Rest API reorganization (#3624)

* reorg API * reorg api * fix system route * remove newline Co-authored-by: Mattermod <mattermod@users.noreply.github.com>
2025-07-12 23:50:27 +02:00 · 2022-08-10 08:20:42 -04:00
parent ab02e98831
commit c1f2ae6316
26 changed files with 5238 additions and 4955 deletions
--- a/server/api/teams.go
+++ b/server/api/teams.go
@ -0,0 +1,245 @@
+package api
+
+import (
+	"encoding/json"
+	"net/http"
+
+	"github.com/gorilla/mux"
+	"github.com/mattermost/focalboard/server/model"
+	"github.com/mattermost/focalboard/server/services/audit"
+	"github.com/mattermost/focalboard/server/utils"
+)
+
+func (a *API) registerTeamsRoutes(r *mux.Router) {
+	// Team APIs
+	r.HandleFunc("/teams", a.sessionRequired(a.handleGetTeams)).Methods("GET")
+	r.HandleFunc("/teams/{teamID}", a.sessionRequired(a.handleGetTeam)).Methods("GET")
+	r.HandleFunc("/teams/{teamID}/users", a.sessionRequired(a.handleGetTeamUsers)).Methods("GET")
+	r.HandleFunc("/teams/{teamID}/archive/export", a.sessionRequired(a.handleArchiveExportTeam)).Methods("GET")
+}
+
+func (a *API) handleGetTeams(w http.ResponseWriter, r *http.Request) {
+	// swagger:operation GET /teams getTeams
+	//
+	// Returns information of all the teams
+	//
+	// ---
+	// produces:
+	// - application/json
+	// security:
+	// - BearerAuth: []
+	// responses:
+	//   '200':
+	//     description: success
+	//     schema:
+	//       type: array
+	//       items:
+	//         "$ref": "#/definitions/Team"
+	//   default:
+	//     description: internal error
+	//     schema:
+	//       "$ref": "#/definitions/ErrorResponse"
+
+	userID := getUserID(r)
+
+	teams, err := a.app.GetTeamsForUser(userID)
+	if err != nil {
+		a.errorResponse(w, r.URL.Path, http.StatusInternalServerError, "", err)
+	}
+
+	auditRec := a.makeAuditRecord(r, "getTeams", audit.Fail)
+	defer a.audit.LogRecord(audit.LevelRead, auditRec)
+	auditRec.AddMeta("teamCount", len(teams))
+
+	data, err := json.Marshal(teams)
+	if err != nil {
+		a.errorResponse(w, r.URL.Path, http.StatusInternalServerError, "", err)
+		return
+	}
+
+	jsonBytesResponse(w, http.StatusOK, data)
+	auditRec.Success()
+}
+
+func (a *API) handleGetTeam(w http.ResponseWriter, r *http.Request) {
+	// swagger:operation GET /teams/{teamID} getTeam
+	//
+	// Returns information of the root team
+	//
+	// ---
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: teamID
+	//   in: path
+	//   description: Team ID
+	//   required: true
+	//   type: string
+	// security:
+	// - BearerAuth: []
+	// responses:
+	//   '200':
+	//     description: success
+	//     schema:
+	//       "$ref": "#/definitions/Team"
+	//   default:
+	//     description: internal error
+	//     schema:
+	//       "$ref": "#/definitions/ErrorResponse"
+
+	vars := mux.Vars(r)
+	teamID := vars["teamID"]
+	userID := getUserID(r)
+
+	if !a.permissions.HasPermissionToTeam(userID, teamID, model.PermissionViewTeam) {
+		a.errorResponse(w, r.URL.Path, http.StatusForbidden, "", PermissionError{"access denied to team"})
+		return
+	}
+
+	var team *model.Team
+	var err error
+
+	if a.MattermostAuth {
+		team, err = a.app.GetTeam(teamID)
+		if err != nil {
+			a.errorResponse(w, r.URL.Path, http.StatusInternalServerError, "", err)
+		}
+		if team == nil {
+			a.errorResponse(w, r.URL.Path, http.StatusUnauthorized, "invalid team", nil)
+			return
+		}
+	} else {
+		team, err = a.app.GetRootTeam()
+		if err != nil {
+			a.errorResponse(w, r.URL.Path, http.StatusInternalServerError, "", err)
+			return
+		}
+	}
+
+	auditRec := a.makeAuditRecord(r, "getTeam", audit.Fail)
+	defer a.audit.LogRecord(audit.LevelRead, auditRec)
+	auditRec.AddMeta("resultTeamID", team.ID)
+
+	data, err := json.Marshal(team)
+	if err != nil {
+		a.errorResponse(w, r.URL.Path, http.StatusInternalServerError, "", err)
+		return
+	}
+
+	jsonBytesResponse(w, http.StatusOK, data)
+	auditRec.Success()
+}
+
+func (a *API) handlePostTeamRegenerateSignupToken(w http.ResponseWriter, r *http.Request) {
+	// swagger:operation POST /teams/{teamID}/regenerate_signup_token regenerateSignupToken
+	//
+	// Regenerates the signup token for the root team
+	//
+	// ---
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: teamID
+	//   in: path
+	//   description: Team ID
+	//   required: true
+	//   type: string
+	// security:
+	// - BearerAuth: []
+	// responses:
+	//   '200':
+	//     description: success
+	//   default:
+	//     description: internal error
+	//     schema:
+	//       "$ref": "#/definitions/ErrorResponse"
+	if a.MattermostAuth {
+		a.errorResponse(w, r.URL.Path, http.StatusNotImplemented, "not permitted in plugin mode", nil)
+		return
+	}
+
+	team, err := a.app.GetRootTeam()
+	if err != nil {
+		a.errorResponse(w, r.URL.Path, http.StatusInternalServerError, "", err)
+		return
+	}
+
+	auditRec := a.makeAuditRecord(r, "regenerateSignupToken", audit.Fail)
+	defer a.audit.LogRecord(audit.LevelModify, auditRec)
+
+	team.SignupToken = utils.NewID(utils.IDTypeToken)
+
+	err = a.app.UpsertTeamSignupToken(*team)
+	if err != nil {
+		a.errorResponse(w, r.URL.Path, http.StatusInternalServerError, "", err)
+		return
+	}
+
+	jsonStringResponse(w, http.StatusOK, "{}")
+	auditRec.Success()
+}
+
+func (a *API) handleGetTeamUsers(w http.ResponseWriter, r *http.Request) {
+	// swagger:operation GET /teams/{teamID}/users getTeamUsers
+	//
+	// Returns team users
+	//
+	// ---
+	// produces:
+	// - application/json
+	// parameters:
+	// - name: teamID
+	//   in: path
+	//   description: Team ID
+	//   required: true
+	//   type: string
+	// - name: search
+	//   in: query
+	//   description: string to filter users list
+	//   required: false
+	//   type: string
+	// security:
+	// - BearerAuth: []
+	// responses:
+	//   '200':
+	//     description: success
+	//     schema:
+	//       type: array
+	//       items:
+	//         "$ref": "#/definitions/User"
+	//   default:
+	//     description: internal error
+	//     schema:
+	//       "$ref": "#/definitions/ErrorResponse"
+
+	vars := mux.Vars(r)
+	teamID := vars["teamID"]
+	userID := getUserID(r)
+	query := r.URL.Query()
+	searchQuery := query.Get("search")
+
+	if !a.permissions.HasPermissionToTeam(userID, teamID, model.PermissionViewTeam) {
+		a.errorResponse(w, r.URL.Path, http.StatusForbidden, "Access denied to team", PermissionError{"access denied to team"})
+		return
+	}
+
+	auditRec := a.makeAuditRecord(r, "getUsers", audit.Fail)
+	defer a.audit.LogRecord(audit.LevelRead, auditRec)
+
+	users, err := a.app.SearchTeamUsers(teamID, searchQuery)
+	if err != nil {
+		a.errorResponse(w, r.URL.Path, http.StatusInternalServerError, "searchQuery="+searchQuery, err)
+		return
+	}
+
+	data, err := json.Marshal(users)
+	if err != nil {
+		a.errorResponse(w, r.URL.Path, http.StatusInternalServerError, "", err)
+		return
+	}
+
+	jsonBytesResponse(w, http.StatusOK, data)
+
+	auditRec.AddMeta("userCount", len(users))
+	auditRec.Success()
+}