@mondaydotcomorg/monday-authorization 3.7.0-feat-shaime-support-entity-attributes-4-49e1de0 → 3.7.3

package/src/authorization-attributes-sns-service.ts

@@ -1,12 +1,11 @@
 import chunk from 'lodash/chunk.js';
 import { getTopicAttributes, sendToSns } from '@mondaydotcomorg/monday-sns';
 import {
-  ResourceAttributeAssignment,
-  ResourceAttributeOperation,
-  EntityAttributeOperation,
-  AttributeOperation,
+  ResourceAttributeUpsertOperation,
+  EntityAttributeUpsertOperation,
+  EntityAttributeDeleteOperation,
+  ResourceAttributeDeleteOperation,
 } from './types/authorization-attributes-contracts';
-import { EntityAttributeAssignment } from './entity-attribute-assignment';
 import { Resource } from './types/general';
 import { logger } from './authorization-internal-service';
 import {
@@ -20,15 +19,15 @@ import {
   ENTITY_SNS_DEV_TEST_NAME,
   SnsTopicType,
 } from './constants/sns';
-import type { TopicAttributesMap } from 'aws-sdk/clients/sns';
-import { AuthorizationAttributesService } from './types/authorization-attributes-service.interface';
+import { BaseAuthorizationAttributesService } from './base-authorization-attributes-service';
 import { EntityType } from './entity-attributes-constants';
+import type { TopicAttributesMap } from 'aws-sdk/clients/sns';
 
 /**
  * Service class for managing resource attributes asynchronously via SNS.
  * Provides asynchronous operations to create/update and delete attributes on resources.
  */
-export class AuthorizationAttributesSnsService implements AuthorizationAttributesService {
+export class AuthorizationAttributesSnsService extends BaseAuthorizationAttributesService {
   private static LOG_TAG = 'authorization_attributes';
   private resourceSnsArn: string;
   private entitySnsArn: string;
@@ -37,182 +36,178 @@ export class AuthorizationAttributesSnsService implements AuthorizationAttribute
    * Public constructor to create the AuthorizationAttributesSnsService instance.
    */
   constructor() {
+    super();
     this.resourceSnsArn = AuthorizationAttributesSnsService.getSnsTopicArn(SnsTopicType.RESOURCE);
     this.entitySnsArn = AuthorizationAttributesSnsService.getSnsTopicArn(SnsTopicType.ENTITY);
   }
 
   /**
-   * Async function to upsert resource attributes using SNS.
-   * Sends the updates request to SNS and returns before the change actually took place.
-   * @param accountId The account ID
-   * @param appName App name of the calling app
-   * @param callerActionIdentifier Action identifier
-   * @param resourceAttributeAssignments Array of resource attribute assignments to upsert
-   * @return Promise with array of sent operations
-   */
-  async upsertResourceAttributes(
-    accountId: number,
-    resourceAttributeAssignments: ResourceAttributeAssignment[],
-    appName?: string,
-    callerActionIdentifier?: string
-  ): Promise<ResourceAttributeOperation[]> {
-    if (!appName || !callerActionIdentifier) {
-      throw new Error('appName and callerActionIdentifier are required for SNS service');
-    }
-    const operations: ResourceAttributeOperation[] = resourceAttributeAssignments.map(assignment => ({
-      ...assignment,
-      operationType: AttributeOperation.UPSERT,
-    }));
-    return this.updateResourceAttributes(accountId, appName, callerActionIdentifier, operations);
-  }
-
-  /**
-   * Async function to delete resource attributes using SNS.
-   * Sends the updates request to SNS and returns before the change actually took place.
+   * Async function to delete a resource attribute using SNS.
+   * Sends the delete request to SNS and returns before the change actually took place.
    * @param accountId The account ID
+   * @param resource The resource (resourceType, resourceId)
+   * @param attributeKey Attribute key to delete
    * @param appName App name of the calling app
    * @param callerActionIdentifier Action identifier
-   * @param resource The resource (resourceType, resourceId)
-   * @param attributeKeys Array of attribute keys to delete
-   * @return Promise with array of sent operations
+   * @return Promise with sent operation
    */
   async deleteResourceAttributes(
     accountId: number,
     resource: Resource,
-    attributeKeys: string[],
+    attributeKey: string,
     appName?: string,
     callerActionIdentifier?: string
-  ): Promise<ResourceAttributeOperation[]> {
+  ): Promise<ResourceAttributeDeleteOperation> {
     if (!appName || !callerActionIdentifier) {
       throw new Error('appName and callerActionIdentifier are required for SNS service');
     }
-    const operations: ResourceAttributeOperation[] = attributeKeys.map(
-      key =>
-        ({
-          resourceType: resource.type,
-          resourceId: resource.id!,
-          key,
-          operationType: AttributeOperation.DELETE,
-        } as ResourceAttributeOperation)
+    const operation: ResourceAttributeDeleteOperation = await super.deleteResourceAttributes(
+      accountId,
+      resource,
+      attributeKey
     );
-    return this.updateResourceAttributes(accountId, appName, callerActionIdentifier, operations);
-  }
-
-  /**
-   * Async function to upsert entity attributes using SNS.
-   * Sends the updates request to SNS and returns before the change actually took place.
-   * @param accountId The account ID
-   * @param appName App name of the calling app
-   * @param callerActionIdentifier Action identifier
-   * @param entityAttributeAssignments Array of entity attribute assignments to upsert
-   * @return Promise with array of sent operations
-   */
-  async upsertEntityAttributes(
-    accountId: number,
-    entityAttributeAssignments: EntityAttributeAssignment[],
-    appName?: string,
-    callerActionIdentifier?: string
-  ): Promise<EntityAttributeOperation[]> {
-    if (!appName || !callerActionIdentifier) {
-      throw new Error('appName and callerActionIdentifier are required for SNS service');
-    }
-    const operations: EntityAttributeOperation[] = entityAttributeAssignments.map(assignment => {
-      return {
-        entityId: assignment.entityId,
-        entityType: assignment.entityType,
-        key: assignment.attributeKey,
-        value: assignment.attributeValue,
-        operationType: AttributeOperation.UPSERT,
-      };
-    });
-    return this.updateEntityAttributes(accountId, appName, callerActionIdentifier, operations);
+    const [result] = await this.sendOperationsToSns(
+      this.resourceSnsArn,
+      accountId,
+      appName,
+      callerActionIdentifier,
+      [operation],
+      ASYNC_RESOURCE_ATTRIBUTES_MAX_OPERATIONS_PER_MESSAGE,
+      RESOURCE_ATTRIBUTES_SNS_UPDATE_OPERATION_MESSAGE_KIND,
+      'Authorization resource attributes async delete: failed to send operations to SNS'
+    );
+    return result;
   }
 
   /**
-   * Async function to delete entity attributes using SNS.
-   * Sends the updates request to SNS and returns before the change actually took place.
+   * Async function to delete an entity attribute using SNS.
+   * Sends the delete request to SNS and returns before the change actually took place.
    * @param accountId The account ID
-   * @param appName App name of the calling app
-   * @param callerActionIdentifier Action identifier
    * @param entityType The entity type
    * @param entityId The entity ID
-   * @param attributeKeys Array of attribute keys to delete
-   * @return Promise with array of sent operations
+   * @param attributeKey Attribute key to delete
+   * @param appName App name of the calling app
+   * @param callerActionIdentifier Action identifier
+   * @return Promise with sent operation
    */
   async deleteEntityAttributes(
     accountId: number,
-    entityType: EntityType | string,
+    entityType: EntityType,
     entityId: number,
-    attributeKeys: string[],
+    attributeKey: string,
     appName?: string,
     callerActionIdentifier?: string
-  ): Promise<EntityAttributeOperation[]> {
+  ): Promise<EntityAttributeDeleteOperation> {
     if (!appName || !callerActionIdentifier) {
       throw new Error('appName and callerActionIdentifier are required for SNS service');
     }
-    const operations: EntityAttributeOperation[] = attributeKeys.map(
-      key =>
-        ({
-          entityType: entityType,
-          entityId,
-          key,
-          operationType: AttributeOperation.DELETE,
-        } as EntityAttributeOperation)
+    const operation: EntityAttributeDeleteOperation = await super.deleteEntityAttributes(
+      accountId,
+      entityType,
+      entityId,
+      attributeKey
     );
-    return this.updateEntityAttributes(accountId, appName, callerActionIdentifier, operations);
+    const [result] = await this.sendOperationsToSns(
+      this.entitySnsArn,
+      accountId,
+      appName,
+      callerActionIdentifier,
+      [operation],
+      ASYNC_ENTITY_ATTRIBUTES_MAX_OPERATIONS_PER_MESSAGE,
+      ENTITY_ATTRIBUTES_SNS_UPDATE_OPERATION_MESSAGE_KIND,
+      'Authorization entity attributes async delete: failed to send operations to SNS'
+    );
+    return result;
   }
 
   /**
-   *  Async function, this function only send the updates request to SNS and return before the change actually took place
+   *  Async function, this function only send the update request to SNS and return before the change actually took place
    * @param accountId
    * @param appName - App name of the calling app
    * @param callerActionIdentifier - action identifier
-   * @param resourceAttributeOperations - Array of operations to do on resource attributes.
-   * @return {Promise<ResourceAttributesOperation[]>} Array of sent operations
+   * @param resourceAttributeOperation - Operation to do on resource attribute.
+   * @return {Promise<ResourceAttributeUpsertOperation>} Sent operation
    *  */
   async updateResourceAttributes(
     accountId: number,
     appName: string,
     callerActionIdentifier: string,
-    resourceAttributeOperations: ResourceAttributeOperation[]
-  ): Promise<ResourceAttributeOperation[]> {
-    const topicArn: string = this.resourceSnsArn;
-    const sendToSnsPromises: Promise<ResourceAttributeOperation[]>[] = [];
-    const operationChucks = chunk(resourceAttributeOperations, ASYNC_RESOURCE_ATTRIBUTES_MAX_OPERATIONS_PER_MESSAGE);
-    for (const operationsChunk of operationChucks) {
-      sendToSnsPromises.push(
-        this.sendSingleSnsMessage(
-          topicArn,
-          accountId,
-          appName,
-          callerActionIdentifier,
-          operationsChunk,
-          RESOURCE_ATTRIBUTES_SNS_UPDATE_OPERATION_MESSAGE_KIND,
-          'Authorization resource attributes async update: failed to send operations to SNS'
-        )
-      );
-    }
-    return (await Promise.all(sendToSnsPromises)).flat();
+    resourceAttributeOperation: ResourceAttributeUpsertOperation
+  ): Promise<ResourceAttributeUpsertOperation> {
+    await super.updateResourceAttributes(accountId, appName, callerActionIdentifier, resourceAttributeOperation);
+    const [result] = await this.sendOperationsToSns(
+      this.resourceSnsArn,
+      accountId,
+      appName,
+      callerActionIdentifier,
+      [resourceAttributeOperation],
+      ASYNC_RESOURCE_ATTRIBUTES_MAX_OPERATIONS_PER_MESSAGE,
+      RESOURCE_ATTRIBUTES_SNS_UPDATE_OPERATION_MESSAGE_KIND,
+      'Authorization resource attributes async update: failed to send operations to SNS'
+    );
+    return result;
   }
 
   /**
-   *  Async function, this function only send the updates request to SNS and return before the change actually took place
+   *  Async function, this function only send the update request to SNS and return before the change actually took place
    * @param accountId
    * @param appName - App name of the calling app
    * @param callerActionIdentifier - action identifier
-   * @param entityAttributeOperations - Array of operations to do on entity attributes.
-   * @return {Promise<EntityAttributeOperation[]>} Array of sent operations
+   * @param entityAttributeOperation - Operation to do on entity attribute.
+   * @return {Promise<EntityAttributeUpsertOperation>} Sent operation
    *  */
   async updateEntityAttributes(
     accountId: number,
     appName: string,
     callerActionIdentifier: string,
-    entityAttributeOperations: EntityAttributeOperation[]
-  ): Promise<EntityAttributeOperation[]> {
-    const topicArn: string = this.entitySnsArn;
-    const sendToSnsPromises: Promise<EntityAttributeOperation[]>[] = [];
-    const operationChucks = chunk(entityAttributeOperations, ASYNC_ENTITY_ATTRIBUTES_MAX_OPERATIONS_PER_MESSAGE);
-    for (const operationsChunk of operationChucks) {
+    entityAttributeOperation: EntityAttributeUpsertOperation
+  ): Promise<EntityAttributeUpsertOperation> {
+    await super.updateEntityAttributes(accountId, appName, callerActionIdentifier, entityAttributeOperation);
+    const [result] = await this.sendOperationsToSns(
+      this.entitySnsArn,
+      accountId,
+      appName,
+      callerActionIdentifier,
+      [entityAttributeOperation],
+      ASYNC_ENTITY_ATTRIBUTES_MAX_OPERATIONS_PER_MESSAGE,
+      ENTITY_ATTRIBUTES_SNS_UPDATE_OPERATION_MESSAGE_KIND,
+      'Authorization entity attributes async update: failed to send operations to SNS'
+    );
+    return result;
+  }
+
+  /**
+   * Base function to send attribute operations to SNS.
+   * Chunks operations and sends them in parallel.
+   * @param topicArn The SNS topic ARN to send messages to
+   * @param accountId The account ID
+   * @param appName App name of the calling app
+   * @param callerActionIdentifier Action identifier
+   * @param operations Array of operations to send
+   * @param chunkSize Maximum number of operations per message
+   * @param messageKind The kind of message being sent
+   * @param errorLogMessage Error message to log if sending fails
+   * @return Promise with array of sent operations
+   */
+  private async sendOperationsToSns<
+    T extends
+      | ResourceAttributeUpsertOperation
+      | ResourceAttributeDeleteOperation
+      | EntityAttributeUpsertOperation
+      | EntityAttributeDeleteOperation
+  >(
+    topicArn: string,
+    accountId: number,
+    appName: string,
+    callerActionIdentifier: string,
+    operations: T[],
+    chunkSize: number,
+    messageKind: string,
+    errorLogMessage: string
+  ): Promise<T[]> {
+    const sendToSnsPromises: Promise<T[]>[] = [];
+    const operationChunks = chunk(operations, chunkSize);
+    for (const operationsChunk of operationChunks) {
       sendToSnsPromises.push(
         this.sendSingleSnsMessage(
           topicArn,
@@ -220,15 +215,21 @@ export class AuthorizationAttributesSnsService implements AuthorizationAttribute
           appName,
           callerActionIdentifier,
           operationsChunk,
-          ENTITY_ATTRIBUTES_SNS_UPDATE_OPERATION_MESSAGE_KIND,
-          'Authorization entity attributes async update: failed to send operations to SNS'
+          messageKind,
+          errorLogMessage
         )
       );
     }
     return (await Promise.all(sendToSnsPromises)).flat();
   }
 
-  private async sendSingleSnsMessage<T extends ResourceAttributeOperation | EntityAttributeOperation>(
+  private async sendSingleSnsMessage<
+    T extends
+      | ResourceAttributeUpsertOperation
+      | ResourceAttributeDeleteOperation
+      | EntityAttributeUpsertOperation
+      | EntityAttributeDeleteOperation
+  >(
     topicArn: string,
     accountId: number,
     appName: string,

package/src/authorization-service.ts

@@ -13,7 +13,7 @@ import {
   ScopeOptions,
 } from './types/scoped-actions-contracts';
 import { AuthorizationInternalService, logger } from './authorization-internal-service';
-import { getAttributionsFromApi, getProfile, PlatformProfile } from './attributions-service';
+import { getAttributionsFromApi, getProfile } from './attributions-service';
 import { GraphApi } from './clients/graph-api';
 import { PlatformApi } from './clients/platform-api';
 import { scopeToResource } from './utils/authorization.utils';
@@ -21,9 +21,6 @@ import { scopeToResource } from './utils/authorization.utils';
 const GRANTED_FEATURE_CACHE_EXPIRATION_SECONDS = 5 * 60;
 const PLATFORM_AUTHORIZE_PATH = '/internal_ms/authorization/authorize';
 
-const ALLOWED_SDK_PLATFORM_PROFILES_KEY = 'allowed-sdk-platform-profiles';
-const IN_RELEASE_SDK_PLATFORM_PROFILES_KEY = 'in-release-sdk-platform-profile';
-const PLATFORM_PROFILE_RELEASE_FF = 'sdk-platform-profiles';
 const NAVIGATE_CAN_ACTION_IN_SCOPE_TO_GRAPH_FF = 'navigate-can-action-in-scope-to-graph';
 
 export interface AuthorizeResponse {
@@ -149,28 +146,6 @@ export class AuthorizationService {
     return scopedActionResponseObjects[0].permit;
   }
 
-  private static getProfile(accountId: number, userId: number): PlatformProfile {
-    const appName: string = process.env.APP_NAME ?? 'INVALID_APP_NAME';
-    if (!this.igniteClient) {
-      logger.error({ tag: 'authorization-service' }, 'AuthorizationService: igniteClient is not set, failing request');
-      throw new Error('AuthorizationService: igniteClient is not set, failing request');
-    }
-    if (
-      this.igniteClient.configuration.getObjectValue<string[]>(ALLOWED_SDK_PLATFORM_PROFILES_KEY, []).includes(appName)
-    ) {
-      return getProfile();
-    }
-    if (
-      this.igniteClient.configuration
-        .getObjectValue<string[]>(IN_RELEASE_SDK_PLATFORM_PROFILES_KEY, [])
-        .includes(appName) &&
-      this.igniteClient.isReleased(PLATFORM_PROFILE_RELEASE_FF, { accountId, userId })
-    ) {
-      return getProfile();
-    }
-    return PlatformProfile.APP;
-  }
-
   static async canActionInScopeMultiple(
     accountId: number,
     userId: number,
@@ -193,7 +168,7 @@ export class AuthorizationService {
       scopedActionResponseObjects = await this.graphApi.checkPermissions(accountId, userId, scopedActions);
     } else {
       apiType = 'platform';
-      const profile = this.getProfile(accountId, userId);
+      const profile = getProfile();
       const internalAuthToken = AuthorizationInternalService.generateInternalAuthToken(accountId, userId);
 
       scopedActionResponseObjects = await this.platformApi.checkPermissions(
@@ -234,7 +209,7 @@ export class AuthorizationService {
     userId: number,
     authorizationRequestObjects: AuthorizationObject[]
   ): Promise<AuthorizeResponse> {
-    const profile = this.getProfile(accountId, userId);
+    const profile = getProfile();
     const internalAuthToken = AuthorizationInternalService.generateInternalAuthToken(accountId, userId);
     const startTime = performance.now();
     const attributionHeaders = getAttributionsFromApi();

package/src/base-attribute-assignment.ts

@@ -1,36 +1,20 @@
-import { ValidationUtils } from './utils/validation';
 import isEqual from 'lodash/isEqual.js';
-import { EntityAttributeAssignment, ResourceAttributeDelete } from './types/authorization-attributes-contracts';
 
 /**
  * Base class for attribute assignments (Resource or Entity)
  * Provides common validation and functionality
  */
-export abstract class BaseAttributeAssignment<TId extends number, TType extends string> {
-  public readonly id: TId;
-  public readonly type: TType;
+export abstract class BaseAttributeAssignment<T, R> {
+  public readonly id: number;
+  public readonly type: T;
   public readonly attributeKey: string;
   public readonly attributeValue: string;
 
-  constructor(
-    id: TId,
-    type: string,
-    attributeKey: string,
-    attributeValue: string,
-    validTypes: readonly string[],
-    idFieldName: string,
-    typeFieldName: string
-  ) {
-    const validated = ValidationUtils.validateAssignment<TType>(
-      { id, type, attributeKey, attributeValue },
-      validTypes as readonly TType[],
-      { id: idFieldName, type: typeFieldName }
-    );
-
-    this.id = validated.id as TId;
-    this.type = validated.type as TType;
-    this.attributeKey = validated.attributeKey;
-    this.attributeValue = validated.attributeValue;
+  constructor(id: number, type: T, attributeKey: string, attributeValue: string) {
+    this.id = id;
+    this.type = type;
+    this.attributeKey = attributeKey;
+    this.attributeValue = attributeValue;
   }
 
   /**
@@ -38,9 +22,9 @@ export abstract class BaseAttributeAssignment<TId extends number, TType extends
    * @param other Another assignment instance
    * @returns true if all properties are equal
    */
-  equals(other: BaseAttributeAssignment<TId, TType>): boolean {
+  equals(other: BaseAttributeAssignment<T, R>): boolean {
     return isEqual(this, other);
   }
 
-  abstract toDataTransferObject(): EntityAttributeAssignment | ResourceAttributeDelete;
+  abstract toDataTransferObject(): R;
 }

package/src/base-authorization-attributes-service.ts

@@ -0,0 +1,90 @@
+import { EntityType } from './entity-attributes-constants';
+import {
+  ResourceAttributeDeleteOperation,
+  EntityAttributeDeleteOperation,
+  ResourceAttributeUpsertOperation,
+  EntityAttributeUpsertOperation,
+  AttributeOperation,
+} from './types/authorization-attributes-contracts';
+import { Resource } from './types/general';
+import { ValidationUtils } from './utils/validation';
+
+/**
+ * Abstract base class for authorization attributes operations.
+ * Both MS (HTTP) and SNS (async) services extend this class.
+ */
+export abstract class BaseAuthorizationAttributesService {
+  /**
+   * Deletes a resource attribute.
+   * Returns Promise<ResourceAttributeDeleteOperation>
+   */
+  deleteResourceAttributes(
+    accountId: number,
+    resource: Resource,
+    attributeKey: string,
+    _appName?: string,
+    _callerActionIdentifier?: string
+  ): Promise<ResourceAttributeDeleteOperation> {
+    const operation: ResourceAttributeDeleteOperation = {
+      resourceType: resource.type,
+      resourceId: resource.id,
+      key: attributeKey,
+      operationType: AttributeOperation.DELETE,
+    };
+    ValidationUtils.validateInteger(accountId);
+    ValidationUtils.validatDeleteResourceAssignment(operation);
+    return Promise.resolve(operation);
+  }
+
+  /**
+   * Deletes an entity attribute.
+   * Returns Promise<EntityAttributeDeleteOperation>
+   */
+  deleteEntityAttributes(
+    accountId: number,
+    entityType: EntityType,
+    entityId: number,
+    attributeKey: string
+  ): Promise<EntityAttributeDeleteOperation> {
+    const operation: EntityAttributeDeleteOperation = {
+      entityType: entityType,
+      entityId: entityId,
+      key: attributeKey,
+      operationType: AttributeOperation.DELETE,
+    };
+    ValidationUtils.validateInteger(accountId);
+    ValidationUtils.validatDeleteEntityAssignment(operation);
+    return Promise.resolve(operation);
+  }
+
+  /**
+   * Updates a resource attribute (single operation - upsert only).
+   * For MS service: performs upsert operation
+   * For SNS service: returns Promise<ResourceAttributeUpsertOperation>
+   */
+  updateResourceAttributes(
+    accountId: number,
+    _appName: string,
+    _callerActionIdentifier: string,
+    resourceAttributeOperation: ResourceAttributeUpsertOperation
+  ): Promise<ResourceAttributeUpsertOperation> {
+    ValidationUtils.validateInteger(accountId);
+    ValidationUtils.validatUpsertResourceAssignment(resourceAttributeOperation);
+    return Promise.resolve(resourceAttributeOperation);
+  }
+  /**
+   * Updates an entity attribute (single operation - upsert only).
+   * For MS service: performs upsert operation
+   * For SNS service: returns Promise<EntityAttributeUpsertOperation>
+   */
+  updateEntityAttributes(
+    accountId: number,
+    _appName: string,
+    _callerActionIdentifier: string,
+    entityAttributeOperation: EntityAttributeUpsertOperation
+  ): Promise<EntityAttributeUpsertOperation> {
+    ValidationUtils.validateInteger(accountId);
+    ValidationUtils.validatUpsertEntityAssignment(entityAttributeOperation);
+    return Promise.resolve(entityAttributeOperation);
+  }
+}

package/src/entity-attribute-assignment.ts

@@ -1,17 +1,18 @@
-import { ENTITY_TYPES, EntityType } from './entity-attributes-constants';
+import { EntityType } from './entity-attributes-constants';
 import { BaseAttributeAssignment } from './base-attribute-assignment';
+import { EntityAttributeAssignment as EntityAttributeAssignmentContract } from './types/authorization-attributes-contracts';
 
-export class EntityAttributeAssignment extends BaseAttributeAssignment<number, EntityType> {
+export class EntityAttributeAssignment extends BaseAttributeAssignment<EntityType, EntityAttributeAssignmentContract> {
   public readonly entityId: number;
   public readonly entityType: EntityType;
 
-  constructor(entityId: number, entityType: string, attributeKey: string, attributeValue: string) {
-    super(entityId, entityType, attributeKey, attributeValue, ENTITY_TYPES, 'entityId', 'entityType');
+  constructor(entityId: number, entityType: EntityType, key: string, value: string) {
+    super(entityId, entityType, key, value);
     this.entityId = entityId;
-    this.entityType = this.type;
+    this.entityType = entityType;
   }
 
-  toDataTransferObject() {
+  toDataTransferObject(): EntityAttributeAssignmentContract {
     return {
       entityId: this.entityId,
       entityType: this.entityType,

package/src/index.ts

@@ -58,6 +58,10 @@ export {
 } from './authorization-middleware';
 export { AuthorizationService, AuthorizeResponse } from './authorization-service';
 export { AuthorizationAttributesService } from './authorization-attributes-service';
+export * from './resource-attributes-constants';
+export * from './entity-attributes-constants';
+export { ResourceAttributeAssignment } from './resource-attribute-assignment';
+export { EntityAttributeAssignment } from './entity-attribute-assignment';
 export { RolesService } from './roles-service';
 export { MembershipsService } from './memberships';
 export { AuthorizationObject, Resource, BaseRequest, ResourceGetter, ContextGetter } from './types/general';
@@ -68,5 +72,18 @@ export {
   ScopedActionPermit,
 } from './types/scoped-actions-contracts';
 export { CustomRole, BasicRole, RoleType, RoleCreateRequest, RoleUpdateRequest, RolesResponse } from './types/roles';
+export {
+  AttributeAssignment,
+  AttributeOperation,
+  ResourceAttributeDeleteAssignment,
+  ResourceAttributeUpsertOperation,
+  ResourceAttributeDeleteOperation,
+  EntityAttributeDeleteAssignment,
+  EntityAttributeUpsertOperation,
+  EntityAttributeDeleteOperation,
+  ResourceAttributeAssignment as ResourceAttributeAssignmentContract,
+  EntityAttributeAssignment as EntityAttributeAssignmentContract,
+} from './types/authorization-attributes-contracts';
+export { BaseAuthorizationAttributesService as IAuthorizationAttributesService } from './base-authorization-attributes-service';
 
 export { TestKit };

package/src/resource-attribute-assignment.ts

@@ -1,25 +1,28 @@
-import { RESOURCE_TYPES, ResourceType } from './resource-attributes-constants';
+import { ResourceType } from './resource-attributes-constants';
 import { BaseAttributeAssignment } from './base-attribute-assignment';
+import { ResourceAttributeAssignment as ResourceAttributeAssignmentContract } from './types/authorization-attributes-contracts';
+import { ValidationUtils } from './utils/validation';
 
-export class ResourceAttributeAssignment extends BaseAttributeAssignment<number, ResourceType> {
+export class ResourceAttributeAssignment extends BaseAttributeAssignment<
+  ResourceType,
+  ResourceAttributeAssignmentContract
+> {
   public readonly resourceId: number;
   public readonly resourceType: ResourceType;
 
   constructor(resourceId: number, resourceType: ResourceType, attributeKey: string, attributeValue: string) {
-    super(
+    ValidationUtils.validatUpsertResourceAssignment({
       resourceId,
       resourceType,
-      attributeKey,
-      attributeValue,
-      Object.values(RESOURCE_TYPES),
-      'resourceId',
-      'resourceType'
-    );
+      key: attributeKey,
+      value: attributeValue,
+    });
+    super(resourceId, resourceType, attributeKey, attributeValue);
     this.resourceId = resourceId;
     this.resourceType = this.type;
   }
 
-  toDataTransferObject() {
+  toDataTransferObject(): ResourceAttributeAssignmentContract {
     return {
       resourceId: this.resourceId,
       resourceType: this.resourceType,