piper-utils 1.1.65 → 1.1.66

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "piper-utils",
-    "version": "1.1.65",
+    "version": "1.1.66",
     "description": "Utility library for Piper",
     "main": "bin/main.js",
     "scripts": {

package/src/database/dbUtils/partnerAccess/accessContext.js

@@ -0,0 +1,70 @@
+import { isSuperUser, isPartnerUser, getAccessRightsInfo } from '../queryStringUtils/accessRightsUtils.js';
+import { errorList } from '../../../requestResponse/errorCodes.js';
+
+/**
+ * Resolve the caller's access level from the Lambda event.
+ * Synchronous — reads JWT claims only, no Dynamo lookups.
+ *
+ * Returns an access object:
+ *   { level: 'global' }                              — super user or local/test env
+ *   { level: 'partner', partnerId, partnerBusinessId: null, businessIds: null }
+ *   { level: 'standard', businessIds: string[] }
+ *
+ * Partner fields (partnerBusinessId, businessIds) start null and are
+ * lazy-loaded by ensurePartnerScope on first use.
+ *
+ * @param {object} event - Lambda event with Cognito authorizer claims.
+ * @returns {object} Access object.
+ */
+export function resolveAccess(event) {
+    if (isSuperUser(event)) {
+        return { level: 'global' };
+    }
+
+    const env = process.env.BUILD_ENV;
+    if (env === 'local' || env === 'test') {
+        return { level: 'global' };
+    }
+
+    const partnerId = isPartnerUser(event);
+    if (partnerId) {
+        return { level: 'partner', partnerId, partnerBusinessId: null, businessIds: null };
+    }
+
+    const arBusinessIds = getAccessRightsInfo(event);
+    const businessIds = Object.keys(arBusinessIds);
+    if (businessIds.length > 0) {
+        return { level: 'standard', businessIds };
+    }
+
+    throw errorList.unauthorized;
+}
+
+/**
+ * Lazy-load partner scope from Dynamo. Populates partnerBusinessId and
+ * businessIds on the access object, then caches for the request lifetime.
+ *
+ * No-op for non-partner access objects or if already loaded.
+ *
+ * @param {object} access - Access object from resolveAccess.
+ * @param {{ getPartnerById: Function }} deps - Injected so piper-utils stays DB-agnostic.
+ * @returns {object} The same access object, now populated.
+ */
+export async function ensurePartnerScope(access, { getPartnerById }) {
+    if (!access || access.level !== 'partner') {
+        return access;
+    }
+    if (access.businessIds !== null && access.businessIds !== undefined) {
+        return access;
+    }
+    try {
+        const partner = await getPartnerById(access.partnerId);
+        access.businessIds = partner?.businessIds || [];
+        access.partnerBusinessId = partner?.partnerBusinessId || null;
+    } catch (err) {
+        console.error('partnerAccess: failed to load partner for scoping:', err);
+        access.businessIds = [];
+        access.partnerBusinessId = null;
+    }
+    return access;
+}

package/src/database/dbUtils/partnerAccess/accessGates.js

@@ -0,0 +1,34 @@
+import { errorList } from '../../../requestResponse/errorCodes.js';
+
+/**
+ * Gate: CRM routes — rejects standard users. Super and partner pass.
+ * @param {object} access - Access object from resolveAccess.
+ */
+export function requireCrmAccess(access) {
+    if (!access) {
+        throw errorList.unauthorized;
+    }
+    if (access.level === 'standard') {
+        throw errorList.unauthorized;
+    }
+}
+
+/**
+ * Gate: Ticket routes — all three user types pass. Only rejects null access.
+ * @param {object} access - Access object from resolveAccess.
+ */
+export function requireTicketAccess(access) {
+    if (!access) {
+        throw errorList.unauthorized;
+    }
+}
+
+/**
+ * Gate: Super-only routes — throws unless global.
+ * @param {object} access - Access object from resolveAccess.
+ */
+export function requireSuper(access) {
+    if (!access || access.level !== 'global') {
+        throw errorList.unauthorized;
+    }
+}

package/src/database/dbUtils/partnerAccess/accessScope.js

@@ -0,0 +1,99 @@
+import _ from 'lodash';
+import { ensurePartnerScope } from './accessContext.js';
+import { errorList } from '../../../requestResponse/errorCodes.js';
+
+/**
+ * Scope a WHERE clause to the partner's own business (partnerBusinessId).
+ * Use for "mine" resources: deal, activity, application, template.
+ *
+ *   global   → deletes where.businessId (super sees everything)
+ *   partner  → sets where.businessId = partnerBusinessId
+ *              throws partnerNotConfigured if partnerBusinessId is missing
+ *   standard → no-op (createFilters already handled)
+ *
+ * @param {object} where  - Sequelize WHERE clause to mutate.
+ * @param {object} access - Access object from resolveAccess.
+ * @param {{ getPartnerById: Function }} deps
+ */
+export async function scopeToOwnBusiness(where, access, { getPartnerById } = {}) {
+    if (!access) {
+        throw errorList.unauthorized;
+    }
+    if (access.level === 'global') {
+        delete where.businessId;
+        return;
+    }
+    if (access.level === 'partner') {
+        await ensurePartnerScope(access, { getPartnerById });
+        if (!access.partnerBusinessId) {
+            throw errorList.partnerNotConfigured;
+        }
+        where.businessId = access.partnerBusinessId;
+        return;
+    }
+    // standard → no-op (createFilters already injected from JWT)
+}
+
+/**
+ * Scope a WHERE clause to the partner's portfolio (businessIds array).
+ * Use for "book" resources (future transaction lists, merchant inbox views).
+ *
+ *   global   → deletes where.businessId
+ *   partner  → sets where.businessId = businessIds[]
+ *   standard → no-op
+ *
+ * @param {object} where  - Sequelize WHERE clause to mutate.
+ * @param {object} access - Access object from resolveAccess.
+ * @param {{ getPartnerById: Function }} deps
+ */
+export async function scopeToPartnerBook(where, access, { getPartnerById } = {}) {
+    if (!access) {
+        throw errorList.unauthorized;
+    }
+    if (access.level === 'global') {
+        delete where.businessId;
+        return;
+    }
+    if (access.level === 'partner') {
+        await ensurePartnerScope(access, { getPartnerById });
+        where.businessId = access.businessIds || [];
+        return;
+    }
+    // standard → no-op
+}
+
+/**
+ * Scope to the union of partnerBusinessId + businessIds.
+ * Use for tickets — partner sees own tickets + portfolio merchants' tickets.
+ *
+ *   global   → deletes where.businessId
+ *   partner  → sets where.businessId = [partnerBusinessId, ...businessIds]
+ *   standard → sets where.businessId = access.businessIds
+ *              (explicitly handled here because ticket routes may not call
+ *               createFilters before scoping, e.g. delete/resolve handlers)
+ *
+ * @param {object} where  - Sequelize WHERE clause to mutate.
+ * @param {object} access - Access object from resolveAccess.
+ * @param {{ getPartnerById: Function }} deps
+ */
+export async function scopeToBookUnionOwn(where, access, { getPartnerById } = {}) {
+    if (!access) {
+        throw errorList.unauthorized;
+    }
+    if (access.level === 'global') {
+        delete where.businessId;
+        return;
+    }
+    if (access.level === 'partner') {
+        await ensurePartnerScope(access, { getPartnerById });
+        const ids = _.uniq(
+            [access.partnerBusinessId, ...(access.businessIds || [])].filter(Boolean)
+        );
+        where.businessId = ids;
+        return;
+    }
+    if (access.level === 'standard') {
+        where.businessId = access.businessIds;
+        return;
+    }
+}

package/src/database/dbUtils/partnerAccess/accessWrites.js

@@ -0,0 +1,128 @@
+import _ from 'lodash';
+import { ensurePartnerScope } from './accessContext.js';
+import { errorList } from '../../../requestResponse/errorCodes.js';
+
+/**
+ * Assert the caller can write to their own business.
+ * For partner: businessId must equal partnerBusinessId.
+ *
+ *   global   → allow
+ *   partner  → businessId must equal partnerBusinessId; throws if not
+ *   standard → throws (CRM routes gate standard users before reaching this)
+ *
+ * @param {object} access     - Access object from resolveAccess.
+ * @param {string} businessId - The businessId being written to.
+ * @param {{ getPartnerById: Function }} deps
+ */
+export async function assertCanWriteOwnBusiness(access, businessId, { getPartnerById } = {}) {
+    if (!access) {
+        throw errorList.unauthorized;
+    }
+    if (access.level === 'global') {
+        return;
+    }
+    if (access.level === 'partner') {
+        await ensurePartnerScope(access, { getPartnerById });
+        if (!access.partnerBusinessId) {
+            throw { ...errorList.partnerNotConfigured };
+        }
+        if (businessId !== access.partnerBusinessId) {
+            throw errorList.unauthorized;
+        }
+        return;
+    }
+    throw errorList.unauthorized;
+}
+
+/**
+ * Assert the caller can write to a business in their portfolio.
+ * For partner: businessId must be in the businessIds array.
+ *
+ *   global   → allow
+ *   standard → allow (handled elsewhere via checkWriteAccess)
+ *   partner  → businessId must be in portfolio; throws if not
+ *
+ * @param {object} access     - Access object from resolveAccess.
+ * @param {string} businessId - The businessId being written to.
+ * @param {{ getPartnerById: Function }} deps
+ */
+export async function assertCanWriteBookBusiness(access, businessId, { getPartnerById } = {}) {
+    if (!access) {
+        throw errorList.unauthorized;
+    }
+    if (access.level === 'global') {
+        return;
+    }
+    if (access.level === 'standard') {
+        return;
+    }
+    if (access.level === 'partner') {
+        if (!businessId) {
+            throw { ...errorList.invalidRequest, message: 'businessId is required' };
+        }
+        await ensurePartnerScope(access, { getPartnerById });
+        if (!(access.businessIds || []).includes(businessId)) {
+            throw errorList.unauthorized;
+        }
+        return;
+    }
+    throw errorList.unauthorized;
+}
+
+/**
+ * Assert the caller can write to a business in the union of own + portfolio.
+ * For partner: businessId must be partnerBusinessId OR in businessIds[].
+ * Used by ticket write paths.
+ *
+ *   global   → allow
+ *   standard → allow (handled elsewhere via checkWriteAccess)
+ *   partner  → businessId must be in [partnerBusinessId, ...businessIds]
+ *
+ * @param {object} access     - Access object from resolveAccess.
+ * @param {string} businessId - The businessId being written to.
+ * @param {{ getPartnerById: Function }} deps
+ */
+export async function assertCanWriteBookUnionOwn(access, businessId, { getPartnerById } = {}) {
+    if (!access) {
+        throw errorList.unauthorized;
+    }
+    if (access.level === 'global') {
+        return;
+    }
+    if (access.level === 'standard') {
+        return;
+    }
+    if (access.level === 'partner') {
+        if (!businessId) {
+            throw { ...errorList.invalidRequest, message: 'businessId is required' };
+        }
+        await ensurePartnerScope(access, { getPartnerById });
+        const allowed = _.uniq(
+            [access.partnerBusinessId, ...(access.businessIds || [])].filter(Boolean)
+        );
+        if (!allowed.includes(businessId)) {
+            throw errorList.unauthorized;
+        }
+        return;
+    }
+    throw errorList.unauthorized;
+}
+
+/**
+ * Auto-stamp body.businessId from the partner's own business if missing.
+ * No-op for non-partner users or if body.businessId is already set.
+ *
+ * @param {object} access - Access object from resolveAccess.
+ * @param {object} body   - Request body to mutate.
+ * @param {{ getPartnerById: Function }} deps
+ */
+export async function stampOwnBusinessId(access, body, { getPartnerById } = {}) {
+    if (!access || access.level !== 'partner') {
+        return;
+    }
+    if (body.businessId) {
+        return;
+    }
+    await ensurePartnerScope(access, { getPartnerById });
+    body.businessId = access.partnerBusinessId;
+}

package/src/database/dbUtils/partnerAccess/createAccessHelpers.js

@@ -0,0 +1,38 @@
+import { ensurePartnerScope } from './accessContext.js';
+import { scopeToOwnBusiness, scopeToPartnerBook, scopeToBookUnionOwn } from './accessScope.js';
+import {
+    assertCanWriteOwnBusiness,
+    assertCanWriteBookBusiness,
+    assertCanWriteBookUnionOwn,
+    stampOwnBusinessId
+} from './accessWrites.js';
+
+/**
+ * Factory that pre-binds getPartnerById into all scope/assert/stamp helpers.
+ * Bind once at module level, then call without repeating the injection:
+ *
+ *   import { createAccessHelpers } from 'piper-utils';
+ *   import { getPartnerById } from '../partner/partner.js';
+ *
+ *   const {
+ *       scopeToOwnBusiness,
+ *       stampOwnBusinessId,
+ *       assertCanWriteOwnBusiness
+ *   } = createAccessHelpers({ getPartnerById });
+ *
+ * @param {{ getPartnerById: Function }} deps
+ * @returns {object} Pre-bound helpers.
+ */
+export function createAccessHelpers({ getPartnerById }) {
+    const deps = { getPartnerById };
+    return {
+        ensurePartnerScope: (access) => ensurePartnerScope(access, deps),
+        scopeToOwnBusiness: (where, access) => scopeToOwnBusiness(where, access, deps),
+        scopeToPartnerBook: (where, access) => scopeToPartnerBook(where, access, deps),
+        scopeToBookUnionOwn: (where, access) => scopeToBookUnionOwn(where, access, deps),
+        assertCanWriteOwnBusiness: (access, businessId) => assertCanWriteOwnBusiness(access, businessId, deps),
+        assertCanWriteBookBusiness: (access, businessId) => assertCanWriteBookBusiness(access, businessId, deps),
+        assertCanWriteBookUnionOwn: (access, businessId) => assertCanWriteBookUnionOwn(access, businessId, deps),
+        stampOwnBusinessId: (access, body) => stampOwnBusinessId(access, body, deps)
+    };
+}

package/src/index.js

@@ -1,64 +1,82 @@
-import { handleFile as handleFileImport } from './eventManager/handleFile.js';
-import { watchBucket as watchBucketImport } from './eventManager/watchBucket.js';
-import { publishEvents as publishEventsImport } from './eventManager/publishEvents.js';
-import { createIncludes as createIncludesImport } from './database/dbUtils/queryStringUtils/createIncludes.js';
-import { createFilters as createFiltersImport } from './database/dbUtils/queryStringUtils/createFilters.js';
-import { createSort as createSortImport } from './database/dbUtils/queryStringUtils/createSort.js';
-import { findAll as findAllImport } from './database/dbUtils/queryStringUtils/findAll.js';
-import { checkModule as checkModuleImport } from './database/dbUtils/queryStringUtils/accessRightsUtils.js';
-import { checkIsSuper as checkIsSuperImport } from './database/dbUtils/queryStringUtils/accessRightsUtils.js';
-import { getModuleInfo as getModuleInfoImport } from './database/dbUtils/queryStringUtils/accessRightsUtils.js';
-import { getAccessRightsInfo as getAccessRightsInfoImport } from './database/dbUtils/queryStringUtils/accessRightsUtils.js';
-import { getDefaultBusinessIDInfo as getDefaultBusinessIDInfoImport } from './database/dbUtils/queryStringUtils/accessRightsUtils.js';
-import { failure as failureImport, success as successImport } from './requestResponse/requestResponse.js';
-import { runMigrations as runMigrationsImport } from './database/dbSetup/migrations.js';
-import { getCurrentUser as getCurrentUserImport } from './requestResponse/requestResponse.js';
-import { successHtml as successHtmlImport } from './requestResponse/requestResponse.js';
-import { getCurrentUserNameFromCognitoEvent as getCurrentUserNameFromCognitoEventImport } from './requestResponse/requestResponse.js';
-import { defaultFilters as defaultFiltersImport } from './database/dbUtils/queryStringUtils/defaultFilters.js';
-import { accessRightsUtils as accessRightsUtilsImport } from './database/dbUtils/queryStringUtils/accessRightsUtils.js';
-import { parseBody as parseBodyImport } from './requestResponse/requestResponse.js';
-import { parseEvent as parseEventImport } from './requestResponse/requestResponse.js';
-import { getBusinessesInfo as getBusinessesInfoImport } from './database/dbUtils/queryStringUtils/accessRightsUtils.js';
-import { userDefaultBid as userDefaultBidImport } from './database/dbUtils/queryStringUtils/accessRightsUtils.js';
-import { checkWriteAccess as checkWriteAccessImport } from './database/dbUtils/queryStringUtils/accessRightsUtils.js';
-import { isSystemUser as isSystemUserImport } from './database/dbUtils/queryStringUtils/accessRightsUtils.js';
-import { isSuperUser as isSuperUserImport } from './database/dbUtils/queryStringUtils/accessRightsUtils.js';
-import { isPartnerUser as isPartnerUserImport } from './database/dbUtils/queryStringUtils/accessRightsUtils.js';
-import { getBelongsToPartnerId as getBelongsToPartnerIdImport } from './database/dbUtils/queryStringUtils/accessRightsUtils.js';
-import { getEffectivePartnerId as getEffectivePartnerIdImport } from './database/dbUtils/queryStringUtils/accessRightsUtils.js';
-import { enrichEventWithPartnerAccess as enrichEventWithPartnerAccessImport } from './database/dbUtils/queryStringUtils/accessRightsUtils.js';
-import { getCompanySettings as getCompanySettingsImport } from './database/dbUtils/queryStringUtils/accessRightsUtils.js';
-
-export const handleFile = handleFileImport;
-export const watchBucket = watchBucketImport;
-export const publishEvents = publishEventsImport;
-export const createFilters = createFiltersImport;
-export const createIncludes = createIncludesImport;
-export const createSort = createSortImport;
-export const findAll = findAllImport;
-export const checkModule = checkModuleImport;
-export const checkIsSuper = checkIsSuperImport;
-export const getAccessRightsInfo = getAccessRightsInfoImport;
-export const getDefaultBusinessIDInfo = getDefaultBusinessIDInfoImport;
-export const getModuleInfo = getModuleInfoImport;
-export const failure = failureImport;
-export const success = successImport;
-export const runMigrations = runMigrationsImport;
-export const getCurrentUser = getCurrentUserImport;
-export const successHtml = successHtmlImport;
-export const getCurrentUserNameFromCognitoEvent = getCurrentUserNameFromCognitoEventImport;
-export const defaultFilters = defaultFiltersImport;
-export const accessRightsUtils = accessRightsUtilsImport;
-export const parseBody = parseBodyImport;
-export const parseEvent = parseEventImport;
-export const getBusinessesInfo = getBusinessesInfoImport;
-export const userDefaultBid = userDefaultBidImport;
-export const checkWriteAccess = checkWriteAccessImport;
-export const isSystemUser = isSystemUserImport;
-export const isSuperUser = isSuperUserImport;
-export const isPartnerUser = isPartnerUserImport;
-export const getBelongsToPartnerId = getBelongsToPartnerIdImport;
-export const getEffectivePartnerId = getEffectivePartnerIdImport;
-export const enrichEventWithPartnerAccess = enrichEventWithPartnerAccessImport;
-export const getCompanySettings = getCompanySettingsImport;
+import { handleFile as handleFileImport } from './eventManager/handleFile.js';
+import { watchBucket as watchBucketImport } from './eventManager/watchBucket.js';
+import { publishEvents as publishEventsImport } from './eventManager/publishEvents.js';
+import { createIncludes as createIncludesImport } from './database/dbUtils/queryStringUtils/createIncludes.js';
+import { createFilters as createFiltersImport } from './database/dbUtils/queryStringUtils/createFilters.js';
+import { createSort as createSortImport } from './database/dbUtils/queryStringUtils/createSort.js';
+import { findAll as findAllImport } from './database/dbUtils/queryStringUtils/findAll.js';
+import { checkModule as checkModuleImport } from './database/dbUtils/queryStringUtils/accessRightsUtils.js';
+import { checkIsSuper as checkIsSuperImport } from './database/dbUtils/queryStringUtils/accessRightsUtils.js';
+import { getModuleInfo as getModuleInfoImport } from './database/dbUtils/queryStringUtils/accessRightsUtils.js';
+import { getAccessRightsInfo as getAccessRightsInfoImport } from './database/dbUtils/queryStringUtils/accessRightsUtils.js';
+import { getDefaultBusinessIDInfo as getDefaultBusinessIDInfoImport } from './database/dbUtils/queryStringUtils/accessRightsUtils.js';
+import { failure as failureImport, success as successImport } from './requestResponse/requestResponse.js';
+import { runMigrations as runMigrationsImport } from './database/dbSetup/migrations.js';
+import { getCurrentUser as getCurrentUserImport } from './requestResponse/requestResponse.js';
+import { successHtml as successHtmlImport } from './requestResponse/requestResponse.js';
+import { getCurrentUserNameFromCognitoEvent as getCurrentUserNameFromCognitoEventImport } from './requestResponse/requestResponse.js';
+import { defaultFilters as defaultFiltersImport } from './database/dbUtils/queryStringUtils/defaultFilters.js';
+import { accessRightsUtils as accessRightsUtilsImport } from './database/dbUtils/queryStringUtils/accessRightsUtils.js';
+import { parseBody as parseBodyImport } from './requestResponse/requestResponse.js';
+import { parseEvent as parseEventImport } from './requestResponse/requestResponse.js';
+import { getBusinessesInfo as getBusinessesInfoImport } from './database/dbUtils/queryStringUtils/accessRightsUtils.js';
+import { userDefaultBid as userDefaultBidImport } from './database/dbUtils/queryStringUtils/accessRightsUtils.js';
+import { checkWriteAccess as checkWriteAccessImport } from './database/dbUtils/queryStringUtils/accessRightsUtils.js';
+import { isSystemUser as isSystemUserImport } from './database/dbUtils/queryStringUtils/accessRightsUtils.js';
+import { isSuperUser as isSuperUserImport } from './database/dbUtils/queryStringUtils/accessRightsUtils.js';
+import { isPartnerUser as isPartnerUserImport } from './database/dbUtils/queryStringUtils/accessRightsUtils.js';
+import { getBelongsToPartnerId as getBelongsToPartnerIdImport } from './database/dbUtils/queryStringUtils/accessRightsUtils.js';
+import { getEffectivePartnerId as getEffectivePartnerIdImport } from './database/dbUtils/queryStringUtils/accessRightsUtils.js';
+import { enrichEventWithPartnerAccess as enrichEventWithPartnerAccessImport } from './database/dbUtils/queryStringUtils/accessRightsUtils.js';
+import { getCompanySettings as getCompanySettingsImport } from './database/dbUtils/queryStringUtils/accessRightsUtils.js';
+import { resolveAccess as resolveAccessImport, ensurePartnerScope as ensurePartnerScopeImport } from './database/dbUtils/partnerAccess/accessContext.js';
+import { requireCrmAccess as requireCrmAccessImport, requireTicketAccess as requireTicketAccessImport, requireSuper as requireSuperImport } from './database/dbUtils/partnerAccess/accessGates.js';
+import { scopeToOwnBusiness as scopeToOwnBusinessImport, scopeToPartnerBook as scopeToPartnerBookImport, scopeToBookUnionOwn as scopeToBookUnionOwnImport } from './database/dbUtils/partnerAccess/accessScope.js';
+import { assertCanWriteOwnBusiness as assertCanWriteOwnBusinessImport, assertCanWriteBookBusiness as assertCanWriteBookBusinessImport, assertCanWriteBookUnionOwn as assertCanWriteBookUnionOwnImport, stampOwnBusinessId as stampOwnBusinessIdImport } from './database/dbUtils/partnerAccess/accessWrites.js';
+import { createAccessHelpers as createAccessHelpersImport } from './database/dbUtils/partnerAccess/createAccessHelpers.js';
+
+export const handleFile = handleFileImport;
+export const watchBucket = watchBucketImport;
+export const publishEvents = publishEventsImport;
+export const createFilters = createFiltersImport;
+export const createIncludes = createIncludesImport;
+export const createSort = createSortImport;
+export const findAll = findAllImport;
+export const checkModule = checkModuleImport;
+export const checkIsSuper = checkIsSuperImport;
+export const getAccessRightsInfo = getAccessRightsInfoImport;
+export const getDefaultBusinessIDInfo = getDefaultBusinessIDInfoImport;
+export const getModuleInfo = getModuleInfoImport;
+export const failure = failureImport;
+export const success = successImport;
+export const runMigrations = runMigrationsImport;
+export const getCurrentUser = getCurrentUserImport;
+export const successHtml = successHtmlImport;
+export const getCurrentUserNameFromCognitoEvent = getCurrentUserNameFromCognitoEventImport;
+export const defaultFilters = defaultFiltersImport;
+export const accessRightsUtils = accessRightsUtilsImport;
+export const parseBody = parseBodyImport;
+export const parseEvent = parseEventImport;
+export const getBusinessesInfo = getBusinessesInfoImport;
+export const userDefaultBid = userDefaultBidImport;
+export const checkWriteAccess = checkWriteAccessImport;
+export const isSystemUser = isSystemUserImport;
+export const isSuperUser = isSuperUserImport;
+export const isPartnerUser = isPartnerUserImport;
+export const getBelongsToPartnerId = getBelongsToPartnerIdImport;
+export const getEffectivePartnerId = getEffectivePartnerIdImport;
+export const enrichEventWithPartnerAccess = enrichEventWithPartnerAccessImport;
+export const getCompanySettings = getCompanySettingsImport;
+export const resolveAccess = resolveAccessImport;
+export const ensurePartnerScope = ensurePartnerScopeImport;
+export const requireCrmAccess = requireCrmAccessImport;
+export const requireTicketAccess = requireTicketAccessImport;
+export const requireSuper = requireSuperImport;
+export const scopeToOwnBusiness = scopeToOwnBusinessImport;
+export const scopeToPartnerBook = scopeToPartnerBookImport;
+export const scopeToBookUnionOwn = scopeToBookUnionOwnImport;
+export const assertCanWriteOwnBusiness = assertCanWriteOwnBusinessImport;
+export const assertCanWriteBookBusiness = assertCanWriteBookBusinessImport;
+export const assertCanWriteBookUnionOwn = assertCanWriteBookUnionOwnImport;
+export const stampOwnBusinessId = stampOwnBusinessIdImport;
+export const createAccessHelpers = createAccessHelpersImport;

package/src/requestResponse/errorCodes.js

@@ -129,4 +129,9 @@ export const errorList = {
         errorCode: '5001',
         statusCode: 500
     },
+    partnerNotConfigured: {
+        message: 'Partner has no partnerBusinessId configured. Contact support.',
+        errorCode: '4310',
+        statusCode: 400
+    },
 };