shishantbiswas/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2026-06-02 20:48:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
coder/coderd/rbac/scopes_catalog_internal_test.go
T
Mathias Fredriksson 147df5c971 refactor: replace sort.Strings with slices.Sort (#23457) 
The slices package provides type-safe generic replacements for the
old typed sort convenience functions. The codebase already uses
slices.Sort in 43 call sites; this finishes the migration for the
remaining 29.

- sort.Strings(x)          -> slices.Sort(x)
- sort.Float64s(x)         -> slices.Sort(x)
- sort.StringsAreSorted(x) -> slices.IsSorted(x)
2026-03-23 23:19:23 +02:00

69 lines
2.0 KiB
Go
Raw Permalink Blame History

package rbac
import (
"slices"
"strings"
"testing"
"github.com/stretchr/testify/require"
)
func TestExternalScopeNames(t *testing.T) {
t.Parallel()
names := ExternalScopeNames()
require.NotEmpty(t, names)
// Ensure sorted ascending
sorted := append([]string(nil), names...)
slices.Sort(sorted)
require.Equal(t, sorted, names)
// Ensure each entry expands to site-only
for _, name := range names {
// Skip `all` and `application_connect` since they do not
// expand into a low level scope.
// They are handled differently.
if name == string(ScopeAll) || name == string(ScopeApplicationConnect) {
continue
}
// Composite coder:* scopes expand to one or more site permissions.
if strings.HasPrefix(name, "coder:") {
s, err := ScopeName(name).Expand()
require.NoErrorf(t, err, "catalog entry should expand: %s", name)
require.NotEmpty(t, s.Site)
expected, ok := CompositeSitePermissions(ScopeName(name))
require.Truef(t, ok, "expected composite scope definition: %s", name)
require.ElementsMatchf(t, expected, s.Site, "unexpected expanded permissions for %s", name)
require.Empty(t, s.ByOrgID)
require.Empty(t, s.User)
continue
}
// Low-level scopes must parse to a single permission.
res, act, ok := parseLowLevelScope(ScopeName(name))
require.Truef(t, ok, "catalog entry should parse: %s", name)
s, err := ScopeName(name).Expand()
require.NoErrorf(t, err, "catalog entry should expand: %s", name)
require.Len(t, s.Site, 1)
require.Equal(t, res, s.Site[0].ResourceType)
require.Equal(t, act, s.Site[0].Action)
require.Empty(t, s.ByOrgID)
require.Empty(t, s.User)
}
}
func TestIsExternalScope(t *testing.T) {
t.Parallel()
require.True(t, IsExternalScope("workspace:read"))
require.True(t, IsExternalScope("template:use"))
require.True(t, IsExternalScope("workspace:*"))
require.True(t, IsExternalScope("coder:workspaces.create"))
require.True(t, IsExternalScope("user:read"))
require.False(t, IsExternalScope("debug_info:read")) // internal-only
require.False(t, IsExternalScope("unknown:read"))
}
Reference in New Issue View Git Blame Copy Permalink