From fcf5eb9009561ef259581a9a7f86f0d4161b7f01 Mon Sep 17 00:00:00 2001
From: McKayla Washburn <mckayla@hey.com>
Date: Fri, 21 Mar 2025 21:29:26 +0000
Subject: [PATCH 1/4] chore: add additional `WorkspaceOwner` fields

---
 types/owner.go | 35 ++++++++++++++++++++++++++++++++++-
 1 file changed, 34 insertions(+), 1 deletion(-)

diff --git a/types/owner.go b/types/owner.go
index 9886a05..71b2d69 100644
--- a/types/owner.go
+++ b/types/owner.go
@@ -1,5 +1,38 @@
 package types
 
+import (
+	"github.com/google/uuid"
+)
+
+// Based on https://github.com/coder/terraform-provider-coder/blob/9a745586b23a9cb5de2f65a2dcac12e48b134ffa/provider/workspace_owner.go#L72
 type WorkspaceOwner struct {
-	Groups []string `json:"groups"`
+	ID              uuid.UUID                `json:"id"`
+	Name            string                   `json:"name"`
+	FullName        string                   `json:"full_name"`
+	Email           string                   `json:"email"`
+	SSHPublicKey    string                   `json:"ssh_public_key"`
+	SSHPrivateKey   string                   `json:"ssh_private_key" tfsdk:",sensitive"`
+	Groups          []string                 `json:"groups"`
+	SessionToken    string                   `json:"session_token"`
+	OIDCAccessToken string                   `json:"oidc_access_token"`
+	LoginType       string                   `json:"login_type"`
+	RBACRoles       []WorkspaceOwnerRBACRole `json:"rbac_roles"`
+}
+
+type WorkspaceOwnerRBACRole struct {
+	Name  string    `json:"name"`
+	OrgID uuid.UUID `json:"org_id"`
 }
+
+// terraform-provider-framework style
+// type UserResourceModel struct {
+// 	ID UUID `tfsdk:"id"`
+
+// 	Username  types.String `tfsdk:"username"`
+// 	Name      types.String `tfsdk:"name"`
+// 	Email     types.String `tfsdk:"email"`
+// 	Roles     types.Set    `tfsdk:"roles"`      // owner, template-admin, user-admin, auditor (member is implicit)
+// 	LoginType types.String `tfsdk:"login_type"` // none, password, github, oidc
+// 	Password  types.String `tfsdk:"password"`   // only when login_type is password
+// 	Suspended types.Bool   `tfsdk:"suspended"`
+// }

From b48b827544e6b234306b8b63fcd4ba99ccbc5b05 Mon Sep 17 00:00:00 2001
From: McKayla Washburn <mckayla@hey.com>
Date: Wed, 26 Mar 2025 17:58:54 +0000
Subject: [PATCH 2/4] do this for now

---
 types/owner.go | 13 -------------
 1 file changed, 13 deletions(-)

diff --git a/types/owner.go b/types/owner.go
index 71b2d69..070d17d 100644
--- a/types/owner.go
+++ b/types/owner.go
@@ -23,16 +23,3 @@ type WorkspaceOwnerRBACRole struct {
 	Name  string    `json:"name"`
 	OrgID uuid.UUID `json:"org_id"`
 }
-
-// terraform-provider-framework style
-// type UserResourceModel struct {
-// 	ID UUID `tfsdk:"id"`
-
-// 	Username  types.String `tfsdk:"username"`
-// 	Name      types.String `tfsdk:"name"`
-// 	Email     types.String `tfsdk:"email"`
-// 	Roles     types.Set    `tfsdk:"roles"`      // owner, template-admin, user-admin, auditor (member is implicit)
-// 	LoginType types.String `tfsdk:"login_type"` // none, password, github, oidc
-// 	Password  types.String `tfsdk:"password"`   // only when login_type is password
-// 	Suspended types.Bool   `tfsdk:"suspended"`
-// }

From 0bc3e1f9e3ce6116b6910987b342831636c2b212 Mon Sep 17 00:00:00 2001
From: McKayla Washburn <mckayla@hey.com>
Date: Wed, 26 Mar 2025 18:02:58 +0000
Subject: [PATCH 3/4] =?UTF-8?q?=F0=9F=A7=B9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 types/owner.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/types/owner.go b/types/owner.go
index 070d17d..b5654d2 100644
--- a/types/owner.go
+++ b/types/owner.go
@@ -11,7 +11,7 @@ type WorkspaceOwner struct {
 	FullName        string                   `json:"full_name"`
 	Email           string                   `json:"email"`
 	SSHPublicKey    string                   `json:"ssh_public_key"`
-	SSHPrivateKey   string                   `json:"ssh_private_key" tfsdk:",sensitive"`
+	SSHPrivateKey   string                   `json:"ssh_private_key"`
 	Groups          []string                 `json:"groups"`
 	SessionToken    string                   `json:"session_token"`
 	OIDCAccessToken string                   `json:"oidc_access_token"`

From 93aa0ac1057ae71d00c36958633cd84894cae3b6 Mon Sep 17 00:00:00 2001
From: McKayla Washburn <mckayla@hey.com>
Date: Wed, 26 Mar 2025 18:29:15 +0000
Subject: [PATCH 4/4] note about ssh_private_key

---
 types/owner.go | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/types/owner.go b/types/owner.go
index b5654d2..e546576 100644
--- a/types/owner.go
+++ b/types/owner.go
@@ -6,12 +6,14 @@ import (
 
 // Based on https://github.com/coder/terraform-provider-coder/blob/9a745586b23a9cb5de2f65a2dcac12e48b134ffa/provider/workspace_owner.go#L72
 type WorkspaceOwner struct {
-	ID              uuid.UUID                `json:"id"`
-	Name            string                   `json:"name"`
-	FullName        string                   `json:"full_name"`
-	Email           string                   `json:"email"`
-	SSHPublicKey    string                   `json:"ssh_public_key"`
-	SSHPrivateKey   string                   `json:"ssh_private_key"`
+	ID           uuid.UUID `json:"id"`
+	Name         string    `json:"name"`
+	FullName     string    `json:"full_name"`
+	Email        string    `json:"email"`
+	SSHPublicKey string    `json:"ssh_public_key"`
+	// SSHPrivateKey is intentionally omitted for now, due to the security risk
+	// that exposing it poses.
+	// SSHPrivateKey   string                   `json:"ssh_private_key"`
 	Groups          []string                 `json:"groups"`
 	SessionToken    string                   `json:"session_token"`
 	OIDCAccessToken string                   `json:"oidc_access_token"`