Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

chore: create type for unique role names#13506

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.

Already on GitHub?Sign in to your account

Merged
Emyrk merged 16 commits intomainfromstevenmasley/typed_role_name
Jun 11, 2024
Merged
Show file tree
Hide file tree
Changes from1 commit
Commits
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
PrevPrevious commit
NextNext commit
Add codersdk roles
  • Loading branch information
@Emyrk
Emyrk committedJun 10, 2024
commit056fc17becae7e613f4562140a2c93d9e8d5d523
3 changes: 2 additions & 1 deletioncli/server_createadminuser_test.go
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -17,6 +17,7 @@ import (
"github.com/coder/coder/v2/coderd/database/dbtime"
"github.com/coder/coder/v2/coderd/rbac"
"github.com/coder/coder/v2/coderd/userpassword"
"github.com/coder/coder/v2/codersdk"
"github.com/coder/coder/v2/pty/ptytest"
"github.com/coder/coder/v2/testutil"
)
Expand DownExpand Up@@ -56,7 +57,7 @@ func TestServerCreateAdminUser(t *testing.T) {
require.NoError(t, err)
require.True(t, ok, "password does not match")

require.EqualValues(t, []string{rbac.RoleOwner().String()}, user.RBACRoles, "user does not have owner role")
require.EqualValues(t, []string{codersdk.RoleOwner}, user.RBACRoles, "user does not have owner role")

// Check that user is admin in every org.
orgs, err := db.GetOrganizations(ctx)
Expand Down
37 changes: 18 additions & 19 deletionscoderd/httpmw/authorize_test.go
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -27,27 +27,26 @@ func TestExtractUserRoles(t *testing.T) {
t.Parallel()
testCases := []struct {
Name string
AddUser func(db database.Store) (database.User, []string, string)
AddUser func(db database.Store) (database.User, []rbac.RoleName, string)
}{
{
Name: "Member",
AddUser: func(db database.Store) (database.User, []string, string) {
roles := []string{}
user, token := addUser(t, db, roles...)
return user, append(roles, rbac.RoleMember()), token
AddUser: func(db database.Store) (database.User, []rbac.RoleName, string) {
user, token := addUser(t, db)
return user, []rbac.RoleName{rbac.RoleMember()}, token
},
},
{
Name: "Admin",
AddUser: func(db database.Store) (database.User, []string, string) {
roles := []string{rbac.RoleOwner()}
Name: "Owner",
AddUser: func(db database.Store) (database.User, []rbac.RoleName, string) {
roles := []string{codersdk.RoleOwner}
user, token := addUser(t, db, roles...)
return user,append(roles, rbac.RoleMember()), token
return user,[]rbac.RoleName{rbac.RoleOwner(), rbac.RoleMember()}, token
},
},
{
Name: "OrgMember",
AddUser: func(db database.Store) (database.User, []string, string) {
AddUser: func(db database.Store) (database.User, []rbac.RoleName, string) {
roles := []string{}
user, token := addUser(t, db, roles...)
org, err := db.InsertOrganization(context.Background(), database.InsertOrganizationParams{
Expand All@@ -68,15 +67,15 @@ func TestExtractUserRoles(t *testing.T) {
Roles: orgRoles,
})
require.NoError(t, err)
return user,append(roles, append(orgRoles,rbac.RoleMember(), rbac.ScopedRoleOrgMember(org.ID))...), token
return user,[]rbac.RoleName{rbac.RoleMember(), rbac.ScopedRoleOrgMember(org.ID)}, token
},
},
{
Name: "MultipleOrgMember",
AddUser: func(db database.Store) (database.User, []string, string) {
roles := []string{}
user, token := addUser(t, db, roles...)
roles = append(roles, rbac.RoleMember())
AddUser: func(db database.Store) (database.User, []rbac.RoleName, string) {
expected := []rbac.RoleName{}
user, token := addUser(t, db)
expected = append(expected, rbac.RoleMember())
for i := 0; i < 3; i++ {
organization, err := db.InsertOrganization(context.Background(), database.InsertOrganizationParams{
ID: uuid.New(),
Expand All@@ -89,8 +88,8 @@ func TestExtractUserRoles(t *testing.T) {

orgRoles := []string{}
if i%2 == 0 {
orgRoles = append(orgRoles,rbac.RoleOrgAdmin())
roles = append(roles, rbac.ScopedRoleOrgAdmin(organization.ID))
orgRoles = append(orgRoles,codersdk.RoleOrganizationAdmin)
expected = append(expected, rbac.ScopedRoleOrgAdmin(organization.ID))
}
_, err = db.InsertOrganizationMember(context.Background(), database.InsertOrganizationMemberParams{
OrganizationID: organization.ID,
Expand All@@ -100,9 +99,9 @@ func TestExtractUserRoles(t *testing.T) {
Roles: orgRoles,
})
require.NoError(t, err)
roles = append(roles, rbac.ScopedRoleOrgMember(organization.ID))
expected = append(expected, rbac.ScopedRoleOrgMember(organization.ID))
}
return user,roles, token
return user,expected, token
},
},
}
Expand Down
5 changes: 2 additions & 3 deletionscoderd/httpmw/organizationparam_test.go
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -16,7 +16,6 @@ import (
"github.com/coder/coder/v2/coderd/database/dbmem"
"github.com/coder/coder/v2/coderd/database/dbtime"
"github.com/coder/coder/v2/coderd/httpmw"
"github.com/coder/coder/v2/coderd/rbac"
"github.com/coder/coder/v2/codersdk"
"github.com/coder/coder/v2/testutil"
)
Expand DownExpand Up@@ -152,11 +151,11 @@ func TestOrganizationParam(t *testing.T) {
_ = dbgen.OrganizationMember(t, db, database.OrganizationMember{
OrganizationID: organization.ID,
UserID: user.ID,
Roles: []string{rbac.ScopedRoleOrgMember(organization.ID)},
Roles: []string{codersdk.RoleOrganizationMember},
})
_, err := db.UpdateUserRoles(ctx, database.UpdateUserRolesParams{
ID: user.ID,
GrantedRoles: []string{rbac.RoleTemplateAdmin()},
GrantedRoles: []string{codersdk.RoleTemplateAdmin},
})
require.NoError(t, err)

Expand Down
3 changes: 1 addition & 2 deletionscoderd/httpmw/ratelimit_test.go
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -16,7 +16,6 @@ import (
"github.com/coder/coder/v2/coderd/database/dbgen"
"github.com/coder/coder/v2/coderd/database/dbmem"
"github.com/coder/coder/v2/coderd/httpmw"
"github.com/coder/coder/v2/coderd/rbac"
"github.com/coder/coder/v2/codersdk"
)

Expand DownExpand Up@@ -117,7 +116,7 @@ func TestRateLimit(t *testing.T) {
db := dbmem.New()

u := dbgen.User(t, db, database.User{
RBACRoles: []string{rbac.RoleOwner()},
RBACRoles: []string{codersdk.RoleOwner},
})
_, key := dbgen.APIKey(t, db, database.APIKey{UserID: u.ID})

Expand Down
26 changes: 13 additions & 13 deletionscoderd/users_test.go
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -994,7 +994,7 @@ func TestGrantSiteRoles(t *testing.T) {
Name: "UserNotExists",
Client: admin,
AssignToUser: uuid.NewString(),
Roles: []string{rbac.RoleOwner()},
Roles: []string{codersdk.RoleOwner},
Error: true,
StatusCode: http.StatusBadRequest,
},
Expand All@@ -1020,7 +1020,7 @@ func TestGrantSiteRoles(t *testing.T) {
Client: admin,
OrgID: first.OrganizationID,
AssignToUser: codersdk.Me,
Roles: []string{rbac.RoleOwner()},
Roles: []string{codersdk.RoleOwner},
Error: true,
StatusCode: http.StatusBadRequest,
},
Expand DownExpand Up@@ -1057,9 +1057,9 @@ func TestGrantSiteRoles(t *testing.T) {
Name: "UserAdminMakeMember",
Client: userAdmin,
AssignToUser: newUser,
Roles: []string{rbac.RoleMember()},
Roles: []string{codersdk.RoleMember},
ExpectedRoles: []string{
rbac.RoleMember(),
codersdk.RoleMember,
},
Error: false,
},
Expand DownExpand Up@@ -1124,7 +1124,7 @@ func TestInitialRoles(t *testing.T) {
roles, err := client.UserRoles(ctx, codersdk.Me)
require.NoError(t, err)
require.ElementsMatch(t, roles.Roles, []string{
rbac.RoleOwner(),
codersdk.RoleOwner,
}, "should be a member and admin")

require.ElementsMatch(t, roles.OrganizationRoles[first.OrganizationID], []string{}, "should be a member")
Expand DownExpand Up@@ -1289,12 +1289,12 @@ func TestUsersFilter(t *testing.T) {
users := make([]codersdk.User, 0)
users = append(users, firstUser)
for i := 0; i < 15; i++ {
roles := []string{}
roles := []rbac.RoleName{}
if i%2 == 0 {
roles = append(roles, rbac.RoleTemplateAdmin(), rbac.RoleUserAdmin())
}
if i%3 == 0 {
roles = append(roles,"auditor")
roles = append(roles,rbac.RoleAuditor())
}
userClient, userData := coderdtest.CreateAnotherUser(t, client, first.OrganizationID, roles...)
// Set the last seen for each user to a unique day
Expand DownExpand Up@@ -1379,12 +1379,12 @@ func TestUsersFilter(t *testing.T) {
{
Name: "Admins",
Filter: codersdk.UsersRequest{
Role:rbac.RoleOwner(),
Role:codersdk.RoleOwner,
Status: codersdk.UserStatusSuspended + "," + codersdk.UserStatusActive,
},
FilterF: func(_ codersdk.UsersRequest, u codersdk.User) bool {
for _, r := range u.Roles {
if r.Name ==rbac.RoleOwner() {
if r.Name ==codersdk.RoleOwner {
return true
}
}
Expand All@@ -1399,7 +1399,7 @@ func TestUsersFilter(t *testing.T) {
},
FilterF: func(_ codersdk.UsersRequest, u codersdk.User) bool {
for _, r := range u.Roles {
if r.Name ==rbac.RoleOwner() {
if r.Name ==codersdk.RoleOwner {
return true
}
}
Expand All@@ -1409,7 +1409,7 @@ func TestUsersFilter(t *testing.T) {
{
Name: "Members",
Filter: codersdk.UsersRequest{
Role:rbac.RoleMember(),
Role:codersdk.RoleMember,
Status: codersdk.UserStatusSuspended + "," + codersdk.UserStatusActive,
},
FilterF: func(_ codersdk.UsersRequest, u codersdk.User) bool {
Expand All@@ -1423,7 +1423,7 @@ func TestUsersFilter(t *testing.T) {
},
FilterF: func(_ codersdk.UsersRequest, u codersdk.User) bool {
for _, r := range u.Roles {
if r.Name ==rbac.RoleOwner() {
if r.Name ==codersdk.RoleOwner {
return (strings.ContainsAny(u.Username, "iI") || strings.ContainsAny(u.Email, "iI")) &&
u.Status == codersdk.UserStatusActive
}
Expand All@@ -1438,7 +1438,7 @@ func TestUsersFilter(t *testing.T) {
},
FilterF: func(_ codersdk.UsersRequest, u codersdk.User) bool {
for _, r := range u.Roles {
if r.Name ==rbac.RoleOwner() {
if r.Name ==codersdk.RoleOwner {
return (strings.ContainsAny(u.Username, "iI") || strings.ContainsAny(u.Email, "iI")) &&
u.Status == codersdk.UserStatusActive
}
Expand Down
13 changes: 13 additions & 0 deletionscodersdk/rbacroles.go
View file
Open in desktop
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,13 @@
package codersdk

// Ideally this roles would be generated from the rbac/roles.go package.
const (
RoleOwner string = "owner"
RoleMember string = "member"
RoleTemplateAdmin string = "template-admin"
RoleUserAdmin string = "user-admin"
RoleAuditor string = "auditor"

RoleOrganizationAdmin string = "organization-admin"
RoleOrganizationMember string = "organization-member"
)
[8]ページ先頭
©2009-2025 Movatter.jp