fix request provider for org members should be None

streaming_status/app.py

@@ -53,15 +53,19 @@ def get_request_provider(app: APIGatewayHttpResolver) -> str | None:
 
     if auth.has_permission(Permission.providers_read):
         provider = requested_provider
-    else:
+    elif auth.is_provider():
         groups = auth.group_memberships()
         if not groups:
             raise AppError.invalid_argument("missing groups")
 
         provider = requested_provider or groups[0]
         if provider not in groups:
             raise AppError.invalid_argument(f"provider not in groups: {provider}")
+    else:
+        provider = None
 
+    # cached so will be logged once
+    logger.info("request for provider %s", provider)
     return provider
 
 
@@ -82,30 +86,20 @@ def get_request_organization(app: APIGatewayHttpResolver) -> str | None:
         if organization not in groups:
             raise AppError.invalid_argument(f"organization not in groups: {organization}")
 
+    # cached so will be logged once
+    logger.info("request for organization %s", organization)
     return organization
 
 
-def _offline_pass_provider(route):
-    @functools.wraps(route)
-    def wrapper(*args, **kwargs):
-        requested_provider = app.current_event.get_query_string_value("provider")
-        return route(*args, **kwargs, provider=requested_provider)
-
-    return wrapper
-
-
 def pass_provider(route):
     """Decorator for passing the selected provider to a route based on the current event.
 
     The decorated route must accept a keyword argument named `provider`.
     """
-    # if config.is_offline:
-    #     return _offline_pass_provider(route)
 
     @functools.wraps(route)
     def wrapper(*args, **kwargs):
         provider = get_request_provider(app)
-        logger.info("request for provider %s", provider)
         logger.append_keys(provider=provider)
         return route(*args, **kwargs, provider=provider)
 
@@ -327,6 +321,11 @@ def me():
         "permissions": auth.get_permissions(),
         "name": auth.name(),
         "group": repo._canonicalize_group_name(group),
+        **(
+            {"provider": get_request_provider(app), "organization": get_request_organization(app)}
+            if config.is_offline
+            else {}
+        ),
     }
 
 

streaming_status/auth.py

@@ -105,6 +105,10 @@ def _roles(self) -> list[str]:
     def is_admin(self) -> bool:
         return Role.admin in self._roles()
 
+    def is_provider(self) -> bool:
+        roles = self._roles()
+        return Role.installer in roles or Role.external_installer in roles
+
     def has_permission(self, *permissions: Permission) -> bool:
         current_permissions = self.get_permissions()
         return all(current_permissions[permission] for permission in permissions)

streaming_status/data_sources/device_ledger.py

@@ -8,6 +8,7 @@
 from ..config import config
 from ..errors import AppError
 from ..model import DeviceCustomLabel
+from ..utils import logger
 
 dynamodb = boto3.resource("dynamodb", region_name=config.device_ledger_table_region)
 
@@ -266,6 +267,7 @@ def _scan_table(
         if page_size:
             parameters["Limit"] = page_size
 
+        logger.debug("running scan on table %s with params %s", config.device_ledger_table_name, parameters)
         result = dynamodb.Table(config.device_ledger_table_name).scan(**parameters)
         result_size += collector(result)  # type: ignore
 

streaming_status/data_sources/fleet_index.py

@@ -48,7 +48,7 @@ def list_devices(
     if page_size is not None:
         request_params["maxResults"] = page_size
 
-    logger.info("search index query: %s", query)
+    logger.debug("search index query: %s", query)
     fleet_result = iot_client.search_index(queryString=query, **request_params)
 
     return fleet_result.get("nextToken"), fleet_result.get("things") or []