(t *testing.T)
| 325 | } |
| 326 | |
| 327 | func TestWorkspaceBuildsProvisionerState(t *testing.T) { |
| 328 | t.Parallel() |
| 329 | |
| 330 | t.Run("Permissions", func(t *testing.T) { |
| 331 | t.Parallel() |
| 332 | client := coderdtest.New(t, &coderdtest.Options{IncludeProvisionerDaemon: true}) |
| 333 | first := coderdtest.CreateFirstUser(t, client) |
| 334 | |
| 335 | ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitLong) |
| 336 | defer cancel() |
| 337 | |
| 338 | version := coderdtest.CreateTemplateVersion(t, client, first.OrganizationID, nil) |
| 339 | template := coderdtest.CreateTemplate(t, client, first.OrganizationID, version.ID) |
| 340 | coderdtest.AwaitTemplateVersionJobCompleted(t, client, version.ID) |
| 341 | |
| 342 | workspace := coderdtest.CreateWorkspace(t, client, template.ID) |
| 343 | coderdtest.AwaitWorkspaceBuildJobCompleted(t, client, workspace.LatestBuild.ID) |
| 344 | |
| 345 | build, err := client.CreateWorkspaceBuild(ctx, workspace.ID, codersdk.CreateWorkspaceBuildRequest{ |
| 346 | TemplateVersionID: workspace.LatestBuild.TemplateVersionID, |
| 347 | Transition: codersdk.WorkspaceTransitionDelete, |
| 348 | ProvisionerState: []byte(" "), |
| 349 | }) |
| 350 | require.Nil(t, err) |
| 351 | |
| 352 | coderdtest.AwaitWorkspaceBuildJobCompleted(t, client, build.ID) |
| 353 | |
| 354 | // A regular user on the very same template must not be able to modify the |
| 355 | // state. |
| 356 | regularUser, _ := coderdtest.CreateAnotherUser(t, client, first.OrganizationID) |
| 357 | |
| 358 | workspace = coderdtest.CreateWorkspace(t, regularUser, template.ID) |
| 359 | coderdtest.AwaitWorkspaceBuildJobCompleted(t, regularUser, workspace.LatestBuild.ID) |
| 360 | |
| 361 | _, err = regularUser.CreateWorkspaceBuild(ctx, workspace.ID, codersdk.CreateWorkspaceBuildRequest{ |
| 362 | TemplateVersionID: workspace.LatestBuild.TemplateVersionID, |
| 363 | Transition: workspace.LatestBuild.Transition, |
| 364 | ProvisionerState: []byte(" "), |
| 365 | }) |
| 366 | require.Error(t, err) |
| 367 | |
| 368 | var cerr *codersdk.Error |
| 369 | require.True(t, errors.As(err, &cerr)) |
| 370 | |
| 371 | code := cerr.StatusCode() |
| 372 | require.Equal(t, http.StatusForbidden, code, "unexpected status %s", http.StatusText(code)) |
| 373 | }) |
| 374 | |
| 375 | t.Run("Orphan", func(t *testing.T) { |
| 376 | t.Parallel() |
| 377 | |
| 378 | t.Run("WithoutDelete", func(t *testing.T) { |
| 379 | t.Parallel() |
| 380 | client, store := coderdtest.NewWithDatabase(t, nil) |
| 381 | first := coderdtest.CreateFirstUser(t, client) |
| 382 | templateAdmin, templateAdminUser := coderdtest.CreateAnotherUser(t, client, first.OrganizationID, rbac.RoleTemplateAdmin()) |
| 383 | |
| 384 | r := dbfake.WorkspaceBuild(t, store, database.WorkspaceTable{ |
nothing calls this directly
no test coverage detected