MCPcopy Index your code
hub / github.com/coder/coder / templateACL

Method templateACL

enterprise/coderd/templates.go:131–205  ·  view source on GitHub ↗

@Summary Get template ACLs @ID get-template-acls @Security CoderSessionToken @Produce json @Tags Enterprise @Param template path string true "Template ID" format(uuid) @Success 200 {object} codersdk.TemplateACL @Router /api/v2/templates/{template}/acl [get]

(rw http.ResponseWriter, r *http.Request)

Source from the content-addressed store, hash-verified

129// @Success 200 {object} codersdk.TemplateACL
130// @Router /api/v2/templates/{template}/acl [get]
131func (api *API) templateACL(rw http.ResponseWriter, r *http.Request) {
132 var (
133 ctx = r.Context()
134 template = httpmw.TemplateParam(r)
135 )
136
137 users, err := api.Database.GetTemplateUserRoles(ctx, template.ID)
138 if err != nil {
139 httpapi.InternalServerError(rw, err)
140 return
141 }
142
143 dbGroups, err := api.Database.GetTemplateGroupRoles(ctx, template.ID)
144 if err != nil {
145 httpapi.InternalServerError(rw, err)
146 return
147 }
148
149 userIDs := make([]uuid.UUID, 0, len(users))
150 for _, user := range users {
151 userIDs = append(userIDs, user.ID)
152 }
153
154 orgIDsByMemberIDsRows, err := api.Database.GetOrganizationIDsByMemberIDs(r.Context(), userIDs)
155 if err != nil && !xerrors.Is(err, sql.ErrNoRows) {
156 httpapi.InternalServerError(rw, err)
157 return
158 }
159
160 organizationIDsByUserID := map[uuid.UUID][]uuid.UUID{}
161 for _, organizationIDsByMemberIDsRow := range orgIDsByMemberIDsRows {
162 organizationIDsByUserID[organizationIDsByMemberIDsRow.UserID] = organizationIDsByMemberIDsRow.OrganizationIDs
163 }
164
165 groups := make([]codersdk.TemplateGroup, 0, len(dbGroups))
166 for _, group := range dbGroups {
167 var members []database.GroupMember
168
169 // This is a bit of a hack. The caller might not have permission to do this,
170 // but they can read the acl list if the function got this far. So we let
171 // them read the group members.
172 // We should probably at least return more truncated user data here.
173 // nolint:gocritic
174 members, err = api.Database.GetGroupMembersByGroupID(dbauthz.AsSystemRestricted(ctx), database.GetGroupMembersByGroupIDParams{
175 GroupID: group.Group.ID,
176 IncludeSystem: false,
177 })
178 if err != nil {
179 httpapi.InternalServerError(rw, err)
180 return
181 }
182 // nolint:gocritic
183 memberCount, err := api.Database.GetGroupMembersCountByGroupID(dbauthz.AsSystemRestricted(ctx), database.GetGroupMembersCountByGroupIDParams{
184 GroupID: group.Group.ID,
185 IncludeSystem: false,
186 })
187 if err != nil {
188 httpapi.InternalServerError(rw, err)

Callers

nothing calls this directly

Calls 14

TemplateParamFunction · 0.92
InternalServerErrorFunction · 0.92
AsSystemRestrictedFunction · 0.92
GroupFunction · 0.92
WriteFunction · 0.92
convertToTemplateRoleFunction · 0.85
convertTemplateUsersFunction · 0.85
ContextMethod · 0.65
GetTemplateUserRolesMethod · 0.65
GetTemplateGroupRolesMethod · 0.65

Tested by

no test coverage detected