shishantbiswas/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2026-06-02 20:48:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: add chat-access site-wide role to gate chat creation (#23724)

Browse Source 
- Add `chat-access` built-in role granting chat CRUD at User scope
- Exclude `ResourceChat` from member, org member, and org service
account `allPermsExcept` calls
- Allow system, owner, and user-admin to assign the new role
- Migration auto-assigns role to users who have ever created a chat
- Update RBAC test matrix: `memberMe` denied, `chatAccessUser` allowed

**Breaking change**: Members without `chat-access` lose chat creation
ability. Migration covers existing chat creators. Members who have never
created a chat do not get this role automatically applied.

> 🤖 This PR was created by a Coder Agent and reviewed by me.
This commit is contained in:
Cian Johnston
2026-03-31 10:07:21 +01:00
committed by GitHub
parent 348a3bd693
commit 3ce82bb885
18 changed files with 451 additions and 117 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/ai-coder/agents/getting-started.md
+20 -1
View File
@@ -24,6 +24,9 @@ Before you begin, confirm the following:
for the agent to select when provisioning workspaces.
- **Admin access** to the Coder deployment for enabling the experiment and
configuring providers.
- **Use Coder Agents role** assigned to each user who needs to create or use chats.
Owners can assign this from **Admin** > **Users**. See
[Grant Use Coder Agents](#step-3-grant-use-coder-agents) below.
## Step 1: Enable the experiment
@@ -69,7 +72,23 @@ Detailed instructions for each provider and model option are in the
> Start with a single frontier model to validate your setup before adding
> additional providers.
## Step 3: Start your first chat
## Step 3: Grant Use Coder Agents
The **Use Coder Agents** role controls which users can create and use chats.
Members do not have Use Coder Agents by default.
1. Go to **Admin** > **Users** in the Coder dashboard.
1. Click the roles icon next to the user you want to grant access to.
1. Enable the **Use Coder Agents** role and save.
Repeat for each user who needs access. Owners always have full access
and do not need the role.
> [!NOTE]
> Users who created chats before this role was introduced are
> automatically granted the role during upgrade.
## Step 4: Start your first chat
1. Go to the **Agents** page in the Coder dashboard.
1. Select a model from the dropdown (your default will be pre-selected).