Skip to content

feat: implement organization role sync #14649

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 13 commits into from
Sep 17, 2024
Merged

feat: implement organization role sync #14649

merged 13 commits into from
Sep 17, 2024

Conversation

Emyrk
Copy link
Member

@Emyrk Emyrk commented Sep 11, 2024
edited
Loading

What this does

Existing deployment values configure site role sync. Organizations can now configure org role sync.

Removed existing role sync, and moved all code to idpsync package.

In support of #14203

@Emyrk Emyrk changed the title Stevenmasley/org role sync feat: implement organization role sync Sep 11, 2024
@Emyrk Emyrk marked this pull request as ready for review September 11, 2024 20:53
@Emyrk Emyrk force-pushed the stevenmasley/org_role_sync branch from 96e4835 to d7e2ac0 Compare September 16, 2024 13:44
@Emyrk Emyrk requested review from f0ssel and coadler September 16, 2024 13:47
@Emyrk Emyrk force-pushed the stevenmasley/org_role_sync branch from d7e2ac0 to 12c7af7 Compare September 16, 2024 17:33
f0ssel
f0ssel approved these changes Sep 16, 2024
View reviewed changes
Copy link
Contributor

@f0ssel f0ssel left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a lot so I'll admit some of the more detailed mapping logic I glossed over, but the tests look solid 👍 🦖

coderd/idpsync/role.go
Comment on lines +220 to +225
s.Logger.Debug(ctx, "OIDC roles ignored in assignment",
slog.F("ignored", ignored),
slog.F("assigned", filtered),
slog.F("user_id", user.ID),
slog.F("username", user.Username),
)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

coderd/members.go Outdated
@@ -215,6 +216,33 @@ func (api *API) putMemberRoles(rw http.ResponseWriter, r *http.Request) {
aReq.Old = member.OrganizationMember.Auditable(member.Username)
defer commitAudit()

// Keep this block scoping to prevent accidental use of the user variable.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is basically saying this should be a function imo

@Emyrk Emyrk merged commit 7139374 into main Sep 17, 2024
26 checks passed
@Emyrk Emyrk deleted the stevenmasley/org_role_sync branch September 17, 2024 00:03
@github-actions github-actions bot locked and limited conversation to collaborators Sep 17, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@f0ssel f0ssel f0ssel approved these changes

@coadler coadler Awaiting requested review from coadler

Assignees

@Emyrk Emyrk

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Emyrk @f0ssel