CODING-CS
diff --git a/‎coderd/members.go
Lines changed: 8 additions & 0 deletions b/‎coderd/members.go
Lines changed: 8 additions & 0 deletions
diff --git a/‎coderd/users.go
Lines changed: 8 additions & 0 deletions b/‎coderd/users.go
Lines changed: 8 additions & 0 deletions
diff --git a/‎coderd/users_test.go
Lines changed: 16 additions & 4 deletions b/‎coderd/users_test.go
Lines changed: 16 additions & 4 deletions
diff --git a/‎scripts/develop.sh
Lines changed: 2 additions & 1 deletion b/‎scripts/develop.sh
Lines changed: 2 additions & 1 deletion
diff --git a/‎scripts/yarn_install.sh
Lines changed: 1 addition & 1 deletion b/‎scripts/yarn_install.sh
Lines changed: 1 addition & 1 deletion
diff --git a/‎site/.eslintrc.yaml
Lines changed: 3 additions & 0 deletions b/‎site/.eslintrc.yaml
Lines changed: 3 additions & 0 deletions
diff --git a/‎site/src/AppRouter.tsx
Lines changed: 10 additions & 10 deletions b/‎site/src/AppRouter.tsx
Lines changed: 10 additions & 10 deletions
diff --git a/‎site/src/Main.tsx
Lines changed: 0 additions & 1 deletion b/‎site/src/Main.tsx
Lines changed: 0 additions & 1 deletion
diff --git a/‎site/src/__mocks__/react-markdown.tsx
Lines changed: 2 additions & 2 deletions b/‎site/src/__mocks__/react-markdown.tsx
Lines changed: 2 additions & 2 deletions
diff --git a/‎site/src/app.tsx
Lines changed: 2 additions & 2 deletions b/‎site/src/app.tsx
Lines changed: 2 additions & 2 deletions
@@ -20,6 +20,14 @@ func (api *API) putMemberRoles(rw http.ResponseWriter, r *http.Request) {
 	user := httpmw.UserParam(r)
 	organization := httpmw.OrganizationParam(r)
 	member := httpmw.OrganizationMemberParam(r)
+	apiKey := httpmw.APIKey(r)
+
+	if apiKey.UserID == member.UserID {
+		httpapi.Write(rw, http.StatusBadRequest, httpapi.Response{
+			Message: "You cannot change your own organization roles.",
+		})
+		return
+	}
 
 	var params codersdk.UpdateRoles
 	if !httpapi.Read(rw, r, &params) {
 
@@ -474,6 +474,14 @@ func (api *API) putUserRoles(rw http.ResponseWriter, r *http.Request) {
 	// User is the user to modify.
 	user := httpmw.UserParam(r)
 	roles := httpmw.UserAuthorizationRoles(r)
+	apiKey := httpmw.APIKey(r)
+
+	if apiKey.UserID == user.ID {
+		httpapi.Write(rw, http.StatusBadRequest, httpapi.Response{
+			Message: "You cannot change your own roles.",
+		})
+		return
+	}
 
 	var params codersdk.UpdateRoles
 	if !httpapi.Read(rw, r, &params) {
 
@@ -409,11 +409,11 @@ func TestGrantRoles(t *testing.T) {
 	t.Run("UpdateIncorrectRoles", func(t *testing.T) {
 		t.Parallel()
 		ctx := context.Background()
+		var err error
+
 		admin := coderdtest.New(t, nil)
 		first := coderdtest.CreateFirstUser(t, admin)
 		member := coderdtest.CreateAnotherUser(t, admin, first.OrganizationID)
-		memberUser, err := member.User(ctx, codersdk.Me)
-		require.NoError(t, err, "member user")
 
 		_, err = admin.UpdateUserRoles(ctx, codersdk.Me, codersdk.UpdateRoles{
 			Roles: []string{rbac.RoleOrgAdmin(first.OrganizationID)},
@@ -445,7 +445,7 @@ func TestGrantRoles(t *testing.T) {
 		require.Error(t, err, "member cannot change other's roles")
 		requireStatusCode(t, err, http.StatusForbidden)
 
-		_, err = member.UpdateUserRoles(ctx, memberUser.ID.String(), codersdk.UpdateRoles{
+		_, err = member.UpdateUserRoles(ctx, first.UserID.String(), codersdk.UpdateRoles{
 			Roles: []string{},
 		})
 		require.Error(t, err, "member cannot change any roles")
@@ -456,6 +456,18 @@ func TestGrantRoles(t *testing.T) {
 		})
 		require.Error(t, err, "member cannot change other's org roles")
 		requireStatusCode(t, err, http.StatusForbidden)
+
+		_, err = admin.UpdateUserRoles(ctx, first.UserID.String(), codersdk.UpdateRoles{
+			Roles: []string{},
+		})
+		require.Error(t, err, "admin cannot change self roles")
+		requireStatusCode(t, err, http.StatusBadRequest)
+
+		_, err = admin.UpdateOrganizationMemberRoles(ctx, first.OrganizationID, first.UserID.String(), codersdk.UpdateRoles{
+			Roles: []string{},
+		})
+		require.Error(t, err, "admin cannot change self org roles")
+		requireStatusCode(t, err, http.StatusBadRequest)
 	})
 
 	t.Run("FirstUserRoles", func(t *testing.T) {
@@ -503,7 +515,7 @@ func TestGrantRoles(t *testing.T) {
 		require.NoError(t, err, "grant member admin role")
 
 		// Promote to org admin
-		_, err = member.UpdateOrganizationMemberRoles(ctx, first.OrganizationID, codersdk.Me, codersdk.UpdateRoles{
+		_, err = admin.UpdateOrganizationMemberRoles(ctx, first.OrganizationID, memberUser.ID.String(), codersdk.UpdateRoles{
 			Roles: []string{
 				// Promote to org admin
 				rbac.RoleOrgAdmin(first.OrganizationID),
 
@@ -1,6 +1,7 @@
 #!/usr/bin/env bash
 
 set -euo pipefail
+set -x
 
 SCRIPT_DIR=$(dirname "${BASH_SOURCE[0]}")
 PROJECT_ROOT=$(cd "$SCRIPT_DIR" && git rev-parse --show-toplevel)
@@ -28,6 +29,6 @@ export CODER_DEV_ADMIN_PASSWORD=password
 	# Just a minor sleep to ensure the first user was created to make the member.
 	sleep 2
 	# || yes to always exit code 0. If this fails, whelp.
-	go run cmd/coder/main.go users create --email=member@coder.com --username=member --password="${CODER_DEV_ADMIN_PASSWORD}" || yes
+	go run cmd/coder/main.go users create --email=member@coder.com --username=member --password="${CODER_DEV_ADMIN_PASSWORD}" || true
 	wait
 )
@@ -5,7 +5,7 @@
 #
 # Usage: yarn_install.sh [optional extra flags]
 
-set -euo pipefail
+set -eo pipefail
 
 SCRIPT_DIR=$(dirname "${BASH_SOURCE[0]}")
 PROJECT_ROOT=$(cd "$SCRIPT_DIR" && git rev-parse --show-toplevel)
 
@@ -114,6 +114,9 @@ rules:
   react/jsx-curly-brace-presence:
     - error
     - children: ignore
+  # https://reactjs.org/blog/2020/09/22/introducing-the-new-jsx-transform.html#eslint
+  react/jsx-uses-react: "off"
+  react/react-in-jsx-scope: "off"
 settings:
   react:
     version: detect
 
@@ -1,4 +1,4 @@
-import React from "react"
+import { FC, lazy, Suspense } from "react"
 import { Route, Routes } from "react-router-dom"
 import { AuthAndFrame } from "./components/AuthAndFrame/AuthAndFrame"
 import { RequireAuth } from "./components/RequireAuth/RequireAuth"
@@ -8,23 +8,23 @@ import { NotFoundPage } from "./pages/404Page/404Page"
 import { CliAuthenticationPage } from "./pages/CliAuthPage/CliAuthPage"
 import { HealthzPage } from "./pages/HealthzPage/HealthzPage"
 import { LoginPage } from "./pages/LoginPage/LoginPage"
-import { AccountPage } from "./pages/SettingsPages/AccountPage/AccountPage"
-import { SecurityPage } from "./pages/SettingsPages/SecurityPage/SecurityPage"
-import { SSHKeysPage } from "./pages/SettingsPages/SSHKeysPage/SSHKeysPage"
 import { TemplatePage } from "./pages/TemplatePage/TemplatePage"
 import TemplatesPage from "./pages/TemplatesPage/TemplatesPage"
+import { AccountPage } from "./pages/UserSettingsPage/AccountPage/AccountPage"
+import { SecurityPage } from "./pages/UserSettingsPage/SecurityPage/SecurityPage"
+import { SSHKeysPage } from "./pages/UserSettingsPage/SSHKeysPage/SSHKeysPage"
 import { CreateUserPage } from "./pages/UsersPage/CreateUserPage/CreateUserPage"
 import { UsersPage } from "./pages/UsersPage/UsersPage"
 import { WorkspaceBuildPage } from "./pages/WorkspaceBuildPage/WorkspaceBuildPage"
 import { WorkspacePage } from "./pages/WorkspacePage/WorkspacePage"
 import { WorkspaceSchedulePage } from "./pages/WorkspaceSchedulePage/WorkspaceSchedulePage"
 
-const TerminalPage = React.lazy(() => import("./pages/TerminalPage/TerminalPage"))
-const WorkspacesPage = React.lazy(() => import("./pages/WorkspacesPage/WorkspacesPage"))
-const CreateWorkspacePage = React.lazy(() => import("./pages/CreateWorkspacePage/CreateWorkspacePage"))
+const TerminalPage = lazy(() => import("./pages/TerminalPage/TerminalPage"))
+const WorkspacesPage = lazy(() => import("./pages/WorkspacesPage/WorkspacesPage"))
+const CreateWorkspacePage = lazy(() => import("./pages/CreateWorkspacePage/CreateWorkspacePage"))
 
-export const AppRouter: React.FC = () => (
-  <React.Suspense fallback={<></>}>
+export const AppRouter: FC = () => (
+  <Suspense fallback={<></>}>
     <Routes>
       <Route path="/">
         <Route
@@ -159,5 +159,5 @@ export const AppRouter: React.FC = () => (
         <Route path="*" element={<NotFoundPage />} />
       </Route>
     </Routes>
-  </React.Suspense>
+  </Suspense>
 )
@@ -1,5 +1,4 @@
 import { inspect } from "@xstate/inspect"
-import React from "react"
 import ReactDOM from "react-dom"
 import { Interpreter } from "xstate"
 import { App } from "./app"
 
@@ -1,6 +1,6 @@
-import React from "react"
+import { FC } from "react"
 
-const ReactMarkdown: React.FC = ({ children }) => {
+const ReactMarkdown: FC = ({ children }) => {
   return <div data-testid="markdown">{children}</div>
 }
 
 
@@ -1,6 +1,6 @@
 import CssBaseline from "@material-ui/core/CssBaseline"
 import ThemeProvider from "@material-ui/styles/ThemeProvider"
-import React from "react"
+import { FC } from "react"
 import { BrowserRouter as Router } from "react-router-dom"
 import { SWRConfig } from "swr"
 import { AppRouter } from "./AppRouter"
@@ -10,7 +10,7 @@ import { dark } from "./theme"
 import "./theme/globalFonts"
 import { XServiceProvider } from "./xServices/StateContext"
 
-export const App: React.FC = () => {
+export const App: FC = () => {
   return (
     <Router>
       <SWRConfig
Original file line number	Diff line number	Diff line change
`@@ -5,7 +5,7 @@`
`5`	`5`	`#`
`6`	`6`	`# Usage: yarn_install.sh [optional extra flags]`
`7`	`7`
`8`		`-set -euo pipefail`
	`8`	`+set -eo pipefail`
`9`	`9`
`10`	`10`	`SCRIPT_DIR=$(dirname "${BASH_SOURCE[0]}")`
`11`	`11`	`PROJECT_ROOT=$(cd "$SCRIPT_DIR" && git rev-parse --show-toplevel)`
Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,4 @@`
`1`	`1`	`import { inspect } from "@xstate/inspect"`
`2`		`-import React from "react"`
`3`	`2`	`import ReactDOM from "react-dom"`
`4`	`3`	`import { Interpreter } from "xstate"`
`5`	`4`	`import { App } from "./app"`
Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`		`-import React from "react"`
	`1`	`+import { FC } from "react"`
`2`	`2`
`3`		`-const ReactMarkdown: React.FC = ({ children }) => {`
	`3`	`+const ReactMarkdown: FC = ({ children }) => {`
`4`	`4`	`return <div data-testid="markdown">{children}</div>`
`5`	`5`	`}`
`6`	`6`