NotificationsYou must be signed in to change notification settings
Fork1k
Star11.2k

Commit3c44caa

committed

Add codersdk roles

1 parent7c12696 commit3c44caaCopy full SHA for 3c44caa

File tree

6 files changed

+49

-38

lines changed

6 files changed

+49

-38

lines changed

`‎cli/server_createadminuser_test.go‎`

Lines changed: 2 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -17,6 +17,7 @@ import (`
`17`	`17`	`"github.com/coder/coder/v2/coderd/database/dbtime"`
`18`	`18`	`"github.com/coder/coder/v2/coderd/rbac"`
`19`	`19`	`"github.com/coder/coder/v2/coderd/userpassword"`
	`20`	`+"github.com/coder/coder/v2/codersdk"`
`20`	`21`	`"github.com/coder/coder/v2/pty/ptytest"`
`21`	`22`	`"github.com/coder/coder/v2/testutil"`
`22`	`23`	`)`
`@@ -56,7 +57,7 @@ func TestServerCreateAdminUser(t *testing.T) {`
`56`	`57`	`require.NoError(t,err)`
`57`	`58`	`require.True(t,ok,"password does not match")`
`58`	`59`
`59`		`-require.EqualValues(t, []string{rbac.RoleOwner().String()},user.RBACRoles,"user does not have owner role")`
	`60`	`+require.EqualValues(t, []string{codersdk.RoleOwner},user.RBACRoles,"user does not have owner role")`
`60`	`61`
`61`	`62`	`// Check that user is admin in every org.`
`62`	`63`	`orgs,err:=db.GetOrganizations(ctx)`

`‎coderd/httpmw/authorize_test.go‎`

Lines changed: 18 additions & 19 deletions

Original file line number	Diff line number	Diff line change
`@@ -27,27 +27,26 @@ func TestExtractUserRoles(t *testing.T) {`
`27`	`27`	`t.Parallel()`
`28`	`28`	`testCases:= []struct {`
`29`	`29`	`Namestring`
`30`		`-AddUserfunc(db database.Store) (database.User, []string,string)`
	`30`	`+AddUserfunc(db database.Store) (database.User, []rbac.RoleName,string)`
`31`	`31`	`}{`
`32`	`32`	`{`
`33`	`33`	`Name:"Member",`
`34`		`-AddUser:func(db database.Store) (database.User, []string,string) {`
`35`		`-roles:= []string{}`
`36`		`-user,token:=addUser(t,db,roles...)`
`37`		`-returnuser,append(roles,rbac.RoleMember()),token`
	`34`	`+AddUser:func(db database.Store) (database.User, []rbac.RoleName,string) {`
	`35`	`+user,token:=addUser(t,db)`
	`36`	`+returnuser, []rbac.RoleName{rbac.RoleMember()},token`
`38`	`37`	`},`
`39`	`38`	`},`
`40`	`39`	`{`
`41`		`-Name:"Admin",`
`42`		`-AddUser:func(db database.Store) (database.User, []string,string) {`
`43`		`-roles:= []string{rbac.RoleOwner()}`
	`40`	`+Name:"Owner",`
	`41`	`+AddUser:func(db database.Store) (database.User, []rbac.RoleName,string) {`
	`42`	`+roles:= []string{codersdk.RoleOwner}`
`44`	`43`	`user,token:=addUser(t,db,roles...)`
`45`		`-returnuser,append(roles,rbac.RoleMember()),token`
	`44`	`+returnuser,[]rbac.RoleName{rbac.RoleOwner(),rbac.RoleMember()},token`
`46`	`45`	`},`
`47`	`46`	`},`
`48`	`47`	`{`
`49`	`48`	`Name:"OrgMember",`
`50`		`-AddUser:func(db database.Store) (database.User, []string,string) {`
	`49`	`+AddUser:func(db database.Store) (database.User, []rbac.RoleName,string) {`
`51`	`50`	`roles:= []string{}`
`52`	`51`	`user,token:=addUser(t,db,roles...)`
`53`	`52`	`org,err:=db.InsertOrganization(context.Background(), database.InsertOrganizationParams{`
`@@ -68,15 +67,15 @@ func TestExtractUserRoles(t *testing.T) {`
`68`	`67`	`Roles:orgRoles,`
`69`	`68`	`})`
`70`	`69`	`require.NoError(t,err)`
`71`		`-returnuser,append(roles,append(orgRoles,rbac.RoleMember(),rbac.ScopedRoleOrgMember(org.ID))...),token`
	`70`	`+returnuser,[]rbac.RoleName{rbac.RoleMember(),rbac.ScopedRoleOrgMember(org.ID)},token`
`72`	`71`	`},`
`73`	`72`	`},`
`74`	`73`	`{`
`75`	`74`	`Name:"MultipleOrgMember",`
`76`		`-AddUser:func(db database.Store) (database.User, []string,string) {`
`77`		`-roles:= []string{}`
`78`		`-user,token:=addUser(t,db,roles...)`
`79`		`-roles=append(roles,rbac.RoleMember())`
	`75`	`+AddUser:func(db database.Store) (database.User, []rbac.RoleName,string) {`
	`76`	`+expected:= []rbac.RoleName{}`
	`77`	`+user,token:=addUser(t,db)`
	`78`	`+expected=append(expected,rbac.RoleMember())`
`80`	`79`	`fori:=0;i<3;i++ {`
`81`	`80`	`organization,err:=db.InsertOrganization(context.Background(), database.InsertOrganizationParams{`
`82`	`81`	`ID:uuid.New(),`
`@@ -89,8 +88,8 @@ func TestExtractUserRoles(t *testing.T) {`
`89`	`88`
`90`	`89`	`orgRoles:= []string{}`
`91`	`90`	`ifi%2==0 {`
`92`		`-orgRoles=append(orgRoles,rbac.RoleOrgAdmin())`
`93`		`-roles=append(roles,rbac.ScopedRoleOrgAdmin(organization.ID))`
	`91`	`+orgRoles=append(orgRoles,codersdk.RoleOrganizationAdmin)`
	`92`	`+expected=append(expected,rbac.ScopedRoleOrgAdmin(organization.ID))`
`94`	`93`	`}`
`95`	`94`	`_,err=db.InsertOrganizationMember(context.Background(), database.InsertOrganizationMemberParams{`
`96`	`95`	`OrganizationID:organization.ID,`
`@@ -100,9 +99,9 @@ func TestExtractUserRoles(t *testing.T) {`
`100`	`99`	`Roles:orgRoles,`
`101`	`100`	`})`
`102`	`101`	`require.NoError(t,err)`
`103`		`-roles=append(roles,rbac.ScopedRoleOrgMember(organization.ID))`
	`102`	`+expected=append(expected,rbac.ScopedRoleOrgMember(organization.ID))`
`104`	`103`	`}`
`105`		`-returnuser,roles,token`
	`104`	`+returnuser,expected,token`
`106`	`105`	`},`
`107`	`106`	`},`
`108`	`107`	`}`

`‎coderd/httpmw/organizationparam_test.go‎`

Lines changed: 2 additions & 3 deletions

Original file line number	Diff line number	Diff line change
`@@ -16,7 +16,6 @@ import (`
`16`	`16`	`"github.com/coder/coder/v2/coderd/database/dbmem"`
`17`	`17`	`"github.com/coder/coder/v2/coderd/database/dbtime"`
`18`	`18`	`"github.com/coder/coder/v2/coderd/httpmw"`
`19`		`-"github.com/coder/coder/v2/coderd/rbac"`
`20`	`19`	`"github.com/coder/coder/v2/codersdk"`
`21`	`20`	`"github.com/coder/coder/v2/testutil"`
`22`	`21`	`)`
`@@ -152,11 +151,11 @@ func TestOrganizationParam(t *testing.T) {`
`152`	`151`	`_=dbgen.OrganizationMember(t,db, database.OrganizationMember{`
`153`	`152`	`OrganizationID:organization.ID,`
`154`	`153`	`UserID:user.ID,`
`155`		`-Roles: []string{rbac.ScopedRoleOrgMember(organization.ID)},`
	`154`	`+Roles: []string{codersdk.RoleOrganizationMember},`
`156`	`155`	`})`
`157`	`156`	`_,err:=db.UpdateUserRoles(ctx, database.UpdateUserRolesParams{`
`158`	`157`	`ID:user.ID,`
`159`		`-GrantedRoles: []string{rbac.RoleTemplateAdmin()},`
	`158`	`+GrantedRoles: []string{codersdk.RoleTemplateAdmin},`
`160`	`159`	`})`
`161`	`160`	`require.NoError(t,err)`
`162`	`161`

`‎coderd/httpmw/ratelimit_test.go‎`

Lines changed: 1 addition & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -16,7 +16,6 @@ import (`
`16`	`16`	`"github.com/coder/coder/v2/coderd/database/dbgen"`
`17`	`17`	`"github.com/coder/coder/v2/coderd/database/dbmem"`
`18`	`18`	`"github.com/coder/coder/v2/coderd/httpmw"`
`19`		`-"github.com/coder/coder/v2/coderd/rbac"`
`20`	`19`	`"github.com/coder/coder/v2/codersdk"`
`21`	`20`	`)`
`22`	`21`
`@@ -117,7 +116,7 @@ func TestRateLimit(t *testing.T) {`
`117`	`116`	`db:=dbmem.New()`
`118`	`117`
`119`	`118`	`u:=dbgen.User(t,db, database.User{`
`120`		`-RBACRoles: []string{rbac.RoleOwner()},`
	`119`	`+RBACRoles: []string{codersdk.RoleOwner},`
`121`	`120`	`})`
`122`	`121`	`_,key:=dbgen.APIKey(t,db, database.APIKey{UserID:u.ID})`
`123`	`122`

`‎coderd/users_test.go‎`

Lines changed: 13 additions & 13 deletions

Original file line number	Diff line number	Diff line change
`@@ -994,7 +994,7 @@ func TestGrantSiteRoles(t *testing.T) {`
`994`	`994`	`Name:"UserNotExists",`
`995`	`995`	`Client:admin,`
`996`	`996`	`AssignToUser:uuid.NewString(),`
`997`		`-Roles: []string{rbac.RoleOwner()},`
	`997`	`+Roles: []string{codersdk.RoleOwner},`
`998`	`998`	`Error:true,`
`999`	`999`	`StatusCode:http.StatusBadRequest,`
`1000`	`1000`	`},`
`@@ -1020,7 +1020,7 @@ func TestGrantSiteRoles(t *testing.T) {`
`1020`	`1020`	`Client:admin,`
`1021`	`1021`	`OrgID:first.OrganizationID,`
`1022`	`1022`	`AssignToUser:codersdk.Me,`
`1023`		`-Roles: []string{rbac.RoleOwner()},`
	`1023`	`+Roles: []string{codersdk.RoleOwner},`
`1024`	`1024`	`Error:true,`
`1025`	`1025`	`StatusCode:http.StatusBadRequest,`
`1026`	`1026`	`},`
`@@ -1057,9 +1057,9 @@ func TestGrantSiteRoles(t *testing.T) {`
`1057`	`1057`	`Name:"UserAdminMakeMember",`
`1058`	`1058`	`Client:userAdmin,`
`1059`	`1059`	`AssignToUser:newUser,`
`1060`		`-Roles: []string{rbac.RoleMember()},`
	`1060`	`+Roles: []string{codersdk.RoleMember},`
`1061`	`1061`	`ExpectedRoles: []string{`
`1062`		`-rbac.RoleMember(),`
	`1062`	`+codersdk.RoleMember,`
`1063`	`1063`	`},`
`1064`	`1064`	`Error:false,`
`1065`	`1065`	`},`
`@@ -1124,7 +1124,7 @@ func TestInitialRoles(t *testing.T) {`
`1124`	`1124`	`roles,err:=client.UserRoles(ctx,codersdk.Me)`
`1125`	`1125`	`require.NoError(t,err)`
`1126`	`1126`	`require.ElementsMatch(t,roles.Roles, []string{`
`1127`		`-rbac.RoleOwner(),`
	`1127`	`+codersdk.RoleOwner,`
`1128`	`1128`	`},"should be a member and admin")`
`1129`	`1129`
`1130`	`1130`	`require.ElementsMatch(t,roles.OrganizationRoles[first.OrganizationID], []string{},"should be a member")`
`@@ -1289,12 +1289,12 @@ func TestUsersFilter(t *testing.T) {`
`1289`	`1289`	`users:=make([]codersdk.User,0)`
`1290`	`1290`	`users=append(users,firstUser)`
`1291`	`1291`	`fori:=0;i<15;i++ {`
`1292`		`-roles:= []string{}`
	`1292`	`+roles:= []rbac.RoleName{}`
`1293`	`1293`	`ifi%2==0 {`
`1294`	`1294`	`roles=append(roles,rbac.RoleTemplateAdmin(),rbac.RoleUserAdmin())`
`1295`	`1295`	`}`
`1296`	`1296`	`ifi%3==0 {`
`1297`		`-roles=append(roles,"auditor")`
	`1297`	`+roles=append(roles,rbac.RoleAuditor())`
`1298`	`1298`	`}`
`1299`	`1299`	`userClient,userData:=coderdtest.CreateAnotherUser(t,client,first.OrganizationID,roles...)`
`1300`	`1300`	`// Set the last seen for each user to a unique day`
`@@ -1379,12 +1379,12 @@ func TestUsersFilter(t *testing.T) {`
`1379`	`1379`	`{`
`1380`	`1380`	`Name:"Admins",`
`1381`	`1381`	`Filter: codersdk.UsersRequest{`
`1382`		`-Role:rbac.RoleOwner(),`
	`1382`	`+Role:codersdk.RoleOwner,`
`1383`	`1383`	`Status:codersdk.UserStatusSuspended+","+codersdk.UserStatusActive,`
`1384`	`1384`	`},`
`1385`	`1385`	`FilterF:func(_ codersdk.UsersRequest,u codersdk.User)bool {`
`1386`	`1386`	`for_,r:=rangeu.Roles {`
`1387`		`-ifr.Name==rbac.RoleOwner() {`
	`1387`	`+ifr.Name==codersdk.RoleOwner {`
`1388`	`1388`	`returntrue`
`1389`	`1389`	`}`
`1390`	`1390`	`}`
`@@ -1399,7 +1399,7 @@ func TestUsersFilter(t *testing.T) {`
`1399`	`1399`	`},`
`1400`	`1400`	`FilterF:func(_ codersdk.UsersRequest,u codersdk.User)bool {`
`1401`	`1401`	`for_,r:=rangeu.Roles {`
`1402`		`-ifr.Name==rbac.RoleOwner() {`
	`1402`	`+ifr.Name==codersdk.RoleOwner {`
`1403`	`1403`	`returntrue`
`1404`	`1404`	`}`
`1405`	`1405`	`}`
`@@ -1409,7 +1409,7 @@ func TestUsersFilter(t *testing.T) {`
`1409`	`1409`	`{`
`1410`	`1410`	`Name:"Members",`
`1411`	`1411`	`Filter: codersdk.UsersRequest{`
`1412`		`-Role:rbac.RoleMember(),`
	`1412`	`+Role:codersdk.RoleMember,`
`1413`	`1413`	`Status:codersdk.UserStatusSuspended+","+codersdk.UserStatusActive,`
`1414`	`1414`	`},`
`1415`	`1415`	`FilterF:func(_ codersdk.UsersRequest,u codersdk.User)bool {`
`@@ -1423,7 +1423,7 @@ func TestUsersFilter(t *testing.T) {`
`1423`	`1423`	`},`
`1424`	`1424`	`FilterF:func(_ codersdk.UsersRequest,u codersdk.User)bool {`
`1425`	`1425`	`for_,r:=rangeu.Roles {`
`1426`		`-ifr.Name==rbac.RoleOwner() {`
	`1426`	`+ifr.Name==codersdk.RoleOwner {`
`1427`	`1427`	`return (strings.ContainsAny(u.Username,"iI")\|\|strings.ContainsAny(u.Email,"iI"))&&`
`1428`	`1428`	`u.Status==codersdk.UserStatusActive`
`1429`	`1429`	`}`
`@@ -1438,7 +1438,7 @@ func TestUsersFilter(t *testing.T) {`
`1438`	`1438`	`},`
`1439`	`1439`	`FilterF:func(_ codersdk.UsersRequest,u codersdk.User)bool {`
`1440`	`1440`	`for_,r:=rangeu.Roles {`
`1441`		`-ifr.Name==rbac.RoleOwner() {`
	`1441`	`+ifr.Name==codersdk.RoleOwner {`
`1442`	`1442`	`return (strings.ContainsAny(u.Username,"iI")\|\|strings.ContainsAny(u.Email,"iI"))&&`
`1443`	`1443`	`u.Status==codersdk.UserStatusActive`
`1444`	`1444`	`}`

`‎codersdk/rbacroles.go‎`

Lines changed: 13 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,13 @@`
	`1`	`+package codersdk`
	`2`	`+`
	`3`	`+// Ideally this roles would be generated from the rbac/roles.go package.`
	`4`	`+const (`
	`5`	`+RoleOwnerstring="owner"`
	`6`	`+RoleMemberstring="member"`
	`7`	`+RoleTemplateAdminstring="template-admin"`
	`8`	`+RoleUserAdminstring="user-admin"`
	`9`	`+RoleAuditorstring="auditor"`
	`10`	`+`
	`11`	`+RoleOrganizationAdminstring="organization-admin"`
	`12`	`+RoleOrganizationMemberstring="organization-member"`
	`13`	`+)`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit3c44caa

File tree

6 files changed

6 files changed

`‎cli/server_createadminuser_test.go‎`

`‎coderd/httpmw/authorize_test.go‎`

`‎coderd/httpmw/organizationparam_test.go‎`

`‎coderd/httpmw/ratelimit_test.go‎`

`‎coderd/users_test.go‎`

`‎codersdk/rbacroles.go‎`

0 commit comments