MCPcopy Index your code
hub / github.com/coder/coder / postUser

Method postUser

coderd/users.go:436–645  ·  view source on GitHub ↗

Creates a new user. @Summary Create new user @ID create-new-user @Security CoderSessionToken @Accept json @Produce json @Tags Users @Param request body codersdk.CreateUserRequestWithOrgs true "Create user request" @Success 201 {object} codersdk.User @Router /api/v2/users [post]

(rw http.ResponseWriter, r *http.Request)

Source from the content-addressed store, hash-verified

434// @Success 201 {object} codersdk.User
435// @Router /api/v2/users [post]
436func (api *API) postUser(rw http.ResponseWriter, r *http.Request) {
437 ctx := r.Context()
438 auditor := *api.Auditor.Load()
439 aReq, commitAudit := audit.InitRequest[database.User](rw, &audit.RequestParams{
440 Audit: auditor,
441 Log: api.Logger,
442 Request: r,
443 Action: database.AuditActionCreate,
444 })
445 defer commitAudit()
446
447 var req codersdk.CreateUserRequestWithOrgs
448 if !httpapi.Read(ctx, rw, r, &req) {
449 return
450 }
451
452 // Service accounts must use login_type 'none' and have no password
453 // or email.
454 if req.ServiceAccount {
455 // The client can omit login type for a service account and it will be
456 // set for them below. But if they request the wrong one, we have to let
457 // them know.
458 if req.UserLoginType != "" && req.UserLoginType != codersdk.LoginTypeNone {
459 httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{
460 Message: "Service accounts must use login type 'none'.",
461 })
462 return
463 }
464 if req.Password != "" {
465 httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{
466 Message: "Password cannot be set for service accounts.",
467 })
468 return
469 }
470 if req.Email != "" {
471 httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{
472 Message: "Email cannot be set for service accounts.",
473 })
474 return
475 }
476
477 req.UserLoginType = codersdk.LoginTypeNone
478
479 // Service accounts are a Premium feature.
480 if !api.Entitlements.Enabled(codersdk.FeatureServiceAccounts) {
481 httpapi.Write(ctx, rw, http.StatusForbidden, codersdk.Response{
482 Message: fmt.Sprintf("%s is a Premium feature. Contact sales!", codersdk.FeatureServiceAccounts.Humanize()),
483 })
484 return
485 }
486 } else if req.UserLoginType == "" {
487 // Default to password auth
488 req.UserLoginType = codersdk.LoginTypePassword
489 }
490
491 if req.UserLoginType != codersdk.LoginTypePassword && req.Password != "" {
492 httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{
493 Message: fmt.Sprintf("Password cannot be set for non-password (%q) authentication.", req.UserLoginType),

Callers

nothing calls this directly

Calls 15

CreateUserMethod · 0.95
enrichUserAISeatMethod · 0.95
InitRequestFunction · 0.92
ReadFunction · 0.92
WriteFunction · 0.92
Is404ErrorFunction · 0.92
ValidateFunction · 0.92
APIKeyFunction · 0.92
IsNotAuthorizedErrorFunction · 0.92
ConvertUserFunction · 0.92
UserFunction · 0.92
ContextMethod · 0.65

Tested by

no test coverage detected