feat: add create invite link endpoint (calcom#24073)

* feat: add create invite link endpoint

* tests: add e2e test

* chore: feeback

* chore: feeback

* chore; udate summary

* chore; udate summary

* chore: deelte swagger

Author: Udit-takkar

apps/api/v2/src/modules/organizations/organizations.module.ts

@@ -47,6 +47,7 @@ import { OrganizationsTeamsController } from "@/modules/organizations/teams/inde
 import { OrganizationsTeamsRepository } from "@/modules/organizations/teams/index/organizations-teams.repository";
 import { OrganizationsTeamsService } from "@/modules/organizations/teams/index/services/organizations-teams.service";
 import { OrganizationsTeamsMembershipsController } from "@/modules/organizations/teams/memberships/organizations-teams-memberships.controller";
+import { OrganizationsTeamsInviteController } from "@/modules/organizations/teams/invite/organizations-teams-invite.controller";
 import { OrganizationsTeamsMembershipsRepository } from "@/modules/organizations/teams/memberships/organizations-teams-memberships.repository";
 import { OrganizationsTeamsMembershipsService } from "@/modules/organizations/teams/memberships/services/organizations-teams-memberships.service";
 import { OrganizationsTeamsRoutingFormsModule } from "@/modules/organizations/teams/routing-forms/organizations-teams-routing-forms.module";
@@ -183,6 +184,7 @@ import { Module } from "@nestjs/common";
     OrganizationsMembershipsController,
     OrganizationsEventTypesController,
     OrganizationsTeamsMembershipsController,
+    OrganizationsTeamsInviteController,
     OrganizationsAttributesController,
     OrganizationsAttributesOptionsController,
     OrganizationsWebhooksController,

apps/api/v2/src/modules/organizations/teams/invite/organizations-teams-invite.controller.e2e-spec.ts

@@ -0,0 +1,135 @@
+import { bootstrap } from "@/app";
+import { AppModule } from "@/app.module";
+import { PrismaModule } from "@/modules/prisma/prisma.module";
+import { TokensModule } from "@/modules/tokens/tokens.module";
+import { UsersModule } from "@/modules/users/users.module";
+import { INestApplication } from "@nestjs/common";
+import { NestExpressApplication } from "@nestjs/platform-express";
+import { Test } from "@nestjs/testing";
+import * as request from "supertest";
+import { MembershipRepositoryFixture } from "test/fixtures/repository/membership.repository.fixture";
+import { OrganizationRepositoryFixture } from "test/fixtures/repository/organization.repository.fixture";
+import { TeamRepositoryFixture } from "test/fixtures/repository/team.repository.fixture";
+import { UserRepositoryFixture } from "test/fixtures/repository/users.repository.fixture";
+import { randomString } from "test/utils/randomString";
+import { withApiAuth } from "test/utils/withApiAuth";
+
+import { SUCCESS_STATUS } from "@calcom/platform-constants";
+import type { Team, User } from "@calcom/prisma/client";
+
+describe("Organizations Teams Invite Endpoints", () => {
+  describe("User Authentication - User is Org Team Admin", () => {
+    let app: INestApplication;
+
+    let userRepositoryFixture: UserRepositoryFixture;
+    let organizationsRepositoryFixture: OrganizationRepositoryFixture;
+    let teamsRepositoryFixture: TeamRepositoryFixture;
+    let membershipsRepositoryFixture: MembershipRepositoryFixture;
+
+    let org: Team;
+    let orgTeam: Team;
+    let nonOrgTeam: Team;
+
+    const userEmail = `organizations-teams-invite-admin-${randomString()}@api.com`;
+
+    let user: User;
+
+    beforeAll(async () => {
+      const moduleRef = await withApiAuth(
+        userEmail,
+        Test.createTestingModule({
+          imports: [AppModule, PrismaModule, UsersModule, TokensModule],
+        })
+      ).compile();
+
+      userRepositoryFixture = new UserRepositoryFixture(moduleRef);
+      organizationsRepositoryFixture = new OrganizationRepositoryFixture(moduleRef);
+      teamsRepositoryFixture = new TeamRepositoryFixture(moduleRef);
+      membershipsRepositoryFixture = new MembershipRepositoryFixture(moduleRef);
+
+      user = await userRepositoryFixture.create({
+        email: userEmail,
+        username: userEmail,
+      });
+
+      org = await organizationsRepositoryFixture.create({
+        name: `organizations-teams-invite-organization-${randomString()}`,
+        isOrganization: true,
+      });
+
+      orgTeam = await teamsRepositoryFixture.create({
+        name: `organizations-teams-invite-team-${randomString()}`,
+        isOrganization: false,
+        parent: { connect: { id: org.id } },
+      });
+
+      nonOrgTeam = await teamsRepositoryFixture.create({
+        name: `organizations-teams-invite-non-org-team-${randomString()}`,
+        isOrganization: false,
+      });
+
+      // Admin of the org team
+      await membershipsRepositoryFixture.create({
+        role: "ADMIN",
+        user: { connect: { id: user.id } },
+        team: { connect: { id: orgTeam.id } },
+      });
+
+      // Also a member of the organization
+      await membershipsRepositoryFixture.create({
+        role: "ADMIN",
+        user: { connect: { id: user.id } },
+        team: { connect: { id: org.id } },
+      });
+
+      app = moduleRef.createNestApplication();
+      bootstrap(app as NestExpressApplication);
+      await app.init();
+    });
+
+    it("should create a team invite", async () => {
+      return request(app.getHttpServer())
+        .post(`/v2/organizations/${org.id}/teams/${orgTeam.id}/invite`)
+        .expect(200)
+        .then((response) => {
+          expect(response.body.status).toEqual(SUCCESS_STATUS);
+          expect(response.body.data.token.length).toBeGreaterThan(0);
+          expect(response.body.data.inviteLink).toEqual(expect.any(String));
+          expect(response.body.data.inviteLink).toContain(response.body.data.token);
+        });
+    });
+
+    it("should create a new invite on each request", async () => {
+      const first = await request(app.getHttpServer())
+        .post(`/v2/organizations/${org.id}/teams/${orgTeam.id}/invite`)
+        .expect(200);
+      const firstToken = first.body.data.token as string;
+
+      return request(app.getHttpServer())
+        .post(`/v2/organizations/${org.id}/teams/${orgTeam.id}/invite`)
+        .expect(200)
+        .then((response) => {
+          expect(response.body.status).toEqual(SUCCESS_STATUS);
+          expect(response.body.data.token).not.toEqual(firstToken);
+          expect(response.body.data.inviteLink).toEqual(expect.any(String));
+          expect(response.body.data.inviteLink).toContain(response.body.data.token);
+        });
+    });
+
+    it("should fail for team not in organization", async () => {
+      return request(app.getHttpServer())
+        .post(`/v2/organizations/${org.id}/teams/${nonOrgTeam.id}/invite`)
+        .expect(404);
+    });
+
+
+    afterAll(async () => {
+      await userRepositoryFixture.deleteByEmail(user.email);
+      await organizationsRepositoryFixture.delete(org.id);
+      await teamsRepositoryFixture.delete(nonOrgTeam.id);
+      await app.close();
+    });
+  });
+});
+
+

apps/api/v2/src/modules/organizations/teams/invite/organizations-teams-invite.controller.ts

@@ -0,0 +1,43 @@
+import { API_VERSIONS_VALUES } from "@/lib/api-versions";
+import { OPTIONAL_API_KEY_HEADER, OPTIONAL_X_CAL_CLIENT_ID_HEADER, OPTIONAL_X_CAL_SECRET_KEY_HEADER } from "@/lib/docs/headers";
+import { Roles } from "@/modules/auth/decorators/roles/roles.decorator";
+import { ApiAuthGuard } from "@/modules/auth/guards/api-auth/api-auth.guard";
+import { PlatformPlanGuard } from "@/modules/auth/guards/billing/platform-plan.guard";
+import { IsAdminAPIEnabledGuard } from "@/modules/auth/guards/organizations/is-admin-api-enabled.guard";
+import { IsOrgGuard } from "@/modules/auth/guards/organizations/is-org.guard";
+import { RolesGuard } from "@/modules/auth/guards/roles/roles.guard";
+import { IsTeamInOrg } from "@/modules/auth/guards/teams/is-team-in-org.guard";
+import { Controller, UseGuards, Post, Param, ParseIntPipe, HttpCode, HttpStatus } from "@nestjs/common";
+import { ApiHeader, ApiOperation, ApiTags as DocsTags } from "@nestjs/swagger";
+
+import { SUCCESS_STATUS } from "@calcom/platform-constants";
+
+import { TeamService } from "@calcom/platform-libraries";
+
+
+import { CreateInviteOutputDto } from "./outputs/invite.output";
+
+@Controller({
+  path: "/v2/organizations/:orgId/teams/:teamId",
+  version: API_VERSIONS_VALUES,
+})
+@UseGuards(ApiAuthGuard, IsOrgGuard, RolesGuard, IsTeamInOrg, PlatformPlanGuard, IsAdminAPIEnabledGuard)
+@DocsTags("Orgs / Teams / Invite")
+@ApiHeader(OPTIONAL_X_CAL_CLIENT_ID_HEADER)
+@ApiHeader(OPTIONAL_X_CAL_SECRET_KEY_HEADER)
+@ApiHeader(OPTIONAL_API_KEY_HEADER)
+export class OrganizationsTeamsInviteController {
+  @Post("/invite")
+  @Roles("TEAM_ADMIN")
+  @ApiOperation({ summary: "Create team invite link" })
+  @HttpCode(HttpStatus.OK)
+  async createInvite(
+    @Param("orgId", ParseIntPipe) _orgId: number,
+    @Param("teamId", ParseIntPipe) teamId: number
+  ): Promise<CreateInviteOutputDto> {
+    const result = await TeamService.createInvite(teamId);
+    return { status: SUCCESS_STATUS, data: result };
+  }
+}
+
+

apps/api/v2/src/modules/organizations/teams/invite/outputs/invite.output.ts

@@ -0,0 +1,27 @@
+import { ApiProperty } from "@nestjs/swagger";
+
+export class InviteDataDto {
+  @ApiProperty({
+    description:
+      "Unique invitation token for this team. Share this token with prospective members to allow them to join the team/organization.",
+    example: "f6a5c8b1d2e34c7f90a1b2c3d4e5f6a5b7c8d9e0f1a2b3c4d5e6f7a8b9c0d1e2",
+  })
+  token!: string;
+
+  @ApiProperty({
+    description:
+      "Complete invitation URL that can be shared with prospective members. Opens the signup page with the token and redirects to getting started after signup.",
+    example: "http://app.cal.com/signup?token=f6a5c8b1d2e34c7f90a1b2c3d4e5f6a5b7c8d9e0f1a2b3c4d5e6f7a8b9c0d1e2&callbackUrl=/getting-started",
+  })
+  inviteLink!: string;
+}
+
+export class CreateInviteOutputDto {
+  @ApiProperty({ example: "success" })
+  status!: string;
+
+  @ApiProperty({ type: InviteDataDto })
+  data!: InviteDataDto;
+}
+
+

apps/web/playwright/signup.e2e.ts

@@ -209,7 +209,7 @@ test.describe("Email Signup Flow Test", async () => {
       data: {
         identifier: userToCreate.email,
         token,
-        expires: new Date(new Date().setHours(168)), // +1 week
+        expires: new Date(Date.now() + 7 * 24 * 60 * 60 * 1000), // +1 week
         team: {
           create: {
             name: "Rick's Team",

docs/api-reference/v2/openapi.json

@@ -4421,6 +4421,70 @@
         "tags": ["Orgs / Teams / Event Types / Private Links"]
       }
     },
+    "/v2/organizations/{orgId}/teams/{teamId}/invite": {
+      "post": {
+        "operationId": "OrganizationsTeamsInviteController_createInvite",
+        "summary": "Create team invite link",
+        "parameters": [
+          {
+            "name": "Authorization",
+            "in": "header",
+            "description": "For non-platform customers - value must be `Bearer <token>` where `<token>` is api key prefixed with cal_",
+            "required": false,
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "x-cal-secret-key",
+            "in": "header",
+            "description": "For platform customers - OAuth client secret key",
+            "required": false,
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "x-cal-client-id",
+            "in": "header",
+            "description": "For platform customers - OAuth client ID",
+            "required": false,
+            "schema": {
+              "type": "string"
+            }
+          },
+          {
+            "name": "orgId",
+            "required": true,
+            "in": "path",
+            "schema": {
+              "type": "number"
+            }
+          },
+          {
+            "name": "teamId",
+            "required": true,
+            "in": "path",
+            "schema": {
+              "type": "number"
+            }
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "#/components/schemas/CreateInviteOutputDto"
+                }
+              }
+            }
+          }
+        },
+        "tags": ["Orgs / Teams / Invite"]
+      }
+    },
     "/v2/organizations/{orgId}/teams/{teamId}/memberships": {
       "get": {
         "operationId": "OrganizationsTeamsMembershipsController_getAllOrgTeamMemberships",
@@ -19915,6 +19979,35 @@
         },
         "required": ["userId", "role"]
       },
+      "InviteDataDto": {
+        "type": "object",
+        "properties": {
+          "token": {
+            "type": "string",
+            "description": "Unique invitation token for this team. Share this token with prospective members to allow them to join the team/organization.",
+            "example": "f6a5c8b1d2e34c7f90a1b2c3d4e5f6a5b7c8d9e0f1a2b3c4d5e6f7a8b9c0d1e2"
+          },
+          "inviteLink": {
+            "type": "string",
+            "description": "Complete invitation URL that can be shared with prospective members. Opens the signup page with the token and redirects to getting started after signup.",
+            "example": "http://app.cal.com/signup?token=f6a5c8b1d2e34c7f90a1b2c3d4e5f6a5b7c8d9e0f1a2b3c4d5e6f7a8b9c0d1e2&callbackUrl=/getting-started"
+          }
+        },
+        "required": ["token", "inviteLink"]
+      },
+      "CreateInviteOutputDto": {
+        "type": "object",
+        "properties": {
+          "status": {
+            "type": "string",
+            "example": "success"
+          },
+          "data": {
+            "$ref": "#/components/schemas/InviteDataDto"
+          }
+        },
+        "required": ["status", "data"]
+      },
       "Attribute": {
         "type": "object",
         "properties": {