Skip to content

Commit dce8d0a

Browse files
EmyrkEmyrk
committed
Use rbac objects directly
1 parent acf214c commit dce8d0a

File tree

1 file changed

+8
-6
lines changed

1 file changed

+8
-6
lines changed

coderd/database/dbauthz/dbauthz_test.go

Lines changed: 8 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1413,21 +1413,21 @@ func (s *MethodTestSuite) TestUser() {
14131413
s.Run("InsertGitSSHKey", s.Mocked(func(dbm *dbmock.MockStore, faker *gofakeit.Faker, check *expects) {
14141414
u := testutil.Fake(s.T(), faker, database.User{})
14151415
arg := database.InsertGitSSHKeyParams{UserID: u.ID}
1416-
dbm.EXPECT().InsertGitSSHKey(gomock.Any(), arg).Return(database.GitSSHKey{}, nil).AnyTimes()
1416+
dbm.EXPECT().InsertGitSSHKey(gomock.Any(), arg).Return(database.GitSSHKey{UserID: u.ID}, nil).AnyTimes()
14171417
check.Args(arg).Asserts(u, policy.ActionUpdatePersonal)
14181418
}))
14191419
s.Run("UpdateGitSSHKey", s.Mocked(func(dbm *dbmock.MockStore, faker *gofakeit.Faker, check *expects) {
14201420
key := testutil.Fake(s.T(), faker, database.GitSSHKey{})
14211421
arg := database.UpdateGitSSHKeyParams{UserID: key.UserID, UpdatedAt: key.UpdatedAt}
14221422
dbm.EXPECT().GetGitSSHKey(gomock.Any(), key.UserID).Return(key, nil).AnyTimes()
14231423
dbm.EXPECT().UpdateGitSSHKey(gomock.Any(), arg).Return(key, nil).AnyTimes()
1424-
check.Args(arg).Asserts(rbac.ResourceUserObject(key.UserID), policy.ActionUpdatePersonal).Returns(key)
1424+
check.Args(arg).Asserts(key, policy.ActionUpdatePersonal).Returns(key)
14251425
}))
14261426
s.Run("GetExternalAuthLink", s.Mocked(func(dbm *dbmock.MockStore, faker *gofakeit.Faker, check *expects) {
14271427
link := testutil.Fake(s.T(), faker, database.ExternalAuthLink{})
14281428
arg := database.GetExternalAuthLinkParams{ProviderID: link.ProviderID, UserID: link.UserID}
14291429
dbm.EXPECT().GetExternalAuthLink(gomock.Any(), arg).Return(link, nil).AnyTimes()
1430-
check.Args(arg).Asserts(rbac.ResourceUserObject(link.UserID), policy.ActionReadPersonal).Returns(link)
1430+
check.Args(arg).Asserts(link, policy.ActionReadPersonal).Returns(link)
14311431
}))
14321432
s.Run("InsertExternalAuthLink", s.Mocked(func(dbm *dbmock.MockStore, faker *gofakeit.Faker, check *expects) {
14331433
u := testutil.Fake(s.T(), faker, database.User{})
@@ -1440,21 +1440,21 @@ func (s *MethodTestSuite) TestUser() {
14401440
arg := database.UpdateExternalAuthLinkRefreshTokenParams{OAuthRefreshToken: "", OAuthRefreshTokenKeyID: "", ProviderID: link.ProviderID, UserID: link.UserID, UpdatedAt: link.UpdatedAt}
14411441
dbm.EXPECT().GetExternalAuthLink(gomock.Any(), database.GetExternalAuthLinkParams{ProviderID: link.ProviderID, UserID: link.UserID}).Return(link, nil).AnyTimes()
14421442
dbm.EXPECT().UpdateExternalAuthLinkRefreshToken(gomock.Any(), arg).Return(nil).AnyTimes()
1443-
check.Args(arg).Asserts(rbac.ResourceUserObject(link.UserID), policy.ActionUpdatePersonal)
1443+
check.Args(arg).Asserts(link, policy.ActionUpdatePersonal)
14441444
}))
14451445
s.Run("UpdateExternalAuthLink", s.Mocked(func(dbm *dbmock.MockStore, faker *gofakeit.Faker, check *expects) {
14461446
link := testutil.Fake(s.T(), faker, database.ExternalAuthLink{})
14471447
arg := database.UpdateExternalAuthLinkParams{ProviderID: link.ProviderID, UserID: link.UserID, OAuthAccessToken: link.OAuthAccessToken, OAuthRefreshToken: link.OAuthRefreshToken, OAuthExpiry: link.OAuthExpiry, UpdatedAt: link.UpdatedAt}
14481448
dbm.EXPECT().GetExternalAuthLink(gomock.Any(), database.GetExternalAuthLinkParams{ProviderID: link.ProviderID, UserID: link.UserID}).Return(link, nil).AnyTimes()
14491449
dbm.EXPECT().UpdateExternalAuthLink(gomock.Any(), arg).Return(link, nil).AnyTimes()
1450-
check.Args(arg).Asserts(rbac.ResourceUserObject(link.UserID), policy.ActionUpdatePersonal).Returns(link)
1450+
check.Args(arg).Asserts(link, policy.ActionUpdatePersonal).Returns(link)
14511451
}))
14521452
s.Run("UpdateUserLink", s.Mocked(func(dbm *dbmock.MockStore, faker *gofakeit.Faker, check *expects) {
14531453
link := testutil.Fake(s.T(), faker, database.UserLink{})
14541454
arg := database.UpdateUserLinkParams{OAuthAccessToken: link.OAuthAccessToken, OAuthRefreshToken: link.OAuthRefreshToken, OAuthExpiry: link.OAuthExpiry, UserID: link.UserID, LoginType: link.LoginType, Claims: database.UserLinkClaims{}}
14551455
dbm.EXPECT().GetUserLinkByUserIDLoginType(gomock.Any(), database.GetUserLinkByUserIDLoginTypeParams{UserID: link.UserID, LoginType: link.LoginType}).Return(link, nil).AnyTimes()
14561456
dbm.EXPECT().UpdateUserLink(gomock.Any(), arg).Return(link, nil).AnyTimes()
1457-
check.Args(arg).Asserts(rbac.ResourceUserObject(link.UserID), policy.ActionUpdatePersonal).Returns(link)
1457+
check.Args(arg).Asserts(link, policy.ActionUpdatePersonal).Returns(link)
14581458
}))
14591459
s.Run("UpdateUserRoles", s.Mocked(func(dbm *dbmock.MockStore, faker *gofakeit.Faker, check *expects) {
14601460
u := testutil.Fake(s.T(), faker, database.User{RBACRoles: []string{codersdk.RoleTemplateAdmin}})
@@ -1525,6 +1525,7 @@ func (s *MethodTestSuite) TestUser() {
15251525
dbm.EXPECT().UpdateCustomRole(gomock.Any(), arg).Return(database.CustomRole{}, nil).AnyTimes()
15261526
check.Args(arg).Asserts(
15271527
rbac.ResourceAssignOrgRole.InOrg(orgID), policy.ActionUpdate,
1528+
// Escalation checks
15281529
rbac.ResourceTemplate.InOrg(orgID), policy.ActionCreate,
15291530
rbac.ResourceTemplate.InOrg(orgID), policy.ActionRead,
15301531
)
@@ -1562,6 +1563,7 @@ func (s *MethodTestSuite) TestUser() {
15621563
dbm.EXPECT().InsertCustomRole(gomock.Any(), arg).Return(database.CustomRole{}, nil).AnyTimes()
15631564
check.Args(arg).Asserts(
15641565
rbac.ResourceAssignOrgRole.InOrg(orgID), policy.ActionCreate,
1566+
// Escalation checks
15651567
rbac.ResourceTemplate.InOrg(orgID), policy.ActionCreate,
15661568
rbac.ResourceTemplate.InOrg(orgID), policy.ActionRead,
15671569
)

0 commit comments

Comments
 (0)