Return DisplayName and Name in the roles endpoint

BrunoQuaresma · BrunoQuaresma · commit fb61fd790beb · 2022-05-06T18:09:50.000Z
diff --git a/coderd/rbac/builtin.go b/coderd/rbac/builtin.go
@@ -51,7 +51,8 @@ var (
 		// admin grants all actions to all resources.
 		admin: func(_ string) Role {
 			return Role{
-				Name: admin,
+				Name:        admin,
+				DisplayName: "Admin",
 				Site: permissions(map[Object][]Action{
 					ResourceWildcard: {WildcardSymbol},
 				}),
@@ -61,7 +62,8 @@ var (
 		// member grants all actions to all resources owned by the user
 		member: func(_ string) Role {
 			return Role{
-				Name: member,
+				Name:        member,
+				DisplayName: "Member",
 				User: permissions(map[Object][]Action{
 					ResourceWildcard: {WildcardSymbol},
 				}),
@@ -73,7 +75,8 @@ var (
 		// TODO: Finish the auditor as we add resources.
 		auditor: func(_ string) Role {
 			return Role{
-				Name: "auditor",
+				Name:        "auditor",
+				DisplayName: "Auditor",
 				Site: permissions(map[Object][]Action{
 					// Should be able to read all template details, even in orgs they
 					// are not in.
@@ -86,7 +89,8 @@ var (
 		// organization scope.
 		orgAdmin: func(organizationID string) Role {
 			return Role{
-				Name: roleName(orgAdmin, organizationID),
+				Name:        roleName(orgAdmin, organizationID),
+				DisplayName: "Organization Admin",
 				Org: map[string][]Permission{
 					organizationID: {
 						{
@@ -104,7 +108,8 @@ var (
 		// in an organization.
 		orgMember: func(organizationID string) Role {
 			return Role{
-				Name: roleName(orgMember, organizationID),
+				Name:        roleName(orgMember, organizationID),
+				DisplayName: "Organization Member",
 				Org: map[string][]Permission{
 					organizationID: {},
 				},
diff --git a/coderd/rbac/role.go b/coderd/rbac/role.go
@@ -17,8 +17,9 @@ type Permission struct {
 // Users of this package should instead **only** use the role names, and
 // this package will expand the role names into their json payloads.
 type Role struct {
-	Name string       `json:"name"`
-	Site []Permission `json:"site"`
+	Name        string       `json:"name"`
+	DisplayName string       `json:"display_name"`
+	Site        []Permission `json:"site"`
 	// Org is a map of orgid to permissions. We represent orgid as a string.
 	// We scope the organizations in the role so we can easily combine all the
 	// roles.
diff --git a/coderd/roles.go b/coderd/roles.go
@@ -4,6 +4,7 @@ import (
 	"net/http"
 
 	"github.com/coder/coder/coderd/httpmw"
+	"github.com/coder/coder/codersdk"
 
 	"github.com/coder/coder/coderd/httpapi"
 	"github.com/coder/coder/coderd/rbac"
@@ -13,7 +14,8 @@ import (
 func (*api) assignableSiteRoles(rw http.ResponseWriter, _ *http.Request) {
 	// TODO: @emyrk in the future, allow granular subsets of roles to be returned based on the
 	// 	role of the user.
-	roles := rbac.SiteRoles()
+	roleNames := rbac.SiteRoles()
+	roles := codersdk.RolesFromName(roleNames)
 	httpapi.Write(rw, http.StatusOK, roles)
 }
 
@@ -22,6 +24,7 @@ func (*api) assignableOrgRoles(rw http.ResponseWriter, r *http.Request) {
 	// TODO: @emyrk in the future, allow granular subsets of roles to be returned based on the
 	// 	role of the user.
 	organization := httpmw.OrganizationParam(r)
-	roles := rbac.OrganizationRoles(organization.ID)
+	roleNames := rbac.OrganizationRoles(organization.ID)
+	roles := codersdk.RolesFromName(roleNames)
 	httpapi.Write(rw, http.StatusOK, roles)
 }
diff --git a/coderd/roles_test.go b/coderd/roles_test.go
@@ -45,68 +45,68 @@ func TestListRoles(t *testing.T) {
 	testCases := []struct {
 		Name            string
 		Client          *codersdk.Client
-		APICall         func() ([]string, error)
-		ExpectedRoles   []string
+		APICall         func() ([]codersdk.Role, error)
+		ExpectedRoles   []codersdk.Role
 		AuthorizedError string
 	}{
 		{
 			Name: "MemberListSite",
-			APICall: func() ([]string, error) {
+			APICall: func() ([]codersdk.Role, error) {
 				x, err := member.ListSiteRoles(ctx)
 				return x, err
 			},
 			AuthorizedError: unauth,
 		},
 		{
 			Name: "OrgMemberListOrg",
-			APICall: func() ([]string, error) {
+			APICall: func() ([]codersdk.Role, error) {
 				return member.ListOrganizationRoles(ctx, admin.OrganizationID)
 			},
 			AuthorizedError: unauth,
 		},
 		{
 			Name: "NonOrgMemberListOrg",
-			APICall: func() ([]string, error) {
+			APICall: func() ([]codersdk.Role, error) {
 				return member.ListOrganizationRoles(ctx, otherOrg.ID)
 			},
 			AuthorizedError: notMember,
 		},
 		// Org admin
 		{
 			Name: "OrgAdminListSite",
-			APICall: func() ([]string, error) {
+			APICall: func() ([]codersdk.Role, error) {
 				return orgAdmin.ListSiteRoles(ctx)
 			},
 			AuthorizedError: unauth,
 		},
 		{
 			Name: "OrgAdminListOrg",
-			APICall: func() ([]string, error) {
+			APICall: func() ([]codersdk.Role, error) {
 				return orgAdmin.ListOrganizationRoles(ctx, admin.OrganizationID)
 			},
-			ExpectedRoles: rbac.OrganizationRoles(admin.OrganizationID),
+			ExpectedRoles: codersdk.RolesFromName(rbac.OrganizationRoles(admin.OrganizationID)),
 		},
 		{
 			Name: "OrgAdminListOtherOrg",
-			APICall: func() ([]string, error) {
+			APICall: func() ([]codersdk.Role, error) {
 				return orgAdmin.ListOrganizationRoles(ctx, otherOrg.ID)
 			},
 			AuthorizedError: notMember,
 		},
 		// Admin
 		{
 			Name: "AdminListSite",
-			APICall: func() ([]string, error) {
+			APICall: func() ([]codersdk.Role, error) {
 				return client.ListSiteRoles(ctx)
 			},
-			ExpectedRoles: rbac.SiteRoles(),
+			ExpectedRoles: codersdk.RolesFromName(rbac.SiteRoles()),
 		},
 		{
 			Name: "AdminListOrg",
-			APICall: func() ([]string, error) {
+			APICall: func() ([]codersdk.Role, error) {
 				return client.ListOrganizationRoles(ctx, admin.OrganizationID)
 			},
-			ExpectedRoles: rbac.OrganizationRoles(admin.OrganizationID),
+			ExpectedRoles: codersdk.RolesFromName(rbac.OrganizationRoles(admin.OrganizationID)),
 		},
 	}
 
diff --git a/coderd/users.go b/coderd/users.go
@@ -361,10 +361,10 @@ func (api *api) putUserSuspend(rw http.ResponseWriter, r *http.Request) {
 }
 
 func (api *api) putUserPassword(rw http.ResponseWriter, r *http.Request) {
-        var (
-                user  = httpmw.UserParam(r)
-                params codersdk.UpdateUserPasswordRequest
-        )
+	var (
+		user   = httpmw.UserParam(r)
+		params codersdk.UpdateUserPasswordRequest
+	)
 	if !httpapi.Read(rw, r, &params) {
 		return
 	}
diff --git a/codersdk/roles.go b/codersdk/roles.go
@@ -6,12 +6,18 @@ import (
 	"fmt"
 	"net/http"
 
+	"github.com/coder/coder/coderd/rbac"
 	"github.com/google/uuid"
 )
 
+type Role struct {
+	Name        string `json:"name"`
+	DisplayName string `json:"display_name"`
+}
+
 // ListSiteRoles lists all available site wide roles.
 // This is not user specific.
-func (c *Client) ListSiteRoles(ctx context.Context) ([]string, error) {
+func (c *Client) ListSiteRoles(ctx context.Context) ([]Role, error) {
 	res, err := c.request(ctx, http.MethodGet, "/api/v2/users/roles", nil)
 	if err != nil {
 		return nil, err
@@ -20,13 +26,13 @@ func (c *Client) ListSiteRoles(ctx context.Context) ([]string, error) {
 	if res.StatusCode != http.StatusOK {
 		return nil, readBodyAsError(res)
 	}
-	var roles []string
+	var roles []Role
 	return roles, json.NewDecoder(res.Body).Decode(&roles)
 }
 
 // ListOrganizationRoles lists all available roles for a given organization.
 // This is not user specific.
-func (c *Client) ListOrganizationRoles(ctx context.Context, org uuid.UUID) ([]string, error) {
+func (c *Client) ListOrganizationRoles(ctx context.Context, org uuid.UUID) ([]Role, error) {
 	res, err := c.request(ctx, http.MethodGet, fmt.Sprintf("/api/v2/organizations/%s/members/roles/", org.String()), nil)
 	if err != nil {
 		return nil, err
@@ -35,6 +41,21 @@ func (c *Client) ListOrganizationRoles(ctx context.Context, org uuid.UUID) ([]st
 	if res.StatusCode != http.StatusOK {
 		return nil, readBodyAsError(res)
 	}
-	var roles []string
+	var roles []Role
 	return roles, json.NewDecoder(res.Body).Decode(&roles)
 }
+
+func RolesFromName(roleNames []string) []Role {
+	roles := make([]Role, 0, len(roleNames))
+	for _, roleName := range roleNames {
+		role, err := rbac.RoleByName(roleName)
+		if err != nil {
+			continue
+		}
+		roles = append(roles, Role{
+			Name:        role.Name,
+			DisplayName: role.DisplayName,
+		})
+	}
+	return roles
+}

Original file line number	Diff line number	Diff line change
`@@ -361,10 +361,10 @@ func (api api) putUserSuspend(rw http.ResponseWriter, r http.Request) {`
`361`	`361`	`}`
`362`	`362`
`363`	`363`	`func (api api) putUserPassword(rw http.ResponseWriter, r http.Request) {`
`364`		`- var (`
`365`		`- user = httpmw.UserParam(r)`
`366`		`- params codersdk.UpdateUserPasswordRequest`
`367`		`- )`
	`364`	`+ var (`
	`365`	`+ user = httpmw.UserParam(r)`
	`366`	`+ params codersdk.UpdateUserPasswordRequest`
	`367`	`+ )`
`368`	`368`	`if !httpapi.Read(rw, r, &params) {`
`369`	`369`	`return`
`370`	`370`	`}`