@Summary Update role IdP Sync mapping @ID update-role-idp-sync-mapping @Security CoderSessionToken @Produce json @Accept json @Tags Enterprise @Success 200 {object} codersdk.RoleSyncSettings @Param organization path string true "Organization ID or name" format(uuid) @Param request body codersdk.Patc
(rw http.ResponseWriter, r *http.Request)
| 449 | // @Param request body codersdk.PatchRoleIDPSyncMappingRequest true "Description of the mappings to add and remove" |
| 450 | // @Router /api/v2/organizations/{organization}/settings/idpsync/roles/mapping [patch] |
| 451 | func (api *API) patchRoleIDPSyncMapping(rw http.ResponseWriter, r *http.Request) { |
| 452 | ctx := r.Context() |
| 453 | org := httpmw.OrganizationParam(r) |
| 454 | auditor := *api.AGPL.Auditor.Load() |
| 455 | aReq, commitAudit := audit.InitRequest[idpsync.RoleSyncSettings](rw, &audit.RequestParams{ |
| 456 | Audit: auditor, |
| 457 | Log: api.Logger, |
| 458 | Request: r, |
| 459 | Action: database.AuditActionWrite, |
| 460 | OrganizationID: org.ID, |
| 461 | }) |
| 462 | defer commitAudit() |
| 463 | |
| 464 | if !api.Authorize(r, policy.ActionUpdate, rbac.ResourceIdpsyncSettings.InOrg(org.ID)) { |
| 465 | httpapi.Forbidden(rw) |
| 466 | return |
| 467 | } |
| 468 | |
| 469 | var req codersdk.PatchRoleIDPSyncMappingRequest |
| 470 | if !httpapi.Read(ctx, rw, r, &req) { |
| 471 | return |
| 472 | } |
| 473 | |
| 474 | var settings idpsync.RoleSyncSettings |
| 475 | //nolint:gocritic // Requires system context to update runtime config |
| 476 | sysCtx := dbauthz.AsSystemRestricted(ctx) |
| 477 | err := database.ReadModifyUpdate(api.Database, func(tx database.Store) error { |
| 478 | existing, err := api.IDPSync.RoleSyncSettings(sysCtx, org.ID, tx) |
| 479 | if err != nil { |
| 480 | return err |
| 481 | } |
| 482 | aReq.Old = *existing |
| 483 | |
| 484 | newMapping := applyIDPSyncMappingDiff(existing.Mapping, req.Add, req.Remove) |
| 485 | settings = idpsync.RoleSyncSettings{ |
| 486 | Field: existing.Field, |
| 487 | Mapping: newMapping, |
| 488 | } |
| 489 | |
| 490 | err = api.IDPSync.UpdateRoleSyncSettings(sysCtx, org.ID, tx, settings) |
| 491 | if err != nil { |
| 492 | return err |
| 493 | } |
| 494 | |
| 495 | return nil |
| 496 | }) |
| 497 | if err != nil { |
| 498 | httpapi.InternalServerError(rw, err) |
| 499 | return |
| 500 | } |
| 501 | |
| 502 | aReq.New = settings |
| 503 | httpapi.Write(ctx, rw, http.StatusOK, codersdk.RoleSyncSettings{ |
| 504 | Field: settings.Field, |
| 505 | Mapping: settings.Mapping, |
| 506 | }) |
| 507 | } |
| 508 |
nothing calls this directly
no test coverage detected