Skip to content

Commit 2c25542

Browse files
dannykoppingdannykopping
committed
reverting RBAC changes; not relevant here
appeasing linter Signed-off-by: Danny Kopping <dannykopping@gmail.com>
1 parent b16d126 commit 2c25542

File tree

2 files changed

+2
-30
lines changed

2 files changed

+2
-30
lines changed

coderd/database/dbauthz/dbauthz.go

Lines changed: 0 additions & 28 deletions
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,6 @@ import (
1818

1919
"cdr.dev/slog"
2020

21-
"github.com/coder/coder/v2/coderd/prebuilds"
2221
"github.com/coder/coder/v2/coderd/rbac/policy"
2322
"github.com/coder/coder/v2/coderd/rbac/rolestore"
2423

@@ -359,27 +358,6 @@ var (
359358
}),
360359
Scope: rbac.ScopeAll,
361360
}.WithCachedASTValue()
362-
363-
subjectPrebuildsOrchestrator = rbac.Subject{
364-
FriendlyName: "Prebuilds Orchestrator",
365-
ID: prebuilds.OwnerID.String(),
366-
Roles: rbac.Roles([]rbac.Role{
367-
{
368-
Identifier: rbac.RoleIdentifier{Name: "prebuilds-orchestrator"},
369-
DisplayName: "Coder",
370-
Site: rbac.Permissions(map[string][]policy.Action{
371-
// May use template, read template-related info, & insert template-related resources (preset prebuilds).
372-
rbac.ResourceTemplate.Type: {policy.ActionRead, policy.ActionUpdate, policy.ActionUse},
373-
// May CRUD workspaces, and start/stop them.
374-
rbac.ResourceWorkspace.Type: {
375-
policy.ActionCreate, policy.ActionDelete, policy.ActionRead, policy.ActionUpdate,
376-
policy.ActionWorkspaceStart, policy.ActionWorkspaceStop,
377-
},
378-
}),
379-
},
380-
}),
381-
Scope: rbac.ScopeAll,
382-
}.WithCachedASTValue()
383361
)
384362

385363
// AsProvisionerd returns a context with an actor that has permissions required
@@ -434,12 +412,6 @@ func AsSystemReadProvisionerDaemons(ctx context.Context) context.Context {
434412
return context.WithValue(ctx, authContextKey{}, subjectSystemReadProvisionerDaemons)
435413
}
436414

437-
// AsPrebuildsOrchestrator returns a context with an actor that has permissions
438-
// to read orchestrator workspace prebuilds.
439-
func AsPrebuildsOrchestrator(ctx context.Context) context.Context {
440-
return context.WithValue(ctx, authContextKey{}, subjectPrebuildsOrchestrator)
441-
}
442-
443415
var AsRemoveActor = rbac.Subject{
444416
ID: "remove-actor",
445417
}

coderd/users_test.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2428,7 +2428,7 @@ func TestSystemUserBehaviour(t *testing.T) {
24282428
sqlDB := testSQLDB(t)
24292429
err := migrations.Up(sqlDB) // coderd/database/migrations/00030*_system_user.up.sql will create a system user.
24302430
require.NoError(t, err, "migrations")
2431-
2431+
24322432
db := database.New(sqlDB)
24332433

24342434
// =================================================================================================================
@@ -2488,7 +2488,7 @@ func TestSystemUserBehaviour(t *testing.T) {
24882488

24892489
// When: attempting to update a user's roles.
24902490
_, err = db.UpdateUserRoles(ctx, database.UpdateUserRolesParams{
2491-
ID: systemUser.ID,
2491+
ID: systemUser.ID,
24922492
GrantedRoles: []string{rbac.RoleAuditor().String()},
24932493
})
24942494
// Then: the attempt is rejected by a postgres trigger.

0 commit comments

Comments
 (0)