Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

chore: remove parallel queries in the same transaction#18489

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.

Already on GitHub?Sign in to your account

Merged
Emyrk merged 1 commit intomainfromstevenmasley/sequential_query
Jun 23, 2025
Merged
Changes fromall commits
Commits
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
107 changes: 43 additions & 64 deletionscoderd/dynamicparameters/render.go
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -9,7 +9,6 @@ import (
"time"

"github.com/google/uuid"
"golang.org/x/sync/errgroup"
"golang.org/x/xerrors"

"github.com/coder/coder/v2/apiversion"
Expand DownExpand Up@@ -244,8 +243,6 @@ func (r *dynamicRenderer) getWorkspaceOwnerData(ctx context.Context, ownerID uui
returnnil// already fetched
}

varg errgroup.Group

// You only need to be able to read the organization member to get the owner
// data. Only the terraform files can therefore leak more information than the
// caller should have access to. All this info should be public assuming you can
Expand All@@ -266,72 +263,54 @@ func (r *dynamicRenderer) getWorkspaceOwnerData(ctx context.Context, ownerID uui
returnxerrors.Errorf("fetch user: %w",err)
}

varownerRoles []previewtypes.WorkspaceOwnerRBACRole
g.Go(func()error {
// nolint:gocritic // This is kind of the wrong query to use here, but it
// matches how the provisioner currently works. We should figure out
// something that needs less escalation but has the correct behavior.
row,err:=r.db.GetAuthorizationUserRoles(dbauthz.AsProvisionerd(ctx),ownerID)
iferr!=nil {
returnerr
}
roles,err:=row.RoleNames()
iferr!=nil {
returnerr
// nolint:gocritic // This is kind of the wrong query to use here, but it
// matches how the provisioner currently works. We should figure out
// something that needs less escalation but has the correct behavior.
row,err:=r.db.GetAuthorizationUserRoles(dbauthz.AsProvisionerd(ctx),ownerID)
iferr!=nil {
returnxerrors.Errorf("user roles: %w",err)
}
roles,err:=row.RoleNames()
iferr!=nil {
returnxerrors.Errorf("expand roles: %w",err)
}
ownerRoles:=make([]previewtypes.WorkspaceOwnerRBACRole,0,len(roles))
for_,it:=rangeroles {
ifit.OrganizationID!=uuid.Nil&&it.OrganizationID!=r.data.templateVersion.OrganizationID {
continue
}
ownerRoles=make([]previewtypes.WorkspaceOwnerRBACRole,0,len(roles))
for_,it:=rangeroles {
ifit.OrganizationID!=uuid.Nil&&it.OrganizationID!=r.data.templateVersion.OrganizationID {
continue
}
varorgIDstring
ifit.OrganizationID!=uuid.Nil {
orgID=it.OrganizationID.String()
}
ownerRoles=append(ownerRoles, previewtypes.WorkspaceOwnerRBACRole{
Name:it.Name,
OrgID:orgID,
})
varorgIDstring
ifit.OrganizationID!=uuid.Nil {
orgID=it.OrganizationID.String()
}
returnnil
})
ownerRoles=append(ownerRoles, previewtypes.WorkspaceOwnerRBACRole{
Name:it.Name,
OrgID:orgID,
})
}

varpublicKeystring
g.Go(func()error {
// The correct public key has to be sent. This will not be leaked
// unless the template leaks it.
// nolint:gocritic
key,err:=r.db.GetGitSSHKey(dbauthz.AsProvisionerd(ctx),ownerID)
iferr!=nil {
returnerr
}
publicKey=key.PublicKey
returnnil
})
// The correct public key has to be sent. This will not be leaked
// unless the template leaks it.
// nolint:gocritic
key,err:=r.db.GetGitSSHKey(dbauthz.AsProvisionerd(ctx),ownerID)
iferr!=nil {
returnxerrors.Errorf("ssh key: %w",err)
}

vargroupNames []string
g.Go(func()error {
// The groups need to be sent to preview. These groups are not exposed to the
// user, unless the template does it through the parameters. Regardless, we need
// the correct groups, and a user might not have read access.
// nolint:gocritic
groups,err:=r.db.GetGroups(dbauthz.AsProvisionerd(ctx), database.GetGroupsParams{
OrganizationID:r.data.templateVersion.OrganizationID,
HasMemberID:ownerID,
})
iferr!=nil {
returnerr
}
groupNames=make([]string,0,len(groups))
for_,it:=rangegroups {
groupNames=append(groupNames,it.Group.Name)
}
returnnil
// The groups need to be sent to preview. These groups are not exposed to the
// user, unless the template does it through the parameters. Regardless, we need
// the correct groups, and a user might not have read access.
// nolint:gocritic
groups,err:=r.db.GetGroups(dbauthz.AsProvisionerd(ctx), database.GetGroupsParams{
OrganizationID:r.data.templateVersion.OrganizationID,
HasMemberID:ownerID,
})

err=g.Wait()
iferr!=nil {
returnerr
returnxerrors.Errorf("groups: %w",err)
}
groupNames:=make([]string,0,len(groups))
for_,it:=rangegroups {
groupNames=append(groupNames,it.Group.Name)
}

r.currentOwner=&previewtypes.WorkspaceOwner{
Expand All@@ -341,7 +320,7 @@ func (r *dynamicRenderer) getWorkspaceOwnerData(ctx context.Context, ownerID uui
Email:mem.Email,
LoginType:string(user.LoginType),
RBACRoles:ownerRoles,
SSHPublicKey:publicKey,
SSHPublicKey:key.PublicKey,
Groups:groupNames,
}
returnnil
Expand Down
Loading
[8]ページ先頭
©2009-2025 Movatter.jp