Skip to content

Commit ea0ef7b

Browse files
johnstcnjohnstcn
committed
use systemCtx again in httpmw/userparam.go
1 parent 03ec0f3 commit ea0ef7b

File tree

1 file changed

+8
-8
lines changed

1 file changed

+8
-8
lines changed

coderd/httpmw/userparam.go

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,7 @@ import (
1313
"github.com/coder/coder/coderd/authzquery"
1414
"github.com/coder/coder/coderd/database"
1515
"github.com/coder/coder/coderd/httpapi"
16+
"github.com/coder/coder/coderd/rbac"
1617
"github.com/coder/coder/codersdk"
1718
)
1819

@@ -36,17 +37,16 @@ func UserParam(r *http.Request) database.User {
3637

3738
// ExtractUserParam extracts a user from an ID/username in the {user} URL
3839
// parameter.
39-
// NOTE: Requires the UserAuthorization middleware.
4040
//
4141
//nolint:revive
4242
func ExtractUserParam(db database.Store, redirectToLoginOnMe bool) func(http.Handler) http.Handler {
4343
return func(next http.Handler) http.Handler {
4444
return http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
4545
var (
46-
auth = UserAuthorization(r)
47-
ctx = authzquery.WithAuthorizeContext(r.Context(), auth.Actor)
48-
user database.User
49-
err error
46+
ctx = r.Context()
47+
systemCtx = authzquery.WithAuthorizeSystemContext(ctx, rbac.RolesAdminSystem())
48+
user database.User
49+
err error
5050
)
5151

5252
// userQuery is either a uuid, a username, or 'me'
@@ -71,7 +71,7 @@ func ExtractUserParam(db database.Store, redirectToLoginOnMe bool) func(http.Han
7171
})
7272
return
7373
}
74-
user, err = db.GetUserByID(ctx, apiKey.UserID)
74+
user, err = db.GetUserByID(systemCtx, apiKey.UserID)
7575
if xerrors.Is(err, sql.ErrNoRows) {
7676
httpapi.ResourceNotFound(rw)
7777
return
@@ -85,7 +85,7 @@ func ExtractUserParam(db database.Store, redirectToLoginOnMe bool) func(http.Han
8585
}
8686
} else if userID, err := uuid.Parse(userQuery); err == nil {
8787
// If the userQuery is a valid uuid
88-
user, err = db.GetUserByID(ctx, userID)
88+
user, err = db.GetUserByID(systemCtx, userID)
8989
if err != nil {
9090
httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{
9191
Message: userErrorMessage,
@@ -94,7 +94,7 @@ func ExtractUserParam(db database.Store, redirectToLoginOnMe bool) func(http.Han
9494
}
9595
} else {
9696
// Try as a username last
97-
user, err = db.GetUserByEmailOrUsername(ctx, database.GetUserByEmailOrUsernameParams{
97+
user, err = db.GetUserByEmailOrUsername(systemCtx, database.GetUserByEmailOrUsernameParams{
9898
Username: userQuery,
9999
})
100100
if err != nil {

0 commit comments

Comments
 (0)