MCPcopy Index your code
hub / github.com/coder/coder / TestCompositeWorkspaceScopes

Function TestCompositeWorkspaceScopes

coderd/workspaces_scoped_test.go:20–175  ·  view source on GitHub ↗

TestCompositeWorkspaceScopes verifies that the composite coder:workspaces.* scopes grant the permissions needed for workspace lifecycle operations when used on scoped API tokens.

(t *testing.T)

Source from the content-addressed store, hash-verified

18// coder:workspaces.* scopes grant the permissions needed for
19// workspace lifecycle operations when used on scoped API tokens.
20func TestCompositeWorkspaceScopes(t *testing.T) {
21 t.Parallel()
22
23 // setupWorkspace creates a server with a provisioner daemon, an
24 // admin user, a template, and a workspace. It returns the admin
25 // client and the workspace so sub-tests can create scoped tokens
26 // and act on them.
27 type setupResult struct {
28 adminClient *codersdk.Client
29 workspace codersdk.Workspace
30 }
31 setup := func(t *testing.T) setupResult {
32 t.Helper()
33 client := coderdtest.New(t, &coderdtest.Options{
34 IncludeProvisionerDaemon: true,
35 })
36 firstUser := coderdtest.CreateFirstUser(t, client)
37 version := coderdtest.CreateTemplateVersion(t, client, firstUser.OrganizationID, &echo.Responses{
38 Parse: echo.ParseComplete,
39 ProvisionPlan: echo.PlanComplete,
40 ProvisionApply: echo.ApplyComplete,
41 ProvisionGraph: echo.GraphComplete,
42 })
43 template := coderdtest.CreateTemplate(t, client, firstUser.OrganizationID, version.ID)
44 coderdtest.AwaitTemplateVersionJobCompleted(t, client, version.ID)
45 workspace := coderdtest.CreateWorkspace(t, client, template.ID)
46 coderdtest.AwaitWorkspaceBuildJobCompleted(t, client, workspace.LatestBuild.ID)
47
48 return setupResult{
49 adminClient: client,
50 workspace: workspace,
51 }
52 }
53
54 // scopedClient creates an API token restricted to the given scopes
55 // and returns a new client authenticated with that token.
56 scopedClient := func(t *testing.T, adminClient *codersdk.Client, scopes []codersdk.APIKeyScope) *codersdk.Client {
57 t.Helper()
58 ctx, cancel := context.WithTimeout(t.Context(), testutil.WaitShort)
59 defer cancel()
60
61 resp, err := adminClient.CreateToken(ctx, codersdk.Me, codersdk.CreateTokenRequest{
62 Scopes: scopes,
63 })
64 require.NoError(t, err, "creating scoped token")
65
66 scoped := codersdk.New(
67 adminClient.URL,
68 codersdk.WithSessionToken(resp.Key),
69 codersdk.WithHTTPClient(coderdtest.NewIsolatedHTTPClient(adminClient.URL)),
70 )
71 t.Cleanup(func() { scoped.HTTPClient.CloseIdleConnections() })
72 return scoped
73 }
74
75 // coder:workspaces.create — token should be able to create a
76 // workspace via POST /users/{user}/workspaces.
77 t.Run("WorkspacesCreate", func(t *testing.T) {

Callers

nothing calls this directly

Calls 15

NewFunction · 0.92
CreateFirstUserFunction · 0.92
CreateTemplateVersionFunction · 0.92
CreateTemplateFunction · 0.92
CreateWorkspaceFunction · 0.92
NewFunction · 0.92
WithSessionTokenFunction · 0.92
WithHTTPClientFunction · 0.92
NewIsolatedHTTPClientFunction · 0.92
RandomUsernameFunction · 0.92

Tested by

no test coverage detected