shishantbiswas/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2026-06-02 20:48:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
gateway-accounts/extract-workspace-access
coder/coderd
T
History
Steven Masley 6aef7c0858 refactor(coderd/rbac): extract organization-workspace-access role 
Introduce the organization-workspace-access role and split the member
and service-account perms into a floor plus an elevation set. The
elevation lives in the new OrgWorkspaceAccessMemberPerms helper and is
mirrored onto the new role; both OrgMemberPermissions and
OrgServiceAccountPermissions compose floor + elevation today, so this
PR is behavior-preserving.

A future PR will gate the elevation on the minimum-implicit-member
experiment so a user without organization-workspace-access has only
the floor. Org admins, owners, user admins, and the system role can
assign the new role.

The helper carries the same "Intentionally omitted at Member scope"
rationale as the prior enumeration so that owner-less resources (e.g.
ResourceTemplate, ResourceWorkspaceProxy) are not re-added by mistake.
2026-06-02 14:44:38 +00:00
..
agentapi
test: use typed atomics in test files (#25071)
2026-05-11 08:41:17 -06:00
agentmetrics
aibridge
refactor: route TransportFor by provider name (#25650)
2026-05-25 18:04:12 +02:00
aibridged
fix: track credential hint across key failover attempts in aibridge (#25735)
2026-05-29 12:01:37 +01:00
aibridgedserver
fix: track credential hint across key failover attempts in aibridge (#25735)
2026-05-29 12:01:37 +01:00
aiseats
feat: track ai seat usage (#22682)
2026-03-16 12:36:26 -05:00
apidoc
feat: add ai_gateway_keys table and related RBAC (#25563)
2026-06-02 09:28:43 +02:00
apikey
fix: initialize API key LastUsed to Unix epoch instead of zero time (#22327)
2026-03-02 16:02:01 +01:00
appearance
audit
feat: add ai_gateway_keys table and related RBAC (#25563)
2026-06-02 09:28:43 +02:00
autobuild
fix(coderd/autobuild): handle concurrent build number race in lifecycle executor (#25824)
2026-05-29 17:12:31 +03:00
awsidentity
azureidentity
fix: only embed Azure roots on darwin (#25312)
2026-05-14 11:45:21 -04:00
boundaryusage
fix: make boundary usage telemetry collection atomic (#21907)
2026-02-06 09:52:17 -07:00
cachecompress
fix(site): avoid duplicating bin download headers (#22981)
2026-03-13 00:22:55 +11:00
coderdtest
test: wait for devcontainer readiness (#25567)
2026-05-22 13:55:21 +01:00
connectionlog
feat: batch connection logs to avoid DB lock contention (#23727)
2026-04-03 15:47:26 -05:00
cryptokeys
chore: arrange imports in a standard way (#21452)
2026-01-08 15:24:11 +04:00
database
feat: add DB queries for ai_gateway_coderd_keys (#25564)
2026-06-02 13:25:44 +02:00
devtunnel
chore: remove unnecessary loop variable captures (#22180)
2026-02-19 09:02:19 +00:00
dynamicparameters
chore: remove coder_secret Terraform integration (#25512)
2026-05-21 09:19:29 -06:00
entitlements
feat: add Prometheus metrics for license warnings and errors (#21749)
2026-01-29 13:50:15 +01:00
externalauth
fix(coderd/externalauth): retry transient refresh failures with backoff (#25686)
2026-05-26 15:35:22 -04:00
files
chore: arrange imports in a standard way (#21452)
2026-01-08 15:24:11 +04:00
gitsshkey
chore: arrange imports in a standard way (#21452)
2026-01-08 15:24:11 +04:00
healthcheck
fix(coderd/healthcheck/derphealth): avoid data races in DERP report (#24795)
2026-04-28 13:06:45 -07:00
httpapi
test: speed up agent container websocket close test (#25559)
2026-05-22 20:10:25 +10:00
httpmw
chore: add agent-connection-watch for workspaces (#24507)
2026-05-20 13:09:11 -04:00
idpsync
test: remove unnecessary dbauthz.AsSystemRestricted calls in tests (#22663)
2026-03-05 20:29:49 +00:00
jobreaper
refactor: extract test helpers in coderd/jobreaper to reduce duplication (#23001)
2026-03-19 21:51:26 +00:00
jwtutils
mcp
fix: isolate MCP HTTP transports from DefaultTransport in tests (#25821)
2026-06-01 16:17:29 +03:00
metricscache
chore: arrange imports in a standard way (#21452)
2026-01-08 15:24:11 +04:00
notifications
fix(coderd/notifications): serialize pending updates gauge writes (#25495)
2026-05-29 11:02:13 -07:00
oauth2provider
chore: standardize on *_internal_test.go for white-box tests (#25601)
2026-05-22 20:24:38 +10:00
oauthpki
fix(coderd): support string type for oidc response's expires_in json property (#20152)
2025-10-15 17:37:37 +00:00
portsharing
pproflabel
chore: add tallyman events for ai seat tracking (#22689)
2026-03-18 09:30:22 -05:00
prebuilds
fix: make prebuild claiming durable and idempotent (#23108)
2026-04-02 23:51:02 +02:00
prometheusmetrics
feat: event driven agent connection metric (#24355)
2026-05-11 14:27:40 -05:00
promoauth
fix!: remove deprecated prometheus metrics (#21788)
2026-01-30 13:30:06 +01:00
provisionerdserver
fix: validate FileSize in NewDataBuilder to prevent OOM DoS (#25710)
2026-05-27 14:30:11 -04:00
provisionerkey
chore!: ensure consistent secret token generation and hashing (#20388)
2025-10-23 15:38:49 -05:00
proxyhealth
pubsub
feat: hot-reload aibridged and aibridgeproxyd providers on DB changes (#25673)
2026-05-27 11:58:43 +02:00
rbac
refactor(coderd/rbac): extract organization-workspace-access role
2026-06-02 14:44:38 +00:00
render
runtimeconfig
chore(coderd/runtimeconfig): remove dbmem from tests (#18790)
2025-07-08 14:31:05 +00:00
schedule
chore: remove unnecessary loop variable captures (#22180)
2026-02-19 09:02:19 +00:00
searchquery
feat: filter interceptions and sessions by provider name (#25640)
2026-05-25 16:31:48 +02:00
taskname
fix(coderd/taskname): parse task name JSON with trailing text (#25005)
2026-05-07 17:10:50 +01:00
telemetry
fix: wipe user secrets when user is soft-deleted (#24985)
2026-05-11 09:07:30 -06:00
testdata
chore: remove coder_secret Terraform integration (#25512)
2026-05-21 09:19:29 -06:00
tracing
test: use typed atomics in test files (#25071)
2026-05-11 08:41:17 -06:00
updatecheck
chore: arrange imports in a standard way (#21452)
2026-01-08 15:24:11 +04:00
usage
chore: add tallyman events for ai seat tracking (#22689)
2026-03-18 09:30:22 -05:00
userpassword
util
fix: normalize command paths to base names in shellparse (#25599)
2026-05-22 13:36:53 +03:00
webpush
fix: recover web push subscriptions after PWA reinstall (#24720)
2026-04-26 14:49:10 -07:00
workspaceapps
test: wait for devcontainer readiness (#25567)
2026-05-22 13:55:21 +01:00
workspaceconnwatcher
test: dont assert websocket closes without error (#25573)
2026-05-21 11:30:36 -04:00
workspacestats
feat: add Prometheus metrics for chatd subsystem (#24371)
2026-04-15 19:53:10 +01:00
wsbuilder
chore: remove coder_secret Terraform integration (#25512)
2026-05-21 09:19:29 -06:00
wspubsub
feat: add WatchAllWorkspaceBuilds endpoint for autostart scaletests (#22057)
2026-03-13 20:37:41 -07:00
x
fix(coderd/x/chatd): stabilize advisor stream test (#25781)
2026-06-02 12:44:45 +02:00
activitybump_test.go
test: add testutil.WaitBuffer and replace time.Sleep in tests (#22922)
2026-03-12 18:07:52 +02:00
ai_providers_migrate_test.go
fix(coderd): block ai provider env key drift (#25849)
2026-05-29 13:14:55 +00:00
ai_providers_migrate.go
fix(coderd): block ai provider env key drift (#25849)
2026-05-29 13:14:55 +00:00
ai_providers_pubsub_test.go
feat: hot-reload aibridged and aibridgeproxyd providers on DB changes (#25673)
2026-05-27 11:58:43 +02:00
ai_providers_test.go
feat: support adding GitHub Copilot AI provider via UI (#25888)
2026-06-01 15:26:37 +02:00
ai_providers.go
feat: support adding GitHub Copilot AI provider via UI (#25888)
2026-06-01 15:26:37 +02:00
aibridge_test.go
refactor: route TransportFor by provider name (#25650)
2026-05-25 18:04:12 +02:00
aibridged.go
fix: strip route prefix when passing request to aibridged handler (#25671)
2026-05-26 08:04:26 +00:00
aitasks_internal_test.go
fix: set codersdk.Task current_state during task initialization (#20692)
2025-11-17 13:24:12 +00:00
aitasks_test.go
fix: return 409 Conflict instead of 502 when task agent is busy (#23424)
2026-03-23 09:52:34 +00:00
aitasks.go
fix: correct SCIM Swagger try it out URLs (#24779)
2026-05-05 02:54:03 +05:00
apikey_scopes_validation_test.go
feat: add multi-scope support to API keys (#19917)
2025-09-26 11:56:34 +02:00
apikey_test.go
fix: persist session cookie to disk to prevent PWA logout (#23746)
2026-04-01 09:54:59 -04:00
apikey.go
fix: correct SCIM Swagger try it out URLs (#24779)
2026-05-05 02:54:03 +05:00
apiroot.go
fix: correct SCIM Swagger try it out URLs (#24779)
2026-05-05 02:54:03 +05:00
audit_internal_test.go
fix: improve chat audit log descriptions and diff rendering (#25728)
2026-05-28 18:37:57 +01:00
audit_test.go
chore: arrange imports in a standard way (#21452)
2026-01-08 15:24:11 +04:00
audit.go
fix: improve chat audit log descriptions and diff rendering (#25728)
2026-05-28 18:37:57 +01:00
authorize_test.go
feat: add an organization member permission level (#19953)
2025-10-27 17:14:16 -06:00
authorize.go
fix: correct SCIM Swagger try it out URLs (#24779)
2026-05-05 02:54:03 +05:00
chat_testhooks.go
test(coderd): centralize chat test harness and stabilize flakes (#25171)
2026-05-12 22:13:55 +10:00
client_test.go
coderd_internal_test.go
coderd_test.go
test: use typed atomics in test files (#25071)
2026-05-11 08:41:17 -06:00
coderd.go
feat: route chatd provider traffic through aibridge (#25629)
2026-05-26 19:31:52 +00:00
csp.go
fix: correct SCIM Swagger try it out URLs (#24779)
2026-05-05 02:54:03 +05:00
debug_test.go
feat(coderd): add consolidated /debug/profile endpoint for pprof collection (#22892)
2026-03-13 14:09:39 +00:00
debug.go
fix: correct SCIM Swagger try it out URLs (#24779)
2026-05-05 02:54:03 +05:00
deployment_test.go
deployment.go
fix: correct SCIM Swagger try it out URLs (#24779)
2026-05-05 02:54:03 +05:00
deprecated.go
fix: correct SCIM Swagger try it out URLs (#24779)
2026-05-05 02:54:03 +05:00
exp_chats_acl_test.go
feat: add chat sharing API (#24968)
2026-05-20 10:46:35 +01:00
exp_chats_acl.go
feat: add chat sharing API (#24968)
2026-05-20 10:46:35 +01:00
exp_chats_internal_test.go
feat(coderd): accept parameters in start_workspace tool (#24434)
2026-04-21 11:36:20 +10:00
exp_chats_test.go
fix(coderd): pass title API key context (#25723)
2026-05-27 13:20:36 +01:00
exp_chats.go
fix(coderd): pass title API key context (#25723)
2026-05-27 13:20:36 +01:00
experiments_test.go
experiments.go
fix: correct SCIM Swagger try it out URLs (#24779)
2026-05-05 02:54:03 +05:00
export_test.go
feat(coderd): add stop_workspace chatd tool and recovery classification (#24997)
2026-05-11 16:23:07 +10:00
externalauth_test.go
feat(coderd/rbac): make organization-member a per-org system custom role (#21359)
2026-01-12 18:19:19 -08:00
externalauth.go
fix: correct SCIM Swagger try it out URLs (#24779)
2026-05-05 02:54:03 +05:00
files_test.go
test: share coderdtest instances to stop paying the startup tax 22 times (#23454)
2026-03-23 19:54:43 +00:00
files.go
fix: correct SCIM Swagger try it out URLs (#24779)
2026-05-05 02:54:03 +05:00
gitsshkey_test.go
chore: distinct operations for provisioner's 'parse', 'init', 'plan', 'apply', 'graph' (#21064)
2025-12-15 11:26:41 -06:00
gitsshkey.go
fix: correct SCIM Swagger try it out URLs (#24779)
2026-05-05 02:54:03 +05:00
inboxnotifications_internal_test.go
inboxnotifications_test.go
inboxnotifications.go
fix: correct SCIM Swagger try it out URLs (#24779)
2026-05-05 02:54:03 +05:00
initscript_test.go
test: share coderdtest instances to stop paying the startup tax 22 times (#23454)
2026-03-23 19:54:43 +00:00
initscript.go
fix: correct SCIM Swagger try it out URLs (#24779)
2026-05-05 02:54:03 +05:00
insights_internal_test.go
insights_test.go
fix(coderd): fix flaky TestGetUserStatusCounts timezone boundary (#22639)
2026-03-04 18:01:56 -08:00
insights.go
fix: correct SCIM Swagger try it out URLs (#24779)
2026-05-05 02:54:03 +05:00
latencycheck.go
mcp_http.go
fix(coderd): enforce ActionSSH in MCP HTTP agent connection path (#24607)
2026-04-22 12:34:17 +02:00
mcp_internal_test.go
feat: add user_oidc auth type for MCP servers (#24793)
2026-05-03 11:31:48 -04:00
mcp_test.go
fix: strip deleted MCP IDs from chats on delete (#25763)
2026-05-29 16:49:25 +10:00
mcp.go
feat: add opt-in Coder identity headers for MCP servers (#25153)
2026-05-12 08:54:53 -04:00
members_test.go
feat: make service accounts a Premium feature (#24020)
2026-04-07 12:25:32 -06:00
members.go
fix: correct SCIM Swagger try it out URLs (#24779)
2026-05-05 02:54:03 +05:00
notifications_test.go
chore: return 404, not 400 if missing or authz deny (#22069)
2026-02-13 08:19:07 -06:00
notifications.go
fix: correct SCIM Swagger try it out URLs (#24779)
2026-05-05 02:54:03 +05:00
oauth2_error_compliance_test.go
test: reduce number of coderdtest instances (#23463)
2026-03-25 09:53:06 +00:00
oauth2_metadata_test.go
refactor: add RFC-compliant enum types and use SDK as source of truth (#21468)
2026-01-15 12:41:28 +03:00
oauth2_metadata_validation_test.go
test: share coderdtest instances in OAuth2 validation tests (#23455)
2026-03-23 21:03:34 +00:00
oauth2_security_test.go
test: reduce number of coderdtest instances (#23463)
2026-03-25 09:53:06 +00:00
oauth2_test.go
fix(coderd): use dbtime.Now() instead of time.Now() in test assertions against DB timestamps (#22685)
2026-03-06 09:14:11 +00:00
oauth2.go
fix: correct SCIM Swagger try it out URLs (#24779)
2026-05-05 02:54:03 +05:00
organizations_test.go
organizations.go
fix: correct SCIM Swagger try it out URLs (#24779)
2026-05-05 02:54:03 +05:00
pagination_test.go
feat: add connectionlogs API (#18628)
2025-07-15 14:55:34 +10:00
pagination.go
feat: add connectionlogs API (#18628)
2025-07-15 14:55:34 +10:00
parameters_test.go
chore: remove coder_secret Terraform integration (#25512)
2026-05-21 09:19:29 -06:00
parameters.go
chore: remove coder_secret Terraform integration (#25512)
2026-05-21 09:19:29 -06:00
presets_test.go
chore: remove unnecessary loop variable captures (#22180)
2026-02-19 09:02:19 +00:00
presets.go
fix: correct SCIM Swagger try it out URLs (#24779)
2026-05-05 02:54:03 +05:00
provisionerdaemons_test.go
feat: add filtering options to provisioners list (#19378)
2025-08-21 16:03:34 -04:00
provisionerdaemons.go
fix: correct SCIM Swagger try it out URLs (#24779)
2026-05-05 02:54:03 +05:00
provisionerjobs_internal_test.go
provisionerjobs_test.go
feat: add workspace build transition to provisioner job list (#24131)
2026-04-10 09:50:11 -05:00
provisionerjobs.go
fix: correct SCIM Swagger try it out URLs (#24779)
2026-05-05 02:54:03 +05:00
roles_test.go
roles.go
fix: correct SCIM Swagger try it out URLs (#24779)
2026-05-05 02:54:03 +05:00
scopes_catalog_api_test.go
feat: add external API key scopes (#19916)
2025-09-26 11:43:32 +02:00
scopes_catalog.go
fix: correct SCIM Swagger try it out URLs (#24779)
2026-05-05 02:54:03 +05:00
swagger_request_interceptor.js
fix: correct SCIM Swagger try it out URLs (#24779)
2026-05-05 02:54:03 +05:00
tailnet_test.go
test: use typed atomics in test files (#25071)
2026-05-11 08:41:17 -06:00
tailnet.go
feat: structured disconnect attribution for agent logs (#25191)
2026-05-19 09:47:03 -05:00
templates_meta_update_internal_test.go
chore: standardize on *_internal_test.go for white-box tests (#25601)
2026-05-22 20:24:38 +10:00
templates_meta_update.go
feat!: patchTemplateMeta to use optional fields (#24984)
2026-05-11 12:43:52 -05:00
templates_test.go
feat!: patchTemplateMeta to use optional fields (#24984)
2026-05-11 12:43:52 -05:00
templates.go
feat!: patchTemplateMeta to use optional fields (#24984)
2026-05-11 12:43:52 -05:00
templateversions_test.go
chore!: remove api.ts unnecessary calls (#22168)
2026-04-23 06:20:35 +10:00
templateversions.go
fix: correct SCIM Swagger try it out URLs (#24779)
2026-05-05 02:54:03 +05:00
updatecheck_test.go
updatecheck.go
fix: correct SCIM Swagger try it out URLs (#24779)
2026-05-05 02:54:03 +05:00
userauth_test.go
test: reduce number of coderdtest instances (#23463)
2026-03-25 09:53:06 +00:00
userauth.go
fix: correct SCIM Swagger try it out URLs (#24779)
2026-05-05 02:54:03 +05:00
users_test.go
fix: collapse agent command output by default (#25748)
2026-05-28 16:54:52 +01:00
users.go
fix: collapse agent command output by default (#25748)
2026-05-28 16:54:52 +01:00
usersecrets_audit_test.go
feat: audit user secret create, update, and delete (#24756)
2026-04-29 12:57:47 -06:00
usersecrets_test.go
feat: enforce per-user limits on user_secrets (#25588)
2026-05-26 14:42:31 -06:00
usersecrets.go
feat: enforce per-user limits on user_secrets (#25588)
2026-05-26 14:42:31 -06:00
userskills_test.go
feat: support personal skills in chats (#25366)
2026-05-20 19:50:50 +02:00
userskills.go
feat: add personal skill storage, API, and SDK (#25363)
2026-05-20 00:09:09 +02:00
webpush_internal_test.go
fix(coderd): validate webpush subscription endpoints (#24347)
2026-04-15 11:31:43 +02:00
webpush_test.go
fix: recover web push subscriptions after PWA reinstall (#24720)
2026-04-26 14:49:10 -07:00
webpush.go
fix: correct SCIM Swagger try it out URLs (#24779)
2026-05-05 02:54:03 +05:00
workspaceagentportshare_test.go
feat(coderd/rbac): make organization-member a per-org system custom role (#21359)
2026-01-12 18:19:19 -08:00
workspaceagentportshare.go
fix: correct SCIM Swagger try it out URLs (#24779)
2026-05-05 02:54:03 +05:00
workspaceagents_active_chat_internal_test.go
feat: add chat sharing foundation (#25041)
2026-05-18 22:32:05 +01:00
workspaceagents_chat_context_internal_test.go
feat: remove legacy chat provider tables (#25416)
2026-05-22 09:50:01 +02:00
workspaceagents_chat_context_test.go
refactor: add dbgen chat generators and migrate test boilerplate (#24497)
2026-05-01 13:29:33 +01:00
workspaceagents_internal_test.go
test: speed up agent container websocket close test (#25559)
2026-05-22 20:10:25 +10:00
workspaceagents_test.go
fix: require update permission to recreate devcontainers (#25812)
2026-05-28 15:34:36 -05:00
workspaceagents.go
fix: require update permission to recreate devcontainers (#25812)
2026-05-28 15:34:36 -05:00
workspaceagentsrpc_internal_test.go
feat: event driven agent connection metric (#24355)
2026-05-11 14:27:40 -05:00
workspaceagentsrpc_test.go
test: add testutil.WaitBuffer and replace time.Sleep in tests (#22922)
2026-03-12 18:07:52 +02:00
workspaceagentsrpc.go
feat: event driven agent connection metric (#24355)
2026-05-11 14:27:40 -05:00
workspaceapps_test.go
workspaceapps.go
fix: correct SCIM Swagger try it out URLs (#24779)
2026-05-05 02:54:03 +05:00
workspacebuilds_test.go
feat: add link for viewing raw build logs in workspace and template build jobs (#21727)
2026-02-03 09:45:23 +00:00
workspacebuilds.go
chore: remove coder_secret Terraform integration (#25512)
2026-05-21 09:19:29 -06:00
workspaceproxies_test.go
workspaceproxies.go
fix: correct SCIM Swagger try it out URLs (#24779)
2026-05-05 02:54:03 +05:00
workspaceresourceauth_test.go
fix: soft-delete stale workspace agents on new build (#25207)
2026-05-18 08:33:29 -04:00
workspaceresourceauth.go
fix: verify PKCS7 signature on Azure instance identity tokens (#25286)
2026-05-13 14:14:07 +00:00
workspaces_scoped_test.go
fix: isolate test HTTP clients (#25038)
2026-05-11 11:03:38 +02:00
workspaces_test.go
feat!: patchTemplateMeta to use optional fields (#24984)
2026-05-11 12:43:52 -05:00
workspaces.go
chore: remove coder_secret Terraform integration (#25512)
2026-05-21 09:19:29 -06:00
workspaceupdates_test.go
workspaceupdates.go
chore: arrange imports in a standard way (#21452)
2026-01-08 15:24:11 +04:00