(t *testing.T)
| 254 | } |
| 255 | |
| 256 | func TestCreateUserWorkspace(t *testing.T) { |
| 257 | t.Parallel() |
| 258 | |
| 259 | // Create a custom role that can create workspaces for another user. |
| 260 | t.Run("ForAnotherUser", func(t *testing.T) { |
| 261 | t.Parallel() |
| 262 | |
| 263 | owner, first := coderdenttest.New(t, &coderdenttest.Options{ |
| 264 | Options: &coderdtest.Options{ |
| 265 | IncludeProvisionerDaemon: true, |
| 266 | }, |
| 267 | LicenseOptions: &coderdenttest.LicenseOptions{ |
| 268 | Features: license.Features{ |
| 269 | codersdk.FeatureCustomRoles: 1, |
| 270 | codersdk.FeatureTemplateRBAC: 1, |
| 271 | }, |
| 272 | }, |
| 273 | }) |
| 274 | ctx := testutil.Context(t, testutil.WaitShort) |
| 275 | //nolint:gocritic // using owner to setup roles |
| 276 | r, err := owner.CreateOrganizationRole(ctx, codersdk.Role{ |
| 277 | Name: "creator", |
| 278 | OrganizationID: first.OrganizationID.String(), |
| 279 | DisplayName: "Creator", |
| 280 | OrganizationPermissions: codersdk.CreatePermissions(map[codersdk.RBACResource][]codersdk.RBACAction{ |
| 281 | codersdk.ResourceWorkspace: {codersdk.ActionCreate, codersdk.ActionWorkspaceStart, codersdk.ActionUpdate, codersdk.ActionRead}, |
| 282 | codersdk.ResourceOrganizationMember: {codersdk.ActionRead}, |
| 283 | }), |
| 284 | }) |
| 285 | require.NoError(t, err) |
| 286 | |
| 287 | // use admin for setting up test |
| 288 | admin, adminID := coderdtest.CreateAnotherUser(t, owner, first.OrganizationID, rbac.RoleTemplateAdmin()) |
| 289 | |
| 290 | // try the test action with this user & custom role |
| 291 | creator, _ := coderdtest.CreateAnotherUser(t, owner, first.OrganizationID, rbac.RoleMember(), rbac.RoleIdentifier{ |
| 292 | Name: r.Name, |
| 293 | OrganizationID: first.OrganizationID, |
| 294 | }) |
| 295 | |
| 296 | template, _ := coderdtest.DynamicParameterTemplate(t, admin, first.OrganizationID, coderdtest.DynamicParameterTemplateParams{ |
| 297 | Zip: true, |
| 298 | }) |
| 299 | |
| 300 | ctx = testutil.Context(t, testutil.WaitLong) |
| 301 | |
| 302 | wrk, err := creator.CreateUserWorkspace(ctx, adminID.ID.String(), codersdk.CreateWorkspaceRequest{ |
| 303 | TemplateID: template.ID, |
| 304 | Name: "workspace", |
| 305 | }) |
| 306 | require.NoError(t, err) |
| 307 | coderdtest.AwaitWorkspaceBuildJobCompleted(t, admin, wrk.LatestBuild.ID) |
| 308 | |
| 309 | _, err = creator.WorkspaceByOwnerAndName(ctx, adminID.Username, wrk.Name, codersdk.WorkspaceOptions{ |
| 310 | IncludeDeleted: false, |
| 311 | }) |
| 312 | require.NoError(t, err) |
| 313 | }) |
nothing calls this directly
no test coverage detected