Press n or j to go to the next uncovered block, b, p or k for the previous block.
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 | 260x 260x 260x 260x 260x 260x 260x 260x 260x 140x 136x 136x 260x 136x 260x 260x 260x 124x 260x | import { z } from "zod";
const userRoles = z.enum([
"defaultcmsuser",
"cmsroleapprover",
"cmsreviewer",
"statesystemadmin",
"helpdesk",
"statesubmitter",
"systemadmin",
"norole",
]);
export type UserRole = z.infer<typeof userRoles>;
export type UpdatePermissionsMap = Partial<Record<UserRole, UserRole[]>>;
// The values are other roles that this user role key can approve/deny/revoke state or role access
export const roleUpdatePermissionsMap: UpdatePermissionsMap = {
systemadmin: [
"defaultcmsuser",
"cmsroleapprover",
"cmsreviewer",
"statesystemadmin",
"helpdesk",
"statesubmitter",
],
cmsroleapprover: ["statesystemadmin", "statesubmitter", "cmsreviewer"],
statesystemadmin: ["statesubmitter", "defaultcmsuser"],
};
export const ROLES_ALLOWED_TO_UPDATE = Object.keys(roleUpdatePermissionsMap) as UserRole[];
export const ROLES_ALLOWED_TO_REQUEST: UserRole[] = [
"statesubmitter",
"statesystemadmin",
"defaultcmsuser",
"cmsroleapprover",
"cmsreviewer",
"norole",
];
const userStatus = z.enum(["active", "pending", "revoked", "denied"]);
const roleEvent = z.enum(["user-role", "legacy-user-role"]);
const userInfoEvent = z.enum(["user-info", "legacy-user-info"]);
const skPattern = /^v[0-9]+#[a-z]+#(N\/A|[A-Z]{2})$/;
export const baseUserRoleRequestSchema = z.object({
email: z.string().email().optional(),
status: userStatus,
territory: z.string(),
role: userRoles,
doneByEmail: z.string(),
doneByName: z.string(),
date: z
.number()
.optional()
.transform((date) => {
if (!date) return date;
Iif (String(date).length === 10) return date * 1000;
return date;
}),
eventType: roleEvent,
group: z.string().nullish(),
division: z.string().nullish(),
});
export type BaseUserRoleRequest = z.infer<typeof baseUserRoleRequestSchema>;
// This schema is used to parse ingested legacy role requests
export const onemacLegacyUserRoleRequest = baseUserRoleRequestSchema
.extend({
pk: z.string().email(),
sk: z.string().regex(skPattern),
eventType: roleEvent.default("legacy-user-role"),
})
.transform((data) => ({
id: `${data.pk}_${data.territory}_${data.role}`,
eventType: data.eventType,
email: data.pk,
doneByEmail: data.doneByEmail,
doneByName: data.doneByName,
status: data.status,
role: data.role,
territory: data.territory,
lastModifiedDate: data.date,
}));
// OneMAC Upgrade/Mako User Role Request Schema
// Rename? This schema is used to parse access requests to states, grant and deny access
export const userRoleRequest = baseUserRoleRequestSchema.transform((data) => ({
id: `${data.email}_${data.territory}_${data.role}`,
eventType: data.eventType,
email: data.email,
doneByEmail: data.doneByEmail,
doneByName: data.doneByName,
status: data.status,
role: data.role,
territory: data.territory,
lastModifiedDate: data.date,
group: data.group,
division: data.division,
}));
// User Information Schema
export const baseUserInformationSchema = z.object({
email: z.string().email(),
group: z.string().optional(),
division: z.string().optional(),
fullName: z.string(),
eventType: userInfoEvent,
});
export const onemacLegacyUserInformation = baseUserInformationSchema
.extend({
pk: z.string().email(),
sk: z.literal("ContactInfo"),
eventType: userInfoEvent.default("legacy-user-info"),
})
.transform((data) => ({
id: data.pk,
eventType: data.eventType,
email: data.pk,
group: data.group,
division: data.division,
fullName: data.fullName,
}));
export const userInformation = baseUserInformationSchema.transform((data) => ({
id: data.email,
eventType: data.eventType,
email: data.email,
group: data.group,
division: data.division,
fullName: data.fullName,
}));
|