forked fromcoder/coder

NotificationsYou must be signed in to change notification settings
Fork0
Star0

Commit1b4ca00

authored

chore: include custom roles in list org roles (coder#13336)

* chore: include custom roles in list org roles* move cli show roles to org scope

1 parentd748c6d commit1b4ca00Copy full SHA for 1b4ca00

File tree

24 files changed

+312

-117

lines changed

cli
coderd
- apidoc
  - docs.go
  - swagger.json
- database
  - db2sdk
    - db2sdk.go
  - dbgen
    - dbgen.go
  - dbmem
    - dbmem.go
  - queries
    - roles.sql
  - queries.sql.go
- rbac
  - roles.go
  - rolestore
    - rolestore.go
    - rolestore_test.go
- roles.go
- roles_test.go
codersdk
- roles.go
docs/api
- members.md
- schemas.md
enterprise
- cli
  - rolescmd_test.go
  - root.go
- coderd
  - roles.go
  - roles_test.go
site/src
- api
  - typesGenerated.ts
- testHelpers
  - entities.ts

24 files changed

+312

-117

lines changed

`‎cli/organization.go`

Lines changed: 1 addition & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -30,6 +30,7 @@ func (r RootCmd) organizations() serpent.Command {`
`30`	`30`	`r.currentOrganization(),`
`31`	`31`	`r.switchOrganization(),`
`32`	`32`	`r.createOrganization(),`
	`33`	`+r.organizationRoles(),`
`33`	`34`	`},`
`34`	`35`	`}`
`35`	`36`

`‎enterprise/cli/rolescmd.gorenamed to‎cli/organizationroles.go`

Lines changed: 10 additions & 8 deletions

Original file line number	Diff line number	Diff line change
`@@ -12,26 +12,23 @@ import (`
`12`	`12`	`"github.com/coder/serpent"`
`13`	`13`	`)`
`14`	`14`
`15`		`-// NOTE Only covers site wide roles at present. Org scoped roles maybe`
`16`		`-// should be nested under some command that scopes to an org??`
`17`		`-`
`18`		`-func (rRootCmd)roles()serpent.Command {`
	`15`	`+func (rRootCmd)organizationRoles()serpent.Command {`
`19`	`16`	`cmd:=&serpent.Command{`
`20`	`17`	`Use:"roles",`
`21`		`-Short:"Managesite-wide roles.",`
	`18`	`+Short:"Manageorganization roles.",`
`22`	`19`	`Aliases: []string{"role"},`
`23`	`20`	`Handler:func(inv*serpent.Invocation)error {`
`24`	`21`	`returninv.Command.HelpHandler(inv)`
`25`	`22`	`},`
`26`	`23`	`Hidden:true,`
`27`	`24`	`Children: []*serpent.Command{`
`28`		`-r.showRole(),`
	`25`	`+r.showOrganizationRoles(),`
`29`	`26`	`},`
`30`	`27`	`}`
`31`	`28`	`returncmd`
`32`	`29`	`}`
`33`	`30`
`34`		`-func (rRootCmd)showRole()serpent.Command {`
	`31`	`+func (rRootCmd)showOrganizationRoles()serpent.Command {`
`35`	`32`	`formatter:=cliui.NewOutputFormatter(`
`36`	`33`	`cliui.ChangeFormatterData(`
`37`	`34`	`cliui.TableFormat([]assignableRolesTableRow{}, []string{"name","display_name","built_in","site_permissions","org_permissions","user_permissions"}),`
`@@ -67,7 +64,12 @@ func (r RootCmd) showRole() serpent.Command {`
`67`	`64`	`),`
`68`	`65`	`Handler:func(inv*serpent.Invocation)error {`
`69`	`66`	`ctx:=inv.Context()`
`70`		`-roles,err:=client.ListSiteRoles(ctx)`
	`67`	`+org,err:=CurrentOrganization(r,inv,client)`
	`68`	`+iferr!=nil {`
	`69`	`+returnerr`
	`70`	`+}`
	`71`	`+`
	`72`	`+roles,err:=client.ListOrganizationRoles(ctx,org.ID)`
`71`	`73`	`iferr!=nil {`
`72`	`74`	`returnxerrors.Errorf("listing roles: %w",err)`
`73`	`75`	`}`

`‎cli/organizationroles_test.go`

Lines changed: 51 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,51 @@`
	`1`	`+package cli_test`
	`2`	`+`
	`3`	`+import (`
	`4`	`+"bytes"`
	`5`	`+"testing"`
	`6`	`+`
	`7`	`+"github.com/google/uuid"`
	`8`	`+"github.com/stretchr/testify/require"`
	`9`	`+`
	`10`	`+"github.com/coder/coder/v2/cli/clitest"`
	`11`	`+"github.com/coder/coder/v2/coderd/coderdtest"`
	`12`	`+"github.com/coder/coder/v2/coderd/database"`
	`13`	`+"github.com/coder/coder/v2/coderd/database/dbgen"`
	`14`	`+"github.com/coder/coder/v2/coderd/rbac"`
	`15`	`+"github.com/coder/coder/v2/testutil"`
	`16`	`+)`
	`17`	`+`
	`18`	`+funcTestShowOrganizationRoles(t*testing.T) {`
	`19`	`+t.Parallel()`
	`20`	`+`
	`21`	`+t.Run("OK",func(t*testing.T) {`
	`22`	`+t.Parallel()`
	`23`	`+`
	`24`	`+ownerClient,db:=coderdtest.NewWithDatabase(t,&coderdtest.Options{})`
	`25`	`+owner:=coderdtest.CreateFirstUser(t,ownerClient)`
	`26`	`+client,_:=coderdtest.CreateAnotherUser(t,ownerClient,owner.OrganizationID,rbac.RoleUserAdmin())`
	`27`	`+`
	`28`	`+constexpectedRole="test-role"`
	`29`	`+dbgen.CustomRole(t,db, database.CustomRole{`
	`30`	`+Name:expectedRole,`
	`31`	`+DisplayName:"Expected",`
	`32`	`+SitePermissions:nil,`
	`33`	`+OrgPermissions:nil,`
	`34`	`+UserPermissions:nil,`
	`35`	`+OrganizationID: uuid.NullUUID{`
	`36`	`+UUID:owner.OrganizationID,`
	`37`	`+Valid:true,`
	`38`	`+},`
	`39`	`+})`
	`40`	`+`
	`41`	`+ctx:=testutil.Context(t,testutil.WaitMedium)`
	`42`	`+inv,root:=clitest.New(t,"organization","roles","show")`
	`43`	`+clitest.SetupConfig(t,client,root)`
	`44`	`+`
	`45`	`+buf:=new(bytes.Buffer)`
	`46`	`+inv.Stdout=buf`
	`47`	`+err:=inv.WithContext(ctx).Run()`
	`48`	`+require.NoError(t,err)`
	`49`	`+require.Contains(t,buf.String(),expectedRole)`
	`50`	`+})`
	`51`	`+}`

`‎coderd/apidoc/docs.go`

Lines changed: 8 additions & 0 deletions

Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

`‎coderd/apidoc/swagger.json`

Lines changed: 8 additions & 0 deletions

Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

`‎coderd/database/db2sdk/db2sdk.go`

Lines changed: 8 additions & 3 deletions

Original file line number	Diff line number	Diff line change
`@@ -527,12 +527,17 @@ func ProvisionerDaemon(dbDaemon database.ProvisionerDaemon) codersdk.Provisioner`
`527`	`527`	`}`
`528`	`528`
`529`	`529`	`funcRole(role rbac.Role) codersdk.Role {`
	`530`	`+roleName,orgIDStr,err:=rbac.RoleSplit(role.Name)`
	`531`	`+iferr!=nil {`
	`532`	`+roleName=role.Name`
	`533`	`+}`
`530`	`534`	`return codersdk.Role{`
`531`		`-Name:role.Name,`
	`535`	`+Name:roleName,`
	`536`	`+OrganizationID:orgIDStr,`
`532`	`537`	`DisplayName:role.DisplayName,`
`533`	`538`	`SitePermissions:List(role.Site,Permission),`
`534`	`539`	`OrganizationPermissions:Map(role.Org,ListLazy(Permission)),`
`535`		`-UserPermissions:List(role.Site,Permission),`
	`540`	`+UserPermissions:List(role.User,Permission),`
`536`	`541`	`}`
`537`	`542`	`}`
`538`	`543`
`@@ -546,7 +551,7 @@ func Permission(permission rbac.Permission) codersdk.Permission {`
`546`	`551`
`547`	`552`	`funcRoleToRBAC(role codersdk.Role) rbac.Role {`
`548`	`553`	`return rbac.Role{`
`549`		`-Name:role.Name,`
	`554`	`+Name:rbac.RoleName(role.Name,role.OrganizationID),`
`550`	`555`	`DisplayName:role.DisplayName,`
`551`	`556`	`Site:List(role.SitePermissions,PermissionToRBAC),`
`552`	`557`	`Org:Map(role.OrganizationPermissions,ListLazy(PermissionToRBAC)),`

`‎coderd/database/dbgen/dbgen.go`

Lines changed: 14 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -8,6 +8,7 @@ import (`
`8`	`8`	`"encoding/json"`
`9`	`9`	`"fmt"`
`10`	`10`	`"net"`
	`11`	`+"strings"`
`11`	`12`	`"testing"`
`12`	`13`	`"time"`
`13`	`14`
`@@ -817,6 +818,19 @@ func OAuth2ProviderAppToken(t testing.TB, db database.Store, seed database.OAuth`
`817`	`818`	`returntoken`
`818`	`819`	`}`
`819`	`820`
	`821`	`+funcCustomRole(t testing.TB,db database.Store,seed database.CustomRole) database.CustomRole {`
	`822`	`+role,err:=db.UpsertCustomRole(genCtx, database.UpsertCustomRoleParams{`
	`823`	`+Name:takeFirst(seed.Name,strings.ToLower(namesgenerator.GetRandomName(1))),`
	`824`	`+DisplayName:namesgenerator.GetRandomName(1),`
	`825`	`+OrganizationID:seed.OrganizationID,`
	`826`	`+SitePermissions:takeFirstSlice(seed.SitePermissions, []byte("[]")),`
	`827`	`+OrgPermissions:takeFirstSlice(seed.SitePermissions, []byte("{}")),`
	`828`	`+UserPermissions:takeFirstSlice(seed.SitePermissions, []byte("[]")),`
	`829`	`+})`
	`830`	`+require.NoError(t,err,"insert custom role")`
	`831`	`+returnrole`
	`832`	`+}`
	`833`	`+`
`820`	`834`	`funcmust[Vany](vV,errerror)V {`
`821`	`835`	`iferr!=nil {`
`822`	`836`	`panic(err)`

`‎coderd/database/dbmem/dbmem.go`

Lines changed: 11 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -1187,7 +1187,11 @@ func (q *FakeQuerier) CustomRoles(_ context.Context, arg database.CustomRolesPar`
`1187`	`1187`	`role:=role`
`1188`	`1188`	`iflen(arg.LookupRoles)>0 {`
`1189`	`1189`	`if!slices.ContainsFunc(arg.LookupRoles,func(sstring)bool {`
`1190`		`-returnstrings.EqualFold(s,role.Name)`
	`1190`	`+roleName:=rbac.RoleName(role.Name,"")`
	`1191`	`+ifrole.OrganizationID.UUID!=uuid.Nil {`
	`1192`	`+roleName=rbac.RoleName(role.Name,role.OrganizationID.UUID.String())`
	`1193`	`+}`
	`1194`	`+returnstrings.EqualFold(s,roleName)`
`1191`	`1195`	`}) {`
`1192`	`1196`	`continue`
`1193`	`1197`	`}`
`@@ -1197,6 +1201,10 @@ func (q *FakeQuerier) CustomRoles(_ context.Context, arg database.CustomRolesPar`
`1197`	`1201`	`continue`
`1198`	`1202`	`}`
`1199`	`1203`
	`1204`	`+ifarg.OrganizationID!=uuid.Nil&&role.OrganizationID.UUID!=arg.OrganizationID {`
	`1205`	`+continue`
	`1206`	`+}`
	`1207`	`+`
`1200`	`1208`	`found=append(found,role)`
`1201`	`1209`	`}`
`1202`	`1210`
`@@ -8377,6 +8385,7 @@ func (q *FakeQuerier) UpsertCustomRole(_ context.Context, arg database.UpsertCus`
`8377`	`8385`	`fori:=rangeq.customRoles {`
`8378`	`8386`	`ifstrings.EqualFold(q.customRoles[i].Name,arg.Name) {`
`8379`	`8387`	`q.customRoles[i].DisplayName=arg.DisplayName`
	`8388`	`+q.customRoles[i].OrganizationID=arg.OrganizationID`
`8380`	`8389`	`q.customRoles[i].SitePermissions=arg.SitePermissions`
`8381`	`8390`	`q.customRoles[i].OrgPermissions=arg.OrgPermissions`
`8382`	`8391`	`q.customRoles[i].UserPermissions=arg.UserPermissions`
`@@ -8388,6 +8397,7 @@ func (q *FakeQuerier) UpsertCustomRole(_ context.Context, arg database.UpsertCus`
`8388`	`8397`	`role:= database.CustomRole{`
`8389`	`8398`	`Name:arg.Name,`
`8390`	`8399`	`DisplayName:arg.DisplayName,`
	`8400`	`+OrganizationID:arg.OrganizationID,`
`8391`	`8401`	`SitePermissions:arg.SitePermissions,`
`8392`	`8402`	`OrgPermissions:arg.OrgPermissions,`
`8393`	`8403`	`UserPermissions:arg.UserPermissions,`

`‎coderd/database/queries.sql.go`

Lines changed: 21 additions & 9 deletions

Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

`‎coderd/database/queries/roles.sql`

Lines changed: 12 additions & 3 deletions

Original file line number	Diff line number	Diff line change
`@@ -5,24 +5,32 @@ FROM`
`5`	`5`	`custom_roles`
`6`	`6`	`WHERE`
`7`	`7`	`true`
`8`		`--- Lookup roles filter`
	`8`	`+-- Lookup roles filter expects the role names to be in the rbac package`
	`9`	`+-- format. Eg: name[:<organization_id>]`
`9`	`10`	`AND CASE WHEN array_length(@lookup_roles ::text[],1)>0 THEN`
`10`		`--- Case insensitive`
`11`		`-name ILIKE ANY(@lookup_roles ::text [])`
	`11`	`+-- Case insensitive lookup with org_id appended (if non-null).`
	`12`	`+-- This will return just the name if org_id is null. It'll append`
	`13`	`+-- the org_id if not null`
	`14`	`+concat(name, NULLIF(concat(':', organization_id),':')) ILIKE ANY(@lookup_roles ::text [])`
`12`	`15`	`ELSE true`
`13`	`16`	`END`
`14`	`17`	`-- Org scoping filter, to only fetch site wide roles`
`15`	`18`	`AND CASE WHEN @exclude_org_roles ::boolean THEN`
`16`	`19`	`organization_id ISnull`
`17`	`20`	`ELSE true`
`18`	`21`	`END`
	`22`	`+AND CASE WHEN @organization_id :: uuid!='00000000-0000-0000-0000-000000000000'::uuid THEN`
	`23`	`+ organization_id= @organization_id`
	`24`	`+ ELSE true`
	`25`	`+ END`
`19`	`26`	`;`
`20`	`27`
`21`	`28`	`-- name: UpsertCustomRole :one`
`22`	`29`	`INSERT INTO`
`23`	`30`	`custom_roles (`
`24`	`31`	`name,`
`25`	`32`	`display_name,`
	`33`	`+ organization_id,`
`26`	`34`	`site_permissions,`
`27`	`35`	`org_permissions,`
`28`	`36`	`user_permissions,`
`@@ -33,6 +41,7 @@ VALUES (`
`33`	`41`	`-- Always force lowercase names`
`34`	`42`	`lower(@name),`
`35`	`43`	`@display_name,`
	`44`	`+ @organization_id,`
`36`	`45`	`@site_permissions,`
`37`	`46`	`@org_permissions,`
`38`	`47`	`@user_permissions,`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit1b4ca00

File tree

24 files changed

24 files changed

`‎cli/organization.go`

`‎enterprise/cli/rolescmd.gorenamed to‎cli/organizationroles.go`

`‎cli/organizationroles_test.go`

`‎coderd/apidoc/docs.go`

`‎coderd/apidoc/swagger.json`

`‎coderd/database/db2sdk/db2sdk.go`

`‎coderd/database/dbgen/dbgen.go`

`‎coderd/database/dbmem/dbmem.go`

`‎coderd/database/queries.sql.go`

`‎coderd/database/queries/roles.sql`

0 commit comments