@Summary Update template ACL @ID update-template-acl @Security CoderSessionToken @Accept json @Produce json @Tags Enterprise @Param template path string true "Template ID" format(uuid) @Param request body codersdk.UpdateTemplateACL true "Update template ACL request" @Success 200 {object} codersdk.Re
(rw http.ResponseWriter, r *http.Request)
| 215 | // @Success 200 {object} codersdk.Response |
| 216 | // @Router /api/v2/templates/{template}/acl [patch] |
| 217 | func (api *API) patchTemplateACL(rw http.ResponseWriter, r *http.Request) { |
| 218 | var ( |
| 219 | ctx = r.Context() |
| 220 | template = httpmw.TemplateParam(r) |
| 221 | auditor = api.AGPL.Auditor.Load() |
| 222 | aReq, commitAudit = audit.InitRequest[database.Template](rw, &audit.RequestParams{ |
| 223 | Audit: *auditor, |
| 224 | Log: api.Logger, |
| 225 | Request: r, |
| 226 | Action: database.AuditActionWrite, |
| 227 | OrganizationID: template.OrganizationID, |
| 228 | }) |
| 229 | ) |
| 230 | defer commitAudit() |
| 231 | aReq.Old = template |
| 232 | |
| 233 | var req codersdk.UpdateTemplateACL |
| 234 | if !httpapi.Read(ctx, rw, r, &req) { |
| 235 | return |
| 236 | } |
| 237 | |
| 238 | validErrs := acl.Validate(ctx, api.Database, TemplateACLUpdateValidator(req)) |
| 239 | if len(validErrs) > 0 { |
| 240 | httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{ |
| 241 | Message: "Invalid request to update template ACL", |
| 242 | Validations: validErrs, |
| 243 | }) |
| 244 | return |
| 245 | } |
| 246 | |
| 247 | err := api.Database.InTx(func(tx database.Store) error { |
| 248 | var err error |
| 249 | template, err = tx.GetTemplateByID(ctx, template.ID) |
| 250 | if err != nil { |
| 251 | return xerrors.Errorf("get template by ID: %w", err) |
| 252 | } |
| 253 | |
| 254 | for id, role := range req.UserPerms { |
| 255 | if role == codersdk.TemplateRoleDeleted { |
| 256 | delete(template.UserACL, id) |
| 257 | continue |
| 258 | } |
| 259 | template.UserACL[id] = db2sdk.TemplateRoleActions(role) |
| 260 | } |
| 261 | |
| 262 | for id, role := range req.GroupPerms { |
| 263 | if role == codersdk.TemplateRoleDeleted { |
| 264 | delete(template.GroupACL, id) |
| 265 | continue |
| 266 | } |
| 267 | template.GroupACL[id] = db2sdk.TemplateRoleActions(role) |
| 268 | } |
| 269 | |
| 270 | err = tx.UpdateTemplateACLByID(ctx, database.UpdateTemplateACLByIDParams{ |
| 271 | ID: template.ID, |
| 272 | UserACL: template.UserACL, |
| 273 | GroupACL: template.GroupACL, |
| 274 | }) |
nothing calls this directly
no test coverage detected