Skip to content

Comments

feat: org/team event type private links endpoints#23048

Merged
alishaz-polymath merged 11 commits intomainfrom
feat/api-private-links-team-org
Aug 14, 2025
Merged

feat: org/team event type private links endpoints#23048
alishaz-polymath merged 11 commits intomainfrom
feat/api-private-links-team-org

Conversation

@alishaz-polymath
Copy link
Member

What does this PR do?

Summary

  • Added org/team-scoped private links endpoints that mirror the permissions/guards of Orgs / Teams / Event Types.
  • Reused existing private links service; validated team ownership for event types.
  • Added e2e tests for the new endpoints.

Endpoints

  • POST /v2/organizations/:orgId/teams/:teamId/event-types/:eventTypeId/private-links
  • GET /v2/organizations/:orgId/teams/:teamId/event-types/:eventTypeId/private-links
  • PATCH /v2/organizations/:orgId/teams/:teamId/event-types/:eventTypeId/private-links/:linkId
  • DELETE /v2/organizations/:orgId/teams/:teamId/event-types/:eventTypeId/private-links/:linkId

Permissions and guards

  • Decorators: @Roles("TEAM_ADMIN"), @PlatformPlan("ESSENTIALS")
  • Guards: ApiAuthGuard, IsOrgGuard, RolesGuard, IsTeamInOrg, PlatformPlanGuard, IsAdminAPIEnabledGuard
  • Event type/Team relationship is enforced via TeamsEventTypesService.validateEventTypeExists(teamId, eventTypeId)

Implementation notes

  • Controller: apps/api/v2/src/ee/event-types-private-links/controllers/organizations-event-types-private-links.controller.ts
  • Uses existing PrivateLinksService for create/list/update/delete.
  • Returns standardized responses with SUCCESS_STATUS and platform-types outputs.

Module changes

  • Registered the new controller in OrganizationsModule:
    • Imports EventTypesPrivateLinksModule for the service.
    • Adds OrganizationsEventTypesPrivateLinksController to controllers.
  • Slimmed EventTypesPrivateLinksModule to only event-type-scoped endpoints and exported PrivateLinksService.

Tests

  • New e2e: apps/api/v2/src/modules/organizations/event-types/organizations-event-types-private-links.e2e-spec.ts
    • Covers POST/GET/PATCH/DELETE happy paths.
    • Uses fixtures to create org, team, and team-owned event type.
    • Overrides plan/admin/roles guards for focus; auth remains enabled.

API surface and data model

  • No DB schema changes.
  • No breaking changes for existing endpoints.
  • Private link objects and behaviors match the existing event-type private links controller.

Visual Demo (For contributors especially)

A visual demonstration is strongly recommended, for both the original and new change (video / image - any one).

Video Demo (if applicable):

  • Show screen recordings of the issue or feature.
  • Demonstrate how to reproduce the issue, the behavior before and after the change.

Image Demo (if applicable):

  • Add side-by-side screenshots of the original and updated change.
  • Highlight any significant change(s).

Mandatory Tasks (DO NOT REMOVE)

  • I have self-reviewed the code (A decent size PR without self-review might be rejected).
  • I have updated the developer docs in /docs if this PR makes changes that would require a documentation change. If N/A, write N/A here and check the checkbox.
  • I confirm automated tests are in place that prove my fix is effective or that my feature works.

How should this be tested?

  • Ensure you’re authenticated and a TEAM_ADMIN in the org/team.
  • Create a team event type, then:
    • POST to create a link; expect 201 and data.linkId.
    • GET to list links; expect 200 with array.
    • PATCH :linkId to update maxUsageCount; expect 200 with updated value.
    • DELETE :linkId; expect 200 with data.linkId.

Checklist

  • I haven't read the contributing guide
  • My code doesn't follow the style guidelines of this project
  • I haven't commented my code, particularly in hard-to-understand areas
  • I haven't checked if my changes generate no new warnings

@coderabbitai
Copy link
Contributor

coderabbitai bot commented Aug 13, 2025

Note

Reviews paused

Use the following commands to manage reviews:

  • @coderabbitai resume to resume automatic reviews.
  • @coderabbitai review to trigger a single review.

Walkthrough

Adds organization/team-scoped private-links support for event types: introduces OrganizationsEventTypesPrivateLinksController with CRUD endpoints, wires EventTypesPrivateLinksModule into OrganizationsModule and exports PrivateLinksService, refactors PrivateLinksService (removes userId from get/update/delete signatures and injects input/output/repository dependencies), updates existing event-type private-links controller to match, removes OAuthClientModule from the module imports, adds an e2e test exercising org/team private-link CRUD flows, and updates OpenAPI/Swagger and public OpenAPI v2 docs to include the new endpoints and schemas. Also bumps @calcom/platform-libraries to 9.9.9.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~40 minutes

Possibly related PRs

✨ Finishing Touches
🧪 Generate unit tests
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch feat/api-private-links-team-org

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbitai help to get the list of available commands.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Status, Documentation and Community

  • Visit our Status Page to check the current availability of CodeRabbit.
  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

@keithwillcode keithwillcode added core area: core, team members only enterprise area: enterprise, audit log, organisation, SAML, SSO labels Aug 13, 2025
@vercel
Copy link

vercel bot commented Aug 13, 2025

The latest updates on your projects. Learn more about Vercel for Git ↗︎

2 Skipped Deployments
Project Deployment Preview Comments Updated (UTC)
cal ⬜️ Ignored Aug 14, 2025 9:43am
cal-eu ⬜️ Ignored Aug 14, 2025 9:43am

supalarry

This comment was marked as outdated.

@alishaz-polymath alishaz-polymath marked this pull request as ready for review August 13, 2025 13:10
@alishaz-polymath alishaz-polymath requested a review from a team August 13, 2025 13:10
@alishaz-polymath alishaz-polymath requested a review from a team as a code owner August 13, 2025 13:10
@alishaz-polymath alishaz-polymath enabled auto-merge (squash) August 13, 2025 13:10
@dosubot dosubot bot added organizations area: organizations, orgs platform Anything related to our platform plan teams area: teams, round robin, collective, managed event-types ✨ feature New feature or request labels Aug 13, 2025
@alishaz-polymath alishaz-polymath added the api area: API, enterprise API, access token, OAuth label Aug 13, 2025
@supalarry supalarry self-requested a review August 13, 2025 13:13
@GetUser("id") userId: number
): Promise<CreatePrivateLinkOutput> {
await this.teamsEventTypesService.validateEventTypeExists(teamId, eventTypeId);
const privateLink = await this.privateLinksService.createPrivateLink(eventTypeId, userId, body);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I thought that userId was removed from private links service - user id is still passed here.

Copy link
Member Author

@alishaz-polymath alishaz-polymath Aug 13, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is indeed passed here, it was only removed from GET, PATCH and DELETE. The userId passed here is used to it’s used to generate the link string (generateHashedLink) in POST
image

https://github.com/calcom/cal.com/pull/23048/files/bc65976649509e2c57981b3c485d75efa0d648e2#diff-33447bafca072a0c28d18881f7873ae3071ff136849d2d9fd8a699bac7288fbbR28

coderabbitai[bot]

This comment was marked as resolved.

coderabbitai[bot]

This comment was marked as resolved.

@supalarry supalarry self-requested a review August 13, 2025 13:42
supalarry
supalarry previously approved these changes Aug 13, 2025
@graphite-app
Copy link

graphite-app bot commented Aug 13, 2025

Graphite Automations

"Add ready-for-e2e label" took an action on this PR • (08/13/25)

1 label was added to this PR based on Keith Williams's automation.

@github-actions
Copy link
Contributor

github-actions bot commented Aug 13, 2025

E2E results are ready!

@coderabbitai
Copy link
Contributor

coderabbitai bot commented Aug 13, 2025

✅ Actions performed

Reviews paused.

@supalarry supalarry self-requested a review August 14, 2025 09:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

api area: API, enterprise API, access token, OAuth core area: core, team members only enterprise area: enterprise, audit log, organisation, SAML, SSO ✨ feature New feature or request organizations area: organizations, orgs platform Anything related to our platform plan ready-for-e2e teams area: teams, round robin, collective, managed event-types

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants