@baasix/baasix 0.1.0

package/dist/utils/auth.js

@@ -0,0 +1,557 @@
+/**
+ * Authentication utilities for Baasix
+ * New implementation using the adapter-based auth module
+ * Provides backward compatibility with existing exports
+ */
+import jwt from "jsonwebtoken";
+import crypto from "crypto";
+import env from "./env.js";
+import { APIError } from "./errorHandler.js";
+import { getSqlClient } from "./db.js";
+import { db } from "./db.js";
+import { getCache } from "./cache.js";
+import { eq, and } from "drizzle-orm";
+import { schemaManager } from "./schemaManager.js";
+import { permissionService } from '../services/PermissionService.js';
+/**
+ * Lazy getter for ItemsService to avoid circular dependency
+ */
+let _ItemsService = null;
+async function getItemsService() {
+    if (!_ItemsService) {
+        const module = await import('../services/ItemsService.js');
+        _ItemsService = module.default || module.ItemsService;
+    }
+    return _ItemsService;
+}
+// Lazy getter for SettingsService
+let _SettingsService = null;
+async function getSettingsService() {
+    if (!_SettingsService) {
+        const module = await import('../services/SettingsService.js');
+        _SettingsService = module.default;
+    }
+    return _SettingsService;
+}
+/**
+ * Helper function to get and cache roles and permissions
+ * Uses PermissionService for role data (cached in memory) and Redis cache for permissions
+ */
+export async function getRolesAndPermissions(roleId) {
+    const cache = getCache();
+    const cacheKey = `auth:role:${roleId}:permissions`;
+    // Check cache first
+    const cachedRole = await cache.get(cacheKey);
+    if (cachedRole) {
+        return cachedRole;
+    }
+    // Get role from PermissionService (hybrid cache)
+    const role = await permissionService.getRoleByIdAsync(roleId);
+    if (!role) {
+        throw new Error(`Role with id ${roleId} not found`);
+    }
+    // Fetch permissions for the role from database
+    const sql = getSqlClient();
+    const permissions = await sql `
+    SELECT id, collection, action, fields, conditions
+    FROM "baasix_Permission"
+    WHERE "role_Id" = ${roleId}
+  `;
+    // Transform permissions to object format
+    const permissionsObj = permissions.reduce((acc, perm) => {
+        const key = `${perm.collection}_${perm.action}`;
+        acc[key] = {
+            action: perm.action,
+            collection: perm.collection,
+            fields: perm.fields,
+            conditions: perm.conditions,
+        };
+        return acc;
+    }, {});
+    const roleData = {
+        id: role.id,
+        name: role.name,
+        description: role.description,
+        isTenantSpecific: role.isTenantSpecific,
+        permissions: permissionsObj,
+    };
+    // Cache role and permissions with infinite TTL
+    await cache.set(cacheKey, roleData, -1);
+    return roleData;
+}
+/**
+ * Verify JWT token and return decoded payload
+ */
+export function verifyJWT(token) {
+    const secret = env.get("SECRET_KEY");
+    if (!secret) {
+        throw new Error("SECRET_KEY not configured");
+    }
+    try {
+        return jwt.verify(token, secret);
+    }
+    catch (error) {
+        throw new Error(`Invalid token: ${error.message}`);
+    }
+}
+/**
+ * Get user with roles, permissions, and tenant information
+ */
+export async function getUserRolesPermissionsAndTenant(userId, tenantId = null) {
+    try {
+        const sql = getSqlClient();
+        // First, get the user's role assignment
+        let userRoles;
+        if (tenantId) {
+            userRoles = await sql `
+        SELECT
+          ur.id as "userRoleId",
+          ur."user_Id",
+          ur."role_Id",
+          ur."tenant_Id"
+        FROM "baasix_UserRole" ur
+        WHERE ur."user_Id" = ${userId} AND ur."tenant_Id" = ${tenantId}
+        LIMIT 1
+      `;
+        }
+        else {
+            userRoles = await sql `
+        SELECT
+          ur.id as "userRoleId",
+          ur."user_Id",
+          ur."role_Id",
+          ur."tenant_Id"
+        FROM "baasix_UserRole" ur
+        WHERE ur."user_Id" = ${userId}
+        LIMIT 1
+      `;
+        }
+        if (userRoles.length === 0) {
+            throw new Error("User role not found");
+        }
+        const userRole = userRoles[0];
+        // Get role from PermissionService hybrid cache
+        let role = await permissionService.getRoleByIdAsync(userRole.role_Id);
+        // Fallback to database if not in cache
+        if (!role) {
+            const roles = await sql `
+        SELECT id, name, description, "isTenantSpecific"
+        FROM "baasix_Role"
+        WHERE id = ${userRole.role_Id}
+        LIMIT 1
+      `;
+            if (roles.length > 0) {
+                role = {
+                    id: roles[0].id,
+                    name: roles[0].name,
+                    description: roles[0].description,
+                    isTenantSpecific: roles[0].isTenantSpecific,
+                };
+            }
+        }
+        if (!role) {
+            throw new Error(`Role with id ${userRole.role_Id} not found`);
+        }
+        // Fetch permissions for the role
+        const permissions = await sql `
+      SELECT
+        id,
+        collection,
+        action,
+        fields,
+        conditions
+      FROM "baasix_Permission"
+      WHERE "role_Id" = ${userRole.role_Id}
+    `;
+        // Transform permissions to object format
+        const permissionsObj = permissions.reduce((acc, perm) => {
+            const key = `${perm.collection}_${perm.action}`;
+            acc[key] = {
+                action: perm.action,
+                collection: perm.collection,
+                fields: perm.fields,
+                conditions: perm.conditions,
+            };
+            return acc;
+        }, {});
+        // Fetch tenant info if applicable
+        let tenant = null;
+        if (userRole.tenant_Id) {
+            const tenants = await sql `
+        SELECT * FROM "baasix_Tenant"
+        WHERE id = ${userRole.tenant_Id}
+        LIMIT 1
+      `;
+            tenant = tenants.length > 0 ? tenants[0] : null;
+        }
+        return {
+            role: {
+                id: role.id,
+                name: role.name,
+                description: role.description,
+                isTenantSpecific: role.isTenantSpecific,
+            },
+            permissions: permissionsObj,
+            tenant,
+        };
+    }
+    catch (error) {
+        throw new Error(`Error fetching user info: ${error.message}`);
+    }
+}
+/**
+ * Generate JWT token for user
+ */
+export function generateJWT(payload, expiresIn = "7d") {
+    const secret = env.get("SECRET_KEY");
+    if (!secret) {
+        throw new Error("SECRET_KEY not configured");
+    }
+    return jwt.sign(payload, secret, { expiresIn });
+}
+/**
+ * Extract token from Authorization header
+ */
+export function extractTokenFromHeader(authHeader) {
+    if (!authHeader) {
+        return null;
+    }
+    const parts = authHeader.split(" ");
+    if (parts.length === 2 && parts[0] === "Bearer") {
+        return parts[1];
+    }
+    return null;
+}
+/**
+ * Get the public role (from PermissionService hybrid cache)
+ * Returns the public role with its ID, or a fallback if not found
+ */
+export async function getPublicRole() {
+    // Get from PermissionService hybrid cache
+    const publicRole = await permissionService.getPublicRoleAsync();
+    if (publicRole) {
+        return { id: publicRole.id, name: publicRole.name };
+    }
+    // Fallback if roles not loaded yet
+    return { id: null, name: 'public' };
+}
+/**
+ * Authentication middleware for Express
+ * Verifies JWT token and sets req.accountability
+ */
+export const authMiddleware = async (req, res, next) => {
+    try {
+        // Extract token from Authorization header, cookie, query param or body
+        let token = req.headers.authorization?.replace("Bearer ", "");
+        if (!token && req.cookies?.token) {
+            token = req.cookies.token;
+        }
+        if (!token && req.query?.access_token) {
+            token = req.query.access_token;
+        }
+        if (!token && req.body?.access_token) {
+            token = req.body.access_token;
+        }
+        if (!token) {
+            // No token provided - treat as public access
+            const publicRole = await getPublicRole();
+            req.accountability = {
+                user: null,
+                role: publicRole,
+                tenant: null,
+                permissions: [],
+                ipaddress: req.ip || req.connection?.remoteAddress,
+            };
+            return next();
+        }
+        // Verify JWT token
+        const payload = jwt.verify(token, env.get("SECRET_KEY"));
+        // Validate session
+        const session = await validateSession(payload.sessionToken, payload.tenant_Id?.toString() || null);
+        if (!session) {
+            // Session invalid/expired - fall back to public access instead of returning error
+            // This allows public routes to work even with expired cookies
+            const publicRole = await getPublicRole();
+            req.accountability = {
+                user: null,
+                role: publicRole,
+                tenant: null,
+                permissions: [],
+                ipaddress: req.ip || req.connection?.remoteAddress,
+            };
+            return next();
+        }
+        // Get dynamically created tables from schema manager
+        const userTable = schemaManager.getTable("baasix_User");
+        const userRoleTable = schemaManager.getTable("baasix_UserRole");
+        const permissionTable = schemaManager.getTable("baasix_Permission");
+        // Get user details with role
+        let users;
+        if (payload.tenant_Id !== undefined && payload.tenant_Id !== null) {
+            users = await db
+                .select({
+                id: userTable.id,
+                email: userTable.email,
+                firstName: userTable.firstName,
+                lastName: userTable.lastName,
+                role_Id: userRoleTable.role_Id,
+                tenant_Id: userRoleTable.tenant_Id,
+            })
+                .from(userTable)
+                .leftJoin(userRoleTable, eq(userTable.id, userRoleTable.user_Id))
+                .where(and(eq(userTable.id, payload.id), eq(userRoleTable.tenant_Id, payload.tenant_Id)))
+                .limit(1);
+        }
+        else {
+            users = await db
+                .select({
+                id: userTable.id,
+                email: userTable.email,
+                firstName: userTable.firstName,
+                lastName: userTable.lastName,
+                role_Id: userRoleTable.role_Id,
+                tenant_Id: userRoleTable.tenant_Id,
+            })
+                .from(userTable)
+                .leftJoin(userRoleTable, eq(userTable.id, userRoleTable.user_Id))
+                .where(eq(userTable.id, payload.id))
+                .limit(1);
+        }
+        if (!users || users.length === 0) {
+            const publicRole = await getPublicRole();
+            req.accountability = {
+                user: null,
+                role: publicRole,
+                tenant: null,
+                permissions: [],
+                ipaddress: req.ip || req.connection?.remoteAddress,
+            };
+            return next();
+        }
+        const user = users[0];
+        // Get role and permissions from cache or database
+        let role = { id: null, name: "user", isTenantSpecific: false };
+        let permissions = [];
+        if (user.role_Id) {
+            try {
+                const roleData = await getRolesAndPermissions(user.role_Id);
+                role = {
+                    id: roleData.id,
+                    name: roleData.name,
+                    isTenantSpecific: roleData.isTenantSpecific,
+                };
+                permissions = Object.values(roleData.permissions);
+            }
+            catch {
+                // Fallback: use PermissionService hybrid cache for role
+                const cachedRole = await permissionService.getRoleByIdAsync(user.role_Id);
+                if (cachedRole) {
+                    role = {
+                        id: cachedRole.id,
+                        name: cachedRole.name,
+                        isTenantSpecific: cachedRole.isTenantSpecific,
+                    };
+                }
+                // Still need to fetch permissions from DB as fallback
+                permissions = await db
+                    .select()
+                    .from(permissionTable)
+                    .where(eq(permissionTable.role_Id, user.role_Id));
+            }
+        }
+        // Calculate isAdmin based on role name
+        const isAdmin = role.name === 'administrator';
+        // Set accountability object
+        req.accountability = {
+            user: {
+                id: user.id,
+                email: user.email,
+                firstName: user.firstName,
+                lastName: user.lastName,
+                isAdmin: isAdmin,
+                role: role.name,
+            },
+            role: role,
+            tenant: user.tenant_Id || null,
+            permissions: permissions || [],
+            ipaddress: req.ip || req.connection?.remoteAddress,
+        };
+        next();
+    }
+    catch (error) {
+        console.error('Auth middleware error:', error.message);
+        // Fall back to public access on error
+        const publicRole = await getPublicRole();
+        req.accountability = {
+            user: null,
+            role: publicRole,
+            tenant: null,
+            permissions: [],
+            ipaddress: req.ip || req.connection?.remoteAddress,
+        };
+        next();
+    }
+};
+/**
+ * Helper function to check if user is an administrator
+ */
+export const isAdmin = (req) => {
+    return req.accountability?.role?.name === "administrator" || req.accountability?.user?.isAdmin === true;
+};
+/**
+ * Middleware to check for admin access
+ */
+export const adminOnly = (req, res, next) => {
+    if (!isAdmin(req)) {
+        return next(new APIError("Access denied. Administrators only.", 403));
+    }
+    next();
+};
+/**
+ * Create a session in the database
+ */
+export async function createSession(user, expiresInSeconds, sessionType = "default", tenantId = null) {
+    const ItemsService = await getItemsService();
+    const sessionService = new ItemsService('baasix_Sessions');
+    const sessionToken = crypto.randomBytes(32).toString('hex');
+    const expiresAt = new Date(Date.now() + expiresInSeconds * 1000);
+    await sessionService.createOne({
+        token: sessionToken,
+        user_Id: user.id,
+        type: sessionType,
+        expiresAt,
+        tenant_Id: tenantId,
+    });
+    return sessionToken;
+}
+/**
+ * Validate a session token
+ */
+export async function validateSession(token, expectedTenantId = null) {
+    const ItemsService = await getItemsService();
+    const sessionService = new ItemsService('baasix_Sessions');
+    const sessions = await sessionService.readByQuery({
+        filter: { token: { eq: token } },
+        limit: 1,
+    });
+    if (!sessions.data || sessions.data.length === 0) {
+        return null;
+    }
+    const session = sessions.data[0];
+    // Check if session has expired
+    if (new Date() > new Date(session.expiresAt)) {
+        await sessionService.deleteOne(session.id);
+        return null;
+    }
+    // Optional tenant validation for enhanced security
+    const isMultiTenant = env.get("MULTI_TENANT") === "true";
+    if (isMultiTenant && expectedTenantId !== null && expectedTenantId !== undefined && session.tenant_Id !== expectedTenantId) {
+        console.warn(`Session tenant mismatch: expected ${expectedTenantId}, got ${session.tenant_Id}`);
+    }
+    return session;
+}
+/**
+ * Validate session limits for a user
+ */
+export async function validateSessionLimits(userId, sessionType, tenantId = null, role = null) {
+    if (sessionType === "default") {
+        return { isValid: true };
+    }
+    if (!["mobile", "web"].includes(sessionType)) {
+        return { isValid: false, error: "Invalid session type. Must be 'mobile' or 'web'" };
+    }
+    if (role?.name === "administrator") {
+        return { isValid: true };
+    }
+    try {
+        const settingsService = await getSettingsService();
+        const ItemsService = await getItemsService();
+        const isMultiTenantEnabled = env.get("MULTI_TENANT") === "true";
+        let settings;
+        if (isMultiTenantEnabled && tenantId) {
+            settings = await settingsService.getTenantSettings(tenantId);
+        }
+        else {
+            settings = settingsService.getGlobalSettings();
+        }
+        if (!settings) {
+            return { isValid: true };
+        }
+        const limitKey = `${sessionType}_session_limit`;
+        const sessionLimit = settings[limitKey];
+        if (sessionLimit === undefined || sessionLimit === null || sessionLimit === -1) {
+            return { isValid: true };
+        }
+        const sessionLimitRoles = settings.session_limit_roles;
+        if (sessionLimitRoles && Array.isArray(sessionLimitRoles) && sessionLimitRoles.length > 0) {
+            if (!role?.id || !sessionLimitRoles.includes(role.id)) {
+                return { isValid: true };
+            }
+        }
+        if (sessionLimit === 0) {
+            return {
+                isValid: false,
+                error: `${sessionType.charAt(0).toUpperCase() + sessionType.slice(1)} sessions are not allowed`
+            };
+        }
+        const sessionService = new ItemsService('baasix_Sessions');
+        const filter = {
+            user_Id: userId,
+            type: sessionType,
+            expiresAt: { gt: new Date().toISOString() }
+        };
+        if (isMultiTenantEnabled && tenantId) {
+            filter.tenant_Id = tenantId;
+        }
+        const activeSessions = await sessionService.readByQuery({
+            filter,
+            limit: -1
+        }, true);
+        if (activeSessions.data.length >= sessionLimit) {
+            return {
+                isValid: false,
+                error: `Maximum ${sessionType} session limit (${sessionLimit}) reached. Please logout from another device.`
+            };
+        }
+        return { isValid: true };
+    }
+    catch (error) {
+        console.error("Error validating session limits:", error);
+        return { isValid: true };
+    }
+}
+/**
+ * Generate token with session creation
+ */
+export async function generateToken(user, role, tenant = null, ip = null, sessionType = "default") {
+    const expiresIn = parseInt(env.get("ACCESS_TOKEN_EXPIRES_IN") || "3600");
+    const sessionToken = await createSession(user, expiresIn, sessionType, tenant?.id);
+    const payload = {
+        id: user.id,
+        role_Id: role.id,
+        sessionToken,
+    };
+    if (tenant) {
+        payload.tenant_Id = tenant.id;
+    }
+    // Add audit log for login
+    try {
+        const ItemsService = await getItemsService();
+        const auditService = new ItemsService('baasix_AuditLog');
+        await auditService.createOne({
+            type: "auth",
+            action: "login",
+            entity: "baasix_User",
+            entityId: user.id,
+            userId: user.id,
+            ipaddress: ip,
+            tenant_Id: tenant?.id,
+        });
+    }
+    catch (error) {
+        console.error("Error creating audit log:", error);
+    }
+    return generateJWT(payload, `${expiresIn}s`);
+}
+export default authMiddleware;
+//# sourceMappingURL=auth.js.map

package/dist/utils/auth.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../baasix/utils/auth.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,GAAG,MAAM,cAAc,CAAC;AAC/B,OAAO,MAAM,MAAM,QAAQ,CAAC;AAC5B,OAAO,GAAG,MAAM,UAAU,CAAC;AAC3B,OAAO,EAAE,QAAQ,EAAE,MAAM,mBAAmB,CAAC;AAC7C,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACvC,OAAO,EAAE,EAAE,EAAE,MAAM,SAAS,CAAC;AAC7B,OAAO,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAC;AACtC,OAAO,EAAE,EAAE,EAAE,GAAG,EAAE,MAAM,aAAa,CAAC;AACtC,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AACnD,OAAO,EAAE,iBAAiB,EAAE,MAAM,kCAAkC,CAAC;AAMrE;;GAEG;AACH,IAAI,aAAa,GAAQ,IAAI,CAAC;AAC9B,KAAK,UAAU,eAAe;IAC5B,IAAI,CAAC,aAAa,EAAE,CAAC;QACnB,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,6BAA6B,CAAC,CAAC;QAC3D,aAAa,GAAG,MAAM,CAAC,OAAO,IAAI,MAAM,CAAC,YAAY,CAAC;IACxD,CAAC;IACD,OAAO,aAAa,CAAC;AACvB,CAAC;AAED,kCAAkC;AAClC,IAAI,gBAAgB,GAAQ,IAAI,CAAC;AACjC,KAAK,UAAU,kBAAkB;IAC/B,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACtB,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,gCAAgC,CAAC,CAAC;QAC9D,gBAAgB,GAAG,MAAM,CAAC,OAAO,CAAC;IACpC,CAAC;IACD,OAAO,gBAAgB,CAAC;AAC1B,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAAC,MAAuB;IAOlE,MAAM,KAAK,GAAG,QAAQ,EAAE,CAAC;IACzB,MAAM,QAAQ,GAAG,aAAa,MAAM,cAAc,CAAC;IAEnD,oBAAoB;IACpB,MAAM,UAAU,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAC7C,IAAI,UAAU,EAAE,CAAC;QACf,OAAO,UAAU,CAAC;IACpB,CAAC;IAED,iDAAiD;IACjD,MAAM,IAAI,GAAG,MAAM,iBAAiB,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;IAE9D,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,MAAM,IAAI,KAAK,CAAC,gBAAgB,MAAM,YAAY,CAAC,CAAC;IACtD,CAAC;IAED,+CAA+C;IAC/C,MAAM,GAAG,GAAG,YAAY,EAAE,CAAC;IAC3B,MAAM,WAAW,GAAG,MAAM,GAAG,CAAA;;;wBAGP,MAAM;GAC3B,CAAC;IAEF,yCAAyC;IACzC,MAAM,cAAc,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,GAAQ,EAAE,IAAS,EAAE,EAAE;QAChE,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;QAChD,GAAG,CAAC,GAAG,CAAC,GAAG;YACT,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,UAAU,EAAE,IAAI,CAAC,UAAU;SAC5B,CAAC;QACF,OAAO,GAAG,CAAC;IACb,CAAC,EAAE,EAAE,CAAC,CAAC;IAEP,MAAM,QAAQ,GAAG;QACf,EAAE,EAAE,IAAI,CAAC,EAAE;QACX,IAAI,EAAE,IAAI,CAAC,IAAI;QACf,WAAW,EAAE,IAAI,CAAC,WAAW;QAC7B,gBAAgB,EAAE,IAAI,CAAC,gBAAgB;QACvC,WAAW,EAAE,cAAc;KAC5B,CAAC;IAEF,+CAA+C;IAC/C,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAC,CAAC;IACxC,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,SAAS,CAAC,KAAa;IACrC,MAAM,MAAM,GAAG,GAAG,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IACrC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;IAC/C,CAAC;IAED,IAAI,CAAC;QACH,OAAO,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;IACnC,CAAC;IAAC,OAAO,KAAU,EAAE,CAAC;QACpB,MAAM,IAAI,KAAK,CAAC,kBAAkB,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;IACrD,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,gCAAgC,CACpD,MAAuB,EACvB,WAAmC,IAAI;IAWvC,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,YAAY,EAAE,CAAC;QAE3B,wCAAwC;QACxC,IAAI,SAAS,CAAC;QACd,IAAI,QAAQ,EAAE,CAAC;YACb,SAAS,GAAG,MAAM,GAAG,CAAA;;;;;;;+BAOI,MAAM,yBAAyB,QAAQ;;OAE/D,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,SAAS,GAAG,MAAM,GAAG,CAAA;;;;;;;+BAOI,MAAM;;OAE9B,CAAC;QACJ,CAAC;QAED,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC3B,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;QACzC,CAAC;QAED,MAAM,QAAQ,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;QAE9B,+CAA+C;QAC/C,IAAI,IAAI,GAAG,MAAM,iBAAiB,CAAC,gBAAgB,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QAEtE,uCAAuC;QACvC,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,KAAK,GAAG,MAAM,GAAG,CAAA;;;qBAGR,QAAQ,CAAC,OAAO;;OAE9B,CAAC;YACF,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACrB,IAAI,GAAG;oBACL,EAAE,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE;oBACf,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI;oBACnB,WAAW,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,WAAW;oBACjC,gBAAgB,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,gBAAgB;iBAC5C,CAAC;YACJ,CAAC;QACH,CAAC;QAED,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,KAAK,CAAC,gBAAgB,QAAQ,CAAC,OAAO,YAAY,CAAC,CAAC;QAChE,CAAC;QAED,iCAAiC;QACjC,MAAM,WAAW,GAAG,MAAM,GAAG,CAAA;;;;;;;;0BAQP,QAAQ,CAAC,OAAO;KACrC,CAAC;QAEF,yCAAyC;QACzC,MAAM,cAAc,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,GAAQ,EAAE,IAAS,EAAE,EAAE;YAChE,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAChD,GAAG,CAAC,GAAG,CAAC,GAAG;gBACT,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,UAAU,EAAE,IAAI,CAAC,UAAU;gBAC3B,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,UAAU,EAAE,IAAI,CAAC,UAAU;aAC5B,CAAC;YACF,OAAO,GAAG,CAAC;QACb,CAAC,EAAE,EAAE,CAAC,CAAC;QAEP,kCAAkC;QAClC,IAAI,MAAM,GAAG,IAAI,CAAC;QAClB,IAAI,QAAQ,CAAC,SAAS,EAAE,CAAC;YACvB,MAAM,OAAO,GAAG,MAAM,GAAG,CAAA;;qBAEV,QAAQ,CAAC,SAAS;;OAEhC,CAAC;YACF,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QAClD,CAAC;QAED,OAAO;YACL,IAAI,EAAE;gBACJ,EAAE,EAAE,IAAI,CAAC,EAAE;gBACX,IAAI,EAAE,IAAI,CAAC,IAAI;gBACf,WAAW,EAAE,IAAI,CAAC,WAAW;gBAC7B,gBAAgB,EAAE,IAAI,CAAC,gBAAgB;aACxC;YACD,WAAW,EAAE,cAAc;YAC3B,MAAM;SACP,CAAC;IACJ,CAAC;IAAC,OAAO,KAAU,EAAE,CAAC;QACpB,MAAM,IAAI,KAAK,CAAC,6BAA6B,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;IAChE,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,OAA4B,EAAE,YAA6B,IAAI;IACzF,MAAM,MAAM,GAAG,GAAG,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IACrC,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;IAC/C,CAAC;IAED,OAAO,GAAG,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE,SAAS,EAAS,CAAC,CAAC;AACzD,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,sBAAsB,CAAC,UAA8B;IACnE,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACpC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,QAAQ,EAAE,CAAC;QAChD,OAAO,KAAK,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa;IACjC,0CAA0C;IAC1C,MAAM,UAAU,GAAG,MAAM,iBAAiB,CAAC,kBAAkB,EAAE,CAAC;IAEhE,IAAI,UAAU,EAAE,CAAC;QACf,OAAO,EAAE,EAAE,EAAE,UAAU,CAAC,EAAE,EAAE,IAAI,EAAE,UAAU,CAAC,IAAI,EAAE,CAAC;IACtD,CAAC;IAED,mCAAmC;IACnC,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;AACtC,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,MAAM,cAAc,GAAG,KAAK,EAAE,GAAQ,EAAE,GAAQ,EAAE,IAAS,EAAE,EAAE;IACpE,IAAI,CAAC;QACH,uEAAuE;QACvE,IAAI,KAAK,GAAG,GAAG,CAAC,OAAO,CAAC,aAAa,EAAE,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;QAE9D,IAAI,CAAC,KAAK,IAAI,GAAG,CAAC,OAAO,EAAE,KAAK,EAAE,CAAC;YACjC,KAAK,GAAG,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC;QAC5B,CAAC;QAED,IAAI,CAAC,KAAK,IAAI,GAAG,CAAC,KAAK,EAAE,YAAY,EAAE,CAAC;YACtC,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,YAAY,CAAC;QACjC,CAAC;QAED,IAAI,CAAC,KAAK,IAAI,GAAG,CAAC,IAAI,EAAE,YAAY,EAAE,CAAC;YACrC,KAAK,GAAG,GAAG,CAAC,IAAI,CAAC,YAAY,CAAC;QAChC,CAAC;QAED,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,6CAA6C;YAC7C,MAAM,UAAU,GAAG,MAAM,aAAa,EAAE,CAAC;YACzC,GAAG,CAAC,cAAc,GAAG;gBACnB,IAAI,EAAE,IAAI;gBACV,IAAI,EAAE,UAAU;gBAChB,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,EAAE;gBACf,SAAS,EAAE,GAAG,CAAC,EAAE,IAAI,GAAG,CAAC,UAAU,EAAE,aAAa;aACnD,CAAC;YACF,OAAO,IAAI,EAAE,CAAC;QAChB,CAAC;QAED,mBAAmB;QACnB,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,GAAG,CAAC,GAAG,CAAC,YAAY,CAAW,CAAe,CAAC;QAEjF,mBAAmB;QACnB,MAAM,OAAO,GAAG,MAAM,eAAe,CAAC,OAAO,CAAC,YAAY,EAAE,OAAO,CAAC,SAAS,EAAE,QAAQ,EAAE,IAAI,IAAI,CAAC,CAAC;QACnG,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,kFAAkF;YAClF,8DAA8D;YAC9D,MAAM,UAAU,GAAG,MAAM,aAAa,EAAE,CAAC;YACzC,GAAG,CAAC,cAAc,GAAG;gBACnB,IAAI,EAAE,IAAI;gBACV,IAAI,EAAE,UAAU;gBAChB,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,EAAE;gBACf,SAAS,EAAE,GAAG,CAAC,EAAE,IAAI,GAAG,CAAC,UAAU,EAAE,aAAa;aACnD,CAAC;YACF,OAAO,IAAI,EAAE,CAAC;QAChB,CAAC;QAED,qDAAqD;QACrD,MAAM,SAAS,GAAG,aAAa,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;QACxD,MAAM,aAAa,GAAG,aAAa,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC;QAChE,MAAM,eAAe,GAAG,aAAa,CAAC,QAAQ,CAAC,mBAAmB,CAAC,CAAC;QAEpE,6BAA6B;QAC7B,IAAI,KAAK,CAAC;QACV,IAAI,OAAO,CAAC,SAAS,KAAK,SAAS,IAAI,OAAO,CAAC,SAAS,KAAK,IAAI,EAAE,CAAC;YAClE,KAAK,GAAG,MAAM,EAAE;iBACb,MAAM,CAAC;gBACN,EAAE,EAAE,SAAS,CAAC,EAAE;gBAChB,KAAK,EAAE,SAAS,CAAC,KAAK;gBACtB,SAAS,EAAE,SAAS,CAAC,SAAS;gBAC9B,QAAQ,EAAE,SAAS,CAAC,QAAQ;gBAC5B,OAAO,EAAE,aAAa,CAAC,OAAO;gBAC9B,SAAS,EAAE,aAAa,CAAC,SAAS;aACnC,CAAC;iBACD,IAAI,CAAC,SAAS,CAAC;iBACf,QAAQ,CAAC,aAAa,EAAE,EAAE,CAAC,SAAS,CAAC,EAAE,EAAE,aAAa,CAAC,OAAO,CAAC,CAAC;iBAChE,KAAK,CAAC,GAAG,CACR,EAAE,CAAC,SAAS,CAAC,EAAE,EAAE,OAAO,CAAC,EAAE,CAAC,EAC5B,EAAE,CAAC,aAAa,CAAC,SAAS,EAAE,OAAO,CAAC,SAAS,CAAC,CAC/C,CAAC;iBACD,KAAK,CAAC,CAAC,CAAC,CAAC;QACd,CAAC;aAAM,CAAC;YACN,KAAK,GAAG,MAAM,EAAE;iBACb,MAAM,CAAC;gBACN,EAAE,EAAE,SAAS,CAAC,EAAE;gBAChB,KAAK,EAAE,SAAS,CAAC,KAAK;gBACtB,SAAS,EAAE,SAAS,CAAC,SAAS;gBAC9B,QAAQ,EAAE,SAAS,CAAC,QAAQ;gBAC5B,OAAO,EAAE,aAAa,CAAC,OAAO;gBAC9B,SAAS,EAAE,aAAa,CAAC,SAAS;aACnC,CAAC;iBACD,IAAI,CAAC,SAAS,CAAC;iBACf,QAAQ,CAAC,aAAa,EAAE,EAAE,CAAC,SAAS,CAAC,EAAE,EAAE,aAAa,CAAC,OAAO,CAAC,CAAC;iBAChE,KAAK,CAAC,EAAE,CAAC,SAAS,CAAC,EAAE,EAAE,OAAO,CAAC,EAAE,CAAC,CAAC;iBACnC,KAAK,CAAC,CAAC,CAAC,CAAC;QACd,CAAC;QAED,IAAI,CAAC,KAAK,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACjC,MAAM,UAAU,GAAG,MAAM,aAAa,EAAE,CAAC;YACzC,GAAG,CAAC,cAAc,GAAG;gBACnB,IAAI,EAAE,IAAI;gBACV,IAAI,EAAE,UAAU;gBAChB,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,EAAE;gBACf,SAAS,EAAE,GAAG,CAAC,EAAE,IAAI,GAAG,CAAC,UAAU,EAAE,aAAa;aACnD,CAAC;YACF,OAAO,IAAI,EAAE,CAAC;QAChB,CAAC;QAED,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QAEtB,kDAAkD;QAClD,IAAI,IAAI,GAAQ,EAAE,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,gBAAgB,EAAE,KAAK,EAAE,CAAC;QACpE,IAAI,WAAW,GAAU,EAAE,CAAC;QAE5B,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YACjB,IAAI,CAAC;gBACH,MAAM,QAAQ,GAAG,MAAM,sBAAsB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;gBAC5D,IAAI,GAAG;oBACL,EAAE,EAAE,QAAQ,CAAC,EAAE;oBACf,IAAI,EAAE,QAAQ,CAAC,IAAI;oBACnB,gBAAgB,EAAE,QAAQ,CAAC,gBAAgB;iBAC5C,CAAC;gBACF,WAAW,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;YACpD,CAAC;YAAC,MAAM,CAAC;gBACP,wDAAwD;gBACxD,MAAM,UAAU,GAAG,MAAM,iBAAiB,CAAC,gBAAgB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;gBAC1E,IAAI,UAAU,EAAE,CAAC;oBACf,IAAI,GAAG;wBACL,EAAE,EAAE,UAAU,CAAC,EAAE;wBACjB,IAAI,EAAE,UAAU,CAAC,IAAI;wBACrB,gBAAgB,EAAE,UAAU,CAAC,gBAAgB;qBAC9C,CAAC;gBACJ,CAAC;gBAED,sDAAsD;gBACtD,WAAW,GAAG,MAAM,EAAE;qBACnB,MAAM,EAAE;qBACR,IAAI,CAAC,eAAe,CAAC;qBACrB,KAAK,CAAC,EAAE,CAAC,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;YACtD,CAAC;QACH,CAAC;QAED,uCAAuC;QACvC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,KAAK,eAAe,CAAC;QAE9C,4BAA4B;QAC5B,GAAG,CAAC,cAAc,GAAG;YACnB,IAAI,EAAE;gBACJ,EAAE,EAAE,IAAI,CAAC,EAAE;gBACX,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,SAAS,EAAE,IAAI,CAAC,SAAS;gBACzB,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,OAAO,EAAE,OAAO;gBAChB,IAAI,EAAE,IAAI,CAAC,IAAI;aACT;YACR,IAAI,EAAE,IAAW;YACjB,MAAM,EAAE,IAAI,CAAC,SAAS,IAAI,IAAI;YAC9B,WAAW,EAAE,WAAW,IAAI,EAAE;YAC9B,SAAS,EAAE,GAAG,CAAC,EAAE,IAAI,GAAG,CAAC,UAAU,EAAE,aAAa;SACnD,CAAC;QAEF,IAAI,EAAE,CAAC;IACT,CAAC;IAAC,OAAO,KAAU,EAAE,CAAC;QACpB,OAAO,CAAC,KAAK,CAAC,wBAAwB,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;QACvD,sCAAsC;QACtC,MAAM,UAAU,GAAG,MAAM,aAAa,EAAE,CAAC;QACzC,GAAG,CAAC,cAAc,GAAG;YACnB,IAAI,EAAE,IAAI;YACV,IAAI,EAAE,UAAU;YAChB,MAAM,EAAE,IAAI;YACZ,WAAW,EAAE,EAAE;YACf,SAAS,EAAE,GAAG,CAAC,EAAE,IAAI,GAAG,CAAC,UAAU,EAAE,aAAa;SACnD,CAAC;QACF,IAAI,EAAE,CAAC;IACT,CAAC;AACH,CAAC,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,OAAO,GAAG,CAAC,GAAQ,EAAW,EAAE;IAC3C,OAAO,GAAG,CAAC,cAAc,EAAE,IAAI,EAAE,IAAI,KAAK,eAAe,IAAI,GAAG,CAAC,cAAc,EAAE,IAAI,EAAE,OAAO,KAAK,IAAI,CAAC;AAC1G,CAAC,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,SAAS,GAAG,CAAC,GAAQ,EAAE,GAAQ,EAAE,IAAS,EAAE,EAAE;IACzD,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QAClB,OAAO,IAAI,CAAC,IAAI,QAAQ,CAAC,qCAAqC,EAAE,GAAG,CAAC,CAAC,CAAC;IACxE,CAAC;IACD,IAAI,EAAE,CAAC;AACT,CAAC,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,IAAS,EACT,gBAAwB,EACxB,cAAsB,SAAS,EAC/B,WAA0B,IAAI;IAE9B,MAAM,YAAY,GAAG,MAAM,eAAe,EAAE,CAAC;IAC7C,MAAM,cAAc,GAAG,IAAI,YAAY,CAAC,iBAAiB,CAAC,CAAC;IAE3D,MAAM,YAAY,GAAG,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAC5D,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,gBAAgB,GAAG,IAAI,CAAC,CAAC;IAEjE,MAAM,cAAc,CAAC,SAAS,CAAC;QAC7B,KAAK,EAAE,YAAY;QACnB,OAAO,EAAE,IAAI,CAAC,EAAE;QAChB,IAAI,EAAE,WAAW;QACjB,SAAS;QACT,SAAS,EAAE,QAAQ;KACpB,CAAC,CAAC;IAEH,OAAO,YAAY,CAAC;AACtB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,KAAa,EACb,mBAAkC,IAAI;IAEtC,MAAM,YAAY,GAAG,MAAM,eAAe,EAAE,CAAC;IAC7C,MAAM,cAAc,GAAG,IAAI,YAAY,CAAC,iBAAiB,CAAC,CAAC;IAE3D,MAAM,QAAQ,GAAG,MAAM,cAAc,CAAC,WAAW,CAAC;QAChD,MAAM,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE;QAChC,KAAK,EAAE,CAAC;KACT,CAAC,CAAC;IAEH,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,QAAQ,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACjD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAEjC,+BAA+B;IAC/B,IAAI,IAAI,IAAI,EAAE,GAAG,IAAI,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC;QAC7C,MAAM,cAAc,CAAC,SAAS,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QAC3C,OAAO,IAAI,CAAC;IACd,CAAC;IAED,mDAAmD;IACnD,MAAM,aAAa,GAAG,GAAG,CAAC,GAAG,CAAC,cAAc,CAAC,KAAK,MAAM,CAAC;IACzD,IAAI,aAAa,IAAI,gBAAgB,KAAK,IAAI,IAAI,gBAAgB,KAAK,SAAS,IAAI,OAAO,CAAC,SAAS,KAAK,gBAAgB,EAAE,CAAC;QAC3H,OAAO,CAAC,IAAI,CAAC,qCAAqC,gBAAgB,SAAS,OAAO,CAAC,SAAS,EAAE,CAAC,CAAC;IAClG,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,qBAAqB,CACzC,MAAc,EACd,WAAmB,EACnB,WAA0B,IAAI,EAC9B,OAAqD,IAAI;IAEzD,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;QAC9B,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IAC3B,CAAC;IAED,IAAI,CAAC,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;QAC7C,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,iDAAiD,EAAE,CAAC;IACtF,CAAC;IAED,IAAI,IAAI,EAAE,IAAI,KAAK,eAAe,EAAE,CAAC;QACnC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IAC3B,CAAC;IAED,IAAI,CAAC;QACH,MAAM,eAAe,GAAG,MAAM,kBAAkB,EAAE,CAAC;QACnD,MAAM,YAAY,GAAG,MAAM,eAAe,EAAE,CAAC;QAE7C,MAAM,oBAAoB,GAAG,GAAG,CAAC,GAAG,CAAC,cAAc,CAAC,KAAK,MAAM,CAAC;QAChE,IAAI,QAAQ,CAAC;QACb,IAAI,oBAAoB,IAAI,QAAQ,EAAE,CAAC;YACrC,QAAQ,GAAG,MAAM,eAAe,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC;QAC/D,CAAC;aAAM,CAAC;YACN,QAAQ,GAAG,eAAe,CAAC,iBAAiB,EAAE,CAAC;QACjD,CAAC;QAED,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;QAC3B,CAAC;QAED,MAAM,QAAQ,GAAG,GAAG,WAAW,gBAAgB,CAAC;QAChD,MAAM,YAAY,GAAI,QAAgB,CAAC,QAAQ,CAAC,CAAC;QAEjD,IAAI,YAAY,KAAK,SAAS,IAAI,YAAY,KAAK,IAAI,IAAI,YAAY,KAAK,CAAC,CAAC,EAAE,CAAC;YAC/E,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;QAC3B,CAAC;QAED,MAAM,iBAAiB,GAAI,QAAgB,CAAC,mBAAmB,CAAC;QAChE,IAAI,iBAAiB,IAAI,KAAK,CAAC,OAAO,CAAC,iBAAiB,CAAC,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC1F,IAAI,CAAC,IAAI,EAAE,EAAE,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC;gBACtD,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;YAC3B,CAAC;QACH,CAAC;QAED,IAAI,YAAY,KAAK,CAAC,EAAE,CAAC;YACvB,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,GAAG,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC,2BAA2B;aAChG,CAAC;QACJ,CAAC;QAED,MAAM,cAAc,GAAG,IAAI,YAAY,CAAC,iBAAiB,CAAC,CAAC;QAC3D,MAAM,MAAM,GAAQ;YAClB,OAAO,EAAE,MAAM;YACf,IAAI,EAAE,WAAW;YACjB,SAAS,EAAE,EAAE,EAAE,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,EAAE;SAC5C,CAAC;QAEF,IAAI,oBAAoB,IAAI,QAAQ,EAAE,CAAC;YACrC,MAAM,CAAC,SAAS,GAAG,QAAQ,CAAC;QAC9B,CAAC;QAED,MAAM,cAAc,GAAG,MAAM,cAAc,CAAC,WAAW,CAAC;YACtD,MAAM;YACN,KAAK,EAAE,CAAC,CAAC;SACV,EAAE,IAAI,CAAC,CAAC;QAET,IAAI,cAAc,CAAC,IAAI,CAAC,MAAM,IAAI,YAAY,EAAE,CAAC;YAC/C,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,WAAW,WAAW,mBAAmB,YAAY,+CAA+C;aAC5G,CAAC;QACJ,CAAC;QAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IAC3B,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,kCAAkC,EAAE,KAAK,CAAC,CAAC;QACzD,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;IAC3B,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,IAAS,EACT,IAAS,EACT,SAAc,IAAI,EAClB,KAAoB,IAAI,EACxB,cAAsB,SAAS;IAE/B,MAAM,SAAS,GAAG,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC,yBAAyB,CAAC,IAAI,MAAM,CAAC,CAAC;IACzE,MAAM,YAAY,GAAG,MAAM,aAAa,CAAC,IAAI,EAAE,SAAS,EAAE,WAAW,EAAE,MAAM,EAAE,EAAE,CAAC,CAAC;IAEnF,MAAM,OAAO,GAAQ;QACnB,EAAE,EAAE,IAAI,CAAC,EAAE;QACX,OAAO,EAAE,IAAI,CAAC,EAAE;QAChB,YAAY;KACb,CAAC;IAEF,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,CAAC,SAAS,GAAG,MAAM,CAAC,EAAE,CAAC;IAChC,CAAC;IAED,0BAA0B;IAC1B,IAAI,CAAC;QACH,MAAM,YAAY,GAAG,MAAM,eAAe,EAAE,CAAC;QAC7C,MAAM,YAAY,GAAG,IAAI,YAAY,CAAC,iBAAiB,CAAC,CAAC;QACzD,MAAM,YAAY,CAAC,SAAS,CAAC;YAC3B,IAAI,EAAE,MAAM;YACZ,MAAM,EAAE,OAAO;YACf,MAAM,EAAE,aAAa;YACrB,QAAQ,EAAE,IAAI,CAAC,EAAE;YACjB,MAAM,EAAE,IAAI,CAAC,EAAE;YACf,SAAS,EAAE,EAAE;YACb,SAAS,EAAE,MAAM,EAAE,EAAE;SACtB,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,2BAA2B,EAAE,KAAK,CAAC,CAAC;IACpD,CAAC;IAED,OAAO,WAAW,CAAC,OAAO,EAAE,GAAG,SAAS,GAAG,CAAC,CAAC;AAC/C,CAAC;AAED,eAAe,cAAc,CAAC"}

package/dist/utils/cache.d.ts

@@ -0,0 +1,64 @@
+/**
+ * Hybrid L1/L2 Cache Implementation
+ *
+ * Architecture:
+ * - L1 (Memory): Fast reads, always local
+ * - L2 (Redis): Source of truth for multi-instance sync
+ *
+ * For hybrid keys (permissions, settings, auth):
+ * - Reads: Always from L1 (memory) - fast, no network latency
+ * - Writes: Write to both L1 and L2 (Redis)
+ * - Sync: Periodic sync from L2 to L1 every X seconds
+ *
+ * For non-hybrid keys:
+ * - If Redis available: Use Redis directly
+ * - If no Redis: Use in-memory only
+ */
+import Redis from "ioredis";
+/**
+ * Cache interface for both memory and Redis implementations
+ */
+export interface CacheInterface {
+    get(key: string): Promise<any | null>;
+    set(key: string, value: any, expiresIn?: number): Promise<void>;
+    delete(key: string): Promise<void>;
+    del(key: string): Promise<void>;
+    clear(): Promise<void>;
+    invalidateModel(modelName: string): Promise<void>;
+    tryLock(key: string, ttlSeconds?: number): Promise<boolean>;
+    unlock(key: string): Promise<void>;
+    setIfNotExists(key: string, value: any, expiresIn?: number): Promise<boolean>;
+    forceSync(): Promise<void>;
+    isRedisEnabled(): boolean;
+}
+declare global {
+    var __baasix_cache: CacheInterface | null;
+    var __baasix_redisClient: Redis | null;
+    var __baasix_syncInterval: NodeJS.Timeout | null;
+    var __baasix_isRedisEnabled: boolean;
+    var __baasix_l1Cache: Map<string, {
+        value: string;
+        expiry: number;
+    }>;
+    var __baasix_lastSyncedVersion: string | null;
+}
+/**
+ * Initialize cache with hybrid L1/L2 support
+ */
+export declare function initializeCache(options: {
+    ttl: number;
+    uri?: string | null;
+}): void;
+/**
+ * Check if cache has been initialized
+ */
+export declare function isCacheInitialized(): boolean;
+/**
+ * Get cache instance (singleton)
+ */
+export declare function getCache(): CacheInterface;
+/**
+ * Close cache connections
+ */
+export declare function closeCache(): Promise<void>;
+//# sourceMappingURL=cache.d.ts.map

package/dist/utils/cache.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cache.d.ts","sourceRoot":"","sources":["../../baasix/utils/cache.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAEH,OAAO,KAAK,MAAM,SAAS,CAAC;AAG5B;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC;IACtC,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,GAAG,EAAE,SAAS,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAChE,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACnC,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAChC,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IACvB,eAAe,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAClD,OAAO,CAAC,GAAG,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAC5D,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACnC,cAAc,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,GAAG,EAAE,SAAS,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAC9E,SAAS,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IAC3B,cAAc,IAAI,OAAO,CAAC;CAC3B;AAGD,OAAO,CAAC,MAAM,CAAC;IACb,IAAI,cAAc,EAAE,cAAc,GAAG,IAAI,CAAC;IAC1C,IAAI,oBAAoB,EAAE,KAAK,GAAG,IAAI,CAAC;IACvC,IAAI,qBAAqB,EAAE,MAAM,CAAC,OAAO,GAAG,IAAI,CAAC;IACjD,IAAI,uBAAuB,EAAE,OAAO,CAAC;IACrC,IAAI,gBAAgB,EAAE,GAAG,CAAC,MAAM,EAAE;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IACrE,IAAI,0BAA0B,EAAE,MAAM,GAAG,IAAI,CAAC;CAC/C;AAsMD;;GAEG;AACH,wBAAgB,eAAe,CAAC,OAAO,EAAE;IAAE,GAAG,EAAE,MAAM,CAAC;IAAC,GAAG,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;CAAE,GAAG,IAAI,CAkRnF;AAED;;GAEG;AACH,wBAAgB,kBAAkB,IAAI,OAAO,CAE5C;AAED;;GAEG;AACH,wBAAgB,QAAQ,IAAI,cAAc,CAMzC;AAED;;GAEG;AACH,wBAAsB,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC,CAYhD"}