(t *testing.T)
| 22 | ) |
| 23 | |
| 24 | func TestCustomOrganizationRole(t *testing.T) { |
| 25 | t.Parallel() |
| 26 | templateAdminCustom := func(orgID uuid.UUID) codersdk.Role { |
| 27 | return codersdk.Role{ |
| 28 | Name: "test-role", |
| 29 | DisplayName: "Testing Purposes", |
| 30 | OrganizationID: orgID.String(), |
| 31 | // Basically creating a template admin manually |
| 32 | SitePermissions: nil, |
| 33 | OrganizationPermissions: codersdk.CreatePermissions(map[codersdk.RBACResource][]codersdk.RBACAction{ |
| 34 | codersdk.ResourceTemplate: {codersdk.ActionCreate, codersdk.ActionRead, codersdk.ActionUpdate, codersdk.ActionViewInsights}, |
| 35 | codersdk.ResourceFile: {codersdk.ActionCreate, codersdk.ActionRead}, |
| 36 | codersdk.ResourceWorkspace: {codersdk.ActionRead}, |
| 37 | }), |
| 38 | UserPermissions: nil, |
| 39 | } |
| 40 | } |
| 41 | |
| 42 | // Create, assign, and use a custom role |
| 43 | t.Run("Success", func(t *testing.T) { |
| 44 | t.Parallel() |
| 45 | owner, first := coderdenttest.New(t, &coderdenttest.Options{ |
| 46 | LicenseOptions: &coderdenttest.LicenseOptions{ |
| 47 | Features: license.Features{ |
| 48 | codersdk.FeatureCustomRoles: 1, |
| 49 | }, |
| 50 | }, |
| 51 | }) |
| 52 | |
| 53 | ctx := testutil.Context(t, testutil.WaitMedium) |
| 54 | |
| 55 | //nolint:gocritic // owner is required for this |
| 56 | role, err := owner.CreateOrganizationRole(ctx, templateAdminCustom(first.OrganizationID)) |
| 57 | require.NoError(t, err, "upsert role") |
| 58 | |
| 59 | // Assign the custom template admin role |
| 60 | tmplAdmin, _ := coderdtest.CreateAnotherUser(t, owner, first.OrganizationID, rbac.RoleIdentifier{Name: role.Name, OrganizationID: first.OrganizationID}) |
| 61 | |
| 62 | // Assert the role exists |
| 63 | // TODO: At present user roles are not returned by the user endpoints. |
| 64 | // Changing this might mess up the UI in how it renders the roles on the |
| 65 | // users page. When the users endpoint is updated, this should be uncommented. |
| 66 | // roleNamesF := func(role codersdk.SlimRole) string { return role.Name } |
| 67 | // require.Contains(t, slice.List(user.Roles, roleNamesF), role.Name) |
| 68 | |
| 69 | // Try to create a template version |
| 70 | coderdtest.CreateTemplateVersion(t, tmplAdmin, first.OrganizationID, nil) |
| 71 | |
| 72 | // Verify the role exists in the list |
| 73 | allRoles, err := tmplAdmin.ListOrganizationRoles(ctx, first.OrganizationID) |
| 74 | require.NoError(t, err) |
| 75 | |
| 76 | var foundRole codersdk.AssignableRoles |
| 77 | require.True(t, slices.ContainsFunc(allRoles, func(selected codersdk.AssignableRoles) bool { |
| 78 | if selected.Name == role.Name { |
| 79 | foundRole = selected |
| 80 | return true |
| 81 | } |
nothing calls this directly
no test coverage detected