feat: add clickhouse query doc and skill links

cmd/community/server.go

@@ -18,12 +18,9 @@ import (
 	"github.com/SigNoz/signoz/pkg/gateway/noopgateway"
 	"github.com/SigNoz/signoz/pkg/licensing"
 	"github.com/SigNoz/signoz/pkg/licensing/nooplicensing"
-	"github.com/SigNoz/signoz/pkg/modules/cloudintegration"
-	"github.com/SigNoz/signoz/pkg/modules/cloudintegration/implcloudintegration"
 	"github.com/SigNoz/signoz/pkg/modules/dashboard"
 	"github.com/SigNoz/signoz/pkg/modules/dashboard/impldashboard"
 	"github.com/SigNoz/signoz/pkg/modules/organization"
-	"github.com/SigNoz/signoz/pkg/modules/user"
 	"github.com/SigNoz/signoz/pkg/querier"
 	"github.com/SigNoz/signoz/pkg/query-service/app"
 	"github.com/SigNoz/signoz/pkg/queryparser"
@@ -31,7 +28,6 @@ import (
 	"github.com/SigNoz/signoz/pkg/sqlschema"
 	"github.com/SigNoz/signoz/pkg/sqlstore"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/cloudintegrationtypes"
 	"github.com/SigNoz/signoz/pkg/version"
 	"github.com/SigNoz/signoz/pkg/zeus"
 	"github.com/SigNoz/signoz/pkg/zeus/noopzeus"
@@ -94,9 +90,6 @@ func runServer(ctx context.Context, config signoz.Config, logger *slog.Logger) e
 		func(ps factory.ProviderSettings, q querier.Querier, a analytics.Analytics) querier.Handler {
 			return querier.NewHandler(ps, q, a)
 		},
-		func(_ cloudintegrationtypes.Store, _ zeus.Zeus, _ gateway.Gateway, _ licensing.Licensing, _ user.Getter, _ user.Setter) cloudintegration.Module {
-			return implcloudintegration.NewModule()
-		},
 	)
 	if err != nil {
 		logger.ErrorContext(ctx, "failed to create signoz", errors.Attr(err))

cmd/enterprise/server.go

@@ -15,7 +15,6 @@ import (
 	"github.com/SigNoz/signoz/ee/gateway/httpgateway"
 	enterpriselicensing "github.com/SigNoz/signoz/ee/licensing"
 	"github.com/SigNoz/signoz/ee/licensing/httplicensing"
-	"github.com/SigNoz/signoz/ee/modules/cloudintegration/implcloudintegration"
 	"github.com/SigNoz/signoz/ee/modules/dashboard/impldashboard"
 	eequerier "github.com/SigNoz/signoz/ee/querier"
 	enterpriseapp "github.com/SigNoz/signoz/ee/query-service/app"
@@ -30,11 +29,9 @@ import (
 	"github.com/SigNoz/signoz/pkg/factory"
 	"github.com/SigNoz/signoz/pkg/gateway"
 	"github.com/SigNoz/signoz/pkg/licensing"
-	"github.com/SigNoz/signoz/pkg/modules/cloudintegration"
 	"github.com/SigNoz/signoz/pkg/modules/dashboard"
 	pkgimpldashboard "github.com/SigNoz/signoz/pkg/modules/dashboard/impldashboard"
 	"github.com/SigNoz/signoz/pkg/modules/organization"
-	"github.com/SigNoz/signoz/pkg/modules/user"
 	"github.com/SigNoz/signoz/pkg/querier"
 	"github.com/SigNoz/signoz/pkg/queryparser"
 	"github.com/SigNoz/signoz/pkg/signoz"
@@ -42,7 +39,6 @@ import (
 	"github.com/SigNoz/signoz/pkg/sqlstore"
 	"github.com/SigNoz/signoz/pkg/sqlstore/sqlstorehook"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/cloudintegrationtypes"
 	"github.com/SigNoz/signoz/pkg/version"
 	"github.com/SigNoz/signoz/pkg/zeus"
 )
@@ -135,10 +131,8 @@ func runServer(ctx context.Context, config signoz.Config, logger *slog.Logger) e
 			communityHandler := querier.NewHandler(ps, q, a)
 			return eequerier.NewHandler(ps, q, communityHandler)
 		},
-		func(store cloudintegrationtypes.Store, zeus zeus.Zeus, gateway gateway.Gateway, licensing licensing.Licensing, userGetter user.Getter, userSetter user.Setter) cloudintegration.Module {
-			return implcloudintegration.NewModule(store, config.Global, zeus, gateway, licensing, userGetter, userSetter)
-		},
 	)
+
 	if err != nil {
 		logger.ErrorContext(ctx, "failed to create signoz", errors.Attr(err))
 		return err

docs/api/openapi.yml

@@ -327,27 +327,6 @@ components:
           nullable: true
           type: array
       type: object
-    AuthtypesStorableRole:
-      properties:
-        createdAt:
-          format: date-time
-          type: string
-        description:
-          type: string
-        id:
-          type: string
-        name:
-          type: string
-        orgId:
-          type: string
-        type:
-          type: string
-        updatedAt:
-          format: date-time
-          type: string
-      required:
-      - id
-      type: object
     AuthtypesTransaction:
       properties:
         object:
@@ -363,53 +342,6 @@ components:
         config:
           $ref: '#/components/schemas/AuthtypesAuthDomainConfig'
       type: object
-    AuthtypesUserRole:
-      properties:
-        createdAt:
-          format: date-time
-          type: string
-        id:
-          type: string
-        role:
-          $ref: '#/components/schemas/AuthtypesStorableRole'
-        roleId:
-          type: string
-        updatedAt:
-          format: date-time
-          type: string
-        userId:
-          type: string
-      required:
-      - id
-      type: object
-    AuthtypesUserWithRoles:
-      properties:
-        createdAt:
-          format: date-time
-          type: string
-        displayName:
-          type: string
-        email:
-          type: string
-        id:
-          type: string
-        isRoot:
-          type: boolean
-        orgId:
-          type: string
-        status:
-          type: string
-        updatedAt:
-          format: date-time
-          type: string
-        userRoles:
-          items:
-            $ref: '#/components/schemas/AuthtypesUserRole'
-          nullable: true
-          type: array
-      required:
-      - id
-      type: object
     CloudintegrationtypesAWSAccountConfig:
       properties:
         regions:
@@ -2674,13 +2606,6 @@ components:
         token:
           type: string
       type: object
-    TypesPostableRole:
-      properties:
-        name:
-          type: string
-      required:
-      - name
-      type: object
     TypesResetPasswordToken:
       properties:
         expiresAt:
@@ -2722,13 +2647,6 @@ components:
       required:
       - id
       type: object
-    TypesUpdatableUser:
-      properties:
-        displayName:
-          type: string
-      required:
-      - displayName
-      type: object
     TypesUser:
       properties:
         createdAt:
@@ -6195,7 +6113,7 @@ paths:
     get:
       deprecated: false
       description: This endpoint lists all users
-      operationId: ListUsersDeprecated
+      operationId: ListUsers
       responses:
         "200":
           content:
@@ -6288,7 +6206,7 @@ paths:
     get:
       deprecated: false
       description: This endpoint returns the user by id
-      operationId: GetUserDeprecated
+      operationId: GetUser
       parameters:
       - in: path
         name: id
@@ -6345,7 +6263,7 @@ paths:
     put:
       deprecated: false
       description: This endpoint updates the user by id
-      operationId: UpdateUserDeprecated
+      operationId: UpdateUser
       parameters:
       - in: path
         name: id
@@ -6414,7 +6332,7 @@ paths:
     get:
       deprecated: false
       description: This endpoint returns the user I belong to
-      operationId: GetMyUserDeprecated
+      operationId: GetMyUser
       responses:
         "200":
           content:
@@ -7863,66 +7781,6 @@ paths:
       summary: Readiness check
       tags:
       - health
-  /api/v2/roles/{id}/users:
-    get:
-      deprecated: false
-      description: This endpoint returns the users having the role by role id
-      operationId: GetUsersByRoleID
-      parameters:
-      - in: path
-        name: id
-        required: true
-        schema:
-          type: string
-      responses:
-        "200":
-          content:
-            application/json:
-              schema:
-                properties:
-                  data:
-                    items:
-                      $ref: '#/components/schemas/TypesUser'
-                    type: array
-                  status:
-                    type: string
-                required:
-                - status
-                - data
-                type: object
-          description: OK
-        "401":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Unauthorized
-        "403":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Forbidden
-        "404":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Not Found
-        "500":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Internal Server Error
-      security:
-      - api_key:
-        - ADMIN
-      - tokenizer:
-        - ADMIN
-      summary: Get users by role id
-      tags:
-      - users
   /api/v2/sessions:
     delete:
       deprecated: false
@@ -8081,408 +7939,6 @@ paths:
       summary: Rotate session
       tags:
       - sessions
-  /api/v2/users:
-    get:
-      deprecated: false
-      description: This endpoint lists all users for the organization
-      operationId: ListUsers
-      responses:
-        "200":
-          content:
-            application/json:
-              schema:
-                properties:
-                  data:
-                    items:
-                      $ref: '#/components/schemas/TypesUser'
-                    type: array
-                  status:
-                    type: string
-                required:
-                - status
-                - data
-                type: object
-          description: OK
-        "401":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Unauthorized
-        "403":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Forbidden
-        "500":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Internal Server Error
-      security:
-      - api_key:
-        - ADMIN
-      - tokenizer:
-        - ADMIN
-      summary: List users v2
-      tags:
-      - users
-  /api/v2/users/{id}:
-    get:
-      deprecated: false
-      description: This endpoint returns the user by id
-      operationId: GetUser
-      parameters:
-      - in: path
-        name: id
-        required: true
-        schema:
-          type: string
-      responses:
-        "200":
-          content:
-            application/json:
-              schema:
-                properties:
-                  data:
-                    $ref: '#/components/schemas/AuthtypesUserWithRoles'
-                  status:
-                    type: string
-                required:
-                - status
-                - data
-                type: object
-          description: OK
-        "401":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Unauthorized
-        "403":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Forbidden
-        "404":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Not Found
-        "500":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Internal Server Error
-      security:
-      - api_key:
-        - ADMIN
-      - tokenizer:
-        - ADMIN
-      summary: Get user by user id
-      tags:
-      - users
-    put:
-      deprecated: false
-      description: This endpoint updates the user by id
-      operationId: UpdateUser
-      parameters:
-      - in: path
-        name: id
-        required: true
-        schema:
-          type: string
-      requestBody:
-        content:
-          application/json:
-            schema:
-              $ref: '#/components/schemas/TypesUpdatableUser'
-      responses:
-        "204":
-          description: No Content
-        "400":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Bad Request
-        "401":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Unauthorized
-        "403":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Forbidden
-        "404":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Not Found
-        "500":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Internal Server Error
-      security:
-      - api_key:
-        - ADMIN
-      - tokenizer:
-        - ADMIN
-      summary: Update user v2
-      tags:
-      - users
-  /api/v2/users/{id}/roles:
-    get:
-      deprecated: false
-      description: This endpoint returns the user roles by user id
-      operationId: GetRolesByUserID
-      parameters:
-      - in: path
-        name: id
-        required: true
-        schema:
-          type: string
-      responses:
-        "200":
-          content:
-            application/json:
-              schema:
-                properties:
-                  data:
-                    items:
-                      $ref: '#/components/schemas/AuthtypesRole'
-                    type: array
-                  status:
-                    type: string
-                required:
-                - status
-                - data
-                type: object
-          description: OK
-        "401":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Unauthorized
-        "403":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Forbidden
-        "404":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Not Found
-        "500":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Internal Server Error
-      security:
-      - api_key:
-        - ADMIN
-      - tokenizer:
-        - ADMIN
-      summary: Get user roles
-      tags:
-      - users
-    post:
-      deprecated: false
-      description: This endpoint assigns the role to the user roles by user id
-      operationId: SetRoleByUserID
-      parameters:
-      - in: path
-        name: id
-        required: true
-        schema:
-          type: string
-      requestBody:
-        content:
-          application/json:
-            schema:
-              $ref: '#/components/schemas/TypesPostableRole'
-      responses:
-        "200":
-          description: OK
-        "401":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Unauthorized
-        "403":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Forbidden
-        "404":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Not Found
-        "500":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Internal Server Error
-      security:
-      - api_key:
-        - ADMIN
-      - tokenizer:
-        - ADMIN
-      summary: Set user roles
-      tags:
-      - users
-  /api/v2/users/{id}/roles/{roleId}:
-    delete:
-      deprecated: false
-      description: This endpoint removes a role from the user by user id and role
-        id
-      operationId: RemoveUserRoleByUserIDAndRoleID
-      parameters:
-      - in: path
-        name: id
-        required: true
-        schema:
-          type: string
-      - in: path
-        name: roleId
-        required: true
-        schema:
-          type: string
-      responses:
-        "204":
-          description: No Content
-        "401":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Unauthorized
-        "403":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Forbidden
-        "404":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Not Found
-        "500":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Internal Server Error
-      security:
-      - api_key:
-        - ADMIN
-      - tokenizer:
-        - ADMIN
-      summary: Remove a role from user
-      tags:
-      - users
-  /api/v2/users/me:
-    get:
-      deprecated: false
-      description: This endpoint returns the user I belong to
-      operationId: GetMyUser
-      responses:
-        "200":
-          content:
-            application/json:
-              schema:
-                properties:
-                  data:
-                    $ref: '#/components/schemas/AuthtypesUserWithRoles'
-                  status:
-                    type: string
-                required:
-                - status
-                - data
-                type: object
-          description: OK
-        "401":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Unauthorized
-        "403":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Forbidden
-        "500":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Internal Server Error
-      security:
-      - tokenizer: []
-      summary: Get my user v2
-      tags:
-      - users
-    put:
-      deprecated: false
-      description: This endpoint updates the user I belong to
-      operationId: UpdateMyUserV2
-      requestBody:
-        content:
-          application/json:
-            schema:
-              $ref: '#/components/schemas/TypesUpdatableUser'
-      responses:
-        "204":
-          description: No Content
-        "401":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Unauthorized
-        "403":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Forbidden
-        "500":
-          content:
-            application/json:
-              schema:
-                $ref: '#/components/schemas/RenderErrorResponse'
-          description: Internal Server Error
-      security:
-      - tokenizer: []
-      summary: Update my user v2
-      tags:
-      - users
   /api/v2/zeus/hosts:
     get:
       deprecated: false

ee/modules/cloudintegration/implcloudintegration/implcloudprovider/awscloudprovider.go

@@ -1,46 +0,0 @@
-package implcloudprovider
-
-import (
-	"context"
-	"fmt"
-	"net/url"
-
-	"github.com/SigNoz/signoz/pkg/modules/cloudintegration"
-	"github.com/SigNoz/signoz/pkg/types/cloudintegrationtypes"
-)
-
-type awscloudprovider struct{}
-
-func NewAWSCloudProvider() cloudintegration.CloudProviderModule {
-	return &awscloudprovider{}
-}
-
-func (provider *awscloudprovider) GetConnectionArtifact(ctx context.Context, creds *cloudintegrationtypes.SignozCredentials, account *cloudintegrationtypes.Account, req *cloudintegrationtypes.ConnectionArtifactRequest) (*cloudintegrationtypes.ConnectionArtifact, error) {
-	// TODO: get this from config
-	agentVersion := "v0.0.8"
-
-	baseURL := fmt.Sprintf("https://%s.console.aws.amazon.com/cloudformation/home", req.Aws.DeploymentRegion)
-	u, _ := url.Parse(baseURL)
-
-	q := u.Query()
-	q.Set("region", req.Aws.DeploymentRegion)
-	u.Fragment = "/stacks/quickcreate"
-
-	u.RawQuery = q.Encode()
-
-	q = u.Query()
-	q.Set("stackName", "signoz-integration")
-	q.Set("templateURL", fmt.Sprintf("https://signoz-integrations.s3.us-east-1.amazonaws.com/aws-quickcreate-template-%s.json", agentVersion))
-	q.Set("param_SigNozIntegrationAgentVersion", agentVersion)
-	q.Set("param_SigNozApiUrl", creds.SigNozAPIURL)
-	q.Set("param_SigNozApiKey", creds.SigNozAPIKey)
-	q.Set("param_SigNozAccountId", account.ID.StringValue())
-	q.Set("param_IngestionUrl", creds.IngestionURL)
-	q.Set("param_IngestionKey", creds.IngestionKey)
-
-	return &cloudintegrationtypes.ConnectionArtifact{
-		Aws: &cloudintegrationtypes.AWSConnectionArtifact{
-			ConnectionURL: u.String() + "?&" + q.Encode(), // this format is required by AWS
-		},
-	}, nil
-}

ee/modules/cloudintegration/implcloudintegration/implcloudprovider/azurecloudprovider.go

@@ -1,18 +0,0 @@
-package implcloudprovider
-
-import (
-	"context"
-
-	"github.com/SigNoz/signoz/pkg/modules/cloudintegration"
-	"github.com/SigNoz/signoz/pkg/types/cloudintegrationtypes"
-)
-
-type azurecloudprovider struct{}
-
-func NewAzureCloudProvider() cloudintegration.CloudProviderModule {
-	return &azurecloudprovider{}
-}
-
-func (provider *azurecloudprovider) GetConnectionArtifact(ctx context.Context, creds *cloudintegrationtypes.SignozCredentials, account *cloudintegrationtypes.Account, req *cloudintegrationtypes.ConnectionArtifactRequest) (*cloudintegrationtypes.ConnectionArtifact, error) {
-	panic("implement me")
-}

ee/modules/cloudintegration/implcloudintegration/module.go

@@ -1,262 +0,0 @@
-package implcloudintegration
-
-import (
-	"context"
-	"time"
-
-	"github.com/SigNoz/signoz/ee/modules/cloudintegration/implcloudintegration/implcloudprovider"
-	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/SigNoz/signoz/pkg/gateway"
-	"github.com/SigNoz/signoz/pkg/global"
-	"github.com/SigNoz/signoz/pkg/licensing"
-	"github.com/SigNoz/signoz/pkg/modules/cloudintegration"
-	"github.com/SigNoz/signoz/pkg/modules/user"
-	"github.com/SigNoz/signoz/pkg/types"
-	"github.com/SigNoz/signoz/pkg/types/cloudintegrationtypes"
-	"github.com/SigNoz/signoz/pkg/types/dashboardtypes"
-	"github.com/SigNoz/signoz/pkg/types/zeustypes"
-	"github.com/SigNoz/signoz/pkg/valuer"
-	"github.com/SigNoz/signoz/pkg/zeus"
-)
-
-type module struct {
-	userGetter        user.Getter
-	userSetter        user.Setter
-	store             cloudintegrationtypes.Store
-	gateway           gateway.Gateway
-	zeus              zeus.Zeus
-	licensing         licensing.Licensing
-	globalConfig      global.Config
-	cloudProvidersMap map[cloudintegrationtypes.CloudProviderType]cloudintegration.CloudProviderModule
-}
-
-func NewModule(
-	store cloudintegrationtypes.Store,
-	globalConfig global.Config,
-	zeus zeus.Zeus,
-	gateway gateway.Gateway,
-	licensing licensing.Licensing,
-	userGetter user.Getter,
-	userSetter user.Setter,
-) cloudintegration.Module {
-	awsCloudProviderModule := implcloudprovider.NewAWSCloudProvider()
-	azureCloudProviderModule := implcloudprovider.NewAzureCloudProvider()
-	cloudProvidersMap := map[cloudintegrationtypes.CloudProviderType]cloudintegration.CloudProviderModule{
-		cloudintegrationtypes.CloudProviderTypeAWS:   awsCloudProviderModule,
-		cloudintegrationtypes.CloudProviderTypeAzure: azureCloudProviderModule,
-	}
-
-	return &module{
-		store:             store,
-		globalConfig:      globalConfig,
-		zeus:              zeus,
-		gateway:           gateway,
-		licensing:         licensing,
-		userGetter:        userGetter,
-		userSetter:        userSetter,
-		cloudProvidersMap: cloudProvidersMap,
-	}
-}
-
-func (module *module) CreateAccount(ctx context.Context, account *cloudintegrationtypes.Account) error {
-	_, err := module.licensing.GetActive(ctx, account.OrgID)
-	if err != nil {
-		return errors.New(errors.TypeLicenseUnavailable, errors.CodeLicenseUnavailable, "a valid license is not available").WithAdditional("this feature requires a valid license").WithAdditional(err.Error())
-	}
-
-	storableCloudIntegration, err := cloudintegrationtypes.NewStorableCloudIntegration(account)
-	if err != nil {
-		return err
-	}
-
-	return module.store.CreateAccount(ctx, storableCloudIntegration)
-}
-
-func (module *module) GetConnectionArtifact(ctx context.Context, account *cloudintegrationtypes.Account, req *cloudintegrationtypes.ConnectionArtifactRequest) (*cloudintegrationtypes.ConnectionArtifact, error) {
-	// TODO: evaluate if this check is really required and remove if the deployment promises to always have this configured.
-	if module.globalConfig.IngestionURL == nil {
-		return nil, errors.New(errors.TypeInternal, errors.CodeInternal, "ingestion URL is not configured")
-	}
-
-	// get license to get the deployment details
-	license, err := module.licensing.GetActive(ctx, account.OrgID)
-	if err != nil {
-		return nil, err
-	}
-
-	// get deployment details from zeus
-	respBytes, err := module.zeus.GetDeployment(ctx, license.Key)
-	if err != nil {
-		return nil, errors.WrapInternalf(err, errors.CodeInternal, "couldn't get deployment")
-	}
-
-	// parse deployment details
-	deployment, err := zeustypes.NewGettableDeployment(respBytes)
-	if err != nil {
-		return nil, err
-	}
-
-	apiKey, err := module.getOrCreateAPIKey(ctx, account.OrgID, account.Provider)
-	if err != nil {
-		return nil, err
-	}
-
-	ingestionKey, err := module.getOrCreateIngestionKey(ctx, account.OrgID, account.Provider)
-	if err != nil {
-		return nil, err
-	}
-
-	creds := &cloudintegrationtypes.SignozCredentials{
-		SigNozAPIURL: deployment.SignozAPIUrl,
-		SigNozAPIKey: apiKey,
-		IngestionURL: module.globalConfig.IngestionURL.String(),
-		IngestionKey: ingestionKey,
-	}
-
-	cloudProviderModule, err := module.GetCloudProvider(account.Provider)
-	if err != nil {
-		return nil, err
-	}
-
-	return cloudProviderModule.GetConnectionArtifact(ctx, creds, account, req)
-}
-
-func (module *module) GetAccount(ctx context.Context, orgID valuer.UUID, accountID valuer.UUID, provider cloudintegrationtypes.CloudProviderType) (*cloudintegrationtypes.Account, error) {
-	panic("unimplemented")
-}
-
-func (module *module) AgentCheckIn(ctx context.Context, orgID valuer.UUID, provider cloudintegrationtypes.CloudProviderType, req *cloudintegrationtypes.AgentCheckInRequest) (*cloudintegrationtypes.AgentCheckInResponse, error) {
-	panic("unimplemented")
-}
-
-func (module *module) CreateService(ctx context.Context, orgID valuer.UUID, service *cloudintegrationtypes.CloudIntegrationService) error {
-	panic("unimplemented")
-}
-
-func (module *module) DisconnectAccount(ctx context.Context, orgID valuer.UUID, accountID valuer.UUID, provider cloudintegrationtypes.CloudProviderType) error {
-	panic("unimplemented")
-}
-
-func (module *module) GetDashboardByID(ctx context.Context, orgID valuer.UUID, id string) (*dashboardtypes.Dashboard, error) {
-	panic("unimplemented")
-}
-
-func (module *module) GetService(ctx context.Context, orgID valuer.UUID, integrationID *valuer.UUID, serviceID string) (*cloudintegrationtypes.Service, error) {
-	panic("unimplemented")
-}
-
-func (module *module) ListAccounts(ctx context.Context, orgID valuer.UUID, provider cloudintegrationtypes.CloudProviderType) ([]*cloudintegrationtypes.Account, error) {
-	panic("unimplemented")
-}
-
-func (module *module) ListDashboards(ctx context.Context, orgID valuer.UUID) ([]*dashboardtypes.Dashboard, error) {
-	panic("unimplemented")
-}
-
-func (module *module) ListServicesMetadata(ctx context.Context, orgID valuer.UUID, integrationID *valuer.UUID) ([]*cloudintegrationtypes.ServiceMetadata, error) {
-	panic("unimplemented")
-}
-
-func (module *module) UpdateAccount(ctx context.Context, account *cloudintegrationtypes.Account) error {
-	panic("unimplemented")
-}
-
-func (module *module) UpdateService(ctx context.Context, orgID valuer.UUID, service *cloudintegrationtypes.CloudIntegrationService) error {
-	panic("unimplemented")
-}
-
-func (m *module) GetCloudProvider(provider cloudintegrationtypes.CloudProviderType) (cloudintegration.CloudProviderModule, error) {
-	if cloudProviderModule, ok := m.cloudProvidersMap[provider]; ok {
-		return cloudProviderModule, nil
-	}
-
-	return nil, errors.New(errors.TypeUnsupported, cloudintegrationtypes.ErrCodeUnsupported, "cloud provider is not supported")
-}
-
-func (module *module) getOrCreateIngestionKey(ctx context.Context, orgID valuer.UUID, provider cloudintegrationtypes.CloudProviderType) (string, error) {
-	keyName := cloudintegrationtypes.NewIngestionKeyName(provider)
-
-	result, err := module.gateway.SearchIngestionKeysByName(ctx, orgID, keyName, 1, 10)
-	if err != nil {
-		return "", errors.WrapInternalf(err, errors.CodeInternal, "couldn't search ingestion keys")
-	}
-
-	for _, k := range result.Keys {
-		if k.Name == keyName {
-			return k.Value, nil
-		}
-	}
-
-	created, err := module.gateway.CreateIngestionKey(ctx, orgID, keyName, []string{"integration"}, time.Time{})
-	if err != nil {
-		return "", errors.WrapInternalf(err, errors.CodeInternal, "couldn't create ingestion key")
-	}
-
-	return created.Value, nil
-}
-
-func (module *module) getOrCreateAPIKey(ctx context.Context, orgID valuer.UUID, provider cloudintegrationtypes.CloudProviderType) (string, error) {
-	integrationUser, err := module.getOrCreateIntegrationUser(ctx, orgID, provider)
-	if err != nil {
-		return "", err
-	}
-
-	existingKeys, err := module.userSetter.ListAPIKeys(ctx, orgID)
-	if err != nil {
-		return "", err
-	}
-
-	keyName := cloudintegrationtypes.NewAPIKeyName(provider)
-
-	for _, key := range existingKeys {
-		if key.Name == keyName && key.UserID == integrationUser.ID {
-			return key.Token, nil
-		}
-	}
-
-	apiKey, err := types.NewStorableAPIKey(keyName, integrationUser.ID, types.RoleViewer, 0)
-	if err != nil {
-		return "", err
-	}
-
-	err = module.userSetter.CreateAPIKey(ctx, apiKey)
-	if err != nil {
-		return "", err
-	}
-
-	return apiKey.Token, nil
-}
-
-func (module *module) getOrCreateIntegrationUser(ctx context.Context, orgID valuer.UUID, provider cloudintegrationtypes.CloudProviderType) (*types.User, error) {
-	email, err := cloudintegrationtypes.GetCloudProviderEmail(provider)
-	if err != nil {
-		return nil, err
-	}
-
-	// get user by email
-	integrationUser, err := module.userGetter.GetNonDeletedUserByEmailAndOrgID(ctx, email, orgID)
-	if err != nil && !errors.Ast(err, errors.TypeNotFound) {
-		return nil, err
-	}
-
-	// if user found, return
-	if integrationUser != nil {
-		return integrationUser, nil
-	}
-
-	// if user not found, create a new one
-	displayName := cloudintegrationtypes.NewIntegrationUserDisplayName(provider)
-	integrationUser, err = types.NewUser(displayName, email, orgID, types.UserStatusActive)
-	if err != nil {
-		return nil, err
-	}
-
-	password := types.MustGenerateFactorPassword(integrationUser.ID.String())
-
-	err = module.userSetter.CreateUser(ctx, integrationUser, user.WithFactorPassword(password))
-	if err != nil {
-		return nil, err
-	}
-
-	return integrationUser, nil
-}

frontend/src/api/generated/services/sigNoz.schemas.ts

@@ -425,39 +425,6 @@ export interface AuthtypesSessionContextDTO {
 	orgs?: AuthtypesOrgSessionContextDTO[] | null;
 }
 
-export interface AuthtypesStorableRoleDTO {
-	/**
-	 * @type string
-	 * @format date-time
-	 */
-	createdAt?: Date;
-	/**
-	 * @type string
-	 */
-	description?: string;
-	/**
-	 * @type string
-	 */
-	id: string;
-	/**
-	 * @type string
-	 */
-	name?: string;
-	/**
-	 * @type string
-	 */
-	orgId?: string;
-	/**
-	 * @type string
-	 */
-	type?: string;
-	/**
-	 * @type string
-	 * @format date-time
-	 */
-	updatedAt?: Date;
-}
-
 export interface AuthtypesTransactionDTO {
 	object: AuthtypesObjectDTO;
 	/**
@@ -470,74 +437,6 @@ export interface AuthtypesUpdateableAuthDomainDTO {
 	config?: AuthtypesAuthDomainConfigDTO;
 }
 
-export interface AuthtypesUserRoleDTO {
-	/**
-	 * @type string
-	 * @format date-time
-	 */
-	createdAt?: Date;
-	/**
-	 * @type string
-	 */
-	id: string;
-	role?: AuthtypesStorableRoleDTO;
-	/**
-	 * @type string
-	 */
-	roleId?: string;
-	/**
-	 * @type string
-	 * @format date-time
-	 */
-	updatedAt?: Date;
-	/**
-	 * @type string
-	 */
-	userId?: string;
-}
-
-export interface AuthtypesUserWithRolesDTO {
-	/**
-	 * @type string
-	 * @format date-time
-	 */
-	createdAt?: Date;
-	/**
-	 * @type string
-	 */
-	displayName?: string;
-	/**
-	 * @type string
-	 */
-	email?: string;
-	/**
-	 * @type string
-	 */
-	id: string;
-	/**
-	 * @type boolean
-	 */
-	isRoot?: boolean;
-	/**
-	 * @type string
-	 */
-	orgId?: string;
-	/**
-	 * @type string
-	 */
-	status?: string;
-	/**
-	 * @type string
-	 * @format date-time
-	 */
-	updatedAt?: Date;
-	/**
-	 * @type array
-	 * @nullable true
-	 */
-	userRoles?: AuthtypesUserRoleDTO[] | null;
-}
-
 export interface CloudintegrationtypesAWSAccountConfigDTO {
 	/**
 	 * @type array
@@ -3180,13 +3079,6 @@ export interface TypesPostableResetPasswordDTO {
 	token?: string;
 }
 
-export interface TypesPostableRoleDTO {
-	/**
-	 * @type string
-	 */
-	name: string;
-}
-
 export interface TypesResetPasswordTokenDTO {
 	/**
 	 * @type string
@@ -3252,13 +3144,6 @@ export interface TypesStorableAPIKeyDTO {
 	userId?: string;
 }
 
-export interface TypesUpdatableUserDTO {
-	/**
-	 * @type string
-	 */
-	displayName: string;
-}
-
 export interface TypesUserDTO {
 	/**
 	 * @type string
@@ -3965,7 +3850,7 @@ export type UpdateServiceAccountKeyPathParameters = {
 export type UpdateServiceAccountStatusPathParameters = {
 	id: string;
 };
-export type ListUsersDeprecated200 = {
+export type ListUsers200 = {
 	/**
 	 * @type array
 	 */
@@ -3979,10 +3864,10 @@ export type ListUsersDeprecated200 = {
 export type DeleteUserPathParameters = {
 	id: string;
 };
-export type GetUserDeprecatedPathParameters = {
+export type GetUserPathParameters = {
 	id: string;
 };
-export type GetUserDeprecated200 = {
+export type GetUser200 = {
 	data: TypesDeprecatedUserDTO;
 	/**
 	 * @type string
@@ -3990,10 +3875,10 @@ export type GetUserDeprecated200 = {
 	status: string;
 };
 
-export type UpdateUserDeprecatedPathParameters = {
+export type UpdateUserPathParameters = {
 	id: string;
 };
-export type UpdateUserDeprecated200 = {
+export type UpdateUser200 = {
 	data: TypesDeprecatedUserDTO;
 	/**
 	 * @type string
@@ -4001,7 +3886,7 @@ export type UpdateUserDeprecated200 = {
 	status: string;
 };
 
-export type GetMyUserDeprecated200 = {
+export type GetMyUser200 = {
 	data: TypesDeprecatedUserDTO;
 	/**
 	 * @type string
@@ -4298,20 +4183,6 @@ export type Readyz503 = {
 	status: string;
 };
 
-export type GetUsersByRoleIDPathParameters = {
-	id: string;
-};
-export type GetUsersByRoleID200 = {
-	/**
-	 * @type array
-	 */
-	data: TypesUserDTO[];
-	/**
-	 * @type string
-	 */
-	status: string;
-};
-
 export type GetSessionContext200 = {
 	data: AuthtypesSessionContextDTO;
 	/**
@@ -4336,60 +4207,6 @@ export type RotateSession200 = {
 	status: string;
 };
 
-export type ListUsers200 = {
-	/**
-	 * @type array
-	 */
-	data: TypesUserDTO[];
-	/**
-	 * @type string
-	 */
-	status: string;
-};
-
-export type GetUserPathParameters = {
-	id: string;
-};
-export type GetUser200 = {
-	data: AuthtypesUserWithRolesDTO;
-	/**
-	 * @type string
-	 */
-	status: string;
-};
-
-export type UpdateUserPathParameters = {
-	id: string;
-};
-export type GetRolesByUserIDPathParameters = {
-	id: string;
-};
-export type GetRolesByUserID200 = {
-	/**
-	 * @type array
-	 */
-	data: AuthtypesRoleDTO[];
-	/**
-	 * @type string
-	 */
-	status: string;
-};
-
-export type SetRoleByUserIDPathParameters = {
-	id: string;
-};
-export type RemoveUserRoleByUserIDAndRoleIDPathParameters = {
-	id: string;
-	roleId: string;
-};
-export type GetMyUser200 = {
-	data: AuthtypesUserWithRolesDTO;
-	/**
-	 * @type string
-	 */
-	status: string;
-};
-
 export type GetHosts200 = {
 	data: ZeustypesGettableHostDTO;
 	/**

frontend/src/components/EditMemberDrawer/EditMemberDrawer.tsx

@@ -20,7 +20,7 @@ import { RenderErrorResponseDTO } from 'api/generated/services/sigNoz.schemas';
 import {
 	getResetPasswordToken,
 	useDeleteUser,
-	useUpdateUserDeprecated,
+	useUpdateUser,
 } from 'api/generated/services/users';
 import { AxiosError } from 'axios';
 import { MemberRow } from 'components/MembersTable/MembersTable';
@@ -60,7 +60,7 @@ function EditMemberDrawer({
 
 	const isInvited = member?.status === MemberStatus.Invited;
 
-	const { mutate: updateUser, isLoading: isSaving } = useUpdateUserDeprecated({
+	const { mutate: updateUser, isLoading: isSaving } = useUpdateUser({
 		mutation: {
 			onSuccess: (): void => {
 				toast.success('Member details updated successfully', { richColors: true });

frontend/src/components/EditMemberDrawer/__tests__/EditMemberDrawer.test.tsx

@@ -4,7 +4,7 @@ import { convertToApiError } from 'api/ErrorResponseHandlerForGeneratedAPIs';
 import {
 	getResetPasswordToken,
 	useDeleteUser,
-	useUpdateUserDeprecated,
+	useUpdateUser,
 } from 'api/generated/services/users';
 import { MemberStatus } from 'container/MembersSettings/utils';
 import {
@@ -50,7 +50,7 @@ jest.mock('@signozhq/dialog', () => ({
 
 jest.mock('api/generated/services/users', () => ({
 	useDeleteUser: jest.fn(),
-	useUpdateUserDeprecated: jest.fn(),
+	useUpdateUser: jest.fn(),
 	getResetPasswordToken: jest.fn(),
 }));
 
@@ -105,7 +105,7 @@ function renderDrawer(
 describe('EditMemberDrawer', () => {
 	beforeEach(() => {
 		jest.clearAllMocks();
-		(useUpdateUserDeprecated as jest.Mock).mockReturnValue({
+		(useUpdateUser as jest.Mock).mockReturnValue({
 			mutate: mockUpdateMutate,
 			isLoading: false,
 		});
@@ -130,7 +130,7 @@ describe('EditMemberDrawer', () => {
 		const onComplete = jest.fn();
 		const user = userEvent.setup({ pointerEventsCheck: 0 });
 
-		(useUpdateUserDeprecated as jest.Mock).mockImplementation((options) => ({
+		(useUpdateUser as jest.Mock).mockImplementation((options) => ({
 			mutate: mockUpdateMutate.mockImplementation(() => {
 				options?.mutation?.onSuccess?.();
 			}),
@@ -239,7 +239,7 @@ describe('EditMemberDrawer', () => {
 		const onComplete = jest.fn();
 		const user = userEvent.setup({ pointerEventsCheck: 0 });
 
-		(useUpdateUserDeprecated as jest.Mock).mockImplementation((options) => ({
+		(useUpdateUser as jest.Mock).mockImplementation((options) => ({
 			mutate: mockUpdateMutate.mockImplementation(() => {
 				options?.mutation?.onSuccess?.();
 			}),
@@ -280,7 +280,7 @@ describe('EditMemberDrawer', () => {
 			const user = userEvent.setup({ pointerEventsCheck: 0 });
 			const mockToast = jest.mocked(toast);
 
-			(useUpdateUserDeprecated as jest.Mock).mockImplementation((options) => ({
+			(useUpdateUser as jest.Mock).mockImplementation((options) => ({
 				mutate: mockUpdateMutate.mockImplementation(() => {
 					options?.mutation?.onError?.({});
 				}),

frontend/src/container/NewWidget/LeftContainer/QuerySection/QueryBuilder/clickHouse/index.tsx

@@ -1,6 +1,8 @@
 import { PlusOutlined } from '@ant-design/icons';
 import { useQueryBuilder } from 'hooks/queryBuilder/useQueryBuilder';
+import { Info } from 'lucide-react';
 import { EQueryType } from 'types/common/dashboard';
+import DOCLINKS from 'utils/docLinks';
 
 import { QueryButton } from '../../styles';
 import ClickHouseQueryBuilder from './query';
@@ -13,6 +15,49 @@ function ClickHouseQueryContainer(): JSX.Element | null {
 
 	return (
 		<>
+			<div
+				style={{
+					display: 'flex',
+					alignItems: 'flex-start',
+					gap: 8,
+					margin: '8px 8px 16px 16px',
+					padding: '8px 12px',
+					borderRadius: 4,
+					background: 'var(--callout-primary-background)',
+					border: '1px solid var(--callout-primary-border)',
+					color: 'var(--callout-primary-description)',
+				}}
+			>
+				<Info
+					size={14}
+					style={{
+						marginTop: 2,
+						flexShrink: 0,
+						color: 'var(--callout-primary-icon)',
+					}}
+				/>
+				<span>
+					<a
+						href={DOCLINKS.QUERY_CLICKHOUSE_TRACES}
+						target="_blank"
+						rel="noreferrer"
+						style={{ color: 'var(--bg-robin-400)', textDecoration: 'underline' }}
+					>
+						Learn how to write optimized queries
+					</a>
+					{' · '}
+					If you are using LLMs,{' '}
+					<a
+						href="https://signoz.io/docs/ai/agent-skills/#installation"
+						target="_blank"
+						rel="noreferrer"
+						style={{ color: 'var(--bg-robin-400)', textDecoration: 'underline' }}
+					>
+						install SigNoz clickhouse-query agent skill
+					</a>{' '}
+					to write optimized queries
+				</span>
+			</div>
 			{currentQuery.clickhouse_sql.map((q, idx) => (
 				<ClickHouseQueryBuilder
 					key={q.name}

frontend/src/utils/docLinks.ts

@@ -8,6 +8,8 @@ const DOCLINKS = {
 		'https://signoz.io/docs/userguide/send-metrics-cloud/',
 	EXTERNAL_API_MONITORING:
 		'https://signoz.io/docs/external-api-monitoring/overview/',
+	QUERY_CLICKHOUSE_TRACES:
+		'https://signoz.io/docs/userguide/writing-clickhouse-traces-query/#timestamp-bucketing-for-distributed_signoz_index_v3',
 };
 
 export default DOCLINKS;

pkg/apiserver/signozapiserver/user.go

@@ -111,8 +111,8 @@ func (provider *provider) addUserRoutes(router *mux.Router) error {
 		return err
 	}
 
-	if err := router.Handle("/api/v1/user", handler.New(provider.authZ.AdminAccess(provider.userHandler.ListUsersDeprecated), handler.OpenAPIDef{
-		ID:                  "ListUsersDeprecated",
+	if err := router.Handle("/api/v1/user", handler.New(provider.authZ.AdminAccess(provider.userHandler.ListUsers), handler.OpenAPIDef{
+		ID:                  "ListUsers",
 		Tags:                []string{"users"},
 		Summary:             "List users",
 		Description:         "This endpoint lists all users",
@@ -128,25 +128,8 @@ func (provider *provider) addUserRoutes(router *mux.Router) error {
 		return err
 	}
 
-	if err := router.Handle("/api/v2/users", handler.New(provider.authZ.AdminAccess(provider.userHandler.ListUsers), handler.OpenAPIDef{
-		ID:                  "ListUsers",
-		Tags:                []string{"users"},
-		Summary:             "List users v2",
-		Description:         "This endpoint lists all users for the organization",
-		Request:             nil,
-		RequestContentType:  "",
-		Response:            make([]*types.User, 0),
-		ResponseContentType: "application/json",
-		SuccessStatusCode:   http.StatusOK,
-		ErrorStatusCodes:    []int{},
-		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
-	})).Methods(http.MethodGet).GetError(); err != nil {
-		return err
-	}
-
-	if err := router.Handle("/api/v1/user/me", handler.New(provider.authZ.OpenAccess(provider.userHandler.GetMyUserDeprecated), handler.OpenAPIDef{
-		ID:                  "GetMyUserDeprecated",
+	if err := router.Handle("/api/v1/user/me", handler.New(provider.authZ.OpenAccess(provider.userHandler.GetMyUser), handler.OpenAPIDef{
+		ID:                  "GetMyUser",
 		Tags:                []string{"users"},
 		Summary:             "Get my user",
 		Description:         "This endpoint returns the user I belong to",
@@ -162,42 +145,8 @@ func (provider *provider) addUserRoutes(router *mux.Router) error {
 		return err
 	}
 
-	if err := router.Handle("/api/v2/users/me", handler.New(provider.authZ.OpenAccess(provider.userHandler.GetMyUser), handler.OpenAPIDef{
-		ID:                  "GetMyUser",
-		Tags:                []string{"users"},
-		Summary:             "Get my user v2",
-		Description:         "This endpoint returns the user I belong to",
-		Request:             nil,
-		RequestContentType:  "",
-		Response:            new(authtypes.UserWithRoles),
-		ResponseContentType: "application/json",
-		SuccessStatusCode:   http.StatusOK,
-		ErrorStatusCodes:    []int{},
-		Deprecated:          false,
-		SecuritySchemes:     []handler.OpenAPISecurityScheme{{Name: authtypes.IdentNProviderTokenizer.StringValue()}},
-	})).Methods(http.MethodGet).GetError(); err != nil {
-		return err
-	}
-
-	if err := router.Handle("/api/v2/users/me", handler.New(provider.authZ.OpenAccess(provider.userHandler.UpdateMyUser), handler.OpenAPIDef{
-		ID:                  "UpdateMyUserV2",
-		Tags:                []string{"users"},
-		Summary:             "Update my user v2",
-		Description:         "This endpoint updates the user I belong to",
-		Request:             new(types.UpdatableUser),
-		RequestContentType:  "application/json",
-		Response:            nil,
-		ResponseContentType: "",
-		SuccessStatusCode:   http.StatusNoContent,
-		ErrorStatusCodes:    []int{},
-		Deprecated:          false,
-		SecuritySchemes:     []handler.OpenAPISecurityScheme{{Name: authtypes.IdentNProviderTokenizer.StringValue()}},
-	})).Methods(http.MethodPut).GetError(); err != nil {
-		return err
-	}
-
-	if err := router.Handle("/api/v1/user/{id}", handler.New(provider.authZ.SelfAccess(provider.userHandler.GetUserDeprecated), handler.OpenAPIDef{
-		ID:                  "GetUserDeprecated",
+	if err := router.Handle("/api/v1/user/{id}", handler.New(provider.authZ.SelfAccess(provider.userHandler.GetUser), handler.OpenAPIDef{
+		ID:                  "GetUser",
 		Tags:                []string{"users"},
 		Summary:             "Get user",
 		Description:         "This endpoint returns the user by id",
@@ -213,25 +162,8 @@ func (provider *provider) addUserRoutes(router *mux.Router) error {
 		return err
 	}
 
-	if err := router.Handle("/api/v2/users/{id}", handler.New(provider.authZ.AdminAccess(provider.userHandler.GetUser), handler.OpenAPIDef{
-		ID:                  "GetUser",
-		Tags:                []string{"users"},
-		Summary:             "Get user by user id",
-		Description:         "This endpoint returns the user by id",
-		Request:             nil,
-		RequestContentType:  "",
-		Response:            new(authtypes.UserWithRoles),
-		ResponseContentType: "application/json",
-		SuccessStatusCode:   http.StatusOK,
-		ErrorStatusCodes:    []int{http.StatusNotFound},
-		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
-	})).Methods(http.MethodGet).GetError(); err != nil {
-		return err
-	}
-
-	if err := router.Handle("/api/v1/user/{id}", handler.New(provider.authZ.SelfAccess(provider.userHandler.UpdateUserDeprecated), handler.OpenAPIDef{
-		ID:                  "UpdateUserDeprecated",
+	if err := router.Handle("/api/v1/user/{id}", handler.New(provider.authZ.SelfAccess(provider.userHandler.UpdateUser), handler.OpenAPIDef{
+		ID:                  "UpdateUser",
 		Tags:                []string{"users"},
 		Summary:             "Update user",
 		Description:         "This endpoint updates the user by id",
@@ -247,23 +179,6 @@ func (provider *provider) addUserRoutes(router *mux.Router) error {
 		return err
 	}
 
-	if err := router.Handle("/api/v2/users/{id}", handler.New(provider.authZ.AdminAccess(provider.userHandler.UpdateUser), handler.OpenAPIDef{
-		ID:                  "UpdateUser",
-		Tags:                []string{"users"},
-		Summary:             "Update user v2",
-		Description:         "This endpoint updates the user by id",
-		Request:             new(types.UpdatableUser),
-		RequestContentType:  "application/json",
-		Response:            nil,
-		ResponseContentType: "",
-		SuccessStatusCode:   http.StatusNoContent,
-		ErrorStatusCodes:    []int{http.StatusBadRequest, http.StatusNotFound},
-		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
-	})).Methods(http.MethodPut).GetError(); err != nil {
-		return err
-	}
-
 	if err := router.Handle("/api/v1/user/{id}", handler.New(provider.authZ.AdminAccess(provider.userHandler.DeleteUser), handler.OpenAPIDef{
 		ID:                  "DeleteUser",
 		Tags:                []string{"users"},
@@ -349,73 +264,5 @@ func (provider *provider) addUserRoutes(router *mux.Router) error {
 		return err
 	}
 
-	if err := router.Handle("/api/v2/users/{id}/roles", handler.New(provider.authZ.AdminAccess(provider.userHandler.GetRolesByUserID), handler.OpenAPIDef{
-		ID:                  "GetRolesByUserID",
-		Tags:                []string{"users"},
-		Summary:             "Get user roles",
-		Description:         "This endpoint returns the user roles by user id",
-		Request:             nil,
-		RequestContentType:  "",
-		Response:            make([]*authtypes.Role, 0),
-		ResponseContentType: "application/json",
-		SuccessStatusCode:   http.StatusOK,
-		ErrorStatusCodes:    []int{http.StatusNotFound},
-		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
-	})).Methods(http.MethodGet).GetError(); err != nil {
-		return err
-	}
-
-	if err := router.Handle("/api/v2/users/{id}/roles", handler.New(provider.authZ.AdminAccess(provider.userHandler.SetRoleByUserID), handler.OpenAPIDef{
-		ID:                  "SetRoleByUserID",
-		Tags:                []string{"users"},
-		Summary:             "Set user roles",
-		Description:         "This endpoint assigns the role to the user roles by user id",
-		Request:             new(types.PostableRole),
-		RequestContentType:  "application/json",
-		Response:            nil,
-		ResponseContentType: "",
-		SuccessStatusCode:   http.StatusOK,
-		ErrorStatusCodes:    []int{http.StatusNotFound},
-		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
-	})).Methods(http.MethodPost).GetError(); err != nil {
-		return err
-	}
-
-	if err := router.Handle("/api/v2/users/{id}/roles/{roleId}", handler.New(provider.authZ.AdminAccess(provider.userHandler.RemoveUserRoleByRoleID), handler.OpenAPIDef{
-		ID:                  "RemoveUserRoleByUserIDAndRoleID",
-		Tags:                []string{"users"},
-		Summary:             "Remove a role from user",
-		Description:         "This endpoint removes a role from the user by user id and role id",
-		Request:             nil,
-		RequestContentType:  "",
-		Response:            nil,
-		ResponseContentType: "",
-		SuccessStatusCode:   http.StatusNoContent,
-		ErrorStatusCodes:    []int{http.StatusNotFound},
-		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
-	})).Methods(http.MethodDelete).GetError(); err != nil {
-		return err
-	}
-
-	if err := router.Handle("/api/v2/roles/{id}/users", handler.New(provider.authZ.AdminAccess(provider.userHandler.GetUsersByRoleID), handler.OpenAPIDef{
-		ID:                  "GetUsersByRoleID",
-		Tags:                []string{"users"},
-		Summary:             "Get users by role id",
-		Description:         "This endpoint returns the users having the role by role id",
-		Request:             nil,
-		RequestContentType:  "",
-		Response:            make([]*types.User, 0),
-		ResponseContentType: "application/json",
-		SuccessStatusCode:   http.StatusOK,
-		ErrorStatusCodes:    []int{http.StatusNotFound},
-		Deprecated:          false,
-		SecuritySchemes:     newSecuritySchemes(types.RoleAdmin),
-	})).Methods(http.MethodGet).GetError(); err != nil {
-		return err
-	}
-
 	return nil
 }

pkg/modules/cloudintegration/cloudintegration.go

@@ -13,16 +13,16 @@ type Module interface {
 	CreateAccount(ctx context.Context, account *citypes.Account) error
 
 	// GetAccount returns cloud integration account
-	GetAccount(ctx context.Context, orgID, accountID valuer.UUID, provider citypes.CloudProviderType) (*citypes.Account, error)
+	GetAccount(ctx context.Context, orgID, accountID valuer.UUID) (*citypes.Account, error)
 
 	// ListAccounts lists accounts where agent is connected
-	ListAccounts(ctx context.Context, orgID valuer.UUID, provider citypes.CloudProviderType) ([]*citypes.Account, error)
+	ListAccounts(ctx context.Context, orgID valuer.UUID) ([]*citypes.Account, error)
 
 	// UpdateAccount updates the cloud integration account for a specific organization.
 	UpdateAccount(ctx context.Context, account *citypes.Account) error
 
 	// DisconnectAccount soft deletes/removes a cloud integration account.
-	DisconnectAccount(ctx context.Context, orgID, accountID valuer.UUID, provider citypes.CloudProviderType) error
+	DisconnectAccount(ctx context.Context, orgID, accountID valuer.UUID) error
 
 	// GetConnectionArtifact returns cloud provider specific connection information,
 	// client side handles how this information is shown
@@ -36,14 +36,11 @@ type Module interface {
 	// other details required to show in service details page on web client.
 	GetService(ctx context.Context, orgID valuer.UUID, integrationID *valuer.UUID, serviceID string) (*citypes.Service, error)
 
-	// CreateService creates a new service for a cloud integration account.
-	CreateService(ctx context.Context, orgID valuer.UUID, service *citypes.CloudIntegrationService) error
-
 	// UpdateService updates cloud integration service
 	UpdateService(ctx context.Context, orgID valuer.UUID, service *citypes.CloudIntegrationService) error
 
 	// AgentCheckIn is called by agent to heartbeat and get latest config in response.
-	AgentCheckIn(ctx context.Context, orgID valuer.UUID, provider citypes.CloudProviderType, req *citypes.AgentCheckInRequest) (*citypes.AgentCheckInResponse, error)
+	AgentCheckIn(ctx context.Context, orgID valuer.UUID, req *citypes.AgentCheckInRequest) (*citypes.AgentCheckInResponse, error)
 
 	// GetDashboardByID returns dashboard JSON for a given dashboard id.
 	// this only returns the dashboard when the service (embedded in dashboard id) is enabled
@@ -53,13 +50,6 @@ type Module interface {
 	// ListDashboards returns list of dashboards across all connected cloud integration accounts
 	// for enabled services in the org. This list gets added to dashboard list page
 	ListDashboards(ctx context.Context, orgID valuer.UUID) ([]*dashboardtypes.Dashboard, error)
-
-	// GetCloudProvider returns cloud provider specific module
-	GetCloudProvider(provider citypes.CloudProviderType) (CloudProviderModule, error)
-}
-
-type CloudProviderModule interface {
-	GetConnectionArtifact(ctx context.Context, creds *citypes.SignozCredentials, account *citypes.Account, req *citypes.ConnectionArtifactRequest) (*citypes.ConnectionArtifact, error)
 }
 
 type Handler interface {

pkg/modules/cloudintegration/implcloudintegration/handler.go

@@ -1,83 +1,20 @@
 package implcloudintegration
 
 import (
-	"context"
 	"net/http"
-	"time"
 
-	"github.com/SigNoz/signoz/pkg/http/binding"
-	"github.com/SigNoz/signoz/pkg/http/render"
 	"github.com/SigNoz/signoz/pkg/modules/cloudintegration"
-	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/cloudintegrationtypes"
-	"github.com/SigNoz/signoz/pkg/valuer"
-	"github.com/gorilla/mux"
 )
 
-type handler struct {
-	module cloudintegration.Module
+type handler struct{}
+
+func NewHandler() cloudintegration.Handler {
+	return &handler{}
 }
 
-func NewHandler(module cloudintegration.Module) cloudintegration.Handler {
-	return &handler{
-		module: module,
-	}
-}
-
-func (handler *handler) CreateAccount(rw http.ResponseWriter, r *http.Request) {
-	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
-	defer cancel()
-
-	claims, err := authtypes.ClaimsFromContext(ctx)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	providerString := mux.Vars(r)["cloud_provider"]
-	provider, err := cloudintegrationtypes.NewCloudProvider(providerString)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	postableConnectionArtifact := new(cloudintegrationtypes.PostableConnectionArtifact)
-
-	err = binding.JSON.BindBody(r.Body, postableConnectionArtifact)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	accountConfig, err := cloudintegrationtypes.NewAccountConfigFromPostableArtifact(provider, postableConnectionArtifact)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	account := cloudintegrationtypes.NewAccount(valuer.MustNewUUID(claims.OrgID), provider, accountConfig)
-	err = handler.module.CreateAccount(ctx, account)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	connectionArtifactRequest, err := cloudintegrationtypes.NewArtifactRequestFromPostableArtifact(provider, postableConnectionArtifact)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	connectionArtifact, err := handler.module.GetConnectionArtifact(ctx, account, connectionArtifactRequest)
-	if err != nil {
-		render.Error(rw, err)
-		return
-	}
-
-	render.Success(rw, http.StatusOK, cloudintegrationtypes.GettableAccountWithArtifact{
-		ID:       account.ID,
-		Artifact: connectionArtifact,
-	})
+func (handler *handler) CreateAccount(writer http.ResponseWriter, request *http.Request) {
+	// TODO implement me
+	panic("implement me")
 }
 
 func (handler *handler) ListAccounts(writer http.ResponseWriter, request *http.Request) {

pkg/modules/cloudintegration/implcloudintegration/module.go

@@ -1,73 +0,0 @@
-package implcloudintegration
-
-import (
-	"context"
-
-	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/SigNoz/signoz/pkg/modules/cloudintegration"
-	"github.com/SigNoz/signoz/pkg/types/cloudintegrationtypes"
-	"github.com/SigNoz/signoz/pkg/types/dashboardtypes"
-	"github.com/SigNoz/signoz/pkg/valuer"
-)
-
-type module struct{}
-
-func NewModule() cloudintegration.Module {
-	return &module{}
-}
-
-func (m *module) CreateAccount(ctx context.Context, account *cloudintegrationtypes.Account) error {
-	return errors.New(errors.TypeUnsupported, cloudintegrationtypes.ErrCodeUnsupported, "create account is not supported")
-}
-
-func (m *module) GetAccount(ctx context.Context, orgID valuer.UUID, accountID valuer.UUID, provider cloudintegrationtypes.CloudProviderType) (*cloudintegrationtypes.Account, error) {
-	return nil, errors.New(errors.TypeUnsupported, cloudintegrationtypes.ErrCodeUnsupported, "get account is not supported")
-}
-
-func (m *module) ListAccounts(ctx context.Context, orgID valuer.UUID, provider cloudintegrationtypes.CloudProviderType) ([]*cloudintegrationtypes.Account, error) {
-	return nil, errors.New(errors.TypeUnsupported, cloudintegrationtypes.ErrCodeUnsupported, "list accounts is not supported")
-}
-
-func (m *module) UpdateAccount(ctx context.Context, account *cloudintegrationtypes.Account) error {
-	return errors.New(errors.TypeUnsupported, cloudintegrationtypes.ErrCodeUnsupported, "update account is not supported")
-}
-
-func (m *module) DisconnectAccount(ctx context.Context, orgID valuer.UUID, accountID valuer.UUID, provider cloudintegrationtypes.CloudProviderType) error {
-	return errors.New(errors.TypeUnsupported, cloudintegrationtypes.ErrCodeUnsupported, "disconnect account is not supported")
-}
-
-func (m *module) CreateService(ctx context.Context, orgID valuer.UUID, service *cloudintegrationtypes.CloudIntegrationService) error {
-	return errors.New(errors.TypeUnsupported, cloudintegrationtypes.ErrCodeUnsupported, "create service is not supported")
-}
-
-func (m *module) GetService(ctx context.Context, orgID valuer.UUID, integrationID *valuer.UUID, serviceID string) (*cloudintegrationtypes.Service, error) {
-	return nil, errors.New(errors.TypeUnsupported, cloudintegrationtypes.ErrCodeUnsupported, "get service is not supported")
-}
-
-func (m *module) ListServicesMetadata(ctx context.Context, orgID valuer.UUID, integrationID *valuer.UUID) ([]*cloudintegrationtypes.ServiceMetadata, error) {
-	return nil, errors.New(errors.TypeUnsupported, cloudintegrationtypes.ErrCodeUnsupported, "list services metadata is not supported")
-}
-
-func (m *module) UpdateService(ctx context.Context, orgID valuer.UUID, service *cloudintegrationtypes.CloudIntegrationService) error {
-	return errors.New(errors.TypeUnsupported, cloudintegrationtypes.ErrCodeUnsupported, "update service is not supported")
-}
-
-func (m *module) GetConnectionArtifact(ctx context.Context, account *cloudintegrationtypes.Account, req *cloudintegrationtypes.ConnectionArtifactRequest) (*cloudintegrationtypes.ConnectionArtifact, error) {
-	return nil, errors.New(errors.TypeUnsupported, cloudintegrationtypes.ErrCodeUnsupported, "get connection artifact is not supported")
-}
-
-func (m *module) AgentCheckIn(ctx context.Context, orgID valuer.UUID, provider cloudintegrationtypes.CloudProviderType, req *cloudintegrationtypes.AgentCheckInRequest) (*cloudintegrationtypes.AgentCheckInResponse, error) {
-	return nil, errors.New(errors.TypeUnsupported, cloudintegrationtypes.ErrCodeUnsupported, "agent check-in is not supported")
-}
-
-func (m *module) GetDashboardByID(ctx context.Context, orgID valuer.UUID, id string) (*dashboardtypes.Dashboard, error) {
-	return nil, errors.New(errors.TypeUnsupported, cloudintegrationtypes.ErrCodeUnsupported, "get dashboard by ID is not supported")
-}
-
-func (m *module) ListDashboards(ctx context.Context, orgID valuer.UUID) ([]*dashboardtypes.Dashboard, error) {
-	return nil, errors.New(errors.TypeUnsupported, cloudintegrationtypes.ErrCodeUnsupported, "list dashboards is not supported")
-}
-
-func (m *module) GetCloudProvider(provider cloudintegrationtypes.CloudProviderType) (cloudintegration.CloudProviderModule, error) {
-	panic("unimplemented")
-}

pkg/modules/cloudintegration/implcloudintegration/store.go

@@ -172,9 +172,3 @@ func (store *store) UpdateService(ctx context.Context, service *cloudintegration
 		Exec(ctx)
 	return err
 }
-
-func (store *store) RunInTx(ctx context.Context, cb func(ctx context.Context) error) error {
-	return store.store.RunInTxCtx(ctx, nil, func(ctx context.Context) error {
-		return cb(ctx)
-	})
-}

pkg/modules/session/implsession/module.go

@@ -160,7 +160,7 @@ func (module *module) CreateCallbackAuthNSession(ctx context.Context, authNProvi
 		return "", errors.WithAdditionalf(err, "root user can only authenticate via password")
 	}
 
-	userRoles, err := module.userGetter.GetRolesByUserID(ctx, newUser.ID)
+	userRoles, err := module.userGetter.GetUserRoles(ctx, newUser.ID)
 	if err != nil {
 		return "", err
 	}

pkg/modules/user/impluser/getter.go

@@ -37,7 +37,7 @@ func (module *getter) GetRootUserByOrgID(ctx context.Context, orgID valuer.UUID)
 	return rootUser, userRoles, nil
 }
 
-func (module *getter) ListDeprecatedUsersByOrgID(ctx context.Context, orgID valuer.UUID) ([]*types.DeprecatedUser, error) {
+func (module *getter) ListByOrgID(ctx context.Context, orgID valuer.UUID) ([]*types.DeprecatedUser, error) {
 	users, err := module.store.ListUsersByOrgID(ctx, orgID)
 	if err != nil {
 		return nil, err
@@ -84,30 +84,13 @@ func (module *getter) ListDeprecatedUsersByOrgID(ctx context.Context, orgID valu
 	return deprecatedUsers, nil
 }
 
-func (module *getter) ListUsersByOrgID(ctx context.Context, orgID valuer.UUID) ([]*types.User, error) {
-	users, err := module.store.ListUsersByOrgID(ctx, orgID)
-	if err != nil {
-		return nil, err
-	}
-
-	// filter root users if feature flag `hide_root_users` is true
-	evalCtx := featuretypes.NewFlaggerEvaluationContext(orgID)
-	hideRootUsers := module.flagger.BooleanOrEmpty(ctx, flagger.FeatureHideRootUser, evalCtx)
-
-	if hideRootUsers {
-		users = slices.DeleteFunc(users, func(user *types.User) bool { return user.IsRoot })
-	}
-
-	return users, nil
-}
-
 func (module *getter) GetDeprecatedUserByOrgIDAndID(ctx context.Context, orgID valuer.UUID, id valuer.UUID) (*types.DeprecatedUser, error) {
 	user, err := module.store.GetByOrgIDAndID(ctx, orgID, id)
 	if err != nil {
 		return nil, err
 	}
 
-	userRoles, err := module.GetRolesByUserID(ctx, id)
+	userRoles, err := module.GetUserRoles(ctx, id)
 	if err != nil {
 		return nil, err
 	}
@@ -116,26 +99,18 @@ func (module *getter) GetDeprecatedUserByOrgIDAndID(ctx context.Context, orgID v
 		return nil, errors.New(errors.TypeUnexpected, authtypes.ErrCodeUserRolesNotFound, "no user roles entries found")
 	}
 
-	if userRoles[0].Role == nil {
-		return nil, errors.New(errors.TypeUnexpected, authtypes.ErrCodeRoleNotFound, "role not found for user role entry")
-	}
-
 	role := authtypes.SigNozManagedRoleToExistingLegacyRole[userRoles[0].Role.Name]
 
 	return types.NewDeprecatedUserFromUserAndRole(user, role), nil
 }
 
-func (module *getter) GetUserByOrgIDAndID(ctx context.Context, orgID valuer.UUID, userID valuer.UUID) (*types.User, error) {
-	return module.store.GetByOrgIDAndID(ctx, orgID, userID)
-}
-
 func (module *getter) Get(ctx context.Context, id valuer.UUID) (*types.DeprecatedUser, error) {
 	user, err := module.store.GetUser(ctx, id)
 	if err != nil {
 		return nil, err
 	}
 
-	userRoles, err := module.GetRolesByUserID(ctx, id)
+	userRoles, err := module.GetUserRoles(ctx, id)
 	if err != nil {
 		return nil, err
 	}
@@ -144,10 +119,6 @@ func (module *getter) Get(ctx context.Context, id valuer.UUID) (*types.Deprecate
 		return nil, errors.New(errors.TypeUnexpected, authtypes.ErrCodeUserRolesNotFound, "no user roles entries found")
 	}
 
-	if userRoles[0].Role == nil {
-		return nil, errors.New(errors.TypeUnexpected, authtypes.ErrCodeRoleNotFound, "role not found for user role entry")
-	}
-
 	role := authtypes.SigNozManagedRoleToExistingLegacyRole[userRoles[0].Role.Name]
 
 	return types.NewDeprecatedUserFromUserAndRole(user, role), nil
@@ -203,21 +174,11 @@ func (module *getter) GetNonDeletedUserByEmailAndOrgID(ctx context.Context, emai
 
 }
 
-func (module *getter) GetRolesByUserID(ctx context.Context, userID valuer.UUID) ([]*authtypes.UserRole, error) {
+func (module *getter) GetUserRoles(ctx context.Context, userID valuer.UUID) ([]*authtypes.UserRole, error) {
 	userRoles, err := module.userRoleStore.GetUserRolesByUserID(ctx, userID)
 	if err != nil {
 		return nil, err
 	}
 
-	for _, ur := range userRoles {
-		if ur.Role == nil {
-			return nil, errors.New(errors.TypeUnexpected, authtypes.ErrCodeRoleNotFound, "role not found for user role entry")
-		}
-	}
-
 	return userRoles, nil
 }
-
-func (module *getter) GetUsersByOrgIDAndRoleID(ctx context.Context, orgID valuer.UUID, roleID valuer.UUID) ([]*types.User, error) {
-	return module.store.GetUsersByOrgIDAndRoleID(ctx, orgID, roleID)
-}

pkg/modules/user/impluser/handler.go

@@ -85,7 +85,7 @@ func (h *handler) CreateBulkInvite(rw http.ResponseWriter, r *http.Request) {
 	render.Success(rw, http.StatusCreated, nil)
 }
 
-func (h *handler) GetUserDeprecated(w http.ResponseWriter, r *http.Request) {
+func (h *handler) GetUser(w http.ResponseWriter, r *http.Request) {
 	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
 	defer cancel()
 
@@ -106,39 +106,7 @@ func (h *handler) GetUserDeprecated(w http.ResponseWriter, r *http.Request) {
 	render.Success(w, http.StatusOK, user)
 }
 
-func (h *handler) GetUser(w http.ResponseWriter, r *http.Request) {
-	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
-	defer cancel()
-
-	userID := mux.Vars(r)["id"]
-
-	claims, err := authtypes.ClaimsFromContext(ctx)
-	if err != nil {
-		render.Error(w, err)
-		return
-	}
-
-	user, err := h.getter.GetUserByOrgIDAndID(ctx, valuer.MustNewUUID(claims.OrgID), valuer.MustNewUUID(userID))
-	if err != nil {
-		render.Error(w, err)
-		return
-	}
-
-	userRoles, err := h.getter.GetRolesByUserID(ctx, user.ID)
-	if err != nil {
-		render.Error(w, err)
-		return
-	}
-
-	userWithRoles := &authtypes.UserWithRoles{
-		User:      user,
-		UserRoles: userRoles,
-	}
-
-	render.Success(w, http.StatusOK, userWithRoles)
-}
-
-func (h *handler) GetMyUserDeprecated(w http.ResponseWriter, r *http.Request) {
+func (h *handler) GetMyUser(w http.ResponseWriter, r *http.Request) {
 	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
 	defer cancel()
 
@@ -157,80 +125,6 @@ func (h *handler) GetMyUserDeprecated(w http.ResponseWriter, r *http.Request) {
 	render.Success(w, http.StatusOK, user)
 }
 
-func (h *handler) GetMyUser(w http.ResponseWriter, r *http.Request) {
-	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
-	defer cancel()
-
-	claims, err := authtypes.ClaimsFromContext(ctx)
-	if err != nil {
-		render.Error(w, err)
-		return
-	}
-
-	user, err := h.getter.GetUserByOrgIDAndID(ctx, valuer.MustNewUUID(claims.OrgID), valuer.MustNewUUID(claims.UserID))
-	if err != nil {
-		render.Error(w, err)
-		return
-	}
-
-	userRoles, err := h.getter.GetRolesByUserID(ctx, user.ID)
-	if err != nil {
-		render.Error(w, err)
-		return
-	}
-
-	userWithRoles := &authtypes.UserWithRoles{
-		User:      user,
-		UserRoles: userRoles,
-	}
-
-	render.Success(w, http.StatusOK, userWithRoles)
-}
-
-func (h *handler) UpdateMyUser(w http.ResponseWriter, r *http.Request) {
-	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
-	defer cancel()
-
-	claims, err := authtypes.ClaimsFromContext(ctx)
-	if err != nil {
-		render.Error(w, err)
-		return
-	}
-
-	updatableUser := new(types.UpdatableUser)
-	if err := json.NewDecoder(r.Body).Decode(&updatableUser); err != nil {
-		render.Error(w, err)
-		return
-	}
-
-	_, err = h.setter.UpdateUser(ctx, valuer.MustNewUUID(claims.OrgID), valuer.MustNewUUID(claims.UserID), updatableUser)
-	if err != nil {
-		render.Error(w, err)
-		return
-	}
-
-	render.Success(w, http.StatusNoContent, nil)
-}
-
-func (h *handler) ListUsersDeprecated(w http.ResponseWriter, r *http.Request) {
-	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
-	defer cancel()
-
-	claims, err := authtypes.ClaimsFromContext(ctx)
-	if err != nil {
-		render.Error(w, err)
-		return
-	}
-
-	users, err := h.getter.ListDeprecatedUsersByOrgID(ctx, valuer.MustNewUUID(claims.OrgID))
-	if err != nil {
-		render.Error(w, err)
-		return
-	}
-
-	render.Success(w, http.StatusOK, users)
-}
-
 func (h *handler) ListUsers(w http.ResponseWriter, r *http.Request) {
 	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
 	defer cancel()
@@ -241,7 +135,7 @@ func (h *handler) ListUsers(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	users, err := h.getter.ListUsersByOrgID(ctx, valuer.MustNewUUID(claims.OrgID))
+	users, err := h.getter.ListByOrgID(ctx, valuer.MustNewUUID(claims.OrgID))
 	if err != nil {
 		render.Error(w, err)
 		return
@@ -250,7 +144,7 @@ func (h *handler) ListUsers(w http.ResponseWriter, r *http.Request) {
 	render.Success(w, http.StatusOK, users)
 }
 
-func (h *handler) UpdateUserDeprecated(w http.ResponseWriter, r *http.Request) {
+func (h *handler) UpdateUser(w http.ResponseWriter, r *http.Request) {
 	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
 	defer cancel()
 
@@ -268,7 +162,7 @@ func (h *handler) UpdateUserDeprecated(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	updatedUser, err := h.setter.UpdateUserDeprecated(ctx, valuer.MustNewUUID(claims.OrgID), id, &user, claims.UserID)
+	updatedUser, err := h.setter.UpdateUser(ctx, valuer.MustNewUUID(claims.OrgID), id, &user, claims.UserID)
 	if err != nil {
 		render.Error(w, err)
 		return
@@ -277,38 +171,6 @@ func (h *handler) UpdateUserDeprecated(w http.ResponseWriter, r *http.Request) {
 	render.Success(w, http.StatusOK, updatedUser)
 }
 
-func (h *handler) UpdateUser(w http.ResponseWriter, r *http.Request) {
-	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
-	defer cancel()
-
-	userID := mux.Vars(r)["id"]
-
-	claims, err := authtypes.ClaimsFromContext(ctx)
-	if err != nil {
-		render.Error(w, err)
-		return
-	}
-
-	if userID == claims.UserID {
-		render.Error(w, errors.New(errors.TypeInvalidInput, errors.CodeInvalidInput, "users cannot call this api on self"))
-		return
-	}
-
-	updatableUser := new(types.UpdatableUser)
-	if err := json.NewDecoder(r.Body).Decode(&updatableUser); err != nil {
-		render.Error(w, err)
-		return
-	}
-
-	_, err = h.setter.UpdateUser(ctx, valuer.MustNewUUID(claims.OrgID), valuer.MustNewUUID(userID), updatableUser)
-	if err != nil {
-		render.Error(w, err)
-		return
-	}
-
-	render.Success(w, http.StatusNoContent, nil)
-}
-
 func (h *handler) DeleteUser(w http.ResponseWriter, r *http.Request) {
 	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
 	defer cancel()
@@ -581,118 +443,3 @@ func (h *handler) RevokeAPIKey(w http.ResponseWriter, r *http.Request) {
 
 	render.Success(w, http.StatusNoContent, nil)
 }
-
-func (h *handler) GetRolesByUserID(w http.ResponseWriter, r *http.Request) {
-	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
-	defer cancel()
-
-	userID := mux.Vars(r)["id"]
-
-	claims, err := authtypes.ClaimsFromContext(ctx)
-	if err != nil {
-		render.Error(w, err)
-		return
-	}
-
-	user, err := h.getter.GetUserByOrgIDAndID(ctx, valuer.MustNewUUID(claims.OrgID), valuer.MustNewUUID(userID))
-	if err != nil {
-		render.Error(w, err)
-		return
-	}
-
-	userRoles, err := h.getter.GetRolesByUserID(ctx, user.ID)
-	if err != nil {
-		render.Error(w, err)
-		return
-	}
-
-	roles := make([]*authtypes.Role, len(userRoles))
-	for idx, userRole := range userRoles {
-		roles[idx] = authtypes.NewRoleFromStorableRole(userRole.Role)
-	}
-
-	render.Success(w, http.StatusOK, roles)
-}
-
-func (h *handler) SetRoleByUserID(w http.ResponseWriter, r *http.Request) {
-	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
-	defer cancel()
-
-	userID := mux.Vars(r)["id"]
-
-	claims, err := authtypes.ClaimsFromContext(ctx)
-	if err != nil {
-		render.Error(w, err)
-		return
-	}
-
-	if userID == claims.UserID {
-		render.Error(w, errors.New(errors.TypeInvalidInput, errors.CodeInvalidInput, "users cannot call this api on self"))
-		return
-	}
-
-	postableRole := new(types.PostableRole)
-	if err := json.NewDecoder(r.Body).Decode(postableRole); err != nil {
-		render.Error(w, err)
-		return
-	}
-
-	if postableRole.Name == "" {
-		render.Error(w, errors.New(errors.TypeInvalidInput, errors.CodeInvalidInput, "role name is required"))
-		return
-	}
-
-	if err := h.setter.AddUserRole(ctx, valuer.MustNewUUID(claims.OrgID), valuer.MustNewUUID(userID), postableRole.Name); err != nil {
-		render.Error(w, err)
-		return
-	}
-
-	render.Success(w, http.StatusOK, nil)
-}
-
-func (h *handler) RemoveUserRoleByRoleID(w http.ResponseWriter, r *http.Request) {
-	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
-	defer cancel()
-
-	userID := mux.Vars(r)["id"]
-	roleID := mux.Vars(r)["roleId"]
-
-	claims, err := authtypes.ClaimsFromContext(ctx)
-	if err != nil {
-		render.Error(w, err)
-		return
-	}
-
-	if userID == claims.UserID {
-		render.Error(w, errors.New(errors.TypeInvalidInput, errors.CodeInvalidInput, "users cannot call this api on self"))
-		return
-	}
-
-	if err := h.setter.RemoveUserRole(ctx, valuer.MustNewUUID(claims.OrgID), valuer.MustNewUUID(userID), valuer.MustNewUUID(roleID)); err != nil {
-		render.Error(w, err)
-		return
-	}
-
-	render.Success(w, http.StatusNoContent, nil)
-}
-
-func (h *handler) GetUsersByRoleID(w http.ResponseWriter, r *http.Request) {
-	ctx, cancel := context.WithTimeout(r.Context(), 10*time.Second)
-	defer cancel()
-
-	roleID := mux.Vars(r)["id"]
-
-	claims, err := authtypes.ClaimsFromContext(ctx)
-	if err != nil {
-		render.Error(w, err)
-		return
-	}
-
-	users, err := h.getter.GetUsersByOrgIDAndRoleID(ctx, valuer.MustNewUUID(claims.OrgID), valuer.MustNewUUID(roleID))
-	if err != nil {
-		render.Error(w, err)
-		return
-	}
-
-	render.Success(w, http.StatusOK, users)
-}

pkg/modules/user/impluser/service.go

@@ -133,7 +133,7 @@ func (s *service) createOrPromoteRootUser(ctx context.Context, orgID valuer.UUID
 	}
 
 	if existingUser != nil {
-		userRoles, err := s.getter.GetRolesByUserID(ctx, existingUser.ID)
+		userRoles, err := s.getter.GetUserRoles(ctx, existingUser.ID)
 		if err != nil {
 			return err
 		}
@@ -156,7 +156,9 @@ func (s *service) createOrPromoteRootUser(ctx context.Context, orgID valuer.UUID
 		existingUser.PromoteToRoot()
 
 		err = s.store.RunInTx(ctx, func(ctx context.Context) error {
-			if err := s.setter.UpdateAnyUser(ctx, orgID, existingUser); err != nil {
+			// update users table
+			deprecatedUser := types.NewDeprecatedUserFromUserAndRole(existingUser, types.RoleAdmin)
+			if err := s.setter.UpdateAnyUser(ctx, orgID, deprecatedUser); err != nil {
 				return err
 			}
 
@@ -199,7 +201,8 @@ func (s *service) updateExistingRootUser(ctx context.Context, orgID valuer.UUID,
 
 	if existingRoot.Email != s.config.Email {
 		existingRoot.UpdateEmail(s.config.Email)
-		if err := s.setter.UpdateAnyUser(ctx, orgID, existingRoot); err != nil {
+		deprecatedUser := types.NewDeprecatedUserFromUserAndRole(existingRoot, types.RoleAdmin)
+		if err := s.setter.UpdateAnyUser(ctx, orgID, deprecatedUser); err != nil {
 			return err
 		}
 	}

pkg/modules/user/impluser/setter.go

@@ -220,7 +220,7 @@ func (module *setter) CreateUser(ctx context.Context, user *types.User, opts ...
 	return nil
 }
 
-func (module *setter) UpdateUserDeprecated(ctx context.Context, orgID valuer.UUID, id string, user *types.DeprecatedUser, updatedBy string) (*types.DeprecatedUser, error) {
+func (module *setter) UpdateUser(ctx context.Context, orgID valuer.UUID, id string, user *types.DeprecatedUser, updatedBy string) (*types.DeprecatedUser, error) {
 	existingUser, err := module.getter.GetDeprecatedUserByOrgIDAndID(ctx, orgID, valuer.MustNewUUID(id))
 	if err != nil {
 		return nil, err
@@ -265,7 +265,7 @@ func (module *setter) UpdateUserDeprecated(ctx context.Context, orgID valuer.UUI
 	existingUser.Update(user.DisplayName, user.Role)
 
 	// update the user - idempotent (this does analytics too so keeping it outside txn)
-	if err := module.UpdateAnyUserDeprecated(ctx, orgID, existingUser); err != nil {
+	if err := module.UpdateAnyUser(ctx, orgID, existingUser); err != nil {
 		return nil, err
 	}
 
@@ -291,46 +291,7 @@ func (module *setter) UpdateUserDeprecated(ctx context.Context, orgID valuer.UUI
 	return existingUser, nil
 }
 
-func (module *setter) UpdateUser(ctx context.Context, orgID valuer.UUID, userID valuer.UUID, updatable *types.UpdatableUser) (*types.User, error) {
-	existingUser, err := module.getter.GetUserByOrgIDAndID(ctx, orgID, userID)
-	if err != nil {
-		return nil, err
-	}
-
-	if err := existingUser.ErrIfRoot(); err != nil {
-		return nil, errors.WithAdditionalf(err, "cannot update root user")
-	}
-
-	if err := existingUser.ErrIfDeleted(); err != nil {
-		return nil, errors.WithAdditionalf(err, "cannot update deleted user")
-	}
-
-	existingUser.Update(updatable.DisplayName)
-	if err := module.UpdateAnyUser(ctx, orgID, existingUser); err != nil {
-		return nil, err
-	}
-
-	return existingUser, nil
-}
-
-func (module *setter) UpdateAnyUser(ctx context.Context, orgID valuer.UUID, user *types.User) error {
-	if err := module.store.UpdateUser(ctx, orgID, user); err != nil {
-		return err
-	}
-
-	if err := module.tokenizer.DeleteIdentity(ctx, user.ID); err != nil {
-		return err
-	}
-
-	// stats collector things
-	traits := types.NewTraitsFromUser(user)
-	module.analytics.IdentifyUser(ctx, user.OrgID.String(), user.ID.String(), traits)
-	module.analytics.TrackUser(ctx, user.OrgID.String(), user.ID.String(), "User Updated", traits)
-
-	return nil
-}
-
-func (module *setter) UpdateAnyUserDeprecated(ctx context.Context, orgID valuer.UUID, deprecateUser *types.DeprecatedUser) error {
+func (module *setter) UpdateAnyUser(ctx context.Context, orgID valuer.UUID, deprecateUser *types.DeprecatedUser) error {
 	user := types.NewUserFromDeprecatedUser(deprecateUser)
 	if err := module.store.UpdateUser(ctx, orgID, user); err != nil {
 		return err
@@ -374,7 +335,7 @@ func (module *setter) DeleteUser(ctx context.Context, orgID valuer.UUID, id stri
 		return errors.New(errors.TypeForbidden, errors.CodeForbidden, "cannot self delete")
 	}
 
-	userRoles, err := module.getter.GetRolesByUserID(ctx, user.ID)
+	userRoles, err := module.getter.GetUserRoles(ctx, user.ID)
 	if err != nil {
 		return err
 	}
@@ -552,7 +513,7 @@ func (module *setter) UpdatePasswordByResetPasswordToken(ctx context.Context, to
 		return err
 	}
 
-	userRoles, err := module.getter.GetRolesByUserID(ctx, user.ID)
+	userRoles, err := module.getter.GetUserRoles(ctx, user.ID)
 	if err != nil {
 		return err
 	}
@@ -840,121 +801,16 @@ func (module *setter) activatePendingUser(ctx context.Context, user *types.User,
 
 func (module *setter) UpdateUserRoles(ctx context.Context, orgID, userID valuer.UUID, finalRoleNames []string) error {
 	return module.store.RunInTx(ctx, func(ctx context.Context) error {
-		// delete old user_role entries
+		// delete old user_role entries and create new ones from SSO
 		if err := module.userRoleStore.DeleteUserRoles(ctx, userID); err != nil {
 			return err
 		}
 
-		// create fresh ones only if there are roles to assign
-		if len(finalRoleNames) > 0 {
-			return module.createUserRoleEntries(ctx, orgID, userID, finalRoleNames)
-		}
-
-		return nil
+		// create fresh ones
+		return module.createUserRoleEntries(ctx, orgID, userID, finalRoleNames)
 	})
 }
 
-func (module *setter) AddUserRole(ctx context.Context, orgID, userID valuer.UUID, roleName string) error {
-	existingUser, err := module.getter.GetUserByOrgIDAndID(ctx, orgID, userID)
-	if err != nil {
-		return err
-	}
-
-	if err := existingUser.ErrIfRoot(); err != nil {
-		return errors.WithAdditionalf(err, "cannot add role for root user")
-	}
-
-	if err := existingUser.ErrIfDeleted(); err != nil {
-		return errors.WithAdditionalf(err, "cannot add role for deleted user")
-	}
-
-	// validate that the role name exists
-	foundRoles, err := module.authz.ListByOrgIDAndNames(ctx, orgID, []string{roleName})
-	if err != nil {
-		return err
-	}
-	if len(foundRoles) != 1 {
-		return errors.NewInvalidInputf(errors.CodeInvalidInput, "role name not found: %s", roleName)
-	}
-
-	// check if user already has this role
-	existingUserRoles, err := module.getter.GetRolesByUserID(ctx, existingUser.ID)
-	if err != nil {
-		return err
-	}
-	for _, userRole := range existingUserRoles {
-		if userRole.Role != nil && userRole.Role.Name == roleName {
-			return nil // role already assigned no-op
-		}
-	}
-
-	// grant via authz (idempotent)
-	if err := module.authz.Grant(
-		ctx,
-		orgID,
-		[]string{roleName},
-		authtypes.MustNewSubject(authtypes.TypeableUser, existingUser.ID.StringValue(), existingUser.OrgID, nil),
-	); err != nil {
-		return err
-	}
-
-	// create user_role entry
-	userRoles := authtypes.NewUserRoles(userID, foundRoles)
-	if err := module.userRoleStore.CreateUserRoles(ctx, userRoles); err != nil {
-		return err
-	}
-
-	return module.tokenizer.DeleteIdentity(ctx, userID)
-}
-
-func (module *setter) RemoveUserRole(ctx context.Context, orgID, userID valuer.UUID, roleID valuer.UUID) error {
-	existingUser, err := module.getter.GetUserByOrgIDAndID(ctx, orgID, userID)
-	if err != nil {
-		return err
-	}
-
-	if err := existingUser.ErrIfRoot(); err != nil {
-		return errors.WithAdditionalf(err, "cannot remove role for root user")
-	}
-
-	if err := existingUser.ErrIfDeleted(); err != nil {
-		return errors.WithAdditionalf(err, "cannot remove role for deleted user")
-	}
-
-	// resolve role name for authz revoke
-	existingUserRoles, err := module.getter.GetRolesByUserID(ctx, existingUser.ID)
-	if err != nil {
-		return err
-	}
-
-	var roleName string
-	for _, ur := range existingUserRoles {
-		if ur.Role != nil && ur.RoleID == roleID {
-			roleName = ur.Role.Name
-			break
-		}
-	}
-	if roleName == "" {
-		return errors.Newf(errors.TypeNotFound, authtypes.ErrCodeUserRolesNotFound, "role %s not found for user %s", roleID, userID)
-	}
-
-	// revoke authz grant
-	if err := module.authz.Revoke(
-		ctx,
-		orgID,
-		[]string{roleName},
-		authtypes.MustNewSubject(authtypes.TypeableUser, existingUser.ID.StringValue(), existingUser.OrgID, nil),
-	); err != nil {
-		return err
-	}
-
-	if err := module.userRoleStore.DeleteUserRoleByUserIDAndRoleID(ctx, userID, roleID); err != nil {
-		return err
-	}
-
-	return module.tokenizer.DeleteIdentity(ctx, userID)
-}
-
 func roleNamesFromUserRoles(userRoles []*authtypes.UserRole) []string {
 	names := make([]string, 0, len(userRoles))
 	for _, ur := range userRoles {

pkg/modules/user/impluser/store.go

@@ -667,22 +667,3 @@ func (store *store) GetUsersByEmailsOrgIDAndStatuses(ctx context.Context, orgID
 
 	return users, nil
 }
-
-func (store *store) GetUsersByOrgIDAndRoleID(ctx context.Context, orgID valuer.UUID, roleID valuer.UUID) ([]*types.User, error) {
-	users := []*types.User{}
-
-	err := store.
-		sqlstore.
-		BunDBCtx(ctx).
-		NewSelect().
-		Model(&users).
-		Join(`JOIN user_role ON user_role.user_id = "users".id`).
-		Where(`"users".org_id = ?`, orgID).
-		Where("user_role.role_id = ?", roleID).
-		Scan(ctx)
-	if err != nil {
-		return nil, err
-	}
-
-	return users, nil
-}

pkg/modules/user/impluser/user_role_store.go

@@ -65,21 +65,6 @@ func (store *userRoleStore) DeleteUserRoles(ctx context.Context, userID valuer.U
 	return nil
 }
 
-func (store *userRoleStore) DeleteUserRoleByUserIDAndRoleID(ctx context.Context, userID valuer.UUID, roleID valuer.UUID) error {
-	_, err := store.sqlstore.
-		BunDBCtx(ctx).
-		NewDelete().
-		Model(new(authtypes.UserRole)).
-		Where("user_id = ?", userID).
-		Where("role_id = ?", roleID).
-		Exec(ctx)
-	if err != nil {
-		return err
-	}
-
-	return nil
-}
-
 func (store *userRoleStore) GetUserRolesByUserID(ctx context.Context, userID valuer.UUID) ([]*authtypes.UserRole, error) {
 	userRoles := make([]*authtypes.UserRole, 0)
 

pkg/modules/user/user.go

@@ -34,12 +34,10 @@ type Setter interface {
 	// Initiate forgot password flow for a user
 	ForgotPassword(ctx context.Context, orgID valuer.UUID, email valuer.Email, frontendBaseURL string) error
 
-	UpdateUserDeprecated(ctx context.Context, orgID valuer.UUID, id string, user *types.DeprecatedUser, updatedBy string) (*types.DeprecatedUser, error)
-	UpdateUser(ctx context.Context, orgID valuer.UUID, userID valuer.UUID, updatable *types.UpdatableUser) (*types.User, error)
+	UpdateUser(ctx context.Context, orgID valuer.UUID, id string, user *types.DeprecatedUser, updatedBy string) (*types.DeprecatedUser, error)
 
 	// UpdateAnyUser updates a user and persists the changes to the database along with the analytics and identity deletion.
-	UpdateAnyUserDeprecated(ctx context.Context, orgID valuer.UUID, deprecateUser *types.DeprecatedUser) error
-	UpdateAnyUser(ctx context.Context, orgID valuer.UUID, user *types.User) error
+	UpdateAnyUser(ctx context.Context, orgID valuer.UUID, user *types.DeprecatedUser) error
 	DeleteUser(ctx context.Context, orgID valuer.UUID, id string, deletedBy string) error
 
 	// invite
@@ -54,8 +52,6 @@ type Setter interface {
 
 	// Roles
 	UpdateUserRoles(ctx context.Context, orgID, userID valuer.UUID, finalRoleNames []string) error
-	AddUserRole(ctx context.Context, orgID, userID valuer.UUID, roleName string) error
-	RemoveUserRole(ctx context.Context, orgID, userID valuer.UUID, roleID valuer.UUID) error
 
 	statsreporter.StatsCollector
 }
@@ -64,13 +60,11 @@ type Getter interface {
 	// Get root user by org id.
 	GetRootUserByOrgID(context.Context, valuer.UUID) (*types.User, []*authtypes.UserRole, error)
 
-	// Get gets the users based on the given org id
-	ListDeprecatedUsersByOrgID(context.Context, valuer.UUID) ([]*types.DeprecatedUser, error)
-	ListUsersByOrgID(ctx context.Context, orgID valuer.UUID) ([]*types.User, error)
+	// Get gets the users based on the given id
+	ListByOrgID(context.Context, valuer.UUID) ([]*types.DeprecatedUser, error)
 
 	// Get deprecated user object by orgID and id.
 	GetDeprecatedUserByOrgIDAndID(context.Context, valuer.UUID, valuer.UUID) (*types.DeprecatedUser, error)
-	GetUserByOrgIDAndID(ctx context.Context, orgID valuer.UUID, userID valuer.UUID) (*types.User, error)
 
 	// Get user by id.
 	Get(context.Context, valuer.UUID) (*types.DeprecatedUser, error)
@@ -91,10 +85,7 @@ type Getter interface {
 	GetNonDeletedUserByEmailAndOrgID(ctx context.Context, email valuer.Email, orgID valuer.UUID) (*types.User, error)
 
 	// Gets user_role with roles entries from db
-	GetRolesByUserID(ctx context.Context, userID valuer.UUID) ([]*authtypes.UserRole, error)
-
-	// Gets all the user with role using role id in an org id
-	GetUsersByOrgIDAndRoleID(ctx context.Context, orgID valuer.UUID, roleID valuer.UUID) ([]*types.User, error)
+	GetUserRoles(ctx context.Context, userID valuer.UUID) ([]*authtypes.UserRole, error)
 }
 
 type Handler interface {
@@ -102,21 +93,11 @@ type Handler interface {
 	CreateInvite(http.ResponseWriter, *http.Request)
 	CreateBulkInvite(http.ResponseWriter, *http.Request)
 
-	// users
-	ListUsersDeprecated(http.ResponseWriter, *http.Request)
 	ListUsers(http.ResponseWriter, *http.Request)
-	UpdateUserDeprecated(http.ResponseWriter, *http.Request)
 	UpdateUser(http.ResponseWriter, *http.Request)
 	DeleteUser(http.ResponseWriter, *http.Request)
-	GetUserDeprecated(http.ResponseWriter, *http.Request)
 	GetUser(http.ResponseWriter, *http.Request)
-	GetMyUserDeprecated(http.ResponseWriter, *http.Request)
 	GetMyUser(http.ResponseWriter, *http.Request)
-	UpdateMyUser(http.ResponseWriter, *http.Request)
-	GetRolesByUserID(http.ResponseWriter, *http.Request)
-	SetRoleByUserID(http.ResponseWriter, *http.Request)
-	RemoveUserRoleByRoleID(http.ResponseWriter, *http.Request)
-	GetUsersByRoleID(http.ResponseWriter, *http.Request)
 
 	// Reset Password
 	GetResetPasswordToken(http.ResponseWriter, *http.Request)

pkg/signoz/handler.go

@@ -94,6 +94,6 @@ func NewHandlers(
 		QuerierHandler:          querierHandler,
 		ServiceAccountHandler:   implserviceaccount.NewHandler(modules.ServiceAccount),
 		RegistryHandler:         registryHandler,
-		CloudIntegrationHandler: implcloudintegration.NewHandler(modules.CloudIntegration),
+		CloudIntegrationHandler: implcloudintegration.NewHandler(),
 	}
 }

pkg/signoz/module.go

@@ -12,7 +12,6 @@ import (
 	"github.com/SigNoz/signoz/pkg/modules/apdex/implapdex"
 	"github.com/SigNoz/signoz/pkg/modules/authdomain"
 	"github.com/SigNoz/signoz/pkg/modules/authdomain/implauthdomain"
-	"github.com/SigNoz/signoz/pkg/modules/cloudintegration"
 	"github.com/SigNoz/signoz/pkg/modules/dashboard"
 	"github.com/SigNoz/signoz/pkg/modules/metricsexplorer"
 	"github.com/SigNoz/signoz/pkg/modules/metricsexplorer/implmetricsexplorer"
@@ -52,25 +51,24 @@ import (
 )
 
 type Modules struct {
-	OrgGetter        organization.Getter
-	OrgSetter        organization.Setter
-	Preference       preference.Module
-	UserSetter       user.Setter
-	UserGetter       user.Getter
-	SavedView        savedview.Module
-	Apdex            apdex.Module
-	Dashboard        dashboard.Module
-	QuickFilter      quickfilter.Module
-	TraceFunnel      tracefunnel.Module
-	RawDataExport    rawdataexport.Module
-	AuthDomain       authdomain.Module
-	Session          session.Module
-	Services         services.Module
-	SpanPercentile   spanpercentile.Module
-	MetricsExplorer  metricsexplorer.Module
-	Promote          promote.Module
-	ServiceAccount   serviceaccount.Module
-	CloudIntegration cloudintegration.Module
+	OrgGetter       organization.Getter
+	OrgSetter       organization.Setter
+	Preference      preference.Module
+	UserSetter      user.Setter
+	UserGetter      user.Getter
+	SavedView       savedview.Module
+	Apdex           apdex.Module
+	Dashboard       dashboard.Module
+	QuickFilter     quickfilter.Module
+	TraceFunnel     tracefunnel.Module
+	RawDataExport   rawdataexport.Module
+	AuthDomain      authdomain.Module
+	Session         session.Module
+	Services        services.Module
+	SpanPercentile  spanpercentile.Module
+	MetricsExplorer metricsexplorer.Module
+	Promote         promote.Module
+	ServiceAccount  serviceaccount.Module
 }
 
 func NewModules(
@@ -119,12 +117,3 @@ func NewModules(
 		ServiceAccount:  implserviceaccount.NewModule(implserviceaccount.NewStore(sqlstore), authz, emailing, providerSettings),
 	}
 }
-
-// SetCloudIntegrationModule sets cloud integration module in Modules
-// TODO: find a better way to set the module,
-// why this was done: cloud integration depends on few modules like userSetter which are initialized in NewModules and other deps like zeus/gateway is not present
-// cloud integration is initialized via callback depending on flavor of Signoz ee/community
-func (modules Modules) SetCloudIntegrationModule(module cloudintegration.Module) Modules {
-	modules.CloudIntegration = module
-	return modules
-}

pkg/signoz/signoz.go

@@ -20,12 +20,9 @@ import (
 	"github.com/SigNoz/signoz/pkg/identn"
 	"github.com/SigNoz/signoz/pkg/instrumentation"
 	"github.com/SigNoz/signoz/pkg/licensing"
-	"github.com/SigNoz/signoz/pkg/modules/cloudintegration"
-	pkgimplcloudintegration "github.com/SigNoz/signoz/pkg/modules/cloudintegration/implcloudintegration"
 	"github.com/SigNoz/signoz/pkg/modules/dashboard"
 	"github.com/SigNoz/signoz/pkg/modules/organization"
 	"github.com/SigNoz/signoz/pkg/modules/organization/implorganization"
-	"github.com/SigNoz/signoz/pkg/modules/user"
 	"github.com/SigNoz/signoz/pkg/modules/user/impluser"
 	"github.com/SigNoz/signoz/pkg/prometheus"
 	"github.com/SigNoz/signoz/pkg/querier"
@@ -44,7 +41,6 @@ import (
 	"github.com/SigNoz/signoz/pkg/telemetrytraces"
 	pkgtokenizer "github.com/SigNoz/signoz/pkg/tokenizer"
 	"github.com/SigNoz/signoz/pkg/types/authtypes"
-	"github.com/SigNoz/signoz/pkg/types/cloudintegrationtypes"
 	"github.com/SigNoz/signoz/pkg/types/telemetrytypes"
 	"github.com/SigNoz/signoz/pkg/version"
 	"github.com/SigNoz/signoz/pkg/zeus"
@@ -98,7 +94,6 @@ func New(
 	dashboardModuleCallback func(sqlstore.SQLStore, factory.ProviderSettings, analytics.Analytics, organization.Getter, queryparser.QueryParser, querier.Querier, licensing.Licensing) dashboard.Module,
 	gatewayProviderFactory func(licensing.Licensing) factory.ProviderFactory[gateway.Gateway, gateway.Config],
 	querierHandlerCallback func(factory.ProviderSettings, querier.Querier, analytics.Analytics) querier.Handler,
-	cloudIntegrationCallback func(cloudintegrationtypes.Store, zeus.Zeus, gateway.Gateway, licensing.Licensing, user.Getter, user.Setter) cloudintegration.Module,
 ) (*SigNoz, error) {
 	// Initialize instrumentation
 	instrumentation, err := instrumentation.New(ctx, config.Instrumentation, version.Info, "signoz")
@@ -415,10 +410,6 @@ func New(
 	// Initialize all modules
 	modules := NewModules(sqlstore, tokenizer, emailing, providerSettings, orgGetter, alertmanager, analytics, querier, telemetrystore, telemetryMetadataStore, authNs, authz, cache, queryParser, config, dashboard, userGetter, userRoleStore)
 
-	cloudIntegrationStore := pkgimplcloudintegration.NewStore(sqlstore)
-	cloudIntegrationModule := cloudIntegrationCallback(cloudIntegrationStore, zeus, gateway, licensing, userGetter, modules.UserSetter)
-	modules = modules.SetCloudIntegrationModule(cloudIntegrationModule)
-
 	// Initialize identN resolver
 	identNFactories := NewIdentNProviderFactories(sqlstore, tokenizer, orgGetter, userGetter, config.User)
 	identNResolver, err := identn.NewIdentNResolver(ctx, providerSettings, config.IdentN, identNFactories)

pkg/statsreporter/analyticsstatsreporter/provider.go

@@ -165,7 +165,7 @@ func (provider *provider) Report(ctx context.Context) error {
 			continue
 		}
 
-		users, err := provider.userGetter.ListUsersByOrgID(ctx, org.ID)
+		users, err := provider.userGetter.ListByOrgID(ctx, org.ID)
 		if err != nil {
 			provider.settings.Logger().WarnContext(ctx, "failed to list users", errors.Attr(err), slog.Any("org_id", org.ID))
 			continue
@@ -178,7 +178,7 @@ func (provider *provider) Report(ctx context.Context) error {
 		}
 
 		for _, user := range users {
-			traits := types.NewTraitsFromUser(user)
+			traits := types.NewTraitsFromDeprecatedUser(user)
 			if maxLastObservedAt, ok := maxLastObservedAtPerUserID[user.ID]; ok {
 				traits["auth_token.last_observed_at.max.time"] = maxLastObservedAt.UTC()
 				traits["auth_token.last_observed_at.max.time_unix"] = maxLastObservedAt.Unix()

pkg/types/authtypes/role.go

@@ -65,10 +65,10 @@ type StorableRole struct {
 
 	types.Identifiable
 	types.TimeAuditable
-	Name        string `bun:"name,type:string" json:"name"`
-	Description string `bun:"description,type:string" json:"description"`
-	Type        string `bun:"type,type:string" json:"type"`
-	OrgID       string `bun:"org_id,type:string" json:"orgId"`
+	Name        string `bun:"name,type:string"`
+	Description string `bun:"description,type:string"`
+	Type        string `bun:"type,type:string"`
+	OrgID       string `bun:"org_id,type:string"`
 }
 
 type Role struct {

pkg/types/authtypes/user_role.go

@@ -5,22 +5,21 @@ import (
 	"time"
 
 	"github.com/SigNoz/signoz/pkg/errors"
-	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/valuer"
 	"github.com/uptrace/bun"
 )
 
 var (
 	ErrCodeUserRoleAlreadyExists = errors.MustNewCode("user_role_already_exists")
-	ErrCodeUserRolesNotFound     = errors.MustNewCode("user_roles_not_found")
+	ErrCodeUserRolesNotFound      = errors.MustNewCode("user_roles_not_found")
 )
 
 type UserRole struct {
 	bun.BaseModel `bun:"table:user_role,alias:user_role"`
 
 	ID        valuer.UUID `bun:"id,pk,type:text" json:"id" required:"true"`
-	UserID    valuer.UUID `bun:"user_id" json:"userId"`
-	RoleID    valuer.UUID `bun:"role_id" json:"roleId"`
+	UserID    valuer.UUID `bun:"user_id" json:"user_id"`
+	RoleID    valuer.UUID `bun:"role_id" json:"role_id"`
 	CreatedAt time.Time   `bun:"created_at" json:"createdAt"`
 	UpdatedAt time.Time   `bun:"updated_at" json:"updatedAt"`
 
@@ -48,11 +47,6 @@ func NewUserRoles(userID valuer.UUID, roles []*Role) []*UserRole {
 	return userRoles
 }
 
-type UserWithRoles struct {
-	*types.User
-	UserRoles []*UserRole `json:"userRoles"`
-}
-
 type UserRoleStore interface {
 	// create user roles in bulk
 	CreateUserRoles(ctx context.Context, userRoles []*UserRole) error
@@ -65,7 +59,4 @@ type UserRoleStore interface {
 
 	// delete user role entries by user id
 	DeleteUserRoles(ctx context.Context, userID valuer.UUID) error
-
-	// delete a single user role entry by user id and role id
-	DeleteUserRoleByUserIDAndRoleID(ctx context.Context, userID valuer.UUID, roleID valuer.UUID) error
 }

pkg/types/cloudintegrationtypes/account.go

@@ -1,10 +1,8 @@
 package cloudintegrationtypes
 
 import (
-	"encoding/json"
 	"time"
 
-	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/types"
 	"github.com/SigNoz/signoz/pkg/valuer"
 )
@@ -44,61 +42,3 @@ type UpdatableAccount struct {
 type AWSAccountConfig struct {
 	Regions []string `json:"regions" required:"true" nullable:"false"`
 }
-
-func NewAccount(orgID valuer.UUID, provider CloudProviderType, config *AccountConfig) *Account {
-	return &Account{
-		Identifiable: types.Identifiable{
-			ID: valuer.GenerateUUID(),
-		},
-		TimeAuditable: types.TimeAuditable{
-			CreatedAt: time.Now(),
-			UpdatedAt: time.Now(),
-		},
-		OrgID:    orgID,
-		Provider: provider,
-		Config:   config,
-	}
-}
-
-func NewAccountConfigFromPostableArtifact(provider CloudProviderType, artifact *PostableConnectionArtifact) (*AccountConfig, error) {
-	switch provider {
-	case CloudProviderTypeAWS:
-		if artifact.Aws == nil {
-			return nil, errors.NewInternalf(errors.CodeInternal, "AWS artifact is nil")
-		}
-		return &AccountConfig{
-			AWS: &AWSAccountConfig{
-				Regions: artifact.Aws.Regions,
-			},
-		}, nil
-	}
-
-	return nil, errors.NewInternalf(errors.CodeInternal, "unsupported provider type")
-}
-
-func NewArtifactRequestFromPostableArtifact(provider CloudProviderType, artifact *PostableConnectionArtifact) (*ConnectionArtifactRequest, error) {
-	switch provider {
-	case CloudProviderTypeAWS:
-		if artifact.Aws == nil {
-			return nil, errors.NewInternalf(errors.CodeInternal, "AWS artifact is nil")
-		}
-		return &ConnectionArtifactRequest{
-			Aws: &AWSConnectionArtifactRequest{
-				DeploymentRegion: artifact.Aws.DeploymentRegion,
-				Regions:          artifact.Aws.Regions,
-			},
-		}, nil
-	}
-
-	return nil, errors.NewInternalf(errors.CodeInternal, "unsupported provider type")
-}
-
-// MarshalJSON return JSON bytes for the account config
-// NOTE: this entertains first non-null provider's config
-func (config *AccountConfig) MarshalJSON() ([]byte, error) {
-	if config.AWS != nil {
-		return json.Marshal(config.AWS)
-	}
-
-	return nil, errors.NewInternalf(errors.CodeInternal, "no provider account config found")
-}

pkg/types/cloudintegrationtypes/cloudintegration.go

@@ -13,7 +13,6 @@ import (
 )
 
 var (
-	ErrCodeUnsupported                          = errors.MustNewCode("cloud_integration_unsupported")
 	ErrCodeCloudIntegrationNotFound             = errors.MustNewCode("cloud_integration_not_found")
 	ErrCodeCloudIntegrationAlreadyExists        = errors.MustNewCode("cloud_integration_already_exists")
 	ErrCodeCloudIntegrationServiceNotFound      = errors.MustNewCode("cloud_integration_service_not_found")
@@ -82,19 +81,3 @@ func (r *StorableAgentReport) Value() (driver.Value, error) {
 	// Return as string instead of []byte to ensure PostgreSQL stores as text, not bytes
 	return string(serialized), nil
 }
-
-func NewStorableCloudIntegration(account *Account) (*StorableCloudIntegration, error) {
-	configBytes, err := account.Config.MarshalJSON()
-	if err != nil {
-		return nil, err
-	}
-
-	return &StorableCloudIntegration{
-		Identifiable:  account.Identifiable,
-		TimeAuditable: account.TimeAuditable,
-		Provider:      account.Provider,
-		Config:        string(configBytes),
-		AccountID:     nil, // updated during agent check in
-		OrgID:         account.OrgID,
-	}, nil
-}

pkg/types/cloudintegrationtypes/cloudprovider.go

@@ -1,8 +1,6 @@
 package cloudintegrationtypes
 
 import (
-	"fmt"
-
 	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/SigNoz/signoz/pkg/valuer"
 )
@@ -41,29 +39,3 @@ func NewCloudProvider(provider string) (CloudProviderType, error) {
 		return CloudProviderType{}, errors.NewInvalidInputf(ErrCodeCloudProviderInvalidInput, "invalid cloud provider: %s", provider)
 	}
 }
-
-func GetCloudProviderEmail(provider CloudProviderType) (valuer.Email, error) {
-	switch provider {
-	case CloudProviderTypeAWS:
-		return AWSIntegrationUserEmail, nil
-	case CloudProviderTypeAzure:
-		return AzureIntegrationUserEmail, nil
-	default:
-		return valuer.Email{}, errors.NewInvalidInputf(ErrCodeCloudProviderInvalidInput, "invalid cloud provider: %s", provider.StringValue())
-	}
-}
-
-func NewIngestionKeyName(provider CloudProviderType) string {
-	return fmt.Sprintf("%s-integration", provider.StringValue())
-}
-
-func NewIntegrationUserDisplayName(provider CloudProviderType) string {
-	return fmt.Sprintf("%s-integration", provider.StringValue())
-}
-
-// NewAPIKeyName returns API key name for cloud integration provider
-// TODO: figure out way to migrate API keys to have similar naming convention as ingestion key
-// ie. "{cloud-provider}-integration", and then remove this function.
-func NewAPIKeyName(provider CloudProviderType) string {
-	return fmt.Sprintf("%s integration", provider.StringValue())
-}

pkg/types/cloudintegrationtypes/connection.go

@@ -79,10 +79,3 @@ type AWSIntegrationConfig struct {
 	EnabledRegions []string               `json:"enabledRegions" required:"true" nullable:"false"`
 	Telemetry      *AWSCollectionStrategy `json:"telemetry" required:"true" nullable:"false"`
 }
-
-type SignozCredentials struct {
-	SigNozAPIURL string
-	SigNozAPIKey string // PAT
-	IngestionURL string
-	IngestionKey string
-}

pkg/types/cloudintegrationtypes/store.go

@@ -38,6 +38,4 @@ type Store interface {
 
 	// UpdateService updates an existing cloud integration service
 	UpdateService(ctx context.Context, service *StorableCloudIntegrationService) error
-
-	RunInTx(context.Context, func(ctx context.Context) error) error
 }

pkg/types/user.go

@@ -51,14 +51,6 @@ type DeprecatedUser struct {
 	Role Role `json:"role"`
 }
 
-type UpdatableUser struct {
-	DisplayName string `json:"displayName" required:"true"`
-}
-
-type PostableRole struct {
-	Name string `json:"name" required:"true"`
-}
-
 type PostableRegisterOrgAndAdmin struct {
 	Name           string       `json:"name"`
 	Email          valuer.Email `json:"email"`
@@ -306,9 +298,6 @@ type UserStore interface {
 	// Get user by reset password token
 	GetUserByResetPasswordToken(ctx context.Context, token string) (*User, error)
 
-	// Get users having role by org id and role id
-	GetUsersByOrgIDAndRoleID(ctx context.Context, orgID valuer.UUID, roleID valuer.UUID) ([]*User, error)
-
 	// Transaction
 	RunInTx(ctx context.Context, cb func(ctx context.Context) error) error
 }

pkg/types/zeustypes/types.go

@@ -1,10 +1,8 @@
 package zeustypes
 
 import (
-	"fmt"
 	"net/url"
 
-	"github.com/SigNoz/signoz/pkg/errors"
 	"github.com/tidwall/gjson"
 )
 
@@ -58,24 +56,3 @@ func NewGettableHost(data []byte) *GettableHost {
 		Hosts: hosts,
 	}
 }
-
-// GettableDeployment represents the parsed deployment info from zeus.GetDeployment.
-type GettableDeployment struct {
-	Name         string
-	SignozAPIUrl string
-}
-
-// NewGettableDeployment parses raw GetDeployment bytes into a GettableDeployment.
-func NewGettableDeployment(data []byte) (*GettableDeployment, error) {
-	parsed := gjson.ParseBytes(data)
-	name := parsed.Get("name").String()
-	dns := parsed.Get("cluster.region.dns").String()
-	if name == "" || dns == "" {
-		return nil, errors.NewInternalf(errors.CodeInternal,
-			"deployment info response missing name or cluster region dns")
-	}
-	return &GettableDeployment{
-		Name:         name,
-		SignozAPIUrl: fmt.Sprintf("https://%s.%s", name, dns),
-	}, nil
-}