* feat: Member roles are implied and never exlpicitly added
* Rename "GetAllUserRoles" to "GetAuthorizationRoles"
* feat: Add migration to remove implied roles
* rename user auth role middleware
* delete API token in logout api
* add deleteapikeybyid to databasefake
* set blank cookie on logout always
* refactor logout flow, add unit tests
* update logout messsage
* use read-only file mode for windows
* fix file mode on windows for cleanup
* change file permissions on windows
* assert error is not nil
* refactor cli
* try different file mode on windows
* try different file mode on windows
* try keeping the files open on Windows
* fix the error message on Windows
Abstracting coderd into an interface added misdirection because
the interface was never intended to be fulfilled outside of a single
implementation.
This lifts the abstraction, and attaches all handlers to a root struct
named `*coderd.API`.
* feat: Implement pagination for template versions
* feat: Use unified pagination between users and template versions
* Sync codepaths between users and template versions
* Create requestOption type in codersdk and add test
* Fix created_at edge case for pagination cursor in queries
* feat: Add support for json omitempty and embedded structs in apitypings (#1318)
* Add scripts/apitypings/main.go to Makefile
1. Adds benchmarks comparing bcrypt and our pbkdf2 settings
1. Changes the pbkdf2 hash iterations back to 65k. 1024 is insecure
1. Gets rid of the short circuit when the user isn't found, preventing
timing attacks which can reveal which emails exist on a deployment
```
$ go test -bench .
goos: linux
goarch: amd64
pkg: github.com/coder/coder/coderd/userpassword
cpu: Intel(R) Core(TM) i9-9900K CPU @ 3.60GHz
BenchmarkBcryptMinCost-16 1651 702727 ns/op 5165 B/op 10 allocs/op
BenchmarkPbkdf2MinCost-16 1669 714843 ns/op 804 B/op 10 allocs/op
BenchmarkBcryptDefaultCost-16 27 42676316 ns/op 5246 B/op 10 allocs/op
BenchmarkPbkdf2-16 26 45902236 ns/op 804 B/op 10 allocs/op
PASS
ok github.com/coder/coder/coderd/userpassword 5.036s
```
This removes split ownership for workspaces. They are now
a resource of organizations and have a designated owner,
which is a user.
This enables simple administration for commands like:
- `coder stop ben/dev`
- `coder build logs colin/arch`
or if we decide to allow administrators to access workspaces,
they could even SSH using this syntax: `coder ssh colin/dev`.
Customer feedback indicated projects was a confusing name.
After querying the team internally, it seemed unanimous
that it is indeed a confusing name.
Here's for a lil less confusion @ashmeer7 🥂
* chore: Move httpmw to /coderd directory
httpmw is specific to coderd and should be scoped under coderd
* chore: Move httpapi to /coderd directory
httpapi is specific to coderd and should be scoped under coderd
* chore: Move database to /coderd directory
database is specific to coderd and should be scoped under coderd
* chore: Update codecov & gitattributes for generated files
* chore: Update Makefile
Fixes#210 - this isPR implements `coder login` in the case where the default user is already created.
This change adds:
- A prompt in the case where there is not an initial user that opens the server URL + requests a session token
- This ports over some code from v1 for the `openURL` and `isWSL` functions to support opening the browser
- A `/api/v2/api-keys` endpoint that can be `POST`'d to in order to request a new api key for a user
- This route was inspired by the v1 functionality
- A `cli-auth` route + page that shows the generated api key
- Tests for the new code + storybook for the new UI
The `/cli-auth` route, like in v1, is very minimal:
<img width="624" alt="Screen Shot 2022-02-16 at 5 05 07 PM" src="https://user-images.githubusercontent.com/88213859/154384627-78ab9841-27bf-490f-9bbe-23f8173c9e97.png">
And the terminal UX looks like this:
* chore: Rename ProjectHistory to ProjectVersion
Version more accurately represents version storage. This
forks from the WorkspaceHistory name, but I think it's
easier to understand Workspace history.
* Rename files
* Standardize tests a bit more
* Remove Server struct from coderdtest
* Improve test coverage for workspace history
* Fix linting errors
* Fix coderd test leak
* Fix coderd test leak
* Improve workspace history logs
* Standardize test structure for codersdk
* Fix linting errors
* Fix WebSocket compression
* Update coderd/workspaces.go
Co-authored-by: Bryan <bryan@coder.com>
* Add test for listing project parameters
* Cache npm dependencies with setup node
* Remove windows npm cache key
Co-authored-by: Bryan <bryan@coder.com>
* feat: Add history middleware parameters
These will be used for streaming logs, checking status,
and other operations related to workspace and project
history.
* refactor: Move all HTTP routes to top-level struct
Nesting all structs behind their respective structures
is leaky, and promotes naming conflicts between handlers.
Our HTTP routes cannot have conflicts, so neither should
function naming.
