@fiado/type-kit 3.71.0 → 3.73.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (100) hide show
  1. package/bin/benefitCenter/dtos/BackofficeLeafOverrideUpsertRequest.d.ts +22 -0
  2. package/bin/benefitCenter/dtos/BackofficeLeafOverrideUpsertRequest.js +91 -0
  3. package/bin/benefitCenter/dtos/FieldOverrideRequest.d.ts +19 -0
  4. package/bin/benefitCenter/dtos/FieldOverrideRequest.js +80 -0
  5. package/bin/benefitCenter/dtos/InputSchemaOverrideRequest.d.ts +9 -0
  6. package/bin/benefitCenter/dtos/InputSchemaOverrideRequest.js +29 -0
  7. package/bin/benefitCenter/enums/LeafOverrideStatusEnum.d.ts +10 -0
  8. package/bin/benefitCenter/enums/LeafOverrideStatusEnum.js +14 -0
  9. package/bin/cognitoBackofficeConnector/dtos/MfaPoolConfig.d.ts +7 -0
  10. package/bin/cognitoBackofficeConnector/dtos/MfaPoolConfig.js +36 -0
  11. package/bin/cognitoBackofficeConnector/validators/MfaTypesRequiresOne.d.ts +17 -0
  12. package/bin/cognitoBackofficeConnector/validators/MfaTypesRequiresOne.js +39 -0
  13. package/bin/cognitoConnector/dtos/SignUpBackofficeRequest.d.ts +13 -0
  14. package/bin/cognitoConnector/dtos/SignUpBackofficeRequest.js +71 -0
  15. package/bin/comission-business/dtos/GenerateReportRequest.d.ts +10 -0
  16. package/bin/comission-business/dtos/GenerateReportRequest.js +2 -0
  17. package/bin/comission-business/dtos/GenerateReportResponse.d.ts +6 -0
  18. package/bin/comission-business/dtos/GenerateReportResponse.js +2 -0
  19. package/bin/comission-business/enums/PaymentStatusEnum.d.ts +5 -0
  20. package/bin/comission-business/enums/PaymentStatusEnum.js +9 -0
  21. package/bin/credit/dtos/CreditBannerStateResponse.d.ts +10 -0
  22. package/bin/credit/dtos/CreditBannerStateResponse.js +6 -0
  23. package/bin/credit/dtos/CreditDetailResponse.d.ts +23 -0
  24. package/bin/credit/dtos/CreditDetailResponse.js +6 -0
  25. package/bin/credit/dtos/CreditEligibilityResponse.d.ts +9 -0
  26. package/bin/credit/dtos/CreditEligibilityResponse.js +6 -0
  27. package/bin/credit/dtos/CreditMovementResponse.d.ts +20 -0
  28. package/bin/credit/dtos/CreditMovementResponse.js +9 -0
  29. package/bin/credit/dtos/CreditRequestCreate.d.ts +4 -0
  30. package/bin/credit/dtos/CreditRequestCreate.js +26 -0
  31. package/bin/credit/dtos/CreditRequestResponse.d.ts +7 -0
  32. package/bin/credit/dtos/CreditRequestResponse.js +6 -0
  33. package/bin/credit/dtos/CreditScheduleResponse.d.ts +18 -0
  34. package/bin/credit/dtos/CreditScheduleResponse.js +9 -0
  35. package/bin/credit/dtos/CreditStatementResponse.d.ts +11 -0
  36. package/bin/credit/dtos/CreditStatementResponse.js +9 -0
  37. package/bin/credit/dtos/EarlyPaymentRequest.d.ts +7 -0
  38. package/bin/credit/dtos/EarlyPaymentRequest.js +37 -0
  39. package/bin/credit/dtos/EarlyPaymentResponse.d.ts +11 -0
  40. package/bin/credit/dtos/EarlyPaymentResponse.js +6 -0
  41. package/bin/credit/dtos/internal/CreditBalanceRequest.d.ts +3 -0
  42. package/bin/credit/dtos/internal/CreditBalanceRequest.js +21 -0
  43. package/bin/credit/dtos/internal/CreditCollectionRequest.d.ts +11 -0
  44. package/bin/credit/dtos/internal/CreditCollectionRequest.js +59 -0
  45. package/bin/credit/dtos/internal/CreditCollectionResponse.d.ts +12 -0
  46. package/bin/credit/dtos/internal/CreditCollectionResponse.js +6 -0
  47. package/bin/credit/dtos/internal/CreditDisbursementRequest.d.ts +7 -0
  48. package/bin/credit/dtos/internal/CreditDisbursementRequest.js +43 -0
  49. package/bin/credit/dtos/internal/CreditDisbursementResponse.d.ts +8 -0
  50. package/bin/credit/dtos/internal/CreditDisbursementResponse.js +6 -0
  51. package/bin/credit/dtos/internal/CreditProfileRequest.d.ts +3 -0
  52. package/bin/credit/dtos/internal/CreditProfileRequest.js +23 -0
  53. package/bin/credit/dtos/internal/CreditReversalRequest.d.ts +5 -0
  54. package/bin/credit/dtos/internal/CreditReversalRequest.js +31 -0
  55. package/bin/credit/dtos/internal/CreditReversalResponse.d.ts +7 -0
  56. package/bin/credit/dtos/internal/CreditReversalResponse.js +6 -0
  57. package/bin/credit/dtos/internal/CreditTransferLoancoRequest.d.ts +8 -0
  58. package/bin/credit/dtos/internal/CreditTransferLoancoRequest.js +46 -0
  59. package/bin/credit/dtos/internal/CreditTransferLoancoResponse.d.ts +8 -0
  60. package/bin/credit/dtos/internal/CreditTransferLoancoResponse.js +6 -0
  61. package/bin/credit/dtos/internal/DocumentSignRequest.d.ts +3 -0
  62. package/bin/credit/dtos/internal/DocumentSignRequest.js +21 -0
  63. package/bin/credit/dtos/internal/LienApplyRequest.d.ts +7 -0
  64. package/bin/credit/dtos/internal/LienApplyRequest.js +45 -0
  65. package/bin/credit/enums/CollectionFrequencyEnum.d.ts +5 -0
  66. package/bin/credit/enums/CollectionFrequencyEnum.js +9 -0
  67. package/bin/credit/enums/CreditOperationEnum.d.ts +11 -0
  68. package/bin/credit/enums/CreditOperationEnum.js +15 -0
  69. package/bin/credit/enums/CreditStatusEnum.d.ts +12 -0
  70. package/bin/credit/enums/CreditStatusEnum.js +16 -0
  71. package/bin/credit/enums/DelinquencyLevelEnum.d.ts +9 -0
  72. package/bin/credit/enums/DelinquencyLevelEnum.js +13 -0
  73. package/bin/credit/enums/DocumentTypeEnum.d.ts +8 -0
  74. package/bin/credit/enums/DocumentTypeEnum.js +12 -0
  75. package/bin/credit/enums/OfferStatusEnum.d.ts +8 -0
  76. package/bin/credit/enums/OfferStatusEnum.js +12 -0
  77. package/bin/credit/enums/PaymentTypeEnum.d.ts +9 -0
  78. package/bin/credit/enums/PaymentTypeEnum.js +13 -0
  79. package/bin/credit/enums/ReconciliationStatusEnum.d.ts +6 -0
  80. package/bin/credit/enums/ReconciliationStatusEnum.js +10 -0
  81. package/bin/credit/enums/TransferStatusEnum.d.ts +8 -0
  82. package/bin/credit/enums/TransferStatusEnum.js +12 -0
  83. package/bin/platformRbac/dtos/CreateTenantRequest.d.ts +2 -0
  84. package/bin/platformRbac/dtos/CreateTenantRequest.js +7 -0
  85. package/bin/platformRbac/enums/Permission.d.ts +24 -1
  86. package/bin/platformRbac/enums/Permission.js +24 -1
  87. package/bin/platformRbac/enums/TokenValidationMode.d.ts +13 -0
  88. package/bin/platformRbac/enums/TokenValidationMode.js +17 -0
  89. package/bin/platformRbac/index.d.ts +1 -0
  90. package/bin/platformRbac/index.js +1 -0
  91. package/bin/riskProfile/dtos/TransactionAlarmQueueMessage.d.ts +2 -0
  92. package/bin/riskProfile/dtos/TransactionAlarmQueueMessage.js +6 -0
  93. package/docs/superpowers/plans/2026-05-22-http-client-inversify-v8.md +243 -0
  94. package/docs/superpowers/specs/2026-05-22-inversify-v8-migration-design.md +191 -0
  95. package/package.json +1 -1
  96. package/src/platformRbac/dtos/CreateTenantRequest.ts +3 -1
  97. package/src/platformRbac/enums/Permission.ts +24 -1
  98. package/src/platformRbac/enums/TokenValidationMode.ts +13 -0
  99. package/src/platformRbac/index.ts +1 -0
  100. package/src/riskProfile/dtos/TransactionAlarmQueueMessage.ts +5 -0
@@ -0,0 +1,15 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.CreditOperationEnum = void 0;
4
+ var CreditOperationEnum;
5
+ (function (CreditOperationEnum) {
6
+ CreditOperationEnum["DISBURSEMENT"] = "DISBURSEMENT";
7
+ CreditOperationEnum["COLLECTION"] = "COLLECTION";
8
+ CreditOperationEnum["COLLECTION_PARTIAL"] = "COLLECTION_PARTIAL";
9
+ CreditOperationEnum["COLLECTION_LIEN"] = "COLLECTION_LIEN";
10
+ CreditOperationEnum["EARLY_PAYMENT"] = "EARLY_PAYMENT";
11
+ CreditOperationEnum["TRANSFER_LOANCO"] = "TRANSFER_LOANCO";
12
+ CreditOperationEnum["REVERSAL"] = "REVERSAL";
13
+ CreditOperationEnum["INTEREST_ACCRUAL"] = "INTEREST_ACCRUAL";
14
+ CreditOperationEnum["FEE_CHARGE"] = "FEE_CHARGE";
15
+ })(CreditOperationEnum || (exports.CreditOperationEnum = CreditOperationEnum = {}));
@@ -0,0 +1,12 @@
1
+ export declare enum CreditStatusEnum {
2
+ PENDING_APPROVAL = "PENDING_APPROVAL",
3
+ APPROVED = "APPROVED",
4
+ ACTIVE = "ACTIVE",
5
+ CURRENT = "CURRENT",
6
+ DELINQUENT = "DELINQUENT",
7
+ DEFAULTED = "DEFAULTED",
8
+ PAID_OFF = "PAID_OFF",
9
+ CANCELLED = "CANCELLED",
10
+ RETURNED_TO_LOANCO = "RETURNED_TO_LOANCO",
11
+ WRITTEN_OFF = "WRITTEN_OFF"
12
+ }
@@ -0,0 +1,16 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.CreditStatusEnum = void 0;
4
+ var CreditStatusEnum;
5
+ (function (CreditStatusEnum) {
6
+ CreditStatusEnum["PENDING_APPROVAL"] = "PENDING_APPROVAL";
7
+ CreditStatusEnum["APPROVED"] = "APPROVED";
8
+ CreditStatusEnum["ACTIVE"] = "ACTIVE";
9
+ CreditStatusEnum["CURRENT"] = "CURRENT";
10
+ CreditStatusEnum["DELINQUENT"] = "DELINQUENT";
11
+ CreditStatusEnum["DEFAULTED"] = "DEFAULTED";
12
+ CreditStatusEnum["PAID_OFF"] = "PAID_OFF";
13
+ CreditStatusEnum["CANCELLED"] = "CANCELLED";
14
+ CreditStatusEnum["RETURNED_TO_LOANCO"] = "RETURNED_TO_LOANCO";
15
+ CreditStatusEnum["WRITTEN_OFF"] = "WRITTEN_OFF";
16
+ })(CreditStatusEnum || (exports.CreditStatusEnum = CreditStatusEnum = {}));
@@ -0,0 +1,9 @@
1
+ export declare enum DelinquencyLevelEnum {
2
+ CURRENT = "CURRENT",
3
+ EARLY_1_7 = "EARLY_1_7",
4
+ EARLY_8_14 = "EARLY_8_14",
5
+ LATE_15_30 = "LATE_15_30",
6
+ LATE_31_60 = "LATE_31_60",
7
+ SEVERE_61_90 = "SEVERE_61_90",
8
+ DEFAULT_90_PLUS = "DEFAULT_90_PLUS"
9
+ }
@@ -0,0 +1,13 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.DelinquencyLevelEnum = void 0;
4
+ var DelinquencyLevelEnum;
5
+ (function (DelinquencyLevelEnum) {
6
+ DelinquencyLevelEnum["CURRENT"] = "CURRENT";
7
+ DelinquencyLevelEnum["EARLY_1_7"] = "EARLY_1_7";
8
+ DelinquencyLevelEnum["EARLY_8_14"] = "EARLY_8_14";
9
+ DelinquencyLevelEnum["LATE_15_30"] = "LATE_15_30";
10
+ DelinquencyLevelEnum["LATE_31_60"] = "LATE_31_60";
11
+ DelinquencyLevelEnum["SEVERE_61_90"] = "SEVERE_61_90";
12
+ DelinquencyLevelEnum["DEFAULT_90_PLUS"] = "DEFAULT_90_PLUS";
13
+ })(DelinquencyLevelEnum || (exports.DelinquencyLevelEnum = DelinquencyLevelEnum = {}));
@@ -0,0 +1,8 @@
1
+ export declare enum DocumentTypeEnum {
2
+ CREDIT_CONTRACT = "CREDIT_CONTRACT",
3
+ CREDIT_STATEMENT = "CREDIT_STATEMENT",
4
+ CREDIT_AMORTIZATION = "CREDIT_AMORTIZATION",
5
+ CREDIT_COVER_SHEET = "CREDIT_COVER_SHEET",
6
+ ONBOARDING_CONTRACT = "ONBOARDING_CONTRACT",
7
+ ONBOARDING_IFPE = "ONBOARDING_IFPE"
8
+ }
@@ -0,0 +1,12 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.DocumentTypeEnum = void 0;
4
+ var DocumentTypeEnum;
5
+ (function (DocumentTypeEnum) {
6
+ DocumentTypeEnum["CREDIT_CONTRACT"] = "CREDIT_CONTRACT";
7
+ DocumentTypeEnum["CREDIT_STATEMENT"] = "CREDIT_STATEMENT";
8
+ DocumentTypeEnum["CREDIT_AMORTIZATION"] = "CREDIT_AMORTIZATION";
9
+ DocumentTypeEnum["CREDIT_COVER_SHEET"] = "CREDIT_COVER_SHEET";
10
+ DocumentTypeEnum["ONBOARDING_CONTRACT"] = "ONBOARDING_CONTRACT";
11
+ DocumentTypeEnum["ONBOARDING_IFPE"] = "ONBOARDING_IFPE";
12
+ })(DocumentTypeEnum || (exports.DocumentTypeEnum = DocumentTypeEnum = {}));
@@ -0,0 +1,8 @@
1
+ export declare enum OfferStatusEnum {
2
+ NOT_ELIGIBLE = "NOT_ELIGIBLE",
3
+ PRE_QUALIFIED = "PRE_QUALIFIED",
4
+ OFFER_AVAILABLE = "OFFER_AVAILABLE",
5
+ OFFER_CONFIGURED = "OFFER_CONFIGURED",
6
+ OFFER_ACCEPTED = "OFFER_ACCEPTED",
7
+ OFFER_EXPIRED = "OFFER_EXPIRED"
8
+ }
@@ -0,0 +1,12 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.OfferStatusEnum = void 0;
4
+ var OfferStatusEnum;
5
+ (function (OfferStatusEnum) {
6
+ OfferStatusEnum["NOT_ELIGIBLE"] = "NOT_ELIGIBLE";
7
+ OfferStatusEnum["PRE_QUALIFIED"] = "PRE_QUALIFIED";
8
+ OfferStatusEnum["OFFER_AVAILABLE"] = "OFFER_AVAILABLE";
9
+ OfferStatusEnum["OFFER_CONFIGURED"] = "OFFER_CONFIGURED";
10
+ OfferStatusEnum["OFFER_ACCEPTED"] = "OFFER_ACCEPTED";
11
+ OfferStatusEnum["OFFER_EXPIRED"] = "OFFER_EXPIRED";
12
+ })(OfferStatusEnum || (exports.OfferStatusEnum = OfferStatusEnum = {}));
@@ -0,0 +1,9 @@
1
+ export declare enum PaymentTypeEnum {
2
+ REGULAR = "REGULAR",
3
+ PARTIAL = "PARTIAL",
4
+ EARLY_ANTICIPATED = "EARLY_ANTICIPATED",
5
+ EARLY_ADVANCED = "EARLY_ADVANCED",
6
+ EARLY_SETTLEMENT = "EARLY_SETTLEMENT",
7
+ LIEN = "LIEN",
8
+ REVERSAL = "REVERSAL"
9
+ }
@@ -0,0 +1,13 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.PaymentTypeEnum = void 0;
4
+ var PaymentTypeEnum;
5
+ (function (PaymentTypeEnum) {
6
+ PaymentTypeEnum["REGULAR"] = "REGULAR";
7
+ PaymentTypeEnum["PARTIAL"] = "PARTIAL";
8
+ PaymentTypeEnum["EARLY_ANTICIPATED"] = "EARLY_ANTICIPATED";
9
+ PaymentTypeEnum["EARLY_ADVANCED"] = "EARLY_ADVANCED";
10
+ PaymentTypeEnum["EARLY_SETTLEMENT"] = "EARLY_SETTLEMENT";
11
+ PaymentTypeEnum["LIEN"] = "LIEN";
12
+ PaymentTypeEnum["REVERSAL"] = "REVERSAL";
13
+ })(PaymentTypeEnum || (exports.PaymentTypeEnum = PaymentTypeEnum = {}));
@@ -0,0 +1,6 @@
1
+ export declare enum ReconciliationStatusEnum {
2
+ PENDING = "PENDING",
3
+ MATCHED = "MATCHED",
4
+ DISCREPANCY = "DISCREPANCY",
5
+ RESOLVED = "RESOLVED"
6
+ }
@@ -0,0 +1,10 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.ReconciliationStatusEnum = void 0;
4
+ var ReconciliationStatusEnum;
5
+ (function (ReconciliationStatusEnum) {
6
+ ReconciliationStatusEnum["PENDING"] = "PENDING";
7
+ ReconciliationStatusEnum["MATCHED"] = "MATCHED";
8
+ ReconciliationStatusEnum["DISCREPANCY"] = "DISCREPANCY";
9
+ ReconciliationStatusEnum["RESOLVED"] = "RESOLVED";
10
+ })(ReconciliationStatusEnum || (exports.ReconciliationStatusEnum = ReconciliationStatusEnum = {}));
@@ -0,0 +1,8 @@
1
+ export declare enum TransferStatusEnum {
2
+ PENDING = "PENDING",
3
+ APPROVED = "APPROVED",
4
+ IN_PROGRESS = "IN_PROGRESS",
5
+ COMPLETED = "COMPLETED",
6
+ FAILED = "FAILED",
7
+ REJECTED = "REJECTED"
8
+ }
@@ -0,0 +1,12 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.TransferStatusEnum = void 0;
4
+ var TransferStatusEnum;
5
+ (function (TransferStatusEnum) {
6
+ TransferStatusEnum["PENDING"] = "PENDING";
7
+ TransferStatusEnum["APPROVED"] = "APPROVED";
8
+ TransferStatusEnum["IN_PROGRESS"] = "IN_PROGRESS";
9
+ TransferStatusEnum["COMPLETED"] = "COMPLETED";
10
+ TransferStatusEnum["FAILED"] = "FAILED";
11
+ TransferStatusEnum["REJECTED"] = "REJECTED";
12
+ })(TransferStatusEnum || (exports.TransferStatusEnum = TransferStatusEnum = {}));
@@ -1,3 +1,4 @@
1
+ import { TokenValidationMode } from '../enums/TokenValidationMode';
1
2
  /**
2
3
  * Input del POST backoffice de creación de tenant (F-11 — onboarding de tenant en SureKeep).
3
4
  * Consumido por el controller `backofficeCreateTenant` del platform-rbac-business y, a futuro,
@@ -14,4 +15,5 @@ export declare class CreateTenantRequest {
14
15
  region: string;
15
16
  mfaRequired?: boolean;
16
17
  passwordMinLength?: number;
18
+ tokenValidationMode?: TokenValidationMode;
17
19
  }
@@ -12,6 +12,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
12
12
  exports.CreateTenantRequest = void 0;
13
13
  const class_transformer_1 = require("class-transformer");
14
14
  const class_validator_1 = require("class-validator");
15
+ const TokenValidationMode_1 = require("../enums/TokenValidationMode");
15
16
  /**
16
17
  * Input del POST backoffice de creación de tenant (F-11 — onboarding de tenant en SureKeep).
17
18
  * Consumido por el controller `backofficeCreateTenant` del platform-rbac-business y, a futuro,
@@ -66,3 +67,9 @@ __decorate([
66
67
  (0, class_validator_1.Min)(8),
67
68
  __metadata("design:type", Number)
68
69
  ], CreateTenantRequest.prototype, "passwordMinLength", void 0);
70
+ __decorate([
71
+ (0, class_transformer_1.Expose)(),
72
+ (0, class_validator_1.IsOptional)(),
73
+ (0, class_validator_1.IsEnum)(TokenValidationMode_1.TokenValidationMode),
74
+ __metadata("design:type", String)
75
+ ], CreateTenantRequest.prototype, "tokenValidationMode", void 0);
@@ -6,7 +6,25 @@
6
6
  *
7
7
  * Copy-paste literal de los valores del spec (DEC-003).
8
8
  * Convención: `<category>.<resource>.<action>` (snake_case en action si multi-palabra).
9
- * Cualquier cambio aquí requiere PR + bump minor + redeploy de consumers.
9
+ *
10
+ * ⚠️ ESTE ES EL CATÁLOGO GLOBAL Y ÚNICO. Todo permiso del sistema vive acá. Los tenants
11
+ * NO inventan permisos: cada `tenantType` arma su lista (techo) ELIGIENDO de este catálogo
12
+ * (`TenantTypePermissionCatalog_GT` en platform-rbac-business, DEC-062), y cada tenant arma
13
+ * sus roles combinando esos permisos. El vocabulario es global; lo que varía por tenant es
14
+ * QUÉ permisos usa, no CUÁLES existen.
15
+ *
16
+ * ⚠️⚠️ AL AGREGAR / QUITAR / RENOMBRAR UN PERMISO — PROCEDIMIENTO OBLIGATORIO:
17
+ * 1. Agregar el valor a ESTE enum.
18
+ * 2. Agregarlo TAMBIÉN al FINAL de `PERMISSION_BIT_ORDER` (abajo) — append-only, NUNCA en
19
+ * el medio ni reordenando: ese array define el bit de cada permiso en el token (bitset).
20
+ * Reordenar/insertar en medio desalinea TODOS los tokens ya emitidos (escalada/pérdida
21
+ * de permisos silenciosa). Un permiso deprecado CONSERVA su posición (no se borra del array).
22
+ * 3. Recién entonces un `tenantType` puede incluirlo en su lista. Un permiso que NO esté en
23
+ * este enum + bit-order NO tiene bit → no viaja en el token (el gateway-adapter no lo ve).
24
+ * 4. `PERMS_VERSION` (hash del orden) cambia solo → bump minor del type-kit + redeploy de
25
+ * consumers (jwt-inyector-trigger, gateway-adapter, platform-rbac-business). Tokens viejos
26
+ * caen al fallback (resolver DDB) hasta refrescar — by-design, no rompe.
27
+ * El test `permissionBits.test.ts` falla si el enum y `PERMISSION_BIT_ORDER` se desincronizan.
10
28
  *
11
29
  * Coexiste con módulo `rbac/` oficial cuando yhonhansen publique componente 01 — TD-RBAC-002.
12
30
  */
@@ -107,6 +125,11 @@ export declare enum Permission {
107
125
  * Índice de cada permiso = su posición de bit. NUNCA reordenar ni borrar:
108
126
  * deprecados CONSERVAN su posición; los nuevos van SIEMPRE al final.
109
127
  * Derivado explícitamente (no Object.values, frágil ante edición del enum).
128
+ *
129
+ * ⚠️ Si agregás un permiso al enum `Permission` (arriba), agregalo TAMBIÉN acá, AL FINAL.
130
+ * Ver el procedimiento completo en el JSDoc del enum `Permission`. El test
131
+ * `permissionBits.test.ts` rompe si esto y el enum no coinciden, y el snapshot del orden
132
+ * completo rompe si reordenás (guard anti-desalineamiento de tokens emitidos).
110
133
  */
111
134
  export declare const PERMISSION_BIT_ORDER: readonly Permission[];
112
135
  /** Versión del catálogo = hash del orden. Cambia solo si el orden cambia. */
@@ -11,7 +11,25 @@ exports.bitsToPermissions = bitsToPermissions;
11
11
  *
12
12
  * Copy-paste literal de los valores del spec (DEC-003).
13
13
  * Convención: `<category>.<resource>.<action>` (snake_case en action si multi-palabra).
14
- * Cualquier cambio aquí requiere PR + bump minor + redeploy de consumers.
14
+ *
15
+ * ⚠️ ESTE ES EL CATÁLOGO GLOBAL Y ÚNICO. Todo permiso del sistema vive acá. Los tenants
16
+ * NO inventan permisos: cada `tenantType` arma su lista (techo) ELIGIENDO de este catálogo
17
+ * (`TenantTypePermissionCatalog_GT` en platform-rbac-business, DEC-062), y cada tenant arma
18
+ * sus roles combinando esos permisos. El vocabulario es global; lo que varía por tenant es
19
+ * QUÉ permisos usa, no CUÁLES existen.
20
+ *
21
+ * ⚠️⚠️ AL AGREGAR / QUITAR / RENOMBRAR UN PERMISO — PROCEDIMIENTO OBLIGATORIO:
22
+ * 1. Agregar el valor a ESTE enum.
23
+ * 2. Agregarlo TAMBIÉN al FINAL de `PERMISSION_BIT_ORDER` (abajo) — append-only, NUNCA en
24
+ * el medio ni reordenando: ese array define el bit de cada permiso en el token (bitset).
25
+ * Reordenar/insertar en medio desalinea TODOS los tokens ya emitidos (escalada/pérdida
26
+ * de permisos silenciosa). Un permiso deprecado CONSERVA su posición (no se borra del array).
27
+ * 3. Recién entonces un `tenantType` puede incluirlo en su lista. Un permiso que NO esté en
28
+ * este enum + bit-order NO tiene bit → no viaja en el token (el gateway-adapter no lo ve).
29
+ * 4. `PERMS_VERSION` (hash del orden) cambia solo → bump minor del type-kit + redeploy de
30
+ * consumers (jwt-inyector-trigger, gateway-adapter, platform-rbac-business). Tokens viejos
31
+ * caen al fallback (resolver DDB) hasta refrescar — by-design, no rompe.
32
+ * El test `permissionBits.test.ts` falla si el enum y `PERMISSION_BIT_ORDER` se desincronizan.
15
33
  *
16
34
  * Coexiste con módulo `rbac/` oficial cuando yhonhansen publique componente 01 — TD-RBAC-002.
17
35
  */
@@ -142,6 +160,11 @@ var Permission;
142
160
  * Índice de cada permiso = su posición de bit. NUNCA reordenar ni borrar:
143
161
  * deprecados CONSERVAN su posición; los nuevos van SIEMPRE al final.
144
162
  * Derivado explícitamente (no Object.values, frágil ante edición del enum).
163
+ *
164
+ * ⚠️ Si agregás un permiso al enum `Permission` (arriba), agregalo TAMBIÉN acá, AL FINAL.
165
+ * Ver el procedimiento completo en el JSDoc del enum `Permission`. El test
166
+ * `permissionBits.test.ts` rompe si esto y el enum no coinciden, y el snapshot del orden
167
+ * completo rompe si reordenás (guard anti-desalineamiento de tokens emitidos).
145
168
  */
146
169
  exports.PERMISSION_BIT_ORDER = [
147
170
  Permission.RBAC_CATALOG_MANAGE,
@@ -0,0 +1,13 @@
1
+ /**
2
+ * Modo de validación de tokens por tenant (DEC-RBAC-002 del rbac-authorizer-trigger).
3
+ * Persistido como atributo no-key en PlatformTenantConfig_GT. Los valores string SON el
4
+ * contrato: el authorizer los espeja con un tipo local (no depende de type-kit, DT-7).
5
+ * - OFFLINE: solo firma (JWKS) + permsEpoch. Default. No pega a Cognito.
6
+ * - ONLINE_PREFERRED: AdminGetUser; negativo definitivo → Deny; fallo de infra → cae a offline.
7
+ * - ONLINE_STRICT: AdminGetUser; negativo definitivo O fallo de infra → Deny (fail-closed, regulado).
8
+ */
9
+ export declare enum TokenValidationMode {
10
+ OFFLINE = "offline",
11
+ ONLINE_PREFERRED = "online_preferred",
12
+ ONLINE_STRICT = "online_strict"
13
+ }
@@ -0,0 +1,17 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.TokenValidationMode = void 0;
4
+ /**
5
+ * Modo de validación de tokens por tenant (DEC-RBAC-002 del rbac-authorizer-trigger).
6
+ * Persistido como atributo no-key en PlatformTenantConfig_GT. Los valores string SON el
7
+ * contrato: el authorizer los espeja con un tipo local (no depende de type-kit, DT-7).
8
+ * - OFFLINE: solo firma (JWKS) + permsEpoch. Default. No pega a Cognito.
9
+ * - ONLINE_PREFERRED: AdminGetUser; negativo definitivo → Deny; fallo de infra → cae a offline.
10
+ * - ONLINE_STRICT: AdminGetUser; negativo definitivo O fallo de infra → Deny (fail-closed, regulado).
11
+ */
12
+ var TokenValidationMode;
13
+ (function (TokenValidationMode) {
14
+ TokenValidationMode["OFFLINE"] = "offline";
15
+ TokenValidationMode["ONLINE_PREFERRED"] = "online_preferred";
16
+ TokenValidationMode["ONLINE_STRICT"] = "online_strict";
17
+ })(TokenValidationMode || (exports.TokenValidationMode = TokenValidationMode = {}));
@@ -6,6 +6,7 @@ export type { RoleAssignmentInfo } from './dtos/RoleAssignmentInfo';
6
6
  export type { PermissionMeta } from './dtos/PermissionMeta';
7
7
  export type { EffectivePermissionsResponse } from './dtos/EffectivePermissionsResponse';
8
8
  export * from './enums/MfaMethodEnum';
9
+ export * from './enums/TokenValidationMode';
9
10
  export * from './enums/ChallengeNameEnum';
10
11
  export * from './auth/DefineNextChallengeRequest';
11
12
  export * from './auth/DefineNextChallengeResponse';
@@ -37,6 +37,7 @@ Object.defineProperty(exports, "PermissionCategory", { enumerable: true, get: fu
37
37
  // Fase 1 — Custom Auth Challenge (Email OTP + TOTP) + MFA self-service.
38
38
  // Class values (no type-only) — los DTOs llevan decoradores class-validator y se hidratan con plainToInstance en runtime.
39
39
  __exportStar(require("./enums/MfaMethodEnum"), exports);
40
+ __exportStar(require("./enums/TokenValidationMode"), exports);
40
41
  __exportStar(require("./enums/ChallengeNameEnum"), exports);
41
42
  __exportStar(require("./auth/DefineNextChallengeRequest"), exports);
42
43
  __exportStar(require("./auth/DefineNextChallengeResponse"), exports);
@@ -1,4 +1,5 @@
1
1
  import { OperationEnum } from "../../transaction";
2
+ import { ProductSubtypeEnum } from "../../productCatalog";
2
3
  export declare class TransactionAlarmQueueMessage {
3
4
  directoryId: string;
4
5
  peopleId: string;
@@ -8,6 +9,7 @@ export declare class TransactionAlarmQueueMessage {
8
9
  phoneNumber: string;
9
10
  transactionDate: string;
10
11
  transactionType: string;
12
+ subType?: ProductSubtypeEnum;
11
13
  id: string;
12
14
  operation: OperationEnum;
13
15
  }
@@ -11,6 +11,7 @@ var __metadata = (this && this.__metadata) || function (k, v) {
11
11
  Object.defineProperty(exports, "__esModule", { value: true });
12
12
  exports.TransactionAlarmQueueMessage = void 0;
13
13
  const class_validator_1 = require("class-validator");
14
+ const productCatalog_1 = require("../../productCatalog");
14
15
  class TransactionAlarmQueueMessage {
15
16
  }
16
17
  exports.TransactionAlarmQueueMessage = TransactionAlarmQueueMessage;
@@ -54,6 +55,11 @@ __decorate([
54
55
  (0, class_validator_1.IsNotEmpty)(),
55
56
  __metadata("design:type", String)
56
57
  ], TransactionAlarmQueueMessage.prototype, "transactionType", void 0);
58
+ __decorate([
59
+ (0, class_validator_1.IsString)(),
60
+ (0, class_validator_1.IsOptional)(),
61
+ __metadata("design:type", String)
62
+ ], TransactionAlarmQueueMessage.prototype, "subType", void 0);
57
63
  __decorate([
58
64
  (0, class_validator_1.IsString)(),
59
65
  (0, class_validator_1.IsNotEmpty)(),
@@ -0,0 +1,243 @@
1
+ # http-client → inversify v8 (2.0.0) Implementation Plan
2
+
3
+ > **For agentic workers:** REQUIRED SUB-SKILL: Use superpowers:subagent-driven-development (recommended) or superpowers:executing-plans to implement this plan task-by-task. Steps use checkbox (`- [ ]`) syntax for tracking.
4
+
5
+ **Goal:** Migrar `@fiado/http-client` a inversify 8 (última) y dejarlo listo como major **2.0.0**, con la línea v6 (1.x) como rama de mantenimiento. **No se publica** hasta terminar los cambios y tener visto bueno.
6
+
7
+ **Architecture:** http-client solo usa `@injectable()` sobre `AxiosHttpRequest` (sin inyección por constructor). El cambio es: (1) introducir un smoke test que prueba que la clase se resuelve desde un `Container`, como guardia de regresión; (2) subir inversify a 8 moviéndola a `peerDependency` + `devDependency`; (3) dejar 2.0.0 listo (publicación diferida). Es la lib hoja (sin deps `@fiado`), por eso va primero.
8
+
9
+ **Tech Stack:** TypeScript 5.4, inversify 8.x (^8.1.0), reflect-metadata 0.2.2, axios 1.8, jest + ts-jest (nuevo).
10
+
11
+ **Nota de versión:** se va de v6 directo a **v8** (la última); se salta v7. Confirmado contra las guías oficiales ([v6](https://inversify.io/docs/guides/migrating-from-v6/), [v7](https://inversify.io/docs/guides/migrating-from-v7/)): http-client solo usa `@injectable()`, que **no cambió**.
12
+
13
+ **Constraint ESM:** inversify 8 es **ESM-only**; CommonJS lo consume vía `require(esm)` solo en **Node ≥20**. El build de la lib (tsconfig commonjs) no cambia, pero el harness de jest debe correr en Node 20+ y puede requerir ajuste si jest no resuelve el paquete ESM (ver Task 3 Step 3).
14
+
15
+ **Repo:** `/Users/yhon/fsrc/fiado-http-client` (rama base: `develop`, hoy en 1.0.10, limpia tras pull).
16
+
17
+ ---
18
+
19
+ ## Estructura de archivos
20
+
21
+ - `fiado-http-client/jest.config.js` — **crear**: config jest con preset ts-jest.
22
+ - `fiado-http-client/test/AxiosHttpRequest.di.test.ts` — **crear**: smoke test de resolución por container.
23
+ - `fiado-http-client/package.json` — **modificar**: scripts.test, devDependencies (jest, ts-jest, @types/jest, inversify, reflect-metadata), peerDependencies (inversify, reflect-metadata), quitar inversify de dependencies, bump version.
24
+ - `fiado-http-client/src/AxiosHttpRequest.ts` — **modificar solo si v8 lo exige** (no se espera cambio: `@injectable()` sigue igual).
25
+ - `fiado-http-client/tsconfig.json` — **modificar**: excluir `test/` del build de producción.
26
+
27
+ ---
28
+
29
+ ## Task 1: Montar harness de tests + smoke test (baseline en inversify 6)
30
+
31
+ **Files:**
32
+ - Modify: `fiado-http-client/package.json`
33
+ - Create: `fiado-http-client/jest.config.js`
34
+ - Create: `fiado-http-client/test/AxiosHttpRequest.di.test.ts`
35
+ - Modify: `fiado-http-client/tsconfig.json`
36
+
37
+ - [ ] **Step 1: Instalar dependencias de test**
38
+
39
+ Run:
40
+ ```bash
41
+ cd /Users/yhon/fsrc/fiado-http-client
42
+ npm install -D jest@^29 ts-jest@^29 @types/jest@^29
43
+ ```
44
+ Expected: se agregan a `devDependencies`, sin errores de peer deps.
45
+
46
+ - [ ] **Step 2: Crear `jest.config.js`**
47
+
48
+ ```js
49
+ /** @type {import('ts-jest').JestConfigWithTsJest} */
50
+ module.exports = {
51
+ preset: 'ts-jest',
52
+ testEnvironment: 'node',
53
+ testMatch: ['**/test/**/*.test.ts'],
54
+ setupFiles: ['reflect-metadata'],
55
+ };
56
+ ```
57
+
58
+ - [ ] **Step 3: Actualizar el script de test en `package.json`**
59
+
60
+ Reemplazar la línea `"test": "test",` por:
61
+ ```json
62
+ "test": "jest",
63
+ ```
64
+
65
+ - [ ] **Step 4: Excluir `test/` del build en `tsconfig.json`**
66
+
67
+ Agregar a `exclude` (junto a `node_modules`):
68
+ ```json
69
+ "exclude": [
70
+ "node_modules",
71
+ "test"
72
+ ]
73
+ ```
74
+
75
+ - [ ] **Step 5: Escribir el smoke test (debe pasar con inversify 6 actual)**
76
+
77
+ Create `test/AxiosHttpRequest.di.test.ts`:
78
+ ```ts
79
+ import 'reflect-metadata';
80
+ import { Container } from 'inversify';
81
+ import { AxiosHttpRequest } from '../src/AxiosHttpRequest';
82
+ import { IHttpRequest } from '../src/IHttpRequest';
83
+
84
+ describe('AxiosHttpRequest DI', () => {
85
+ it('se resuelve como IHttpRequest desde un Container de inversify', () => {
86
+ const container = new Container();
87
+ container.bind<IHttpRequest>('IHttpRequest').to(AxiosHttpRequest);
88
+
89
+ const instance = container.get<IHttpRequest>('IHttpRequest');
90
+
91
+ expect(instance).toBeInstanceOf(AxiosHttpRequest);
92
+ expect(typeof instance.get).toBe('function');
93
+ expect(typeof instance.post).toBe('function');
94
+ });
95
+ });
96
+ ```
97
+
98
+ - [ ] **Step 6: Correr el test (baseline verde en inversify 6)**
99
+
100
+ Run:
101
+ ```bash
102
+ cd /Users/yhon/fsrc/fiado-http-client && npm test
103
+ ```
104
+ Expected: PASS (1 test). Esto fija el baseline antes del bump.
105
+
106
+ - [ ] **Step 7: Commit**
107
+
108
+ ```bash
109
+ cd /Users/yhon/fsrc/fiado-http-client
110
+ git add jest.config.js test/AxiosHttpRequest.di.test.ts package.json package-lock.json tsconfig.json
111
+ git commit -m "test: add DI smoke test and jest harness for http-client"
112
+ ```
113
+
114
+ ---
115
+
116
+ ## Task 2: Crear rama de mantenimiento v6 antes de subir develop a v8
117
+
118
+ **Files:** ninguno (operación de git/branch)
119
+
120
+ - [ ] **Step 1: Cortar la rama de mantenimiento desde el develop actual (1.x)**
121
+
122
+ Run:
123
+ ```bash
124
+ cd /Users/yhon/fsrc/fiado-http-client
125
+ git checkout -b release/1.x
126
+ git push -u origin release/1.x
127
+ git checkout develop
128
+ ```
129
+ Expected: `release/1.x` creada en remoto desde 1.0.10. `develop` será la línea v8.
130
+
131
+ ---
132
+
133
+ ## Task 3: Subir inversify a v8 como peerDependency
134
+
135
+ **Files:**
136
+ - Modify: `fiado-http-client/package.json`
137
+ - (posible) Modify: `fiado-http-client/src/AxiosHttpRequest.ts`
138
+
139
+ - [ ] **Step 1: Quitar inversify de `dependencies` e instalar v8 como peer + dev**
140
+
141
+ Editar `package.json`:
142
+ - Quitar `"inversify": "^6.0.2"` de `dependencies` (dejar ahí solo `axios` y `typescript`).
143
+ - Agregar bloque:
144
+ ```json
145
+ "peerDependencies": {
146
+ "inversify": "^8.0.0",
147
+ "reflect-metadata": "^0.2.2"
148
+ },
149
+ ```
150
+ - Agregar a `devDependencies`: `"inversify": "^8.1.0"`, `"reflect-metadata": "^0.2.2"`.
151
+
152
+ Luego instalar:
153
+ ```bash
154
+ cd /Users/yhon/fsrc/fiado-http-client
155
+ npm install
156
+ ```
157
+ Expected: inversify 8.x en `node_modules`, sin errores.
158
+
159
+ - [ ] **Step 2: Compilar contra v8**
160
+
161
+ Run:
162
+ ```bash
163
+ cd /Users/yhon/fsrc/fiado-http-client && npm run build
164
+ ```
165
+ Expected: PASS. Si falla por la API de decoradores, ajustar el import de `@injectable` según la guía v8 (no se espera; `import { injectable } from 'inversify'` sigue válido).
166
+
167
+ - [ ] **Step 3: Correr el smoke test contra v8 (debe seguir verde)**
168
+
169
+ Run:
170
+ ```bash
171
+ node --version # debe ser >= 20 (inversify 8 es ESM-only)
172
+ cd /Users/yhon/fsrc/fiado-http-client && npm test
173
+ ```
174
+ Expected: PASS. Notas según la guía oficial:
175
+ - `container.get()` **sigue síncrono** en v8 (convención sync-first), así que el test no debería requerir `getAsync`.
176
+ - Si jest falla al cargar inversify 8 por ser **ESM-only** (error tipo `Cannot use import statement outside a module` o `ERR_REQUIRE_ESM`), habilitar ESM en jest: correr con `NODE_OPTIONS=--experimental-vm-modules`, `preset: 'ts-jest/presets/default-esm'` y `extensionsToTreatAsEsm: ['.ts']` en `jest.config.js`. Documentar el ajuste final para reutilizarlo en las demás libs.
177
+
178
+ - [ ] **Step 4: Commit**
179
+
180
+ ```bash
181
+ cd /Users/yhon/fsrc/fiado-http-client
182
+ git add package.json package-lock.json src/
183
+ git commit -m "feat!: bump inversify to v8 as peerDependency
184
+
185
+ BREAKING CHANGE: requires inversify ^8 in the consumer. inversify ya no
186
+ es dependency directa; ahora es peerDependency para compartir una sola
187
+ instancia con el container del consumidor."
188
+ ```
189
+
190
+ ---
191
+
192
+ ## Task 4: Bump a 2.0.0 (sin publicar)
193
+
194
+ **Files:**
195
+ - Modify: `fiado-http-client/package.json`
196
+
197
+ - [ ] **Step 1: Subir la versión a 2.0.0**
198
+
199
+ Run:
200
+ ```bash
201
+ cd /Users/yhon/fsrc/fiado-http-client
202
+ npm version 2.0.0 --no-git-tag-version
203
+ ```
204
+ Expected: `package.json` queda en `"version": "2.0.0"`.
205
+
206
+ - [ ] **Step 2: Build limpio y verificación final**
207
+
208
+ Run:
209
+ ```bash
210
+ cd /Users/yhon/fsrc/fiado-http-client && npm run build && npm test
211
+ ```
212
+ Expected: build OK + test PASS.
213
+
214
+ - [ ] **Step 3: Commit y tag (sin publicar a npm)**
215
+
216
+ ```bash
217
+ cd /Users/yhon/fsrc/fiado-http-client
218
+ git add package.json
219
+ git commit -m "2.0.0"
220
+ git tag v2.0.0
221
+ git push origin develop --tags
222
+ ```
223
+
224
+ - [ ] **Step 4: Publicación — EN ESPERA**
225
+
226
+ > **NO publicar todavía.** Por instrucción del usuario, ninguna lib se publica a
227
+ > npm hasta terminar todos los cambios del set (http-client, gateway-adapter,
228
+ > api-invoker) y tener visto bueno explícito. Cuando se autorice, el publish
229
+ > será (resolviendo antes el token de npm del `.npmrc`, ver spec §Seguridad):
230
+ >
231
+ > ```bash
232
+ > npm publish # 2.0.0 como dist-tag "latest"
233
+ > npm dist-tag add @fiado/http-client@1.0.10 legacy-v6
234
+ > ```
235
+
236
+ ---
237
+
238
+ ## Self-Review
239
+
240
+ - **Cobertura del spec:** http-client es la primera lib del §5 del spec; este plan cubre su migración (v8), la creación de la línea de mantenimiento (§6) y deja el publish documentado pero **en espera** (instrucción del usuario). gateway-adapter + api-invoker y las lambdas son planes aparte.
241
+ - **peerDependency:** decisión añadida sobre el spec para garantizar una sola instancia de inversify a través de la frontera lib↔lambda. Coherente con la causa raíz del §2.
242
+ - **Sin placeholders:** todos los pasos tienen comando o código concreto.
243
+ - **Riesgo abierto:** si `container.get` resultara async en 8.x, el Step 3 de Task 3 lo detecta y obliga a actualizar el test; ese hallazgo se documenta para el codemod de las lambdas.