userSecretLimitResponse maps a per-user-limits trigger violation (raised by enforce_user_secrets_per_user_limits) to a 400. Returns ok=false if err is not such a violation. See codersdk.MaxUserSecretsPerUserCount for the rationale behind the caps.
(err error)
| 367 | // ok=false if err is not such a violation. See |
| 368 | // codersdk.MaxUserSecretsPerUserCount for the rationale behind the caps. |
| 369 | func userSecretLimitResponse(err error) (codersdk.Response, bool) { |
| 370 | switch { |
| 371 | case database.IsCheckViolation(err, userSecretsCountLimitConstraint): |
| 372 | return codersdk.Response{ |
| 373 | Message: "User secrets limit reached.", |
| 374 | Detail: fmt.Sprintf( |
| 375 | "Each user can have at most %d secrets.", |
| 376 | codersdk.MaxUserSecretsPerUserCount, |
| 377 | ), |
| 378 | }, true |
| 379 | case database.IsCheckViolation(err, userSecretsTotalBytesLimitConstraint): |
| 380 | return codersdk.Response{ |
| 381 | Message: "User secrets value-bytes limit reached.", |
| 382 | Detail: fmt.Sprintf( |
| 383 | "Stored bytes of your secret values exceed the per-user "+ |
| 384 | "budget (%d bytes after encryption, if applicable). "+ |
| 385 | "Reduce the size or number of your secrets.", |
| 386 | codersdk.MaxUserSecretsTotalValueBytes, |
| 387 | ), |
| 388 | }, true |
| 389 | case database.IsCheckViolation(err, userSecretsEnvBytesLimitConstraint): |
| 390 | return codersdk.Response{ |
| 391 | Message: "Environment-injected user secrets bytes limit reached.", |
| 392 | Detail: fmt.Sprintf( |
| 393 | "Stored bytes of env-injected secret values exceed the "+ |
| 394 | "per-user budget (%d bytes after encryption, if applicable). "+ |
| 395 | "Clear env_name on large secrets or use file_path instead.", |
| 396 | codersdk.MaxUserSecretValueBytes, |
| 397 | ), |
| 398 | }, true |
| 399 | } |
| 400 | return codersdk.Response{}, false |
| 401 | } |
| 402 | |
| 403 | func userSecretConflictValidationErrors(err error) []codersdk.ValidationError { |
| 404 | switch { |
no test coverage detected