feat: authenticationProviders API endpoints (#1962)

2021-03-26 11:31:07 -07:00
parent 626c94ecea
commit e00a437f2f
19 changed files with 671 additions and 354 deletions
--- a/server/api/authenticationProviders.js
+++ b/server/api/authenticationProviders.js
@ -0,0 +1,85 @@
+// @flow
+import Router from "koa-router";
+import allAuthenticationProviders from "../auth/providers";
+import auth from "../middlewares/authentication";
+import { AuthenticationProvider, Event } from "../models";
+import policy from "../policies";
+import { presentAuthenticationProvider, presentPolicies } from "../presenters";
+
+const router = new Router();
+const { authorize } = policy;
+
+router.post("authenticationProviders.info", auth(), async (ctx) => {
+  const { id } = ctx.body;
+  ctx.assertUuid(id, "id is required");
+
+  const user = ctx.state.user;
+  const authenticationProvider = await AuthenticationProvider.findByPk(id);
+  authorize(user, "read", authenticationProvider);
+
+  ctx.body = {
+    data: presentAuthenticationProvider(authenticationProvider),
+    policies: presentPolicies(user, [authenticationProvider]),
+  };
+});
+
+router.post("authenticationProviders.update", auth(), async (ctx) => {
+  const { id, isEnabled } = ctx.body;
+  ctx.assertUuid(id, "id is required");
+  ctx.assertPresent(isEnabled, "isEnabled is required");
+
+  const user = ctx.state.user;
+  const authenticationProvider = await AuthenticationProvider.findByPk(id);
+  authorize(user, "update", authenticationProvider);
+
+  const enabled = !!isEnabled;
+  if (enabled) {
+    await authenticationProvider.enable();
+  } else {
+    await authenticationProvider.disable();
+  }
+
+  await Event.create({
+    name: "authenticationProviders.update",
+    data: { enabled },
+    modelId: id,
+    teamId: user.teamId,
+    actorId: user.id,
+    ip: ctx.request.ip,
+  });
+
+  ctx.body = {
+    data: presentAuthenticationProvider(authenticationProvider),
+    policies: presentPolicies(user, [authenticationProvider]),
+  };
+});
+
+router.post("authenticationProviders.list", auth(), async (ctx) => {
+  const user = ctx.state.user;
+  authorize(user, "read", user.team);
+
+  const teamAuthenticationProviders = await user.team.getAuthenticationProviders();
+  const otherAuthenticationProviders = allAuthenticationProviders.filter(
+    (p) =>
+      !teamAuthenticationProviders.find((t) => t.name === p.id) &&
+      p.enabled &&
+      // email auth is dealt with separetly right now, although it definitely
+      // wants to be here in the future – we'll need to migrate more data though
+      p.id !== "email"
+  );
+
+  ctx.body = {
+    data: {
+      authenticationProviders: [
+        ...teamAuthenticationProviders.map(presentAuthenticationProvider),
+        ...otherAuthenticationProviders.map((p) => ({
+          name: p.id,
+          isEnabled: false,
+          isConnected: false,
+        })),
+      ],
+    },
+  };
+});
+
+export default router;