From f260b5afc081582a0e19aa08fb063d0e74997854 Mon Sep 17 00:00:00 2001
From: tigerbot <seth.gibelyou@daplie.com>
Date: Fri, 30 Jun 2017 16:33:51 -0600
Subject: [PATCH] implemented route to get grants for all sites

---
 README.md | 10 +++++++++-
 rest.js   | 35 +++++++++++++++++++++++++++--------
 2 files changed, 36 insertions(+), 9 deletions(-)

diff --git a/README.md b/README.md
index 51c11ca..8e03724 100644
--- a/README.md
+++ b/README.md
@@ -128,4 +128,12 @@ the same privileges multiple times on different machines.
     * `sub`: The same `sub` from the url
     * `azp`: The same `azp` from the url
     * `scope`: A comma separated list of the permissions granted
-    * `updatedAt`: The timestamp for the most recent change to the grants
+    * `updatedAt`: The ms timestamp for the most recent change to the grants
+
+### Retrieving All Grants ###
+  * **URL** `:scheme//:hostname/api/issuer@oauth3.org/grants/:sub`
+  * **Method** `GET`
+  * **Url Params**
+    * `sub`: The [subject](#subject) using the issuer hostname as the `azp`
+  * **Response**: An array of objects with the same values as the simple grant
+    get response.
diff --git a/rest.js b/rest.js
index 23f8fb5..bb360e4 100644
--- a/rest.js
+++ b/rest.js
@@ -122,23 +122,41 @@ module.exports.create = function (bigconf, deps, app) {
     });
   };
 
-  Grants.restful.get = function (req, res) {
+  Grants.restful.getOne = function (req, res) {
     var promise = Grants.authorizeReq(req).then(function (sub) {
       return req.Store.get(sub+'/'+req.params.azp);
-    }).then(function (result) {
-      if (!result) {
+    }).then(function (grant) {
+      if (!grant) {
         throw new Error('no grants found');
       }
       return {
-        sub:   result.sub,
-        azp:   result.azp,
-        scope: result.scope,
-        updatedAt:  result.updatedAt
+        sub:   grant.sub,
+        azp:   grant.azp,
+        scope: grant.scope,
+        updatedAt: parseInt(grant.updatedAt, 10),
       };
     });
 
     app.handlePromise(req, res, promise, "[issuer@oauth3.org] retrieve grants");
   };
+  Grants.restful.getAll = function (req, res) {
+    var promise = Grants.authorizeReq(req).then(function (sub) {
+      return req.Store.find({ sub: sub });
+    }).then(function (results) {
+      return results.map(function (grant) {
+        return {
+          sub:   grant.sub,
+          azp:   grant.azp,
+          scope: grant.scope,
+          updatedAt: parseInt(grant.updatedAt, 10),
+        };
+      }).sort(function (grantA, grantB) {
+        return (grantA.azp < grantB.azp) ? -1 : 1;
+      });
+    });
+
+    app.handlePromise(req, res, promise, "[issuer@oauth3.org] retrieve grants");
+  };
   Grants.restful.saveNew = function (req, res) {
     var promise = Grants.authorizeReq(req).then(function (sub) {
       if (typeof req.body.scope !== 'string') {
@@ -164,7 +182,8 @@ module.exports.create = function (bigconf, deps, app) {
   app.post(  '/jwks/:sub', Jwks.restful.saveNew);
 
   app.use(   '/grants', attachSiteStore.bind(null, 'IssuerOauth3OrgGrants'));
-  app.get(   '/grants/:sub/:azp', Grants.restful.get);
+  app.get(   '/grants/:sub', Grants.restful.getAll);
+  app.get(   '/grants/:sub/:azp', Grants.restful.getOne);
   app.post(  '/grants/:sub/:azp', Grants.restful.saveNew);
 
   app.use(detachSiteStore);