feat: update user and organization metadata

* REWORK

Author: pajgo

rfcs/inactive_users/user_and_organization_meta_update.md

@@ -0,0 +1,30 @@
+# User/Organization metadata update rework
+## Overview and Motivation
+When user or organization metadata needs to be updated, the Service uses the Redis pipeline javascript code.
+For each assigned meta hash always exists a single `audience`, but there is no list of `audiences` assigned to the user or company.
+To achieve easier audience tracking and a combined metadata update, I advise using a Lua based script.
+
+## Audience lists
+Audiences stored in sets formed from `USERS_AUDIENCE` or `ORGANISATION_AUDIENCE` constants and `Id`
+(eg: `{ms-users}10110110111!audiences`). Both keys contain `audience` names that are currently have assigned values.
+
+## DEL utils/updateMetadata.js
+All logic from this file moved to separate class `utils/metadata/redis/update-metadata.js`.
+
+## utils/metadata/{user|organization}.js
+Classes that perform user or organization metadata update and
+audience list tracking.
+
+Available methods:
+  * update 
+  * updateMulti
+  * batchUpdate
+  * delete
+
+**TODO** Fill up
+
+
+## global updates
+`ms-users` source code now use new `UserMetadata` when any update operation happens.
+
+

src/actions/alias.js

@@ -6,9 +6,10 @@ const isActive = require('../utils/isActive');
 const isBanned = require('../utils/isBanned');
 const key = require('../utils/key');
 const handlePipeline = require('../utils/pipelineError');
+const UserMetadata = require('../utils/metadata/user');
+
 const {
   USERS_DATA,
-  USERS_METADATA,
   USERS_ALIAS_TO_ID,
   USERS_ID_FIELD,
   USERS_ALIAS_FIELD,
@@ -69,10 +70,11 @@ async function assignAlias({ params }) {
       return Promise.reject(err);
     }
 
-    const pipeline = redis.pipeline([
-      ['hset', key(userId, USERS_DATA), USERS_ALIAS_FIELD, alias],
-      ['hset', key(userId, USERS_METADATA, defaultAudience), USERS_ALIAS_FIELD, JSON.stringify(alias)],
-    ]);
+    const pipeline = redis.pipeline();
+    const userMetaData = new UserMetadata(pipeline);
+
+    pipeline.hset(key(userId, USERS_DATA), USERS_ALIAS_FIELD, alias);
+    userMetaData.update(userId, USERS_ALIAS_FIELD, JSON.stringify(alias), defaultAudience);
 
     if (activeUser) {
       pipeline.sadd(USERS_PUBLIC_INDEX, username);

src/actions/ban.js

@@ -4,9 +4,10 @@ const mapValues = require('lodash/mapValues');
 const redisKey = require('../utils/key.js');
 const { getInternalData } = require('../utils/userData');
 const handlePipeline = require('../utils/pipelineError.js');
+const UserMetadata = require('../utils/metadata/user');
+
 const {
-  USERS_DATA, USERS_METADATA,
-  USERS_BANNED_FLAG, USERS_TOKENS, USERS_BANNED_DATA,
+  USERS_DATA, USERS_BANNED_FLAG, USERS_TOKENS, USERS_BANNED_DATA,
 } = require('../constants.js');
 
 // helper
@@ -25,26 +26,30 @@ function lockUser({
       remoteip: remoteip || '',
     },
   };
+  const pipeline = redis.pipeline();
+  const userMetadata = new UserMetadata(pipeline);
+
+  pipeline.hset(redisKey(id, USERS_DATA), USERS_BANNED_FLAG, 'true');
+  // set .banned on metadata for filtering & sorting users by that field
+  userMetadata.updateMulti(id, mapValues(data, stringify), defaultAudience);
+  pipeline.del(redisKey(id, USERS_TOKENS));
 
-  return redis
-    .pipeline()
-    .hset(redisKey(id, USERS_DATA), USERS_BANNED_FLAG, 'true')
-    // set .banned on metadata for filtering & sorting users by that field
-    .hmset(redisKey(id, USERS_METADATA, defaultAudience), mapValues(data, stringify))
-    .del(redisKey(id, USERS_TOKENS))
-    .exec();
+  return pipeline.exec();
 }
 
 function unlockUser({ id }) {
   const { redis, config } = this;
   const { jwt: { defaultAudience } } = config;
+  const pipeline = redis.pipeline();
+  const userMetadata = new UserMetadata(pipeline);
 
-  return redis
-    .pipeline()
-    .hdel(redisKey(id, USERS_DATA), USERS_BANNED_FLAG)
-    // remove .banned on metadata for filtering & sorting users by that field
-    .hdel(redisKey(id, USERS_METADATA, defaultAudience), 'banned', USERS_BANNED_DATA)
-    .exec();
+  pipeline.hdel(redisKey(id, USERS_DATA), USERS_BANNED_FLAG);
+  // remove .banned on metadata for filtering & sorting users by that field
+  userMetadata.delete(id, [
+    'banned',
+    USERS_BANNED_DATA,
+  ], defaultAudience);
+  return pipeline.exec();
 }
 
 /**

src/actions/organization/members/permission.js

@@ -5,6 +5,7 @@ const { checkOrganizationExists } = require('../../../utils/organization');
 const redisKey = require('../../../utils/key');
 const handlePipeline = require('../../../utils/pipelineError');
 const getUserId = require('../../../utils/userData/getUserId');
+const UserMetadata = require('../../../utils/metadata/user');
 const { ErrorUserNotMember, USERS_METADATA, ORGANIZATIONS_MEMBERS } = require('../../../constants');
 
 /**
@@ -41,7 +42,9 @@ async function setOrganizationMemberPermission({ params }) {
   permissions = JSON.stringify(permissions);
 
   const pipeline = redis.pipeline();
-  pipeline.hset(memberMetadataKey, organizationId, permissions);
+  const userMetadata = new UserMetadata(pipeline);
+
+  userMetadata.update(userId, organizationId, permissions);
   pipeline.hset(redisKey(organizationId, ORGANIZATIONS_MEMBERS, userId), 'permissions', permissions);
 
   return pipeline.exec().then(handlePipeline);

src/actions/organization/members/remove.js

@@ -3,6 +3,7 @@ const redisKey = require('../../../utils/key');
 const getUserId = require('../../../utils/userData/getUserId');
 const handlePipeline = require('../../../utils/pipelineError');
 const { checkOrganizationExists } = require('../../../utils/organization');
+const UserMetadata = require('../../../utils/metadata/user');
 const {
   ORGANIZATIONS_MEMBERS,
   USERS_METADATA,
@@ -34,9 +35,10 @@ async function removeMember({ params }) {
   }
 
   const pipeline = redis.pipeline();
+  const userMetadata = new UserMetadata(pipeline);
   pipeline.del(memberKey);
   pipeline.zrem(redisKey(organizationId, ORGANIZATIONS_MEMBERS), memberKey);
-  pipeline.hdel(memberMetadataKey, organizationId);
+  userMetadata.delete(userId, organizationId, audience);
 
   return pipeline.exec().then(handlePipeline);
 }

src/actions/register.js

@@ -9,7 +9,7 @@ const reduce = require('lodash/reduce');
 const last = require('lodash/last');
 
 // internal deps
-const setMetadata = require('../utils/updateMetadata');
+const UserMetadata = require('../utils/metadata/user');
 const redisKey = require('../utils/key');
 const jwt = require('../utils/jwt');
 const isDisposable = require('../utils/isDisposable');
@@ -213,7 +213,7 @@ async function performRegistration({ service, params }) {
 
   await pipeline.exec().then(handlePipeline);
 
-  await setMetadata.call(service, {
+  await new UserMetadata(service.redis).batchUpdate({
     userId,
     audience,
     metadata: audience.map((metaAudience) => ({

src/actions/updateMetadata.js

@@ -1,6 +1,6 @@
 const omit = require('lodash/omit');
 const Promise = require('bluebird');
-const updateMetadata = require('../utils/updateMetadata.js');
+const UserMetadata = require('../utils/metadata/user');
 const { getUserId } = require('../utils/userData');
 
 /**
@@ -19,12 +19,15 @@ const { getUserId } = require('../utils/userData');
  * @apiParam (Payload) {Object} [script] - if present will be called with passed metadata keys & username, provides direct scripting access.
  *   Be careful with granting access to this function.
  */
-module.exports = function updateMetadataAction(request) {
-  return Promise
+module.exports = async function updateMetadataAction(request) {
+  const userId = await Promise
     .bind(this, request.params.username)
-    .then(getUserId)
-    .then((userId) => ({ ...omit(request.params, 'username'), userId }))
-    .then(updateMetadata);
+    .then(getUserId);
+
+  const userMetadata = new UserMetadata(this.redis);
+  const updateParams = { ...omit(request.params, 'username'), userId };
+
+  return userMetadata.batchUpdate(updateParams);
 };
 
 module.exports.transports = [require('@microfleet/core').ActionTransport.amqp];

src/auth/oauth/utils/attach.js

@@ -1,13 +1,13 @@
 const get = require('lodash/get');
 const redisKey = require('../../../utils/key');
-const updateMetadata = require('../../../utils/updateMetadata');
+const UserMetadata = require('../../../utils/metadata/user');
 const handlePipeline = require('../../../utils/pipelineError');
 const {
   USERS_SSO_TO_ID,
   USERS_DATA,
 } = require('../../../constants');
 
-module.exports = function attach(account, user) {
+module.exports = async function attach(account, user) {
   const { redis, config } = this;
   const { id: userId } = user;
   const {
@@ -23,17 +23,19 @@ module.exports = function attach(account, user) {
   // link uid to user id
   pipeline.hset(USERS_SSO_TO_ID, uid, userId);
 
-  return pipeline.exec().then(handlePipeline)
-    .bind(this)
-    .return({
-      userId,
-      audience,
-      metadata: {
-        $set: {
-          [provider]: profile,
-        },
+  await pipeline.exec().then(handlePipeline);
+
+  const userMetadata = new UserMetadata(redis);
+  const updateParams = {
+    userId,
+    audience,
+    metadata: {
+      $set: {
+        [provider]: profile,
       },
-    })
-    .then(updateMetadata)
-    .return(profile);
+    },
+  };
+  await userMetadata.batchUpdate(updateParams);
+
+  return profile;
 };

src/auth/oauth/utils/detach.js

@@ -2,15 +2,15 @@ const Errors = require('common-errors');
 
 const get = require('../../../utils/get-value');
 const redisKey = require('../../../utils/key');
-const updateMetadata = require('../../../utils/updateMetadata');
+const UserMetadata = require('../../../utils/metadata/user');
 const handlePipeline = require('../../../utils/pipelineError');
 
 const {
   USERS_SSO_TO_ID,
   USERS_DATA,
 } = require('../../../constants');
 
-module.exports = function detach(provider, userData) {
+module.exports = async function detach(provider, userData) {
   const { id: userId } = userData;
   const { redis, config } = this;
   const audience = get(config, 'jwt.defaultAudience');
@@ -28,16 +28,18 @@ module.exports = function detach(provider, userData) {
   // delete account reference
   pipeline.hdel(USERS_SSO_TO_ID, uid);
 
-  return pipeline.exec().then(handlePipeline)
-    .bind(this)
-    .return({
-      userId,
-      audience,
-      metadata: {
-        $remove: [
-          provider,
-        ],
-      },
-    })
-    .then(updateMetadata);
+  await pipeline.exec().then(handlePipeline);
+
+  const userMetadata = new UserMetadata(redis);
+  const updateParams = {
+    userId,
+    audience,
+    metadata: {
+      $remove: [
+        provider,
+      ],
+    },
+  };
+
+  return userMetadata.batchUpdate(updateParams);
 };

src/constants.js

@@ -18,6 +18,7 @@ module.exports = exports = {
   // hashes
   USERS_DATA: 'data',
   USERS_METADATA: 'metadata',
+  USERS_AUDIENCE: 'users-audiences',
   USERS_TOKENS: 'tokens',
   USERS_API_TOKENS: 'api-tokens',
   USERS_API_TOKENS_ZSET: 'api-tokens-set',
@@ -26,6 +27,7 @@ module.exports = exports = {
   USERS_ORGANIZATIONS: 'user-organizations',
   ORGANIZATIONS_DATA: 'data',
   ORGANIZATIONS_METADATA: 'metadata',
+  ORGANIZATIONS_AUDIENCE: 'organization-audiences',
   ORGANIZATIONS_MEMBERS: 'members',
 
   // standard JWT with TTL