87 lines
2.4 KiB
Go
87 lines
2.4 KiB
Go
package tenant
|
|
|
|
import (
|
|
"time"
|
|
|
|
"github.com/gocql/gocql"
|
|
"go.uber.org/zap"
|
|
|
|
domaintenant "codeberg.org/mapleopentech/monorepo/cloud/maplepress-backend/internal/domain/tenant"
|
|
"codeberg.org/mapleopentech/monorepo/cloud/maplepress-backend/pkg/security/ipcrypt"
|
|
)
|
|
|
|
// CreateTenantInput represents the input for creating a tenant
|
|
type CreateTenantInput struct {
|
|
Name string
|
|
Slug string
|
|
CreatedFromIPAddress string // Plain IP address (will be encrypted before storage)
|
|
}
|
|
|
|
// CreateTenantOutput represents the output after creating a tenant
|
|
type CreateTenantOutput struct {
|
|
ID string
|
|
Name string
|
|
Slug string
|
|
Status string
|
|
CreatedAt time.Time
|
|
}
|
|
|
|
// CreateTenantEntityUseCase creates and validates a tenant domain entity
|
|
type CreateTenantEntityUseCase struct {
|
|
ipEncryptor *ipcrypt.IPEncryptor
|
|
logger *zap.Logger
|
|
}
|
|
|
|
// ProvideCreateTenantEntityUseCase creates a new CreateTenantEntityUseCase
|
|
func ProvideCreateTenantEntityUseCase(
|
|
ipEncryptor *ipcrypt.IPEncryptor,
|
|
logger *zap.Logger,
|
|
) *CreateTenantEntityUseCase {
|
|
return &CreateTenantEntityUseCase{
|
|
ipEncryptor: ipEncryptor,
|
|
logger: logger.Named("create-tenant-entity-usecase"),
|
|
}
|
|
}
|
|
|
|
// Execute creates a new tenant domain entity with validation
|
|
func (uc *CreateTenantEntityUseCase) Execute(input *CreateTenantInput) (*domaintenant.Tenant, error) {
|
|
now := time.Now()
|
|
|
|
// Encrypt IP address (CWE-359: GDPR compliance)
|
|
encryptedIP, err := uc.ipEncryptor.Encrypt(input.CreatedFromIPAddress)
|
|
if err != nil {
|
|
uc.logger.Error("failed to encrypt IP address",
|
|
zap.String("slug", input.Slug),
|
|
zap.Error(err))
|
|
return nil, err
|
|
}
|
|
|
|
// Create domain entity
|
|
tenant := &domaintenant.Tenant{
|
|
ID: gocql.TimeUUID().String(),
|
|
Name: input.Name,
|
|
Slug: input.Slug,
|
|
Status: domaintenant.StatusActive,
|
|
CreatedAt: now,
|
|
UpdatedAt: now,
|
|
// CWE-359: Encrypted IP address tracking for GDPR compliance
|
|
CreatedFromIPAddress: encryptedIP,
|
|
CreatedFromIPTimestamp: now,
|
|
ModifiedFromIPAddress: encryptedIP,
|
|
ModifiedFromIPTimestamp: now,
|
|
}
|
|
|
|
// Validate domain entity
|
|
if err := tenant.Validate(); err != nil {
|
|
uc.logger.Warn("tenant validation failed",
|
|
zap.String("slug", input.Slug),
|
|
zap.Error(err))
|
|
return nil, err
|
|
}
|
|
|
|
uc.logger.Debug("tenant entity created and validated",
|
|
zap.String("tenant_id", tenant.ID),
|
|
zap.String("slug", tenant.Slug))
|
|
|
|
return tenant, nil
|
|
}
|