feat: orgs conferencing apps

apps/api/v2/src/modules/atoms/controllers/atoms.conferencing-apps.controller.ts

@@ -31,6 +31,22 @@ These endpoints should not be recommended for use by third party and are exclude
 export class AtomsConferencingAppsController {
   constructor(private readonly conferencingService: ConferencingAtomsService) {}
 
+  @Get("/organizations/:orgId/conferencing")
+  @Roles("ORG_ADMIN")
+  @PlatformPlan("ESSENTIALS")
+  @UseGuards(ApiAuthGuard, IsOrgGuard, RolesGuard, PlatformPlanGuard, IsAdminAPIEnabledGuard)
+  @Version(VERSION_NEUTRAL)
+  async listOrgInstalledConferencingApps(
+    @GetUser() user: UserWithProfile,
+    @Param("orgId", ParseIntPipe) orgId: number
+  ): Promise<ApiResponse<ConnectedApps>> {
+    const conferencingApps = await this.conferencingService.getTeamConferencingApps(user, orgId);
+    return {
+      status: SUCCESS_STATUS,
+      data: conferencingApps,
+    };
+  }
+
   @Get("/organizations/:orgId/teams/:teamId/conferencing")
   @Roles("TEAM_ADMIN")
   @PlatformPlan("ESSENTIALS")

apps/api/v2/src/modules/atoms/services/conferencing-atom.service.ts

@@ -18,6 +18,7 @@ export class ConferencingAtomsService {
       input: {
         variant: "conferencing",
         onlyInstalled: true,
+        includeTeamInstalledApps: true,
       },
       prisma: this.dbWrite.prisma as unknown as PrismaClient,
     });

apps/api/v2/src/modules/conferencing/controllers/conferencing.controller.ts

@@ -17,25 +17,25 @@ import { SetDefaultConferencingAppOutputResponseDto } from "@/modules/conferenci
 import { ConferencingService } from "@/modules/conferencing/services/conferencing.service";
 import { UserWithProfile } from "@/modules/users/users.repository";
 import { HttpService } from "@nestjs/axios";
-import { Logger } from "@nestjs/common";
+import { Logger, ParseIntPipe } from "@nestjs/common";
 import {
   Controller,
+  Delete,
   Get,
-  Query,
   HttpCode,
   HttpStatus,
-  UseGuards,
-  Post,
   Param,
+  Post,
+  Query,
+  Req,
+  UseGuards,
+  HttpException,
   BadRequestException,
-  Delete,
   Headers,
   Redirect,
-  Req,
-  HttpException,
 } from "@nestjs/common";
 import { ConfigService } from "@nestjs/config";
-import { ApiHeader, ApiOperation, ApiParam, ApiTags as DocsTags } from "@nestjs/swagger";
+import { ApiHeader, ApiOperation, ApiParam, ApiQuery, ApiTags as DocsTags } from "@nestjs/swagger";
 import { plainToInstance } from "class-transformer";
 import { Request } from "express";
 
@@ -80,7 +80,10 @@ export class ConferencingController {
     @Param("app") app: string
   ): Promise<ConferencingAppOutputResponseDto> {
     const credential = await this.conferencingService.connectUserNonOauthApp(app, user.id);
-    return { status: SUCCESS_STATUS, data: plainToInstance(ConferencingAppsOutputDto, credential) };
+    return {
+      status: SUCCESS_STATUS,
+      data: plainToInstance(ConferencingAppsOutputDto, credential, { strategy: "excludeAll" }),
+    };
   }
 
   @Get("/:app/oauth/auth-url")
@@ -169,6 +172,21 @@ export class ConferencingController {
           const fallbackUrl = decodedCallbackState.onErrorReturnTo || "";
           return { url: fallbackUrl };
         }
+      } else if (decodedCallbackState.orgId) {
+        const apiUrl = this.config.get("api.url");
+        const url = `${apiUrl}/organizations/${decodedCallbackState.orgId}/conferencing/${app}/oauth/callback`;
+        const params: Record<string, string | undefined> = { state, code, error, error_description };
+        const headers = {
+          Authorization: `Bearer ${decodedCallbackState.accessToken}`,
+        };
+        try {
+          const response = await this.httpService.axiosRef.get(url, { params, headers });
+          const redirectUrl = response.data?.url || decodedCallbackState.onErrorReturnTo || "";
+          return { url: redirectUrl };
+        } catch (err) {
+          const fallbackUrl = decodedCallbackState.onErrorReturnTo || "";
+          return { url: fallbackUrl };
+        }
       }
 
       return this.conferencingService.connectOauthApps(app, code, decodedCallbackState);
@@ -190,10 +208,12 @@ export class ConferencingController {
   async listInstalledConferencingApps(
     @GetUser() user: UserWithProfile
   ): Promise<ConferencingAppsOutputResponseDto> {
-    const conferencingApps = await this.conferencingService.getConferencingApps(user.id);
+    const conferencingApps = await this.conferencingService.getConferencingApps(user);
     return {
       status: SUCCESS_STATUS,
-      data: conferencingApps.map((app) => plainToInstance(ConferencingAppsOutputDto, app)),
+      data: conferencingApps.map((app) =>
+        plainToInstance(ConferencingAppsOutputDto, app, { strategy: "excludeAll" })
+      ),
     };
   }
 
@@ -216,6 +236,32 @@ export class ConferencingController {
     return { status: SUCCESS_STATUS };
   }
 
+  @Post("/:app/default/:credentialId")
+  @HttpCode(HttpStatus.OK)
+  @UseGuards(ApiAuthGuard)
+  @ApiHeader(API_KEY_OR_ACCESS_TOKEN_HEADER)
+  @ApiOperation({ summary: "Set your default conferencing application with specific credential ID" })
+  @ApiParam({
+    name: "app",
+    description: "Conferencing application type",
+    enum: [GOOGLE_MEET, ZOOM, OFFICE_365_VIDEO, CAL_VIDEO],
+    required: true,
+  })
+  @ApiParam({
+    name: "credentialId",
+    description: "Specific credential ID to use for the conferencing app",
+    type: Number,
+    required: true,
+  })
+  async defaultWithCredential(
+    @GetUser() user: UserWithProfile,
+    @Param("app") app: string,
+    @Param("credentialId", ParseIntPipe) credentialId: number
+  ): Promise<SetDefaultConferencingAppOutputResponseDto> {
+    await this.conferencingService.setDefaultConferencingApp(user, app, credentialId);
+    return { status: SUCCESS_STATUS };
+  }
+
   @Get("/default")
   @HttpCode(HttpStatus.OK)
   @UseGuards(ApiAuthGuard)

apps/api/v2/src/modules/conferencing/outputs/get-conferencing-apps.output.ts

@@ -10,6 +10,12 @@ export class ConferencingAppsOutputDto {
   @ApiProperty({ description: "Id of the conferencing app credentials" })
   id!: number;
 
+  @ApiProperty({ example: "zoom", description: "App identifier" })
+  @Expose()
+  @IsString()
+  @IsOptional()
+  appId?: string;
+
   @ApiProperty({ example: GOOGLE_MEET_TYPE, description: "Type of conferencing app" })
   @Expose()
   @IsString()
@@ -18,7 +24,17 @@ export class ConferencingAppsOutputDto {
   @ApiProperty({ description: "Id of the user associated to the conferencing app" })
   @Expose()
   @IsNumber()
-  userId!: number;
+  @IsOptional()
+  userId!: number | null;
+
+  @ApiPropertyOptional({
+    description: "Team ID if the credential belongs to a team",
+    nullable: true,
+  })
+  @Expose()
+  @IsNumber()
+  @IsOptional()
+  teamId?: number | null;
 
   @ApiPropertyOptional({
     example: true,
@@ -29,6 +45,15 @@ export class ConferencingAppsOutputDto {
   @IsBoolean()
   @IsOptional()
   invalid?: boolean | null;
+
+  @ApiPropertyOptional({
+    description: "Delegation credential ID",
+    nullable: true,
+  })
+  @IsNumber()
+  @Expose()
+  @IsOptional()
+  delegationCredentialId?: number | null;
 }
 
 export class ConferencingAppsOutputResponseDto {

apps/api/v2/src/modules/conferencing/outputs/get-default-conferencing-app.output.ts

@@ -1,19 +1,27 @@
-import { ApiProperty } from "@nestjs/swagger";
+import { ApiProperty, ApiPropertyOptional } from "@nestjs/swagger";
 import { Expose, Type } from "class-transformer";
-import { IsEnum, IsOptional, IsString, ValidateNested } from "class-validator";
+import { IsEnum, IsOptional, IsString, IsNumber, ValidateNested } from "class-validator";
 
 import { ERROR_STATUS, SUCCESS_STATUS } from "@calcom/platform-constants";
 
 export class DefaultConferencingAppsOutputDto {
   @IsString()
   @IsOptional()
   @Expose()
+  @ApiProperty()
   readonly appSlug?: string;
 
   @IsString()
   @IsOptional()
   @Expose()
+  @ApiProperty()
   readonly appLink?: string;
+
+  @IsNumber()
+  @IsOptional()
+  @Expose()
+  @ApiProperty()
+  readonly credentialId?: number;
 }
 
 export class GetDefaultConferencingAppOutputResponseDto {
@@ -25,5 +33,6 @@ export class GetDefaultConferencingAppOutputResponseDto {
   @ValidateNested()
   @IsOptional()
   @Type(() => DefaultConferencingAppsOutputDto)
+  @ApiPropertyOptional({ type: DefaultConferencingAppsOutputDto })
   data?: DefaultConferencingAppsOutputDto;
 }

apps/api/v2/src/modules/conferencing/repositories/conferencing.repository.ts

@@ -33,9 +33,25 @@ export class ConferencingRepository {
   }
 
   async findTeamConferencingApps(teamId: number) {
+    const parentTeam = await this.dbRead.prisma.team.findUnique({
+      where: {
+        id: teamId,
+      },
+      select: {
+        parentId: true,
+      },
+    });
+
+    const teamIds = [teamId];
+    if (parentTeam?.parentId) {
+      teamIds.push(parentTeam.parentId);
+    }
+
     return this.dbRead.prisma.credential.findMany({
       where: {
-        teamId,
+        teamId: {
+          in: teamIds,
+        },
         type: { endsWith: "_video" },
       },
       select: this.credentialSelect,
@@ -62,4 +78,11 @@ export class ConferencingRepository {
       select: this.credentialSelect,
     });
   }
+
+  async findMultipleTeamsConferencingApp(teamIds: number[], app: string) {
+    return this.dbRead.prisma.credential.findMany({
+      where: { teamId: { in: teamIds }, appId: app },
+      select: this.credentialSelect,
+    });
+  }
 }

apps/api/v2/src/modules/conferencing/services/conferencing.service.ts

@@ -22,24 +22,29 @@ import {
   OFFICE_365_VIDEO,
 } from "@calcom/platform-constants";
 import { userMetadata } from "@calcom/platform-libraries";
-import { getUsersCredentialsIncludeServiceAccountKey } from "@calcom/platform-libraries/app-store";
+import { getUsersAndTeamsCredentialsIncludeServiceAccountKey } from "@calcom/platform-libraries/app-store";
 import { getApps, handleDeleteCredential } from "@calcom/platform-libraries/app-store";
 
 @Injectable()
 export class ConferencingService {
   private logger = new Logger("ConferencingService");
 
   constructor(
-    private readonly conferencingRepository: ConferencingRepository,
     private readonly usersRepository: UsersRepository,
     private readonly tokensRepository: TokensRepository,
     private readonly googleMeetService: GoogleMeetService,
     private readonly zoomVideoService: ZoomVideoService,
     private readonly office365VideoService: Office365VideoService
   ) {}
 
-  async getConferencingApps(userId: number) {
-    return this.conferencingRepository.findConferencingApps(userId);
+  async getConferencingApps(user: UserWithProfile) {
+    const credentials = await getUsersAndTeamsCredentialsIncludeServiceAccountKey(user);
+
+    // Remove sensitive key field from each credential
+    return credentials.map((credential) => {
+      const { key: _key, ...credentialWithoutKey } = credential;
+      return credentialWithoutKey;
+    });
   }
 
   async connectUserNonOauthApp(app: string, userId: number) {
@@ -87,14 +92,20 @@ export class ConferencingService {
     return userMetadata.parse(user?.metadata)?.defaultConferencingApp;
   }
 
-  async checkAppIsValidAndConnected(user: UserWithProfile, appSlug: string) {
+  async checkAppIsValidAndConnected(user: UserWithProfile, appSlug: string, credentialId?: number) {
     if (!CONFERENCING_APPS.includes(appSlug)) {
       throw new BadRequestException("Invalid app, available apps are: ", CONFERENCING_APPS.join(", "));
     }
-    const credentials = await getUsersCredentialsIncludeServiceAccountKey(user);
+    const credentials = await getUsersAndTeamsCredentialsIncludeServiceAccountKey(user);
 
-    const foundApp = getApps(credentials, true).filter((app) => app.slug === appSlug)[0];
+    if (credentialId) {
+      const specificCredential = credentials.find((cred) => cred.id === credentialId);
+      if (!specificCredential) {
+        throw new BadRequestException(`Credential with ID ${credentialId} not found for app ${appSlug}.`);
+      }
+    }
 
+    const foundApp = getApps(credentials, true).filter((app) => app.slug === appSlug)[0];
     const appLocation = foundApp?.appData?.location;
 
     if (!foundApp || !appLocation) {
@@ -112,12 +123,17 @@ export class ConferencingService {
     });
   }
 
-  async setDefaultConferencingApp(user: UserWithProfile, app: string) {
+  async setDefaultConferencingApp(user: UserWithProfile, app: string, credentialId?: number) {
     // cal-video is global, so we can skip this check
     if (app !== CAL_VIDEO) {
-      await this.checkAppIsValidAndConnected(user, app);
+      await this.checkAppIsValidAndConnected(user, app, credentialId);
     }
-    const updatedUser = await this.usersRepository.setDefaultConferencingApp(user.id, app);
+    const updatedUser = await this.usersRepository.setDefaultConferencingApp(
+      user.id,
+      app,
+      undefined,
+      credentialId
+    );
     const metadata = updatedUser.metadata as { defaultConferencingApp?: { appSlug?: string } };
     if (metadata?.defaultConferencingApp?.appSlug !== app) {
       throw new InternalServerErrorException(`Could not set ${app} as default conferencing app`);