some recursion fixes, fix GetTemplateVersionByJobID when template does not exist

johnstcn · johnstcn · commit 6761671c11ee · 2023-01-26T17:30:54.000Z
diff --git a/coderd/authzquery/parameters.go b/coderd/authzquery/parameters.go
@@ -124,7 +124,7 @@ func (q *AuthzQuerier) GetParameterSchemasByJobID(ctx context.Context, jobID uui
 	if err != nil {
 		return nil, err
 	}
-	return q.GetParameterSchemasByJobID(ctx, jobID)
+	return q.database.GetParameterSchemasByJobID(ctx, jobID)
 }
 
 func (q *AuthzQuerier) GetParameterValueByScopeAndName(ctx context.Context, arg database.GetParameterValueByScopeAndNameParams) (database.ParameterValue, error) {
diff --git a/coderd/authzquery/template.go b/coderd/authzquery/template.go
@@ -58,7 +58,8 @@ func (q *AuthzQuerier) GetTemplateVersionByID(ctx context.Context, tvid uuid.UUI
 	// An actor can read the template version if they can read the related template.
 	fetchRelated := func(tv database.TemplateVersion, _ uuid.UUID) (rbac.Objecter, error) {
 		if !tv.TemplateID.Valid {
-			// If no linked template exists, check if the actor can read a template in the organization.
+			// If no linked template exists, check if the actor can read a template
+			// in the organization.
 			return rbac.ResourceTemplate.InOrg(tv.OrganizationID), nil
 		}
 		return q.database.GetTemplateByID(ctx, tv.TemplateID.UUID)
@@ -73,7 +74,12 @@ func (q *AuthzQuerier) GetTemplateVersionByID(ctx context.Context, tvid uuid.UUI
 
 func (q *AuthzQuerier) GetTemplateVersionByJobID(ctx context.Context, jobID uuid.UUID) (database.TemplateVersion, error) {
 	// An actor can read the template version if they can read the related template.
-	fetchRelated := func(tv database.TemplateVersion, _ uuid.UUID) (database.Template, error) {
+	fetchRelated := func(tv database.TemplateVersion, _ uuid.UUID) (rbac.Objecter, error) {
+		if !tv.TemplateID.Valid {
+			// If no linked template exists, check if the actor can read a
+			// template in the organization.
+			return rbac.ResourceTemplate.InOrg(tv.OrganizationID), nil
+		}
 		return q.database.GetTemplateByID(ctx, tv.TemplateID.UUID)
 	}
 	return authorizedQueryWithRelated(
diff --git a/coderd/authzquery/workspace.go b/coderd/authzquery/workspace.go
@@ -402,7 +402,7 @@ func (q *AuthzQuerier) UpdateWorkspaceBuildByID(ctx context.Context, arg databas
 		return database.WorkspaceBuild{}, err
 	}
 
-	return q.UpdateWorkspaceBuildByID(ctx, arg)
+	return q.database.UpdateWorkspaceBuildByID(ctx, arg)
 }
 
 func (q *AuthzQuerier) SoftDeleteWorkspaceByID(ctx context.Context, id uuid.UUID) error {

Original file line number	Diff line number	Diff line change
`@@ -124,7 +124,7 @@ func (q *AuthzQuerier) GetParameterSchemasByJobID(ctx context.Context, jobID uui`
`124`	`124`	`if err != nil {`
`125`	`125`	`return nil, err`
`126`	`126`	`}`
`127`		`- return q.GetParameterSchemasByJobID(ctx, jobID)`
	`127`	`+ return q.database.GetParameterSchemasByJobID(ctx, jobID)`
`128`	`128`	`}`
`129`	`129`
`130`	`130`	`func (q *AuthzQuerier) GetParameterValueByScopeAndName(ctx context.Context, arg database.GetParameterValueByScopeAndNameParams) (database.ParameterValue, error) {`
Original file line number	Diff line number	Diff line change
`@@ -402,7 +402,7 @@ func (q *AuthzQuerier) UpdateWorkspaceBuildByID(ctx context.Context, arg databas`
`402`	`402`	`return database.WorkspaceBuild{}, err`
`403`	`403`	`}`
`404`	`404`
`405`		`- return q.UpdateWorkspaceBuildByID(ctx, arg)`
	`405`	`+ return q.database.UpdateWorkspaceBuildByID(ctx, arg)`
`406`	`406`	`}`
`407`	`407`
`408`	`408`	`func (q *AuthzQuerier) SoftDeleteWorkspaceByID(ctx context.Context, id uuid.UUID) error {`