- As part of merging support for Template RBAC
and user groups a permission check on reading files
was relaxed.
With the addition of admin roles on individual templates, regular
users are now able to push template versions if they have
inherited the 'admin' role for a template. In order to do so
they need to be able to create and read their own files. Since
collisions on hash in the past were ignored, this means that a regular user
who pushes a template version with a file hash that collides with
an existing hash will not be able to read the file (since it belongs to
another user).
This commit fixes the underlying problem which was that
the files table had a primary key on the 'hash' column.
This was not a problem at the time because only template
admins and other users with similar elevated roles were
able to read all files regardless of ownership. To fix this
a new column and primary key 'id' has been introduced to the files
table. The unique constraint has been updated to be hash+created_by.
Tables (provisioner_jobs) that referenced files.hash have been updated
to reference files.id. Relevant API endpoints have also been updated.
* Refactor workspaces xservice
* Remove layout comment
* Format
* Add comments
* Add running workspaces filter to frontend
* Start on backend - add status to filter
* Update sql and add test - wip
* Attempt to unconvert status for easier querying
* Fix syntax
* Join jobs table, untested
* sql
* Add Status to GetAuthorizedWorkspaces
* Update job tests to have canceled time
* fmt
* add status filter to database fake
Co-authored-by: Colin Adler <colin1adler@gmail.com>
* feat: show listening ports in port forward popup
* Move fetch logic to a machine
* feat: don't show app ports and common non-HTTP ports
Co-authored-by: Bruno Quaresma <bruno@coder.com>
* feat: Add tunnel by default
If an access URL is not specified, we will always tunnel.
This is from community-member feedback who exclaimed that
it's confusing having the default for `coder server` display
a warning message, and I agree.
There is very little (maybe none) in running `coder server`
without tunnel and without an access URL, so this seems like
overall a much better UX.
* Update install.sh
Co-authored-by: Ben Potter <ben@coder.com>
* Update docs/install/packages.md
Co-authored-by: Ben Potter <ben@coder.com>
* Fix reset pass test
* Fix e2e test
Co-authored-by: Ben Potter <ben@coder.com>
* feat: use app wildcards for apps if configured
* feat: relative_path -> subdomain
- rename relative_path -> subdomain when referring to apps
- migrate workspace_apps.relative_path to workspace_apps.subdomain
- upgrade coder/coder terraform module to 0.5.0
* feat: Convert rego queries into SQL clauses
* Fix postgres quotes to single quotes
* Ensure all test cases can compile into SQL clauses
* Do not export extra types
* Add custom query with rbac filter
* First draft of a custom authorized db call
* Add comments + tests
* Support better regex style matching for variables
* Handle jsonb arrays
* Remove auth call on workspaces
* Fix PG endpoints test
* Match psql implementation
* Add some comments
* Remove unused argument
* Add query name for tracking
* Handle nested types
This solves it without proper types in our AST.
Might bite the bullet and implement some better types
* Add comment
* Renaming function call to GetAuthorizedWorkspaces
This also changes the status to be on the workspace build, since
that's where the true value is calculated. This exposed a bug where
jobs could never enter the canceled state unless fetched by a
provisioner daemon, which was nice to fix!
See: https://github.com/coder/coder/actions/runs/3175304200/jobs/5173479506
