feat: Add endpoint to get all workspaces a user can access (#1354)

This iterates through user organizations to get permitted
workspaces. This will allow admins to manage user workspaces!
This commit is contained in:
Kyle Carberry
2022-05-09 21:38:20 -05:00
committed by GitHub
parent e6f1ce1fb2
commit b675aec4dd
10 changed files with 177 additions and 280 deletions

View File

@ -806,6 +806,51 @@ func (api *api) createUser(ctx context.Context, req codersdk.CreateUserRequest)
})
}
func (api *api) workspacesByUser(rw http.ResponseWriter, r *http.Request) {
user := httpmw.UserParam(r)
roles := httpmw.UserRoles(r)
organizations, err := api.Database.GetOrganizationsByUserID(r.Context(), user.ID)
if err != nil {
httpapi.Write(rw, http.StatusInternalServerError, httpapi.Response{
Message: fmt.Sprintf("get organizations: %s", err),
})
return
}
organizationIDs := make([]uuid.UUID, 0)
for _, organization := range organizations {
err = api.Authorizer.AuthorizeByRoleName(r.Context(), user.ID.String(), roles.Roles, rbac.ActionRead, rbac.ResourceWorkspace.All().InOrg(organization.ID))
if errors.Is(err, &rbac.UnauthorizedError{}) {
continue
}
if err != nil {
httpapi.Write(rw, http.StatusInternalServerError, httpapi.Response{
Message: fmt.Sprintf("authorize: %s", err),
})
return
}
organizationIDs = append(organizationIDs, organization.ID)
}
workspaces, err := api.Database.GetWorkspacesByOrganizationIDs(r.Context(), database.GetWorkspacesByOrganizationIDsParams{
Ids: organizationIDs,
})
if err != nil {
httpapi.Write(rw, http.StatusInternalServerError, httpapi.Response{
Message: fmt.Sprintf("get workspaces for organizations: %s", err),
})
return
}
apiWorkspaces, err := convertWorkspaces(r.Context(), api.Database, workspaces)
if err != nil {
httpapi.Write(rw, http.StatusInternalServerError, httpapi.Response{
Message: fmt.Sprintf("convert workspaces: %s", err),
})
return
}
httpapi.Write(rw, http.StatusOK, apiWorkspaces)
}
func convertUser(user database.User, organizationIDs []uuid.UUID) codersdk.User {
convertedUser := codersdk.User{
ID: user.ID,