chore: join owner, template, and org in new workspace view (#15116)

Joins in fields like `username`, `avatar_url`, `organization_name`, `template_name` to `workspaces` via a **view**. The view must be maintained moving forward, but this prevents needing to add RBAC permissions to fetch related workspace fields.
2025-07-03 16:13:58 +00:00 · 2024-10-22 09:20:54 -05:00
parent 5076161078
commit 343f8ec9ab
81 changed files with 1063 additions and 735 deletions
--- a/coderd/database/modelmethods.go
+++ b/coderd/database/modelmethods.go
@ -192,12 +192,36 @@ func (gm GroupMember) RBACObject() rbac.Object {
 	return rbac.ResourceGroupMember.WithID(gm.UserID).InOrg(gm.OrganizationID).WithOwner(gm.UserID.String())
 }

-func (w GetWorkspaceByAgentIDRow) RBACObject() rbac.Object {
-	return w.Workspace.RBACObject()
+// WorkspaceTable converts a Workspace to it's reduced version.
+// A more generalized solution is to use json marshaling to
+// consistently keep these two structs in sync.
+// That would be a lot of overhead, and a more costly unit test is
+// written to make sure these match up.
+func (w Workspace) WorkspaceTable() WorkspaceTable {
+	return WorkspaceTable{
+		ID:                w.ID,
+		CreatedAt:         w.CreatedAt,
+		UpdatedAt:         w.UpdatedAt,
+		OwnerID:           w.OwnerID,
+		OrganizationID:    w.OrganizationID,
+		TemplateID:        w.TemplateID,
+		Deleted:           w.Deleted,
+		Name:              w.Name,
+		AutostartSchedule: w.AutostartSchedule,
+		Ttl:               w.Ttl,
+		LastUsedAt:        w.LastUsedAt,
+		DormantAt:         w.DormantAt,
+		DeletingAt:        w.DeletingAt,
+		AutomaticUpdates:  w.AutomaticUpdates,
+		Favorite:          w.Favorite,
+	}
 }

 func (w Workspace) RBACObject() rbac.Object {
-	// If a workspace is locked it cannot be accessed.
+	return w.WorkspaceTable().RBACObject()
+}
+
+func (w WorkspaceTable) RBACObject() rbac.Object {
 	if w.DormantAt.Valid {
 		return w.DormantRBAC()
 	}
@ -207,7 +231,7 @@ func (w Workspace) RBACObject() rbac.Object {
 		WithOwner(w.OwnerID.String())
 }

-func (w Workspace) DormantRBAC() rbac.Object {
+func (w WorkspaceTable) DormantRBAC() rbac.Object {
 	return rbac.ResourceWorkspaceDormant.
 		WithID(w.ID).
 		InOrg(w.OrganizationID).
@ -389,21 +413,31 @@ func ConvertWorkspaceRows(rows []GetWorkspacesRow) []Workspace {
 	workspaces := make([]Workspace, len(rows))
 	for i, r := range rows {
 		workspaces[i] = Workspace{
-			ID:                r.ID,
-			CreatedAt:         r.CreatedAt,
-			UpdatedAt:         r.UpdatedAt,
-			OwnerID:           r.OwnerID,
-			OrganizationID:    r.OrganizationID,
-			TemplateID:        r.TemplateID,
-			Deleted:           r.Deleted,
-			Name:              r.Name,
-			AutostartSchedule: r.AutostartSchedule,
-			Ttl:               r.Ttl,
-			LastUsedAt:        r.LastUsedAt,
-			DormantAt:         r.DormantAt,
-			DeletingAt:        r.DeletingAt,
-			AutomaticUpdates:  r.AutomaticUpdates,
-			Favorite:          r.Favorite,
+			ID:                      r.ID,
+			CreatedAt:               r.CreatedAt,
+			UpdatedAt:               r.UpdatedAt,
+			OwnerID:                 r.OwnerID,
+			OrganizationID:          r.OrganizationID,
+			TemplateID:              r.TemplateID,
+			Deleted:                 r.Deleted,
+			Name:                    r.Name,
+			AutostartSchedule:       r.AutostartSchedule,
+			Ttl:                     r.Ttl,
+			LastUsedAt:              r.LastUsedAt,
+			DormantAt:               r.DormantAt,
+			DeletingAt:              r.DeletingAt,
+			AutomaticUpdates:        r.AutomaticUpdates,
+			Favorite:                r.Favorite,
+			OwnerAvatarUrl:          r.OwnerAvatarUrl,
+			OwnerUsername:           r.OwnerUsername,
+			OrganizationName:        r.OrganizationName,
+			OrganizationDisplayName: r.OrganizationDisplayName,
+			OrganizationIcon:        r.OrganizationIcon,
+			OrganizationDescription: r.OrganizationDescription,
+			TemplateName:            r.TemplateName,
+			TemplateDisplayName:     r.TemplateDisplayName,
+			TemplateIcon:            r.TemplateIcon,
+			TemplateDescription:     r.TemplateDescription,
 		}
 	}