) => {
+				if (error) {
+					let message = SOMETHING_WENT_WRONG;
+					if (error?.message) {
+						message = error?.message;
+					} else {
+						message =
+							'Please make sure configuration is valid and you have required setup and permissions';
+					}
+					setErrorMessage(message);
+
+					// Check if error is retryable (5xx) or not (4xx)
+					const isRetryable = checkIfRetryableError(error);
+					setIsRetryableError(isRetryable);
+				}
+			},
+		},
+	);
+
+	const handleRetry = useCallback((): void => {
+		setErrorMessage(null);
+		setIsRetryableError(true);
+		refetch();
+	}, [refetch]);
+
+	const handleSearch = useCallback(
+		(text: string) => {
+			if (isComplete) {
+				if (!text) {
+					setFilteredOptionsData(optionsData);
+					setRelatedValues(originalRelatedValues);
+					return;
+				}
+
+				const lowerText = text.toLowerCase();
+				setFilteredOptionsData(
+					optionsData.filter((option) =>
+						option.toString().toLowerCase().includes(lowerText),
+					),
+				);
+				setRelatedValues(
+					originalRelatedValues.filter((val) =>
+						val.toLowerCase().includes(lowerText),
+					),
+				);
+			} else {
+				setApiSearchText(text);
+			}
+		},
+		[isComplete, optionsData, originalRelatedValues],
+	);
+
+	const selectOptions = useMemo(
+		() =>
+			getOptionsForDynamicVariable(filteredOptionsData || [], relatedValues || []),
+		[filteredOptionsData, relatedValues],
+	);
+
+	return (
+		<SelectVariableInput
+			variableId={variableData.id}
+			options={selectOptions}
+			value={value}
+			onChange={onChange}
+			onDropdownVisibleChange={handleSelectDropdownVisibilityChange}
+			onClear={handleClear}
+			enableSelectAll={enableSelectAll}
+			defaultValue={defaultValue}
+			isMultiSelect={variableData.multiSelect}
+			// dynamic variable specific + API related props
+			loading={isLoading}
+			errorMessage={errorMessage}
+			onRetry={handleRetry}
+			isDynamicVariable
+			showRetryButton={isRetryableError}
+			showIncompleteDataMessage={!isComplete && filteredOptionsData.length > 0}
+			onSearch={handleSearch}
+		/>
+	);
+}
+
+export default memo(DynamicVariableInput);

frontend/src/container/DashboardContainer/DashboardVariablesSelection/DynamicVariableSelection.tsx

@@ -1,602 +0,0 @@
-/* eslint-disable sonarjs/cognitive-complexity */
-/* eslint-disable no-nested-ternary */
-import { useCallback, useEffect, useMemo, useState } from 'react';
-import { useQuery } from 'react-query';
-import { useSelector } from 'react-redux';
-import { InfoCircleOutlined } from '@ant-design/icons';
-import { Tooltip, Typography } from 'antd';
-import { getFieldValues } from 'api/dynamicVariables/getFieldValues';
-import { CustomMultiSelect, CustomSelect } from 'components/NewSelect';
-import { SOMETHING_WENT_WRONG } from 'constants/api';
-import { DEBOUNCE_DELAY } from 'constants/queryBuilderFilterConfig';
-import { REACT_QUERY_KEY } from 'constants/reactQueryKeys';
-import useDebounce from 'hooks/useDebounce';
-import { isEmpty, isUndefined } from 'lodash-es';
-import { AppState } from 'store/reducers';
-import { IDashboardVariable } from 'types/api/dashboard/getAll';
-import { GlobalReducer } from 'types/reducer/globalTime';
-import { isRetryableError as checkIfRetryableError } from 'utils/errorUtils';
-import { popupContainer } from 'utils/selectPopupContainer';
-
-import { ALL_SELECT_VALUE } from '../utils';
-import { SelectItemStyle } from './styles';
-import {
-	areArraysEqual,
-	getOptionsForDynamicVariable,
-	getSelectValue,
-	uniqueValues,
-} from './util';
-
-import './DashboardVariableSelection.styles.scss';
-
-interface DynamicVariableSelectionProps {
-	variableData: IDashboardVariable;
-	existingVariables: Record<string, IDashboardVariable>;
-	onValueUpdate: (
-		name: string,
-		id: string,
-		arg1: IDashboardVariable['selectedValue'],
-		allSelected: boolean,
-		haveCustomValuesSelected?: boolean,
-	) => void;
-}
-
-function DynamicVariableSelection({
-	variableData,
-	onValueUpdate,
-	existingVariables,
-}: DynamicVariableSelectionProps): JSX.Element {
-	const [optionsData, setOptionsData] = useState<(string | number | boolean)[]>(
-		[],
-	);
-
-	const [errorMessage, setErrorMessage] = useState<null | string>(null);
-	const [isRetryableError, setIsRetryableError] = useState<boolean>(true);
-
-	const [isComplete, setIsComplete] = useState<boolean>(false);
-
-	const [filteredOptionsData, setFilteredOptionsData] = useState<
-		(string | number | boolean)[]
-	>([]);
-
-	const [relatedValues, setRelatedValues] = useState<string[]>([]);
-	const [originalRelatedValues, setOriginalRelatedValues] = useState<string[]>(
-		[],
-	);
-
-	const [tempSelection, setTempSelection] = useState<
-		string | string[] | undefined
-	>(undefined);
-
-	// Track dropdown open state for auto-checking new values
-	const [isDropdownOpen, setIsDropdownOpen] = useState<boolean>(false);
-
-	// Create a dependency key from all dynamic variables
-	const dynamicVariablesKey = useMemo(() => {
-		if (!existingVariables) {
-			return 'no_variables';
-		}
-
-		const dynamicVars = Object.values(existingVariables)
-			.filter((v) => v.type === 'DYNAMIC')
-			.map(
-				(v) => `${v.name || 'unnamed'}:${JSON.stringify(v.selectedValue || null)}`,
-			)
-			.join('|');
-
-		return dynamicVars || 'no_dynamic_variables';
-	}, [existingVariables]);
-
-	const [apiSearchText, setApiSearchText] = useState<string>('');
-
-	const debouncedApiSearchText = useDebounce(apiSearchText, DEBOUNCE_DELAY);
-
-	const { maxTime, minTime } = useSelector<AppState, GlobalReducer>(
-		(state) => state.globalTime,
-	);
-
-	// existing query is the query made from the other dynamic variables around this one with there current values
-	// for e.g. k8s.namespace.name IN ["zeus", "gene"] AND doc_op_type IN ["test"]
-	const existingQuery = useMemo(() => {
-		if (!existingVariables || !variableData.dynamicVariablesAttribute) {
-			return '';
-		}
-
-		const queryParts: string[] = [];
-
-		Object.entries(existingVariables).forEach(([, variable]) => {
-			// Skip the current variable being processed
-			if (variable.id === variableData.id) {
-				return;
-			}
-
-			// Only include dynamic variables that have selected values and are not selected as ALL
-			if (
-				variable.type === 'DYNAMIC' &&
-				variable.dynamicVariablesAttribute &&
-				variable.selectedValue &&
-				!isEmpty(variable.selectedValue) &&
-				(variable.showALLOption ? !variable.allSelected : true)
-			) {
-				const attribute = variable.dynamicVariablesAttribute;
-				const values = Array.isArray(variable.selectedValue)
-					? variable.selectedValue
-					: [variable.selectedValue];
-
-				// Filter out empty values and convert to strings
-				const validValues = values
-					.filter((value) => value !== null && value !== undefined && value !== '')
-					.map((value) => value.toString());
-
-				if (validValues.length > 0) {
-					// Format values for query - wrap strings in quotes, keep numbers as is
-					const formattedValues = validValues.map((value) => {
-						// Check if value is a number
-						const numValue = Number(value);
-						if (!Number.isNaN(numValue) && Number.isFinite(numValue)) {
-							return value; // Keep as number
-						}
-						// Escape single quotes and wrap in quotes
-						return `'${value.replace(/'/g, "\\'")}'`;
-					});
-
-					if (formattedValues.length === 1) {
-						queryParts.push(`${attribute} = ${formattedValues[0]}`);
-					} else {
-						queryParts.push(`${attribute} IN [${formattedValues.join(', ')}]`);
-					}
-				}
-			}
-		});
-
-		return queryParts.join(' AND ');
-	}, [
-		existingVariables,
-		variableData.id,
-		variableData.dynamicVariablesAttribute,
-	]);
-
-	const { isLoading, refetch } = useQuery(
-		[
-			REACT_QUERY_KEY.DASHBOARD_BY_ID,
-			variableData.name || `variable_${variableData.id}`,
-			dynamicVariablesKey,
-			minTime,
-			maxTime,
-			debouncedApiSearchText,
-		],
-		{
-			enabled: variableData.type === 'DYNAMIC',
-			queryFn: () =>
-				getFieldValues(
-					variableData.dynamicVariablesSource?.toLowerCase() === 'all telemetry'
-						? undefined
-						: (variableData.dynamicVariablesSource?.toLowerCase() as
-								| 'traces'
-								| 'logs'
-								| 'metrics'),
-					variableData.dynamicVariablesAttribute,
-					debouncedApiSearchText,
-					minTime,
-					maxTime,
-					existingQuery,
-				),
-			onSuccess: (data) => {
-				const newNormalizedValues = data.data?.normalizedValues || [];
-				const newRelatedValues = data.data?.relatedValues || [];
-
-				if (!debouncedApiSearchText) {
-					setOptionsData(newNormalizedValues);
-					setIsComplete(data.data?.complete || false);
-				}
-				setFilteredOptionsData(newNormalizedValues);
-				setRelatedValues(newRelatedValues);
-				setOriginalRelatedValues(newRelatedValues);
-
-				// Only run auto-check logic when necessary to avoid performance issues
-				if (variableData.allSelected && isDropdownOpen) {
-					// Build the latest full list from API (normalized + related)
-					const latestValues = [
-						...new Set([
-							...newNormalizedValues.map((v) => v.toString()),
-							...newRelatedValues.map((v) => v.toString()),
-						]),
-					];
-
-					// Update temp selection to exactly reflect latest API values when ALL is active
-					const currentStrings = Array.isArray(tempSelection)
-						? tempSelection.map((v) => v.toString())
-						: tempSelection
-						? [tempSelection.toString()]
-						: [];
-					const areSame =
-						currentStrings.length === latestValues.length &&
-						latestValues.every((v) => currentStrings.includes(v));
-					if (!areSame) {
-						setTempSelection(latestValues);
-					}
-				}
-			},
-			onError: (error: any) => {
-				if (error) {
-					let message = SOMETHING_WENT_WRONG;
-					if (error?.message) {
-						message = error?.message;
-					} else {
-						message =
-							'Please make sure configuration is valid and you have required setup and permissions';
-					}
-					setErrorMessage(message);
-
-					// Check if error is retryable (5xx) or not (4xx)
-					const isRetryable = checkIfRetryableError(error);
-					setIsRetryableError(isRetryable);
-				}
-			},
-		},
-	);
-
-	const handleChange = useCallback(
-		(inputValue: string | string[]): void => {
-			const value = variableData.multiSelect && !inputValue ? [] : inputValue;
-
-			if (
-				value === variableData.selectedValue ||
-				(Array.isArray(value) &&
-					Array.isArray(variableData.selectedValue) &&
-					areArraysEqual(value, variableData.selectedValue))
-			) {
-				return;
-			}
-
-			if (variableData.name) {
-				if (
-					value === ALL_SELECT_VALUE ||
-					(Array.isArray(value) && value.includes(ALL_SELECT_VALUE))
-				) {
-					// For ALL selection in dynamic variables, pass null to avoid storing values
-					// The parent component will handle this appropriately
-					onValueUpdate(variableData.name, variableData.id, null, true);
-				} else {
-					// Build union of available options shown in dropdown (normalized + related)
-					const allAvailableOptionStrings = [
-						...new Set([
-							...optionsData.map((v) => v.toString()),
-							...relatedValues.map((v) => v.toString()),
-						]),
-					];
-
-					const haveCustomValuesSelected =
-						Array.isArray(value) &&
-						!value.every((v) => allAvailableOptionStrings.includes(v.toString()));
-
-					onValueUpdate(
-						variableData.name,
-						variableData.id,
-						value,
-						allAvailableOptionStrings.every((v) => value.includes(v.toString())),
-						haveCustomValuesSelected,
-					);
-				}
-			}
-		},
-		[variableData, onValueUpdate, optionsData, relatedValues],
-	);
-
-	useEffect(() => {
-		if (
-			variableData.dynamicVariablesSource &&
-			variableData.dynamicVariablesAttribute
-		) {
-			refetch();
-		}
-	}, [
-		refetch,
-		variableData.dynamicVariablesSource,
-		variableData.dynamicVariablesAttribute,
-		debouncedApiSearchText,
-	]);
-
-	// Build a memoized list of all currently available option strings (normalized + related)
-	const allAvailableOptionStrings = useMemo(
-		() => [
-			...new Set([
-				...optionsData.map((v) => v.toString()),
-				...relatedValues.map((v) => v.toString()),
-			]),
-		],
-		[optionsData, relatedValues],
-	);
-
-	const handleSearch = useCallback(
-		(text: string) => {
-			if (isComplete) {
-				if (!text) {
-					setFilteredOptionsData(optionsData);
-					setRelatedValues(originalRelatedValues);
-					return;
-				}
-
-				const localFilteredOptionsData: (string | number | boolean)[] = [];
-				optionsData.forEach((option) => {
-					if (option.toString().toLowerCase().includes(text.toLowerCase())) {
-						localFilteredOptionsData.push(option);
-					}
-				});
-				setFilteredOptionsData(localFilteredOptionsData);
-				setRelatedValues(
-					originalRelatedValues.filter((value) =>
-						value.toLowerCase().includes(text.toLowerCase()),
-					),
-				);
-			} else {
-				setApiSearchText(text);
-			}
-		},
-		[isComplete, optionsData, originalRelatedValues],
-	);
-
-	const { selectedValue } = variableData;
-	const selectedValueStringified = useMemo(
-		() => getSelectValue(selectedValue, variableData),
-		[selectedValue, variableData],
-	);
-
-	const enableSelectAll = variableData.multiSelect && variableData.showALLOption;
-
-	const selectValue =
-		variableData.allSelected && enableSelectAll
-			? ALL_SELECT_VALUE
-			: selectedValueStringified;
-
-	// Add a handler for tracking temporary selection changes
-	const handleTempChange = useCallback(
-		(inputValue: string | string[]): void => {
-			// Store the selection in temporary state while dropdown is open
-			const value = variableData.multiSelect && !inputValue ? [] : inputValue;
-			const sanitizedValue = uniqueValues(value);
-			setTempSelection(sanitizedValue);
-		},
-		[variableData.multiSelect],
-	);
-
-	// Handle dropdown visibility changes
-	const handleDropdownVisibleChange = (visible: boolean): void => {
-		// Update dropdown open state for auto-checking
-		setIsDropdownOpen(visible);
-
-		// Initialize temp selection when opening dropdown
-		if (visible) {
-			if (isUndefined(tempSelection) && selectValue === ALL_SELECT_VALUE) {
-				// When ALL is selected, set selection to exactly the latest available values
-				const latestAll = [...allAvailableOptionStrings];
-				setTempSelection(latestAll);
-			} else {
-				setTempSelection(getSelectValue(variableData.selectedValue, variableData));
-			}
-		}
-		// Apply changes when closing dropdown
-		else if (!visible && tempSelection !== undefined) {
-			// Only call handleChange if there's actually a change in the selection
-			const currentValue = variableData.selectedValue;
-
-			// Helper function to check if arrays have the same elements regardless of order
-			const areArraysEqualIgnoreOrder = (a: any[], b: any[]): boolean => {
-				if (a.length !== b.length) {
-					return false;
-				}
-				const sortedA = [...a].sort();
-				const sortedB = [...b].sort();
-				return areArraysEqual(sortedA, sortedB);
-			};
-
-			// If ALL was selected before and remains ALL after, skip updating
-			const wasAllSelected = enableSelectAll && variableData.allSelected;
-			const isAllSelectedAfter =
-				enableSelectAll &&
-				Array.isArray(tempSelection) &&
-				tempSelection.length === allAvailableOptionStrings.length &&
-				allAvailableOptionStrings.every((v) => tempSelection.includes(v));
-
-			if (wasAllSelected && isAllSelectedAfter) {
-				setTempSelection(undefined);
-				return;
-			}
-
-			const hasChanged =
-				tempSelection !== currentValue &&
-				!(
-					Array.isArray(tempSelection) &&
-					Array.isArray(currentValue) &&
-					areArraysEqualIgnoreOrder(tempSelection, currentValue)
-				);
-
-			if (hasChanged) {
-				handleChange(tempSelection);
-			}
-			setTempSelection(undefined);
-		}
-
-		// Always reset filtered data when dropdown closes, regardless of tempSelection state
-		if (!visible) {
-			setFilteredOptionsData(optionsData);
-			setRelatedValues(originalRelatedValues);
-			setApiSearchText('');
-		}
-	};
-
-	useEffect(
-		() => (): void => {
-			// Cleanup on unmount
-			setTempSelection(undefined);
-			setFilteredOptionsData([]);
-			setRelatedValues([]);
-			setApiSearchText('');
-		},
-		[],
-	);
-
-	// eslint-disable-next-line sonarjs/cognitive-complexity
-	const finalSelectedValues = useMemo(() => {
-		if (variableData.multiSelect) {
-			let value = tempSelection || selectedValue;
-			if (isEmpty(value)) {
-				if (variableData.showALLOption) {
-					if (variableData.defaultValue) {
-						value = variableData.defaultValue;
-					} else if (variableData.allSelected) {
-						// If ALL is selected but no stored values, derive from available options
-						// This handles the case where we don't store values in localStorage for ALL
-						value = allAvailableOptionStrings;
-					} else {
-						value = optionsData;
-					}
-				} else if (variableData.defaultValue) {
-					value = variableData.defaultValue;
-				} else {
-					value = optionsData?.[0];
-				}
-			}
-
-			return value;
-		}
-		if (isEmpty(selectedValue)) {
-			if (variableData.defaultValue) {
-				return variableData.defaultValue;
-			}
-			return optionsData[0]?.toString();
-		}
-
-		return selectedValue;
-	}, [
-		variableData.multiSelect,
-		variableData.showALLOption,
-		variableData.defaultValue,
-		variableData.allSelected,
-		selectedValue,
-		tempSelection,
-		optionsData,
-		allAvailableOptionStrings,
-	]);
-
-	useEffect(() => {
-		if (
-			(variableData.multiSelect && !(tempSelection || selectValue)) ||
-			isEmpty(selectValue)
-		) {
-			handleChange(finalSelectedValues as string[] | string);
-		}
-	}, [
-		finalSelectedValues,
-		handleChange,
-		selectValue,
-		tempSelection,
-		variableData.multiSelect,
-	]);
-
-	return (
-		<div className="variable-item">
-			<Typography.Text className="variable-name" ellipsis>
-				${variableData.name}
-				{variableData.description && (
-					<Tooltip title={variableData.description}>
-						<InfoCircleOutlined className="info-icon" />
-					</Tooltip>
-				)}
-			</Typography.Text>
-			<div className="variable-value">
-				{variableData.multiSelect ? (
-					<CustomMultiSelect
-						key={variableData.id}
-						options={getOptionsForDynamicVariable(
-							filteredOptionsData || [],
-							relatedValues || [],
-						)}
-						defaultValue={variableData.defaultValue}
-						onChange={handleTempChange}
-						bordered={false}
-						placeholder="Select value"
-						placement="bottomLeft"
-						style={SelectItemStyle}
-						loading={isLoading}
-						showSearch
-						data-testid="variable-select"
-						className="variable-select"
-						popupClassName="dropdown-styles"
-						maxTagCount={2}
-						getPopupContainer={popupContainer}
-						value={
-							(tempSelection || selectValue) === ALL_SELECT_VALUE
-								? 'ALL'
-								: tempSelection || selectValue
-						}
-						onDropdownVisibleChange={handleDropdownVisibleChange}
-						errorMessage={errorMessage}
-						// eslint-disable-next-line react/no-unstable-nested-components
-						maxTagPlaceholder={(omittedValues): JSX.Element => {
-							const maxDisplayValues = 10;
-							const valuesToShow = omittedValues.slice(0, maxDisplayValues);
-							const hasMore = omittedValues.length > maxDisplayValues;
-							const tooltipText =
-								valuesToShow.map(({ value }) => value).join(', ') +
-								(hasMore ? ` + ${omittedValues.length - maxDisplayValues} more` : '');
-
-							return (
-								<Tooltip title={tooltipText}>
-									<span>+ {omittedValues.length} </span>
-								</Tooltip>
-							);
-						}}
-						onClear={(): void => {
-							handleChange([]);
-						}}
-						enableAllSelection={enableSelectAll}
-						maxTagTextLength={30}
-						onSearch={handleSearch}
-						onRetry={(): void => {
-							setErrorMessage(null);
-							setIsRetryableError(true);
-							refetch();
-						}}
-						showIncompleteDataMessage={!isComplete && filteredOptionsData.length > 0}
-						isDynamicVariable
-						showRetryButton={isRetryableError}
-					/>
-				) : (
-					<CustomSelect
-						key={variableData.id}
-						onChange={handleChange}
-						bordered={false}
-						placeholder="Select value"
-						style={SelectItemStyle}
-						loading={isLoading}
-						showSearch
-						data-testid="variable-select"
-						className="variable-select"
-						popupClassName="dropdown-styles"
-						getPopupContainer={popupContainer}
-						options={getOptionsForDynamicVariable(
-							filteredOptionsData || [],
-							relatedValues || [],
-						)}
-						value={selectValue}
-						defaultValue={variableData.defaultValue}
-						errorMessage={errorMessage}
-						onSearch={handleSearch}
-						// eslint-disable-next-line sonarjs/no-identical-functions
-						onRetry={(): void => {
-							setErrorMessage(null);
-							setIsRetryableError(true);
-							refetch();
-						}}
-						showIncompleteDataMessage={!isComplete && filteredOptionsData.length > 0}
-						isDynamicVariable
-						showRetryButton={isRetryableError}
-					/>
-				)}
-			</div>
-		</div>
-	);
-}
-
-export default DynamicVariableSelection;

frontend/src/container/DashboardContainer/DashboardVariablesSelection/QueryVariableInput.tsx

@@ -1,13 +1,11 @@
-import { memo, useCallback, useState } from 'react';
+import { memo, useCallback, useMemo, useState } from 'react';
 import { useQuery } from 'react-query';
 import { useSelector } from 'react-redux';
 import dashboardVariablesQuery from 'api/dashboard/variables/dashboardVariablesQuery';
 import { REACT_QUERY_KEY } from 'constants/reactQueryKeys';
-import sortValues from 'lib/dashbaordVariables/sortVariableValues';
+import sortValues from 'lib/dashboardVariables/sortVariableValues';
 import { isArray, isString } from 'lodash-es';
-import { IDependencyData } from 'providers/Dashboard/store/dashboardVariables/dashboardVariablesStoreTypes';
 import { AppState } from 'store/reducers';
-import { IDashboardVariable } from 'types/api/dashboard/getAll';
 import { VariableResponseProps } from 'types/api/dashboard/variables/query';
 import { GlobalReducer } from 'types/reducer/globalTime';
 
@@ -15,20 +13,18 @@ import { variablePropsToPayloadVariables } from '../utils';
 import SelectVariableInput from './SelectVariableInput';
 import { useDashboardVariableSelectHelper } from './useDashboardVariableSelectHelper';
 import { areArraysEqual, checkAPIInvocation } from './util';
+import { VariableItemProps } from './VariableItem';
+import { queryVariableSelectStrategy } from './variableSelectStrategy/queryVariableSelectStrategy';
 
-interface QueryVariableInputProps {
-	variableData: IDashboardVariable;
-	existingVariables: Record<string, IDashboardVariable>;
-	onValueUpdate: (
-		name: string,
-		id: string,
-		value: IDashboardVariable['selectedValue'],
-		allSelected: boolean,
-	) => void;
-	variablesToGetUpdated: string[];
-	setVariablesToGetUpdated: React.Dispatch<React.SetStateAction<string[]>>;
-	dependencyData: IDependencyData | null;
-}
+type QueryVariableInputProps = Pick<
+	VariableItemProps,
+	| 'variableData'
+	| 'existingVariables'
+	| 'onValueUpdate'
+	| 'variablesToGetUpdated'
+	| 'setVariablesToGetUpdated'
+	| 'dependencyData'
+>;
 
 function QueryVariableInput({
 	variableData,
@@ -56,13 +52,15 @@ function QueryVariableInput({
 		onChange,
 		onDropdownVisibleChange,
 		handleClear,
+		applyDefaultIfNeeded,
 	} = useDashboardVariableSelectHelper({
 		variableData,
 		optionsData,
 		onValueUpdate,
+		strategy: queryVariableSelectStrategy,
 	});
 
-	const validVariableUpdate = (): boolean => {
+	const validVariableUpdate = useCallback((): boolean => {
 		if (!variableData.name) {
 			return false;
 		}
@@ -70,86 +68,100 @@ function QueryVariableInput({
 			variablesToGetUpdated.length &&
 				variablesToGetUpdated[0] === variableData.name,
 		);
-	};
+	}, [variableData.name, variablesToGetUpdated]);
 
-	// eslint-disable-next-line sonarjs/cognitive-complexity
-	const getOptions = (variablesRes: VariableResponseProps | null): void => {
-		try {
-			setErrorMessage(null);
+	const getOptions = useCallback(
+		// eslint-disable-next-line sonarjs/cognitive-complexity
+		(variablesRes: VariableResponseProps | null): void => {
+			try {
+				setErrorMessage(null);
 
-			if (
-				variablesRes?.variableValues &&
-				Array.isArray(variablesRes?.variableValues)
-			) {
-				const newOptionsData = sortValues(
-					variablesRes?.variableValues,
-					variableData.sort,
-				);
+				if (
+					variablesRes?.variableValues &&
+					Array.isArray(variablesRes?.variableValues)
+				) {
+					const newOptionsData = sortValues(
+						variablesRes?.variableValues,
+						variableData.sort,
+					);
 
-				const oldOptionsData = sortValues(optionsData, variableData.sort) as never;
+					const oldOptionsData = sortValues(optionsData, variableData.sort) as never;
 
-				if (!areArraysEqual(newOptionsData, oldOptionsData)) {
-					let valueNotInList = false;
+					if (!areArraysEqual(newOptionsData, oldOptionsData)) {
+						let valueNotInList = false;
 
-					if (isArray(variableData.selectedValue)) {
-						variableData.selectedValue.forEach((val) => {
-							if (!newOptionsData.includes(val)) {
-								valueNotInList = true;
-							}
-						});
-					} else if (
-						isString(variableData.selectedValue) &&
-						!newOptionsData.includes(variableData.selectedValue)
-					) {
-						valueNotInList = true;
-					}
-
-					// variablesData.allSelected is added for the case where on change of options we need to update the
-					// local storage
-					if (
-						variableData.name &&
-						(validVariableUpdate() || valueNotInList || variableData.allSelected)
-					) {
-						if (
-							variableData.allSelected &&
-							variableData.multiSelect &&
-							variableData.showALLOption
+						if (isArray(variableData.selectedValue)) {
+							variableData.selectedValue.forEach((val) => {
+								if (!newOptionsData.includes(val)) {
+									valueNotInList = true;
+								}
+							});
+						} else if (
+							isString(variableData.selectedValue) &&
+							!newOptionsData.includes(variableData.selectedValue)
 						) {
-							onValueUpdate(variableData.name, variableData.id, newOptionsData, true);
+							valueNotInList = true;
+						}
 
-							// Update tempSelection to maintain ALL state when dropdown is open
-							if (tempSelection !== undefined) {
-								setTempSelection(newOptionsData.map((option) => option.toString()));
-							}
-						} else {
-							const value = variableData.selectedValue;
-							let allSelected = false;
+						// variablesData.allSelected is added for the case where on change of options we need to update the
+						// local storage
+						if (
+							variableData.name &&
+							(validVariableUpdate() || valueNotInList || variableData.allSelected)
+						) {
+							if (
+								variableData.allSelected &&
+								variableData.multiSelect &&
+								variableData.showALLOption
+							) {
+								onValueUpdate(variableData.name, variableData.id, newOptionsData, true);
 
-							if (variableData.multiSelect) {
-								const { selectedValue } = variableData;
-								allSelected =
-									newOptionsData.length > 0 &&
-									Array.isArray(selectedValue) &&
-									newOptionsData.every((option) => selectedValue.includes(option));
-							}
+								// Update tempSelection to maintain ALL state when dropdown is open
+								if (tempSelection !== undefined) {
+									setTempSelection(newOptionsData.map((option) => option.toString()));
+								}
+							} else {
+								const value = variableData.selectedValue;
+								let allSelected = false;
 
-							if (variableData.name && variableData.id) {
-								onValueUpdate(variableData.name, variableData.id, value, allSelected);
+								if (variableData.multiSelect) {
+									const { selectedValue } = variableData;
+									allSelected =
+										newOptionsData.length > 0 &&
+										Array.isArray(selectedValue) &&
+										newOptionsData.every((option) => selectedValue.includes(option));
+								}
+
+								if (variableData.name && variableData.id) {
+									onValueUpdate(variableData.name, variableData.id, value, allSelected);
+								}
 							}
 						}
-					}
 
-					setOptionsData(newOptionsData);
-				} else {
-					setVariablesToGetUpdated((prev) =>
-						prev.filter((name) => name !== variableData.name),
-					);
+						setOptionsData(newOptionsData);
+						// Apply default if no value is selected (e.g., new variable, first load)
+						applyDefaultIfNeeded(newOptionsData);
+					} else {
+						setVariablesToGetUpdated((prev) =>
+							prev.filter((name) => name !== variableData.name),
+						);
+					}
 				}
+			} catch (e) {
+				console.error(e);
 			}
-		} catch (e) {
-			console.error(e);
-		}
-	};
+		},
+		[
+			variableData,
+			optionsData,
+			onValueUpdate,
+			tempSelection,
+			setTempSelection,
+			validVariableUpdate,
+			setVariablesToGetUpdated,
+			applyDefaultIfNeeded,
+		],
+	);
 
 	const { isLoading, refetch } = useQuery(
 		[
@@ -162,7 +174,6 @@ function QueryVariableInput({
 		{
 			enabled:
 				variableData &&
-				variableData.type === 'QUERY' &&
 				checkAPIInvocation(
 					variablesToGetUpdated,
 					variableData,
@@ -207,10 +218,19 @@ function QueryVariableInput({
 		refetch();
 	}, [refetch]);
 
+	const selectOptions = useMemo(
+		() =>
+			optionsData.map((option) => ({
+				label: option.toString(),
+				value: option.toString(),
+			})),
+		[optionsData],
+	);
+
 	return (
 		<SelectVariableInput
 			variableId={variableData.id}
-			options={optionsData}
+			options={selectOptions}
 			value={value}
 			onChange={onChange}
 			onDropdownVisibleChange={onDropdownVisibleChange}

frontend/src/container/DashboardContainer/DashboardVariablesSelection/SelectVariableInput.tsx

@@ -3,6 +3,7 @@ import { orange } from '@ant-design/colors';
 import { WarningOutlined } from '@ant-design/icons';
 import { Popover, Tooltip, Typography } from 'antd';
 import { CustomMultiSelect, CustomSelect } from 'components/NewSelect';
+import { OptionData } from 'components/NewSelect/types';
 import { popupContainer } from 'utils/selectPopupContainer';
 
 import { ALL_SELECT_VALUE } from '../utils';
@@ -12,7 +13,7 @@ const errorIconStyle = { margin: '0 0.5rem' };
 
 interface SelectVariableInputProps {
 	variableId: string;
-	options: (string | number | boolean)[];
+	options: OptionData[];
 	value: string | string[] | undefined;
 	enableSelectAll: boolean;
 	isMultiSelect: boolean;
@@ -23,13 +24,17 @@ interface SelectVariableInputProps {
 	loading?: boolean;
 	errorMessage?: string | null;
 	onRetry?: () => void;
+	isDynamicVariable?: boolean;
+	showRetryButton?: boolean;
+	showIncompleteDataMessage?: boolean;
+	onSearch?: (searchTerm: string) => void;
 }
 
 const MAX_TAG_DISPLAY_VALUES = 10;
 
-function maxTagPlaceholder(
+export const renderMaxTagPlaceholder = (
 	omittedValues: { label?: React.ReactNode; value?: string | number }[],
-): JSX.Element {
+): JSX.Element => {
 	const valuesToShow = omittedValues.slice(0, MAX_TAG_DISPLAY_VALUES);
 	const hasMore = omittedValues.length > MAX_TAG_DISPLAY_VALUES;
 	const tooltipText =
@@ -41,7 +46,7 @@ function maxTagPlaceholder(
 			<span>+ {omittedValues.length} </span>
 		</Tooltip>
 	);
-}
+};
 
 function SelectVariableInput({
 	variableId,
@@ -56,16 +61,11 @@ function SelectVariableInput({
 	enableSelectAll,
 	isMultiSelect,
 	defaultValue,
+	isDynamicVariable,
+	showRetryButton,
+	showIncompleteDataMessage,
+	onSearch,
 }: SelectVariableInputProps): JSX.Element {
-	const selectOptions = useMemo(
-		() =>
-			options.map((option) => ({
-				label: option.toString(),
-				value: option.toString(),
-			})),
-		[options],
-	);
-
 	const commonProps = useMemo(
 		() => ({
 			// main props
@@ -82,23 +82,33 @@ function SelectVariableInput({
 			showSearch: true,
 			bordered: false,
 
-			// dynamic props
+			// changing props
 			'data-testid': 'variable-select',
 			onChange,
 			loading,
-			options: selectOptions,
+			options,
 			errorMessage,
 			onRetry,
+
+			// dynamic variable only props
+			isDynamicVariable,
+			showRetryButton,
+			showIncompleteDataMessage,
+			onSearch,
 		}),
 		[
 			variableId,
 			defaultValue,
 			onChange,
 			loading,
-			selectOptions,
+			options,
 			value,
 			errorMessage,
 			onRetry,
+			isDynamicVariable,
+			showRetryButton,
+			showIncompleteDataMessage,
+			onSearch,
 		],
 	);
 
@@ -110,11 +120,11 @@ function SelectVariableInput({
 					placement="bottomLeft"
 					maxTagCount={2}
 					onDropdownVisibleChange={onDropdownVisibleChange}
-					maxTagPlaceholder={maxTagPlaceholder}
+					maxTagPlaceholder={renderMaxTagPlaceholder}
 					onClear={onClear}
 					enableAllSelection={enableSelectAll}
 					maxTagTextLength={30}
-					allowClear={value !== ALL_SELECT_VALUE && value !== 'ALL'}
+					allowClear={value !== ALL_SELECT_VALUE}
 				/>
 			) : (
 				<CustomSelect {...commonProps} />

frontend/src/container/DashboardContainer/DashboardVariablesSelection/VariableItem.tsx

@@ -5,6 +5,7 @@ import { IDependencyData } from 'providers/Dashboard/store/dashboardVariables/da
 import { IDashboardVariable } from 'types/api/dashboard/getAll';
 
 import CustomVariableInput from './CustomVariableInput';
+import DynamicVariableInput from './DynamicVariableInput';
 import QueryVariableInput from './QueryVariableInput';
 import TextboxVariableInput from './TextboxVariableInput';
 
@@ -16,8 +17,9 @@ export interface VariableItemProps {
 	onValueUpdate: (
 		name: string,
 		id: string,
-		arg1: IDashboardVariable['selectedValue'],
+		value: IDashboardVariable['selectedValue'],
 		allSelected: boolean,
+		haveCustomValuesSelected?: boolean,
 	) => void;
 	variablesToGetUpdated: string[];
 	setVariablesToGetUpdated: React.Dispatch<React.SetStateAction<string[]>>;
@@ -68,6 +70,13 @@ function VariableItem({
 						dependencyData={dependencyData}
 					/>
 				)}
+				{variableType === 'DYNAMIC' && (
+					<DynamicVariableInput
+						variableData={variableData}
+						onValueUpdate={onValueUpdate}
+						existingVariables={existingVariables}
+					/>
+				)}
 			</div>
 		</div>
 	);

frontend/src/container/DashboardContainer/DashboardVariablesSelection/__test__/DynamicVariableInput.test.tsx

@@ -5,7 +5,7 @@ import * as ReactRedux from 'react-redux';
 import { fireEvent, render, screen } from '@testing-library/react';
 import { IDashboardVariable } from 'types/api/dashboard/getAll';
 
-import DynamicVariableSelection from '../DynamicVariableSelection';
+import DynamicVariableInput from '../DynamicVariableInput';
 
 // Don't mock the components - use real ones
 
@@ -54,7 +54,7 @@ const mockApiResponse = {
 // Mock scrollIntoView since it's not available in JSDOM
 window.HTMLElement.prototype.scrollIntoView = jest.fn();
 
-describe('DynamicVariableSelection Component', () => {
+describe('DynamicVariableInput Component', () => {
 	const mockOnValueUpdate = jest.fn();
 
 	const mockDynamicVariableData: IDashboardVariable = {
@@ -108,18 +108,13 @@ describe('DynamicVariableSelection Component', () => {
 
 	it('renders with single select variable correctly', () => {
 		render(
-			<DynamicVariableSelection
+			<DynamicVariableInput
 				variableData={mockDynamicVariableData}
 				existingVariables={mockExistingVariables}
 				onValueUpdate={mockOnValueUpdate}
 			/>,
 		);
 
-		// Verify component renders correctly
-		expect(
-			screen.getByText(`$${mockDynamicVariableData.name}`),
-		).toBeInTheDocument();
-
 		// Verify the selected value is displayed
 		const selectedItem = screen.getByRole('combobox');
 		expect(selectedItem).toBeInTheDocument();
@@ -136,18 +131,13 @@ describe('DynamicVariableSelection Component', () => {
 		};
 
 		render(
-			<DynamicVariableSelection
+			<DynamicVariableInput
 				variableData={multiSelectWithAllSelected}
 				existingVariables={mockExistingVariables}
 				onValueUpdate={mockOnValueUpdate}
 			/>,
 		);
 
-		// Verify variable name is rendered
-		expect(
-			screen.getByText(`$${multiSelectWithAllSelected.name}`),
-		).toBeInTheDocument();
-
 		// In ALL selected mode, there should be an "ALL" text element
 		expect(screen.getByText('ALL')).toBeInTheDocument();
 	});
@@ -164,18 +154,13 @@ describe('DynamicVariableSelection Component', () => {
 		});
 
 		render(
-			<DynamicVariableSelection
+			<DynamicVariableInput
 				variableData={mockDynamicVariableData}
 				existingVariables={mockExistingVariables}
 				onValueUpdate={mockOnValueUpdate}
 			/>,
 		);
 
-		// Verify component renders in loading state
-		expect(
-			screen.getByText(`$${mockDynamicVariableData.name}`),
-		).toBeInTheDocument();
-
 		// Open dropdown to see loading text
 		const selectElement = screen.getByRole('combobox');
 		fireEvent.mouseDown(selectElement);
@@ -199,18 +184,13 @@ describe('DynamicVariableSelection Component', () => {
 		});
 
 		render(
-			<DynamicVariableSelection
+			<DynamicVariableInput
 				variableData={mockDynamicVariableData}
 				existingVariables={mockExistingVariables}
 				onValueUpdate={mockOnValueUpdate}
 			/>,
 		);
 
-		// Verify the component renders
-		expect(
-			screen.getByText(`$${mockDynamicVariableData.name}`),
-		).toBeInTheDocument();
-
 		// For error states, we should check that error handling is in place
 		// Without opening the dropdown as the error message might be handled differently
 		expect(ReactQuery.useQuery).toHaveBeenCalled();
@@ -219,7 +199,7 @@ describe('DynamicVariableSelection Component', () => {
 
 	it('makes API call to fetch variable values', () => {
 		render(
-			<DynamicVariableSelection
+			<DynamicVariableInput
 				variableData={mockDynamicVariableData}
 				existingVariables={mockExistingVariables}
 				onValueUpdate={mockOnValueUpdate}
@@ -235,6 +215,8 @@ describe('DynamicVariableSelection Component', () => {
 				'2023-01-01T00:00:00Z', // minTime from useSelector mock
 				'2023-01-02T00:00:00Z', // maxTime from useSelector mock
 				'',
+				'Traces',
+				'service.name',
 			],
 			expect.objectContaining({
 				enabled: true, // Type is 'DYNAMIC'
@@ -255,16 +237,13 @@ describe('DynamicVariableSelection Component', () => {
 		};
 
 		render(
-			<DynamicVariableSelection
+			<DynamicVariableInput
 				variableData={customVariable}
 				existingVariables={{ ...mockExistingVariables, custom1: customVariable }}
 				onValueUpdate={mockOnValueUpdate}
 			/>,
 		);
 
-		// Verify the component correctly displays the selected value
-		expect(screen.getByText(`$${customVariable.name}`)).toBeInTheDocument();
-
 		// Find the selection item in the component using data-testid
 		const selectElement = screen.getByTestId('variable-select');
 		expect(selectElement).toBeInTheDocument();

frontend/src/container/DashboardContainer/DashboardVariablesSelection/__test__/VariableItem.defaulting.behavior.test.tsx

@@ -63,10 +63,10 @@ describe('VariableItem Default Value Selection Behavior', () => {
 				expect(screen.getByTestId(VARIABLE_SELECT_TESTID)).toBeInTheDocument();
 			});
 
-			expect(screen.getByText('option1')).toBeInTheDocument();
+			expect(await screen.findByText('option1')).toBeInTheDocument();
 		});
 
-		test('should show placeholder when no previous and no default', async () => {
+		test('should auto-select first option when no previous and no default', async () => {
 			const variable: IDashboardVariable = {
 				id: TEST_VARIABLE_ID,
 				name: TEST_VARIABLE_NAME,
@@ -85,7 +85,8 @@ describe('VariableItem Default Value Selection Behavior', () => {
 				expect(screen.getByTestId(VARIABLE_SELECT_TESTID)).toBeInTheDocument();
 			});
 
-			expect(screen.getByText('Select value')).toBeInTheDocument();
+			// With the new variable select strategy, the first option is auto-selected
+			expect(await screen.findByText('option1')).toBeInTheDocument();
 		});
 	});
 
@@ -110,7 +111,7 @@ describe('VariableItem Default Value Selection Behavior', () => {
 				expect(screen.getByTestId(VARIABLE_SELECT_TESTID)).toBeInTheDocument();
 			});
 
-			expect(screen.getByText('ALL')).toBeInTheDocument();
+			expect(await screen.findByText('ALL')).toBeInTheDocument();
 		});
 	});
 
@@ -134,7 +135,7 @@ describe('VariableItem Default Value Selection Behavior', () => {
 				expect(screen.getByTestId(VARIABLE_SELECT_TESTID)).toBeInTheDocument();
 			});
 
-			expect(screen.getByText('Select value')).toBeInTheDocument();
+			expect(await screen.findByText('Select value')).toBeInTheDocument();
 		});
 	});
 });

frontend/src/container/DashboardContainer/DashboardVariablesSelection/useDashboardVariableSelectHelper.ts

@@ -1,8 +1,14 @@
-import { useCallback, useEffect, useMemo, useState } from 'react';
+import { useCallback, useMemo, useState } from 'react';
 import { isEmpty } from 'lodash-es';
 import { IDashboardVariable } from 'types/api/dashboard/getAll';
 
+import { ALL_SELECT_VALUE } from '../utils';
 import { areArraysEqual, getSelectValue } from './util';
+import { VariableSelectStrategy } from './variableSelectStrategy/variableSelectStrategyTypes';
+import {
+	areArraysEqualIgnoreOrder,
+	uniqueValues,
+} from './variableSelectStrategy/variableSelectStrategyUtils';
 
 interface UseDashboardVariableSelectHelperParams {
 	variableData: IDashboardVariable;
@@ -12,7 +18,11 @@ interface UseDashboardVariableSelectHelperParams {
 		id: string,
 		value: IDashboardVariable['selectedValue'],
 		allSelected: boolean,
+		haveCustomValuesSelected?: boolean,
 	) => void;
+	strategy: VariableSelectStrategy;
+	/** Override for all available option strings (default: optionsData.map(String)) */
+	allAvailableOptionStrings?: string[];
 }
 
 interface UseDashboardVariableSelectHelperReturn {
@@ -31,6 +41,11 @@ interface UseDashboardVariableSelectHelperReturn {
 	onChange: (value: string | string[]) => void;
 	onDropdownVisibleChange: (visible: boolean) => void;
 	handleClear: () => void;
+
+	// Default value helpers
+	applyDefaultIfNeeded: (
+		overrideOptions?: (string | number | boolean)[],
+	) => void;
 }
 
 // eslint-disable-next-line sonarjs/cognitive-complexity
@@ -38,6 +53,8 @@ export function useDashboardVariableSelectHelper({
 	variableData,
 	optionsData,
 	onValueUpdate,
+	strategy,
+	allAvailableOptionStrings,
 }: UseDashboardVariableSelectHelperParams): UseDashboardVariableSelectHelperReturn {
 	const { selectedValue } = variableData;
 
@@ -52,11 +69,37 @@ export function useDashboardVariableSelectHelper({
 
 	const enableSelectAll = variableData.multiSelect && variableData.showALLOption;
 
+	const effectiveAllAvailableOptionStrings = useMemo(
+		() => allAvailableOptionStrings ?? optionsData.map((v) => v.toString()),
+		[allAvailableOptionStrings, optionsData],
+	);
+
 	const selectValue =
 		variableData.allSelected && enableSelectAll
-			? 'ALL'
+			? ALL_SELECT_VALUE
 			: selectedValueStringified;
 
+	const getDefaultValue = useCallback(
+		(overrideOptions?: (string | number | boolean)[]) => {
+			const options = overrideOptions || optionsData;
+			if (variableData.multiSelect) {
+				if (variableData.showALLOption) {
+					return variableData.defaultValue || options.map((o) => o.toString());
+				}
+				return variableData.defaultValue || options?.[0]?.toString();
+			}
+			return variableData.defaultValue || options[0]?.toString();
+		},
+		[
+			variableData.multiSelect,
+			variableData.showALLOption,
+			variableData.defaultValue,
+			optionsData,
+		],
+	);
+
+	const defaultValue = useMemo(() => getDefaultValue(), [getDefaultValue]);
+
 	const handleChange = useCallback(
 		(inputValue: string | string[]): void => {
 			const value = variableData.multiSelect && !inputValue ? [] : inputValue;
@@ -69,29 +112,21 @@ export function useDashboardVariableSelectHelper({
 			) {
 				return;
 			}
-			if (variableData.name) {
-				// Check if ALL is effectively selected by comparing with available options
-				const isAllSelected =
-					Array.isArray(value) &&
-					value.length > 0 &&
-					optionsData.every((option) => value.includes(option.toString()));
 
-				if (isAllSelected && variableData.showALLOption) {
-					// For ALL selection, pass optionsData as the value and set allSelected to true
-					onValueUpdate(variableData.name, variableData.id, optionsData, true);
-				} else {
-					onValueUpdate(variableData.name, variableData.id, value, false);
-				}
-			}
+			strategy.handleChange({
+				value,
+				variableData,
+				optionsData,
+				allAvailableOptionStrings: effectiveAllAvailableOptionStrings,
+				onValueUpdate,
+			});
 		},
 		[
-			variableData.multiSelect,
-			variableData.selectedValue,
-			variableData.name,
-			variableData.id,
-			variableData.showALLOption,
-			onValueUpdate,
+			variableData,
 			optionsData,
+			effectiveAllAvailableOptionStrings,
+			onValueUpdate,
+			strategy,
 		],
 	);
 
@@ -99,79 +134,96 @@ export function useDashboardVariableSelectHelper({
 		(inputValue: string | string[]): void => {
 			// Store the selection in temporary state while dropdown is open
 			const value = variableData.multiSelect && !inputValue ? [] : inputValue;
-			setTempSelection(value);
+			setTempSelection(uniqueValues(value));
 		},
 		[variableData.multiSelect],
 	);
 
-	// Apply default value on first render if no selection exists
-	const finalSelectedValues = useMemo(() => {
-		if (variableData.multiSelect) {
-			let value = tempSelection || selectedValue;
-			if (isEmpty(value)) {
-				if (variableData.showALLOption) {
-					if (variableData.defaultValue) {
-						value = variableData.defaultValue;
-					} else {
-						value = optionsData;
-					}
-				} else if (variableData.defaultValue) {
-					value = variableData.defaultValue;
-				} else {
-					value = optionsData?.[0];
+	// Single select onChange: apply default if value is empty
+	const handleSingleSelectChange = useCallback(
+		(inputValue: string | string[]): void => {
+			if (isEmpty(inputValue)) {
+				if (defaultValue !== undefined) {
+					handleChange(defaultValue as string | string[]);
 				}
+				return;
 			}
-
-			return value;
-		}
-		if (isEmpty(selectedValue)) {
-			if (variableData.defaultValue) {
-				return variableData.defaultValue;
-			}
-			return optionsData[0]?.toString();
-		}
-
-		return selectedValue;
-	}, [
-		variableData.multiSelect,
-		variableData.showALLOption,
-		variableData.defaultValue,
-		selectedValue,
-		tempSelection,
-		optionsData,
-	]);
-
-	// Apply default values when needed
-	useEffect(() => {
-		if (
-			(variableData.multiSelect && !(tempSelection || selectValue)) ||
-			isEmpty(selectValue)
-		) {
-			handleChange(finalSelectedValues as string[] | string);
-		}
-	}, [
-		finalSelectedValues,
-		handleChange,
-		selectValue,
-		tempSelection,
-		variableData.multiSelect,
-	]);
+			handleChange(inputValue);
+		},
+		[handleChange, defaultValue],
+	);
 
 	// Handle dropdown visibility changes
 	const onDropdownVisibleChange = useCallback(
 		(visible: boolean): void => {
 			// Initialize temp selection when opening dropdown
 			if (visible) {
-				setTempSelection(getSelectValue(variableData.selectedValue, variableData));
+				if (variableData.allSelected && enableSelectAll) {
+					// When ALL is selected, show all available options as individually checked
+					setTempSelection([...effectiveAllAvailableOptionStrings]);
+				} else {
+					setTempSelection(getSelectValue(variableData.selectedValue, variableData));
+				}
 			}
 			// Apply changes when closing dropdown
 			else if (!visible && tempSelection !== undefined) {
-				// Call handleChange with the temporarily stored selection
-				handleChange(tempSelection);
+				// If ALL was selected before AND all options remain selected, skip updating
+				const wasAllSelected = enableSelectAll && variableData.allSelected;
+				const isAllSelectedAfter =
+					enableSelectAll &&
+					Array.isArray(tempSelection) &&
+					tempSelection.length === effectiveAllAvailableOptionStrings.length &&
+					effectiveAllAvailableOptionStrings.every((v) => tempSelection.includes(v));
+
+				if (wasAllSelected && isAllSelectedAfter) {
+					setTempSelection(undefined);
+					return;
+				}
+
+				// Apply default if closing with empty selection
+				let valueToApply = tempSelection;
+				if (isEmpty(tempSelection) && defaultValue !== undefined) {
+					valueToApply = defaultValue as string | string[];
+				}
+
+				// Order-agnostic change detection
+				const currentValue = variableData.selectedValue;
+				const hasChanged =
+					valueToApply !== currentValue &&
+					!(
+						Array.isArray(valueToApply) &&
+						Array.isArray(currentValue) &&
+						areArraysEqualIgnoreOrder(valueToApply, currentValue)
+					);
+
+				if (hasChanged) {
+					handleChange(valueToApply);
+				}
 				setTempSelection(undefined);
 			}
 		},
-		[variableData, tempSelection, handleChange],
+		[
+			variableData,
+			enableSelectAll,
+			effectiveAllAvailableOptionStrings,
+			tempSelection,
+			handleChange,
+			defaultValue,
+		],
+	);
+
+	// Explicit function for callers to apply default on mount / data load
+	// Pass overrideOptions when freshly-loaded options aren't in state yet (async callers)
+	const applyDefaultIfNeeded = useCallback(
+		(overrideOptions?: (string | number | boolean)[]): void => {
+			if (isEmpty(selectValue)) {
+				const defaultValueFromOptions = getDefaultValue(overrideOptions);
+				if (defaultValueFromOptions !== undefined) {
+					handleChange(defaultValueFromOptions as string | string[]);
+				}
+			}
+		},
+		[selectValue, handleChange, getDefaultValue],
 	);
 
 	const handleClear = useCallback((): void => {
@@ -182,11 +234,9 @@ export function useDashboardVariableSelectHelper({
 		? tempSelection || selectValue
 		: selectValue;
 
-	const defaultValue = variableData.defaultValue || selectValue;
-
 	const onChange = useMemo(() => {
-		return variableData.multiSelect ? handleTempChange : handleChange;
-	}, [variableData.multiSelect, handleTempChange, handleChange]);
+		return variableData.multiSelect ? handleTempChange : handleSingleSelectChange;
+	}, [variableData.multiSelect, handleTempChange, handleSingleSelectChange]);
 
 	return {
 		tempSelection,
@@ -197,5 +247,6 @@ export function useDashboardVariableSelectHelper({
 		value,
 		defaultValue,
 		onChange,
+		applyDefaultIfNeeded,
 	};
 }

frontend/src/container/DashboardContainer/DashboardVariablesSelection/util.ts

@@ -363,25 +363,6 @@ export const uniqueOptions = (options: OptionData[]): OptionData[] => {
 	return uniqueOptions;
 };
 
-export const uniqueValues = (values: string[] | string): string[] | string => {
-	if (Array.isArray(values)) {
-		const uniqueValues: string[] = [];
-		const seenValues = new Set<string>();
-
-		values.forEach((value) => {
-			if (seenValues.has(value)) {
-				return;
-			}
-			seenValues.add(value);
-			uniqueValues.push(value);
-		});
-
-		return uniqueValues;
-	}
-
-	return values;
-};
-
 export const getSelectValue = (
 	selectedValue: IDashboardVariable['selectedValue'],
 	variableData: IDashboardVariable,

frontend/src/container/DashboardContainer/DashboardVariablesSelection/variableSelectStrategy/customVariableSelectStrategy.tsx

@@ -0,0 +1,4 @@
+import { defaultVariableSelectStrategy } from './defaultVariableSelectStrategy';
+import { VariableSelectStrategy } from './variableSelectStrategyTypes';
+
+export const customVariableSelectStrategy: VariableSelectStrategy = defaultVariableSelectStrategy;

frontend/src/container/DashboardContainer/DashboardVariablesSelection/variableSelectStrategy/defaultVariableSelectStrategy.tsx

@@ -0,0 +1,20 @@
+import { VariableSelectStrategy } from './variableSelectStrategyTypes';
+
+export const defaultVariableSelectStrategy: VariableSelectStrategy = {
+	handleChange({ value, variableData, optionsData, onValueUpdate }) {
+		if (!variableData.name) {
+			return;
+		}
+
+		const isAllSelected =
+			Array.isArray(value) &&
+			value.length > 0 &&
+			optionsData.every((option) => value.includes(option.toString()));
+
+		if (isAllSelected && variableData.showALLOption) {
+			onValueUpdate(variableData.name, variableData.id, optionsData, true);
+		} else {
+			onValueUpdate(variableData.name, variableData.id, value, false);
+		}
+	},
+};

frontend/src/container/DashboardContainer/DashboardVariablesSelection/variableSelectStrategy/dynamicVariableSelectStrategy.tsx

@@ -0,0 +1,37 @@
+import { ALL_SELECT_VALUE } from 'container/DashboardContainer/utils';
+
+import { VariableSelectStrategy } from './variableSelectStrategyTypes';
+
+export const dynamicVariableSelectStrategy: VariableSelectStrategy = {
+	handleChange({
+		value,
+		variableData,
+		allAvailableOptionStrings,
+		onValueUpdate,
+	}) {
+		if (!variableData.name) {
+			return;
+		}
+
+		if (
+			value === ALL_SELECT_VALUE ||
+			(Array.isArray(value) && value.includes(ALL_SELECT_VALUE))
+		) {
+			onValueUpdate(variableData.name, variableData.id, null, true);
+		} else {
+			// For ALL selection in dynamic variables, pass null to avoid storing values
+			// The parent component will handle this appropriately
+			const haveCustomValuesSelected =
+				Array.isArray(value) &&
+				!value.every((v) => allAvailableOptionStrings.includes(v.toString()));
+
+			onValueUpdate(
+				variableData.name,
+				variableData.id,
+				value,
+				allAvailableOptionStrings.every((v) => value.includes(v.toString())),
+				haveCustomValuesSelected,
+			);
+		}
+	},
+};

frontend/src/container/DashboardContainer/DashboardVariablesSelection/variableSelectStrategy/queryVariableSelectStrategy.tsx

@@ -0,0 +1,4 @@
+import { defaultVariableSelectStrategy } from './defaultVariableSelectStrategy';
+import { VariableSelectStrategy } from './variableSelectStrategyTypes';
+
+export const queryVariableSelectStrategy: VariableSelectStrategy = defaultVariableSelectStrategy;

frontend/src/container/DashboardContainer/DashboardVariablesSelection/variableSelectStrategy/variableSelectStrategyTypes.ts

@@ -0,0 +1,17 @@
+import { IDashboardVariable } from 'types/api/dashboard/getAll';
+
+export interface VariableSelectStrategy {
+	handleChange(params: {
+		value: string | string[];
+		variableData: IDashboardVariable;
+		optionsData: (string | number | boolean)[];
+		allAvailableOptionStrings: string[];
+		onValueUpdate: (
+			name: string,
+			id: string,
+			value: IDashboardVariable['selectedValue'],
+			allSelected: boolean,
+			haveCustomValuesSelected?: boolean,
+		) => void;
+	}): void;
+}

frontend/src/container/DashboardContainer/DashboardVariablesSelection/variableSelectStrategy/variableSelectStrategyUtils.ts

@@ -0,0 +1,32 @@
+import { isEqual } from 'lodash-es';
+
+export const areArraysEqualIgnoreOrder = (
+	a: (string | number | boolean)[],
+	b: (string | number | boolean)[],
+): boolean => {
+	if (a.length !== b.length) {
+		return false;
+	}
+	const sortedA = [...a].sort();
+	const sortedB = [...b].sort();
+	return isEqual(sortedA, sortedB);
+};
+
+export const uniqueValues = (values: string[] | string): string[] | string => {
+	if (Array.isArray(values)) {
+		const uniqueValues: string[] = [];
+		const seenValues = new Set<string>();
+
+		values.forEach((value) => {
+			if (seenValues.has(value)) {
+				return;
+			}
+			seenValues.add(value);
+			uniqueValues.push(value);
+		});
+
+		return uniqueValues;
+	}
+
+	return values;
+};

frontend/src/container/DashboardContainer/__test__/DynamicVariableDefaultBehavior.test.tsx

@@ -2,7 +2,7 @@
 /* eslint-disable sonarjs/no-duplicate-string */
 /* eslint-disable react/jsx-props-no-spreading */
 import React from 'react';
-import { QueryClient, QueryClientProvider } from 'react-query';
+import { QueryClient, QueryClientProvider, useQuery } from 'react-query';
 import * as ReactRedux from 'react-redux';
 import {
 	act,
@@ -15,13 +15,22 @@ import {
 import { getFieldValues } from 'api/dynamicVariables/getFieldValues';
 import { IDashboardVariable } from 'types/api/dashboard/getAll';
 
-import DynamicVariableSelection from '../DashboardVariablesSelection/DynamicVariableSelection';
+import DynamicVariableInput from '../DashboardVariablesSelection/DynamicVariableInput';
 
 // Mock the getFieldValues API
 jest.mock('api/dynamicVariables/getFieldValues', () => ({
 	getFieldValues: jest.fn(),
 }));
 
+// Mock useQuery from react-query
+jest.mock('react-query', () => {
+	const originalModule = jest.requireActual('react-query');
+	return {
+		...originalModule,
+		useQuery: jest.fn(),
+	};
+});
+
 describe('Dynamic Variable Default Behavior', () => {
 	const mockOnValueUpdate = jest.fn();
 	const mockApiResponse = {
@@ -59,6 +68,46 @@ describe('Dynamic Variable Default Behavior', () => {
 		// Mock getFieldValues API to return our test data
 		(getFieldValues as jest.Mock).mockResolvedValue(mockApiResponse);
 
+		// Mock useQuery implementation to avoid infinite re-renders
+		// and ensure onSuccess is called once
+		(useQuery as jest.Mock).mockImplementation((key, options) => {
+			const { onSuccess, enabled, queryFn } = options || {};
+			const variableName = key[1];
+			const dynamicVarsKey = key[2];
+
+			React.useEffect(() => {
+				if (enabled !== false) {
+					if (onSuccess) {
+						// For 'services' tests:
+						// 1. "Default to ALL" expectations imply empty options -> [] behavior. This happens when selectedValue is undefined (dynamicVarsKey has 'null').
+						// 2. "ALL Option Special Value" needs full options to render the "ALL" item in dropdown. This happens when selectedValue is defined.
+						if (
+							variableName === 'services' &&
+							typeof dynamicVarsKey === 'string' &&
+							dynamicVarsKey.includes('null')
+						) {
+							onSuccess({
+								...mockApiResponse,
+								data: { ...mockApiResponse.data, normalizedValues: [] },
+							});
+						} else {
+							onSuccess(mockApiResponse);
+						}
+					}
+					if (queryFn) {
+						queryFn();
+					}
+				}
+			}, [enabled, variableName, dynamicVarsKey]); // Only depend on enabled/keys
+
+			return {
+				isLoading: false,
+				isError: false,
+				data: mockApiResponse,
+				refetch: jest.fn(),
+			};
+		});
+
 		jest.spyOn(ReactRedux, 'useSelector').mockReturnValue({
 			minTime: '2023-01-01T00:00:00Z',
 			maxTime: '2023-01-02T00:00:00Z',
@@ -84,7 +133,7 @@ describe('Dynamic Variable Default Behavior', () => {
 
 			await act(async () => {
 				renderWithQueryClient(
-					<DynamicVariableSelection
+					<DynamicVariableInput
 						variableData={variableData}
 						existingVariables={{ var1: variableData }}
 						onValueUpdate={mockOnValueUpdate}
@@ -120,7 +169,7 @@ describe('Dynamic Variable Default Behavior', () => {
 
 			await act(async () => {
 				renderWithQueryClient(
-					<DynamicVariableSelection
+					<DynamicVariableInput
 						variableData={variableData}
 						existingVariables={{ var1: variableData }}
 						onValueUpdate={mockOnValueUpdate}
@@ -164,7 +213,7 @@ describe('Dynamic Variable Default Behavior', () => {
 
 			await act(async () => {
 				renderWithQueryClient(
-					<DynamicVariableSelection
+					<DynamicVariableInput
 						variableData={variableData}
 						existingVariables={{ var1: variableData }}
 						onValueUpdate={mockOnValueUpdate}
@@ -172,9 +221,6 @@ describe('Dynamic Variable Default Behavior', () => {
 				);
 			});
 
-			// Component should render without errors
-			expect(screen.getByText('$service')).toBeInTheDocument();
-
 			// Check if the dropdown is present
 			const selectElement = screen.getByRole('combobox');
 			expect(selectElement).toBeInTheDocument();
@@ -232,7 +278,7 @@ describe('Dynamic Variable Default Behavior', () => {
 
 			await act(async () => {
 				renderWithQueryClient(
-					<DynamicVariableSelection
+					<DynamicVariableInput
 						variableData={variableData}
 						existingVariables={{ var1: variableData }}
 						onValueUpdate={mockOnValueUpdate}
@@ -267,7 +313,7 @@ describe('Dynamic Variable Default Behavior', () => {
 
 			await act(async () => {
 				renderWithQueryClient(
-					<DynamicVariableSelection
+					<DynamicVariableInput
 						variableData={variableData}
 						existingVariables={{ var1: variableData }}
 						onValueUpdate={mockOnValueUpdate}
@@ -293,7 +339,7 @@ describe('Dynamic Variable Default Behavior', () => {
 			expect(screen.queryByText('backend')).not.toBeInTheDocument();
 		});
 
-		it('should default to ALL when no default and no previous selection', async () => {
+		it('sahould default to ALL when no default and no previous selection', async () => {
 			const variableData: IDashboardVariable = {
 				id: 'var21',
 				name: 'services',
@@ -311,7 +357,7 @@ describe('Dynamic Variable Default Behavior', () => {
 
 			await act(async () => {
 				renderWithQueryClient(
-					<DynamicVariableSelection
+					<DynamicVariableInput
 						variableData={variableData}
 						existingVariables={{ var1: variableData }}
 						onValueUpdate={mockOnValueUpdate}
@@ -345,7 +391,7 @@ describe('Dynamic Variable Default Behavior', () => {
 			expect(mockOnValueUpdate).toHaveBeenCalledWith(
 				'services',
 				'var21',
-				[], // Empty array when allSelected is true
+				[],
 				true, // allSelected = true
 				false,
 			);
@@ -371,7 +417,7 @@ describe('Dynamic Variable Default Behavior', () => {
 
 			await act(async () => {
 				renderWithQueryClient(
-					<DynamicVariableSelection
+					<DynamicVariableInput
 						variableData={variableData}
 						existingVariables={{ var1: variableData }}
 						onValueUpdate={mockOnValueUpdate}
@@ -408,7 +454,7 @@ describe('Dynamic Variable Default Behavior', () => {
 
 			await act(async () => {
 				renderWithQueryClient(
-					<DynamicVariableSelection
+					<DynamicVariableInput
 						variableData={variableData}
 						existingVariables={{ var1: variableData }}
 						onValueUpdate={mockOnValueUpdate}
@@ -416,9 +462,6 @@ describe('Dynamic Variable Default Behavior', () => {
 				);
 			});
 
-			// Component should render without errors
-			expect(screen.getByText('$services')).toBeInTheDocument();
-
 			// Check if ALL is displayed in the UI (in the main selection area)
 			const allTextElement = screen.getByText('ALL');
 			expect(allTextElement).toBeInTheDocument();

frontend/src/container/ExplorerOptions/ExplorerOptionWrapper.tsx

@@ -18,7 +18,6 @@ function ExplorerOptionWrapper({
 	splitedQueries,
 	signalSource,
 	handleChangeSelectedView,
-	logsAlertQuery,
 }: ExplorerOptionsWrapperProps): JSX.Element {
 	const [isExplorerOptionHidden, setIsExplorerOptionHidden] = useState(false);
 
@@ -41,7 +40,6 @@ function ExplorerOptionWrapper({
 			isOneChartPerQuery={isOneChartPerQuery}
 			splitedQueries={splitedQueries}
 			handleChangeSelectedView={handleChangeSelectedView}
-			logsAlertQuery={logsAlertQuery}
 		/>
 	);
 }

frontend/src/container/ExplorerOptions/ExplorerOptions.tsx

@@ -100,9 +100,7 @@ function ExplorerOptions({
 	isOneChartPerQuery = false,
 	splitedQueries = [],
 	handleChangeSelectedView,
-	logsAlertQuery,
 }: ExplorerOptionsProps): JSX.Element {
-	const alertQuery = logsAlertQuery || query;
 	const [isExport, setIsExport] = useState<boolean>(false);
 	const [isSaveModalOpen, setIsSaveModalOpen] = useState(false);
 	const [newViewName, setNewViewName] = useState<string>('');
@@ -751,7 +749,7 @@ function ExplorerOptions({
 			<Button
 				disabled={disabled}
 				shape="round"
-				onClick={(): void => onCreateAlertsHandler(alertQuery)}
+				onClick={(): void => onCreateAlertsHandler(query)}
 				icon={<ConciergeBell size={16} />}
 			>
 				Create an Alert
@@ -759,9 +757,9 @@ function ExplorerOptions({
 		);
 	}, [
 		disabled,
-		alertQuery,
 		isOneChartPerQuery,
 		onCreateAlertsHandler,
+		query,
 		splitedQueries,
 	]);
 
@@ -1046,7 +1044,6 @@ export interface ExplorerOptionsProps {
 	isOneChartPerQuery?: boolean;
 	splitedQueries?: Query[];
 	handleChangeSelectedView?: ChangeViewFunctionType;
-	logsAlertQuery?: Query | null;
 }
 
 ExplorerOptions.defaultProps = {

frontend/src/container/GridCardLayout/GridCard/FullView/index.tsx

@@ -33,8 +33,8 @@ import { useChartMutable } from 'hooks/useChartMutable';
 import useComponentPermission from 'hooks/useComponentPermission';
 import { useSafeNavigate } from 'hooks/useSafeNavigate';
 import useUrlQuery from 'hooks/useUrlQuery';
-import { getDashboardVariables } from 'lib/dashbaordVariables/getDashboardVariables';
 import { GetQueryResultsProps } from 'lib/dashboard/getQueryResults';
+import { getDashboardVariables } from 'lib/dashboardVariables/getDashboardVariables';
 import GetMinMax from 'lib/getMinMax';
 import { isEmpty } from 'lodash-es';
 import { useAppContext } from 'providers/App/App';

frontend/src/container/GridCardLayout/GridCard/index.tsx

@@ -8,8 +8,8 @@ import { populateMultipleResults } from 'container/NewWidget/LeftContainer/Widge
 import { CustomTimeType } from 'container/TopNav/DateTimeSelectionV2/types';
 import { useGetQueryRange } from 'hooks/queryBuilder/useGetQueryRange';
 import { useIntersectionObserver } from 'hooks/useIntersectionObserver';
-import { getDashboardVariables } from 'lib/dashbaordVariables/getDashboardVariables';
 import { GetQueryResultsProps } from 'lib/dashboard/getQueryResults';
+import { getDashboardVariables } from 'lib/dashboardVariables/getDashboardVariables';
 import getTimeString from 'lib/getTimeString';
 import { isEqual } from 'lodash-es';
 import isEmpty from 'lodash-es/isEmpty';

frontend/src/container/GridCardLayout/useResolveQuery.ts

@@ -6,7 +6,7 @@ import { prepareQueryRangePayloadV5 } from 'api/v5/v5';
 import { PANEL_TYPES } from 'constants/queryBuilder';
 import { timePreferenceType } from 'container/NewWidget/RightContainer/timeItems';
 import { useDashboardVariablesByType } from 'hooks/dashboard/useDashboardVariablesByType';
-import { getDashboardVariables } from 'lib/dashbaordVariables/getDashboardVariables';
+import { getDashboardVariables } from 'lib/dashboardVariables/getDashboardVariables';
 import { mapQueryDataFromApi } from 'lib/newQueryBuilder/queryBuilderMappers/mapQueryDataFromApi';
 import { AppState } from 'store/reducers';
 import { Query } from 'types/api/queryBuilder/queryBuilderData';

frontend/src/container/LogsExplorerViews/explorerUtils.ts

@@ -216,34 +216,3 @@ export const getExportQueryData = (
 	}
 	return query;
 };
-
-export const getExportLogQuery = (
-	query: Query | null,
-	panelType: PANEL_TYPES,
-): Query | null => {
-	if (!query) {
-		return null;
-	}
-
-	if (panelType === PANEL_TYPES.LIST) {
-		const listQuery = getListQuery(query);
-		if (!listQuery) {
-			return null;
-		}
-
-		return {
-			...query,
-			builder: {
-				...query.builder,
-				queryData: [
-					{
-						...listQuery,
-						orderBy: [],
-						limit: null,
-					},
-				],
-			},
-		};
-	}
-	return query;
-};

frontend/src/container/LogsExplorerViews/index.tsx

@@ -27,7 +27,6 @@ import LogsExplorerChart from 'container/LogsExplorerChart';
 import LogsExplorerList from 'container/LogsExplorerList';
 import LogsExplorerTable from 'container/LogsExplorerTable';
 import {
-	getExportLogQuery,
 	getExportQueryData,
 	getFrequencyChartData,
 	getListQuery,
@@ -139,11 +138,6 @@ function LogsExplorerViewsContainer({
 		[selectedPanelType, requestData],
 	);
 
-	const logsAlertQuery = useMemo(
-		() => getExportLogQuery(requestData, selectedPanelType),
-		[selectedPanelType, requestData],
-	);
-
 	const {
 		data: listChartData,
 		isFetching: isFetchingListChartData,
@@ -533,7 +527,6 @@ function LogsExplorerViewsContainer({
 				onExport={handleExport}
 				sourcepage={DataSource.LOGS}
 				handleChangeSelectedView={handleChangeSelectedView}
-				logsAlertQuery={logsAlertQuery}
 			/>
 		</div>
 	);

frontend/src/container/NewWidget/index.tsx

@@ -27,8 +27,8 @@ import { useIsDarkMode } from 'hooks/useDarkMode';
 import { useSafeNavigate } from 'hooks/useSafeNavigate';
 import useUrlQuery from 'hooks/useUrlQuery';
 import createQueryParams from 'lib/createQueryParams';
-import { getDashboardVariables } from 'lib/dashbaordVariables/getDashboardVariables';
 import { GetQueryResultsProps } from 'lib/dashboard/getQueryResults';
+import { getDashboardVariables } from 'lib/dashboardVariables/getDashboardVariables';
 import { cloneDeep, defaultTo, isEmpty, isUndefined } from 'lodash-es';
 import { Check, X } from 'lucide-react';
 import { DashboardWidgetPageParams } from 'pages/DashboardWidget';

frontend/src/container/QueryBuilder/components/ToolbarActions/LeftToolbarActions.tsx

@@ -1,5 +1,5 @@
 /* eslint-disable sonarjs/no-duplicate-string */
-import { FilterOutlined } from '@ant-design/icons';
+import { FilterOutlined, VerticalAlignTopOutlined } from '@ant-design/icons';
 import { Button, Tooltip } from 'antd';
 import cx from 'classnames';
 import { Atom, Binoculars, SquareMousePointer, Terminal } from 'lucide-react';
@@ -32,6 +32,7 @@ export default function LeftToolbarActions({
 				<Tooltip title="Show Filters">
 					<Button onClick={handleFilterVisibilityChange} className="filter-btn">
 						<FilterOutlined />
+						<VerticalAlignTopOutlined rotate={90} />
 					</Button>
 				</Tooltip>
 			)}

frontend/src/container/QueryBuilder/components/ToolbarActions/ToolbarActions.styles.scss

@@ -7,7 +7,7 @@
 		align-items: center;
 		justify-content: center;
 		box-shadow: none;
-		width: 32px;
+		width: 40px;
 		height: 32px;
 		margin-right: 12px;
 		border: 1px solid var(--bg-slate-400);

frontend/src/container/ResourceAttributesFilter/ResourceAttributesFilter.tsx

@@ -95,7 +95,6 @@ function ResourceAttributesFilter({
 					data-testid="resource-environment-filter"
 					style={{ minWidth: 200, height: 34 }}
 					onChange={handleEnvironmentChange}
-					onBlur={handleBlur}
 				>
 					{environments.map((opt) => (
 						<Select.Option key={opt.value} value={opt.value}>

frontend/src/container/ServiceApplication/utils.ts

@@ -1,8 +1,8 @@
 import { PANEL_TYPES } from 'constants/queryBuilder';
 import { getWidgetQueryBuilder } from 'container/MetricsApplication/MetricsApplication.factory';
 import { updateStepInterval } from 'hooks/queryBuilder/useStepInterval';
-import { getDashboardVariables } from 'lib/dashbaordVariables/getDashboardVariables';
 import { GetQueryResultsProps } from 'lib/dashboard/getQueryResults';
+import { getDashboardVariables } from 'lib/dashboardVariables/getDashboardVariables';
 import { ServicesList } from 'types/api/metrics/getService';
 import { QueryDataV3 } from 'types/api/widgets/getQuery';
 import { EQueryType } from 'types/common/dashboard';

frontend/src/hooks/queryBuilder/useCreateAlerts.tsx

@@ -13,7 +13,7 @@ import { MenuItemKeys } from 'container/GridCardLayout/WidgetHeader/contants';
 import { useDashboardVariables } from 'hooks/dashboard/useDashboardVariables';
 import { useDashboardVariablesByType } from 'hooks/dashboard/useDashboardVariablesByType';
 import { useNotifications } from 'hooks/useNotifications';
-import { getDashboardVariables } from 'lib/dashbaordVariables/getDashboardVariables';
+import { getDashboardVariables } from 'lib/dashboardVariables/getDashboardVariables';
 import { mapQueryDataFromApi } from 'lib/newQueryBuilder/queryBuilderMappers/mapQueryDataFromApi';
 import { isEmpty } from 'lodash-es';
 import { useDashboard } from 'providers/Dashboard/Dashboard';

frontend/src/hooks/queryBuilder/useGetWidgetQueryRange.ts

@@ -3,8 +3,8 @@ import { useSelector } from 'react-redux';
 import { initialQueriesMap } from 'constants/queryBuilder';
 import { REACT_QUERY_KEY } from 'constants/reactQueryKeys';
 import { useDashboardVariables } from 'hooks/dashboard/useDashboardVariables';
-import { getDashboardVariables } from 'lib/dashbaordVariables/getDashboardVariables';
 import { GetQueryResultsProps } from 'lib/dashboard/getQueryResults';
+import { getDashboardVariables } from 'lib/dashboardVariables/getDashboardVariables';
 import { AppState } from 'store/reducers';
 import { SuccessResponse } from 'types/api';
 import { MetricRangePayloadProps } from 'types/api/metrics/getQueryRange';

frontend/src/hooks/useResourceAttribute/__tests__/whitelistedKeys.test.ts

@@ -0,0 +1,77 @@
+import ROUTES from 'constants/routes';
+
+import { whilelistedKeys } from '../config';
+import { mappingWithRoutesAndKeys } from '../utils';
+
+describe('useResourceAttribute config', () => {
+	describe('whilelistedKeys', () => {
+		it('should include underscore-notation keys (DOT_METRICS_ENABLED=false)', () => {
+			expect(whilelistedKeys).toContain('resource_deployment_environment');
+			expect(whilelistedKeys).toContain('resource_k8s_cluster_name');
+			expect(whilelistedKeys).toContain('resource_k8s_cluster_namespace');
+		});
+
+		it('should include dot-notation keys (DOT_METRICS_ENABLED=true)', () => {
+			expect(whilelistedKeys).toContain('resource_deployment.environment');
+			expect(whilelistedKeys).toContain('resource_k8s.cluster.name');
+			expect(whilelistedKeys).toContain('resource_k8s.cluster.namespace');
+		});
+	});
+
+	describe('mappingWithRoutesAndKeys', () => {
+		const dotNotationFilters = [
+			{
+				label: 'deployment.environment',
+				value: 'resource_deployment.environment',
+			},
+			{ label: 'k8s.cluster.name', value: 'resource_k8s.cluster.name' },
+			{ label: 'k8s.cluster.namespace', value: 'resource_k8s.cluster.namespace' },
+		];
+
+		const underscoreNotationFilters = [
+			{
+				label: 'deployment.environment',
+				value: 'resource_deployment_environment',
+			},
+			{ label: 'k8s.cluster.name', value: 'resource_k8s_cluster_name' },
+			{ label: 'k8s.cluster.namespace', value: 'resource_k8s_cluster_namespace' },
+		];
+
+		const nonWhitelistedFilters = [
+			{ label: 'host.name', value: 'resource_host_name' },
+			{ label: 'service.name', value: 'resource_service_name' },
+		];
+
+		it('should keep dot-notation filters on the Service Map route', () => {
+			const result = mappingWithRoutesAndKeys(
+				ROUTES.SERVICE_MAP,
+				dotNotationFilters,
+			);
+			expect(result).toHaveLength(3);
+			expect(result).toEqual(dotNotationFilters);
+		});
+
+		it('should keep underscore-notation filters on the Service Map route', () => {
+			const result = mappingWithRoutesAndKeys(
+				ROUTES.SERVICE_MAP,
+				underscoreNotationFilters,
+			);
+			expect(result).toHaveLength(3);
+			expect(result).toEqual(underscoreNotationFilters);
+		});
+
+		it('should filter out non-whitelisted keys on the Service Map route', () => {
+			const allFilters = [...dotNotationFilters, ...nonWhitelistedFilters];
+			const result = mappingWithRoutesAndKeys(ROUTES.SERVICE_MAP, allFilters);
+			expect(result).toHaveLength(3);
+			expect(result).toEqual(dotNotationFilters);
+		});
+
+		it('should return all filters on non-Service Map routes', () => {
+			const allFilters = [...dotNotationFilters, ...nonWhitelistedFilters];
+			const result = mappingWithRoutesAndKeys('/services', allFilters);
+			expect(result).toHaveLength(5);
+			expect(result).toEqual(allFilters);
+		});
+	});
+});

frontend/src/hooks/useResourceAttribute/config.ts

@@ -1,5 +1,8 @@
 export const whilelistedKeys = [
 	'resource_deployment_environment',
+	'resource_deployment.environment',
 	'resource_k8s_cluster_name',
+	'resource_k8s.cluster.name',
 	'resource_k8s_cluster_namespace',
+	'resource_k8s.cluster.namespace',
 ];

frontend/src/lib/uPlotLib/utils/tests/getSeriesData.test.ts

@@ -14,7 +14,7 @@ describe('Get Series Data', () => {
 		expect(seriesData.length).toBe(5);
 		expect(seriesData[1].label).toBe('firstLegend');
 		expect(seriesData[1].show).toBe(true);
-		expect(seriesData[1].fill).toBe('#C71585');
+		expect(seriesData[1].fill).toBe('#FF6F91');
 		expect(seriesData[1].width).toBe(2);
 	});
 

frontend/src/lib/uPlotV2/components/__tests__/UPlotChart.test.tsx

@@ -0,0 +1,412 @@
+import type { ReactNode } from 'react';
+import { render, screen } from '@testing-library/react';
+import { UPlotConfigBuilder } from 'lib/uPlotV2/config/UPlotConfigBuilder';
+import type { AlignedData } from 'uplot';
+
+import { PlotContextProvider } from '../../context/PlotContext';
+import UPlotChart from '../UPlotChart';
+
+// ---------------------------------------------------------------------------
+// Mocks
+// ---------------------------------------------------------------------------
+
+jest.mock(
+	'container/DashboardContainer/visualization/panels/utils/legendVisibilityUtils',
+	() => ({
+		getStoredSeriesVisibility: jest.fn(),
+		updateSeriesVisibilityToLocalStorage: jest.fn(),
+	}),
+);
+
+jest.mock('@sentry/react', () => ({
+	ErrorBoundary: ({ children }: { children: ReactNode }): JSX.Element => (
+		<>{children}</>
+	),
+}));
+
+jest.mock('pages/ErrorBoundaryFallback/ErrorBoundaryFallback', () => ({
+	__esModule: true,
+	default: (): JSX.Element => <div>Error Fallback</div>,
+}));
+
+interface MockUPlotInstance {
+	root: HTMLDivElement;
+	setData: jest.Mock;
+	setSize: jest.Mock;
+	destroy: jest.Mock;
+}
+
+let instances: MockUPlotInstance[] = [];
+const mockUPlotConstructor = jest.fn();
+
+jest.mock('uplot', () => {
+	function MockUPlot(
+		opts: Record<string, unknown>,
+		data: unknown,
+		target: HTMLElement,
+	): MockUPlotInstance {
+		mockUPlotConstructor(opts, data, target);
+
+		const rootEl = document.createElement('div');
+		target.appendChild(rootEl);
+
+		const inst: MockUPlotInstance = {
+			root: rootEl,
+			setData: jest.fn(),
+			setSize: jest.fn(),
+			destroy: jest.fn(),
+		};
+		instances.push(inst);
+		return inst;
+	}
+
+	MockUPlot.paths = {
+		spline: jest.fn(() => jest.fn()),
+		bars: jest.fn(() => jest.fn()),
+		linear: jest.fn(() => jest.fn()),
+		stepped: jest.fn(() => jest.fn()),
+	};
+	MockUPlot.tzDate = jest.fn();
+
+	return { __esModule: true, default: MockUPlot };
+});
+
+// ---------------------------------------------------------------------------
+// Helpers
+// ---------------------------------------------------------------------------
+
+const createMockConfig = (): UPlotConfigBuilder => {
+	return ({
+		getConfig: jest.fn().mockReturnValue({
+			series: [{ value: (): string => '' }],
+			axes: [],
+			scales: {},
+			hooks: {},
+			cursor: {},
+		}),
+		getWidgetId: jest.fn().mockReturnValue(undefined),
+		getShouldSaveSelectionPreference: jest.fn().mockReturnValue(false),
+	} as unknown) as UPlotConfigBuilder;
+};
+
+const validData: AlignedData = [
+	[1, 2, 3],
+	[10, 20, 30],
+];
+const emptyData: AlignedData = [[]];
+
+const Wrapper = ({ children }: { children: ReactNode }): JSX.Element => (
+	<PlotContextProvider>{children}</PlotContextProvider>
+);
+
+// ---------------------------------------------------------------------------
+// Tests
+// ---------------------------------------------------------------------------
+
+describe('UPlotChart', () => {
+	beforeEach(() => {
+		instances = [];
+		mockUPlotConstructor.mockClear();
+	});
+
+	describe('when data is empty', () => {
+		it('displays "No Data" message instead of the chart container', () => {
+			render(
+				<UPlotChart
+					config={createMockConfig()}
+					data={emptyData}
+					width={600}
+					height={400}
+				/>,
+				{ wrapper: Wrapper },
+			);
+
+			expect(screen.getByText('No Data')).toBeInTheDocument();
+			expect(screen.queryByTestId('uplot-main-div')).not.toBeInTheDocument();
+		});
+
+		it('sizes the empty-state container to the given width and height', () => {
+			render(
+				<UPlotChart
+					config={createMockConfig()}
+					data={emptyData}
+					width={750}
+					height={350}
+				/>,
+				{ wrapper: Wrapper },
+			);
+
+			const noDataContainer = screen
+				.getByText('No Data')
+				.closest('.uplot-no-data');
+			expect(noDataContainer).toHaveStyle({ width: '750px', height: '350px' });
+		});
+
+		it('does not create a uPlot instance', () => {
+			render(
+				<UPlotChart
+					config={createMockConfig()}
+					data={emptyData}
+					width={600}
+					height={400}
+				/>,
+				{ wrapper: Wrapper },
+			);
+
+			expect(mockUPlotConstructor).not.toHaveBeenCalled();
+		});
+	});
+
+	describe('chart container', () => {
+		it('renders children inside the chart wrapper', () => {
+			render(
+				<UPlotChart
+					config={createMockConfig()}
+					data={validData}
+					width={600}
+					height={400}
+				>
+					<div data-testid="tooltip-plugin">Tooltip</div>
+				</UPlotChart>,
+				{ wrapper: Wrapper },
+			);
+
+			expect(screen.getByTestId('tooltip-plugin')).toBeInTheDocument();
+		});
+	});
+
+	describe('plot creation', () => {
+		it('instantiates uPlot with floored dimensions and the container element', () => {
+			render(
+				<UPlotChart
+					config={createMockConfig()}
+					data={validData}
+					width={600.9}
+					height={400.2}
+				/>,
+				{ wrapper: Wrapper },
+			);
+
+			expect(mockUPlotConstructor).toHaveBeenCalledTimes(1);
+
+			const [opts, data, target] = mockUPlotConstructor.mock.calls[0];
+			expect(opts.width).toBe(600);
+			expect(opts.height).toBe(400);
+			expect(data).toBe(validData);
+			expect(target).toBe(screen.getByTestId('uplot-main-div'));
+		});
+
+		it('merges config builder output into the uPlot options', () => {
+			const config = createMockConfig();
+			config.getConfig = jest.fn().mockReturnValue({
+				series: [{ value: (): string => '' }],
+				axes: [{ scale: 'y' }],
+				scales: { y: {} },
+				hooks: {},
+				cursor: { show: true },
+			});
+
+			render(
+				<UPlotChart
+					config={(config as unknown) as UPlotConfigBuilder}
+					data={validData}
+					width={500}
+					height={300}
+				/>,
+				{ wrapper: Wrapper },
+			);
+
+			const [opts] = mockUPlotConstructor.mock.calls[0];
+			expect(opts.width).toBe(500);
+			expect(opts.height).toBe(300);
+			expect(opts.axes).toEqual([{ scale: 'y' }]);
+			expect(opts.cursor).toEqual({ show: true });
+		});
+
+		it('skips creation when width or height is 0', () => {
+			render(
+				<UPlotChart
+					config={createMockConfig()}
+					data={validData}
+					width={0}
+					height={0}
+				/>,
+				{ wrapper: Wrapper },
+			);
+
+			expect(mockUPlotConstructor).not.toHaveBeenCalled();
+		});
+	});
+
+	describe('lifecycle callbacks', () => {
+		it('invokes plotRef with the uPlot instance after creation', () => {
+			const plotRef = jest.fn();
+
+			render(
+				<UPlotChart
+					config={createMockConfig()}
+					data={validData}
+					width={600}
+					height={400}
+					plotRef={plotRef}
+				/>,
+				{ wrapper: Wrapper },
+			);
+
+			expect(plotRef).toHaveBeenCalledTimes(1);
+			expect(plotRef).toHaveBeenCalledWith(instances[0]);
+		});
+
+		it('destroys the instance and notifies callbacks when data becomes empty', () => {
+			const plotRef = jest.fn();
+			const onDestroy = jest.fn();
+			const config = createMockConfig();
+
+			const { rerender } = render(
+				<UPlotChart
+					config={config}
+					data={validData}
+					width={600}
+					height={400}
+					plotRef={plotRef}
+					onDestroy={onDestroy}
+				/>,
+				{ wrapper: Wrapper },
+			);
+
+			const firstInstance = instances[0];
+			plotRef.mockClear();
+
+			rerender(
+				<UPlotChart
+					config={config}
+					data={emptyData}
+					width={600}
+					height={400}
+					plotRef={plotRef}
+					onDestroy={onDestroy}
+				/>,
+			);
+
+			expect(onDestroy).toHaveBeenCalledWith(firstInstance);
+			expect(firstInstance.destroy).toHaveBeenCalled();
+			expect(plotRef).toHaveBeenCalledWith(null);
+			expect(screen.getByText('No Data')).toBeInTheDocument();
+		});
+
+		it('destroys the previous instance before creating a new one on config change', () => {
+			const onDestroy = jest.fn();
+			const config1 = createMockConfig();
+			const config2 = createMockConfig();
+
+			const { rerender } = render(
+				<UPlotChart
+					config={config1}
+					data={validData}
+					width={600}
+					height={400}
+					onDestroy={onDestroy}
+				/>,
+				{ wrapper: Wrapper },
+			);
+
+			const firstInstance = instances[0];
+
+			rerender(
+				<UPlotChart
+					config={config2}
+					data={validData}
+					width={600}
+					height={400}
+					onDestroy={onDestroy}
+				/>,
+			);
+
+			expect(onDestroy).toHaveBeenCalledWith(firstInstance);
+			expect(firstInstance.destroy).toHaveBeenCalled();
+			expect(instances).toHaveLength(2);
+		});
+	});
+
+	describe('prop updates', () => {
+		it('calls setData without recreating the plot when only data changes', () => {
+			const config = createMockConfig();
+			const newData: AlignedData = [
+				[4, 5, 6],
+				[40, 50, 60],
+			];
+
+			const { rerender } = render(
+				<UPlotChart config={config} data={validData} width={600} height={400} />,
+				{ wrapper: Wrapper },
+			);
+
+			const inst = instances[0];
+
+			rerender(
+				<UPlotChart config={config} data={newData} width={600} height={400} />,
+			);
+
+			expect(inst.setData).toHaveBeenCalledWith(newData);
+			expect(mockUPlotConstructor).toHaveBeenCalledTimes(1);
+		});
+
+		it('calls setSize with floored values when only dimensions change', () => {
+			const config = createMockConfig();
+
+			const { rerender } = render(
+				<UPlotChart config={config} data={validData} width={600} height={400} />,
+				{ wrapper: Wrapper },
+			);
+
+			const instance = instances[0];
+
+			rerender(
+				<UPlotChart
+					config={config}
+					data={validData}
+					width={800.7}
+					height={500.3}
+				/>,
+			);
+
+			expect(instance.setSize).toHaveBeenCalledWith({ width: 800, height: 500 });
+			expect(mockUPlotConstructor).toHaveBeenCalledTimes(1);
+		});
+
+		it('recreates the plot when config changes', () => {
+			const config1 = createMockConfig();
+			const config2 = createMockConfig();
+
+			const { rerender } = render(
+				<UPlotChart config={config1} data={validData} width={600} height={400} />,
+				{ wrapper: Wrapper },
+			);
+
+			rerender(
+				<UPlotChart config={config2} data={validData} width={600} height={400} />,
+			);
+
+			expect(mockUPlotConstructor).toHaveBeenCalledTimes(2);
+		});
+
+		it('does nothing when all props remain the same', () => {
+			const config = createMockConfig();
+
+			const { rerender } = render(
+				<UPlotChart config={config} data={validData} width={600} height={400} />,
+				{ wrapper: Wrapper },
+			);
+
+			const instance = instances[0];
+
+			rerender(
+				<UPlotChart config={config} data={validData} width={600} height={400} />,
+			);
+
+			expect(mockUPlotConstructor).toHaveBeenCalledTimes(1);
+			expect(instance.setData).not.toHaveBeenCalled();
+			expect(instance.setSize).not.toHaveBeenCalled();
+		});
+	});
+});

frontend/src/lib/uPlotV2/utils/__tests__/dataUtils.test.ts

@@ -0,0 +1,62 @@
+import { isInvalidPlotValue, normalizePlotValue } from '../dataUtils';
+
+describe('dataUtils', () => {
+	describe('isInvalidPlotValue', () => {
+		it('treats null and undefined as invalid', () => {
+			expect(isInvalidPlotValue(null)).toBe(true);
+			expect(isInvalidPlotValue(undefined)).toBe(true);
+		});
+
+		it('treats finite numbers as valid and non-finite as invalid', () => {
+			expect(isInvalidPlotValue(0)).toBe(false);
+			expect(isInvalidPlotValue(123.45)).toBe(false);
+			expect(isInvalidPlotValue(Number.NaN)).toBe(true);
+			expect(isInvalidPlotValue(Infinity)).toBe(true);
+			expect(isInvalidPlotValue(-Infinity)).toBe(true);
+		});
+
+		it('treats well-formed numeric strings as valid', () => {
+			expect(isInvalidPlotValue('0')).toBe(false);
+			expect(isInvalidPlotValue('123.45')).toBe(false);
+			expect(isInvalidPlotValue('-1')).toBe(false);
+		});
+
+		it('treats Infinity/NaN string variants and non-numeric strings as invalid', () => {
+			expect(isInvalidPlotValue('+Inf')).toBe(true);
+			expect(isInvalidPlotValue('-Inf')).toBe(true);
+			expect(isInvalidPlotValue('Infinity')).toBe(true);
+			expect(isInvalidPlotValue('-Infinity')).toBe(true);
+			expect(isInvalidPlotValue('NaN')).toBe(true);
+			expect(isInvalidPlotValue('not-a-number')).toBe(true);
+		});
+
+		it('treats non-number, non-string values as valid (left to caller)', () => {
+			expect(isInvalidPlotValue({})).toBe(false);
+			expect(isInvalidPlotValue([])).toBe(false);
+			expect(isInvalidPlotValue(true)).toBe(false);
+		});
+	});
+
+	describe('normalizePlotValue', () => {
+		it('returns null for invalid values detected by isInvalidPlotValue', () => {
+			expect(normalizePlotValue(null)).toBeNull();
+			expect(normalizePlotValue(undefined)).toBeNull();
+			expect(normalizePlotValue(NaN)).toBeNull();
+			expect(normalizePlotValue(Infinity)).toBeNull();
+			expect(normalizePlotValue('-Infinity')).toBeNull();
+			expect(normalizePlotValue('not-a-number')).toBeNull();
+		});
+
+		it('parses valid numeric strings into numbers', () => {
+			expect(normalizePlotValue('0')).toBe(0);
+			expect(normalizePlotValue('123.45')).toBe(123.45);
+			expect(normalizePlotValue('-1')).toBe(-1);
+		});
+
+		it('passes through valid numbers unchanged', () => {
+			expect(normalizePlotValue(0)).toBe(0);
+			expect(normalizePlotValue(123)).toBe(123);
+			expect(normalizePlotValue(42.5)).toBe(42.5);
+		});
+	});
+});

frontend/src/lib/uPlotV2/utils/__tests__/scale.test.ts

@@ -0,0 +1,201 @@
+import uPlot from 'uplot';
+
+import { DistributionType } from '../../config/types';
+import * as scaleUtils from '../scale';
+
+describe('scale utils', () => {
+	describe('normalizeLogScaleLimits', () => {
+		it('returns limits unchanged when distribution is not logarithmic', () => {
+			const limits = {
+				min: 1,
+				max: 100,
+				softMin: 5,
+				softMax: 50,
+			};
+
+			const result = scaleUtils.normalizeLogScaleLimits({
+				distr: DistributionType.Linear,
+				logBase: 10,
+				limits,
+			});
+
+			expect(result).toEqual(limits);
+		});
+
+		it('snaps positive limits to powers of the log base when distribution is logarithmic', () => {
+			const result = scaleUtils.normalizeLogScaleLimits({
+				distr: DistributionType.Logarithmic,
+				logBase: 10,
+				limits: {
+					min: 3,
+					max: 900,
+					softMin: 12,
+					softMax: 85,
+				},
+			});
+
+			expect(result.min).toBe(1); // 10^0
+			expect(result.max).toBe(1000); // 10^3
+			expect(result.softMin).toBe(10); // 10^1
+			expect(result.softMax).toBe(100); // 10^2
+		});
+	});
+
+	describe('getDistributionConfig', () => {
+		it('returns empty config for time scales', () => {
+			const config = scaleUtils.getDistributionConfig({
+				time: true,
+				distr: DistributionType.Linear,
+				logBase: 2,
+			});
+
+			expect(config).toEqual({});
+		});
+
+		it('returns linear distribution settings for non-time scales', () => {
+			const config = scaleUtils.getDistributionConfig({
+				time: false,
+				distr: DistributionType.Linear,
+				logBase: 2,
+			});
+
+			expect(config.distr).toBe(1);
+			expect(config.log).toBe(2);
+		});
+
+		it('returns log distribution settings for non-time scales', () => {
+			const config = scaleUtils.getDistributionConfig({
+				time: false,
+				distr: DistributionType.Logarithmic,
+				logBase: 10,
+			});
+
+			expect(config.distr).toBe(3);
+			expect(config.log).toBe(10);
+		});
+	});
+
+	describe('getRangeConfig', () => {
+		it('computes range config and fixed range flags correctly', () => {
+			const {
+				rangeConfig,
+				hardMinOnly,
+				hardMaxOnly,
+				hasFixedRange,
+			} = scaleUtils.getRangeConfig(0, 100, null, null, 0.1, 0.2);
+
+			expect(rangeConfig.min).toEqual({
+				pad: 0.1,
+				hard: 0,
+				soft: undefined,
+				mode: 3,
+			});
+			expect(rangeConfig.max).toEqual({
+				pad: 0.2,
+				hard: 100,
+				soft: undefined,
+				mode: 3,
+			});
+			expect(hardMinOnly).toBe(true);
+			expect(hardMaxOnly).toBe(true);
+			expect(hasFixedRange).toBe(true);
+		});
+	});
+
+	describe('createRangeFunction', () => {
+		it('returns [dataMin, dataMax] when no fixed range and no data', () => {
+			const params = {
+				rangeConfig: {} as uPlot.Range.Config,
+				hardMinOnly: false,
+				hardMaxOnly: false,
+				hasFixedRange: false,
+				min: null,
+				max: null,
+			};
+
+			const rangeFn = scaleUtils.createRangeFunction(params);
+
+			const u = ({
+				scales: {
+					y: {
+						distr: 1,
+						log: 10,
+					},
+				},
+			} as unknown) as uPlot;
+
+			const result = rangeFn(
+				u,
+				(null as unknown) as number,
+				(null as unknown) as number,
+				'y',
+			);
+
+			expect(result).toEqual([null, null]);
+		});
+
+		it('applies hard min/max for linear scale when only hard limits are set', () => {
+			const params = {
+				rangeConfig: {} as uPlot.Range.Config,
+				hardMinOnly: true,
+				hardMaxOnly: true,
+				hasFixedRange: true,
+				min: 0,
+				max: 100,
+			};
+
+			const rangeFn = scaleUtils.createRangeFunction(params);
+
+			// Use an undefined distr so the range function skips calling uPlot.rangeNum
+			// and we can focus on the behavior of applyHardLimits.
+			const u = ({
+				scales: {
+					y: {
+						distr: undefined,
+						log: 10,
+					},
+				},
+			} as unknown) as uPlot;
+
+			const result = rangeFn(u, 10, 20, 'y');
+
+			// After applyHardLimits, the returned range should respect configured min/max
+			expect(result).toEqual([0, 100]);
+		});
+	});
+
+	describe('adjustSoftLimitsWithThresholds', () => {
+		it('returns original soft limits when there are no thresholds', () => {
+			const result = scaleUtils.adjustSoftLimitsWithThresholds(1, 5, [], 'ms');
+
+			expect(result).toEqual({ softMin: 1, softMax: 5 });
+		});
+
+		it('expands soft limits to include threshold min/max values', () => {
+			const result = scaleUtils.adjustSoftLimitsWithThresholds(
+				3,
+				6,
+				[{ thresholdValue: 2 }, { thresholdValue: 8 }],
+				'ms',
+			);
+
+			// min should be pulled down to the smallest threshold value
+			expect(result.softMin).toBe(2);
+			// max should be pushed up to the largest threshold value
+			expect(result.softMax).toBe(8);
+		});
+	});
+
+	describe('getFallbackMinMaxTimeStamp', () => {
+		it('returns a 24-hour window ending at approximately now', () => {
+			const { fallbackMin, fallbackMax } = scaleUtils.getFallbackMinMaxTimeStamp();
+
+			// Difference should be exactly one day in seconds
+			expect(fallbackMax - fallbackMin).toBe(86400);
+
+			// Both should be reasonable timestamps (not NaN or negative)
+			expect(fallbackMin).toBeGreaterThan(0);
+			expect(fallbackMax).toBeGreaterThan(fallbackMin);
+		});
+	});
+});

frontend/src/lib/uPlotV2/utils/__tests__/threshold.test.ts

@@ -0,0 +1,36 @@
+import { findMinMaxThresholdValues } from '../threshold';
+
+describe('findMinMaxThresholdValues', () => {
+	it('returns [null, null] when thresholds array is empty or missing', () => {
+		expect(findMinMaxThresholdValues([], 'ms')).toEqual([null, null]);
+		// @ts-expect-error intentional undefined to cover defensive branch
+		expect(findMinMaxThresholdValues(undefined, 'ms')).toEqual([null, null]);
+	});
+
+	it('returns min and max from thresholdValue when units are not provided', () => {
+		const thresholds = [
+			{ thresholdValue: 5 },
+			{ thresholdValue: 1 },
+			{ thresholdValue: 10 },
+		];
+
+		const [min, max] = findMinMaxThresholdValues(thresholds);
+
+		expect(min).toBe(1);
+		expect(max).toBe(10);
+	});
+
+	it('ignores thresholds without a value or with unconvertible units', () => {
+		const thresholds = [
+			// Should be ignored: convertValue returns null for unknown unit
+			{ thresholdValue: 100, thresholdUnit: 'unknown-unit' },
+			// Should be used
+			{ thresholdValue: 4 },
+		];
+
+		const [min, max] = findMinMaxThresholdValues(thresholds, 'ms');
+
+		expect(min).toBe(4);
+		expect(max).toBe(4);
+	});
+});

frontend/src/providers/Dashboard/__tests__/Dashboard.test.tsx

@@ -412,14 +412,16 @@ describe('Dashboard Provider - URL Variables Integration', () => {
 			});
 
 			// Verify dashboard state contains the variables with default values
-			const dashboardVariables = await screen.findByTestId('dashboard-variables');
-			const parsedVariables = JSON.parse(dashboardVariables.textContent || '{}');
+			await waitFor(() => {
+				const dashboardVariables = screen.getByTestId('dashboard-variables');
+				const parsedVariables = JSON.parse(dashboardVariables.textContent || '{}');
 
-			expect(parsedVariables).toHaveProperty('environment');
-			expect(parsedVariables).toHaveProperty('services');
-			// Default allSelected values should be preserved
-			expect(parsedVariables.environment.allSelected).toBe(false);
-			expect(parsedVariables.services.allSelected).toBe(false);
+				expect(parsedVariables).toHaveProperty('environment');
+				expect(parsedVariables).toHaveProperty('services');
+				// Default allSelected values should be preserved
+				expect(parsedVariables.environment.allSelected).toBe(false);
+				expect(parsedVariables.services.allSelected).toBe(false);
+			});
 		});
 
 		it('should merge URL variables with dashboard data and normalize values correctly', async () => {
@@ -466,16 +468,26 @@ describe('Dashboard Provider - URL Variables Integration', () => {
 			});
 
 			// Verify the dashboard state reflects the normalized URL values
-			const dashboardVariables = await screen.findByTestId('dashboard-variables');
-			const parsedVariables = JSON.parse(dashboardVariables.textContent || '{}');
+			await waitFor(() => {
+				const dashboardVariables = screen.getByTestId('dashboard-variables');
+				const parsedVariables = JSON.parse(dashboardVariables.textContent || '{}');
 
-			// The selectedValue should be updated with normalized URL values
-			expect(parsedVariables.environment.selectedValue).toBe('development');
-			expect(parsedVariables.services.selectedValue).toEqual(['db', 'cache']);
+				// First ensure the variables exist
+				expect(parsedVariables).toHaveProperty('environment');
+				expect(parsedVariables).toHaveProperty('services');
 
-			// allSelected should be set to false when URL values override
-			expect(parsedVariables.environment.allSelected).toBe(false);
-			expect(parsedVariables.services.allSelected).toBe(false);
+				// Then check their properties
+				expect(parsedVariables.environment).toHaveProperty('selectedValue');
+				expect(parsedVariables.services).toHaveProperty('selectedValue');
+
+				// The selectedValue should be updated with normalized URL values
+				expect(parsedVariables.environment.selectedValue).toBe('development');
+				expect(parsedVariables.services.selectedValue).toEqual(['db', 'cache']);
+
+				// allSelected should be set to false when URL values override
+				expect(parsedVariables.environment.allSelected).toBe(false);
+				expect(parsedVariables.services.allSelected).toBe(false);
+			});
 		});
 
 		it('should handle ALL_SELECTED_VALUE from URL and set allSelected correctly', async () => {
@@ -500,8 +512,8 @@ describe('Dashboard Provider - URL Variables Integration', () => {
 			);
 
 			// Verify that allSelected is set to true for the services variable
-			await waitFor(async () => {
-				const dashboardVariables = await screen.findByTestId('dashboard-variables');
+			await waitFor(() => {
+				const dashboardVariables = screen.getByTestId('dashboard-variables');
 				const parsedVariables = JSON.parse(dashboardVariables.textContent || '{}');
 
 				expect(parsedVariables.services.allSelected).toBe(true);
@@ -603,8 +615,8 @@ describe('Dashboard Provider - Textbox Variable Backward Compatibility', () => {
 			});
 
 			// Verify that defaultValue is set from textboxValue
-			await waitFor(async () => {
-				const dashboardVariables = await screen.findByTestId('dashboard-variables');
+			await waitFor(() => {
+				const dashboardVariables = screen.getByTestId('dashboard-variables');
 				const parsedVariables = JSON.parse(dashboardVariables.textContent || '{}');
 
 				expect(parsedVariables.myTextbox.type).toBe('TEXTBOX');
@@ -648,8 +660,8 @@ describe('Dashboard Provider - Textbox Variable Backward Compatibility', () => {
 			});
 
 			// Verify that existing defaultValue is preserved
-			await waitFor(async () => {
-				const dashboardVariables = await screen.findByTestId('dashboard-variables');
+			await waitFor(() => {
+				const dashboardVariables = screen.getByTestId('dashboard-variables');
 				const parsedVariables = JSON.parse(dashboardVariables.textContent || '{}');
 
 				expect(parsedVariables.myTextbox.type).toBe('TEXTBOX');
@@ -694,8 +706,8 @@ describe('Dashboard Provider - Textbox Variable Backward Compatibility', () => {
 			});
 
 			// Verify that defaultValue is set to empty string
-			await waitFor(async () => {
-				const dashboardVariables = await screen.findByTestId('dashboard-variables');
+			await waitFor(() => {
+				const dashboardVariables = screen.getByTestId('dashboard-variables');
 				const parsedVariables = JSON.parse(dashboardVariables.textContent || '{}');
 
 				expect(parsedVariables.myTextbox.type).toBe('TEXTBOX');
@@ -739,8 +751,8 @@ describe('Dashboard Provider - Textbox Variable Backward Compatibility', () => {
 			});
 
 			// Verify that defaultValue is NOT set from textboxValue for QUERY type
-			await waitFor(async () => {
-				const dashboardVariables = await screen.findByTestId('dashboard-variables');
+			await waitFor(() => {
+				const dashboardVariables = screen.getByTestId('dashboard-variables');
 				const parsedVariables = JSON.parse(dashboardVariables.textContent || '{}');
 
 				expect(parsedVariables.myQuery.type).toBe('QUERY');

frontend/src/providers/Dashboard/initializeDefaultVariables.ts

@@ -1,7 +1,7 @@
 import { ALL_SELECTED_VALUE } from 'components/NewSelect/utils';
 import { IDashboardVariable } from 'types/api/dashboard/getAll';
 
-import { commaValuesParser } from '../../lib/dashbaordVariables/customCommaValuesParser';
+import { commaValuesParser } from '../../lib/dashboardVariables/customCommaValuesParser';
 
 interface UrlVariables {
 	[key: string]: any;

pkg/apis/fields/api.go

@@ -1,127 +0,0 @@
-package fields
-
-import (
-	"bytes"
-	"io"
-	"net/http"
-
-	"github.com/SigNoz/signoz/pkg/factory"
-	"github.com/SigNoz/signoz/pkg/http/render"
-	"github.com/SigNoz/signoz/pkg/telemetrylogs"
-	"github.com/SigNoz/signoz/pkg/telemetrymetadata"
-	"github.com/SigNoz/signoz/pkg/telemetrymeter"
-	"github.com/SigNoz/signoz/pkg/telemetrymetrics"
-	"github.com/SigNoz/signoz/pkg/telemetrystore"
-	"github.com/SigNoz/signoz/pkg/telemetrytraces"
-	"github.com/SigNoz/signoz/pkg/types/telemetrytypes"
-)
-
-type API struct {
-	telemetryStore         telemetrystore.TelemetryStore
-	telemetryMetadataStore telemetrytypes.MetadataStore
-}
-
-// TODO: move this to module and remove metastore init
-func NewAPI(
-	settings factory.ProviderSettings,
-	telemetryStore telemetrystore.TelemetryStore,
-) *API {
-	telemetryMetadataStore := telemetrymetadata.NewTelemetryMetaStore(
-		settings,
-		telemetryStore,
-		telemetrytraces.DBName,
-		telemetrytraces.TagAttributesV2TableName,
-		telemetrytraces.SpanAttributesKeysTblName,
-		telemetrytraces.SpanIndexV3TableName,
-		telemetrymetrics.DBName,
-		telemetrymetrics.AttributesMetadataTableName,
-		telemetrymeter.DBName,
-		telemetrymeter.SamplesAgg1dTableName,
-		telemetrylogs.DBName,
-		telemetrylogs.LogsV2TableName,
-		telemetrylogs.TagAttributesV2TableName,
-		telemetrylogs.LogAttributeKeysTblName,
-		telemetrylogs.LogResourceKeysTblName,
-		telemetrymetadata.DBName,
-		telemetrymetadata.AttributesMetadataLocalTableName,
-	)
-
-	return &API{
-		telemetryStore:         telemetryStore,
-		telemetryMetadataStore: telemetryMetadataStore,
-	}
-}
-
-func (api *API) GetFieldsKeys(w http.ResponseWriter, r *http.Request) {
-
-	type fieldKeysResponse struct {
-		Keys     map[string][]*telemetrytypes.TelemetryFieldKey `json:"keys"`
-		Complete bool                                           `json:"complete"`
-	}
-
-	bodyBytes, _ := io.ReadAll(r.Body)
-	r.Body = io.NopCloser(bytes.NewBuffer(bodyBytes))
-	ctx := r.Context()
-
-	fieldKeySelector, err := parseFieldKeyRequest(r)
-	if err != nil {
-		render.Error(w, err)
-		return
-	}
-
-	keys, complete, err := api.telemetryMetadataStore.GetKeys(ctx, fieldKeySelector)
-	if err != nil {
-		render.Error(w, err)
-		return
-	}
-
-	response := fieldKeysResponse{
-		Keys:     keys,
-		Complete: complete,
-	}
-
-	render.Success(w, http.StatusOK, response)
-}
-
-func (api *API) GetFieldsValues(w http.ResponseWriter, r *http.Request) {
-
-	type fieldValuesResponse struct {
-		Values   *telemetrytypes.TelemetryFieldValues `json:"values"`
-		Complete bool                                 `json:"complete"`
-	}
-
-	bodyBytes, _ := io.ReadAll(r.Body)
-	r.Body = io.NopCloser(bytes.NewBuffer(bodyBytes))
-	ctx := r.Context()
-
-	fieldValueSelector, err := parseFieldValueRequest(r)
-	if err != nil {
-		render.Error(w, err)
-		return
-	}
-
-	allValues, allComplete, err := api.telemetryMetadataStore.GetAllValues(ctx, fieldValueSelector)
-	if err != nil {
-		render.Error(w, err)
-		return
-	}
-
-	relatedValues, relatedComplete, err := api.telemetryMetadataStore.GetRelatedValues(ctx, fieldValueSelector)
-	if err != nil {
-		// we don't want to return error if we fail to get related values for some reason
-		relatedValues = []string{}
-	}
-
-	values := &telemetrytypes.TelemetryFieldValues{
-		StringValues:  allValues.StringValues,
-		NumberValues:  allValues.NumberValues,
-		RelatedValues: relatedValues,
-	}
-
-	response := fieldValuesResponse{
-		Values:   values,
-		Complete: allComplete && relatedComplete,
-	}
-
-	render.Success(w, http.StatusOK, response)
-}

pkg/apis/fields/parse.go

@@ -1,162 +0,0 @@
-package fields
-
-import (
-	"net/http"
-	"strconv"
-
-	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/SigNoz/signoz/pkg/types/telemetrytypes"
-	"github.com/SigNoz/signoz/pkg/valuer"
-)
-
-func parseFieldKeyRequest(r *http.Request) (*telemetrytypes.FieldKeySelector, error) {
-	var req telemetrytypes.FieldKeySelector
-	var signal telemetrytypes.Signal
-	var source telemetrytypes.Source
-	var err error
-
-	signalStr := r.URL.Query().Get("signal")
-	if signalStr != "" {
-		signal = telemetrytypes.Signal{String: valuer.NewString(signalStr)}
-	} else {
-		signal = telemetrytypes.SignalUnspecified
-	}
-
-	sourceStr := r.URL.Query().Get("source")
-	if sourceStr != "" {
-		source = telemetrytypes.Source{String: valuer.NewString(sourceStr)}
-	} else {
-		source = telemetrytypes.SourceUnspecified
-	}
-
-	if r.URL.Query().Get("limit") != "" {
-		limit, err := strconv.Atoi(r.URL.Query().Get("limit"))
-		if err != nil {
-			return nil, errors.Wrapf(err, errors.TypeInvalidInput, errors.CodeInvalidInput, "failed to parse limit")
-		}
-		req.Limit = limit
-	} else {
-		req.Limit = 1000
-	}
-
-	var startUnixMilli, endUnixMilli int64
-
-	if r.URL.Query().Get("startUnixMilli") != "" {
-		startUnixMilli, err = strconv.ParseInt(r.URL.Query().Get("startUnixMilli"), 10, 64)
-		if err != nil {
-			return nil, errors.Wrapf(err, errors.TypeInvalidInput, errors.CodeInvalidInput, "failed to parse startUnixMilli")
-		}
-		// Round down to the nearest 6 hours (21600000 milliseconds)
-		startUnixMilli -= startUnixMilli % 21600000
-	}
-	if r.URL.Query().Get("endUnixMilli") != "" {
-		endUnixMilli, err = strconv.ParseInt(r.URL.Query().Get("endUnixMilli"), 10, 64)
-		if err != nil {
-			return nil, errors.Wrapf(err, errors.TypeInvalidInput, errors.CodeInvalidInput, "failed to parse endUnixMilli")
-		}
-	}
-
-	// Parse fieldContext directly instead of using JSON unmarshalling.
-	var fieldContext telemetrytypes.FieldContext
-	fieldContextStr := r.URL.Query().Get("fieldContext")
-	if fieldContextStr != "" {
-		fieldContext = telemetrytypes.FieldContext{String: valuer.NewString(fieldContextStr)}
-	}
-
-	// Parse fieldDataType directly instead of using JSON unmarshalling.
-	var fieldDataType telemetrytypes.FieldDataType
-	fieldDataTypeStr := r.URL.Query().Get("fieldDataType")
-	if fieldDataTypeStr != "" {
-		fieldDataType = telemetrytypes.FieldDataType{String: valuer.NewString(fieldDataTypeStr)}
-	}
-
-	metricName := r.URL.Query().Get("metricName")
-	var metricContext *telemetrytypes.MetricContext
-	if metricName != "" {
-		metricContext = &telemetrytypes.MetricContext{
-			MetricName: metricName,
-		}
-	}
-
-	name := r.URL.Query().Get("searchText")
-
-	if name != "" && fieldContext == telemetrytypes.FieldContextUnspecified {
-		parsedFieldKey := telemetrytypes.GetFieldKeyFromKeyText(name)
-		if parsedFieldKey.FieldContext != telemetrytypes.FieldContextUnspecified {
-			// Only apply inferred context if it is valid for the current signal
-			if isContextValidForSignal(parsedFieldKey.FieldContext, signal) {
-				name = parsedFieldKey.Name
-				fieldContext = parsedFieldKey.FieldContext
-			}
-		}
-	}
-
-	req = telemetrytypes.FieldKeySelector{
-		StartUnixMilli:    startUnixMilli,
-		EndUnixMilli:      endUnixMilli,
-		Signal:            signal,
-		Source:            source,
-		Name:              name,
-		FieldContext:      fieldContext,
-		FieldDataType:     fieldDataType,
-		Limit:             req.Limit,
-		SelectorMatchType: telemetrytypes.FieldSelectorMatchTypeFuzzy,
-		MetricContext:     metricContext,
-	}
-	return &req, nil
-}
-
-func parseFieldValueRequest(r *http.Request) (*telemetrytypes.FieldValueSelector, error) {
-	keySelector, err := parseFieldKeyRequest(r)
-	if err != nil {
-		return nil, errors.Wrapf(err, errors.TypeInvalidInput, errors.CodeInvalidInput, "failed to parse field key request")
-	}
-
-	name := r.URL.Query().Get("name")
-	if name != "" && keySelector.FieldContext == telemetrytypes.FieldContextUnspecified {
-		parsedFieldKey := telemetrytypes.GetFieldKeyFromKeyText(name)
-		if parsedFieldKey.FieldContext != telemetrytypes.FieldContextUnspecified {
-			// Only apply inferred context if it is valid for the current signal
-			if isContextValidForSignal(parsedFieldKey.FieldContext, keySelector.Signal) {
-				name = parsedFieldKey.Name
-				keySelector.FieldContext = parsedFieldKey.FieldContext
-			}
-		}
-	}
-	keySelector.Name = name
-	existingQuery := r.URL.Query().Get("existingQuery")
-	value := r.URL.Query().Get("searchText")
-
-	// Parse limit for fieldValue request, fallback to default 50 if parsing fails.
-	limit, err := strconv.Atoi(r.URL.Query().Get("limit"))
-	if err != nil {
-		limit = 50
-	}
-
-	req := telemetrytypes.FieldValueSelector{
-		FieldKeySelector: keySelector,
-		ExistingQuery:    existingQuery,
-		Value:            value,
-		Limit:            limit,
-	}
-
-	return &req, nil
-}
-
-func isContextValidForSignal(ctx telemetrytypes.FieldContext, signal telemetrytypes.Signal) bool {
-	if ctx == telemetrytypes.FieldContextResource ||
-		ctx == telemetrytypes.FieldContextAttribute ||
-		ctx == telemetrytypes.FieldContextScope {
-		return true
-	}
-
-	switch signal.StringValue() {
-	case telemetrytypes.SignalLogs.StringValue():
-		return ctx == telemetrytypes.FieldContextLog || ctx == telemetrytypes.FieldContextBody
-	case telemetrytypes.SignalTraces.StringValue():
-		return ctx == telemetrytypes.FieldContextSpan || ctx == telemetrytypes.FieldContextEvent || ctx == telemetrytypes.FieldContextTrace
-	case telemetrytypes.SignalMetrics.StringValue():
-		return ctx == telemetrytypes.FieldContextMetric
-	}
-	return true
-}

pkg/apiserver/signozapiserver/fields.go

@@ -0,0 +1,50 @@
+package signozapiserver
+
+import (
+	"net/http"
+
+	"github.com/SigNoz/signoz/pkg/http/handler"
+	"github.com/SigNoz/signoz/pkg/types"
+	"github.com/SigNoz/signoz/pkg/types/telemetrytypes"
+	"github.com/gorilla/mux"
+)
+
+func (provider *provider) addFieldsRoutes(router *mux.Router) error {
+	if err := router.Handle("/api/v1/fields/keys", handler.New(provider.authZ.ViewAccess(provider.fieldsHandler.GetFieldsKeys), handler.OpenAPIDef{
+		ID:                  "GetFieldsKeys",
+		Tags:                []string{"fields"},
+		Summary:             "Get field keys",
+		Description:         "This endpoint returns field keys",
+		Request:             nil,
+		RequestQuery:        new(telemetrytypes.PostableFieldKeysParams),
+		RequestContentType:  "",
+		Response:            new(telemetrytypes.GettableFieldKeys),
+		ResponseContentType: "application/json",
+		SuccessStatusCode:   http.StatusOK,
+		ErrorStatusCodes:    []int{},
+		Deprecated:          false,
+		SecuritySchemes:     newSecuritySchemes(types.RoleViewer),
+	})).Methods(http.MethodGet).GetError(); err != nil {
+		return err
+	}
+
+	if err := router.Handle("/api/v1/fields/values", handler.New(provider.authZ.ViewAccess(provider.fieldsHandler.GetFieldsValues), handler.OpenAPIDef{
+		ID:                  "GetFieldsValues",
+		Tags:                []string{"fields"},
+		Summary:             "Get field values",
+		Description:         "This endpoint returns field values",
+		Request:             nil,
+		RequestQuery:        new(telemetrytypes.PostableFieldValueParams),
+		RequestContentType:  "",
+		Response:            new(telemetrytypes.GettableFieldValues),
+		ResponseContentType: "application/json",
+		SuccessStatusCode:   http.StatusOK,
+		ErrorStatusCodes:    []int{},
+		Deprecated:          false,
+		SecuritySchemes:     newSecuritySchemes(types.RoleViewer),
+	})).Methods(http.MethodGet).GetError(); err != nil {
+		return err
+	}
+
+	return nil
+}

pkg/apiserver/signozapiserver/provider.go

@@ -13,11 +13,11 @@ import (
 	"github.com/SigNoz/signoz/pkg/http/middleware"
 	"github.com/SigNoz/signoz/pkg/modules/authdomain"
 	"github.com/SigNoz/signoz/pkg/modules/dashboard"
+	"github.com/SigNoz/signoz/pkg/modules/fields"
 	"github.com/SigNoz/signoz/pkg/modules/metricsexplorer"
 	"github.com/SigNoz/signoz/pkg/modules/organization"
 	"github.com/SigNoz/signoz/pkg/modules/preference"
 	"github.com/SigNoz/signoz/pkg/modules/promote"
-	"github.com/SigNoz/signoz/pkg/modules/role"
 	"github.com/SigNoz/signoz/pkg/modules/session"
 	"github.com/SigNoz/signoz/pkg/modules/user"
 	"github.com/SigNoz/signoz/pkg/types"
@@ -42,8 +42,8 @@ type provider struct {
 	dashboardHandler       dashboard.Handler
 	metricsExplorerHandler metricsexplorer.Handler
 	gatewayHandler         gateway.Handler
-	roleGetter             role.Getter
-	roleHandler            role.Handler
+	fieldsHandler          fields.Handler
+	authzHandler           authz.Handler
 }
 
 func NewFactory(
@@ -61,11 +61,31 @@ func NewFactory(
 	dashboardHandler dashboard.Handler,
 	metricsExplorerHandler metricsexplorer.Handler,
 	gatewayHandler gateway.Handler,
-	roleGetter role.Getter,
-	roleHandler role.Handler,
+	fieldsHandler fields.Handler,
+	authzHandler authz.Handler,
 ) factory.ProviderFactory[apiserver.APIServer, apiserver.Config] {
 	return factory.NewProviderFactory(factory.MustNewName("signoz"), func(ctx context.Context, providerSettings factory.ProviderSettings, config apiserver.Config) (apiserver.APIServer, error) {
-		return newProvider(ctx, providerSettings, config, orgGetter, authz, orgHandler, userHandler, sessionHandler, authDomainHandler, preferenceHandler, globalHandler, promoteHandler, flaggerHandler, dashboardModule, dashboardHandler, metricsExplorerHandler, gatewayHandler, roleGetter, roleHandler)
+		return newProvider(
+			ctx,
+			providerSettings,
+			config,
+			orgGetter,
+			authz,
+			orgHandler,
+			userHandler,
+			sessionHandler,
+			authDomainHandler,
+			preferenceHandler,
+			globalHandler,
+			promoteHandler,
+			flaggerHandler,
+			dashboardModule,
+			dashboardHandler,
+			metricsExplorerHandler,
+			gatewayHandler,
+			fieldsHandler,
+			authzHandler,
+		)
 	})
 }
 
@@ -87,8 +107,8 @@ func newProvider(
 	dashboardHandler dashboard.Handler,
 	metricsExplorerHandler metricsexplorer.Handler,
 	gatewayHandler gateway.Handler,
-	roleGetter role.Getter,
-	roleHandler role.Handler,
+	fieldsHandler fields.Handler,
+	authzHandler authz.Handler,
 ) (apiserver.APIServer, error) {
 	settings := factory.NewScopedProviderSettings(providerSettings, "github.com/SigNoz/signoz/pkg/apiserver/signozapiserver")
 	router := mux.NewRouter().UseEncodedPath()
@@ -109,11 +129,11 @@ func newProvider(
 		dashboardHandler:       dashboardHandler,
 		metricsExplorerHandler: metricsExplorerHandler,
 		gatewayHandler:         gatewayHandler,
-		roleGetter:             roleGetter,
-		roleHandler:            roleHandler,
+		fieldsHandler:          fieldsHandler,
+		authzHandler:           authzHandler,
 	}
 
-	provider.authZ = middleware.NewAuthZ(settings.Logger(), orgGetter, authz, roleGetter)
+	provider.authZ = middleware.NewAuthZ(settings.Logger(), orgGetter, authz)
 
 	if err := provider.AddToRouter(router); err != nil {
 		return nil, err
@@ -175,6 +195,10 @@ func (provider *provider) AddToRouter(router *mux.Router) error {
 		return err
 	}
 
+	if err := provider.addFieldsRoutes(router); err != nil {
+		return err
+	}
+
 	return nil
 }
 

pkg/apiserver/signozapiserver/role.go

@@ -10,7 +10,7 @@ import (
 )
 
 func (provider *provider) addRoleRoutes(router *mux.Router) error {
-	if err := router.Handle("/api/v1/roles", handler.New(provider.authZ.AdminAccess(provider.roleHandler.Create), handler.OpenAPIDef{
+	if err := router.Handle("/api/v1/roles", handler.New(provider.authZ.AdminAccess(provider.authzHandler.Create), handler.OpenAPIDef{
 		ID:                  "CreateRole",
 		Tags:                []string{"role"},
 		Summary:             "Create role",
@@ -27,7 +27,7 @@ func (provider *provider) addRoleRoutes(router *mux.Router) error {
 		return err
 	}
 
-	if err := router.Handle("/api/v1/roles", handler.New(provider.authZ.AdminAccess(provider.roleHandler.List), handler.OpenAPIDef{
+	if err := router.Handle("/api/v1/roles", handler.New(provider.authZ.AdminAccess(provider.authzHandler.List), handler.OpenAPIDef{
 		ID:                  "ListRoles",
 		Tags:                []string{"role"},
 		Summary:             "List roles",
@@ -44,7 +44,7 @@ func (provider *provider) addRoleRoutes(router *mux.Router) error {
 		return err
 	}
 
-	if err := router.Handle("/api/v1/roles/{id}", handler.New(provider.authZ.AdminAccess(provider.roleHandler.Get), handler.OpenAPIDef{
+	if err := router.Handle("/api/v1/roles/{id}", handler.New(provider.authZ.AdminAccess(provider.authzHandler.Get), handler.OpenAPIDef{
 		ID:                  "GetRole",
 		Tags:                []string{"role"},
 		Summary:             "Get role",
@@ -61,7 +61,7 @@ func (provider *provider) addRoleRoutes(router *mux.Router) error {
 		return err
 	}
 
-	if err := router.Handle("/api/v1/roles/{id}", handler.New(provider.authZ.AdminAccess(provider.roleHandler.Patch), handler.OpenAPIDef{
+	if err := router.Handle("/api/v1/roles/{id}", handler.New(provider.authZ.AdminAccess(provider.authzHandler.Patch), handler.OpenAPIDef{
 		ID:                  "PatchRole",
 		Tags:                []string{"role"},
 		Summary:             "Patch role",
@@ -78,7 +78,7 @@ func (provider *provider) addRoleRoutes(router *mux.Router) error {
 		return err
 	}
 
-	if err := router.Handle("/api/v1/roles/{id}", handler.New(provider.authZ.AdminAccess(provider.roleHandler.Delete), handler.OpenAPIDef{
+	if err := router.Handle("/api/v1/roles/{id}", handler.New(provider.authZ.AdminAccess(provider.authzHandler.Delete), handler.OpenAPIDef{
 		ID:                  "DeleteRole",
 		Tags:                []string{"role"},
 		Summary:             "Delete role",

pkg/authz/authz.go

@@ -2,9 +2,11 @@ package authz
 
 import (
 	"context"
+	"net/http"
 
 	"github.com/SigNoz/signoz/pkg/factory"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
+	"github.com/SigNoz/signoz/pkg/types/roletypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 	openfgav1 "github.com/openfga/api/proto/openfga/v1"
 )
@@ -29,4 +31,76 @@ type AuthZ interface {
 
 	// Lists the selectors for objects assigned to subject (s) with relation (r) on resource (s)
 	ListObjects(context.Context, string, authtypes.Relation, authtypes.Typeable) ([]*authtypes.Object, error)
+
+	// Creates the role.
+	Create(context.Context, valuer.UUID, *roletypes.Role) error
+
+	// Gets the role if it exists or creates one.
+	GetOrCreate(context.Context, valuer.UUID, *roletypes.Role) (*roletypes.Role, error)
+
+	// Gets the objects associated with the given role and relation.
+	GetObjects(context.Context, valuer.UUID, valuer.UUID, authtypes.Relation) ([]*authtypes.Object, error)
+
+	// Gets all the typeable resources registered from role registry.
+	GetResources(context.Context) []*authtypes.Resource
+
+	// Patches the role.
+	Patch(context.Context, valuer.UUID, *roletypes.Role) error
+
+	// Patches the objects in authorization server associated with the given role and relation
+	PatchObjects(context.Context, valuer.UUID, string, authtypes.Relation, []*authtypes.Object, []*authtypes.Object) error
+
+	// Deletes the role and tuples in authorization server.
+	Delete(context.Context, valuer.UUID, valuer.UUID) error
+
+	// Gets the role
+	Get(context.Context, valuer.UUID, valuer.UUID) (*roletypes.Role, error)
+
+	// Gets the role by org_id and name
+	GetByOrgIDAndName(context.Context, valuer.UUID, string) (*roletypes.Role, error)
+
+	// Lists all the roles for the organization.
+	List(context.Context, valuer.UUID) ([]*roletypes.Role, error)
+
+	//  Lists all the roles for the organization filtered by name
+	ListByOrgIDAndNames(context.Context, valuer.UUID, []string) ([]*roletypes.Role, error)
+
+	// Grants a role to the subject based on role name.
+	Grant(context.Context, valuer.UUID, string, string) error
+
+	// Revokes a granted role from the subject based on role name.
+	Revoke(context.Context, valuer.UUID, string, string) error
+
+	// Changes the granted role for the subject based on role name.
+	ModifyGrant(context.Context, valuer.UUID, string, string, string) error
+
+	// Bootstrap the managed roles.
+	CreateManagedRoles(context.Context, valuer.UUID, []*roletypes.Role) error
+
+	// Bootstrap managed roles transactions and user assignments
+	CreateManagedUserRoleTransactions(context.Context, valuer.UUID, valuer.UUID) error
+}
+
+type RegisterTypeable interface {
+	MustGetTypeables() []authtypes.Typeable
+
+	MustGetManagedRoleTransactions() map[string][]*authtypes.Transaction
+}
+
+type Handler interface {
+	Create(http.ResponseWriter, *http.Request)
+
+	Get(http.ResponseWriter, *http.Request)
+
+	GetObjects(http.ResponseWriter, *http.Request)
+
+	GetResources(http.ResponseWriter, *http.Request)
+
+	List(http.ResponseWriter, *http.Request)
+
+	Patch(http.ResponseWriter, *http.Request)
+
+	PatchObjects(http.ResponseWriter, *http.Request)
+
+	Delete(http.ResponseWriter, *http.Request)
 }

pkg/authz/authzstore/sqlauthzstore/store.go

@@ -1,4 +1,4 @@
-package implrole
+package sqlauthzstore
 
 import (
 	"context"
@@ -14,7 +14,7 @@ type store struct {
 	sqlstore sqlstore.SQLStore
 }
 
-func NewStore(sqlstore sqlstore.SQLStore) roletypes.Store {
+func NewSqlAuthzStore(sqlstore sqlstore.SQLStore) roletypes.Store {
 	return &store{sqlstore: sqlstore}
 }
 

pkg/authz/openfgaauthz/provider.go

@@ -2,35 +2,24 @@ package openfgaauthz
 
 import (
 	"context"
-	"strconv"
-	"sync"
 
 	authz "github.com/SigNoz/signoz/pkg/authz"
+	"github.com/SigNoz/signoz/pkg/authz/authzstore/sqlauthzstore"
+	"github.com/SigNoz/signoz/pkg/authz/openfgaserver"
 	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
+	"github.com/SigNoz/signoz/pkg/types/roletypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 
 	"github.com/SigNoz/signoz/pkg/factory"
 	"github.com/SigNoz/signoz/pkg/sqlstore"
 	openfgav1 "github.com/openfga/api/proto/openfga/v1"
 	openfgapkgtransformer "github.com/openfga/language/pkg/go/transformer"
-	openfgapkgserver "github.com/openfga/openfga/pkg/server"
-	"google.golang.org/protobuf/encoding/protojson"
-)
-
-var (
-	openfgaDefaultStore = valuer.NewString("signoz")
 )
 
 type provider struct {
-	config        authz.Config
-	settings      factory.ScopedProviderSettings
-	openfgaSchema []openfgapkgtransformer.ModuleFile
-	openfgaServer *openfgapkgserver.Server
-	storeID       string
-	modelID       string
-	mtx           sync.RWMutex
-	stopChan      chan struct{}
+	server *openfgaserver.Server
+	store  roletypes.Store
 }
 
 func NewProviderFactory(sqlstore sqlstore.SQLStore, openfgaSchema []openfgapkgtransformer.ModuleFile) factory.ProviderFactory[authz.AuthZ, authz.Config] {
@@ -40,301 +29,194 @@ func NewProviderFactory(sqlstore sqlstore.SQLStore, openfgaSchema []openfgapkgtr
 }
 
 func newOpenfgaProvider(ctx context.Context, settings factory.ProviderSettings, config authz.Config, sqlstore sqlstore.SQLStore, openfgaSchema []openfgapkgtransformer.ModuleFile) (authz.AuthZ, error) {
-	scopedProviderSettings := factory.NewScopedProviderSettings(settings, "github.com/SigNoz/signoz/pkg/authz/openfgaauthz")
-
-	store, err := NewSQLStore(sqlstore)
+	server, err := openfgaserver.NewOpenfgaServer(ctx, settings, config, sqlstore, openfgaSchema)
 	if err != nil {
-		scopedProviderSettings.Logger().DebugContext(ctx, "failed to initialize sqlstore for authz")
-		return nil, err
-	}
-
-	// setup the openfga server
-	opts := []openfgapkgserver.OpenFGAServiceV1Option{
-		openfgapkgserver.WithDatastore(store),
-		openfgapkgserver.WithLogger(NewLogger(scopedProviderSettings.Logger())),
-		openfgapkgserver.WithContextPropagationToDatastore(true),
-	}
-	openfgaServer, err := openfgapkgserver.NewServerWithOpts(opts...)
-	if err != nil {
-		scopedProviderSettings.Logger().DebugContext(ctx, "failed to create authz server")
 		return nil, err
 	}
 
 	return &provider{
-		config:        config,
-		settings:      scopedProviderSettings,
-		openfgaServer: openfgaServer,
-		openfgaSchema: openfgaSchema,
-		mtx:           sync.RWMutex{},
-		stopChan:      make(chan struct{}),
+		server: server,
+		store:  sqlauthzstore.NewSqlAuthzStore(sqlstore),
 	}, nil
 }
 
 func (provider *provider) Start(ctx context.Context) error {
-	storeId, err := provider.getOrCreateStore(ctx, openfgaDefaultStore.StringValue())
-	if err != nil {
-		return err
-	}
-
-	modelID, err := provider.getOrCreateModel(ctx, storeId)
-	if err != nil {
-		return err
-	}
-
-	provider.mtx.Lock()
-	provider.modelID = modelID
-	provider.storeID = storeId
-	provider.mtx.Unlock()
-
-	<-provider.stopChan
-	return nil
+	return provider.server.Start(ctx)
 }
 
 func (provider *provider) Stop(ctx context.Context) error {
-	provider.openfgaServer.Close()
-	close(provider.stopChan)
-	return nil
+	return provider.server.Stop(ctx)
 }
 
 func (provider *provider) Check(ctx context.Context, tupleReq *openfgav1.TupleKey) error {
-	storeID, modelID := provider.getStoreIDandModelID()
-	checkResponse, err := provider.openfgaServer.Check(
-		ctx,
-		&openfgav1.CheckRequest{
-			StoreId:              storeID,
-			AuthorizationModelId: modelID,
-			TupleKey: &openfgav1.CheckRequestTupleKey{
-				User:     tupleReq.User,
-				Relation: tupleReq.Relation,
-				Object:   tupleReq.Object,
-			},
-		})
-	if err != nil {
-		return errors.Newf(errors.TypeInternal, authtypes.ErrCodeAuthZUnavailable, "authorization server is unavailable").WithAdditional(err.Error())
-	}
-
-	if !checkResponse.Allowed {
-		return errors.Newf(errors.TypeForbidden, authtypes.ErrCodeAuthZForbidden, "subject %s cannot %s object %s", tupleReq.User, tupleReq.Relation, tupleReq.Object)
-	}
-
-	return nil
+	return provider.server.Check(ctx, tupleReq)
 }
 
 func (provider *provider) BatchCheck(ctx context.Context, tupleReq []*openfgav1.TupleKey) error {
-	storeID, modelID := provider.getStoreIDandModelID()
-	batchCheckItems := make([]*openfgav1.BatchCheckItem, 0)
-	for idx, tuple := range tupleReq {
-		batchCheckItems = append(batchCheckItems, &openfgav1.BatchCheckItem{
-			TupleKey: &openfgav1.CheckRequestTupleKey{
-				User:     tuple.User,
-				Relation: tuple.Relation,
-				Object:   tuple.Object,
-			},
-			// the batch check response is map[string] keyed by correlationID.
-			CorrelationId: strconv.Itoa(idx),
-		})
-	}
-
-	checkResponse, err := provider.openfgaServer.BatchCheck(
-		ctx,
-		&openfgav1.BatchCheckRequest{
-			StoreId:              storeID,
-			AuthorizationModelId: modelID,
-			Checks:               batchCheckItems,
-		})
-	if err != nil {
-		return errors.Newf(errors.TypeInternal, authtypes.ErrCodeAuthZUnavailable, "authorization server is unavailable").WithAdditional(err.Error())
-	}
-
-	for _, checkResponse := range checkResponse.Result {
-		if checkResponse.GetAllowed() {
-			return nil
-		}
-	}
-
-	return errors.Newf(errors.TypeForbidden, authtypes.ErrCodeAuthZForbidden, "subjects are not authorized for requested access")
-
+	return provider.server.BatchCheck(ctx, tupleReq)
 }
 
-func (provider *provider) CheckWithTupleCreation(ctx context.Context, claims authtypes.Claims, orgID valuer.UUID, _ authtypes.Relation, _ authtypes.Typeable, _ []authtypes.Selector, roleSelectors []authtypes.Selector) error {
-	subject, err := authtypes.NewSubject(authtypes.TypeableUser, claims.UserID, orgID, nil)
-	if err != nil {
-		return err
-	}
-
-	tuples, err := authtypes.TypeableRole.Tuples(subject, authtypes.RelationAssignee, roleSelectors, orgID)
-	if err != nil {
-		return err
-	}
-
-	err = provider.BatchCheck(ctx, tuples)
-	if err != nil {
-		return err
-	}
-
-	return nil
+func (provider *provider) CheckWithTupleCreation(ctx context.Context, claims authtypes.Claims, orgID valuer.UUID, relation authtypes.Relation, typeable authtypes.Typeable, selectors []authtypes.Selector, roleSelectors []authtypes.Selector) error {
+	return provider.server.CheckWithTupleCreation(ctx, claims, orgID, relation, typeable, selectors, roleSelectors)
 }
 
-func (provider *provider) CheckWithTupleCreationWithoutClaims(ctx context.Context, orgID valuer.UUID, _ authtypes.Relation, _ authtypes.Typeable, _ []authtypes.Selector, roleSelectors []authtypes.Selector) error {
-	subject, err := authtypes.NewSubject(authtypes.TypeableAnonymous, authtypes.AnonymousUser.String(), orgID, nil)
-	if err != nil {
-		return err
-	}
-
-	tuples, err := authtypes.TypeableRole.Tuples(subject, authtypes.RelationAssignee, roleSelectors, orgID)
-	if err != nil {
-		return err
-	}
-
-	err = provider.BatchCheck(ctx, tuples)
-	if err != nil {
-		return err
-	}
-
-	return nil
+func (provider *provider) CheckWithTupleCreationWithoutClaims(ctx context.Context, orgID valuer.UUID, relation authtypes.Relation, typeable authtypes.Typeable, selectors []authtypes.Selector, roleSelectors []authtypes.Selector) error {
+	return provider.server.CheckWithTupleCreationWithoutClaims(ctx, orgID, relation, typeable, selectors, roleSelectors)
 }
 
 func (provider *provider) Write(ctx context.Context, additions []*openfgav1.TupleKey, deletions []*openfgav1.TupleKey) error {
-	if len(additions) == 0 && len(deletions) == 0 {
-		return nil
-	}
-
-	storeID, modelID := provider.getStoreIDandModelID()
-	deletionTuplesWithoutCondition := make([]*openfgav1.TupleKeyWithoutCondition, len(deletions))
-	for idx, tuple := range deletions {
-		deletionTuplesWithoutCondition[idx] = &openfgav1.TupleKeyWithoutCondition{User: tuple.User, Object: tuple.Object, Relation: tuple.Relation}
-	}
-
-	_, err := provider.openfgaServer.Write(ctx, &openfgav1.WriteRequest{
-		StoreId:              storeID,
-		AuthorizationModelId: modelID,
-		Writes: func() *openfgav1.WriteRequestWrites {
-			if len(additions) == 0 {
-				return nil
-			}
-			return &openfgav1.WriteRequestWrites{
-				TupleKeys:   additions,
-				OnDuplicate: "ignore",
-			}
-		}(),
-		Deletes: func() *openfgav1.WriteRequestDeletes {
-			if len(deletionTuplesWithoutCondition) == 0 {
-				return nil
-			}
-			return &openfgav1.WriteRequestDeletes{
-				TupleKeys: deletionTuplesWithoutCondition,
-				OnMissing: "ignore",
-			}
-		}(),
-	})
-
-	return err
+	return provider.server.Write(ctx, additions, deletions)
 }
 
 func (provider *provider) ListObjects(ctx context.Context, subject string, relation authtypes.Relation, typeable authtypes.Typeable) ([]*authtypes.Object, error) {
-	storeID, modelID := provider.getStoreIDandModelID()
-	response, err := provider.openfgaServer.ListObjects(ctx, &openfgav1.ListObjectsRequest{
-		StoreId:              storeID,
-		AuthorizationModelId: modelID,
-		User:                 subject,
-		Relation:             relation.StringValue(),
-		Type:                 typeable.Type().StringValue(),
+	return provider.server.ListObjects(ctx, subject, relation, typeable)
+}
+
+func (provider *provider) Get(ctx context.Context, orgID valuer.UUID, id valuer.UUID) (*roletypes.Role, error) {
+	storableRole, err := provider.store.Get(ctx, orgID, id)
+	if err != nil {
+		return nil, err
+	}
+
+	return roletypes.NewRoleFromStorableRole(storableRole), nil
+}
+
+func (provider *provider) GetByOrgIDAndName(ctx context.Context, orgID valuer.UUID, name string) (*roletypes.Role, error) {
+	storableRole, err := provider.store.GetByOrgIDAndName(ctx, orgID, name)
+	if err != nil {
+		return nil, err
+	}
+
+	return roletypes.NewRoleFromStorableRole(storableRole), nil
+}
+
+func (provider *provider) List(ctx context.Context, orgID valuer.UUID) ([]*roletypes.Role, error) {
+	storableRoles, err := provider.store.List(ctx, orgID)
+	if err != nil {
+		return nil, err
+	}
+
+	roles := make([]*roletypes.Role, len(storableRoles))
+	for idx, storableRole := range storableRoles {
+		roles[idx] = roletypes.NewRoleFromStorableRole(storableRole)
+	}
+
+	return roles, nil
+}
+
+func (provider *provider) ListByOrgIDAndNames(ctx context.Context, orgID valuer.UUID, names []string) ([]*roletypes.Role, error) {
+	storableRoles, err := provider.store.ListByOrgIDAndNames(ctx, orgID, names)
+	if err != nil {
+		return nil, err
+	}
+
+	roles := make([]*roletypes.Role, len(storableRoles))
+	for idx, storable := range storableRoles {
+		roles[idx] = roletypes.NewRoleFromStorableRole(storable)
+	}
+
+	return roles, nil
+}
+
+func (provider *provider) Grant(ctx context.Context, orgID valuer.UUID, name string, subject string) error {
+	tuples, err := authtypes.TypeableRole.Tuples(
+		subject,
+		authtypes.RelationAssignee,
+		[]authtypes.Selector{
+			authtypes.MustNewSelector(authtypes.TypeRole, name),
+		},
+		orgID,
+	)
+	if err != nil {
+		return err
+	}
+	return provider.Write(ctx, tuples, nil)
+}
+
+func (provider *provider) ModifyGrant(ctx context.Context, orgID valuer.UUID, existingRoleName string, updatedRoleName string, subject string) error {
+	err := provider.Revoke(ctx, orgID, existingRoleName, subject)
+	if err != nil {
+		return err
+	}
+
+	err = provider.Grant(ctx, orgID, updatedRoleName, subject)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (provider *provider) Revoke(ctx context.Context, orgID valuer.UUID, name string, subject string) error {
+	tuples, err := authtypes.TypeableRole.Tuples(
+		subject,
+		authtypes.RelationAssignee,
+		[]authtypes.Selector{
+			authtypes.MustNewSelector(authtypes.TypeRole, name),
+		},
+		orgID,
+	)
+	if err != nil {
+		return err
+	}
+	return provider.Write(ctx, nil, tuples)
+}
+
+func (provider *provider) CreateManagedRoles(ctx context.Context, _ valuer.UUID, managedRoles []*roletypes.Role) error {
+	err := provider.store.RunInTx(ctx, func(ctx context.Context) error {
+		for _, role := range managedRoles {
+			err := provider.store.Create(ctx, roletypes.NewStorableRoleFromRole(role))
+			if err != nil {
+				return err
+			}
+		}
+
+		return nil
 	})
+
 	if err != nil {
-		return nil, errors.Wrapf(err, errors.TypeInternal, authtypes.ErrCodeAuthZUnavailable, "cannot list objects for subject %s with relation %s for type %s", subject, relation.StringValue(), typeable.Type().StringValue())
+		return err
 	}
 
-	return authtypes.MustNewObjectsFromStringSlice(response.Objects), nil
+	return nil
 }
 
-func (provider *provider) getOrCreateStore(ctx context.Context, name string) (string, error) {
-	stores, err := provider.openfgaServer.ListStores(ctx, &openfgav1.ListStoresRequest{})
-	if err != nil {
-		return "", err
-	}
-
-	for _, store := range stores.GetStores() {
-		if store.GetName() == name {
-			return store.Id, nil
-		}
-	}
-
-	store, err := provider.openfgaServer.CreateStore(ctx, &openfgav1.CreateStoreRequest{Name: name})
-	if err != nil {
-		return "", err
-	}
-
-	return store.Id, nil
+func (provider *provider) SetManagedRoleTransactions(context.Context, valuer.UUID) error {
+	return nil
 }
 
-func (provider *provider) getOrCreateModel(ctx context.Context, storeID string) (string, error) {
-	schema, err := openfgapkgtransformer.TransformModuleFilesToModel(provider.openfgaSchema, "1.1")
-	if err != nil {
-		return "", err
-	}
-
-	authorisationModels, err := provider.openfgaServer.ReadAuthorizationModels(ctx, &openfgav1.ReadAuthorizationModelsRequest{StoreId: storeID})
-	if err != nil {
-		return "", err
-	}
-
-	for _, authModel := range authorisationModels.GetAuthorizationModels() {
-		equal, err := provider.isModelEqual(schema, authModel)
-		if err != nil {
-			return "", err
-		}
-		if equal {
-			return authModel.Id, nil
-		}
-	}
-
-	authorizationModel, err := provider.openfgaServer.WriteAuthorizationModel(ctx, &openfgav1.WriteAuthorizationModelRequest{
-		StoreId:         storeID,
-		TypeDefinitions: schema.TypeDefinitions,
-		SchemaVersion:   schema.SchemaVersion,
-		Conditions:      schema.Conditions,
-	})
-	if err != nil {
-		return "", err
-	}
-
-	return authorizationModel.AuthorizationModelId, nil
+func (provider *provider) CreateManagedUserRoleTransactions(ctx context.Context, orgID valuer.UUID, userID valuer.UUID) error {
+	return provider.Grant(ctx, orgID, roletypes.SigNozAdminRoleName, authtypes.MustNewSubject(authtypes.TypeableUser, userID.String(), orgID, nil))
 }
 
-// the language model doesn't have any equality check
-// https://github.com/openfga/language/blob/main/pkg/go/transformer/module-to-model_test.go#L38
-func (provider *provider) isModelEqual(expected *openfgav1.AuthorizationModel, actual *openfgav1.AuthorizationModel) (bool, error) {
-	// we need to initialize a new model since the model extracted from schema doesn't have id
-	expectedAuthModel := openfgav1.AuthorizationModel{
-		SchemaVersion:   expected.SchemaVersion,
-		TypeDefinitions: expected.TypeDefinitions,
-		Conditions:      expected.Conditions,
-	}
-	expectedAuthModelBytes, err := protojson.Marshal(&expectedAuthModel)
-	if err != nil {
-		return false, err
-	}
-
-	actualAuthModel := openfgav1.AuthorizationModel{
-		SchemaVersion:   actual.SchemaVersion,
-		TypeDefinitions: actual.TypeDefinitions,
-		Conditions:      actual.Conditions,
-	}
-	actualAuthModelBytes, err := protojson.Marshal(&actualAuthModel)
-	if err != nil {
-		return false, err
-	}
-
-	return string(expectedAuthModelBytes) == string(actualAuthModelBytes), nil
-
+func (setter *provider) Create(_ context.Context, _ valuer.UUID, _ *roletypes.Role) error {
+	return errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
 }
 
-func (provider *provider) getStoreIDandModelID() (string, string) {
-	provider.mtx.RLock()
-	defer provider.mtx.RUnlock()
-
-	storeID := provider.storeID
-	modelID := provider.modelID
-
-	return storeID, modelID
+func (provider *provider) GetOrCreate(_ context.Context, _ valuer.UUID, _ *roletypes.Role) (*roletypes.Role, error) {
+	return nil, errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
+}
+
+func (provider *provider) GetResources(_ context.Context) []*authtypes.Resource {
+	return nil
+}
+
+func (provider *provider) GetObjects(ctx context.Context, orgID valuer.UUID, id valuer.UUID, relation authtypes.Relation) ([]*authtypes.Object, error) {
+	return nil, errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
+}
+
+func (provider *provider) Patch(_ context.Context, _ valuer.UUID, _ *roletypes.Role) error {
+	return errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
+}
+
+func (provider *provider) PatchObjects(_ context.Context, _ valuer.UUID, _ string, _ authtypes.Relation, _, _ []*authtypes.Object) error {
+	return errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
+}
+
+func (provider *provider) Delete(_ context.Context, _ valuer.UUID, _ valuer.UUID) error {
+	return errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
+}
+
+func (provider *provider) MustGetTypeables() []authtypes.Typeable {
+	return nil
 }

pkg/authz/openfgaserver/logger.go

@@ -1,4 +1,4 @@
-package openfgaauthz
+package openfgaserver
 
 import (
 	"context"

pkg/authz/openfgaserver/server.go

@@ -0,0 +1,334 @@
+package openfgaserver
+
+import (
+	"context"
+	"strconv"
+	"sync"
+
+	authz "github.com/SigNoz/signoz/pkg/authz"
+	"github.com/SigNoz/signoz/pkg/errors"
+	"github.com/SigNoz/signoz/pkg/types/authtypes"
+	"github.com/SigNoz/signoz/pkg/valuer"
+
+	"github.com/SigNoz/signoz/pkg/factory"
+	"github.com/SigNoz/signoz/pkg/sqlstore"
+	openfgav1 "github.com/openfga/api/proto/openfga/v1"
+	openfgapkgtransformer "github.com/openfga/language/pkg/go/transformer"
+	openfgapkgserver "github.com/openfga/openfga/pkg/server"
+	"google.golang.org/protobuf/encoding/protojson"
+)
+
+var (
+	openfgaDefaultStore = valuer.NewString("signoz")
+)
+
+type Server struct {
+	config        authz.Config
+	settings      factory.ScopedProviderSettings
+	openfgaSchema []openfgapkgtransformer.ModuleFile
+	openfgaServer *openfgapkgserver.Server
+	storeID       string
+	modelID       string
+	mtx           sync.RWMutex
+	stopChan      chan struct{}
+}
+
+func NewOpenfgaServer(ctx context.Context, settings factory.ProviderSettings, config authz.Config, sqlstore sqlstore.SQLStore, openfgaSchema []openfgapkgtransformer.ModuleFile) (*Server, error) {
+	scopedProviderSettings := factory.NewScopedProviderSettings(settings, "github.com/SigNoz/signoz/pkg/authz/openfgaauthz")
+
+	store, err := NewSQLStore(sqlstore)
+	if err != nil {
+		scopedProviderSettings.Logger().DebugContext(ctx, "failed to initialize sqlstore for authz")
+		return nil, err
+	}
+
+	// setup the openfga server
+	opts := []openfgapkgserver.OpenFGAServiceV1Option{
+		openfgapkgserver.WithDatastore(store),
+		openfgapkgserver.WithLogger(NewLogger(scopedProviderSettings.Logger())),
+		openfgapkgserver.WithContextPropagationToDatastore(true),
+	}
+	openfgaServer, err := openfgapkgserver.NewServerWithOpts(opts...)
+	if err != nil {
+		scopedProviderSettings.Logger().DebugContext(ctx, "failed to create authz server")
+		return nil, err
+	}
+
+	return &Server{
+		config:        config,
+		settings:      scopedProviderSettings,
+		openfgaServer: openfgaServer,
+		openfgaSchema: openfgaSchema,
+		mtx:           sync.RWMutex{},
+		stopChan:      make(chan struct{}),
+	}, nil
+}
+
+func (server *Server) Start(ctx context.Context) error {
+	storeID, err := server.getOrCreateStore(ctx, openfgaDefaultStore.StringValue())
+	if err != nil {
+		return err
+	}
+
+	modelID, err := server.getOrCreateModel(ctx, storeID)
+	if err != nil {
+		return err
+	}
+
+	server.mtx.Lock()
+	server.modelID = modelID
+	server.storeID = storeID
+	server.mtx.Unlock()
+
+	<-server.stopChan
+	return nil
+}
+
+func (server *Server) Stop(ctx context.Context) error {
+	server.openfgaServer.Close()
+	close(server.stopChan)
+	return nil
+}
+
+func (server *Server) Check(ctx context.Context, tupleReq *openfgav1.TupleKey) error {
+	storeID, modelID := server.getStoreIDandModelID()
+	checkResponse, err := server.openfgaServer.Check(
+		ctx,
+		&openfgav1.CheckRequest{
+			StoreId:              storeID,
+			AuthorizationModelId: modelID,
+			TupleKey: &openfgav1.CheckRequestTupleKey{
+				User:     tupleReq.User,
+				Relation: tupleReq.Relation,
+				Object:   tupleReq.Object,
+			},
+		})
+	if err != nil {
+		return errors.Newf(errors.TypeInternal, authtypes.ErrCodeAuthZUnavailable, "authorization server is unavailable").WithAdditional(err.Error())
+	}
+
+	if !checkResponse.Allowed {
+		return errors.Newf(errors.TypeForbidden, authtypes.ErrCodeAuthZForbidden, "subject %s cannot %s object %s", tupleReq.User, tupleReq.Relation, tupleReq.Object)
+	}
+
+	return nil
+}
+
+func (server *Server) BatchCheck(ctx context.Context, tupleReq []*openfgav1.TupleKey) error {
+	storeID, modelID := server.getStoreIDandModelID()
+	batchCheckItems := make([]*openfgav1.BatchCheckItem, 0)
+	for idx, tuple := range tupleReq {
+		batchCheckItems = append(batchCheckItems, &openfgav1.BatchCheckItem{
+			TupleKey: &openfgav1.CheckRequestTupleKey{
+				User:     tuple.User,
+				Relation: tuple.Relation,
+				Object:   tuple.Object,
+			},
+			// the batch check response is map[string] keyed by correlationID.
+			CorrelationId: strconv.Itoa(idx),
+		})
+	}
+
+	checkResponse, err := server.openfgaServer.BatchCheck(
+		ctx,
+		&openfgav1.BatchCheckRequest{
+			StoreId:              storeID,
+			AuthorizationModelId: modelID,
+			Checks:               batchCheckItems,
+		})
+	if err != nil {
+		return errors.Newf(errors.TypeInternal, authtypes.ErrCodeAuthZUnavailable, "authorization server is unavailable").WithAdditional(err.Error())
+	}
+
+	for _, checkResponse := range checkResponse.Result {
+		if checkResponse.GetAllowed() {
+			return nil
+		}
+	}
+
+	return errors.Newf(errors.TypeForbidden, authtypes.ErrCodeAuthZForbidden, "subjects are not authorized for requested access")
+
+}
+
+func (server *Server) CheckWithTupleCreation(ctx context.Context, claims authtypes.Claims, orgID valuer.UUID, _ authtypes.Relation, _ authtypes.Typeable, _ []authtypes.Selector, roleSelectors []authtypes.Selector) error {
+	subject, err := authtypes.NewSubject(authtypes.TypeableUser, claims.UserID, orgID, nil)
+	if err != nil {
+		return err
+	}
+
+	tuples, err := authtypes.TypeableRole.Tuples(subject, authtypes.RelationAssignee, roleSelectors, orgID)
+	if err != nil {
+		return err
+	}
+
+	err = server.BatchCheck(ctx, tuples)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (server *Server) CheckWithTupleCreationWithoutClaims(ctx context.Context, orgID valuer.UUID, _ authtypes.Relation, _ authtypes.Typeable, _ []authtypes.Selector, roleSelectors []authtypes.Selector) error {
+	subject, err := authtypes.NewSubject(authtypes.TypeableAnonymous, authtypes.AnonymousUser.String(), orgID, nil)
+	if err != nil {
+		return err
+	}
+
+	tuples, err := authtypes.TypeableRole.Tuples(subject, authtypes.RelationAssignee, roleSelectors, orgID)
+	if err != nil {
+		return err
+	}
+
+	err = server.BatchCheck(ctx, tuples)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (server *Server) Write(ctx context.Context, additions []*openfgav1.TupleKey, deletions []*openfgav1.TupleKey) error {
+	if len(additions) == 0 && len(deletions) == 0 {
+		return nil
+	}
+
+	storeID, modelID := server.getStoreIDandModelID()
+	deletionTuplesWithoutCondition := make([]*openfgav1.TupleKeyWithoutCondition, len(deletions))
+	for idx, tuple := range deletions {
+		deletionTuplesWithoutCondition[idx] = &openfgav1.TupleKeyWithoutCondition{User: tuple.User, Object: tuple.Object, Relation: tuple.Relation}
+	}
+
+	_, err := server.openfgaServer.Write(ctx, &openfgav1.WriteRequest{
+		StoreId:              storeID,
+		AuthorizationModelId: modelID,
+		Writes: func() *openfgav1.WriteRequestWrites {
+			if len(additions) == 0 {
+				return nil
+			}
+			return &openfgav1.WriteRequestWrites{
+				TupleKeys:   additions,
+				OnDuplicate: "ignore",
+			}
+		}(),
+		Deletes: func() *openfgav1.WriteRequestDeletes {
+			if len(deletionTuplesWithoutCondition) == 0 {
+				return nil
+			}
+			return &openfgav1.WriteRequestDeletes{
+				TupleKeys: deletionTuplesWithoutCondition,
+				OnMissing: "ignore",
+			}
+		}(),
+	})
+
+	return err
+}
+
+func (server *Server) ListObjects(ctx context.Context, subject string, relation authtypes.Relation, typeable authtypes.Typeable) ([]*authtypes.Object, error) {
+	storeID, modelID := server.getStoreIDandModelID()
+	response, err := server.openfgaServer.ListObjects(ctx, &openfgav1.ListObjectsRequest{
+		StoreId:              storeID,
+		AuthorizationModelId: modelID,
+		User:                 subject,
+		Relation:             relation.StringValue(),
+		Type:                 typeable.Type().StringValue(),
+	})
+	if err != nil {
+		return nil, errors.Wrapf(err, errors.TypeInternal, authtypes.ErrCodeAuthZUnavailable, "cannot list objects for subject %s with relation %s for type %s", subject, relation.StringValue(), typeable.Type().StringValue())
+	}
+
+	return authtypes.MustNewObjectsFromStringSlice(response.Objects), nil
+}
+
+func (server *Server) getOrCreateStore(ctx context.Context, name string) (string, error) {
+	stores, err := server.openfgaServer.ListStores(ctx, &openfgav1.ListStoresRequest{})
+	if err != nil {
+		return "", err
+	}
+
+	for _, store := range stores.GetStores() {
+		if store.GetName() == name {
+			return store.Id, nil
+		}
+	}
+
+	store, err := server.openfgaServer.CreateStore(ctx, &openfgav1.CreateStoreRequest{Name: name})
+	if err != nil {
+		return "", err
+	}
+
+	return store.Id, nil
+}
+
+func (server *Server) getOrCreateModel(ctx context.Context, storeID string) (string, error) {
+	schema, err := openfgapkgtransformer.TransformModuleFilesToModel(server.openfgaSchema, "1.1")
+	if err != nil {
+		return "", err
+	}
+
+	authorisationModels, err := server.openfgaServer.ReadAuthorizationModels(ctx, &openfgav1.ReadAuthorizationModelsRequest{StoreId: storeID})
+	if err != nil {
+		return "", err
+	}
+
+	for _, authModel := range authorisationModels.GetAuthorizationModels() {
+		equal, err := server.isModelEqual(schema, authModel)
+		if err != nil {
+			return "", err
+		}
+		if equal {
+			return authModel.Id, nil
+		}
+	}
+
+	authorizationModel, err := server.openfgaServer.WriteAuthorizationModel(ctx, &openfgav1.WriteAuthorizationModelRequest{
+		StoreId:         storeID,
+		TypeDefinitions: schema.TypeDefinitions,
+		SchemaVersion:   schema.SchemaVersion,
+		Conditions:      schema.Conditions,
+	})
+	if err != nil {
+		return "", err
+	}
+
+	return authorizationModel.AuthorizationModelId, nil
+}
+
+// the language model doesn't have any equality check
+// https://github.com/openfga/language/blob/main/pkg/go/transformer/module-to-model_test.go#L38
+func (server *Server) isModelEqual(expected *openfgav1.AuthorizationModel, actual *openfgav1.AuthorizationModel) (bool, error) {
+	// we need to initialize a new model since the model extracted from schema doesn't have id
+	expectedAuthModel := openfgav1.AuthorizationModel{
+		SchemaVersion:   expected.SchemaVersion,
+		TypeDefinitions: expected.TypeDefinitions,
+		Conditions:      expected.Conditions,
+	}
+	expectedAuthModelBytes, err := protojson.Marshal(&expectedAuthModel)
+	if err != nil {
+		return false, err
+	}
+
+	actualAuthModel := openfgav1.AuthorizationModel{
+		SchemaVersion:   actual.SchemaVersion,
+		TypeDefinitions: actual.TypeDefinitions,
+		Conditions:      actual.Conditions,
+	}
+	actualAuthModelBytes, err := protojson.Marshal(&actualAuthModel)
+	if err != nil {
+		return false, err
+	}
+
+	return string(expectedAuthModelBytes) == string(actualAuthModelBytes), nil
+
+}
+
+func (server *Server) getStoreIDandModelID() (string, string) {
+	server.mtx.RLock()
+	defer server.mtx.RUnlock()
+
+	storeID := server.storeID
+	modelID := server.modelID
+
+	return storeID, modelID
+}

pkg/authz/openfgaserver/server_test.go

@@ -1,4 +1,4 @@
-package openfgaauthz
+package openfgaserver
 
 import (
 	"context"
@@ -20,7 +20,7 @@ func TestProviderStartStop(t *testing.T) {
 
 	expectedModel := `module base 
 	type user`
-	provider, err := newOpenfgaProvider(context.Background(), providerSettings, authz.Config{}, sqlstore, []transformer.ModuleFile{{Name: "test.fga", Contents: expectedModel}})
+	provider, err := NewOpenfgaServer(context.Background(), providerSettings, authz.Config{}, sqlstore, []transformer.ModuleFile{{Name: "test.fga", Contents: expectedModel}})
 	require.NoError(t, err)
 
 	storeRows := sqlstore.Mock().NewRows([]string{"id", "name", "created_at", "updated_at"}).AddRow("01K3V0NTN47MPTMEV1PD5ST6ZC", "signoz", time.Now(), time.Now())

pkg/authz/openfgaserver/sqlstore.go

@@ -1,4 +1,4 @@
-package openfgaauthz
+package openfgaserver
 
 import (
 	"github.com/SigNoz/signoz/pkg/errors"

pkg/authz/signozauthzapi/handler.go

@@ -1,12 +1,12 @@
-package implrole
+package signozauthzapi
 
 import (
 	"net/http"
 
+	"github.com/SigNoz/signoz/pkg/authz"
 	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/http/binding"
 	"github.com/SigNoz/signoz/pkg/http/render"
-	"github.com/SigNoz/signoz/pkg/modules/role"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
 	"github.com/SigNoz/signoz/pkg/types/roletypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
@@ -14,12 +14,11 @@ import (
 )
 
 type handler struct {
-	setter role.Setter
-	getter role.Getter
+	authz authz.AuthZ
 }
 
-func NewHandler(setter role.Setter, getter role.Getter) role.Handler {
-	return &handler{setter: setter, getter: getter}
+func NewHandler(authz authz.AuthZ) authz.Handler {
+	return &handler{authz: authz}
 }
 
 func (handler *handler) Create(rw http.ResponseWriter, r *http.Request) {
@@ -36,7 +35,7 @@ func (handler *handler) Create(rw http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	err = handler.setter.Create(ctx, valuer.MustNewUUID(claims.OrgID), roletypes.NewRole(req.Name, req.Description, roletypes.RoleTypeCustom, valuer.MustNewUUID(claims.OrgID)))
+	err = handler.authz.Create(ctx, valuer.MustNewUUID(claims.OrgID), roletypes.NewRole(req.Name, req.Description, roletypes.RoleTypeCustom, valuer.MustNewUUID(claims.OrgID)))
 	if err != nil {
 		render.Error(rw, err)
 		return
@@ -64,7 +63,7 @@ func (handler *handler) Get(rw http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	role, err := handler.getter.Get(ctx, valuer.MustNewUUID(claims.OrgID), roleID)
+	role, err := handler.authz.Get(ctx, valuer.MustNewUUID(claims.OrgID), roleID)
 	if err != nil {
 		render.Error(rw, err)
 		return
@@ -103,7 +102,7 @@ func (handler *handler) GetObjects(rw http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	objects, err := handler.setter.GetObjects(ctx, valuer.MustNewUUID(claims.OrgID), roleID, relation)
+	objects, err := handler.authz.GetObjects(ctx, valuer.MustNewUUID(claims.OrgID), roleID, relation)
 	if err != nil {
 		render.Error(rw, err)
 		return
@@ -114,7 +113,7 @@ func (handler *handler) GetObjects(rw http.ResponseWriter, r *http.Request) {
 
 func (handler *handler) GetResources(rw http.ResponseWriter, r *http.Request) {
 	ctx := r.Context()
-	resources := handler.setter.GetResources(ctx)
+	resources := handler.authz.GetResources(ctx)
 
 	var resourceRelations = struct {
 		Resources []*authtypes.Resource                   `json:"resources"`
@@ -134,7 +133,7 @@ func (handler *handler) List(rw http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	roles, err := handler.getter.List(ctx, valuer.MustNewUUID(claims.OrgID))
+	roles, err := handler.authz.List(ctx, valuer.MustNewUUID(claims.OrgID))
 	if err != nil {
 		render.Error(rw, err)
 		return
@@ -163,7 +162,7 @@ func (handler *handler) Patch(rw http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	role, err := handler.getter.Get(ctx, valuer.MustNewUUID(claims.OrgID), id)
+	role, err := handler.authz.Get(ctx, valuer.MustNewUUID(claims.OrgID), id)
 	if err != nil {
 		render.Error(rw, err)
 		return
@@ -175,7 +174,7 @@ func (handler *handler) Patch(rw http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	err = handler.setter.Patch(ctx, valuer.MustNewUUID(claims.OrgID), role)
+	err = handler.authz.Patch(ctx, valuer.MustNewUUID(claims.OrgID), role)
 	if err != nil {
 		render.Error(rw, err)
 		return
@@ -210,7 +209,7 @@ func (handler *handler) PatchObjects(rw http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	role, err := handler.getter.Get(ctx, valuer.MustNewUUID(claims.OrgID), id)
+	role, err := handler.authz.Get(ctx, valuer.MustNewUUID(claims.OrgID), id)
 	if err != nil {
 		render.Error(rw, err)
 		return
@@ -222,7 +221,7 @@ func (handler *handler) PatchObjects(rw http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	err = handler.setter.PatchObjects(ctx, valuer.MustNewUUID(claims.OrgID), role.Name, relation, patchableObjects.Additions, patchableObjects.Deletions)
+	err = handler.authz.PatchObjects(ctx, valuer.MustNewUUID(claims.OrgID), role.Name, relation, patchableObjects.Additions, patchableObjects.Deletions)
 	if err != nil {
 		render.Error(rw, err)
 		return
@@ -245,7 +244,7 @@ func (handler *handler) Delete(rw http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	err = handler.setter.Delete(ctx, valuer.MustNewUUID(claims.OrgID), id)
+	err = handler.authz.Delete(ctx, valuer.MustNewUUID(claims.OrgID), id)
 	if err != nil {
 		render.Error(rw, err)
 		return

pkg/http/middleware/authz.go

@@ -8,7 +8,6 @@ import (
 	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/http/render"
 	"github.com/SigNoz/signoz/pkg/modules/organization"
-	"github.com/SigNoz/signoz/pkg/modules/role"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
 	"github.com/SigNoz/signoz/pkg/types/ctxtypes"
 	"github.com/SigNoz/signoz/pkg/types/roletypes"
@@ -24,15 +23,14 @@ type AuthZ struct {
 	logger       *slog.Logger
 	orgGetter    organization.Getter
 	authzService authz.AuthZ
-	roleGetter   role.Getter
 }
 
-func NewAuthZ(logger *slog.Logger, orgGetter organization.Getter, authzService authz.AuthZ, roleGetter role.Getter) *AuthZ {
+func NewAuthZ(logger *slog.Logger, orgGetter organization.Getter, authzService authz.AuthZ) *AuthZ {
 	if logger == nil {
 		panic("cannot build authz middleware, logger is empty")
 	}
 
-	return &AuthZ{logger: logger, orgGetter: orgGetter, authzService: authzService, roleGetter: roleGetter}
+	return &AuthZ{logger: logger, orgGetter: orgGetter, authzService: authzService}
 }
 
 func (middleware *AuthZ) ViewAccess(next http.HandlerFunc) http.HandlerFunc {

pkg/modules/dashboard/dashboard.go

@@ -4,7 +4,7 @@ import (
 	"context"
 	"net/http"
 
-	"github.com/SigNoz/signoz/pkg/modules/role"
+	"github.com/SigNoz/signoz/pkg/authz"
 	"github.com/SigNoz/signoz/pkg/statsreporter"
 	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
@@ -51,7 +51,7 @@ type Module interface {
 
 	statsreporter.StatsCollector
 
-	role.RegisterTypeable
+	authz.RegisterTypeable
 }
 
 type Handler interface {

pkg/modules/dashboard/impldashboard/module.go

@@ -206,6 +206,10 @@ func (module *module) MustGetTypeables() []authtypes.Typeable {
 	return []authtypes.Typeable{dashboardtypes.TypeableMetaResourceDashboard, dashboardtypes.TypeableMetaResourcesDashboards}
 }
 
+func (module *module) MustGetManagedRoleTransactions() map[string][]*authtypes.Transaction {
+	return nil
+}
+
 // not supported
 func (module *module) CreatePublic(ctx context.Context, orgID valuer.UUID, publicDashboard *dashboardtypes.PublicDashboard) error {
 	return errors.Newf(errors.TypeUnsupported, dashboardtypes.ErrCodePublicDashboardUnsupported, "not implemented")

pkg/modules/fields/handler.go

@@ -0,0 +1,11 @@
+package fields
+
+import "net/http"
+
+type Handler interface {
+	// Gets the fields keys for the given field key selector
+	GetFieldsKeys(http.ResponseWriter, *http.Request)
+
+	// Gets the fields values for the given field value selector
+	GetFieldsValues(http.ResponseWriter, *http.Request)
+}

pkg/modules/fields/implfields/handler.go

@@ -0,0 +1,79 @@
+package implfields
+
+import (
+	"net/http"
+
+	"github.com/SigNoz/signoz/pkg/factory"
+	"github.com/SigNoz/signoz/pkg/http/binding"
+	"github.com/SigNoz/signoz/pkg/http/render"
+	"github.com/SigNoz/signoz/pkg/modules/fields"
+	"github.com/SigNoz/signoz/pkg/types/telemetrytypes"
+)
+
+type handler struct {
+	telemetryMetadataStore telemetrytypes.MetadataStore
+}
+
+func NewHandler(settings factory.ProviderSettings, telemetryMetadataStore telemetrytypes.MetadataStore) fields.Handler {
+	return &handler{
+		telemetryMetadataStore: telemetryMetadataStore,
+	}
+}
+
+func (handler *handler) GetFieldsKeys(rw http.ResponseWriter, req *http.Request) {
+	ctx := req.Context()
+
+	var params telemetrytypes.PostableFieldKeysParams
+	if err := binding.Query.BindQuery(req.URL.Query(), &params); err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	fieldKeySelector := telemetrytypes.NewFieldKeySelectorFromPostableFieldKeysParams(params)
+
+	keys, complete, err := handler.telemetryMetadataStore.GetKeys(ctx, fieldKeySelector)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	render.Success(rw, http.StatusOK, &telemetrytypes.GettableFieldKeys{
+		Keys:     keys,
+		Complete: complete,
+	})
+}
+
+func (handler *handler) GetFieldsValues(rw http.ResponseWriter, req *http.Request) {
+	ctx := req.Context()
+
+	var params telemetrytypes.PostableFieldValueParams
+	if err := binding.Query.BindQuery(req.URL.Query(), &params); err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	fieldValueSelector := telemetrytypes.NewFieldValueSelectorFromPostableFieldValueParams(params)
+
+	allValues, allComplete, err := handler.telemetryMetadataStore.GetAllValues(ctx, fieldValueSelector)
+	if err != nil {
+		render.Error(rw, err)
+		return
+	}
+
+	relatedValues, relatedComplete, err := handler.telemetryMetadataStore.GetRelatedValues(ctx, fieldValueSelector)
+	if err != nil {
+		// we don't want to return error if we fail to get related values for some reason
+		relatedValues = []string{}
+	}
+
+	values := &telemetrytypes.TelemetryFieldValues{
+		StringValues:  allValues.StringValues,
+		NumberValues:  allValues.NumberValues,
+		RelatedValues: relatedValues,
+	}
+
+	render.Success(rw, http.StatusOK, &telemetrytypes.GettableFieldValues{
+		Values:   values,
+		Complete: allComplete && relatedComplete,
+	})
+}

pkg/modules/role/implrole/getter.go

@@ -1,63 +0,0 @@
-package implrole
-
-import (
-	"context"
-
-	"github.com/SigNoz/signoz/pkg/modules/role"
-	"github.com/SigNoz/signoz/pkg/types/roletypes"
-	"github.com/SigNoz/signoz/pkg/valuer"
-)
-
-type getter struct {
-	store roletypes.Store
-}
-
-func NewGetter(store roletypes.Store) role.Getter {
-	return &getter{store: store}
-}
-
-func (getter *getter) Get(ctx context.Context, orgID valuer.UUID, id valuer.UUID) (*roletypes.Role, error) {
-	storableRole, err := getter.store.Get(ctx, orgID, id)
-	if err != nil {
-		return nil, err
-	}
-
-	return roletypes.NewRoleFromStorableRole(storableRole), nil
-}
-
-func (getter *getter) GetByOrgIDAndName(ctx context.Context, orgID valuer.UUID, name string) (*roletypes.Role, error) {
-	storableRole, err := getter.store.GetByOrgIDAndName(ctx, orgID, name)
-	if err != nil {
-		return nil, err
-	}
-
-	return roletypes.NewRoleFromStorableRole(storableRole), nil
-}
-
-func (getter *getter) List(ctx context.Context, orgID valuer.UUID) ([]*roletypes.Role, error) {
-	storableRoles, err := getter.store.List(ctx, orgID)
-	if err != nil {
-		return nil, err
-	}
-
-	roles := make([]*roletypes.Role, len(storableRoles))
-	for idx, storableRole := range storableRoles {
-		roles[idx] = roletypes.NewRoleFromStorableRole(storableRole)
-	}
-
-	return roles, nil
-}
-
-func (getter *getter) ListByOrgIDAndNames(ctx context.Context, orgID valuer.UUID, names []string) ([]*roletypes.Role, error) {
-	storableRoles, err := getter.store.ListByOrgIDAndNames(ctx, orgID, names)
-	if err != nil {
-		return nil, err
-	}
-
-	roles := make([]*roletypes.Role, len(storableRoles))
-	for idx, storable := range storableRoles {
-		roles[idx] = roletypes.NewRoleFromStorableRole(storable)
-	}
-
-	return roles, nil
-}

pkg/modules/role/implrole/granter.go

@@ -1,83 +0,0 @@
-package implrole
-
-import (
-	"context"
-
-	"github.com/SigNoz/signoz/pkg/authz"
-	"github.com/SigNoz/signoz/pkg/modules/role"
-	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/roletypes"
-	"github.com/SigNoz/signoz/pkg/valuer"
-)
-
-type granter struct {
-	store roletypes.Store
-	authz authz.AuthZ
-}
-
-func NewGranter(store roletypes.Store, authz authz.AuthZ) role.Granter {
-	return &granter{store: store, authz: authz}
-}
-
-func (granter *granter) Grant(ctx context.Context, orgID valuer.UUID, name string, subject string) error {
-	tuples, err := authtypes.TypeableRole.Tuples(
-		subject,
-		authtypes.RelationAssignee,
-		[]authtypes.Selector{
-			authtypes.MustNewSelector(authtypes.TypeRole, name),
-		},
-		orgID,
-	)
-	if err != nil {
-		return err
-	}
-	return granter.authz.Write(ctx, tuples, nil)
-}
-
-func (granter *granter) ModifyGrant(ctx context.Context, orgID valuer.UUID, existingRoleName string, updatedRoleName string, subject string) error {
-	err := granter.Revoke(ctx, orgID, existingRoleName, subject)
-	if err != nil {
-		return err
-	}
-
-	err = granter.Grant(ctx, orgID, updatedRoleName, subject)
-	if err != nil {
-		return err
-	}
-
-	return nil
-}
-
-func (granter *granter) Revoke(ctx context.Context, orgID valuer.UUID, name string, subject string) error {
-	tuples, err := authtypes.TypeableRole.Tuples(
-		subject,
-		authtypes.RelationAssignee,
-		[]authtypes.Selector{
-			authtypes.MustNewSelector(authtypes.TypeRole, name),
-		},
-		orgID,
-	)
-	if err != nil {
-		return err
-	}
-	return granter.authz.Write(ctx, nil, tuples)
-}
-
-func (granter *granter) CreateManagedRoles(ctx context.Context, _ valuer.UUID, managedRoles []*roletypes.Role) error {
-	err := granter.store.RunInTx(ctx, func(ctx context.Context) error {
-		for _, role := range managedRoles {
-			err := granter.store.Create(ctx, roletypes.NewStorableRoleFromRole(role))
-			if err != nil {
-				return err
-			}
-		}
-
-		return nil
-	})
-
-	if err != nil {
-		return err
-	}
-
-	return nil
-}

pkg/modules/role/implrole/setter.go

@@ -1,53 +0,0 @@
-package implrole
-
-import (
-	"context"
-
-	"github.com/SigNoz/signoz/pkg/authz"
-	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/SigNoz/signoz/pkg/modules/role"
-	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/roletypes"
-	"github.com/SigNoz/signoz/pkg/valuer"
-)
-
-type setter struct {
-	store roletypes.Store
-	authz authz.AuthZ
-}
-
-func NewSetter(store roletypes.Store, authz authz.AuthZ) role.Setter {
-	return &setter{store: store, authz: authz}
-}
-
-func (setter *setter) Create(_ context.Context, _ valuer.UUID, _ *roletypes.Role) error {
-	return errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
-}
-
-func (setter *setter) GetOrCreate(_ context.Context, _ valuer.UUID, _ *roletypes.Role) (*roletypes.Role, error) {
-	return nil, errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
-}
-
-func (setter *setter) GetResources(_ context.Context) []*authtypes.Resource {
-	return nil
-}
-
-func (setter *setter) GetObjects(ctx context.Context, orgID valuer.UUID, id valuer.UUID, relation authtypes.Relation) ([]*authtypes.Object, error) {
-	return nil, errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
-}
-
-func (setter *setter) Patch(_ context.Context, _ valuer.UUID, _ *roletypes.Role) error {
-	return errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
-}
-
-func (setter *setter) PatchObjects(_ context.Context, _ valuer.UUID, _ string, _ authtypes.Relation, _, _ []*authtypes.Object) error {
-	return errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
-}
-
-func (setter *setter) Delete(_ context.Context, _ valuer.UUID, _ valuer.UUID) error {
-	return errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
-}
-
-func (setter *setter) MustGetTypeables() []authtypes.Typeable {
-	return nil
-}

pkg/modules/role/role.go

@@ -1,85 +0,0 @@
-package role
-
-import (
-	"context"
-	"net/http"
-
-	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/roletypes"
-	"github.com/SigNoz/signoz/pkg/valuer"
-)
-
-type Setter interface {
-	// Creates the role.
-	Create(context.Context, valuer.UUID, *roletypes.Role) error
-
-	// Gets the role if it exists or creates one.
-	GetOrCreate(context.Context, valuer.UUID, *roletypes.Role) (*roletypes.Role, error)
-
-	// Gets the objects associated with the given role and relation.
-	GetObjects(context.Context, valuer.UUID, valuer.UUID, authtypes.Relation) ([]*authtypes.Object, error)
-
-	// Gets all the typeable resources registered from role registry.
-	GetResources(context.Context) []*authtypes.Resource
-
-	// Patches the role.
-	Patch(context.Context, valuer.UUID, *roletypes.Role) error
-
-	// Patches the objects in authorization server associated with the given role and relation
-	PatchObjects(context.Context, valuer.UUID, string, authtypes.Relation, []*authtypes.Object, []*authtypes.Object) error
-
-	// Deletes the role and tuples in authorization server.
-	Delete(context.Context, valuer.UUID, valuer.UUID) error
-
-	RegisterTypeable
-}
-
-type Getter interface {
-	// Gets the role
-	Get(context.Context, valuer.UUID, valuer.UUID) (*roletypes.Role, error)
-
-	// Gets the role by org_id and name
-	GetByOrgIDAndName(context.Context, valuer.UUID, string) (*roletypes.Role, error)
-
-	// Lists all the roles for the organization.
-	List(context.Context, valuer.UUID) ([]*roletypes.Role, error)
-
-	//  Lists all the roles for the organization filtered by name
-	ListByOrgIDAndNames(context.Context, valuer.UUID, []string) ([]*roletypes.Role, error)
-}
-
-type Granter interface {
-	// Grants a role to the subject based on role name.
-	Grant(context.Context, valuer.UUID, string, string) error
-
-	// Revokes a granted role from the subject based on role name.
-	Revoke(context.Context, valuer.UUID, string, string) error
-
-	// Changes the granted role for the subject based on role name.
-	ModifyGrant(context.Context, valuer.UUID, string, string, string) error
-
-	// Bootstrap the managed roles.
-	CreateManagedRoles(context.Context, valuer.UUID, []*roletypes.Role) error
-}
-
-type RegisterTypeable interface {
-	MustGetTypeables() []authtypes.Typeable
-}
-
-type Handler interface {
-	Create(http.ResponseWriter, *http.Request)
-
-	Get(http.ResponseWriter, *http.Request)
-
-	GetObjects(http.ResponseWriter, *http.Request)
-
-	GetResources(http.ResponseWriter, *http.Request)
-
-	List(http.ResponseWriter, *http.Request)
-
-	Patch(http.ResponseWriter, *http.Request)
-
-	PatchObjects(http.ResponseWriter, *http.Request)
-
-	Delete(http.ResponseWriter, *http.Request)
-}

pkg/modules/user/impluser/module.go

@@ -8,11 +8,11 @@ import (
 	"time"
 
 	"github.com/SigNoz/signoz/pkg/analytics"
+	"github.com/SigNoz/signoz/pkg/authz"
 	"github.com/SigNoz/signoz/pkg/emailing"
 	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/factory"
 	"github.com/SigNoz/signoz/pkg/modules/organization"
-	"github.com/SigNoz/signoz/pkg/modules/role"
 	"github.com/SigNoz/signoz/pkg/modules/user"
 	root "github.com/SigNoz/signoz/pkg/modules/user"
 	"github.com/SigNoz/signoz/pkg/tokenizer"
@@ -32,13 +32,13 @@ type Module struct {
 	emailing  emailing.Emailing
 	settings  factory.ScopedProviderSettings
 	orgSetter organization.Setter
-	granter   role.Granter
+	authz     authz.AuthZ
 	analytics analytics.Analytics
 	config    user.Config
 }
 
 // This module is a WIP, don't take inspiration from this.
-func NewModule(store types.UserStore, tokenizer tokenizer.Tokenizer, emailing emailing.Emailing, providerSettings factory.ProviderSettings, orgSetter organization.Setter, granter role.Granter, analytics analytics.Analytics, config user.Config) root.Module {
+func NewModule(store types.UserStore, tokenizer tokenizer.Tokenizer, emailing emailing.Emailing, providerSettings factory.ProviderSettings, orgSetter organization.Setter, authz authz.AuthZ, analytics analytics.Analytics, config user.Config) root.Module {
 	settings := factory.NewScopedProviderSettings(providerSettings, "github.com/SigNoz/signoz/pkg/modules/user/impluser")
 	return &Module{
 		store:     store,
@@ -47,7 +47,7 @@ func NewModule(store types.UserStore, tokenizer tokenizer.Tokenizer, emailing em
 		settings:  settings,
 		orgSetter: orgSetter,
 		analytics: analytics,
-		granter:   granter,
+		authz:     authz,
 		config:    config,
 	}
 }
@@ -172,7 +172,7 @@ func (module *Module) CreateUser(ctx context.Context, input *types.User, opts ..
 	createUserOpts := root.NewCreateUserOptions(opts...)
 
 	// since assign is idempotant multiple calls to assign won't cause issues in case of retries.
-	err := module.granter.Grant(ctx, input.OrgID, roletypes.MustGetSigNozManagedRoleFromExistingRole(input.Role), authtypes.MustNewSubject(authtypes.TypeableUser, input.ID.StringValue(), input.OrgID, nil))
+	err := module.authz.Grant(ctx, input.OrgID, roletypes.MustGetSigNozManagedRoleFromExistingRole(input.Role), authtypes.MustNewSubject(authtypes.TypeableUser, input.ID.StringValue(), input.OrgID, nil))
 	if err != nil {
 		return err
 	}
@@ -238,7 +238,7 @@ func (m *Module) UpdateUser(ctx context.Context, orgID valuer.UUID, id string, u
 	}
 
 	if user.Role != existingUser.Role {
-		err = m.granter.ModifyGrant(ctx,
+		err = m.authz.ModifyGrant(ctx,
 			orgID,
 			roletypes.MustGetSigNozManagedRoleFromExistingRole(existingUser.Role),
 			roletypes.MustGetSigNozManagedRoleFromExistingRole(user.Role),
@@ -301,7 +301,7 @@ func (module *Module) DeleteUser(ctx context.Context, orgID valuer.UUID, id stri
 	}
 
 	// since revoke is idempotant multiple calls to revoke won't cause issues in case of retries
-	err = module.granter.Revoke(ctx, orgID, roletypes.MustGetSigNozManagedRoleFromExistingRole(user.Role), authtypes.MustNewSubject(authtypes.TypeableUser, id, orgID, nil))
+	err = module.authz.Revoke(ctx, orgID, roletypes.MustGetSigNozManagedRoleFromExistingRole(user.Role), authtypes.MustNewSubject(authtypes.TypeableUser, id, orgID, nil))
 	if err != nil {
 		return err
 	}
@@ -504,14 +504,14 @@ func (module *Module) CreateFirstUser(ctx context.Context, organization *types.O
 	}
 
 	managedRoles := roletypes.NewManagedRoles(organization.ID)
-	err = module.granter.Grant(ctx, organization.ID, roletypes.SigNozAdminRoleName, authtypes.MustNewSubject(authtypes.TypeableUser, user.ID.StringValue(), user.OrgID, nil))
+	err = module.authz.CreateManagedUserRoleTransactions(ctx, organization.ID, user.ID)
 	if err != nil {
 		return nil, err
 	}
 
 	if err = module.store.RunInTx(ctx, func(ctx context.Context) error {
 		err = module.orgSetter.Create(ctx, organization, func(ctx context.Context, orgID valuer.UUID) error {
-			err = module.granter.CreateManagedRoles(ctx, orgID, managedRoles)
+			err = module.authz.CreateManagedRoles(ctx, orgID, managedRoles)
 			if err != nil {
 				return err
 			}

pkg/query-service/app/clickhouseReader/reader.go

@@ -830,7 +830,7 @@ func (r *ClickHouseReader) GetUsage(ctx context.Context, queryParams *model.GetU
 
 func (r *ClickHouseReader) GetSpansForTrace(ctx context.Context, traceID string, traceDetailsQuery string) ([]model.SpanItemV2, *model.ApiError) {
 	var traceSummary model.TraceSummary
-	summaryQuery := fmt.Sprintf("SELECT * from %s.%s WHERE trace_id=$1", r.TraceDB, r.traceSummaryTable)
+	summaryQuery := fmt.Sprintf("SELECT * from %s.%s FINAL WHERE trace_id=$1", r.TraceDB, r.traceSummaryTable)
 	err := r.db.QueryRow(ctx, summaryQuery, traceID).Scan(&traceSummary.TraceID, &traceSummary.Start, &traceSummary.End, &traceSummary.NumSpans)
 	if err != nil {
 		if err == sql.ErrNoRows {
@@ -6458,7 +6458,7 @@ func (r *ClickHouseReader) SearchTraces(ctx context.Context, params *model.Searc
 	}
 
 	var traceSummary model.TraceSummary
-	summaryQuery := fmt.Sprintf("SELECT * from %s.%s WHERE trace_id=$1", r.TraceDB, r.traceSummaryTable)
+	summaryQuery := fmt.Sprintf("SELECT * from %s.%s FINAL WHERE trace_id=$1", r.TraceDB, r.traceSummaryTable)
 	err := r.db.QueryRow(ctx, summaryQuery, params.TraceID).Scan(&traceSummary.TraceID, &traceSummary.Start, &traceSummary.End, &traceSummary.NumSpans)
 	if err != nil {
 		if err == sql.ErrNoRows {

pkg/query-service/app/http_handler.go

@@ -25,7 +25,6 @@ import (
 	"time"
 
 	"github.com/SigNoz/signoz/pkg/alertmanager"
-	"github.com/SigNoz/signoz/pkg/apis/fields"
 	errorsV2 "github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/http/middleware"
 	"github.com/SigNoz/signoz/pkg/http/render"
@@ -69,7 +68,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/types/opamptypes"
 	"github.com/SigNoz/signoz/pkg/types/pipelinetypes"
 	qbtypes "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
-	ruletypes "github.com/SigNoz/signoz/pkg/types/ruletypes"
+	"github.com/SigNoz/signoz/pkg/types/ruletypes"
 	traceFunnels "github.com/SigNoz/signoz/pkg/types/tracefunneltypes"
 
 	"go.uber.org/zap"
@@ -104,10 +103,11 @@ type APIHandler struct {
 	querierV2    interfaces.Querier
 	queryBuilder *queryBuilder.QueryBuilder
 
-	// temporalityMap is a map of metric name to temporality
-	// to avoid fetching temporality for the same metric multiple times
-	// querying the v4 table on low cardinal temporality column
-	// should be fast but we can still avoid the query if we have the data in memory
+	// temporalityMap is a map of metric name to temporality to avoid fetching
+	// temporality for the same metric multiple times.
+	//
+	// Querying the v4 table on a low cardinal temporality column should be
+	// fast, but we can still avoid the query if we have the data in memory.
 	temporalityMap map[string]map[v3.Temporality]bool
 	temporalityMux sync.Mutex
 
@@ -145,8 +145,6 @@ type APIHandler struct {
 
 	LicensingAPI licensing.API
 
-	FieldsAPI *fields.API
-
 	QuerierAPI *querierAPI.API
 
 	QueryParserAPI *queryparser.API
@@ -177,8 +175,6 @@ type APIHandlerOpts struct {
 
 	LicensingAPI licensing.API
 
-	FieldsAPI *fields.API
-
 	QuerierAPI *querierAPI.API
 
 	QueryParserAPI *queryparser.API
@@ -243,7 +239,6 @@ func NewAPIHandler(opts APIHandlerOpts) (*APIHandler, error) {
 		AlertmanagerAPI:               opts.AlertmanagerAPI,
 		LicensingAPI:                  opts.LicensingAPI,
 		Signoz:                        opts.Signoz,
-		FieldsAPI:                     opts.FieldsAPI,
 		QuerierAPI:                    opts.QuerierAPI,
 		QueryParserAPI:                opts.QueryParserAPI,
 	}
@@ -399,13 +394,6 @@ func (aH *APIHandler) RegisterQueryRangeV3Routes(router *mux.Router, am *middlew
 	subRouter.HandleFunc("/logs/livetail", am.ViewAccess(aH.QuerierAPI.QueryRawStream)).Methods(http.MethodGet)
 }
 
-func (aH *APIHandler) RegisterFieldsRoutes(router *mux.Router, am *middleware.AuthZ) {
-	subRouter := router.PathPrefix("/api/v1").Subrouter()
-
-	subRouter.HandleFunc("/fields/keys", am.ViewAccess(aH.FieldsAPI.GetFieldsKeys)).Methods(http.MethodGet)
-	subRouter.HandleFunc("/fields/values", am.ViewAccess(aH.FieldsAPI.GetFieldsValues)).Methods(http.MethodGet)
-}
-
 func (aH *APIHandler) RegisterInfraMetricsRoutes(router *mux.Router, am *middleware.AuthZ) {
 	hostsSubRouter := router.PathPrefix("/api/v1/hosts").Subrouter()
 	hostsSubRouter.HandleFunc("/attribute_keys", am.ViewAccess(aH.getHostAttributeKeys)).Methods(http.MethodGet)
@@ -1023,7 +1011,7 @@ func (aH *APIHandler) getRuleStateHistory(w http.ResponseWriter, r *http.Request
 			// the query range is calculated based on the rule's evalWindow and evalDelay
 			// alerts have 2 minutes delay built in, so we need to subtract that from the start time
 			// to get the correct query range
-			start := end.Add(-time.Duration(rule.EvalWindow)).Add(-3 * time.Minute)
+			start := end.Add(-rule.EvalWindow.Duration() - 3*time.Minute)
 			if rule.AlertType == ruletypes.AlertTypeLogs {
 				if rule.Version != "v5" {
 					res.Items[idx].RelatedLogsLink = contextlinks.PrepareLinksToLogs(start, end, newFilters)
@@ -1230,12 +1218,12 @@ func (aH *APIHandler) Get(rw http.ResponseWriter, r *http.Request) {
 
 	dashboard := new(dashboardtypes.Dashboard)
 	if aH.CloudIntegrationsController.IsCloudIntegrationDashboardUuid(id) {
-		cloudintegrationDashboard, apiErr := aH.CloudIntegrationsController.GetDashboardById(ctx, orgID, id)
+		cloudIntegrationDashboard, apiErr := aH.CloudIntegrationsController.GetDashboardById(ctx, orgID, id)
 		if apiErr != nil {
 			render.Error(rw, errorsV2.Wrapf(apiErr, errorsV2.TypeInternal, errorsV2.CodeInternal, "failed to get dashboard"))
 			return
 		}
-		dashboard = cloudintegrationDashboard
+		dashboard = cloudIntegrationDashboard
 	} else if aH.IntegrationsController.IsInstalledIntegrationDashboardID(id) {
 		integrationDashboard, apiErr := aH.IntegrationsController.GetInstalledIntegrationDashboardById(ctx, orgID, id)
 		if apiErr != nil {
@@ -1564,13 +1552,13 @@ func (aH *APIHandler) queryMetrics(w http.ResponseWriter, r *http.Request) {
 		RespondError(w, &model.ApiError{Typ: model.ErrorExec, Err: res.Err}, nil)
 	}
 
-	response_data := &model.QueryData{
+	responseData := &model.QueryData{
 		ResultType: res.Value.Type(),
 		Result:     res.Value,
 		Stats:      qs,
 	}
 
-	aH.Respond(w, response_data)
+	aH.Respond(w, responseData)
 
 }
 
@@ -2652,12 +2640,12 @@ func (aH *APIHandler) getProducerData(w http.ResponseWriter, r *http.Request) {
 	}
 
 	var result []*v3.Result
-	var errQuriesByName map[string]error
+	var errQueriesByName map[string]error
 
-	result, errQuriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
+	result, errQueriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
 	if err != nil {
 		apiErrObj := &model.ApiError{Typ: model.ErrorBadData, Err: err}
-		RespondError(w, apiErrObj, errQuriesByName)
+		RespondError(w, apiErrObj, errQueriesByName)
 		return
 	}
 	result = postprocess.TransformToTableForClickHouseQueries(result)
@@ -2705,12 +2693,12 @@ func (aH *APIHandler) getConsumerData(w http.ResponseWriter, r *http.Request) {
 	}
 
 	var result []*v3.Result
-	var errQuriesByName map[string]error
+	var errQueriesByName map[string]error
 
-	result, errQuriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
+	result, errQueriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
 	if err != nil {
 		apiErrObj := &model.ApiError{Typ: model.ErrorBadData, Err: err}
-		RespondError(w, apiErrObj, errQuriesByName)
+		RespondError(w, apiErrObj, errQueriesByName)
 		return
 	}
 	result = postprocess.TransformToTableForClickHouseQueries(result)
@@ -2759,12 +2747,12 @@ func (aH *APIHandler) getPartitionOverviewLatencyData(w http.ResponseWriter, r *
 	}
 
 	var result []*v3.Result
-	var errQuriesByName map[string]error
+	var errQueriesByName map[string]error
 
-	result, errQuriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
+	result, errQueriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
 	if err != nil {
 		apiErrObj := &model.ApiError{Typ: model.ErrorBadData, Err: err}
-		RespondError(w, apiErrObj, errQuriesByName)
+		RespondError(w, apiErrObj, errQueriesByName)
 		return
 	}
 	result = postprocess.TransformToTableForClickHouseQueries(result)
@@ -2813,12 +2801,12 @@ func (aH *APIHandler) getConsumerPartitionLatencyData(w http.ResponseWriter, r *
 	}
 
 	var result []*v3.Result
-	var errQuriesByName map[string]error
+	var errQueriesByName map[string]error
 
-	result, errQuriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
+	result, errQueriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
 	if err != nil {
 		apiErrObj := &model.ApiError{Typ: model.ErrorBadData, Err: err}
-		RespondError(w, apiErrObj, errQuriesByName)
+		RespondError(w, apiErrObj, errQueriesByName)
 		return
 	}
 	result = postprocess.TransformToTableForClickHouseQueries(result)
@@ -2870,12 +2858,12 @@ func (aH *APIHandler) getProducerThroughputOverview(w http.ResponseWriter, r *ht
 	}
 
 	var result []*v3.Result
-	var errQuriesByName map[string]error
+	var errQueriesByName map[string]error
 
-	result, errQuriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, producerQueryRangeParams)
+	result, errQueriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, producerQueryRangeParams)
 	if err != nil {
 		apiErrObj := &model.ApiError{Typ: model.ErrorBadData, Err: err}
-		RespondError(w, apiErrObj, errQuriesByName)
+		RespondError(w, apiErrObj, errQueriesByName)
 		return
 	}
 
@@ -2981,12 +2969,12 @@ func (aH *APIHandler) getProducerThroughputDetails(w http.ResponseWriter, r *htt
 	}
 
 	var result []*v3.Result
-	var errQuriesByName map[string]error
+	var errQueriesByName map[string]error
 
-	result, errQuriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
+	result, errQueriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
 	if err != nil {
 		apiErrObj := &model.ApiError{Typ: model.ErrorBadData, Err: err}
-		RespondError(w, apiErrObj, errQuriesByName)
+		RespondError(w, apiErrObj, errQueriesByName)
 		return
 	}
 	result = postprocess.TransformToTableForClickHouseQueries(result)
@@ -3035,12 +3023,12 @@ func (aH *APIHandler) getConsumerThroughputOverview(w http.ResponseWriter, r *ht
 	}
 
 	var result []*v3.Result
-	var errQuriesByName map[string]error
+	var errQueriesByName map[string]error
 
-	result, errQuriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
+	result, errQueriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
 	if err != nil {
 		apiErrObj := &model.ApiError{Typ: model.ErrorBadData, Err: err}
-		RespondError(w, apiErrObj, errQuriesByName)
+		RespondError(w, apiErrObj, errQueriesByName)
 		return
 	}
 	result = postprocess.TransformToTableForClickHouseQueries(result)
@@ -3089,12 +3077,12 @@ func (aH *APIHandler) getConsumerThroughputDetails(w http.ResponseWriter, r *htt
 	}
 
 	var result []*v3.Result
-	var errQuriesByName map[string]error
+	var errQueriesByName map[string]error
 
-	result, errQuriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
+	result, errQueriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
 	if err != nil {
 		apiErrObj := &model.ApiError{Typ: model.ErrorBadData, Err: err}
-		RespondError(w, apiErrObj, errQuriesByName)
+		RespondError(w, apiErrObj, errQueriesByName)
 		return
 	}
 	result = postprocess.TransformToTableForClickHouseQueries(result)
@@ -3149,12 +3137,12 @@ func (aH *APIHandler) getProducerConsumerEval(w http.ResponseWriter, r *http.Req
 	}
 
 	var result []*v3.Result
-	var errQuriesByName map[string]error
+	var errQueriesByName map[string]error
 
-	result, errQuriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
+	result, errQueriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
 	if err != nil {
 		apiErrObj := &model.ApiError{Typ: model.ErrorBadData, Err: err}
-		RespondError(w, apiErrObj, errQuriesByName)
+		RespondError(w, apiErrObj, errQueriesByName)
 		return
 	}
 
@@ -4138,11 +4126,11 @@ func (aH *APIHandler) ListLogsPipelinesHandler(w http.ResponseWriter, r *http.Re
 	aH.Respond(w, payload)
 }
 
-// listLogsPipelines lists logs piplines for latest version
+// listLogsPipelines lists logs pipelines for latest version
 func (aH *APIHandler) listLogsPipelines(ctx context.Context, orgID valuer.UUID) (
 	*logparsingpipeline.PipelinesResponse, error,
 ) {
-	// get lateset agent config
+	// get latest agent config
 	latestVersion := -1
 	lastestConfig, err := agentConf.GetLatestVersion(ctx, orgID, opamptypes.ElementTypeLogPipelines)
 	if err != nil && !errorsV2.Ast(err, errorsV2.TypeNotFound) {
@@ -4439,7 +4427,7 @@ func (aH *APIHandler) queryRangeV3(ctx context.Context, queryRangeParams *v3.Que
 	}
 
 	var result []*v3.Result
-	var errQuriesByName map[string]error
+	var errQueriesByName map[string]error
 	var spanKeys map[string]v3.AttributeKey
 	if queryRangeParams.CompositeQuery.QueryType == v3.QueryTypeBuilder {
 		hasLogsQuery := false
@@ -4456,7 +4444,7 @@ func (aH *APIHandler) queryRangeV3(ctx context.Context, queryRangeParams *v3.Que
 		if logsv3.EnrichmentRequired(queryRangeParams) && hasLogsQuery {
 			logsFields, apiErr := aH.reader.GetLogFieldsFromNames(ctx, logsv3.GetFieldNames(queryRangeParams.CompositeQuery))
 			if apiErr != nil {
-				RespondError(w, apiErr, errQuriesByName)
+				RespondError(w, apiErr, errQueriesByName)
 				return
 			}
 			// get the fields if any logs query is present
@@ -4467,7 +4455,7 @@ func (aH *APIHandler) queryRangeV3(ctx context.Context, queryRangeParams *v3.Que
 			spanKeys, err = aH.getSpanKeysV3(ctx, queryRangeParams)
 			if err != nil {
 				apiErrObj := &model.ApiError{Typ: model.ErrorInternal, Err: err}
-				RespondError(w, apiErrObj, errQuriesByName)
+				RespondError(w, apiErrObj, errQueriesByName)
 				return
 			}
 			tracesV4.Enrich(queryRangeParams, spanKeys)
@@ -4512,11 +4500,11 @@ func (aH *APIHandler) queryRangeV3(ctx context.Context, queryRangeParams *v3.Que
 		}
 	}
 
-	result, errQuriesByName, err = aH.querier.QueryRange(ctx, orgID, queryRangeParams)
+	result, errQueriesByName, err = aH.querier.QueryRange(ctx, orgID, queryRangeParams)
 
 	if err != nil {
 		queryErrors := map[string]string{}
-		for name, err := range errQuriesByName {
+		for name, err := range errQueriesByName {
 			queryErrors[fmt.Sprintf("Query-%s", name)] = err.Error()
 		}
 		apiErrObj := &model.ApiError{Typ: model.ErrorInternal, Err: err}
@@ -4792,7 +4780,7 @@ func (aH *APIHandler) queryRangeV4(ctx context.Context, queryRangeParams *v3.Que
 	}
 
 	var result []*v3.Result
-	var errQuriesByName map[string]error
+	var errQueriesByName map[string]error
 	var spanKeys map[string]v3.AttributeKey
 	if queryRangeParams.CompositeQuery.QueryType == v3.QueryTypeBuilder {
 		hasLogsQuery := false
@@ -4822,7 +4810,7 @@ func (aH *APIHandler) queryRangeV4(ctx context.Context, queryRangeParams *v3.Que
 			spanKeys, err = aH.getSpanKeysV3(ctx, queryRangeParams)
 			if err != nil {
 				apiErrObj := &model.ApiError{Typ: model.ErrorInternal, Err: err}
-				RespondError(w, apiErrObj, errQuriesByName)
+				RespondError(w, apiErrObj, errQueriesByName)
 				return
 			}
 			tracesV4.Enrich(queryRangeParams, spanKeys)
@@ -4845,11 +4833,11 @@ func (aH *APIHandler) queryRangeV4(ctx context.Context, queryRangeParams *v3.Que
 		}
 	}
 
-	result, errQuriesByName, err = aH.querierV2.QueryRange(ctx, orgID, queryRangeParams)
+	result, errQueriesByName, err = aH.querierV2.QueryRange(ctx, orgID, queryRangeParams)
 
 	if err != nil {
 		queryErrors := map[string]string{}
-		for name, err := range errQuriesByName {
+		for name, err := range errQueriesByName {
 			queryErrors[fmt.Sprintf("Query-%s", name)] = err.Error()
 		}
 		apiErrObj := &model.ApiError{Typ: model.ErrorInternal, Err: err}
@@ -4866,7 +4854,7 @@ func (aH *APIHandler) queryRangeV4(ctx context.Context, queryRangeParams *v3.Que
 
 	if err != nil {
 		apiErrObj := &model.ApiError{Typ: model.ErrorBadData, Err: err}
-		RespondError(w, apiErrObj, errQuriesByName)
+		RespondError(w, apiErrObj, errQueriesByName)
 		return
 	}
 	aH.sendQueryResultEvents(r, result, queryRangeParams, "v4")

pkg/query-service/app/server.go

@@ -17,7 +17,6 @@ import (
 	"github.com/gorilla/handlers"
 
 	"github.com/SigNoz/signoz/pkg/alertmanager"
-	"github.com/SigNoz/signoz/pkg/apis/fields"
 	"github.com/SigNoz/signoz/pkg/cache"
 	"github.com/SigNoz/signoz/pkg/http/middleware"
 	"github.com/SigNoz/signoz/pkg/licensing/nooplicensing"
@@ -133,7 +132,6 @@ func NewServer(config signoz.Config, signoz *signoz.SigNoz) (*Server, error) {
 		FluxInterval:                  config.Querier.FluxInterval,
 		AlertmanagerAPI:               alertmanager.NewAPI(signoz.Alertmanager),
 		LicensingAPI:                  nooplicensing.NewLicenseAPI(),
-		FieldsAPI:                     fields.NewAPI(signoz.Instrumentation.ToProviderSettings(), signoz.TelemetryStore),
 		Signoz:                        signoz,
 		QuerierAPI:                    querierAPI.NewAPI(signoz.Instrumentation.ToProviderSettings(), signoz.Querier, signoz.Analytics),
 		QueryParserAPI:                queryparser.NewAPI(signoz.Instrumentation.ToProviderSettings(), signoz.QueryParser),
@@ -209,13 +207,12 @@ func (s *Server) createPublicServer(api *APIHandler, web web.Web) (*http.Server,
 	r.Use(middleware.NewLogging(s.signoz.Instrumentation.Logger(), s.config.APIServer.Logging.ExcludedRoutes).Wrap)
 	r.Use(middleware.NewComment().Wrap)
 
-	am := middleware.NewAuthZ(s.signoz.Instrumentation.Logger(), s.signoz.Modules.OrgGetter, s.signoz.Authz, s.signoz.Modules.RoleGetter)
+	am := middleware.NewAuthZ(s.signoz.Instrumentation.Logger(), s.signoz.Modules.OrgGetter, s.signoz.Authz)
 
 	api.RegisterRoutes(r, am)
 	api.RegisterLogsRoutes(r, am)
 	api.RegisterIntegrationRoutes(r, am)
 	api.RegisterCloudIntegrationsRoutes(r, am)
-	api.RegisterFieldsRoutes(r, am)
 	api.RegisterQueryRangeV3Routes(r, am)
 	api.RegisterInfraMetricsRoutes(r, am)
 	api.RegisterWebSocketPaths(r, am)

pkg/query-service/constants/constants.go

@@ -5,10 +5,10 @@ import (
 	"os"
 	"regexp"
 	"strconv"
-	"time"
 
 	"github.com/SigNoz/signoz/pkg/query-service/model"
 	v3 "github.com/SigNoz/signoz/pkg/query-service/model/v3"
+	"github.com/SigNoz/signoz/pkg/valuer"
 )
 
 const (
@@ -40,11 +40,11 @@ const NormalizedMetricsMapQueryThreads = 10
 var NormalizedMetricsMapRegex = regexp.MustCompile(`[^a-zA-Z0-9]`)
 var NormalizedMetricsMapQuantileRegex = regexp.MustCompile(`(?i)([._-]?quantile.*)$`)
 
-func GetEvalDelay() time.Duration {
+func GetEvalDelay() valuer.TextDuration {
 	evalDelayStr := GetOrDefaultEnv("RULES_EVAL_DELAY", "2m")
-	evalDelayDuration, err := time.ParseDuration(evalDelayStr)
+	evalDelayDuration, err := valuer.ParseTextDuration(evalDelayStr)
 	if err != nil {
-		return 0
+		return valuer.TextDuration{}
 	}
 	return evalDelayDuration
 }

pkg/query-service/rules/base_rule.go

@@ -40,13 +40,13 @@ type BaseRule struct {
 	// evalWindow is the time window used for evaluating the rule
 	// i.e. each time we lookback from the current time, we look at data for the last
 	// evalWindow duration
-	evalWindow time.Duration
+	evalWindow valuer.TextDuration
 	// holdDuration is the duration for which the alert waits before firing
-	holdDuration time.Duration
+	holdDuration valuer.TextDuration
 
 	// evalDelay is the delay in evaluation of the rule
 	// this is useful in cases where the data is not available immediately
-	evalDelay time.Duration
+	evalDelay valuer.TextDuration
 
 	// holds the static set of labels and annotations for the rule
 	// these are the same for all alerts created for this rule
@@ -94,7 +94,7 @@ type BaseRule struct {
 	evaluation ruletypes.Evaluation
 
 	// newGroupEvalDelay is the grace period for new alert groups
-	newGroupEvalDelay *time.Duration
+	newGroupEvalDelay valuer.TextDuration
 
 	queryParser queryparser.QueryParser
 }
@@ -113,7 +113,7 @@ func WithSendUnmatched() RuleOption {
 	}
 }
 
-func WithEvalDelay(dur time.Duration) RuleOption {
+func WithEvalDelay(dur valuer.TextDuration) RuleOption {
 	return func(r *BaseRule) {
 		r.evalDelay = dur
 	}
@@ -163,7 +163,7 @@ func NewBaseRule(id string, orgID valuer.UUID, p *ruletypes.PostableRule, reader
 		source:            p.Source,
 		typ:               p.AlertType,
 		ruleCondition:     p.RuleCondition,
-		evalWindow:        time.Duration(p.EvalWindow),
+		evalWindow:        p.EvalWindow,
 		labels:            qslabels.FromMap(p.Labels),
 		annotations:       qslabels.FromMap(p.Annotations),
 		preferredChannels: p.PreferredChannels,
@@ -176,13 +176,12 @@ func NewBaseRule(id string, orgID valuer.UUID, p *ruletypes.PostableRule, reader
 	}
 
 	// Store newGroupEvalDelay and groupBy keys from NotificationSettings
-	if p.NotificationSettings != nil && p.NotificationSettings.NewGroupEvalDelay != nil {
-		newGroupEvalDelay := time.Duration(*p.NotificationSettings.NewGroupEvalDelay)
-		baseRule.newGroupEvalDelay = &newGroupEvalDelay
+	if p.NotificationSettings != nil {
+		baseRule.newGroupEvalDelay = p.NotificationSettings.NewGroupEvalDelay
 	}
 
-	if baseRule.evalWindow == 0 {
-		baseRule.evalWindow = 5 * time.Minute
+	if baseRule.evalWindow.IsZero() {
+		baseRule.evalWindow = valuer.MustParseTextDuration("5m")
 	}
 
 	for _, opt := range opts {
@@ -245,15 +244,15 @@ func (r *BaseRule) ActiveAlertsLabelFP() map[uint64]struct{} {
 	return activeAlerts
 }
 
-func (r *BaseRule) EvalDelay() time.Duration {
+func (r *BaseRule) EvalDelay() valuer.TextDuration {
 	return r.evalDelay
 }
 
-func (r *BaseRule) EvalWindow() time.Duration {
+func (r *BaseRule) EvalWindow() valuer.TextDuration {
 	return r.evalWindow
 }
 
-func (r *BaseRule) HoldDuration() time.Duration {
+func (r *BaseRule) HoldDuration() valuer.TextDuration {
 	return r.holdDuration
 }
 
@@ -281,7 +280,7 @@ func (r *BaseRule) Timestamps(ts time.Time) (time.Time, time.Time) {
 	start := st.UnixMilli()
 	end := en.UnixMilli()
 
-	if r.evalDelay > 0 {
+	if r.evalDelay.IsPositive() {
 		start = start - r.evalDelay.Milliseconds()
 		end = end - r.evalDelay.Milliseconds()
 	}
@@ -552,7 +551,7 @@ func (r *BaseRule) PopulateTemporality(ctx context.Context, orgID valuer.UUID, q
 
 // ShouldSkipNewGroups returns true if new group filtering should be applied
 func (r *BaseRule) ShouldSkipNewGroups() bool {
-	return r.newGroupEvalDelay != nil && *r.newGroupEvalDelay > 0
+	return r.newGroupEvalDelay.IsPositive()
 }
 
 // isFilterNewSeriesSupported checks if the query is supported for new series filtering

pkg/query-service/rules/base_rule_test.go

@@ -20,7 +20,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/telemetrystore/telemetrystoretest"
 	"github.com/SigNoz/signoz/pkg/types/metrictypes"
 	qbtypes "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
-	ruletypes "github.com/SigNoz/signoz/pkg/types/ruletypes"
+	"github.com/SigNoz/signoz/pkg/types/ruletypes"
 	"github.com/SigNoz/signoz/pkg/types/telemetrytypes"
 	"github.com/SigNoz/signoz/pkg/types/telemetrytypes/telemetrytypestest"
 	"github.com/SigNoz/signoz/pkg/valuer"
@@ -124,8 +124,8 @@ func createPostableRule(compositeQuery *v3.CompositeQuery) ruletypes.PostableRul
 		Evaluation: &ruletypes.EvaluationEnvelope{
 			Kind: ruletypes.RollingEvaluation,
 			Spec: ruletypes.RollingWindow{
-				EvalWindow: ruletypes.Duration(5 * time.Minute),
-				Frequency:  ruletypes.Duration(1 * time.Minute),
+				EvalWindow: valuer.MustParseTextDuration("5m"),
+				Frequency:  valuer.MustParseTextDuration("1m"),
 			},
 		},
 		RuleCondition: &ruletypes.RuleCondition{
@@ -151,7 +151,7 @@ type filterNewSeriesTestCase struct {
 	compositeQuery    *v3.CompositeQuery
 	series            []*v3.Series
 	firstSeenMap      map[telemetrytypes.MetricMetadataLookupKey]int64
-	newGroupEvalDelay *time.Duration
+	newGroupEvalDelay valuer.TextDuration
 	evalTime          time.Time
 	expectedFiltered  []*v3.Series // series that should be in the final filtered result (old enough)
 	expectError       bool
@@ -159,7 +159,8 @@ type filterNewSeriesTestCase struct {
 
 func TestBaseRule_FilterNewSeries(t *testing.T) {
 	defaultEvalTime := time.Unix(1700000000, 0)
-	defaultDelay := 2 * time.Minute
+	defaultNewGroupEvalDelay := valuer.MustParseTextDuration("2m")
+	defaultDelay := defaultNewGroupEvalDelay.Duration()
 	defaultGroupByFields := []string{"service_name", "env"}
 
 	logger := instrumentationtest.New().Logger()
@@ -202,7 +203,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 				createFirstSeenMap("request_total", defaultGroupByFields, defaultEvalTime, defaultDelay, false, "svc-new", "prod"),
 				// svc-missing has no metadata, so it will be included
 			),
-			newGroupEvalDelay: &defaultDelay,
+			newGroupEvalDelay: defaultNewGroupEvalDelay,
 			evalTime:          defaultEvalTime,
 			expectedFiltered: []*v3.Series{
 				createTestSeries(map[string]string{"service_name": "svc-old", "env": "prod"}, nil),
@@ -234,7 +235,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 				createFirstSeenMap("request_total", defaultGroupByFields, defaultEvalTime, defaultDelay, false, "svc-new1", "prod"),
 				createFirstSeenMap("request_total", defaultGroupByFields, defaultEvalTime, defaultDelay, false, "svc-new2", "stage"),
 			),
-			newGroupEvalDelay: &defaultDelay,
+			newGroupEvalDelay: defaultNewGroupEvalDelay,
 			evalTime:          defaultEvalTime,
 			expectedFiltered:  []*v3.Series{}, // all should be filtered out (new series)
 		},
@@ -261,7 +262,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 				createFirstSeenMap("request_total", defaultGroupByFields, defaultEvalTime, defaultDelay, true, "svc-old1", "prod"),
 				createFirstSeenMap("request_total", defaultGroupByFields, defaultEvalTime, defaultDelay, true, "svc-old2", "stage"),
 			),
-			newGroupEvalDelay: &defaultDelay,
+			newGroupEvalDelay: defaultNewGroupEvalDelay,
 			evalTime:          defaultEvalTime,
 			expectedFiltered: []*v3.Series{
 				createTestSeries(map[string]string{"service_name": "svc-old1", "env": "prod"}, nil),
@@ -295,7 +296,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 				createTestSeries(map[string]string{"service_name": "svc1", "env": "prod"}, nil),
 			},
 			firstSeenMap:      make(map[telemetrytypes.MetricMetadataLookupKey]int64),
-			newGroupEvalDelay: &defaultDelay,
+			newGroupEvalDelay: defaultNewGroupEvalDelay,
 			evalTime:          defaultEvalTime,
 			expectedFiltered: []*v3.Series{
 				createTestSeries(map[string]string{"service_name": "svc1", "env": "prod"}, nil),
@@ -325,7 +326,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 				createTestSeries(map[string]string{"service_name": "svc1", "env": "prod"}, nil),
 			},
 			firstSeenMap:      make(map[telemetrytypes.MetricMetadataLookupKey]int64),
-			newGroupEvalDelay: &defaultDelay,
+			newGroupEvalDelay: defaultNewGroupEvalDelay,
 			evalTime:          defaultEvalTime,
 			expectedFiltered: []*v3.Series{
 				createTestSeries(map[string]string{"service_name": "svc1", "env": "prod"}, nil),
@@ -361,7 +362,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 				createTestSeries(map[string]string{"status": "200"}, nil), // no service_name or env
 			},
 			firstSeenMap:      make(map[telemetrytypes.MetricMetadataLookupKey]int64),
-			newGroupEvalDelay: &defaultDelay,
+			newGroupEvalDelay: defaultNewGroupEvalDelay,
 			evalTime:          defaultEvalTime,
 			expectedFiltered: []*v3.Series{
 				createTestSeries(map[string]string{"status": "200"}, nil),
@@ -390,7 +391,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 			},
 			firstSeenMap: createFirstSeenMap("request_total", defaultGroupByFields, defaultEvalTime, defaultDelay, true, "svc-old", "prod"),
 			// svc-no-metadata has no entry in firstSeenMap
-			newGroupEvalDelay: &defaultDelay,
+			newGroupEvalDelay: defaultNewGroupEvalDelay,
 			evalTime:          defaultEvalTime,
 			expectedFiltered: []*v3.Series{
 				createTestSeries(map[string]string{"service_name": "svc-old", "env": "prod"}, nil),
@@ -420,7 +421,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 				{MetricName: "request_total", AttributeName: "service_name", AttributeValue: "svc-partial"}: calculateFirstSeen(defaultEvalTime, defaultDelay, true),
 				// env metadata is missing
 			},
-			newGroupEvalDelay: &defaultDelay,
+			newGroupEvalDelay: defaultNewGroupEvalDelay,
 			evalTime:          defaultEvalTime,
 			expectedFiltered: []*v3.Series{
 				createTestSeries(map[string]string{"service_name": "svc-partial", "env": "prod"}, nil),
@@ -454,7 +455,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 			},
 			series:            []*v3.Series{},
 			firstSeenMap:      make(map[telemetrytypes.MetricMetadataLookupKey]int64),
-			newGroupEvalDelay: &defaultDelay,
+			newGroupEvalDelay: defaultNewGroupEvalDelay,
 			evalTime:          defaultEvalTime,
 			expectedFiltered:  []*v3.Series{},
 		},
@@ -488,7 +489,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 				createTestSeries(map[string]string{"service_name": "svc1", "env": "prod"}, nil),
 			},
 			firstSeenMap:      createFirstSeenMap("request_total", defaultGroupByFields, defaultEvalTime, defaultDelay, true, "svc1", "prod"),
-			newGroupEvalDelay: func() *time.Duration { d := time.Duration(0); return &d }(), // zero delay
+			newGroupEvalDelay: valuer.TextDuration{}, // zero delay
 			evalTime:          defaultEvalTime,
 			expectedFiltered: []*v3.Series{
 				createTestSeries(map[string]string{"service_name": "svc1", "env": "prod"}, nil),
@@ -532,7 +533,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 				createFirstSeenMap("request_total", defaultGroupByFields, defaultEvalTime, defaultDelay, true, "svc1", "prod"),
 				createFirstSeenMap("error_total", defaultGroupByFields, defaultEvalTime, defaultDelay, true, "svc1", "prod"),
 			),
-			newGroupEvalDelay: &defaultDelay,
+			newGroupEvalDelay: defaultNewGroupEvalDelay,
 			evalTime:          defaultEvalTime,
 			expectedFiltered: []*v3.Series{
 				createTestSeries(map[string]string{"service_name": "svc1", "env": "prod"}, nil),
@@ -572,7 +573,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 				createFirstSeenMap("request_total", []string{"service_name"}, defaultEvalTime, defaultDelay, true, "svc1"),
 				createFirstSeenMap("request_total", []string{"env"}, defaultEvalTime, defaultDelay, false, "prod"),
 			),
-			newGroupEvalDelay: &defaultDelay,
+			newGroupEvalDelay: defaultNewGroupEvalDelay,
 			evalTime:          defaultEvalTime,
 			expectedFiltered:  []*v3.Series{}, // max first_seen is new, so should be filtered out
 		},
@@ -604,7 +605,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 				createTestSeries(map[string]string{"service_name": "svc2"}, nil),
 			},
 			firstSeenMap:      make(map[telemetrytypes.MetricMetadataLookupKey]int64),
-			newGroupEvalDelay: &defaultDelay,
+			newGroupEvalDelay: defaultNewGroupEvalDelay,
 			evalTime:          defaultEvalTime,
 			expectedFiltered: []*v3.Series{
 				createTestSeries(map[string]string{"service_name": "svc1"}, nil),
@@ -639,7 +640,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 				createTestSeries(map[string]string{"service_name": "svc2"}, nil),
 			},
 			firstSeenMap:      make(map[telemetrytypes.MetricMetadataLookupKey]int64),
-			newGroupEvalDelay: &defaultDelay,
+			newGroupEvalDelay: defaultNewGroupEvalDelay,
 			evalTime:          defaultEvalTime,
 			expectedFiltered: []*v3.Series{
 				createTestSeries(map[string]string{"service_name": "svc1"}, nil),
@@ -697,20 +698,14 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 				telemetryStore,
 				prometheustest.New(context.Background(), settings, prometheus.Config{}, telemetryStore),
 				"",
-				time.Duration(time.Second),
+				time.Second,
 				nil,
 				readerCache,
 				options,
 			)
 
-			// Set newGroupEvalDelay in NotificationSettings if provided
-			if tt.newGroupEvalDelay != nil {
-				postableRule.NotificationSettings = &ruletypes.NotificationSettings{
-					NewGroupEvalDelay: func() *ruletypes.Duration {
-						d := ruletypes.Duration(*tt.newGroupEvalDelay)
-						return &d
-					}(),
-				}
+			postableRule.NotificationSettings = &ruletypes.NotificationSettings{
+				NewGroupEvalDelay: tt.newGroupEvalDelay,
 			}
 
 			// Create BaseRule using NewBaseRule

pkg/query-service/rules/manager.go

@@ -30,7 +30,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/alertmanagertypes"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	ruletypes "github.com/SigNoz/signoz/pkg/types/ruletypes"
+	"github.com/SigNoz/signoz/pkg/types/ruletypes"
 	"github.com/SigNoz/signoz/pkg/types/telemetrytypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 )
@@ -66,7 +66,7 @@ type PrepareTestRuleOptions struct {
 	OrgID            valuer.UUID
 }
 
-const taskNamesuffix = "webAppEditor"
+const taskNameSuffix = "webAppEditor"
 
 func RuleIdFromTaskName(n string) string {
 	return strings.Split(n, "-groupname")[0]
@@ -97,7 +97,7 @@ type ManagerOptions struct {
 	SLogger     *slog.Logger
 	Cache       cache.Cache
 
-	EvalDelay time.Duration
+	EvalDelay valuer.TextDuration
 
 	PrepareTaskFunc     func(opts PrepareTaskOptions) (Task, error)
 	PrepareTestRuleFunc func(opts PrepareTestRuleOptions) (int, *model.ApiError)
@@ -182,8 +182,8 @@ func defaultPrepareTaskFunc(opts PrepareTaskOptions) (Task, error) {
 
 		rules = append(rules, tr)
 
-		// create ch rule task for evalution
-		task = newTask(TaskTypeCh, opts.TaskName, taskNamesuffix, time.Duration(evaluation.GetFrequency()), rules, opts.ManagerOpts, opts.NotifyFunc, opts.MaintenanceStore, opts.OrgID)
+		// create ch rule task for evaluation
+		task = newTask(TaskTypeCh, opts.TaskName, taskNameSuffix, evaluation.GetFrequency().Duration(), rules, opts.ManagerOpts, opts.NotifyFunc, opts.MaintenanceStore, opts.OrgID)
 
 	} else if opts.Rule.RuleType == ruletypes.RuleTypeProm {
 
@@ -206,8 +206,8 @@ func defaultPrepareTaskFunc(opts PrepareTaskOptions) (Task, error) {
 
 		rules = append(rules, pr)
 
-		// create promql rule task for evalution
-		task = newTask(TaskTypeProm, opts.TaskName, taskNamesuffix, time.Duration(evaluation.GetFrequency()), rules, opts.ManagerOpts, opts.NotifyFunc, opts.MaintenanceStore, opts.OrgID)
+		// create promql rule task for evaluation
+		task = newTask(TaskTypeProm, opts.TaskName, taskNameSuffix, evaluation.GetFrequency().Duration(), rules, opts.ManagerOpts, opts.NotifyFunc, opts.MaintenanceStore, opts.OrgID)
 
 	} else {
 		return nil, fmt.Errorf("unsupported rule type %s. Supported types: %s, %s", opts.Rule.RuleType, ruletypes.RuleTypeProm, ruletypes.RuleTypeThreshold)
@@ -323,7 +323,7 @@ func (m *Manager) run(_ context.Context) {
 }
 
 // Stop the rule manager's rule evaluation cycles.
-func (m *Manager) Stop(ctx context.Context) {
+func (m *Manager) Stop(_ context.Context) {
 	m.mtx.Lock()
 	defer m.mtx.Unlock()
 
@@ -336,7 +336,7 @@ func (m *Manager) Stop(ctx context.Context) {
 	zap.L().Info("Rule manager stopped")
 }
 
-// EditRuleDefinition writes the rule definition to the
+// EditRule writes the rule definition to the
 // datastore and also updates the rule executor
 func (m *Manager) EditRule(ctx context.Context, ruleStr string, id valuer.UUID) error {
 	claims, err := authtypes.ClaimsFromContext(ctx)
@@ -643,7 +643,7 @@ func (m *Manager) addTask(_ context.Context, orgID valuer.UUID, rule *ruletypes.
 		m.rules[r.ID()] = r
 	}
 
-	// If there is an another task with the same identifier, raise an error
+	// If there is another task with the same identifier, raise an error
 	_, ok := m.tasks[taskName]
 	if ok {
 		return fmt.Errorf("a rule with the same name already exists")
@@ -678,7 +678,8 @@ func (m *Manager) RuleTasks() []Task {
 	return rgs
 }
 
-// RuleTasks returns the list of manager's rule tasks.
+// RuleTasksWithoutLock returns the list of manager's rule tasks without
+// acquiring a lock on the manager.
 func (m *Manager) RuleTasksWithoutLock() []Task {
 
 	rgs := make([]Task, 0, len(m.tasks))
@@ -889,7 +890,7 @@ func (m *Manager) syncRuleStateWithTask(ctx context.Context, orgID valuer.UUID,
 	} else {
 		// check if rule has a task running
 		if _, ok := m.tasks[taskName]; !ok {
-			// rule has not task, start one
+			// rule has no task, start one
 			if err := m.addTask(ctx, orgID, rule, taskName); err != nil {
 				return err
 			}

pkg/query-service/rules/manager_test_data.go

@@ -9,6 +9,7 @@ import (
 	qbtypes "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
 	ruletypes "github.com/SigNoz/signoz/pkg/types/ruletypes"
 	"github.com/SigNoz/signoz/pkg/types/telemetrytypes"
+	"github.com/SigNoz/signoz/pkg/valuer"
 )
 
 // ThresholdRuleTestCase defines test case structure for threshold rule test notifications
@@ -40,8 +41,8 @@ func ThresholdRuleAtLeastOnceValueAbove(target float64, recovery *float64) rulet
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: ruletypes.Duration(5 * time.Minute),
-			Frequency:  ruletypes.Duration(1 * time.Minute),
+			EvalWindow: valuer.MustParseTextDuration("5m"),
+			Frequency:  valuer.MustParseTextDuration("1m"),
 		}},
 		Labels: map[string]string{
 			"service.name": "frontend",
@@ -99,8 +100,8 @@ func BuildPromAtLeastOnceValueAbove(target float64, recovery *float64) ruletypes
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeProm,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: ruletypes.Duration(5 * time.Minute),
-			Frequency:  ruletypes.Duration(1 * time.Minute),
+			EvalWindow: valuer.MustParseTextDuration("5m"),
+			Frequency:  valuer.MustParseTextDuration("1m"),
 		}},
 		Labels: map[string]string{
 			"service.name": "frontend",

pkg/query-service/rules/prom_rule.go

@@ -28,6 +28,8 @@ type PromRule struct {
 	prometheus prometheus.Prometheus
 }
 
+var _ Rule = (*PromRule)(nil)
+
 func NewPromRule(
 	id string,
 	orgID valuer.UUID,
@@ -332,7 +334,7 @@ func (r *PromRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 			continue
 		}
 
-		if a.State == model.StatePending && ts.Sub(a.ActiveAt) >= r.holdDuration {
+		if a.State == model.StatePending && ts.Sub(a.ActiveAt) >= r.holdDuration.Duration() {
 			a.State = model.StateFiring
 			a.FiredAt = ts
 			state := model.StateFiring
@@ -396,7 +398,7 @@ func (r *PromRule) String() string {
 	ar := ruletypes.PostableRule{
 		AlertName:         r.name,
 		RuleCondition:     r.ruleCondition,
-		EvalWindow:        ruletypes.Duration(r.evalWindow),
+		EvalWindow:        r.evalWindow,
 		Labels:            r.labels.Map(),
 		Annotations:       r.annotations.Map(),
 		PreferredChannels: r.preferredChannels,

pkg/query-service/rules/prom_rule_task.go

@@ -41,12 +41,12 @@ type PromRuleTask struct {
 	orgID            valuer.UUID
 }
 
-// newPromRuleTask holds rules that have promql condition
-// and evalutes the rule at a given frequency
+// NewPromRuleTask holds rules that have promql condition
+// and evaluates the rule at a given frequency
 func NewPromRuleTask(name, file string, frequency time.Duration, rules []Rule, opts *ManagerOptions, notify NotifyFunc, maintenanceStore ruletypes.MaintenanceStore, orgID valuer.UUID) *PromRuleTask {
 	zap.L().Info("Initiating a new rule group", zap.String("name", name), zap.Duration("frequency", frequency))
 
-	if time.Now() == time.Now().Add(frequency) {
+	if frequency == 0 {
 		frequency = DefaultFrequency
 	}
 

pkg/query-service/rules/prom_rule_test.go

@@ -41,8 +41,8 @@ func TestPromRuleEval(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeProm,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: ruletypes.Duration(5 * time.Minute),
-			Frequency:  ruletypes.Duration(1 * time.Minute),
+			EvalWindow: valuer.MustParseTextDuration("5m"),
+			Frequency:  valuer.MustParseTextDuration("1m"),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -748,8 +748,8 @@ func TestPromRuleUnitCombinations(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeProm,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: ruletypes.Duration(5 * time.Minute),
-			Frequency:  ruletypes.Duration(1 * time.Minute),
+			EvalWindow: valuer.MustParseTextDuration("5m"),
+			Frequency:  valuer.MustParseTextDuration("1m"),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -1007,8 +1007,8 @@ func _Enable_this_after_9146_issue_fix_is_merged_TestPromRuleNoData(t *testing.T
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeProm,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: ruletypes.Duration(5 * time.Minute),
-			Frequency:  ruletypes.Duration(1 * time.Minute),
+			EvalWindow: valuer.MustParseTextDuration("5m"),
+			Frequency:  valuer.MustParseTextDuration("1m"),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -1118,8 +1118,8 @@ func TestMultipleThresholdPromRule(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeProm,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: ruletypes.Duration(5 * time.Minute),
-			Frequency:  ruletypes.Duration(1 * time.Minute),
+			EvalWindow: valuer.MustParseTextDuration("5m"),
+			Frequency:  valuer.MustParseTextDuration("1m"),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -1353,8 +1353,8 @@ func TestPromRule_NoData(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeProm,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: ruletypes.Duration(5 * time.Minute),
-			Frequency:  ruletypes.Duration(1 * time.Minute),
+			EvalWindow: valuer.MustParseTextDuration("5m"),
+			Frequency:  valuer.MustParseTextDuration("1m"),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompareOp: ruletypes.ValueIsAbove,
@@ -1466,7 +1466,7 @@ func TestPromRule_NoData_AbsentFor(t *testing.T) {
 	// 3. Alert fires only if t2 - t1 > AbsentFor
 
 	baseTime := time.Unix(1700000000, 0)
-	evalWindow := 5 * time.Minute
+	evalWindow := valuer.MustParseTextDuration("5m")
 
 	// Set target higher than test data (100.0) so regular threshold alerts don't fire
 	target := 500.0
@@ -1476,8 +1476,8 @@ func TestPromRule_NoData_AbsentFor(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeProm,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: ruletypes.Duration(evalWindow),
-			Frequency:  ruletypes.Duration(1 * time.Minute),
+			EvalWindow: evalWindow,
+			Frequency:  valuer.MustParseTextDuration("1m"),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompareOp:     ruletypes.ValueIsAbove,
@@ -1619,7 +1619,7 @@ func TestPromRuleEval_RequireMinPoints(t *testing.T) {
 	baseTime := time.Unix(1700000000, 0)
 	evalTime := baseTime.Add(5 * time.Minute)
 
-	evalWindow := 5 * time.Minute
+	evalWindow := valuer.MustParseTextDuration("5m")
 	lookBackDelta := time.Minute
 
 	postableRule := ruletypes.PostableRule{
@@ -1627,8 +1627,8 @@ func TestPromRuleEval_RequireMinPoints(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeProm,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: ruletypes.Duration(evalWindow),
-			Frequency:  ruletypes.Duration(time.Minute),
+			EvalWindow: evalWindow,
+			Frequency:  valuer.MustParseTextDuration("1m"),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompareOp: ruletypes.ValueIsAbove,

pkg/query-service/rules/rule.go

@@ -7,6 +7,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/query-service/model"
 	"github.com/SigNoz/signoz/pkg/query-service/utils/labels"
 	ruletypes "github.com/SigNoz/signoz/pkg/types/ruletypes"
+	"github.com/SigNoz/signoz/pkg/valuer"
 )
 
 // A Rule encapsulates a vector expression which is evaluated at a specified
@@ -19,9 +20,9 @@ type Rule interface {
 	Labels() labels.BaseLabels
 	Annotations() labels.BaseLabels
 	Condition() *ruletypes.RuleCondition
-	EvalDelay() time.Duration
-	EvalWindow() time.Duration
-	HoldDuration() time.Duration
+	EvalDelay() valuer.TextDuration
+	EvalWindow() valuer.TextDuration
+	HoldDuration() valuer.TextDuration
 	State() model.AlertState
 	ActiveAlerts() []*ruletypes.Alert
 	// ActiveAlertsLabelFP returns a map of active alert labels fingerprint

pkg/query-service/rules/rule_task.go

@@ -43,7 +43,7 @@ const DefaultFrequency = 1 * time.Minute
 // NewRuleTask makes a new RuleTask with the given name, options, and rules.
 func NewRuleTask(name, file string, frequency time.Duration, rules []Rule, opts *ManagerOptions, notify NotifyFunc, maintenanceStore ruletypes.MaintenanceStore, orgID valuer.UUID) *RuleTask {
 
-	if time.Now() == time.Now().Add(frequency) {
+	if frequency == 0 {
 		frequency = DefaultFrequency
 	}
 	zap.L().Info("initiating a new rule task", zap.String("name", name), zap.Duration("frequency", frequency))
@@ -78,6 +78,7 @@ func (g *RuleTask) Type() TaskType { return TaskTypeCh }
 func (g *RuleTask) Rules() []Rule { return g.rules }
 
 // Interval returns the group's interval.
+// TODO: remove (unused)?
 func (g *RuleTask) Interval() time.Duration { return g.frequency }
 
 func (g *RuleTask) Pause(b bool) {

pkg/query-service/rules/threshold_rule.go

@@ -61,6 +61,8 @@ type ThresholdRule struct {
 	spansKeys map[string]v3.AttributeKey
 }
 
+var _ Rule = (*ThresholdRule)(nil)
+
 func NewThresholdRule(
 	id string,
 	orgID valuer.UUID,
@@ -746,7 +748,7 @@ func (r *ThresholdRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 			continue
 		}
 
-		if a.State == model.StatePending && ts.Sub(a.ActiveAt) >= r.holdDuration {
+		if a.State == model.StatePending && ts.Sub(a.ActiveAt) >= r.holdDuration.Duration() {
 			r.logger.DebugContext(ctx, "converting pending alert to firing", "name", r.Name())
 			a.State = model.StateFiring
 			a.FiredAt = ts
@@ -812,7 +814,7 @@ func (r *ThresholdRule) String() string {
 	ar := ruletypes.PostableRule{
 		AlertName:         r.name,
 		RuleCondition:     r.ruleCondition,
-		EvalWindow:        ruletypes.Duration(r.evalWindow),
+		EvalWindow:        r.evalWindow,
 		Labels:            r.labels.Map(),
 		Annotations:       r.annotations.Map(),
 		PreferredChannels: r.preferredChannels,

pkg/query-service/rules/threshold_rule_test.go

@@ -36,8 +36,8 @@ func TestThresholdRuleEvalBackwardCompat(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{ruletypes.RollingEvaluation, ruletypes.RollingWindow{
-			EvalWindow: ruletypes.Duration(5 * time.Minute),
-			Frequency:  ruletypes.Duration(1 * time.Minute),
+			EvalWindow: valuer.MustParseTextDuration("5m"),
+			Frequency:  valuer.MustParseTextDuration("1m"),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -72,7 +72,7 @@ func TestThresholdRuleEvalBackwardCompat(t *testing.T) {
 			},
 		}
 
-		rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(2*time.Minute))
+		rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(valuer.MustParseTextDuration("2m")))
 		if err != nil {
 			assert.NoError(t, err)
 		}
@@ -152,8 +152,8 @@ func TestPrepareLinksToLogs(t *testing.T) {
 		AlertType: ruletypes.AlertTypeLogs,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{ruletypes.RollingEvaluation, ruletypes.RollingWindow{
-			EvalWindow: ruletypes.Duration(5 * time.Minute),
-			Frequency:  ruletypes.Duration(1 * time.Minute),
+			EvalWindow: valuer.MustParseTextDuration("5m"),
+			Frequency:  valuer.MustParseTextDuration("1m"),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -189,7 +189,7 @@ func TestPrepareLinksToLogs(t *testing.T) {
 			},
 		},
 	}
-	rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(2*time.Minute))
+	rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(valuer.MustParseTextDuration("2m")))
 	if err != nil {
 		assert.NoError(t, err)
 	}
@@ -206,8 +206,8 @@ func TestPrepareLinksToLogsV5(t *testing.T) {
 		AlertType: ruletypes.AlertTypeLogs,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{ruletypes.RollingEvaluation, ruletypes.RollingWindow{
-			EvalWindow: ruletypes.Duration(5 * time.Minute),
-			Frequency:  ruletypes.Duration(1 * time.Minute),
+			EvalWindow: valuer.MustParseTextDuration("5m"),
+			Frequency:  valuer.MustParseTextDuration("1m"),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -250,7 +250,7 @@ func TestPrepareLinksToLogsV5(t *testing.T) {
 			},
 		},
 	}
-	rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(2*time.Minute))
+	rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(valuer.MustParseTextDuration("2m")))
 	if err != nil {
 		assert.NoError(t, err)
 	}
@@ -267,8 +267,8 @@ func TestPrepareLinksToTracesV5(t *testing.T) {
 		AlertType: ruletypes.AlertTypeTraces,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{ruletypes.RollingEvaluation, ruletypes.RollingWindow{
-			EvalWindow: ruletypes.Duration(5 * time.Minute),
-			Frequency:  ruletypes.Duration(1 * time.Minute),
+			EvalWindow: valuer.MustParseTextDuration("5m"),
+			Frequency:  valuer.MustParseTextDuration("1m"),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -311,7 +311,7 @@ func TestPrepareLinksToTracesV5(t *testing.T) {
 			},
 		},
 	}
-	rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(2*time.Minute))
+	rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(valuer.MustParseTextDuration("2m")))
 	if err != nil {
 		assert.NoError(t, err)
 	}
@@ -328,8 +328,8 @@ func TestPrepareLinksToTraces(t *testing.T) {
 		AlertType: ruletypes.AlertTypeTraces,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{ruletypes.RollingEvaluation, ruletypes.RollingWindow{
-			EvalWindow: ruletypes.Duration(5 * time.Minute),
-			Frequency:  ruletypes.Duration(1 * time.Minute),
+			EvalWindow: valuer.MustParseTextDuration("5m"),
+			Frequency:  valuer.MustParseTextDuration("1m"),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -365,7 +365,7 @@ func TestPrepareLinksToTraces(t *testing.T) {
 			},
 		},
 	}
-	rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(2*time.Minute))
+	rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(valuer.MustParseTextDuration("2m")))
 	if err != nil {
 		assert.NoError(t, err)
 	}
@@ -382,8 +382,8 @@ func TestThresholdRuleLabelNormalization(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{ruletypes.RollingEvaluation, ruletypes.RollingWindow{
-			EvalWindow: ruletypes.Duration(5 * time.Minute),
-			Frequency:  ruletypes.Duration(1 * time.Minute),
+			EvalWindow: valuer.MustParseTextDuration("5m"),
+			Frequency:  valuer.MustParseTextDuration("1m"),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -451,7 +451,7 @@ func TestThresholdRuleLabelNormalization(t *testing.T) {
 			},
 		}
 
-		rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(2*time.Minute))
+		rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(valuer.MustParseTextDuration("2m")))
 		if err != nil {
 			assert.NoError(t, err)
 		}
@@ -490,8 +490,8 @@ func TestThresholdRuleEvalDelay(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: ruletypes.Duration(5 * time.Minute),
-			Frequency:  ruletypes.Duration(1 * time.Minute),
+			EvalWindow: valuer.MustParseTextDuration("5m"),
+			Frequency:  valuer.MustParseTextDuration("1m"),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -553,8 +553,8 @@ func TestThresholdRuleClickHouseTmpl(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: ruletypes.Duration(5 * time.Minute),
-			Frequency:  ruletypes.Duration(1 * time.Minute),
+			EvalWindow: valuer.MustParseTextDuration("5m"),
+			Frequency:  valuer.MustParseTextDuration("1m"),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -594,7 +594,7 @@ func TestThresholdRuleClickHouseTmpl(t *testing.T) {
 	logger := instrumentationtest.New().Logger()
 
 	for idx, c := range cases {
-		rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(2*time.Minute))
+		rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(valuer.MustParseTextDuration("2m")))
 		if err != nil {
 			assert.NoError(t, err)
 		}
@@ -615,8 +615,8 @@ func TestThresholdRuleUnitCombinations(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: ruletypes.Duration(5 * time.Minute),
-			Frequency:  ruletypes.Duration(1 * time.Minute),
+			EvalWindow: valuer.MustParseTextDuration("5m"),
+			Frequency:  valuer.MustParseTextDuration("1m"),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -816,8 +816,8 @@ func TestThresholdRuleNoData(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: ruletypes.Duration(5 * time.Minute),
-			Frequency:  ruletypes.Duration(1 * time.Minute),
+			EvalWindow: valuer.MustParseTextDuration("5m"),
+			Frequency:  valuer.MustParseTextDuration("1m"),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -927,8 +927,8 @@ func TestThresholdRuleTracesLink(t *testing.T) {
 		AlertType: ruletypes.AlertTypeTraces,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: ruletypes.Duration(5 * time.Minute),
-			Frequency:  ruletypes.Duration(1 * time.Minute),
+			EvalWindow: valuer.MustParseTextDuration("5m"),
+			Frequency:  valuer.MustParseTextDuration("1m"),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -1052,8 +1052,8 @@ func TestThresholdRuleLogsLink(t *testing.T) {
 		AlertType: ruletypes.AlertTypeLogs,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: ruletypes.Duration(5 * time.Minute),
-			Frequency:  ruletypes.Duration(1 * time.Minute),
+			EvalWindow: valuer.MustParseTextDuration("5m"),
+			Frequency:  valuer.MustParseTextDuration("1m"),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -1190,8 +1190,8 @@ func TestThresholdRuleShiftBy(t *testing.T) {
 		AlertType: ruletypes.AlertTypeLogs,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: ruletypes.Duration(5 * time.Minute),
-			Frequency:  ruletypes.Duration(1 * time.Minute),
+			EvalWindow: valuer.MustParseTextDuration("5m"),
+			Frequency:  valuer.MustParseTextDuration("1m"),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			Thresholds: &ruletypes.RuleThresholdData{
@@ -1264,8 +1264,8 @@ func TestMultipleThresholdRule(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: ruletypes.Duration(5 * time.Minute),
-			Frequency:  ruletypes.Duration(1 * time.Minute),
+			EvalWindow: valuer.MustParseTextDuration("5m"),
+			Frequency:  valuer.MustParseTextDuration("1m"),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -1455,8 +1455,8 @@ func TestThresholdRuleEval_BasicCases(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: ruletypes.Duration(5 * time.Minute),
-			Frequency:  ruletypes.Duration(1 * time.Minute),
+			EvalWindow: valuer.MustParseTextDuration("5m"),
+			Frequency:  valuer.MustParseTextDuration("1m"),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -1486,8 +1486,8 @@ func TestThresholdRuleEval_MatchPlusCompareOps(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: ruletypes.Duration(5 * time.Minute),
-			Frequency:  ruletypes.Duration(1 * time.Minute),
+			EvalWindow: valuer.MustParseTextDuration("5m"),
+			Frequency:  valuer.MustParseTextDuration("1m"),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -1523,8 +1523,8 @@ func TestThresholdRuleEval_SendUnmatchedBypassesRecovery(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: ruletypes.Duration(5 * time.Minute),
-			Frequency:  ruletypes.Duration(1 * time.Minute),
+			EvalWindow: valuer.MustParseTextDuration("5m"),
+			Frequency:  valuer.MustParseTextDuration("1m"),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -1559,7 +1559,7 @@ func TestThresholdRuleEval_SendUnmatchedBypassesRecovery(t *testing.T) {
 	}
 
 	logger := instrumentationtest.New().Logger()
-	rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(2*time.Minute))
+	rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(valuer.MustParseTextDuration("2m")))
 	require.NoError(t, err)
 
 	now := time.Now()
@@ -1611,8 +1611,8 @@ func TestThresholdRuleEval_SendUnmatchedVariants(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: ruletypes.Duration(5 * time.Minute),
-			Frequency:  ruletypes.Duration(1 * time.Minute),
+			EvalWindow: valuer.MustParseTextDuration("5m"),
+			Frequency:  valuer.MustParseTextDuration("1m"),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -1735,8 +1735,8 @@ func TestThresholdRuleEval_RecoveryNotMetSendUnmatchedFalse(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: ruletypes.Duration(5 * time.Minute),
-			Frequency:  ruletypes.Duration(1 * time.Minute),
+			EvalWindow: valuer.MustParseTextDuration("5m"),
+			Frequency:  valuer.MustParseTextDuration("1m"),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -1820,7 +1820,7 @@ func runEvalTests(t *testing.T, postableRule ruletypes.PostableRule, testCases [
 				Spec: thresholds,
 			}
 
-			rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(2*time.Minute))
+			rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(valuer.MustParseTextDuration("2m")))
 			if err != nil {
 				assert.NoError(t, err)
 				return
@@ -1927,7 +1927,7 @@ func runMultiThresholdEvalTests(t *testing.T, postableRule ruletypes.PostableRul
 				Spec: thresholds,
 			}
 
-			rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(2*time.Minute))
+			rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(valuer.MustParseTextDuration("2m")))
 			if err != nil {
 				assert.NoError(t, err)
 				return
@@ -2035,8 +2035,8 @@ func TestThresholdRuleEval_MultiThreshold(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: ruletypes.Duration(5 * time.Minute),
-			Frequency:  ruletypes.Duration(1 * time.Minute),
+			EvalWindow: valuer.MustParseTextDuration("5m"),
+			Frequency:  valuer.MustParseTextDuration("1m"),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -2066,8 +2066,8 @@ func TestThresholdEval_RequireMinPoints(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: ruletypes.Duration(5 * time.Minute),
-			Frequency:  ruletypes.Duration(1 * time.Minute),
+			EvalWindow: valuer.MustParseTextDuration("5m"),
+			Frequency:  valuer.MustParseTextDuration("1m"),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompareOp: ruletypes.ValueIsAbove,

pkg/signoz/handler.go

@@ -1,6 +1,8 @@
 package signoz
 
 import (
+	"github.com/SigNoz/signoz/pkg/authz"
+	"github.com/SigNoz/signoz/pkg/authz/signozauthzapi"
 	"github.com/SigNoz/signoz/pkg/factory"
 	"github.com/SigNoz/signoz/pkg/flagger"
 	"github.com/SigNoz/signoz/pkg/gateway"
@@ -11,14 +13,14 @@ import (
 	"github.com/SigNoz/signoz/pkg/modules/apdex/implapdex"
 	"github.com/SigNoz/signoz/pkg/modules/dashboard"
 	"github.com/SigNoz/signoz/pkg/modules/dashboard/impldashboard"
+	"github.com/SigNoz/signoz/pkg/modules/fields"
+	"github.com/SigNoz/signoz/pkg/modules/fields/implfields"
 	"github.com/SigNoz/signoz/pkg/modules/metricsexplorer"
 	"github.com/SigNoz/signoz/pkg/modules/metricsexplorer/implmetricsexplorer"
 	"github.com/SigNoz/signoz/pkg/modules/quickfilter"
 	"github.com/SigNoz/signoz/pkg/modules/quickfilter/implquickfilter"
 	"github.com/SigNoz/signoz/pkg/modules/rawdataexport"
 	"github.com/SigNoz/signoz/pkg/modules/rawdataexport/implrawdataexport"
-	"github.com/SigNoz/signoz/pkg/modules/role"
-	"github.com/SigNoz/signoz/pkg/modules/role/implrole"
 	"github.com/SigNoz/signoz/pkg/modules/savedview"
 	"github.com/SigNoz/signoz/pkg/modules/savedview/implsavedview"
 	"github.com/SigNoz/signoz/pkg/modules/services"
@@ -28,6 +30,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/modules/tracefunnel"
 	"github.com/SigNoz/signoz/pkg/modules/tracefunnel/impltracefunnel"
 	"github.com/SigNoz/signoz/pkg/querier"
+	"github.com/SigNoz/signoz/pkg/types/telemetrytypes"
 )
 
 type Handlers struct {
@@ -43,10 +46,21 @@ type Handlers struct {
 	Global          global.Handler
 	FlaggerHandler  flagger.Handler
 	GatewayHandler  gateway.Handler
-	Role            role.Handler
+	Fields          fields.Handler
+	AuthzHandler    authz.Handler
 }
 
-func NewHandlers(modules Modules, providerSettings factory.ProviderSettings, querier querier.Querier, licensing licensing.Licensing, global global.Global, flaggerService flagger.Flagger, gatewayService gateway.Gateway) Handlers {
+func NewHandlers(
+	modules Modules,
+	providerSettings factory.ProviderSettings,
+	querier querier.Querier,
+	licensing licensing.Licensing,
+	global global.Global,
+	flaggerService flagger.Flagger,
+	gatewayService gateway.Gateway,
+	telemetryMetadataStore telemetrytypes.MetadataStore,
+	authz authz.AuthZ,
+) Handlers {
 	return Handlers{
 		SavedView:       implsavedview.NewHandler(modules.SavedView),
 		Apdex:           implapdex.NewHandler(modules.Apdex),
@@ -60,6 +74,7 @@ func NewHandlers(modules Modules, providerSettings factory.ProviderSettings, que
 		Global:          signozglobal.NewHandler(global),
 		FlaggerHandler:  flagger.NewHandler(flaggerService),
 		GatewayHandler:  gateway.NewHandler(gatewayService),
-		Role:            implrole.NewHandler(modules.RoleSetter, modules.RoleGetter),
+		Fields:          implfields.NewHandler(providerSettings, telemetryMetadataStore),
+		AuthzHandler:    signozauthzapi.NewHandler(authz),
 	}
 }

pkg/signoz/handler_test.go

@@ -13,7 +13,6 @@ import (
 	"github.com/SigNoz/signoz/pkg/factory/factorytest"
 	"github.com/SigNoz/signoz/pkg/modules/dashboard/impldashboard"
 	"github.com/SigNoz/signoz/pkg/modules/organization/implorganization"
-	"github.com/SigNoz/signoz/pkg/modules/role/implrole"
 	"github.com/SigNoz/signoz/pkg/queryparser"
 	"github.com/SigNoz/signoz/pkg/sharder"
 	"github.com/SigNoz/signoz/pkg/sharder/noopsharder"
@@ -41,13 +40,9 @@ func TestNewHandlers(t *testing.T) {
 	queryParser := queryparser.New(providerSettings)
 	require.NoError(t, err)
 	dashboardModule := impldashboard.NewModule(impldashboard.NewStore(sqlstore), providerSettings, nil, orgGetter, queryParser)
-	roleSetter := implrole.NewSetter(implrole.NewStore(sqlstore), nil)
-	roleGetter := implrole.NewGetter(implrole.NewStore(sqlstore))
-	grantModule := implrole.NewGranter(implrole.NewStore(sqlstore), nil)
-	modules := NewModules(sqlstore, tokenizer, emailing, providerSettings, orgGetter, alertmanager, nil, nil, nil, nil, nil, nil, nil, queryParser, Config{}, dashboardModule, roleSetter, roleGetter, grantModule)
-
-	handlers := NewHandlers(modules, providerSettings, nil, nil, nil, nil, nil)
+	modules := NewModules(sqlstore, tokenizer, emailing, providerSettings, orgGetter, alertmanager, nil, nil, nil, nil, nil, nil, nil, queryParser, Config{}, dashboardModule)
 
+	handlers := NewHandlers(modules, providerSettings, nil, nil, nil, nil, nil, nil, nil)
 	reflectVal := reflect.ValueOf(handlers)
 	for i := 0; i < reflectVal.NumField(); i++ {
 		f := reflectVal.Field(i)