/** * @fileoverview * Tenant organizations are organizations in the admin tenant that represent tenants. They are * created when a tenant is created, and are used to define the roles and scopes for the users in * the tenant. * * This module provides utilities to manage tenant organizations. */ import { type CreateOrganization, type OrganizationRole, type OrganizationScope } from '../db-entries/index.js'; /** Given a tenant ID, return the corresponding organization ID in the admin tenant. */ export declare const getTenantOrganizationId: (tenantId: string) => string; /** Given an admin tenant organization ID, check the format and return the corresponding user tenant ID. */ export declare const getTenantIdFromOrganizationId: (organizationId: string) => string; /** * Given a tenant ID, return the organization create data for the admin tenant. It follows a * convention to generate the organization ID and name which can be used across the system. * * @example * ```ts * const tenantId = 'test-tenant'; * const createData = getCreateData(tenantId); * * expect(createData).toEqual({ * tenantId: 'admin', * id: 't-test-tenant', * name: 'Tenant test-tenant', * }); * ``` * * @see {@link getId} for the convention of generating the organization ID. */ export declare const getTenantOrganizationCreateData: (tenantId: string) => Readonly; /** * Scope names in organization template for managing tenants. * * @remarks * Should sync JSDoc descriptions with {@link tenantScopeDescriptions}. */ export declare enum TenantScope { /** Read the tenant data. */ ReadData = "read:data", /** Write the tenant data, including creating and updating the tenant. */ WriteData = "write:data", /** Delete data of the tenant. */ DeleteData = "delete:data", /** Read members of the tenant. */ ReadMember = "read:member", /** Invite members to the tenant. */ InviteMember = "invite:member", /** Remove members from the tenant. */ RemoveMember = "remove:member", /** Update the role of a member in the tenant. */ UpdateMemberRole = "update:member:role", /** Manage the tenant settings, including name, billing, etc. */ ManageTenant = "manage:tenant" } /** * Given a tenant scope, return the corresponding organization scope data in the admin tenant. * * @example * ```ts * const scope = TenantScope.ReadData; // 'read:data' * const scopeData = getTenantScope(scope); * * expect(scopeData).toEqual({ * tenantId: 'admin', * id: 'read-data', * name: 'read:data', * description: 'Read the tenant data.', * }); * ``` * * @see {@link tenantScopeDescriptions} for scope descriptions of each scope. */ export declare const getTenantScope: (scope: TenantScope) => Readonly; /** * Role names in organization template for managing tenants. * * @remarks * Should sync JSDoc descriptions with {@link tenantRoleDescriptions}. */ export declare enum TenantRole { /** Admin of the tenant, who has all permissions. */ Admin = "admin", /** Collaborator of the tenant, who has permissions to operate the tenant data, but not the tenant settings. */ Collaborator = "collaborator" } /** * Given a tenant role, return the corresponding organization role data in the admin tenant. * * @example * ```ts * const role = TenantRole.Collaborator; // 'collaborator' * const roleData = getTenantRole(role); * * expect(roleData).toEqual({ * tenantId: 'admin', * id: 'collaborator', * name: 'collaborator', * description: 'Collaborator of the tenant, who has permissions to operate the tenant data, but not the tenant settings.', * type: RoleType.User, * }); * ``` * * @see {@link tenantRoleDescriptions} for scope descriptions of each role. */ export declare const getTenantRole: (role: TenantRole) => Readonly; /** * The dictionary of tenant roles and their corresponding scopes. * @see {TenantRole} for scope descriptions of each role. */ export declare const tenantRoleScopes: Readonly>>;