Skip to content

Commit b9d7ce8

Browse files
committed
move test NoTemplateAccess to enterprise
1 parent 7ab9272 commit b9d7ce8

File tree

2 files changed

+38
-26
lines changed

2 files changed

+38
-26
lines changed

coderd/workspaces_test.go

Lines changed: 0 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -588,32 +588,6 @@ func TestPostWorkspacesByOrganization(t *testing.T) {
588588
require.Equal(t, http.StatusBadRequest, apiErr.StatusCode())
589589
})
590590

591-
t.Run("NoTemplateAccess", func(t *testing.T) {
592-
t.Parallel()
593-
client := coderdtest.New(t, nil)
594-
first := coderdtest.CreateFirstUser(t, client)
595-
other, _ := coderdtest.CreateAnotherUser(t, client, first.OrganizationID, rbac.RoleMember(), rbac.RoleOwner())
596-
597-
ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitLong)
598-
defer cancel()
599-
600-
org, err := other.CreateOrganization(ctx, codersdk.CreateOrganizationRequest{
601-
Name: "another",
602-
})
603-
require.NoError(t, err)
604-
version := coderdtest.CreateTemplateVersion(t, other, org.ID, nil)
605-
template := coderdtest.CreateTemplate(t, other, org.ID, version.ID)
606-
607-
_, err = client.CreateWorkspace(ctx, first.OrganizationID, codersdk.Me, codersdk.CreateWorkspaceRequest{
608-
TemplateID: template.ID,
609-
Name: "workspace",
610-
})
611-
require.Error(t, err)
612-
var apiErr *codersdk.Error
613-
require.ErrorAs(t, err, &apiErr)
614-
require.Equal(t, http.StatusForbidden, apiErr.StatusCode())
615-
})
616-
617591
t.Run("AlreadyExists", func(t *testing.T) {
618592
t.Parallel()
619593
client := coderdtest.New(t, &coderdtest.Options{IncludeProvisionerDaemon: true})

enterprise/coderd/workspaces_test.go

Lines changed: 38 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -44,6 +44,44 @@ func agplUserQuietHoursScheduleStore() *atomic.Pointer[agplschedule.UserQuietHou
4444
func TestCreateWorkspace(t *testing.T) {
4545
t.Parallel()
4646

47+
t.Run("NoTemplateAccess", func(t *testing.T) {
48+
t.Parallel()
49+
50+
dv := coderdtest.DeploymentValues(t)
51+
dv.Experiments = []string{string(codersdk.ExperimentMultiOrganization)}
52+
client, first := coderdenttest.New(t, &coderdenttest.Options{
53+
Options: &coderdtest.Options{
54+
DeploymentValues: dv,
55+
},
56+
LicenseOptions: &coderdenttest.LicenseOptions{
57+
Features: license.Features{
58+
codersdk.FeatureTemplateRBAC: 1,
59+
codersdk.FeatureMultipleOrganizations: 1,
60+
},
61+
}})
62+
63+
other, _ := coderdtest.CreateAnotherUser(t, client, first.OrganizationID, rbac.RoleMember(), rbac.RoleOwner())
64+
65+
ctx, cancel := context.WithTimeout(context.Background(), testutil.WaitLong)
66+
defer cancel()
67+
68+
org, err := other.CreateOrganization(ctx, codersdk.CreateOrganizationRequest{
69+
Name: "another",
70+
})
71+
require.NoError(t, err)
72+
version := coderdtest.CreateTemplateVersion(t, other, org.ID, nil)
73+
template := coderdtest.CreateTemplate(t, other, org.ID, version.ID)
74+
75+
_, err = client.CreateWorkspace(ctx, first.OrganizationID, codersdk.Me, codersdk.CreateWorkspaceRequest{
76+
TemplateID: template.ID,
77+
Name: "workspace",
78+
})
79+
require.Error(t, err)
80+
var apiErr *codersdk.Error
81+
require.ErrorAs(t, err, &apiErr)
82+
require.Equal(t, http.StatusForbidden, apiErr.StatusCode())
83+
})
84+
4785
// Test that a user cannot indirectly access
4886
// a template they do not have access to.
4987
t.Run("Unauthorized", func(t *testing.T) {

0 commit comments

Comments
 (0)