(ctx context.Context, arg database.InsertTemplateVersionParams)
| 5797 | } |
| 5798 | |
| 5799 | func (q *querier) InsertTemplateVersion(ctx context.Context, arg database.InsertTemplateVersionParams) error { |
| 5800 | if !arg.TemplateID.Valid { |
| 5801 | // Making a new template version is the same permission as creating a new template. |
| 5802 | err := q.authorizeContext(ctx, policy.ActionCreate, rbac.ResourceTemplate.InOrg(arg.OrganizationID)) |
| 5803 | if err != nil { |
| 5804 | return err |
| 5805 | } |
| 5806 | } else { |
| 5807 | // Must do an authorized fetch to prevent leaking template ids this way. |
| 5808 | tpl, err := q.GetTemplateByID(ctx, arg.TemplateID.UUID) |
| 5809 | if err != nil { |
| 5810 | return err |
| 5811 | } |
| 5812 | // Check the create permission on the template. |
| 5813 | err = q.authorizeContext(ctx, policy.ActionCreate, tpl) |
| 5814 | if err != nil { |
| 5815 | return err |
| 5816 | } |
| 5817 | } |
| 5818 | |
| 5819 | return q.db.InsertTemplateVersion(ctx, arg) |
| 5820 | } |
| 5821 | |
| 5822 | func (q *querier) InsertTemplateVersionParameter(ctx context.Context, arg database.InsertTemplateVersionParameterParams) (database.TemplateVersionParameter, error) { |
| 5823 | if err := q.authorizeContext(ctx, policy.ActionCreate, rbac.ResourceSystem); err != nil { |
nothing calls this directly
no test coverage detected