Skip to content

Commit 2faf9f0

Browse files
Kira-PilotKira-Pilot
authored
Merge branch 'main' into dependabot/npm_and_yarn/site/prettier-plugin-organize-imports-3.0.0
2 parents ac021dd + 2c89e07 commit 2faf9f0

17 files changed

+188
-66
lines changed

cli/templatecreate_test.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -229,6 +229,7 @@ func TestTemplateCreate(t *testing.T) {
229229
"templates",
230230
"delete",
231231
"my-template",
232+
"--yes",
232233
}
233234
cmd, root := clitest.New(t, args...)
234235
clitest.SetupConfig(t, client, root)

cli/templatedelete.go

Lines changed: 22 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@ package cli
22

33
import (
44
"fmt"
5+
"strings"
56
"time"
67

78
"github.com/spf13/cobra"
@@ -12,7 +13,7 @@ import (
1213
)
1314

1415
func templateDelete() *cobra.Command {
15-
return &cobra.Command{
16+
cmd := &cobra.Command{
1617
Use: "delete [name...]",
1718
Short: "Delete templates",
1819
RunE: func(cmd *cobra.Command, args []string) error {
@@ -33,6 +34,14 @@ func templateDelete() *cobra.Command {
3334

3435
if len(args) > 0 {
3536
templateNames = args
37+
38+
for _, templateName := range templateNames {
39+
template, err := client.TemplateByName(ctx, organization.ID, templateName)
40+
if err != nil {
41+
return xerrors.Errorf("get template by name: %w", err)
42+
}
43+
templates = append(templates, template)
44+
}
3645
} else {
3746
allTemplates, err := client.TemplatesByOrganization(ctx, organization.ID)
3847
if err != nil {
@@ -58,17 +67,19 @@ func templateDelete() *cobra.Command {
5867
for _, template := range allTemplates {
5968
if template.Name == selection {
6069
templates = append(templates, template)
70+
templateNames = append(templateNames, template.Name)
6171
}
6272
}
6373
}
6474

65-
for _, templateName := range templateNames {
66-
template, err := client.TemplateByName(ctx, organization.ID, templateName)
67-
if err != nil {
68-
return xerrors.Errorf("get template by name: %w", err)
69-
}
70-
71-
templates = append(templates, template)
75+
// Confirm deletion of the template.
76+
_, err = cliui.Prompt(cmd, cliui.PromptOptions{
77+
Text: fmt.Sprintf("Delete these templates: %s?", cliui.Styles.Code.Render(strings.Join(templateNames, ", "))),
78+
IsConfirm: true,
79+
Default: "no",
80+
})
81+
if err != nil {
82+
return err
7283
}
7384

7485
for _, template := range templates {
@@ -83,4 +94,7 @@ func templateDelete() *cobra.Command {
8394
return nil
8495
},
8596
}
97+
98+
cliui.AllowSkipPrompt(cmd)
99+
return cmd
86100
}

cli/templatedelete_test.go

Lines changed: 59 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -2,11 +2,14 @@ package cli_test
22

33
import (
44
"context"
5+
"fmt"
6+
"strings"
57
"testing"
68

79
"github.com/stretchr/testify/require"
810

911
"github.com/coder/coder/cli/clitest"
12+
"github.com/coder/coder/cli/cliui"
1013
"github.com/coder/coder/coderd/coderdtest"
1114
"github.com/coder/coder/codersdk"
1215
"github.com/coder/coder/pty/ptytest"
@@ -25,14 +28,27 @@ func TestTemplateDelete(t *testing.T) {
2528
template := coderdtest.CreateTemplate(t, client, user.OrganizationID, version.ID)
2629

2730
cmd, root := clitest.New(t, "templates", "delete", template.Name)
31+
2832
clitest.SetupConfig(t, client, root)
29-
require.NoError(t, cmd.Execute())
33+
pty := ptytest.New(t)
34+
cmd.SetIn(pty.Input())
35+
cmd.SetOut(pty.Output())
36+
37+
execDone := make(chan error)
38+
go func() {
39+
execDone <- cmd.Execute()
40+
}()
41+
42+
pty.ExpectMatch(fmt.Sprintf("Delete these templates: %s?", cliui.Styles.Code.Render(template.Name)))
43+
pty.WriteLine("yes")
44+
45+
require.NoError(t, <-execDone)
3046

3147
_, err := client.Template(context.Background(), template.ID)
3248
require.Error(t, err, "template should not exist")
3349
})
3450

35-
t.Run("Multiple", func(t *testing.T) {
51+
t.Run("Multiple --yes", func(t *testing.T) {
3652
t.Parallel()
3753

3854
client := coderdtest.New(t, &coderdtest.Options{IncludeProvisionerD: true})
@@ -49,7 +65,7 @@ func TestTemplateDelete(t *testing.T) {
4965
templateNames = append(templateNames, template.Name)
5066
}
5167

52-
cmd, root := clitest.New(t, append([]string{"templates", "delete"}, templateNames...)...)
68+
cmd, root := clitest.New(t, append([]string{"templates", "delete", "--yes"}, templateNames...)...)
5369
clitest.SetupConfig(t, client, root)
5470
require.NoError(t, cmd.Execute())
5571

@@ -59,6 +75,45 @@ func TestTemplateDelete(t *testing.T) {
5975
}
6076
})
6177

78+
t.Run("Multiple prompted", func(t *testing.T) {
79+
t.Parallel()
80+
81+
client := coderdtest.New(t, &coderdtest.Options{IncludeProvisionerD: true})
82+
user := coderdtest.CreateFirstUser(t, client)
83+
version := coderdtest.CreateTemplateVersion(t, client, user.OrganizationID, nil)
84+
_ = coderdtest.AwaitTemplateVersionJob(t, client, version.ID)
85+
templates := []codersdk.Template{
86+
coderdtest.CreateTemplate(t, client, user.OrganizationID, version.ID),
87+
coderdtest.CreateTemplate(t, client, user.OrganizationID, version.ID),
88+
coderdtest.CreateTemplate(t, client, user.OrganizationID, version.ID),
89+
}
90+
templateNames := []string{}
91+
for _, template := range templates {
92+
templateNames = append(templateNames, template.Name)
93+
}
94+
95+
cmd, root := clitest.New(t, append([]string{"templates", "delete"}, templateNames...)...)
96+
clitest.SetupConfig(t, client, root)
97+
pty := ptytest.New(t)
98+
cmd.SetIn(pty.Input())
99+
cmd.SetOut(pty.Output())
100+
101+
execDone := make(chan error)
102+
go func() {
103+
execDone <- cmd.Execute()
104+
}()
105+
106+
pty.ExpectMatch(fmt.Sprintf("Delete these templates: %s?", cliui.Styles.Code.Render(strings.Join(templateNames, ", "))))
107+
pty.WriteLine("yes")
108+
109+
require.NoError(t, <-execDone)
110+
111+
for _, template := range templates {
112+
_, err := client.Template(context.Background(), template.ID)
113+
require.Error(t, err, "template should not exist")
114+
}
115+
})
116+
62117
t.Run("Selector", func(t *testing.T) {
63118
t.Parallel()
64119

@@ -80,7 +135,7 @@ func TestTemplateDelete(t *testing.T) {
80135
execDone <- cmd.Execute()
81136
}()
82137

83-
pty.WriteLine("docker-local")
138+
pty.WriteLine("yes")
84139
require.NoError(t, <-execDone)
85140

86141
_, err := client.Template(context.Background(), template.ID)

coderd/coderd.go

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -103,10 +103,10 @@ func New(options *Options) *API {
103103
siteHandler: site.Handler(site.FS(), binFS),
104104
}
105105
api.workspaceAgentCache = wsconncache.New(api.dialWorkspaceAgent, 0)
106-
107-
apiKeyMiddleware := httpmw.ExtractAPIKey(options.Database, &httpmw.OAuth2Configs{
106+
oauthConfigs := &httpmw.OAuth2Configs{
108107
Github: options.GithubOAuth2Config,
109-
})
108+
}
109+
apiKeyMiddleware := httpmw.ExtractAPIKey(options.Database, oauthConfigs, false)
110110

111111
r.Use(
112112
func(next http.Handler) http.Handler {
@@ -121,7 +121,7 @@ func New(options *Options) *API {
121121
apps := func(r chi.Router) {
122122
r.Use(
123123
httpmw.RateLimitPerMinute(options.APIRateLimit),
124-
apiKeyMiddleware,
124+
httpmw.ExtractAPIKey(options.Database, oauthConfigs, true),
125125
httpmw.ExtractUserParam(api.Database),
126126
)
127127
r.HandleFunc("/*", api.workspaceAppsProxyPath)

coderd/httpmw/apikey.go

Lines changed: 31 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -56,9 +56,26 @@ type OAuth2Configs struct {
5656
// ExtractAPIKey requires authentication using a valid API key.
5757
// It handles extending an API key if it comes close to expiry,
5858
// updating the last used time in the database.
59-
func ExtractAPIKey(db database.Store, oauth *OAuth2Configs) func(http.Handler) http.Handler {
59+
// nolint:revive
60+
func ExtractAPIKey(db database.Store, oauth *OAuth2Configs, redirectToLogin bool) func(http.Handler) http.Handler {
6061
return func(next http.Handler) http.Handler {
6162
return http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
63+
// Write wraps writing a response to redirect if the handler
64+
// specified it should. This redirect is used for user-facing
65+
// pages like workspace applications.
66+
write := func(code int, response httpapi.Response) {
67+
if redirectToLogin {
68+
q := r.URL.Query()
69+
q.Add("message", response.Message)
70+
q.Add("redirect", r.URL.Path+"?"+r.URL.RawQuery)
71+
r.URL.RawQuery = q.Encode()
72+
r.URL.Path = "/login"
73+
http.Redirect(rw, r, r.URL.String(), http.StatusTemporaryRedirect)
74+
return
75+
}
76+
httpapi.Write(rw, code, response)
77+
}
78+
6279
var cookieValue string
6380
cookie, err := r.Cookie(SessionTokenKey)
6481
if err != nil {
@@ -67,15 +84,15 @@ func ExtractAPIKey(db database.Store, oauth *OAuth2Configs) func(http.Handler) h
6784
cookieValue = cookie.Value
6885
}
6986
if cookieValue == "" {
70-
httpapi.Write(rw, http.StatusUnauthorized, httpapi.Response{
87+
write(http.StatusUnauthorized, httpapi.Response{
7188
Message: fmt.Sprintf("Cookie %q or query parameter must be provided.", SessionTokenKey),
7289
})
7390
return
7491
}
7592
parts := strings.Split(cookieValue, "-")
7693
// APIKeys are formatted: ID-SECRET
7794
if len(parts) != 2 {
78-
httpapi.Write(rw, http.StatusUnauthorized, httpapi.Response{
95+
write(http.StatusUnauthorized, httpapi.Response{
7996
Message: fmt.Sprintf("Invalid %q cookie API key format.", SessionTokenKey),
8097
})
8198
return
@@ -84,26 +101,26 @@ func ExtractAPIKey(db database.Store, oauth *OAuth2Configs) func(http.Handler) h
84101
keySecret := parts[1]
85102
// Ensuring key lengths are valid.
86103
if len(keyID) != 10 {
87-
httpapi.Write(rw, http.StatusUnauthorized, httpapi.Response{
104+
write(http.StatusUnauthorized, httpapi.Response{
88105
Message: fmt.Sprintf("Invalid %q cookie API key id.", SessionTokenKey),
89106
})
90107
return
91108
}
92109
if len(keySecret) != 22 {
93-
httpapi.Write(rw, http.StatusUnauthorized, httpapi.Response{
110+
write(http.StatusUnauthorized, httpapi.Response{
94111
Message: fmt.Sprintf("Invalid %q cookie API key secret.", SessionTokenKey),
95112
})
96113
return
97114
}
98115
key, err := db.GetAPIKeyByID(r.Context(), keyID)
99116
if err != nil {
100117
if errors.Is(err, sql.ErrNoRows) {
101-
httpapi.Write(rw, http.StatusUnauthorized, httpapi.Response{
118+
write(http.StatusUnauthorized, httpapi.Response{
102119
Message: "API key is invalid.",
103120
})
104121
return
105122
}
106-
httpapi.Write(rw, http.StatusInternalServerError, httpapi.Response{
123+
write(http.StatusInternalServerError, httpapi.Response{
107124
Message: "Internal error fetching API key by id.",
108125
Detail: err.Error(),
109126
})
@@ -113,7 +130,7 @@ func ExtractAPIKey(db database.Store, oauth *OAuth2Configs) func(http.Handler) h
113130

114131
// Checking to see if the secret is valid.
115132
if subtle.ConstantTimeCompare(key.HashedSecret, hashed[:]) != 1 {
116-
httpapi.Write(rw, http.StatusUnauthorized, httpapi.Response{
133+
write(http.StatusUnauthorized, httpapi.Response{
117134
Message: "API key secret is invalid.",
118135
})
119136
return
@@ -130,7 +147,7 @@ func ExtractAPIKey(db database.Store, oauth *OAuth2Configs) func(http.Handler) h
130147
case database.LoginTypeGithub:
131148
oauthConfig = oauth.Github
132149
default:
133-
httpapi.Write(rw, http.StatusInternalServerError, httpapi.Response{
150+
write(http.StatusInternalServerError, httpapi.Response{
134151
Message: fmt.Sprintf("Unexpected authentication type %q.", key.LoginType),
135152
})
136153
return
@@ -142,7 +159,7 @@ func ExtractAPIKey(db database.Store, oauth *OAuth2Configs) func(http.Handler) h
142159
Expiry: key.OAuthExpiry,
143160
}).Token()
144161
if err != nil {
145-
httpapi.Write(rw, http.StatusUnauthorized, httpapi.Response{
162+
write(http.StatusUnauthorized, httpapi.Response{
146163
Message: "Could not refresh expired Oauth token.",
147164
Detail: err.Error(),
148165
})
@@ -158,7 +175,7 @@ func ExtractAPIKey(db database.Store, oauth *OAuth2Configs) func(http.Handler) h
158175

159176
// Checking if the key is expired.
160177
if key.ExpiresAt.Before(now) {
161-
httpapi.Write(rw, http.StatusUnauthorized, httpapi.Response{
178+
write(http.StatusUnauthorized, httpapi.Response{
162179
Message: fmt.Sprintf("API key expired at %q.", key.ExpiresAt.String()),
163180
})
164181
return
@@ -200,7 +217,7 @@ func ExtractAPIKey(db database.Store, oauth *OAuth2Configs) func(http.Handler) h
200217
OAuthExpiry: key.OAuthExpiry,
201218
})
202219
if err != nil {
203-
httpapi.Write(rw, http.StatusInternalServerError, httpapi.Response{
220+
write(http.StatusInternalServerError, httpapi.Response{
204221
Message: fmt.Sprintf("API key couldn't update: %s.", err.Error()),
205222
})
206223
return
@@ -212,15 +229,15 @@ func ExtractAPIKey(db database.Store, oauth *OAuth2Configs) func(http.Handler) h
212229
// is to block 'suspended' users from accessing the platform.
213230
roles, err := db.GetAuthorizationUserRoles(r.Context(), key.UserID)
214231
if err != nil {
215-
httpapi.Write(rw, http.StatusUnauthorized, httpapi.Response{
232+
write(http.StatusUnauthorized, httpapi.Response{
216233
Message: "Internal error fetching user's roles.",
217234
Detail: err.Error(),
218235
})
219236
return
220237
}
221238

222239
if roles.Status != database.UserStatusActive {
223-
httpapi.Write(rw, http.StatusUnauthorized, httpapi.Response{
240+
write(http.StatusUnauthorized, httpapi.Response{
224241
Message: fmt.Sprintf("User is not active (status = %q). Contact an admin to reactivate your account.", roles.Status),
225242
})
226243
return

0 commit comments

Comments
 (0)