MCPcopy Index your code
hub / github.com/coder/coder / InsertAPIKey

Method InsertAPIKey

coderd/database/dbauthz/dbauthz.go:5438–5450  ·  view source on GitHub ↗
(ctx context.Context, arg database.InsertAPIKeyParams)

Source from the content-addressed store, hash-verified

5436}
5437
5438func (q *querier) InsertAPIKey(ctx context.Context, arg database.InsertAPIKeyParams) (database.APIKey, error) {
5439 // TODO(Cian): ideally this would be encoded in the policy, but system users are just members and we
5440 // don't currently have a capability to conditionally deny creating resources by owner ID in a role.
5441 // We also need to enrich rbac.Actor with IsSystem so that we can distinguish all system users.
5442 // For now, there is only one system user (prebuilds).
5443 if act, ok := ActorFromContext(ctx); ok && act.ID == database.PrebuildsSystemUserID.String() {
5444 return database.APIKey{}, logNotAuthorizedError(ctx, q.log, NotAuthorizedError{Err: xerrors.Errorf("prebuild user may not create api keys")})
5445 }
5446
5447 return insert(q.log, q.auth,
5448 rbac.ResourceApiKey.WithOwner(arg.UserID.String()),
5449 q.db.InsertAPIKey)(ctx, arg)
5450}
5451
5452func (q *querier) InsertAllUsersGroup(ctx context.Context, organizationID uuid.UUID) (database.Group, error) {
5453 // This method creates a new group.

Callers

nothing calls this directly

Calls 6

logNotAuthorizedErrorFunction · 0.85
insertFunction · 0.85
WithOwnerMethod · 0.80
ActorFromContextFunction · 0.70
StringMethod · 0.45
ErrorfMethod · 0.45

Tested by

no test coverage detected