You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Add user-friendly composite scopes that expand to multiple low-level scopes at auth time, e.g., coder:workspaces.create, coder:workspaces.operate, coder:workspaces.access, coder:templates.build, coder:templates.author, coder:apikeys.manage_self.
De-duplicate overlaps during expansion.
Key files/areas
coderd/rbac/scopes.go (map coder:* names → list of low-level resource:action scope names).
Auth middleware to expand high-level strings before policy evaluation.
Acceptance criteria
Tests prove that each composite scope expands to the documented set in the RFC.
Composite + low-level combinations work and de-duplicate correctly.
Description
coder:workspaces.create,coder:workspaces.operate,coder:workspaces.access,coder:templates.build,coder:templates.author,coder:apikeys.manage_self.Key files/areas
coderd/rbac/scopes.go(mapcoder:*names → list of low-levelresource:actionscope names).Acceptance criteria