All files / users update-preferences.js

100% Statements 38/38
100% Branches 33/33
100% Functions 2/2
100% Lines 38/38
Press n or j to go to the next uncovered block, b, p or k for the previous block.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152 1x
1x
 
1x
1x
 
 
 
 
 
1x
16x
 
16x
 
16x
2x
 
 
 
 
 
 
 
 
 
 
14x
14x
 
14x
14x
 
14x
3x
 
 
 
 
 
 
 
 
 
 
 
 
11x
1x
 
 
 
 
 
 
 
 
 
 
 
10x
 
7x
12x
 
 
7x
2x
 
 
 
 
 
 
 
 
 
 
 
 
 
8x
1x
 
 
 
 
 
 
 
 
 
 
 
7x
7x
 
 
7x
 
7x
5x
5x
 
 
7x
2x
2x
2x
 
 
 
7x
 
 
 
 
 
 
 
 
 
 
 
6x
 
 
 
 
 
 
 
 
 
 
 
 
1x
1x
 
 
 
 
 
 
 
 
 
 
 
 
  const { DynamoDBClient } = require('@aws-sdk/client-dynamodb')
const { DynamoDBDocumentClient, UpdateCommand } = require('@aws-sdk/lib-dynamodb')
 
const client = new DynamoDBClient({})
const docClient = DynamoDBDocumentClient.from(client)
 
/**
 * Update user preferences
 * PUT /v1/users/preferences
 */
exports.handler = async (event) => {
  try {
    // Extract user ID from Cognito JWT
    const userId = event.requestContext?.authorizer?.claims?.sub
 
    if (!userId) {
      return {
        statusCode: 401,
        headers: {
          'Content-Type': 'application/json',
          'Access-Control-Allow-Origin': '*'
        },
        body: JSON.stringify({ error: 'Unauthorized - Missing user ID' })
      }
    }
 
    // Parse request body
    const body = JSON.parse(event.body || '{}')
    const { languagePreferences, profilePicture } = body
 
    const hasLanguagePreferences = Object.prototype.hasOwnProperty.call(body, 'languagePreferences')
    const hasProfilePicture = Object.prototype.hasOwnProperty.call(body, 'profilePicture')
 
    if (!hasLanguagePreferences && !hasProfilePicture) {
      return {
        statusCode: 400,
        headers: {
          'Content-Type': 'application/json',
          'Access-Control-Allow-Origin': '*'
        },
        body: JSON.stringify({
          error: 'Invalid input - provide languagePreferences and/or profilePicture'
        })
      }
    }
 
    // Validate language preferences when provided
    if (hasLanguagePreferences && !Array.isArray(languagePreferences)) {
      return {
        statusCode: 400,
        headers: {
          'Content-Type': 'application/json',
          'Access-Control-Allow-Origin': '*'
        },
        body: JSON.stringify({
          error: 'Invalid input - languagePreferences must be an array'
        })
      }
    }
 
    if (hasLanguagePreferences) {
      // Validate array contains only valid language codes (2-letter strings)
      const validPrefs = languagePreferences.every(
        (lang) => typeof lang === 'string' && lang.length === 2
      )
 
      if (!validPrefs) {
        return {
          statusCode: 400,
          headers: {
            'Content-Type': 'application/json',
            'Access-Control-Allow-Origin': '*'
          },
          body: JSON.stringify({
            error: 'Invalid language codes - must be 2-letter strings'
          })
        }
      }
    }
 
    // Validate profile picture key when provided (null clears the value)
    if (hasProfilePicture && profilePicture !== null && typeof profilePicture !== 'string') {
      return {
        statusCode: 400,
        headers: {
          'Content-Type': 'application/json',
          'Access-Control-Allow-Origin': '*'
        },
        body: JSON.stringify({
          error: 'Invalid profilePicture - must be a string or null'
        })
      }
    }
 
    const updateParts = ['updatedAt = :now']
    const expressionAttributeValues = {
      ':now': new Date().toISOString()
    }
    const expressionAttributeNames = {}
 
    if (hasLanguagePreferences) {
      updateParts.push('languagePreferences = :prefs')
      expressionAttributeValues[':prefs'] = languagePreferences
    }
 
    if (hasProfilePicture) {
      updateParts.push('#profilePicture = :profilePicture')
      expressionAttributeNames['#profilePicture'] = 'profilePicture'
      expressionAttributeValues[':profilePicture'] = profilePicture
    }
 
    // Update user preferences in DynamoDB
    const result = await docClient.send(
      new UpdateCommand({
        TableName: process.env.USERS_TABLE_NAME,
        Key: { id: userId },
        UpdateExpression: `SET ${updateParts.join(', ')}`,
        ExpressionAttributeNames:
          Object.keys(expressionAttributeNames).length > 0 ? expressionAttributeNames : undefined,
        ExpressionAttributeValues: expressionAttributeValues,
        ReturnValues: 'ALL_NEW'
      })
    )
 
    return {
      statusCode: 200,
      headers: {
        'Content-Type': 'application/json',
        'Access-Control-Allow-Origin': '*'
      },
      body: JSON.stringify({
        message: 'User preferences updated successfully',
        languagePreferences: result.Attributes?.languagePreferences || [],
        profilePicture: result.Attributes?.profilePicture || null
      })
    }
  } catch (error) {
    console.error('Error updating user preferences:', error)
    return {
      statusCode: 500,
      headers: {
        'Content-Type': 'application/json',
        'Access-Control-Allow-Origin': '*'
      },
      body: JSON.stringify({
        error: 'Failed to update user preferences',
        details: error.message
      })
    }
  }
}