Skip to content

chore: implement assign organization roles from the cli #13558

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Jun 13, 2024
+119 −5
Merged

chore: implement assign organization roles from the cli #13558

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
66 changes: 63 additions & 3 deletions cli/organizationmembers.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ package cli

import (
"fmt"
"strings"

"golang.org/x/xerrors"

Expand All @@ -11,16 +12,75 @@ import (
)

func (r *RootCmd) organizationMembers() *serpent.Command {
cmd := &serpent.Command{
Use: "members",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this ready for end users to start consuming? If not, do we want to start with it hidden?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is not, but the parent command is hidden:

coder/cli/organization.go

Line 24 in a8fe429

Hidden: true, // Hidden until these commands are complete.

So this is also hidden

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice 👍

Aliases: []string{"member"},
Short: "Manage organization members",
Children: []*serpent.Command{
r.listOrganizationMembers(),
r.assignOrganizationRoles(),
},
Handler: func(inv *serpent.Invocation) error {
return inv.Command.HelpHandler(inv)
},
}

return cmd
}

func (r *RootCmd) assignOrganizationRoles() *serpent.Command {
client := new(codersdk.Client)

cmd := &serpent.Command{
Use: "edit-roles <username | user_id> [roles...]",
Aliases: []string{"edit-role"},
Short: "Edit organization member's roles",
Middleware: serpent.Chain(
r.InitClient(client),
),
Handler: func(inv *serpent.Invocation) error {
ctx := inv.Context()
organization, err := CurrentOrganization(r, inv, client)
if err != nil {
return err
}

if len(inv.Args) < 1 {
return xerrors.Errorf("user_id or username is required as the first argument")
}
userIdentifier := inv.Args[0]
roles := inv.Args[1:]

member, err := client.UpdateOrganizationMemberRoles(ctx, organization.ID, userIdentifier, codersdk.UpdateRoles{
Roles: roles,
})
if err != nil {
return xerrors.Errorf("update member roles: %w", err)
}

updatedTo := make([]string, 0)
for _, role := range member.Roles {
updatedTo = append(updatedTo, role.String())
}

_, _ = fmt.Fprintf(inv.Stdout, "Member roles updated to [%s]\n", strings.Join(updatedTo, ", "))
return nil
},
}

return cmd
}

func (r *RootCmd) listOrganizationMembers() *serpent.Command {
formatter := cliui.NewOutputFormatter(
cliui.TableFormat([]codersdk.OrganizationMemberWithName{}, []string{"username", "organization_roles"}),
cliui.JSONFormat(),
)

client := new(codersdk.Client)
cmd := &serpent.Command{
Use: "members",
Short: "List all organization members",
Aliases: []string{"member"},
Use: "list",
Short: "List all organization members",
Middleware: serpent.Chain(
serpent.RequireNArgs(0),
r.InitClient(client),
Expand Down
2 changes: 1 addition & 1 deletion cli/organizationmembers_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ func TestListOrganizationMembers(t *testing.T) {
client, user := coderdtest.CreateAnotherUser(t, ownerClient, owner.OrganizationID, rbac.RoleUserAdmin())

ctx := testutil.Context(t, testutil.WaitMedium)
inv, root := clitest.New(t, "organization", "members", "-c", "user_id,username,roles")
inv, root := clitest.New(t, "organization", "members", "list", "-c", "user_id,username,roles")
clitest.SetupConfig(t, client, root)

buf := new(bytes.Buffer)
Expand Down
56 changes: 55 additions & 1 deletion enterprise/cli/organizationmembers_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ func TestEnterpriseListOrganizationMembers(t *testing.T) {
OrganizationID: owner.OrganizationID,
}, rbac.ScopedRoleOrgAdmin(owner.OrganizationID))

inv, root := clitest.New(t, "organization", "members", "-c", "user_id,username,organization_roles")
inv, root := clitest.New(t, "organization", "members", "list", "-c", "user_id,username,organization_roles")
clitest.SetupConfig(t, client, root)

buf := new(bytes.Buffer)
Expand All @@ -66,3 +66,57 @@ func TestEnterpriseListOrganizationMembers(t *testing.T) {
require.Contains(t, buf.String(), customRole.DisplayName)
})
}

func TestAssignOrganizationMemberRole(t *testing.T) {
t.Parallel()

t.Run("OK", func(t *testing.T) {
t.Parallel()
dv := coderdtest.DeploymentValues(t)
dv.Experiments = []string{string(codersdk.ExperimentCustomRoles)}

ownerClient, owner := coderdenttest.New(t, &coderdenttest.Options{
Options: &coderdtest.Options{
DeploymentValues: dv,
},
LicenseOptions: &coderdenttest.LicenseOptions{
Features: license.Features{
codersdk.FeatureCustomRoles: 1,
},
},
})
_, user := coderdtest.CreateAnotherUser(t, ownerClient, owner.OrganizationID, rbac.RoleUserAdmin())

ctx := testutil.Context(t, testutil.WaitMedium)
// nolint:gocritic // requires owner role to create
customRole, err := ownerClient.PatchOrganizationRole(ctx, owner.OrganizationID, codersdk.Role{
Name: "custom-role",
OrganizationID: owner.OrganizationID.String(),
DisplayName: "Custom Role",
SitePermissions: nil,
OrganizationPermissions: codersdk.CreatePermissions(map[codersdk.RBACResource][]codersdk.RBACAction{
codersdk.ResourceWorkspace: {codersdk.ActionRead},
}),
UserPermissions: nil,
})
require.NoError(t, err)

inv, root := clitest.New(t, "organization", "members", "edit-roles", user.Username, codersdk.RoleOrganizationAdmin, customRole.Name)
// nolint:gocritic // you cannot change your own roles
clitest.SetupConfig(t, ownerClient, root)

buf := new(bytes.Buffer)
inv.Stdout = buf
err = inv.WithContext(ctx).Run()
require.NoError(t, err)
require.Contains(t, buf.String(), must(rbac.RoleByName(rbac.ScopedRoleOrgAdmin(owner.OrganizationID))).DisplayName)
require.Contains(t, buf.String(), customRole.DisplayName)
})
}

func must[V any](v V, err error) V {
if err != nil {
panic(err)
}
return v
}
Loading