events legacy-user.ts

92.68% Statements 38/41
75% Branches 3/4
30% Functions 3/10
100% Lines 21/21
Press n or j to go to the next uncovered block, b, p or k for the previous block.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148  
 
 
 
282x
 
 
282x
 
 
 
 
 
 
 
 
 
 
 
 
 
282x
 
 
 
 
 
 
 
 
 
 
 
282x
282x
 
 
 
 
 
 
 
 
282x
282x
282x
282x
 
282x
 
 
 
 
 
 
 
 
 
 
282x
 
 
 
 
 
 
 
 
 
 
140x
136x
136x
 
 
 
 
 
 
 
 
282x
 
 
 
 
 
136x
 
 
 
 
 
 
 
 
 
 
 
 
 
282x
 
 
 
 
 
 
 
 
 
 
 
 
 
 
282x
 
 
 
 
 
 
 
282x
 
 
 
 
 
131x
 
 
 
 
 
 
 
 
282x
 
 
 
 
 
 
 
  import { z } from "zod";
 
import { STATE_CODES } from "../states";
 
export const territory = z.enum([...STATE_CODES, "N/A"]);
export type Territory = z.infer<typeof territory>;
 
export const userRoles = z.enum([
  "defaultcmsuser",
  "cmsroleapprover",
  "cmsreviewer",
  "statesystemadmin",
  "helpdesk",
  "statesubmitter",
  "systemadmin",
  "norole",
]);
export type UserRole = z.infer<typeof userRoles>;
 
export type UpdatePermissionsMap = Partial<Record<UserRole, UserRole[]>>;
// The values are other roles that this user role key can approve/deny/revoke state or role access
export const roleUpdatePermissionsMap: UpdatePermissionsMap = {
  systemadmin: [
    "defaultcmsuser",
    "cmsroleapprover",
    "cmsreviewer",
    "statesystemadmin",
    "helpdesk",
    "statesubmitter",
  ],
  cmsroleapprover: ["statesystemadmin", "statesubmitter", "cmsreviewer"],
  statesystemadmin: ["statesubmitter", "defaultcmsuser"],
};
export const ROLES_ALLOWED_TO_UPDATE = Object.keys(roleUpdatePermissionsMap) as UserRole[];
export const ROLES_ALLOWED_TO_REQUEST: UserRole[] = [
  "statesubmitter",
  "statesystemadmin",
  "defaultcmsuser",
  "cmsroleapprover",
  "cmsreviewer",
  "norole",
];
 
const userStatus = z.enum(["active", "pending", "revoked", "denied"]);
const roleEvent = z.enum(["user-role", "legacy-user-role"]);
const userInfoEvent = z.enum(["user-info", "legacy-user-info"]);
const skPattern = /^v[0-9]+#[a-z]+#(N\/A|[A-Z]{2})$/;
 
export const baseRoleInformationSchema = z.object({
  email: z.string().email(),
  state: territory,
  role: userRoles,
  eventType: roleEvent,
  requestRoleChange: z.boolean().optional(),
  grantAccess: userStatus.optional(),
  group: z.string().nullish(),
  division: z.string().nullish(),
});
 
export const baseUserRoleRequestSchema = z.object({
  email: z.string().email().optional(),
  status: userStatus,
  territory: territory,
  role: userRoles,
  doneByEmail: z.string(),
  doneByName: z.string(),
  date: z
    .number()
    .optional()
    .transform((date) => {
      if (!date) return date;
      Iif (String(date).length === 10) return date * 1000;
      return date;
    }),
  eventType: roleEvent,
  group: z.string().nullish(),
  division: z.string().nullish(),
});
 
export type BaseUserRoleRequest = z.infer<typeof baseUserRoleRequestSchema>;
// This schema is used to parse ingested legacy role requests
export const onemacLegacyUserRoleRequest = baseUserRoleRequestSchema
  .extend({
    pk: z.string().email(),
    sk: z.string().regex(skPattern),
    eventType: roleEvent.default("legacy-user-role"),
  })
  .transform((data) => ({
    id: `${data.pk}_${data.territory}_${data.role}`,
    eventType: data.eventType,
    email: data.pk,
    doneByEmail: data.doneByEmail,
    doneByName: data.doneByName,
    status: data.status,
    role: data.role,
    territory: data.territory,
    lastModifiedDate: data.date,
  }));
 
// OneMAC Upgrade/Mako User Role Request Schema
// Rename? This schema is used to parse access requests to states, grant and deny access
export const userRoleRequest = baseUserRoleRequestSchema.transform((data) => ({
  id: `${data.email}_${data.territory}_${data.role}`,
  eventType: data.eventType,
  email: data.email,
  doneByEmail: data.doneByEmail,
  doneByName: data.doneByName,
  status: data.status,
  role: data.role,
  territory: data.territory,
  lastModifiedDate: data.date,
  group: data.group,
  division: data.division,
}));
 
// User Information Schema
export const baseUserInformationSchema = z.object({
  email: z.string().email(),
  group: z.string().optional(),
  division: z.string().optional(),
  fullName: z.string(),
  eventType: userInfoEvent,
});
 
export const onemacLegacyUserInformation = baseUserInformationSchema
  .extend({
    pk: z.string().email(),
    sk: z.literal("ContactInfo"),
    eventType: userInfoEvent.default("legacy-user-info"),
  })
  .transform((data) => ({
    id: data.pk,
    eventType: data.eventType,
    email: data.pk,
    group: data.group,
    division: data.division,
    fullName: data.fullName,
  }));
 
export const userInformation = baseUserInformationSchema.transform((data) => ({
  id: data.email,
  eventType: data.eventType,
  email: data.email,
  group: data.group,
  division: data.division,
  fullName: data.fullName,
}));