feat: implement custom site-wide roles in the database #13289
Closed
+1,822
−155
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Emyrk
changed the title
Emyrk
force-pushed
the
stevenmasley/custom_site_roles
branch
from
b457981
to
ea9b9be
Compare
Emyrk
force-pushed
the
stevenmasley/custom_site_roles
branch
from
21f2cee
to
0d91366
Compare
johnstcn
reviewed
May 16, 2024
Comment on lines
31
to
53
| func List[F any, T any](list []F, convert func(F) T) []T { | ||
| into := make([]T, 0, len(list)) | ||
| for _, item := range list { | ||
| into = append(into, convert(item)) | ||
| return ListLazy(convert)(list) | ||
| } | ||
|
|
||
| // ListLazy returns the converter function for a list, but does not eval | ||
| // the input. Helpful for combining the Map and the List functions. | ||
| func ListLazy[F any, T any](convert func(F) T) func(list []F) []T { | ||
| return func(list []F) []T { | ||
| into := make([]T, 0, len(list)) | ||
| for _, item := range list { | ||
| into = append(into, convert(item)) | ||
| } | ||
| return into | ||
| } | ||
| } | ||
|
|
||
| func Map[K comparable, F any, T any](params map[K]F, convert func(F) T) map[K]T { | ||
| into := make(map[K]T) | ||
| for k, item := range params { | ||
| into[k] = convert(item) | ||
| } | ||
| return into | ||
| } |
There was a problem hiding this comment.
All of these should probably be in coderd/util
Comment on lines
-12
to
20
| type Role struct { | ||
| type SlimRole struct { | ||
| Name string `json:"name"` | ||
| DisplayName string `json:"display_name"` | ||
| } | ||
|
|
||
| type AssignableRoles struct { | ||
| Role | ||
| SlimRole | ||
| Assignable bool `json:"assignable"` | ||
| } |
There was a problem hiding this comment.
Can you provide a comment explaining the difference between Role and SlimRole?
There was a problem hiding this comment.
I'd like to see more tests:
- What happens if we have existing custom roles and our license expires?
- What happens if we patch a role and leave out certain fields in the request? Do the unspecified values get overwritten in the DB?
|
Split into a stack: #13298 |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What this does
Adds the ability to create custom roles at the site level. Intentionally not doing org scoped roles yet, as org roles cannot be seen on the UI yet.
This includes the api endpoint to create a custom role. Ideally that would be another PR, but I wanted to actually test the custom roles through the api actor logic. Roles and the actor are so intertwined, if the custom roles do not work to actually grant perms at the api layer, then the feature is moot.
Future work