backend/remote: use the can-queue-apply permission
Previously we checked can-update in order to determine if a user had the required permissions to apply a run, but that wasn't sufficient. So we added a new permission, can-queue-apply, that we now use instead.
This commit is contained in:
parent
d5c6ebff3d
commit
58961026a2
|
@ -18,7 +18,9 @@ func (b *Remote) opApply(stopCtx, cancelCtx context.Context, op *backend.Operati
|
||||||
|
|
||||||
var diags tfdiags.Diagnostics
|
var diags tfdiags.Diagnostics
|
||||||
|
|
||||||
if !w.Permissions.CanUpdate {
|
// We should remove the `CanUpdate` part of this test, but for now
|
||||||
|
// (to remain compatible with tfe.v2.1) we'll leave it in here.
|
||||||
|
if !w.Permissions.CanUpdate && !w.Permissions.CanQueueApply {
|
||||||
diags = diags.Append(tfdiags.Sourceless(
|
diags = diags.Append(tfdiags.Sourceless(
|
||||||
tfdiags.Error,
|
tfdiags.Error,
|
||||||
"Insufficient rights to apply changes",
|
"Insufficient rights to apply changes",
|
||||||
|
|
|
@ -972,6 +972,15 @@ func (m *mockWorkspaces) Delete(ctx context.Context, organization, workspace str
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (m *mockWorkspaces) RemoveVCSConnection(ctx context.Context, organization, workspace string) (*tfe.Workspace, error) {
|
||||||
|
w, ok := m.workspaceNames[workspace]
|
||||||
|
if !ok {
|
||||||
|
return nil, tfe.ErrResourceNotFound
|
||||||
|
}
|
||||||
|
w.VCSRepo = nil
|
||||||
|
return w, nil
|
||||||
|
}
|
||||||
|
|
||||||
func (m *mockWorkspaces) Lock(ctx context.Context, workspaceID string, options tfe.WorkspaceLockOptions) (*tfe.Workspace, error) {
|
func (m *mockWorkspaces) Lock(ctx context.Context, workspaceID string, options tfe.WorkspaceLockOptions) (*tfe.Workspace, error) {
|
||||||
w, ok := m.workspaceIDs[workspaceID]
|
w, ok := m.workspaceIDs[workspaceID]
|
||||||
if !ok {
|
if !ok {
|
||||||
|
|
Loading…
Reference in New Issue