Better UX when recovering organization emails

Fixes #291

endpoints/api/user.py

@@ -27,7 +27,7 @@ from auth.permissions import (AdministerOrganizationPermission, CreateRepository
 from auth.auth_context import get_authenticated_user
 from auth import scopes
 from util.useremails import (send_confirmation_email, send_recovery_email, send_change_email,
-                             send_password_changed)
+                             send_password_changed, send_org_recovery_email)
 from util.names import parse_single_urn
 
 
@@ -647,10 +647,35 @@ class Recovery(ApiResource):
   @validate_json_request('RequestRecovery')
   def post(self):
     """ Request a password recovery email."""
+    def redact(value):
+      threshold = max((len(value) / 3) - 1, 1)
+      v = ''
+      for i in range(0, len(value)):
+        if i < threshold or i >= len(value) - threshold:
+          v = v + value[i]
+        else:
+          v = v + u'\u2022'
+
+      return v
+
     email = request.get_json()['email']
+    user = model.user.find_user_by_email(email)
+    if not user:
+      raise model.InvalidEmailAddressException('Email address was not found.')
+
+    if user.organization:
+      send_org_recovery_email(user, model.organization.get_admin_users(user))
+      return {
+        'status': 'org',
+        'orgemail': email,
+        'orgname': redact(user.username),
+      }
+
     code = model.user.create_reset_password_email_code(email)
     send_recovery_email(email, code.code)
-    return 'Created', 201
+    return {
+      'status': 'sent',
+    }
 
 
 @resource('/v1/user/notifications')