From 4a3683d18bb09e9f4d6babbacc1ed121133d714d Mon Sep 17 00:00:00 2001
From: Syed Hussain <suhussai@ualberta.ca>
Date: Mon, 11 Mar 2024 22:29:41 +0000
Subject: [PATCH 1/2] fix: check existence of tenant before updating

---
 resources/functions/tenant-management/index.py | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/resources/functions/tenant-management/index.py b/resources/functions/tenant-management/index.py
index 41195665..682ca9df 100644
--- a/resources/functions/tenant-management/index.py
+++ b/resources/functions/tenant-management/index.py
@@ -7,6 +7,7 @@
 import uuid
 
 import boto3
+from boto3.dynamodb.conditions import Attr
 import botocore
 from aws_lambda_powertools import Logger, Tracer
 from aws_lambda_powertools.event_handler import (APIGatewayRestResolver,
@@ -100,6 +101,9 @@ def update_tenant(tenantId):
     try:
         response = __update_tenant(tenantId, input_details)
         updated_tenant = response['Attributes']
+    except dynamodb.meta.client.exceptions.ConditionalCheckFailedException:
+        logger.info(f'received request to update non-existing tenant {tenantId}')
+        raise NotFoundError(f"Tenant {tenantId} not found.")
     except botocore.exceptions.ClientError as error:
         logger.error(error)
         raise InternalServerError("Unknown error during processing!")
@@ -116,6 +120,9 @@ def delete_tenant(tenantId):
         response = __update_tenant(tenantId, {'tenantStatus': 'Deleting'})
         __create_control_plane_event(
             json.dumps(response['Attributes']), offboarding_detail_type)
+    except dynamodb.meta.client.exceptions.ConditionalCheckFailedException:
+        logger.info(f'received request to update non-existing tenant {tenantId}')
+        raise NotFoundError(f"Tenant {tenantId} not found.")
     except botocore.exceptions.ClientError as error:
         logger.error(error)
         raise InternalServerError("Unknown error during processing!")
@@ -142,6 +149,7 @@ def __update_tenant(tenantId, tenant):
         Key={
             'tenantId': tenantId,
         },
+        ConditionExpression=Attr('tenantId').eq(tenantId),
         UpdateExpression=''.join(update_expression),
         ExpressionAttributeValues=expression_attribute_values,
         ReturnValues="ALL_NEW"

From abac98296e9289702e49fb3312c9909d2d581a3d Mon Sep 17 00:00:00 2001
From: Syed Hussain <suhussai@ualberta.ca>
Date: Wed, 27 Mar 2024 22:47:58 +0000
Subject: [PATCH 2/2] update tests to include check for deleting non-existent
 tenant

---
 scripts/test-sbt-aws.sh | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/scripts/test-sbt-aws.sh b/scripts/test-sbt-aws.sh
index 4aa70d94..9ed74946 100755
--- a/scripts/test-sbt-aws.sh
+++ b/scripts/test-sbt-aws.sh
@@ -160,6 +160,18 @@ else
     log_test "fail" "Failed to delete tenant"
 fi
 
+# Test deleting a non-existent tenant
+echo "Testing delete-tenant for non-existent tenant..."
+fake_tenant_id=$(openssl rand -hex 10)
+delete_output=$(./sbt-aws.sh delete-tenant "$fake_tenant_id" 2>&1)
+delete_response=$(echo "$delete_output" | jq -r '.')
+
+if [ "$(echo "$delete_response" | jq -r '.statusCode')" = "404" ] && [ "$(echo "$delete_response" | jq -r '.message')" = "Tenant '$fake_tenant_id' not found." ]; then
+    log_test "pass" "Received expected error when deleting non-existent tenant"
+else
+    log_test "fail" "Unexpected output when deleting non-existent tenant"
+fi
+
 # Set the exit code based on the overall test status
 if [ "$TEST_PASSED" = true ]; then
     exit 0