package calendar import ( "errors" "log/slog" "net/http" "strings" "github.com/go-chi/chi/v5" "github.com/ultisuite/ulti-backend/internal/api/apiresponse" "github.com/ultisuite/ulti-backend/internal/api/apivalidate" "github.com/ultisuite/ulti-backend/internal/api/middleware" "github.com/ultisuite/ulti-backend/internal/api/query" meetpkg "github.com/ultisuite/ulti-backend/internal/meet" "github.com/ultisuite/ulti-backend/internal/nextcloud" "github.com/ultisuite/ulti-backend/internal/permission" ) type Handler struct { svc *Service logger *slog.Logger } func NewHandler(nc *nextcloud.Client, meetCfg *meetpkg.Config) *Handler { return &Handler{ svc: NewService(nc, meetCfg), logger: slog.Default().With("component", "calendar-api"), } } func (h *Handler) Routes() chi.Router { r := chi.NewRouter() read := middleware.RequirePermission(permission.ResourceCalendar, permission.LevelRead) write := middleware.RequirePermission(permission.ResourceCalendar, permission.LevelWrite) r.With(read).Get("/", h.ListCalendars) r.With(read).Get("/{calID}/events", h.ListEvents) r.With(read).Post("/freebusy", h.FreeBusy) r.With(write).Post("/{calID}/events", h.CreateEvent) r.With(write).Put("/events/*", h.UpdateEvent) r.With(write).Post("/events/response/*", h.RespondToInvitation) r.With(write).Post("/events/meet-link/*", h.CreateMeetLink) r.With(write).Delete("/events/*", h.DeleteEvent) return r } func (h *Handler) ListCalendars(w http.ResponseWriter, r *http.Request) { claims := middleware.ClaimsFromContext(r.Context()) cals, err := h.svc.ListCalendars(r.Context(), claims.Sub) if err != nil { h.logger.Error("list calendars", "error", err) apivalidate.WriteInternal(w, r) return } apiresponse.WriteJSON(w, http.StatusOK, map[string]any{"calendars": cals}) } func (h *Handler) ListEvents(w http.ResponseWriter, r *http.Request) { claims := middleware.ClaimsFromContext(r.Context()) params, err := query.ParseListRequest(r) if err != nil { apivalidate.WriteQueryError(w, r, err) return } result, err := h.svc.ListEvents(r.Context(), claims.Sub, chi.URLParam(r, "calID"), params) if err != nil { h.logger.Error("list events", "error", err) apivalidate.WriteInternal(w, r) return } apiresponse.WriteJSON(w, http.StatusOK, result) } func (h *Handler) FreeBusy(w http.ResponseWriter, r *http.Request) { claims := middleware.ClaimsFromContext(r.Context()) var req freeBusyRequest if err := apivalidate.DecodeJSON(w, r, maxRequestBody, &req); err != nil { return } ncReq, verr := validateFreeBusy(&req) if verr != nil { apivalidate.WriteValidationError(w, r, verr) return } result, err := h.svc.FreeBusy(r.Context(), claims.Sub, ncReq) if err != nil { h.logger.Error("free/busy", "error", err) apivalidate.WriteInternal(w, r) return } apiresponse.WriteJSON(w, http.StatusOK, result) } func (h *Handler) CreateEvent(w http.ResponseWriter, r *http.Request) { claims := middleware.ClaimsFromContext(r.Context()) var event nextcloud.Event if err := apivalidate.DecodeJSON(w, r, maxRequestBody, &event); err != nil { return } if verr := validateCreateEvent(&event); verr != nil { apivalidate.WriteValidationError(w, r, verr) return } if err := h.svc.CreateEvent(r.Context(), claims.Sub, chi.URLParam(r, "calID"), &event); err != nil { h.logger.Error("create event", "error", err) apivalidate.WriteInternal(w, r) return } w.WriteHeader(http.StatusCreated) } func (h *Handler) UpdateEvent(w http.ResponseWriter, r *http.Request) { claims := middleware.ClaimsFromContext(r.Context()) eventPath := strings.TrimSuffix(chi.URLParam(r, "*"), "/") if verr := validateDeletePath(eventPath); verr != nil { apivalidate.WriteValidationError(w, r, verr) return } ifMatch := strings.TrimSpace(r.Header.Get("If-Match")) if ifMatch == "" { apivalidate.WriteValidationError(w, r, apivalidate.NewValidationError(apivalidate.FieldDetail{ Field: "If-Match", Message: "required", })) return } var event nextcloud.Event if err := apivalidate.DecodeJSON(w, r, maxRequestBody, &event); err != nil { return } if verr := validateCreateEvent(&event); verr != nil { apivalidate.WriteValidationError(w, r, verr) return } etag, err := h.svc.UpdateEvent(r.Context(), claims.Sub, eventPath, ifMatch, &event) if err != nil { if errors.Is(err, nextcloud.ErrETagMismatch) { apiresponse.WriteError(w, r, http.StatusPreconditionFailed, "etag_mismatch", "etag does not match current resource version", nil) return } h.logger.Error("update event", "error", err) apivalidate.WriteInternal(w, r) return } apiresponse.WriteJSON(w, http.StatusOK, map[string]any{"etag": etag}) } func (h *Handler) RespondToInvitation(w http.ResponseWriter, r *http.Request) { claims := middleware.ClaimsFromContext(r.Context()) eventPath := strings.TrimSuffix(chi.URLParam(r, "*"), "/") if verr := validateDeletePath(eventPath); verr != nil { apivalidate.WriteValidationError(w, r, verr) return } var req respondInvitationRequest if err := apivalidate.DecodeJSON(w, r, maxRequestBody, &req); err != nil { return } if strings.TrimSpace(req.Email) == "" { req.Email = claims.Email } normalized, verr := validateRespondInvitation(&req) if verr != nil { apivalidate.WriteValidationError(w, r, verr) return } etag, err := h.svc.RespondToInvitation(r.Context(), claims.Sub, eventPath, normalized.Email, normalized.Response, normalized.IfMatch) if err != nil { switch { case errors.Is(err, nextcloud.ErrAttendeeNotFound): apiresponse.WriteError(w, r, http.StatusNotFound, "attendee_not_found", "attendee not found in event", nil) case errors.Is(err, nextcloud.ErrETagMismatch): apiresponse.WriteError(w, r, http.StatusPreconditionFailed, "etag_mismatch", "etag does not match current resource version", nil) default: h.logger.Error("respond invitation", "error", err) apivalidate.WriteInternal(w, r) } return } apiresponse.WriteJSON(w, http.StatusOK, map[string]any{"etag": etag}) } func (h *Handler) CreateMeetLink(w http.ResponseWriter, r *http.Request) { claims := middleware.ClaimsFromContext(r.Context()) eventPath := strings.TrimSuffix(chi.URLParam(r, "*"), "/") if verr := validateDeletePath(eventPath); verr != nil { apivalidate.WriteValidationError(w, r, verr) return } var req createMeetLinkRequest if r.ContentLength > 0 { if err := apivalidate.DecodeJSON(w, r, maxRequestBody, &req); err != nil { return } } if verr := validateCreateMeetLink(&req); verr != nil { apivalidate.WriteValidationError(w, r, verr) return } meetURL, etag, err := h.svc.CreateMeetLink(r.Context(), claims.Sub, claims.Name, claims.Email, eventPath, req.IfMatch) if err != nil { if errors.Is(err, ErrMeetDisabled) { apiresponse.WriteError(w, r, http.StatusConflict, "meet_disabled", "meet integration is disabled", nil) return } if errors.Is(err, nextcloud.ErrETagMismatch) { apiresponse.WriteError(w, r, http.StatusPreconditionFailed, "etag_mismatch", "etag does not match current resource version", nil) return } h.logger.Error("create meet link", "error", err) apivalidate.WriteInternal(w, r) return } apiresponse.WriteJSON(w, http.StatusOK, map[string]any{ "meet_url": meetURL, "etag": etag, }) } func (h *Handler) DeleteEvent(w http.ResponseWriter, r *http.Request) { claims := middleware.ClaimsFromContext(r.Context()) eventPath := chi.URLParam(r, "*") if verr := validateDeletePath(eventPath); verr != nil { apivalidate.WriteValidationError(w, r, verr) return } if err := h.svc.DeleteEvent(r.Context(), claims.Sub, eventPath); err != nil { h.logger.Error("delete event", "error", err) apivalidate.WriteInternal(w, r) return } w.WriteHeader(http.StatusNoContent) }