coder
diff --git a/‎.github/workflows/coder.yaml
Lines changed: 4 additions & 0 deletions b/‎.github/workflows/coder.yaml
Lines changed: 4 additions & 0 deletions
diff --git a/‎agent/agent.go
Lines changed: 35 additions & 38 deletions b/‎agent/agent.go
Lines changed: 35 additions & 38 deletions
diff --git a/‎agent/agent_test.go
Lines changed: 19 additions & 0 deletions b/‎agent/agent_test.go
Lines changed: 19 additions & 0 deletions
diff --git a/‎cli/cliui/resources_test.go
Lines changed: 2 additions & 1 deletion b/‎cli/cliui/resources_test.go
Lines changed: 2 additions & 1 deletion
diff --git a/‎coderd/coderd.go
Lines changed: 1 addition & 0 deletions b/‎coderd/coderd.go
Lines changed: 1 addition & 0 deletions
diff --git a/‎coderd/database/databasefake/databasefake.go
Lines changed: 17 additions & 0 deletions b/‎coderd/database/databasefake/databasefake.go
Lines changed: 17 additions & 0 deletions
diff --git a/‎coderd/database/querier.go
Lines changed: 1 addition & 0 deletions b/‎coderd/database/querier.go
Lines changed: 1 addition & 0 deletions
diff --git a/‎coderd/database/queries.sql.go
Lines changed: 43 additions & 0 deletions b/‎coderd/database/queries.sql.go
Lines changed: 43 additions & 0 deletions
diff --git a/‎coderd/database/queries/users.sql
Lines changed: 11 additions & 0 deletions b/‎coderd/database/queries/users.sql
Lines changed: 11 additions & 0 deletions
diff --git a/‎coderd/users.go
Lines changed: 65 additions & 0 deletions b/‎coderd/users.go
Lines changed: 65 additions & 0 deletions
@@ -158,6 +158,10 @@ jobs:
           terraform_version: 1.1.2
           terraform_wrapper: false
 
+      - name: Install socat
+        if: runner.os == 'Linux'
+        run: sudo apt-get install -y socat
+
       - name: Test with Mock Database
         shell: bash
         env:
 
@@ -21,6 +21,8 @@ import (
 	"github.com/coder/coder/pty"
 	"github.com/coder/retry"
 
+	"github.com/pkg/sftp"
+
 	"github.com/gliderlabs/ssh"
 	gossh "golang.org/x/crypto/ssh"
 	"golang.org/x/xerrors"
@@ -121,7 +123,7 @@ func (a *agent) handlePeerConn(ctx context.Context, conn *peer.Conn) {
 
 		switch channel.Protocol() {
 		case "ssh":
-			a.sshServer.HandleConn(channel.NetConn())
+			go a.sshServer.HandleConn(channel.NetConn())
 		default:
 			a.options.Logger.Warn(ctx, "unhandled protocol from channel",
 				slog.F("protocol", channel.Protocol()),
@@ -146,7 +148,10 @@ func (a *agent) init(ctx context.Context) {
 	sshLogger := a.options.Logger.Named("ssh-server")
 	forwardHandler := &ssh.ForwardedTCPHandler{}
 	a.sshServer = &ssh.Server{
-		ChannelHandlers: ssh.DefaultChannelHandlers,
+		ChannelHandlers: map[string]ssh.ChannelHandler{
+			"direct-tcpip": ssh.DirectTCPIPHandler,
+			"session":      ssh.DefaultSessionHandler,
+		},
 		ConnectionFailedCallback: func(conn net.Conn, err error) {
 			sshLogger.Info(ctx, "ssh connection ended", slog.Error(err))
 		},
@@ -185,61 +190,54 @@ func (a *agent) init(ctx context.Context) {
 				NoClientAuth: true,
 			}
 		},
+		SubsystemHandlers: map[string]ssh.SubsystemHandler{
+			"sftp": func(session ssh.Session) {
+				server, err := sftp.NewServer(session)
+				if err != nil {
+					a.options.Logger.Debug(session.Context(), "initialize sftp server", slog.Error(err))
+					return
+				}
+				defer server.Close()
+				err = server.Serve()
+				if errors.Is(err, io.EOF) {
+					return
+				}
+				a.options.Logger.Debug(session.Context(), "sftp server exited with error", slog.Error(err))
+			},
+		},
 	}
 
 	go a.run(ctx)
 }
 
 func (a *agent) handleSSHSession(session ssh.Session) error {
-	var (
-		command string
-		args    = []string{}
-		err     error
-	)
-
 	currentUser, err := user.Current()
 	if err != nil {
 		return xerrors.Errorf("get current user: %w", err)
 	}
 	username := currentUser.Username
 
+	shell, err := usershell.Get(username)
+	if err != nil {
+		return xerrors.Errorf("get user shell: %w", err)
+	}
+
 	// gliderlabs/ssh returns a command slice of zero
 	// when a shell is requested.
+	command := session.RawCommand()
 	if len(session.Command()) == 0 {
-		command, err = usershell.Get(username)
-		if err != nil {
-			return xerrors.Errorf("get user shell: %w", err)
-		}
-	} else {
-		command = session.Command()[0]
-		if len(session.Command()) > 1 {
-			args = session.Command()[1:]
-		}
+		command = shell
 	}
 
-	signals := make(chan ssh.Signal)
-	breaks := make(chan bool)
-	defer close(signals)
-	defer close(breaks)
-	go func() {
-		for {
-			select {
-			case <-session.Context().Done():
-				return
-			// Ignore signals and breaks for now!
-			case <-signals:
-			case <-breaks:
-			}
-		}
-	}()
-
-	cmd := exec.CommandContext(session.Context(), command, args...)
+	// OpenSSH executes all commands with the users current shell.
+	// We replicate that behavior for IDE support.
+	cmd := exec.CommandContext(session.Context(), shell, "-c", command)
 	cmd.Env = append(os.Environ(), session.Environ()...)
 	executablePath, err := os.Executable()
 	if err != nil {
 		return xerrors.Errorf("getting os executable: %w", err)
 	}
-	cmd.Env = append(session.Environ(), fmt.Sprintf(`GIT_SSH_COMMAND="%s gitssh --"`, executablePath))
+	cmd.Env = append(cmd.Env, fmt.Sprintf(`GIT_SSH_COMMAND="%s gitssh --"`, executablePath))
 
 	sshPty, windowSize, isPty := session.Pty()
 	if isPty {
@@ -268,7 +266,7 @@ func (a *agent) handleSSHSession(session ssh.Session) error {
 	}
 
 	cmd.Stdout = session
-	cmd.Stderr = session
+	cmd.Stderr = session.Stderr()
 	// This blocks forever until stdin is received if we don't
 	// use StdinPipe. It's unknown what causes this.
 	stdinPipe, err := cmd.StdinPipe()
@@ -282,8 +280,7 @@ func (a *agent) handleSSHSession(session ssh.Session) error {
 	if err != nil {
 		return xerrors.Errorf("start: %w", err)
 	}
-	_ = cmd.Wait()
-	return nil
+	return cmd.Wait()
 }
 
 // isClosed returns whether the API is closed or not.
 
@@ -5,13 +5,16 @@ import (
 	"fmt"
 	"io"
 	"net"
+	"os"
 	"os/exec"
+	"path/filepath"
 	"runtime"
 	"strconv"
 	"strings"
 	"testing"
 
 	"github.com/pion/webrtc/v3"
+	"github.com/pkg/sftp"
 	"github.com/stretchr/testify/require"
 	"go.uber.org/goleak"
 	"golang.org/x/crypto/ssh"
@@ -94,6 +97,7 @@ func TestAgent(t *testing.T) {
 
 		local, err := net.Listen("tcp", "127.0.0.1:0")
 		require.NoError(t, err)
+		defer local.Close()
 		tcpAddr, valid = local.Addr().(*net.TCPAddr)
 		require.True(t, valid)
 		localPort := tcpAddr.Port
@@ -113,6 +117,21 @@ func TestAgent(t *testing.T) {
 		conn.Close()
 		<-done
 	})
+
+	t.Run("SFTP", func(t *testing.T) {
+		t.Parallel()
+		sshClient, err := setupAgent(t).SSHClient()
+		require.NoError(t, err)
+		client, err := sftp.NewClient(sshClient)
+		require.NoError(t, err)
+		tempFile := filepath.Join(t.TempDir(), "sftp")
+		file, err := client.Create(tempFile)
+		require.NoError(t, err)
+		err = file.Close()
+		require.NoError(t, err)
+		_, err = os.Stat(tempFile)
+		require.NoError(t, err)
+	})
 }
 
 func setupSSHCommand(t *testing.T, beforeArgs []string, afterArgs []string) *exec.Cmd {
 
@@ -4,11 +4,12 @@ import (
 	"testing"
 	"time"
 
+	"github.com/stretchr/testify/require"
+
 	"github.com/coder/coder/cli/cliui"
 	"github.com/coder/coder/coderd/database"
 	"github.com/coder/coder/codersdk"
 	"github.com/coder/coder/pty/ptytest"
-	"github.com/stretchr/testify/require"
 )
 
 func TestWorkspaceResources(t *testing.T) {
 
@@ -150,6 +150,7 @@ func New(options *Options) (http.Handler, func()) {
 				r.Route("/{user}", func(r chi.Router) {
 					r.Use(httpmw.ExtractUserParam(options.Database))
 					r.Get("/", api.userByName)
+					r.Put("/profile", api.putUserProfile)
 					r.Get("/organizations", api.organizationsByUser)
 					r.Post("/organizations", api.postOrganizationsByUser)
 					r.Post("/keys", api.postAPIKey)
 
@@ -1050,6 +1050,23 @@ func (q *fakeQuerier) InsertUser(_ context.Context, arg database.InsertUserParam
 	return user, nil
 }
 
+func (q *fakeQuerier) UpdateUserProfile(_ context.Context, arg database.UpdateUserProfileParams) (database.User, error) {
+	q.mutex.Lock()
+	defer q.mutex.Unlock()
+
+	for index, user := range q.users {
+		if user.ID != arg.ID {
+			continue
+		}
+		user.Name = arg.Name
+		user.Email = arg.Email
+		user.Username = arg.Username
+		q.users[index] = user
+		return user, nil
+	}
+	return database.User{}, sql.ErrNoRows
+}
+
 func (q *fakeQuerier) InsertWorkspace(_ context.Context, arg database.InsertWorkspaceParams) (database.Workspace, error) {
 	q.mutex.Lock()
 	defer q.mutex.Unlock()
 
@@ -40,3 +40,14 @@ INSERT INTO
 	)
 VALUES
 	($1, $2, $3, $4, FALSE, $5, $6, $7, $8) RETURNING *;
+
+-- name: UpdateUserProfile :one
+UPDATE
+	users
+SET
+	email = $2,
+	"name" = $3,
+	username = $4,
+	updated_at = $5
+WHERE
+	id = $1 RETURNING *;
@@ -270,6 +270,70 @@ func (*api) userByName(rw http.ResponseWriter, r *http.Request) {
 	render.JSON(rw, r, convertUser(user))
 }
 
+func (api *api) putUserProfile(rw http.ResponseWriter, r *http.Request) {
+	user := httpmw.UserParam(r)
+
+	var params codersdk.UpdateUserProfileRequest
+	if !httpapi.Read(rw, r, &params) {
+		return
+	}
+
+	if params.Name == nil {
+		params.Name = &user.Name
+	}
+
+	existentUser, err := api.Database.GetUserByEmailOrUsername(r.Context(), database.GetUserByEmailOrUsernameParams{
+		Email:    params.Email,
+		Username: params.Username,
+	})
+	isDifferentUser := existentUser.ID != user.ID
+
+	if err == nil && isDifferentUser {
+		responseErrors := []httpapi.Error{}
+		if existentUser.Email == params.Email {
+			responseErrors = append(responseErrors, httpapi.Error{
+				Field: "email",
+				Code:  "exists",
+			})
+		}
+		if existentUser.Username == params.Username {
+			responseErrors = append(responseErrors, httpapi.Error{
+				Field: "username",
+				Code:  "exists",
+			})
+		}
+		httpapi.Write(rw, http.StatusConflict, httpapi.Response{
+			Message: fmt.Sprintf("user already exists"),
+			Errors:  responseErrors,
+		})
+		return
+	}
+	if !errors.Is(err, sql.ErrNoRows) && isDifferentUser {
+		httpapi.Write(rw, http.StatusInternalServerError, httpapi.Response{
+			Message: fmt.Sprintf("get user: %s", err),
+		})
+		return
+	}
+
+	updatedUserProfile, err := api.Database.UpdateUserProfile(r.Context(), database.UpdateUserProfileParams{
+		ID:        user.ID,
+		Name:      *params.Name,
+		Email:     params.Email,
+		Username:  params.Username,
+		UpdatedAt: database.Now(),
+	})
+
+	if err != nil {
+		httpapi.Write(rw, http.StatusInternalServerError, httpapi.Response{
+			Message: fmt.Sprintf("patch user: %s", err.Error()),
+		})
+		return
+	}
+
+	render.Status(r, http.StatusOK)
+	render.JSON(rw, r, convertUser(updatedUserProfile))
+}
+
 // Returns organizations the parameterized user has access to.
 func (api *api) organizationsByUser(rw http.ResponseWriter, r *http.Request) {
 	user := httpmw.UserParam(r)
@@ -872,5 +936,6 @@ func convertUser(user database.User) codersdk.User {
 		Email:     user.Email,
 		CreatedAt: user.CreatedAt,
 		Username:  user.Username,
+		Name:      user.Name,
 	}
 }