synced/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2025-07-03 16:13:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore: Rbac errors should be returned, and not hidden behind 404 (#7122)

Browse Source 
* chore: Rbac errors should be returned, and not hidden behind 404

SqlErrNoRows was hiding actual errors
* Replace sql.ErrNoRow checks
* Remove sql err no rows check from dbauthz test
* Fix to use dbauthz system user
This commit is contained in:
Steven Masley
2023-04-13 13:06:16 -05:00
committed by GitHub
parent fa64c58e56
commit 38e5b9679b
23 changed files with 50 additions and 72 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
coderd/workspaceresourceauth.go
View File

@ -1,9 +1,7 @@
package coderd
import (
"database/sql"
"encoding/json"
"errors"
"fmt"
"net/http"
@ -131,7 +129,7 @@ func (api *API) handleAuthInstanceID(rw http.ResponseWriter, r *http.Request, in
ctx := r.Context()
//nolint:gocritic // needed for auth instance id
agent, err := api.Database.GetWorkspaceAgentByInstanceID(dbauthz.AsSystemRestricted(ctx), instanceID)
if errors.Is(err, sql.ErrNoRows) {
if httpapi.Is404Error(err) {
httpapi.Write(ctx, rw, http.StatusNotFound, codersdk.Response{
Message: fmt.Sprintf("Instance with id %q not found.", instanceID),
})