Skip to content

Group sync API + CLI CRUD #14626

New issue
New issue
Closed
Closed
Group sync API + CLI CRUD#14626
Assignees
aslilacEmyrk
Labels
multi-orgtemporary label for multiple organizations related workneed-backendIssues that need backend work
Milestone
Organizations & Custom Roles (GA)
@Emyrk

Description

@Emyrk
Emyrk
opened on Sep 9, 2024

Implement api interface for group sync settings crud. Group sync settings are now configured in the database and mutable at runtime.

Requires api endpoint to set and read the group sync runtime settings.

The code to interact with the settings from an api handler:

	settings := api.IDPSync.GroupSyncSettings()
	rlv := api.Options.RuntimeConfig.OrganizationResolver(db, org.ID)
	err := settings.SetRuntimeValue(ctx, rlv, &idpsync.GroupSyncSettings{
		// Values
	})

The problem we currently have is the RBAC story is not fully fleshed out. The current authz call is ResourceSystem:

coder/coderd/database/dbauthz/dbauthz.go

Lines 3939 to 3944 in 1995c13

func (q *querier) UpsertRuntimeConfig(ctx context.Context, arg database.UpsertRuntimeConfigParams) error {
if err := q.authorizeContext(ctx, policy.ActionCreate, rbac.ResourceSystem); err != nil {
return err
}
return q.db.UpsertRuntimeConfig(ctx, arg)
}

Metadata

Metadata

Assignees

Labels

multi-orgtemporary label for multiple organizations related workneed-backendIssues that need backend work

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions
    pFad - Phonifier reborn

    Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

    Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


    Alternative Proxies:

    Alternative Proxy

    pFad Proxy

    pFad v3 Proxy

    pFad v4 Proxy