synced/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2025-07-03 16:13:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: Rbac more coderd endpoints, unit test to confirm (#1437)

Browse Source 
* feat: Enforce authorize call on all endpoints
- Make 'request()' exported for running custom requests
* Rbac users endpoints
* 401 -> 403
This commit is contained in:
Steven Masley
2022-05-17 13:43:19 -05:00
committed by GitHub
parent 495c87b6c3
commit 4ad5ac2d4a
40 changed files with 631 additions and 319 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
coderd/coderdtest/coderdtest.go
View File

@ -56,6 +56,7 @@ import (
type Options struct {
AWSCertificates awsidentity.Certificates
Authorizer rbac.Authorizer
AzureCertificates x509.VerifyOptions
GithubOAuth2Config *coderd.GithubOAuth2Config
GoogleTokenValidator *idtoken.Validator
@ -66,7 +67,7 @@ type Options struct {
// New constructs an in-memory coderd instance and returns
// the connected client.
func New(t *testing.T, options *Options) *codersdk.Client {
func NewMemoryCoderd(t *testing.T, options *Options) (*httptest.Server, *codersdk.Client) {
if options == nil {
options = &Options{}
}
@ -147,6 +148,7 @@ func New(t *testing.T, options *Options) *codersdk.Client {
SSHKeygenAlgorithm: options.SSHKeygenAlgorithm,
TURNServer: turnServer,
APIRateLimit: options.APIRateLimit,
Authorizer: options.Authorizer,
})
t.Cleanup(func() {
cancelFunc()
@ -155,7 +157,14 @@ func New(t *testing.T, options *Options) *codersdk.Client {
closeWait()
})
return codersdk.New(serverURL)
return srv, codersdk.New(serverURL)
}
// New constructs an in-memory coderd instance and returns
// the connected client.
func New(t *testing.T, options *Options) *codersdk.Client {
_, cli := NewMemoryCoderd(t, options)
return cli
}
// NewProvisionerDaemon launches a provisionerd instance configured to work
@ -252,9 +261,8 @@ func CreateAnotherUser(t *testing.T, client *codersdk.Client, organizationID uui
for _, r := range user.Roles {
siteRoles = append(siteRoles, r.Name)
}
// TODO: @emyrk switch "other" to "client" when we support updating other
// users.
_, err := other.UpdateUserRoles(context.Background(), user.ID.String(), codersdk.UpdateRoles{Roles: siteRoles})
_, err := client.UpdateUserRoles(context.Background(), user.ID.String(), codersdk.UpdateRoles{Roles: siteRoles})
require.NoError(t, err, "update site roles")
// Update org roles