mirror of
https://github.com/coder/coder.git
synced 2025-07-08 11:39:50 +00:00
4ad5ac2d4a
* feat: Enforce authorize call on all endpoints - Make 'request()' exported for running custom requests * Rbac users endpoints * 401 -> 403
34 lines
935 B
Go
34 lines
935 B
Go
package coderd
|
|
|
|
import (
|
|
"net/http"
|
|
|
|
"github.com/coder/coder/coderd/database"
|
|
"github.com/coder/coder/coderd/httpapi"
|
|
"github.com/coder/coder/coderd/httpmw"
|
|
"github.com/coder/coder/coderd/rbac"
|
|
"github.com/coder/coder/codersdk"
|
|
)
|
|
|
|
func (api *api) organization(rw http.ResponseWriter, r *http.Request) {
|
|
organization := httpmw.OrganizationParam(r)
|
|
|
|
if !api.Authorize(rw, r, rbac.ActionRead, rbac.ResourceOrganization.
|
|
InOrg(organization.ID).
|
|
WithID(organization.ID.String())) {
|
|
return
|
|
}
|
|
|
|
httpapi.Write(rw, http.StatusOK, convertOrganization(organization))
|
|
}
|
|
|
|
// convertOrganization consumes the database representation and outputs an API friendly representation.
|
|
func convertOrganization(organization database.Organization) codersdk.Organization {
|
|
return codersdk.Organization{
|
|
ID: organization.ID,
|
|
Name: organization.Name,
|
|
CreatedAt: organization.CreatedAt,
|
|
UpdatedAt: organization.UpdatedAt,
|
|
}
|
|
}
|