8000 feat: add api for patching custom org roles by Emyrk · Pull Request #13357 · coder/coder · GitHub
[go: up one dir, main page]
Skip to content

feat: add api for patching custom org roles #13357

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 14 commits into from
May 29, 2024
Merged

feat: add api for patching custom org roles #13357

Changes from 1 commit
Commits
Show all changes
14 commits
Select commit Hold shift + click to select a range
3ca152a
chore: implement patching custom organization roles
Emyrk May 23, 2024
d231cdf
fixup test to assign org role instead of site
Emyrk May 23, 2024
5c80ea0
cleanup and make gen
Emyrk May 24, 2024
b55d1c5
Remove diffs for the cli, moving to another branch
Emyrk May 24, 2024
fb1dddc
revert route removal
Emyrk May 24, 2024
5eaf868
make gen
Emyrk May 24, 2024
3f56f51
chore: remove org map perms in sdk
Emyrk May 28, 2024
715efa2
add test for mismatched orgID
Emyrk May 28, 2024
816f97c
add unit tests for site & user permission attempt
Emyrk May 28, 2024
6e88678
add invalid uuid test
Emyrk May 28, 2024
282f261
make gen
Emyrk May 28, 2024
d633afc
fix ts
Emyrk May 28, 2024
5ac97f8
fixup! fix ts
Emyrk May 28, 2024
c6335cf
make gen
Emyrk May 28, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
add unit tests for site & user permission attempt
  • Loading branch information
@Emyrk
Emyrk committed May 28, 2024
commit 816f97ca7f04598441663c232a2eecef8919355a
43 changes: 43 additions & 0 deletions enterprise/coderd/roles_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -230,4 +230,47 @@ func TestCustomOrganizationRole(t *testing.T) {
_, err := owner.PatchOrganizationRole(ctx, first.OrganizationID, templateAdminCustom(uuid.New()))
require.ErrorContains(t, err, "does not match")
})

// Attempt to add site & user permissions, which is not allowed
t.Run("ExcessPermissions", func(t *testing.T) {
t.Parallel()
dv := coderdtest.DeploymentValues(t)
dv.Experiments = []string{string(codersdk.ExperimentCustomRoles)}
owner, first := coderdenttest.New(t, &coderdenttest.Options{
Options: &coderdtest.Options{
DeploymentValues: dv,
},
LicenseOptions: &coderdenttest.LicenseOptions{
Features: license.Features{
codersdk.FeatureCustomRoles: 1,
},
},
})

ctx := testutil.Context(t, testutil.WaitMedium)

siteRole := templateAdminCustom(first.OrganizationID)
siteRole.SitePermissions = []codersdk.Permission{
{
ResourceType: codersdk.ResourceWorkspace,
Action: codersdk.ActionRead,
},
}
5EB8
//nolint:gocritic // owner is required for this
_, err := owner.PatchOrganizationRole(ctx, first.OrganizationID, siteRole)
require.ErrorContains(t, err, "site wide permissions")

userRole := templateAdminCustom(first.OrganizationID)
userRole.UserPermissions = []codersdk.Permission{
{
ResourceType: codersdk.ResourceWorkspace,
Action: codersdk.ActionRead,
},
}

//nolint:gocritic // owner is required for this
_, err = owner.PatchOrganizationRole(ctx, first.OrganizationID, userRole)
require.ErrorContains(t, err, "not allowed to assign user permissions")
})
}
0