Skip to content

Commit f6fe76f

Browse files
EmyrkEmyrk
committed
GetTemplateInsights require an actor to call
1 parent e930fb2 commit f6fe76f

File tree

2 files changed

+23
-2
lines changed

2 files changed

+23
-2
lines changed

coderd/database/dbauthz/dbauthz.go

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -62,6 +62,10 @@ func IsNotAuthorizedError(err error) bool {
6262
if err == nil {
6363
return false
6464
}
65+
if xerrors.Is(err, NoActorError) {
66+
return true
67+
}
68+
6569
return xerrors.As(err, &NotAuthorizedError{})
6670
}
6771

@@ -1393,7 +1397,7 @@ func (q *querier) GetTemplateDAUs(ctx context.Context, arg database.GetTemplateD
13931397
func (q *querier) GetTemplateInsights(ctx context.Context, arg database.GetTemplateInsightsParams) (database.GetTemplateInsightsRow, error) {
13941398
// Used by TemplateInsights endpoint
13951399
// For auditors, check read template_insights, and fall back to update template.
1396-
if err := q.authorizeContext(ctx, rbac.ActionRead, rbac.ResourceTemplateInsights); IsNotAuthorizedError(err) {
1400+
if err := q.authorizeContext(ctx, rbac.ActionRead, rbac.ResourceTemplateInsights); err != nil {
13971401
for _, templateID := range arg.TemplateIDs {
13981402
template, err := q.db.GetTemplateByID(ctx, templateID)
13991403
if err != nil {
@@ -1416,7 +1420,7 @@ func (q *querier) GetTemplateInsights(ctx context.Context, arg database.GetTempl
14161420
func (q *querier) GetTemplateInsightsByInterval(ctx context.Context, arg database.GetTemplateInsightsByIntervalParams) ([]database.GetTemplateInsightsByIntervalRow, error) {
14171421
// Used by TemplateInsights endpoint
14181422
// For auditors, check read template_insights, and fall back to update template.
1419-
if err := q.authorizeContext(ctx, rbac.ActionRead, rbac.ResourceTemplateInsights); IsNotAuthorizedError(err) {
1423+
if err := q.authorizeContext(ctx, rbac.ActionRead, rbac.ResourceTemplateInsights); err != nil {
14201424
for _, templateID := range arg.TemplateIDs {
14211425
template, err := q.db.GetTemplateByID(ctx, templateID)
14221426
if err != nil {

coderd/database/dbauthz/dbauthz_test.go

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -888,6 +888,20 @@ func (s *MethodTestSuite) TestTemplate() {
888888
ExternalAuthProviders: []string{},
889889
}).Asserts(t1, rbac.ActionUpdate).Returns()
890890
}))
891+
s.Run("GetTemplateInsights", s.Subtest(func(db database.Store, check *expects) {
892+
//tpl := dbgen.Template(s.T(), db, database.Template{})
893+
check.Args(database.GetTemplateInsightsParams{
894+
StartTime: time.Time{},
895+
EndTime: time.Now(),
896+
TemplateIDs: []uuid.UUID{},
897+
}).Asserts(rbac.ResourceTemplateInsights, rbac.ActionRead)
898+
}))
899+
s.Run("GetTemplateInsightsByInterval", s.Subtest(func(db database.Store, check *expects) {
900+
check.Args(database.GetTemplateInsightsByIntervalParams{}).Asserts(rbac.ResourceTemplateInsights, rbac.ActionRead)
901+
}))
902+
s.Run("GetTemplateInsightsByTemplate", s.Subtest(func(db database.Store, check *expects) {
903+
check.Args(database.GetTemplateInsightsByTemplateParams{}).Asserts(rbac.ResourceTemplateInsights, rbac.ActionRead)
904+
}))
891905
}
892906

893907
func (s *MethodTestSuite) TestUser() {
@@ -1933,4 +1947,7 @@ func (s *MethodTestSuite) TestSystemFunctions() {
19331947
s.Run("InsertWorkspaceAgentLogSources", s.Subtest(func(db database.Store, check *expects) {
19341948
check.Args(database.InsertWorkspaceAgentLogSourcesParams{}).Asserts()
19351949
}))
1950+
s.Run("GetTemplateDAUs", s.Subtest(func(db database.Store, check *expects) {
1951+
check.Args(database.GetTemplateDAUsParams{}).Asserts(rbac.ResourceSystem, rbac.ActionRead)
1952+
}))
19361953
}

0 commit comments

Comments
 (0)