Skip to content

Commit eeb0bbe

Browse files
aslilacaslilac
authored
feat: implement acl for workspaces (#19094)
1 parent d736af1 commit eeb0bbe

File tree

17 files changed

+346
-141
lines changed

17 files changed

+346
-141
lines changed

coderd/database/dbgen/dbgen_test.go

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -168,6 +168,8 @@ func TestGenerator(t *testing.T) {
168168
DeletingAt: w.DeletingAt,
169169
AutomaticUpdates: w.AutomaticUpdates,
170170
Favorite: w.Favorite,
171+
GroupACL: database.WorkspaceACL{},
172+
UserACL: database.WorkspaceACL{},
171173
}
172174
require.Equal(t, exp, table)
173175
})

coderd/database/dump.sql

Lines changed: 5 additions & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

coderd/database/migrations/000354_workspace_acl.down.sql

Lines changed: 40 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,40 @@
1+
DROP VIEW workspaces_expanded;
2+
3+
ALTER TABLE workspaces
4+
DROP COLUMN group_acl,
5+
DROP COLUMN user_acl;
6+
7+
CREATE VIEW workspaces_expanded AS
8+
SELECT workspaces.id,
9+
workspaces.created_at,
10+
workspaces.updated_at,
11+
workspaces.owner_id,
12+
workspaces.organization_id,
13+
workspaces.template_id,
14+
workspaces.deleted,
15+
workspaces.name,
16+
workspaces.autostart_schedule,
17+
workspaces.ttl,
18+
workspaces.last_used_at,
19+
workspaces.dormant_at,
20+
workspaces.deleting_at,
21+
workspaces.automatic_updates,
22+
workspaces.favorite,
23+
workspaces.next_start_at,
24+
visible_users.avatar_url AS owner_avatar_url,
25+
visible_users.username AS owner_username,
26+
visible_users.name AS owner_name,
27+
organizations.name AS organization_name,
28+
organizations.display_name AS organization_display_name,
29+
organizations.icon AS organization_icon,
30+
organizations.description AS organization_description,
31+
templates.name AS template_name,
32+
templates.display_name AS template_display_name,
33+
templates.icon AS template_icon,
34+
templates.description AS template_description
35+
FROM (((workspaces
36+
JOIN visible_users ON ((workspaces.owner_id = visible_users.id)))
37+
JOIN organizations ON ((workspaces.organization_id = organizations.id)))
38+
JOIN templates ON ((workspaces.template_id = templates.id)));
39+
40+
COMMENT ON VIEW workspaces_expanded IS 'Joins in the display name information such as username, avatar, and organization name.';

coderd/database/migrations/000354_workspace_acl.up.sql

Lines changed: 43 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,43 @@
1+
DROP VIEW workspaces_expanded;
2+
3+
ALTER TABLE workspaces
4+
ADD COLUMN group_acl jsonb not null default '{}'::jsonb,
5+
ADD COLUMN user_acl jsonb not null default '{}'::jsonb;
6+
7+
-- Recreate the view, now including the new columns
8+
CREATE VIEW workspaces_expanded AS
9+
SELECT workspaces.id,
10+
workspaces.created_at,
11+
workspaces.updated_at,
12+
workspaces.owner_id,
13+
workspaces.organization_id,
14+
workspaces.template_id,
15+
workspaces.deleted,
16+
workspaces.name,
17+
workspaces.autostart_schedule,
18+
workspaces.ttl,
19+
workspaces.last_used_at,
20+
workspaces.dormant_at,
21+
workspaces.deleting_at,
22+
workspaces.automatic_updates,
23+
workspaces.favorite,
24+
workspaces.next_start_at,
25+
workspaces.group_acl,
26+
workspaces.user_acl,
27+
visible_users.avatar_url AS owner_avatar_url,
28+
visible_users.username AS owner_username,
29+
visible_users.name AS owner_name,
30+
organizations.name AS organization_name,
31+
organizations.display_name AS organization_display_name,
32+
organizations.icon AS organization_icon,
33+
organizations.description AS organization_description,
34+
templates.name AS template_name,
35+
templates.display_name AS template_display_name,
36+
templates.icon AS template_icon,
37+
templates.description AS template_description
38+
FROM (((workspaces
39+
JOIN visible_users ON ((workspaces.owner_id = visible_users.id)))
40+
JOIN organizations ON ((workspaces.organization_id = organizations.id)))
41+
JOIN templates ON ((workspaces.template_id = templates.id)));
42+
43+
COMMENT ON VIEW workspaces_expanded IS 'Joins in the display name information such as username, avatar, and organization name.';

coderd/database/modelmethods.go

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -242,6 +242,8 @@ func (w Workspace) WorkspaceTable() WorkspaceTable {
242242
AutomaticUpdates: w.AutomaticUpdates,
243243
Favorite: w.Favorite,
244244
NextStartAt: w.NextStartAt,
245+
GroupACL: w.GroupACL,
246+
UserACL: w.UserACL,
245247
}
246248
}
247249

coderd/database/modelqueries.go

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -298,6 +298,8 @@ func (q *sqlQuerier) GetAuthorizedWorkspaces(ctx context.Context, arg GetWorkspa
298298
&i.AutomaticUpdates,
299299
&i.Favorite,
300300
&i.NextStartAt,
301+
&i.GroupACL,
302+
&i.UserACL,
301303
&i.OwnerAvatarUrl,
302304
&i.OwnerUsername,
303305
&i.OwnerName,

coderd/database/models.go

Lines changed: 4 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)