CanGenerateFull checks if the user can generate a 'full' support bundle or only has permissions to generate a 'partial' bundle.
(ctx context.Context, client *codersdk.Client)
| 1001 | // CanGenerateFull checks if the user can generate a 'full' support bundle or |
| 1002 | // only has permissions to generate a 'partial' bundle. |
| 1003 | func CanGenerateFull(ctx context.Context, client *codersdk.Client) (bool, error) { |
| 1004 | if client == nil { |
| 1005 | return false, xerrors.Errorf("developer error: missing client!") |
| 1006 | } |
| 1007 | |
| 1008 | authChecks := map[string]codersdk.AuthorizationCheck{ |
| 1009 | "Read DeploymentValues": { |
| 1010 | Object: codersdk.AuthorizationObject{ |
| 1011 | ResourceType: codersdk.ResourceDeploymentConfig, |
| 1012 | }, |
| 1013 | Action: codersdk.ActionRead, |
| 1014 | }, |
| 1015 | } |
| 1016 | |
| 1017 | authResp, err := client.AuthCheck(ctx, codersdk.AuthorizationRequest{Checks: authChecks}) |
| 1018 | if err != nil { |
| 1019 | // If the auth check itself fails (e.g., 401 Unauthorized |
| 1020 | // because there is no valid session), this is a hard error. |
| 1021 | return false, xerrors.Errorf("check authorization: %w", err) |
| 1022 | } |
| 1023 | for _, v := range authResp { |
| 1024 | if !v { // all checks must pass |
| 1025 | return false, nil |
| 1026 | } |
| 1027 | } |
| 1028 | |
| 1029 | return true, nil |
| 1030 | } |
| 1031 | |
| 1032 | // Run generates a support bundle with the given dependencies. |
| 1033 | func Run(ctx context.Context, d *Deps) (*Bundle, error) { |
no test coverage detected