(ctx context.Context, req *adminv1.GetVirtualFileRequest)
| 158 | } |
| 159 | |
| 160 | func (s *Server) GetVirtualFile(ctx context.Context, req *adminv1.GetVirtualFileRequest) (*adminv1.GetVirtualFileResponse, error) { |
| 161 | observability.AddRequestAttributes(ctx, |
| 162 | attribute.String("args.project_id", req.ProjectId), |
| 163 | attribute.String("args.path", req.Path), |
| 164 | ) |
| 165 | |
| 166 | proj, err := s.admin.DB.FindProject(ctx, req.ProjectId) |
| 167 | if err != nil { |
| 168 | return nil, err |
| 169 | } |
| 170 | |
| 171 | claims := auth.GetClaims(ctx) |
| 172 | permissions := claims.ProjectPermissions(ctx, proj.OrganizationID, proj.ID) |
| 173 | forceAccess := claims.Superuser(ctx) && req.SuperuserForceAccess |
| 174 | if !permissions.ReadProdStatus && !permissions.ReadDevStatus && !forceAccess { |
| 175 | return nil, status.Error(codes.PermissionDenied, "does not have permission to read project repo") |
| 176 | } |
| 177 | |
| 178 | environment := req.Environment |
| 179 | if environment == "" { |
| 180 | if claims.OwnerType() == auth.OwnerTypeDeployment { |
| 181 | depl, err := s.admin.DB.FindDeployment(ctx, claims.OwnerID()) |
| 182 | if err != nil { |
| 183 | return nil, err |
| 184 | } |
| 185 | environment = depl.Environment |
| 186 | } else { |
| 187 | environment = "prod" |
| 188 | } |
| 189 | } |
| 190 | |
| 191 | vf, err := s.admin.DB.FindVirtualFile(ctx, proj.ID, environment, req.Path) |
| 192 | if err != nil { |
| 193 | return nil, err |
| 194 | } |
| 195 | |
| 196 | return &adminv1.GetVirtualFileResponse{ |
| 197 | File: virtualFileToDTO(vf), |
| 198 | }, nil |
| 199 | } |
| 200 | |
| 201 | func (s *Server) DeleteVirtualFile(ctx context.Context, req *adminv1.DeleteVirtualFileRequest) (*adminv1.DeleteVirtualFileResponse, error) { |
| 202 | observability.AddRequestAttributes(ctx, |
nothing calls this directly
no test coverage detected