Skip to content

Commit 0315226

Browse files
EmyrkEmyrk
committed
update enterprise api endpoints
1 parent 839bb9a commit 0315226

File tree

2 files changed

+9
-61
lines changed

2 files changed

+9
-61
lines changed

enterprise/coderd/coderd.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -269,8 +269,8 @@ func New(ctx context.Context, options *Options) (_ *API, err error) {
269269
httpmw.RequireExperiment(api.AGPL.Experiments, codersdk.ExperimentCustomRoles),
270270
httpmw.ExtractOrganizationParam(api.Database),
271271
)
272-
r.Post("/organizations/{organization}/members/roles", api.patchOrgRoles)
273-
r.Put("/organizations/{organization}/members/roles", api.patchOrgRoles)
272+
r.Post("/organizations/{organization}/members/roles", api.postOrgRoles)
273+
r.Put("/organizations/{organization}/members/roles", api.putOrgRoles)
274274
r.Delete("/organizations/{organization}/members/roles/{roleName}", api.deleteOrgRole)
275275
})
276276

enterprise/coderd/roles.go

Lines changed: 7 additions & 59 deletions
Original file line numberDiff line numberDiff line change
@@ -40,7 +40,7 @@ func (api *API) postOrgRoles(rw http.ResponseWriter, r *http.Request) {
4040
Audit: *auditor,
4141
Log: api.Logger,
4242
Request: r,
43-
Action: database.AuditActionWrite,
43+
Action: database.AuditActionCreate,
4444
OrganizationID: organization.ID,
4545
})
4646
)
@@ -55,28 +55,7 @@ func (api *API) postOrgRoles(rw http.ResponseWriter, r *http.Request) {
5555
return
5656
}
5757

58-
originalRoles, err := db.CustomRoles(ctx, database.CustomRolesParams{
59-
LookupRoles: []database.NameOrganizationPair{
60-
{
61-
Name: req.Name,
62-
OrganizationID: organization.ID,
63-
},
64-
},
65-
ExcludeOrgRoles: false,
66-
// Linter requires all fields to be set. This field is not actually required.
67-
OrganizationID: organization.ID,
68-
})
69-
// If it is a 404 (not found) error, ignore it.
70-
if err != nil && !httpapi.Is404Error(err) {
71-
httpapi.InternalServerError(rw, err)
72-
return
73-
}
74-
if len(originalRoles) == 1 {
75-
// For auditing changes to a role.
76-
aReq.Old = originalRoles[0]
77-
}
78-
79-
inserted, err := db.UpsertCustomRole(ctx, database.UpsertCustomRoleParams{
58+
inserted, err := db.InsertCustomRole(ctx, database.InsertCustomRoleParams{
8059
Name: req.Name,
8160
DisplayName: req.DisplayName,
8261
OrganizationID: uuid.NullUUID{
@@ -115,7 +94,7 @@ func (api *API) postOrgRoles(rw http.ResponseWriter, r *http.Request) {
11594
// @Tags Members
11695
// @Success 200 {array} codersdk.Role
11796
// @Router /organizations/{organization}/members/roles [patch]
118-
func (api *API) patchOrgRoles(rw http.ResponseWriter, r *http.Request) {
97+
func (api *API) putOrgRoles(rw http.ResponseWriter, r *http.Request) {
11998
var (
12099
ctx = r.Context()
121100
db = api.Database
@@ -136,38 +115,7 @@ func (api *API) patchOrgRoles(rw http.ResponseWriter, r *http.Request) {
136115
return
137116
}
138117

139-
// This check is not ideal, but we cannot enforce a unique role name in the db against
140-
// the built-in role names.
141-
if rbac.ReservedRoleName(req.Name) {
142-
httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{
143-
Message: "Reserved role name",
144-
Detail: fmt.Sprintf("%q is a reserved role name, and not allowed to be used", req.Name),
145-
})
146-
return
147-
}
148-
149-
if err := httpapi.NameValid(req.Name); err != nil {
150-
httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{
151-
Message: "Invalid role name",
152-
Detail: err.Error(),
153-
})
154-
return
155-
}
156-
157-
// Only organization permissions are allowed to be granted
158-
if len(req.SitePermissions) > 0 {
159-
httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{
160-
Message: "Invalid request, not allowed to assign site wide permissions for an organization role.",
161-
Detail: "organization scoped roles may not contain site wide permissions",
162-
})
163-
return
164-
}
165-
166-
if len(req.UserPermissions) > 0 {
167-
httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{
168-
Message: "Invalid request, not allowed to assign user permissions for an organization role.",
169-
Detail: "organization scoped roles may not contain user permissions",
170-
})
118+
if !validOrganizationRoleRequest(ctx, req, rw) {
171119
return
172120
}
173121

@@ -192,7 +140,7 @@ func (api *API) patchOrgRoles(rw http.ResponseWriter, r *http.Request) {
192140
aReq.Old = originalRoles[0]
193141
}
194142

195-
inserted, err := db.UpsertCustomRole(ctx, database.UpsertCustomRoleParams{
143+
updated, err := db.UpdateCustomRole(ctx, database.UpdateCustomRoleParams{
196144
Name: req.Name,
197145
DisplayName: req.DisplayName,
198146
OrganizationID: uuid.NullUUID{
@@ -214,9 +162,9 @@ func (api *API) patchOrgRoles(rw http.ResponseWriter, r *http.Request) {
214162
})
215163
return
216164
}
217-
aReq.New = inserted
165+
aReq.New = updated
218166

219-
httpapi.Write(ctx, rw, http.StatusOK, db2sdk.Role(inserted))
167+
httpapi.Write(ctx, rw, http.StatusOK, db2sdk.Role(updated))
220168
}
221169

222170
// deleteOrgRole will remove a custom role from an organization

0 commit comments

Comments
 (0)