Idem for the server namespace.

src/api.js

@@ -158,6 +158,13 @@ Api.prototype.getUserPublicProperties = function (user) {
 	return _.pick(properties, 'id', 'email', 'permission');
 };
 
+Api.prototype.getServerPublicProperties = function (server) {
+	// Handles both properties and wrapped models.
+	var properties = server.properties || server;
+
+	return _.pick(properties, 'id', 'host', 'username');
+};
+
 Api.prototype.throw = function (errorId) {
 	throw Api.err[errorId];
 };
@@ -203,6 +210,9 @@ var $register = function (path, fn) {
 // User management.
 $register('user', require('./api/user'));
 
+// Server management.
+$register('server', require('./api/server'));
+
 //--------------------------------------------------------------------
 
 Api.fn.api = {
@@ -319,69 +329,6 @@ Api.fn.token = {
 	},
 };
 
-// Pool management.
-Api.fn.server = {
-	'add': function (session, req) {
-		var p_host = req.params.host;
-		var p_username = req.params.username;
-		var p_password = req.params.password;
-
-		if (!p_host || !p_username || !p_password)
-		{
-			throw Api.err.INVALID_PARAMS;
-		}
-
-		this.checkPermission(session, 'admin');
-
-		// TODO: We are storing passwords which is bad!
-		// Could we use tokens instead?
-		var server = $waitPromise(this.xo.servers.add({
-			'host': p_host,
-			'username': p_username,
-			'password': p_password,
-		}));
-
-		return (''+ server.id);
-	},
-
-	'remove': function (session, req) {
-		var p_id = req.params.id;
-
-		if (undefined === p_id)
-		{
-			throw Api.err.INVALID_PARAMS;
-		}
-
-		this.checkPermission(session, 'admin');
-
-		if (!$waitPromise(this.xo.servers.remove(p_id)))
-		{
-			throw Api.err.NO_SUCH_OBJECT;
-		}
-
-		return true;
-	},
-
-	'getAll': function (session) {
-		this.checkPermission(session, 'admin');
-
-		var servers = $waitPromise(this.xo.servers.get());
-		_.each(servers, function (server, i) {
-			servers[i] = _.pick(server, 'id', 'host', 'username');
-		});
-
-		return servers;
-	},
-
-	'connect': function () {
-		throw Api.err.NOT_IMPLEMENTED;
-	},
-
-	'disconnect': function () {
-		throw Api.err.NOT_IMPLEMENTED;
-	},
-};
-
 // Extra methods not really bound to an object.
 Api.fn.xo = {
 	'getAllObjects': function () {

src/api/server.coffee

@@ -0,0 +1,86 @@
+{$waitPromise} = require '../fibers-utils'
+
+#=====================================================================
+
+# FIXME: We are storing passwords which is bad!
+#        Could we use tokens instead?
+
+# Adds a new server.
+exports.add = (session, request) ->
+  {host, username, password} = request.params
+  @throw 'INVALID_PARAMS' unless host? and username? and password?
+
+  # Current user must be administrator.
+  @checkPermission session, 'admin'
+
+  # Adds the server.
+  server = $waitPromise @xo.servers.add {
+    host
+    username
+    password
+  }
+
+  # Returns the identifier of the newly registered server.
+  server.id
+
+# Removes an existing server.
+exports.remove = (session, request) ->
+  {id} = request.params
+  @throw 'INVALID_PARAMS' unless id?
+
+  # Current user must be administrator.
+  @checkPermission session, 'admin'
+
+  # Throws an error if the server did not exist.
+  @throw 'NO_SUCH_OBJECT' unless $waitPromise @xo.servers.remove id
+
+  # Returns true.
+  true
+
+# Returns all servers.
+exports.getAll = (session) ->
+  # Only an administrator can see all servers.
+  @checkPermission session, 'admin'
+
+  # Retrieves the servers.
+  servers = $waitPromise @xo.servers.get()
+
+  # Filters out private properties.
+  for server, i in servers
+    servers[i] = @getServerPublicProperties server
+
+  # Returns the servers.
+  servers
+
+# Changes the properties of an existing server.
+exports.set = (session, request) ->
+  {id, host, username, password} = request.params
+  @throw 'INVALID_PARAMS' unless id? and (host? or username? or password?)
+
+  # Only an administrator can modify an server.
+  @checkPermission session, 'admin'
+
+  # Retrieves the server.
+  server = $waitPromise @xo.servers.first id
+
+  # Throws an error if it did not exist.
+  @throw 'NO_SUCH_OBJECT' unless server
+
+  # Updates the provided properties.
+  server.set {host} if host?
+  server.set {username} if username?
+  server.set {password} if password?
+
+  # Updates the server.
+  $waitPromise @xo.servers.update server
+
+  # Returns true.
+  true
+
+# Connects to an existing server.
+exports.connect = ->
+  @throw 'NOT_IMPLEMENTED'
+
+# Disconnects from an existing server.
+exports.disconnect = ->
+  @throw 'NOT_IMPLEMENTED'

src/xo.coffee

@@ -163,7 +163,7 @@ class $XO extends $EventEmitter
 
     # This function asynchronously connects to a server, retrieves
     # all its objects and monitors events.
-    connect = $fiberize (server) =>
+    connect = (server) =>
       # Identifier of the connection.
       id = server.id
 
@@ -276,12 +276,19 @@ class $XO extends $EventEmitter
           # registered again.
           throw error unless error[0] is 'SESSION_NOT_REGISTERED'
 
+    # Prevents errors from stopping the server.
+    connectSafe = $fiberize (server) ->
+      try
+        connect.call this, server
+      catch error
+        console.log "[WARN] #{server.host}: #{error[0] ? error.code}"
+
     # Connects to existing servers.
-    connect server for server in $waitPromise @servers.get()
+    connectSafe server for server in $waitPromise @servers.get()
 
     # Automatically connects to new servers.
     @servers.on 'add', (servers) ->
-      connect server for server in @servers
+      connectSafe server for server in @servers
 
     # TODO: Automatically disconnects from removed servers.