Skip to content

feat: add endpoint for partial updates to org sync field and assign_default #16337

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 5 commits into from
Jan 30, 2025
Merged

feat: add endpoint for partial updates to org sync field and assign_default #16337

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
e842dc0
add route for updating the non-mapping fields
aslilac Jan 29, 2025
0a69b24
Merge branch 'main' into lilac/patch-org-sync-other-stuff
aslilac Jan 30, 2025
8ab2c01
tests uwu
aslilac Jan 30, 2025
0f4350e
🏭
aslilac Jan 30, 2025
49add10
jerk
aslilac Jan 30, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Merge branch 'main' into lilac/patch-org-sync-other-stuff
  • Loading branch information
@aslilac
aslilac committed Jan 30, 2025
commit 0a69b242d2a9c8ed81c6302ee36061606a39fafc
20 changes: 20 additions & 0 deletions codersdk/idpsync.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -163,6 +163,26 @@ func (c *Client) PatchOrganizationIDPSyncConfig(ctx context.Context, req Organiz
return resp, json.NewDecoder(res.Body).Decode(&resp)
}

// If the same mapping is present in both Add and Remove, Remove will take presidence.
type PatchOrganizationIDPSyncMappingRequest struct {
Add []IDPSyncMapping[uuid.UUID]
Remove []IDPSyncMapping[uuid.UUID]
}

func (c *Client) PatchOrganizationIDPSyncMapping(ctx context.Context, req PatchOrganizationIDPSyncMappingRequest) (OrganizationSyncSettings, error) {
res, err := c.Request(ctx, http.MethodPatch, "/api/v2/settings/idpsync/organization/mapping", req)
if err != nil {
return OrganizationSyncSettings{}, xerrors.Errorf("make request: %w", err)
}
defer res.Body.Close()

if res.StatusCode != http.StatusOK {
return OrganizationSyncSettings{}, ReadBodyAsError(res)
}
var resp OrganizationSyncSettings
return resp, json.NewDecoder(res.Body).Decode(&resp)
}

func (c *Client) GetAvailableIDPSyncFields(ctx context.Context) ([]string, error) {
res, err := c.Request(ctx, http.MethodGet, "/api/v2/settings/idpsync/available-fields", nil)
if err != nil {
Expand Down
1 change: 1 addition & 0 deletions enterprise/coderd/coderd.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -296,6 +296,7 @@ func New(ctx context.Context, options *Options) (_ *API, err error) {
r.Get("/", api.organizationIDPSyncSettings)
r.Patch("/", api.patchOrganizationIDPSyncSettings)
r.Patch("/config", api.patchOrganizationIDPSyncConfig)
r.Patch("/mapping", api.patchOrganizationIDPSyncMapping)
})

r.Get("/available-fields", api.deploymentIDPSyncClaimFields)
Expand Down
89 changes: 88 additions & 1 deletion enterprise/coderd/idpsync.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -359,7 +359,7 @@ func (api *API) patchOrganizationIDPSyncConfig(rw http.ResponseWriter, r *http.R
}
aReq.Old = *existing

err = api.IDPSync.UpdateOrganizationSettings(sysCtx, tx, idpsync.OrganizationSyncSettings{
err = api.IDPSync.UpdateOrganizationSyncSettings(sysCtx, tx, idpsync.OrganizationSyncSettings{
Field: req.Field,
AssignDefault: req.AssignDefault,
Mapping: existing.Mapping,
Expand Down Expand Up @@ -389,6 +389,93 @@ func (api *API) patchOrganizationIDPSyncConfig(rw http.ResponseWriter, r *http.R
})
}

// @Summary Update organization IdP Sync mapping
// @ID update-organization-idp-sync-mapping
// @Security CoderSessionToken
// @Produce json
// @Accept json
// @Tags Enterprise
// @Success 200 {object} codersdk.OrganizationSyncSettings
// @Param request body codersdk.PatchOrganizationIDPSyncMappingRequest true "Description of the mappings to add and remove"
// @Router /settings/idpsync/organization/mapping [patch]
func (api *API) patchOrganizationIDPSyncMapping(rw http.ResponseWriter, r *http.Request) {
ctx := r.Context()
auditor := *api.AGPL.Auditor.Load()
aReq, commitAudit := audit.InitRequest[idpsync.OrganizationSyncSettings](rw, &audit.RequestParams{
Audit: auditor,
Log: api.Logger,
Request: r,
Action: database.AuditActionWrite,
})
defer commitAudit()

if !api.Authorize(r, policy.ActionUpdate, rbac.ResourceIdpsyncSettings) {
httpapi.Forbidden(rw)
return
}

var req codersdk.PatchOrganizationIDPSyncMappingRequest
if !httpapi.Read(ctx, rw, r, &req) {
return
}

var settings idpsync.OrganizationSyncSettings
//nolint:gocritic // Requires system context to update runtime config
sysCtx := dbauthz.AsSystemRestricted(ctx)
err := database.ReadModifyUpdate(api.Database, func(tx database.Store) error {
existing, err := api.IDPSync.OrganizationSyncSettings(sysCtx, tx)
if err != nil {
return err
}
aReq.Old = *existing

newMapping := make(map[string][]uuid.UUID)

// Copy existing mapping
for key, ids := range existing.Mapping {
newMapping[key] = append(newMapping[key], ids...)
}

// Add unique entries
for _, mapping := range req.Add {
if !slice.Contains(newMapping[mapping.Given], mapping.Gets) {
newMapping[mapping.Given] = append(newMapping[mapping.Given], mapping.Gets)
}
}

// Remove entries
for _, mapping := range req.Remove {
newMapping[mapping.Given] = slices.DeleteFunc(newMapping[mapping.Given], func(u uuid.UUID) bool {
return u == mapping.Gets
})
}

settings = idpsync.OrganizationSyncSettings{
Field: existing.Field,
Mapping: newMapping,
AssignDefault: existing.AssignDefault,
}

err = api.IDPSync.UpdateOrganizationSyncSettings(sysCtx, tx, settings)
if err != nil {
return err
}

return nil
})
if err != nil {
httpapi.InternalServerError(rw, err)
return
}

aReq.New = settings
httpapi.Write(ctx, rw, http.StatusOK, codersdk.OrganizationSyncSettings{
Field: settings.Field,
Mapping: settings.Mapping,
AssignDefault: settings.AssignDefault,
})
}

// @Summary Get the available organization idp sync claim fields
// @ID get-the-available-organization-idp-sync-claim-fields
// @Security CoderSessionToken
Expand Down
Loading
You are viewing a condensed version of this merge commit. You can view the full changes here.