feat: Add initial AuthzQuerier implementation (#5919)

feat: Add initial AuthzQuerier implementation - Adds package database/dbauthz that adds a database.Store implementation where each method goes through AuthZ checks - Implements all database.Store methods on AuthzQuerier - Updates and fixes unit tests where required - Updates coderd initialization to use AuthzQuerier if codersdk.ExperimentAuthzQuerier is enabled
2025-07-15 22:20:27 +00:00 · 2023-02-14 08:27:06 -06:00
parent ebdfdc749d
commit 6fb8aff6d0
59 changed files with 5013 additions and 136 deletions
--- a/coderd/database/queries/licenses.sql
+++ b/coderd/database/queries/licenses.sql
@ -14,6 +14,16 @@ SELECT *
 FROM licenses
 ORDER BY (id);

+-- name: GetLicenseByID :one
+SELECT
+	*
+FROM
+	licenses
+WHERE
+	id = $1
+LIMIT
+	1;
+
 -- name: GetUnexpiredLicenses :many
 SELECT *
 FROM licenses
--- a/coderd/database/queries/workspaces.sql
+++ b/coderd/database/queries/workspaces.sql
@ -8,6 +8,42 @@ WHERE
 LIMIT
 	1;

+-- name: GetWorkspaceByWorkspaceAppID :one
+SELECT
+	*
+FROM
+	workspaces
+WHERE
+		workspaces.id = (
+		SELECT
+			workspace_id
+		FROM
+			workspace_builds
+		WHERE
+				workspace_builds.job_id = (
+				SELECT
+					job_id
+				FROM
+					workspace_resources
+				WHERE
+						workspace_resources.id = (
+						SELECT
+							resource_id
+						FROM
+							workspace_agents
+						WHERE
+								workspace_agents.id = (
+								SELECT
+									agent_id
+								FROM
+									workspace_apps
+								WHERE
+									workspace_apps.id = @workspace_app_id
+								)
+					)
+			)
+	);
+
 -- name: GetWorkspaceByAgentID :one
 SELECT
 	*