- Notifications
You must be signed in to change notification settings - Fork913
feat: add organization scope for shared ports#18314
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.
Already on GitHub?Sign in to your account
Open
aslilac wants to merge19 commits intomainChoose a base branch
base:main
Could not load branches
Branch not found:{{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline, and old review comments may become outdated.
+1,189 −768
Open
Changes fromall commits
Commits
Show all changes
19 commits Select commitHold shift + click to select a range
4724f79 claude be doing something certainly
aslilac408d70d get claude off its nonsense
aslilacdfea63d Revert "get claude off its nonsense"
aslilac429bc13 let 'er rip some more
aslilace04084e do the thing
aslilac842c5bb fix story
aslilace9abb74 clean up permission checking
aslilaca60f072 🧹
aslilacc26bf27 fmt
aslilacc10de9e a test that actually makes any sense
aslilacbdee7ac jk
aslilac29d19a2 tighten, don't loosen
aslilacd5cbd9a fix tooltips
aslilac9bb36ec move comment
aslilac089f094 add new sharing level to agent.proto
aslilac45c8508 Merge branch 'main' into lilac/org-port-sharing
aslilace8f031e why
aslilac495fbc3 oh my
aslilac27bccf2 fix migration numbers
aslilacFile filter
Filter by extension
Conversations
Failed to load comments.
Loading
Uh oh!
There was an error while loading.Please reload this page.
Jump to
Jump to file
Failed to load files.
Loading
Uh oh!
There was an error while loading.Please reload this page.
Diff view
Diff view
There are no files selected for viewing
3 changes: 3 additions & 0 deletionsCLAUDE.md
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
Large diffs are not rendered by default.
Oops, something went wrong.
Uh oh!
There was an error while loading.Please reload this page.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| @@ -24,6 +24,7 @@ message WorkspaceApp { | ||||||||||||
| OWNER = 1; | ||||||||||||
| AUTHENTICATED = 2; | ||||||||||||
| PUBLIC = 3; | ||||||||||||
| ORGANIZATION = 4; | ||||||||||||
Comment on lines 24 to +27 There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others.Learn more. This could also be added in the Lines 404 to 408 in068f9a0
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others.Learn more. any chance you can explain to me what a subagent is and why I would want to add that here? it makes sense on its face but I have no idea what a subagent is 💀 There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others.Learn more. It’s just an agent that has a parent agent that manages its lifecycle. They’re being used for our dev container feature where we inject agents into a dev container during the runtime (not startup) of a workspace. So they’re for all intents and purposes normal agents, just with a different lifecycle. | ||||||||||||
| } | ||||||||||||
| SharingLevel sharing_level = 10; | ||||||||||||
7 changes: 7 additions & 0 deletionscoderd/apidoc/docs.go
Some generated files are not rendered by default. Learn more abouthow customized files appear on GitHub.
Oops, something went wrong.
Uh oh!
There was an error while loading.Please reload this page.
12 changes: 7 additions & 5 deletionscoderd/apidoc/swagger.json
Some generated files are not rendered by default. Learn more abouthow customized files appear on GitHub.
Oops, something went wrong.
Uh oh!
There was an error while loading.Please reload this page.
1 change: 1 addition & 0 deletionscoderd/database/dump.sql
Some generated files are not rendered by default. Learn more abouthow customized files appear on GitHub.
Oops, something went wrong.
Uh oh!
There was an error while loading.Please reload this page.
92 changes: 92 additions & 0 deletionscoderd/database/migrations/000336_add_organization_port_sharing_level.down.sql
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,92 @@ | ||
| -- Drop the view that depends on the templates table | ||
| DROP VIEW template_with_names; | ||
| -- Remove 'organization' from the app_sharing_level enum | ||
| CREATE TYPE new_app_sharing_level AS ENUM ( | ||
| 'owner', | ||
| 'authenticated', | ||
| 'public' | ||
| ); | ||
| -- Update workspace_agent_port_share table to use old enum | ||
| -- Convert any 'organization' values to 'authenticated' during downgrade | ||
| ALTER TABLE workspace_agent_port_share | ||
| ALTER COLUMN share_level TYPE new_app_sharing_level USING ( | ||
| CASE | ||
| WHEN share_level = 'organization' THEN 'authenticated'::new_app_sharing_level | ||
| ELSE share_level::text::new_app_sharing_level | ||
| END | ||
| ); | ||
| -- Update workspace_apps table to use old enum | ||
| -- Convert any 'organization' values to 'authenticated' during downgrade | ||
| ALTER TABLE workspace_apps | ||
| ALTER COLUMN sharing_level DROP DEFAULT, | ||
| ALTER COLUMN sharing_level TYPE new_app_sharing_level USING ( | ||
| CASE | ||
| WHEN sharing_level = 'organization' THEN 'authenticated'::new_app_sharing_level | ||
| ELSE sharing_level::text::new_app_sharing_level | ||
| END | ||
| ), | ||
| ALTER COLUMN sharing_level SET DEFAULT 'owner'::new_app_sharing_level; | ||
| -- Update templates table to use old enum | ||
| -- Convert any 'organization' values to 'authenticated' during downgrade | ||
| ALTER TABLE templates | ||
| ALTER COLUMN max_port_sharing_level DROP DEFAULT, | ||
| ALTER COLUMN max_port_sharing_level TYPE new_app_sharing_level USING ( | ||
| CASE | ||
| WHEN max_port_sharing_level = 'organization' THEN 'owner'::new_app_sharing_level | ||
| ELSE max_port_sharing_level::text::new_app_sharing_level | ||
| END | ||
| ), | ||
| ALTER COLUMN max_port_sharing_level SET DEFAULT 'owner'::new_app_sharing_level; | ||
| -- Drop old enum and rename new one | ||
| DROP TYPE app_sharing_level; | ||
| ALTER TYPE new_app_sharing_level RENAME TO app_sharing_level; | ||
| -- Recreate the template_with_names view | ||
| CREATE VIEW template_with_names AS | ||
| SELECT templates.id, | ||
| templates.created_at, | ||
| templates.updated_at, | ||
| templates.organization_id, | ||
| templates.deleted, | ||
| templates.name, | ||
| templates.provisioner, | ||
| templates.active_version_id, | ||
| templates.description, | ||
| templates.default_ttl, | ||
| templates.created_by, | ||
| templates.icon, | ||
| templates.user_acl, | ||
| templates.group_acl, | ||
| templates.display_name, | ||
| templates.allow_user_cancel_workspace_jobs, | ||
| templates.allow_user_autostart, | ||
| templates.allow_user_autostop, | ||
| templates.failure_ttl, | ||
| templates.time_til_dormant, | ||
| templates.time_til_dormant_autodelete, | ||
| templates.autostop_requirement_days_of_week, | ||
| templates.autostop_requirement_weeks, | ||
| templates.autostart_block_days_of_week, | ||
| templates.require_active_version, | ||
| templates.deprecated, | ||
| templates.activity_bump, | ||
| templates.max_port_sharing_level, | ||
| templates.use_classic_parameter_flow, | ||
| COALESCE(visible_users.avatar_url, ''::text) AS created_by_avatar_url, | ||
| COALESCE(visible_users.username, ''::text) AS created_by_username, | ||
| COALESCE(visible_users.name, ''::text) AS created_by_name, | ||
| COALESCE(organizations.name, ''::text) AS organization_name, | ||
| COALESCE(organizations.display_name, ''::text) AS organization_display_name, | ||
| COALESCE(organizations.icon, ''::text) AS organization_icon | ||
| FROM ((templates | ||
| LEFT JOIN visible_users ON ((templates.created_by = visible_users.id))) | ||
| LEFT JOIN organizations ON ((templates.organization_id = organizations.id))); | ||
| COMMENT ON VIEW template_with_names IS 'Joins in the display name information such as username, avatar, and organization name.'; |
73 changes: 73 additions & 0 deletionscoderd/database/migrations/000336_add_organization_port_sharing_level.up.sql
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,73 @@ | ||
| -- Drop the view that depends on the templates table | ||
| DROP VIEW template_with_names; | ||
| -- Add 'organization' to the app_sharing_level enum | ||
| CREATE TYPE new_app_sharing_level AS ENUM ( | ||
| 'owner', | ||
| 'authenticated', | ||
| 'organization', | ||
| 'public' | ||
| ); | ||
| -- Update workspace_agent_port_share table to use new enum | ||
| ALTER TABLE workspace_agent_port_share | ||
| ALTER COLUMN share_level TYPE new_app_sharing_level USING (share_level::text::new_app_sharing_level); | ||
| -- Update workspace_apps table to use new enum | ||
| ALTER TABLE workspace_apps | ||
| ALTER COLUMN sharing_level DROP DEFAULT, | ||
| ALTER COLUMN sharing_level TYPE new_app_sharing_level USING (sharing_level::text::new_app_sharing_level), | ||
| ALTER COLUMN sharing_level SET DEFAULT 'owner'::new_app_sharing_level; | ||
| -- Update templates table to use new enum | ||
| ALTER TABLE templates | ||
| ALTER COLUMN max_port_sharing_level DROP DEFAULT, | ||
| ALTER COLUMN max_port_sharing_level TYPE new_app_sharing_level USING (max_port_sharing_level::text::new_app_sharing_level), | ||
| ALTER COLUMN max_port_sharing_level SET DEFAULT 'owner'::new_app_sharing_level; | ||
| -- Drop old enum and rename new one | ||
| DROP TYPE app_sharing_level; | ||
| ALTER TYPE new_app_sharing_level RENAME TO app_sharing_level; | ||
| -- Recreate the template_with_names view | ||
| CREATE VIEW template_with_names AS | ||
| SELECT templates.id, | ||
| templates.created_at, | ||
| templates.updated_at, | ||
| templates.organization_id, | ||
| templates.deleted, | ||
| templates.name, | ||
| templates.provisioner, | ||
| templates.active_version_id, | ||
| templates.description, | ||
| templates.default_ttl, | ||
| templates.created_by, | ||
| templates.icon, | ||
| templates.user_acl, | ||
| templates.group_acl, | ||
| templates.display_name, | ||
| templates.allow_user_cancel_workspace_jobs, | ||
| templates.allow_user_autostart, | ||
| templates.allow_user_autostop, | ||
| templates.failure_ttl, | ||
| templates.time_til_dormant, | ||
| templates.time_til_dormant_autodelete, | ||
| templates.autostop_requirement_days_of_week, | ||
| templates.autostop_requirement_weeks, | ||
| templates.autostart_block_days_of_week, | ||
| templates.require_active_version, | ||
| templates.deprecated, | ||
| templates.activity_bump, | ||
| templates.max_port_sharing_level, | ||
| templates.use_classic_parameter_flow, | ||
| COALESCE(visible_users.avatar_url, ''::text) AS created_by_avatar_url, | ||
| COALESCE(visible_users.username, ''::text) AS created_by_username, | ||
| COALESCE(visible_users.name, ''::text) AS created_by_name, | ||
| COALESCE(organizations.name, ''::text) AS organization_name, | ||
| COALESCE(organizations.display_name, ''::text) AS organization_display_name, | ||
| COALESCE(organizations.icon, ''::text) AS organization_icon | ||
| FROM ((templates | ||
| LEFT JOIN visible_users ON ((templates.created_by = visible_users.id))) | ||
| LEFT JOIN organizations ON ((templates.organization_id = organizations.id))); | ||
| COMMENT ON VIEW template_with_names IS 'Joins in the display name information such as username, avatar, and organization name.'; |
3 changes: 3 additions & 0 deletionscoderd/database/models.go
Some generated files are not rendered by default. Learn more abouthow customized files appear on GitHub.
Oops, something went wrong.
Uh oh!
There was an error while loading.Please reload this page.
25 changes: 23 additions & 2 deletionscoderd/workspaceapps/db.go
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
Oops, something went wrong.
Uh oh!
There was an error while loading.Please reload this page.
Oops, something went wrong.
Uh oh!
There was an error while loading.Please reload this page.
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.