chore: merge provisioner key and provisioner permissions (#16628)

Provisioner key permissions were never any different than provisioners. Merging them for a cleaner permission story until they are required (if ever) to be seperate. This removed `ResourceProvisionerKey` from RBAC and just uses the existing `ResourceProvisioner`.
2025-07-15 22:20:27 +00:00 · 2025-02-24 13:31:11 -06:00
parent 8f33c6d8d1
commit e005e4e51d
14 changed files with 34 additions and 62 deletions
--- a/coderd/rbac/roles_test.go
+++ b/coderd/rbac/roles_test.go
@ -556,15 +556,6 @@ func TestRolePermissions(t *testing.T) {
 				false: {setOtherOrg, memberMe, userAdmin, orgUserAdmin, orgAuditor},
 			},
 		},
-		{
-			Name:     "ProvisionerKeys",
-			Actions:  []policy.Action{policy.ActionCreate, policy.ActionRead, policy.ActionDelete},
-			Resource: rbac.ResourceProvisionerKeys.InOrg(orgID),
-			AuthorizeMap: map[bool][]hasAuthSubjects{
-				true:  {owner, orgAdmin},
-				false: {setOtherOrg, memberMe, orgMemberMe, userAdmin, templateAdmin, orgTemplateAdmin, orgUserAdmin, orgAuditor},
-			},
-		},
 		{
 			Name:     "ProvisionerJobs",
 			Actions:  []policy.Action{policy.ActionRead},