f827829afe
feat: synchronize oidc user roles ( #8595 )
...
* feat: oidc user role sync
User roles come from oidc claims. Prevent manual user role changes
if set.
* allow mapping 1:many
2023-07-24 08:34:24 -04:00
38e5b9679b
chore: Rbac errors should be returned, and not hidden behind 404 ( #7122 )
...
* chore: Rbac errors should be returned, and not hidden behind 404
SqlErrNoRows was hiding actual errors
* Replace sql.ErrNoRow checks
* Remove sql err no rows check from dbauthz test
* Fix to use dbauthz system user
2023-04-13 13:06:16 -05:00
e0f7cf5ec6
chore: fix postGroupByOrganization swagger tag ( #7021 )
2023-04-05 20:17:36 +00:00
391738cc25
chore: remove documented groups endpoint that doesn't exist ( #7020 )
2023-04-05 14:26:21 -05:00
2321160c62
feat: Dbauthz is now default, remove out of experimental ( #6650 )
...
* feat: dbauthz always on, out of experimental
* Add ability to do rbac checks in unit tests
* Remove AuthorizeAllEndpoints
* Remove duplicate rbac checks
2023-03-21 09:10:22 -05:00
ab1f6ce090
fix: Deleting a user from a group should only delete from a single group ( #5977 )
2023-02-02 09:46:42 -06:00
6b68fbbf18
feat: Auditing group members as part of group resource ( #5730 )
...
* added AuditableGroup type
* added json tags
* Anonymizing gGroup struct
* adding support on the FE for nested group diffs
* added type for GroupMember
* Update coderd/database/modelmethods.go
Co-authored-by: Steven Masley <Emyrk@users.noreply.github.com >
* Update coderd/database/modelmethods.go
Co-authored-by: Steven Masley <Emyrk@users.noreply.github.com >
* fetching group members in group.delete
* passing through right error
* broke out into util function and added tests
Co-authored-by: Steven Masley <Emyrk@users.noreply.github.com >
2023-01-18 15:13:39 -05:00
54cc587dad
Updated PreconditionFailed status occurences to more appropriate statuses. ( #5513 )
2023-01-13 08:30:48 -06:00
deebfcbd53
feat: Validate swagger definitions ( #5694 )
...
* docs: audit, deploymentconfig, files, parameters
* Swagger comments in workspacebuilds.go
* structs in workspacebuilds.go
* workspaceagents: instance identity
* workspaceagents.go in progress
* workspaceagents.go in progress
* Agents
* workspacebuilds.go
* /workspaces
* templates.go, templateversions.go
* templateversion.go in progress
* cancel
* templateversions
* wip
* Merge
* x-apidocgen
* NullTime hack not needed anymore
* Fix: x-apidocgen
* Members
* Fixes
* Fix
* WIP
* WIP
* Users
* Logout
* User profile
* Status suspend activate
* User roles
* User tokens
* Keys
* SSH key
* All
* Typo
* Fix
* Entitlements
* Groups
* SCIM
* Fix
* Fix
* Clean templates
* Sort API pages
* Fix: HashedSecret
* WIP
* WIP
* WIP
* Fix: cover workspaceagents
* Assert: consistent ID and summary
* Assert: success or failure defined
* Fix: parallel
* Refactor
* Support enterprise
* Go comment goes to top
* Security
* assertPathParametersDefined
* assertUniqueRoutes
* assertRequestBody
* More fixes
* Fix: exceptions
* Fix field format
* Address PR comments
* Refactor
2023-01-13 12:27:21 +01:00
d9436fab69
docs: API enterprise ( #5625 )
...
* docs: audit, deploymentconfig, files, parameters
* Swagger comments in workspacebuilds.go
* structs in workspacebuilds.go
* workspaceagents: instance identity
* workspaceagents.go in progress
* workspaceagents.go in progress
* Agents
* workspacebuilds.go
* /workspaces
* templates.go, templateversions.go
* templateversion.go in progress
* cancel
* templateversions
* wip
* Merge
* x-apidocgen
* NullTime hack not needed anymore
* Fix: x-apidocgen
* Members
* Fixes
* Fix
* WIP
* WIP
* Users
* Logout
* User profile
* Status suspend activate
* User roles
* User tokens
* Keys
* SSH key
* All
* Typo
* Fix
* Entitlements
* Groups
* SCIM
* Fix
* Fix
* Clean templates
* Sort API pages
* Fix: HashedSecret
* General is first
2023-01-11 16:05:42 +01:00
ab9298f382
chore: Rewrite rbac rego -> SQL clause ( #5138 )
...
* chore: Rewrite rbac rego -> SQL clause
Previous code was challenging to read with edge cases
- bug: OrgAdmin could not make new groups
- Also refactor some function names
2022-11-28 12:12:34 -06:00
97dbd4dc5d
Implement Quotas v3 ( #5012 )
...
* provisioner/terraform: add cost to resource_metadata
* provisionerd/runner: use Options struct
* Complete provisionerd implementation
* Add quota_allowance to groups
* Combine Quota and RBAC licenses
* Add Opts to InTx
2022-11-14 17:57:33 +00:00
0d1096da6c
feat: add auditing for groups ( #4527 )
...
- Clean up `database.TemplateACL` implementation.
2022-10-19 02:00:45 -05:00
e0a14f68fa
feat: add avatar urls to groups ( #4525 )
2022-10-17 17:46:01 -05:00
3120c94c22
feat: add template RBAC/groups ( #4235 )
2022-10-10 15:37:06 -05:00
