Use rbac.object directly

Emyrk · Emyrk · commit b831260332af · 2022-05-03T12:02:34.000-05:00
diff --git a/coderd/httpmw/authorize.go b/coderd/httpmw/authorize.go
@@ -13,23 +13,15 @@ import (
 	"github.com/coder/coder/coderd/rbac"
 )
 
-// AuthObject wraps the rbac object type for middleware to customize this value
-// before being passed to Authorize().
-type AuthObject struct {
-	// Object is that base static object the above functions can modify.
-	Object rbac.Object
-}
-
 // Authorize will enforce if the user roles can complete the action on the AuthObject.
 // The organization and owner are found using the ExtractOrganization and
 // ExtractUser middleware if present.
 func Authorize(logger slog.Logger, auth *rbac.RegoAuthorizer, action rbac.Action) func(http.Handler) http.Handler {
 	return func(next http.Handler) http.Handler {
 		return http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
 			roles := UserRoles(r)
-			args := GetAuthObject(r)
+			object := authObject(r)
 
-			object := args.Object
 			if object.Type == "" {
 				panic("developer error: auth object has no type")
 			}
@@ -80,8 +72,8 @@ func Authorize(logger slog.Logger, auth *rbac.RegoAuthorizer, action rbac.Action
 type authObjectKey struct{}
 
 // APIKey returns the API key from the ExtractAPIKey handler.
-func GetAuthObject(r *http.Request) AuthObject {
-	obj, ok := r.Context().Value(authObjectKey{}).(AuthObject)
+func authObject(r *http.Request) rbac.Object {
+	obj, ok := r.Context().Value(authObjectKey{}).(rbac.Object)
 	if !ok {
 		panic("developer error: auth object middleware not provided")
 	}
@@ -93,10 +85,7 @@ func GetAuthObject(r *http.Request) AuthObject {
 func WithRBACObject(object rbac.Object) func(http.Handler) http.Handler {
 	return func(next http.Handler) http.Handler {
 		return http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
-			ao := GetAuthObject(r)
-			ao.Object = object
-
-			ctx := context.WithValue(r.Context(), authObjectKey{}, ao)
+			ctx := context.WithValue(r.Context(), authObjectKey{}, object)
 			next.ServeHTTP(rw, r.WithContext(ctx))
 		})
 	}
diff --git a/coderd/roles_test.go b/coderd/roles_test.go
@@ -39,7 +39,7 @@ func TestListRoles(t *testing.T) {
 			Roles: []string{rbac.RoleOrgMember(admin.OrganizationID), rbac.RoleOrgAdmin(admin.OrganizationID)},
 		},
 	)
-	require.NoError(t, err)
+	require.NoError(t, err, "update org member roles")
 
 	testCases := []struct {
 		Name          string

Original file line number	Diff line number	Diff line change
`@@ -39,7 +39,7 @@ func TestListRoles(t *testing.T) {`
`39`	`39`	`Roles: []string{rbac.RoleOrgMember(admin.OrganizationID), rbac.RoleOrgAdmin(admin.OrganizationID)},`
`40`	`40`	`},`
`41`	`41`	`)`
`42`		`- require.NoError(t, err)`
	`42`	`+ require.NoError(t, err, "update org member roles")`
`43`	`43`
`44`	`44`	`testCases := []struct {`
`45`	`45`	`Name string`