diff --git a/src/routes/groups.js b/src/routes/groups.js new file mode 100644 index 000000000..36af9be8f --- /dev/null +++ b/src/routes/groups.js @@ -0,0 +1,65 @@ +/* jslint node:true */ + +'use strict'; + +exports = module.exports = { + get: get, + list: list, + create: create, + remove: remove +}; + +var assert = require('assert'), + groups = require('../groups.js'), + HttpError = require('connect-lastmile').HttpError, + HttpSuccess = require('connect-lastmile').HttpSuccess, + groups = require('../groups.js'), + GroupError = groups.GroupError; + +function create(req, res, next) { + assert.strictEqual(typeof req.body, 'object'); + + if (typeof req.body.name !== 'string') return next(new HttpError(400, 'name must be string')); + + groups.create(req.body.name, function (error, group) { + if (error && error.reason === GroupError.BAD_NAME) return next(new HttpError(400, error.message)); + if (error && error.reason === GroupError.ALREADY_EXISTS) return next(new HttpError(409, 'Already exists')); + if (error) return next(new HttpError(500, error)); + + var groupInfo = { + id: group.id, + name: group.name + }; + + next(new HttpSuccess(201, groupInfo)); + }); +} + +function get(req, res, next) { + assert.strictEqual(typeof req.params.groupId, 'string'); + + groups.get(req.params.groupId, function (error, result) { + if (error && error.reason === GroupError.NOT_FOUND) return next(new HttpError(404, 'No such group')); + if (error) return next(new HttpError(500, error)); + + next(new HttpSuccess(200, result)); + }); +} + +function list(req, res, next) { + groups.list(function (error, result) { + if (error) return next(new HttpError(500, error)); + next(new HttpSuccess(200, { groups: result })); + }); +} + +function remove(req, res, next) { + assert.strictEqual(typeof req.params.groupId, 'string'); + + groups.remove(req.params.groupId, function (error) { + if (error && error.reason === GroupError.NOT_FOUND) return next(new HttpError(404, 'Group not found')); + if (error) return next(new HttpError(500, error)); + + next(new HttpSuccess(204)); + }); +} diff --git a/src/routes/index.js b/src/routes/index.js index 19165cca8..537689488 100644 --- a/src/routes/index.js +++ b/src/routes/index.js @@ -2,14 +2,14 @@ exports = module.exports = { apps: require('./apps.js'), + backups: require('./backups.js'), + clients: require('./clients.js'), cloudron: require('./cloudron.js'), developer: require('./developer.js'), graphs: require('./graphs.js'), + groups: require('./groups.js'), + internal: require('./internal.js'), oauth2: require('./oauth2.js'), settings: require('./settings.js'), - clients: require('./clients.js'), - backups: require('./backups.js'), - internal: require('./internal.js'), user: require('./user.js') }; - diff --git a/src/server.js b/src/server.js index 9fddcd8ad..9ef9a5500 100644 --- a/src/server.js +++ b/src/server.js @@ -109,6 +109,12 @@ function initializeExpressSync() { router.post('/api/v1/users/:userId/admin', usersScope, routes.user.requireAdmin, routes.user.changeAdmin); router.post('/api/v1/users/:userId/invite', usersScope, routes.user.requireAdmin, routes.user.sendInvite); + // Group management + router.get ('/api/v1/groups', usersScope, routes.groups.list); + router.post('/api/v1/groups', usersScope, routes.user.requireAdmin, routes.groups.create); + router.get ('/api/v1/groups/:groupId', usersScope, routes.groups.get); + router.del ('/api/v1/groups/:groupId', usersScope, routes.user.requireAdmin, routes.user.verifyPassword, routes.groups.remove); + // form based login routes used by oauth2 frame router.get ('/api/v1/session/login', csrf, routes.oauth2.loginForm); router.post('/api/v1/session/login', csrf, routes.oauth2.login);