coder
diff --git a/‎coderd/apidoc/docs.go
Lines changed: 2 additions & 0 deletions b/‎coderd/apidoc/docs.go
Lines changed: 2 additions & 0 deletions
diff --git a/‎coderd/apidoc/swagger.json
Lines changed: 2 additions & 0 deletions b/‎coderd/apidoc/swagger.json
Lines changed: 2 additions & 0 deletions
diff --git a/‎coderd/database/dbauthz/dbauthz.go
Lines changed: 18 additions & 6 deletions b/‎coderd/database/dbauthz/dbauthz.go
Lines changed: 18 additions & 6 deletions
diff --git a/‎coderd/database/dbmem/dbmem.go
Lines changed: 4 additions & 0 deletions b/‎coderd/database/dbmem/dbmem.go
Lines changed: 4 additions & 0 deletions
diff --git a/‎coderd/database/dbmetrics/querymetrics.go
Lines changed: 7 additions & 0 deletions b/‎coderd/database/dbmetrics/querymetrics.go
Lines changed: 7 additions & 0 deletions
diff --git a/‎coderd/database/dbmock/dbmock.go
Lines changed: 15 additions & 0 deletions b/‎coderd/database/dbmock/dbmock.go
Lines changed: 15 additions & 0 deletions
diff --git a/‎coderd/database/modelmethods.go
Lines changed: 6 additions & 0 deletions b/‎coderd/database/modelmethods.go
Lines changed: 6 additions & 0 deletions
diff --git a/‎coderd/database/querier.go
Lines changed: 1 addition & 0 deletions b/‎coderd/database/querier.go
Lines changed: 1 addition & 0 deletions
diff --git a/‎coderd/database/queries.sql.go
Lines changed: 22 additions & 0 deletions b/‎coderd/database/queries.sql.go
Lines changed: 22 additions & 0 deletions
diff --git a/‎coderd/database/queries/notificationsinbox.sql
Lines changed: 4 additions & 1 deletion b/‎coderd/database/queries/notificationsinbox.sql
Lines changed: 4 additions & 1 deletion
diff --git a/‎coderd/rbac/object_gen.go
Lines changed: 10 additions & 0 deletions b/‎coderd/rbac/object_gen.go
Lines changed: 10 additions & 0 deletions
diff --git a/‎coderd/rbac/policy/policy.go
Lines changed: 7 additions & 0 deletions b/‎coderd/rbac/policy/policy.go
Lines changed: 7 additions & 0 deletions
diff --git a/‎codersdk/rbacresources_gen.go
Lines changed: 2 additions & 0 deletions b/‎codersdk/rbacresources_gen.go
Lines changed: 2 additions & 0 deletions
diff --git a/‎docs/reference/api/members.md
Lines changed: 5 additions & 0 deletions b/‎docs/reference/api/members.md
Lines changed: 5 additions & 0 deletions
diff --git a/‎docs/reference/api/schemas.md
Lines changed: 1 addition & 0 deletions b/‎docs/reference/api/schemas.md
Lines changed: 1 addition & 0 deletions
diff --git a/‎site/src/api/rbacresourcesGenerated.ts
Lines changed: 5 additions & 0 deletions b/‎site/src/api/rbacresourcesGenerated.ts
Lines changed: 5 additions & 0 deletions
diff --git a/‎site/src/api/typesGenerated.ts
Lines changed: 2 additions & 0 deletions b/‎site/src/api/typesGenerated.ts
Lines changed: 2 additions & 0 deletions
@@ -1418,11 +1418,11 @@ func (q *querier) FavoriteWorkspace(ctx context.Context, id uuid.UUID) error {
 }
 
 func (q *querier) FetchInboxNotificationsByUserID(ctx context.Context, userID uuid.UUID) ([]database.NotificationsInbox, error) {
-	panic("not implemented")
+	return fetchWithPostFilter(q.auth, policy.ActionRead, q.db.FetchInboxNotificationsByUserID)(ctx, userID)
 }
 
 func (q *querier) FetchInboxNotificationsByUserIDAndTemplateIDAndTargetID(ctx context.Context, arg database.FetchInboxNotificationsByUserIDAndTemplateIDAndTargetIDParams) ([]database.NotificationsInbox, error) {
-	panic("not implemented")
+	return fetchWithPostFilter(q.auth, policy.ActionRead, q.db.FetchInboxNotificationsByUserIDAndTemplateIDAndTargetID)(ctx, arg)
 }
 
 func (q *querier) FetchMemoryResourceMonitorsByAgentID(ctx context.Context, agentID uuid.UUID) (database.WorkspaceAgentMemoryResourceMonitor, error) {
@@ -1447,11 +1447,11 @@ func (q *querier) FetchNewMessageMetadata(ctx context.Context, arg database.Fetc
 }
 
 func (q *querier) FetchUnreadInboxNotificationsByUserID(ctx context.Context, userID uuid.UUID) ([]database.NotificationsInbox, error) {
-	panic("not implemented")
+	return fetchWithPostFilter(q.auth, policy.ActionRead, q.db.FetchUnreadInboxNotificationsByUserID)(ctx, userID)
 }
 
 func (q *querier) FetchUnreadInboxNotificationsByUserIDAndTemplateIDAndTargetID(ctx context.Context, arg database.FetchUnreadInboxNotificationsByUserIDAndTemplateIDAndTargetIDParams) ([]database.NotificationsInbox, error) {
-	panic("not implemented")
+	return fetchWithPostFilter(q.auth, policy.ActionRead, q.db.FetchUnreadInboxNotificationsByUserIDAndTemplateIDAndTargetID)(ctx, arg)
 }
 
 func (q *querier) FetchVolumesResourceMonitorsByAgentID(ctx context.Context, agentID uuid.UUID) ([]database.WorkspaceAgentVolumeResourceMonitor, error) {
@@ -1766,6 +1766,10 @@ func (q *querier) GetHungProvisionerJobs(ctx context.Context, hungSince time.Tim
 	return q.db.GetHungProvisionerJobs(ctx, hungSince)
 }
 
+func (q *querier) GetInboxNotificationByID(ctx context.Context, id uuid.UUID) (database.NotificationsInbox, error) {
+	return fetchWithAction(q.log, q.auth, policy.ActionRead, q.db.GetInboxNotificationByID)(ctx, id)
+}
+
 func (q *querier) GetJFrogXrayScanByWorkspaceAndAgentID(ctx context.Context, arg database.GetJFrogXrayScanByWorkspaceAndAgentIDParams) (database.JfrogXrayScan, error) {
 	if _, err := fetch(q.log, q.auth, q.db.GetWorkspaceByID)(ctx, arg.WorkspaceID); err != nil {
 		return database.JfrogXrayScan{}, err
@@ -3094,7 +3098,7 @@ func (q *querier) InsertGroupMember(ctx context.Context, arg database.InsertGrou
 }
 
 func (q *querier) InsertInboxNotification(ctx context.Context, arg database.InsertInboxNotificationParams) (database.NotificationsInbox, error) {
-	panic("not implemented")
+	return insert(q.log, q.auth, rbac.ResourceNotificationInbox.WithOwner(arg.UserID.String()), q.db.InsertInboxNotification)(ctx, arg)
 }
 
 func (q *querier) InsertLicense(ctx context.Context, arg database.InsertLicenseParams) (database.License, error) {
@@ -3585,7 +3589,15 @@ func (q *querier) RevokeDBCryptKey(ctx context.Context, activeKeyDigest string)
 }
 
 func (q *querier) SetInboxNotificationAsRead(ctx context.Context, arg database.SetInboxNotificationAsReadParams) error {
-	panic("not implemented")
+	fetch := func(ctx context.Context, id uuid.UUID) (database.NotificationsInbox, error) {
+		return q.db.GetInboxNotificationByID(ctx, id)
+	}
+
+	update := func(ctx context.Context, arg database.SetInboxNotificationAsReadParams) error {
+		return q.db.SetInboxNotificationAsRead(ctx, arg)
+	}
+
+	return update(q.log, q.auth, policy.ActionUpdate, fetch, update)(ctx, arg)
 }
 
 func (q *querier) TryAcquireLock(ctx context.Context, id int64) (bool, error) {
 
@@ -3358,6 +3358,10 @@ func (q *FakeQuerier) GetHungProvisionerJobs(_ context.Context, hungSince time.T
 	return hungJobs, nil
 }
 
+func (q *FakeQuerier) GetInboxNotificationByID(ctx context.Context, id uuid.UUID) (database.NotificationsInbox, error) {
+	panic("not implemented")
+}
+
 func (q *FakeQuerier) GetJFrogXrayScanByWorkspaceAndAgentID(_ context.Context, arg database.GetJFrogXrayScanByWorkspaceAndAgentIDParams) (database.JfrogXrayScan, error) {
 	err := validateDatabaseType(arg)
 	if err != nil {
 
@@ -168,6 +168,12 @@ func (TemplateVersion) RBACObject(template Template) rbac.Object {
 	return template.RBACObject()
 }
 
+func (i NotificationsInbox) RBACObject() rbac.Object {
+	return rbac.ResourceNotificationInbox.
+		WithID(i.ID).
+		WithOwner(i.UserID.String())
+}
+
 // RBACObjectNoTemplate is for orphaned template versions.
 func (v TemplateVersion) RBACObjectNoTemplate() rbac.Object {
 	return rbac.ResourceTemplate.InOrg(v.OrganizationID)
 
@@ -10,6 +10,9 @@ SELECT * FROM notifications_inbox WHERE user_id = $1 AND template_id = $2 AND ta
 -- name: FetchUnreadInboxNotificationsByUserIDAndTemplateIDAndTargetID :many
 SELECT * FROM notifications_inbox WHERE user_id = $1 AND template_id = $2 AND target_id = $3 AND read_at IS NULL ORDER BY created_at DESC;
 
+-- name: GetInboxNotificationByID :one
+SELECT * FROM notifications_inbox WHERE id = $1;
+
 -- name: InsertInboxNotification :one
 INSERT INTO
     notifications_inbox (
@@ -32,4 +35,4 @@ UPDATE
 SET
 	read_at = $1
 WHERE
-	id = $2;
+	id = @id;
@@ -287,6 +287,13 @@ var RBACPermissions = map[string]PermissionDefinition{
 			ActionUpdate: actDef("update notification preferences"),
 		},
 	},
+	"notification_inbox": {
+		Actions: map[Action]ActionDefinition{
+			ActionCreate: actDef("create notifications inbox"),
+			ActionRead:   actDef("read notifications inbox"),
+			ActionUpdate: actDef("update notifications inbox"),
+		},
+	},
 	"crypto_key": {
 		Actions: map[Action]ActionDefinition{
 			ActionRead:   actDef("read crypto keys"),
 
@@ -70,6 +70,11 @@ export const RBACResourceActions: Partial<
 		delete: "delete license",
 		read: "read licenses",
 	},
+	notification_inbox: {
+		create: "create notifications inbox",
+		read: "read notifications inbox",
+		update: "update notifications inbox",
+	},
 	notification_message: {
 		create: "create notification messages",
 		delete: "delete notification messages",
Original file line number	Diff line number	Diff line change
`@@ -1418,11 +1418,11 @@ func (q *querier) FavoriteWorkspace(ctx context.Context, id uuid.UUID) error {`
`1418`	`1418`	`}`
`1419`	`1419`
`1420`	`1420`	`func (q *querier) FetchInboxNotificationsByUserID(ctx context.Context, userID uuid.UUID) ([]database.NotificationsInbox, error) {`
`1421`		`- panic("not implemented")`
	`1421`	`+ return fetchWithPostFilter(q.auth, policy.ActionRead, q.db.FetchInboxNotificationsByUserID)(ctx, userID)`
`1422`	`1422`	`}`
`1423`	`1423`
`1424`	`1424`	`func (q *querier) FetchInboxNotificationsByUserIDAndTemplateIDAndTargetID(ctx context.Context, arg database.FetchInboxNotificationsByUserIDAndTemplateIDAndTargetIDParams) ([]database.NotificationsInbox, error) {`
`1425`		`- panic("not implemented")`
	`1425`	`+ return fetchWithPostFilter(q.auth, policy.ActionRead, q.db.FetchInboxNotificationsByUserIDAndTemplateIDAndTargetID)(ctx, arg)`
`1426`	`1426`	`}`
`1427`	`1427`
`1428`	`1428`	`func (q *querier) FetchMemoryResourceMonitorsByAgentID(ctx context.Context, agentID uuid.UUID) (database.WorkspaceAgentMemoryResourceMonitor, error) {`
`@@ -1447,11 +1447,11 @@ func (q *querier) FetchNewMessageMetadata(ctx context.Context, arg database.Fetc`
`1447`	`1447`	`}`
`1448`	`1448`
`1449`	`1449`	`func (q *querier) FetchUnreadInboxNotificationsByUserID(ctx context.Context, userID uuid.UUID) ([]database.NotificationsInbox, error) {`
`1450`		`- panic("not implemented")`
	`1450`	`+ return fetchWithPostFilter(q.auth, policy.ActionRead, q.db.FetchUnreadInboxNotificationsByUserID)(ctx, userID)`
`1451`	`1451`	`}`
`1452`	`1452`
`1453`	`1453`	`func (q *querier) FetchUnreadInboxNotificationsByUserIDAndTemplateIDAndTargetID(ctx context.Context, arg database.FetchUnreadInboxNotificationsByUserIDAndTemplateIDAndTargetIDParams) ([]database.NotificationsInbox, error) {`
`1454`		`- panic("not implemented")`
	`1454`	`+ return fetchWithPostFilter(q.auth, policy.ActionRead, q.db.FetchUnreadInboxNotificationsByUserIDAndTemplateIDAndTargetID)(ctx, arg)`
`1455`	`1455`	`}`
`1456`	`1456`
`1457`	`1457`	`func (q *querier) FetchVolumesResourceMonitorsByAgentID(ctx context.Context, agentID uuid.UUID) ([]database.WorkspaceAgentVolumeResourceMonitor, error) {`
`@@ -1766,6 +1766,10 @@ func (q *querier) GetHungProvisionerJobs(ctx context.Context, hungSince time.Tim`
`1766`	`1766`	`return q.db.GetHungProvisionerJobs(ctx, hungSince)`
`1767`	`1767`	`}`
`1768`	`1768`
	`1769`	`+func (q *querier) GetInboxNotificationByID(ctx context.Context, id uuid.UUID) (database.NotificationsInbox, error) {`
	`1770`	`+ return fetchWithAction(q.log, q.auth, policy.ActionRead, q.db.GetInboxNotificationByID)(ctx, id)`
	`1771`	`+}`
	`1772`	`+`
`1769`	`1773`	`func (q *querier) GetJFrogXrayScanByWorkspaceAndAgentID(ctx context.Context, arg database.GetJFrogXrayScanByWorkspaceAndAgentIDParams) (database.JfrogXrayScan, error) {`
`1770`	`1774`	`if _, err := fetch(q.log, q.auth, q.db.GetWorkspaceByID)(ctx, arg.WorkspaceID); err != nil {`
`1771`	`1775`	`return database.JfrogXrayScan{}, err`
`@@ -3094,7 +3098,7 @@ func (q *querier) InsertGroupMember(ctx context.Context, arg database.InsertGrou`
`3094`	`3098`	`}`
`3095`	`3099`
`3096`	`3100`	`func (q *querier) InsertInboxNotification(ctx context.Context, arg database.InsertInboxNotificationParams) (database.NotificationsInbox, error) {`
`3097`		`- panic("not implemented")`
	`3101`	`+ return insert(q.log, q.auth, rbac.ResourceNotificationInbox.WithOwner(arg.UserID.String()), q.db.InsertInboxNotification)(ctx, arg)`
`3098`	`3102`	`}`
`3099`	`3103`
`3100`	`3104`	`func (q *querier) InsertLicense(ctx context.Context, arg database.InsertLicenseParams) (database.License, error) {`
`@@ -3585,7 +3589,15 @@ func (q *querier) RevokeDBCryptKey(ctx context.Context, activeKeyDigest string)`
`3585`	`3589`	`}`
`3586`	`3590`
`3587`	`3591`	`func (q *querier) SetInboxNotificationAsRead(ctx context.Context, arg database.SetInboxNotificationAsReadParams) error {`
`3588`		`- panic("not implemented")`
	`3592`	`+ fetch := func(ctx context.Context, id uuid.UUID) (database.NotificationsInbox, error) {`
	`3593`	`+ return q.db.GetInboxNotificationByID(ctx, id)`
	`3594`	`+ }`
	`3595`	`+`
	`3596`	`+ update := func(ctx context.Context, arg database.SetInboxNotificationAsReadParams) error {`
	`3597`	`+ return q.db.SetInboxNotificationAsRead(ctx, arg)`
	`3598`	`+ }`
	`3599`	`+`
	`3600`	`+ return update(q.log, q.auth, policy.ActionUpdate, fetch, update)(ctx, arg)`
`3589`	`3601`	`}`
`3590`	`3602`
`3591`	`3603`	`func (q *querier) TryAcquireLock(ctx context.Context, id int64) (bool, error) {`