namespace ZB.MOM.WW.ScadaBridge.Security;

/// <summary>
/// Single source of truth for role-name string literals used across the
/// Security module and downstream authorization checks.
/// </summary>
/// <remarks>
/// <para>
/// Role names appear in three independent contexts: <see cref="RoleMapper"/>
/// (LDAP-group → role resolution), <see cref="AuthorizationPolicies"/>
/// (policy <c>RequireClaim</c> values + the audit role arrays), and at LDAP
/// mapping rows configured by an operator. Holding the literals here means a
/// rename either succeeds everywhere or fails to compile, eliminating the
/// "string drift" class that Security-018 documented.
/// </para>
/// <para>
/// Task 1.7 canonicalization (auth normalization): role VALUES were
/// standardized onto the canonical six (<c>Viewer/Operator/Engineer/Designer/
/// Deployer/Administrator</c>; only four are used by ScadaBridge). The legacy
/// ScadaBridge role names were renamed/collapsed as follows:
/// <list type="bullet">
///   <item><description><c>Admin</c> → <c>Administrator</c></description></item>
///   <item><description><c>Design</c> → <c>Designer</c></description></item>
///   <item><description><c>Deployment</c> → <c>Deployer</c></description></item>
///   <item><description><c>Audit</c> → <c>Administrator</c> (COLLAPSE — accepted
///   separation-of-duties loss; a former audit-only user gains the full admin
///   surface)</description></item>
///   <item><description><c>AuditReadOnly</c> → <c>Viewer</c> (COLLAPSE — keeps
///   audit-read + nav, loses bulk export, which it never had)</description></item>
/// </list>
/// <c>Operator</c> and <c>Engineer</c> exist in the canonical vocabulary but are
/// unused by ScadaBridge, so they are intentionally not declared here.
/// </para>
/// </remarks>
public static class Roles
{
    public const string Administrator = "Administrator";
    public const string Designer = "Designer";
    public const string Deployer = "Deployer";
    public const string Viewer = "Viewer";
}