@openhi/constructs 0.0.103 → 0.0.105

package/lib/{chunk-MLTYFMSE.mjs → provision-default-workspace.handler.js}

@@ -1,10 +1,38 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/workflows/control-plane/user-onboarding/provision-default-workspace.handler.ts
+var provision_default_workspace_handler_exports = {};
+__export(provision_default_workspace_handler_exports, {
+  handler: () => handler
+});
+module.exports = __toCommonJS(provision_default_workspace_handler_exports);
+var import_node_crypto = require("crypto");
+var import_types8 = require("@openhi/types");
+
 // src/data/dynamo/dynamo-control-service.ts
-import { Service } from "electrodb";
+var import_electrodb8 = require("electrodb");
 
 // src/data/dynamo/dynamo-client.ts
-import { DynamoDBClient } from "@aws-sdk/client-dynamodb";
+var import_client_dynamodb = require("@aws-sdk/client-dynamodb");
 var defaultTableName = process.env.DYNAMO_TABLE_NAME ?? "jesttesttable";
-var dynamoClient = new DynamoDBClient({
+var dynamoClient = new import_client_dynamodb.DynamoDBClient({
   ...process.env.MOCK_DYNAMODB_ENDPOINT && {
     endpoint: process.env.MOCK_DYNAMODB_ENDPOINT,
     sslEnabled: false,
@@ -13,7 +41,7 @@ var dynamoClient = new DynamoDBClient({
 });
 
 // src/data/dynamo/entities/control/configuration-entity.ts
-import { Entity } from "electrodb";
+var import_electrodb = require("electrodb");
 
 // src/data/dynamo/shard.ts
 var SHARD_COUNT = 4;
@@ -39,7 +67,7 @@ var gsi1ShardAttribute = {
 };
 
 // src/data/dynamo/entities/control/configuration-entity.ts
-var ConfigurationEntity = new Entity({
+var ConfigurationEntity = new import_electrodb.Entity({
   model: {
     entity: "configuration",
     service: "control",
@@ -163,8 +191,8 @@ var ConfigurationEntity = new Entity({
 });
 
 // src/data/dynamo/entities/control/membership-entity.ts
-import { Entity as Entity2 } from "electrodb";
-var MembershipEntity = new Entity2({
+var import_electrodb2 = require("electrodb");
+var MembershipEntity = new import_electrodb2.Entity({
   model: {
     entity: "membership",
     service: "control",
@@ -261,8 +289,8 @@ var MembershipEntity = new Entity2({
 });
 
 // src/data/dynamo/entities/control/role-entity.ts
-import { Entity as Entity3 } from "electrodb";
-var RoleEntity = new Entity3({
+var import_electrodb3 = require("electrodb");
+var RoleEntity = new import_electrodb3.Entity({
   model: {
     entity: "role",
     service: "control",
@@ -354,8 +382,8 @@ var RoleEntity = new Entity3({
 });
 
 // src/data/dynamo/entities/control/roleassignment-entity.ts
-import { Entity as Entity4 } from "electrodb";
-var RoleAssignmentEntity = new Entity4({
+var import_electrodb4 = require("electrodb");
+var RoleAssignmentEntity = new import_electrodb4.Entity({
   model: {
     entity: "roleassignment",
     service: "control",
@@ -452,8 +480,8 @@ var RoleAssignmentEntity = new Entity4({
 });
 
 // src/data/dynamo/entities/control/tenant-entity.ts
-import { Entity as Entity5 } from "electrodb";
-var TenantEntity = new Entity5({
+var import_electrodb5 = require("electrodb");
+var TenantEntity = new import_electrodb5.Entity({
   model: {
     entity: "tenant",
     service: "control",
@@ -550,8 +578,8 @@ var TenantEntity = new Entity5({
 });
 
 // src/data/dynamo/entities/control/user-entity.ts
-import { Entity as Entity6 } from "electrodb";
-var UserEntity = new Entity6({
+var import_electrodb6 = require("electrodb");
+var UserEntity = new import_electrodb6.Entity({
   model: {
     entity: "user",
     service: "control",
@@ -672,8 +700,8 @@ var UserEntity = new Entity6({
 });
 
 // src/data/dynamo/entities/control/workspace-entity.ts
-import { Entity as Entity7 } from "electrodb";
-var WorkspaceEntity = new Entity7({
+var import_electrodb7 = require("electrodb");
+var WorkspaceEntity = new import_electrodb7.Entity({
   model: {
     entity: "workspace",
     service: "control",
@@ -779,7 +807,7 @@ var controlPlaneEntities = {
   user: UserEntity,
   workspace: WorkspaceEntity
 };
-var controlPlaneService = new Service(controlPlaneEntities, {
+var controlPlaneService = new import_electrodb8.Service(controlPlaneEntities, {
   table: defaultTableName,
   client: dynamoClient
 });
@@ -788,7 +816,7 @@ var DynamoControlService = {
 };
 function getDynamoControlService(tableName) {
   const resolved = tableName ?? defaultTableName;
-  const service = new Service(controlPlaneEntities, {
+  const service = new import_electrodb8.Service(controlPlaneEntities, {
     table: resolved,
     client: dynamoClient
   });
@@ -797,11 +825,303 @@ function getDynamoControlService(tableName) {
   };
 }
 
-export {
-  defaultTableName,
-  dynamoClient,
-  SHARD_COUNT,
-  computeShard,
-  getDynamoControlService
+// src/data/operations/control/membership/membership-create-operation.ts
+var import_types = require("@openhi/types");
+async function createMembershipOperation(params) {
+  const { context, body, tableName } = params;
+  const service = getDynamoControlService(tableName);
+  const id = body.id ?? `membership-${Date.now()}`;
+  const parsedResource = typeof body.resource === "string" ? JSON.parse(body.resource) : body.resource ?? {};
+  const lastUpdated = context.date ?? (/* @__PURE__ */ new Date()).toISOString();
+  const vid = `1`;
+  const resource = { resourceType: "Membership", id, ...parsedResource };
+  const summary = JSON.stringify((0, import_types.extractSummary)(resource));
+  await service.entities.membership.put({
+    tenantId: context.tenantId,
+    id,
+    resource: JSON.stringify(resource),
+    summary,
+    vid,
+    lastUpdated
+  }).go();
+  return {
+    id,
+    resource,
+    meta: { lastUpdated, versionId: vid }
+  };
+}
+
+// src/data/operations/control/roleassignment/roleassignment-create-operation.ts
+var import_types2 = require("@openhi/types");
+async function createRoleAssignmentOperation(params) {
+  const { context, body, tableName } = params;
+  const service = getDynamoControlService(tableName);
+  const id = body.id ?? `roleassignment-${Date.now()}`;
+  const parsedResource = typeof body.resource === "string" ? JSON.parse(body.resource) : body.resource ?? {};
+  const lastUpdated = context.date ?? (/* @__PURE__ */ new Date()).toISOString();
+  const vid = `1`;
+  const resource = { resourceType: "RoleAssignment", id, ...parsedResource };
+  const summary = JSON.stringify((0, import_types2.extractSummary)(resource));
+  await service.entities.roleAssignment.put({
+    tenantId: context.tenantId,
+    id,
+    resource: JSON.stringify(resource),
+    summary,
+    vid,
+    lastUpdated
+  }).go();
+  return {
+    id,
+    resource,
+    meta: { lastUpdated, versionId: vid }
+  };
+}
+
+// src/data/operations/control/tenant/tenant-create-operation.ts
+var import_types3 = require("@openhi/types");
+async function createTenantOperation(params) {
+  const { context, body, tableName } = params;
+  const service = getDynamoControlService(tableName);
+  const id = body.id ?? `tenant-${Date.now()}`;
+  const lastUpdated = context.date;
+  const vid = lastUpdated.replace(/[-:T.Z]/g, "").slice(0, 12) || Date.now().toString(36);
+  const parsedResource = typeof body.resource === "string" ? JSON.parse(body.resource) : body.resource ?? {};
+  const resource = { resourceType: "Tenant", id, ...parsedResource };
+  const summary = JSON.stringify((0, import_types3.extractSummary)(resource));
+  await service.entities.tenant.put({
+    tenantId: id,
+    id,
+    resource: JSON.stringify(resource),
+    summary,
+    vid,
+    lastUpdated
+  }).go();
+  return { id, resource, meta: { lastUpdated, versionId: vid } };
+}
+
+// src/data/operations/control/user/user-create-operation.ts
+var import_types4 = require("@openhi/types");
+
+// src/data/operations/control/user/user-find-by-sub-operation.ts
+async function findUserBySubOperation(params) {
+  const { cognitoSub, tableName } = params;
+  const service = getDynamoControlService(tableName);
+  const result = await service.entities.user.query.gsi2({ cognitoSub }).go({ limit: 1 });
+  const item = result.data?.[0];
+  if (!item) {
+    return void 0;
+  }
+  return {
+    id: item.id,
+    cognitoSub: item.cognitoSub,
+    resource: item.resource,
+    vid: item.vid
+  };
+}
+
+// src/data/operations/data-operations-common.ts
+var import_types5 = require("@openhi/types");
+
+// src/lib/compression.ts
+var import_node_zlib = require("zlib");
+
+// src/data/operations/control/user/user-update-operation.ts
+var import_types6 = require("@openhi/types");
+
+// src/data/operations/control/user/user-resource-helpers.ts
+function parseUserResource(resource) {
+  try {
+    return JSON.parse(resource);
+  } catch {
+    return void 0;
+  }
+}
+
+// src/data/operations/control/workspace/workspace-create-operation.ts
+var import_types7 = require("@openhi/types");
+async function createWorkspaceOperation(params) {
+  const { context, body, tableName } = params;
+  const { tenantId } = context;
+  const service = getDynamoControlService(tableName);
+  const id = body.id ?? `workspace-${Date.now()}`;
+  const lastUpdated = context.date;
+  const vid = lastUpdated.replace(/[-:T.Z]/g, "").slice(0, 12) || Date.now().toString(36);
+  const parsedResource = typeof body.resource === "string" ? JSON.parse(body.resource) : body.resource ?? {};
+  const resource = { resourceType: "Workspace", id, ...parsedResource };
+  const summary = JSON.stringify((0, import_types7.extractSummary)(resource));
+  await service.entities.workspace.put({
+    tenantId,
+    id,
+    resource: JSON.stringify(resource),
+    summary,
+    vid,
+    lastUpdated
+  }).go();
+  return { id, resource, meta: { lastUpdated, versionId: vid } };
+}
+
+// src/data/operations/fhir-reference.ts
+function idFromReference(reference, prefix) {
+  if (!reference || !reference.startsWith(prefix)) {
+    return void 0;
+  }
+  const id = reference.slice(prefix.length);
+  return id.length > 0 ? id : void 0;
+}
+
+// src/workflows/control-plane/user-onboarding/provision-default-workspace.handler.ts
+var CURRENT_SK = "CURRENT";
+var VID = "1";
+var summaryFor = (resource) => {
+  return JSON.stringify((0, import_types8.extractSummary)(resource));
+};
+var stableOnboardingId = (kind, cognitoSub) => {
+  return (0, import_node_crypto.createHash)("sha256").update(kind).update("\0").update(cognitoSub).digest("hex").slice(0, 26).toUpperCase();
 };
-//# sourceMappingURL=chunk-MLTYFMSE.mjs.map
+var handler = async (event) => {
+  const detail = event.detail;
+  if (!detail?.cognitoSub) {
+    console.warn(
+      "ProvisionDefaultWorkspace: event missing cognitoSub; skipping"
+    );
+    return;
+  }
+  const service = getDynamoControlService();
+  const existingUser = await findUserBySubOperation({
+    context: {
+      tenantId: "",
+      workspaceId: "",
+      date: "",
+      actorId: "",
+      actorName: "",
+      actorType: "internal-system"
+    },
+    cognitoSub: detail.cognitoSub
+  });
+  const existingResource = existingUser ? parseUserResource(existingUser.resource) : void 0;
+  const existingTenantId = idFromReference(
+    existingResource?.currentTenant?.reference,
+    "Tenant/"
+  );
+  const existingWorkspaceId = idFromReference(
+    existingResource?.currentWorkspace?.reference,
+    "Workspace/"
+  );
+  if (existingUser && existingTenantId && existingWorkspaceId) {
+    return;
+  }
+  const displayName = detail.displayName || detail.email || event.resources?.[0] || detail.cognitoSub;
+  const userId = existingUser?.id ?? detail.userId ?? stableOnboardingId("user", detail.cognitoSub);
+  const tenantId = stableOnboardingId("tenant", detail.cognitoSub);
+  const workspaceId = stableOnboardingId("workspace", detail.cognitoSub);
+  const userTenantMembershipId = stableOnboardingId(
+    "tenant-membership",
+    detail.cognitoSub
+  );
+  const userWorkspaceMembershipId = stableOnboardingId(
+    "workspace-membership",
+    detail.cognitoSub
+  );
+  const roleAssignmentId = stableOnboardingId(
+    "tenant-user-role-assignment",
+    detail.cognitoSub
+  );
+  const lastUpdated = (/* @__PURE__ */ new Date()).toISOString();
+  const context = {
+    tenantId,
+    workspaceId,
+    date: lastUpdated,
+    actorId: userId,
+    actorName: displayName,
+    actorType: "internal-system"
+  };
+  const tenantResource = {
+    id: tenantId,
+    displayName: `${displayName}'s Practice`,
+    status: "active"
+  };
+  const workspaceResource = {
+    id: workspaceId,
+    displayName: "Default Workspace",
+    status: "active",
+    tenant: { reference: `Tenant/${tenantId}` }
+  };
+  const userResource = {
+    ...existingResource ?? {},
+    resourceType: "User",
+    id: userId,
+    name: existingResource?.name ?? [{ text: displayName }],
+    status: "active",
+    currentTenant: { reference: `Tenant/${tenantId}` },
+    currentWorkspace: { reference: `Workspace/${workspaceId}` }
+  };
+  const userTenantMembershipResource = {
+    id: userTenantMembershipId,
+    status: "active",
+    user: { reference: `User/${userId}` },
+    tenant: { reference: `Tenant/${tenantId}` }
+  };
+  const userWorkspaceMembershipResource = {
+    id: userWorkspaceMembershipId,
+    status: "active",
+    user: { reference: `User/${userId}` },
+    tenant: { reference: `Tenant/${tenantId}` },
+    workspace: { reference: `Workspace/${workspaceId}` }
+  };
+  const roleAssignmentResource = {
+    id: roleAssignmentId,
+    status: "active",
+    user: { reference: `User/${userId}` },
+    tenant: { reference: `Tenant/${tenantId}` },
+    role: "tenant-user"
+  };
+  await createTenantOperation({
+    context,
+    body: { id: tenantId, resource: tenantResource }
+  });
+  await createWorkspaceOperation({
+    context,
+    body: { id: workspaceId, resource: workspaceResource }
+  });
+  if (existingUser) {
+    await service.entities.user.patch({ id: userId, sk: CURRENT_SK }).set({
+      resource: JSON.stringify(userResource),
+      summary: summaryFor(userResource),
+      cognitoSub: detail.cognitoSub,
+      vid: VID,
+      lastUpdated
+    }).go();
+  } else {
+    await service.entities.user.put({
+      id: userId,
+      cognitoSub: detail.cognitoSub,
+      resource: JSON.stringify(userResource),
+      summary: summaryFor(userResource),
+      vid: VID,
+      lastUpdated
+    }).go();
+  }
+  await createMembershipOperation({
+    context,
+    body: {
+      id: userTenantMembershipId,
+      resource: userTenantMembershipResource
+    }
+  });
+  await createMembershipOperation({
+    context,
+    body: {
+      id: userWorkspaceMembershipId,
+      resource: userWorkspaceMembershipResource
+    }
+  });
+  await createRoleAssignmentOperation({
+    context,
+    body: { id: roleAssignmentId, resource: roleAssignmentResource }
+  });
+};
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  handler
+});
+//# sourceMappingURL=provision-default-workspace.handler.js.map