@mondaydotcomorg/monday-authorization 3.5.3-feat-shaime-support-entity-attributes-in-authorization-sdk-ade64f6 → 3.6.0-feat-shaime-support-entity-attributes-1-4c8e283

package/dist/esm/authorization-attributes-ms-service.mjs

@@ -1,367 +0,0 @@
-import { Api } from '@mondaydotcomorg/trident-backend-api';
-import { signAuthorizationHeader } from '@mondaydotcomorg/monday-jwt';
-import { z } from 'zod';
-import { ResourceAttributeAssignment } from './resource-attribute-assignment.mjs';
-import { EntityAttributeAssignment } from './entity-attribute-assignment.mjs';
-import { AttributeOperation } from './types/authorization-attributes-contracts.mjs';
-import { ArgumentError } from './errors/argument-error.mjs';
-import { logger, AuthorizationInternalService } from './authorization-internal-service.mjs';
-import { getAttributionsFromApi } from './attributions-service.mjs';
-import { APP_NAME } from './constants.mjs';
-import { ValidationUtils } from './utils/validation.mjs';
-
-const INTERNAL_APP_NAME = 'internal_ms';
-const UPSERT_RESOURCE_ATTRIBUTES_PATH = '/attributes/{accountId}/resource';
-const DELETE_RESOURCE_ATTRIBUTES_PATH = '/attributes/{accountId}/resource/{resourceType}/{resourceId}';
-const UPSERT_ENTITY_ATTRIBUTES_PATH = '/attributes/{accountId}/entity';
-const DELETE_ENTITY_ATTRIBUTES_PATH = '/attributes/{accountId}/entity/{entityType}/{entityId}';
-/**
- * Service class for managing resource attributes in the authorization microservice.
- * Provides synchronous HTTP operations to create/update and delete attributes on resources.
- */
-class AuthorizationAttributesMsService {
-    static LOG_TAG = 'authorization_attributes_ms';
-    static httpClient = Api.getPart('httpClient');
-    /**
-     * Creates or updates resource attributes synchronously.
-     * @param accountId The account ID
-     * @param resourceAttributeAssignments Array of ResourceAttributeAssignment objects
-     * @returns Promise<void>
-     */
-    async upsertResourceAttributes(accountId, resourceAttributeAssignments, _appName, _callerActionIdentifier) {
-        return AuthorizationAttributesMsService.executeUpsertRequest(accountId, resourceAttributeAssignments, UPSERT_RESOURCE_ATTRIBUTES_PATH, 'resourceAttributeAssignments', ResourceAttributeAssignment, 'resource', 'upsertResourceAttributes');
-    }
-    /**
-     * Deletes specific attributes from a resource synchronously.
-     * @param accountId The account ID
-     * @param resource Object with resourceType (string) and resourceId (number)
-     * @param attributeKeys Array of attribute key strings to delete
-     * @returns Promise<void>
-     */
-    async deleteResourceAttributes(accountId, resource, attributeKeys, _appName, _callerActionIdentifier) {
-        // Validate resource object
-        if (!resource || typeof resource !== 'object') {
-            throw new ArgumentError('resource must be an object');
-        }
-        if (!resource.id) {
-            throw new ArgumentError('resource.id is required');
-        }
-        ValidationUtils.validateInteger(resource.id, 'resource.id');
-        ValidationUtils.validateString(resource.type, 'resource.type');
-        return AuthorizationAttributesMsService.executeDeleteRequest(accountId, DELETE_RESOURCE_ATTRIBUTES_PATH, {
-            resourceType: resource.type,
-            resourceId: resource.id,
-        }, attributeKeys, 'resource', 'deleteResourceAttributesSync', { resource });
-    }
-    /**
-     * Creates or updates entity attributes synchronously.
-     * @param accountId The account ID
-     * @param entityAttributeAssignments Array of EntityAttributeAssignment objects
-     * @returns Promise<void>
-     */
-    async upsertEntityAttributes(accountId, entityAttributeAssignments, _appName, _callerActionIdentifier) {
-        return AuthorizationAttributesMsService.executeUpsertRequest(accountId, entityAttributeAssignments, UPSERT_ENTITY_ATTRIBUTES_PATH, 'entityAttributeAssignments', EntityAttributeAssignment, 'entity', 'upsertEntityAttributesSync');
-    }
-    /**
-     * Deletes specific attributes from an entity synchronously.
-     * @param accountId The account ID
-     * @param entityType The entity type
-     * @param entityId The entity ID
-     * @param attributeKeys Array of attribute key strings to delete
-     * @returns Promise<void>
-     */
-    async deleteEntityAttributes(accountId, entityType, entityId, attributeKeys, _appName, _callerActionIdentifier) {
-        if (!entityType || typeof entityType !== 'string' || entityType.trim() === '') {
-            throw new ArgumentError(`entityType must be a non-empty string, got: ${entityType}`);
-        }
-        ValidationUtils.validateInteger(entityId, 'entityId');
-        return AuthorizationAttributesMsService.executeDeleteRequest(accountId, DELETE_ENTITY_ATTRIBUTES_PATH, {
-            entityType,
-            entityId,
-        }, attributeKeys, 'entity', 'deleteEntityAttributesSync', { entityType, entityId });
-    }
-    /**
-     * Updates resource attributes (batch operations).
-     * Note: MS service does not support batch operations directly.
-     * This method processes operations sequentially using upsert/delete methods.
-     * @param accountId The account ID
-     * @param appName App name (required for interface compatibility, but not used in MS service)
-     * @param callerActionIdentifier Action identifier (required for interface compatibility, but not used in MS service)
-     * @param resourceAttributeOperations Array of operations to perform
-     * @returns Promise<ResourceAttributesOperation[]> Array of processed operations
-     */
-    async updateResourceAttributes(accountId, _appName, _callerActionIdentifier, resourceAttributeOperations) {
-        const processedOperations = [];
-        for (const operation of resourceAttributeOperations) {
-            if (operation.operationType === AttributeOperation.UPSERT) {
-                if (!operation.resourceId) {
-                    throw new ArgumentError('resourceId is required for upsert operation');
-                }
-                await this.upsertResourceAttributes(accountId, [
-                    new ResourceAttributeAssignment(operation.resourceId, operation.resourceType, operation.key, operation.value || ''),
-                ]);
-                processedOperations.push(operation);
-            }
-            else if (operation.operationType === AttributeOperation.DELETE) {
-                if (!operation.resourceId) {
-                    throw new ArgumentError('resourceId is required for delete operation');
-                }
-                await this.deleteResourceAttributes(accountId, {
-                    type: operation.resourceType,
-                    id: operation.resourceId,
-                }, [operation.key]);
-                processedOperations.push(operation);
-            }
-        }
-        return processedOperations;
-    }
-    /**
-     * Updates entity attributes (batch operations).
-     * Note: MS service does not support batch operations directly.
-     * This method processes operations sequentially using upsert/delete methods.
-     * @param accountId The account ID
-     * @param appName App name (required for interface compatibility, but not used in MS service)
-     * @param callerActionIdentifier Action identifier (required for interface compatibility, but not used in MS service)
-     * @param entityAttributeOperations Array of operations to perform
-     * @returns Promise<EntityAttributesOperation[]> Array of processed operations
-     */
-    async updateEntityAttributes(accountId, _appName, _callerActionIdentifier, entityAttributeOperations) {
-        const processedOperations = [];
-        for (const operation of entityAttributeOperations) {
-            if (operation.operationType === 'upsert') {
-                await this.upsertEntityAttributes(accountId, [
-                    new EntityAttributeAssignment(operation.entityId, operation.entityType, operation.key, operation.value || ''),
-                ]);
-                processedOperations.push(operation);
-            }
-            else if (operation.operationType === 'delete') {
-                await this.deleteEntityAttributes(accountId, operation.entityType, operation.entityId, [operation.key]);
-                processedOperations.push(operation);
-            }
-        }
-        return processedOperations;
-    }
-    /**
-     * Replaces path template parameters with actual values
-     * @param template Path template with placeholders like {accountId}
-     * @param params Object with parameter names and values
-     * @returns Path with all placeholders replaced
-     */
-    static replacePathParams(template, params) {
-        let path = template;
-        for (const [key, value] of Object.entries(params)) {
-            path = path.replace(`{${key}}`, String(value));
-        }
-        return path;
-    }
-    /**
-     * Generic helper for executing delete requests
-     */
-    static async executeDeleteRequest(accountId, pathTemplate, pathParams, keys, logPrefix, methodName, context = {}) {
-        // Validate inputs
-        ValidationUtils.validateInteger(accountId, 'accountId');
-        ValidationUtils.validateArray(keys, 'attributeKeys');
-        if (!keys.length) {
-            logger.warn({ tag: this.LOG_TAG, accountId, ...pathParams }, `${methodName} called with empty keys array`);
-            return;
-        }
-        // Validate all keys are strings
-        ValidationUtils.validateStringArray(keys, 'attributeKeys');
-        // Build request body
-        const requestBody = {
-            keys,
-        };
-        if (!AuthorizationAttributesMsService.httpClient) {
-            throw new Error('AuthorizationAttributesMsService: HTTP client is not initialized');
-        }
-        const path = AuthorizationAttributesMsService.replacePathParams(pathTemplate, { accountId, ...pathParams });
-        const headers = AuthorizationAttributesMsService.getRequestHeaders(accountId);
-        try {
-            logger.info({ tag: AuthorizationAttributesMsService.LOG_TAG, accountId, ...pathParams, keys }, `Deleting ${logPrefix} attributes`);
-            await AuthorizationAttributesMsService.httpClient.fetch({
-                url: {
-                    appName: APP_NAME,
-                    path,
-                },
-                method: 'DELETE',
-                headers,
-                body: JSON.stringify(requestBody),
-            }, {
-                timeout: AuthorizationInternalService.getRequestTimeout(),
-                retryPolicy: AuthorizationInternalService.getRetriesPolicy(),
-            });
-            logger.info({ tag: AuthorizationAttributesMsService.LOG_TAG, accountId, ...pathParams, keys }, `Successfully deleted ${logPrefix} attributes`);
-        }
-        catch (err) {
-            logger.error({
-                tag: AuthorizationAttributesMsService.LOG_TAG,
-                method: methodName,
-                accountId,
-                ...pathParams,
-                ...context,
-                error: err instanceof Error ? err.message : String(err),
-            }, `Failed in ${methodName}`);
-            throw err;
-        }
-    }
-    /**
-     * Gets request headers including Authorization, Content-Type, and optional attribution headers
-     */
-    static getRequestHeaders(accountId, userId) {
-        const headers = {
-            'Content-Type': 'application/json',
-        };
-        // Generate Authorization token
-        const authToken = signAuthorizationHeader({
-            appName: INTERNAL_APP_NAME,
-            accountId,
-            userId,
-        });
-        headers.Authorization = authToken;
-        // Add attribution headers if available
-        const attributionHeaders = getAttributionsFromApi();
-        for (const key in attributionHeaders) {
-            if (Object.prototype.hasOwnProperty.call(attributionHeaders, key)) {
-                headers[key] = attributionHeaders[key];
-            }
-        }
-        // Add X-REQUEST-ID if available from context
-        try {
-            const tridentContext = Api.getPart('context');
-            if (tridentContext?.runtimeAttributions) {
-                const outgoingHeaders = tridentContext.runtimeAttributions.buildOutgoingHeaders('HTTP_INTERNAL');
-                if (outgoingHeaders) {
-                    const attributionHeadersMap = {};
-                    for (const [key, value] of outgoingHeaders) {
-                        attributionHeadersMap[key] = value;
-                    }
-                    if (attributionHeadersMap['x-request-id']) {
-                        headers['X-REQUEST-ID'] = attributionHeadersMap['x-request-id'];
-                    }
-                }
-            }
-        }
-        catch (error) {
-            // Silently fail if context is not available
-            logger.debug({ tag: AuthorizationAttributesMsService.LOG_TAG, error }, 'Failed to get request ID from context');
-        }
-        // Add X-REQUEST-START timestamp
-        headers['X-REQUEST-START'] = Math.floor(Date.now() / 1000).toString();
-        return headers;
-    }
-    /**
-     * Validates that all messages are instances of the specified message class
-     */
-    static validateMessages(attributesMessages, messageClass) {
-        // Validate messageClass is a function using Zod
-        const classSchema = z.custom(value => typeof value === 'function', {
-            message: 'messageClass must be a class/constructor function',
-        });
-        try {
-            classSchema.parse(messageClass);
-        }
-        catch (error) {
-            if (error instanceof z.ZodError) {
-                const firstError = error.issues[0];
-                throw new ArgumentError(firstError.message);
-            }
-            throw error;
-        }
-        const className = messageClass.name || 'ResourceAttributeAssignment';
-        // First validate it's an array
-        ValidationUtils.validateArray(attributesMessages, 'attributesMessages');
-        // Then use Zod to validate each item is an instance of the class
-        const schema = z.array(z.any()).refine(items => {
-            for (let i = 0; i < items.length; i++) {
-                if (!(items[i] instanceof messageClass)) {
-                    return false;
-                }
-            }
-            return true;
-        }, {
-            message: `All attributesMessages must be instances of ${className}`,
-        });
-        try {
-            schema.parse(attributesMessages);
-        }
-        catch (error) {
-            if (error instanceof z.ZodError) {
-                // Find the first invalid index for a more specific error message
-                const invalidIndex = attributesMessages.findIndex(item => !(item instanceof messageClass));
-                if (invalidIndex !== -1) {
-                    throw new ArgumentError(`All attributesMessages must be instances of ${className}, but item at index ${invalidIndex} is not`);
-                }
-                const firstError = error.issues[0];
-                throw new ArgumentError(firstError.message);
-            }
-            throw error;
-        }
-    }
-    /**
-     * Generic helper for executing upsert requests
-     */
-    static async executeUpsertRequest(accountId, assignments, pathTemplate, requestBodyKey, assignmentClass, logPrefix, methodName) {
-        // Validate inputs
-        ValidationUtils.validateInteger(accountId, 'accountId');
-        ValidationUtils.validateArray(assignments, 'assignments');
-        if (!assignments.length) {
-            logger.warn({ tag: AuthorizationAttributesMsService.LOG_TAG, accountId }, `${methodName} called with empty array`);
-            return;
-        }
-        // Validate all assignments are instances of the correct class
-        AuthorizationAttributesMsService.validateMessages(assignments, assignmentClass);
-        const compatibileAssignments = assignments.map(assignment => {
-            if (assignment instanceof ResourceAttributeAssignment) {
-                return {
-                    resourceId: assignment.resourceId,
-                    resourceType: assignment.resourceType,
-                    key: assignment.attributeKey,
-                    value: assignment.attributeValue,
-                };
-            }
-            else {
-                return {
-                    entityId: assignment.entityId,
-                    entityType: assignment.entityType,
-                    key: assignment.attributeKey,
-                    value: assignment.attributeValue,
-                };
-            }
-        });
-        const requestBody = requestBodyKey === 'resourceAttributeAssignments'
-            ? { resourceAttributeAssignments: compatibileAssignments }
-            : { entityAttributeAssignments: compatibileAssignments };
-        if (!AuthorizationAttributesMsService.httpClient) {
-            throw new Error('AuthorizationAttributesMsService: HTTP client is not initialized');
-        }
-        const path = AuthorizationAttributesMsService.replacePathParams(pathTemplate, { accountId });
-        const headers = AuthorizationAttributesMsService.getRequestHeaders(accountId);
-        try {
-            logger.info({ tag: AuthorizationAttributesMsService.LOG_TAG, accountId, count: assignments.length }, `Upserting ${logPrefix} attributes`);
-            await AuthorizationAttributesMsService.httpClient.fetch({
-                url: {
-                    appName: APP_NAME,
-                    path,
-                },
-                method: 'POST',
-                headers,
-                body: JSON.stringify(requestBody),
-            }, {
-                timeout: AuthorizationInternalService.getRequestTimeout(),
-                retryPolicy: AuthorizationInternalService.getRetriesPolicy(),
-            });
-            logger.debug({ tag: AuthorizationAttributesMsService.LOG_TAG, accountId, count: assignments.length }, `Successfully upserted ${logPrefix} attributes`);
-        }
-        catch (err) {
-            logger.error({
-                tag: AuthorizationAttributesMsService.LOG_TAG,
-                method: methodName,
-                accountId,
-                error: err instanceof Error ? err.message : String(err),
-            }, `Failed in ${methodName}`);
-            throw err;
-        }
-    }
-}
-
-export { AuthorizationAttributesMsService };

package/dist/esm/authorization-attributes-sns-service.d.ts

@@ -1,90 +0,0 @@
-import { ResourceAttributeAssignment, ResourceAttributeOperation, EntityAttributeOperation, EntityType } from './types/authorization-attributes-contracts';
-import { EntityAttributeAssignment } from './entity-attribute-assignment';
-import { Resource } from './types/general';
-import { IAuthorizationAttributesService } from './types/authorization-attributes-service.interface';
-/**
- * Service class for managing resource attributes asynchronously via SNS.
- * Provides asynchronous operations to create/update and delete attributes on resources.
- */
-export declare class AuthorizationAttributesSnsService implements IAuthorizationAttributesService {
-    private static LOG_TAG;
-    private resourceSnsArn;
-    private entitySnsArn;
-    /**
-     * Public constructor to create the AuthorizationAttributesSnsService instance.
-     */
-    constructor();
-    /**
-     * Async function to upsert resource attributes using SNS.
-     * Sends the updates request to SNS and returns before the change actually took place.
-     * @param accountId The account ID
-     * @param appName App name of the calling app
-     * @param callerActionIdentifier Action identifier
-     * @param resourceAttributeAssignments Array of resource attribute assignments to upsert
-     * @return Promise with array of sent operations
-     */
-    upsertResourceAttributes(accountId: number, resourceAttributeAssignments: ResourceAttributeAssignment[], appName?: string, callerActionIdentifier?: string): Promise<ResourceAttributeOperation[]>;
-    /**
-     * Async function to delete resource attributes using SNS.
-     * Sends the updates request to SNS and returns before the change actually took place.
-     * @param accountId The account ID
-     * @param appName App name of the calling app
-     * @param callerActionIdentifier Action identifier
-     * @param resource The resource (resourceType, resourceId)
-     * @param attributeKeys Array of attribute keys to delete
-     * @return Promise with array of sent operations
-     */
-    deleteResourceAttributes(accountId: number, resource: Resource, attributeKeys: string[], appName?: string, callerActionIdentifier?: string): Promise<ResourceAttributeOperation[]>;
-    /**
-     * Async function to upsert entity attributes using SNS.
-     * Sends the updates request to SNS and returns before the change actually took place.
-     * @param accountId The account ID
-     * @param appName App name of the calling app
-     * @param callerActionIdentifier Action identifier
-     * @param entityAttributeAssignments Array of entity attribute assignments to upsert
-     * @return Promise with array of sent operations
-     */
-    upsertEntityAttributes(accountId: number, entityAttributeAssignments: EntityAttributeAssignment[], appName?: string, callerActionIdentifier?: string): Promise<EntityAttributeOperation[]>;
-    /**
-     * Async function to delete entity attributes using SNS.
-     * Sends the updates request to SNS and returns before the change actually took place.
-     * @param accountId The account ID
-     * @param appName App name of the calling app
-     * @param callerActionIdentifier Action identifier
-     * @param entityType The entity type
-     * @param entityId The entity ID
-     * @param attributeKeys Array of attribute keys to delete
-     * @return Promise with array of sent operations
-     */
-    deleteEntityAttributes(accountId: number, entityType: EntityType | string, entityId: number, attributeKeys: string[], appName?: string, callerActionIdentifier?: string): Promise<EntityAttributeOperation[]>;
-    /**
-     *  Async function, this function only send the updates request to SNS and return before the change actually took place
-     * @param accountId
-     * @param appName - App name of the calling app
-     * @param callerActionIdentifier - action identifier
-     * @param resourceAttributeOperations - Array of operations to do on resource attributes.
-     * @return {Promise<ResourceAttributesOperation[]>} Array of sent operations
-     *  */
-    updateResourceAttributes(accountId: number, appName: string, callerActionIdentifier: string, resourceAttributeOperations: ResourceAttributeOperation[]): Promise<ResourceAttributeOperation[]>;
-    /**
-     *  Async function, this function only send the updates request to SNS and return before the change actually took place
-     * @param accountId
-     * @param appName - App name of the calling app
-     * @param callerActionIdentifier - action identifier
-     * @param entityAttributeOperations - Array of operations to do on entity attributes.
-     * @return {Promise<EntityAttributeOperation[]>} Array of sent operations
-     *  */
-    updateEntityAttributes(accountId: number, appName: string, callerActionIdentifier: string, entityAttributeOperations: EntityAttributeOperation[]): Promise<EntityAttributeOperation[]>;
-    private sendSingleSnsMessage;
-    private static getSnsTopicArn;
-    /**
-     * Checks we can contact the required SNS topic that used to send attribute updates to Authorization MS.
-     * This function can be used as health check for services that updating resource attributes in async is crucial.
-     * Note this function only verify the POD can contact AWS SDK and the topic exists, but the user still might get
-     * errors when pushing for the SNS (e.g: in case the AWS role of the POD don't have permissions to push messages).
-     * However, this is the best we can do without actually push dummy messages to the SNS.
-     * @return {Promise<boolean>} - true if succeeded
-     */
-    asyncResourceAttributesHealthCheck(): Promise<boolean>;
-}
-//# sourceMappingURL=authorization-attributes-sns-service.d.ts.map

package/dist/esm/authorization-attributes-sns-service.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"authorization-attributes-sns-service.d.ts","sourceRoot":"","sources":["../../src/authorization-attributes-sns-service.ts"],"names":[],"mappings":"AAEA,OAAO,EACL,2BAA2B,EAC3B,0BAA0B,EAC1B,wBAAwB,EAExB,UAAU,EACX,MAAM,4CAA4C,CAAC;AACpD,OAAO,EAAE,yBAAyB,EAAE,MAAM,+BAA+B,CAAC;AAC1E,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAc3C,OAAO,EAAE,+BAA+B,EAAE,MAAM,oDAAoD,CAAC;AAErG;;;GAGG;AACH,qBAAa,iCAAkC,YAAW,+BAA+B;IACvF,OAAO,CAAC,MAAM,CAAC,OAAO,CAA8B;IACpD,OAAO,CAAC,cAAc,CAAS;IAC/B,OAAO,CAAC,YAAY,CAAS;IAE7B;;OAEG;;IAMH;;;;;;;;OAQG;IACG,wBAAwB,CAC5B,SAAS,EAAE,MAAM,EACjB,4BAA4B,EAAE,2BAA2B,EAAE,EAC3D,OAAO,CAAC,EAAE,MAAM,EAChB,sBAAsB,CAAC,EAAE,MAAM,GAC9B,OAAO,CAAC,0BAA0B,EAAE,CAAC;IAWxC;;;;;;;;;OASG;IACG,wBAAwB,CAC5B,SAAS,EAAE,MAAM,EACjB,QAAQ,EAAE,QAAQ,EAClB,aAAa,EAAE,MAAM,EAAE,EACvB,OAAO,CAAC,EAAE,MAAM,EAChB,sBAAsB,CAAC,EAAE,MAAM,GAC9B,OAAO,CAAC,0BAA0B,EAAE,CAAC;IAgBxC;;;;;;;;OAQG;IACG,sBAAsB,CAC1B,SAAS,EAAE,MAAM,EACjB,0BAA0B,EAAE,yBAAyB,EAAE,EACvD,OAAO,CAAC,EAAE,MAAM,EAChB,sBAAsB,CAAC,EAAE,MAAM,GAC9B,OAAO,CAAC,wBAAwB,EAAE,CAAC;IAgBtC;;;;;;;;;;OAUG;IACG,sBAAsB,CAC1B,SAAS,EAAE,MAAM,EACjB,UAAU,EAAE,UAAU,GAAG,MAAM,EAC/B,QAAQ,EAAE,MAAM,EAChB,aAAa,EAAE,MAAM,EAAE,EACvB,OAAO,CAAC,EAAE,MAAM,EAChB,sBAAsB,CAAC,EAAE,MAAM,GAC9B,OAAO,CAAC,wBAAwB,EAAE,CAAC;IAgBtC;;;;;;;UAOM;IACA,wBAAwB,CAC5B,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,MAAM,EACf,sBAAsB,EAAE,MAAM,EAC9B,2BAA2B,EAAE,0BAA0B,EAAE,GACxD,OAAO,CAAC,0BAA0B,EAAE,CAAC;IAoBxC;;;;;;;UAOM;IACA,sBAAsB,CAC1B,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,MAAM,EACf,sBAAsB,EAAE,MAAM,EAC9B,yBAAyB,EAAE,wBAAwB,EAAE,GACpD,OAAO,CAAC,wBAAwB,EAAE,CAAC;YAoBxB,oBAAoB;IA2BlC,OAAO,CAAC,MAAM,CAAC,cAAc;IA0B7B;;;;;;;OAOG;IACG,kCAAkC,IAAI,OAAO,CAAC,OAAO,CAAC;CAoB7D"}

package/dist/esm/authorization-attributes-sns-service.mjs

@@ -1,211 +0,0 @@
-import chunk from 'lodash/chunk.js';
-import { sendToSns, getTopicAttributes } from '@mondaydotcomorg/monday-sns';
-import { AttributeOperation } from './types/authorization-attributes-contracts.mjs';
-import { logger } from './authorization-internal-service.mjs';
-import { SnsTopicType, ASYNC_RESOURCE_ATTRIBUTES_MAX_OPERATIONS_PER_MESSAGE, RESOURCE_ATTRIBUTES_SNS_UPDATE_OPERATION_MESSAGE_KIND, ASYNC_ENTITY_ATTRIBUTES_MAX_OPERATIONS_PER_MESSAGE, ENTITY_ATTRIBUTES_SNS_UPDATE_OPERATION_MESSAGE_KIND, RESOURCE_SNS_ARN_ENV_VAR_NAME, RESOURCE_SNS_DEV_TEST_NAME, ENTITY_SNS_ARN_ENV_VAR_NAME, ENTITY_SNS_DEV_TEST_NAME } from './constants/sns.mjs';
-
-/**
- * Service class for managing resource attributes asynchronously via SNS.
- * Provides asynchronous operations to create/update and delete attributes on resources.
- */
-class AuthorizationAttributesSnsService {
-    static LOG_TAG = 'authorization_attributes';
-    resourceSnsArn;
-    entitySnsArn;
-    /**
-     * Public constructor to create the AuthorizationAttributesSnsService instance.
-     */
-    constructor() {
-        this.resourceSnsArn = AuthorizationAttributesSnsService.getSnsTopicArn(SnsTopicType.RESOURCE);
-        this.entitySnsArn = AuthorizationAttributesSnsService.getSnsTopicArn(SnsTopicType.ENTITY);
-    }
-    /**
-     * Async function to upsert resource attributes using SNS.
-     * Sends the updates request to SNS and returns before the change actually took place.
-     * @param accountId The account ID
-     * @param appName App name of the calling app
-     * @param callerActionIdentifier Action identifier
-     * @param resourceAttributeAssignments Array of resource attribute assignments to upsert
-     * @return Promise with array of sent operations
-     */
-    async upsertResourceAttributes(accountId, resourceAttributeAssignments, appName, callerActionIdentifier) {
-        if (!appName || !callerActionIdentifier) {
-            throw new Error('appName and callerActionIdentifier are required for SNS service');
-        }
-        const operations = resourceAttributeAssignments.map(assignment => ({
-            ...assignment,
-            operationType: AttributeOperation.UPSERT,
-        }));
-        return this.updateResourceAttributes(accountId, appName, callerActionIdentifier, operations);
-    }
-    /**
-     * Async function to delete resource attributes using SNS.
-     * Sends the updates request to SNS and returns before the change actually took place.
-     * @param accountId The account ID
-     * @param appName App name of the calling app
-     * @param callerActionIdentifier Action identifier
-     * @param resource The resource (resourceType, resourceId)
-     * @param attributeKeys Array of attribute keys to delete
-     * @return Promise with array of sent operations
-     */
-    async deleteResourceAttributes(accountId, resource, attributeKeys, appName, callerActionIdentifier) {
-        if (!appName || !callerActionIdentifier) {
-            throw new Error('appName and callerActionIdentifier are required for SNS service');
-        }
-        const operations = attributeKeys.map(key => ({
-            resourceType: resource.type,
-            resourceId: resource.id,
-            key,
-            operationType: AttributeOperation.DELETE,
-        }));
-        return this.updateResourceAttributes(accountId, appName, callerActionIdentifier, operations);
-    }
-    /**
-     * Async function to upsert entity attributes using SNS.
-     * Sends the updates request to SNS and returns before the change actually took place.
-     * @param accountId The account ID
-     * @param appName App name of the calling app
-     * @param callerActionIdentifier Action identifier
-     * @param entityAttributeAssignments Array of entity attribute assignments to upsert
-     * @return Promise with array of sent operations
-     */
-    async upsertEntityAttributes(accountId, entityAttributeAssignments, appName, callerActionIdentifier) {
-        if (!appName || !callerActionIdentifier) {
-            throw new Error('appName and callerActionIdentifier are required for SNS service');
-        }
-        const operations = entityAttributeAssignments.map(assignment => {
-            return {
-                entityId: assignment.entityId,
-                entityType: assignment.entityType,
-                key: assignment.attributeKey,
-                value: assignment.attributeValue,
-                operationType: AttributeOperation.UPSERT,
-            };
-        });
-        return this.updateEntityAttributes(accountId, appName, callerActionIdentifier, operations);
-    }
-    /**
-     * Async function to delete entity attributes using SNS.
-     * Sends the updates request to SNS and returns before the change actually took place.
-     * @param accountId The account ID
-     * @param appName App name of the calling app
-     * @param callerActionIdentifier Action identifier
-     * @param entityType The entity type
-     * @param entityId The entity ID
-     * @param attributeKeys Array of attribute keys to delete
-     * @return Promise with array of sent operations
-     */
-    async deleteEntityAttributes(accountId, entityType, entityId, attributeKeys, appName, callerActionIdentifier) {
-        if (!appName || !callerActionIdentifier) {
-            throw new Error('appName and callerActionIdentifier are required for SNS service');
-        }
-        const operations = attributeKeys.map(key => ({
-            entityType: entityType,
-            entityId,
-            key,
-            operationType: AttributeOperation.DELETE,
-        }));
-        return this.updateEntityAttributes(accountId, appName, callerActionIdentifier, operations);
-    }
-    /**
-     *  Async function, this function only send the updates request to SNS and return before the change actually took place
-     * @param accountId
-     * @param appName - App name of the calling app
-     * @param callerActionIdentifier - action identifier
-     * @param resourceAttributeOperations - Array of operations to do on resource attributes.
-     * @return {Promise<ResourceAttributesOperation[]>} Array of sent operations
-     *  */
-    async updateResourceAttributes(accountId, appName, callerActionIdentifier, resourceAttributeOperations) {
-        const topicArn = this.resourceSnsArn;
-        const sendToSnsPromises = [];
-        const operationChucks = chunk(resourceAttributeOperations, ASYNC_RESOURCE_ATTRIBUTES_MAX_OPERATIONS_PER_MESSAGE);
-        for (const operationsChunk of operationChucks) {
-            sendToSnsPromises.push(this.sendSingleSnsMessage(topicArn, accountId, appName, callerActionIdentifier, operationsChunk, RESOURCE_ATTRIBUTES_SNS_UPDATE_OPERATION_MESSAGE_KIND, 'Authorization resource attributes async update: failed to send operations to SNS'));
-        }
-        return (await Promise.all(sendToSnsPromises)).flat();
-    }
-    /**
-     *  Async function, this function only send the updates request to SNS and return before the change actually took place
-     * @param accountId
-     * @param appName - App name of the calling app
-     * @param callerActionIdentifier - action identifier
-     * @param entityAttributeOperations - Array of operations to do on entity attributes.
-     * @return {Promise<EntityAttributeOperation[]>} Array of sent operations
-     *  */
-    async updateEntityAttributes(accountId, appName, callerActionIdentifier, entityAttributeOperations) {
-        const topicArn = this.entitySnsArn;
-        const sendToSnsPromises = [];
-        const operationChucks = chunk(entityAttributeOperations, ASYNC_ENTITY_ATTRIBUTES_MAX_OPERATIONS_PER_MESSAGE);
-        for (const operationsChunk of operationChucks) {
-            sendToSnsPromises.push(this.sendSingleSnsMessage(topicArn, accountId, appName, callerActionIdentifier, operationsChunk, ENTITY_ATTRIBUTES_SNS_UPDATE_OPERATION_MESSAGE_KIND, 'Authorization entity attributes async update: failed to send operations to SNS'));
-        }
-        return (await Promise.all(sendToSnsPromises)).flat();
-    }
-    async sendSingleSnsMessage(topicArn, accountId, appName, callerActionIdentifier, operations, kind, errorLogMessage) {
-        const payload = {
-            kind,
-            payload: {
-                accountId: accountId,
-                callerAppName: appName,
-                callerActionIdentifier: callerActionIdentifier,
-                operations: operations,
-            },
-        };
-        try {
-            await sendToSns(payload, topicArn);
-            return operations;
-        }
-        catch (error) {
-            logger.error({ error, tag: AuthorizationAttributesSnsService.LOG_TAG }, errorLogMessage);
-            return [];
-        }
-    }
-    static getSnsTopicArn(type) {
-        let envVarName;
-        let devTestName;
-        switch (type) {
-            case SnsTopicType.ENTITY:
-                envVarName = ENTITY_SNS_ARN_ENV_VAR_NAME;
-                devTestName = ENTITY_SNS_DEV_TEST_NAME;
-                break;
-            default:
-                // Default to resource SNS constants
-                envVarName = RESOURCE_SNS_ARN_ENV_VAR_NAME;
-                devTestName = RESOURCE_SNS_DEV_TEST_NAME;
-                break;
-        }
-        const arnFromEnv = process.env[envVarName];
-        if (arnFromEnv) {
-            return arnFromEnv;
-        }
-        if (process.env.NODE_ENV === 'development' || process.env.NODE_ENV === 'test') {
-            return devTestName;
-        }
-        throw new Error(`Unable to get ${type} sns topic arn from env variable`);
-    }
-    /**
-     * Checks we can contact the required SNS topic that used to send attribute updates to Authorization MS.
-     * This function can be used as health check for services that updating resource attributes in async is crucial.
-     * Note this function only verify the POD can contact AWS SDK and the topic exists, but the user still might get
-     * errors when pushing for the SNS (e.g: in case the AWS role of the POD don't have permissions to push messages).
-     * However, this is the best we can do without actually push dummy messages to the SNS.
-     * @return {Promise<boolean>} - true if succeeded
-     */
-    async asyncResourceAttributesHealthCheck() {
-        try {
-            const requestedTopicArn = this.resourceSnsArn;
-            const attributes = await getTopicAttributes(requestedTopicArn);
-            const isHealthy = !(!attributes || !('TopicArn' in attributes) || attributes.TopicArn !== requestedTopicArn);
-            if (!isHealthy) {
-                logger.error({ requestedTopicArn, snsReturnedAttributes: attributes, tag: AuthorizationAttributesSnsService.LOG_TAG }, 'authorization-attributes-service failed in health check');
-            }
-            return isHealthy;
-        }
-        catch (error) {
-            logger.error({ error, tag: AuthorizationAttributesSnsService.LOG_TAG }, 'authorization-attributes-service got error during health check');
-            return false;
-        }
-    }
-}
-
-export { AuthorizationAttributesSnsService };