mirror of https://github.com/coder/coder.git
fix(coderd/rbac): allow user admin all perms on ResourceUserData (#10556)
This commit is contained in:
parent
f84485d2c4
commit
4208c30d32
|
@ -206,6 +206,7 @@ func ReloadBuiltinRoles(opts *RoleOptions) {
|
||||||
Site: Permissions(map[string][]Action{
|
Site: Permissions(map[string][]Action{
|
||||||
ResourceRoleAssignment.Type: {ActionCreate, ActionRead, ActionUpdate, ActionDelete},
|
ResourceRoleAssignment.Type: {ActionCreate, ActionRead, ActionUpdate, ActionDelete},
|
||||||
ResourceUser.Type: {ActionCreate, ActionRead, ActionUpdate, ActionDelete},
|
ResourceUser.Type: {ActionCreate, ActionRead, ActionUpdate, ActionDelete},
|
||||||
|
ResourceUserData.Type: {ActionCreate, ActionRead, ActionUpdate, ActionDelete},
|
||||||
// Full perms to manage org members
|
// Full perms to manage org members
|
||||||
ResourceOrganizationMember.Type: {ActionCreate, ActionRead, ActionUpdate, ActionDelete},
|
ResourceOrganizationMember.Type: {ActionCreate, ActionRead, ActionUpdate, ActionDelete},
|
||||||
ResourceGroup.Type: {ActionCreate, ActionRead, ActionUpdate, ActionDelete},
|
ResourceGroup.Type: {ActionCreate, ActionRead, ActionUpdate, ActionDelete},
|
||||||
|
|
|
@ -274,8 +274,8 @@ func TestRolePermissions(t *testing.T) {
|
||||||
Actions: []rbac.Action{rbac.ActionCreate, rbac.ActionRead, rbac.ActionUpdate, rbac.ActionDelete},
|
Actions: []rbac.Action{rbac.ActionCreate, rbac.ActionRead, rbac.ActionUpdate, rbac.ActionDelete},
|
||||||
Resource: rbac.ResourceUserData.WithID(currentUser).WithOwner(currentUser.String()),
|
Resource: rbac.ResourceUserData.WithID(currentUser).WithOwner(currentUser.String()),
|
||||||
AuthorizeMap: map[bool][]authSubject{
|
AuthorizeMap: map[bool][]authSubject{
|
||||||
true: {owner, orgMemberMe, memberMe},
|
true: {owner, orgMemberMe, memberMe, userAdmin},
|
||||||
false: {orgAdmin, otherOrgAdmin, otherOrgMember, templateAdmin, userAdmin},
|
false: {orgAdmin, otherOrgAdmin, otherOrgMember, templateAdmin},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
|
|
Loading…
Reference in New Issue