fix enterprise route override

Emyrk · Emyrk · commit 425969130a60 · 2024-05-16T11:19:33.000-05:00
diff --git a/coderd/coderd.go b/coderd/coderd.go
@@ -917,7 +917,7 @@ func New(options *Options) *API {
 				r.Post("/logout", api.postLogout)
 				// These routes query information about site wide roles.
 				r.Route("/roles", func(r chi.Router) {
-					r.Get("/", api.assignableSiteRoles)
+					r.Get("/", api.AssignableSiteRoles)
 				})
 				r.Route("/{user}", func(r chi.Router) {
 					r.Use(httpmw.ExtractUserParam(options.Database))
diff --git a/coderd/roles.go b/coderd/roles.go
@@ -11,7 +11,7 @@ import (
 	"github.com/coder/coder/v2/coderd/rbac"
 )
 
-// assignableSiteRoles returns all site wide roles that can be assigned.
+// AssignableSiteRoles returns all site wide roles that can be assigned.
 //
 // @Summary Get site member roles
 // @ID get-site-member-roles
@@ -20,7 +20,7 @@ import (
 // @Tags Members
 // @Success 200 {array} codersdk.AssignableRoles
 // @Router /users/roles [get]
-func (api *API) assignableSiteRoles(rw http.ResponseWriter, r *http.Request) {
+func (api *API) AssignableSiteRoles(rw http.ResponseWriter, r *http.Request) {
 	ctx := r.Context()
 	actorRoles := httpmw.UserAuthorization(r)
 	if !api.Authorize(r, policy.ActionRead, rbac.ResourceAssignRole) {
@@ -32,7 +32,7 @@ func (api *API) assignableSiteRoles(rw http.ResponseWriter, r *http.Request) {
 	httpapi.Write(ctx, rw, http.StatusOK, assignableRoles(actorRoles.Roles, roles))
 }
 
-// assignableSiteRoles returns all org wide roles that can be assigned.
+// assignableOrgRoles returns all org wide roles that can be assigned.
 //
 // @Summary Get member roles by organization
 // @ID get-member-roles-by-organization
diff --git a/codersdk/roles.go b/codersdk/roles.go
@@ -41,8 +41,8 @@ type Role struct {
 	UserPermissions         []Permission            `json:"user_permissions"`
 }
 
-// UpsertCustomSiteRole will upsert a custom site wide role
-func (c *Client) UpsertCustomSiteRole(ctx context.Context, req Role) (Role, error) {
+// PatchRole will upsert a custom site wide role
+func (c *Client) PatchRole(ctx context.Context, req Role) (Role, error) {
 	res, err := c.Request(ctx, http.MethodPatch, "/api/v2/users/roles", req)
 	if err != nil {
 		return Role{}, err
diff --git a/enterprise/coderd/coderd.go b/enterprise/coderd/coderd.go
@@ -329,11 +329,18 @@ func New(ctx context.Context, options *Options) (_ *API, err error) {
 
 		r.Route("/users/roles", func(r chi.Router) {
 			r.Use(
-				api.customRolesEnabledMW,
 				apiKeyMiddleware,
 			)
-
-			r.Patch("/", api.patchRole)
+			r.Group(func(r chi.Router) {
+				r.Use(
+					api.customRolesEnabledMW,
+				)
+				r.Patch("/", api.patchRole)
+			})
+			// Unfortunate, but this r.Route overrides the AGPL roles route.
+			// The AGPL does not have the entitlements to block the licensed
+			// routes, so we need to duplicate the AGPL here.
+			r.Get("/", api.AGPL.AssignableSiteRoles)
 		})
 
 		r.Route("/users/{user}/quiet-hours", func(r chi.Router) {
diff --git a/enterprise/coderd/roles_test.go b/enterprise/coderd/roles_test.go
@@ -1,6 +1,7 @@
 package coderd_test
 
 import (
+	"slices"
 	"testing"
 
 	"github.com/stretchr/testify/require"
@@ -36,7 +37,7 @@ func TestCustomRole(t *testing.T) {
 		ctx := testutil.Context(t, testutil.WaitMedium)
 
 		//nolint:gocritic // owner is required for this
-		role, err := owner.UpsertCustomSiteRole(ctx, codersdk.Role{
+		role, err := owner.PatchRole(ctx, codersdk.Role{
 			Name:        "test-role",
 			DisplayName: "Testing Purposes",
 			// Basically creating a template admin manually
@@ -59,5 +60,13 @@ func TestCustomRole(t *testing.T) {
 
 		// Try to create a template version
 		coderdtest.CreateTemplateVersion(t, tmplAdmin, first.OrganizationID, nil)
+
+		// Verify the role exists in the list
+		allRoles, err := tmplAdmin.ListSiteRoles(ctx)
+		require.NoError(t, err)
+
+		require.True(t, slices.ContainsFunc(allRoles, func(selected codersdk.AssignableRoles) bool {
+			return selected.Name == role.Name
+		}), "role missing from site role list")
 	})
 }
