Skip to content

Commit 5033ee8

Browse files
EmyrkEmyrk
committed
add unit test for site wide custom role deletE
1 parent 817bb4b commit 5033ee8

File tree

2 files changed

+14
-2
lines changed

2 files changed

+14
-2
lines changed

coderd/database/dbauthz/dbauthz.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -964,7 +964,7 @@ func (q *querier) DeleteCustomRole(ctx context.Context, arg database.DeleteCusto
964964
return err
965965
}
966966
} else {
967-
if err := q.authorizeContext(ctx, policy.ActionCreate, rbac.ResourceAssignRole); err != nil {
967+
if err := q.authorizeContext(ctx, policy.ActionDelete, rbac.ResourceAssignRole); err != nil {
968968
return err
969969
}
970970
}

coderd/database/dbauthz/dbauthz_test.go

Lines changed: 13 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1247,7 +1247,7 @@ func (s *MethodTestSuite) TestUser() {
12471247
s.Run("CustomRoles", s.Subtest(func(db database.Store, check *expects) {
12481248
check.Args(database.CustomRolesParams{}).Asserts(rbac.ResourceAssignRole, policy.ActionRead).Returns([]database.CustomRole{})
12491249
}))
1250-
s.Run("DeleteCustomRole", s.Subtest(func(db database.Store, check *expects) {
1250+
s.Run("Organization/DeleteCustomRole", s.Subtest(func(db database.Store, check *expects) {
12511251
customRole := dbgen.CustomRole(s.T(), db, database.CustomRole{
12521252
OrganizationID: uuid.NullUUID{
12531253
UUID: uuid.New(),
@@ -1260,6 +1260,18 @@ func (s *MethodTestSuite) TestUser() {
12601260
}).Asserts(
12611261
rbac.ResourceAssignOrgRole.InOrg(customRole.OrganizationID.UUID), policy.ActionDelete)
12621262
}))
1263+
s.Run("Site/DeleteCustomRole", s.Subtest(func(db database.Store, check *expects) {
1264+
customRole := dbgen.CustomRole(s.T(), db, database.CustomRole{
1265+
OrganizationID: uuid.NullUUID{
1266+
UUID: uuid.Nil,
1267+
Valid: false,
1268+
},
1269+
})
1270+
check.Args(database.DeleteCustomRoleParams{
1271+
Name: customRole.Name,
1272+
}).Asserts(
1273+
rbac.ResourceAssignRole, policy.ActionDelete)
1274+
}))
12631275
s.Run("Blank/UpsertCustomRole", s.Subtest(func(db database.Store, check *expects) {
12641276
// Blank is no perms in the role
12651277
check.Args(database.UpsertCustomRoleParams{

0 commit comments

Comments
 (0)