feat: Remove organization and user scoped parameters (#2007)

* feat: Remove organization and user scoped parameters Signed-off-by: Spike Curtis <spike@coder.com> * Fixup dump.sql Signed-off-by: Spike Curtis <spike@coder.com> * Fix dump.sql again Signed-off-by: Spike Curtis <spike@coder.com> * Fix down migration Signed-off-by: Spike Curtis <spike@coder.com>
2025-07-03 16:13:58 +00:00 · 2022-06-03 11:49:58 -07:00
parent 582d636e54
commit d8c440188e
11 changed files with 90 additions and 112 deletions
--- a/coderd/coderd_test.go
+++ b/coderd/coderd_test.go
@ -61,14 +61,6 @@ func TestAuthorizeAllEndpoints(t *testing.T) {
 	organization, err := client.Organization(ctx, admin.OrganizationID)
 	require.NoError(t, err, "fetch org")

-	organizationParam, err := client.CreateParameter(ctx, codersdk.ParameterOrganization, organization.ID, codersdk.CreateParameterRequest{
-		Name:              "test-param",
-		SourceValue:       "hello world",
-		SourceScheme:      codersdk.ParameterSourceSchemeData,
-		DestinationScheme: codersdk.ParameterDestinationSchemeProvisionerVariable,
-	})
-	require.NoError(t, err, "create org param")
-
 	// Setup some data in the database.
 	version := coderdtest.CreateTemplateVersion(t, client, admin.OrganizationID, &echo.Responses{
 		Parse: echo.ParseComplete,
@ -101,6 +93,14 @@ func TestAuthorizeAllEndpoints(t *testing.T) {
 	})
 	require.NoError(t, err, "template version dry-run")

+	templateParam, err := client.CreateParameter(ctx, codersdk.ParameterTemplate, template.ID, codersdk.CreateParameterRequest{
+		Name:              "test-param",
+		SourceValue:       "hello world",
+		SourceScheme:      codersdk.ParameterSourceSchemeData,
+		DestinationScheme: codersdk.ParameterDestinationSchemeProvisionerVariable,
+	})
+	require.NoError(t, err, "create template param")
+
 	// Always fail auth from this point forward
 	authorizer.AlwaysReturn = rbac.ForbiddenWithInternal(xerrors.New("fake implementation"), nil, nil)

@ -294,15 +294,15 @@ func TestAuthorizeAllEndpoints(t *testing.T) {

 		"POST:/api/v2/parameters/{scope}/{id}": {
 			AssertAction: rbac.ActionUpdate,
-			AssertObject: rbac.ResourceOrganization.WithID(organization.ID.String()),
+			AssertObject: rbac.ResourceTemplate.WithID(template.ID.String()),
 		},
 		"GET:/api/v2/parameters/{scope}/{id}": {
 			AssertAction: rbac.ActionRead,
-			AssertObject: rbac.ResourceOrganization.WithID(organization.ID.String()),
+			AssertObject: rbac.ResourceTemplate.WithID(template.ID.String()),
 		},
 		"DELETE:/api/v2/parameters/{scope}/{id}/{name}": {
 			AssertAction: rbac.ActionUpdate,
-			AssertObject: rbac.ResourceOrganization.WithID(organization.ID.String()),
+			AssertObject: rbac.ResourceTemplate.WithID(template.ID.String()),
 		},
 		"GET:/api/v2/organizations/{organization}/templates/{templatename}": {
 			AssertAction: rbac.ActionRead,
@ -377,9 +377,9 @@ func TestAuthorizeAllEndpoints(t *testing.T) {
 			route = strings.ReplaceAll(route, "{templateversion}", version.ID.String())
 			route = strings.ReplaceAll(route, "{templateversiondryrun}", templateVersionDryRun.ID.String())
 			route = strings.ReplaceAll(route, "{templatename}", template.Name)
-			// Only checking org scoped params here
-			route = strings.ReplaceAll(route, "{scope}", string(organizationParam.Scope))
-			route = strings.ReplaceAll(route, "{id}", organizationParam.ScopeID.String())
+			// Only checking template scoped params here
+			route = strings.ReplaceAll(route, "{scope}", string(templateParam.Scope))
+			route = strings.ReplaceAll(route, "{id}", templateParam.ScopeID.String())

 			resp, err := client.Request(context.Background(), method, route, nil)
 			require.NoError(t, err, "do req")