fix

http-api/app/routes/users/__init__.py

@@ -0,0 +1,147 @@
+from http import HTTPStatus
+import json
+from typing import Annotated
+
+from aws_lambda_powertools.event_handler.api_gateway import Router
+from aws_lambda_powertools.event_handler.exceptions import (
+    BadRequestError as PowertoolsBadRequestError,
+)
+from elasticsearch import Elasticsearch
+from layercake.dynamodb import (
+    DynamoDBCollection,
+    DynamoDBPersistenceLayer,
+    MissingError,
+    SortKey,
+    TransactKey,
+)
+from layercake.extra_types import CpfStr, NameStr
+from pydantic import UUID4, BaseModel, StringConstraints
+
+from api_gateway import JSONResponse
+from boto3clients import dynamodb_client, idp_client
+import cognito
+from conf import ELASTIC_CONN, USER_POOOL_ID, USER_TABLE
+import elastic
+from middlewares import AuditLogMiddleware
+from models import User
+from rules.user import update_user
+
+from .emails import router as emails
+from .logs import router as logs
+from .orgs import router as orgs
+
+__all__ = ['logs', 'emails', 'orgs']
+
+
+class BadRequestError(MissingError, PowertoolsBadRequestError):
+    pass
+
+
+router = Router()
+user_layer = DynamoDBPersistenceLayer(USER_TABLE, dynamodb_client)
+user_collect = DynamoDBCollection(user_layer, exception_cls=BadRequestError)
+elastic_client = Elasticsearch(**ELASTIC_CONN)
+
+
+@router.get('/', compress=True, tags=['User'], summary='Get users')
+def get_users():
+    event = router.current_event
+    query = event.get_query_string_value('query', '{}')
+    page_size = event.get_query_string_value('page_size', '25')
+
+    return elastic.search(
+        index=USER_TABLE,
+        page_size=int(page_size),
+        query=json.loads(query),
+        elastic_client=elastic_client,
+    )
+
+
+@router.post(
+    '/',
+    compress=True,
+    tags=['User'],
+    summary='Create user',
+    middlewares=[AuditLogMiddleware('USER_ADD', user_collect)],
+)
+def post_user(payload: User):
+    return JSONResponse(status_code=HTTPStatus.CREATED)
+
+
+class UserData(BaseModel):
+    name: NameStr
+    cpf: CpfStr
+
+
+@router.put(
+    '/<id>',
+    compress=True,
+    tags=['User'],
+    summary='Update user',
+    middlewares=[
+        AuditLogMiddleware('USER_UPDATE', user_collect, ('id', 'name', 'new_cpf'))
+    ],
+)
+def put_user(id: str, payload: UserData):
+    update_user(
+        {
+            'id': id,
+            'name': payload.name,
+            'cpf': payload.cpf,
+        },
+        persistence_layer=user_layer,
+    )
+    return JSONResponse(
+        body={
+            'id': id,
+            'name': payload.name,
+            'new_cpf': payload.cpf,
+        },
+        status_code=HTTPStatus.OK,
+    )
+
+
+@router.get('/<id>', compress=True, tags=['User'], summary='Get user')
+def get_user(id: str):
+    return user_collect.get_items(
+        TransactKey(id) + SortKey('0') + SortKey('last_profile_edit')
+    )
+
+
+class Password(BaseModel):
+    cognito_sub: UUID4
+    new_password: Annotated[str, StringConstraints(min_length=6)]
+
+
+@router.post(
+    '/<id>/password',
+    compress=True,
+    tags=['User'],
+    include_in_schema=False,
+    middlewares=[
+        AuditLogMiddleware('PASSWORD_RESET', user_collect, ('id', 'cognito_sub'))
+    ],
+)
+def password(id: str, payload: Password):
+    cognito.admin_set_user_password(
+        username=str(payload.cognito_sub),
+        password=payload.new_password,
+        user_pool_id=USER_POOOL_ID,
+        idp_client=idp_client,
+    )
+    return JSONResponse(
+        body={
+            'id': id,
+            'cognito_sub': payload.cognito_sub,
+        },
+        status_code=HTTPStatus.OK,
+    )
+
+
+@router.get('/<sub>/idp', compress=True, include_in_schema=False)
+def get_idp(sub: str):
+    return cognito.admin_get_user(
+        sub=sub,
+        user_pool_id=USER_POOOL_ID,
+        idp_client=idp_client,
+    )

http-api/app/routes/users/emails.py

@@ -0,0 +1,105 @@
+from http import HTTPStatus
+
+from aws_lambda_powertools.event_handler.api_gateway import Router
+from aws_lambda_powertools.event_handler.exceptions import (
+    BadRequestError as PowertoolsBadRequestError,
+)
+from layercake.dynamodb import (
+    DynamoDBCollection,
+    DynamoDBPersistenceLayer,
+    KeyPair,
+    MissingError,
+    PrefixKey,
+)
+from pydantic import BaseModel, EmailStr
+
+from api_gateway import JSONResponse
+from boto3clients import dynamodb_client
+from conf import USER_TABLE
+from middlewares import AuditLogMiddleware
+from rules.user import add_email, del_email, set_email_as_primary
+
+
+class BadRequestError(MissingError, PowertoolsBadRequestError): ...
+
+
+router = Router()
+user_layer = DynamoDBPersistenceLayer(USER_TABLE, dynamodb_client)
+user_collect = DynamoDBCollection(user_layer, exception_cls=BadRequestError)
+
+
+@router.get(
+    '/<id>/emails',
+    compress=True,
+    tags=['User'],
+    summary='Get user emails',
+)
+def get_emails(id: str):
+    return user_collect.query(
+        KeyPair(id, PrefixKey('emails')),
+        start_key=router.current_event.get_query_string_value('start_key', None),
+    )
+
+
+class Email(BaseModel):
+    email: EmailStr
+
+
+@router.post(
+    '/<id>/emails',
+    compress=True,
+    tags=['User'],
+    summary='Add user email',
+    middlewares=[AuditLogMiddleware('EMAIL_ADD', user_collect, ('email',))],
+)
+def post_email(id: str, payload: Email):
+    add_email(id, payload.email, persistence_layer=user_layer)
+    return JSONResponse(
+        body=payload,
+        status_code=HTTPStatus.CREATED,
+    )
+
+
+class EmailAsPrimary(BaseModel):
+    new_email: EmailStr
+    old_email: EmailStr
+    email_verified: bool = False
+
+
+@router.patch(
+    '/<id>/emails',
+    compress=True,
+    tags=['User'],
+    summary='Add user email as primary',
+    middlewares=[
+        AuditLogMiddleware(
+            'EMAIL_CHANGE',
+            user_collect,
+            (
+                'new_email',
+                'old_email',
+            ),
+        )
+    ],
+)
+def patch_email(id: str, payload: EmailAsPrimary):
+    set_email_as_primary(
+        id,
+        payload.new_email,
+        payload.old_email,
+        email_verified=payload.email_verified,
+        persistence_layer=user_layer,
+    )
+    return JSONResponse(body=payload, status_code=HTTPStatus.OK)
+
+
+@router.delete(
+    '/<id>/emails',
+    compress=True,
+    tags=['User'],
+    summary='Delete user email',
+    middlewares=[AuditLogMiddleware('EMAIL_DEL', user_collect, ('email',))],
+)
+def delete_email(id: str, payload: Email):
+    del_email(id, payload.email, persistence_layer=user_layer)
+    return payload

http-api/app/routes/users/logs.py

@@ -0,0 +1,41 @@
+from aws_lambda_powertools.event_handler.api_gateway import Router
+from aws_lambda_powertools.event_handler.exceptions import (
+    BadRequestError as PowertoolsBadRequestError,
+)
+from layercake.dynamodb import (
+    ComposeKey,
+    DynamoDBCollection,
+    DynamoDBPersistenceLayer,
+    MissingError,
+    PartitionKey,
+)
+
+from boto3clients import dynamodb_client
+from conf import USER_TABLE
+
+from .orgs import router as orgs
+
+__all__ = ['orgs']
+
+
+class BadRequestError(MissingError, PowertoolsBadRequestError): ...
+
+
+router = Router()
+user_layer = DynamoDBPersistenceLayer(USER_TABLE, dynamodb_client)
+user_collect = DynamoDBCollection(user_layer, exception_cls=BadRequestError)
+
+
+@router.get(
+    '/<id>/logs',
+    compress=True,
+    tags=['User'],
+    summary='Get user logs',
+)
+def get_logs(id: str):
+    return user_collect.query(
+        # Post-migration: uncomment to enable PartitionKey with a composite key (id with `logs` prefix).
+        # PartitionKey(ComposeKey(id, 'logs')),
+        PartitionKey(ComposeKey(id, 'log', delimiter=':')),
+        start_key=router.current_event.get_query_string_value('start_key', None),
+    )

http-api/app/routes/users/orgs.py

@@ -0,0 +1,62 @@
+from http import HTTPStatus
+
+from aws_lambda_powertools.event_handler.api_gateway import Router
+from aws_lambda_powertools.event_handler.exceptions import (
+    BadRequestError as PowertoolsBadRequestError,
+)
+from layercake.dynamodb import (
+    DynamoDBCollection,
+    DynamoDBPersistenceLayer,
+    KeyPair,
+    MissingError,
+    PrefixKey,
+)
+from layercake.extra_types import CnpjStr
+from pydantic import BaseModel
+
+from api_gateway import JSONResponse
+from boto3clients import dynamodb_client
+from conf import USER_TABLE
+from middlewares.audit_log_middleware import AuditLogMiddleware
+from rules.user import del_org_member
+
+
+class BadRequestError(MissingError, PowertoolsBadRequestError): ...
+
+
+router = Router()
+user_layer = DynamoDBPersistenceLayer(USER_TABLE, dynamodb_client)
+user_collect = DynamoDBCollection(user_layer, exception_cls=BadRequestError)
+
+
+@router.get(
+    '/<id>/orgs',
+    compress=True,
+    tags=['User'],
+    summary='Get user orgs',
+)
+def get_orgs(id: str):
+    return user_collect.query(
+        KeyPair(id, PrefixKey('orgs')),
+        start_key=router.current_event.get_query_string_value('start_key', None),
+    )
+
+
+class Unassign(BaseModel):
+    id: str
+    name: str
+    cnpj: CnpjStr
+
+
+@router.delete(
+    '/<id>/orgs',
+    compress=True,
+    tags=['User'],
+    summary='Delete user org',
+    middlewares=[
+        AuditLogMiddleware('UNASSIGN_ORG', user_collect, ('id', 'name', 'cnpj'))
+    ],
+)
+def delete_org(id: str, payload: Unassign):
+    del_org_member(id, org_id=payload.id, persistence_layer=user_layer)
+    return JSONResponse(status_code=HTTPStatus.OK, body=payload)