Extend API and TypeDB schema

[flyingsilverfin]

Changes

We add a series of new APIs and capabilities:

Core Data Model

• Users: Human actors with usernames, emails, and profile pictures
• Groups: Collections that can contain users and/or other groups (nested groups)
• Memberships: Relationships between principals (users/groups) and groups

API Endpoints

User Management

- POST /users
Create a new user
Body: {"username": "string", "email": ["string"] | "string", "profile_picture_uri": "string"} (optional)
Response: {"message": "User created successfully", "username": "string", "email": ["string"]}
Status: 201 Created

- GET /users
List all users
Response: Array of user objects with username, email, profile picture URLs
Status: 200 OK
Group Management

- POST /groups
Create a new group
Body: {"group_name": "string"}
Response: {"message": "Group created successfully", "group_name": "string"}
Status: 201 Created

- GET /groups
List all groups
Response: Array of group objects with group names
Status: 200 OK

Membership Management

POST /groups/{group_name}/members
Add a member (user or group) to a group
Body: {"username": "string"} OR {"group_name": "string"}
Response: {"message": "Member added successfully", "group_name": "string", "member_type": "user|group", "member_name": "string"}
Status: 201 Created

GET /groups/{group_name}/members
List direct members of a group
Response: Array of member objects with member name, type, and group name
Status: 200 OK

GET /groups/{group_name}/all-members
List all members of a group (including nested members from sub-groups)
Response: Array of all members (direct and transitive)
Status: 200 OK
Principal Group Queries

GET /users/{username}/groups
List direct groups for a user
Response: Array of group names the user is directly a member of
Status: 200 OK

GET /users/{username}/all-groups
List all groups for a user (including groups inherited through nested memberships)
Response: Array of all group names (direct and transitive)
Status: 200 OK

GET /groups/{group_name}/groups
List direct groups for a group (groups this group is a member of)
Response: Array of group names
Status: 200 OK

GET /groups/{group_name}/all-groups
List all groups for a group (including inherited group memberships)
Response: Array of all group names (direct and transitive)
Status: 200 OK

Utility

POST /reset
Reset the database (delete and recreate with schema)
Response: {"message": "Database reset successfully"}
Status: 200 OK

Key Features

• Hierarchical Groups: Groups can contain other groups, enabling complex organizational structures
• Transitive Queries: APIs support both direct and transitive membership queries
• Flexible Profile Pictures: Support for both HTTP URLs and S3 URIs
• Multiple Emails: Users can have multiple email addresses

[Copilot]

Pull Request Overview

This PR significantly extends the API and TypeDB schema to support a comprehensive user and group management system. The changes introduce hierarchical groups, membership relationships, and transitive queries for complex organizational structures.

• Implements core data models for users, groups, and memberships with support for nested groups
• Adds comprehensive API endpoints for user/group management and membership operations
• Introduces transitive query capabilities for inherited group memberships

Reviewed Changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated 8 comments.

Show a summary per file

File	Description
tests/test_lambda.py	Comprehensive test suite covering user creation, group management, and membership operations
main.tf	Terraform infrastructure for all new API Gateway resources and endpoints
app/lambda/schema.tql	Complete TypeDB schema defining users, groups, memberships, and recursive functions
app/lambda/handler.py	Lambda handler implementing all API endpoints with proper routing and error handling
README.md	Updated setup instructions with TypeDB development mode configuration
Makefile	Updated build process and test targets for the expanded functionality

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[Copilot]

The 'user_groups_resource' creates a duplicate '/users' path that already exists as 'user_resource'. This creates resource duplication and potential conflicts. Consider using the existing 'user_resource' as the parent for the nested user groups resources.

Suggested change

	resource "aws_api_gateway_resource" "user_groups_resource" {
	rest_api_id = aws_api_gateway_rest_api.user_api.id
	parent_id = aws_api_gateway_rest_api.user_api.root_resource_id
	path_part = "users"
	}
	resource "aws_api_gateway_resource" "user_groups_nested_resource" {
	rest_api_id = aws_api_gateway_rest_api.user_api.id
	parent_id = aws_api_gateway_resource.user_groups_resource.id
	# Removed duplicate '/users' resource. Nest under existing 'user_resource'.
	resource "aws_api_gateway_resource" "user_groups_nested_resource" {
	rest_api_id = aws_api_gateway_rest_api.user_api.id
	parent_id = aws_api_gateway_resource.user_resource.id

[whummer]

Awesome set of changes - love to see the extended sample app schema, as well as the Web UI 🚀

Just one thought - should we add a make target to simplify deploying the Web app..? Still need to look into it and do more testing locally, but potentially there would be an opportunity to simplify the Web app deployment on LocalStack (will follow up with more details soon..)

[whummer]

@flyingsilverfin going to merge this PR as-is, but I had some smaller issues running the sample locally. Will create a follow-up PR with some suggested changes shortly. 👍