(t testing.TB, client *codersdk.Client, organizationIDs []uuid.UUID, retries int, roles []rbac.RoleIdentifier, mutators ...func(r *codersdk.CreateUserRequestWithOrgs))
| 918 | } |
| 919 | |
| 920 | func createAnotherUserRetry(t testing.TB, client *codersdk.Client, organizationIDs []uuid.UUID, retries int, roles []rbac.RoleIdentifier, mutators ...func(r *codersdk.CreateUserRequestWithOrgs)) (*codersdk.Client, codersdk.User) { |
| 921 | req := codersdk.CreateUserRequestWithOrgs{ |
| 922 | Email: namesgenerator.UniqueName() + "@coder.com", |
| 923 | Username: RandomUsername(t), |
| 924 | Name: RandomName(t), |
| 925 | Password: "SomeSecurePassword!", |
| 926 | OrganizationIDs: organizationIDs, |
| 927 | // Always create users as active in tests to ignore an extra audit log |
| 928 | // when logging in. |
| 929 | UserStatus: ptr.Ref(codersdk.UserStatusActive), |
| 930 | } |
| 931 | for _, m := range mutators { |
| 932 | m(&req) |
| 933 | } |
| 934 | |
| 935 | // Service accounts cannot have a password or email and must |
| 936 | // use login_type=none. Enforce this after mutators so callers |
| 937 | // only need to set ServiceAccount=true. |
| 938 | if req.ServiceAccount { |
| 939 | req.Password = "" |
| 940 | req.Email = "" |
| 941 | req.UserLoginType = codersdk.LoginTypeNone |
| 942 | } |
| 943 | |
| 944 | user, err := client.CreateUserWithOrgs(context.Background(), req) |
| 945 | var apiError *codersdk.Error |
| 946 | // If the user already exists by username or email conflict, try again up to "retries" times. |
| 947 | if err != nil && retries >= 0 && xerrors.As(err, &apiError) { |
| 948 | if apiError.StatusCode() == http.StatusConflict { |
| 949 | retries-- |
| 950 | return createAnotherUserRetry(t, client, organizationIDs, retries, roles) |
| 951 | } |
| 952 | } |
| 953 | require.NoError(t, err) |
| 954 | |
| 955 | var sessionToken string |
| 956 | switch req.UserLoginType { |
| 957 | case codersdk.LoginTypeNone, codersdk.LoginTypeGithub, codersdk.LoginTypeOIDC: |
| 958 | // Cannot log in with a non-password user. So make it an api key from the |
| 959 | // client making this user. |
| 960 | token, err := client.CreateToken(context.Background(), user.ID.String(), codersdk.CreateTokenRequest{ |
| 961 | Lifetime: time.Hour * 24, |
| 962 | Scope: codersdk.APIKeyScopeAll, |
| 963 | TokenName: "no-password-user-token", |
| 964 | }) |
| 965 | require.NoError(t, err) |
| 966 | sessionToken = token.Key |
| 967 | default: |
| 968 | login, err := client.LoginWithPassword(context.Background(), codersdk.LoginWithPasswordRequest{ |
| 969 | Email: req.Email, |
| 970 | Password: req.Password, |
| 971 | }) |
| 972 | require.NoError(t, err) |
| 973 | sessionToken = login.SessionToken |
| 974 | } |
| 975 | |
| 976 | if user.Status == codersdk.UserStatusDormant { |
| 977 | // Use admin client so that user's LastSeenAt is not updated. |
no test coverage detected