Add endpoint for fetching groups with filters

Emyrk · Emyrk · commit 331329c73716 · 2024-08-13T11:13:40.000-05:00
diff --git a/coderd/httpapi/queryparams.go b/coderd/httpapi/queryparams.go
@@ -144,6 +144,19 @@ func (p *QueryParamParser) RequiredNotEmpty(queryParam ...string) *QueryParamPar
 	return p
 }
 
+// UUIDorName will parse a string as a UUID, if it fails, it uses the "fetchByName"
+// function to return a UUID based on the value as a string.
+// This is useful when fetching something like an organization by ID or by name.
+func (p *QueryParamParser) UUIDorName(vals url.Values, def uuid.UUID, queryParam string, fetchByName func(name string) (uuid.UUID, error)) uuid.UUID {
+	return ParseCustom(p, vals, def, queryParam, func(v string) (uuid.UUID, error) {
+		id, err := uuid.Parse(v)
+		if err == nil {
+			return id, nil
+		}
+		return fetchByName(v)
+	})
+}
+
 func (p *QueryParamParser) UUIDorMe(vals url.Values, def uuid.UUID, me uuid.UUID, queryParam string) uuid.UUID {
 	return ParseCustom(p, vals, def, queryParam, func(v string) (uuid.UUID, error) {
 		if v == "me" {
diff --git a/enterprise/coderd/coderd.go b/enterprise/coderd/coderd.go
@@ -342,15 +342,20 @@ func New(ctx context.Context, options *Options) (_ *API, err error) {
 			r.Get("/", api.templateACL)
 			r.Patch("/", api.patchTemplateACL)
 		})
-		r.Route("/groups/{group}", func(r chi.Router) {
+		r.Route("/groups", func(r chi.Router) {
 			r.Use(
 				api.templateRBACEnabledMW,
 				apiKeyMiddleware,
-				httpmw.ExtractGroupParam(api.Database),
 			)
-			r.Get("/", api.group)
-			r.Patch("/", api.patchGroup)
-			r.Delete("/", api.deleteGroup)
+			r.Get("/", api.groups)
+			r.Route("/{group}", func(r chi.Router) {
+				r.Use(
+					httpmw.ExtractGroupParam(api.Database),
+				)
+				r.Get("/", api.group)
+				r.Patch("/", api.patchGroup)
+				r.Delete("/", api.deleteGroup)
+			})
 		})
 		r.Route("/workspace-quota", func(r chi.Router) {
 			r.Use(
diff --git a/enterprise/coderd/groups.go b/enterprise/coderd/groups.go
@@ -9,13 +9,11 @@ import (
 	"github.com/google/uuid"
 	"golang.org/x/xerrors"
 
-	"github.com/coder/coder/v2/coderd"
 	"github.com/coder/coder/v2/coderd/audit"
 	"github.com/coder/coder/v2/coderd/database"
 	"github.com/coder/coder/v2/coderd/database/db2sdk"
 	"github.com/coder/coder/v2/coderd/httpapi"
 	"github.com/coder/coder/v2/coderd/httpmw"
-	"github.com/coder/coder/v2/coderd/rbac/policy"
 	"github.com/coder/coder/v2/codersdk"
 )
 
@@ -394,30 +392,60 @@ func (api *API) group(rw http.ResponseWriter, r *http.Request) {
 // @Success 200 {array} codersdk.Group
 // @Router /organizations/{organization}/groups [get]
 func (api *API) groupsByOrganization(rw http.ResponseWriter, r *http.Request) {
+	var (
+		org = httpmw.OrganizationParam(r)
+	)
+	values := r.URL.Query()
+	values.Set("organization", org.ID.String())
+	r.URL.RawQuery = values.Encode()
+
 	api.groups(rw, r)
 }
 
+// @Summary Get groups
+// @ID get-groups
+// @Security CoderSessionToken
+// @Produce json
+// @Tags Enterprise
+// @Param organization query string true "Organization ID or name"
+// @Param has_member query string true "User ID or name"
+// @Success 200 {array} codersdk.Group
+// @Router /groups [get]
 func (api *API) groups(rw http.ResponseWriter, r *http.Request) {
 	var (
 		ctx = r.Context()
-		org = httpmw.OrganizationParam(r)
 	)
 
-	groups, err := api.Database.GetGroups(ctx, database.GetGroupsParams{
-		OrganizationID: org.ID,
+	var filter database.GetGroupsParams
+	parser := httpapi.NewQueryParamParser()
+	// Organization selector can be an org ID or name
+	filter.OrganizationID = parser.UUIDorName(r.URL.Query(), uuid.Nil, "has_member", func(orgName string) (uuid.UUID, error) {
+		org, err := api.Database.GetOrganizationByName(ctx, orgName)
+		if err != nil {
+			return uuid.Nil, xerrors.Errorf("organization %q not found", orgName)
+		}
+		return org.ID, nil
 	})
-	if err != nil && !errors.Is(err, sql.ErrNoRows) {
-		httpapi.InternalServerError(rw, err)
+
+	// has_member selector can be a user ID or username
+	filter.HasMemberID = parser.UUIDorName(r.URL.Query(), uuid.Nil, "has_member", func(username string) (uuid.UUID, error) {
+		user, err := api.Database.GetUserByEmailOrUsername(ctx, database.GetUserByEmailOrUsernameParams{
+			Username: username,
+			Email:    "",
+		})
+		if err != nil {
+			return uuid.Nil, xerrors.Errorf("user %q not found", username)
+		}
+		return user.ID, nil
+	})
+
+	groups, err := api.Database.GetGroups(ctx, filter)
+	if httpapi.Is404Error(err) {
+		httpapi.ResourceNotFound(rw)
 		return
 	}
-
-	// Filter groups based on rbac permissions
-	groups, err = coderd.AuthorizeFilter(api.AGPL.HTTPAuth, r, policy.ActionRead, groups)
 	if err != nil {
-		httpapi.Write(ctx, rw, http.StatusInternalServerError, codersdk.Response{
-			Message: "Internal error fetching groups.",
-			Detail:  err.Error(),
-		})
+		httpapi.InternalServerError(rw, err)
 		return
 	}
 
