NotificationsYou must be signed in to change notification settings
Fork1.1k
Star11.8k

Commit103967e

authored

feat: add sharing info to /workspaces endpoint (#21049)

closes:coder/internal#858Similar to#19375, this one usessystem permissions for fetching actual user and group data.Modifies the `workspaces_expanded` view to fetch the required data; this way it's made available to all code paths that make use of it. Also fixes a bug in a test helper function that can result in `null` being saved to the DB for `user_acl` or `group_acl` and break tests; a defensive check constraint that prevents this is worth a PR, e.g:`ALTER TABLE workspaces ADD CONSTRAINT group_acl_is_object CHECK (jsonb_typeof(group_acl) = 'object');`Also adds missing `OwnerName` in `ConvertWorkspaceRows`.

1 parent7ecfd1a commit103967eCopy full SHA for 103967e

File tree

22 files changed

+838

-92

lines changed

coderd
- aitasks.go
- apidoc
  - docs.go
  - swagger.json
- database
  - dbgen
    - dbgen.go
  - dump.sql
  - migrations
    - 000403_workspaces_expanded_acl_actor_info.down.sql
    - 000403_workspaces_expanded_acl_actor_info.up.sql
  - modelmethods.go
  - modelqueries.go
  - models.go
  - queries.sql.go
  - queries
    - workspaces.sql
  - sqlc.yaml
  - types.go
- telemetry
  - telemetry.go
- workspaces.go
codersdk
- workspaces.go
docs/reference/api
- schemas.md
- workspaces.md
enterprise/coderd
- workspaces_test.go
site/src
- api
  - typesGenerated.ts
- testHelpers
  - entities.ts

22 files changed

+838

-92

lines changed

`‎coderd/aitasks.go‎`

Lines changed: 15 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -471,15 +471,25 @@ func (api *API) convertTasks(ctx context.Context, requesterID uuid.UUID, dbTasks`
`471`	`471`	`returnnil,xerrors.Errorf("fetch workspaces: %w",err)`
`472`	`472`	`}`
`473`	`473`
`474`		`-workspaces:=database.ConvertWorkspaceRows(workspaceRows)`
	`474`	`+workspaces,err:=database.ConvertWorkspaceRows(workspaceRows)`
	`475`	`+iferr!=nil {`
	`476`	`+returnnil,xerrors.Errorf("convert workspace rows: %w",err)`
	`477`	`+}`
`475`	`478`
`476`	`479`	`// Gather associated data and convert to API workspaces.`
`477`	`480`	`data,err:=api.workspaceData(ctx,workspaces)`
`478`	`481`	`iferr!=nil {`
`479`	`482`	`returnnil,xerrors.Errorf("fetch workspace data: %w",err)`
`480`	`483`	`}`
`481`	`484`
`482`		`-apiWorkspaces,err:=convertWorkspaces(requesterID,workspaces,data)`
	`485`	`+apiWorkspaces,err:=convertWorkspaces(`
	`486`	`+ctx,`
	`487`	`+api.Experiments,`
	`488`	`+api.Logger,`
	`489`	`+requesterID,`
	`490`	`+workspaces,`
	`491`	`+data,`
	`492`	`+)`
`483`	`493`	`iferr!=nil {`
`484`	`494`	`returnnil,xerrors.Errorf("convert workspaces: %w",err)`
`485`	`495`	`}`
`@@ -553,6 +563,9 @@ func (api API) taskGet(rw http.ResponseWriter, r http.Request) {`
`553`	`563`	`}`
`554`	`564`
`555`	`565`	`ws,err:=convertWorkspace(`
	`566`	`+ctx,`
	`567`	`+api.Experiments,`
	`568`	`+api.Logger,`
`556`	`569`	`apiKey.UserID,`
`557`	`570`	`workspace,`
`558`	`571`	`data.builds[0],`

Original file line number	Diff line number	Diff line change
`@@ -440,10 +440,18 @@ func Workspace(t testing.TB, db database.Store, orig database.WorkspaceTable) da`
`440`	`440`	`workspace.DormantAt=orig.DormantAt`
`441`	`441`	`}`
`442`	`442`	`iflen(orig.UserACL)>0\|\|len(orig.GroupACL)>0 {`
	`443`	`+userACL:=orig.UserACL`
	`444`	`+ifuserACL==nil {`
	`445`	`+userACL= database.WorkspaceACL{}`
	`446`	`+}`
	`447`	`+groupACL:=orig.GroupACL`
	`448`	`+ifgroupACL==nil {`
	`449`	`+groupACL= database.WorkspaceACL{}`
	`450`	`+}`
`443`	`451`	`err=db.UpdateWorkspaceACLByID(genCtx, database.UpdateWorkspaceACLByIDParams{`
`444`	`452`	`ID:workspace.ID,`
`445`		`-UserACL:orig.UserACL,`
`446`		`-GroupACL:orig.GroupACL,`
	`453`	`+UserACL:userACL,`
	`454`	`+GroupACL:groupACL,`
`447`	`455`	`})`
`448`	`456`	`require.NoError(t,err,"set workspace ACL")`
`449`	`457`	`workspace.UserACL=orig.UserACL`

`‎coderd/database/dump.sql‎`

Lines changed: 7 additions & 1 deletion

Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

`‎coderd/database/migrations/000403_workspaces_expanded_acl_actor_info.down.sql‎`

Lines changed: 41 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,41 @@`
	`1`	`+DROPVIEW workspaces_expanded;`
	`2`	`+`
	`3`	`+-- Revert to passing through raw user_acl and group_acl columns.`
	`4`	`+CREATEVIEWworkspaces_expandedAS`
	`5`	`+SELECTworkspaces.id,`
	`6`	`+workspaces.created_at,`
	`7`	`+workspaces.updated_at,`
	`8`	`+workspaces.owner_id,`
	`9`	`+workspaces.organization_id,`
	`10`	`+workspaces.template_id,`
	`11`	`+workspaces.deleted,`
	`12`	`+workspaces.name,`
	`13`	`+workspaces.autostart_schedule,`
	`14`	`+workspaces.ttl,`
	`15`	`+workspaces.last_used_at,`
	`16`	`+workspaces.dormant_at,`
	`17`	`+workspaces.deleting_at,`
	`18`	`+workspaces.automatic_updates,`
	`19`	`+workspaces.favorite,`
	`20`	`+workspaces.next_start_at,`
	`21`	`+workspaces.group_acl,`
	`22`	`+workspaces.user_acl,`
	`23`	`+visible_users.avatar_urlAS owner_avatar_url,`
	`24`	`+visible_users.usernameAS owner_username,`
	`25`	`+visible_users.nameAS owner_name,`
	`26`	`+organizations.nameAS organization_name,`
	`27`	`+organizations.display_nameAS organization_display_name,`
	`28`	`+organizations.iconAS organization_icon,`
	`29`	`+organizations.descriptionAS organization_description,`
	`30`	`+templates.nameAS template_name,`
	`31`	`+templates.display_nameAS template_display_name,`
	`32`	`+templates.iconAS template_icon,`
	`33`	`+templates.descriptionAS template_description,`
	`34`	`+tasks.idAS task_id`
	`35`	`+FROM ((((workspaces`
	`36`	`+JOIN visible_usersON ((workspaces.owner_id=visible_users.id)))`
	`37`	`+JOIN organizationsON ((workspaces.organization_id=organizations.id)))`
	`38`	`+JOIN templatesON ((workspaces.template_id=templates.id)))`
	`39`	`+LEFT JOIN tasksON ((workspaces.id=tasks.workspace_id)));`
	`40`	`+`
	`41`	`+COMMENT ON VIEW workspaces_expanded IS'Joins in the display name information such as username, avatar, and organization name.';`

`‎coderd/database/migrations/000403_workspaces_expanded_acl_actor_info.up.sql‎`

Lines changed: 65 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,65 @@`
	`1`	`+DROPVIEW workspaces_expanded;`
	`2`	`+`
	`3`	`+-- Expand more by including group_acl_display_info and`
	`4`	`+-- user_acl_display_info columns with the actors' name and avatar.`
	`5`	`+CREATEVIEWworkspaces_expandedAS`
	`6`	`+SELECTworkspaces.id,`
	`7`	`+workspaces.created_at,`
	`8`	`+workspaces.updated_at,`
	`9`	`+workspaces.owner_id,`
	`10`	`+workspaces.organization_id,`
	`11`	`+workspaces.template_id,`
	`12`	`+workspaces.deleted,`
	`13`	`+workspaces.name,`
	`14`	`+workspaces.autostart_schedule,`
	`15`	`+workspaces.ttl,`
	`16`	`+workspaces.last_used_at,`
	`17`	`+workspaces.dormant_at,`
	`18`	`+workspaces.deleting_at,`
	`19`	`+workspaces.automatic_updates,`
	`20`	`+workspaces.favorite,`
	`21`	`+workspaces.next_start_at,`
	`22`	`+workspaces.group_acl,`
	`23`	`+workspaces.user_acl,`
	`24`	`+visible_users.avatar_urlAS owner_avatar_url,`
	`25`	`+visible_users.usernameAS owner_username,`
	`26`	`+visible_users.nameAS owner_name,`
	`27`	`+organizations.nameAS organization_name,`
	`28`	`+organizations.display_nameAS organization_display_name,`
	`29`	`+organizations.iconAS organization_icon,`
	`30`	`+organizations.descriptionAS organization_description,`
	`31`	`+templates.nameAS template_name,`
	`32`	`+templates.display_nameAS template_display_name,`
	`33`	`+templates.iconAS template_icon,`
	`34`	`+templates.descriptionAS template_description,`
	`35`	`+tasks.idAS task_id,`
	`36`	`+-- Workspace ACL actors' display info`
	`37`	`+ COALESCE((`
	`38`	`+SELECT jsonb_object_agg(`
	`39`	`+acl.key,`
	`40`	`+ jsonb_build_object(`
	`41`	`+'name', COALESCE(g.name,''),`
	`42`	`+'avatar_url', COALESCE(g.avatar_url,'')`
	`43`	`+ )`
	`44`	`+ )`
	`45`	`+FROM jsonb_each(workspaces.group_acl)AS acl`
	`46`	`+LEFT JOIN groups gONg.id=acl.key::uuid`
	`47`	`+ ),'{}'::jsonb)AS group_acl_display_info,`
	`48`	`+ COALESCE((`
	`49`	`+SELECT jsonb_object_agg(`
	`50`	`+acl.key,`
	`51`	`+ jsonb_build_object(`
	`52`	`+'name', COALESCE(vu.name,''),`
	`53`	`+'avatar_url', COALESCE(vu.avatar_url,'')`
	`54`	`+ )`
	`55`	`+ )`
	`56`	`+FROM jsonb_each(workspaces.user_acl)AS acl`
	`57`	`+LEFT JOIN visible_users vuONvu.id=acl.key::uuid`
	`58`	`+ ),'{}'::jsonb)AS user_acl_display_info`
	`59`	`+FROM ((((workspaces`
	`60`	`+JOIN visible_usersON ((workspaces.owner_id=visible_users.id)))`
	`61`	`+JOIN organizationsON ((workspaces.organization_id=organizations.id)))`
	`62`	`+JOIN templatesON ((workspaces.template_id=templates.id)))`
	`63`	`+LEFT JOIN tasksON ((workspaces.id=tasks.workspace_id)));`
	`64`	`+`
	`65`	`+COMMENT ON VIEW workspaces_expanded IS'Joins in the display name information such as username, avatar, and organization name.';`

`‎coderd/database/modelmethods.go‎`

Lines changed: 25 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -658,7 +658,7 @@ func ConvertUserRows(rows []GetUsersRow) []User {`
`658`	`658`	`returnusers`
`659`	`659`	`}`
`660`	`660`
`661`		`-funcConvertWorkspaceRows(rows []GetWorkspacesRow) []Workspace {`
	`661`	`+funcConvertWorkspaceRows(rows []GetWorkspacesRow)([]Workspace,error) {`
`662`	`662`	`workspaces:=make([]Workspace,len(rows))`
`663`	`663`	`fori,r:=rangerows {`
`664`	`664`	`workspaces[i]=Workspace{`
`@@ -679,6 +679,7 @@ func ConvertWorkspaceRows(rows []GetWorkspacesRow) []Workspace {`
`679`	`679`	`Favorite:r.Favorite,`
`680`	`680`	`OwnerAvatarUrl:r.OwnerAvatarUrl,`
`681`	`681`	`OwnerUsername:r.OwnerUsername,`
	`682`	`+OwnerName:r.OwnerName,`
`682`	`683`	`OrganizationName:r.OrganizationName,`
`683`	`684`	`OrganizationDisplayName:r.OrganizationDisplayName,`
`684`	`685`	`OrganizationIcon:r.OrganizationIcon,`
`@@ -690,9 +691,31 @@ func ConvertWorkspaceRows(rows []GetWorkspacesRow) []Workspace {`
`690`	`691`	`NextStartAt:r.NextStartAt,`
`691`	`692`	`TaskID:r.TaskID,`
`692`	`693`	`}`
	`694`	`+`
	`695`	`+varerrerror`
	`696`	`+`
	`697`	`+err=workspaces[i].UserACL.Scan(r.UserACL)`
	`698`	`+iferr!=nil {`
	`699`	`+returnnil,xerrors.Errorf("scan user ACL %q: %w",r.UserACL,err)`
	`700`	`+}`
	`701`	`+err=workspaces[i].GroupACL.Scan(r.GroupACL)`
	`702`	`+iferr!=nil {`
	`703`	`+returnnil,xerrors.Errorf("scan group ACL %q: %w",r.GroupACL,err)`
	`704`	`+}`
	`705`	`+`
	`706`	`+err=workspaces[i].UserACLDisplayInfo.Scan(r.UserACLDisplayInfo)`
	`707`	`+iferr!=nil {`
	`708`	`+returnnil,xerrors.Errorf("scan user ACL display info %q: %w",`
	`709`	`+r.UserACLDisplayInfo,err)`
	`710`	`+}`
	`711`	`+err=workspaces[i].GroupACLDisplayInfo.Scan(r.GroupACLDisplayInfo)`
	`712`	`+iferr!=nil {`
	`713`	`+returnnil,xerrors.Errorf("scan group ACL display info %q: %w",`
	`714`	`+r.GroupACLDisplayInfo,err)`
	`715`	`+}`
`693`	`716`	`}`
`694`	`717`
`695`		`-returnworkspaces`
	`718`	`+returnworkspaces,nil`
`696`	`719`	`}`
`697`	`720`
`698`	`721`	`func (gGroup)IsEveryone()bool {`

`‎coderd/database/modelqueries.go‎`

Lines changed: 2 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -323,6 +323,8 @@ func (q *sqlQuerier) GetAuthorizedWorkspaces(ctx context.Context, arg GetWorkspa`
`323`	`323`	`&i.TemplateIcon,`
`324`	`324`	`&i.TemplateDescription,`
`325`	`325`	`&i.TaskID,`
	`326`	`+&i.GroupACLDisplayInfo,`
	`327`	`+&i.UserACLDisplayInfo,`
`326`	`328`	`&i.TemplateVersionID,`
`327`	`329`	`&i.TemplateVersionName,`
`328`	`330`	`&i.LatestBuildCompletedAt,`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit103967e

File tree

22 files changed

22 files changed

`‎coderd/aitasks.go‎`

`‎coderd/apidoc/docs.go‎`

`‎coderd/apidoc/swagger.json‎`

`‎coderd/database/dbgen/dbgen.go‎`

`‎coderd/database/dump.sql‎`

`‎coderd/database/migrations/000403_workspaces_expanded_acl_actor_info.down.sql‎`

`‎coderd/database/migrations/000403_workspaces_expanded_acl_actor_info.up.sql‎`

`‎coderd/database/modelmethods.go‎`

`‎coderd/database/modelqueries.go‎`

0 commit comments