Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitc3c23ed

Browse files
authored
chore: add query to fetch top level idp claim fields (#15525)
Adds an api endpoint to grab all available sync field options for IDPsync. This is for autocomplete on idp sync forms. This is required fororganization admins to have some insight into the claim fields availablewhen configuring group/role sync.
1 parent48bb452 commitc3c23ed

File tree

18 files changed

+679
-10
lines changed

18 files changed

+679
-10
lines changed

‎coderd/apidoc/docs.go‎

Lines changed: 76 additions & 0 deletions
Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

‎coderd/apidoc/swagger.json‎

Lines changed: 68 additions & 0 deletions
Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

‎coderd/database/dbauthz/dbauthz.go‎

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3283,6 +3283,18 @@ func (q *querier) ListWorkspaceAgentPortShares(ctx context.Context, workspaceID
32833283
returnq.db.ListWorkspaceAgentPortShares(ctx,workspaceID)
32843284
}
32853285

3286+
func (q*querier)OIDCClaimFields(ctx context.Context,organizationID uuid.UUID) ([]string,error) {
3287+
resource:=rbac.ResourceIdpsyncSettings
3288+
iforganizationID!=uuid.Nil {
3289+
resource=resource.InOrg(organizationID)
3290+
}
3291+
3292+
iferr:=q.authorizeContext(ctx,policy.ActionRead,resource);err!=nil {
3293+
returnnil,err
3294+
}
3295+
returnq.db.OIDCClaimFields(ctx,organizationID)
3296+
}
3297+
32863298
func (q*querier)OrganizationMembers(ctx context.Context,arg database.OrganizationMembersParams) ([]database.OrganizationMembersRow,error) {
32873299
returnfetchWithPostFilter(q.auth,policy.ActionRead,q.db.OrganizationMembers)(ctx,arg)
32883300
}

‎coderd/database/dbauthz/dbauthz_test.go‎

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -626,6 +626,13 @@ func (s *MethodTestSuite) TestLicense() {
626626
}
627627

628628
func (s*MethodTestSuite)TestOrganization() {
629+
s.Run("Deployment/OIDCClaimFields",s.Subtest(func(db database.Store,check*expects) {
630+
check.Args(uuid.Nil).Asserts(rbac.ResourceIdpsyncSettings,policy.ActionRead).Returns([]string{})
631+
}))
632+
s.Run("Organization/OIDCClaimFields",s.Subtest(func(db database.Store,check*expects) {
633+
id:=uuid.New()
634+
check.Args(id).Asserts(rbac.ResourceIdpsyncSettings.InOrg(id),policy.ActionRead).Returns([]string{})
635+
}))
629636
s.Run("ByOrganization/GetGroups",s.Subtest(func(db database.Store,check*expects) {
630637
o:=dbgen.Organization(s.T(),db, database.Organization{})
631638
a:=dbgen.Group(s.T(),db, database.Group{OrganizationID:o.ID})

‎coderd/database/dbmem/dbmem.go‎

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8409,6 +8409,35 @@ func (q *FakeQuerier) ListWorkspaceAgentPortShares(_ context.Context, workspaceI
84098409
returnshares,nil
84108410
}
84118411

8412+
func (q*FakeQuerier)OIDCClaimFields(_ context.Context,organizationID uuid.UUID) ([]string,error) {
8413+
orgMembers:=q.getOrganizationMemberNoLock(organizationID)
8414+
8415+
varfields []string
8416+
for_,link:=rangeq.userLinks {
8417+
iforganizationID!=uuid.Nil {
8418+
inOrg:=slices.ContainsFunc(orgMembers,func(organizationMember database.OrganizationMember)bool {
8419+
returnorganizationMember.UserID==link.UserID
8420+
})
8421+
if!inOrg {
8422+
continue
8423+
}
8424+
}
8425+
8426+
iflink.LoginType!=database.LoginTypeOIDC {
8427+
continue
8428+
}
8429+
8430+
fork:=rangelink.Claims.IDTokenClaims {
8431+
fields=append(fields,k)
8432+
}
8433+
fork:=rangelink.Claims.UserInfoClaims {
8434+
fields=append(fields,k)
8435+
}
8436+
}
8437+
8438+
returnslice.Unique(fields),nil
8439+
}
8440+
84128441
func (q*FakeQuerier)OrganizationMembers(_ context.Context,arg database.OrganizationMembersParams) ([]database.OrganizationMembersRow,error) {
84138442
iferr:=validateDatabaseType(arg);err!=nil {
84148443
return []database.OrganizationMembersRow{},err

‎coderd/database/dbmetrics/querymetrics.go‎

Lines changed: 7 additions & 0 deletions
Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

‎coderd/database/dbmock/dbmock.go‎

Lines changed: 15 additions & 0 deletions
Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

‎coderd/database/modelqueries.go‎

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,7 @@ package database
33
import (
44
"context"
55
"database/sql"
6+
"encoding/json"
67
"fmt"
78
"strings"
89

@@ -527,3 +528,9 @@ func insertAuthorizedFilter(query string, replaceWith string) (string, error) {
527528
filtered:=strings.Replace(query,authorizedQueryPlaceholder,replaceWith,1)
528529
returnfiltered,nil
529530
}
531+
532+
// UpdateUserLinkRawJSON is a custom query for unit testing. Do not ever expose this
533+
func (q*sqlQuerier)UpdateUserLinkRawJSON(ctx context.Context,userID uuid.UUID,data json.RawMessage)error {
534+
_,err:=q.sdb.ExecContext(ctx,"UPDATE user_links SET claims = $2 WHERE user_id = $1",userID,data)
535+
returnerr
536+
}

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp