@mondaydotcomorg/monday-authorization 3.5.3-feat-shaime-support-entity-attributes-in-authorization-sdk-a77c130 → 3.6.0-feat-shaime-support-entity-attributes-1-4c8e283

package/src/authorization-attributes-sns-service.ts

@@ -1,312 +0,0 @@
-import chunk from 'lodash/chunk.js';
-import { getTopicAttributes, sendToSns } from '@mondaydotcomorg/monday-sns';
-import {
-  ResourceAttributeAssignment,
-  ResourceAttributeOperation,
-  EntityAttributeOperation,
-  AttributeOperation,
-  EntityType,
-} from './types/authorization-attributes-contracts';
-import { EntityAttributeAssignment } from './entity-attribute-assignment';
-import { Resource } from './types/general';
-import { logger } from './authorization-internal-service';
-import {
-  ASYNC_RESOURCE_ATTRIBUTES_MAX_OPERATIONS_PER_MESSAGE,
-  ASYNC_ENTITY_ATTRIBUTES_MAX_OPERATIONS_PER_MESSAGE,
-  RESOURCE_ATTRIBUTES_SNS_UPDATE_OPERATION_MESSAGE_KIND,
-  ENTITY_ATTRIBUTES_SNS_UPDATE_OPERATION_MESSAGE_KIND,
-  RESOURCE_SNS_ARN_ENV_VAR_NAME,
-  ENTITY_SNS_ARN_ENV_VAR_NAME,
-  RESOURCE_SNS_DEV_TEST_NAME,
-  ENTITY_SNS_DEV_TEST_NAME,
-  SnsTopicType,
-} from './constants/sns';
-import type { TopicAttributesMap } from 'aws-sdk/clients/sns';
-import { IAuthorizationAttributesService } from './types/authorization-attributes-service.interface';
-
-/**
- * Service class for managing resource attributes asynchronously via SNS.
- * Provides asynchronous operations to create/update and delete attributes on resources.
- */
-export class AuthorizationAttributesSnsService implements IAuthorizationAttributesService {
-  private static LOG_TAG = 'authorization_attributes';
-  private resourceSnsArn: string;
-  private entitySnsArn: string;
-
-  /**
-   * Public constructor to create the AuthorizationAttributesSnsService instance.
-   */
-  constructor() {
-    this.resourceSnsArn = AuthorizationAttributesSnsService.getSnsTopicArn(SnsTopicType.RESOURCE);
-    this.entitySnsArn = AuthorizationAttributesSnsService.getSnsTopicArn(SnsTopicType.ENTITY);
-  }
-
-  /**
-   * Async function to upsert resource attributes using SNS.
-   * Sends the updates request to SNS and returns before the change actually took place.
-   * @param accountId The account ID
-   * @param appName App name of the calling app
-   * @param callerActionIdentifier Action identifier
-   * @param resourceAttributeAssignments Array of resource attribute assignments to upsert
-   * @return Promise with array of sent operations
-   */
-  async upsertResourceAttributes(
-    accountId: number,
-    resourceAttributeAssignments: ResourceAttributeAssignment[],
-    appName?: string,
-    callerActionIdentifier?: string
-  ): Promise<ResourceAttributeOperation[]> {
-    if (!appName || !callerActionIdentifier) {
-      throw new Error('appName and callerActionIdentifier are required for SNS service');
-    }
-    const operations: ResourceAttributeOperation[] = resourceAttributeAssignments.map(assignment => ({
-      ...assignment,
-      operationType: AttributeOperation.UPSERT,
-    }));
-    return this.updateResourceAttributes(accountId, appName, callerActionIdentifier, operations);
-  }
-
-  /**
-   * Async function to delete resource attributes using SNS.
-   * Sends the updates request to SNS and returns before the change actually took place.
-   * @param accountId The account ID
-   * @param appName App name of the calling app
-   * @param callerActionIdentifier Action identifier
-   * @param resource The resource (resourceType, resourceId)
-   * @param attributeKeys Array of attribute keys to delete
-   * @return Promise with array of sent operations
-   */
-  async deleteResourceAttributes(
-    accountId: number,
-    resource: Resource,
-    attributeKeys: string[],
-    appName?: string,
-    callerActionIdentifier?: string
-  ): Promise<ResourceAttributeOperation[]> {
-    if (!appName || !callerActionIdentifier) {
-      throw new Error('appName and callerActionIdentifier are required for SNS service');
-    }
-    const operations: ResourceAttributeOperation[] = attributeKeys.map(
-      key =>
-        ({
-          resourceType: resource.type,
-          resourceId: resource.id!,
-          key,
-          operationType: AttributeOperation.DELETE,
-        } as ResourceAttributeOperation)
-    );
-    return this.updateResourceAttributes(accountId, appName, callerActionIdentifier, operations);
-  }
-
-  /**
-   * Async function to upsert entity attributes using SNS.
-   * Sends the updates request to SNS and returns before the change actually took place.
-   * @param accountId The account ID
-   * @param appName App name of the calling app
-   * @param callerActionIdentifier Action identifier
-   * @param entityAttributeAssignments Array of entity attribute assignments to upsert
-   * @return Promise with array of sent operations
-   */
-  async upsertEntityAttributes(
-    accountId: number,
-    entityAttributeAssignments: EntityAttributeAssignment[],
-    appName?: string,
-    callerActionIdentifier?: string
-  ): Promise<EntityAttributeOperation[]> {
-    if (!appName || !callerActionIdentifier) {
-      throw new Error('appName and callerActionIdentifier are required for SNS service');
-    }
-    const operations: EntityAttributeOperation[] = entityAttributeAssignments.map(assignment => {
-      return {
-        entityId: assignment.entityId,
-        entityType: assignment.entityType,
-        key: assignment.attributeKey,
-        value: assignment.attributeValue,
-        operationType: AttributeOperation.UPSERT,
-      };
-    });
-    return this.updateEntityAttributes(accountId, appName, callerActionIdentifier, operations);
-  }
-
-  /**
-   * Async function to delete entity attributes using SNS.
-   * Sends the updates request to SNS and returns before the change actually took place.
-   * @param accountId The account ID
-   * @param appName App name of the calling app
-   * @param callerActionIdentifier Action identifier
-   * @param entityType The entity type
-   * @param entityId The entity ID
-   * @param attributeKeys Array of attribute keys to delete
-   * @return Promise with array of sent operations
-   */
-  async deleteEntityAttributes(
-    accountId: number,
-    entityType: EntityType | string,
-    entityId: number,
-    attributeKeys: string[],
-    appName?: string,
-    callerActionIdentifier?: string
-  ): Promise<EntityAttributeOperation[]> {
-    if (!appName || !callerActionIdentifier) {
-      throw new Error('appName and callerActionIdentifier are required for SNS service');
-    }
-    const operations: EntityAttributeOperation[] = attributeKeys.map(
-      key =>
-        ({
-          entityType: entityType,
-          entityId,
-          key,
-          operationType: AttributeOperation.DELETE,
-        } as EntityAttributeOperation)
-    );
-    return this.updateEntityAttributes(accountId, appName, callerActionIdentifier, operations);
-  }
-
-  /**
-   *  Async function, this function only send the updates request to SNS and return before the change actually took place
-   * @param accountId
-   * @param appName - App name of the calling app
-   * @param callerActionIdentifier - action identifier
-   * @param resourceAttributeOperations - Array of operations to do on resource attributes.
-   * @return {Promise<ResourceAttributesOperation[]>} Array of sent operations
-   *  */
-  async updateResourceAttributes(
-    accountId: number,
-    appName: string,
-    callerActionIdentifier: string,
-    resourceAttributeOperations: ResourceAttributeOperation[]
-  ): Promise<ResourceAttributeOperation[]> {
-    const topicArn: string = this.resourceSnsArn;
-    const sendToSnsPromises: Promise<ResourceAttributeOperation[]>[] = [];
-    const operationChucks = chunk(resourceAttributeOperations, ASYNC_RESOURCE_ATTRIBUTES_MAX_OPERATIONS_PER_MESSAGE);
-    for (const operationsChunk of operationChucks) {
-      sendToSnsPromises.push(
-        this.sendSingleSnsMessage(
-          topicArn,
-          accountId,
-          appName,
-          callerActionIdentifier,
-          operationsChunk,
-          RESOURCE_ATTRIBUTES_SNS_UPDATE_OPERATION_MESSAGE_KIND,
-          'Authorization resource attributes async update: failed to send operations to SNS'
-        )
-      );
-    }
-    return (await Promise.all(sendToSnsPromises)).flat();
-  }
-
-  /**
-   *  Async function, this function only send the updates request to SNS and return before the change actually took place
-   * @param accountId
-   * @param appName - App name of the calling app
-   * @param callerActionIdentifier - action identifier
-   * @param entityAttributeOperations - Array of operations to do on entity attributes.
-   * @return {Promise<EntityAttributeOperation[]>} Array of sent operations
-   *  */
-  async updateEntityAttributes(
-    accountId: number,
-    appName: string,
-    callerActionIdentifier: string,
-    entityAttributeOperations: EntityAttributeOperation[]
-  ): Promise<EntityAttributeOperation[]> {
-    const topicArn: string = this.entitySnsArn;
-    const sendToSnsPromises: Promise<EntityAttributeOperation[]>[] = [];
-    const operationChucks = chunk(entityAttributeOperations, ASYNC_ENTITY_ATTRIBUTES_MAX_OPERATIONS_PER_MESSAGE);
-    for (const operationsChunk of operationChucks) {
-      sendToSnsPromises.push(
-        this.sendSingleSnsMessage(
-          topicArn,
-          accountId,
-          appName,
-          callerActionIdentifier,
-          operationsChunk,
-          ENTITY_ATTRIBUTES_SNS_UPDATE_OPERATION_MESSAGE_KIND,
-          'Authorization entity attributes async update: failed to send operations to SNS'
-        )
-      );
-    }
-    return (await Promise.all(sendToSnsPromises)).flat();
-  }
-
-  private async sendSingleSnsMessage<T extends ResourceAttributeOperation | EntityAttributeOperation>(
-    topicArn: string,
-    accountId: number,
-    appName: string,
-    callerActionIdentifier: string,
-    operations: T[],
-    kind: string,
-    errorLogMessage: string
-  ): Promise<T[]> {
-    const payload = {
-      kind,
-      payload: {
-        accountId: accountId,
-        callerAppName: appName,
-        callerActionIdentifier: callerActionIdentifier,
-        operations: operations,
-      },
-    };
-    try {
-      await sendToSns(payload, topicArn);
-      return operations;
-    } catch (error) {
-      logger.error({ error, tag: AuthorizationAttributesSnsService.LOG_TAG }, errorLogMessage);
-      return [];
-    }
-  }
-
-  private static getSnsTopicArn(type: SnsTopicType): string {
-    let envVarName: string;
-    let devTestName: string;
-
-    switch (type) {
-      case SnsTopicType.ENTITY:
-        envVarName = ENTITY_SNS_ARN_ENV_VAR_NAME;
-        devTestName = ENTITY_SNS_DEV_TEST_NAME;
-        break;
-      default:
-        // Default to resource SNS constants
-        envVarName = RESOURCE_SNS_ARN_ENV_VAR_NAME;
-        devTestName = RESOURCE_SNS_DEV_TEST_NAME;
-        break;
-    }
-
-    const arnFromEnv: string | undefined = process.env[envVarName];
-    if (arnFromEnv) {
-      return arnFromEnv;
-    }
-    if (process.env.NODE_ENV === 'development' || process.env.NODE_ENV === 'test') {
-      return devTestName;
-    }
-    throw new Error(`Unable to get ${type} sns topic arn from env variable`);
-  }
-
-  /**
-   * Checks we can contact the required SNS topic that used to send attribute updates to Authorization MS.
-   * This function can be used as health check for services that updating resource attributes in async is crucial.
-   * Note this function only verify the POD can contact AWS SDK and the topic exists, but the user still might get
-   * errors when pushing for the SNS (e.g: in case the AWS role of the POD don't have permissions to push messages).
-   * However, this is the best we can do without actually push dummy messages to the SNS.
-   * @return {Promise<boolean>} - true if succeeded
-   */
-  async asyncResourceAttributesHealthCheck(): Promise<boolean> {
-    try {
-      const requestedTopicArn: string = this.resourceSnsArn;
-      const attributes: TopicAttributesMap = await getTopicAttributes(requestedTopicArn);
-      const isHealthy = !(!attributes || !('TopicArn' in attributes) || attributes.TopicArn !== requestedTopicArn);
-      if (!isHealthy) {
-        logger.error(
-          { requestedTopicArn, snsReturnedAttributes: attributes, tag: AuthorizationAttributesSnsService.LOG_TAG },
-          'authorization-attributes-service failed in health check'
-        );
-      }
-      return isHealthy;
-    } catch (error) {
-      logger.error(
-        { error, tag: AuthorizationAttributesSnsService.LOG_TAG },
-        'authorization-attributes-service got error during health check'
-      );
-      return false;
-    }
-  }
-}