NotificationsYou must be signed in to change notification settings
Fork928
Star10.1k

Commit36efcef

authored

Merge branch 'main' into margins/presleyp/978

2 parents8f55513 +021e4cd commit36efcefCopy full SHA for 36efcef

File tree

41 files changed

+1419

-361

lines changed

coderd
- audit
  - table.go
- coderd.go
- database
  - databasefake
    - databasefake.go
  - dump.sql
  - migrations
    - 000008_rbac_roles.down.sql
    - 000008_rbac_roles.up.sql
  - models.go
  - querier.go
  - queries
    - organizationmembers.sql
    - users.sql
  - queries.sql.go
  - sqlc.yaml
- httpmw
  - userparam.go
  - userparam_test.go
- members.go
- rbac
- users.go
- users_test.go
codersdk
- organizationmember.go
- users.go
peer
- conn.go
site
- htmlTemplates
  - index.html
- package.json
- src
  - api
  - pages/UsersPage
  - testHelpers
    - entities.ts
    - handlers.ts
  - xServices/users
    - usersXService.ts
- yarn.lock

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

41 files changed

+1419

-361

lines changed

`‎coderd/audit/table.go`

Lines changed: 1 addition & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -42,6 +42,7 @@ var AuditableResources = auditMap(map[any]map[string]Action{`
`42`	`42`	`"created_at":ActionIgnore,// Never changes.`
`43`	`43`	`"updated_at":ActionIgnore,// Changes, but is implicit and not helpful in a diff.`
`44`	`44`	`"status":ActionTrack,// A user can update another user status`
	`45`	`+"rbac_roles":ActionTrack,// A user's roles are mutable`
`45`	`46`	`},`
`46`	`47`	`&database.Workspace{}: {`
`47`	`48`	`"id":ActionIgnore,// Never changes.`

`‎coderd/coderd.go`

Lines changed: 12 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -120,6 +120,14 @@ func New(options *Options) (http.Handler, func()) {`
`120`	`120`	`r.Get("/",api.workspacesByOwner)`
`121`	`121`	`})`
`122`	`122`	`})`
	`123`	`+r.Route("/members",func(r chi.Router) {`
	`124`	`+r.Route("/{user}",func(r chi.Router) {`
	`125`	`+r.Use(`
	`126`	`+httpmw.ExtractUserParam(options.Database),`
	`127`	`+)`
	`128`	`+r.Put("/roles",api.putMemberRoles)`
	`129`	`+})`
	`130`	`+})`
`123`	`131`	`})`
`124`	`132`	`r.Route("/parameters/{scope}/{id}",func(r chi.Router) {`
`125`	`133`	`r.Use(apiKeyMiddleware)`
`@@ -183,6 +191,10 @@ func New(options *Options) (http.Handler, func()) {`
`183`	`191`	`r.Get("/",api.userByName)`
`184`	`192`	`r.Put("/profile",api.putUserProfile)`
`185`	`193`	`r.Put("/suspend",api.putUserSuspend)`
	`194`	`+// TODO: @emyrk Might want to move these to a /roles group instead of /user.`
	`195`	`+//As we include more roles like org roles, it makes less sense to scope these here.`
	`196`	`+r.Put("/roles",api.putUserRoles)`
	`197`	`+r.Get("/roles",api.userRoles)`
`186`	`198`	`r.Get("/organizations",api.organizationsByUser)`
`187`	`199`	`r.Post("/organizations",api.postOrganizationsByUser)`
`188`	`200`	`r.Post("/keys",api.postAPIKey)`

`‎coderd/database/databasefake/databasefake.go`

Lines changed: 79 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -212,6 +212,16 @@ func (q *fakeQuerier) GetUsers(_ context.Context, params database.GetUsersParams`
`212`	`212`	`users=tmp`
`213`	`213`	`}`
`214`	`214`
	`215`	`+ifparams.Status!="" {`
	`216`	`+usersFilteredByStatus:=make([]database.User,0,len(users))`
	`217`	`+fori,user:=rangeusers {`
	`218`	`+ifparams.Status==string(user.Status) {`
	`219`	`+usersFilteredByStatus=append(usersFilteredByStatus,users[i])`
	`220`	`+}`
	`221`	`+}`
	`222`	`+users=usersFilteredByStatus`
	`223`	`+}`
	`224`	`+`
`215`	`225`	`ifparams.OffsetOpt>0 {`
`216`	`226`	`ifint(params.OffsetOpt)>len(users)-1 {`
`217`	`227`	`return []database.User{},nil`
`@@ -225,6 +235,7 @@ func (q *fakeQuerier) GetUsers(_ context.Context, params database.GetUsersParams`
`225`	`235`	`}`
`226`	`236`	`users=users[:params.LimitOpt]`
`227`	`237`	`}`
	`238`	`+`
`228`	`239`	`tmp:=make([]database.User,len(users))`
`229`	`240`	`copy(tmp,users)`
`230`	`241`
`@@ -732,6 +743,43 @@ func (q *fakeQuerier) GetOrganizationIDsByMemberIDs(_ context.Context, ids []uui`
`732`	`743`	`returngetOrganizationIDsByMemberIDRows,nil`
`733`	`744`	`}`
`734`	`745`
	`746`	`+func (q*fakeQuerier)GetOrganizationMembershipsByUserID(_ context.Context,userID uuid.UUID) ([]database.OrganizationMember,error) {`
	`747`	`+q.mutex.RLock()`
	`748`	`+deferq.mutex.RUnlock()`
	`749`	`+`
	`750`	`+varmemberships []database.OrganizationMember`
	`751`	`+for_,organizationMember:=rangeq.organizationMembers {`
	`752`	`+mem:=organizationMember`
	`753`	`+ifmem.UserID!=userID {`
	`754`	`+continue`
	`755`	`+}`
	`756`	`+memberships=append(memberships,mem)`
	`757`	`+}`
	`758`	`+returnmemberships,nil`
	`759`	`+}`
	`760`	`+`
	`761`	`+func (q*fakeQuerier)UpdateMemberRoles(_ context.Context,arg database.UpdateMemberRolesParams) (database.OrganizationMember,error) {`
	`762`	`+fori,mem:=rangeq.organizationMembers {`
	`763`	`+ifmem.UserID==arg.UserID&&mem.OrganizationID==arg.OrgID {`
	`764`	`+uniqueRoles:=make([]string,0,len(arg.GrantedRoles))`
	`765`	`+exist:=make(map[string]struct{})`
	`766`	`+for_,r:=rangearg.GrantedRoles {`
	`767`	`+if_,ok:=exist[r];ok {`
	`768`	`+continue`
	`769`	`+}`
	`770`	`+exist[r]=struct{}{}`
	`771`	`+uniqueRoles=append(uniqueRoles,r)`
	`772`	`+}`
	`773`	`+sort.Strings(uniqueRoles)`
	`774`	`+`
	`775`	`+mem.Roles=uniqueRoles`
	`776`	`+q.organizationMembers[i]=mem`
	`777`	`+returnmem,nil`
	`778`	`+}`
	`779`	`+}`
	`780`	`+return database.OrganizationMember{},sql.ErrNoRows`
	`781`	`+}`
	`782`	`+`
`735`	`783`	`func (q*fakeQuerier)GetProvisionerDaemons(_ context.Context) ([]database.ProvisionerDaemon,error) {`
`736`	`784`	`q.mutex.RLock()`
`737`	`785`	`deferq.mutex.RUnlock()`
`@@ -1162,11 +1210,42 @@ func (q *fakeQuerier) InsertUser(_ context.Context, arg database.InsertUserParam`
`1162`	`1210`	`UpdatedAt:arg.UpdatedAt,`
`1163`	`1211`	`Username:arg.Username,`
`1164`	`1212`	`Status:database.UserStatusActive,`
	`1213`	`+RBACRoles:arg.RBACRoles,`
`1165`	`1214`	`}`
`1166`	`1215`	`q.users=append(q.users,user)`
`1167`	`1216`	`returnuser,nil`
`1168`	`1217`	`}`
`1169`	`1218`
	`1219`	`+func (q*fakeQuerier)UpdateUserRoles(_ context.Context,arg database.UpdateUserRolesParams) (database.User,error) {`
	`1220`	`+q.mutex.Lock()`
	`1221`	`+deferq.mutex.Unlock()`
	`1222`	`+`
	`1223`	`+forindex,user:=rangeq.users {`
	`1224`	`+ifuser.ID!=arg.ID {`
	`1225`	`+continue`
	`1226`	`+}`
	`1227`	`+`
	`1228`	`+// Set new roles`
	`1229`	`+user.RBACRoles=arg.GrantedRoles`
	`1230`	`+// Remove duplicates and sort`
	`1231`	`+uniqueRoles:=make([]string,0,len(user.RBACRoles))`
	`1232`	`+exist:=make(map[string]struct{})`
	`1233`	`+for_,r:=rangeuser.RBACRoles {`
	`1234`	`+if_,ok:=exist[r];ok {`
	`1235`	`+continue`
	`1236`	`+}`
	`1237`	`+exist[r]=struct{}{}`
	`1238`	`+uniqueRoles=append(uniqueRoles,r)`
	`1239`	`+}`
	`1240`	`+sort.Strings(uniqueRoles)`
	`1241`	`+user.RBACRoles=uniqueRoles`
	`1242`	`+`
	`1243`	`+q.users[index]=user`
	`1244`	`+returnuser,nil`
	`1245`	`+}`
	`1246`	`+return database.User{},sql.ErrNoRows`
	`1247`	`+}`
	`1248`	`+`
`1170`	`1249`	`func (q*fakeQuerier)UpdateUserProfile(_ context.Context,arg database.UpdateUserProfileParams) (database.User,error) {`
`1171`	`1250`	`q.mutex.Lock()`
`1172`	`1251`	`deferq.mutex.Unlock()`

`‎coderd/database/dump.sql`

Lines changed: 2 additions & 1 deletion

Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

`‎coderd/database/migrations/000008_rbac_roles.down.sql`

Lines changed: 2 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+ALTERTABLE ONLY users`
	`2`	`+DROP COLUMN IF EXISTS rbac_roles;`

`‎coderd/database/migrations/000008_rbac_roles.up.sql`

Lines changed: 18 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,18 @@`
	`1`	`+ALTERTABLE ONLY users`
	`2`	`+ADD COLUMN IF NOT EXISTS rbac_rolestext[] DEFAULT'{}'NOT NULL;`
	`3`	`+`
	`4`	`+-- All users are site members. So give them the standard role.`
	`5`	`+-- Also give them membership to the first org we retrieve. We should only have`
	`6`	`+-- 1 organization at this point in the product.`
	`7`	`+UPDATE`
	`8`	`+ users`
	`9`	`+SET`
	`10`	`+ rbac_roles= ARRAY ['member','organization-member:'\|\| (SELECT idFROM organizationsLIMIT1)];`
	`11`	`+`
	`12`	`+-- Give the first user created the admin role`
	`13`	`+UPDATE`
	`14`	`+users`
	`15`	`+SET`
	`16`	`+rbac_roles= rbac_roles\|\| ARRAY ['admin']`
	`17`	`+WHERE`
	`18`	`+id= (SELECT idFROM usersORDER BY created_atASCLIMIT1)`

`‎coderd/database/models.go`

Lines changed: 1 addition & 0 deletions

Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

`‎coderd/database/querier.go`

Lines changed: 3 additions & 0 deletions

Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit36efcef

File tree

41 files changed

Some content is hidden

41 files changed

`‎coderd/audit/table.go`

`‎coderd/coderd.go`

`‎coderd/database/databasefake/databasefake.go`

`‎coderd/database/dump.sql`

`‎coderd/database/migrations/000008_rbac_roles.down.sql`

`‎coderd/database/migrations/000008_rbac_roles.up.sql`

`‎coderd/database/models.go`

`‎coderd/database/querier.go`

0 commit comments