synced/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2025-07-15 22:20:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: allow workspace owners to view timings (#15364)

Browse Source 
Anyone with authz access to a workspace should be able to read timings
information of its builds.

To do this without `AsSystemContext` would do an extra 4 db calls.
This commit is contained in:
Steven Masley
2024-11-04 20:45:43 -06:00
committed by GitHub
parent 2cf745766c
commit 8024c1dff4
2 changed files with 10 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
coderd/workspacebuilds.go
View File

@ -952,7 +952,8 @@ func (api *API) buildTimings(ctx context.Context, build database.WorkspaceBuild)
return codersdk.WorkspaceBuildTimings{}, xerrors.Errorf("fetching provisioner job timings: %w", err) return codersdk.WorkspaceBuildTimings{}, xerrors.Errorf("fetching provisioner job timings: %w", err)
} }
agentScriptTimings, err := api.Database.GetWorkspaceAgentScriptTimingsByBuildID(ctx, build.ID) //nolint:gocritic // Already checked if the build can be fetched.
agentScriptTimings, err := api.Database.GetWorkspaceAgentScriptTimingsByBuildID(dbauthz.AsSystemRestricted(ctx), build.ID)
if err != nil && !errors.Is(err, sql.ErrNoRows) { if err != nil && !errors.Is(err, sql.ErrNoRows) {
return codersdk.WorkspaceBuildTimings{}, xerrors.Errorf("fetching workspace agent script timings: %w", err) return codersdk.WorkspaceBuildTimings{}, xerrors.Errorf("fetching workspace agent script timings: %w", err)
} }
@ -965,7 +966,8 @@ func (api *API) buildTimings(ctx context.Context, build database.WorkspaceBuild)
for _, resource := range resources { for _, resource := range resources {
resourceIDs = append(resourceIDs, resource.ID) resourceIDs = append(resourceIDs, resource.ID)
} }
agents, err := api.Database.GetWorkspaceAgentsByResourceIDs(ctx, resourceIDs) //nolint:gocritic // Already checked if the build can be fetched.
agents, err := api.Database.GetWorkspaceAgentsByResourceIDs(dbauthz.AsSystemRestricted(ctx), resourceIDs)
if err != nil && !errors.Is(err, sql.ErrNoRows) { if err != nil && !errors.Is(err, sql.ErrNoRows) {
return codersdk.WorkspaceBuildTimings{}, xerrors.Errorf("fetching workspace agents: %w", err) return codersdk.WorkspaceBuildTimings{}, xerrors.Errorf("fetching workspace agents: %w", err)
} }

10
coderd/workspacebuilds_test.go
View File

@ -1188,17 +1188,19 @@ func TestWorkspaceBuildTimings(t *testing.T) {
// Setup the test environment with a template and version // Setup the test environment with a template and version
db, pubsub := dbtestutil.NewDB(t) db, pubsub := dbtestutil.NewDB(t)
client := coderdtest.New(t, &coderdtest.Options{ ownerClient := coderdtest.New(t, &coderdtest.Options{
Database: db, Database: db,
Pubsub: pubsub, Pubsub: pubsub,
}) })
owner := coderdtest.CreateFirstUser(t, client) owner := coderdtest.CreateFirstUser(t, ownerClient)
client, user := coderdtest.CreateAnotherUser(t, ownerClient, owner.OrganizationID)
file := dbgen.File(t, db, database.File{ file := dbgen.File(t, db, database.File{
CreatedBy: owner.UserID, CreatedBy: owner.UserID,
}) })
versionJob := dbgen.ProvisionerJob(t, db, pubsub, database.ProvisionerJob{ versionJob := dbgen.ProvisionerJob(t, db, pubsub, database.ProvisionerJob{
OrganizationID: owner.OrganizationID, OrganizationID: owner.OrganizationID,
InitiatorID: owner.UserID, InitiatorID: user.ID,
FileID: file.ID, FileID: file.ID,
Tags: database.StringMap{ Tags: database.StringMap{
"custom": "true", "custom": "true",
@ -1219,7 +1221,7 @@ func TestWorkspaceBuildTimings(t *testing.T) {
// build number, each test will have its own workspace and build. // build number, each test will have its own workspace and build.
makeBuild := func() database.WorkspaceBuild { makeBuild := func() database.WorkspaceBuild {
ws := dbgen.Workspace(t, db, database.WorkspaceTable{ ws := dbgen.Workspace(t, db, database.WorkspaceTable{
OwnerID: owner.UserID, OwnerID: user.ID,
OrganizationID: owner.OrganizationID, OrganizationID: owner.OrganizationID,
TemplateID: template.ID, TemplateID: template.ID,
}) })