18592912027

Committed 17 Oct 2025 12:37PM UTC coverage: 60.124% (+0.04%) from 60.087%

Build # 18592912027

Build Type

push

github

Committed by

emmdim

Commit Message

api: hotfix missing return in listOrganizationMemberGroupsHandler

Run Details

0 of 1 new or added line in 1 file covered. (0.0%)

30 existing lines in 2 files now uncovered.

6105 of 10154 relevant lines covered (60.12%)

34.33 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

70.73

/api/organization_groups.go

package api

import (
        "encoding/json"
        "net/http"
        "strconv"

        "github.com/go-chi/chi/v5"
        "github.com/vocdoni/saas-backend/api/apicommon"
        "github.com/vocdoni/saas-backend/db"
        "github.com/vocdoni/saas-backend/errors"
        "go.vocdoni.io/dvote/log"
)

// organizationMemberGroupsHandler godoc
//
//        @Summary                Get organization member groups
//        @Description        Get the list of groups and their info of the organization
//        @Description        Does not return the members of the groups, only the groups themselves.
//        @Description        Needs admin or manager role
//        @Tags                        organizations
//        @Accept                        json
//        @Produce                json
//        @Security                BearerAuth
//        @Param                        address                path                string        true        "Organization address"
//        @Param                        page                query                integer        false        "Page number (default: 1)"
//        @Param                        pageSize        query                integer        false        "Number of items per page (default: 10)"
//        @Success                200                        {object}        apicommon.OrganizationMemberGroupsResponse
//        @Failure                400                        {object}        errors.Error        "Invalid input data"
//        @Failure                401                        {object}        errors.Error        "Unauthorized"
//        @Failure                404                        {object}        errors.Error        "Organization not found"
//        @Failure                500                        {object}        errors.Error        "Internal server error"
//        @Router                        /organizations/{address}/groups [get]
func (a *API) organizationMemberGroupsHandler(w http.ResponseWriter, r *http.Request) {
        // get the user from the request context
        user, ok := apicommon.UserFromContext(r.Context())
        if !ok {
                errors.ErrUnauthorized.Write(w)
                return
        }
        // get the organization info from the request context
        org, _, ok := a.organizationFromRequest(r)
        if !ok {
                errors.ErrNoOrganizationProvided.Write(w)
                return
        }
        if !user.HasRoleFor(org.Address, db.AdminRole) && !user.HasRoleFor(org.Address, db.ManagerRole) {
                // if the user is not admin or manager of the organization, return an error
                errors.ErrUnauthorized.Withf("user is not admin of organization").Write(w)
                return
        }

        // Parse pagination parameters from query string
        page := 1      // Default page number
        pageSize := 10 // Default page size

        if pageStr := r.URL.Query().Get("page"); pageStr != "" {
                if pageVal, err := strconv.Atoi(pageStr); err == nil && pageVal > 0 {
                        page = pageVal
                }
        }

        if pageSizeStr := r.URL.Query().Get("pageSize"); pageSizeStr != "" {
                if pageSizeVal, err := strconv.Atoi(pageSizeStr); err == nil && pageSizeVal > 0 {
                        pageSize = pageSizeVal
                }
        }

        // send the organization back to the user
        pages, groups, err := a.db.OrganizationMemberGroups(org.Address, page, pageSize)
        if err != nil {
                errors.ErrGenericInternalServerError.Withf("could not get organization members: %v", err).Write(w)
                return
        }
        memberGroups := apicommon.OrganizationMemberGroupsResponse{
                TotalPages:  pages,
                CurrentPage: page,
                Groups:      make([]*apicommon.OrganizationMemberGroupInfo, 0, len(groups)),
        }
        for _, group := range groups {
                memberGroups.Groups = append(memberGroups.Groups, &apicommon.OrganizationMemberGroupInfo{
                        ID:           group.ID.Hex(),
                        Title:        group.Title,
                        Description:  group.Description,
                        CreatedAt:    group.CreatedAt,
                        UpdatedAt:    group.UpdatedAt,
                        CensusIDs:    group.CensusIDs,
                        MembersCount: len(group.MemberIDs),
                })
        }
        apicommon.HTTPWriteJSON(w, memberGroups)
}

// organizationMemberGroupHandler godoc
//
//        @Summary                Get the information of an organization member group
//        @Description        Get the information of an organization member group by its ID
//        @Description        Needs admin or manager role
//        @Tags                        organizations
//        @Accept                        json
//        @Produce                json
//        @Security                BearerAuth
//        @Param                        address        path                string        true        "Organization address"
//        @Param                        groupID        path                string        true        "Group ID"
//        @Success                200                {object}        apicommon.OrganizationMemberGroupInfo
//        @Failure                400                {object}        errors.Error        "Invalid input data"
//        @Failure                401                {object}        errors.Error        "Unauthorized"
//        @Failure                404                {object}        errors.Error        "Organization or group not found"
//        @Failure                500                {object}        errors.Error        "Internal server error"
//        @Router                        /organizations/{address}/groups/{groupID} [get]
func (a *API) organizationMemberGroupHandler(w http.ResponseWriter, r *http.Request) {
        // get the group ID from the request path
        groupID := chi.URLParam(r, "groupID")
        if groupID == "" {
                errors.ErrInvalidData.Withf("group ID is required").Write(w)
                return
        }
        // get the user from the request context
        user, ok := apicommon.UserFromContext(r.Context())
        if !ok {
                errors.ErrUnauthorized.Write(w)
                return
        }
        // get the organization info from the request context
        org, _, ok := a.organizationFromRequest(r)
        if !ok {
                errors.ErrNoOrganizationProvided.Write(w)
                return
        }
        if !user.HasRoleFor(org.Address, db.AdminRole) && !user.HasRoleFor(org.Address, db.ManagerRole) {
                // if the user is not admin or manager of the organization, return an error
                errors.ErrUnauthorized.Withf("user is not admin of organization").Write(w)
                return
        }

        group, err := a.db.OrganizationMemberGroup(groupID, org.Address)
        if err != nil {
                if err == db.ErrNotFound {
                        errors.ErrInvalidData.Withf("group not found").Write(w)
                        return
                }
                errors.ErrGenericInternalServerError.Withf("could not get organization member group: %v", err).Write(w)
                return
        }
        apicommon.HTTPWriteJSON(w, &apicommon.OrganizationMemberGroupInfo{
                ID:          group.ID.Hex(),
                Title:       group.Title,
                Description: group.Description,
                MemberIDs:   group.MemberIDs,
                CensusIDs:   group.CensusIDs,
                CreatedAt:   group.CreatedAt,
                UpdatedAt:   group.UpdatedAt,
        })
}

// createOrganizationMemberGroupHandler godoc
//
//        @Summary                Create an organization member group
//        @Description        Create an organization member group with the given members or all members
//        @Description        Needs admin or manager role
//        @Tags                        organizations
//        @Accept                        json
//        @Produce                json
//        @Security                BearerAuth
//        @Param                        address        path                string                                                                                        true        "Organization address"
//        @Param                        group        body                apicommon.CreateOrganizationMemberGroupRequest        true        "Group info to create"
//        @Success                200                {object}        apicommon.OrganizationMemberGroupInfo
//        @Failure                400                {object}        errors.Error        "Invalid input data"
//        @Failure                401                {object}        errors.Error        "Unauthorized"
//        @Failure                404                {object}        errors.Error        "Organization not found"
//        @Failure                500                {object}        errors.Error        "Internal server error"
//        @Router                        /organizations/{address}/groups [post]
func (a *API) createOrganizationMemberGroupHandler(w http.ResponseWriter, r *http.Request) {
        // get the user from the request context
        user, ok := apicommon.UserFromContext(r.Context())
        if !ok {
                errors.ErrUnauthorized.Write(w)
                return
        }
        // get the organization info from the request context
        org, _, ok := a.organizationFromRequest(r)
        if !ok {
                errors.ErrNoOrganizationProvided.Write(w)
                return
        }
        if !user.HasRoleFor(org.Address, db.AdminRole) && !user.HasRoleFor(org.Address, db.ManagerRole) {
                // if the user is not admin or manager of the organization, return an error
                errors.ErrUnauthorized.Withf("user is not admin of organization").Write(w)
                return
        }

        var toCreate apicommon.CreateOrganizationMemberGroupRequest
        if err := json.NewDecoder(r.Body).Decode(&toCreate); err != nil {
                errors.ErrMalformedBody.Write(w)
                return
        }

        var memberIDs []string
        var err error

        // Check if we should include all members
        if toCreate.IncludeAllMembers {
                // Get all member IDs from the database
                memberIDs, err = a.db.GetAllOrgMemberIDs(org.Address)
                if err != nil {
                        errors.ErrGenericInternalServerError.Withf("could not get all org member IDs: %v", err).Write(w)
                        return
                }
                log.Infow("creating group with all organization members",
                        "org", org.Address.Hex(),
                        "count", len(memberIDs),
                        "user", user.Email,
                        "title", toCreate.Title)
        } else {
                // Use the provided member IDs
                memberIDs = toCreate.MemberIDs
        }

        newMemberGroup := &db.OrganizationMemberGroup{
                Title:       toCreate.Title,
                Description: toCreate.Description,
                MemberIDs:   memberIDs,
                OrgAddress:  org.Address,
        }

        groupID, err := a.db.CreateOrganizationMemberGroup(newMemberGroup)
        if err != nil {
                if err == db.ErrNotFound {
                        errors.ErrInvalidData.Withf("organization not found").Write(w)
                        return
                }
                errors.ErrGenericInternalServerError.Withf("could not create organization member group: %v", err).Write(w)
                return
        }
        apicommon.HTTPWriteJSON(w, &apicommon.OrganizationMemberGroupInfo{
                ID: groupID,
        })
}

// updateOrganizationMemberGroupHandler godoc
//
//        @Summary                Update an organization member group
//        @Description        Update an organization member group changing the info, and adding or removing members
//        @Description        Needs admin or manager role
//        @Tags                        organizations
//        @Accept                        json
//        @Produce                json
//        @Security                BearerAuth
//        @Param                        address        path                string                                                                                        true        "Organization address"
//        @Param                        groupID        path                string                                                                                        true        "Group ID"
//        @Param                        group        body                apicommon.UpdateOrganizationMemberGroupsRequest        true        "Group info to update"
//        @Success                200                {string}        string                                                                                        "OK"
//        @Failure                400                {object}        errors.Error                                                                        "Invalid input data"
//        @Failure                401                {object}        errors.Error                                                                        "Unauthorized"
//        @Failure                404                {object}        errors.Error                                                                        "Organization or group not found"
//        @Failure                500                {object}        errors.Error                                                                        "Internal server error"
//        @Router                        /organizations/{address}/groups/{groupID} [put]
func (a *API) updateOrganizationMemberGroupHandler(w http.ResponseWriter, r *http.Request) {
        // get the group ID from the request path
        groupID := chi.URLParam(r, "groupID")
        if groupID == "" {
                errors.ErrInvalidData.Withf("group ID is required").Write(w)
                return
        }
        // get the user from the request context
        user, ok := apicommon.UserFromContext(r.Context())
        if !ok {
                errors.ErrUnauthorized.Write(w)
                return
        }
        // get the organization info from the request context
        org, _, ok := a.organizationFromRequest(r)
        if !ok {
                errors.ErrNoOrganizationProvided.Write(w)
                return
        }
        if !user.HasRoleFor(org.Address, db.AdminRole) && !user.HasRoleFor(org.Address, db.ManagerRole) {
                // if the user is not admin or manager of the organization, return an error
                errors.ErrUnauthorized.Withf("user is not admin of organization").Write(w)
                return
        }

        var toUpdate apicommon.UpdateOrganizationMemberGroupsRequest
        if err := json.NewDecoder(r.Body).Decode(&toUpdate); err != nil {
                errors.ErrMalformedBody.Write(w)
                return
        }

        err := a.db.UpdateOrganizationMemberGroup(
                groupID,
                org.Address,
                toUpdate.Title,
                toUpdate.Description,
                toUpdate.AddMembers,
                toUpdate.RemoveMembers,
        )
        if err != nil {
                if err == db.ErrNotFound {
                        errors.ErrInvalidData.Withf("group not found").Write(w)
                        return
                }
                errors.ErrGenericInternalServerError.Withf("could not update organization member group: %v", err).Write(w)
                return
        }
        apicommon.HTTPWriteOK(w)
}

// deleteOrganizationMemberGroupHandler godoc
//
//        @Summary                Delete an organization member group
//        @Description        Delete an organization member group by its ID
//        @Tags                        organizations
//        @Accept                        json
//        @Produce                json
//        @Security                BearerAuth
//        @Param                        address        path                string                        true        "Organization address"
//        @Param                        groupID        path                string                        true        "Group ID"
//        @Success                200                {string}        string                        "OK"
//        @Failure                400                {object}        errors.Error        "Invalid input data"
//        @Failure                401                {object}        errors.Error        "Unauthorized"
//        @Failure                404                {object}        errors.Error        "Organization or group not found"
//        @Failure                500                {object}        errors.Error        "Internal server error"
//        @Router                        /organizations/{address}/groups/{groupID} [delete]
func (a *API) deleteOrganizationMemberGroupHandler(w http.ResponseWriter, r *http.Request) {
        // get the member ID from the request path
        groupID := chi.URLParam(r, "groupID")
        if groupID == "" {
                errors.ErrInvalidData.Withf("group ID is required").Write(w)
                return
        }
        // get the user from the request context
        user, ok := apicommon.UserFromContext(r.Context())
        if !ok {
                errors.ErrUnauthorized.Write(w)
                return
        }
        // get the organization info from the request context
        org, _, ok := a.organizationFromRequest(r)
        if !ok {
                errors.ErrNoOrganizationProvided.Write(w)
                return
        }
        if !user.HasRoleFor(org.Address, db.AdminRole) && !user.HasRoleFor(org.Address, db.ManagerRole) {
                // if the user is not admin or manager of the organization, return an error
                errors.ErrUnauthorized.Withf("user is not admin of organization").Write(w)
                return
        }
        if err := a.db.DeleteOrganizationMemberGroup(groupID, org.Address); err != nil {
                if err == db.ErrNotFound {
                        errors.ErrInvalidData.Withf("group not found").Write(w)
                        return
                }
                errors.ErrGenericInternalServerError.Withf("could not delete organization member group: %v", err).Write(w)
                return
        }
        apicommon.HTTPWriteOK(w)
}

// listOrganizationMemberGroupsHandler godoc
//
//        @Summary                Get the list of members with details of an organization member group
//        @Description        Get the list of members with details of an organization member group
//        @Description        Needs admin or manager role
//        @Tags                        organizations
//        @Accept                        json
//        @Produce                json
//        @Security                BearerAuth
//        @Param                        address                path                string        true        "Organization address"
//        @Param                        groupID                path                string        true        "Group ID"
//        @Param                        page                query                int                false        "Page number for pagination"
//        @Param                        pageSize        query                int                false        "Number of items per page"
//        @Success                200                        {object}        apicommon.ListOrganizationMemberGroupResponse
//        @Failure                400                        {object}        errors.Error        "Invalid input data"
//        @Failure                401                        {object}        errors.Error        "Unauthorized"
//        @Failure                404                        {object}        errors.Error        "Organization or group not found"
//        @Failure                500                        {object}        errors.Error        "Internal server error"
//        @Router                        /organizations/{address}/groups/{groupID}/members [get]
func (a *API) listOrganizationMemberGroupsHandler(w http.ResponseWriter, r *http.Request) {
        // get the group ID from the request path
        groupID := chi.URLParam(r, "groupID")
        if groupID == "" {
                errors.ErrInvalidData.Withf("group ID is required").Write(w)
                return
        }
        // get the user from the request context
        user, ok := apicommon.UserFromContext(r.Context())
        if !ok {
                errors.ErrUnauthorized.Write(w)
                return
        }
        // get the organization info from the request context
        org, _, ok := a.organizationFromRequest(r)
        if !ok {
                errors.ErrNoOrganizationProvided.Write(w)
                return
        }
        if !user.HasRoleFor(org.Address, db.AdminRole) && !user.HasRoleFor(org.Address, db.ManagerRole) {
                // if the user is not admin or manager of the organization, return an error
                errors.ErrUnauthorized.Withf("user is not admin of organization").Write(w)
                return
        }

        // Parse pagination parameters from query string
        page := 1      // Default page number
        pageSize := 10 // Default page size

        if pageStr := r.URL.Query().Get("page"); pageStr != "" {
                if pageVal, err := strconv.Atoi(pageStr); err == nil && pageVal > 0 {
                        page = pageVal
                }
        }

        if pageSizeStr := r.URL.Query().Get("pageSize"); pageSizeStr != "" {
                if pageSizeVal, err := strconv.Atoi(pageSizeStr); err == nil && pageSizeVal > 0 {
                        pageSize = pageSizeVal
                }
        }

        totalPages, members, err := a.db.ListOrganizationMemberGroup(groupID, org.Address, int64(page), int64(pageSize))
        if err != nil {
                if err == db.ErrNotFound {
                        errors.ErrInvalidData.Withf("group not found").Write(w)
                        return
                }
                errors.ErrGenericInternalServerError.Withf("could not get organization member group members: %v", err).Write(w)
                return
        }
        if totalPages == 0 {
                // If no members are found, return an empty response
                apicommon.HTTPWriteJSON(w, &apicommon.ListOrganizationMemberGroupResponse{
                        TotalPages:  totalPages,
                        CurrentPage: 0,
                        Members:     []apicommon.OrgMember{},
                })
                return
        }
        // convert the members to the response format
        membersResponse := make([]apicommon.OrgMember, 0, len(members))
        for _, m := range members {
                membersResponse = append(membersResponse, apicommon.OrgMemberFromDb(*m))
        }

        apicommon.HTTPWriteJSON(w, &apicommon.ListOrganizationMemberGroupResponse{
                TotalPages:  totalPages,
                CurrentPage: page,
                Members:     membersResponse,
        })
}

// organizationMemberGroupValidateHandler godoc
//
//        @Summary                Validate organization group members data
//        @Description        Checks the AuthFields for duplicates or empty fields and the TwoFaFields for empty ones.
//        @Tags                        organizations
//        @Accept                        json
//        @Produce                json
//        @Security                BearerAuth
//        @Param                        address        path                string                                                                        true        "Organization address"
//        @Param                        groupID        path                string                                                                        true        "Group ID"
//        @Param                        members        body                apicommon.ValidateMemberGroupRequest        true        "Members validation request"
//        @Success                200                {string}        string                                                                        "OK"
//        @Failure                400                {object}        errors.Error                                                        "Invalid input data"
//        @Failure                401                {object}        errors.Error                                                        "Unauthorized"
//        @Failure                404                {object}        errors.Error                                                        "Organization or group not found"
//        @Failure                500                {object}        errors.Error                                                        "Internal server error"
//
//        @Router                        /organizations/{address}/groups/{groupID}/validate [post]
func (a *API) organizationMemberGroupValidateHandler(w http.ResponseWriter, r *http.Request) {
        // get the group ID from the request path
        groupID := chi.URLParam(r, "groupID")
        if groupID == "" {
                errors.ErrInvalidData.Withf("group ID is required").Write(w)
                return
        }
        // get the user from the request context
        user, ok := apicommon.UserFromContext(r.Context())
        if !ok {
                errors.ErrUnauthorized.Write(w)
                return
        }
        // get the organization info from the request context
        org, _, ok := a.organizationFromRequest(r)
        if !ok {
                errors.ErrNoOrganizationProvided.Write(w)
                return
        }
        if !user.HasRoleFor(org.Address, db.AdminRole) && !user.HasRoleFor(org.Address, db.ManagerRole) {
                // if the user is not admin or manager of the organization, return an error
                errors.ErrUnauthorized.Withf("user is not admin of organization").Write(w)
                return
        }

        var membersRequest apicommon.ValidateMemberGroupRequest
        if err := json.NewDecoder(r.Body).Decode(&membersRequest); err != nil {
                errors.ErrMalformedBody.Write(w)
                return
        }

        if len(membersRequest.AuthFields) == 0 && len(membersRequest.TwoFaFields) == 0 {
                errors.ErrInvalidData.Withf("missing both AuthFields and TwoFaFields").Write(w)
                return
        }

        // check the org members to veriy tha the OrgMemberAuthFields can be used for authentication
        aggregationResults, err := a.db.CheckGroupMembersFields(
                org.Address,
                groupID,
                membersRequest.AuthFields,
                membersRequest.TwoFaFields,
        )
        if err != nil {
                errors.ErrGenericInternalServerError.WithErr(err).Write(w)
                return
        }
        if len(aggregationResults.Duplicates) > 0 || len(aggregationResults.MissingData) > 0 {
                // if there are incorrect members, return an error with the IDs of the incorrect members
                errors.ErrInvalidData.WithData(aggregationResults).Write(w)
                return
        }

        apicommon.HTTPWriteOK(w)
}

1	package api
2
3	import (
4	"encoding/json"
5	"net/http"
6	"strconv"
7
8	"github.com/go-chi/chi/v5"
9	"github.com/vocdoni/saas-backend/api/apicommon"
10	"github.com/vocdoni/saas-backend/db"
11	"github.com/vocdoni/saas-backend/errors"
12	"go.vocdoni.io/dvote/log"
13	)
14
15	// organizationMemberGroupsHandler godoc
16	//
17	// @Summary Get organization member groups
18	// @Description Get the list of groups and their info of the organization
19	// @Description Does not return the members of the groups, only the groups themselves.
20	// @Description Needs admin or manager role
21	// @Tags organizations
22	// @Accept json
23	// @Produce json
24	// @Security BearerAuth
25	// @Param address path string true "Organization address"
26	// @Param page query integer false "Page number (default: 1)"
27	// @Param pageSize query integer false "Number of items per page (default: 10)"
28	// @Success 200 {object} apicommon.OrganizationMemberGroupsResponse
29	// @Failure 400 {object} errors.Error "Invalid input data"
30	// @Failure 401 {object} errors.Error "Unauthorized"
31	// @Failure 404 {object} errors.Error "Organization not found"
32	// @Failure 500 {object} errors.Error "Internal server error"
33	// @Router /organizations/{address}/groups [get]
34	func (a API) organizationMemberGroupsHandler(w http.ResponseWriter, r http.Request) {	6✔
35	// get the user from the request context	6✔
36	user, ok := apicommon.UserFromContext(r.Context())	6✔
37	if !ok {	6✔
38	errors.ErrUnauthorized.Write(w)	×
39	return	×
40	}	×
41	// get the organization info from the request context
42	org, _, ok := a.organizationFromRequest(r)	6✔
43	if !ok {	7✔
44	errors.ErrNoOrganizationProvided.Write(w)	1✔
45	return	1✔
46	}	1✔
47	if !user.HasRoleFor(org.Address, db.AdminRole) && !user.HasRoleFor(org.Address, db.ManagerRole) {	6✔
48	// if the user is not admin or manager of the organization, return an error	1✔
49	errors.ErrUnauthorized.Withf("user is not admin of organization").Write(w)	1✔
50	return	1✔
51	}	1✔
52
53	// Parse pagination parameters from query string
54	page := 1 // Default page number	4✔
55	pageSize := 10 // Default page size	4✔
56		4✔
57	if pageStr := r.URL.Query().Get("page"); pageStr != "" {	4✔
58	if pageVal, err := strconv.Atoi(pageStr); err == nil && pageVal > 0 {	×
59	page = pageVal	×
60	}	×
61	}
62
63	if pageSizeStr := r.URL.Query().Get("pageSize"); pageSizeStr != "" {	4✔
64	if pageSizeVal, err := strconv.Atoi(pageSizeStr); err == nil && pageSizeVal > 0 {	×
65	pageSize = pageSizeVal	×
66	}	×
67	}
68
69	// send the organization back to the user
70	pages, groups, err := a.db.OrganizationMemberGroups(org.Address, page, pageSize)	4✔
71	if err != nil {	4✔
72	errors.ErrGenericInternalServerError.Withf("could not get organization members: %v", err).Write(w)	×
73	return	×
74	}	×
75	memberGroups := apicommon.OrganizationMemberGroupsResponse{	4✔
76	TotalPages: pages,	4✔
77	CurrentPage: page,	4✔
78	Groups: make([]*apicommon.OrganizationMemberGroupInfo, 0, len(groups)),	4✔
79	}	4✔
80	for _, group := range groups {	11✔
81	memberGroups.Groups = append(memberGroups.Groups, &apicommon.OrganizationMemberGroupInfo{	7✔
82	ID: group.ID.Hex(),	7✔
83	Title: group.Title,	7✔
84	Description: group.Description,	7✔
85	CreatedAt: group.CreatedAt,	7✔
86	UpdatedAt: group.UpdatedAt,	7✔
87	CensusIDs: group.CensusIDs,	7✔
88	MembersCount: len(group.MemberIDs),	7✔
89	})	7✔
90	}	7✔
91	apicommon.HTTPWriteJSON(w, memberGroups)	4✔
92	}
93
94	// organizationMemberGroupHandler godoc
95	//
96	// @Summary Get the information of an organization member group
97	// @Description Get the information of an organization member group by its ID
98	// @Description Needs admin or manager role
99	// @Tags organizations
100	// @Accept json
101	// @Produce json
102	// @Security BearerAuth
103	// @Param address path string true "Organization address"
104	// @Param groupID path string true "Group ID"
105	// @Success 200 {object} apicommon.OrganizationMemberGroupInfo
106	// @Failure 400 {object} errors.Error "Invalid input data"
107	// @Failure 401 {object} errors.Error "Unauthorized"
108	// @Failure 404 {object} errors.Error "Organization or group not found"
109	// @Failure 500 {object} errors.Error "Internal server error"
110	// @Router /organizations/{address}/groups/{groupID} [get]
111	func (a API) organizationMemberGroupHandler(w http.ResponseWriter, r http.Request) {	9✔
112	// get the group ID from the request path	9✔
113	groupID := chi.URLParam(r, "groupID")	9✔
114	if groupID == "" {	9✔
115	errors.ErrInvalidData.Withf("group ID is required").Write(w)	×
116	return	×
117	}	×
118	// get the user from the request context
119	user, ok := apicommon.UserFromContext(r.Context())	9✔
120	if !ok {	9✔
121	errors.ErrUnauthorized.Write(w)	×
122	return	×
123	}	×
124	// get the organization info from the request context
125	org, _, ok := a.organizationFromRequest(r)	9✔
126	if !ok {	9✔
127	errors.ErrNoOrganizationProvided.Write(w)	×
128	return	×
129	}	×
130	if !user.HasRoleFor(org.Address, db.AdminRole) && !user.HasRoleFor(org.Address, db.ManagerRole) {	9✔
131	// if the user is not admin or manager of the organization, return an error	×
132	errors.ErrUnauthorized.Withf("user is not admin of organization").Write(w)	×
133	return	×
134	}	×
135
136	group, err := a.db.OrganizationMemberGroup(groupID, org.Address)	9✔
137	if err != nil {	11✔
138	if err == db.ErrNotFound {	3✔
139	errors.ErrInvalidData.Withf("group not found").Write(w)	1✔
140	return	1✔
141	}	1✔
142	errors.ErrGenericInternalServerError.Withf("could not get organization member group: %v", err).Write(w)	1✔
143	return	1✔
144	}
145	apicommon.HTTPWriteJSON(w, &apicommon.OrganizationMemberGroupInfo{	7✔
146	ID: group.ID.Hex(),	7✔
147	Title: group.Title,	7✔
148	Description: group.Description,	7✔
149	MemberIDs: group.MemberIDs,	7✔
150	CensusIDs: group.CensusIDs,	7✔
151	CreatedAt: group.CreatedAt,	7✔
152	UpdatedAt: group.UpdatedAt,	7✔
153	})	7✔
154	}
155
156	// createOrganizationMemberGroupHandler godoc
157	//
158	// @Summary Create an organization member group
159	// @Description Create an organization member group with the given members or all members
160	// @Description Needs admin or manager role
161	// @Tags organizations
162	// @Accept json
163	// @Produce json
164	// @Security BearerAuth
165	// @Param address path string true "Organization address"
166	// @Param group body apicommon.CreateOrganizationMemberGroupRequest true "Group info to create"
167	// @Success 200 {object} apicommon.OrganizationMemberGroupInfo
168	// @Failure 400 {object} errors.Error "Invalid input data"
169	// @Failure 401 {object} errors.Error "Unauthorized"
170	// @Failure 404 {object} errors.Error "Organization not found"
171	// @Failure 500 {object} errors.Error "Internal server error"
172	// @Router /organizations/{address}/groups [post]
173	func (a API) createOrganizationMemberGroupHandler(w http.ResponseWriter, r http.Request) {	17✔
174	// get the user from the request context	17✔
175	user, ok := apicommon.UserFromContext(r.Context())	17✔
176	if !ok {	17✔
177	errors.ErrUnauthorized.Write(w)	×
178	return	×
179	}	×
180	// get the organization info from the request context
181	org, _, ok := a.organizationFromRequest(r)	17✔
182	if !ok {	18✔
183	errors.ErrNoOrganizationProvided.Write(w)	1✔
184	return	1✔
185	}	1✔
186	if !user.HasRoleFor(org.Address, db.AdminRole) && !user.HasRoleFor(org.Address, db.ManagerRole) {	18✔
187	// if the user is not admin or manager of the organization, return an error	2✔
188	errors.ErrUnauthorized.Withf("user is not admin of organization").Write(w)	2✔
189	return	2✔
190	}	2✔
191
192	var toCreate apicommon.CreateOrganizationMemberGroupRequest	14✔
193	if err := json.NewDecoder(r.Body).Decode(&toCreate); err != nil {	14✔
194	errors.ErrMalformedBody.Write(w)	×
195	return	×
196	}	×
197
198	var memberIDs []string	14✔
199	var err error	14✔
200		14✔
201	// Check if we should include all members	14✔
202	if toCreate.IncludeAllMembers {	17✔
203	// Get all member IDs from the database	3✔
204	memberIDs, err = a.db.GetAllOrgMemberIDs(org.Address)	3✔
205	if err != nil {	3✔
206	errors.ErrGenericInternalServerError.Withf("could not get all org member IDs: %v", err).Write(w)	×
207	return	×
208	}	×
209	log.Infow("creating group with all organization members",	3✔
210	"org", org.Address.Hex(),	3✔
211	"count", len(memberIDs),	3✔
212	"user", user.Email,	3✔
213	"title", toCreate.Title)	3✔
214	} else {	11✔
215	// Use the provided member IDs	11✔
216	memberIDs = toCreate.MemberIDs	11✔
217	}	11✔
218
219	newMemberGroup := &db.OrganizationMemberGroup{	14✔
220	Title: toCreate.Title,	14✔
221	Description: toCreate.Description,	14✔
222	MemberIDs: memberIDs,	14✔
223	OrgAddress: org.Address,	14✔
224	}	14✔
225		14✔
226	groupID, err := a.db.CreateOrganizationMemberGroup(newMemberGroup)	14✔
227	if err != nil {	16✔
228	if err == db.ErrNotFound {	2✔
229	errors.ErrInvalidData.Withf("organization not found").Write(w)	×
230	return	×
231	}	×
232	errors.ErrGenericInternalServerError.Withf("could not create organization member group: %v", err).Write(w)	2✔
233	return	2✔
234	}
235	apicommon.HTTPWriteJSON(w, &apicommon.OrganizationMemberGroupInfo{	12✔
236	ID: groupID,	12✔
237	})	12✔
238	}
239
240	// updateOrganizationMemberGroupHandler godoc
241	//
242	// @Summary Update an organization member group
243	// @Description Update an organization member group changing the info, and adding or removing members
244	// @Description Needs admin or manager role
245	// @Tags organizations
246	// @Accept json
247	// @Produce json
248	// @Security BearerAuth
249	// @Param address path string true "Organization address"
250	// @Param groupID path string true "Group ID"
251	// @Param group body apicommon.UpdateOrganizationMemberGroupsRequest true "Group info to update"
252	// @Success 200 {string} string "OK"
253	// @Failure 400 {object} errors.Error "Invalid input data"
254	// @Failure 401 {object} errors.Error "Unauthorized"
255	// @Failure 404 {object} errors.Error "Organization or group not found"
256	// @Failure 500 {object} errors.Error "Internal server error"
257	// @Router /organizations/{address}/groups/{groupID} [put]
258	func (a API) updateOrganizationMemberGroupHandler(w http.ResponseWriter, r http.Request) {	5✔
259	// get the group ID from the request path	5✔
260	groupID := chi.URLParam(r, "groupID")	5✔
261	if groupID == "" {	5✔
262	errors.ErrInvalidData.Withf("group ID is required").Write(w)	×
263	return	×
264	}	×
265	// get the user from the request context
266	user, ok := apicommon.UserFromContext(r.Context())	5✔
267	if !ok {	5✔
268	errors.ErrUnauthorized.Write(w)	×
269	return	×
270	}	×
271	// get the organization info from the request context
272	org, _, ok := a.organizationFromRequest(r)	5✔
273	if !ok {	5✔
274	errors.ErrNoOrganizationProvided.Write(w)	×
275	return	×
276	}	×
277	if !user.HasRoleFor(org.Address, db.AdminRole) && !user.HasRoleFor(org.Address, db.ManagerRole) {	6✔
278	// if the user is not admin or manager of the organization, return an error	1✔
279	errors.ErrUnauthorized.Withf("user is not admin of organization").Write(w)	1✔
280	return	1✔
281	}	1✔
282
283	var toUpdate apicommon.UpdateOrganizationMemberGroupsRequest	4✔
284	if err := json.NewDecoder(r.Body).Decode(&toUpdate); err != nil {	4✔
285	errors.ErrMalformedBody.Write(w)	×
286	return	×
287	}	×
288
289	err := a.db.UpdateOrganizationMemberGroup(	4✔
290	groupID,	4✔
291	org.Address,	4✔
292	toUpdate.Title,	4✔
293	toUpdate.Description,	4✔
294	toUpdate.AddMembers,	4✔
295	toUpdate.RemoveMembers,	4✔
296	)	4✔
297	if err != nil {	5✔
298	if err == db.ErrNotFound {	1✔
299	errors.ErrInvalidData.Withf("group not found").Write(w)	×
300	return	×
301	}	×
302	errors.ErrGenericInternalServerError.Withf("could not update organization member group: %v", err).Write(w)	1✔
303	return	1✔
304	}
305	apicommon.HTTPWriteOK(w)	3✔
306	}
307
308	// deleteOrganizationMemberGroupHandler godoc
309	//
310	// @Summary Delete an organization member group
311	// @Description Delete an organization member group by its ID
312	// @Tags organizations
313	// @Accept json
314	// @Produce json
315	// @Security BearerAuth
316	// @Param address path string true "Organization address"
317	// @Param groupID path string true "Group ID"
318	// @Success 200 {string} string "OK"
319	// @Failure 400 {object} errors.Error "Invalid input data"
320	// @Failure 401 {object} errors.Error "Unauthorized"
321	// @Failure 404 {object} errors.Error "Organization or group not found"
322	// @Failure 500 {object} errors.Error "Internal server error"
323	// @Router /organizations/{address}/groups/{groupID} [delete]
324	func (a API) deleteOrganizationMemberGroupHandler(w http.ResponseWriter, r http.Request) {	5✔
325	// get the member ID from the request path	5✔
326	groupID := chi.URLParam(r, "groupID")	5✔
327	if groupID == "" {	5✔
328	errors.ErrInvalidData.Withf("group ID is required").Write(w)	×
329	return	×
330	}	×
331	// get the user from the request context
332	user, ok := apicommon.UserFromContext(r.Context())	5✔
333	if !ok {	5✔
334	errors.ErrUnauthorized.Write(w)	×
335	return	×
336	}	×
337	// get the organization info from the request context
338	org, _, ok := a.organizationFromRequest(r)	5✔
339	if !ok {	5✔
340	errors.ErrNoOrganizationProvided.Write(w)	×
341	return	×
342	}	×
343	if !user.HasRoleFor(org.Address, db.AdminRole) && !user.HasRoleFor(org.Address, db.ManagerRole) {	6✔
344	// if the user is not admin or manager of the organization, return an error	1✔
345	errors.ErrUnauthorized.Withf("user is not admin of organization").Write(w)	1✔
346	return	1✔
347	}	1✔
348	if err := a.db.DeleteOrganizationMemberGroup(groupID, org.Address); err != nil {	5✔
349	if err == db.ErrNotFound {	1✔
350	errors.ErrInvalidData.Withf("group not found").Write(w)	×
351	return	×
352	}	×
353	errors.ErrGenericInternalServerError.Withf("could not delete organization member group: %v", err).Write(w)	1✔
354	return	1✔
355	}
356	apicommon.HTTPWriteOK(w)	3✔
357	}
358
359	// listOrganizationMemberGroupsHandler godoc
360	//
361	// @Summary Get the list of members with details of an organization member group
362	// @Description Get the list of members with details of an organization member group
363	// @Description Needs admin or manager role
364	// @Tags organizations
365	// @Accept json
366	// @Produce json
367	// @Security BearerAuth
368	// @Param address path string true "Organization address"
369	// @Param groupID path string true "Group ID"
370	// @Param page query int false "Page number for pagination"
371	// @Param pageSize query int false "Number of items per page"
372	// @Success 200 {object} apicommon.ListOrganizationMemberGroupResponse
373	// @Failure 400 {object} errors.Error "Invalid input data"
374	// @Failure 401 {object} errors.Error "Unauthorized"
375	// @Failure 404 {object} errors.Error "Organization or group not found"
376	// @Failure 500 {object} errors.Error "Internal server error"
377	// @Router /organizations/{address}/groups/{groupID}/members [get]
378	func (a API) listOrganizationMemberGroupsHandler(w http.ResponseWriter, r http.Request) {	5✔
379	// get the group ID from the request path	5✔
380	groupID := chi.URLParam(r, "groupID")	5✔
381	if groupID == "" {	5✔
382	errors.ErrInvalidData.Withf("group ID is required").Write(w)	×
383	return	×
384	}	×
385	// get the user from the request context
386	user, ok := apicommon.UserFromContext(r.Context())	5✔
387	if !ok {	5✔
388	errors.ErrUnauthorized.Write(w)	×
389	return	×
390	}	×
391	// get the organization info from the request context
392	org, _, ok := a.organizationFromRequest(r)	5✔
393	if !ok {	5✔
394	errors.ErrNoOrganizationProvided.Write(w)	×
395	return	×
396	}	×
397	if !user.HasRoleFor(org.Address, db.AdminRole) && !user.HasRoleFor(org.Address, db.ManagerRole) {	6✔
398	// if the user is not admin or manager of the organization, return an error	1✔
399	errors.ErrUnauthorized.Withf("user is not admin of organization").Write(w)	1✔
400	return	1✔
401	}	1✔
402
403	// Parse pagination parameters from query string
404	page := 1 // Default page number	4✔
405	pageSize := 10 // Default page size	4✔
406		4✔
407	if pageStr := r.URL.Query().Get("page"); pageStr != "" {	5✔
408	if pageVal, err := strconv.Atoi(pageStr); err == nil && pageVal > 0 {	2✔
409	page = pageVal	1✔
410	}	1✔
411	}
412
413	if pageSizeStr := r.URL.Query().Get("pageSize"); pageSizeStr != "" {	5✔
414	if pageSizeVal, err := strconv.Atoi(pageSizeStr); err == nil && pageSizeVal > 0 {	2✔
415	pageSize = pageSizeVal	1✔
416	}	1✔
417	}
418
419	totalPages, members, err := a.db.ListOrganizationMemberGroup(groupID, org.Address, int64(page), int64(pageSize))	4✔
420	if err != nil {	5✔
421	if err == db.ErrNotFound {	1✔
422	errors.ErrInvalidData.Withf("group not found").Write(w)	×
423	return	×
424	}	×
425	errors.ErrGenericInternalServerError.Withf("could not get organization member group members: %v", err).Write(w)	1✔
426	return	1✔
427	}
428	if totalPages == 0 {	3✔
429	// If no members are found, return an empty response	×
430	apicommon.HTTPWriteJSON(w, &apicommon.ListOrganizationMemberGroupResponse{	×
431	TotalPages: totalPages,	×
432	CurrentPage: 0,	×
433	Members: []apicommon.OrgMember{},	×
434	})	×
NEW 435	return	×
UNCOV 436	}	×
437	// convert the members to the response format
438	membersResponse := make([]apicommon.OrgMember, 0, len(members))	3✔
439	for _, m := range members {	9✔
440	membersResponse = append(membersResponse, apicommon.OrgMemberFromDb(*m))	6✔
441	}	6✔
442
443	apicommon.HTTPWriteJSON(w, &apicommon.ListOrganizationMemberGroupResponse{	3✔
444	TotalPages: totalPages,	3✔
445	CurrentPage: page,	3✔
446	Members: membersResponse,	3✔
447	})	3✔
448	}
449
450	// organizationMemberGroupValidateHandler godoc
451	//
452	// @Summary Validate organization group members data
453	// @Description Checks the AuthFields for duplicates or empty fields and the TwoFaFields for empty ones.
454	// @Tags organizations
455	// @Accept json
456	// @Produce json
457	// @Security BearerAuth
458	// @Param address path string true "Organization address"
459	// @Param groupID path string true "Group ID"
460	// @Param members body apicommon.ValidateMemberGroupRequest true "Members validation request"
461	// @Success 200 {string} string "OK"
462	// @Failure 400 {object} errors.Error "Invalid input data"
463	// @Failure 401 {object} errors.Error "Unauthorized"
464	// @Failure 404 {object} errors.Error "Organization or group not found"
465	// @Failure 500 {object} errors.Error "Internal server error"
466	//
467	// @Router /organizations/{address}/groups/{groupID}/validate [post]
468	func (a API) organizationMemberGroupValidateHandler(w http.ResponseWriter, r http.Request) {	9✔
469	// get the group ID from the request path	9✔
470	groupID := chi.URLParam(r, "groupID")	9✔
471	if groupID == "" {	9✔
472	errors.ErrInvalidData.Withf("group ID is required").Write(w)	×
473	return	×
474	}	×
475	// get the user from the request context
476	user, ok := apicommon.UserFromContext(r.Context())	9✔
477	if !ok {	9✔
478	errors.ErrUnauthorized.Write(w)	×
479	return	×
480	}	×
481	// get the organization info from the request context
482	org, _, ok := a.organizationFromRequest(r)	9✔
483	if !ok {	9✔
484	errors.ErrNoOrganizationProvided.Write(w)	×
485	return	×
486	}	×
487	if !user.HasRoleFor(org.Address, db.AdminRole) && !user.HasRoleFor(org.Address, db.ManagerRole) {	10✔
488	// if the user is not admin or manager of the organization, return an error	1✔
489	errors.ErrUnauthorized.Withf("user is not admin of organization").Write(w)	1✔
490	return	1✔
491	}	1✔
492
493	var membersRequest apicommon.ValidateMemberGroupRequest	8✔
494	if err := json.NewDecoder(r.Body).Decode(&membersRequest); err != nil {	8✔
495	errors.ErrMalformedBody.Write(w)	×
496	return	×
497	}	×
498
499	if len(membersRequest.AuthFields) == 0 && len(membersRequest.TwoFaFields) == 0 {	9✔
500	errors.ErrInvalidData.Withf("missing both AuthFields and TwoFaFields").Write(w)	1✔
501	return	1✔
502	}	1✔
503
504	// check the org members to veriy tha the OrgMemberAuthFields can be used for authentication
505	aggregationResults, err := a.db.CheckGroupMembersFields(	7✔
506	org.Address,	7✔
507	groupID,	7✔
508	membersRequest.AuthFields,	7✔
509	membersRequest.TwoFaFields,	7✔
510	)	7✔
511	if err != nil {	8✔
512	errors.ErrGenericInternalServerError.WithErr(err).Write(w)	1✔
513	return	1✔
514	}	1✔
515	if len(aggregationResults.Duplicates) > 0 \|\| len(aggregationResults.MissingData) > 0 {	9✔
516	// if there are incorrect members, return an error with the IDs of the incorrect members	3✔
517	errors.ErrInvalidData.WithData(aggregationResults).Write(w)	3✔
518	return	3✔
519	}	3✔
520
521	apicommon.HTTPWriteOK(w)	3✔
522	}

vocdoni / saas-backend / 18592912027

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous