Steven Masley
eeb3d63be6
chore: merge authorization contexts ( #12816 )
...
* chore: merge authorization contexts
Instead of 2 auth contexts from apikey and dbauthz, merge them to
just use dbauthz. It is annoying to have two.
* fixup authorization reference
2024-03-29 10:14:27 -05:00
Steven Masley
88605b9d01
chore: add display name to member role ( #10239 )
...
* chore: add display name to member role
* Do not let member role be assignable
* Ignore org member role for assignability atm
2023-10-12 10:52:32 -05:00
Kyle Carberry
22e781eced
chore: add /v2 to import module path ( #9072 )
...
* chore: add /v2 to import module path
go mod requires semantic versioning with versions greater than 1.x
This was a mechanical update by running:
```
go install github.com/marwan-at-work/mod/cmd/mod@latest
mod upgrade
```
Migrate generated files to import /v2
* Fix gen
2023-08-18 18:55:43 +00:00
Kyle Carberry
9df9ad4503
feat: embed common client requests into the template html ( #8076 )
...
This should reduce the number of API requests a client makes
when loading the dashboard dramatically!
2023-06-18 13:57:27 -05:00
Steven Masley
6fb8aff6d0
feat: Add initial AuthzQuerier implementation ( #5919 )
...
feat: Add initial AuthzQuerier implementation
- Adds package database/dbauthz that adds a database.Store implementation where each method goes through AuthZ checks
- Implements all database.Store methods on AuthzQuerier
- Updates and fixes unit tests where required
- Updates coderd initialization to use AuthzQuerier if codersdk.ExperimentAuthzQuerier is enabled
2023-02-14 14:27:06 +00:00
Steven Masley
b0a16150a3
chore: Implement standard rbac.Subject to be reused everywhere ( #5881 )
...
* chore: Implement standard rbac.Subject to be reused everywhere
An rbac subject is created in multiple spots because of the way we
expand roles, scopes, etc. This difference in use creates a list
of arguments which is unwieldy.
Use of the expander interface lets us conform to a single subject
in every case
2023-01-26 14:42:54 -06:00
Marcin Tojek
8e9cbdd71b
docs: API users ( #5620 )
...
* docs: audit, deploymentconfig, files, parameters
* Swagger comments in workspacebuilds.go
* structs in workspacebuilds.go
* workspaceagents: instance identity
* workspaceagents.go in progress
* workspaceagents.go in progress
* Agents
* workspacebuilds.go
* /workspaces
* templates.go, templateversions.go
* templateversion.go in progress
* cancel
* templateversions
* wip
* Merge
* x-apidocgen
* NullTime hack not needed anymore
* Fix: x-apidocgen
* Members
* Fixes
* Fix
* WIP
* WIP
* Users
* Logout
* User profile
* Status suspend activate
* User roles
* User tokens
* Keys
* SSH key
* All
* Typo
* Fix
* Fix
* Fix: LoginWithPasswordRequest
2023-01-11 14:08:04 +01:00
Marcin Tojek
84120767a7
docs: API templateversions, templates, members, organizations ( #5546 )
...
* docs: audit, deploymentconfig, files, parameters
* Swagger comments in workspacebuilds.go
* structs in workspacebuilds.go
* workspaceagents: instance identity
* workspaceagents.go in progress
* workspaceagents.go in progress
* Agents
* workspacebuilds.go
* /workspaces
* templates.go, templateversions.go
* templateversion.go in progress
* cancel
* templateversions
* wip
* Merge
* x-apidocgen
* NullTime hack not needed anymore
* Fix: x-apidocgen
* Members
* Fixes
* Fix
2023-01-11 12:16:09 +01:00
Dean Sheather
6deef06ad2
feat: secure and cross-domain subdomain-based proxying ( #4136 )
...
Co-authored-by: Kyle Carberry <kyle@carberry.com>
2022-09-22 22:30:32 +00:00
Colin Adler
5de6f86959
feat: trace httpapi.{Read,Write} ( #4134 )
2022-09-21 17:07:00 -05:00
Dean Sheather
29d804e692
feat: add API key scopes and application_connect scope ( #4067 )
2022-09-19 17:39:02 +00:00
Steven Masley
4be61d9250
fix: Role assign ui fixes ( #3521 )
...
Co-authored-by: Kira Pilot <kira@coder.com>
2022-08-16 10:39:42 -05:00
Steven Masley
40e68cb80b
feat: Add template-admin + user-admin role for managing templates + users ( #3490 )
...
Co-authored-by: Mathias Fredriksson <mafredri@gmail.com>
2022-08-12 17:27:48 -05:00
Steven Masley
db665e7261
chore: Drop resource_id support in rbac system ( #3426 )
2022-08-09 18:16:53 +00:00
Jon Ayers
7e9819f2a8
ref: move httpapi.Reponse into codersdk ( #2954 )
2022-07-12 19:15:02 -05:00
Steven Masley
251316751e
feat: Return more 404s vs 403s ( #2194 )
...
* feat: Return more 404s vs 403s
* Return vague 404 in all cases
2022-06-14 10:14:05 -05:00
Steven Masley
af401e3fe1
chore: Linter rule for properly formatted api errors ( #2123 )
...
* chore: Linter rule for properly formatted api errors
* Add omitempty to 'Detail' field
2022-06-07 14:33:06 +00:00
Steven Masley
c9a4642a12
chore: Update BE http errors to be ui friendly ( #1994 )
...
* chore: More UI friendly errors
Mainly capitlization + messages prefix error
2022-06-03 21:48:09 +00:00
Steven Masley
cc87a0cf6b
feat: Implied 'member' roles for site and organization ( #1917 )
...
* feat: Member roles are implied and never exlpicitly added
* Rename "GetAllUserRoles" to "GetAuthorizationRoles"
* feat: Add migration to remove implied roles
* rename user auth role middleware
2022-06-01 09:07:50 -05:00
Garrett Delfosse
24d1a6744a
fix: Add route for user to change own password ( #1812 )
2022-05-27 17:29:55 +00:00
Kyle Carberry
31b819e83f
chore: Remove interface from coderd and lift API surface ( #1772 )
...
Abstracting coderd into an interface added misdirection because
the interface was never intended to be fulfilled outside of a single
implementation.
This lifts the abstraction, and attaches all handlers to a root struct
named `*coderd.API`.
2022-05-26 03:14:08 +00:00
Steven Masley
eea8dc6c16
feat: Add rbac to templateversion+orgmember endpoints ( #1713 )
2022-05-25 11:00:59 -05:00
Steven Masley
4ad5ac2d4a
feat: Rbac more coderd endpoints, unit test to confirm ( #1437 )
...
* feat: Enforce authorize call on all endpoints
- Make 'request()' exported for running custom requests
* Rbac users endpoints
* 401 -> 403
2022-05-17 13:43:19 -05:00
Bruno Quaresma
e6168ba238
feat: Add permissions for links ( #1407 )
2022-05-13 14:25:57 +00:00
Steven Masley
64e408c954
feat: Check permissions endpoint ( #1389 )
...
* feat: Check permissions endpoint
Allows FE to query backend for permission capabilities.
Batch requests supported
2022-05-12 20:56:23 +00:00
Bruno Quaresma
e54324d880
refactor: Add roles into the user response ( #1347 )
2022-05-09 16:38:14 +00:00
Bruno Quaresma
00806580f5
refactor: Return the display_name and name in the roles endpoint ( #1328 )
2022-05-06 19:18:00 +00:00
Steven Masley
d0293e4d33
feat: Implement list roles & enforce authorize examples ( #1273 )
2022-05-03 16:10:19 -05:00