Skip to content

Commit 4545d1a

Browse files
EmyrkEmyrk
committed
Hide /users page for regular users
1 parent 89ec2ed commit 4545d1a

File tree

4 files changed

+23
-8
lines changed

4 files changed

+23
-8
lines changed

coderd/rbac/roles.go

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -145,8 +145,6 @@ func ReloadBuiltinRoles(opts *RoleOptions) {
145145
Name: member,
146146
DisplayName: "",
147147
Site: Permissions(map[string][]Action{
148-
// All users can read all other users and know they exist.
149-
ResourceUser.Type: {ActionRead},
150148
ResourceRoleAssignment.Type: {ActionRead},
151149
// All users can see the provisioner daemons.
152150
ResourceProvisionerDaemon.Type: {ActionRead},

site/src/components/Navbar/Navbar.tsx

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,7 @@ export const Navbar: FC = () => {
1616
const canViewAuditLog =
1717
featureVisibility["audit_log"] && Boolean(permissions.viewAuditLog)
1818
const canViewDeployment = Boolean(permissions.viewDeploymentValues)
19+
const canViewAllUsers = Boolean(permissions.readAllUsers)
1920
const onSignOut = () => authSend("SIGN_OUT")
2021
const proxyContextValue = useProxy()
2122
const dashboard = useDashboard()
@@ -29,6 +30,7 @@ export const Navbar: FC = () => {
2930
onSignOut={onSignOut}
3031
canViewAuditLog={canViewAuditLog}
3132
canViewDeployment={canViewDeployment}
33+
canViewAllUsers={canViewAllUsers}
3234
proxyContextValue={
3335
dashboard.experiments.includes("moons") ? proxyContextValue : undefined
3436
}

site/src/components/Navbar/NavbarView.test.tsx

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -48,6 +48,7 @@ describe("NavbarView", () => {
4848
onSignOut={noop}
4949
canViewAuditLog
5050
canViewDeployment
51+
canViewAllUsers
5152
/>,
5253
)
5354
const workspacesLink = await screen.findByText(navLanguage.workspaces)
@@ -62,6 +63,7 @@ describe("NavbarView", () => {
6263
onSignOut={noop}
6364
canViewAuditLog
6465
canViewDeployment
66+
canViewAllUsers
6567
/>,
6668
)
6769
const templatesLink = await screen.findByText(navLanguage.templates)
@@ -76,6 +78,7 @@ describe("NavbarView", () => {
7678
onSignOut={noop}
7779
canViewAuditLog
7880
canViewDeployment
81+
canViewAllUsers
7982
/>,
8083
)
8184
const userLink = await screen.findByText(navLanguage.users)
@@ -98,6 +101,7 @@ describe("NavbarView", () => {
98101
onSignOut={noop}
99102
canViewAuditLog
100103
canViewDeployment
104+
canViewAllUsers
101105
/>,
102106
)
103107

@@ -115,6 +119,7 @@ describe("NavbarView", () => {
115119
onSignOut={noop}
116120
canViewAuditLog
117121
canViewDeployment
122+
canViewAllUsers
118123
/>,
119124
)
120125
const auditLink = await screen.findByText(navLanguage.audit)
@@ -129,6 +134,7 @@ describe("NavbarView", () => {
129134
onSignOut={noop}
130135
canViewAuditLog={false}
131136
canViewDeployment
137+
canViewAllUsers
132138
/>,
133139
)
134140
const auditLink = screen.queryByText(navLanguage.audit)
@@ -143,6 +149,7 @@ describe("NavbarView", () => {
143149
onSignOut={noop}
144150
canViewAuditLog
145151
canViewDeployment
152+
canViewAllUsers
146153
/>,
147154
)
148155
const auditLink = await screen.findByText(navLanguage.deployment)
@@ -159,6 +166,7 @@ describe("NavbarView", () => {
159166
onSignOut={noop}
160167
canViewAuditLog={false}
161168
canViewDeployment={false}
169+
canViewAllUsers
162170
/>,
163171
)
164172
const auditLink = screen.queryByText(navLanguage.deployment)

site/src/components/Navbar/NavbarView.tsx

Lines changed: 13 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -36,6 +36,7 @@ export interface NavbarViewProps {
3636
onSignOut: () => void
3737
canViewAuditLog: boolean
3838
canViewDeployment: boolean
39+
canViewAllUsers: boolean
3940
proxyContextValue?: ProxyContextValue
4041
}
4142

@@ -52,8 +53,9 @@ const NavItems: React.FC<
5253
className?: string
5354
canViewAuditLog: boolean
5455
canViewDeployment: boolean
56+
canViewAllUsers: boolean
5557
}>
56-
> = ({ className, canViewAuditLog, canViewDeployment }) => {
58+
> = ({ className, canViewAuditLog, canViewDeployment, canViewAllUsers }) => {
5759
const styles = useStyles()
5860
const location = useLocation()
5961

@@ -75,11 +77,13 @@ const NavItems: React.FC<
7577
{Language.templates}
7678
</NavLink>
7779
</ListItem>
78-
<ListItem button className={styles.item}>
79-
<NavLink className={styles.link} to={USERS_LINK}>
80-
{Language.users}
81-
</NavLink>
82-
</ListItem>
80+
{canViewAllUsers && (
81+
<ListItem button className={styles.item}>
82+
<NavLink className={styles.link} to={USERS_LINK}>
83+
{Language.users}
84+
</NavLink>
85+
</ListItem>
86+
)}
8387
{canViewAuditLog && (
8488
<ListItem button className={styles.item}>
8589
<NavLink className={styles.link} to="/audit">
@@ -105,6 +109,7 @@ export const NavbarView: FC<NavbarViewProps> = ({
105109
onSignOut,
106110
canViewAuditLog,
107111
canViewDeployment,
112+
canViewAllUsers,
108113
proxyContextValue,
109114
}) => {
110115
const styles = useStyles()
@@ -142,6 +147,7 @@ export const NavbarView: FC<NavbarViewProps> = ({
142147
<NavItems
143148
canViewAuditLog={canViewAuditLog}
144149
canViewDeployment={canViewDeployment}
150+
canViewAllUsers={canViewAllUsers}
145151
/>
146152
</div>
147153
</Drawer>
@@ -158,6 +164,7 @@ export const NavbarView: FC<NavbarViewProps> = ({
158164
className={styles.desktopNavItems}
159165
canViewAuditLog={canViewAuditLog}
160166
canViewDeployment={canViewDeployment}
167+
canViewAllUsers={canViewAllUsers}
161168
/>
162169

163170
<Box

0 commit comments

Comments
 (0)