@onlineapps/infrastructure-tools 1.1.2 → 1.1.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@onlineapps/infrastructure-tools",
|
|
3
|
-
"version": "1.1.
|
|
3
|
+
"version": "1.1.4",
|
|
4
4
|
"description": "Infrastructure orchestration utilities for OA Drive infrastructure services (health tracking, queue initialization, service discovery)",
|
|
5
5
|
"main": "src/index.js",
|
|
6
6
|
"scripts": {
|
|
@@ -19,8 +19,8 @@
|
|
|
19
19
|
"license": "MIT",
|
|
20
20
|
"dependencies": {
|
|
21
21
|
"@onlineapps/infra-logger": "1.0.0",
|
|
22
|
-
"@onlineapps/mq-client-core": "1.0.
|
|
23
|
-
"@onlineapps/service-common": "1.0.
|
|
22
|
+
"@onlineapps/mq-client-core": "1.0.82",
|
|
23
|
+
"@onlineapps/service-common": "1.0.18",
|
|
24
24
|
"@onlineapps/storage-core": "1.0.12",
|
|
25
25
|
"jsonwebtoken": "^9.0.3",
|
|
26
26
|
"uuid": "^9.0.1"
|
|
@@ -9,13 +9,14 @@
|
|
|
9
9
|
* Rules (per JWT_AUTH.md section 7):
|
|
10
10
|
* - Single tenant: auto-pick, x-tenant-uuid header optional
|
|
11
11
|
* - Multiple tenants: x-tenant-uuid header required
|
|
12
|
-
* - workspace_id
|
|
12
|
+
* - workspace_id is required (no fallback) — see docs/standards/tenant-context-contract.md
|
|
13
13
|
*
|
|
14
14
|
* @param {object} auth - req.auth from createJwtValidator: { person_uuid, person_id, email, tenants }
|
|
15
15
|
* @param {object} headers - HTTP request headers (lowercase keys)
|
|
16
16
|
* @returns {object} { tenant_id, tenant_uuid, workspace_id, person_id, person_uuid, role }
|
|
17
|
-
* @throws {Error} with .statusCode = 400 or 403
|
|
17
|
+
* @throws {Error} with .statusCode = 400, 401, or 403
|
|
18
18
|
*/
|
|
19
|
+
// See: docs/standards/tenant-context-contract.md
|
|
19
20
|
function extractTenantContext(auth, headers) {
|
|
20
21
|
if (!auth || !Array.isArray(auth.tenants)) {
|
|
21
22
|
const err = new Error('[TenantContext] Missing auth data - Expected auth object with tenants array');
|
|
@@ -25,7 +26,18 @@ function extractTenantContext(auth, headers) {
|
|
|
25
26
|
|
|
26
27
|
const tenantUuid = headers['x-tenant-uuid'];
|
|
27
28
|
const rawWorkspaceId = headers['x-workspace-id'];
|
|
28
|
-
|
|
29
|
+
|
|
30
|
+
if (!rawWorkspaceId) {
|
|
31
|
+
const err = new Error('[TenantContext] Missing x-workspace-id header - workspace is required for business operations');
|
|
32
|
+
err.statusCode = 400;
|
|
33
|
+
throw err;
|
|
34
|
+
}
|
|
35
|
+
const workspaceId = parseInt(rawWorkspaceId, 10);
|
|
36
|
+
if (isNaN(workspaceId) || workspaceId < 1) {
|
|
37
|
+
const err = new Error(`[TenantContext] Invalid x-workspace-id '${rawWorkspaceId}' - must be a positive integer`);
|
|
38
|
+
err.statusCode = 400;
|
|
39
|
+
throw err;
|
|
40
|
+
}
|
|
29
41
|
|
|
30
42
|
if (tenantUuid) {
|
|
31
43
|
const membership = auth.tenants.find(t => t.tenant_uuid === tenantUuid);
|