coder
diff --git a/‎coderd/apidoc/docs.go
Lines changed: 64 additions & 0 deletions b/‎coderd/apidoc/docs.go
Lines changed: 64 additions & 0 deletions
diff --git a/‎coderd/apidoc/swagger.json
Lines changed: 60 additions & 0 deletions b/‎coderd/apidoc/swagger.json
Lines changed: 60 additions & 0 deletions
diff --git a/‎coderd/coderd.go
Lines changed: 1 addition & 0 deletions b/‎coderd/coderd.go
Lines changed: 1 addition & 0 deletions
diff --git a/‎coderd/database/dbauthz/dbauthz.go
Lines changed: 8 additions & 0 deletions b/‎coderd/database/dbauthz/dbauthz.go
Lines changed: 8 additions & 0 deletions
diff --git a/‎coderd/database/dbauthz/dbauthz_test.go
Lines changed: 26 additions & 0 deletions b/‎coderd/database/dbauthz/dbauthz_test.go
Lines changed: 26 additions & 0 deletions
diff --git a/‎coderd/database/dbauthz/setup_test.go
Lines changed: 1 addition & 1 deletion b/‎coderd/database/dbauthz/setup_test.go
Lines changed: 1 addition & 1 deletion
diff --git a/‎coderd/database/dbmem/dbmem.go
Lines changed: 47 additions & 0 deletions b/‎coderd/database/dbmem/dbmem.go
Lines changed: 47 additions & 0 deletions
diff --git a/‎coderd/database/dbmetrics/querymetrics.go
Lines changed: 7 additions & 0 deletions b/‎coderd/database/dbmetrics/querymetrics.go
Lines changed: 7 additions & 0 deletions
diff --git a/‎coderd/database/dbmock/dbmock.go
Lines changed: 15 additions & 0 deletions b/‎coderd/database/dbmock/dbmock.go
Lines changed: 15 additions & 0 deletions
diff --git a/‎coderd/database/modelmethods.go
Lines changed: 4 additions & 0 deletions b/‎coderd/database/modelmethods.go
Lines changed: 4 additions & 0 deletions
@@ -1002,6 +1002,7 @@ func New(options *Options) *API {
 						})
 					})
 				})
+				r.Get("/paginated-members", api.paginatedMembers)
 				r.Route("/members", func(r chi.Router) {
 					r.Get("/", api.listMembers)
 					r.Route("/roles", func(r chi.Router) {
 
@@ -3581,6 +3581,14 @@ func (q *querier) OrganizationMembers(ctx context.Context, arg database.Organiza
 	return fetchWithPostFilter(q.auth, policy.ActionRead, q.db.OrganizationMembers)(ctx, arg)
 }
 
+func (q *querier) PaginatedOrganizationMembers(ctx context.Context, arg database.PaginatedOrganizationMembersParams) ([]database.PaginatedOrganizationMembersRow, error) {
+	// Required to have permission to read all members in the organization
+	if err := q.authorizeContext(ctx, policy.ActionRead, rbac.ResourceOrganizationMember.InOrg(arg.OrganizationID)); err != nil {
+		return nil, err
+	}
+	return q.db.PaginatedOrganizationMembers(ctx, arg)
+}
+
 func (q *querier) ReduceWorkspaceAgentShareLevelToAuthenticatedByTemplate(ctx context.Context, templateID uuid.UUID) error {
 	template, err := q.db.GetTemplateByID(ctx, templateID)
 	if err != nil {
 
@@ -985,6 +985,32 @@ func (s *MethodTestSuite) TestOrganization() {
 			mem, policy.ActionRead,
 		)
 	}))
+	s.Run("PaginatedOrganizationMembers", s.Subtest(func(db database.Store, check *expects) {
+		o := dbgen.Organization(s.T(), db, database.Organization{})
+		u := dbgen.User(s.T(), db, database.User{})
+		mem := dbgen.OrganizationMember(s.T(), db, database.OrganizationMember{
+			OrganizationID: o.ID,
+			UserID:         u.ID,
+			Roles:          []string{rbac.RoleOrgAdmin()},
+		})
+
+		check.Args(database.PaginatedOrganizationMembersParams{
+			OrganizationID: o.ID,
+			LimitOpt:       0,
+		}).Asserts(
+			rbac.ResourceOrganizationMember.InOrg(o.ID), policy.ActionRead,
+		).Returns([]database.PaginatedOrganizationMembersRow{
+			{
+				OrganizationMember: mem,
+				Username:           u.Username,
+				AvatarURL:          u.AvatarURL,
+				Name:               u.Name,
+				Email:              u.Email,
+				GlobalRoles:        u.RBACRoles,
+				Count:              1,
+			},
+		})
+	}))
 	s.Run("UpdateMemberRoles", s.Subtest(func(db database.Store, check *expects) {
 		o := dbgen.Organization(s.T(), db, database.Organization{})
 		u := dbgen.User(s.T(), db, database.User{})
 
@@ -503,7 +503,7 @@ func asserts(inputs ...any) []AssertRBAC {
 				// Could be the string type.
 				actionAsString, ok := inputs[i+1].(string)
 				if !ok {
-					panic(fmt.Sprintf("action '%q' not a supported action", actionAsString))
+					panic(fmt.Sprintf("action '%T' not a supported action", inputs[i+1]))
 				}
 				action = policy.Action(actionAsString)
 			}
 
@@ -9584,6 +9584,53 @@ func (q *FakeQuerier) OrganizationMembers(_ context.Context, arg database.Organi
 	return tmp, nil
 }
 
+func (q *FakeQuerier) PaginatedOrganizationMembers(_ context.Context, arg database.PaginatedOrganizationMembersParams) ([]database.PaginatedOrganizationMembersRow, error) {
+	err := validateDatabaseType(arg)
+	if err != nil {
+		return nil, err
+	}
+
+	q.mutex.RLock()
+	defer q.mutex.RUnlock()
+
+	// All of the members in the organization
+	orgMembers := make([]database.OrganizationMember, 0)
+	for _, mem := range q.organizationMembers {
+		if arg.OrganizationID != uuid.Nil && mem.OrganizationID != arg.OrganizationID {
+			continue
+		}
+
+		orgMembers = append(orgMembers, mem)
+	}
+
+	selectedMembers := make([]database.PaginatedOrganizationMembersRow, 0)
+
+	skippedMembers := 0
+	for _, organizationMember := range q.organizationMembers {
+		if skippedMembers < int(arg.OffsetOpt) {
+			skippedMembers++
+			continue
+		}
+
+		// if the limit is set to 0 we treat that as returning all of the org members
+		if int(arg.LimitOpt) != 0 && len(selectedMembers) >= int(arg.LimitOpt) {
+			break
+		}
+
+		user, _ := q.getUserByIDNoLock(organizationMember.UserID)
+		selectedMembers = append(selectedMembers, database.PaginatedOrganizationMembersRow{
+			OrganizationMember: organizationMember,
+			Username:           user.Username,
+			AvatarURL:          user.AvatarURL,
+			Name:               user.Name,
+			Email:              user.Email,
+			GlobalRoles:        user.RBACRoles,
+			Count:              int64(len(orgMembers)),
+		})
+	}
+	return selectedMembers, nil
+}
+
 func (q *FakeQuerier) ReduceWorkspaceAgentShareLevelToAuthenticatedByTemplate(_ context.Context, templateID uuid.UUID) error {
 	err := validateDatabaseType(templateID)
 	if err != nil {
 
@@ -256,6 +256,10 @@ func (m OrganizationMembersRow) RBACObject() rbac.Object {
 	return m.OrganizationMember.RBACObject()
 }
 
+func (m PaginatedOrganizationMembersRow) RBACObject() rbac.Object {
+	return m.OrganizationMember.RBACObject()
+}
+
 func (m GetOrganizationIDsByMemberIDsRow) RBACObject() rbac.Object {
 	// TODO: This feels incorrect as we are really returning a list of orgmembers.
 	// This return type should be refactored to return a list of orgmembers, not this
Original file line number	Diff line number	Diff line change
`@@ -503,7 +503,7 @@ func asserts(inputs ...any) []AssertRBAC {`
`503`	`503`	`// Could be the string type.`
`504`	`504`	`actionAsString, ok := inputs[i+1].(string)`
`505`	`505`	`if !ok {`
`506`		`- panic(fmt.Sprintf("action '%q' not a supported action", actionAsString))`
	`506`	`+ panic(fmt.Sprintf("action '%T' not a supported action", inputs[i+1]))`
`507`	`507`	`}`
`508`	`508`	`action = policy.Action(actionAsString)`
`509`	`509`	`}`