Merged mainscreen-api with siglead-management

Author: eeen17

cloudformation/iam.yml

@@ -99,6 +99,14 @@ Resources:
             Resource:
               - Fn::Sub: arn:aws:dynamodb:${AWS::Region}:${AWS::AccountId}:table/infra-core-api-cache
 
+          - Sid: DynamoDBRateLimitTableAccess
+            Effect: Allow
+            Action:
+              - dynamodb:DescribeTable
+              - dynamodb:UpdateItem
+            Resource:
+              - Fn::Sub: arn:aws:dynamodb:${AWS::Region}:${AWS::AccountId}:table/infra-core-api-rate-limiter
+
           - Sid: DynamoDBAuditLogTableAccess
             Effect: Allow
             Action:

cloudformation/main.yml

@@ -408,6 +408,30 @@ Resources:
         - AttributeName: userEmail
           KeyType: HASH
 
+  RateLimiterTable:
+    Type: "AWS::DynamoDB::Table"
+    DeletionPolicy: "Delete"
+    UpdateReplacePolicy: "Delete"
+    Properties:
+      BillingMode: "PAY_PER_REQUEST"
+      TableName: infra-core-api-rate-limiter
+      DeletionProtectionEnabled: true
+      PointInTimeRecoverySpecification:
+        PointInTimeRecoveryEnabled: false
+      AttributeDefinitions:
+        - AttributeName: PK
+          AttributeType: S
+        - AttributeName: SK
+          AttributeType: S
+      KeySchema:
+        - AttributeName: PK
+          KeyType: HASH
+        - AttributeName: SK
+          KeyType: RANGE
+      TimeToLiveSpecification:
+        AttributeName: ttl
+        Enabled: true
+
   EventRecordsTable:
     Type: "AWS::DynamoDB::Table"
     DeletionPolicy: "Retain"

src/api/functions/siglead.ts

@@ -0,0 +1,115 @@
+import {
+  DynamoDBClient,
+  QueryCommand,
+  ScanCommand,
+} from "@aws-sdk/client-dynamodb";
+import { unmarshall } from "@aws-sdk/util-dynamodb";
+import { OrganizationList } from "common/orgs.js";
+import {
+  SigDetailRecord,
+  SigMemberCount,
+  SigMemberRecord,
+} from "common/types/siglead.js";
+import { transformSigLeadToURI } from "common/utils.js";
+import { string } from "zod";
+
+export async function fetchMemberRecords(
+  sigid: string,
+  tableName: string,
+  dynamoClient: DynamoDBClient,
+) {
+  const fetchSigMemberRecords = new QueryCommand({
+    TableName: tableName,
+    KeyConditionExpression: "#sigid = :accessVal",
+    ExpressionAttributeNames: {
+      "#sigid": "sigGroupId",
+    },
+    ExpressionAttributeValues: {
+      ":accessVal": { S: sigid },
+    },
+    ScanIndexForward: false,
+  });
+
+  const result = await dynamoClient.send(fetchSigMemberRecords);
+
+  // Process the results
+  return (result.Items || []).map((item) => {
+    const unmarshalledItem = unmarshall(item);
+    return unmarshalledItem as SigMemberRecord;
+  });
+}
+
+export async function fetchSigDetail(
+  sigid: string,
+  tableName: string,
+  dynamoClient: DynamoDBClient,
+) {
+  const fetchSigDetail = new QueryCommand({
+    TableName: tableName,
+    KeyConditionExpression: "#sigid = :accessVal",
+    ExpressionAttributeNames: {
+      "#sigid": "sigid",
+    },
+    ExpressionAttributeValues: {
+      ":accessVal": { S: sigid },
+    },
+    ScanIndexForward: false,
+  });
+
+  const result = await dynamoClient.send(fetchSigDetail);
+
+  // Process the results
+  return (result.Items || [{}]).map((item) => {
+    const unmarshalledItem = unmarshall(item);
+
+    // Strip '#' from access field
+    delete unmarshalledItem.leadGroupId;
+    delete unmarshalledItem.memberGroupId;
+
+    return unmarshalledItem as SigDetailRecord;
+  })[0];
+}
+
+// select count(sigid)
+// from table
+// groupby sigid
+export async function fetchSigCounts(
+  sigMemberTableName: string,
+  dynamoClient: DynamoDBClient,
+) {
+  const scan = new ScanCommand({
+    TableName: sigMemberTableName,
+    ProjectionExpression: "sigGroupId",
+  });
+
+  const result = await dynamoClient.send(scan);
+
+  const ids2Name: Record<string, string> = {};
+  OrganizationList.forEach((org) => {
+    const sigid = transformSigLeadToURI(org);
+    ids2Name[sigid] = org;
+  });
+
+  const counts: Record<string, number> = {};
+  (result.Items || []).forEach((item) => {
+    const sigGroupId = item.sigGroupId?.S;
+    if (sigGroupId) {
+      counts[sigGroupId] = (counts[sigGroupId] || 0) + 1;
+    }
+  });
+
+  const joined: Record<string, [string, number]> = {};
+  Object.keys(counts).forEach((sigid) => {
+    joined[sigid] = [ids2Name[sigid], counts[sigid]];
+  });
+
+  const countsArray: SigMemberCount[] = Object.entries(joined).map(
+    ([sigid, [signame, count]]) => ({
+      sigid,
+      signame,
+      count,
+    }),
+  );
+  console.log(countsArray);
+  return countsArray;
+}

src/api/routes/siglead.ts

@@ -1,72 +1,137 @@
-import { FastifyInstance, FastifyPluginAsync } from "fastify";
-import { allAppRoles, AppRoles } from "../../common/roles.js";
-import {
-  addToTenant,
-  getEntraIdToken,
-  listGroupMembers,
-  modifyGroup,
-  patchUserProfile,
-} from "../functions/entraId.js";
-import {
-  BaseError,
-  DatabaseFetchError,
-  DatabaseInsertError,
-  EntraGroupError,
-  EntraInvitationError,
-  InternalServerError,
-  NotFoundError,
-  UnauthorizedError,
-} from "../../common/errors/index.js";
-import { PutItemCommand } from "@aws-sdk/client-dynamodb";
+import { FastifyPluginAsync } from "fastify";
+import { DatabaseFetchError } from "../../common/errors/index.js";
+
 import { genericConfig } from "../../common/config.js";
-import { marshall } from "@aws-sdk/util-dynamodb";
+
 import {
-  InviteUserPostRequest,
-  invitePostRequestSchema,
-  GroupMappingCreatePostRequest,
-  groupMappingCreatePostSchema,
-  entraActionResponseSchema,
-  groupModificationPatchSchema,
-  GroupModificationPatchRequest,
-  EntraGroupActions,
-  entraGroupMembershipListResponse,
-  ProfilePatchRequest,
-  entraProfilePatchRequest,
-} from "../../common/types/iam.js";
+  SigDetailRecord,
+  SigleadGetRequest,
+  SigMemberCount,
+  SigMemberRecord,
+} from "common/types/siglead.js";
 import {
-  AUTH_DECISION_CACHE_SECONDS,
-  getGroupRoles,
-} from "../functions/authorization.js";
-import { OrganizationList } from "common/orgs.js";
-import { z } from "zod";
+  fetchMemberRecords,
+  fetchSigCounts,
+  fetchSigDetail,
+} from "api/functions/siglead.js";
+import { intersection } from "api/plugins/auth.js";
+
+const sigleadRoutes: FastifyPluginAsync = async (fastify, _options) => {
+  const limitedRoutes: FastifyPluginAsync = async (fastify) => {
+    /*fastify.register(rateLimiter, {
+      limit: 30,
+      duration: 60,
+      rateLimitIdentifier: "linkry",
+    });*/
 
-const OrganizationListEnum = z.enum(OrganizationList as [string, ...string[]]);
-export type Org = z.infer<typeof OrganizationListEnum>;
+    fastify.get<SigleadGetRequest>(
+      "/sigmembers/:sigid",
+      {
+        onRequest: async (request, reply) => {
+          /*await fastify.authorize(request, reply, [
+            AppRoles.LINKS_MANAGER,
+            AppRoles.LINKS_ADMIN,
+          ]);*/
+        },
+      },
+      async (request, reply) => {
+        const { sigid } = request.params;
+        const tableName = genericConfig.SigleadDynamoSigMemberTableName;
 
-type Member = { name: string; email: string };
-type OrgMembersResponse = { org: Org; members: Member[] };
+        // First try-catch: Fetch owner records
+        let memberRecords: SigMemberRecord[];
+        try {
+          memberRecords = await fetchMemberRecords(
+            sigid,
+            tableName,
+            fastify.dynamoClient,
+          );
+        } catch (error) {
+          request.log.error(
+            `Failed to fetch member records: ${error instanceof Error ? error.toString() : "Unknown error"}`,
+          );
+          throw new DatabaseFetchError({
+            message: "Failed to fetch member records from Dynamo table.",
+          });
+        }
 
-const sigleadRoutes: FastifyPluginAsync = async (fastify, _options) => {
-  fastify.get<{
-    Reply: OrgMembersResponse[];
-  }>("/groups", async (request, reply) => {
-    const entraIdToken = await getEntraIdToken(
+        // Send the response
+        reply.code(200).send(memberRecords);
+      },
+    );
+
+    fastify.get<SigleadGetRequest>(
+      "/sigdetail/:sigid",
       {
-        smClient: fastify.secretsManagerClient,
-        dynamoClient: fastify.dynamoClient,
+        onRequest: async (request, reply) => {
+          /*await fastify.authorize(request, reply, [
+              AppRoles.LINKS_MANAGER,
+              AppRoles.LINKS_ADMIN,
+            ]);*/
+        },
+      },
+      async (request, reply) => {
+        const { sigid } = request.params;
+        const tableName = genericConfig.SigleadDynamoSigDetailTableName;
+
+        // First try-catch: Fetch owner records
+        let sigDetail: SigDetailRecord;
+        try {
+          sigDetail = await fetchSigDetail(
+            sigid,
+            tableName,
+            fastify.dynamoClient,
+          );
+        } catch (error) {
+          request.log.error(
+            `Failed to fetch sig detail record: ${error instanceof Error ? error.toString() : "Unknown error"}`,
+          );
+          throw new DatabaseFetchError({
+            message: "Failed to fetch sig detail record from Dynamo table.",
+          });
+        }
+
+        // Send the response
+        reply.code(200).send(sigDetail);
       },
-      fastify.environmentConfig.AadValidClientId,
     );
 
-    const data = await Promise.all(
-      OrganizationList.map(async (org) => {
-        const members: Member[] = await listGroupMembers(entraIdToken, org);
-        return { org, members } as OrgMembersResponse;
-      }),
+    // fetch sig count
+    fastify.get<SigleadGetRequest>(
+      "/sigcount",
+      {
+        onRequest: async (request, reply) => {
+          /*await fastify.authorize(request, reply, [
+              AppRoles.LINKS_MANAGER,
+              AppRoles.LINKS_ADMIN,
+            ]);*/
+        },
+      },
+      async (request, reply) => {
+        // First try-catch: Fetch owner records
+        let sigMemCounts: SigMemberCount[];
+        try {
+          sigMemCounts = await fetchSigCounts(
+            genericConfig.SigleadDynamoSigMemberTableName,
+            fastify.dynamoClient,
+          );
+        } catch (error) {
+          request.log.error(
+            `Failed to fetch sig member counts record: ${error instanceof Error ? error.toString() : "Unknown error"}`,
+          );
+          throw new DatabaseFetchError({
+            message:
+              "Failed to fetch sig member counts record from Dynamo table.",
+          });
+        }
+
+        // Send the response
+        reply.code(200).send(sigMemCounts);
+      },
     );
+  };
 
-    reply.status(200).send(data);
-  });
+  fastify.register(limitedRoutes);
 };
 
 export default sigleadRoutes;

src/common/config.ts

@@ -48,6 +48,10 @@ export type GenericConfigType = {
   EntraReadOnlySecretName: string;
   AuditLogTable: string;
   ApiKeyTable: string;
+
+  RateLimiterDynamoTableName: string;
+  SigleadDynamoSigDetailTableName: string;
+  SigleadDynamoSigMemberTableName: string;
 };
 
 type EnvironmentConfigType = {
@@ -63,6 +67,8 @@ export const commChairsTestingGroupId = "d714adb7-07bb-4d4d-a40a-b035bc2a35a3";
 export const commChairsGroupId = "105e7d32-7289-435e-a67a-552c7f215507";
 export const miscTestingGroupId = "ff25ec56-6a33-420d-bdb0-51d8a3920e46";
 
+export const orgsGroupId = "0b3be7c2-748e-46ce-97e7-cf86f9ca7337";
+
 const genericConfig: GenericConfigType = {
   EventsDynamoTableName: "infra-core-api-events",
   StripeLinksDynamoTableName: "infra-core-api-stripe-links",
@@ -86,6 +92,10 @@ const genericConfig: GenericConfigType = {
   RoomRequestsStatusTableName: "infra-core-api-room-requests-status",
   AuditLogTable: "infra-core-api-audit-log",
   ApiKeyTable: "infra-core-api-keys",
+
+  RateLimiterDynamoTableName: "infra-core-api-rate-limiter",
+  SigleadDynamoSigDetailTableName: "infra-core-api-sig-details",
+  SigleadDynamoSigMemberTableName: "infra-core-api-sig-member-details",
 } as const;
 
 const environmentConfig: EnvironmentConfigType = {

src/common/orgs.ts

@@ -4,7 +4,7 @@ export const SIGList = [
   "GameBuilders",
   "SIGAIDA",
   "SIGGRAPH",
-  "ICPC",
+  "SIGICPC",
   "SIGMobile",
   "SIGMusic",
   "GLUG",