@mondaydotcomorg/monday-authorization 3.5.3-feat-shaime-support-entity-attributes-in-authorization-sdk-a77c130 → 3.6.0-feat-shaime-support-entity-attributes-1-f58d933

package/src/authorization-attributes-ms-service.ts

@@ -1,514 +0,0 @@
-import { Api, HttpClient } from '@mondaydotcomorg/trident-backend-api';
-import { signAuthorizationHeader } from '@mondaydotcomorg/monday-jwt';
-import { z } from 'zod';
-import { ResourceAttributeAssignment } from './resource-attribute-assignment';
-import { EntityAttributeAssignment } from './entity-attribute-assignment';
-import {
-  AttributeOperation,
-  EntityType,
-  ResourceAttributeOperation,
-  EntityAttributeOperation,
-} from './types/authorization-attributes-contracts';
-import { ArgumentError } from './errors/argument-error';
-import { AuthorizationInternalService, logger } from './authorization-internal-service';
-import { getAttributionsFromApi } from './attributions-service';
-import { APP_NAME } from './constants';
-import { ValidationUtils } from './utils/validation';
-import { IAuthorizationAttributesService } from './types/authorization-attributes-service.interface';
-import { Resource } from './types/general';
-const INTERNAL_APP_NAME = 'internal_ms';
-const UPSERT_RESOURCE_ATTRIBUTES_PATH = '/attributes/{accountId}/resource';
-const DELETE_RESOURCE_ATTRIBUTES_PATH = '/attributes/{accountId}/resource/{resourceType}/{resourceId}';
-const UPSERT_ENTITY_ATTRIBUTES_PATH = '/attributes/{accountId}/entity';
-const DELETE_ENTITY_ATTRIBUTES_PATH = '/attributes/{accountId}/entity/{entityType}/{entityId}';
-
-interface DeleteRequestBody {
-  keys: string[];
-}
-
-/**
- * Service class for managing resource attributes in the authorization microservice.
- * Provides synchronous HTTP operations to create/update and delete attributes on resources.
- */
-export class AuthorizationAttributesMsService implements IAuthorizationAttributesService {
-  private static LOG_TAG = 'authorization_attributes_ms';
-  private static httpClient: HttpClient | undefined = Api.getPart('httpClient');
-  /**
-   * Creates or updates resource attributes synchronously.
-   * @param accountId The account ID
-   * @param resourceAttributeAssignments Array of ResourceAttributeAssignment objects
-   * @returns Promise<void>
-   */
-  async upsertResourceAttributes(
-    accountId: number,
-    resourceAttributeAssignments: ResourceAttributeAssignment[],
-    _appName?: string,
-    _callerActionIdentifier?: string
-  ): Promise<void> {
-    return AuthorizationAttributesMsService.executeUpsertRequest(
-      accountId,
-      resourceAttributeAssignments,
-      UPSERT_RESOURCE_ATTRIBUTES_PATH,
-      'resourceAttributeAssignments',
-      ResourceAttributeAssignment,
-      'resource',
-      'upsertResourceAttributes'
-    );
-  }
-
-  /**
-   * Deletes specific attributes from a resource synchronously.
-   * @param accountId The account ID
-   * @param resource Object with resourceType (string) and resourceId (number)
-   * @param attributeKeys Array of attribute key strings to delete
-   * @returns Promise<void>
-   */
-  async deleteResourceAttributes(
-    accountId: number,
-    resource: Resource,
-    attributeKeys: string[],
-    _appName?: string,
-    _callerActionIdentifier?: string
-  ): Promise<void> {
-    // Validate resource object
-    if (!resource || typeof resource !== 'object') {
-      throw new ArgumentError('resource must be an object');
-    }
-    if (!resource.id) {
-      throw new ArgumentError('resource.id is required');
-    }
-    ValidationUtils.validateInteger(resource.id, 'resource.id');
-    ValidationUtils.validateString(resource.type, 'resource.type');
-
-    return AuthorizationAttributesMsService.executeDeleteRequest(
-      accountId,
-      DELETE_RESOURCE_ATTRIBUTES_PATH,
-      {
-        resourceType: resource.type,
-        resourceId: resource.id,
-      },
-      attributeKeys,
-      'resource',
-      'deleteResourceAttributesSync',
-      { resource }
-    );
-  }
-
-  /**
-   * Creates or updates entity attributes synchronously.
-   * @param accountId The account ID
-   * @param entityAttributeAssignments Array of EntityAttributeAssignment objects
-   * @returns Promise<void>
-   */
-  async upsertEntityAttributes(
-    accountId: number,
-    entityAttributeAssignments: EntityAttributeAssignment[],
-    _appName?: string,
-    _callerActionIdentifier?: string
-  ): Promise<void> {
-    return AuthorizationAttributesMsService.executeUpsertRequest(
-      accountId,
-      entityAttributeAssignments,
-      UPSERT_ENTITY_ATTRIBUTES_PATH,
-      'entityAttributeAssignments',
-      EntityAttributeAssignment,
-      'entity',
-      'upsertEntityAttributesSync'
-    );
-  }
-
-  /**
-   * Deletes specific attributes from an entity synchronously.
-   * @param accountId The account ID
-   * @param entityType The entity type
-   * @param entityId The entity ID
-   * @param attributeKeys Array of attribute key strings to delete
-   * @returns Promise<void>
-   */
-  async deleteEntityAttributes(
-    accountId: number,
-    entityType: EntityType | string,
-    entityId: number,
-    attributeKeys: string[],
-    _appName?: string,
-    _callerActionIdentifier?: string
-  ): Promise<void> {
-    if (!entityType || typeof entityType !== 'string' || entityType.trim() === '') {
-      throw new ArgumentError(`entityType must be a non-empty string, got: ${entityType}`);
-    }
-    ValidationUtils.validateInteger(entityId, 'entityId');
-
-    return AuthorizationAttributesMsService.executeDeleteRequest(
-      accountId,
-      DELETE_ENTITY_ATTRIBUTES_PATH,
-      {
-        entityType,
-        entityId,
-      },
-      attributeKeys,
-      'entity',
-      'deleteEntityAttributesSync',
-      { entityType, entityId }
-    );
-  }
-
-  /**
-   * Updates resource attributes (batch operations).
-   * Note: MS service does not support batch operations directly.
-   * This method processes operations sequentially using upsert/delete methods.
-   * @param accountId The account ID
-   * @param appName App name (required for interface compatibility, but not used in MS service)
-   * @param callerActionIdentifier Action identifier (required for interface compatibility, but not used in MS service)
-   * @param resourceAttributeOperations Array of operations to perform
-   * @returns Promise<ResourceAttributesOperation[]> Array of processed operations
-   */
-  async updateResourceAttributes(
-    accountId: number,
-    _appName: string,
-    _callerActionIdentifier: string,
-    resourceAttributeOperations: ResourceAttributeOperation[]
-  ): Promise<ResourceAttributeOperation[]> {
-    const processedOperations: ResourceAttributeOperation[] = [];
-
-    for (const operation of resourceAttributeOperations) {
-      if (operation.operationType === AttributeOperation.UPSERT) {
-        if (!operation.resourceId) {
-          throw new ArgumentError('resourceId is required for upsert operation');
-        }
-        await this.upsertResourceAttributes(accountId, [
-          new ResourceAttributeAssignment(
-            operation.resourceId,
-            operation.resourceType,
-            operation.key,
-            operation.value || ''
-          ),
-        ]);
-        processedOperations.push(operation);
-      } else if (operation.operationType === AttributeOperation.DELETE) {
-        if (!operation.resourceId) {
-          throw new ArgumentError('resourceId is required for delete operation');
-        }
-        await this.deleteResourceAttributes(
-          accountId,
-          {
-            type: operation.resourceType,
-            id: operation.resourceId,
-          },
-          [operation.key]
-        );
-        processedOperations.push(operation);
-      }
-    }
-
-    return processedOperations;
-  }
-
-  /**
-   * Updates entity attributes (batch operations).
-   * Note: MS service does not support batch operations directly.
-   * This method processes operations sequentially using upsert/delete methods.
-   * @param accountId The account ID
-   * @param appName App name (required for interface compatibility, but not used in MS service)
-   * @param callerActionIdentifier Action identifier (required for interface compatibility, but not used in MS service)
-   * @param entityAttributeOperations Array of operations to perform
-   * @returns Promise<EntityAttributesOperation[]> Array of processed operations
-   */
-  async updateEntityAttributes(
-    accountId: number,
-    _appName: string,
-    _callerActionIdentifier: string,
-    entityAttributeOperations: EntityAttributeOperation[]
-  ): Promise<EntityAttributeOperation[]> {
-    const processedOperations: EntityAttributeOperation[] = [];
-    for (const operation of entityAttributeOperations) {
-      if (operation.operationType === 'upsert') {
-        await this.upsertEntityAttributes(accountId, [
-          new EntityAttributeAssignment(operation.entityId, operation.entityType, operation.key, operation.value || ''),
-        ]);
-        processedOperations.push(operation);
-      } else if (operation.operationType === 'delete') {
-        await this.deleteEntityAttributes(accountId, operation.entityType, operation.entityId, [operation.key]);
-        processedOperations.push(operation);
-      }
-    }
-
-    return processedOperations;
-  }
-
-  /**
-   * Replaces path template parameters with actual values
-   * @param template Path template with placeholders like {accountId}
-   * @param params Object with parameter names and values
-   * @returns Path with all placeholders replaced
-   */
-  private static replacePathParams(template: string, params: Record<string, string | number>): string {
-    let path = template;
-    for (const [key, value] of Object.entries(params)) {
-      path = path.replace(`{${key}}`, String(value));
-    }
-    return path;
-  }
-
-  /**
-   * Generic helper for executing delete requests
-   */
-  private static async executeDeleteRequest(
-    accountId: number,
-    pathTemplate: string,
-    pathParams: Record<string, string | number>,
-    keys: string[],
-    logPrefix: string,
-    methodName: string,
-    context: Record<string, any> = {}
-  ): Promise<void> {
-    // Validate inputs
-    ValidationUtils.validateInteger(accountId, 'accountId');
-    ValidationUtils.validateArray(keys, 'attributeKeys');
-
-    if (!keys.length) {
-      logger.warn({ tag: this.LOG_TAG, accountId, ...pathParams }, `${methodName} called with empty keys array`);
-      return;
-    }
-
-    // Validate all keys are strings
-    ValidationUtils.validateStringArray(keys, 'attributeKeys');
-
-    // Build request body
-    const requestBody: DeleteRequestBody = {
-      keys,
-    };
-
-    if (!AuthorizationAttributesMsService.httpClient) {
-      throw new Error('AuthorizationAttributesMsService: HTTP client is not initialized');
-    }
-    const path = AuthorizationAttributesMsService.replacePathParams(pathTemplate, { accountId, ...pathParams });
-    const headers = AuthorizationAttributesMsService.getRequestHeaders(accountId);
-
-    try {
-      logger.info(
-        { tag: AuthorizationAttributesMsService.LOG_TAG, accountId, ...pathParams, keys },
-        `Deleting ${logPrefix} attributes`
-      );
-
-      await AuthorizationAttributesMsService.httpClient.fetch(
-        {
-          url: {
-            appName: APP_NAME,
-            path,
-          },
-          method: 'DELETE',
-          headers,
-          body: JSON.stringify(requestBody),
-        },
-        {
-          timeout: AuthorizationInternalService.getRequestTimeout(),
-          retryPolicy: AuthorizationInternalService.getRetriesPolicy(),
-        }
-      );
-
-      logger.info(
-        { tag: AuthorizationAttributesMsService.LOG_TAG, accountId, ...pathParams, keys },
-        `Successfully deleted ${logPrefix} attributes`
-      );
-    } catch (err) {
-      logger.error(
-        {
-          tag: AuthorizationAttributesMsService.LOG_TAG,
-          method: methodName,
-          accountId,
-          ...pathParams,
-          ...context,
-          error: err instanceof Error ? err.message : String(err),
-        },
-        `Failed in ${methodName}`
-      );
-      throw err;
-    }
-  }
-
-  /**
-   * Gets request headers including Authorization, Content-Type, and optional attribution headers
-   */
-  private static getRequestHeaders(accountId: number, userId?: number): Record<string, string> {
-    const headers: Record<string, string> = {
-      'Content-Type': 'application/json',
-    };
-
-    // Generate Authorization token
-    const authToken = signAuthorizationHeader({
-      appName: INTERNAL_APP_NAME,
-      accountId,
-      userId,
-    });
-    headers.Authorization = authToken;
-
-    // Add attribution headers if available
-    const attributionHeaders = getAttributionsFromApi();
-    for (const key in attributionHeaders) {
-      if (Object.prototype.hasOwnProperty.call(attributionHeaders, key)) {
-        headers[key] = attributionHeaders[key];
-      }
-    }
-
-    // Add X-REQUEST-ID if available from context
-    try {
-      const tridentContext = Api.getPart('context');
-      if (tridentContext?.runtimeAttributions) {
-        const outgoingHeaders = tridentContext.runtimeAttributions.buildOutgoingHeaders('HTTP_INTERNAL');
-        if (outgoingHeaders) {
-          const attributionHeadersMap: Record<string, string> = {};
-          for (const [key, value] of outgoingHeaders) {
-            attributionHeadersMap[key] = value;
-          }
-          if (attributionHeadersMap['x-request-id']) {
-            headers['X-REQUEST-ID'] = attributionHeadersMap['x-request-id'];
-          }
-        }
-      }
-    } catch (error) {
-      // Silently fail if context is not available
-      logger.debug({ tag: AuthorizationAttributesMsService.LOG_TAG, error }, 'Failed to get request ID from context');
-    }
-
-    // Add X-REQUEST-START timestamp
-    headers['X-REQUEST-START'] = Math.floor(Date.now() / 1000).toString();
-
-    return headers;
-  }
-
-  /**
-   * Validates that all messages are instances of the specified message class
-   */
-  private static validateMessages<T>(attributesMessages: T[], messageClass: abstract new (...args: any[]) => T): void {
-    // Validate messageClass is a function using Zod
-    const classSchema = z.custom<abstract new (...args: any[]) => T>(value => typeof value === 'function', {
-      message: 'messageClass must be a class/constructor function',
-    });
-
-    try {
-      classSchema.parse(messageClass);
-    } catch (error) {
-      if (error instanceof z.ZodError) {
-        const firstError = error.issues[0];
-        throw new ArgumentError(firstError.message);
-      }
-      throw error;
-    }
-
-    const className = messageClass.name || 'ResourceAttributeAssignment';
-
-    // First validate it's an array
-    ValidationUtils.validateArray(attributesMessages, 'attributesMessages');
-
-    // Then use Zod to validate each item is an instance of the class
-    const schema = z.array(z.any()).refine(
-      items => {
-        for (let i = 0; i < items.length; i++) {
-          if (!(items[i] instanceof messageClass)) {
-            return false;
-          }
-        }
-        return true;
-      },
-      {
-        message: `All attributesMessages must be instances of ${className}`,
-      }
-    );
-
-    try {
-      schema.parse(attributesMessages);
-    } catch (error) {
-      if (error instanceof z.ZodError) {
-        // Find the first invalid index for a more specific error message
-        const invalidIndex = attributesMessages.findIndex(item => !(item instanceof messageClass));
-        if (invalidIndex !== -1) {
-          throw new ArgumentError(
-            `All attributesMessages must be instances of ${className}, but item at index ${invalidIndex} is not`
-          );
-        }
-        const firstError = error.issues[0];
-        throw new ArgumentError(firstError.message);
-      }
-      throw error;
-    }
-  }
-
-  /**
-   * Generic helper for executing upsert requests
-   */
-  private static async executeUpsertRequest<T extends ResourceAttributeAssignment | EntityAttributeAssignment>(
-    accountId: number,
-    assignments: T[],
-    pathTemplate: string,
-    requestBodyKey: 'resourceAttributeAssignments' | 'entityAttributeAssignments',
-    assignmentClass: abstract new (...args: any[]) => T,
-    logPrefix: string,
-    methodName: string
-  ): Promise<void> {
-    // Validate inputs
-    ValidationUtils.validateInteger(accountId, 'accountId');
-    ValidationUtils.validateArray(assignments, 'assignments');
-
-    if (!assignments.length) {
-      logger.warn(
-        { tag: AuthorizationAttributesMsService.LOG_TAG, accountId },
-        `${methodName} called with empty array`
-      );
-      return;
-    }
-
-    // Validate all assignments are instances of the correct class
-    AuthorizationAttributesMsService.validateMessages(assignments, assignmentClass);
-    const assignmentDto = assignments.map(assignment => assignment.toDataTransferObject());
-
-    const requestBody =
-      requestBodyKey === 'resourceAttributeAssignments'
-        ? { resourceAttributeAssignments: assignmentDto }
-        : { entityAttributeAssignments: assignmentDto };
-
-    if (!AuthorizationAttributesMsService.httpClient) {
-      throw new Error('AuthorizationAttributesMsService: HTTP client is not initialized');
-    }
-    const path = AuthorizationAttributesMsService.replacePathParams(pathTemplate, { accountId });
-    const headers = AuthorizationAttributesMsService.getRequestHeaders(accountId);
-
-    try {
-      logger.info(
-        { tag: AuthorizationAttributesMsService.LOG_TAG, accountId, count: assignments.length },
-        `Upserting ${logPrefix} attributes`
-      );
-
-      await AuthorizationAttributesMsService.httpClient.fetch(
-        {
-          url: {
-            appName: APP_NAME,
-            path,
-          },
-          method: 'POST',
-          headers,
-          body: JSON.stringify(requestBody),
-        },
-        {
-          timeout: AuthorizationInternalService.getRequestTimeout(),
-          retryPolicy: AuthorizationInternalService.getRetriesPolicy(),
-        }
-      );
-
-      logger.debug(
-        { tag: AuthorizationAttributesMsService.LOG_TAG, accountId, count: assignments.length },
-        `Successfully upserted ${logPrefix} attributes`
-      );
-    } catch (err) {
-      logger.error(
-        {
-          tag: AuthorizationAttributesMsService.LOG_TAG,
-          method: methodName,
-          accountId,
-          error: err instanceof Error ? err.message : String(err),
-        },
-        `Failed in ${methodName}`
-      );
-      throw err;
-    }
-  }
-}