Rename zed-server to collab

Over time, I think we may end up having multiple services, so it seems like a good opportunity to name this one more specifically while the cost is low. It just seems like naming it "zed" and "zed-server" leaves it a bit open ended.
2022-04-09 08:30:42 -06:00 · 2022-04-09 08:30:42 -06:00 · ab8204368c
commit ab8204368c
parent 17195e615e
124 changed files with 71 additions and 113 deletions
--- a/crates/collab/src/api.rs
+++ b/crates/collab/src/api.rs
@ -0,0 +1,179 @@
+use crate::{auth, db::UserId, AppState, Request, RequestExt as _};
+use async_trait::async_trait;
+use serde::Deserialize;
+use serde_json::json;
+use std::sync::Arc;
+use surf::StatusCode;
+
+pub fn add_routes(app: &mut tide::Server<Arc<AppState>>) {
+    app.at("/users").get(get_users);
+    app.at("/users").post(create_user);
+    app.at("/users/:id").put(update_user);
+    app.at("/users/:id").delete(destroy_user);
+    app.at("/users/:github_login").get(get_user);
+    app.at("/users/:github_login/access_tokens")
+        .post(create_access_token);
+}
+
+async fn get_user(request: Request) -> tide::Result {
+    request.require_token().await?;
+
+    let user = request
+        .db()
+        .get_user_by_github_login(request.param("github_login")?)
+        .await?
+        .ok_or_else(|| surf::Error::from_str(404, "user not found"))?;
+
+    Ok(tide::Response::builder(StatusCode::Ok)
+        .body(tide::Body::from_json(&user)?)
+        .build())
+}
+
+async fn get_users(request: Request) -> tide::Result {
+    request.require_token().await?;
+
+    let users = request.db().get_all_users().await?;
+
+    Ok(tide::Response::builder(StatusCode::Ok)
+        .body(tide::Body::from_json(&users)?)
+        .build())
+}
+
+async fn create_user(mut request: Request) -> tide::Result {
+    request.require_token().await?;
+
+    #[derive(Deserialize)]
+    struct Params {
+        github_login: String,
+        admin: bool,
+    }
+    let params = request.body_json::<Params>().await?;
+
+    let user_id = request
+        .db()
+        .create_user(&params.github_login, params.admin)
+        .await?;
+
+    let user = request.db().get_user_by_id(user_id).await?.ok_or_else(|| {
+        surf::Error::from_str(
+            StatusCode::InternalServerError,
+            "couldn't find the user we just created",
+        )
+    })?;
+
+    Ok(tide::Response::builder(StatusCode::Ok)
+        .body(tide::Body::from_json(&user)?)
+        .build())
+}
+
+async fn update_user(mut request: Request) -> tide::Result {
+    request.require_token().await?;
+
+    #[derive(Deserialize)]
+    struct Params {
+        admin: bool,
+    }
+    let user_id = UserId(
+        request
+            .param("id")?
+            .parse::<i32>()
+            .map_err(|error| surf::Error::from_str(StatusCode::BadRequest, error.to_string()))?,
+    );
+    let params = request.body_json::<Params>().await?;
+
+    request
+        .db()
+        .set_user_is_admin(user_id, params.admin)
+        .await?;
+
+    Ok(tide::Response::builder(StatusCode::Ok).build())
+}
+
+async fn destroy_user(request: Request) -> tide::Result {
+    request.require_token().await?;
+    let user_id = UserId(
+        request
+            .param("id")?
+            .parse::<i32>()
+            .map_err(|error| surf::Error::from_str(StatusCode::BadRequest, error.to_string()))?,
+    );
+
+    request.db().destroy_user(user_id).await?;
+
+    Ok(tide::Response::builder(StatusCode::Ok).build())
+}
+
+async fn create_access_token(request: Request) -> tide::Result {
+    request.require_token().await?;
+
+    let user = request
+        .db()
+        .get_user_by_github_login(request.param("github_login")?)
+        .await?
+        .ok_or_else(|| surf::Error::from_str(StatusCode::NotFound, "user not found"))?;
+
+    #[derive(Deserialize)]
+    struct QueryParams {
+        public_key: String,
+        impersonate: Option<String>,
+    }
+
+    let query_params: QueryParams = request.query().map_err(|_| {
+        surf::Error::from_str(StatusCode::UnprocessableEntity, "invalid query params")
+    })?;
+
+    let mut user_id = user.id;
+    if let Some(impersonate) = query_params.impersonate {
+        if user.admin {
+            if let Some(impersonated_user) =
+                request.db().get_user_by_github_login(&impersonate).await?
+            {
+                user_id = impersonated_user.id;
+            } else {
+                return Ok(tide::Response::builder(StatusCode::UnprocessableEntity)
+                    .body(format!(
+                        "Can't impersonate non-existent user {}",
+                        impersonate
+                    ))
+                    .build());
+            }
+        } else {
+            return Ok(tide::Response::builder(StatusCode::Unauthorized)
+                .body(format!(
+                    "Can't impersonate user {} because the real user isn't an admin",
+                    impersonate
+                ))
+                .build());
+        }
+    }
+
+    let access_token = auth::create_access_token(request.db().as_ref(), user_id).await?;
+    let encrypted_access_token =
+        auth::encrypt_access_token(&access_token, query_params.public_key.clone())?;
+
+    Ok(tide::Response::builder(StatusCode::Ok)
+        .body(json!({"user_id": user_id, "encrypted_access_token": encrypted_access_token}))
+        .build())
+}
+
+#[async_trait]
+pub trait RequestExt {
+    async fn require_token(&self) -> tide::Result<()>;
+}
+
+#[async_trait]
+impl RequestExt for Request {
+    async fn require_token(&self) -> tide::Result<()> {
+        let token = self
+            .header("Authorization")
+            .and_then(|header| header.get(0))
+            .and_then(|header| header.as_str().strip_prefix("token "))
+            .ok_or_else(|| surf::Error::from_str(403, "invalid authorization header"))?;
+
+        if token == self.state().config.api_token {
+            Ok(())
+        } else {
+            Err(tide::Error::from_str(403, "invalid authorization token"))
+        }
+    }
+}