Press n or j to go to the next uncovered block, b, p or k for the previous block.
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 | 1x 1x 1x 1x 1x 1x 1x 10x 10x 10x 1x 9x 9x 9x 1x 8x 8x 7x 1x 6x 6x 1x 5x 1x 1x | const { DynamoDBClient } = require('@aws-sdk/client-dynamodb')
const { DynamoDBDocumentClient, GetCommand } = require('@aws-sdk/lib-dynamodb')
const { ENTITY_SCHEMA } = require('../utils/schemas/entity-schema')
const { authenticateRequest, hasPermission, canAccessEntity } = require('../shared/auth-helper')
const client = new DynamoDBClient({})
const docClient = DynamoDBDocumentClient.from(client)
exports.handler = async (event) => {
try {
// Authenticate (supports JWT and API keys)
const auth = await authenticateRequest(event)
if (!auth || auth.error) {
return {
statusCode: 401,
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*'
},
body: JSON.stringify({ error: auth?.error || 'Authentication required' })
}
}
// Check permission
Iif (!hasPermission(auth, 'entities:read')) {
return {
statusCode: 403,
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*'
},
body: JSON.stringify({ error: 'Permission denied: entities:read required' })
}
}
const id = event.pathParameters?.entityId
if (!id) {
return {
statusCode: 400,
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*'
},
body: JSON.stringify({ error: 'Missing id' })
}
}
// Check if requesting system entity schema
Iif (id === 'entity') {
return {
statusCode: 200,
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*'
},
body: JSON.stringify({
...ENTITY_SCHEMA,
tenantId: auth.tenantId, // Associate with current tenant context
createdBy: 'SYSTEM',
createdAt: '2026-01-01T00:00:00Z',
updatedAt: '2026-01-01T00:00:00Z'
})
}
}
const result = await docClient.send(
new GetCommand({
TableName: process.env.TABLE_NAME,
Key: { id }
})
)
if (!result.Item) {
return {
statusCode: 404,
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*'
},
body: JSON.stringify({ error: 'Entity not found' })
}
}
const entity = result.Item
// Check entity access (public or owned by tenant)
if (!canAccessEntity(auth, entity)) {
return {
statusCode: 403,
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*'
},
body: JSON.stringify({ error: 'Access denied' })
}
}
return {
statusCode: 200,
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*'
},
body: JSON.stringify(entity)
}
} catch (error) {
console.error('Error:', error)
return {
statusCode: 500,
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*'
},
body: JSON.stringify({ error: 'Failed to fetch entity' })
}
}
}
|