mirror of
https://github.com/documenso/documenso.git
synced 2026-06-22 04:12:06 +10:00
Lucas Smith
d5ce222482
Adds Cloud Signature Consortium (CSC) integration for AES/QES signing against a configured TSP. v1 ships as instance-wide configuration via environment variables, with per-envelope signature level selection, license gating, and an OAuth-driven signing flow (capture + FIFO signers, SAD session, blocking/in-progress recipient pages). Includes signature level compatibility checks (role, signing order, dictate next signer), envelope mutability assertions, Prisma migration for signature level and CSC tables, and docs for the new signing certificate options.
49 lines
1.9 KiB
TypeScript
49 lines
1.9 KiB
TypeScript
import { z } from 'zod';
|
|
|
|
import type { JobDefinition } from '../../client/_internal/job';
|
|
|
|
const BACKPORT_SUBSCRIPTION_CLAIM_JOB_DEFINITION_ID = 'internal.backport-subscription-claims';
|
|
|
|
const BACKPORT_SUBSCRIPTION_CLAIM_JOB_DEFINITION_SCHEMA = z.object({
|
|
subscriptionClaimId: z.string(),
|
|
// I would prefer to fetch the subscription within the runner, but
|
|
// it seems the local job runs it asynchronously, so we can't get
|
|
// the updated values in the job.
|
|
flags: z.object({
|
|
unlimitedDocuments: z.literal(true).optional(),
|
|
allowCustomBranding: z.literal(true).optional(),
|
|
hidePoweredBy: z.literal(true).optional(),
|
|
embedAuthoring: z.literal(true).optional(),
|
|
embedAuthoringWhiteLabel: z.literal(true).optional(),
|
|
embedSigning: z.literal(true).optional(),
|
|
embedSigningWhiteLabel: z.literal(true).optional(),
|
|
cfr21: z.literal(true).optional(),
|
|
hipaa: z.literal(true).optional(),
|
|
signingReminders: z.literal(true).optional(),
|
|
cscQesSigning: z.literal(true).optional(),
|
|
// Do NOT backport disableEmails.
|
|
// Todo: Envelopes - Do we need to check?
|
|
// authenticationPortal & emailDomains missing here.
|
|
}),
|
|
});
|
|
|
|
export type TBackportSubscriptionClaimJobDefinition = z.infer<typeof BACKPORT_SUBSCRIPTION_CLAIM_JOB_DEFINITION_SCHEMA>;
|
|
|
|
export const BACKPORT_SUBSCRIPTION_CLAIM_JOB_DEFINITION = {
|
|
id: BACKPORT_SUBSCRIPTION_CLAIM_JOB_DEFINITION_ID,
|
|
name: 'Backport Subscription Claims',
|
|
version: '1.0.0',
|
|
trigger: {
|
|
name: BACKPORT_SUBSCRIPTION_CLAIM_JOB_DEFINITION_ID,
|
|
schema: BACKPORT_SUBSCRIPTION_CLAIM_JOB_DEFINITION_SCHEMA,
|
|
},
|
|
handler: async ({ payload, io }) => {
|
|
const handler = await import('./backport-subscription-claims.handler');
|
|
|
|
await handler.run({ payload: BACKPORT_SUBSCRIPTION_CLAIM_JOB_DEFINITION_SCHEMA.parse(payload), io });
|
|
},
|
|
} as const satisfies JobDefinition<
|
|
typeof BACKPORT_SUBSCRIPTION_CLAIM_JOB_DEFINITION_ID,
|
|
TBackportSubscriptionClaimJobDefinition
|
|
>;
|