@friggframework/core 2.0.0-next.56 → 2.0.0-next.58

package/prisma-postgresql/migrations/20251112195422_update_user_unique_constraints/migration.sql

@@ -21,49 +21,5 @@ ALTER TABLE "Credential" DROP COLUMN "subType";
 -- AlterTable
 ALTER TABLE "Entity" DROP COLUMN "subType";
 
--- CreateTable
-CREATE TABLE "Process" (
-    "id" SERIAL NOT NULL,
-    "userId" INTEGER NOT NULL,
-    "integrationId" INTEGER NOT NULL,
-    "name" TEXT NOT NULL,
-    "type" TEXT NOT NULL,
-    "state" TEXT NOT NULL,
-    "context" JSONB NOT NULL DEFAULT '{}',
-    "results" JSONB NOT NULL DEFAULT '{}',
-    "parentProcessId" INTEGER,
-    "createdAt" TIMESTAMP(3) NOT NULL DEFAULT CURRENT_TIMESTAMP,
-    "updatedAt" TIMESTAMP(3) NOT NULL,
-
-    CONSTRAINT "Process_pkey" PRIMARY KEY ("id")
-);
-
--- CreateIndex
-CREATE INDEX "Process_userId_idx" ON "Process"("userId");
-
--- CreateIndex
-CREATE INDEX "Process_integrationId_idx" ON "Process"("integrationId");
-
--- CreateIndex
-CREATE INDEX "Process_type_idx" ON "Process"("type");
-
--- CreateIndex
-CREATE INDEX "Process_state_idx" ON "Process"("state");
-
--- CreateIndex
-CREATE INDEX "Process_name_idx" ON "Process"("name");
-
--- CreateIndex
-CREATE INDEX "Process_parentProcessId_idx" ON "Process"("parentProcessId");
-
 -- CreateIndex
 CREATE UNIQUE INDEX "User_username_appUserId_key" ON "User"("username", "appUserId");
-
--- AddForeignKey
-ALTER TABLE "Process" ADD CONSTRAINT "Process_userId_fkey" FOREIGN KEY ("userId") REFERENCES "User"("id") ON DELETE CASCADE ON UPDATE CASCADE;
-
--- AddForeignKey
-ALTER TABLE "Process" ADD CONSTRAINT "Process_integrationId_fkey" FOREIGN KEY ("integrationId") REFERENCES "Integration"("id") ON DELETE CASCADE ON UPDATE CASCADE;
-
--- AddForeignKey
-ALTER TABLE "Process" ADD CONSTRAINT "Process_parentProcessId_fkey" FOREIGN KEY ("parentProcessId") REFERENCES "Process"("id") ON DELETE SET NULL ON UPDATE CASCADE;

package/queues/queuer-util.js

@@ -4,7 +4,6 @@ const { SQSClient, SendMessageCommand, SendMessageBatchCommand } = require('@aws
 const awsConfigOptions = () => {
     const config = {};
     if (process.env.IS_OFFLINE) {
-        console.log('Running in offline mode');
         config.credentials = {
             accessKeyId: 'test-aws-key',
             secretAccessKey: 'test-aws-secret',
@@ -21,7 +20,6 @@ const sqs = new SQSClient(awsConfigOptions());
 
 const QueuerUtil = {
     send: async (message, queueUrl) => {
-        console.log(`Enqueuing message to SQS queue ${queueUrl}`);
         const command = new SendMessageCommand({
             MessageBody: JSON.stringify(message),
             QueueUrl: queueUrl,
@@ -30,9 +28,6 @@ const QueuerUtil = {
     },
 
     batchSend: async (entries = [], queueUrl) => {
-        console.log(
-            `Enqueuing ${entries.length} entries on SQS to queue ${queueUrl}`
-        );
         const buffer = [];
         const batchSize = 10;
 
@@ -43,7 +38,6 @@ const QueuerUtil = {
             });
             // Sends 10, then purges the buffer
             if (buffer.length === batchSize) {
-                console.log('Buffer at 10, sending batch');
                 const command = new SendMessageBatchCommand({
                     Entries: buffer,
                     QueueUrl: queueUrl,
@@ -53,11 +47,9 @@ const QueuerUtil = {
                 buffer.splice(0, buffer.length);
             }
         }
-        console.log('Buffer at end, sending final batch');
 
         // If any remaining entries under 10 are left in the buffer, send and return
         if (buffer.length > 0) {
-            console.log(buffer);
             const command = new SendMessageBatchCommand({
                 Entries: buffer,
                 QueueUrl: queueUrl,

package/user/repositories/user-repository-documentdb.js

@@ -238,17 +238,6 @@ class UserRepositoryDocumentDB extends UserRepositoryInterface {
         return this._mapUser(decrypted);
     }
 
-    async findUserById(userId) {
-        const doc = await findOne(this.prisma, 'User', {
-            _id: toObjectId(userId),
-        });
-        const decrypted = await this.encryptionService.decryptFields(
-            'User',
-            doc
-        );
-        return this._mapUser(decrypted);
-    }
-
     async findIndividualUserByEmail(email) {
         const doc = await findOne(this.prisma, 'User', {
             type: 'INDIVIDUAL',
@@ -427,6 +416,26 @@ class UserRepositoryDocumentDB extends UserRepositoryInterface {
         const date = new Date(value);
         return isNaN(date.getTime()) ? undefined : date;
     }
+
+    /**
+     * Link an individual user to an organization user
+     * @param {string} individualUserId - Individual user ID (MongoDB ObjectId string)
+     * @param {string} organizationUserId - Organization user ID (MongoDB ObjectId string)
+     * @returns {Promise<Object>} Updated individual user object
+     */
+    async linkIndividualToOrganization(individualUserId, organizationUserId) {
+        const doc = await updateOne(
+            this.prisma,
+            'User',
+            { _id: toObjectId(individualUserId), type: 'INDIVIDUAL' },
+            { $set: { organizationId: toObjectId(organizationUserId) } }
+        );
+        const decrypted = await this.encryptionService.decryptFields(
+            'User',
+            doc
+        );
+        return this._mapUser(decrypted);
+    }
 }
 
 module.exports = { UserRepositoryDocumentDB };

package/user/repositories/user-repository-factory.js

@@ -17,7 +17,8 @@ const databaseConfig = require('../../database/config');
  * Usage:
  * ```javascript
  * const repository = createUserRepository();
- * const user = await repository.findUserById(id); // ID is string
+ * const user = await repository.findIndividualUserById(id); // ID is string
+ * const orgUser = await repository.findOrganizationUserById(id); // ID is string
  * ```
  *
  * @returns {UserRepositoryInterface} Configured repository adapter

package/user/repositories/user-repository-interface.js

@@ -131,17 +131,6 @@ class UserRepositoryInterface {
         );
     }
 
-    /**
-     * Find user by ID (any type)
-     *
-     * @param {string|number} userId - User ID
-     * @returns {Promise<Object|null>} User object or null
-     * @abstract
-     */
-    async findUserById(userId) {
-        throw new Error('Method findUserById must be implemented by subclass');
-    }
-
     /**
      * Find individual user by email
      *
@@ -193,6 +182,20 @@ class UserRepositoryInterface {
     async deleteUser(userId) {
         throw new Error('Method deleteUser must be implemented by subclass');
     }
+
+    /**
+     * Link an individual user to an organization user
+     *
+     * @param {string|number} individualUserId - Individual user ID
+     * @param {string|number} organizationUserId - Organization user ID
+     * @returns {Promise<Object>} Updated individual user object
+     * @abstract
+     */
+    async linkIndividualToOrganization(individualUserId, organizationUserId) {
+        throw new Error(
+            'Method linkIndividualToOrganization must be implemented by subclass'
+        );
+    }
 }
 
 module.exports = { UserRepositoryInterface };

package/user/repositories/user-repository-mongo.js

@@ -195,17 +195,6 @@ class UserRepositoryMongo extends UserRepositoryInterface {
         });
     }
 
-    /**
-     * Find user by ID (any type)
-     * @param {string} userId - User ID
-     * @returns {Promise<Object|null>} User object with string IDs or null
-     */
-    async findUserById(userId) {
-        return await this.prisma.user.findUnique({
-            where: { id: userId },
-        });
-    }
-
     /**
      * Find individual user by email
      * @param {string} email - Email to search for
@@ -287,6 +276,24 @@ class UserRepositoryMongo extends UserRepositoryInterface {
             throw error;
         }
     }
+
+    /**
+     * Link an individual user to an organization user
+     * @param {string} individualUserId - Individual user ID (MongoDB ObjectId string)
+     * @param {string} organizationUserId - Organization user ID (MongoDB ObjectId string)
+     * @returns {Promise<Object>} Updated individual user object
+     */
+    async linkIndividualToOrganization(individualUserId, organizationUserId) {
+        return await this.prisma.user.update({
+            where: {
+                id: individualUserId,
+                type: 'INDIVIDUAL',
+            },
+            data: {
+                organizationId: organizationUserId,
+            },
+        });
+    }
 }
 
 module.exports = { UserRepositoryMongo };

package/user/repositories/user-repository-postgres.js

@@ -237,19 +237,6 @@ class UserRepositoryPostgres extends UserRepositoryInterface {
         return this._convertUserIds(user);
     }
 
-    /**
-     * Find user by ID (any type)
-     * @param {string} userId - User ID (string from application layer)
-     * @returns {Promise<Object|null>} User object with string IDs or null
-     */
-    async findUserById(userId) {
-        const intId = this._convertId(userId);
-        const user = await this.prisma.user.findUnique({
-            where: { id: intId },
-        });
-        return this._convertUserIds(user);
-    }
-
     /**
      * Find individual user by email
      * @param {string} email - Email to search for
@@ -346,6 +333,28 @@ class UserRepositoryPostgres extends UserRepositoryInterface {
             throw error;
         }
     }
+
+    /**
+     * Link an individual user to an organization user
+     * @param {string} individualUserId - Individual user ID (string from application layer)
+     * @param {string} organizationUserId - Organization user ID (string from application layer)
+     * @returns {Promise<Object>} Updated individual user with string IDs
+     */
+    async linkIndividualToOrganization(individualUserId, organizationUserId) {
+        const intIndividualId = this._convertId(individualUserId);
+        const intOrganizationId = this._convertId(organizationUserId);
+
+        const user = await this.prisma.user.update({
+            where: {
+                id: intIndividualId,
+                type: 'INDIVIDUAL',
+            },
+            data: {
+                organizationId: intOrganizationId,
+            },
+        });
+        return this._convertUserIds(user);
+    }
 }
 
 module.exports = { UserRepositoryPostgres };

package/user/use-cases/get-user-from-x-frigg-headers.js

@@ -53,7 +53,7 @@ class GetUserFromXFriggHeaders {
                 );
         }
 
-        // VALIDATION: If both IDs provided and both users exist, verify they match
+        // VALIDATION/AUTO-LINKING: If both IDs provided and both users exist, handle mismatch
         if (
             appUserId &&
             appOrgId &&
@@ -66,31 +66,57 @@ class GetUserFromXFriggHeaders {
             const expectedOrgId = organizationUserData.id?.toString();
 
             if (individualOrgId !== expectedOrgId) {
-                throw Boom.badRequest(
-                    'User ID mismatch: x-frigg-appUserId and x-frigg-appOrgId refer to different users. ' +
-                        'Provide only one identifier or ensure they belong to the same user.'
+                // Default behavior: Auto-link disconnected users
+                // Opt-in strict mode: Throw error on mismatch
+                if (this.userConfig.strictUserValidation) {
+                    throw Boom.badRequest(
+                        'User ID mismatch: x-frigg-appUserId and x-frigg-appOrgId refer to different users. ' +
+                            'Provide only one identifier or ensure they belong to the same user.'
+                    );
+                }
+
+                // Auto-link the users
+                individualUserData = await this.userRepository.linkIndividualToOrganization(
+                    individualUserData.id,
+                    organizationUserData.id
                 );
             }
         }
 
-        // Auto-create user if not found
-        if (!individualUserData && !organizationUserData) {
-            if (appUserId) {
-                individualUserData =
-                    await this.userRepository.createIndividualUser({
-                        appUserId,
-                        username: `app-user-${appUserId}`,
-                        email: `${appUserId}@app.local`,
-                    });
-            } else {
-                organizationUserData =
-                    await this.userRepository.createOrganizationUser({
-                        appOrgId,
-                    });
+        // Auto-create users independently if they don't exist and are required
+        if (
+            !individualUserData &&
+            appUserId &&
+            this.userConfig.individualUserRequired !== false
+        ) {
+            individualUserData =
+                await this.userRepository.createIndividualUser({
+                    appUserId,
+                    username: `app-user-${appUserId}`,
+                    email: `${appUserId}@app.local`,
+                });
+        }
+
+        if (
+            !organizationUserData &&
+            appOrgId &&
+            this.userConfig.organizationUserRequired
+        ) {
+            organizationUserData =
+                await this.userRepository.createOrganizationUser({
+                    appOrgId,
+                });
+
+            // Link individual user to newly created org user if individual exists
+            if (individualUserData && organizationUserData) {
+                individualUserData = await this.userRepository.linkIndividualToOrganization(
+                    individualUserData.id,
+                    organizationUserData.id
+                );
             }
         }
 
-        return new User(
+        const user = new User(
             individualUserData,
             organizationUserData,
             this.userConfig.usePassword,
@@ -98,9 +124,9 @@ class GetUserFromXFriggHeaders {
             this.userConfig.individualUserRequired,
             this.userConfig.organizationUserRequired
         );
+
+        return user;
     }
 }
 
 module.exports = { GetUserFromXFriggHeaders };
-
-

package/user/user.js

@@ -88,6 +88,38 @@ class User {
     getAppOrgId() {
         return this.organizationUser?.appOrgId || null;
     }
+
+    /**
+     * Checks if a given userId belongs to this user (either primary or linked).
+     * When primary is 'organization', entities owned by the linked individual user
+     * should still be accessible to the organization.
+     *
+     * @param {string|number} userId - The userId to check
+     * @returns {boolean} True if the userId belongs to this user or their linked user
+     */
+    ownsUserId(userId) {
+        const userIdStr = userId?.toString();
+        const primaryId = this.getPrimaryUser()?.id?.toString();
+        const individualId = this.individualUser?.id?.toString();
+        const organizationId = this.organizationUser?.id?.toString();
+
+        // Check if userId matches primary user
+        if (userIdStr === primaryId) {
+            return true;
+        }
+
+        // When primary is 'organization', also check linked individual user
+        if (this.config.primary === 'organization' && userIdStr === individualId) {
+            return true;
+        }
+
+        // When primary is 'individual', also check linked organization user if required
+        if (this.config.primary === 'individual' && this.config.organizationUserRequired && userIdStr === organizationId) {
+            return true;
+        }
+
+        return false;
+    }
 }
 
 module.exports = { User };