Skip to content

Commit 7262bd8

Browse files
EmyrkEmyrk
committed
make gen
1 parent 6be67fc commit 7262bd8

File tree

9 files changed

+255
-141
lines changed

9 files changed

+255
-141
lines changed

coderd/apidoc/docs.go

Lines changed: 76 additions & 37 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/apidoc/swagger.json

Lines changed: 77 additions & 38 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/database/dbauthz/dbauthz.go

Lines changed: 23 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -681,6 +681,29 @@ func authorizedTemplateVersionFromJob(ctx context.Context, q *querier, job datab
681681
}
682682
}
683683

684+
func (q *querier) authorizeTemplateInsights(ctx context.Context, templateIDs []uuid.UUID) error {
685+
// Abort early if can read all template insights, aka admins.
686+
// TODO: If we know the org, that would allow org admins to abort early too.
687+
if err := q.authorizeContext(ctx, policy.ActionViewInsights, rbac.ResourceTemplate); err != nil {
688+
for _, templateID := range templateIDs {
689+
template, err := q.db.GetTemplateByID(ctx, templateID)
690+
if err != nil {
691+
return err
692+
}
693+
694+
if err := q.authorizeContext(ctx, policy.ActionViewInsights, template); err != nil {
695+
return err
696+
}
697+
}
698+
if len(templateIDs) == 0 {
699+
if err := q.authorizeContext(ctx, policy.ActionViewInsights, rbac.ResourceTemplate.All()); err != nil {
700+
return err
701+
}
702+
}
703+
}
704+
return nil
705+
}
706+
684707
func (q *querier) AcquireLock(ctx context.Context, id int64) error {
685708
return q.db.AcquireLock(ctx, id)
686709
}
@@ -1560,29 +1583,6 @@ func (q *querier) GetTemplateDAUs(ctx context.Context, arg database.GetTemplateD
15601583
return q.db.GetTemplateDAUs(ctx, arg)
15611584
}
15621585

1563-
func (q *querier) authorizeTemplateInsights(ctx context.Context, templateIDs []uuid.UUID) error {
1564-
// Abort early if can read all template insights, aka admins.
1565-
// TODO: If we know the org, that would allow org admins to abort early too.
1566-
if err := q.authorizeContext(ctx, policy.ActionViewInsights, rbac.ResourceTemplate); err != nil {
1567-
for _, templateID := range templateIDs {
1568-
template, err := q.db.GetTemplateByID(ctx, templateID)
1569-
if err != nil {
1570-
return err
1571-
}
1572-
1573-
if err := q.authorizeContext(ctx, policy.ActionViewInsights, template); err != nil {
1574-
return err
1575-
}
1576-
}
1577-
if len(templateIDs) == 0 {
1578-
if err := q.authorizeContext(ctx, policy.ActionViewInsights, rbac.ResourceTemplate.All()); err != nil {
1579-
return err
1580-
}
1581-
}
1582-
}
1583-
return nil
1584-
}
1585-
15861586
func (q *querier) GetTemplateInsights(ctx context.Context, arg database.GetTemplateInsightsParams) (database.GetTemplateInsightsRow, error) {
15871587
if err := q.authorizeTemplateInsights(ctx, arg.TemplateIDs); err != nil {
15881588
return database.GetTemplateInsightsRow{}, err

0 commit comments

Comments
 (0)