mirror of
https://github.com/coder/coder.git
synced 2025-07-06 15:41:45 +00:00
chore(scripts/rules.go): broaden scope of testingWithOwnerUser linter (#10548)
* Updated testingWithOwnerUser ruleguard rule to detect: a) Passing client from coderdenttest.New() to clitest.SetupConfig() similar to what already exists for AGPL code b) Usage of any method of the owner client from coderdenttest.New() - all usages of the owner client must be justified with a `//nolint:gocritic` comment. * Fixed resulting linter complaints. * Added new coderdtest helpers CreateGroup and UpdateTemplateMeta. * Modified check_enterprise_import.sh to ignore scripts/rules.go.
This commit is contained in:
Cian Johnston
GitHub
@ -39,6 +39,7 @@ func TestTemplates(t *testing.T) {
|
||||
},
|
||||
},
|
||||
})
|
||||
anotherClient, _ := coderdtest.CreateAnotherUser(t, client, user.OrganizationID)
|
||||
|
||||
version := coderdtest.CreateTemplateVersion(t, client, user.OrganizationID, nil)
|
||||
exp := 24 * time.Hour.Milliseconds()
|
||||
@ -56,7 +57,7 @@ func TestTemplates(t *testing.T) {
|
||||
TemplateID: template.ID,
|
||||
Name: "testing",
|
||||
}
|
||||
ws, err := client.CreateWorkspace(ctx, template.OrganizationID, codersdk.Me, req)
|
||||
ws, err := anotherClient.CreateWorkspace(ctx, template.OrganizationID, codersdk.Me, req)
|
||||
require.NoError(t, err)
|
||||
require.NotNil(t, ws.TTLMillis)
|
||||
require.EqualValues(t, exp, *ws.TTLMillis)
|
||||
@ -64,7 +65,7 @@ func TestTemplates(t *testing.T) {
|
||||
// Editing a workspace to have a higher TTL than the template's max
|
||||
// should error
|
||||
exp = exp + time.Minute.Milliseconds()
|
||||
err = client.UpdateWorkspaceTTL(ctx, ws.ID, codersdk.UpdateWorkspaceTTLRequest{
|
||||
err = anotherClient.UpdateWorkspaceTTL(ctx, ws.ID, codersdk.UpdateWorkspaceTTLRequest{
|
||||
TTLMillis: &exp,
|
||||
})
|
||||
require.Error(t, err)
|
||||
@ -78,7 +79,7 @@ func TestTemplates(t *testing.T) {
|
||||
// Creating workspace with TTL higher than max should error
|
||||
req.Name = "testing2"
|
||||
req.TTLMillis = &exp
|
||||
ws, err = client.CreateWorkspace(ctx, template.OrganizationID, codersdk.Me, req)
|
||||
ws, err = anotherClient.CreateWorkspace(ctx, template.OrganizationID, codersdk.Me, req)
|
||||
require.Error(t, err)
|
||||
apiErr = nil
|
||||
require.ErrorAs(t, err, &apiErr)
|
||||
@ -100,6 +101,7 @@ func TestTemplates(t *testing.T) {
|
||||
},
|
||||
},
|
||||
})
|
||||
anotherClient, _ := coderdtest.CreateAnotherUser(t, client, user.OrganizationID)
|
||||
|
||||
version := coderdtest.CreateTemplateVersion(t, client, user.OrganizationID, nil)
|
||||
exp := 24 * time.Hour.Milliseconds()
|
||||
@ -116,27 +118,27 @@ func TestTemplates(t *testing.T) {
|
||||
TemplateID: template.ID,
|
||||
Name: "testing",
|
||||
}
|
||||
ws, err := client.CreateWorkspace(ctx, template.OrganizationID, codersdk.Me, req)
|
||||
ws, err := anotherClient.CreateWorkspace(ctx, template.OrganizationID, codersdk.Me, req)
|
||||
require.NoError(t, err)
|
||||
require.NotNil(t, ws.TTLMillis)
|
||||
require.EqualValues(t, exp, *ws.TTLMillis)
|
||||
|
||||
// Editing a workspace to disable the TTL should do nothing
|
||||
err = client.UpdateWorkspaceTTL(ctx, ws.ID, codersdk.UpdateWorkspaceTTLRequest{
|
||||
err = anotherClient.UpdateWorkspaceTTL(ctx, ws.ID, codersdk.UpdateWorkspaceTTLRequest{
|
||||
TTLMillis: nil,
|
||||
})
|
||||
require.NoError(t, err)
|
||||
ws, err = client.Workspace(ctx, ws.ID)
|
||||
ws, err = anotherClient.Workspace(ctx, ws.ID)
|
||||
require.NoError(t, err)
|
||||
require.EqualValues(t, exp, *ws.TTLMillis)
|
||||
|
||||
// Editing a workspace to have a TTL of 0 should do nothing
|
||||
zero := int64(0)
|
||||
err = client.UpdateWorkspaceTTL(ctx, ws.ID, codersdk.UpdateWorkspaceTTLRequest{
|
||||
err = anotherClient.UpdateWorkspaceTTL(ctx, ws.ID, codersdk.UpdateWorkspaceTTLRequest{
|
||||
TTLMillis: &zero,
|
||||
})
|
||||
require.NoError(t, err)
|
||||
ws, err = client.Workspace(ctx, ws.ID)
|
||||
ws, err = anotherClient.Workspace(ctx, ws.ID)
|
||||
require.NoError(t, err)
|
||||
require.EqualValues(t, exp, *ws.TTLMillis)
|
||||
})
|
||||
@ -154,6 +156,7 @@ func TestTemplates(t *testing.T) {
|
||||
},
|
||||
},
|
||||
})
|
||||
anotherClient, _ := coderdtest.CreateAnotherUser(t, client, user.OrganizationID, rbac.RoleTemplateAdmin())
|
||||
|
||||
version := coderdtest.CreateTemplateVersion(t, client, user.OrganizationID, nil)
|
||||
coderdtest.AwaitTemplateVersionJobCompleted(t, client, version.ID)
|
||||
@ -161,7 +164,7 @@ func TestTemplates(t *testing.T) {
|
||||
require.Equal(t, []string{"monday", "tuesday", "wednesday", "thursday", "friday", "saturday", "sunday"}, template.AutostartRequirement.DaysOfWeek)
|
||||
|
||||
ctx := testutil.Context(t, testutil.WaitLong)
|
||||
updated, err := client.UpdateTemplateMeta(ctx, template.ID, codersdk.UpdateTemplateMeta{
|
||||
updated, err := anotherClient.UpdateTemplateMeta(ctx, template.ID, codersdk.UpdateTemplateMeta{
|
||||
Name: template.Name,
|
||||
DisplayName: template.DisplayName,
|
||||
Description: template.Description,
|
||||
@ -173,12 +176,12 @@ func TestTemplates(t *testing.T) {
|
||||
require.NoError(t, err)
|
||||
require.Equal(t, []string{"monday", "saturday"}, updated.AutostartRequirement.DaysOfWeek)
|
||||
|
||||
template, err = client.Template(ctx, template.ID)
|
||||
template, err = anotherClient.Template(ctx, template.ID)
|
||||
require.NoError(t, err)
|
||||
require.Equal(t, []string{"monday", "saturday"}, template.AutostartRequirement.DaysOfWeek)
|
||||
|
||||
// Ensure a missing field is a noop
|
||||
updated, err = client.UpdateTemplateMeta(ctx, template.ID, codersdk.UpdateTemplateMeta{
|
||||
updated, err = anotherClient.UpdateTemplateMeta(ctx, template.ID, codersdk.UpdateTemplateMeta{
|
||||
Name: template.Name,
|
||||
DisplayName: template.DisplayName,
|
||||
Description: template.Description,
|
||||
@ -187,7 +190,7 @@ func TestTemplates(t *testing.T) {
|
||||
require.NoError(t, err)
|
||||
require.Equal(t, []string{"monday", "saturday"}, updated.AutostartRequirement.DaysOfWeek)
|
||||
|
||||
template, err = client.Template(ctx, template.ID)
|
||||
template, err = anotherClient.Template(ctx, template.ID)
|
||||
require.NoError(t, err)
|
||||
require.Equal(t, []string{"monday", "saturday"}, template.AutostartRequirement.DaysOfWeek)
|
||||
})
|
||||
@ -205,6 +208,7 @@ func TestTemplates(t *testing.T) {
|
||||
},
|
||||
},
|
||||
})
|
||||
anotherClient, _ := coderdtest.CreateAnotherUser(t, client, user.OrganizationID)
|
||||
|
||||
version := coderdtest.CreateTemplateVersion(t, client, user.OrganizationID, nil)
|
||||
coderdtest.AwaitTemplateVersionJobCompleted(t, client, version.ID)
|
||||
@ -212,7 +216,7 @@ func TestTemplates(t *testing.T) {
|
||||
require.Equal(t, []string{"monday", "tuesday", "wednesday", "thursday", "friday", "saturday", "sunday"}, template.AutostartRequirement.DaysOfWeek)
|
||||
|
||||
ctx := testutil.Context(t, testutil.WaitLong)
|
||||
_, err := client.UpdateTemplateMeta(ctx, template.ID, codersdk.UpdateTemplateMeta{
|
||||
_, err := anotherClient.UpdateTemplateMeta(ctx, template.ID, codersdk.UpdateTemplateMeta{
|
||||
Name: template.Name,
|
||||
DisplayName: template.DisplayName,
|
||||
Description: template.Description,
|
||||
@ -237,6 +241,7 @@ func TestTemplates(t *testing.T) {
|
||||
},
|
||||
},
|
||||
})
|
||||
anotherClient, _ := coderdtest.CreateAnotherUser(t, client, user.OrganizationID, rbac.RoleTemplateAdmin())
|
||||
|
||||
version := coderdtest.CreateTemplateVersion(t, client, user.OrganizationID, nil)
|
||||
coderdtest.AwaitTemplateVersionJobCompleted(t, client, version.ID)
|
||||
@ -244,9 +249,8 @@ func TestTemplates(t *testing.T) {
|
||||
require.Empty(t, 0, template.AutostopRequirement.DaysOfWeek)
|
||||
require.EqualValues(t, 1, template.AutostopRequirement.Weeks)
|
||||
|
||||
// ctx := testutil.Context(t, testutil.WaitLong)
|
||||
ctx := context.Background()
|
||||
updated, err := client.UpdateTemplateMeta(ctx, template.ID, codersdk.UpdateTemplateMeta{
|
||||
updated, err := anotherClient.UpdateTemplateMeta(ctx, template.ID, codersdk.UpdateTemplateMeta{
|
||||
Name: template.Name,
|
||||
DisplayName: template.DisplayName,
|
||||
Description: template.Description,
|
||||
@ -262,7 +266,7 @@ func TestTemplates(t *testing.T) {
|
||||
require.Equal(t, []string{"monday", "saturday"}, updated.AutostopRequirement.DaysOfWeek)
|
||||
require.EqualValues(t, 3, updated.AutostopRequirement.Weeks)
|
||||
|
||||
template, err = client.Template(ctx, template.ID)
|
||||
template, err = anotherClient.Template(ctx, template.ID)
|
||||
require.NoError(t, err)
|
||||
require.Equal(t, []string{"monday", "saturday"}, template.AutostopRequirement.DaysOfWeek)
|
||||
require.EqualValues(t, 3, template.AutostopRequirement.Weeks)
|
||||
@ -283,6 +287,7 @@ func TestTemplates(t *testing.T) {
|
||||
},
|
||||
},
|
||||
})
|
||||
anotherClient, _ := coderdtest.CreateAnotherUser(t, client, user.OrganizationID, rbac.RoleTemplateAdmin())
|
||||
|
||||
version := coderdtest.CreateTemplateVersion(t, client, user.OrganizationID, nil)
|
||||
coderdtest.AwaitTemplateVersionJobCompleted(t, client, version.ID)
|
||||
@ -297,7 +302,7 @@ func TestTemplates(t *testing.T) {
|
||||
dormantTTL = 3 * time.Minute
|
||||
)
|
||||
|
||||
updated, err := client.UpdateTemplateMeta(ctx, template.ID, codersdk.UpdateTemplateMeta{
|
||||
updated, err := anotherClient.UpdateTemplateMeta(ctx, template.ID, codersdk.UpdateTemplateMeta{
|
||||
Name: template.Name,
|
||||
DisplayName: template.DisplayName,
|
||||
Description: template.Description,
|
||||
@ -314,7 +319,7 @@ func TestTemplates(t *testing.T) {
|
||||
|
||||
// Validate fetching the template returns the same values as updating
|
||||
// the template.
|
||||
template, err = client.Template(ctx, template.ID)
|
||||
template, err = anotherClient.Template(ctx, template.ID)
|
||||
require.NoError(t, err)
|
||||
require.Equal(t, failureTTL.Milliseconds(), updated.FailureTTLMillis)
|
||||
require.Equal(t, inactivityTTL.Milliseconds(), updated.TimeTilDormantMillis)
|
||||
@ -335,6 +340,7 @@ func TestTemplates(t *testing.T) {
|
||||
},
|
||||
},
|
||||
})
|
||||
anotherClient, _ := coderdtest.CreateAnotherUser(t, client, user.OrganizationID, rbac.RoleTemplateAdmin())
|
||||
|
||||
version := coderdtest.CreateTemplateVersion(t, client, user.OrganizationID, nil)
|
||||
coderdtest.AwaitTemplateVersionJobCompleted(t, client, version.ID)
|
||||
@ -367,7 +373,7 @@ func TestTemplates(t *testing.T) {
|
||||
|
||||
// nolint: paralleltest // context is from parent t.Run
|
||||
t.Run(c.Name, func(t *testing.T) {
|
||||
_, err := client.UpdateTemplateMeta(ctx, template.ID, codersdk.UpdateTemplateMeta{
|
||||
_, err := anotherClient.UpdateTemplateMeta(ctx, template.ID, codersdk.UpdateTemplateMeta{
|
||||
Name: template.Name,
|
||||
DisplayName: template.DisplayName,
|
||||
Description: template.Description,
|
||||
@ -401,19 +407,20 @@ func TestTemplates(t *testing.T) {
|
||||
},
|
||||
},
|
||||
})
|
||||
anotherClient, _ := coderdtest.CreateAnotherUser(t, client, user.OrganizationID, rbac.RoleTemplateAdmin())
|
||||
version := coderdtest.CreateTemplateVersion(t, client, user.OrganizationID, nil)
|
||||
coderdtest.AwaitTemplateVersionJobCompleted(t, client, version.ID)
|
||||
template := coderdtest.CreateTemplate(t, client, user.OrganizationID, version.ID)
|
||||
|
||||
activeWS := coderdtest.CreateWorkspace(t, client, user.OrganizationID, template.ID)
|
||||
dormantWS := coderdtest.CreateWorkspace(t, client, user.OrganizationID, template.ID)
|
||||
activeWS := coderdtest.CreateWorkspace(t, anotherClient, user.OrganizationID, template.ID)
|
||||
dormantWS := coderdtest.CreateWorkspace(t, anotherClient, user.OrganizationID, template.ID)
|
||||
require.Nil(t, activeWS.DeletingAt)
|
||||
require.Nil(t, dormantWS.DeletingAt)
|
||||
|
||||
_ = coderdtest.AwaitWorkspaceBuildJobCompleted(t, client, activeWS.LatestBuild.ID)
|
||||
_ = coderdtest.AwaitWorkspaceBuildJobCompleted(t, client, dormantWS.LatestBuild.ID)
|
||||
|
||||
err := client.UpdateWorkspaceDormancy(ctx, dormantWS.ID, codersdk.UpdateWorkspaceDormancy{
|
||||
err := anotherClient.UpdateWorkspaceDormancy(ctx, dormantWS.ID, codersdk.UpdateWorkspaceDormancy{
|
||||
Dormant: true,
|
||||
})
|
||||
require.NoError(t, err)
|
||||
@ -424,7 +431,7 @@ func TestTemplates(t *testing.T) {
|
||||
require.Nil(t, dormantWS.DeletingAt)
|
||||
|
||||
dormantTTL := time.Minute
|
||||
updated, err := client.UpdateTemplateMeta(ctx, template.ID, codersdk.UpdateTemplateMeta{
|
||||
updated, err := anotherClient.UpdateTemplateMeta(ctx, template.ID, codersdk.UpdateTemplateMeta{
|
||||
TimeTilDormantAutoDeleteMillis: dormantTTL.Milliseconds(),
|
||||
})
|
||||
require.NoError(t, err)
|
||||
@ -442,7 +449,7 @@ func TestTemplates(t *testing.T) {
|
||||
|
||||
// Disable the time_til_dormant_auto_delete on the template, then we can assert that the workspaces
|
||||
// no longer have a deleting_at field.
|
||||
updated, err = client.UpdateTemplateMeta(ctx, template.ID, codersdk.UpdateTemplateMeta{
|
||||
updated, err = anotherClient.UpdateTemplateMeta(ctx, template.ID, codersdk.UpdateTemplateMeta{
|
||||
TimeTilDormantAutoDeleteMillis: 0,
|
||||
})
|
||||
require.NoError(t, err)
|
||||
@ -474,19 +481,20 @@ func TestTemplates(t *testing.T) {
|
||||
},
|
||||
},
|
||||
})
|
||||
anotherClient, _ := coderdtest.CreateAnotherUser(t, client, user.OrganizationID)
|
||||
version := coderdtest.CreateTemplateVersion(t, client, user.OrganizationID, nil)
|
||||
coderdtest.AwaitTemplateVersionJobCompleted(t, client, version.ID)
|
||||
template := coderdtest.CreateTemplate(t, client, user.OrganizationID, version.ID)
|
||||
|
||||
activeWS := coderdtest.CreateWorkspace(t, client, user.OrganizationID, template.ID)
|
||||
dormantWS := coderdtest.CreateWorkspace(t, client, user.OrganizationID, template.ID)
|
||||
activeWS := coderdtest.CreateWorkspace(t, anotherClient, user.OrganizationID, template.ID)
|
||||
dormantWS := coderdtest.CreateWorkspace(t, anotherClient, user.OrganizationID, template.ID)
|
||||
require.Nil(t, activeWS.DeletingAt)
|
||||
require.Nil(t, dormantWS.DeletingAt)
|
||||
|
||||
_ = coderdtest.AwaitWorkspaceBuildJobCompleted(t, client, activeWS.LatestBuild.ID)
|
||||
_ = coderdtest.AwaitWorkspaceBuildJobCompleted(t, client, dormantWS.LatestBuild.ID)
|
||||
|
||||
err := client.UpdateWorkspaceDormancy(ctx, dormantWS.ID, codersdk.UpdateWorkspaceDormancy{
|
||||
err := anotherClient.UpdateWorkspaceDormancy(ctx, dormantWS.ID, codersdk.UpdateWorkspaceDormancy{
|
||||
Dormant: true,
|
||||
})
|
||||
require.NoError(t, err)
|
||||
@ -497,6 +505,7 @@ func TestTemplates(t *testing.T) {
|
||||
require.Nil(t, dormantWS.DeletingAt)
|
||||
|
||||
dormantTTL := time.Minute
|
||||
//nolint:gocritic // non-template-admin cannot update template meta
|
||||
updated, err := client.UpdateTemplateMeta(ctx, template.ID, codersdk.UpdateTemplateMeta{
|
||||
TimeTilDormantAutoDeleteMillis: dormantTTL.Milliseconds(),
|
||||
UpdateWorkspaceDormantAt: true,
|
||||
@ -530,19 +539,20 @@ func TestTemplates(t *testing.T) {
|
||||
},
|
||||
},
|
||||
})
|
||||
anotherClient, _ := coderdtest.CreateAnotherUser(t, client, user.OrganizationID, rbac.RoleTemplateAdmin())
|
||||
version := coderdtest.CreateTemplateVersion(t, client, user.OrganizationID, nil)
|
||||
coderdtest.AwaitTemplateVersionJobCompleted(t, client, version.ID)
|
||||
template := coderdtest.CreateTemplate(t, client, user.OrganizationID, version.ID)
|
||||
|
||||
activeWorkspace := coderdtest.CreateWorkspace(t, client, user.OrganizationID, template.ID)
|
||||
dormantWorkspace := coderdtest.CreateWorkspace(t, client, user.OrganizationID, template.ID)
|
||||
activeWorkspace := coderdtest.CreateWorkspace(t, anotherClient, user.OrganizationID, template.ID)
|
||||
dormantWorkspace := coderdtest.CreateWorkspace(t, anotherClient, user.OrganizationID, template.ID)
|
||||
require.Nil(t, activeWorkspace.DeletingAt)
|
||||
require.Nil(t, dormantWorkspace.DeletingAt)
|
||||
|
||||
_ = coderdtest.AwaitWorkspaceBuildJobCompleted(t, client, activeWorkspace.LatestBuild.ID)
|
||||
_ = coderdtest.AwaitWorkspaceBuildJobCompleted(t, client, dormantWorkspace.LatestBuild.ID)
|
||||
|
||||
err := client.UpdateWorkspaceDormancy(ctx, dormantWorkspace.ID, codersdk.UpdateWorkspaceDormancy{
|
||||
err := anotherClient.UpdateWorkspaceDormancy(ctx, dormantWorkspace.ID, codersdk.UpdateWorkspaceDormancy{
|
||||
Dormant: true,
|
||||
})
|
||||
require.NoError(t, err)
|
||||
@ -553,7 +563,7 @@ func TestTemplates(t *testing.T) {
|
||||
require.Nil(t, dormantWorkspace.DeletingAt)
|
||||
|
||||
inactivityTTL := time.Minute
|
||||
updated, err := client.UpdateTemplateMeta(ctx, template.ID, codersdk.UpdateTemplateMeta{
|
||||
updated, err := anotherClient.UpdateTemplateMeta(ctx, template.ID, codersdk.UpdateTemplateMeta{
|
||||
TimeTilDormantMillis: inactivityTTL.Milliseconds(),
|
||||
UpdateWorkspaceLastUsedAt: true,
|
||||
})
|
||||
@ -586,6 +596,7 @@ func TestTemplates(t *testing.T) {
|
||||
},
|
||||
},
|
||||
})
|
||||
anotherClient, _ := coderdtest.CreateAnotherUser(t, client, user.OrganizationID, rbac.RoleTemplateAdmin())
|
||||
|
||||
version := coderdtest.CreateTemplateVersion(t, client, user.OrganizationID, nil)
|
||||
template := coderdtest.CreateTemplate(t, client, user.OrganizationID, version.ID, func(ctr *codersdk.CreateTemplateRequest) {
|
||||
@ -598,14 +609,14 @@ func TestTemplates(t *testing.T) {
|
||||
defer cancel()
|
||||
|
||||
// Update the field and assert it persists.
|
||||
updatedTemplate, err := client.UpdateTemplateMeta(ctx, template.ID, codersdk.UpdateTemplateMeta{
|
||||
updatedTemplate, err := anotherClient.UpdateTemplateMeta(ctx, template.ID, codersdk.UpdateTemplateMeta{
|
||||
RequireActiveVersion: false,
|
||||
})
|
||||
require.NoError(t, err)
|
||||
require.False(t, updatedTemplate.RequireActiveVersion)
|
||||
|
||||
// Flip it back to ensure we aren't hardcoding to a default value.
|
||||
updatedTemplate, err = client.UpdateTemplateMeta(ctx, template.ID, codersdk.UpdateTemplateMeta{
|
||||
updatedTemplate, err = anotherClient.UpdateTemplateMeta(ctx, template.ID, codersdk.UpdateTemplateMeta{
|
||||
RequireActiveVersion: true,
|
||||
})
|
||||
require.NoError(t, err)
|
||||
@ -613,7 +624,7 @@ func TestTemplates(t *testing.T) {
|
||||
|
||||
// Assert that fetching a template is no different from the response
|
||||
// when updating.
|
||||
template, err = client.Template(ctx, template.ID)
|
||||
template, err = anotherClient.Template(ctx, template.ID)
|
||||
require.NoError(t, err)
|
||||
require.Equal(t, updatedTemplate, template)
|
||||
})
|
||||
@ -629,6 +640,7 @@ func TestTemplateACL(t *testing.T) {
|
||||
codersdk.FeatureTemplateRBAC: 1,
|
||||
},
|
||||
}})
|
||||
anotherClient, _ := coderdtest.CreateAnotherUser(t, client, user.OrganizationID, rbac.RoleTemplateAdmin())
|
||||
|
||||
_, user2 := coderdtest.CreateAnotherUser(t, client, user.OrganizationID)
|
||||
_, user3 := coderdtest.CreateAnotherUser(t, client, user.OrganizationID)
|
||||
@ -637,7 +649,7 @@ func TestTemplateACL(t *testing.T) {
|
||||
|
||||
ctx := testutil.Context(t, testutil.WaitLong)
|
||||
|
||||
err := client.UpdateTemplateACL(ctx, template.ID, codersdk.UpdateTemplateACL{
|
||||
err := anotherClient.UpdateTemplateACL(ctx, template.ID, codersdk.UpdateTemplateACL{
|
||||
UserPerms: map[string]codersdk.TemplateRole{
|
||||
user2.ID.String(): codersdk.TemplateRoleUse,
|
||||
user3.ID.String(): codersdk.TemplateRoleAdmin,
|
||||
@ -645,7 +657,7 @@ func TestTemplateACL(t *testing.T) {
|
||||
})
|
||||
require.NoError(t, err)
|
||||
|
||||
acl, err := client.TemplateACL(ctx, template.ID)
|
||||
acl, err := anotherClient.TemplateACL(ctx, template.ID)
|
||||
require.NoError(t, err)
|
||||
|
||||
templateUser2 := codersdk.TemplateUser{
|
||||
@ -672,14 +684,14 @@ func TestTemplateACL(t *testing.T) {
|
||||
}})
|
||||
|
||||
// Create a user to assert they aren't returned in the response.
|
||||
_, _ = coderdtest.CreateAnotherUser(t, client, user.OrganizationID)
|
||||
anotherClient, _ := coderdtest.CreateAnotherUser(t, client, user.OrganizationID, rbac.RoleTemplateAdmin())
|
||||
version := coderdtest.CreateTemplateVersion(t, client, user.OrganizationID, nil)
|
||||
template := coderdtest.CreateTemplate(t, client, user.OrganizationID, version.ID)
|
||||
|
||||
ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitLong)
|
||||
defer cancel()
|
||||
|
||||
acl, err := client.TemplateACL(ctx, template.ID)
|
||||
acl, err := anotherClient.TemplateACL(ctx, template.ID)
|
||||
require.NoError(t, err)
|
||||
|
||||
require.Len(t, acl.Groups, 1)
|
||||
@ -702,6 +714,7 @@ func TestTemplateACL(t *testing.T) {
|
||||
ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitLong)
|
||||
defer cancel()
|
||||
|
||||
//nolint:gocritic // non-template-admin cannot update template acl
|
||||
acl, err := client.TemplateACL(ctx, template.ID)
|
||||
require.NoError(t, err)
|
||||
|
||||
@ -721,6 +734,7 @@ func TestTemplateACL(t *testing.T) {
|
||||
})
|
||||
require.NoError(t, err)
|
||||
|
||||
//nolint:gocritic // non-template-admin cannot update template acl
|
||||
acl, err = client.TemplateACL(ctx, template.ID)
|
||||
require.NoError(t, err)
|
||||
|
||||
@ -744,6 +758,7 @@ func TestTemplateACL(t *testing.T) {
|
||||
codersdk.FeatureTemplateRBAC: 1,
|
||||
},
|
||||
}})
|
||||
anotherClient, _ := coderdtest.CreateAnotherUser(t, client, user.OrganizationID, rbac.RoleTemplateAdmin(), rbac.RoleUserAdmin())
|
||||
|
||||
_, user1 := coderdtest.CreateAnotherUser(t, client, user.OrganizationID)
|
||||
version := coderdtest.CreateTemplateVersion(t, client, user.OrganizationID, nil)
|
||||
@ -751,24 +766,24 @@ func TestTemplateACL(t *testing.T) {
|
||||
|
||||
ctx := testutil.Context(t, testutil.WaitLong)
|
||||
|
||||
err := client.UpdateTemplateACL(ctx, template.ID, codersdk.UpdateTemplateACL{
|
||||
err := anotherClient.UpdateTemplateACL(ctx, template.ID, codersdk.UpdateTemplateACL{
|
||||
UserPerms: map[string]codersdk.TemplateRole{
|
||||
user1.ID.String(): codersdk.TemplateRoleUse,
|
||||
},
|
||||
})
|
||||
require.NoError(t, err)
|
||||
|
||||
acl, err := client.TemplateACL(ctx, template.ID)
|
||||
acl, err := anotherClient.TemplateACL(ctx, template.ID)
|
||||
require.NoError(t, err)
|
||||
require.Contains(t, acl.Users, codersdk.TemplateUser{
|
||||
User: user1,
|
||||
Role: codersdk.TemplateRoleUse,
|
||||
})
|
||||
|
||||
err = client.DeleteUser(ctx, user1.ID)
|
||||
err = anotherClient.DeleteUser(ctx, user1.ID)
|
||||
require.NoError(t, err)
|
||||
|
||||
acl, err = client.TemplateACL(ctx, template.ID)
|
||||
acl, err = anotherClient.TemplateACL(ctx, template.ID)
|
||||
require.NoError(t, err)
|
||||
require.Len(t, acl.Users, 0, "deleted users should be filtered")
|
||||
})
|
||||
@ -782,6 +797,7 @@ func TestTemplateACL(t *testing.T) {
|
||||
codersdk.FeatureTemplateRBAC: 1,
|
||||
},
|
||||
}})
|
||||
anotherClient, _ := coderdtest.CreateAnotherUser(t, client, user.OrganizationID, rbac.RoleTemplateAdmin(), rbac.RoleUserAdmin())
|
||||
|
||||
_, user1 := coderdtest.CreateAnotherUser(t, client, user.OrganizationID)
|
||||
version := coderdtest.CreateTemplateVersion(t, client, user.OrganizationID, nil)
|
||||
@ -789,24 +805,24 @@ func TestTemplateACL(t *testing.T) {
|
||||
|
||||
ctx := testutil.Context(t, testutil.WaitLong)
|
||||
|
||||
err := client.UpdateTemplateACL(ctx, template.ID, codersdk.UpdateTemplateACL{
|
||||
err := anotherClient.UpdateTemplateACL(ctx, template.ID, codersdk.UpdateTemplateACL{
|
||||
UserPerms: map[string]codersdk.TemplateRole{
|
||||
user1.ID.String(): codersdk.TemplateRoleUse,
|
||||
},
|
||||
})
|
||||
require.NoError(t, err)
|
||||
|
||||
acl, err := client.TemplateACL(ctx, template.ID)
|
||||
acl, err := anotherClient.TemplateACL(ctx, template.ID)
|
||||
require.NoError(t, err)
|
||||
require.Contains(t, acl.Users, codersdk.TemplateUser{
|
||||
User: user1,
|
||||
Role: codersdk.TemplateRoleUse,
|
||||
})
|
||||
|
||||
_, err = client.UpdateUserStatus(ctx, user1.ID.String(), codersdk.UserStatusSuspended)
|
||||
_, err = anotherClient.UpdateUserStatus(ctx, user1.ID.String(), codersdk.UserStatusSuspended)
|
||||
require.NoError(t, err)
|
||||
|
||||
acl, err = client.TemplateACL(ctx, template.ID)
|
||||
acl, err = anotherClient.TemplateACL(ctx, template.ID)
|
||||
require.NoError(t, err)
|
||||
require.Len(t, acl.Users, 0, "suspended users should be filtered")
|
||||
})
|
||||
@ -820,25 +836,26 @@ func TestTemplateACL(t *testing.T) {
|
||||
codersdk.FeatureTemplateRBAC: 1,
|
||||
},
|
||||
}})
|
||||
anotherClient, _ := coderdtest.CreateAnotherUser(t, client, user.OrganizationID, rbac.RoleTemplateAdmin(), rbac.RoleUserAdmin())
|
||||
|
||||
version := coderdtest.CreateTemplateVersion(t, client, user.OrganizationID, nil)
|
||||
template := coderdtest.CreateTemplate(t, client, user.OrganizationID, version.ID)
|
||||
|
||||
ctx := testutil.Context(t, testutil.WaitLong)
|
||||
|
||||
group, err := client.CreateGroup(ctx, user.OrganizationID, codersdk.CreateGroupRequest{
|
||||
group, err := anotherClient.CreateGroup(ctx, user.OrganizationID, codersdk.CreateGroupRequest{
|
||||
Name: "test",
|
||||
})
|
||||
require.NoError(t, err)
|
||||
|
||||
err = client.UpdateTemplateACL(ctx, template.ID, codersdk.UpdateTemplateACL{
|
||||
err = anotherClient.UpdateTemplateACL(ctx, template.ID, codersdk.UpdateTemplateACL{
|
||||
GroupPerms: map[string]codersdk.TemplateRole{
|
||||
group.ID.String(): codersdk.TemplateRoleUse,
|
||||
},
|
||||
})
|
||||
require.NoError(t, err)
|
||||
|
||||
acl, err := client.TemplateACL(ctx, template.ID)
|
||||
acl, err := anotherClient.TemplateACL(ctx, template.ID)
|
||||
require.NoError(t, err)
|
||||
// Length should be 2 for test group and the implicit allUsers group.
|
||||
require.Len(t, acl.Groups, 2)
|
||||
@ -848,10 +865,10 @@ func TestTemplateACL(t *testing.T) {
|
||||
Role: codersdk.TemplateRoleUse,
|
||||
})
|
||||
|
||||
err = client.DeleteGroup(ctx, group.ID)
|
||||
err = anotherClient.DeleteGroup(ctx, group.ID)
|
||||
require.NoError(t, err)
|
||||
|
||||
acl, err = client.TemplateACL(ctx, template.ID)
|
||||
acl, err = anotherClient.TemplateACL(ctx, template.ID)
|
||||
require.NoError(t, err)
|
||||
// Length should be 1 for the allUsers group.
|
||||
require.Len(t, acl.Groups, 1)
|
||||
@ -875,6 +892,7 @@ func TestTemplateACL(t *testing.T) {
|
||||
|
||||
ctx := testutil.Context(t, testutil.WaitLong)
|
||||
|
||||
//nolint:gocritic // test setup
|
||||
err := client.UpdateTemplateACL(ctx, template.ID, codersdk.UpdateTemplateACL{
|
||||
UserPerms: map[string]codersdk.TemplateRole{
|
||||
user1.ID.String(): codersdk.TemplateRoleUse,
|
||||
@ -896,6 +914,7 @@ func TestTemplateACL(t *testing.T) {
|
||||
})
|
||||
require.Error(t, err)
|
||||
|
||||
//nolint:gocritic // test setup
|
||||
err = client.UpdateTemplateACL(ctx, template.ID, codersdk.UpdateTemplateACL{
|
||||
UserPerms: map[string]codersdk.TemplateRole{
|
||||
user1.ID.String(): codersdk.TemplateRoleAdmin,
|
||||
@ -924,6 +943,7 @@ func TestUpdateTemplateACL(t *testing.T) {
|
||||
codersdk.FeatureTemplateRBAC: 1,
|
||||
},
|
||||
}})
|
||||
anotherClient, _ := coderdtest.CreateAnotherUser(t, client, user.OrganizationID, rbac.RoleTemplateAdmin())
|
||||
|
||||
_, user2 := coderdtest.CreateAnotherUser(t, client, user.OrganizationID)
|
||||
_, user3 := coderdtest.CreateAnotherUser(t, client, user.OrganizationID)
|
||||
@ -933,7 +953,7 @@ func TestUpdateTemplateACL(t *testing.T) {
|
||||
ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitLong)
|
||||
defer cancel()
|
||||
|
||||
err := client.UpdateTemplateACL(ctx, template.ID, codersdk.UpdateTemplateACL{
|
||||
err := anotherClient.UpdateTemplateACL(ctx, template.ID, codersdk.UpdateTemplateACL{
|
||||
UserPerms: map[string]codersdk.TemplateRole{
|
||||
user2.ID.String(): codersdk.TemplateRoleUse,
|
||||
user3.ID.String(): codersdk.TemplateRoleAdmin,
|
||||
@ -941,7 +961,7 @@ func TestUpdateTemplateACL(t *testing.T) {
|
||||
})
|
||||
require.NoError(t, err)
|
||||
|
||||
acl, err := client.TemplateACL(ctx, template.ID)
|
||||
acl, err := anotherClient.TemplateACL(ctx, template.ID)
|
||||
require.NoError(t, err)
|
||||
|
||||
templateUser2 := codersdk.TemplateUser{
|
||||
@ -976,6 +996,7 @@ func TestUpdateTemplateACL(t *testing.T) {
|
||||
},
|
||||
},
|
||||
})
|
||||
anotherClient, _ := coderdtest.CreateAnotherUser(t, client, user.OrganizationID, rbac.RoleTemplateAdmin())
|
||||
|
||||
version := coderdtest.CreateTemplateVersion(t, client, user.OrganizationID, nil)
|
||||
template := coderdtest.CreateTemplate(t, client, user.OrganizationID, version.ID)
|
||||
@ -989,13 +1010,15 @@ func TestUpdateTemplateACL(t *testing.T) {
|
||||
user.OrganizationID.String(): codersdk.TemplateRoleDeleted,
|
||||
},
|
||||
}
|
||||
err := client.UpdateTemplateACL(ctx, template.ID, req)
|
||||
err := anotherClient.UpdateTemplateACL(ctx, template.ID, req)
|
||||
require.NoError(t, err)
|
||||
numLogs++
|
||||
|
||||
require.Len(t, auditor.AuditLogs(), numLogs)
|
||||
require.Equal(t, database.AuditActionWrite, auditor.AuditLogs()[numLogs-1].Action)
|
||||
require.Equal(t, template.ID, auditor.AuditLogs()[numLogs-1].ResourceID)
|
||||
require.True(t, auditor.Contains(t, database.AuditLog{
|
||||
Action: database.AuditActionWrite,
|
||||
ResourceID: template.ID,
|
||||
}))
|
||||
})
|
||||
|
||||
t.Run("DeleteUser", func(t *testing.T) {
|
||||
@ -1006,6 +1029,7 @@ func TestUpdateTemplateACL(t *testing.T) {
|
||||
codersdk.FeatureTemplateRBAC: 1,
|
||||
},
|
||||
}})
|
||||
anotherClient, _ := coderdtest.CreateAnotherUser(t, client, user.OrganizationID, rbac.RoleTemplateAdmin())
|
||||
|
||||
_, user2 := coderdtest.CreateAnotherUser(t, client, user.OrganizationID)
|
||||
_, user3 := coderdtest.CreateAnotherUser(t, client, user.OrganizationID)
|
||||
@ -1021,10 +1045,10 @@ func TestUpdateTemplateACL(t *testing.T) {
|
||||
ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitLong)
|
||||
defer cancel()
|
||||
|
||||
err := client.UpdateTemplateACL(ctx, template.ID, req)
|
||||
err := anotherClient.UpdateTemplateACL(ctx, template.ID, req)
|
||||
require.NoError(t, err)
|
||||
|
||||
acl, err := client.TemplateACL(ctx, template.ID)
|
||||
acl, err := anotherClient.TemplateACL(ctx, template.ID)
|
||||
require.NoError(t, err)
|
||||
require.Contains(t, acl.Users, codersdk.TemplateUser{
|
||||
User: user2,
|
||||
@ -1042,10 +1066,10 @@ func TestUpdateTemplateACL(t *testing.T) {
|
||||
},
|
||||
}
|
||||
|
||||
err = client.UpdateTemplateACL(ctx, template.ID, req)
|
||||
err = anotherClient.UpdateTemplateACL(ctx, template.ID, req)
|
||||
require.NoError(t, err)
|
||||
|
||||
acl, err = client.TemplateACL(ctx, template.ID)
|
||||
acl, err = anotherClient.TemplateACL(ctx, template.ID)
|
||||
require.NoError(t, err)
|
||||
|
||||
require.Contains(t, acl.Users, codersdk.TemplateUser{
|
||||
@ -1078,6 +1102,7 @@ func TestUpdateTemplateACL(t *testing.T) {
|
||||
|
||||
ctx := testutil.Context(t, testutil.WaitLong)
|
||||
|
||||
//nolint:gocritic // we're testing invalid UUID so testing RBAC is not relevant here.
|
||||
err := client.UpdateTemplateACL(ctx, template.ID, req)
|
||||
require.Error(t, err)
|
||||
cerr, _ := codersdk.AsError(err)
|
||||
@ -1103,6 +1128,7 @@ func TestUpdateTemplateACL(t *testing.T) {
|
||||
|
||||
ctx := testutil.Context(t, testutil.WaitLong)
|
||||
|
||||
//nolint:gocritic // we're testing invalid user so testing RBAC is not relevant here.
|
||||
err := client.UpdateTemplateACL(ctx, template.ID, req)
|
||||
require.Error(t, err)
|
||||
cerr, _ := codersdk.AsError(err)
|
||||
@ -1129,6 +1155,7 @@ func TestUpdateTemplateACL(t *testing.T) {
|
||||
|
||||
ctx := testutil.Context(t, testutil.WaitLong)
|
||||
|
||||
//nolint:gocritic // we're testing invalid role so testing RBAC is not relevant here.
|
||||
err := client.UpdateTemplateACL(ctx, template.ID, req)
|
||||
require.Error(t, err)
|
||||
cerr, _ := codersdk.AsError(err)
|
||||
@ -1144,6 +1171,8 @@ func TestUpdateTemplateACL(t *testing.T) {
|
||||
},
|
||||
}})
|
||||
|
||||
client1, _ := coderdtest.CreateAnotherUser(t, client, user.OrganizationID, rbac.RoleTemplateAdmin())
|
||||
|
||||
client2, user2 := coderdtest.CreateAnotherUser(t, client, user.OrganizationID)
|
||||
version := coderdtest.CreateTemplateVersion(t, client, user.OrganizationID, nil)
|
||||
template := coderdtest.CreateTemplate(t, client, user.OrganizationID, version.ID)
|
||||
@ -1155,7 +1184,7 @@ func TestUpdateTemplateACL(t *testing.T) {
|
||||
|
||||
ctx := testutil.Context(t, testutil.WaitLong)
|
||||
|
||||
err := client.UpdateTemplateACL(ctx, template.ID, req)
|
||||
err := client1.UpdateTemplateACL(ctx, template.ID, req)
|
||||
require.NoError(t, err)
|
||||
|
||||
req = codersdk.UpdateTemplateACL{
|
||||
@ -1178,6 +1207,7 @@ func TestUpdateTemplateACL(t *testing.T) {
|
||||
codersdk.FeatureTemplateRBAC: 1,
|
||||
},
|
||||
}})
|
||||
client1, _ := coderdtest.CreateAnotherUser(t, client, user.OrganizationID, rbac.RoleTemplateAdmin())
|
||||
|
||||
client2, user2 := coderdtest.CreateAnotherUser(t, client, user.OrganizationID)
|
||||
_, user3 := coderdtest.CreateAnotherUser(t, client, user.OrganizationID)
|
||||
@ -1191,7 +1221,7 @@ func TestUpdateTemplateACL(t *testing.T) {
|
||||
|
||||
ctx := testutil.Context(t, testutil.WaitLong)
|
||||
|
||||
err := client.UpdateTemplateACL(ctx, template.ID, req)
|
||||
err := client1.UpdateTemplateACL(ctx, template.ID, req)
|
||||
require.NoError(t, err)
|
||||
|
||||
// Should be able to see user 3
|
||||
@ -1234,6 +1264,7 @@ func TestUpdateTemplateACL(t *testing.T) {
|
||||
codersdk.FeatureTemplateRBAC: 1,
|
||||
},
|
||||
}})
|
||||
anotherClient, _ := coderdtest.CreateAnotherUser(t, client, user.OrganizationID, rbac.RoleTemplateAdmin())
|
||||
|
||||
version := coderdtest.CreateTemplateVersion(t, client, user.OrganizationID, nil)
|
||||
template := coderdtest.CreateTemplate(t, client, user.OrganizationID, version.ID)
|
||||
@ -1241,7 +1272,7 @@ func TestUpdateTemplateACL(t *testing.T) {
|
||||
ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitLong)
|
||||
defer cancel()
|
||||
|
||||
acl, err := client.TemplateACL(ctx, template.ID)
|
||||
acl, err := anotherClient.TemplateACL(ctx, template.ID)
|
||||
require.NoError(t, err)
|
||||
|
||||
require.Len(t, acl.Groups, 1)
|
||||
@ -1256,6 +1287,7 @@ func TestUpdateTemplateACL(t *testing.T) {
|
||||
codersdk.FeatureTemplateRBAC: 1,
|
||||
},
|
||||
}})
|
||||
anotherClient, _ := coderdtest.CreateAnotherUser(t, client, user.OrganizationID, rbac.RoleTemplateAdmin(), rbac.RoleUserAdmin())
|
||||
|
||||
client1, user1 := coderdtest.CreateAnotherUser(t, client, user.OrganizationID)
|
||||
version := coderdtest.CreateTemplateVersion(t, client, user.OrganizationID, nil)
|
||||
@ -1264,18 +1296,18 @@ func TestUpdateTemplateACL(t *testing.T) {
|
||||
ctx := testutil.Context(t, testutil.WaitLong)
|
||||
|
||||
// Create a group to add to the template.
|
||||
group, err := client.CreateGroup(ctx, user.OrganizationID, codersdk.CreateGroupRequest{
|
||||
group, err := anotherClient.CreateGroup(ctx, user.OrganizationID, codersdk.CreateGroupRequest{
|
||||
Name: "test",
|
||||
})
|
||||
require.NoError(t, err)
|
||||
|
||||
// Check that the only current group is the allUsers group.
|
||||
acl, err := client.TemplateACL(ctx, template.ID)
|
||||
acl, err := anotherClient.TemplateACL(ctx, template.ID)
|
||||
require.NoError(t, err)
|
||||
require.Len(t, acl.Groups, 1)
|
||||
|
||||
// Update the template to only allow access to the 'test' group.
|
||||
err = client.UpdateTemplateACL(ctx, template.ID, codersdk.UpdateTemplateACL{
|
||||
err = anotherClient.UpdateTemplateACL(ctx, template.ID, codersdk.UpdateTemplateACL{
|
||||
GroupPerms: map[string]codersdk.TemplateRole{
|
||||
// The allUsers group shares the same ID as the organization.
|
||||
user.OrganizationID.String(): codersdk.TemplateRoleDeleted,
|
||||
@ -1286,7 +1318,7 @@ func TestUpdateTemplateACL(t *testing.T) {
|
||||
|
||||
// Get the ACL list for the template and assert the test group is
|
||||
// present.
|
||||
acl, err = client.TemplateACL(ctx, template.ID)
|
||||
acl, err = anotherClient.TemplateACL(ctx, template.ID)
|
||||
require.NoError(t, err)
|
||||
|
||||
require.Len(t, acl.Groups, 1)
|
||||
@ -1302,7 +1334,7 @@ func TestUpdateTemplateACL(t *testing.T) {
|
||||
require.Equal(t, http.StatusNotFound, cerr.StatusCode())
|
||||
|
||||
// Patch the group to add the regular user.
|
||||
group, err = client.PatchGroup(ctx, group.ID, codersdk.PatchGroupRequest{
|
||||
group, err = anotherClient.PatchGroup(ctx, group.ID, codersdk.PatchGroupRequest{
|
||||
AddUsers: []string{user1.ID.String()},
|
||||
})
|
||||
require.NoError(t, err)
|
||||
@ -1321,6 +1353,7 @@ func TestUpdateTemplateACL(t *testing.T) {
|
||||
codersdk.FeatureTemplateRBAC: 1,
|
||||
},
|
||||
}})
|
||||
anotherClient, _ := coderdtest.CreateAnotherUser(t, client, user.OrganizationID, rbac.RoleTemplateAdmin())
|
||||
|
||||
client1, _ := coderdtest.CreateAnotherUser(t, client, user.OrganizationID)
|
||||
version := coderdtest.CreateTemplateVersion(t, client, user.OrganizationID, nil)
|
||||
@ -1329,7 +1362,7 @@ func TestUpdateTemplateACL(t *testing.T) {
|
||||
ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitLong)
|
||||
defer cancel()
|
||||
|
||||
acl, err := client.TemplateACL(ctx, template.ID)
|
||||
acl, err := anotherClient.TemplateACL(ctx, template.ID)
|
||||
require.NoError(t, err)
|
||||
|
||||
require.Len(t, acl.Groups, 1)
|
||||
@ -1341,14 +1374,14 @@ func TestUpdateTemplateACL(t *testing.T) {
|
||||
|
||||
allUsers := acl.Groups[0]
|
||||
|
||||
err = client.UpdateTemplateACL(ctx, template.ID, codersdk.UpdateTemplateACL{
|
||||
err = anotherClient.UpdateTemplateACL(ctx, template.ID, codersdk.UpdateTemplateACL{
|
||||
GroupPerms: map[string]codersdk.TemplateRole{
|
||||
allUsers.ID.String(): codersdk.TemplateRoleDeleted,
|
||||
},
|
||||
})
|
||||
require.NoError(t, err)
|
||||
|
||||
acl, err = client.TemplateACL(ctx, template.ID)
|
||||
acl, err = anotherClient.TemplateACL(ctx, template.ID)
|
||||
require.NoError(t, err)
|
||||
|
||||
require.Len(t, acl.Groups, 0)
|
||||
@ -1377,6 +1410,7 @@ func TestReadFileWithTemplateUpdate(t *testing.T) {
|
||||
|
||||
ctx := testutil.Context(t, testutil.WaitLong)
|
||||
|
||||
//nolint:gocritic // regular user cannot create file
|
||||
resp, err := client.Upload(ctx, codersdk.ContentTypeTar, bytes.NewReader(make([]byte, 1024)))
|
||||
require.NoError(t, err)
|
||||
|
||||
@ -1397,6 +1431,7 @@ func TestReadFileWithTemplateUpdate(t *testing.T) {
|
||||
_, _, err = member.Download(ctx, resp.ID)
|
||||
require.Error(t, err, "not in acl yet")
|
||||
|
||||
//nolint:gocritic // regular user cannot update template acl
|
||||
err = client.UpdateTemplateACL(ctx, template.ID, codersdk.UpdateTemplateACL{
|
||||
UserPerms: map[string]codersdk.TemplateRole{
|
||||
memberData.ID.String(): codersdk.TemplateRoleAdmin,
|
||||
|
||||
Reference in New Issue
Block a user