From 0731d52273bb0d4d13a924cabffa874cf77bf039 Mon Sep 17 00:00:00 2001
From: Samuel Lorch <sam@lorch.net>
Date: Thu, 2 Sep 2021 09:27:45 +0200
Subject: [PATCH] improve group support

---
 api/groups.go | 81 ++++++++++++++++++++++++++++++++++++++++++++-------
 1 file changed, 70 insertions(+), 11 deletions(-)

diff --git a/api/groups.go b/api/groups.go
index 5373111..84a9e4c 100644
--- a/api/groups.go
+++ b/api/groups.go
@@ -7,14 +7,30 @@ import (
 
 //Group is a Group
 type Group struct {
-	ID         string `json:"id,omitempty"`
-	Name       string `json:"name,omitempty"`
-	Created    *Time  `json:"created,omitempty"`
-	CreatedBy  string `json:"created_by,omitempty"`
-	Deleted    bool   `json:"deleted,omitempty"`
-	Modified   *Time  `json:"modified,omitempty"`
-	ModifiedBy string `json:"modified_by,omitempty"`
-	GroupUsers []User `json:"groups_users,omitempty"`
+	ID         string            `json:"id,omitempty"`
+	Name       string            `json:"name,omitempty"`
+	Created    *Time             `json:"created,omitempty"`
+	CreatedBy  string            `json:"created_by,omitempty"`
+	Deleted    bool              `json:"deleted,omitempty"`
+	Modified   *Time             `json:"modified,omitempty"`
+	ModifiedBy string            `json:"modified_by,omitempty"`
+	GroupUsers []GroupMembership `json:"groups_users,omitempty"`
+}
+
+type GroupMembership struct {
+	ID      string `json:"id,omitempty"`
+	UserID  string `json:"user_id,omitempty"`
+	GroupID string `json:"group_id,omitempty"`
+	IsAdmin bool   `json:"is_admin,omitempty"`
+	Delete  bool   `json:"delete,omitempty"`
+	User    User   `json:"user,omitempty"`
+	Created *Time  `json:"created,omitempty"`
+}
+
+type GroupUpdate struct {
+	Name         string            `json:"name,omitempty"`
+	GroupChanges []GroupMembership `json:"groups_users,omitempty"`
+	Secrets      []Secret          `json:"secrets,omitempty"`
 }
 
 // GetGroupsOptions are all available query parameters
@@ -29,6 +45,35 @@ type GetGroupsOptions struct {
 	ContainMyGroupUser     bool `url:"contain[my_group_user],omitempty"`
 }
 
+// UpdateGroupDryRunResult is the Result of a Update Group DryRun
+type UpdateGroupDryRunResult struct {
+	DryRun UpdateGroupDryRun `json:"dry-run,omitempty"`
+}
+
+// UpdateGroupDryRun contains the Actual Secrets Needed to update the group
+type UpdateGroupDryRun struct {
+	// for which users the secrets need to be reencrypted
+	SecretsNeeded []UpdateGroupSecretsNeededContainer `json:"SecretsNeeded,omitempty"`
+	// secrets needed to be reencrypted
+	Secrets []GroupSecret `json:"Secrets,omitempty"`
+}
+
+// GroupSecret is a unnessesary container...
+type GroupSecret struct {
+	Secret []Secret `json:"secret,omitempty"`
+}
+
+// UpdateGroupSecretsNeededContainer is a unnessesary container...
+type UpdateGroupSecretsNeededContainer struct {
+	Secret UpdateGroupDryRunSecretsNeeded `json:"Secret,omitempty"`
+}
+
+// UpdateGroupDryRunSecretsNeeded a secret that needs to be reencrypted for a specific user
+type UpdateGroupDryRunSecretsNeeded struct {
+	ResourceID string `json:"resource_id,omitempty"`
+	UserID     string `json:"user_id,omitempty"`
+}
+
 // GetGroups gets all Passbolt Groups
 func (c *Client) GetGroups(ctx context.Context, opts *GetGroupsOptions) ([]Group, error) {
 	msg, err := c.DoCustomRequest(ctx, "GET", "/groups.json", "v2", nil, opts)
@@ -74,12 +119,12 @@ func (c *Client) GetGroup(ctx context.Context, groupID string) (*Group, error) {
 }
 
 // UpdateGroup Updates a existing Passbolt Group
-func (c *Client) UpdateGroup(ctx context.Context, groupID string, group Group) (*Group, error) {
-	msg, err := c.DoCustomRequest(ctx, "PUT", "/groups/"+groupID+".json", "v2", group, nil)
+func (c *Client) UpdateGroup(ctx context.Context, groupID string, update GroupUpdate) (*Group, error) {
+	msg, err := c.DoCustomRequest(ctx, "PUT", "/groups/"+groupID+".json", "v2", update, nil)
 	if err != nil {
 		return nil, err
 	}
-
+	var group Group
 	err = json.Unmarshal(msg.Body, &group)
 	if err != nil {
 		return nil, err
@@ -87,6 +132,20 @@ func (c *Client) UpdateGroup(ctx context.Context, groupID string, group Group) (
 	return &group, nil
 }
 
+// UpdateGroupDryRun Checks that a Passbolt Group update passes validation
+func (c *Client) UpdateGroupDryRun(ctx context.Context, groupID string, update GroupUpdate) (*UpdateGroupDryRunResult, error) {
+	msg, err := c.DoCustomRequest(ctx, "PUT", "/groups/"+groupID+"/dry-run.json", "v2", update, nil)
+	if err != nil {
+		return nil, err
+	}
+	var result UpdateGroupDryRunResult
+	err = json.Unmarshal(msg.Body, &result)
+	if err != nil {
+		return nil, err
+	}
+	return &result, nil
+}
+
 // DeleteGroup Deletes a Passbolt Group
 func (c *Client) DeleteGroup(ctx context.Context, groupID string) error {
 	_, err := c.DoCustomRequest(ctx, "DELETE", "/groups/"+groupID+".json", "v2", nil, nil)