dezky/services/platform-api/src/users/dto/create-tenant-member.dto.ts

import { IsIn, IsOptional, IsString, Matches, MaxLength, MinLength } from 'class-validator'

// Create a workspace member. The email is formed as `localPart@<domain>`, where
// domain defaults to the tenant's primary domain. One temp password provisions
// both their SSO login and their mailbox.
export class CreateTenantMemberDto {
  @IsString()
  @MinLength(1)
  @MaxLength(120)
  name!: string

  @IsString()
  @MaxLength(64)
  @Matches(/^[a-zA-Z0-9._-]+$/, {
    message: 'address prefix may only contain letters, numbers, dots, hyphens and underscores',
  })
  localPart!: string

  @IsIn(['admin', 'member'])
  role!: 'admin' | 'member'

  // Optional explicit domain (must belong to the tenant); omitted = primary.
  @IsOptional()
  @IsString()
  domain?: string
}