coder/coderPublic

NotificationsYou must be signed in to change notification settings
Fork928
Star10.1k

Group sync API + CLI CRUD #14626

New issue

Closed

Group sync API + CLI CRUD#14626

Assignees

Labels

multi-orgtemporary label for multiple organizations related workneed-backendIssues that need backend work

Milestone

Organizations & Custom Roles (GA)

Description

Emyrk

opened

on Sep 9, 2024

Implement api interface for group sync settings crud. Group sync settings are now configured in the database and mutable at runtime.

Requires api endpoint to set and read the group sync runtime settings.

The code to interact with the settings from an api handler:

settings:=api.IDPSync.GroupSyncSettings()rlv:=api.Options.RuntimeConfig.OrganizationResolver(db,org.ID)err:=settings.SetRuntimeValue(ctx,rlv,&idpsync.GroupSyncSettings{// Values})

The problem we currently have is the RBAC story is not fully fleshed out. The current authz call isResourceSystem:

coder/coderd/database/dbauthz/dbauthz.go

Lines 3939 to 3944 in1995c13

	func (q*querier)UpsertRuntimeConfig(ctx context.Context,arg database.UpsertRuntimeConfigParams)error {
	iferr:=q.authorizeContext(ctx,policy.ActionCreate,rbac.ResourceSystem);err!=nil {
	returnerr
	}
	returnq.db.UpsertRuntimeConfig(ctx,arg)
	}

Metadata

Assignees

Labels

multi-orgtemporary label for multiple organizations related workneed-backendIssues that need backend work

Type

No type

Projects

No projects

Milestone

Organizations & Custom Roles (GA)

Relationships

None yet

Development

No branches or pull requests

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Group sync API + CLI CRUD #14626

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions