Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitefb80b5

Browse files
committed
feat: generate typed ScopeName constants from RBAC permissions
Add build-time generation of typed Go constants for all RBAC scopenames to improve type safety and prevent typos when referencingscopes in code.- Add scopenames.gotmpl template for generating ScopeName constants- Extend scripts/typegen/main.go to support "scopenames" template- Generate coderd/rbac/scopes_constants_gen.go with all typed constants- Update Makefile to include generated file in build targets- Constants follow pattern Scope<Resource><Action> = "resource:action"
1 parent1d5d9f1 commitefb80b5

File tree

4 files changed

+186
-0
lines changed

4 files changed

+186
-0
lines changed

‎Makefile‎

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -645,6 +645,7 @@ GEN_FILES := \
645645
$(SITE_GEN_FILES)\
646646
coderd/rbac/object_gen.go\
647647
codersdk/rbacresources_gen.go\
648+
coderd/rbac/scopes_constants_gen.go\
648649
docs/admin/integrations/prometheus.md\
649650
docs/reference/cli/index.md\
650651
docs/admin/security/audit-logs.md\
@@ -693,6 +694,7 @@ gen/mark-fresh:
693694
site/src/api/typesGenerated.ts\
694695
coderd/rbac/object_gen.go\
695696
codersdk/rbacresources_gen.go\
697+
coderd/rbac/scopes_constants_gen.go\
696698
site/src/api/rbacresourcesGenerated.ts\
697699
site/src/api/countriesGenerated.ts\
698700
docs/admin/integrations/prometheus.md\
@@ -832,6 +834,11 @@ coderd/rbac/object_gen.go: scripts/typegen/rbacobject.gotmpl scripts/typegen/mai
832834
rmdir -v"$$tempdir"
833835
touch"$@"
834836

837+
coderd/rbac/scopes_constants_gen.go: scripts/typegen/scopenames.gotmpl scripts/typegen/main.go coderd/rbac/policy/policy.go
838+
# Generate typed low-level ScopeName constants from RBACPermissions
839+
go run ./scripts/typegen/main.go rbac scopenames>"$@"
840+
touch"$@"
841+
835842
codersdk/rbacresources_gen.go: scripts/typegen/codersdk.gotmpl scripts/typegen/main.go coderd/rbac/object.go coderd/rbac/policy/policy.go
836843
# Do no overwrite codersdk/rbacresources_gen.go directly, as it would make the file empty, breaking
837844
# the `codersdk` package and any parallel build targets.

‎coderd/rbac/scopes_constants_gen.go‎

Lines changed: 148 additions & 0 deletions
Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

‎scripts/typegen/main.go‎

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -31,6 +31,9 @@ var codersdkTemplate string
3131
//go:embed typescript.tstmpl
3232
vartypescriptTemplatestring
3333

34+
//go:embed scopenames.gotmpl
35+
varscopenamesTemplatestring
36+
3437
//go:embed countries.tstmpl
3538
varcountriesTemplatestring
3639

@@ -96,6 +99,8 @@ func generateRBAC(tmpl string) ([]byte, error) {
9699
// No typescript formatting
97100
returnsrc,nil
98101
}
102+
case"scopenames":
103+
source=scopenamesTemplate
99104
default:
100105
returnnil,xerrors.Errorf("%q is not a valid RBAC template target",tmpl)
101106
}
@@ -225,6 +230,15 @@ func generateRbacObjects(templateSource string) ([]byte, error) {
225230
"actionsList":func() []ActionDetails {
226231
returnactionList
227232
},
233+
"actionsOf":func(dDefinition) []string {
234+
// Extract and sort action string keys for deterministic output.
235+
list:=make([]string,0,len(d.Actions))
236+
fora:=ranged.Actions {
237+
list=append(list,string(a))
238+
}
239+
slices.Sort(list)
240+
returnlist
241+
},
228242
"actionEnum":func(action policy.Action)string {
229243
x++
230244
v,ok:=actionMap[string(action)]

‎scripts/typegen/scopenames.gotmpl‎

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,17 @@
1+
// Code generated by: go run ./scripts/typegen rbac scopenames; DO NOT EDIT.
2+
package rbac
3+
4+
// ScopeName constants generated from policy.RBACPermissions.
5+
// These represent low-level "<resource>:<action>" scope names.
6+
// Built-in non-low-level scopes like "all" and "application_connect" remain
7+
// declared in code, not here, to avoid duplication.
8+
9+
const (
10+
{{- range $def := . }}
11+
{{- $Res := pascalCaseName $def.Type }}
12+
{{- range $act := actionsOf $def }}
13+
Scope{{$Res}}{{ pascalCaseName $act }} ScopeName = "{{ $def.Type }}:{{ $act }}"
14+
{{- end }}
15+
{{- end }}
16+
)
17+

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp