synced/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2025-07-18 14:17:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: Dbauthz is now default, remove out of experimental (#6650)

Browse Source 
* feat: dbauthz always on, out of experimental
* Add ability to do rbac checks in unit tests
* Remove AuthorizeAllEndpoints
* Remove duplicate rbac checks
This commit is contained in:
Steven Masley
2023-03-21 09:10:22 -05:00
committed by GitHub
parent 8aae0b64d3
commit 2321160c62
37 changed files with 334 additions and 1271 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
coderd/organizations.go
View File

@ -24,15 +24,10 @@ import (
// @Param organization path string true "Organization ID" format(uuid)
// @Success 200 {object} codersdk.Organization
// @Router /organizations/{organization} [get]
func (api *API) organization(rw http.ResponseWriter, r *http.Request) {
func (*API) organization(rw http.ResponseWriter, r *http.Request) {
ctx := r.Context()
organization := httpmw.OrganizationParam(r)
if !api.Authorize(r, rbac.ActionRead, organization) {
httpapi.ResourceNotFound(rw)
return
}
httpapi.Write(ctx, rw, http.StatusOK, convertOrganization(organization))
}
@ -48,12 +43,6 @@ func (api *API) organization(rw http.ResponseWriter, r *http.Request) {
func (api *API) postOrganizations(rw http.ResponseWriter, r *http.Request) {
ctx := r.Context()
apiKey := httpmw.APIKey(r)
// Create organization uses the organization resource without an OrgID.
// This means you need the site wide permission to make a new organization.
if !api.Authorize(r, rbac.ActionCreate, rbac.ResourceOrganization) {
httpapi.Forbidden(rw)
return
}
var req codersdk.CreateOrganizationRequest
if !httpapi.Read(ctx, rw, r, &req) {