Skip to content

Commit 13d7e1e

Browse files
evgeniy-scherbinaevgeniy-scherbina
committed
temporary commit
1 parent dee6265 commit 13d7e1e

File tree

9 files changed

+34
-14
lines changed

9 files changed

+34
-14
lines changed

coderd/database/dbauthz/dbauthz.go

Lines changed: 5 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -3872,13 +3872,12 @@ func (q *querier) InsertUserLink(ctx context.Context, arg database.InsertUserLin
38723872
}
38733873

38743874
func (q *querier) InsertUserSecret(ctx context.Context, arg database.InsertUserSecretParams) (database.UserSecret, error) {
3875-
return database.UserSecret{}, nil
3876-
3877-
//if err := q.authorizeContext(ctx, policy.ActionUpdate, rbac.ResourceUserObject(arg.UserID)); err != nil {
3878-
// return database.UserLink{}, err
3879-
//}
3875+
obj := rbac.ResourceUserSecret.WithOwner(arg.UserID.String())
3876+
if err := q.authorizeContext(ctx, policy.ActionCreate, obj); err != nil {
3877+
return database.UserSecret{}, err
3878+
}
38803879

3881-
//return q.db.InsertUserLink(ctx, arg)
3880+
return q.db.InsertUserSecret(ctx, arg)
38823881
}
38833882

38843883
func (q *querier) InsertVolumeResourceMonitor(ctx context.Context, arg database.InsertVolumeResourceMonitorParams) (database.WorkspaceAgentVolumeResourceMonitor, error) {

coderd/database/dbauthz/dbauthz_test.go

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5718,3 +5718,13 @@ func (s *MethodTestSuite) TestAuthorizePrebuiltWorkspace() {
57185718
}).Asserts(w, policy.ActionUpdate, w.AsPrebuild(), policy.ActionUpdate)
57195719
}))
57205720
}
5721+
5722+
func (s *MethodTestSuite) TestUserSecrets() {
5723+
s.Run("InsertUserSecret", s.Subtest(func(db database.Store, check *expects) {
5724+
user := dbgen.User(s.T(), db, database.User{})
5725+
arg := database.InsertUserSecretParams{
5726+
UserID: user.ID,
5727+
}
5728+
check.Args(arg).Asserts(rbac.ResourceUserSecret.WithOwner(arg.UserID.String()), policy.ActionCreate)
5729+
}))
5730+
}

coderd/database/dbgen/dbgen.go

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1352,6 +1352,19 @@ func PresetParameter(t testing.TB, db database.Store, seed database.InsertPreset
13521352
return parameters
13531353
}
13541354

1355+
func UserSecret(t testing.TB, db database.Store, seed database.InsertUserSecretParams) database.UserSecret {
1356+
schedule, err := db.InsertUserSecret(genCtx, database.InsertUserSecretParams{
1357+
ID: takeFirst(seed.ID, uuid.New()),
1358+
UserID: takeFirst(seed.UserID, uuid.New()),
1359+
Name: takeFirst(seed.Name, "secret-name"),
1360+
Description: takeFirst(seed.Description, "secret description"),
1361+
Value: takeFirst(seed.Value, "secret value"),
1362+
ValueKeyID: takeFirst(seed.ValueKeyID, sql.NullString{}),
1363+
})
1364+
require.NoError(t, err, "insert preset prebuild schedule")
1365+
return schedule
1366+
}
1367+
13551368
func provisionerJobTiming(t testing.TB, db database.Store, seed database.ProvisionerJobTiming) database.ProvisionerJobTiming {
13561369
timing, err := db.InsertProvisionerJobTimings(genCtx, database.InsertProvisionerJobTimingsParams{
13571370
JobID: takeFirst(seed.JobID, uuid.New()),

coderd/database/dump.sql

Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/database/migrations/000349_add_user_secrets.down.sql

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1 +1,2 @@
11
DROP TABLE user_secrets;
2+
-- TODO: DROP index

coderd/database/migrations/000349_add_user_secrets.up.sql

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@ CREATE TABLE user_secrets (
33
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
44
user_id UUID NOT NULL REFERENCES users(id) ON DELETE CASCADE,
55
name TEXT NOT NULL,
6-
description TEXT,
6+
description TEXT NOT NULL,
77

88
-- The encrypted secret value (base64-encoded encrypted data)
99
value TEXT NOT NULL,

coderd/database/modelmethods.go

Lines changed: 1 addition & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -617,8 +617,5 @@ func (m WorkspaceAgentVolumeResourceMonitor) Debounce(
617617
}
618618

619619
func (s UserSecret) RBACObject() rbac.Object {
620-
return rbac.ResourceUserSecret.WithID(s.ID).
621-
InOrg(s.OrganizationID).
622-
WithACLUserList(t.UserACL).
623-
WithGroupACL(t.GroupACL)
620+
return rbac.ResourceUserSecret.WithOwner(s.UserID.String())
624621
}

coderd/database/models.go

Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/database/queries.sql.go

Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)