built create/retrieve/update/delete endpoints-added signed url to s3 functionality-tests successful with React frontend

Author: Fivemindz

course-04/project/c4-final-project-starter-code/backend/package-lock.json

@@ -5,7 +5,7 @@
   "dependencies": {
     "@types/axios": "^0.14.0",
     "@types/http-errors": "^1.6.1",
-    "aws-xray-sdk": "^2.2.0",
+    "aws-xray-sdk": "^3.2.0",
     "axios": "^0.18.0",
     "http-errors": "^1.7.2",
     "jsonwebtoken": "^8.5.1",
@@ -18,13 +18,14 @@
     "@types/aws-lambda": "^8.10.17",
     "@types/jsonwebtoken": "^8.3.2",
     "@types/node": "^10.7.0",
+    "@types/uuid": "^9.0.0",
     "aws-sdk": "^2.433.0",
     "serverless-aws-documentation": "^1.1.0",
     "serverless-iam-roles-per-function": "^3.2.0-e97ab49",
     "serverless-plugin-canary-deployments": "^0.4.7",
     "serverless-plugin-tracing": "^2.0.0",
     "serverless-reqvalidator-plugin": "^1.0.3",
-    "serverless-webpack": "^5.2.0",
+    "serverless-webpack": "^5.11.0",
     "ts-loader": "^5.3.3",
     "typescript": "^4.6.4",
     "webpack": "^4.29.6"

course-04/project/c4-final-project-starter-code/backend/package.json

@@ -25,7 +25,7 @@ provider:
   environment:
     TODOS_TABLE: Todos-${self:provider.stage}
     TODOS_CREATED_AT_INDEX: CreatedAtIndex
-    ATTACHMENT_S3_BUCKET: serverless-c4-todo-images-${self:provider.stage}
+    ATTACHMENT_S3_BUCKET: serverless-c4-todo-attachments-${self:provider.stage}
     SIGNED_URL_EXPIRATION: 300
 
   logs:
@@ -130,6 +130,7 @@ functions:
       - Effect: Allow
         Action:
           - dynamodb:PutItem
+          - dynamodb:UpdateItem
         Resource: arn:aws:dynamodb:${self:provider.region}:*:table/${self:provider.environment.TODOS_TABLE}
 
 resources:
@@ -171,12 +172,36 @@ resources:
 
     # TODO: Complete the bucket properties below. 
     # Do not forget to add the CorsConfiguration propoerty
-    # AttachmentsBucket:
-    #   Type: AWS::S3::Bucket
-    #   Properties:
+    AttachmentsBucket:
+      Type: AWS::S3::Bucket
+      Properties:
+        BucketName: ${self:provider.environment.ATTACHMENT_S3_BUCKET}
+        CorsConfiguration:
+          CorsRules:
+            - AllowedOrigins:
+                - '*'
+              AllowedHeaders:
+                - '*'
+              AllowedMethods:
+                - GET
+                - PUT
+                - POST
+                - DELETE
+                - HEAD
+              MaxAge: 3000
 
     # TODO: Complete the policy below and attach it to the bucket defined above
     # For cross referencing the name of the bucket, use "!Ref AttachmentsBucket"
-    # BucketPolicy:
-    #   Type: AWS::S3::BucketPolicy
-    #   Properties:
+    BucketPolicy:
+      Type: AWS::S3::BucketPolicy
+      Properties:
+        PolicyDocument:
+          Id: MyPolicy
+          Version: "2012-10-17"
+          Statement:
+            - Sid: PublicReadForGetBucketObjects
+              Effect: Allow
+              Principal: '*'
+              Action: 's3:*'
+              Resource: 'arn:aws:s3:::${self:provider.environment.ATTACHMENT_S3_BUCKET}/*'
+        Bucket: !Ref AttachmentsBucket

course-04/project/c4-final-project-starter-code/backend/serverless.yml

@@ -1,18 +1,15 @@
 import { TodoAccess } from './todosAcess'
-// import { AttachmentUtils } from './attachmentUtils';
 import { TodoItem } from '../models/TodoItem'
 import { CreateTodoRequest } from '../requests/CreateTodoRequest'
-// import { UpdateTodoRequest } from '../requests/UpdateTodoRequest'
-// import { createLogger } from '../utils/logger'
 import * as uuid from 'uuid'
 import { getUserId } from '../lambda/utils'
 import { APIGatewayProxyEvent } from 'aws-lambda'
-
+import { UpdateTodoRequest } from '../requests/UpdateTodoRequest'
 
 const todoAccess = new TodoAccess()
 
-export async function getTodosForUser(){
-  const todos = await getTodosForUser()
+export async function getTodosForUser(userId: string){
+  const todos = await todoAccess.getTodosforUser(userId)
   return todos
 }
 
@@ -29,9 +26,61 @@ export async function createTodo(
     createdAt: new Date().toISOString(),
     name: createTodoRequest.name,
     dueDate: createTodoRequest.dueDate,
-    done: false 
+    done: false,
+    attachmentUrl: ''
   }
-
   return await todoAccess.createTodo(todo)
 }
 
+export async function updateTodo(
+  updateTodoRequest: UpdateTodoRequest,
+  todoId: string,
+  event: APIGatewayProxyEvent
+): Promise<TodoItem> {
+
+  const itemId = todoId
+  const userId = getUserId(event)
+  const todo = {
+    userId: userId,
+    todoId: itemId,
+    createdAt: new Date().toISOString(),
+    name: updateTodoRequest.name,
+    dueDate: updateTodoRequest.dueDate,
+    done: updateTodoRequest.done 
+  }
+  return await todoAccess.updateTodo(todo)
+}
+
+export async function deleteTodo(
+  todoId: string,
+  event: APIGatewayProxyEvent
+): Promise<string> {
+  const userId = getUserId(event)
+  return await todoAccess.deleteTodo(todoId, userId)
+}
+
+export async function createAttachmentPresignedUrl(
+  todoId: string
+): Promise<string> {
+  return todoAccess.getUploadUrl(todoId)  
+}
+
+export async function updateUrl(
+  updateTodoRequest: UpdateTodoRequest,
+  todoId: string,
+  event: APIGatewayProxyEvent
+): Promise<TodoItem> {
+
+  const itemId = todoId
+  const userId = getUserId(event)
+  const todo = {
+    userId: userId,
+    todoId: itemId,
+    createdAt: new Date().toISOString(),
+    name: updateTodoRequest.name,
+    dueDate: updateTodoRequest.dueDate,
+    done: updateTodoRequest.done
+  }
+  return await todoAccess.updateUrl(todo)
+}
+

course-04/project/c4-final-project-starter-code/backend/src/helpers/todos.ts

@@ -1,12 +1,10 @@
 import * as AWS from 'aws-sdk'
 import * as AWSXRay from 'aws-xray-sdk'
 import { DocumentClient } from 'aws-sdk/clients/dynamodb'
-//import { createLogger } from '../utils/logger'
 import { TodoItem } from '../models/TodoItem'
-//import { TodoUpdate } from '../models/TodoUpdate';
 
 const XAWS = AWSXRay.captureAWS(AWS)
-const s3 = XAWS.S3({
+const s3 = new XAWS.S3({
   signatureVersion: 'v4'
 })
 //const logger = createLogger('TodosAccess')
@@ -15,15 +13,19 @@ export class TodoAccess {
   constructor(
     private readonly docClient: DocumentClient = createDynamoDBClient(),
     private readonly todosTable = process.env.TODOS_TABLE,
-    private readonly bucketName = process.env.IMAGES_S3_BUCKET,
+    private readonly bucketName = process.env.ATTACHMENT_S3_BUCKET,
     private readonly urlExpiration = process.env.SIGNED_URL_EXPIRATION   
   ) {}
 
-  async getTodosforUser(){
-    const todos = await this.docClient.scan({
-      TableName: this.todosTable
+  async getTodosforUser(userId: string){
+    const todos = await this.docClient.query({
+      TableName: this.todosTable,
+      KeyConditionExpression: 'userId = :userId',
+      ExpressionAttributeValues: {
+        ':userId': userId
+      }
     }).promise()
-    return todos
+    return todos.Items
   }
 
 
@@ -37,13 +39,52 @@ export class TodoAccess {
     return todo
   }
 
-  async getUploadUrl(imageId: string) {
+  async updateTodo(todo: TodoItem): Promise<TodoItem> {
+    await this.docClient.update({
+      TableName: this.todosTable,
+      Key: {
+        userId: todo.userId,  
+        todoId: todo.todoId
+      },
+      UpdateExpression: 'set done = :s',
+      ExpressionAttributeValues: {':s': todo.done}
+    }).promise()
+    return todo
+  }
+
+  
+  async deleteTodo(todoId: string, userId: string): Promise<string> {
+    await this.docClient.delete({
+      TableName: this.todosTable,
+      Key: {  
+        todoId: todoId,
+        userId: userId
+      }
+    }).promise()
+    return todoId
+  }
+
+  async getUploadUrl(imageId: string){
     return s3.getSignedUrl('putObject', {
       Bucket: this.bucketName,
       Key: imageId,
       Expires: this.urlExpiration
     })
   }
+
+  async updateUrl(todo: TodoItem): Promise<TodoItem> {
+    const attachmentUrl = `https://${this.bucketName}.s3.amazonaws.com/${todo.todoId}`
+    await this.docClient.update({
+      TableName: this.todosTable,
+      Key: {
+        userId: todo.userId,  
+        todoId: todo.todoId
+      },
+      UpdateExpression: 'set attachmentUrl = :s',
+      ExpressionAttributeValues: {':s': attachmentUrl}
+    }).promise()
+    return todo
+  }
 }
 
 function createDynamoDBClient() {

course-04/project/c4-final-project-starter-code/backend/src/helpers/todosAcess.ts

@@ -1,28 +1,20 @@
-import { APIGatewayProxyEvent, APIGatewayProxyResult } from 'aws-lambda'
-import 'source-map-support/register'
-import * as middy from 'middy'
-import { cors } from 'middy/middlewares'
+import { APIGatewayProxyEvent, APIGatewayProxyHandler, APIGatewayProxyResult } from 'aws-lambda'
 import { CreateTodoRequest } from '../../requests/CreateTodoRequest'
-//import { getUserId } from '../utils';
 import { createTodo } from '../../helpers/todos'
 
-export const handler = middy(async (event: APIGatewayProxyEvent): Promise<APIGatewayProxyResult> => {
+export const handler: APIGatewayProxyHandler = async (event: APIGatewayProxyEvent): Promise<APIGatewayProxyResult> => {
     const newTodo: CreateTodoRequest = JSON.parse(event.body)
-    
-
     const newItem = await createTodo(newTodo, event)
 
     return {
       statusCode: 201,
+      headers: {
+        'Access-Control-Allow-Origin': '*',
+        'Access-Control-Allow-Credentials': true
+      },
       body: JSON.stringify({
-        newItem
+        item: newItem
       })
     }
   }
-)
 
-handler.use(
-  cors({
-    credentials: true
-  })
-)

course-04/project/c4-final-project-starter-code/backend/src/lambda/http/createTodo.ts

@@ -1,26 +1,18 @@
-// import 'source-map-support/register'
+import { APIGatewayProxyEvent, APIGatewayProxyHandler, APIGatewayProxyResult } from 'aws-lambda'
+import { deleteTodo } from '../../helpers/todos'
 
-// import { APIGatewayProxyEvent, APIGatewayProxyResult } from 'aws-lambda'
-// import * as middy from 'middy'
-// import { cors, httpErrorHandler } from 'middy/middlewares'
+export const handler: APIGatewayProxyHandler = async (event: APIGatewayProxyEvent): Promise<APIGatewayProxyResult> => { 
+  const todoId = event.pathParameters.todoId
+  const newItem = await deleteTodo(todoId, event)
+  console.log('Todo Updated', newItem) 
+  return {
+    statusCode: 200,
+    headers: {
+      'Access-Control-Allow-Origin': '*',
+      'Access-Control-Allow-Credentials': true
+    },
+    body: JSON.stringify({})
+  }
+}
 
-// //import { deleteTodo } from '../../businessLogic/todos'
-// //import { getUserId } from '../utils'
 
-// export const handler = middy(
-//   async (event: APIGatewayProxyEvent): Promise<APIGatewayProxyResult> => {
-//     const todoId = event.pathParameters.todoId
-//     console.log(todoId)
-//     // TODO: Remove a TODO item by id
-    
-//     return undefined
-//   }
-// )
-
-// handler
-//   .use(httpErrorHandler())
-//   .use(
-//     cors({
-//       credentials: true
-//     })
-//   )

course-04/project/c4-final-project-starter-code/backend/src/lambda/http/deleteTodo.ts

@@ -1,28 +1,18 @@
-import 'source-map-support/register'
+import { APIGatewayProxyEvent, APIGatewayProxyHandler, APIGatewayProxyResult } from 'aws-lambda'
+import { createAttachmentPresignedUrl, updateUrl } from '../../helpers/todos'
+import { UpdateTodoRequest } from '../../requests/UpdateTodoRequest'
 
-import { APIGatewayProxyEvent, APIGatewayProxyResult } from 'aws-lambda'
-import * as middy from 'middy'
-import { cors, httpErrorHandler } from 'middy/middlewares'
-
-//import { createAttachmentPresignedUrl } from '../../businessLogic/todos'
-//import { getUserId } from '../utils'
-
-export const handler = middy(
-  async (event: APIGatewayProxyEvent): Promise<APIGatewayProxyResult> => {
-    const todoId = event.pathParameters.todoId
-    console.log(todoId)
-    
-    // TODO: Return a presigned URL to upload a file for a TODO item with the provided id
-    
-
-    return undefined
+export const handler: APIGatewayProxyHandler = async (event: APIGatewayProxyEvent): Promise<APIGatewayProxyResult> => {
+  const updatedTodo: UpdateTodoRequest = JSON.parse(event.body)  
+  const todoId = event.pathParameters.todoId
+  const signedUrl = await createAttachmentPresignedUrl(todoId)
+  await updateUrl(updatedTodo, todoId, event)
+  return {
+    statusCode: 200,
+    headers: {
+      'Access-Control-Allow-Origin': '*',
+      'Access-Control-Allow-Credentials': true
+    },
+    body: JSON.stringify({uploadUrl: signedUrl})
   }
-)
-
-handler
-  .use(httpErrorHandler())
-  .use(
-    cors({
-      credentials: true
-    })
-  )
+}