feat: improvements to response payloads

Author: evansims

crates/inferadb-control-api/src/handlers/clients.rs

@@ -32,6 +32,8 @@ fn client_to_detail(client: Client) -> ClientDetail {
     ClientDetail {
         id: client.id,
         name: client.name,
+        description: client.description,
+        vault_id: client.vault_id,
         is_active: client.deleted_at.is_none(),
         organization_id: client.organization_id,
         created_at: client.created_at.to_rfc3339(),
@@ -77,8 +79,14 @@ pub async fn create_client(
     let client_id = IdGenerator::next_id();
 
     // Create client entity
-    let client =
-        Client::new(client_id, org_ctx.organization_id, payload.name, org_ctx.member.user_id)?;
+    let client = Client::new(
+        client_id,
+        org_ctx.organization_id,
+        payload.vault_id,
+        payload.name,
+        payload.description,
+        org_ctx.member.user_id,
+    )?;
 
     // Save to repository
     repos.client.create(client.clone()).await?;
@@ -89,7 +97,8 @@ pub async fn create_client(
             client: ClientInfo {
                 id: client.id,
                 name: client.name.clone(),
-                description: payload.description.unwrap_or_default(),
+                description: client.description,
+                vault_id: client.vault_id,
                 is_active: client.deleted_at.is_none(),
                 organization_id: client.organization_id,
                 created_at: client.created_at.to_rfc3339(),
@@ -186,14 +195,23 @@ pub async fn update_client(
         return Err(CoreError::NotFound("Client not found".to_string()).into());
     }
 
-    // Validate and update name
-    Client::validate_name(&payload.name)?;
-    client.name = payload.name.clone();
+    // Update fields if provided
+    if let Some(name) = payload.name {
+        client.set_name(name)?;
+    }
+    if let Some(description) = payload.description {
+        client.set_description(description);
+    }
+    if let Some(vault_id) = payload.vault_id {
+        client.set_vault_id(Some(vault_id));
+    }
 
     // Save changes
     repos.client.update(client.clone()).await?;
 
-    Ok(Json(UpdateClientResponse { id: client.id, name: client.name }))
+    Ok(Json(UpdateClientResponse {
+        client: client_to_detail(client),
+    }))
 }
 
 /// Delete a client (soft delete)

crates/inferadb-control-api/src/handlers/teams.rs

@@ -30,12 +30,23 @@ fn team_to_response(team: OrganizationTeam) -> TeamResponse {
     TeamResponse {
         id: team.id,
         name: team.name,
+        description: team.description,
         organization_id: team.organization_id,
         created_at: team.created_at.to_rfc3339(),
         deleted_at: team.deleted_at.map(|dt| dt.to_rfc3339()),
     }
 }
 
+fn team_to_info(team: OrganizationTeam) -> TeamInfo {
+    TeamInfo {
+        id: team.id,
+        name: team.name,
+        description: team.description,
+        organization_id: team.organization_id,
+        created_at: team.created_at.to_rfc3339(),
+    }
+}
+
 fn team_member_to_response(member: OrganizationTeamMember) -> TeamMemberResponse {
     TeamMemberResponse {
         id: member.id,
@@ -96,7 +107,7 @@ pub async fn create_team(
 
     // Generate ID and create team
     let team_id = IdGenerator::next_id();
-    let team = OrganizationTeam::new(team_id, org_ctx.organization_id, payload.name)?;
+    let team = OrganizationTeam::new(team_id, org_ctx.organization_id, payload.name, payload.description)?;
 
     // Store team
     repos.org_team.create(team.clone()).await?;
@@ -106,8 +117,8 @@ pub async fn create_team(
         Json(CreateTeamResponse {
             team: TeamInfo {
                 id: team.id,
-                name: team.name,
-                description: payload.description.unwrap_or_default(),
+                name: team.name.clone(),
+                description: team.description,
                 organization_id: team.organization_id,
                 created_at: team.created_at.to_rfc3339(),
             },
@@ -232,11 +243,16 @@ pub async fn update_team(
         .into());
     }
 
-    // Update team name
-    team.set_name(payload.name)?;
+    // Update team fields
+    if let Some(name) = payload.name {
+        team.set_name(name)?;
+    }
+    if let Some(description) = payload.description {
+        team.set_description(description);
+    }
     repos.org_team.update(team.clone()).await?;
 
-    Ok(Json(UpdateTeamResponse { id: team.id, name: team.name }))
+    Ok(Json(UpdateTeamResponse { team: team_to_info(team) }))
 }
 
 /// Delete a team

crates/inferadb-control-api/src/handlers/vaults.rs

@@ -11,7 +11,7 @@ use inferadb_control_types::{
         ListTeamGrantsResponse, ListUserGrantsResponse, ListVaultsResponse, TeamGrantInfo,
         TeamGrantResponse, UpdateTeamGrantRequest, UpdateTeamGrantResponse, UpdateUserGrantRequest,
         UpdateUserGrantResponse, UpdateVaultRequest, UpdateVaultResponse, UserGrantInfo,
-        UserGrantResponse, VaultDetail, VaultInfo, VaultResponse,
+        UserGrantResponse, VaultInfo, VaultResponse,
     },
     entities::{Vault, VaultRole, VaultTeamGrant, VaultUserGrant},
 };
@@ -32,8 +32,9 @@ fn vault_to_response(vault: Vault) -> VaultResponse {
     VaultResponse {
         id: vault.id,
         name: vault.name,
+        description: vault.description,
         organization_id: vault.organization_id,
-        sync_status: format!("{:?}", vault.sync_status),
+        sync_status: vault.sync_status,
         sync_error: vault.sync_error,
         created_at: vault.created_at.to_rfc3339(),
         updated_at: vault.updated_at.to_rfc3339(),
@@ -104,7 +105,7 @@ pub async fn create_vault(
 
     // Create vault entity (starts with PENDING sync status)
     let mut vault =
-        Vault::new(vault_id, org_ctx.organization_id, payload.name, org_ctx.member.user_id)?;
+        Vault::new(vault_id, org_ctx.organization_id, payload.name, payload.description.clone(), org_ctx.member.user_id)?;
 
     // Save to repository
     repos.vault.create(vault.clone()).await?;
@@ -141,7 +142,7 @@ pub async fn create_vault(
             vault: VaultInfo {
                 id: vault.id,
                 name: vault.name,
-                description: payload.description.unwrap_or_default(),
+                description: vault.description,
                 organization_id: vault.organization_id,
                 sync_status: vault.sync_status,
                 created_at: vault.created_at.to_rfc3339(),
@@ -300,6 +301,11 @@ pub async fn update_vault(
     Vault::validate_name(&payload.name)?;
     vault.name = payload.name.clone();
 
+    // Update description if provided
+    if let Some(desc) = payload.description.clone() {
+        vault.description = desc;
+    }
+
     // Save changes
     repos.vault.update(vault.clone()).await?;
 
@@ -309,10 +315,13 @@ pub async fn update_vault(
     }
 
     Ok(Json(UpdateVaultResponse {
-        vault: VaultDetail {
+        vault: VaultInfo {
             id: vault.id,
             name: vault.name,
-            description: payload.description.unwrap_or_default(),
+            description: vault.description,
+            organization_id: vault.organization_id,
+            sync_status: vault.sync_status,
+            created_at: vault.created_at.to_rfc3339(),
         },
     }))
 }

crates/inferadb-control-api/src/middleware/permission.rs

@@ -245,7 +245,7 @@ mod tests {
 
         // Create a team with a permission
         let team_repo = OrganizationTeamRepository::new(memory.clone());
-        let team = OrganizationTeam::new(1, 1, "Test Team".to_string()).unwrap();
+        let team = OrganizationTeam::new(1, 1, "Test Team".to_string(), None).unwrap();
         team_repo.create(team).await.unwrap();
 
         // Add user to team
@@ -296,7 +296,7 @@ mod tests {
 
         // Create a team with CLIENT_MANAGE permission
         let team_repo = OrganizationTeamRepository::new(memory.clone());
-        let team = OrganizationTeam::new(1, 1, "Test Team".to_string()).unwrap();
+        let team = OrganizationTeam::new(1, 1, "Test Team".to_string(), None).unwrap();
         team_repo.create(team).await.unwrap();
 
         let member_repo = OrganizationTeamMemberRepository::new(memory.clone());

crates/inferadb-control-api/tests/security_authorization_tests.rs

@@ -513,7 +513,7 @@ async fn test_member_cannot_delete_vault() {
 
     // Create a vault
     let vault_repo = VaultRepository::new((*state.storage).clone());
-    let vault = Vault::new(5000, org.id, "Test Vault".to_string(), 100).unwrap();
+    let vault = Vault::new(5000, org.id, "Test Vault".to_string(), None, 100).unwrap();
     vault_repo.create(vault.clone()).await.unwrap();
 
     // Setup member

crates/inferadb-control-api/tests/security_isolation_tests.rs

@@ -63,7 +63,7 @@ async fn test_cross_organization_vault_access_denied() {
 
     // Create a vault in Organization B
     let vault_repo = VaultRepository::new((*state.storage).clone());
-    let vault_b = Vault::new(5000, org_b.id, "Vault B".to_string(), 200).unwrap();
+    let vault_b = Vault::new(5000, org_b.id, "Vault B".to_string(), None, 200).unwrap();
     vault_repo.create(vault_b.clone()).await.unwrap();
 
     // User A tries to access Organization B's vault
@@ -100,7 +100,7 @@ async fn test_cross_organization_client_access_denied() {
 
     // Create a client in Organization B
     let client_repo = ClientRepository::new((*state.storage).clone());
-    let client_b = Client::new(6000, org_b.id, "Client B".to_string(), 200).unwrap();
+    let client_b = Client::new(6000, org_b.id, None, "Client B".to_string(), None, 200).unwrap();
     client_repo.create(client_b.clone()).await.unwrap();
 
     // User A tries to access Organization B's client
@@ -135,7 +135,7 @@ async fn test_cross_organization_team_access_denied() {
 
     // Create a team in Organization B
     let team_repo = OrganizationTeamRepository::new((*state.storage).clone());
-    let team_b = OrganizationTeam::new(7000, org_b.id, "Team B".to_string()).unwrap();
+    let team_b = OrganizationTeam::new(7000, org_b.id, "Team B".to_string(), None).unwrap();
     team_repo.create(team_b.clone()).await.unwrap();
 
     // User A tries to access Organization B's team
@@ -170,7 +170,7 @@ async fn test_cannot_modify_other_organization_resources() {
 
     // Create a vault in Organization B
     let vault_repo = VaultRepository::new((*state.storage).clone());
-    let vault_b = Vault::new(5000, org_b.id, "Vault B".to_string(), 200).unwrap();
+    let vault_b = Vault::new(5000, org_b.id, "Vault B".to_string(), None, 200).unwrap();
     vault_repo.create(vault_b.clone()).await.unwrap();
 
     // User A tries to update Organization B's vault
@@ -211,7 +211,7 @@ async fn test_cannot_delete_other_organization_resources() {
 
     // Create a client in Organization B
     let client_repo = ClientRepository::new((*state.storage).clone());
-    let client_b = Client::new(6000, org_b.id, "Client B".to_string(), 200).unwrap();
+    let client_b = Client::new(6000, org_b.id, None, "Client B".to_string(), None, 200).unwrap();
     client_repo.create(client_b.clone()).await.unwrap();
 
     // User A tries to delete Organization B's client
@@ -277,18 +277,18 @@ async fn test_vault_jwt_isolation() {
     let (_, _session_a, org_a, _) = setup_user_and_org(&state, 100, 1, 1000, 10000, "userA").await;
 
     let vault_repo = VaultRepository::new((*state.storage).clone());
-    let vault_a = Vault::new(5000, org_a.id, "Vault A".to_string(), 100).unwrap();
+    let vault_a = Vault::new(5000, org_a.id, "Vault A".to_string(), None, 100).unwrap();
     vault_repo.create(vault_a.clone()).await.unwrap();
 
     // Setup Organization B with vault
     let (_, _session_b, org_b, _) = setup_user_and_org(&state, 200, 2, 2000, 20000, "userB").await;
 
-    let vault_b = Vault::new(6000, org_b.id, "Vault B".to_string(), 200).unwrap();
+    let vault_b = Vault::new(6000, org_b.id, "Vault B".to_string(), None, 200).unwrap();
     vault_repo.create(vault_b.clone()).await.unwrap();
 
     // Create a client in Organization A
     let client_repo = ClientRepository::new((*state.storage).clone());
-    let client_a = Client::new(7000, org_a.id, "Client A".to_string(), 100).unwrap();
+    let client_a = Client::new(7000, org_a.id, None, "Client A".to_string(), None, 100).unwrap();
     client_repo.create(client_a.clone()).await.unwrap();
 
     // Create a certificate for the client

crates/inferadb-control-config/src/lib.rs

@@ -192,6 +192,13 @@ pub struct EmailConfig {
     /// From display name
     #[serde(default = "default_email_name")]
     pub name: String,
+
+    /// Allow insecure (unencrypted) SMTP connections.
+    ///
+    /// **WARNING**: Only enable this for local development/testing with tools like Mailpit.
+    /// Never enable in production as it transmits credentials in plain text.
+    #[serde(default)]
+    pub insecure: bool,
 }
 
 /// Rate limits configuration
@@ -374,6 +381,7 @@ impl Default for ControlConfig {
                 password: None,
                 address: "noreply@inferadb.com".to_string(),
                 name: default_email_name(),
+                insecure: false,
             },
             limits: LimitsConfig {
                 login_attempts_per_ip_per_hour: default_login_attempts_per_ip_per_hour(),

crates/inferadb-control-core/src/lib.rs

@@ -28,7 +28,7 @@ pub use crypto::{MasterKey, PrivateKeyEncryptor, keypair};
 pub use email::{
     EmailSender, EmailService, EmailTemplate, InvitationAcceptedEmailTemplate,
     InvitationEmailTemplate, MockEmailSender, OrganizationDeletionWarningEmailTemplate,
-    PasswordResetEmailTemplate, RoleChangeEmailTemplate, SmtpEmailService,
+    PasswordResetEmailTemplate, RoleChangeEmailTemplate, SmtpConfig, SmtpEmailService,
     VerificationEmailTemplate,
 };
 pub use id::{IdGenerator, WorkerRegistry, acquire_worker_id};

crates/inferadb-control-core/src/repository/client.rs

@@ -245,7 +245,7 @@ mod tests {
     }
 
     fn create_test_client(id: i64, org_id: i64, name: &str) -> Result<Client> {
-        Client::new(id, org_id, name.to_string(), 999)
+        Client::new(id, org_id, None, name.to_string(), None, 999)
     }
 
     #[tokio::test]

crates/inferadb-control-core/src/repository/team.rs

@@ -690,7 +690,7 @@ mod tests {
         let storage = MemoryBackend::new();
         let repo = OrganizationTeamRepository::new(storage);
 
-        let team = OrganizationTeam::new(1, 100, "Engineering".to_string()).unwrap();
+        let team = OrganizationTeam::new(1, 100, "Engineering".to_string(), None).unwrap();
         repo.create(team.clone()).await.unwrap();
 
         let retrieved = repo.get(1).await.unwrap().unwrap();
@@ -704,10 +704,10 @@ mod tests {
         let storage = MemoryBackend::new();
         let repo = OrganizationTeamRepository::new(storage);
 
-        let team1 = OrganizationTeam::new(1, 100, "Engineering".to_string()).unwrap();
+        let team1 = OrganizationTeam::new(1, 100, "Engineering".to_string(), None).unwrap();
         repo.create(team1).await.unwrap();
 
-        let team2 = OrganizationTeam::new(2, 100, "Engineering".to_string()).unwrap();
+        let team2 = OrganizationTeam::new(2, 100, "Engineering".to_string(), None).unwrap();
         let result = repo.create(team2).await;
         assert!(result.is_err());
     }
@@ -717,9 +717,9 @@ mod tests {
         let storage = MemoryBackend::new();
         let repo = OrganizationTeamRepository::new(storage);
 
-        let team1 = OrganizationTeam::new(1, 100, "Engineering".to_string()).unwrap();
-        let team2 = OrganizationTeam::new(2, 100, "Sales".to_string()).unwrap();
-        let team3 = OrganizationTeam::new(3, 200, "Other".to_string()).unwrap();
+        let team1 = OrganizationTeam::new(1, 100, "Engineering".to_string(), None).unwrap();
+        let team2 = OrganizationTeam::new(2, 100, "Sales".to_string(), None).unwrap();
+        let team3 = OrganizationTeam::new(3, 200, "Other".to_string(), None).unwrap();
 
         repo.create(team1).await.unwrap();
         repo.create(team2).await.unwrap();
@@ -734,7 +734,7 @@ mod tests {
         let storage = MemoryBackend::new();
         let repo = OrganizationTeamRepository::new(storage);
 
-        let mut team = OrganizationTeam::new(1, 100, "Old Name".to_string()).unwrap();
+        let mut team = OrganizationTeam::new(1, 100, "Old Name".to_string(), None).unwrap();
         repo.create(team.clone()).await.unwrap();
 
         team.set_name("New Name".to_string()).unwrap();
@@ -749,7 +749,7 @@ mod tests {
         let storage = MemoryBackend::new();
         let repo = OrganizationTeamRepository::new(storage);
 
-        let team = OrganizationTeam::new(1, 100, "Engineering".to_string()).unwrap();
+        let team = OrganizationTeam::new(1, 100, "Engineering".to_string(), None).unwrap();
         repo.create(team).await.unwrap();
 
         repo.delete(1).await.unwrap();