8000 Working implementation · coder/coder@581aafc · GitHub
[go: up one dir, main page]
Skip to content

Commit 581aafc

Browse files
dannykoppingdannykopping
committed
Working implementation
Signed-off-by: Danny Kopping <danny@coder.com>
1 parent 45d9274 commit 581aafc

24 files changed

+891
-395
lines changed

coderd/database/dbmem/dbmem.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8173,6 +8173,7 @@ func (q *FakeQuerier) InsertWorkspaceApp(_ context.Context, arg database.InsertW
81738173
Health: arg.Health,
81748174
Hidden: arg.Hidden,
81758175
DisplayOrder: arg.DisplayOrder,
8176+
CorsBehavior: arg.CorsBehavior,
81768177
}
81778178
q.workspaceApps = append(q.workspaceApps, workspaceApp)
81788179
return workspaceApp, nil

coderd/database/dump.sql

Lines changed: 7 additions & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/database/migrations/000277_workspace_app_cors_behavior.down.sql

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,4 @@
1+
ALTER TABLE workspace_apps
2+
DROP COLUMN IF EXISTS cors_behavior;
3+
4+
DROP TYPE IF EXISTS app_cors_behavior;

coderd/database/migrations/000277_workspace_app_cors_behavior.up.sql

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,10 @@
1+
CREATE TYPE app_cors_behavior AS ENUM (
2+
'simple',
3+
'passthru'
4+
);
5+
6+
-- https://www.postgresql.org/docs/16/sql-altertable.html
7+
-- When a column is added with ADD COLUMN and a non-volatile DEFAULT is specified, the default is evaluated at the time
8+
-- of the statement and the result stored in the table's metadata. That value will be used for the column for all existing rows.
9+
ALTER TABLE workspace_apps
10+
ADD COLUMN cors_behavior app_cors_behavior NOT NULL DEFAULT 'simple'::app_cors_behavior;

coderd/database/models.go

Lines changed: 60 additions & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/database/queries.sql.go

Lines changed: 13 additions & 5 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/database/queries/workspaceapps.sql

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -24,6 +24,7 @@ INSERT INTO
2424
external,
2525
subdomain,
2626
sharing_level,
27+
cors_behavior,
2728
healthcheck_url,
2829
healthcheck_interval,
2930
healthcheck_threshold,
@@ -32,7 +33,7 @@ INSERT INTO
3233
hidden
3334
)
3435
VALUES
35-
($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12, $13, $14, $15, $16, $17) RETURNING *;
36+
($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12, $13, $14, $15, $16, $17, $18) RETURNING *;
3637

3738
-- name: UpdateWorkspaceAppHealthByID :exec
3839
UPDATE

coderd/database/sqlc.yaml

Lines changed: 1 addition & 0 deletions
149
Original file line numberDiff line numberDiff line change
@@ -146,6 +146,7 @@ sql:
146146
login_type_oauth2_provider_app: LoginTypeOAuth2ProviderApp
147147
crypto_key_feature_workspace_apps_api_key: CryptoKeyFeatureWorkspaceAppsAPIKey
148148
crypto_key_feature_oidc_convert: CryptoKeyFeatureOIDCConvert
149+
app_cors_behavior: AppCORSBehavior
150
rules:
150151
- name: do-not-use-public-schema-in-queries
151152
message: "do not use public schema in queries"

coderd/httpmw/cors.go

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,7 @@ import (
88
"github.com/go-chi/cors"
99

1010
"github.com/coder/coder/v2/coderd/workspaceapps/appurl"
11+
ws_cors "github.com/coder/coder/v2/coderd/workspaceapps/cors"
1112
)
1213

1314
const (
@@ -47,6 +48,11 @@ func Cors(allowAll bool, origins ...string) func(next http.Handler) http.Handler
4748
func WorkspaceAppCors(regex *regexp.Regexp, app appurl.ApplicationURL) func(next http.Handler) http.Handler {
4849
return cors.Handler(cors.Options{
4950
AllowOriginFunc: func(r *http.Request, rawOrigin string) bool {
51+
// If passthru behavior is set, disable our simplified CORS handling.
52+
if ws_cors.HasBehavior(r.Context(), ws_cors.AppCORSBehaviorPassthru) {
53+
return true
54+
}
55+
5056
origin, err := url.Parse(rawOrigin)
5157
if rawOrigin == "" || origin.Host == "" || err != nil {
5258
return false

coderd/httpmw/cors_test.go

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -105,7 +105,8 @@ func TestWorkspaceAppCors(t *testing.T) {
105105
r.Header.Set("Access-Control-Request-Method", method)
106106
}
107107

108-
handler := httpmw.WorkspaceAppCors(regex, test.app)(http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
108+
// TODO: signed token provider
109+
handler := httpmw.WorkspaceAppCors(nil, regex, test.app)(http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
109110
rw.WriteHeader(http.StatusNoContent)
110111
}))
111112

coderd/provisionerdserver/provisionerdserver.go

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1988,6 +1988,15 @@ func InsertWorkspaceResource(ctx context.Context, db database.Store, jobID uuid.
19881988
sharingLevel = database.AppSharingLevelPublic
19891989
}
19901990

1991+
// TODO: consider backwards-compat where proto might not contain this field
1992+
var corsBehavior database.AppCORSBehavior
1993+
switch app.CorsBehavior {
1994+
case sdkproto.AppCORSBehavior_PASSTHRU:
1995+
corsBehavior = database.AppCorsBehaviorPassthru
1996+
default:
1997+
corsBehavior = database.AppCorsBehaviorSimple
1998+
}
1999+
19912000
dbApp, err := db.InsertWorkspaceApp(ctx, database.InsertWorkspaceAppParams{
19922001
ID: uuid.New(),
19932002
CreatedAt: dbtime.Now(),
@@ -2006,6 +2015,7 @@ func InsertWorkspaceResource(ctx context.Context, db database.Store, jobID uuid.
20062015
External: app.External,
20072016
Subdomain: app.Subdomain,
20082017
SharingLevel: sharingLevel,
2018+
CorsBehavior: corsBehavior,
20092019
HealthcheckUrl: app.Healthcheck.Url,
20102020
HealthcheckInterval: app.Healthcheck.Interval,
20112021
HealthcheckThreshold: app.Healthcheck.Threshold,

0 commit comments

Comments
 (0)
0