@company-semantics/contracts 0.62.0 → 0.63.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/src/impersonation.ts +68 -0
- package/src/index.ts +13 -0
package/package.json
CHANGED
|
@@ -0,0 +1,68 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Break-Glass Impersonation — Shared Vocabulary
|
|
3
|
+
*
|
|
4
|
+
* This module defines the types for the emergency impersonation mechanism.
|
|
5
|
+
* See ADR-BE-068 for the trust model and invariant documentation.
|
|
6
|
+
*/
|
|
7
|
+
|
|
8
|
+
// Authentication mode — tags every request context
|
|
9
|
+
export type AuthMode = 'STANDARD' | 'BREAK_GLASS';
|
|
10
|
+
|
|
11
|
+
// Impersonation session model — full session state
|
|
12
|
+
export interface ImpersonationSession {
|
|
13
|
+
readonly impersonationSessionId: string;
|
|
14
|
+
readonly adminUserId: string;
|
|
15
|
+
readonly targetUserId: string;
|
|
16
|
+
readonly reason: string;
|
|
17
|
+
readonly reasonHash: string; // SHA-256 of reason text — tamper-evidence
|
|
18
|
+
readonly startedAt: string; // ISO 8601
|
|
19
|
+
readonly expiresAt: string; // ISO 8601
|
|
20
|
+
readonly endedAt: string | null; // ISO 8601 or null if active
|
|
21
|
+
readonly ipAddress: string;
|
|
22
|
+
readonly userAgent: string;
|
|
23
|
+
}
|
|
24
|
+
|
|
25
|
+
// Restricted action classes — single source of truth
|
|
26
|
+
// Backend impersonation middleware consumes this enum centrally.
|
|
27
|
+
// Routes do NOT self-classify. This prevents bypass via new routes.
|
|
28
|
+
export type RestrictedImpersonationAction =
|
|
29
|
+
| 'delete_chat'
|
|
30
|
+
| 'delete_message'
|
|
31
|
+
| 'modify_billing'
|
|
32
|
+
| 'rotate_credentials'
|
|
33
|
+
| 'invite_remove_users'
|
|
34
|
+
| 'accept_agreements'
|
|
35
|
+
| 'irreversible_write';
|
|
36
|
+
|
|
37
|
+
// All restricted actions as a const array for runtime checks
|
|
38
|
+
export const RESTRICTED_IMPERSONATION_ACTIONS: readonly RestrictedImpersonationAction[] = [
|
|
39
|
+
'delete_chat',
|
|
40
|
+
'delete_message',
|
|
41
|
+
'modify_billing',
|
|
42
|
+
'rotate_credentials',
|
|
43
|
+
'invite_remove_users',
|
|
44
|
+
'accept_agreements',
|
|
45
|
+
'irreversible_write',
|
|
46
|
+
] as const;
|
|
47
|
+
|
|
48
|
+
// Impersonation-specific company capability
|
|
49
|
+
export type ImpersonationCapability = 'company.impersonate';
|
|
50
|
+
|
|
51
|
+
// Session summary — emitted on impersonation.ended and impersonation.expired
|
|
52
|
+
export interface ImpersonationSessionSummary {
|
|
53
|
+
readonly impersonationSessionId: string;
|
|
54
|
+
readonly adminUserId: string;
|
|
55
|
+
readonly targetUserId: string;
|
|
56
|
+
readonly durationMs: number;
|
|
57
|
+
readonly actionCount: number;
|
|
58
|
+
readonly blockedActionCount: number;
|
|
59
|
+
}
|
|
60
|
+
|
|
61
|
+
// Impersonation audit event types
|
|
62
|
+
export type ImpersonationAuditEventType =
|
|
63
|
+
| 'impersonation.started'
|
|
64
|
+
| 'impersonation.ended'
|
|
65
|
+
| 'impersonation.expired'
|
|
66
|
+
| 'impersonation.session_summary'
|
|
67
|
+
| 'impersonated.action'
|
|
68
|
+
| 'impersonation.blocked_action';
|
package/src/index.ts
CHANGED
|
@@ -401,3 +401,16 @@ export { RateLimitTier } from './rate-limit/index'
|
|
|
401
401
|
// Billing domain types (v1 — read-only)
|
|
402
402
|
// @see PRD-00121 for design rationale
|
|
403
403
|
export type { OrgPlanStatus, OrgBillingInfo } from './billing/index'
|
|
404
|
+
|
|
405
|
+
// Impersonation types (break-glass emergency access)
|
|
406
|
+
// @see ADR-BE-068 for trust model
|
|
407
|
+
export type {
|
|
408
|
+
AuthMode,
|
|
409
|
+
ImpersonationSession,
|
|
410
|
+
RestrictedImpersonationAction,
|
|
411
|
+
ImpersonationCapability,
|
|
412
|
+
ImpersonationSessionSummary,
|
|
413
|
+
ImpersonationAuditEventType,
|
|
414
|
+
} from './impersonation'
|
|
415
|
+
|
|
416
|
+
export { RESTRICTED_IMPERSONATION_ACTIONS } from './impersonation'
|