Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit152f09d

Browse files
committed
Go back to fetching user and group data with system context
1 parent790fc21 commit152f09d

File tree

2 files changed

+72
-327
lines changed

2 files changed

+72
-327
lines changed

‎coderd/workspaces.go‎

Lines changed: 55 additions & 55 deletions
Original file line numberDiff line numberDiff line change
@@ -241,15 +241,15 @@ func (api *API) workspaces(rw http.ResponseWriter, r *http.Request) {
241241
}
242242

243243
var (
244-
memberDatamap[uuid.UUID]database.OrganizationMembersRow
245-
groupDatamap[uuid.UUID]database.Group
244+
userDatamap[uuid.UUID]database.User
245+
groupDatamap[uuid.UUID]database.Group
246246
)
247247
ifapi.Experiments.Enabled(codersdk.ExperimentWorkspaceSharing) {
248248
varerrerror
249-
memberData,groupData,err=findWorkspaceMembersAndGroups(ctx,api,workspaces)
249+
userData,groupData,err=findWorkspaceUsersAndGroups(ctx,api,workspaces)
250250
iferr!=nil {
251251
httpapi.Write(ctx,rw,http.StatusInternalServerError, codersdk.Response{
252-
Message:"Internal error fetchingmembers and groups for workspaces.",
252+
Message:"Internal error fetchingusers and groups for workspaces.",
253253
Detail:err.Error(),
254254
})
255255
return
@@ -263,7 +263,7 @@ func (api *API) workspaces(rw http.ResponseWriter, r *http.Request) {
263263
apiKey.UserID,
264264
workspaces,
265265
data,
266-
memberData,
266+
userData,
267267
groupData,
268268
)
269269
iferr!=nil {
@@ -2579,7 +2579,7 @@ func convertWorkspaces(
25792579
requesterID uuid.UUID,
25802580
workspaces []database.Workspace,
25812581
dataworkspaceData,
2582-
memberDatamap[uuid.UUID]database.OrganizationMembersRow,
2582+
userDatamap[uuid.UUID]database.User,
25832583
groupDatamap[uuid.UUID]database.Group,
25842584
) ([]codersdk.Workspace,error) {
25852585
buildByWorkspaceID:=map[uuid.UUID]codersdk.WorkspaceBuild{}
@@ -2622,7 +2622,7 @@ func convertWorkspaces(
26222622
template,
26232623
data.allowRenames,
26242624
appStatus,
2625-
memberData,
2625+
userData,
26262626
groupData,
26272627
)
26282628
iferr!=nil {
@@ -2644,7 +2644,7 @@ func convertWorkspace(
26442644
template database.Template,
26452645
allowRenamesbool,
26462646
latestAppStatus codersdk.WorkspaceAppStatus,
2647-
memberDatamap[uuid.UUID]database.OrganizationMembersRow,
2647+
userDatamap[uuid.UUID]database.User,
26482648
groupDatamap[uuid.UUID]database.Group,
26492649
) (codersdk.Workspace,error) {
26502650
ifrequesterID==uuid.Nil {
@@ -2694,7 +2694,7 @@ func convertWorkspace(
26942694
appStatus=nil
26952695
}
26962696

2697-
sharedWith:=sharedWorkspaceActors(ctx,experiments,logger,workspace,memberData,groupData)
2697+
sharedWith:=sharedWorkspaceActors(ctx,experiments,logger,workspace,userData,groupData)
26982698

26992699
return codersdk.Workspace{
27002700
ID:workspace.ID,
@@ -2744,7 +2744,7 @@ func sharedWorkspaceActors(
27442744
experiments codersdk.Experiments,
27452745
logger slog.Logger,
27462746
workspace database.Workspace,
2747-
memberDatamap[uuid.UUID]database.OrganizationMembersRow,
2747+
userDatamap[uuid.UUID]database.User,
27482748
groupDatamap[uuid.UUID]database.Group,
27492749
)*[]codersdk.SharedWorkspaceActor {
27502750
if!experiments.Enabled(codersdk.ExperimentWorkspaceSharing) {
@@ -2766,11 +2766,9 @@ func sharedWorkspaceActors(
27662766
ActorType:codersdk.SharedWorkspaceActorTypeUser,
27672767
Roles: []codersdk.WorkspaceRole{convertToWorkspaceRole(aclEntry.Permissions)},
27682768
}
2769-
2770-
// Member data is only available if user has access to it
2771-
ifmember,ok:=memberData[userID];ok {
2772-
actor.Name=member.Name
2773-
actor.AvatarURL=member.AvatarURL
2769+
ifuserData!=nil {
2770+
actor.Name=userData[userID].Name
2771+
actor.AvatarURL=userData[userID].AvatarURL
27742772
}
27752773

27762774
out=append(out,actor)
@@ -2789,11 +2787,9 @@ func sharedWorkspaceActors(
27892787
ActorType:codersdk.SharedWorkspaceActorTypeGroup,
27902788
Roles: []codersdk.WorkspaceRole{convertToWorkspaceRole(aclEntry.Permissions)},
27912789
}
2792-
2793-
// Group data is only available if user has access to it
2794-
ifgroup,ok:=groupData[groupID];ok {
2795-
actor.Name=group.Name
2796-
actor.AvatarURL=group.AvatarURL
2790+
ifgroupData!=nil {
2791+
actor.Name=groupData[groupID].Name
2792+
actor.AvatarURL=groupData[groupID].AvatarURL
27972793
}
27982794

27992795
out=append(out,actor)
@@ -2950,76 +2946,80 @@ func convertToWorkspaceRole(actions []policy.Action) codersdk.WorkspaceRole {
29502946
returncodersdk.WorkspaceRoleDeleted
29512947
}
29522948

2953-
// findWorkspaceMembersAndGroups fetches all organization members and
2954-
// groups present in workspaces' ACLs. All workspaces must belong to
2955-
// the same organization.
2956-
funcfindWorkspaceMembersAndGroups(
2949+
// findWorkspaceUsersAndGroups fetches all users and groups present in
2950+
// workspaces' ACLs.
2951+
funcfindWorkspaceUsersAndGroups(
29572952
ctx context.Context,
29582953
api*API,
29592954
workspaces []database.Workspace,
29602955
) (
2961-
memberDatamap[uuid.UUID]database.OrganizationMembersRow,
2956+
userDatamap[uuid.UUID]database.User,
29622957
groupDatamap[uuid.UUID]database.Group,
29632958
errerror,
29642959
) {
29652960
iflen(workspaces)==0 {
2966-
return
2961+
returnnil,nil,nil
29672962
}
29682963

2969-
// Get all the group IDs that we need to fetch.
2970-
// TODO(geokat): Implement a way to fetch org members by IDs. For
2971-
// now we have to fetch all of them even if we only need one.
2964+
// Get all the user IDs and group IDs that we need to fetch
29722965
var (
2973-
groupIDs []uuid.UUID
2974-
fetchMembersbool
2966+
uids []uuid.UUID
2967+
gids []uuid.UUID
29752968
)
29762969
for_,ws:=rangeworkspaces {
2977-
ifws.OrganizationID!=workspaces[0].OrganizationID {
2978-
returnnil,nil,xerrors.New("all workspaces must belong to the same organization")
2979-
}
2980-
iflen(ws.UserACL)!=0 {
2981-
fetchMembers=true
2970+
// ws.UserACL is a map[id]...
2971+
forid:=rangews.UserACL {
2972+
uid,err:=uuid.Parse(id)
2973+
iferr!=nil {
2974+
api.Logger.Warn(ctx,"found invalid user uuid in workspace acl",slog.Error(err),slog.F("workspace_id",ws.ID))
2975+
continue
2976+
}
2977+
uids=append(uids,uid)
29822978
}
29832979
forid:=rangews.GroupACL {
2984-
groupID,err:=uuid.Parse(id)
2980+
gid,err:=uuid.Parse(id)
29852981
iferr!=nil {
29862982
api.Logger.Warn(ctx,"found invalid group uuid in workspace acl",slog.Error(err),slog.F("workspace_id",ws.ID))
29872983
continue
29882984
}
2989-
groupIDs=append(groupIDs,groupID)
2985+
gids=append(gids,gid)
29902986
}
29912987
}
29922988

29932989
vareg errgroup.Group
29942990

2995-
// Fetchorg members
2996-
iffetchMembers {
2991+
// Fetchthe users
2992+
iflen(uids)>0 {
29972993
eg.Go(func() (errerror) {
2998-
params:= database.OrganizationMembersParams{
2999-
OrganizationID:workspaces[0].OrganizationID,
3000-
}
3001-
members,err:=api.Database.OrganizationMembers(ctx,params)
3002-
iferr!=nil&&!httpapi.Is404Error(err) {
3003-
returnxerrors.Errorf("get organization members: %w",err)
2994+
uids=slice.Unique(uids)
2995+
2996+
// For context see https://github.com/coder/coder/pull/19375
2997+
// nolint:gocritic
2998+
users,err:=api.Database.GetUsersByIDs(dbauthz.AsSystemRestricted(ctx),uids)
2999+
iferr!=nil&&!errors.Is(err,sql.ErrNoRows) {
3000+
returnxerrors.Errorf("get users by IDs: %w",err)
30043001
}
3005-
memberData=make(map[uuid.UUID]database.OrganizationMembersRow,len(members))
3006-
for_,member:=rangemembers {
3007-
memberData[member.OrganizationMember.UserID]=member
3002+
3003+
userData=make(map[uuid.UUID]database.User,len(users))
3004+
for_,user:=rangeusers {
3005+
userData[user.ID]=user
30083006
}
30093007
returnnil
30103008
})
30113009
}
30123010
// Fetch the groups
3013-
iflen(groupIDs)>0 {
3011+
iflen(gids)>0 {
30143012
eg.Go(func() (errerror) {
3015-
groupIDs=slice.Unique(groupIDs)
3013+
gids=slice.Unique(gids)
30163014

3017-
groupRows,err:=api.Database.GetGroups(ctx, database.GetGroupsParams{GroupIds:groupIDs})
3018-
iferr!=nil&&!httpapi.Is404Error(err) {
3015+
// For context see https://github.com/coder/coder/pull/19375
3016+
// nolint:gocritic
3017+
groupRows,err:=api.Database.GetGroups(dbauthz.AsSystemRestricted(ctx), database.GetGroupsParams{GroupIds:gids})
3018+
iferr!=nil&&!errors.Is(err,sql.ErrNoRows) {
30193019
returnxerrors.Errorf("get groups: %w",err)
30203020
}
30213021

3022-
groupData=make(map[uuid.UUID]database.Group,len(groupIDs))
3022+
groupData=make(map[uuid.UUID]database.Group,len(groupRows))
30233023
for_,groupRow:=rangegroupRows {
30243024
groupData[groupRow.Group.ID]=groupRow.Group
30253025
}
@@ -3030,5 +3030,5 @@ func findWorkspaceMembersAndGroups(
30303030
returnnil,nil,err
30313031
}
30323032

3033-
returnmemberData,groupData,nil
3033+
returnuserData,groupData,nil
30343034
}

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp