pointers to Runtime!

domain/account/model.go

@@ -18,7 +18,7 @@ import (
 
 // Handler contains the runtime information such as logging and database.
 type Handler struct {
-	Runtime env.Runtime
+	Runtime *env.Runtime
 }
 
 // Account links a User to an Organization.

domain/auth/jwt.go

@@ -23,7 +23,7 @@ import (
 )
 
 // GenerateJWT generates JSON Web Token (http://jwt.io)
-func GenerateJWT(rt env.Runtime, user, org, domain string) string {
+func GenerateJWT(rt *env.Runtime, user, org, domain string) string {
 	token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
 		"iss":    "Documize",
 		"sub":    "webapp",
@@ -61,7 +61,7 @@ func FindJWT(r *http.Request) (token string) {
 }
 
 // DecodeJWT decodes raw token.
-func DecodeJWT(rt env.Runtime, tokenString string) (c domain.RequestContext, claims jwt.Claims, err error) {
+func DecodeJWT(rt *env.Runtime, tokenString string) (c domain.RequestContext, claims jwt.Claims, err error) {
 	// sensible defaults
 	c.UserID = ""
 	c.OrgID = ""

domain/auth/model.go

@@ -18,7 +18,7 @@ import (
 
 // Handler contains the runtime information such as logging and database.
 type Handler struct {
-	Runtime env.Runtime
+	Runtime *env.Runtime
 }
 
 // AuthenticationModel details authentication token and user details.

domain/context.go

@@ -53,12 +53,11 @@ func GetRequestContext(r *http.Request) RequestContext {
 
 // StoreContext provides data persistence methods with runtime and request context.
 type StoreContext struct {
-	Runtime env.Runtime
+	Runtime *env.Runtime
 	Context RequestContext
 }
 
-// NewContexts returns request scoped user context and store context for persistence logic.
-func NewContexts(rt env.Runtime, r *http.Request) (RequestContext, StoreContext) {
-	ctx := GetRequestContext(r)
-	return ctx, StoreContext{Runtime: rt, Context: ctx}
+// NewContext returns request scoped user context and store context for persistence logic.
+func NewContext(rt *env.Runtime, r *http.Request) StoreContext {
+	return StoreContext{Runtime: rt, Context: GetRequestContext(r)}
 }

domain/organization/model.go

@@ -18,7 +18,7 @@ import (
 
 // Handler contains the runtime information such as logging and database.
 type Handler struct {
-	Runtime env.Runtime
+	Runtime *env.Runtime
 }
 
 // Organization defines a company that uses this app.

domain/pin/endpoint.go

@@ -0,0 +1,236 @@
+// Copyright 2016 Documize Inc. <legal@documize.com>. All rights reserved.
+//
+// This software (Documize Community Edition) is licensed under
+// GNU AGPL v3 http://www.gnu.org/licenses/agpl-3.0.en.html
+//
+// You can operate outside the AGPL restrictions by purchasing
+// Documize Enterprise Edition and obtaining a commercial license
+// by contacting <sales@documize.com>.
+//
+// https://documize.com
+
+package pin
+
+import (
+	"database/sql"
+	"encoding/json"
+	"io/ioutil"
+	"net/http"
+	"strings"
+
+	"github.com/documize/community/core/request"
+	"github.com/documize/community/core/response"
+	"github.com/documize/community/core/uniqueid"
+	"github.com/documize/community/domain"
+	"github.com/documize/community/domain/eventing"
+)
+
+// Add saves pinned item.
+func (h *Handler) Add(w http.ResponseWriter, r *http.Request) {
+	method := "pin.Add"
+	s := domain.NewContext(h.Runtime, r)
+
+	userID := request.Param(r, "userID")
+	if len(userID) == 0 {
+		response.WriteMissingDataError(w, method, "userID")
+		return
+	}
+
+	if !h.Runtime.Product.License.IsValid() {
+		response.WriteBadLicense(w)
+		return
+	}
+
+	if !s.Context.Authenticated {
+		response.WriteForbiddenError(w)
+		return
+	}
+
+	defer r.Body.Close()
+	body, err := ioutil.ReadAll(r.Body)
+	if err != nil {
+		response.WriteBadRequestError(w, method, "body")
+		return
+	}
+
+	var pin Pin
+	err = json.Unmarshal(body, &pin)
+	if err != nil {
+		response.WriteBadRequestError(w, method, "pin")
+		return
+	}
+
+	pin.RefID = uniqueid.Generate()
+	pin.OrgID = s.Context.OrgID
+	pin.UserID = s.Context.UserID
+	pin.Pin = strings.TrimSpace(pin.Pin)
+	if len(pin.Pin) > 20 {
+		pin.Pin = pin.Pin[0:20]
+	}
+
+	s.Context.Transaction, err = h.Runtime.Db.Beginx()
+	if err != nil {
+		response.WriteServerError(w, method, err)
+		return
+	}
+
+	err = Add(s, pin)
+	if err != nil {
+		s.Context.Transaction.Rollback()
+		response.WriteServerError(w, method, err)
+		return
+	}
+
+	eventing.Record(s, eventing.EventTypePinAdd)
+
+	s.Context.Transaction.Commit()
+
+	newPin, err := GetPin(s, pin.RefID)
+	if err != nil {
+		response.WriteServerError(w, method, err)
+		return
+	}
+
+	response.WriteJSON(w, newPin)
+}
+
+// GetUserPins returns users' pins.
+func (h *Handler) GetUserPins(w http.ResponseWriter, r *http.Request) {
+	method := "pin.GetUserPins"
+	s := domain.NewContext(h.Runtime, r)
+
+	userID := request.Param(r, "userID")
+	if len(userID) == 0 {
+		response.WriteMissingDataError(w, method, "userID")
+		return
+	}
+
+	if !s.Context.Authenticated {
+		response.WriteForbiddenError(w)
+		return
+	}
+
+	pins, err := GetUserPins(s, userID)
+	if err != nil && err != sql.ErrNoRows {
+		response.WriteServerError(w, method, err)
+		return
+	}
+
+	if err == sql.ErrNoRows {
+		pins = []Pin{}
+	}
+
+	response.WriteJSON(w, pins)
+}
+
+// DeleteUserPin removes saved user pin.
+func (h *Handler) DeleteUserPin(w http.ResponseWriter, r *http.Request) {
+	method := "pin.DeleteUserPin"
+	s := domain.NewContext(h.Runtime, r)
+
+	userID := request.Param(r, "userID")
+	if len(userID) == 0 {
+		response.WriteMissingDataError(w, method, "userID")
+		return
+	}
+
+	pinID := request.Param(r, "pinID")
+	if len(pinID) == 0 {
+		response.WriteMissingDataError(w, method, "pinID")
+		return
+	}
+
+	if !h.Runtime.Product.License.IsValid() {
+		response.WriteBadLicense(w)
+		return
+	}
+
+	if s.Context.UserID != userID {
+		response.WriteForbiddenError(w)
+		return
+	}
+
+	var err error
+	s.Context.Transaction, err = h.Runtime.Db.Beginx()
+	if err != nil {
+		response.WriteServerError(w, method, err)
+		return
+	}
+
+	_, err = DeletePin(s, pinID)
+	if err != nil && err != sql.ErrNoRows {
+		s.Context.Transaction.Rollback()
+		response.WriteServerError(w, method, err)
+		return
+	}
+
+	eventing.Record(s, eventing.EventTypePinDelete)
+
+	s.Context.Transaction.Commit()
+
+	response.WriteEmpty(w)
+}
+
+// UpdatePinSequence records order of pinned items.
+func (h *Handler) UpdatePinSequence(w http.ResponseWriter, r *http.Request) {
+	method := "pin.DeleteUserPin"
+	s := domain.NewContext(h.Runtime, r)
+
+	userID := request.Param(r, "userID")
+	if len(userID) == 0 {
+		response.WriteMissingDataError(w, method, "userID")
+		return
+	}
+
+	if !h.Runtime.Product.License.IsValid() {
+		response.WriteBadLicense(w)
+		return
+	}
+
+	if !s.Context.Authenticated {
+		response.WriteForbiddenError(w)
+		return
+	}
+
+	defer r.Body.Close()
+	body, err := ioutil.ReadAll(r.Body)
+	if err != nil {
+		response.WriteBadRequestError(w, method, err.Error())
+		return
+	}
+
+	var pins []string
+
+	err = json.Unmarshal(body, &pins)
+	if err != nil {
+		response.WriteBadRequestError(w, method, err.Error())
+		return
+	}
+
+	s.Context.Transaction, err = h.Runtime.Db.Beginx()
+	if err != nil {
+		response.WriteServerError(w, method, err)
+		return
+	}
+
+	for k, v := range pins {
+		err = UpdatePinSequence(s, v, k+1)
+		if err != nil {
+			s.Context.Transaction.Rollback()
+			response.WriteServerError(w, method, err)
+			return
+		}
+	}
+
+	eventing.Record(s, eventing.EventTypePinResequence)
+
+	s.Context.Transaction.Commit()
+
+	newPins, err := GetUserPins(s, userID)
+	if err != nil {
+		response.WriteServerError(w, method, err)
+		return
+	}
+
+	response.WriteJSON(w, newPins)
+}

domain/pin/model.go

@@ -18,7 +18,7 @@ import (
 
 // Handler contains the runtime information such as logging and database.
 type Handler struct {
-	Runtime env.Runtime
+	Runtime *env.Runtime
 }
 
 // Pin defines a saved link to a document or space

domain/space/endpoint.go

@@ -41,14 +41,14 @@ import (
 // Add creates a new space.
 func (h *Handler) Add(w http.ResponseWriter, r *http.Request) {
 	method := "AddSpace"
-	ctx, s := domain.NewContexts(h.Runtime, r)
+	s := domain.NewContext(h.Runtime, r)
 
 	if !h.Runtime.Product.License.IsValid() {
 		response.WriteBadLicense(w)
 		return
 	}
 
-	if !ctx.Editor {
+	if !s.Context.Editor {
 		response.WriteForbiddenError(w)
 		return
 	}
@@ -72,25 +72,25 @@ func (h *Handler) Add(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	ctx.Transaction, err = h.Runtime.Db.Beginx()
+	s.Context.Transaction, err = h.Runtime.Db.Beginx()
 	if err != nil {
 		response.WriteServerError(w, method, err)
 		return
 	}
 
 	space.RefID = uniqueid.Generate()
-	space.OrgID = ctx.OrgID
+	space.OrgID = s.Context.OrgID
 
 	err = addSpace(s, space)
 	if err != nil {
-		ctx.Transaction.Rollback()
+		s.Context.Transaction.Rollback()
 		response.WriteServerError(w, method, err)
 		return
 	}
 
 	eventing.Record(s, eventing.EventTypeSpaceAdd)
 
-	ctx.Transaction.Commit()
+	s.Context.Transaction.Commit()
 
 	space, _ = Get(s, space.RefID)
 
@@ -100,7 +100,7 @@ func (h *Handler) Add(w http.ResponseWriter, r *http.Request) {
 // Get returns the requested space.
 func (h *Handler) Get(w http.ResponseWriter, r *http.Request) {
 	method := "Get"
-	_, s := domain.NewContexts(h.Runtime, r)
+	s := domain.NewContext(h.Runtime, r)
 
 	id := request.Param(r, "folderID")
 	if len(id) == 0 {
@@ -124,7 +124,7 @@ func (h *Handler) Get(w http.ResponseWriter, r *http.Request) {
 // GetAll returns spaces the user can see.
 func (h *Handler) GetAll(w http.ResponseWriter, r *http.Request) {
 	method := "GetAll"
-	_, s := domain.NewContexts(h.Runtime, r)
+	s := domain.NewContext(h.Runtime, r)
 
 	sp, err := GetAll(s)
 	if err != nil && err != sql.ErrNoRows {
@@ -142,7 +142,7 @@ func (h *Handler) GetAll(w http.ResponseWriter, r *http.Request) {
 // GetSpaceViewers returns the users that can see the shared spaces.
 func (h *Handler) GetSpaceViewers(w http.ResponseWriter, r *http.Request) {
 	method := "GetSpaceViewers"
-	_, s := domain.NewContexts(h.Runtime, r)
+	s := domain.NewContext(h.Runtime, r)
 
 	v, err := Viewers(s)
 	if err != nil && err != sql.ErrNoRows {
@@ -160,9 +160,9 @@ func (h *Handler) GetSpaceViewers(w http.ResponseWriter, r *http.Request) {
 // Update processes request to save space object to the database
 func (h *Handler) Update(w http.ResponseWriter, r *http.Request) {
 	method := "space.Update"
-	ctx, s := domain.NewContexts(h.Runtime, r)
+	s := domain.NewContext(h.Runtime, r)
 
-	if !ctx.Editor {
+	if !s.Context.Editor {
 		response.WriteForbiddenError(w)
 		return
 	}
@@ -194,7 +194,7 @@ func (h *Handler) Update(w http.ResponseWriter, r *http.Request) {
 
 	sp.RefID = folderID
 
-	ctx.Transaction, err = h.Runtime.Db.Beginx()
+	s.Context.Transaction, err = h.Runtime.Db.Beginx()
 	if err != nil {
 		response.WriteServerError(w, method, err)
 		return
@@ -202,14 +202,14 @@ func (h *Handler) Update(w http.ResponseWriter, r *http.Request) {
 
 	err = Update(s, sp)
 	if err != nil {
-		ctx.Transaction.Rollback()
+		s.Context.Transaction.Rollback()
 		response.WriteServerError(w, method, err)
 		return
 	}
 
 	eventing.Record(s, eventing.EventTypeSpaceUpdate)
 
-	ctx.Transaction.Commit()
+	s.Context.Transaction.Commit()
 
 	response.WriteJSON(w, sp)
 }
@@ -217,14 +217,14 @@ func (h *Handler) Update(w http.ResponseWriter, r *http.Request) {
 // Remove moves documents to another folder before deleting it
 func (h *Handler) Remove(w http.ResponseWriter, r *http.Request) {
 	method := "space.Remove"
-	ctx, s := domain.NewContexts(h.Runtime, r)
+	s := domain.NewContext(h.Runtime, r)
 
 	if !h.Runtime.Product.License.IsValid() {
 		response.WriteBadLicense(w)
 		return
 	}
 
-	if !ctx.Editor {
+	if !s.Context.Editor {
 		response.WriteForbiddenError(w)
 		return
 	}
@@ -242,7 +242,7 @@ func (h *Handler) Remove(w http.ResponseWriter, r *http.Request) {
 	}
 
 	var err error
-	ctx.Transaction, err = h.Runtime.Db.Beginx()
+	s.Context.Transaction, err = h.Runtime.Db.Beginx()
 	if err != nil {
 		response.WriteServerError(w, method, err)
 		return
@@ -250,35 +250,35 @@ func (h *Handler) Remove(w http.ResponseWriter, r *http.Request) {
 
 	_, err = Delete(s, id)
 	if err != nil {
-		ctx.Transaction.Rollback()
+		s.Context.Transaction.Rollback()
 		response.WriteServerError(w, method, err)
 		return
 	}
 
 	err = document.MoveDocumentSpace(s, id, move)
 	if err != nil {
-		ctx.Transaction.Rollback()
+		s.Context.Transaction.Rollback()
 		response.WriteServerError(w, method, err)
 		return
 	}
 
 	err = MoveSpaceRoles(s, id, move)
 	if err != nil {
-		ctx.Transaction.Rollback()
+		s.Context.Transaction.Rollback()
 		response.WriteServerError(w, method, err)
 		return
 	}
 
 	_, err = pin.DeletePinnedSpace(s, id)
 	if err != nil && err != sql.ErrNoRows {
-		ctx.Transaction.Rollback()
+		s.Context.Transaction.Rollback()
 		response.WriteServerError(w, method, err)
 		return
 	}
 
 	eventing.Record(s, eventing.EventTypeSpaceDelete)
 
-	ctx.Transaction.Commit()
+	s.Context.Transaction.Commit()
 
 	response.WriteEmpty(w)
 }
@@ -286,14 +286,14 @@ func (h *Handler) Remove(w http.ResponseWriter, r *http.Request) {
 // Delete deletes empty space.
 func (h *Handler) Delete(w http.ResponseWriter, r *http.Request) {
 	method := "space.Delete"
-	ctx, s := domain.NewContexts(h.Runtime, r)
+	s := domain.NewContext(h.Runtime, r)
 
 	if !h.Runtime.Product.License.IsValid() {
 		response.WriteBadLicense(w)
 		return
 	}
 
-	if !ctx.Editor {
+	if !s.Context.Editor {
 		response.WriteForbiddenError(w)
 		return
 	}
@@ -305,7 +305,7 @@ func (h *Handler) Delete(w http.ResponseWriter, r *http.Request) {
 	}
 
 	var err error
-	ctx.Transaction, err = h.Runtime.Db.Beginx()
+	s.Context.Transaction, err = h.Runtime.Db.Beginx()
 	if err != nil {
 		response.WriteServerError(w, method, err)
 		return
@@ -313,37 +313,37 @@ func (h *Handler) Delete(w http.ResponseWriter, r *http.Request) {
 
 	_, err = Delete(s, id)
 	if err != nil {
-		ctx.Transaction.Rollback()
+		s.Context.Transaction.Rollback()
 		response.WriteServerError(w, method, err)
 		return
 	}
 
 	_, err = DeleteSpaceRoles(s, id)
 	if err != nil {
-		ctx.Transaction.Rollback()
+		s.Context.Transaction.Rollback()
 		response.WriteServerError(w, method, err)
 		return
 	}
 
 	_, err = pin.DeletePinnedSpace(s, id)
 	if err != nil && err != sql.ErrNoRows {
-		ctx.Transaction.Rollback()
+		s.Context.Transaction.Rollback()
 		response.WriteServerError(w, method, err)
 		return
 	}
 
 	eventing.Record(s, eventing.EventTypeSpaceDelete)
 
-	ctx.Transaction.Commit()
+	s.Context.Transaction.Commit()
 	response.WriteEmpty(w)
 }
 
 // SetPermissions persists specified spac3 permissions
 func (h *Handler) SetPermissions(w http.ResponseWriter, r *http.Request) {
 	method := "space.SetPermissions"
-	ctx, s := domain.NewContexts(h.Runtime, r)
+	s := domain.NewContext(h.Runtime, r)
 
-	if !ctx.Editor {
+	if !s.Context.Editor {
 		response.WriteForbiddenError(w)
 		return
 	}
@@ -379,7 +379,7 @@ func (h *Handler) SetPermissions(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	ctx.Transaction, err = h.Runtime.Db.Beginx()
+	s.Context.Transaction, err = h.Runtime.Db.Beginx()
 	if err != nil {
 		response.WriteServerError(w, method, err)
 		return
@@ -389,7 +389,7 @@ func (h *Handler) SetPermissions(w http.ResponseWriter, r *http.Request) {
 	// Why? So we can send out folder invitation emails.
 	previousRoles, err := GetRoles(s, id)
 	if err != nil {
-		ctx.Transaction.Rollback()
+		s.Context.Transaction.Rollback()
 		response.WriteServerError(w, method, err)
 		return
 	}
@@ -404,7 +404,7 @@ func (h *Handler) SetPermissions(w http.ResponseWriter, r *http.Request) {
 	// Who is sharing this folder?
 	inviter, err := user.Get(s, s.Context.UserID)
 	if err != nil {
-		ctx.Transaction.Rollback()
+		s.Context.Transaction.Rollback()
 		response.WriteServerError(w, method, err)
 		return
 	}
@@ -412,7 +412,7 @@ func (h *Handler) SetPermissions(w http.ResponseWriter, r *http.Request) {
 	// Nuke all previous permissions for this folder
 	_, err = DeleteSpaceRoles(s, id)
 	if err != nil {
-		ctx.Transaction.Rollback()
+		s.Context.Transaction.Rollback()
 		response.WriteServerError(w, method, err)
 		return
 	}
@@ -479,7 +479,7 @@ func (h *Handler) SetPermissions(w http.ResponseWriter, r *http.Request) {
 
 		err = AddRole(s, role)
 		if err != nil {
-			ctx.Transaction.Rollback()
+			s.Context.Transaction.Rollback()
 			response.WriteServerError(w, method, err)
 			return
 		}
@@ -498,14 +498,14 @@ func (h *Handler) SetPermissions(w http.ResponseWriter, r *http.Request) {
 
 	err = Update(s, sp)
 	if err != nil {
-		ctx.Transaction.Rollback()
+		s.Context.Transaction.Rollback()
 		response.WriteServerError(w, method, err)
 		return
 	}
 
 	eventing.Record(s, eventing.EventTypeSpacePermission)
 
-	ctx.Transaction.Commit()
+	s.Context.Transaction.Commit()
 
 	response.WriteEmpty(w)
 }
@@ -513,7 +513,7 @@ func (h *Handler) SetPermissions(w http.ResponseWriter, r *http.Request) {
 // GetPermissions returns user permissions for the requested folder.
 func (h *Handler) GetPermissions(w http.ResponseWriter, r *http.Request) {
 	method := "space.GetPermissions"
-	_, s := domain.NewContexts(h.Runtime, r)
+	s := domain.NewContext(h.Runtime, r)
 
 	folderID := request.Param(r, "folderID")
 	if len(folderID) == 0 {
@@ -537,7 +537,7 @@ func (h *Handler) GetPermissions(w http.ResponseWriter, r *http.Request) {
 // AcceptInvitation records the fact that a user has completed space onboard process.
 func (h *Handler) AcceptInvitation(w http.ResponseWriter, r *http.Request) {
 	method := "space.AcceptInvitation"
-	ctx, s := domain.NewContexts(h.Runtime, r)
+	s := domain.NewContext(h.Runtime, r)
 
 	folderID := request.Param(r, "folderID")
 	if len(folderID) == 0 {
@@ -545,14 +545,13 @@ func (h *Handler) AcceptInvitation(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	org, err := organization.GetOrganizationByDomain(s, ctx.Subdomain)
+	org, err := organization.GetOrganizationByDomain(s, s.Context.Subdomain)
 	if err != nil {
 		response.WriteServerError(w, method, err)
 		return
 	}
 
 	// AcceptShare does not authenticate the user hence the context needs to set up
-	ctx.OrgID = org.RefID
 	s.Context.OrgID = org.RefID
 
 	defer streamutil.Close(r.Body)
@@ -581,14 +580,13 @@ func (h *Handler) AcceptInvitation(w http.ResponseWriter, r *http.Request) {
 	}
 
 	// AcceptShare does not authenticate the user hence the context needs to set up
-	ctx.UserID = u.RefID
 	s.Context.UserID = u.RefID
 
 	u.Firstname = model.Firstname
 	u.Lastname = model.Lastname
 	u.Initials = stringutil.MakeInitials(u.Firstname, u.Lastname)
 
-	ctx.Transaction, err = h.Runtime.Db.Beginx()
+	s.Context.Transaction, err = h.Runtime.Db.Beginx()
 	if err != nil {
 		response.WriteServerError(w, method, err)
 		return
@@ -596,7 +594,7 @@ func (h *Handler) AcceptInvitation(w http.ResponseWriter, r *http.Request) {
 
 	err = user.UpdateUser(s, u)
 	if err != nil {
-		ctx.Transaction.Rollback()
+		s.Context.Transaction.Rollback()
 		response.WriteServerError(w, method, err)
 		return
 	}
@@ -605,14 +603,14 @@ func (h *Handler) AcceptInvitation(w http.ResponseWriter, r *http.Request) {
 
 	err = user.UpdateUserPassword(s, u.RefID, salt, secrets.GeneratePassword(model.Password, salt))
 	if err != nil {
-		ctx.Transaction.Rollback()
+		s.Context.Transaction.Rollback()
 		response.WriteServerError(w, method, err)
 		return
 	}
 
 	eventing.Record(s, eventing.EventTypeSpaceJoin)
 
-	ctx.Transaction.Commit()
+	s.Context.Transaction.Commit()
 
 	response.WriteJSON(w, u)
 }
@@ -620,7 +618,7 @@ func (h *Handler) AcceptInvitation(w http.ResponseWriter, r *http.Request) {
 // Invite sends users folder invitation emails.
 func (h *Handler) Invite(w http.ResponseWriter, r *http.Request) {
 	method := "space.Invite"
-	ctx, s := domain.NewContexts(h.Runtime, r)
+	s := domain.NewContext(h.Runtime, r)
 
 	id := request.Param(r, "folderID")
 	if len(id) == 0 {
@@ -653,13 +651,13 @@ func (h *Handler) Invite(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	ctx.Transaction, err = h.Runtime.Db.Beginx()
+	s.Context.Transaction, err = h.Runtime.Db.Beginx()
 	if err != nil {
 		response.WriteServerError(w, method, err)
 		return
 	}
 
-	inviter, err := user.Get(s, ctx.UserID)
+	inviter, err := user.Get(s, s.Context.UserID)
 	if err != nil {
 		response.WriteServerError(w, method, err)
 		return
@@ -668,7 +666,7 @@ func (h *Handler) Invite(w http.ResponseWriter, r *http.Request) {
 	for _, email := range model.Recipients {
 		u, err := user.GetByEmail(s, email)
 		if err != nil && err != sql.ErrNoRows {
-			ctx.Transaction.Rollback()
+			s.Context.Transaction.Rollback()
 			response.WriteServerError(w, method, err)
 			return
 		}
@@ -677,7 +675,7 @@ func (h *Handler) Invite(w http.ResponseWriter, r *http.Request) {
 			// Ensure they have access to this organization
 			accounts, err2 := account.GetUserAccounts(s, u.RefID)
 			if err2 != nil {
-				ctx.Transaction.Rollback()
+				s.Context.Transaction.Rollback()
 				response.WriteServerError(w, method, err)
 				return
 			}
@@ -702,7 +700,7 @@ func (h *Handler) Invite(w http.ResponseWriter, r *http.Request) {
 
 				err = account.Add(s, a)
 				if err != nil {
-					ctx.Transaction.Rollback()
+					s.Context.Transaction.Rollback()
 					response.WriteServerError(w, method, err)
 					return
 				}
@@ -713,7 +711,7 @@ func (h *Handler) Invite(w http.ResponseWriter, r *http.Request) {
 
 			role := Role{}
 			role.LabelID = sp.RefID
-			role.OrgID = ctx.OrgID
+			role.OrgID = s.Context.OrgID
 			role.UserID = u.RefID
 			role.CanEdit = false
 			role.CanView = true
@@ -722,23 +720,23 @@ func (h *Handler) Invite(w http.ResponseWriter, r *http.Request) {
 
 			err = AddRole(s, role)
 			if err != nil {
-				ctx.Transaction.Rollback()
+				s.Context.Transaction.Rollback()
 				response.WriteServerError(w, method, err)
 				return
 			}
 
-			url := ctx.GetAppURL(fmt.Sprintf("s/%s/%s", sp.RefID, stringutil.MakeSlug(sp.Name)))
+			url := s.Context.GetAppURL(fmt.Sprintf("s/%s/%s", sp.RefID, stringutil.MakeSlug(sp.Name)))
 			go mail.ShareFolderExistingUser(email, inviter.Fullname(), url, sp.Name, model.Message)
 
 			h.Runtime.Log.Info(fmt.Sprintf("%s is sharing space %s with existing user %s", inviter.Email, sp.Name, email))
 		} else {
 			// On-board new user
 			if strings.Contains(email, "@") {
-				url := ctx.GetAppURL(fmt.Sprintf("auth/share/%s/%s", sp.RefID, stringutil.MakeSlug(sp.Name)))
+				url := s.Context.GetAppURL(fmt.Sprintf("auth/share/%s/%s", sp.RefID, stringutil.MakeSlug(sp.Name)))
 				err = inviteNewUserToSharedSpace(s, email, inviter, url, sp, model.Message)
 
 				if err != nil {
-					ctx.Transaction.Rollback()
+					s.Context.Transaction.Rollback()
 					response.WriteServerError(w, method, err)
 					return
 				}
@@ -754,7 +752,7 @@ func (h *Handler) Invite(w http.ResponseWriter, r *http.Request) {
 
 		err = Update(s, sp)
 		if err != nil {
-			ctx.Transaction.Rollback()
+			s.Context.Transaction.Rollback()
 			response.WriteServerError(w, method, err)
 			return
 		}
@@ -762,7 +760,7 @@ func (h *Handler) Invite(w http.ResponseWriter, r *http.Request) {
 
 	eventing.Record(s, eventing.EventTypeSpaceInvite)
 
-	ctx.Transaction.Commit()
+	s.Context.Transaction.Commit()
 
 	response.WriteEmpty(w)
 }

domain/space/model.go

@@ -20,7 +20,7 @@ import (
 
 // Handler contains the runtime information such as logging and database.
 type Handler struct {
-	Runtime env.Runtime
+	Runtime *env.Runtime
 }
 
 // Space defines a container for documents.

domain/user/model.go

@@ -21,7 +21,7 @@ import (
 
 // Handler contains the runtime information such as logging and database.
 type Handler struct {
-	Runtime env.Runtime
+	Runtime *env.Runtime
 }
 
 // User defines a login.

edition/community.go

@@ -65,5 +65,5 @@ func main() {
 	section.Register(rt)
 
 	ready := make(chan struct{}, 1) // channel signals router ready
-	server.Start(rt, ready)
+	server.Start(&rt, ready)
 }

server/middleware.go

@@ -28,7 +28,7 @@ import (
 )
 
 type middleware struct {
-	Runtime env.Runtime
+	Runtime *env.Runtime
 }
 
 func (m *middleware) cors(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
@@ -194,7 +194,7 @@ func (m *middleware) Authorize(w http.ResponseWriter, r *http.Request, next http
 
 // Certain assets/URL do not require authentication.
 // Just stops the log files being clogged up with failed auth errors.
-func preAuthorizeStaticAssets(rt env.Runtime, r *http.Request) bool {
+func preAuthorizeStaticAssets(rt *env.Runtime, r *http.Request) bool {
 	if strings.ToLower(r.URL.Path) == "/" ||
 		strings.ToLower(r.URL.Path) == "/validate" ||
 		strings.ToLower(r.URL.Path) == "/favicon.ico" ||

server/routing/entries.go

@@ -21,7 +21,7 @@ import (
 )
 
 // RegisterEndpoints register routes for serving API endpoints
-func RegisterEndpoints(rt env.Runtime) {
+func RegisterEndpoints(rt *env.Runtime) {
 	//**************************************************
 	// Non-secure routes
 	//**************************************************

server/routing/table.go

@@ -62,7 +62,7 @@ func (s routeSorter) Less(i, j int) bool {
 	return s[i].ord < s[j].ord
 }
 
-func routesKey(rt env.Runtime, prefix, path string, methods, queries []string) (string, error) {
+func routesKey(rt *env.Runtime, prefix, path string, methods, queries []string) (string, error) {
 	rd := routeDef{
 		Prefix:  prefix,
 		Path:    path,
@@ -79,7 +79,7 @@ func routesKey(rt env.Runtime, prefix, path string, methods, queries []string) (
 }
 
 // Add an endpoint to those that will be processed when Serve() is called.
-func Add(rt env.Runtime, prefix, path string, methods, queries []string, endPtFn RouteFunc) error {
+func Add(rt *env.Runtime, prefix, path string, methods, queries []string, endPtFn RouteFunc) error {
 	k, e := routesKey(rt, prefix, path, methods, queries)
 	if e != nil {
 		return e
@@ -89,7 +89,7 @@ func Add(rt env.Runtime, prefix, path string, methods, queries []string, endPtFn
 }
 
 // Remove an endpoint.
-func Remove(rt env.Runtime, prefix, path string, methods, queries []string) error {
+func Remove(rt *env.Runtime, prefix, path string, methods, queries []string) error {
 	k, e := routesKey(rt, prefix, path, methods, queries)
 	if e != nil {
 		return e
@@ -99,7 +99,7 @@ func Remove(rt env.Runtime, prefix, path string, methods, queries []string) erro
 }
 
 // BuildRoutes returns all matching routes for specified scope.
-func BuildRoutes(rt env.Runtime, prefix string) *mux.Router {
+func BuildRoutes(rt *env.Runtime, prefix string) *mux.Router {
 	var rs routeSorter
 	for k, v := range routes {
 		var rd routeDef

server/server.go

@@ -30,7 +30,7 @@ import (
 var testHost string // used during automated testing
 
 // Start router to handle all HTTP traffic.
-func Start(rt env.Runtime, ready chan struct{}) {
+func Start(rt *env.Runtime, ready chan struct{}) {
 
 	err := plugins.LibSetup()
 	if err != nil {