MCPcopy Index your code
hub / github.com/rilldata/rill / RequestProjectAccess

Method RequestProjectAccess

admin/server/projects.go:1549–1619  ·  view source on GitHub ↗
(ctx context.Context, req *adminv1.RequestProjectAccessRequest)

Source from the content-addressed store, hash-verified

1547}
1548
1549func (s *Server) RequestProjectAccess(ctx context.Context, req *adminv1.RequestProjectAccessRequest) (*adminv1.RequestProjectAccessResponse, error) {
1550 observability.AddRequestAttributes(ctx,
1551 attribute.String("args.org", req.Org),
1552 attribute.String("args.project", req.Project),
1553 )
1554
1555 proj, err := s.admin.DB.FindProjectByName(ctx, req.Org, req.Project)
1556 if err != nil {
1557 return nil, err
1558 }
1559
1560 claims := auth.GetClaims(ctx)
1561 projectPermissions := claims.ProjectPermissions(ctx, proj.OrganizationID, proj.ID)
1562 if (req.Role != database.ProjectRoleNameAdmin && projectPermissions.ReadProject) ||
1563 (req.Role == database.ProjectRoleNameAdmin && projectPermissions.ManageProject) {
1564 return nil, status.Error(codes.FailedPrecondition, "already have access to project")
1565 }
1566
1567 if claims.OwnerType() != auth.OwnerTypeUser {
1568 return nil, status.Error(codes.PermissionDenied, "only users can request access")
1569 }
1570
1571 user, err := s.admin.DB.FindUser(ctx, claims.OwnerID())
1572 if err != nil {
1573 return nil, err
1574 }
1575
1576 org, err := s.admin.DB.FindOrganization(ctx, proj.OrganizationID)
1577 if err != nil {
1578 return nil, err
1579 }
1580
1581 existing, err := s.admin.DB.FindProjectAccessRequest(ctx, proj.ID, user.ID)
1582 if err != nil && !errors.Is(err, database.ErrNotFound) {
1583 return nil, err
1584 }
1585 if existing != nil {
1586 return nil, status.Error(codes.AlreadyExists, "have already requested access to project")
1587 }
1588
1589 accessReq, err := s.admin.DB.InsertProjectAccessRequest(ctx, &database.InsertProjectAccessRequestOptions{
1590 UserID: user.ID,
1591 ProjectID: proj.ID,
1592 })
1593 if err != nil {
1594 return nil, err
1595 }
1596
1597 admins, err := s.admin.DB.FindOrganizationMembersWithManageUsersRole(ctx, proj.OrganizationID)
1598 if err != nil {
1599 return nil, err
1600 }
1601
1602 for _, u := range admins {
1603 err = s.admin.Email.SendProjectAccessRequest(&email.ProjectAccessRequest{
1604 ToEmail: u.Email,
1605 ToName: u.DisplayName,
1606 Email: user.Email,

Callers

nothing calls this directly

Calls 15

AddRequestAttributesFunction · 0.92
GetClaimsFunction · 0.92
WithCustomDomainMethod · 0.80
StringMethod · 0.65
FindProjectByNameMethod · 0.65
ProjectPermissionsMethod · 0.65
OwnerTypeMethod · 0.65
FindUserMethod · 0.65
OwnerIDMethod · 0.65
FindOrganizationMethod · 0.65

Tested by

no test coverage detected