geek-cafe-saas-sdk 0.7.5__py3-none-any.whl → 0.8.0__py3-none-any.whl

geek_cafe_saas_sdk/services/database_service.py

@@ -6,6 +6,7 @@ from boto3_assist.dynamodb.dynamodb import DynamoDB, DynamoDBIndex
 from ..core.service_result import ServiceResult
 from ..core.service_errors import ValidationError, AccessDeniedError, NotFoundError
 from ..core.error_codes import ErrorCode
+from ..core.request_context import RequestContext
 import os
 from aws_lambda_powertools import Logger
 
@@ -17,7 +18,22 @@ logger = Logger()
 class DatabaseService(ABC, Generic[T]):
     """Base service class for database operations."""
 
-    def __init__(self, *, dynamodb: DynamoDB = None, table_name: str = None):
+    def __init__(self, *, dynamodb: DynamoDB = None, table_name: str = None, request_context: RequestContext):
+        """
+        Initialize DatabaseService.
+        
+        Args:
+            dynamodb: DynamoDB client instance
+            table_name: DynamoDB table name
+            request_context: **REQUIRED** Security context with JWT token (no longer optional)
+            
+        Raises:
+            ValueError: If table_name is not provided
+            TypeError: If request_context is not provided (enforced by Python)
+        """
+        if request_context is None:
+            raise AccessDeniedError("request_context is required for all database operations. All services must have security context.")
+        
         self.dynamodb = dynamodb or DynamoDB()
         self.table_name = (
             table_name or os.getenv("DYNAMODB_TABLE_NAME")
@@ -27,6 +43,19 @@ class DatabaseService(ABC, Generic[T]):
             raise ValueError("Table name is required")
 
         self.LOG_DYNAMO_DB_QUERY = os.getenv("LOG_DYNAMO_DB_QUERY", False)
+        self._request_context = request_context
+    
+    @property
+    def request_context(self) -> RequestContext:
+        """Get the request context (security token)."""
+        if self._request_context is None:
+            raise AccessDeniedError("No security context set for this service")
+        return self._request_context
+    
+    @request_context.setter
+    def request_context(self, value: RequestContext):
+        """Set the request context (security token)."""
+        self._request_context = value
 
     @abstractmethod
     def create(self, tenant_id: str, user_id: str, **kwargs) -> ServiceResult[T]:
@@ -114,8 +143,45 @@ class DatabaseService(ABC, Generic[T]):
             raise AccessDeniedError("Access denied to resource in different tenant")
 
     def _save_model(self, model: T) -> ServiceResult[T]:
-        """Save model to database with enhanced error handling."""
+        """Save model to database with **MANDATORY** security validation and audit trail.
+        
+        Args:
+            model: Model to save
+        
+        Returns:
+            ServiceResult with saved model or error
+            
+        Security:
+            - **ALWAYS** validates tenant access (no longer optional)
+            - **ALWAYS** auto-populates audit fields (created_by, updated_by)
+            - **ALWAYS** prevents cross-tenant resource creation
+            - request_context is required (enforced in __init__)
+        """
         try:
+            # MANDATORY security validation - always validate tenant access
+            # EXCEPTION: SYSTEM tenant can provision new tenants (signup flow)
+            from geek_cafe_saas_sdk.core.anonymous_context import AnonymousContextFactory
+            is_system_tenant = (self._request_context.authenticated_tenant_id == 
+                               AnonymousContextFactory.SYSTEM_TENANT_ID)
+            
+            if hasattr(model, 'tenant_id') and model.tenant_id:
+                # SYSTEM tenant can create resources in any tenant (provisioning)
+                if not is_system_tenant:
+                    if not self._request_context.validate_tenant_access(model.tenant_id):
+                        return ServiceResult.error_result(
+                            ErrorCode.ACCESS_DENIED,
+                            "Cannot save resources in other tenants"
+                        )
+            
+            # MANDATORY audit trail - always populate audit fields
+            # Set created_by_id if this is a new resource
+            if hasattr(model, 'created_by_id') and not model.created_by_id:
+                model.created_by_id = self._request_context.authenticated_user_id
+            
+            # Always update updated_by_id
+            if hasattr(model, 'updated_by_id'):
+                model.updated_by_id = self._request_context.authenticated_user_id
+            
             # The boto3_assist library handles all GSI key population automatically.
             self.dynamodb.save(table_name=self.table_name, item=model)
             return ServiceResult.success_result(model)
@@ -147,7 +213,7 @@ class DatabaseService(ABC, Generic[T]):
             return None
 
     def _get_model_by_id_with_tenant_check(
-        self, resource_id: str, model_class, tenant_id: str, include_deleted: bool = True
+        self, resource_id: str, model_class, tenant_id: Optional[str] = None, include_deleted: bool = True
     ) -> Optional[T]:
         """
         Get model by ID with automatic tenant validation.
@@ -159,7 +225,7 @@ class DatabaseService(ABC, Generic[T]):
         Args:
             resource_id: The resource ID to fetch
             model_class: The model class to instantiate
-            tenant_id: The tenant ID from JWT (authenticated user's tenant)
+            tenant_id: The tenant ID to validate (uses request_context if not provided)
             include_deleted: If True, returns deleted items. If False, returns None for deleted items.
                            Default is True since get-by-id operations typically need to verify deletion,
                            perform restores, or show audit history.
@@ -168,10 +234,15 @@ class DatabaseService(ABC, Generic[T]):
             The model if found and belongs to tenant, None otherwise
             
         Security:
+            - Automatically uses request_context if available
             - Returns None for resources in different tenants (prevents enumeration)
             - Optionally filters deleted resources based on include_deleted parameter
-            - Single source of truth: tenant_id from JWT only
         """
+        # Use request_context tenant if tenant_id not explicitly provided
+        # request_context is always present (enforced in __init__)
+        if tenant_id is None:
+            tenant_id = self._request_context.authenticated_tenant_id
+        
         model = self._get_model_by_id(resource_id, model_class)
         
         if not model:

{geek_cafe_saas_sdk-0.7.5.dist-info → geek_cafe_saas_sdk-0.8.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: geek_cafe_saas_sdk
-Version: 0.7.5
+Version: 0.8.0
 Summary: Base Reusable Services for SaaS
 Project-URL: Homepage, https://github.com/geekcafe/geek-cafe-services
 Project-URL: Documentation, https://github.com/geekcafe/geek-cafe-services/blob/main/README.md
@@ -87,20 +87,20 @@ Description-Content-Type: text/markdown
 <!-- COVERAGE-BADGE:START -->
 ## Test Coverage
 
-![Tests](https://img.shields.io/badge/tests-1145%20passed-brightgreen)
-![Coverage](https://img.shields.io/badge/coverage-83.1%25-green)
+![Tests](https://img.shields.io/badge/tests-1296%20passed-brightgreen)
+![Coverage](https://img.shields.io/badge/coverage-82.5%25-green)
 
-**Overall Coverage:** 83.1% (9646/11611 statements)
+**Overall Coverage:** 82.5% (13150/15936 statements)
 
 ### Coverage Summary
 
 | Metric | Value |
 |--------|-------|
-| Total Statements | 11,611 |
-| Covered Statements | 9,646 |
-| Missing Statements | 1,965 |
-| Coverage Percentage | 83.1% |
-| Total Tests | 1145 |
+| Total Statements | 15,936 |
+| Covered Statements | 13,150 |
+| Missing Statements | 2,786 |
+| Coverage Percentage | 82.5% |
+| Total Tests | 1296 |
 | Test Status | ✅ All Passing |
 
 ### Files Needing Attention (< 80% coverage)
@@ -108,17 +108,17 @@ Description-Content-Type: text/markdown
 | Coverage | Missing Lines | File |
 |----------|---------------|------|
 | 17.5% | 47 | `lambda_handlers/_base/authorized_secure_handler.py` |
-| 25.3% | 133 | `domains/communities/services/community_member_service.py` |
+| 24.4% | 133 | `domains/communities/services/community_member_service.py` |
+| 46.2% | 85 | `domains/auth/services/resource_permission_service.py` |
 | 46.3% | 58 | `domains/auth/models/role.py` |
 | 46.9% | 34 | `domains/auth/models/permission.py` |
-| 46.9% | 85 | `domains/auth/services/resource_permission_service.py` |
+| 52.2% | 118 | `domains/tenancy/services/subscription_service.py` |
 | 56.2% | 7 | `lambda_handlers/_base/secure_handler.py` |
 | 58.5% | 17 | `domains/messaging/handlers/contact_threads/update/app.py` |
-| 62.3% | 118 | `utilities/lambda_event_utility.py` |
-| 63.4% | 86 | `domains/communities/services/community_service.py` |
-| 64.0% | 41 | `domains/files/services/s3_file_service.py` |
+| 60.6% | 85 | `domains/notifications/services/notification_service.py` |
+| 61.8% | 21 | `core/request_context.py` |
 
-*... and 22 more files with < 80% coverage*
+*... and 27 more files with < 80% coverage*
 
 ### Running Tests
 
@@ -130,7 +130,7 @@ Description-Content-Type: text/markdown
 open reports/coverage/index.html
 ```
 
-*Last updated: 2025-10-16 13:22:11*
+*Last updated: 2025-10-20 09:57:49*
 
 ---