npm - piper-utils - Versions diffs - 1.1.61 → 1.1.63 - Mend

piper-utils 1.1.61 → 1.1.63

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/CLAUDE.md +107 -0
package/README.md +846 -759
package/bin/main.js +420 -2075
package/bin/main.js.map +1 -1
package/package.json +1 -1
package/src/requestResponse/requestResponse.js +2 -3
package/src/requestResponse/requestResponse.test.js +1 -1
package/WHITE_LABEL.md +0 -60

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
     "name": "piper-utils",
-    "version": "1.1.61",
+    "version": "1.1.63",
     "description": "Utility library for Piper",
     "main": "bin/main.js",
     "scripts": {

package/src/requestResponse/requestResponse.js CHANGED Viewed

@@ -81,9 +81,8 @@ export function getCurrentUser(event) {
         _.get(event, 'requestContext.authorizer.custom:UID') ||
         '0';
-    const id = JSON.parse(jsonToParse);
     const username = _.get(event, 'requestContext.authorizer.claims.email') || _.get(event, 'requestContext.authorizer.email') || 'localtestuser@gexample.com';
+    const id =  process.env.BUILD_ENV === 'local' ? 1 : JSON.parse(jsonToParse);
     return {
         username,
@@ -213,7 +212,7 @@ export function detectSequelizeError(body) {
     const errorName = _.get(body, 'name', '');
     if (errorName === 'SequelizeForeignKeyConstraintError') {
-        errorBody.message = 'You cannot delete this item as it is in use';
+        errorBody.message = 'You cannot UPDATE or DELETE this item as it is in use';
         errorBody.statusCode = 409;
         errorBody.errorCode = '4090';
         return errorBody;

package/src/requestResponse/requestResponse.test.js CHANGED Viewed

@@ -239,7 +239,7 @@ describe('requestResponse', () => {
             const res = detectSequelizeError(body);
             expect(res).toEqual({
-                message: 'You cannot delete this item as it is in use',
+                message: 'You cannot UPDATE or DELETE this item as it is in use',
                 statusCode: 409,
                 errorCode: '4090'
             });

package/WHITE_LABEL.md DELETED Viewed

@@ -1,60 +0,0 @@
-# White Label Partner System — piper-utils
-## Overview
-This repo provides shared utility functions for identifying partner users and enriching their access rights. These functions are used by piper (ERP) and can be used by any service that processes Lambda events with JWT claims.
-## Files
-| File | Purpose |
-|------|---------|
-| `src/database/dbUtils/queryStringUtils/accessRightsUtils.js` | Added 4 partner functions |
-| `src/index.js` | Exports the new functions |
-## JWT Claims
-Two Cognito custom attributes drive the partner system:
-| Claim | Meaning | Set on |
-|-------|---------|--------|
-| `custom:PID` | User is a partner admin | Partner admin users |
-| `custom:BPID` | User's business belongs to a partner | Merchant users managed by a partner |
-## Functions
-### `isPartnerUser(event)`
-Returns the partner ID from `custom:PID` if present, otherwise `false`. Use this to identify partner admin users who manage multiple businesses.
-### `getBelongsToPartnerId(event)`
-Returns the partner ID from `custom:BPID` if present, otherwise `false`. Use this to identify merchant users whose business is managed by a partner (branding only, no extra access).
-### `getEffectivePartnerId(event)`
-Returns whichever partner ID exists — checks `custom:PID` first, falls back to `custom:BPID`. Used by the whoAmI endpoint to look up branding regardless of user type.
-### `enrichEventWithPartnerAccess(event, partnerBusinessIds, role = 'R')`
-Mutates the event's `custom:AR` claim in-memory to include the partner's business IDs. This is the "enrichment pattern" — the caller does the DB lookup to get the business IDs, then calls this function before calling any existing access control functions like `accessRightsUtils()` or `checkWriteAccess()`.
-**Why mutate instead of making accessRightsUtils async?** The access rights functions are synchronous and used across every service. Making them async would be a massive breaking change. The enrichment pattern keeps them synchronous — the caller does the async DB work, enriches the event, then the existing sync functions work as-is.
-## Example Usage
-```javascript
-import { isPartnerUser, enrichEventWithPartnerAccess } from 'piper-utils';
-// In a route handler:
-const partnerId = isPartnerUser(event);
-if (partnerId) {
-    // Fetch partner's business IDs from DynamoDB
-    const partner = await getPartnerById(partnerId);
-    // Enrich the event so accessRightsUtils sees the partner's businesses
-    enrichEventWithPartnerAccess(event, partner.businessIds, 'R');
-}
-// Now existing access control works as normal
-const businessIds = accessRightsUtils(event);
-// businessIds now includes the partner's businesses with 'R' access
-```
-## Build
-After modifying source files, rebuild with `npm run build`. The compiled output goes to `bin/main.js`. Other repos consume piper-utils via npm, so they need `npm install` or `npm link` to pick up changes.