synced/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2025-07-03 16:13:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore: create type for unique role names (#13506)

Browse Source 
* chore: create type for unique role names

Using `string` was confusing when something should be combined with
org context, and when not to. Naming this new name, "RoleIdentifier"
This commit is contained in:
Steven Masley
2024-06-11 08:55:28 -05:00
committed by GitHub
parent c9cca9d56e
commit 5ccf5084e8
50 changed files with 553 additions and 458 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
coderd/httpmw/authorize_test.go
View File

@ -27,27 +27,26 @@ func TestExtractUserRoles(t *testing.T) {
t.Parallel()
testCases := []struct {
Name string
AddUser func(db database.Store) (database.User, []string, string)
AddUser func(db database.Store) (database.User, []rbac.RoleIdentifier, string)
}{
{
Name: "Member",
AddUser: func(db database.Store) (database.User, []string, string) {
roles := []string{}
user, token := addUser(t, db, roles...)
return user, append(roles, rbac.RoleMember()), token
AddUser: func(db database.Store) (database.User, []rbac.RoleIdentifier, string) {
user, token := addUser(t, db)
return user, []rbac.RoleIdentifier{rbac.RoleMember()}, token
},
},
{
Name: "Admin",
AddUser: func(db database.Store) (database.User, []string, string) {
roles := []string{rbac.RoleOwner()}
Name: "Owner",
AddUser: func(db database.Store) (database.User, []rbac.RoleIdentifier, string) {
roles := []string{codersdk.RoleOwner}
user, token := addUser(t, db, roles...)
return user, append(roles, rbac.RoleMember()), token
return user, []rbac.RoleIdentifier{rbac.RoleOwner(), rbac.RoleMember()}, token
},
},
{
Name: "OrgMember",
AddUser: func(db database.Store) (database.User, []string, string) {
AddUser: func(db database.Store) (database.User, []rbac.RoleIdentifier, string) {
roles := []string{}
user, token := addUser(t, db, roles...)
org, err := db.InsertOrganization(context.Background(), database.InsertOrganizationParams{
@ -68,15 +67,15 @@ func TestExtractUserRoles(t *testing.T) {
Roles: orgRoles,
})
require.NoError(t, err)
return user, append(roles, append(orgRoles, rbac.RoleMember(), rbac.ScopedRoleOrgMember(org.ID))...), token
return user, []rbac.RoleIdentifier{rbac.RoleMember(), rbac.ScopedRoleOrgMember(org.ID)}, token
},
},
{
Name: "MultipleOrgMember",
AddUser: func(db database.Store) (database.User, []string, string) {
roles := []string{}
user, token := addUser(t, db, roles...)
roles = append(roles, rbac.RoleMember())
AddUser: func(db database.Store) (database.User, []rbac.RoleIdentifier, string) {
expected := []rbac.RoleIdentifier{}
user, token := addUser(t, db)
expected = append(expected, rbac.RoleMember())
for i := 0; i < 3; i++ {
organization, err := db.InsertOrganization(context.Background(), database.InsertOrganizationParams{
ID: uuid.New(),
@ -89,8 +88,8 @@ func TestExtractUserRoles(t *testing.T) {
orgRoles := []string{}
if i%2 == 0 {
orgRoles = append(orgRoles, rbac.RoleOrgAdmin())
roles = append(roles, rbac.ScopedRoleOrgAdmin(organization.ID))
orgRoles = append(orgRoles, codersdk.RoleOrganizationAdmin)
expected = append(expected, rbac.ScopedRoleOrgAdmin(organization.ID))
}
_, err = db.InsertOrganizationMember(context.Background(), database.InsertOrganizationMemberParams{
OrganizationID: organization.ID,
@ -100,9 +99,9 @@ func TestExtractUserRoles(t *testing.T) {
Roles: orgRoles,
})
require.NoError(t, err)
roles = append(roles, rbac.ScopedRoleOrgMember(organization.ID))
expected = append(expected, rbac.ScopedRoleOrgMember(organization.ID))
}
return user, roles, token
return user, expected, token
},
},
}
@ -147,6 +146,9 @@ func addUser(t *testing.T, db database.Store, roles ...string) (database.User, s
id, secret = randomAPIKeyParts()
hashed = sha256.Sum256([]byte(secret))
)
if roles == nil {
roles = []string{}
}
user, err := db.InsertUser(context.Background(), database.InsertUserParams{
ID: uuid.New(),