agola/internal/services/gateway/action/org.go

// Copyright 2019 Sorint.lab
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//     http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied
// See the License for the specific language governing permissions and
// limitations under the License.

package action

import (
	"context"

	"agola.io/agola/internal/services/types"
	"agola.io/agola/internal/util"

	errors "golang.org/x/xerrors"
)

func (h *ActionHandler) GetOrg(ctx context.Context, orgRef string) (*types.Organization, error) {
	org, resp, err := h.configstoreClient.GetOrg(ctx, orgRef)
	if err != nil {
		return nil, ErrFromRemote(resp, err)
	}
	return org, nil
}

type GetOrgsRequest struct {
	Start string
	Limit int
	Asc   bool
}

func (h *ActionHandler) GetOrgs(ctx context.Context, req *GetOrgsRequest) ([]*types.Organization, error) {
	orgs, resp, err := h.configstoreClient.GetOrgs(ctx, req.Start, req.Limit, req.Asc)
	if err != nil {
		return nil, ErrFromRemote(resp, err)
	}
	return orgs, nil
}

type OrgMembersResponse struct {
	Organization *types.Organization
	Members      []*OrgMemberResponse
}

type OrgMemberResponse struct {
	User *types.User
	Role types.MemberRole
}

func (h *ActionHandler) GetOrgMembers(ctx context.Context, orgRef string) (*OrgMembersResponse, error) {
	org, resp, err := h.configstoreClient.GetOrg(ctx, orgRef)
	if err != nil {
		return nil, ErrFromRemote(resp, err)
	}

	orgMembers, resp, err := h.configstoreClient.GetOrgMembers(ctx, orgRef)
	if err != nil {
		return nil, ErrFromRemote(resp, err)
	}

	res := &OrgMembersResponse{
		Organization: org,
		Members:      make([]*OrgMemberResponse, len(orgMembers)),
	}
	for i, orgMember := range orgMembers {
		res.Members[i] = &OrgMemberResponse{
			User: orgMember.User,
			Role: orgMember.Role,
		}
	}
	return res, nil
}

type CreateOrgRequest struct {
	Name       string
	Visibility types.Visibility

	CreatorUserID string
}

func (h *ActionHandler) CreateOrg(ctx context.Context, req *CreateOrgRequest) (*types.Organization, error) {
	if !h.IsUserLoggedOrAdmin(ctx) {
		return nil, errors.Errorf("user not logged in")
	}

	if req.Name == "" {
		return nil, util.NewErrBadRequest(errors.Errorf("organization name required"))
	}
	if !util.ValidateName(req.Name) {
		return nil, util.NewErrBadRequest(errors.Errorf("invalid organization name %q", req.Name))
	}

	org := &types.Organization{
		Name:       req.Name,
		Visibility: req.Visibility,
	}
	if req.CreatorUserID != "" {
		org.CreatorUserID = req.CreatorUserID
	}

	h.log.Infof("creating organization")
	org, resp, err := h.configstoreClient.CreateOrg(ctx, org)
	if err != nil {
		return nil, errors.Errorf("failed to create organization: %w", ErrFromRemote(resp, err))
	}
	h.log.Infof("organization %s created, ID: %s", org.Name, org.ID)

	return org, nil
}

func (h *ActionHandler) DeleteOrg(ctx context.Context, orgRef string) error {
	org, resp, err := h.configstoreClient.GetOrg(ctx, orgRef)
	if err != nil {
		return ErrFromRemote(resp, err)
	}

	isOrgOwner, err := h.IsOrgOwner(ctx, org.ID)
	if err != nil {
		return errors.Errorf("failed to determine ownership: %w", err)
	}
	if !isOrgOwner {
		return util.NewErrForbidden(errors.Errorf("user not authorized"))
	}

	resp, err = h.configstoreClient.DeleteOrg(ctx, orgRef)
	if err != nil {
		return errors.Errorf("failed to delete org: %w", ErrFromRemote(resp, err))
	}
	return nil
}

type AddOrgMemberResponse struct {
	OrganizationMember *types.OrganizationMember
	Org                *types.Organization
	User               *types.User
}

func (h *ActionHandler) AddOrgMember(ctx context.Context, orgRef, userRef string, role types.MemberRole) (*AddOrgMemberResponse, error) {
	org, resp, err := h.configstoreClient.GetOrg(ctx, orgRef)
	if err != nil {
		return nil, ErrFromRemote(resp, err)
	}
	user, resp, err := h.configstoreClient.GetUser(ctx, userRef)
	if err != nil {
		return nil, ErrFromRemote(resp, err)
	}

	isOrgOwner, err := h.IsOrgOwner(ctx, org.ID)
	if err != nil {
		return nil, errors.Errorf("failed to determine ownership: %w", err)
	}
	if !isOrgOwner {
		return nil, util.NewErrForbidden(errors.Errorf("user not authorized"))
	}

	orgmember, resp, err := h.configstoreClient.AddOrgMember(ctx, orgRef, userRef, role)
	if err != nil {
		return nil, errors.Errorf("failed to add/update organization member: %w", ErrFromRemote(resp, err))
	}

	return &AddOrgMemberResponse{
		OrganizationMember: orgmember,
		Org:                org,
		User:               user,
	}, nil
}

func (h *ActionHandler) RemoveOrgMember(ctx context.Context, orgRef, userRef string) error {
	org, resp, err := h.configstoreClient.GetOrg(ctx, orgRef)
	if err != nil {
		return ErrFromRemote(resp, err)
	}

	isOrgOwner, err := h.IsOrgOwner(ctx, org.ID)
	if err != nil {
		return errors.Errorf("failed to determine ownership: %w", err)
	}
	if !isOrgOwner {
		return util.NewErrForbidden(errors.Errorf("user not authorized"))
	}

	resp, err = h.configstoreClient.RemoveOrgMember(ctx, orgRef, userRef)
	if err != nil {
		return errors.Errorf("failed to remove organization member: %w", ErrFromRemote(resp, err))
	}

	return nil
}
gateway api: improve response handling * Always return a json message also on error. For internal errors return a generic "internal server error" message to not leak the real internal error to clients * Return 201 Created on resource creation * Return 204 No Content on resource deletion and other action with no json output 2019-04-08 09:35:45 +00:00			`// Copyright 2019 Sorint.lab`
			`//`
			`// Licensed under the Apache License, Version 2.0 (the "License");`
			`// you may not use this file except in compliance with the License.`
			`// You may obtain a copy of the License at`
			`//`
			`// http://www.apache.org/licenses/LICENSE-2.0`
			`//`
			`// Unless required by applicable law or agreed to in writing, software`
			`// distributed under the License is distributed on an "AS IS" BASIS,`
			`// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied`
			`// See the License for the specific language governing permissions and`
			`// limitations under the License.`

gateway: rename command(handler) to action(handler) Since we're going to migrate all actions (also queries that now are implemented in the api handlers) there 2019-05-03 21:48:49 +00:00			`package action`
gateway api: improve response handling * Always return a json message also on error. For internal errors return a generic "internal server error" message to not leak the real internal error to clients * Return 201 Created on resource creation * Return 204 No Content on resource deletion and other action with no json output 2019-04-08 09:35:45 +00:00
			`import (`
			`"context"`

*: use vanity url use agola.io domain 2019-07-01 09:40:20 +00:00			`"agola.io/agola/internal/services/types"`
			`"agola.io/agola/internal/util"`
gateway api: improve response handling * Always return a json message also on error. For internal errors return a generic "internal server error" message to not leak the real internal error to clients * Return 201 Created on resource creation * Return 204 No Content on resource deletion and other action with no json output 2019-04-08 09:35:45 +00:00
*: migrate to "golang.org/x/xerrors" Just a raw replace of "github.com/pkg/errors". Next steps will improve errors (like remote errors, api errors, not exist errors etc...) to leverage its functionalities 2019-05-23 09:23:14 +00:00			`errors "golang.org/x/xerrors"`
gateway api: improve response handling * Always return a json message also on error. For internal errors return a generic "internal server error" message to not leak the real internal error to clients * Return 201 Created on resource creation * Return 204 No Content on resource deletion and other action with no json output 2019-04-08 09:35:45 +00:00			`)`

gateway: move remaining org logic from api to actions 2019-05-05 12:36:14 +00:00			`func (h ActionHandler) GetOrg(ctx context.Context, orgRef string) (types.Organization, error) {`
			`org, resp, err := h.configstoreClient.GetOrg(ctx, orgRef)`
			`if err != nil {`
			`return nil, ErrFromRemote(resp, err)`
			`}`
			`return org, nil`
			`}`

			`type GetOrgsRequest struct {`
			`Start string`
			`Limit int`
			`Asc bool`
			`}`

			`func (h ActionHandler) GetOrgs(ctx context.Context, req GetOrgsRequest) ([]*types.Organization, error) {`
			`orgs, resp, err := h.configstoreClient.GetOrgs(ctx, req.Start, req.Limit, req.Asc)`
			`if err != nil {`
			`return nil, ErrFromRemote(resp, err)`
			`}`
			`return orgs, nil`
			`}`

gateway: add get org members api/action 2019-05-14 10:58:29 +00:00			`type OrgMembersResponse struct {`
			`Organization *types.Organization`
			`Members []*OrgMemberResponse`
			`}`

			`type OrgMemberResponse struct {`
			`User *types.User`
			`Role types.MemberRole`
			`}`

			`func (h ActionHandler) GetOrgMembers(ctx context.Context, orgRef string) (OrgMembersResponse, error) {`
			`org, resp, err := h.configstoreClient.GetOrg(ctx, orgRef)`
			`if err != nil {`
			`return nil, ErrFromRemote(resp, err)`
			`}`

			`orgMembers, resp, err := h.configstoreClient.GetOrgMembers(ctx, orgRef)`
			`if err != nil {`
			`return nil, ErrFromRemote(resp, err)`
			`}`

			`res := &OrgMembersResponse{`
			`Organization: org,`
			`Members: make([]*OrgMemberResponse, len(orgMembers)),`
			`}`
			`for i, orgMember := range orgMembers {`
			`res.Members[i] = &OrgMemberResponse{`
			`User: orgMember.User,`
			`Role: orgMember.Role,`
			`}`
			`}`
			`return res, nil`
			`}`

gateway api: improve response handling * Always return a json message also on error. For internal errors return a generic "internal server error" message to not leak the real internal error to clients * Return 201 Created on resource creation * Return 204 No Content on resource deletion and other action with no json output 2019-04-08 09:35:45 +00:00			`type CreateOrgRequest struct {`
*: add organizations visibility 2019-05-14 08:56:17 +00:00			`Name string`
			`Visibility types.Visibility`
*: add creatorUserID and cretedAt to organization 2019-05-03 12:24:18 +00:00
			`CreatorUserID string`
gateway api: improve response handling * Always return a json message also on error. For internal errors return a generic "internal server error" message to not leak the real internal error to clients * Return 201 Created on resource creation * Return 204 No Content on resource deletion and other action with no json output 2019-04-08 09:35:45 +00:00			`}`

gateway: rename command(handler) to action(handler) Since we're going to migrate all actions (also queries that now are implemented in the api handlers) there 2019-05-03 21:48:49 +00:00			`func (h ActionHandler) CreateOrg(ctx context.Context, req CreateOrgRequest) (*types.Organization, error) {`
gateway: initial authorization 2019-05-03 21:19:23 +00:00			`if !h.IsUserLoggedOrAdmin(ctx) {`
			`return nil, errors.Errorf("user not logged in")`
			`}`

gateway api: improve response handling * Always return a json message also on error. For internal errors return a generic "internal server error" message to not leak the real internal error to clients * Return 201 Created on resource creation * Return 204 No Content on resource deletion and other action with no json output 2019-04-08 09:35:45 +00:00			`if req.Name == "" {`
			`return nil, util.NewErrBadRequest(errors.Errorf("organization name required"))`
			`}`
			`if !util.ValidateName(req.Name) {`
gateway/command: use ErrBadRequest when needed 2019-04-08 10:08:31 +00:00			`return nil, util.NewErrBadRequest(errors.Errorf("invalid organization name %q", req.Name))`
gateway api: improve response handling * Always return a json message also on error. For internal errors return a generic "internal server error" message to not leak the real internal error to clients * Return 201 Created on resource creation * Return 204 No Content on resource deletion and other action with no json output 2019-04-08 09:35:45 +00:00			`}`

			`org := &types.Organization{`
*: add organizations visibility 2019-05-14 08:56:17 +00:00			`Name: req.Name,`
			`Visibility: req.Visibility,`
gateway api: improve response handling * Always return a json message also on error. For internal errors return a generic "internal server error" message to not leak the real internal error to clients * Return 201 Created on resource creation * Return 204 No Content on resource deletion and other action with no json output 2019-04-08 09:35:45 +00:00			`}`
*: add creatorUserID and cretedAt to organization 2019-05-03 12:24:18 +00:00			`if req.CreatorUserID != "" {`
			`org.CreatorUserID = req.CreatorUserID`
			`}`
gateway api: improve response handling * Always return a json message also on error. For internal errors return a generic "internal server error" message to not leak the real internal error to clients * Return 201 Created on resource creation * Return 204 No Content on resource deletion and other action with no json output 2019-04-08 09:35:45 +00:00
gateway: rename command(handler) to action(handler) Since we're going to migrate all actions (also queries that now are implemented in the api handlers) there 2019-05-03 21:48:49 +00:00			`h.log.Infof("creating organization")`
			`org, resp, err := h.configstoreClient.CreateOrg(ctx, org)`
gateway api: improve response handling * Always return a json message also on error. For internal errors return a generic "internal server error" message to not leak the real internal error to clients * Return 201 Created on resource creation * Return 204 No Content on resource deletion and other action with no json output 2019-04-08 09:35:45 +00:00			`if err != nil {`
gateway: improve ErrFromRemote handling Don't create an ErrFromRemote wrapping the returned error but wrap the ErrFromRemote Also use xerrors Is/As to get the underlying error to return to api clients while maintaining context for logging 2019-05-23 10:59:11 +00:00			`return nil, errors.Errorf("failed to create organization: %w", ErrFromRemote(resp, err))`
gateway api: improve response handling * Always return a json message also on error. For internal errors return a generic "internal server error" message to not leak the real internal error to clients * Return 201 Created on resource creation * Return 204 No Content on resource deletion and other action with no json output 2019-04-08 09:35:45 +00:00			`}`
gateway: rename command(handler) to action(handler) Since we're going to migrate all actions (also queries that now are implemented in the api handlers) there 2019-05-03 21:48:49 +00:00			`h.log.Infof("organization %s created, ID: %s", org.Name, org.ID)`
gateway api: improve response handling * Always return a json message also on error. For internal errors return a generic "internal server error" message to not leak the real internal error to clients * Return 201 Created on resource creation * Return 204 No Content on resource deletion and other action with no json output 2019-04-08 09:35:45 +00:00
			`return org, nil`
			`}`
gateway: move remaining org logic from api to actions 2019-05-05 12:36:14 +00:00
			`func (h *ActionHandler) DeleteOrg(ctx context.Context, orgRef string) error {`
gateway: initial authorization 2019-05-03 21:19:23 +00:00			`org, resp, err := h.configstoreClient.GetOrg(ctx, orgRef)`
			`if err != nil {`
			`return ErrFromRemote(resp, err)`
			`}`

			`isOrgOwner, err := h.IsOrgOwner(ctx, org.ID)`
			`if err != nil {`
*: migrate to "golang.org/x/xerrors" Just a raw replace of "github.com/pkg/errors". Next steps will improve errors (like remote errors, api errors, not exist errors etc...) to leverage its functionalities 2019-05-23 09:23:14 +00:00			`return errors.Errorf("failed to determine ownership: %w", err)`
gateway: initial authorization 2019-05-03 21:19:23 +00:00			`}`
			`if !isOrgOwner {`
			`return util.NewErrForbidden(errors.Errorf("user not authorized"))`
			`}`

			`resp, err = h.configstoreClient.DeleteOrg(ctx, orgRef)`
gateway: move remaining org logic from api to actions 2019-05-05 12:36:14 +00:00			`if err != nil {`
gateway: improve ErrFromRemote handling Don't create an ErrFromRemote wrapping the returned error but wrap the ErrFromRemote Also use xerrors Is/As to get the underlying error to return to api clients while maintaining context for logging 2019-05-23 10:59:11 +00:00			`return errors.Errorf("failed to delete org: %w", ErrFromRemote(resp, err))`
gateway: move remaining org logic from api to actions 2019-05-05 12:36:14 +00:00			`}`
			`return nil`
			`}`
*: implement add/update org member 2019-05-09 14:47:22 +00:00
			`type AddOrgMemberResponse struct {`
			`OrganizationMember *types.OrganizationMember`
			`Org *types.Organization`
			`User *types.User`
			`}`

			`func (h ActionHandler) AddOrgMember(ctx context.Context, orgRef, userRef string, role types.MemberRole) (AddOrgMemberResponse, error) {`
			`org, resp, err := h.configstoreClient.GetOrg(ctx, orgRef)`
			`if err != nil {`
			`return nil, ErrFromRemote(resp, err)`
			`}`
			`user, resp, err := h.configstoreClient.GetUser(ctx, userRef)`
			`if err != nil {`
			`return nil, ErrFromRemote(resp, err)`
			`}`

			`isOrgOwner, err := h.IsOrgOwner(ctx, org.ID)`
			`if err != nil {`
*: migrate to "golang.org/x/xerrors" Just a raw replace of "github.com/pkg/errors". Next steps will improve errors (like remote errors, api errors, not exist errors etc...) to leverage its functionalities 2019-05-23 09:23:14 +00:00			`return nil, errors.Errorf("failed to determine ownership: %w", err)`
*: implement add/update org member 2019-05-09 14:47:22 +00:00			`}`
			`if !isOrgOwner {`
			`return nil, util.NewErrForbidden(errors.Errorf("user not authorized"))`
			`}`

			`orgmember, resp, err := h.configstoreClient.AddOrgMember(ctx, orgRef, userRef, role)`
			`if err != nil {`
gateway: improve ErrFromRemote handling Don't create an ErrFromRemote wrapping the returned error but wrap the ErrFromRemote Also use xerrors Is/As to get the underlying error to return to api clients while maintaining context for logging 2019-05-23 10:59:11 +00:00			`return nil, errors.Errorf("failed to add/update organization member: %w", ErrFromRemote(resp, err))`
*: implement add/update org member 2019-05-09 14:47:22 +00:00			`}`

			`return &AddOrgMemberResponse{`
			`OrganizationMember: orgmember,`
			`Org: org,`
			`User: user,`
			`}, nil`
			`}`
*: implement delete organization member 2019-05-09 15:05:13 +00:00
*: rename deleteOrgMember to removeOrgMember 2019-05-14 09:20:09 +00:00			`func (h *ActionHandler) RemoveOrgMember(ctx context.Context, orgRef, userRef string) error {`
*: implement delete organization member 2019-05-09 15:05:13 +00:00			`org, resp, err := h.configstoreClient.GetOrg(ctx, orgRef)`
			`if err != nil {`
			`return ErrFromRemote(resp, err)`
			`}`

			`isOrgOwner, err := h.IsOrgOwner(ctx, org.ID)`
			`if err != nil {`
*: migrate to "golang.org/x/xerrors" Just a raw replace of "github.com/pkg/errors". Next steps will improve errors (like remote errors, api errors, not exist errors etc...) to leverage its functionalities 2019-05-23 09:23:14 +00:00			`return errors.Errorf("failed to determine ownership: %w", err)`
*: implement delete organization member 2019-05-09 15:05:13 +00:00			`}`
			`if !isOrgOwner {`
			`return util.NewErrForbidden(errors.Errorf("user not authorized"))`
			`}`

*: rename deleteOrgMember to removeOrgMember 2019-05-14 09:20:09 +00:00			`resp, err = h.configstoreClient.RemoveOrgMember(ctx, orgRef, userRef)`
*: implement delete organization member 2019-05-09 15:05:13 +00:00			`if err != nil {`
gateway: improve ErrFromRemote handling Don't create an ErrFromRemote wrapping the returned error but wrap the ErrFromRemote Also use xerrors Is/As to get the underlying error to return to api clients while maintaining context for logging 2019-05-23 10:59:11 +00:00			`return errors.Errorf("failed to remove organization member: %w", ErrFromRemote(resp, err))`
*: implement delete organization member 2019-05-09 15:05:13 +00:00			`}`

			`return nil`
			`}`