partition by org_id and add auth

lib/customer_service_web/controllers/customer.ex

@@ -12,6 +12,7 @@ defmodule CustomerServiceWeb.CustomerController do
   alias CustomerService.Customer.Queries, as: CustomerQueries
   alias CustomerServiceWeb.Schemas.Customer, as: CustomerSchemas
   alias CustomerServiceWeb.QueryHelpers
+  alias CustomerService.Aggregates.CustomerId
 
   operation(:index,
     summary: "List customers",
@@ -27,7 +28,9 @@ defmodule CustomerServiceWeb.CustomerController do
   )
 
   def index(conn, params) do
-    case CustomerQueries.list_customers(params) do
+    org_id = conn.private[CustomerServiceWeb.Plugs.ExtractOrganizationId]
+
+    case CustomerQueries.list_by_org(org_id, params) do
       {:ok, {customers, meta}} ->
         conn
         |> put_status(:ok)
@@ -62,12 +65,17 @@ defmodule CustomerServiceWeb.CustomerController do
   )
 
   def show(conn, %{"id" => id}) do
-    case CustomerQueries.get_customer(id) do
-      {:ok, customer} ->
-        conn |> put_status(:ok) |> json(%{data: customer_json(customer)})
+    org_id = conn.private[CustomerServiceWeb.Plugs.ExtractOrganizationId]
 
+    with {:ok, %CustomerId{customer_id: local_id}} <- CustomerId.parse(id),
+         {:ok, customer} <- CustomerQueries.get_by_org(org_id, local_id) do
+      conn |> put_status(:ok) |> json(%{data: customer_json(customer)})
+    else
       {:error, :not_found} ->
         conn |> put_status(:not_found) |> json(%{error: "not found"})
+
+      :error ->
+        conn |> put_status(:bad_request) |> json(%{error: "invalid customer id"})
     end
   end
 
@@ -81,7 +89,10 @@ defmodule CustomerServiceWeb.CustomerController do
   )
 
   def create(conn, params) do
-    customer_id = Ecto.UUID.generate()
+    org_id = conn.private[CustomerServiceWeb.Plugs.ExtractOrganizationId]
+    customer_type = "individual"
+    customer_uuid = Ecto.UUID.generate()
+    customer_id = CustomerId.new(org_id, customer_type, customer_uuid)
 
     command = %CreateCustomer{
       id: customer_id,
@@ -108,7 +119,10 @@ defmodule CustomerServiceWeb.CustomerController do
   )
 
   def create_corporate(conn, params) do
-    customer_id = Ecto.UUID.generate()
+    org_id = conn.private[CustomerServiceWeb.Plugs.ExtractOrganizationId]
+    customer_type = "corporate"
+    customer_uuid = Ecto.UUID.generate()
+    customer_id = CustomerId.new(org_id, customer_type, customer_uuid)
 
     command = %CreateCorporateCustomer{
       id: customer_id,
@@ -138,19 +152,30 @@ defmodule CustomerServiceWeb.CustomerController do
   )
 
   def update(conn, %{"id" => id} = params) do
-    command = %UpdateCustomer{
-      id: id,
-      first_name: params["first_name"],
-      last_name: params["last_name"],
-      birth_date: parse_date(params["birth_date"]),
-      gender: params["gender"],
-      email: params["email"],
-      phone: params["phone"],
-      document_id: params["document_id"],
-      address: params["address"]
-    }
+    org_id = conn.private[CustomerServiceWeb.Plugs.ExtractOrganizationId]
 
-    dispatch_and_return(conn, command, id)
+    with {:ok, %CustomerId{customer_id: local_id}} <- CustomerId.parse(id),
+         {:ok, _customer} <- CustomerQueries.get_by_org(org_id, local_id) do
+      command = %UpdateCustomer{
+        id: CustomerId.new(org_id, "individual", local_id),
+        first_name: params["first_name"],
+        last_name: params["last_name"],
+        birth_date: parse_date(params["birth_date"]),
+        gender: params["gender"],
+        email: params["email"],
+        phone: params["phone"],
+        document_id: params["document_id"],
+        address: params["address"]
+      }
+
+      dispatch_and_return(conn, command, CustomerId.new(org_id, "individual", local_id))
+    else
+      {:error, :not_found} ->
+        conn |> put_status(:not_found) |> json(%{error: "not found"})
+
+      :error ->
+        conn |> put_status(:bad_request) |> json(%{error: "invalid customer id"})
+    end
   end
 
   operation(:update_corporate,
@@ -167,29 +192,55 @@ defmodule CustomerServiceWeb.CustomerController do
   )
 
   def update_corporate(conn, %{"id" => id} = params) do
-    command = %UpdateCorporateCustomer{
-      id: id,
-      legal_name: params["legal_name"],
-      commercial_name: params["commercial_name"],
-      ruc: params["ruc"],
-      legal_rep_name: params["legal_rep_name"],
-      legal_rep_document_id: params["legal_rep_document_id"],
-      email: params["email"],
-      phone: params["phone"],
-      address: params["address"]
-    }
+    org_id = conn.private[CustomerServiceWeb.Plugs.ExtractOrganizationId]
 
-    dispatch_and_return(conn, command, id)
+    with {:ok, %CustomerId{customer_id: local_id}} <- CustomerId.parse(id),
+         {:ok, _customer} <- CustomerQueries.get_by_org(org_id, local_id) do
+      command = %UpdateCorporateCustomer{
+        id: CustomerId.new(org_id, "corporate", local_id),
+        legal_name: params["legal_name"],
+        commercial_name: params["commercial_name"],
+        ruc: params["ruc"],
+        legal_rep_name: params["legal_rep_name"],
+        legal_rep_document_id: params["legal_rep_document_id"],
+        email: params["email"],
+        phone: params["phone"],
+        address: params["address"]
+      }
+
+      dispatch_and_return(conn, command, CustomerId.new(org_id, "corporate", local_id))
+    else
+      {:error, :not_found} ->
+        conn |> put_status(:not_found) |> json(%{error: "not found"})
+
+      :error ->
+        conn |> put_status(:bad_request) |> json(%{error: "invalid customer id"})
+    end
   end
 
-  # ---------------------------------------------------------------------------
-  # Private
-  # ---------------------------------------------------------------------------
-
-  defp dispatch_and_return(conn, command, customer_id) do
+  defp dispatch_and_return(conn, command, %CustomerId{} = customer_id) do
     case CustomerService.CommandedApp.dispatch(command, consistency: :strong) do
       :ok ->
-        case CustomerQueries.get_customer(customer_id) do
+        case CustomerQueries.get_customer(CustomerId.to_string(customer_id)) do
+          {:ok, customer} ->
+            conn |> put_status(:ok) |> json(%{data: customer_json(customer)})
+
+          {:error, :not_found} ->
+            conn
+            |> put_status(:internal_server_error)
+            |> json(%{error: "customer created but not found in projection"})
+        end
+
+      {:error, reason} ->
+        conn |> put_status(:unprocessable_entity) |> json(%{error: inspect(reason)})
+    end
+  end
+
+  defp dispatch_and_return(conn, command, customer_id_string)
+       when is_binary(customer_id_string) do
+    case CustomerService.CommandedApp.dispatch(command, consistency: :strong) do
+      :ok ->
+        case CustomerQueries.get_customer(customer_id_string) do
           {:ok, customer} ->
             conn |> put_status(:ok) |> json(%{data: customer_json(customer)})
 

lib/customer_service_web/controllers/lead.ex

@@ -6,6 +6,7 @@ defmodule CustomerServiceWeb.LeadController do
   alias CustomerService.Lead.Queries, as: LeadQueries
   alias CustomerServiceWeb.Schemas.Lead, as: LeadSchemas
   alias CustomerServiceWeb.QueryHelpers
+  alias CustomerService.Aggregates.LeadId
 
   operation(:index,
     summary: "List leads",
@@ -23,7 +24,9 @@ defmodule CustomerServiceWeb.LeadController do
   )
 
   def index(conn, params) do
-    case LeadQueries.list_leads(params) do
+    org_id = conn.private[CustomerServiceWeb.Plugs.ExtractOrganizationId]
+
+    case LeadQueries.list_by_org(org_id, params) do
       {:ok, {leads, meta}} ->
         conn
         |> put_status(:ok)
@@ -58,12 +61,17 @@ defmodule CustomerServiceWeb.LeadController do
   )
 
   def show(conn, %{"id" => id}) do
-    case LeadQueries.get_lead(id) do
-      {:ok, lead} ->
-        conn |> put_status(:ok) |> json(%{data: lead_json(lead)})
+    org_id = conn.private[CustomerServiceWeb.Plugs.ExtractOrganizationId]
 
+    with {:ok, %LeadId{lead_id: local_id}} <- LeadId.parse(id),
+         {:ok, lead} <- LeadQueries.get_by_org(org_id, local_id) do
+      conn |> put_status(:ok) |> json(%{data: lead_json(lead)})
+    else
       {:error, :not_found} ->
         conn |> put_status(:not_found) |> json(%{error: "not found"})
+
+      :error ->
+        conn |> put_status(:bad_request) |> json(%{error: "invalid lead id"})
     end
   end
 
@@ -76,7 +84,9 @@ defmodule CustomerServiceWeb.LeadController do
   )
 
   def create(conn, params) do
-    lead_id = Ecto.UUID.generate()
+    org_id = conn.private[CustomerServiceWeb.Plugs.ExtractOrganizationId]
+    lead_uuid = Ecto.UUID.generate()
+    lead_id = LeadId.new(org_id, lead_uuid)
 
     command = %CreateQuickLead{
       id: lead_id,
@@ -108,19 +118,30 @@ defmodule CustomerServiceWeb.LeadController do
   )
 
   def update(conn, %{"id" => id} = params) do
-    command = %UpdateQuickLead{
-      id: id,
-      name: params["name"],
-      email: params["email"],
-      phone: params["phone"],
-      company_name: params["company_name"],
-      notes: params["notes"],
-      assigned_to: params["assigned_to"],
-      estimated_value: parse_decimal(params["estimated_value"]),
-      expected_close_date: parse_date(params["expected_close_date"])
-    }
+    org_id = conn.private[CustomerServiceWeb.Plugs.ExtractOrganizationId]
 
-    dispatch_and_return(conn, command, id)
+    with {:ok, %LeadId{lead_id: local_id}} <- LeadId.parse(id),
+         {:ok, _lead} <- LeadQueries.get_by_org(org_id, local_id) do
+      command = %UpdateQuickLead{
+        id: LeadId.new(org_id, local_id),
+        name: params["name"],
+        email: params["email"],
+        phone: params["phone"],
+        company_name: params["company_name"],
+        notes: params["notes"],
+        assigned_to: params["assigned_to"],
+        estimated_value: parse_decimal(params["estimated_value"]),
+        expected_close_date: parse_date(params["expected_close_date"])
+      }
+
+      dispatch_and_return(conn, command, LeadId.new(org_id, local_id))
+    else
+      {:error, :not_found} ->
+        conn |> put_status(:not_found) |> json(%{error: "not found"})
+
+      :error ->
+        conn |> put_status(:bad_request) |> json(%{error: "invalid lead id"})
+    end
   end
 
   operation(:update_status,
@@ -136,18 +157,47 @@ defmodule CustomerServiceWeb.LeadController do
   )
 
   def update_status(conn, %{"id" => id} = params) do
-    command = %UpdateLeadStatus{
-      id: id,
-      status: String.to_existing_atom(params["status"])
-    }
+    org_id = conn.private[CustomerServiceWeb.Plugs.ExtractOrganizationId]
 
-    dispatch_and_return(conn, command, id)
+    with {:ok, %LeadId{lead_id: local_id}} <- LeadId.parse(id),
+         {:ok, _lead} <- LeadQueries.get_by_org(org_id, local_id) do
+      command = %UpdateLeadStatus{
+        id: LeadId.new(org_id, local_id),
+        status: String.to_existing_atom(params["status"])
+      }
+
+      dispatch_and_return(conn, command, LeadId.new(org_id, local_id))
+    else
+      {:error, :not_found} ->
+        conn |> put_status(:not_found) |> json(%{error: "not found"})
+
+      :error ->
+        conn |> put_status(:bad_request) |> json(%{error: "invalid lead id"})
+    end
   end
 
-  defp dispatch_and_return(conn, command, lead_id) do
+  defp dispatch_and_return(conn, command, %LeadId{} = lead_id) do
     case CustomerService.CommandedApp.dispatch(command, consistency: :strong) do
       :ok ->
-        case LeadQueries.get_lead(lead_id) do
+        case LeadQueries.get_lead(LeadId.to_string(lead_id)) do
+          {:ok, lead} ->
+            conn |> put_status(:ok) |> json(%{data: lead_json(lead)})
+
+          {:error, :not_found} ->
+            conn
+            |> put_status(:internal_server_error)
+            |> json(%{error: "lead created but not found in projection"})
+        end
+
+      {:error, reason} ->
+        conn |> put_status(:unprocessable_entity) |> json(%{error: inspect(reason)})
+    end
+  end
+
+  defp dispatch_and_return(conn, command, lead_id_string) when is_binary(lead_id_string) do
+    case CustomerService.CommandedApp.dispatch(command, consistency: :strong) do
+      :ok ->
+        case LeadQueries.get_lead(lead_id_string) do
           {:ok, lead} ->
             conn |> put_status(:ok) |> json(%{data: lead_json(lead)})