-
Notifications
You must be signed in to change notification settings - Fork 902
feat: add count endpoint for users, enabling better pagination #4848
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
Merged
Changes from all commits
Commits
Show all changes
18 commits
Select commit
Hold shift + click to select a range
5acfb83
Start on backend
presleyp 9b42678
Hook up frontend
presleyp 97027d2
Add to frontend test
presleyp 486839b
Add go test, wip
presleyp 3a8e4bb
Fix some test bugs
presleyp f083580
Fix test
presleyp 72d4657
Merge branch 'main' into users-count/presleyp
presleyp 424358e
Format
presleyp 6f8ec23
Add to authorize.go
presleyp 5b442b4
copy user array into local variable
f0ssel 3929a00
Authorize route
presleyp 4f9eb6f
Log count error
presleyp 7d8562c
Authorize better
presleyp b230df1
Tweaks to authorization
presleyp ca4a82f
More authorization tweaks
presleyp 998725b
Make gen
presleyp e40949c
Merge branch 'main' into users-count/presleyp
presleyp 4210e28
Fix test
presleyp File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -1255,6 +1255,58 @@ func TestGetUsers(t *testing.T) { | |
| }) | ||
| } | ||
|
|
||
| func TestGetFilteredUserCount(t *testing.T) { | ||
| t.Parallel() | ||
| t.Run("AllUsers", func(t *testing.T) { | ||
| t.Parallel() | ||
| client := coderdtest.New(t, nil) | ||
| user := coderdtest.CreateFirstUser(t, client) | ||
|
|
||
| ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitLong) | ||
| defer cancel() | ||
|
|
||
| client.CreateUser(ctx, codersdk.CreateUserRequest{ | ||
| Email: "[email protected]", | ||
| Username: "alice", | ||
| Password: "password", | ||
| OrganizationID: user.OrganizationID, | ||
| }) | ||
| // No params is all users | ||
| response, err := client.UserCount(ctx, codersdk.UserCountRequest{}) | ||
| require.NoError(t, err) | ||
| require.Equal(t, 2, int(response.Count)) | ||
| }) | ||
| t.Run("ActiveUsers", func(t *testing.T) { | ||
| t.Parallel() | ||
| client := coderdtest.New(t, nil) | ||
| first := coderdtest.CreateFirstUser(t, client) | ||
|
|
||
| ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitLong) | ||
| defer cancel() | ||
|
|
||
| _, err := client.User(ctx, first.UserID.String()) | ||
| require.NoError(t, err, "") | ||
|
|
||
| // Alice will be suspended | ||
| alice, err := client.CreateUser(ctx, codersdk.CreateUserRequest{ | ||
| Email: "[email protected]", | ||
| Username: "alice", | ||
| Password: "password", | ||
| OrganizationID: first.OrganizationID, | ||
| }) | ||
| require.NoError(t, err) | ||
|
|
||
| _, err = client.UpdateUserStatus(ctx, alice.Username, codersdk.UserStatusSuspended) | ||
| require.NoError(t, err) | ||
|
|
||
| response, err := client.UserCount(ctx, codersdk.UserCountRequest{ | ||
| Status: codersdk.UserStatusActive, | ||
| }) | ||
| require.NoError(t, err) | ||
| require.Equal(t, 1, int(response.Count)) | ||
| }) | ||
| } | ||
|
|
||
| func TestPostTokens(t *testing.T) { | ||
| t.Parallel() | ||
| client := coderdtest.New(t, nil) | ||
|
|
||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
not doing an auth check here, combined with the fact that you can query for username or email substrings means that you can easily dump all usernames and emails by repeatedly hitting this endpoint and doing a tree search.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
To follow up, you can follow how we do this for workspaces.
coder/coderd/database/modelqueries.go
Lines 113 to 117 in 6f8ec23
If you add
api.Authorize(r, rbac.ActionRead, rbac.ResourceUser)it is technically ok as it checks if you can read all users. We should really do it proper though so we can mess with perms later and everything still works.Add a new function called
GetAuthorizedUsersCount