2019-05-09 18:54:39 +12:00
< ? php
2020-06-14 06:30:44 +12:00
global $utopia , $register , $request , $response , $projectDB , $project , $user , $audit , $mail , $mode , $clients ;
2019-05-09 18:54:39 +12:00
use Utopia\Exception ;
2019-06-09 20:51:10 +12:00
use Utopia\Response ;
2020-03-29 01:42:16 +13:00
use Utopia\Config\Config ;
2019-05-09 18:54:39 +12:00
use Utopia\Validator\Email ;
use Utopia\Validator\Text ;
use Utopia\Validator\Host ;
use Utopia\Validator\Range ;
use Utopia\Validator\ArrayList ;
use Utopia\Validator\WhiteList ;
use Utopia\Locale\Locale ;
2020-03-25 06:56:32 +13:00
use Appwrite\Auth\Auth ;
use Appwrite\Database\Database ;
use Appwrite\Database\Document ;
use Appwrite\Database\Validator\UID ;
use Appwrite\Database\Validator\Authorization ;
use Appwrite\Database\Exception\Duplicate ;
use Appwrite\Template\Template ;
2019-05-09 18:54:39 +12:00
2019-12-17 08:35:33 +13:00
include_once __DIR__ . '/../shared/api.php' ;
2019-11-30 07:26:06 +13:00
2019-05-09 18:54:39 +12:00
$utopia -> post ( '/v1/teams' )
-> desc ( 'Create Team' )
-> label ( 'scope' , 'teams.write' )
2020-01-27 19:14:14 +13:00
-> label ( 'sdk.platform' , [ APP_PLATFORM_CLIENT , APP_PLATFORM_SERVER ])
2019-05-09 18:54:39 +12:00
-> label ( 'sdk.namespace' , 'teams' )
2020-01-31 05:18:46 +13:00
-> label ( 'sdk.method' , 'create' )
2019-10-08 20:09:35 +13:00
-> label ( 'sdk.description' , '/docs/references/teams/create-team.md' )
2019-10-07 09:10:52 +13:00
-> param ( 'name' , null , function () { return new Text ( 100 ); }, 'Team name.' )
2020-02-03 08:30:40 +13:00
-> param ( 'roles' , [ 'owner' ], function () { return new ArrayList ( new Text ( 128 )); }, 'Array of strings. Use this param to set the roles in the team for the user who created it. The default role is **owner**. A role can be any string. Learn more about [roles and permissions](/docs/permissions).' , true )
2019-05-09 18:54:39 +12:00
-> action (
2019-09-07 05:10:41 +12:00
function ( $name , $roles ) use ( $response , $projectDB , $user , $mode ) {
2019-05-09 18:54:39 +12:00
Authorization :: disable ();
$team = $projectDB -> createDocument ([
'$collection' => Database :: SYSTEM_COLLECTION_TEAMS ,
2019-09-07 05:10:41 +12:00
'$permissions' => [
'read' => [ 'team:{self}' ],
'write' => [ 'team:{self}/owner' ],
2019-05-09 18:54:39 +12:00
],
'name' => $name ,
2020-02-17 20:16:11 +13:00
'sum' => ( $mode !== APP_MODE_ADMIN && $user -> getId ()) ? 1 : 0 ,
2020-06-20 23:20:49 +12:00
'dateCreated' => \time (),
2019-05-09 18:54:39 +12:00
]);
2020-02-11 19:17:40 +13:00
Authorization :: reset ();
2019-05-09 18:54:39 +12:00
2019-09-07 05:10:41 +12:00
if ( false === $team ) {
2019-05-09 18:54:39 +12:00
throw new Exception ( 'Failed saving team to DB' , 500 );
}
2020-02-17 20:16:11 +13:00
if ( $mode !== APP_MODE_ADMIN && $user -> getId ()) { // Don't add user on server mode
2019-05-09 18:54:39 +12:00
$membership = new Document ([
'$collection' => Database :: SYSTEM_COLLECTION_MEMBERSHIPS ,
2019-09-07 05:10:41 +12:00
'$permissions' => [
2020-02-17 20:16:11 +13:00
'read' => [ 'user:' . $user -> getId (), 'team:' . $team -> getId ()],
'write' => [ 'user:' . $user -> getId (), 'team:' . $team -> getId () . '/owner' ],
2019-05-09 18:54:39 +12:00
],
2020-02-17 20:16:11 +13:00
'userId' => $user -> getId (),
'teamId' => $team -> getId (),
2019-05-09 18:54:39 +12:00
'roles' => $roles ,
2020-06-20 23:20:49 +12:00
'invited' => \time (),
'joined' => \time (),
2019-05-09 18:54:39 +12:00
'confirm' => true ,
'secret' => '' ,
]);
// Attach user to team
$user -> setAttribute ( 'memberships' , $membership , Document :: SET_TYPE_APPEND );
$user = $projectDB -> updateDocument ( $user -> getArrayCopy ());
2019-09-07 05:10:41 +12:00
if ( false === $user ) {
2019-05-09 18:54:39 +12:00
throw new Exception ( 'Failed saving user to DB' , 500 );
}
}
2019-06-09 20:51:10 +12:00
$response
-> setStatusCode ( Response :: STATUS_CODE_CREATED )
-> json ( $team -> getArrayCopy ())
;
2019-05-09 18:54:39 +12:00
}
);
2020-02-01 11:34:07 +13:00
$utopia -> get ( '/v1/teams' )
-> desc ( 'List Teams' )
-> label ( 'scope' , 'teams.read' )
-> label ( 'sdk.platform' , [ APP_PLATFORM_CLIENT , APP_PLATFORM_SERVER ])
-> label ( 'sdk.namespace' , 'teams' )
-> label ( 'sdk.method' , 'list' )
-> label ( 'sdk.description' , '/docs/references/teams/list-teams.md' )
-> param ( 'search' , '' , function () { return new Text ( 256 ); }, 'Search term to filter your list results.' , true )
-> param ( 'limit' , 25 , function () { return new Range ( 0 , 100 ); }, 'Results limit value. By default will return maximum 25 results. Maximum of 100 results allowed per request.' , true )
-> param ( 'offset' , 0 , function () { return new Range ( 0 , 2000 ); }, 'Results offset. The default value is 0. Use this param to manage pagination.' , true )
-> param ( 'orderType' , 'ASC' , function () { return new WhiteList ([ 'ASC' , 'DESC' ]); }, 'Order result by ASC or DESC order.' , true )
-> action (
function ( $search , $limit , $offset , $orderType ) use ( $response , $projectDB ) {
$results = $projectDB -> getCollection ([
'limit' => $limit ,
'offset' => $offset ,
'orderField' => 'dateCreated' ,
'orderType' => $orderType ,
'orderCast' => 'int' ,
'search' => $search ,
'filters' => [
'$collection=' . Database :: SYSTEM_COLLECTION_TEAMS ,
],
]);
$response -> json ([ 'sum' => $projectDB -> getSum (), 'teams' => $results ]);
}
);
$utopia -> get ( '/v1/teams/:teamId' )
-> desc ( 'Get Team' )
-> label ( 'scope' , 'teams.read' )
-> label ( 'sdk.platform' , [ APP_PLATFORM_CLIENT , APP_PLATFORM_SERVER ])
-> label ( 'sdk.namespace' , 'teams' )
-> label ( 'sdk.method' , 'get' )
-> label ( 'sdk.description' , '/docs/references/teams/get-team.md' )
-> param ( 'teamId' , '' , function () { return new UID (); }, 'Team unique ID.' )
-> action (
function ( $teamId ) use ( $response , $projectDB ) {
$team = $projectDB -> getDocument ( $teamId );
2020-02-17 20:16:11 +13:00
if ( empty ( $team -> getId ()) || Database :: SYSTEM_COLLECTION_TEAMS != $team -> getCollection ()) {
2020-02-01 11:34:07 +13:00
throw new Exception ( 'Team not found' , 404 );
}
$response -> json ( $team -> getArrayCopy ([]));
}
);
2019-05-09 18:54:39 +12:00
$utopia -> put ( '/v1/teams/:teamId' )
-> desc ( 'Update Team' )
-> label ( 'scope' , 'teams.write' )
2020-01-27 19:14:14 +13:00
-> label ( 'sdk.platform' , [ APP_PLATFORM_CLIENT , APP_PLATFORM_SERVER ])
2019-05-09 18:54:39 +12:00
-> label ( 'sdk.namespace' , 'teams' )
2020-01-31 05:18:46 +13:00
-> label ( 'sdk.method' , 'update' )
2019-10-08 20:09:35 +13:00
-> label ( 'sdk.description' , '/docs/references/teams/update-team.md' )
2019-10-07 09:10:52 +13:00
-> param ( 'teamId' , '' , function () { return new UID (); }, 'Team unique ID.' )
-> param ( 'name' , null , function () { return new Text ( 100 ); }, 'Team name.' )
2019-05-09 18:54:39 +12:00
-> action (
2019-09-07 05:10:41 +12:00
function ( $teamId , $name ) use ( $response , $projectDB ) {
2019-05-09 18:54:39 +12:00
$team = $projectDB -> getDocument ( $teamId );
2020-02-17 20:16:11 +13:00
if ( empty ( $team -> getId ()) || Database :: SYSTEM_COLLECTION_TEAMS != $team -> getCollection ()) {
2019-05-09 18:54:39 +12:00
throw new Exception ( 'Team not found' , 404 );
}
2020-06-20 23:20:49 +12:00
$team = $projectDB -> updateDocument ( \array_merge ( $team -> getArrayCopy (), [
2019-05-09 18:54:39 +12:00
'name' => $name ,
]));
2019-09-07 05:10:41 +12:00
if ( false === $team ) {
2019-05-09 18:54:39 +12:00
throw new Exception ( 'Failed saving team to DB' , 500 );
}
$response -> json ( $team -> getArrayCopy ());
}
);
$utopia -> delete ( '/v1/teams/:teamId' )
-> desc ( 'Delete Team' )
-> label ( 'scope' , 'teams.write' )
2020-01-27 19:14:14 +13:00
-> label ( 'sdk.platform' , [ APP_PLATFORM_CLIENT , APP_PLATFORM_SERVER ])
2019-05-09 18:54:39 +12:00
-> label ( 'sdk.namespace' , 'teams' )
2020-01-31 05:18:46 +13:00
-> label ( 'sdk.method' , 'delete' )
2019-10-08 20:09:35 +13:00
-> label ( 'sdk.description' , '/docs/references/teams/delete-team.md' )
2019-10-07 09:10:52 +13:00
-> param ( 'teamId' , '' , function () { return new UID (); }, 'Team unique ID.' )
2019-05-09 18:54:39 +12:00
-> action (
2019-09-07 05:10:41 +12:00
function ( $teamId ) use ( $response , $projectDB ) {
2019-05-09 18:54:39 +12:00
$team = $projectDB -> getDocument ( $teamId );
2020-02-17 20:16:11 +13:00
if ( empty ( $team -> getId ()) || Database :: SYSTEM_COLLECTION_TEAMS != $team -> getCollection ()) {
2019-05-09 18:54:39 +12:00
throw new Exception ( 'Team not found' , 404 );
}
$memberships = $projectDB -> getCollection ([
'limit' => 2000 , // TODO add members limit
'offset' => 0 ,
'filters' => [
2019-09-07 05:10:41 +12:00
'$collection=' . Database :: SYSTEM_COLLECTION_MEMBERSHIPS ,
'teamId=' . $teamId ,
],
2019-05-09 18:54:39 +12:00
]);
foreach ( $memberships as $member ) {
2020-02-17 20:16:11 +13:00
if ( ! $projectDB -> deleteDocument ( $member -> getId ())) {
2019-05-09 18:54:39 +12:00
throw new Exception ( 'Failed to remove membership for team from DB' , 500 );
}
}
2019-09-07 05:10:41 +12:00
if ( ! $projectDB -> deleteDocument ( $teamId )) {
2019-05-09 18:54:39 +12:00
throw new Exception ( 'Failed to remove team from DB' , 500 );
}
$response -> noContent ();
}
);
$utopia -> post ( '/v1/teams/:teamId/memberships' )
-> desc ( 'Create Team Membership' )
2020-02-10 05:53:33 +13:00
-> label ( 'scope' , 'teams.write' )
2020-01-27 19:14:14 +13:00
-> label ( 'sdk.platform' , [ APP_PLATFORM_CLIENT , APP_PLATFORM_SERVER ])
2019-05-09 18:54:39 +12:00
-> label ( 'sdk.namespace' , 'teams' )
2020-01-31 05:18:46 +13:00
-> label ( 'sdk.method' , 'createMembership' )
2019-10-08 20:09:35 +13:00
-> label ( 'sdk.description' , '/docs/references/teams/create-team-membership.md' )
2019-10-07 09:10:52 +13:00
-> param ( 'teamId' , '' , function () { return new UID (); }, 'Team unique ID.' )
2020-02-10 18:58:29 +13:00
-> param ( 'email' , '' , function () { return new Email (); }, 'New team member email.' )
2019-10-07 09:10:52 +13:00
-> param ( 'name' , '' , function () { return new Text ( 100 ); }, 'New team member name.' , true )
2020-02-03 08:30:40 +13:00
-> param ( 'roles' , [], function () { return new ArrayList ( new Text ( 128 )); }, 'Array of strings. Use this param to set the user roles in the team. A role can be any string. Learn more about [roles and permissions](/docs/permissions).' )
2020-05-28 23:34:42 +12:00
-> param ( 'url' , '' , function () use ( $clients ) { return new Host ( $clients ); }, 'URL to redirect the user back to your app from the invitation email. Only URLs from hostnames in your project platform list are allowed. This requirement helps to prevent an [open redirect](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html) attack against your project API.' ) // TODO add our own built-in confirm page
2019-05-09 18:54:39 +12:00
-> action (
2020-06-14 11:06:19 +12:00
function ( $teamId , $email , $name , $roles , $url ) use ( $response , $mail , $project , $user , $audit , $projectDB , $mode ) {
2019-05-09 18:54:39 +12:00
$name = ( empty ( $name )) ? $email : $name ;
$team = $projectDB -> getDocument ( $teamId );
2020-02-17 20:16:11 +13:00
if ( empty ( $team -> getId ()) || Database :: SYSTEM_COLLECTION_TEAMS != $team -> getCollection ()) {
2019-05-09 18:54:39 +12:00
throw new Exception ( 'Team not found' , 404 );
}
$memberships = $projectDB -> getCollection ([
'limit' => 50 ,
'offset' => 0 ,
'filters' => [
2019-09-07 05:10:41 +12:00
'$collection=' . Database :: SYSTEM_COLLECTION_MEMBERSHIPS ,
2020-02-17 20:16:11 +13:00
'teamId=' . $team -> getId (),
2019-09-07 05:10:41 +12:00
],
2019-05-09 18:54:39 +12:00
]);
$invitee = $projectDB -> getCollection ([ // Get user by email address
'limit' => 1 ,
'first' => true ,
'filters' => [
2019-09-07 05:10:41 +12:00
'$collection=' . Database :: SYSTEM_COLLECTION_USERS ,
'email=' . $email ,
],
2019-05-09 18:54:39 +12:00
]);
2019-09-07 05:10:41 +12:00
if ( empty ( $invitee )) { // Create new user if no user with same email found
2019-05-09 18:54:39 +12:00
Authorization :: disable ();
2020-03-22 10:10:06 +13:00
try {
$invitee = $projectDB -> createDocument ([
'$collection' => Database :: SYSTEM_COLLECTION_USERS ,
'$permissions' => [
'read' => [ 'user:{self}' , '*' ],
'write' => [ 'user:{self}' ],
],
'email' => $email ,
'emailVerification' => false ,
'status' => Auth :: USER_STATUS_UNACTIVATED ,
'password' => Auth :: passwordHash ( Auth :: passwordGenerator ()),
2020-06-20 23:20:49 +12:00
'password-update' => \time (),
'registration' => \time (),
2020-03-22 10:10:06 +13:00
'reset' => false ,
'name' => $name ,
'tokens' => [],
], [ 'email' => $email ]);
} catch ( Duplicate $th ) {
throw new Exception ( 'Account already exists' , 409 );
}
2019-05-09 18:54:39 +12:00
2020-02-11 19:17:40 +13:00
Authorization :: reset ();
2019-05-09 18:54:39 +12:00
2019-09-07 05:10:41 +12:00
if ( false === $invitee ) {
2019-05-09 18:54:39 +12:00
throw new Exception ( 'Failed saving user to DB' , 500 );
}
}
$isOwner = false ;
foreach ( $memberships as $member ) {
2020-02-17 20:16:11 +13:00
if ( $member -> getAttribute ( 'userId' ) == $invitee -> getId ()) {
2020-01-23 12:31:48 +13:00
throw new Exception ( 'User has already been invited or is already a member of this team' , 409 );
2019-05-09 18:54:39 +12:00
}
2020-06-20 23:20:49 +12:00
if ( $member -> getAttribute ( 'userId' ) == $user -> getId () && \in_array ( 'owner' , $member -> getAttribute ( 'roles' , []))) {
2019-05-09 18:54:39 +12:00
$isOwner = true ;
}
}
2020-06-09 04:15:35 +12:00
if ( ! $isOwner && ( APP_MODE_ADMIN !== $mode )) {
2019-05-09 18:54:39 +12:00
throw new Exception ( 'User is not allowed to send invitations for this team' , 401 );
}
$secret = Auth :: tokenGenerator ();
$membership = new Document ([
'$collection' => Database :: SYSTEM_COLLECTION_MEMBERSHIPS ,
2019-09-07 05:10:41 +12:00
'$permissions' => [
'read' => [ '*' ],
2020-02-17 20:16:11 +13:00
'write' => [ 'user:' . $invitee -> getId (), 'team:' . $team -> getId () . '/owner' ],
2019-05-09 18:54:39 +12:00
],
2020-02-17 20:16:11 +13:00
'userId' => $invitee -> getId (),
'teamId' => $team -> getId (),
2019-05-09 18:54:39 +12:00
'roles' => $roles ,
2020-06-20 23:20:49 +12:00
'invited' => \time (),
2019-05-09 18:54:39 +12:00
'joined' => 0 ,
2020-06-09 04:15:35 +12:00
'confirm' => ( APP_MODE_ADMIN === $mode ),
2019-05-09 18:54:39 +12:00
'secret' => Auth :: hash ( $secret ),
]);
2020-06-09 04:15:35 +12:00
if ( APP_MODE_ADMIN === $mode ) { // Allow admin to create membership
Authorization :: disable ();
$membership = $projectDB -> createDocument ( $membership -> getArrayCopy ());
Authorization :: reset ();
}
else {
$membership = $projectDB -> createDocument ( $membership -> getArrayCopy ());
}
2019-05-09 18:54:39 +12:00
2019-09-07 05:10:41 +12:00
if ( false === $membership ) {
2019-05-09 18:54:39 +12:00
throw new Exception ( 'Failed saving membership to DB' , 500 );
}
2020-01-19 03:47:08 +13:00
$url = Template :: parseURL ( $url );
2020-02-17 20:16:11 +13:00
$url [ 'query' ] = Template :: mergeQuery ((( isset ( $url [ 'query' ])) ? $url [ 'query' ] : '' ), [ 'inviteId' => $membership -> getId (), 'teamId' => $team -> getId (), 'userId' => $invitee -> getId (), 'secret' => $secret , 'teamId' => $teamId ]);
2020-01-19 03:47:08 +13:00
$url = Template :: unParseURL ( $url );
2019-05-09 18:54:39 +12:00
2020-06-12 11:20:32 +12:00
$body = new Template ( __DIR__ . '/../../config/locales/templates/_base.tpl' );
$content = new Template ( __DIR__ . '/../../config/locales/templates/' . Locale :: getText ( 'account.emails.invitation.body' ));
$cta = new Template ( __DIR__ . '/../../config/locales/templates/_cta.tpl' );
2019-05-09 18:54:39 +12:00
$body
2020-06-12 11:20:32 +12:00
-> setParam ( '{{content}}' , $content -> render ())
-> setParam ( '{{cta}}' , $cta -> render ())
-> setParam ( '{{title}}' , Locale :: getText ( 'account.emails.invitation.title' ))
2019-05-09 18:54:39 +12:00
-> setParam ( '{{direction}}' , Locale :: getText ( 'settings.direction' ))
-> setParam ( '{{project}}' , $project -> getAttribute ( 'name' , [ '[APP-NAME]' ]))
-> setParam ( '{{team}}' , $team -> getAttribute ( 'name' , '[TEAM-NAME]' ))
-> setParam ( '{{owner}}' , $user -> getAttribute ( 'name' , '' ))
2020-01-19 03:47:08 +13:00
-> setParam ( '{{redirect}}' , $url )
2020-06-13 06:21:58 +12:00
-> setParam ( '{{bg-body}}' , '#f6f6f6' )
-> setParam ( '{{bg-content}}' , '#ffffff' )
-> setParam ( '{{bg-cta}}' , '#3498db' )
-> setParam ( '{{bg-cta-hover}}' , '#34495e' )
-> setParam ( '{{text-content}}' , '#000000' )
-> setParam ( '{{text-cta}}' , '#ffffff' )
2019-05-09 18:54:39 +12:00
;
2020-06-14 23:44:57 +12:00
if ( APP_MODE_ADMIN !== $mode ) { // No need in comfirmation when in admin mode
$mail
-> setParam ( 'event' , 'teams.membership.create' )
-> setParam ( 'recipient' , $email )
-> setParam ( 'name' , $name )
2020-06-20 23:20:49 +12:00
-> setParam ( 'subject' , \sprintf ( Locale :: getText ( 'account.emails.invitation.title' ), $team -> getAttribute ( 'name' , '[TEAM-NAME]' ), $project -> getAttribute ( 'name' , [ '[APP-NAME]' ])))
2020-06-14 23:44:57 +12:00
-> setParam ( 'body' , $body -> render ())
-> trigger ();
;
}
2019-05-09 18:54:39 +12:00
$audit
2020-02-17 20:16:11 +13:00
-> setParam ( 'userId' , $invitee -> getId ())
2020-02-08 12:47:37 +13:00
-> setParam ( 'event' , 'teams.membership.create' )
2020-02-12 11:24:30 +13:00
-> setParam ( 'resource' , 'teams/' . $teamId )
2019-05-09 18:54:39 +12:00
;
2019-06-09 20:51:10 +12:00
$response
2020-01-19 03:47:08 +13:00
-> setStatusCode ( Response :: STATUS_CODE_CREATED ) // TODO change response of this endpoint
2020-06-20 23:20:49 +12:00
-> json ( \array_merge ( $membership -> getArrayCopy ([
2020-02-17 20:16:11 +13:00
'$id' ,
2020-01-19 05:03:17 +13:00
'userId' ,
'teamId' ,
'roles' ,
'invited' ,
'joined' ,
'confirm' ,
2020-01-20 09:02:50 +13:00
]), [
'email' => $email ,
'name' => $name ,
2020-01-19 05:03:17 +13:00
]))
2020-01-19 03:47:08 +13:00
;
2019-05-09 18:54:39 +12:00
}
);
2020-02-01 11:34:07 +13:00
$utopia -> get ( '/v1/teams/:teamId/memberships' )
-> desc ( 'Get Team Memberships' )
-> label ( 'scope' , 'teams.read' )
-> label ( 'sdk.platform' , [ APP_PLATFORM_CLIENT , APP_PLATFORM_SERVER ])
-> label ( 'sdk.namespace' , 'teams' )
-> label ( 'sdk.method' , 'getMemberships' )
-> label ( 'sdk.description' , '/docs/references/teams/get-team-members.md' )
-> param ( 'teamId' , '' , function () { return new UID (); }, 'Team unique ID.' )
2020-06-07 21:29:51 +12:00
-> param ( 'search' , '' , function () { return new Text ( 256 ); }, 'Search term to filter your list results.' , true )
-> param ( 'limit' , 25 , function () { return new Range ( 0 , 100 ); }, 'Results limit value. By default will return maximum 25 results. Maximum of 100 results allowed per request.' , true )
-> param ( 'offset' , 0 , function () { return new Range ( 0 , 2000 ); }, 'Results offset. The default value is 0. Use this param to manage pagination.' , true )
-> param ( 'orderType' , 'ASC' , function () { return new WhiteList ([ 'ASC' , 'DESC' ]); }, 'Order result by ASC or DESC order.' , true )
2020-02-01 11:34:07 +13:00
-> action (
2020-06-07 21:29:51 +12:00
function ( $teamId , $search , $limit , $offset , $orderType ) use ( $response , $projectDB ) {
2020-02-01 11:34:07 +13:00
$team = $projectDB -> getDocument ( $teamId );
2020-02-17 20:16:11 +13:00
if ( empty ( $team -> getId ()) || Database :: SYSTEM_COLLECTION_TEAMS != $team -> getCollection ()) {
2020-02-01 11:34:07 +13:00
throw new Exception ( 'Team not found' , 404 );
}
$memberships = $projectDB -> getCollection ([
2020-06-07 21:29:51 +12:00
'limit' => $limit ,
'offset' => $offset ,
'orderField' => 'joined' ,
'orderType' => $orderType ,
'orderCast' => 'int' ,
'search' => $search ,
2020-02-01 11:34:07 +13:00
'filters' => [
'$collection=' . Database :: SYSTEM_COLLECTION_MEMBERSHIPS ,
'teamId=' . $teamId ,
],
]);
$users = [];
foreach ( $memberships as $membership ) {
if ( empty ( $membership -> getAttribute ( 'userId' , null ))) {
continue ;
}
$temp = $projectDB -> getDocument ( $membership -> getAttribute ( 'userId' , null )) -> getArrayCopy ([ 'email' , 'name' ]);
2020-06-20 23:20:49 +12:00
$users [] = \array_merge ( $temp , $membership -> getArrayCopy ([
2020-02-17 20:16:11 +13:00
'$id' ,
2020-02-01 11:34:07 +13:00
'userId' ,
'teamId' ,
'roles' ,
'invited' ,
'joined' ,
'confirm' ,
]));
}
2020-06-07 21:29:51 +12:00
$response -> json ([ 'sum' => $projectDB -> getSum (), 'memberships' => $users ]);
2020-02-01 11:34:07 +13:00
}
);
2019-05-09 18:54:39 +12:00
$utopia -> patch ( '/v1/teams/:teamId/memberships/:inviteId/status' )
-> desc ( 'Update Team Membership Status' )
2020-01-20 01:22:54 +13:00
-> label ( 'scope' , 'public' )
2020-01-27 19:14:14 +13:00
-> label ( 'sdk.platform' , [ APP_PLATFORM_CLIENT ])
2019-05-09 18:54:39 +12:00
-> label ( 'sdk.namespace' , 'teams' )
2020-01-31 05:18:46 +13:00
-> label ( 'sdk.method' , 'updateMembershipStatus' )
2019-10-08 20:09:35 +13:00
-> label ( 'sdk.description' , '/docs/references/teams/update-team-membership-status.md' )
2019-10-07 09:10:52 +13:00
-> param ( 'teamId' , '' , function () { return new UID (); }, 'Team unique ID.' )
2020-02-10 18:54:26 +13:00
-> param ( 'inviteId' , '' , function () { return new UID (); }, 'Invite unique ID.' )
-> param ( 'userId' , '' , function () { return new UID (); }, 'User unique ID.' )
-> param ( 'secret' , '' , function () { return new Text ( 256 ); }, 'Secret key.' )
2019-05-09 18:54:39 +12:00
-> action (
2020-03-29 01:42:16 +13:00
function ( $teamId , $inviteId , $userId , $secret ) use ( $response , $request , $user , $audit , $projectDB ) {
$protocol = Config :: getParam ( 'protocol' );
2020-01-19 09:02:47 +13:00
$membership = $projectDB -> getDocument ( $inviteId );
2019-05-09 18:54:39 +12:00
2020-02-17 20:16:11 +13:00
if ( empty ( $membership -> getId ()) || Database :: SYSTEM_COLLECTION_MEMBERSHIPS != $membership -> getCollection ()) {
2019-05-09 18:54:39 +12:00
throw new Exception ( 'Invite not found' , 404 );
}
2020-01-20 01:22:54 +13:00
if ( $membership -> getAttribute ( 'teamId' ) !== $teamId ) {
2019-05-09 18:54:39 +12:00
throw new Exception ( 'Team IDs don\'t match' , 404 );
}
2020-01-20 01:22:54 +13:00
Authorization :: disable ();
2019-05-09 18:54:39 +12:00
$team = $projectDB -> getDocument ( $teamId );
2020-01-20 01:22:54 +13:00
2020-02-11 19:17:40 +13:00
Authorization :: reset ();
2019-05-09 18:54:39 +12:00
2020-02-17 20:16:11 +13:00
if ( empty ( $team -> getId ()) || Database :: SYSTEM_COLLECTION_TEAMS != $team -> getCollection ()) {
2019-05-09 18:54:39 +12:00
throw new Exception ( 'Team not found' , 404 );
}
2020-01-19 09:02:47 +13:00
if ( Auth :: hash ( $secret ) !== $membership -> getAttribute ( 'secret' )) {
2019-05-09 18:54:39 +12:00
throw new Exception ( 'Secret key not valid' , 401 );
}
2020-01-19 09:02:47 +13:00
if ( $userId != $membership -> getAttribute ( 'userId' )) {
2019-09-07 05:10:41 +12:00
throw new Exception ( 'Invite not belong to current user (' . $user -> getAttribute ( 'email' ) . ')' , 401 );
2019-05-09 18:54:39 +12:00
}
2020-02-17 20:16:11 +13:00
if ( empty ( $user -> getId ())) {
2019-05-09 18:54:39 +12:00
$user = $projectDB -> getCollection ([ // Get user
'limit' => 1 ,
'first' => true ,
'filters' => [
2019-09-07 05:10:41 +12:00
'$collection=' . Database :: SYSTEM_COLLECTION_USERS ,
2020-02-17 20:16:11 +13:00
'$id=' . $userId ,
2019-09-07 05:10:41 +12:00
],
2019-05-09 18:54:39 +12:00
]);
}
2020-02-17 20:16:11 +13:00
if ( $membership -> getAttribute ( 'userId' ) !== $user -> getId ()) {
2019-09-07 05:10:41 +12:00
throw new Exception ( 'Invite not belong to current user (' . $user -> getAttribute ( 'email' ) . ')' , 401 );
2019-05-09 18:54:39 +12:00
}
2020-01-19 09:02:47 +13:00
$membership // Attach user to team
2020-06-20 23:20:49 +12:00
-> setAttribute ( 'joined' , \time ())
2019-05-09 18:54:39 +12:00
-> setAttribute ( 'confirm' , true )
;
$user
2020-02-10 10:37:28 +13:00
-> setAttribute ( 'emailVerification' , true )
2020-01-19 09:02:47 +13:00
-> setAttribute ( 'memberships' , $membership , Document :: SET_TYPE_APPEND )
;
2019-05-09 18:54:39 +12:00
// Log user in
2020-06-20 23:20:49 +12:00
$expiry = \time () + Auth :: TOKEN_EXPIRATION_LOGIN_LONG ;
2019-05-09 18:54:39 +12:00
$secret = Auth :: tokenGenerator ();
$user -> setAttribute ( 'tokens' , new Document ([
'$collection' => Database :: SYSTEM_COLLECTION_TOKENS ,
2020-02-17 20:16:11 +13:00
'$permissions' => [ 'read' => [ 'user:' . $user -> getId ()], 'write' => [ 'user:' . $user -> getId ()]],
2019-05-09 18:54:39 +12:00
'type' => Auth :: TOKEN_TYPE_LOGIN ,
'secret' => Auth :: hash ( $secret ), // On way hash encryption to protect DB leak
'expire' => $expiry ,
'userAgent' => $request -> getServer ( 'HTTP_USER_AGENT' , 'UNKNOWN' ),
'ip' => $request -> getIP (),
2019-09-07 05:10:41 +12:00
]), Document :: SET_TYPE_APPEND );
2019-05-09 18:54:39 +12:00
2019-09-07 05:10:41 +12:00
Authorization :: setRole ( 'user:' . $userId );
2019-05-09 18:54:39 +12:00
$user = $projectDB -> updateDocument ( $user -> getArrayCopy ());
2019-09-07 05:10:41 +12:00
if ( false === $user ) {
2019-05-09 18:54:39 +12:00
throw new Exception ( 'Failed saving user to DB' , 500 );
}
2020-01-20 01:22:54 +13:00
Authorization :: disable ();
2020-06-20 23:20:49 +12:00
$team = $projectDB -> updateDocument ( \array_merge ( $team -> getArrayCopy (), [
2019-05-09 18:54:39 +12:00
'sum' => $team -> getAttribute ( 'sum' , 0 ) + 1 ,
]));
2020-02-11 19:17:40 +13:00
Authorization :: reset ();
2020-01-20 09:02:50 +13:00
2019-09-07 05:10:41 +12:00
if ( false === $team ) {
2019-05-09 18:54:39 +12:00
throw new Exception ( 'Failed saving team to DB' , 500 );
}
$audit
2020-02-17 20:16:11 +13:00
-> setParam ( 'userId' , $user -> getId ())
2020-02-08 12:47:37 +13:00
-> setParam ( 'event' , 'teams.membership.update' )
2020-02-12 11:24:30 +13:00
-> setParam ( 'resource' , 'teams/' . $teamId )
2019-05-09 18:54:39 +12:00
;
2020-03-29 01:42:16 +13:00
if ( ! Config :: getParam ( 'domainVerification' )) {
2020-03-18 00:36:13 +13:00
$response
2020-06-20 23:20:49 +12:00
-> addHeader ( 'X-Fallback-Cookies' , \json_encode ([ Auth :: $cookieName => Auth :: encodeSession ( $user -> getId (), $secret )]))
2020-03-18 00:36:13 +13:00
;
}
2020-01-15 09:50:49 +13:00
$response
2020-02-27 22:17:09 +13:00
-> addCookie ( Auth :: $cookieName . '_legacy' , Auth :: encodeSession ( $user -> getId (), $secret ), $expiry , '/' , COOKIE_DOMAIN , ( 'https' == $protocol ), true , null )
-> addCookie ( Auth :: $cookieName , Auth :: encodeSession ( $user -> getId (), $secret ), $expiry , '/' , COOKIE_DOMAIN , ( 'https' == $protocol ), true , COOKIE_SAMESITE )
2020-06-20 23:20:49 +12:00
-> json ( \array_merge ( $membership -> getArrayCopy ([
2020-02-17 20:16:11 +13:00
'$id' ,
2020-01-19 09:02:47 +13:00
'userId' ,
'teamId' ,
'roles' ,
'invited' ,
'joined' ,
'confirm' ,
2020-01-20 09:02:50 +13:00
]), [
'email' => $user -> getAttribute ( 'email' ),
'name' => $user -> getAttribute ( 'name' ),
2020-01-19 09:02:47 +13:00
]))
2020-01-15 09:50:49 +13:00
;
2019-05-09 18:54:39 +12:00
}
);
$utopia -> delete ( '/v1/teams/:teamId/memberships/:inviteId' )
-> desc ( 'Delete Team Membership' )
2020-02-10 05:53:33 +13:00
-> label ( 'scope' , 'teams.write' )
2020-01-27 19:14:14 +13:00
-> label ( 'sdk.platform' , [ APP_PLATFORM_CLIENT , APP_PLATFORM_SERVER ])
2019-05-09 18:54:39 +12:00
-> label ( 'sdk.namespace' , 'teams' )
2020-01-31 05:18:46 +13:00
-> label ( 'sdk.method' , 'deleteMembership' )
2019-10-08 20:09:35 +13:00
-> label ( 'sdk.description' , '/docs/references/teams/delete-team-membership.md' )
2019-10-07 09:10:52 +13:00
-> param ( 'teamId' , '' , function () { return new UID (); }, 'Team unique ID.' )
2020-02-10 18:54:26 +13:00
-> param ( 'inviteId' , '' , function () { return new UID (); }, 'Invite unique ID.' )
2019-05-09 18:54:39 +12:00
-> action (
2019-09-07 05:10:41 +12:00
function ( $teamId , $inviteId ) use ( $response , $projectDB , $audit ) {
2020-01-19 05:03:17 +13:00
$membership = $projectDB -> getDocument ( $inviteId );
2019-05-09 18:54:39 +12:00
2020-02-17 20:16:11 +13:00
if ( empty ( $membership -> getId ()) || Database :: SYSTEM_COLLECTION_MEMBERSHIPS != $membership -> getCollection ()) {
2019-05-09 18:54:39 +12:00
throw new Exception ( 'Invite not found' , 404 );
}
2020-01-19 05:03:17 +13:00
if ( $membership -> getAttribute ( 'teamId' ) !== $teamId ) {
2019-05-09 18:54:39 +12:00
throw new Exception ( 'Team IDs don\'t match' , 404 );
}
$team = $projectDB -> getDocument ( $teamId );
2020-02-17 20:16:11 +13:00
if ( empty ( $team -> getId ()) || Database :: SYSTEM_COLLECTION_TEAMS != $team -> getCollection ()) {
2019-05-09 18:54:39 +12:00
throw new Exception ( 'Team not found' , 404 );
}
2020-02-17 20:16:11 +13:00
if ( ! $projectDB -> deleteDocument ( $membership -> getId ())) {
2019-05-09 18:54:39 +12:00
throw new Exception ( 'Failed to remove membership from DB' , 500 );
}
2020-06-08 17:42:01 +12:00
if ( $membership -> getAttribute ( 'confirm' )) { // Count only confirmed members
2020-06-20 23:20:49 +12:00
$team = $projectDB -> updateDocument ( \array_merge ( $team -> getArrayCopy (), [
2020-06-08 17:42:01 +12:00
'sum' => $team -> getAttribute ( 'sum' , 0 ) - 1 ,
]));
}
2019-05-09 18:54:39 +12:00
2019-09-07 05:10:41 +12:00
if ( false === $team ) {
2019-05-09 18:54:39 +12:00
throw new Exception ( 'Failed saving team to DB' , 500 );
}
$audit
2020-01-19 05:03:17 +13:00
-> setParam ( 'userId' , $membership -> getAttribute ( 'userId' ))
2020-02-08 12:47:37 +13:00
-> setParam ( 'event' , 'teams.membership.delete' )
2020-02-12 11:24:30 +13:00
-> setParam ( 'resource' , 'teams/' . $teamId )
2019-05-09 18:54:39 +12:00
;
$response -> noContent ();
}
2019-09-07 05:10:41 +12:00
);