feat(EG-444): improve user organization access

packages/back-end/src/app/controllers/easy-genomics/laboratory/user/add-laboratory-user.lambda.ts

@@ -1,8 +1,15 @@
 import { ConditionalCheckFailedException } from '@aws-sdk/client-dynamodb';
 import { AddLaboratoryUserSchema } from '@easy-genomics/shared-lib/src/app/schema/easy-genomics/laboratory-user';
+import { Status } from '@easy-genomics/shared-lib/src/app/types/base-entity';
 import { Laboratory } from '@easy-genomics/shared-lib/src/app/types/easy-genomics/laboratory';
 import { LaboratoryUser } from '@easy-genomics/shared-lib/src/app/types/easy-genomics/laboratory-user';
-import { User } from '@easy-genomics/shared-lib/src/app/types/easy-genomics/user';
+import {
+  LaboratoryAccess,
+  LaboratoryAccessDetails,
+  OrganizationAccess,
+  OrganizationAccessDetails,
+  User,
+} from '@easy-genomics/shared-lib/src/app/types/easy-genomics/user';
 import { buildResponse } from '@easy-genomics/shared-lib/src/app/utils/common';
 import { APIGatewayProxyResult, APIGatewayProxyWithCognitoAuthorizerEvent, Handler } from 'aws-lambda';
 import { LaboratoryService } from '../../../../services/easy-genomics/laboratory-service';
@@ -28,6 +35,8 @@ export const handler: Handler = async (
     // Data validation safety check
     if (!AddLaboratoryUserSchema.safeParse(request).success) throw new Error('Invalid request');
 
+    const status: Status = (request.Status === 'Inactive') ? 'Inactive' : 'Active';
+
     // Lookup by LaboratoryId & UserId to confirm existence before adding
     const laboratory: Laboratory = await laboratoryService.queryByLaboratoryId(request.LaboratoryId);
     const user: User = await userService.get(request.UserId);
@@ -43,16 +52,28 @@ export const handler: Handler = async (
       }
     }
 
-    // Retrieve the User's OrganizationAccess metadata to add LaboratoryId
-    const laboratoryIds: string[] = (user.OrganizationAccess)
-      ? user.OrganizationAccess[laboratory.OrganizationId] || []
-      : [];
+    // Retrieve the User's OrganizationAccess metadata to update
+    const organizationAccess: OrganizationAccess | undefined = user.OrganizationAccess;
+    const organizationStatus = (organizationAccess && organizationAccess[laboratory.OrganizationId])
+      ? organizationAccess[laboratory.OrganizationId].Status
+      : 'Inactive'; // Fallback default
+
+    const laboratoryAccess: LaboratoryAccess | undefined =
+      (user.OrganizationAccess && user.OrganizationAccess[laboratory.OrganizationId])
+        ? user.OrganizationAccess[laboratory.OrganizationId].LaboratoryAccess
+        : undefined;
 
     const response: boolean = await platformUserService.addExistingUserToLaboratory({
       ...user,
       OrganizationAccess: {
         ...user.OrganizationAccess,
-        [laboratory.OrganizationId]: [...new Set([...laboratoryIds, laboratory.LaboratoryId])],
+        [laboratory.OrganizationId]: <OrganizationAccessDetails>{
+          Status: organizationStatus,
+          LaboratoryAccess: <LaboratoryAccessDetails>{
+            ...laboratoryAccess,
+            [laboratory.LaboratoryId]: { Status: status },
+          },
+        },
       },
       ModifiedAt: new Date().toISOString(),
       ModifiedBy: currentUserId,

packages/back-end/src/app/controllers/easy-genomics/laboratory/user/edit-laboratory-user.lambda.ts

@@ -1,33 +1,88 @@
 import { EditLaboratoryUserSchema } from '@easy-genomics/shared-lib/src/app/schema/easy-genomics/laboratory-user';
+import { Status } from '@easy-genomics/shared-lib/src/app/types/base-entity';
+import { Laboratory } from '@easy-genomics/shared-lib/src/app/types/easy-genomics/laboratory';
 import { LaboratoryUser } from '@easy-genomics/shared-lib/src/app/types/easy-genomics/laboratory-user';
+import {
+  LaboratoryAccess,
+  LaboratoryAccessDetails,
+  OrganizationAccess,
+  OrganizationAccessDetails,
+  User,
+} from '@easy-genomics/shared-lib/src/app/types/easy-genomics/user';
 import { buildResponse } from '@easy-genomics/shared-lib/src/app/utils/common';
 import { APIGatewayProxyResult, APIGatewayProxyWithCognitoAuthorizerEvent, Handler } from 'aws-lambda';
+import { LaboratoryService } from '../../../../services/easy-genomics/laboratory-service';
 import { LaboratoryUserService } from '../../../../services/easy-genomics/laboratory-user-service';
+import { PlatformUserService } from '../../../../services/easy-genomics/platform-user-service';
+import { UserService } from '../../../../services/easy-genomics/user-service';
 
 const laboratoryUserService = new LaboratoryUserService();
+const laboratoryService = new LaboratoryService();
+const platformUserService = new PlatformUserService();
+const userService = new UserService();
 
 export const handler: Handler = async (
   event: APIGatewayProxyWithCognitoAuthorizerEvent,
 ): Promise<APIGatewayProxyResult> => {
   console.log('EVENT: \n' + JSON.stringify(event, null, 2));
   try {
-    const userId: string = event.requestContext.authorizer.claims['cognito:username'];
+    const currentUserId: string = event.requestContext.authorizer.claims['cognito:username'];
     // Post Request Body
     const request: LaboratoryUser = (
       event.isBase64Encoded ? JSON.parse(atob(event.body!)) : JSON.parse(event.body!)
     );
     // Data validation safety check
     if (!EditLaboratoryUserSchema.safeParse(request).success) throw new Error('Invalid request');
 
+    const status: Status = (request.Status === 'Inactive') ? 'Inactive' : 'Active';
+
+    // Verify User has access to the Organization - throws error if not found
+    const laboratoryUser: LaboratoryUser = await laboratoryUserService.get(request.LaboratoryId, request.UserId);
+
     // Lookup by LaboratoryId & UserId to confirm existence before updating
-    const existing: LaboratoryUser = await laboratoryUserService.get(request.LaboratoryId, request.UserId);
-    const updated: LaboratoryUser = await laboratoryUserService.update({
-      ...existing,
-      ...request,
-      ModifiedAt: new Date().toISOString(),
-      ModifiedBy: userId,
-    });
-    return buildResponse(200, JSON.stringify(updated), event);
+    const laboratory: Laboratory = await laboratoryService.queryByLaboratoryId(request.LaboratoryId);
+    const user: User = await userService.get(request.UserId);
+
+    // Retrieve the User's OrganizationAccess metadata to update
+    const organizationAccess: OrganizationAccess | undefined = user.OrganizationAccess;
+    const organizationStatus = (organizationAccess && organizationAccess[laboratory.OrganizationId])
+      ? organizationAccess[laboratory.OrganizationId].Status
+      : 'Inactive'; // Fallback default
+
+    const laboratoryAccess: LaboratoryAccess | undefined =
+      (user.OrganizationAccess && user.OrganizationAccess[laboratory.OrganizationId])
+        ? user.OrganizationAccess[laboratory.OrganizationId].LaboratoryAccess
+        : undefined;
+
+    const response: boolean = await platformUserService.editExistingUserAccessToLaboratory(
+      {
+        ...user,
+        OrganizationAccess: {
+          ...organizationAccess,
+          [laboratory.OrganizationId]: <OrganizationAccessDetails>{
+            Status: organizationStatus,
+            LaboratoryAccess: <LaboratoryAccessDetails>{
+              ...laboratoryAccess,
+              [laboratory.LaboratoryId]: {
+                Status: status,
+              },
+            },
+          },
+        },
+        ModifiedAt: new Date().toISOString(),
+        ModifiedBy: currentUserId,
+      }, {
+        ...laboratoryUser,
+        ...request,
+        Status: status,
+        ModifiedAt: new Date().toISOString(),
+        ModifiedBy: currentUserId,
+      },
+    );
+
+    if (response) {
+      return buildResponse(200, JSON.stringify({ Status: 'Success' }), event);
+    }
   } catch (err: any) {
     console.error(err);
     return {

packages/back-end/src/app/controllers/easy-genomics/laboratory/user/remove-laboratory-user.lambda.ts

@@ -1,7 +1,12 @@
 import { RemoveLaboratoryUserSchema } from '@easy-genomics/shared-lib/src/app/schema/easy-genomics/laboratory-user';
 import { Laboratory } from '@easy-genomics/shared-lib/src/app/types/easy-genomics/laboratory';
 import { LaboratoryUser } from '@easy-genomics/shared-lib/src/app/types/easy-genomics/laboratory-user';
-import { User } from '@easy-genomics/shared-lib/src/app/types/easy-genomics/user';
+import {
+  LaboratoryAccess,
+  OrganizationAccess,
+  OrganizationAccessDetails,
+  User,
+} from '@easy-genomics/shared-lib/src/app/types/easy-genomics/user';
 import { buildResponse } from '@easy-genomics/shared-lib/src/app/utils/common';
 import { APIGatewayProxyResult, APIGatewayProxyWithCognitoAuthorizerEvent, Handler } from 'aws-lambda';
 import { LaboratoryService } from '../../../../services/easy-genomics/laboratory-service';
@@ -34,16 +39,26 @@ export const handler: Handler = async (
     const laboratory: Laboratory = await laboratoryService.queryByLaboratoryId(request.LaboratoryId);
     const user: User = await userService.get(request.UserId);
 
-    // Retrieve the User's OrganizationAccess metadata to add LaboratoryId
-    const laboratoryIds: string[] = (user.OrganizationAccess)
-      ? user.OrganizationAccess[laboratory.OrganizationId] || []
-      : [];
+    // Retrieve the User's OrganizationAccess metadata to update
+    const organizationAccess: OrganizationAccess | undefined = user.OrganizationAccess;
+    const organizationStatus = (organizationAccess && organizationAccess[laboratory.OrganizationId])
+      ? organizationAccess[laboratory.OrganizationId].Status
+      : 'Inactive'; // Fallback default
+
+    const laboratoryAccess: LaboratoryAccess | undefined =
+      (user.OrganizationAccess && user.OrganizationAccess[laboratory.OrganizationId])
+        ? user.OrganizationAccess[laboratory.OrganizationId].LaboratoryAccess
+        : undefined;
+    (laboratoryAccess) ? delete laboratoryAccess[laboratory.LaboratoryId] : false;
 
     const response: boolean = await platformUserService.removeExistingUserFromLaboratory({
       ...user,
       OrganizationAccess: {
-        ...user.OrganizationAccess,
-        [laboratory.OrganizationId]: [...new Set([...laboratoryIds.filter(_ => _ !== laboratory.LaboratoryId)])],
+        ...organizationAccess,
+        [laboratory.OrganizationId]: <OrganizationAccessDetails>{
+          Status: organizationStatus,
+          LaboratoryAccess: laboratoryAccess,
+        },
       },
       ModifiedAt: new Date().toISOString(),
       ModifiedBy: currentUserId,

packages/back-end/src/app/controllers/easy-genomics/organization/user/edit-organization-user.lambda.ts

@@ -1,33 +1,71 @@
 import { EditOrganizationUserSchema } from '@easy-genomics/shared-lib/src/app/schema/easy-genomics/organization-user';
+import { Status } from '@easy-genomics/shared-lib/src/app/types/base-entity';
 import { OrganizationUser } from '@easy-genomics/shared-lib/src/app/types/easy-genomics/organization-user';
+import {
+  LaboratoryAccess,
+  OrganizationAccess,
+  OrganizationAccessDetails,
+  User,
+} from '@easy-genomics/shared-lib/src/app/types/easy-genomics/user';
 import { buildResponse } from '@easy-genomics/shared-lib/src/app/utils/common';
 import { APIGatewayProxyResult, APIGatewayProxyWithCognitoAuthorizerEvent, Handler } from 'aws-lambda';
 import { OrganizationUserService } from '../../../../services/easy-genomics/organization-user-service';
+import { PlatformUserService } from '../../../../services/easy-genomics/platform-user-service';
+import { UserService } from '../../../../services/easy-genomics/user-service';
 
 const organizationUserService = new OrganizationUserService();
+const platformUserService = new PlatformUserService();
+const userService = new UserService();
 
 export const handler: Handler = async (
   event: APIGatewayProxyWithCognitoAuthorizerEvent,
 ): Promise<APIGatewayProxyResult> => {
   console.log('EVENT: \n' + JSON.stringify(event, null, 2));
   try {
-    const userId: string = event.requestContext.authorizer.claims['cognito:username'];
+    const currentUserId: string = event.requestContext.authorizer.claims['cognito:username'];
     // Post Request Body
     const request: OrganizationUser = (
       event.isBase64Encoded ? JSON.parse(atob(event.body!)) : JSON.parse(event.body!)
     );
     // Data validation safety check
     if (!EditOrganizationUserSchema.safeParse(request).success) throw new Error('Invalid request');
 
+    const status: Status = (request.Status === 'Inactive') ? 'Inactive' : 'Active';
+
     // Lookup by OrganizationId & UserId to confirm existence before updating
-    const existing: OrganizationUser = await organizationUserService.get(request.OrganizationId, request.UserId);
-    const updated: OrganizationUser = await organizationUserService.update({
-      ...existing,
-      ...request,
-      ModifiedAt: new Date().toISOString(),
-      ModifiedBy: userId,
-    });
-    return buildResponse(200, JSON.stringify(updated), event);
+    const organizationUser: OrganizationUser = await organizationUserService.get(request.OrganizationId, request.UserId);
+    const user: User = await userService.get(request.UserId);
+
+    // Retrieve the User's OrganizationAccess metadata to update
+    const organizationAccess: OrganizationAccess | undefined = user.OrganizationAccess;
+    const laboratoryAccess: LaboratoryAccess | undefined =
+      (organizationAccess && organizationAccess[request.OrganizationId])
+        ? organizationAccess[request.OrganizationId].LaboratoryAccess
+        : undefined;
+
+    const response: boolean = await platformUserService.editExistingUserAccessToOrganization(
+      {
+        ...user,
+        OrganizationAccess: {
+          ...organizationAccess,
+          [request.OrganizationId]: <OrganizationAccessDetails>{
+            Status: status,
+            LaboratoryAccess: laboratoryAccess,
+          },
+        },
+        ModifiedAt: new Date().toISOString(),
+        ModifiedBy: currentUserId,
+      }, {
+        ...organizationUser,
+        ...request,
+        Status: status,
+        ModifiedAt: new Date().toISOString(),
+        ModifiedBy: currentUserId,
+      });
+
+    if (response) {
+      return buildResponse(200, JSON.stringify({ Status: 'Success' }), event);
+    }
   } catch (err: any) {
     console.error(err);
     return {

packages/back-end/src/app/controllers/easy-genomics/user/create-user-invite.lambda.ts

@@ -51,7 +51,7 @@ export const handler: Handler = async (
         // Attempt to add the new User record, and add the Organization-User access mapping in one transaction
         if (await platformUserService.addNewUserToOrganization({
           ...newUser,
-          OrganizationAccess: { [organization.OrganizationId]: [] },
+          OrganizationAccess: { [organization.OrganizationId]: { Status: newOrganizationUser.Status } },
         }, newOrganizationUser)) {
           // TODO: Send email
           return buildResponse(200, JSON.stringify({ Status: 'Success' }), event);
@@ -88,7 +88,7 @@ export const handler: Handler = async (
             ...user,
             OrganizationAccess: {
               ...user.OrganizationAccess,
-              [organization.OrganizationId]: [],
+              [organization.OrganizationId]: { Status: newOrganizationUser.Status },
             },
             ModifiedAt: new Date().toISOString(),
             ModifiedBy: currentUserId,