* chore: fixup quotas to only include groups you are a member of
Before all everyone groups were included in the allowance.
* chore: add unit test to execercise the bug
* add unit test to add rows into the everyone group
* fix: avoid deleting peers on graceful close
- Fixes an issue where a coordinator deletes all
its peers on shutdown. This can cause disconnects
whenever a coderd is redeployed.
* - allow group members to read basic Group info
- allow group members to see they are part of the group, but not see that information about other members
- add a GetGroupMembersCountByGroupID SQL query, which allows group members to see members count without revealing other information about the members
- add the group_members_expanded db view
- rewrite group member queries to use the group_members_expanded view
- add the RBAC ResourceGroupMember and add it to relevant roles
- rewrite GetGroupMembersByGroupID permission checks
- make the GroupMember type contain all user fields
- fix type issues coming from replacing User with GroupMember in group member queries
- add the MemberTotalCount field to codersdk.Group
- display `group.total_member_count` instead of `group.members.length` on the account page
* test: add unit test to verify group permission behavior
* Update coderd/database/dbauthz/groupsauth_test.go
---------
Co-authored-by: Cian Johnston <cian@coder.com>
This can happen if you can edit the members, for example, but not the
organization settings. In this case you will see a new summary page
instead of the edit form.
* chore: add fuzzy name search for templates
* chore: implement fuzzy name matching for templates
Templates search query defaults to a fuzzy name match
* fix: only check flag for organization settings
I added checks against the license but actually what we want is for
these views to become the default even when not licensed (once the
experimental flag is removed).
* Move deployment settings header to components
This will let us use it in the org settings pages, for a consistent
look.
* Add premium badge
* Use settings header on org pages
* Add license badges to create org page
I am not sure if there is maybe a better place for this, but maybe this
is good enough.
* Change create org form description text
It says "change", but there is nothing to change yet since this is a new
organization.
* Consistently capitalize org menu items and headings
Also, remove the "organizations" prefix since it seems redundant.
* chore: remove per-org audit links
For now at least, we will have the one audit page at /audit which lets
you filter by organization.
This also removes the need to do per-org audit permission checks.
* Filter audit org dropdown by auditable orgs
Previously all orgs you can list would appear, but you might not be
able to audit all of them.
* feat: initial commit custom roles
* feat: add page to create and edit custom roles
* feat: add assign org role permission
* feat: wip
* feat: cleanup
* fix: role name is disabled when editing the role
* fix: assign role context menu falls back to name when no display_name
* feat: add helper text to let users know that role name is immutable
* fix: format
* feat: - hide custom roles tab if experiment is not enabled
* fix: use custom TableLoader
* fix: fix custom roles text
* fix: use PatchRoleRequest
* fix: use addIcon to create roles
* feat: add cancel and save buttons to top of page
* fix: use nameValidator for name
* chore: cleanup
* feat: add show all permissions checkbox
* fix: update sidebar for roles
* fix: fix format
* fix: custom roles is not needed outside orgs
* fix: fix sidebar stories
* feat: add custom roles page stories
* fix: use organization permissions
* feat: add stories for CreateEditRolePageView
* fix: design improvements for the create edit role form
* feat: add show all resources checkbox to bottom of table
* feat: improve spacing
* fix: apply more specific selector labels to k8s example deployment template
* fix: use immutable ids instead of names for persistent resources in k8s example template as per docs
* chore: implement deleting custom roles
* add trigger to delete role from organization members on delete
* chore: add comments to explain populated field
The initial assumption that branch manipulations should be done by this
script and not pushed to remote manually has proven to get in the way of
the regular release flow.
These are just safety-checks to prevent user error, safe to remove.
Fixes#13648
Steven Masley