@Summary Update group IdP Sync mapping @ID update-group-idp-sync-mapping @Security CoderSessionToken @Produce json @Accept json @Tags Enterprise @Success 200 {object} codersdk.GroupSyncSettings @Param organization path string true "Organization ID or name" format(uuid) @Param request body codersdk.P
(rw http.ResponseWriter, r *http.Request)
| 215 | // @Param request body codersdk.PatchGroupIDPSyncMappingRequest true "Description of the mappings to add and remove" |
| 216 | // @Router /api/v2/organizations/{organization}/settings/idpsync/groups/mapping [patch] |
| 217 | func (api *API) patchGroupIDPSyncMapping(rw http.ResponseWriter, r *http.Request) { |
| 218 | ctx := r.Context() |
| 219 | org := httpmw.OrganizationParam(r) |
| 220 | auditor := *api.AGPL.Auditor.Load() |
| 221 | aReq, commitAudit := audit.InitRequest[idpsync.GroupSyncSettings](rw, &audit.RequestParams{ |
| 222 | Audit: auditor, |
| 223 | Log: api.Logger, |
| 224 | Request: r, |
| 225 | Action: database.AuditActionWrite, |
| 226 | OrganizationID: org.ID, |
| 227 | }) |
| 228 | defer commitAudit() |
| 229 | |
| 230 | if !api.Authorize(r, policy.ActionUpdate, rbac.ResourceIdpsyncSettings.InOrg(org.ID)) { |
| 231 | httpapi.Forbidden(rw) |
| 232 | return |
| 233 | } |
| 234 | |
| 235 | var req codersdk.PatchGroupIDPSyncMappingRequest |
| 236 | if !httpapi.Read(ctx, rw, r, &req) { |
| 237 | return |
| 238 | } |
| 239 | |
| 240 | var settings idpsync.GroupSyncSettings |
| 241 | //nolint:gocritic // Requires system context to update runtime config |
| 242 | sysCtx := dbauthz.AsSystemRestricted(ctx) |
| 243 | err := database.ReadModifyUpdate(api.Database, func(tx database.Store) error { |
| 244 | existing, err := api.IDPSync.GroupSyncSettings(sysCtx, org.ID, tx) |
| 245 | if err != nil { |
| 246 | return err |
| 247 | } |
| 248 | aReq.Old = *existing |
| 249 | |
| 250 | newMapping := applyIDPSyncMappingDiff(existing.Mapping, req.Add, req.Remove) |
| 251 | settings = idpsync.GroupSyncSettings{ |
| 252 | Field: existing.Field, |
| 253 | RegexFilter: existing.RegexFilter, |
| 254 | AutoCreateMissing: existing.AutoCreateMissing, |
| 255 | LegacyNameMapping: existing.LegacyNameMapping, |
| 256 | Mapping: newMapping, |
| 257 | } |
| 258 | |
| 259 | err = api.IDPSync.UpdateGroupSyncSettings(sysCtx, org.ID, tx, settings) |
| 260 | if err != nil { |
| 261 | return err |
| 262 | } |
| 263 | |
| 264 | return nil |
| 265 | }) |
| 266 | if err != nil { |
| 267 | httpapi.InternalServerError(rw, err) |
| 268 | return |
| 269 | } |
| 270 | |
| 271 | aReq.New = settings |
| 272 | httpapi.Write(ctx, rw, http.StatusOK, codersdk.GroupSyncSettings{ |
| 273 | Field: settings.Field, |
| 274 | RegexFilter: settings.RegexFilter, |
nothing calls this directly
no test coverage detected