Skip to content

creating membership api dynamo tables #31

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 4 commits into from
Closed

creating membership api dynamo tables #31

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
e0b7956
creating membership api dynamo tables
devksingh4 Jan 10, 2025
28a8902
scaffold the check membership route
devksingh4 Jan 10, 2025
8bb0ec7
fix linting
devksingh4 Jan 10, 2025
f51579d
Merge branch 'main' into krive5/membership
devksingh4 Jan 10, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 3 additions & 1 deletion cloudformation/iam.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,8 @@ Resources:
- !Sub arn:aws:dynamodb:${AWS::Region}:${AWS::AccountId}:table/infra-core-api-iam-userroles/*
- !Sub arn:aws:dynamodb:${AWS::Region}:${AWS::AccountId}:table/infra-core-api-iam-grouproles
- !Sub arn:aws:dynamodb:${AWS::Region}:${AWS::AccountId}:table/infra-core-api-iam-grouproles/*
- !Sub arn:aws:dynamodb:${AWS::Region}:${AWS::AccountId}:table/infra-core-api-membership-logs
- !Sub arn:aws:dynamodb:${AWS::Region}:${AWS::AccountId}:table/infra-core-api-membership-logs/*

PolicyName: lambda-dynamo
Outputs:
Expand All @@ -85,4 +87,4 @@ Outputs:
Value:
Fn::GetAtt:
- ApiLambdaIAMRole
- Arn
- Arn
32 changes: 24 additions & 8 deletions cloudformation/main.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -93,7 +93,7 @@ Resources:
Environment:
Variables:
RunEnvironment: !Ref RunEnvironment
VpcConfig:
VpcConfig:
Ipv6AllowedForDualStack: !If [ShouldAttachVpc, True, !Ref AWS::NoValue]
SecurityGroupIds: !If [ShouldAttachVpc, !FindInMap [EnvironmentToCidr, !Ref RunEnvironment, SecurityGroupIds], !Ref AWS::NoValue]
SubnetIds: !If [ShouldAttachVpc, !FindInMap [EnvironmentToCidr, !Ref RunEnvironment, SubnetIds], !Ref AWS::NoValue]
Expand All @@ -107,7 +107,7 @@ Resources:

IamGroupRolesTable:
Type: 'AWS::DynamoDB::Table'
DeletionPolicy: "Retain"
DeletionPolicy: "Retain"
Properties:
BillingMode: 'PAY_PER_REQUEST'
TableName: infra-core-api-iam-grouproles
Expand All @@ -123,7 +123,7 @@ Resources:

IamUserRolesTable:
Type: 'AWS::DynamoDB::Table'
DeletionPolicy: "Retain"
DeletionPolicy: "Retain"
Properties:
BillingMode: 'PAY_PER_REQUEST'
TableName: infra-core-api-iam-userroles
Expand All @@ -139,7 +139,7 @@ Resources:

EventRecordsTable:
Type: 'AWS::DynamoDB::Table'
DeletionPolicy: "Retain"
DeletionPolicy: "Retain"
Properties:
BillingMode: 'PAY_PER_REQUEST'
TableName: infra-core-api-events
Expand All @@ -162,9 +162,25 @@ Resources:
Projection:
ProjectionType: ALL

MembershipRecordsTable:
Type: 'AWS::DynamoDB::Table'
DeletionPolicy: "Retain"
Properties:
BillingMode: 'PAY_PER_REQUEST'
TableName: infra-core-api-membership-logs
DeletionProtectionEnabled: true
PointInTimeRecoverySpecification:
PointInTimeRecoveryEnabled: !If [IsProd, true, false]
AttributeDefinitions:
- AttributeName: email
AttributeType: S
KeySchema:
- AttributeName: email
KeyType: HASH

CacheRecordsTable:
Type: 'AWS::DynamoDB::Table'
DeletionPolicy: "Retain"
DeletionPolicy: "Retain"
Properties:
BillingMode: 'PAY_PER_REQUEST'
TableName: infra-core-api-cache
Expand All @@ -183,7 +199,7 @@ Resources:

AppApiGateway:
Type: AWS::Serverless::Api
DependsOn:
DependsOn:
- AppApiLambdaFunction
Properties:
Name: !Sub ${ApplicationPrefix}-gateway
Expand All @@ -194,7 +210,7 @@ Resources:
Name: AWS::Include
Parameters:
Location: ./phony-swagger.yml
Domain:
Domain:
DomainName: !Sub
- "${ApplicationPrefix}.${BaseDomainName}"
- BaseDomainName: !FindInMap
Expand Down Expand Up @@ -296,4 +312,4 @@ Resources:
- !Ref AWS::AccountId
- ":"
- !Ref AppApiGateway
- "/*/*/*"
- "/*/*/*"
5 changes: 5 additions & 0 deletions src/api/functions/validation.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,3 +5,8 @@
const result = emailSchema.safeParse(email);
return result.success;
}

export function validateNetId(netId: string): boolean {

Check warning on line 9 in src/api/functions/validation.ts

View workflow job for this annotation

GitHub Actions / Run Unit Tests 

'netId' is defined but never used. Allowed unused args must match /^_/u
// TODO: write this function to check if the netid matches this regex: [a-zA-Z0-9\-]+
return true;
}
2 changes: 2 additions & 0 deletions src/api/index.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ import vendingPlugin from "./routes/vending.js";
import * as dotenv from "dotenv";
import iamRoutes from "./routes/iam.js";
import ticketsPlugin from "./routes/tickets.js";
import membershipPlugin from "./routes/membership.js";
dotenv.config();

const now = () => Date.now();
Expand Down Expand Up @@ -75,6 +76,7 @@ async function init() {
api.register(organizationsPlugin, { prefix: "/organizations" });
api.register(icalPlugin, { prefix: "/ical" });
api.register(iamRoutes, { prefix: "/iam" });
api.register(membershipPlugin, { prefix: "/membership" });
api.register(ticketsPlugin, { prefix: "/tickets" });
if (app.runEnvironment === "dev") {
api.register(vendingPlugin, { prefix: "/vending" });
Expand Down
39 changes: 39 additions & 0 deletions src/api/routes/membership.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
import { validateNetId } from "api/functions/validation.js";
import { FastifyPluginAsync } from "fastify";
import { ValidationError } from "zod-validation-error";

const membershipPlugin: FastifyPluginAsync = async (fastify, _options) => {
fastify.get<{
Body: undefined;
Querystring: { netId: string };
}>(
"/:netId",
{
schema: {
querystring: {
type: "object",
properties: {
netId: {
type: "string",
},
},
},
},
},
async (request, reply) => {
const netId = (request.params as Record<string, string>).netId;
if (!validateNetId(netId)) {
// TODO: implement the validateNetId function
throw new ValidationError(`${netId} is not a valid Illinois NetID!`);
}
// TODOs below:
// 1. Check Dynamo table infra-core-api-membership-logs to see if `[email protected]` has an entry. if yes, return the json {netid: netid, isPaidMember: true}
// 2. Call checkGroupMembership(token, `[email protected]`, groupId). if yes, {netid: netid, isPaidMember: result}
// 3. If AAD says they're a member, insert this yes result into infra-core-api-membership-logs so that it's cached for the next time.
// request.log.debug(`Checking the group ID ${fastify.environmentConfig.PaidMemberGroupId} for membership`)
reply.send(`Hello, ${netId}!`);
},
);
};

export default membershipPlugin;
3 changes: 3 additions & 0 deletions src/common/config.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ export type ConfigType = {
UserRoleMapping: UserRoleMapping;
ValidCorsOrigins: ValueOrArray<OriginType> | OriginFunction;
AadValidClientId: string;
PaidMemberGroupId: string;
};

type GenericConfigType = {
Expand Down Expand Up @@ -79,6 +80,7 @@ const environmentConfig: EnvironmentConfigType = {
/^https:\/\/(?:.*\.)?acmuiuc\.pages\.dev$/,
],
AadValidClientId: "39c28870-94e4-47ee-b4fb-affe0bf96c9f",
PaidMemberGroupId: "9222451f-b354-4e64-ba28-c0f367a277c2"
},
prod: {
GroupRoleMapping: {
Expand Down Expand Up @@ -109,6 +111,7 @@ const environmentConfig: EnvironmentConfigType = {
/^https:\/\/(?:.*\.)?acmuiuc\.pages\.dev$/,
],
AadValidClientId: "5e08cf0f-53bb-4e09-9df2-e9bdc3467296",
PaidMemberGroupId: "172fd9ee-69f0-4384-9786-41ff1a43cf8e"
},
};

Expand Down
Loading