Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitb9f4ea6

Browse files
committed
Self-review, appeasing CI
Signed-off-by: Danny Kopping <danny@coder.com>
1 parent20e55d5 commitb9f4ea6

File tree

12 files changed

+106
-56
lines changed

12 files changed

+106
-56
lines changed

‎coderd/database/dbauthz/dbauthz.go

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1474,11 +1474,11 @@ func (q *querier) GetNotificationMessagesByStatus(ctx context.Context, arg datab
14741474
returnq.db.GetNotificationMessagesByStatus(ctx,arg)
14751475
}
14761476

1477-
func (q*querier)GetNotificationTemplateById(ctx context.Context,id uuid.UUID) (database.NotificationTemplate,error) {
1477+
func (q*querier)GetNotificationTemplateByID(ctx context.Context,id uuid.UUID) (database.NotificationTemplate,error) {
14781478
iferr:=q.authorizeContext(ctx,policy.ActionRead,rbac.ResourceNotificationTemplate);err!=nil {
14791479
return database.NotificationTemplate{},err
14801480
}
1481-
returnq.db.GetNotificationTemplateById(ctx,id)
1481+
returnq.db.GetNotificationTemplateByID(ctx,id)
14821482
}
14831483

14841484
func (q*querier)GetNotificationTemplatesByKind(ctx context.Context,kind database.NotificationTemplateKind) ([]database.NotificationTemplate,error) {
@@ -3033,12 +3033,12 @@ func (q *querier) UpdateMemberRoles(ctx context.Context, arg database.UpdateMemb
30333033
returnq.db.UpdateMemberRoles(ctx,arg)
30343034
}
30353035

3036-
func (q*querier)UpdateNotificationTemplateMethodById(ctx context.Context,arg database.UpdateNotificationTemplateMethodByIdParams) (database.NotificationTemplate,error) {
3036+
func (q*querier)UpdateNotificationTemplateMethodByID(ctx context.Context,arg database.UpdateNotificationTemplateMethodByIDParams) (database.NotificationTemplate,error) {
30373037
// TODO: how to restrict this to admins?
30383038
iferr:=q.authorizeContext(ctx,policy.ActionUpdate,rbac.ResourceNotificationTemplate);err!=nil {
30393039
return database.NotificationTemplate{},err
30403040
}
3041-
returnq.db.UpdateNotificationTemplateMethodById(ctx,arg)
3041+
returnq.db.UpdateNotificationTemplateMethodByID(ctx,arg)
30423042
}
30433043

30443044
func (q*querier)UpdateOAuth2ProviderAppByID(ctx context.Context,arg database.UpdateOAuth2ProviderAppByIDParams) (database.OAuth2ProviderApp,error) {

‎coderd/database/dbauthz/dbauthz_test.go

Lines changed: 39 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,7 @@ import (
1616
"cdr.dev/slog"
1717

1818
"github.com/coder/coder/v2/coderd/database/db2sdk"
19+
"github.com/coder/coder/v2/coderd/notifications"
1920
"github.com/coder/coder/v2/coderd/rbac/policy"
2021
"github.com/coder/coder/v2/codersdk"
2122

@@ -2555,6 +2556,10 @@ func (s *MethodTestSuite) TestSystemFunctions() {
25552556
AgentID:uuid.New(),
25562557
}).Asserts(tpl,policy.ActionCreate)
25572558
}))
2559+
}
2560+
2561+
func (s*MethodTestSuite)TestNotifications() {
2562+
// System functions
25582563
s.Run("AcquireNotificationMessages",s.Subtest(func(db database.Store,check*expects) {
25592564
// TODO: update this test once we have a specific role for notifications
25602565
check.Args(database.AcquireNotificationMessagesParams{}).Asserts(rbac.ResourceSystem,policy.ActionUpdate)
@@ -2590,6 +2595,40 @@ func (s *MethodTestSuite) TestSystemFunctions() {
25902595
Limit:10,
25912596
}).Asserts(rbac.ResourceSystem,policy.ActionRead)
25922597
}))
2598+
2599+
// Notification templates
2600+
s.Run("GetNotificationTemplateByID",s.Subtest(func(db database.Store,check*expects) {
2601+
user:=dbgen.User(s.T(),db, database.User{})
2602+
check.Args(user.ID).Asserts(rbac.ResourceNotificationTemplate,policy.ActionRead).
2603+
Errors(dbmem.ErrUnimplemented)
2604+
}))
2605+
s.Run("GetNotificationTemplatesByKind",s.Subtest(func(db database.Store,check*expects) {
2606+
check.Args(database.NotificationTemplateKindSystem).
2607+
Asserts(rbac.ResourceNotificationTemplate,policy.ActionRead).
2608+
Errors(dbmem.ErrUnimplemented)
2609+
}))
2610+
s.Run("UpdateNotificationTemplateMethodByID",s.Subtest(func(db database.Store,check*expects) {
2611+
check.Args(database.UpdateNotificationTemplateMethodByIDParams{
2612+
Method: database.NullNotificationMethod{NotificationMethod:database.NotificationMethodWebhook,Valid:true},
2613+
ID:notifications.TemplateWorkspaceDormant,
2614+
}).Asserts(rbac.ResourceNotificationTemplate,policy.ActionUpdate).
2615+
Errors(dbmem.ErrUnimplemented)
2616+
}))
2617+
2618+
// Notification preferences
2619+
s.Run("GetUserNotificationPreferences",s.Subtest(func(db database.Store,check*expects) {
2620+
user:=dbgen.User(s.T(),db, database.User{})
2621+
check.Args(user.ID).
2622+
Asserts(rbac.ResourceNotificationPreference.WithOwner(user.ID.String()),policy.ActionRead)
2623+
}))
2624+
s.Run("UpdateUserNotificationPreferences",s.Subtest(func(db database.Store,check*expects) {
2625+
user:=dbgen.User(s.T(),db, database.User{})
2626+
check.Args(database.UpdateUserNotificationPreferencesParams{
2627+
UserID:user.ID,
2628+
NotificationTemplateIds: []uuid.UUID{notifications.TemplateWorkspaceAutoUpdated,notifications.TemplateWorkspaceDeleted},
2629+
Disableds: []bool{true,false},
2630+
}).Asserts(rbac.ResourceNotificationPreference.WithOwner(user.ID.String()),policy.ActionUpdate)
2631+
}))
25932632
}
25942633

25952634
func (s*MethodTestSuite)TestOAuth2ProviderApps() {

‎coderd/database/dbmem/dbmem.go

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -2710,11 +2710,11 @@ func (q *FakeQuerier) GetNotificationMessagesByStatus(_ context.Context, arg dat
27102710
returnout,nil
27112711
}
27122712

2713-
func (*FakeQuerier)GetNotificationTemplateById(_ context.Context,_ uuid.UUID) (database.NotificationTemplate,error) {
2713+
func (*FakeQuerier)GetNotificationTemplateByID(_ context.Context,_ uuid.UUID) (database.NotificationTemplate,error) {
27142714
return database.NotificationTemplate{},ErrUnimplemented
27152715
}
27162716

2717-
func (q*FakeQuerier)GetNotificationTemplatesByKind(ctx context.Context,kind database.NotificationTemplateKind) ([]database.NotificationTemplate,error) {
2717+
func (*FakeQuerier)GetNotificationTemplatesByKind(_ context.Context,_ database.NotificationTemplateKind) ([]database.NotificationTemplate,error) {
27182718
returnnil,ErrUnimplemented
27192719
}
27202720

@@ -7546,7 +7546,7 @@ func (q *FakeQuerier) UpdateMemberRoles(_ context.Context, arg database.UpdateMe
75467546
return database.OrganizationMember{},sql.ErrNoRows
75477547
}
75487548

7549-
func (*FakeQuerier)UpdateNotificationTemplateMethodById(_ context.Context,_ database.UpdateNotificationTemplateMethodByIdParams) (database.NotificationTemplate,error) {
7549+
func (*FakeQuerier)UpdateNotificationTemplateMethodByID(_ context.Context,_ database.UpdateNotificationTemplateMethodByIDParams) (database.NotificationTemplate,error) {
75507550
return database.NotificationTemplate{},ErrUnimplemented
75517551
}
75527552

‎coderd/database/dbmetrics/dbmetrics.go

Lines changed: 6 additions & 6 deletions
Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

‎coderd/database/dbmock/dbmock.go

Lines changed: 12 additions & 12 deletions
Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

‎coderd/database/querier.go

Lines changed: 2 additions & 2 deletions
Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

‎coderd/database/queries.sql.go

Lines changed: 7 additions & 7 deletions
Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

‎coderd/database/queries/notifications.sql

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -157,13 +157,13 @@ ON CONFLICT (user_id, notification_template_id) DO UPDATE
157157
SET disabled=EXCLUDED.disabled,
158158
updated_at=CURRENT_TIMESTAMP;
159159

160-
-- name:UpdateNotificationTemplateMethodById :one
160+
-- name:UpdateNotificationTemplateMethodByID :one
161161
UPDATE notification_templates
162162
SET method=sqlc.narg('method')::notification_method
163163
WHERE id= @id::uuid
164164
RETURNING*;
165165

166-
-- name:GetNotificationTemplateById :one
166+
-- name:GetNotificationTemplateByID :one
167167
SELECT*
168168
FROM notification_templates
169169
WHERE id= @id::uuid;

‎coderd/rbac/object_gen.go

Lines changed: 2 additions & 2 deletions
Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

‎coderd/rbac/policy/policy.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -263,8 +263,8 @@ var RBACPermissions = map[string]PermissionDefinition{
263263
},
264264
"notification_preference": {
265265
Actions:map[Action]ActionDefinition{
266-
ActionRead:actDef("readownnotification preferences"),
267-
ActionUpdate:actDef("updateownnotification preferences"),
266+
ActionRead:actDef("read notification preferences"),
267+
ActionUpdate:actDef("update notification preferences"),
268268
},
269269
},
270270
}

‎coderd/rbac/roles_test.go

Lines changed: 25 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -591,6 +591,8 @@ func TestRolePermissions(t *testing.T) {
591591
},
592592
},
593593
{
594+
// Any owner/admin across may access any users' preferences
595+
// Members may not access other members' preferences
594596
Name:"NotificationPreferencesOwn",
595597
Actions: []policy.Action{policy.ActionRead,policy.ActionUpdate},
596598
Resource:rbac.ResourceNotificationPreference.WithOwner(currentUser.String()),
@@ -605,6 +607,7 @@ func TestRolePermissions(t *testing.T) {
605607
},
606608
},
607609
{
610+
// Any owner/admin may access notification templates
608611
Name:"NotificationTemplates",
609612
Actions: []policy.Action{policy.ActionRead,policy.ActionUpdate},
610613
Resource:rbac.ResourceNotificationTemplate,
@@ -618,6 +621,23 @@ func TestRolePermissions(t *testing.T) {
618621
},
619622
},
620623
},
624+
{
625+
// Notification preferences are currently not organization-scoped
626+
// Any owner/admin may access any users' preferences
627+
// Members may not access other members' preferences
628+
Name:"NotificationPreferencesOtherUser",
629+
Actions: []policy.Action{policy.ActionRead,policy.ActionUpdate},
630+
Resource:rbac.ResourceNotificationPreference.InOrg(orgID).WithOwner(uuid.NewString()),// some other user
631+
AuthorizeMap:map[bool][]hasAuthSubjects{
632+
true: {orgAdmin,owner},
633+
false: {
634+
memberMe,templateAdmin,orgUserAdmin,userAdmin,
635+
orgAuditor,orgTemplateAdmin,
636+
otherOrgMember,otherOrgAuditor,otherOrgUserAdmin,otherOrgTemplateAdmin,
637+
otherOrgAdmin,orgMemberMe,
638+
},
639+
},
640+
},
621641
// AnyOrganization tests
622642
{
623643
Name:"CreateOrgMember",
@@ -659,6 +679,9 @@ func TestRolePermissions(t *testing.T) {
659679
},
660680
},
661681
{
682+
// Notification preferences are currently not organization-scoped
683+
// Any owner/admin across any organization may access any users' preferences
684+
// Members may access their own preferences
662685
Name:"NotificationPreferencesAnyOrg",
663686
Actions: []policy.Action{policy.ActionRead,policy.ActionUpdate},
664687
Resource:rbac.ResourceNotificationPreference.AnyOrganization().WithOwner(currentUser.String()),
@@ -672,20 +695,8 @@ func TestRolePermissions(t *testing.T) {
672695
},
673696
},
674697
{
675-
Name:"NotificationPreferencesOtherUser",
676-
Actions: []policy.Action{policy.ActionRead,policy.ActionUpdate},
677-
Resource:rbac.ResourceNotificationPreference.InOrg(orgID).WithOwner(uuid.NewString()),// some other user
678-
AuthorizeMap:map[bool][]hasAuthSubjects{
679-
true: {orgAdmin,owner},
680-
false: {
681-
memberMe,templateAdmin,orgUserAdmin,userAdmin,
682-
orgAuditor,orgTemplateAdmin,
683-
otherOrgMember,otherOrgAuditor,otherOrgUserAdmin,otherOrgTemplateAdmin,
684-
otherOrgAdmin,orgMemberMe,
685-
},
686-
},
687-
},
688-
{
698+
// Notification templates are currently not organization-scoped
699+
// Any owner/admin across any organization may access notification templates
689700
Name:"NotificationTemplateAnyOrg",
690701
Actions: []policy.Action{policy.ActionRead,policy.ActionUpdate},
691702
Resource:rbac.ResourceNotificationPreference.AnyOrganization(),

‎site/src/api/rbacresources_gen.ts

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -56,8 +56,8 @@ export const RBACResourceActions: Partial<
5656
read:"read licenses",
5757
},
5858
notification_preference:{
59-
read:"readownnotification preferences",
60-
update:"updateownnotification preferences",
59+
read:"read notification preferences",
60+
update:"update notification preferences",
6161
},
6262
notification_template:{
6363
read:"read notification templates",

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp