shishantbiswas/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2026-06-02 20:48:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(coderd): bump workspace autostop deadline on chat heartbeat (#23314)

Browse Source 
- Wire `workspacestats.ActivityBumpWorkspace` into `trackWorkspaceUsage`
so the workspace build deadline is extended each time the chat heartbeat
fires
- Prevents mid-conversation autostop for chat workspaces
- Updates `TestHeartbeatBumpsWorkspaceUsage` verifying the deadline bump

> This PR was created with the help of Coder Agents, and was reviewed by two humans and their pet robots 🧑‍💻🤝🤖
This commit is contained in:
Cian Johnston
2026-03-19 22:07:20 +00:00
committed by GitHub
parent 7c3c7bb5e6
commit 2f50e89afd
4 changed files with 101 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files
coderd/database/dbauthz/dbauthz.go
+1 -1
View File
@@ -705,7 +705,7 @@ var (
DisplayName: "Chat Daemon",
Site: rbac.Permissions(map[string][]policy.Action{
rbac.ResourceChat.Type: {policy.ActionCreate, policy.ActionRead, policy.ActionUpdate, policy.ActionDelete},
rbac.ResourceWorkspace.Type: {policy.ActionRead},
rbac.ResourceWorkspace.Type: {policy.ActionRead, policy.ActionUpdate},
rbac.ResourceDeploymentConfig.Type: {policy.ActionRead},
rbac.ResourceUser.Type: {policy.ActionReadPersonal},
}),
coderd/database/dbauthz/dbauthz_test.go
+12 -12
View File
@@ -5697,12 +5697,16 @@ func TestAsChatd(t *testing.T) {
require.NoError(t, err, "chat %s should be allowed", action)
}
// Workspace read.
err := auth.Authorize(ctx, actor, policy.ActionRead, rbac.ResourceWorkspace)
require.NoError(t, err, "workspace read should be allowed")
// Workspace read + update (update needed for ActivityBumpWorkspace).
for _, action := range []policy.Action{
policy.ActionRead, policy.ActionUpdate,
} {
err := auth.Authorize(ctx, actor, action, rbac.ResourceWorkspace)
require.NoError(t, err, "workspace %s should be allowed", action)
}
// DeploymentConfig read.
err = auth.Authorize(ctx, actor, policy.ActionRead, rbac.ResourceDeploymentConfig)
err := auth.Authorize(ctx, actor, policy.ActionRead, rbac.ResourceDeploymentConfig)
require.NoError(t, err, "deployment config read should be allowed")
// User read_personal (needed for GetUserChatCustomPrompt).
@@ -5713,16 +5717,12 @@ func TestAsChatd(t *testing.T) {
t.Run("DeniedActions", func(t *testing.T) {
t.Parallel()
// Cannot write workspaces.
for _, action := range []policy.Action{
policy.ActionUpdate, policy.ActionDelete,
} {
err := auth.Authorize(ctx, actor, action, rbac.ResourceWorkspace)
require.Error(t, err, "workspace %s should be denied", action)
}
// Cannot delete workspaces.
err := auth.Authorize(ctx, actor, policy.ActionDelete, rbac.ResourceWorkspace)
require.Error(t, err, "workspace delete should be denied")
// Cannot access users.
err := auth.Authorize(ctx, actor, policy.ActionRead, rbac.ResourceUser)
err = auth.Authorize(ctx, actor, policy.ActionRead, rbac.ResourceUser)
require.Error(t, err, "user read should be denied")
// Cannot access API keys.