Commit Graph

933 Commits

Author SHA1 Message Date
5df7872661 fix: Improve use of context in websocket.NetConn code paths (#6198) 2023-02-14 16:42:55 +02:00
6fb8aff6d0 feat: Add initial AuthzQuerier implementation (#5919)
feat: Add initial AuthzQuerier implementation
- Adds package database/dbauthz that adds a database.Store implementation where each method goes through AuthZ checks
- Implements all database.Store methods on AuthzQuerier
- Updates and fixes unit tests where required
- Updates coderd initialization to use AuthzQuerier if codersdk.ExperimentAuthzQuerier is enabled
2023-02-14 14:27:06 +00:00
733f58c76d chore: Force license uuids to not be null (#6012)
* chore: Force license uuids to not be null

* All unit tests generate uuids for licenses

* Update migration files to new numbers

* Put migration in transaction
2023-02-13 18:21:58 -06:00
a56df46d0f fix: Update github.com/coder/retry to remove initial delay (#6160) 2023-02-13 11:54:43 +02:00
2dbe00ae44 fix(api): Allow workspace agent coordinate to report disconnect (#6152) 2023-02-10 20:23:02 +02:00
6189035e98 feat: Add option to enable hsts header (#6147)
* feat: Add option to enable hsts header
* Update golden files
2023-02-10 10:52:49 -06:00
32fbd10a1f chore: Optimize parial rego execution byte allocations (#6144)
* chore: Implement benchmark for authorizer.Prepare

Identify time + alloc cost before optimizing
2023-02-10 08:39:45 -06:00
4432cd08d6 chore: update tailscale (#6091) 2023-02-09 21:43:18 -06:00
e6da7afd33 feat: Add cachable authorizer to elimate duplicate rbac calls (#6107)
* feat: Add cachable authorizer to elimate duplicate rbac calls

Cache is context bound, so only prevents duplicate rbac calls in
the same request context.
2023-02-09 20:14:31 -06:00
af59e2bcfa chore: Optimize rego policy input allocations (#6135)
* chore: Optimize rego policy evaluation allocations

Manually convert to ast.Value instead of using generic
json.Marshal conversion.

* Add a unit test that prevents regressions of rego input

The optimized input is always compared to the normal json
marshal parser.
2023-02-09 13:47:17 -06:00
b46d0d693f fix: Extend migration fixture test with down and fix 000045 (#6130) 2023-02-09 16:59:54 +02:00
049984ce7f docs: Add missing body parameter (#6132) 2023-02-09 14:02:03 +00:00
2ed0eafd75 feat: add minimum password entropy requirements (#6090)
* feat: add minimum password entropy requirements

* Fix all the tests

* Fix E2E tests
2023-02-08 14:10:08 -06:00
fe725f76bb fix: Allow to stop or remove workspaces using rich and old parameters (#6099)
* fix: Allow to stop or remove workspaces using rich and old parameters

* Fix
2023-02-08 14:09:52 -06:00
8dba66c535 chore: Use dbgen in unit test (#6111)
* chore: Use dbgen in unit test

- organizationparam_test
- templateparam_test

* Use dbgen in all unit tests vs insert methods

* fixup! Use dbgen in all unit tests vs insert methods

---------

Co-authored-by: Cian Johnston <cian@coder.com>
2023-02-08 13:47:05 -06:00
7a1731b620 chore: change build audit log string to be clearer (#6093)
* changed bbuild string

* clean up friendly string

* using Trans component

* general cleanup

* fixed tests

* fix lint

* fixing bolding

* removing dead strings in auditLogRow

* fix tests
2023-02-08 13:06:57 -05:00
1dc477819e feat: render Markdown in rich parameter descriptions (#6098) 2023-02-08 12:57:12 +01:00
691495d761 feat: add expanded_directory to the agent for extension support (#6087)
This will enable opening the default `dir` of an agent in
the VS Code extension!
2023-02-07 21:35:09 +00:00
135a4d87f1 fix: use correct migration number (#6071) 2023-02-07 10:28:44 +01:00
b86bce8494 feat!: Validate monotonic numbers for rich parameters (#6046)
* Database changes

* protobuf

* Fix: docs

* workspaces_test

* Validation in coderd

* Fix: resources

* omitempty

* UI changes

* UI tests

* fix
2023-02-07 09:36:13 +01:00
dd9e1f3d3f feat: add template editor to the ui (#5963)
* Add initial editor

* Fix editor file being reset onChange

* Add updating the active build version

* Update nav height

* Add tabs

* Fix title

* Hide timestamps in build logs

* Add create file dialog

* Add validation for empty path

* Hide resources tab

* Fix label names

* Add rename and delete

* Improve UX

* Add padding to the editor

* Add dirty state

* Hide build logs until a build is made

* Add stories

* Add experiment to enable the template editor

* Fix linting errors

* Fix duplicate fields

* Fix theme type
2023-02-07 01:24:04 +00:00
71a893764e chore: remove CreateAnotherUserWithUser (#6068)
This was not idiomatic Go!
2023-02-06 23:48:21 +00:00
b81d8464df fix: audit log query when Postgres TZ isn't UTC (#6067) 2023-02-06 21:36:39 +00:00
46fe59f5e7 feat: audit login (#5925)
* added migration for api key resource

* sort of working

* auditing login

* passing  the correct user id

* added and fixed tests

* gen documentation

* formatting and lint

* lint

* audit Github oauth and write tests

* audit oauth and write  tests

* added defer fn for login error auditing

* fixed test

* feat: audit logout (#5998)

* Update coderd/userauth.go

Co-authored-by: Steven Masley <Emyrk@users.noreply.github.com>

* fix test

* bypassing diff generation if login/logout

* lint

---------

Co-authored-by: Steven Masley <Emyrk@users.noreply.github.com>
2023-02-06 15:12:50 -05:00
bdddc3e7ae fix: change auto-start to automatically update workspaces (#6053)
Fixes #6049.
2023-02-06 11:12:58 -06:00
4fe221a700 feat: add flag to disable password auth (#5991)
Adds a flag --disable-password-auth that prevents the password login
endpoint from working unless the user has the "owner" (aka. site admin)
role.

Adds a subcommand `coder server create-admin-user` which creates a user
directly in the database with the "owner" role, the "admin" role in
every organization, and password auth. This is to avoid lock-out
situations where all accounts have the login type set to an identity
provider and nobody can login.
2023-02-06 14:58:21 +00:00
a422cc00e8 Stream template upload (#6035)
Resolves #5718
2023-02-04 20:07:09 +00:00
77fd34be94 chore: Action consts should actually be typed as an Action (#6027) 2023-02-03 20:36:37 +00:00
b359dbbd8b chore: Allow RecordingAuthorizer to record multiple rbac authz calls (#6024)
* chore: Allow RecordingAuthorizer to record multiple rbac authz calls

Prior iteration only recorded the last call. This is required for
more comprehensive testing
2023-02-03 19:03:46 +00:00
cf9abe3a6c feat: add session expiry control flags (#5976)
Adds --session-duration which lets admins customize the default session
expiration for browser sessions.

Adds --disable-session-expiry-refresh which allows admins to prevent
session expiry from being automatically bumped upon the API key being
used.
2023-02-03 17:38:36 +00:00
a750b1948b test: Use database.Now() for UTC in all tests (#6022)
Fixes a lot of comparison issues with timezones
2023-02-03 17:13:54 +00:00
aab9e3a0f7 chore: Add more objects to dbgen (#6013)
* chore: Add WorkspaceApps to dbgen

* GitSSHKey, UserLink, GitAuthLink
2023-02-03 09:34:35 +00:00
fd2f9dc176 test: Fix unit test to use dbfake over databasefake (#6014) 2023-02-03 03:55:26 +00:00
381d6674ca chore: add install_source to telemetry (#6008)
This will help determine the number of installs from marketplaces!
2023-02-03 01:30:54 +00:00
8b424f03c2 chore: Rename databasefake --> dbfake (#6011) 2023-02-02 19:28:55 -06:00
2478012827 chore: Add organizationmember and parameter gen functions (#6007) 2023-02-02 18:24:59 -06:00
41e52310bf chore: Add more dbgen functions (#6005) 2023-02-02 17:21:29 -06:00
5fe4819669 chore: Pass through AllowUserCancelWorkspaceJobs value to fake db insert (#6006) 2023-02-02 23:08:57 +00:00
a5e8911d67 fix: index template versions by template and name (#5993)
* fix: index template versions by template and name

We were incorrectly returning template versions by name relative
to organizations. This could result in an incorrect version being
returned if multiple templates had versions with the same name.

* Fix auth referencing

* Fix route location

* Fix authorize route name

* Fix previous call

* Fix authorize route name
2023-02-02 15:47:53 -06:00
496138b086 feat: assign users to groups returned by OIDC provider (#5965) 2023-02-02 19:53:48 +00:00
026b1cd2a4 chore: update to go 1.20 (#5968)
Co-authored-by: Colin Adler <colin1adler@gmail.com>
2023-02-02 12:36:27 -06:00
be00e2541c chore: remove unused workspace_owner_count field (#5958)
This added unnecessary database load, because it's not used!
2023-02-02 17:59:43 +00:00
b9b402cd0c feat!: generate a self-signed certificate if no certificates are specified (#5973)
* feat: generate a self-signed certificate if no certificates are specified

Clouds like AWS automatically navigate to https://<ip-here>. This
allows us to bind to that immediately, serve a self-signed certificate,
then reroute to the access URL.

* Add new flag and deprecate old one

* Fix redirect if not using tunnel

* Add deprecation notice

* Fix TLS redirect

* Run `make gen`

* Fix bad test

* Fix gen
2023-02-02 17:08:35 +00:00
ab1f6ce090 fix: Deleting a user from a group should only delete from a single group (#5977) 2023-02-02 09:46:42 -06:00
271d68c862 feat: Disallow using legacy params with rich params (#5974)
* feat: Disallow using legacy params with rich params

* Fix

* nolint
2023-02-02 16:44:57 +01:00
4a6fc40949 feat: Add database data generator to make fakedbs easier to populate (#5922)
* feat: Add database data generator to make fakedbs easier to populate
2023-01-31 15:10:03 -06:00
c162c0f284 fix: omit users for 'Everyone' group in response (#5937) 2023-01-31 13:30:20 -06:00
69fce0488e feat: Allow hiding password auth, changing OpenID Connect text and OpenID Connect icon (#5101)
* Allow hiding password entry, changing OpenID Connect text and OpenID Connect icon

* Docs

* Cleaning

* Fix Prettier and Go test and TS compile error

* Fix LoginPage test

* Prettier

* Fix storybook

* Add query param to un-hide password auth

* Cleaning

* Hide password by default when OIDC enabled

* Ran prettier, updated goldenfiles and ran "make gen"

* Fixed and added LoginPage test

* Ran prettier

* PR Feedback and split up SignInForm.tsx

* Updated golden files

* Fix auto-genned-files

* make gen -B

* Revert provisioner files?

* Fix lint error

---------

Co-authored-by: Kyle Carberry <kyle@coder.com>
2023-01-31 18:33:25 +00:00
b31b0fd189 fix: audit log broken build links (#5895)
* pushing for guidance

* added test

* PR feedback

* fixed tests

* Update coderd/audit.go

Co-authored-by: Steven Masley <Emyrk@users.noreply.github.com>

* runnig make gen

---------

Co-authored-by: Steven Masley <Emyrk@users.noreply.github.com>
2023-01-30 18:43:29 +00:00
23176bf036 feat: Support rich parameters in autobuilds (#5916) 2023-01-30 15:34:38 +01:00