synced/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2025-07-03 16:13:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: Rbac more coderd endpoints, unit test to confirm (#1437)

Browse Source 
* feat: Enforce authorize call on all endpoints
- Make 'request()' exported for running custom requests
* Rbac users endpoints
* 401 -> 403
This commit is contained in:
Steven Masley
2022-05-17 13:43:19 -05:00
committed by GitHub
parent 495c87b6c3
commit 4ad5ac2d4a
40 changed files with 631 additions and 319 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
coderd/httpmw/oauth2.go
View File

@ -4,6 +4,7 @@ import (
"context"
"fmt"
"net/http"
"reflect"
"golang.org/x/oauth2"
@ -46,7 +47,8 @@ func OAuth2(r *http.Request) OAuth2State {
func ExtractOAuth2(config OAuth2Config) func(http.Handler) http.Handler {
return func(next http.Handler) http.Handler {
return http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
if config == nil {
// Interfaces can hold a nil value
if config == nil || reflect.ValueOf(config).IsNil() {
httpapi.Write(rw, http.StatusPreconditionRequired, httpapi.Response{
Message: "The oauth2 method requested is not configured!",
})