Skip to content

Commit ac55f48

Browse files
kylecarbskylecarbs
committed
Fix authorize test
1 parent d74457c commit ac55f48

File tree

2 files changed

+14
-7
lines changed

2 files changed

+14
-7
lines changed

coderd/coderdtest/authorize.go

+5-1
Original file line numberDiff line numberDiff line change
@@ -72,7 +72,7 @@ func AGPLRoutes(a *AuthTester) (map[string]string, map[string]RouteCheck) {
7272
"GET:/api/v2/workspaceagents/me/metadata": {NoAuthorize: true},
7373
"GET:/api/v2/workspaceagents/me/coordinate": {NoAuthorize: true},
7474
"POST:/api/v2/workspaceagents/me/startup": {NoAuthorize: true},
75-
"PATCH:/api/v2/workspaceagents/me/startup/logs": {NoAuthorize: true},
75+
"PATCH:/api/v2/workspaceagents/me/startup-logs": {NoAuthorize: true},
7676
"POST:/api/v2/workspaceagents/me/app-health": {NoAuthorize: true},
7777
"POST:/api/v2/workspaceagents/me/report-stats": {NoAuthorize: true},
7878
"POST:/api/v2/workspaceagents/me/report-lifecycle": {NoAuthorize: true},
@@ -142,6 +142,10 @@ func AGPLRoutes(a *AuthTester) (map[string]string, map[string]RouteCheck) {
142142
AssertAction: rbac.ActionRead,
143143
AssertObject: workspaceRBACObj,
144144
},
145+
"GET:/api/v2/workspaceagents/{workspaceagent}/startup-logs": {
146+
AssertAction: rbac.ActionRead,
147+
AssertObject: workspaceRBACObj,
148+
},
145149
"GET:/api/v2/workspaceagents/{workspaceagent}/pty": {
146150
AssertAction: rbac.ActionCreate,
147151
AssertObject: workspaceExecObj,

coderd/workspaceagents.go

+9-6
Original file line numberDiff line numberDiff line change
@@ -223,14 +223,14 @@ func (api *API) postWorkspaceAgentStartup(rw http.ResponseWriter, r *http.Reques
223223
httpapi.Write(ctx, rw, http.StatusOK, nil)
224224
}
225225

226-
// @Summary Submit most recent workspace agent startup logs
227-
// @ID insert-update-startup-script-logs
226+
// @Summary Patch workspace agent startup logs
227+
// @ID patch-workspace-agent-startup-logs
228228
// @Security CoderSessionToken
229229
// @Accept json
230230
// @Produce json
231231
// @Tags Agents
232232
// @Param request body agentsdk.PatchStartupLogs true "Startup logs"
233-
// @Success 200
233+
// @Success 200 {object} codersdk.Response
234234
// @Router /workspaceagents/me/startup-logs [patch]
235235
// @x-apidocgen {"skip": true}
236236
func (api *API) patchWorkspaceAgentStartupLogs(rw http.ResponseWriter, r *http.Request) {
@@ -337,25 +337,28 @@ func (api *API) patchWorkspaceAgentStartupLogs(rw http.ResponseWriter, r *http.R
337337
// @Summary Get startup logs by workspace agent
338338
// @ID get-startup-logs-by-workspace-agent
339339
// @Security CoderSessionToken
340-
// @Accept json
341340
// @Produce json
342341
// @Tags Agents
343342
// @Param workspaceagent path string true "Workspace agent ID" format(uuid)
344343
// @Param before query int false "Before log id"
345344
// @Param after query int false "After log id"
346345
// @Param follow query bool false "Follow log stream"
347-
// @Success 200
346+
// @Success 200 {array} codersdk.WorkspaceAgentStartupLog
348347
// @Router /workspaceagents/{workspaceagent}/startup-logs [get]
349-
// @x-apidocgen {"skip": true}
350348
func (api *API) workspaceAgentStartupLogs(rw http.ResponseWriter, r *http.Request) {
351349
// This mostly copies how provisioner job logs are streamed!
352350
var (
353351
ctx = r.Context()
354352
workspaceAgent = httpmw.WorkspaceAgentParam(r)
353+
workspace = httpmw.WorkspaceParam(r)
355354
logger = api.Logger.With(slog.F("workspace_agent_id", workspaceAgent.ID))
356355
follow = r.URL.Query().Has("follow")
357356
afterRaw = r.URL.Query().Get("after")
358357
)
358+
if !api.Authorize(r, rbac.ActionRead, workspace) {
359+
httpapi.ResourceNotFound(rw)
360+
return
361+
}
359362

360363
var after int64
361364
// Only fetch logs created after the time provided.

0 commit comments

Comments
 (0)