@Summary Update group by name @ID update-group-by-name @Security CoderSessionToken @Accept json @Produce json @Tags Enterprise @Param group path string true "Group name" @Param request body codersdk.PatchGroupRequest true "Patch group request" @Success 200 {object} codersdk.Group @Router /api/v2/gro
(rw http.ResponseWriter, r *http.Request)
| 100 | // @Success 200 {object} codersdk.Group |
| 101 | // @Router /api/v2/groups/{group} [patch] |
| 102 | func (api *API) patchGroup(rw http.ResponseWriter, r *http.Request) { |
| 103 | var ( |
| 104 | ctx = r.Context() |
| 105 | group = httpmw.GroupParam(r) |
| 106 | auditor = api.AGPL.Auditor.Load() |
| 107 | aReq, commitAudit = audit.InitRequest[database.AuditableGroup](rw, &audit.RequestParams{ |
| 108 | Audit: *auditor, |
| 109 | Log: api.Logger, |
| 110 | Request: r, |
| 111 | Action: database.AuditActionWrite, |
| 112 | OrganizationID: group.OrganizationID, |
| 113 | }) |
| 114 | ) |
| 115 | defer commitAudit() |
| 116 | |
| 117 | var req codersdk.PatchGroupRequest |
| 118 | if !httpapi.Read(ctx, rw, r, &req) { |
| 119 | return |
| 120 | } |
| 121 | |
| 122 | // If the name matches the existing group name pretend we aren't |
| 123 | // updating the name at all. |
| 124 | if req.Name == group.Name { |
| 125 | req.Name = "" |
| 126 | } |
| 127 | |
| 128 | if group.IsEveryone() && req.Name != "" { |
| 129 | httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{ |
| 130 | Message: fmt.Sprintf("Cannot rename the %q group!", database.EveryoneGroup), |
| 131 | }) |
| 132 | return |
| 133 | } |
| 134 | |
| 135 | if group.IsEveryone() && (req.DisplayName != nil && *req.DisplayName != "") { |
| 136 | httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{ |
| 137 | Message: fmt.Sprintf("Cannot update the Display Name for the %q group!", database.EveryoneGroup), |
| 138 | }) |
| 139 | return |
| 140 | } |
| 141 | |
| 142 | if req.Name == database.EveryoneGroup { |
| 143 | httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{ |
| 144 | Message: fmt.Sprintf("%q is a reserved group name!", database.EveryoneGroup), |
| 145 | }) |
| 146 | return |
| 147 | } |
| 148 | |
| 149 | users := make([]string, 0, len(req.AddUsers)+len(req.RemoveUsers)) |
| 150 | users = append(users, req.AddUsers...) |
| 151 | users = append(users, req.RemoveUsers...) |
| 152 | |
| 153 | if len(users) > 0 && group.Name == database.EveryoneGroup { |
| 154 | httpapi.Write(ctx, rw, http.StatusForbidden, codersdk.Response{ |
| 155 | Message: fmt.Sprintf("Cannot add or remove users from the %q group!", database.EveryoneGroup), |
| 156 | }) |
| 157 | return |
| 158 | } |
| 159 |
no test coverage detected