@arcblock/did-connect-service 4.0.5 → 4.0.7

package/dist/pages/shared-styles.js

@@ -1,109 +0,0 @@
-/**
- * Shared CSS styles — base component classes for login, invite, and admin pages.
- * Design tokens are imported from design-tokens.ts.
- */
-import { DESIGN_RESET_CSS, DESIGN_TOKENS_CSS } from "./design-tokens.js";
-export const SHARED_STYLES = /* css */ `
-  ${DESIGN_TOKENS_CSS}
-  ${DESIGN_RESET_CSS}
-
-  body {
-    min-height: 100vh;
-    display: flex;
-    align-items: center;
-    justify-content: center;
-  }
-  .card {
-    background: var(--bg-card);
-    border: 1px solid var(--border);
-    border-radius: var(--radius-lg);
-    padding: 48px 40px;
-    max-width: 400px;
-    width: 100%;
-    text-align: center;
-  }
-  h1 {
-    font-size: 24px;
-    font-weight: 600;
-    margin-bottom: 8px;
-    color: var(--text-white);
-    letter-spacing: -0.01em;
-    line-height: 1.25;
-  }
-  .subtitle {
-    font-size: 14px;
-    color: var(--text-secondary);
-    margin-bottom: 24px;
-    line-height: 1.5;
-  }
-  .input {
-    width: 100%;
-    height: 36px;
-    padding: 0 12px;
-    font-size: 14px;
-    color: var(--text);
-    background: var(--bg-input);
-    border: 1px solid var(--border-strong);
-    border-radius: var(--radius-sm);
-    outline: none;
-    margin-bottom: 16px;
-    transition: border-color 0.15s ease, box-shadow 0.15s ease;
-  }
-  .input:focus { border-color: var(--blue); box-shadow: var(--shadow-focus); }
-  .input::placeholder { color: var(--text-placeholder); }
-  .btn {
-    display: inline-flex;
-    align-items: center;
-    justify-content: center;
-    gap: 6px;
-    width: 100%;
-    height: 36px;
-    padding: 0 16px;
-    font-size: 14px;
-    font-weight: 500;
-    color: #fff;
-    background: var(--blue);
-    border: none;
-    border-radius: var(--radius-sm);
-    cursor: pointer;
-    transition: background-color 0.15s ease;
-    line-height: 1;
-  }
-  .btn:hover { background: var(--blue-hover); }
-  .btn:disabled { opacity: 0.5; cursor: not-allowed; pointer-events: none; }
-  .btn:focus-visible { box-shadow: var(--shadow-focus); }
-  .btn svg { width: 18px; height: 18px; }
-  .btn-secondary {
-    background: transparent;
-    border: 1px solid var(--border-strong);
-    color: var(--text);
-  }
-  .btn-secondary:hover { background: var(--bg-hover); border-color: rgba(255,255,255,0.20); }
-  .btn-danger {
-    background: var(--red);
-  }
-  .btn-danger:hover { background: #c22a2a; }
-  .status {
-    margin-top: 16px;
-    font-size: 13px;
-    min-height: 20px;
-    color: var(--text-secondary);
-  }
-  .status.error { color: var(--red-text); }
-  .badge {
-    display: inline-flex;
-    align-items: center;
-    padding: 2px 8px;
-    border-radius: var(--radius-full);
-    font-size: 11px;
-    font-weight: 500;
-    line-height: 1.45;
-    white-space: nowrap;
-  }
-  .badge-owner { background: var(--blue-light); color: var(--blue-muted); }
-  .badge-admin { background: var(--info-light); color: var(--info-text); }
-  .badge-member { background: rgba(255,255,255,0.08); color: var(--text-secondary); }
-  .badge-guest { background: rgba(255,255,255,0.04); color: var(--text-secondary); font-style: italic; }
-  .text-muted { color: var(--text-secondary); }
-`;
-//# sourceMappingURL=shared-styles.js.map

package/dist/pages/shared-styles.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"shared-styles.js","sourceRoot":"","sources":["../../src/pages/shared-styles.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAC;AAEzE,MAAM,CAAC,MAAM,aAAa,GAAG,SAAS,CAAC;IACnC,iBAAiB;IACjB,gBAAgB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAoGnB,CAAC"}

package/dist/rbac.d.ts

@@ -1,19 +0,0 @@
-/**
- * RBAC — Role-Based Access Control for team management.
- *
- * Fixed 4-tier hierarchy: owner (3) > admin (2) > member (1) > guest (0).
- */
-import type { Role } from "./types.js";
-/**
- * Check if a caller with `callerRole` is allowed to perform `action`.
- * For actions targeting another user, pass `targetRole`.
- */
-export declare function hasPermission(callerRole: Role, action: string, targetRole?: Role): boolean;
-/**
- * Throws if the caller lacks permission. Use in request handlers.
- */
-export declare function requirePermission(callerRole: Role, action: string, targetRole?: Role): void;
-export declare class PermissionError extends Error {
-    constructor(message: string);
-}
-//# sourceMappingURL=rbac.d.ts.map

package/dist/rbac.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"rbac.d.ts","sourceRoot":"","sources":["../src/rbac.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AASvC;;;GAGG;AACH,wBAAgB,aAAa,CAAC,UAAU,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,IAAI,GAAG,OAAO,CAkD1F;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,UAAU,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,IAAI,GAAG,IAAI,CAI3F;AAED,qBAAa,eAAgB,SAAQ,KAAK;gBAC5B,OAAO,EAAE,MAAM;CAI5B"}

package/dist/rbac.js

@@ -1,76 +0,0 @@
-/**
- * RBAC — Role-Based Access Control for team management.
- *
- * Fixed 4-tier hierarchy: owner (3) > admin (2) > member (1) > guest (0).
- */
-const ROLE_LEVEL = {
-    owner: 3,
-    admin: 2,
-    member: 1,
-    guest: 0,
-};
-/**
- * Check if a caller with `callerRole` is allowed to perform `action`.
- * For actions targeting another user, pass `targetRole`.
- */
-export function hasPermission(callerRole, action, targetRole) {
-    const level = ROLE_LEVEL[callerRole] ?? 0;
-    switch (action) {
-        case "team.list_members":
-        case "team.view_member":
-        case "team.create_invitation":
-        case "team.view_audit_logs":
-            return level >= 2; // admin+
-        case "team.delete_invitation":
-            return level >= 2; // admin+ (handler checks ownership for admin)
-        case "team.remove_member":
-        case "team.block_member":
-        case "team.unblock_member":
-            if (!targetRole)
-                return false;
-            if (callerRole === "owner")
-                return true;
-            if (callerRole === "admin")
-                return ROLE_LEVEL[targetRole] < 2; // admin can only act on member
-            return false;
-        case "team.change_role":
-        case "team.transfer_ownership":
-        case "access_policy.create":
-        case "access_policy.update":
-        case "access_policy.delete":
-        case "security_rule.create":
-        case "security_rule.update":
-        case "security_rule.delete":
-            return callerRole === "owner";
-        case "access_policy.list":
-        case "security_rule.list":
-        case "settings.view":
-        case "audit.view":
-            return level >= 2; // admin+
-        case "settings.edit":
-            return callerRole === "owner";
-        case "accessKey.list":
-        case "accessKey.view":
-        case "accessKey.create":
-        case "accessKey.update":
-        case "accessKey.delete":
-            return level >= 0; // all authenticated roles (handler enforces ownership for non-admin)
-        default:
-            return level >= 1; // any authenticated user
-    }
-}
-/**
- * Throws if the caller lacks permission. Use in request handlers.
- */
-export function requirePermission(callerRole, action, targetRole) {
-    if (!hasPermission(callerRole, action, targetRole)) {
-        throw new PermissionError("Insufficient permissions");
-    }
-}
-export class PermissionError extends Error {
-    constructor(message) {
-        super(message);
-        this.name = "PermissionError";
-    }
-}
-//# sourceMappingURL=rbac.js.map

package/dist/rbac.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"rbac.js","sourceRoot":"","sources":["../src/rbac.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,MAAM,UAAU,GAAyB;IACvC,KAAK,EAAE,CAAC;IACR,KAAK,EAAE,CAAC;IACR,MAAM,EAAE,CAAC;IACT,KAAK,EAAE,CAAC;CACT,CAAC;AAEF;;;GAGG;AACH,MAAM,UAAU,aAAa,CAAC,UAAgB,EAAE,MAAc,EAAE,UAAiB;IAC/E,MAAM,KAAK,GAAG,UAAU,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;IAE1C,QAAQ,MAAM,EAAE,CAAC;QACf,KAAK,mBAAmB,CAAC;QACzB,KAAK,kBAAkB,CAAC;QACxB,KAAK,wBAAwB,CAAC;QAC9B,KAAK,sBAAsB;YACzB,OAAO,KAAK,IAAI,CAAC,CAAC,CAAC,SAAS;QAE9B,KAAK,wBAAwB;YAC3B,OAAO,KAAK,IAAI,CAAC,CAAC,CAAC,8CAA8C;QAEnE,KAAK,oBAAoB,CAAC;QAC1B,KAAK,mBAAmB,CAAC;QACzB,KAAK,qBAAqB;YACxB,IAAI,CAAC,UAAU;gBAAE,OAAO,KAAK,CAAC;YAC9B,IAAI,UAAU,KAAK,OAAO;gBAAE,OAAO,IAAI,CAAC;YACxC,IAAI,UAAU,KAAK,OAAO;gBAAE,OAAO,UAAU,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,+BAA+B;YAC9F,OAAO,KAAK,CAAC;QAEf,KAAK,kBAAkB,CAAC;QACxB,KAAK,yBAAyB,CAAC;QAC/B,KAAK,sBAAsB,CAAC;QAC5B,KAAK,sBAAsB,CAAC;QAC5B,KAAK,sBAAsB,CAAC;QAC5B,KAAK,sBAAsB,CAAC;QAC5B,KAAK,sBAAsB,CAAC;QAC5B,KAAK,sBAAsB;YACzB,OAAO,UAAU,KAAK,OAAO,CAAC;QAEhC,KAAK,oBAAoB,CAAC;QAC1B,KAAK,oBAAoB,CAAC;QAC1B,KAAK,eAAe,CAAC;QACrB,KAAK,YAAY;YACf,OAAO,KAAK,IAAI,CAAC,CAAC,CAAC,SAAS;QAE9B,KAAK,eAAe;YAClB,OAAO,UAAU,KAAK,OAAO,CAAC;QAEhC,KAAK,gBAAgB,CAAC;QACtB,KAAK,gBAAgB,CAAC;QACtB,KAAK,kBAAkB,CAAC;QACxB,KAAK,kBAAkB,CAAC;QACxB,KAAK,kBAAkB;YACrB,OAAO,KAAK,IAAI,CAAC,CAAC,CAAC,qEAAqE;QAE1F;YACE,OAAO,KAAK,IAAI,CAAC,CAAC,CAAC,yBAAyB;IAChD,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,iBAAiB,CAAC,UAAgB,EAAE,MAAc,EAAE,UAAiB;IACnF,IAAI,CAAC,aAAa,CAAC,UAAU,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,CAAC;QACnD,MAAM,IAAI,eAAe,CAAC,0BAA0B,CAAC,CAAC;IACxD,CAAC;AACH,CAAC;AAED,MAAM,OAAO,eAAgB,SAAQ,KAAK;IACxC,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,iBAAiB,CAAC;IAChC,CAAC;CACF"}

package/dist/session-context.d.ts

@@ -1,35 +0,0 @@
-/**
- * SessionContext — unified session identity flowing through HTTP → WebSocket → AUP → AFS exec.
- *
- * Four auth methods produce the same structure:
- *   1. ARC Owner passkey login → authMethod = "passkey"
- *   2. Visitor DID Connect      → authMethod = "did-connect"
- *   3. Access Key bearer token  → authMethod = "access-key"
- */
-import type { CallerIdentity, Role } from "./types.js";
-export interface SessionContext {
-    /** User's DID (owner passkey DID or visitor DID). */
-    did: string;
-    /** Public key (base64 for passkey, hex for Ed25519). */
-    pk?: string;
-    /** Display name (from users table or DID Connect profile). */
-    displayName?: string;
-    /** How this identity was established. */
-    authMethod: "passkey" | "did-connect" | "access-key";
-    /** Instance this session targets (filled by instanceResolveMiddleware). */
-    instanceDid?: string;
-    /** Role within this instance (from memberships table; system role if no instance). */
-    role?: Role;
-    /** DID Space routing key = instanceDid ?? blockletDid ?? blockletId. */
-    appId?: string;
-}
-/** Build SessionContext from CallerIdentity + instance resolution result. */
-export declare function buildSessionContext(caller: CallerIdentity | null, options?: {
-    instanceDid?: string;
-    membershipRole?: Role | null;
-    appId?: string;
-    authMethod?: SessionContext["authMethod"];
-}): SessionContext | null;
-export declare function serializeSessionContext(ctx: SessionContext): string;
-export declare function deserializeSessionContext(json: string): SessionContext | null;
-//# sourceMappingURL=session-context.d.ts.map

package/dist/session-context.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"session-context.d.ts","sourceRoot":"","sources":["../src/session-context.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AAEvD,MAAM,WAAW,cAAc;IAC7B,qDAAqD;IACrD,GAAG,EAAE,MAAM,CAAC;IACZ,wDAAwD;IACxD,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,8DAA8D;IAC9D,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB,yCAAyC;IACzC,UAAU,EAAE,SAAS,GAAG,aAAa,GAAG,YAAY,CAAC;IAErD,2EAA2E;IAC3E,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,sFAAsF;IACtF,IAAI,CAAC,EAAE,IAAI,CAAC;IAEZ,wEAAwE;IACxE,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,6EAA6E;AAC7E,wBAAgB,mBAAmB,CACjC,MAAM,EAAE,cAAc,GAAG,IAAI,EAC7B,OAAO,CAAC,EAAE;IACR,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,cAAc,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IAC7B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,UAAU,CAAC,EAAE,cAAc,CAAC,YAAY,CAAC,CAAC;CAC3C,GACA,cAAc,GAAG,IAAI,CAavB;AAED,wBAAgB,uBAAuB,CAAC,GAAG,EAAE,cAAc,GAAG,MAAM,CAEnE;AAED,wBAAgB,yBAAyB,CAAC,IAAI,EAAE,MAAM,GAAG,cAAc,GAAG,IAAI,CAQ7E"}

package/dist/session-context.js

@@ -1,39 +0,0 @@
-/**
- * SessionContext — unified session identity flowing through HTTP → WebSocket → AUP → AFS exec.
- *
- * Four auth methods produce the same structure:
- *   1. ARC Owner passkey login → authMethod = "passkey"
- *   2. Visitor DID Connect      → authMethod = "did-connect"
- *   3. Access Key bearer token  → authMethod = "access-key"
- */
-/** Build SessionContext from CallerIdentity + instance resolution result. */
-export function buildSessionContext(caller, options) {
-    if (!caller)
-        return null;
-    return {
-        did: caller.did,
-        pk: caller.pk,
-        displayName: caller.displayName,
-        authMethod: options?.authMethod ?? "passkey",
-        instanceDid: options?.instanceDid,
-        role: options?.instanceDid
-            ? (options.membershipRole ?? "guest") // instance context: membership role or guest
-            : (caller.role ?? undefined), // system context: system role
-        appId: options?.appId,
-    };
-}
-export function serializeSessionContext(ctx) {
-    return JSON.stringify(ctx);
-}
-export function deserializeSessionContext(json) {
-    try {
-        const parsed = JSON.parse(json);
-        if (typeof parsed?.did !== "string")
-            return null;
-        return parsed;
-    }
-    catch {
-        return null;
-    }
-}
-//# sourceMappingURL=session-context.js.map

package/dist/session-context.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"session-context.js","sourceRoot":"","sources":["../src/session-context.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAwBH,6EAA6E;AAC7E,MAAM,UAAU,mBAAmB,CACjC,MAA6B,EAC7B,OAKC;IAED,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC;IACzB,OAAO;QACL,GAAG,EAAE,MAAM,CAAC,GAAG;QACf,EAAE,EAAE,MAAM,CAAC,EAAE;QACb,WAAW,EAAE,MAAM,CAAC,WAAW;QAC/B,UAAU,EAAE,OAAO,EAAE,UAAU,IAAI,SAAS;QAC5C,WAAW,EAAE,OAAO,EAAE,WAAW;QACjC,IAAI,EAAE,OAAO,EAAE,WAAW;YACxB,CAAC,CAAC,CAAC,OAAO,CAAC,cAAc,IAAI,OAAO,CAAC,CAAC,6CAA6C;YACnF,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,IAAI,SAAS,CAAC,EAAE,8BAA8B;QAC9D,KAAK,EAAE,OAAO,EAAE,KAAK;KACtB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,uBAAuB,CAAC,GAAmB;IACzD,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;AAC7B,CAAC;AAED,MAAM,UAAU,yBAAyB,CAAC,IAAY;IACpD,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAChC,IAAI,OAAO,MAAM,EAAE,GAAG,KAAK,QAAQ;YAAE,OAAO,IAAI,CAAC;QACjD,OAAO,MAAwB,CAAC;IAClC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC"}

package/dist/store.d.ts

@@ -1,222 +0,0 @@
-/**
- * D1Store — D1-backed storage for passkey auth + team management.
- *
- * Uses the same schema as blocklet-server (users + connected_accounts tables)
- * to ensure interoperability. Unused fields default to null/empty.
- */
-import type { AccessKeyInfo, AccessPolicyInfo, AuditLogInfo, CreateAccessKeyInput, CreateAccessPolicyInput, CreateAuditLogInput, CreateInvitationInput, CreateSecurityRuleInput, InvitationInfo, MemberInfo, SecurityRuleInfo, StoredAccessKey, StoredConnectedAccount, StoredInvitation, StoredUser, UpdateAccessKeyInput, UpdateAccessPolicyInput, UpdateSecurityRuleInput } from "./types.js";
-type RulesCacheEntry = Array<{
-    id: string;
-    pathPattern: string;
-    priority: number;
-    roles: string | null;
-    reverse: number;
-    enabled: number;
-}>;
-/** @internal Reset all module-level caches — for testing only. */
-export declare function _resetForTesting(): void;
-export declare class D1Store {
-    private db;
-    constructor(db: D1Database);
-    /** Run schema migration. Idempotent — only executes once per isolate. */
-    migrate(): Promise<void>;
-    /** @internal Backwards-compatible alias for migrate(). */
-    ensureSchema(): Promise<void>;
-    saveChallenge(id: string, challenge: string, invitationId?: string): Promise<void>;
-    getChallenge(id: string): Promise<{
-        challenge: string;
-        invitationId: string | null;
-    } | null>;
-    deleteChallenge(id: string): Promise<void>;
-    purgeExpiredChallenges(): Promise<void>;
-    isRegistrationOpen(): Promise<boolean>;
-    createUser(params: {
-        did: string;
-        pk: string;
-        fullName?: string;
-        email?: string;
-        sourceProvider: string;
-        ip?: string;
-        domain?: string;
-    }): Promise<void>;
-    getUserByDid(did: string): Promise<StoredUser | null>;
-    updateLastLogin(did: string, ip?: string, domain?: string): Promise<void>;
-    incrementPasskeyCount(did: string): Promise<void>;
-    getUserCount(): Promise<number>;
-    getUsers(opts: {
-        page: number;
-        pageSize: number;
-        role?: string;
-        search?: string;
-        approved?: number;
-        sourceProvider?: string;
-    }): Promise<{
-        users: MemberInfo[];
-        total: number;
-    }>;
-    getMemberInfo(did: string): Promise<MemberInfo | null>;
-    updateUserRole(did: string, role: string): Promise<void>;
-    updateUserApproval(did: string, approved: boolean): Promise<void>;
-    updateUserProfile(did: string, fields: {
-        fullName?: string;
-        email?: string;
-        avatar?: string;
-    }): Promise<void>;
-    removeUser(did: string): Promise<void>;
-    setUserInviter(did: string, inviterDid: string): Promise<void>;
-    /**
-     * Atomically transfer ownership: set target to owner, caller to admin.
-     * Uses D1 batch for atomicity.
-     */
-    transferOwnership(currentOwnerDid: string, newOwnerDid: string): Promise<void>;
-    createInvitation(input: CreateInvitationInput): Promise<StoredInvitation>;
-    getInvitation(id: string): Promise<StoredInvitation | null>;
-    getInvitations(opts: {
-        page: number;
-        pageSize: number;
-        instanceDid?: string;
-    }): Promise<{
-        invitations: InvitationInfo[];
-        total: number;
-    }>;
-    /**
-     * Atomically increment useCount. Returns false if maxUses already reached.
-     */
-    incrementInvitationUseCount(id: string): Promise<boolean>;
-    updateInvitationStatus(id: string, status: string): Promise<void>;
-    deleteInvitation(id: string): Promise<void>;
-    purgeExpiredInvitations(): Promise<void>;
-    createAuditLog(input: CreateAuditLogInput): Promise<void>;
-    getAuditLogs(opts: {
-        page: number;
-        pageSize: number;
-        action?: string;
-        instanceDid?: string;
-    }): Promise<{
-        logs: AuditLogInfo[];
-        total: number;
-    }>;
-    getAuditLogsForInstance(instanceDid: string, opts: {
-        page: number;
-        pageSize: number;
-        action?: string;
-    }): Promise<{
-        logs: AuditLogInfo[];
-        total: number;
-    }>;
-    getAuditLogById(id: number, instanceDid: string): Promise<AuditLogInfo | null>;
-    createConnectedAccount(params: {
-        did: string;
-        pk: string;
-        userDid: string;
-        provider: string;
-        id: string;
-        extra: string;
-        userInfo: string;
-        ip?: string;
-    }): Promise<void>;
-    upsertConnectedAccount(account: {
-        did: string;
-        pk: string;
-        userDid: string;
-        provider: string;
-        id: string;
-        userInfo?: string;
-    }): Promise<void>;
-    getConnectedAccountById(credentialId: string): Promise<StoredConnectedAccount | null>;
-    getConnectedAccountByDid(did: string): Promise<StoredConnectedAccount | null>;
-    updateCounter(did: string, counter: number): Promise<void>;
-    getConnectedAccountsByUserDid(userDid: string): Promise<StoredConnectedAccount[]>;
-    getConnectedAccountByProviderAndUser(provider: string, userDid: string): Promise<StoredConnectedAccount | null>;
-    deleteConnectedAccount(did: string): Promise<void>;
-    createAccessKey(input: CreateAccessKeyInput): Promise<StoredAccessKey>;
-    getAccessKeyById(accessKeyId: string): Promise<AccessKeyInfo | null>;
-    getAccessKeys(opts: {
-        page: number;
-        pageSize: number;
-        search?: string;
-        createdBy?: string;
-        instanceDid?: string;
-    }): Promise<{
-        keys: AccessKeyInfo[];
-        total: number;
-    }>;
-    updateAccessKey(accessKeyId: string, input: UpdateAccessKeyInput): Promise<AccessKeyInfo | null>;
-    deleteAccessKey(accessKeyId: string): Promise<void>;
-    refreshAccessKeyLastUsed(accessKeyId: string): Promise<void>;
-    ensureBuiltinPolicies(): Promise<void>;
-    ensureDefaultRule(): Promise<void>;
-    getAccessPolicies(instanceDid?: string): Promise<AccessPolicyInfo[]>;
-    getAccessPolicy(id: string): Promise<AccessPolicyInfo | null>;
-    createAccessPolicy(input: CreateAccessPolicyInput): Promise<AccessPolicyInfo>;
-    updateAccessPolicy(id: string, input: UpdateAccessPolicyInput): Promise<AccessPolicyInfo>;
-    deleteAccessPolicy(id: string): Promise<void>;
-    getAccessPolicyRuleCount(id: string): Promise<number>;
-    getSecurityRules(instanceDid?: string): Promise<SecurityRuleInfo[]>;
-    getSecurityRule(id: string): Promise<SecurityRuleInfo | null>;
-    createSecurityRule(input: CreateSecurityRuleInput): Promise<SecurityRuleInfo>;
-    updateSecurityRule(id: string, input: UpdateSecurityRuleInput): Promise<SecurityRuleInfo>;
-    deleteSecurityRule(id: string): Promise<void>;
-    createMembership(userDid: string, instanceDid: string, role: string, invitedBy?: string): Promise<void>;
-    getMembership(userDid: string, instanceDid: string): Promise<{
-        user_did: string;
-        instance_did: string;
-        role: string;
-        invited_by: string | null;
-        joined_at: string;
-    } | null>;
-    listMemberships(instanceDid: string): Promise<Array<{
-        user_did: string;
-        instance_did: string;
-        role: string;
-        invited_by: string | null;
-        joined_at: string;
-    }>>;
-    listMembershipsWithUserInfo(instanceDid: string): Promise<Array<{
-        user_did: string;
-        instance_did: string;
-        role: string;
-        invited_by: string | null;
-        joined_at: string;
-        fullName: string | null;
-        email: string | null;
-        avatar: string | null;
-        approved: number;
-    }>>;
-    updateMembershipRole(userDid: string, instanceDid: string, role: string): Promise<void>;
-    deleteMembership(userDid: string, instanceDid: string): Promise<void>;
-    deleteMembershipsByInstance(instanceDid: string): Promise<void>;
-    getSetting(instanceDid: string, key: string): Promise<string | null>;
-    setSetting(instanceDid: string, key: string, value: string): Promise<void>;
-    listSettings(instanceDid: string): Promise<Array<{
-        key: string;
-        value: string | null;
-        updated_at: string;
-    }>>;
-    deleteSetting(instanceDid: string, key: string): Promise<void>;
-    createVerifyCode(code: string, subject: string, purpose: string): Promise<number>;
-    consumeVerifyCode(code: string): Promise<{
-        id: number;
-        subject: string;
-    } | null>;
-    isVerifyCodeSent(subject: string): Promise<boolean>;
-    markVerifyCodeSent(code: string): Promise<void>;
-    purgeExpiredVerifyCodes(): Promise<void>;
-    createLoginTicket(ticket: string, did: string, targetOrigin?: string, ttlSeconds?: number): Promise<void>;
-    getLoginTicket(ticket: string): Promise<{
-        ticket: string;
-        did: string;
-        target_origin: string | null;
-    } | null>;
-    deleteLoginTicket(ticket: string): Promise<void>;
-    purgeExpiredLoginTickets(): Promise<void>;
-    seedInstanceDefaults(instanceDid: string): Promise<void>;
-    getActiveRulesForInstance(instanceDid: string): Promise<RulesCacheEntry>;
-    /**
-     * Optimized query for enforcement: returns all enabled rules with inlined policy data.
-     * Results are cached per-isolate with TTL + write-through invalidation.
-     */
-    getActiveRulesWithPolicies(): Promise<RulesCacheEntry>;
-}
-export {};
-//# sourceMappingURL=store.d.ts.map

package/dist/store.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"store.d.ts","sourceRoot":"","sources":["../src/store.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,KAAK,EACV,aAAa,EACb,gBAAgB,EAChB,YAAY,EACZ,oBAAoB,EACpB,uBAAuB,EACvB,mBAAmB,EACnB,qBAAqB,EACrB,uBAAuB,EACvB,cAAc,EACd,UAAU,EACV,gBAAgB,EAChB,eAAe,EAEf,sBAAsB,EACtB,gBAAgB,EAEhB,UAAU,EACV,oBAAoB,EACpB,uBAAuB,EACvB,uBAAuB,EACxB,MAAM,YAAY,CAAC;AAoJpB,KAAK,eAAe,GAAG,KAAK,CAAC;IAC3B,EAAE,EAAE,MAAM,CAAC;IACX,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;CACjB,CAAC,CAAC;AAwCH,kEAAkE;AAClE,wBAAgB,gBAAgB,IAAI,IAAI,CAIvC;AAED,qBAAa,OAAO;IACN,OAAO,CAAC,EAAE;gBAAF,EAAE,EAAE,UAAU;IAElC,yEAAyE;IACnE,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IAiG9B,0DAA0D;IACpD,YAAY,IAAI,OAAO,CAAC,IAAI,CAAC;IAM7B,aAAa,CAAC,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,YAAY,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAQlF,YAAY,CAChB,EAAE,EAAE,MAAM,GACT,OAAO,CAAC;QAAE,SAAS,EAAE,MAAM,CAAC;QAAC,YAAY,EAAE,MAAM,GAAG,IAAI,CAAA;KAAE,GAAG,IAAI,CAAC;IAS/D,eAAe,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAK1C,sBAAsB,IAAI,OAAO,CAAC,IAAI,CAAC;IAQvC,kBAAkB,IAAI,OAAO,CAAC,OAAO,CAAC;IAUtC,UAAU,CAAC,MAAM,EAAE;QACvB,GAAG,EAAE,MAAM,CAAC;QACZ,EAAE,EAAE,MAAM,CAAC;QACX,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,cAAc,EAAE,MAAM,CAAC;QACvB,EAAE,CAAC,EAAE,MAAM,CAAC;QACZ,MAAM,CAAC,EAAE,MAAM,CAAC;KACjB,GAAG,OAAO,CAAC,IAAI,CAAC;IAyBX,YAAY,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC;IAKrD,eAAe,CAAC,GAAG,EAAE,MAAM,EAAE,EAAE,CAAC,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAWzE,qBAAqB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAUjD,YAAY,IAAI,OAAO,CAAC,MAAM,CAAC;IAQ/B,QAAQ,CAAC,IAAI,EAAE;QACnB,IAAI,EAAE,MAAM,CAAC;QACb,QAAQ,EAAE,MAAM,CAAC;QACjB,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,MAAM,CAAC,EAAE,MAAM,CAAC;QAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;QAClB,cAAc,CAAC,EAAE,MAAM,CAAC;KACzB,GAAG,OAAO,CAAC;QAAE,KAAK,EAAE,UAAU,EAAE,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC;IAmD7C,aAAa,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,GAAG,IAAI,CAAC;IAetD,cAAc,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAQxD,kBAAkB,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,EAAE,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC;IAQjE,iBAAiB,CACrB,GAAG,EAAE,MAAM,EACX,MAAM,EAAE;QAAE,QAAQ,CAAC,EAAE,MAAM,CAAC;QAAC,KAAK,CAAC,EAAE,MAAM,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAA;KAAE,GAC7D,OAAO,CAAC,IAAI,CAAC;IA8BV,UAAU,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAStC,cAAc,CAAC,GAAG,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAQpE;;;OAGG;IACG,iBAAiB,CAAC,eAAe,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAe9E,gBAAgB,CAAC,KAAK,EAAE,qBAAqB,GAAG,OAAO,CAAC,gBAAgB,CAAC;IA2CzE,aAAa,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,GAAG,IAAI,CAAC;IAQ3D,cAAc,CAAC,IAAI,EAAE;QACzB,IAAI,EAAE,MAAM,CAAC;QACb,QAAQ,EAAE,MAAM,CAAC;QACjB,WAAW,CAAC,EAAE,MAAM,CAAC;KACtB,GAAG,OAAO,CAAC;QAAE,WAAW,EAAE,cAAc,EAAE,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC;IAqC7D;;OAEG;IACG,2BAA2B,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAYzD,sBAAsB,CAAC,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAQjE,gBAAgB,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAK3C,uBAAuB,IAAI,OAAO,CAAC,IAAI,CAAC;IAYxC,cAAc,CAAC,KAAK,EAAE,mBAAmB,GAAG,OAAO,CAAC,IAAI,CAAC;IAmBzD,YAAY,CAAC,IAAI,EAAE;QACvB,IAAI,EAAE,MAAM,CAAC;QACb,QAAQ,EAAE,MAAM,CAAC;QACjB,MAAM,CAAC,EAAE,MAAM,CAAC;QAChB,WAAW,CAAC,EAAE,MAAM,CAAC;KACtB,GAAG,OAAO,CAAC;QAAE,IAAI,EAAE,YAAY,EAAE,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC;IA6C9C,uBAAuB,CAC3B,WAAW,EAAE,MAAM,EACnB,IAAI,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAA;KAAE,GACxD,OAAO,CAAC;QAAE,IAAI,EAAE,YAAY,EAAE,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC;IAoC7C,eAAe,CAAC,EAAE,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,GAAG,IAAI,CAAC;IAgB9E,sBAAsB,CAAC,MAAM,EAAE;QACnC,GAAG,EAAE,MAAM,CAAC;QACZ,EAAE,EAAE,MAAM,CAAC;QACX,OAAO,EAAE,MAAM,CAAC;QAChB,QAAQ,EAAE,MAAM,CAAC;QACjB,EAAE,EAAE,MAAM,CAAC;QACX,KAAK,EAAE,MAAM,CAAC;QACd,QAAQ,EAAE,MAAM,CAAC;QACjB,EAAE,CAAC,EAAE,MAAM,CAAC;KACb,GAAG,OAAO,CAAC,IAAI,CAAC;IAuBX,sBAAsB,CAAC,OAAO,EAAE;QACpC,GAAG,EAAE,MAAM,CAAC;QACZ,EAAE,EAAE,MAAM,CAAC;QACX,OAAO,EAAE,MAAM,CAAC;QAChB,QAAQ,EAAE,MAAM,CAAC;QACjB,EAAE,EAAE,MAAM,CAAC;QACX,QAAQ,CAAC,EAAE,MAAM,CAAC;KACnB,GAAG,OAAO,CAAC,IAAI,CAAC;IAqBX,uBAAuB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,sBAAsB,GAAG,IAAI,CAAC;IAQrF,wBAAwB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,sBAAsB,GAAG,IAAI,CAAC;IAQ7E,aAAa,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAQ1D,6BAA6B,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,sBAAsB,EAAE,CAAC;IASjF,oCAAoC,CACxC,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,sBAAsB,GAAG,IAAI,CAAC;IAQnC,sBAAsB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAOlD,eAAe,CAAC,KAAK,EAAE,oBAAoB,GAAG,OAAO,CAAC,eAAe,CAAC;IAmCtE,gBAAgB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC;IAgBpE,aAAa,CAAC,IAAI,EAAE;QACxB,IAAI,EAAE,MAAM,CAAC;QACb,QAAQ,EAAE,MAAM,CAAC;QACjB,MAAM,CAAC,EAAE,MAAM,CAAC;QAChB,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,WAAW,CAAC,EAAE,MAAM,CAAC;KACtB,GAAG,OAAO,CAAC;QAAE,IAAI,EAAE,aAAa,EAAE,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC;IA0D/C,eAAe,CACnB,WAAW,EAAE,MAAM,EACnB,KAAK,EAAE,oBAAoB,GAC1B,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC;IA2B1B,eAAe,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAKnD,wBAAwB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAU5D,qBAAqB,IAAI,OAAO,CAAC,IAAI,CAAC;IA8CtC,iBAAiB,IAAI,OAAO,CAAC,IAAI,CAAC;IAclC,iBAAiB,CAAC,WAAW,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,EAAE,CAAC;IA0CpE,eAAe,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,GAAG,IAAI,CAAC;IAyB7D,kBAAkB,CAAC,KAAK,EAAE,uBAAuB,GAAG,OAAO,CAAC,gBAAgB,CAAC;IA8B7E,kBAAkB,CAAC,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,uBAAuB,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAsCzF,kBAAkB,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAM7C,wBAAwB,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAUrD,gBAAgB,CAAC,WAAW,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,EAAE,CAAC;IAmCnE,eAAe,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,GAAG,IAAI,CAAC;IA2B7D,kBAAkB,CAAC,KAAK,EAAE,uBAAuB,GAAG,OAAO,CAAC,gBAAgB,CAAC;IA0B7E,kBAAkB,CAAC,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,uBAAuB,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAyCzF,kBAAkB,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAQ7C,gBAAgB,CACpB,OAAO,EAAE,MAAM,EACf,WAAW,EAAE,MAAM,EACnB,IAAI,EAAE,MAAM,EACZ,SAAS,CAAC,EAAE,MAAM,GACjB,OAAO,CAAC,IAAI,CAAC;IAWV,aAAa,CACjB,OAAO,EAAE,MAAM,EACf,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC;QACT,QAAQ,EAAE,MAAM,CAAC;QACjB,YAAY,EAAE,MAAM,CAAC;QACrB,IAAI,EAAE,MAAM,CAAC;QACb,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;QAC1B,SAAS,EAAE,MAAM,CAAC;KACnB,GAAG,IAAI,CAAC;IAeH,eAAe,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CACjD,KAAK,CAAC;QACJ,QAAQ,EAAE,MAAM,CAAC;QACjB,YAAY,EAAE,MAAM,CAAC;QACrB,IAAI,EAAE,MAAM,CAAC;QACb,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;QAC1B,SAAS,EAAE,MAAM,CAAC;KACnB,CAAC,CACH;IAeK,2BAA2B,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAC7D,KAAK,CAAC;QACJ,QAAQ,EAAE,MAAM,CAAC;QACjB,YAAY,EAAE,MAAM,CAAC;QACrB,IAAI,EAAE,MAAM,CAAC;QACb,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;QAC1B,SAAS,EAAE,MAAM,CAAC;QAClB,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;QACxB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;QACrB,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;QACtB,QAAQ,EAAE,MAAM,CAAC;KAClB,CAAC,CACH;IA4BK,oBAAoB,CAAC,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IASvF,gBAAgB,CAAC,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IASrE,2BAA2B,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAQ/D,UAAU,CAAC,WAAW,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IASpE,UAAU,CAAC,WAAW,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAY1E,YAAY,CAChB,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,KAAK,CAAC;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;QAAC,UAAU,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAStE,aAAa,CAAC,WAAW,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAU9D,gBAAgB,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAYjF,iBAAiB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC;QAAE,EAAE,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAE,GAAG,IAAI,CAAC;IAqBhF,gBAAgB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAanD,kBAAkB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAU/C,uBAAuB,IAAI,OAAO,CAAC,IAAI,CAAC;IASxC,iBAAiB,CACrB,MAAM,EAAE,MAAM,EACd,GAAG,EAAE,MAAM,EACX,YAAY,CAAC,EAAE,MAAM,EACrB,UAAU,SAAM,GACf,OAAO,CAAC,IAAI,CAAC;IAWV,cAAc,CAClB,MAAM,EAAE,MAAM,GACb,OAAO,CAAC;QAAE,MAAM,EAAE,MAAM,CAAC;QAAC,GAAG,EAAE,MAAM,CAAC;QAAC,aAAa,EAAE,MAAM,GAAG,IAAI,CAAA;KAAE,GAAG,IAAI,CAAC;IAW1E,iBAAiB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAKhD,wBAAwB,IAAI,OAAO,CAAC,IAAI,CAAC;IAOzC,oBAAoB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IA8DxD,yBAAyB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,CAAC;IAyB9E;;;OAGG;IACG,0BAA0B,IAAI,OAAO,CAAC,eAAe,CAAC;CAkB7D"}