Frontend Build Out

cmd/server/BUILD.bazel

@@ -15,6 +15,7 @@ go_library(
         "//executors/docker",
         "//oapierr",
         "//openapi:pacta_generated",
+        "//pacta",
         "//secrets",
         "//task",
         "@com_github_azure_azure_sdk_for_go_sdk_azcore//:azcore",

cmd/server/main.go

@@ -21,6 +21,7 @@ import (
 	"github.com/RMI/pacta/executors/docker"
 	"github.com/RMI/pacta/oapierr"
 	oapipacta "github.com/RMI/pacta/openapi/pacta"
+	"github.com/RMI/pacta/pacta"
 	"github.com/RMI/pacta/secrets"
 	"github.com/RMI/pacta/task"
 	"github.com/Silicon-Ally/cryptorand"
@@ -268,11 +269,12 @@ func run(args []string) error {
 			// LogEntry created by the logging middleware.
 			chimiddleware.RequestID,
 			chimiddleware.RealIP,
-			zaphttplog.NewMiddleware(logger),
+			zaphttplog.NewMiddleware(logger, zaphttplog.WithConcise(true)),
 			chimiddleware.Recoverer,
 
 			jwtauth.Verifier(jwtauth.New("EdDSA", nil, jwKey)),
 			jwtauth.Authenticator,
+			addUserIdentityToContextIfLoggedIn(logger, db),
 
 			oapimiddleware.OapiRequestValidator(pactaSwagger),
 
@@ -340,6 +342,61 @@ func rateLimitMiddleware(maxReq int, windowLength time.Duration) func(http.Handl
 		}))
 }
 
+func addUserIdentityToContextIfLoggedIn(logger *zap.Logger, db *sqldb.DB) func(http.Handler) http.Handler {
+	fn := func(c context.Context) (context.Context, error) {
+		token, _, err := jwtauth.FromContext(c)
+		if err != nil {
+			return nil, fmt.Errorf("error getting authorization token: %w", err)
+		}
+		if token == nil {
+			return nil, fmt.Errorf("nil authorization token")
+		}
+		emailsClaim, ok := token.PrivateClaims()["emails"]
+		if !ok {
+			return nil, fmt.Errorf("no email claim in token")
+		}
+		emails, ok := emailsClaim.([]interface{})
+		if !ok || len(emails) == 0 {
+			return nil, fmt.Errorf("couldn't find email claim in token: %T", emailsClaim)
+		}
+		// TODO(#18) Handle Multiple Emails in the Token Claims gracefully
+		if len(emails) > 1 {
+			return nil, fmt.Errorf("multiple emails in token: %+v", emails)
+		}
+		email, ok := emails[0].(string)
+		if !ok {
+			return nil, fmt.Errorf("wrong type for email claim: %T", emails[0])
+		}
+		canonical, err := pacta.CanonicalizeEmail(email)
+		if err != nil {
+			return nil, fmt.Errorf("invalid email on token: %q", email)
+		}
+		authnID := token.Subject()
+		if authnID == "" {
+			return nil, fmt.Errorf("couldn't find authn id in jwt")
+		}
+		user, err := db.GetOrCreateUserByAuthn(db.NoTxn(c), pacta.AuthnMechanism_EmailAndPass, authnID, email, canonical)
+		if err != nil {
+			return nil, fmt.Errorf("failed to get user by authn: %w", err)
+		}
+		return jwtauth.WithUserId(c, string(user.ID)), nil
+	}
+
+	return func(next http.Handler) http.Handler {
+		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			ctx, err := fn(r.Context())
+			if err != nil {
+				// Optionally log errors here when debugging authentication access.
+				// logger.Warn("couldn't authenticate", zap.Error(err))
+				// http.Error(w, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
+				next.ServeHTTP(w, r)
+				return
+			}
+			next.ServeHTTP(w, r.WithContext(ctx))
+		})
+	}
+}
+
 func findFirstInClaims(claims map[string]any, keys ...string) (string, error) {
 	for _, k := range keys {
 		v, ok := claims[k]

cmd/server/pactasrv/BUILD.bazel

@@ -4,6 +4,8 @@ go_library(
     name = "pactasrv",
     srcs = [
         "initiative.go",
+        "initiative_invitation.go",
+        "initiative_user_relationship.go",
         "pacta_version.go",
         "pactasrv.go",
         "user.go",

cmd/server/pactasrv/conv/oapi_to_pacta.go

@@ -51,6 +51,22 @@ func PactaVersionCreateFromOAPI(p *api.PactaVersionCreate) (*pacta.PACTAVersion,
 	}, nil
 }
 
+func InitiativeInvitationFromOAPI(i *api.InitiativeInvitationCreate) (*pacta.InitiativeInvitation, error) {
+	if i == nil {
+		return nil, oapierr.Internal("initiativeInvitationToOAPI: can't convert nil pointer")
+	}
+	if !initiativeIDRegex.MatchString(i.Id) {
+		return nil, oapierr.BadRequest("id must contain only alphanumeric characters, underscores, and dashes")
+	}
+	if i.InitiativeId == "" {
+		return nil, oapierr.BadRequest("initiative_id must not be empty")
+	}
+	return &pacta.InitiativeInvitation{
+		ID:         pacta.InitiativeInvitationID(i.Id),
+		Initiative: &pacta.Initiative{ID: pacta.InitiativeID(i.InitiativeId)},
+	}, nil
+}
+
 func ifNil[T any](t *T, fallback T) T {
 	if t == nil {
 		return fallback

cmd/server/pactasrv/conv/pacta_to_oapi.go

@@ -54,6 +54,46 @@ func PactaVersionToOAPI(pv *pacta.PACTAVersion) (*api.PactaVersion, error) {
 	}, nil
 }
 
+func InitiativeInvitationToOAPI(i *pacta.InitiativeInvitation) (*api.InitiativeInvitation, error) {
+	if i == nil {
+		return nil, oapierr.Internal("initiativeToOAPI: can't convert nil pointer")
+	}
+	var usedAt *string
+	if !i.UsedAt.IsZero() {
+		usedAt = ptr(i.UsedAt.String())
+	}
+	var usedBy *string
+	if i.UsedBy != nil {
+		usedBy = ptr(string(i.UsedBy.ID))
+	}
+	return &api.InitiativeInvitation{
+		CreatedAt:    i.CreatedAt,
+		Id:           string(i.ID),
+		InitiativeId: string(i.Initiative.ID),
+		UsedAt:       usedAt,
+		UsedByUserId: usedBy,
+	}, nil
+}
+
+func InitiativeUserRelationshipToOAPI(i *pacta.InitiativeUserRelationship) (*api.InitiativeUserRelationship, error) {
+	if i == nil {
+		return nil, oapierr.Internal("initiativeUserRelationshipToOAPI: can't convert nil pointer")
+	}
+	if i.User == nil {
+		return nil, oapierr.Internal("initiativeUserRelationshipToOAPI: can't convert nil user")
+	}
+	if i.Initiative == nil {
+		return nil, oapierr.Internal("initiativeUserRelationshipToOAPI: can't convert nil initiative")
+	}
+	return &api.InitiativeUserRelationship{
+		UpdatedAt:    i.UpdatedAt,
+		InitiativeId: string(i.Initiative.ID),
+		UserId:       string(i.User.ID),
+		Manager:      i.Manager,
+		Member:       i.Member,
+	}, nil
+}
+
 func ptr[T any](t T) *T {
 	return &t
 }

cmd/server/pactasrv/initiative_invitation.go

@@ -0,0 +1,118 @@
+package pactasrv
+
+import (
+	"context"
+	"fmt"
+	"time"
+
+	"github.com/RMI/pacta/cmd/server/pactasrv/conv"
+	"github.com/RMI/pacta/db"
+	"github.com/RMI/pacta/oapierr"
+	api "github.com/RMI/pacta/openapi/pacta"
+	"github.com/RMI/pacta/pacta"
+	"go.uber.org/zap"
+)
+
+// Creates an initiative invitation
+// (POST /initiative-invitation)
+func (s *Server) CreateInitiativeInvitation(ctx context.Context, request api.CreateInitiativeInvitationRequestObject) (api.CreateInitiativeInvitationResponseObject, error) {
+	// TODO(#12) Implement Authorization
+	ii, err := conv.InitiativeInvitationFromOAPI(request.Body)
+	if err != nil {
+		return nil, err
+	}
+	id, err := s.DB.CreateInitiativeInvitation(s.DB.NoTxn(ctx), ii)
+	if err != nil {
+		return nil, oapierr.Internal("failed to create initiative invitation", zap.Error(err))
+	}
+	if id != ii.ID {
+		return nil, oapierr.Internal(
+			"failed to create initiative invitation: ID mismatch",
+			zap.String("requested_id", string(ii.ID)),
+			zap.String("actual_id", string(id)),
+		)
+	}
+	return api.CreateInitiativeInvitation204Response{}, nil
+}
+
+// Deletes an initiative invitation by id
+// (DELETE /initiative-invitation/{id})
+func (s *Server) DeleteInitiativeInvitation(ctx context.Context, request api.DeleteInitiativeInvitationRequestObject) (api.DeleteInitiativeInvitationResponseObject, error) {
+	// TODO(#12) Implement Authorization
+	err := s.DB.DeleteInitiativeInvitation(s.DB.NoTxn(ctx), pacta.InitiativeInvitationID(request.Id))
+	if err != nil {
+		return nil, oapierr.Internal("failed to delete initiative invitation", zap.Error(err))
+	}
+	return api.DeleteInitiativeInvitation204Response{}, nil
+}
+
+// Returns the initiative invitation from this id, if it exists
+// (GET /initiative-invitation/{id})
+func (s *Server) GetInitiativeInvitation(ctx context.Context, request api.GetInitiativeInvitationRequestObject) (api.GetInitiativeInvitationResponseObject, error) {
+	// TODO(#12) Implement Authorization
+	ii, err := s.DB.InitiativeInvitation(s.DB.NoTxn(ctx), pacta.InitiativeInvitationID(request.Id))
+	if err != nil {
+		return nil, oapierr.Internal("failed to retrieve initiative invitation", zap.Error(err))
+	}
+	result, err := conv.InitiativeInvitationToOAPI(ii)
+	if err != nil {
+		return nil, err
+	}
+	return api.GetInitiativeInvitation200JSONResponse(*result), nil
+}
+
+// Claims this initiative invitation, if it exists
+// (POST /initiative-invitation/{id})
+func (s *Server) ClaimInitiativeInvitation(ctx context.Context, request api.ClaimInitiativeInvitationRequestObject) (api.ClaimInitiativeInvitationResponseObject, error) {
+	userID, err := getUserID(ctx)
+	if err != nil {
+		return nil, err
+	}
+	err = s.DB.Transactional(ctx, func(tx db.Tx) error {
+		ii, err := s.DB.InitiativeInvitation(tx, pacta.InitiativeInvitationID(request.Id))
+		if err != nil {
+			return fmt.Errorf("looking up initiative invite: %w", err)
+		}
+		if !ii.UsedAt.IsZero() || ii.UsedBy != nil {
+			if ii.UsedBy != nil && ii.UsedBy.ID == userID {
+				// We don't return an error if the same user tries to claim the same invitation twice,
+				// which might happen by accident, but wouldn't impact the state of the initiative memberships.
+				// We may want to log this, though.
+				return nil
+			} else {
+				return fmt.Errorf("initiative is already used: %+v", ii)
+			}
+		}
+		err = s.DB.UpdateInitiativeInvitation(tx, ii.ID,
+			db.SetInitiativeInvitationUsedAt(time.Now()),
+			db.SetInitiativeInvitationUsedBy(userID))
+		if err != nil {
+			return fmt.Errorf("updating initiative invite: %w", err)
+		}
+		err = s.DB.UpdateInitiativeUserRelationship(tx, ii.Initiative.ID, userID,
+			db.SetInitiativeUserRelationshipMember(true))
+		if err != nil {
+			return fmt.Errorf("creating initiative membership: %w", err)
+		}
+		return nil
+	})
+	if err != nil {
+		return nil, oapierr.Internal("failed to claim initiative invitation", zap.Error(err))
+	}
+	return api.ClaimInitiativeInvitation204Response{}, nil
+}
+
+// Returns all initiative invitations associated with the initiative
+// (GET /initiative/{id}/invitations)
+func (s *Server) ListInitiativeInvitations(ctx context.Context, request api.ListInitiativeInvitationsRequestObject) (api.ListInitiativeInvitationsResponseObject, error) {
+	// TODO(#12) Implement Authorization
+	iis, err := s.DB.InitiativeInvitationsByInitiative(s.DB.NoTxn(ctx), pacta.InitiativeID(request.Id))
+	if err != nil {
+		return nil, oapierr.Internal("failed to list initiative invitations", zap.Error(err))
+	}
+	result, err := dereference(mapAll(iis, conv.InitiativeInvitationToOAPI))
+	if err != nil {
+		return nil, err
+	}
+	return api.ListInitiativeInvitations200JSONResponse(result), nil
+}

cmd/server/pactasrv/initiative_user_relationship.go

@@ -0,0 +1,75 @@
+package pactasrv
+
+import (
+	"context"
+
+	"github.com/RMI/pacta/cmd/server/pactasrv/conv"
+	"github.com/RMI/pacta/db"
+	"github.com/RMI/pacta/oapierr"
+	api "github.com/RMI/pacta/openapi/pacta"
+	"github.com/RMI/pacta/pacta"
+	"go.uber.org/zap"
+)
+
+// Returns all initiative user relationships for the user that the user has access to view
+// (GET /initiative/{id}/user-relationships)
+func (s *Server) ListInitiativeUserRelationshipsByUser(ctx context.Context, request api.ListInitiativeUserRelationshipsByUserRequestObject) (api.ListInitiativeUserRelationshipsByUserResponseObject, error) {
+	// TODO(#12) Implement Authorization
+	iurs, err := s.DB.InitiativeUserRelationshipsByUser(s.DB.NoTxn(ctx), pacta.UserID(request.UserId))
+	if err != nil {
+		return nil, oapierr.Internal("failed to retrieve initiative user relationships by user", zap.Error(err))
+	}
+	result, err := dereference(mapAll(iurs, conv.InitiativeUserRelationshipToOAPI))
+	if err != nil {
+		return nil, err
+	}
+	return api.ListInitiativeUserRelationshipsByUser200JSONResponse(result), nil
+}
+
+// Returns all initiative user relationships for the initiative that the user has access to view
+// (GET /initiative/user-relationships/{id})
+func (s *Server) ListInitiativeUserRelationshipsByInitiative(ctx context.Context, request api.ListInitiativeUserRelationshipsByInitiativeRequestObject) (api.ListInitiativeUserRelationshipsByInitiativeResponseObject, error) {
+	// TODO(#12) Implement Authorization
+	iurs, err := s.DB.InitiativeUserRelationshipsByInitiatives(s.DB.NoTxn(ctx), pacta.InitiativeID(request.InitiativeId))
+	if err != nil {
+		return nil, oapierr.Internal("failed to retrieve initiative user relationships by user", zap.Error(err))
+	}
+	result, err := dereference(mapAll(iurs, conv.InitiativeUserRelationshipToOAPI))
+	if err != nil {
+		return nil, err
+	}
+	return api.ListInitiativeUserRelationshipsByInitiative200JSONResponse(result), nil
+}
+
+// Returns the initiative user relationship from this id, if it exists
+// (GET /initiative/{initiativeId}/user-relationship/{userId})
+func (s *Server) GetInitiativeUserRelationship(ctx context.Context, request api.GetInitiativeUserRelationshipRequestObject) (api.GetInitiativeUserRelationshipResponseObject, error) {
+	// TODO(#12) Implement Authorization
+	iur, err := s.DB.InitiativeUserRelationship(s.DB.NoTxn(ctx), pacta.InitiativeID(request.InitiativeId), pacta.UserID(request.UserId))
+	if err != nil {
+		return nil, oapierr.Internal("failed to retrieve initiative user relationship", zap.Error(err))
+	}
+	result, err := conv.InitiativeUserRelationshipToOAPI(iur)
+	if err != nil {
+		return nil, err
+	}
+	return api.GetInitiativeUserRelationship200JSONResponse(*result), nil
+}
+
+// Updates initiative user relationship properties
+// (PATCH /initiative/{initiativeId}/user-relationship/{userId})
+func (s *Server) UpdateInitiativeUserRelationship(ctx context.Context, request api.UpdateInitiativeUserRelationshipRequestObject) (api.UpdateInitiativeUserRelationshipResponseObject, error) {
+	// TODO(#12) Implement Authorization
+	mutations := []db.UpdateInitiativeUserRelationshipFn{}
+	if request.Body.Manager != nil {
+		mutations = append(mutations, db.SetInitiativeUserRelationshipManager(*request.Body.Manager))
+	}
+	if request.Body.Member != nil {
+		mutations = append(mutations, db.SetInitiativeUserRelationshipMember(*request.Body.Member))
+	}
+	err := s.DB.UpdateInitiativeUserRelationship(s.DB.NoTxn(ctx), pacta.InitiativeID(request.InitiativeId), pacta.UserID(request.UserId), mutations...)
+	if err != nil {
+		return nil, oapierr.Internal("failed to update initiative user relationship", zap.Error(err))
+	}
+	return api.UpdateInitiativeUserRelationship204Response{}, nil
+}