Skip to content

Commit eeb0bbe

Browse files
aslilacaslilac
authored
feat: implement acl for workspaces (#19094)
1 parent d736af1 commit eeb0bbe

File tree

17 files changed

+346
-141
lines changed

17 files changed

+346
-141
lines changed

coderd/database/dbgen/dbgen_test.go

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -168,6 +168,8 @@ func TestGenerator(t *testing.T) {
168168
DeletingAt: w.DeletingAt,
169169
AutomaticUpdates: w.AutomaticUpdates,
170170
Favorite: w.Favorite,
171+
GroupACL: database.WorkspaceACL{},
172+
UserACL: database.WorkspaceACL{},
171173
}
172174
require.Equal(t, exp, table)
173175
})

coderd/database/dump.sql

Lines changed: 5 additions & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/database/migrations/000354_workspace_acl.down.sql

Lines changed: 40 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,40 @@
1+
DROP VIEW workspaces_expanded;
2+
3+
ALTER TABLE workspaces
4+
DROP COLUMN group_acl,
5+
DROP COLUMN user_acl;
6+
7+
CREATE VIEW workspaces_expanded AS
8+
SELECT workspaces.id,
9+
workspaces.created_at,
10+
workspaces.updated_at,
11+
workspaces.owner_id,
12+
workspaces.organization_id,
13+
workspaces.template_id,
14+
workspaces.deleted,
15+
workspaces.name,
16+
workspaces.autostart_schedule,
17+
workspaces.ttl,
18+
workspaces.last_used_at,
19+
workspaces.dormant_at,
20+
workspaces.deleting_at,
21+
workspaces.automatic_updates,
22+
workspaces.favorite,
23+
workspaces.next_start_at,
24+
visible_users.avatar_url AS owner_avatar_url,
25+
visible_users.username AS owner_username,
26+
visible_users.name AS owner_name,
27+
organizations.name AS organization_name,
28+
organizations.display_name AS organization_display_name,
29+
organizations.icon AS organization_icon,
30+
organizations.description AS organization_description,
31+
templates.name AS template_name,
32+
templates.display_name AS template_display_name,
33+
templates.icon AS template_icon,
34+
templates.description AS template_description
35+
FROM (((workspaces
36+
JOIN visible_users ON ((workspaces.owner_id = visible_users.id)))
37+
JOIN organizations ON ((workspaces.organization_id = organizations.id)))
38+
JOIN templates ON ((workspaces.template_id = templates.id)));
39+
40+
COMMENT ON VIEW workspaces_expanded IS 'Joins in the display name information such as username, avatar, and organization name.';

coderd/database/migrations/000354_workspace_acl.up.sql

Lines changed: 43 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,43 @@
1+
DROP VIEW workspaces_expanded;
2+
3+
ALTER TABLE workspaces
4+
ADD COLUMN group_acl jsonb not null default '{}'::jsonb,
5+
ADD COLUMN user_acl jsonb not null default '{}'::jsonb;
6+
7+
-- Recreate the view, now including the new columns
8+
CREATE VIEW workspaces_expanded AS
9+
SELECT workspaces.id,
10+
workspaces.created_at,
11+
workspaces.updated_at,
12+
workspaces.owner_id,
13+
workspaces.organization_id,
14+
workspaces.template_id,
15+
workspaces.deleted,
16+
workspaces.name,
17+
workspaces.autostart_schedule,
18+
workspaces.ttl,
19+
workspaces.last_used_at,
20+
workspaces.dormant_at,
21+
workspaces.deleting_at,
22+
workspaces.automatic_updates,
23+
workspaces.favorite,
24+
workspaces.next_start_at,
25+
workspaces.group_acl,
26+
workspaces.user_acl,
27+
visible_users.avatar_url AS owner_avatar_url,
28+
visible_users.username AS owner_username,
29+
visible_users.name AS owner_name,
30+
organizations.name AS organization_name,
31+
organizations.display_name AS organization_display_name,
32+
organizations.icon AS organization_icon,
33+
organizations.description AS organization_description,
34+
templates.name AS template_name,
35+
templates.display_name AS template_display_name,
36+
templates.icon AS template_icon,
37+
templates.description AS template_description
38+
FROM (((workspaces
39+
JOIN visible_users ON ((workspaces.owner_id = visible_users.id)))
40+
JOIN organizations ON ((workspaces.organization_id = organizations.id)))
41+
JOIN templates ON ((workspaces.template_id = templates.id)));
42+
43+
COMMENT ON VIEW workspaces_expanded IS 'Joins in the display name information such as username, avatar, and organization name.';

coderd/database/modelmethods.go

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -242,6 +242,8 @@ func (w Workspace) WorkspaceTable() WorkspaceTable {
242242
AutomaticUpdates: w.AutomaticUpdates,
243243
Favorite: w.Favorite,
244244
NextStartAt: w.NextStartAt,
245+
GroupACL: w.GroupACL,
246+
UserACL: w.UserACL,
245247
}
246248
}
247249

coderd/database/modelqueries.go

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -298,6 +298,8 @@ func (q *sqlQuerier) GetAuthorizedWorkspaces(ctx context.Context, arg GetWorkspa
298298
&i.AutomaticUpdates,
299299
&i.Favorite,
300300
&i.NextStartAt,
301+
&i.GroupACL,
302+
&i.UserACL,
301303
&i.OwnerAvatarUrl,
302304
&i.OwnerUsername,
303305
&i.OwnerName,

coderd/database/models.go

Lines changed: 4 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy