coder · aslilac · Jun 16, 2025 · Jun 10, 2025 · Jun 10, 2025 · Jun 10, 2025
diff --git a/CLAUDE.md b/CLAUDE.md
@@ -101,4 +101,7 @@ Read [cursor rules](.cursorrules).
 
 ## Frontend
 
+The frontend is contained in the site folder.
+
+For building Frontend refer to [this document](docs/contributing/frontend.md)
 For building Frontend refer to [this document](docs/about/contributing/frontend.md)
@@ -24,6 +24,7 @@ message WorkspaceApp {
 		OWNER = 1;
 		AUTHENTICATED = 2;
 		PUBLIC = 3;
+		ORGANIZATION = 4;
 	}
 	SharingLevel sharing_level = 10;
 
@@ -401,10 +402,11 @@ message CreateSubAgentRequest {
 			TAB = 1;
 		}
 
-		enum Share {
+		enum SharingLevel {
 			OWNER = 0;
 			AUTHENTICATED = 1;
 			PUBLIC = 2;
+			ORGANIZATION = 3;
 		}
 
 		string slug = 1;
@@ -417,7 +419,7 @@ message CreateSubAgentRequest {
 		optional string icon = 8;
 		optional OpenIn open_in = 9;
 		optional int32 order = 10;
-		optional Share share = 11;
+		optional SharingLevel share = 11;
 		optional bool subdomain = 12;
 		optional string url = 13;
 	}

diff --git a/coderd/agentapi/subagent.go b/coderd/agentapi/subagent.go
@@ -5,6 +5,7 @@ import (
 	"database/sql"
 	"errors"
 	"fmt"
+	"strings"
 
 	"github.com/google/uuid"
 	"github.com/sqlc-dev/pqtype"
@@ -140,20 +141,15 @@ func (a *SubAgentAPI) CreateSubAgent(ctx context.Context, req *agentproto.Create
 				health = database.WorkspaceAppHealthInitializing
 			}
 
-			var sharingLevel database.AppSharingLevel
-			switch app.GetShare() {
-			case agentproto.CreateSubAgentRequest_App_OWNER:
-				sharingLevel = database.AppSharingLevelOwner
-			case agentproto.CreateSubAgentRequest_App_AUTHENTICATED:
-				sharingLevel = database.AppSharingLevelAuthenticated
-			case agentproto.CreateSubAgentRequest_App_PUBLIC:
-				sharingLevel = database.AppSharingLevelPublic
-			default:
+			share := app.GetShare()
+			protoSharingLevel, ok := agentproto.CreateSubAgentRequest_App_SharingLevel_name[int32(share)]
+			if !ok {
 				return codersdk.ValidationError{
 					Field:  "share",
-					Detail: fmt.Sprintf("%q is not a valid app sharing level", app.GetShare()),
+					Detail: fmt.Sprintf("%q is not a valid app sharing level", share.String()),
 				}
 			}
+			sharingLevel := database.AppSharingLevel(strings.ToLower(protoSharingLevel))
 
 			var openIn database.WorkspaceAppOpenIn
 			switch app.GetOpenIn() {

diff --git a/coderd/apidoc/docs.go b/coderd/apidoc/docs.go
diff --git a/coderd/apidoc/swagger.json b/coderd/apidoc/swagger.json
diff --git a/coderd/database/dump.sql b/coderd/database/dump.sql
diff --git a/coderd/database/migrations/000336_add_organization_port_sharing_level.down.sql b/coderd/database/migrations/000336_add_organization_port_sharing_level.down.sql
@@ -0,0 +1,92 @@
+
+-- Drop the view that depends on the templates table
+DROP VIEW template_with_names;
+
+-- Remove 'organization' from the app_sharing_level enum
+CREATE TYPE new_app_sharing_level AS ENUM (
+	'owner',
+	'authenticated',
+	'public'
+);
+
+-- Update workspace_agent_port_share table to use old enum
+-- Convert any 'organization' values to 'authenticated' during downgrade
+ALTER TABLE workspace_agent_port_share
+	ALTER COLUMN share_level TYPE new_app_sharing_level USING (
+		CASE
+			WHEN share_level = 'organization' THEN 'authenticated'::new_app_sharing_level
+			ELSE share_level::text::new_app_sharing_level
+		END
+	);
+
+-- Update workspace_apps table to use old enum
+-- Convert any 'organization' values to 'authenticated' during downgrade
+ALTER TABLE workspace_apps
+	ALTER COLUMN sharing_level DROP DEFAULT,
+	ALTER COLUMN sharing_level TYPE new_app_sharing_level USING (
+		CASE
+			WHEN sharing_level = 'organization' THEN 'authenticated'::new_app_sharing_level
+			ELSE sharing_level::text::new_app_sharing_level
+		END
+	),
+	ALTER COLUMN sharing_level SET DEFAULT 'owner'::new_app_sharing_level;
+
+-- Update templates table to use old enum
+-- Convert any 'organization' values to 'authenticated' during downgrade
+ALTER TABLE templates
+	ALTER COLUMN max_port_sharing_level DROP DEFAULT,
+	ALTER COLUMN max_port_sharing_level TYPE new_app_sharing_level USING (
+		CASE
+			WHEN max_port_sharing_level = 'organization' THEN 'owner'::new_app_sharing_level
+			ELSE max_port_sharing_level::text::new_app_sharing_level
+		END
+	),
+	ALTER COLUMN max_port_sharing_level SET DEFAULT 'owner'::new_app_sharing_level;
+
+-- Drop old enum and rename new one
+DROP TYPE app_sharing_level;
+ALTER TYPE new_app_sharing_level RENAME TO app_sharing_level;
+
+-- Recreate the template_with_names view
+
+CREATE VIEW template_with_names AS
+	SELECT templates.id,
+		templates.created_at,
+		templates.updated_at,
+		templates.organization_id,
+		templates.deleted,
+		templates.name,
+		templates.provisioner,
+		templates.active_version_id,
+		templates.description,
+		templates.default_ttl,
+		templates.created_by,
+		templates.icon,
+		templates.user_acl,
+		templates.group_acl,
+		templates.display_name,
+		templates.allow_user_cancel_workspace_jobs,
+		templates.allow_user_autostart,
+		templates.allow_user_autostop,
+		templates.failure_ttl,
+		templates.time_til_dormant,
+		templates.time_til_dormant_autodelete,
+		templates.autostop_requirement_days_of_week,
+		templates.autostop_requirement_weeks,
+		templates.autostart_block_days_of_week,
+		templates.require_active_version,
+		templates.deprecated,
+		templates.activity_bump,
+		templates.max_port_sharing_level,
+		templates.use_classic_parameter_flow,
+		COALESCE(visible_users.avatar_url, ''::text) AS created_by_avatar_url,
+		COALESCE(visible_users.username, ''::text) AS created_by_username,
+		COALESCE(visible_users.name, ''::text) AS created_by_name,
+		COALESCE(organizations.name, ''::text) AS organization_name,
+		COALESCE(organizations.display_name, ''::text) AS organization_display_name,
+		COALESCE(organizations.icon, ''::text) AS organization_icon
+	FROM ((templates
+	  LEFT JOIN visible_users ON ((templates.created_by = visible_users.id)))
+	  LEFT JOIN organizations ON ((templates.organization_id = organizations.id)));
+
+COMMENT ON VIEW template_with_names IS 'Joins in the display name information such as username, avatar, and organization name.';
diff --git a/coderd/database/migrations/000336_add_organization_port_sharing_level.up.sql b/coderd/database/migrations/000336_add_organization_port_sharing_level.up.sql
@@ -0,0 +1,73 @@
+-- Drop the view that depends on the templates table
+DROP VIEW template_with_names;
+
+-- Add 'organization' to the app_sharing_level enum
+CREATE TYPE new_app_sharing_level AS ENUM (
+	'owner',
+	'authenticated',
+	'organization',
+	'public'
+);
+
+-- Update workspace_agent_port_share table to use new enum
+ALTER TABLE workspace_agent_port_share
+	ALTER COLUMN share_level TYPE new_app_sharing_level USING (share_level::text::new_app_sharing_level);
+
+-- Update workspace_apps table to use new enum
+ALTER TABLE workspace_apps
+	ALTER COLUMN sharing_level DROP DEFAULT,
+	ALTER COLUMN sharing_level TYPE new_app_sharing_level USING (sharing_level::text::new_app_sharing_level),
+	ALTER COLUMN sharing_level SET DEFAULT 'owner'::new_app_sharing_level;
+
+-- Update templates table to use new enum
+ALTER TABLE templates
+	ALTER COLUMN max_port_sharing_level DROP DEFAULT,
+	ALTER COLUMN max_port_sharing_level TYPE new_app_sharing_level USING (max_port_sharing_level::text::new_app_sharing_level),
+	ALTER COLUMN max_port_sharing_level SET DEFAULT 'owner'::new_app_sharing_level;
+
+-- Drop old enum and rename new one
+DROP TYPE app_sharing_level;
+ALTER TYPE new_app_sharing_level RENAME TO app_sharing_level;
+
+-- Recreate the template_with_names view
+CREATE VIEW template_with_names AS
+	SELECT templates.id,
+		templates.created_at,
+		templates.updated_at,
+		templates.organization_id,
+		templates.deleted,
+		templates.name,
+		templates.provisioner,
+		templates.active_version_id,
+		templates.description,
+		templates.default_ttl,
+		templates.created_by,
+		templates.icon,
+		templates.user_acl,
+		templates.group_acl,
+		templates.display_name,
+		templates.allow_user_cancel_workspace_jobs,
+		templates.allow_user_autostart,
+		templates.allow_user_autostop,
+		templates.failure_ttl,
+		templates.time_til_dormant,
+		templates.time_til_dormant_autodelete,
+		templates.autostop_requirement_days_of_week,
+		templates.autostop_requirement_weeks,
+		templates.autostart_block_days_of_week,
+		templates.require_active_version,
+		templates.deprecated,
+		templates.activity_bump,
+		templates.max_port_sharing_level,
+		templates.use_classic_parameter_flow,
+		COALESCE(visible_users.avatar_url, ''::text) AS created_by_avatar_url,
+		COALESCE(visible_users.username, ''::text) AS created_by_username,
+		COALESCE(visible_users.name, ''::text) AS created_by_name,
+		COALESCE(organizations.name, ''::text) AS organization_name,
+		COALESCE(organizations.display_name, ''::text) AS organization_display_name,
+		COALESCE(organizations.icon, ''::text) AS organization_icon
+	FROM ((templates
+	  LEFT JOIN visible_users ON ((templates.created_by = visible_users.id)))
+	  LEFT JOIN organizations ON ((templates.organization_id = organizations.id)));
+
+COMMENT ON VIEW template_with_names IS 'Joins in the display name information such as username, avatar, and organization name.';
diff --git a/coderd/database/models.go b/coderd/database/models.go