MCPcopy Index your code
hub / github.com/coder/coder / patchWorkspaceSharingSettings

Method patchWorkspaceSharingSettings

enterprise/coderd/workspacesharing.go:63–194  ·  view source on GitHub ↗

@Summary Update workspace sharing settings for organization @ID update-workspace-sharing-settings-for-organization @Security CoderSessionToken @Produce json @Accept json @Tags Enterprise @Param organization path string true "Organization ID" format(uuid) @Param request body codersdk.UpdateWorkspaceS

(rw http.ResponseWriter, r *http.Request)

Source from the content-addressed store, hash-verified

61// @Success 200 {object} codersdk.WorkspaceSharingSettings
62// @Router /api/v2/organizations/{organization}/settings/workspace-sharing [patch]
63func (api *API) patchWorkspaceSharingSettings(rw http.ResponseWriter, r *http.Request) {
64 ctx := r.Context()
65 org := httpmw.OrganizationParam(r)
66 auditor := *api.AGPL.Auditor.Load()
67 aReq, commitAudit := audit.InitRequest[database.Organization](rw, &audit.RequestParams{
68 Audit: auditor,
69 Log: api.Logger,
70 Request: r,
71 Action: database.AuditActionWrite,
72 OrganizationID: org.ID,
73 })
74 aReq.Old = org
75 defer commitAudit()
76
77 if !api.Authorize(r, policy.ActionUpdate, org) {
78 httpapi.Forbidden(rw)
79 return
80 }
81
82 var req codersdk.UpdateWorkspaceSharingSettingsRequest
83 if !httpapi.Read(ctx, rw, r, &req) {
84 return
85 }
86
87 // Resolve the effective enum value. Prefer the new field; fall
88 // back to the deprecated boolean for older clients (e.g
89 // tf-provider-coderd v0.0.16)
90 allowedOwners := req.ShareableWorkspaceOwners
91 if allowedOwners == "" {
92 if req.SharingDisabled {
93 allowedOwners = codersdk.ShareableWorkspaceOwnersNone
94 } else {
95 allowedOwners = codersdk.ShareableWorkspaceOwnersEveryone
96 }
97 }
98
99 if !database.ShareableWorkspaceOwners(allowedOwners).Valid() {
100 httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{
101 Message: "Invalid shareable workspace owners value.",
102 Validations: []codersdk.ValidationError{{
103 Field: "shareable_workspace_owners",
104 Detail: fmt.Sprintf("invalid value %q, must be one of [%s]",
105 allowedOwners,
106 strings.Join(slice.ToStrings(database.AllShareableWorkspaceOwnersValues()), ", ")),
107 }},
108 })
109 return
110 }
111
112 err := api.Database.InTx(func(tx database.Store) error {
113 //nolint:gocritic // System context required to look up and reconcile the
114 // system roles; callers only need `organization:update`
115 sysCtx := dbauthz.AsSystemRestricted(ctx)
116
117 // Serialize organization workspace-sharing updates with system role
118 // reconciliation across coderd instances (e.g. during rolling restarts).
119 // This prevents conflicting writes to the system roles.
120 // TODO(geokat): Consider finer-grained locks as we add more system roles.

Callers 1

Calls 15

AuthorizeMethod · 0.95
OrganizationParamFunction · 0.92
InitRequestFunction · 0.92
ForbiddenFunction · 0.92
ReadFunction · 0.92
ShareableWorkspaceOwnersTypeAlias · 0.92
WriteFunction · 0.92
ToStringsFunction · 0.92
AsSystemRestrictedFunction · 0.92
NowFunction · 0.92
RoleOrgMemberFunction · 0.92

Tested by

no test coverage detected