Skip to content

Commit 3b43318

Browse files
EmyrkEmyrk
authored
chore: add custom querier functions to dbgen (#8496)
* chore: add custom querier functions to dbgen * chore: parse package was missing some imports, so force them
1 parent b650ab4 commit 3b43318

File tree

4 files changed

+2144
-2087
lines changed

4 files changed

+2144
-2087
lines changed

coderd/database/dbauthz/dbauthz.go

+38-38
Original file line numberDiff line numberDiff line change
@@ -575,11 +575,6 @@ func (q *querier) canAssignRoles(ctx context.Context, orgID *uuid.UUID, added, r
575575
return nil
576576
}
577577

578-
func (q *querier) GetAuthorizedTemplates(ctx context.Context, arg database.GetTemplatesWithFilterParams, _ rbac.PreparedAuthorized) ([]database.Template, error) {
579-
// TODO Delete this function, all GetTemplates should be authorized. For now just call getTemplates on the authz querier.
580-
return q.GetTemplatesWithFilter(ctx, arg)
581-
}
582-
583578
func (q *querier) SoftDeleteTemplateByID(ctx context.Context, id uuid.UUID) error {
584579
deleteF := func(ctx context.Context, id uuid.UUID) error {
585580
return q.db.UpdateTemplateDeletedByID(ctx, database.UpdateTemplateDeletedByIDParams{
@@ -591,34 +586,6 @@ func (q *querier) SoftDeleteTemplateByID(ctx context.Context, id uuid.UUID) erro
591586
return deleteQ(q.log, q.auth, q.db.GetTemplateByID, deleteF)(ctx, id)
592587
}
593588

594-
func (q *querier) GetTemplateGroupRoles(ctx context.Context, id uuid.UUID) ([]database.TemplateGroup, error) {
595-
// An actor is authorized to read template group roles if they are authorized to read the template.
596-
template, err := q.db.GetTemplateByID(ctx, id)
597-
if err != nil {
598-
return nil, err
599-
}
600-
if err := q.authorizeContext(ctx, rbac.ActionRead, template); err != nil {
601-
return nil, err
602-
}
603-
return q.db.GetTemplateGroupRoles(ctx, id)
604-
}
605-
606-
func (q *querier) GetTemplateUserRoles(ctx context.Context, id uuid.UUID) ([]database.TemplateUser, error) {
607-
// An actor is authorized to query template user roles if they are authorized to read the template.
608-
template, err := q.db.GetTemplateByID(ctx, id)
609-
if err != nil {
610-
return nil, err
611-
}
612-
if err := q.authorizeContext(ctx, rbac.ActionRead, template); err != nil {
613-
return nil, err
614-
}
615-
return q.db.GetTemplateUserRoles(ctx, id)
616-
}
617-
618-
func (q *querier) GetAuthorizedUserCount(ctx context.Context, arg database.GetFilteredUserCountParams, prepared rbac.PreparedAuthorized) (int64, error) {
619-
return q.db.GetAuthorizedUserCount(ctx, arg, prepared)
620-
}
621-
622589
func (q *querier) GetUsersWithCount(ctx context.Context, arg database.GetUsersParams) ([]database.User, int64, error) {
623590
// TODO Implement this with a SQL filter. The count is incorrect without it.
624591
rowUsers, err := q.db.GetUsers(ctx, arg)
@@ -655,11 +622,6 @@ func (q *querier) SoftDeleteUserByID(ctx context.Context, id uuid.UUID) error {
655622
return deleteQ(q.log, q.auth, q.db.GetUserByID, deleteF)(ctx, id)
656623
}
657624

658-
func (q *querier) GetAuthorizedWorkspaces(ctx context.Context, arg database.GetWorkspacesParams, _ rbac.PreparedAuthorized) ([]database.GetWorkspacesRow, error) {
659-
// TODO Delete this function, all GetWorkspaces should be authorized. For now just call GetWorkspaces on the authz querier.
660-
return q.GetWorkspaces(ctx, arg)
661-
}
662-
663625
func (q *querier) SoftDeleteWorkspaceByID(ctx context.Context, id uuid.UUID) error {
664626
return deleteQ(q.log, q.auth, q.db.GetWorkspaceByID, func(ctx context.Context, id uuid.UUID) error {
665627
return q.db.UpdateWorkspaceDeletedByID(ctx, database.UpdateWorkspaceDeletedByIDParams{
@@ -2642,3 +2604,41 @@ func (q *querier) UpsertTailnetCoordinator(ctx context.Context, id uuid.UUID) (d
26422604
}
26432605
return q.db.UpsertTailnetCoordinator(ctx, id)
26442606
}
2607+
2608+
func (q *querier) GetAuthorizedTemplates(ctx context.Context, arg database.GetTemplatesWithFilterParams, _ rbac.PreparedAuthorized) ([]database.Template, error) {
2609+
// TODO Delete this function, all GetTemplates should be authorized. For now just call getTemplates on the authz querier.
2610+
return q.GetTemplatesWithFilter(ctx, arg)
2611+
}
2612+
2613+
func (q *querier) GetTemplateGroupRoles(ctx context.Context, id uuid.UUID) ([]database.TemplateGroup, error) {
2614+
// An actor is authorized to read template group roles if they are authorized to read the template.
2615+
template, err := q.db.GetTemplateByID(ctx, id)
2616+
if err != nil {
2617+
return nil, err
2618+
}
2619+
if err := q.authorizeContext(ctx, rbac.ActionRead, template); err != nil {
2620+
return nil, err
2621+
}
2622+
return q.db.GetTemplateGroupRoles(ctx, id)
2623+
}
2624+
2625+
func (q *querier) GetTemplateUserRoles(ctx context.Context, id uuid.UUID) ([]database.TemplateUser, error) {
2626+
// An actor is authorized to query template user roles if they are authorized to read the template.
2627+
template, err := q.db.GetTemplateByID(ctx, id)
2628+
if err != nil {
2629+
return nil, err
2630+
}
2631+
if err := q.authorizeContext(ctx, rbac.ActionRead, template); err != nil {
2632+
return nil, err
2633+
}
2634+
return q.db.GetTemplateUserRoles(ctx, id)
2635+
}
2636+
2637+
func (q *querier) GetAuthorizedWorkspaces(ctx context.Context, arg database.GetWorkspacesParams, _ rbac.PreparedAuthorized) ([]database.GetWorkspacesRow, error) {
2638+
// TODO Delete this function, all GetWorkspaces should be authorized. For now just call GetWorkspaces on the authz querier.
2639+
return q.GetWorkspaces(ctx, arg)
2640+
}
2641+
2642+
func (q *querier) GetAuthorizedUserCount(ctx context.Context, arg database.GetFilteredUserCountParams, prepared rbac.PreparedAuthorized) (int64, error) {
2643+
return q.db.GetAuthorizedUserCount(ctx, arg, prepared)
2644+
}

0 commit comments

Comments
 (0)