sergio/saladeaula.digital
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update layercake version

Browse Source
This commit is contained in:
Sérgio Rafael Siqueira
2025-05-28 17:52:15 -03:00
parent 42e62ec183
commit 797a325cb0
28 changed files with 692 additions and 566 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
http-api/app/config.py Normal file
View File

@@ -0,0 +1,36 @@
import os
USER_TABLE: str = os.getenv('USER_TABLE') # type: ignore
ORDER_TABLE: str = os.getenv('ORDER_TABLE') # type: ignore
ENROLLMENT_TABLE: str = os.getenv('ENROLLMENT_TABLE') # type: ignore
COURSE_TABLE: str = os.getenv('COURSE_TABLE') # type: ignore
KONVIVA_API_URL: str = os.getenv('KONVIVA_API_URL') # type: ignore
KONVIVA_SECRET_KEY: str = os.getenv('KONVIVA_SECRET_KEY') # type: ignore
MEILISEARCH_HOST: str = os.getenv('MEILISEARCH_HOST') # type: ignore
MEILISEARCH_API_KEY: str = os.getenv('MEILISEARCH_API_KEY') # type: ignore
match os.getenv('AWS_SAM_LOCAL'), os.getenv('PYTEST_VERSION'):
case str() as SAM_LOCAL, _ if SAM_LOCAL: # Only when running `sam local start-api`
MEILISEARCH_HOST = 'http://host.docker.internal:7700'
ELASTIC_CONN = {
'hosts': 'http://host.docker.internal:9200',
}
case _, str() as PYTEST if PYTEST: # Only when running `pytest`
MEILISEARCH_HOST = 'http://127.0.0.1:7700'
ELASTIC_CONN = {
'hosts': 'http://127.0.0.1:9200',
}
case _:
MEILISEARCH_HOST: str = os.getenv('MEILISEARCH_HOST') # type: ignore
ELASTIC_CLOUD_ID = os.getenv('ELASTIC_CLOUD_ID')
ELASTIC_AUTH_PASS = os.getenv('ELASTIC_AUTH_PASS')
ELASTIC_CONN = {
'cloud_id': ELASTIC_CLOUD_ID,
'basic_auth': ('elastic', ELASTIC_AUTH_PASS),
}
USER_POOOL_ID = 'sa-east-1_s6YmVSfXj'

6
http-api/app/middlewares/audit_log_middleware.py
View File

@@ -45,12 +45,12 @@ class AuditLogMiddleware(BaseMiddlewareHandler):
self,
action: str,
/,
collect: DynamoDBCollection,
collection: DynamoDBCollection,
audit_attrs: tuple[str, ...] = (),
retention_days: int | None = LOG_RETENTION_DAYS,
) -> None:
self.action = action
self.collect = collect
self.collection = collection
self.audit_attrs = audit_attrs
self.retention_days = retention_days
@@ -80,7 +80,7 @@ class AuditLogMiddleware(BaseMiddlewareHandler):
else None
)
self.collect.put_item(
self.collection.put_item(
key=KeyPair(
# Post-migration: remove `delimiter` and update prefix
# from `log` to `logs` in ComposeKey.

14
http-api/app/middlewares/tenant_middelware.py
View File

@@ -46,11 +46,11 @@ class TenantMiddleware(BaseMiddlewareHandler):
def __init__(
self,
collect: DynamoDBCollection,
collection: DynamoDBCollection,
/,
header: str = 'X-Tenant',
) -> None:
self.collect = collect
self.collection = collection
self.header = header
def handler(
@@ -69,7 +69,7 @@ class TenantMiddleware(BaseMiddlewareHandler):
tenant=_tenant(
app.current_event.headers.get(self.header),
app.context.get('user'), # type: ignore
collect=self.collect,
collection=self.collection,
)
)
@@ -85,7 +85,7 @@ def _tenant(
tenant_id: str | None,
user: User,
/,
collect: DynamoDBCollection,
collection: DynamoDBCollection,
) -> Tenant:
"""Get a Tenant instance based on the provided tenant_id
and user's access permissions.
@@ -96,7 +96,7 @@ def _tenant(
The identifier of the tenant. Must not be None or empty.
user : User
The user attempting to access the tenant.
collect : DynamoDBCollection
collection : DynamoDBCollection
The DynamoDB collection used to retrieve tenant information.
Returns
@@ -117,7 +117,7 @@ def _tenant(
raise BadRequestError('Missing tenant')
# Ensure user has ACL
collect.get_item(
collection.get_item(
KeyPair(user.id, ComposeKey(tenant_id, prefix='acls')),
exc_cls=ForbiddenError,
)
@@ -126,5 +126,5 @@ def _tenant(
if tenant_id == '*':
return Tenant(id=tenant_id, name='default')
obj = collect.get_item(KeyPair(tenant_id, '0'), exc_cls=NotFoundError)
obj = collection.get_item(KeyPair(tenant_id, '0'), exc_cls=NotFoundError)
return Tenant.model_validate(obj)

12
http-api/app/routes/courses/__init__.py
View File

@@ -22,8 +22,6 @@ router = Router()
meili_client = Meilisearch(MEILISEARCH_HOST, MEILISEARCH_API_KEY)
course_layer = DynamoDBPersistenceLayer(COURSE_TABLE, dynamodb_client)
user_layer = DynamoDBPersistenceLayer(USER_TABLE, dynamodb_client)
user_collect = DynamoDBCollection(user_layer)
course_collect = DynamoDBCollection(course_layer)
@router.get(
@@ -55,8 +53,8 @@ def get_courses():
compress=True,
tags=['Course'],
middlewares=[
TenantMiddleware(user_collect),
AuditLogMiddleware('COURSE_ADD', user_collect, ('id', 'name')),
TenantMiddleware(user_layer.collection),
AuditLogMiddleware('COURSE_ADD', user_layer.collection, ('id', 'name')),
],
)
def post_course(payload: Course):
@@ -74,7 +72,7 @@ def post_course(payload: Course):
@router.get('/<id>', compress=True, tags=['Course'])
def get_course(id: str):
return course_collect.get_item(
return course_layer.collection.get_item(
KeyPair(id, '0'),
exc_cls=NotFoundError,
)
@@ -85,8 +83,8 @@ def get_course(id: str):
compress=True,
tags=['Course'],
middlewares=[
TenantMiddleware(user_collect),
AuditLogMiddleware('COURSE_UPDATE', user_collect, ('id', 'name')),
TenantMiddleware(user_layer.collection),
AuditLogMiddleware('COURSE_UPDATE', user_layer.collection, ('id', 'name')),
],
)
def put_course(id: str, payload: Course):

55
http-api/app/routes/enrollments/cancel.py Normal file
View File

@@ -0,0 +1,55 @@
from aws_lambda_powertools.event_handler.api_gateway import Router
from elasticsearch import Elasticsearch
from layercake.dynamodb import (
DynamoDBCollection,
DynamoDBPersistenceLayer,
KeyPair,
)
from pydantic import UUID4, BaseModel
from boto3clients import dynamodb_client
from config import ELASTIC_CONN, ENROLLMENT_TABLE, USER_TABLE
from middlewares.audit_log_middleware import AuditLogMiddleware
from middlewares.authentication_middleware import User
from rules.enrollment import set_status_as_canceled
from .vacancies import router as vacancies
__all__ = ['vacancies']
router = Router()
elastic_client = Elasticsearch(**ELASTIC_CONN)
enrollment_layer = DynamoDBPersistenceLayer(ENROLLMENT_TABLE, dynamodb_client)
user_layer = DynamoDBPersistenceLayer(USER_TABLE, dynamodb_client)
user_collect = DynamoDBCollection(user_layer)
class Cancel(BaseModel):
id: UUID4 | str
lock_hash: str
course: dict = {}
vacancy: dict = {}
@router.patch(
'/<id>/cancel',
compress=True,
tags=['Enrollment'],
middlewares=[
AuditLogMiddleware('ENROLLMENT_CANCEL', user_collect, ('id', 'course'))
],
)
def cancel(id: str, payload: Cancel):
user: User = router.context['user']
set_status_as_canceled(
id,
lock_hash=payload.lock_hash,
author=user.model_dump(), # type: ignore
course=payload.course, # type: ignore
vacancy_key=KeyPair.parse_obj(payload.vacancy),
persistence_layer=enrollment_layer,
)
return payload

64
http-api/app/routes/enrollments/enroll.py Normal file
View File

@@ -0,0 +1,64 @@
from datetime import datetime
from aws_lambda_powertools.event_handler.api_gateway import Router
from layercake.batch import BatchProcessor
from layercake.dynamodb import (
DynamoDBCollection,
DynamoDBPersistenceLayer,
)
from pydantic import BaseModel
from boto3clients import dynamodb_client
from config import (
ENROLLMENT_TABLE,
USER_TABLE,
)
from middlewares import Tenant, TenantMiddleware
from models import Course, User
router = Router()
enrollment_layer = DynamoDBPersistenceLayer(ENROLLMENT_TABLE, dynamodb_client)
user_layer = DynamoDBPersistenceLayer(USER_TABLE, dynamodb_client)
user_collect = DynamoDBCollection(user_layer)
enrollment_collect = DynamoDBCollection(enrollment_layer)
processor = BatchProcessor()
class Item(BaseModel):
user: User
course: Course
schedule_date: datetime | None = None
class Payload(BaseModel):
items: tuple[Item, ...]
@router.post(
'/',
compress=True,
tags=['Enrollment'],
middlewares=[
TenantMiddleware(user_collect),
],
)
def enroll_(payload: Payload):
context = {'tenant': router.context['tenant']}
with processor(payload.items, handler, context):
processor.process()
return {}
def handler(record: Item, context: dict):
tenant: Tenant = context['tenant']
# enroll(
# enrollment=Enrollment(user=[])
# tenant={
# 'id': str(tenant.id),
# 'name': tenant.name,
# },
# persistence_layer=enrollment_layer,
# )

6
http-api/app/routes/settings/__init__.py
View File

@@ -1,6 +1,5 @@
from aws_lambda_powertools.event_handler.api_gateway import Router
from layercake.dynamodb import (
DynamoDBCollection,
DynamoDBPersistenceLayer,
KeyPair,
PrefixKey,
@@ -13,7 +12,6 @@ from middlewares import User
router = Router()
user_layer = DynamoDBPersistenceLayer(USER_TABLE, dynamodb_client)
user_collect = DynamoDBCollection(user_layer)
LIMIT = 25
@@ -22,11 +20,11 @@ LIMIT = 25
@router.get('/', include_in_schema=False)
def settings():
user: User = router.context['user']
acls = user_collect.query(
acls = user_layer.collection.query(
KeyPair(user.id, PrefixKey('acls')),
limit=LIMIT,
)
tenants = user_collect.query(
tenants = user_layer.collection.query(
KeyPair(user.id, PrefixKey('orgs')),
limit=LIMIT,
)

8
http-api/app/routes/users/orgs.py
View File

@@ -5,7 +5,6 @@ from aws_lambda_powertools.event_handler.exceptions import (
BadRequestError as PowertoolsBadRequestError,
)
from layercake.dynamodb import (
DynamoDBCollection,
DynamoDBPersistenceLayer,
KeyPair,
MissingError,
@@ -26,7 +25,6 @@ class BadRequestError(MissingError, PowertoolsBadRequestError): ...
router = Router()
user_layer = DynamoDBPersistenceLayer(USER_TABLE, dynamodb_client)
user_collect = DynamoDBCollection(user_layer, exc_cls=BadRequestError)
@router.get(
@@ -36,7 +34,7 @@ user_collect = DynamoDBCollection(user_layer, exc_cls=BadRequestError)
summary='Get user orgs',
)
def get_orgs(id: str):
return user_collect.query(
return user_layer.collection.query(
KeyPair(id, PrefixKey('orgs')),
start_key=router.current_event.get_query_string_value('start_key', None),
)
@@ -54,7 +52,9 @@ class Unassign(BaseModel):
tags=['User'],
summary='Delete user org',
middlewares=[
AuditLogMiddleware('UNASSIGN_ORG', user_collect, ('id', 'name', 'cnpj'))
AuditLogMiddleware(
'UNASSIGN_ORG', user_layer.collection, ('id', 'name', 'cnpj')
)
],
)
def delete_org(id: str, payload: Unassign):

75
http-api/app/rules/course.py
View File

@@ -1,5 +1,5 @@
from layercake.dateutils import now
from layercake.dynamodb import DynamoDBPersistenceLayer, KeyPair, TransactItems
from layercake.dynamodb import DynamoDBPersistenceLayer, KeyPair
from models import Course, Org
@@ -11,25 +11,26 @@ def create_course(
persistence_layer: DynamoDBPersistenceLayer,
):
now_ = now()
transact = TransactItems(persistence_layer.table_name)
transact.put(
item={
'sk': '0',
'metadata__tenant_id': org.id,
'create_date': now_,
**course.model_dump(),
}
)
transact.put(
item={
'id': course.id,
'sk': 'metadata#tenant',
'tenant_id': f'ORG#{org.id}',
'name': org.name,
'create_date': now_,
}
)
return persistence_layer.transact_write_items(transact)
with persistence_layer.transact_writer() as transact:
transact.put(
item={
'sk': '0',
'metadata__tenant_id': org.id,
'create_date': now_,
**course.model_dump(),
}
)
transact.put(
item={
'id': course.id,
'sk': 'metadata#tenant',
'tenant_id': f'ORG#{org.id}',
'name': org.name,
'create_date': now_,
}
)
return True
def update_course(
@@ -39,20 +40,20 @@ def update_course(
persistence_layer: DynamoDBPersistenceLayer,
):
now_ = now()
transact = TransactItems(persistence_layer.table_name)
transact.update(
key=KeyPair(id, '0'),
update_expr='SET #name = :name, access_period = :access_period, \
cert = :cert, update_date = :update_date',
expr_attr_names={
'#name': 'name',
},
expr_attr_values={
':name': course.name,
':cert': course.cert.model_dump() if course.cert else None,
':access_period': course.access_period,
':update_date': now_,
},
cond_expr='attribute_exists(sk)',
)
return persistence_layer.transact_write_items(transact)
with persistence_layer.transact_writer() as transact:
transact.update(
key=KeyPair(id, '0'),
update_expr='SET #name = :name, access_period = :access_period, \
cert = :cert, update_date = :update_date',
expr_attr_names={
'#name': 'name',
},
expr_attr_values={
':name': course.name,
':cert': course.cert.model_dump() if course.cert else None,
':access_period': course.access_period,
':update_date': now_,
},
cond_expr='attribute_exists(sk)',
)
return True

269
http-api/app/rules/enrollment.py
View File

@@ -4,7 +4,7 @@ from typing import TypedDict
from uuid import uuid4
from layercake.dateutils import now, ttl
from layercake.dynamodb import DynamoDBPersistenceLayer, KeyPair, TransactItems
from layercake.dynamodb import DynamoDBPersistenceLayer, KeyPair
from layercake.strutils import md5_hash
from config import ORDER_TABLE
@@ -64,97 +64,97 @@ def enroll(
course = enrollment.course
tenant_id = tenant['id']
transact = TransactItems(persistence_layer.table_name)
transact.put(
item={
'sk': '0',
'create_date': now_,
'metadata__tenant_id': tenant_id,
'metadata__related_ids': {tenant_id, user.id},
**enrollment.model_dump(),
},
)
transact.put(
item={
'id': enrollment.id,
'sk': 'metadata#tenant',
'tenant_id': f'ORG#{tenant_id}',
'name': tenant['name'],
'create_date': now_,
},
)
transact.put(
item={
'id': enrollment.id,
'sk': LifecycleEvents.REMINDER_NO_ACCESS_3_DAYS,
'name': user.name,
'email': user.email,
'course': course.name,
'create_date': now_,
'ttl': ttl(days=3, start_dt=now_),
},
)
transact.put(
item={
'id': enrollment.id,
'sk': LifecycleEvents.ACCESS_PERIOD_REMINDER_30_DAYS,
'name': user.name,
'email': user.email,
'course': course.name,
'create_date': now_,
'ttl': ttl(start_dt=now_ + timedelta(days=course.access_period - 30)),
},
)
transact.put(
item={
'id': enrollment.id,
'sk': LifecycleEvents.COURSE_EXPIRED,
'name': user.name,
'email': user.email,
'course': course.name,
'create_date': now_,
'ttl': ttl(start_dt=now_ + timedelta(days=course.access_period)),
},
)
# Prevents the user from enrolling in the same course again until
# the deduplication window expires or is removed
if deduplication_window:
lock_hash = md5_hash('%s%s' % (user.id, course.id))
offset_days = deduplication_window['offset_days']
ttl_expiration = ttl(
start_dt=now_ + timedelta(days=course.access_period - offset_days)
)
with persistence_layer.transact_writer() as transact:
transact.put(
item={
'id': 'lock',
'sk': lock_hash,
'enrollment_id': enrollment.id,
'sk': '0',
'create_date': now_,
'ttl': ttl_expiration,
'metadata__tenant_id': tenant_id,
'metadata__related_ids': {tenant_id, user.id},
**enrollment.model_dump(),
},
cond_expr='attribute_not_exists(sk)',
)
transact.put(
item={
'id': enrollment.id,
'sk': 'metadata#lock',
'hash': lock_hash,
'sk': 'metadata#tenant',
'tenant_id': f'ORG#{tenant_id}',
'name': tenant['name'],
'create_date': now_,
'ttl': ttl_expiration,
},
)
# Deduplication window can be recalculated if needed
transact.put(
item={
'id': enrollment.id,
'sk': 'metadata#deduplication_window',
'offset_days': offset_days,
'sk': LifecycleEvents.REMINDER_NO_ACCESS_3_DAYS,
'name': user.name,
'email': user.email,
'course': course.name,
'create_date': now_,
'ttl': ttl(days=3, start_dt=now_),
},
)
transact.put(
item={
'id': enrollment.id,
'sk': LifecycleEvents.ACCESS_PERIOD_REMINDER_30_DAYS,
'name': user.name,
'email': user.email,
'course': course.name,
'create_date': now_,
'ttl': ttl(start_dt=now_ + timedelta(days=course.access_period - 30)),
},
)
transact.put(
item={
'id': enrollment.id,
'sk': LifecycleEvents.COURSE_EXPIRED,
'name': user.name,
'email': user.email,
'course': course.name,
'create_date': now_,
'ttl': ttl(start_dt=now_ + timedelta(days=course.access_period)),
},
)
return persistence_layer.transact_write_items(transact)
# Prevents the user from enrolling in the same course again until
# the deduplication window expires or is removed
if deduplication_window:
lock_hash = md5_hash('%s%s' % (user.id, course.id))
offset_days = deduplication_window['offset_days']
ttl_expiration = ttl(
start_dt=now_ + timedelta(days=course.access_period - offset_days)
)
transact.put(
item={
'id': 'lock',
'sk': lock_hash,
'enrollment_id': enrollment.id,
'create_date': now_,
'ttl': ttl_expiration,
},
cond_expr='attribute_not_exists(sk)',
)
transact.put(
item={
'id': enrollment.id,
'sk': 'metadata#lock',
'hash': lock_hash,
'create_date': now_,
'ttl': ttl_expiration,
},
)
# Deduplication window can be recalculated if needed
transact.put(
item={
'id': enrollment.id,
'sk': 'metadata#deduplication_window',
'offset_days': offset_days,
'create_date': now_,
},
)
return True
def set_status_as_canceled(
@@ -169,73 +169,74 @@ def set_status_as_canceled(
"""Cancel the enrollment if there's a `cancel_policy`
and put its vacancy back if `vacancy_key` is provided."""
now_ = now()
transact = TransactItems(persistence_layer.table_name)
transact.update(
key=KeyPair(id, '0'),
update_expr='SET #status = :canceled, update_date = :update',
expr_attr_names={
'#status': 'status',
},
expr_attr_values={
':canceled': 'CANCELED',
':update': now_,
},
)
transact.put(
item={
'id': id,
'sk': 'canceled_date',
'author': author,
'create_date': now_,
},
)
transact.delete(
key=KeyPair(id, 'cancel_policy'),
cond_expr='attribute_exists(sk)',
)
# Remove schedules lifecycle events, referencies and locks
transact.delete(key=KeyPair(id, 'schedules#archive_it'))
transact.delete(key=KeyPair(id, 'schedules#no_activity'))
transact.delete(key=KeyPair(id, 'schedules#access_period_ends'))
transact.delete(key=KeyPair(id, 'schedules#does_not_access'))
transact.delete(key=KeyPair(id, 'parent_vacancy'))
transact.delete(key=KeyPair(id, 'lock'))
transact.delete(key=KeyPair('lock', lock_hash))
if vacancy_key and course:
vacancy_pk, vacancy_sk = vacancy_key.values()
org_id = vacancy_pk.removeprefix('vacancies#')
order_id, enrollment_id = vacancy_sk.split('#')
transact.condition(
key=KeyPair(order_id, '0'),
cond_expr='attribute_exists(id)',
table_name=ORDER_TABLE,
)
# Put the vacancy back and assign a new ID
transact.put(
item={
'id': f'vacancies#{org_id}',
'sk': f'{order_id}#{uuid4()}',
'course': course,
'create_date': now_,
},
cond_expr='attribute_not_exists(sk)',
)
# Set the status of `generated_items` to `ROLLBACK` to know
# which vacancy is available for reuse
with persistence_layer.transact_writer() as transact:
transact.update(
key=KeyPair(order_id, f'generated_items#{enrollment_id}'),
update_expr='SET #status = :status, update_date = :update',
key=KeyPair(id, '0'),
update_expr='SET #status = :canceled, update_date = :update',
expr_attr_names={
'#status': 'status',
},
expr_attr_values={
':status': 'ROLLBACK',
':canceled': 'CANCELED',
':update': now_,
},
cond_expr='attribute_exists(sk)',
table_name=ORDER_TABLE,
)
transact.put(
item={
'id': id,
'sk': 'canceled_date',
'author': author,
'create_date': now_,
},
)
transact.delete(
key=KeyPair(id, 'cancel_policy'),
cond_expr='attribute_exists(sk)',
)
# Remove schedules lifecycle events, referencies and locks
transact.delete(key=KeyPair(id, 'schedules#archive_it'))
transact.delete(key=KeyPair(id, 'schedules#no_activity'))
transact.delete(key=KeyPair(id, 'schedules#access_period_ends'))
transact.delete(key=KeyPair(id, 'schedules#does_not_access'))
transact.delete(key=KeyPair(id, 'parent_vacancy'))
transact.delete(key=KeyPair(id, 'lock'))
transact.delete(key=KeyPair('lock', lock_hash))
return persistence_layer.transact_write_items(transact)
if vacancy_key and course:
vacancy_pk, vacancy_sk = vacancy_key.values()
org_id = vacancy_pk.removeprefix('vacancies#')
order_id, enrollment_id = vacancy_sk.split('#')
transact.condition(
key=KeyPair(order_id, '0'),
cond_expr='attribute_exists(id)',
table_name=ORDER_TABLE,
)
# Put the vacancy back and assign a new ID
transact.put(
item={
'id': f'vacancies#{org_id}',
'sk': f'{order_id}#{uuid4()}',
'course': course,
'create_date': now_,
},
cond_expr='attribute_not_exists(sk)',
)
# Set the status of `generated_items` to `ROLLBACK` to know
# which vacancy is available for reuse
transact.update(
key=KeyPair(order_id, f'generated_items#{enrollment_id}'),
update_expr='SET #status = :status, update_date = :update',
expr_attr_names={
'#status': 'status',
},
expr_attr_values={
':status': 'ROLLBACK',
':update': now_,
},
cond_expr='attribute_exists(sk)',
table_name=ORDER_TABLE,
)
return True

50
http-api/app/rules/org.py
View File

@@ -1,5 +1,5 @@
from layercake.dateutils import now
from layercake.dynamodb import DynamoDBPersistenceLayer, KeyPair, TransactItems
from layercake.dynamodb import DynamoDBPersistenceLayer, KeyPair
def update_policies(
@@ -11,30 +11,30 @@ def update_policies(
persistence_layer: DynamoDBPersistenceLayer,
):
now_ = now()
transact = TransactItems(persistence_layer.table_name)
if payment_policy:
transact.put(
item={
'id': id,
'sk': 'metadata#payment_policy',
'create_date': now_,
}
| payment_policy
)
else:
transact.delete(key=KeyPair(id, 'metadata#payment_policy'))
with persistence_layer.transact_writer() as transact:
if payment_policy:
transact.put(
item={
'id': id,
'sk': 'metadata#payment_policy',
'create_date': now_,
}
| payment_policy
)
else:
transact.delete(key=KeyPair(id, 'metadata#payment_policy'))
if billing_policy:
transact.put(
item={
'id': id,
'sk': 'metadata#billing_policy',
'create_date': now_,
}
| billing_policy
)
else:
transact.delete(key=KeyPair(id, 'metadata#billing_policy'))
if billing_policy:
transact.put(
item={
'id': id,
'sk': 'metadata#billing_policy',
'create_date': now_,
}
| billing_policy
)
else:
transact.delete(key=KeyPair(id, 'metadata#billing_policy'))
return persistence_layer.transact_write_items(transact)
return True

275
http-api/app/rules/user.py
View File

@@ -10,71 +10,68 @@ from layercake.dynamodb import (
ComposeKey,
DynamoDBPersistenceLayer,
KeyPair,
TransactItems,
)
User = TypedDict('User', {'id': str, 'name': str, 'cpf': str})
def update_user(
userdata: User,
data: User,
/,
*,
persistence_layer: DynamoDBPersistenceLayer,
) -> bool:
now_ = now()
ttl_ = now_ + timedelta(hours=24)
user = SimpleNamespace(**userdata)
user = SimpleNamespace(**data)
# Get the user's CPF, if it exists.
old_cpf = persistence_layer.get_item(KeyPair(user.id, '0')).get('cpf', None)
transact = TransactItems(persistence_layer.table_name)
transact.update(
key=KeyPair(user.id, '0'),
update_expr='SET #name = :name, cpf = :cpf, update_date = :update_date',
expr_attr_names={
'#name': 'name',
},
expr_attr_values={
':name': user.name,
':cpf': user.cpf,
':update_date': now_,
},
cond_expr='attribute_exists(sk)',
)
# Prevent the user from updating more than once every 24 hours
transact.put(
item={
'id': user.id,
'sk': 'last_profile_edit',
'create_date': now_,
'ttl': ttl(start_dt=ttl_),
'ttl_date': ttl_,
},
cond_expr='attribute_not_exists(sk)',
)
class CPFConflictError(BadRequestError):
def __init__(self, msg: str):
super().__init__('Cpf already exists')
if user.cpf != old_cpf:
with persistence_layer.transact_writer() as transact:
transact.update(
key=KeyPair(user.id, '0'),
update_expr='SET #name = :name, cpf = :cpf, update_date = :update_date',
expr_attr_names={
'#name': 'name',
},
expr_attr_values={
':name': user.name,
':cpf': user.cpf,
':update_date': now_,
},
cond_expr='attribute_exists(sk)',
)
# Prevent the user from updating more than once every 24 hours
transact.put(
item={
'id': 'cpf',
'sk': user.cpf,
'user_id': user.id,
'id': user.id,
'sk': 'last_profile_edit',
'create_date': now_,
'ttl': ttl(start_dt=now_ + timedelta(hours=24)),
},
cond_expr='attribute_not_exists(sk)',
exc_cls=CPFConflictError,
)
# Ensures that the old CPF is discarded
if old_cpf:
transact.delete(key=KeyPair('cpf', old_cpf))
class CPFConflictError(BadRequestError):
def __init__(self, msg: str):
super().__init__('Cpf already exists')
return persistence_layer.transact_write_items(transact)
if user.cpf != old_cpf:
transact.put(
item={
'id': 'cpf',
'sk': user.cpf,
'user_id': user.id,
'create_date': now_,
},
cond_expr='attribute_not_exists(sk)',
exc_cls=CPFConflictError,
)
# Ensures that the old CPF is discarded
if old_cpf:
transact.delete(key=KeyPair('cpf', old_cpf))
return True
def add_email(
@@ -85,41 +82,42 @@ def add_email(
persistence_layer: DynamoDBPersistenceLayer,
):
now_ = now()
transact = TransactItems(persistence_layer.table_name)
transact.update(
key=KeyPair(id, '0'),
update_expr='ADD emails :email',
expr_attr_values={
':email': {email},
},
)
transact.put(
item={
'id': id,
'sk': f'emails#{email}',
'email_primary': False,
'email_verified': False,
'create_date': now_,
},
cond_expr='attribute_not_exists(sk)',
)
class EmailConflictError(BadRequestError):
def __init__(self, msg: str):
super().__init__('Email already exists')
with persistence_layer.transact_writer() as transact:
transact.update(
key=KeyPair(id, '0'),
update_expr='ADD emails :email',
expr_attr_values={
':email': {email},
},
)
transact.put(
item={
'id': id,
'sk': f'emails#{email}',
'email_primary': False,
'email_verified': False,
'create_date': now_,
},
cond_expr='attribute_not_exists(sk)',
)
transact.put(
item={
'id': 'email',
'sk': email,
'user_id': id,
'create_date': now_,
},
cond_expr='attribute_not_exists(sk)',
exc_cls=EmailConflictError,
)
class EmailConflictError(BadRequestError):
def __init__(self, msg: str):
super().__init__('Email already exists')
return persistence_layer.transact_write_items(transact)
transact.put(
item={
'id': 'email',
'sk': email,
'user_id': id,
'create_date': now_,
},
cond_expr='attribute_not_exists(sk)',
exc_cls=EmailConflictError,
)
return True
def del_email(
@@ -130,25 +128,24 @@ def del_email(
persistence_layer: DynamoDBPersistenceLayer,
) -> bool:
"""Delete any email except the primary email."""
transact = TransactItems(persistence_layer.table_name)
transact.delete(
key=KeyPair('email', email),
)
transact.delete(
key=KeyPair(id, ComposeKey(email, prefix='emails')),
cond_expr='email_primary <> :primary',
expr_attr_values={':primary': True},
exc_cls=BadRequestError,
)
transact.update(
key=KeyPair(id, '0'),
update_expr='DELETE emails :email',
expr_attr_values={
':email': {email},
},
)
return persistence_layer.transact_write_items(transact)
with persistence_layer.transact_writer() as transact:
transact.delete(
key=KeyPair('email', email),
)
transact.delete(
key=KeyPair(id, ComposeKey(email, prefix='emails')),
cond_expr='email_primary <> :primary',
expr_attr_values={':primary': True},
exc_cls=BadRequestError,
)
transact.update(
key=KeyPair(id, '0'),
update_expr='DELETE emails :email',
expr_attr_values={
':email': {email},
},
)
return True
def set_email_as_primary(
@@ -162,37 +159,38 @@ def set_email_as_primary(
):
now_ = now()
expr = 'SET email_primary = :email_primary, update_date = :update_date'
transact = TransactItems(persistence_layer.table_name)
# Set the old email as non-primary
transact.update(
key=KeyPair(id, ComposeKey(old_email, 'emails')),
update_expr=expr,
expr_attr_values={
':email_primary': False,
':update_date': now_,
},
)
# Set the new email as primary
transact.update(
key=KeyPair(id, ComposeKey(new_email, 'emails')),
update_expr=expr,
expr_attr_values={
':email_primary': True,
':update_date': now_,
},
)
transact.update(
key=KeyPair(id, '0'),
update_expr='SET email = :email, email_verified = :email_verified, \
update_date = :update_date',
expr_attr_values={
':email': new_email,
':email_verified': email_verified,
':update_date': now_,
},
)
return persistence_layer.transact_write_items(transact)
with persistence_layer.transact_writer() as transact:
# Set the old email as non-primary
transact.update(
key=KeyPair(id, ComposeKey(old_email, 'emails')),
update_expr=expr,
expr_attr_values={
':email_primary': False,
':update_date': now_,
},
)
# Set the new email as primary
transact.update(
key=KeyPair(id, ComposeKey(new_email, 'emails')),
update_expr=expr,
expr_attr_values={
':email_primary': True,
':update_date': now_,
},
)
transact.update(
key=KeyPair(id, '0'),
update_expr='SET email = :email, email_verified = :email_verified, \
update_date = :update_date',
expr_attr_values={
':email': new_email,
':email_verified': email_verified,
':update_date': now_,
},
)
return True
def del_org_member(
@@ -201,20 +199,19 @@ def del_org_member(
org_id: str,
persistence_layer: DynamoDBPersistenceLayer,
) -> bool:
transact = TransactItems(persistence_layer.table_name)
with persistence_layer.transact_writer() as transact:
# Remove the user's relationship with the organization and their privileges
transact.delete(key=KeyPair(id, f'acls#{org_id}'))
transact.delete(key=KeyPair(id, f'orgs#{org_id}'))
transact.update(
key=KeyPair(id, '0'),
update_expr='DELETE #tenant :org_id',
expr_attr_names={'#tenant': 'tenant__org_id'},
expr_attr_values={':org_id': {org_id}},
)
# Remove the user's relationship with the organization and their privileges
transact.delete(key=KeyPair(id, f'acls#{org_id}'))
transact.delete(key=KeyPair(id, f'orgs#{org_id}'))
transact.update(
key=KeyPair(id, '0'),
update_expr='DELETE #tenant :org_id',
expr_attr_names={'#tenant': 'tenant__org_id'},
expr_attr_values={':org_id': {org_id}},
)
# Remove the user from the organization's admins and members list
transact.delete(key=KeyPair(org_id, f'admins#{id}'))
transact.delete(key=KeyPair(f'orgmembers#{org_id}', id))
# Remove the user from the organization's admins and members list
transact.delete(key=KeyPair(org_id, f'admins#{id}'))
transact.delete(key=KeyPair(f'orgmembers#{org_id}', id))
return persistence_layer.transact_write_items(transact)
return True