Skip to content

Commit

Permalink
fix: Fixes workspace access
Browse files Browse the repository at this point in the history
  • Loading branch information
@salehkhazaei
salehkhazaei committed Aug 1, 2024
1 parent ab05a19 commit 90eb0d5
Show file tree
Hide file tree
Showing 3 changed files with 10 additions and 7 deletions.
4 changes: 2 additions & 2 deletions pkg/workspace/cost_estimator_apis.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ func (s *Server) GetAwsCost(ctx echo.Context) error {
return echo.NewHTTPError(http.StatusBadRequest, err.Error())
}

if err := s.CheckRoleInWorkspace(ctx, nil, nil); err != nil {
if err := s.CheckRoleInWorkspace(ctx, nil, nil, ""); err != nil {
return err
}

Expand All @@ -40,7 +40,7 @@ func (s *Server) GetAzureCost(ctx echo.Context) error {
return echo.NewHTTPError(http.StatusBadRequest, err.Error())
}

if err := s.CheckRoleInWorkspace(ctx, nil, nil); err != nil {
if err := s.CheckRoleInWorkspace(ctx, nil, nil, ""); err != nil {
return err
}

Expand Down
5 changes: 4 additions & 1 deletion pkg/workspace/helper.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ import (
"net/http"
)

func (s *Server) CheckRoleInWorkspace(ctx echo.Context, workspaceID, ownerID *string) error {
func (s *Server) CheckRoleInWorkspace(ctx echo.Context, workspaceID, ownerID *string, workspaceName string) error {
resp, err := s.authClient.GetUserRoleBindings(httpclient.FromEchoContext(ctx))
if err != nil {
return fmt.Errorf("GetUserRoleBindings: %v", err)
Expand All @@ -20,6 +20,9 @@ func (s *Server) CheckRoleInWorkspace(ctx echo.Context, workspaceID, ownerID *st
}

hasRoleInWorkspace := false
if workspaceName == "main" {
hasRoleInWorkspace = true
}
for _, roleBinding := range resp.RoleBindings {
if roleBinding.WorkspaceID == *workspaceID {
hasRoleInWorkspace = true
Expand Down
8 changes: 4 additions & 4 deletions pkg/workspace/server.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -475,7 +475,7 @@ func (s *Server) GetBootstrapStatus(c echo.Context) error {
return err
}

if err := s.CheckRoleInWorkspace(c, &ws.ID, ws.OwnerId); err != nil {
if err := s.CheckRoleInWorkspace(c, &ws.ID, ws.OwnerId, workspaceName); err != nil {
return err
}

Expand Down Expand Up @@ -795,7 +795,7 @@ func (s *Server) GetWorkspace(c echo.Context) error {
return echo.NewHTTPError(http.StatusInternalServerError, ErrInternalServer)
}

if err := s.CheckRoleInWorkspace(c, &workspace.ID, workspace.OwnerId); err != nil {
if err := s.CheckRoleInWorkspace(c, &workspace.ID, workspace.OwnerId, workspace.Name); err != nil {
return err
}

Expand Down Expand Up @@ -832,7 +832,7 @@ func (s *Server) GetWorkspaceByName(c echo.Context) error {
return echo.NewHTTPError(http.StatusInternalServerError, ErrInternalServer)
}

if err := s.CheckRoleInWorkspace(c, &workspace.ID, workspace.OwnerId); err != nil {
if err := s.CheckRoleInWorkspace(c, &workspace.ID, workspace.OwnerId, name); err != nil {
return err
}

Expand Down Expand Up @@ -1061,7 +1061,7 @@ func (s *Server) GetWorkspaceLimits(c echo.Context) error {
return err
}

if err := s.CheckRoleInWorkspace(c, &dbWorkspace.ID, dbWorkspace.OwnerId); err != nil {
if err := s.CheckRoleInWorkspace(c, &dbWorkspace.ID, dbWorkspace.OwnerId, workspaceName); err != nil {
return err
}

Expand Down

0 comments on commit 90eb0d5

Please sign in to comment.