Implement more types for seeding

Emyrk · Emyrk · commit da9c525f0c8a · 2023-01-26T17:05:30.000-06:00
diff --git a/coderd/authzquery/authz_test.go b/coderd/authzquery/authz_test.go
@@ -108,15 +108,16 @@ func testAuthorizeFunction(t *testing.T, testCase *authorizeTest) {
 	for objectName, asserts := range testCase.Asserts {
 		object := data[objectName]
 		for _, assert := range asserts {
-			pairs = append(pairs, rec.Pair(assert, object))
+			canRBAC, ok := object.(rbac.Objecter)
+			require.True(t, ok, "object %q does not implement rbac.Objecter", objectName)
+			pairs = append(pairs, rec.Pair(assert, canRBAC.RBACObject()))
 		}
 	}
 	rec.UnorderedAssertActor(t, actor, pairs...)
 	require.NoError(t, rec.AllAsserted(), "all authz checks asserted")
 }
 
-func setupTestData(t *testing.T, testCase *authorizeTest, db database.Store, ctx context.Context) map[string]rbac.Objecter {
-	rbacObjects := make(map[string]rbac.Objecter)
+func setupTestData(t *testing.T, testCase *authorizeTest, db database.Store, ctx context.Context) map[string]interface{} {
 	// Setup the test data.
 	orgID := uuid.New()
 	data := testCase.Data(t, testCase)
@@ -142,9 +143,7 @@ func setupTestData(t *testing.T, testCase *authorizeTest, db database.Store, ctx
 			})
 			require.NoError(t, err, "insert template")
 
-			// Reinsert the template.
 			data[name] = template
-			rbacObjects[name] = template
 		case database.Workspace:
 			workspace, err := db.InsertWorkspace(ctx, database.InsertWorkspaceParams{
 				ID:                testCase.Lookup(name),
@@ -158,12 +157,42 @@ func setupTestData(t *testing.T, testCase *authorizeTest, db database.Store, ctx
 			})
 			require.NoError(t, err, "insert workspace")
 
-			// Reinsert the workspace.
 			data[name] = workspace
-			rbacObjects[name] = workspace
+		case database.WorkspaceBuild:
+			build, err := db.InsertWorkspaceBuild(ctx, database.InsertWorkspaceBuildParams{
+				ID:                testCase.Lookup(name),
+				CreatedAt:         time.Now(),
+				UpdatedAt:         time.Now(),
+				WorkspaceID:       takeFirst(orig.WorkspaceID, uuid.New()),
+				TemplateVersionID: takeFirst(orig.TemplateVersionID, uuid.New()),
+				BuildNumber:       takeFirst(orig.BuildNumber, 0),
+				Transition:        takeFirst(orig.Transition, database.WorkspaceTransitionStart),
+				InitiatorID:       takeFirst(orig.InitiatorID, uuid.New()),
+				JobID:             takeFirst(orig.InitiatorID, uuid.New()),
+				ProvisionerState:  []byte{},
+				Deadline:          time.Now(),
+				Reason:            takeFirst(orig.Reason, database.BuildReasonInitiator),
+			})
+			require.NoError(t, err, "insert workspace build")
+
+			data[name] = build
+		case database.User:
+			user, err := db.InsertUser(ctx, database.InsertUserParams{
+				ID:             testCase.Lookup(name),
+				Email:          takeFirst(orig.Email, namesgenerator.GetRandomName(1)),
+				Username:       takeFirst(orig.Username, namesgenerator.GetRandomName(1)),
+				HashedPassword: []byte{},
+				CreatedAt:      time.Now(),
+				UpdatedAt:      time.Now(),
+				RBACRoles:      []string{},
+				LoginType:      takeFirst(orig.LoginType, database.LoginTypePassword),
+			})
+			require.NoError(t, err, "insert user")
+
+			data[name] = user
 		}
 	}
-	return rbacObjects
+	return data
 }
 
 // takeFirst will take the first non empty value.
diff --git a/coderd/authzquery/authzquerier.go b/coderd/authzquery/authzquerier.go
@@ -23,9 +23,6 @@ var _ database.Store = (*AuthzQuerier)(nil)
 type AuthzQuerier struct {
 	database   database.Store
 	authorizer rbac.Authorizer
-
-	// constantActor makes all actors on context ignored.
-	constantActor *rbac.Subject
 }
 
 func NewAuthzQuerier(db database.Store, authorizer rbac.Authorizer) *AuthzQuerier {
@@ -53,10 +50,6 @@ func (q *AuthzQuerier) InTx(function func(querier database.Store) error, txOpts
 	}, txOpts)
 }
 
-func (q *AuthzQuerier) As(subject rbac.Subject) database.Store {
-	return NewAuthzQuerier(q.database, q.authorizer, subject)
-}
-
 // authorizeContext is a helper function to authorize an action on an object.
 func (q *AuthzQuerier) authorizeContext(ctx context.Context, action rbac.Action, object rbac.Objecter) error {
 	act, ok := actorFromContext(ctx)
diff --git a/coderd/authzquery/workspace_test.go b/coderd/authzquery/workspace_test.go
@@ -22,37 +22,67 @@ import (
 func TestWorkspaceFunctions(t *testing.T) {
 	t.Parallel()
 
+	const mainWorkspace = "workspace-one"
+	workspaceData := func(t *testing.T, tc *authorizeTest) map[string]interface{} {
+		return map[string]interface{}{
+			"u-one": database.User{},
+			mainWorkspace: database.Workspace{
+				Name:       "peter-pan",
+				OwnerID:    tc.Lookup("u-one"),
+				TemplateID: tc.Lookup("t-one"),
+			},
+			"t-one": database.Template{},
+			"b-one": database.WorkspaceBuild{
+				WorkspaceID: tc.Lookup(mainWorkspace),
+				//TemplateVersionID: uuid.UUID{},
+				BuildNumber: 0,
+				Transition:  database.WorkspaceTransitionStart,
+				InitiatorID: tc.Lookup("u-one"),
+				//JobID:             uuid.UUID{},
+			},
+		}
+	}
+
 	testCases := []struct {
 		Name   string
 		Config *authorizeTest
 	}{
 		{
-			Name: "GetByID",
+			Name: "GetWorkspaceByID",
 			Config: &authorizeTest{
-				Data: func(t *testing.T, tc *authorizeTest) map[string]interface{} {
-					return map[string]interface{}{
-						"u-one": database.User{},
-						"w-one": database.Workspace{
-							Name:       "peter-pan",
-							OwnerID:    tc.Lookup("u-one"),
-							TemplateID: tc.Lookup("t-one"),
-						},
-						"t-one": database.Template{},
-					}
-				},
+				Data: workspaceData,
 				Test: func(ctx context.Context, t *testing.T, tc *authorizeTest, q authzquery.AuthzStore) {
-					wrk, err := q.GetWorkspaceByID(ctx, tc.Lookup("w-one"))
+					_, err := q.GetWorkspaceByID(ctx, tc.Lookup(mainWorkspace))
 					require.NoError(t, err)
-
-					wrk, err = q.GetWorkspaceByID(ctx, tc.Lookup("w-one"))
+				},
+				Asserts: map[string][]rbac.Action{
+					mainWorkspace: {rbac.ActionRead},
+				},
+			},
+		},
+		{
+			Name: "GetWorkspaces",
+			Config: &authorizeTest{
+				Data: workspaceData,
+				Test: func(ctx context.Context, t *testing.T, tc *authorizeTest, q authzquery.AuthzStore) {
+					_, err := q.GetWorkspaces(ctx, database.GetWorkspacesParams{})
 					require.NoError(t, err)
-
-					_, err = q.GetTemplateByID(ctx, wrk.TemplateID)
+				},
+				Asserts: map[string][]rbac.Action{
+					// No rbac checks for this one, uses sql filter
+				},
+			},
+		},
+		{
+			Name: "GetLatestWorkspaceBuildByWorkspaceID",
+			Config: &authorizeTest{
+				Data: workspaceData,
+				Test: func(ctx context.Context, t *testing.T, tc *authorizeTest, q authzquery.AuthzStore) {
+					_, err := q.GetLatestWorkspaceBuildByWorkspaceID(ctx, tc.Lookup(mainWorkspace))
 					require.NoError(t, err)
 				},
 				Asserts: map[string][]rbac.Action{
-					"w-one": {rbac.ActionRead, rbac.ActionRead},
-					"t-one": {rbac.ActionRead},
+					mainWorkspace: {rbac.ActionRead},
 				},
 			},
 		},
