Skip to content
Merged
Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
28 commits
Select commit Hold shift + click to select a range
300e80f
add prebuilds system user database changes and associated changes
SasSwart Mar 12, 2025
b788237
optionally prevent system users from counting to user count
dannykopping Mar 13, 2025
8122595
appease the linter
dannykopping Mar 13, 2025
bfb7c28
add unit test for system user behaviour
dannykopping Mar 13, 2025
6639167
reverting RBAC changes; not relevant here
dannykopping Mar 13, 2025
769ae1d
removing unnecessary changes
dannykopping Mar 13, 2025
e7e9c27
exclude system user db tests from non-linux OSs
dannykopping Mar 13, 2025
3936047
Rename prebuild system user reference
SasSwart Mar 17, 2025
8bdcafb
ensure that users.IsSystem is not nullable
SasSwart Mar 17, 2025
324fde2
Fixes
dannykopping Mar 17, 2025
81d9dfa
Merge remote-tracking branch 'origin/main' into prebuilds-system-user
SasSwart Mar 18, 2025
896c881
renumber migrations
SasSwart Mar 18, 2025
de4fb8a
ensure that system users are filtered and returned consistently
SasSwart Mar 19, 2025
2751d5b
make -B lint
SasSwart Mar 19, 2025
1042c39
rewrite prebuilds system user tests in our usual style
SasSwart Mar 19, 2025
f9e9d11
add support for prebuilds user to dbmem
SasSwart Mar 19, 2025
7492965
appease the linter
SasSwart Mar 19, 2025
29e2020
add support for the prebuilds system user to dbmem
SasSwart Mar 19, 2025
8c51585
linter
SasSwart Mar 19, 2025
cdc5c71
fix dbmem tests
SasSwart Mar 19, 2025
0d4813a
remove restriction on modifying system users for now
SasSwart Mar 19, 2025
95d70a3
remove system user index
SasSwart Mar 20, 2025
8f1d71c
Merge remote-tracking branch 'origin/main' into prebuilds-system-user
SasSwart Mar 24, 2025
7e009e5
invert tests that check for system user update protection
SasSwart Mar 24, 2025
addd7c6
lint
SasSwart Mar 24, 2025
7a4ef24
Allow TestUpdateSystemUser to run against dbmem
SasSwart Mar 24, 2025
f30ce72
Merge remote-tracking branch 'origin/main' into prebuilds-system-user
SasSwart Mar 25, 2025
5f0ae5e
Renumber migrations
SasSwart Mar 25, 2025
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Next Next commit
add prebuilds system user database changes and associated changes
Signed-off-by: Danny Kopping <dannykopping@gmail.com>
  • Loading branch information
SasSwart authored and dannykopping committed Mar 17, 2025
commit 300e80f1f8922c6e373858789530048b903da11c
28 changes: 28 additions & 0 deletions coderd/database/dbauthz/dbauthz.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ import (

"cdr.dev/slog"

"github.com/coder/coder/v2/coderd/prebuilds"
"github.com/coder/coder/v2/coderd/rbac/policy"
"github.com/coder/coder/v2/coderd/rbac/rolestore"

Expand Down Expand Up @@ -358,6 +359,27 @@ var (
}),
Scope: rbac.ScopeAll,
}.WithCachedASTValue()

subjectPrebuildsOrchestrator = rbac.Subject{
FriendlyName: "Prebuilds Orchestrator",
ID: prebuilds.OwnerID.String(),
Roles: rbac.Roles([]rbac.Role{
{
Identifier: rbac.RoleIdentifier{Name: "prebuilds-orchestrator"},
DisplayName: "Coder",
Site: rbac.Permissions(map[string][]policy.Action{
// May use template, read template-related info, & insert template-related resources (preset prebuilds).
rbac.ResourceTemplate.Type: {policy.ActionRead, policy.ActionUpdate, policy.ActionUse},
// May CRUD workspaces, and start/stop them.
rbac.ResourceWorkspace.Type: {
policy.ActionCreate, policy.ActionDelete, policy.ActionRead, policy.ActionUpdate,
policy.ActionWorkspaceStart, policy.ActionWorkspaceStop,
},
}),
},
}),
Scope: rbac.ScopeAll,
}.WithCachedASTValue()
)

// AsProvisionerd returns a context with an actor that has permissions required
Expand Down Expand Up @@ -412,6 +434,12 @@ func AsSystemReadProvisionerDaemons(ctx context.Context) context.Context {
return context.WithValue(ctx, authContextKey{}, subjectSystemReadProvisionerDaemons)
}

// AsPrebuildsOrchestrator returns a context with an actor that has permissions
// to read orchestrator workspace prebuilds.
func AsPrebuildsOrchestrator(ctx context.Context) context.Context {
return context.WithValue(ctx, authContextKey{}, subjectPrebuildsOrchestrator)
}

var AsRemoveActor = rbac.Subject{
ID: "remove-actor",
}
Expand Down
20 changes: 20 additions & 0 deletions coderd/database/dump.sql

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

20 changes: 20 additions & 0 deletions coderd/database/migrations/000301_system_user.down.sql
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
-- Remove system user from organizations
DELETE FROM organization_members
WHERE user_id = 'c42fdf75-3097-471c-8c33-fb52454d81c0';

-- Drop triggers first
DROP TRIGGER IF EXISTS prevent_system_user_updates ON users;
DROP TRIGGER IF EXISTS prevent_system_user_deletions ON users;

-- Drop function
DROP FUNCTION IF EXISTS prevent_system_user_changes();

-- Delete system user
DELETE FROM users
WHERE id = 'c42fdf75-3097-471c-8c33-fb52454d81c0';

-- Drop index
DROP INDEX IF EXISTS user_is_system_idx;

-- Drop column
ALTER TABLE users DROP COLUMN IF EXISTS is_system;
51 changes: 51 additions & 0 deletions coderd/database/migrations/000301_system_user.up.sql
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
ALTER TABLE users
ADD COLUMN is_system bool DEFAULT false;

CREATE INDEX user_is_system_idx ON users USING btree (is_system);

COMMENT ON COLUMN users.is_system IS 'Determines if a user is a system user, and therefore cannot login or perform normal actions';

-- TODO: tried using "none" for login type, but the migration produced this error: 'unsafe use of new value "none" of enum type login_type'
-- -> not sure why though? it exists on the login_type enum.
INSERT INTO users (id, email, username, name, created_at, updated_at, status, rbac_roles, hashed_password, is_system, login_type)
VALUES ('c42fdf75-3097-471c-8c33-fb52454d81c0', 'prebuilds@system', 'prebuilds', 'Prebuilds Owner', now(), now(),
'active', '{}', 'none', true, 'password'::login_type);

-- Create function to check system user modifications
CREATE OR REPLACE FUNCTION prevent_system_user_changes()
RETURNS TRIGGER AS
$$
BEGIN
IF OLD.is_system = true THEN
RAISE EXCEPTION 'Cannot modify or delete system users';
END IF;
RETURN OLD;
END;
$$ LANGUAGE plpgsql;

-- Create trigger to prevent updates to system users
CREATE TRIGGER prevent_system_user_updates
BEFORE UPDATE ON users
FOR EACH ROW
WHEN (OLD.is_system = true)
EXECUTE FUNCTION prevent_system_user_changes();

-- Create trigger to prevent deletion of system users
CREATE TRIGGER prevent_system_user_deletions
BEFORE DELETE ON users
FOR EACH ROW
WHEN (OLD.is_system = true)
EXECUTE FUNCTION prevent_system_user_changes();

-- TODO: do we *want* to use the default org here? how do we handle multi-org?
WITH default_org AS (SELECT id
FROM organizations
WHERE is_default = true
LIMIT 1)
INSERT
INTO organization_members (organization_id, user_id, created_at, updated_at)
SELECT default_org.id,
'c42fdf75-3097-471c-8c33-fb52454d81c0', -- The system user responsible for prebuilds.
NOW(),
NOW()
FROM default_org;
1 change: 1 addition & 0 deletions coderd/database/modelmethods.go
Original file line number Diff line number Diff line change
Expand Up @@ -423,6 +423,7 @@ func ConvertUserRows(rows []GetUsersRow) []User {
AvatarURL: r.AvatarURL,
Deleted: r.Deleted,
LastSeenAt: r.LastSeenAt,
IsSystem: r.IsSystem,
}
}

Expand Down
1 change: 1 addition & 0 deletions coderd/database/modelqueries.go
Original file line number Diff line number Diff line change
Expand Up @@ -421,6 +421,7 @@ func (q *sqlQuerier) GetAuthorizedUsers(ctx context.Context, arg GetUsersParams,
&i.GithubComUserID,
&i.HashedOneTimePasscode,
&i.OneTimePasscodeExpiresAt,
&i.IsSystem,
&i.Count,
); err != nil {
return nil, err
Expand Down
2 changes: 2 additions & 0 deletions coderd/database/models.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

34 changes: 23 additions & 11 deletions coderd/database/queries.sql.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading