From 7db99a7dd560e8b4d1b1efc56a2e41f9ee4bef81 Mon Sep 17 00:00:00 2001 From: Lokowitz Date: Sun, 16 Nov 2025 14:18:17 +0000 Subject: [PATCH] used zod codemod --- server/lib/blueprints/types.ts | 52 ++++++----- server/lib/readConfigFile.ts | 36 ++++---- server/private/lib/readConfigFile.ts | 8 +- .../routers/auditLogs/queryAccessAuditLog.ts | 10 +-- .../routers/auditLogs/queryActionAuditLog.ts | 8 +- .../routers/auth/getSessionTransferToken.ts | 2 +- server/private/routers/auth/quickStart.ts | 4 +- .../routers/billing/createCheckoutSession.ts | 6 +- .../routers/billing/createPortalSession.ts | 6 +- .../routers/billing/getOrgSubscription.ts | 6 +- server/private/routers/billing/getOrgUsage.ts | 6 +- .../routers/billing/internalGetOrgTier.ts | 6 +- .../routers/certificates/getCertificate.ts | 6 +- .../certificates/restartCertificate.ts | 10 +-- .../checkDomainNamespaceAvailability.ts | 8 +- .../routers/domain/listDomainNamespaces.ts | 12 ++- server/private/routers/hybrid.ts | 86 ++++++------------- .../routers/license/activateLicense.ts | 6 +- .../routers/license/deleteLicenseKey.ts | 6 +- .../routers/loginPage/createLoginPage.ts | 12 +-- .../private/routers/loginPage/getLoginPage.ts | 6 +- .../routers/loginPage/updateLoginPage.ts | 10 +-- .../private/routers/misc/sendSupportEmail.ts | 6 +- .../routers/orgIdp/createOrgOidcIdp.ts | 12 ++- server/private/routers/orgIdp/listOrgIdps.ts | 16 ++-- .../routers/orgIdp/updateOrgOidcIdp.ts | 6 +- .../routers/re-key/reGenerateClientSecret.ts | 14 ++- .../re-key/reGenerateExitNodeSecret.ts | 6 +- .../routers/re-key/reGenerateSiteSecret.ts | 16 ++-- .../remoteExitNode/createRemoteExitNode.ts | 6 +- .../remoteExitNode/deleteRemoteExitNode.ts | 6 +- .../remoteExitNode/getRemoteExitNode.ts | 6 +- .../remoteExitNode/listRemoteExitNodes.ts | 10 +-- .../pickRemoteExitNodeDefaults.ts | 6 +- .../routers/accessToken/deleteAccessToken.ts | 6 +- .../accessToken/generateAccessToken.ts | 16 ++-- .../routers/accessToken/listAccessTokens.ts | 12 ++- server/routers/apiKeys/createRootApiKey.ts | 6 +- server/routers/apiKeys/listApiKeyActions.ts | 4 +- server/routers/apiKeys/listOrgApiKeys.ts | 4 +- server/routers/apiKeys/listRootApiKeys.ts | 4 +- server/routers/apiKeys/setApiKeyActions.ts | 9 +- server/routers/apiKeys/setApiKeyOrgs.ts | 9 +- .../routers/auditLogs/queryRequstAuditLog.ts | 12 +-- server/routers/auth/changePassword.ts | 6 +- server/routers/auth/checkResourceSession.ts | 6 +- server/routers/auth/disable2fa.ts | 6 +- server/routers/auth/login.ts | 8 +- server/routers/auth/requestPasswordReset.ts | 8 +- server/routers/auth/requestTotpSecret.ts | 8 +- server/routers/auth/resetPassword.ts | 8 +- server/routers/auth/securityKey.ts | 22 ++--- server/routers/auth/setServerAdmin.ts | 2 +- server/routers/auth/signup.ts | 2 +- server/routers/auth/validateSetupToken.ts | 6 +- server/routers/auth/verifyEmail.ts | 6 +- server/routers/auth/verifyTotp.ts | 8 +- server/routers/badger/verifySession.ts | 8 +- .../routers/blueprints/applyJSONBlueprint.ts | 12 +-- server/routers/blueprints/getBlueprint.ts | 8 +- server/routers/blueprints/listBlueprints.ts | 16 ++-- server/routers/client/createClient.ts | 14 ++- server/routers/client/deleteClient.ts | 8 +- server/routers/client/getClient.ts | 8 +- server/routers/client/listClients.ts | 10 +-- server/routers/client/pickClientDefaults.ts | 6 +- server/routers/client/updateClient.ts | 16 ++-- server/routers/domain/createOrgDomain.ts | 12 +-- server/routers/domain/deleteOrgDomain.ts | 6 +- server/routers/domain/getDNSRecords.ts | 6 +- server/routers/domain/getDomain.ts | 6 +- server/routers/domain/listDomains.ts | 16 ++-- server/routers/domain/restartOrgDomain.ts | 6 +- server/routers/domain/updateDomain.ts | 12 +-- server/routers/idp/createIdpOrgPolicy.ts | 12 +-- server/routers/idp/createOidcIdp.ts | 12 ++- server/routers/idp/deleteIdpOrgPolicy.ts | 6 +- server/routers/idp/generateOidcUrl.ts | 6 +- server/routers/idp/listIdpOrgPolicies.ts | 10 +-- server/routers/idp/listIdps.ts | 10 +-- server/routers/idp/updateIdpOrgPolicy.ts | 12 +-- server/routers/idp/updateOidcIdp.ts | 6 +- server/routers/newt/createNewt.ts | 6 +- server/routers/newt/handleGetConfigMessage.ts | 2 +- server/routers/olm/createOlm.ts | 6 +- server/routers/org/checkId.ts | 6 +- server/routers/org/createOrg.ts | 6 +- server/routers/org/deleteOrg.ts | 6 +- server/routers/org/getOrg.ts | 6 +- server/routers/org/getOrgOverview.ts | 6 +- server/routers/org/listOrgs.ts | 4 +- server/routers/org/listUserOrgs.ts | 4 +- server/routers/org/updateOrg.ts | 12 +-- .../resource/addEmailToResourceWhitelist.ts | 21 ++--- .../routers/resource/authWithAccessToken.ts | 14 ++- server/routers/resource/authWithPassword.ts | 14 ++- server/routers/resource/authWithPincode.ts | 14 ++- server/routers/resource/authWithWhitelist.ts | 16 ++-- server/routers/resource/createResource.ts | 22 ++--- server/routers/resource/createResourceRule.ts | 16 ++-- server/routers/resource/deleteResource.ts | 8 +- server/routers/resource/deleteResourceRule.ts | 10 +-- server/routers/resource/getExchangeToken.ts | 8 +- server/routers/resource/getResource.ts | 8 +- .../routers/resource/getResourceAuthInfo.ts | 6 +- .../routers/resource/getResourceWhitelist.ts | 8 +- server/routers/resource/listResourceRoles.ts | 8 +- server/routers/resource/listResourceRules.ts | 12 ++- server/routers/resource/listResourceUsers.ts | 8 +- server/routers/resource/listResources.ts | 10 +-- .../removeEmailFromResourceWhitelist.ts | 21 ++--- .../routers/resource/setResourceHeaderAuth.ts | 8 +- .../routers/resource/setResourcePassword.ts | 8 +- server/routers/resource/setResourcePincode.ts | 8 +- server/routers/resource/setResourceRoles.ts | 16 ++-- server/routers/resource/setResourceUsers.ts | 14 ++- .../routers/resource/setResourceWhitelist.ts | 21 ++--- server/routers/resource/updateResource.ts | 42 ++++----- server/routers/resource/updateResourceRule.ts | 18 ++-- server/routers/role/addRoleAction.ts | 14 ++- server/routers/role/addRoleSite.ts | 16 ++-- server/routers/role/createRole.ts | 12 +-- server/routers/role/deleteRole.ts | 16 ++-- server/routers/role/getRole.ts | 8 +- server/routers/role/listRoleActions.ts | 8 +- server/routers/role/listRoleResources.ts | 8 +- server/routers/role/listRoleSites.ts | 8 +- server/routers/role/listRoles.ts | 10 +-- server/routers/role/removeRoleAction.ts | 14 ++- server/routers/role/removeRoleResource.ts | 16 ++-- server/routers/role/removeRoleSite.ts | 16 ++-- server/routers/role/updateRole.ts | 14 ++- server/routers/site/createSite.ts | 14 ++- server/routers/site/deleteSite.ts | 8 +- server/routers/site/getSite.ts | 8 +- server/routers/site/listSiteRoles.ts | 8 +- server/routers/site/listSites.ts | 10 +-- server/routers/site/pickSiteDefaults.ts | 6 +- server/routers/site/socketIntegration.ts | 14 ++- server/routers/site/updateSite.ts | 14 ++- .../siteResource/createSiteResource.ts | 18 ++-- .../siteResource/deleteSiteResource.ts | 10 +-- .../routers/siteResource/getSiteResource.ts | 10 +-- .../siteResource/listAllSiteResourcesByOrg.ts | 10 +-- .../routers/siteResource/listSiteResources.ts | 12 ++- .../siteResource/updateSiteResource.ts | 20 ++--- .../supporterKey/validateSupporterKey.ts | 6 +- server/routers/target/createTarget.ts | 34 +++----- server/routers/target/deleteTarget.ts | 8 +- server/routers/target/getTarget.ts | 8 +- server/routers/target/listTargets.ts | 12 ++- server/routers/target/updateTarget.ts | 34 +++----- server/routers/user/acceptInvite.ts | 6 +- server/routers/user/addUserAction.ts | 6 +- server/routers/user/addUserRole.ts | 6 +- server/routers/user/addUserSite.ts | 8 +- server/routers/user/adminGetUser.ts | 6 +- server/routers/user/adminListUsers.ts | 10 +-- server/routers/user/adminRemoveUser.ts | 6 +- server/routers/user/adminUpdateUser2FA.ts | 12 +-- server/routers/user/createOrgUser.ts | 17 ++-- server/routers/user/getOrgUser.ts | 6 +- server/routers/user/inviteUser.ts | 14 ++- server/routers/user/listInvitations.ts | 16 ++-- server/routers/user/listUsers.ts | 16 ++-- server/routers/user/removeInvitation.ts | 6 +- server/routers/user/removeUserAction.ts | 12 +-- server/routers/user/removeUserOrg.ts | 6 +- server/routers/user/removeUserResource.ts | 8 +- server/routers/user/removeUserSite.ts | 14 ++- server/routers/user/updateOrgUser.ts | 12 +-- .../(private)/idp/[idpId]/general/page.tsx | 4 +- .../settings/(private)/idp/create/page.tsx | 8 +- .../settings/access/users/create/page.tsx | 8 +- .../[orgId]/settings/clients/create/page.tsx | 2 +- .../[niceId]/authentication/page.tsx | 4 +- .../resources/[niceId]/general/page.tsx | 2 +- .../resources/[niceId]/proxy/page.tsx | 16 ++-- .../resources/[niceId]/rules/page.tsx | 4 +- .../settings/resources/create/page.tsx | 10 +-- src/app/admin/idp/[idpId]/general/page.tsx | 4 +- src/app/admin/idp/create/page.tsx | 4 +- .../auth/reset-password/ResetPasswordForm.tsx | 4 +- .../CreateInternalResourceDialog.tsx | 10 +-- src/components/EditInternalResourceDialog.tsx | 4 +- src/components/GenerateLicenseKeyForm.tsx | 4 +- src/components/HealthCheckDialog.tsx | 12 +-- src/components/IdpCreateWizard.tsx | 4 +- src/components/ResetPasswordForm.tsx | 4 +- src/components/SupporterStatus.tsx | 8 +- src/components/VerifyEmailForm.tsx | 2 +- 191 files changed, 764 insertions(+), 1232 deletions(-) diff --git a/server/lib/blueprints/types.ts b/server/lib/blueprints/types.ts index ca3177b3..490cd7f8 100644 --- a/server/lib/blueprints/types.ts +++ b/server/lib/blueprints/types.ts @@ -7,20 +7,20 @@ export const SiteSchema = z.object({ export const TargetHealthCheckSchema = z.object({ hostname: z.string(), - port: z.number().int().min(1).max(65535), + port: z.int().min(1).max(65535), enabled: z.boolean().optional().default(true), path: z.string().optional(), scheme: z.string().optional(), mode: z.string().default("http"), - interval: z.number().int().default(30), - "unhealthy-interval": z.number().int().default(30), - unhealthyInterval: z.number().int().optional(), // deprecated alias - timeout: z.number().int().default(5), + interval: z.int().default(30), + "unhealthy-interval": z.int().default(30), + unhealthyInterval: z.int().optional(), // deprecated alias + timeout: z.int().default(5), headers: z.array(z.object({ name: z.string(), value: z.string() })).nullable().optional().default(null), "follow-redirects": z.boolean().default(true), followRedirects: z.boolean().optional(), // deprecated alias method: z.string().default("GET"), - status: z.number().int().optional() + status: z.int().optional() }); // Schema for individual target within a resource @@ -28,16 +28,16 @@ export const TargetSchema = z.object({ site: z.string().optional(), method: z.enum(["http", "https", "h2c"]).optional(), hostname: z.string(), - port: z.number().int().min(1).max(65535), + port: z.int().min(1).max(65535), enabled: z.boolean().optional().default(true), - "internal-port": z.number().int().min(1).max(65535).optional(), + "internal-port": z.int().min(1).max(65535).optional(), path: z.string().optional(), "path-match": z.enum(["exact", "prefix", "regex"]).optional().nullable(), healthcheck: TargetHealthCheckSchema.optional(), rewritePath: z.string().optional(), // deprecated alias "rewrite-path": z.string().optional(), "rewrite-match": z.enum(["exact", "prefix", "regex", "stripPrefix"]).optional().nullable(), - priority: z.number().int().min(1).max(1000).optional().default(100) + priority: z.int().min(1).max(1000).optional().default(100) }); export type TargetData = z.infer; @@ -55,10 +55,10 @@ export const AuthSchema = z.object({ .optional() .default([]) .refine((roles) => !roles.includes("Admin"), { - message: "Admin role cannot be included in sso-roles" + error: "Admin role cannot be included in sso-roles" }), - "sso-users": z.array(z.string().email()).optional().default([]), - "whitelist-users": z.array(z.string().email()).optional().default([]), + "sso-users": z.array(z.email()).optional().default([]), + "whitelist-users": z.array(z.email()).optional().default([]), }); export const RuleSchema = z.object({ @@ -79,7 +79,7 @@ export const ResourceSchema = z protocol: z.enum(["http", "tcp", "udp"]).optional(), ssl: z.boolean().optional(), "full-domain": z.string().optional(), - "proxy-port": z.number().int().min(1).max(65535).optional(), + "proxy-port": z.int().min(1).max(65535).optional(), enabled: z.boolean().optional(), targets: z.array(TargetSchema.nullable()).optional().default([]), auth: AuthSchema.optional(), @@ -100,9 +100,8 @@ export const ResourceSchema = z ); }, { - message: - "Resource must either be targets-only (only 'targets' field) or have both 'name' and 'protocol' fields at a minimum", - path: ["name", "protocol"] + path: ["name", "protocol"], + error: "Resource must either be targets-only (only 'targets' field) or have both 'name' and 'protocol' fields at a minimum" } ) .refine( @@ -156,9 +155,8 @@ export const ResourceSchema = z return true; }, { - message: - "When protocol is 'http', a 'full-domain' must be provided", - path: ["full-domain"] + path: ["full-domain"], + error: "When protocol is 'http', a 'full-domain' must be provided" } ) .refine( @@ -174,9 +172,8 @@ export const ResourceSchema = z return true; }, { - message: - "When protocol is 'tcp' or 'udp', 'proxy-port' must be provided", - path: ["proxy-port", "exit-node"] + path: ["proxy-port", "exit-node"], + error: "When protocol is 'tcp' or 'udp', 'proxy-port' must be provided" } ) .refine( @@ -193,9 +190,8 @@ export const ResourceSchema = z return true; }, { - message: - "When protocol is 'tcp' or 'udp', 'auth' must not be provided", - path: ["auth"] + path: ["auth"], + error: "When protocol is 'tcp' or 'udp', 'auth' must not be provided" } ); @@ -216,9 +212,9 @@ export const ClientResourceSchema = z.object({ // Schema for the entire configuration object export const ConfigSchema = z .object({ - "proxy-resources": z.record(z.string(), ResourceSchema).optional().default({}), - "client-resources": z.record(z.string(), ClientResourceSchema).optional().default({}), - sites: z.record(z.string(), SiteSchema).optional().default({}) + "proxy-resources": z.record(z.string(), ResourceSchema).optional().prefault({}), + "client-resources": z.record(z.string(), ClientResourceSchema).optional().prefault({}), + sites: z.record(z.string(), SiteSchema).optional().prefault({}) }) .refine( // Enforce the full-domain uniqueness across resources in the same stack diff --git a/server/lib/readConfigFile.ts b/server/lib/readConfigFile.ts index 9d6cafb9..2da8c0a7 100644 --- a/server/lib/readConfigFile.ts +++ b/server/lib/readConfigFile.ts @@ -14,10 +14,8 @@ export const configSchema = z .object({ app: z .object({ - dashboard_url: z - .string() - .url() - .pipe(z.string().url()) + dashboard_url: z.url() + .pipe(z.url()) .transform((url) => url.toLowerCase()) .optional(), log_level: z @@ -31,14 +29,14 @@ export const configSchema = z anonymous_usage: z.boolean().optional().default(true) }) .optional() - .default({}), + .prefault({}), notifications: z .object({ product_updates: z.boolean().optional().default(true), new_releases: z.boolean().optional().default(true) }) .optional() - .default({}) + .prefault({}) }) .optional() .default({ @@ -107,7 +105,7 @@ export const configSchema = z token: z.string().optional().default("P-Access-Token") }) .optional() - .default({}), + .prefault({}), resource_session_request_param: z .string() .optional() @@ -132,7 +130,7 @@ export const configSchema = z credentials: z.boolean().optional() }) .optional(), - trust_proxy: z.number().int().gte(0).optional().default(1), + trust_proxy: z.int().gte(0).optional().default(1), secret: z.string().pipe(z.string().min(8)).optional(), maxmind_db_path: z.string().optional() }) @@ -189,7 +187,7 @@ export const configSchema = z .default(5000) }) .optional() - .default({}) + .prefault({}) }) .optional(), traefik: z @@ -222,7 +220,7 @@ export const configSchema = z .default("pp-transport-v") }) .optional() - .default({}), + .prefault({}), gerbil: z .object({ exit_node_name: z.string().optional(), @@ -247,7 +245,7 @@ export const configSchema = z .default(30) }) .optional() - .default({}), + .prefault({}), orgs: z .object({ block_size: z.number().positive().gt(0).optional().default(24), @@ -276,7 +274,7 @@ export const configSchema = z .default(500) }) .optional() - .default({}), + .prefault({}), auth: z .object({ window_minutes: z @@ -293,10 +291,10 @@ export const configSchema = z .default(500) }) .optional() - .default({}) + .prefault({}) }) .optional() - .default({}), + .prefault({}), email: z .object({ smtp_host: z.string().optional(), @@ -308,7 +306,7 @@ export const configSchema = z .transform(getEnvOrYaml("EMAIL_SMTP_PASS")), smtp_secure: z.boolean().optional(), smtp_tls_reject_unauthorized: z.boolean().optional(), - no_reply: z.string().email().optional() + no_reply: z.email().optional() }) .optional(), flags: z @@ -340,7 +338,7 @@ export const configSchema = z .default("cname.pangolin.net") }) .optional() - .default({}) + .prefault({}) }) .refine( (data) => { @@ -355,7 +353,7 @@ export const configSchema = z return true; }, { - message: "At least one domain must be defined" + error: "At least one domain must be defined" } ) .refine( @@ -370,7 +368,7 @@ export const configSchema = z ); }, { - message: "Server secret must be defined" + error: "Server secret must be defined" } ) .refine( @@ -382,7 +380,7 @@ export const configSchema = z ); }, { - message: "Dashboard URL must be defined" + error: "Dashboard URL must be defined" } ); diff --git a/server/private/lib/readConfigFile.ts b/server/private/lib/readConfigFile.ts index 20712704..cc12b1fb 100644 --- a/server/private/lib/readConfigFile.ts +++ b/server/private/lib/readConfigFile.ts @@ -50,14 +50,14 @@ export const privateConfigSchema = z.object({ host: z.string(), port: portSchema, password: z.string().optional(), - db: z.number().int().nonnegative().optional().default(0), + db: z.int().nonnegative().optional().default(0), replicas: z .array( z.object({ host: z.string(), port: portSchema, password: z.string().optional(), - db: z.number().int().nonnegative().optional().default(0) + db: z.int().nonnegative().optional().default(0) }) ) .optional() @@ -79,14 +79,14 @@ export const privateConfigSchema = z.object({ .default("http://gerbil:3004") }) .optional() - .default({}), + .prefault({}), flags: z .object({ enable_redis: z.boolean().optional().default(false), use_pangolin_dns: z.boolean().optional().default(false) }) .optional() - .default({}), + .prefault({}), branding: z .object({ app_name: z.string().optional(), diff --git a/server/private/routers/auditLogs/queryAccessAuditLog.ts b/server/private/routers/auditLogs/queryAccessAuditLog.ts index 33383c25..6329206d 100644 --- a/server/private/routers/auditLogs/queryAccessAuditLog.ts +++ b/server/private/routers/auditLogs/queryAccessAuditLog.ts @@ -30,13 +30,13 @@ export const queryAccessAuditLogsQuery = z.object({ timeStart: z .string() .refine((val) => !isNaN(Date.parse(val)), { - message: "timeStart must be a valid ISO date string" + error: "timeStart must be a valid ISO date string" }) .transform((val) => Math.floor(new Date(val).getTime() / 1000)), timeEnd: z .string() .refine((val) => !isNaN(Date.parse(val)), { - message: "timeEnd must be a valid ISO date string" + error: "timeEnd must be a valid ISO date string" }) .transform((val) => Math.floor(new Date(val).getTime() / 1000)) .optional() @@ -51,7 +51,7 @@ export const queryAccessAuditLogsQuery = z.object({ .string() .optional() .transform(Number) - .pipe(z.number().int().positive()) + .pipe(z.int().positive()) .optional(), actor: z.string().optional(), type: z.string().optional(), @@ -61,13 +61,13 @@ export const queryAccessAuditLogsQuery = z.object({ .optional() .default("1000") .transform(Number) - .pipe(z.number().int().positive()), + .pipe(z.int().positive()), offset: z .string() .optional() .default("0") .transform(Number) - .pipe(z.number().int().nonnegative()) + .pipe(z.int().nonnegative()) }); export const queryAccessAuditLogsParams = z.object({ diff --git a/server/private/routers/auditLogs/queryActionAuditLog.ts b/server/private/routers/auditLogs/queryActionAuditLog.ts index 018651cb..eb22cc0a 100644 --- a/server/private/routers/auditLogs/queryActionAuditLog.ts +++ b/server/private/routers/auditLogs/queryActionAuditLog.ts @@ -30,13 +30,13 @@ export const queryActionAuditLogsQuery = z.object({ timeStart: z .string() .refine((val) => !isNaN(Date.parse(val)), { - message: "timeStart must be a valid ISO date string" + error: "timeStart must be a valid ISO date string" }) .transform((val) => Math.floor(new Date(val).getTime() / 1000)), timeEnd: z .string() .refine((val) => !isNaN(Date.parse(val)), { - message: "timeEnd must be a valid ISO date string" + error: "timeEnd must be a valid ISO date string" }) .transform((val) => Math.floor(new Date(val).getTime() / 1000)) .optional() @@ -50,13 +50,13 @@ export const queryActionAuditLogsQuery = z.object({ .optional() .default("1000") .transform(Number) - .pipe(z.number().int().positive()), + .pipe(z.int().positive()), offset: z .string() .optional() .default("0") .transform(Number) - .pipe(z.number().int().nonnegative()) + .pipe(z.int().nonnegative()) }); export const queryActionAuditLogsParams = z.object({ diff --git a/server/private/routers/auth/getSessionTransferToken.ts b/server/private/routers/auth/getSessionTransferToken.ts index ba295923..bd6bc545 100644 --- a/server/private/routers/auth/getSessionTransferToken.ts +++ b/server/private/routers/auth/getSessionTransferToken.ts @@ -28,7 +28,7 @@ import { response } from "@server/lib/response"; import { encrypt } from "@server/lib/crypto"; import config from "@server/lib/config"; -const paramsSchema = z.object({}).strict(); +const paramsSchema = z.strictObject({}); export type GetSessionTransferTokenRenponse = { token: string; diff --git a/server/private/routers/auth/quickStart.ts b/server/private/routers/auth/quickStart.ts index 582ac4d5..02023a0b 100644 --- a/server/private/routers/auth/quickStart.ts +++ b/server/private/routers/auth/quickStart.ts @@ -62,10 +62,10 @@ import { isTargetValid } from "@server/lib/validators"; import { listExitNodes } from "#private/lib/exitNodes"; const bodySchema = z.object({ - email: z.string().toLowerCase().email(), + email: z.email().toLowerCase(), ip: z.string().refine(isTargetValid), method: z.enum(["http", "https"]), - port: z.number().int().min(1).max(65535), + port: z.int().min(1).max(65535), pincode: z .string() .regex(/^\d{6}$/) diff --git a/server/private/routers/billing/createCheckoutSession.ts b/server/private/routers/billing/createCheckoutSession.ts index 6e1e28c2..e0e08a20 100644 --- a/server/private/routers/billing/createCheckoutSession.ts +++ b/server/private/routers/billing/createCheckoutSession.ts @@ -25,11 +25,9 @@ import stripe from "#private/lib/stripe"; import { getLineItems, getStandardFeaturePriceSet } from "@server/lib/billing"; import { getTierPriceSet, TierId } from "@server/lib/billing/tiers"; -const createCheckoutSessionSchema = z - .object({ +const createCheckoutSessionSchema = z.strictObject({ orgId: z.string() - }) - .strict(); + }); export async function createCheckoutSession( req: Request, diff --git a/server/private/routers/billing/createPortalSession.ts b/server/private/routers/billing/createPortalSession.ts index eb55f007..a3a2f04f 100644 --- a/server/private/routers/billing/createPortalSession.ts +++ b/server/private/routers/billing/createPortalSession.ts @@ -23,11 +23,9 @@ import config from "@server/lib/config"; import { fromError } from "zod-validation-error"; import stripe from "#private/lib/stripe"; -const createPortalSessionSchema = z - .object({ +const createPortalSessionSchema = z.strictObject({ orgId: z.string() - }) - .strict(); + }); export async function createPortalSession( req: Request, diff --git a/server/private/routers/billing/getOrgSubscription.ts b/server/private/routers/billing/getOrgSubscription.ts index b97ca39f..adc4ee04 100644 --- a/server/private/routers/billing/getOrgSubscription.ts +++ b/server/private/routers/billing/getOrgSubscription.ts @@ -33,11 +33,9 @@ import { SubscriptionItem } from "@server/db"; -const getOrgSchema = z - .object({ +const getOrgSchema = z.strictObject({ orgId: z.string() - }) - .strict(); + }); registry.registerPath({ method: "get", diff --git a/server/private/routers/billing/getOrgUsage.ts b/server/private/routers/billing/getOrgUsage.ts index bc879659..9e605cca 100644 --- a/server/private/routers/billing/getOrgUsage.ts +++ b/server/private/routers/billing/getOrgUsage.ts @@ -27,11 +27,9 @@ import { usageService } from "@server/lib/billing/usageService"; import { FeatureId } from "@server/lib/billing"; import { GetOrgUsageResponse } from "@server/routers/billing/types"; -const getOrgSchema = z - .object({ +const getOrgSchema = z.strictObject({ orgId: z.string() - }) - .strict(); + }); registry.registerPath({ method: "get", diff --git a/server/private/routers/billing/internalGetOrgTier.ts b/server/private/routers/billing/internalGetOrgTier.ts index cca96243..ec114cca 100644 --- a/server/private/routers/billing/internalGetOrgTier.ts +++ b/server/private/routers/billing/internalGetOrgTier.ts @@ -21,11 +21,9 @@ import { fromZodError } from "zod-validation-error"; import { getOrgTierData } from "#private/lib/billing"; import { GetOrgTierResponse } from "@server/routers/billing/types"; -const getOrgSchema = z - .object({ +const getOrgSchema = z.strictObject({ orgId: z.string() - }) - .strict(); + }); export async function getOrgTier( req: Request, diff --git a/server/private/routers/certificates/getCertificate.ts b/server/private/routers/certificates/getCertificate.ts index 8392cbc0..4ff8184e 100644 --- a/server/private/routers/certificates/getCertificate.ts +++ b/server/private/routers/certificates/getCertificate.ts @@ -23,13 +23,11 @@ import { fromError } from "zod-validation-error"; import { registry } from "@server/openApi"; import { GetCertificateResponse } from "@server/routers/certificates/types"; -const getCertificateSchema = z - .object({ +const getCertificateSchema = z.strictObject({ domainId: z.string(), domain: z.string().min(1).max(255), orgId: z.string() - }) - .strict(); + }); async function query(domainId: string, domain: string) { const [domainRecord] = await db diff --git a/server/private/routers/certificates/restartCertificate.ts b/server/private/routers/certificates/restartCertificate.ts index 1ad3f6a7..a6ee5460 100644 --- a/server/private/routers/certificates/restartCertificate.ts +++ b/server/private/routers/certificates/restartCertificate.ts @@ -24,12 +24,10 @@ import stoi from "@server/lib/stoi"; import { fromError } from "zod-validation-error"; import { OpenAPITags, registry } from "@server/openApi"; -const restartCertificateParamsSchema = z - .object({ - certId: z.string().transform(stoi).pipe(z.number().int().positive()), +const restartCertificateParamsSchema = z.strictObject({ + certId: z.string().transform(stoi).pipe(z.int().positive()), orgId: z.string() - }) - .strict(); + }); registry.registerPath({ method: "post", @@ -41,7 +39,7 @@ registry.registerPath({ certId: z .string() .transform(stoi) - .pipe(z.number().int().positive()), + .pipe(z.int().positive()), orgId: z.string() }) }, diff --git a/server/private/routers/domain/checkDomainNamespaceAvailability.ts b/server/private/routers/domain/checkDomainNamespaceAvailability.ts index 745af9d3..6c9cb23c 100644 --- a/server/private/routers/domain/checkDomainNamespaceAvailability.ts +++ b/server/private/routers/domain/checkDomainNamespaceAvailability.ts @@ -23,13 +23,11 @@ import { db, domainNamespaces, resources } from "@server/db"; import { inArray } from "drizzle-orm"; import { CheckDomainAvailabilityResponse } from "@server/routers/domain/types"; -const paramsSchema = z.object({}).strict(); +const paramsSchema = z.strictObject({}); -const querySchema = z - .object({ +const querySchema = z.strictObject({ subdomain: z.string() - }) - .strict(); + }); registry.registerPath({ method: "get", diff --git a/server/private/routers/domain/listDomainNamespaces.ts b/server/private/routers/domain/listDomainNamespaces.ts index 10bcc91b..29d5d201 100644 --- a/server/private/routers/domain/listDomainNamespaces.ts +++ b/server/private/routers/domain/listDomainNamespaces.ts @@ -23,24 +23,22 @@ import logger from "@server/logger"; import { fromError } from "zod-validation-error"; import { OpenAPITags, registry } from "@server/openApi"; -const paramsSchema = z.object({}).strict(); +const paramsSchema = z.strictObject({}); -const querySchema = z - .object({ +const querySchema = z.strictObject({ limit: z .string() .optional() .default("1000") .transform(Number) - .pipe(z.number().int().nonnegative()), + .pipe(z.int().nonnegative()), offset: z .string() .optional() .default("0") .transform(Number) - .pipe(z.number().int().nonnegative()) - }) - .strict(); + .pipe(z.int().nonnegative()) + }); async function query(limit: number, offset: number) { const res = await db diff --git a/server/private/routers/hybrid.ts b/server/private/routers/hybrid.ts index a8b6a174..b76cf6f9 100644 --- a/server/private/routers/hybrid.ts +++ b/server/private/routers/hybrid.ts @@ -78,105 +78,78 @@ import { verifyResourceAccessToken } from "@server/auth/verifyResourceAccessToke import semver from "semver"; // Zod schemas for request validation -const getResourceByDomainParamsSchema = z - .object({ +const getResourceByDomainParamsSchema = z.strictObject({ domain: z.string().min(1, "Domain is required") - }) - .strict(); + }); -const getUserSessionParamsSchema = z - .object({ +const getUserSessionParamsSchema = z.strictObject({ userSessionId: z.string().min(1, "User session ID is required") - }) - .strict(); + }); -const getUserOrgRoleParamsSchema = z - .object({ +const getUserOrgRoleParamsSchema = z.strictObject({ userId: z.string().min(1, "User ID is required"), orgId: z.string().min(1, "Organization ID is required") - }) - .strict(); + }); -const getRoleResourceAccessParamsSchema = z - .object({ +const getRoleResourceAccessParamsSchema = z.strictObject({ roleId: z .string() .transform(Number) .pipe( - z.number().int().positive("Role ID must be a positive integer") + z.int().positive("Role ID must be a positive integer") ), resourceId: z .string() .transform(Number) .pipe( - z - .number() - .int() + z.int() .positive("Resource ID must be a positive integer") ) - }) - .strict(); + }); -const getUserResourceAccessParamsSchema = z - .object({ +const getUserResourceAccessParamsSchema = z.strictObject({ userId: z.string().min(1, "User ID is required"), resourceId: z .string() .transform(Number) .pipe( - z - .number() - .int() + z.int() .positive("Resource ID must be a positive integer") ) - }) - .strict(); + }); -const getResourceRulesParamsSchema = z - .object({ +const getResourceRulesParamsSchema = z.strictObject({ resourceId: z .string() .transform(Number) .pipe( - z - .number() - .int() + z.int() .positive("Resource ID must be a positive integer") ) - }) - .strict(); + }); -const validateResourceSessionTokenParamsSchema = z - .object({ +const validateResourceSessionTokenParamsSchema = z.strictObject({ resourceId: z .string() .transform(Number) .pipe( - z - .number() - .int() + z.int() .positive("Resource ID must be a positive integer") ) - }) - .strict(); + }); -const validateResourceSessionTokenBodySchema = z - .object({ +const validateResourceSessionTokenBodySchema = z.strictObject({ token: z.string().min(1, "Token is required") - }) - .strict(); + }); -const validateResourceAccessTokenBodySchema = z - .object({ +const validateResourceAccessTokenBodySchema = z.strictObject({ accessTokenId: z.string().optional(), resourceId: z.number().optional(), accessToken: z.string() - }) - .strict(); + }); // Certificates by domains query validation -const getCertificatesByDomainsQuerySchema = z - .object({ +const getCertificatesByDomainsQuerySchema = z.strictObject({ // Accept domains as string or array (domains or domains[]) domains: z .union([z.array(z.string().min(1)), z.string().min(1)]) @@ -185,8 +158,7 @@ const getCertificatesByDomainsQuerySchema = z "domains[]": z .union([z.array(z.string().min(1)), z.string().min(1)]) .optional() - }) - .strict(); + }); // Type exports for request schemas export type GetResourceByDomainParams = z.infer< @@ -591,11 +563,9 @@ hybridRouter.get( } ); -const getOrgLoginPageParamsSchema = z - .object({ +const getOrgLoginPageParamsSchema = z.strictObject({ orgId: z.string().min(1) - }) - .strict(); + }); hybridRouter.get( "/org/:orgId/login-page", @@ -1217,7 +1187,7 @@ hybridRouter.post( ); const geoIpLookupParamsSchema = z.object({ - ip: z.string().ip() + ip: z.union([z.ipv4(), z.ipv6()]) }); hybridRouter.get( "/geoip/:ip", diff --git a/server/private/routers/license/activateLicense.ts b/server/private/routers/license/activateLicense.ts index f5d610aa..55b7827e 100644 --- a/server/private/routers/license/activateLicense.ts +++ b/server/private/routers/license/activateLicense.ts @@ -20,11 +20,9 @@ import license from "#private/license/license"; import { z } from "zod"; import { fromError } from "zod-validation-error"; -const bodySchema = z - .object({ +const bodySchema = z.strictObject({ licenseKey: z.string().min(1).max(255) - }) - .strict(); + }); export async function activateLicense( req: Request, diff --git a/server/private/routers/license/deleteLicenseKey.ts b/server/private/routers/license/deleteLicenseKey.ts index 93fc4ef6..6f5469fc 100644 --- a/server/private/routers/license/deleteLicenseKey.ts +++ b/server/private/routers/license/deleteLicenseKey.ts @@ -23,11 +23,9 @@ import { eq } from "drizzle-orm"; import { licenseKey } from "@server/db"; import license from "#private/license/license"; -const paramsSchema = z - .object({ +const paramsSchema = z.strictObject({ licenseKey: z.string().min(1).max(255) - }) - .strict(); + }); export async function deleteLicenseKey( req: Request, diff --git a/server/private/routers/loginPage/createLoginPage.ts b/server/private/routers/loginPage/createLoginPage.ts index cb0bb923..17050855 100644 --- a/server/private/routers/loginPage/createLoginPage.ts +++ b/server/private/routers/loginPage/createLoginPage.ts @@ -35,18 +35,14 @@ import { TierId } from "@server/lib/billing/tiers"; import { build } from "@server/build"; import { CreateLoginPageResponse } from "@server/routers/loginPage/types"; -const paramsSchema = z - .object({ +const paramsSchema = z.strictObject({ orgId: z.string() - }) - .strict(); + }); -const bodySchema = z - .object({ +const bodySchema = z.strictObject({ subdomain: z.string().nullable().optional(), domainId: z.string() - }) - .strict(); + }); export type CreateLoginPageBody = z.infer; diff --git a/server/private/routers/loginPage/getLoginPage.ts b/server/private/routers/loginPage/getLoginPage.ts index 76e20ffb..b3bde203 100644 --- a/server/private/routers/loginPage/getLoginPage.ts +++ b/server/private/routers/loginPage/getLoginPage.ts @@ -22,11 +22,9 @@ import logger from "@server/logger"; import { fromError } from "zod-validation-error"; import { GetLoginPageResponse } from "@server/routers/loginPage/types"; -const paramsSchema = z - .object({ +const paramsSchema = z.strictObject({ orgId: z.string() - }) - .strict(); + }); async function query(orgId: string) { const [res] = await db diff --git a/server/private/routers/loginPage/updateLoginPage.ts b/server/private/routers/loginPage/updateLoginPage.ts index 4f2be084..8a8e8ab0 100644 --- a/server/private/routers/loginPage/updateLoginPage.ts +++ b/server/private/routers/loginPage/updateLoginPage.ts @@ -35,14 +35,12 @@ const paramsSchema = z }) .strict(); -const bodySchema = z - .object({ +const bodySchema = z.strictObject({ subdomain: subdomainSchema.nullable().optional(), domainId: z.string().optional() }) - .strict() .refine((data) => Object.keys(data).length > 0, { - message: "At least one field must be provided for update" + error: "At least one field must be provided for update" }) .refine( (data) => { @@ -51,7 +49,9 @@ const bodySchema = z } return true; }, - { message: "Invalid subdomain" } + { + error: "Invalid subdomain" + } ); export type UpdateLoginPageBody = z.infer; diff --git a/server/private/routers/misc/sendSupportEmail.ts b/server/private/routers/misc/sendSupportEmail.ts index 9b3f9c14..f1f7a919 100644 --- a/server/private/routers/misc/sendSupportEmail.ts +++ b/server/private/routers/misc/sendSupportEmail.ts @@ -22,12 +22,10 @@ import { sendEmail } from "@server/emails"; import SupportEmail from "@server/emails/templates/SupportEmail"; import config from "@server/lib/config"; -const bodySchema = z - .object({ +const bodySchema = z.strictObject({ body: z.string().min(1), subject: z.string().min(1).max(255) - }) - .strict(); + }); export async function sendSupportEmail( req: Request, diff --git a/server/private/routers/orgIdp/createOrgOidcIdp.ts b/server/private/routers/orgIdp/createOrgOidcIdp.ts index 02cef526..c3ce774e 100644 --- a/server/private/routers/orgIdp/createOrgOidcIdp.ts +++ b/server/private/routers/orgIdp/createOrgOidcIdp.ts @@ -29,15 +29,14 @@ import { getOrgTierData } from "#private/lib/billing"; import { TierId } from "@server/lib/billing/tiers"; import { CreateOrgIdpResponse } from "@server/routers/orgIdp/types"; -const paramsSchema = z.object({ orgId: z.string().nonempty() }).strict(); +const paramsSchema = z.strictObject({ orgId: z.string().nonempty() }); -const bodySchema = z - .object({ +const bodySchema = z.strictObject({ name: z.string().nonempty(), clientId: z.string().nonempty(), clientSecret: z.string().nonempty(), - authUrl: z.string().url(), - tokenUrl: z.string().url(), + authUrl: z.url(), + tokenUrl: z.url(), identifierPath: z.string().nonempty(), emailPath: z.string().optional(), namePath: z.string().optional(), @@ -45,8 +44,7 @@ const bodySchema = z autoProvision: z.boolean().optional(), variant: z.enum(["oidc", "google", "azure"]).optional().default("oidc"), roleMapping: z.string().optional() - }) - .strict(); + }); // registry.registerPath({ // method: "put", diff --git a/server/private/routers/orgIdp/listOrgIdps.ts b/server/private/routers/orgIdp/listOrgIdps.ts index 0c69ff8d..646d808c 100644 --- a/server/private/routers/orgIdp/listOrgIdps.ts +++ b/server/private/routers/orgIdp/listOrgIdps.ts @@ -24,28 +24,24 @@ import { fromError } from "zod-validation-error"; import { OpenAPITags, registry } from "@server/openApi"; import { ListOrgIdpsResponse } from "@server/routers/orgIdp/types"; -const querySchema = z - .object({ +const querySchema = z.strictObject({ limit: z .string() .optional() .default("1000") .transform(Number) - .pipe(z.number().int().nonnegative()), + .pipe(z.int().nonnegative()), offset: z .string() .optional() .default("0") .transform(Number) - .pipe(z.number().int().nonnegative()) - }) - .strict(); + .pipe(z.int().nonnegative()) + }); -const paramsSchema = z - .object({ +const paramsSchema = z.strictObject({ orgId: z.string().nonempty() - }) - .strict(); + }); async function query(orgId: string, limit: number, offset: number) { const res = await db diff --git a/server/private/routers/orgIdp/updateOrgOidcIdp.ts b/server/private/routers/orgIdp/updateOrgOidcIdp.ts index c6e54240..f3e76054 100644 --- a/server/private/routers/orgIdp/updateOrgOidcIdp.ts +++ b/server/private/routers/orgIdp/updateOrgOidcIdp.ts @@ -35,8 +35,7 @@ const paramsSchema = z }) .strict(); -const bodySchema = z - .object({ +const bodySchema = z.strictObject({ name: z.string().optional(), clientId: z.string().optional(), clientSecret: z.string().optional(), @@ -48,8 +47,7 @@ const bodySchema = z scopes: z.string().optional(), autoProvision: z.boolean().optional(), roleMapping: z.string().optional() - }) - .strict(); + }); export type UpdateOrgIdpResponse = { idpId: number; diff --git a/server/private/routers/re-key/reGenerateClientSecret.ts b/server/private/routers/re-key/reGenerateClientSecret.ts index e07099a4..85b3f4a6 100644 --- a/server/private/routers/re-key/reGenerateClientSecret.ts +++ b/server/private/routers/re-key/reGenerateClientSecret.ts @@ -24,19 +24,15 @@ import { fromError } from "zod-validation-error"; import { OpenAPITags, registry } from "@server/openApi"; import { hashPassword } from "@server/auth/password"; -const reGenerateSecretParamsSchema = z - .object({ - clientId: z.string().transform(Number).pipe(z.number().int().positive()) - }) - .strict(); +const reGenerateSecretParamsSchema = z.strictObject({ + clientId: z.string().transform(Number).pipe(z.int().positive()) + }); -const reGenerateSecretBodySchema = z - .object({ +const reGenerateSecretBodySchema = z.strictObject({ olmId: z.string().min(1).optional(), secret: z.string().min(1).optional(), - }) - .strict(); + }); export type ReGenerateSecretBody = z.infer; diff --git a/server/private/routers/re-key/reGenerateExitNodeSecret.ts b/server/private/routers/re-key/reGenerateExitNodeSecret.ts index 1503e75a..ee3a7a87 100644 --- a/server/private/routers/re-key/reGenerateExitNodeSecret.ts +++ b/server/private/routers/re-key/reGenerateExitNodeSecret.ts @@ -29,12 +29,10 @@ export const paramsSchema = z.object({ orgId: z.string() }); -const bodySchema = z - .object({ +const bodySchema = z.strictObject({ remoteExitNodeId: z.string().length(15), secret: z.string().length(48) - }) - .strict(); + }); registry.registerPath({ diff --git a/server/private/routers/re-key/reGenerateSiteSecret.ts b/server/private/routers/re-key/reGenerateSiteSecret.ts index 3826cbc3..bfa5df9d 100644 --- a/server/private/routers/re-key/reGenerateSiteSecret.ts +++ b/server/private/routers/re-key/reGenerateSiteSecret.ts @@ -25,22 +25,18 @@ import { hashPassword } from "@server/auth/password"; import { addPeer } from "@server/routers/gerbil/peers"; -const updateSiteParamsSchema = z - .object({ - siteId: z.string().transform(Number).pipe(z.number().int().positive()) - }) - .strict(); +const updateSiteParamsSchema = z.strictObject({ + siteId: z.string().transform(Number).pipe(z.int().positive()) + }); -const updateSiteBodySchema = z - .object({ +const updateSiteBodySchema = z.strictObject({ type: z.enum(["newt", "wireguard"]), newtId: z.string().min(1).max(255).optional(), newtSecret: z.string().min(1).max(255).optional(), - exitNodeId: z.number().int().positive().optional(), + exitNodeId: z.int().positive().optional(), pubKey: z.string().optional(), subnet: z.string().optional(), - }) - .strict(); + }); registry.registerPath({ method: "post", diff --git a/server/private/routers/remoteExitNode/createRemoteExitNode.ts b/server/private/routers/remoteExitNode/createRemoteExitNode.ts index 63209ad9..5afa82ef 100644 --- a/server/private/routers/remoteExitNode/createRemoteExitNode.ts +++ b/server/private/routers/remoteExitNode/createRemoteExitNode.ts @@ -35,12 +35,10 @@ export const paramsSchema = z.object({ orgId: z.string() }); -const bodySchema = z - .object({ +const bodySchema = z.strictObject({ remoteExitNodeId: z.string().length(15), secret: z.string().length(48) - }) - .strict(); + }); export type CreateRemoteExitNodeBody = z.infer; diff --git a/server/private/routers/remoteExitNode/deleteRemoteExitNode.ts b/server/private/routers/remoteExitNode/deleteRemoteExitNode.ts index f7b9d56c..e293f421 100644 --- a/server/private/routers/remoteExitNode/deleteRemoteExitNode.ts +++ b/server/private/routers/remoteExitNode/deleteRemoteExitNode.ts @@ -24,12 +24,10 @@ import { fromError } from "zod-validation-error"; import { usageService } from "@server/lib/billing/usageService"; import { FeatureId } from "@server/lib/billing"; -const paramsSchema = z - .object({ +const paramsSchema = z.strictObject({ orgId: z.string().min(1), remoteExitNodeId: z.string().min(1) - }) - .strict(); + }); export async function deleteRemoteExitNode( req: Request, diff --git a/server/private/routers/remoteExitNode/getRemoteExitNode.ts b/server/private/routers/remoteExitNode/getRemoteExitNode.ts index 2ef3fb06..c7b98297 100644 --- a/server/private/routers/remoteExitNode/getRemoteExitNode.ts +++ b/server/private/routers/remoteExitNode/getRemoteExitNode.ts @@ -23,12 +23,10 @@ import logger from "@server/logger"; import { fromError } from "zod-validation-error"; import { GetRemoteExitNodeResponse } from "@server/routers/remoteExitNode/types"; -const getRemoteExitNodeSchema = z - .object({ +const getRemoteExitNodeSchema = z.strictObject({ orgId: z.string().min(1), remoteExitNodeId: z.string().min(1) - }) - .strict(); + }); async function query(remoteExitNodeId: string) { const [remoteExitNode] = await db diff --git a/server/private/routers/remoteExitNode/listRemoteExitNodes.ts b/server/private/routers/remoteExitNode/listRemoteExitNodes.ts index 1029b1e9..a13a05cd 100644 --- a/server/private/routers/remoteExitNode/listRemoteExitNodes.ts +++ b/server/private/routers/remoteExitNode/listRemoteExitNodes.ts @@ -23,11 +23,9 @@ import logger from "@server/logger"; import { fromError } from "zod-validation-error"; import { ListRemoteExitNodesResponse } from "@server/routers/remoteExitNode/types"; -const listRemoteExitNodesParamsSchema = z - .object({ +const listRemoteExitNodesParamsSchema = z.strictObject({ orgId: z.string() - }) - .strict(); + }); const listRemoteExitNodesSchema = z.object({ limit: z @@ -35,13 +33,13 @@ const listRemoteExitNodesSchema = z.object({ .optional() .default("1000") .transform(Number) - .pipe(z.number().int().positive()), + .pipe(z.int().positive()), offset: z .string() .optional() .default("0") .transform(Number) - .pipe(z.number().int().nonnegative()) + .pipe(z.int().nonnegative()) }); export function queryRemoteExitNodes(orgId: string) { diff --git a/server/private/routers/remoteExitNode/pickRemoteExitNodeDefaults.ts b/server/private/routers/remoteExitNode/pickRemoteExitNodeDefaults.ts index e5762f0d..bb7c89d5 100644 --- a/server/private/routers/remoteExitNode/pickRemoteExitNodeDefaults.ts +++ b/server/private/routers/remoteExitNode/pickRemoteExitNodeDefaults.ts @@ -21,11 +21,9 @@ import { fromError } from "zod-validation-error"; import { z } from "zod"; import { PickRemoteExitNodeDefaultsResponse } from "@server/routers/remoteExitNode/types"; -const paramsSchema = z - .object({ +const paramsSchema = z.strictObject({ orgId: z.string() - }) - .strict(); + }); export async function pickRemoteExitNodeDefaults( req: Request, diff --git a/server/routers/accessToken/deleteAccessToken.ts b/server/routers/accessToken/deleteAccessToken.ts index 60d8789e..5de4df9b 100644 --- a/server/routers/accessToken/deleteAccessToken.ts +++ b/server/routers/accessToken/deleteAccessToken.ts @@ -10,11 +10,9 @@ import { and, eq } from "drizzle-orm"; import { db } from "@server/db"; import { OpenAPITags, registry } from "@server/openApi"; -const deleteAccessTokenParamsSchema = z - .object({ +const deleteAccessTokenParamsSchema = z.strictObject({ accessTokenId: z.string() - }) - .strict(); + }); registry.registerPath({ method: "delete", diff --git a/server/routers/accessToken/generateAccessToken.ts b/server/routers/accessToken/generateAccessToken.ts index 631b5924..36a20268 100644 --- a/server/routers/accessToken/generateAccessToken.ts +++ b/server/routers/accessToken/generateAccessToken.ts @@ -24,22 +24,18 @@ import { encodeHexLowerCase } from "@oslojs/encoding"; import { sha256 } from "@oslojs/crypto/sha2"; import { OpenAPITags, registry } from "@server/openApi"; -export const generateAccessTokenBodySchema = z - .object({ - validForSeconds: z.number().int().positive().optional(), // seconds +export const generateAccessTokenBodySchema = z.strictObject({ + validForSeconds: z.int().positive().optional(), // seconds title: z.string().optional(), description: z.string().optional() - }) - .strict(); + }); -export const generateAccssTokenParamsSchema = z - .object({ +export const generateAccssTokenParamsSchema = z.strictObject({ resourceId: z .string() .transform(Number) - .pipe(z.number().int().positive()) - }) - .strict(); + .pipe(z.int().positive()) + }); export type GenerateAccessTokenResponse = Omit< ResourceAccessToken, diff --git a/server/routers/accessToken/listAccessTokens.ts b/server/routers/accessToken/listAccessTokens.ts index ab2bf826..476c858b 100644 --- a/server/routers/accessToken/listAccessTokens.ts +++ b/server/routers/accessToken/listAccessTokens.ts @@ -17,18 +17,16 @@ import stoi from "@server/lib/stoi"; import { fromZodError } from "zod-validation-error"; import { OpenAPITags, registry } from "@server/openApi"; -const listAccessTokensParamsSchema = z - .object({ +const listAccessTokensParamsSchema = z.strictObject({ resourceId: z .string() .optional() .transform(stoi) - .pipe(z.number().int().positive().optional()), + .pipe(z.int().positive().optional()), orgId: z.string().optional() }) - .strict() .refine((data) => !!data.resourceId !== !!data.orgId, { - message: "Either resourceId or orgId must be provided, but not both" + error: "Either resourceId or orgId must be provided, but not both" }); const listAccessTokensSchema = z.object({ @@ -37,14 +35,14 @@ const listAccessTokensSchema = z.object({ .optional() .default("1000") .transform(Number) - .pipe(z.number().int().nonnegative()), + .pipe(z.int().nonnegative()), offset: z .string() .optional() .default("0") .transform(Number) - .pipe(z.number().int().nonnegative()) + .pipe(z.int().nonnegative()) }); function queryAccessTokens( diff --git a/server/routers/apiKeys/createRootApiKey.ts b/server/routers/apiKeys/createRootApiKey.ts index 0754574a..8e9e571d 100644 --- a/server/routers/apiKeys/createRootApiKey.ts +++ b/server/routers/apiKeys/createRootApiKey.ts @@ -14,11 +14,9 @@ import { import logger from "@server/logger"; import { hashPassword } from "@server/auth/password"; -const bodySchema = z - .object({ +const bodySchema = z.strictObject({ name: z.string().min(1).max(255) - }) - .strict(); + }); export type CreateRootApiKeyBody = z.infer; diff --git a/server/routers/apiKeys/listApiKeyActions.ts b/server/routers/apiKeys/listApiKeyActions.ts index 51d20b24..7432d175 100644 --- a/server/routers/apiKeys/listApiKeyActions.ts +++ b/server/routers/apiKeys/listApiKeyActions.ts @@ -20,13 +20,13 @@ const querySchema = z.object({ .optional() .default("1000") .transform(Number) - .pipe(z.number().int().positive()), + .pipe(z.int().positive()), offset: z .string() .optional() .default("0") .transform(Number) - .pipe(z.number().int().nonnegative()) + .pipe(z.int().nonnegative()) }); function queryActions(apiKeyId: string) { diff --git a/server/routers/apiKeys/listOrgApiKeys.ts b/server/routers/apiKeys/listOrgApiKeys.ts index e8c8bc1c..53191ba6 100644 --- a/server/routers/apiKeys/listOrgApiKeys.ts +++ b/server/routers/apiKeys/listOrgApiKeys.ts @@ -16,13 +16,13 @@ const querySchema = z.object({ .optional() .default("1000") .transform(Number) - .pipe(z.number().int().positive()), + .pipe(z.int().positive()), offset: z .string() .optional() .default("0") .transform(Number) - .pipe(z.number().int().nonnegative()) + .pipe(z.int().nonnegative()) }); const paramsSchema = z.object({ diff --git a/server/routers/apiKeys/listRootApiKeys.ts b/server/routers/apiKeys/listRootApiKeys.ts index ddfade3c..654b830a 100644 --- a/server/routers/apiKeys/listRootApiKeys.ts +++ b/server/routers/apiKeys/listRootApiKeys.ts @@ -15,13 +15,13 @@ const querySchema = z.object({ .optional() .default("1000") .transform(Number) - .pipe(z.number().int().positive()), + .pipe(z.int().positive()), offset: z .string() .optional() .default("0") .transform(Number) - .pipe(z.number().int().nonnegative()) + .pipe(z.int().nonnegative()) }); function queryApiKeys() { diff --git a/server/routers/apiKeys/setApiKeyActions.ts b/server/routers/apiKeys/setApiKeyActions.ts index bb16deb5..fe8cc4f1 100644 --- a/server/routers/apiKeys/setApiKeyActions.ts +++ b/server/routers/apiKeys/setApiKeyActions.ts @@ -10,13 +10,10 @@ import { fromError } from "zod-validation-error"; import { eq, and, inArray } from "drizzle-orm"; import { OpenAPITags, registry } from "@server/openApi"; -const bodySchema = z - .object({ - actionIds: z - .array(z.string().nonempty()) +const bodySchema = z.strictObject({ + actionIds: z.tuple([z.string()], z.string()) .transform((v) => Array.from(new Set(v))) - }) - .strict(); + }); const paramsSchema = z.object({ apiKeyId: z.string().nonempty() diff --git a/server/routers/apiKeys/setApiKeyOrgs.ts b/server/routers/apiKeys/setApiKeyOrgs.ts index f03eec18..d60aad73 100644 --- a/server/routers/apiKeys/setApiKeyOrgs.ts +++ b/server/routers/apiKeys/setApiKeyOrgs.ts @@ -9,13 +9,10 @@ import logger from "@server/logger"; import { fromError } from "zod-validation-error"; import { eq, and, inArray } from "drizzle-orm"; -const bodySchema = z - .object({ - orgIds: z - .array(z.string().nonempty()) +const bodySchema = z.strictObject({ + orgIds: z.tuple([z.string()], z.string()) .transform((v) => Array.from(new Set(v))) - }) - .strict(); + }); const paramsSchema = z.object({ apiKeyId: z.string().nonempty() diff --git a/server/routers/auditLogs/queryRequstAuditLog.ts b/server/routers/auditLogs/queryRequstAuditLog.ts index 26cba417..7c412994 100644 --- a/server/routers/auditLogs/queryRequstAuditLog.ts +++ b/server/routers/auditLogs/queryRequstAuditLog.ts @@ -17,13 +17,13 @@ export const queryAccessAuditLogsQuery = z.object({ timeStart: z .string() .refine((val) => !isNaN(Date.parse(val)), { - message: "timeStart must be a valid ISO date string" + error: "timeStart must be a valid ISO date string" }) .transform((val) => Math.floor(new Date(val).getTime() / 1000)), timeEnd: z .string() .refine((val) => !isNaN(Date.parse(val)), { - message: "timeEnd must be a valid ISO date string" + error: "timeEnd must be a valid ISO date string" }) .transform((val) => Math.floor(new Date(val).getTime() / 1000)) .optional() @@ -37,13 +37,13 @@ export const queryAccessAuditLogsQuery = z.object({ .string() .optional() .transform(Number) - .pipe(z.number().int().positive()) + .pipe(z.int().positive()) .optional(), resourceId: z .string() .optional() .transform(Number) - .pipe(z.number().int().positive()) + .pipe(z.int().positive()) .optional(), actor: z.string().optional(), location: z.string().optional(), @@ -54,13 +54,13 @@ export const queryAccessAuditLogsQuery = z.object({ .optional() .default("1000") .transform(Number) - .pipe(z.number().int().positive()), + .pipe(z.int().positive()), offset: z .string() .optional() .default("0") .transform(Number) - .pipe(z.number().int().nonnegative()) + .pipe(z.int().nonnegative()) }); export const queryRequestAuditLogsParams = z.object({ diff --git a/server/routers/auth/changePassword.ts b/server/routers/auth/changePassword.ts index 0164316e..fa007d37 100644 --- a/server/routers/auth/changePassword.ts +++ b/server/routers/auth/changePassword.ts @@ -22,13 +22,11 @@ import { sendEmail } from "@server/emails"; import ConfirmPasswordReset from "@server/emails/templates/NotifyResetPassword"; import config from "@server/lib/config"; -export const changePasswordBody = z - .object({ +export const changePasswordBody = z.strictObject({ oldPassword: z.string(), newPassword: passwordSchema, code: z.string().optional() - }) - .strict(); + }); export type ChangePasswordBody = z.infer; diff --git a/server/routers/auth/checkResourceSession.ts b/server/routers/auth/checkResourceSession.ts index 9840d564..39466400 100644 --- a/server/routers/auth/checkResourceSession.ts +++ b/server/routers/auth/checkResourceSession.ts @@ -7,10 +7,10 @@ import { response } from "@server/lib/response"; import { validateResourceSessionToken } from "@server/auth/sessions/resource"; import logger from "@server/logger"; -export const params = z.object({ +export const params = z.strictObject({ token: z.string(), - resourceId: z.string().transform(Number).pipe(z.number().int().positive()), -}).strict(); + resourceId: z.string().transform(Number).pipe(z.int().positive()), +}); export type CheckResourceSessionParams = z.infer; diff --git a/server/routers/auth/disable2fa.ts b/server/routers/auth/disable2fa.ts index da19c0d7..ebf6ab52 100644 --- a/server/routers/auth/disable2fa.ts +++ b/server/routers/auth/disable2fa.ts @@ -16,12 +16,10 @@ import config from "@server/lib/config"; import { unauthorized } from "@server/auth/unauthorizedResponse"; import { UserType } from "@server/types/UserTypes"; -export const disable2faBody = z - .object({ +export const disable2faBody = z.strictObject({ password: z.string(), code: z.string().optional() - }) - .strict(); + }); export type Disable2faBody = z.infer; diff --git a/server/routers/auth/login.ts b/server/routers/auth/login.ts index 418eaaa4..9c913054 100644 --- a/server/routers/auth/login.ts +++ b/server/routers/auth/login.ts @@ -20,14 +20,12 @@ import { verifySession } from "@server/auth/sessions/verifySession"; import { UserType } from "@server/types/UserTypes"; import { logAccessAudit } from "#dynamic/lib/logAccessAudit"; -export const loginBodySchema = z - .object({ - email: z.string().toLowerCase().email(), +export const loginBodySchema = z.strictObject({ + email: z.email().toLowerCase(), password: z.string(), code: z.string().optional(), resourceGuid: z.string().optional() - }) - .strict(); + }); export type LoginBody = z.infer; diff --git a/server/routers/auth/requestPasswordReset.ts b/server/routers/auth/requestPasswordReset.ts index a7e84b9e..0f9953e8 100644 --- a/server/routers/auth/requestPasswordReset.ts +++ b/server/routers/auth/requestPasswordReset.ts @@ -17,11 +17,9 @@ import ResetPasswordCode from "@server/emails/templates/ResetPasswordCode"; import { hashPassword } from "@server/auth/password"; import { UserType } from "@server/types/UserTypes"; -export const requestPasswordResetBody = z - .object({ - email: z.string().toLowerCase().email() - }) - .strict(); +export const requestPasswordResetBody = z.strictObject({ + email: z.email().toLowerCase() + }); export type RequestPasswordResetBody = z.infer; diff --git a/server/routers/auth/requestTotpSecret.ts b/server/routers/auth/requestTotpSecret.ts index 7c122a44..53d80147 100644 --- a/server/routers/auth/requestTotpSecret.ts +++ b/server/routers/auth/requestTotpSecret.ts @@ -16,12 +16,10 @@ import { UserType } from "@server/types/UserTypes"; import { verifySession } from "@server/auth/sessions/verifySession"; import config from "@server/lib/config"; -export const requestTotpSecretBody = z - .object({ +export const requestTotpSecretBody = z.strictObject({ password: z.string(), - email: z.string().email().optional() - }) - .strict(); + email: z.email().optional() + }); export type RequestTotpSecretBody = z.infer; diff --git a/server/routers/auth/resetPassword.ts b/server/routers/auth/resetPassword.ts index 14b4236b..aeb85558 100644 --- a/server/routers/auth/resetPassword.ts +++ b/server/routers/auth/resetPassword.ts @@ -17,14 +17,12 @@ import ConfirmPasswordReset from "@server/emails/templates/NotifyResetPassword"; import { sendEmail } from "@server/emails"; import { passwordSchema } from "@server/auth/passwordSchema"; -export const resetPasswordBody = z - .object({ - email: z.string().toLowerCase().email(), +export const resetPasswordBody = z.strictObject({ + email: z.email().toLowerCase(), token: z.string(), // reset secret code newPassword: passwordSchema, code: z.string().optional() // 2fa code - }) - .strict(); + }); export type ResetPasswordBody = z.infer; diff --git a/server/routers/auth/securityKey.ts b/server/routers/auth/securityKey.ts index 1e75764b..cde2f61a 100644 --- a/server/routers/auth/securityKey.ts +++ b/server/routers/auth/securityKey.ts @@ -99,28 +99,28 @@ async function clearChallenge(sessionId: string) { await db.delete(webauthnChallenge).where(eq(webauthnChallenge.sessionId, sessionId)); } -export const registerSecurityKeyBody = z.object({ +export const registerSecurityKeyBody = z.strictObject({ name: z.string().min(1), password: z.string().min(1), code: z.string().optional() -}).strict(); +}); -export const verifyRegistrationBody = z.object({ +export const verifyRegistrationBody = z.strictObject({ credential: z.any() -}).strict(); +}); -export const startAuthenticationBody = z.object({ - email: z.string().email().optional() -}).strict(); +export const startAuthenticationBody = z.strictObject({ + email: z.email().optional() +}); -export const verifyAuthenticationBody = z.object({ +export const verifyAuthenticationBody = z.strictObject({ credential: z.any() -}).strict(); +}); -export const deleteSecurityKeyBody = z.object({ +export const deleteSecurityKeyBody = z.strictObject({ password: z.string().min(1), code: z.string().optional() -}).strict(); +}); export async function startRegistration( req: Request, diff --git a/server/routers/auth/setServerAdmin.ts b/server/routers/auth/setServerAdmin.ts index 307f5504..9c2489cd 100644 --- a/server/routers/auth/setServerAdmin.ts +++ b/server/routers/auth/setServerAdmin.ts @@ -14,7 +14,7 @@ import { UserType } from "@server/types/UserTypes"; import moment from "moment"; export const bodySchema = z.object({ - email: z.string().toLowerCase().email(), + email: z.email().toLowerCase(), password: passwordSchema, setupToken: z.string().min(1, "Setup token is required") }); diff --git a/server/routers/auth/signup.ts b/server/routers/auth/signup.ts index e836d109..595a9b91 100644 --- a/server/routers/auth/signup.ts +++ b/server/routers/auth/signup.ts @@ -26,7 +26,7 @@ import { build } from "@server/build"; import resend, { AudienceIds, moveEmailToAudience } from "#dynamic/lib/resend"; export const signupBodySchema = z.object({ - email: z.string().toLowerCase().email(), + email: z.email().toLowerCase(), password: passwordSchema, inviteToken: z.string().optional(), inviteId: z.string().optional(), diff --git a/server/routers/auth/validateSetupToken.ts b/server/routers/auth/validateSetupToken.ts index e3c29833..1a4725b6 100644 --- a/server/routers/auth/validateSetupToken.ts +++ b/server/routers/auth/validateSetupToken.ts @@ -8,11 +8,9 @@ import createHttpError from "http-errors"; import logger from "@server/logger"; import { fromError } from "zod-validation-error"; -const validateSetupTokenSchema = z - .object({ +const validateSetupTokenSchema = z.strictObject({ token: z.string().min(1, "Token is required") - }) - .strict(); + }); export type ValidateSetupTokenResponse = { valid: boolean; diff --git a/server/routers/auth/verifyEmail.ts b/server/routers/auth/verifyEmail.ts index 47a81c0a..8d31eb45 100644 --- a/server/routers/auth/verifyEmail.ts +++ b/server/routers/auth/verifyEmail.ts @@ -13,11 +13,9 @@ import logger from "@server/logger"; import { freeLimitSet, limitsService } from "@server/lib/billing"; import { build } from "@server/build"; -export const verifyEmailBody = z - .object({ +export const verifyEmailBody = z.strictObject({ code: z.string() - }) - .strict(); + }); export type VerifyEmailBody = z.infer; diff --git a/server/routers/auth/verifyTotp.ts b/server/routers/auth/verifyTotp.ts index c44c0c53..9243c9f9 100644 --- a/server/routers/auth/verifyTotp.ts +++ b/server/routers/auth/verifyTotp.ts @@ -18,13 +18,11 @@ import { generateBackupCodes } from "@server/lib/totp"; import { verifySession } from "@server/auth/sessions/verifySession"; import { unauthorized } from "@server/auth/unauthorizedResponse"; -export const verifyTotpBody = z - .object({ - email: z.string().email().optional(), +export const verifyTotpBody = z.strictObject({ + email: z.email().optional(), password: z.string().optional(), code: z.string() - }) - .strict(); + }); export type VerifyTotpBody = z.infer; diff --git a/server/routers/badger/verifySession.ts b/server/routers/badger/verifySession.ts index da5b0f18..d7fe9190 100644 --- a/server/routers/badger/verifySession.ts +++ b/server/routers/badger/verifySession.ts @@ -40,10 +40,10 @@ import { logRequestAudit } from "./logRequestAudit"; import cache from "@server/lib/cache"; const verifyResourceSessionSchema = z.object({ - sessions: z.record(z.string()).optional(), - headers: z.record(z.string()).optional(), - query: z.record(z.string()).optional(), - originalRequestURL: z.string().url(), + sessions: z.record(z.string(), z.string()).optional(), + headers: z.record(z.string(), z.string()).optional(), + query: z.record(z.string(), z.string()).optional(), + originalRequestURL: z.url(), scheme: z.string(), host: z.string(), path: z.string(), diff --git a/server/routers/blueprints/applyJSONBlueprint.ts b/server/routers/blueprints/applyJSONBlueprint.ts index 6860307b..f8c9caec 100644 --- a/server/routers/blueprints/applyJSONBlueprint.ts +++ b/server/routers/blueprints/applyJSONBlueprint.ts @@ -8,17 +8,13 @@ import { fromError } from "zod-validation-error"; import { OpenAPITags, registry } from "@server/openApi"; import { applyBlueprint } from "@server/lib/blueprints/applyBlueprint"; -const applyBlueprintSchema = z - .object({ +const applyBlueprintSchema = z.strictObject({ blueprint: z.string() - }) - .strict(); + }); -const applyBlueprintParamsSchema = z - .object({ +const applyBlueprintParamsSchema = z.strictObject({ orgId: z.string() - }) - .strict(); + }); registry.registerPath({ method: "put", diff --git a/server/routers/blueprints/getBlueprint.ts b/server/routers/blueprints/getBlueprint.ts index 3d3f7366..45c36af7 100644 --- a/server/routers/blueprints/getBlueprint.ts +++ b/server/routers/blueprints/getBlueprint.ts @@ -12,15 +12,13 @@ import { fromError } from "zod-validation-error"; import { OpenAPITags, registry } from "@server/openApi"; import { BlueprintData } from "./types"; -const getBlueprintSchema = z - .object({ +const getBlueprintSchema = z.strictObject({ blueprintId: z .string() .transform(stoi) - .pipe(z.number().int().positive()), + .pipe(z.int().positive()), orgId: z.string() - }) - .strict(); + }); async function query(blueprintId: number, orgId: string) { // Get the client diff --git a/server/routers/blueprints/listBlueprints.ts b/server/routers/blueprints/listBlueprints.ts index 5ae8b211..315abfed 100644 --- a/server/routers/blueprints/listBlueprints.ts +++ b/server/routers/blueprints/listBlueprints.ts @@ -10,28 +10,24 @@ import { fromZodError } from "zod-validation-error"; import { OpenAPITags, registry } from "@server/openApi"; import { BlueprintData } from "./types"; -const listBluePrintsParamsSchema = z - .object({ +const listBluePrintsParamsSchema = z.strictObject({ orgId: z.string() - }) - .strict(); + }); -const listBluePrintsSchema = z - .object({ +const listBluePrintsSchema = z.strictObject({ limit: z .string() .optional() .default("1000") .transform(Number) - .pipe(z.number().int().nonnegative()), + .pipe(z.int().nonnegative()), offset: z .string() .optional() .default("0") .transform(Number) - .pipe(z.number().int().nonnegative()) - }) - .strict(); + .pipe(z.int().nonnegative()) + }); async function queryBlueprints(orgId: string, limit: number, offset: number) { const res = await db diff --git a/server/routers/client/createClient.ts b/server/routers/client/createClient.ts index cb2bbd6e..d1346879 100644 --- a/server/routers/client/createClient.ts +++ b/server/routers/client/createClient.ts @@ -26,22 +26,18 @@ import { isIpInCidr } from "@server/lib/ip"; import { OpenAPITags, registry } from "@server/openApi"; import { listExitNodes } from "#dynamic/lib/exitNodes"; -const createClientParamsSchema = z - .object({ +const createClientParamsSchema = z.strictObject({ orgId: z.string() - }) - .strict(); + }); -const createClientSchema = z - .object({ +const createClientSchema = z.strictObject({ name: z.string().min(1).max(255), - siteIds: z.array(z.number().int().positive()), + siteIds: z.array(z.int().positive()), olmId: z.string(), secret: z.string(), subnet: z.string(), type: z.enum(["olm"]) - }) - .strict(); + }); export type CreateClientBody = z.infer; diff --git a/server/routers/client/deleteClient.ts b/server/routers/client/deleteClient.ts index a7512574..1f514c65 100644 --- a/server/routers/client/deleteClient.ts +++ b/server/routers/client/deleteClient.ts @@ -10,11 +10,9 @@ import logger from "@server/logger"; import { fromError } from "zod-validation-error"; import { OpenAPITags, registry } from "@server/openApi"; -const deleteClientSchema = z - .object({ - clientId: z.string().transform(Number).pipe(z.number().int().positive()) - }) - .strict(); +const deleteClientSchema = z.strictObject({ + clientId: z.string().transform(Number).pipe(z.int().positive()) + }); registry.registerPath({ method: "delete", diff --git a/server/routers/client/getClient.ts b/server/routers/client/getClient.ts index d362526f..a8730faf 100644 --- a/server/routers/client/getClient.ts +++ b/server/routers/client/getClient.ts @@ -11,11 +11,9 @@ import stoi from "@server/lib/stoi"; import { fromError } from "zod-validation-error"; import { OpenAPITags, registry } from "@server/openApi"; -const getClientSchema = z - .object({ - clientId: z.string().transform(stoi).pipe(z.number().int().positive()) - }) - .strict(); +const getClientSchema = z.strictObject({ + clientId: z.string().transform(stoi).pipe(z.int().positive()) + }); async function query(clientId: number) { // Get the client diff --git a/server/routers/client/listClients.ts b/server/routers/client/listClients.ts index 209b54b4..dfac03a7 100644 --- a/server/routers/client/listClients.ts +++ b/server/routers/client/listClients.ts @@ -78,11 +78,9 @@ async function getLatestOlmVersion(): Promise { } -const listClientsParamsSchema = z - .object({ +const listClientsParamsSchema = z.strictObject({ orgId: z.string() - }) - .strict(); + }); const listClientsSchema = z.object({ limit: z @@ -90,13 +88,13 @@ const listClientsSchema = z.object({ .optional() .default("1000") .transform(Number) - .pipe(z.number().int().positive()), + .pipe(z.int().positive()), offset: z .string() .optional() .default("0") .transform(Number) - .pipe(z.number().int().nonnegative()) + .pipe(z.int().nonnegative()) }); function queryClients(orgId: string, accessibleClientIds: number[]) { diff --git a/server/routers/client/pickClientDefaults.ts b/server/routers/client/pickClientDefaults.ts index 6f452142..3d447ecd 100644 --- a/server/routers/client/pickClientDefaults.ts +++ b/server/routers/client/pickClientDefaults.ts @@ -15,11 +15,9 @@ export type PickClientDefaultsResponse = { subnet: string; }; -const pickClientDefaultsSchema = z - .object({ +const pickClientDefaultsSchema = z.strictObject({ orgId: z.string() - }) - .strict(); + }); registry.registerPath({ method: "get", diff --git a/server/routers/client/updateClient.ts b/server/routers/client/updateClient.ts index d458c4f8..27f85238 100644 --- a/server/routers/client/updateClient.ts +++ b/server/routers/client/updateClient.ts @@ -20,20 +20,16 @@ import { import { sendToExitNode } from "#dynamic/lib/exitNodes"; import { hashPassword } from "@server/auth/password"; -const updateClientParamsSchema = z - .object({ - clientId: z.string().transform(Number).pipe(z.number().int().positive()) - }) - .strict(); +const updateClientParamsSchema = z.strictObject({ + clientId: z.string().transform(Number).pipe(z.int().positive()) + }); -const updateClientSchema = z - .object({ +const updateClientSchema = z.strictObject({ name: z.string().min(1).max(255).optional(), siteIds: z - .array(z.number().int().positive()) + .array(z.int().positive()) .optional(), - }) - .strict(); + }); export type UpdateClientBody = z.infer; diff --git a/server/routers/domain/createOrgDomain.ts b/server/routers/domain/createOrgDomain.ts index 4c2451e3..3f223bce 100644 --- a/server/routers/domain/createOrgDomain.ts +++ b/server/routers/domain/createOrgDomain.ts @@ -15,20 +15,16 @@ import { isSecondLevelDomain, isValidDomain } from "@server/lib/validators"; import { build } from "@server/build"; import config from "@server/lib/config"; -const paramsSchema = z - .object({ +const paramsSchema = z.strictObject({ orgId: z.string() - }) - .strict(); + }); -const bodySchema = z - .object({ +const bodySchema = z.strictObject({ type: z.enum(["ns", "cname", "wildcard"]), baseDomain: subdomainSchema, certResolver: z.string().optional().nullable(), preferWildcardCert: z.boolean().optional().nullable() // optional, only for wildcard - }) - .strict(); + }); export type CreateDomainResponse = { diff --git a/server/routers/domain/deleteOrgDomain.ts b/server/routers/domain/deleteOrgDomain.ts index 8836584b..fe4a4805 100644 --- a/server/routers/domain/deleteOrgDomain.ts +++ b/server/routers/domain/deleteOrgDomain.ts @@ -10,12 +10,10 @@ import { and, eq } from "drizzle-orm"; import { usageService } from "@server/lib/billing/usageService"; import { FeatureId } from "@server/lib/billing"; -const paramsSchema = z - .object({ +const paramsSchema = z.strictObject({ domainId: z.string(), orgId: z.string() - }) - .strict(); + }); export type DeleteAccountDomainResponse = { success: boolean; diff --git a/server/routers/domain/getDNSRecords.ts b/server/routers/domain/getDNSRecords.ts index c705b4fa..239cc455 100644 --- a/server/routers/domain/getDNSRecords.ts +++ b/server/routers/domain/getDNSRecords.ts @@ -10,12 +10,10 @@ import { fromError } from "zod-validation-error"; import { OpenAPITags, registry } from "@server/openApi"; import { getServerIp } from "@server/lib/serverIpService"; // your in-memory IP module -const getDNSRecordsSchema = z - .object({ +const getDNSRecordsSchema = z.strictObject({ domainId: z.string(), orgId: z.string() - }) - .strict(); + }); async function query(domainId: string) { const records = await db diff --git a/server/routers/domain/getDomain.ts b/server/routers/domain/getDomain.ts index 77bd18ae..408cf37d 100644 --- a/server/routers/domain/getDomain.ts +++ b/server/routers/domain/getDomain.ts @@ -10,14 +10,12 @@ import { fromError } from "zod-validation-error"; import { OpenAPITags, registry } from "@server/openApi"; import { domain } from "zod/v4/core/regexes"; -const getDomainSchema = z - .object({ +const getDomainSchema = z.strictObject({ domainId: z .string() .optional(), orgId: z.string().optional() - }) - .strict(); + }); async function query(domainId?: string, orgId?: string) { if (domainId) { diff --git a/server/routers/domain/listDomains.ts b/server/routers/domain/listDomains.ts index 55ea99cb..48f22c6c 100644 --- a/server/routers/domain/listDomains.ts +++ b/server/routers/domain/listDomains.ts @@ -10,28 +10,24 @@ import logger from "@server/logger"; import { fromError } from "zod-validation-error"; import { OpenAPITags, registry } from "@server/openApi"; -const listDomainsParamsSchema = z - .object({ +const listDomainsParamsSchema = z.strictObject({ orgId: z.string() - }) - .strict(); + }); -const listDomainsSchema = z - .object({ +const listDomainsSchema = z.strictObject({ limit: z .string() .optional() .default("1000") .transform(Number) - .pipe(z.number().int().nonnegative()), + .pipe(z.int().nonnegative()), offset: z .string() .optional() .default("0") .transform(Number) - .pipe(z.number().int().nonnegative()) - }) - .strict(); + .pipe(z.int().nonnegative()) + }); async function queryDomains(orgId: string, limit: number, offset: number) { const res = await db diff --git a/server/routers/domain/restartOrgDomain.ts b/server/routers/domain/restartOrgDomain.ts index f40f2516..f2bf7c39 100644 --- a/server/routers/domain/restartOrgDomain.ts +++ b/server/routers/domain/restartOrgDomain.ts @@ -8,12 +8,10 @@ import logger from "@server/logger"; import { fromError } from "zod-validation-error"; import { and, eq } from "drizzle-orm"; -const paramsSchema = z - .object({ +const paramsSchema = z.strictObject({ domainId: z.string(), orgId: z.string() - }) - .strict(); + }); export type RestartOrgDomainResponse = { success: boolean; diff --git a/server/routers/domain/updateDomain.ts b/server/routers/domain/updateDomain.ts index c684466e..08301189 100644 --- a/server/routers/domain/updateDomain.ts +++ b/server/routers/domain/updateDomain.ts @@ -9,19 +9,15 @@ import { fromError } from "zod-validation-error"; import { eq, and } from "drizzle-orm"; import { OpenAPITags, registry } from "@server/openApi"; -const paramsSchema = z - .object({ +const paramsSchema = z.strictObject({ orgId: z.string(), domainId: z.string() - }) - .strict(); + }); -const bodySchema = z - .object({ +const bodySchema = z.strictObject({ certResolver: z.string().optional().nullable(), preferWildcardCert: z.boolean().optional().nullable() - }) - .strict(); + }); export type UpdateDomainResponse = { domainId: string; diff --git a/server/routers/idp/createIdpOrgPolicy.ts b/server/routers/idp/createIdpOrgPolicy.ts index 448b39cd..b59d2fc7 100644 --- a/server/routers/idp/createIdpOrgPolicy.ts +++ b/server/routers/idp/createIdpOrgPolicy.ts @@ -11,19 +11,15 @@ import config from "@server/lib/config"; import { eq, and } from "drizzle-orm"; import { idp, idpOrg } from "@server/db"; -const paramsSchema = z - .object({ +const paramsSchema = z.strictObject({ idpId: z.coerce.number(), orgId: z.string() - }) - .strict(); + }); -const bodySchema = z - .object({ +const bodySchema = z.strictObject({ roleMapping: z.string().optional(), orgMapping: z.string().optional() - }) - .strict(); + }); export type CreateIdpOrgPolicyResponse = {}; diff --git a/server/routers/idp/createOidcIdp.ts b/server/routers/idp/createOidcIdp.ts index 67357d76..2548cb04 100644 --- a/server/routers/idp/createOidcIdp.ts +++ b/server/routers/idp/createOidcIdp.ts @@ -12,22 +12,20 @@ import { generateOidcRedirectUrl } from "@server/lib/idp/generateRedirectUrl"; import { encrypt } from "@server/lib/crypto"; import config from "@server/lib/config"; -const paramsSchema = z.object({}).strict(); +const paramsSchema = z.strictObject({}); -const bodySchema = z - .object({ +const bodySchema = z.strictObject({ name: z.string().nonempty(), clientId: z.string().nonempty(), clientSecret: z.string().nonempty(), - authUrl: z.string().url(), - tokenUrl: z.string().url(), + authUrl: z.url(), + tokenUrl: z.url(), identifierPath: z.string().nonempty(), emailPath: z.string().optional(), namePath: z.string().optional(), scopes: z.string().nonempty(), autoProvision: z.boolean().optional() - }) - .strict(); + }); export type CreateIdpResponse = { idpId: number; diff --git a/server/routers/idp/deleteIdpOrgPolicy.ts b/server/routers/idp/deleteIdpOrgPolicy.ts index 8314a6d5..424bae4f 100644 --- a/server/routers/idp/deleteIdpOrgPolicy.ts +++ b/server/routers/idp/deleteIdpOrgPolicy.ts @@ -10,12 +10,10 @@ import { idp, idpOrg } from "@server/db"; import { eq, and } from "drizzle-orm"; import { OpenAPITags, registry } from "@server/openApi"; -const paramsSchema = z - .object({ +const paramsSchema = z.strictObject({ idpId: z.coerce.number(), orgId: z.string() - }) - .strict(); + }); registry.registerPath({ method: "delete", diff --git a/server/routers/idp/generateOidcUrl.ts b/server/routers/idp/generateOidcUrl.ts index 3c81ce0b..d99f61ba 100644 --- a/server/routers/idp/generateOidcUrl.ts +++ b/server/routers/idp/generateOidcUrl.ts @@ -23,11 +23,9 @@ const paramsSchema = z }) .strict(); -const bodySchema = z - .object({ +const bodySchema = z.strictObject({ redirectUrl: z.string() - }) - .strict(); + }); const querySchema = z.object({ orgId: z.string().optional() // check what actuall calls it diff --git a/server/routers/idp/listIdpOrgPolicies.ts b/server/routers/idp/listIdpOrgPolicies.ts index bd288837..481cddad 100644 --- a/server/routers/idp/listIdpOrgPolicies.ts +++ b/server/routers/idp/listIdpOrgPolicies.ts @@ -14,22 +14,20 @@ const paramsSchema = z.object({ idpId: z.coerce.number() }); -const querySchema = z - .object({ +const querySchema = z.strictObject({ limit: z .string() .optional() .default("1000") .transform(Number) - .pipe(z.number().int().nonnegative()), + .pipe(z.int().nonnegative()), offset: z .string() .optional() .default("0") .transform(Number) - .pipe(z.number().int().nonnegative()) - }) - .strict(); + .pipe(z.int().nonnegative()) + }); async function query(idpId: number, limit: number, offset: number) { const res = await db diff --git a/server/routers/idp/listIdps.ts b/server/routers/idp/listIdps.ts index 150b9f88..8ce2ab78 100644 --- a/server/routers/idp/listIdps.ts +++ b/server/routers/idp/listIdps.ts @@ -10,22 +10,20 @@ import logger from "@server/logger"; import { fromError } from "zod-validation-error"; import { OpenAPITags, registry } from "@server/openApi"; -const querySchema = z - .object({ +const querySchema = z.strictObject({ limit: z .string() .optional() .default("1000") .transform(Number) - .pipe(z.number().int().nonnegative()), + .pipe(z.int().nonnegative()), offset: z .string() .optional() .default("0") .transform(Number) - .pipe(z.number().int().nonnegative()) - }) - .strict(); + .pipe(z.int().nonnegative()) + }); async function query(limit: number, offset: number) { const res = await db diff --git a/server/routers/idp/updateIdpOrgPolicy.ts b/server/routers/idp/updateIdpOrgPolicy.ts index ecbc6dbd..586af476 100644 --- a/server/routers/idp/updateIdpOrgPolicy.ts +++ b/server/routers/idp/updateIdpOrgPolicy.ts @@ -10,19 +10,15 @@ import { OpenAPITags, registry } from "@server/openApi"; import { eq, and } from "drizzle-orm"; import { idp, idpOrg } from "@server/db"; -const paramsSchema = z - .object({ +const paramsSchema = z.strictObject({ idpId: z.coerce.number(), orgId: z.string() - }) - .strict(); + }); -const bodySchema = z - .object({ +const bodySchema = z.strictObject({ roleMapping: z.string().optional(), orgMapping: z.string().optional() - }) - .strict(); + }); export type UpdateIdpOrgPolicyResponse = {}; diff --git a/server/routers/idp/updateOidcIdp.ts b/server/routers/idp/updateOidcIdp.ts index 53ece68e..c7ba0b0b 100644 --- a/server/routers/idp/updateOidcIdp.ts +++ b/server/routers/idp/updateOidcIdp.ts @@ -18,8 +18,7 @@ const paramsSchema = z }) .strict(); -const bodySchema = z - .object({ +const bodySchema = z.strictObject({ name: z.string().optional(), clientId: z.string().optional(), clientSecret: z.string().optional(), @@ -32,8 +31,7 @@ const bodySchema = z autoProvision: z.boolean().optional(), defaultRoleMapping: z.string().optional(), defaultOrgMapping: z.string().optional() - }) - .strict(); + }); export type UpdateIdpResponse = { idpId: number; diff --git a/server/routers/newt/createNewt.ts b/server/routers/newt/createNewt.ts index 3066e4ea..930c04be 100644 --- a/server/routers/newt/createNewt.ts +++ b/server/routers/newt/createNewt.ts @@ -23,12 +23,10 @@ export type CreateNewtResponse = { secret: string; }; -const createNewtSchema = z - .object({ +const createNewtSchema = z.strictObject({ newtId: z.string(), secret: z.string() - }) - .strict(); + }); export async function createNewt( req: Request, diff --git a/server/routers/newt/handleGetConfigMessage.ts b/server/routers/newt/handleGetConfigMessage.ts index 3eba94b9..fb40c398 100644 --- a/server/routers/newt/handleGetConfigMessage.ts +++ b/server/routers/newt/handleGetConfigMessage.ts @@ -18,7 +18,7 @@ import { sendToExitNode } from "#dynamic/lib/exitNodes"; const inputSchema = z.object({ publicKey: z.string(), - port: z.number().int().positive() + port: z.int().positive() }); type Input = z.infer; diff --git a/server/routers/olm/createOlm.ts b/server/routers/olm/createOlm.ts index 3066e4ea..930c04be 100644 --- a/server/routers/olm/createOlm.ts +++ b/server/routers/olm/createOlm.ts @@ -23,12 +23,10 @@ export type CreateNewtResponse = { secret: string; }; -const createNewtSchema = z - .object({ +const createNewtSchema = z.strictObject({ newtId: z.string(), secret: z.string() - }) - .strict(); + }); export async function createNewt( req: Request, diff --git a/server/routers/org/checkId.ts b/server/routers/org/checkId.ts index c5d00002..2a898c30 100644 --- a/server/routers/org/checkId.ts +++ b/server/routers/org/checkId.ts @@ -9,11 +9,9 @@ import createHttpError from "http-errors"; import logger from "@server/logger"; import { fromError } from "zod-validation-error"; -const getOrgSchema = z - .object({ +const getOrgSchema = z.strictObject({ orgId: z.string() - }) - .strict(); + }); export async function checkId( req: Request, diff --git a/server/routers/org/createOrg.ts b/server/routers/org/createOrg.ts index d8bcb9da..e44bf021 100644 --- a/server/routers/org/createOrg.ts +++ b/server/routers/org/createOrg.ts @@ -27,13 +27,11 @@ import { usageService } from "@server/lib/billing/usageService"; import { FeatureId } from "@server/lib/billing"; import { build } from "@server/build"; -const createOrgSchema = z - .object({ +const createOrgSchema = z.strictObject({ orgId: z.string(), name: z.string().min(1).max(255), subnet: z.string() - }) - .strict(); + }); registry.registerPath({ method: "put", diff --git a/server/routers/org/deleteOrg.ts b/server/routers/org/deleteOrg.ts index 8a424e5b..0e21a8c0 100644 --- a/server/routers/org/deleteOrg.ts +++ b/server/routers/org/deleteOrg.ts @@ -13,11 +13,9 @@ import { sendToClient } from "#dynamic/routers/ws"; import { deletePeer } from "../gerbil/peers"; import { OpenAPITags, registry } from "@server/openApi"; -const deleteOrgSchema = z - .object({ +const deleteOrgSchema = z.strictObject({ orgId: z.string() - }) - .strict(); + }); export type DeleteOrgResponse = {}; diff --git a/server/routers/org/getOrg.ts b/server/routers/org/getOrg.ts index 2497f9a6..38a1c6ba 100644 --- a/server/routers/org/getOrg.ts +++ b/server/routers/org/getOrg.ts @@ -10,11 +10,9 @@ import logger from "@server/logger"; import { fromZodError } from "zod-validation-error"; import { OpenAPITags, registry } from "@server/openApi"; -const getOrgSchema = z - .object({ +const getOrgSchema = z.strictObject({ orgId: z.string() - }) - .strict(); + }); export type GetOrgResponse = { org: Org; diff --git a/server/routers/org/getOrgOverview.ts b/server/routers/org/getOrgOverview.ts index 67a14464..90883fd7 100644 --- a/server/routers/org/getOrgOverview.ts +++ b/server/routers/org/getOrgOverview.ts @@ -18,11 +18,9 @@ import createHttpError from "http-errors"; import logger from "@server/logger"; import { fromZodError } from "zod-validation-error"; -const getOrgParamsSchema = z - .object({ +const getOrgParamsSchema = z.strictObject({ orgId: z.string() - }) - .strict(); + }); export type GetOrgOverviewResponse = { orgName: string; diff --git a/server/routers/org/listOrgs.ts b/server/routers/org/listOrgs.ts index 07705e48..5819dc25 100644 --- a/server/routers/org/listOrgs.ts +++ b/server/routers/org/listOrgs.ts @@ -16,13 +16,13 @@ const listOrgsSchema = z.object({ .optional() .default("1000") .transform(Number) - .pipe(z.number().int().positive()), + .pipe(z.int().positive()), offset: z .string() .optional() .default("0") .transform(Number) - .pipe(z.number().int().nonnegative()) + .pipe(z.int().nonnegative()) }); registry.registerPath({ diff --git a/server/routers/org/listUserOrgs.ts b/server/routers/org/listUserOrgs.ts index e3c0d06f..eb500250 100644 --- a/server/routers/org/listUserOrgs.ts +++ b/server/routers/org/listUserOrgs.ts @@ -20,13 +20,13 @@ const listOrgsSchema = z.object({ .optional() .default("1000") .transform(Number) - .pipe(z.number().int().positive()), + .pipe(z.int().positive()), offset: z .string() .optional() .default("0") .transform(Number) - .pipe(z.number().int().nonnegative()) + .pipe(z.int().nonnegative()) }); // registry.registerPath({ diff --git a/server/routers/org/updateOrg.ts b/server/routers/org/updateOrg.ts index 8ab809e4..6e7a9b35 100644 --- a/server/routers/org/updateOrg.ts +++ b/server/routers/org/updateOrg.ts @@ -15,14 +15,11 @@ import { getOrgTierData } from "#dynamic/lib/billing"; import { TierId } from "@server/lib/billing/tiers"; import { cache } from "@server/lib/cache"; -const updateOrgParamsSchema = z - .object({ +const updateOrgParamsSchema = z.strictObject({ orgId: z.string() - }) - .strict(); + }); -const updateOrgBodySchema = z - .object({ +const updateOrgBodySchema = z.strictObject({ name: z.string().min(1).max(255).optional(), requireTwoFactor: z.boolean().optional(), maxSessionLengthHours: z.number().nullable().optional(), @@ -40,9 +37,8 @@ const updateOrgBodySchema = z .min(build === "saas" ? 0 : -1) .optional() }) - .strict() .refine((data) => Object.keys(data).length > 0, { - message: "At least one field must be provided for update" + error: "At least one field must be provided for update" }); registry.registerPath({ diff --git a/server/routers/resource/addEmailToResourceWhitelist.ts b/server/routers/resource/addEmailToResourceWhitelist.ts index c0d80468..f9cee838 100644 --- a/server/routers/resource/addEmailToResourceWhitelist.ts +++ b/server/routers/resource/addEmailToResourceWhitelist.ts @@ -10,29 +10,22 @@ import { fromError } from "zod-validation-error"; import { and, eq } from "drizzle-orm"; import { OpenAPITags, registry } from "@server/openApi"; -const addEmailToResourceWhitelistBodySchema = z - .object({ - email: z - .string() - .email() +const addEmailToResourceWhitelistBodySchema = z.strictObject({ + email: z.email() .or( z.string().regex(/^\*@[\w.-]+\.[a-zA-Z]{2,}$/, { - message: - "Invalid email address. Wildcard (*) must be the entire local part." + error: "Invalid email address. Wildcard (*) must be the entire local part." }) ) .transform((v) => v.toLowerCase()) - }) - .strict(); + }); -const addEmailToResourceWhitelistParamsSchema = z - .object({ +const addEmailToResourceWhitelistParamsSchema = z.strictObject({ resourceId: z .string() .transform(Number) - .pipe(z.number().int().positive()) - }) - .strict(); + .pipe(z.int().positive()) + }); registry.registerPath({ method: "post", diff --git a/server/routers/resource/authWithAccessToken.ts b/server/routers/resource/authWithAccessToken.ts index bf0a9697..81ca7fbc 100644 --- a/server/routers/resource/authWithAccessToken.ts +++ b/server/routers/resource/authWithAccessToken.ts @@ -15,22 +15,18 @@ import config from "@server/lib/config"; import stoi from "@server/lib/stoi"; import { logAccessAudit } from "#dynamic/lib/logAccessAudit"; -const authWithAccessTokenBodySchema = z - .object({ +const authWithAccessTokenBodySchema = z.strictObject({ accessToken: z.string(), accessTokenId: z.string().optional() - }) - .strict(); + }); -const authWithAccessTokenParamsSchema = z - .object({ +const authWithAccessTokenParamsSchema = z.strictObject({ resourceId: z .string() .optional() .transform(stoi) - .pipe(z.number().int().positive().optional()) - }) - .strict(); + .pipe(z.int().positive().optional()) + }); export type AuthWithAccessTokenResponse = { session?: string; diff --git a/server/routers/resource/authWithPassword.ts b/server/routers/resource/authWithPassword.ts index 97daea3b..4c1f2058 100644 --- a/server/routers/resource/authWithPassword.ts +++ b/server/routers/resource/authWithPassword.ts @@ -15,20 +15,16 @@ import { verifyPassword } from "@server/auth/password"; import config from "@server/lib/config"; import { logAccessAudit } from "#dynamic/lib/logAccessAudit"; -export const authWithPasswordBodySchema = z - .object({ +export const authWithPasswordBodySchema = z.strictObject({ password: z.string() - }) - .strict(); + }); -export const authWithPasswordParamsSchema = z - .object({ +export const authWithPasswordParamsSchema = z.strictObject({ resourceId: z .string() .transform(Number) - .pipe(z.number().int().positive()) - }) - .strict(); + .pipe(z.int().positive()) + }); export type AuthWithPasswordResponse = { session?: string; diff --git a/server/routers/resource/authWithPincode.ts b/server/routers/resource/authWithPincode.ts index 8ce5c1fe..59f80ee0 100644 --- a/server/routers/resource/authWithPincode.ts +++ b/server/routers/resource/authWithPincode.ts @@ -14,20 +14,16 @@ import { verifyPassword } from "@server/auth/password"; import config from "@server/lib/config"; import { logAccessAudit } from "#dynamic/lib/logAccessAudit"; -export const authWithPincodeBodySchema = z - .object({ +export const authWithPincodeBodySchema = z.strictObject({ pincode: z.string() - }) - .strict(); + }); -export const authWithPincodeParamsSchema = z - .object({ +export const authWithPincodeParamsSchema = z.strictObject({ resourceId: z .string() .transform(Number) - .pipe(z.number().int().positive()) - }) - .strict(); + .pipe(z.int().positive()) + }); export type AuthWithPincodeResponse = { session?: string; diff --git a/server/routers/resource/authWithWhitelist.ts b/server/routers/resource/authWithWhitelist.ts index 11e417b6..11f84043 100644 --- a/server/routers/resource/authWithWhitelist.ts +++ b/server/routers/resource/authWithWhitelist.ts @@ -14,21 +14,17 @@ import logger from "@server/logger"; import config from "@server/lib/config"; import { logAccessAudit } from "#dynamic/lib/logAccessAudit"; -const authWithWhitelistBodySchema = z - .object({ - email: z.string().toLowerCase().email(), +const authWithWhitelistBodySchema = z.strictObject({ + email: z.email().toLowerCase(), otp: z.string().optional() - }) - .strict(); + }); -const authWithWhitelistParamsSchema = z - .object({ +const authWithWhitelistParamsSchema = z.strictObject({ resourceId: z .string() .transform(Number) - .pipe(z.number().int().positive()) - }) - .strict(); + .pipe(z.int().positive()) + }); export type AuthWithWhitelistResponse = { otpSent?: boolean; diff --git a/server/routers/resource/createResource.ts b/server/routers/resource/createResource.ts index 2a4e67a7..b9ab3ce5 100644 --- a/server/routers/resource/createResource.ts +++ b/server/routers/resource/createResource.ts @@ -25,14 +25,11 @@ import { createCertificate } from "#dynamic/routers/certificates/createCertifica import { getUniqueResourceName } from "@server/db/names"; import { validateAndConstructDomain } from "@server/lib/domainUtils"; -const createResourceParamsSchema = z - .object({ +const createResourceParamsSchema = z.strictObject({ orgId: z.string() - }) - .strict(); + }); -const createHttpResourceSchema = z - .object({ +const createHttpResourceSchema = z.strictObject({ name: z.string().min(1).max(255), subdomain: z.string().nullable().optional(), http: z.boolean(), @@ -40,7 +37,6 @@ const createHttpResourceSchema = z domainId: z.string(), stickySession: z.boolean().optional(), }) - .strict() .refine( (data) => { if (data.subdomain) { @@ -48,18 +44,18 @@ const createHttpResourceSchema = z } return true; }, - { message: "Invalid subdomain" } + { + error: "Invalid subdomain" + } ); -const createRawResourceSchema = z - .object({ +const createRawResourceSchema = z.strictObject({ name: z.string().min(1).max(255), http: z.boolean(), protocol: z.enum(["tcp", "udp"]), - proxyPort: z.number().int().min(1).max(65535) + proxyPort: z.int().min(1).max(65535) // enableProxy: z.boolean().default(true) // always true now }) - .strict() .refine( (data) => { if (!config.getRawConfig().flags?.allow_raw_resources) { @@ -70,7 +66,7 @@ const createRawResourceSchema = z return true; }, { - message: "Raw resources are not allowed" + error: "Raw resources are not allowed" } ); diff --git a/server/routers/resource/createResourceRule.ts b/server/routers/resource/createResourceRule.ts index 1a5c07c2..c3e086b0 100644 --- a/server/routers/resource/createResourceRule.ts +++ b/server/routers/resource/createResourceRule.ts @@ -15,24 +15,20 @@ import { } from "@server/lib/validators"; import { OpenAPITags, registry } from "@server/openApi"; -const createResourceRuleSchema = z - .object({ +const createResourceRuleSchema = z.strictObject({ action: z.enum(["ACCEPT", "DROP", "PASS"]), match: z.enum(["CIDR", "IP", "PATH", "COUNTRY"]), value: z.string().min(1), - priority: z.number().int(), + priority: z.int(), enabled: z.boolean().optional() - }) - .strict(); + }); -const createResourceRuleParamsSchema = z - .object({ +const createResourceRuleParamsSchema = z.strictObject({ resourceId: z .string() .transform(Number) - .pipe(z.number().int().positive()) - }) - .strict(); + .pipe(z.int().positive()) + }); registry.registerPath({ method: "put", diff --git a/server/routers/resource/deleteResource.ts b/server/routers/resource/deleteResource.ts index 3b0e9df4..a81208a5 100644 --- a/server/routers/resource/deleteResource.ts +++ b/server/routers/resource/deleteResource.ts @@ -14,14 +14,12 @@ import { getAllowedIps } from "../target/helpers"; import { OpenAPITags, registry } from "@server/openApi"; // Define Zod schema for request parameters validation -const deleteResourceSchema = z - .object({ +const deleteResourceSchema = z.strictObject({ resourceId: z .string() .transform(Number) - .pipe(z.number().int().positive()) - }) - .strict(); + .pipe(z.int().positive()) + }); registry.registerPath({ method: "delete", diff --git a/server/routers/resource/deleteResourceRule.ts b/server/routers/resource/deleteResourceRule.ts index 6b404651..58cb7b48 100644 --- a/server/routers/resource/deleteResourceRule.ts +++ b/server/routers/resource/deleteResourceRule.ts @@ -10,15 +10,13 @@ import logger from "@server/logger"; import { fromError } from "zod-validation-error"; import { OpenAPITags, registry } from "@server/openApi"; -const deleteResourceRuleSchema = z - .object({ - ruleId: z.string().transform(Number).pipe(z.number().int().positive()), +const deleteResourceRuleSchema = z.strictObject({ + ruleId: z.string().transform(Number).pipe(z.int().positive()), resourceId: z .string() .transform(Number) - .pipe(z.number().int().positive()) - }) - .strict(); + .pipe(z.int().positive()) + }); registry.registerPath({ method: "delete", diff --git a/server/routers/resource/getExchangeToken.ts b/server/routers/resource/getExchangeToken.ts index 28975234..8a0276a0 100644 --- a/server/routers/resource/getExchangeToken.ts +++ b/server/routers/resource/getExchangeToken.ts @@ -16,14 +16,12 @@ import { response } from "@server/lib/response"; import { checkOrgAccessPolicy } from "#dynamic/lib/checkOrgAccessPolicy"; import { logAccessAudit } from "#dynamic/lib/logAccessAudit"; -const getExchangeTokenParams = z - .object({ +const getExchangeTokenParams = z.strictObject({ resourceId: z .string() .transform(Number) - .pipe(z.number().int().positive()) - }) - .strict(); + .pipe(z.int().positive()) + }); export type GetExchangeTokenResponse = { requestToken: string; diff --git a/server/routers/resource/getResource.ts b/server/routers/resource/getResource.ts index 0fdcdd0c..f2ce559e 100644 --- a/server/routers/resource/getResource.ts +++ b/server/routers/resource/getResource.ts @@ -11,18 +11,16 @@ import logger from "@server/logger"; import stoi from "@server/lib/stoi"; import { OpenAPITags, registry } from "@server/openApi"; -const getResourceSchema = z - .object({ +const getResourceSchema = z.strictObject({ resourceId: z .string() .optional() .transform(stoi) - .pipe(z.number().int().positive().optional()) + .pipe(z.int().positive().optional()) .optional(), niceId: z.string().optional(), orgId: z.string().optional() - }) - .strict(); + }); async function query(resourceId?: number, niceId?: string, orgId?: string) { if (resourceId) { diff --git a/server/routers/resource/getResourceAuthInfo.ts b/server/routers/resource/getResourceAuthInfo.ts index 834da7b3..60f8e586 100644 --- a/server/routers/resource/getResourceAuthInfo.ts +++ b/server/routers/resource/getResourceAuthInfo.ts @@ -15,11 +15,9 @@ import { fromError } from "zod-validation-error"; import logger from "@server/logger"; import { build } from "@server/build"; -const getResourceAuthInfoSchema = z - .object({ +const getResourceAuthInfoSchema = z.strictObject({ resourceGuid: z.string() - }) - .strict(); + }); export type GetResourceAuthInfoResponse = { resourceId: number; diff --git a/server/routers/resource/getResourceWhitelist.ts b/server/routers/resource/getResourceWhitelist.ts index 415cb714..3171352a 100644 --- a/server/routers/resource/getResourceWhitelist.ts +++ b/server/routers/resource/getResourceWhitelist.ts @@ -10,14 +10,12 @@ import logger from "@server/logger"; import { fromError } from "zod-validation-error"; import { OpenAPITags, registry } from "@server/openApi"; -const getResourceWhitelistSchema = z - .object({ +const getResourceWhitelistSchema = z.strictObject({ resourceId: z .string() .transform(Number) - .pipe(z.number().int().positive()) - }) - .strict(); + .pipe(z.int().positive()) + }); async function queryWhitelist(resourceId: number) { return await db diff --git a/server/routers/resource/listResourceRoles.ts b/server/routers/resource/listResourceRoles.ts index 4676b01e..3dbb8c0d 100644 --- a/server/routers/resource/listResourceRoles.ts +++ b/server/routers/resource/listResourceRoles.ts @@ -10,14 +10,12 @@ import logger from "@server/logger"; import { fromError } from "zod-validation-error"; import { OpenAPITags, registry } from "@server/openApi"; -const listResourceRolesSchema = z - .object({ +const listResourceRolesSchema = z.strictObject({ resourceId: z .string() .transform(Number) - .pipe(z.number().int().positive()) - }) - .strict(); + .pipe(z.int().positive()) + }); async function query(resourceId: number) { return await db diff --git a/server/routers/resource/listResourceRules.ts b/server/routers/resource/listResourceRules.ts index 727d50ba..bc2516a0 100644 --- a/server/routers/resource/listResourceRules.ts +++ b/server/routers/resource/listResourceRules.ts @@ -10,14 +10,12 @@ import { fromError } from "zod-validation-error"; import logger from "@server/logger"; import { OpenAPITags, registry } from "@server/openApi"; -const listResourceRulesParamsSchema = z - .object({ +const listResourceRulesParamsSchema = z.strictObject({ resourceId: z .string() .transform(Number) - .pipe(z.number().int().positive()) - }) - .strict(); + .pipe(z.int().positive()) + }); const listResourceRulesSchema = z.object({ limit: z @@ -25,13 +23,13 @@ const listResourceRulesSchema = z.object({ .optional() .default("1000") .transform(Number) - .pipe(z.number().int().positive()), + .pipe(z.int().positive()), offset: z .string() .optional() .default("0") .transform(Number) - .pipe(z.number().int().nonnegative()) + .pipe(z.int().nonnegative()) }); function queryResourceRules(resourceId: number) { diff --git a/server/routers/resource/listResourceUsers.ts b/server/routers/resource/listResourceUsers.ts index 0d96ac0d..b07bcf0a 100644 --- a/server/routers/resource/listResourceUsers.ts +++ b/server/routers/resource/listResourceUsers.ts @@ -10,14 +10,12 @@ import logger from "@server/logger"; import { fromError } from "zod-validation-error"; import { OpenAPITags, registry } from "@server/openApi"; -const listResourceUsersSchema = z - .object({ +const listResourceUsersSchema = z.strictObject({ resourceId: z .string() .transform(Number) - .pipe(z.number().int().positive()) - }) - .strict(); + .pipe(z.int().positive()) + }); async function queryUsers(resourceId: number) { return await db diff --git a/server/routers/resource/listResources.ts b/server/routers/resource/listResources.ts index e612d5ec..a72dd763 100644 --- a/server/routers/resource/listResources.ts +++ b/server/routers/resource/listResources.ts @@ -20,11 +20,9 @@ import { fromZodError } from "zod-validation-error"; import { OpenAPITags, registry } from "@server/openApi"; import { warn } from "console"; -const listResourcesParamsSchema = z - .object({ +const listResourcesParamsSchema = z.strictObject({ orgId: z.string() - }) - .strict(); + }); const listResourcesSchema = z.object({ limit: z @@ -32,14 +30,14 @@ const listResourcesSchema = z.object({ .optional() .default("1000") .transform(Number) - .pipe(z.number().int().nonnegative()), + .pipe(z.int().nonnegative()), offset: z .string() .optional() .default("0") .transform(Number) - .pipe(z.number().int().nonnegative()) + .pipe(z.int().nonnegative()) }); // (resource fields + a single joined target) diff --git a/server/routers/resource/removeEmailFromResourceWhitelist.ts b/server/routers/resource/removeEmailFromResourceWhitelist.ts index 7667bf28..c2cac2de 100644 --- a/server/routers/resource/removeEmailFromResourceWhitelist.ts +++ b/server/routers/resource/removeEmailFromResourceWhitelist.ts @@ -10,29 +10,22 @@ import { fromError } from "zod-validation-error"; import { and, eq } from "drizzle-orm"; import { OpenAPITags, registry } from "@server/openApi"; -const removeEmailFromResourceWhitelistBodySchema = z - .object({ - email: z - .string() - .email() +const removeEmailFromResourceWhitelistBodySchema = z.strictObject({ + email: z.email() .or( z.string().regex(/^\*@[\w.-]+\.[a-zA-Z]{2,}$/, { - message: - "Invalid email address. Wildcard (*) must be the entire local part." + error: "Invalid email address. Wildcard (*) must be the entire local part." }) ) .transform((v) => v.toLowerCase()) - }) - .strict(); + }); -const removeEmailFromResourceWhitelistParamsSchema = z - .object({ +const removeEmailFromResourceWhitelistParamsSchema = z.strictObject({ resourceId: z .string() .transform(Number) - .pipe(z.number().int().positive()) - }) - .strict(); + .pipe(z.int().positive()) + }); registry.registerPath({ method: "post", diff --git a/server/routers/resource/setResourceHeaderAuth.ts b/server/routers/resource/setResourceHeaderAuth.ts index dc0d417d..87ffbacd 100644 --- a/server/routers/resource/setResourceHeaderAuth.ts +++ b/server/routers/resource/setResourceHeaderAuth.ts @@ -11,15 +11,13 @@ import { hashPassword } from "@server/auth/password"; import { OpenAPITags, registry } from "@server/openApi"; const setResourceAuthMethodsParamsSchema = z.object({ - resourceId: z.string().transform(Number).pipe(z.number().int().positive()) + resourceId: z.string().transform(Number).pipe(z.int().positive()) }); -const setResourceAuthMethodsBodySchema = z - .object({ +const setResourceAuthMethodsBodySchema = z.strictObject({ user: z.string().min(4).max(100).nullable(), password: z.string().min(4).max(100).nullable() - }) - .strict(); + }); registry.registerPath({ method: "post", diff --git a/server/routers/resource/setResourcePassword.ts b/server/routers/resource/setResourcePassword.ts index 5ff485d2..3f9ce9f1 100644 --- a/server/routers/resource/setResourcePassword.ts +++ b/server/routers/resource/setResourcePassword.ts @@ -13,14 +13,12 @@ import { hashPassword } from "@server/auth/password"; import { OpenAPITags, registry } from "@server/openApi"; const setResourceAuthMethodsParamsSchema = z.object({ - resourceId: z.string().transform(Number).pipe(z.number().int().positive()) + resourceId: z.string().transform(Number).pipe(z.int().positive()) }); -const setResourceAuthMethodsBodySchema = z - .object({ +const setResourceAuthMethodsBodySchema = z.strictObject({ password: z.string().min(4).max(100).nullable() - }) - .strict(); + }); registry.registerPath({ method: "post", diff --git a/server/routers/resource/setResourcePincode.ts b/server/routers/resource/setResourcePincode.ts index 83af3c7a..6a88a279 100644 --- a/server/routers/resource/setResourcePincode.ts +++ b/server/routers/resource/setResourcePincode.ts @@ -14,17 +14,15 @@ import { hashPassword } from "@server/auth/password"; import { OpenAPITags, registry } from "@server/openApi"; const setResourceAuthMethodsParamsSchema = z.object({ - resourceId: z.string().transform(Number).pipe(z.number().int().positive()) + resourceId: z.string().transform(Number).pipe(z.int().positive()) }); -const setResourceAuthMethodsBodySchema = z - .object({ +const setResourceAuthMethodsBodySchema = z.strictObject({ pincode: z .string() .regex(/^\d{6}$/) .or(z.null()) - }) - .strict(); + }); registry.registerPath({ method: "post", diff --git a/server/routers/resource/setResourceRoles.ts b/server/routers/resource/setResourceRoles.ts index 7ea76d21..19b7b601 100644 --- a/server/routers/resource/setResourceRoles.ts +++ b/server/routers/resource/setResourceRoles.ts @@ -10,20 +10,16 @@ import { fromError } from "zod-validation-error"; import { eq, and, ne } from "drizzle-orm"; import { OpenAPITags, registry } from "@server/openApi"; -const setResourceRolesBodySchema = z - .object({ - roleIds: z.array(z.number().int().positive()) - }) - .strict(); +const setResourceRolesBodySchema = z.strictObject({ + roleIds: z.array(z.int().positive()) + }); -const setResourceRolesParamsSchema = z - .object({ +const setResourceRolesParamsSchema = z.strictObject({ resourceId: z .string() .transform(Number) - .pipe(z.number().int().positive()) - }) - .strict(); + .pipe(z.int().positive()) + }); registry.registerPath({ method: "post", diff --git a/server/routers/resource/setResourceUsers.ts b/server/routers/resource/setResourceUsers.ts index 152c0f88..b5eca17c 100644 --- a/server/routers/resource/setResourceUsers.ts +++ b/server/routers/resource/setResourceUsers.ts @@ -10,20 +10,16 @@ import { fromError } from "zod-validation-error"; import { eq } from "drizzle-orm"; import { OpenAPITags, registry } from "@server/openApi"; -const setUserResourcesBodySchema = z - .object({ +const setUserResourcesBodySchema = z.strictObject({ userIds: z.array(z.string()) - }) - .strict(); + }); -const setUserResourcesParamsSchema = z - .object({ +const setUserResourcesParamsSchema = z.strictObject({ resourceId: z .string() .transform(Number) - .pipe(z.number().int().positive()) - }) - .strict(); + .pipe(z.int().positive()) + }); registry.registerPath({ method: "post", diff --git a/server/routers/resource/setResourceWhitelist.ts b/server/routers/resource/setResourceWhitelist.ts index 16c9150b..417ef6d9 100644 --- a/server/routers/resource/setResourceWhitelist.ts +++ b/server/routers/resource/setResourceWhitelist.ts @@ -10,33 +10,26 @@ import { fromError } from "zod-validation-error"; import { and, eq } from "drizzle-orm"; import { OpenAPITags, registry } from "@server/openApi"; -const setResourceWhitelistBodySchema = z - .object({ +const setResourceWhitelistBodySchema = z.strictObject({ emails: z .array( - z - .string() - .email() + z.email() .or( z.string().regex(/^\*@[\w.-]+\.[a-zA-Z]{2,}$/, { - message: - "Invalid email address. Wildcard (*) must be the entire local part." + error: "Invalid email address. Wildcard (*) must be the entire local part." }) ) ) .max(50) .transform((v) => v.map((e) => e.toLowerCase())) - }) - .strict(); + }); -const setResourceWhitelistParamsSchema = z - .object({ +const setResourceWhitelistParamsSchema = z.strictObject({ resourceId: z .string() .transform(Number) - .pipe(z.number().int().positive()) - }) - .strict(); + .pipe(z.int().positive()) + }); registry.registerPath({ method: "post", diff --git a/server/routers/resource/updateResource.ts b/server/routers/resource/updateResource.ts index 04a57ec1..1008bac9 100644 --- a/server/routers/resource/updateResource.ts +++ b/server/routers/resource/updateResource.ts @@ -25,17 +25,14 @@ import { validateAndConstructDomain } from "@server/lib/domainUtils"; import { validateHeaders } from "@server/lib/validators"; import { build } from "@server/build"; -const updateResourceParamsSchema = z - .object({ +const updateResourceParamsSchema = z.strictObject({ resourceId: z .string() .transform(Number) - .pipe(z.number().int().positive()) - }) - .strict(); + .pipe(z.int().positive()) + }); -const updateHttpResourceBodySchema = z - .object({ +const updateHttpResourceBodySchema = z.strictObject({ name: z.string().min(1).max(255).optional(), niceId: z.string().min(1).max(255).optional(), subdomain: subdomainSchema.nullable().optional(), @@ -49,15 +46,14 @@ const updateHttpResourceBodySchema = z stickySession: z.boolean().optional(), tlsServerName: z.string().nullable().optional(), setHostHeader: z.string().nullable().optional(), - skipToIdpId: z.number().int().positive().nullable().optional(), + skipToIdpId: z.int().positive().nullable().optional(), headers: z - .array(z.object({ name: z.string(), value: z.string() })) + .array(z.strictObject({ name: z.string(), value: z.string() })) .nullable() .optional() }) - .strict() .refine((data) => Object.keys(data).length > 0, { - message: "At least one field must be provided for update" + error: "At least one field must be provided for update" }) .refine( (data) => { @@ -66,7 +62,9 @@ const updateHttpResourceBodySchema = z } return true; }, - { message: "Invalid subdomain" } + { + error: "Invalid subdomain" + } ) .refine( (data) => { @@ -76,8 +74,7 @@ const updateHttpResourceBodySchema = z return true; }, { - message: - "Invalid TLS Server Name. Use domain name format, or save empty to remove the TLS Server Name." + error: "Invalid TLS Server Name. Use domain name format, or save empty to remove the TLS Server Name." } ) .refine( @@ -88,26 +85,23 @@ const updateHttpResourceBodySchema = z return true; }, { - message: - "Invalid custom Host Header value. Use domain name format, or save empty to unset custom Host Header." + error: "Invalid custom Host Header value. Use domain name format, or save empty to unset custom Host Header." } ); export type UpdateResourceResponse = Resource; -const updateRawResourceBodySchema = z - .object({ +const updateRawResourceBodySchema = z.strictObject({ name: z.string().min(1).max(255).optional(), niceId: z.string().min(1).max(255).optional(), - proxyPort: z.number().int().min(1).max(65535).optional(), + proxyPort: z.int().min(1).max(65535).optional(), stickySession: z.boolean().optional(), enabled: z.boolean().optional(), proxyProtocol: z.boolean().optional(), - proxyProtocolVersion: z.number().int().min(1).optional() + proxyProtocolVersion: z.int().min(1).optional() }) - .strict() .refine((data) => Object.keys(data).length > 0, { - message: "At least one field must be provided for update" + error: "At least one field must be provided for update" }) .refine( (data) => { @@ -118,7 +112,9 @@ const updateRawResourceBodySchema = z } return true; }, - { message: "Cannot update proxyPort" } + { + error: "Cannot update proxyPort" + } ); registry.registerPath({ diff --git a/server/routers/resource/updateResourceRule.ts b/server/routers/resource/updateResourceRule.ts index 8df70c0f..b92c3d07 100644 --- a/server/routers/resource/updateResourceRule.ts +++ b/server/routers/resource/updateResourceRule.ts @@ -16,28 +16,24 @@ import { import { OpenAPITags, registry } from "@server/openApi"; // Define Zod schema for request parameters validation -const updateResourceRuleParamsSchema = z - .object({ - ruleId: z.string().transform(Number).pipe(z.number().int().positive()), +const updateResourceRuleParamsSchema = z.strictObject({ + ruleId: z.string().transform(Number).pipe(z.int().positive()), resourceId: z .string() .transform(Number) - .pipe(z.number().int().positive()) - }) - .strict(); + .pipe(z.int().positive()) + }); // Define Zod schema for request body validation -const updateResourceRuleSchema = z - .object({ +const updateResourceRuleSchema = z.strictObject({ action: z.enum(["ACCEPT", "DROP", "PASS"]).optional(), match: z.enum(["CIDR", "IP", "PATH", "COUNTRY"]).optional(), value: z.string().min(1).optional(), - priority: z.number().int(), + priority: z.int(), enabled: z.boolean().optional() }) - .strict() .refine((data) => Object.keys(data).length > 0, { - message: "At least one field must be provided for update" + error: "At least one field must be provided for update" }); registry.registerPath({ diff --git a/server/routers/role/addRoleAction.ts b/server/routers/role/addRoleAction.ts index 62ab87b5..74540b78 100644 --- a/server/routers/role/addRoleAction.ts +++ b/server/routers/role/addRoleAction.ts @@ -9,17 +9,13 @@ import logger from "@server/logger"; import { eq } from "drizzle-orm"; import { fromError } from "zod-validation-error"; -const addRoleActionParamSchema = z - .object({ - roleId: z.string().transform(Number).pipe(z.number().int().positive()) - }) - .strict(); +const addRoleActionParamSchema = z.strictObject({ + roleId: z.string().transform(Number).pipe(z.int().positive()) + }); -const addRoleActionSchema = z - .object({ +const addRoleActionSchema = z.strictObject({ actionId: z.string() - }) - .strict(); + }); export async function addRoleAction( req: Request, diff --git a/server/routers/role/addRoleSite.ts b/server/routers/role/addRoleSite.ts index d268eed4..d33c733d 100644 --- a/server/routers/role/addRoleSite.ts +++ b/server/routers/role/addRoleSite.ts @@ -9,17 +9,13 @@ import logger from "@server/logger"; import { eq } from "drizzle-orm"; import { fromError } from "zod-validation-error"; -const addRoleSiteParamsSchema = z - .object({ - roleId: z.string().transform(Number).pipe(z.number().int().positive()) - }) - .strict(); +const addRoleSiteParamsSchema = z.strictObject({ + roleId: z.string().transform(Number).pipe(z.int().positive()) + }); -const addRoleSiteSchema = z - .object({ - siteId: z.string().transform(Number).pipe(z.number().int().positive()) - }) - .strict(); +const addRoleSiteSchema = z.strictObject({ + siteId: z.string().transform(Number).pipe(z.int().positive()) + }); export async function addRoleSite( req: Request, diff --git a/server/routers/role/createRole.ts b/server/routers/role/createRole.ts index f66c95e2..26573c6c 100644 --- a/server/routers/role/createRole.ts +++ b/server/routers/role/createRole.ts @@ -11,18 +11,14 @@ import { ActionsEnum } from "@server/auth/actions"; import { eq, and } from "drizzle-orm"; import { OpenAPITags, registry } from "@server/openApi"; -const createRoleParamsSchema = z - .object({ +const createRoleParamsSchema = z.strictObject({ orgId: z.string() - }) - .strict(); + }); -const createRoleSchema = z - .object({ +const createRoleSchema = z.strictObject({ name: z.string().min(1).max(255), description: z.string().optional() - }) - .strict(); + }); export const defaultRoleAllowedActions: ActionsEnum[] = [ ActionsEnum.getOrg, diff --git a/server/routers/role/deleteRole.ts b/server/routers/role/deleteRole.ts index 6806386e..e4d89b2f 100644 --- a/server/routers/role/deleteRole.ts +++ b/server/routers/role/deleteRole.ts @@ -10,17 +10,13 @@ import logger from "@server/logger"; import { fromError } from "zod-validation-error"; import { OpenAPITags, registry } from "@server/openApi"; -const deleteRoleSchema = z - .object({ - roleId: z.string().transform(Number).pipe(z.number().int().positive()) - }) - .strict(); +const deleteRoleSchema = z.strictObject({ + roleId: z.string().transform(Number).pipe(z.int().positive()) + }); -const deelteRoleBodySchema = z - .object({ - roleId: z.string().transform(Number).pipe(z.number().int().positive()) - }) - .strict(); +const deelteRoleBodySchema = z.strictObject({ + roleId: z.string().transform(Number).pipe(z.int().positive()) + }); registry.registerPath({ method: "delete", diff --git a/server/routers/role/getRole.ts b/server/routers/role/getRole.ts index 66dbb68f..afd6e83a 100644 --- a/server/routers/role/getRole.ts +++ b/server/routers/role/getRole.ts @@ -10,11 +10,9 @@ import logger from "@server/logger"; import { fromError } from "zod-validation-error"; import { OpenAPITags, registry } from "@server/openApi"; -const getRoleSchema = z - .object({ - roleId: z.string().transform(Number).pipe(z.number().int().positive()) - }) - .strict(); +const getRoleSchema = z.strictObject({ + roleId: z.string().transform(Number).pipe(z.int().positive()) + }); registry.registerPath({ method: "get", diff --git a/server/routers/role/listRoleActions.ts b/server/routers/role/listRoleActions.ts index cdf1391b..8392c296 100644 --- a/server/routers/role/listRoleActions.ts +++ b/server/routers/role/listRoleActions.ts @@ -9,11 +9,9 @@ import createHttpError from "http-errors"; import logger from "@server/logger"; import { fromError } from "zod-validation-error"; -const listRoleActionsSchema = z - .object({ - roleId: z.string().transform(Number).pipe(z.number().int().positive()) - }) - .strict(); +const listRoleActionsSchema = z.strictObject({ + roleId: z.string().transform(Number).pipe(z.int().positive()) + }); export async function listRoleActions( req: Request, diff --git a/server/routers/role/listRoleResources.ts b/server/routers/role/listRoleResources.ts index ba254f1d..57a84c5c 100644 --- a/server/routers/role/listRoleResources.ts +++ b/server/routers/role/listRoleResources.ts @@ -9,11 +9,9 @@ import createHttpError from "http-errors"; import logger from "@server/logger"; import { fromError } from "zod-validation-error"; -const listRoleResourcesSchema = z - .object({ - roleId: z.string().transform(Number).pipe(z.number().int().positive()) - }) - .strict(); +const listRoleResourcesSchema = z.strictObject({ + roleId: z.string().transform(Number).pipe(z.int().positive()) + }); export async function listRoleResources( req: Request, diff --git a/server/routers/role/listRoleSites.ts b/server/routers/role/listRoleSites.ts index 72f49e3a..f35e367c 100644 --- a/server/routers/role/listRoleSites.ts +++ b/server/routers/role/listRoleSites.ts @@ -9,11 +9,9 @@ import createHttpError from "http-errors"; import logger from "@server/logger"; import { fromError } from "zod-validation-error"; -const listRoleSitesSchema = z - .object({ - roleId: z.string().transform(Number).pipe(z.number().int().positive()) - }) - .strict(); +const listRoleSitesSchema = z.strictObject({ + roleId: z.string().transform(Number).pipe(z.int().positive()) + }); export async function listRoleSites( req: Request, diff --git a/server/routers/role/listRoles.ts b/server/routers/role/listRoles.ts index 56ae8a3a..14a5c2d1 100644 --- a/server/routers/role/listRoles.ts +++ b/server/routers/role/listRoles.ts @@ -11,11 +11,9 @@ import { fromError } from "zod-validation-error"; import stoi from "@server/lib/stoi"; import { OpenAPITags, registry } from "@server/openApi"; -const listRolesParamsSchema = z - .object({ +const listRolesParamsSchema = z.strictObject({ orgId: z.string() - }) - .strict(); + }); const listRolesSchema = z.object({ limit: z @@ -23,13 +21,13 @@ const listRolesSchema = z.object({ .optional() .default("1000") .transform(Number) - .pipe(z.number().int().nonnegative()), + .pipe(z.int().nonnegative()), offset: z .string() .optional() .default("0") .transform(Number) - .pipe(z.number().int().nonnegative()) + .pipe(z.int().nonnegative()) }); async function queryRoles(orgId: string, limit: number, offset: number) { diff --git a/server/routers/role/removeRoleAction.ts b/server/routers/role/removeRoleAction.ts index e643ae04..25fbaa29 100644 --- a/server/routers/role/removeRoleAction.ts +++ b/server/routers/role/removeRoleAction.ts @@ -9,17 +9,13 @@ import createHttpError from "http-errors"; import logger from "@server/logger"; import { fromError } from "zod-validation-error"; -const removeRoleActionParamsSchema = z - .object({ - roleId: z.string().transform(Number).pipe(z.number().int().positive()) - }) - .strict(); +const removeRoleActionParamsSchema = z.strictObject({ + roleId: z.string().transform(Number).pipe(z.int().positive()) + }); -const removeRoleActionSchema = z - .object({ +const removeRoleActionSchema = z.strictObject({ actionId: z.string() - }) - .strict(); + }); export async function removeRoleAction( req: Request, diff --git a/server/routers/role/removeRoleResource.ts b/server/routers/role/removeRoleResource.ts index 4068b0bd..d2c7cae9 100644 --- a/server/routers/role/removeRoleResource.ts +++ b/server/routers/role/removeRoleResource.ts @@ -9,20 +9,16 @@ import createHttpError from "http-errors"; import logger from "@server/logger"; import { fromError } from "zod-validation-error"; -const removeRoleResourceParamsSchema = z - .object({ - roleId: z.string().transform(Number).pipe(z.number().int().positive()) - }) - .strict(); +const removeRoleResourceParamsSchema = z.strictObject({ + roleId: z.string().transform(Number).pipe(z.int().positive()) + }); -const removeRoleResourceSchema = z - .object({ +const removeRoleResourceSchema = z.strictObject({ resourceId: z .string() .transform(Number) - .pipe(z.number().int().positive()) - }) - .strict(); + .pipe(z.int().positive()) + }); export async function removeRoleResource( req: Request, diff --git a/server/routers/role/removeRoleSite.ts b/server/routers/role/removeRoleSite.ts index 2670272d..8092eed1 100644 --- a/server/routers/role/removeRoleSite.ts +++ b/server/routers/role/removeRoleSite.ts @@ -9,17 +9,13 @@ import createHttpError from "http-errors"; import logger from "@server/logger"; import { fromError } from "zod-validation-error"; -const removeRoleSiteParamsSchema = z - .object({ - roleId: z.string().transform(Number).pipe(z.number().int().positive()) - }) - .strict(); +const removeRoleSiteParamsSchema = z.strictObject({ + roleId: z.string().transform(Number).pipe(z.int().positive()) + }); -const removeRoleSiteSchema = z - .object({ - siteId: z.string().transform(Number).pipe(z.number().int().positive()) - }) - .strict(); +const removeRoleSiteSchema = z.strictObject({ + siteId: z.string().transform(Number).pipe(z.int().positive()) + }); export async function removeRoleSite( req: Request, diff --git a/server/routers/role/updateRole.ts b/server/routers/role/updateRole.ts index 793be6eb..136ca389 100644 --- a/server/routers/role/updateRole.ts +++ b/server/routers/role/updateRole.ts @@ -9,20 +9,16 @@ import createHttpError from "http-errors"; import logger from "@server/logger"; import { fromError } from "zod-validation-error"; -const updateRoleParamsSchema = z - .object({ - roleId: z.string().transform(Number).pipe(z.number().int().positive()) - }) - .strict(); +const updateRoleParamsSchema = z.strictObject({ + roleId: z.string().transform(Number).pipe(z.int().positive()) + }); -const updateRoleBodySchema = z - .object({ +const updateRoleBodySchema = z.strictObject({ name: z.string().min(1).max(255).optional(), description: z.string().optional() }) - .strict() .refine((data) => Object.keys(data).length > 0, { - message: "At least one field must be provided for update" + error: "At least one field must be provided for update" }); export async function updateRole( diff --git a/server/routers/site/createSite.ts b/server/routers/site/createSite.ts index f98a01dc..81a35451 100644 --- a/server/routers/site/createSite.ts +++ b/server/routers/site/createSite.ts @@ -19,16 +19,13 @@ import { isIpInCidr } from "@server/lib/ip"; import { verifyExitNodeOrgAccess } from "#dynamic/lib/exitNodes"; import { build } from "@server/build"; -const createSiteParamsSchema = z - .object({ +const createSiteParamsSchema = z.strictObject({ orgId: z.string() - }) - .strict(); + }); -const createSiteSchema = z - .object({ +const createSiteSchema = z.strictObject({ name: z.string().min(1).max(255), - exitNodeId: z.number().int().positive().optional(), + exitNodeId: z.int().positive().optional(), // subdomain: z // .string() // .min(1) @@ -41,8 +38,7 @@ const createSiteSchema = z secret: z.string().optional(), address: z.string().optional(), type: z.enum(["newt", "wireguard", "local"]) - }) - .strict(); + }); // .refine((data) => { // if (data.type === "local") { // return !config.getRawConfig().flags?.disable_local_sites; diff --git a/server/routers/site/deleteSite.ts b/server/routers/site/deleteSite.ts index 7a12e24a..a086e143 100644 --- a/server/routers/site/deleteSite.ts +++ b/server/routers/site/deleteSite.ts @@ -12,11 +12,9 @@ import { fromError } from "zod-validation-error"; import { sendToClient } from "#dynamic/routers/ws"; import { OpenAPITags, registry } from "@server/openApi"; -const deleteSiteSchema = z - .object({ - siteId: z.string().transform(Number).pipe(z.number().int().positive()) - }) - .strict(); +const deleteSiteSchema = z.strictObject({ + siteId: z.string().transform(Number).pipe(z.int().positive()) + }); registry.registerPath({ method: "delete", diff --git a/server/routers/site/getSite.ts b/server/routers/site/getSite.ts index a9785fa4..b6ce346a 100644 --- a/server/routers/site/getSite.ts +++ b/server/routers/site/getSite.ts @@ -11,18 +11,16 @@ import stoi from "@server/lib/stoi"; import { fromError } from "zod-validation-error"; import { OpenAPITags, registry } from "@server/openApi"; -const getSiteSchema = z - .object({ +const getSiteSchema = z.strictObject({ siteId: z .string() .optional() .transform(stoi) - .pipe(z.number().int().positive().optional()) + .pipe(z.int().positive().optional()) .optional(), niceId: z.string().optional(), orgId: z.string().optional() - }) - .strict(); + }); async function query(siteId?: number, niceId?: string, orgId?: string) { if (siteId) { diff --git a/server/routers/site/listSiteRoles.ts b/server/routers/site/listSiteRoles.ts index 009e0907..ec66d3c5 100644 --- a/server/routers/site/listSiteRoles.ts +++ b/server/routers/site/listSiteRoles.ts @@ -9,11 +9,9 @@ import createHttpError from "http-errors"; import logger from "@server/logger"; import { fromError } from "zod-validation-error"; -const listSiteRolesSchema = z - .object({ - siteId: z.string().transform(Number).pipe(z.number().int().positive()) - }) - .strict(); +const listSiteRolesSchema = z.strictObject({ + siteId: z.string().transform(Number).pipe(z.int().positive()) + }); export async function listSiteRoles( req: Request, diff --git a/server/routers/site/listSites.ts b/server/routers/site/listSites.ts index cddf8c4b..f0854764 100644 --- a/server/routers/site/listSites.ts +++ b/server/routers/site/listSites.ts @@ -68,11 +68,9 @@ async function getLatestNewtVersion(): Promise { } } -const listSitesParamsSchema = z - .object({ +const listSitesParamsSchema = z.strictObject({ orgId: z.string() - }) - .strict(); + }); const listSitesSchema = z.object({ limit: z @@ -80,13 +78,13 @@ const listSitesSchema = z.object({ .optional() .default("1000") .transform(Number) - .pipe(z.number().int().positive()), + .pipe(z.int().positive()), offset: z .string() .optional() .default("0") .transform(Number) - .pipe(z.number().int().nonnegative()) + .pipe(z.int().nonnegative()) }); function querySites(orgId: string, accessibleSiteIds: number[]) { diff --git a/server/routers/site/pickSiteDefaults.ts b/server/routers/site/pickSiteDefaults.ts index c4b3a087..029ae322 100644 --- a/server/routers/site/pickSiteDefaults.ts +++ b/server/routers/site/pickSiteDefaults.ts @@ -44,11 +44,9 @@ registry.registerPath({ responses: {} }); -const pickSiteDefaultsSchema = z - .object({ +const pickSiteDefaultsSchema = z.strictObject({ orgId: z.string() - }) - .strict(); + }); export async function pickSiteDefaults( req: Request, diff --git a/server/routers/site/socketIntegration.ts b/server/routers/site/socketIntegration.ts index 3a52dcd2..33893000 100644 --- a/server/routers/site/socketIntegration.ts +++ b/server/routers/site/socketIntegration.ts @@ -46,18 +46,14 @@ export interface Container { networks: Record; } -const siteIdParamsSchema = z - .object({ - siteId: z.string().transform(stoi).pipe(z.number().int().positive()) - }) - .strict(); +const siteIdParamsSchema = z.strictObject({ + siteId: z.string().transform(stoi).pipe(z.int().positive()) + }); -const DockerStatusSchema = z - .object({ +const DockerStatusSchema = z.strictObject({ isAvailable: z.boolean(), socketPath: z.string().optional() - }) - .strict(); + }); function validateSiteIdParams(params: any) { const parsedParams = siteIdParamsSchema.safeParse(params); diff --git a/server/routers/site/updateSite.ts b/server/routers/site/updateSite.ts index 2041420c..4c25d4c5 100644 --- a/server/routers/site/updateSite.ts +++ b/server/routers/site/updateSite.ts @@ -11,14 +11,11 @@ import { fromError } from "zod-validation-error"; import { OpenAPITags, registry } from "@server/openApi"; import { isValidCIDR } from "@server/lib/validators"; -const updateSiteParamsSchema = z - .object({ - siteId: z.string().transform(Number).pipe(z.number().int().positive()) - }) - .strict(); +const updateSiteParamsSchema = z.strictObject({ + siteId: z.string().transform(Number).pipe(z.int().positive()) + }); -const updateSiteBodySchema = z - .object({ +const updateSiteBodySchema = z.strictObject({ name: z.string().min(1).max(255).optional(), niceId: z.string().min(1).max(255).optional(), dockerSocketEnabled: z.boolean().optional(), @@ -37,9 +34,8 @@ const updateSiteBodySchema = z // megabytesIn: z.number().int().nonnegative().optional(), // megabytesOut: z.number().int().nonnegative().optional(), }) - .strict() .refine((data) => Object.keys(data).length > 0, { - message: "At least one field must be provided for update" + error: "At least one field must be provided for update" }); registry.registerPath({ diff --git a/server/routers/siteResource/createSiteResource.ts b/server/routers/siteResource/createSiteResource.ts index ca223b04..b77b52e4 100644 --- a/server/routers/siteResource/createSiteResource.ts +++ b/server/routers/siteResource/createSiteResource.ts @@ -12,23 +12,19 @@ import { OpenAPITags, registry } from "@server/openApi"; import { addTargets } from "../client/targets"; import { getUniqueSiteResourceName } from "@server/db/names"; -const createSiteResourceParamsSchema = z - .object({ - siteId: z.string().transform(Number).pipe(z.number().int().positive()), +const createSiteResourceParamsSchema = z.strictObject({ + siteId: z.string().transform(Number).pipe(z.int().positive()), orgId: z.string() - }) - .strict(); + }); -const createSiteResourceSchema = z - .object({ +const createSiteResourceSchema = z.strictObject({ name: z.string().min(1).max(255), protocol: z.enum(["tcp", "udp"]), - proxyPort: z.number().int().positive(), - destinationPort: z.number().int().positive(), + proxyPort: z.int().positive(), + destinationPort: z.int().positive(), destinationIp: z.string(), enabled: z.boolean().default(true) - }) - .strict(); + }); export type CreateSiteResourceBody = z.infer; export type CreateSiteResourceResponse = SiteResource; diff --git a/server/routers/siteResource/deleteSiteResource.ts b/server/routers/siteResource/deleteSiteResource.ts index 347d4b53..02bc2c72 100644 --- a/server/routers/siteResource/deleteSiteResource.ts +++ b/server/routers/siteResource/deleteSiteResource.ts @@ -11,13 +11,11 @@ import logger from "@server/logger"; import { OpenAPITags, registry } from "@server/openApi"; import { removeTargets } from "../client/targets"; -const deleteSiteResourceParamsSchema = z - .object({ - siteResourceId: z.string().transform(Number).pipe(z.number().int().positive()), - siteId: z.string().transform(Number).pipe(z.number().int().positive()), +const deleteSiteResourceParamsSchema = z.strictObject({ + siteResourceId: z.string().transform(Number).pipe(z.int().positive()), + siteId: z.string().transform(Number).pipe(z.int().positive()), orgId: z.string() - }) - .strict(); + }); export type DeleteSiteResourceResponse = { message: string; diff --git a/server/routers/siteResource/getSiteResource.ts b/server/routers/siteResource/getSiteResource.ts index 09c01eb0..48f10b8b 100644 --- a/server/routers/siteResource/getSiteResource.ts +++ b/server/routers/siteResource/getSiteResource.ts @@ -10,19 +10,17 @@ import { fromError } from "zod-validation-error"; import logger from "@server/logger"; import { OpenAPITags, registry } from "@server/openApi"; -const getSiteResourceParamsSchema = z - .object({ +const getSiteResourceParamsSchema = z.strictObject({ siteResourceId: z .string() .optional() .transform((val) => val ? Number(val) : undefined) - .pipe(z.number().int().positive().optional()) + .pipe(z.int().positive().optional()) .optional(), - siteId: z.string().transform(Number).pipe(z.number().int().positive()), + siteId: z.string().transform(Number).pipe(z.int().positive()), niceId: z.string().optional(), orgId: z.string() - }) - .strict(); + }); async function query(siteResourceId?: number, siteId?: number, niceId?: string, orgId?: string) { if (siteResourceId && siteId && orgId) { diff --git a/server/routers/siteResource/listAllSiteResourcesByOrg.ts b/server/routers/siteResource/listAllSiteResourcesByOrg.ts index 948fc2c2..96b9a668 100644 --- a/server/routers/siteResource/listAllSiteResourcesByOrg.ts +++ b/server/routers/siteResource/listAllSiteResourcesByOrg.ts @@ -10,11 +10,9 @@ import { fromError } from "zod-validation-error"; import logger from "@server/logger"; import { OpenAPITags, registry } from "@server/openApi"; -const listAllSiteResourcesByOrgParamsSchema = z - .object({ +const listAllSiteResourcesByOrgParamsSchema = z.strictObject({ orgId: z.string() - }) - .strict(); + }); const listAllSiteResourcesByOrgQuerySchema = z.object({ limit: z @@ -22,13 +20,13 @@ const listAllSiteResourcesByOrgQuerySchema = z.object({ .optional() .default("1000") .transform(Number) - .pipe(z.number().int().positive()), + .pipe(z.int().positive()), offset: z .string() .optional() .default("0") .transform(Number) - .pipe(z.number().int().nonnegative()) + .pipe(z.int().nonnegative()) }); export type ListAllSiteResourcesByOrgResponse = { diff --git a/server/routers/siteResource/listSiteResources.ts b/server/routers/siteResource/listSiteResources.ts index 7fdb7a85..e530952d 100644 --- a/server/routers/siteResource/listSiteResources.ts +++ b/server/routers/siteResource/listSiteResources.ts @@ -10,12 +10,10 @@ import { fromError } from "zod-validation-error"; import logger from "@server/logger"; import { OpenAPITags, registry } from "@server/openApi"; -const listSiteResourcesParamsSchema = z - .object({ - siteId: z.string().transform(Number).pipe(z.number().int().positive()), +const listSiteResourcesParamsSchema = z.strictObject({ + siteId: z.string().transform(Number).pipe(z.int().positive()), orgId: z.string() - }) - .strict(); + }); const listSiteResourcesQuerySchema = z.object({ limit: z @@ -23,13 +21,13 @@ const listSiteResourcesQuerySchema = z.object({ .optional() .default("100") .transform(Number) - .pipe(z.number().int().positive()), + .pipe(z.int().positive()), offset: z .string() .optional() .default("0") .transform(Number) - .pipe(z.number().int().nonnegative()) + .pipe(z.int().nonnegative()) }); export type ListSiteResourcesResponse = { diff --git a/server/routers/siteResource/updateSiteResource.ts b/server/routers/siteResource/updateSiteResource.ts index f6f71124..fd316e74 100644 --- a/server/routers/siteResource/updateSiteResource.ts +++ b/server/routers/siteResource/updateSiteResource.ts @@ -11,27 +11,23 @@ import logger from "@server/logger"; import { OpenAPITags, registry } from "@server/openApi"; import { addTargets } from "../client/targets"; -const updateSiteResourceParamsSchema = z - .object({ +const updateSiteResourceParamsSchema = z.strictObject({ siteResourceId: z .string() .transform(Number) - .pipe(z.number().int().positive()), - siteId: z.string().transform(Number).pipe(z.number().int().positive()), + .pipe(z.int().positive()), + siteId: z.string().transform(Number).pipe(z.int().positive()), orgId: z.string() - }) - .strict(); + }); -const updateSiteResourceSchema = z - .object({ +const updateSiteResourceSchema = z.strictObject({ name: z.string().min(1).max(255).optional(), protocol: z.enum(["tcp", "udp"]).optional(), - proxyPort: z.number().int().positive().optional(), - destinationPort: z.number().int().positive().optional(), + proxyPort: z.int().positive().optional(), + destinationPort: z.int().positive().optional(), destinationIp: z.string().optional(), enabled: z.boolean().optional() - }) - .strict(); + }); export type UpdateSiteResourceBody = z.infer; export type UpdateSiteResourceResponse = SiteResource; diff --git a/server/routers/supporterKey/validateSupporterKey.ts b/server/routers/supporterKey/validateSupporterKey.ts index 338c920e..d8b16421 100644 --- a/server/routers/supporterKey/validateSupporterKey.ts +++ b/server/routers/supporterKey/validateSupporterKey.ts @@ -9,12 +9,10 @@ import { supporterKey } from "@server/db"; import { db } from "@server/db"; import config from "@server/lib/config"; -const validateSupporterKeySchema = z - .object({ +const validateSupporterKeySchema = z.strictObject({ githubUsername: z.string().nonempty(), key: z.string().nonempty() - }) - .strict(); + }); export type ValidateSupporterKeyResponse = { valid: boolean; diff --git a/server/routers/target/createTarget.ts b/server/routers/target/createTarget.ts index b35d8d2a..6cf29da3 100644 --- a/server/routers/target/createTarget.ts +++ b/server/routers/target/createTarget.ts @@ -15,44 +15,39 @@ import { pickPort } from "./helpers"; import { isTargetValid } from "@server/lib/validators"; import { OpenAPITags, registry } from "@server/openApi"; -const createTargetParamsSchema = z - .object({ +const createTargetParamsSchema = z.strictObject({ resourceId: z .string() .transform(Number) - .pipe(z.number().int().positive()) - }) - .strict(); + .pipe(z.int().positive()) + }); -const createTargetSchema = z - .object({ - siteId: z.number().int().positive(), +const createTargetSchema = z.strictObject({ + siteId: z.int().positive(), ip: z.string().refine(isTargetValid), method: z.string().optional().nullable(), - port: z.number().int().min(1).max(65535), + port: z.int().min(1).max(65535), enabled: z.boolean().default(true), hcEnabled: z.boolean().optional(), hcPath: z.string().min(1).optional().nullable(), hcScheme: z.string().optional().nullable(), hcMode: z.string().optional().nullable(), hcHostname: z.string().optional().nullable(), - hcPort: z.number().int().positive().optional().nullable(), - hcInterval: z.number().int().positive().min(5).optional().nullable(), - hcUnhealthyInterval: z - .number() - .int() + hcPort: z.int().positive().optional().nullable(), + hcInterval: z.int().positive().min(5).optional().nullable(), + hcUnhealthyInterval: z.int() .positive() .min(5) .optional() .nullable(), - hcTimeout: z.number().int().positive().min(1).optional().nullable(), + hcTimeout: z.int().positive().min(1).optional().nullable(), hcHeaders: z - .array(z.object({ name: z.string(), value: z.string() })) + .array(z.strictObject({ name: z.string(), value: z.string() })) .nullable() .optional(), hcFollowRedirects: z.boolean().optional().nullable(), hcMethod: z.string().min(1).optional().nullable(), - hcStatus: z.number().int().optional().nullable(), + hcStatus: z.int().optional().nullable(), path: z.string().optional().nullable(), pathMatchType: z .enum(["exact", "prefix", "regex"]) @@ -63,9 +58,8 @@ const createTargetSchema = z .enum(["exact", "prefix", "regex", "stripPrefix"]) .optional() .nullable(), - priority: z.number().int().min(1).max(1000).optional().nullable() - }) - .strict(); + priority: z.int().min(1).max(1000).optional().nullable() + }); export type CreateTargetResponse = Target & TargetHealthCheck; diff --git a/server/routers/target/deleteTarget.ts b/server/routers/target/deleteTarget.ts index 596691e4..a70b2a1e 100644 --- a/server/routers/target/deleteTarget.ts +++ b/server/routers/target/deleteTarget.ts @@ -13,11 +13,9 @@ import { removeTargets } from "../newt/targets"; import { getAllowedIps } from "./helpers"; import { OpenAPITags, registry } from "@server/openApi"; -const deleteTargetSchema = z - .object({ - targetId: z.string().transform(Number).pipe(z.number().int().positive()) - }) - .strict(); +const deleteTargetSchema = z.strictObject({ + targetId: z.string().transform(Number).pipe(z.int().positive()) + }); registry.registerPath({ method: "delete", diff --git a/server/routers/target/getTarget.ts b/server/routers/target/getTarget.ts index 864c02eb..7fe2e062 100644 --- a/server/routers/target/getTarget.ts +++ b/server/routers/target/getTarget.ts @@ -10,11 +10,9 @@ import logger from "@server/logger"; import { fromError } from "zod-validation-error"; import { OpenAPITags, registry } from "@server/openApi"; -const getTargetSchema = z - .object({ - targetId: z.string().transform(Number).pipe(z.number().int().positive()) - }) - .strict(); +const getTargetSchema = z.strictObject({ + targetId: z.string().transform(Number).pipe(z.int().positive()) + }); type GetTargetResponse = Target & Omit & { hcHeaders: { name: string; value: string; }[] | null; diff --git a/server/routers/target/listTargets.ts b/server/routers/target/listTargets.ts index 04966f6e..e97d577d 100644 --- a/server/routers/target/listTargets.ts +++ b/server/routers/target/listTargets.ts @@ -10,14 +10,12 @@ import { fromError } from "zod-validation-error"; import logger from "@server/logger"; import { OpenAPITags, registry } from "@server/openApi"; -const listTargetsParamsSchema = z - .object({ +const listTargetsParamsSchema = z.strictObject({ resourceId: z .string() .transform(Number) - .pipe(z.number().int().positive()) - }) - .strict(); + .pipe(z.int().positive()) + }); const listTargetsSchema = z.object({ limit: z @@ -25,13 +23,13 @@ const listTargetsSchema = z.object({ .optional() .default("1000") .transform(Number) - .pipe(z.number().int().positive()), + .pipe(z.int().positive()), offset: z .string() .optional() .default("0") .transform(Number) - .pipe(z.number().int().nonnegative()) + .pipe(z.int().nonnegative()) }); function queryTargets(resourceId: number) { diff --git a/server/routers/target/updateTarget.ts b/server/routers/target/updateTarget.ts index 6e9a8fc9..1889154c 100644 --- a/server/routers/target/updateTarget.ts +++ b/server/routers/target/updateTarget.ts @@ -15,47 +15,41 @@ import { isTargetValid } from "@server/lib/validators"; import { OpenAPITags, registry } from "@server/openApi"; import { vs } from "@react-email/components"; -const updateTargetParamsSchema = z - .object({ - targetId: z.string().transform(Number).pipe(z.number().int().positive()) - }) - .strict(); +const updateTargetParamsSchema = z.strictObject({ + targetId: z.string().transform(Number).pipe(z.int().positive()) + }); -const updateTargetBodySchema = z - .object({ - siteId: z.number().int().positive(), +const updateTargetBodySchema = z.strictObject({ + siteId: z.int().positive(), ip: z.string().refine(isTargetValid), method: z.string().min(1).max(10).optional().nullable(), - port: z.number().int().min(1).max(65535).optional(), + port: z.int().min(1).max(65535).optional(), enabled: z.boolean().optional(), hcEnabled: z.boolean().optional().nullable(), hcPath: z.string().min(1).optional().nullable(), hcScheme: z.string().optional().nullable(), hcMode: z.string().optional().nullable(), hcHostname: z.string().optional().nullable(), - hcPort: z.number().int().positive().optional().nullable(), - hcInterval: z.number().int().positive().min(5).optional().nullable(), - hcUnhealthyInterval: z - .number() - .int() + hcPort: z.int().positive().optional().nullable(), + hcInterval: z.int().positive().min(5).optional().nullable(), + hcUnhealthyInterval: z.int() .positive() .min(5) .optional() .nullable(), - hcTimeout: z.number().int().positive().min(1).optional().nullable(), - hcHeaders: z.array(z.object({ name: z.string(), value: z.string() })).nullable().optional(), + hcTimeout: z.int().positive().min(1).optional().nullable(), + hcHeaders: z.array(z.strictObject({ name: z.string(), value: z.string() })).nullable().optional(), hcFollowRedirects: z.boolean().optional().nullable(), hcMethod: z.string().min(1).optional().nullable(), - hcStatus: z.number().int().optional().nullable(), + hcStatus: z.int().optional().nullable(), path: z.string().optional().nullable(), pathMatchType: z.enum(["exact", "prefix", "regex"]).optional().nullable(), rewritePath: z.string().optional().nullable(), rewritePathType: z.enum(["exact", "prefix", "regex", "stripPrefix"]).optional().nullable(), - priority: z.number().int().min(1).max(1000).optional(), + priority: z.int().min(1).max(1000).optional(), }) - .strict() .refine((data) => Object.keys(data).length > 0, { - message: "At least one field must be provided for update" + error: "At least one field must be provided for update" }); registry.registerPath({ diff --git a/server/routers/user/acceptInvite.ts b/server/routers/user/acceptInvite.ts index 5e4264f9..30f61134 100644 --- a/server/routers/user/acceptInvite.ts +++ b/server/routers/user/acceptInvite.ts @@ -13,12 +13,10 @@ import { verifySession } from "@server/auth/sessions/verifySession"; import { usageService } from "@server/lib/billing/usageService"; import { FeatureId } from "@server/lib/billing"; -const acceptInviteBodySchema = z - .object({ +const acceptInviteBodySchema = z.strictObject({ token: z.string(), inviteId: z.string() - }) - .strict(); + }); export type AcceptInviteResponse = { accepted: boolean; diff --git a/server/routers/user/addUserAction.ts b/server/routers/user/addUserAction.ts index 074ebe9b..f75d5005 100644 --- a/server/routers/user/addUserAction.ts +++ b/server/routers/user/addUserAction.ts @@ -9,13 +9,11 @@ import logger from "@server/logger"; import { eq } from "drizzle-orm"; import { fromError } from "zod-validation-error"; -const addUserActionSchema = z - .object({ +const addUserActionSchema = z.strictObject({ userId: z.string(), actionId: z.string(), orgId: z.string() - }) - .strict(); + }); export async function addUserAction( req: Request, diff --git a/server/routers/user/addUserRole.ts b/server/routers/user/addUserRole.ts index 27f5e612..915ea64a 100644 --- a/server/routers/user/addUserRole.ts +++ b/server/routers/user/addUserRole.ts @@ -11,12 +11,10 @@ import { fromError } from "zod-validation-error"; import stoi from "@server/lib/stoi"; import { OpenAPITags, registry } from "@server/openApi"; -const addUserRoleParamsSchema = z - .object({ +const addUserRoleParamsSchema = z.strictObject({ userId: z.string(), roleId: z.string().transform(stoi).pipe(z.number()) - }) - .strict(); + }); export type AddUserRoleResponse = z.infer; diff --git a/server/routers/user/addUserSite.ts b/server/routers/user/addUserSite.ts index f094e20e..38ef264c 100644 --- a/server/routers/user/addUserSite.ts +++ b/server/routers/user/addUserSite.ts @@ -9,12 +9,10 @@ import logger from "@server/logger"; import { eq } from "drizzle-orm"; import { fromError } from "zod-validation-error"; -const addUserSiteSchema = z - .object({ +const addUserSiteSchema = z.strictObject({ userId: z.string(), - siteId: z.string().transform(Number).pipe(z.number().int().positive()) - }) - .strict(); + siteId: z.string().transform(Number).pipe(z.int().positive()) + }); export async function addUserSite( req: Request, diff --git a/server/routers/user/adminGetUser.ts b/server/routers/user/adminGetUser.ts index 0a961bec..bda14476 100644 --- a/server/routers/user/adminGetUser.ts +++ b/server/routers/user/adminGetUser.ts @@ -9,11 +9,9 @@ import createHttpError from "http-errors"; import logger from "@server/logger"; import { OpenAPITags, registry } from "@server/openApi"; -const adminGetUserSchema = z - .object({ +const adminGetUserSchema = z.strictObject({ userId: z.string().min(1) - }) - .strict(); + }); registry.registerPath({ method: "get", diff --git a/server/routers/user/adminListUsers.ts b/server/routers/user/adminListUsers.ts index 308b9def..a3ad9cdd 100644 --- a/server/routers/user/adminListUsers.ts +++ b/server/routers/user/adminListUsers.ts @@ -9,22 +9,20 @@ import logger from "@server/logger"; import { idp, users } from "@server/db"; import { fromZodError } from "zod-validation-error"; -const listUsersSchema = z - .object({ +const listUsersSchema = z.strictObject({ limit: z .string() .optional() .default("1000") .transform(Number) - .pipe(z.number().int().nonnegative()), + .pipe(z.int().nonnegative()), offset: z .string() .optional() .default("0") .transform(Number) - .pipe(z.number().int().nonnegative()) - }) - .strict(); + .pipe(z.int().nonnegative()) + }); async function queryUsers(limit: number, offset: number) { return await db diff --git a/server/routers/user/adminRemoveUser.ts b/server/routers/user/adminRemoveUser.ts index 14916ab9..02ad56d6 100644 --- a/server/routers/user/adminRemoveUser.ts +++ b/server/routers/user/adminRemoveUser.ts @@ -9,11 +9,9 @@ import createHttpError from "http-errors"; import logger from "@server/logger"; import { fromError } from "zod-validation-error"; -const removeUserSchema = z - .object({ +const removeUserSchema = z.strictObject({ userId: z.string() - }) - .strict(); + }); export async function adminRemoveUser( req: Request, diff --git a/server/routers/user/adminUpdateUser2FA.ts b/server/routers/user/adminUpdateUser2FA.ts index becd2091..4bb2486a 100644 --- a/server/routers/user/adminUpdateUser2FA.ts +++ b/server/routers/user/adminUpdateUser2FA.ts @@ -10,17 +10,13 @@ import logger from "@server/logger"; import { fromError } from "zod-validation-error"; import { OpenAPITags, registry } from "@server/openApi"; -const updateUser2FAParamsSchema = z - .object({ +const updateUser2FAParamsSchema = z.strictObject({ userId: z.string() - }) - .strict(); + }); -const updateUser2FABodySchema = z - .object({ +const updateUser2FABodySchema = z.strictObject({ twoFactorSetupRequested: z.boolean() - }) - .strict(); + }); export type UpdateUser2FAResponse = { userId: string; diff --git a/server/routers/user/createOrgUser.ts b/server/routers/user/createOrgUser.ts index 29f94641..dccd0d65 100644 --- a/server/routers/user/createOrgUser.ts +++ b/server/routers/user/createOrgUser.ts @@ -16,21 +16,17 @@ import { build } from "@server/build"; import { getOrgTierData } from "#dynamic/lib/billing"; import { TierId } from "@server/lib/billing/tiers"; -const paramsSchema = z - .object({ +const paramsSchema = z.strictObject({ orgId: z.string().nonempty() - }) - .strict(); + }); -const bodySchema = z - .object({ - email: z - .string() +const bodySchema = z.strictObject({ + email: z.email() .toLowerCase() .optional() .refine((data) => { if (data) { - return z.string().email().safeParse(data).success; + return z.email().safeParse(data).success; } return true; }), @@ -39,8 +35,7 @@ const bodySchema = z type: z.enum(["internal", "oidc"]).optional(), idpId: z.number().optional(), roleId: z.number() - }) - .strict(); + }); export type CreateOrgUserResponse = {}; diff --git a/server/routers/user/getOrgUser.ts b/server/routers/user/getOrgUser.ts index 02ffd92c..4e09afd6 100644 --- a/server/routers/user/getOrgUser.ts +++ b/server/routers/user/getOrgUser.ts @@ -46,12 +46,10 @@ export type GetOrgUserResponse = NonNullable< Awaited> >; -const getOrgUserParamsSchema = z - .object({ +const getOrgUserParamsSchema = z.strictObject({ userId: z.string(), orgId: z.string() - }) - .strict(); + }); registry.registerPath({ method: "get", diff --git a/server/routers/user/inviteUser.ts b/server/routers/user/inviteUser.ts index 1cae46c9..f43ebeb8 100644 --- a/server/routers/user/inviteUser.ts +++ b/server/routers/user/inviteUser.ts @@ -21,21 +21,17 @@ import { FeatureId } from "@server/lib/billing"; import { build } from "@server/build"; import cache from "@server/lib/cache"; -const inviteUserParamsSchema = z - .object({ +const inviteUserParamsSchema = z.strictObject({ orgId: z.string() - }) - .strict(); + }); -const inviteUserBodySchema = z - .object({ - email: z.string().toLowerCase().email(), +const inviteUserBodySchema = z.strictObject({ + email: z.email().toLowerCase(), roleId: z.number(), validHours: z.number().gt(0).lte(168), sendEmail: z.boolean().optional(), regenerate: z.boolean().optional() - }) - .strict(); + }); export type InviteUserBody = z.infer; diff --git a/server/routers/user/listInvitations.ts b/server/routers/user/listInvitations.ts index c91a136d..a61e2372 100644 --- a/server/routers/user/listInvitations.ts +++ b/server/routers/user/listInvitations.ts @@ -10,28 +10,24 @@ import logger from "@server/logger"; import { fromZodError } from "zod-validation-error"; import { OpenAPITags, registry } from "@server/openApi"; -const listInvitationsParamsSchema = z - .object({ +const listInvitationsParamsSchema = z.strictObject({ orgId: z.string() - }) - .strict(); + }); -const listInvitationsQuerySchema = z - .object({ +const listInvitationsQuerySchema = z.strictObject({ limit: z .string() .optional() .default("1000") .transform(Number) - .pipe(z.number().int().nonnegative()), + .pipe(z.int().nonnegative()), offset: z .string() .optional() .default("0") .transform(Number) - .pipe(z.number().int().nonnegative()) - }) - .strict(); + .pipe(z.int().nonnegative()) + }); async function queryInvitations(orgId: string, limit: number, offset: number) { return await db diff --git a/server/routers/user/listUsers.ts b/server/routers/user/listUsers.ts index a35da862..aa70874e 100644 --- a/server/routers/user/listUsers.ts +++ b/server/routers/user/listUsers.ts @@ -11,28 +11,24 @@ import { fromZodError } from "zod-validation-error"; import { OpenAPITags, registry } from "@server/openApi"; import { eq } from "drizzle-orm"; -const listUsersParamsSchema = z - .object({ +const listUsersParamsSchema = z.strictObject({ orgId: z.string() - }) - .strict(); + }); -const listUsersSchema = z - .object({ +const listUsersSchema = z.strictObject({ limit: z .string() .optional() .default("1000") .transform(Number) - .pipe(z.number().int().nonnegative()), + .pipe(z.int().nonnegative()), offset: z .string() .optional() .default("0") .transform(Number) - .pipe(z.number().int().nonnegative()) - }) - .strict(); + .pipe(z.int().nonnegative()) + }); async function queryUsers(orgId: string, limit: number, offset: number) { return await db diff --git a/server/routers/user/removeInvitation.ts b/server/routers/user/removeInvitation.ts index e3ee40d0..44ec8c23 100644 --- a/server/routers/user/removeInvitation.ts +++ b/server/routers/user/removeInvitation.ts @@ -9,12 +9,10 @@ import createHttpError from "http-errors"; import logger from "@server/logger"; import { fromError } from "zod-validation-error"; -const removeInvitationParamsSchema = z - .object({ +const removeInvitationParamsSchema = z.strictObject({ orgId: z.string(), inviteId: z.string() - }) - .strict(); + }); export async function removeInvitation( req: Request, diff --git a/server/routers/user/removeUserAction.ts b/server/routers/user/removeUserAction.ts index f0bd7d92..6e4c1a66 100644 --- a/server/routers/user/removeUserAction.ts +++ b/server/routers/user/removeUserAction.ts @@ -9,18 +9,14 @@ import createHttpError from "http-errors"; import logger from "@server/logger"; import { fromError } from "zod-validation-error"; -const removeUserActionParamsSchema = z - .object({ +const removeUserActionParamsSchema = z.strictObject({ userId: z.string() - }) - .strict(); + }); -const removeUserActionSchema = z - .object({ +const removeUserActionSchema = z.strictObject({ actionId: z.string(), orgId: z.string() - }) - .strict(); + }); export async function removeUserAction( req: Request, diff --git a/server/routers/user/removeUserOrg.ts b/server/routers/user/removeUserOrg.ts index babccdd0..83ff6802 100644 --- a/server/routers/user/removeUserOrg.ts +++ b/server/routers/user/removeUserOrg.ts @@ -14,12 +14,10 @@ import { FeatureId } from "@server/lib/billing"; import { build } from "@server/build"; import { UserType } from "@server/types/UserTypes"; -const removeUserSchema = z - .object({ +const removeUserSchema = z.strictObject({ userId: z.string(), orgId: z.string() - }) - .strict(); + }); registry.registerPath({ method: "delete", diff --git a/server/routers/user/removeUserResource.ts b/server/routers/user/removeUserResource.ts index 186e8032..14dbb540 100644 --- a/server/routers/user/removeUserResource.ts +++ b/server/routers/user/removeUserResource.ts @@ -9,15 +9,13 @@ import createHttpError from "http-errors"; import logger from "@server/logger"; import { fromError } from "zod-validation-error"; -const removeUserResourceSchema = z - .object({ +const removeUserResourceSchema = z.strictObject({ userId: z.string(), resourceId: z .string() .transform(Number) - .pipe(z.number().int().positive()) - }) - .strict(); + .pipe(z.int().positive()) + }); export async function removeUserResource( req: Request, diff --git a/server/routers/user/removeUserSite.ts b/server/routers/user/removeUserSite.ts index 7dbb4a15..6ed2288a 100644 --- a/server/routers/user/removeUserSite.ts +++ b/server/routers/user/removeUserSite.ts @@ -9,17 +9,13 @@ import createHttpError from "http-errors"; import logger from "@server/logger"; import { fromError } from "zod-validation-error"; -const removeUserSiteParamsSchema = z - .object({ +const removeUserSiteParamsSchema = z.strictObject({ userId: z.string() - }) - .strict(); + }); -const removeUserSiteSchema = z - .object({ - siteId: z.number().int().positive() - }) - .strict(); +const removeUserSiteSchema = z.strictObject({ + siteId: z.int().positive() + }); export async function removeUserSite( req: Request, diff --git a/server/routers/user/updateOrgUser.ts b/server/routers/user/updateOrgUser.ts index fb00b59f..e1000063 100644 --- a/server/routers/user/updateOrgUser.ts +++ b/server/routers/user/updateOrgUser.ts @@ -9,20 +9,16 @@ import logger from "@server/logger"; import { fromError } from "zod-validation-error"; import { OpenAPITags, registry } from "@server/openApi"; -const paramsSchema = z - .object({ +const paramsSchema = z.strictObject({ userId: z.string(), orgId: z.string() - }) - .strict(); + }); -const bodySchema = z - .object({ +const bodySchema = z.strictObject({ autoProvisioned: z.boolean().optional() }) - .strict() .refine((data) => Object.keys(data).length > 0, { - message: "At least one field must be provided for update" + error: "At least one field must be provided for update" }); registry.registerPath({ diff --git a/src/app/[orgId]/settings/(private)/idp/[idpId]/general/page.tsx b/src/app/[orgId]/settings/(private)/idp/[idpId]/general/page.tsx index 1d0a682f..73c6a3cf 100644 --- a/src/app/[orgId]/settings/(private)/idp/[idpId]/general/page.tsx +++ b/src/app/[orgId]/settings/(private)/idp/[idpId]/general/page.tsx @@ -76,8 +76,8 @@ export default function GeneralPage() { .min(1, { message: t("idpClientSecretRequired") }), roleMapping: z.string().nullable().optional(), roleId: z.number().nullable().optional(), - authUrl: z.string().url({ message: t("idpErrorAuthUrlInvalid") }), - tokenUrl: z.string().url({ message: t("idpErrorTokenUrlInvalid") }), + authUrl: z.url({ message: t("idpErrorAuthUrlInvalid") }), + tokenUrl: z.url({ message: t("idpErrorTokenUrlInvalid") }), identifierPath: z.string().min(1, { message: t("idpPathRequired") }), emailPath: z.string().nullable().optional(), namePath: z.string().nullable().optional(), diff --git a/src/app/[orgId]/settings/(private)/idp/create/page.tsx b/src/app/[orgId]/settings/(private)/idp/create/page.tsx index ba580ca0..8667abda 100644 --- a/src/app/[orgId]/settings/(private)/idp/create/page.tsx +++ b/src/app/[orgId]/settings/(private)/idp/create/page.tsx @@ -64,13 +64,9 @@ export default function Page() { clientSecret: z .string() .min(1, { message: t("idpClientSecretRequired") }), - authUrl: z - .string() - .url({ message: t("idpErrorAuthUrlInvalid") }) + authUrl: z.url({ message: t("idpErrorAuthUrlInvalid") }) .optional(), - tokenUrl: z - .string() - .url({ message: t("idpErrorTokenUrlInvalid") }) + tokenUrl: z.url({ message: t("idpErrorTokenUrlInvalid") }) .optional(), identifierPath: z .string() diff --git a/src/app/[orgId]/settings/access/users/create/page.tsx b/src/app/[orgId]/settings/access/users/create/page.tsx index d789b2e2..9417282d 100644 --- a/src/app/[orgId]/settings/access/users/create/page.tsx +++ b/src/app/[orgId]/settings/access/users/create/page.tsx @@ -91,7 +91,7 @@ export default function Page() { const [dataLoaded, setDataLoaded] = useState(false); const internalFormSchema = z.object({ - email: z.string().email({ message: t("emailInvalid") }), + email: z.email({ message: t("emailInvalid") }), validForHours: z .string() .min(1, { message: t("inviteValidityDuration") }), @@ -99,16 +99,14 @@ export default function Page() { }); const googleAzureFormSchema = z.object({ - email: z.string().email({ message: t("emailInvalid") }), + email: z.email({ message: t("emailInvalid") }), name: z.string().optional(), roleId: z.string().min(1, { message: t("accessRoleSelectPlease") }) }); const genericOidcFormSchema = z.object({ username: z.string().min(1, { message: t("usernameRequired") }), - email: z - .string() - .email({ message: t("emailInvalid") }) + email: z.email({ message: t("emailInvalid") }) .optional() .or(z.literal("")), name: z.string().optional(), diff --git a/src/app/[orgId]/settings/clients/create/page.tsx b/src/app/[orgId]/settings/clients/create/page.tsx index b7194526..0f44d79c 100644 --- a/src/app/[orgId]/settings/clients/create/page.tsx +++ b/src/app/[orgId]/settings/clients/create/page.tsx @@ -103,7 +103,7 @@ export default function Page() { .refine((val) => val.length > 0, { message: t("siteRequired") }), - subnet: z.string().ip().min(1, { + subnet: z.union([z.ipv4(), z.ipv6()]).min(1, { message: t("subnetRequired") }) }); diff --git a/src/app/[orgId]/settings/resources/[niceId]/authentication/page.tsx b/src/app/[orgId]/settings/resources/[niceId]/authentication/page.tsx index 56c989c3..fe5f0ca2 100644 --- a/src/app/[orgId]/settings/resources/[niceId]/authentication/page.tsx +++ b/src/app/[orgId]/settings/resources/[niceId]/authentication/page.tsx @@ -921,9 +921,7 @@ export default function ResourceAuthenticationPage() { validateTag={( tag ) => { - return z - .string() - .email() + return z.email() .or( z .string() diff --git a/src/app/[orgId]/settings/resources/[niceId]/general/page.tsx b/src/app/[orgId]/settings/resources/[niceId]/general/page.tsx index 50155b3e..1e1ff56b 100644 --- a/src/app/[orgId]/settings/resources/[niceId]/general/page.tsx +++ b/src/app/[orgId]/settings/resources/[niceId]/general/page.tsx @@ -104,7 +104,7 @@ export default function GeneralForm() { name: z.string().min(1).max(255), niceId: z.string().min(1).max(255).optional(), domainId: z.string().optional(), - proxyPort: z.number().int().min(1).max(65535).optional(), + proxyPort: z.int().min(1).max(65535).optional(), // enableProxy: z.boolean().optional() }) .refine( diff --git a/src/app/[orgId]/settings/resources/[niceId]/proxy/page.tsx b/src/app/[orgId]/settings/resources/[niceId]/proxy/page.tsx index 461d3f1c..2e409cf0 100644 --- a/src/app/[orgId]/settings/resources/[niceId]/proxy/page.tsx +++ b/src/app/[orgId]/settings/resources/[niceId]/proxy/page.tsx @@ -123,10 +123,10 @@ const addTargetSchema = z ip: z.string().refine(isTargetValid), method: z.string().nullable(), port: z.coerce.number().int().positive(), - siteId: z - .number() - .int() - .positive({ message: "You must select a site for a target." }), + siteId: z.int() + .positive({ + error: "You must select a site for a target." + }), path: z.string().optional().nullable(), pathMatchType: z .enum(["exact", "prefix", "regex"]) @@ -137,7 +137,7 @@ const addTargetSchema = z .enum(["exact", "prefix", "regex", "stripPrefix"]) .optional() .nullable(), - priority: z.number().int().min(1).max(1000).optional() + priority: z.int().min(1).max(1000).optional() }) .refine( (data) => { @@ -169,7 +169,7 @@ const addTargetSchema = z return true; }, { - message: "Invalid path configuration" + error: "Invalid path configuration" } ) .refine( @@ -185,7 +185,7 @@ const addTargetSchema = z return true; }, { - message: "Invalid rewrite path configuration" + error: "Invalid rewrite path configuration" } ); @@ -292,7 +292,7 @@ export default function ReverseProxyTargets(props: { .array(z.object({ name: z.string(), value: z.string() })) .nullable(), proxyProtocol: z.boolean().optional(), - proxyProtocolVersion: z.number().int().min(1).max(2).optional() + proxyProtocolVersion: z.int().min(1).max(2).optional() }); const tlsSettingsSchema = z.object({ diff --git a/src/app/[orgId]/settings/resources/[niceId]/rules/page.tsx b/src/app/[orgId]/settings/resources/[niceId]/rules/page.tsx index dada372f..0c011d94 100644 --- a/src/app/[orgId]/settings/resources/[niceId]/rules/page.tsx +++ b/src/app/[orgId]/settings/resources/[niceId]/rules/page.tsx @@ -440,9 +440,7 @@ export default function ResourceRules(props: { type="number" onClick={(e) => e.currentTarget.focus()} onBlur={(e) => { - const parsed = z.coerce - .number() - .int() + const parsed = z.int() .optional() .safeParse(e.target.value); diff --git a/src/app/[orgId]/settings/resources/create/page.tsx b/src/app/[orgId]/settings/resources/create/page.tsx index ae5e452d..a4269a9f 100644 --- a/src/app/[orgId]/settings/resources/create/page.tsx +++ b/src/app/[orgId]/settings/resources/create/page.tsx @@ -128,7 +128,7 @@ const httpResourceFormSchema = z.object({ const tcpUdpResourceFormSchema = z.object({ protocol: z.string(), - proxyPort: z.number().int().min(1).max(65535) + proxyPort: z.int().min(1).max(65535) // enableProxy: z.boolean().default(false) }); @@ -137,7 +137,7 @@ const addTargetSchema = z ip: z.string().refine(isTargetValid), method: z.string().nullable(), port: z.coerce.number().int().positive(), - siteId: z.number().int().positive(), + siteId: z.int().positive(), path: z.string().optional().nullable(), pathMatchType: z .enum(["exact", "prefix", "regex"]) @@ -148,7 +148,7 @@ const addTargetSchema = z .enum(["exact", "prefix", "regex", "stripPrefix"]) .optional() .nullable(), - priority: z.number().int().min(1).max(1000).optional() + priority: z.int().min(1).max(1000).optional() }) .refine( (data) => { @@ -180,7 +180,7 @@ const addTargetSchema = z return true; }, { - message: "Invalid path configuration" + error: "Invalid path configuration" } ) .refine( @@ -196,7 +196,7 @@ const addTargetSchema = z return true; }, { - message: "Invalid rewrite path configuration" + error: "Invalid rewrite path configuration" } ); diff --git a/src/app/admin/idp/[idpId]/general/page.tsx b/src/app/admin/idp/[idpId]/general/page.tsx index 6274cda5..7eae6950 100644 --- a/src/app/admin/idp/[idpId]/general/page.tsx +++ b/src/app/admin/idp/[idpId]/general/page.tsx @@ -61,8 +61,8 @@ export default function GeneralPage() { name: z.string().min(2, { message: t('nameMin', {len: 2}) }), clientId: z.string().min(1, { message: t('idpClientIdRequired') }), clientSecret: z.string().min(1, { message: t('idpClientSecretRequired') }), - authUrl: z.string().url({ message: t('idpErrorAuthUrlInvalid') }), - tokenUrl: z.string().url({ message: t('idpErrorTokenUrlInvalid') }), + authUrl: z.url({ message: t('idpErrorAuthUrlInvalid') }), + tokenUrl: z.url({ message: t('idpErrorTokenUrlInvalid') }), identifierPath: z .string() .min(1, { message: t('idpPathRequired') }), diff --git a/src/app/admin/idp/create/page.tsx b/src/app/admin/idp/create/page.tsx index cd3682de..73d605a1 100644 --- a/src/app/admin/idp/create/page.tsx +++ b/src/app/admin/idp/create/page.tsx @@ -52,8 +52,8 @@ export default function Page() { type: z.enum(["oidc"]), clientId: z.string().min(1, { message: t('idpClientIdRequired') }), clientSecret: z.string().min(1, { message: t('idpClientSecretRequired') }), - authUrl: z.string().url({ message: t('idpErrorAuthUrlInvalid') }), - tokenUrl: z.string().url({ message: t('idpErrorTokenUrlInvalid') }), + authUrl: z.url({ message: t('idpErrorAuthUrlInvalid') }), + tokenUrl: z.url({ message: t('idpErrorTokenUrlInvalid') }), identifierPath: z .string() .min(1, { message: t('idpPathRequired') }), diff --git a/src/app/auth/reset-password/ResetPasswordForm.tsx b/src/app/auth/reset-password/ResetPasswordForm.tsx index 14199493..986c52e4 100644 --- a/src/app/auth/reset-password/ResetPasswordForm.tsx +++ b/src/app/auth/reset-password/ResetPasswordForm.tsx @@ -47,7 +47,7 @@ import { cleanRedirect } from "@app/lib/cleanRedirect"; import { useTranslations } from "next-intl"; const requestSchema = z.object({ - email: z.string().email() + email: z.email() }); export type ResetPasswordFormProps = { @@ -88,7 +88,7 @@ export default function ResetPasswordForm({ const formSchema = z .object({ - email: z.string().email({ message: t('emailInvalid') }), + email: z.email({ message: t('emailInvalid') }), token: z.string().min(8, { message: t('tokenInvalid') }), password: passwordSchema, confirmPassword: passwordSchema diff --git a/src/components/CreateInternalResourceDialog.tsx b/src/components/CreateInternalResourceDialog.tsx index 63dfc11d..68c62ff7 100644 --- a/src/components/CreateInternalResourceDialog.tsx +++ b/src/components/CreateInternalResourceDialog.tsx @@ -79,18 +79,14 @@ export default function CreateInternalResourceDialog({ .string() .min(1, t("createInternalResourceDialogNameRequired")) .max(255, t("createInternalResourceDialogNameMaxLength")), - siteId: z.number().int().positive(t("createInternalResourceDialogPleaseSelectSite")), + siteId: z.int().positive(t("createInternalResourceDialogPleaseSelectSite")), protocol: z.enum(["tcp", "udp"]), - proxyPort: z - .number() - .int() + proxyPort: z.int() .positive() .min(1, t("createInternalResourceDialogProxyPortMin")) .max(65535, t("createInternalResourceDialogProxyPortMax")), destinationIp: z.string(), - destinationPort: z - .number() - .int() + destinationPort: z.int() .positive() .min(1, t("createInternalResourceDialogDestinationPortMin")) .max(65535, t("createInternalResourceDialogDestinationPortMax")) diff --git a/src/components/EditInternalResourceDialog.tsx b/src/components/EditInternalResourceDialog.tsx index d09f0b6c..629da6a8 100644 --- a/src/components/EditInternalResourceDialog.tsx +++ b/src/components/EditInternalResourceDialog.tsx @@ -72,9 +72,9 @@ export default function EditInternalResourceDialog({ const formSchema = z.object({ name: z.string().min(1, t("editInternalResourceDialogNameRequired")).max(255, t("editInternalResourceDialogNameMaxLength")), protocol: z.enum(["tcp", "udp"]), - proxyPort: z.number().int().positive().min(1, t("editInternalResourceDialogProxyPortMin")).max(65535, t("editInternalResourceDialogProxyPortMax")), + proxyPort: z.int().positive().min(1, t("editInternalResourceDialogProxyPortMin")).max(65535, t("editInternalResourceDialogProxyPortMax")), destinationIp: z.string(), - destinationPort: z.number().int().positive().min(1, t("editInternalResourceDialogDestinationPortMin")).max(65535, t("editInternalResourceDialogDestinationPortMax")) + destinationPort: z.int().positive().min(1, t("editInternalResourceDialogDestinationPortMin")).max(65535, t("editInternalResourceDialogDestinationPortMax")) }); type FormData = z.infer; diff --git a/src/components/GenerateLicenseKeyForm.tsx b/src/components/GenerateLicenseKeyForm.tsx index 7dfd34ee..6a8d402f 100644 --- a/src/components/GenerateLicenseKeyForm.tsx +++ b/src/components/GenerateLicenseKeyForm.tsx @@ -63,7 +63,7 @@ export default function GenerateLicenseKeyForm({ // Personal form schema const personalFormSchema = z.object({ - email: z.string().email(), + email: z.email(), firstName: z.string().min(1), lastName: z.string().min(1), primaryUse: z.string().min(1), @@ -75,7 +75,7 @@ export default function GenerateLicenseKeyForm({ // Business form schema const businessFormSchema = z.object({ - email: z.string().email(), + email: z.email(), firstName: z.string().min(1), lastName: z.string().min(1), jobTitle: z.string().min(1), diff --git a/src/components/HealthCheckDialog.tsx b/src/components/HealthCheckDialog.tsx index 6fa36a5b..be5e5d45 100644 --- a/src/components/HealthCheckDialog.tsx +++ b/src/components/HealthCheckDialog.tsx @@ -80,24 +80,20 @@ export default function HealthCheckDialog({ hcMethod: z .string() .min(1, { message: t("healthCheckMethodRequired") }), - hcInterval: z - .number() - .int() + hcInterval: z.int() .positive() .min(5, { message: t("healthCheckIntervalMin") }), - hcTimeout: z - .number() - .int() + hcTimeout: z.int() .positive() .min(1, { message: t("healthCheckTimeoutMin") }), - hcStatus: z.number().int().positive().min(100).optional().nullable(), + hcStatus: z.int().positive().min(100).optional().nullable(), hcHeaders: z.array(z.object({ name: z.string(), value: z.string() })).nullable().optional(), hcScheme: z.string().optional(), hcHostname: z.string(), hcPort: z.number().positive().gt(0).lte(65535), hcFollowRedirects: z.boolean(), hcMode: z.string(), - hcUnhealthyInterval: z.number().int().positive().min(5) + hcUnhealthyInterval: z.int().positive().min(5) }); const form = useForm>({ diff --git a/src/components/IdpCreateWizard.tsx b/src/components/IdpCreateWizard.tsx index 937bd309..58093e6c 100644 --- a/src/components/IdpCreateWizard.tsx +++ b/src/components/IdpCreateWizard.tsx @@ -59,8 +59,8 @@ export function IdpCreateWizard({ onSubmit, defaultValues, loading = false }: Id type: z.enum(["oidc"]), clientId: z.string().min(1, { message: t('idpClientIdRequired') }), clientSecret: z.string().min(1, { message: t('idpClientSecretRequired') }), - authUrl: z.string().url({ message: t('idpErrorAuthUrlInvalid') }), - tokenUrl: z.string().url({ message: t('idpErrorTokenUrlInvalid') }), + authUrl: z.url({ message: t('idpErrorAuthUrlInvalid') }), + tokenUrl: z.url({ message: t('idpErrorTokenUrlInvalid') }), identifierPath: z .string() .min(1, { message: t('idpPathRequired') }), diff --git a/src/components/ResetPasswordForm.tsx b/src/components/ResetPasswordForm.tsx index e3e677b0..570a87ec 100644 --- a/src/components/ResetPasswordForm.tsx +++ b/src/components/ResetPasswordForm.tsx @@ -47,7 +47,7 @@ import { cleanRedirect } from "@app/lib/cleanRedirect"; import { useTranslations } from "next-intl"; const requestSchema = z.object({ - email: z.string().email() + email: z.email() }); export type ResetPasswordFormProps = { @@ -88,7 +88,7 @@ export default function ResetPasswordForm({ const formSchema = z .object({ - email: z.string().email({ message: t('emailInvalid') }), + email: z.email({ message: t('emailInvalid') }), token: z.string().min(8, { message: t('tokenInvalid') }), password: passwordSchema, confirmPassword: passwordSchema diff --git a/src/components/SupporterStatus.tsx b/src/components/SupporterStatus.tsx index 5a1a10bc..baa3721c 100644 --- a/src/components/SupporterStatus.tsx +++ b/src/components/SupporterStatus.tsx @@ -74,8 +74,12 @@ export default function SupporterStatus({ isCollapsed = false }: SupporterStatus const formSchema = z.object({ githubUsername: z .string() - .nonempty({ message: "GitHub username is required" }), - key: z.string().nonempty({ message: "Supporter key is required" }) + .nonempty({ + error: "GitHub username is required" + }), + key: z.string().nonempty({ + error: "Supporter key is required" + }) }); const form = useForm({ diff --git a/src/components/VerifyEmailForm.tsx b/src/components/VerifyEmailForm.tsx index 052ec359..39c07439 100644 --- a/src/components/VerifyEmailForm.tsx +++ b/src/components/VerifyEmailForm.tsx @@ -74,7 +74,7 @@ export default function VerifyEmailForm({ } const FormSchema = z.object({ - email: z.string().email({ message: t("emailInvalid") }), + email: z.email({ message: t("emailInvalid") }), pin: z.string().min(8, { message: t("verificationCodeLengthRequirements") })