Initial organizations functionality: Creating orgs and inviting users

src/api/core/accounts.rs

@@ -60,8 +60,18 @@ fn register(data: Json<RegisterData>, conn: DbConn) -> EmptyResult {
 }
 
 #[get("/accounts/profile")]
-fn profile(headers: Headers) -> JsonResult {
-    Ok(Json(headers.user.to_json()))
+fn profile(headers: Headers, conn: DbConn) -> JsonResult {
+    Ok(Json(headers.user.to_json(&conn)))
+}
+
+#[get("/users/<uuid>/public-key")]
+fn get_public_keys(uuid: String, headers: Headers, conn: DbConn) -> JsonResult {
+    let user = match User::find_by_uuid(&uuid, &conn) {
+        Some(user) => user,
+        None => err!("User doesn't exist")
+    };
+
+    Ok(Json(json!(user.public_key)))
 }
 
 #[post("/accounts/keys", data = "<data>")]
@@ -75,7 +85,7 @@ fn post_keys(data: Json<KeysData>, headers: Headers, conn: DbConn) -> JsonResult
 
     user.save(&conn);
 
-    Ok(Json(user.to_json()))
+    Ok(Json(user.to_json(&conn)))
 }
 
 #[derive(Deserialize)]

src/api/core/ciphers.rs

@@ -23,7 +23,7 @@ use CONFIG;
 
 #[get("/sync")]
 fn sync(headers: Headers, conn: DbConn) -> JsonResult {
-    let user_json = headers.user.to_json();
+    let user_json = headers.user.to_json(&conn);
 
     let folders = Folder::find_by_user(&headers.user.uuid, &conn);
     let folders_json: Vec<Value> = folders.iter().map(|c| c.to_json()).collect();
@@ -112,7 +112,7 @@ fn post_ciphers(data: Json<CipherData>, headers: Headers, conn: DbConn) -> JsonR
     Ok(Json(cipher.to_json(&headers.host, &conn)))
 }
 
-fn update_cipher_from_data(cipher: &mut Cipher, data: CipherData, headers: &Headers, conn: &DbConn) -> EmptyResult {  
+fn update_cipher_from_data(cipher: &mut Cipher, data: CipherData, headers: &Headers, conn: &DbConn) -> EmptyResult {
     if let Some(ref folder_id) = data.folderId {
         match Folder::find_by_uuid(folder_id, conn) {
             Some(folder) => {
@@ -188,7 +188,6 @@ fn copy_values(from: &Value, to: &mut Value) {
         for (key, val) in map {
             copy_values(val, &mut to[util::upcase_first(key)]);
         }
-
     } else if let Some(array) = from.as_array() {
         // Initialize array with null values
         *to = json!(vec![Value::Null; array.len()]);
@@ -196,7 +195,6 @@ fn copy_values(from: &Value, to: &mut Value) {
         for (index, val) in array.iter().enumerate() {
             copy_values(val, &mut to[index]);
         }
-     
     } else {
         *to = from.clone();
     }
@@ -375,7 +373,7 @@ fn delete_cipher_selected(data: Json<Value>, headers: Headers, conn: DbConn) ->
 
     let uuids = match data.get("ids") {
         Some(ids) => match ids.as_array() {
-            Some(ids) => ids.iter().filter_map(|uuid| {uuid.as_str()}),
+            Some(ids) => ids.iter().filter_map(|uuid| { uuid.as_str() }),
             None => err!("Posted ids field is not an array")
         },
         None => err!("Request missing ids field")
@@ -405,16 +403,16 @@ fn move_cipher_selected(data: Json<Value>, headers: Headers, conn: DbConn) -> Em
                         }
                         None => err!("Folder doesn't exist")
                     }
-                },
+                }
                 None => err!("Folder id provided in wrong format")
             }
-        },
+        }
         None => None
     };
 
     let uuids = match data.get("ids") {
         Some(ids) => match ids.as_array() {
-            Some(ids) => ids.iter().filter_map(|uuid| {uuid.as_str()}),
+            Some(ids) => ids.iter().filter_map(|uuid| { uuid.as_str() }),
             None => err!("Posted ids field is not an array")
         },
         None => err!("Request missing ids field")

src/api/core/mod.rs

@@ -14,6 +14,7 @@ pub fn routes() -> Vec<Route> {
     routes![
         register,
         profile,
+        get_public_keys,
         post_keys,
         post_password,
         post_sstamp,
@@ -53,7 +54,15 @@ pub fn routes() -> Vec<Route> {
         activate_authenticator,
         disable_authenticator,
 
+        create_organization,
         get_user_collections,
+        get_org_collections,
+        get_org_details,
+        get_org_users,
+        get_collection_users,
+        send_invite,
+        confirm_invite,
+        delete_user,
 
         clear_device_token,
         put_device_token,

src/api/core/organizations.rs

@@ -8,22 +8,34 @@ use db::models::*;
 use api::{JsonResult, EmptyResult};
 use auth::Headers;
 
+
+#[derive(Deserialize)]
+#[allow(non_snake_case)]
+struct OrgData {
+    billingEmail: String,
+    collectionName: String,
+    key: String,
+    name: String,
+    planType: String,
+}
+
 #[post("/organizations", data = "<data>")]
-fn create_organization(headers: Headers, data: Json<Value>, conn: DbConn) -> JsonResult {
-    /*
-    Data is a JSON Object with the following entries
-        billingEmail	<email>
-        collectionName	<encrypted_collection_name>
-        key	            <key>
-        name	        <unencrypted_name>
-        planType	    free
-    */
+fn create_organization(headers: Headers, data: Json<OrgData>, conn: DbConn) -> JsonResult {
+    let data: OrgData = data.into_inner();
 
-    // We need to add the following key to the users jwt claims
-    // orgowner: "<org-id>"
+    let mut org = Organization::new(data.name, data.billingEmail);
+    let mut user_org = UserOrganization::new(
+        headers.user.uuid, org.uuid.clone());
 
-    // This function returns organization.to_json();
-    err!("Not implemented")
+    user_org.key = data.key;
+    user_org.access_all = true;
+    user_org.type_ = UserOrgType::Owner as i32;
+    user_org.status = UserOrgStatus::Confirmed as i32;
+
+    org.save(&conn);
+    user_org.save(&conn);
+
+    Ok(Json(org.to_json()))
 }
 
 
@@ -50,6 +62,35 @@ fn get_org_collections(org_id: String, headers: Headers, conn: DbConn) -> JsonRe
     })))
 }
 
+#[derive(FromForm)]
+#[allow(non_snake_case)]
+struct OrgIdData {
+    organizationId: String
+}
+
+#[get("/ciphers/organization-details?<data>")]
+fn get_org_details(data: OrgIdData, headers: Headers, conn: DbConn) -> JsonResult {
+
+    // Get list of ciphers in org?
+
+    Ok(Json(json!({
+        "Data": [],
+        "Object": "list"
+    })))
+}
+
+#[get("/organizations/<org_id>/users")]
+fn get_org_users(org_id: String, headers: Headers, conn: DbConn) -> JsonResult {
+    // TODO Check if user in org
+
+    let users = UserOrganization::find_by_org(&org_id, &conn);
+    let users_json: Vec<Value> = users.iter().map(|c| c.to_json_details(&conn)).collect();
+
+    Ok(Json(json!({
+        "Data": users_json,
+        "Object": "list"
+    })))
+}
 
 #[get("/organizations/<org_id>/collections/<coll_id>/users")]
 fn get_collection_users(org_id: String, coll_id: String, headers: Headers, conn: DbConn) -> JsonResult {
@@ -78,10 +119,94 @@ fn get_collection_users(org_id: String, coll_id: String, headers: Headers, conn:
     })))
 }
 
+#[derive(Deserialize)]
+#[allow(non_snake_case)]
+struct InviteCollectionData {
+    id: String,
+    readOnly: bool,
+}
 
-//********************************************************************************************
-/*
-    We need to modify 'GET /api/profile' to return the users organizations, instead of []
+#[derive(Deserialize)]
+#[allow(non_snake_case)]
+struct InviteData {
+    emails: Vec<String>,
+    #[serde(rename = "type")]
+    type_: String,
+    collections: Vec<InviteCollectionData>,
+    accessAll: bool,
 
-    The elements from that array come from organization.to_json_profile()
-*/
+}
+
+#[post("/organizations/<org_id>/users/invite", data = "<data>")]
+fn send_invite(org_id: String, data: Json<InviteData>, headers: Headers, conn: DbConn) -> EmptyResult {
+    let data: InviteData = data.into_inner();
+
+    // TODO Check that user is in org and admin or more
+
+    for user_opt in data.emails.iter().map(|email| User::find_by_mail(email, &conn)) {
+        match user_opt {
+            None => err!("User email does not exist"),
+            Some(user) => {
+                // TODO Check that user is not already in org
+
+                let mut user_org = UserOrganization::new(
+                    user.uuid, org_id.clone());
+
+                if data.accessAll {
+                    user_org.access_all = data.accessAll;
+                } else {
+                    err!("Select collections unimplemented")
+                    // TODO create Users_collections
+                }
+
+                user_org.type_ = match data.type_.as_ref() {
+                    "Owner" => UserOrgType::Owner,
+                    "Admin" => UserOrgType::Admin,
+                    "User" => UserOrgType::User,
+                    _ => err!("Invalid type")
+                } as i32;
+
+                user_org.save(&conn);
+            }
+        }
+    }
+
+    Ok(())
+}
+
+#[post("/organizations/<org_id>/users/<user_id>/confirm", data = "<data>")]
+fn confirm_invite(org_id: String, user_id: String, data: Json<Value>, headers: Headers, conn: DbConn) -> EmptyResult {
+    // TODO Check that user is in org and admin or more
+
+    let mut user_org = match UserOrganization::find_by_user_and_org(
+        &user_id, &org_id, &conn) {
+        Some(user_org) => user_org,
+        None => err!("Can't find user")
+    };
+
+    if user_org.status != UserOrgStatus::Accepted as i32 {
+        err!("User in invalid state")
+    }
+
+    user_org.status = UserOrgStatus::Confirmed as i32;
+    user_org.key = match data["key"].as_str() {
+        Some(key) => key.to_string(),
+        None => err!("Invalid key provided")
+    };
+
+    user_org.save(&conn);
+
+    Ok(())
+}
+
+#[post("/organizations/<org_id>/users/<user_id>/delete")]
+fn delete_user(org_id: String, user_id: String, headers: Headers, conn: DbConn) -> EmptyResult {
+    // TODO Check that user is in org and admin or more
+    // TODO To delete a user you need either:
+    //      - To be yourself
+    //      - To be of a superior type (ex. Owner can delete Admin and User, Admin can delete User)
+
+    // Delete users_organizations and users_collections from this org
+
+    unimplemented!();
+}