@mondaydotcomorg/monday-authorization 3.5.1 → 3.5.3-feat-shaime-support-entity-attributes-in-authorization-sdk-e355942

package/dist/authorization-attributes-ms-service.d.ts

@@ -0,0 +1,95 @@
+import { ResourceAttributeAssignment } from './resource-attribute-assignment';
+import { EntityAttributeAssignment } from './entity-attribute-assignment';
+import { EntityType } from './types/authorization-attributes-contracts';
+import { IAuthorizationAttributesService } from './types/authorization-attributes-service.interface';
+import { Resource } from './types/general';
+import { ResourceAttributeOperation, EntityAttributeOperation } from './types/authorization-attributes-contracts';
+/**
+ * Service class for managing resource attributes in the authorization microservice.
+ * Provides synchronous HTTP operations to create/update and delete attributes on resources.
+ */
+export declare class AuthorizationAttributesMsService implements IAuthorizationAttributesService {
+    private static LOG_TAG;
+    private static httpClient;
+    /**
+     * Resets the cached HTTP client (useful for testing)
+     */
+    private static resetHttpClient;
+    /**
+     * Gets request headers including Authorization, Content-Type, and optional attribution headers
+     */
+    private static getRequestHeaders;
+    /**
+     * Validates that all messages are instances of the specified message class
+     */
+    private static validateMessages;
+    /**
+     * Generic helper for executing upsert requests
+     */
+    private static executeUpsertRequest;
+    /**
+     * Generic helper for executing delete requests
+     */
+    private static executeDeleteRequest;
+    /**
+     * Creates or updates resource attributes synchronously.
+     * @param accountId The account ID
+     * @param resourceAttributeAssignments Array of ResourceAttributeAssignment objects
+     * @returns Promise<void>
+     */
+    upsertResourceAttributes(accountId: number, resourceAttributeAssignments: ResourceAttributeAssignment[], _appName?: string, _callerActionIdentifier?: string): Promise<void>;
+    /**
+     * Deletes specific attributes from a resource synchronously.
+     * @param accountId The account ID
+     * @param resource Object with resourceType (string) and resourceId (number)
+     * @param attributeKeys Array of attribute key strings to delete
+     * @returns Promise<void>
+     */
+    deleteResourceAttributes(accountId: number, resource: Resource, attributeKeys: string[], _appName?: string, _callerActionIdentifier?: string): Promise<void>;
+    /**
+     * Creates or updates entity attributes synchronously.
+     * @param accountId The account ID
+     * @param entityAttributeAssignments Array of EntityAttributeAssignment objects
+     * @returns Promise<void>
+     */
+    upsertEntityAttributes(accountId: number, entityAttributeAssignments: EntityAttributeAssignment[], _appName?: string, _callerActionIdentifier?: string): Promise<void>;
+    /**
+     * Deletes specific attributes from an entity synchronously.
+     * @param accountId The account ID
+     * @param entityType The entity type
+     * @param entityId The entity ID
+     * @param attributeKeys Array of attribute key strings to delete
+     * @returns Promise<void>
+     */
+    deleteEntityAttributes(accountId: number, entityType: EntityType | string, entityId: number, attributeKeys: string[], _appName?: string, _callerActionIdentifier?: string): Promise<void>;
+    /**
+     * Updates resource attributes (batch operations).
+     * Note: MS service does not support batch operations directly.
+     * This method processes operations sequentially using upsert/delete methods.
+     * @param accountId The account ID
+     * @param appName App name (required for interface compatibility, but not used in MS service)
+     * @param callerActionIdentifier Action identifier (required for interface compatibility, but not used in MS service)
+     * @param resourceAttributeOperations Array of operations to perform
+     * @returns Promise<ResourceAttributesOperation[]> Array of processed operations
+     */
+    updateResourceAttributes(accountId: number, _appName: string, _callerActionIdentifier: string, resourceAttributeOperations: ResourceAttributeOperation[]): Promise<ResourceAttributeOperation[]>;
+    /**
+     * Updates entity attributes (batch operations).
+     * Note: MS service does not support batch operations directly.
+     * This method processes operations sequentially using upsert/delete methods.
+     * @param accountId The account ID
+     * @param appName App name (required for interface compatibility, but not used in MS service)
+     * @param callerActionIdentifier Action identifier (required for interface compatibility, but not used in MS service)
+     * @param entityAttributeOperations Array of operations to perform
+     * @returns Promise<EntityAttributesOperation[]> Array of processed operations
+     */
+    updateEntityAttributes(accountId: number, _appName: string, _callerActionIdentifier: string, entityAttributeOperations: EntityAttributeOperation[]): Promise<EntityAttributeOperation[]>;
+    /**
+     * Replaces path template parameters with actual values
+     * @param template Path template with placeholders like {accountId}
+     * @param params Object with parameter names and values
+     * @returns Path with all placeholders replaced
+     */
+    private static replacePathParams;
+}
+//# sourceMappingURL=authorization-attributes-ms-service.d.ts.map

package/dist/authorization-attributes-ms-service.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"authorization-attributes-ms-service.d.ts","sourceRoot":"","sources":["../src/authorization-attributes-ms-service.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,2BAA2B,EAAE,MAAM,iCAAiC,CAAC;AAC9E,OAAO,EAAE,yBAAyB,EAAE,MAAM,+BAA+B,CAAC;AAC1E,OAAO,EAAsB,UAAU,EAAE,MAAM,4CAA4C,CAAC;AAM5F,OAAO,EAAE,+BAA+B,EAAE,MAAM,oDAAoD,CAAC;AACrG,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAC3C,OAAO,EAAE,0BAA0B,EAAE,wBAAwB,EAAE,MAAM,4CAA4C,CAAC;AAWlH;;;GAGG;AACH,qBAAa,gCAAiC,YAAW,+BAA+B;IACtF,OAAO,CAAC,MAAM,CAAC,OAAO,CAAiC;IACvD,OAAO,CAAC,MAAM,CAAC,UAAU,CAAqD;IAE9E;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,eAAe;IAI9B;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,iBAAiB;IA+ChC;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,gBAAgB;IAsD/B;;OAEG;mBACkB,oBAAoB;IA4EzC;;OAEG;mBACkB,oBAAoB;IA2EzC;;;;;OAKG;IACG,wBAAwB,CAC5B,SAAS,EAAE,MAAM,EACjB,4BAA4B,EAAE,2BAA2B,EAAE,EAC3D,QAAQ,CAAC,EAAE,MAAM,EACjB,uBAAuB,CAAC,EAAE,MAAM,GAC/B,OAAO,CAAC,IAAI,CAAC;IAYhB;;;;;;OAMG;IACG,wBAAwB,CAC5B,SAAS,EAAE,MAAM,EACjB,QAAQ,EAAE,QAAQ,EAClB,aAAa,EAAE,MAAM,EAAE,EACvB,QAAQ,CAAC,EAAE,MAAM,EACjB,uBAAuB,CAAC,EAAE,MAAM,GAC/B,OAAO,CAAC,IAAI,CAAC;IAyBhB;;;;;OAKG;IACG,sBAAsB,CAC1B,SAAS,EAAE,MAAM,EACjB,0BAA0B,EAAE,yBAAyB,EAAE,EACvD,QAAQ,CAAC,EAAE,MAAM,EACjB,uBAAuB,CAAC,EAAE,MAAM,GAC/B,OAAO,CAAC,IAAI,CAAC;IAYhB;;;;;;;OAOG;IACG,sBAAsB,CAC1B,SAAS,EAAE,MAAM,EACjB,UAAU,EAAE,UAAU,GAAG,MAAM,EAC/B,QAAQ,EAAE,MAAM,EAChB,aAAa,EAAE,MAAM,EAAE,EACvB,QAAQ,CAAC,EAAE,MAAM,EACjB,uBAAuB,CAAC,EAAE,MAAM,GAC/B,OAAO,CAAC,IAAI,CAAC;IAoBhB;;;;;;;;;OASG;IACG,wBAAwB,CAC5B,SAAS,EAAE,MAAM,EACjB,QAAQ,EAAE,MAAM,EAChB,uBAAuB,EAAE,MAAM,EAC/B,2BAA2B,EAAE,0BAA0B,EAAE,GACxD,OAAO,CAAC,0BAA0B,EAAE,CAAC;IAoCxC;;;;;;;;;OASG;IACG,sBAAsB,CAC1B,SAAS,EAAE,MAAM,EACjB,QAAQ,EAAE,MAAM,EAChB,uBAAuB,EAAE,MAAM,EAC/B,yBAAyB,EAAE,wBAAwB,EAAE,GACpD,OAAO,CAAC,wBAAwB,EAAE,CAAC;IAyBtC;;;;;OAKG;IACH,OAAO,CAAC,MAAM,CAAC,iBAAiB;CAOjC"}

package/dist/authorization-attributes-ms-service.js

@@ -0,0 +1,362 @@
+Object.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });
+
+const tridentBackendApi = require('@mondaydotcomorg/trident-backend-api');
+const mondayJwt = require('@mondaydotcomorg/monday-jwt');
+const zod = require('zod');
+const resourceAttributeAssignment = require('./resource-attribute-assignment.js');
+const entityAttributeAssignment = require('./entity-attribute-assignment.js');
+const types_authorizationAttributesContracts = require('./types/authorization-attributes-contracts.js');
+const errors_argumentError = require('./errors/argument-error.js');
+const authorizationInternalService = require('./authorization-internal-service.js');
+const attributionsService = require('./attributions-service.js');
+const constants = require('./constants.js');
+const utils_validation = require('./utils/validation.js');
+
+const INTERNAL_APP_NAME = 'internal_ms';
+const UPSERT_RESOURCE_ATTRIBUTES_PATH = '/attributes/{accountId}/resource';
+const DELETE_RESOURCE_ATTRIBUTES_PATH = '/attributes/{accountId}/resource/{resourceType}/{resourceId}';
+const UPSERT_ENTITY_ATTRIBUTES_PATH = '/attributes/{accountId}/entity';
+const DELETE_ENTITY_ATTRIBUTES_PATH = '/attributes/{accountId}/entity/{entityType}/{entityId}';
+/**
+ * Service class for managing resource attributes in the authorization microservice.
+ * Provides synchronous HTTP operations to create/update and delete attributes on resources.
+ */
+class AuthorizationAttributesMsService {
+    static LOG_TAG = 'authorization_attributes_ms';
+    static httpClient = tridentBackendApi.Api.getPart('httpClient');
+    /**
+     * Resets the cached HTTP client (useful for testing)
+     */
+    static resetHttpClient() {
+        AuthorizationAttributesMsService.httpClient = undefined;
+    }
+    /**
+     * Gets request headers including Authorization, Content-Type, and optional attribution headers
+     */
+    static getRequestHeaders(accountId, userId) {
+        const headers = {
+            'Content-Type': 'application/json',
+        };
+        // Generate Authorization token
+        const authToken = mondayJwt.signAuthorizationHeader({
+            appName: INTERNAL_APP_NAME,
+            accountId,
+            userId,
+        });
+        headers.Authorization = authToken;
+        // Add attribution headers if available
+        const attributionHeaders = attributionsService.getAttributionsFromApi();
+        for (const key in attributionHeaders) {
+            if (Object.prototype.hasOwnProperty.call(attributionHeaders, key)) {
+                headers[key] = attributionHeaders[key];
+            }
+        }
+        // Add X-REQUEST-ID if available from context
+        try {
+            const tridentContext = tridentBackendApi.Api.getPart('context');
+            if (tridentContext?.runtimeAttributions) {
+                const outgoingHeaders = tridentContext.runtimeAttributions.buildOutgoingHeaders('HTTP_INTERNAL');
+                if (outgoingHeaders) {
+                    const attributionHeadersMap = {};
+                    for (const [key, value] of outgoingHeaders) {
+                        attributionHeadersMap[key] = value;
+                    }
+                    if (attributionHeadersMap['x-request-id']) {
+                        headers['X-REQUEST-ID'] = attributionHeadersMap['x-request-id'];
+                    }
+                }
+            }
+        }
+        catch (error) {
+            // Silently fail if context is not available
+            authorizationInternalService.logger.debug({ tag: AuthorizationAttributesMsService.LOG_TAG, error }, 'Failed to get request ID from context');
+        }
+        // Add X-REQUEST-START timestamp
+        headers['X-REQUEST-START'] = Math.floor(Date.now() / 1000).toString();
+        return headers;
+    }
+    /**
+     * Validates that all messages are instances of the specified message class
+     */
+    static validateMessages(attributesMessages, messageClass) {
+        // Validate messageClass is a function using Zod
+        const classSchema = zod.z.custom(value => typeof value === 'function', {
+            message: 'messageClass must be a class/constructor function',
+        });
+        try {
+            classSchema.parse(messageClass);
+        }
+        catch (error) {
+            if (error instanceof zod.z.ZodError) {
+                const firstError = error.issues[0];
+                throw new errors_argumentError.ArgumentError(firstError.message);
+            }
+            throw error;
+        }
+        const className = messageClass.name || 'ResourceAttributeAssignment';
+        // First validate it's an array
+        utils_validation.ValidationUtils.validateArray(attributesMessages, 'attributesMessages');
+        // Then use Zod to validate each item is an instance of the class
+        const schema = zod.z.array(zod.z.any()).refine(items => {
+            for (let i = 0; i < items.length; i++) {
+                if (!(items[i] instanceof messageClass)) {
+                    return false;
+                }
+            }
+            return true;
+        }, {
+            message: `All attributesMessages must be instances of ${className}`,
+        });
+        try {
+            schema.parse(attributesMessages);
+        }
+        catch (error) {
+            if (error instanceof zod.z.ZodError) {
+                // Find the first invalid index for a more specific error message
+                const invalidIndex = attributesMessages.findIndex(item => !(item instanceof messageClass));
+                if (invalidIndex !== -1) {
+                    throw new errors_argumentError.ArgumentError(`All attributesMessages must be instances of ${className}, but item at index ${invalidIndex} is not`);
+                }
+                const firstError = error.issues[0];
+                throw new errors_argumentError.ArgumentError(firstError.message);
+            }
+            throw error;
+        }
+    }
+    /**
+     * Generic helper for executing upsert requests
+     */
+    static async executeUpsertRequest(accountId, assignments, pathTemplate, requestBodyKey, assignmentClass, logPrefix, methodName) {
+        // Validate inputs
+        utils_validation.ValidationUtils.validateInteger(accountId, 'accountId');
+        utils_validation.ValidationUtils.validateArray(assignments, 'assignments');
+        if (!assignments.length) {
+            authorizationInternalService.logger.warn({ tag: AuthorizationAttributesMsService.LOG_TAG, accountId }, `${methodName} called with empty array`);
+            return;
+        }
+        // Validate all assignments are instances of the correct class
+        AuthorizationAttributesMsService.validateMessages(assignments, assignmentClass);
+        const requestBody = requestBodyKey === 'resourceAttributeAssignments'
+            ? { resourceAttributeAssignments: assignments }
+            : { entityAttributeAssignments: assignments };
+        if (!AuthorizationAttributesMsService.httpClient) {
+            throw new Error('AuthorizationAttributesMsService: HTTP client is not initialized');
+        }
+        const path = AuthorizationAttributesMsService.replacePathParams(pathTemplate, { accountId });
+        const headers = AuthorizationAttributesMsService.getRequestHeaders(accountId);
+        try {
+            authorizationInternalService.logger.info({ tag: AuthorizationAttributesMsService.LOG_TAG, accountId, count: assignments.length }, `Upserting ${logPrefix} attributes`);
+            await AuthorizationAttributesMsService.httpClient.fetch({
+                url: {
+                    appName: constants.APP_NAME,
+                    path,
+                },
+                method: 'POST',
+                headers,
+                body: JSON.stringify(requestBody),
+            }, {
+                timeout: authorizationInternalService.AuthorizationInternalService.getRequestTimeout(),
+                retryPolicy: authorizationInternalService.AuthorizationInternalService.getRetriesPolicy(),
+            });
+            authorizationInternalService.logger.debug({ tag: AuthorizationAttributesMsService.LOG_TAG, accountId, count: assignments.length }, `Successfully upserted ${logPrefix} attributes`);
+        }
+        catch (err) {
+            const error = err;
+            authorizationInternalService.logger.error({
+                tag: AuthorizationAttributesMsService.LOG_TAG,
+                method: methodName,
+                accountId,
+                error: error instanceof Error ? error.message : String(error),
+            }, `Failed in ${methodName}`);
+            throw error;
+        }
+    }
+    /**
+     * Generic helper for executing delete requests
+     */
+    static async executeDeleteRequest(accountId, pathTemplate, pathParams, keys, logPrefix, methodName, context = {}) {
+        // Validate inputs
+        utils_validation.ValidationUtils.validateInteger(accountId, 'accountId');
+        utils_validation.ValidationUtils.validateArray(keys, 'attributeKeys');
+        if (!keys.length) {
+            authorizationInternalService.logger.warn({ tag: this.LOG_TAG, accountId, ...pathParams }, `${methodName} called with empty keys array`);
+            return;
+        }
+        // Validate all keys are strings
+        utils_validation.ValidationUtils.validateStringArray(keys, 'attributeKeys');
+        // Build request body
+        const requestBody = {
+            keys,
+        };
+        if (!AuthorizationAttributesMsService.httpClient) {
+            throw new Error('AuthorizationAttributesMsService: HTTP client is not initialized');
+        }
+        const path = AuthorizationAttributesMsService.replacePathParams(pathTemplate, { accountId, ...pathParams });
+        const headers = AuthorizationAttributesMsService.getRequestHeaders(accountId);
+        try {
+            authorizationInternalService.logger.info({ tag: AuthorizationAttributesMsService.LOG_TAG, accountId, ...pathParams, keys }, `Deleting ${logPrefix} attributes`);
+            await AuthorizationAttributesMsService.httpClient.fetch({
+                url: {
+                    appName: constants.APP_NAME,
+                    path,
+                },
+                method: 'DELETE',
+                headers,
+                body: JSON.stringify(requestBody),
+            }, {
+                timeout: authorizationInternalService.AuthorizationInternalService.getRequestTimeout(),
+                retryPolicy: authorizationInternalService.AuthorizationInternalService.getRetriesPolicy(),
+            });
+            authorizationInternalService.logger.info({ tag: AuthorizationAttributesMsService.LOG_TAG, accountId, ...pathParams, keys }, `Successfully deleted ${logPrefix} attributes`);
+        }
+        catch (err) {
+            const error = err;
+            authorizationInternalService.logger.error({
+                tag: AuthorizationAttributesMsService.LOG_TAG,
+                method: methodName,
+                accountId,
+                ...pathParams,
+                ...context,
+                error: error instanceof Error ? error.message : String(error),
+            }, `Failed in ${methodName}`);
+            throw error;
+        }
+    }
+    /**
+     * Creates or updates resource attributes synchronously.
+     * @param accountId The account ID
+     * @param resourceAttributeAssignments Array of ResourceAttributeAssignment objects
+     * @returns Promise<void>
+     */
+    async upsertResourceAttributes(accountId, resourceAttributeAssignments, _appName, _callerActionIdentifier) {
+        return AuthorizationAttributesMsService.executeUpsertRequest(accountId, resourceAttributeAssignments, UPSERT_RESOURCE_ATTRIBUTES_PATH, 'resourceAttributeAssignments', resourceAttributeAssignment.ResourceAttributeAssignment, 'resource', 'upsertResourceAttributesSync');
+    }
+    /**
+     * Deletes specific attributes from a resource synchronously.
+     * @param accountId The account ID
+     * @param resource Object with resourceType (string) and resourceId (number)
+     * @param attributeKeys Array of attribute key strings to delete
+     * @returns Promise<void>
+     */
+    async deleteResourceAttributes(accountId, resource, attributeKeys, _appName, _callerActionIdentifier) {
+        // Validate resource object
+        if (!resource || typeof resource !== 'object') {
+            throw new errors_argumentError.ArgumentError('resource must be an object');
+        }
+        if (!resource.id) {
+            throw new errors_argumentError.ArgumentError('resource.id is required');
+        }
+        utils_validation.ValidationUtils.validateInteger(resource.id, 'resource.id');
+        utils_validation.ValidationUtils.validateString(resource.type, 'resource.type');
+        return AuthorizationAttributesMsService.executeDeleteRequest(accountId, DELETE_RESOURCE_ATTRIBUTES_PATH, {
+            resourceType: resource.type,
+            resourceId: resource.id,
+        }, attributeKeys, 'resource', 'deleteResourceAttributesSync', { resource });
+    }
+    /**
+     * Creates or updates entity attributes synchronously.
+     * @param accountId The account ID
+     * @param entityAttributeAssignments Array of EntityAttributeAssignment objects
+     * @returns Promise<void>
+     */
+    async upsertEntityAttributes(accountId, entityAttributeAssignments, _appName, _callerActionIdentifier) {
+        return AuthorizationAttributesMsService.executeUpsertRequest(accountId, entityAttributeAssignments, UPSERT_ENTITY_ATTRIBUTES_PATH, 'entityAttributeAssignments', entityAttributeAssignment.EntityAttributeAssignment, 'entity', 'upsertEntityAttributesSync');
+    }
+    /**
+     * Deletes specific attributes from an entity synchronously.
+     * @param accountId The account ID
+     * @param entityType The entity type
+     * @param entityId The entity ID
+     * @param attributeKeys Array of attribute key strings to delete
+     * @returns Promise<void>
+     */
+    async deleteEntityAttributes(accountId, entityType, entityId, attributeKeys, _appName, _callerActionIdentifier) {
+        if (!entityType || typeof entityType !== 'string' || entityType.trim() === '') {
+            throw new errors_argumentError.ArgumentError(`entityType must be a non-empty string, got: ${entityType}`);
+        }
+        utils_validation.ValidationUtils.validateInteger(entityId, 'entityId');
+        return AuthorizationAttributesMsService.executeDeleteRequest(accountId, DELETE_ENTITY_ATTRIBUTES_PATH, {
+            entityType,
+            entityId,
+        }, attributeKeys, 'entity', 'deleteEntityAttributesSync', { entityType, entityId });
+    }
+    /**
+     * Updates resource attributes (batch operations).
+     * Note: MS service does not support batch operations directly.
+     * This method processes operations sequentially using upsert/delete methods.
+     * @param accountId The account ID
+     * @param appName App name (required for interface compatibility, but not used in MS service)
+     * @param callerActionIdentifier Action identifier (required for interface compatibility, but not used in MS service)
+     * @param resourceAttributeOperations Array of operations to perform
+     * @returns Promise<ResourceAttributesOperation[]> Array of processed operations
+     */
+    async updateResourceAttributes(accountId, _appName, _callerActionIdentifier, resourceAttributeOperations) {
+        const processedOperations = [];
+        for (const operation of resourceAttributeOperations) {
+            if (operation.operationType === types_authorizationAttributesContracts.AttributeOperation.UPSERT) {
+                if (!operation.resourceId) {
+                    throw new errors_argumentError.ArgumentError('resourceId is required for upsert operation');
+                }
+                await this.upsertResourceAttributes(accountId, [
+                    new resourceAttributeAssignment.ResourceAttributeAssignment(operation.resourceId, operation.resourceType, operation.key, operation.value || ''),
+                ]);
+                processedOperations.push(operation);
+            }
+            else if (operation.operationType === types_authorizationAttributesContracts.AttributeOperation.DELETE) {
+                if (!operation.resourceId) {
+                    throw new errors_argumentError.ArgumentError('resourceId is required for delete operation');
+                }
+                await this.deleteResourceAttributes(accountId, {
+                    type: operation.resourceType,
+                    id: operation.resourceId,
+                }, [operation.key]);
+                processedOperations.push(operation);
+            }
+        }
+        return processedOperations;
+    }
+    /**
+     * Updates entity attributes (batch operations).
+     * Note: MS service does not support batch operations directly.
+     * This method processes operations sequentially using upsert/delete methods.
+     * @param accountId The account ID
+     * @param appName App name (required for interface compatibility, but not used in MS service)
+     * @param callerActionIdentifier Action identifier (required for interface compatibility, but not used in MS service)
+     * @param entityAttributeOperations Array of operations to perform
+     * @returns Promise<EntityAttributesOperation[]> Array of processed operations
+     */
+    async updateEntityAttributes(accountId, _appName, _callerActionIdentifier, entityAttributeOperations) {
+        const processedOperations = [];
+        for (const operation of entityAttributeOperations) {
+            if (operation.operationType === 'upsert') {
+                const upsertOp = operation;
+                await this.upsertEntityAttributes(accountId, [
+                    new entityAttributeAssignment.EntityAttributeAssignment(operation.entityId, operation.entityType, operation.key, upsertOp.value || ''),
+                ]);
+                processedOperations.push(operation);
+            }
+            else if (operation.operationType === 'delete') {
+                await this.deleteEntityAttributes(accountId, operation.entityType, operation.entityId, [
+                    operation.key,
+                ]);
+                processedOperations.push(operation);
+            }
+        }
+        return processedOperations;
+    }
+    /**
+     * Replaces path template parameters with actual values
+     * @param template Path template with placeholders like {accountId}
+     * @param params Object with parameter names and values
+     * @returns Path with all placeholders replaced
+     */
+    static replacePathParams(template, params) {
+        let path = template;
+        for (const [key, value] of Object.entries(params)) {
+            path = path.replace(`{${key}}`, String(value));
+        }
+        return path;
+    }
+}
+
+exports.AuthorizationAttributesMsService = AuthorizationAttributesMsService;

package/dist/authorization-attributes-service.d.ts

@@ -1,54 +1,33 @@
-import { FetcherConfig, HttpClient } from '@mondaydotcomorg/trident-backend-api';
-import { RecursivePartial } from '@mondaydotcomorg/monday-fetch-api';
-import { ResourceAttributeAssignment, ResourceAttributeResponse, ResourceAttributesOperation } from './types/authorization-attributes-contracts';
-import { Resource } from './types/general';
+import { IAuthorizationAttributesService } from './types/authorization-attributes-service.interface';
+/**
+ * Main service class for managing resource and entity attributes.
+ * Provides access to both direct (MS) and SNS operations.
+ *
+ * @example
+ * ```typescript
+ * const service = new AuthorizationAttributesService();
+ *
+ * // Use direct operations
+ * await service.direct().upsertResourceAttributes(accountId, assignments);
+ *
+ * // Use SNS operations
+ * await service.sns().upsertResourceAttributes(accountId, assignments, appName, actionId);
+ * ```
+ */
 export declare class AuthorizationAttributesService {
-    private static LOG_TAG;
-    private static API_PATHS;
-    private httpClient;
-    private fetchOptions;
-    private snsArn;
+    private _directService;
+    private _snsService;
     /**
-     * Public constructor to create the AuthorizationAttributesService instance.
-     * @param httpClient The HTTP client to use for API requests, if not provided, the default HTTP client from Api will be used.
-     * @param fetchOptions The fetch options to use for API requests, if not provided, the default fetch options will be used.
+     * Gets the direct (MS) service instance.
+     * Initializes the service on first access (lazy initialization).
+     * @returns IAuthorizationAttributesService instance
      */
-    constructor(httpClient?: HttpClient, fetchOptions?: RecursivePartial<FetcherConfig>);
+    direct(): IAuthorizationAttributesService;
     /**
-     * Upsert resource attributes synchronously, performing http call to the authorization MS to assign the given attributes to the given resource.
-     * @param accountId
-     * @param resourceAttributeAssignments - Array of resource (resourceType, resourceId) and attribute (key, value) pairs to upsert in the authorization MS.
-     * e.g. [{ resourceType: 'board', resourceId: 123, key: 'board_kind', value: 'private' }]
-     * @returns ResourceAttributeResponse - The affected (created and updated_ resource attributes assignments in the `attributes` field.
+     * Gets the SNS service instance.
+     * Initializes the service on first access (lazy initialization).
+     * @returns IAuthorizationAttributesService instance
      */
-    upsertResourceAttributes(accountId: number, resourceAttributeAssignments: ResourceAttributeAssignment[]): Promise<ResourceAttributeResponse>;
-    /**
-     * Delete resource attributes assignments synchronously, performing http call to the authorization MS to delete the given attributes from the given singular resource.
-     * @param accountId
-     * @param resource - The resource (resourceType, resourceId) to delete the attributes for.
-     * @param attributeKeys - Array of attribute keys to delete for the resource.
-     * @returns ResourceAttributeResponse - The affected (deleted) resource attributes assignments in the `attributes` field.
-     */
-    deleteResourceAttributes(accountId: number, resource: Resource, attributeKeys: string[]): Promise<ResourceAttributeResponse>;
-    /**
-     *  Async function, this function only send the updates request to SNS and return before the change actually took place
-     * @param accountId
-     * @param appName - App name of the calling app
-     * @param callerActionIdentifier - action identifier
-     * @param resourceAttributeOperations - Array of operations to do on resource attributes.
-     * @return {Promise<ResourceAttributesOperation[]>} Array of sent operations
-     *  */
-    updateResourceAttributesAsync(accountId: number, appName: string, callerActionIdentifier: string, resourceAttributeOperations: ResourceAttributesOperation[]): Promise<ResourceAttributesOperation[]>;
-    private sendSingleSnsMessage;
-    private static getSnsTopicArn;
-    /**
-     * Checks we can contact the required SNS topic that used to send attribute updates to Authorization MS.
-     * This function can be used as health check for services that updating resource attributes in async is crucial.
-     * Note this function only verify the POD can contact AWS SDK and the topic exists, but the user still might get
-     * errors when pushing for the SNS (e.g: in case the AWS role of the POD don't have permissions to push messages).
-     * However, this is the best we can do without actually push dummy messages to the SNS.
-     * @return {Promise<boolean>} - true if succeeded
-     */
-    asyncResourceAttributesHealthCheck(): Promise<boolean>;
+    sns(): IAuthorizationAttributesService;
 }
 //# sourceMappingURL=authorization-attributes-service.d.ts.map

package/dist/authorization-attributes-service.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"authorization-attributes-service.d.ts","sourceRoot":"","sources":["../src/authorization-attributes-service.ts"],"names":[],"mappings":"AACA,OAAO,EAAO,aAAa,EAAE,UAAU,EAAE,MAAM,sCAAsC,CAAC;AAEtF,OAAO,EAAoB,gBAAgB,EAAE,MAAM,mCAAmC,CAAC;AACvF,OAAO,EACL,2BAA2B,EAC3B,yBAAyB,EACzB,2BAA2B,EAC5B,MAAM,4CAA4C,CAAC;AACpD,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAY3C,qBAAa,8BAA8B;IACzC,OAAO,CAAC,MAAM,CAAC,OAAO,CAA8B;IACpD,OAAO,CAAC,MAAM,CAAC,SAAS,CAGb;IACX,OAAO,CAAC,UAAU,CAAa;IAC/B,OAAO,CAAC,YAAY,CAAkC;IACtD,OAAO,CAAC,MAAM,CAAS;IAEvB;;;;OAIG;gBACS,UAAU,CAAC,EAAE,UAAU,EAAE,YAAY,CAAC,EAAE,gBAAgB,CAAC,aAAa,CAAC;IAqBnF;;;;;;OAMG;IACG,wBAAwB,CAC5B,SAAS,EAAE,MAAM,EACjB,4BAA4B,EAAE,2BAA2B,EAAE,GAC1D,OAAO,CAAC,yBAAyB,CAAC;IA6BrC;;;;;;OAMG;IACG,wBAAwB,CAC5B,SAAS,EAAE,MAAM,EACjB,QAAQ,EAAE,QAAQ,EAClB,aAAa,EAAE,MAAM,EAAE,GACtB,OAAO,CAAC,yBAAyB,CAAC;IAkCrC;;;;;;;UAOM;IACA,6BAA6B,CACjC,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,MAAM,EACf,sBAAsB,EAAE,MAAM,EAC9B,2BAA2B,EAAE,2BAA2B,EAAE,GACzD,OAAO,CAAC,2BAA2B,EAAE,CAAC;YAY3B,oBAAoB;IA4BlC,OAAO,CAAC,MAAM,CAAC,cAAc;IAW7B;;;;;;;OAOG;IACG,kCAAkC,IAAI,OAAO,CAAC,OAAO,CAAC;CAoB7D"}
+{"version":3,"file":"authorization-attributes-service.d.ts","sourceRoot":"","sources":["../src/authorization-attributes-service.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,+BAA+B,EAAE,MAAM,oDAAoD,CAAC;AAErG;;;;;;;;;;;;;;GAcG;AACH,qBAAa,8BAA8B;IACzC,OAAO,CAAC,cAAc,CAAiD;IACvE,OAAO,CAAC,WAAW,CAAkD;IAErE;;;;OAIG;IACH,MAAM,IAAI,+BAA+B;IAOzC;;;;OAIG;IACH,GAAG,IAAI,+BAA+B;CAMvC"}