feat: add concurrency control to getEntityInfo

Author: giovannibaratta

openapi.yaml

@@ -2,7 +2,7 @@ openapi: 3.0.0
 info:
   title: Workflow Approval System API
   description: API for a SaaS platform that allows customers to manage approvals for generic workflows, users, and groups.
-  version: 0.0.41
+  version: 0.0.42
 tags:
   - name: Authentication
     description: OIDC authentication and token management

openapi/auth/schemas.yaml

@@ -90,6 +90,7 @@ GetEntityInfoUserResponse:
     - groups
     - roles
     - orgRole
+    - concurrencyControl
   properties:
     id:
       type: string
@@ -115,6 +116,8 @@ GetEntityInfoUserResponse:
         - admin
         - member
       description: Role assigned to the user within the organization.
+    concurrencyControl:
+      $ref: ../shared/schemas.yaml#/ConcurrencyControl
 
 GetEntityInfoAgentResponse:
   type: object

package.json

@@ -2,7 +2,7 @@
   "name": "@approvio/api",
   "author": "Giovanni Baratta",
   "license": "MIT",
-  "version": "0.0.47",
+  "version": "0.0.48",
   "private": false,
   "type": "module",
   "main": "./dist/src/index.cjs",
@@ -71,4 +71,4 @@
   "peerDependencies": {
     "fp-ts": "^2.0.0"
   }
-}
+}

src/validators/common.validators.ts

@@ -9,6 +9,7 @@ import {
 } from "../../generated/openapi/model/models"
 import {validateGroupInfo} from "./groups.validators"
 import {validateRoleOperationItem} from "./users.validators"
+import {validateConcurrencyControl} from "./concurrency-control"
 
 export type PaginationValidationError =
   | "malformed_object"
@@ -117,6 +118,7 @@ export type GetEntityInfo200ResponseValidationError =
   | "invalid_roles"
   | "missing_org_role"
   | "invalid_org_role"
+  | "invalid_concurrency_control"
 
 export function validateGetEntityInfo200Response(
   object: unknown
@@ -153,12 +155,17 @@ export function validateGetEntityInfo200Response(
     if (!hasOwnProperty(object, "orgRole")) return left("missing_org_role")
     if (object.orgRole !== "admin" && object.orgRole !== "member") return left("invalid_org_role")
 
+    if (!hasOwnProperty(object, "concurrencyControl")) return left("invalid_concurrency_control")
+    const concurrencyControlValidation = validateConcurrencyControl(object.concurrencyControl)
+    if (isLeft(concurrencyControlValidation)) return left("invalid_concurrency_control")
+
     return right({
       entityType: "user" as const,
       id: object.id,
       groups,
       roles,
-      orgRole: object.orgRole
+      orgRole: object.orgRole,
+      concurrencyControl: concurrencyControlValidation.right
     })
   } else if (object.entityType === "agent") {
     return right({

src/validators/concurrency-control.ts

@@ -0,0 +1,9 @@
+import {Either, left, right} from "fp-ts/lib/Either"
+import {hasOwnProperty, isStringBigInt} from "../utils/validation.utils"
+import {ConcurrencyControl} from "../../generated/openapi/model/concurrency-control"
+
+export function validateConcurrencyControl(object: unknown): Either<"invalid_concurrency_control", ConcurrencyControl> {
+  if (typeof object !== "object" || object === null) return left("invalid_concurrency_control")
+  if (!hasOwnProperty(object, "version") || !isStringBigInt(object.version)) return left("invalid_concurrency_control")
+  return right({version: object.version})
+}

src/validators/users.validators.ts

@@ -11,10 +11,10 @@ import {
   GroupInfo
 } from "../../generated/openapi/model/models"
 import {Either, left, right, isLeft, isRight} from "fp-ts/Either"
-import {hasOwnProperty, isNonEmptyString, isArray} from "../utils/validation.utils"
+import {hasOwnProperty, isNonEmptyString, isArray, isValidUUID} from "../utils/validation.utils"
 import {validatePagination, validateSharedListParams} from "./common.validators"
 import {validateGroupInfo} from "./groups.validators"
-import {validateConcurrencyControl} from "./workflow-templates.validators"
+import {validateConcurrencyControl} from "./concurrency-control"
 
 export type UserValidationError =
   | "malformed_object"
@@ -212,15 +212,21 @@ export function validateRoleScope(object: unknown): Either<RoleScopeValidationEr
     return right({type: "org"})
   } else if (object.type === "space") {
     if (!hasOwnProperty(object, "spaceId")) return left("missing_space_id")
-    if (!isNonEmptyString(object.spaceId)) return left("invalid_space_id")
+    if (!isNonEmptyString(object.spaceId) || !isValidUUID(object.spaceId)) {
+      return left("invalid_space_id")
+    }
     return right({type: "space", spaceId: object.spaceId})
   } else if (object.type === "group") {
     if (!hasOwnProperty(object, "groupId")) return left("missing_group_id")
-    if (!isNonEmptyString(object.groupId)) return left("invalid_group_id")
+    if (!isNonEmptyString(object.groupId) || !isValidUUID(object.groupId)) {
+      return left("invalid_group_id")
+    }
     return right({type: "group", groupId: object.groupId})
   } else if (object.type === "workflow_template") {
     if (!hasOwnProperty(object, "workflowTemplateId")) return left("missing_workflow_template_id")
-    if (!isNonEmptyString(object.workflowTemplateId)) return left("invalid_workflow_template_id")
+    if (!isNonEmptyString(object.workflowTemplateId) || !isValidUUID(object.workflowTemplateId)) {
+      return left("invalid_workflow_template_id")
+    }
     return right({type: "workflow_template", workflowTemplateId: object.workflowTemplateId})
   }
 
@@ -252,6 +258,7 @@ export function validateRoleAssignmentRequest(
 
   if (!hasOwnProperty(object, "roles")) return left("missing_roles")
   if (!isArray(object.roles)) return left("invalid_roles")
+  if (object.roles.length === 0) return left("invalid_roles")
 
   const roles: RoleOperationItem[] = []
   for (const role of object.roles) {

src/validators/workflow-templates.validators.ts

@@ -1,5 +1,5 @@
 import {Either, left, right, isLeft} from "fp-ts/Either"
-import {hasOwnProperty, isNonEmptyString, isStringBigInt} from "../utils/validation.utils"
+import {hasOwnProperty, isNonEmptyString} from "../utils/validation.utils"
 import {getStringAsEnum} from "../utils/enum"
 import {
   WorkflowTemplate,
@@ -9,7 +9,6 @@ import {
   WorkflowTemplateScope,
   WorkflowTemplateSummary,
   WorkflowTemplateStatus,
-  ConcurrencyControl,
   ListWorkflowTemplates200Response,
   ListWorkflowTemplatesParams,
   ApprovalRule,
@@ -22,6 +21,7 @@ import {
 } from "../../generated/openapi/model/models"
 import {ListParamsValidationError, validatePagination, validateSharedListParams} from "./common.validators"
 import {prefixLeft, PrefixUnion} from "../utils/types"
+import {validateConcurrencyControl} from "./concurrency-control"
 
 type EmailActionValidationError =
   | "malformed_object"
@@ -661,9 +661,3 @@ export function validateListWorkflowTemplatesParams(
 
   return right(result)
 }
-
-export function validateConcurrencyControl(object: unknown): Either<"invalid_concurrency_control", ConcurrencyControl> {
-  if (typeof object !== "object" || object === null) return left("invalid_concurrency_control")
-  if (!hasOwnProperty(object, "version") || !isStringBigInt(object.version)) return left("invalid_concurrency_control")
-  return right({version: object.version})
-}

test/validators/common.validators.test.ts

@@ -60,7 +60,8 @@ describe("common validators", () => {
         id: "00000000-0000-4000-8000-000000000000",
         roles: [],
         orgRole: "admin",
-        groups: [{groupId: "00000000-0000-4000-8000-000000000000", groupName: "Group 1"}]
+        groups: [{groupId: "00000000-0000-4000-8000-000000000000", groupName: "Group 1"}],
+        concurrencyControl: {version: "1"}
       }
       const result = validateGetEntityInfo200Response(validReq)
       expect(result).toBeRightOf(validReq)

test/validators/users.validators.test.ts

@@ -394,7 +394,18 @@ describe("user validators", () => {
 
     it("should return left('invalid_roles') when roles is not an array", () => {
       // Given
-      const input = {roles: "admin"}
+      const input = {roles: "admin", concurrencyControl: {version: "1"}}
+
+      // When
+      const result = validateRoleAssignmentRequest(input)
+
+      // Expect
+      expect(result).toBeLeftOf("invalid_roles")
+    })
+
+    it("should return left('invalid_roles') when roles is empty array", () => {
+      // Given
+      const input = {roles: [], concurrencyControl: {version: "1"}}
 
       // When
       const result = validateRoleAssignmentRequest(input)
@@ -405,7 +416,7 @@ describe("user validators", () => {
 
     it("should return left('invalid_roles') when roles contains invalid item", () => {
       // Given
-      const input = {roles: [{roleName: "admin"}]}
+      const input = {roles: [{roleName: "admin"}], concurrencyControl: {version: "1"}}
 
       // When
       const result = validateRoleAssignmentRequest(input)
@@ -414,6 +425,44 @@ describe("user validators", () => {
       expect(result).toBeLeftOf("invalid_roles")
     })
 
+    it("should return left('invalid_roles') when spaceId is not a valid UUID", () => {
+      // Given
+      const input = {
+        roles: [
+          {
+            roleName: "admin",
+            scope: {type: "space", spaceId: "not-a-uuid"}
+          }
+        ],
+        concurrencyControl: {version: "1"}
+      }
+
+      // When
+      const result = validateRoleAssignmentRequest(input)
+
+      // Expect
+      expect(result).toBeLeftOf("invalid_roles")
+    })
+
+    it("should return right when spaceId is a valid UUID", () => {
+      // Given
+      const input = {
+        roles: [
+          {
+            roleName: "admin",
+            scope: {type: "space", spaceId: "018f1c8f-2878-7c8a-9f4a-9b5a1a1f3c3a"}
+          }
+        ],
+        concurrencyControl: {version: "1"}
+      }
+
+      // When
+      const result = validateRoleAssignmentRequest(input)
+
+      // Expect
+      expect(result).toBeRightOf(input)
+    })
+
     it("should return left('invalid_concurrency_control') when concurrencyControl is missing", () => {
       // Given
       // eslint-disable-next-line @typescript-eslint/no-unused-vars