`f7ddf11`

S31: team web surface — list, view, create, members, repo grants

Authored by

espadonne 4 days ago

SHA: f7ddf118c8c264fa3fa0b78b7ee37506d00691d8
Parents: 41454b8
Tree: 438c45d

5 changed files

Status	File	+
M	`internal/web/handlers/orgs/orgs.go`	1
A	`internal/web/handlers/orgs/teams.go`	307
M	`internal/web/templates/orgs/profile.html`	1
A	`internal/web/templates/orgs/team_view.html`	102
A	`internal/web/templates/orgs/teams_list.html`	47

internal/web/handlers/orgs/orgs.gomodified

  	r.Post("/{org}/people/invite", h.invite)
  	r.Post("/{org}/people/{userID}/role", h.changeRole)
  	r.Post("/{org}/people/{userID}/remove", h.removeMember)
 +	h.MountTeams(r)
+ }
  // MountInvitations registers /invitations/{token}* — accept/decline.

internal/web/handlers/orgs/teams.goadded

 +// SPDX-License-Identifier: AGPL-3.0-or-later
++
 +package orgs
++
 +import (
 +	"errors"
 +	"net/http"
 +	"strconv"
 +	"strings"
++
 +	"github.com/go-chi/chi/v5"
 +	"github.com/jackc/pgx/v5"
++
 +	"github.com/tenseleyFlow/shithub/internal/orgs"
 +	orgsdb "github.com/tenseleyFlow/shithub/internal/orgs/sqlc"
 +	"github.com/tenseleyFlow/shithub/internal/web/middleware"
 +)
++
 +// MountTeams registers the per-org team surface. Read paths are
 +// public-but-filtered (secret teams hidden from non-members);
 +// mutations are owner-gated inside each handler.
 +func (h *Handlers) MountTeams(r chi.Router) {
 +	r.Get("/{org}/teams", h.teamsList)
 +	r.Post("/{org}/teams", h.teamCreate)
 +	r.Get("/{org}/teams/{teamSlug}", h.teamView)
 +	r.Post("/{org}/teams/{teamSlug}/members", h.teamMemberAddRemove)
 +	r.Post("/{org}/teams/{teamSlug}/repos", h.teamRepoGrant)
 +}
++
 +// teamsList renders /{org}/teams. Filters secret teams out for
 +// non-members + non-owners.
 +func (h *Handlers) teamsList(w http.ResponseWriter, r *http.Request) {
 +	org, ok := h.orgFromSlug(w, r)
 +	if !ok {
 +		return
 +	}
 +	viewer := middleware.CurrentUserFromContext(r.Context())
 +	all, err := orgsdb.New().ListTeamsForOrg(r.Context(), h.d.Pool, org.ID)
 +	if err != nil {
 +		h.d.Logger.ErrorContext(r.Context(), "teams: list", "error", err)
 +		h.d.Render.HTTPError(w, r, http.StatusInternalServerError, "")
 +		return
 +	}
 +	visible := h.filterSecretTeams(r, all, org.ID, viewer)
 +	isOwner := false
 +	if !viewer.IsAnonymous() {
 +		isOwner, _ = orgs.IsOwner(r.Context(), h.deps(), org.ID, viewer.ID)
 +	}
 +	_ = h.d.Render.RenderPage(w, r, "orgs/teams_list", map[string]any{
 +		"Title":     org.Slug + " · teams",
 +		"CSRFToken": middleware.CSRFTokenForRequest(r),
 +		"Org":       org,
 +		"Teams":     visible,
 +		"IsOwner":   isOwner,
 +	})
 +}
++
 +// teamCreate handles POST /{org}/teams. Owner-only.
 +func (h *Handlers) teamCreate(w http.ResponseWriter, r *http.Request) {
 +	org, ok := h.orgFromSlug(w, r)
 +	if !ok {
 +		return
 +	}
 +	viewer := middleware.CurrentUserFromContext(r.Context())
 +	if !h.requireOrgOwner(w, r, org.ID, viewer) {
 +		return
 +	}
 +	if err := r.ParseForm(); err != nil {
 +		h.d.Render.HTTPError(w, r, http.StatusBadRequest, "")
 +		return
 +	}
 +	parentID, _ := strconv.ParseInt(strings.TrimSpace(r.PostFormValue("parent_team_id")), 10, 64)
 +	_, err := orgs.CreateTeam(r.Context(), h.deps(), orgs.CreateTeamParams{
 +		OrgID:           org.ID,
 +		Slug:            strings.TrimSpace(r.PostFormValue("slug")),
 +		DisplayName:     strings.TrimSpace(r.PostFormValue("display_name")),
 +		Description:     strings.TrimSpace(r.PostFormValue("description")),
 +		ParentTeamID:    parentID,
 +		Privacy:         strings.TrimSpace(r.PostFormValue("privacy")),
 +		CreatedByUserID: viewer.ID,
 +	})
 +	if err != nil {
 +		h.d.Logger.WarnContext(r.Context(), "teams: create",
 +			"org", org.Slug, "error", err)
 +	}
 +	http.Redirect(w, r, "/"+string(org.Slug)+"/teams", http.StatusSeeOther)
 +}
++
 +// teamView renders /{org}/teams/{teamSlug}. Members + repo access.
 +// Secret teams 404 for non-members + non-owners.
 +func (h *Handlers) teamView(w http.ResponseWriter, r *http.Request) {
 +	org, ok := h.orgFromSlug(w, r)
 +	if !ok {
 +		return
 +	}
 +	team, ok := h.teamFromSlug(w, r, org.ID)
 +	if !ok {
 +		return
 +	}
 +	viewer := middleware.CurrentUserFromContext(r.Context())
 +	if !h.canSeeTeam(r, team, viewer) {
 +		h.d.Render.HTTPError(w, r, http.StatusNotFound, "")
 +		return
 +	}
 +	q := orgsdb.New()
 +	members, _ := q.ListTeamMembers(r.Context(), h.d.Pool, team.ID)
 +	repos, _ := q.ListTeamRepoAccess(r.Context(), h.d.Pool, team.ID)
 +	isOwner := false
 +	if !viewer.IsAnonymous() {
 +		isOwner, _ = orgs.IsOwner(r.Context(), h.deps(), org.ID, viewer.ID)
 +	}
 +	_ = h.d.Render.RenderPage(w, r, "orgs/team_view", map[string]any{
 +		"Title":     string(org.Slug) + "/" + string(team.Slug),
 +		"CSRFToken": middleware.CSRFTokenForRequest(r),
 +		"Org":       org,
 +		"Team":      team,
 +		"Members":   members,
 +		"Repos":     repos,
 +		"IsOwner":   isOwner,
 +	})
 +}
++
 +// teamMemberAddRemove handles POST .../members. Form action=add|remove.
 +// Both branches are owner-only; the orchestrator keeps idempotency.
 +func (h *Handlers) teamMemberAddRemove(w http.ResponseWriter, r *http.Request) {
 +	org, ok := h.orgFromSlug(w, r)
 +	if !ok {
 +		return
 +	}
 +	team, ok := h.teamFromSlug(w, r, org.ID)
 +	if !ok {
 +		return
 +	}
 +	viewer := middleware.CurrentUserFromContext(r.Context())
 +	if !h.requireOrgOwner(w, r, org.ID, viewer) {
 +		return
 +	}
 +	if err := r.ParseForm(); err != nil {
 +		h.d.Render.HTTPError(w, r, http.StatusBadRequest, "")
 +		return
 +	}
 +	username := strings.ToLower(strings.TrimSpace(r.PostFormValue("username")))
 +	action := r.PostFormValue("action")
 +	if username == "" {
 +		http.Redirect(w, r, h.teamPath(org, team), http.StatusSeeOther)
 +		return
 +	}
 +	uid, ok := h.userIDByUsername(r, username)
 +	if !ok {
 +		http.Redirect(w, r, h.teamPath(org, team), http.StatusSeeOther)
 +		return
 +	}
 +	switch action {
 +	case "remove":
 +		_ = orgs.RemoveTeamMember(r.Context(), h.deps(), team.ID, uid)
 +	default:
 +		role := r.PostFormValue("role")
 +		_ = orgs.AddTeamMember(r.Context(), h.deps(), team.ID, uid, viewer.ID, role)
 +	}
 +	http.Redirect(w, r, h.teamPath(org, team), http.StatusSeeOther)
 +}
++
 +// teamRepoGrant handles POST .../repos. Form expects repo_id + role,
 +// or repo_id + action=remove. Owner-only.
 +func (h *Handlers) teamRepoGrant(w http.ResponseWriter, r *http.Request) {
 +	org, ok := h.orgFromSlug(w, r)
 +	if !ok {
 +		return
 +	}
 +	team, ok := h.teamFromSlug(w, r, org.ID)
 +	if !ok {
 +		return
 +	}
 +	viewer := middleware.CurrentUserFromContext(r.Context())
 +	if !h.requireOrgOwner(w, r, org.ID, viewer) {
 +		return
 +	}
 +	if err := r.ParseForm(); err != nil {
 +		h.d.Render.HTTPError(w, r, http.StatusBadRequest, "")
 +		return
 +	}
 +	repoID, err := strconv.ParseInt(r.PostFormValue("repo_id"), 10, 64)
 +	if err != nil || repoID == 0 {
 +		h.d.Render.HTTPError(w, r, http.StatusBadRequest, "")
 +		return
 +	}
 +	if r.PostFormValue("action") == "remove" {
 +		_ = orgs.RevokeTeamRepoAccess(r.Context(), h.deps(), team.ID, repoID)
 +	} else {
 +		_ = orgs.GrantTeamRepoAccess(r.Context(), h.deps(), team.ID, repoID, viewer.ID,
 +			r.PostFormValue("role"))
 +	}
 +	http.Redirect(w, r, h.teamPath(org, team), http.StatusSeeOther)
 +}
++
 +// ─── small helpers ─────────────────────────────────────────────────
++
 +func (h *Handlers) teamFromSlug(w http.ResponseWriter, r *http.Request, orgID int64) (orgsdb.Team, bool) {
 +	slug := chi.URLParam(r, "teamSlug")
 +	row, err := orgsdb.New().GetTeamByOrgAndSlug(r.Context(), h.d.Pool, orgsdb.GetTeamByOrgAndSlugParams{
 +		OrgID: orgID, Slug: slug,
 +	})
 +	if err != nil {
 +		h.d.Render.HTTPError(w, r, http.StatusNotFound, "")
 +		return orgsdb.Team{}, false
 +	}
 +	return row, true
 +}
++
 +func (h *Handlers) requireOrgOwner(w http.ResponseWriter, r *http.Request, orgID int64, viewer middleware.CurrentUser) bool {
 +	if viewer.IsAnonymous() {
 +		http.Redirect(w, r, "/login?next="+r.URL.Path, http.StatusSeeOther)
 +		return false
 +	}
 +	owner, _ := orgs.IsOwner(r.Context(), h.deps(), orgID, viewer.ID)
 +	if !owner {
 +		h.d.Render.HTTPError(w, r, http.StatusForbidden, "")
 +		return false
 +	}
 +	return true
 +}
++
 +func (h *Handlers) userIDByUsername(r *http.Request, username string) (int64, bool) {
 +	var id int64
 +	err := h.d.Pool.QueryRow(r.Context(),
 +		`SELECT id FROM users WHERE username = $1 AND deleted_at IS NULL`,
 +		username,
 +	).Scan(&id)
 +	if err != nil {
 +		return 0, false
 +	}
 +	return id, true
 +}
++
 +// canSeeTeam decides whether the viewer is allowed to see a team's
 +// members + repos. Visible teams are public to all org members and
 +// their basic info is public to everyone; secret teams are private
 +// to (team members ∪ org owners). For simplicity the page-render
 +// check requires ANY membership/owner; the list page does the same
 +// filter when assembling the visible set.
 +func (h *Handlers) canSeeTeam(r *http.Request, team orgsdb.Team, viewer middleware.CurrentUser) bool {
 +	if team.Privacy == orgsdb.TeamPrivacyVisible {
 +		return true
 +	}
 +	if viewer.IsAnonymous() {
 +		return false
 +	}
 +	// Org owner sees all.
 +	if owner, _ := orgs.IsOwner(r.Context(), h.deps(), team.OrgID, viewer.ID); owner {
 +		return true
 +	}
 +	// Team member?
 +	_, err := orgsdb.New().ListTeamMembers(r.Context(), h.d.Pool, team.ID)
 +	if err != nil {
 +		return false
 +	}
 +	var member bool
 +	_ = h.d.Pool.QueryRow(r.Context(),
 +		`SELECT EXISTS(SELECT 1 FROM team_members WHERE team_id = $1 AND user_id = $2)`,
 +		team.ID, viewer.ID,
 +	).Scan(&member)
 +	return member
 +}
++
 +// filterSecretTeams strips secret teams the viewer can't see.
 +func (h *Handlers) filterSecretTeams(r *http.Request, all []orgsdb.Team, orgID int64, viewer middleware.CurrentUser) []orgsdb.Team {
 +	if len(all) == 0 {
 +		return all
 +	}
 +	out := make([]orgsdb.Team, 0, len(all))
 +	isOwner := false
 +	if !viewer.IsAnonymous() {
 +		isOwner, _ = orgs.IsOwner(r.Context(), h.deps(), orgID, viewer.ID)
 +	}
 +	for _, t := range all {
 +		if t.Privacy == orgsdb.TeamPrivacyVisible || isOwner {
 +			out = append(out, t)
 +			continue
 +		}
 +		// Secret + non-owner: only show when the viewer is a member.
 +		if viewer.IsAnonymous() {
 +			continue
 +		}
 +		var member bool
 +		err := h.d.Pool.QueryRow(r.Context(),
 +			`SELECT EXISTS(SELECT 1 FROM team_members WHERE team_id = $1 AND user_id = $2)`,
 +			t.ID, viewer.ID,
 +		).Scan(&member)
 +		if err == nil && member {
 +			out = append(out, t)
 +		}
 +	}
 +	return out
 +}
++
 +func (h *Handlers) teamPath(org orgsdb.Org, team orgsdb.Team) string {
 +	return "/" + string(org.Slug) + "/teams/" + string(team.Slug)
 +}
++
 +// ensure pgx is referenced when the rest of the file's imports
 +// settle (avoids a "imported and not used" if a future refactor
 +// drops the only inline pgx use).
 +var _ = pgx.ErrNoRows
++
 +// errTeamNotFound is reserved for the future; surfaced via
 +// orgs.ErrTeamNotFound when needed.
 +var _ = errors.New

internal/web/templates/orgs/profile.htmlmodified

      {{ if .Org.Description }}<p>{{ .Org.Description }}</p>{{ end }}
      <nav class="shithub-org-tabs">
        <a href="/{{ .Org.Slug }}/people">People ({{ .MemberCount }})</a>
 +      <a href="/{{ .Org.Slug }}/teams">Teams</a>
        {{ if .IsOwner }}<a href="/{{ .Org.Slug }}/settings/profile">Settings</a>{{ end }}
      </nav>
    </header>

internal/web/templates/orgs/team_view.htmladded

 +{{ define "page" -}}
 +<section class="shithub-org-team">
 +  <header class="shithub-org-profile-head">
 +    <h1>{{ .Org.DisplayName }} / {{ .Team.Slug }}</h1>
 +    <p class="shithub-meta">
 +      <a href="/{{ .Org.Slug }}/teams">← teams</a>
 +      {{ if eq (printf "%s" .Team.Privacy) "secret" }}<span class="shithub-pill shithub-pill-private">secret</span>{{ end }}
 +    </p>
 +    {{ if .Team.Description }}<p>{{ .Team.Description }}</p>{{ end }}
 +  </header>
++
 +  {{ if .IsOwner }}
 +  <section class="shithub-org-invite">
 +    <h2>Add member</h2>
 +    <form method="POST" action="/{{ .Org.Slug }}/teams/{{ .Team.Slug }}/members">
 +      <input type="hidden" name="csrf_token" value="{{ .CSRFToken }}">
 +      <label><span>Username</span><input type="text" name="username" required></label>
 +      <label><span>Role</span>
 +        <select name="role">
 +          <option value="member" selected>Member</option>
 +          <option value="maintainer">Maintainer</option>
 +        </select>
 +      </label>
 +      <button type="submit" class="shithub-button shithub-button-primary">Add</button>
 +    </form>
++
 +    <h2>Grant repo access</h2>
 +    <form method="POST" action="/{{ .Org.Slug }}/teams/{{ .Team.Slug }}/repos">
 +      <input type="hidden" name="csrf_token" value="{{ .CSRFToken }}">
 +      <label><span>Repo ID</span><input type="number" name="repo_id" required min="1"></label>
 +      <label><span>Role</span>
 +        <select name="role">
 +          <option value="read">Read</option>
 +          <option value="triage">Triage</option>
 +          <option value="write" selected>Write</option>
 +          <option value="maintain">Maintain</option>
 +          <option value="admin">Admin</option>
 +        </select>
 +      </label>
 +      <button type="submit" class="shithub-button shithub-button-primary">Grant</button>
 +    </form>
 +  </section>
 +  {{ end }}
++
 +  <section class="shithub-org-members">
 +    <h2>Members ({{ len .Members }})</h2>
 +    <table class="shithub-table">
 +      <thead><tr><th>User</th><th>Team role</th><th>Joined</th>{{ if .IsOwner }}<th></th>{{ end }}</tr></thead>
 +      <tbody>
 +        {{ range .Members }}
 +        <tr>
 +          <td><a href="/{{ .Username }}">@{{ .Username }}</a></td>
 +          <td>{{ .Role }}</td>
 +          <td>{{ relativeTime .AddedAt.Time }}</td>
 +          {{ if $.IsOwner }}
 +          <td>
 +            <form method="POST" action="/{{ $.Org.Slug }}/teams/{{ $.Team.Slug }}/members" style="display:inline">
 +              <input type="hidden" name="csrf_token" value="{{ $.CSRFToken }}">
 +              <input type="hidden" name="username" value="{{ .Username }}">
 +              <input type="hidden" name="action" value="remove">
 +              <button type="submit" class="shithub-button">Remove</button>
 +            </form>
 +          </td>
 +          {{ end }}
 +        </tr>
 +        {{ end }}
 +      </tbody>
 +    </table>
 +  </section>
++
 +  <section class="shithub-org-members">
 +    <h2>Repo access ({{ len .Repos }})</h2>
 +    {{ if .Repos }}
 +    <table class="shithub-table">
 +      <thead><tr><th>Repo</th><th>Role</th>{{ if .IsOwner }}<th></th>{{ end }}</tr></thead>
 +      <tbody>
 +        {{ range .Repos }}
 +        <tr>
 +          <td><a href="/{{ $.Org.Slug }}/{{ .RepoName }}">{{ $.Org.Slug }}/{{ .RepoName }}</a>
 +            {{ if eq .Visibility "private" }}<span class="shithub-pill shithub-pill-private">private</span>{{ end }}
 +          </td>
 +          <td>{{ .Role }}</td>
 +          {{ if $.IsOwner }}
 +          <td>
 +            <form method="POST" action="/{{ $.Org.Slug }}/teams/{{ $.Team.Slug }}/repos" style="display:inline">
 +              <input type="hidden" name="csrf_token" value="{{ $.CSRFToken }}">
 +              <input type="hidden" name="repo_id" value="{{ .RepoID }}">
 +              <input type="hidden" name="action" value="remove">
 +              <button type="submit" class="shithub-button">Revoke</button>
 +            </form>
 +          </td>
 +          {{ end }}
 +        </tr>
 +        {{ end }}
 +      </tbody>
 +    </table>
 +    {{ else }}
 +    <p class="shithub-empty">No repos granted to this team.</p>
 +    {{ end }}
 +  </section>
 +</section>
 +{{- end }}

internal/web/templates/orgs/teams_list.htmladded

 +{{ define "page" -}}
 +<section class="shithub-org-teams">
 +  <header class="shithub-org-profile-head">
 +    <h1>{{ .Org.DisplayName }} · Teams</h1>
 +    <p class="shithub-meta">@{{ .Org.Slug }}</p>
 +  </header>
++
 +  {{ if .IsOwner }}
 +  <section class="shithub-org-invite">
 +    <h2>New team</h2>
 +    <form method="POST" action="/{{ .Org.Slug }}/teams">
 +      <input type="hidden" name="csrf_token" value="{{ .CSRFToken }}">
 +      <label><span>Slug</span><input type="text" name="slug" required pattern="[a-z0-9](?:[a-z0-9._-]{0,48}[a-z0-9])?"></label>
 +      <label><span>Display name</span><input type="text" name="display_name"></label>
 +      <label><span>Description</span><input type="text" name="description"></label>
 +      <label><span>Privacy</span>
 +        <select name="privacy">
 +          <option value="visible">Visible</option>
 +          <option value="secret">Secret</option>
 +        </select>
 +      </label>
 +      <button type="submit" class="shithub-button shithub-button-primary">Create team</button>
 +    </form>
 +  </section>
 +  {{ end }}
++
 +  <section class="shithub-org-members">
 +    <h2>Teams ({{ len .Teams }})</h2>
 +    {{ if .Teams }}
 +    <ul class="shithub-repo-list">
 +      {{ range .Teams }}
 +      <li class="shithub-repo-list-row">
 +        <h3 class="shithub-repo-list-name">
 +          <a href="/{{ $.Org.Slug }}/teams/{{ .Slug }}">{{ .Slug }}</a>
 +          {{ if eq (printf "%s" .Privacy) "secret" }}<span class="shithub-pill shithub-pill-private">secret</span>{{ end }}
 +          {{ if .ParentTeamID.Valid }}<small class="shithub-meta">child team</small>{{ end }}
 +        </h3>
 +        {{ if .Description }}<p class="shithub-meta">{{ .Description }}</p>{{ end }}
 +      </li>
 +      {{ end }}
 +    </ul>
 +    {{ else }}
 +    <p class="shithub-empty">No teams yet.</p>
 +    {{ end }}
 +  </section>
 +</section>
 +{{- end }}