Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 503f69c

Browse files
EmyrkEmyrk
committed
fixup comments
1 parent 08f3271 commit 503f69c

File tree

3 files changed

+19
-14
lines changed

3 files changed

+19
-14
lines changed

coderd/coderd.go

+1-1
Original file line numberDiff line numberDiff line change
@@ -1076,7 +1076,7 @@ func New(options *Options) *API {
10761076

10771077
r.Group(func(r chi.Router) {
10781078
r.Use(
1079-
httpmw.ExtractOrganizationMemberParam(options.Database, api.HTTPAuth.Authorize),
1079+
httpmw.ExtractOrganizationMemberParam(options.Database),
10801080
)
10811081
r.Delete("/", api.deleteOrganizationMember)
10821082
r.Put("/roles", api.putMemberRoles)

coderd/httpmw/organizationparam.go

+12-5
Original file line numberDiff line numberDiff line change
@@ -118,12 +118,12 @@ type OrganizationMember struct {
118118

119119
// ExtractOrganizationMemberParam grabs a user membership from the "organization" and "user" URL parameter.
120120
// This middleware requires the ExtractUser and ExtractOrganization middleware higher in the stack
121-
func ExtractOrganizationMemberParam(db database.Store, auth func(r *http.Request, action policy.Action, object rbac.Objecter) bool) func(http.Handler) http.Handler {
121+
func ExtractOrganizationMemberParam(db database.Store) func(http.Handler) http.Handler {
122122
return func(next http.Handler) http.Handler {
123123
return http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
124124
ctx := r.Context()
125125
organization := OrganizationParam(r)
126-
_, members, done := ExtractOrganizationMember(ctx, auth, rw, r, db, organization.ID)
126+
_, members, done := ExtractOrganizationMember(ctx, nil, rw, r, db, organization.ID)
127127
if done {
128128
return
129129
}
@@ -194,12 +194,12 @@ func ExtractOrganizationMember(ctx context.Context, auth func(r *http.Request, a
194194
return nil, nil, true
195195
}
196196

197-
if auth(r, policy.ActionRead, user) {
197+
if auth != nil && auth(r, policy.ActionRead, user) {
198198
return &user, organizationMembers, true
199199
}
200200

201201
// If the user cannot be read and 0 memberships exist, throw a 404 to not
202-
// leak the user existance.
202+
// leak the user existence.
203203
if len(organizationMembers) == 0 {
204204
httpapi.ResourceNotFound(rw)
205205
return nil, nil, true
@@ -209,7 +209,11 @@ func ExtractOrganizationMember(ctx context.Context, auth func(r *http.Request, a
209209
}
210210

211211
type OrganizationMembers struct {
212-
User *database.User
212+
// User is `nil` if the caller is not allowed access to the site wide
213+
// user object.
214+
User *database.User
215+
// Memberships can only be length 0 if `user != nil`. If `user == nil`, then
216+
// memberships will be at least length 1.
213217
Memberships []OrganizationMember
214218
}
215219

@@ -226,6 +230,9 @@ func (om OrganizationMembers) UserID() uuid.UUID {
226230

227231
// ExtractOrganizationMembersParam grabs all user organization memberships.
228232
// Only requires the "user" URL parameter.
233+
//
234+
// Use this if you want to grab as much information for a user as you can.
235+
// From an organization context, site wide user information might not available.
229236
func ExtractOrganizationMembersParam(db database.Store, auth func(r *http.Request, action policy.Action, object rbac.Objecter) bool) func(http.Handler) http.Handler {
230237
return func(next http.Handler) http.Handler {
231238
return http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {

coderd/httpmw/organizationparam_test.go

+6-8
Original file line numberDiff line numberDiff line change
@@ -131,9 +131,7 @@ func TestOrganizationParam(t *testing.T) {
131131
}),
132132
httpmw.ExtractUserParam(db),
133133
httpmw.ExtractOrganizationParam(db),
134-
httpmw.ExtractOrganizationMemberParam(db, func(r *http.Request, _ policy.Action, _ rbac.Objecter) bool {
135-
return true
136-
}),
134+
httpmw.ExtractOrganizationMemberParam(db),
137135
)
138136
rtr.Get("/", nil)
139137
rtr.ServeHTTP(rw, r)
@@ -170,11 +168,10 @@ func TestOrganizationParam(t *testing.T) {
170168
}),
171169
httpmw.ExtractOrganizationParam(db),
172170
httpmw.ExtractUserParam(db),
173-
httpmw.ExtractOrganizationMemberParam(db, func(r *http.Request, _ policy.Action, _ rbac.Objecter) bool {
174-
return true
175-
}),
171+
httpmw.ExtractOrganizationMemberParam(db),
176172
httpmw.ExtractOrganizationMembersParam(db, func(r *http.Request, _ policy.Action, _ rbac.Objecter) bool {
177-
return true
173+
// Assume the caller cannot read the member
174+
return false
178175
}),
179176
)
180177
rtr.Get("/", func(rw http.ResponseWriter, r *http.Request) {
@@ -202,7 +199,8 @@ func TestOrganizationParam(t *testing.T) {
202199

203200
orgMems := httpmw.OrganizationMembersParam(r)
204201
assert.NotZero(t, orgMems)
205-
assert.Equal(t, orgMem.UserID, orgMems[0].UserID)
202+
assert.Equal(t, orgMem.UserID, orgMems.Memberships[0].UserID)
203+
assert.Nil(t, orgMems.User, "user data should not be available, hard coded false authorize")
206204
})
207205

208206
// Try by ID

0 commit comments

Comments
 (0)