MCPcopy Index your code
hub / github.com/coder/coder / patchChatACL

Method patchChatACL

coderd/exp_chats_acl.go:93–203  ·  view source on GitHub ↗

EXPERIMENTAL: this endpoint is experimental and is subject to change. @Summary Update chat ACL @ID update-chat-acl @Security CoderSessionToken @Tags Chats @Accept json @Param chat path string true "Chat ID" format(uuid) @Param request body codersdk.UpdateChatACL true "Update chat ACL request" @Succ

(rw http.ResponseWriter, r *http.Request)

Source from the content-addressed store, hash-verified

91// @x-apidocgen {"skip": true}
92// @Description Experimental: this endpoint is subject to change.
93func (api *API) patchChatACL(rw http.ResponseWriter, r *http.Request) {
94 ctx := r.Context()
95 chat := httpmw.ChatParam(r)
96 auditor := api.Auditor.Load()
97 aReq, commitAudit := audit.InitRequest[database.Chat](rw, &audit.RequestParams{
98 Audit: *auditor,
99 Log: api.Logger,
100 Request: r,
101 Action: database.AuditActionWrite,
102 OrganizationID: chat.OrganizationID,
103 })
104 defer commitAudit()
105 aReq.Old = chat
106
107 if !api.allowChatSharing(ctx, rw) {
108 return
109 }
110 if chat.IsSubChat() {
111 resp := codersdk.Response{Message: "Chat ACLs can only be set on root chats."}
112 if chat.RootChatID.Valid {
113 resp.Detail = "Target the root chat (id: " + chat.RootChatID.UUID.String() + ") instead."
114 }
115 httpapi.Write(ctx, rw, http.StatusBadRequest, resp)
116 return
117 }
118 if !api.Authorize(r, policy.ActionShare, chat.RBACObject()) {
119 httpapi.Forbidden(rw)
120 return
121 }
122
123 var req codersdk.UpdateChatACL
124 if !httpapi.Read(ctx, rw, r, &req) {
125 return
126 }
127
128 apiKey := httpmw.APIKey(r)
129 for userID := range req.UserRoles {
130 parsed, err := uuid.Parse(userID)
131 if err == nil && parsed == apiKey.UserID {
132 httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{
133 Message: "Cannot change your own chat sharing role.",
134 })
135 return
136 }
137 }
138
139 validErrs := acl.Validate(ctx, api.Database, ChatACLUpdateValidator(req))
140 if len(validErrs) > 0 {
141 httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{
142 Message: "Invalid request to update chat ACL.",
143 Validations: validErrs,
144 })
145 return
146 }
147
148 err := api.Database.InTx(func(tx database.Store) error {
149 current, err := tx.GetChatByIDForUpdate(ctx, chat.ID)
150 if err != nil {

Callers

nothing calls this directly

Calls 15

allowChatSharingMethod · 0.95
AuthorizeMethod · 0.95
ChatParamFunction · 0.92
InitRequestFunction · 0.92
WriteFunction · 0.92
ForbiddenFunction · 0.92
ReadFunction · 0.92
APIKeyFunction · 0.92
ValidateFunction · 0.92
ChatRoleActionsFunction · 0.92
IsNotAuthorizedErrorFunction · 0.92
InternalServerErrorFunction · 0.92

Tested by

no test coverage detected