// ============================================================ // Tipos globais do Portal de Serviços ConsultarTI // ============================================================ // Deve corresponder exatamente ao ENUM da tabela portal_users no banco MySQL export type UserRole = 'admin_global' | 'tenant_admin' | 'tenant_operator' | 'tenant_viewer' // Aliases usados internamente para simplificar checagens de acesso export function isAdminGlobalRole(role: UserRole | string | undefined) { return role === 'admin_global' } export function isTenantAdminRole(role: UserRole | string | undefined) { return role === 'tenant_admin' } export function isTenantMemberRole(role: UserRole | string | undefined) { return role === 'tenant_operator' || role === 'tenant_viewer' } export type Status = 'active' | 'inactive' | 'pending' | 'blocked' export type AgentStatus = 'online' | 'offline' | 'warning' | 'unknown' export type TaskStatus = 'pending' | 'running' | 'success' | 'error' | 'cancelled' export type AuditAction = | 'user.create' | 'user.update' | 'user.disable' | 'user.enable' | 'user.reset_password' | 'user.assign_group' | 'user.remove_group' | 'user.clone' | 'group.create' | 'group.update' | 'group.add_member' | 'group.remove_member' | 'tenant.create' | 'tenant.update' | 'tenant.activate' | 'tenant.deactivate' | 'portal_user.create' | 'portal_user.update' | 'portal_user.block' | 'agent.generate_token' | 'agent.revoke' | 'sync.manual' | 'sync.auto' | 'auth.login' | 'auth.logout' | 'auth.failed' export interface Tenant { id: string name: string domain: string status: Status agentStatus: AgentStatus lastAgentHeartbeat: string | null agentVersion: string | null agentHostname: string | null usersCount: number groupsCount: number portalUsersCount: number createdAt: string updatedAt: string // Config AD baseDn: string defaultUserOU: string defaultGroupOU: string preferredDC: string ldapPort: number useSSL: boolean upnSuffix: string adUser: string } export interface PortalUser { id: string tenantId: string | null tenantName: string | null name: string email: string role: UserRole status: Status mfaEnabled: boolean lastLogin: string | null createdAt: string permissions: Permission[] } export interface Permission { module: string actions: string[] } export interface ADUser { id: string tenantId: string samAccountName: string upn: string displayName: string firstName: string lastName: string email: string department: string | null title: string | null phone: string | null ou: string groups: string[] enabled: boolean passwordNeverExpires: boolean mustChangePassword: boolean cannotChangePassword: boolean lastSync: string createdAt: string } export interface ADGroup { id: string tenantId: string samAccountName: string displayName: string description: string | null dn: string membersCount: number protected: boolean lastSync: string } export interface AgentTask { id: string tenantId: string type: string status: TaskStatus payload: Record result: Record | null errorMessage: string | null createdBy: string createdAt: string startedAt: string | null completedAt: string | null } export interface AuditLog { id: string tenantId: string | null tenantName: string | null userId: string userName: string action: AuditAction objectType: string objectId: string objectName: string details: string ipAddress: string status: 'success' | 'error' taskId: string | null agentResponse: string | null createdAt: string } export interface SyncStatus { tenantId: string tenantName: string lastFullSync: string | null lastPartialSync: string | null syncStatus: 'idle' | 'running' | 'error' | 'never' usersCount: number groupsCount: number errorMessage: string | null } export interface DashboardStats { totalTenants: number activeTenants: number totalPortalUsers: number agentsOnline: number agentsOffline: number tasksToday: number errorsToday: number pendingTasks: number } export interface TenantPolicy { tenantId: string mustChangePasswordOnFirstLogin: boolean cannotChangePassword: boolean passwordNeverExpires: boolean accountStartsEnabled: boolean operatorCanChooseMustChange: boolean operatorCanChooseCannotChange: boolean operatorCanChooseNeverExpires: boolean operatorCanChooseEnabled: boolean }