Skip to content

feat: add a paginated organization members endpoint #16835

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 19 commits into from
Mar 10, 2025
Merged

feat: add a paginated organization members endpoint #16835

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
19 commits
Select commit Hold shift + click to select a range
cea4d3c
feat: add paginated members route
brettkolodny Mar 6, 2025
e97c9db
feat: add request and response types
brettkolodny Mar 6, 2025
34003dc
feat: create new sql query and generate code
brettkolodny Mar 6, 2025
9edb088
fix: add dbauthz tests
brettkolodny Mar 6, 2025
ef40967
feat: implement endpoint
brettkolodny Mar 6, 2025
6aaddaf
fix: correct endpoint documentation
brettkolodny Mar 6, 2025
a724f48
fix: lint errors
brettkolodny Mar 6, 2025
4925592
fix: generated docs from new endpoint
brettkolodny Mar 6, 2025
902538c
fix: remove unneeded comments
brettkolodny Mar 6, 2025
06ff95c
wip
brettkolodny Mar 7, 2025
560305d
Merge branch 'main' into brett/org-members-pagination-backend
brettkolodny Mar 7, 2025
76a4cbf
fix: incorrectly showing type in panic
brettkolodny Mar 7, 2025
737ac9f
fix: update docs
brettkolodny Mar 7, 2025
8910df3
fix: change dbauthz test back to proper one
brettkolodny Mar 7, 2025
0e579a2
fix: un-nest route
brettkolodny Mar 7, 2025
73e356c
fix: add comment
brettkolodny Mar 10, 2025
24332f4
fix: update test to account for dbmem and check for returned member
brettkolodny Mar 10, 2025
7af0b60
fix: update test to check for accurate count
brettkolodny Mar 10, 2025
cdc0322
fix: make dbmem implementation match expected behaior around 0 limit
brettkolodny Mar 10, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
64 changes: 64 additions & 0 deletions coderd/apidoc/docs.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

60 changes: 60 additions & 0 deletions coderd/apidoc/swagger.json
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions coderd/coderd.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1002,6 +1002,7 @@ func New(options *Options) *API {
})
})
})
r.Get("/paginated-members", api.paginatedMembers)
r.Route("/members", func(r chi.Router) {
r.Get("/", api.listMembers)
r.Route("/roles", func(r chi.Router) {
Expand Down
8 changes: 8 additions & 0 deletions coderd/database/dbauthz/dbauthz.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3581,6 +3581,14 @@ func (q *querier) OrganizationMembers(ctx context.Context, arg database.Organiza
return fetchWithPostFilter(q.auth, policy.ActionRead, q.db.OrganizationMembers)(ctx, arg)
}

func (q *querier) PaginatedOrganizationMembers(ctx context.Context, arg database.PaginatedOrganizationMembersParams) ([]database.PaginatedOrganizationMembersRow, error) {
// Required to have permission to read all members in the organization
if err := q.authorizeContext(ctx, policy.ActionRead, rbac.ResourceOrganizationMember.InOrg(arg.OrganizationID)); err != nil {
return nil, err
}
Comment on lines +3586 to +3588
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just throw a comment

Suggested change
if err := q.authorizeContext(ctx, policy.ActionRead, rbac.ResourceOrganizationMember.InOrg(arg.OrganizationID)); err != nil {
return nil, err
}
// Required to have permission to read all members in the organization
if err := q.authorizeContext(ctx, policy.ActionRead, rbac.ResourceOrganizationMember.InOrg(arg.OrganizationID)); err != nil {
return nil, err
}

return q.db.PaginatedOrganizationMembers(ctx, arg)
}

func (q *querier) ReduceWorkspaceAgentShareLevelToAuthenticatedByTemplate(ctx context.Context, templateID uuid.UUID) error {
template, err := q.db.GetTemplateByID(ctx, templateID)
if err != nil {
Expand Down
26 changes: 26 additions & 0 deletions coderd/database/dbauthz/dbauthz_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -985,6 +985,32 @@ func (s *MethodTestSuite) TestOrganization() {
mem, policy.ActionRead,
)
}))
s.Run("PaginatedOrganizationMembers", s.Subtest(func(db database.Store, check *expects) {
o := dbgen.Organization(s.T(), db, database.Organization{})
u := dbgen.User(s.T(), db, database.User{})
mem := dbgen.OrganizationMember(s.T(), db, database.OrganizationMember{
OrganizationID: o.ID,
UserID: u.ID,
Roles: []string{rbac.RoleOrgAdmin()},
})

check.Args(database.PaginatedOrganizationMembersParams{
OrganizationID: o.ID,
LimitOpt: 0,
}).Asserts(
rbac.ResourceOrganizationMember.InOrg(o.ID), policy.ActionRead,
).Returns([]database.PaginatedOrganizationMembersRow{
{
OrganizationMember: mem,
Username: u.Username,
AvatarURL: u.AvatarURL,
Name: u.Name,
Email: u.Email,
GlobalRoles: u.RBACRoles,
Count: 1,
},
})
}))
s.Run("UpdateMemberRoles", s.Subtest(func(db database.Store, check *expects) {
o := dbgen.Organization(s.T(), db, database.Organization{})
u := dbgen.User(s.T(), db, database.User{})
Expand Down
2 changes: 1 addition & 1 deletion coderd/database/dbauthz/setup_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -503,7 +503,7 @@ func asserts(inputs ...any) []AssertRBAC {
// Could be the string type.
actionAsString, ok := inputs[i+1].(string)
if !ok {
panic(fmt.Sprintf("action '%q' not a supported action", actionAsString))
panic(fmt.Sprintf("action '%T' not a supported action", inputs[i+1]))
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nice catch 😂

}
action = policy.Action(actionAsString)
}
Expand Down
47 changes: 47 additions & 0 deletions coderd/database/dbmem/dbmem.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9584,6 +9584,53 @@ func (q *FakeQuerier) OrganizationMembers(_ context.Context, arg database.Organi
return tmp, nil
}

func (q *FakeQuerier) PaginatedOrganizationMembers(_ context.Context, arg database.PaginatedOrganizationMembersParams) ([]database.PaginatedOrganizationMembersRow, error) {
err := validateDatabaseType(arg)
if err != nil {
return nil, err
}

q.mutex.RLock()
defer q.mutex.RUnlock()

// All of the members in the organization
orgMembers := make([]database.OrganizationMember, 0)
for _, mem := range q.organizationMembers {
if arg.OrganizationID != uuid.Nil && mem.OrganizationID != arg.OrganizationID {
continue
}

orgMembers = append(orgMembers, mem)
}

selectedMembers := make([]database.PaginatedOrganizationMembersRow, 0)

skippedMembers := 0
for _, organizationMember := range q.organizationMembers {
if skippedMembers < int(arg.OffsetOpt) {
skippedMembers++
continue
}

// if the limit is set to 0 we treat that as returning all of the org members
if int(arg.LimitOpt) != 0 && len(selectedMembers) >= int(arg.LimitOpt) {
break
}

user, _ := q.getUserByIDNoLock(organizationMember.UserID)
selectedMembers = append(selectedMembers, database.PaginatedOrganizationMembersRow{
OrganizationMember: organizationMember,
Username: user.Username,
AvatarURL: user.AvatarURL,
Name: user.Name,
Email: user.Email,
GlobalRoles: user.RBACRoles,
Count: int64(len(orgMembers)),
})
}
return selectedMembers, nil
}

func (q *FakeQuerier) ReduceWorkspaceAgentShareLevelToAuthenticatedByTemplate(_ context.Context, templateID uuid.UUID) error {
err := validateDatabaseType(templateID)
if err != nil {
Expand Down
7 changes: 7 additions & 0 deletions coderd/database/dbmetrics/querymetrics.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

15 changes: 15 additions & 0 deletions coderd/database/dbmock/dbmock.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 4 additions & 0 deletions coderd/database/modelmethods.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -256,6 +256,10 @@ func (m OrganizationMembersRow) RBACObject() rbac.Object {
return m.OrganizationMember.RBACObject()
}

func (m PaginatedOrganizationMembersRow) RBACObject() rbac.Object {
return m.OrganizationMember.RBACObject()
}

func (m GetOrganizationIDsByMemberIDsRow) RBACObject() rbac.Object {
// TODO: This feels incorrect as we are really returning a list of orgmembers.
// This return type should be refactored to return a list of orgmembers, not this
Expand Down
1 change: 1 addition & 0 deletions coderd/database/querier.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading
Loading