Force the user to set at least one access restriction group

Fixes #583

CHANGES

@@ -403,3 +403,11 @@
 [0.8.0]
 - MySQL addon : multiple database support
 
+[0.8.1]
+- Set Host HTTP header when querying healthCheckPath
+- Show application Changelog in app update emails
+
+[0.9.0]
+- Fix bug in multdb mysql addon backup
+- Add initial user group support
+- Improved app memory limit handling

gulpfile.js

@@ -10,7 +10,7 @@ var ejs = require('gulp-ejs'),
     serve = require('gulp-serve'),
     sass = require('gulp-sass'),
     sourcemaps = require('gulp-sourcemaps'),
-    minifyCSS = require('gulp-minify-css'),
+    cssnano = require('gulp-cssnano'),
     autoprefixer = require('gulp-autoprefixer'),
     argv = require('yargs').argv;
 
@@ -119,7 +119,7 @@ gulp.task('css', function () {
         .pipe(sourcemaps.init())
         .pipe(sass({ includePaths: ['node_modules/bootstrap-sass/assets/stylesheets/'] }).on('error', sass.logError))
         .pipe(autoprefixer())
-        .pipe(minifyCSS())
+        .pipe(cssnano())
         .pipe(sourcemaps.write())
         .pipe(gulp.dest('webadmin/dist'))
         .pipe(gulp.dest('setup/splash/website'));

installer/src/scripts/installer.sh

@@ -7,7 +7,7 @@ readonly DATA_DIR=/home/yellowtent/data
 
 readonly script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 readonly json="${script_dir}/../../node_modules/.bin/json"
-readonly curl="curl --fail --connect-timeout 20 --retry 10 --retry-delay 2 --max-time 180"
+readonly curl="curl --fail --connect-timeout 20 --retry 10 --retry-delay 2 --max-time 300"
 
 readonly is_update=$([[ -d "${BOX_SRC_DIR}" ]] && echo "yes" || echo "no")
 

migrations/20160205135326-apps-add-memoryLimit.js

@@ -0,0 +1,15 @@
+dbm = dbm || require('db-migrate');
+
+exports.up = function(db, callback) {
+    db.runSql('ALTER TABLE apps ADD COLUMN memoryLimit BIGINT DEFAULT 0', function (error) {
+        if (error) console.error(error);
+        callback(error);
+    });
+};
+
+exports.down = function(db, callback) {
+    db.runSql('ALTER TABLE apps DROP COLUMN memoryLimit', function (error) {
+        if (error) console.error(error);
+        callback(error);
+    });
+};

migrations/20160208031241-groups-add-table.js

@@ -0,0 +1,21 @@
+var dbm = global.dbm || require('db-migrate');
+var type = dbm.dataType;
+
+exports.up = function(db, callback) {
+    var cmd = "CREATE TABLE groups(" +
+                "id VARCHAR(128) NOT NULL UNIQUE," +
+                "name VARCHAR(128) NOT NULL UNIQUE," +
+                "PRIMARY KEY(id))";
+
+    db.runSql(cmd, function (error) {
+        if (error) console.error(error);
+        callback(error);
+    });
+};
+
+exports.down = function(db, callback) {
+    db.runSql('DROP TABLE groups', function (error) {
+        if (error) console.error(error);
+        callback(error);
+    });
+};

migrations/20160208100000-groupMembers-add-table.js

@@ -0,0 +1,22 @@
+var dbm = global.dbm || require('db-migrate');
+var type = dbm.dataType;
+
+exports.up = function(db, callback) {
+	var cmd = "CREATE TABLE IF NOT EXISTS groupMembers(" +
+    			"groupId VARCHAR(128) NOT NULL," +
+    			"userId VARCHAR(128) NOT NULL," +
+    			"FOREIGN KEY(groupId) REFERENCES groups(id)," +
+    			"FOREIGN KEY(userId) REFERENCES users(id));";
+
+    db.runSql(cmd, function (error) {
+        if (error) console.error(error);
+        callback(error);
+    });
+};
+
+exports.down = function(db, callback) {
+    db.runSql('DROP TABLE groupMembers', function (error) {
+        if (error) console.error(error);
+        callback(error);
+    });
+};

migrations/20160208164735-groups-add-admin.js

@@ -0,0 +1,30 @@
+'use strict';
+
+var dbm = global.dbm || require('db-migrate');
+var async = require('async');
+
+var ADMIN_GROUP_ID = 'admin'; // see groups.js
+
+exports.up = function(db, callback) {
+	async.series([
+		db.runSql.bind(db, 'START TRANSACTION;'),
+		db.runSql.bind(db, 'INSERT INTO groups (id, name) VALUES (?, ?)', [ ADMIN_GROUP_ID, 'admin' ]),
+		function migrateAdminFlag(done) {
+			db.all('SELECT * FROM users WHERE admin=1', function (error, results) {
+				if (error) return done(error);
+
+				console.dir(results);
+
+				async.eachSeries(results, function (r, next) {
+					db.runSql('INSERT INTO groupMembers (groupId, userId) VALUES (?, ?)', [ ADMIN_GROUP_ID, r.id ], next);
+				}, done);
+			});
+		},
+		db.runSql.bind(db, 'ALTER TABLE users DROP COLUMN admin'),
+		db.runSql.bind(db, 'COMMIT')
+	], callback);
+};
+
+exports.down = function(db, callback) {
+    callback();
+};

migrations/schema.sql

@@ -21,6 +21,17 @@ CREATE TABLE IF NOT EXISTS users(
     displayName VARCHAR(512) DEFAULT '',
     PRIMARY KEY(id));
 
+CREATE TABLE IF NOT EXISTS groups(
+    id VARCHAR(128) NOT NULL UNIQUE,
+    username VARCHAR(254) NOT NULL UNIQUE,
+    PRIMARY KEY(id));
+
+CREATE TABLE IF NOT EXISTS groupMembers(
+    groupId VARCHAR(128) NOT NULL,
+    userId VARCHAR(128) NOT NULL,
+    FOREIGN KEY(groupId) REFERENCES groups(id),
+    FOREIGN KEY(userId) REFERENCES users(id));
+
 CREATE TABLE IF NOT EXISTS tokens(
     accessToken VARCHAR(128) NOT NULL UNIQUE,
     identifier VARCHAR(128) NOT NULL,
@@ -53,6 +64,7 @@ CREATE TABLE IF NOT EXISTS apps(
     accessRestrictionJson TEXT,
     oauthProxy BOOLEAN DEFAULT 0,
     createdAt TIMESTAMP(2) NOT NULL DEFAULT CURRENT_TIMESTAMP,
+    memoryLimit BIGINT DEFAULT 0,
 
     lastBackupId VARCHAR(128),
     lastBackupConfigJson TEXT, // used for appstore and non-appstore installs. it's here so it's easy to do REST validation

package.json

@@ -18,7 +18,7 @@
     "aws-sdk": "^2.1.46",
     "body-parser": "^1.13.1",
     "bytes": "^2.1.0",
-    "cloudron-manifestformat": "^2.2.0",
+    "cloudron-manifestformat": "^2.3.0",
     "connect-ensure-login": "^0.1.1",
     "connect-lastmile": "0.0.13",
     "connect-timeout": "^1.5.0",
@@ -77,8 +77,8 @@
     "gulp": "^3.8.11",
     "gulp-autoprefixer": "^2.3.0",
     "gulp-concat": "^2.4.3",
+    "gulp-cssnano": "^2.1.0",
     "gulp-ejs": "^1.0.0",
-    "gulp-minify-css": "^1.1.3",
     "gulp-sass": "^2.0.1",
     "gulp-serve": "^1.0.0",
     "gulp-sourcemaps": "^1.5.2",

setup/INFRA_VERSION

@@ -3,12 +3,12 @@
 # If you change the infra version, be sure to put a warning
 # in the change log
 
-INFRA_VERSION=22
+INFRA_VERSION=23
 
 # WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
 # These constants are used in the installer script as well
 BASE_IMAGE=cloudron/base:0.8.0
-MYSQL_IMAGE=cloudron/mysql:0.9.0
+MYSQL_IMAGE=cloudron/mysql:0.10.0
 POSTGRESQL_IMAGE=cloudron/postgresql:0.8.0
 MONGODB_IMAGE=cloudron/mongodb:0.8.0
 REDIS_IMAGE=cloudron/redis:0.8.0 # if you change this, fix src/addons.js as well

src/appdb.js

@@ -59,7 +59,7 @@ var assert = require('assert'),
 
 var APPS_FIELDS_PREFIXED = [ 'apps.id', 'apps.appStoreId', 'apps.installationState', 'apps.installationProgress', 'apps.runState',
     'apps.health', 'apps.containerId', 'apps.manifestJson', 'apps.httpPort', 'apps.location', 'apps.dnsRecordId',
-    'apps.accessRestrictionJson', 'apps.lastBackupId', 'apps.lastBackupConfigJson', 'apps.oldConfigJson', 'apps.oauthProxy' ].join(',');
+    'apps.accessRestrictionJson', 'apps.lastBackupId', 'apps.lastBackupConfigJson', 'apps.oldConfigJson', 'apps.memoryLimit' ].join(',');
 
 var PORT_BINDINGS_FIELDS = [ 'hostPort', 'environmentVariable', 'appId' ].join(',');
 
@@ -92,8 +92,6 @@ function postProcess(result) {
         result.portBindings[environmentVariables[i]] = parseInt(hostPorts[i], 10);
     }
 
-    result.oauthProxy = !!result.oauthProxy;
-
     assert(result.accessRestrictionJson === null || typeof result.accessRestrictionJson === 'string');
     result.accessRestriction = safe.JSON.parse(result.accessRestrictionJson);
     if (result.accessRestriction && !result.accessRestriction.users) result.accessRestriction.users = [];
@@ -179,7 +177,7 @@ function getAll(callback) {
     });
 }
 
-function add(id, appStoreId, manifest, location, portBindings, accessRestriction, oauthProxy, callback) {
+function add(id, appStoreId, manifest, location, portBindings, accessRestriction, memoryLimit, callback) {
     assert.strictEqual(typeof id, 'string');
     assert.strictEqual(typeof appStoreId, 'string');
     assert(manifest && typeof manifest === 'object');
@@ -187,7 +185,7 @@ function add(id, appStoreId, manifest, location, portBindings, accessRestriction
     assert.strictEqual(typeof location, 'string');
     assert.strictEqual(typeof portBindings, 'object');
     assert.strictEqual(typeof accessRestriction, 'object');
-    assert.strictEqual(typeof oauthProxy, 'boolean');
+    assert.strictEqual(typeof memoryLimit, 'number');
     assert.strictEqual(typeof callback, 'function');
 
     portBindings = portBindings || { };
@@ -197,8 +195,8 @@ function add(id, appStoreId, manifest, location, portBindings, accessRestriction
 
     var queries = [ ];
     queries.push({
-        query: 'INSERT INTO apps (id, appStoreId, manifestJson, installationState, location, accessRestrictionJson, oauthProxy) VALUES (?, ?, ?, ?, ?, ?, ?)',
-        args: [ id, appStoreId, manifestJson, exports.ISTATE_PENDING_INSTALL, location, accessRestrictionJson, oauthProxy ]
+        query: 'INSERT INTO apps (id, appStoreId, manifestJson, installationState, location, accessRestrictionJson, memoryLimit) VALUES (?, ?, ?, ?, ?, ?, ?)',
+        args: [ id, appStoreId, manifestJson, exports.ISTATE_PENDING_INSTALL, location, accessRestrictionJson, memoryLimit ]
     });
 
     Object.keys(portBindings).forEach(function (env) {
@@ -283,6 +281,7 @@ function updateWithConstraints(id, app, constraints, callback) {
     assert.strictEqual(typeof constraints, 'string');
     assert.strictEqual(typeof callback, 'function');
     assert(!('portBindings' in app) || typeof app.portBindings === 'object');
+    assert(!('accessRestriction' in app) || typeof app.accessRestriction === 'object' || app.accessRestriction === '');
 
     var queries = [ ];
 

src/apphealthmonitor.js

@@ -25,8 +25,10 @@ var gDockerEventStream = null;
 function debugApp(app) {
     assert(!app || typeof app === 'object');
 
-    var prefix = app ? app.location : '(no app)';
-    debug(prefix + ' ' + util.format.apply(util, Array.prototype.slice.call(arguments, 1)));
+    var prefix = app ? (app.location || 'naked_domain') : '(no app)';
+    var id = app ? app.id : '';
+
+    debug(prefix + ' ' + util.format.apply(util, Array.prototype.slice.call(arguments, 1)) + ' - ' + id);
 }
 
 function setHealth(app, health, callback) {
@@ -116,7 +118,7 @@ function processApps(callback) {
 
             var alive = apps
                 .filter(function (a) { return a.installationState === appdb.ISTATE_INSTALLED && a.runState === appdb.RSTATE_RUNNING && a.health === appdb.HEALTH_HEALTHY; })
-                .map(function (a) { return a.location; }).join(', ');
+                .map(function (a) { return a.location || 'naked_domain'; }).join(', ');
 
             debug('apps alive: [%s]', alive);
 

src/apps.js

@@ -6,9 +6,11 @@ exports = module.exports = {
     AppsError: AppsError,
 
     hasAccessTo: hasAccessTo,
+    requiresOAuthProxy: requiresOAuthProxy,
 
     get: get,
     getBySubdomain: getBySubdomain,
+    getByIpAddress: getByIpAddress,
     getAll: getAll,
     purchase: purchase,
     install: install,
@@ -56,6 +58,7 @@ var addons = require('./addons.js'),
     debug = require('debug')('box:apps'),
     docker = require('./docker.js'),
     fs = require('fs'),
+    groups = require('./groups.js'),
     manifestFormat = require('cloudron-manifestformat'),
     path = require('path'),
     paths = require('./paths.js'),
@@ -192,9 +195,38 @@ function validateAccessRestriction(accessRestriction) {
 
     if (accessRestriction === null) return null;
 
-    if (!accessRestriction.users || !Array.isArray(accessRestriction.users)) return new Error('users array property required');
-    if (accessRestriction.users.length === 0) return new Error('users array cannot be empty');
-    if (!accessRestriction.users.every(function (e) { return typeof e === 'string'; })) return new Error('All users have to be strings');
+    var noUsers = true, noGroups = true;
+
+    if (accessRestriction.users) {
+        if (!Array.isArray(accessRestriction.users)) return new Error('users array property required');
+        if (!accessRestriction.users.every(function (e) { return typeof e === 'string'; })) return new Error('All users have to be strings');
+        noUsers = accessRestriction.users.length === 0;
+    }
+
+    if (accessRestriction.groups) {
+        if (!Array.isArray(accessRestriction.groups)) return new Error('groups array property required');
+        if (!accessRestriction.groups.every(function (e) { return typeof e === 'string'; })) return new Error('All groups have to be strings');
+        noGroups = accessRestriction.groups.length === 0;
+    }
+
+    if (noUsers && noGroups) return new Error('users and groups array cannot both be empty');
+
+    return null;
+}
+
+function validateMemoryLimit(manifest, memoryLimit) {
+    assert.strictEqual(typeof manifest, 'object');
+    assert.strictEqual(typeof memoryLimit, 'number');
+
+    var min = manifest.memoryLimit || constants.DEFAULT_MEMORY_LIMIT;
+    var max = (4096 * 1024 * 1024);
+
+    // allow 0, which indicates that it is not set, the one from the manifest will be choosen but we don't commit any user value
+    // this is needed so an app update can change the value in the manifest, and if not set by the user, the new value should be used
+    if (memoryLimit === 0) return null;
+
+    if (memoryLimit < min) return new Error('memoryLimit too small');
+    if (memoryLimit > max) return new Error('memoryLimit too large');
 
     return null;
 }
@@ -226,12 +258,39 @@ function getIconUrlSync(app) {
     return fs.existsSync(iconPath) ? '/api/v1/apps/' + app.id + '/icon' : null;
 }
 
-function hasAccessTo(app, user) {
+function hasAccessTo(app, user, callback) {
     assert.strictEqual(typeof app, 'object');
     assert.strictEqual(typeof user, 'object');
+    assert.strictEqual(typeof callback, 'function');
 
-    if (app.accessRestriction === null) return true;
-    return app.accessRestriction.users.some(function (e) { return e === user.id; });
+    if (app.accessRestriction === null) return callback(null, true);
+
+    // check user access
+    if (app.accessRestriction.users.some(function (e) { return e === user.id; })) return callback(null, true);
+
+    // check group access
+    if (!app.accessRestriction.groups) return callback(null, false);
+
+    async.some(app.accessRestriction.groups, function (groupId, iteratorDone) {
+        groups.isMember(groupId, user.id, function (error, member) {
+            iteratorDone(!error && member); // async.some does not take error argument in callback
+        });
+    }, function (result) {
+        callback(null, result);
+    });
+}
+
+function requiresOAuthProxy(app) {
+    assert.strictEqual(typeof app, 'object');
+
+    var tmp = app.accessRestriction;
+
+    // if no accessRestriction set, or the app uses one of the auth modules, we do not need the oauth proxy
+    if (tmp === null) return false;
+    if (app.manifest.addons['ldap'] || app.manifest.addons['oauth'] || app.manifest.addons['simpleauth']) return false;
+
+    // check if any restrictions are set
+    return !!((tmp.users && tmp.users.length) || (tmp.groups && tmp.groups.length));
 }
 
 function get(appId, callback) {
@@ -264,6 +323,25 @@ function getBySubdomain(subdomain, callback) {
     });
 }
 
+function getByIpAddress(ip, callback) {
+    assert.strictEqual(typeof ip, 'string');
+    assert.strictEqual(typeof callback, 'function');
+
+    docker.getContainerIdByIp(ip, function (error, containerId) {
+        if (error) return callback(new AppsError(AppsError.INTERNAL_ERROR, error));
+
+        appdb.getByContainerId(containerId, function (error, app) {
+            if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new AppsError(AppsError.NOT_FOUND, 'No such app'));
+            if (error) return callback(new AppsError(AppsError.INTERNAL_ERROR, error));
+
+            app.iconUrl = getIconUrlSync(app);
+            app.fqdn = config.appFqdn(app.location);
+
+            callback(null, app);
+        });
+    });
+}
+
 function getAll(callback) {
     assert.strictEqual(typeof callback, 'function');
 
@@ -301,17 +379,17 @@ function purchase(appStoreId, callback) {
     });
 }
 
-function install(appId, appStoreId, manifest, location, portBindings, accessRestriction, oauthProxy, icon, cert, key, callback) {
+function install(appId, appStoreId, manifest, location, portBindings, accessRestriction, icon, cert, key, memoryLimit, callback) {
     assert.strictEqual(typeof appId, 'string');
     assert.strictEqual(typeof appStoreId, 'string');
     assert(manifest && typeof manifest === 'object');
     assert.strictEqual(typeof location, 'string');
     assert.strictEqual(typeof portBindings, 'object');
     assert.strictEqual(typeof accessRestriction, 'object');
-    assert.strictEqual(typeof oauthProxy, 'boolean');
     assert(!icon || typeof icon === 'string');
     assert(cert === null || typeof cert === 'string');
     assert(key === null || typeof key === 'string');
+    assert.strictEqual(typeof memoryLimit, 'number');
     assert.strictEqual(typeof callback, 'function');
 
     var error = manifestFormat.parse(manifest);
@@ -329,6 +407,12 @@ function install(appId, appStoreId, manifest, location, portBindings, accessRest
     error = validateAccessRestriction(accessRestriction);
     if (error) return callback(new AppsError(AppsError.BAD_FIELD, error.message));
 
+    error = validateMemoryLimit(manifest, memoryLimit);
+    if (error) return callback(new AppsError(AppsError.BAD_FIELD, error.message));
+
+    // memoryLimit might come in as 0 if not specified
+    memoryLimit = memoryLimit || manifest.memoryLimit || constants.DEFAULT_MEMORY_LIMIT;
+
     // singleUser mode requires accessRestriction to contain exactly one user
     if (manifest.singleUser && accessRestriction === null) return callback(new AppsError(AppsError.USER_REQUIRED));
     if (manifest.singleUser && accessRestriction.users.length !== 1) return callback(new AppsError(AppsError.USER_REQUIRED));
@@ -349,7 +433,7 @@ function install(appId, appStoreId, manifest, location, portBindings, accessRest
     purchase(appStoreId, function (error) {
         if (error) return callback(error);
 
-        appdb.add(appId, appStoreId, manifest, location.toLowerCase(), portBindings, accessRestriction, oauthProxy, function (error) {
+        appdb.add(appId, appStoreId, manifest, location.toLowerCase(), portBindings, accessRestriction, memoryLimit, function (error) {
             if (error && error.reason === DatabaseError.ALREADY_EXISTS) return callback(getDuplicateErrorDetails(location.toLowerCase(), portBindings, error));
             if (error) return callback(new AppsError(AppsError.INTERNAL_ERROR, error));
 
@@ -366,14 +450,14 @@ function install(appId, appStoreId, manifest, location, portBindings, accessRest
     });
 }
 
-function configure(appId, location, portBindings, accessRestriction, oauthProxy, cert, key, callback) {
+function configure(appId, location, portBindings, accessRestriction, cert, key, memoryLimit, callback) {
     assert.strictEqual(typeof appId, 'string');
     assert.strictEqual(typeof location, 'string');
     assert.strictEqual(typeof portBindings, 'object');
     assert.strictEqual(typeof accessRestriction, 'object');
-    assert.strictEqual(typeof oauthProxy, 'boolean');
     assert(cert === null || typeof cert === 'string');
     assert(key === null || typeof key === 'string');
+    assert.strictEqual(typeof memoryLimit, 'number');
     assert.strictEqual(typeof callback, 'function');
 
     var error = validateHostname(location, config.fqdn());
@@ -392,6 +476,12 @@ function configure(appId, location, portBindings, accessRestriction, oauthProxy,
         error = validatePortBindings(portBindings, app.manifest.tcpPorts);
         if (error) return callback(new AppsError(AppsError.BAD_FIELD, error.message));
 
+        error = validateMemoryLimit(app.manifest, memoryLimit);
+        if (error) return callback(new AppsError(AppsError.BAD_FIELD, error.message));
+
+        // memoryLimit might come in as 0 if not specified
+        memoryLimit = memoryLimit || app.memoryLimit || app.manifest.memoryLimit || constants.DEFAULT_MEMORY_LIMIT;
+
         // save cert to data/box/certs
         if (cert && key) {
             if (!safe.fs.writeFileSync(path.join(paths.APP_CERTS_DIR, config.appFqdn(location) + '.cert'), cert)) return callback(new AppsError(AppsError.INTERNAL_ERROR, 'Error saving cert: ' + safe.error.message));
@@ -401,14 +491,14 @@ function configure(appId, location, portBindings, accessRestriction, oauthProxy,
         var values = {
             location: location.toLowerCase(),
             accessRestriction: accessRestriction,
-            oauthProxy: oauthProxy,
             portBindings: portBindings,
+            memoryLimit: memoryLimit,
 
             oldConfig: {
                 location: app.location,
                 accessRestriction: app.accessRestriction,
                 portBindings: app.portBindings,
-                oauthProxy: app.oauthProxy
+                memoryLimit: app.memoryLimit
             }
         };
 
@@ -457,14 +547,19 @@ function update(appId, force, manifest, portBindings, icon, callback) {
         if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new AppsError(AppsError.NOT_FOUND, 'No such app'));
         if (error) return callback(new AppsError(AppsError.INTERNAL_ERROR, error));
 
+        // Ensure we update the memory limit in case the new app requires more memory as a minimum
+        var memoryLimit = manifest.memoryLimit ? (app.memoryLimit < manifest.memoryLimit ? manifest.memoryLimit : app.memoryLimit) : app.memoryLimit;
+
         var values = {
             manifest: manifest,
             portBindings: portBindings,
+            memoryLimit: memoryLimit,
+
             oldConfig: {
                 manifest: app.manifest,
                 portBindings: app.portBindings,
                 accessRestriction: app.accessRestriction,
-                oauthProxy: app.oauthProxy
+                memoryLimit: app.memoryLimit
             }
         };
 
@@ -550,12 +645,13 @@ function restore(appId, callback) {
             values = {
                 manifest: restoreConfig.manifest,
                 portBindings: restoreConfig.portBindings,
+                memoryLimit: restoreConfig.memoryLimit,
 
                 oldConfig: {
                     location: app.location,
                     accessRestriction: app.accessRestriction,
-                    oauthProxy: app.oauthProxy,
                     portBindings: app.portBindings,
+                    memoryLimit: app.memoryLimit,
                     manifest: app.manifest
                 }
             };
@@ -578,13 +674,13 @@ function uninstall(appId, callback) {
 
     debug('Will uninstall app with id:%s', appId);
 
-    appdb.setInstallationCommand(appId, appdb.ISTATE_PENDING_UNINSTALL, function (error) {
-        if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new AppsError(AppsError.NOT_FOUND, 'No such app'));
-        if (error) return callback(new AppsError(AppsError.INTERNAL_ERROR, error));
+    taskmanager.stopAppTask(appId, function () {
+        appdb.setInstallationCommand(appId, appdb.ISTATE_PENDING_UNINSTALL, function (error) {
+            if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new AppsError(AppsError.NOT_FOUND, 'No such app'));
+            if (error) return callback(new AppsError(AppsError.INTERNAL_ERROR, error));
 
-        taskmanager.restartAppTask(appId); // since uninstall is allowed from any state, kill current task
-
-        callback(null);
+            taskmanager.startAppTask(appId, callback);
+        });
     });
 }
 
@@ -646,6 +742,10 @@ function exec(appId, options, callback) {
         if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new AppsError(AppsError.NOT_FOUND, 'No such app'));
         if (error) return callback(new AppsError(AppsError.INTERNAL_ERROR, error));
 
+        if (app.installationState !== appdb.ISTATE_INSTALLED || app.runState !== appdb.RSTATE_RUNNING) {
+            return callback(new AppsError(AppsError.BAD_STATE, 'App not installed or running'));
+        }
+
         var container = docker.connection.getContainer(app.containerId);
 
        var execOptions = {
@@ -808,7 +908,7 @@ function backupApp(app, addonsToBackup, callback) {
             location: app.location,
             portBindings: app.portBindings,
             accessRestriction: app.accessRestriction,
-            oauthProxy: app.oauthProxy
+            memoryLimit: app.memoryLimit
         };
         backupFunction = createNewBackup.bind(null, app, addonsToBackup);
 

src/apptask.js

@@ -101,11 +101,12 @@ function configureNginx(app, callback) {
     assert.strictEqual(typeof callback, 'function');
 
     var vhost = config.appFqdn(app.location);
+    var oauthProxy = apps.requiresOAuthProxy(app);
 
     certificates.ensureCertificate(vhost, function (error, certFilePath, keyFilePath) {
         if (error) return callback(error);
 
-        nginx.configureApp(app, certFilePath, keyFilePath, callback);
+        nginx.configureApp(app, oauthProxy, certFilePath, keyFilePath, callback);
     });
 }
 
@@ -162,7 +163,7 @@ function allocateOAuthProxyCredentials(app, callback) {
     assert.strictEqual(typeof app, 'object');
     assert.strictEqual(typeof callback, 'function');
 
-    if (!app.oauthProxy) return callback(null);
+    if (!apps.requiresOAuthProxy(app)) return callback(null);
 
     var id = 'cid-' + uuid.v4();
     var clientSecret = hat(256);
@@ -605,9 +606,14 @@ function update(app, callback) {
         updateApp.bind(null, app, { installationProgress: '0, Verify manifest' }),
         verifyManifest.bind(null, app),
 
+        // download new image before app is stopped. this is so we can reduce downtime
+        // and also not remove the 'common' layers when the old image is deleted
+        updateApp.bind(null, app, { installationProgress: '15, Downloading image' }),
+        docker.downloadImage.bind(null, app.manifest),
+
         // note: we cleanup first and then backup. this is done so that the app is not running should backup fail
         // we cannot easily 'recover' from backup failures because we have to revert manfest and portBindings
-        updateApp.bind(null, app, { installationProgress: '10, Cleaning up old install' }),
+        updateApp.bind(null, app, { installationProgress: '25, Cleaning up old install' }),
         removeCollectdProfile.bind(null, app),
         stopApp.bind(null, app),
         deleteContainers.bind(null, app),
@@ -623,17 +629,14 @@ function update(app, callback) {
             if (app.installationState === appdb.ISTATE_PENDING_FORCE_UPDATE) return next(null);
 
             async.series([
-                updateApp.bind(null, app, { installationProgress: '20, Backup app' }),
+                updateApp.bind(null, app, { installationProgress: '30, Backup app' }),
                 apps.backupApp.bind(null, app, app.oldConfig.manifest.addons)
             ], next);
         },
 
-        updateApp.bind(null, app, { installationProgress: '35, Downloading icon' }),
+        updateApp.bind(null, app, { installationProgress: '45, Downloading icon' }),
         downloadIcon.bind(null, app),
 
-        updateApp.bind(null, app, { installationProgress: '45, Downloading image' }),
-        docker.downloadImage.bind(null, app.manifest),
-
         updateApp.bind(null, app, { installationProgress: '70, Updating addons' }),
         addons.setupAddons.bind(null, app, app.manifest.addons),
 
@@ -761,7 +764,7 @@ function startTask(appId, callback) {
         case appdb.ISTATE_PENDING_INSTALL: return install(app, callback);
         case appdb.ISTATE_PENDING_FORCE_UPDATE: return update(app, callback);
         case appdb.ISTATE_ERROR:
-            debugApp(app, 'Apptask launched with error states.');
+            debugApp(app, 'Internal error. apptask launched with error status.');
             return callback(null);
         default:
             debugApp(app, 'apptask launched with invalid command');

src/constants.js

@@ -7,6 +7,8 @@ exports = module.exports = {
     ADMIN_NAME: 'Settings',
 
     ADMIN_CLIENT_ID: 'webadmin', // oauth client id
-    ADMIN_APPID: 'admin' // admin appid (settingsdb)
+    ADMIN_APPID: 'admin', // admin appid (settingsdb)
+
+    DEFAULT_MEMORY_LIMIT: (256 * 1024 * 1024)
 };
 

src/database.js

@@ -118,6 +118,7 @@ function clear(callback) {
         require('./authcodedb.js')._clear,
         require('./clientdb.js')._clear,
         require('./tokendb.js')._clear,
+        require('./groupdb.js')._clear,
         require('./userdb.js')._clear,
         require('./settingsdb.js')._clear
     ], callback);

src/databaseerror.js

@@ -30,3 +30,4 @@ DatabaseError.INTERNAL_ERROR = 'Internal error';
 DatabaseError.ALREADY_EXISTS = 'Entry already exist';
 DatabaseError.NOT_FOUND = 'Record not found';
 DatabaseError.BAD_FIELD = 'Invalid field';
+DatabaseError.IN_USE = 'In Use';

src/docker.js

@@ -4,6 +4,7 @@ var addons = require('./addons.js'),
     async = require('async'),
     assert = require('assert'),
     config = require('./config.js'),
+    constants = require('./constants.js'),
     debug = require('debug')('box:src/docker.js'),
     Docker = require('dockerode'),
     safe = require('safetydance'),
@@ -23,7 +24,8 @@ exports = module.exports = {
     deleteContainerByName: deleteContainer,
     deleteImage: deleteImage,
     deleteContainers: deleteContainers,
-    createSubcontainer: createSubcontainer
+    createSubcontainer: createSubcontainer,
+    getContainerIdByIp: getContainerIdByIp
 };
 
 function connectionInstance() {
@@ -156,7 +158,15 @@ function createSubcontainer(app, name, cmd, options, callback) {
         dockerPortBindings[containerPort + '/tcp'] = [ { HostIp: '0.0.0.0', HostPort: hostPort + '' } ];
     }
 
-    var memoryLimit = manifest.memoryLimit || (developmentMode ? 0 : 1024 * 1024 * 200); // 200mb by default
+    // first check db record, then manifest
+    var memoryLimit = app.memoryLimit || manifest.memoryLimit;
+
+    // ensure we never go below minimum
+    memoryLimit = memoryLimit < constants.DEFAULT_MEMORY_LIMIT ? constants.DEFAULT_MEMORY_LIMIT : memoryLimit; // 256mb by default
+
+    // developerMode does not restrict memory usage
+    memoryLimit = developmentMode ? 0 : memoryLimit;
+
     // for subcontainers, this should ideally be false. but docker does not allow network sharing if the app container is not running
     // this means cloudron exec does not work
     var isolatedNetworkNs = true;
@@ -346,3 +356,36 @@ function deleteImage(manifest, callback) {
         callback(error);
     });
 }
+
+function getContainerIdByIp(ip, callback) {
+    assert.strictEqual(typeof ip, 'string');
+    assert.strictEqual(typeof callback, 'function');
+
+    debug('get container by ip %s', ip);
+
+    var docker = exports.connection;
+
+    docker.listNetworks({}, function (error, result) {
+        if (error) return callback(error);
+
+        var bridge;
+        result.forEach(function (n) {
+            if (n.Name === 'bridge') bridge = n;
+        });
+
+        if (!bridge) return callback(new Error('Unable to find the bridge network'));
+
+        var containerId;
+        for (var id in bridge.Containers) {
+            if (bridge.Containers[id].IPv4Address.indexOf(ip) === 0) {
+                containerId = id;
+                break;
+            }
+        }
+        if (!containerId) return callback(new Error('No container with that ip'));
+
+        debug('found container %s with ip %s', containerId, ip);
+
+        callback(null, containerId);
+    });
+}

src/groupdb.js

@@ -0,0 +1,202 @@
+'use strict';
+
+exports = module.exports = {
+    get: get,
+    getWithMembers: getWithMembers,
+    getAll: getAll,
+    add: add,
+    del: del,
+    count: count,
+
+    getMembers: getMembers,
+    addMember: addMember,
+    removeMember: removeMember,
+    isMember: isMember,
+
+    getGroups: getGroups,
+    setGroups: setGroups,
+
+    _clear: clear
+};
+
+var assert = require('assert'),
+    database = require('./database.js'),
+    DatabaseError = require('./databaseerror');
+
+var GROUPS_FIELDS = [ 'id', 'name' ].join(',');
+
+function get(groupId, callback) {
+    assert.strictEqual(typeof groupId, 'string');
+    assert.strictEqual(typeof callback, 'function');
+
+    database.query('SELECT ' + GROUPS_FIELDS + ' FROM groups WHERE id = ?', [ groupId ], function (error, result) {
+        if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
+        if (result.length === 0) return callback(new DatabaseError(DatabaseError.NOT_FOUND));
+
+        callback(null, result[0]);
+    });
+}
+
+function getWithMembers(groupId, callback) {
+    assert.strictEqual(typeof groupId, 'string');
+    assert.strictEqual(typeof callback, 'function');
+
+    database.query('SELECT ' + GROUPS_FIELDS + ',GROUP_CONCAT(groupMembers.userId) AS userIds ' +
+                    ' FROM groups LEFT OUTER JOIN groupMembers ON groups.id = groupMembers.groupId ' +
+                    ' WHERE groups.id = ? ' +
+                    ' GROUP BY groups.id', [ groupId ], function (error, results) {
+        if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
+        if (results.length === 0) return callback(new DatabaseError(DatabaseError.NOT_FOUND));
+
+        var result = results[0];
+        result.userIds = result.userIds ? result.userIds.split(',') : [ ];
+
+        callback(null, result);
+    });
+}
+
+function getAll(callback) {
+    assert.strictEqual(typeof callback, 'function');
+
+    database.query('SELECT ' + GROUPS_FIELDS + ' FROM groups', function (error, result) {
+        if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
+
+        callback(null, result);
+    });
+}
+
+function add(id, name, callback) {
+    assert.strictEqual(typeof id, 'string');
+    assert.strictEqual(typeof name, 'string');
+    assert.strictEqual(typeof callback, 'function');
+
+    var data = [ id, name ];
+    database.query('INSERT INTO groups (id, name) VALUES (?, ?)',
+           data, function (error, result) {
+        if (error && error.code === 'ER_DUP_ENTRY') return callback(new DatabaseError(DatabaseError.ALREADY_EXISTS, error));
+        if (error || result.affectedRows !== 1) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
+
+        callback(null);
+    });
+}
+
+function del(id, callback) {
+    assert.strictEqual(typeof id, 'string');
+    assert.strictEqual(typeof callback, 'function');
+
+    // also cleanup the groupMembers table
+    var queries = [];
+    queries.push({ query: 'DELETE FROM groupMembers WHERE groupId = ?', args: [ id ] });
+    queries.push({ query: 'DELETE FROM groups WHERE id = ?', args: [ id ] });
+
+    database.transaction(queries, function (error, result) {
+        if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
+        if (result[1].affectedRows !== 1) return callback(new DatabaseError(DatabaseError.NOT_FOUND));
+
+        callback(error);
+    });
+}
+
+function count(callback) {
+    assert.strictEqual(typeof callback, 'function');
+
+    database.query('SELECT COUNT(*) AS total FROM groups', function (error, result) {
+        if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
+
+        return callback(null, result[0].total);
+    });
+}
+
+function clear(callback) {
+    database.query('DELETE FROM groupMembers', function (error) {
+        if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
+
+        database.query('DELETE FROM groups WHERE id != ?', [ 'admin' ], function (error) {
+            if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
+
+            callback(error);
+        });
+    });
+}
+
+function getMembers(groupId, callback) {
+    assert.strictEqual(typeof groupId, 'string');
+    assert.strictEqual(typeof callback, 'function');
+
+    database.query('SELECT userId FROM groupMembers WHERE groupId=?', [ groupId ], function (error, result) {
+        if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
+        // if (result.length === 0) return callback(new DatabaseError(DatabaseError.NOT_FOUND)); // need to differentiate group with no members and invalid groupId
+
+        callback(error, result.map(function (r) { return r.userId; }));
+    });
+}
+
+function getGroups(userId, callback) {
+    assert.strictEqual(typeof userId, 'string');
+    assert.strictEqual(typeof callback, 'function');
+
+    database.query('SELECT groupId FROM groupMembers WHERE userId=? ORDER BY groupId', [ userId ], function (error, result) {
+        if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
+        // if (result.length === 0) return callback(new DatabaseError(DatabaseError.NOT_FOUND)); // need to differentiate group with no members and invalid groupId
+
+        callback(error, result.map(function (r) { return r.groupId; }));
+    });
+}
+
+function setGroups(userId, groupIds, callback) {
+    assert.strictEqual(typeof userId, 'string');
+    assert(Array.isArray(groupIds));
+    assert.strictEqual(typeof callback, 'function');
+
+    var queries = [ ];
+    queries.push({ query: 'DELETE from groupMembers WHERE userId = ?', args: [ userId ] });
+    groupIds.forEach(function (gid) {
+        queries.push({ query: 'INSERT INTO groupMembers (groupId, userId) VALUES (? , ?)', args: [ gid, userId ] });
+    });
+
+    database.transaction(queries, function (error) {
+        if (error && error.code === 'ER_NO_REFERENCED_ROW_2') return callback(new DatabaseError(DatabaseError.NOT_FOUND, error.message));
+        if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
+
+        callback(null);
+    });
+}
+
+function addMember(groupId, userId, callback) {
+    assert.strictEqual(typeof groupId, 'string');
+    assert.strictEqual(typeof userId, 'string');
+    assert.strictEqual(typeof callback, 'function');
+
+    database.query('INSERT INTO groupMembers (groupId, userId) VALUES (?, ?)', [ groupId, userId ], function (error, result) {
+        if (error && error.code === 'ER_DUP_ENTRY') return callback(new DatabaseError(DatabaseError.ALREADY_EXISTS, error));
+        if (error && error.code === 'ER_NO_REFERENCED_ROW_2') return callback(new DatabaseError(DatabaseError.NOT_FOUND));
+        if (error || result.affectedRows !== 1) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
+
+        callback(null);
+    });
+}
+
+function removeMember(groupId, userId, callback) {
+    assert.strictEqual(typeof groupId, 'string');
+    assert.strictEqual(typeof userId, 'string');
+    assert.strictEqual(typeof callback, 'function');
+
+    database.query('DELETE FROM groupMembers WHERE groupId = ? AND userId = ?', [ groupId, userId ], function (error, result) {
+        if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
+        if (result.affectedRows !== 1) return callback(new DatabaseError(DatabaseError.NOT_FOUND));
+
+        callback(null);
+    });
+}
+
+function isMember(groupId, userId, callback) {
+    assert.strictEqual(typeof groupId, 'string');
+    assert.strictEqual(typeof userId, 'string');
+    assert.strictEqual(typeof callback, 'function');
+
+    database.query('SELECT 1 FROM groupMembers WHERE groupId=? AND userId=?', [ groupId, userId ], function (error, result) {
+        if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
+
+        callback(null, result.length !== 0);
+    });
+}

src/groups.js

@@ -0,0 +1,210 @@
+/* jshint node:true */
+
+'use strict';
+
+exports = module.exports = {
+    GroupError: GroupError,
+
+    create: create,
+    remove: remove,
+    get: get,
+    getWithMembers: getWithMembers,
+    getAll: getAll,
+
+    getMembers: getMembers,
+    addMember: addMember,
+    removeMember: removeMember,
+    isMember: isMember,
+
+    getGroups: getGroups,
+    setGroups: setGroups,
+
+    ADMIN_GROUP_ID: 'admin' // see db migration code and groupdb._clear
+};
+
+var assert = require('assert'),
+    DatabaseError = require('./databaseerror.js'),
+    groupdb = require('./groupdb.js'),
+    util = require('util');
+
+// http://dustinsenos.com/articles/customErrorsInNode
+// http://code.google.com/p/v8/wiki/JavaScriptStackTraceApi
+function GroupError(reason, errorOrMessage) {
+    assert.strictEqual(typeof reason, 'string');
+    assert(errorOrMessage instanceof Error || typeof errorOrMessage === 'string' || typeof errorOrMessage === 'undefined');
+
+    Error.call(this);
+    Error.captureStackTrace(this, this.constructor);
+
+    this.name = this.constructor.name;
+    this.reason = reason;
+    if (typeof errorOrMessage === 'undefined') {
+        this.message = reason;
+    } else if (typeof errorOrMessage === 'string') {
+        this.message = errorOrMessage;
+    } else {
+        this.message = 'Internal error';
+        this.nestedError = errorOrMessage;
+    }
+}
+util.inherits(GroupError, Error);
+GroupError.INTERNAL_ERROR = 'Internal Error';
+GroupError.ALREADY_EXISTS = 'Already Exists';
+GroupError.NOT_FOUND = 'Not Found';
+GroupError.BAD_NAME = 'Bad name';
+GroupError.NOT_EMPTY = 'Not Empty';
+GroupError.NOT_ALLOWED = 'Not Allowed';
+
+function validateGroupname(name) {
+    assert.strictEqual(typeof name, 'string');
+    var RESERVED = [ 'admins', 'users' ]; // ldap code uses 'users' pseudo group
+
+    if (name.length <= 2) return new GroupError(GroupError.BAD_NAME, 'name must be atleast 3 chars');
+    if (name.length >= 200) return new GroupError(GroupError.BAD_NAME, 'name too long');
+
+    if (!/^[A-Za-z0-9_-]*$/.test(name)) return new GroupError(GroupError.BAD_NAME, 'name can only have A-Za-z0-9_-');
+
+    if (RESERVED.indexOf(name) !== -1) return new GroupError(GroupError.BAD_NAME, 'name is reserved');
+
+    return null;
+}
+
+function create(name, callback) {
+    assert.strictEqual(typeof name, 'string');
+    assert.strictEqual(typeof callback, 'function');
+
+    var error = validateGroupname(name);
+    if (error) return callback(error);
+
+    groupdb.add(name /* id */, name, function (error) {
+        if (error && error.reason === DatabaseError.ALREADY_EXISTS) return callback(new GroupError(GroupError.ALREADY_EXISTS));
+        if (error) return callback(new GroupError(GroupError.INTERNAL_ERROR, error));
+
+        callback(null, { id: name, name: name });
+    });
+}
+
+function remove(id, callback) {
+    assert.strictEqual(typeof id, 'string');
+    assert.strictEqual(typeof callback, 'function');
+
+    // never allow admin group to be deleted
+    if (id === exports.ADMIN_GROUP_ID) return callback(new GroupError(GroupError.NOT_ALLOWED));
+
+    groupdb.del(id, function (error) {
+        if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new GroupError(GroupError.NOT_FOUND));
+        if (error) return callback(new GroupError(GroupError.INTERNAL_ERROR, error));
+
+        callback(null);
+    });
+}
+
+function get(id, callback) {
+    assert.strictEqual(typeof id, 'string');
+    assert.strictEqual(typeof callback, 'function');
+
+    groupdb.get(id, function (error, result) {
+        if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new GroupError(GroupError.NOT_FOUND));
+        if (error) return callback(new GroupError(GroupError.INTERNAL_ERROR, error));
+
+        return callback(null, result);
+    });
+}
+
+function getWithMembers(id, callback) {
+    assert.strictEqual(typeof id, 'string');
+    assert.strictEqual(typeof callback, 'function');
+
+    groupdb.getWithMembers(id, function (error, result) {
+        if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new GroupError(GroupError.NOT_FOUND));
+        if (error) return callback(new GroupError(GroupError.INTERNAL_ERROR, error));
+
+        return callback(null, result);
+    });
+}
+
+function getAll(callback) {
+    assert.strictEqual(typeof callback, 'function');
+
+    groupdb.getAll(function (error, result) {
+        if (error) return callback(new GroupError(GroupError.INTERNAL_ERROR, error));
+
+        return callback(null, result);
+    });
+}
+
+function getMembers(groupId, callback) {
+    assert.strictEqual(typeof groupId, 'string');
+    assert.strictEqual(typeof callback, 'function');
+
+    groupdb.getMembers(groupId, function (error, result) {
+        if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new GroupError(GroupError.NOT_FOUND));
+        if (error) return callback(new GroupError(GroupError.INTERNAL_ERROR, error));
+
+        return callback(null, result);
+    });
+}
+
+function getGroups(userId, callback) {
+    assert.strictEqual(typeof userId, 'string');
+    assert.strictEqual(typeof callback, 'function');
+
+    groupdb.getGroups(userId, function (error, result) {
+        if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new GroupError(GroupError.NOT_FOUND));
+        if (error) return callback(new GroupError(GroupError.INTERNAL_ERROR, error));
+
+        return callback(null, result);
+    });
+}
+
+function setGroups(userId, groupIds, callback) {
+    assert.strictEqual(typeof userId, 'string');
+    assert(Array.isArray(groupIds));
+    assert.strictEqual(typeof callback, 'function');
+
+    groupdb.setGroups(userId, groupIds, function (error) {
+        if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new GroupError(GroupError.NOT_FOUND));
+        if (error) return callback(new GroupError(GroupError.INTERNAL_ERROR, error));
+
+        return callback(null);
+    });
+}
+
+function addMember(groupId, userId, callback) {
+    assert.strictEqual(typeof groupId, 'string');
+    assert.strictEqual(typeof userId, 'string');
+    assert.strictEqual(typeof callback, 'function');
+
+    groupdb.addMember(groupId, userId, function (error) {
+        if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new GroupError(GroupError.NOT_FOUND));
+        if (error) return callback(new GroupError(GroupError.INTERNAL_ERROR, error));
+
+        return callback(null);
+    });
+}
+
+function removeMember(groupId, userId, callback) {
+    assert.strictEqual(typeof groupId, 'string');
+    assert.strictEqual(typeof userId, 'string');
+    assert.strictEqual(typeof callback, 'function');
+
+    groupdb.removeMember(groupId, userId, function (error) {
+        if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new GroupError(GroupError.NOT_FOUND));
+        if (error) return callback(new GroupError(GroupError.INTERNAL_ERROR, error));
+
+        return callback(null);
+    });
+}
+
+function isMember(groupId, userId, callback) {
+    assert.strictEqual(typeof groupId, 'string');
+    assert.strictEqual(typeof userId, 'string');
+    assert.strictEqual(typeof callback, 'function');
+
+    groupdb.isMember(groupId, userId, function (error, result) {
+        if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new GroupError(GroupError.NOT_FOUND));
+        if (error) return callback(new GroupError(GroupError.INTERNAL_ERROR, error));
+
+        return callback(null, result);
+    });
+}

src/ldap.js

@@ -6,6 +6,7 @@ exports = module.exports = {
 };
 
 var assert = require('assert'),
+    apps = require('./apps.js'),
     config = require('./config.js'),
     debug = require('debug')('box:ldap'),
     user = require('./user.js'),
@@ -28,6 +29,16 @@ var gLogger = {
 var GROUP_USERS_DN = 'cn=users,ou=groups,dc=cloudron';
 var GROUP_ADMINS_DN = 'cn=admins,ou=groups,dc=cloudron';
 
+function getAppByRequest(req, callback) {
+    var sourceIp = req.connection.ldap.id.split(':')[0];
+    if (sourceIp.split('.').length !== 4) return callback(new ldap.InsufficientAccessRightsError('Missing source identifier'));
+
+    apps.getByIpAddress(sourceIp, function (error, app) {
+        // we currently allow access in case we can't find the source app
+        callback(null, app || null);
+    });
+}
+
 function start(callback) {
     assert.strictEqual(typeof callback, 'function');
 
@@ -36,7 +47,7 @@ function start(callback) {
     gServer.search('ou=users,dc=cloudron', function (req, res, next) {
         debug('ldap user search: dn %s, scope %s, filter %s', req.dn.toString(), req.scope, req.filter.toString());
 
-        user.list(function (error, result){
+        user.list(function (error, result) {
             if (error) return next(new ldap.OperationsError(error.toString()));
 
             // send user objects
@@ -119,12 +130,28 @@ function start(callback) {
         var commonName = req.dn.rdns[0][Object.keys(req.dn.rdns[0])[0]];
         if (!commonName) return next(new ldap.NoSuchObjectError(req.dn.toString()));
 
-        user.verify(commonName, req.credentials || '', function (error, result) {
+        // TODO this should be done after we verified the app has access to avoid leakage of user existence
+        user.verify(commonName, req.credentials || '', function (error, userObject) {
             if (error && error.reason === UserError.NOT_FOUND) return next(new ldap.NoSuchObjectError(req.dn.toString()));
             if (error && error.reason === UserError.WRONG_PASSWORD) return next(new ldap.InvalidCredentialsError(req.dn.toString()));
             if (error) return next(new ldap.OperationsError(error));
 
-            res.end();
+            getAppByRequest(req, function (error, app) {
+                if (error) return next(error);
+
+                if (!app) return res.end();
+
+                debug('no app found for this container, allow access');
+
+                apps.hasAccessTo(app, userObject, function (error, result) {
+                    if (error) return next(new ldap.OperationsError(error.toString()));
+
+                    // we return no such object, to avoid leakage of a users existence
+                    if (!result) return next(new ldap.NoSuchObjectError(req.dn.toString()));
+
+                    res.end();
+                });
+            });
         });
     });
 

src/mail_templates/welcome_user.ejs

@@ -2,7 +2,7 @@
 
 Dear <%= user.username %>,
 
-Welcome to my Cloudron <%= fqdn %>!
+Welcome to our Cloudron <%= fqdn %>!
 
 The Cloudron is our own Smart Server. You can read more about it
 at https://www.cloudron.io.

src/mailer.js

@@ -280,12 +280,13 @@ function userRemoved(username) {
     mailUserEventToAdmins({ username: username }, 'was removed');
 }
 
-function adminChanged(user) {
+function adminChanged(user, admin) {
     assert.strictEqual(typeof user, 'object');
+    assert.strictEqual(typeof admin, 'boolean');
 
     debug('Sending mail for adminChanged');
 
-    mailUserEventToAdmins(user, user.admin ? 'is now an admin' : 'is no more an admin');
+    mailUserEventToAdmins(user, admin ? 'is now an admin' : 'is no more an admin');
 }
 
 function passwordReset(user) {
@@ -411,6 +412,8 @@ function _getMailQueue() {
     return gMailQueue;
 }
 
-function _clearMailQueue() {
+function _clearMailQueue(callback) {
     gMailQueue = [];
+
+    if (callback) callback();
 }

src/nginx.js

@@ -43,14 +43,15 @@ function configureAdmin(certFilePath, keyFilePath, callback) {
     reload(callback);
 }
 
-function configureApp(app, certFilePath, keyFilePath, callback) {
+function configureApp(app, oauthProxy, certFilePath, keyFilePath, callback) {
     assert.strictEqual(typeof app, 'object');
+    assert.strictEqual(typeof oauthProxy, 'boolean');
     assert.strictEqual(typeof certFilePath, 'string');
     assert.strictEqual(typeof keyFilePath, 'string');
     assert.strictEqual(typeof callback, 'function');
 
     var sourceDir = path.resolve(__dirname, '..');
-    var endpoint = app.oauthProxy ? 'oauthproxy' : 'app';
+    var endpoint = oauthProxy ? 'oauthproxy' : 'app';
     var vhost = config.appFqdn(app.location);
 
     var data = {

src/oauthproxy.js

@@ -126,7 +126,7 @@ function authenticate(req, res, next) {
 
             clientdb.getByAppIdAndType(result.id, clientdb.TYPE_PROXY, function (error, result) {
                 if (error) {
-                    console.error('Unkonwn OAuth client.', error);
+                    console.error('Unknown OAuth client.', error);
                     return res.send(500, 'Unknown OAuth client.');
                 }
 

src/routes/apps.js

@@ -44,12 +44,12 @@ function removeInternalAppFields(app) {
         health: app.health,
         location: app.location,
         accessRestriction: app.accessRestriction,
-        oauthProxy: app.oauthProxy,
         lastBackupId: app.lastBackupId,
         manifest: app.manifest,
         portBindings: app.portBindings,
         iconUrl: app.iconUrl,
-        fqdn: app.fqdn
+        fqdn: app.fqdn,
+        memoryLimit: app.memoryLimit
     };
 }
 
@@ -116,19 +116,19 @@ function installApp(req, res, next) {
     if (typeof data.location !== 'string') return next(new HttpError(400, 'location is required'));
     if (('portBindings' in data) && typeof data.portBindings !== 'object') return next(new HttpError(400, 'portBindings must be an object'));
     if (typeof data.accessRestriction !== 'object') return next(new HttpError(400, 'accessRestriction is required'));
-    if (typeof data.oauthProxy !== 'boolean') return next(new HttpError(400, 'oauthProxy must be a boolean'));
     if ('icon' in data && typeof data.icon !== 'string') return next(new HttpError(400, 'icon is not a string'));
     if (data.cert && typeof data.cert !== 'string') return next(new HttpError(400, 'cert must be a string'));
     if (data.key && typeof data.key !== 'string') return next(new HttpError(400, 'key must be a string'));
     if (data.cert && !data.key) return next(new HttpError(400, 'key must be provided'));
     if (!data.cert && data.key) return next(new HttpError(400, 'cert must be provided'));
+    if ('memoryLimit' in data && typeof data.memoryLimit !== 'number') return next(new HttpError(400, 'memoryLimit is not a number'));
 
     // allow tests to provide an appId for testing
     var appId = (process.env.BOX_ENV === 'test' && typeof data.appId === 'string') ? data.appId : uuid.v4();
 
-    debug('Installing app id:%s storeid:%s loc:%s port:%j accessRestriction:%j oauthproxy:%s manifest:%j', appId, data.appStoreId, data.location, data.portBindings, data.accessRestriction, data.oauthProxy, data.manifest);
+    debug('Installing app id:%s storeid:%s loc:%s port:%j accessRestriction:%j memoryLimit:%s manifest:%j', appId, data.appStoreId, data.location, data.portBindings, data.accessRestriction, data.memoryLimit, data.manifest);
 
-    apps.install(appId, data.appStoreId, data.manifest, data.location, data.portBindings || null, data.accessRestriction, data.oauthProxy, data.icon || null, data.cert || null, data.key || null, function (error) {
+    apps.install(appId, data.appStoreId, data.manifest, data.location, data.portBindings || null, data.accessRestriction, data.icon || null, data.cert || null, data.key || null, data.memoryLimit || 0, function (error) {
         if (error && error.reason === AppsError.ALREADY_EXISTS) return next(new HttpError(409, error.message));
         if (error && error.reason === AppsError.PORT_RESERVED) return next(new HttpError(409, 'Port ' + error.message + ' is reserved.'));
         if (error && error.reason === AppsError.PORT_CONFLICT) return next(new HttpError(409, 'Port ' + error.message + ' is already in use.'));
@@ -160,15 +160,15 @@ function configureApp(req, res, next) {
     if (typeof data.location !== 'string') return next(new HttpError(400, 'location is required'));
     if (('portBindings' in data) && typeof data.portBindings !== 'object') return next(new HttpError(400, 'portBindings must be an object'));
     if (typeof data.accessRestriction !== 'object') return next(new HttpError(400, 'accessRestriction is required'));
-    if (typeof data.oauthProxy !== 'boolean') return next(new HttpError(400, 'oauthProxy must be a boolean'));
     if (data.cert && typeof data.cert !== 'string') return next(new HttpError(400, 'cert must be a string'));
     if (data.key && typeof data.key !== 'string') return next(new HttpError(400, 'key must be a string'));
     if (data.cert && !data.key) return next(new HttpError(400, 'key must be provided'));
     if (!data.cert && data.key) return next(new HttpError(400, 'cert must be provided'));
+    if ('memoryLimit' in data && typeof data.memoryLimit !== 'number') return next(new HttpError(400, 'memoryLimit is not a number'));
 
-    debug('Configuring app id:%s location:%s bindings:%j accessRestriction:%j oauthProxy:%s', req.params.id, data.location, data.portBindings, data.accessRestriction, data.oauthProxy);
+    debug('Configuring app id:%s location:%s bindings:%j accessRestriction:%j memoryLimit:%s', req.params.id, data.location, data.portBindings, data.accessRestriction, data.memoryLimit);
 
-    apps.configure(req.params.id, data.location, data.portBindings || null, data.accessRestriction, data.oauthProxy, data.cert || null, data.key || null, function (error) {
+    apps.configure(req.params.id, data.location, data.portBindings || null, data.accessRestriction, data.cert || null, data.key || null, data.memoryLimit || 0, function (error) {
         if (error && error.reason === AppsError.ALREADY_EXISTS) return next(new HttpError(409, error.message));
         if (error && error.reason === AppsError.PORT_RESERVED) return next(new HttpError(409, 'Port ' + error.message + ' is reserved.'));
         if (error && error.reason === AppsError.PORT_CONFLICT) return next(new HttpError(409, 'Port ' + error.message + ' is already in use.'));

src/routes/groups.js

@@ -0,0 +1,67 @@
+/* jslint node:true */
+
+'use strict';
+
+exports = module.exports = {
+    get: get,
+    list: list,
+    create: create,
+    remove: remove
+};
+
+var assert = require('assert'),
+    groups = require('../groups.js'),
+    HttpError = require('connect-lastmile').HttpError,
+    HttpSuccess = require('connect-lastmile').HttpSuccess,
+    groups = require('../groups.js'),
+    GroupError = groups.GroupError;
+
+function create(req, res, next) {
+    assert.strictEqual(typeof req.body, 'object');
+
+    if (typeof req.body.name !== 'string') return next(new HttpError(400, 'name must be string'));
+
+    groups.create(req.body.name, function (error, group) {
+        if (error && error.reason === GroupError.BAD_NAME) return next(new HttpError(400, error.message));
+        if (error && error.reason === GroupError.ALREADY_EXISTS) return next(new HttpError(409, 'Already exists'));
+        if (error) return next(new HttpError(500, error));
+
+        var groupInfo = {
+            id: group.id,
+            name: group.name
+        };
+
+        next(new HttpSuccess(201, groupInfo));
+    });
+}
+
+function get(req, res, next) {
+    assert.strictEqual(typeof req.params.groupId, 'string');
+
+    groups.getWithMembers(req.params.groupId, function (error, result) {
+        if (error && error.reason === GroupError.NOT_FOUND) return next(new HttpError(404, 'No such group'));
+        if (error) return next(new HttpError(500, error));
+
+        next(new HttpSuccess(200, result));
+    });
+}
+
+function list(req, res, next) {
+    groups.getAll(function (error, result) {
+        if (error) return next(new HttpError(500, error));
+
+        next(new HttpSuccess(200, { groups: result }));
+    });
+}
+
+function remove(req, res, next) {
+    assert.strictEqual(typeof req.params.groupId, 'string');
+
+    groups.remove(req.params.groupId, function (error) {
+        if (error && error.reason === GroupError.NOT_FOUND) return next(new HttpError(404, 'Group not found'));
+        if (error && error.reason === GroupError.NOT_ALLOWED) return next(new HttpError(409, 'Group deletion not allowed'));
+        if (error) return next(new HttpError(500, error));
+
+        next(new HttpSuccess(204));
+    });
+}

src/routes/index.js

@@ -2,14 +2,14 @@
 
 exports = module.exports = {
     apps: require('./apps.js'),
+    backups: require('./backups.js'),
+    clients: require('./clients.js'),
     cloudron: require('./cloudron.js'),
     developer: require('./developer.js'),
     graphs: require('./graphs.js'),
+    groups: require('./groups.js'),
+    internal: require('./internal.js'),
     oauth2: require('./oauth2.js'),
     settings: require('./settings.js'),
-    clients: require('./clients.js'),
-    backups: require('./backups.js'),
-    internal: require('./internal.js'),
     user: require('./user.js')
 };
-

src/routes/oauth2.js

@@ -375,14 +375,17 @@ var authorization = [
 
         if (type === clientdb.TYPE_ADMIN) return next();
         if (type === clientdb.TYPE_EXTERNAL) return next();
-        if (type === clientdb.TYPE_SIMPLE_AUTH) return sendError(req, res, 'Unkonwn OAuth client.');
+        if (type === clientdb.TYPE_SIMPLE_AUTH) return sendError(req, res, 'Unknown OAuth client.');
 
         appdb.get(req.oauth2.client.appId, function (error, appObject) {
             if (error) return sendErrorPageOrRedirect(req, res, 'Invalid request. Unknown app for this client_id.');
 
-            if (!apps.hasAccessTo(appObject, req.oauth2.user)) return sendErrorPageOrRedirect(req, res, 'No access to this app.');
+            apps.hasAccessTo(appObject, req.oauth2.user, function (error, access) {
+                if (error) return sendError(req, res, 'Internal error');
+                if (!access) return sendErrorPageOrRedirect(req, res, 'No access to this app.');
 
-            next();
+                next();
+            });
         });
     },
     gServer.decision({ loadTransaction: false })

src/routes/test/apps-test.js

@@ -254,7 +254,7 @@ describe('Apps', function () {
         it('app install fails - invalid location', function (done) {
             superagent.post(SERVER_URL + '/api/v1/apps/install')
                    .query({ access_token: token })
-                   .send({ appStoreId: APP_STORE_ID, manifest: APP_MANIFEST, password: PASSWORD, location: '!awesome', accessRestriction: null, oauthProxy: false })
+                   .send({ appStoreId: APP_STORE_ID, manifest: APP_MANIFEST, password: PASSWORD, location: '!awesome', accessRestriction: null })
                    .end(function (err, res) {
                 expect(res.statusCode).to.equal(400);
                 expect(res.body.message).to.eql('Hostname can only contain alphanumerics and hyphen');
@@ -265,7 +265,7 @@ describe('Apps', function () {
         it('app install fails - invalid location type', function (done) {
             superagent.post(SERVER_URL + '/api/v1/apps/install')
                    .query({ access_token: token })
-                   .send({ appStoreId: APP_STORE_ID, manifest: APP_MANIFEST, password: PASSWORD, location: 42, accessRestriction: null, oauthProxy: false })
+                   .send({ appStoreId: APP_STORE_ID, manifest: APP_MANIFEST, password: PASSWORD, location: 42, accessRestriction: null })
                    .end(function (err, res) {
                 expect(res.statusCode).to.equal(400);
                 expect(res.body.message).to.eql('location is required');
@@ -276,7 +276,7 @@ describe('Apps', function () {
         it('app install fails - reserved admin location', function (done) {
             superagent.post(SERVER_URL + '/api/v1/apps/install')
                    .query({ access_token: token })
-                   .send({ appStoreId: APP_STORE_ID, manifest: APP_MANIFEST, password: PASSWORD, location: constants.ADMIN_LOCATION, accessRestriction: null, oauthProxy: false })
+                   .send({ appStoreId: APP_STORE_ID, manifest: APP_MANIFEST, password: PASSWORD, location: constants.ADMIN_LOCATION, accessRestriction: null })
                    .end(function (err, res) {
                 expect(res.statusCode).to.equal(400);
                 expect(res.body.message).to.eql(constants.ADMIN_LOCATION + ' is reserved');
@@ -287,7 +287,7 @@ describe('Apps', function () {
         it('app install fails - reserved api location', function (done) {
             superagent.post(SERVER_URL + '/api/v1/apps/install')
                    .query({ access_token: token })
-                   .send({ appStoreId: APP_STORE_ID, manifest: APP_MANIFEST, password: PASSWORD, location: constants.API_LOCATION, accessRestriction: null, oauthProxy: true })
+                   .send({ appStoreId: APP_STORE_ID, manifest: APP_MANIFEST, password: PASSWORD, location: constants.API_LOCATION, accessRestriction: null })
                    .end(function (err, res) {
                 expect(res.statusCode).to.equal(400);
                 expect(res.body.message).to.eql(constants.API_LOCATION + ' is reserved');
@@ -298,7 +298,7 @@ describe('Apps', function () {
         it('app install fails - portBindings must be object', function (done) {
             superagent.post(SERVER_URL + '/api/v1/apps/install')
                    .query({ access_token: token })
-                   .send({ appStoreId: APP_STORE_ID, manifest: APP_MANIFEST, password: PASSWORD, location: APP_LOCATION, portBindings: 23, accessRestriction: null, oauthProxy: false })
+                   .send({ appStoreId: APP_STORE_ID, manifest: APP_MANIFEST, password: PASSWORD, location: APP_LOCATION, portBindings: 23, accessRestriction: null })
                    .end(function (err, res) {
                 expect(res.statusCode).to.equal(400);
                 expect(res.body.message).to.eql('portBindings must be an object');
@@ -309,7 +309,7 @@ describe('Apps', function () {
         it('app install fails - accessRestriction is required', function (done) {
             superagent.post(SERVER_URL + '/api/v1/apps/install')
                    .query({ access_token: token })
-                   .send({ appStoreId: APP_STORE_ID, manifest: APP_MANIFEST, password: PASSWORD, location: APP_LOCATION, portBindings: {}, oauthProxy: false })
+                   .send({ appStoreId: APP_STORE_ID, manifest: APP_MANIFEST, password: PASSWORD, location: APP_LOCATION, portBindings: {} })
                    .end(function (err, res) {
                 expect(res.statusCode).to.equal(400);
                 expect(res.body.message).to.eql('accessRestriction is required');
@@ -320,7 +320,7 @@ describe('Apps', function () {
         it('app install fails - accessRestriction type is wrong', function (done) {
             superagent.post(SERVER_URL + '/api/v1/apps/install')
                    .query({ access_token: token })
-                   .send({ appStoreId: APP_STORE_ID, manifest: APP_MANIFEST, password: PASSWORD, location: APP_LOCATION, portBindings: {}, accessRestriction: '', oauthProxy: false })
+                   .send({ appStoreId: APP_STORE_ID, manifest: APP_MANIFEST, password: PASSWORD, location: APP_LOCATION, portBindings: {}, accessRestriction: '' })
                    .end(function (err, res) {
                 expect(res.statusCode).to.equal(400);
                 expect(res.body.message).to.eql('accessRestriction is required');
@@ -331,7 +331,7 @@ describe('Apps', function () {
         it('app install fails - accessRestriction no users not allowed', function (done) {
             superagent.post(SERVER_URL + '/api/v1/apps/install')
                    .query({ access_token: token })
-                   .send({ appStoreId: APP_STORE_ID, manifest: APP_MANIFEST_1, password: PASSWORD, location: APP_LOCATION, portBindings: {}, accessRestriction: null, oauthProxy: false })
+                   .send({ appStoreId: APP_STORE_ID, manifest: APP_MANIFEST_1, password: PASSWORD, location: APP_LOCATION, portBindings: {}, accessRestriction: null })
                    .end(function (err, res) {
                 expect(res.statusCode).to.equal(400);
                 expect(res.body.message).to.eql('accessRestriction must specify one user');
@@ -342,7 +342,7 @@ describe('Apps', function () {
         it('app install fails - accessRestriction too many users not allowed', function (done) {
             superagent.post(SERVER_URL + '/api/v1/apps/install')
                    .query({ access_token: token })
-                   .send({ appStoreId: APP_STORE_ID, manifest: APP_MANIFEST_1, password: PASSWORD, location: APP_LOCATION, portBindings: {}, accessRestriction: { users: [ 'one', 'two' ] }, oauthProxy: false })
+                   .send({ appStoreId: APP_STORE_ID, manifest: APP_MANIFEST_1, password: PASSWORD, location: APP_LOCATION, portBindings: {}, accessRestriction: { users: [ 'one', 'two' ] } })
                    .end(function (err, res) {
                 expect(res.statusCode).to.equal(400);
                 expect(res.body.message).to.eql('accessRestriction must specify one user');
@@ -350,21 +350,10 @@ describe('Apps', function () {
             });
         });
 
-        it('app install fails - oauthProxy is required', function (done) {
-            superagent.post(SERVER_URL + '/api/v1/apps/install')
-                   .query({ access_token: token })
-                   .send({ appStoreId: APP_STORE_ID, manifest: APP_MANIFEST, password: PASSWORD, location: APP_LOCATION, portBindings: {}, accessRestriction: null })
-                   .end(function (err, res) {
-                expect(res.statusCode).to.equal(400);
-                expect(res.body.message).to.eql('oauthProxy must be a boolean');
-                done();
-            });
-        });
-
         it('app install fails for non admin', function (done) {
             superagent.post(SERVER_URL + '/api/v1/apps/install')
                    .query({ access_token: token_1 })
-                   .send({ appStoreId: APP_STORE_ID, manifest: APP_MANIFEST, password: PASSWORD, location: APP_LOCATION, portBindings: null, accessRestriction: null, oauthProxy: false })
+                   .send({ appStoreId: APP_STORE_ID, manifest: APP_MANIFEST, password: PASSWORD, location: APP_LOCATION, portBindings: null, accessRestriction: null })
                    .end(function (err, res) {
                 expect(res.statusCode).to.equal(403);
                 done();
@@ -376,7 +365,7 @@ describe('Apps', function () {
 
             superagent.post(SERVER_URL + '/api/v1/apps/install')
                    .query({ access_token: token })
-                   .send({ appStoreId: APP_STORE_ID, manifest: APP_MANIFEST, password: PASSWORD, location: APP_LOCATION, portBindings: null, accessRestriction: null, oauthProxy: false })
+                   .send({ appStoreId: APP_STORE_ID, manifest: APP_MANIFEST, password: PASSWORD, location: APP_LOCATION, portBindings: null, accessRestriction: null })
                    .end(function (err, res) {
                 expect(res.statusCode).to.equal(402);
                 expect(fake.isDone()).to.be.ok();
@@ -389,7 +378,7 @@ describe('Apps', function () {
 
             superagent.post(SERVER_URL + '/api/v1/apps/install')
                    .query({ access_token: token })
-                   .send({ appStoreId: APP_STORE_ID, manifest: APP_MANIFEST, password: PASSWORD, location: APP_LOCATION, portBindings: null, accessRestriction: null, oauthProxy: false })
+                   .send({ appStoreId: APP_STORE_ID, manifest: APP_MANIFEST, password: PASSWORD, location: APP_LOCATION, portBindings: null, accessRestriction: null })
                    .end(function (err, res) {
                 expect(res.statusCode).to.equal(202);
                 expect(res.body.id).to.be.a('string');
@@ -404,7 +393,7 @@ describe('Apps', function () {
 
             superagent.post(SERVER_URL + '/api/v1/apps/install')
                    .query({ access_token: token })
-                   .send({ appStoreId: APP_STORE_ID, manifest: APP_MANIFEST, password: PASSWORD, location: APP_LOCATION, portBindings: null, accessRestriction: null, oauthProxy: false })
+                   .send({ appStoreId: APP_STORE_ID, manifest: APP_MANIFEST, password: PASSWORD, location: APP_LOCATION, portBindings: null, accessRestriction: null })
                    .end(function (err, res) {
                 expect(res.statusCode).to.equal(409);
                 expect(fake.isDone()).to.be.ok();
@@ -528,7 +517,7 @@ describe('Apps', function () {
 
             superagent.post(SERVER_URL + '/api/v1/apps/install')
                    .query({ access_token: token })
-                   .send({ appStoreId: APP_STORE_ID, manifest: APP_MANIFEST, password: PASSWORD, location: APP_LOCATION_2, portBindings: null, accessRestriction: null, oauthProxy: false })
+                   .send({ appStoreId: APP_STORE_ID, manifest: APP_MANIFEST, password: PASSWORD, location: APP_LOCATION_2, portBindings: null, accessRestriction: null })
                    .end(function (err, res) {
                 expect(res.statusCode).to.equal(202);
                 expect(res.body.id).to.be.a('string');
@@ -557,7 +546,7 @@ describe('Apps', function () {
 
                     superagent.post(SERVER_URL + '/api/v1/apps/install')
                            .query({ access_token: token })
-                           .send({ appStoreId: APP_STORE_ID, manifest: APP_MANIFEST, location: APP_LOCATION+APP_LOCATION, portBindings: null, accessRestriction: null, oauthProxy: false })
+                           .send({ appStoreId: APP_STORE_ID, manifest: APP_MANIFEST, location: APP_LOCATION+APP_LOCATION, portBindings: null, accessRestriction: null })
                            .end(function (err, res) {
                         expect(res.statusCode).to.equal(202);
                         expect(res.body.id).to.be.a('string');
@@ -648,7 +637,7 @@ describe('Apps', function () {
 
             superagent.post(SERVER_URL + '/api/v1/apps/install')
                   .query({ access_token: token })
-                  .send({ appId: APP_ID, appStoreId: APP_STORE_ID, manifest: APP_MANIFEST, password: PASSWORD, location: APP_LOCATION, portBindings: null, accessRestriction: null, oauthProxy: false })
+                  .send({ appId: APP_ID, appStoreId: APP_STORE_ID, manifest: APP_MANIFEST, password: PASSWORD, location: APP_LOCATION, portBindings: null, accessRestriction: null })
                   .end(function (err, res) {
                 expect(res.statusCode).to.equal(202);
                 expect(fake.isDone()).to.be.ok();
@@ -1114,7 +1103,7 @@ describe('Apps', function () {
 
             superagent.post(SERVER_URL + '/api/v1/apps/install')
                   .query({ access_token: token })
-                  .send({ appId: APP_ID, appStoreId: APP_STORE_ID, manifest: APP_MANIFEST, password: PASSWORD, location: APP_LOCATION, portBindings: { ECHO_SERVER_PORT: 7171 }, accessRestriction: null, oauthProxy: false })
+                  .send({ appId: APP_ID, appStoreId: APP_STORE_ID, manifest: APP_MANIFEST, password: PASSWORD, location: APP_LOCATION, portBindings: { ECHO_SERVER_PORT: 7171 }, accessRestriction: null })
                   .end(function (err, res) {
                 expect(res.statusCode).to.equal(202);
                 expect(fake.isDone()).to.be.ok();
@@ -1272,7 +1261,7 @@ describe('Apps', function () {
         it('cannot reconfigure app with missing location', function (done) {
             superagent.post(SERVER_URL + '/api/v1/apps/' + APP_ID + '/configure')
                   .query({ access_token: token })
-                  .send({ appId: APP_ID, password: PASSWORD, portBindings: { ECHO_SERVER_PORT: 7172 }, accessRestriction: null, oauthProxy: true })
+                  .send({ appId: APP_ID, password: PASSWORD, portBindings: { ECHO_SERVER_PORT: 7172 }, accessRestriction: null })
                   .end(function (err, res) {
                 expect(res.statusCode).to.equal(400);
                 done();
@@ -1282,17 +1271,7 @@ describe('Apps', function () {
         it('cannot reconfigure app with missing accessRestriction', function (done) {
             superagent.post(SERVER_URL + '/api/v1/apps/' + APP_ID + '/configure')
                   .query({ access_token: token })
-                  .send({ appId: APP_ID, password: PASSWORD, location: APP_LOCATION_NEW, portBindings: { ECHO_SERVER_PORT: 7172 }, oauthProxy: false })
-                  .end(function (err, res) {
-                expect(res.statusCode).to.equal(400);
-                done();
-            });
-        });
-
-        it('cannot reconfigure app with missing oauthProxy', function (done) {
-            superagent.post(SERVER_URL + '/api/v1/apps/' + APP_ID + '/configure')
-                  .query({ access_token: token })
-                  .send({ appId: APP_ID, password: PASSWORD, location: APP_LOCATION_NEW, portBindings: { ECHO_SERVER_PORT: 7172 }, accessRestriction: null })
+                  .send({ appId: APP_ID, password: PASSWORD, location: APP_LOCATION_NEW, portBindings: { ECHO_SERVER_PORT: 7172 } })
                   .end(function (err, res) {
                 expect(res.statusCode).to.equal(400);
                 done();
@@ -1302,7 +1281,7 @@ describe('Apps', function () {
         it('cannot reconfigure app with only the cert, no key', function (done) {
             superagent.post(SERVER_URL + '/api/v1/apps/' + APP_ID + '/configure')
                   .query({ access_token: token })
-                  .send({ appId: APP_ID, password: PASSWORD, location: APP_LOCATION_NEW, portBindings: { ECHO_SERVER_PORT: 7172 }, accessRestriction: null, oauthProxy: true, cert: validCert1 })
+                  .send({ appId: APP_ID, password: PASSWORD, location: APP_LOCATION_NEW, portBindings: { ECHO_SERVER_PORT: 7172 }, accessRestriction: null, cert: validCert1 })
                   .end(function (err, res) {
                 expect(res.statusCode).to.equal(400);
                 done();
@@ -1312,7 +1291,7 @@ describe('Apps', function () {
         it('cannot reconfigure app with only the key, no cert', function (done) {
             superagent.post(SERVER_URL + '/api/v1/apps/' + APP_ID + '/configure')
                   .query({ access_token: token })
-                  .send({ appId: APP_ID, password: PASSWORD, location: APP_LOCATION_NEW, portBindings: { ECHO_SERVER_PORT: 7172 }, accessRestriction: null, oauthProxy: true, key: validKey1 })
+                  .send({ appId: APP_ID, password: PASSWORD, location: APP_LOCATION_NEW, portBindings: { ECHO_SERVER_PORT: 7172 }, accessRestriction: null, key: validKey1 })
                   .end(function (err, res) {
                 expect(res.statusCode).to.equal(400);
                 done();
@@ -1322,7 +1301,7 @@ describe('Apps', function () {
         it('cannot reconfigure app with cert not bein a string', function (done) {
             superagent.post(SERVER_URL + '/api/v1/apps/' + APP_ID + '/configure')
                   .query({ access_token: token })
-                  .send({ appId: APP_ID, password: PASSWORD, location: APP_LOCATION_NEW, portBindings: { ECHO_SERVER_PORT: 7172 }, accessRestriction: null, oauthProxy: true, cert: 1234, key: validKey1 })
+                  .send({ appId: APP_ID, password: PASSWORD, location: APP_LOCATION_NEW, portBindings: { ECHO_SERVER_PORT: 7172 }, accessRestriction: null, cert: 1234, key: validKey1 })
                   .end(function (err, res) {
                 expect(res.statusCode).to.equal(400);
                 done();
@@ -1332,7 +1311,7 @@ describe('Apps', function () {
         it('cannot reconfigure app with key not bein a string', function (done) {
             superagent.post(SERVER_URL + '/api/v1/apps/' + APP_ID + '/configure')
                   .query({ access_token: token })
-                  .send({ appId: APP_ID, password: PASSWORD, location: APP_LOCATION_NEW, portBindings: { ECHO_SERVER_PORT: 7172 }, accessRestriction: null, oauthProxy: true, cert: validCert1, key: 1234 })
+                  .send({ appId: APP_ID, password: PASSWORD, location: APP_LOCATION_NEW, portBindings: { ECHO_SERVER_PORT: 7172 }, accessRestriction: null, cert: validCert1, key: 1234 })
                   .end(function (err, res) {
                 expect(res.statusCode).to.equal(400);
                 done();
@@ -1342,7 +1321,7 @@ describe('Apps', function () {
         it('non admin cannot reconfigure app', function (done) {
             superagent.post(SERVER_URL + '/api/v1/apps/' + APP_ID + '/configure')
                   .query({ access_token: token_1 })
-                  .send({ appId: APP_ID, password: PASSWORD, location: APP_LOCATION_NEW, portBindings: { ECHO_SERVER_PORT: 7172 }, accessRestriction: null, oauthProxy: true })
+                  .send({ appId: APP_ID, password: PASSWORD, location: APP_LOCATION_NEW, portBindings: { ECHO_SERVER_PORT: 7172 }, accessRestriction: null })
                   .end(function (err, res) {
                 expect(res.statusCode).to.equal(403);
                 done();
@@ -1352,7 +1331,7 @@ describe('Apps', function () {
         it('can reconfigure app', function (done) {
             superagent.post(SERVER_URL + '/api/v1/apps/' + APP_ID + '/configure')
                   .query({ access_token: token })
-                  .send({ appId: APP_ID, password: PASSWORD, location: APP_LOCATION_NEW, portBindings: { ECHO_SERVER_PORT: 7172 }, accessRestriction: null, oauthProxy: true })
+                  .send({ appId: APP_ID, password: PASSWORD, location: APP_LOCATION_NEW, portBindings: { ECHO_SERVER_PORT: 7172 }, accessRestriction: null })
                   .end(function (err, res) {
                 expect(res.statusCode).to.equal(202);
                 checkConfigureStatus(0, done);
@@ -1436,7 +1415,7 @@ describe('Apps', function () {
         it('can reconfigure app with custom certificate', function (done) {
             superagent.post(SERVER_URL + '/api/v1/apps/' + APP_ID + '/configure')
                   .query({ access_token: token })
-                  .send({ appId: APP_ID, password: PASSWORD, location: APP_LOCATION_NEW, portBindings: { ECHO_SERVER_PORT: 7172 }, accessRestriction: null, oauthProxy: true, cert: validCert1, key: validKey1 })
+                  .send({ appId: APP_ID, password: PASSWORD, location: APP_LOCATION_NEW, portBindings: { ECHO_SERVER_PORT: 7172 }, accessRestriction: null, cert: validCert1, key: validKey1 })
                   .end(function (err, res) {
                 expect(res.statusCode).to.equal(202);
                 checkConfigureStatus(0, done);
@@ -1489,8 +1468,8 @@ describe('Apps', function () {
                    .query({ access_token: token })
                    .end(function (err, res) {
                     if (res.statusCode === 404) return done(null);
-                    if (++count > 20) return done(new Error('Timedout'));
-                    setTimeout(checkUninstallStatus, 400);
+                    if (++count > 50) return done(new Error('Timedout'));
+                    setTimeout(checkUninstallStatus, 1000);
                 });
             }
 

src/routes/test/backups-test.js

@@ -27,7 +27,7 @@ function setup(done) {
     async.series([
         server.start.bind(server),
 
-        userdb._clear,
+        database._clear,
 
         function createAdmin(callback) {
             var scope1 = nock(config.apiServerOrigin()).get('/api/v1/boxes/' + config.fqdn() + '/setup/verify?setupToken=somesetuptoken').reply(200, {});
@@ -51,7 +51,7 @@ function setup(done) {
 
         function addApp(callback) {
             var manifest = { version: '0.0.1', manifestVersion: 1, dockerImage: 'foo', healthCheckPath: '/', httpPort: 3, title: 'ok', addons: { } };
-            appdb.add('appid', 'appStoreId', manifest, 'location', [ ] /* portBindings */, null /* accessRestriction */, false /* oauthProxy */, callback);
+            appdb.add('appid', 'appStoreId', manifest, 'location', [ ] /* portBindings */, null /* accessRestriction */, 0 /* memoryLimit */, callback);
         },
 
         function createSettings(callback) {

src/routes/test/groups-test.js

@@ -0,0 +1,211 @@
+/* jslint node:true */
+/* global it:false */
+/* global describe:false */
+/* global before:false */
+/* global after:false */
+
+'use strict';
+
+var appdb = require('../../appdb.js'),
+    async = require('async'),
+    config = require('../../config.js'),
+    database = require('../../database.js'),
+    expect = require('expect.js'),
+    groups = require('../../groups.js'),
+    superagent = require('superagent'),
+    server = require('../../server.js'),
+    settings = require('../../settings.js'),
+    nock = require('nock'),
+    userdb = require('../../userdb.js');
+
+var SERVER_URL = 'http://localhost:' + config.get('port');
+
+var USERNAME = 'admin', PASSWORD = 'Foobar?1337', EMAIL ='silly@me.com';
+var token = null;
+
+var server;
+function setup(done) {
+    async.series([
+        server.start.bind(server),
+
+        database._clear,
+
+        function createAdmin(callback) {
+            var scope1 = nock(config.apiServerOrigin()).get('/api/v1/boxes/' + config.fqdn() + '/setup/verify?setupToken=somesetuptoken').reply(200, {});
+            var scope2 = nock(config.apiServerOrigin()).post('/api/v1/boxes/' + config.fqdn() + '/setup/done?setupToken=somesetuptoken').reply(201, {});
+
+            superagent.post(SERVER_URL + '/api/v1/cloudron/activate')
+                   .query({ setupToken: 'somesetuptoken' })
+                   .send({ username: USERNAME, password: PASSWORD, email: EMAIL })
+                   .end(function (error, result) {
+                expect(result).to.be.ok();
+                expect(result.statusCode).to.eql(201);
+                expect(scope1.isDone()).to.be.ok();
+                expect(scope2.isDone()).to.be.ok();
+
+                // stash token for further use
+                token = result.body.token;
+
+                callback();
+            });
+        }
+    ], done);
+}
+
+function cleanup(done) {
+    database._clear(function (error) {
+        expect(!error).to.be.ok();
+
+        server.stop(done);
+    });
+}
+
+describe('Groups API', function () {
+    before(setup);
+    after(cleanup);
+
+    describe('list', function () {
+        it('cannot get groups without token', function (done) {
+            superagent.get(SERVER_URL + '/api/v1/groups')
+                   .end(function (err, res) {
+                expect(res.statusCode).to.equal(401);
+                done();
+            });
+        });
+
+        it('can get groups', function (done) {
+            superagent.get(SERVER_URL + '/api/v1/groups')
+                   .query({ access_token: token })
+                   .end(function (err, res) {
+                expect(res.statusCode).to.equal(200);
+                expect(res.body.groups).to.be.an(Array);
+                expect(res.body.groups.length).to.be(1);
+                expect(res.body.groups[0].name).to.eql('admin');
+                done();
+            });
+        });
+    });
+
+    describe('create', function () {
+        it('fails due to mising token', function (done) {
+            superagent.post(SERVER_URL + '/api/v1/groups')
+                  .send({ name: 'externals'})
+                  .end(function (error, result) {
+                expect(result.statusCode).to.equal(401);
+                done();
+            });
+        });
+
+        it('succeeds', function (done) {
+            superagent.post(SERVER_URL + '/api/v1/groups')
+                  .query({ access_token: token })
+                  .send({ name: 'externals'})
+                  .end(function (error, result) {
+                expect(result.statusCode).to.equal(201);
+                done();
+            });
+        });
+
+        it('fails for already exists', function (done) {
+            superagent.post(SERVER_URL + '/api/v1/groups')
+                  .query({ access_token: token })
+                  .send({ name: 'externals'})
+                  .end(function (error, result) {
+                expect(result.statusCode).to.equal(409);
+                done();
+            });
+        });
+    });
+
+    describe('get', function () {
+        it('cannot get non-existing group', function (done) {
+            superagent.get(SERVER_URL + '/api/v1/groups/nope')
+                  .query({ access_token: token })
+                  .end(function (error, result) {
+                expect(result.statusCode).to.equal(404);
+                done();
+            });
+        });
+
+        it('can get existing group', function (done) {
+            superagent.get(SERVER_URL + '/api/v1/groups/admin')
+                  .query({ access_token: token })
+                  .end(function (error, result) {
+                expect(result.statusCode).to.equal(200);
+                expect(result.body.name).to.be('admin');
+                expect(result.body.userIds.length).to.be(1);
+                expect(result.body.userIds[0]).to.be(USERNAME);
+                done();
+            });
+        });
+    });
+
+    describe('remove', function () {
+        it('cannot remove without token', function (done) {
+            superagent.del(SERVER_URL + '/api/v1/groups/externals')
+                  .end(function (error, result) {
+                expect(result.statusCode).to.equal(401);
+                done();
+            });
+        });
+
+        it('can remove empty group', function (done) {
+            superagent.del(SERVER_URL + '/api/v1/groups/externals')
+                  .send({ password: PASSWORD })
+                  .query({ access_token: token })
+                  .end(function (error, result) {
+                expect(result.statusCode).to.equal(204);
+                done();
+            });
+        });
+
+        it('cannot remove non-empty group', function (done) {
+            superagent.del(SERVER_URL + '/api/v1/groups/admin')
+                  .send({ password: PASSWORD })
+                  .query({ access_token: token })
+                  .end(function (error, result) {
+                expect(result.statusCode).to.equal(409);
+                done();
+            });
+        });
+    });
+
+    describe('Set groups', function () {
+        before(function (done) {
+            async.series([
+                groups.create.bind(null, 'group0'),
+                groups.create.bind(null, 'group1')
+            ], done);
+        });
+
+        it('cannot add user to invalid group', function (done) {
+            superagent.put(SERVER_URL + '/api/v1/users/' + USERNAME + '/set_groups')
+                  .query({ access_token: token })
+                  .send({ groupIds: [ 'admin', 'something' ]})
+                  .end(function (error, result) {
+                expect(result.statusCode).to.equal(404);
+                done();
+            });
+        });
+
+        it('can add user to valid group', function (done) {
+            superagent.put(SERVER_URL + '/api/v1/users/' + USERNAME + '/set_groups')
+                  .query({ access_token: token })
+                  .send({ groupIds: [ 'admin', 'group0', 'group1' ]})
+                  .end(function (error, result) {
+                expect(result.statusCode).to.equal(204);
+                done();
+            });
+        });
+
+        it('can remove last user from admin', function (done) {
+            superagent.put(SERVER_URL + '/api/v1/users/' + USERNAME + '/set_groups')
+                  .query({ access_token: token })
+                  .send({ groupIds: [ 'group0', 'group1' ]})
+                  .end(function (error, result) {
+                expect(result.statusCode).to.equal(403); // not allowed
+                done();
+            });
+        });
+    });
+});

src/routes/test/oauth2-test.js

@@ -141,7 +141,6 @@ describe('OAuth2', function () {
             username: 'someusername',
             password: '@#45Strongpassword',
             email: 'some@email.com',
-            admin: true,
             salt: 'somesalt',
             createdAt: (new Date()).toUTCString(),
             modifiedAt: (new Date()).toUTCString(),
@@ -156,7 +155,7 @@ describe('OAuth2', function () {
             location: 'test',
             portBindings: {},
             accessRestriction: null,
-            oauthProxy: true
+            memoryLimit: 0
         };
 
         var APP_1 = {
@@ -166,7 +165,7 @@ describe('OAuth2', function () {
             location: 'test1',
             portBindings: {},
             accessRestriction: { users: [ 'foobar' ] },
-            oauthProxy: true
+            memoryLimit: 0
         };
 
         var APP_2 = {
@@ -176,7 +175,17 @@ describe('OAuth2', function () {
             location: 'test2',
             portBindings: {},
             accessRestriction: { users: [ USER_0.id ] },
-            oauthProxy: true
+            memoryLimit: 0
+        };
+
+        var APP_3 = {
+            id: 'app3',
+            appStoreId: '',
+            manifest: { version: '0.1.0', addons: { } },
+            location: 'test3',
+            portBindings: {},
+            accessRestriction: { groups: [ 'someothergroup', 'admin', 'anothergroup' ] },
+            memoryLimit: 0
         };
 
         // unknown app
@@ -269,6 +278,16 @@ describe('OAuth2', function () {
             scope: 'profile'
         };
 
+        // app with accessRestriction allowing group
+        var CLIENT_9 = {
+            id: 'cid-client9',
+            appId: APP_3.id,
+            type: clientdb.TYPE_OAUTH,
+            clientSecret: 'secret9',
+            redirectURI: 'http://redirect9',
+            scope: 'profile'
+        };
+
         // make csrf always succeed for testing
         oauth2.csrf = function (req, res, next) {
             req.csrfToken = function () { return hat(256); };
@@ -288,11 +307,13 @@ describe('OAuth2', function () {
                 clientdb.add.bind(null, CLIENT_6.id, CLIENT_6.appId, CLIENT_6.type, CLIENT_6.clientSecret, CLIENT_6.redirectURI, CLIENT_6.scope),
                 clientdb.add.bind(null, CLIENT_7.id, CLIENT_7.appId, CLIENT_7.type, CLIENT_7.clientSecret, CLIENT_7.redirectURI, CLIENT_7.scope),
                 clientdb.add.bind(null, CLIENT_8.id, CLIENT_8.appId, CLIENT_8.type, CLIENT_8.clientSecret, CLIENT_8.redirectURI, CLIENT_8.scope),
-                appdb.add.bind(null, APP_0.id, APP_0.appStoreId, APP_0.manifest, APP_0.location, APP_0.portBindings, APP_0.accessRestriction, APP_0.oauthProxy),
-                appdb.add.bind(null, APP_1.id, APP_1.appStoreId, APP_1.manifest, APP_1.location, APP_1.portBindings, APP_1.accessRestriction, APP_1.oauthProxy),
-                appdb.add.bind(null, APP_2.id, APP_2.appStoreId, APP_2.manifest, APP_2.location, APP_2.portBindings, APP_2.accessRestriction, APP_2.oauthProxy),
+                clientdb.add.bind(null, CLIENT_9.id, CLIENT_9.appId, CLIENT_9.type, CLIENT_9.clientSecret, CLIENT_9.redirectURI, CLIENT_9.scope),
+                appdb.add.bind(null, APP_0.id, APP_0.appStoreId, APP_0.manifest, APP_0.location, APP_0.portBindings, APP_0.accessRestriction, APP_0.memoryLimit),
+                appdb.add.bind(null, APP_1.id, APP_1.appStoreId, APP_1.manifest, APP_1.location, APP_1.portBindings, APP_1.accessRestriction, APP_1.memoryLimit),
+                appdb.add.bind(null, APP_2.id, APP_2.appStoreId, APP_2.manifest, APP_2.location, APP_2.portBindings, APP_2.accessRestriction, APP_2.memoryLimit),
+                appdb.add.bind(null, APP_3.id, APP_3.appStoreId, APP_3.manifest, APP_3.location, APP_3.portBindings, APP_3.accessRestriction, APP_3.memoryLimit),
                 function (callback) {
-                    user.create(USER_0.username, USER_0.password, USER_0.email, USER_0.displayName, true, '', false, function (error, userObject) {
+                    user.create(USER_0.username, USER_0.password, USER_0.email, USER_0.displayName, function (error, userObject) {
                         expect(error).to.not.be.ok();
 
                         // update the global objects to reflect the new user id
@@ -778,7 +799,7 @@ describe('OAuth2', function () {
                         expect(error).to.not.be.ok();
                         expect(response.statusCode).to.eql(200);
                         expect(body.indexOf('<!-- error tester -->')).to.not.equal(-1);
-                        expect(body.indexOf('Unkonwn OAuth client.')).to.not.equal(-1);
+                        expect(body.indexOf('Unknown OAuth client.')).to.not.equal(-1);
 
                         done();
                     });
@@ -802,6 +823,21 @@ describe('OAuth2', function () {
                 });
             });
 
+            it('fails for grant type code with accessRestriction (group)', function (done) { // USER_0 is not an admin
+                startAuthorizationFlow(CLIENT_9, 'code', function (jar) {
+                    var url = SERVER_URL + '/api/v1/oauth/dialog/authorize?redirect_uri=' + CLIENT_9.redirectURI + '&client_id=' + CLIENT_9.id + '&response_type=code';
+
+                    request.get(url, { jar: jar, followRedirect: false }, function (error, response, body) {
+                        expect(error).to.not.be.ok();
+                        expect(response.statusCode).to.eql(200);
+                        expect(body.indexOf('<!-- error tester -->')).to.not.equal(-1);
+                        expect(body.indexOf('No access to this app.')).to.not.equal(-1);
+
+                        done();
+                    });
+                });
+            });
+
             it('fails for grant type token due to accessRestriction', function (done) {
                 startAuthorizationFlow(CLIENT_6, 'token', function (jar) {
                     var url = SERVER_URL + '/api/v1/oauth/dialog/authorize?redirect_uri=' + CLIENT_6.redirectURI + '&client_id=' + CLIENT_6.id + '&response_type=token';
@@ -825,7 +861,7 @@ describe('OAuth2', function () {
                         expect(error).to.not.be.ok();
                         expect(response.statusCode).to.eql(200);
                         expect(body.indexOf('<!-- error tester -->')).to.not.equal(-1);
-                        expect(body.indexOf('Unkonwn OAuth client.')).to.not.equal(-1);
+                        expect(body.indexOf('Unknown OAuth client.')).to.not.equal(-1);
 
                         done();
                     });

src/routes/test/settings-test.js

@@ -56,7 +56,7 @@ function setup(done) {
 
         function addApp(callback) {
             var manifest = { version: '0.0.1', manifestVersion: 1, dockerImage: 'foo', healthCheckPath: '/', httpPort: 3, title: 'ok' };
-            appdb.add('appid', 'appStoreId', manifest, 'location', [ ] /* portBindings */, null /* accessRestriction */, false /* oauthProxy */, callback);
+            appdb.add('appid', 'appStoreId', manifest, 'location', [ ] /* portBindings */, null /* accessRestriction */, 0 /* memoryLimit */, callback);
         }
     ], done);
 }

src/routes/test/simpleauth-test.js

@@ -30,7 +30,7 @@ describe('SimpleAuth API', function () {
         location: 'test0',
         portBindings: {},
         accessRestriction: { users: [ 'foobar', 'someone'] },
-        oauthProxy: true
+        memoryLimit: 0
     };
 
     var APP_1 = {
@@ -40,7 +40,7 @@ describe('SimpleAuth API', function () {
         location: 'test1',
         portBindings: {},
         accessRestriction: { users: [ 'foobar', USERNAME, 'someone' ] },
-        oauthProxy: true
+        memoryLimit: 0
     };
 
     var APP_2 = {
@@ -50,7 +50,17 @@ describe('SimpleAuth API', function () {
         location: 'test2',
         portBindings: {},
         accessRestriction: null,
-        oauthProxy: true
+        memoryLimit: 0
+    };
+
+    var APP_3 = {
+        id: 'app3',
+        appStoreId: '',
+        manifest: { version: '0.1.0', addons: { } },
+        location: 'test3',
+        portBindings: {},
+        accessRestriction: { groups: [ 'someothergroup', 'admin', 'anothergroup' ] },
+        memoryLimit: 0
     };
 
     var CLIENT_0 = {
@@ -98,6 +108,15 @@ describe('SimpleAuth API', function () {
         scope: 'user,profile'
     };
 
+    var CLIENT_5 = {
+        id: 'someclientid5',
+        appId: APP_3.id,
+        type: clientdb.TYPE_SIMPLE_AUTH,
+        clientSecret: 'someclientsecret5',
+        redirectURI: '',
+        scope: 'user,profile'
+    };
+
     before(function (done) {
         async.series([
             server.start.bind(server),
@@ -128,9 +147,11 @@ describe('SimpleAuth API', function () {
             clientdb.add.bind(null, CLIENT_2.id, CLIENT_2.appId, CLIENT_2.type, CLIENT_2.clientSecret, CLIENT_2.redirectURI, CLIENT_2.scope),
             clientdb.add.bind(null, CLIENT_3.id, CLIENT_3.appId, CLIENT_3.type, CLIENT_3.clientSecret, CLIENT_3.redirectURI, CLIENT_3.scope),
             clientdb.add.bind(null, CLIENT_4.id, CLIENT_4.appId, CLIENT_4.type, CLIENT_4.clientSecret, CLIENT_4.redirectURI, CLIENT_4.scope),
-            appdb.add.bind(null, APP_0.id, APP_0.appStoreId, APP_0.manifest, APP_0.location, APP_0.portBindings, APP_0.accessRestriction, APP_0.oauthProxy),
-            appdb.add.bind(null, APP_1.id, APP_1.appStoreId, APP_1.manifest, APP_1.location, APP_1.portBindings, APP_1.accessRestriction, APP_1.oauthProxy),
-            appdb.add.bind(null, APP_2.id, APP_2.appStoreId, APP_2.manifest, APP_2.location, APP_2.portBindings, APP_2.accessRestriction, APP_2.oauthProxy)
+            clientdb.add.bind(null, CLIENT_5.id, CLIENT_5.appId, CLIENT_5.type, CLIENT_5.clientSecret, CLIENT_5.redirectURI, CLIENT_5.scope),
+            appdb.add.bind(null, APP_0.id, APP_0.appStoreId, APP_0.manifest, APP_0.location, APP_0.portBindings, APP_0.accessRestriction, APP_0.memoryLimit),
+            appdb.add.bind(null, APP_1.id, APP_1.appStoreId, APP_1.manifest, APP_1.location, APP_1.portBindings, APP_1.accessRestriction, APP_1.memoryLimit),
+            appdb.add.bind(null, APP_2.id, APP_2.appStoreId, APP_2.manifest, APP_2.location, APP_2.portBindings, APP_2.accessRestriction, APP_2.memoryLimit),
+            appdb.add.bind(null, APP_3.id, APP_3.appStoreId, APP_3.manifest, APP_3.location, APP_3.portBindings, APP_3.accessRestriction, APP_3.memoryLimit)
         ], done);
     });
 
@@ -333,6 +354,37 @@ describe('SimpleAuth API', function () {
             });
         });
 
+        it('succeeds for app with group accessRestriction', function (done) {
+            var body = {
+                clientId: CLIENT_5.id,
+                username: USERNAME,
+                password: PASSWORD
+            };
+
+            superagent.post(SIMPLE_AUTH_ORIGIN + '/api/v1/login')
+            .send(body)
+            .end(function (error, result) {
+                expect(error).to.be(null);
+                expect(result.statusCode).to.equal(200);
+                expect(result.body.accessToken).to.be.a('string');
+                expect(result.body.user).to.be.an('object');
+                expect(result.body.user.id).to.be.a('string');
+                expect(result.body.user.username).to.be.a('string');
+                expect(result.body.user.email).to.be.a('string');
+                expect(result.body.user.admin).to.be.a('boolean');
+
+                superagent.get(SERVER_URL + '/api/v1/profile')
+                .query({ access_token: result.body.accessToken })
+                .end(function (error, result) {
+                    expect(error).to.be(null);
+                    expect(result.body).to.be.an('object');
+                    expect(result.body.username).to.eql(USERNAME);
+
+                    done();
+                });
+            });
+        });
+
         it('fails for wrong client credentials', function (done) {
             var body = {
                 clientId: CLIENT_4.id,

src/routes/test/user-test.js

@@ -10,6 +10,7 @@ var config = require('../../config.js'),
     database = require('../../database.js'),
     tokendb = require('../../tokendb.js'),
     expect = require('expect.js'),
+    groups = require('../../groups.js'),
     mailer = require('../../mailer.js'),
     superagent = require('superagent'),
     nock = require('nock'),
@@ -30,7 +31,11 @@ function setup(done) {
 
         mailer._clearMailQueue();
 
-        userdb._clear(done);
+        userdb._clear(function (error) {
+            expect(error).to.eql(null);
+
+            groups.create('somegroupid', done);
+        });
     });
 }
 
@@ -272,53 +277,48 @@ describe('User API', function () {
     });
 
     it('set second user as admin succeeds', function (done) {
-        // TODO is USERNAME_1 in body and url redundant?
-        superagent.post(SERVER_URL + '/api/v1/users/' + USERNAME_1 + '/admin')
+        superagent.put(SERVER_URL + '/api/v1/users/' + USERNAME_1 + '/set_groups')
                .query({ access_token: token })
-               .send({ username: USERNAME_1, admin: true })
+               .send({ groupIds: [ groups.ADMIN_GROUP_ID ] })
                .end(function (err, res) {
             expect(res.statusCode).to.equal(204);
-            done();
+
+            superagent.get(SERVER_URL + '/api/v1/users/' + USERNAME_1)
+               .query({ access_token: token })
+               .end(function (err, res) {
+                expect(res.statusCode).to.equal(200);
+                expect(res.body.admin).to.equal(true);
+
+                done();
+            });
         });
     });
 
-    it('remove first user from admins succeeds', function (done) {
-        superagent.post(SERVER_URL + '/api/v1/users/' + USERNAME_0 + '/admin')
-               .query({ access_token: token_1 })
-               .send({ username: USERNAME_0, admin: false })
-               .end(function (err, res) {
-            expect(res.statusCode).to.equal(204);
-            done();
-        });
-    });
-
-    it('remove second user by first, now normal, user fails', function (done) {
-        superagent.del(SERVER_URL + '/api/v1/users/' + USERNAME_1)
+    it('remove itself from admins fails', function (done) {
+        superagent.put(SERVER_URL + '/api/v1/users/' + USERNAME_0 + '/set_groups')
                .query({ access_token: token })
-               .send({ password: PASSWORD })
+               .send({ groupIds: [ 'somegroupid' ] })
                .end(function (err, res) {
             expect(res.statusCode).to.equal(403);
             done();
         });
     });
 
-    it('remove second user from admins and thus last admin fails', function (done) {
-        superagent.post(SERVER_URL + '/api/v1/users/' + USERNAME_1 + '/admin')
-               .query({ access_token: token_1 })
-               .send({ username: USERNAME_1, admin: false })
-               .end(function (err, res) {
-            expect(res.statusCode).to.equal(403);
-            done();
-        });
-    });
-
-    it('reset first user as admin succeeds', function (done) {
-        superagent.post(SERVER_URL + '/api/v1/users/' + USERNAME_0 + '/admin')
-               .query({ access_token: token_1 })
-               .send({ username: USERNAME_0, admin: true })
+    it('remove second user from admins succeeds', function (done) {
+        superagent.put(SERVER_URL + '/api/v1/users/' + USERNAME_1 + '/set_groups')
+               .query({ access_token: token })
+               .send({ groupIds: [ 'somegroupid' ] })
                .end(function (err, res) {
             expect(res.statusCode).to.equal(204);
-            done();
+
+            superagent.get(SERVER_URL + '/api/v1/users/' + USERNAME_1)
+               .query({ access_token: token })
+               .end(function (err, res) {
+                expect(res.statusCode).to.equal(200);
+                expect(res.body.admin).to.equal(false);
+
+                done();
+            });
         });
     });
 
@@ -432,7 +432,7 @@ describe('User API', function () {
     });
 
     it('admin cannot remove normal user without giving a password', function (done) {
-        superagent.del(SERVER_URL + '/api/v1/users/' + USERNAME_3)
+        superagent.del(SERVER_URL + '/api/v1/users/' + USERNAME_1)
                .query({ access_token: token })
                .end(function (err, res) {
             expect(res.statusCode).to.equal(400);
@@ -441,7 +441,7 @@ describe('User API', function () {
     });
 
     it('admin cannot remove normal user with empty password', function (done) {
-        superagent.del(SERVER_URL + '/api/v1/users/' + USERNAME_3)
+        superagent.del(SERVER_URL + '/api/v1/users/' + USERNAME_1)
                .query({ access_token: token })
                .send({ password: '' })
                .end(function (err, res) {
@@ -451,7 +451,7 @@ describe('User API', function () {
     });
 
     it('admin cannot remove normal user with giving wrong password', function (done) {
-        superagent.del(SERVER_URL + '/api/v1/users/' + USERNAME_3)
+        superagent.del(SERVER_URL + '/api/v1/users/' + USERNAME_1)
                .query({ access_token: token })
                .send({ password: PASSWORD + PASSWORD })
                .end(function (err, res) {
@@ -461,7 +461,7 @@ describe('User API', function () {
     });
 
     it('admin removes normal user', function (done) {
-        superagent.del(SERVER_URL + '/api/v1/users/' + USERNAME_3)
+        superagent.del(SERVER_URL + '/api/v1/users/' + USERNAME_1)
                .query({ access_token: token })
                .send({ password: PASSWORD })
                .end(function (err, res) {

src/routes/user.js

@@ -9,15 +9,16 @@ exports = module.exports = {
     list: listUser,
     create: createUser,
     changePassword: changePassword,
-    changeAdmin: changeAdmin,
     remove: removeUser,
     verifyPassword: verifyPassword,
     requireAdmin: requireAdmin,
-    sendInvite: sendInvite
+    sendInvite: sendInvite,
+    setGroups: setGroups
 };
 
 var assert = require('assert'),
     generatePassword = require('../password.js').generate,
+    groups = require('../groups.js'),
     HttpError = require('connect-lastmile').HttpError,
     HttpSuccess = require('connect-lastmile').HttpSuccess,
     user = require('../user.js'),
@@ -34,11 +35,18 @@ function profile(req, res, next) {
     if (req.user.tokenType === tokendb.TYPE_USER || req.user.tokenType === tokendb.TYPE_DEV) {
         result.username = req.user.username;
         result.email = req.user.email;
-        result.admin = req.user.admin;
         result.displayName = req.user.displayName;
-    }
 
-    next(new HttpSuccess(200, result));
+        groups.isMember(groups.ADMIN_GROUP_ID, req.user.id, function (error, isAdmin) {
+            if (error) return next(new HttpError(500, error));
+
+            result.admin = isAdmin;
+
+            next(new HttpSuccess(200, result));
+        });
+    } else {
+        next(new HttpSuccess(200, result));
+    }
 }
 
 function createUser(req, res, next) {
@@ -55,7 +63,7 @@ function createUser(req, res, next) {
     var sendInvite = req.body.invite;
     var displayName = req.body.displayName || '';
 
-    user.create(username, password, email, displayName, false /* admin */, req.user /* creator */, sendInvite, function (error, user) {
+    user.create(username, password, email, displayName, { invitor: req.user, sendInvite: sendInvite }, function (error, user) {
         if (error && error.reason === UserError.BAD_USERNAME) return next(new HttpError(400, 'Invalid username'));
         if (error && error.reason === UserError.BAD_EMAIL) return next(new HttpError(400, 'Invalid email'));
         if (error && error.reason === UserError.BAD_PASSWORD) return next(new HttpError(400, 'Invalid password'));
@@ -99,20 +107,6 @@ function update(req, res, next) {
     });
 }
 
-function changeAdmin(req, res, next) {
-    assert.strictEqual(typeof req.body, 'object');
-
-    if (typeof req.body.username !== 'string') return next(new HttpError(400, 'API call requires a username.'));
-    if (typeof req.body.admin !== 'boolean') return next(new HttpError(400, 'API call requires an admin setting.'));
-
-    user.changeAdmin(req.body.username, req.body.admin, function (error) {
-        if (error && error.reason === UserError.NOT_ALLOWED) return next(new HttpError(403, 'Last admin'));
-        if (error) return next(new HttpError(500, error));
-
-        next(new HttpSuccess(204));
-    });
-}
-
 function changePassword(req, res, next) {
     assert.strictEqual(typeof req.body, 'object');
     assert.strictEqual(typeof req.user, 'object');
@@ -146,13 +140,17 @@ function info(req, res, next) {
         if (error && error.reason === UserError.NOT_FOUND) return next(new HttpError(404, 'No such user'));
         if (error) return next(new HttpError(500, error));
 
-        next(new HttpSuccess(200, {
-            id: result.id,
-            username: result.username,
-            email: result.email,
-            admin: result.admin,
-            displayName: result.displayName
-        }));
+        groups.isMember(groups.ADMIN_GROUP_ID, req.params.userId, function (error, isAdmin) {
+            if (error) return next(new HttpError(500, error));
+
+            next(new HttpSuccess(200, {
+                id: result.id,
+                username: result.username,
+                email: result.email,
+                admin: isAdmin,
+                displayName: result.displayName
+            }));
+        });
     });
 }
 
@@ -182,15 +180,19 @@ function verifyPassword(req, res, next) {
 
     if (typeof req.body.password !== 'string') return next(new HttpError(400, 'API call requires user password'));
 
-    // Only allow admins or users, operating on themselves
-    if (req.params.userId && !(req.user.id === req.params.userId || req.user.admin)) return next(new HttpError(403, 'Not allowed'));
-
-    user.verify(req.user.username, req.body.password, function (error) {
-        if (error && error.reason === UserError.WRONG_PASSWORD) return next(new HttpError(403, 'Password incorrect'));
-        if (error && error.reason === UserError.NOT_FOUND) return next(new HttpError(403, 'Password incorrect'));
+    groups.isMember(groups.ADMIN_GROUP_ID, req.user.id, function (error, isAdmin) {
         if (error) return next(new HttpError(500, error));
 
-        next();
+        // Only allow admins or users, operating on themselves
+        if (req.params.userId && !(req.user.id === req.params.userId || isAdmin)) return next(new HttpError(403, 'Not allowed'));
+
+        user.verify(req.user.username, req.body.password, function (error) {
+            if (error && error.reason === UserError.WRONG_PASSWORD) return next(new HttpError(403, 'Password incorrect'));
+            if (error && error.reason === UserError.NOT_FOUND) return next(new HttpError(403, 'Password incorrect'));
+            if (error) return next(new HttpError(500, error));
+
+            next();
+        });
     });
 }
 
@@ -200,9 +202,15 @@ function verifyPassword(req, res, next) {
 function requireAdmin(req, res, next) {
     assert.strictEqual(typeof req.user, 'object');
 
-    if (!req.user.admin) return next(new HttpError(403, 'API call requires admin rights.'));
+    groups.isMember(groups.ADMIN_GROUP_ID, req.user.id, function (error, isAdmin) {
+        if (error) return next(new HttpError(500, error));
 
-    next();
+        if (!isAdmin) return next(new HttpError(403, 'API call requires admin rights.'));
+
+        req.user.admin = true;
+
+        next();
+    });
 }
 
 function sendInvite(req, res, next) {
@@ -215,3 +223,20 @@ function sendInvite(req, res, next) {
         next(new HttpSuccess(200, {}));
     });
 }
+
+function setGroups(req, res, next) {
+    assert.strictEqual(typeof req.body, 'object');
+    assert.strictEqual(typeof req.params.userId, 'string');
+
+    if (!Array.isArray(req.body.groupIds)) return next(new HttpError(400, 'API call requires a groups array.'));
+
+    // this route is only allowed for admins, so req.user has to be an admin
+    if (req.user.id === req.params.userId && req.body.groupIds.indexOf(groups.ADMIN_GROUP_ID) === -1) return next(new HttpError(403, 'Admin removing itself from admins is not allowed'));
+
+    user.setGroups(req.params.userId, req.body.groupIds, function (error) {
+        if (error && error.reason === UserError.NOT_FOUND) return next(new HttpError(404, 'One or more groups not found'));
+        if (error) return next(new HttpError(500, error));
+
+        next(new HttpSuccess(204));
+    });
+}

src/server.js

@@ -40,7 +40,7 @@ function initializeExpressSync() {
         urlencoded = middleware.urlencoded({ extended: false, limit: QUERY_LIMIT }); // application/x-www-form-urlencoded
 
     app.set('views', path.join(__dirname, 'oauth2views'));
-    app.set('view options', { layout: true, debug: true });
+    app.set('view options', { layout: true, debug: false });
     app.set('view engine', 'ejs');
 
     if (process.env.BOX_ENV !== 'test') app.use(middleware.morgan('Box :method :url :status :response-time ms - :res[content-length]', { immediate: false }));
@@ -106,9 +106,15 @@ function initializeExpressSync() {
     router.put ('/api/v1/users/:userId', usersScope, routes.user.verifyPassword, routes.user.update);
     router.del ('/api/v1/users/:userId', usersScope, routes.user.requireAdmin, routes.user.verifyPassword, routes.user.remove);
     router.post('/api/v1/users/:userId/password', usersScope, routes.user.changePassword); // changePassword verifies password
-    router.post('/api/v1/users/:userId/admin', usersScope, routes.user.requireAdmin, routes.user.changeAdmin);
+    router.put ('/api/v1/users/:userId/set_groups', usersScope, routes.user.requireAdmin, routes.user.setGroups);
     router.post('/api/v1/users/:userId/invite', usersScope, routes.user.requireAdmin, routes.user.sendInvite);
 
+    // Group management
+    router.get ('/api/v1/groups', usersScope, routes.groups.list);
+    router.post('/api/v1/groups', usersScope, routes.user.requireAdmin, routes.groups.create);
+    router.get ('/api/v1/groups/:groupId', usersScope, routes.groups.get);
+    router.del ('/api/v1/groups/:groupId', usersScope, routes.user.requireAdmin, routes.user.verifyPassword, routes.groups.remove);
+
     // form based login routes used by oauth2 frame
     router.get ('/api/v1/session/login', csrf, routes.oauth2.loginForm);
     router.post('/api/v1/session/login', csrf, routes.oauth2.login);

src/simpleauth.js

@@ -45,17 +45,20 @@ function loginLogic(clientId, username, password, callback) {
             apps.get(clientObject.appId, function (error, appObject) {
                 if (error) return callback(error);
 
-                if (!apps.hasAccessTo(appObject, userObject)) return callback(new AppsError(AppsError.ACCESS_DENIED));
-
-                var accessToken = tokendb.generateToken();
-                var expires = Date.now() + 24 * 60 * 60 * 1000; // 1 day
-
-                tokendb.add(accessToken, tokendb.PREFIX_USER + userObject.id, clientId, expires, clientObject.scope, function (error) {
+                apps.hasAccessTo(appObject, userObject, function (error, access) {
                     if (error) return callback(error);
+                    if (!access) return callback(new AppsError(AppsError.ACCESS_DENIED));
 
-                    debug('login: new access token for client %s and user %s: %s', clientId, username, accessToken);
+                    var accessToken = tokendb.generateToken();
+                    var expires = Date.now() + 24 * 60 * 60 * 1000; // 1 day
 
-                    callback(null, { accessToken: accessToken, user: userObject });
+                    tokendb.add(accessToken, tokendb.PREFIX_USER + userObject.id, clientId, expires, clientObject.scope, function (error) {
+                        if (error) return callback(error);
+
+                        debug('login: new access token for client %s and user %s: %s', clientId, username, accessToken);
+
+                        callback(null, { accessToken: accessToken, user: userObject });
+                    });
                 });
             });
         });

src/taskmanager.js

@@ -4,6 +4,8 @@ exports = module.exports = {
     initialize: initialize,
     uninitialize: uninitialize,
 
+    stopAppTask: stopAppTask,
+    startAppTask: startAppTask,
     restartAppTask: restartAppTask,
 
     stopPendingTasks: stopPendingTasks,
@@ -17,6 +19,7 @@ var appdb = require('./appdb.js'),
     cloudron = require('./cloudron.js'),
     debug = require('debug')('box:taskmanager'),
     locker = require('./locker.js'),
+    util = require('util'),
     _ = require('underscore');
 
 var gActiveTasks = { };
@@ -80,7 +83,7 @@ function resumeTasks(callback) {
             if (app.installationState === appdb.ISTATE_INSTALLED && app.runState === appdb.RSTATE_RUNNING) return;
 
             debug('Creating process for %s (%s) with state %s', app.location, app.id, app.installationState);
-            startAppTask(app.id);
+            startAppTask(app.id, NOOP_CALLBACK);
         });
 
         callback(null);
@@ -92,17 +95,21 @@ function startNextTask() {
 
     assert(Object.keys(gActiveTasks).length < TASK_CONCURRENCY);
 
-    startAppTask(gPendingTasks.shift());
+    startAppTask(gPendingTasks.shift(), NOOP_CALLBACK);
 }
 
-function startAppTask(appId) {
+function startAppTask(appId, callback) {
     assert.strictEqual(typeof appId, 'string');
-    assert(!(appId in gActiveTasks));
+    assert.strictEqual(typeof callback, 'function');
+
+    if (appId in gActiveTasks) {
+        return callback(new Error(util.format('Task for %s is already active', appId)));
+    }
 
     if (Object.keys(gActiveTasks).length >= TASK_CONCURRENCY) {
         debug('Reached concurrency limit, queueing task for %s', appId);
         gPendingTasks.push(appId);
-        return;
+        return callback();
     }
 
     var lockError = locker.recursiveLock(locker.OP_APPTASK);
@@ -110,7 +117,7 @@ function startAppTask(appId) {
     if (lockError) {
         debug('Locked for another operation, queueing task for %s', appId);
         gPendingTasks.push(appId);
-        return;
+        return callback();
     }
 
     // when parent process dies, apptask processes are killed because KillMode=control-group in systemd unit file
@@ -128,6 +135,8 @@ function startAppTask(appId) {
         delete gActiveTasks[appId];
         locker.unlock(locker.OP_APPTASK); // unlock event will trigger next task
     });
+
+    callback();
 }
 
 function stopAppTask(appId, callback) {
@@ -137,7 +146,7 @@ function stopAppTask(appId, callback) {
     if (gActiveTasks[appId]) {
         debug('stopAppTask : Killing existing task of %s with pid %s', appId, gActiveTasks[appId].pid);
         gActiveTasks[appId].once('exit', function () { callback(); });
-        gActiveTasks[appId].kill(); // this will end up calling the 'exit' handler
+        gActiveTasks[appId].kill('SIGKILL'); // this will end up calling the 'exit' handler
         return;
     }
 

src/test/apps-test.js

@@ -37,14 +37,14 @@ describe('Apps', function () {
         portBindings: { PORT: 5678 },
         healthy: null,
         accessRestriction: null,
-        oauthProxy: false
+        memoryLimit: 0
     };
 
     before(function (done) {
         async.series([
             database.initialize,
             database._clear,
-            appdb.add.bind(null, APP_0.id, APP_0.appStoreId, APP_0.manifest, APP_0.location, APP_0.portBindings, APP_0.accessRestriction, APP_0.oauthProxy)
+            appdb.add.bind(null, APP_0.id, APP_0.appStoreId, APP_0.manifest, APP_0.location, APP_0.portBindings, APP_0.accessRestriction, APP_0.memoryLimit)
         ], done);
     });
 
@@ -125,6 +125,7 @@ describe('Apps', function () {
                 expect(app).to.be.ok();
                 expect(app.iconUrl).to.be(null);
                 expect(app.fqdn).to.eql(APP_0.location + '-' + config.fqdn());
+                expect(app.memoryLimit).to.eql(0);
                 done();
             });
         });
@@ -182,24 +183,61 @@ describe('Apps', function () {
     });
 
     describe('hasAccessTo', function () {
-        it('returns true for unrestricted access', function () {
-            expect(apps.hasAccessTo({ accessRestriction: null }, { id: 'someuser' })).to.equal(true);
+        it('returns true for unrestricted access', function (done) {
+            apps.hasAccessTo({ accessRestriction: null }, { id: 'someuser' }, function (error, access) {
+                expect(error).to.be(null);
+                expect(access).to.be(true);
+                done();
+            });
         });
 
-        it('returns true for allowed user', function () {
-            expect(apps.hasAccessTo({ accessRestriction: { users: [ 'someuser' ] } }, { id: 'someuser' })).to.equal(true);
+        it('returns true for allowed user', function (done) {
+            apps.hasAccessTo({ accessRestriction: { users: [ 'someuser' ] } }, { id: 'someuser' }, function (error, access) {
+                expect(error).to.be(null);
+                expect(access).to.be(true);
+                done();
+            });
         });
 
-        it('returns true for allowed user with multiple allowed', function () {
-            expect(apps.hasAccessTo({ accessRestriction: { users: [ 'foo', 'someuser', 'anotheruser' ] } }, { id: 'someuser' })).to.equal(true);
+        it('returns true for allowed user with multiple allowed', function (done) {
+            apps.hasAccessTo({ accessRestriction: { users: [ 'foo', 'someuser', 'anotheruser' ] } }, { id: 'someuser' }, function (error, access) {
+                expect(error).to.be(null);
+                expect(access).to.be(true);
+                done();
+            });
         });
 
-        it('returns false for not allowed user', function () {
-            expect(apps.hasAccessTo({ accessRestriction: { users: [ 'foo' ] } }, { id: 'someuser' })).to.equal(false);
+        it('returns false for not allowed user', function (done) {
+            apps.hasAccessTo({ accessRestriction: { users: [ 'foo' ] } }, { id: 'someuser' }, function (error, access) {
+                expect(error).to.be(null);
+                expect(access).to.be(false);
+                done();
+            });
         });
 
-        it('returns false for not allowed user with multiple allowed', function () {
-            expect(apps.hasAccessTo({ accessRestriction: { users: [ 'foo', 'anotheruser' ] } }, { id: 'someuser' })).to.equal(false);
+        it('returns false for not allowed user with multiple allowed', function (done) {
+            apps.hasAccessTo({ accessRestriction: { users: [ 'foo', 'anotheruser' ] } }, { id: 'someuser' }, function (error, access) {
+                expect(error).to.be(null);
+                expect(access).to.be(false);
+                done();
+            });
         });
+
+        it('returns false for no group or user', function (done) {
+            apps.hasAccessTo({ accessRestriction: { users: [ ], groups: [ ] } }, { id: 'someuser' }, function (error, access) {
+                expect(error).to.be(null);
+                expect(access).to.be(false);
+                done();
+            });
+        });
+
+        it('returns false for invalid group or user', function (done) {
+            apps.hasAccessTo({ accessRestriction: { users: [ ], groups: [ 'nop' ] } }, { id: 'someuser' }, function (error, access) {
+                expect(error).to.be(null);
+                expect(access).to.be(false);
+                done();
+            });
+        });
+
     });
 });

src/test/apptask-test.js

@@ -60,8 +60,8 @@ var APP = {
     httpPort: 4567,
     portBindings: null,
     accessRestriction: null,
-    oauthProxy: false,
-    dnsRecordId: 'someDnsRecordId'
+    dnsRecordId: 'someDnsRecordId',
+    memoryLimit: 0
 };
 
  var awsHostedZones = {
@@ -84,7 +84,7 @@ describe('apptask', function () {
         config.set('version', '0.5.0');
         async.series([
             database.initialize,
-            appdb.add.bind(null, APP.id, APP.appStoreId, APP.manifest, APP.location, APP.portBindings, APP.accessRestriction, APP.oauthProxy),
+            appdb.add.bind(null, APP.id, APP.appStoreId, APP.manifest, APP.location, APP.portBindings, APP.accessRestriction, APP.memoryLimit),
             settings.setDnsConfig.bind(null, { provider: 'route53', accessKeyId: 'accessKeyId', secretAccessKey: 'secretAccessKey', endpoint: 'http://localhost:5353' }),
             settings.setTlsConfig.bind(null, { provider: 'caas' })
         ], done);

src/test/database-test.js

@@ -16,7 +16,8 @@ var appdb = require('../appdb.js'),
     async = require('async'),
     settingsdb = require('../settingsdb.js'),
     tokendb = require('../tokendb.js'),
-    userdb = require('../userdb.js');
+    userdb = require('../userdb.js'),
+    _ = require('underscore');
 
 describe('database', function () {
     before(function (done) {
@@ -36,7 +37,6 @@ describe('database', function () {
             username: 'uuid213',
             password: 'secret',
             email: 'safe@me.com',
-            admin: false,
             salt: 'morton',
             createdAt: 'sometime back',
             modifiedAt: 'now',
@@ -44,12 +44,11 @@ describe('database', function () {
             displayName: ''
         };
 
-        var ADMIN_0 = {
+        var USER_1 = {
             id: 'uuid456',
             username: 'uuid456',
             password: 'secret',
             email: 'safe2@me.com',
-            admin: true,
             salt: 'tata',
             createdAt: 'sometime back',
             modifiedAt: 'now',
@@ -64,8 +63,8 @@ describe('database', function () {
             });
         });
 
-        it('can add admin user', function (done) {
-            userdb.add(ADMIN_0.id, ADMIN_0, function (error) {
+        it('can add another user', function (done) {
+            userdb.add(USER_1.id, USER_1, function (error) {
                 expect(!error).to.be.ok();
                 done();
             });
@@ -120,12 +119,16 @@ describe('database', function () {
             });
         });
 
-        it('can get all', function (done) {
-            userdb.getAll(function (error, all) {
+        it('can get all with group ids', function (done) {
+            userdb.getAllWithGroupIds(function (error, all) {
                 expect(error).to.not.be.ok();
                 expect(all.length).to.equal(2);
-                expect(all[0]).to.eql(USER_0);
-                expect(all[1]).to.eql(ADMIN_0);
+                var user0Copy = _.extend({}, USER_0);
+                user0Copy.groupIds = [ ];
+                expect(all[0]).to.eql(user0Copy);
+                var user1Copy = _.extend({}, USER_1);
+                user1Copy.groupIds = [ ];
+                expect(all[1]).to.eql(user1Copy);
                 done();
             });
         });
@@ -133,8 +136,7 @@ describe('database', function () {
         it('can get all admins', function (done) {
             userdb.getAllAdmins(function (error, all) {
                 expect(error).to.not.be.ok();
-                expect(all.length).to.equal(1);
-                expect(all[0]).to.eql(ADMIN_0);
+                expect(all.length).to.equal(0);
                 done();
             });
         });
@@ -147,15 +149,7 @@ describe('database', function () {
             });
         });
 
-        it('counts the admin users', function (done) {
-            userdb.adminCount(function (error, count) {
-                expect(error).to.not.be.ok();
-                expect(count).to.equal(1);
-                done();
-            });
-        });
-
-        it('can update the user', function (done) {
+       it('can update the user', function (done) {
             userdb.update(USER_0.id, { email: 'some@thing.com', displayName: 'Heiter' }, function (error) {
                 expect(error).to.not.be.ok();
                 userdb.get(USER_0.id, function (error, user) {
@@ -482,10 +476,10 @@ describe('database', function () {
             portBindings: { port: 5678 },
             health: null,
             accessRestriction: null,
-            oauthProxy: false,
             lastBackupId: null,
             lastBackupConfig: null,
-            oldConfig: null
+            oldConfig: null,
+            memoryLimit: 4294967296
         };
         var APP_1 = {
             id: 'appid-1',
@@ -501,10 +495,10 @@ describe('database', function () {
             portBindings: { },
             health: null,
             accessRestriction: { users: [ 'foobar' ] },
-            oauthProxy: true,
             lastBackupId: null,
             lastBackupConfig: null,
-            oldConfig: null
+            oldConfig: null,
+            memoryLimit: 0
         };
 
         it('add fails due to missing arguments', function () {
@@ -521,7 +515,7 @@ describe('database', function () {
         });
 
         it('add succeeds', function (done) {
-            appdb.add(APP_0.id, APP_0.appStoreId, APP_0.manifest, APP_0.location, APP_0.portBindings, APP_0.accessRestriction, APP_0.oauthProxy, function (error) {
+            appdb.add(APP_0.id, APP_0.appStoreId, APP_0.manifest, APP_0.location, APP_0.portBindings, APP_0.accessRestriction, APP_0.memoryLimit, function (error) {
                 expect(error).to.be(null);
                 done();
             });
@@ -545,7 +539,7 @@ describe('database', function () {
         });
 
         it('add of same app fails', function (done) {
-            appdb.add(APP_0.id, APP_0.appStoreId, APP_0.manifest, APP_0.location, [ ], APP_0.accessRestriction, APP_0.oauthProxy, function (error) {
+            appdb.add(APP_0.id, APP_0.appStoreId, APP_0.manifest, APP_0.location, [ ], APP_0.accessRestriction, APP_0.memoryLimit, function (error) {
                 expect(error).to.be.a(DatabaseError);
                 expect(error.reason).to.be(DatabaseError.ALREADY_EXISTS);
                 done();
@@ -575,16 +569,16 @@ describe('database', function () {
             APP_0.location = 'some-other-location';
             APP_0.manifest.version = '0.2';
             APP_0.accessRestriction = '';
-            APP_0.oauthProxy = true;
             APP_0.httpPort = 1337;
+            APP_0.memoryLimit = 1337;
 
             var data = {
                 installationState: APP_0.installationState,
                 location: APP_0.location,
                 manifest: APP_0.manifest,
                 accessRestriction: APP_0.accessRestriction,
-                oauthProxy: APP_0.oauthProxy,
-                httpPort: APP_0.httpPort
+                httpPort: APP_0.httpPort,
+                memoryLimit: APP_0.memoryLimit
             };
 
             appdb.update(APP_0.id, data, function (error) {
@@ -617,7 +611,7 @@ describe('database', function () {
         });
 
         it('add second app succeeds', function (done) {
-            appdb.add(APP_1.id, APP_1.appStoreId, APP_1.manifest, APP_1.location, [ ], APP_1.accessRestriction, APP_0.oauthProxy, function (error) {
+            appdb.add(APP_1.id, APP_1.appStoreId, APP_1.manifest, APP_1.location, [ ], APP_1.accessRestriction, APP_1.memoryLimit, function (error) {
                 expect(error).to.be(null);
                 done();
             });

src/test/groups-test.js

@@ -0,0 +1,295 @@
+/* jslint node:true */
+/* global it:false */
+/* global describe:false */
+/* global before:false */
+/* global after:false */
+
+'use strict';
+
+var async = require('async'),
+    database = require('../database.js'),
+    expect = require('expect.js'),
+    groups = require('../groups.js'),
+    GroupError = groups.GroupError,
+    hat = require('hat'),
+    userdb = require('../userdb.js');
+
+var GROUP0_NAME = 'administrators',
+    GROUP0_ID = GROUP0_NAME;
+
+var GROUP1_NAME = 'externs',
+    GROUP1_ID = GROUP1_NAME;
+
+var USER_0 = {
+    id: 'uuid213',
+    username: 'uuid213',
+    password: 'secret',
+    email: 'safe@me.com',
+    admin: false,
+    salt: 'morton',
+    createdAt: 'sometime back',
+    modifiedAt: 'now',
+    resetToken: hat(256),
+    displayName: ''
+};
+
+function setup(done) {
+    // ensure data/config/mount paths
+    database.initialize(function (error) {
+        expect(error).to.be(null);
+
+        database._clear(done);
+    });
+}
+
+function cleanup(done) {
+    database._clear(done);
+}
+
+describe('Groups', function () {
+    before(setup);
+    after(cleanup);
+
+    it('cannot create group - too small', function (done) {
+        groups.create('a', function (error) {
+            expect(error.reason).to.be(GroupError.BAD_NAME);
+            done();
+        });
+    });
+
+    it('cannot create group - too big', function (done) {
+        groups.create(new Array(256).join('a'), function (error) {
+            expect(error.reason).to.be(GroupError.BAD_NAME);
+            done();
+        });
+    });
+
+    it('cannot create group - bad name', function (done) {
+        groups.create('bad:name', function (error) {
+            expect(error.reason).to.be(GroupError.BAD_NAME);
+            done();
+        });
+    });
+
+    it('cannot create group - reserved', function (done) {
+        groups.create('users', function (error) {
+            expect(error.reason).to.be(GroupError.BAD_NAME);
+            done();
+        });
+    });
+
+    it('can create valid group', function (done) {
+        groups.create(GROUP0_NAME, function (error) {
+            expect(error).to.be(null);
+            done();
+        });
+    });
+
+    it('cannot add existing group', function (done) {
+        groups.create(GROUP0_NAME, function (error) {
+            expect(error.reason).to.be(GroupError.ALREADY_EXISTS);
+            done();
+        });
+    });
+
+    it('cannot get invalid group', function (done) {
+        groups.get('sometrandom', function (error) {
+            expect(error.reason).to.be(GroupError.NOT_FOUND);
+            done();
+        });
+    });
+
+    it('can get valid group', function (done) {
+        groups.get(GROUP0_ID, function (error, group) {
+            expect(error).to.be(null);
+            expect(group.name).to.equal(GROUP0_NAME);
+            done();
+        });
+    });
+
+    it('cannot delete invalid group', function (done) {
+        groups.remove('random', function (error) {
+            expect(error.reason).to.be(GroupError.NOT_FOUND);
+            done();
+        });
+    });
+
+    it('can delete valid group', function (done) {
+        groups.remove(GROUP0_ID, function (error) {
+            expect(error).to.be(null);
+            done();
+        });
+    });
+});
+
+describe('Group membership', function () {
+    before(function (done) {
+        async.series([
+            setup,
+            groups.create.bind(null, GROUP0_NAME),
+            userdb.add.bind(null, USER_0.id, USER_0)
+        ], done);
+    });
+    after(cleanup);
+
+    it('cannot add non-existent user', function (done) {
+        groups.addMember(GROUP0_ID, 'randomuser', function (error) {
+            expect(error.reason).to.be(GroupError.NOT_FOUND);
+            done();
+        });
+    });
+
+    it('cannot add non-existent group', function (done) {
+        groups.addMember('randomgroup', USER_0.id, function (error) {
+            expect(error.reason).to.be(GroupError.NOT_FOUND);
+            done();
+        });
+    });
+
+    it('isMember returns false', function (done) {
+        groups.isMember(GROUP0_ID, USER_0.id, function (error, member) {
+            expect(error).to.be(null);
+            expect(member).to.be(false);
+            done();
+        });
+    });
+
+    it('can add member', function (done) {
+        groups.addMember(GROUP0_ID, USER_0.id, function (error) {
+            expect(error).to.be(null);
+            done();
+        });
+    });
+
+    it('isMember returns true', function (done) {
+        groups.isMember(GROUP0_ID, USER_0.id, function (error, member) {
+            expect(error).to.be(null);
+            expect(member).to.be(true);
+            done();
+        });
+    });
+
+    it('can get members', function (done) {
+        groups.getMembers(GROUP0_ID, function (error, result) {
+            expect(error).to.be(null);
+            expect(result.length).to.be(1);
+            expect(result[0]).to.be(USER_0.id);
+            done();
+        });
+    });
+
+    it('cannot get members of non-existent group', function (done) {
+        groups.getMembers('randomgroup', function (error, result) {
+            expect(result.length).to.be(0); // currently, we cannot differentiate invalid groups and empty groups
+            done();
+        });
+    });
+
+    it('cannot remove non-existent user', function (done) {
+        groups.removeMember(GROUP0_ID, 'randomuser', function (error) {
+            expect(error.reason).to.be(GroupError.NOT_FOUND);
+            done();
+        });
+    });
+
+    it('cannot remove non-existent group', function (done) {
+        groups.removeMember('randomgroup', USER_0.id, function (error) {
+            expect(error.reason).to.be(GroupError.NOT_FOUND);
+            done();
+        });
+    });
+
+    it('can remove member', function (done) {
+        groups.removeMember(GROUP0_ID, USER_0.id, function (error) {
+            expect(error).to.be(null);
+            done();
+        });
+    });
+
+    it('has no members', function (done) {
+        groups.getMembers(GROUP0_ID, function (error, result) {
+            expect(error).to.be(null);
+            expect(result.length).to.be(0);
+            done();
+        });
+    });
+
+    it('can remove group with no members', function (done) {
+        groups.remove(GROUP0_ID, function (error) {
+            expect(error).to.be(null);
+            done();
+        });
+    });
+
+    it('can remove group with member', function (done) {
+        groups.create(GROUP0_NAME, function (error) {
+            expect(error).to.eql(null);
+
+            groups.addMember(GROUP0_ID, USER_0.id, function (error) {
+                expect(error).to.be(null);
+
+                groups.remove(GROUP0_ID, function (error) {
+                    expect(error).to.eql(null);
+                    done();
+                });
+            });
+        });
+    });
+});
+
+describe('Set user groups', function () {
+    before(function (done) {
+        async.series([
+            setup,
+            groups.create.bind(null, GROUP0_NAME),
+            groups.create.bind(null, GROUP1_NAME),
+            userdb.add.bind(null, USER_0.id, USER_0)
+        ], done);
+    });
+    after(cleanup);
+
+    it('can set user to single group', function (done) {
+        groups.setGroups(USER_0.id, [ GROUP0_ID ], function (error) {
+            expect(error).to.be(null);
+
+            groups.getGroups(USER_0.id, function (error, groupIds) {
+                expect(error).to.be(null);
+                expect(groupIds.length).to.be(1);
+                expect(groupIds[0]).to.be(GROUP0_ID);
+                done();
+            });
+        });
+    });
+
+    it('can set user to multiple groups', function (done) {
+        groups.setGroups(USER_0.id, [ GROUP0_ID, GROUP1_ID ], function (error) {
+            expect(error).to.be(null);
+
+            groups.getGroups(USER_0.id, function (error, groupIds) {
+                expect(error).to.be(null);
+                expect(groupIds.length).to.be(2);
+                expect(groupIds[0]).to.be(GROUP0_ID);
+                expect(groupIds[1]).to.be(GROUP1_ID);
+                done();
+            });
+        });
+    });
+});
+
+describe('Admin group', function () {
+    before(function (done) {
+        async.series([
+            setup,
+            userdb.add.bind(null, USER_0.id, USER_0)
+        ], done);
+    });
+    after(cleanup);
+
+    it('cannot delete admin group ever', function (done) {
+        groups.remove(groups.ADMIN_GROUP_ID, function (error) {
+            expect(error.reason).to.equal(GroupError.NOT_ALLOWED);
+
+            done();
+        });
+    });
+});

src/test/ldap-test.js

@@ -6,37 +6,116 @@
 
 'use strict';
 
-var database = require('../database.js'),
-    expect = require('expect.js'),
-    EventEmitter = require('events').EventEmitter,
+var appdb = require('../appdb.js'),
+    assert = require('assert'),
     async = require('async'),
-    user = require('../user.js'),
+    database = require('../database.js'),
     config = require('../config.js'),
+    EventEmitter = require('events').EventEmitter,
+    expect = require('expect.js'),
+    http = require('http'),
     ldapServer = require('../ldap.js'),
-    ldap = require('ldapjs');
+    ldap = require('ldapjs'),
+    user = require('../user.js');
 
+// owner
 var USER_0 = {
-    username: 'foobar0',
-    password: 'Foobar?1234',
-    email: 'foo0@bar.com',
-    displayName: 'Bob bobson'
+    username: 'username0',
+    password: 'Username0pass?1234',
+    email: 'user0@email.com',
+    displayName: 'User 0'
 };
 
+// normal user
 var USER_1 = {
-    username: 'foobar1',
-    password: 'Foobar?12345',
-    email: 'foo1@bar.com',
-    displayName: 'Jesus'
+    username: 'username1',
+    password: 'Username1pass?12345',
+    email: 'user1@email.com',
+    displayName: 'User 1'
 };
 
+var APP_0 = {
+    id: 'appid-0',
+    appStoreId: 'appStoreId-0',
+    dnsRecordId: null,
+    installationState: appdb.ISTATE_INSTALLED,
+    installationProgress: null,
+    runState: appdb.RSTATE_RUNNING,
+    location: 'some-location-0',
+    manifest: { version: '0.1', dockerImage: 'docker/app0', healthCheckPath: '/', httpPort: 80, title: 'app0' },
+    httpPort: null,
+    containerId: 'someContainerId',
+    portBindings: { port: 5678 },
+    health: null,
+    accessRestriction: null,
+    lastBackupId: null,
+    lastBackupConfig: null,
+    oldConfig: null,
+    memoryLimit: 4294967296
+};
+
+var dockerProxy;
+
+function startDockerProxy(interceptor, callback) {
+    assert.strictEqual(typeof interceptor, 'function');
+    assert.strictEqual(typeof callback, 'function');
+
+    return http.createServer(interceptor).listen(5687, callback);
+}
+
 function setup(done) {
     async.series([
         database.initialize.bind(null),
         database._clear.bind(null),
         ldapServer.start.bind(null),
-        user.create.bind(null, USER_0.username, USER_0.password, USER_0.email, USER_0.displayName, true, null, false),
-        user.create.bind(null, USER_1.username, USER_1.password, USER_1.email, USER_0.displayName, false, USER_0, false)
-    ], done);
+        appdb.add.bind(null, APP_0.id, APP_0.appStoreId, APP_0.manifest, APP_0.location, APP_0.portBindings, APP_0.accessRestriction, APP_0.memoryLimit),
+        appdb.update.bind(null, APP_0.id, { containerId: APP_0.containerId }),
+        user.createOwner.bind(null, USER_0.username, USER_0.password, USER_0.email, USER_0.displayName),
+        user.create.bind(null, USER_1.username, USER_1.password, USER_1.email, USER_0.displayName, { invitor: USER_0 })
+    ], function (error) {
+        if (error) return done(error);
+
+        dockerProxy = startDockerProxy(function interceptor(req, res) {
+            var answer = {};
+            var status = 500;
+
+            if (req.method === 'GET' && req.url === '/networks') {
+                answer = [{
+                    Name: "irrelevant"
+                }, {
+                    Name: "bridge",
+                    Id: "f2de39df4171b0dc801e8002d1d999b77256983dfc63041c0f34030aa3977566",
+                    Scope: "local",
+                    Driver: "bridge",
+                    IPAM: {
+                        Driver: "default",
+                        Config: [{
+                            Subnet: "172.17.0.0/16"
+                        }]
+                    },
+                    "Containers": {
+                        someOtherContainerId: {
+                            "EndpointID": "ed2419a97c1d9954d05b46e462e7002ea552f216e9b136b80a7db8d98b442eda",
+                            "MacAddress": "02:42:ac:11:00:02",
+                            "IPv4Address": "127.0.0.2/16",
+                            "IPv6Address": ""
+                        },
+                        someContainerId: {
+                            "EndpointID": "ed2419a97c1d9954d05b46e462e7002ea552f216e9b136b80a7db8d98b442eda",
+                            "MacAddress": "02:42:ac:11:00:02",
+                            "IPv4Address": "127.0.0.1/16",
+                            "IPv6Address": ""
+                        }
+                    }
+                }];
+                status = 200;
+            }
+
+            res.writeHead(status);
+            res.write(JSON.stringify(answer));
+            res.end();
+        }, done);
+    });
 }
 
 function cleanup(done) {
@@ -66,7 +145,7 @@ describe('Ldap', function () {
             });
         });
 
-        it('succeeds', function (done) {
+        it('succeeds without accessRestriction', function (done) {
             var client = ldap.createClient({ url: 'ldap://127.0.0.1:' + config.get('ldapPort') });
 
             client.bind('cn=' + USER_0.username + ',ou=users,dc=cloudron', USER_0.password, function (error) {
@@ -74,6 +153,32 @@ describe('Ldap', function () {
                 done();
             });
         });
+
+        it('fails with accessRestriction denied', function (done) {
+            var client = ldap.createClient({ url: 'ldap://127.0.0.1:' + config.get('ldapPort') });
+
+            appdb.update(APP_0.id, { accessRestriction: { users: [ USER_1.username ], groups: [] }}, function (error) {
+                expect(error).to.eql(null);
+
+                client.bind('cn=' + USER_0.username + ',ou=users,dc=cloudron', USER_0.password, function (error) {
+                    expect(error).to.be.a(ldap.NoSuchObjectError);
+                    done();
+                });
+            });
+        });
+
+        it('succeeds with accessRestriction allowed', function (done) {
+            var client = ldap.createClient({ url: 'ldap://127.0.0.1:' + config.get('ldapPort') });
+
+            appdb.update(APP_0.id, { accessRestriction: { users: [ USER_1.username, USER_0.username ], groups: [] }}, function (error) {
+                expect(error).to.eql(null);
+
+                client.bind('cn=' + USER_0.username + ',ou=users,dc=cloudron', USER_0.password, function (error) {
+                    expect(error).to.be(null);
+                    done();
+                });
+            });
+        });
     });
 
     describe('search users', function () {
@@ -81,7 +186,7 @@ describe('Ldap', function () {
             var client = ldap.createClient({ url: 'ldap://127.0.0.1:' + config.get('ldapPort') });
 
             var opts = {
-                filter: '(&(l=Seattle)(email=*@foo.com))'
+                filter: '(&(l=Seattle)(email=*@email.com))'
             };
 
             client.search('o=example', opts, function (error, result) {
@@ -127,7 +232,7 @@ describe('Ldap', function () {
             var client = ldap.createClient({ url: 'ldap://127.0.0.1:' + config.get('ldapPort') });
 
             var opts = {
-                filter: '&(objectcategory=person)(username=foobar*)'
+                filter: '&(objectcategory=person)(username=username*)'
             };
 
             client.search('ou=users,dc=cloudron', opts, function (error, result) {

src/test/updatechecker-test.js

@@ -196,7 +196,7 @@ describe('updatechecker - checkAppUpdates', function () {
         portBindings: { PORT: 5678 },
         healthy: null,
         accessRestriction: null,
-        oauthProxy: false
+        memoryLimit: 0
     };
 
     before(function (done) {
@@ -205,7 +205,7 @@ describe('updatechecker - checkAppUpdates', function () {
         async.series([
             database.initialize,
             database._clear,
-            appdb.add.bind(null, APP_0.id, APP_0.appStoreId, APP_0.manifest, APP_0.location, APP_0.portBindings, APP_0.accessRestriction, APP_0.oauthProxy)
+            appdb.add.bind(null, APP_0.id, APP_0.appStoreId, APP_0.manifest, APP_0.location, APP_0.portBindings, APP_0.accessRestriction, APP_0.memoryLimit)
         ], done);
     });
 

src/test/user-test.js

@@ -6,8 +6,11 @@
 
 'use strict';
 
-var database = require('../database.js'),
+var async = require('async'),
+    database = require('../database.js'),
     expect = require('expect.js'),
+    groupdb = require('../groupdb.js'),
+    groups = require('../groups.js'),
     mailer = require('../mailer.js'),
     user = require('../user.js'),
     userdb = require('../userdb.js'),
@@ -19,38 +22,37 @@ var EMAIL = 'nobody@no.body';
 var EMAIL_NEW = 'nobodynew@no.body';
 var PASSWORD = 'sTrOnG#$34134';
 var NEW_PASSWORD = 'oTHER@#$235';
-var IS_ADMIN = true;
 var DISPLAY_NAME = 'Nobody cares';
 var DISPLAY_NAME_NEW = 'Somone cares';
 var userObject = null;
 
 function cleanupUsers(done) {
-    userdb._clear(function () {
-        mailer._clearMailQueue();
-        done();
-    });
+    async.series([
+        groupdb._clear,
+        userdb._clear,
+        mailer._clearMailQueue
+    ], done);
 }
 
-function createUser(done) {
-    user.create(USERNAME, PASSWORD, EMAIL, DISPLAY_NAME, IS_ADMIN, null /* invitor  */, false, function (error, result) {
-        expect(error).to.not.be.ok();
-        expect(result).to.be.ok();
+function createOwner(done) {
+    groups.create('admin', function () { // ignore error since it might already exist
+        user.createOwner(USERNAME, PASSWORD, EMAIL, DISPLAY_NAME, function (error, result) {
+            expect(error).to.not.be.ok();
+            expect(result).to.be.ok();
 
-        userObject = result;
+            userObject = result;
 
-        done();
+            done();
+        });
     });
 }
 
 function setup(done) {
-    // ensure data/config/mount paths
-    database.initialize(function (error) {
-        expect(error).to.be(null);
-
-        mailer._clearMailQueue();
-
-        done();
-    });
+    async.series([
+        database.initialize,
+        database._clear,
+        mailer._clearMailQueue
+    ], done);
 }
 
 function cleanup(done) {
@@ -77,7 +79,7 @@ describe('User', function () {
         after(cleanupUsers);
 
         it('fails due to short password', function (done) {
-            user.create(USERNAME, 'Fo$%23', EMAIL, DISPLAY_NAME, IS_ADMIN, null, true, function (error, result) {
+            user.create(USERNAME, 'Fo$%23', EMAIL, DISPLAY_NAME, function (error, result) {
                 expect(error).to.be.ok();
                 expect(result).to.not.be.ok();
                 expect(error.reason).to.equal(UserError.BAD_PASSWORD);
@@ -87,7 +89,7 @@ describe('User', function () {
         });
 
         it('fails due to missing upper case password', function (done) {
-            user.create(USERNAME, 'thisiseightch%$234arslong', EMAIL, DISPLAY_NAME, IS_ADMIN, null, true, function (error, result) {
+            user.create(USERNAME, 'thisiseightch%$234arslong', EMAIL, DISPLAY_NAME, function (error, result) {
                 expect(error).to.be.ok();
                 expect(result).to.not.be.ok();
                 expect(error.reason).to.equal(UserError.BAD_PASSWORD);
@@ -97,7 +99,7 @@ describe('User', function () {
         });
 
         it('fails due to missing numerics in password', function (done) {
-            user.create(USERNAME, 'foobaRASDF%', EMAIL, DISPLAY_NAME, IS_ADMIN, null, true, function (error, result) {
+            user.create(USERNAME, 'foobaRASDF%', EMAIL, DISPLAY_NAME, function (error, result) {
                 expect(error).to.be.ok();
                 expect(result).to.not.be.ok();
                 expect(error.reason).to.equal(UserError.BAD_PASSWORD);
@@ -107,7 +109,7 @@ describe('User', function () {
         });
 
         it('fails due to missing special chars in password', function (done) {
-            user.create(USERNAME, 'foobaRASDF23423', EMAIL, DISPLAY_NAME, IS_ADMIN, null, true, function (error, result) {
+            user.create(USERNAME, 'foobaRASDF23423', EMAIL, DISPLAY_NAME, function (error, result) {
                 expect(error).to.be.ok();
                 expect(result).to.not.be.ok();
                 expect(error.reason).to.equal(UserError.BAD_PASSWORD);
@@ -117,14 +119,14 @@ describe('User', function () {
         });
 
         it('succeeds and attempts to send invite', function (done) {
-            user.create(USERNAME, PASSWORD, EMAIL, DISPLAY_NAME, IS_ADMIN, null /* invitor */, true, function (error, result) {
+            user.createOwner(USERNAME, PASSWORD, EMAIL, DISPLAY_NAME, function (error, result) {
                 expect(error).not.to.be.ok();
                 expect(result).to.be.ok();
                 expect(result.username).to.equal(USERNAME);
                 expect(result.email).to.equal(EMAIL);
 
                 // first user is owner, do not send mail to admins
-                checkMails(1, done);
+                checkMails(0, done);
             });
         });
 
@@ -152,7 +154,7 @@ describe('User', function () {
         });
 
         it('fails because user exists', function (done) {
-            user.create(USERNAME, PASSWORD, EMAIL, DISPLAY_NAME, IS_ADMIN, null /* invitor */, false, function (error, result) {
+            user.create(USERNAME, PASSWORD, EMAIL, DISPLAY_NAME, function (error, result) {
                 expect(error).to.be.ok();
                 expect(result).not.to.be.ok();
                 expect(error.reason).to.equal(UserError.ALREADY_EXISTS);
@@ -162,7 +164,7 @@ describe('User', function () {
         });
 
         it('fails because password is empty', function (done) {
-            user.create(USERNAME, '', EMAIL, DISPLAY_NAME, IS_ADMIN, null /* invitor */, false, function (error, result) {
+            user.create(USERNAME, '', EMAIL, DISPLAY_NAME, function (error, result) {
                 expect(error).to.be.ok();
                 expect(result).not.to.be.ok();
                 expect(error.reason).to.equal(UserError.BAD_PASSWORD);
@@ -184,7 +186,7 @@ describe('User', function () {
         });
 
         it('succeeds', function (done) {
-            createUser(function (error) {
+            createOwner(function (error) {
                 if (error) return done(error);
 
                 user.getOwner(function (error, owner) {
@@ -197,7 +199,7 @@ describe('User', function () {
     });
 
     describe('verify', function () {
-        before(createUser);
+        before(createOwner);
         after(cleanupUsers);
 
         it('fails due to non existing username', function (done) {
@@ -241,7 +243,7 @@ describe('User', function () {
     });
 
     describe('verifyWithEmail', function () {
-        before(createUser);
+        before(createOwner);
         after(cleanupUsers);
 
         it('fails due to non existing user', function (done) {
@@ -285,7 +287,7 @@ describe('User', function () {
     });
 
     describe('retrieving', function () {
-        before(createUser);
+        before(createOwner);
         after(cleanupUsers);
 
         it('fails due to non existing user', function (done) {
@@ -311,7 +313,7 @@ describe('User', function () {
     });
 
     describe('update', function () {
-        before(createUser);
+        before(createOwner);
         after(cleanupUsers);
 
         it('fails due to unknown userid', function (done) {
@@ -374,17 +376,10 @@ describe('User', function () {
         });
     });
 
-    describe('admin change', function () {
-        before(createUser);
+    xdescribe('admin change triggers mail', function () {
+        before(createOwner);
         after(cleanupUsers);
 
-        it('fails to remove admin flag of only admin', function (done) {
-            user.changeAdmin(USERNAME, false, function (error) {
-                expect(error).to.be.an('object');
-                done();
-            });
-        });
-
         it('make second user admin succeeds', function (done) {
             var user1 = {
                 username: 'seconduser',
@@ -392,30 +387,30 @@ describe('User', function () {
                 email: 'some@thi.ng'
             };
 
-            user.create(user1.username, user1.password, user1.email, DISPLAY_NAME, false, { username: USERNAME, email: EMAIL } /* invitor */, false, function (error, result) {
+            var invitor = { username: USERNAME, email: EMAIL };
+            user.create(user1.username, user1.password, user1.email, DISPLAY_NAME, { invitor: invitor }, function (error, result) {
                 expect(error).to.not.be.ok();
                 expect(result).to.be.ok();
 
-                user.changeAdmin(user1.username, true, function (error) {
+                groups.setGroups(user1.username, [ groups.ADMIN_GROUP_ID ], function (error) {
                     expect(error).to.not.be.ok();
 
                     // one mail for user creation, one mail for admin change
-                    checkMails(2, done);
+                    checkMails(1, done);
                 });
             });
         });
 
         it('succeeds to remove admin flag of first user', function (done) {
-            user.changeAdmin(USERNAME, false, function (error) {
-                expect(error).to.not.be.ok();
-
+            groups.setGroups(USERNAME, [], function (error) {
+                expect(error).to.eql(null);
                 checkMails(1, done);
             });
         });
     });
 
     describe('get admins', function () {
-        before(createUser);
+        before(createOwner);
         after(cleanupUsers);
 
         it('succeeds for one admins', function (done) {
@@ -434,11 +429,12 @@ describe('User', function () {
                 email: 'some@thi.ng'
             };
 
-            user.create(user1.username, user1.password, user1.email, DISPLAY_NAME, false, { username: USERNAME, email: EMAIL } /* invitor */, false, function (error, result) {
+            var invitor = { username: USERNAME, email: EMAIL };
+            user.create(user1.username, user1.password, user1.email, DISPLAY_NAME, { invitor: invitor }, function (error, result) {
                 expect(error).to.eql(null);
                 expect(result).to.be.ok();
 
-                user.changeAdmin(user1.username, true, function (error) {
+                groups.setGroups(user1.username, [ groups.ADMIN_GROUP_ID ], function (error) {
                     expect(error).to.eql(null);
 
                     user.getAllAdmins(function (error, admins) {
@@ -448,7 +444,7 @@ describe('User', function () {
                         expect(admins[1].username).to.equal(user1.username);
 
                         // one mail for user creation one mail for admin change
-                        checkMails(2, done);
+                        checkMails(1, done);    // FIXME should be 2 for admin change
                     });
                 });
             });
@@ -456,7 +452,7 @@ describe('User', function () {
     });
 
     describe('password change', function () {
-        before(createUser);
+        before(createOwner);
         after(cleanupUsers);
 
         it('fails due to wrong arumgent count', function () {
@@ -519,7 +515,7 @@ describe('User', function () {
     });
 
     describe('resetPasswordByIdentifier', function () {
-        before(createUser);
+        before(createOwner);
         after(cleanupUsers);
 
         it('fails due to unkown email', function (done) {
@@ -554,7 +550,7 @@ describe('User', function () {
     });
 
     describe('send invite', function () {
-        before(createUser);
+        before(createOwner);
         after(cleanupUsers);
 
         it('fails for unknown user', function (done) {

src/user.js

@@ -12,7 +12,6 @@ exports = module.exports = {
     remove: removeUser,
     get: getUser,
     getByResetToken: getByResetToken,
-    changeAdmin: changeAdmin,
     getAllAdmins: getAllAdmins,
     resetPasswordByIdentifier: resetPasswordByIdentifier,
     setPassword: setPassword,
@@ -20,19 +19,22 @@ exports = module.exports = {
     update: updateUser,
     createOwner: createOwner,
     getOwner: getOwner,
-    sendInvite: sendInvite
+    sendInvite: sendInvite,
+    setGroups: setGroups
 };
 
 var assert = require('assert'),
+    clientdb = require('./clientdb.js'),
     crypto = require('crypto'),
     DatabaseError = require('./databaseerror.js'),
-    mailer = require('./mailer.js'),
+    groups = require('./groups.js'),
+    GroupError = groups.GroupError,
     hat = require('hat'),
-    userdb = require('./userdb.js'),
+    mailer = require('./mailer.js'),
     tokendb = require('./tokendb.js'),
-    clientdb = require('./clientdb.js'),
-    validatePassword = require('./password.js').validate,
+    userdb = require('./userdb.js'),
     util = require('util'),
+    validatePassword = require('./password.js').validate,
     validator = require('validator'),
     _ = require('underscore');
 
@@ -70,17 +72,6 @@ UserError.BAD_USERNAME = 'Bad username';
 UserError.BAD_EMAIL = 'Bad email';
 UserError.BAD_PASSWORD = 'Bad password';
 UserError.BAD_TOKEN = 'Bad token';
-UserError.NOT_ALLOWED = 'Not Allowed';
-
-function listUsers(callback) {
-    assert.strictEqual(typeof callback, 'function');
-
-    userdb.getAll(function (error, result) {
-        if (error) return callback(new UserError(UserError.INTERNAL_ERROR, error));
-
-        return callback(null, result.map(function (obj) { return _.pick(obj, 'id', 'username', 'email', 'admin', 'displayName'); }));
-    });
-}
 
 function validateUsername(username) {
     assert.strictEqual(typeof username, 'string');
@@ -113,15 +104,20 @@ function validateDisplayName(name) {
     return null;
 }
 
-function createUser(username, password, email, displayName, admin, invitor, sendInvite, callback) {
+function createUser(username, password, email, displayName, options, callback) {
     assert.strictEqual(typeof username, 'string');
     assert.strictEqual(typeof password, 'string');
     assert.strictEqual(typeof email, 'string');
     assert.strictEqual(typeof displayName, 'string');
-    assert.strictEqual(typeof admin, 'boolean');
-    assert(invitor || admin);
-    assert.strictEqual(typeof sendInvite, 'boolean');
-    assert.strictEqual(typeof callback, 'function');
+
+    if (typeof options === 'function') {
+        callback = options;
+        options = null;
+    }
+
+    var invitor = options && options.invitor ? options.invitor : null,
+        sendInvite = options && options.sendInvite ? true : false,
+        owner = options && options.owner ? true : false;
 
     var error = validateUsername(username);
     if (error) return callback(error);
@@ -147,7 +143,6 @@ function createUser(username, password, email, displayName, admin, invitor, send
                 username: username,
                 email: email,
                 password: new Buffer(derivedKey, 'binary').toString('hex'),
-                admin: admin,
                 salt: salt.toString('hex'),
                 createdAt: now,
                 modifiedAt: now,
@@ -161,8 +156,7 @@ function createUser(username, password, email, displayName, admin, invitor, send
 
                 callback(null, user);
 
-                // WARNING do not send email for admins (this can only be the case for the owner, the first user creation during activation)
-                if (!admin) mailer.userAdded(user, sendInvite);
+                if (!owner) mailer.userAdded(user, sendInvite);
                 if (sendInvite) mailer.sendInvite(user, invitor);
             });
         });
@@ -225,6 +219,21 @@ function removeUser(userId, callback) {
     });
 }
 
+function listUsers(callback) {
+    assert.strictEqual(typeof callback, 'function');
+
+    userdb.getAllWithGroupIds(function (error, result) {
+        if (error) return callback(new UserError(UserError.INTERNAL_ERROR, error));
+
+        var allUsers = result.map(function (obj) {
+            var u = _.pick(obj, 'id', 'username', 'email', 'displayName', 'groupIds');
+            u.admin = u.groupIds.indexOf(groups.ADMIN_GROUP_ID) !== -1;
+            return u;
+        });
+        return callback(null, allUsers);
+    });
+}
+
 function getUser(userId, callback) {
     assert.strictEqual(typeof userId, 'string');
     assert.strictEqual(typeof callback, 'function');
@@ -233,7 +242,13 @@ function getUser(userId, callback) {
         if (error && error.reason === DatabaseError.NOT_FOUND) return callback(new UserError(UserError.NOT_FOUND));
         if (error) return callback(new UserError(UserError.INTERNAL_ERROR, error));
 
-        return callback(null, result);
+        groups.getGroups(userId, function (error, groupIds) {
+            if (error) return callback(new UserError(UserError.INTERNAL_ERROR, error));
+
+            result.groupIds = groupIds;
+
+            return callback(null, result);
+        });
     });
 }
 
@@ -272,30 +287,16 @@ function updateUser(userId, username, email, displayName, callback) {
     });
 }
 
-function changeAdmin(username, admin, callback) {
-    assert.strictEqual(typeof username, 'string');
-    assert.strictEqual(typeof admin, 'boolean');
+function setGroups(userId, groupIds, callback) {
+    assert.strictEqual(typeof userId, 'string');
+    assert(Array.isArray(groupIds));
     assert.strictEqual(typeof callback, 'function');
 
-    getUser(username, function (error, user) {
-        if (error) return callback(error);
+    groups.setGroups(userId, groupIds, function (error) {
+        if (error && error.reason === GroupError.NOT_FOUND) return callback(new UserError(UserError.NOT_FOUND, 'One or more groups not found'));
+        if (error) return callback(new UserError(UserError.INTERNAL_ERROR, error));
 
-        userdb.getAllAdmins(function (error, result) {
-            if (error) return callback(new UserError(UserError.INTERNAL_ERROR, error));
-
-            // protect from a system where there is no admin left
-            if (result.length <= 1 && !admin) return callback(new UserError(UserError.NOT_ALLOWED, 'Only admin'));
-
-            user.admin = admin;
-
-            userdb.update(username, user, function (error) {
-                if (error) return callback(new UserError(UserError.INTERNAL_ERROR, error));
-
-                callback(null);
-
-                mailer.adminChanged(user);
-            });
-        });
+        callback();
     });
 }
 
@@ -396,7 +397,15 @@ function createOwner(username, password, email, displayName, callback) {
         if (error) return callback(new UserError(UserError.INTERNAL_ERROR, error));
         if (count !== 0) return callback(new UserError(UserError.ALREADY_EXISTS));
 
-        createUser(username, password, email, displayName, true /* admin */, null /* invitor */, false /* sendInvite */, callback);
+        createUser(username, password, email, displayName, { owner: true }, function (error, user) {
+            if (error) return callback(error);
+
+            groups.addMember(groups.ADMIN_GROUP_ID, user.id, function (error) {
+                if (error) return callback(new UserError(UserError.INTERNAL_ERROR, error));
+
+                callback(null, user);
+            });
+        });
     });
 }
 

src/userdb.js

@@ -7,13 +7,12 @@ exports = module.exports = {
     getByAccessToken: getByAccessToken,
     getByResetToken: getByResetToken,
     getOwner: getOwner,
-    getAll: getAll,
+    getAllWithGroupIds: getAllWithGroupIds,
     getAllAdmins: getAllAdmins,
     add: add,
     del: del,
     update: update,
     count: count,
-    adminCount: adminCount,
 
     _clear: clear
 };
@@ -21,9 +20,10 @@ exports = module.exports = {
 var assert = require('assert'),
     database = require('./database.js'),
     debug = require('debug')('box:userdb'),
-    DatabaseError = require('./databaseerror');
+    DatabaseError = require('./databaseerror'),
+    groups = require('./groups.js');
 
-var USERS_FIELDS = [ 'id', 'username', 'email', 'password', 'salt', 'createdAt', 'modifiedAt', 'admin', 'resetToken', 'displayName' ].join(',');
+var USERS_FIELDS = [ 'id', 'username', 'email', 'password', 'salt', 'createdAt', 'modifiedAt', 'resetToken', 'displayName' ].join(',');
 
 function get(userId, callback) {
     assert.strictEqual(typeof userId, 'string');
@@ -61,7 +61,8 @@ function getOwner(callback) {
     assert.strictEqual(typeof callback, 'function');
 
     // the first created user it the admin
-    database.query('SELECT ' + USERS_FIELDS + ' FROM users WHERE admin=1 ORDER BY createdAt LIMIT 1', function (error, result) {
+    database.query('SELECT ' + USERS_FIELDS + ' FROM users, groupMembers WHERE groupMembers.groupId = ? AND users.id = groupMembers.userId ORDER BY createdAt LIMIT 1',
+            [ groups.ADMIN_GROUP_ID ], function (error, result) {
         if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
         if (result.length === 0) return callback(new DatabaseError(DatabaseError.NOT_FOUND));
 
@@ -83,12 +84,18 @@ function getByResetToken(resetToken, callback) {
     });
 }
 
-function getAll(callback) {
+function getAllWithGroupIds(callback) {
     assert.strictEqual(typeof callback, 'function');
 
-    database.query('SELECT ' + USERS_FIELDS + ' FROM users', function (error, results) {
+    database.query('SELECT ' + USERS_FIELDS + ',GROUP_CONCAT(groupMembers.groupId) AS groupIds ' +
+                    ' FROM users LEFT OUTER JOIN groupMembers ON users.id = groupMembers.userId ' +
+                    ' GROUP BY users.id', function (error, results) {
         if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
 
+        results.forEach(function (result) {
+            result.groupIds = result.groupIds ? result.groupIds.split(',') : [ ];
+        });
+
         callback(null, results);
     });
 }
@@ -96,7 +103,8 @@ function getAll(callback) {
 function getAllAdmins(callback) {
     assert.strictEqual(typeof callback, 'function');
 
-    database.query('SELECT ' + USERS_FIELDS + ' FROM users WHERE admin=1', function (error, results) {
+    database.query('SELECT ' + USERS_FIELDS + ' FROM users, groupMembers WHERE groupMembers.groupId = ? AND users.id = groupMembers.userId',
+            [ groups.ADMIN_GROUP_ID ], function (error, results) {
         if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
 
         callback(null, results);
@@ -108,7 +116,6 @@ function add(userId, user, callback) {
     assert.strictEqual(typeof user.username, 'string');
     assert.strictEqual(typeof user.password, 'string');
     assert.strictEqual(typeof user.email, 'string');
-    assert.strictEqual(typeof user.admin, 'boolean');
     assert.strictEqual(typeof user.salt, 'string');
     assert.strictEqual(typeof user.createdAt, 'string');
     assert.strictEqual(typeof user.modifiedAt, 'string');
@@ -116,8 +123,8 @@ function add(userId, user, callback) {
     assert.strictEqual(typeof user.displayName, 'string');
     assert.strictEqual(typeof callback, 'function');
 
-    var data = [ userId, user.username, user.password, user.email, user.admin, user.salt, user.createdAt, user.modifiedAt, user.resetToken, user.displayName ];
-    database.query('INSERT INTO users (id, username, password, email, admin, salt, createdAt, modifiedAt, resetToken, displayName) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)',
+    var data = [ userId, user.username, user.password, user.email, user.salt, user.createdAt, user.modifiedAt, user.resetToken, user.displayName ];
+    database.query('INSERT INTO users (id, username, password, email, salt, createdAt, modifiedAt, resetToken, displayName) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)',
            data, function (error, result) {
         if (error && error.code === 'ER_DUP_ENTRY') return callback(new DatabaseError(DatabaseError.ALREADY_EXISTS, error));
         if (error || result.affectedRows !== 1) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
@@ -130,9 +137,15 @@ function del(userId, callback) {
     assert.strictEqual(typeof userId, 'string');
     assert.strictEqual(typeof callback, 'function');
 
-    database.query('DELETE FROM users WHERE id = ?', [ userId ], function (error, result) {
+    // also cleanup the groupMembers table
+    var queries = [];
+    queries.push({ query: 'DELETE FROM groupMembers WHERE userId = ?', args: [ userId ] });
+    queries.push({ query: 'DELETE FROM users WHERE id = ?', args: [ userId ] });
+
+    database.transaction(queries, function (error, result) {
+        if (error && error.code === 'ER_NO_REFERENCED_ROW_2') return callback(new DatabaseError(DatabaseError.NOT_FOUND, error));
         if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
-        if (result.affectedRows !== 1) return callback(new DatabaseError(DatabaseError.NOT_FOUND));
+        if (result[1].affectedRows !== 1) return callback(new DatabaseError(DatabaseError.NOT_FOUND, error));
 
         callback(error);
     });
@@ -190,13 +203,3 @@ function count(callback) {
         return callback(null, result[0].total);
     });
 }
-
-function adminCount(callback) {
-    assert.strictEqual(typeof callback, 'function');
-
-    database.query('SELECT COUNT(*) AS total FROM users WHERE admin=1', function (error, result) {
-        if (error) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error));
-
-        return callback(null, result[0].total);
-    });
-}

webadmin/src/3rdparty/bootstrap-slider/bootstrap-slider.css

@@ -0,0 +1,255 @@
+/*! =======================================================
+                      VERSION  6.0.12              
+========================================================= */
+/*! =========================================================
+ * bootstrap-slider.js
+ *
+ * Maintainers:
+ *		Kyle Kemp
+ *			- Twitter: @seiyria
+ *			- Github:  seiyria
+ *		Rohit Kalkur
+ *			- Twitter: @Rovolutionary
+ *			- Github:  rovolution
+ *
+ * =========================================================
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ========================================================= */
+.slider {
+  display: inline-block;
+  vertical-align: middle;
+  position: relative;
+}
+.slider.slider-horizontal {
+  width: 210px;
+  height: 20px;
+}
+.slider.slider-horizontal .slider-track {
+  height: 10px;
+  width: 100%;
+  margin-top: -5px;
+  top: 50%;
+  left: 0;
+}
+.slider.slider-horizontal .slider-selection,
+.slider.slider-horizontal .slider-track-low,
+.slider.slider-horizontal .slider-track-high {
+  height: 100%;
+  top: 0;
+  bottom: 0;
+}
+.slider.slider-horizontal .slider-tick,
+.slider.slider-horizontal .slider-handle {
+  margin-left: -10px;
+  margin-top: -5px;
+}
+.slider.slider-horizontal .slider-tick.triangle,
+.slider.slider-horizontal .slider-handle.triangle {
+  border-width: 0 10px 10px 10px;
+  width: 0;
+  height: 0;
+  border-bottom-color: #0480be;
+  margin-top: 0;
+}
+.slider.slider-horizontal .slider-tick-label-container {
+  white-space: nowrap;
+  margin-top: 20px;
+}
+.slider.slider-horizontal .slider-tick-label-container .slider-tick-label {
+  padding-top: 4px;
+  display: inline-block;
+  text-align: center;
+}
+.slider.slider-vertical {
+  height: 210px;
+  width: 20px;
+}
+.slider.slider-vertical .slider-track {
+  width: 10px;
+  height: 100%;
+  margin-left: -5px;
+  left: 50%;
+  top: 0;
+}
+.slider.slider-vertical .slider-selection {
+  width: 100%;
+  left: 0;
+  top: 0;
+  bottom: 0;
+}
+.slider.slider-vertical .slider-track-low,
+.slider.slider-vertical .slider-track-high {
+  width: 100%;
+  left: 0;
+  right: 0;
+}
+.slider.slider-vertical .slider-tick,
+.slider.slider-vertical .slider-handle {
+  margin-left: -5px;
+  margin-top: -10px;
+}
+.slider.slider-vertical .slider-tick.triangle,
+.slider.slider-vertical .slider-handle.triangle {
+  border-width: 10px 0 10px 10px;
+  width: 1px;
+  height: 1px;
+  border-left-color: #0480be;
+  margin-left: 0;
+}
+.slider.slider-vertical .slider-tick-label-container {
+  white-space: nowrap;
+}
+.slider.slider-vertical .slider-tick-label-container .slider-tick-label {
+  padding-left: 4px;
+}
+.slider.slider-disabled .slider-handle {
+  background-image: -webkit-linear-gradient(top, #dfdfdf 0%, #bebebe 100%);
+  background-image: -o-linear-gradient(top, #dfdfdf 0%, #bebebe 100%);
+  background-image: linear-gradient(to bottom, #dfdfdf 0%, #bebebe 100%);
+  background-repeat: repeat-x;
+  filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffdfdfdf', endColorstr='#ffbebebe', GradientType=0);
+}
+.slider.slider-disabled .slider-track {
+  background-image: -webkit-linear-gradient(top, #e5e5e5 0%, #e9e9e9 100%);
+  background-image: -o-linear-gradient(top, #e5e5e5 0%, #e9e9e9 100%);
+  background-image: linear-gradient(to bottom, #e5e5e5 0%, #e9e9e9 100%);
+  background-repeat: repeat-x;
+  filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffe5e5e5', endColorstr='#ffe9e9e9', GradientType=0);
+  cursor: not-allowed;
+}
+.slider input {
+  display: none;
+}
+.slider .tooltip.top {
+  margin-top: -36px;
+}
+.slider .tooltip-inner {
+  white-space: nowrap;
+}
+.slider .hide {
+  display: none;
+}
+.slider-track {
+  position: absolute;
+  cursor: pointer;
+  background-image: -webkit-linear-gradient(top, #f5f5f5 0%, #f9f9f9 100%);
+  background-image: -o-linear-gradient(top, #f5f5f5 0%, #f9f9f9 100%);
+  background-image: linear-gradient(to bottom, #f5f5f5 0%, #f9f9f9 100%);
+  background-repeat: repeat-x;
+  filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#fff5f5f5', endColorstr='#fff9f9f9', GradientType=0);
+  -webkit-box-shadow: inset 0 1px 2px rgba(0, 0, 0, 0.1);
+  box-shadow: inset 0 1px 2px rgba(0, 0, 0, 0.1);
+  border-radius: 4px;
+}
+.slider-selection {
+  position: absolute;
+  background-image: -webkit-linear-gradient(top, #f9f9f9 0%, #f5f5f5 100%);
+  background-image: -o-linear-gradient(top, #f9f9f9 0%, #f5f5f5 100%);
+  background-image: linear-gradient(to bottom, #f9f9f9 0%, #f5f5f5 100%);
+  background-repeat: repeat-x;
+  filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#fff9f9f9', endColorstr='#fff5f5f5', GradientType=0);
+  -webkit-box-shadow: inset 0 -1px 0 rgba(0, 0, 0, 0.15);
+  box-shadow: inset 0 -1px 0 rgba(0, 0, 0, 0.15);
+  -webkit-box-sizing: border-box;
+  -moz-box-sizing: border-box;
+  box-sizing: border-box;
+  border-radius: 4px;
+}
+.slider-selection.tick-slider-selection {
+  background-image: -webkit-linear-gradient(top, #89cdef 0%, #81bfde 100%);
+  background-image: -o-linear-gradient(top, #89cdef 0%, #81bfde 100%);
+  background-image: linear-gradient(to bottom, #89cdef 0%, #81bfde 100%);
+  background-repeat: repeat-x;
+  filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff89cdef', endColorstr='#ff81bfde', GradientType=0);
+}
+.slider-track-low,
+.slider-track-high {
+  position: absolute;
+  background: transparent;
+  -webkit-box-sizing: border-box;
+  -moz-box-sizing: border-box;
+  box-sizing: border-box;
+  border-radius: 4px;
+}
+.slider-handle {
+  position: absolute;
+  width: 20px;
+  height: 20px;
+  background-color: #337ab7;
+  background-image: -webkit-linear-gradient(top, #149bdf 0%, #0480be 100%);
+  background-image: -o-linear-gradient(top, #149bdf 0%, #0480be 100%);
+  background-image: linear-gradient(to bottom, #149bdf 0%, #0480be 100%);
+  background-repeat: repeat-x;
+  filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff149bdf', endColorstr='#ff0480be', GradientType=0);
+  filter: none;
+  -webkit-box-shadow: inset 0 1px 0 rgba(255,255,255,.2), 0 1px 2px rgba(0,0,0,.05);
+  box-shadow: inset 0 1px 0 rgba(255,255,255,.2), 0 1px 2px rgba(0,0,0,.05);
+  border: 0px solid transparent;
+}
+.slider-handle.round {
+  border-radius: 50%;
+}
+.slider-handle.triangle {
+  background: transparent none;
+}
+.slider-handle.custom {
+  background: transparent none;
+}
+.slider-handle.custom::before {
+  line-height: 20px;
+  font-size: 20px;
+  content: '\2605';
+  color: #726204;
+}
+.slider-tick {
+  position: absolute;
+  width: 20px;
+  height: 20px;
+  background-image: -webkit-linear-gradient(top, #f9f9f9 0%, #f5f5f5 100%);
+  background-image: -o-linear-gradient(top, #f9f9f9 0%, #f5f5f5 100%);
+  background-image: linear-gradient(to bottom, #f9f9f9 0%, #f5f5f5 100%);
+  background-repeat: repeat-x;
+  filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#fff9f9f9', endColorstr='#fff5f5f5', GradientType=0);
+  -webkit-box-shadow: inset 0 -1px 0 rgba(0, 0, 0, 0.15);
+  box-shadow: inset 0 -1px 0 rgba(0, 0, 0, 0.15);
+  -webkit-box-sizing: border-box;
+  -moz-box-sizing: border-box;
+  box-sizing: border-box;
+  filter: none;
+  opacity: 0.8;
+  border: 0px solid transparent;
+}
+.slider-tick.round {
+  border-radius: 50%;
+}
+.slider-tick.triangle {
+  background: transparent none;
+}
+.slider-tick.custom {
+  background: transparent none;
+}
+.slider-tick.custom::before {
+  line-height: 20px;
+  font-size: 20px;
+  content: '\2605';
+  color: #726204;
+}
+.slider-tick.in-selection {
+  background-image: -webkit-linear-gradient(top, #89cdef 0%, #81bfde 100%);
+  background-image: -o-linear-gradient(top, #89cdef 0%, #81bfde 100%);
+  background-image: linear-gradient(to bottom, #89cdef 0%, #81bfde 100%);
+  background-repeat: repeat-x;
+  filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff89cdef', endColorstr='#ff81bfde', GradientType=0);
+  opacity: 1;
+}

webadmin/src/3rdparty/bootstrap-slider/slider.js

@@ -0,0 +1,221 @@
+angular.module('ui.bootstrap-slider', [])
+    .directive('slider', ['$parse', '$timeout', '$rootScope', function ($parse, $timeout, $rootScope) {
+        return {
+            restrict: 'AE',
+            replace: true,
+            template: '<div><input class="slider-input" type="text" style="width:100%" /></div>',
+            require: 'ngModel',
+            scope: {
+                max: "=",
+                min: "=",
+                step: "=",
+                value: "=",
+                ngModel: '=',
+                ngDisabled: '=',
+                range: '=',
+                sliderid: '=',
+                ticks: '=',
+                ticksLabels: '=',
+                ticksSnapBounds: '=',
+                ticksPositions: '=',
+                scale: '=',
+                focus: '=',
+                formatter: '&',
+                onStartSlide: '&',
+                onStopSlide: '&',
+                onSlide: '&'
+            },
+            link: function ($scope, element, attrs, ngModelCtrl, $compile) {
+                var ngModelDeregisterFn, ngDisabledDeregisterFn;
+
+                var slider = initSlider();
+
+                function initSlider() {
+                    var options = {};
+
+                    function setOption(key, value, defaultValue) {
+                        options[key] = value || defaultValue;
+                    }
+
+                    function setFloatOption(key, value, defaultValue) {
+                        options[key] = value || value === 0 ? parseFloat(value) : defaultValue;
+                    }
+
+                    function setBooleanOption(key, value, defaultValue) {
+                        options[key] = value ? value + '' === 'true' : defaultValue;
+                    }
+
+                    function getArrayOrValue(value) {
+                        return (angular.isString(value) && value.indexOf("[") === 0) ? angular.fromJson(value) : value;
+                    }
+
+                    setOption('id', $scope.sliderid);
+                    setOption('orientation', attrs.orientation, 'horizontal');
+                    setOption('selection', attrs.selection, 'before');
+                    setOption('handle', attrs.handle, 'round');
+                    setOption('tooltip', attrs.sliderTooltip || attrs.tooltip, 'show');
+                    setOption('tooltip_position', attrs.sliderTooltipPosition, 'top');
+                    setOption('tooltipseparator', attrs.tooltipseparator, ':');
+                    setOption('ticks', $scope.ticks);
+                    setOption('ticks_labels', $scope.ticksLabels);
+                    setOption('ticks_snap_bounds', $scope.ticksSnapBounds);
+                    setOption('ticks_positions', $scope.ticksPositions);
+                    setOption('scale', $scope.scale, 'linear');
+                    setOption('focus', $scope.focus);
+
+                    setFloatOption('min', $scope.min, 0);
+                    setFloatOption('max', $scope.max, 10);
+                    setFloatOption('step', $scope.step, 1);
+                    var strNbr = options.step + '';
+                    var dotPos = strNbr.search(/[^.,]*$/);
+                    var decimals = strNbr.substring(dotPos);
+                    setFloatOption('precision', attrs.precision, decimals.length);
+
+                    setBooleanOption('tooltip_split', attrs.tooltipsplit, false);
+                    setBooleanOption('enabled', attrs.enabled, true);
+                    setBooleanOption('naturalarrowkeys', attrs.naturalarrowkeys, false);
+                    setBooleanOption('reversed', attrs.reversed, false);
+
+                    setBooleanOption('range', $scope.range, false);
+                    if (options.range) {
+                        if (angular.isArray($scope.value)) {
+                            options.value = $scope.value;
+                        }
+                        else if (angular.isString($scope.value)) {
+                            options.value = getArrayOrValue($scope.value);
+                            if (!angular.isArray(options.value)) {
+                                var value = parseFloat($scope.value);
+                                if (isNaN(value)) value = 5;
+
+                                if (value < $scope.min) {
+                                    value = $scope.min;
+                                    options.value = [value, options.max];
+                                }
+                                else if (value > $scope.max) {
+                                    value = $scope.max;
+                                    options.value = [options.min, value];
+                                }
+                                else {
+                                    options.value = [options.min, options.max];
+                                }
+                            }
+                        }
+                        else {
+                            options.value = [options.min, options.max]; // This is needed, because of value defined at $.fn.slider.defaults - default value 5 prevents creating range slider
+                        }
+                        $scope.ngModel = options.value; // needed, otherwise turns value into [null, ##]
+                    }
+                    else {
+                        setFloatOption('value', $scope.value, 5);
+                    }
+
+                    if (attrs.formatter) {
+                        options.formatter = function(value) {
+                            return $scope.formatter({value: value});
+                        }
+                    }
+
+                    // check if slider jQuery plugin exists
+                    if ('$' in window && $.fn.slider) {
+                        // adding methods to jQuery slider plugin prototype
+                        $.fn.slider.constructor.prototype.disable = function () {
+                            this.picker.off();
+                        };
+                        $.fn.slider.constructor.prototype.enable = function () {
+                            this.picker.on();
+                        };
+                    }
+
+                    // destroy previous slider to reset all options
+                    if (element[0].__slider)
+                        element[0].__slider.destroy();
+
+                    var slider = new Slider(element[0].getElementsByClassName('slider-input')[0], options);
+                    element[0].__slider = slider;
+
+                    // everything that needs slider element
+                    var updateEvent = getArrayOrValue(attrs.updateevent);
+                    if (angular.isString(updateEvent)) {
+                        // if only single event name in string
+                        updateEvent = [updateEvent];
+                    }
+                    else {
+                        // default to slide event
+                        updateEvent = ['slide'];
+                    }
+                    angular.forEach(updateEvent, function (sliderEvent) {
+                        slider.on(sliderEvent, function (ev) {
+                            ngModelCtrl.$setViewValue(ev);
+                        });
+                    });
+                    slider.on('change', function (ev) {
+                        ngModelCtrl.$setViewValue(ev.newValue);
+                    });
+
+
+                    // Event listeners
+                    var sliderEvents = {
+                        slideStart: 'onStartSlide',
+                        slide: 'onSlide',
+                        slideStop: 'onStopSlide'
+                    };
+                    angular.forEach(sliderEvents, function (sliderEventAttr, sliderEvent) {
+                        var fn = $parse(attrs[sliderEventAttr]);
+                        slider.on(sliderEvent, function (ev) {
+                            if ($scope[sliderEventAttr]) {
+                                $scope.$apply(function () {
+                                    fn($scope.$parent, { $event: ev, value: ev });
+                                });
+                            }
+                        });
+                    });
+
+                    // deregister ngDisabled watcher to prevent memory leaks
+                    if (angular.isFunction(ngDisabledDeregisterFn)) {
+                        ngDisabledDeregisterFn();
+                        ngDisabledDeregisterFn = null;
+                    }
+
+                    ngDisabledDeregisterFn = $scope.$watch('ngDisabled', function (value) {
+                        if (value) {
+                            slider.disable();
+                        }
+                        else {
+                            slider.enable();
+                        }
+                    });
+
+                    // deregister ngModel watcher to prevent memory leaks
+                    if (angular.isFunction(ngModelDeregisterFn)) ngModelDeregisterFn();
+                    ngModelDeregisterFn = $scope.$watch('ngModel', function (value) {
+                        if($scope.range){
+                            slider.setValue(value);
+                        }else{
+                            slider.setValue(parseFloat(value));
+                        }
+                        slider.relayout();
+                    }, true);
+
+                    return slider;
+                }
+
+
+                var watchers = ['min', 'max', 'step', 'range', 'scale', 'ticksLabels'];
+                angular.forEach(watchers, function (prop) {
+                    $scope.$watch(prop, function () {
+                        slider = initSlider();
+                    });
+                });
+
+                var globalEvents = ['relayout', 'refresh'];
+                angular.forEach(globalEvents, function(event) {
+                    if(angular.isFunction(slider[event])) {
+                        $scope.$on('slider:' + event, function () {
+                            slider[event]();
+                        });
+                    }
+                });
+            }
+        };
+    }])
+;

webadmin/src/appstatus.html

@@ -25,7 +25,7 @@
         This app is currently not running. <a id="appLink" href="">Please retry later</a>.
 
         <footer>
-            <span class="text-muted"><a href="mailto: support@cloudron.io">Contact Support</a> - Copyright &copy; Cloudron 2014-15</span>
+            <span class="text-muted"><a href="mailto: support@cloudron.io">Contact Support</a> - Copyright &copy; Cloudron 2014-16</span>
         </footer>
     </div>
 </div>

webadmin/src/error.html

@@ -92,7 +92,7 @@
         </div>
 
         <footer>
-            <span class="text-muted"><a href="mailto: support@cloudron.io">Contact Support</a> - Copyright &copy; Cloudron 2014-15</span>
+            <span class="text-muted"><a href="mailto: support@cloudron.io">Contact Support</a> - Copyright &copy; <a href="https://cloudron.io" target="_blank">Cloudron</a> 2014-16</span>
         </footer>
     </div>
 </div>

webadmin/src/index.html

@@ -47,6 +47,11 @@
     <script src="3rdparty/js/showdown-1.1.0.min.js"></script>
     <script src="3rdparty/js/showdown-target-blank.min.js"></script>
 
+    <!-- Bootstrap slider -->
+    <link rel="stylesheet" type="text/css" href="/3rdparty/bootstrap-slider/bootstrap-slider.min.css"/>
+    <script type="text/javascript" src="/3rdparty/bootstrap-slider/bootstrap-slider.min.js"></script>
+    <script type="text/javascript" src="/3rdparty/bootstrap-slider/slider.js"></script>
+
     <!-- Main Application -->
     <script src="js/index.js"></script>
 
@@ -165,7 +170,7 @@
 
     <!-- Footer -->
     <footer class="text-center">
-        <span class="text-muted">Copyright &copy; Cloudron 2014-15</span>
+        <span class="text-muted">Copyright &copy; <a href="https://cloudron.io" target="_blank">Cloudron</a> 2014-16</span>
         <span class="text-muted"> {{config.version}}</span>
     </footer>
 

webadmin/src/js/client.js

@@ -248,7 +248,6 @@ angular.module('Application').service('Client', ['$http', 'md5', 'Notification',
             location: config.location,
             portBindings: config.portBindings,
             accessRestriction: config.accessRestriction,
-            oauthProxy: config.oauthProxy,
             cert: config.cert,
             key: config.key
         };
@@ -292,9 +291,9 @@ angular.module('Application').service('Client', ['$http', 'md5', 'Notification',
             location: config.location,
             portBindings: config.portBindings,
             accessRestriction: config.accessRestriction,
-            oauthProxy: config.oauthProxy,
             cert: config.cert,
-            key: config.key
+            key: config.key,
+            memoryLimit: config.memoryLimit
         };
 
         $http.post(client.apiOrigin + '/api/v1/apps/' + id + '/configure', data).success(function (data, status) {
@@ -392,6 +391,49 @@ angular.module('Application').service('Client', ['$http', 'md5', 'Notification',
         }).error(defaultErrorHandler(callback));
     };
 
+    Client.prototype.getGroups = function (callback) {
+        $http.get(client.apiOrigin + '/api/v1/groups').success(function (data, status) {
+            if (status !== 200 || typeof data !== 'object') return callback(new ClientError(status, data));
+            callback(null, data.groups);
+        }).error(defaultErrorHandler(callback));
+    };
+
+    Client.prototype.setGroups = function (userId, groupIds, callback) {
+        $http.put(client.apiOrigin + '/api/v1/users/' + userId + '/set_groups', { groupIds: groupIds }).success(function (data, status) {
+            if (status !== 204) return callback(new ClientError(status, data));
+            callback(null);
+        }).error(defaultErrorHandler(callback));
+    };
+
+    Client.prototype.getGroup = function (groupId, callback) {
+        $http.get(client.apiOrigin + '/api/v1/groups/' + groupId).success(function (data, status) {
+            if (status !== 200 || typeof data !== 'object') return callback(new ClientError(status, data));
+            callback(null, data);
+        }).error(defaultErrorHandler(callback));
+    };
+
+    Client.prototype.createGroup = function (name, callback) {
+        var data = {
+            name: name
+        };
+
+        $http.post(client.apiOrigin + '/api/v1/groups', data).success(function(data, status) {
+            if (status !== 201 || typeof data !== 'object') return callback(new ClientError(status, data));
+            callback(null, data);
+        }).error(defaultErrorHandler(callback));
+    };
+
+    Client.prototype.removeGroup = function (groupId, password, callback) {
+        var data = {
+            password: password
+        };
+
+        $http({ method: 'DELETE', url: client.apiOrigin + '/api/v1/groups/' + groupId, data: data, headers: { 'Content-Type': 'application/json' }}).success(function(data, status) {
+            if (status !== 204) return callback(new ClientError(status, data));
+            callback(null, data);
+        }).error(defaultErrorHandler(callback));
+    };
+
     Client.prototype.getNonApprovedApps = function (callback) {
         if (!this._config.developerMode) return callback(null, []);
 

webadmin/src/js/index.js

@@ -9,7 +9,7 @@ if (search.accessToken) localStorage.token = search.accessToken;
 
 
 // create main application module
-var app = angular.module('Application', ['ngRoute', 'ngAnimate', 'ngSanitize', 'angular-md5', 'slick', 'ui-notification']);
+var app = angular.module('Application', ['ngRoute', 'ngAnimate', 'ngSanitize', 'angular-md5', 'slick', 'ui-notification', 'ui.bootstrap-slider']);
 
 app.config(['NotificationProvider', function (NotificationProvider) {
     NotificationProvider.setOptions({

webadmin/src/nakeddomain.html

@@ -58,7 +58,7 @@
         </p>
 
         <footer>
-            <span class="text-muted"><a href="mailto: support@cloudron.io">Contact Support</a> - Copyright &copy; Cloudron 2014-15</span>
+            <span class="text-muted"><a href="mailto: support@cloudron.io">Contact Support</a> - Copyright &copy; <a href="https://cloudron.io" target="_blank">Cloudron</a> 2014-16</span>
         </footer>
     </div>
 </div>

webadmin/src/theme.scss

@@ -77,6 +77,12 @@ $table-border-color:                        transparent !default;
     clear: both;
 }
 
+.btn-admin {
+    color: white !important;
+    background-color: $brand-danger !important;
+    border-color: $brand-danger !important;
+}
+
 // ----------------------------
 // Main classes
 // ----------------------------

webadmin/src/views/account.html

@@ -6,7 +6,7 @@
                 <h4 class="modal-title">Change Your Password</h4>
             </div>
             <div class="modal-body">
-                <form name="passwordchange_form" class="form-signin" role="form" novalidate ng-submit="doChangePassword(passwordchange_form)" autocomplete="off">
+                <form name="passwordchange_form" role="form" novalidate ng-submit="doChangePassword(passwordchange_form)" autocomplete="off">
                     <fieldset>
                         <div class="form-group" ng-class="{ 'has-error': (!passwordchange_form.password.$dirty && passwordchange.error.password) || (passwordchange_form.password.$dirty && passwordchange_form.password.$invalid) }">
                             <label class="control-label" for="inputPasswordChangePassword">Current Password</label>
@@ -52,7 +52,7 @@
                 <h4 class="modal-title">Change Your Email</h4>
             </div>
             <div class="modal-body">
-                <form name="emailchange_form" class="form-signin" role="form" novalidate ng-submit="doChangeEmail(emailchange_form)" autocomplete="off">
+                <form name="emailchange_form" role="form" novalidate ng-submit="doChangeEmail(emailchange_form)" autocomplete="off">
                     <fieldset>
                         <div class="form-group" ng-class="{ 'has-error': (emailchange_form.email.$dirty && emailchange_form.email.$invalid) }">
                             <label class="control-label" for="inputEmailChangeEmail">New Email Address</label>

webadmin/src/views/apps.html

@@ -16,7 +16,7 @@
             </div>
             <div class="modal-body">
                 <fieldset>
-                    <form class="form-signin" role="form" name="appConfigureForm" ng-submit="doConfigure()" autocomplete="off">
+                    <form role="form" name="appConfigureForm" ng-submit="doConfigure()" autocomplete="off">
                         <div class="has-error text-center" ng-show="appConfigure.error.other">{{ appConfigure.error.other }}</div>
                         <div class="form-group" ng-class="{ 'has-error': (appConfigureForm.location.$dirty && appConfigureForm.location.$invalid) || (!appConfigureForm.location.$dirty && appConfigure.error.location)  }">
                             <label class="control-label" for="appConfigureLocationInput">Location {{ appConfigure.error.location }} </label>
@@ -43,13 +43,39 @@
                                 Access is granted to <b>{{appConfigure.app.accessRestriction.users[0]}}</b>.
                             </p>
                         </div>
-                        <!-- Not sure if oauthproxy makes any sense with singleuser apps, it certainly looks strange in the UI, so we hide it for now -->
                         <div class="form-group" ng-hide="appConfigure.app.manifest.singleUser">
-                            <label class="control-label" for="oauthProxy">Website Visibility</label>
-                            <select class="form-control" id="oauthProxy" ng-model="appConfigure.oauthProxy">
-                                <option value="">Visible to all</option>
-                                <option value="1">Visible only to Cloudron users</option>
-                            </select>
+                            <label class="control-label">Access control</label>
+                            <div class="radio">
+                                <label>
+                                    <input type="radio" ng-model="appConfigure.accessRestrictionOption" value="">
+                                    Every Cloudron user
+                                </label>
+                            </div>
+                            <div class="radio">
+                                <label>
+                                    <input type="radio" ng-model="appConfigure.accessRestrictionOption" value="restricted">
+                                    Restrict to groups
+                                </label>
+                            </div>
+                            <div class="has-error" ng-show="appConfigure.accessRestrictionOption !== '' && !appConfigure.isAccessRestrictionValid()">Select at least one group</div>
+                            <div>
+                                <div>
+                                    <span>
+                                        <button class="btn btn-default" type="button" ng-disabled="appConfigure.accessRestrictionOption === ''" ng-click="appConfigureToggleGroup({ id: 'admin', name: 'admin' })" ng-class="{ 'btn-admin': (appConfigure.accessRestriction.groups && appConfigure.accessRestriction.groups.indexOf('admin') !== -1) }">Admin</button>
+                                    </span>
+
+                                    <span ng-repeat="group in groups" ng-show="group.id !== 'admin'">
+                                        <button class="btn btn-default" type="button" ng-disabled="appConfigure.accessRestrictionOption === ''" ng-click="appConfigureToggleGroup(group);" ng-class="{ 'btn-primary': (appConfigure.accessRestriction.groups && appConfigure.accessRestriction.groups.indexOf(group.id) !== -1) }">{{ group.name }}</button>
+                                    </span>
+                                </div>
+                            </div>
+                        </div>
+                        <div class="form-group" ng-hide="true">
+                            <label class="control-label" for="memoryUsage">Maximum Memory Usage: <b>{{ appConfigure.memoryUsage / 1024 / 1024 }} MB</b></label>
+                            <br/>
+                            <div style="padding: 0 10px;">
+                                <slider id="memoryUsage" ng-model="appConfigure.memoryUsage" step="33554432" tooltip="hide" ticks="memoryTicks" ticks-snap-bounds="67108864"></slider>
+                            </div>
                         </div>
 
                         <div class="hide">
@@ -86,13 +112,13 @@
                             </div>
                             <input type="password" class="form-control" ng-model="appConfigure.password" id="appConfigurePasswordInput" name="password" required>
                         </div>
-                        <input class="ng-hide" type="submit" ng-disabled="appConfigureForm.$invalid || busy"/>
+                        <input class="ng-hide" type="submit" ng-disabled="appConfigureForm.$invalid || busy || (appConfigure.accessRestrictionOption !== '' && !appConfigure.isAccessRestrictionValid())"/>
                     </form>
                 </fieldset>
             </div>
             <div class="modal-footer ">
                 <button type="button" class="btn btn-default" data-dismiss="modal">Cancel</button>
-                <button type="button" class="btn btn-success" ng-click="doConfigure()" ng-disabled="appConfigureForm.$invalid || appConfigure.busy"><i class="fa fa-spinner fa-pulse" ng-show="appConfigure.busy"></i> Save</button>
+                <button type="button" class="btn btn-success" ng-click="doConfigure()" ng-disabled="appConfigureForm.$invalid || appConfigure.busy || (appConfigure.accessRestrictionOption !== '' && !appConfigure.isAccessRestrictionValid())"><i class="fa fa-spinner fa-pulse" ng-show="appConfigure.busy"></i> Save</button>
             </div>
         </div>
     </div>
@@ -109,7 +135,7 @@
                 <p ng-show="appRestore.app.lastBackupId !== null">Restoring the app will lose all content generated since last backup of this app!</p>
                 <p ng-show="appRestore.app.lastBackupId === null">This app was never backed up. Restoring the app will lose all content!</p>
                 <fieldset>
-                    <form class="form-signin" role="form" name="appRestoreForm" ng-submit="doRestore()" autocomplete="off">
+                    <form role="form" name="appRestoreForm" ng-submit="doRestore()" autocomplete="off">
                         <div class="form-group" ng-class="{ 'has-error': (appRestoreForm.password.$dirty && appRestoreForm.password.$invalid) || (!appRestoreForm.password.$dirty && appRestore.error.password) }">
                             <label class="control-label" for="appRestorePasswordInput">Provide your password to confirm this action</label>
                             <div class="control-label" ng-show="(appRestoreForm.password.$dirty && appRestoreForm.password.$invalid) || (!appRestoreForm.password.$dirty && appRestore.error.password)">
@@ -159,7 +185,7 @@
             <div class="modal-body">
                 <p>Deleting the app will also remove all content generated within this app!</p>
                 <fieldset>
-                    <form class="form-signin" role="form" name="appUninstallForm" ng-submit="doUninstall()" autocomplete="off">
+                    <form role="form" name="appUninstallForm" ng-submit="doUninstall()" autocomplete="off">
                         <div class="form-group" ng-class="{ 'has-error': (appUninstallForm.password.$dirty && appUninstallForm.password.$invalid) || (!appUninstallForm.password.$dirty && appUninstall.error.password) }">
                             <label class="control-label" for="appUninstallPasswordInput">Provide your password to confirm this action</label>
                             <div class="control-label" ng-show="(appUninstallForm.password.$dirty && appUninstallForm.password.$invalid) || (!appUninstallForm.password.$dirty && appUninstall.error.password)">
@@ -193,7 +219,7 @@
                 <pre>{{ appUpdate.manifest.changelog }}</pre>
                 <br/>
                 <fieldset>
-                    <form class="form-signin" role="form" name="appUpdateForm" ng-submit="doUpdate(appUpdateForm)" autocomplete="off">
+                    <form role="form" name="appUpdateForm" ng-submit="doUpdate(appUpdateForm)" autocomplete="off">
                         <div ng-repeat="(env, info) in appUpdate.portBindingsInfo" ng-class="{ 'newPort': info.isNew }">
                             <ng-form name="portInfo_form">
                                 <div class="form-group" ng-class="{ 'has-error': portInfo_form.itemName{{$index}}.$dirty && portInfo_form.itemName{{$index}}.$invalid }">
@@ -254,7 +280,7 @@
     </div>
 
     <div class="row animateMeOpacity ng-hide" ng-show="installedApps.length > 0">
-        <div class="col-sm-1 grid-item" ng-repeat="app in installedApps">
+        <div class="col-sm-1 grid-item" ng-repeat="app in installedApps | orderBy:'location'">
             <div style="background-color: white;" class="highlight grid-item-content">
                 <a ng-href="{{app | applicationLink}}" ng-click="(app | installError) === true && showError(app)" target="_blank">
                     <div class="grid-item-top">

webadmin/src/views/apps.js

@@ -1,6 +1,3 @@
-/* global ISTATES:false */
-/* global HSTATES:false */
-
 'use strict';
 
 angular.module('Application').controller('AppsController', ['$scope', '$location', 'Client', 'AppStore', function ($scope, $location, Client, AppStore) {
@@ -10,6 +7,15 @@ angular.module('Application').controller('AppsController', ['$scope', '$location
     $scope.installedApps = Client.getInstalledApps();
     $scope.config = Client.getConfig();
     $scope.user = Client.getUserInfo();
+    $scope.groups = [];
+
+    $scope.memoryTicks = [
+        256 * 1024 * 1024,
+        512 * 1024 * 1024,
+        1024 * 1024 * 1024,
+        2048 * 1024 * 1024,
+        4096 * 1024 * 1024
+    ];
 
     $scope.appConfigure = {
         busy: false,
@@ -20,11 +26,18 @@ angular.module('Application').controller('AppsController', ['$scope', '$location
         portBindings: {},
         portBindingsEnabled: {},
         portBindingsInfo: {},
-        oauthProxy: '',
         certificateFile: null,
         certificateFileName: '',
         keyFile: null,
-        keyFileName: ''
+        keyFileName: '',
+        memoryLimit: $scope.memoryTicks[0],
+        accessRestrictionOption: '',
+        accessRestriction: { users: [], groups: [] },
+
+        isAccessRestrictionValid: function () {
+            var tmp = $scope.appConfigure.accessRestriction;
+            return !!(tmp.users.length || tmp.groups.length);
+        }
     };
 
     $scope.appUninstall = {
@@ -62,11 +75,13 @@ angular.module('Application').controller('AppsController', ['$scope', '$location
         $scope.appConfigure.password = '';
         $scope.appConfigure.portBindings = {};          // This is the actual model holding the env:port pair
         $scope.appConfigure.portBindingsEnabled = {};   // This is the actual model holding the enabled/disabled flag
-        $scope.appConfigure.oauthProxy = '';
         $scope.appConfigure.certificateFile = null;
         $scope.appConfigure.certificateFileName = '';
         $scope.appConfigure.keyFile = null;
         $scope.appConfigure.keyFileName = '';
+        $scope.appConfigure.memoryLimit = $scope.memoryTicks[0];
+        $scope.appConfigure.accessRestrictionOption = '';
+        $scope.appConfigure.accessRestriction = { users: [], groups: [] };
 
         $scope.appConfigureForm.$setPristine();
         $scope.appConfigureForm.$setUntouched();
@@ -126,14 +141,24 @@ angular.module('Application').controller('AppsController', ['$scope', '$location
         });
     };
 
+    $scope.appConfigureToggleGroup = function (group) {
+        var groups = $scope.appConfigure.accessRestriction.groups;
+        var pos = groups.indexOf(group.id);
+
+        if (pos === -1) groups.push(group.id);
+        else groups.splice(pos, 1);
+    };
+
     $scope.showConfigure = function (app) {
         $scope.reset();
 
         // fill relevant info from the app
         $scope.appConfigure.app = app;
         $scope.appConfigure.location = app.location;
-        $scope.appConfigure.oauthProxy = app.oauthProxy ? '1' : '';
         $scope.appConfigure.portBindingsInfo = app.manifest.tcpPorts || {}; // Portbinding map only for information
+        $scope.appConfigure.accessRestrictionOption = app.accessRestriction ? 'restricted' : '';
+        $scope.appConfigure.accessRestriction = app.accessRestriction || { users: [], groups: [] };
+        $scope.appConfigure.memoryUsage = app.memoryUsage || 256;
 
         // fill the portBinding structures. There might be holes in the app.portBindings, which signalizes a disabled port
         for (var env in $scope.appConfigure.portBindingsInfo) {
@@ -166,10 +191,10 @@ angular.module('Application').controller('AppsController', ['$scope', '$location
         var data = {
             location: $scope.appConfigure.location || '',
             portBindings: finalPortBindings,
-            oauthProxy: !!$scope.appConfigure.oauthProxy,
-            accessRestriction: $scope.appConfigure.app.accessRestriction,
+            accessRestriction: !$scope.appConfigure.accessRestrictionOption ? null : $scope.appConfigure.accessRestriction,
             cert: $scope.appConfigure.certificateFile,
             key: $scope.appConfigure.keyFile,
+            memoryLimit: $scope.appConfigure.memoryLimit
         };
 
         Client.configureApp($scope.appConfigure.app.id, $scope.appConfigure.password, data, function (error) {
@@ -386,6 +411,11 @@ angular.module('Application').controller('AppsController', ['$scope', '$location
         window.history.back();
     };
 
+    Client.getGroups(function (error, result) {
+        if (error) return console.error('Unable to get group listing.', error);
+        $scope.groups = result;
+    });
+
     // setup all the dialog focus handling
     ['appConfigureModal', 'appUninstallModal', 'appUpdateModal', 'appRestoreModal'].forEach(function (id) {
         $('#' + id).on('shown.bs.modal', function () {

webadmin/src/views/appstore.html

@@ -13,7 +13,7 @@
             </div>
             <div class="modal-body">
                 <div class="collapse" id="collapseInstallForm" data-toggle="false">
-                    <form class="form-signin" role="form" name="appInstallForm" ng-submit="doInstall()" autocomplete="off">
+                    <form role="form" name="appInstallForm" ng-submit="doInstall()" autocomplete="off">
                         <div class="has-error text-center" ng-show="appInstall.error.other" ng-bind-html="appInstall.error.other"></div>
                         <div class="form-group" ng-class="{ 'has-error': (appInstallForm.location.$dirty && appInstallForm.location.$invalid) || (!appInstallForm.location.$dirty && appInstall.error.location) }">
                             <label class="control-label" for="appInstallLocationInput">Location {{ appInstall.error.location }} </label>

webadmin/src/views/appstore.js

@@ -18,7 +18,6 @@ angular.module('Application').controller('AppStoreController', ['$scope', '$loca
         location: '',
         portBindings: {},
         accessRestriction: null,
-        oauthProxy: false,
         mediaLinks: [],
         certificateFile: null,
         certificateFileName: '',
@@ -142,7 +141,6 @@ angular.module('Application').controller('AppStoreController', ['$scope', '$loca
         $scope.appInstall.location = '';
         $scope.appInstall.portBindings = {};
         $scope.appInstall.accessRestriction = null;
-        $scope.appInstall.oauthProxy = false;
         $scope.appInstall.installFormVisible = false;
         $scope.appInstall.resourceConstraintVisible = false;
         $scope.appInstall.mediaLinks = [];
@@ -213,7 +211,6 @@ angular.module('Application').controller('AppStoreController', ['$scope', '$loca
         $scope.appInstall.portBindings = {};                            // This is the actual model holding the env:port pair
         $scope.appInstall.portBindingsEnabled = {};                     // This is the actual model holding the enabled/disabled flag
         $scope.appInstall.accessRestriction = app.accessRestriction ? app.accessRestriction.users[0] : $scope.user;
-        $scope.appInstall.oauthProxy = false;
 
         // set default ports
         for (var env in $scope.appInstall.app.manifest.tcpPorts) {
@@ -252,7 +249,6 @@ angular.module('Application').controller('AppStoreController', ['$scope', '$loca
             location: $scope.appInstall.location || '',
             portBindings: finalPortBindings,
             accessRestriction: accessRestriction,
-            oauthProxy: $scope.appInstall.oauthProxy,
             cert: $scope.appInstall.certificateFile,
             key: $scope.appInstall.keyFile,
         };

webadmin/src/views/settings.html

@@ -3,11 +3,11 @@
     <div class="modal-dialog">
         <div class="modal-content">
             <div class="modal-header">
-                <h4 class="modal-title" ng-hide="config.developerMode">Enable Developer Mode</h4>
-                <h4 class="modal-title" ng-show="config.developerMode">Disable Developer Mode</h4>
+                <h4 class="modal-title" ng-hide="config.developerMode">Enable CLI Mode</h4>
+                <h4 class="modal-title" ng-show="config.developerMode">Disable CLI Mode</h4>
             </div>
             <div class="modal-body">
-                <form name="developerModeChangeForm" class="form-signin" role="form" novalidate ng-submit="doChangeDeveloperMode(developerModeChangeForm)" autocomplete="off">
+                <form name="developerModeChangeForm" role="form" novalidate ng-submit="doChangeDeveloperMode(developerModeChangeForm)" autocomplete="off">
                     <fieldset>
                         <div class="form-group" ng-class="{ 'has-error': (!developerModeChangeForm.password.$dirty && developerModeChange.error.password) || (developerModeChangeForm.password.$dirty && developerModeChangeForm.password.$invalid) }">
                             <label class="control-label" for="inputDeveloperModeChangePassword">Give your password to verify that you are performing that action</label>
@@ -143,17 +143,17 @@
 
 <div style="max-width: 600px; margin: 0 auto;" ng-show="user.admin">
     <div class="text-left">
-        <h3>Developer Mode</h3>
+        <h3>CLI</h3>
     </div>
 </div>
 
 <div class="card" style="margin-bottom: 15px;" ng-show="user.admin">
     <div class="row">
         <div class="col-xs-12">
-            The developer mode will enable additional functionality for developers. This mode allows for example the Cloudron commandline tool to control parts of the Cloudron, like installing and debugging applications.
+            Enabling this will allow the <a href="https://cloudron.io/references/cli.html" target="_blank">CLI tool</a> to control this Cloudron. The CLI tool can be used to install, configure, inspect and backup applications.
             <br/>
             <br/>
-            If you are interested in application development, please visit the <a href="{{ config.webServerOrigin }}/documentation.html" target="_blank">application developer documentation</a>.
+            If you are a developer, please see the <a href="{{ config.webServerOrigin }}/documentation.html" target="_blank">docs</a>.
         </div>
     </div>
     <br/>

webadmin/src/views/users.html

@@ -1,51 +1,49 @@
 <!-- Modal add user -->
-<div class="modal fade" id="userAddModal" tabindex="-1" role="dialog" aria-labelledby="updateModalLabel" aria-hidden="true">
+<div class="modal fade" id="userAddModal" tabindex="-1" role="dialog">
     <div class="modal-dialog">
         <div class="modal-content">
             <div class="modal-header">
-                <h4 class="modal-title" id="userAddModalLabel">Add User</h4>
+                <h4 class="modal-title">Add User</h4>
             </div>
             <div class="modal-body">
-                <form name="useradd_form" class="form-signin" role="form" novalidate ng-submit="doAdd()" autocomplete="off">
-                    <fieldset>
-                        <input type="password" style="display: none;">
-                        <div class="form-group" ng-class="{ 'has-error': (useradd_form.username.$dirty && useradd_form.username.$invalid) || (!useradd_form.username.$dirty && useradd.error.username) }">
-                            <label class="control-label" for="inputUserAddUsername">Username</label>
-                            <div class="control-label" ng-show="(!useradd_form.username.$dirty && useradd.error.username) || (useradd_form.username.$dirty && useradd_form.username.$invalid) || (!useradd_form.username.$dirty && useradd.error.username)">
-                                <small ng-show="useradd_form.username.$error.required">A username is required</small>
-                                <small ng-show="useradd_form.username.$error.minlength">The username is too short</small>
-                                <small ng-show="useradd_form.username.$error.maxlength">The username is too long</small>
-                                <small ng-show="!useradd_form.username.$dirty && useradd.error.username">{{ useradd.error.username }}</small>
-                            </div>
-                            <input type="text" class="form-control" ng-model="useradd.username" id="inputUserAddUsername" name="username" ng-maxlength="512" ng-minlength="3" required autofocus>
+                <form name="useradd_form" role="form" ng-submit="doAdd()" autocomplete="off">
+                    <input type="password" style="display: none;">
+                    <div class="form-group" ng-class="{ 'has-error': (useradd_form.username.$dirty && useradd_form.username.$invalid) || (!useradd_form.username.$dirty && useradd.error.username) }">
+                        <label class="control-label">Username</label>
+                        <div class="control-label" ng-show="(!useradd_form.username.$dirty && useradd.error.username) || (useradd_form.username.$dirty && useradd_form.username.$invalid) || (!useradd_form.username.$dirty && useradd.error.username)">
+                            <small ng-show="useradd_form.username.$error.required">A username is required</small>
+                            <small ng-show="useradd_form.username.$error.minlength">The username is too short</small>
+                            <small ng-show="useradd_form.username.$error.maxlength">The username is too long</small>
+                            <small ng-show="!useradd_form.username.$dirty && useradd.error.username">{{ useradd.error.username }}</small>
                         </div>
-                        <div class="form-group" ng-class="{ 'has-error': (useradd_form.email.$dirty && useradd_form.email.$invalid) || (!useradd_form.email.$dirty && useradd.error.email) }">
-                            <label class="control-label" for="inputUserAddEmail">Email</label>
-                            <div class="control-label" ng-show="(!useradd_form.email.$dirty && useradd.error.email) || (useradd_form.email.$dirty && useradd_form.email.$invalid) || (!useradd_form.email.$dirty && useradd.error.email)">
-                                <small ng-show="useradd_form.email.$error.required">An email is required</small>
-                                <small ng-show="useradd_form.email.$error.email">This is not a valid email</small>
-                                <small ng-show="!useradd_form.email.$dirty && useradd.error.email">{{ useradd.error.email }}</small>
-                            </div>
-                            <input type="email" class="form-control" ng-model="useradd.email" id="inputUserAddEmail" name="email" required>
+                        <input type="text" class="form-control" ng-model="useradd.username" name="username" id="inputUserAddUsername" ng-maxlength="512" ng-minlength="3" required autofocus>
+                    </div>
+                    <div class="form-group" ng-class="{ 'has-error': (useradd_form.email.$dirty && useradd_form.email.$invalid) || (!useradd_form.email.$dirty && useradd.error.email) }">
+                        <label class="control-label">Email</label>
+                        <div class="control-label" ng-show="(!useradd_form.email.$dirty && useradd.error.email) || (useradd_form.email.$dirty && useradd_form.email.$invalid) || (!useradd_form.email.$dirty && useradd.error.email)">
+                            <small ng-show="useradd_form.email.$error.required">An email is required</small>
+                            <small ng-show="useradd_form.email.$error.email">This is not a valid email</small>
+                            <small ng-show="!useradd_form.email.$dirty && useradd.error.email">{{ useradd.error.email }}</small>
                         </div>
+                        <input type="email" class="form-control" ng-model="useradd.email" name="email" id="inputUserAddEmail" required>
+                    </div>
 
-                        <div class="form-group" ng-class="{ 'has-error': (useradd_form.displayName.$dirty && useradd_form.displayName.$invalid) || (!useradd_form.displayName.$dirty && useradd.error.displayName) }">
-                            <label class="control-label" for="inputUserAddDisplayName">Full Name</label>
-                            <div class="control-label" ng-show="(!useradd_form.displayName.$dirty && useradd.error.displayName) || (useradd_form.displayname.$dirty && useradd_form.displayName.$invalid) || (!useradd_form.displayName.$dirty && useradd.error.displayName)">
-                                <small ng-show="useradd_form.displayName.$error.required">A Name is required</small>
-                                <small ng-show="useradd_form.displayName.$error.displayName">This is not a valid Name</small>
-                                <small ng-show="!useradd_form.displayName.$dirty && useradd.error.displayName">{{ useradd.error.displayName }}</small>
-                            </div>
-                            <input type="text" class="form-control" ng-model="useradd.displayName" id="inputUserAddDisplayName" name="displayName">
+                    <div class="form-group" ng-class="{ 'has-error': (useradd_form.displayName.$dirty && useradd_form.displayName.$invalid) || (!useradd_form.displayName.$dirty && useradd.error.displayName) }">
+                        <label class="control-label">Full Name</label>
+                        <div class="control-label" ng-show="(!useradd_form.displayName.$dirty && useradd.error.displayName) || (useradd_form.displayname.$dirty && useradd_form.displayName.$invalid) || (!useradd_form.displayName.$dirty && useradd.error.displayName)">
+                            <small ng-show="useradd_form.displayName.$error.required">A Name is required</small>
+                            <small ng-show="useradd_form.displayName.$error.displayName">This is not a valid Name</small>
+                            <small ng-show="!useradd_form.displayName.$dirty && useradd.error.displayName">{{ useradd.error.displayName }}</small>
                         </div>
+                        <input type="text" class="form-control" ng-model="useradd.displayName" name="displayName" id="inputUserAddDisplayName">
+                    </div>
 
-                        <div class="checkbox">
-                            <label>
-                                <input type="checkbox" ng-model="useradd.sendInvite" id="inputUserAddSendInvite"> Send invite
-                            </label>
-                        </div>
-                        <input class="ng-hide" type="submit" ng-disabled="useradd_form.$invalid || useradd.alreadyTaken === username"/>
-                    </fieldset>
+                    <div class="checkbox">
+                        <label>
+                            <input type="checkbox" ng-model="useradd.sendInvite" id="inputUserAddSendInvite"> Send invite
+                        </label>
+                    </div>
+                    <input class="ng-hide" type="submit" ng-disabled="useradd_form.$invalid || useradd.busy"/>
                 </form>
             </div>
             <div class="modal-footer">
@@ -57,34 +55,32 @@
 </div>
 
 <!-- Modal remove user -->
-<div class="modal fade" id="userRemoveModal" tabindex="-1" role="dialog" aria-labelledby="userRemoveModalLabel" aria-hidden="true" style="text-align: left;">
+<div class="modal fade" id="userRemoveModal" tabindex="-1" role="dialog">
     <div class="modal-dialog">
         <div class="modal-content">
             <div class="modal-header">
-                <h4 class="modal-title" id="userRemoveModalLabel">Delete user {{ userremove.userInfo.username }}</h4>
+                <h4 class="modal-title">Delete user {{ userremove.userInfo.username }}</h4>
             </div>
             <div class="modal-body">
-                <form name="userremove_form" class="form-user-delete" role="form" ng-submit="doUserRemove()" name="userDeleteConfirm" autocomplete="off">
-                    <fieldset>
-                        <input type="password" style="display: none;">
-                        <div class="form-group" ng-class="{ 'has-error': (userremove_form.username.$dirty && userremove_form.username.$invalid) || (!userremove_form.username.$dirty && userremove.error.username) }">
-                            <label class="control-label" for="inputUserRemoveUsername">Just to be sure you really want to delete this user, please type the user's name</label>
-                            <div class="control-label" ng-show="(!userremove_form.username.$dirty && userremove.error.username) || (userremove_form.username.$dirty && userremove_form.username.$invalid)">
-                                <small ng-show="userremove_form.username.$error.required">A username is required</small>
-                                <small ng-show="userremove_form.error.username">The username does not match</small>
-                            </div>
-                            <input type="text" class="form-control" ng-model="userremove.username" id="inputUserRemoveUsername" name="userDeleteConfirm" placeholder="Username" required autofocus>
+                <form name="userremove_form" role="form" ng-submit="doUserRemove()" autocomplete="off">
+                    <input type="password" style="display: none;">
+                    <div class="form-group" ng-class="{ 'has-error': (userremove_form.username.$dirty && userremove_form.username.$invalid) || (!userremove_form.username.$dirty && userremove.error.username) }">
+                        <label class="control-label">Just to be sure you really want to delete this user, please type the user's name</label>
+                        <div class="control-label" ng-show="(!userremove_form.username.$dirty && userremove.error.username) || (userremove_form.username.$dirty && userremove_form.username.$invalid)">
+                            <small ng-show="userremove_form.username.$error.required">A username is required</small>
+                            <small ng-show="userremove_form.error.username">The username does not match</small>
                         </div>
-                        <div class="form-group" ng-class="{ 'has-error': (userremove_form.password.$dirty && userremove_form.password.$invalid) || (!userremove_form.password.$dirty && userremove.error.password)}">
-                            <label class="control-label" for="inputUserRemovePassword">Give your password to verify that you are performing that action</label>
-                            <div class="control-label" ng-show="(!userremove_form.password.$dirty && userremove.error.password) || (userremove_form.password.$dirty && userremove_form.password.$invalid)">
-                                <small ng-show="userremove_form.password.$error.required && !userremove.error.password">A password is required</small>
-                                <small ng-show="!useradd_form.email.$dirty && userremove.error.password">{{ userremove.error.password }}</small>
-                            </div>
-                            <input type="password" class="form-control" ng-model="userremove.password" id="inputUserRemovePassword" name="password" placeholder="Password" required>
+                        <input type="text" class="form-control" ng-model="userremove.username" id="inputUserRemoveUsername" name="username" placeholder="Username" required autofocus>
+                    </div>
+                    <div class="form-group" ng-class="{ 'has-error': (userremove_form.password.$dirty && userremove_form.password.$invalid) || (!userremove_form.password.$dirty && userremove.error.password)}">
+                        <label class="control-label">Give your password to verify that you are performing that action</label>
+                        <div class="control-label" ng-show="(!userremove_form.password.$dirty && userremove.error.password) || (userremove_form.password.$dirty && userremove_form.password.$invalid)">
+                            <small ng-show="userremove_form.password.$error.required && !userremove.error.password">A password is required</small>
+                            <small ng-show="!useradd_form.email.$dirty && userremove.error.password">{{ userremove.error.password }}</small>
                         </div>
-                        <input class="hide" type="submit"/>
-                    </fieldset>
+                        <input type="password" class="form-control" ng-model="userremove.password" id="inputUserRemovePassword" name="password" placeholder="Password" required>
+                    </div>
+                    <input class="hide" type="submit" ng-disabled="userremove_form.$invalid || userremove.busy"/>
                 </form>
             </div>
             <div class="modal-footer">
@@ -96,42 +92,53 @@
 </div>
 
 <!-- Modal edit user -->
-<div class="modal fade" id="userEditModal" tabindex="-1" role="dialog" aria-labelledby="userEditModalLabel" aria-hidden="true" style="text-align: left;">
+<div class="modal fade" id="userEditModal" tabindex="-1" role="dialog">
     <div class="modal-dialog">
         <div class="modal-content">
             <div class="modal-header">
-                <h4 class="modal-title" id="userEditModalLabel">Edit user {{ useredit.userInfo.username }}</h4>
+                <h4 class="modal-title">Edit user {{ useredit.userInfo.username }}</h4>
             </div>
             <div class="modal-body">
-                <form name="useredit_form" class="form-user-delete" role="form" ng-submit="doUserEdit()" autocomplete="off">
-                    <fieldset>
-                        <input type="password" style="display: none;">
-                        <div class="form-group" ng-class="{ 'has-error': (useredit_form.displayName.$dirty && useredit_form.displayName.$invalid) || (!useredit_form.displayName.$dirty && useredit.error.displayName) }">
-                            <label class="control-label" for="inputUsereditDisplayName">Full Name</label>
-                            <div class="control-label" ng-show="(!useredit_form.displayName.$dirty && useredit.error.displayName) || (useredit_form.displayName.$dirty && useredit_form.displayName.$invalid)">
-                                <small ng-show="useredit_form.error.displayName">Invalid name</small>
-                            </div>
-                            <input type="text" class="form-control" ng-model="useredit.displayName" id="inputUsereditDisplayName" name="displayName" placeholder="Full Name" autofocus>
+                <form name="useredit_form" role="form" ng-submit="doUserEdit()" autocomplete="off">
+                    <input type="password" style="display: none;">
+                    <div class="form-group" ng-class="{ 'has-error': (useredit_form.displayName.$dirty && useredit_form.displayName.$invalid) || (!useredit_form.displayName.$dirty && useredit.error.displayName) }">
+                        <label class="control-label">Full Name</label>
+                        <div class="control-label" ng-show="(!useredit_form.displayName.$dirty && useredit.error.displayName) || (useredit_form.displayName.$dirty && useredit_form.displayName.$invalid)">
+                            <small ng-show="useredit_form.error.displayName">Invalid name</small>
                         </div>
-                        <div class="form-group" ng-class="{ 'has-error': (useredit_form.email.$dirty && useredit_form.email.$invalid) || (!useredit_form.email.$dirty && useredit.error.email) }">
-                            <label class="control-label" for="inputUserEditEmail">Email</label>
-                            <div class="control-label" ng-show="(!useredit_form.email.$dirty && useredit.error.email) || (useredit_form.email.$dirty && useredit_form.email.$invalid) || (!useredit_form.email.$dirty && useredit.error.email)">
-                                <small ng-show="useredit_form.email.$error.required">An email is required</small>
-                                <small ng-show="useredit_form.email.$error.email">This is not a valid email</small>
-                                <small ng-show="!useredit_form.email.$dirty && useredit.error.email">{{ useredit.error.email }}</small>
-                            </div>
-                            <input type="email" class="form-control" ng-model="useredit.email" id="inputUserEditEmail" name="email" required>
+                        <input type="text" class="form-control" ng-model="useredit.displayName" name="displayName" placeholder="Full Name" autofocus>
+                    </div>
+                    <div class="form-group" ng-class="{ 'has-error': (useredit_form.email.$dirty && useredit_form.email.$invalid) || (!useredit_form.email.$dirty && useredit.error.email) }">
+                        <label class="control-label">Email</label>
+                        <div class="control-label" ng-show="(!useredit_form.email.$dirty && useredit.error.email) || (useredit_form.email.$dirty && useredit_form.email.$invalid) || (!useredit_form.email.$dirty && useredit.error.email)">
+                            <small ng-show="useredit_form.email.$error.required">An email is required</small>
+                            <small ng-show="useredit_form.email.$error.email">This is not a valid email</small>
+                            <small ng-show="!useredit_form.email.$dirty && useredit.error.email">{{ useredit.error.email }}</small>
                         </div>
-                        <div class="form-group" ng-class="{ 'has-error': (useredit_form.password.$dirty && useredit_form.password.$invalid) || (!useredit_form.password.$dirty && useredit.error.password)}">
-                            <label class="control-label" for="inputusereditPassword">Give your password to verify that you are performing that action</label>
-                            <div class="control-label" ng-show="(!useredit_form.password.$dirty && useredit.error.password) || (useredit_form.password.$dirty && useredit_form.password.$invalid)">
-                                <small ng-show="useredit_form.password.$error.required && !useredit.error.password">A password is required</small>
-                                <small ng-show="!useredit_form.password.$dirty && useredit.error.password">{{ useredit.error.password }}</small>
-                            </div>
-                            <input type="password" class="form-control" ng-model="useredit.password" id="inputUserRemovePassword" name="password" placeholder="Password" required>
+                        <input type="email" class="form-control" ng-model="useredit.email" name="email" required>
+                    </div>
+                    <div class="form-group">
+                        <label class="control-label">Groups</label>
+                        <div>
+                            <span>
+                                <button class="btn btn-admin" type="button" ng-show="useredit.userInfo.id === userInfo.id" ng-click="showBubble($event)" data-toggle="tooltip" data-trigger="manual" title="Removing yourself from admin group is not allowed">Admin</button>
+                                <button class="btn btn-default" type="button" ng-hide="useredit.userInfo.id === userInfo.id" ng-click="userEditToggleGroup({ id: 'admin', name: 'admin' })" ng-class="{ 'btn-admin': (useredit.groupIds.indexOf('admin') !== -1) }">Admin</button>
+                            </span>
+
+                            <span ng-repeat="group in groups" ng-show="group.id !== 'admin'">
+                                <button class="btn btn-default" type="button" ng-click="userEditToggleGroup(group);" ng-class="{ 'btn-primary': (useredit.groupIds.indexOf(group.id) !== -1) }">{{ group.name }}</button>
+                            </span>
                         </div>
-                        <input class="hide" type="submit" ng-disabled="useredit_form.$invalid"/>
-                    </fieldset>
+                    </div>
+                    <div class="form-group" ng-class="{ 'has-error': (useredit_form.password.$dirty && useredit_form.password.$invalid) || (!useredit_form.password.$dirty && useredit.error.password)}">
+                        <label class="control-label">Give your password to verify that you are performing that action</label>
+                        <div class="control-label" ng-show="(!useredit_form.password.$dirty && useredit.error.password) || (useredit_form.password.$dirty && useredit_form.password.$invalid)">
+                            <small ng-show="useredit_form.password.$error.required && !useredit.error.password">A password is required</small>
+                            <small ng-show="!useredit_form.password.$dirty && useredit.error.password">{{ useredit.error.password }}</small>
+                        </div>
+                        <input type="password" class="form-control" ng-model="useredit.password" name="password" id="inputUserEditPassword" placeholder="Password" required>
+                    </div>
+                    <input class="hide" type="submit" ng-disabled="useredit_form.$invalid || useredit.busy"/>
                 </form>
             </div>
             <div class="modal-footer">
@@ -142,6 +149,71 @@
     </div>
 </div>
 
+<!-- Modal add group -->
+<div class="modal fade" id="groupAddModal" tabindex="-1" role="dialog">
+    <div class="modal-dialog">
+        <div class="modal-content">
+            <div class="modal-header">
+                <h4 class="modal-title">Add Group</h4>
+            </div>
+            <div class="modal-body">
+                <form name="groupAddForm" role="form" novalidate ng-submit="groupAdd.submit()" autocomplete="off">
+                    <div class="form-group" ng-class="{ 'has-error': (groupAddForm.name.$dirty && groupAddForm.name.$invalid) || (!groupAddForm.name.$dirty && groupAdd.error.name) }">
+                        <label class="control-label" for="groupAddName">Name</label>
+                        <div class="control-label" ng-show="(!groupAddForm.name.$dirty && groupAdd.error.name) || (groupAddForm.name.$dirty && groupAddForm.name.$invalid) || (!groupAddForm.name.$dirty && groupAdd.error.name)">
+                            <small ng-show="groupAddForm.name.$error.required">A name is required</small>
+                            <small ng-show="groupAddForm.name.$error.minlength">The name is too short</small>
+                            <small ng-show="groupAddForm.name.$error.maxlength">The name is too long</small>
+                            <small ng-show="!groupAddForm.name.$dirty && groupAdd.error.name">{{ groupAdd.error.name }}</small>
+                        </div>
+                        <input type="text" class="form-control" ng-model="groupAdd.name" id="groupAddName" name="name" ng-maxlength="200" ng-minlength="2" required autofocus>
+                    </div>
+                    <input class="hide" type="submit" ng-disabled="groupAddForm.$invalid || groupAdd.busy"/>
+                </form>
+            </div>
+            <div class="modal-footer">
+                <button type="button" class="btn btn-default" data-dismiss="modal">Cancel</button>
+                <button type="button" class="btn btn-success" ng-click="groupAdd.submit()" ng-disabled="groupAddForm.$invalid || groupAdd.busy"><i class="fa fa-spinner fa-pulse" ng-show="groupAdd.busy"></i> Add Group</button>
+            </div>
+        </div>
+    </div>
+</div>
+
+<!-- Modal remove group -->
+<div class="modal fade" id="groupRemoveModal" tabindex="-1" role="dialog">
+    <div class="modal-dialog">
+        <div class="modal-content">
+            <div class="modal-header">
+                <h4 class="modal-title">Delete group {{ groupRemove.group.name }}</h4>
+            </div>
+            <div class="modal-body">
+                <div ng-show="groupRemove.memberCount" class="text-danger">
+                    <b>This group still has {{ groupRemove.memberCount }} members. Are you sure this group is not used?</b>
+                    <br/>
+                    <br/>
+                </div>
+
+                <form name="groupRemoveForm" role="form" novalidate ng-submit="groupRemove.submit()" autocomplete="off">
+                    <input type="password" style="display: none;">
+                    <div class="form-group" ng-class="{ 'has-error': (groupRemoveForm.password.$dirty && groupRemoveForm.password.$invalid) || (!groupRemoveForm.password.$dirty && groupRemove.error.password)}">
+                        <label class="control-label" for="groupRemovePasswordInput">Give your password to verify that you are performing that action</label>
+                        <div class="control-label" ng-show="(!groupRemoveForm.password.$dirty && groupRemove.error.password) || (groupRemoveForm.password.$dirty && groupRemoveForm.password.$invalid)">
+                            <small ng-show="groupRemoveForm.password.$error.required && !groupRemove.error.password">A password is required</small>
+                            <small ng-show="!groupRemoveForm.password.$dirty && groupRemove.error.password">{{ groupRemove.error.password }}</small>
+                        </div>
+                        <input type="password" class="form-control" ng-model="groupRemove.password" id="groupRemovePasswordInput" name="password" placeholder="Password" required autofocus>
+                    </div>
+                    <input class="hide" type="submit" ng-disabled="groupRemoveForm.$invalid || groupRemove.busy"/>
+                </form>
+            </div>
+            <div class="modal-footer">
+                <button type="button" class="btn btn-default" data-dismiss="modal">Close</button>
+                <button type="button" class="btn btn-danger" ng-click="groupRemove.submit()" ng-disabled="groupRemoveForm.$invalid || groupRemove.busy"><i class="fa fa-spinner fa-pulse" ng-show="groupRemove.busy"></i> Delete</button>
+            </div>
+        </div>
+    </div>
+</div>
+
 <div class="content">
 
     <br/>
@@ -165,8 +237,8 @@
                         <thead>
                             <tr>
                                 <th style="">User</th>
-                                <th style="width: 1px" class="text-right">Group</th>
-                                <th style="width: 300px" class="text-right">Actions</th>
+                                <th style="width: 1px" class="text-right">Groups</th>
+                                <th style="width: 150px" class="text-right">Actions</th>
                             </tr>
                         </thead>
                         <tbody>
@@ -174,19 +246,55 @@
                                 <td class="text-overflow: ellipsis; white-space: nowrap;">
                                     {{ user.username }}
                                     <span class="text-muted">{{ user.email }}</span>
-                                </td>
-                                <td class="text-right" style="vertical-align: bottom">
-                                    <span ng-show="isAdmin(user)" class="label label-default">Admin</span>
-                                </td>
-                                <td class="text-right" style="vertical-align: bottom">
                                     <span ng-show="isMe(user)" class="label label-success">This is you!</span>
-                                    <button ng-show="!isMe(user) && userInfo.admin" ng-click="toggleAdmin(user)" class="btn btn-xs btn-default" title="{{ user.admin ? 'Remove Admin Privileges' : 'Make User an Admin' }}">
-                                        <span ng-show="!user.admin"><i class="fa fa-plus"></i> Admin</span>
-                                        <span ng-show="user.admin"><i class="fa fa-minus"></i> Admin</span>
-                                    </button>
-                                    <button ng-show="!isMe(user) && userInfo.admin" class="btn btn-xs btn-default" ng-click="sendInvite(user)" title="Send Invite"><i class="fa fa-paper-plane-o"></i> Invite</button>
-                                    <button ng-show="isMe(user) || userInfo.admin" class="btn btn-xs btn-default" ng-click="showUserEdit(user)" title="Edit User Profile"><i class="fa fa-pencil"></i> Edit</button>
-                                    <button ng-show="!isMe(user) && userInfo.admin" class="btn btn-xs btn-danger" ng-click="showUserRemove(user)" title="Remove User"><i class="fa fa-trash-o"></i> Delete</button>
+                                </td>
+                                <td class="text-right">
+                                    <span ng-repeat="groupId in user.groupIds" class="label label-default" ng-class="{ 'label-danger': groupId === 'admin' }">{{ groupId === 'admin' ? 'Admin' : groupId }}</span>
+                                </td>
+                                <td class="text-right" style="vertical-align: bottom">
+                                    <button ng-show="!isMe(user)" class="btn btn-xs btn-default" ng-click="sendInvite(user)" title="Send Invite"><i class="fa fa-paper-plane-o"></i></button>
+                                    <button class="btn btn-xs btn-default" ng-click="showUserEdit(user)" title="Edit User Profile"><i class="fa fa-pencil"></i></button>
+                                    <button ng-show="!isMe(user)" class="btn btn-xs btn-danger" ng-click="showUserRemove(user)" title="Remove User"><i class="fa fa-trash-o"></i></button>
+                                </td>
+                            </tr>
+                        </tbody>
+                    </table>
+                </div>
+            </div>
+        </div>
+    </div>
+
+    <br/>
+
+    <div>
+        <div class="text-left">
+            <h1>Groups <button class="btn btn-primary btn-outline pull-right" ng-click="groupAdd.show()"><i class="fa fa-plus"></i> New Group</button></h1>
+        </div>
+    </div>
+
+    <div class="card card-large">
+        <div class="grid-item-top">
+            <div class="row ng-hide" ng-show="!ready">
+                <div class="col-lg-12 text-center">
+                    <h2><i class="fa fa-spinner fa-pulse"></i></h2>
+                </div>
+            </div>
+            <div class="row animateMeOpacity ng-hide" ng-show="ready">
+                <div class="col-lg-12">
+                    <table class="table table-hover">
+                        <thead>
+                            <tr>
+                                <th style="">Name</th>
+                                <th style="width: 300px" class="text-right">Actions</th>
+                            </tr>
+                        </thead>
+                        <tbody>
+                            <tr ng-repeat="group in groups">
+                                <td class="text-overflow: ellipsis; white-space: nowrap;">
+                                    {{ group.name !== 'admin' ? group.name : 'Admin (manage apps and users on this Cloudron)' }}
+                                </td>
+                                <td class="text-right" style="vertical-align: bottom">
+                                    <button class="btn btn-xs btn-danger" ng-hide="group.name === 'admin'" ng-click="groupRemove.show(group)" title="Remove Group"><i class="fa fa-trash-o"></i></button>
                                 </td>
                             </tr>
                         </tbody>

webadmin/src/views/users.js

@@ -5,6 +5,7 @@ angular.module('Application').controller('UsersController', ['$scope', '$locatio
 
     $scope.ready = false;
     $scope.users = [];
+    $scope.groups = [];
     $scope.userInfo = Client.getUserInfo();
 
     $scope.userremove = {
@@ -34,6 +35,107 @@ angular.module('Application').controller('UsersController', ['$scope', '$locatio
         password: ''
     };
 
+    $scope.showBubble = function ($event) {
+        $($event.target).tooltip('show');
+
+        setTimeout(function () {
+            $($event.target).tooltip('hide');
+        }, 2000);
+    };
+
+    $scope.groupAdd = {
+        busy: false,
+        error: {},
+        name: '',
+
+        show: function () {
+            $scope.groupAdd.busy = false;
+
+            $scope.groupAdd.error = {};
+            $scope.groupAdd.name = '';
+
+            $scope.groupAddForm.$setUntouched();
+            $scope.groupAddForm.$setPristine();
+
+            $('#groupAddModal').modal('show');
+        },
+
+        submit: function () {
+            $scope.groupAdd.busy = true;
+            $scope.groupAdd.error = {};
+
+            Client.createGroup($scope.groupAdd.name, function (error) {
+                $scope.groupAdd.busy = false;
+
+                if (error && error.statusCode === 409) {
+                    $scope.groupAdd.error.name = 'Name already taken';
+                    $scope.groupAddForm.name.$setPristine();
+                    $('#groupAddName').focus();
+                    return;
+                }
+                if (error && error.statusCode === 400) {
+                    $scope.groupAdd.error.name = error.message;
+                    $scope.groupAddForm.name.$setPristine();
+                    $('#groupAddName').focus();
+                    return;
+                }
+                if (error) return console.error('Unable to create group.', error.statusCode, error.message);
+
+                refresh();
+                $('#groupAddModal').modal('hide');
+            });
+        }
+    };
+
+    $scope.groupRemove = {
+        busy: false,
+        error: {},
+        group: null,
+        password: '',
+        memberCount: 0,
+
+        show: function (group) {
+            $scope.groupRemove.busy = false;
+
+            $scope.groupRemove.error = {};
+            $scope.groupRemove.password = '';
+
+            $scope.groupRemove.group = angular.copy(group);
+
+            $scope.groupRemoveForm.$setUntouched();
+            $scope.groupRemoveForm.$setPristine();
+
+            Client.getGroup(group.id, function (error, result) {
+                if (error) return console.error('Unable to fetch group information.', error.statusCode, error.message);
+
+                $scope.groupRemove.memberCount = result.userIds.length;
+
+                $('#groupRemoveModal').modal('show');
+            });
+        },
+
+        submit: function () {
+            $scope.groupRemove.busy = true;
+            $scope.groupRemove.error = {};
+
+            Client.removeGroup($scope.groupRemove.group.id, $scope.groupRemove.password, function (error) {
+                $scope.groupRemove.busy = false;
+
+                if (error && error.statusCode === 403) {
+                    $scope.groupRemove.error.password = 'Wrong password';
+                    $scope.groupRemove.password = '';
+                    $scope.groupRemoveForm.password.$setPristine();
+                    $('#groupRemovePasswordInput').focus();
+                    return;
+                }
+                if (error) return console.error('Unable to remove group.', error.statusCode, error.message);
+
+                refresh();
+                $('#groupRemoveModal').modal('hide');
+            });
+        }
+    };
+
     $scope.isMe = function (user) {
         return user.username === Client.getUserInfo().username;
     };
@@ -129,11 +231,13 @@ angular.module('Application').controller('UsersController', ['$scope', '$locatio
     };
 
     $scope.showUserEdit = function (userInfo) {
+        $scope.useredit.error.password = null;
         $scope.useredit.error.displayName = null;
         $scope.useredit.error.email = null;
         $scope.useredit.displayName = userInfo.displayName;
         $scope.useredit.email = userInfo.email;
         $scope.useredit.userInfo = userInfo;
+        $scope.useredit.groupIds = angular.copy(userInfo.groupIds);
 
         $scope.useredit_form.$setPristine();
         $scope.useredit_form.$setUntouched();
@@ -141,6 +245,15 @@ angular.module('Application').controller('UsersController', ['$scope', '$locatio
         $('#userEditModal').modal('show');
     };
 
+    $scope.userEditToggleGroup = function (group) {
+        var pos = $scope.useredit.groupIds.indexOf(group.id);
+        if (pos === -1) {
+            $scope.useredit.groupIds.push(group.id);
+        } else {
+            $scope.useredit.groupIds.splice(pos, 1);
+        }
+    };
+
     $scope.doUserEdit = function () {
         $scope.useredit.error.displayName = null;
         $scope.useredit.error.email = null;
@@ -154,28 +267,37 @@ angular.module('Application').controller('UsersController', ['$scope', '$locatio
         };
 
         Client.updateUser(data, $scope.useredit.password, function (error) {
-            $scope.useredit.busy = false;
-
             if (error && error.statusCode === 403) {
+                $scope.useredit.busy = false;
                 $scope.useredit.error.password = 'Wrong password';
                 $scope.useredit.password = '';
                 $scope.useredit_form.password.$setPristine();
                 $('#inputUserEditPassword').focus();
                 return;
             }
-            if (error) return console.error('Unable to update user:', error);
+            if (error) {
+                $scope.useredit.busy = false;
+                return console.error('Unable to update user:', error);
+            }
 
-            $scope.useredit.userInfo = {};
-            $scope.useredit.email = '';
-            $scope.useredit.displayName = '';
-            $scope.useredit.password = '';
+            Client.setGroups(data.id, $scope.useredit.groupIds, function (error) {
+                $scope.useredit.busy = false;
 
-            $scope.useredit_form.$setPristine();
-            $scope.useredit_form.$setUntouched();
+                if (error) return console.error('Unable to update groups for user:', error);
 
-            refresh();
+                $scope.useredit.userInfo = {};
+                $scope.useredit.email = '';
+                $scope.useredit.displayName = '';
+                $scope.useredit.password = '';
+                $scope.useredit.groupIds = [];
 
-            $('#userEditModal').modal('hide');
+                $scope.useredit_form.$setPristine();
+                $scope.useredit_form.$setUntouched();
+
+                refresh();
+
+                $('#userEditModal').modal('hide');
+            });
         });
     };
 
@@ -231,18 +353,24 @@ angular.module('Application').controller('UsersController', ['$scope', '$locatio
     };
 
     function refresh() {
-        Client.listUsers(function (error, result) {
-            if (error) return console.error('Unable to get user listing.', error);
+        Client.getGroups(function (error, result) {
+            if (error) return console.error('Unable to get group listing.', error);
 
-            $scope.users = result.users;
-            $scope.ready = true;
+            $scope.groups = result;
+
+            Client.listUsers(function (error, result) {
+                if (error) return console.error('Unable to get user listing.', error);
+
+                $scope.users = result.users;
+                $scope.ready = true;
+            });
         });
     }
 
     refresh();
 
     // setup all the dialog focus handling
-    ['userAddModal', 'userRemoveModal', 'userEditModal'].forEach(function (id) {
+    ['userAddModal', 'userRemoveModal', 'userEditModal', 'groupAddModal', 'groupRemoveModal'].forEach(function (id) {
         $('#' + id).on('shown.bs.modal', function () {
             $(this).find("[autofocus]:first").focus();
         });