synced/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2025-07-03 16:13:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: Add RBAC to /workspace endpoints (#1566)

Browse Source 
* feat: Add RBAC to /workspace endpoints
This commit is contained in:
Steven Masley
2022-05-18 18:15:19 -05:00
committed by GitHub
parent f3fe2a08ce
commit c034e8389e
7 changed files with 215 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
coderd/workspaces_test.go
View File

@ -7,6 +7,8 @@ import (
"testing"
"time"
"github.com/coder/coder/coderd/rbac"
"github.com/google/uuid"
"github.com/stretchr/testify/require"
@ -18,7 +20,7 @@ import (
"github.com/coder/coder/provisionersdk/proto"
)
func TestWorkspace(t *testing.T) {
func TestAdminViewAllWorkspaces(t *testing.T) {
t.Parallel()
client := coderdtest.New(t, nil)
user := coderdtest.CreateFirstUser(t, client)
@ -27,8 +29,25 @@ func TestWorkspace(t *testing.T) {
coderdtest.AwaitTemplateVersionJob(t, client, version.ID)
template := coderdtest.CreateTemplate(t, client, user.OrganizationID, version.ID)
workspace := coderdtest.CreateWorkspace(t, client, user.OrganizationID, template.ID)
coderdtest.AwaitWorkspaceBuildJob(t, client, workspace.LatestBuild.ID)
_, err := client.Workspace(context.Background(), workspace.ID)
require.NoError(t, err)
otherOrg, err := client.CreateOrganization(context.Background(), codersdk.Me, codersdk.CreateOrganizationRequest{
Name: "default-test",
})
require.NoError(t, err, "create other org")
// This other user is not in the first user's org. Since other is an admin, they can
// still see the "first" user's workspace.
other := coderdtest.CreateAnotherUser(t, client, otherOrg.ID, rbac.RoleAdmin(), rbac.RoleMember())
otherWorkspaces, err := other.Workspaces(context.Background(), codersdk.WorkspaceFilter{})
require.NoError(t, err, "(other) fetch workspaces")
firstWorkspaces, err := other.Workspaces(context.Background(), codersdk.WorkspaceFilter{})
require.NoError(t, err, "(first) fetch workspaces")
require.ElementsMatch(t, otherWorkspaces, firstWorkspaces)
}
func TestPostWorkspacesByOrganization(t *testing.T) {
@ -52,7 +71,7 @@ func TestPostWorkspacesByOrganization(t *testing.T) {
client := coderdtest.New(t, nil)
first := coderdtest.CreateFirstUser(t, client)
other := coderdtest.CreateAnotherUser(t, client, first.OrganizationID)
other := coderdtest.CreateAnotherUser(t, client, first.OrganizationID, rbac.RoleMember(), rbac.RoleAdmin())
org, err := other.CreateOrganization(context.Background(), codersdk.Me, codersdk.CreateOrganizationRequest{
Name: "another",
})