@friggframework/core 2.0.0-next.9 → 2.0.0-next.90

package/integrations/integration-router.js

@@ -2,23 +2,220 @@ const express = require('express');
 const { get } = require('../assertions');
 const Boom = require('@hapi/boom');
 const catchAsyncError = require('express-async-handler');
-const { debug } = require('../logs');
-function createIntegrationRouter(params) {
-    const router = get(params, 'router', express());
-    const factory = get(params, 'factory');
-    const getUserId = get(params, 'getUserId', (req) => null);
-    const requireLoggedInUser = get(
-        params,
-        'requireLoggedInUser',
-        (req, res, next) => next()
-    );
-
-    router.all('/api/entities*', requireLoggedInUser);
-    router.all('/api/authorize', requireLoggedInUser);
-    router.all('/api/integrations*', requireLoggedInUser);
-
-    setIntegrationRoutes(router, factory, getUserId);
-    setEntityRoutes(router, factory, getUserId);
+const {
+    createIntegrationRepository,
+} = require('./repositories/integration-repository-factory');
+const {
+    DeleteIntegrationForUser,
+} = require('./use-cases/delete-integration-for-user');
+const {
+    GetIntegrationsForUser,
+} = require('./use-cases/get-integrations-for-user');
+const {
+    createCredentialRepository,
+} = require('../credential/repositories/credential-repository-factory');
+const {
+    GetCredentialForUser,
+} = require('../credential/use-cases/get-credential-for-user');
+const { CreateIntegration } = require('./use-cases/create-integration');
+const { ModuleFactory } = require('../modules/module-factory');
+const {
+    createModuleRepository,
+} = require('../modules/repositories/module-repository-factory');
+const {
+    GetEntitiesForUser,
+} = require('../modules/use-cases/get-entities-for-user');
+const { loadAppDefinition } = require('../handlers/app-definition-loader');
+const {
+    GetIntegrationInstance,
+} = require('./use-cases/get-integration-instance');
+const { UpdateIntegration } = require('./use-cases/update-integration');
+const {
+    getModulesDefinitionFromIntegrationClasses,
+} = require('./utils/map-integration-dto');
+const {
+    GetModuleInstanceFromType,
+} = require('../modules/use-cases/get-module-instance-from-type');
+const {
+    GetEntityOptionsByType,
+} = require('../modules/use-cases/get-entity-options-by-type');
+const { TestModuleAuth } = require('../modules/use-cases/test-module-auth');
+const { GetModule } = require('../modules/use-cases/get-module');
+const {
+    GetEntityOptionsById,
+} = require('../modules/use-cases/get-entity-options-by-id');
+const {
+    RefreshEntityOptions,
+} = require('../modules/use-cases/refresh-entity-options');
+const {
+    GetPossibleIntegrations,
+} = require('./use-cases/get-possible-integrations');
+const {
+    createUserRepository,
+} = require('../user/repositories/user-repository-factory');
+const {
+    GetUserFromBearerToken,
+} = require('../user/use-cases/get-user-from-bearer-token');
+const {
+    GetUserFromXFriggHeaders,
+} = require('../user/use-cases/get-user-from-x-frigg-headers');
+const {
+    GetUserFromAdopterJwt,
+} = require('../user/use-cases/get-user-from-adopter-jwt');
+const {
+    AuthenticateWithSharedSecret,
+} = require('../user/use-cases/authenticate-with-shared-secret');
+const { AuthenticateUser } = require('../user/use-cases/authenticate-user');
+const {
+    ProcessAuthorizationCallback,
+} = require('../modules/use-cases/process-authorization-callback');
+
+function createIntegrationRouter() {
+    const { integrations: integrationClasses, userConfig } =
+        loadAppDefinition();
+    const moduleRepository = createModuleRepository();
+    const integrationRepository = createIntegrationRepository();
+    const credentialRepository = createCredentialRepository();
+    const userRepository = createUserRepository();
+
+    const getUserFromBearerToken = new GetUserFromBearerToken({
+        userRepository,
+        userConfig,
+    });
+
+    const getUserFromXFriggHeaders = new GetUserFromXFriggHeaders({
+        userRepository,
+        userConfig,
+    });
+
+    const getUserFromAdopterJwt = new GetUserFromAdopterJwt({
+        userRepository,
+        userConfig,
+    });
+
+    const authenticateWithSharedSecret = new AuthenticateWithSharedSecret();
+
+    const authenticateUser = new AuthenticateUser({
+        getUserFromBearerToken,
+        getUserFromXFriggHeaders,
+        getUserFromAdopterJwt,
+        authenticateWithSharedSecret,
+        userConfig,
+    });
+
+    const moduleFactory = new ModuleFactory({
+        moduleRepository,
+        moduleDefinitions:
+            getModulesDefinitionFromIntegrationClasses(integrationClasses),
+    });
+    const deleteIntegrationForUser = new DeleteIntegrationForUser({
+        integrationRepository,
+        integrationClasses,
+        moduleFactory,
+    });
+
+    const getIntegrationsForUser = new GetIntegrationsForUser({
+        integrationRepository,
+        integrationClasses,
+        moduleFactory,
+        moduleRepository,
+    });
+
+    const getCredentialForUser = new GetCredentialForUser({
+        credentialRepository,
+    });
+
+    const createIntegration = new CreateIntegration({
+        integrationRepository,
+        integrationClasses,
+        moduleFactory,
+    });
+
+    const getEntitiesForUser = new GetEntitiesForUser({
+        moduleRepository,
+        moduleDefinitions:
+            getModulesDefinitionFromIntegrationClasses(integrationClasses),
+    });
+
+    const getIntegrationInstance = new GetIntegrationInstance({
+        integrationRepository,
+        integrationClasses,
+        moduleFactory,
+    });
+
+    const updateIntegration = new UpdateIntegration({
+        integrationRepository,
+        integrationClasses,
+        moduleFactory,
+    });
+
+    const getModuleInstanceFromType = new GetModuleInstanceFromType({
+        moduleDefinitions:
+            getModulesDefinitionFromIntegrationClasses(integrationClasses),
+    });
+
+    const getEntityOptionsByType = new GetEntityOptionsByType({
+        moduleDefinitions:
+            getModulesDefinitionFromIntegrationClasses(integrationClasses),
+    });
+
+    const testModuleAuth = new TestModuleAuth({
+        moduleRepository,
+        moduleDefinitions:
+            getModulesDefinitionFromIntegrationClasses(integrationClasses),
+    });
+
+    const getModule = new GetModule({
+        moduleRepository,
+        moduleDefinitions:
+            getModulesDefinitionFromIntegrationClasses(integrationClasses),
+    });
+
+    const getEntityOptionsById = new GetEntityOptionsById({
+        moduleRepository,
+        moduleDefinitions:
+            getModulesDefinitionFromIntegrationClasses(integrationClasses),
+    });
+
+    const refreshEntityOptions = new RefreshEntityOptions({
+        moduleRepository,
+        moduleDefinitions:
+            getModulesDefinitionFromIntegrationClasses(integrationClasses),
+    });
+
+    const getPossibleIntegrations = new GetPossibleIntegrations({
+        integrationClasses,
+    });
+
+    const processAuthorizationCallback = new ProcessAuthorizationCallback({
+        moduleRepository,
+        credentialRepository,
+        integrationRepository,
+        moduleDefinitions:
+            getModulesDefinitionFromIntegrationClasses(integrationClasses),
+    });
+
+    const router = express();
+
+    setIntegrationRoutes(router, authenticateUser, {
+        createIntegration,
+        deleteIntegrationForUser,
+        getIntegrationsForUser,
+        getEntitiesForUser,
+        getIntegrationInstance,
+        updateIntegration,
+        getPossibleIntegrations,
+    });
+    setEntityRoutes(router, authenticateUser, {
+        getCredentialForUser,
+        getModuleInstanceFromType,
+        getEntityOptionsByType,
+        testModuleAuth,
+        getModule,
+        getEntityOptionsById,
+        refreshEntityOptions,
+        processAuthorizationCallback,
+    });
     return router;
 }
 
@@ -46,111 +243,95 @@ function checkRequiredParams(params, requiredKeys) {
     return returnDict;
 }
 
-function setIntegrationRoutes(router, factory, getUserId) {
-    const { moduleFactory, integrationFactory, IntegrationHelper } = factory;
+/**
+ * Sets up integration-related routes on the provided Express router
+ * @param {express.Router} router - Express router instance to add routes to
+ * @param {import('../user/use-cases/authenticate-user').AuthenticateUser} authenticateUser - Use case for multi-mode user authentication
+ * @param {Object} useCases - use cases for integration management
+ */
+function setIntegrationRoutes(router, authenticateUser, useCases) {
+    const {
+        createIntegration,
+        deleteIntegrationForUser,
+        getIntegrationsForUser,
+        getEntitiesForUser,
+        getIntegrationInstance,
+        updateIntegration,
+        getPossibleIntegrations,
+    } = useCases;
     router.route('/api/integrations').get(
         catchAsyncError(async (req, res) => {
-            const results = await integrationFactory.getIntegrationOptions();
-            results.entities.authorized =
-                await moduleFactory.getEntitiesForUser(getUserId(req));
-            results.integrations =
-                await IntegrationHelper.getIntegrationsForUserId(
-                    getUserId(req)
-                );
+            const user = await authenticateUser.execute(req);
+            const userId = user.getId();
+            const integrations = await getIntegrationsForUser.execute(userId);
+            const results = {
+                entities: {
+                    options: await getPossibleIntegrations.execute(),
+                    authorized: await getEntitiesForUser.execute(userId),
+                },
+                integrations: integrations,
+            };
 
-            for (const integrationRecord of results.integrations) {
-                const integration =
-                    await integrationFactory.getInstanceFromIntegrationId({
-                        integrationId: integrationRecord.id,
-                        userId: getUserId(req),
-                    });
-                integrationRecord.userActions = integration.userActions;
-            }
             res.json(results);
         })
     );
 
     router.route('/api/integrations').post(
         catchAsyncError(async (req, res) => {
+            const user = await authenticateUser.execute(req);
+            const userId = user.getId();
             const params = checkRequiredParams(req.body, [
                 'entities',
                 'config',
             ]);
-            // throw if not value
+
             get(params.config, 'type');
 
-            // create integration
-            const integration = await integrationFactory.createIntegration(
+            const integration = await createIntegration.execute(
                 params.entities,
-                getUserId(req),
+                userId,
                 params.config
             );
 
-            // post integration initialization
-            debug(
-                `Calling onCreate on the ${integration?.constructor?.Config?.name} Integration with no arguments`
-            );
-            await integration.send('ON_CREATE', {});
-
-            res.status(201).json(
-                await IntegrationHelper.getFormattedIntegration(
-                    integration.record
-                )
-            );
+            res.status(201).json(integration);
         })
     );
 
     router.route('/api/integrations/:integrationId').patch(
         catchAsyncError(async (req, res) => {
+            const user = await authenticateUser.execute(req);
+            const userId = user.getId();
             const params = checkRequiredParams(req.body, ['config']);
 
-            const integration =
-                await integrationFactory.getInstanceFromIntegrationId({
-                    integrationId: req.params.integrationId,
-                    userId: getUserId(req),
-                });
-
-            debug(
-                `Calling onUpdate on the ${integration?.constructor?.Config?.name} Integration arguments: `,
-                params
-            );
-            await integration.send('ON_UPDATE', params);
-
-            res.json(
-                await IntegrationHelper.getFormattedIntegration(
-                    integration.record
-                )
+            const integration = await updateIntegration.execute(
+                req.params.integrationId,
+                userId,
+                params.config
             );
+            res.json(integration);
         })
     );
 
     router.route('/api/integrations/:integrationId').delete(
         catchAsyncError(async (req, res) => {
+            const user = await authenticateUser.execute(req);
             const params = checkRequiredParams(req.params, ['integrationId']);
-            const integration =
-                await integrationFactory.getInstanceFromIntegrationId({
-                    userId: getUserId(req),
-                    integrationId: params.integrationId,
-                });
-
-            debug(
-                `Calling onUpdate on the ${integration?.constructor?.Definition?.name} Integration with no arguments`
+            await deleteIntegrationForUser.execute(
+                params.integrationId,
+                user.getId()
             );
-            await integration.send('ON_DELETE');
-            await IntegrationHelper.deleteIntegrationForUserById(
-                getUserId(req),
-                params.integrationId
-            );
-
-            res.status(201).json({});
+            res.status(204).json({});
         })
     );
 
     router.route('/api/integrations/:integrationId/config/options').get(
         catchAsyncError(async (req, res) => {
+            const user = await authenticateUser.execute(req);
             const params = checkRequiredParams(req.params, ['integrationId']);
-            const integration =
-                await integrationFactory.getInstanceFromIntegrationId(params);
+            const integration = await getIntegrationInstance.execute(
+                params.integrationId,
+                user.getId()
+            );
             res.json(await integration.send('GET_CONFIG_OPTIONS'));
         })
     );
@@ -159,13 +340,14 @@ function setIntegrationRoutes(router, factory, getUserId) {
         .route('/api/integrations/:integrationId/config/options/refresh')
         .post(
             catchAsyncError(async (req, res) => {
+                const user = await authenticateUser.execute(req);
                 const params = checkRequiredParams(req.params, [
                     'integrationId',
                 ]);
-                const integration =
-                    await integrationFactory.getInstanceFromIntegrationId(
-                        params
-                    );
+                const integration = await getIntegrationInstance.execute(
+                    params.integrationId,
+                    user.getId()
+                );
 
                 res.json(
                     await integration.send('REFRESH_CONFIG_OPTIONS', req.body)
@@ -174,9 +356,12 @@ function setIntegrationRoutes(router, factory, getUserId) {
         );
     router.route('/api/integrations/:integrationId/actions').all(
         catchAsyncError(async (req, res) => {
+            const user = await authenticateUser.execute(req);
             const params = checkRequiredParams(req.params, ['integrationId']);
-            const integration =
-                await integrationFactory.getInstanceFromIntegrationId(params);
+            const integration = await getIntegrationInstance.execute(
+                params.integrationId,
+                user.getId()
+            );
             res.json(await integration.send('GET_USER_ACTIONS', req.body));
         })
     );
@@ -185,14 +370,15 @@ function setIntegrationRoutes(router, factory, getUserId) {
         .route('/api/integrations/:integrationId/actions/:actionId/options')
         .all(
             catchAsyncError(async (req, res) => {
+                const user = await authenticateUser.execute(req);
                 const params = checkRequiredParams(req.params, [
                     'integrationId',
                     'actionId',
                 ]);
-                const integration =
-                    await integrationFactory.getInstanceFromIntegrationId(
-                        params
-                    );
+                const integration = await getIntegrationInstance.execute(
+                    params.integrationId,
+                    user.getId()
+                );
 
                 res.json(
                     await integration.send('GET_USER_ACTION_OPTIONS', {
@@ -209,14 +395,15 @@ function setIntegrationRoutes(router, factory, getUserId) {
         )
         .post(
             catchAsyncError(async (req, res) => {
+                const user = await authenticateUser.execute(req);
                 const params = checkRequiredParams(req.params, [
                     'integrationId',
                     'actionId',
                 ]);
-                const integration =
-                    await integrationFactory.getInstanceFromIntegrationId(
-                        params
-                    );
+                const integration = await getIntegrationInstance.execute(
+                    params.integrationId,
+                    user.getId()
+                );
 
                 res.json(
                     await integration.send('REFRESH_USER_ACTION_OPTIONS', {
@@ -229,23 +416,33 @@ function setIntegrationRoutes(router, factory, getUserId) {
 
     router.route('/api/integrations/:integrationId/actions/:actionId').post(
         catchAsyncError(async (req, res) => {
+            const user = await authenticateUser.execute(req);
             const params = checkRequiredParams(req.params, [
                 'integrationId',
                 'actionId',
             ]);
-            const integration =
-                await integrationFactory.getInstanceFromIntegrationId(params);
-
+            const integration = await getIntegrationInstance.execute(
+                params.integrationId,
+                user.getId()
+            );
             res.json(await integration.send(params.actionId, req.body));
         })
     );
 
     router.route('/api/integrations/:integrationId').get(
         catchAsyncError(async (req, res) => {
+            const user = await authenticateUser.execute(req);
+
+            if (!user) {
+                throw Boom.forbidden('User not found');
+            }
+
             const params = checkRequiredParams(req.params, ['integrationId']);
-            const integration = await IntegrationHelper.getIntegrationById(
-                params.integrationId
+            const integration = await getIntegrationInstance.execute(
+                params.integrationId,
+                user.getId()
             );
+
             // We could perhaps augment router with dynamic options? Haven't decided yet, but here may be the place
 
             res.json({
@@ -259,12 +456,12 @@ function setIntegrationRoutes(router, factory, getUserId) {
 
     router.route('/api/integrations/:integrationId/test-auth').get(
         catchAsyncError(async (req, res) => {
+            const user = await authenticateUser.execute(req);
             const params = checkRequiredParams(req.params, ['integrationId']);
-            const instance =
-                await integrationFactory.getInstanceFromIntegrationId({
-                    userId: getUserId(req),
-                    integrationId: params.integrationId,
-                });
+            const instance = await getIntegrationInstance.execute(
+                params.integrationId,
+                user.getId()
+            );
 
             if (!instance) {
                 throw Boom.notFound();
@@ -286,57 +483,88 @@ function setIntegrationRoutes(router, factory, getUserId) {
     );
 }
 
-function setEntityRoutes(router, factory, getUserId) {
-    const { moduleFactory, IntegrationHelper } = factory;
-    const getModuleInstance = async (req, entityType) => {
-        if (!moduleFactory.checkIsValidType(entityType)) {
-            throw Boom.badRequest(
-                `Error: Invalid entity type of ${entityType}, options are ${moduleFactory.moduleTypes.join(
-                    ', '
-                )}`
-            );
-        }
-        return await moduleFactory.getInstanceFromTypeName(
-            entityType,
-            getUserId(req)
-        );
-    };
+/**
+ * Sets up entity-related routes for the integration router
+ * @param {Object} router - Express router instance
+ * @param {import('../user/use-cases/authenticate-user').AuthenticateUser} authenticateUser - Use case for multi-mode user authentication
+ */
+function setEntityRoutes(router, authenticateUser, useCases) {
+    const {
+        getCredentialForUser,
+        getModuleInstanceFromType,
+        getEntityOptionsByType,
+        testModuleAuth,
+        getModule,
+        getEntityOptionsById,
+        refreshEntityOptions,
+        processAuthorizationCallback,
+    } = useCases;
 
     router.route('/api/authorize').get(
         catchAsyncError(async (req, res) => {
+            const user = await authenticateUser.execute(req);
+            const userId = user.getId();
             const params = checkRequiredParams(req.query, ['entityType']);
-            const module = await getModuleInstance(req, params.entityType);
+            const module = await getModuleInstanceFromType.execute(
+                userId,
+                params.entityType,
+                { state: req.query.state }
+            );
             const areRequirementsValid =
                 module.validateAuthorizationRequirements();
             if (!areRequirementsValid) {
                 throw new Error(
-                    `Error: EntityManager of type ${params.entityType} requires a valid url`
+                    `Error: Entity of type ${params.entityType} requires a valid url`
                 );
             }
 
-            res.json(await module.getAuthorizationRequirements());
+            res.json(module.getAuthorizationRequirements());
         })
     );
 
     router.route('/api/authorize').post(
         catchAsyncError(async (req, res) => {
+            const user = await authenticateUser.execute(req);
+            const userId = user.getId();
             const params = checkRequiredParams(req.body, [
                 'entityType',
                 'data',
             ]);
-            const module = await getModuleInstance(req, params.entityType);
 
-            res.json(
-                await module.processAuthorizationCallback({
-                    userId: getUserId(req),
-                    data: params.data,
-                })
+            const dataKeys =
+                params.data && typeof params.data === 'object'
+                    ? Object.keys(params.data)
+                    : [];
+            console.log(
+                `[Frigg] POST /api/authorize userId=${userId} entityType=${params.entityType} dataKeys=${JSON.stringify(dataKeys)}`
             );
+
+            try {
+                const entityDetails =
+                    await processAuthorizationCallback.execute(
+                        userId,
+                        params.entityType,
+                        params.data
+                    );
+
+                console.log(
+                    `[Frigg] POST /api/authorize success userId=${userId} entityType=${params.entityType} credentialId=${entityDetails?.credential_id} entityId=${entityDetails?.entity_id}`
+                );
+
+                res.json(entityDetails);
+            } catch (err) {
+                console.error(
+                    `[Frigg] POST /api/authorize failed userId=${userId} entityType=${params.entityType} error=${err?.message || err}`
+                );
+                throw err;
+            }
         })
     );
 
     router.route('/api/entity').post(
         catchAsyncError(async (req, res) => {
+            const user = await authenticateUser.execute(req);
+            const userId = user.getId();
             const params = checkRequiredParams(req.body, [
                 'entityType',
                 'data',
@@ -344,20 +572,24 @@ function setEntityRoutes(router, factory, getUserId) {
             checkRequiredParams(req.body.data, ['credential_id']);
 
             // May want to pass along the user ID as well so credential ID's can't be fished???
-            const credential = await IntegrationHelper.getCredentialById(
-                params.data.credential_id
+            const credential = await getCredentialForUser.execute(
+                params.data.credential_id,
+                userId
             );
 
             if (!credential) {
                 throw Boom.badRequest('Invalid credential ID');
             }
 
-            const module = await getModuleInstance(req, params.entityType);
+            const module = await getModuleInstanceFromType.execute(
+                userId,
+                params.entityType
+            );
             const entityDetails = await module.getEntityDetails(
                 module.api,
                 null,
                 null,
-                getUserId(req)
+                userId
             );
 
             res.json(await module.findOrCreateEntity(entityDetails));
@@ -366,43 +598,44 @@ function setEntityRoutes(router, factory, getUserId) {
 
     router.route('/api/entity/options/:credentialId').get(
         catchAsyncError(async (req, res) => {
+            const user = await authenticateUser.execute(req);
+            const userId = user.getId();
             // TODO May want to pass along the user ID as well so credential ID's can't be fished???
             // TODO **flagging this for review** -MW
-            const credential = await IntegrationHelper.getCredentialById(
-                req.params.credentialId
+            const credential = await getCredentialForUser.execute(
+                req.params.credentialId,
+                userId
             );
-            if (credential.user._id.toString() !== getUserId(req)) {
+            if (credential.userId.toString() !== userId) {
                 throw Boom.forbidden('Credential does not belong to user');
             }
 
             const params = checkRequiredParams(req.query, ['entityType']);
-            const module = await getModuleInstance(req, params.entityType);
+            const entityOptions = await getEntityOptionsByType.execute(
+                userId,
+                params.entityType
+            );
 
-            res.json(await module.getEntityOptions());
+            res.json(entityOptions);
         })
     );
 
     router.route('/api/entities/:entityId/test-auth').get(
         catchAsyncError(async (req, res) => {
+            const user = await authenticateUser.execute(req);
             const params = checkRequiredParams(req.params, ['entityId']);
-            const module = await moduleFactory.getModuleInstanceFromEntityId(
+            const testAuthResponse = await testModuleAuth.execute(
                 params.entityId,
-                getUserId(req)
+                user // Pass User object for proper validation
             );
 
-            if (!module) {
-                throw Boom.notFound();
-            }
-
-            const testAuthResponse = await module.testAuth();
-
             if (!testAuthResponse) {
                 res.status(400);
                 res.json({
                     errors: [
                         {
                             title: 'Authentication Error',
-                            message: `There was an error with your ${module.getName()} Entity.  Please reconnect/re-authenticate, or reach out to Support for assistance.`,
+                            message: `There was an error with your Entity. Please reconnect/re-authenticate, or reach out to Support for assistance.`,
                             timestamp: Date.now(),
                         },
                     ],
@@ -415,55 +648,39 @@ function setEntityRoutes(router, factory, getUserId) {
 
     router.route('/api/entities/:entityId').get(
         catchAsyncError(async (req, res) => {
+            const user = await authenticateUser.execute(req);
             const params = checkRequiredParams(req.params, ['entityId']);
-            const module = await moduleFactory.getModuleInstanceFromEntityId(
-                params.entityId,
-                getUserId(req)
-            );
+            const module = await getModule.execute(params.entityId, user); // Pass User object
 
-            if (!module) {
-                throw Boom.notFound();
-            }
-
-            res.json(module.entity);
+            res.json(module);
         })
     );
 
     router.route('/api/entities/:entityId/options').post(
         catchAsyncError(async (req, res) => {
-            const params = checkRequiredParams(req.params, [
-                'entityId',
-                getUserId(req),
-            ]);
-            const module = await moduleFactory.getModuleInstanceFromEntityId(
+            const user = await authenticateUser.execute(req);
+            const params = checkRequiredParams(req.params, ['entityId']);
+
+            const entityOptions = await getEntityOptionsById.execute(
                 params.entityId,
-                getUserId(req)
+                user // Pass User object
             );
 
-            if (!module) {
-                throw Boom.notFound();
-            }
-
-            res.json(await module.getEntityOptions());
+            res.json(entityOptions);
         })
     );
 
     router.route('/api/entities/:entityId/options/refresh').post(
         catchAsyncError(async (req, res) => {
-            const params = checkRequiredParams(req.params, [
-                'entityId',
-                getUserId(req),
-            ]);
-            const module = await moduleFactory.getModuleInstanceFromEntityId(
+            const user = await authenticateUser.execute(req);
+            const params = checkRequiredParams(req.params, ['entityId']);
+            const updatedOptions = await refreshEntityOptions.execute(
                 params.entityId,
-                getUserId(req)
+                user, // Pass User object
+                req.body
             );
 
-            if (!module) {
-                throw Boom.notFound();
-            }
-
-            res.json(await module.refreshEntityOptions(req.body));
+            res.json(updatedOptions);
         })
     );
 }