@mondaydotcomorg/monday-authorization 2.1.1-feature-bashanye-remove-authorization-url-secret-usage.04a9d3c → 2.1.1

package/dist/authorization-attributes-service.d.ts

@@ -1,35 +1,25 @@
-import { FetcherConfig, HttpClient } from '@mondaydotcomorg/trident-backend-api';
-import { RecursivePartial } from '@mondaydotcomorg/monday-fetch-api';
 import { ResourceAttributeAssignment, ResourceAttributeResponse, ResourceAttributesOperation } from './types/authorization-attributes-contracts';
 import { Resource } from './types/general';
 export declare class AuthorizationAttributesService {
     private static LOG_TAG;
-    private static API_PATHS;
-    private httpClient;
-    private fetchOptions;
-    private snsArn;
-    /**
-     * Public constructor to create the AuthorizationAttributesService instance.
-     * @param httpClient The HTTP client to use for API requests, if not provided, the default HTTP client from Api will be used.
-     * @param fetchOptions The fetch options to use for API requests, if not provided, the default fetch options will be used.
-     */
-    constructor(httpClient?: HttpClient, fetchOptions?: RecursivePartial<FetcherConfig>);
     /**
      * Upsert resource attributes synchronously, performing http call to the authorization MS to assign the given attributes to the given resource.
      * @param accountId
+     * @param userId
      * @param resourceAttributeAssignments - Array of resource (resourceType, resourceId) and attribute (key, value) pairs to upsert in the authorization MS.
      * e.g. [{ resourceType: 'board', resourceId: 123, key: 'board_kind', value: 'private' }]
      * @returns ResourceAttributeResponse - The affected (created and updated_ resource attributes assignments in the `attributes` field.
      */
-    upsertResourceAttributes(accountId: number, resourceAttributeAssignments: ResourceAttributeAssignment[]): Promise<ResourceAttributeResponse>;
+    static upsertResourceAttributes(accountId: number, userId: number, resourceAttributeAssignments: ResourceAttributeAssignment[]): Promise<ResourceAttributeResponse>;
     /**
      * Delete resource attributes assignments synchronously, performing http call to the authorization MS to delete the given attributes from the given singular resource.
      * @param accountId
+     * @param userId
      * @param resource - The resource (resourceType, resourceId) to delete the attributes for.
      * @param attributeKeys - Array of attribute keys to delete for the resource.
      * @returns ResourceAttributeResponse - The affected (deleted) resource attributes assignments in the `attributes` field.
      */
-    deleteResourceAttributes(accountId: number, resource: Resource, attributeKeys: string[]): Promise<ResourceAttributeResponse>;
+    static deleteResourceAttributes(accountId: number, userId: number, resource: Resource, attributeKeys: string[]): Promise<ResourceAttributeResponse>;
     /**
      *  Async function, this function only send the updates request to SNS and return before the change actually took place
      * @param accountId
@@ -38,9 +28,10 @@ export declare class AuthorizationAttributesService {
      * @param resourceAttributeOperations - Array of operations to do on resource attributes.
      * @return {Promise<ResourceAttributesOperation[]>} Array of sent operations
      *  */
-    updateResourceAttributesAsync(accountId: number, appName: string, callerActionIdentifier: string, resourceAttributeOperations: ResourceAttributesOperation[]): Promise<ResourceAttributesOperation[]>;
-    private sendSingleSnsMessage;
+    static updateResourceAttributesAsync(accountId: number, appName: string, callerActionIdentifier: string, resourceAttributeOperations: ResourceAttributesOperation[]): Promise<ResourceAttributesOperation[]>;
+    private static sendSingleSnsMessage;
     private static getSnsTopicArn;
+    private static getResourceAttributesUrl;
     /**
      * Checks we can contact the required SNS topic that used to send attribute updates to Authorization MS.
      * This function can be used as health check for services that updating resource attributes in async is crucial.
@@ -49,6 +40,6 @@ export declare class AuthorizationAttributesService {
      * However, this is the best we can do without actually push dummy messages to the SNS.
      * @return {Promise<boolean>} - true if succeeded
      */
-    asyncResourceAttributesHealthCheck(): Promise<boolean>;
+    static asyncResourceAttributesHealthCheck(): Promise<boolean>;
 }
 //# sourceMappingURL=authorization-attributes-service.d.ts.map

package/dist/authorization-attributes-service.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"authorization-attributes-service.d.ts","sourceRoot":"","sources":["../src/authorization-attributes-service.ts"],"names":[],"mappings":"AACA,OAAO,EAAO,aAAa,EAAE,UAAU,EAAE,MAAM,sCAAsC,CAAC;AAEtF,OAAO,EAAoB,gBAAgB,EAAE,MAAM,mCAAmC,CAAC;AACvF,OAAO,EACL,2BAA2B,EAC3B,yBAAyB,EACzB,2BAA2B,EAC5B,MAAM,4CAA4C,CAAC;AACpD,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAwB3C,qBAAa,8BAA8B;IACzC,OAAO,CAAC,MAAM,CAAC,OAAO,CAA8B;IACpD,OAAO,CAAC,MAAM,CAAC,SAAS,CAGb;IACX,OAAO,CAAC,UAAU,CAAa;IAC/B,OAAO,CAAC,YAAY,CAAkC;IACtD,OAAO,CAAC,MAAM,CAAS;IAEvB;;;;OAIG;gBACS,UAAU,CAAC,EAAE,UAAU,EAAE,YAAY,CAAC,EAAE,gBAAgB,CAAC,aAAa,CAAC;IAqBnF;;;;;;OAMG;IACG,wBAAwB,CAC5B,SAAS,EAAE,MAAM,EACjB,4BAA4B,EAAE,2BAA2B,EAAE,GAC1D,OAAO,CAAC,yBAAyB,CAAC;IA6BrC;;;;;;OAMG;IACG,wBAAwB,CAC5B,SAAS,EAAE,MAAM,EACjB,QAAQ,EAAE,QAAQ,EAClB,aAAa,EAAE,MAAM,EAAE,GACtB,OAAO,CAAC,yBAAyB,CAAC;IA+BrC;;;;;;;UAOM;IACA,6BAA6B,CACjC,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,MAAM,EACf,sBAAsB,EAAE,MAAM,EAC9B,2BAA2B,EAAE,2BAA2B,EAAE,GACzD,OAAO,CAAC,2BAA2B,EAAE,CAAC;YAY3B,oBAAoB;IA4BlC,OAAO,CAAC,MAAM,CAAC,cAAc;IAe7B;;;;;;;OAOG;IACG,kCAAkC,IAAI,OAAO,CAAC,OAAO,CAAC;CAoB7D"}
+{"version":3,"file":"authorization-attributes-service.d.ts","sourceRoot":"","sources":["../src/authorization-attributes-service.ts"],"names":[],"mappings":"AAIA,OAAO,EACL,2BAA2B,EAC3B,yBAAyB,EACzB,2BAA2B,EAC5B,MAAM,4CAA4C,CAAC;AACpD,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAU3C,qBAAa,8BAA8B;IACzC,OAAO,CAAC,MAAM,CAAC,OAAO,CAA8B;IACpD;;;;;;;OAOG;WACU,wBAAwB,CACnC,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,4BAA4B,EAAE,2BAA2B,EAAE,GAC1D,OAAO,CAAC,yBAAyB,CAAC;IAwBrC;;;;;;;OAOG;WACU,wBAAwB,CACnC,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,QAAQ,EAAE,QAAQ,EAClB,aAAa,EAAE,MAAM,EAAE,GACtB,OAAO,CAAC,yBAAyB,CAAC;IAyBrC;;;;;;;UAOM;WACO,6BAA6B,CACxC,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,MAAM,EACf,sBAAsB,EAAE,MAAM,EAC9B,2BAA2B,EAAE,2BAA2B,EAAE,GACzD,OAAO,CAAC,2BAA2B,EAAE,CAAC;mBAYpB,oBAAoB;IA4BzC,OAAO,CAAC,MAAM,CAAC,cAAc;IAe7B,OAAO,CAAC,MAAM,CAAC,wBAAwB;IAIvC;;;;;;;OAOG;WACU,kCAAkC,IAAI,OAAO,CAAC,OAAO,CAAC;CAiBpE"}

package/dist/authorization-attributes-service.js

@@ -1,126 +1,69 @@
 Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
 
 const chunk = require('lodash/chunk.js');
+const mondayFetch = require('@mondaydotcomorg/monday-fetch');
 const tridentBackendApi = require('@mondaydotcomorg/trident-backend-api');
 const mondaySns = require('@mondaydotcomorg/monday-sns');
-const mondayFetchApi = require('@mondaydotcomorg/monday-fetch-api');
 const authorizationInternalService = require('./authorization-internal-service.js');
 const attributionsService = require('./attributions-service.js');
 const constants_sns = require('./constants/sns.js');
-const constants = require('./constants.js');
 
 const _interopDefault = e => e && e.__esModule ? e : { default: e };
 
 const chunk__default = /*#__PURE__*/_interopDefault(chunk);
 
-function getDefaultFetchOptions() {
-    return {
-        retryPolicy: {
-            useRetries: true,
-            maxRetries: 3,
-            retryDelayMS: 10,
-        },
-        logPolicy: {
-            logErrors: 'error',
-            logRequests: 'info',
-        },
-    };
-}
 class AuthorizationAttributesService {
     static LOG_TAG = 'authorization_attributes';
-    static API_PATHS = {
-        UPSERT_RESOURCE_ATTRIBUTES: '/attributes/{accountId}/resource',
-        DELETE_RESOURCE_ATTRIBUTES: '/attributes/{accountId}/resource/{resourceType}/{resourceId}',
-    };
-    httpClient;
-    fetchOptions;
-    snsArn;
-    /**
-     * Public constructor to create the AuthorizationAttributesService instance.
-     * @param httpClient The HTTP client to use for API requests, if not provided, the default HTTP client from Api will be used.
-     * @param fetchOptions The fetch options to use for API requests, if not provided, the default fetch options will be used.
-     */
-    constructor(httpClient, fetchOptions) {
-        if (!httpClient) {
-            httpClient = tridentBackendApi.Api.getPart('httpClient');
-            if (!httpClient) {
-                throw new Error(constants.ERROR_MESSAGES.HTTP_CLIENT_NOT_INITIALIZED);
-            }
-        }
-        if (!fetchOptions) {
-            fetchOptions = getDefaultFetchOptions();
-        }
-        else {
-            fetchOptions = {
-                ...getDefaultFetchOptions(),
-                ...fetchOptions,
-            };
-        }
-        this.httpClient = httpClient;
-        this.fetchOptions = fetchOptions;
-        this.snsArn = AuthorizationAttributesService.getSnsTopicArn();
-    }
     /**
      * Upsert resource attributes synchronously, performing http call to the authorization MS to assign the given attributes to the given resource.
      * @param accountId
+     * @param userId
      * @param resourceAttributeAssignments - Array of resource (resourceType, resourceId) and attribute (key, value) pairs to upsert in the authorization MS.
      * e.g. [{ resourceType: 'board', resourceId: 123, key: 'board_kind', value: 'private' }]
      * @returns ResourceAttributeResponse - The affected (created and updated_ resource attributes assignments in the `attributes` field.
      */
-    async upsertResourceAttributes(accountId, resourceAttributeAssignments) {
+    static async upsertResourceAttributes(accountId, userId, resourceAttributeAssignments) {
+        const internalAuthToken = authorizationInternalService.AuthorizationInternalService.generateInternalAuthToken(accountId, userId);
         const attributionHeaders = attributionsService.getAttributionsFromApi();
-        try {
-            return await this.httpClient.fetch({
-                url: {
-                    appName: constants.APP_NAME,
-                    path: AuthorizationAttributesService.API_PATHS.UPSERT_RESOURCE_ATTRIBUTES.replace('{accountId}', accountId.toString()),
-                },
-                method: 'POST',
-                headers: {
-                    'Content-Type': 'application/json',
-                    ...attributionHeaders,
-                },
-                body: JSON.stringify({ resourceAttributeAssignments }),
-            }, this.fetchOptions);
-        }
-        catch (err) {
-            if (err instanceof mondayFetchApi.HttpFetcherError) {
-                throw new Error(constants.ERROR_MESSAGES.REQUEST_FAILED('upsertResourceAttributes', err.status, err.message));
-            }
-            throw err;
-        }
+        const response = await mondayFetch.fetch(this.getResourceAttributesUrl(accountId), {
+            method: 'POST',
+            headers: {
+                Authorization: internalAuthToken,
+                'Content-Type': 'application/json',
+                ...attributionHeaders,
+            },
+            timeout: authorizationInternalService.AuthorizationInternalService.getRequestTimeout(),
+            body: JSON.stringify({ resourceAttributeAssignments }),
+        }, authorizationInternalService.AuthorizationInternalService.getRequestFetchOptions());
+        const responseBody = await response.json();
+        authorizationInternalService.AuthorizationInternalService.throwOnHttpErrorIfNeeded(response, 'upsertResourceAttributesSync');
+        return { attributes: responseBody['attributes'] };
     }
     /**
      * Delete resource attributes assignments synchronously, performing http call to the authorization MS to delete the given attributes from the given singular resource.
      * @param accountId
+     * @param userId
      * @param resource - The resource (resourceType, resourceId) to delete the attributes for.
      * @param attributeKeys - Array of attribute keys to delete for the resource.
      * @returns ResourceAttributeResponse - The affected (deleted) resource attributes assignments in the `attributes` field.
      */
-    async deleteResourceAttributes(accountId, resource, attributeKeys) {
+    static async deleteResourceAttributes(accountId, userId, resource, attributeKeys) {
+        const internalAuthToken = authorizationInternalService.AuthorizationInternalService.generateInternalAuthToken(accountId, userId);
+        const url = `${this.getResourceAttributesUrl(accountId)}/${resource.type}/${resource.id}`;
         const attributionHeaders = attributionsService.getAttributionsFromApi();
-        try {
-            return await this.httpClient.fetch({
-                url: {
-                    appName: constants.APP_NAME,
-                    path: AuthorizationAttributesService.API_PATHS.DELETE_RESOURCE_ATTRIBUTES.replace('{accountId}', accountId.toString())
-                        .replace('{resourceType}', resource.type)
-                        .replace('{resourceId}', resource.id.toString()),
-                },
-                method: 'DELETE',
-                headers: {
-                    'Content-Type': 'application/json',
-                    ...attributionHeaders,
-                },
-                body: JSON.stringify({ keys: attributeKeys }),
-            }, this.fetchOptions);
-        }
-        catch (err) {
-            if (err instanceof mondayFetchApi.HttpFetcherError) {
-                throw new Error(constants.ERROR_MESSAGES.REQUEST_FAILED('deleteResourceAttributes', err.status, err.message));
-            }
-            throw err;
-        }
+        const response = await mondayFetch.fetch(url, {
+            method: 'DELETE',
+            headers: {
+                Authorization: internalAuthToken,
+                'Content-Type': 'application/json',
+                ...attributionHeaders,
+            },
+            timeout: authorizationInternalService.AuthorizationInternalService.getRequestTimeout(),
+            body: JSON.stringify({ keys: attributeKeys }),
+        }, authorizationInternalService.AuthorizationInternalService.getRequestFetchOptions());
+        const responseBody = await response.json();
+        authorizationInternalService.AuthorizationInternalService.throwOnHttpErrorIfNeeded(response, 'deleteResourceAttributesSync');
+        return { attributes: responseBody['attributes'] };
     }
     /**
      *  Async function, this function only send the updates request to SNS and return before the change actually took place
@@ -130,8 +73,8 @@ class AuthorizationAttributesService {
      * @param resourceAttributeOperations - Array of operations to do on resource attributes.
      * @return {Promise<ResourceAttributesOperation[]>} Array of sent operations
      *  */
-    async updateResourceAttributesAsync(accountId, appName, callerActionIdentifier, resourceAttributeOperations) {
-        const topicArn = this.snsArn;
+    static async updateResourceAttributesAsync(accountId, appName, callerActionIdentifier, resourceAttributeOperations) {
+        const topicArn = this.getSnsTopicArn();
         const sendToSnsPromises = [];
         const operationChucks = chunk__default.default(resourceAttributeOperations, constants_sns.ASYNC_RESOURCE_ATTRIBUTES_MAX_OPERATIONS_PER_MESSAGE);
         for (const operationsChunk of operationChucks) {
@@ -139,7 +82,7 @@ class AuthorizationAttributesService {
         }
         return (await Promise.all(sendToSnsPromises)).flat();
     }
-    async sendSingleSnsMessage(topicArn, accountId, appName, callerActionIdentifier, operations) {
+    static async sendSingleSnsMessage(topicArn, accountId, appName, callerActionIdentifier, operations) {
         const payload = {
             kind: constants_sns.RESOURCE_ATTRIBUTES_SNS_UPDATE_OPERATION_MESSAGE_KIND,
             payload: {
@@ -154,7 +97,7 @@ class AuthorizationAttributesService {
             return operations;
         }
         catch (error) {
-            authorizationInternalService.logger.error({ error, tag: AuthorizationAttributesService.LOG_TAG }, 'Authorization resource attributes async update: failed to send operations to SNS');
+            authorizationInternalService.logger.error({ error, tag: this.LOG_TAG }, 'Authorization resource attributes async update: failed to send operations to SNS');
             return [];
         }
     }
@@ -170,6 +113,9 @@ class AuthorizationAttributesService {
         }
         throw new Error('Unable to get sns topic arn from env variable');
     }
+    static getResourceAttributesUrl(accountId) {
+        return `${process.env.AUTHORIZATION_URL}/attributes/${accountId}/resource`;
+    }
     /**
      * Checks we can contact the required SNS topic that used to send attribute updates to Authorization MS.
      * This function can be used as health check for services that updating resource attributes in async is crucial.
@@ -178,18 +124,18 @@ class AuthorizationAttributesService {
      * However, this is the best we can do without actually push dummy messages to the SNS.
      * @return {Promise<boolean>} - true if succeeded
      */
-    async asyncResourceAttributesHealthCheck() {
+    static async asyncResourceAttributesHealthCheck() {
         try {
-            const requestedTopicArn = this.snsArn;
+            const requestedTopicArn = this.getSnsTopicArn();
             const attributes = await mondaySns.getTopicAttributes(requestedTopicArn);
             const isHealthy = !(!attributes || !('TopicArn' in attributes) || attributes.TopicArn !== requestedTopicArn);
             if (!isHealthy) {
-                authorizationInternalService.logger.error({ requestedTopicArn, snsReturnedAttributes: attributes, tag: AuthorizationAttributesService.LOG_TAG }, 'authorization-attributes-service failed in health check');
+                authorizationInternalService.logger.error({ requestedTopicArn, snsReturnedAttributes: attributes, tag: this.LOG_TAG }, 'authorization-attributes-service failed in health check');
             }
             return isHealthy;
         }
         catch (error) {
-            authorizationInternalService.logger.error({ error, tag: AuthorizationAttributesService.LOG_TAG }, 'authorization-attributes-service got error during health check');
+            authorizationInternalService.logger.error({ error, tag: this.LOG_TAG }, 'authorization-attributes-service got error during health check');
             return false;
         }
     }

package/dist/esm/authorization-attributes-service.d.ts

@@ -1,35 +1,25 @@
-import { FetcherConfig, HttpClient } from '@mondaydotcomorg/trident-backend-api';
-import { RecursivePartial } from '@mondaydotcomorg/monday-fetch-api';
 import { ResourceAttributeAssignment, ResourceAttributeResponse, ResourceAttributesOperation } from './types/authorization-attributes-contracts';
 import { Resource } from './types/general';
 export declare class AuthorizationAttributesService {
     private static LOG_TAG;
-    private static API_PATHS;
-    private httpClient;
-    private fetchOptions;
-    private snsArn;
-    /**
-     * Public constructor to create the AuthorizationAttributesService instance.
-     * @param httpClient The HTTP client to use for API requests, if not provided, the default HTTP client from Api will be used.
-     * @param fetchOptions The fetch options to use for API requests, if not provided, the default fetch options will be used.
-     */
-    constructor(httpClient?: HttpClient, fetchOptions?: RecursivePartial<FetcherConfig>);
     /**
      * Upsert resource attributes synchronously, performing http call to the authorization MS to assign the given attributes to the given resource.
      * @param accountId
+     * @param userId
      * @param resourceAttributeAssignments - Array of resource (resourceType, resourceId) and attribute (key, value) pairs to upsert in the authorization MS.
      * e.g. [{ resourceType: 'board', resourceId: 123, key: 'board_kind', value: 'private' }]
      * @returns ResourceAttributeResponse - The affected (created and updated_ resource attributes assignments in the `attributes` field.
      */
-    upsertResourceAttributes(accountId: number, resourceAttributeAssignments: ResourceAttributeAssignment[]): Promise<ResourceAttributeResponse>;
+    static upsertResourceAttributes(accountId: number, userId: number, resourceAttributeAssignments: ResourceAttributeAssignment[]): Promise<ResourceAttributeResponse>;
     /**
      * Delete resource attributes assignments synchronously, performing http call to the authorization MS to delete the given attributes from the given singular resource.
      * @param accountId
+     * @param userId
      * @param resource - The resource (resourceType, resourceId) to delete the attributes for.
      * @param attributeKeys - Array of attribute keys to delete for the resource.
      * @returns ResourceAttributeResponse - The affected (deleted) resource attributes assignments in the `attributes` field.
      */
-    deleteResourceAttributes(accountId: number, resource: Resource, attributeKeys: string[]): Promise<ResourceAttributeResponse>;
+    static deleteResourceAttributes(accountId: number, userId: number, resource: Resource, attributeKeys: string[]): Promise<ResourceAttributeResponse>;
     /**
      *  Async function, this function only send the updates request to SNS and return before the change actually took place
      * @param accountId
@@ -38,9 +28,10 @@ export declare class AuthorizationAttributesService {
      * @param resourceAttributeOperations - Array of operations to do on resource attributes.
      * @return {Promise<ResourceAttributesOperation[]>} Array of sent operations
      *  */
-    updateResourceAttributesAsync(accountId: number, appName: string, callerActionIdentifier: string, resourceAttributeOperations: ResourceAttributesOperation[]): Promise<ResourceAttributesOperation[]>;
-    private sendSingleSnsMessage;
+    static updateResourceAttributesAsync(accountId: number, appName: string, callerActionIdentifier: string, resourceAttributeOperations: ResourceAttributesOperation[]): Promise<ResourceAttributesOperation[]>;
+    private static sendSingleSnsMessage;
     private static getSnsTopicArn;
+    private static getResourceAttributesUrl;
     /**
      * Checks we can contact the required SNS topic that used to send attribute updates to Authorization MS.
      * This function can be used as health check for services that updating resource attributes in async is crucial.
@@ -49,6 +40,6 @@ export declare class AuthorizationAttributesService {
      * However, this is the best we can do without actually push dummy messages to the SNS.
      * @return {Promise<boolean>} - true if succeeded
      */
-    asyncResourceAttributesHealthCheck(): Promise<boolean>;
+    static asyncResourceAttributesHealthCheck(): Promise<boolean>;
 }
 //# sourceMappingURL=authorization-attributes-service.d.ts.map

package/dist/esm/authorization-attributes-service.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"authorization-attributes-service.d.ts","sourceRoot":"","sources":["../../src/authorization-attributes-service.ts"],"names":[],"mappings":"AACA,OAAO,EAAO,aAAa,EAAE,UAAU,EAAE,MAAM,sCAAsC,CAAC;AAEtF,OAAO,EAAoB,gBAAgB,EAAE,MAAM,mCAAmC,CAAC;AACvF,OAAO,EACL,2BAA2B,EAC3B,yBAAyB,EACzB,2BAA2B,EAC5B,MAAM,4CAA4C,CAAC;AACpD,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAwB3C,qBAAa,8BAA8B;IACzC,OAAO,CAAC,MAAM,CAAC,OAAO,CAA8B;IACpD,OAAO,CAAC,MAAM,CAAC,SAAS,CAGb;IACX,OAAO,CAAC,UAAU,CAAa;IAC/B,OAAO,CAAC,YAAY,CAAkC;IACtD,OAAO,CAAC,MAAM,CAAS;IAEvB;;;;OAIG;gBACS,UAAU,CAAC,EAAE,UAAU,EAAE,YAAY,CAAC,EAAE,gBAAgB,CAAC,aAAa,CAAC;IAqBnF;;;;;;OAMG;IACG,wBAAwB,CAC5B,SAAS,EAAE,MAAM,EACjB,4BAA4B,EAAE,2BAA2B,EAAE,GAC1D,OAAO,CAAC,yBAAyB,CAAC;IA6BrC;;;;;;OAMG;IACG,wBAAwB,CAC5B,SAAS,EAAE,MAAM,EACjB,QAAQ,EAAE,QAAQ,EAClB,aAAa,EAAE,MAAM,EAAE,GACtB,OAAO,CAAC,yBAAyB,CAAC;IA+BrC;;;;;;;UAOM;IACA,6BAA6B,CACjC,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,MAAM,EACf,sBAAsB,EAAE,MAAM,EAC9B,2BAA2B,EAAE,2BAA2B,EAAE,GACzD,OAAO,CAAC,2BAA2B,EAAE,CAAC;YAY3B,oBAAoB;IA4BlC,OAAO,CAAC,MAAM,CAAC,cAAc;IAe7B;;;;;;;OAOG;IACG,kCAAkC,IAAI,OAAO,CAAC,OAAO,CAAC;CAoB7D"}
+{"version":3,"file":"authorization-attributes-service.d.ts","sourceRoot":"","sources":["../../src/authorization-attributes-service.ts"],"names":[],"mappings":"AAIA,OAAO,EACL,2BAA2B,EAC3B,yBAAyB,EACzB,2BAA2B,EAC5B,MAAM,4CAA4C,CAAC;AACpD,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAU3C,qBAAa,8BAA8B;IACzC,OAAO,CAAC,MAAM,CAAC,OAAO,CAA8B;IACpD;;;;;;;OAOG;WACU,wBAAwB,CACnC,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,4BAA4B,EAAE,2BAA2B,EAAE,GAC1D,OAAO,CAAC,yBAAyB,CAAC;IAwBrC;;;;;;;OAOG;WACU,wBAAwB,CACnC,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,QAAQ,EAAE,QAAQ,EAClB,aAAa,EAAE,MAAM,EAAE,GACtB,OAAO,CAAC,yBAAyB,CAAC;IAyBrC;;;;;;;UAOM;WACO,6BAA6B,CACxC,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,MAAM,EACf,sBAAsB,EAAE,MAAM,EAC9B,2BAA2B,EAAE,2BAA2B,EAAE,GACzD,OAAO,CAAC,2BAA2B,EAAE,CAAC;mBAYpB,oBAAoB;IA4BzC,OAAO,CAAC,MAAM,CAAC,cAAc;IAe7B,OAAO,CAAC,MAAM,CAAC,wBAAwB;IAIvC;;;;;;;OAOG;WACU,kCAAkC,IAAI,OAAO,CAAC,OAAO,CAAC;CAiBpE"}

package/dist/esm/authorization-attributes-service.mjs

@@ -1,120 +1,63 @@
 import chunk from 'lodash/chunk.js';
+import { fetch } from '@mondaydotcomorg/monday-fetch';
 import { Api } from '@mondaydotcomorg/trident-backend-api';
 import { sendToSns, getTopicAttributes } from '@mondaydotcomorg/monday-sns';
-import { HttpFetcherError } from '@mondaydotcomorg/monday-fetch-api';
-import { logger } from './authorization-internal-service.mjs';
+import { AuthorizationInternalService, logger } from './authorization-internal-service.mjs';
 import { getAttributionsFromApi } from './attributions-service.mjs';
 import { ASYNC_RESOURCE_ATTRIBUTES_MAX_OPERATIONS_PER_MESSAGE, RESOURCE_ATTRIBUTES_SNS_ARN_SECRET_NAME, RESOURCE_ATTRIBUTES_SNS_UPDATE_OPERATION_MESSAGE_KIND } from './constants/sns.mjs';
-import { ERROR_MESSAGES, APP_NAME } from './constants.mjs';
 
-function getDefaultFetchOptions() {
-    return {
-        retryPolicy: {
-            useRetries: true,
-            maxRetries: 3,
-            retryDelayMS: 10,
-        },
-        logPolicy: {
-            logErrors: 'error',
-            logRequests: 'info',
-        },
-    };
-}
 class AuthorizationAttributesService {
     static LOG_TAG = 'authorization_attributes';
-    static API_PATHS = {
-        UPSERT_RESOURCE_ATTRIBUTES: '/attributes/{accountId}/resource',
-        DELETE_RESOURCE_ATTRIBUTES: '/attributes/{accountId}/resource/{resourceType}/{resourceId}',
-    };
-    httpClient;
-    fetchOptions;
-    snsArn;
-    /**
-     * Public constructor to create the AuthorizationAttributesService instance.
-     * @param httpClient The HTTP client to use for API requests, if not provided, the default HTTP client from Api will be used.
-     * @param fetchOptions The fetch options to use for API requests, if not provided, the default fetch options will be used.
-     */
-    constructor(httpClient, fetchOptions) {
-        if (!httpClient) {
-            httpClient = Api.getPart('httpClient');
-            if (!httpClient) {
-                throw new Error(ERROR_MESSAGES.HTTP_CLIENT_NOT_INITIALIZED);
-            }
-        }
-        if (!fetchOptions) {
-            fetchOptions = getDefaultFetchOptions();
-        }
-        else {
-            fetchOptions = {
-                ...getDefaultFetchOptions(),
-                ...fetchOptions,
-            };
-        }
-        this.httpClient = httpClient;
-        this.fetchOptions = fetchOptions;
-        this.snsArn = AuthorizationAttributesService.getSnsTopicArn();
-    }
     /**
      * Upsert resource attributes synchronously, performing http call to the authorization MS to assign the given attributes to the given resource.
      * @param accountId
+     * @param userId
      * @param resourceAttributeAssignments - Array of resource (resourceType, resourceId) and attribute (key, value) pairs to upsert in the authorization MS.
      * e.g. [{ resourceType: 'board', resourceId: 123, key: 'board_kind', value: 'private' }]
      * @returns ResourceAttributeResponse - The affected (created and updated_ resource attributes assignments in the `attributes` field.
      */
-    async upsertResourceAttributes(accountId, resourceAttributeAssignments) {
+    static async upsertResourceAttributes(accountId, userId, resourceAttributeAssignments) {
+        const internalAuthToken = AuthorizationInternalService.generateInternalAuthToken(accountId, userId);
         const attributionHeaders = getAttributionsFromApi();
-        try {
-            return await this.httpClient.fetch({
-                url: {
-                    appName: APP_NAME,
-                    path: AuthorizationAttributesService.API_PATHS.UPSERT_RESOURCE_ATTRIBUTES.replace('{accountId}', accountId.toString()),
-                },
-                method: 'POST',
-                headers: {
-                    'Content-Type': 'application/json',
-                    ...attributionHeaders,
-                },
-                body: JSON.stringify({ resourceAttributeAssignments }),
-            }, this.fetchOptions);
-        }
-        catch (err) {
-            if (err instanceof HttpFetcherError) {
-                throw new Error(ERROR_MESSAGES.REQUEST_FAILED('upsertResourceAttributes', err.status, err.message));
-            }
-            throw err;
-        }
+        const response = await fetch(this.getResourceAttributesUrl(accountId), {
+            method: 'POST',
+            headers: {
+                Authorization: internalAuthToken,
+                'Content-Type': 'application/json',
+                ...attributionHeaders,
+            },
+            timeout: AuthorizationInternalService.getRequestTimeout(),
+            body: JSON.stringify({ resourceAttributeAssignments }),
+        }, AuthorizationInternalService.getRequestFetchOptions());
+        const responseBody = await response.json();
+        AuthorizationInternalService.throwOnHttpErrorIfNeeded(response, 'upsertResourceAttributesSync');
+        return { attributes: responseBody['attributes'] };
     }
     /**
      * Delete resource attributes assignments synchronously, performing http call to the authorization MS to delete the given attributes from the given singular resource.
      * @param accountId
+     * @param userId
      * @param resource - The resource (resourceType, resourceId) to delete the attributes for.
      * @param attributeKeys - Array of attribute keys to delete for the resource.
      * @returns ResourceAttributeResponse - The affected (deleted) resource attributes assignments in the `attributes` field.
      */
-    async deleteResourceAttributes(accountId, resource, attributeKeys) {
+    static async deleteResourceAttributes(accountId, userId, resource, attributeKeys) {
+        const internalAuthToken = AuthorizationInternalService.generateInternalAuthToken(accountId, userId);
+        const url = `${this.getResourceAttributesUrl(accountId)}/${resource.type}/${resource.id}`;
         const attributionHeaders = getAttributionsFromApi();
-        try {
-            return await this.httpClient.fetch({
-                url: {
-                    appName: APP_NAME,
-                    path: AuthorizationAttributesService.API_PATHS.DELETE_RESOURCE_ATTRIBUTES.replace('{accountId}', accountId.toString())
-                        .replace('{resourceType}', resource.type)
-                        .replace('{resourceId}', resource.id.toString()),
-                },
-                method: 'DELETE',
-                headers: {
-                    'Content-Type': 'application/json',
-                    ...attributionHeaders,
-                },
-                body: JSON.stringify({ keys: attributeKeys }),
-            }, this.fetchOptions);
-        }
-        catch (err) {
-            if (err instanceof HttpFetcherError) {
-                throw new Error(ERROR_MESSAGES.REQUEST_FAILED('deleteResourceAttributes', err.status, err.message));
-            }
-            throw err;
-        }
+        const response = await fetch(url, {
+            method: 'DELETE',
+            headers: {
+                Authorization: internalAuthToken,
+                'Content-Type': 'application/json',
+                ...attributionHeaders,
+            },
+            timeout: AuthorizationInternalService.getRequestTimeout(),
+            body: JSON.stringify({ keys: attributeKeys }),
+        }, AuthorizationInternalService.getRequestFetchOptions());
+        const responseBody = await response.json();
+        AuthorizationInternalService.throwOnHttpErrorIfNeeded(response, 'deleteResourceAttributesSync');
+        return { attributes: responseBody['attributes'] };
     }
     /**
      *  Async function, this function only send the updates request to SNS and return before the change actually took place
@@ -124,8 +67,8 @@ class AuthorizationAttributesService {
      * @param resourceAttributeOperations - Array of operations to do on resource attributes.
      * @return {Promise<ResourceAttributesOperation[]>} Array of sent operations
      *  */
-    async updateResourceAttributesAsync(accountId, appName, callerActionIdentifier, resourceAttributeOperations) {
-        const topicArn = this.snsArn;
+    static async updateResourceAttributesAsync(accountId, appName, callerActionIdentifier, resourceAttributeOperations) {
+        const topicArn = this.getSnsTopicArn();
         const sendToSnsPromises = [];
         const operationChucks = chunk(resourceAttributeOperations, ASYNC_RESOURCE_ATTRIBUTES_MAX_OPERATIONS_PER_MESSAGE);
         for (const operationsChunk of operationChucks) {
@@ -133,7 +76,7 @@ class AuthorizationAttributesService {
         }
         return (await Promise.all(sendToSnsPromises)).flat();
     }
-    async sendSingleSnsMessage(topicArn, accountId, appName, callerActionIdentifier, operations) {
+    static async sendSingleSnsMessage(topicArn, accountId, appName, callerActionIdentifier, operations) {
         const payload = {
             kind: RESOURCE_ATTRIBUTES_SNS_UPDATE_OPERATION_MESSAGE_KIND,
             payload: {
@@ -148,7 +91,7 @@ class AuthorizationAttributesService {
             return operations;
         }
         catch (error) {
-            logger.error({ error, tag: AuthorizationAttributesService.LOG_TAG }, 'Authorization resource attributes async update: failed to send operations to SNS');
+            logger.error({ error, tag: this.LOG_TAG }, 'Authorization resource attributes async update: failed to send operations to SNS');
             return [];
         }
     }
@@ -164,6 +107,9 @@ class AuthorizationAttributesService {
         }
         throw new Error('Unable to get sns topic arn from env variable');
     }
+    static getResourceAttributesUrl(accountId) {
+        return `${process.env.AUTHORIZATION_URL}/attributes/${accountId}/resource`;
+    }
     /**
      * Checks we can contact the required SNS topic that used to send attribute updates to Authorization MS.
      * This function can be used as health check for services that updating resource attributes in async is crucial.
@@ -172,18 +118,18 @@ class AuthorizationAttributesService {
      * However, this is the best we can do without actually push dummy messages to the SNS.
      * @return {Promise<boolean>} - true if succeeded
      */
-    async asyncResourceAttributesHealthCheck() {
+    static async asyncResourceAttributesHealthCheck() {
         try {
-            const requestedTopicArn = this.snsArn;
+            const requestedTopicArn = this.getSnsTopicArn();
             const attributes = await getTopicAttributes(requestedTopicArn);
             const isHealthy = !(!attributes || !('TopicArn' in attributes) || attributes.TopicArn !== requestedTopicArn);
             if (!isHealthy) {
-                logger.error({ requestedTopicArn, snsReturnedAttributes: attributes, tag: AuthorizationAttributesService.LOG_TAG }, 'authorization-attributes-service failed in health check');
+                logger.error({ requestedTopicArn, snsReturnedAttributes: attributes, tag: this.LOG_TAG }, 'authorization-attributes-service failed in health check');
             }
             return isHealthy;
         }
         catch (error) {
-            logger.error({ error, tag: AuthorizationAttributesService.LOG_TAG }, 'authorization-attributes-service got error during health check');
+            logger.error({ error, tag: this.LOG_TAG }, 'authorization-attributes-service got error during health check');
             return false;
         }
     }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@mondaydotcomorg/monday-authorization",
-  "version": "2.1.1-feature-bashanye-remove-authorization-url-secret-usage.04a9d3c",
+  "version": "2.1.1",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
   "license": "BSD-3-Clause",

package/dist/constants.d.ts

@@ -1,6 +0,0 @@
-export declare const APP_NAME = "authorization";
-export declare const ERROR_MESSAGES: {
-    readonly HTTP_CLIENT_NOT_INITIALIZED: "MondayAuthorization: HTTP client is not initialized";
-    readonly REQUEST_FAILED: (method: string, status: number, reason: string) => string;
-};
-//# sourceMappingURL=constants.d.ts.map

package/dist/constants.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../src/constants.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,QAAQ,kBAAkB,CAAC;AAExC,eAAO,MAAM,cAAc;;sCAEA,MAAM,UAAU,MAAM,UAAU,MAAM;CAEvD,CAAC"}

package/dist/constants.js

@@ -1,10 +0,0 @@
-Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
-
-const APP_NAME = 'authorization';
-const ERROR_MESSAGES = {
-    HTTP_CLIENT_NOT_INITIALIZED: 'MondayAuthorization: HTTP client is not initialized',
-    REQUEST_FAILED: (method, status, reason) => `MondayAuthorization: [${method}] request failed with status ${status} with reason: ${reason}`,
-};
-
-exports.APP_NAME = APP_NAME;
-exports.ERROR_MESSAGES = ERROR_MESSAGES;

package/dist/esm/constants.d.ts

@@ -1,6 +0,0 @@
-export declare const APP_NAME = "authorization";
-export declare const ERROR_MESSAGES: {
-    readonly HTTP_CLIENT_NOT_INITIALIZED: "MondayAuthorization: HTTP client is not initialized";
-    readonly REQUEST_FAILED: (method: string, status: number, reason: string) => string;
-};
-//# sourceMappingURL=constants.d.ts.map

package/dist/esm/constants.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../../src/constants.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,QAAQ,kBAAkB,CAAC;AAExC,eAAO,MAAM,cAAc;;sCAEA,MAAM,UAAU,MAAM,UAAU,MAAM;CAEvD,CAAC"}

package/dist/esm/constants.mjs

@@ -1,7 +0,0 @@
-const APP_NAME = 'authorization';
-const ERROR_MESSAGES = {
-    HTTP_CLIENT_NOT_INITIALIZED: 'MondayAuthorization: HTTP client is not initialized',
-    REQUEST_FAILED: (method, status, reason) => `MondayAuthorization: [${method}] request failed with status ${status} with reason: ${reason}`,
-};
-
-export { APP_NAME, ERROR_MESSAGES };