paperclip/packages/shared/src/validators/access.ts

import { z } from "zod";
import {
  INVITE_JOIN_TYPES,
  JOIN_REQUEST_STATUSES,
  JOIN_REQUEST_TYPES,
  PERMISSION_KEYS,
} from "../constants.js";
import { optionalAgentAdapterTypeSchema } from "../adapter-type.js";

export const createCompanyInviteSchema = z.object({
  allowedJoinTypes: z.enum(INVITE_JOIN_TYPES).default("both"),
  defaultsPayload: z.record(z.string(), z.unknown()).optional().nullable(),
  agentMessage: z.string().max(4000).optional().nullable(),
});

export type CreateCompanyInvite = z.infer<typeof createCompanyInviteSchema>;

export const createOpenClawInvitePromptSchema = z.object({
  agentMessage: z.string().max(4000).optional().nullable(),
});

export type CreateOpenClawInvitePrompt = z.infer<
  typeof createOpenClawInvitePromptSchema
>;

export const acceptInviteSchema = z.object({
  requestType: z.enum(JOIN_REQUEST_TYPES),
  agentName: z.string().min(1).max(120).optional(),
  adapterType: optionalAgentAdapterTypeSchema,
  capabilities: z.string().max(4000).optional().nullable(),
  agentDefaultsPayload: z.record(z.string(), z.unknown()).optional().nullable(),
  // OpenClaw join compatibility fields accepted at top level.
  responsesWebhookUrl: z.string().max(4000).optional().nullable(),
  responsesWebhookMethod: z.string().max(32).optional().nullable(),
  responsesWebhookHeaders: z.record(z.string(), z.unknown()).optional().nullable(),
  paperclipApiUrl: z.string().max(4000).optional().nullable(),
  webhookAuthHeader: z.string().max(4000).optional().nullable(),
});

export type AcceptInvite = z.infer<typeof acceptInviteSchema>;

export const listJoinRequestsQuerySchema = z.object({
  status: z.enum(JOIN_REQUEST_STATUSES).optional(),
  requestType: z.enum(JOIN_REQUEST_TYPES).optional(),
});

export type ListJoinRequestsQuery = z.infer<typeof listJoinRequestsQuerySchema>;

export const claimJoinRequestApiKeySchema = z.object({
  claimSecret: z.string().min(16).max(256),
});

export type ClaimJoinRequestApiKey = z.infer<typeof claimJoinRequestApiKeySchema>;

export const boardCliAuthAccessLevelSchema = z.enum([
  "board",
  "instance_admin_required",
]);

export type BoardCliAuthAccessLevel = z.infer<typeof boardCliAuthAccessLevelSchema>;

export const createCliAuthChallengeSchema = z.object({
  command: z.string().min(1).max(240),
  clientName: z.string().max(120).optional().nullable(),
  requestedAccess: boardCliAuthAccessLevelSchema.default("board"),
  requestedCompanyId: z.string().uuid().optional().nullable(),
});

export type CreateCliAuthChallenge = z.infer<typeof createCliAuthChallengeSchema>;

export const resolveCliAuthChallengeSchema = z.object({
  token: z.string().min(16).max(256),
});

export type ResolveCliAuthChallenge = z.infer<typeof resolveCliAuthChallengeSchema>;

export const updateMemberPermissionsSchema = z.object({
  grants: z.array(
    z.object({
      permissionKey: z.enum(PERMISSION_KEYS),
      scope: z.record(z.string(), z.unknown()).optional().nullable(),
    }),
  ),
});

export type UpdateMemberPermissions = z.infer<typeof updateMemberPermissionsSchema>;

export const updateUserCompanyAccessSchema = z.object({
  companyIds: z.array(z.string().uuid()).default([]),
});

export type UpdateUserCompanyAccess = z.infer<typeof updateUserCompanyAccessSchema>;
feat: add auth/access foundation - deps, DB schema, shared types, and config Add Better Auth, drizzle-orm, @dnd-kit, and remark-gfm dependencies. Introduce DB schema for auth tables (user, session, account, verification), company memberships, instance user roles, permission grants, invites, and join requests. Add assigneeUserId to issues. Extend shared config schema with deployment mode/exposure/auth settings, add access types and validators, and wire up new API path constants. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-02-23 14:40:16 -06:00			`import { z } from "zod";`
			`import {`
			`INVITE_JOIN_TYPES,`
			`JOIN_REQUEST_STATUSES,`
			`JOIN_REQUEST_TYPES,`
			`PERMISSION_KEYS,`
			`} from "../constants.js";`
feat(adapters): external adapter plugin system with dynamic UI parser - Plugin loader: install/reload/remove/reinstall external adapters from npm packages or local directories - Plugin store persisted at ~/.paperclip/adapter-plugins.json - Self-healing UI parser resolution with version caching - UI: Adapter Manager page, dynamic loader, display registry with humanized names for unknown adapter types - Dev watch: exclude adapter-plugins dir from tsx watcher to prevent mid-request server restarts during reinstall - All consumer fallbacks use getAdapterLabel() for consistent display - AdapterTypeDropdown uses controlled open state for proper close behavior - Remove hermes-local from built-in UI (externalized to plugin) - Add docs for external adapters and UI parser contract 2026-03-31 20:21:13 +01:00			`import { optionalAgentAdapterTypeSchema } from "../adapter-type.js";`
feat: add auth/access foundation - deps, DB schema, shared types, and config Add Better Auth, drizzle-orm, @dnd-kit, and remark-gfm dependencies. Introduce DB schema for auth tables (user, session, account, verification), company memberships, instance user roles, permission grants, invites, and join requests. Add assigneeUserId to issues. Extend shared config schema with deployment mode/exposure/auth settings, add access types and validators, and wire up new API path constants. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-02-23 14:40:16 -06:00
			`export const createCompanyInviteSchema = z.object({`
			`allowedJoinTypes: z.enum(INVITE_JOIN_TYPES).default("both"),`
			`defaultsPayload: z.record(z.string(), z.unknown()).optional().nullable(),`
Add agent invite message flow and txt onboarding link UX 2026-03-05 12:10:01 -06:00			`agentMessage: z.string().max(4000).optional().nullable(),`
feat: add auth/access foundation - deps, DB schema, shared types, and config Add Better Auth, drizzle-orm, @dnd-kit, and remark-gfm dependencies. Introduce DB schema for auth tables (user, session, account, verification), company memberships, instance user roles, permission grants, invites, and join requests. Add assigneeUserId to issues. Extend shared config schema with deployment mode/exposure/auth settings, add access types and validators, and wire up new API path constants. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-02-23 14:40:16 -06:00			`});`

			`export type CreateCompanyInvite = z.infer<typeof createCompanyInviteSchema>;`

Add CEO OpenClaw invite endpoint and update onboarding UX 2026-03-07 18:19:06 -06:00			`export const createOpenClawInvitePromptSchema = z.object({`
			`agentMessage: z.string().max(4000).optional().nullable(),`
			`});`

			`export type CreateOpenClawInvitePrompt = z.infer<`
			`typeof createOpenClawInvitePromptSchema`
			`>;`

feat: add auth/access foundation - deps, DB schema, shared types, and config Add Better Auth, drizzle-orm, @dnd-kit, and remark-gfm dependencies. Introduce DB schema for auth tables (user, session, account, verification), company memberships, instance user roles, permission grants, invites, and join requests. Add assigneeUserId to issues. Extend shared config schema with deployment mode/exposure/auth settings, add access types and validators, and wire up new API path constants. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-02-23 14:40:16 -06:00			`export const acceptInviteSchema = z.object({`
			`requestType: z.enum(JOIN_REQUEST_TYPES),`
			`agentName: z.string().min(1).max(120).optional(),`
feat(adapters): external adapter plugin system with dynamic UI parser - Plugin loader: install/reload/remove/reinstall external adapters from npm packages or local directories - Plugin store persisted at ~/.paperclip/adapter-plugins.json - Self-healing UI parser resolution with version caching - UI: Adapter Manager page, dynamic loader, display registry with humanized names for unknown adapter types - Dev watch: exclude adapter-plugins dir from tsx watcher to prevent mid-request server restarts during reinstall - All consumer fallbacks use getAdapterLabel() for consistent display - AdapterTypeDropdown uses controlled open state for proper close behavior - Remove hermes-local from built-in UI (externalized to plugin) - Add docs for external adapters and UI parser contract 2026-03-31 20:21:13 +01:00			`adapterType: optionalAgentAdapterTypeSchema,`
feat: add auth/access foundation - deps, DB schema, shared types, and config Add Better Auth, drizzle-orm, @dnd-kit, and remark-gfm dependencies. Introduce DB schema for auth tables (user, session, account, verification), company memberships, instance user roles, permission grants, invites, and join requests. Add assigneeUserId to issues. Extend shared config schema with deployment mode/exposure/auth settings, add access types and validators, and wire up new API path constants. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-02-23 14:40:16 -06:00			`capabilities: z.string().max(4000).optional().nullable(),`
			`agentDefaultsPayload: z.record(z.string(), z.unknown()).optional().nullable(),`
Fix OpenClaw invite accept config mapping and logging 2026-03-06 09:36:20 -06:00			`// OpenClaw join compatibility fields accepted at top level.`
			`responsesWebhookUrl: z.string().max(4000).optional().nullable(),`
			`responsesWebhookMethod: z.string().max(32).optional().nullable(),`
			`responsesWebhookHeaders: z.record(z.string(), z.unknown()).optional().nullable(),`
			`paperclipApiUrl: z.string().max(4000).optional().nullable(),`
			`webhookAuthHeader: z.string().max(4000).optional().nullable(),`
feat: add auth/access foundation - deps, DB schema, shared types, and config Add Better Auth, drizzle-orm, @dnd-kit, and remark-gfm dependencies. Introduce DB schema for auth tables (user, session, account, verification), company memberships, instance user roles, permission grants, invites, and join requests. Add assigneeUserId to issues. Extend shared config schema with deployment mode/exposure/auth settings, add access types and validators, and wire up new API path constants. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-02-23 14:40:16 -06:00			`});`

			`export type AcceptInvite = z.infer<typeof acceptInviteSchema>;`

			`export const listJoinRequestsQuerySchema = z.object({`
			`status: z.enum(JOIN_REQUEST_STATUSES).optional(),`
			`requestType: z.enum(JOIN_REQUEST_TYPES).optional(),`
			`});`

			`export type ListJoinRequestsQuery = z.infer<typeof listJoinRequestsQuerySchema>;`

feat: join request claim secrets, onboarding API, and company branding Add secure claim secret flow for agent join requests with timing-safe comparison, expiry, and one-time use. Expose machine-readable onboarding manifests and skill index API endpoints. Add company brand color with hex validation, pattern icon generation, and settings page integration. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-02-26 16:33:20 -06:00			`export const claimJoinRequestApiKeySchema = z.object({`
			`claimSecret: z.string().min(16).max(256),`
			`});`

			`export type ClaimJoinRequestApiKey = z.infer<typeof claimJoinRequestApiKeySchema>;`

Add browser-based board CLI auth flow Co-Authored-By: Paperclip <noreply@paperclip.ing> 2026-03-23 07:48:03 -05:00			`export const boardCliAuthAccessLevelSchema = z.enum([`
			`"board",`
			`"instance_admin_required",`
			`]);`

			`export type BoardCliAuthAccessLevel = z.infer<typeof boardCliAuthAccessLevelSchema>;`

			`export const createCliAuthChallengeSchema = z.object({`
			`command: z.string().min(1).max(240),`
			`clientName: z.string().max(120).optional().nullable(),`
			`requestedAccess: boardCliAuthAccessLevelSchema.default("board"),`
			`requestedCompanyId: z.string().uuid().optional().nullable(),`
			`});`

			`export type CreateCliAuthChallenge = z.infer<typeof createCliAuthChallengeSchema>;`

			`export const resolveCliAuthChallengeSchema = z.object({`
			`token: z.string().min(16).max(256),`
			`});`

			`export type ResolveCliAuthChallenge = z.infer<typeof resolveCliAuthChallengeSchema>;`

feat: add auth/access foundation - deps, DB schema, shared types, and config Add Better Auth, drizzle-orm, @dnd-kit, and remark-gfm dependencies. Introduce DB schema for auth tables (user, session, account, verification), company memberships, instance user roles, permission grants, invites, and join requests. Add assigneeUserId to issues. Extend shared config schema with deployment mode/exposure/auth settings, add access types and validators, and wire up new API path constants. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-02-23 14:40:16 -06:00			`export const updateMemberPermissionsSchema = z.object({`
			`grants: z.array(`
			`z.object({`
			`permissionKey: z.enum(PERMISSION_KEYS),`
			`scope: z.record(z.string(), z.unknown()).optional().nullable(),`
			`}),`
			`),`
			`});`

			`export type UpdateMemberPermissions = z.infer<typeof updateMemberPermissionsSchema>;`

			`export const updateUserCompanyAccessSchema = z.object({`
			`companyIds: z.array(z.string().uuid()).default([]),`
			`});`

			`export type UpdateUserCompanyAccess = z.infer<typeof updateUserCompanyAccessSchema>;`