feat(authentication): update team RPC (#1395)

* feat(authentication): switch parent team RPC

* fix: address code review feedback

* fix: use prototype TS type instead of hardcoding it

Author: krigol14

libraries/grpc-sdk/src/modules/authentication/index.ts

@@ -115,4 +115,8 @@ export class Authentication extends ConduitModule<typeof AuthenticationDefinitio
       userData: JSON.stringify(userData),
     });
   }
+
+  updateTeam(teamId: string, name?: string, newParentTeamId?: string): Promise<Team> {
+    return this.client!.updateTeam({ teamId, name, newParentTeamId });
+  }
 }

modules/authentication/src/Authentication.ts

@@ -41,6 +41,7 @@ import {
   ValidateAccessTokenResponse_Status,
   InviteUserToTeamRequest,
   InviteUserToTeamResponse,
+  UpdateTeamRequest,
 } from './protoTypes/authentication.js';
 import { Empty } from './protoTypes/google/protobuf/empty.js';
 import { runMigrations } from './migrations/index.js';
@@ -83,6 +84,7 @@ export default class Authentication extends ManagedModule<Config> {
       removeTeamMembers: this.removeTeamMembers.bind(this),
       invitationDelete: this.invitationDelete.bind(this),
       inviteUserToTeam: this.inviteUserToTeam.bind(this),
+      updateTeam: this.updateTeam.bind(this),
     },
   };
   protected metricsSchema = metricsSchema;
@@ -744,6 +746,95 @@ export default class Authentication extends ManagedModule<Config> {
     }
   }
 
+  async updateTeam(
+    call: GrpcRequest<UpdateTeamRequest>,
+    callback: GrpcCallback<GrpcTeam>,
+  ) {
+    const { teamId, name, newParentTeamId } = call.request;
+
+    try {
+      if (!name && !newParentTeamId) {
+        return callback({
+          code: status.INVALID_ARGUMENT,
+          message: 'At least one of name or newParentTeamId must be provided',
+        });
+      }
+
+      const team = await models.Team.getInstance().findOne({ _id: teamId });
+      if (!team) {
+        return callback({ code: status.NOT_FOUND, message: 'Team not found' });
+      }
+
+      const updateFields: { name?: string; parentTeam?: string } = {
+        ...(name && { name }),
+      };
+
+      if (newParentTeamId) {
+        const newParentTeam = await models.Team.getInstance().findOne({
+          _id: newParentTeamId,
+        });
+        if (!newParentTeam) {
+          return callback({
+            code: status.NOT_FOUND,
+            message: 'New parent team not found',
+          });
+        }
+
+        const oldParentTeamId = team.parentTeam;
+
+        if (oldParentTeamId) {
+          try {
+            await this.grpcSdk.authorization!.deleteRelation({
+              subject: 'Team:' + oldParentTeamId,
+              relation: 'owner',
+              resource: 'Team:' + teamId,
+            });
+          } catch (e) {
+            ConduitGrpcSdk.Logger.warn(
+              `Failed to delete old parent relation: ${(e as Error).message}`,
+            );
+          }
+        }
+
+        await this.grpcSdk.authorization!.createRelation({
+          subject: 'Team:' + newParentTeamId,
+          relation: 'owner',
+          resource: 'Team:' + teamId,
+        });
+
+        updateFields.parentTeam = newParentTeamId;
+
+        ConduitGrpcSdk.Logger.info(
+          `Team ${teamId} parent switched from ${
+            oldParentTeamId ?? 'none'
+          } to ${newParentTeamId}`,
+        );
+      }
+
+      const updatedTeam = await models.Team.getInstance().findByIdAndUpdate(
+        teamId,
+        updateFields,
+      );
+
+      if (!updatedTeam) {
+        return callback({ code: status.INTERNAL, message: 'Failed to update team' });
+      }
+
+      if (name) {
+        ConduitGrpcSdk.Logger.info(`Team ${teamId} name updated to ${name}`);
+      }
+
+      return callback(null, {
+        id: updatedTeam._id,
+        name: updatedTeam.name,
+        parentTeam: updatedTeam.parentTeam,
+        isDefault: updatedTeam.isDefault,
+      });
+    } catch (e) {
+      return callback({ code: status.INTERNAL, message: (e as Error).message });
+    }
+  }
+
   protected registerSchemas() {
     const promises = Object.values(models).map(model => {
       const modelInstance = model.getInstance(this.database);

modules/authentication/src/authentication.proto

@@ -124,6 +124,12 @@ message InviteUserToTeamResponse {
   string invitationToken = 1;
 }
 
+message UpdateTeamRequest {
+  string teamId = 1;
+  optional string name = 2;
+  optional string newParentTeamId = 3;
+}
+
 service Authentication {
   rpc UserLogin(UserLoginRequest) returns (UserLoginResponse);
   rpc UserCreate(UserCreateRequest) returns (UserCreateResponse);
@@ -140,4 +146,5 @@ service Authentication {
   rpc ValidateAccessToken(ValidateAccessTokenRequest) returns (ValidateAccessTokenResponse);
   rpc InvitationDelete(InvitationDeleteRequest) returns (InvitationDeleteResponse);
   rpc InviteUserToTeam(InviteUserToTeamRequest) returns (InviteUserToTeamResponse);
+  rpc UpdateTeam(UpdateTeamRequest) returns (Team);
 }