|
| 1 | +import { AuditLogEntityType, CommentEntityType } from '@db'; |
| 2 | + |
| 3 | +export const MUTATION_METHODS = new Set(['POST', 'PATCH', 'PUT', 'DELETE']); |
| 4 | + |
| 5 | +export const SENSITIVE_KEYS = new Set([ |
| 6 | + 'password', |
| 7 | + 'secret', |
| 8 | + 'token', |
| 9 | + 'apiKey', |
| 10 | + 'api_key', |
| 11 | + 'accessToken', |
| 12 | + 'access_token', |
| 13 | + 'refreshToken', |
| 14 | + 'refresh_token', |
| 15 | + 'authorization', |
| 16 | + 'credential', |
| 17 | + 'credentials', |
| 18 | + 'privateKey', |
| 19 | + 'private_key', |
| 20 | +]); |
| 21 | + |
| 22 | +export const RESOURCE_TO_ENTITY_TYPE: Record< |
| 23 | + string, |
| 24 | + AuditLogEntityType | null |
| 25 | +> = { |
| 26 | + organization: AuditLogEntityType.organization, |
| 27 | + member: AuditLogEntityType.people, |
| 28 | + invitation: AuditLogEntityType.people, |
| 29 | + control: AuditLogEntityType.control, |
| 30 | + evidence: AuditLogEntityType.task, |
| 31 | + policy: AuditLogEntityType.policy, |
| 32 | + risk: AuditLogEntityType.risk, |
| 33 | + vendor: AuditLogEntityType.vendor, |
| 34 | + task: AuditLogEntityType.task, |
| 35 | + framework: AuditLogEntityType.framework, |
| 36 | + finding: AuditLogEntityType.finding, |
| 37 | + integration: AuditLogEntityType.integration, |
| 38 | + portal: AuditLogEntityType.trust, |
| 39 | + app: AuditLogEntityType.organization, |
| 40 | + questionnaire: AuditLogEntityType.organization, |
| 41 | + audit: null, |
| 42 | +}; |
| 43 | + |
| 44 | +export const RESOURCE_TO_PRISMA_MODEL: Record<string, string> = { |
| 45 | + policy: 'policy', |
| 46 | + vendor: 'vendor', |
| 47 | + risk: 'risk', |
| 48 | + control: 'control', |
| 49 | + finding: 'finding', |
| 50 | + organization: 'organization', |
| 51 | + member: 'member', |
| 52 | + framework: 'frameworkInstance', |
| 53 | + task: 'taskItem', |
| 54 | + portal: 'trust', |
| 55 | +}; |
| 56 | + |
| 57 | +export const COMMENT_ENTITY_TYPE_MAP: Record<string, AuditLogEntityType> = { |
| 58 | + [CommentEntityType.task]: AuditLogEntityType.task, |
| 59 | + [CommentEntityType.vendor]: AuditLogEntityType.vendor, |
| 60 | + [CommentEntityType.risk]: AuditLogEntityType.risk, |
| 61 | + [CommentEntityType.policy]: AuditLogEntityType.policy, |
| 62 | +}; |
| 63 | + |
| 64 | +// Fields that reference the member table and should be resolved to user names. |
| 65 | +// Key = request body field name, value = display label in audit log. |
| 66 | +export const MEMBER_REF_FIELDS: Record<string, string> = { |
| 67 | + assigneeId: 'assignee', |
| 68 | + approverId: 'approver', |
| 69 | +}; |
0 commit comments