MCPcopy Index your code
hub / github.com/coder/coder / UpdateCustomRole

Method UpdateCustomRole

coderd/database/dbauthz/dbauthz.go:6812–6861  ·  view source on GitHub ↗
(ctx context.Context, arg database.UpdateCustomRoleParams)

Source from the content-addressed store, hash-verified

6810}
6811
6812func (q *querier) UpdateCustomRole(ctx context.Context, arg database.UpdateCustomRoleParams) (database.CustomRole, error) {
6813 if !arg.OrganizationID.Valid || arg.OrganizationID.UUID == uuid.Nil {
6814 return database.CustomRole{}, NotAuthorizedError{Err: xerrors.New("custom roles must belong to an organization")}
6815 }
6816
6817 rbacObj := rbac.ResourceAssignOrgRole.InOrg(arg.OrganizationID.UUID)
6818
6819 if err := q.authorizeContext(ctx, policy.ActionUpdate, rbacObj); err != nil {
6820 return database.CustomRole{}, err
6821 }
6822
6823 existing, err := database.ExpectOne(q.db.CustomRoles(ctx, database.CustomRolesParams{
6824 LookupRoles: []database.NameOrganizationPair{
6825 {
6826 Name: arg.Name,
6827 OrganizationID: arg.OrganizationID.UUID,
6828 },
6829 },
6830 ExcludeOrgRoles: false,
6831 OrganizationID: uuid.Nil,
6832 IncludeSystemRoles: true,
6833 }))
6834 if err != nil {
6835 return database.CustomRole{}, err
6836 }
6837
6838 if existing.IsSystem {
6839 err := q.authorizeContext(ctx, policy.ActionUpdate, rbac.ResourceSystem)
6840 if err != nil {
6841 return database.CustomRole{}, err
6842 }
6843 }
6844
6845 if err := q.customRoleCheck(ctx, database.CustomRole{
6846 Name: arg.Name,
6847 DisplayName: arg.DisplayName,
6848 SitePermissions: arg.SitePermissions,
6849 OrgPermissions: arg.OrgPermissions,
6850 UserPermissions: arg.UserPermissions,
6851 MemberPermissions: arg.MemberPermissions,
6852 CreatedAt: time.Now(),
6853 UpdatedAt: time.Now(),
6854 OrganizationID: arg.OrganizationID,
6855 ID: uuid.New(),
6856 IsSystem: existing.IsSystem,
6857 }, policy.ActionUpdate); err != nil {
6858 return database.CustomRole{}, err
6859 }
6860 return q.db.UpdateCustomRole(ctx, arg)
6861}
6862
6863func (q *querier) UpdateEncryptedAIProviderKey(ctx context.Context, arg database.UpdateEncryptedAIProviderKeyParams) (database.AIProviderKey, error) {
6864 // Encrypted columns can be rewritten on any row, including those

Callers

nothing calls this directly

Calls 7

authorizeContextMethod · 0.95
customRoleCheckMethod · 0.95
ExpectOneFunction · 0.92
InOrgMethod · 0.80
NewMethod · 0.65
CustomRolesMethod · 0.65
UpdateCustomRoleMethod · 0.65

Tested by

no test coverage detected