NOISSUE - Remove domain prefix for invitation (#2513)

Signed-off-by: nyagamunene <[email protected]>
absmach · Nov 8, 2024 · a5059a7 · a5059a7
1 parent a596afb
commit a5059a7
Show file tree

Hide file tree

Showing 13 changed files with 284 additions and 226 deletions.
diff --git a/api/openapi/invitations.yml b/api/openapi/invitations.yml
@@ -27,16 +27,14 @@ tags:
       url: https://docs.magistrala.abstractmachines.fr/
 
 paths:
-  /{domainID}/invitations:
+  /invitations:
     post:
       operationId: sendInvitation
       tags:
         - Invitations
       summary: Send invitation
       description: |
         Send invitation to user to join domain.
-      parameters:
-        - $ref: "auth.yml#/components/parameters/DomainID"
       requestBody:
         $ref: "#/components/requestBodies/SendInvitationReq"
       security:
@@ -49,7 +47,7 @@ paths:
         "401":
           description: Missing or invalid access token provided.
         "403":
-          description: Unauthorized access to the domain ID.
+          description: Failed to perform authorization over the entity.
         "404":
           description: A non-existent entity request.
         "409":
@@ -74,7 +72,7 @@ paths:
         - $ref: "#/components/parameters/Offset"
         - $ref: "#/components/parameters/UserID"
         - $ref: "#/components/parameters/InvitedBy"
-        - $ref: "auth.yml#/components/parameters/DomainID"
+        - $ref: "#/components/parameters/DomainID"
         - $ref: "#/components/parameters/Relation"
         - $ref: "#/components/parameters/State"
       security:
@@ -89,15 +87,15 @@ paths:
             Missing or invalid access token provided.
             This endpoint is available only for administrators.
         "403":
-          description: Unauthorized access to the domain ID.
+          description: Failed to perform authorization over the entity.
         "404":
           description: A non-existent entity request.
         "422":
           description: Database can't process request.
         "500":
           $ref: "#/components/responses/ServiceError"
 
-  /{domainID}/invitations/accept:
+  /invitations/accept:
     post:
       operationId: acceptInvitation
       summary: Accept invitation
@@ -107,8 +105,8 @@ paths:
         - Invitations
       security:
         - bearerAuth: []
-      parameters:
-        - $ref: "auth.yml#/components/parameters/DomainID"
+      requestBody:
+        $ref: "#/components/requestBodies/AcceptInvitationReq"
       responses:
         "204":
           description: Invitation accepted.
@@ -118,12 +116,10 @@ paths:
           description: Missing or invalid access token provided.
         "404":
           description: A non-existent entity request.
-        "415":
-          description: Missing or invalid content type.
         "500":
           $ref: "#/components/responses/ServiceError"
 
-  /{domainID}/invitations/reject:
+  /invitations/reject:
     post:
       operationId: rejectInvitation
       summary: Reject invitation
@@ -133,8 +129,8 @@ paths:
         - Invitations
       security:
         - bearerAuth: []
-      parameters:
-        - $ref: "auth.yml#/components/parameters/DomainID"
+      requestBody:
+        $ref: "#/components/requestBodies/AcceptInvitationReq"
       responses:
         "204":
           description: Invitation rejected.
@@ -144,12 +140,10 @@ paths:
           description: Missing or invalid access token provided.
         "404":
           description: A non-existent entity request.
-        "415":
-          description: Missing or invalid content type.
         "500":
           $ref: "#/components/responses/ServiceError"
 
-  /{domainID}/invitations/users/{user_id}:
+  /invitations/{user_id}/{domain_id}:
     get:
       operationId: getInvitation
       summary: Retrieves a specific invitation
@@ -159,7 +153,7 @@ paths:
         - Invitations
       parameters:
         - $ref: "#/components/parameters/user_id"
-        - $ref: "auth.yml#/components/parameters/DomainID"
+        - $ref: "#/components/parameters/domain_id"
       security:
         - bearerAuth: []
       responses:
@@ -170,11 +164,9 @@ paths:
         "401":
           description: Missing or invalid access token provided.
         "403":
-          description: Unauthorized access to the domain ID.
+          description: Failed to perform authorization over the entity.
         "404":
           description: A non-existent entity request.
-        "415":
-          description: Missing or invalid content type.
         "422":
           description: Database can't process request.
         "500":
@@ -189,7 +181,7 @@ paths:
         - Invitations
       parameters:
         - $ref: "#/components/parameters/user_id"
-        - $ref: "auth.yml#/components/parameters/DomainID"
+        - $ref: "#/components/parameters/domain_id"
       security:
         - bearerAuth: []
       responses:
@@ -198,13 +190,11 @@ paths:
         "400":
           description: Failed due to malformed JSON.
         "403":
-          description: Unauthorized access to the domain ID.
+          description: Failed to perform authorization over the entity.
         "404":
           description: Failed due to non existing user.
         "401":
           description: Missing or invalid access token provided.
-        "415":
-          description: Missing or invalid content type.
         "500":
           $ref: "#/components/responses/ServiceError"
 
@@ -230,6 +220,11 @@ components:
           format: uuid
           example: bb7edb32-2eac-4aad-aebe-ed96fe073879
           description: User unique identifier.
+        domain_id:
+          type: string
+          format: uuid
+          example: bb7edb32-2eac-4aad-aebe-ed96fe073879
+          description: Domain unique identifier.
         relation:
           type: string
           enum:
@@ -251,6 +246,7 @@ components:
           description: Resend invitation.
       required:
         - user_id
+        - domain_id
         - relation
 
     Invitation:
@@ -406,6 +402,26 @@ components:
       required: true
       example: bb7edb32-2eac-4aad-aebe-ed96fe073879
 
+    DomainID:
+      name: domain_id
+      description: Unique identifier for a domain.
+      in: query
+      schema:
+        type: string
+        format: uuid
+      required: false
+      example: bb7edb32-2eac-4aad-aebe-ed96fe073879
+
+    domain_id:
+      name: domain_id
+      description: Unique identifier for a domain.
+      in: path
+      schema:
+        type: string
+        format: uuid
+      required: true
+      example: bb7edb32-2eac-4aad-aebe-ed96fe073879
+
     InvitedBy:
       name: invited_by
       description: Unique identifier for a user that invited the user.
@@ -458,6 +474,22 @@ components:
           schema:
             $ref: "#/components/schemas/SendInvitationReqObj"
 
+    AcceptInvitationReq:
+      description: JSON-formatted document describing request for accepting invitation
+      required: true
+      content:
+        application/json:
+          schema:
+            type: object
+            properties:
+              domain_id:
+                type: string
+                format: uuid
+                example: bb7edb32-2eac-4aad-aebe-ed96fe073879
+                description: Domain unique identifier.
+            required:
+              - domain_id
+
   responses:
     InvitationRes:
       description: Data retrieved.
@@ -470,6 +502,7 @@ components:
           operationId: deleteInvitation
           parameters:
             user_id: $response.body#/user_id
+            domain_id: $response.body#/domain_id
 
     InvitationPageRes:
       description: Data retrieved.

diff --git a/cli/invitations.go b/cli/invitations.go
@@ -53,7 +53,7 @@ var cmdInvitations = []cobra.Command{
 				Limit:    Limit,
 			}
 			if args[0] == all {
-				l, err := sdk.Invitations(pageMetadata, args[1], args[2])
+				l, err := sdk.Invitations(pageMetadata, args[1])
 				if err != nil {
 					logErrorCmd(*cmd, err)
 					return

diff --git a/cli/invitations_test.go b/cli/invitations_test.go
@@ -113,7 +113,6 @@ func TestGetInvitationCmd(t *testing.T) {
 			desc: "get all invitations successfully",
 			args: []string{
 				all,
-				domain.ID,
 				token,
 			},
 			page: mgsdk.InvitationPage{
@@ -148,7 +147,6 @@ func TestGetInvitationCmd(t *testing.T) {
 			desc: "get all invitations with invalid token",
 			args: []string{
 				all,
-				domain.ID,
 				invalidToken,
 			},
 			logType:       errLog,
@@ -171,7 +169,7 @@ func TestGetInvitationCmd(t *testing.T) {
 	for _, tc := range cases {
 		t.Run(tc.desc, func(t *testing.T) {
 			sdkCall := sdkMock.On("Invitation", tc.args[0], tc.args[1], mock.Anything).Return(tc.inv, tc.sdkErr)
-			sdkCall1 := sdkMock.On("Invitations", mock.Anything, tc.args[1], tc.args[2]).Return(tc.page, tc.sdkErr)
+			sdkCall1 := sdkMock.On("Invitations", mock.Anything, tc.args[1]).Return(tc.page, tc.sdkErr)
 
 			out := executeCommand(t, rootCmd, append([]string{getCmd}, tc.args...)...)
 

diff --git a/invitations/api/endpoint.go b/invitations/api/endpoint.go
@@ -24,15 +24,14 @@ func sendInvitationEndpoint(svc invitations.Service) endpoint.Endpoint {
 		if err := req.validate(); err != nil {
 			return nil, errors.Wrap(apiutil.ErrValidation, err)
 		}
-
 		session, ok := ctx.Value(api.SessionKey).(authn.Session)
 		if !ok {
 			return nil, svcerr.ErrAuthorization
 		}
-
+		session.DomainID = req.DomainID
 		invitation := invitations.Invitation{
 			UserID:   req.UserID,
-			DomainID: session.DomainID,
+			DomainID: req.DomainID,
 			Relation: req.Relation,
 			Resend:   req.Resend,
 		}
@@ -57,8 +56,7 @@ func viewInvitationEndpoint(svc invitations.Service) endpoint.Endpoint {
 		if !ok {
 			return nil, svcerr.ErrAuthorization
 		}
-		req.domainID = session.DomainID
-
+		session.DomainID = req.domainID
 		invitation, err := svc.ViewInvitation(ctx, session, req.userID, req.domainID)
 		if err != nil {
 			return nil, err
@@ -81,8 +79,8 @@ func listInvitationsEndpoint(svc invitations.Service) endpoint.Endpoint {
 		if !ok {
 			return nil, svcerr.ErrAuthorization
 		}
+		session.DomainID = req.DomainID
 
-		req.Page.DomainID = session.DomainID
 		page, err := svc.ListInvitations(ctx, session, req.Page)
 		if err != nil {
 			return nil, err
@@ -105,8 +103,8 @@ func acceptInvitationEndpoint(svc invitations.Service) endpoint.Endpoint {
 		if !ok {
 			return nil, svcerr.ErrAuthorization
 		}
-		req.domainID = session.DomainID
-		if err := svc.AcceptInvitation(ctx, session, req.domainID); err != nil {
+
+		if err := svc.AcceptInvitation(ctx, session, req.DomainID); err != nil {
 			return nil, err
 		}
 
@@ -125,8 +123,8 @@ func rejectInvitationEndpoint(svc invitations.Service) endpoint.Endpoint {
 		if !ok {
 			return nil, svcerr.ErrAuthorization
 		}
-		req.domainID = session.DomainID
-		if err := svc.RejectInvitation(ctx, session, req.domainID); err != nil {
+
+		if err := svc.RejectInvitation(ctx, session, req.DomainID); err != nil {
 			return nil, err
 		}
 
@@ -145,7 +143,8 @@ func deleteInvitationEndpoint(svc invitations.Service) endpoint.Endpoint {
 		if !ok {
 			return nil, svcerr.ErrAuthorization
 		}
-		req.domainID = session.DomainID
+		session.DomainID = req.domainID
+
 		if err := svc.DeleteInvitation(ctx, session, req.userID, req.domainID); err != nil {
 			return nil, err
 		}