Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit163631e

Browse files
authored
chore: use system context for fetching template information (#15205)
The authz check is Update() on the original template. This is not ideal,but it follows the existing behavior. We are implicitly granting thisread access since template admins need to be able to see whatusers/groups exist to assign.
1 parentfed70bd commit163631e

File tree

2 files changed

+7
-1
lines changed

2 files changed

+7
-1
lines changed

‎enterprise/coderd/templates.go‎

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -66,7 +66,9 @@ func (api *API) templateAvailablePermissions(rw http.ResponseWriter, r *http.Req
6666
httpapi.InternalServerError(rw,err)
6767
return
6868
}
69-
memberCount,err:=api.Database.GetGroupMembersCountByGroupID(ctx,group.Group.ID)
69+
70+
// nolint:gocritic
71+
memberCount,err:=api.Database.GetGroupMembersCountByGroupID(dbauthz.AsSystemRestricted(ctx),group.Group.ID)
7072
iferr!=nil {
7173
httpapi.InternalServerError(rw,err)
7274
return

‎enterprise/coderd/templates_test.go‎

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1494,6 +1494,10 @@ func TestUpdateTemplateACL(t *testing.T) {
14941494
},
14951495
}
14961496

1497+
// Group adds complexity to the /available endpoint
1498+
// Intentionally omit user2
1499+
coderdtest.CreateGroup(t,client,user.OrganizationID,"some-group",user3)
1500+
14971501
ctx:=testutil.Context(t,testutil.WaitLong)
14981502

14991503
err:=client1.UpdateTemplateACL(ctx,template.ID,req)

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp