NotificationsYou must be signed in to change notification settings
Fork927
Star10.1k

Commit4035f9a

committed

fix: include suspended and dormant users in acl query

This fixes two issues:1. When you add a dormant/suspended user, you would not get any feedback in the UI because they were filtered out.2. They were also filtered out when we created the audit log, so although users were added there is no record of it.

1 parentb36d979 commit4035f9aCopy full SHA for 4035f9a

File tree

3 files changed

+44

-9

lines changed

coderd/database
- dbmem
  - dbmem.go
- modelqueries.go
enterprise/coderd
- templates_test.go

3 files changed

+44

-9

lines changed

`‎coderd/database/dbmem/dbmem.go`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -9884,7 +9884,7 @@ func (q *FakeQuerier) GetTemplateUserRoles(_ context.Context, id uuid.UUID) ([]d`
`9884`	`9884`	`continue`
`9885`	`9885`	`}`
`9886`	`9886`
`9887`		`-ifuser.Deleted\|\|user.Status==database.UserStatusSuspended{`
	`9887`	`+ifuser.Deleted {`
`9888`	`9888`	`continue`
`9889`	`9889`	`}`
`9890`	`9890`

`‎coderd/database/modelqueries.go`

Lines changed: 1 addition & 3 deletions

Original file line number	Diff line number	Diff line change
`@@ -165,9 +165,7 @@ func (q *sqlQuerier) GetTemplateUserRoles(ctx context.Context, id uuid.UUID) ([]`
`165`	`165`	`ON`
`166`	`166`	`users.id::text = perms.key`
`167`	`167`	`WHERE`
`168`		`-users.deleted = false`
`169`		`-AND`
`170`		`-users.status = 'active';`
	`168`	`+users.deleted = false;`
`171`	`169`	`
`172`	`170`
`173`	`171`	`vartus []TemplateUser`

`‎enterprise/coderd/templates_test.go`

Lines changed: 42 additions & 5 deletions

Original file line number	Diff line number	Diff line change
`@@ -846,21 +846,52 @@ func TestTemplateACL(t *testing.T) {`
`846`	`846`	`}})`
`847`	`847`	`anotherClient,_:=coderdtest.CreateAnotherUser(t,client,user.OrganizationID,rbac.RoleTemplateAdmin())`
`848`	`848`
	`849`	`+// Create an active user.`
`849`	`850`	`_,user2:=coderdtest.CreateAnotherUser(t,client,user.OrganizationID)`
`850`		`-_,user3:=coderdtest.CreateAnotherUser(t,client,user.OrganizationID)`
`851`		`-version:=coderdtest.CreateTemplateVersion(t,client,user.OrganizationID,nil)`
`852`		`-template:=coderdtest.CreateTemplate(t,client,user.OrganizationID,version.ID)`
`853`	`851`
	`852`	`+// Create a dormant user.`
`854`	`853`	`ctx:=testutil.Context(t,testutil.WaitLong)`
	`854`	`+user3,err:=client.CreateUserWithOrgs(ctx, codersdk.CreateUserRequestWithOrgs{`
	`855`	`+Email:"coder@coder.com",`
	`856`	`+Username:"coder",`
	`857`	`+Password:"SomeStrongPassword!",`
	`858`	`+OrganizationIDs: []uuid.UUID{user.OrganizationID},`
	`859`	`+})`
	`860`	`+require.NoError(t,err)`
	`861`	`+require.Equal(t,codersdk.UserStatusDormant,user3.Status)`
`855`	`862`
`856`		`-err:=anotherClient.UpdateTemplateACL(ctx,template.ID, codersdk.UpdateTemplateACL{`
	`863`	`+// Create a suspended user.`
	`864`	`+user4,err:=client.CreateUserWithOrgs(ctx, codersdk.CreateUserRequestWithOrgs{`
	`865`	`+Email:"coder2@coder.com",`
	`866`	`+Username:"coder2",`
	`867`	`+Password:"SomeStrongPassword!",`
	`868`	`+OrganizationIDs: []uuid.UUID{user.OrganizationID},`
	`869`	`+})`
	`870`	`+require.NoError(t,err)`
	`871`	`+`
	`872`	`+user4,err=client.UpdateUserStatus(ctx,user4.ID.String(),codersdk.UserStatusSuspended)`
	`873`	`+require.NoError(t,err)`
	`874`	`+require.Equal(t,codersdk.UserStatusSuspended,user4.Status)`
	`875`	`+`
	`876`	`+// Create a user to delete.`
	`877`	`+_,user5:=coderdtest.CreateAnotherUser(t,client,user.OrganizationID)`
	`878`	`+`
	`879`	`+version:=coderdtest.CreateTemplateVersion(t,client,user.OrganizationID,nil)`
	`880`	`+template:=coderdtest.CreateTemplate(t,client,user.OrganizationID,version.ID)`
	`881`	`+`
	`882`	`+err=anotherClient.UpdateTemplateACL(ctx,template.ID, codersdk.UpdateTemplateACL{`
`857`	`883`	`UserPerms:map[string]codersdk.TemplateRole{`
`858`	`884`	`user2.ID.String():codersdk.TemplateRoleUse,`
`859`	`885`	`user3.ID.String():codersdk.TemplateRoleAdmin,`
	`886`	`+user4.ID.String():codersdk.TemplateRoleUse,`
	`887`	`+user5.ID.String():codersdk.TemplateRoleUse,`
`860`	`888`	`},`
`861`	`889`	`})`
`862`	`890`	`require.NoError(t,err)`
`863`	`891`
	`892`	`+err=client.DeleteUser(ctx,user5.ID)`
	`893`	`+require.NoError(t,err)`
	`894`	`+`
`864`	`895`	`acl,err:=anotherClient.TemplateACL(ctx,template.ID)`
`865`	`896`	`require.NoError(t,err)`
`866`	`897`
`@@ -874,9 +905,15 @@ func TestTemplateACL(t *testing.T) {`
`874`	`905`	`Role:codersdk.TemplateRoleAdmin,`
`875`	`906`	`}`
`876`	`907`
`877`		`-require.Len(t,acl.Users,2)`
	`908`	`+templateUser4:= codersdk.TemplateUser{`
	`909`	`+User:user4,`
	`910`	`+Role:codersdk.TemplateRoleUse,`
	`911`	`+}`
	`912`	`+`
	`913`	`+require.Len(t,acl.Users,3)`
`878`	`914`	`require.Contains(t,acl.Users,templateUser2)`
`879`	`915`	`require.Contains(t,acl.Users,templateUser3)`
	`916`	`+require.Contains(t,acl.Users,templateUser4)`
`880`	`917`	`})`
`881`	`918`
`882`	`919`	`t.Run("everyoneGroup",func(t*testing.T) {`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit4035f9a

File tree

3 files changed

3 files changed

`‎coderd/database/dbmem/dbmem.go`

`‎coderd/database/modelqueries.go`

`‎enterprise/coderd/templates_test.go`

0 commit comments