* chore: add /v2 to import module path
go mod requires semantic versioning with versions greater than 1.x
This was a mechanical update by running:
```
go install github.com/marwan-at-work/mod/cmd/mod@latest
mod upgrade
```
Migrate generated files to import /v2
* Fix gen
* feat: drop reading other 'user' permission
Members of the platform can no longer read or list other users.
Resources that have "created_by" or "initiated_by" still retain
user context, but only include username and avatar url.
Attempting to read a user found via those means will result in
a 404.
* Hide /users page for regular users
* make groups a privledged endpoint
* Permissions page for template perms
* Admin for a given template enables an endpoint for listing users/groups.
* Standardize on function to get workspace channel name
There were two, now there is one.
* Add some missing workspace updates
There are some failure cases where we do not set the type as a workspace
build which causes the workspace update to never be published.
* Make build failures warnings
Otherwise the associated test fails due to the logger fataling on
error messages.
* feat: add login type 'none' to prevent login
Users with this login type must use tokens to authenticate.
Tokens must come from some other source, not a /login with password
authentication
* chore: rename store to dbmock for consistency
* chore: remove redundant dbtype package
This wasn't necessary and forked how we do DB types.
* chore: separate pubsub into a new package
This didn't need to be in database and was bloating it.
* chore: move app proxying code to workspaceapps pkg
Moves path-app, subdomain-app and reconnecting PTY proxying to the new
workspaceapps.WorkspaceAppServer struct. This is in preparation for
external workspace proxies.
Updates app logout flow to avoid redirecting to coder-logout.${app_host}
on logout. Instead, all subdomain app tokens owned by the logging-out
user will be deleted every time you logout for simplicity sake.
Tests will remain in their original package, pending being moved to an
apptest package (or similar).
Co-authored-by: Steven Masley <stevenmasley@coder.com>
This commit:
- Allows configuring the OIDC claim Coder uses for email addresses (by default, this is still email)
- Allows customising the parameters sent to the upstream identity provider when requesting a token. This is still access_type=offline by default.
- Updates documentation related to the above.
* feat: dbauthz always on, out of experimental
* Add ability to do rbac checks in unit tests
* Remove AuthorizeAllEndpoints
* Remove duplicate rbac checks
* add token actions
* added basic token form
* removed token switch
* refined date field
* limiting lifetime days to maxTokenLifetime
* broke apart files
* added loader and error
* fixed form layout
* added some unit tests
* fixed be tests
* no authorize check
