coder
diff --git a/‎coderd/audit.go
Lines changed: 2 additions & 1 deletion b/‎coderd/audit.go
Lines changed: 2 additions & 1 deletion
diff --git a/‎coderd/coderd.go
Lines changed: 15 additions & 8 deletions b/‎coderd/coderd.go
Lines changed: 15 additions & 8 deletions
diff --git a/‎coderd/database/db2sdk/db2sdk.go
Lines changed: 31 additions & 0 deletions b/‎coderd/database/db2sdk/db2sdk.go
Lines changed: 31 additions & 0 deletions
diff --git a/‎coderd/members.go
Lines changed: 2 additions & 1 deletion b/‎coderd/members.go
Lines changed: 2 additions & 1 deletion
diff --git a/‎coderd/roles.go
Lines changed: 0 additions & 7 deletions b/‎coderd/roles.go
Lines changed: 0 additions & 7 deletions
diff --git a/‎coderd/users.go
Lines changed: 7 additions & 27 deletions b/‎coderd/users.go
Lines changed: 7 additions & 27 deletions
diff --git a/‎cryptorand/errors_test.go
Lines changed: 0 additions & 30 deletions b/‎cryptorand/errors_test.go
Lines changed: 0 additions & 30 deletions
@@ -17,6 +17,7 @@ import (
 	"cdr.dev/slog"
 	"github.com/coder/coder/coderd/audit"
 	"github.com/coder/coder/coderd/database"
+	"github.com/coder/coder/coderd/database/db2sdk"
 	"github.com/coder/coder/coderd/httpapi"
 	"github.com/coder/coder/coderd/httpmw"
 	"github.com/coder/coder/coderd/rbac"
@@ -193,7 +194,7 @@ func (api *API) convertAuditLog(ctx context.Context, dblog database.GetAuditLogs
 
 		for _, roleName := range dblog.UserRoles {
 			rbacRole, _ := rbac.RoleByName(roleName)
-			user.Roles = append(user.Roles, convertRole(rbacRole))
+			user.Roles = append(user.Roles, db2sdk.Role(rbacRole))
 		}
 	}
 
 
@@ -293,11 +293,13 @@ func New(options *Options) *API {
 		},
 	)
 
-	staticHandler := site.Handler(site.FS(), binFS, binHashes)
-	// Static file handler must be wrapped with HSTS handler if the
-	// StrictTransportSecurityAge is set. We only need to set this header on
-	// static files since it only affects browsers.
-	staticHandler = httpmw.HSTS(staticHandler, options.StrictTransportSecurityCfg)
+	staticHandler := site.New(&site.Options{
+		BinFS:     binFS,
+		BinHashes: binHashes,
+		Database:  options.Database,
+		SiteFS:    site.FS(),
+	})
+	staticHandler.Experiments.Store(&experiments)
 
 	oauthConfigs := &httpmw.OAuth2Configs{
 		Github: options.GithubOAuth2Config,
@@ -313,7 +315,7 @@ func New(options *Options) *API {
 		ID:          uuid.New(),
 		Options:     options,
 		RootHandler: r,
-		siteHandler: staticHandler,
+		SiteHandler: staticHandler,
 		HTTPAuth: &HTTPAuthorizer{
 			Authorizer: options.Authorizer,
 			Logger:     options.Logger,
@@ -813,7 +815,11 @@ func New(options *Options) *API {
 		// By default we do not add extra websocket connections to the CSP
 		return []string{}
 	})
-	r.NotFound(cspMW(compressHandler(http.HandlerFunc(api.siteHandler.ServeHTTP))).ServeHTTP)
+
+	// Static file handler must be wrapped with HSTS handler if the
+	// StrictTransportSecurityAge is set. We only need to set this header on
+	// static files since it only affects browsers.
+	r.NotFound(cspMW(compressHandler(httpmw.HSTS(api.SiteHandler, options.StrictTransportSecurityCfg))).ServeHTTP)
 
 	// This must be before all middleware to improve the response time.
 	// So make a new router, and mount the old one as the root.
@@ -858,7 +864,8 @@ type API struct {
 	// RootHandler serves "/"
 	RootHandler chi.Router
 
-	siteHandler http.Handler
+	// SiteHandler serves static files for the dashboard.
+	SiteHandler *site.Handler
 
 	WebsocketWaitMutex sync.Mutex
 	WebsocketWaitGroup sync.WaitGroup
 
@@ -5,8 +5,11 @@ import (
 	"encoding/json"
 	"time"
 
+	"github.com/google/uuid"
+
 	"github.com/coder/coder/coderd/database"
 	"github.com/coder/coder/coderd/parameter"
+	"github.com/coder/coder/coderd/rbac"
 	"github.com/coder/coder/codersdk"
 	"github.com/coder/coder/provisionersdk/proto"
 )
@@ -100,3 +103,31 @@ func ProvisionerJobStatus(provisionerJob database.ProvisionerJob) codersdk.Provi
 		return codersdk.ProvisionerJobRunning
 	}
 }
+
+func User(user database.User, organizationIDs []uuid.UUID) codersdk.User {
+	convertedUser := codersdk.User{
+		ID:              user.ID,
+		Email:           user.Email,
+		CreatedAt:       user.CreatedAt,
+		LastSeenAt:      user.LastSeenAt,
+		Username:        user.Username,
+		Status:          codersdk.UserStatus(user.Status),
+		OrganizationIDs: organizationIDs,
+		Roles:           make([]codersdk.Role, 0, len(user.RBACRoles)),
+		AvatarURL:       user.AvatarURL.String,
+	}
+
+	for _, roleName := range user.RBACRoles {
+		rbacRole, _ := rbac.RoleByName(roleName)
+		convertedUser.Roles = append(convertedUser.Roles, Role(rbacRole))
+	}
+
+	return convertedUser
+}
+
+func Role(role rbac.Role) codersdk.Role {
+	return codersdk.Role{
+		DisplayName: role.DisplayName,
+		Name:        role.Name,
+	}
+}
@@ -8,6 +8,7 @@ import (
 
 	"golang.org/x/xerrors"
 
+	"github.com/coder/coder/coderd/database/db2sdk"
 	"github.com/coder/coder/coderd/rbac"
 
 	"github.com/coder/coder/coderd/database"
@@ -104,7 +105,7 @@ func convertOrganizationMember(mem database.OrganizationMember) codersdk.Organiz
 
 	for _, roleName := range mem.Roles {
 		rbacRole, _ := rbac.RoleByName(roleName)
-		convertedMember.Roles = append(convertedMember.Roles, convertRole(rbacRole))
+		convertedMember.Roles = append(convertedMember.Roles, db2sdk.Role(rbacRole))
 	}
 	return convertedMember
 }
@@ -55,13 +55,6 @@ func (api *API) assignableOrgRoles(rw http.ResponseWriter, r *http.Request) {
 	httpapi.Write(ctx, rw, http.StatusOK, assignableRoles(actorRoles.Actor.Roles, roles))
 }
 
-func convertRole(role rbac.Role) codersdk.Role {
-	return codersdk.Role{
-		DisplayName: role.DisplayName,
-		Name:        role.Name,
-	}
-}
-
 func assignableRoles(actorRoles rbac.ExpandableRoles, roles []rbac.Role) []codersdk.AssignableRoles {
 	assignable := make([]codersdk.AssignableRoles, 0)
 	for _, role := range roles {
 
@@ -14,6 +14,7 @@ import (
 
 	"github.com/coder/coder/coderd/audit"
 	"github.com/coder/coder/coderd/database"
+	"github.com/coder/coder/coderd/database/db2sdk"
 	"github.com/coder/coder/coderd/database/dbauthz"
 	"github.com/coder/coder/coderd/gitsshkey"
 	"github.com/coder/coder/coderd/httpapi"
@@ -401,7 +402,7 @@ func (api *API) postUser(rw http.ResponseWriter, r *http.Request) {
 		Users: []telemetry.User{telemetry.ConvertUser(user)},
 	})
 
-	httpapi.Write(ctx, rw, http.StatusCreated, convertUser(user, []uuid.UUID{req.OrganizationID}))
+	httpapi.Write(ctx, rw, http.StatusCreated, db2sdk.User(user, []uuid.UUID{req.OrganizationID}))
 }
 
 // @Summary Delete user
@@ -495,7 +496,7 @@ func (api *API) userByName(rw http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	httpapi.Write(ctx, rw, http.StatusOK, convertUser(user, organizationIDs))
+	httpapi.Write(ctx, rw, http.StatusOK, db2sdk.User(user, organizationIDs))
 }
 
 // @Summary Update user profile
@@ -580,7 +581,7 @@ func (api *API) putUserProfile(rw http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	httpapi.Write(ctx, rw, http.StatusOK, convertUser(updatedUserProfile, organizationIDs))
+	httpapi.Write(ctx, rw, http.StatusOK, db2sdk.User(updatedUserProfile, organizationIDs))
 }
 
 // @Summary Suspend user account
@@ -667,7 +668,7 @@ func (api *API) putUserStatus(status database.UserStatus) func(rw http.ResponseW
 			return
 		}
 
-		httpapi.Write(ctx, rw, http.StatusOK, convertUser(suspendedUser, organizations))
+		httpapi.Write(ctx, rw, http.StatusOK, db2sdk.User(suspendedUser, organizations))
 	}
 }
 
@@ -892,7 +893,7 @@ func (api *API) putUserRoles(rw http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	httpapi.Write(ctx, rw, http.StatusOK, convertUser(updatedUser, organizationIDs))
+	httpapi.Write(ctx, rw, http.StatusOK, db2sdk.User(updatedUser, organizationIDs))
 }
 
 // updateSiteUserRoles will ensure only site wide roles are passed in as arguments.
@@ -1087,32 +1088,11 @@ func (api *API) CreateUser(ctx context.Context, store database.Store, req Create
 	}, nil)
 }
 
-func convertUser(user database.User, organizationIDs []uuid.UUID) codersdk.User {
-	convertedUser := codersdk.User{
-		ID:              user.ID,
-		Email:           user.Email,
-		CreatedAt:       user.CreatedAt,
-		LastSeenAt:      user.LastSeenAt,
-		Username:        user.Username,
-		Status:          codersdk.UserStatus(user.Status),
-		OrganizationIDs: organizationIDs,
-		Roles:           make([]codersdk.Role, 0, len(user.RBACRoles)),
-		AvatarURL:       user.AvatarURL.String,
-	}
-
-	for _, roleName := range user.RBACRoles {
-		rbacRole, _ := rbac.RoleByName(roleName)
-		convertedUser.Roles = append(convertedUser.Roles, convertRole(rbacRole))
-	}
-
-	return convertedUser
-}
-
 func convertUsers(users []database.User, organizationIDsByUserID map[uuid.UUID][]uuid.UUID) []codersdk.User {
 	converted := make([]codersdk.User, 0, len(users))
 	for _, u := range users {
 		userOrganizationIDs := organizationIDsByUserID[u.ID]
-		converted = append(converted, convertUser(u, userOrganizationIDs))
+		converted = append(converted, db2sdk.User(u, userOrganizationIDs))
 	}
 	return converted
 }
 
@@ -30,31 +30,6 @@ func TestRandError(t *testing.T) {
 		require.ErrorIs(t, err, io.ErrShortBuffer, "expected Int63 error")
 	})
 
-	t.Run("Uint64", func(t *testing.T) {
-		_, err := cryptorand.Uint64()
-		require.ErrorIs(t, err, io.ErrShortBuffer, "expected Uint64 error")
-	})
-
-	t.Run("Int31", func(t *testing.T) {
-		_, err := cryptorand.Int31()
-		require.ErrorIs(t, err, io.ErrShortBuffer, "expected Int31 error")
-	})
-
-	t.Run("Int31n", func(t *testing.T) {
-		_, err := cryptorand.Int31n(100)
-		require.ErrorIs(t, err, io.ErrShortBuffer, "expected Int31n error")
-	})
-
-	t.Run("Uint32", func(t *testing.T) {
-		_, err := cryptorand.Uint32()
-		require.ErrorIs(t, err, io.ErrShortBuffer, "expected Uint32 error")
-	})
-
-	t.Run("Int", func(t *testing.T) {
-		_, err := cryptorand.Int()
-		require.ErrorIs(t, err, io.ErrShortBuffer, "expected Int error")
-	})
-
 	t.Run("Intn_32bit", func(t *testing.T) {
 		_, err := cryptorand.Intn(100)
 		require.ErrorIs(t, err, io.ErrShortBuffer, "expected Intn error")
@@ -70,11 +45,6 @@ func TestRandError(t *testing.T) {
 		require.ErrorIs(t, err, io.ErrShortBuffer, "expected Float64 error")
 	})
 
-	t.Run("Float32", func(t *testing.T) {
-		_, err := cryptorand.Float32()
-		require.ErrorIs(t, err, io.ErrShortBuffer, "expected Float32 error")
-	})
-
 	t.Run("StringCharset", func(t *testing.T) {
 		_, err := cryptorand.HexString(10)
 		require.ErrorIs(t, err, io.ErrShortBuffer, "expected HexString error")
Original file line number	Diff line number	Diff line change
`@@ -17,6 +17,7 @@ import (`
`17`	`17`	`"cdr.dev/slog"`
`18`	`18`	`"github.com/coder/coder/coderd/audit"`
`19`	`19`	`"github.com/coder/coder/coderd/database"`
	`20`	`+ "github.com/coder/coder/coderd/database/db2sdk"`
`20`	`21`	`"github.com/coder/coder/coderd/httpapi"`
`21`	`22`	`"github.com/coder/coder/coderd/httpmw"`
`22`	`23`	`"github.com/coder/coder/coderd/rbac"`
`@@ -193,7 +194,7 @@ func (api *API) convertAuditLog(ctx context.Context, dblog database.GetAuditLogs`
`193`	`194`
`194`	`195`	`for _, roleName := range dblog.UserRoles {`
`195`	`196`	`rbacRole, _ := rbac.RoleByName(roleName)`
`196`		`- user.Roles = append(user.Roles, convertRole(rbacRole))`
	`197`	`+ user.Roles = append(user.Roles, db2sdk.Role(rbacRole))`
`197`	`198`	`}`
`198`	`199`	`}`
`199`	`200`
Original file line number	Diff line number	Diff line change
`@@ -8,6 +8,7 @@ import (`
`8`	`8`
`9`	`9`	`"golang.org/x/xerrors"`
`10`	`10`
	`11`	`+ "github.com/coder/coder/coderd/database/db2sdk"`
`11`	`12`	`"github.com/coder/coder/coderd/rbac"`
`12`	`13`
`13`	`14`	`"github.com/coder/coder/coderd/database"`
`@@ -104,7 +105,7 @@ func convertOrganizationMember(mem database.OrganizationMember) codersdk.Organiz`
`104`	`105`
`105`	`106`	`for _, roleName := range mem.Roles {`
`106`	`107`	`rbacRole, _ := rbac.RoleByName(roleName)`
`107`		`- convertedMember.Roles = append(convertedMember.Roles, convertRole(rbacRole))`
	`108`	`+ convertedMember.Roles = append(convertedMember.Roles, db2sdk.Role(rbacRole))`
`108`	`109`	`}`
`109`	`110`	`return convertedMember`
`110`	`111`	`}`
Original file line number	Diff line number	Diff line change
`@@ -14,6 +14,7 @@ import (`
`14`	`14`
`15`	`15`	`"github.com/coder/coder/coderd/audit"`
`16`	`16`	`"github.com/coder/coder/coderd/database"`
	`17`	`+ "github.com/coder/coder/coderd/database/db2sdk"`
`17`	`18`	`"github.com/coder/coder/coderd/database/dbauthz"`
`18`	`19`	`"github.com/coder/coder/coderd/gitsshkey"`
`19`	`20`	`"github.com/coder/coder/coderd/httpapi"`
`@@ -401,7 +402,7 @@ func (api API) postUser(rw http.ResponseWriter, r http.Request) {`
`401`	`402`	`Users: []telemetry.User{telemetry.ConvertUser(user)},`
`402`	`403`	`})`
`403`	`404`
`404`		`- httpapi.Write(ctx, rw, http.StatusCreated, convertUser(user, []uuid.UUID{req.OrganizationID}))`
	`405`	`+ httpapi.Write(ctx, rw, http.StatusCreated, db2sdk.User(user, []uuid.UUID{req.OrganizationID}))`
`405`	`406`	`}`
`406`	`407`
`407`	`408`	`// @Summary Delete user`
`@@ -495,7 +496,7 @@ func (api API) userByName(rw http.ResponseWriter, r http.Request) {`
`495`	`496`	`return`
`496`	`497`	`}`
`497`	`498`
`498`		`- httpapi.Write(ctx, rw, http.StatusOK, convertUser(user, organizationIDs))`
	`499`	`+ httpapi.Write(ctx, rw, http.StatusOK, db2sdk.User(user, organizationIDs))`
`499`	`500`	`}`
`500`	`501`
`501`	`502`	`// @Summary Update user profile`
`@@ -580,7 +581,7 @@ func (api API) putUserProfile(rw http.ResponseWriter, r http.Request) {`
`580`	`581`	`return`
`581`	`582`	`}`
`582`	`583`
`583`		`- httpapi.Write(ctx, rw, http.StatusOK, convertUser(updatedUserProfile, organizationIDs))`
	`584`	`+ httpapi.Write(ctx, rw, http.StatusOK, db2sdk.User(updatedUserProfile, organizationIDs))`
`584`	`585`	`}`
`585`	`586`
`586`	`587`	`// @Summary Suspend user account`
`@@ -667,7 +668,7 @@ func (api *API) putUserStatus(status database.UserStatus) func(rw http.ResponseW`
`667`	`668`	`return`
`668`	`669`	`}`
`669`	`670`
`670`		`- httpapi.Write(ctx, rw, http.StatusOK, convertUser(suspendedUser, organizations))`
	`671`	`+ httpapi.Write(ctx, rw, http.StatusOK, db2sdk.User(suspendedUser, organizations))`
`671`	`672`	`}`
`672`	`673`	`}`
`673`	`674`
`@@ -892,7 +893,7 @@ func (api API) putUserRoles(rw http.ResponseWriter, r http.Request) {`
`892`	`893`	`return`
`893`	`894`	`}`
`894`	`895`
`895`		`- httpapi.Write(ctx, rw, http.StatusOK, convertUser(updatedUser, organizationIDs))`
	`896`	`+ httpapi.Write(ctx, rw, http.StatusOK, db2sdk.User(updatedUser, organizationIDs))`
`896`	`897`	`}`
`897`	`898`
`898`	`899`	`// updateSiteUserRoles will ensure only site wide roles are passed in as arguments.`
`@@ -1087,32 +1088,11 @@ func (api *API) CreateUser(ctx context.Context, store database.Store, req Create`
`1087`	`1088`	`}, nil)`
`1088`	`1089`	`}`
`1089`	`1090`
`1090`		`-func convertUser(user database.User, organizationIDs []uuid.UUID) codersdk.User {`
`1091`		`- convertedUser := codersdk.User{`
`1092`		`- ID: user.ID,`
`1093`		`- Email: user.Email,`
`1094`		`- CreatedAt: user.CreatedAt,`
`1095`		`- LastSeenAt: user.LastSeenAt,`
`1096`		`- Username: user.Username,`
`1097`		`- Status: codersdk.UserStatus(user.Status),`
`1098`		`- OrganizationIDs: organizationIDs,`
`1099`		`- Roles: make([]codersdk.Role, 0, len(user.RBACRoles)),`
`1100`		`- AvatarURL: user.AvatarURL.String,`
`1101`		`- }`
`1102`		`-`
`1103`		`- for _, roleName := range user.RBACRoles {`
`1104`		`- rbacRole, _ := rbac.RoleByName(roleName)`
`1105`		`- convertedUser.Roles = append(convertedUser.Roles, convertRole(rbacRole))`
`1106`		`- }`
`1107`		`-`
`1108`		`- return convertedUser`
`1109`		`-}`
`1110`		`-`
`1111`	`1091`	`func convertUsers(users []database.User, organizationIDsByUserID map[uuid.UUID][]uuid.UUID) []codersdk.User {`
`1112`	`1092`	`converted := make([]codersdk.User, 0, len(users))`
`1113`	`1093`	`for _, u := range users {`
`1114`	`1094`	`userOrganizationIDs := organizationIDsByUserID[u.ID]`
`1115`		`- converted = append(converted, convertUser(u, userOrganizationIDs))`
	`1095`	`+ converted = append(converted, db2sdk.User(u, userOrganizationIDs))`
`1116`	`1096`	`}`
`1117`	`1097`	`return converted`
`1118`	`1098`	`}`