chore: use system context for fetching template information

Emyrk · Emyrk · commit fc6c010b2053 · 2024-10-23T14:26:10.000-05:00
The authz check is Update() on the original template.
This is not ideal, but it follows the existing behavior.
diff --git a/enterprise/coderd/templates.go b/enterprise/coderd/templates.go
@@ -66,7 +66,9 @@ func (api *API) templateAvailablePermissions(rw http.ResponseWriter, r *http.Req
 			httpapi.InternalServerError(rw, err)
 			return
 		}
-		memberCount, err := api.Database.GetGroupMembersCountByGroupID(ctx, group.Group.ID)
+
+		// nolint:gocritic
+		memberCount, err := api.Database.GetGroupMembersCountByGroupID(dbauthz.AsSystemRestricted(ctx), group.Group.ID)
 		if err != nil {
 			httpapi.InternalServerError(rw, err)
 			return
diff --git a/enterprise/coderd/templates_test.go b/enterprise/coderd/templates_test.go
@@ -1494,6 +1494,10 @@ func TestUpdateTemplateACL(t *testing.T) {
 			},
 		}
 
+		// Group adds complexity to the /available endpoint
+		// Intentionally omit user2
+		coderdtest.CreateGroup(t, client, user.OrganizationID, "some-group", user3)
+
 		ctx := testutil.Context(t, testutil.WaitLong)
 
 		err := client1.UpdateTemplateACL(ctx, template.ID, req)

Original file line number	Diff line number	Diff line change
`@@ -1494,6 +1494,10 @@ func TestUpdateTemplateACL(t *testing.T) {`
`1494`	`1494`	`},`
`1495`	`1495`	`}`
`1496`	`1496`
	`1497`	`+ // Group adds complexity to the /available endpoint`
	`1498`	`+ // Intentionally omit user2`
	`1499`	`+ coderdtest.CreateGroup(t, client, user.OrganizationID, "some-group", user3)`
	`1500`	`+`
`1497`	`1501`	`ctx := testutil.Context(t, testutil.WaitLong)`
`1498`	`1502`
`1499`	`1503`	`err := client1.UpdateTemplateACL(ctx, template.ID, req)`