coder
diff --git a/‎site/src/api/api.ts
Lines changed: 3 additions & 13 deletions b/‎site/src/api/api.ts
Lines changed: 3 additions & 13 deletions
diff --git a/‎site/src/api/queries/authCheck.ts
Lines changed: 14 additions & 0 deletions b/‎site/src/api/queries/authCheck.ts
Lines changed: 14 additions & 0 deletions
diff --git a/‎site/src/api/queries/users.ts
Lines changed: 78 additions & 0 deletions b/‎site/src/api/queries/users.ts
Lines changed: 78 additions & 0 deletions
diff --git a/‎site/src/components/AuthProvider/AuthProvider.tsx
Lines changed: 114 additions & 17 deletions b/‎site/src/components/AuthProvider/AuthProvider.tsx
Lines changed: 114 additions & 17 deletions
diff --git a/‎site/src/components/AuthProvider/permissions.tsx
Lines changed: 98 additions & 0 deletions b/‎site/src/components/AuthProvider/permissions.tsx
Lines changed: 98 additions & 0 deletions
@@ -120,19 +120,9 @@ export const logout = async (): Promise<void> => {
   await axios.post("/api/v2/users/logout");
 };
 
-export const getAuthenticatedUser = async (): Promise<
-  TypesGen.User | undefined
-> => {
-  try {
-    const response = await axios.get<TypesGen.User>("/api/v2/users/me");
-    return response.data;
-  } catch (error) {
-    if (axios.isAxiosError(error) && error.response?.status === 401) {
-      return undefined;
-    }
-
-    throw error;
-  }
+export const getAuthenticatedUser = async () => {
+  const response = await axios.get<TypesGen.User>("/api/v2/users/me");
+  return response.data;
 };
 
 export const getAuthMethods = async (): Promise<TypesGen.AuthMethods> => {
 
@@ -0,0 +1,14 @@
+import { AuthorizationRequest } from "api/typesGenerated";
+import * as API from "api/api";
+
+export const AUTHORIZATION_KEY = "authorization";
+
+export const getAuthorizationKey = (req: AuthorizationRequest) =>
+  [AUTHORIZATION_KEY, req] as const;
+
+export const checkAuthorization = (req: AuthorizationRequest) => {
+  return {
+    queryKey: getAuthorizationKey(req),
+    queryFn: () => API.checkAuthorization(req),
+  };
+};
@@ -1,10 +1,15 @@
 import { QueryClient, QueryOptions } from "react-query";
 import * as API from "api/api";
 import {
+  AuthorizationRequest,
   GetUsersResponse,
   UpdateUserPasswordRequest,
+  UpdateUserProfileRequest,
+  User,
   UsersRequest,
 } from "api/typesGenerated";
+import { getMetadataAsJSON } from "utils/metadata";
+import { getAuthorizationKey } from "./authCheck";
 
 export const users = (req: UsersRequest): QueryOptions<GetUsersResponse> => {
   return {
@@ -83,3 +88,76 @@ export const authMethods = () => {
     queryFn: API.getAuthMethods,
   };
 };
+
+export const me = () => {
+  return {
+    queryKey: ["me"],
+    queryFn: async () =>
+      getMetadataAsJSON<User>("user") ?? API.getAuthenticatedUser(),
+  };
+};
+
+export const hasFirstUser = () => {
+  return {
+    queryKey: ["hasFirstUser"],
+    queryFn: API.hasFirstUser,
+  };
+};
+
+export const login = (
+  authorization: AuthorizationRequest,
+  queryClient: QueryClient,
+) => {
+  return {
+    mutationFn: async (credentials: { email: string; password: string }) =>
+      loginFn({ ...credentials, authorization }),
+    onSuccess: async (data: Awaited<ReturnType<typeof loginFn>>) => {
+      queryClient.setQueryData(["me"], data.user);
+      queryClient.setQueryData(
+        getAuthorizationKey(authorization),
+        data.permissions,
+      );
+    },
+  };
+};
+
+const loginFn = async ({
+  email,
+  password,
+  authorization,
+}: {
+  email: string;
+  password: string;
+  authorization: AuthorizationRequest;
+}) => {
+  await API.login(email, password);
+  const [user, permissions] = await Promise.all([
+    API.getAuthenticatedUser(),
+    API.checkAuthorization(authorization),
+  ]);
+  return {
+    user,
+    permissions,
+  };
+};
+
+export const logout = (queryClient: QueryClient) => {
+  return {
+    mutationFn: API.logout,
+    onSuccess: () => {
+      queryClient.removeQueries();
+    },
+  };
+};
+
+export const updateProfile = () => {
+  return {
+    mutationFn: ({
+      userId,
+      req,
+    }: {
+      userId: string;
+      req: UpdateUserProfileRequest;
+    }) => API.updateProfile(userId, req),
+  };
+};
@@ -1,36 +1,133 @@
-import { useActor, useInterpret } from "@xstate/react";
-import { createContext, FC, PropsWithChildren, useContext } from "react";
-import { authMachine } from "xServices/auth/authXService";
-import { ActorRefFrom } from "xstate";
+import { checkAuthorization } from "api/queries/authCheck";
+import {
+  authMethods,
+  hasFirstUser,
+  login,
+  logout,
+  me,
+  updateProfile as updateProfileOptions,
+} from "api/queries/users";
+import {
+  AuthMethods,
+  UpdateUserProfileRequest,
+  User,
+} from "api/typesGenerated";
+import {
+  createContext,
+  FC,
+  PropsWithChildren,
+  useCallback,
+  useContext,
+} from "react";
+import { useMutation, useQuery, useQueryClient } from "react-query";
+import { permissionsToCheck, Permissions } from "./permissions";
+import { displaySuccess } from "components/GlobalSnackbar/utils";
+import { FullScreenLoader } from "components/Loader/FullScreenLoader";
+import { isApiError } from "api/errors";
 
-interface AuthContextValue {
-  authService: ActorRefFrom<typeof authMachine>;
-}
+type AuthContextValue = {
+  isSignedOut: boolean;
+  isSigningOut: boolean;
+  isConfiguringTheFirstUser: boolean;
+  isSignedIn: boolean;
+  isSigningIn: boolean;
+  isUpdatingProfile: boolean;
+  user: User | undefined;
+  permissions: Permissions | undefined;
+  authMethods: AuthMethods | undefined;
+  signInError: unknown;
+  updateProfileError: unknown;
+  signOut: () => void;
+  signIn: (email: string, password: string) => Promise<void>;
+  updateProfile: (data: UpdateUserProfileRequest) => void;
+};
 
 const AuthContext = createContext<AuthContextValue | undefined>(undefined);
 
 export const AuthProvider: FC<PropsWithChildren> = ({ children }) => {
-  const authService = useInterpret(authMachine);
+  const meOptions = me();
+  const userQuery = useQuery(meOptions);
+  const authMethodsQuery = useQuery(authMethods());
+  const hasFirstUserQuery = useQuery(hasFirstUser());
+  const permissionsQuery = useQuery({
+    ...checkAuthorization({ checks: permissionsToCheck }),
+    enabled: userQuery.data !== undefined,
+  });
+
+  const queryClient = useQueryClient();
+  const loginMutation = useMutation(
+    login({ checks: permissionsToCheck }, queryClient),
+  );
+  const logoutMutation = useMutation(logout(queryClient));
+  const updateProfileMutation = useMutation({
+    ...updateProfileOptions(),
+    onSuccess: (user) => {
+      queryClient.setQueryData(meOptions.queryKey, user);
+      displaySuccess("Updated settings.");
+    },
+  });
+
+  const isSignedOut =
+    userQuery.isError &&
+    isApiError(userQuery.error) &&
+    userQuery.error.response.status === 401;
+  const isSigningOut = logoutMutation.isLoading;
+  const isLoading =
+    authMethodsQuery.isLoading ||
+    userQuery.isLoading ||
+    hasFirstUserQuery.isLoading ||
+    (userQuery.isSuccess && permissionsQuery.isLoading);
+  const isConfiguringTheFirstUser = !hasFirstUserQuery.data;
+  const isSignedIn = userQuery.isSuccess && userQuery.data !== undefined;
+  const isSigningIn = loginMutation.isLoading;
+  const isUpdatingProfile = updateProfileMutation.isLoading;
+
+  const signOut = useCallback(() => {
+    logoutMutation.mutate();
+  }, [logoutMutation]);
+
+  const signIn = async (email: string, password: string) => {
+    await loginMutation.mutateAsync({ email, password });
+  };
+
+  const updateProfile = (req: UpdateUserProfileRequest) => {
+    updateProfileMutation.mutate({ userId: userQuery.data!.id, req });
+  };
+
+  if (isLoading) {
+    return <FullScreenLoader />;
+  }
 
   return (
-    <AuthContext.Provider value={{ authService }}>
+    <AuthContext.Provider
+      value={{
+        isSignedOut,
+        isSigningOut,
+        isConfiguringTheFirstUser,
+        isSignedIn,
+        isSigningIn,
+        isUpdatingProfile,
+        signOut,
+        signIn,
+        updateProfile,
+        user: userQuery.data,
+        permissions: permissionsQuery.data as Permissions | undefined,
+        authMethods: authMethodsQuery.data,
+        signInError: loginMutation.error,
+        updateProfileError: updateProfileMutation.error,
+      }}
+    >
       {children}
     </AuthContext.Provider>
   );
 };
 
-type UseAuthReturnType = ReturnType<
-  typeof useActor<AuthContextValue["authService"]>
->;
-
-export const useAuth = (): UseAuthReturnType => {
+export const useAuth = () => {
   const context = useContext(AuthContext);
 
   if (!context) {
     throw new Error("useAuth should be used inside of <AuthProvider />");
   }
 
-  const auth = useActor(context.authService);
-
-  return auth;
+  return context;
 };
@@ -0,0 +1,98 @@
+export const checks = {
+  readAllUsers: "readAllUsers",
+  updateUsers: "updateUsers",
+  createUser: "createUser",
+  createTemplates: "createTemplates",
+  updateTemplates: "updateTemplates",
+  deleteTemplates: "deleteTemplates",
+  viewAuditLog: "viewAuditLog",
+  viewDeploymentValues: "viewDeploymentValues",
+  createGroup: "createGroup",
+  viewUpdateCheck: "viewUpdateCheck",
+  viewExternalAuthConfig: "viewExternalAuthConfig",
+  viewDeploymentStats: "viewDeploymentStats",
+  editWorkspaceProxies: "editWorkspaceProxies",
+} as const;
+
+export const permissionsToCheck = {
+  [checks.readAllUsers]: {
+    object: {
+      resource_type: "user",
+    },
+    action: "read",
+  },
+  [checks.updateUsers]: {
+    object: {
+      resource_type: "user",
+    },
+    action: "update",
+  },
+  [checks.createUser]: {
+    object: {
+      resource_type: "user",
+    },
+    action: "create",
+  },
+  [checks.createTemplates]: {
+    object: {
+      resource_type: "template",
+    },
+    action: "update",
+  },
+  [checks.updateTemplates]: {
+    object: {
+      resource_type: "template",
+    },
+    action: "update",
+  },
+  [checks.deleteTemplates]: {
+    object: {
+      resource_type: "template",
+    },
+    action: "delete",
+  },
+  [checks.viewAuditLog]: {
+    object: {
+      resource_type: "audit_log",
+    },
+    action: "read",
+  },
+  [checks.viewDeploymentValues]: {
+    object: {
+      resource_type: "deployment_config",
+    },
+    action: "read",
+  },
+  [checks.createGroup]: {
+    object: {
+      resource_type: "group",
+    },
+    action: "create",
+  },
+  [checks.viewUpdateCheck]: {
+    object: {
+      resource_type: "deployment_config",
+    },
+    action: "read",
+  },
+  [checks.viewExternalAuthConfig]: {
+    object: {
+      resource_type: "deployment_config",
+    },
+    action: "read",
+  },
+  [checks.viewDeploymentStats]: {
+    object: {
+      resource_type: "deployment_stats",
+    },
+    action: "read",
+  },
+  [checks.editWorkspaceProxies]: {
+    object: {
+      resource_type: "workspace_proxy",
+    },
+    action: "create",
+  },
+} as const;
+
+export type Permissions = Record<keyof typeof permissionsToCheck, boolean>;