chore: resolve conflicts

.github/CODEOWNERS

@@ -133,8 +133,5 @@
 /frontend/src/pages/PublicDashboard/ @SigNoz/pulse-frontend
 /frontend/src/container/PublicDashboardContainer/ @SigNoz/pulse-frontend
 
-## Dashboard Libs + Components
-/frontend/src/lib/uPlotV2/ @SigNoz/pulse-frontend
-/frontend/src/lib/dashboard/ @SigNoz/pulse-frontend
-/frontend/src/lib/dashboardVariables/ @SigNoz/pulse-frontend
-/frontend/src/components/NewSelect/ @SigNoz/pulse-frontend
+## UplotV2 
+/frontend/src/lib/uPlotV2/ @SigNoz/pulse-frontend

cmd/community/server.go

@@ -18,6 +18,8 @@ import (
 	"github.com/SigNoz/signoz/pkg/modules/dashboard"
 	"github.com/SigNoz/signoz/pkg/modules/dashboard/impldashboard"
 	"github.com/SigNoz/signoz/pkg/modules/organization"
+	"github.com/SigNoz/signoz/pkg/modules/role"
+	"github.com/SigNoz/signoz/pkg/modules/role/implrole"
 	"github.com/SigNoz/signoz/pkg/querier"
 	"github.com/SigNoz/signoz/pkg/query-service/app"
 	"github.com/SigNoz/signoz/pkg/queryparser"
@@ -76,15 +78,18 @@ func runServer(ctx context.Context, config signoz.Config, logger *slog.Logger) e
 		func(ctx context.Context, providerSettings factory.ProviderSettings, store authtypes.AuthNStore, licensing licensing.Licensing) (map[authtypes.AuthNProvider]authn.AuthN, error) {
 			return signoz.NewAuthNs(ctx, providerSettings, store, licensing)
 		},
-		func(ctx context.Context, sqlstore sqlstore.SQLStore, _ licensing.Licensing, _ dashboard.Module) factory.ProviderFactory[authz.AuthZ, authz.Config] {
+		func(ctx context.Context, sqlstore sqlstore.SQLStore) factory.ProviderFactory[authz.AuthZ, authz.Config] {
 			return openfgaauthz.NewProviderFactory(sqlstore, openfgaschema.NewSchema().Get(ctx))
 		},
-		func(store sqlstore.SQLStore, settings factory.ProviderSettings, analytics analytics.Analytics, orgGetter organization.Getter, queryParser queryparser.QueryParser, _ querier.Querier, _ licensing.Licensing) dashboard.Module {
+		func(store sqlstore.SQLStore, settings factory.ProviderSettings, analytics analytics.Analytics, orgGetter organization.Getter, _ role.Setter, _ role.Granter, queryParser queryparser.QueryParser, _ querier.Querier, _ licensing.Licensing) dashboard.Module {
 			return impldashboard.NewModule(impldashboard.NewStore(store), settings, analytics, orgGetter, queryParser)
 		},
 		func(_ licensing.Licensing) factory.ProviderFactory[gateway.Gateway, gateway.Config] {
 			return noopgateway.NewProviderFactory()
 		},
+		func(store sqlstore.SQLStore, authz authz.AuthZ, licensing licensing.Licensing, _ []role.RegisterTypeable) role.Setter {
+			return implrole.NewSetter(implrole.NewStore(store), authz)
+		},
 	)
 	if err != nil {
 		logger.ErrorContext(ctx, "failed to create signoz", "error", err)

cmd/enterprise/server.go

@@ -14,6 +14,7 @@ import (
 	enterpriselicensing "github.com/SigNoz/signoz/ee/licensing"
 	"github.com/SigNoz/signoz/ee/licensing/httplicensing"
 	"github.com/SigNoz/signoz/ee/modules/dashboard/impldashboard"
+	"github.com/SigNoz/signoz/ee/modules/role/implrole"
 	enterpriseapp "github.com/SigNoz/signoz/ee/query-service/app"
 	"github.com/SigNoz/signoz/ee/sqlschema/postgressqlschema"
 	"github.com/SigNoz/signoz/ee/sqlstore/postgressqlstore"
@@ -28,6 +29,8 @@ import (
 	"github.com/SigNoz/signoz/pkg/modules/dashboard"
 	pkgimpldashboard "github.com/SigNoz/signoz/pkg/modules/dashboard/impldashboard"
 	"github.com/SigNoz/signoz/pkg/modules/organization"
+	"github.com/SigNoz/signoz/pkg/modules/role"
+	pkgimplrole "github.com/SigNoz/signoz/pkg/modules/role/implrole"
 	"github.com/SigNoz/signoz/pkg/querier"
 	"github.com/SigNoz/signoz/pkg/queryparser"
 	"github.com/SigNoz/signoz/pkg/signoz"
@@ -115,15 +118,18 @@ func runServer(ctx context.Context, config signoz.Config, logger *slog.Logger) e
 
 			return authNs, nil
 		},
-		func(ctx context.Context, sqlstore sqlstore.SQLStore, licensing licensing.Licensing, dashboardModule dashboard.Module) factory.ProviderFactory[authz.AuthZ, authz.Config] {
-			return openfgaauthz.NewProviderFactory(sqlstore, openfgaschema.NewSchema().Get(ctx), licensing, dashboardModule)
+		func(ctx context.Context, sqlstore sqlstore.SQLStore) factory.ProviderFactory[authz.AuthZ, authz.Config] {
+			return openfgaauthz.NewProviderFactory(sqlstore, openfgaschema.NewSchema().Get(ctx))
 		},
-		func(store sqlstore.SQLStore, settings factory.ProviderSettings, analytics analytics.Analytics, orgGetter organization.Getter, queryParser queryparser.QueryParser, querier querier.Querier, licensing licensing.Licensing) dashboard.Module {
-			return impldashboard.NewModule(pkgimpldashboard.NewStore(store), settings, analytics, orgGetter, queryParser, querier, licensing)
+		func(store sqlstore.SQLStore, settings factory.ProviderSettings, analytics analytics.Analytics, orgGetter organization.Getter, roleSetter role.Setter, granter role.Granter, queryParser queryparser.QueryParser, querier querier.Querier, licensing licensing.Licensing) dashboard.Module {
+			return impldashboard.NewModule(pkgimpldashboard.NewStore(store), settings, analytics, orgGetter, roleSetter, granter, queryParser, querier, licensing)
 		},
 		func(licensing licensing.Licensing) factory.ProviderFactory[gateway.Gateway, gateway.Config] {
 			return httpgateway.NewProviderFactory(licensing)
 		},
+		func(store sqlstore.SQLStore, authz authz.AuthZ, licensing licensing.Licensing, registry []role.RegisterTypeable) role.Setter {
+			return implrole.NewSetter(pkgimplrole.NewStore(store), authz, licensing, registry)
+		},
 	)
 
 	if err != nil {

docs/api/openapi.yml

@@ -616,11 +616,11 @@ paths:
       - in: query
         name: signal
         schema:
-          type: string
+          $ref: '#/components/schemas/TelemetrytypesSignal'
       - in: query
         name: source
         schema:
-          type: string
+          $ref: '#/components/schemas/TelemetrytypesSource'
       - in: query
         name: limit
         schema:
@@ -638,11 +638,11 @@ paths:
       - in: query
         name: fieldContext
         schema:
-          type: string
+          $ref: '#/components/schemas/TelemetrytypesFieldContext'
       - in: query
         name: fieldDataType
         schema:
-          type: string
+          $ref: '#/components/schemas/TelemetrytypesFieldDataType'
       - in: query
         name: metricName
         schema:
@@ -698,11 +698,11 @@ paths:
       - in: query
         name: signal
         schema:
-          type: string
+          $ref: '#/components/schemas/TelemetrytypesSignal'
       - in: query
         name: source
         schema:
-          type: string
+          $ref: '#/components/schemas/TelemetrytypesSource'
       - in: query
         name: limit
         schema:
@@ -720,11 +720,11 @@ paths:
       - in: query
         name: fieldContext
         schema:
-          type: string
+          $ref: '#/components/schemas/TelemetrytypesFieldContext'
       - in: query
         name: fieldDataType
         schema:
-          type: string
+          $ref: '#/components/schemas/TelemetrytypesFieldDataType'
       - in: query
         name: metricName
         schema:
@@ -3526,6 +3526,62 @@ paths:
       summary: Rotate session
       tags:
       - sessions
+  /api/v5/query_range:
+    post:
+      deprecated: false
+      description: Execute a composite query over a time range. Supports builder queries
+        (traces, logs, metrics), formulas, trace operators, PromQL, and ClickHouse
+        SQL.
+      operationId: QueryRangeV5
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/Querybuildertypesv5QueryRangeRequest'
+      responses:
+        "200":
+          content:
+            application/json:
+              schema:
+                properties:
+                  data:
+                    $ref: '#/components/schemas/Querybuildertypesv5QueryRangeResponse'
+                  status:
+                    type: string
+                type: object
+          description: OK
+        "400":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Bad Request
+        "401":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Unauthorized
+        "403":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Forbidden
+        "500":
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RenderErrorResponse'
+          description: Internal Server Error
+      security:
+      - api_key:
+        - VIEWER
+      - tokenizer:
+        - VIEWER
+      summary: Query range
+      tags:
+      - query
 components:
   schemas:
     AuthtypesAttributeMapping:
@@ -4249,12 +4305,39 @@ components:
       - temporality
       - isMonotonic
       type: object
+    MetrictypesSpaceAggregation:
+      enum:
+      - ""
+      - sum
+      - avg
+      - min
+      - max
+      - count
+      - p50
+      - p75
+      - p90
+      - p95
+      - p99
+      type: string
     MetrictypesTemporality:
       enum:
       - delta
       - cumulative
       - unspecified
       type: string
+    MetrictypesTimeAggregation:
+      enum:
+      - ""
+      - latest
+      - sum
+      - avg
+      - min
+      - max
+      - count
+      - count_distinct
+      - rate
+      - increase
+      type: string
     MetrictypesType:
       enum:
       - gauge
@@ -4312,7 +4395,101 @@ components:
         type:
           type: string
       type: object
+    Querybuildertypesv5AggregationBucket:
+      properties:
+        alias:
+          type: string
+        anomalyScores:
+          items:
+            $ref: '#/components/schemas/Querybuildertypesv5TimeSeries'
+          type: array
+        index:
+          type: integer
+        lowerBoundSeries:
+          items:
+            $ref: '#/components/schemas/Querybuildertypesv5TimeSeries'
+          type: array
+        meta:
+          properties:
+            unit:
+              type: string
+          type: object
+        predictedSeries:
+          items:
+            $ref: '#/components/schemas/Querybuildertypesv5TimeSeries'
+          type: array
+        series:
+          items:
+            $ref: '#/components/schemas/Querybuildertypesv5TimeSeries'
+          nullable: true
+          type: array
+        upperBoundSeries:
+          items:
+            $ref: '#/components/schemas/Querybuildertypesv5TimeSeries'
+          type: array
+      type: object
+    Querybuildertypesv5Bucket:
+      properties:
+        step:
+          format: double
+          type: number
+      type: object
+    Querybuildertypesv5ClickHouseQuery:
+      properties:
+        disabled:
+          type: boolean
+        legend:
+          type: string
+        name:
+          type: string
+        query:
+          type: string
+      type: object
+    Querybuildertypesv5ColumnDescriptor:
+      properties:
+        aggregationIndex:
+          format: int64
+          type: integer
+        columnType:
+          $ref: '#/components/schemas/Querybuildertypesv5ColumnType'
+        description:
+          type: string
+        fieldContext:
+          $ref: '#/components/schemas/TelemetrytypesFieldContext'
+        fieldDataType:
+          $ref: '#/components/schemas/TelemetrytypesFieldDataType'
+        meta:
+          properties:
+            unit:
+              type: string
+          type: object
+        name:
+          type: string
+        queryName:
+          type: string
+        signal:
+          $ref: '#/components/schemas/TelemetrytypesSignal'
+        unit:
+          type: string
+      type: object
+    Querybuildertypesv5ColumnType:
+      enum:
+      - group
+      - aggregation
+      type: string
+    Querybuildertypesv5CompositeQuery:
+      description: Composite query containing one or more query envelopes. Each query
+        envelope specifies its type and corresponding spec.
+      properties:
+        queries:
+          items:
+            $ref: '#/components/schemas/Querybuildertypesv5QueryEnvelope'
+          nullable: true
+          type: array
+      type: object
     Querybuildertypesv5ExecStats:
+      description: Execution statistics for the query, including rows scanned, bytes
+        scanned, and duration.
       properties:
         bytesScanned:
           minimum: 0
@@ -4334,10 +4511,109 @@ components:
         expression:
           type: string
       type: object
+    Querybuildertypesv5FormatOptions:
+      properties:
+        fillGaps:
+          type: boolean
+        formatTableResultForUI:
+          type: boolean
+      type: object
+    Querybuildertypesv5Function:
+      properties:
+        args:
+          items:
+            $ref: '#/components/schemas/Querybuildertypesv5FunctionArg'
+          type: array
+        name:
+          $ref: '#/components/schemas/Querybuildertypesv5FunctionName'
+      type: object
+    Querybuildertypesv5FunctionArg:
+      properties:
+        name:
+          type: string
+        value: {}
+      type: object
+    Querybuildertypesv5FunctionName:
+      enum:
+      - cutoffmin
+      - cutoffmax
+      - clampmin
+      - clampmax
+      - absolute
+      - runningdiff
+      - log2
+      - log10
+      - cumulativesum
+      - ewma3
+      - ewma5
+      - ewma7
+      - median3
+      - median5
+      - median7
+      - timeshift
+      - anomaly
+      - fillzero
+      type: string
+    Querybuildertypesv5GroupByKey:
+      properties:
+        description:
+          type: string
+        fieldContext:
+          $ref: '#/components/schemas/TelemetrytypesFieldContext'
+        fieldDataType:
+          $ref: '#/components/schemas/TelemetrytypesFieldDataType'
+        name:
+          type: string
+        signal:
+          $ref: '#/components/schemas/TelemetrytypesSignal'
+        unit:
+          type: string
+      type: object
+    Querybuildertypesv5Having:
+      properties:
+        expression:
+          type: string
+      type: object
+    Querybuildertypesv5Label:
+      properties:
+        key:
+          $ref: '#/components/schemas/TelemetrytypesTelemetryFieldKey'
+        value: {}
+      type: object
+    Querybuildertypesv5LimitBy:
+      properties:
+        keys:
+          items:
+            type: string
+          nullable: true
+          type: array
+        value:
+          type: string
+      type: object
+    Querybuildertypesv5LogAggregation:
+      properties:
+        alias:
+          type: string
+        expression:
+          type: string
+      type: object
+    Querybuildertypesv5MetricAggregation:
+      properties:
+        metricName:
+          type: string
+        reduceTo:
+          $ref: '#/components/schemas/Querybuildertypesv5ReduceTo'
+        spaceAggregation:
+          $ref: '#/components/schemas/MetrictypesSpaceAggregation'
+        temporality:
+          $ref: '#/components/schemas/MetrictypesTemporality'
+        timeAggregation:
+          $ref: '#/components/schemas/MetrictypesTimeAggregation'
+      type: object
     Querybuildertypesv5OrderBy:
       properties:
         direction:
-          type: string
+          $ref: '#/components/schemas/Querybuildertypesv5OrderDirection'
         key:
           $ref: '#/components/schemas/Querybuildertypesv5OrderByKey'
       type: object
@@ -4346,34 +4622,404 @@ components:
         description:
           type: string
         fieldContext:
-          type: string
+          $ref: '#/components/schemas/TelemetrytypesFieldContext'
         fieldDataType:
-          type: string
+          $ref: '#/components/schemas/TelemetrytypesFieldDataType'
         name:
           type: string
         signal:
-          type: string
+          $ref: '#/components/schemas/TelemetrytypesSignal'
         unit:
           type: string
       type: object
+    Querybuildertypesv5OrderDirection:
+      enum:
+      - asc
+      - desc
+      type: string
+    Querybuildertypesv5PromQuery:
+      properties:
+        disabled:
+          type: boolean
+        legend:
+          type: string
+        name:
+          type: string
+        query:
+          type: string
+        stats:
+          type: boolean
+        step:
+          $ref: '#/components/schemas/Querybuildertypesv5Step'
+      type: object
+    Querybuildertypesv5QueryBuilderFormula:
+      properties:
+        disabled:
+          type: boolean
+        expression:
+          type: string
+        functions:
+          items:
+            $ref: '#/components/schemas/Querybuildertypesv5Function'
+          type: array
+        having:
+          $ref: '#/components/schemas/Querybuildertypesv5Having'
+        legend:
+          type: string
+        limit:
+          type: integer
+        name:
+          type: string
+        order:
+          items:
+            $ref: '#/components/schemas/Querybuildertypesv5OrderBy'
+          type: array
+      type: object
+    Querybuildertypesv5QueryBuilderQueryGithubComSigNozSignozPkgTypesQuerybuildertypesQuerybuildertypesv5LogAggregation:
+      properties:
+        aggregations:
+          items:
+            $ref: '#/components/schemas/Querybuildertypesv5LogAggregation'
+          type: array
+        cursor:
+          type: string
+        disabled:
+          type: boolean
+        filter:
+          $ref: '#/components/schemas/Querybuildertypesv5Filter'
+        functions:
+          items:
+            $ref: '#/components/schemas/Querybuildertypesv5Function'
+          type: array
+        groupBy:
+          items:
+            $ref: '#/components/schemas/Querybuildertypesv5GroupByKey'
+          type: array
+        having:
+          $ref: '#/components/schemas/Querybuildertypesv5Having'
+        legend:
+          type: string
+        limit:
+          type: integer
+        limitBy:
+          $ref: '#/components/schemas/Querybuildertypesv5LimitBy'
+        name:
+          type: string
+        offset:
+          type: integer
+        order:
+          items:
+            $ref: '#/components/schemas/Querybuildertypesv5OrderBy'
+          type: array
+        secondaryAggregations:
+          items:
+            $ref: '#/components/schemas/Querybuildertypesv5SecondaryAggregation'
+          type: array
+        selectFields:
+          items:
+            $ref: '#/components/schemas/TelemetrytypesTelemetryFieldKey'
+          type: array
+        signal:
+          $ref: '#/components/schemas/TelemetrytypesSignal'
+        source:
+          $ref: '#/components/schemas/TelemetrytypesSource'
+        stepInterval:
+          $ref: '#/components/schemas/Querybuildertypesv5Step'
+      type: object
+    Querybuildertypesv5QueryBuilderQueryGithubComSigNozSignozPkgTypesQuerybuildertypesQuerybuildertypesv5MetricAggregation:
+      properties:
+        aggregations:
+          items:
+            $ref: '#/components/schemas/Querybuildertypesv5MetricAggregation'
+          type: array
+        cursor:
+          type: string
+        disabled:
+          type: boolean
+        filter:
+          $ref: '#/components/schemas/Querybuildertypesv5Filter'
+        functions:
+          items:
+            $ref: '#/components/schemas/Querybuildertypesv5Function'
+          type: array
+        groupBy:
+          items:
+            $ref: '#/components/schemas/Querybuildertypesv5GroupByKey'
+          type: array
+        having:
+          $ref: '#/components/schemas/Querybuildertypesv5Having'
+        legend:
+          type: string
+        limit:
+          type: integer
+        limitBy:
+          $ref: '#/components/schemas/Querybuildertypesv5LimitBy'
+        name:
+          type: string
+        offset:
+          type: integer
+        order:
+          items:
+            $ref: '#/components/schemas/Querybuildertypesv5OrderBy'
+          type: array
+        secondaryAggregations:
+          items:
+            $ref: '#/components/schemas/Querybuildertypesv5SecondaryAggregation'
+          type: array
+        selectFields:
+          items:
+            $ref: '#/components/schemas/TelemetrytypesTelemetryFieldKey'
+          type: array
+        signal:
+          $ref: '#/components/schemas/TelemetrytypesSignal'
+        source:
+          $ref: '#/components/schemas/TelemetrytypesSource'
+        stepInterval:
+          $ref: '#/components/schemas/Querybuildertypesv5Step'
+      type: object
+    Querybuildertypesv5QueryBuilderQueryGithubComSigNozSignozPkgTypesQuerybuildertypesQuerybuildertypesv5TraceAggregation:
+      properties:
+        aggregations:
+          items:
+            $ref: '#/components/schemas/Querybuildertypesv5TraceAggregation'
+          type: array
+        cursor:
+          type: string
+        disabled:
+          type: boolean
+        filter:
+          $ref: '#/components/schemas/Querybuildertypesv5Filter'
+        functions:
+          items:
+            $ref: '#/components/schemas/Querybuildertypesv5Function'
+          type: array
+        groupBy:
+          items:
+            $ref: '#/components/schemas/Querybuildertypesv5GroupByKey'
+          type: array
+        having:
+          $ref: '#/components/schemas/Querybuildertypesv5Having'
+        legend:
+          type: string
+        limit:
+          type: integer
+        limitBy:
+          $ref: '#/components/schemas/Querybuildertypesv5LimitBy'
+        name:
+          type: string
+        offset:
+          type: integer
+        order:
+          items:
+            $ref: '#/components/schemas/Querybuildertypesv5OrderBy'
+          type: array
+        secondaryAggregations:
+          items:
+            $ref: '#/components/schemas/Querybuildertypesv5SecondaryAggregation'
+          type: array
+        selectFields:
+          items:
+            $ref: '#/components/schemas/TelemetrytypesTelemetryFieldKey'
+          type: array
+        signal:
+          $ref: '#/components/schemas/TelemetrytypesSignal'
+        source:
+          $ref: '#/components/schemas/TelemetrytypesSource'
+        stepInterval:
+          $ref: '#/components/schemas/Querybuildertypesv5Step'
+      type: object
+    Querybuildertypesv5QueryBuilderTraceOperator:
+      properties:
+        aggregations:
+          items:
+            $ref: '#/components/schemas/Querybuildertypesv5TraceAggregation'
+          type: array
+        cursor:
+          type: string
+        disabled:
+          type: boolean
+        expression:
+          type: string
+        filter:
+          $ref: '#/components/schemas/Querybuildertypesv5Filter'
+        functions:
+          items:
+            $ref: '#/components/schemas/Querybuildertypesv5Function'
+          type: array
+        groupBy:
+          items:
+            $ref: '#/components/schemas/Querybuildertypesv5GroupByKey'
+          type: array
+        having:
+          $ref: '#/components/schemas/Querybuildertypesv5Having'
+        legend:
+          type: string
+        limit:
+          type: integer
+        name:
+          type: string
+        offset:
+          type: integer
+        order:
+          items:
+            $ref: '#/components/schemas/Querybuildertypesv5OrderBy'
+          type: array
+        returnSpansFrom:
+          type: string
+        selectFields:
+          items:
+            $ref: '#/components/schemas/TelemetrytypesTelemetryFieldKey'
+          type: array
+        stepInterval:
+          $ref: '#/components/schemas/Querybuildertypesv5Step'
+      type: object
     Querybuildertypesv5QueryData:
+      oneOf:
+      - $ref: '#/components/schemas/Querybuildertypesv5TimeSeriesData'
+      - $ref: '#/components/schemas/Querybuildertypesv5ScalarData'
+      - $ref: '#/components/schemas/Querybuildertypesv5RawData'
       properties:
         results:
           items: {}
           nullable: true
           type: array
       type: object
+    Querybuildertypesv5QueryEnvelope:
+      oneOf:
+      - $ref: '#/components/schemas/Querybuildertypesv5QueryEnvelopeBuilderTrace'
+      - $ref: '#/components/schemas/Querybuildertypesv5QueryEnvelopeBuilderLog'
+      - $ref: '#/components/schemas/Querybuildertypesv5QueryEnvelopeBuilderMetric'
+      - $ref: '#/components/schemas/Querybuildertypesv5QueryEnvelopeFormula'
+      - $ref: '#/components/schemas/Querybuildertypesv5QueryEnvelopeTraceOperator'
+      - $ref: '#/components/schemas/Querybuildertypesv5QueryEnvelopePromQL'
+      - $ref: '#/components/schemas/Querybuildertypesv5QueryEnvelopeClickHouseSQL'
+      properties:
+        spec: {}
+        type:
+          $ref: '#/components/schemas/Querybuildertypesv5QueryType'
+      type: object
+    Querybuildertypesv5QueryEnvelopeBuilderLog:
+      properties:
+        spec:
+          $ref: '#/components/schemas/Querybuildertypesv5QueryBuilderQueryGithubComSigNozSignozPkgTypesQuerybuildertypesQuerybuildertypesv5LogAggregation'
+        type:
+          $ref: '#/components/schemas/Querybuildertypesv5QueryType'
+      type: object
+    Querybuildertypesv5QueryEnvelopeBuilderMetric:
+      properties:
+        spec:
+          $ref: '#/components/schemas/Querybuildertypesv5QueryBuilderQueryGithubComSigNozSignozPkgTypesQuerybuildertypesQuerybuildertypesv5MetricAggregation'
+        type:
+          $ref: '#/components/schemas/Querybuildertypesv5QueryType'
+      type: object
+    Querybuildertypesv5QueryEnvelopeBuilderTrace:
+      properties:
+        spec:
+          $ref: '#/components/schemas/Querybuildertypesv5QueryBuilderQueryGithubComSigNozSignozPkgTypesQuerybuildertypesQuerybuildertypesv5TraceAggregation'
+        type:
+          $ref: '#/components/schemas/Querybuildertypesv5QueryType'
+      type: object
+    Querybuildertypesv5QueryEnvelopeClickHouseSQL:
+      properties:
+        spec:
+          $ref: '#/components/schemas/Querybuildertypesv5ClickHouseQuery'
+        type:
+          $ref: '#/components/schemas/Querybuildertypesv5QueryType'
+      type: object
+    Querybuildertypesv5QueryEnvelopeFormula:
+      properties:
+        spec:
+          $ref: '#/components/schemas/Querybuildertypesv5QueryBuilderFormula'
+        type:
+          $ref: '#/components/schemas/Querybuildertypesv5QueryType'
+      type: object
+    Querybuildertypesv5QueryEnvelopePromQL:
+      properties:
+        spec:
+          $ref: '#/components/schemas/Querybuildertypesv5PromQuery'
+        type:
+          $ref: '#/components/schemas/Querybuildertypesv5QueryType'
+      type: object
+    Querybuildertypesv5QueryEnvelopeTraceOperator:
+      properties:
+        spec:
+          $ref: '#/components/schemas/Querybuildertypesv5QueryBuilderTraceOperator'
+        type:
+          $ref: '#/components/schemas/Querybuildertypesv5QueryType'
+      type: object
+    Querybuildertypesv5QueryRangeRequest:
+      description: Request body for the v5 query range endpoint. Supports builder
+        queries (traces, logs, metrics), formulas, joins, trace operators, PromQL,
+        and ClickHouse SQL queries.
+      example:
+        compositeQuery:
+          queries:
+          - spec:
+              aggregations:
+              - alias: span_count
+                expression: count()
+              filter:
+                expression: service.name = 'frontend'
+              groupBy:
+              - fieldContext: resource
+                name: service.name
+              limit: 10
+              name: A
+              order:
+              - direction: desc
+                key:
+                  name: span_count
+              signal: traces
+              stepInterval: 60s
+            type: builder_query
+        end: 1.6409988e+12
+        requestType: time_series
+        schemaVersion: v1
+        start: 1.6409952e+12
+      properties:
+        compositeQuery:
+          $ref: '#/components/schemas/Querybuildertypesv5CompositeQuery'
+        end:
+          minimum: 0
+          type: integer
+        formatOptions:
+          $ref: '#/components/schemas/Querybuildertypesv5FormatOptions'
+        noCache:
+          type: boolean
+        requestType:
+          $ref: '#/components/schemas/Querybuildertypesv5RequestType'
+        schemaVersion:
+          type: string
+        start:
+          minimum: 0
+          type: integer
+        variables:
+          additionalProperties:
+            $ref: '#/components/schemas/Querybuildertypesv5VariableItem'
+          type: object
+      type: object
     Querybuildertypesv5QueryRangeResponse:
+      description: 'Response from the v5 query range endpoint. The data.results array
+        contains typed results depending on the requestType: TimeSeriesData for time_series,
+        ScalarData for scalar, or RawData for raw requests.'
       properties:
         data:
           $ref: '#/components/schemas/Querybuildertypesv5QueryData'
         meta:
           $ref: '#/components/schemas/Querybuildertypesv5ExecStats'
         type:
-          type: string
+          $ref: '#/components/schemas/Querybuildertypesv5RequestType'
         warning:
           $ref: '#/components/schemas/Querybuildertypesv5QueryWarnData'
       type: object
+    Querybuildertypesv5QueryType:
+      enum:
+      - builder_query
+      - builder_formula
+      - builder_trace_operator
+      - clickhouse_sql
+      - promql
+      type: string
     Querybuildertypesv5QueryWarnData:
       properties:
         message:
@@ -4390,6 +5036,153 @@ components:
         message:
           type: string
       type: object
+    Querybuildertypesv5RawData:
+      properties:
+        nextCursor:
+          type: string
+        queryName:
+          type: string
+        rows:
+          items:
+            $ref: '#/components/schemas/Querybuildertypesv5RawRow'
+          nullable: true
+          type: array
+      type: object
+    Querybuildertypesv5RawRow:
+      properties:
+        data:
+          additionalProperties: {}
+          nullable: true
+          type: object
+        timestamp:
+          format: date-time
+          type: string
+      type: object
+    Querybuildertypesv5ReduceTo:
+      enum:
+      - sum
+      - count
+      - avg
+      - min
+      - max
+      - last
+      - median
+      type: string
+    Querybuildertypesv5RequestType:
+      enum:
+      - scalar
+      - time_series
+      - raw
+      - raw_stream
+      - trace
+      type: string
+    Querybuildertypesv5ScalarData:
+      properties:
+        columns:
+          items:
+            $ref: '#/components/schemas/Querybuildertypesv5ColumnDescriptor'
+          nullable: true
+          type: array
+        data:
+          items:
+            items: {}
+            type: array
+          nullable: true
+          type: array
+        queryName:
+          type: string
+      type: object
+    Querybuildertypesv5SecondaryAggregation:
+      properties:
+        alias:
+          type: string
+        expression:
+          type: string
+        groupBy:
+          items:
+            $ref: '#/components/schemas/Querybuildertypesv5GroupByKey'
+          type: array
+        limit:
+          type: integer
+        limitBy:
+          $ref: '#/components/schemas/Querybuildertypesv5LimitBy'
+        order:
+          items:
+            $ref: '#/components/schemas/Querybuildertypesv5OrderBy'
+          type: array
+        stepInterval:
+          $ref: '#/components/schemas/Querybuildertypesv5Step'
+      type: object
+    Querybuildertypesv5Step:
+      description: Step interval. Accepts a Go duration string (e.g., "60s", "1m",
+        "1h") or a number representing seconds (e.g., 60).
+      oneOf:
+      - description: Duration string (e.g., "60s", "5m", "1h").
+        example: 60s
+        type: string
+      - description: Duration in seconds.
+        example: 60
+        type: number
+    Querybuildertypesv5TimeSeries:
+      properties:
+        labels:
+          items:
+            $ref: '#/components/schemas/Querybuildertypesv5Label'
+          type: array
+        values:
+          items:
+            $ref: '#/components/schemas/Querybuildertypesv5TimeSeriesValue'
+          nullable: true
+          type: array
+      type: object
+    Querybuildertypesv5TimeSeriesData:
+      properties:
+        aggregations:
+          items:
+            $ref: '#/components/schemas/Querybuildertypesv5AggregationBucket'
+          nullable: true
+          type: array
+        queryName:
+          type: string
+      type: object
+    Querybuildertypesv5TimeSeriesValue:
+      properties:
+        bucket:
+          $ref: '#/components/schemas/Querybuildertypesv5Bucket'
+        partial:
+          type: boolean
+        timestamp:
+          format: int64
+          type: integer
+        value:
+          format: double
+          type: number
+        values:
+          items:
+            format: double
+            type: number
+          type: array
+      type: object
+    Querybuildertypesv5TraceAggregation:
+      properties:
+        alias:
+          type: string
+        expression:
+          type: string
+      type: object
+    Querybuildertypesv5VariableItem:
+      properties:
+        type:
+          $ref: '#/components/schemas/Querybuildertypesv5VariableType'
+        value: {}
+      type: object
+    Querybuildertypesv5VariableType:
+      enum:
+      - query
+      - dynamic
+      - custom
+      - text
+      type: string
     RenderErrorResponse:
       properties:
         error:
@@ -4416,6 +5209,23 @@ components:
           format: date-time
           type: string
       type: object
+    TelemetrytypesFieldContext:
+      enum:
+      - metric
+      - log
+      - span
+      - resource
+      - attribute
+      - body
+      type: string
+    TelemetrytypesFieldDataType:
+      enum:
+      - string
+      - bool
+      - float64
+      - int64
+      - number
+      type: string
     TelemetrytypesGettableFieldKeys:
       properties:
         complete:
@@ -4435,18 +5245,28 @@ components:
         values:
           $ref: '#/components/schemas/TelemetrytypesTelemetryFieldValues'
       type: object
+    TelemetrytypesSignal:
+      enum:
+      - traces
+      - logs
+      - metrics
+      type: string
+    TelemetrytypesSource:
+      enum:
+      - meter
+      type: string
     TelemetrytypesTelemetryFieldKey:
       properties:
         description:
           type: string
         fieldContext:
-          type: string
+          $ref: '#/components/schemas/TelemetrytypesFieldContext'
         fieldDataType:
-          type: string
+          $ref: '#/components/schemas/TelemetrytypesFieldDataType'
         name:
           type: string
         signal:
-          type: string
+          $ref: '#/components/schemas/TelemetrytypesSignal'
         unit:
           type: string
       type: object

ee/authz/openfgaauthz/provider.go

@@ -2,18 +2,12 @@ package openfgaauthz
 
 import (
 	"context"
-	"slices"
 
-	"github.com/SigNoz/signoz/ee/authz/openfgaserver"
 	"github.com/SigNoz/signoz/pkg/authz"
-	"github.com/SigNoz/signoz/pkg/authz/authzstore/sqlauthzstore"
 	pkgopenfgaauthz "github.com/SigNoz/signoz/pkg/authz/openfgaauthz"
-	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/factory"
-	"github.com/SigNoz/signoz/pkg/licensing"
 	"github.com/SigNoz/signoz/pkg/sqlstore"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/roletypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 	openfgav1 "github.com/openfga/api/proto/openfga/v1"
 	openfgapkgtransformer "github.com/openfga/language/pkg/go/transformer"
@@ -21,224 +15,50 @@ import (
 
 type provider struct {
 	pkgAuthzService authz.AuthZ
-	openfgaServer   *openfgaserver.Server
-	licensing       licensing.Licensing
-	store           roletypes.Store
-	registry        []authz.RegisterTypeable
 }
 
-func NewProviderFactory(sqlstore sqlstore.SQLStore, openfgaSchema []openfgapkgtransformer.ModuleFile, licensing licensing.Licensing, registry ...authz.RegisterTypeable) factory.ProviderFactory[authz.AuthZ, authz.Config] {
+func NewProviderFactory(sqlstore sqlstore.SQLStore, openfgaSchema []openfgapkgtransformer.ModuleFile) factory.ProviderFactory[authz.AuthZ, authz.Config] {
 	return factory.NewProviderFactory(factory.MustNewName("openfga"), func(ctx context.Context, ps factory.ProviderSettings, config authz.Config) (authz.AuthZ, error) {
-		return newOpenfgaProvider(ctx, ps, config, sqlstore, openfgaSchema, licensing, registry)
+		return newOpenfgaProvider(ctx, ps, config, sqlstore, openfgaSchema)
 	})
 }
 
-func newOpenfgaProvider(ctx context.Context, settings factory.ProviderSettings, config authz.Config, sqlstore sqlstore.SQLStore, openfgaSchema []openfgapkgtransformer.ModuleFile, licensing licensing.Licensing, registry []authz.RegisterTypeable) (authz.AuthZ, error) {
+func newOpenfgaProvider(ctx context.Context, settings factory.ProviderSettings, config authz.Config, sqlstore sqlstore.SQLStore, openfgaSchema []openfgapkgtransformer.ModuleFile) (authz.AuthZ, error) {
 	pkgOpenfgaAuthzProvider := pkgopenfgaauthz.NewProviderFactory(sqlstore, openfgaSchema)
 	pkgAuthzService, err := pkgOpenfgaAuthzProvider.New(ctx, settings, config)
 	if err != nil {
 		return nil, err
 	}
 
-	openfgaServer, err := openfgaserver.NewOpenfgaServer(ctx, pkgAuthzService)
-	if err != nil {
-		return nil, err
-	}
-
 	return &provider{
 		pkgAuthzService: pkgAuthzService,
-		openfgaServer:   openfgaServer,
-		licensing:       licensing,
-		store:           sqlauthzstore.NewSqlAuthzStore(sqlstore),
-		registry:        registry,
 	}, nil
 }
 
 func (provider *provider) Start(ctx context.Context) error {
-	return provider.openfgaServer.Start(ctx)
+	return provider.pkgAuthzService.Start(ctx)
 }
 
 func (provider *provider) Stop(ctx context.Context) error {
-	return provider.openfgaServer.Stop(ctx)
+	return provider.pkgAuthzService.Stop(ctx)
 }
 
 func (provider *provider) Check(ctx context.Context, tuple *openfgav1.TupleKey) error {
-	return provider.openfgaServer.Check(ctx, tuple)
+	return provider.pkgAuthzService.Check(ctx, tuple)
 }
 
-func (provider *provider) CheckWithTupleCreation(ctx context.Context, claims authtypes.Claims, orgID valuer.UUID, relation authtypes.Relation, typeable authtypes.Typeable, selectors []authtypes.Selector, roleSelectors []authtypes.Selector) error {
-	return provider.openfgaServer.CheckWithTupleCreation(ctx, claims, orgID, relation, typeable, selectors, roleSelectors)
-}
-
-func (provider *provider) CheckWithTupleCreationWithoutClaims(ctx context.Context, orgID valuer.UUID, relation authtypes.Relation, typeable authtypes.Typeable, selectors []authtypes.Selector, roleSelectors []authtypes.Selector) error {
-	return provider.openfgaServer.CheckWithTupleCreationWithoutClaims(ctx, orgID, relation, typeable, selectors, roleSelectors)
-}
-
-func (provider *provider) BatchCheck(ctx context.Context, tuples []*openfgav1.TupleKey) error {
-	return provider.openfgaServer.BatchCheck(ctx, tuples)
-}
-
-func (provider *provider) ListObjects(ctx context.Context, subject string, relation authtypes.Relation, typeable authtypes.Typeable) ([]*authtypes.Object, error) {
-	return provider.openfgaServer.ListObjects(ctx, subject, relation, typeable)
-}
-
-func (provider *provider) Write(ctx context.Context, additions []*openfgav1.TupleKey, deletions []*openfgav1.TupleKey) error {
-	return provider.openfgaServer.Write(ctx, additions, deletions)
-}
-
-func (provider *provider) Get(ctx context.Context, orgID valuer.UUID, id valuer.UUID) (*roletypes.Role, error) {
-	return provider.pkgAuthzService.Get(ctx, orgID, id)
-}
-
-func (provider *provider) GetByOrgIDAndName(ctx context.Context, orgID valuer.UUID, name string) (*roletypes.Role, error) {
-	return provider.pkgAuthzService.GetByOrgIDAndName(ctx, orgID, name)
-}
-
-func (provider *provider) List(ctx context.Context, orgID valuer.UUID) ([]*roletypes.Role, error) {
-	return provider.pkgAuthzService.List(ctx, orgID)
-}
-
-func (provider *provider) ListByOrgIDAndNames(ctx context.Context, orgID valuer.UUID, names []string) ([]*roletypes.Role, error) {
-	return provider.pkgAuthzService.ListByOrgIDAndNames(ctx, orgID, names)
-}
-
-func (provider *provider) Grant(ctx context.Context, orgID valuer.UUID, name string, subject string) error {
-	return provider.pkgAuthzService.Grant(ctx, orgID, name, subject)
-}
-
-func (provider *provider) ModifyGrant(ctx context.Context, orgID valuer.UUID, existingRoleName string, updatedRoleName string, subject string) error {
-	return provider.pkgAuthzService.ModifyGrant(ctx, orgID, existingRoleName, updatedRoleName, subject)
-}
-
-func (provider *provider) Revoke(ctx context.Context, orgID valuer.UUID, name string, subject string) error {
-	return provider.pkgAuthzService.Revoke(ctx, orgID, name, subject)
-}
-
-func (provider *provider) CreateManagedRoles(ctx context.Context, orgID valuer.UUID, managedRoles []*roletypes.Role) error {
-	return provider.pkgAuthzService.CreateManagedRoles(ctx, orgID, managedRoles)
-}
-
-func (provider *provider) CreateManagedUserRoleTransactions(ctx context.Context, orgID valuer.UUID, userID valuer.UUID) error {
-	tuples := make([]*openfgav1.TupleKey, 0)
-
-	grantTuples, err := provider.getManagedRoleGrantTuples(orgID, userID)
-	if err != nil {
-		return err
-	}
-	tuples = append(tuples, grantTuples...)
-
-	managedRoleTuples, err := provider.getManagedRoleTransactionTuples(orgID)
-	if err != nil {
-		return err
-	}
-	tuples = append(tuples, managedRoleTuples...)
-
-	return provider.Write(ctx, tuples, nil)
-}
-
-func (provider *provider) Create(ctx context.Context, orgID valuer.UUID, role *roletypes.Role) error {
-	_, err := provider.licensing.GetActive(ctx, orgID)
-	if err != nil {
-		return errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
-	}
-
-	return provider.store.Create(ctx, roletypes.NewStorableRoleFromRole(role))
-}
-
-func (provider *provider) GetOrCreate(ctx context.Context, orgID valuer.UUID, role *roletypes.Role) (*roletypes.Role, error) {
-	_, err := provider.licensing.GetActive(ctx, orgID)
-	if err != nil {
-		return nil, errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
-	}
-
-	existingRole, err := provider.store.GetByOrgIDAndName(ctx, role.OrgID, role.Name)
-	if err != nil {
-		if !errors.Ast(err, errors.TypeNotFound) {
-			return nil, err
-		}
-	}
-
-	if existingRole != nil {
-		return roletypes.NewRoleFromStorableRole(existingRole), nil
-	}
-
-	err = provider.store.Create(ctx, roletypes.NewStorableRoleFromRole(role))
-	if err != nil {
-		return nil, err
-	}
-
-	return role, nil
-}
-
-func (provider *provider) GetResources(_ context.Context) []*authtypes.Resource {
-	typeables := make([]authtypes.Typeable, 0)
-	for _, register := range provider.registry {
-		typeables = append(typeables, register.MustGetTypeables()...)
-	}
-	// role module cannot self register itself!
-	typeables = append(typeables, provider.MustGetTypeables()...)
-
-	resources := make([]*authtypes.Resource, 0)
-	for _, typeable := range typeables {
-		resources = append(resources, &authtypes.Resource{Name: typeable.Name(), Type: typeable.Type()})
-	}
-
-	return resources
-}
-
-func (provider *provider) GetObjects(ctx context.Context, orgID valuer.UUID, id valuer.UUID, relation authtypes.Relation) ([]*authtypes.Object, error) {
-	storableRole, err := provider.store.Get(ctx, orgID, id)
-	if err != nil {
-		return nil, err
-	}
-
-	objects := make([]*authtypes.Object, 0)
-	for _, resource := range provider.GetResources(ctx) {
-		if slices.Contains(authtypes.TypeableRelations[resource.Type], relation) {
-			resourceObjects, err := provider.
-				ListObjects(
-					ctx,
-					authtypes.MustNewSubject(authtypes.TypeableRole, storableRole.ID.String(), orgID, &authtypes.RelationAssignee),
-					relation,
-					authtypes.MustNewTypeableFromType(resource.Type, resource.Name),
-				)
-			if err != nil {
-				return nil, err
-			}
-
-			objects = append(objects, resourceObjects...)
-		}
-	}
-
-	return objects, nil
-}
-
-func (provider *provider) Patch(ctx context.Context, orgID valuer.UUID, role *roletypes.Role) error {
-	_, err := provider.licensing.GetActive(ctx, orgID)
-	if err != nil {
-		return errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
-	}
-
-	return provider.store.Update(ctx, orgID, roletypes.NewStorableRoleFromRole(role))
-}
-
-func (provider *provider) PatchObjects(ctx context.Context, orgID valuer.UUID, name string, relation authtypes.Relation, additions, deletions []*authtypes.Object) error {
-	_, err := provider.licensing.GetActive(ctx, orgID)
-	if err != nil {
-		return errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
-	}
-
-	additionTuples, err := roletypes.GetAdditionTuples(name, orgID, relation, additions)
+func (provider *provider) CheckWithTupleCreation(ctx context.Context, claims authtypes.Claims, orgID valuer.UUID, relation authtypes.Relation, typeable authtypes.Typeable, selectors []authtypes.Selector, _ []authtypes.Selector) error {
+	subject, err := authtypes.NewSubject(authtypes.TypeableUser, claims.UserID, orgID, nil)
 	if err != nil {
 		return err
 	}
 
-	deletionTuples, err := roletypes.GetDeletionTuples(name, orgID, relation, deletions)
+	tuples, err := typeable.Tuples(subject, relation, selectors, orgID)
 	if err != nil {
 		return err
 	}
 
-	err = provider.Write(ctx, additionTuples, deletionTuples)
+	err = provider.BatchCheck(ctx, tuples)
 	if err != nil {
 		return err
 	}
@@ -246,95 +66,33 @@ func (provider *provider) PatchObjects(ctx context.Context, orgID valuer.UUID, n
 	return nil
 }
 
-func (provider *provider) Delete(ctx context.Context, orgID valuer.UUID, id valuer.UUID) error {
-	_, err := provider.licensing.GetActive(ctx, orgID)
-	if err != nil {
-		return errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
-	}
-
-	storableRole, err := provider.store.Get(ctx, orgID, id)
+func (provider *provider) CheckWithTupleCreationWithoutClaims(ctx context.Context, orgID valuer.UUID, relation authtypes.Relation, typeable authtypes.Typeable, selectors []authtypes.Selector, _ []authtypes.Selector) error {
+	subject, err := authtypes.NewSubject(authtypes.TypeableAnonymous, authtypes.AnonymousUser.String(), orgID, nil)
 	if err != nil {
 		return err
 	}
 
-	role := roletypes.NewRoleFromStorableRole(storableRole)
-	err = role.CanEditDelete()
+	tuples, err := typeable.Tuples(subject, relation, selectors, orgID)
 	if err != nil {
 		return err
 	}
 
-	return provider.store.Delete(ctx, orgID, id)
-}
-
-func (provider *provider) MustGetTypeables() []authtypes.Typeable {
-	return []authtypes.Typeable{authtypes.TypeableRole, roletypes.TypeableResourcesRoles}
-}
-
-func (provider *provider) getManagedRoleGrantTuples(orgID valuer.UUID, userID valuer.UUID) ([]*openfgav1.TupleKey, error) {
-	tuples := []*openfgav1.TupleKey{}
-
-	// Grant the admin role to the user
-	adminSubject := authtypes.MustNewSubject(authtypes.TypeableUser, userID.String(), orgID, nil)
-	adminTuple, err := authtypes.TypeableRole.Tuples(
-		adminSubject,
-		authtypes.RelationAssignee,
-		[]authtypes.Selector{
-			authtypes.MustNewSelector(authtypes.TypeRole, roletypes.SigNozAdminRoleName),
-		},
-		orgID,
-	)
+	err = provider.BatchCheck(ctx, tuples)
 	if err != nil {
-		return nil, err
+		return err
 	}
-	tuples = append(tuples, adminTuple...)
 
-	// Grant the admin role to the anonymous user
-	anonymousSubject := authtypes.MustNewSubject(authtypes.TypeableAnonymous, authtypes.AnonymousUser.String(), orgID, nil)
-	anonymousTuple, err := authtypes.TypeableRole.Tuples(
-		anonymousSubject,
-		authtypes.RelationAssignee,
-		[]authtypes.Selector{
-			authtypes.MustNewSelector(authtypes.TypeRole, roletypes.SigNozAnonymousRoleName),
-		},
-		orgID,
-	)
-	if err != nil {
-		return nil, err
-	}
-	tuples = append(tuples, anonymousTuple...)
-
-	return tuples, nil
+	return nil
 }
 
-func (provider *provider) getManagedRoleTransactionTuples(orgID valuer.UUID) ([]*openfgav1.TupleKey, error) {
-	transactionsByRole := make(map[string][]*authtypes.Transaction)
-	for _, register := range provider.registry {
-		for roleName, txns := range register.MustGetManagedRoleTransactions() {
-			transactionsByRole[roleName] = append(transactionsByRole[roleName], txns...)
-		}
-	}
-
-	tuples := make([]*openfgav1.TupleKey, 0)
-	for roleName, transactions := range transactionsByRole {
-		for _, txn := range transactions {
-			typeable := authtypes.MustNewTypeableFromType(txn.Object.Resource.Type, txn.Object.Resource.Name)
-			txnTuples, err := typeable.Tuples(
-				authtypes.MustNewSubject(
-					authtypes.TypeableRole,
-					roleName,
-					orgID,
-					&authtypes.RelationAssignee,
-				),
-				txn.Relation,
-				[]authtypes.Selector{txn.Object.Selector},
-				orgID,
-			)
-			if err != nil {
-				return nil, err
-			}
-			tuples = append(tuples, txnTuples...)
-		}
-	}
-
-	return tuples, nil
+func (provider *provider) BatchCheck(ctx context.Context, tuples []*openfgav1.TupleKey) error {
+	return provider.pkgAuthzService.BatchCheck(ctx, tuples)
+}
+
+func (provider *provider) ListObjects(ctx context.Context, subject string, relation authtypes.Relation, typeable authtypes.Typeable) ([]*authtypes.Object, error) {
+	return provider.pkgAuthzService.ListObjects(ctx, subject, relation, typeable)
+}
+
+func (provider *provider) Write(ctx context.Context, additions []*openfgav1.TupleKey, deletions []*openfgav1.TupleKey) error {
+	return provider.pkgAuthzService.Write(ctx, additions, deletions)
 }

ee/authz/openfgaserver/server.go

@@ -1,83 +0,0 @@
-package openfgaserver
-
-import (
-	"context"
-
-	"github.com/SigNoz/signoz/pkg/authz"
-	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/valuer"
-	openfgav1 "github.com/openfga/api/proto/openfga/v1"
-)
-
-type Server struct {
-	pkgAuthzService authz.AuthZ
-}
-
-func NewOpenfgaServer(ctx context.Context, pkgAuthzService authz.AuthZ) (*Server, error) {
-
-	return &Server{
-		pkgAuthzService: pkgAuthzService,
-	}, nil
-}
-
-func (server *Server) Start(ctx context.Context) error {
-	return server.pkgAuthzService.Start(ctx)
-}
-
-func (server *Server) Stop(ctx context.Context) error {
-	return server.pkgAuthzService.Stop(ctx)
-}
-
-func (server *Server) Check(ctx context.Context, tuple *openfgav1.TupleKey) error {
-	return server.pkgAuthzService.Check(ctx, tuple)
-}
-
-func (server *Server) CheckWithTupleCreation(ctx context.Context, claims authtypes.Claims, orgID valuer.UUID, relation authtypes.Relation, typeable authtypes.Typeable, selectors []authtypes.Selector, _ []authtypes.Selector) error {
-	subject, err := authtypes.NewSubject(authtypes.TypeableUser, claims.UserID, orgID, nil)
-	if err != nil {
-		return err
-	}
-
-	tuples, err := typeable.Tuples(subject, relation, selectors, orgID)
-	if err != nil {
-		return err
-	}
-
-	err = server.BatchCheck(ctx, tuples)
-	if err != nil {
-		return err
-	}
-
-	return nil
-}
-
-func (server *Server) CheckWithTupleCreationWithoutClaims(ctx context.Context, orgID valuer.UUID, relation authtypes.Relation, typeable authtypes.Typeable, selectors []authtypes.Selector, _ []authtypes.Selector) error {
-	subject, err := authtypes.NewSubject(authtypes.TypeableAnonymous, authtypes.AnonymousUser.String(), orgID, nil)
-	if err != nil {
-		return err
-	}
-
-	tuples, err := typeable.Tuples(subject, relation, selectors, orgID)
-	if err != nil {
-		return err
-	}
-
-	err = server.BatchCheck(ctx, tuples)
-	if err != nil {
-		return err
-	}
-
-	return nil
-}
-
-func (server *Server) BatchCheck(ctx context.Context, tuples []*openfgav1.TupleKey) error {
-	return server.pkgAuthzService.BatchCheck(ctx, tuples)
-}
-
-func (server *Server) ListObjects(ctx context.Context, subject string, relation authtypes.Relation, typeable authtypes.Typeable) ([]*authtypes.Object, error) {
-	return server.pkgAuthzService.ListObjects(ctx, subject, relation, typeable)
-}
-
-func (server *Server) Write(ctx context.Context, additions []*openfgav1.TupleKey, deletions []*openfgav1.TupleKey) error {
-	return server.pkgAuthzService.Write(ctx, additions, deletions)
-}

ee/modules/dashboard/impldashboard/module.go

@@ -11,6 +11,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/modules/dashboard"
 	pkgimpldashboard "github.com/SigNoz/signoz/pkg/modules/dashboard/impldashboard"
 	"github.com/SigNoz/signoz/pkg/modules/organization"
+	"github.com/SigNoz/signoz/pkg/modules/role"
 	"github.com/SigNoz/signoz/pkg/querier"
 	"github.com/SigNoz/signoz/pkg/queryparser"
 	"github.com/SigNoz/signoz/pkg/types"
@@ -25,11 +26,13 @@ type module struct {
 	pkgDashboardModule dashboard.Module
 	store              dashboardtypes.Store
 	settings           factory.ScopedProviderSettings
+	roleSetter         role.Setter
+	granter            role.Granter
 	querier            querier.Querier
 	licensing          licensing.Licensing
 }
 
-func NewModule(store dashboardtypes.Store, settings factory.ProviderSettings, analytics analytics.Analytics, orgGetter organization.Getter, queryParser queryparser.QueryParser, querier querier.Querier, licensing licensing.Licensing) dashboard.Module {
+func NewModule(store dashboardtypes.Store, settings factory.ProviderSettings, analytics analytics.Analytics, orgGetter organization.Getter, roleSetter role.Setter, granter role.Granter, queryParser queryparser.QueryParser, querier querier.Querier, licensing licensing.Licensing) dashboard.Module {
 	scopedProviderSettings := factory.NewScopedProviderSettings(settings, "github.com/SigNoz/signoz/ee/modules/dashboard/impldashboard")
 	pkgDashboardModule := pkgimpldashboard.NewModule(store, settings, analytics, orgGetter, queryParser)
 
@@ -37,6 +40,8 @@ func NewModule(store dashboardtypes.Store, settings factory.ProviderSettings, an
 		pkgDashboardModule: pkgDashboardModule,
 		store:              store,
 		settings:           scopedProviderSettings,
+		roleSetter:         roleSetter,
+		granter:            granter,
 		querier:            querier,
 		licensing:          licensing,
 	}
@@ -56,6 +61,29 @@ func (module *module) CreatePublic(ctx context.Context, orgID valuer.UUID, publi
 		return errors.Newf(errors.TypeAlreadyExists, dashboardtypes.ErrCodePublicDashboardAlreadyExists, "dashboard with id %s is already public", storablePublicDashboard.DashboardID)
 	}
 
+	role, err := module.roleSetter.GetOrCreate(ctx, orgID, roletypes.NewRole(roletypes.SigNozAnonymousRoleName, roletypes.SigNozAnonymousRoleDescription, roletypes.RoleTypeManaged, orgID))
+	if err != nil {
+		return err
+	}
+
+	err = module.granter.Grant(ctx, orgID, roletypes.SigNozAnonymousRoleName, authtypes.MustNewSubject(authtypes.TypeableAnonymous, authtypes.AnonymousUser.StringValue(), orgID, nil))
+	if err != nil {
+		return err
+	}
+
+	additionObject := authtypes.MustNewObject(
+		authtypes.Resource{
+			Name: dashboardtypes.TypeableMetaResourcePublicDashboard.Name(),
+			Type: authtypes.TypeMetaResource,
+		},
+		authtypes.MustNewSelector(authtypes.TypeMetaResource, publicDashboard.ID.String()),
+	)
+
+	err = module.roleSetter.PatchObjects(ctx, orgID, role.Name, authtypes.RelationRead, []*authtypes.Object{additionObject}, nil)
+	if err != nil {
+		return err
+	}
+
 	err = module.store.CreatePublic(ctx, dashboardtypes.NewStorablePublicDashboardFromPublicDashboard(publicDashboard))
 	if err != nil {
 		return err
@@ -100,7 +128,6 @@ func (module *module) GetPublicDashboardSelectorsAndOrg(ctx context.Context, id
 
 	return []authtypes.Selector{
 		authtypes.MustNewSelector(authtypes.TypeMetaResource, id.StringValue()),
-		authtypes.MustNewSelector(authtypes.TypeMetaResource, authtypes.WildCardSelectorString),
 	}, storableDashboard.OrgID, nil
 }
 
@@ -163,6 +190,29 @@ func (module *module) DeletePublic(ctx context.Context, orgID valuer.UUID, dashb
 		return errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
 	}
 
+	publicDashboard, err := module.GetPublic(ctx, orgID, dashboardID)
+	if err != nil {
+		return err
+	}
+
+	role, err := module.roleSetter.GetOrCreate(ctx, orgID, roletypes.NewRole(roletypes.SigNozAnonymousRoleName, roletypes.SigNozAnonymousRoleDescription, roletypes.RoleTypeManaged, orgID))
+	if err != nil {
+		return err
+	}
+
+	deletionObject := authtypes.MustNewObject(
+		authtypes.Resource{
+			Name: dashboardtypes.TypeableMetaResourcePublicDashboard.Name(),
+			Type: authtypes.TypeMetaResource,
+		},
+		authtypes.MustNewSelector(authtypes.TypeMetaResource, publicDashboard.ID.String()),
+	)
+
+	err = module.roleSetter.PatchObjects(ctx, orgID, role.Name, authtypes.RelationRead, nil, []*authtypes.Object{deletionObject})
+	if err != nil {
+		return err
+	}
+
 	err = module.store.DeletePublic(ctx, dashboardID.StringValue())
 	if err != nil {
 		return err
@@ -200,6 +250,10 @@ func (module *module) GetByMetricNames(ctx context.Context, orgID valuer.UUID, m
 	return module.pkgDashboardModule.GetByMetricNames(ctx, orgID, metricNames)
 }
 
+func (module *module) MustGetTypeables() []authtypes.Typeable {
+	return module.pkgDashboardModule.MustGetTypeables()
+}
+
 func (module *module) List(ctx context.Context, orgID valuer.UUID) ([]*dashboardtypes.Dashboard, error) {
 	return module.pkgDashboardModule.List(ctx, orgID)
 }
@@ -212,27 +266,34 @@ func (module *module) LockUnlock(ctx context.Context, orgID valuer.UUID, id valu
 	return module.pkgDashboardModule.LockUnlock(ctx, orgID, id, updatedBy, role, lock)
 }
 
-func (module *module) MustGetTypeables() []authtypes.Typeable {
-	return module.pkgDashboardModule.MustGetTypeables()
-}
-
-func (module *module) MustGetManagedRoleTransactions() map[string][]*authtypes.Transaction {
-	return map[string][]*authtypes.Transaction{
-		roletypes.SigNozAnonymousRoleName: {
-			{
-				Relation: authtypes.RelationRead,
-				Object: *authtypes.MustNewObject(
-					authtypes.Resource{
-						Type: authtypes.TypeMetaResource,
-						Name: dashboardtypes.TypeableMetaResourcePublicDashboard.Name(),
-					},
-					authtypes.MustNewSelector(authtypes.TypeMetaResource, "*"),
-				),
-			},
-		},
+func (module *module) deletePublic(ctx context.Context, orgID valuer.UUID, dashboardID valuer.UUID) error {
+	publicDashboard, err := module.store.GetPublic(ctx, dashboardID.String())
+	if err != nil {
+		return err
 	}
-}
 
-func (module *module) deletePublic(ctx context.Context, _ valuer.UUID, dashboardID valuer.UUID) error {
-	return module.store.DeletePublic(ctx, dashboardID.StringValue())
+	role, err := module.roleSetter.GetOrCreate(ctx, orgID, roletypes.NewRole(roletypes.SigNozAnonymousRoleName, roletypes.SigNozAnonymousRoleDescription, roletypes.RoleTypeManaged, orgID))
+	if err != nil {
+		return err
+	}
+
+	deletionObject := authtypes.MustNewObject(
+		authtypes.Resource{
+			Name: dashboardtypes.TypeableMetaResourcePublicDashboard.Name(),
+			Type: authtypes.TypeMetaResource,
+		},
+		authtypes.MustNewSelector(authtypes.TypeMetaResource, publicDashboard.ID.String()),
+	)
+
+	err = module.roleSetter.PatchObjects(ctx, orgID, role.Name, authtypes.RelationRead, nil, []*authtypes.Object{deletionObject})
+	if err != nil {
+		return err
+	}
+
+	err = module.store.DeletePublic(ctx, dashboardID.StringValue())
+	if err != nil {
+		return err
+	}
+
+	return nil
 }

ee/modules/role/implrole/setter.go

@@ -0,0 +1,165 @@
+package implrole
+
+import (
+	"context"
+	"slices"
+
+	"github.com/SigNoz/signoz/pkg/authz"
+	"github.com/SigNoz/signoz/pkg/errors"
+	"github.com/SigNoz/signoz/pkg/licensing"
+	"github.com/SigNoz/signoz/pkg/modules/role"
+	"github.com/SigNoz/signoz/pkg/types/authtypes"
+	"github.com/SigNoz/signoz/pkg/types/roletypes"
+	"github.com/SigNoz/signoz/pkg/valuer"
+)
+
+type setter struct {
+	store     roletypes.Store
+	authz     authz.AuthZ
+	licensing licensing.Licensing
+	registry  []role.RegisterTypeable
+}
+
+func NewSetter(store roletypes.Store, authz authz.AuthZ, licensing licensing.Licensing, registry []role.RegisterTypeable) role.Setter {
+	return &setter{
+		store:     store,
+		authz:     authz,
+		licensing: licensing,
+		registry:  registry,
+	}
+}
+
+func (setter *setter) Create(ctx context.Context, orgID valuer.UUID, role *roletypes.Role) error {
+	_, err := setter.licensing.GetActive(ctx, orgID)
+	if err != nil {
+		return errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
+	}
+
+	return setter.store.Create(ctx, roletypes.NewStorableRoleFromRole(role))
+}
+
+func (setter *setter) GetOrCreate(ctx context.Context, orgID valuer.UUID, role *roletypes.Role) (*roletypes.Role, error) {
+	_, err := setter.licensing.GetActive(ctx, orgID)
+	if err != nil {
+		return nil, errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
+	}
+
+	existingRole, err := setter.store.GetByOrgIDAndName(ctx, role.OrgID, role.Name)
+	if err != nil {
+		if !errors.Ast(err, errors.TypeNotFound) {
+			return nil, err
+		}
+	}
+
+	if existingRole != nil {
+		return roletypes.NewRoleFromStorableRole(existingRole), nil
+	}
+
+	err = setter.store.Create(ctx, roletypes.NewStorableRoleFromRole(role))
+	if err != nil {
+		return nil, err
+	}
+
+	return role, nil
+}
+
+func (setter *setter) GetResources(_ context.Context) []*authtypes.Resource {
+	typeables := make([]authtypes.Typeable, 0)
+	for _, register := range setter.registry {
+		typeables = append(typeables, register.MustGetTypeables()...)
+	}
+	// role module cannot self register itself!
+	typeables = append(typeables, setter.MustGetTypeables()...)
+
+	resources := make([]*authtypes.Resource, 0)
+	for _, typeable := range typeables {
+		resources = append(resources, &authtypes.Resource{Name: typeable.Name(), Type: typeable.Type()})
+	}
+
+	return resources
+}
+
+func (setter *setter) GetObjects(ctx context.Context, orgID valuer.UUID, id valuer.UUID, relation authtypes.Relation) ([]*authtypes.Object, error) {
+	storableRole, err := setter.store.Get(ctx, orgID, id)
+	if err != nil {
+		return nil, err
+	}
+
+	objects := make([]*authtypes.Object, 0)
+	for _, resource := range setter.GetResources(ctx) {
+		if slices.Contains(authtypes.TypeableRelations[resource.Type], relation) {
+			resourceObjects, err := setter.
+				authz.
+				ListObjects(
+					ctx,
+					authtypes.MustNewSubject(authtypes.TypeableRole, storableRole.ID.String(), orgID, &authtypes.RelationAssignee),
+					relation,
+					authtypes.MustNewTypeableFromType(resource.Type, resource.Name),
+				)
+			if err != nil {
+				return nil, err
+			}
+
+			objects = append(objects, resourceObjects...)
+		}
+	}
+
+	return objects, nil
+}
+
+func (setter *setter) Patch(ctx context.Context, orgID valuer.UUID, role *roletypes.Role) error {
+	_, err := setter.licensing.GetActive(ctx, orgID)
+	if err != nil {
+		return errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
+	}
+
+	return setter.store.Update(ctx, orgID, roletypes.NewStorableRoleFromRole(role))
+}
+
+func (setter *setter) PatchObjects(ctx context.Context, orgID valuer.UUID, name string, relation authtypes.Relation, additions, deletions []*authtypes.Object) error {
+	_, err := setter.licensing.GetActive(ctx, orgID)
+	if err != nil {
+		return errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
+	}
+
+	additionTuples, err := roletypes.GetAdditionTuples(name, orgID, relation, additions)
+	if err != nil {
+		return err
+	}
+
+	deletionTuples, err := roletypes.GetDeletionTuples(name, orgID, relation, deletions)
+	if err != nil {
+		return err
+	}
+
+	err = setter.authz.Write(ctx, additionTuples, deletionTuples)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (setter *setter) Delete(ctx context.Context, orgID valuer.UUID, id valuer.UUID) error {
+	_, err := setter.licensing.GetActive(ctx, orgID)
+	if err != nil {
+		return errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
+	}
+
+	storableRole, err := setter.store.Get(ctx, orgID, id)
+	if err != nil {
+		return err
+	}
+
+	role := roletypes.NewRoleFromStorableRole(storableRole)
+	err = role.CanEditDelete()
+	if err != nil {
+		return err
+	}
+
+	return setter.store.Delete(ctx, orgID, id)
+}
+
+func (setter *setter) MustGetTypeables() []authtypes.Typeable {
+	return []authtypes.Typeable{authtypes.TypeableRole, roletypes.TypeableResourcesRoles}
+}

ee/query-service/app/api/api.go

@@ -10,6 +10,7 @@ import (
 	"github.com/SigNoz/signoz/ee/query-service/usage"
 	"github.com/SigNoz/signoz/pkg/alertmanager"
 	"github.com/SigNoz/signoz/pkg/global"
+	"github.com/SigNoz/signoz/pkg/http/handler"
 	"github.com/SigNoz/signoz/pkg/http/middleware"
 	querierAPI "github.com/SigNoz/signoz/pkg/querier"
 	baseapp "github.com/SigNoz/signoz/pkg/query-service/app"
@@ -21,6 +22,8 @@ import (
 	rules "github.com/SigNoz/signoz/pkg/query-service/rules"
 	"github.com/SigNoz/signoz/pkg/queryparser"
 	"github.com/SigNoz/signoz/pkg/signoz"
+	"github.com/SigNoz/signoz/pkg/types/ctxtypes"
+	qbtypes "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
 	"github.com/SigNoz/signoz/pkg/version"
 	"github.com/gorilla/mux"
 )
@@ -106,7 +109,22 @@ func (ah *APIHandler) RegisterRoutes(router *mux.Router, am *middleware.AuthZ) {
 	router.HandleFunc("/api/v4/query_range", am.ViewAccess(ah.queryRangeV4)).Methods(http.MethodPost)
 
 	// v5
-	router.HandleFunc("/api/v5/query_range", am.ViewAccess(ah.queryRangeV5)).Methods(http.MethodPost)
+	router.Handle("/api/v5/query_range", handler.New(am.ViewAccess(ah.queryRangeV5), handler.OpenAPIDef{
+		ID:                 "QueryRangeV5",
+		Tags:               []string{"query"},
+		Summary:            "Query range",
+		Description:        "Execute a composite query over a time range. Supports builder queries (traces, logs, metrics), formulas, joins, trace operators, PromQL, and ClickHouse SQL.",
+		Request:            new(qbtypes.QueryRangeRequest),
+		RequestContentType: "application/json",
+		Response:           new(qbtypes.QueryRangeResponse),
+		ResponseContentType: "application/json",
+		SuccessStatusCode:  http.StatusOK,
+		ErrorStatusCodes:   []int{http.StatusBadRequest},
+		SecuritySchemes: []handler.OpenAPISecurityScheme{
+			{Name: ctxtypes.AuthTypeAPIKey.StringValue(), Scopes: []string{"VIEWER"}},
+			{Name: ctxtypes.AuthTypeTokenizer.StringValue(), Scopes: []string{"VIEWER"}},
+		},
+	})).Methods(http.MethodPost)
 
 	router.HandleFunc("/api/v5/substitute_vars", am.ViewAccess(ah.QuerierAPI.ReplaceVariables)).Methods(http.MethodPost)
 

ee/query-service/app/server.go

@@ -211,7 +211,7 @@ func (s Server) HealthCheckStatus() chan healthcheck.Status {
 
 func (s *Server) createPublicServer(apiHandler *api.APIHandler, web web.Web) (*http.Server, error) {
 	r := baseapp.NewRouter()
-	am := middleware.NewAuthZ(s.signoz.Instrumentation.Logger(), s.signoz.Modules.OrgGetter, s.signoz.Authz)
+	am := middleware.NewAuthZ(s.signoz.Instrumentation.Logger(), s.signoz.Modules.OrgGetter, s.signoz.Authz, s.signoz.Modules.RoleGetter)
 
 	r.Use(otelmux.Middleware(
 		"apiserver",

ee/query-service/rules/anomaly.go

@@ -15,7 +15,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/query-service/common"
 	"github.com/SigNoz/signoz/pkg/query-service/model"
 	"github.com/SigNoz/signoz/pkg/transition"
-	"github.com/SigNoz/signoz/pkg/types/ruletypes"
+	ruletypes "github.com/SigNoz/signoz/pkg/types/ruletypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 
 	querierV2 "github.com/SigNoz/signoz/pkg/query-service/app/querier/v2"
@@ -63,8 +63,6 @@ type AnomalyRule struct {
 	seasonality anomaly.Seasonality
 }
 
-var _ baserules.Rule = (*AnomalyRule)(nil)
-
 func NewAnomalyRule(
 	id string,
 	orgID valuer.UUID,
@@ -492,7 +490,7 @@ func (r *AnomalyRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 			continue
 		}
 
-		if a.State == model.StatePending && ts.Sub(a.ActiveAt) >= r.HoldDuration().Duration() {
+		if a.State == model.StatePending && ts.Sub(a.ActiveAt) >= r.HoldDuration() {
 			a.State = model.StateFiring
 			a.FiredAt = ts
 			state := model.StateFiring
@@ -555,7 +553,7 @@ func (r *AnomalyRule) String() string {
 	ar := ruletypes.PostableRule{
 		AlertName:         r.Name(),
 		RuleCondition:     r.Condition(),
-		EvalWindow:        r.EvalWindow(),
+		EvalWindow:        ruletypes.Duration(r.EvalWindow()),
 		Labels:            r.Labels().Map(),
 		Annotations:       r.Annotations().Map(),
 		PreferredChannels: r.PreferredChannels(),

ee/query-service/rules/anomaly_test.go

@@ -40,7 +40,7 @@ func TestAnomalyRule_NoData_AlertOnAbsent(t *testing.T) {
 	// Test basic AlertOnAbsent functionality (without AbsentFor grace period)
 
 	baseTime := time.Unix(1700000000, 0)
-	evalWindow := valuer.MustParseTextDuration("5m")
+	evalWindow := 5 * time.Minute
 	evalTime := baseTime.Add(5 * time.Minute)
 
 	target := 500.0
@@ -50,8 +50,8 @@ func TestAnomalyRule_NoData_AlertOnAbsent(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  RuleTypeAnomaly,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: evalWindow,
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(evalWindow),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompareOp: ruletypes.ValueIsAbove,
@@ -147,7 +147,7 @@ func TestAnomalyRule_NoData_AbsentFor(t *testing.T) {
 	// 3. Alert fires only if t2 - t1 > AbsentFor
 
 	baseTime := time.Unix(1700000000, 0)
-	evalWindow := valuer.MustParseTextDuration("5m")
+	evalWindow := 5 * time.Minute
 
 	// Set target higher than test data so regular threshold alerts don't fire
 	target := 500.0
@@ -157,8 +157,8 @@ func TestAnomalyRule_NoData_AbsentFor(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  RuleTypeAnomaly,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: evalWindow,
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(evalWindow),
+			Frequency:  ruletypes.Duration(time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompareOp:     ruletypes.ValueIsAbove,

ee/query-service/rules/manager.go

@@ -48,7 +48,7 @@ func PrepareTaskFunc(opts baserules.PrepareTaskOptions) (baserules.Task, error)
 		rules = append(rules, tr)
 
 		// create ch rule task for evaluation
-		task = newTask(baserules.TaskTypeCh, opts.TaskName, evaluation.GetFrequency().Duration(), rules, opts.ManagerOpts, opts.NotifyFunc, opts.MaintenanceStore, opts.OrgID)
+		task = newTask(baserules.TaskTypeCh, opts.TaskName, time.Duration(evaluation.GetFrequency()), rules, opts.ManagerOpts, opts.NotifyFunc, opts.MaintenanceStore, opts.OrgID)
 
 	} else if opts.Rule.RuleType == ruletypes.RuleTypeProm {
 
@@ -72,7 +72,7 @@ func PrepareTaskFunc(opts baserules.PrepareTaskOptions) (baserules.Task, error)
 		rules = append(rules, pr)
 
 		// create promql rule task for evaluation
-		task = newTask(baserules.TaskTypeProm, opts.TaskName, evaluation.GetFrequency().Duration(), rules, opts.ManagerOpts, opts.NotifyFunc, opts.MaintenanceStore, opts.OrgID)
+		task = newTask(baserules.TaskTypeProm, opts.TaskName, time.Duration(evaluation.GetFrequency()), rules, opts.ManagerOpts, opts.NotifyFunc, opts.MaintenanceStore, opts.OrgID)
 
 	} else if opts.Rule.RuleType == ruletypes.RuleTypeAnomaly {
 		// create anomaly rule
@@ -96,7 +96,7 @@ func PrepareTaskFunc(opts baserules.PrepareTaskOptions) (baserules.Task, error)
 		rules = append(rules, ar)
 
 		// create anomaly rule task for evaluation
-		task = newTask(baserules.TaskTypeCh, opts.TaskName, evaluation.GetFrequency().Duration(), rules, opts.ManagerOpts, opts.NotifyFunc, opts.MaintenanceStore, opts.OrgID)
+		task = newTask(baserules.TaskTypeCh, opts.TaskName, time.Duration(evaluation.GetFrequency()), rules, opts.ManagerOpts, opts.NotifyFunc, opts.MaintenanceStore, opts.OrgID)
 
 	} else {
 		return nil, fmt.Errorf("unsupported rule type %s. Supported types: %s, %s", opts.Rule.RuleType, ruletypes.RuleTypeProm, ruletypes.RuleTypeThreshold)
@@ -213,7 +213,8 @@ func TestNotification(opts baserules.PrepareTestRuleOptions) (int, *basemodel.Ap
 	return alertsFound, nil
 }
 
-// newTask returns an appropriate group for the rule type
+// newTask returns an appropriate group for
+// rule type
 func newTask(taskType baserules.TaskType, name string, frequency time.Duration, rules []baserules.Rule, opts *baserules.ManagerOptions, notify baserules.NotifyFunc, maintenanceStore ruletypes.MaintenanceStore, orgID valuer.UUID) baserules.Task {
 	if taskType == baserules.TaskTypeCh {
 		return baserules.NewRuleTask(name, "", frequency, rules, opts, notify, maintenanceStore, orgID)

frontend/src/components/NewSelect/CustomMultiSelect.tsx

@@ -140,7 +140,10 @@ const CustomMultiSelect: React.FC<CustomMultiSelectProps> = ({
 	}, [selectedValues, allAvailableValues, enableAllSelection]);
 
 	// Define allOptionShown earlier in the code
-	const allOptionShown = value === ALL_SELECTED_VALUE;
+	const allOptionShown = useMemo(
+		() => value === ALL_SELECTED_VALUE || value === 'ALL',
+		[value],
+	);
 
 	// Value passed to the underlying Ant Select component
 	const displayValue = useMemo(

frontend/src/container/DashboardContainer/DashboardSettings/DashboardVariableSettings/VariableItem/VariableItem.tsx

@@ -18,8 +18,8 @@ import { useWidgetsByDynamicVariableId } from 'hooks/dashboard/useWidgetsByDynam
 import { getWidgetsHavingDynamicVariableAttribute } from 'hooks/dashboard/utils';
 import { useGetFieldValues } from 'hooks/dynamicVariables/useGetFieldValues';
 import { useIsDarkMode } from 'hooks/useDarkMode';
-import { commaValuesParser } from 'lib/dashboardVariables/customCommaValuesParser';
-import sortValues from 'lib/dashboardVariables/sortVariableValues';
+import { commaValuesParser } from 'lib/dashbaordVariables/customCommaValuesParser';
+import sortValues from 'lib/dashbaordVariables/sortVariableValues';
 import { isEmpty, map } from 'lodash-es';
 import {
 	ArrowLeft,

frontend/src/container/DashboardContainer/DashboardVariablesSelection/CustomVariableInput.tsx

@@ -1,11 +1,10 @@
-import { memo, useEffect, useMemo } from 'react';
-import { commaValuesParser } from 'lib/dashboardVariables/customCommaValuesParser';
-import sortValues from 'lib/dashboardVariables/sortVariableValues';
+import { memo, useMemo } from 'react';
+import { commaValuesParser } from 'lib/dashbaordVariables/customCommaValuesParser';
+import sortValues from 'lib/dashbaordVariables/sortVariableValues';
 
 import SelectVariableInput from './SelectVariableInput';
 import { useDashboardVariableSelectHelper } from './useDashboardVariableSelectHelper';
 import { VariableItemProps } from './VariableItem';
-import { customVariableSelectStrategy } from './variableSelectStrategy/customVariableSelectStrategy';
 
 type CustomVariableInputProps = Pick<
 	VariableItemProps,
@@ -30,31 +29,16 @@ function CustomVariableInput({
 		onChange,
 		onDropdownVisibleChange,
 		handleClear,
-		applyDefaultIfNeeded,
 	} = useDashboardVariableSelectHelper({
 		variableData,
 		optionsData,
 		onValueUpdate,
-		strategy: customVariableSelectStrategy,
 	});
 
-	// Apply default on mount — options are available synchronously for custom variables
-	// eslint-disable-next-line react-hooks/exhaustive-deps
-	useEffect(applyDefaultIfNeeded, []);
-
-	const selectOptions = useMemo(
-		() =>
-			optionsData.map((option) => ({
-				label: option.toString(),
-				value: option.toString(),
-			})),
-		[optionsData],
-	);
-
 	return (
 		<SelectVariableInput
 			variableId={variableData.id}
-			options={selectOptions}
+			options={optionsData}
 			value={value}
 			onChange={onChange}
 			onDropdownVisibleChange={onDropdownVisibleChange}

frontend/src/container/DashboardContainer/DashboardVariablesSelection/DashboardVariableSelection.tsx

@@ -13,6 +13,7 @@ import { AppState } from 'store/reducers';
 import { IDashboardVariable } from 'types/api/dashboard/getAll';
 import { GlobalReducer } from 'types/reducer/globalTime';
 
+import DynamicVariableSelection from './DynamicVariableSelection';
 import { onUpdateVariableNode } from './util';
 import VariableItem from './VariableItem';
 
@@ -152,7 +153,14 @@ function DashboardVariableSelection(): JSX.Element | null {
 			{sortedVariablesArray.map((variable) => {
 				const key = `${variable.name}${variable.id}${variable.order}`;
 
-				return (
+				return variable.type === 'DYNAMIC' ? (
+					<DynamicVariableSelection
+						key={key}
+						existingVariables={dashboardVariables}
+						variableData={variable}
+						onValueUpdate={onValueUpdate}
+					/>
+				) : (
 					<VariableItem
 						key={key}
 						existingVariables={dashboardVariables}

frontend/src/container/DashboardContainer/DashboardVariablesSelection/DynamicVariableInput.tsx

@@ -1,343 +0,0 @@
-import { memo, useCallback, useMemo, useState } from 'react';
-import { useQuery } from 'react-query';
-import { useSelector } from 'react-redux';
-import { getFieldValues } from 'api/dynamicVariables/getFieldValues';
-import { SOMETHING_WENT_WRONG } from 'constants/api';
-import { DEBOUNCE_DELAY } from 'constants/queryBuilderFilterConfig';
-import { REACT_QUERY_KEY } from 'constants/reactQueryKeys';
-import useDebounce from 'hooks/useDebounce';
-import { isEmpty } from 'lodash-es';
-import { AppState } from 'store/reducers';
-import { GlobalReducer } from 'types/reducer/globalTime';
-import { isRetryableError as checkIfRetryableError } from 'utils/errorUtils';
-
-import SelectVariableInput from './SelectVariableInput';
-import { useDashboardVariableSelectHelper } from './useDashboardVariableSelectHelper';
-import { getOptionsForDynamicVariable } from './util';
-import { VariableItemProps } from './VariableItem';
-import { dynamicVariableSelectStrategy } from './variableSelectStrategy/dynamicVariableSelectStrategy';
-
-import './DashboardVariableSelection.styles.scss';
-
-type DynamicVariableInputProps = Pick<
-	VariableItemProps,
-	'variableData' | 'onValueUpdate' | 'existingVariables'
->;
-
-// eslint-disable-next-line sonarjs/cognitive-complexity
-function DynamicVariableInput({
-	variableData,
-	onValueUpdate,
-	existingVariables,
-}: DynamicVariableInputProps): JSX.Element {
-	const [optionsData, setOptionsData] = useState<(string | number | boolean)[]>(
-		[],
-	);
-
-	const [errorMessage, setErrorMessage] = useState<null | string>(null);
-	const [isRetryableError, setIsRetryableError] = useState<boolean>(true);
-
-	const [isComplete, setIsComplete] = useState<boolean>(false);
-
-	const [filteredOptionsData, setFilteredOptionsData] = useState<
-		(string | number | boolean)[]
-	>([]);
-
-	const [relatedValues, setRelatedValues] = useState<string[]>([]);
-	const [originalRelatedValues, setOriginalRelatedValues] = useState<string[]>(
-		[],
-	);
-
-	// Track dropdown open state for auto-checking new values
-	const [isDropdownOpen, setIsDropdownOpen] = useState<boolean>(false);
-
-	const [apiSearchText, setApiSearchText] = useState<string>('');
-
-	const debouncedApiSearchText = useDebounce(apiSearchText, DEBOUNCE_DELAY);
-
-	// Build a memoized list of all currently available option strings (normalized + related)
-	const allAvailableOptionStrings = useMemo(
-		() => [
-			...new Set([
-				...optionsData.map((v) => v.toString()),
-				...relatedValues.map((v) => v.toString()),
-			]),
-		],
-		[optionsData, relatedValues],
-	);
-
-	const {
-		value,
-		tempSelection,
-		setTempSelection,
-		handleClear,
-		enableSelectAll,
-		defaultValue,
-		applyDefaultIfNeeded,
-		onChange,
-		onDropdownVisibleChange,
-	} = useDashboardVariableSelectHelper({
-		variableData,
-		optionsData,
-		onValueUpdate,
-		strategy: dynamicVariableSelectStrategy,
-		allAvailableOptionStrings,
-	});
-
-	// Create a dependency key from all dynamic variables
-	const dynamicVariablesKey = useMemo(() => {
-		if (!existingVariables) {
-			return 'no_variables';
-		}
-
-		const dynamicVars = Object.values(existingVariables)
-			.filter((v) => v.type === 'DYNAMIC')
-			.map(
-				(v) => `${v.name || 'unnamed'}:${JSON.stringify(v.selectedValue || null)}`,
-			)
-			.join('|');
-
-		return dynamicVars || 'no_dynamic_variables';
-	}, [existingVariables]);
-
-	const { maxTime, minTime } = useSelector<AppState, GlobalReducer>(
-		(state) => state.globalTime,
-	);
-
-	// existing query is the query made from the other dynamic variables around this one with there current values
-	// for e.g. k8s.namespace.name IN ["zeus", "gene"] AND doc_op_type IN ["test"]
-	// eslint-disable-next-line sonarjs/cognitive-complexity
-	const existingQuery = useMemo(() => {
-		if (!existingVariables || !variableData.dynamicVariablesAttribute) {
-			return '';
-		}
-
-		const queryParts: string[] = [];
-
-		Object.entries(existingVariables).forEach(([, variable]) => {
-			// Skip the current variable being processed
-			if (variable.id === variableData.id) {
-				return;
-			}
-
-			// Only include dynamic variables that have selected values and are not selected as ALL
-			if (
-				variable.type === 'DYNAMIC' &&
-				variable.dynamicVariablesAttribute &&
-				variable.selectedValue &&
-				!isEmpty(variable.selectedValue) &&
-				(variable.showALLOption ? !variable.allSelected : true)
-			) {
-				const attribute = variable.dynamicVariablesAttribute;
-				const values = Array.isArray(variable.selectedValue)
-					? variable.selectedValue
-					: [variable.selectedValue];
-
-				// Filter out empty values and convert to strings
-				const validValues = values
-					.filter((val) => val !== null && val !== undefined && val !== '')
-					.map((val) => val.toString());
-
-				if (validValues.length > 0) {
-					// Format values for query - wrap strings in quotes, keep numbers as is
-					const formattedValues = validValues.map((val) => {
-						// Check if value is a number
-						const numValue = Number(val);
-						if (!Number.isNaN(numValue) && Number.isFinite(numValue)) {
-							return val; // Keep as number
-						}
-						// Escape single quotes and wrap in quotes
-						return `'${val.replace(/'/g, "\\'")}'`;
-					});
-
-					if (formattedValues.length === 1) {
-						queryParts.push(`${attribute} = ${formattedValues[0]}`);
-					} else {
-						queryParts.push(`${attribute} IN [${formattedValues.join(', ')}]`);
-					}
-				}
-			}
-		});
-
-		return queryParts.join(' AND ');
-	}, [
-		existingVariables,
-		variableData.id,
-		variableData.dynamicVariablesAttribute,
-	]);
-
-	// Wrap the hook's onDropdownVisibleChange to also track isDropdownOpen and handle cleanup
-	const handleSelectDropdownVisibilityChange = useCallback(
-		(visible: boolean): void => {
-			setIsDropdownOpen(visible);
-
-			onDropdownVisibleChange(visible);
-
-			if (!visible) {
-				setFilteredOptionsData(optionsData);
-				setRelatedValues(originalRelatedValues);
-				setApiSearchText('');
-			}
-		},
-		[onDropdownVisibleChange, optionsData, originalRelatedValues],
-	);
-
-	const { isLoading, refetch } = useQuery(
-		[
-			REACT_QUERY_KEY.DASHBOARD_BY_ID,
-			variableData.name || `variable_${variableData.id}`,
-			dynamicVariablesKey,
-			minTime,
-			maxTime,
-			debouncedApiSearchText,
-			variableData.dynamicVariablesSource,
-			variableData.dynamicVariablesAttribute,
-		],
-		{
-			enabled:
-				variableData.type === 'DYNAMIC' &&
-				!!variableData.dynamicVariablesSource &&
-				!!variableData.dynamicVariablesAttribute,
-			queryFn: () =>
-				getFieldValues(
-					variableData.dynamicVariablesSource?.toLowerCase() === 'all telemetry'
-						? undefined
-						: (variableData.dynamicVariablesSource?.toLowerCase() as
-								| 'traces'
-								| 'logs'
-								| 'metrics'),
-					variableData.dynamicVariablesAttribute,
-					debouncedApiSearchText,
-					minTime,
-					maxTime,
-					existingQuery,
-				),
-			onSuccess: (data) => {
-				const newNormalizedValues = data.data?.normalizedValues || [];
-				const newRelatedValues = data.data?.relatedValues || [];
-
-				if (!debouncedApiSearchText) {
-					setOptionsData(newNormalizedValues);
-					setIsComplete(data.data?.complete || false);
-				}
-				setFilteredOptionsData(newNormalizedValues);
-				setRelatedValues(newRelatedValues);
-				setOriginalRelatedValues(newRelatedValues);
-
-				// Only run auto-check logic when necessary to avoid performance issues
-				if (variableData.allSelected && isDropdownOpen) {
-					// Build the latest full list from API (normalized + related)
-					const latestValues = [
-						...new Set([
-							...newNormalizedValues.map((v) => v.toString()),
-							...newRelatedValues.map((v) => v.toString()),
-						]),
-					];
-
-					// Update temp selection to exactly reflect latest API values when ALL is active
-					const currentStrings = Array.isArray(tempSelection)
-						? tempSelection.map((v) => v.toString())
-						: tempSelection
-						? [tempSelection.toString()]
-						: [];
-					const areSame =
-						currentStrings.length === latestValues.length &&
-						latestValues.every((v) => currentStrings.includes(v));
-					if (!areSame) {
-						setTempSelection(latestValues);
-					}
-				}
-
-				// Apply default if no value is selected (e.g., new variable, first load)
-				if (!debouncedApiSearchText) {
-					const allNewOptions = [
-						...new Set([
-							...newNormalizedValues.map((v) => v.toString()),
-							...newRelatedValues.map((v) => v.toString()),
-						]),
-					];
-					applyDefaultIfNeeded(allNewOptions);
-				}
-			},
-			onError: (error: any) => {
-				if (error) {
-					let message = SOMETHING_WENT_WRONG;
-					if (error?.message) {
-						message = error?.message;
-					} else {
-						message =
-							'Please make sure configuration is valid and you have required setup and permissions';
-					}
-					setErrorMessage(message);
-
-					// Check if error is retryable (5xx) or not (4xx)
-					const isRetryable = checkIfRetryableError(error);
-					setIsRetryableError(isRetryable);
-				}
-			},
-		},
-	);
-
-	const handleRetry = useCallback((): void => {
-		setErrorMessage(null);
-		setIsRetryableError(true);
-		refetch();
-	}, [refetch]);
-
-	const handleSearch = useCallback(
-		(text: string) => {
-			if (isComplete) {
-				if (!text) {
-					setFilteredOptionsData(optionsData);
-					setRelatedValues(originalRelatedValues);
-					return;
-				}
-
-				const lowerText = text.toLowerCase();
-				setFilteredOptionsData(
-					optionsData.filter((option) =>
-						option.toString().toLowerCase().includes(lowerText),
-					),
-				);
-				setRelatedValues(
-					originalRelatedValues.filter((val) =>
-						val.toLowerCase().includes(lowerText),
-					),
-				);
-			} else {
-				setApiSearchText(text);
-			}
-		},
-		[isComplete, optionsData, originalRelatedValues],
-	);
-
-	const selectOptions = useMemo(
-		() =>
-			getOptionsForDynamicVariable(filteredOptionsData || [], relatedValues || []),
-		[filteredOptionsData, relatedValues],
-	);
-
-	return (
-		<SelectVariableInput
-			variableId={variableData.id}
-			options={selectOptions}
-			value={value}
-			onChange={onChange}
-			onDropdownVisibleChange={handleSelectDropdownVisibilityChange}
-			onClear={handleClear}
-			enableSelectAll={enableSelectAll}
-			defaultValue={defaultValue}
-			isMultiSelect={variableData.multiSelect}
-			// dynamic variable specific + API related props
-			loading={isLoading}
-			errorMessage={errorMessage}
-			onRetry={handleRetry}
-			isDynamicVariable
-			showRetryButton={isRetryableError}
-			showIncompleteDataMessage={!isComplete && filteredOptionsData.length > 0}
-			onSearch={handleSearch}
-		/>
-	);
-}
-
-export default memo(DynamicVariableInput);

frontend/src/container/DashboardContainer/DashboardVariablesSelection/DynamicVariableSelection.tsx

@@ -0,0 +1,602 @@
+/* eslint-disable sonarjs/cognitive-complexity */
+/* eslint-disable no-nested-ternary */
+import { useCallback, useEffect, useMemo, useState } from 'react';
+import { useQuery } from 'react-query';
+import { useSelector } from 'react-redux';
+import { InfoCircleOutlined } from '@ant-design/icons';
+import { Tooltip, Typography } from 'antd';
+import { getFieldValues } from 'api/dynamicVariables/getFieldValues';
+import { CustomMultiSelect, CustomSelect } from 'components/NewSelect';
+import { SOMETHING_WENT_WRONG } from 'constants/api';
+import { DEBOUNCE_DELAY } from 'constants/queryBuilderFilterConfig';
+import { REACT_QUERY_KEY } from 'constants/reactQueryKeys';
+import useDebounce from 'hooks/useDebounce';
+import { isEmpty, isUndefined } from 'lodash-es';
+import { AppState } from 'store/reducers';
+import { IDashboardVariable } from 'types/api/dashboard/getAll';
+import { GlobalReducer } from 'types/reducer/globalTime';
+import { isRetryableError as checkIfRetryableError } from 'utils/errorUtils';
+import { popupContainer } from 'utils/selectPopupContainer';
+
+import { ALL_SELECT_VALUE } from '../utils';
+import { SelectItemStyle } from './styles';
+import {
+	areArraysEqual,
+	getOptionsForDynamicVariable,
+	getSelectValue,
+	uniqueValues,
+} from './util';
+
+import './DashboardVariableSelection.styles.scss';
+
+interface DynamicVariableSelectionProps {
+	variableData: IDashboardVariable;
+	existingVariables: Record<string, IDashboardVariable>;
+	onValueUpdate: (
+		name: string,
+		id: string,
+		arg1: IDashboardVariable['selectedValue'],
+		allSelected: boolean,
+		haveCustomValuesSelected?: boolean,
+	) => void;
+}
+
+function DynamicVariableSelection({
+	variableData,
+	onValueUpdate,
+	existingVariables,
+}: DynamicVariableSelectionProps): JSX.Element {
+	const [optionsData, setOptionsData] = useState<(string | number | boolean)[]>(
+		[],
+	);
+
+	const [errorMessage, setErrorMessage] = useState<null | string>(null);
+	const [isRetryableError, setIsRetryableError] = useState<boolean>(true);
+
+	const [isComplete, setIsComplete] = useState<boolean>(false);
+
+	const [filteredOptionsData, setFilteredOptionsData] = useState<
+		(string | number | boolean)[]
+	>([]);
+
+	const [relatedValues, setRelatedValues] = useState<string[]>([]);
+	const [originalRelatedValues, setOriginalRelatedValues] = useState<string[]>(
+		[],
+	);
+
+	const [tempSelection, setTempSelection] = useState<
+		string | string[] | undefined
+	>(undefined);
+
+	// Track dropdown open state for auto-checking new values
+	const [isDropdownOpen, setIsDropdownOpen] = useState<boolean>(false);
+
+	// Create a dependency key from all dynamic variables
+	const dynamicVariablesKey = useMemo(() => {
+		if (!existingVariables) {
+			return 'no_variables';
+		}
+
+		const dynamicVars = Object.values(existingVariables)
+			.filter((v) => v.type === 'DYNAMIC')
+			.map(
+				(v) => `${v.name || 'unnamed'}:${JSON.stringify(v.selectedValue || null)}`,
+			)
+			.join('|');
+
+		return dynamicVars || 'no_dynamic_variables';
+	}, [existingVariables]);
+
+	const [apiSearchText, setApiSearchText] = useState<string>('');
+
+	const debouncedApiSearchText = useDebounce(apiSearchText, DEBOUNCE_DELAY);
+
+	const { maxTime, minTime } = useSelector<AppState, GlobalReducer>(
+		(state) => state.globalTime,
+	);
+
+	// existing query is the query made from the other dynamic variables around this one with there current values
+	// for e.g. k8s.namespace.name IN ["zeus", "gene"] AND doc_op_type IN ["test"]
+	const existingQuery = useMemo(() => {
+		if (!existingVariables || !variableData.dynamicVariablesAttribute) {
+			return '';
+		}
+
+		const queryParts: string[] = [];
+
+		Object.entries(existingVariables).forEach(([, variable]) => {
+			// Skip the current variable being processed
+			if (variable.id === variableData.id) {
+				return;
+			}
+
+			// Only include dynamic variables that have selected values and are not selected as ALL
+			if (
+				variable.type === 'DYNAMIC' &&
+				variable.dynamicVariablesAttribute &&
+				variable.selectedValue &&
+				!isEmpty(variable.selectedValue) &&
+				(variable.showALLOption ? !variable.allSelected : true)
+			) {
+				const attribute = variable.dynamicVariablesAttribute;
+				const values = Array.isArray(variable.selectedValue)
+					? variable.selectedValue
+					: [variable.selectedValue];
+
+				// Filter out empty values and convert to strings
+				const validValues = values
+					.filter((value) => value !== null && value !== undefined && value !== '')
+					.map((value) => value.toString());
+
+				if (validValues.length > 0) {
+					// Format values for query - wrap strings in quotes, keep numbers as is
+					const formattedValues = validValues.map((value) => {
+						// Check if value is a number
+						const numValue = Number(value);
+						if (!Number.isNaN(numValue) && Number.isFinite(numValue)) {
+							return value; // Keep as number
+						}
+						// Escape single quotes and wrap in quotes
+						return `'${value.replace(/'/g, "\\'")}'`;
+					});
+
+					if (formattedValues.length === 1) {
+						queryParts.push(`${attribute} = ${formattedValues[0]}`);
+					} else {
+						queryParts.push(`${attribute} IN [${formattedValues.join(', ')}]`);
+					}
+				}
+			}
+		});
+
+		return queryParts.join(' AND ');
+	}, [
+		existingVariables,
+		variableData.id,
+		variableData.dynamicVariablesAttribute,
+	]);
+
+	const { isLoading, refetch } = useQuery(
+		[
+			REACT_QUERY_KEY.DASHBOARD_BY_ID,
+			variableData.name || `variable_${variableData.id}`,
+			dynamicVariablesKey,
+			minTime,
+			maxTime,
+			debouncedApiSearchText,
+		],
+		{
+			enabled: variableData.type === 'DYNAMIC',
+			queryFn: () =>
+				getFieldValues(
+					variableData.dynamicVariablesSource?.toLowerCase() === 'all telemetry'
+						? undefined
+						: (variableData.dynamicVariablesSource?.toLowerCase() as
+								| 'traces'
+								| 'logs'
+								| 'metrics'),
+					variableData.dynamicVariablesAttribute,
+					debouncedApiSearchText,
+					minTime,
+					maxTime,
+					existingQuery,
+				),
+			onSuccess: (data) => {
+				const newNormalizedValues = data.data?.normalizedValues || [];
+				const newRelatedValues = data.data?.relatedValues || [];
+
+				if (!debouncedApiSearchText) {
+					setOptionsData(newNormalizedValues);
+					setIsComplete(data.data?.complete || false);
+				}
+				setFilteredOptionsData(newNormalizedValues);
+				setRelatedValues(newRelatedValues);
+				setOriginalRelatedValues(newRelatedValues);
+
+				// Only run auto-check logic when necessary to avoid performance issues
+				if (variableData.allSelected && isDropdownOpen) {
+					// Build the latest full list from API (normalized + related)
+					const latestValues = [
+						...new Set([
+							...newNormalizedValues.map((v) => v.toString()),
+							...newRelatedValues.map((v) => v.toString()),
+						]),
+					];
+
+					// Update temp selection to exactly reflect latest API values when ALL is active
+					const currentStrings = Array.isArray(tempSelection)
+						? tempSelection.map((v) => v.toString())
+						: tempSelection
+						? [tempSelection.toString()]
+						: [];
+					const areSame =
+						currentStrings.length === latestValues.length &&
+						latestValues.every((v) => currentStrings.includes(v));
+					if (!areSame) {
+						setTempSelection(latestValues);
+					}
+				}
+			},
+			onError: (error: any) => {
+				if (error) {
+					let message = SOMETHING_WENT_WRONG;
+					if (error?.message) {
+						message = error?.message;
+					} else {
+						message =
+							'Please make sure configuration is valid and you have required setup and permissions';
+					}
+					setErrorMessage(message);
+
+					// Check if error is retryable (5xx) or not (4xx)
+					const isRetryable = checkIfRetryableError(error);
+					setIsRetryableError(isRetryable);
+				}
+			},
+		},
+	);
+
+	const handleChange = useCallback(
+		(inputValue: string | string[]): void => {
+			const value = variableData.multiSelect && !inputValue ? [] : inputValue;
+
+			if (
+				value === variableData.selectedValue ||
+				(Array.isArray(value) &&
+					Array.isArray(variableData.selectedValue) &&
+					areArraysEqual(value, variableData.selectedValue))
+			) {
+				return;
+			}
+
+			if (variableData.name) {
+				if (
+					value === ALL_SELECT_VALUE ||
+					(Array.isArray(value) && value.includes(ALL_SELECT_VALUE))
+				) {
+					// For ALL selection in dynamic variables, pass null to avoid storing values
+					// The parent component will handle this appropriately
+					onValueUpdate(variableData.name, variableData.id, null, true);
+				} else {
+					// Build union of available options shown in dropdown (normalized + related)
+					const allAvailableOptionStrings = [
+						...new Set([
+							...optionsData.map((v) => v.toString()),
+							...relatedValues.map((v) => v.toString()),
+						]),
+					];
+
+					const haveCustomValuesSelected =
+						Array.isArray(value) &&
+						!value.every((v) => allAvailableOptionStrings.includes(v.toString()));
+
+					onValueUpdate(
+						variableData.name,
+						variableData.id,
+						value,
+						allAvailableOptionStrings.every((v) => value.includes(v.toString())),
+						haveCustomValuesSelected,
+					);
+				}
+			}
+		},
+		[variableData, onValueUpdate, optionsData, relatedValues],
+	);
+
+	useEffect(() => {
+		if (
+			variableData.dynamicVariablesSource &&
+			variableData.dynamicVariablesAttribute
+		) {
+			refetch();
+		}
+	}, [
+		refetch,
+		variableData.dynamicVariablesSource,
+		variableData.dynamicVariablesAttribute,
+		debouncedApiSearchText,
+	]);
+
+	// Build a memoized list of all currently available option strings (normalized + related)
+	const allAvailableOptionStrings = useMemo(
+		() => [
+			...new Set([
+				...optionsData.map((v) => v.toString()),
+				...relatedValues.map((v) => v.toString()),
+			]),
+		],
+		[optionsData, relatedValues],
+	);
+
+	const handleSearch = useCallback(
+		(text: string) => {
+			if (isComplete) {
+				if (!text) {
+					setFilteredOptionsData(optionsData);
+					setRelatedValues(originalRelatedValues);
+					return;
+				}
+
+				const localFilteredOptionsData: (string | number | boolean)[] = [];
+				optionsData.forEach((option) => {
+					if (option.toString().toLowerCase().includes(text.toLowerCase())) {
+						localFilteredOptionsData.push(option);
+					}
+				});
+				setFilteredOptionsData(localFilteredOptionsData);
+				setRelatedValues(
+					originalRelatedValues.filter((value) =>
+						value.toLowerCase().includes(text.toLowerCase()),
+					),
+				);
+			} else {
+				setApiSearchText(text);
+			}
+		},
+		[isComplete, optionsData, originalRelatedValues],
+	);
+
+	const { selectedValue } = variableData;
+	const selectedValueStringified = useMemo(
+		() => getSelectValue(selectedValue, variableData),
+		[selectedValue, variableData],
+	);
+
+	const enableSelectAll = variableData.multiSelect && variableData.showALLOption;
+
+	const selectValue =
+		variableData.allSelected && enableSelectAll
+			? ALL_SELECT_VALUE
+			: selectedValueStringified;
+
+	// Add a handler for tracking temporary selection changes
+	const handleTempChange = useCallback(
+		(inputValue: string | string[]): void => {
+			// Store the selection in temporary state while dropdown is open
+			const value = variableData.multiSelect && !inputValue ? [] : inputValue;
+			const sanitizedValue = uniqueValues(value);
+			setTempSelection(sanitizedValue);
+		},
+		[variableData.multiSelect],
+	);
+
+	// Handle dropdown visibility changes
+	const handleDropdownVisibleChange = (visible: boolean): void => {
+		// Update dropdown open state for auto-checking
+		setIsDropdownOpen(visible);
+
+		// Initialize temp selection when opening dropdown
+		if (visible) {
+			if (isUndefined(tempSelection) && selectValue === ALL_SELECT_VALUE) {
+				// When ALL is selected, set selection to exactly the latest available values
+				const latestAll = [...allAvailableOptionStrings];
+				setTempSelection(latestAll);
+			} else {
+				setTempSelection(getSelectValue(variableData.selectedValue, variableData));
+			}
+		}
+		// Apply changes when closing dropdown
+		else if (!visible && tempSelection !== undefined) {
+			// Only call handleChange if there's actually a change in the selection
+			const currentValue = variableData.selectedValue;
+
+			// Helper function to check if arrays have the same elements regardless of order
+			const areArraysEqualIgnoreOrder = (a: any[], b: any[]): boolean => {
+				if (a.length !== b.length) {
+					return false;
+				}
+				const sortedA = [...a].sort();
+				const sortedB = [...b].sort();
+				return areArraysEqual(sortedA, sortedB);
+			};
+
+			// If ALL was selected before and remains ALL after, skip updating
+			const wasAllSelected = enableSelectAll && variableData.allSelected;
+			const isAllSelectedAfter =
+				enableSelectAll &&
+				Array.isArray(tempSelection) &&
+				tempSelection.length === allAvailableOptionStrings.length &&
+				allAvailableOptionStrings.every((v) => tempSelection.includes(v));
+
+			if (wasAllSelected && isAllSelectedAfter) {
+				setTempSelection(undefined);
+				return;
+			}
+
+			const hasChanged =
+				tempSelection !== currentValue &&
+				!(
+					Array.isArray(tempSelection) &&
+					Array.isArray(currentValue) &&
+					areArraysEqualIgnoreOrder(tempSelection, currentValue)
+				);
+
+			if (hasChanged) {
+				handleChange(tempSelection);
+			}
+			setTempSelection(undefined);
+		}
+
+		// Always reset filtered data when dropdown closes, regardless of tempSelection state
+		if (!visible) {
+			setFilteredOptionsData(optionsData);
+			setRelatedValues(originalRelatedValues);
+			setApiSearchText('');
+		}
+	};
+
+	useEffect(
+		() => (): void => {
+			// Cleanup on unmount
+			setTempSelection(undefined);
+			setFilteredOptionsData([]);
+			setRelatedValues([]);
+			setApiSearchText('');
+		},
+		[],
+	);
+
+	// eslint-disable-next-line sonarjs/cognitive-complexity
+	const finalSelectedValues = useMemo(() => {
+		if (variableData.multiSelect) {
+			let value = tempSelection || selectedValue;
+			if (isEmpty(value)) {
+				if (variableData.showALLOption) {
+					if (variableData.defaultValue) {
+						value = variableData.defaultValue;
+					} else if (variableData.allSelected) {
+						// If ALL is selected but no stored values, derive from available options
+						// This handles the case where we don't store values in localStorage for ALL
+						value = allAvailableOptionStrings;
+					} else {
+						value = optionsData;
+					}
+				} else if (variableData.defaultValue) {
+					value = variableData.defaultValue;
+				} else {
+					value = optionsData?.[0];
+				}
+			}
+
+			return value;
+		}
+		if (isEmpty(selectedValue)) {
+			if (variableData.defaultValue) {
+				return variableData.defaultValue;
+			}
+			return optionsData[0]?.toString();
+		}
+
+		return selectedValue;
+	}, [
+		variableData.multiSelect,
+		variableData.showALLOption,
+		variableData.defaultValue,
+		variableData.allSelected,
+		selectedValue,
+		tempSelection,
+		optionsData,
+		allAvailableOptionStrings,
+	]);
+
+	useEffect(() => {
+		if (
+			(variableData.multiSelect && !(tempSelection || selectValue)) ||
+			isEmpty(selectValue)
+		) {
+			handleChange(finalSelectedValues as string[] | string);
+		}
+	}, [
+		finalSelectedValues,
+		handleChange,
+		selectValue,
+		tempSelection,
+		variableData.multiSelect,
+	]);
+
+	return (
+		<div className="variable-item">
+			<Typography.Text className="variable-name" ellipsis>
+				${variableData.name}
+				{variableData.description && (
+					<Tooltip title={variableData.description}>
+						<InfoCircleOutlined className="info-icon" />
+					</Tooltip>
+				)}
+			</Typography.Text>
+			<div className="variable-value">
+				{variableData.multiSelect ? (
+					<CustomMultiSelect
+						key={variableData.id}
+						options={getOptionsForDynamicVariable(
+							filteredOptionsData || [],
+							relatedValues || [],
+						)}
+						defaultValue={variableData.defaultValue}
+						onChange={handleTempChange}
+						bordered={false}
+						placeholder="Select value"
+						placement="bottomLeft"
+						style={SelectItemStyle}
+						loading={isLoading}
+						showSearch
+						data-testid="variable-select"
+						className="variable-select"
+						popupClassName="dropdown-styles"
+						maxTagCount={2}
+						getPopupContainer={popupContainer}
+						value={
+							(tempSelection || selectValue) === ALL_SELECT_VALUE
+								? 'ALL'
+								: tempSelection || selectValue
+						}
+						onDropdownVisibleChange={handleDropdownVisibleChange}
+						errorMessage={errorMessage}
+						// eslint-disable-next-line react/no-unstable-nested-components
+						maxTagPlaceholder={(omittedValues): JSX.Element => {
+							const maxDisplayValues = 10;
+							const valuesToShow = omittedValues.slice(0, maxDisplayValues);
+							const hasMore = omittedValues.length > maxDisplayValues;
+							const tooltipText =
+								valuesToShow.map(({ value }) => value).join(', ') +
+								(hasMore ? ` + ${omittedValues.length - maxDisplayValues} more` : '');
+
+							return (
+								<Tooltip title={tooltipText}>
+									<span>+ {omittedValues.length} </span>
+								</Tooltip>
+							);
+						}}
+						onClear={(): void => {
+							handleChange([]);
+						}}
+						enableAllSelection={enableSelectAll}
+						maxTagTextLength={30}
+						onSearch={handleSearch}
+						onRetry={(): void => {
+							setErrorMessage(null);
+							setIsRetryableError(true);
+							refetch();
+						}}
+						showIncompleteDataMessage={!isComplete && filteredOptionsData.length > 0}
+						isDynamicVariable
+						showRetryButton={isRetryableError}
+					/>
+				) : (
+					<CustomSelect
+						key={variableData.id}
+						onChange={handleChange}
+						bordered={false}
+						placeholder="Select value"
+						style={SelectItemStyle}
+						loading={isLoading}
+						showSearch
+						data-testid="variable-select"
+						className="variable-select"
+						popupClassName="dropdown-styles"
+						getPopupContainer={popupContainer}
+						options={getOptionsForDynamicVariable(
+							filteredOptionsData || [],
+							relatedValues || [],
+						)}
+						value={selectValue}
+						defaultValue={variableData.defaultValue}
+						errorMessage={errorMessage}
+						onSearch={handleSearch}
+						// eslint-disable-next-line sonarjs/no-identical-functions
+						onRetry={(): void => {
+							setErrorMessage(null);
+							setIsRetryableError(true);
+							refetch();
+						}}
+						showIncompleteDataMessage={!isComplete && filteredOptionsData.length > 0}
+						isDynamicVariable
+						showRetryButton={isRetryableError}
+					/>
+				)}
+			</div>
+		</div>
+	);
+}
+
+export default DynamicVariableSelection;

frontend/src/container/DashboardContainer/DashboardVariablesSelection/QueryVariableInput.tsx

@@ -1,11 +1,13 @@
-import { memo, useCallback, useMemo, useState } from 'react';
+import { memo, useCallback, useState } from 'react';
 import { useQuery } from 'react-query';
 import { useSelector } from 'react-redux';
 import dashboardVariablesQuery from 'api/dashboard/variables/dashboardVariablesQuery';
 import { REACT_QUERY_KEY } from 'constants/reactQueryKeys';
-import sortValues from 'lib/dashboardVariables/sortVariableValues';
+import sortValues from 'lib/dashbaordVariables/sortVariableValues';
 import { isArray, isString } from 'lodash-es';
+import { IDependencyData } from 'providers/Dashboard/store/dashboardVariables/dashboardVariablesStoreTypes';
 import { AppState } from 'store/reducers';
+import { IDashboardVariable } from 'types/api/dashboard/getAll';
 import { VariableResponseProps } from 'types/api/dashboard/variables/query';
 import { GlobalReducer } from 'types/reducer/globalTime';
 
@@ -13,18 +15,20 @@ import { variablePropsToPayloadVariables } from '../utils';
 import SelectVariableInput from './SelectVariableInput';
 import { useDashboardVariableSelectHelper } from './useDashboardVariableSelectHelper';
 import { areArraysEqual, checkAPIInvocation } from './util';
-import { VariableItemProps } from './VariableItem';
-import { queryVariableSelectStrategy } from './variableSelectStrategy/queryVariableSelectStrategy';
 
-type QueryVariableInputProps = Pick<
-	VariableItemProps,
-	| 'variableData'
-	| 'existingVariables'
-	| 'onValueUpdate'
-	| 'variablesToGetUpdated'
-	| 'setVariablesToGetUpdated'
-	| 'dependencyData'
->;
+interface QueryVariableInputProps {
+	variableData: IDashboardVariable;
+	existingVariables: Record<string, IDashboardVariable>;
+	onValueUpdate: (
+		name: string,
+		id: string,
+		value: IDashboardVariable['selectedValue'],
+		allSelected: boolean,
+	) => void;
+	variablesToGetUpdated: string[];
+	setVariablesToGetUpdated: React.Dispatch<React.SetStateAction<string[]>>;
+	dependencyData: IDependencyData | null;
+}
 
 function QueryVariableInput({
 	variableData,
@@ -52,15 +56,13 @@ function QueryVariableInput({
 		onChange,
 		onDropdownVisibleChange,
 		handleClear,
-		applyDefaultIfNeeded,
 	} = useDashboardVariableSelectHelper({
 		variableData,
 		optionsData,
 		onValueUpdate,
-		strategy: queryVariableSelectStrategy,
 	});
 
-	const validVariableUpdate = useCallback((): boolean => {
+	const validVariableUpdate = (): boolean => {
 		if (!variableData.name) {
 			return false;
 		}
@@ -68,100 +70,86 @@ function QueryVariableInput({
 			variablesToGetUpdated.length &&
 				variablesToGetUpdated[0] === variableData.name,
 		);
-	}, [variableData.name, variablesToGetUpdated]);
+	};
 
-	const getOptions = useCallback(
-		// eslint-disable-next-line sonarjs/cognitive-complexity
-		(variablesRes: VariableResponseProps | null): void => {
-			try {
-				setErrorMessage(null);
+	// eslint-disable-next-line sonarjs/cognitive-complexity
+	const getOptions = (variablesRes: VariableResponseProps | null): void => {
+		try {
+			setErrorMessage(null);
 
-				if (
-					variablesRes?.variableValues &&
-					Array.isArray(variablesRes?.variableValues)
-				) {
-					const newOptionsData = sortValues(
-						variablesRes?.variableValues,
-						variableData.sort,
-					);
+			if (
+				variablesRes?.variableValues &&
+				Array.isArray(variablesRes?.variableValues)
+			) {
+				const newOptionsData = sortValues(
+					variablesRes?.variableValues,
+					variableData.sort,
+				);
 
-					const oldOptionsData = sortValues(optionsData, variableData.sort) as never;
+				const oldOptionsData = sortValues(optionsData, variableData.sort) as never;
 
-					if (!areArraysEqual(newOptionsData, oldOptionsData)) {
-						let valueNotInList = false;
+				if (!areArraysEqual(newOptionsData, oldOptionsData)) {
+					let valueNotInList = false;
 
-						if (isArray(variableData.selectedValue)) {
-							variableData.selectedValue.forEach((val) => {
-								if (!newOptionsData.includes(val)) {
-									valueNotInList = true;
-								}
-							});
-						} else if (
-							isString(variableData.selectedValue) &&
-							!newOptionsData.includes(variableData.selectedValue)
-						) {
-							valueNotInList = true;
-						}
+					if (isArray(variableData.selectedValue)) {
+						variableData.selectedValue.forEach((val) => {
+							if (!newOptionsData.includes(val)) {
+								valueNotInList = true;
+							}
+						});
+					} else if (
+						isString(variableData.selectedValue) &&
+						!newOptionsData.includes(variableData.selectedValue)
+					) {
+						valueNotInList = true;
+					}
 
-						// variablesData.allSelected is added for the case where on change of options we need to update the
-						// local storage
+					// variablesData.allSelected is added for the case where on change of options we need to update the
+					// local storage
+					if (
+						variableData.name &&
+						(validVariableUpdate() || valueNotInList || variableData.allSelected)
+					) {
 						if (
-							variableData.name &&
-							(validVariableUpdate() || valueNotInList || variableData.allSelected)
+							variableData.allSelected &&
+							variableData.multiSelect &&
+							variableData.showALLOption
 						) {
-							if (
-								variableData.allSelected &&
-								variableData.multiSelect &&
-								variableData.showALLOption
-							) {
-								onValueUpdate(variableData.name, variableData.id, newOptionsData, true);
+							onValueUpdate(variableData.name, variableData.id, newOptionsData, true);
 
-								// Update tempSelection to maintain ALL state when dropdown is open
-								if (tempSelection !== undefined) {
-									setTempSelection(newOptionsData.map((option) => option.toString()));
-								}
-							} else {
-								const value = variableData.selectedValue;
-								let allSelected = false;
+							// Update tempSelection to maintain ALL state when dropdown is open
+							if (tempSelection !== undefined) {
+								setTempSelection(newOptionsData.map((option) => option.toString()));
+							}
+						} else {
+							const value = variableData.selectedValue;
+							let allSelected = false;
 
-								if (variableData.multiSelect) {
-									const { selectedValue } = variableData;
-									allSelected =
-										newOptionsData.length > 0 &&
-										Array.isArray(selectedValue) &&
-										newOptionsData.every((option) => selectedValue.includes(option));
-								}
+							if (variableData.multiSelect) {
+								const { selectedValue } = variableData;
+								allSelected =
+									newOptionsData.length > 0 &&
+									Array.isArray(selectedValue) &&
+									newOptionsData.every((option) => selectedValue.includes(option));
+							}
 
-								if (variableData.name && variableData.id) {
-									onValueUpdate(variableData.name, variableData.id, value, allSelected);
-								}
+							if (variableData.name && variableData.id) {
+								onValueUpdate(variableData.name, variableData.id, value, allSelected);
 							}
 						}
-
-						setOptionsData(newOptionsData);
-						// Apply default if no value is selected (e.g., new variable, first load)
-						applyDefaultIfNeeded(newOptionsData);
-					} else {
-						setVariablesToGetUpdated((prev) =>
-							prev.filter((name) => name !== variableData.name),
-						);
 					}
+
+					setOptionsData(newOptionsData);
+				} else {
+					setVariablesToGetUpdated((prev) =>
+						prev.filter((name) => name !== variableData.name),
+					);
 				}
-			} catch (e) {
-				console.error(e);
 			}
-		},
-		[
-			variableData,
-			optionsData,
-			onValueUpdate,
-			tempSelection,
-			setTempSelection,
-			validVariableUpdate,
-			setVariablesToGetUpdated,
-			applyDefaultIfNeeded,
-		],
-	);
+		} catch (e) {
+			console.error(e);
+		}
+	};
 
 	const { isLoading, refetch } = useQuery(
 		[
@@ -174,6 +162,7 @@ function QueryVariableInput({
 		{
 			enabled:
 				variableData &&
+				variableData.type === 'QUERY' &&
 				checkAPIInvocation(
 					variablesToGetUpdated,
 					variableData,
@@ -218,19 +207,10 @@ function QueryVariableInput({
 		refetch();
 	}, [refetch]);
 
-	const selectOptions = useMemo(
-		() =>
-			optionsData.map((option) => ({
-				label: option.toString(),
-				value: option.toString(),
-			})),
-		[optionsData],
-	);
-
 	return (
 		<SelectVariableInput
 			variableId={variableData.id}
-			options={selectOptions}
+			options={optionsData}
 			value={value}
 			onChange={onChange}
 			onDropdownVisibleChange={onDropdownVisibleChange}

frontend/src/container/DashboardContainer/DashboardVariablesSelection/SelectVariableInput.tsx

@@ -3,7 +3,6 @@ import { orange } from '@ant-design/colors';
 import { WarningOutlined } from '@ant-design/icons';
 import { Popover, Tooltip, Typography } from 'antd';
 import { CustomMultiSelect, CustomSelect } from 'components/NewSelect';
-import { OptionData } from 'components/NewSelect/types';
 import { popupContainer } from 'utils/selectPopupContainer';
 
 import { ALL_SELECT_VALUE } from '../utils';
@@ -13,7 +12,7 @@ const errorIconStyle = { margin: '0 0.5rem' };
 
 interface SelectVariableInputProps {
 	variableId: string;
-	options: OptionData[];
+	options: (string | number | boolean)[];
 	value: string | string[] | undefined;
 	enableSelectAll: boolean;
 	isMultiSelect: boolean;
@@ -24,17 +23,13 @@ interface SelectVariableInputProps {
 	loading?: boolean;
 	errorMessage?: string | null;
 	onRetry?: () => void;
-	isDynamicVariable?: boolean;
-	showRetryButton?: boolean;
-	showIncompleteDataMessage?: boolean;
-	onSearch?: (searchTerm: string) => void;
 }
 
 const MAX_TAG_DISPLAY_VALUES = 10;
 
-export const renderMaxTagPlaceholder = (
+function maxTagPlaceholder(
 	omittedValues: { label?: React.ReactNode; value?: string | number }[],
-): JSX.Element => {
+): JSX.Element {
 	const valuesToShow = omittedValues.slice(0, MAX_TAG_DISPLAY_VALUES);
 	const hasMore = omittedValues.length > MAX_TAG_DISPLAY_VALUES;
 	const tooltipText =
@@ -46,7 +41,7 @@ export const renderMaxTagPlaceholder = (
 			<span>+ {omittedValues.length} </span>
 		</Tooltip>
 	);
-};
+}
 
 function SelectVariableInput({
 	variableId,
@@ -61,11 +56,16 @@ function SelectVariableInput({
 	enableSelectAll,
 	isMultiSelect,
 	defaultValue,
-	isDynamicVariable,
-	showRetryButton,
-	showIncompleteDataMessage,
-	onSearch,
 }: SelectVariableInputProps): JSX.Element {
+	const selectOptions = useMemo(
+		() =>
+			options.map((option) => ({
+				label: option.toString(),
+				value: option.toString(),
+			})),
+		[options],
+	);
+
 	const commonProps = useMemo(
 		() => ({
 			// main props
@@ -82,33 +82,23 @@ function SelectVariableInput({
 			showSearch: true,
 			bordered: false,
 
-			// changing props
+			// dynamic props
 			'data-testid': 'variable-select',
 			onChange,
 			loading,
-			options,
+			options: selectOptions,
 			errorMessage,
 			onRetry,
-
-			// dynamic variable only props
-			isDynamicVariable,
-			showRetryButton,
-			showIncompleteDataMessage,
-			onSearch,
 		}),
 		[
 			variableId,
 			defaultValue,
 			onChange,
 			loading,
-			options,
+			selectOptions,
 			value,
 			errorMessage,
 			onRetry,
-			isDynamicVariable,
-			showRetryButton,
-			showIncompleteDataMessage,
-			onSearch,
 		],
 	);
 
@@ -120,11 +110,11 @@ function SelectVariableInput({
 					placement="bottomLeft"
 					maxTagCount={2}
 					onDropdownVisibleChange={onDropdownVisibleChange}
-					maxTagPlaceholder={renderMaxTagPlaceholder}
+					maxTagPlaceholder={maxTagPlaceholder}
 					onClear={onClear}
 					enableAllSelection={enableSelectAll}
 					maxTagTextLength={30}
-					allowClear={value !== ALL_SELECT_VALUE}
+					allowClear={value !== ALL_SELECT_VALUE && value !== 'ALL'}
 				/>
 			) : (
 				<CustomSelect {...commonProps} />

frontend/src/container/DashboardContainer/DashboardVariablesSelection/VariableItem.tsx

@@ -5,7 +5,6 @@ import { IDependencyData } from 'providers/Dashboard/store/dashboardVariables/da
 import { IDashboardVariable } from 'types/api/dashboard/getAll';
 
 import CustomVariableInput from './CustomVariableInput';
-import DynamicVariableInput from './DynamicVariableInput';
 import QueryVariableInput from './QueryVariableInput';
 import TextboxVariableInput from './TextboxVariableInput';
 
@@ -17,9 +16,8 @@ export interface VariableItemProps {
 	onValueUpdate: (
 		name: string,
 		id: string,
-		value: IDashboardVariable['selectedValue'],
+		arg1: IDashboardVariable['selectedValue'],
 		allSelected: boolean,
-		haveCustomValuesSelected?: boolean,
 	) => void;
 	variablesToGetUpdated: string[];
 	setVariablesToGetUpdated: React.Dispatch<React.SetStateAction<string[]>>;
@@ -70,13 +68,6 @@ function VariableItem({
 						dependencyData={dependencyData}
 					/>
 				)}
-				{variableType === 'DYNAMIC' && (
-					<DynamicVariableInput
-						variableData={variableData}
-						onValueUpdate={onValueUpdate}
-						existingVariables={existingVariables}
-					/>
-				)}
 			</div>
 		</div>
 	);

frontend/src/container/DashboardContainer/DashboardVariablesSelection/__test__/DynamicVariableSelection.test.tsx

@@ -5,7 +5,7 @@ import * as ReactRedux from 'react-redux';
 import { fireEvent, render, screen } from '@testing-library/react';
 import { IDashboardVariable } from 'types/api/dashboard/getAll';
 
-import DynamicVariableInput from '../DynamicVariableInput';
+import DynamicVariableSelection from '../DynamicVariableSelection';
 
 // Don't mock the components - use real ones
 
@@ -54,7 +54,7 @@ const mockApiResponse = {
 // Mock scrollIntoView since it's not available in JSDOM
 window.HTMLElement.prototype.scrollIntoView = jest.fn();
 
-describe('DynamicVariableInput Component', () => {
+describe('DynamicVariableSelection Component', () => {
 	const mockOnValueUpdate = jest.fn();
 
 	const mockDynamicVariableData: IDashboardVariable = {
@@ -108,13 +108,18 @@ describe('DynamicVariableInput Component', () => {
 
 	it('renders with single select variable correctly', () => {
 		render(
-			<DynamicVariableInput
+			<DynamicVariableSelection
 				variableData={mockDynamicVariableData}
 				existingVariables={mockExistingVariables}
 				onValueUpdate={mockOnValueUpdate}
 			/>,
 		);
 
+		// Verify component renders correctly
+		expect(
+			screen.getByText(`$${mockDynamicVariableData.name}`),
+		).toBeInTheDocument();
+
 		// Verify the selected value is displayed
 		const selectedItem = screen.getByRole('combobox');
 		expect(selectedItem).toBeInTheDocument();
@@ -131,13 +136,18 @@ describe('DynamicVariableInput Component', () => {
 		};
 
 		render(
-			<DynamicVariableInput
+			<DynamicVariableSelection
 				variableData={multiSelectWithAllSelected}
 				existingVariables={mockExistingVariables}
 				onValueUpdate={mockOnValueUpdate}
 			/>,
 		);
 
+		// Verify variable name is rendered
+		expect(
+			screen.getByText(`$${multiSelectWithAllSelected.name}`),
+		).toBeInTheDocument();
+
 		// In ALL selected mode, there should be an "ALL" text element
 		expect(screen.getByText('ALL')).toBeInTheDocument();
 	});
@@ -154,13 +164,18 @@ describe('DynamicVariableInput Component', () => {
 		});
 
 		render(
-			<DynamicVariableInput
+			<DynamicVariableSelection
 				variableData={mockDynamicVariableData}
 				existingVariables={mockExistingVariables}
 				onValueUpdate={mockOnValueUpdate}
 			/>,
 		);
 
+		// Verify component renders in loading state
+		expect(
+			screen.getByText(`$${mockDynamicVariableData.name}`),
+		).toBeInTheDocument();
+
 		// Open dropdown to see loading text
 		const selectElement = screen.getByRole('combobox');
 		fireEvent.mouseDown(selectElement);
@@ -184,13 +199,18 @@ describe('DynamicVariableInput Component', () => {
 		});
 
 		render(
-			<DynamicVariableInput
+			<DynamicVariableSelection
 				variableData={mockDynamicVariableData}
 				existingVariables={mockExistingVariables}
 				onValueUpdate={mockOnValueUpdate}
 			/>,
 		);
 
+		// Verify the component renders
+		expect(
+			screen.getByText(`$${mockDynamicVariableData.name}`),
+		).toBeInTheDocument();
+
 		// For error states, we should check that error handling is in place
 		// Without opening the dropdown as the error message might be handled differently
 		expect(ReactQuery.useQuery).toHaveBeenCalled();
@@ -199,7 +219,7 @@ describe('DynamicVariableInput Component', () => {
 
 	it('makes API call to fetch variable values', () => {
 		render(
-			<DynamicVariableInput
+			<DynamicVariableSelection
 				variableData={mockDynamicVariableData}
 				existingVariables={mockExistingVariables}
 				onValueUpdate={mockOnValueUpdate}
@@ -215,8 +235,6 @@ describe('DynamicVariableInput Component', () => {
 				'2023-01-01T00:00:00Z', // minTime from useSelector mock
 				'2023-01-02T00:00:00Z', // maxTime from useSelector mock
 				'',
-				'Traces',
-				'service.name',
 			],
 			expect.objectContaining({
 				enabled: true, // Type is 'DYNAMIC'
@@ -237,13 +255,16 @@ describe('DynamicVariableInput Component', () => {
 		};
 
 		render(
-			<DynamicVariableInput
+			<DynamicVariableSelection
 				variableData={customVariable}
 				existingVariables={{ ...mockExistingVariables, custom1: customVariable }}
 				onValueUpdate={mockOnValueUpdate}
 			/>,
 		);
 
+		// Verify the component correctly displays the selected value
+		expect(screen.getByText(`$${customVariable.name}`)).toBeInTheDocument();
+
 		// Find the selection item in the component using data-testid
 		const selectElement = screen.getByTestId('variable-select');
 		expect(selectElement).toBeInTheDocument();

frontend/src/container/DashboardContainer/DashboardVariablesSelection/__test__/VariableItem.defaulting.behavior.test.tsx

@@ -63,10 +63,10 @@ describe('VariableItem Default Value Selection Behavior', () => {
 				expect(screen.getByTestId(VARIABLE_SELECT_TESTID)).toBeInTheDocument();
 			});
 
-			expect(await screen.findByText('option1')).toBeInTheDocument();
+			expect(screen.getByText('option1')).toBeInTheDocument();
 		});
 
-		test('should auto-select first option when no previous and no default', async () => {
+		test('should show placeholder when no previous and no default', async () => {
 			const variable: IDashboardVariable = {
 				id: TEST_VARIABLE_ID,
 				name: TEST_VARIABLE_NAME,
@@ -85,8 +85,7 @@ describe('VariableItem Default Value Selection Behavior', () => {
 				expect(screen.getByTestId(VARIABLE_SELECT_TESTID)).toBeInTheDocument();
 			});
 
-			// With the new variable select strategy, the first option is auto-selected
-			expect(await screen.findByText('option1')).toBeInTheDocument();
+			expect(screen.getByText('Select value')).toBeInTheDocument();
 		});
 	});
 
@@ -111,7 +110,7 @@ describe('VariableItem Default Value Selection Behavior', () => {
 				expect(screen.getByTestId(VARIABLE_SELECT_TESTID)).toBeInTheDocument();
 			});
 
-			expect(await screen.findByText('ALL')).toBeInTheDocument();
+			expect(screen.getByText('ALL')).toBeInTheDocument();
 		});
 	});
 
@@ -135,7 +134,7 @@ describe('VariableItem Default Value Selection Behavior', () => {
 				expect(screen.getByTestId(VARIABLE_SELECT_TESTID)).toBeInTheDocument();
 			});
 
-			expect(await screen.findByText('Select value')).toBeInTheDocument();
+			expect(screen.getByText('Select value')).toBeInTheDocument();
 		});
 	});
 });

frontend/src/container/DashboardContainer/DashboardVariablesSelection/useDashboardVariableSelectHelper.ts

@@ -1,14 +1,8 @@
-import { useCallback, useMemo, useState } from 'react';
+import { useCallback, useEffect, useMemo, useState } from 'react';
 import { isEmpty } from 'lodash-es';
 import { IDashboardVariable } from 'types/api/dashboard/getAll';
 
-import { ALL_SELECT_VALUE } from '../utils';
 import { areArraysEqual, getSelectValue } from './util';
-import { VariableSelectStrategy } from './variableSelectStrategy/variableSelectStrategyTypes';
-import {
-	areArraysEqualIgnoreOrder,
-	uniqueValues,
-} from './variableSelectStrategy/variableSelectStrategyUtils';
 
 interface UseDashboardVariableSelectHelperParams {
 	variableData: IDashboardVariable;
@@ -18,11 +12,7 @@ interface UseDashboardVariableSelectHelperParams {
 		id: string,
 		value: IDashboardVariable['selectedValue'],
 		allSelected: boolean,
-		haveCustomValuesSelected?: boolean,
 	) => void;
-	strategy: VariableSelectStrategy;
-	/** Override for all available option strings (default: optionsData.map(String)) */
-	allAvailableOptionStrings?: string[];
 }
 
 interface UseDashboardVariableSelectHelperReturn {
@@ -41,11 +31,6 @@ interface UseDashboardVariableSelectHelperReturn {
 	onChange: (value: string | string[]) => void;
 	onDropdownVisibleChange: (visible: boolean) => void;
 	handleClear: () => void;
-
-	// Default value helpers
-	applyDefaultIfNeeded: (
-		overrideOptions?: (string | number | boolean)[],
-	) => void;
 }
 
 // eslint-disable-next-line sonarjs/cognitive-complexity
@@ -53,8 +38,6 @@ export function useDashboardVariableSelectHelper({
 	variableData,
 	optionsData,
 	onValueUpdate,
-	strategy,
-	allAvailableOptionStrings,
 }: UseDashboardVariableSelectHelperParams): UseDashboardVariableSelectHelperReturn {
 	const { selectedValue } = variableData;
 
@@ -69,37 +52,11 @@ export function useDashboardVariableSelectHelper({
 
 	const enableSelectAll = variableData.multiSelect && variableData.showALLOption;
 
-	const effectiveAllAvailableOptionStrings = useMemo(
-		() => allAvailableOptionStrings ?? optionsData.map((v) => v.toString()),
-		[allAvailableOptionStrings, optionsData],
-	);
-
 	const selectValue =
 		variableData.allSelected && enableSelectAll
-			? ALL_SELECT_VALUE
+			? 'ALL'
 			: selectedValueStringified;
 
-	const getDefaultValue = useCallback(
-		(overrideOptions?: (string | number | boolean)[]) => {
-			const options = overrideOptions || optionsData;
-			if (variableData.multiSelect) {
-				if (variableData.showALLOption) {
-					return variableData.defaultValue || options.map((o) => o.toString());
-				}
-				return variableData.defaultValue || options?.[0]?.toString();
-			}
-			return variableData.defaultValue || options[0]?.toString();
-		},
-		[
-			variableData.multiSelect,
-			variableData.showALLOption,
-			variableData.defaultValue,
-			optionsData,
-		],
-	);
-
-	const defaultValue = useMemo(() => getDefaultValue(), [getDefaultValue]);
-
 	const handleChange = useCallback(
 		(inputValue: string | string[]): void => {
 			const value = variableData.multiSelect && !inputValue ? [] : inputValue;
@@ -112,21 +69,29 @@ export function useDashboardVariableSelectHelper({
 			) {
 				return;
 			}
+			if (variableData.name) {
+				// Check if ALL is effectively selected by comparing with available options
+				const isAllSelected =
+					Array.isArray(value) &&
+					value.length > 0 &&
+					optionsData.every((option) => value.includes(option.toString()));
 
-			strategy.handleChange({
-				value,
-				variableData,
-				optionsData,
-				allAvailableOptionStrings: effectiveAllAvailableOptionStrings,
-				onValueUpdate,
-			});
+				if (isAllSelected && variableData.showALLOption) {
+					// For ALL selection, pass optionsData as the value and set allSelected to true
+					onValueUpdate(variableData.name, variableData.id, optionsData, true);
+				} else {
+					onValueUpdate(variableData.name, variableData.id, value, false);
+				}
+			}
 		},
 		[
-			variableData,
-			optionsData,
-			effectiveAllAvailableOptionStrings,
+			variableData.multiSelect,
+			variableData.selectedValue,
+			variableData.name,
+			variableData.id,
+			variableData.showALLOption,
 			onValueUpdate,
-			strategy,
+			optionsData,
 		],
 	);
 
@@ -134,96 +99,79 @@ export function useDashboardVariableSelectHelper({
 		(inputValue: string | string[]): void => {
 			// Store the selection in temporary state while dropdown is open
 			const value = variableData.multiSelect && !inputValue ? [] : inputValue;
-			setTempSelection(uniqueValues(value));
+			setTempSelection(value);
 		},
 		[variableData.multiSelect],
 	);
 
-	// Single select onChange: apply default if value is empty
-	const handleSingleSelectChange = useCallback(
-		(inputValue: string | string[]): void => {
-			if (isEmpty(inputValue)) {
-				if (defaultValue !== undefined) {
-					handleChange(defaultValue as string | string[]);
+	// Apply default value on first render if no selection exists
+	const finalSelectedValues = useMemo(() => {
+		if (variableData.multiSelect) {
+			let value = tempSelection || selectedValue;
+			if (isEmpty(value)) {
+				if (variableData.showALLOption) {
+					if (variableData.defaultValue) {
+						value = variableData.defaultValue;
+					} else {
+						value = optionsData;
+					}
+				} else if (variableData.defaultValue) {
+					value = variableData.defaultValue;
+				} else {
+					value = optionsData?.[0];
 				}
-				return;
 			}
-			handleChange(inputValue);
-		},
-		[handleChange, defaultValue],
-	);
+
+			return value;
+		}
+		if (isEmpty(selectedValue)) {
+			if (variableData.defaultValue) {
+				return variableData.defaultValue;
+			}
+			return optionsData[0]?.toString();
+		}
+
+		return selectedValue;
+	}, [
+		variableData.multiSelect,
+		variableData.showALLOption,
+		variableData.defaultValue,
+		selectedValue,
+		tempSelection,
+		optionsData,
+	]);
+
+	// Apply default values when needed
+	useEffect(() => {
+		if (
+			(variableData.multiSelect && !(tempSelection || selectValue)) ||
+			isEmpty(selectValue)
+		) {
+			handleChange(finalSelectedValues as string[] | string);
+		}
+	}, [
+		finalSelectedValues,
+		handleChange,
+		selectValue,
+		tempSelection,
+		variableData.multiSelect,
+	]);
 
 	// Handle dropdown visibility changes
 	const onDropdownVisibleChange = useCallback(
 		(visible: boolean): void => {
 			// Initialize temp selection when opening dropdown
 			if (visible) {
-				if (variableData.allSelected && enableSelectAll) {
-					// When ALL is selected, show all available options as individually checked
-					setTempSelection([...effectiveAllAvailableOptionStrings]);
-				} else {
-					setTempSelection(getSelectValue(variableData.selectedValue, variableData));
-				}
+				setTempSelection(getSelectValue(variableData.selectedValue, variableData));
 			}
 			// Apply changes when closing dropdown
 			else if (!visible && tempSelection !== undefined) {
-				// If ALL was selected before AND all options remain selected, skip updating
-				const wasAllSelected = enableSelectAll && variableData.allSelected;
-				const isAllSelectedAfter =
-					enableSelectAll &&
-					Array.isArray(tempSelection) &&
-					tempSelection.length === effectiveAllAvailableOptionStrings.length &&
-					effectiveAllAvailableOptionStrings.every((v) => tempSelection.includes(v));
-
-				if (wasAllSelected && isAllSelectedAfter) {
-					setTempSelection(undefined);
-					return;
-				}
-
-				// Apply default if closing with empty selection
-				let valueToApply = tempSelection;
-				if (isEmpty(tempSelection) && defaultValue !== undefined) {
-					valueToApply = defaultValue as string | string[];
-				}
-
-				// Order-agnostic change detection
-				const currentValue = variableData.selectedValue;
-				const hasChanged =
-					valueToApply !== currentValue &&
-					!(
-						Array.isArray(valueToApply) &&
-						Array.isArray(currentValue) &&
-						areArraysEqualIgnoreOrder(valueToApply, currentValue)
-					);
-
-				if (hasChanged) {
-					handleChange(valueToApply);
-				}
+				// Call handleChange with the temporarily stored selection
+				handleChange(tempSelection);
 				setTempSelection(undefined);
 			}
 		},
-		[
-			variableData,
-			enableSelectAll,
-			effectiveAllAvailableOptionStrings,
-			tempSelection,
-			handleChange,
-			defaultValue,
-		],
-	);
-
-	// Explicit function for callers to apply default on mount / data load
-	// Pass overrideOptions when freshly-loaded options aren't in state yet (async callers)
-	const applyDefaultIfNeeded = useCallback(
-		(overrideOptions?: (string | number | boolean)[]): void => {
-			if (isEmpty(selectValue)) {
-				const defaultValueFromOptions = getDefaultValue(overrideOptions);
-				if (defaultValueFromOptions !== undefined) {
-					handleChange(defaultValueFromOptions as string | string[]);
-				}
-			}
-		},
-		[selectValue, handleChange, getDefaultValue],
+		[variableData, tempSelection, handleChange],
 	);
 
 	const handleClear = useCallback((): void => {
@@ -234,9 +182,11 @@ export function useDashboardVariableSelectHelper({
 		? tempSelection || selectValue
 		: selectValue;
 
+	const defaultValue = variableData.defaultValue || selectValue;
+
 	const onChange = useMemo(() => {
-		return variableData.multiSelect ? handleTempChange : handleSingleSelectChange;
-	}, [variableData.multiSelect, handleTempChange, handleSingleSelectChange]);
+		return variableData.multiSelect ? handleTempChange : handleChange;
+	}, [variableData.multiSelect, handleTempChange, handleChange]);
 
 	return {
 		tempSelection,
@@ -247,6 +197,5 @@ export function useDashboardVariableSelectHelper({
 		value,
 		defaultValue,
 		onChange,
-		applyDefaultIfNeeded,
 	};
 }

frontend/src/container/DashboardContainer/DashboardVariablesSelection/util.ts

@@ -363,6 +363,25 @@ export const uniqueOptions = (options: OptionData[]): OptionData[] => {
 	return uniqueOptions;
 };
 
+export const uniqueValues = (values: string[] | string): string[] | string => {
+	if (Array.isArray(values)) {
+		const uniqueValues: string[] = [];
+		const seenValues = new Set<string>();
+
+		values.forEach((value) => {
+			if (seenValues.has(value)) {
+				return;
+			}
+			seenValues.add(value);
+			uniqueValues.push(value);
+		});
+
+		return uniqueValues;
+	}
+
+	return values;
+};
+
 export const getSelectValue = (
 	selectedValue: IDashboardVariable['selectedValue'],
 	variableData: IDashboardVariable,

frontend/src/container/DashboardContainer/DashboardVariablesSelection/variableSelectStrategy/customVariableSelectStrategy.tsx

@@ -1,4 +0,0 @@
-import { defaultVariableSelectStrategy } from './defaultVariableSelectStrategy';
-import { VariableSelectStrategy } from './variableSelectStrategyTypes';
-
-export const customVariableSelectStrategy: VariableSelectStrategy = defaultVariableSelectStrategy;

frontend/src/container/DashboardContainer/DashboardVariablesSelection/variableSelectStrategy/defaultVariableSelectStrategy.tsx

@@ -1,20 +0,0 @@
-import { VariableSelectStrategy } from './variableSelectStrategyTypes';
-
-export const defaultVariableSelectStrategy: VariableSelectStrategy = {
-	handleChange({ value, variableData, optionsData, onValueUpdate }) {
-		if (!variableData.name) {
-			return;
-		}
-
-		const isAllSelected =
-			Array.isArray(value) &&
-			value.length > 0 &&
-			optionsData.every((option) => value.includes(option.toString()));
-
-		if (isAllSelected && variableData.showALLOption) {
-			onValueUpdate(variableData.name, variableData.id, optionsData, true);
-		} else {
-			onValueUpdate(variableData.name, variableData.id, value, false);
-		}
-	},
-};

frontend/src/container/DashboardContainer/DashboardVariablesSelection/variableSelectStrategy/dynamicVariableSelectStrategy.tsx

@@ -1,37 +0,0 @@
-import { ALL_SELECT_VALUE } from 'container/DashboardContainer/utils';
-
-import { VariableSelectStrategy } from './variableSelectStrategyTypes';
-
-export const dynamicVariableSelectStrategy: VariableSelectStrategy = {
-	handleChange({
-		value,
-		variableData,
-		allAvailableOptionStrings,
-		onValueUpdate,
-	}) {
-		if (!variableData.name) {
-			return;
-		}
-
-		if (
-			value === ALL_SELECT_VALUE ||
-			(Array.isArray(value) && value.includes(ALL_SELECT_VALUE))
-		) {
-			onValueUpdate(variableData.name, variableData.id, null, true);
-		} else {
-			// For ALL selection in dynamic variables, pass null to avoid storing values
-			// The parent component will handle this appropriately
-			const haveCustomValuesSelected =
-				Array.isArray(value) &&
-				!value.every((v) => allAvailableOptionStrings.includes(v.toString()));
-
-			onValueUpdate(
-				variableData.name,
-				variableData.id,
-				value,
-				allAvailableOptionStrings.every((v) => value.includes(v.toString())),
-				haveCustomValuesSelected,
-			);
-		}
-	},
-};

frontend/src/container/DashboardContainer/DashboardVariablesSelection/variableSelectStrategy/queryVariableSelectStrategy.tsx

@@ -1,4 +0,0 @@
-import { defaultVariableSelectStrategy } from './defaultVariableSelectStrategy';
-import { VariableSelectStrategy } from './variableSelectStrategyTypes';
-
-export const queryVariableSelectStrategy: VariableSelectStrategy = defaultVariableSelectStrategy;

frontend/src/container/DashboardContainer/DashboardVariablesSelection/variableSelectStrategy/variableSelectStrategyTypes.ts

@@ -1,17 +0,0 @@
-import { IDashboardVariable } from 'types/api/dashboard/getAll';
-
-export interface VariableSelectStrategy {
-	handleChange(params: {
-		value: string | string[];
-		variableData: IDashboardVariable;
-		optionsData: (string | number | boolean)[];
-		allAvailableOptionStrings: string[];
-		onValueUpdate: (
-			name: string,
-			id: string,
-			value: IDashboardVariable['selectedValue'],
-			allSelected: boolean,
-			haveCustomValuesSelected?: boolean,
-		) => void;
-	}): void;
-}

frontend/src/container/DashboardContainer/DashboardVariablesSelection/variableSelectStrategy/variableSelectStrategyUtils.ts

@@ -1,32 +0,0 @@
-import { isEqual } from 'lodash-es';
-
-export const areArraysEqualIgnoreOrder = (
-	a: (string | number | boolean)[],
-	b: (string | number | boolean)[],
-): boolean => {
-	if (a.length !== b.length) {
-		return false;
-	}
-	const sortedA = [...a].sort();
-	const sortedB = [...b].sort();
-	return isEqual(sortedA, sortedB);
-};
-
-export const uniqueValues = (values: string[] | string): string[] | string => {
-	if (Array.isArray(values)) {
-		const uniqueValues: string[] = [];
-		const seenValues = new Set<string>();
-
-		values.forEach((value) => {
-			if (seenValues.has(value)) {
-				return;
-			}
-			seenValues.add(value);
-			uniqueValues.push(value);
-		});
-
-		return uniqueValues;
-	}
-
-	return values;
-};

frontend/src/container/DashboardContainer/__test__/DynamicVariableDefaultBehavior.test.tsx

@@ -2,7 +2,7 @@
 /* eslint-disable sonarjs/no-duplicate-string */
 /* eslint-disable react/jsx-props-no-spreading */
 import React from 'react';
-import { QueryClient, QueryClientProvider, useQuery } from 'react-query';
+import { QueryClient, QueryClientProvider } from 'react-query';
 import * as ReactRedux from 'react-redux';
 import {
 	act,
@@ -15,22 +15,13 @@ import {
 import { getFieldValues } from 'api/dynamicVariables/getFieldValues';
 import { IDashboardVariable } from 'types/api/dashboard/getAll';
 
-import DynamicVariableInput from '../DashboardVariablesSelection/DynamicVariableInput';
+import DynamicVariableSelection from '../DashboardVariablesSelection/DynamicVariableSelection';
 
 // Mock the getFieldValues API
 jest.mock('api/dynamicVariables/getFieldValues', () => ({
 	getFieldValues: jest.fn(),
 }));
 
-// Mock useQuery from react-query
-jest.mock('react-query', () => {
-	const originalModule = jest.requireActual('react-query');
-	return {
-		...originalModule,
-		useQuery: jest.fn(),
-	};
-});
-
 describe('Dynamic Variable Default Behavior', () => {
 	const mockOnValueUpdate = jest.fn();
 	const mockApiResponse = {
@@ -68,46 +59,6 @@ describe('Dynamic Variable Default Behavior', () => {
 		// Mock getFieldValues API to return our test data
 		(getFieldValues as jest.Mock).mockResolvedValue(mockApiResponse);
 
-		// Mock useQuery implementation to avoid infinite re-renders
-		// and ensure onSuccess is called once
-		(useQuery as jest.Mock).mockImplementation((key, options) => {
-			const { onSuccess, enabled, queryFn } = options || {};
-			const variableName = key[1];
-			const dynamicVarsKey = key[2];
-
-			React.useEffect(() => {
-				if (enabled !== false) {
-					if (onSuccess) {
-						// For 'services' tests:
-						// 1. "Default to ALL" expectations imply empty options -> [] behavior. This happens when selectedValue is undefined (dynamicVarsKey has 'null').
-						// 2. "ALL Option Special Value" needs full options to render the "ALL" item in dropdown. This happens when selectedValue is defined.
-						if (
-							variableName === 'services' &&
-							typeof dynamicVarsKey === 'string' &&
-							dynamicVarsKey.includes('null')
-						) {
-							onSuccess({
-								...mockApiResponse,
-								data: { ...mockApiResponse.data, normalizedValues: [] },
-							});
-						} else {
-							onSuccess(mockApiResponse);
-						}
-					}
-					if (queryFn) {
-						queryFn();
-					}
-				}
-			}, [enabled, variableName, dynamicVarsKey]); // Only depend on enabled/keys
-
-			return {
-				isLoading: false,
-				isError: false,
-				data: mockApiResponse,
-				refetch: jest.fn(),
-			};
-		});
-
 		jest.spyOn(ReactRedux, 'useSelector').mockReturnValue({
 			minTime: '2023-01-01T00:00:00Z',
 			maxTime: '2023-01-02T00:00:00Z',
@@ -133,7 +84,7 @@ describe('Dynamic Variable Default Behavior', () => {
 
 			await act(async () => {
 				renderWithQueryClient(
-					<DynamicVariableInput
+					<DynamicVariableSelection
 						variableData={variableData}
 						existingVariables={{ var1: variableData }}
 						onValueUpdate={mockOnValueUpdate}
@@ -169,7 +120,7 @@ describe('Dynamic Variable Default Behavior', () => {
 
 			await act(async () => {
 				renderWithQueryClient(
-					<DynamicVariableInput
+					<DynamicVariableSelection
 						variableData={variableData}
 						existingVariables={{ var1: variableData }}
 						onValueUpdate={mockOnValueUpdate}
@@ -213,7 +164,7 @@ describe('Dynamic Variable Default Behavior', () => {
 
 			await act(async () => {
 				renderWithQueryClient(
-					<DynamicVariableInput
+					<DynamicVariableSelection
 						variableData={variableData}
 						existingVariables={{ var1: variableData }}
 						onValueUpdate={mockOnValueUpdate}
@@ -221,6 +172,9 @@ describe('Dynamic Variable Default Behavior', () => {
 				);
 			});
 
+			// Component should render without errors
+			expect(screen.getByText('$service')).toBeInTheDocument();
+
 			// Check if the dropdown is present
 			const selectElement = screen.getByRole('combobox');
 			expect(selectElement).toBeInTheDocument();
@@ -278,7 +232,7 @@ describe('Dynamic Variable Default Behavior', () => {
 
 			await act(async () => {
 				renderWithQueryClient(
-					<DynamicVariableInput
+					<DynamicVariableSelection
 						variableData={variableData}
 						existingVariables={{ var1: variableData }}
 						onValueUpdate={mockOnValueUpdate}
@@ -313,7 +267,7 @@ describe('Dynamic Variable Default Behavior', () => {
 
 			await act(async () => {
 				renderWithQueryClient(
-					<DynamicVariableInput
+					<DynamicVariableSelection
 						variableData={variableData}
 						existingVariables={{ var1: variableData }}
 						onValueUpdate={mockOnValueUpdate}
@@ -339,7 +293,7 @@ describe('Dynamic Variable Default Behavior', () => {
 			expect(screen.queryByText('backend')).not.toBeInTheDocument();
 		});
 
-		it('sahould default to ALL when no default and no previous selection', async () => {
+		it('should default to ALL when no default and no previous selection', async () => {
 			const variableData: IDashboardVariable = {
 				id: 'var21',
 				name: 'services',
@@ -357,7 +311,7 @@ describe('Dynamic Variable Default Behavior', () => {
 
 			await act(async () => {
 				renderWithQueryClient(
-					<DynamicVariableInput
+					<DynamicVariableSelection
 						variableData={variableData}
 						existingVariables={{ var1: variableData }}
 						onValueUpdate={mockOnValueUpdate}
@@ -391,7 +345,7 @@ describe('Dynamic Variable Default Behavior', () => {
 			expect(mockOnValueUpdate).toHaveBeenCalledWith(
 				'services',
 				'var21',
-				[],
+				[], // Empty array when allSelected is true
 				true, // allSelected = true
 				false,
 			);
@@ -417,7 +371,7 @@ describe('Dynamic Variable Default Behavior', () => {
 
 			await act(async () => {
 				renderWithQueryClient(
-					<DynamicVariableInput
+					<DynamicVariableSelection
 						variableData={variableData}
 						existingVariables={{ var1: variableData }}
 						onValueUpdate={mockOnValueUpdate}
@@ -454,7 +408,7 @@ describe('Dynamic Variable Default Behavior', () => {
 
 			await act(async () => {
 				renderWithQueryClient(
-					<DynamicVariableInput
+					<DynamicVariableSelection
 						variableData={variableData}
 						existingVariables={{ var1: variableData }}
 						onValueUpdate={mockOnValueUpdate}
@@ -462,6 +416,9 @@ describe('Dynamic Variable Default Behavior', () => {
 				);
 			});
 
+			// Component should render without errors
+			expect(screen.getByText('$services')).toBeInTheDocument();
+
 			// Check if ALL is displayed in the UI (in the main selection area)
 			const allTextElement = screen.getByText('ALL');
 			expect(allTextElement).toBeInTheDocument();

frontend/src/container/DashboardContainer/visualization/panels/TimeSeriesPanel/TimeSeriesPanel.tsx

@@ -6,6 +6,7 @@ import { PanelWrapperProps } from 'container/PanelWrapper/panelWrapper.types';
 import { useIsDarkMode } from 'hooks/useDarkMode';
 import { useResizeObserver } from 'hooks/useDimensions';
 import { LegendPosition } from 'lib/uPlotV2/components/types';
+import { LineInterpolation } from 'lib/uPlotV2/config/types';
 import { ContextMenu } from 'periscope/components/ContextMenu';
 import { useDashboard } from 'providers/Dashboard/Dashboard';
 import { useTimezone } from 'providers/Timezone';
@@ -72,28 +73,55 @@ function TimeSeriesPanel(props: PanelWrapperProps): JSX.Element {
 	}, [queryResponse?.data?.payload]);
 
 	const config = useMemo(() => {
+		const tzDate = (timestamp: number): Date =>
+			uPlot.tzDate(new Date(timestamp * 1e3), timezone.value);
+
 		return prepareUPlotConfig({
-			widget,
-			isDarkMode,
-			currentQuery: widget.query,
-			onClick: clickHandlerWithContextMenu,
-			onDragSelect,
+			widgetId: widget.id || '',
 			apiResponse: queryResponse?.data?.payload as MetricRangePayloadProps,
-			timezone,
-			panelMode,
+			tzDate,
 			minTimeScale: minTimeScale,
 			maxTimeScale: maxTimeScale,
+			isLogScale: widget?.isLogScale ?? false,
+			thresholds: {
+				scaleKey: 'y',
+				thresholds: (widget.thresholds || []).map((threshold) => ({
+					thresholdValue: threshold.thresholdValue ?? 0,
+					thresholdColor: threshold.thresholdColor,
+					thresholdUnit: threshold.thresholdUnit,
+					thresholdLabel: threshold.thresholdLabel,
+				})),
+				yAxisUnit: widget.yAxisUnit,
+			},
+			yAxisUnit: widget.yAxisUnit || '',
+			softMin: widget.softMin === undefined ? null : widget.softMin,
+			softMax: widget.softMax === undefined ? null : widget.softMax,
+			spanGaps: false,
+			colorMapping: widget.customLegendColors ?? {},
+			lineInterpolation: LineInterpolation.Spline,
+			isDarkMode,
+			onClick: clickHandlerWithContextMenu,
+			onDragSelect,
+			currentQuery: widget.query,
+			panelMode,
 		});
 	}, [
-		widget,
+		widget.id,
+		maxTimeScale,
+		minTimeScale,
+		timezone.value,
+		widget.customLegendColors,
+		widget.isLogScale,
+		widget.softMax,
+		widget.softMin,
 		isDarkMode,
+		queryResponse?.data?.payload,
+		widget.query,
+		widget.thresholds,
+		widget.yAxisUnit,
+		panelMode,
 		clickHandlerWithContextMenu,
 		onDragSelect,
-		queryResponse?.data?.payload,
-		panelMode,
-		minTimeScale,
-		maxTimeScale,
-		timezone,
 	]);
 
 	const layoutChildren = useMemo(() => {

frontend/src/container/DashboardContainer/visualization/panels/TimeSeriesPanel/utils.ts

@@ -1,4 +1,3 @@
-import { Timezone } from 'components/CustomTimePicker/timezoneUtils';
 import { PANEL_TYPES } from 'constants/queryBuilder';
 import {
 	fillMissingXAxisTimestamps,
@@ -6,20 +5,23 @@ import {
 } from 'container/DashboardContainer/visualization/panels/utils';
 import { getLegend } from 'lib/dashboard/getQueryResults';
 import getLabelName from 'lib/getLabelName';
-import { OnClickPluginOpts } from 'lib/uPlotLib/plugins/onClickPlugin';
+import onClickPlugin, {
+	OnClickPluginOpts,
+} from 'lib/uPlotLib/plugins/onClickPlugin';
 import {
+	DistributionType,
 	DrawStyle,
 	LineInterpolation,
 	LineStyle,
+	SelectionPreferencesSource,
 	VisibilityMode,
 } from 'lib/uPlotV2/config/types';
 import { UPlotConfigBuilder } from 'lib/uPlotV2/config/UPlotConfigBuilder';
-import { Widgets } from 'types/api/dashboard/getAll';
+import { ThresholdsDrawHookOptions } from 'lib/uPlotV2/hooks/types';
 import { MetricRangePayloadProps } from 'types/api/metrics/getQueryRange';
 import { Query } from 'types/api/queryBuilder/queryBuilderData';
 
 import { PanelMode } from '../types';
-import { buildBaseConfig } from '../utils/baseConfigBuilder';
 
 export const prepareChartData = (
 	apiResponse: MetricRangePayloadProps,
@@ -32,39 +34,112 @@ export const prepareChartData = (
 };
 
 export const prepareUPlotConfig = ({
-	widget,
-	isDarkMode,
-	currentQuery,
-	onClick,
-	onDragSelect,
+	widgetId,
 	apiResponse,
-	timezone,
-	panelMode,
+	tzDate,
 	minTimeScale,
 	maxTimeScale,
+	isLogScale,
+	thresholds,
+	softMin,
+	softMax,
+	spanGaps,
+	colorMapping,
+	lineInterpolation,
+	isDarkMode,
+	currentQuery,
+	onDragSelect,
+	onClick,
+	yAxisUnit,
+	panelMode,
 }: {
-	widget: Widgets;
-	isDarkMode: boolean;
-	currentQuery: Query;
-	onClick: OnClickPluginOpts['onClick'];
-	onDragSelect: (startTime: number, endTime: number) => void;
+	widgetId: string;
 	apiResponse: MetricRangePayloadProps;
-	timezone: Timezone;
+	tzDate: uPlot.LocalDateFromUnix;
+	minTimeScale: number | undefined;
+	maxTimeScale: number | undefined;
+	isLogScale: boolean;
+	softMin: number | null;
+	softMax: number | null;
+	spanGaps: boolean;
+	colorMapping: Record<string, string>;
+	lineInterpolation: LineInterpolation;
+	isDarkMode: boolean;
+	thresholds: ThresholdsDrawHookOptions;
+	currentQuery: Query;
+	yAxisUnit: string;
+	onDragSelect: (startTime: number, endTime: number) => void;
+	onClick?: OnClickPluginOpts['onClick'];
 	panelMode: PanelMode;
-	minTimeScale?: number;
-	maxTimeScale?: number;
 }): UPlotConfigBuilder => {
-	const builder = buildBaseConfig({
-		widget,
-		isDarkMode,
-		onClick,
+	const builder = new UPlotConfigBuilder({
 		onDragSelect,
-		apiResponse,
-		timezone,
-		panelMode,
+		widgetId,
+		tzDate,
+		shouldSaveSelectionPreference: panelMode === PanelMode.DASHBOARD_VIEW,
+		selectionPreferencesSource: [
+			PanelMode.DASHBOARD_VIEW,
+			PanelMode.STANDALONE_VIEW,
+		].includes(panelMode)
+			? SelectionPreferencesSource.LOCAL_STORAGE
+			: SelectionPreferencesSource.IN_MEMORY,
+	});
+
+	// X scale – time axis
+	builder.addScale({
+		scaleKey: 'x',
+		time: true,
+		min: minTimeScale,
+		max: maxTimeScale,
+		logBase: isLogScale ? 10 : undefined,
+		distribution: isLogScale
+			? DistributionType.Logarithmic
+			: DistributionType.Linear,
+	});
+
+	// Y scale – value axis, driven primarily by softMin/softMax and data
+	builder.addScale({
+		scaleKey: 'y',
+		time: false,
+		min: undefined,
+		max: undefined,
+		softMin: softMin ?? undefined,
+		softMax: softMax ?? undefined,
+		thresholds,
+		logBase: isLogScale ? 10 : undefined,
+		distribution: isLogScale
+			? DistributionType.Logarithmic
+			: DistributionType.Linear,
+	});
+
+	builder.addThresholds(thresholds);
+
+	if (typeof onClick === 'function') {
+		builder.addPlugin(
+			onClickPlugin({
+				onClick,
+				apiResponse,
+			}),
+		);
+	}
+
+	builder.addAxis({
+		scaleKey: 'x',
+		show: true,
+		side: 2,
+		isDarkMode,
+		isLogScale: false,
+		panelType: PANEL_TYPES.TIME_SERIES,
+	});
+
+	builder.addAxis({
+		scaleKey: 'y',
+		show: true,
+		side: 3,
+		isDarkMode,
+		isLogScale: false,
+		yAxisUnit,
 		panelType: PANEL_TYPES.TIME_SERIES,
-		minTimeScale,
-		maxTimeScale,
 	});
 
 	apiResponse.data?.result?.forEach((series) => {
@@ -82,16 +157,14 @@ export const prepareUPlotConfig = ({
 			scaleKey: 'y',
 			drawStyle: DrawStyle.Line,
 			label: label,
-			colorMapping: widget.customLegendColors ?? {},
-			spanGaps: false,
+			colorMapping,
+			spanGaps,
 			lineStyle: LineStyle.Solid,
-			lineInterpolation: LineInterpolation.Spline,
+			lineInterpolation,
 			showPoints: VisibilityMode.Never,
 			pointSize: 5,
 			isDarkMode,
-			panelType: PANEL_TYPES.TIME_SERIES,
 		});
 	});
-
 	return builder;
 };

frontend/src/container/DashboardContainer/visualization/panels/utils/baseConfigBuilder.ts

@@ -1,127 +0,0 @@
-import { Timezone } from 'components/CustomTimePicker/timezoneUtils';
-import { PANEL_TYPES } from 'constants/queryBuilder';
-import onClickPlugin, {
-	OnClickPluginOpts,
-} from 'lib/uPlotLib/plugins/onClickPlugin';
-import {
-	DistributionType,
-	SelectionPreferencesSource,
-} from 'lib/uPlotV2/config/types';
-import { UPlotConfigBuilder } from 'lib/uPlotV2/config/UPlotConfigBuilder';
-import { ThresholdsDrawHookOptions } from 'lib/uPlotV2/hooks/types';
-import { Widgets } from 'types/api/dashboard/getAll';
-import { MetricRangePayloadProps } from 'types/api/metrics/getQueryRange';
-import uPlot from 'uplot';
-
-import { PanelMode } from '../types';
-
-export interface BaseConfigBuilderProps {
-	widget: Widgets;
-	apiResponse: MetricRangePayloadProps;
-	isDarkMode: boolean;
-	onClick: OnClickPluginOpts['onClick'];
-	onDragSelect: (startTime: number, endTime: number) => void;
-	timezone: Timezone;
-	panelMode: PanelMode;
-	panelType: PANEL_TYPES;
-	minTimeScale?: number;
-	maxTimeScale?: number;
-}
-
-export function buildBaseConfig({
-	widget,
-	isDarkMode,
-	onClick,
-	onDragSelect,
-	apiResponse,
-	timezone,
-	panelMode,
-	panelType,
-	minTimeScale,
-	maxTimeScale,
-}: BaseConfigBuilderProps): UPlotConfigBuilder {
-	const tzDate = (timestamp: number): Date =>
-		uPlot.tzDate(new Date(timestamp * 1e3), timezone.value);
-
-	const builder = new UPlotConfigBuilder({
-		onDragSelect,
-		widgetId: widget.id,
-		tzDate,
-		shouldSaveSelectionPreference: panelMode === PanelMode.DASHBOARD_VIEW,
-		selectionPreferencesSource: [
-			PanelMode.DASHBOARD_VIEW,
-			PanelMode.STANDALONE_VIEW,
-		].includes(panelMode)
-			? SelectionPreferencesSource.LOCAL_STORAGE
-			: SelectionPreferencesSource.IN_MEMORY,
-	});
-
-	const thresholdOptions: ThresholdsDrawHookOptions = {
-		scaleKey: 'y',
-		thresholds: (widget.thresholds || []).map((threshold) => ({
-			thresholdValue: threshold.thresholdValue ?? 0,
-			thresholdColor: threshold.thresholdColor,
-			thresholdUnit: threshold.thresholdUnit,
-			thresholdLabel: threshold.thresholdLabel,
-		})),
-		yAxisUnit: widget.yAxisUnit,
-	};
-
-	builder.addThresholds(thresholdOptions);
-
-	builder.addScale({
-		scaleKey: 'x',
-		time: true,
-		min: minTimeScale,
-		max: maxTimeScale,
-		logBase: widget.isLogScale ? 10 : undefined,
-		distribution: widget.isLogScale
-			? DistributionType.Logarithmic
-			: DistributionType.Linear,
-	});
-
-	// Y scale – value axis, driven primarily by softMin/softMax and data
-	builder.addScale({
-		scaleKey: 'y',
-		time: false,
-		min: undefined,
-		max: undefined,
-		softMin: widget.softMin ?? undefined,
-		softMax: widget.softMax ?? undefined,
-		// thresholds,
-		logBase: widget.isLogScale ? 10 : undefined,
-		distribution: widget.isLogScale
-			? DistributionType.Logarithmic
-			: DistributionType.Linear,
-	});
-
-	if (typeof onClick === 'function') {
-		builder.addPlugin(
-			onClickPlugin({
-				onClick,
-				apiResponse,
-			}),
-		);
-	}
-
-	builder.addAxis({
-		scaleKey: 'x',
-		show: true,
-		side: 2,
-		isDarkMode,
-		isLogScale: widget.isLogScale,
-		panelType,
-	});
-
-	builder.addAxis({
-		scaleKey: 'y',
-		show: true,
-		side: 3,
-		isDarkMode,
-		isLogScale: widget.isLogScale,
-		yAxisUnit: widget.yAxisUnit,
-		panelType,
-	});
-
-	return builder;
-}

frontend/src/container/GridCardLayout/GridCard/FullView/index.tsx

@@ -33,8 +33,8 @@ import { useChartMutable } from 'hooks/useChartMutable';
 import useComponentPermission from 'hooks/useComponentPermission';
 import { useSafeNavigate } from 'hooks/useSafeNavigate';
 import useUrlQuery from 'hooks/useUrlQuery';
+import { getDashboardVariables } from 'lib/dashbaordVariables/getDashboardVariables';
 import { GetQueryResultsProps } from 'lib/dashboard/getQueryResults';
-import { getDashboardVariables } from 'lib/dashboardVariables/getDashboardVariables';
 import GetMinMax from 'lib/getMinMax';
 import { isEmpty } from 'lodash-es';
 import { useAppContext } from 'providers/App/App';

frontend/src/container/GridCardLayout/GridCard/index.tsx

@@ -8,8 +8,8 @@ import { populateMultipleResults } from 'container/NewWidget/LeftContainer/Widge
 import { CustomTimeType } from 'container/TopNav/DateTimeSelectionV2/types';
 import { useGetQueryRange } from 'hooks/queryBuilder/useGetQueryRange';
 import { useIntersectionObserver } from 'hooks/useIntersectionObserver';
+import { getDashboardVariables } from 'lib/dashbaordVariables/getDashboardVariables';
 import { GetQueryResultsProps } from 'lib/dashboard/getQueryResults';
-import { getDashboardVariables } from 'lib/dashboardVariables/getDashboardVariables';
 import getTimeString from 'lib/getTimeString';
 import { isEqual } from 'lodash-es';
 import isEmpty from 'lodash-es/isEmpty';

frontend/src/container/GridCardLayout/useResolveQuery.ts

@@ -6,7 +6,7 @@ import { prepareQueryRangePayloadV5 } from 'api/v5/v5';
 import { PANEL_TYPES } from 'constants/queryBuilder';
 import { timePreferenceType } from 'container/NewWidget/RightContainer/timeItems';
 import { useDashboardVariablesByType } from 'hooks/dashboard/useDashboardVariablesByType';
-import { getDashboardVariables } from 'lib/dashboardVariables/getDashboardVariables';
+import { getDashboardVariables } from 'lib/dashbaordVariables/getDashboardVariables';
 import { mapQueryDataFromApi } from 'lib/newQueryBuilder/queryBuilderMappers/mapQueryDataFromApi';
 import { AppState } from 'store/reducers';
 import { Query } from 'types/api/queryBuilder/queryBuilderData';

frontend/src/container/NewWidget/index.tsx

@@ -27,8 +27,8 @@ import { useIsDarkMode } from 'hooks/useDarkMode';
 import { useSafeNavigate } from 'hooks/useSafeNavigate';
 import useUrlQuery from 'hooks/useUrlQuery';
 import createQueryParams from 'lib/createQueryParams';
+import { getDashboardVariables } from 'lib/dashbaordVariables/getDashboardVariables';
 import { GetQueryResultsProps } from 'lib/dashboard/getQueryResults';
-import { getDashboardVariables } from 'lib/dashboardVariables/getDashboardVariables';
 import { cloneDeep, defaultTo, isEmpty, isUndefined } from 'lodash-es';
 import { Check, X } from 'lucide-react';
 import { DashboardWidgetPageParams } from 'pages/DashboardWidget';

frontend/src/container/ServiceApplication/utils.ts

@@ -1,8 +1,8 @@
 import { PANEL_TYPES } from 'constants/queryBuilder';
 import { getWidgetQueryBuilder } from 'container/MetricsApplication/MetricsApplication.factory';
 import { updateStepInterval } from 'hooks/queryBuilder/useStepInterval';
+import { getDashboardVariables } from 'lib/dashbaordVariables/getDashboardVariables';
 import { GetQueryResultsProps } from 'lib/dashboard/getQueryResults';
-import { getDashboardVariables } from 'lib/dashboardVariables/getDashboardVariables';
 import { ServicesList } from 'types/api/metrics/getService';
 import { QueryDataV3 } from 'types/api/widgets/getQuery';
 import { EQueryType } from 'types/common/dashboard';

frontend/src/hooks/queryBuilder/useCreateAlerts.tsx

@@ -13,7 +13,7 @@ import { MenuItemKeys } from 'container/GridCardLayout/WidgetHeader/contants';
 import { useDashboardVariables } from 'hooks/dashboard/useDashboardVariables';
 import { useDashboardVariablesByType } from 'hooks/dashboard/useDashboardVariablesByType';
 import { useNotifications } from 'hooks/useNotifications';
-import { getDashboardVariables } from 'lib/dashboardVariables/getDashboardVariables';
+import { getDashboardVariables } from 'lib/dashbaordVariables/getDashboardVariables';
 import { mapQueryDataFromApi } from 'lib/newQueryBuilder/queryBuilderMappers/mapQueryDataFromApi';
 import { isEmpty } from 'lodash-es';
 import { useDashboard } from 'providers/Dashboard/Dashboard';

frontend/src/hooks/queryBuilder/useGetWidgetQueryRange.ts

@@ -3,8 +3,8 @@ import { useSelector } from 'react-redux';
 import { initialQueriesMap } from 'constants/queryBuilder';
 import { REACT_QUERY_KEY } from 'constants/reactQueryKeys';
 import { useDashboardVariables } from 'hooks/dashboard/useDashboardVariables';
+import { getDashboardVariables } from 'lib/dashbaordVariables/getDashboardVariables';
 import { GetQueryResultsProps } from 'lib/dashboard/getQueryResults';
-import { getDashboardVariables } from 'lib/dashboardVariables/getDashboardVariables';
 import { AppState } from 'store/reducers';
 import { SuccessResponse } from 'types/api';
 import { MetricRangePayloadProps } from 'types/api/metrics/getQueryRange';

frontend/src/lib/uPlotV2/components/Tooltip/Tooltip.tsx

@@ -3,7 +3,6 @@ import { Virtuoso } from 'react-virtuoso';
 import cx from 'classnames';
 import { DATE_TIME_FORMATS } from 'constants/dateTimeFormats';
 import dayjs from 'dayjs';
-import customParseFormat from 'dayjs/plugin/customParseFormat';
 import { useIsDarkMode } from 'hooks/useDarkMode';
 
 import { TooltipContentItem, TooltipProps } from '../types';
@@ -14,8 +13,6 @@ import './Tooltip.styles.scss';
 const TOOLTIP_LIST_MAX_HEIGHT = 330;
 const TOOLTIP_ITEM_HEIGHT = 38;
 
-dayjs.extend(customParseFormat);
-
 export default function Tooltip({
 	seriesIndex,
 	dataIndexes,

frontend/src/lib/uPlotV2/components/__tests__/UPlotChart.test.tsx

@@ -1,412 +0,0 @@
-import type { ReactNode } from 'react';
-import { render, screen } from '@testing-library/react';
-import { UPlotConfigBuilder } from 'lib/uPlotV2/config/UPlotConfigBuilder';
-import type { AlignedData } from 'uplot';
-
-import { PlotContextProvider } from '../../context/PlotContext';
-import UPlotChart from '../UPlotChart';
-
-// ---------------------------------------------------------------------------
-// Mocks
-// ---------------------------------------------------------------------------
-
-jest.mock(
-	'container/DashboardContainer/visualization/panels/utils/legendVisibilityUtils',
-	() => ({
-		getStoredSeriesVisibility: jest.fn(),
-		updateSeriesVisibilityToLocalStorage: jest.fn(),
-	}),
-);
-
-jest.mock('@sentry/react', () => ({
-	ErrorBoundary: ({ children }: { children: ReactNode }): JSX.Element => (
-		<>{children}</>
-	),
-}));
-
-jest.mock('pages/ErrorBoundaryFallback/ErrorBoundaryFallback', () => ({
-	__esModule: true,
-	default: (): JSX.Element => <div>Error Fallback</div>,
-}));
-
-interface MockUPlotInstance {
-	root: HTMLDivElement;
-	setData: jest.Mock;
-	setSize: jest.Mock;
-	destroy: jest.Mock;
-}
-
-let instances: MockUPlotInstance[] = [];
-const mockUPlotConstructor = jest.fn();
-
-jest.mock('uplot', () => {
-	function MockUPlot(
-		opts: Record<string, unknown>,
-		data: unknown,
-		target: HTMLElement,
-	): MockUPlotInstance {
-		mockUPlotConstructor(opts, data, target);
-
-		const rootEl = document.createElement('div');
-		target.appendChild(rootEl);
-
-		const inst: MockUPlotInstance = {
-			root: rootEl,
-			setData: jest.fn(),
-			setSize: jest.fn(),
-			destroy: jest.fn(),
-		};
-		instances.push(inst);
-		return inst;
-	}
-
-	MockUPlot.paths = {
-		spline: jest.fn(() => jest.fn()),
-		bars: jest.fn(() => jest.fn()),
-		linear: jest.fn(() => jest.fn()),
-		stepped: jest.fn(() => jest.fn()),
-	};
-	MockUPlot.tzDate = jest.fn();
-
-	return { __esModule: true, default: MockUPlot };
-});
-
-// ---------------------------------------------------------------------------
-// Helpers
-// ---------------------------------------------------------------------------
-
-const createMockConfig = (): UPlotConfigBuilder => {
-	return ({
-		getConfig: jest.fn().mockReturnValue({
-			series: [{ value: (): string => '' }],
-			axes: [],
-			scales: {},
-			hooks: {},
-			cursor: {},
-		}),
-		getWidgetId: jest.fn().mockReturnValue(undefined),
-		getShouldSaveSelectionPreference: jest.fn().mockReturnValue(false),
-	} as unknown) as UPlotConfigBuilder;
-};
-
-const validData: AlignedData = [
-	[1, 2, 3],
-	[10, 20, 30],
-];
-const emptyData: AlignedData = [[]];
-
-const Wrapper = ({ children }: { children: ReactNode }): JSX.Element => (
-	<PlotContextProvider>{children}</PlotContextProvider>
-);
-
-// ---------------------------------------------------------------------------
-// Tests
-// ---------------------------------------------------------------------------
-
-describe('UPlotChart', () => {
-	beforeEach(() => {
-		instances = [];
-		mockUPlotConstructor.mockClear();
-	});
-
-	describe('when data is empty', () => {
-		it('displays "No Data" message instead of the chart container', () => {
-			render(
-				<UPlotChart
-					config={createMockConfig()}
-					data={emptyData}
-					width={600}
-					height={400}
-				/>,
-				{ wrapper: Wrapper },
-			);
-
-			expect(screen.getByText('No Data')).toBeInTheDocument();
-			expect(screen.queryByTestId('uplot-main-div')).not.toBeInTheDocument();
-		});
-
-		it('sizes the empty-state container to the given width and height', () => {
-			render(
-				<UPlotChart
-					config={createMockConfig()}
-					data={emptyData}
-					width={750}
-					height={350}
-				/>,
-				{ wrapper: Wrapper },
-			);
-
-			const noDataContainer = screen
-				.getByText('No Data')
-				.closest('.uplot-no-data');
-			expect(noDataContainer).toHaveStyle({ width: '750px', height: '350px' });
-		});
-
-		it('does not create a uPlot instance', () => {
-			render(
-				<UPlotChart
-					config={createMockConfig()}
-					data={emptyData}
-					width={600}
-					height={400}
-				/>,
-				{ wrapper: Wrapper },
-			);
-
-			expect(mockUPlotConstructor).not.toHaveBeenCalled();
-		});
-	});
-
-	describe('chart container', () => {
-		it('renders children inside the chart wrapper', () => {
-			render(
-				<UPlotChart
-					config={createMockConfig()}
-					data={validData}
-					width={600}
-					height={400}
-				>
-					<div data-testid="tooltip-plugin">Tooltip</div>
-				</UPlotChart>,
-				{ wrapper: Wrapper },
-			);
-
-			expect(screen.getByTestId('tooltip-plugin')).toBeInTheDocument();
-		});
-	});
-
-	describe('plot creation', () => {
-		it('instantiates uPlot with floored dimensions and the container element', () => {
-			render(
-				<UPlotChart
-					config={createMockConfig()}
-					data={validData}
-					width={600.9}
-					height={400.2}
-				/>,
-				{ wrapper: Wrapper },
-			);
-
-			expect(mockUPlotConstructor).toHaveBeenCalledTimes(1);
-
-			const [opts, data, target] = mockUPlotConstructor.mock.calls[0];
-			expect(opts.width).toBe(600);
-			expect(opts.height).toBe(400);
-			expect(data).toBe(validData);
-			expect(target).toBe(screen.getByTestId('uplot-main-div'));
-		});
-
-		it('merges config builder output into the uPlot options', () => {
-			const config = createMockConfig();
-			config.getConfig = jest.fn().mockReturnValue({
-				series: [{ value: (): string => '' }],
-				axes: [{ scale: 'y' }],
-				scales: { y: {} },
-				hooks: {},
-				cursor: { show: true },
-			});
-
-			render(
-				<UPlotChart
-					config={(config as unknown) as UPlotConfigBuilder}
-					data={validData}
-					width={500}
-					height={300}
-				/>,
-				{ wrapper: Wrapper },
-			);
-
-			const [opts] = mockUPlotConstructor.mock.calls[0];
-			expect(opts.width).toBe(500);
-			expect(opts.height).toBe(300);
-			expect(opts.axes).toEqual([{ scale: 'y' }]);
-			expect(opts.cursor).toEqual({ show: true });
-		});
-
-		it('skips creation when width or height is 0', () => {
-			render(
-				<UPlotChart
-					config={createMockConfig()}
-					data={validData}
-					width={0}
-					height={0}
-				/>,
-				{ wrapper: Wrapper },
-			);
-
-			expect(mockUPlotConstructor).not.toHaveBeenCalled();
-		});
-	});
-
-	describe('lifecycle callbacks', () => {
-		it('invokes plotRef with the uPlot instance after creation', () => {
-			const plotRef = jest.fn();
-
-			render(
-				<UPlotChart
-					config={createMockConfig()}
-					data={validData}
-					width={600}
-					height={400}
-					plotRef={plotRef}
-				/>,
-				{ wrapper: Wrapper },
-			);
-
-			expect(plotRef).toHaveBeenCalledTimes(1);
-			expect(plotRef).toHaveBeenCalledWith(instances[0]);
-		});
-
-		it('destroys the instance and notifies callbacks when data becomes empty', () => {
-			const plotRef = jest.fn();
-			const onDestroy = jest.fn();
-			const config = createMockConfig();
-
-			const { rerender } = render(
-				<UPlotChart
-					config={config}
-					data={validData}
-					width={600}
-					height={400}
-					plotRef={plotRef}
-					onDestroy={onDestroy}
-				/>,
-				{ wrapper: Wrapper },
-			);
-
-			const firstInstance = instances[0];
-			plotRef.mockClear();
-
-			rerender(
-				<UPlotChart
-					config={config}
-					data={emptyData}
-					width={600}
-					height={400}
-					plotRef={plotRef}
-					onDestroy={onDestroy}
-				/>,
-			);
-
-			expect(onDestroy).toHaveBeenCalledWith(firstInstance);
-			expect(firstInstance.destroy).toHaveBeenCalled();
-			expect(plotRef).toHaveBeenCalledWith(null);
-			expect(screen.getByText('No Data')).toBeInTheDocument();
-		});
-
-		it('destroys the previous instance before creating a new one on config change', () => {
-			const onDestroy = jest.fn();
-			const config1 = createMockConfig();
-			const config2 = createMockConfig();
-
-			const { rerender } = render(
-				<UPlotChart
-					config={config1}
-					data={validData}
-					width={600}
-					height={400}
-					onDestroy={onDestroy}
-				/>,
-				{ wrapper: Wrapper },
-			);
-
-			const firstInstance = instances[0];
-
-			rerender(
-				<UPlotChart
-					config={config2}
-					data={validData}
-					width={600}
-					height={400}
-					onDestroy={onDestroy}
-				/>,
-			);
-
-			expect(onDestroy).toHaveBeenCalledWith(firstInstance);
-			expect(firstInstance.destroy).toHaveBeenCalled();
-			expect(instances).toHaveLength(2);
-		});
-	});
-
-	describe('prop updates', () => {
-		it('calls setData without recreating the plot when only data changes', () => {
-			const config = createMockConfig();
-			const newData: AlignedData = [
-				[4, 5, 6],
-				[40, 50, 60],
-			];
-
-			const { rerender } = render(
-				<UPlotChart config={config} data={validData} width={600} height={400} />,
-				{ wrapper: Wrapper },
-			);
-
-			const inst = instances[0];
-
-			rerender(
-				<UPlotChart config={config} data={newData} width={600} height={400} />,
-			);
-
-			expect(inst.setData).toHaveBeenCalledWith(newData);
-			expect(mockUPlotConstructor).toHaveBeenCalledTimes(1);
-		});
-
-		it('calls setSize with floored values when only dimensions change', () => {
-			const config = createMockConfig();
-
-			const { rerender } = render(
-				<UPlotChart config={config} data={validData} width={600} height={400} />,
-				{ wrapper: Wrapper },
-			);
-
-			const instance = instances[0];
-
-			rerender(
-				<UPlotChart
-					config={config}
-					data={validData}
-					width={800.7}
-					height={500.3}
-				/>,
-			);
-
-			expect(instance.setSize).toHaveBeenCalledWith({ width: 800, height: 500 });
-			expect(mockUPlotConstructor).toHaveBeenCalledTimes(1);
-		});
-
-		it('recreates the plot when config changes', () => {
-			const config1 = createMockConfig();
-			const config2 = createMockConfig();
-
-			const { rerender } = render(
-				<UPlotChart config={config1} data={validData} width={600} height={400} />,
-				{ wrapper: Wrapper },
-			);
-
-			rerender(
-				<UPlotChart config={config2} data={validData} width={600} height={400} />,
-			);
-
-			expect(mockUPlotConstructor).toHaveBeenCalledTimes(2);
-		});
-
-		it('does nothing when all props remain the same', () => {
-			const config = createMockConfig();
-
-			const { rerender } = render(
-				<UPlotChart config={config} data={validData} width={600} height={400} />,
-				{ wrapper: Wrapper },
-			);
-
-			const instance = instances[0];
-
-			rerender(
-				<UPlotChart config={config} data={validData} width={600} height={400} />,
-			);
-
-			expect(mockUPlotConstructor).toHaveBeenCalledTimes(1);
-			expect(instance.setData).not.toHaveBeenCalled();
-			expect(instance.setSize).not.toHaveBeenCalled();
-		});
-	});
-});

frontend/src/providers/Dashboard/__tests__/Dashboard.test.tsx

@@ -412,16 +412,14 @@ describe('Dashboard Provider - URL Variables Integration', () => {
 			});
 
 			// Verify dashboard state contains the variables with default values
-			await waitFor(() => {
-				const dashboardVariables = screen.getByTestId('dashboard-variables');
-				const parsedVariables = JSON.parse(dashboardVariables.textContent || '{}');
+			const dashboardVariables = await screen.findByTestId('dashboard-variables');
+			const parsedVariables = JSON.parse(dashboardVariables.textContent || '{}');
 
-				expect(parsedVariables).toHaveProperty('environment');
-				expect(parsedVariables).toHaveProperty('services');
-				// Default allSelected values should be preserved
-				expect(parsedVariables.environment.allSelected).toBe(false);
-				expect(parsedVariables.services.allSelected).toBe(false);
-			});
+			expect(parsedVariables).toHaveProperty('environment');
+			expect(parsedVariables).toHaveProperty('services');
+			// Default allSelected values should be preserved
+			expect(parsedVariables.environment.allSelected).toBe(false);
+			expect(parsedVariables.services.allSelected).toBe(false);
 		});
 
 		it('should merge URL variables with dashboard data and normalize values correctly', async () => {
@@ -468,26 +466,16 @@ describe('Dashboard Provider - URL Variables Integration', () => {
 			});
 
 			// Verify the dashboard state reflects the normalized URL values
-			await waitFor(() => {
-				const dashboardVariables = screen.getByTestId('dashboard-variables');
-				const parsedVariables = JSON.parse(dashboardVariables.textContent || '{}');
+			const dashboardVariables = await screen.findByTestId('dashboard-variables');
+			const parsedVariables = JSON.parse(dashboardVariables.textContent || '{}');
 
-				// First ensure the variables exist
-				expect(parsedVariables).toHaveProperty('environment');
-				expect(parsedVariables).toHaveProperty('services');
+			// The selectedValue should be updated with normalized URL values
+			expect(parsedVariables.environment.selectedValue).toBe('development');
+			expect(parsedVariables.services.selectedValue).toEqual(['db', 'cache']);
 
-				// Then check their properties
-				expect(parsedVariables.environment).toHaveProperty('selectedValue');
-				expect(parsedVariables.services).toHaveProperty('selectedValue');
-
-				// The selectedValue should be updated with normalized URL values
-				expect(parsedVariables.environment.selectedValue).toBe('development');
-				expect(parsedVariables.services.selectedValue).toEqual(['db', 'cache']);
-
-				// allSelected should be set to false when URL values override
-				expect(parsedVariables.environment.allSelected).toBe(false);
-				expect(parsedVariables.services.allSelected).toBe(false);
-			});
+			// allSelected should be set to false when URL values override
+			expect(parsedVariables.environment.allSelected).toBe(false);
+			expect(parsedVariables.services.allSelected).toBe(false);
 		});
 
 		it('should handle ALL_SELECTED_VALUE from URL and set allSelected correctly', async () => {
@@ -512,8 +500,8 @@ describe('Dashboard Provider - URL Variables Integration', () => {
 			);
 
 			// Verify that allSelected is set to true for the services variable
-			await waitFor(() => {
-				const dashboardVariables = screen.getByTestId('dashboard-variables');
+			await waitFor(async () => {
+				const dashboardVariables = await screen.findByTestId('dashboard-variables');
 				const parsedVariables = JSON.parse(dashboardVariables.textContent || '{}');
 
 				expect(parsedVariables.services.allSelected).toBe(true);
@@ -615,8 +603,8 @@ describe('Dashboard Provider - Textbox Variable Backward Compatibility', () => {
 			});
 
 			// Verify that defaultValue is set from textboxValue
-			await waitFor(() => {
-				const dashboardVariables = screen.getByTestId('dashboard-variables');
+			await waitFor(async () => {
+				const dashboardVariables = await screen.findByTestId('dashboard-variables');
 				const parsedVariables = JSON.parse(dashboardVariables.textContent || '{}');
 
 				expect(parsedVariables.myTextbox.type).toBe('TEXTBOX');
@@ -660,8 +648,8 @@ describe('Dashboard Provider - Textbox Variable Backward Compatibility', () => {
 			});
 
 			// Verify that existing defaultValue is preserved
-			await waitFor(() => {
-				const dashboardVariables = screen.getByTestId('dashboard-variables');
+			await waitFor(async () => {
+				const dashboardVariables = await screen.findByTestId('dashboard-variables');
 				const parsedVariables = JSON.parse(dashboardVariables.textContent || '{}');
 
 				expect(parsedVariables.myTextbox.type).toBe('TEXTBOX');
@@ -706,8 +694,8 @@ describe('Dashboard Provider - Textbox Variable Backward Compatibility', () => {
 			});
 
 			// Verify that defaultValue is set to empty string
-			await waitFor(() => {
-				const dashboardVariables = screen.getByTestId('dashboard-variables');
+			await waitFor(async () => {
+				const dashboardVariables = await screen.findByTestId('dashboard-variables');
 				const parsedVariables = JSON.parse(dashboardVariables.textContent || '{}');
 
 				expect(parsedVariables.myTextbox.type).toBe('TEXTBOX');
@@ -751,8 +739,8 @@ describe('Dashboard Provider - Textbox Variable Backward Compatibility', () => {
 			});
 
 			// Verify that defaultValue is NOT set from textboxValue for QUERY type
-			await waitFor(() => {
-				const dashboardVariables = screen.getByTestId('dashboard-variables');
+			await waitFor(async () => {
+				const dashboardVariables = await screen.findByTestId('dashboard-variables');
 				const parsedVariables = JSON.parse(dashboardVariables.textContent || '{}');
 
 				expect(parsedVariables.myQuery.type).toBe('QUERY');

frontend/src/providers/Dashboard/initializeDefaultVariables.ts

@@ -1,7 +1,7 @@
 import { ALL_SELECTED_VALUE } from 'components/NewSelect/utils';
 import { IDashboardVariable } from 'types/api/dashboard/getAll';
 
-import { commaValuesParser } from '../../lib/dashboardVariables/customCommaValuesParser';
+import { commaValuesParser } from '../../lib/dashbaordVariables/customCommaValuesParser';
 
 interface UrlVariables {
 	[key: string]: any;

pkg/apiserver/signozapiserver/provider.go

@@ -18,6 +18,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/modules/organization"
 	"github.com/SigNoz/signoz/pkg/modules/preference"
 	"github.com/SigNoz/signoz/pkg/modules/promote"
+	"github.com/SigNoz/signoz/pkg/modules/role"
 	"github.com/SigNoz/signoz/pkg/modules/session"
 	"github.com/SigNoz/signoz/pkg/modules/user"
 	"github.com/SigNoz/signoz/pkg/types"
@@ -42,8 +43,9 @@ type provider struct {
 	dashboardHandler       dashboard.Handler
 	metricsExplorerHandler metricsexplorer.Handler
 	gatewayHandler         gateway.Handler
+	roleGetter             role.Getter
+	roleHandler            role.Handler
 	fieldsHandler          fields.Handler
-	authzHandler           authz.Handler
 }
 
 func NewFactory(
@@ -61,8 +63,9 @@ func NewFactory(
 	dashboardHandler dashboard.Handler,
 	metricsExplorerHandler metricsexplorer.Handler,
 	gatewayHandler gateway.Handler,
+	roleGetter role.Getter,
+	roleHandler role.Handler,
 	fieldsHandler fields.Handler,
-	authzHandler authz.Handler,
 ) factory.ProviderFactory[apiserver.APIServer, apiserver.Config] {
 	return factory.NewProviderFactory(factory.MustNewName("signoz"), func(ctx context.Context, providerSettings factory.ProviderSettings, config apiserver.Config) (apiserver.APIServer, error) {
 		return newProvider(
@@ -83,8 +86,9 @@ func NewFactory(
 			dashboardHandler,
 			metricsExplorerHandler,
 			gatewayHandler,
+			roleGetter,
+			roleHandler,
 			fieldsHandler,
-			authzHandler,
 		)
 	})
 }
@@ -107,8 +111,9 @@ func newProvider(
 	dashboardHandler dashboard.Handler,
 	metricsExplorerHandler metricsexplorer.Handler,
 	gatewayHandler gateway.Handler,
+	roleGetter role.Getter,
+	roleHandler role.Handler,
 	fieldsHandler fields.Handler,
-	authzHandler authz.Handler,
 ) (apiserver.APIServer, error) {
 	settings := factory.NewScopedProviderSettings(providerSettings, "github.com/SigNoz/signoz/pkg/apiserver/signozapiserver")
 	router := mux.NewRouter().UseEncodedPath()
@@ -129,11 +134,12 @@ func newProvider(
 		dashboardHandler:       dashboardHandler,
 		metricsExplorerHandler: metricsExplorerHandler,
 		gatewayHandler:         gatewayHandler,
+		roleGetter:             roleGetter,
+		roleHandler:            roleHandler,
 		fieldsHandler:          fieldsHandler,
-		authzHandler:           authzHandler,
 	}
 
-	provider.authZ = middleware.NewAuthZ(settings.Logger(), orgGetter, authz)
+	provider.authZ = middleware.NewAuthZ(settings.Logger(), orgGetter, authz, roleGetter)
 
 	if err := provider.AddToRouter(router); err != nil {
 		return nil, err

pkg/apiserver/signozapiserver/role.go

@@ -10,7 +10,7 @@ import (
 )
 
 func (provider *provider) addRoleRoutes(router *mux.Router) error {
-	if err := router.Handle("/api/v1/roles", handler.New(provider.authZ.AdminAccess(provider.authzHandler.Create), handler.OpenAPIDef{
+	if err := router.Handle("/api/v1/roles", handler.New(provider.authZ.AdminAccess(provider.roleHandler.Create), handler.OpenAPIDef{
 		ID:                  "CreateRole",
 		Tags:                []string{"role"},
 		Summary:             "Create role",
@@ -27,7 +27,7 @@ func (provider *provider) addRoleRoutes(router *mux.Router) error {
 		return err
 	}
 
-	if err := router.Handle("/api/v1/roles", handler.New(provider.authZ.AdminAccess(provider.authzHandler.List), handler.OpenAPIDef{
+	if err := router.Handle("/api/v1/roles", handler.New(provider.authZ.AdminAccess(provider.roleHandler.List), handler.OpenAPIDef{
 		ID:                  "ListRoles",
 		Tags:                []string{"role"},
 		Summary:             "List roles",
@@ -44,7 +44,7 @@ func (provider *provider) addRoleRoutes(router *mux.Router) error {
 		return err
 	}
 
-	if err := router.Handle("/api/v1/roles/{id}", handler.New(provider.authZ.AdminAccess(provider.authzHandler.Get), handler.OpenAPIDef{
+	if err := router.Handle("/api/v1/roles/{id}", handler.New(provider.authZ.AdminAccess(provider.roleHandler.Get), handler.OpenAPIDef{
 		ID:                  "GetRole",
 		Tags:                []string{"role"},
 		Summary:             "Get role",
@@ -61,7 +61,7 @@ func (provider *provider) addRoleRoutes(router *mux.Router) error {
 		return err
 	}
 
-	if err := router.Handle("/api/v1/roles/{id}", handler.New(provider.authZ.AdminAccess(provider.authzHandler.Patch), handler.OpenAPIDef{
+	if err := router.Handle("/api/v1/roles/{id}", handler.New(provider.authZ.AdminAccess(provider.roleHandler.Patch), handler.OpenAPIDef{
 		ID:                  "PatchRole",
 		Tags:                []string{"role"},
 		Summary:             "Patch role",
@@ -78,7 +78,7 @@ func (provider *provider) addRoleRoutes(router *mux.Router) error {
 		return err
 	}
 
-	if err := router.Handle("/api/v1/roles/{id}", handler.New(provider.authZ.AdminAccess(provider.authzHandler.Delete), handler.OpenAPIDef{
+	if err := router.Handle("/api/v1/roles/{id}", handler.New(provider.authZ.AdminAccess(provider.roleHandler.Delete), handler.OpenAPIDef{
 		ID:                  "DeleteRole",
 		Tags:                []string{"role"},
 		Summary:             "Delete role",

pkg/authz/authz.go

@@ -2,11 +2,9 @@ package authz
 
 import (
 	"context"
-	"net/http"
 
 	"github.com/SigNoz/signoz/pkg/factory"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/roletypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 	openfgav1 "github.com/openfga/api/proto/openfga/v1"
 )
@@ -31,76 +29,4 @@ type AuthZ interface {
 
 	// Lists the selectors for objects assigned to subject (s) with relation (r) on resource (s)
 	ListObjects(context.Context, string, authtypes.Relation, authtypes.Typeable) ([]*authtypes.Object, error)
-
-	// Creates the role.
-	Create(context.Context, valuer.UUID, *roletypes.Role) error
-
-	// Gets the role if it exists or creates one.
-	GetOrCreate(context.Context, valuer.UUID, *roletypes.Role) (*roletypes.Role, error)
-
-	// Gets the objects associated with the given role and relation.
-	GetObjects(context.Context, valuer.UUID, valuer.UUID, authtypes.Relation) ([]*authtypes.Object, error)
-
-	// Gets all the typeable resources registered from role registry.
-	GetResources(context.Context) []*authtypes.Resource
-
-	// Patches the role.
-	Patch(context.Context, valuer.UUID, *roletypes.Role) error
-
-	// Patches the objects in authorization server associated with the given role and relation
-	PatchObjects(context.Context, valuer.UUID, string, authtypes.Relation, []*authtypes.Object, []*authtypes.Object) error
-
-	// Deletes the role and tuples in authorization server.
-	Delete(context.Context, valuer.UUID, valuer.UUID) error
-
-	// Gets the role
-	Get(context.Context, valuer.UUID, valuer.UUID) (*roletypes.Role, error)
-
-	// Gets the role by org_id and name
-	GetByOrgIDAndName(context.Context, valuer.UUID, string) (*roletypes.Role, error)
-
-	// Lists all the roles for the organization.
-	List(context.Context, valuer.UUID) ([]*roletypes.Role, error)
-
-	//  Lists all the roles for the organization filtered by name
-	ListByOrgIDAndNames(context.Context, valuer.UUID, []string) ([]*roletypes.Role, error)
-
-	// Grants a role to the subject based on role name.
-	Grant(context.Context, valuer.UUID, string, string) error
-
-	// Revokes a granted role from the subject based on role name.
-	Revoke(context.Context, valuer.UUID, string, string) error
-
-	// Changes the granted role for the subject based on role name.
-	ModifyGrant(context.Context, valuer.UUID, string, string, string) error
-
-	// Bootstrap the managed roles.
-	CreateManagedRoles(context.Context, valuer.UUID, []*roletypes.Role) error
-
-	// Bootstrap managed roles transactions and user assignments
-	CreateManagedUserRoleTransactions(context.Context, valuer.UUID, valuer.UUID) error
-}
-
-type RegisterTypeable interface {
-	MustGetTypeables() []authtypes.Typeable
-
-	MustGetManagedRoleTransactions() map[string][]*authtypes.Transaction
-}
-
-type Handler interface {
-	Create(http.ResponseWriter, *http.Request)
-
-	Get(http.ResponseWriter, *http.Request)
-
-	GetObjects(http.ResponseWriter, *http.Request)
-
-	GetResources(http.ResponseWriter, *http.Request)
-
-	List(http.ResponseWriter, *http.Request)
-
-	Patch(http.ResponseWriter, *http.Request)
-
-	PatchObjects(http.ResponseWriter, *http.Request)
-
-	Delete(http.ResponseWriter, *http.Request)
 }

pkg/authz/openfgaauthz/logger.go

@@ -1,4 +1,4 @@
-package openfgaserver
+package openfgaauthz
 
 import (
 	"context"

pkg/authz/openfgaauthz/provider.go

@@ -2,24 +2,35 @@ package openfgaauthz
 
 import (
 	"context"
+	"strconv"
+	"sync"
 
 	authz "github.com/SigNoz/signoz/pkg/authz"
-	"github.com/SigNoz/signoz/pkg/authz/authzstore/sqlauthzstore"
-	"github.com/SigNoz/signoz/pkg/authz/openfgaserver"
 	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/roletypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 
 	"github.com/SigNoz/signoz/pkg/factory"
 	"github.com/SigNoz/signoz/pkg/sqlstore"
 	openfgav1 "github.com/openfga/api/proto/openfga/v1"
 	openfgapkgtransformer "github.com/openfga/language/pkg/go/transformer"
+	openfgapkgserver "github.com/openfga/openfga/pkg/server"
+	"google.golang.org/protobuf/encoding/protojson"
+)
+
+var (
+	openfgaDefaultStore = valuer.NewString("signoz")
 )
 
 type provider struct {
-	server *openfgaserver.Server
-	store  roletypes.Store
+	config        authz.Config
+	settings      factory.ScopedProviderSettings
+	openfgaSchema []openfgapkgtransformer.ModuleFile
+	openfgaServer *openfgapkgserver.Server
+	storeID       string
+	modelID       string
+	mtx           sync.RWMutex
+	stopChan      chan struct{}
 }
 
 func NewProviderFactory(sqlstore sqlstore.SQLStore, openfgaSchema []openfgapkgtransformer.ModuleFile) factory.ProviderFactory[authz.AuthZ, authz.Config] {
@@ -29,194 +40,301 @@ func NewProviderFactory(sqlstore sqlstore.SQLStore, openfgaSchema []openfgapkgtr
 }
 
 func newOpenfgaProvider(ctx context.Context, settings factory.ProviderSettings, config authz.Config, sqlstore sqlstore.SQLStore, openfgaSchema []openfgapkgtransformer.ModuleFile) (authz.AuthZ, error) {
-	server, err := openfgaserver.NewOpenfgaServer(ctx, settings, config, sqlstore, openfgaSchema)
+	scopedProviderSettings := factory.NewScopedProviderSettings(settings, "github.com/SigNoz/signoz/pkg/authz/openfgaauthz")
+
+	store, err := NewSQLStore(sqlstore)
 	if err != nil {
+		scopedProviderSettings.Logger().DebugContext(ctx, "failed to initialize sqlstore for authz")
+		return nil, err
+	}
+
+	// setup the openfga server
+	opts := []openfgapkgserver.OpenFGAServiceV1Option{
+		openfgapkgserver.WithDatastore(store),
+		openfgapkgserver.WithLogger(NewLogger(scopedProviderSettings.Logger())),
+		openfgapkgserver.WithContextPropagationToDatastore(true),
+	}
+	openfgaServer, err := openfgapkgserver.NewServerWithOpts(opts...)
+	if err != nil {
+		scopedProviderSettings.Logger().DebugContext(ctx, "failed to create authz server")
 		return nil, err
 	}
 
 	return &provider{
-		server: server,
-		store:  sqlauthzstore.NewSqlAuthzStore(sqlstore),
+		config:        config,
+		settings:      scopedProviderSettings,
+		openfgaServer: openfgaServer,
+		openfgaSchema: openfgaSchema,
+		mtx:           sync.RWMutex{},
+		stopChan:      make(chan struct{}),
 	}, nil
 }
 
 func (provider *provider) Start(ctx context.Context) error {
-	return provider.server.Start(ctx)
+	storeId, err := provider.getOrCreateStore(ctx, openfgaDefaultStore.StringValue())
+	if err != nil {
+		return err
+	}
+
+	modelID, err := provider.getOrCreateModel(ctx, storeId)
+	if err != nil {
+		return err
+	}
+
+	provider.mtx.Lock()
+	provider.modelID = modelID
+	provider.storeID = storeId
+	provider.mtx.Unlock()
+
+	<-provider.stopChan
+	return nil
 }
 
 func (provider *provider) Stop(ctx context.Context) error {
-	return provider.server.Stop(ctx)
+	provider.openfgaServer.Close()
+	close(provider.stopChan)
+	return nil
 }
 
 func (provider *provider) Check(ctx context.Context, tupleReq *openfgav1.TupleKey) error {
-	return provider.server.Check(ctx, tupleReq)
+	storeID, modelID := provider.getStoreIDandModelID()
+	checkResponse, err := provider.openfgaServer.Check(
+		ctx,
+		&openfgav1.CheckRequest{
+			StoreId:              storeID,
+			AuthorizationModelId: modelID,
+			TupleKey: &openfgav1.CheckRequestTupleKey{
+				User:     tupleReq.User,
+				Relation: tupleReq.Relation,
+				Object:   tupleReq.Object,
+			},
+		})
+	if err != nil {
+		return errors.Newf(errors.TypeInternal, authtypes.ErrCodeAuthZUnavailable, "authorization server is unavailable").WithAdditional(err.Error())
+	}
+
+	if !checkResponse.Allowed {
+		return errors.Newf(errors.TypeForbidden, authtypes.ErrCodeAuthZForbidden, "subject %s cannot %s object %s", tupleReq.User, tupleReq.Relation, tupleReq.Object)
+	}
+
+	return nil
 }
 
 func (provider *provider) BatchCheck(ctx context.Context, tupleReq []*openfgav1.TupleKey) error {
-	return provider.server.BatchCheck(ctx, tupleReq)
+	storeID, modelID := provider.getStoreIDandModelID()
+	batchCheckItems := make([]*openfgav1.BatchCheckItem, 0)
+	for idx, tuple := range tupleReq {
+		batchCheckItems = append(batchCheckItems, &openfgav1.BatchCheckItem{
+			TupleKey: &openfgav1.CheckRequestTupleKey{
+				User:     tuple.User,
+				Relation: tuple.Relation,
+				Object:   tuple.Object,
+			},
+			// the batch check response is map[string] keyed by correlationID.
+			CorrelationId: strconv.Itoa(idx),
+		})
+	}
+
+	checkResponse, err := provider.openfgaServer.BatchCheck(
+		ctx,
+		&openfgav1.BatchCheckRequest{
+			StoreId:              storeID,
+			AuthorizationModelId: modelID,
+			Checks:               batchCheckItems,
+		})
+	if err != nil {
+		return errors.Newf(errors.TypeInternal, authtypes.ErrCodeAuthZUnavailable, "authorization server is unavailable").WithAdditional(err.Error())
+	}
+
+	for _, checkResponse := range checkResponse.Result {
+		if checkResponse.GetAllowed() {
+			return nil
+		}
+	}
+
+	return errors.Newf(errors.TypeForbidden, authtypes.ErrCodeAuthZForbidden, "subjects are not authorized for requested access")
+
 }
 
-func (provider *provider) CheckWithTupleCreation(ctx context.Context, claims authtypes.Claims, orgID valuer.UUID, relation authtypes.Relation, typeable authtypes.Typeable, selectors []authtypes.Selector, roleSelectors []authtypes.Selector) error {
-	return provider.server.CheckWithTupleCreation(ctx, claims, orgID, relation, typeable, selectors, roleSelectors)
+func (provider *provider) CheckWithTupleCreation(ctx context.Context, claims authtypes.Claims, orgID valuer.UUID, _ authtypes.Relation, _ authtypes.Typeable, _ []authtypes.Selector, roleSelectors []authtypes.Selector) error {
+	subject, err := authtypes.NewSubject(authtypes.TypeableUser, claims.UserID, orgID, nil)
+	if err != nil {
+		return err
+	}
+
+	tuples, err := authtypes.TypeableRole.Tuples(subject, authtypes.RelationAssignee, roleSelectors, orgID)
+	if err != nil {
+		return err
+	}
+
+	err = provider.BatchCheck(ctx, tuples)
+	if err != nil {
+		return err
+	}
+
+	return nil
 }
 
-func (provider *provider) CheckWithTupleCreationWithoutClaims(ctx context.Context, orgID valuer.UUID, relation authtypes.Relation, typeable authtypes.Typeable, selectors []authtypes.Selector, roleSelectors []authtypes.Selector) error {
-	return provider.server.CheckWithTupleCreationWithoutClaims(ctx, orgID, relation, typeable, selectors, roleSelectors)
+func (provider *provider) CheckWithTupleCreationWithoutClaims(ctx context.Context, orgID valuer.UUID, _ authtypes.Relation, _ authtypes.Typeable, _ []authtypes.Selector, roleSelectors []authtypes.Selector) error {
+	subject, err := authtypes.NewSubject(authtypes.TypeableAnonymous, authtypes.AnonymousUser.String(), orgID, nil)
+	if err != nil {
+		return err
+	}
+
+	tuples, err := authtypes.TypeableRole.Tuples(subject, authtypes.RelationAssignee, roleSelectors, orgID)
+	if err != nil {
+		return err
+	}
+
+	err = provider.BatchCheck(ctx, tuples)
+	if err != nil {
+		return err
+	}
+
+	return nil
 }
 
 func (provider *provider) Write(ctx context.Context, additions []*openfgav1.TupleKey, deletions []*openfgav1.TupleKey) error {
-	return provider.server.Write(ctx, additions, deletions)
+	if len(additions) == 0 && len(deletions) == 0 {
+		return nil
+	}
+
+	storeID, modelID := provider.getStoreIDandModelID()
+	deletionTuplesWithoutCondition := make([]*openfgav1.TupleKeyWithoutCondition, len(deletions))
+	for idx, tuple := range deletions {
+		deletionTuplesWithoutCondition[idx] = &openfgav1.TupleKeyWithoutCondition{User: tuple.User, Object: tuple.Object, Relation: tuple.Relation}
+	}
+
+	_, err := provider.openfgaServer.Write(ctx, &openfgav1.WriteRequest{
+		StoreId:              storeID,
+		AuthorizationModelId: modelID,
+		Writes: func() *openfgav1.WriteRequestWrites {
+			if len(additions) == 0 {
+				return nil
+			}
+			return &openfgav1.WriteRequestWrites{
+				TupleKeys:   additions,
+				OnDuplicate: "ignore",
+			}
+		}(),
+		Deletes: func() *openfgav1.WriteRequestDeletes {
+			if len(deletionTuplesWithoutCondition) == 0 {
+				return nil
+			}
+			return &openfgav1.WriteRequestDeletes{
+				TupleKeys: deletionTuplesWithoutCondition,
+				OnMissing: "ignore",
+			}
+		}(),
+	})
+
+	return err
 }
 
 func (provider *provider) ListObjects(ctx context.Context, subject string, relation authtypes.Relation, typeable authtypes.Typeable) ([]*authtypes.Object, error) {
-	return provider.server.ListObjects(ctx, subject, relation, typeable)
-}
-
-func (provider *provider) Get(ctx context.Context, orgID valuer.UUID, id valuer.UUID) (*roletypes.Role, error) {
-	storableRole, err := provider.store.Get(ctx, orgID, id)
-	if err != nil {
-		return nil, err
-	}
-
-	return roletypes.NewRoleFromStorableRole(storableRole), nil
-}
-
-func (provider *provider) GetByOrgIDAndName(ctx context.Context, orgID valuer.UUID, name string) (*roletypes.Role, error) {
-	storableRole, err := provider.store.GetByOrgIDAndName(ctx, orgID, name)
-	if err != nil {
-		return nil, err
-	}
-
-	return roletypes.NewRoleFromStorableRole(storableRole), nil
-}
-
-func (provider *provider) List(ctx context.Context, orgID valuer.UUID) ([]*roletypes.Role, error) {
-	storableRoles, err := provider.store.List(ctx, orgID)
-	if err != nil {
-		return nil, err
-	}
-
-	roles := make([]*roletypes.Role, len(storableRoles))
-	for idx, storableRole := range storableRoles {
-		roles[idx] = roletypes.NewRoleFromStorableRole(storableRole)
-	}
-
-	return roles, nil
-}
-
-func (provider *provider) ListByOrgIDAndNames(ctx context.Context, orgID valuer.UUID, names []string) ([]*roletypes.Role, error) {
-	storableRoles, err := provider.store.ListByOrgIDAndNames(ctx, orgID, names)
-	if err != nil {
-		return nil, err
-	}
-
-	roles := make([]*roletypes.Role, len(storableRoles))
-	for idx, storable := range storableRoles {
-		roles[idx] = roletypes.NewRoleFromStorableRole(storable)
-	}
-
-	return roles, nil
-}
-
-func (provider *provider) Grant(ctx context.Context, orgID valuer.UUID, name string, subject string) error {
-	tuples, err := authtypes.TypeableRole.Tuples(
-		subject,
-		authtypes.RelationAssignee,
-		[]authtypes.Selector{
-			authtypes.MustNewSelector(authtypes.TypeRole, name),
-		},
-		orgID,
-	)
-	if err != nil {
-		return err
-	}
-	return provider.Write(ctx, tuples, nil)
-}
-
-func (provider *provider) ModifyGrant(ctx context.Context, orgID valuer.UUID, existingRoleName string, updatedRoleName string, subject string) error {
-	err := provider.Revoke(ctx, orgID, existingRoleName, subject)
-	if err != nil {
-		return err
-	}
-
-	err = provider.Grant(ctx, orgID, updatedRoleName, subject)
-	if err != nil {
-		return err
-	}
-
-	return nil
-}
-
-func (provider *provider) Revoke(ctx context.Context, orgID valuer.UUID, name string, subject string) error {
-	tuples, err := authtypes.TypeableRole.Tuples(
-		subject,
-		authtypes.RelationAssignee,
-		[]authtypes.Selector{
-			authtypes.MustNewSelector(authtypes.TypeRole, name),
-		},
-		orgID,
-	)
-	if err != nil {
-		return err
-	}
-	return provider.Write(ctx, nil, tuples)
-}
-
-func (provider *provider) CreateManagedRoles(ctx context.Context, _ valuer.UUID, managedRoles []*roletypes.Role) error {
-	err := provider.store.RunInTx(ctx, func(ctx context.Context) error {
-		for _, role := range managedRoles {
-			err := provider.store.Create(ctx, roletypes.NewStorableRoleFromRole(role))
-			if err != nil {
-				return err
-			}
-		}
-
-		return nil
+	storeID, modelID := provider.getStoreIDandModelID()
+	response, err := provider.openfgaServer.ListObjects(ctx, &openfgav1.ListObjectsRequest{
+		StoreId:              storeID,
+		AuthorizationModelId: modelID,
+		User:                 subject,
+		Relation:             relation.StringValue(),
+		Type:                 typeable.Type().StringValue(),
 	})
-
 	if err != nil {
-		return err
+		return nil, errors.Wrapf(err, errors.TypeInternal, authtypes.ErrCodeAuthZUnavailable, "cannot list objects for subject %s with relation %s for type %s", subject, relation.StringValue(), typeable.Type().StringValue())
 	}
 
-	return nil
+	return authtypes.MustNewObjectsFromStringSlice(response.Objects), nil
 }
 
-func (provider *provider) SetManagedRoleTransactions(context.Context, valuer.UUID) error {
-	return nil
+func (provider *provider) getOrCreateStore(ctx context.Context, name string) (string, error) {
+	stores, err := provider.openfgaServer.ListStores(ctx, &openfgav1.ListStoresRequest{})
+	if err != nil {
+		return "", err
+	}
+
+	for _, store := range stores.GetStores() {
+		if store.GetName() == name {
+			return store.Id, nil
+		}
+	}
+
+	store, err := provider.openfgaServer.CreateStore(ctx, &openfgav1.CreateStoreRequest{Name: name})
+	if err != nil {
+		return "", err
+	}
+
+	return store.Id, nil
 }
 
-func (provider *provider) CreateManagedUserRoleTransactions(ctx context.Context, orgID valuer.UUID, userID valuer.UUID) error {
-	return provider.Grant(ctx, orgID, roletypes.SigNozAdminRoleName, authtypes.MustNewSubject(authtypes.TypeableUser, userID.String(), orgID, nil))
+func (provider *provider) getOrCreateModel(ctx context.Context, storeID string) (string, error) {
+	schema, err := openfgapkgtransformer.TransformModuleFilesToModel(provider.openfgaSchema, "1.1")
+	if err != nil {
+		return "", err
+	}
+
+	authorisationModels, err := provider.openfgaServer.ReadAuthorizationModels(ctx, &openfgav1.ReadAuthorizationModelsRequest{StoreId: storeID})
+	if err != nil {
+		return "", err
+	}
+
+	for _, authModel := range authorisationModels.GetAuthorizationModels() {
+		equal, err := provider.isModelEqual(schema, authModel)
+		if err != nil {
+			return "", err
+		}
+		if equal {
+			return authModel.Id, nil
+		}
+	}
+
+	authorizationModel, err := provider.openfgaServer.WriteAuthorizationModel(ctx, &openfgav1.WriteAuthorizationModelRequest{
+		StoreId:         storeID,
+		TypeDefinitions: schema.TypeDefinitions,
+		SchemaVersion:   schema.SchemaVersion,
+		Conditions:      schema.Conditions,
+	})
+	if err != nil {
+		return "", err
+	}
+
+	return authorizationModel.AuthorizationModelId, nil
 }
 
-func (setter *provider) Create(_ context.Context, _ valuer.UUID, _ *roletypes.Role) error {
-	return errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
+// the language model doesn't have any equality check
+// https://github.com/openfga/language/blob/main/pkg/go/transformer/module-to-model_test.go#L38
+func (provider *provider) isModelEqual(expected *openfgav1.AuthorizationModel, actual *openfgav1.AuthorizationModel) (bool, error) {
+	// we need to initialize a new model since the model extracted from schema doesn't have id
+	expectedAuthModel := openfgav1.AuthorizationModel{
+		SchemaVersion:   expected.SchemaVersion,
+		TypeDefinitions: expected.TypeDefinitions,
+		Conditions:      expected.Conditions,
+	}
+	expectedAuthModelBytes, err := protojson.Marshal(&expectedAuthModel)
+	if err != nil {
+		return false, err
+	}
+
+	actualAuthModel := openfgav1.AuthorizationModel{
+		SchemaVersion:   actual.SchemaVersion,
+		TypeDefinitions: actual.TypeDefinitions,
+		Conditions:      actual.Conditions,
+	}
+	actualAuthModelBytes, err := protojson.Marshal(&actualAuthModel)
+	if err != nil {
+		return false, err
+	}
+
+	return string(expectedAuthModelBytes) == string(actualAuthModelBytes), nil
+
 }
 
-func (provider *provider) GetOrCreate(_ context.Context, _ valuer.UUID, _ *roletypes.Role) (*roletypes.Role, error) {
-	return nil, errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
-}
+func (provider *provider) getStoreIDandModelID() (string, string) {
+	provider.mtx.RLock()
+	defer provider.mtx.RUnlock()
 
-func (provider *provider) GetResources(_ context.Context) []*authtypes.Resource {
-	return nil
-}
+	storeID := provider.storeID
+	modelID := provider.modelID
 
-func (provider *provider) GetObjects(ctx context.Context, orgID valuer.UUID, id valuer.UUID, relation authtypes.Relation) ([]*authtypes.Object, error) {
-	return nil, errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
-}
-
-func (provider *provider) Patch(_ context.Context, _ valuer.UUID, _ *roletypes.Role) error {
-	return errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
-}
-
-func (provider *provider) PatchObjects(_ context.Context, _ valuer.UUID, _ string, _ authtypes.Relation, _, _ []*authtypes.Object) error {
-	return errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
-}
-
-func (provider *provider) Delete(_ context.Context, _ valuer.UUID, _ valuer.UUID) error {
-	return errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
-}
-
-func (provider *provider) MustGetTypeables() []authtypes.Typeable {
-	return nil
+	return storeID, modelID
 }

pkg/authz/openfgaauthz/provider_test.go

@@ -1,4 +1,4 @@
-package openfgaserver
+package openfgaauthz
 
 import (
 	"context"
@@ -20,7 +20,7 @@ func TestProviderStartStop(t *testing.T) {
 
 	expectedModel := `module base 
 	type user`
-	provider, err := NewOpenfgaServer(context.Background(), providerSettings, authz.Config{}, sqlstore, []transformer.ModuleFile{{Name: "test.fga", Contents: expectedModel}})
+	provider, err := newOpenfgaProvider(context.Background(), providerSettings, authz.Config{}, sqlstore, []transformer.ModuleFile{{Name: "test.fga", Contents: expectedModel}})
 	require.NoError(t, err)
 
 	storeRows := sqlstore.Mock().NewRows([]string{"id", "name", "created_at", "updated_at"}).AddRow("01K3V0NTN47MPTMEV1PD5ST6ZC", "signoz", time.Now(), time.Now())

pkg/authz/openfgaauthz/sqlstore.go

@@ -1,4 +1,4 @@
-package openfgaserver
+package openfgaauthz
 
 import (
 	"github.com/SigNoz/signoz/pkg/errors"

pkg/authz/openfgaserver/server.go

@@ -1,334 +0,0 @@
-package openfgaserver
-
-import (
-	"context"
-	"strconv"
-	"sync"
-
-	authz "github.com/SigNoz/signoz/pkg/authz"
-	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/valuer"
-
-	"github.com/SigNoz/signoz/pkg/factory"
-	"github.com/SigNoz/signoz/pkg/sqlstore"
-	openfgav1 "github.com/openfga/api/proto/openfga/v1"
-	openfgapkgtransformer "github.com/openfga/language/pkg/go/transformer"
-	openfgapkgserver "github.com/openfga/openfga/pkg/server"
-	"google.golang.org/protobuf/encoding/protojson"
-)
-
-var (
-	openfgaDefaultStore = valuer.NewString("signoz")
-)
-
-type Server struct {
-	config        authz.Config
-	settings      factory.ScopedProviderSettings
-	openfgaSchema []openfgapkgtransformer.ModuleFile
-	openfgaServer *openfgapkgserver.Server
-	storeID       string
-	modelID       string
-	mtx           sync.RWMutex
-	stopChan      chan struct{}
-}
-
-func NewOpenfgaServer(ctx context.Context, settings factory.ProviderSettings, config authz.Config, sqlstore sqlstore.SQLStore, openfgaSchema []openfgapkgtransformer.ModuleFile) (*Server, error) {
-	scopedProviderSettings := factory.NewScopedProviderSettings(settings, "github.com/SigNoz/signoz/pkg/authz/openfgaauthz")
-
-	store, err := NewSQLStore(sqlstore)
-	if err != nil {
-		scopedProviderSettings.Logger().DebugContext(ctx, "failed to initialize sqlstore for authz")
-		return nil, err
-	}
-
-	// setup the openfga server
-	opts := []openfgapkgserver.OpenFGAServiceV1Option{
-		openfgapkgserver.WithDatastore(store),
-		openfgapkgserver.WithLogger(NewLogger(scopedProviderSettings.Logger())),
-		openfgapkgserver.WithContextPropagationToDatastore(true),
-	}
-	openfgaServer, err := openfgapkgserver.NewServerWithOpts(opts...)
-	if err != nil {
-		scopedProviderSettings.Logger().DebugContext(ctx, "failed to create authz server")
-		return nil, err
-	}
-
-	return &Server{
-		config:        config,
-		settings:      scopedProviderSettings,
-		openfgaServer: openfgaServer,
-		openfgaSchema: openfgaSchema,
-		mtx:           sync.RWMutex{},
-		stopChan:      make(chan struct{}),
-	}, nil
-}
-
-func (server *Server) Start(ctx context.Context) error {
-	storeID, err := server.getOrCreateStore(ctx, openfgaDefaultStore.StringValue())
-	if err != nil {
-		return err
-	}
-
-	modelID, err := server.getOrCreateModel(ctx, storeID)
-	if err != nil {
-		return err
-	}
-
-	server.mtx.Lock()
-	server.modelID = modelID
-	server.storeID = storeID
-	server.mtx.Unlock()
-
-	<-server.stopChan
-	return nil
-}
-
-func (server *Server) Stop(ctx context.Context) error {
-	server.openfgaServer.Close()
-	close(server.stopChan)
-	return nil
-}
-
-func (server *Server) Check(ctx context.Context, tupleReq *openfgav1.TupleKey) error {
-	storeID, modelID := server.getStoreIDandModelID()
-	checkResponse, err := server.openfgaServer.Check(
-		ctx,
-		&openfgav1.CheckRequest{
-			StoreId:              storeID,
-			AuthorizationModelId: modelID,
-			TupleKey: &openfgav1.CheckRequestTupleKey{
-				User:     tupleReq.User,
-				Relation: tupleReq.Relation,
-				Object:   tupleReq.Object,
-			},
-		})
-	if err != nil {
-		return errors.Newf(errors.TypeInternal, authtypes.ErrCodeAuthZUnavailable, "authorization server is unavailable").WithAdditional(err.Error())
-	}
-
-	if !checkResponse.Allowed {
-		return errors.Newf(errors.TypeForbidden, authtypes.ErrCodeAuthZForbidden, "subject %s cannot %s object %s", tupleReq.User, tupleReq.Relation, tupleReq.Object)
-	}
-
-	return nil
-}
-
-func (server *Server) BatchCheck(ctx context.Context, tupleReq []*openfgav1.TupleKey) error {
-	storeID, modelID := server.getStoreIDandModelID()
-	batchCheckItems := make([]*openfgav1.BatchCheckItem, 0)
-	for idx, tuple := range tupleReq {
-		batchCheckItems = append(batchCheckItems, &openfgav1.BatchCheckItem{
-			TupleKey: &openfgav1.CheckRequestTupleKey{
-				User:     tuple.User,
-				Relation: tuple.Relation,
-				Object:   tuple.Object,
-			},
-			// the batch check response is map[string] keyed by correlationID.
-			CorrelationId: strconv.Itoa(idx),
-		})
-	}
-
-	checkResponse, err := server.openfgaServer.BatchCheck(
-		ctx,
-		&openfgav1.BatchCheckRequest{
-			StoreId:              storeID,
-			AuthorizationModelId: modelID,
-			Checks:               batchCheckItems,
-		})
-	if err != nil {
-		return errors.Newf(errors.TypeInternal, authtypes.ErrCodeAuthZUnavailable, "authorization server is unavailable").WithAdditional(err.Error())
-	}
-
-	for _, checkResponse := range checkResponse.Result {
-		if checkResponse.GetAllowed() {
-			return nil
-		}
-	}
-
-	return errors.Newf(errors.TypeForbidden, authtypes.ErrCodeAuthZForbidden, "subjects are not authorized for requested access")
-
-}
-
-func (server *Server) CheckWithTupleCreation(ctx context.Context, claims authtypes.Claims, orgID valuer.UUID, _ authtypes.Relation, _ authtypes.Typeable, _ []authtypes.Selector, roleSelectors []authtypes.Selector) error {
-	subject, err := authtypes.NewSubject(authtypes.TypeableUser, claims.UserID, orgID, nil)
-	if err != nil {
-		return err
-	}
-
-	tuples, err := authtypes.TypeableRole.Tuples(subject, authtypes.RelationAssignee, roleSelectors, orgID)
-	if err != nil {
-		return err
-	}
-
-	err = server.BatchCheck(ctx, tuples)
-	if err != nil {
-		return err
-	}
-
-	return nil
-}
-
-func (server *Server) CheckWithTupleCreationWithoutClaims(ctx context.Context, orgID valuer.UUID, _ authtypes.Relation, _ authtypes.Typeable, _ []authtypes.Selector, roleSelectors []authtypes.Selector) error {
-	subject, err := authtypes.NewSubject(authtypes.TypeableAnonymous, authtypes.AnonymousUser.String(), orgID, nil)
-	if err != nil {
-		return err
-	}
-
-	tuples, err := authtypes.TypeableRole.Tuples(subject, authtypes.RelationAssignee, roleSelectors, orgID)
-	if err != nil {
-		return err
-	}
-
-	err = server.BatchCheck(ctx, tuples)
-	if err != nil {
-		return err
-	}
-
-	return nil
-}
-
-func (server *Server) Write(ctx context.Context, additions []*openfgav1.TupleKey, deletions []*openfgav1.TupleKey) error {
-	if len(additions) == 0 && len(deletions) == 0 {
-		return nil
-	}
-
-	storeID, modelID := server.getStoreIDandModelID()
-	deletionTuplesWithoutCondition := make([]*openfgav1.TupleKeyWithoutCondition, len(deletions))
-	for idx, tuple := range deletions {
-		deletionTuplesWithoutCondition[idx] = &openfgav1.TupleKeyWithoutCondition{User: tuple.User, Object: tuple.Object, Relation: tuple.Relation}
-	}
-
-	_, err := server.openfgaServer.Write(ctx, &openfgav1.WriteRequest{
-		StoreId:              storeID,
-		AuthorizationModelId: modelID,
-		Writes: func() *openfgav1.WriteRequestWrites {
-			if len(additions) == 0 {
-				return nil
-			}
-			return &openfgav1.WriteRequestWrites{
-				TupleKeys:   additions,
-				OnDuplicate: "ignore",
-			}
-		}(),
-		Deletes: func() *openfgav1.WriteRequestDeletes {
-			if len(deletionTuplesWithoutCondition) == 0 {
-				return nil
-			}
-			return &openfgav1.WriteRequestDeletes{
-				TupleKeys: deletionTuplesWithoutCondition,
-				OnMissing: "ignore",
-			}
-		}(),
-	})
-
-	return err
-}
-
-func (server *Server) ListObjects(ctx context.Context, subject string, relation authtypes.Relation, typeable authtypes.Typeable) ([]*authtypes.Object, error) {
-	storeID, modelID := server.getStoreIDandModelID()
-	response, err := server.openfgaServer.ListObjects(ctx, &openfgav1.ListObjectsRequest{
-		StoreId:              storeID,
-		AuthorizationModelId: modelID,
-		User:                 subject,
-		Relation:             relation.StringValue(),
-		Type:                 typeable.Type().StringValue(),
-	})
-	if err != nil {
-		return nil, errors.Wrapf(err, errors.TypeInternal, authtypes.ErrCodeAuthZUnavailable, "cannot list objects for subject %s with relation %s for type %s", subject, relation.StringValue(), typeable.Type().StringValue())
-	}
-
-	return authtypes.MustNewObjectsFromStringSlice(response.Objects), nil
-}
-
-func (server *Server) getOrCreateStore(ctx context.Context, name string) (string, error) {
-	stores, err := server.openfgaServer.ListStores(ctx, &openfgav1.ListStoresRequest{})
-	if err != nil {
-		return "", err
-	}
-
-	for _, store := range stores.GetStores() {
-		if store.GetName() == name {
-			return store.Id, nil
-		}
-	}
-
-	store, err := server.openfgaServer.CreateStore(ctx, &openfgav1.CreateStoreRequest{Name: name})
-	if err != nil {
-		return "", err
-	}
-
-	return store.Id, nil
-}
-
-func (server *Server) getOrCreateModel(ctx context.Context, storeID string) (string, error) {
-	schema, err := openfgapkgtransformer.TransformModuleFilesToModel(server.openfgaSchema, "1.1")
-	if err != nil {
-		return "", err
-	}
-
-	authorisationModels, err := server.openfgaServer.ReadAuthorizationModels(ctx, &openfgav1.ReadAuthorizationModelsRequest{StoreId: storeID})
-	if err != nil {
-		return "", err
-	}
-
-	for _, authModel := range authorisationModels.GetAuthorizationModels() {
-		equal, err := server.isModelEqual(schema, authModel)
-		if err != nil {
-			return "", err
-		}
-		if equal {
-			return authModel.Id, nil
-		}
-	}
-
-	authorizationModel, err := server.openfgaServer.WriteAuthorizationModel(ctx, &openfgav1.WriteAuthorizationModelRequest{
-		StoreId:         storeID,
-		TypeDefinitions: schema.TypeDefinitions,
-		SchemaVersion:   schema.SchemaVersion,
-		Conditions:      schema.Conditions,
-	})
-	if err != nil {
-		return "", err
-	}
-
-	return authorizationModel.AuthorizationModelId, nil
-}
-
-// the language model doesn't have any equality check
-// https://github.com/openfga/language/blob/main/pkg/go/transformer/module-to-model_test.go#L38
-func (server *Server) isModelEqual(expected *openfgav1.AuthorizationModel, actual *openfgav1.AuthorizationModel) (bool, error) {
-	// we need to initialize a new model since the model extracted from schema doesn't have id
-	expectedAuthModel := openfgav1.AuthorizationModel{
-		SchemaVersion:   expected.SchemaVersion,
-		TypeDefinitions: expected.TypeDefinitions,
-		Conditions:      expected.Conditions,
-	}
-	expectedAuthModelBytes, err := protojson.Marshal(&expectedAuthModel)
-	if err != nil {
-		return false, err
-	}
-
-	actualAuthModel := openfgav1.AuthorizationModel{
-		SchemaVersion:   actual.SchemaVersion,
-		TypeDefinitions: actual.TypeDefinitions,
-		Conditions:      actual.Conditions,
-	}
-	actualAuthModelBytes, err := protojson.Marshal(&actualAuthModel)
-	if err != nil {
-		return false, err
-	}
-
-	return string(expectedAuthModelBytes) == string(actualAuthModelBytes), nil
-
-}
-
-func (server *Server) getStoreIDandModelID() (string, string) {
-	server.mtx.RLock()
-	defer server.mtx.RUnlock()
-
-	storeID := server.storeID
-	modelID := server.modelID
-
-	return storeID, modelID
-}

pkg/http/middleware/authz.go

@@ -8,6 +8,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/http/render"
 	"github.com/SigNoz/signoz/pkg/modules/organization"
+	"github.com/SigNoz/signoz/pkg/modules/role"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
 	"github.com/SigNoz/signoz/pkg/types/ctxtypes"
 	"github.com/SigNoz/signoz/pkg/types/roletypes"
@@ -23,14 +24,15 @@ type AuthZ struct {
 	logger       *slog.Logger
 	orgGetter    organization.Getter
 	authzService authz.AuthZ
+	roleGetter   role.Getter
 }
 
-func NewAuthZ(logger *slog.Logger, orgGetter organization.Getter, authzService authz.AuthZ) *AuthZ {
+func NewAuthZ(logger *slog.Logger, orgGetter organization.Getter, authzService authz.AuthZ, roleGetter role.Getter) *AuthZ {
 	if logger == nil {
 		panic("cannot build authz middleware, logger is empty")
 	}
 
-	return &AuthZ{logger: logger, orgGetter: orgGetter, authzService: authzService}
+	return &AuthZ{logger: logger, orgGetter: orgGetter, authzService: authzService, roleGetter: roleGetter}
 }
 
 func (middleware *AuthZ) ViewAccess(next http.HandlerFunc) http.HandlerFunc {

pkg/modules/dashboard/dashboard.go

@@ -4,7 +4,7 @@ import (
 	"context"
 	"net/http"
 
-	"github.com/SigNoz/signoz/pkg/authz"
+	"github.com/SigNoz/signoz/pkg/modules/role"
 	"github.com/SigNoz/signoz/pkg/statsreporter"
 	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
@@ -51,7 +51,7 @@ type Module interface {
 
 	statsreporter.StatsCollector
 
-	authz.RegisterTypeable
+	role.RegisterTypeable
 }
 
 type Handler interface {

pkg/modules/dashboard/impldashboard/module.go

@@ -206,10 +206,6 @@ func (module *module) MustGetTypeables() []authtypes.Typeable {
 	return []authtypes.Typeable{dashboardtypes.TypeableMetaResourceDashboard, dashboardtypes.TypeableMetaResourcesDashboards}
 }
 
-func (module *module) MustGetManagedRoleTransactions() map[string][]*authtypes.Transaction {
-	return nil
-}
-
 // not supported
 func (module *module) CreatePublic(ctx context.Context, orgID valuer.UUID, publicDashboard *dashboardtypes.PublicDashboard) error {
 	return errors.Newf(errors.TypeUnsupported, dashboardtypes.ErrCodePublicDashboardUnsupported, "not implemented")

pkg/modules/role/implrole/getter.go

@@ -0,0 +1,63 @@
+package implrole
+
+import (
+	"context"
+
+	"github.com/SigNoz/signoz/pkg/modules/role"
+	"github.com/SigNoz/signoz/pkg/types/roletypes"
+	"github.com/SigNoz/signoz/pkg/valuer"
+)
+
+type getter struct {
+	store roletypes.Store
+}
+
+func NewGetter(store roletypes.Store) role.Getter {
+	return &getter{store: store}
+}
+
+func (getter *getter) Get(ctx context.Context, orgID valuer.UUID, id valuer.UUID) (*roletypes.Role, error) {
+	storableRole, err := getter.store.Get(ctx, orgID, id)
+	if err != nil {
+		return nil, err
+	}
+
+	return roletypes.NewRoleFromStorableRole(storableRole), nil
+}
+
+func (getter *getter) GetByOrgIDAndName(ctx context.Context, orgID valuer.UUID, name string) (*roletypes.Role, error) {
+	storableRole, err := getter.store.GetByOrgIDAndName(ctx, orgID, name)
+	if err != nil {
+		return nil, err
+	}
+
+	return roletypes.NewRoleFromStorableRole(storableRole), nil
+}
+
+func (getter *getter) List(ctx context.Context, orgID valuer.UUID) ([]*roletypes.Role, error) {
+	storableRoles, err := getter.store.List(ctx, orgID)
+	if err != nil {
+		return nil, err
+	}
+
+	roles := make([]*roletypes.Role, len(storableRoles))
+	for idx, storableRole := range storableRoles {
+		roles[idx] = roletypes.NewRoleFromStorableRole(storableRole)
+	}
+
+	return roles, nil
+}
+
+func (getter *getter) ListByOrgIDAndNames(ctx context.Context, orgID valuer.UUID, names []string) ([]*roletypes.Role, error) {
+	storableRoles, err := getter.store.ListByOrgIDAndNames(ctx, orgID, names)
+	if err != nil {
+		return nil, err
+	}
+
+	roles := make([]*roletypes.Role, len(storableRoles))
+	for idx, storable := range storableRoles {
+		roles[idx] = roletypes.NewRoleFromStorableRole(storable)
+	}
+
+	return roles, nil
+}

pkg/modules/role/implrole/granter.go

@@ -0,0 +1,83 @@
+package implrole
+
+import (
+	"context"
+
+	"github.com/SigNoz/signoz/pkg/authz"
+	"github.com/SigNoz/signoz/pkg/modules/role"
+	"github.com/SigNoz/signoz/pkg/types/authtypes"
+	"github.com/SigNoz/signoz/pkg/types/roletypes"
+	"github.com/SigNoz/signoz/pkg/valuer"
+)
+
+type granter struct {
+	store roletypes.Store
+	authz authz.AuthZ
+}
+
+func NewGranter(store roletypes.Store, authz authz.AuthZ) role.Granter {
+	return &granter{store: store, authz: authz}
+}
+
+func (granter *granter) Grant(ctx context.Context, orgID valuer.UUID, name string, subject string) error {
+	tuples, err := authtypes.TypeableRole.Tuples(
+		subject,
+		authtypes.RelationAssignee,
+		[]authtypes.Selector{
+			authtypes.MustNewSelector(authtypes.TypeRole, name),
+		},
+		orgID,
+	)
+	if err != nil {
+		return err
+	}
+	return granter.authz.Write(ctx, tuples, nil)
+}
+
+func (granter *granter) ModifyGrant(ctx context.Context, orgID valuer.UUID, existingRoleName string, updatedRoleName string, subject string) error {
+	err := granter.Revoke(ctx, orgID, existingRoleName, subject)
+	if err != nil {
+		return err
+	}
+
+	err = granter.Grant(ctx, orgID, updatedRoleName, subject)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (granter *granter) Revoke(ctx context.Context, orgID valuer.UUID, name string, subject string) error {
+	tuples, err := authtypes.TypeableRole.Tuples(
+		subject,
+		authtypes.RelationAssignee,
+		[]authtypes.Selector{
+			authtypes.MustNewSelector(authtypes.TypeRole, name),
+		},
+		orgID,
+	)
+	if err != nil {
+		return err
+	}
+	return granter.authz.Write(ctx, nil, tuples)
+}
+
+func (granter *granter) CreateManagedRoles(ctx context.Context, _ valuer.UUID, managedRoles []*roletypes.Role) error {
+	err := granter.store.RunInTx(ctx, func(ctx context.Context) error {
+		for _, role := range managedRoles {
+			err := granter.store.Create(ctx, roletypes.NewStorableRoleFromRole(role))
+			if err != nil {
+				return err
+			}
+		}
+
+		return nil
+	})
+
+	if err != nil {
+		return err
+	}
+
+	return nil
+}

pkg/modules/role/implrole/handler.go

@@ -1,12 +1,12 @@
-package signozauthzapi
+package implrole
 
 import (
 	"net/http"
 
-	"github.com/SigNoz/signoz/pkg/authz"
 	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/http/binding"
 	"github.com/SigNoz/signoz/pkg/http/render"
+	"github.com/SigNoz/signoz/pkg/modules/role"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
 	"github.com/SigNoz/signoz/pkg/types/roletypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
@@ -14,11 +14,12 @@ import (
 )
 
 type handler struct {
-	authz authz.AuthZ
+	setter role.Setter
+	getter role.Getter
 }
 
-func NewHandler(authz authz.AuthZ) authz.Handler {
-	return &handler{authz: authz}
+func NewHandler(setter role.Setter, getter role.Getter) role.Handler {
+	return &handler{setter: setter, getter: getter}
 }
 
 func (handler *handler) Create(rw http.ResponseWriter, r *http.Request) {
@@ -35,7 +36,7 @@ func (handler *handler) Create(rw http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	err = handler.authz.Create(ctx, valuer.MustNewUUID(claims.OrgID), roletypes.NewRole(req.Name, req.Description, roletypes.RoleTypeCustom, valuer.MustNewUUID(claims.OrgID)))
+	err = handler.setter.Create(ctx, valuer.MustNewUUID(claims.OrgID), roletypes.NewRole(req.Name, req.Description, roletypes.RoleTypeCustom, valuer.MustNewUUID(claims.OrgID)))
 	if err != nil {
 		render.Error(rw, err)
 		return
@@ -63,7 +64,7 @@ func (handler *handler) Get(rw http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	role, err := handler.authz.Get(ctx, valuer.MustNewUUID(claims.OrgID), roleID)
+	role, err := handler.getter.Get(ctx, valuer.MustNewUUID(claims.OrgID), roleID)
 	if err != nil {
 		render.Error(rw, err)
 		return
@@ -102,7 +103,7 @@ func (handler *handler) GetObjects(rw http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	objects, err := handler.authz.GetObjects(ctx, valuer.MustNewUUID(claims.OrgID), roleID, relation)
+	objects, err := handler.setter.GetObjects(ctx, valuer.MustNewUUID(claims.OrgID), roleID, relation)
 	if err != nil {
 		render.Error(rw, err)
 		return
@@ -113,7 +114,7 @@ func (handler *handler) GetObjects(rw http.ResponseWriter, r *http.Request) {
 
 func (handler *handler) GetResources(rw http.ResponseWriter, r *http.Request) {
 	ctx := r.Context()
-	resources := handler.authz.GetResources(ctx)
+	resources := handler.setter.GetResources(ctx)
 
 	var resourceRelations = struct {
 		Resources []*authtypes.Resource                   `json:"resources"`
@@ -133,7 +134,7 @@ func (handler *handler) List(rw http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	roles, err := handler.authz.List(ctx, valuer.MustNewUUID(claims.OrgID))
+	roles, err := handler.getter.List(ctx, valuer.MustNewUUID(claims.OrgID))
 	if err != nil {
 		render.Error(rw, err)
 		return
@@ -162,7 +163,7 @@ func (handler *handler) Patch(rw http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	role, err := handler.authz.Get(ctx, valuer.MustNewUUID(claims.OrgID), id)
+	role, err := handler.getter.Get(ctx, valuer.MustNewUUID(claims.OrgID), id)
 	if err != nil {
 		render.Error(rw, err)
 		return
@@ -174,7 +175,7 @@ func (handler *handler) Patch(rw http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	err = handler.authz.Patch(ctx, valuer.MustNewUUID(claims.OrgID), role)
+	err = handler.setter.Patch(ctx, valuer.MustNewUUID(claims.OrgID), role)
 	if err != nil {
 		render.Error(rw, err)
 		return
@@ -209,7 +210,7 @@ func (handler *handler) PatchObjects(rw http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	role, err := handler.authz.Get(ctx, valuer.MustNewUUID(claims.OrgID), id)
+	role, err := handler.getter.Get(ctx, valuer.MustNewUUID(claims.OrgID), id)
 	if err != nil {
 		render.Error(rw, err)
 		return
@@ -221,7 +222,7 @@ func (handler *handler) PatchObjects(rw http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	err = handler.authz.PatchObjects(ctx, valuer.MustNewUUID(claims.OrgID), role.Name, relation, patchableObjects.Additions, patchableObjects.Deletions)
+	err = handler.setter.PatchObjects(ctx, valuer.MustNewUUID(claims.OrgID), role.Name, relation, patchableObjects.Additions, patchableObjects.Deletions)
 	if err != nil {
 		render.Error(rw, err)
 		return
@@ -244,7 +245,7 @@ func (handler *handler) Delete(rw http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	err = handler.authz.Delete(ctx, valuer.MustNewUUID(claims.OrgID), id)
+	err = handler.setter.Delete(ctx, valuer.MustNewUUID(claims.OrgID), id)
 	if err != nil {
 		render.Error(rw, err)
 		return

pkg/modules/role/implrole/setter.go

@@ -0,0 +1,53 @@
+package implrole
+
+import (
+	"context"
+
+	"github.com/SigNoz/signoz/pkg/authz"
+	"github.com/SigNoz/signoz/pkg/errors"
+	"github.com/SigNoz/signoz/pkg/modules/role"
+	"github.com/SigNoz/signoz/pkg/types/authtypes"
+	"github.com/SigNoz/signoz/pkg/types/roletypes"
+	"github.com/SigNoz/signoz/pkg/valuer"
+)
+
+type setter struct {
+	store roletypes.Store
+	authz authz.AuthZ
+}
+
+func NewSetter(store roletypes.Store, authz authz.AuthZ) role.Setter {
+	return &setter{store: store, authz: authz}
+}
+
+func (setter *setter) Create(_ context.Context, _ valuer.UUID, _ *roletypes.Role) error {
+	return errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
+}
+
+func (setter *setter) GetOrCreate(_ context.Context, _ valuer.UUID, _ *roletypes.Role) (*roletypes.Role, error) {
+	return nil, errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
+}
+
+func (setter *setter) GetResources(_ context.Context) []*authtypes.Resource {
+	return nil
+}
+
+func (setter *setter) GetObjects(ctx context.Context, orgID valuer.UUID, id valuer.UUID, relation authtypes.Relation) ([]*authtypes.Object, error) {
+	return nil, errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
+}
+
+func (setter *setter) Patch(_ context.Context, _ valuer.UUID, _ *roletypes.Role) error {
+	return errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
+}
+
+func (setter *setter) PatchObjects(_ context.Context, _ valuer.UUID, _ string, _ authtypes.Relation, _, _ []*authtypes.Object) error {
+	return errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
+}
+
+func (setter *setter) Delete(_ context.Context, _ valuer.UUID, _ valuer.UUID) error {
+	return errors.Newf(errors.TypeUnsupported, roletypes.ErrCodeRoleUnsupported, "not implemented")
+}
+
+func (setter *setter) MustGetTypeables() []authtypes.Typeable {
+	return nil
+}

pkg/modules/role/implrole/store.go

@@ -1,4 +1,4 @@
-package sqlauthzstore
+package implrole
 
 import (
 	"context"
@@ -14,7 +14,7 @@ type store struct {
 	sqlstore sqlstore.SQLStore
 }
 
-func NewSqlAuthzStore(sqlstore sqlstore.SQLStore) roletypes.Store {
+func NewStore(sqlstore sqlstore.SQLStore) roletypes.Store {
 	return &store{sqlstore: sqlstore}
 }
 

pkg/modules/role/role.go

@@ -0,0 +1,85 @@
+package role
+
+import (
+	"context"
+	"net/http"
+
+	"github.com/SigNoz/signoz/pkg/types/authtypes"
+	"github.com/SigNoz/signoz/pkg/types/roletypes"
+	"github.com/SigNoz/signoz/pkg/valuer"
+)
+
+type Setter interface {
+	// Creates the role.
+	Create(context.Context, valuer.UUID, *roletypes.Role) error
+
+	// Gets the role if it exists or creates one.
+	GetOrCreate(context.Context, valuer.UUID, *roletypes.Role) (*roletypes.Role, error)
+
+	// Gets the objects associated with the given role and relation.
+	GetObjects(context.Context, valuer.UUID, valuer.UUID, authtypes.Relation) ([]*authtypes.Object, error)
+
+	// Gets all the typeable resources registered from role registry.
+	GetResources(context.Context) []*authtypes.Resource
+
+	// Patches the role.
+	Patch(context.Context, valuer.UUID, *roletypes.Role) error
+
+	// Patches the objects in authorization server associated with the given role and relation
+	PatchObjects(context.Context, valuer.UUID, string, authtypes.Relation, []*authtypes.Object, []*authtypes.Object) error
+
+	// Deletes the role and tuples in authorization server.
+	Delete(context.Context, valuer.UUID, valuer.UUID) error
+
+	RegisterTypeable
+}
+
+type Getter interface {
+	// Gets the role
+	Get(context.Context, valuer.UUID, valuer.UUID) (*roletypes.Role, error)
+
+	// Gets the role by org_id and name
+	GetByOrgIDAndName(context.Context, valuer.UUID, string) (*roletypes.Role, error)
+
+	// Lists all the roles for the organization.
+	List(context.Context, valuer.UUID) ([]*roletypes.Role, error)
+
+	//  Lists all the roles for the organization filtered by name
+	ListByOrgIDAndNames(context.Context, valuer.UUID, []string) ([]*roletypes.Role, error)
+}
+
+type Granter interface {
+	// Grants a role to the subject based on role name.
+	Grant(context.Context, valuer.UUID, string, string) error
+
+	// Revokes a granted role from the subject based on role name.
+	Revoke(context.Context, valuer.UUID, string, string) error
+
+	// Changes the granted role for the subject based on role name.
+	ModifyGrant(context.Context, valuer.UUID, string, string, string) error
+
+	// Bootstrap the managed roles.
+	CreateManagedRoles(context.Context, valuer.UUID, []*roletypes.Role) error
+}
+
+type RegisterTypeable interface {
+	MustGetTypeables() []authtypes.Typeable
+}
+
+type Handler interface {
+	Create(http.ResponseWriter, *http.Request)
+
+	Get(http.ResponseWriter, *http.Request)
+
+	GetObjects(http.ResponseWriter, *http.Request)
+
+	GetResources(http.ResponseWriter, *http.Request)
+
+	List(http.ResponseWriter, *http.Request)
+
+	Patch(http.ResponseWriter, *http.Request)
+
+	PatchObjects(http.ResponseWriter, *http.Request)
+
+	Delete(http.ResponseWriter, *http.Request)
+}

pkg/modules/user/impluser/module.go

@@ -8,11 +8,11 @@ import (
 	"time"
 
 	"github.com/SigNoz/signoz/pkg/analytics"
-	"github.com/SigNoz/signoz/pkg/authz"
 	"github.com/SigNoz/signoz/pkg/emailing"
 	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/factory"
 	"github.com/SigNoz/signoz/pkg/modules/organization"
+	"github.com/SigNoz/signoz/pkg/modules/role"
 	"github.com/SigNoz/signoz/pkg/modules/user"
 	root "github.com/SigNoz/signoz/pkg/modules/user"
 	"github.com/SigNoz/signoz/pkg/tokenizer"
@@ -32,13 +32,13 @@ type Module struct {
 	emailing  emailing.Emailing
 	settings  factory.ScopedProviderSettings
 	orgSetter organization.Setter
-	authz     authz.AuthZ
+	granter   role.Granter
 	analytics analytics.Analytics
 	config    user.Config
 }
 
 // This module is a WIP, don't take inspiration from this.
-func NewModule(store types.UserStore, tokenizer tokenizer.Tokenizer, emailing emailing.Emailing, providerSettings factory.ProviderSettings, orgSetter organization.Setter, authz authz.AuthZ, analytics analytics.Analytics, config user.Config) root.Module {
+func NewModule(store types.UserStore, tokenizer tokenizer.Tokenizer, emailing emailing.Emailing, providerSettings factory.ProviderSettings, orgSetter organization.Setter, granter role.Granter, analytics analytics.Analytics, config user.Config) root.Module {
 	settings := factory.NewScopedProviderSettings(providerSettings, "github.com/SigNoz/signoz/pkg/modules/user/impluser")
 	return &Module{
 		store:     store,
@@ -47,7 +47,7 @@ func NewModule(store types.UserStore, tokenizer tokenizer.Tokenizer, emailing em
 		settings:  settings,
 		orgSetter: orgSetter,
 		analytics: analytics,
-		authz:     authz,
+		granter:   granter,
 		config:    config,
 	}
 }
@@ -172,7 +172,7 @@ func (module *Module) CreateUser(ctx context.Context, input *types.User, opts ..
 	createUserOpts := root.NewCreateUserOptions(opts...)
 
 	// since assign is idempotant multiple calls to assign won't cause issues in case of retries.
-	err := module.authz.Grant(ctx, input.OrgID, roletypes.MustGetSigNozManagedRoleFromExistingRole(input.Role), authtypes.MustNewSubject(authtypes.TypeableUser, input.ID.StringValue(), input.OrgID, nil))
+	err := module.granter.Grant(ctx, input.OrgID, roletypes.MustGetSigNozManagedRoleFromExistingRole(input.Role), authtypes.MustNewSubject(authtypes.TypeableUser, input.ID.StringValue(), input.OrgID, nil))
 	if err != nil {
 		return err
 	}
@@ -238,7 +238,7 @@ func (m *Module) UpdateUser(ctx context.Context, orgID valuer.UUID, id string, u
 	}
 
 	if user.Role != existingUser.Role {
-		err = m.authz.ModifyGrant(ctx,
+		err = m.granter.ModifyGrant(ctx,
 			orgID,
 			roletypes.MustGetSigNozManagedRoleFromExistingRole(existingUser.Role),
 			roletypes.MustGetSigNozManagedRoleFromExistingRole(user.Role),
@@ -301,7 +301,7 @@ func (module *Module) DeleteUser(ctx context.Context, orgID valuer.UUID, id stri
 	}
 
 	// since revoke is idempotant multiple calls to revoke won't cause issues in case of retries
-	err = module.authz.Revoke(ctx, orgID, roletypes.MustGetSigNozManagedRoleFromExistingRole(user.Role), authtypes.MustNewSubject(authtypes.TypeableUser, id, orgID, nil))
+	err = module.granter.Revoke(ctx, orgID, roletypes.MustGetSigNozManagedRoleFromExistingRole(user.Role), authtypes.MustNewSubject(authtypes.TypeableUser, id, orgID, nil))
 	if err != nil {
 		return err
 	}
@@ -504,14 +504,14 @@ func (module *Module) CreateFirstUser(ctx context.Context, organization *types.O
 	}
 
 	managedRoles := roletypes.NewManagedRoles(organization.ID)
-	err = module.authz.CreateManagedUserRoleTransactions(ctx, organization.ID, user.ID)
+	err = module.granter.Grant(ctx, organization.ID, roletypes.SigNozAdminRoleName, authtypes.MustNewSubject(authtypes.TypeableUser, user.ID.StringValue(), user.OrgID, nil))
 	if err != nil {
 		return nil, err
 	}
 
 	if err = module.store.RunInTx(ctx, func(ctx context.Context) error {
 		err = module.orgSetter.Create(ctx, organization, func(ctx context.Context, orgID valuer.UUID) error {
-			err = module.authz.CreateManagedRoles(ctx, orgID, managedRoles)
+			err = module.granter.CreateManagedRoles(ctx, orgID, managedRoles)
 			if err != nil {
 				return err
 			}

pkg/query-service/app/clickhouseReader/reader.go

@@ -830,7 +830,7 @@ func (r *ClickHouseReader) GetUsage(ctx context.Context, queryParams *model.GetU
 
 func (r *ClickHouseReader) GetSpansForTrace(ctx context.Context, traceID string, traceDetailsQuery string) ([]model.SpanItemV2, *model.ApiError) {
 	var traceSummary model.TraceSummary
-	summaryQuery := fmt.Sprintf("SELECT * from %s.%s FINAL WHERE trace_id=$1", r.TraceDB, r.traceSummaryTable)
+	summaryQuery := fmt.Sprintf("SELECT * from %s.%s WHERE trace_id=$1", r.TraceDB, r.traceSummaryTable)
 	err := r.db.QueryRow(ctx, summaryQuery, traceID).Scan(&traceSummary.TraceID, &traceSummary.Start, &traceSummary.End, &traceSummary.NumSpans)
 	if err != nil {
 		if err == sql.ErrNoRows {
@@ -6458,7 +6458,7 @@ func (r *ClickHouseReader) SearchTraces(ctx context.Context, params *model.Searc
 	}
 
 	var traceSummary model.TraceSummary
-	summaryQuery := fmt.Sprintf("SELECT * from %s.%s FINAL WHERE trace_id=$1", r.TraceDB, r.traceSummaryTable)
+	summaryQuery := fmt.Sprintf("SELECT * from %s.%s WHERE trace_id=$1", r.TraceDB, r.traceSummaryTable)
 	err := r.db.QueryRow(ctx, summaryQuery, params.TraceID).Scan(&traceSummary.TraceID, &traceSummary.Start, &traceSummary.End, &traceSummary.NumSpans)
 	if err != nil {
 		if err == sql.ErrNoRows {

pkg/query-service/app/http_handler.go

@@ -68,7 +68,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/types/opamptypes"
 	"github.com/SigNoz/signoz/pkg/types/pipelinetypes"
 	qbtypes "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
-	"github.com/SigNoz/signoz/pkg/types/ruletypes"
+	ruletypes "github.com/SigNoz/signoz/pkg/types/ruletypes"
 	traceFunnels "github.com/SigNoz/signoz/pkg/types/tracefunneltypes"
 
 	"go.uber.org/zap"
@@ -103,11 +103,10 @@ type APIHandler struct {
 	querierV2    interfaces.Querier
 	queryBuilder *queryBuilder.QueryBuilder
 
-	// temporalityMap is a map of metric name to temporality to avoid fetching
-	// temporality for the same metric multiple times.
-	//
-	// Querying the v4 table on a low cardinal temporality column should be
-	// fast, but we can still avoid the query if we have the data in memory.
+	// temporalityMap is a map of metric name to temporality
+	// to avoid fetching temporality for the same metric multiple times
+	// querying the v4 table on low cardinal temporality column
+	// should be fast but we can still avoid the query if we have the data in memory
 	temporalityMap map[string]map[v3.Temporality]bool
 	temporalityMux sync.Mutex
 
@@ -1011,7 +1010,7 @@ func (aH *APIHandler) getRuleStateHistory(w http.ResponseWriter, r *http.Request
 			// the query range is calculated based on the rule's evalWindow and evalDelay
 			// alerts have 2 minutes delay built in, so we need to subtract that from the start time
 			// to get the correct query range
-			start := end.Add(-rule.EvalWindow.Duration() - 3*time.Minute)
+			start := end.Add(-time.Duration(rule.EvalWindow)).Add(-3 * time.Minute)
 			if rule.AlertType == ruletypes.AlertTypeLogs {
 				if rule.Version != "v5" {
 					res.Items[idx].RelatedLogsLink = contextlinks.PrepareLinksToLogs(start, end, newFilters)
@@ -1218,12 +1217,12 @@ func (aH *APIHandler) Get(rw http.ResponseWriter, r *http.Request) {
 
 	dashboard := new(dashboardtypes.Dashboard)
 	if aH.CloudIntegrationsController.IsCloudIntegrationDashboardUuid(id) {
-		cloudIntegrationDashboard, apiErr := aH.CloudIntegrationsController.GetDashboardById(ctx, orgID, id)
+		cloudintegrationDashboard, apiErr := aH.CloudIntegrationsController.GetDashboardById(ctx, orgID, id)
 		if apiErr != nil {
 			render.Error(rw, errorsV2.Wrapf(apiErr, errorsV2.TypeInternal, errorsV2.CodeInternal, "failed to get dashboard"))
 			return
 		}
-		dashboard = cloudIntegrationDashboard
+		dashboard = cloudintegrationDashboard
 	} else if aH.IntegrationsController.IsInstalledIntegrationDashboardID(id) {
 		integrationDashboard, apiErr := aH.IntegrationsController.GetInstalledIntegrationDashboardById(ctx, orgID, id)
 		if apiErr != nil {
@@ -1552,13 +1551,13 @@ func (aH *APIHandler) queryMetrics(w http.ResponseWriter, r *http.Request) {
 		RespondError(w, &model.ApiError{Typ: model.ErrorExec, Err: res.Err}, nil)
 	}
 
-	responseData := &model.QueryData{
+	response_data := &model.QueryData{
 		ResultType: res.Value.Type(),
 		Result:     res.Value,
 		Stats:      qs,
 	}
 
-	aH.Respond(w, responseData)
+	aH.Respond(w, response_data)
 
 }
 
@@ -2640,12 +2639,12 @@ func (aH *APIHandler) getProducerData(w http.ResponseWriter, r *http.Request) {
 	}
 
 	var result []*v3.Result
-	var errQueriesByName map[string]error
+	var errQuriesByName map[string]error
 
-	result, errQueriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
+	result, errQuriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
 	if err != nil {
 		apiErrObj := &model.ApiError{Typ: model.ErrorBadData, Err: err}
-		RespondError(w, apiErrObj, errQueriesByName)
+		RespondError(w, apiErrObj, errQuriesByName)
 		return
 	}
 	result = postprocess.TransformToTableForClickHouseQueries(result)
@@ -2693,12 +2692,12 @@ func (aH *APIHandler) getConsumerData(w http.ResponseWriter, r *http.Request) {
 	}
 
 	var result []*v3.Result
-	var errQueriesByName map[string]error
+	var errQuriesByName map[string]error
 
-	result, errQueriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
+	result, errQuriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
 	if err != nil {
 		apiErrObj := &model.ApiError{Typ: model.ErrorBadData, Err: err}
-		RespondError(w, apiErrObj, errQueriesByName)
+		RespondError(w, apiErrObj, errQuriesByName)
 		return
 	}
 	result = postprocess.TransformToTableForClickHouseQueries(result)
@@ -2747,12 +2746,12 @@ func (aH *APIHandler) getPartitionOverviewLatencyData(w http.ResponseWriter, r *
 	}
 
 	var result []*v3.Result
-	var errQueriesByName map[string]error
+	var errQuriesByName map[string]error
 
-	result, errQueriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
+	result, errQuriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
 	if err != nil {
 		apiErrObj := &model.ApiError{Typ: model.ErrorBadData, Err: err}
-		RespondError(w, apiErrObj, errQueriesByName)
+		RespondError(w, apiErrObj, errQuriesByName)
 		return
 	}
 	result = postprocess.TransformToTableForClickHouseQueries(result)
@@ -2801,12 +2800,12 @@ func (aH *APIHandler) getConsumerPartitionLatencyData(w http.ResponseWriter, r *
 	}
 
 	var result []*v3.Result
-	var errQueriesByName map[string]error
+	var errQuriesByName map[string]error
 
-	result, errQueriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
+	result, errQuriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
 	if err != nil {
 		apiErrObj := &model.ApiError{Typ: model.ErrorBadData, Err: err}
-		RespondError(w, apiErrObj, errQueriesByName)
+		RespondError(w, apiErrObj, errQuriesByName)
 		return
 	}
 	result = postprocess.TransformToTableForClickHouseQueries(result)
@@ -2858,12 +2857,12 @@ func (aH *APIHandler) getProducerThroughputOverview(w http.ResponseWriter, r *ht
 	}
 
 	var result []*v3.Result
-	var errQueriesByName map[string]error
+	var errQuriesByName map[string]error
 
-	result, errQueriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, producerQueryRangeParams)
+	result, errQuriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, producerQueryRangeParams)
 	if err != nil {
 		apiErrObj := &model.ApiError{Typ: model.ErrorBadData, Err: err}
-		RespondError(w, apiErrObj, errQueriesByName)
+		RespondError(w, apiErrObj, errQuriesByName)
 		return
 	}
 
@@ -2969,12 +2968,12 @@ func (aH *APIHandler) getProducerThroughputDetails(w http.ResponseWriter, r *htt
 	}
 
 	var result []*v3.Result
-	var errQueriesByName map[string]error
+	var errQuriesByName map[string]error
 
-	result, errQueriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
+	result, errQuriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
 	if err != nil {
 		apiErrObj := &model.ApiError{Typ: model.ErrorBadData, Err: err}
-		RespondError(w, apiErrObj, errQueriesByName)
+		RespondError(w, apiErrObj, errQuriesByName)
 		return
 	}
 	result = postprocess.TransformToTableForClickHouseQueries(result)
@@ -3023,12 +3022,12 @@ func (aH *APIHandler) getConsumerThroughputOverview(w http.ResponseWriter, r *ht
 	}
 
 	var result []*v3.Result
-	var errQueriesByName map[string]error
+	var errQuriesByName map[string]error
 
-	result, errQueriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
+	result, errQuriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
 	if err != nil {
 		apiErrObj := &model.ApiError{Typ: model.ErrorBadData, Err: err}
-		RespondError(w, apiErrObj, errQueriesByName)
+		RespondError(w, apiErrObj, errQuriesByName)
 		return
 	}
 	result = postprocess.TransformToTableForClickHouseQueries(result)
@@ -3077,12 +3076,12 @@ func (aH *APIHandler) getConsumerThroughputDetails(w http.ResponseWriter, r *htt
 	}
 
 	var result []*v3.Result
-	var errQueriesByName map[string]error
+	var errQuriesByName map[string]error
 
-	result, errQueriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
+	result, errQuriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
 	if err != nil {
 		apiErrObj := &model.ApiError{Typ: model.ErrorBadData, Err: err}
-		RespondError(w, apiErrObj, errQueriesByName)
+		RespondError(w, apiErrObj, errQuriesByName)
 		return
 	}
 	result = postprocess.TransformToTableForClickHouseQueries(result)
@@ -3137,12 +3136,12 @@ func (aH *APIHandler) getProducerConsumerEval(w http.ResponseWriter, r *http.Req
 	}
 
 	var result []*v3.Result
-	var errQueriesByName map[string]error
+	var errQuriesByName map[string]error
 
-	result, errQueriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
+	result, errQuriesByName, err = aH.querierV2.QueryRange(r.Context(), orgID, queryRangeParams)
 	if err != nil {
 		apiErrObj := &model.ApiError{Typ: model.ErrorBadData, Err: err}
-		RespondError(w, apiErrObj, errQueriesByName)
+		RespondError(w, apiErrObj, errQuriesByName)
 		return
 	}
 
@@ -4126,11 +4125,11 @@ func (aH *APIHandler) ListLogsPipelinesHandler(w http.ResponseWriter, r *http.Re
 	aH.Respond(w, payload)
 }
 
-// listLogsPipelines lists logs pipelines for latest version
+// listLogsPipelines lists logs piplines for latest version
 func (aH *APIHandler) listLogsPipelines(ctx context.Context, orgID valuer.UUID) (
 	*logparsingpipeline.PipelinesResponse, error,
 ) {
-	// get latest agent config
+	// get lateset agent config
 	latestVersion := -1
 	lastestConfig, err := agentConf.GetLatestVersion(ctx, orgID, opamptypes.ElementTypeLogPipelines)
 	if err != nil && !errorsV2.Ast(err, errorsV2.TypeNotFound) {
@@ -4427,7 +4426,7 @@ func (aH *APIHandler) queryRangeV3(ctx context.Context, queryRangeParams *v3.Que
 	}
 
 	var result []*v3.Result
-	var errQueriesByName map[string]error
+	var errQuriesByName map[string]error
 	var spanKeys map[string]v3.AttributeKey
 	if queryRangeParams.CompositeQuery.QueryType == v3.QueryTypeBuilder {
 		hasLogsQuery := false
@@ -4444,7 +4443,7 @@ func (aH *APIHandler) queryRangeV3(ctx context.Context, queryRangeParams *v3.Que
 		if logsv3.EnrichmentRequired(queryRangeParams) && hasLogsQuery {
 			logsFields, apiErr := aH.reader.GetLogFieldsFromNames(ctx, logsv3.GetFieldNames(queryRangeParams.CompositeQuery))
 			if apiErr != nil {
-				RespondError(w, apiErr, errQueriesByName)
+				RespondError(w, apiErr, errQuriesByName)
 				return
 			}
 			// get the fields if any logs query is present
@@ -4455,7 +4454,7 @@ func (aH *APIHandler) queryRangeV3(ctx context.Context, queryRangeParams *v3.Que
 			spanKeys, err = aH.getSpanKeysV3(ctx, queryRangeParams)
 			if err != nil {
 				apiErrObj := &model.ApiError{Typ: model.ErrorInternal, Err: err}
-				RespondError(w, apiErrObj, errQueriesByName)
+				RespondError(w, apiErrObj, errQuriesByName)
 				return
 			}
 			tracesV4.Enrich(queryRangeParams, spanKeys)
@@ -4500,11 +4499,11 @@ func (aH *APIHandler) queryRangeV3(ctx context.Context, queryRangeParams *v3.Que
 		}
 	}
 
-	result, errQueriesByName, err = aH.querier.QueryRange(ctx, orgID, queryRangeParams)
+	result, errQuriesByName, err = aH.querier.QueryRange(ctx, orgID, queryRangeParams)
 
 	if err != nil {
 		queryErrors := map[string]string{}
-		for name, err := range errQueriesByName {
+		for name, err := range errQuriesByName {
 			queryErrors[fmt.Sprintf("Query-%s", name)] = err.Error()
 		}
 		apiErrObj := &model.ApiError{Typ: model.ErrorInternal, Err: err}
@@ -4780,7 +4779,7 @@ func (aH *APIHandler) queryRangeV4(ctx context.Context, queryRangeParams *v3.Que
 	}
 
 	var result []*v3.Result
-	var errQueriesByName map[string]error
+	var errQuriesByName map[string]error
 	var spanKeys map[string]v3.AttributeKey
 	if queryRangeParams.CompositeQuery.QueryType == v3.QueryTypeBuilder {
 		hasLogsQuery := false
@@ -4810,7 +4809,7 @@ func (aH *APIHandler) queryRangeV4(ctx context.Context, queryRangeParams *v3.Que
 			spanKeys, err = aH.getSpanKeysV3(ctx, queryRangeParams)
 			if err != nil {
 				apiErrObj := &model.ApiError{Typ: model.ErrorInternal, Err: err}
-				RespondError(w, apiErrObj, errQueriesByName)
+				RespondError(w, apiErrObj, errQuriesByName)
 				return
 			}
 			tracesV4.Enrich(queryRangeParams, spanKeys)
@@ -4833,11 +4832,11 @@ func (aH *APIHandler) queryRangeV4(ctx context.Context, queryRangeParams *v3.Que
 		}
 	}
 
-	result, errQueriesByName, err = aH.querierV2.QueryRange(ctx, orgID, queryRangeParams)
+	result, errQuriesByName, err = aH.querierV2.QueryRange(ctx, orgID, queryRangeParams)
 
 	if err != nil {
 		queryErrors := map[string]string{}
-		for name, err := range errQueriesByName {
+		for name, err := range errQuriesByName {
 			queryErrors[fmt.Sprintf("Query-%s", name)] = err.Error()
 		}
 		apiErrObj := &model.ApiError{Typ: model.ErrorInternal, Err: err}
@@ -4854,7 +4853,7 @@ func (aH *APIHandler) queryRangeV4(ctx context.Context, queryRangeParams *v3.Que
 
 	if err != nil {
 		apiErrObj := &model.ApiError{Typ: model.ErrorBadData, Err: err}
-		RespondError(w, apiErrObj, errQueriesByName)
+		RespondError(w, apiErrObj, errQuriesByName)
 		return
 	}
 	aH.sendQueryResultEvents(r, result, queryRangeParams, "v4")

pkg/query-service/app/server.go

@@ -207,7 +207,7 @@ func (s *Server) createPublicServer(api *APIHandler, web web.Web) (*http.Server,
 	r.Use(middleware.NewLogging(s.signoz.Instrumentation.Logger(), s.config.APIServer.Logging.ExcludedRoutes).Wrap)
 	r.Use(middleware.NewComment().Wrap)
 
-	am := middleware.NewAuthZ(s.signoz.Instrumentation.Logger(), s.signoz.Modules.OrgGetter, s.signoz.Authz)
+	am := middleware.NewAuthZ(s.signoz.Instrumentation.Logger(), s.signoz.Modules.OrgGetter, s.signoz.Authz, s.signoz.Modules.RoleGetter)
 
 	api.RegisterRoutes(r, am)
 	api.RegisterLogsRoutes(r, am)

pkg/query-service/constants/constants.go

@@ -5,10 +5,10 @@ import (
 	"os"
 	"regexp"
 	"strconv"
+	"time"
 
 	"github.com/SigNoz/signoz/pkg/query-service/model"
 	v3 "github.com/SigNoz/signoz/pkg/query-service/model/v3"
-	"github.com/SigNoz/signoz/pkg/valuer"
 )
 
 const (
@@ -40,11 +40,11 @@ const NormalizedMetricsMapQueryThreads = 10
 var NormalizedMetricsMapRegex = regexp.MustCompile(`[^a-zA-Z0-9]`)
 var NormalizedMetricsMapQuantileRegex = regexp.MustCompile(`(?i)([._-]?quantile.*)$`)
 
-func GetEvalDelay() valuer.TextDuration {
+func GetEvalDelay() time.Duration {
 	evalDelayStr := GetOrDefaultEnv("RULES_EVAL_DELAY", "2m")
-	evalDelayDuration, err := valuer.ParseTextDuration(evalDelayStr)
+	evalDelayDuration, err := time.ParseDuration(evalDelayStr)
 	if err != nil {
-		return valuer.TextDuration{}
+		return 0
 	}
 	return evalDelayDuration
 }

pkg/query-service/rules/base_rule.go

@@ -40,13 +40,13 @@ type BaseRule struct {
 	// evalWindow is the time window used for evaluating the rule
 	// i.e. each time we lookback from the current time, we look at data for the last
 	// evalWindow duration
-	evalWindow valuer.TextDuration
+	evalWindow time.Duration
 	// holdDuration is the duration for which the alert waits before firing
-	holdDuration valuer.TextDuration
+	holdDuration time.Duration
 
 	// evalDelay is the delay in evaluation of the rule
 	// this is useful in cases where the data is not available immediately
-	evalDelay valuer.TextDuration
+	evalDelay time.Duration
 
 	// holds the static set of labels and annotations for the rule
 	// these are the same for all alerts created for this rule
@@ -94,7 +94,7 @@ type BaseRule struct {
 	evaluation ruletypes.Evaluation
 
 	// newGroupEvalDelay is the grace period for new alert groups
-	newGroupEvalDelay valuer.TextDuration
+	newGroupEvalDelay *time.Duration
 
 	queryParser queryparser.QueryParser
 }
@@ -113,7 +113,7 @@ func WithSendUnmatched() RuleOption {
 	}
 }
 
-func WithEvalDelay(dur valuer.TextDuration) RuleOption {
+func WithEvalDelay(dur time.Duration) RuleOption {
 	return func(r *BaseRule) {
 		r.evalDelay = dur
 	}
@@ -163,7 +163,7 @@ func NewBaseRule(id string, orgID valuer.UUID, p *ruletypes.PostableRule, reader
 		source:            p.Source,
 		typ:               p.AlertType,
 		ruleCondition:     p.RuleCondition,
-		evalWindow:        p.EvalWindow,
+		evalWindow:        time.Duration(p.EvalWindow),
 		labels:            qslabels.FromMap(p.Labels),
 		annotations:       qslabels.FromMap(p.Annotations),
 		preferredChannels: p.PreferredChannels,
@@ -176,12 +176,13 @@ func NewBaseRule(id string, orgID valuer.UUID, p *ruletypes.PostableRule, reader
 	}
 
 	// Store newGroupEvalDelay and groupBy keys from NotificationSettings
-	if p.NotificationSettings != nil {
-		baseRule.newGroupEvalDelay = p.NotificationSettings.NewGroupEvalDelay
+	if p.NotificationSettings != nil && p.NotificationSettings.NewGroupEvalDelay != nil {
+		newGroupEvalDelay := time.Duration(*p.NotificationSettings.NewGroupEvalDelay)
+		baseRule.newGroupEvalDelay = &newGroupEvalDelay
 	}
 
-	if baseRule.evalWindow.IsZero() {
-		baseRule.evalWindow = valuer.MustParseTextDuration("5m")
+	if baseRule.evalWindow == 0 {
+		baseRule.evalWindow = 5 * time.Minute
 	}
 
 	for _, opt := range opts {
@@ -244,15 +245,15 @@ func (r *BaseRule) ActiveAlertsLabelFP() map[uint64]struct{} {
 	return activeAlerts
 }
 
-func (r *BaseRule) EvalDelay() valuer.TextDuration {
+func (r *BaseRule) EvalDelay() time.Duration {
 	return r.evalDelay
 }
 
-func (r *BaseRule) EvalWindow() valuer.TextDuration {
+func (r *BaseRule) EvalWindow() time.Duration {
 	return r.evalWindow
 }
 
-func (r *BaseRule) HoldDuration() valuer.TextDuration {
+func (r *BaseRule) HoldDuration() time.Duration {
 	return r.holdDuration
 }
 
@@ -280,7 +281,7 @@ func (r *BaseRule) Timestamps(ts time.Time) (time.Time, time.Time) {
 	start := st.UnixMilli()
 	end := en.UnixMilli()
 
-	if r.evalDelay.IsPositive() {
+	if r.evalDelay > 0 {
 		start = start - r.evalDelay.Milliseconds()
 		end = end - r.evalDelay.Milliseconds()
 	}
@@ -551,7 +552,7 @@ func (r *BaseRule) PopulateTemporality(ctx context.Context, orgID valuer.UUID, q
 
 // ShouldSkipNewGroups returns true if new group filtering should be applied
 func (r *BaseRule) ShouldSkipNewGroups() bool {
-	return r.newGroupEvalDelay.IsPositive()
+	return r.newGroupEvalDelay != nil && *r.newGroupEvalDelay > 0
 }
 
 // isFilterNewSeriesSupported checks if the query is supported for new series filtering

pkg/query-service/rules/base_rule_test.go

@@ -20,7 +20,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/telemetrystore/telemetrystoretest"
 	"github.com/SigNoz/signoz/pkg/types/metrictypes"
 	qbtypes "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
-	"github.com/SigNoz/signoz/pkg/types/ruletypes"
+	ruletypes "github.com/SigNoz/signoz/pkg/types/ruletypes"
 	"github.com/SigNoz/signoz/pkg/types/telemetrytypes"
 	"github.com/SigNoz/signoz/pkg/types/telemetrytypes/telemetrytypestest"
 	"github.com/SigNoz/signoz/pkg/valuer"
@@ -124,8 +124,8 @@ func createPostableRule(compositeQuery *v3.CompositeQuery) ruletypes.PostableRul
 		Evaluation: &ruletypes.EvaluationEnvelope{
 			Kind: ruletypes.RollingEvaluation,
 			Spec: ruletypes.RollingWindow{
-				EvalWindow: valuer.MustParseTextDuration("5m"),
-				Frequency:  valuer.MustParseTextDuration("1m"),
+				EvalWindow: ruletypes.Duration(5 * time.Minute),
+				Frequency:  ruletypes.Duration(1 * time.Minute),
 			},
 		},
 		RuleCondition: &ruletypes.RuleCondition{
@@ -151,7 +151,7 @@ type filterNewSeriesTestCase struct {
 	compositeQuery    *v3.CompositeQuery
 	series            []*v3.Series
 	firstSeenMap      map[telemetrytypes.MetricMetadataLookupKey]int64
-	newGroupEvalDelay valuer.TextDuration
+	newGroupEvalDelay *time.Duration
 	evalTime          time.Time
 	expectedFiltered  []*v3.Series // series that should be in the final filtered result (old enough)
 	expectError       bool
@@ -159,8 +159,7 @@ type filterNewSeriesTestCase struct {
 
 func TestBaseRule_FilterNewSeries(t *testing.T) {
 	defaultEvalTime := time.Unix(1700000000, 0)
-	defaultNewGroupEvalDelay := valuer.MustParseTextDuration("2m")
-	defaultDelay := defaultNewGroupEvalDelay.Duration()
+	defaultDelay := 2 * time.Minute
 	defaultGroupByFields := []string{"service_name", "env"}
 
 	logger := instrumentationtest.New().Logger()
@@ -203,7 +202,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 				createFirstSeenMap("request_total", defaultGroupByFields, defaultEvalTime, defaultDelay, false, "svc-new", "prod"),
 				// svc-missing has no metadata, so it will be included
 			),
-			newGroupEvalDelay: defaultNewGroupEvalDelay,
+			newGroupEvalDelay: &defaultDelay,
 			evalTime:          defaultEvalTime,
 			expectedFiltered: []*v3.Series{
 				createTestSeries(map[string]string{"service_name": "svc-old", "env": "prod"}, nil),
@@ -235,7 +234,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 				createFirstSeenMap("request_total", defaultGroupByFields, defaultEvalTime, defaultDelay, false, "svc-new1", "prod"),
 				createFirstSeenMap("request_total", defaultGroupByFields, defaultEvalTime, defaultDelay, false, "svc-new2", "stage"),
 			),
-			newGroupEvalDelay: defaultNewGroupEvalDelay,
+			newGroupEvalDelay: &defaultDelay,
 			evalTime:          defaultEvalTime,
 			expectedFiltered:  []*v3.Series{}, // all should be filtered out (new series)
 		},
@@ -262,7 +261,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 				createFirstSeenMap("request_total", defaultGroupByFields, defaultEvalTime, defaultDelay, true, "svc-old1", "prod"),
 				createFirstSeenMap("request_total", defaultGroupByFields, defaultEvalTime, defaultDelay, true, "svc-old2", "stage"),
 			),
-			newGroupEvalDelay: defaultNewGroupEvalDelay,
+			newGroupEvalDelay: &defaultDelay,
 			evalTime:          defaultEvalTime,
 			expectedFiltered: []*v3.Series{
 				createTestSeries(map[string]string{"service_name": "svc-old1", "env": "prod"}, nil),
@@ -296,7 +295,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 				createTestSeries(map[string]string{"service_name": "svc1", "env": "prod"}, nil),
 			},
 			firstSeenMap:      make(map[telemetrytypes.MetricMetadataLookupKey]int64),
-			newGroupEvalDelay: defaultNewGroupEvalDelay,
+			newGroupEvalDelay: &defaultDelay,
 			evalTime:          defaultEvalTime,
 			expectedFiltered: []*v3.Series{
 				createTestSeries(map[string]string{"service_name": "svc1", "env": "prod"}, nil),
@@ -326,7 +325,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 				createTestSeries(map[string]string{"service_name": "svc1", "env": "prod"}, nil),
 			},
 			firstSeenMap:      make(map[telemetrytypes.MetricMetadataLookupKey]int64),
-			newGroupEvalDelay: defaultNewGroupEvalDelay,
+			newGroupEvalDelay: &defaultDelay,
 			evalTime:          defaultEvalTime,
 			expectedFiltered: []*v3.Series{
 				createTestSeries(map[string]string{"service_name": "svc1", "env": "prod"}, nil),
@@ -362,7 +361,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 				createTestSeries(map[string]string{"status": "200"}, nil), // no service_name or env
 			},
 			firstSeenMap:      make(map[telemetrytypes.MetricMetadataLookupKey]int64),
-			newGroupEvalDelay: defaultNewGroupEvalDelay,
+			newGroupEvalDelay: &defaultDelay,
 			evalTime:          defaultEvalTime,
 			expectedFiltered: []*v3.Series{
 				createTestSeries(map[string]string{"status": "200"}, nil),
@@ -391,7 +390,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 			},
 			firstSeenMap: createFirstSeenMap("request_total", defaultGroupByFields, defaultEvalTime, defaultDelay, true, "svc-old", "prod"),
 			// svc-no-metadata has no entry in firstSeenMap
-			newGroupEvalDelay: defaultNewGroupEvalDelay,
+			newGroupEvalDelay: &defaultDelay,
 			evalTime:          defaultEvalTime,
 			expectedFiltered: []*v3.Series{
 				createTestSeries(map[string]string{"service_name": "svc-old", "env": "prod"}, nil),
@@ -421,7 +420,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 				{MetricName: "request_total", AttributeName: "service_name", AttributeValue: "svc-partial"}: calculateFirstSeen(defaultEvalTime, defaultDelay, true),
 				// env metadata is missing
 			},
-			newGroupEvalDelay: defaultNewGroupEvalDelay,
+			newGroupEvalDelay: &defaultDelay,
 			evalTime:          defaultEvalTime,
 			expectedFiltered: []*v3.Series{
 				createTestSeries(map[string]string{"service_name": "svc-partial", "env": "prod"}, nil),
@@ -455,7 +454,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 			},
 			series:            []*v3.Series{},
 			firstSeenMap:      make(map[telemetrytypes.MetricMetadataLookupKey]int64),
-			newGroupEvalDelay: defaultNewGroupEvalDelay,
+			newGroupEvalDelay: &defaultDelay,
 			evalTime:          defaultEvalTime,
 			expectedFiltered:  []*v3.Series{},
 		},
@@ -489,7 +488,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 				createTestSeries(map[string]string{"service_name": "svc1", "env": "prod"}, nil),
 			},
 			firstSeenMap:      createFirstSeenMap("request_total", defaultGroupByFields, defaultEvalTime, defaultDelay, true, "svc1", "prod"),
-			newGroupEvalDelay: valuer.TextDuration{}, // zero delay
+			newGroupEvalDelay: func() *time.Duration { d := time.Duration(0); return &d }(), // zero delay
 			evalTime:          defaultEvalTime,
 			expectedFiltered: []*v3.Series{
 				createTestSeries(map[string]string{"service_name": "svc1", "env": "prod"}, nil),
@@ -533,7 +532,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 				createFirstSeenMap("request_total", defaultGroupByFields, defaultEvalTime, defaultDelay, true, "svc1", "prod"),
 				createFirstSeenMap("error_total", defaultGroupByFields, defaultEvalTime, defaultDelay, true, "svc1", "prod"),
 			),
-			newGroupEvalDelay: defaultNewGroupEvalDelay,
+			newGroupEvalDelay: &defaultDelay,
 			evalTime:          defaultEvalTime,
 			expectedFiltered: []*v3.Series{
 				createTestSeries(map[string]string{"service_name": "svc1", "env": "prod"}, nil),
@@ -573,7 +572,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 				createFirstSeenMap("request_total", []string{"service_name"}, defaultEvalTime, defaultDelay, true, "svc1"),
 				createFirstSeenMap("request_total", []string{"env"}, defaultEvalTime, defaultDelay, false, "prod"),
 			),
-			newGroupEvalDelay: defaultNewGroupEvalDelay,
+			newGroupEvalDelay: &defaultDelay,
 			evalTime:          defaultEvalTime,
 			expectedFiltered:  []*v3.Series{}, // max first_seen is new, so should be filtered out
 		},
@@ -605,7 +604,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 				createTestSeries(map[string]string{"service_name": "svc2"}, nil),
 			},
 			firstSeenMap:      make(map[telemetrytypes.MetricMetadataLookupKey]int64),
-			newGroupEvalDelay: defaultNewGroupEvalDelay,
+			newGroupEvalDelay: &defaultDelay,
 			evalTime:          defaultEvalTime,
 			expectedFiltered: []*v3.Series{
 				createTestSeries(map[string]string{"service_name": "svc1"}, nil),
@@ -640,7 +639,7 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 				createTestSeries(map[string]string{"service_name": "svc2"}, nil),
 			},
 			firstSeenMap:      make(map[telemetrytypes.MetricMetadataLookupKey]int64),
-			newGroupEvalDelay: defaultNewGroupEvalDelay,
+			newGroupEvalDelay: &defaultDelay,
 			evalTime:          defaultEvalTime,
 			expectedFiltered: []*v3.Series{
 				createTestSeries(map[string]string{"service_name": "svc1"}, nil),
@@ -698,14 +697,20 @@ func TestBaseRule_FilterNewSeries(t *testing.T) {
 				telemetryStore,
 				prometheustest.New(context.Background(), settings, prometheus.Config{}, telemetryStore),
 				"",
-				time.Second,
+				time.Duration(time.Second),
 				nil,
 				readerCache,
 				options,
 			)
 
-			postableRule.NotificationSettings = &ruletypes.NotificationSettings{
-				NewGroupEvalDelay: tt.newGroupEvalDelay,
+			// Set newGroupEvalDelay in NotificationSettings if provided
+			if tt.newGroupEvalDelay != nil {
+				postableRule.NotificationSettings = &ruletypes.NotificationSettings{
+					NewGroupEvalDelay: func() *ruletypes.Duration {
+						d := ruletypes.Duration(*tt.newGroupEvalDelay)
+						return &d
+					}(),
+				}
 			}
 
 			// Create BaseRule using NewBaseRule

pkg/query-service/rules/manager.go

@@ -30,7 +30,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/types/alertmanagertypes"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/ruletypes"
+	ruletypes "github.com/SigNoz/signoz/pkg/types/ruletypes"
 	"github.com/SigNoz/signoz/pkg/types/telemetrytypes"
 	"github.com/SigNoz/signoz/pkg/valuer"
 )
@@ -66,7 +66,7 @@ type PrepareTestRuleOptions struct {
 	OrgID            valuer.UUID
 }
 
-const taskNameSuffix = "webAppEditor"
+const taskNamesuffix = "webAppEditor"
 
 func RuleIdFromTaskName(n string) string {
 	return strings.Split(n, "-groupname")[0]
@@ -97,7 +97,7 @@ type ManagerOptions struct {
 	SLogger     *slog.Logger
 	Cache       cache.Cache
 
-	EvalDelay valuer.TextDuration
+	EvalDelay time.Duration
 
 	PrepareTaskFunc     func(opts PrepareTaskOptions) (Task, error)
 	PrepareTestRuleFunc func(opts PrepareTestRuleOptions) (int, *model.ApiError)
@@ -182,8 +182,8 @@ func defaultPrepareTaskFunc(opts PrepareTaskOptions) (Task, error) {
 
 		rules = append(rules, tr)
 
-		// create ch rule task for evaluation
-		task = newTask(TaskTypeCh, opts.TaskName, taskNameSuffix, evaluation.GetFrequency().Duration(), rules, opts.ManagerOpts, opts.NotifyFunc, opts.MaintenanceStore, opts.OrgID)
+		// create ch rule task for evalution
+		task = newTask(TaskTypeCh, opts.TaskName, taskNamesuffix, time.Duration(evaluation.GetFrequency()), rules, opts.ManagerOpts, opts.NotifyFunc, opts.MaintenanceStore, opts.OrgID)
 
 	} else if opts.Rule.RuleType == ruletypes.RuleTypeProm {
 
@@ -206,8 +206,8 @@ func defaultPrepareTaskFunc(opts PrepareTaskOptions) (Task, error) {
 
 		rules = append(rules, pr)
 
-		// create promql rule task for evaluation
-		task = newTask(TaskTypeProm, opts.TaskName, taskNameSuffix, evaluation.GetFrequency().Duration(), rules, opts.ManagerOpts, opts.NotifyFunc, opts.MaintenanceStore, opts.OrgID)
+		// create promql rule task for evalution
+		task = newTask(TaskTypeProm, opts.TaskName, taskNamesuffix, time.Duration(evaluation.GetFrequency()), rules, opts.ManagerOpts, opts.NotifyFunc, opts.MaintenanceStore, opts.OrgID)
 
 	} else {
 		return nil, fmt.Errorf("unsupported rule type %s. Supported types: %s, %s", opts.Rule.RuleType, ruletypes.RuleTypeProm, ruletypes.RuleTypeThreshold)
@@ -323,7 +323,7 @@ func (m *Manager) run(_ context.Context) {
 }
 
 // Stop the rule manager's rule evaluation cycles.
-func (m *Manager) Stop(_ context.Context) {
+func (m *Manager) Stop(ctx context.Context) {
 	m.mtx.Lock()
 	defer m.mtx.Unlock()
 
@@ -336,7 +336,7 @@ func (m *Manager) Stop(_ context.Context) {
 	zap.L().Info("Rule manager stopped")
 }
 
-// EditRule writes the rule definition to the
+// EditRuleDefinition writes the rule definition to the
 // datastore and also updates the rule executor
 func (m *Manager) EditRule(ctx context.Context, ruleStr string, id valuer.UUID) error {
 	claims, err := authtypes.ClaimsFromContext(ctx)
@@ -643,7 +643,7 @@ func (m *Manager) addTask(_ context.Context, orgID valuer.UUID, rule *ruletypes.
 		m.rules[r.ID()] = r
 	}
 
-	// If there is another task with the same identifier, raise an error
+	// If there is an another task with the same identifier, raise an error
 	_, ok := m.tasks[taskName]
 	if ok {
 		return fmt.Errorf("a rule with the same name already exists")
@@ -678,8 +678,7 @@ func (m *Manager) RuleTasks() []Task {
 	return rgs
 }
 
-// RuleTasksWithoutLock returns the list of manager's rule tasks without
-// acquiring a lock on the manager.
+// RuleTasks returns the list of manager's rule tasks.
 func (m *Manager) RuleTasksWithoutLock() []Task {
 
 	rgs := make([]Task, 0, len(m.tasks))
@@ -890,7 +889,7 @@ func (m *Manager) syncRuleStateWithTask(ctx context.Context, orgID valuer.UUID,
 	} else {
 		// check if rule has a task running
 		if _, ok := m.tasks[taskName]; !ok {
-			// rule has no task, start one
+			// rule has not task, start one
 			if err := m.addTask(ctx, orgID, rule, taskName); err != nil {
 				return err
 			}

pkg/query-service/rules/manager_test_data.go

@@ -9,7 +9,6 @@ import (
 	qbtypes "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
 	ruletypes "github.com/SigNoz/signoz/pkg/types/ruletypes"
 	"github.com/SigNoz/signoz/pkg/types/telemetrytypes"
-	"github.com/SigNoz/signoz/pkg/valuer"
 )
 
 // ThresholdRuleTestCase defines test case structure for threshold rule test notifications
@@ -41,8 +40,8 @@ func ThresholdRuleAtLeastOnceValueAbove(target float64, recovery *float64) rulet
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		Labels: map[string]string{
 			"service.name": "frontend",
@@ -100,8 +99,8 @@ func BuildPromAtLeastOnceValueAbove(target float64, recovery *float64) ruletypes
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeProm,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		Labels: map[string]string{
 			"service.name": "frontend",

pkg/query-service/rules/prom_rule.go

@@ -28,8 +28,6 @@ type PromRule struct {
 	prometheus prometheus.Prometheus
 }
 
-var _ Rule = (*PromRule)(nil)
-
 func NewPromRule(
 	id string,
 	orgID valuer.UUID,
@@ -334,7 +332,7 @@ func (r *PromRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 			continue
 		}
 
-		if a.State == model.StatePending && ts.Sub(a.ActiveAt) >= r.holdDuration.Duration() {
+		if a.State == model.StatePending && ts.Sub(a.ActiveAt) >= r.holdDuration {
 			a.State = model.StateFiring
 			a.FiredAt = ts
 			state := model.StateFiring
@@ -398,7 +396,7 @@ func (r *PromRule) String() string {
 	ar := ruletypes.PostableRule{
 		AlertName:         r.name,
 		RuleCondition:     r.ruleCondition,
-		EvalWindow:        r.evalWindow,
+		EvalWindow:        ruletypes.Duration(r.evalWindow),
 		Labels:            r.labels.Map(),
 		Annotations:       r.annotations.Map(),
 		PreferredChannels: r.preferredChannels,

pkg/query-service/rules/prom_rule_task.go

@@ -41,12 +41,12 @@ type PromRuleTask struct {
 	orgID            valuer.UUID
 }
 
-// NewPromRuleTask holds rules that have promql condition
-// and evaluates the rule at a given frequency
+// newPromRuleTask holds rules that have promql condition
+// and evalutes the rule at a given frequency
 func NewPromRuleTask(name, file string, frequency time.Duration, rules []Rule, opts *ManagerOptions, notify NotifyFunc, maintenanceStore ruletypes.MaintenanceStore, orgID valuer.UUID) *PromRuleTask {
 	zap.L().Info("Initiating a new rule group", zap.String("name", name), zap.Duration("frequency", frequency))
 
-	if frequency == 0 {
+	if time.Now() == time.Now().Add(frequency) {
 		frequency = DefaultFrequency
 	}
 

pkg/query-service/rules/prom_rule_test.go

@@ -41,8 +41,8 @@ func TestPromRuleEval(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeProm,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -748,8 +748,8 @@ func TestPromRuleUnitCombinations(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeProm,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -1007,8 +1007,8 @@ func _Enable_this_after_9146_issue_fix_is_merged_TestPromRuleNoData(t *testing.T
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeProm,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -1118,8 +1118,8 @@ func TestMultipleThresholdPromRule(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeProm,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -1353,8 +1353,8 @@ func TestPromRule_NoData(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeProm,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompareOp: ruletypes.ValueIsAbove,
@@ -1466,7 +1466,7 @@ func TestPromRule_NoData_AbsentFor(t *testing.T) {
 	// 3. Alert fires only if t2 - t1 > AbsentFor
 
 	baseTime := time.Unix(1700000000, 0)
-	evalWindow := valuer.MustParseTextDuration("5m")
+	evalWindow := 5 * time.Minute
 
 	// Set target higher than test data (100.0) so regular threshold alerts don't fire
 	target := 500.0
@@ -1476,8 +1476,8 @@ func TestPromRule_NoData_AbsentFor(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeProm,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: evalWindow,
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(evalWindow),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompareOp:     ruletypes.ValueIsAbove,
@@ -1619,7 +1619,7 @@ func TestPromRuleEval_RequireMinPoints(t *testing.T) {
 	baseTime := time.Unix(1700000000, 0)
 	evalTime := baseTime.Add(5 * time.Minute)
 
-	evalWindow := valuer.MustParseTextDuration("5m")
+	evalWindow := 5 * time.Minute
 	lookBackDelta := time.Minute
 
 	postableRule := ruletypes.PostableRule{
@@ -1627,8 +1627,8 @@ func TestPromRuleEval_RequireMinPoints(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeProm,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: evalWindow,
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(evalWindow),
+			Frequency:  ruletypes.Duration(time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompareOp: ruletypes.ValueIsAbove,

pkg/query-service/rules/rule.go

@@ -7,7 +7,6 @@ import (
 	"github.com/SigNoz/signoz/pkg/query-service/model"
 	"github.com/SigNoz/signoz/pkg/query-service/utils/labels"
 	ruletypes "github.com/SigNoz/signoz/pkg/types/ruletypes"
-	"github.com/SigNoz/signoz/pkg/valuer"
 )
 
 // A Rule encapsulates a vector expression which is evaluated at a specified
@@ -20,9 +19,9 @@ type Rule interface {
 	Labels() labels.BaseLabels
 	Annotations() labels.BaseLabels
 	Condition() *ruletypes.RuleCondition
-	EvalDelay() valuer.TextDuration
-	EvalWindow() valuer.TextDuration
-	HoldDuration() valuer.TextDuration
+	EvalDelay() time.Duration
+	EvalWindow() time.Duration
+	HoldDuration() time.Duration
 	State() model.AlertState
 	ActiveAlerts() []*ruletypes.Alert
 	// ActiveAlertsLabelFP returns a map of active alert labels fingerprint

pkg/query-service/rules/rule_task.go

@@ -43,7 +43,7 @@ const DefaultFrequency = 1 * time.Minute
 // NewRuleTask makes a new RuleTask with the given name, options, and rules.
 func NewRuleTask(name, file string, frequency time.Duration, rules []Rule, opts *ManagerOptions, notify NotifyFunc, maintenanceStore ruletypes.MaintenanceStore, orgID valuer.UUID) *RuleTask {
 
-	if frequency == 0 {
+	if time.Now() == time.Now().Add(frequency) {
 		frequency = DefaultFrequency
 	}
 	zap.L().Info("initiating a new rule task", zap.String("name", name), zap.Duration("frequency", frequency))
@@ -78,7 +78,6 @@ func (g *RuleTask) Type() TaskType { return TaskTypeCh }
 func (g *RuleTask) Rules() []Rule { return g.rules }
 
 // Interval returns the group's interval.
-// TODO: remove (unused)?
 func (g *RuleTask) Interval() time.Duration { return g.frequency }
 
 func (g *RuleTask) Pause(b bool) {

pkg/query-service/rules/threshold_rule.go

@@ -61,8 +61,6 @@ type ThresholdRule struct {
 	spansKeys map[string]v3.AttributeKey
 }
 
-var _ Rule = (*ThresholdRule)(nil)
-
 func NewThresholdRule(
 	id string,
 	orgID valuer.UUID,
@@ -748,7 +746,7 @@ func (r *ThresholdRule) Eval(ctx context.Context, ts time.Time) (int, error) {
 			continue
 		}
 
-		if a.State == model.StatePending && ts.Sub(a.ActiveAt) >= r.holdDuration.Duration() {
+		if a.State == model.StatePending && ts.Sub(a.ActiveAt) >= r.holdDuration {
 			r.logger.DebugContext(ctx, "converting pending alert to firing", "name", r.Name())
 			a.State = model.StateFiring
 			a.FiredAt = ts
@@ -814,7 +812,7 @@ func (r *ThresholdRule) String() string {
 	ar := ruletypes.PostableRule{
 		AlertName:         r.name,
 		RuleCondition:     r.ruleCondition,
-		EvalWindow:        r.evalWindow,
+		EvalWindow:        ruletypes.Duration(r.evalWindow),
 		Labels:            r.labels.Map(),
 		Annotations:       r.annotations.Map(),
 		PreferredChannels: r.preferredChannels,

pkg/query-service/rules/threshold_rule_test.go

@@ -36,8 +36,8 @@ func TestThresholdRuleEvalBackwardCompat(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{ruletypes.RollingEvaluation, ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -72,7 +72,7 @@ func TestThresholdRuleEvalBackwardCompat(t *testing.T) {
 			},
 		}
 
-		rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(valuer.MustParseTextDuration("2m")))
+		rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(2*time.Minute))
 		if err != nil {
 			assert.NoError(t, err)
 		}
@@ -152,8 +152,8 @@ func TestPrepareLinksToLogs(t *testing.T) {
 		AlertType: ruletypes.AlertTypeLogs,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{ruletypes.RollingEvaluation, ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -189,7 +189,7 @@ func TestPrepareLinksToLogs(t *testing.T) {
 			},
 		},
 	}
-	rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(valuer.MustParseTextDuration("2m")))
+	rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(2*time.Minute))
 	if err != nil {
 		assert.NoError(t, err)
 	}
@@ -206,8 +206,8 @@ func TestPrepareLinksToLogsV5(t *testing.T) {
 		AlertType: ruletypes.AlertTypeLogs,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{ruletypes.RollingEvaluation, ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -250,7 +250,7 @@ func TestPrepareLinksToLogsV5(t *testing.T) {
 			},
 		},
 	}
-	rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(valuer.MustParseTextDuration("2m")))
+	rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(2*time.Minute))
 	if err != nil {
 		assert.NoError(t, err)
 	}
@@ -267,8 +267,8 @@ func TestPrepareLinksToTracesV5(t *testing.T) {
 		AlertType: ruletypes.AlertTypeTraces,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{ruletypes.RollingEvaluation, ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -311,7 +311,7 @@ func TestPrepareLinksToTracesV5(t *testing.T) {
 			},
 		},
 	}
-	rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(valuer.MustParseTextDuration("2m")))
+	rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(2*time.Minute))
 	if err != nil {
 		assert.NoError(t, err)
 	}
@@ -328,8 +328,8 @@ func TestPrepareLinksToTraces(t *testing.T) {
 		AlertType: ruletypes.AlertTypeTraces,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{ruletypes.RollingEvaluation, ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -365,7 +365,7 @@ func TestPrepareLinksToTraces(t *testing.T) {
 			},
 		},
 	}
-	rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(valuer.MustParseTextDuration("2m")))
+	rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(2*time.Minute))
 	if err != nil {
 		assert.NoError(t, err)
 	}
@@ -382,8 +382,8 @@ func TestThresholdRuleLabelNormalization(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{ruletypes.RollingEvaluation, ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -451,7 +451,7 @@ func TestThresholdRuleLabelNormalization(t *testing.T) {
 			},
 		}
 
-		rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(valuer.MustParseTextDuration("2m")))
+		rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(2*time.Minute))
 		if err != nil {
 			assert.NoError(t, err)
 		}
@@ -490,8 +490,8 @@ func TestThresholdRuleEvalDelay(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -553,8 +553,8 @@ func TestThresholdRuleClickHouseTmpl(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -594,7 +594,7 @@ func TestThresholdRuleClickHouseTmpl(t *testing.T) {
 	logger := instrumentationtest.New().Logger()
 
 	for idx, c := range cases {
-		rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(valuer.MustParseTextDuration("2m")))
+		rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(2*time.Minute))
 		if err != nil {
 			assert.NoError(t, err)
 		}
@@ -615,8 +615,8 @@ func TestThresholdRuleUnitCombinations(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -816,8 +816,8 @@ func TestThresholdRuleNoData(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -927,8 +927,8 @@ func TestThresholdRuleTracesLink(t *testing.T) {
 		AlertType: ruletypes.AlertTypeTraces,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -1052,8 +1052,8 @@ func TestThresholdRuleLogsLink(t *testing.T) {
 		AlertType: ruletypes.AlertTypeLogs,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -1190,8 +1190,8 @@ func TestThresholdRuleShiftBy(t *testing.T) {
 		AlertType: ruletypes.AlertTypeLogs,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			Thresholds: &ruletypes.RuleThresholdData{
@@ -1264,8 +1264,8 @@ func TestMultipleThresholdRule(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -1455,8 +1455,8 @@ func TestThresholdRuleEval_BasicCases(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -1486,8 +1486,8 @@ func TestThresholdRuleEval_MatchPlusCompareOps(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -1523,8 +1523,8 @@ func TestThresholdRuleEval_SendUnmatchedBypassesRecovery(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -1559,7 +1559,7 @@ func TestThresholdRuleEval_SendUnmatchedBypassesRecovery(t *testing.T) {
 	}
 
 	logger := instrumentationtest.New().Logger()
-	rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(valuer.MustParseTextDuration("2m")))
+	rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(2*time.Minute))
 	require.NoError(t, err)
 
 	now := time.Now()
@@ -1611,8 +1611,8 @@ func TestThresholdRuleEval_SendUnmatchedVariants(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -1735,8 +1735,8 @@ func TestThresholdRuleEval_RecoveryNotMetSendUnmatchedFalse(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -1820,7 +1820,7 @@ func runEvalTests(t *testing.T, postableRule ruletypes.PostableRule, testCases [
 				Spec: thresholds,
 			}
 
-			rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(valuer.MustParseTextDuration("2m")))
+			rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(2*time.Minute))
 			if err != nil {
 				assert.NoError(t, err)
 				return
@@ -1927,7 +1927,7 @@ func runMultiThresholdEvalTests(t *testing.T, postableRule ruletypes.PostableRul
 				Spec: thresholds,
 			}
 
-			rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(valuer.MustParseTextDuration("2m")))
+			rule, err := NewThresholdRule("69", valuer.GenerateUUID(), &postableRule, nil, nil, logger, WithEvalDelay(2*time.Minute))
 			if err != nil {
 				assert.NoError(t, err)
 				return
@@ -2035,8 +2035,8 @@ func TestThresholdRuleEval_MultiThreshold(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompositeQuery: &v3.CompositeQuery{
@@ -2066,8 +2066,8 @@ func TestThresholdEval_RequireMinPoints(t *testing.T) {
 		AlertType: ruletypes.AlertTypeMetric,
 		RuleType:  ruletypes.RuleTypeThreshold,
 		Evaluation: &ruletypes.EvaluationEnvelope{Kind: ruletypes.RollingEvaluation, Spec: ruletypes.RollingWindow{
-			EvalWindow: valuer.MustParseTextDuration("5m"),
-			Frequency:  valuer.MustParseTextDuration("1m"),
+			EvalWindow: ruletypes.Duration(5 * time.Minute),
+			Frequency:  ruletypes.Duration(1 * time.Minute),
 		}},
 		RuleCondition: &ruletypes.RuleCondition{
 			CompareOp: ruletypes.ValueIsAbove,

pkg/signoz/handler.go

@@ -1,8 +1,6 @@
 package signoz
 
 import (
-	"github.com/SigNoz/signoz/pkg/authz"
-	"github.com/SigNoz/signoz/pkg/authz/signozauthzapi"
 	"github.com/SigNoz/signoz/pkg/factory"
 	"github.com/SigNoz/signoz/pkg/flagger"
 	"github.com/SigNoz/signoz/pkg/gateway"
@@ -21,6 +19,8 @@ import (
 	"github.com/SigNoz/signoz/pkg/modules/quickfilter/implquickfilter"
 	"github.com/SigNoz/signoz/pkg/modules/rawdataexport"
 	"github.com/SigNoz/signoz/pkg/modules/rawdataexport/implrawdataexport"
+	"github.com/SigNoz/signoz/pkg/modules/role"
+	"github.com/SigNoz/signoz/pkg/modules/role/implrole"
 	"github.com/SigNoz/signoz/pkg/modules/savedview"
 	"github.com/SigNoz/signoz/pkg/modules/savedview/implsavedview"
 	"github.com/SigNoz/signoz/pkg/modules/services"
@@ -46,8 +46,8 @@ type Handlers struct {
 	Global          global.Handler
 	FlaggerHandler  flagger.Handler
 	GatewayHandler  gateway.Handler
+	Role            role.Handler
 	Fields          fields.Handler
-	AuthzHandler    authz.Handler
 }
 
 func NewHandlers(
@@ -59,7 +59,6 @@ func NewHandlers(
 	flaggerService flagger.Flagger,
 	gatewayService gateway.Gateway,
 	telemetryMetadataStore telemetrytypes.MetadataStore,
-	authz authz.AuthZ,
 ) Handlers {
 	return Handlers{
 		SavedView:       implsavedview.NewHandler(modules.SavedView),
@@ -74,7 +73,7 @@ func NewHandlers(
 		Global:          signozglobal.NewHandler(global),
 		FlaggerHandler:  flagger.NewHandler(flaggerService),
 		GatewayHandler:  gateway.NewHandler(gatewayService),
+		Role:            implrole.NewHandler(modules.RoleSetter, modules.RoleGetter),
 		Fields:          implfields.NewHandler(providerSettings, telemetryMetadataStore),
-		AuthzHandler:    signozauthzapi.NewHandler(authz),
 	}
 }

pkg/signoz/handler_test.go

@@ -13,6 +13,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/factory/factorytest"
 	"github.com/SigNoz/signoz/pkg/modules/dashboard/impldashboard"
 	"github.com/SigNoz/signoz/pkg/modules/organization/implorganization"
+	"github.com/SigNoz/signoz/pkg/modules/role/implrole"
 	"github.com/SigNoz/signoz/pkg/queryparser"
 	"github.com/SigNoz/signoz/pkg/sharder"
 	"github.com/SigNoz/signoz/pkg/sharder/noopsharder"
@@ -40,9 +41,13 @@ func TestNewHandlers(t *testing.T) {
 	queryParser := queryparser.New(providerSettings)
 	require.NoError(t, err)
 	dashboardModule := impldashboard.NewModule(impldashboard.NewStore(sqlstore), providerSettings, nil, orgGetter, queryParser)
-	modules := NewModules(sqlstore, tokenizer, emailing, providerSettings, orgGetter, alertmanager, nil, nil, nil, nil, nil, nil, nil, queryParser, Config{}, dashboardModule)
+	roleSetter := implrole.NewSetter(implrole.NewStore(sqlstore), nil)
+	roleGetter := implrole.NewGetter(implrole.NewStore(sqlstore))
+	grantModule := implrole.NewGranter(implrole.NewStore(sqlstore), nil)
+	modules := NewModules(sqlstore, tokenizer, emailing, providerSettings, orgGetter, alertmanager, nil, nil, nil, nil, nil, nil, nil, queryParser, Config{}, dashboardModule, roleSetter, roleGetter, grantModule)
+
+	handlers := NewHandlers(modules, providerSettings, nil, nil, nil, nil, nil, nil)
 
-	handlers := NewHandlers(modules, providerSettings, nil, nil, nil, nil, nil, nil, nil)
 	reflectVal := reflect.ValueOf(handlers)
 	for i := 0; i < reflectVal.NumField(); i++ {
 		f := reflectVal.Field(i)

pkg/signoz/module.go

@@ -25,6 +25,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/modules/quickfilter/implquickfilter"
 	"github.com/SigNoz/signoz/pkg/modules/rawdataexport"
 	"github.com/SigNoz/signoz/pkg/modules/rawdataexport/implrawdataexport"
+	"github.com/SigNoz/signoz/pkg/modules/role"
 	"github.com/SigNoz/signoz/pkg/modules/savedview"
 	"github.com/SigNoz/signoz/pkg/modules/savedview/implsavedview"
 	"github.com/SigNoz/signoz/pkg/modules/services"
@@ -66,6 +67,9 @@ type Modules struct {
 	SpanPercentile  spanpercentile.Module
 	MetricsExplorer metricsexplorer.Module
 	Promote         promote.Module
+	RoleSetter      role.Setter
+	RoleGetter      role.Getter
+	Granter         role.Granter
 }
 
 func NewModules(
@@ -85,10 +89,13 @@ func NewModules(
 	queryParser queryparser.QueryParser,
 	config Config,
 	dashboard dashboard.Module,
+	roleSetter role.Setter,
+	roleGetter role.Getter,
+	granter role.Granter,
 ) Modules {
 	quickfilter := implquickfilter.NewModule(implquickfilter.NewStore(sqlstore))
 	orgSetter := implorganization.NewSetter(implorganization.NewStore(sqlstore), alertmanager, quickfilter)
-	user := impluser.NewModule(impluser.NewStore(sqlstore, providerSettings), tokenizer, emailing, providerSettings, orgSetter, authz, analytics, config.User)
+	user := impluser.NewModule(impluser.NewStore(sqlstore, providerSettings), tokenizer, emailing, providerSettings, orgSetter, granter, analytics, config.User)
 	userGetter := impluser.NewGetter(impluser.NewStore(sqlstore, providerSettings))
 	ruleStore := sqlrulestore.NewRuleStore(sqlstore, queryParser, providerSettings)
 
@@ -110,5 +117,8 @@ func NewModules(
 		Services:        implservices.NewModule(querier, telemetryStore),
 		MetricsExplorer: implmetricsexplorer.NewModule(telemetryStore, telemetryMetadataStore, cache, ruleStore, dashboard, providerSettings, config.MetricsExplorer),
 		Promote:         implpromote.NewModule(telemetryMetadataStore, telemetryStore),
+		RoleSetter:      roleSetter,
+		RoleGetter:      roleGetter,
+		Granter:         granter,
 	}
 }

pkg/signoz/module_test.go

@@ -13,6 +13,7 @@ import (
 	"github.com/SigNoz/signoz/pkg/factory/factorytest"
 	"github.com/SigNoz/signoz/pkg/modules/dashboard/impldashboard"
 	"github.com/SigNoz/signoz/pkg/modules/organization/implorganization"
+	"github.com/SigNoz/signoz/pkg/modules/role/implrole"
 	"github.com/SigNoz/signoz/pkg/queryparser"
 	"github.com/SigNoz/signoz/pkg/sharder"
 	"github.com/SigNoz/signoz/pkg/sharder/noopsharder"
@@ -40,7 +41,10 @@ func TestNewModules(t *testing.T) {
 	queryParser := queryparser.New(providerSettings)
 	require.NoError(t, err)
 	dashboardModule := impldashboard.NewModule(impldashboard.NewStore(sqlstore), providerSettings, nil, orgGetter, queryParser)
-	modules := NewModules(sqlstore, tokenizer, emailing, providerSettings, orgGetter, alertmanager, nil, nil, nil, nil, nil, nil, nil, queryParser, Config{}, dashboardModule)
+	roleSetter := implrole.NewSetter(implrole.NewStore(sqlstore), nil)
+	roleGetter := implrole.NewGetter(implrole.NewStore(sqlstore))
+	grantModule := implrole.NewGranter(implrole.NewStore(sqlstore), nil)
+	modules := NewModules(sqlstore, tokenizer, emailing, providerSettings, orgGetter, alertmanager, nil, nil, nil, nil, nil, nil, nil, queryParser, Config{}, dashboardModule, roleSetter, roleGetter, grantModule)
 
 	reflectVal := reflect.ValueOf(modules)
 	for i := 0; i < reflectVal.NumField(); i++ {

pkg/signoz/openapi.go

@@ -2,6 +2,7 @@ package signoz
 
 import (
 	"context"
+	"net/http"
 	"os"
 	"reflect"
 
@@ -20,9 +21,12 @@ import (
 	"github.com/SigNoz/signoz/pkg/modules/organization"
 	"github.com/SigNoz/signoz/pkg/modules/preference"
 	"github.com/SigNoz/signoz/pkg/modules/promote"
+	"github.com/SigNoz/signoz/pkg/modules/role"
 	"github.com/SigNoz/signoz/pkg/modules/session"
 	"github.com/SigNoz/signoz/pkg/modules/user"
 	"github.com/SigNoz/signoz/pkg/types/ctxtypes"
+	qbtypes "github.com/SigNoz/signoz/pkg/types/querybuildertypes/querybuildertypesv5"
+	"github.com/gorilla/mux"
 	"github.com/swaggest/jsonschema-go"
 	"github.com/swaggest/openapi-go"
 	"github.com/swaggest/openapi-go/openapi3"
@@ -50,13 +54,18 @@ func NewOpenAPI(ctx context.Context, instrumentation instrumentation.Instrumenta
 		struct{ dashboard.Handler }{},
 		struct{ metricsexplorer.Handler }{},
 		struct{ gateway.Handler }{},
+		struct{ role.Getter }{},
+		struct{ role.Handler }{},
 		struct{ fields.Handler }{},
-		struct{ authz.Handler }{},
 	).New(ctx, instrumentation.ToProviderSettings(), apiserver.Config{})
 	if err != nil {
 		return nil, err
 	}
 
+	// Register routes that live outside the APIServer modules
+	// so they are discovered by the OpenAPI walker.
+	registerQueryRoutes(apiserver.Router())
+
 	reflector := openapi3.NewReflector()
 	reflector.JSONSchemaReflector().DefaultOptions = append(reflector.JSONSchemaReflector().DefaultOptions, jsonschema.InterceptDefName(func(t reflect.Type, defaultDefName string) string {
 		if defaultDefName == "RenderSuccessResponse" {
@@ -97,3 +106,25 @@ func (openapi *OpenAPI) CreateAndWrite(path string) error {
 
 	return os.WriteFile(path, spec, 0o600)
 }
+
+func registerQueryRoutes(router *mux.Router) {
+	router.Handle("/api/v5/query_range", handler.New(
+		func(http.ResponseWriter, *http.Request) {},
+		handler.OpenAPIDef{
+			ID:                  "QueryRangeV5",
+			Tags:                []string{"query"},
+			Summary:             "Query range",
+			Description:         "Execute a composite query over a time range. Supports builder queries (traces, logs, metrics), formulas, trace operators, PromQL, and ClickHouse SQL.",
+			Request:             new(qbtypes.QueryRangeRequest),
+			RequestContentType:  "application/json",
+			Response:            new(qbtypes.QueryRangeResponse),
+			ResponseContentType: "application/json",
+			SuccessStatusCode:   http.StatusOK,
+			ErrorStatusCodes:    []int{http.StatusBadRequest},
+			SecuritySchemes: []handler.OpenAPISecurityScheme{
+				{Name: ctxtypes.AuthTypeAPIKey.StringValue(), Scopes: []string{"VIEWER"}},
+				{Name: ctxtypes.AuthTypeTokenizer.StringValue(), Scopes: []string{"VIEWER"}},
+			},
+		},
+	)).Methods(http.MethodPost)
+}

pkg/signoz/provider.go

@@ -166,7 +166,6 @@ func NewSQLMigrationProviderFactories(
 		sqlmigration.NewAddAuthzIndexFactory(sqlstore, sqlschema),
 		sqlmigration.NewMigrateRbacToAuthzFactory(sqlstore),
 		sqlmigration.NewMigratePublicDashboardsFactory(sqlstore),
-		sqlmigration.NewAddAnonymousPublicDashboardTransactionFactory(sqlstore),
 	)
 }
 
@@ -248,8 +247,9 @@ func NewAPIServerProviderFactories(orgGetter organization.Getter, authz authz.Au
 			handlers.Dashboard,
 			handlers.MetricsExplorer,
 			handlers.GatewayHandler,
+			modules.RoleGetter,
+			handlers.Role,
 			handlers.Fields,
-			handlers.AuthzHandler,
 		),
 	)
 }

pkg/signoz/signoz.go

@@ -21,6 +21,8 @@ import (
 	"github.com/SigNoz/signoz/pkg/modules/dashboard"
 	"github.com/SigNoz/signoz/pkg/modules/organization"
 	"github.com/SigNoz/signoz/pkg/modules/organization/implorganization"
+	"github.com/SigNoz/signoz/pkg/modules/role"
+	"github.com/SigNoz/signoz/pkg/modules/role/implrole"
 	"github.com/SigNoz/signoz/pkg/modules/user/impluser"
 	"github.com/SigNoz/signoz/pkg/prometheus"
 	"github.com/SigNoz/signoz/pkg/querier"
@@ -87,9 +89,10 @@ func New(
 	sqlstoreProviderFactories factory.NamedMap[factory.ProviderFactory[sqlstore.SQLStore, sqlstore.Config]],
 	telemetrystoreProviderFactories factory.NamedMap[factory.ProviderFactory[telemetrystore.TelemetryStore, telemetrystore.Config]],
 	authNsCallback func(ctx context.Context, providerSettings factory.ProviderSettings, store authtypes.AuthNStore, licensing licensing.Licensing) (map[authtypes.AuthNProvider]authn.AuthN, error),
-	authzCallback func(context.Context, sqlstore.SQLStore, licensing.Licensing, dashboard.Module) factory.ProviderFactory[authz.AuthZ, authz.Config],
-	dashboardModuleCallback func(sqlstore.SQLStore, factory.ProviderSettings, analytics.Analytics, organization.Getter, queryparser.QueryParser, querier.Querier, licensing.Licensing) dashboard.Module,
+	authzCallback func(context.Context, sqlstore.SQLStore) factory.ProviderFactory[authz.AuthZ, authz.Config],
+	dashboardModuleCallback func(sqlstore.SQLStore, factory.ProviderSettings, analytics.Analytics, organization.Getter, role.Setter, role.Granter, queryparser.QueryParser, querier.Querier, licensing.Licensing) dashboard.Module,
 	gatewayProviderFactory func(licensing.Licensing) factory.ProviderFactory[gateway.Gateway, gateway.Config],
+	roleSetterCallback func(sqlstore.SQLStore, authz.AuthZ, licensing.Licensing, []role.RegisterTypeable) role.Setter,
 ) (*SigNoz, error) {
 	// Initialize instrumentation
 	instrumentation, err := instrumentation.New(ctx, config.Instrumentation, version.Info, "signoz")
@@ -281,24 +284,11 @@ func New(
 	// Initialize user getter
 	userGetter := impluser.NewGetter(impluser.NewStore(sqlstore, providerSettings))
 
-	licensingProviderFactory := licenseProviderFactory(sqlstore, zeus, orgGetter, analytics)
-	licensing, err := licensingProviderFactory.New(
-		ctx,
-		providerSettings,
-		licenseConfig,
-	)
-	if err != nil {
-		return nil, err
-	}
-
-	// Initialize query parser (needed for dashboard module)
-	queryParser := queryparser.New(providerSettings)
-
-	// Initialize dashboard module (needed for authz registry)
-	dashboard := dashboardModuleCallback(sqlstore, providerSettings, analytics, orgGetter, queryParser, querier, licensing)
+	// Initialize the role getter
+	roleGetter := implrole.NewGetter(implrole.NewStore(sqlstore))
 
 	// Initialize authz
-	authzProviderFactory := authzCallback(ctx, sqlstore, licensing, dashboard)
+	authzProviderFactory := authzCallback(ctx, sqlstore)
 	authz, err := authzProviderFactory.New(ctx, providerSettings, authz.Config{})
 	if err != nil {
 		return nil, err
@@ -328,6 +318,9 @@ func New(
 		return nil, err
 	}
 
+	// Initialize query parser
+	queryParser := queryparser.New(providerSettings)
+
 	// Initialize ruler from the available ruler provider factories
 	ruler, err := factory.NewProviderFromNamedMap(
 		ctx,
@@ -340,6 +333,16 @@ func New(
 		return nil, err
 	}
 
+	licensingProviderFactory := licenseProviderFactory(sqlstore, zeus, orgGetter, analytics)
+	licensing, err := licensingProviderFactory.New(
+		ctx,
+		providerSettings,
+		licenseConfig,
+	)
+	if err != nil {
+		return nil, err
+	}
+
 	gatewayFactory := gatewayProviderFactory(licensing)
 	gateway, err := gatewayFactory.New(ctx, providerSettings, config.Gateway)
 	if err != nil {
@@ -387,10 +390,13 @@ func New(
 	}
 
 	// Initialize all modules
-	modules := NewModules(sqlstore, tokenizer, emailing, providerSettings, orgGetter, alertmanager, analytics, querier, telemetrystore, telemetryMetadataStore, authNs, authz, cache, queryParser, config, dashboard)
+	roleSetter := roleSetterCallback(sqlstore, authz, licensing, nil)
+	granter := implrole.NewGranter(implrole.NewStore(sqlstore), authz)
+	dashboard := dashboardModuleCallback(sqlstore, providerSettings, analytics, orgGetter, roleSetter, granter, queryParser, querier, licensing)
+	modules := NewModules(sqlstore, tokenizer, emailing, providerSettings, orgGetter, alertmanager, analytics, querier, telemetrystore, telemetryMetadataStore, authNs, authz, cache, queryParser, config, dashboard, roleSetter, roleGetter, granter)
 
 	// Initialize all handlers for the modules
-	handlers := NewHandlers(modules, providerSettings, querier, licensing, global, flagger, gateway, telemetryMetadataStore, authz)
+	handlers := NewHandlers(modules, providerSettings, querier, licensing, global, flagger, gateway, telemetryMetadataStore)
 
 	// Initialize the API server
 	apiserver, err := factory.NewProviderFromNamedMap(

pkg/sqlmigration/063_add_public_dashboard_txn.go

@@ -1,154 +0,0 @@
-package sqlmigration
-
-import (
-	"context"
-	"time"
-
-	"github.com/SigNoz/signoz/pkg/factory"
-	"github.com/SigNoz/signoz/pkg/sqlstore"
-	"github.com/SigNoz/signoz/pkg/types/roletypes"
-	"github.com/oklog/ulid/v2"
-	"github.com/uptrace/bun"
-	"github.com/uptrace/bun/dialect"
-	"github.com/uptrace/bun/migrate"
-)
-
-type addAnonymousPublicDashboardTransaction struct {
-	sqlstore sqlstore.SQLStore
-}
-
-func NewAddAnonymousPublicDashboardTransactionFactory(sqlstore sqlstore.SQLStore) factory.ProviderFactory[SQLMigration, Config] {
-	return factory.NewProviderFactory(factory.MustNewName("add_public_dashboard_txn"), func(ctx context.Context, ps factory.ProviderSettings, c Config) (SQLMigration, error) {
-		return newAddAnonymousPublicDashboardTransaction(ctx, ps, c, sqlstore)
-	})
-}
-
-func newAddAnonymousPublicDashboardTransaction(_ context.Context, _ factory.ProviderSettings, _ Config, sqlstore sqlstore.SQLStore) (SQLMigration, error) {
-	return &addAnonymousPublicDashboardTransaction{
-		sqlstore: sqlstore,
-	}, nil
-}
-
-func (migration *addAnonymousPublicDashboardTransaction) Register(migrations *migrate.Migrations) error {
-	if err := migrations.Register(migration.Up, migration.Down); err != nil {
-		return err
-	}
-
-	return nil
-}
-
-func (migration *addAnonymousPublicDashboardTransaction) Up(ctx context.Context, db *bun.DB) error {
-	tx, err := db.BeginTx(ctx, nil)
-	if err != nil {
-		return err
-	}
-
-	defer func() {
-		_ = tx.Rollback()
-	}()
-
-	var storeID string
-	err = tx.QueryRowContext(ctx, `SELECT id FROM store WHERE name = ? LIMIT 1`, "signoz").Scan(&storeID)
-	if err != nil {
-		return err
-	}
-
-	// fetch all the orgs for which we need to insert the anonymous public dashboard transaction tuple.
-	orgIDs := []string{}
-	rows, err := tx.QueryContext(ctx, `SELECT id FROM organizations`)
-	if err != nil {
-		return err
-	}
-	defer rows.Close()
-
-	for rows.Next() {
-		var orgID string
-		if err := rows.Scan(&orgID); err != nil {
-			return err
-		}
-		orgIDs = append(orgIDs, orgID)
-	}
-
-	for _, orgID := range orgIDs {
-		// based on openfga tuple and changelog id's are same for writes.
-		// ref: https://github.com/openfga/openfga/blob/main/pkg/storage/sqlite/sqlite.go#L467
-		entropy := ulid.DefaultEntropy()
-		now := time.Now().UTC()
-		tupleID := ulid.MustNew(ulid.Timestamp(now), entropy).String()
-
-		// Add wildcard (*) transaction for signoz-anonymous role to read all public-dashboards
-		// This grants the signoz-anonymous role read access to all public dashboards in the organization
-		if migration.sqlstore.BunDB().Dialect().Name() == dialect.PG {
-			result, err := tx.ExecContext(ctx, `
-			INSERT INTO tuple (store, object_type, object_id, relation, _user, user_type, ulid, inserted_at)
-			VALUES (?, ?, ?, ?, ?, ?, ?, ?)
-			ON CONFLICT (store, object_type, object_id, relation, _user) DO NOTHING`,
-				storeID, "metaresource", "organization/"+orgID+"/public-dashboard/*", "read", "role:organization/"+orgID+"/role/"+roletypes.SigNozAnonymousRoleName+"#assignee", "userset", tupleID, now,
-			)
-			if err != nil {
-				return err
-			}
-
-			rowsAffected, err := result.RowsAffected()
-			if err != nil {
-				return err
-			}
-
-			if rowsAffected == 0 {
-				continue
-			}
-
-			_, err = tx.ExecContext(ctx, `
-			INSERT INTO changelog (store, object_type, object_id, relation, _user, operation, ulid, inserted_at)
-			VALUES (?, ?, ?, ?, ?, ?, ?, ?)
-			ON CONFLICT (store, ulid, object_type) DO NOTHING`,
-				storeID, "metaresource", "organization/"+orgID+"/public-dashboard/*", "read", "role:organization/"+orgID+"/role/"+roletypes.SigNozAnonymousRoleName+"#assignee", "TUPLE_OPERATION_WRITE", tupleID, now,
-			)
-			if err != nil {
-				return err
-			}
-
-		} else {
-			result, err := tx.ExecContext(ctx, `
-			INSERT INTO tuple (store, object_type, object_id, relation, user_object_type, user_object_id, user_relation, user_type, ulid, inserted_at)
-			VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
-			ON CONFLICT (store, object_type, object_id, relation, user_object_type, user_object_id, user_relation) DO NOTHING`,
-				storeID, "metaresource", "organization/"+orgID+"/public-dashboard/*", "read", "role", "organization/"+orgID+"/role/"+roletypes.SigNozAnonymousRoleName, "assignee", "userset", tupleID, now,
-			)
-			if err != nil {
-				return err
-			}
-
-			rowsAffected, err := result.RowsAffected()
-			if err != nil {
-				return err
-			}
-
-			if rowsAffected == 0 {
-				continue
-			}
-
-			_, err = tx.ExecContext(ctx, `
-			INSERT INTO changelog (store, object_type, object_id, relation, user_object_type, user_object_id, user_relation, operation, ulid, inserted_at)
-			VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
-			ON CONFLICT (store, ulid, object_type) DO NOTHING`,
-				storeID, "metaresource", "organization/"+orgID+"/public-dashboard/*", "read", "role", "organization/"+orgID+"/role/"+roletypes.SigNozAnonymousRoleName, "assignee", 0, tupleID, now,
-			)
-			if err != nil {
-				return err
-			}
-		}
-
-	}
-
-	err = tx.Commit()
-	if err != nil {
-		return err
-	}
-
-	return nil
-}
-
-func (migration *addAnonymousPublicDashboardTransaction) Down(context.Context, *bun.DB) error {
-	return nil
-}

pkg/types/authtypes/selector.go

@@ -20,19 +20,15 @@ var (
 )
 
 var (
-	typeUserSelectorRegex         = regexp.MustCompile(`^(^[0-9a-f]{8}(?:\-[0-9a-f]{4}){3}-[0-9a-f]{12}$|\*)$`)
-	typeRoleSelectorRegex         = regexp.MustCompile(`^([a-z-]{1,50}|\*)$`)
+	typeUserSelectorRegex         = regexp.MustCompile(`^[0-9a-f]{8}(?:\-[0-9a-f]{4}){3}-[0-9a-f]{12}$`)
+	typeRoleSelectorRegex         = regexp.MustCompile(`^[a-z-]{1,50}$`)
 	typeAnonymousSelectorRegex    = regexp.MustCompile(`^\*$`)
-	typeOrganizationSelectorRegex = regexp.MustCompile(`^(^[0-9a-f]{8}(?:\-[0-9a-f]{4}){3}-[0-9a-f]{12}$|\*)$`)
+	typeOrganizationSelectorRegex = regexp.MustCompile(`^[0-9a-f]{8}(?:\-[0-9a-f]{4}){3}-[0-9a-f]{12}$`)
 	typeMetaResourceSelectorRegex = regexp.MustCompile(`^(^[0-9a-f]{8}(?:\-[0-9a-f]{4}){3}-[0-9a-f]{12}$|\*)$`)
-	// metaresources selectors are used to select either all or none until we introduce some hierarchy here.
+	// metaresources selectors are used to select either all or none
 	typeMetaResourcesSelectorRegex = regexp.MustCompile(`^\*$`)
 )
 
-var (
-	WildCardSelectorString = "*"
-)
-
 type SelectorCallbackWithClaimsFn func(*http.Request, Claims) ([]Selector, error)
 type SelectorCallbackWithoutClaimsFn func(*http.Request, []*types.Organization) ([]Selector, valuer.UUID, error)
 

pkg/types/authtypes/typeable_metaresource.go

@@ -24,10 +24,9 @@ func MustNewTypeableMetaResource(name Name) Typeable {
 	return typeableesource
 }
 
-func (typeableMetaResource *typeableMetaResource) Tuples(subject string, relation Relation, selectors []Selector, orgID valuer.UUID) ([]*openfgav1.TupleKey, error) {
+func (typeableMetaResource *typeableMetaResource) Tuples(subject string, relation Relation, selector []Selector, orgID valuer.UUID) ([]*openfgav1.TupleKey, error) {
 	tuples := make([]*openfgav1.TupleKey, 0)
-
-	for _, selector := range selectors {
+	for _, selector := range selector {
 		object := typeableMetaResource.Prefix(orgID) + "/" + selector.String()
 		tuples = append(tuples, &openfgav1.TupleKey{User: subject, Relation: relation.StringValue(), Object: object})
 	}

pkg/types/authtypes/typeable_metaresources.go

@@ -24,10 +24,9 @@ func MustNewTypeableMetaResources(name Name) Typeable {
 	return resources
 }
 
-func (typeableResources *typeableMetaResources) Tuples(subject string, relation Relation, selectors []Selector, orgID valuer.UUID) ([]*openfgav1.TupleKey, error) {
+func (typeableResources *typeableMetaResources) Tuples(subject string, relation Relation, selector []Selector, orgID valuer.UUID) ([]*openfgav1.TupleKey, error) {
 	tuples := make([]*openfgav1.TupleKey, 0)
-
-	for _, selector := range selectors {
+	for _, selector := range selector {
 		object := typeableResources.Prefix(orgID) + "/" + selector.String()
 		tuples = append(tuples, &openfgav1.TupleKey{User: subject, Relation: relation.StringValue(), Object: object})
 	}

pkg/types/authtypes/typeable_organization.go

@@ -11,10 +11,9 @@ var _ Typeable = new(typeableOrganization)
 
 type typeableOrganization struct{}
 
-func (typeableOrganization *typeableOrganization) Tuples(subject string, relation Relation, selectors []Selector, _ valuer.UUID) ([]*openfgav1.TupleKey, error) {
+func (typeableOrganization *typeableOrganization) Tuples(subject string, relation Relation, selector []Selector, _ valuer.UUID) ([]*openfgav1.TupleKey, error) {
 	tuples := make([]*openfgav1.TupleKey, 0)
-
-	for _, selector := range selectors {
+	for _, selector := range selector {
 		object := strings.Join([]string{typeableOrganization.Type().StringValue(), selector.String()}, ":")
 		tuples = append(tuples, &openfgav1.TupleKey{User: subject, Relation: relation.StringValue(), Object: object})
 	}

pkg/types/authtypes/typeable_role.go

@@ -9,10 +9,9 @@ var _ Typeable = new(typeableRole)
 
 type typeableRole struct{}
 
-func (typeableRole *typeableRole) Tuples(subject string, relation Relation, selectors []Selector, orgID valuer.UUID) ([]*openfgav1.TupleKey, error) {
+func (typeableRole *typeableRole) Tuples(subject string, relation Relation, selector []Selector, orgID valuer.UUID) ([]*openfgav1.TupleKey, error) {
 	tuples := make([]*openfgav1.TupleKey, 0)
-
-	for _, selector := range selectors {
+	for _, selector := range selector {
 		object := typeableRole.Prefix(orgID) + "/" + selector.String()
 		tuples = append(tuples, &openfgav1.TupleKey{User: subject, Relation: relation.StringValue(), Object: object})
 	}

pkg/types/authtypes/typeable_user.go

@@ -9,10 +9,9 @@ var _ Typeable = new(typeableUser)
 
 type typeableUser struct{}
 
-func (typeableUser *typeableUser) Tuples(subject string, relation Relation, selectors []Selector, orgID valuer.UUID) ([]*openfgav1.TupleKey, error) {
+func (typeableUser *typeableUser) Tuples(subject string, relation Relation, selector []Selector, orgID valuer.UUID) ([]*openfgav1.TupleKey, error) {
 	tuples := make([]*openfgav1.TupleKey, 0)
-
-	for _, selector := range selectors {
+	for _, selector := range selector {
 		object := typeableUser.Prefix(orgID) + "/" + selector.String()
 		tuples = append(tuples, &openfgav1.TupleKey{User: subject, Relation: relation.StringValue(), Object: object})
 	}

pkg/types/querybuildertypes/querybuildertypesv5/openapi.go

@@ -0,0 +1,707 @@
+package querybuildertypesv5
+
+import (
+	"github.com/swaggest/jsonschema-go"
+)
+
+// Enum returns the acceptable values for QueryType.
+func (QueryType) Enum() []any {
+	return []any{
+		QueryTypeBuilder,
+		QueryTypeFormula,
+		// Not yet supported.
+		// QueryTypeSubQuery,
+		// QueryTypeJoin,
+		QueryTypeTraceOperator,
+		QueryTypeClickHouseSQL,
+		QueryTypePromQL,
+	}
+}
+
+// Enum returns the acceptable values for RequestType.
+func (RequestType) Enum() []any {
+	return []any{
+		RequestTypeScalar,
+		RequestTypeTimeSeries,
+		RequestTypeRaw,
+		RequestTypeRawStream,
+		RequestTypeTrace,
+		// RequestTypeDistribution,
+	}
+}
+
+// Enum returns the acceptable values for FunctionName.
+func (FunctionName) Enum() []any {
+	return []any{
+		FunctionNameCutOffMin,
+		FunctionNameCutOffMax,
+		FunctionNameClampMin,
+		FunctionNameClampMax,
+		FunctionNameAbsolute,
+		FunctionNameRunningDiff,
+		FunctionNameLog2,
+		FunctionNameLog10,
+		FunctionNameCumulativeSum,
+		FunctionNameEWMA3,
+		FunctionNameEWMA5,
+		FunctionNameEWMA7,
+		FunctionNameMedian3,
+		FunctionNameMedian5,
+		FunctionNameMedian7,
+		FunctionNameTimeShift,
+		FunctionNameAnomaly,
+		FunctionNameFillZero,
+	}
+}
+
+// Enum returns the acceptable values for OrderDirection.
+func (OrderDirection) Enum() []any {
+	return []any{
+		OrderDirectionAsc,
+		OrderDirectionDesc,
+	}
+}
+
+// Enum returns the acceptable values for ReduceTo.
+func (ReduceTo) Enum() []any {
+	return []any{
+		ReduceToSum,
+		ReduceToCount,
+		ReduceToAvg,
+		ReduceToMin,
+		ReduceToMax,
+		ReduceToLast,
+		ReduceToMedian,
+	}
+}
+
+// Enum returns the acceptable values for VariableType.
+func (VariableType) Enum() []any {
+	return []any{
+		QueryVariableType,
+		DynamicVariableType,
+		CustomVariableType,
+		TextBoxVariableType,
+	}
+}
+
+// Enum returns the acceptable values for JoinType.
+func (JoinType) Enum() []any {
+	return []any{
+		JoinTypeInner,
+		JoinTypeLeft,
+		JoinTypeRight,
+		JoinTypeFull,
+		JoinTypeCross,
+	}
+}
+
+// Enum returns the acceptable values for ColumnType.
+func (ColumnType) Enum() []any {
+	return []any{
+		ColumnTypeGroup,
+		ColumnTypeAggregation,
+	}
+}
+
+// queryEnvelopeBuilderTrace is the OpenAPI schema for a QueryEnvelope with type=builder_query and signal=traces.
+type queryEnvelopeBuilderTrace struct {
+	Type QueryType                           `json:"type" description:"The type of the query."`
+	Spec QueryBuilderQuery[TraceAggregation] `json:"spec" description:"The trace builder query specification."`
+}
+
+// queryEnvelopeBuilderLog is the OpenAPI schema for a QueryEnvelope with type=builder_query and signal=logs.
+type queryEnvelopeBuilderLog struct {
+	Type QueryType                         `json:"type" description:"The type of the query."`
+	Spec QueryBuilderQuery[LogAggregation] `json:"spec" description:"The log builder query specification."`
+}
+
+// queryEnvelopeBuilderMetric is the OpenAPI schema for a QueryEnvelope with type=builder_query and signal=metrics.
+type queryEnvelopeBuilderMetric struct {
+	Type QueryType                            `json:"type" description:"The type of the query."`
+	Spec QueryBuilderQuery[MetricAggregation] `json:"spec" description:"The metric builder query specification."`
+}
+
+// queryEnvelopeFormula is the OpenAPI schema for a QueryEnvelope with type=builder_formula.
+type queryEnvelopeFormula struct {
+	Type QueryType           `json:"type" description:"The type of the query."`
+	Spec QueryBuilderFormula `json:"spec" description:"The formula specification."`
+}
+
+// queryEnvelopeJoin is the OpenAPI schema for a QueryEnvelope with type=builder_join.
+// type queryEnvelopeJoin struct {
+// 	Type QueryType        `json:"type" description:"The type of the query."`
+// 	Spec QueryBuilderJoin `json:"spec" description:"The join specification."`
+// }
+
+// queryEnvelopeTraceOperator is the OpenAPI schema for a QueryEnvelope with type=builder_trace_operator.
+type queryEnvelopeTraceOperator struct {
+	Type QueryType                 `json:"type" description:"The type of the query."`
+	Spec QueryBuilderTraceOperator `json:"spec" description:"The trace operator specification."`
+}
+
+// queryEnvelopePromQL is the OpenAPI schema for a QueryEnvelope with type=promql.
+type queryEnvelopePromQL struct {
+	Type QueryType `json:"type" description:"The type of the query."`
+	Spec PromQuery `json:"spec" description:"The PromQL query specification."`
+}
+
+// queryEnvelopeClickHouseSQL is the OpenAPI schema for a QueryEnvelope with type=clickhouse_sql.
+type queryEnvelopeClickHouseSQL struct {
+	Type QueryType       `json:"type" description:"The type of the query."`
+	Spec ClickHouseQuery `json:"spec" description:"The ClickHouse SQL query specification."`
+}
+
+var _ jsonschema.OneOfExposer = QueryEnvelope{}
+
+// JSONSchemaOneOf returns the oneOf variants for the QueryEnvelope discriminated union.
+// Each variant represents a different query type with its corresponding spec schema.
+func (QueryEnvelope) JSONSchemaOneOf() []any {
+	return []any{
+		queryEnvelopeBuilderTrace{},
+		queryEnvelopeBuilderLog{},
+		queryEnvelopeBuilderMetric{},
+		queryEnvelopeFormula{},
+		// queryEnvelopeJoin{},
+		queryEnvelopeTraceOperator{},
+		queryEnvelopePromQL{},
+		queryEnvelopeClickHouseSQL{},
+	}
+}
+
+var _ jsonschema.Exposer = Step{}
+
+// JSONSchema returns a custom schema for Step that accepts either a duration string or a number (seconds).
+func (Step) JSONSchema() (jsonschema.Schema, error) {
+	s := jsonschema.Schema{}
+	s.WithDescription("Step interval. Accepts a Go duration string (e.g., \"60s\", \"1m\", \"1h\") or a number representing seconds (e.g., 60).")
+
+	strSchema := jsonschema.Schema{}
+	strSchema.WithType(jsonschema.String.Type())
+	strSchema.WithExamples("60s", "5m", "1h")
+	strSchema.WithDescription("Duration string (e.g., \"60s\", \"5m\", \"1h\").")
+
+	numSchema := jsonschema.Schema{}
+	numSchema.WithType(jsonschema.Number.Type())
+	numSchema.WithExamples(60, 300, 3600)
+	numSchema.WithDescription("Duration in seconds.")
+
+	s.OneOf = []jsonschema.SchemaOrBool{
+		strSchema.ToSchemaOrBool(),
+		numSchema.ToSchemaOrBool(),
+	}
+	return s, nil
+}
+
+var _ jsonschema.OneOfExposer = QueryData{}
+
+// JSONSchemaOneOf documents the polymorphic result types in QueryData.Results.
+func (QueryData) JSONSchemaOneOf() []any {
+	return []any{
+		TimeSeriesData{},
+		ScalarData{},
+		RawData{},
+	}
+}
+
+var _ jsonschema.Preparer = &QueryRangeRequest{}
+
+// PrepareJSONSchema adds examples and description to the QueryRangeRequest schema.
+func (q *QueryRangeRequest) PrepareJSONSchema(schema *jsonschema.Schema) error {
+	schema.WithDescription("Request body for the v5 query range endpoint. Supports builder queries (traces, logs, metrics), formulas, joins, trace operators, PromQL, and ClickHouse SQL queries.")
+	schema.WithExamples(
+		// 1. time_series + traces builder: count spans grouped by service, ordered by count
+		map[string]any{
+			"schemaVersion": "v1",
+			"start":         1640995200000,
+			"end":           1640998800000,
+			"requestType":   "time_series",
+			"compositeQuery": map[string]any{
+				"queries": []any{
+					map[string]any{
+						"type": "builder_query",
+						"spec": map[string]any{
+							"name":   "A",
+							"signal": "traces",
+							"aggregations": []any{
+								map[string]any{
+									"expression": "count()",
+									"alias":      "span_count",
+								},
+							},
+							"stepInterval": "60s",
+							"filter": map[string]any{
+								"expression": "service.name = 'frontend'",
+							},
+							"groupBy": []any{
+								map[string]any{
+									"name":         "service.name",
+									"fieldContext": "resource",
+								},
+							},
+							"order": []any{
+								map[string]any{
+									"key":       map[string]any{"name": "span_count"},
+									"direction": "desc",
+								},
+							},
+							"limit": 10,
+						},
+					},
+				},
+			},
+		},
+		// 2. time_series + logs builder: count logs grouped by service
+		map[string]any{
+			"schemaVersion": "v1",
+			"start":         1640995200000,
+			"end":           1640998800000,
+			"requestType":   "time_series",
+			"compositeQuery": map[string]any{
+				"queries": []any{
+					map[string]any{
+						"type": "builder_query",
+						"spec": map[string]any{
+							"name":   "A",
+							"signal": "logs",
+							"aggregations": []any{
+								map[string]any{
+									"expression": "count()",
+									"alias":      "log_count",
+								},
+							},
+							"stepInterval": "60s",
+							"filter": map[string]any{
+								"expression": "severity_text = 'ERROR'",
+							},
+							"groupBy": []any{
+								map[string]any{
+									"name":         "service.name",
+									"fieldContext": "resource",
+								},
+							},
+							"order": []any{
+								map[string]any{
+									"key":       map[string]any{"name": "log_count"},
+									"direction": "desc",
+								},
+							},
+							"limit": 10,
+						},
+					},
+				},
+			},
+		},
+		// 3. time_series + metrics builder (Gauge): latest value averaged across series
+		map[string]any{
+			"schemaVersion": "v1",
+			"start":         1640995200000,
+			"end":           1640998800000,
+			"requestType":   "time_series",
+			"compositeQuery": map[string]any{
+				"queries": []any{
+					map[string]any{
+						"type": "builder_query",
+						"spec": map[string]any{
+							"name":   "A",
+							"signal": "metrics",
+							"aggregations": []any{
+								map[string]any{
+									"metricName":       "system.cpu.utilization",
+									"timeAggregation":  "latest",
+									"spaceAggregation": "avg",
+								},
+							},
+							"stepInterval": "60s",
+							"groupBy": []any{
+								map[string]any{
+									"name":         "host.name",
+									"fieldContext": "resource",
+								},
+							},
+						},
+					},
+				},
+			},
+		},
+		// 4. time_series + metrics builder (Sum): rate of cumulative counter
+		map[string]any{
+			"schemaVersion": "v1",
+			"start":         1640995200000,
+			"end":           1640998800000,
+			"requestType":   "time_series",
+			"compositeQuery": map[string]any{
+				"queries": []any{
+					map[string]any{
+						"type": "builder_query",
+						"spec": map[string]any{
+							"name":   "A",
+							"signal": "metrics",
+							"aggregations": []any{
+								map[string]any{
+									"metricName":       "http.server.duration.count",
+									"timeAggregation":  "rate",
+									"spaceAggregation": "sum",
+								},
+							},
+							"stepInterval": 120,
+							"groupBy": []any{
+								map[string]any{
+									"name":         "service.name",
+									"fieldContext": "resource",
+								},
+							},
+						},
+					},
+				},
+			},
+		},
+		// 5. time_series + metrics builder (Histogram): p99 latency
+		map[string]any{
+			"schemaVersion": "v1",
+			"start":         1640995200000,
+			"end":           1640998800000,
+			"requestType":   "time_series",
+			"compositeQuery": map[string]any{
+				"queries": []any{
+					map[string]any{
+						"type": "builder_query",
+						"spec": map[string]any{
+							"name":   "A",
+							"signal": "metrics",
+							"aggregations": []any{
+								map[string]any{
+									"metricName":       "http.server.duration.bucket",
+									"spaceAggregation": "p99",
+								},
+							},
+							"stepInterval": "60s",
+							"groupBy": []any{
+								map[string]any{
+									"name":         "service.name",
+									"fieldContext": "resource",
+								},
+							},
+						},
+					},
+				},
+			},
+		},
+		// 6. raw + logs builder: fetch raw log records
+		map[string]any{
+			"schemaVersion": "v1",
+			"start":         1640995200000,
+			"end":           1640998800000,
+			"requestType":   "raw",
+			"compositeQuery": map[string]any{
+				"queries": []any{
+					map[string]any{
+						"type": "builder_query",
+						"spec": map[string]any{
+							"name":   "A",
+							"signal": "logs",
+							"filter": map[string]any{
+								"expression": "severity_text = 'ERROR'",
+							},
+							"selectFields": []any{
+								map[string]any{
+									"name":         "body",
+									"fieldContext": "log",
+								},
+								map[string]any{
+									"name":         "service.name",
+									"fieldContext": "resource",
+								},
+							},
+							"order": []any{
+								map[string]any{
+									"key":       map[string]any{"name": "timestamp", "fieldContext": "log"},
+									"direction": "desc",
+								},
+								map[string]any{
+									"key":       map[string]any{"name": "id"},
+									"direction": "desc",
+								},
+							},
+							"limit":  50,
+							"offset": 0,
+						},
+					},
+				},
+			},
+		},
+		// 7. raw + traces builder: fetch raw span records
+		map[string]any{
+			"schemaVersion": "v1",
+			"start":         1640995200000,
+			"end":           1640998800000,
+			"requestType":   "raw",
+			"compositeQuery": map[string]any{
+				"queries": []any{
+					map[string]any{
+						"type": "builder_query",
+						"spec": map[string]any{
+							"name":   "A",
+							"signal": "traces",
+							"filter": map[string]any{
+								"expression": "service.name = 'frontend' AND has_error = true",
+							},
+							"selectFields": []any{
+								map[string]any{
+									"name":         "name",
+									"fieldContext": "span",
+								},
+								map[string]any{
+									"name":         "duration_nano",
+									"fieldContext": "span",
+								},
+							},
+							"order": []any{
+								map[string]any{
+									"key":       map[string]any{"name": "timestamp", "fieldContext": "span"},
+									"direction": "desc",
+								},
+							},
+							"limit": 100,
+						},
+					},
+				},
+			},
+		},
+		// 8. scalar + traces builder: total span count as a single value
+		map[string]any{
+			"schemaVersion": "v1",
+			"start":         1640995200000,
+			"end":           1640998800000,
+			"requestType":   "scalar",
+			"compositeQuery": map[string]any{
+				"queries": []any{
+					map[string]any{
+						"type": "builder_query",
+						"spec": map[string]any{
+							"name":   "A",
+							"signal": "traces",
+							"aggregations": []any{
+								map[string]any{
+									"expression": "count()",
+									"alias":      "span_count",
+								},
+							},
+							"filter": map[string]any{
+								"expression": "service.name = 'frontend'",
+							},
+						},
+					},
+				},
+			},
+		},
+		// 9. scalar + logs builder: total error log count as a single value
+		map[string]any{
+			"schemaVersion": "v1",
+			"start":         1640995200000,
+			"end":           1640998800000,
+			"requestType":   "scalar",
+			"compositeQuery": map[string]any{
+				"queries": []any{
+					map[string]any{
+						"type": "builder_query",
+						"spec": map[string]any{
+							"name":   "A",
+							"signal": "logs",
+							"aggregations": []any{
+								map[string]any{
+									"expression": "count()",
+									"alias":      "error_count",
+								},
+							},
+							"filter": map[string]any{
+								"expression": "severity_text = 'ERROR'",
+							},
+						},
+					},
+				},
+			},
+		},
+		// 10. scalar + metrics builder: single reduced value with reduceTo
+		map[string]any{
+			"schemaVersion": "v1",
+			"start":         1640995200000,
+			"end":           1640998800000,
+			"requestType":   "scalar",
+			"compositeQuery": map[string]any{
+				"queries": []any{
+					map[string]any{
+						"type": "builder_query",
+						"spec": map[string]any{
+							"name":   "A",
+							"signal": "metrics",
+							"aggregations": []any{
+								map[string]any{
+									"metricName":       "http.server.duration.count",
+									"timeAggregation":  "rate",
+									"spaceAggregation": "sum",
+									"reduceTo":         "sum",
+								},
+							},
+							"stepInterval": "60s",
+						},
+					},
+				},
+			},
+		},
+		// 11. builder formula: error rate from two trace queries
+		map[string]any{
+			"schemaVersion": "v1",
+			"start":         1640995200000,
+			"end":           1640998800000,
+			"requestType":   "time_series",
+			"compositeQuery": map[string]any{
+				"queries": []any{
+					map[string]any{
+						"type": "builder_query",
+						"spec": map[string]any{
+							"name":   "A",
+							"signal": "traces",
+							"aggregations": []any{
+								map[string]any{
+									"expression": "countIf(has_error = true)",
+								},
+							},
+							"stepInterval": "60s",
+							"groupBy": []any{
+								map[string]any{
+									"name":         "service.name",
+									"fieldContext": "resource",
+								},
+							},
+						},
+					},
+					map[string]any{
+						"type": "builder_query",
+						"spec": map[string]any{
+							"name":   "B",
+							"signal": "traces",
+							"aggregations": []any{
+								map[string]any{
+									"expression": "count()",
+								},
+							},
+							"stepInterval": "60s",
+							"groupBy": []any{
+								map[string]any{
+									"name":         "service.name",
+									"fieldContext": "resource",
+								},
+							},
+						},
+					},
+					map[string]any{
+						"type": "builder_formula",
+						"spec": map[string]any{
+							"name":       "error_rate",
+							"expression": "A / B * 100",
+						},
+					},
+				},
+			},
+		},
+		// 12. PromQL query with UTF-8 dot metric name
+		map[string]any{
+			"schemaVersion": "v1",
+			"start":         1640995200000,
+			"end":           1640998800000,
+			"requestType":   "time_series",
+			"compositeQuery": map[string]any{
+				"queries": []any{
+					map[string]any{
+						"type": "promql",
+						"spec": map[string]any{
+							"name":  "request_rate",
+							"query": "sum(rate({\"http.server.duration.count\"}[5m])) by (\"service.name\")",
+							"step":  60,
+						},
+					},
+				},
+			},
+		},
+		// 13. ClickHouse SQL — time_series
+		map[string]any{
+			"schemaVersion": "v1",
+			"start":         1640995200000,
+			"end":           1640998800000,
+			"requestType":   "time_series",
+			"compositeQuery": map[string]any{
+				"queries": []any{
+					map[string]any{
+						"type": "clickhouse_sql",
+						"spec": map[string]any{
+							"name":  "span_rate",
+							"query": "SELECT toStartOfInterval(timestamp, INTERVAL 60 SECOND) AS ts, count() AS value FROM signoz_traces.distributed_signoz_index_v3 WHERE timestamp >= $start_datetime AND timestamp <= $end_datetime GROUP BY ts ORDER BY ts",
+						},
+					},
+				},
+			},
+		},
+		// 14. ClickHouse SQL — raw
+		map[string]any{
+			"schemaVersion": "v1",
+			"start":         1640995200000,
+			"end":           1640998800000,
+			"requestType":   "raw",
+			"compositeQuery": map[string]any{
+				"queries": []any{
+					map[string]any{
+						"type": "clickhouse_sql",
+						"spec": map[string]any{
+							"name":  "recent_errors",
+							"query": "SELECT timestamp, body FROM signoz_logs.distributed_logs_v2 WHERE timestamp >= $start_timestamp_nano AND timestamp <= $end_timestamp_nano AND severity_text = 'ERROR' ORDER BY timestamp DESC LIMIT 100",
+						},
+					},
+				},
+			},
+		},
+		// 15. ClickHouse SQL — scalar
+		map[string]any{
+			"schemaVersion": "v1",
+			"start":         1640995200000,
+			"end":           1640998800000,
+			"requestType":   "scalar",
+			"compositeQuery": map[string]any{
+				"queries": []any{
+					map[string]any{
+						"type": "clickhouse_sql",
+						"spec": map[string]any{
+							"name":  "total_spans",
+							"query": "SELECT count() AS value FROM signoz_traces.distributed_signoz_index_v3 WHERE timestamp >= $start_datetime AND timestamp <= $end_datetime",
+						},
+					},
+				},
+			},
+		},
+	)
+	return nil
+}
+
+var _ jsonschema.Preparer = &QueryRangeResponse{}
+
+// PrepareJSONSchema adds description to the QueryRangeResponse schema.
+func (q *QueryRangeResponse) PrepareJSONSchema(schema *jsonschema.Schema) error {
+	schema.WithDescription("Response from the v5 query range endpoint. The data.results array contains typed results depending on the requestType: TimeSeriesData for time_series, ScalarData for scalar, or RawData for raw requests.")
+	return nil
+}
+
+var _ jsonschema.Preparer = &CompositeQuery{}
+
+// PrepareJSONSchema adds description to the CompositeQuery schema.
+func (c *CompositeQuery) PrepareJSONSchema(schema *jsonschema.Schema) error {
+	schema.WithDescription("Composite query containing one or more query envelopes. Each query envelope specifies its type and corresponding spec.")
+	return nil
+}
+
+var _ jsonschema.Preparer = &ExecStats{}
+
+// PrepareJSONSchema adds description to the ExecStats schema.
+func (e *ExecStats) PrepareJSONSchema(schema *jsonschema.Schema) error {
+	schema.WithDescription("Execution statistics for the query, including rows scanned, bytes scanned, and duration.")
+	return nil
+}

pkg/types/ruletypes/api_params.go

@@ -8,15 +8,15 @@ import (
 	"time"
 	"unicode/utf8"
 
-	"github.com/prometheus/alertmanager/config"
-
 	signozError "github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/query-service/model"
 	v3 "github.com/SigNoz/signoz/pkg/query-service/model/v3"
+
 	"github.com/SigNoz/signoz/pkg/query-service/utils/times"
 	"github.com/SigNoz/signoz/pkg/query-service/utils/timestamp"
 	"github.com/SigNoz/signoz/pkg/types/alertmanagertypes"
-	"github.com/SigNoz/signoz/pkg/valuer"
+
+	"github.com/prometheus/alertmanager/config"
 )
 
 type AlertType string
@@ -40,12 +40,12 @@ const (
 
 // PostableRule is used to create alerting rule from HTTP api
 type PostableRule struct {
-	AlertName   string              `json:"alert,omitempty"`
-	AlertType   AlertType           `json:"alertType,omitempty"`
-	Description string              `json:"description,omitempty"`
-	RuleType    RuleType            `json:"ruleType,omitempty"`
-	EvalWindow  valuer.TextDuration `json:"evalWindow,omitempty"`
-	Frequency   valuer.TextDuration `json:"frequency,omitempty"`
+	AlertName   string    `json:"alert,omitempty"`
+	AlertType   AlertType `json:"alertType,omitempty"`
+	Description string    `json:"description,omitempty"`
+	RuleType    RuleType  `json:"ruleType,omitempty"`
+	EvalWindow  Duration  `json:"evalWindow,omitempty"`
+	Frequency   Duration  `json:"frequency,omitempty"`
 
 	RuleCondition *RuleCondition    `json:"condition,omitempty"`
 	Labels        map[string]string `json:"labels,omitempty"`
@@ -71,13 +71,13 @@ type NotificationSettings struct {
 	Renotify  Renotify `json:"renotify,omitempty"`
 	UsePolicy bool     `json:"usePolicy,omitempty"`
 	// NewGroupEvalDelay is the grace period for new series to be excluded from alerts evaluation
-	NewGroupEvalDelay valuer.TextDuration `json:"newGroupEvalDelay,omitzero"`
+	NewGroupEvalDelay *Duration `json:"newGroupEvalDelay,omitempty"`
 }
 
 type Renotify struct {
-	Enabled          bool                `json:"enabled"`
-	ReNotifyInterval valuer.TextDuration `json:"interval,omitzero"`
-	AlertStates      []model.AlertState  `json:"alertStates,omitempty"`
+	Enabled          bool               `json:"enabled"`
+	ReNotifyInterval Duration           `json:"interval,omitempty"`
+	AlertStates      []model.AlertState `json:"alertStates,omitempty"`
 }
 
 func (ns *NotificationSettings) GetAlertManagerNotificationConfig() alertmanagertypes.NotificationConfig {
@@ -85,10 +85,10 @@ func (ns *NotificationSettings) GetAlertManagerNotificationConfig() alertmanager
 	var noDataRenotifyInterval time.Duration
 	if ns.Renotify.Enabled {
 		if slices.Contains(ns.Renotify.AlertStates, model.StateNoData) {
-			noDataRenotifyInterval = ns.Renotify.ReNotifyInterval.Duration()
+			noDataRenotifyInterval = time.Duration(ns.Renotify.ReNotifyInterval)
 		}
 		if slices.Contains(ns.Renotify.AlertStates, model.StateFiring) {
-			renotifyInterval = ns.Renotify.ReNotifyInterval.Duration()
+			renotifyInterval = time.Duration(ns.Renotify.ReNotifyInterval)
 		}
 	} else {
 		renotifyInterval = 8760 * time.Hour //1 year for no renotify substitute
@@ -190,12 +190,12 @@ func (r *PostableRule) processRuleDefaults() {
 		r.SchemaVersion = DefaultSchemaVersion
 	}
 
-	if r.EvalWindow.IsZero() {
-		r.EvalWindow = valuer.MustParseTextDuration("5m")
+	if r.EvalWindow == 0 {
+		r.EvalWindow = Duration(5 * time.Minute)
 	}
 
-	if r.Frequency.IsZero() {
-		r.Frequency = valuer.MustParseTextDuration("1m")
+	if r.Frequency == 0 {
+		r.Frequency = Duration(1 * time.Minute)
 	}
 
 	if r.RuleCondition != nil {
@@ -246,7 +246,7 @@ func (r *PostableRule) processRuleDefaults() {
 			r.NotificationSettings = &NotificationSettings{
 				Renotify: Renotify{
 					Enabled:          true,
-					ReNotifyInterval: valuer.MustParseTextDuration("4h"),
+					ReNotifyInterval: Duration(4 * time.Hour),
 					AlertStates:      []model.AlertState{model.StateFiring},
 				},
 			}

pkg/types/ruletypes/api_params_test.go

@@ -171,10 +171,10 @@ func TestParseIntoRule(t *testing.T) {
 			kind:        RuleDataKindJson,
 			expectError: false,
 			validate: func(t *testing.T, rule *PostableRule) {
-				if rule.EvalWindow.Duration() != 5*time.Minute {
+				if rule.EvalWindow != Duration(5*time.Minute) {
 					t.Errorf("Expected default eval window '5m', got '%v'", rule.EvalWindow)
 				}
-				if rule.Frequency.Duration() != time.Minute {
+				if rule.Frequency != Duration(1*time.Minute) {
 					t.Errorf("Expected default frequency '1m', got '%v'", rule.Frequency)
 				}
 				if rule.RuleCondition.CompositeQuery.BuilderQueries["A"].Expression != "A" {
@@ -327,10 +327,10 @@ func TestParseIntoRuleSchemaVersioning(t *testing.T) {
 
 				// Verify evaluation window matches rule settings
 				if window, ok := rule.Evaluation.Spec.(RollingWindow); ok {
-					if !window.EvalWindow.Equal(rule.EvalWindow) {
+					if window.EvalWindow != rule.EvalWindow {
 						t.Errorf("Expected Evaluation EvalWindow %v, got %v", rule.EvalWindow, window.EvalWindow)
 					}
-					if !window.Frequency.Equal(rule.Frequency) {
+					if window.Frequency != rule.Frequency {
 						t.Errorf("Expected Evaluation Frequency %v, got %v", rule.Frequency, window.Frequency)
 					}
 				} else {
@@ -457,10 +457,10 @@ func TestParseIntoRuleSchemaVersioning(t *testing.T) {
 					t.Fatal("Expected Evaluation to be populated")
 				}
 				if window, ok := rule.Evaluation.Spec.(RollingWindow); ok {
-					if !window.EvalWindow.Equal(rule.EvalWindow) {
+					if window.EvalWindow != rule.EvalWindow {
 						t.Errorf("Expected Evaluation EvalWindow to be overwritten to %v, got %v", rule.EvalWindow, window.EvalWindow)
 					}
-					if !window.Frequency.Equal(rule.Frequency) {
+					if window.Frequency != rule.Frequency {
 						t.Errorf("Expected Evaluation Frequency to be overwritten to %v, got %v", rule.Frequency, window.Frequency)
 					}
 				} else {
@@ -504,7 +504,7 @@ func TestParseIntoRuleSchemaVersioning(t *testing.T) {
 					t.Error("Expected Evaluation to be nil for v2")
 				}
 
-				if rule.EvalWindow.Duration() != 5*time.Minute {
+				if rule.EvalWindow != Duration(5*time.Minute) {
 					t.Error("Expected default EvalWindow to be applied")
 				}
 				if rule.RuleType != RuleTypeThreshold {