Description
Users with Limited Permissions Can Still Create Workspaces
Description
We are attempting to create a restricted role where users are unable to create or edit workspaces. This role should function similarly to the Platform Member role described in the Coder documentation.
However, when testing, users assigned this custom role were still able to create workspaces, which is unexpected behavior.
Steps to Reproduce
- Created a custom role.
- Assigned only the
workspace:application_connectpermission. - Assigned this role to a user in the default organization.
- Logged in as the user and observed that they were still able to create a workspace.
Expected Behavior
The user should not have the ability to create a workspace, given that they only have the workspace:application_connect permission.
Actual Behavior
The user was still able to create a new workspace despite lacking explicit permissions for workspace creation.
Environment
- Coder Version: 2.18.5
- Deployment Method: Helm
- Organization Settings: Default
Additional Context
We would like to clarify whether additional permissions are implicitly granting workspace creation or if this is a bug. If additional restrictions are needed to prevent workspace creation, please advise on the correct role configuration.
Possible Workarounds
N/A at this time.
Would appreciate any guidance on resolving this issue! 🚀