NotificationsYou must be signed in to change notification settings
Fork928
Star10.1k

Commit4e6b43f

committed

Merge branch 'cj/dbauthz' into authzquerier_layer

2 parentsd4e1124 +ad6ad36 commit4e6b43fCopy full SHA for 4e6b43f

File tree

47 files changed

+94

-98

lines changed

coderd
- autobuild/executor
  - lifecycle_executor.go
- coderd.go
- coderdtest
  - coderdtest.go
- database/dbauthz
- httpmw
- metricscache
  - metricscache.go
- provisionerdserver
  - provisionerdserver.go
- provisionerjobs.go
- userauth.go
- users.go
- workspaceapps.go
- workspaceresourceauth.go
enterprise/coderd
- coderd_test.go
provisionerd
- provisionerd.go

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

47 files changed

+94

-98

lines changed

`‎coderd/autobuild/executor/lifecycle_executor.go`

Lines changed: 2 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -10,9 +10,9 @@ import (`
`10`	`10`	`"golang.org/x/xerrors"`
`11`	`11`
`12`	`12`	`"cdr.dev/slog"`
`13`		`-"github.com/coder/coder/coderd/authzquery"`
`14`	`13`	`"github.com/coder/coder/coderd/autobuild/schedule"`
`15`	`14`	`"github.com/coder/coder/coderd/database"`
	`15`	`+"github.com/coder/coder/coderd/database/dbauthz"`
`16`	`16`	`"github.com/coder/coder/coderd/rbac"`
`17`	`17`	`)`
`18`	`18`
`@@ -36,7 +36,7 @@ type Stats struct {`
`36`	`36`	`funcNew(ctx context.Context,db database.Store,log slog.Logger,tick<-chan time.Time)*Executor {`
`37`	`37`	`le:=&Executor{`
`38`	`38`	`// Use an authorized context with an autostart system actor.`
`39`		`-ctx:authzquery.WithAuthorizeSystemContext(ctx,rbac.RolesAutostartSystem()),`
	`39`	`+ctx:dbauthz.WithAuthorizeSystemContext(ctx,rbac.RolesAutostartSystem()),`
`40`	`40`	`db:db,`
`41`	`41`	`tick:tick,`
`42`	`42`	`log:log,`

`‎coderd/coderd.go`

Lines changed: 5 additions & 5 deletions

Original file line number	Diff line number	Diff line change
`@@ -36,13 +36,13 @@ import (`
`36`	`36`
`37`	`37`	`"cdr.dev/slog"`
`38`	`38`	`"github.com/coder/coder/buildinfo"`
`39`		`-"github.com/coder/coder/coderd/authzquery"`
`40`	`39`
`41`	`40`	`// Used to serve the Swagger endpoint`
`42`	`41`	`_"github.com/coder/coder/coderd/apidoc"`
`43`	`42`	`"github.com/coder/coder/coderd/audit"`
`44`	`43`	`"github.com/coder/coder/coderd/awsidentity"`
`45`	`44`	`"github.com/coder/coder/coderd/database"`
	`45`	`+"github.com/coder/coder/coderd/database/dbauthz"`
`46`	`46`	`"github.com/coder/coder/coderd/database/dbtype"`
`47`	`47`	`"github.com/coder/coder/coderd/gitauth"`
`48`	`48`	`"github.com/coder/coder/coderd/gitsshkey"`
`@@ -159,8 +159,8 @@ func New(options Options) API {`
`159`	`159`	`experiments:=initExperiments(options.Logger,options.DeploymentConfig.Experiments.Value,options.DeploymentConfig.Experimental.Value)`
`160`	`160`	`// TODO: remove this once we promote authz_querier out of experiments.`
`161`	`161`	`ifexperiments.Enabled(codersdk.ExperimentAuthzQuerier) {`
`162`		`-if_,ok:= (options.Database).(*authzquery.AuthzQuerier);!ok {`
`163`		`-options.Database=authzquery.New(`
	`162`	`+if_,ok:= (options.Database).(*dbauthz.AuthzQuerier);!ok {`
	`163`	`+options.Database=dbauthz.New(`
`164`	`164`	`options.Database,`
`165`	`165`	`options.Authorizer,`
`166`	`166`	`options.Logger.Named("authz_query"),`
`@@ -209,8 +209,8 @@ func New(options Options) API {`
`209`	`209`	`}`
`210`	`210`	`// TODO: remove this once we promote authz_querier out of experiments.`
`211`	`211`	`ifexperiments.Enabled(codersdk.ExperimentAuthzQuerier) {`
`212`		`-if_,ok:= (options.Database).(*authzquery.AuthzQuerier);!ok {`
`213`		`-options.Database=authzquery.New(options.Database,options.Authorizer,options.Logger.Named("authz_querier"))`
	`212`	`+if_,ok:= (options.Database).(*dbauthz.AuthzQuerier);!ok {`
	`213`	`+options.Database=dbauthz.New(options.Database,options.Authorizer,options.Logger.Named("authz_querier"))`
`214`	`214`	`}`
`215`	`215`	`}`
`216`	`216`	`ifoptions.SetUserGroups==nil {`