Skip to content

Commit 32a9e12

Browse files
EmyrkEmyrk
committed
Fix more unit tests
1 parent 0d6f6a0 commit 32a9e12

File tree

2 files changed

+13
-4
lines changed

2 files changed

+13
-4
lines changed

coderd/authzquery/user.go

Lines changed: 10 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -137,10 +137,17 @@ func (q *AuthzQuerier) UpdateUserDeletedByID(ctx context.Context, arg database.U
137137
}
138138

139139
func (q *AuthzQuerier) UpdateUserHashedPassword(ctx context.Context, arg database.UpdateUserHashedPasswordParams) error {
140-
fetch := func(ctx context.Context, arg database.UpdateUserHashedPasswordParams) (database.User, error) {
141-
return q.database.GetUserByID(ctx, arg.ID)
140+
user, err := q.database.GetUserByID(ctx, arg.ID)
141+
if err != nil {
142+
return err
143+
}
144+
145+
err = q.authorizeContext(ctx, rbac.ActionUpdate, user.UserDataRBACObject())
146+
if err != nil {
147+
return err
142148
}
143-
return authorizedUpdate(q.authorizer, fetch, q.database.UpdateUserHashedPassword)(ctx, arg)
149+
150+
return q.database.UpdateUserHashedPassword(ctx, arg)
144151
}
145152

146153
func (q *AuthzQuerier) UpdateUserLastSeenAt(ctx context.Context, arg database.UpdateUserLastSeenAtParams) (database.User, error) {

coderd/workspaceapps.go

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -23,6 +23,7 @@ import (
2323
jose "gopkg.in/square/go-jose.v2"
2424

2525
"cdr.dev/slog"
26+
"github.com/coder/coder/coderd/authzquery"
2627
"github.com/coder/coder/coderd/database"
2728
"github.com/coder/coder/coderd/httpapi"
2829
"github.com/coder/coder/coderd/httpmw"
@@ -316,7 +317,8 @@ func (api *API) parseWorkspaceApplicationHostname(rw http.ResponseWriter, r *htt
316317
}
317318

318319
func (api *API) handleWorkspaceAppLogout(rw http.ResponseWriter, r *http.Request) {
319-
ctx := r.Context()
320+
// TODO: Limit permissions of this system user. Using scope or new role.
321+
ctx := authzquery.WithAuthorizeSystemContext(r.Context(), rbac.RolesAdminSystem())
320322

321323
// Delete the API key and cookie first before attempting to parse/validate
322324
// the redirect URI.

0 commit comments

Comments
 (0)