3 files changed, 240 insertions, 0 deletions

diff --git a/src/server/api/endpoints/app/create.ts b/src/server/api/endpoints/app/create.ts
new file mode 100644
index 0000000000..0f688792a7
--- /dev/null
+++ b/src/server/api/endpoints/app/create.ts
@@ -0,0 +1,108 @@
+/**
+ * Module dependencies
+ */
+import rndstr from 'rndstr';
+import $ from 'cafy';
+import App, { isValidNameId, pack } from '../../models/app';
+
+/**
+ * @swagger
+ * /app/create:
+ *   post:
+ *     summary: Create an application
+ *     parameters:
+ *       - $ref: "#/parameters/AccessToken"
+ *       -
+ *         name: name_id
+ *         description: Application unique name
+ *         in: formData
+ *         required: true
+ *         type: string
+ *       -
+ *         name: name
+ *         description: Application name
+ *         in: formData
+ *         required: true
+ *         type: string
+ *       -
+ *         name: description
+ *         description: Application description
+ *         in: formData
+ *         required: true
+ *         type: string
+ *       -
+ *         name: permission
+ *         description: Permissions that application has
+ *         in: formData
+ *         required: true
+ *         type: array
+ *         items:
+ *           type: string
+ *           collectionFormat: csv
+ *       -
+ *         name: callback_url
+ *         description: URL called back after authentication
+ *         in: formData
+ *         required: false
+ *         type: string
+ *
+ *     responses:
+ *       200:
+ *         description: Created application's information
+ *         schema:
+ *           $ref: "#/definitions/Application"
+ *
+ *       default:
+ *         description: Failed
+ *         schema:
+ *           $ref: "#/definitions/Error"
+ */
+
+/**
+ * Create an app
+ *
+ * @param {any} params
+ * @param {any} user
+ * @return {Promise<any>}
+ */
+module.exports = async (params, user) => new Promise(async (res, rej) => {
+	// Get 'name_id' parameter
+	const [nameId, nameIdErr] = $(params.name_id).string().pipe(isValidNameId).$;
+	if (nameIdErr) return rej('invalid name_id param');
+
+	// Get 'name' parameter
+	const [name, nameErr] = $(params.name).string().$;
+	if (nameErr) return rej('invalid name param');
+
+	// Get 'description' parameter
+	const [description, descriptionErr] = $(params.description).string().$;
+	if (descriptionErr) return rej('invalid description param');
+
+	// Get 'permission' parameter
+	const [permission, permissionErr] = $(params.permission).array('string').unique().$;
+	if (permissionErr) return rej('invalid permission param');
+
+	// Get 'callback_url' parameter
+	// TODO: Check it is valid url
+	const [callbackUrl = null, callbackUrlErr] = $(params.callback_url).optional.nullable.string().$;
+	if (callbackUrlErr) return rej('invalid callback_url param');
+
+	// Generate secret
+	const secret = rndstr('a-zA-Z0-9', 32);
+
+	// Create account
+	const app = await App.insert({
+		created_at: new Date(),
+		user_id: user._id,
+		name: name,
+		name_id: nameId,
+		name_id_lower: nameId.toLowerCase(),
+		description: description,
+		permission: permission,
+		callback_url: callbackUrl,
+		secret: secret
+	});
+
+	// Response
+	res(await pack(app));
+});
diff --git a/src/server/api/endpoints/app/name_id/available.ts b/src/server/api/endpoints/app/name_id/available.ts
new file mode 100644
index 0000000000..3d2c710322
--- /dev/null
+++ b/src/server/api/endpoints/app/name_id/available.ts
@@ -0,0 +1,60 @@
+/**
+ * Module dependencies
+ */
+import $ from 'cafy';
+import App from '../../../models/app';
+import { isValidNameId } from '../../../models/app';
+
+/**
+ * @swagger
+ * /app/name_id/available:
+ *   post:
+ *     summary: Check available name_id on creation an application
+ *     parameters:
+ *       -
+ *         name: name_id
+ *         description: Application unique name
+ *         in: formData
+ *         required: true
+ *         type: string
+ *
+ *     responses:
+ *       200:
+ *         description: Success
+ *         schema:
+ *           type: object
+ *           properties:
+ *             available:
+ *               description: Whether name_id is available
+ *               type: boolean
+ *
+ *       default:
+ *         description: Failed
+ *         schema:
+ *           $ref: "#/definitions/Error"
+ */
+
+/**
+ * Check available name_id of app
+ *
+ * @param {any} params
+ * @return {Promise<any>}
+ */
+module.exports = async (params) => new Promise(async (res, rej) => {
+	// Get 'name_id' parameter
+	const [nameId, nameIdErr] = $(params.name_id).string().pipe(isValidNameId).$;
+	if (nameIdErr) return rej('invalid name_id param');
+
+	// Get exist
+	const exist = await App
+		.count({
+			name_id_lower: nameId.toLowerCase()
+		}, {
+			limit: 1
+		});
+
+	// Reply
+	res({
+		available: exist === 0
+	});
+});
diff --git a/src/server/api/endpoints/app/show.ts b/src/server/api/endpoints/app/show.ts
new file mode 100644
index 0000000000..8bc3dda42c
--- /dev/null
+++ b/src/server/api/endpoints/app/show.ts
@@ -0,0 +1,72 @@
+/**
+ * Module dependencies
+ */
+import $ from 'cafy';
+import App, { pack } from '../../models/app';
+
+/**
+ * @swagger
+ * /app/show:
+ *   post:
+ *     summary: Show an application's information
+ *     description: Require app_id or name_id
+ *     parameters:
+ *       -
+ *         name: app_id
+ *         description: Application ID
+ *         in: formData
+ *         type: string
+ *       -
+ *         name: name_id
+ *         description: Application unique name
+ *         in: formData
+ *         type: string
+ *
+ *     responses:
+ *       200:
+ *         description: Success
+ *         schema:
+ *           $ref: "#/definitions/Application"
+ *
+ *       default:
+ *         description: Failed
+ *         schema:
+ *           $ref: "#/definitions/Error"
+ */
+
+/**
+ * Show an app
+ *
+ * @param {any} params
+ * @param {any} user
+ * @param {any} _
+ * @param {any} isSecure
+ * @return {Promise<any>}
+ */
+module.exports = (params, user, _, isSecure) => new Promise(async (res, rej) => {
+	// Get 'app_id' parameter
+	const [appId, appIdErr] = $(params.app_id).optional.id().$;
+	if (appIdErr) return rej('invalid app_id param');
+
+	// Get 'name_id' parameter
+	const [nameId, nameIdErr] = $(params.name_id).optional.string().$;
+	if (nameIdErr) return rej('invalid name_id param');
+
+	if (appId === undefined && nameId === undefined) {
+		return rej('app_id or name_id is required');
+	}
+
+	// Lookup app
+	const app = appId !== undefined
+		? await App.findOne({ _id: appId })
+		: await App.findOne({ name_id_lower: nameId.toLowerCase() });
+
+	if (app === null) {
+		return rej('app not found');
+	}
+
+	// Send response
+	res(await pack(app, user, {
+		includeSecret: isSecure && app.user_id.equals(user._id)
+	}));
+});