Skip to content

chore: ensure default org always exists #12412

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 12 commits into from
Mar 5, 2024
Merged

chore: ensure default org always exists #12412

Changes from 1 commit
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
e4b1bb8
chore: ensure default org always exists
Emyrk Mar 4, 2024
b4a4dd4
fix ctx for inserting first user
Emyrk Mar 4, 2024
627c9f8
The system user could not read organizations
Emyrk Mar 4, 2024
179828c
manual dbmem migration
Emyrk Mar 4, 2024
db8da5a
Fix first org name check:
Emyrk Mar 4, 2024
b830625
correctly return implied roles
Emyrk Mar 4, 2024
6b086c6
fix authz tests
Emyrk Mar 4, 2024
9997f59
ensure everyone group on first user
Emyrk Mar 4, 2024
3977c71
fix old unit test, changed assumption
Emyrk Mar 4, 2024
d35933d
log critical on a 'should never happen' parsing org roles
Emyrk Mar 5, 2024
1b8690f
drop code that attempts to correct the implied roles
Emyrk Mar 5, 2024
c9af8c0
Test 'TestInitialRoles' to not expect member role
Emyrk Mar 5, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
log critical on a 'should never happen' parsing org roles
  • Loading branch information
@Emyrk
Emyrk committed Mar 5, 2024
commit d35933d4f07c4a4f94d59fdb41747c43bf2b389e
13 changes: 9 additions & 4 deletions coderd/users.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ import (
"github.com/google/uuid"
"golang.org/x/xerrors"

"cdr.dev/slog"
"github.com/coder/coder/v2/coderd/audit"
"github.com/coder/coder/v2/coderd/database"
"github.com/coder/coder/v2/coderd/database/db2sdk"
Expand Down Expand Up @@ -196,10 +197,9 @@ func (api *API) postFirstUser(rw http.ResponseWriter, r *http.Request) {
//nolint:gocritic // needed to create first user
user, organizationID, err := api.CreateUser(dbauthz.AsSystemRestricted(ctx), api.Database, CreateUserRequest{
CreateUserRequest: codersdk.CreateUserRequest{
Email: createUser.Email,
Username: createUser.Username,
Password: createUser.Password,
// Create an org for the first user.
Email: createUser.Email,
Username: createUser.Username,
Password: createUser.Password,
OrganizationID: defaultOrg.ID,
},
CreateOrganization: false,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think you can remove this field, which also allows cleaning up a lot of cruft in userauth.go

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh you are right. I think we can drop the CreateOrganization behavior entirely. I'll make a new PR that will look into dropping it.

Expand Down Expand Up @@ -1083,6 +1083,11 @@ func (api *API) userRoles(rw http.ResponseWriter, r *http.Request) {

uid, err := uuid.Parse(orgID)
if err != nil {
api.Logger.Critical(r.Context(), "org role contains invalid uuid",
slog.F("username", user.Username),
slog.F("user_id", user.ID.String()),
slog.F("role", role),
)
continue // This should never happen
}
if _, ok := allowedOrgs[uid]; ok {
Expand Down