Movatterモバイル変換


[0]ホーム

URL:


Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

Sign up
Appearance settings

Commit2c25542

Browse files
committed
reverting RBAC changes; not relevant here
appeasing linterSigned-off-by: Danny Kopping <dannykopping@gmail.com>
1 parentb16d126 commit2c25542

File tree

2 files changed

+2
-30
lines changed

2 files changed

+2
-30
lines changed

‎coderd/database/dbauthz/dbauthz.go

Lines changed: 0 additions & 28 deletions
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,6 @@ import (
1818

1919
"cdr.dev/slog"
2020

21-
"github.com/coder/coder/v2/coderd/prebuilds"
2221
"github.com/coder/coder/v2/coderd/rbac/policy"
2322
"github.com/coder/coder/v2/coderd/rbac/rolestore"
2423

@@ -359,27 +358,6 @@ var (
359358
}),
360359
Scope:rbac.ScopeAll,
361360
}.WithCachedASTValue()
362-
363-
subjectPrebuildsOrchestrator= rbac.Subject{
364-
FriendlyName:"Prebuilds Orchestrator",
365-
ID:prebuilds.OwnerID.String(),
366-
Roles:rbac.Roles([]rbac.Role{
367-
{
368-
Identifier: rbac.RoleIdentifier{Name:"prebuilds-orchestrator"},
369-
DisplayName:"Coder",
370-
Site:rbac.Permissions(map[string][]policy.Action{
371-
// May use template, read template-related info, & insert template-related resources (preset prebuilds).
372-
rbac.ResourceTemplate.Type: {policy.ActionRead,policy.ActionUpdate,policy.ActionUse},
373-
// May CRUD workspaces, and start/stop them.
374-
rbac.ResourceWorkspace.Type: {
375-
policy.ActionCreate,policy.ActionDelete,policy.ActionRead,policy.ActionUpdate,
376-
policy.ActionWorkspaceStart,policy.ActionWorkspaceStop,
377-
},
378-
}),
379-
},
380-
}),
381-
Scope:rbac.ScopeAll,
382-
}.WithCachedASTValue()
383361
)
384362

385363
// AsProvisionerd returns a context with an actor that has permissions required
@@ -434,12 +412,6 @@ func AsSystemReadProvisionerDaemons(ctx context.Context) context.Context {
434412
returncontext.WithValue(ctx,authContextKey{},subjectSystemReadProvisionerDaemons)
435413
}
436414

437-
// AsPrebuildsOrchestrator returns a context with an actor that has permissions
438-
// to read orchestrator workspace prebuilds.
439-
funcAsPrebuildsOrchestrator(ctx context.Context) context.Context {
440-
returncontext.WithValue(ctx,authContextKey{},subjectPrebuildsOrchestrator)
441-
}
442-
443415
varAsRemoveActor= rbac.Subject{
444416
ID:"remove-actor",
445417
}

‎coderd/users_test.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2428,7 +2428,7 @@ func TestSystemUserBehaviour(t *testing.T) {
24282428
sqlDB:=testSQLDB(t)
24292429
err:=migrations.Up(sqlDB)// coderd/database/migrations/00030*_system_user.up.sql will create a system user.
24302430
require.NoError(t,err,"migrations")
2431-
2431+
24322432
db:=database.New(sqlDB)
24332433

24342434
// =================================================================================================================
@@ -2488,7 +2488,7 @@ func TestSystemUserBehaviour(t *testing.T) {
24882488

24892489
// When: attempting to update a user's roles.
24902490
_,err=db.UpdateUserRoles(ctx, database.UpdateUserRolesParams{
2491-
ID:systemUser.ID,
2491+
ID:systemUser.ID,
24922492
GrantedRoles: []string{rbac.RoleAuditor().String()},
24932493
})
24942494
// Then: the attempt is rejected by a postgres trigger.

0 commit comments

Comments
 (0)

[8]ページ先頭

©2009-2025 Movatter.jp