[GH-19] objectified sso policies

karmaniverous · Aug 14, 2024 · a2f3fae · a2f3fae
1 parent 4965ed7
commit a2f3fae
Showing 1 changed file with 15 additions and 3 deletions.
diff --git a/src/Config.ts b/src/Config.ts
@@ -148,7 +148,10 @@ export const configSchema = z
           )
           .nullable()
           .optional(),
-        policies: z.record(z.string()).nullable().optional(),
+        policies: z
+          .record(z.object({ name: z.string() }).catchall(z.any()))
+          .nullable()
+          .optional(),
         reference: z
           .object({
             account_permission_sets: z.record(z.string().array()),
@@ -381,17 +384,26 @@ export const configSchema = z
       }
     }
     // validate name uniqueness across sso groups
-    validateObjectPropertyUnique(data, ctx, 'sso.groups', 'group', 'name');
+    validateObjectPropertyUnique(data, ctx, ['sso', 'groups'], 'group', 'name');
 
     // validate name uniqueness across sso permission sets
     validateObjectPropertyUnique(
       data,
       ctx,
-      'sso.permission_sets',
+      ['sso', 'permission_sets'],
       'permission_set',
       'name',
     );
 
+    // validate name uniqueness across sso policies
+    validateObjectPropertyUnique(
+      data,
+      ctx,
+      ['sso', 'policies'],
+      'policy',
+      'name',
+    );
+
     // validate email uniqueness across sso users
     validateObjectPropertyUnique(data, ctx, 'sso.users', 'user', 'email');