Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commita043f92

Browse files
committed
fix: role permissions tests
1 parent2ba15c5 commita043f92

File tree

2 files changed

+44
-35
lines changed

2 files changed

+44
-35
lines changed

‎coderd/database/dbauthz/dbauthz.go

Lines changed: 35 additions & 35 deletions
Original file line numberDiff line numberDiff line change
@@ -530,9 +530,9 @@ func As(ctx context.Context, actor rbac.Subject) context.Context {
530530
// running the insertFunc. The insertFunc is expected to return the object that
531531
// was inserted.
532532
funcinsert[
533-
ObjectTypeany,
534-
ArgumentTypeany,
535-
Insertfunc(ctx context.Context,argArgumentType) (ObjectType,error),
533+
ObjectTypeany,
534+
ArgumentTypeany,
535+
Insertfunc(ctx context.Context,argArgumentType) (ObjectType,error),
536536
](
537537
logger slog.Logger,
538538
authorizer rbac.Authorizer,
@@ -543,9 +543,9 @@ Insert func(ctx context.Context, arg ArgumentType) (ObjectType, error),
543543
}
544544

545545
funcinsertWithAction[
546-
ObjectTypeany,
547-
ArgumentTypeany,
548-
Insertfunc(ctx context.Context,argArgumentType) (ObjectType,error),
546+
ObjectTypeany,
547+
ArgumentTypeany,
548+
Insertfunc(ctx context.Context,argArgumentType) (ObjectType,error),
549549
](
550550
logger slog.Logger,
551551
authorizer rbac.Authorizer,
@@ -572,10 +572,10 @@ Insert func(ctx context.Context, arg ArgumentType) (ObjectType, error),
572572
}
573573

574574
funcdeleteQ[
575-
ObjectType rbac.Objecter,
576-
ArgumentTypeany,
577-
Fetchfunc(ctx context.Context,argArgumentType) (ObjectType,error),
578-
Deletefunc(ctx context.Context,argArgumentType)error,
575+
ObjectType rbac.Objecter,
576+
ArgumentTypeany,
577+
Fetchfunc(ctx context.Context,argArgumentType) (ObjectType,error),
578+
Deletefunc(ctx context.Context,argArgumentType)error,
579579
](
580580
logger slog.Logger,
581581
authorizer rbac.Authorizer,
@@ -587,10 +587,10 @@ Delete func(ctx context.Context, arg ArgumentType) error,
587587
}
588588

589589
funcupdateWithReturn[
590-
ObjectType rbac.Objecter,
591-
ArgumentTypeany,
592-
Fetchfunc(ctx context.Context,argArgumentType) (ObjectType,error),
593-
UpdateQueryfunc(ctx context.Context,argArgumentType) (ObjectType,error),
590+
ObjectType rbac.Objecter,
591+
ArgumentTypeany,
592+
Fetchfunc(ctx context.Context,argArgumentType) (ObjectType,error),
593+
UpdateQueryfunc(ctx context.Context,argArgumentType) (ObjectType,error),
594594
](
595595
logger slog.Logger,
596596
authorizer rbac.Authorizer,
@@ -601,10 +601,10 @@ UpdateQuery func(ctx context.Context, arg ArgumentType) (ObjectType, error),
601601
}
602602

603603
funcupdate[
604-
ObjectType rbac.Objecter,
605-
ArgumentTypeany,
606-
Fetchfunc(ctx context.Context,argArgumentType) (ObjectType,error),
607-
Execfunc(ctx context.Context,argArgumentType)error,
604+
ObjectType rbac.Objecter,
605+
ArgumentTypeany,
606+
Fetchfunc(ctx context.Context,argArgumentType) (ObjectType,error),
607+
Execfunc(ctx context.Context,argArgumentType)error,
608608
](
609609
logger slog.Logger,
610610
authorizer rbac.Authorizer,
@@ -622,9 +622,9 @@ Exec func(ctx context.Context, arg ArgumentType) error,
622622
// user cannot read the resource. This is because the resource details are
623623
// required to run a proper authorization check.
624624
funcfetchWithAction[
625-
ArgumentTypeany,
626-
ObjectType rbac.Objecter,
627-
DatabaseFuncfunc(ctx context.Context,argArgumentType) (ObjectType,error),
625+
ArgumentTypeany,
626+
ObjectType rbac.Objecter,
627+
DatabaseFuncfunc(ctx context.Context,argArgumentType) (ObjectType,error),
628628
](
629629
logger slog.Logger,
630630
authorizer rbac.Authorizer,
@@ -655,9 +655,9 @@ DatabaseFunc func(ctx context.Context, arg ArgumentType) (ObjectType, error),
655655
}
656656

657657
funcfetch[
658-
ArgumentTypeany,
659-
ObjectType rbac.Objecter,
660-
DatabaseFuncfunc(ctx context.Context,argArgumentType) (ObjectType,error),
658+
ArgumentTypeany,
659+
ObjectType rbac.Objecter,
660+
DatabaseFuncfunc(ctx context.Context,argArgumentType) (ObjectType,error),
661661
](
662662
logger slog.Logger,
663663
authorizer rbac.Authorizer,
@@ -670,10 +670,10 @@ DatabaseFunc func(ctx context.Context, arg ArgumentType) (ObjectType, error),
670670
// from SQL 'exec' functions which only return an error.
671671
// See fetchAndQuery for more information.
672672
funcfetchAndExec[
673-
ObjectType rbac.Objecter,
674-
ArgumentTypeany,
675-
Fetchfunc(ctx context.Context,argArgumentType) (ObjectType,error),
676-
Execfunc(ctx context.Context,argArgumentType)error,
673+
ObjectType rbac.Objecter,
674+
ArgumentTypeany,
675+
Fetchfunc(ctx context.Context,argArgumentType) (ObjectType,error),
676+
Execfunc(ctx context.Context,argArgumentType)error,
677677
](
678678
logger slog.Logger,
679679
authorizer rbac.Authorizer,
@@ -696,10 +696,10 @@ Exec func(ctx context.Context, arg ArgumentType) error,
696696
// **before** the query runs. The returns from the fetch are only used to
697697
// assert rbac. The final return of this function comes from the Query function.
698698
funcfetchAndQuery[
699-
ObjectType rbac.Objecter,
700-
ArgumentTypeany,
701-
Fetchfunc(ctx context.Context,argArgumentType) (ObjectType,error),
702-
Queryfunc(ctx context.Context,argArgumentType) (ObjectType,error),
699+
ObjectType rbac.Objecter,
700+
ArgumentTypeany,
701+
Fetchfunc(ctx context.Context,argArgumentType) (ObjectType,error),
702+
Queryfunc(ctx context.Context,argArgumentType) (ObjectType,error),
703703
](
704704
logger slog.Logger,
705705
authorizer rbac.Authorizer,
@@ -733,9 +733,9 @@ Query func(ctx context.Context, arg ArgumentType) (ObjectType, error),
733733
// fetchWithPostFilter is like fetch, but works with lists of objects.
734734
// SQL filters are much more optimal.
735735
funcfetchWithPostFilter[
736-
ArgumentTypeany,
737-
ObjectType rbac.Objecter,
738-
DatabaseFuncfunc(ctx context.Context,argArgumentType) ([]ObjectType,error),
736+
ArgumentTypeany,
737+
ObjectType rbac.Objecter,
738+
DatabaseFuncfunc(ctx context.Context,argArgumentType) ([]ObjectType,error),
739739
](
740740
authorizer rbac.Authorizer,
741741
action policy.Action,

‎coderd/rbac/roles_test.go

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -496,6 +496,15 @@ func TestRolePermissions(t *testing.T) {
496496
false: {setOtherOrg,userAdmin,templateAdmin,memberMe,orgTemplateAdmin,orgUserAdmin,orgAuditor},
497497
},
498498
},
499+
{
500+
Name:"PrebuiltWorkspace",
501+
Actions: []policy.Action{policy.ActionRead,policy.ActionUpdate,policy.ActionDelete},
502+
Resource:rbac.ResourcePrebuiltWorkspace.WithID(uuid.New()).InOrg(orgID).WithOwner(memberMe.Actor.ID),
503+
AuthorizeMap:map[bool][]hasAuthSubjects{
504+
true: {owner,orgAdmin,orgMemberMe,templateAdmin,orgTemplateAdmin},
505+
false: {setOtherOrg,userAdmin,memberMe,orgUserAdmin,orgAuditor},
506+
},
507+
},
499508
// Some admin style resources
500509
{
501510
Name:"Licenses",

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp