Skip to content

Commit 45f868c

Browse files
EmyrkEmyrk
committed
move test NoTemplateAccess to enterprise
1 parent 3e40ade commit 45f868c

File tree

2 files changed

+38
-26
lines changed

2 files changed

+38
-26
lines changed

coderd/workspaces_test.go

Lines changed: 0 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -589,32 +589,6 @@ func TestPostWorkspacesByOrganization(t *testing.T) {
589589
require.Equal(t, http.StatusBadRequest, apiErr.StatusCode())
590590
})
591591

592-
t.Run("NoTemplateAccess", func(t *testing.T) {
593-
t.Parallel()
594-
client := coderdtest.New(t, nil)
595-
first := coderdtest.CreateFirstUser(t, client)
596-
other, _ := coderdtest.CreateAnotherUser(t, client, first.OrganizationID, rbac.RoleMember(), rbac.RoleOwner())
597-
598-
ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitLong)
599-
defer cancel()
600-
601-
org, err := other.CreateOrganization(ctx, codersdk.CreateOrganizationRequest{
602-
Name: "another",
603-
})
604-
require.NoError(t, err)
605-
version := coderdtest.CreateTemplateVersion(t, other, org.ID, nil)
606-
template := coderdtest.CreateTemplate(t, other, org.ID, version.ID)
607-
608-
_, err = client.CreateWorkspace(ctx, first.OrganizationID, codersdk.Me, codersdk.CreateWorkspaceRequest{
609-
TemplateID: template.ID,
610-
Name: "workspace",
611-
})
612-
require.Error(t, err)
613-
var apiErr *codersdk.Error
614-
require.ErrorAs(t, err, &apiErr)
615-
require.Equal(t, http.StatusForbidden, apiErr.StatusCode())
616-
})
617-
618592
t.Run("AlreadyExists", func(t *testing.T) {
619593
t.Parallel()
620594
client := coderdtest.New(t, &coderdtest.Options{IncludeProvisionerDaemon: true})

enterprise/coderd/workspaces_test.go

Lines changed: 38 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -47,6 +47,44 @@ func agplUserQuietHoursScheduleStore() *atomic.Pointer[agplschedule.UserQuietHou
4747
func TestCreateWorkspace(t *testing.T) {
4848
t.Parallel()
4949

50+
t.Run("NoTemplateAccess", func(t *testing.T) {
51+
t.Parallel()
52+
53+
dv := coderdtest.DeploymentValues(t)
54+
dv.Experiments = []string{string(codersdk.ExperimentMultiOrganization)}
55+
client, first := coderdenttest.New(t, &coderdenttest.Options{
56+
Options: &coderdtest.Options{
57+
DeploymentValues: dv,
58+
},
59+
LicenseOptions: &coderdenttest.LicenseOptions{
60+
Features: license.Features{
61+
codersdk.FeatureTemplateRBAC: 1,
62+
codersdk.FeatureMultipleOrganizations: 1,
63+
},
64+
}})
65+
66+
other, _ := coderdtest.CreateAnotherUser(t, client, first.OrganizationID, rbac.RoleMember(), rbac.RoleOwner())
67+
68+
ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitLong)
69+
defer cancel()
70+
71+
org, err := other.CreateOrganization(ctx, codersdk.CreateOrganizationRequest{
72+
Name: "another",
73+
})
74+
require.NoError(t, err)
75+
version := coderdtest.CreateTemplateVersion(t, other, org.ID, nil)
76+
template := coderdtest.CreateTemplate(t, other, org.ID, version.ID)
77+
78+
_, err = client.CreateWorkspace(ctx, first.OrganizationID, codersdk.Me, codersdk.CreateWorkspaceRequest{
79+
TemplateID: template.ID,
80+
Name: "workspace",
81+
})
82+
require.Error(t, err)
83+
var apiErr *codersdk.Error
84+
require.ErrorAs(t, err, &apiErr)
85+
require.Equal(t, http.StatusForbidden, apiErr.StatusCode())
86+
})
87+
5088
// Test that a user cannot indirectly access
5189
// a template they do not have access to.
5290
t.Run("Unauthorized", func(t *testing.T) {

0 commit comments

Comments
 (0)