Remove excess diffs

Emyrk · Emyrk · commit bde8870a1b6a · 2023-04-25T09:49:03.000-05:00
diff --git a/coderd/authorize.go b/coderd/authorize.go
@@ -51,7 +51,7 @@ type HTTPAuthorizer struct {
 //		return
 //	}
 func (api *API) Authorize(r *http.Request, action rbac.Action, object rbac.Objecter) bool {
-	return api.HTTPAuth.Authorize(r, action, object, true)
+	return api.HTTPAuth.Authorize(r, action, object)
 }
 
 // Authorize will return false if the user is not authorized to do the action.
@@ -63,33 +63,27 @@ func (api *API) Authorize(r *http.Request, action rbac.Action, object rbac.Objec
 //		httpapi.Forbidden(rw)
 //		return
 //	}
-func (h *HTTPAuthorizer) Authorize(r *http.Request, action rbac.Action, object rbac.Objecter, logUnauthorized bool) bool {
+func (h *HTTPAuthorizer) Authorize(r *http.Request, action rbac.Action, object rbac.Objecter) bool {
 	roles := httpmw.UserAuthorization(r)
 	err := h.Authorizer.Authorize(r.Context(), roles.Actor, action, object.RBACObject())
 	if err != nil {
-		// Sometimes we do not want to log the unauthorized errors.
-		// Example: If an endpoint expects the normal case to return unauthorized
-		// to check a user is not an admin, we do not want to log that since it is
-		// the expected path.
-		if logUnauthorized {
-			// Log the errors for debugging
-			internalError := new(rbac.UnauthorizedError)
-			logger := h.Logger
-			if xerrors.As(err, internalError) {
-				logger = h.Logger.With(slog.F("internal", internalError.Internal()))
-			}
-			// Log information for debugging. This will be very helpful
-			// in the early days
-			logger.Warn(r.Context(), "unauthorized",
-				slog.F("roles", roles.Actor.SafeRoleNames()),
-				slog.F("actor_id", roles.Actor.ID),
-				slog.F("actor_name", roles.ActorName),
-				slog.F("scope", roles.Actor.SafeScopeName()),
-				slog.F("route", r.URL.Path),
-				slog.F("action", action),
-				slog.F("object", object),
-			)
+		// Log the errors for debugging
+		internalError := new(rbac.UnauthorizedError)
+		logger := h.Logger
+		if xerrors.As(err, internalError) {
+			logger = h.Logger.With(slog.F("internal", internalError.Internal()))
 		}
+		// Log information for debugging. This will be very helpful
+		// in the early days
+		logger.Warn(r.Context(), "unauthorized",
+			slog.F("roles", roles.Actor.SafeRoleNames()),
+			slog.F("actor_id", roles.Actor.ID),
+			slog.F("actor_name", roles.ActorName),
+			slog.F("scope", roles.Actor.SafeScopeName()),
+			slog.F("route", r.URL.Path),
+			slog.F("action", action),
+			slog.F("object", object),
+		)
 
 		return false
 	}
diff --git a/coderd/rbac/object.go b/coderd/rbac/object.go
@@ -36,13 +36,6 @@ var (
 		Type: "workspace_proxy",
 	}
 
-	// ResourceWorkspaceProxyMetaData is a special resource that is used to
-	// allow reading metadata for a given workspace proxy. This metadata should
-	// not be revealed to all users, only administrators of the workspace proxy.
-	ResourceWorkspaceProxyMetaData = Object{
-		Type: "workspace_proxy_data",
-	}
-
 	// ResourceWorkspaceExecution CRUD. Org + User owner
 	//	create = workspace remote execution
 	// 	read = ?
diff --git a/coderd/rbac/object_gen.go b/coderd/rbac/object_gen.go
diff --git a/coderd/rbac/roles.go b/coderd/rbac/roles.go
@@ -151,7 +151,6 @@ func ReloadBuiltinRoles(opts *RoleOptions) {
 					ResourceRoleAssignment.Type: {ActionRead},
 					// All users can see the provisioner daemons.
 					ResourceProvisionerDaemon.Type: {ActionRead},
-					ResourceWorkspaceProxy.Type:    {ActionRead},
 				}),
 				Org:  map[string][]Permission{},
 				User: allPermsExcept(),
diff --git a/enterprise/coderd/coderd.go b/enterprise/coderd/coderd.go
@@ -93,7 +93,6 @@ func New(ctx context.Context, options *Options) (*API, error) {
 			r.Use(apiKeyMiddleware)
 			r.Post("/", api.reconnectingPTYSignedToken)
 		})
-		// These routes are for administering and managing workspace proxies.
 		r.Route("/workspaceproxies", func(r chi.Router) {
 			r.Use(
 				api.moonsEnabledMW,
@@ -513,5 +512,5 @@ func (api *API) runEntitlementsLoop(ctx context.Context) {
 }
 
 func (api *API) Authorize(r *http.Request, action rbac.Action, object rbac.Objecter) bool {
-	return api.AGPL.HTTPAuth.Authorize(r, action, object, true)
+	return api.AGPL.HTTPAuth.Authorize(r, action, object)
 }
diff --git a/enterprise/coderd/workspaceproxy.go b/enterprise/coderd/workspaceproxy.go
@@ -187,7 +187,7 @@ func (api *API) postWorkspaceProxy(rw http.ResponseWriter, r *http.Request) {
 
 	aReq.New = proxy
 	httpapi.Write(ctx, rw, http.StatusCreated, codersdk.CreateWorkspaceProxyResponse{
-		Proxy: api.convertProxy(r, proxy, proxyhealth.ProxyStatus{
+		Proxy: convertProxy(proxy, proxyhealth.ProxyStatus{
 			Proxy:     proxy,
 			CheckedAt: time.Now(),
 			Status:    proxyhealth.Unregistered,
@@ -459,7 +459,6 @@ func convertProxy(p database.WorkspaceProxy, status proxyhealth.ProxyStatus) cod
 	return codersdk.WorkspaceProxy{
 		ID:               p.ID,
 		Name:             p.Name,
-		DisplayName:      p.DisplayName,
 		Icon:             p.Icon,
 		URL:              p.Url,
 		WildcardHostname: p.WildcardHostname,

Original file line number	Diff line number	Diff line change
`@@ -93,7 +93,6 @@ func New(ctx context.Context, options Options) (API, error) {`
`93`	`93`	`r.Use(apiKeyMiddleware)`
`94`	`94`	`r.Post("/", api.reconnectingPTYSignedToken)`
`95`	`95`	`})`
`96`		`- // These routes are for administering and managing workspace proxies.`
`97`	`96`	`r.Route("/workspaceproxies", func(r chi.Router) {`
`98`	`97`	`r.Use(`
`99`	`98`	`api.moonsEnabledMW,`
`@@ -513,5 +512,5 @@ func (api *API) runEntitlementsLoop(ctx context.Context) {`
`513`	`512`	`}`
`514`	`513`
`515`	`514`	`func (api API) Authorize(r http.Request, action rbac.Action, object rbac.Objecter) bool {`
`516`		`- return api.AGPL.HTTPAuth.Authorize(r, action, object, true)`
	`515`	`+ return api.AGPL.HTTPAuth.Authorize(r, action, object)`
`517`	`516`	`}`