@banata-auth/convex 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (72) hide show
  1. package/LICENSE +21 -0
  2. package/README.md +104 -0
  3. package/dist/auth-config.d.ts +22 -0
  4. package/dist/auth-config.d.ts.map +1 -0
  5. package/dist/auth-config.js +3 -0
  6. package/dist/auth-config.js.map +1 -0
  7. package/dist/auth.d.ts +462 -0
  8. package/dist/auth.d.ts.map +1 -0
  9. package/dist/component/adapter.d.ts +21 -0
  10. package/dist/component/adapter.d.ts.map +1 -0
  11. package/dist/component/adapter.js +3 -0
  12. package/dist/component/adapter.js.map +1 -0
  13. package/dist/component/schema.d.ts +1026 -0
  14. package/dist/component/schema.d.ts.map +1 -0
  15. package/dist/hooks.d.ts +25 -0
  16. package/dist/hooks.d.ts.map +1 -0
  17. package/dist/http.d.ts +41 -0
  18. package/dist/http.d.ts.map +1 -0
  19. package/dist/http.js +62 -0
  20. package/dist/http.js.map +1 -0
  21. package/dist/index.d.ts +9 -0
  22. package/dist/index.d.ts.map +1 -0
  23. package/dist/index.js +9516 -0
  24. package/dist/index.js.map +1 -0
  25. package/dist/node.d.ts +389 -0
  26. package/dist/node.d.ts.map +1 -0
  27. package/dist/node.js +9559 -0
  28. package/dist/node.js.map +1 -0
  29. package/dist/plugins/audit.d.ts +106 -0
  30. package/dist/plugins/audit.d.ts.map +1 -0
  31. package/dist/plugins/config.d.ts +83 -0
  32. package/dist/plugins/config.d.ts.map +1 -0
  33. package/dist/plugins/domains.d.ts +3 -0
  34. package/dist/plugins/domains.d.ts.map +1 -0
  35. package/dist/plugins/email-sender.d.ts +75 -0
  36. package/dist/plugins/email-sender.d.ts.map +1 -0
  37. package/dist/plugins/email-templates.d.ts +108 -0
  38. package/dist/plugins/email-templates.d.ts.map +1 -0
  39. package/dist/plugins/email.d.ts +82 -0
  40. package/dist/plugins/email.d.ts.map +1 -0
  41. package/dist/plugins/enterprise.d.ts +3 -0
  42. package/dist/plugins/enterprise.d.ts.map +1 -0
  43. package/dist/plugins/events.d.ts +40 -0
  44. package/dist/plugins/events.d.ts.map +1 -0
  45. package/dist/plugins/index.d.ts +18 -0
  46. package/dist/plugins/index.d.ts.map +1 -0
  47. package/dist/plugins/index.js +9192 -0
  48. package/dist/plugins/index.js.map +1 -0
  49. package/dist/plugins/organization-rbac.d.ts +3 -0
  50. package/dist/plugins/organization-rbac.d.ts.map +1 -0
  51. package/dist/plugins/portal.d.ts +34 -0
  52. package/dist/plugins/portal.d.ts.map +1 -0
  53. package/dist/plugins/projects.d.ts +16 -0
  54. package/dist/plugins/projects.d.ts.map +1 -0
  55. package/dist/plugins/protection.d.ts +127 -0
  56. package/dist/plugins/protection.d.ts.map +1 -0
  57. package/dist/plugins/types.d.ts +508 -0
  58. package/dist/plugins/types.d.ts.map +1 -0
  59. package/dist/plugins/user-management.d.ts +8 -0
  60. package/dist/plugins/user-management.d.ts.map +1 -0
  61. package/dist/plugins/vault.d.ts +68 -0
  62. package/dist/plugins/vault.d.ts.map +1 -0
  63. package/dist/plugins/webhook.d.ts +65 -0
  64. package/dist/plugins/webhook.d.ts.map +1 -0
  65. package/dist/triggers.d.ts +158 -0
  66. package/dist/triggers.d.ts.map +1 -0
  67. package/dist/triggers.js +36 -0
  68. package/dist/triggers.js.map +1 -0
  69. package/package.json +102 -0
  70. package/src/component/adapter.ts +21 -0
  71. package/src/component/convex.config.ts +15 -0
  72. package/src/component/schema.ts +916 -0
package/dist/node.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/triggers.ts","../src/hooks.ts","../src/plugins/types.ts","../src/plugins/audit.ts","../src/plugins/config.ts","../src/plugins/domains.ts","../src/plugins/email-sender.ts","../src/plugins/email-templates.ts","../src/plugins/email.ts","../../../node_modules/@better-auth/utils/dist/base64.mjs","../src/plugins/enterprise.ts","../src/plugins/events.ts","../src/plugins/organization-rbac.ts","../src/plugins/portal.ts","../src/plugins/projects.ts","../src/plugins/protection.ts","../src/plugins/user-management.ts","../src/plugins/vault.ts","../src/plugins/webhook.ts","../src/auth.ts","../src/node.ts"],"names":["z","p","createAuthEndpoint","esc","vars","result","ensureOrganizationInProject","sessionMiddleware","generateRandomString","SUPER_ADMIN_ROLE_SLUG","organizations","invitation","BUILT_IN_PERMISSIONS","project","safeJsonParse","betterAuth"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;AAkMA,eAAsB,cAAA,CACrB,WAAA,EACA,OAAA,EACA,GAAA,EACA,IAAA,EACgB;AAChB,EAAA,IAAI,CAAC,OAAA,EAAS;AAEd,EAAA,IAAI;AACH,IAAA,MAAM,OAAA,CAAQ,KAAK,IAAI,CAAA;AAAA,EACxB,SAAS,KAAA,EAAO;AAEf,IAAA,OAAA,CAAQ,KAAA;AAAA,MACP,yBAAyB,WAAW,CAAA,SAAA,CAAA;AAAA,MACpC,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,OAAO,KAAK;AAAA,KACtD;AAAA,EACD;AACD;AAUO,SAAS,qBAAqB,GAAA,EAAmD;AAIvF,EAAA,MAAM,SAAA,GAAY,GAAA;AAElB,EAAA,OAAO;AAAA,IACN,QAAA,EAAW,UAAU,QAAA,IAAY,IAAA;AAAA,IACjC,WAAA,EAAc,UAAU,WAAA,IAAe,IAAA;AAAA,IACvC,SAAA,EAAY,UAAU,SAAA,IAAa,IAAA;AAAA,IACnC,SAAA,EAAY,UAAU,SAAA,IAAa;AAAA,MAClC,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA;AACR,GACD;AACD;AAEA,eAAe,IAAA,GAAuB;AACrC,EAAA,MAAM,IAAI,KAAA;AAAA,IACT;AAAA,GACD;AACD;;;ACrNA,SAAS,cAAc,MAAA,EAA8C;AACpE,EAAA,OAAO;AAAA,IACN,KAAK,MAAA,CAAO,MAAA,CAAO,EAAA,IAAM,MAAA,CAAO,OAAO,EAAE,CAAA;AAAA,IACzC,IAAA,EAAM,MAAA,CAAO,MAAA,CAAO,IAAA,IAAQ,EAAE,CAAA;AAAA,IAC9B,KAAA,EAAO,MAAA,CAAO,MAAA,CAAO,KAAA,IAAS,EAAE,CAAA;AAAA,IAChC,aAAA,EAAe,OAAA,CAAQ,MAAA,CAAO,aAAa,CAAA;AAAA,IAC3C,OAAO,MAAA,CAAO,KAAA;AAAA,IACd,UAAU,MAAA,CAAO,QAAA;AAAA,IACjB,MAAM,MAAA,CAAO,IAAA;AAAA,IACb,QAAQ,MAAA,CAAO,MAAA;AAAA,IACf,kBAAkB,MAAA,CAAO,gBAAA;AAAA,IACzB,aAAa,MAAA,CAAO,WAAA;AAAA,IACpB,UAAU,MAAA,CAAO,QAAA;AAAA,IACjB,WAAW,MAAA,CAAO,MAAA,CAAO,SAAA,IAAa,IAAA,CAAK,KAAK,CAAA;AAAA,IAChD,WAAW,MAAA,CAAO,MAAA,CAAO,SAAA,IAAa,IAAA,CAAK,KAAK;AAAA,GACjD;AACD;AAKA,SAAS,iBAAiB,MAAA,EAAiD;AAC1E,EAAA,OAAO;AAAA,IACN,KAAK,MAAA,CAAO,MAAA,CAAO,EAAA,IAAM,MAAA,CAAO,OAAO,EAAE,CAAA;AAAA,IACzC,MAAA,EAAQ,MAAA,CAAO,MAAA,CAAO,MAAA,IAAU,EAAE,CAAA;AAAA,IAClC,SAAA,EAAW,MAAA,CAAO,MAAA,CAAO,SAAA,IAAa,CAAC,CAAA;AAAA,IACvC,WAAW,MAAA,CAAO,SAAA;AAAA,IAClB,WAAW,MAAA,CAAO,SAAA;AAAA,IAClB,sBAAsB,MAAA,CAAO,oBAAA;AAAA,IAC7B,gBAAgB,MAAA,CAAO,cAAA;AAAA,IACvB,WAAW,MAAA,CAAO,MAAA,CAAO,SAAA,IAAa,IAAA,CAAK,KAAK,CAAA;AAAA,IAChD,WAAW,MAAA,CAAO,MAAA,CAAO,SAAA,IAAa,IAAA,CAAK,KAAK;AAAA,GACjD;AACD;AAKA,SAAS,sBAAsB,MAAA,EAAsD;AACpF,EAAA,OAAO;AAAA,IACN,KAAK,MAAA,CAAO,MAAA,CAAO,EAAA,IAAM,MAAA,CAAO,OAAO,EAAE,CAAA;AAAA,IACzC,IAAA,EAAM,MAAA,CAAO,MAAA,CAAO,IAAA,IAAQ,EAAE,CAAA;AAAA,IAC9B,IAAA,EAAM,MAAA,CAAO,MAAA,CAAO,IAAA,IAAQ,EAAE,CAAA;AAAA,IAC9B,MAAM,MAAA,CAAO,IAAA;AAAA,IACb,UAAU,MAAA,CAAO,QAAA;AAAA,IACjB,WAAW,MAAA,CAAO,MAAA,CAAO,SAAA,IAAa,IAAA,CAAK,KAAK,CAAA;AAAA,IAChD,WAAW,MAAA,CAAO,MAAA,CAAO,SAAA,IAAa,IAAA,CAAK,KAAK;AAAA,GACjD;AACD;AAKA,SAAS,gBAAgB,MAAA,EAAgD;AACxE,EAAA,OAAO;AAAA,IACN,KAAK,MAAA,CAAO,MAAA,CAAO,EAAA,IAAM,MAAA,CAAO,OAAO,EAAE,CAAA;AAAA,IACzC,cAAA,EAAgB,MAAA,CAAO,MAAA,CAAO,cAAA,IAAkB,EAAE,CAAA;AAAA,IAClD,MAAA,EAAQ,MAAA,CAAO,MAAA,CAAO,MAAA,IAAU,EAAE,CAAA;AAAA,IAClC,IAAA,EAAM,MAAA,CAAO,MAAA,CAAO,IAAA,IAAQ,EAAE,CAAA;AAAA,IAC9B,WAAW,MAAA,CAAO,MAAA,CAAO,SAAA,IAAa,IAAA,CAAK,KAAK,CAAA;AAAA,IAChD,WAAW,MAAA,CAAO,MAAA,CAAO,SAAA,IAAa,IAAA,CAAK,KAAK;AAAA,GACjD;AACD;AASA,SAAS,SAAS,KAAA,EAAyC;AAC1D,EAAA,IAAI,OAAO,KAAA,KAAU,QAAA,IAAY,KAAA,KAAU,IAAA,EAAM;AAChD,IAAA,OAAO,KAAA;AAAA,EACR;AACA,EAAA,OAAO,EAAC;AACT;AAoCO,SAAS,mBAAA,CACf,KACA,QAAA,EACqC;AACrC,EAAA,IAAI,CAAC,UAAU,OAAO,MAAA;AAEtB,EAAA,MAAM,UAAA,GAAa,qBAAqB,GAAG,CAAA;AAE3C,EAAA,MAAM,KAAA,GAA0B;AAAA,IAC/B,IAAA,EAAM;AAAA,MACL,MAAA,EAAQ;AAAA,QACP,KAAA,EAAO,OAAO,MAAA,KAAoB;AACjC,UAAA,MAAM,cAAA;AAAA,YACL,eAAA;AAAA,YACA,QAAA,CAAS,aAAA;AAAA,YACT,UAAA;AAAA,YACA,aAAA,CAAc,QAAA,CAAS,MAAM,CAAC;AAAA,WAC/B;AAAA,QACD;AAAA,OACD;AAAA,MACA,MAAA,EAAQ;AAAA,QACP,KAAA,EAAO,OAAO,MAAA,KAAoB;AAIjC,UAAA,MAAM,WAAA,GAAc,aAAA,CAAc,QAAA,CAAS,MAAM,CAAC,CAAA;AAClD,UAAA,MAAM,cAAA,CAAe,eAAA,EAAiB,QAAA,CAAS,aAAA,EAAe,UAAA,EAAY;AAAA,YACzE,OAAA,EAAS,WAAA;AAAA,YACT,OAAA,EAAS;AAAA,WACT,CAAA;AAAA,QACF;AAAA;AACD,KACD;AAAA,IACA,OAAA,EAAS;AAAA,MACR,MAAA,EAAQ;AAAA,QACP,KAAA,EAAO,OAAO,MAAA,KAAoB;AACjC,UAAA,MAAM,cAAA;AAAA,YACL,kBAAA;AAAA,YACA,QAAA,CAAS,gBAAA;AAAA,YACT,UAAA;AAAA,YACA,gBAAA,CAAiB,QAAA,CAAS,MAAM,CAAC;AAAA,WAClC;AAAA,QACD;AAAA;AACD,KACD;AAAA,IACA,YAAA,EAAc;AAAA,MACb,MAAA,EAAQ;AAAA,QACP,KAAA,EAAO,OAAO,MAAA,KAAoB;AACjC,UAAA,MAAM,cAAA;AAAA,YACL,uBAAA;AAAA,YACA,QAAA,CAAS,qBAAA;AAAA,YACT,UAAA;AAAA,YACA,qBAAA,CAAsB,QAAA,CAAS,MAAM,CAAC;AAAA,WACvC;AAAA,QACD;AAAA,OACD;AAAA,MACA,MAAA,EAAQ;AAAA,QACP,KAAA,EAAO,OAAO,MAAA,KAAoB;AACjC,UAAA,MAAM,UAAA,GAAa,qBAAA,CAAsB,QAAA,CAAS,MAAM,CAAC,CAAA;AACzD,UAAA,MAAM,cAAA;AAAA,YACL,uBAAA;AAAA,YACA,QAAA,CAAS,qBAAA;AAAA,YACT,UAAA;AAAA,YACA;AAAA,cACC,MAAA,EAAQ,UAAA;AAAA,cACR,MAAA,EAAQ;AAAA;AACT,WACD;AAAA,QACD;AAAA;AACD,KACD;AAAA,IACA,MAAA,EAAQ;AAAA,MACP,MAAA,EAAQ;AAAA,QACP,KAAA,EAAO,OAAO,MAAA,KAAoB;AACjC,UAAA,MAAM,cAAA;AAAA,YACL,eAAA;AAAA,YACA,QAAA,CAAS,aAAA;AAAA,YACT,UAAA;AAAA,YACA,eAAA,CAAgB,QAAA,CAAS,MAAM,CAAC;AAAA,WACjC;AAAA,QACD;AAAA;AACD;AACD,GACD;AAMA,EAAA,OAAO,KAAA;AACR;ACiQO,SAAS,eAAe,KAAA,EAAuD;AACrF,EAAA,MAAM,GAAA,GAAM,KAAA,CAAM,OAAA,CAAQ,KAAK,CAAA,GAAI,KAAA,GAAQ,OAAO,KAAA,KAAU,QAAA,GAAW,KAAA,CAAM,KAAA,CAAM,GAAG,IAAI,EAAC;AAC3F,EAAA,OAAO,KAAA,CAAM,IAAA,CAAK,IAAI,GAAA,CAAI,IAAI,GAAA,CAAI,CAAC,IAAA,KAAS,IAAA,CAAK,MAAM,CAAA,CAAE,MAAA,CAAO,OAAO,CAAC,CAAC,CAAA;AAC1E;AAEO,SAAS,kBAAkB,IAAA,EAA0C;AAC3E,EAAA,OAAO,IAAA,KAAS,WAAW,IAAA,KAAS,aAAA;AACrC;AAEO,SAAS,kBAAkB,IAAA,EAA6D;AAC9F,EAAA,OAAO,iBAAA,CAAkB,MAAM,IAAI,CAAA;AACpC;AAoBO,SAAS,qBAAqB,GAAA,EAGnC;AACD,EAAA,MAAM,WAAA,GAAc,IAAI,OAAA,EAAS,OAAA;AACjC,EAAA,IAAI,CAAC,WAAA,EAAa,IAAA,EAAM,MAAM,CAAC,WAAA,EAAa,SAAS,EAAA,EAAI;AACxD,IAAA,MAAM,IAAI,KAAA,CAAM,cAAA,EAAgB,EAAE,OAAA,EAAS,2BAA2B,CAAA;AAAA,EACvE;AAEA,EAAA,OAAO;AAAA,IACN,SAAS,WAAA,CAAY,OAAA;AAAA,IACrB,MAAM,WAAA,CAAY;AAAA,GACnB;AACD;AAaO,SAAS,mBAAmB,GAAA,EAGjC;AACD,EAAA,MAAM,IAAA,GAAO,qBAAqB,GAAG,CAAA;AACrC,EAAA,IAAI,CAAC,iBAAA,CAAkB,IAAA,CAAK,IAAI,CAAA,EAAG;AAClC,IAAA,MAAM,IAAI,KAAA,CAAM,WAAA,EAAa,EAAE,OAAA,EAAS,gCAAgC,CAAA;AAAA,EACzE;AAEA,EAAA,OAAO,IAAA;AACR;AAEA,eAAsB,kBAAA,CACrB,IACA,MAAA,EAIuB;AACvB,EAAA,MAAM,WAAA,uBAAkB,GAAA,EAAY;AACpC,EAAA,MAAM,EAAE,SAAA,EAAW,SAAA,EAAU,GAAI,MAAA;AAEjC,EAAA,IAAI,SAAA,CAAU,MAAA,KAAW,CAAA,EAAG,OAAO,WAAA;AACnC,EAAA,IAAI,SAAA,CAAU,QAAA,CAAS,aAAa,CAAA,EAAG;AACtC,IAAA,WAAA,CAAY,IAAI,GAAG,CAAA;AACnB,IAAA,OAAO,WAAA;AAAA,EACR;AACA,EAAA,IAAI,CAAC,WAAW,OAAO,WAAA;AAEvB,EAAA,MAAM,kBAAA,GAAqB,IAAI,GAAA,CAAI,SAAS,CAAA;AAC5C,EAAA,MAAM,QAAA,GAAW,MAAM,EAAA,CAAG,QAAA,CAA4B;AAAA,IACrD,KAAA,EAAO,gBAAA;AAAA,IACP,OAAO,CAAC,EAAE,OAAO,WAAA,EAAa,KAAA,EAAO,WAAW,CAAA;AAAA,IAChD,KAAA,EAAO;AAAA,GACP,CAAA;AAED,EAAA,KAAA,MAAW,OAAO,QAAA,EAAU;AAC3B,IAAA,IAAI,CAAC,mBAAmB,GAAA,CAAI,GAAA,CAAI,IAAI,CAAA,IAAK,CAAC,IAAI,WAAA,EAAa;AAC3D,IAAA,IAAI;AACH,MAAA,MAAM,cAAA,GAAiB,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,WAAW,CAAA;AACjD,MAAA,KAAA,MAAW,cAAc,cAAA,EAAgB;AACxC,QAAA,IAAI,OAAO,UAAA,KAAe,QAAA,IAAY,UAAA,CAAW,SAAS,CAAA,EAAG;AAC5D,UAAA,WAAA,CAAY,IAAI,UAAU,CAAA;AAAA,QAC3B;AAAA,MACD;AAAA,IACD,CAAA,CAAA,MAAQ;AAAA,IAER;AAAA,EACD;AAEA,EAAA,OAAO,WAAA;AACR;AAUA,eAAsB,8BAAA,CACrB,IACA,MAAA,EAIuB;AACvB,EAAA,MAAM,WAAA,uBAAkB,GAAA,EAAY;AACpC,EAAA,MAAM,EAAE,MAAA,EAAQ,SAAA,EAAU,GAAI,MAAA;AAE9B,EAAA,IAAI,CAAC,WAAW,OAAO,WAAA;AAEvB,EAAA,MAAM,QAAA,GAAW,MAAM,EAAA,CAAG,QAAA,CAAsB;AAAA,IAC/C,KAAA,EAAO,MAAA;AAAA,IACP,OAAO,CAAC,EAAE,OAAO,IAAA,EAAM,KAAA,EAAO,QAAQ,CAAA;AAAA,IACtC,KAAA,EAAO;AAAA,GACP,CAAA;AACD,EAAA,MAAM,IAAA,GAAO,SAAS,CAAC,CAAA;AACvB,EAAA,IAAI,iBAAA,CAAkB,IAAI,CAAA,EAAG;AAC5B,IAAA,WAAA,CAAY,IAAI,GAAG,CAAA;AACnB,IAAA,OAAO,WAAA;AAAA,EACR;AAEA,EAAA,MAAM,WAAA,GAAc,MAAM,EAAA,CAAG,QAAA,CAA0B;AAAA,IACtD,KAAA,EAAO,SAAA;AAAA,IACP,OAAO,CAAC,EAAE,OAAO,IAAA,EAAM,KAAA,EAAO,WAAW,CAAA;AAAA,IACzC,KAAA,EAAO;AAAA,GACP,CAAA;AACD,EAAA,IAAI,WAAA,CAAY,CAAC,CAAA,EAAG,OAAA,KAAY,MAAA,EAAQ;AACvC,IAAA,WAAA,CAAY,IAAI,GAAG,CAAA;AACnB,IAAA,OAAO,WAAA;AAAA,EACR;AAEA,EAAA,MAAM,UAAA,GAAa,MAAM,EAAA,CAAG,QAAA,CAA8B;AAAA,IACzD,KAAA,EAAO,QAAA;AAAA,IACP,KAAA,EAAO;AAAA,MACN,EAAE,KAAA,EAAO,WAAA,EAAa,KAAA,EAAO,SAAA,EAAU;AAAA,MACvC,EAAE,KAAA,EAAO,QAAA,EAAU,KAAA,EAAO,MAAA;AAAO,KAClC;AAAA,IACA,KAAA,EAAO;AAAA,GACP,CAAA;AACD,EAAA,IAAI,UAAA,CAAW,MAAA,KAAW,CAAA,EAAG,OAAO,WAAA;AAEpC,EAAA,MAAM,SAAA,uBAAgB,GAAA,EAAY;AAClC,EAAA,KAAA,MAAW,UAAU,UAAA,EAAY;AAChC,IAAA,KAAA,MAAW,IAAA,IAAQ,cAAA,CAAe,MAAA,CAAO,IAAI,CAAA,EAAG;AAC/C,MAAA,SAAA,CAAU,IAAI,IAAI,CAAA;AAAA,IACnB;AAAA,EACD;AACA,EAAA,IAAI,SAAA,CAAU,IAAA,KAAS,CAAA,EAAG,OAAO,WAAA;AAEjC,EAAA,MAAM,eAAA,GAAkB,MAAM,kBAAA,CAAmB,EAAA,EAAI;AAAA,IACpD,SAAA;AAAA,IACA,SAAA,EAAW,KAAA,CAAM,IAAA,CAAK,SAAS;AAAA,GAC/B,CAAA;AACD,EAAA,KAAA,MAAW,cAAc,eAAA,EAAiB;AACzC,IAAA,WAAA,CAAY,IAAI,UAAU,CAAA;AAAA,EAC3B;AAEA,EAAA,OAAO,WAAA;AACR;AAKA,eAAsB,wBAAA,CACrB,KACA,MAAA,EAKgB;AAChB,EAAA,MAAM,EAAE,IAAA,EAAK,GAAI,oBAAA,CAAqB,GAAG,CAAA;AACzC,EAAA,MAAM,EAAE,EAAA,EAAI,UAAA,EAAY,SAAA,EAAU,GAAI,MAAA;AAEtC,EAAA,IAAI,CAAC,SAAA,EAAW;AACf,IAAA,MAAM,GAAA,CAAI,MAAM,WAAA,EAAa;AAAA,MAC5B,OAAA,EAAS,kDAAmD,UAAU,CAAA,CAAA;AAAA,KACtE,CAAA;AAAA,EACF;AAEA,EAAA,MAAM,WAAA,GAAc,MAAM,8BAAA,CAA+B,EAAA,EAAI;AAAA,IAC5D,QAAQ,IAAA,CAAK,EAAA;AAAA,IACb;AAAA,GACA,CAAA;AACD,EAAA,IAAI,YAAY,GAAA,CAAI,GAAG,KAAK,WAAA,CAAY,GAAA,CAAI,UAAU,CAAA,EAAG;AACxD,IAAA;AAAA,EACD;AAEA,EAAA,MAAM,GAAA,CAAI,MAAM,WAAA,EAAa;AAAA,IAC5B,OAAA,EAAS,uBAAuB,UAAU,CAAA;AAAA,GAC1C,CAAA;AACF;AASO,IAAM,kBAAA,GAAqB,EAAE,MAAA,CAAO;AAAA,EAC1C,SAAA,EAAW,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AACvB,CAAC,CAAA;AAYM,SAAS,eAAA,CACf,MACA,IAAA,EAQC;AACD,EAAA,MAAM,YAAY,OAAO,IAAA,CAAK,SAAA,KAAc,QAAA,GAAW,KAAK,SAAA,GAAY,MAAA;AACxE,EAAA,IAAI,CAAC,SAAA,EAAW;AACf,IAAA,IAAI,MAAM,QAAA,EAAU;AACnB,MAAA,OAAO,EAAE,OAAO,EAAC,EAAG,MAAM,EAAC,EAAG,WAAW,MAAA,EAAU;AAAA,IACpD;AACA,IAAA,MAAM,IAAI,KAAA;AAAA,MACT;AAAA,KACD;AAAA,EACD;AACA,EAAA,OAAO;AAAA,IACN,OAAO,CAAC,EAAE,OAAO,WAAA,EAAa,KAAA,EAAO,WAAW,CAAA;AAAA,IAChD,IAAA,EAAM,EAAE,SAAA,EAAU;AAAA,IAClB;AAAA,GACD;AACD;;;AC9rBA,SAAS,aAAa,IAAA,EAA6B;AAClD,EAAA,MAAM,GAAA,GAA8B;AAAA;AAAA,IAEnC,gBAAA,EAAkB,YAAA;AAAA,IAClB,iBAAA,EAAmB,mBAAA;AAAA,IACnB,gBAAA,EAAkB,aAAA;AAAA,IAClB,WAAA,EAAa,aAAA;AAAA;AAAA,IAGb,kBAAA,EAAoB,6BAAA;AAAA,IACpB,iBAAA,EAAmB,qBAAA;AAAA,IACnB,kBAAA,EAAoB,sBAAA;AAAA;AAAA,IAGpB,cAAA,EAAgB,aAAA;AAAA,IAChB,eAAA,EAAiB,qBAAA;AAAA;AAAA,IAGjB,oBAAA,EAAsB,wBAAA;AAAA,IACtB,qBAAA,EAAuB,yBAAA;AAAA;AAAA,IAGvB,sBAAA,EAAwB,qBAAA;AAAA,IACxB,sBAAA,EAAwB,qBAAA;AAAA,IACxB,sBAAA,EAAwB,qBAAA;AAAA,IACxB,6BAAA,EAA+B,4BAAA;AAAA,IAC/B,6BAAA,EAA+B,4BAAA;AAAA,IAC/B,kCAAA,EAAoC,iCAAA;AAAA;AAAA,IAGpC,iBAAA,EAAmB,gBAAA;AAAA,IACnB,mBAAA,EAAqB,kBAAA;AAAA,IACrB,iBAAA,EAAmB,wBAAA;AAAA,IACnB,oBAAA,EAAsB,mBAAA;AAAA,IACtB,yBAAA,EAA2B,mBAAA;AAAA;AAAA,IAG3B,sBAAA,EAAwB,uBAAA;AAAA,IACxB,6BAAA,EAA+B,uBAAA;AAAA,IAC/B,6BAAA,EAA+B,uBAAA;AAAA,IAC/B,cAAA,EAAgB,WAAA;AAAA;AAAA,IAGhB,uBAAA,EAAyB,uBAAA;AAAA,IACzB,8BAAA,EAAgC,uBAAA;AAAA;AAAA,IAGhC,wBAAA,EAA0B,gCAAA;AAAA,IAC1B,wBAAA,EAA0B,gCAAA;AAAA,IAC1B,wBAAA,EAA0B,gCAAA;AAAA;AAAA,IAG1B,iBAAA,EAAmB,gBAAA;AAAA,IACnB,iBAAA,EAAmB;AAAA,GACpB;AAGA,EAAA,KAAA,MAAW,CAAC,OAAA,EAAS,MAAM,KAAK,MAAA,CAAO,OAAA,CAAQ,GAAG,CAAA,EAAG;AACpD,IAAA,IAAI,KAAK,QAAA,CAAS,OAAO,KAAK,IAAA,CAAK,QAAA,CAAS,OAAO,CAAA,EAAG;AACrD,MAAA,OAAO,MAAA;AAAA,IACR;AAAA,EACD;AACA,EAAA,OAAO,IAAA;AACR;AAIA,IAAM,mBAAA,GAAsBA,EAC1B,MAAA,CAAO;AAAA,EACP,cAAA,EAAgBA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACpC,MAAA,EAAQA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC5B,OAAA,EAASA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC7B,KAAA,EAAOA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC3B,KAAA,EAAOA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC3B,MAAA,EAAQA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AACpB,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,oBAAA,GAAuBA,EAC3B,MAAA,CAAO;AAAA,EACP,MAAA,EAAQA,EAAE,MAAA,EAAO;AAAA,EACjB,SAAA,EAAWA,EAAE,MAAA,EAAO;AAAA,EACpB,OAAA,EAASA,EAAE,MAAA,EAAO;AAAA,EAClB,SAAA,EAAWA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC/B,UAAA,EAAYA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAChC,OAAA,EAASA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC7B,cAAA,EAAgBA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACpC,SAAA,EAAWA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC/B,SAAA,EAAWA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC/B,OAAA,EAASA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC7B,QAAA,EAAUA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC9B,cAAA,EAAgBA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACpC,UAAA,EAAYA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AACxB,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,qBAAA,GAAwBA,EAC5B,MAAA,CAAO;AAAA,EACP,cAAA,EAAgBA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACpC,MAAA,EAAQA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC5B,SAAA,EAAWA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC/B,OAAA,EAASA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC7B,MAAA,EAAQA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA;AAAA,EAE5B,KAAA,EAAOA,CAAAA,CAAE,MAAA,EAAO,CAAE,GAAA,CAAI,CAAC,CAAA,CAAE,GAAA,CAAI,GAAI,CAAA,CAAE,QAAA,EAAS;AAAA;AAAA,EAE5C,MAAA,EAAQA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AACpB,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AA4BnB,SAAS,SAAS,OAAA,EAAmD;AAE3E,EAAA,MAAM,cAAA,GAA4C,EAAC;AAEnD,EAAA,OAAO;AAAA,IACN,EAAA,EAAI,kBAAA;AAAA;AAAA,IAGJ,MAAA,EAAQ;AAAA,MACP,UAAA,EAAY;AAAA,QACX,MAAA,EAAQ;AAAA,UACP,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAmB,UAAU,KAAA,EAAM;AAAA,UACtD,MAAA,EAAQ,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UACzC,OAAA,EAAS,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAC3C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC5C,OAAA,EAAS,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC1C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAC7C,UAAA,EAAY,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAC9C,aAAA,EAAe,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UACjD,OAAA,EAAS,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAC3C,cAAA,EAAgB,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAClD,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAC7C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAC7C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAC7C,OAAA,EAAS,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAC3C,cAAA,EAAgB,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAClD,QAAA,EAAU,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAC5C,UAAA,EAAY,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC7C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA;AAAK;AAC7C;AACD,KACD;AAAA;AAAA,IAGA,SAAA,EAAW;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,MASV,aAAA,EAAe,kBAAA;AAAA,QACd,yBAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UACR,cAAA,EAAgB,IAAA;AAAA,UAChB,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,KAAA,GAAQ,gBAAgB,IAA+B,CAAA;AAC7D,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,UAAA,EAAY,YAAA;AAAA,YACZ,WAAW,KAAA,CAAM;AAAA,WACjB,CAAA;AAGD,UAAA,MAAM,OAAA,GAAyB,CAAC,GAAG,KAAA,CAAM,KAAK,CAAA;AAC9C,UAAA,IAAI,KAAK,cAAA,EAAgB;AACxB,YAAA,OAAA,CAAQ,KAAK,EAAE,KAAA,EAAO,kBAAkB,KAAA,EAAO,IAAA,CAAK,gBAAgB,CAAA;AAAA,UACrE;AACA,UAAA,IAAI,KAAK,MAAA,EAAQ;AAChB,YAAA,OAAA,CAAQ,KAAK,EAAE,KAAA,EAAO,UAAU,KAAA,EAAO,IAAA,CAAK,QAAQ,CAAA;AAAA,UACrD;AACA,UAAA,IAAI,KAAK,OAAA,EAAS;AACjB,YAAA,OAAA,CAAQ,KAAK,EAAE,KAAA,EAAO,WAAW,KAAA,EAAO,IAAA,CAAK,SAAS,CAAA;AAAA,UACvD;AAEA,UAAA,MAAM,KAAA,GAAQ,KAAK,KAAA,IAAS,EAAA;AAE5B,UAAA,MAAM,MAAA,GAAS,MAAM,EAAA,CAAG,QAAA,CAAwB;AAAA,YAC/C,KAAA,EAAO,YAAA;AAAA,YACP,KAAA,EAAO,OAAA;AAAA,YACP,KAAA;AAAA,YACA,MAAA,EAAQ,EAAE,KAAA,EAAO,YAAA,EAAc,WAAW,MAAA;AAAO,WACjD,CAAA;AAED,UAAA,OAAO,IAAI,IAAA,CAAK;AAAA,YACf,IAAA,EAAM,MAAA;AAAA,YACN,YAAA,EAAc,EAAE,MAAA,EAAQ,IAAA,EAAM,OAAO,IAAA;AAAK,WAC1C,CAAA;AAAA,QACF;AAAA,OACD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,MAWA,cAAA,EAAgB,kBAAA;AAAA,QACf,2BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UACR,cAAA,EAAgB,IAAA;AAAA,UAChB,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,UAAA,MAAM,KAAA,GAAQ,gBAAgB,IAA+B,CAAA;AAC7D,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,UAAA,EAAY,YAAA;AAAA,YACZ,WAAW,KAAA,CAAM;AAAA,WACjB,CAAA;AAID,UAAA,MAAM,IAAA,GAAgC;AAAA,YACrC,GAAG,KAAA,CAAM,IAAA;AAAA,YACT,QAAQ,IAAA,CAAK,MAAA;AAAA,YACb,OAAA,EAAS,CAAA;AAAA,YACT,WAAW,IAAA,CAAK,SAAA;AAAA,YAChB,SAAS,IAAA,CAAK,OAAA;AAAA,YACd,UAAA,EAAY,KAAK,UAAA,IAAc,GAAA;AAAA,YAC/B,SAAA,EAAW;AAAA,WACZ;AACA,UAAA,IAAI,IAAA,CAAK,SAAA,EAAW,IAAA,CAAK,SAAA,GAAY,IAAA,CAAK,SAAA;AAC1C,UAAA,IAAI,IAAA,CAAK,UAAA,EAAY,IAAA,CAAK,UAAA,GAAa,IAAA,CAAK,UAAA;AAC5C,UAAA,IAAI,IAAA,CAAK,OAAA,EAAS,IAAA,CAAK,OAAA,GAAU,IAAA,CAAK,OAAA;AACtC,UAAA,IAAI,IAAA,CAAK,cAAA,EAAgB,IAAA,CAAK,cAAA,GAAiB,IAAA,CAAK,cAAA;AACpD,UAAA,IAAI,IAAA,CAAK,SAAA,EAAW,IAAA,CAAK,SAAA,GAAY,IAAA,CAAK,SAAA;AAC1C,UAAA,IAAI,IAAA,CAAK,SAAA,EAAW,IAAA,CAAK,SAAA,GAAY,IAAA,CAAK,SAAA;AAC1C,UAAA,IAAI,IAAA,CAAK,OAAA,EAAS,IAAA,CAAK,OAAA,GAAU,IAAA,CAAK,OAAA;AACtC,UAAA,IAAI,IAAA,CAAK,cAAA,EAAgB,IAAA,CAAK,cAAA,GAAiB,IAAA,CAAK,cAAA;AACpD,UAAA,IAAI,IAAA,CAAK,QAAA,EAAU,IAAA,CAAK,QAAA,GAAW,IAAA,CAAK,QAAA;AAExC,UAAA,MAAM,KAAA,GAAQ,MAAM,EAAA,CAAG,MAAA,CAAsB;AAAA,YAC5C,KAAA,EAAO,YAAA;AAAA,YACP;AAAA,WACA,CAAA;AAED,UAAA,OAAO,GAAA,CAAI,KAAK,KAAK,CAAA;AAAA,QACtB;AAAA,OACD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,MAYA,eAAA,EAAiB,kBAAA;AAAA,QAChB,2BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UACR,cAAA,EAAgB,IAAA;AAAA,UAChB,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,SAAA,GAAY,KAAK,KAAA,IAAS,GAAA;AAChC,UAAA,MAAM,KAAA,GAAQ,gBAAgB,IAA+B,CAAA;AAC7D,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,UAAA,EAAY,YAAA;AAAA,YACZ,WAAW,KAAA,CAAM;AAAA,WACjB,CAAA;AAED,UAAA,MAAM,OAAA,GAAyB,CAAC,GAAG,KAAA,CAAM,KAAK,CAAA;AAC9C,UAAA,IAAI,KAAK,cAAA,EAAgB;AACxB,YAAA,OAAA,CAAQ,IAAA,CAAK;AAAA,cACZ,KAAA,EAAO,gBAAA;AAAA,cACP,OAAO,IAAA,CAAK;AAAA,aACZ,CAAA;AAAA,UACF;AACA,UAAA,IAAI,KAAK,MAAA,EAAQ;AAChB,YAAA,OAAA,CAAQ,KAAK,EAAE,KAAA,EAAO,UAAU,KAAA,EAAO,IAAA,CAAK,QAAQ,CAAA;AAAA,UACrD;AAEA,UAAA,IAAI,IAAA,CAAK,WAAW,MAAA,EAAW;AAC9B,YAAA,OAAA,CAAQ,IAAA,CAAK;AAAA,cACZ,KAAA,EAAO,YAAA;AAAA,cACP,QAAA,EAAU,IAAA;AAAA,cACV,OAAO,IAAA,CAAK;AAAA,aACZ,CAAA;AAAA,UACF;AAEA,UAAA,MAAM,MAAA,GAAS,MAAM,EAAA,CAAG,QAAA,CAAwB;AAAA,YAC/C,KAAA,EAAO,YAAA;AAAA,YACP,KAAA,EAAO,OAAA;AAAA,YACP,KAAA,EAAO,SAAA;AAAA,YACP,MAAA,EAAQ,EAAE,KAAA,EAAO,YAAA,EAAc,WAAW,MAAA;AAAO,WACjD,CAAA;AAGD,UAAA,MAAM,SAAA,GAAY,MAAA,CAAO,MAAA,CAAO,MAAA,GAAS,CAAC,CAAA;AAC1C,UAAA,MAAM,aACL,MAAA,CAAO,MAAA,KAAW,SAAA,IAAa,SAAA,GAAa,UAAU,UAAA,GAAwB,IAAA;AAE/E,UAAA,OAAO,IAAI,IAAA,CAAK;AAAA,YACf,IAAA,EAAM,MAAA;AAAA,YACN,OAAO,MAAA,CAAO,MAAA;AAAA,YACd;AAAA,WACA,CAAA;AAAA,QACF;AAAA;AACD,KACD;AAAA;AAAA,IAGA,KAAA,EAAO;AAAA,MACN,KAAA,EAAO;AAAA,QACN;AAAA,UACC,SAAS,MAAM,IAAA;AAAA,UACf,OAAA,EAAS,oBAAA,CAAqB,OAAO,GAAA,KAAQ;AAI5C,YAAA,MAAM,WAAA,GAAc,IAAI,OAAA,EAAS,OAAA;AACjC,YAAA,IAAI,CAAC,WAAA,EAAa;AAElB,YAAA,MAAM,IAAA,GAAgB,IAAqC,IAAA,IAAQ,EAAA;AACnE,YAAA,MAAM,MAAA,GAAS,aAAa,IAAI,CAAA;AAChC,YAAA,IAAI,CAAC,MAAA,EAAQ;AAGb,YAAA,IAAI,eAAe,MAAA,GAAS,CAAA,IAAK,CAAC,cAAA,CAAe,QAAA,CAAS,MAAM,CAAA,EAAG;AAClE,cAAA;AAAA,YACD;AAEA,YAAA,IAAI;AACH,cAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,cAAA,MAAM,gBAAgB,WAAA,CAAY,OAAA;AAGlC,cAAA,MAAM,SAAA,GAAqC;AAAA,gBAC1C,MAAA;AAAA,gBACA,OAAA,EAAS,CAAA;AAAA,gBACT,SAAA,EAAW,MAAA;AAAA,gBACX,OAAA,EAAS,cAAc,MAAA,IAAU,SAAA;AAAA,gBACjC,UAAA,EAAY,KAAK,GAAA,EAAI;AAAA,gBACrB,SAAA,EAAW,KAAK,GAAA;AAAI,eACrB;AAEA,cAAA,MAAM,UAAW,GAAA,CAAsD,IAAA;AACvE,cAAA,IAAI,OAAA,EAAS,SAAA,IAAa,OAAO,OAAA,CAAQ,cAAc,QAAA,EAAU;AAChE,gBAAA,SAAA,CAAU,YAAY,OAAA,CAAQ,SAAA;AAAA,cAC/B;AACA,cAAA,MAAM,QAAS,aAAA,CAA0C,oBAAA;AAGzD,cAAA,IAAI,KAAA,YAAiB,cAAA,GAAiB,KAAA;AACtC,cAAA,MAAM,EAAA,GAAK,GAAA,CAAI,OAAA,EAAS,GAAA,CAAI,iBAAiB,CAAA;AAC7C,cAAA,IAAI,EAAA,YAAc,SAAA,GAAY,EAAA;AAC9B,cAAA,MAAM,EAAA,GAAK,GAAA,CAAI,OAAA,EAAS,GAAA,CAAI,YAAY,CAAA;AACxC,cAAA,IAAI,EAAA,YAAc,SAAA,GAAY,EAAA;AAE9B,cAAA,MAAM,GAAG,MAAA,CAAsB;AAAA,gBAC9B,KAAA,EAAO,YAAA;AAAA,gBACP,IAAA,EAAM;AAAA,eACN,CAAA;AAAA,YACF,SAAS,GAAA,EAAK;AAEb,cAAA,OAAA,CAAQ,KAAA;AAAA,gBACP,2CAAA;AAAA,gBACA,MAAA;AAAA,gBACA,GAAA,YAAe,KAAA,GAAQ,GAAA,CAAI,OAAA,GAAU;AAAA,eACtC;AAAA,YACD;AAAA,UACD,CAAC;AAAA;AACF;AACD;AACD,GACD;AACD;AC7VA,IAAM,mBAAA,GAA0C;AAAA,EAC/C;AAAA,IACC,SAAA,EAAW,SAAA;AAAA,IACX,IAAA,EAAM,eAAA;AAAA,IACN,WAAA,EAAa,gCAAA;AAAA,IACb,QAAA,EAAU;AAAA,GACX;AAAA,EACA;AAAA,IACC,SAAA,EAAW,cAAA;AAAA,IACX,IAAA,EAAM,oBAAA;AAAA,IACN,WAAA,EAAa,0CAAA;AAAA,IACb,QAAA,EAAU;AAAA,GACX;AAAA,EACA;AAAA,IACC,SAAA,EAAW,gBAAA;AAAA,IACX,IAAA,EAAM,gBAAA;AAAA,IACN,WAAA,EAAa,6CAAA;AAAA,IACb,QAAA,EAAU;AAAA,GACX;AAAA,EACA;AAAA,IACC,SAAA,EAAW,YAAA;AAAA,IACX,IAAA,EAAM,YAAA;AAAA,IACN,WAAA,EAAa,+CAAA;AAAA,IACb,QAAA,EAAU;AAAA,GACX;AAAA,EACA;AAAA,IACC,SAAA,EAAW,WAAA;AAAA,IACX,IAAA,EAAM,WAAA;AAAA,IACN,WAAA,EAAa,sDAAA;AAAA,IACb,QAAA,EAAU;AAAA,GACX;AAAA,EACA;AAAA,IACC,SAAA,EAAW,gBAAA;AAAA,IACX,IAAA,EAAM,yBAAA;AAAA,IACN,WAAA,EAAa,sDAAA;AAAA,IACb,QAAA,EAAU;AAAA,GACX;AAAA,EACA;AAAA,IACC,SAAA,EAAW,WAAA;AAAA,IACX,IAAA,EAAM,WAAA;AAAA,IACN,WAAA,EAAa,oDAAA;AAAA,IACb,QAAA,EAAU;AAAA;AAEZ,CAAA;AAQA,IAAM,oBAAA,GAAgD;AAAA,EACrD;AAAA,IACC,IAAA,EAAM,gBAAA;AAAA,IACN,IAAA,EAAM,gBAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA;AAAA,IACC,IAAA,EAAM,kBAAA;AAAA,IACN,IAAA,EAAM,kBAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA;AAAA,IACC,IAAA,EAAM,gBAAA;AAAA,IACN,IAAA,EAAM,iBAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA;AAAA,IACC,IAAA,EAAM,cAAA;AAAA,IACN,IAAA,EAAM,eAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA;AAAA,IACC,IAAA,EAAM,YAAA;AAAA,IACN,IAAA,EAAM,iBAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA;AAAA,IACC,IAAA,EAAM,mBAAA;AAAA,IACN,IAAA,EAAM,mBAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA;AAAA,IACC,IAAA,EAAM,qBAAA;AAAA,IACN,IAAA,EAAM,qBAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA;AAAA,IACC,IAAA,EAAM,qBAAA;AAAA,IACN,IAAA,EAAM,qBAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA;AAAA,IACC,IAAA,EAAM,eAAA;AAAA,IACN,IAAA,EAAM,gBAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA;AAAA,IACC,IAAA,EAAM,aAAA;AAAA,IACN,IAAA,EAAM,cAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA;AAAA,IACC,IAAA,EAAM,oBAAA;AAAA,IACN,IAAA,EAAM,oBAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA;AAAA,IACC,IAAA,EAAM,eAAA;AAAA,IACN,IAAA,EAAM,gBAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA;AAAA,IACC,IAAA,EAAM,aAAA;AAAA,IACN,IAAA,EAAM,cAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA;AAAA,IACC,IAAA,EAAM,WAAA;AAAA,IACN,IAAA,EAAM,YAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA;AAAA,IACC,IAAA,EAAM,aAAA;AAAA,IACN,IAAA,EAAM,cAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA;AAAA,IACC,IAAA,EAAM,aAAA;AAAA,IACN,IAAA,EAAM,cAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA;AAAA,IACC,IAAA,EAAM,mBAAA;AAAA,IACN,IAAA,EAAM,oBAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA;AAAA,IACC,IAAA,EAAM,iBAAA;AAAA,IACN,IAAA,EAAM,kBAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA;AAAA,IACC,IAAA,EAAM,mBAAA;AAAA,IACN,IAAA,EAAM,oBAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA;AAAA,IACC,IAAA,EAAM,gBAAA;AAAA,IACN,IAAA,EAAM,iBAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA;AAAA,IACC,IAAA,EAAM,cAAA;AAAA,IACN,IAAA,EAAM,eAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA;AAAA,IACC,IAAA,EAAM,gBAAA;AAAA,IACN,IAAA,EAAM,iBAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA;AAAA,IACC,IAAA,EAAM,UAAA;AAAA,IACN,IAAA,EAAM,sBAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA;AAAA,IACC,IAAA,EAAM,YAAA;AAAA,IACN,IAAA,EAAM,wBAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA;AAAA,IACC,IAAA,EAAM,gBAAA;AAAA,IACN,IAAA,EAAM,kBAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA;AAAA,IACC,IAAA,EAAM,kBAAA;AAAA,IACN,IAAA,EAAM,oBAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA;AAAA,IACC,IAAA,EAAM,gBAAA;AAAA,IACN,IAAA,EAAM,kBAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA;AAAA,IACC,IAAA,EAAM,cAAA;AAAA,IACN,IAAA,EAAM,gBAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA;AAAA,IACC,IAAA,EAAM,gBAAA;AAAA,IACN,IAAA,EAAM,kBAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA;AAAA,IACC,IAAA,EAAM,gBAAA;AAAA,IACN,IAAA,EAAM,gBAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA;AAAA,IACC,IAAA,EAAM,iBAAA;AAAA,IACN,IAAA,EAAM,iBAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA;AAAA,IACC,IAAA,EAAM,cAAA;AAAA,IACN,IAAA,EAAM,cAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA;AAAA,IACC,IAAA,EAAM,gBAAA;AAAA,IACN,IAAA,EAAM,gBAAA;AAAA,IACN,WAAA,EAAa;AAAA;AAEf,CAAA;AAEA,IAAM,qBAAA,GAAwB,aAAA;AAC9B,IAAM,qBAAA,GAAwB,aAAA;AAE9B,eAAe,yBAAA,CACd,IACA,SAAA,EACgB;AAChB,EAAA,IAAI,CAAC,SAAA,EAAW;AAEhB,EAAA,MAAM,QAAuB,CAAC,EAAE,OAAO,WAAA,EAAa,KAAA,EAAO,WAAW,CAAA;AACtE,EAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AAErB,EAAA,MAAM,mBAAA,GAAsB,MAAM,EAAA,CAAG,QAAA,CAAkC;AAAA,IACtE,KAAA,EAAO,sBAAA;AAAA,IACP,KAAA;AAAA,IACA,KAAA,EAAO;AAAA,GACP,CAAA;AACD,EAAA,MAAM,gBAAA,GAAmB,IAAI,GAAA,CAAI,mBAAA,CAAoB,GAAA,CAAI,CAACC,EAAAA,KAAM,CAACA,EAAAA,CAAE,IAAA,EAAMA,EAAC,CAAC,CAAC,CAAA;AAE5E,EAAA,KAAA,MAAW,OAAO,oBAAA,EAAsB;AACvC,IAAA,IAAI,gBAAA,CAAiB,GAAA,CAAI,GAAA,CAAI,IAAI,CAAA,EAAG;AACpC,IAAA,MAAM,OAAA,GAAU,MAAM,EAAA,CAAG,MAAA,CAAgC;AAAA,MACxD,KAAA,EAAO,sBAAA;AAAA,MACP,IAAA,EAAM;AAAA,QACL,SAAA;AAAA,QACA,MAAM,GAAA,CAAI,IAAA;AAAA,QACV,MAAM,GAAA,CAAI,IAAA;AAAA,QACV,aAAa,GAAA,CAAI,WAAA;AAAA,QACjB,SAAA,EAAW,GAAA;AAAA,QACX,SAAA,EAAW;AAAA;AACZ,KACA,CAAA;AACD,IAAA,gBAAA,CAAiB,GAAA,CAAI,GAAA,CAAI,IAAA,EAAM,OAAO,CAAA;AAAA,EACvC;AAEA,EAAA,MAAM,QAAA,GAAW,MAAM,EAAA,CAAG,QAAA,CAA4B;AAAA,IACrD,KAAA,EAAO,gBAAA;AAAA,IACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,QAAQ,KAAA,EAAO,qBAAA,EAAsB,EAAG,GAAG,KAAK,CAAA;AAAA,IACjE,KAAA,EAAO;AAAA,GACP,CAAA;AAED,EAAA,MAAM,qBAAqB,KAAA,CAAM,IAAA,CAAK,iBAAiB,IAAA,EAAM,EAAE,IAAA,EAAK;AACpE,EAAA,MAAM,kBAAA,GAAqB,IAAA,CAAK,SAAA,CAAU,kBAAkB,CAAA;AAE5D,EAAA,IAAI,QAAA,CAAS,WAAW,CAAA,EAAG;AAC1B,IAAA,MAAM,GAAG,MAAA,CAA0B;AAAA,MAClC,KAAA,EAAO,gBAAA;AAAA,MACP,IAAA,EAAM;AAAA,QACL,SAAA;AAAA,QACA,IAAA,EAAM,qBAAA;AAAA,QACN,IAAA,EAAM,qBAAA;AAAA,QACN,WAAA,EAAa,wDAAA;AAAA,QACb,WAAA,EAAa,kBAAA;AAAA,QACb,SAAA,EAAW,IAAA;AAAA,QACX,SAAA,EAAW,GAAA;AAAA,QACX,SAAA,EAAW;AAAA;AACZ,KACA,CAAA;AACD,IAAA;AAAA,EACD;AAEA,EAAA,MAAM,IAAA,GAAO,SAAS,CAAC,CAAA;AACvB,EAAA,MAAM,aAAA,GAAgB,KAAK,WAAA,GAAe,IAAA,CAAK,MAAM,IAAA,CAAK,WAAW,IAAiB,EAAC;AACvF,EAAA,MAAM,WAAA,GAAc,KAAA,CAAM,IAAA,iBAAK,IAAI,GAAA,CAAI,CAAC,GAAG,aAAA,EAAe,GAAG,kBAAkB,CAAC,CAAC,EAAE,IAAA,EAAK;AACxF,EAAA,MAAM,GAAG,MAAA,CAA0B;AAAA,IAClC,KAAA,EAAO,gBAAA;AAAA,IACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,MAAM,KAAA,EAAO,IAAA,CAAK,IAAI,CAAA;AAAA,IACvC,MAAA,EAAQ;AAAA,MACP,IAAA,EAAM,KAAK,IAAA,IAAQ,qBAAA;AAAA,MACnB,SAAA,EAAW,IAAA;AAAA,MACX,WAAA,EAAa,IAAA,CAAK,SAAA,CAAU,WAAW,CAAA;AAAA,MACvC,SAAA,EAAW;AAAA;AACZ,GACA,CAAA;AACF;AAEA,eAAe,yBAAA,CACd,EAAA,EACA,SAAA,EACA,cAAA,EACgB;AAChB,EAAA,IAAI,CAAC,SAAA,EAAW;AAChB,EAAA,MAAM,QAAA,GAAW,MAAM,EAAA,CAAG,QAAA,CAA4B;AAAA,IACrD,KAAA,EAAO,gBAAA;AAAA,IACP,KAAA,EAAO;AAAA,MACN,EAAE,KAAA,EAAO,WAAA,EAAa,KAAA,EAAO,SAAA,EAAU;AAAA,MACvC,EAAE,KAAA,EAAO,MAAA,EAAQ,KAAA,EAAO,qBAAA;AAAsB,KAC/C;AAAA,IACA,KAAA,EAAO;AAAA,GACP,CAAA;AACD,EAAA,IAAI,SAAS,MAAA,KAAW,CAAA,IAAK,CAAC,QAAA,CAAS,CAAC,CAAA,EAAG;AAE3C,EAAA,MAAM,IAAA,GAAO,SAAS,CAAC,CAAA;AACvB,EAAA,MAAM,YAAA,GAAe,KAAK,WAAA,GAAe,IAAA,CAAK,MAAM,IAAA,CAAK,WAAW,IAAiB,EAAC;AACtF,EAAA,IAAI,YAAA,CAAa,QAAA,CAAS,cAAc,CAAA,EAAG;AAE3C,EAAA,MAAM,GAAG,MAAA,CAA0B;AAAA,IAClC,KAAA,EAAO,gBAAA;AAAA,IACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,MAAM,KAAA,EAAO,IAAA,CAAK,IAAI,CAAA;AAAA,IACvC,MAAA,EAAQ;AAAA,MACP,WAAA,EAAa,KAAK,SAAA,CAAU,CAAC,GAAG,YAAA,EAAc,cAAc,CAAA,CAAE,IAAA,EAAM,CAAA;AAAA,MACpE,SAAA,EAAW,KAAK,GAAA;AAAI;AACrB,GACA,CAAA;AACF;AAcA,IAAM,sBAAA,GAAyB;AAAA,EAC9B,YAAA;AAAA,EACA,aAAA;AAAA,EACA,mBAAA;AAAA,EACA,gBAAA;AAAA,EACA,kBAAA;AAAA,EACA,oBAAA;AAAA,EACA,cAAA;AAAA,EACA;AACD,CAAA;AAKA,IAAM,qBAAA,GAAwB,GAAA;AAO9B,SAAS,YAAY,GAAA,EAAqB;AACzC,EAAA,IAAI,GAAA,CAAI,SAAS,qBAAA,EAAuB;AACvC,IAAA,OAAO,GAAA,CAAI,KAAA,CAAM,CAAA,EAAG,qBAAqB,CAAA;AAAA,EAC1C;AACA,EAAA,IAAI,GAAA,GAAM,GAAA;AACV,EAAA,KAAA,MAAW,WAAW,sBAAA,EAAwB;AAC7C,IAAA,GAAA,GAAM,GAAA,CAAI,OAAA,CAAQ,OAAA,EAAS,iBAAiB,CAAA;AAAA,EAC7C;AACA,EAAA,OAAO,GAAA;AACR;AAIA,IAAM,WAAA,GAAcD,CAAAA,CAAE,MAAA,CAAO,EAAE,CAAA;AAG/B,IAAM,kBAAA,GAAqB,WAAA,CAAY,KAAA,CAAM,kBAAkB,CAAA;AAE/D,IAAM,gBAAA,GAAmBA,EACvB,MAAA,CAAO;AAAA,EACP,IAAA,EAAMA,EAAE,MAAA,EAAO;AAAA,EACf,IAAA,EAAMA,EAAE,MAAA,EAAO;AAAA,EACf,WAAA,EAAaA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AACzB,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,gBAAA,GAAmBA,EACvB,MAAA,CAAO;AAAA,EACP,EAAA,EAAIA,EAAE,MAAA;AACP,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,sBAAA,GAAyBA,EAC7B,MAAA,CAAO;AAAA,EACP,IAAA,EAAMA,EAAE,MAAA,EAAO;AAAA,EACf,IAAA,EAAMA,EAAE,MAAA,EAAO;AAAA,EACf,WAAA,EAAaA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AACzB,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,qBAAA,GAAwBA,EAC5B,MAAA,CAAO;AAAA,EACP,UAAA,EAAYA,CAAAA,CAAE,MAAA,EAAO,CAAE,IAAI,CAAC;AAC7B,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,sBAAA,GAAyBA,EAC7B,MAAA,CAAO;AAAA,EACP,WAAA,EAAaA,CAAAA,CAAE,KAAA,CAAMA,CAAAA,CAAE,MAAA,EAAO,CAAE,GAAA,CAAI,CAAC,CAAC,CAAA,CAAE,GAAA,CAAI,CAAC,CAAA;AAAA,EAC7C,QAAA,EAAUA,EAAE,IAAA,CAAK,CAAC,OAAO,KAAK,CAAC,EAAE,QAAA;AAClC,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,kBAAA,GAAqBA,EACzB,MAAA,CAAO;AAAA,EACP,YAAA,EAAcA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAClC,OAAA,EAASA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC7B,YAAA,EAAcA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAClC,QAAA,EAAUA,CAAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,EAC/B,WAAWA,CAAAA,CAAE,MAAA,GAAS,GAAA,CAAI,qBAAqB,EAAE,QAAA,EAAS;AAAA,EAC1D,IAAA,EAAMA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC1B,OAAA,EAASA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AACrB,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,iBAAA,GAAoBA,EACxB,MAAA,CAAO;AAAA,EACP,EAAA,EAAIA,EAAE,MAAA,EAAO;AAAA,EACb,OAAA,EAASA,EAAE,OAAA;AACZ,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAI1B,IAAM,gBAAA,GAAmBA,EACvB,MAAA,CAAO;AAAA,EACP,SAAA,EAAWA,EAAE,MAAA,EAAO;AAAA,EACpB,KAAA,EAAOA,EAAE,MAAA,EAAO;AAAA,EAChB,WAAA,EAAaA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACjC,KAAA,EAAOA,EAAE,MAAA,EAAO;AAAA,EAChB,SAAA,EAAWA,CAAAA,CAAE,OAAA,EAAQ,CAAE,QAAA;AACxB,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,kBAAA,GAAqBA,EACzB,MAAA,CAAO;AAAA,EACP,SAAA,EAAWA,EAAE,MAAA;AACd,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAI1B,IAAM,mBAAA,GAAsBA,EAC1B,MAAA,CAAO;AAAA,EACP,QAAQA,CAAAA,CAAE,MAAA,CAAOA,EAAE,MAAA,EAAO,EAAGA,EAAE,KAAA,CAAM,CAACA,EAAE,MAAA,EAAO,EAAGA,EAAE,KAAA,CAAMA,CAAAA,CAAE,QAAQ,CAAC,CAAC,CAAC;AACxE,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAI1B,IAAM,kBAAA,GAAqBA,EACzB,MAAA,CAAO;AAAA,EACP,IAAA,EAAMA,EAAE,MAAA,EAAO;AAAA,EACf,WAAA,EAAaA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACjC,YAAA,EAAcA,EAAE,MAAA,EAAO;AAAA,EACvB,UAAA,EAAYA,CAAAA,CAAE,MAAA,EAAO,CAAE,GAAA;AACxB,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,kBAAA,GAAqBA,EACzB,MAAA,CAAO;AAAA,EACP,EAAA,EAAIA,EAAE,MAAA;AACP,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAI1B,IAAM,qBAAA,GAAwBA,EAC5B,MAAA,CAAO;AAAA,EACP,OAAA,EAASA,CAAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,EAC9B,qBAAA,EAAuBA,CAAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,EAC5C,oBAAA,EAAsBA,CAAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,EAC3C,YAAA,EAAcA,CAAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,EACnC,YAAA,EAAcA,CAAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA;AAAA,EAEnC,aAAaA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,GAAW,QAAA,EAAS;AAAA;AAAA,EAE5C,sBAAA,EAAwBA,EACtB,MAAA,CAAO;AAAA,IACP,MAAA,EAAQA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,IAC5B,OAAA,EAASA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,IAC7B,SAAA,EAAWA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AAAS,GAC/B,EACA,QAAA;AACH,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAI1B,IAAM,6BAAA,GAAgCA,EACpC,MAAA,CAAO;AAAA,EACP,WAAWA,CAAAA,CACT,MAAA;AAAA,IACAA,EAAE,MAAA,EAAO;AAAA,IACTA,EAAE,MAAA,CAAO;AAAA,MACR,OAAA,EAASA,EAAE,OAAA,EAAQ;AAAA,MACnB,MAAA,EAAQA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AAAS,KAC5B;AAAA,IAED,QAAA,EAAS;AAAA,EACX,gBAAgBA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,GAAW,QAAA;AACvC,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAI1B,IAAM,wBAAA,GAA2BA,EAC/B,MAAA,CAAO;AAAA,EACP,IAAA,EAAMA,EAAE,MAAA,EAAO;AAAA,EACf,IAAA,EAAMA,EAAE,MAAA,EAAO;AAAA,EACf,WAAA,EAAaA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AACzB,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,wBAAA,GAA2BA,EAC/B,MAAA,CAAO;AAAA,EACP,EAAA,EAAIA,EAAE,MAAA;AACP,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAI1B,IAAM,qBAAA,GAAwBA,EAC5B,MAAA,CAAO;AAAA,EACP,MAAA,EAAQA,CAAAA,CAAE,MAAA,CAAOA,CAAAA,CAAE,QAAO,EAAGA,CAAAA,CAAE,MAAA,CAAO,EAAE,OAAA,EAASA,CAAAA,CAAE,OAAA,EAAQ,EAAG,CAAC;AAChE,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAI1B,IAAM,oBAAA,GAAuBA,EAC3B,MAAA,CAAO;AAAA,EACP,cAAA,EAAgBA,CAAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,EACrC,aAAA,EAAeA,CAAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,EACpC,iBAAA,EAAmBA,CAAAA,CAAE,OAAA,EAAQ,CAAE,QAAA;AAChC,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAI1B,IAAM,uBAAA,GAA0BA,EAC9B,MAAA,CAAO;AAAA,EACP,aAAaA,CAAAA,CAAE,MAAA,GAAS,GAAA,CAAI,GAAG,EAAE,QAAA,EAAS;AAAA,EAC1C,oBAAoBA,CAAAA,CAAE,MAAA,GAAS,GAAA,CAAI,GAAG,EAAE,QAAA;AACzC,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,yBAAA,GAA4BA,EAChC,MAAA,CAAO;AAAA,EACP,WAAA,EAAaA,EACX,MAAA,CAAO;AAAA,IACP,GAAA,EAAKA,CAAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,IAC1B,aAAA,EAAeA,CAAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,IACpC,OAAA,EAASA,CAAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,IAC9B,SAAA,EAAWA,CAAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,IAChC,QAAA,EAAUA,CAAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,IAC/B,SAAA,EAAWA,CAAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,IAChC,YAAA,EAAcA,CAAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,IACnC,SAAA,EAAWA,CAAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,IAChC,QAAA,EAAUA,CAAAA,CAAE,OAAA,EAAQ,CAAE,QAAA;AAAS,GAC/B,EACA,QAAA,EAAS;AAAA,EACX,eAAA,EAAiBA,EACf,MAAA,CAAOA,CAAAA,CAAE,QAAO,EAAGA,CAAAA,CAAE,MAAA,CAAO,EAAE,OAAA,EAASA,CAAAA,CAAE,SAAQ,EAAG,IAAA,EAAMA,EAAE,OAAA,EAAQ,CAAE,UAAS,EAAG,CAAC,CAAA,CACnF,QAAA,EAAS;AAAA,EACX,QAAA,EAAUA,EACR,MAAA,CAAO;AAAA,IACP,QAAA,EAAUA,CAAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,IAC/B,MAAA,EAAQA,CAAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,IAC7B,GAAA,EAAKA,CAAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,IAC1B,YAAA,EAAcA,CAAAA,CAAE,OAAA,EAAQ,CAAE,QAAA;AAAS,GACnC,EACA,QAAA,EAAS;AAAA,EACX,QAAA,EAAUA,EACR,MAAA,CAAO;AAAA,IACP,gBAAA,EAAkBA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,IACtC,mBAAA,EAAqBA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,IACzC,iBAAA,EAAmBA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,IACvC,aAAaA,CAAAA,CAAE,KAAA,CAAMA,EAAE,MAAA,EAAQ,EAAE,QAAA;AAAS,GAC1C,EACA,QAAA;AACH,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AA+B1B,IAAM,8BAAA,GACL,uGAAA;AAED,SAAS,0BACR,OAAA,EAC0B;AAC1B,EAAA,MAAM,SAAA,GAAY,EAAE,GAAG,OAAA,EAAQ;AAC/B,EAAA,OAAO,SAAA,CAAU,WAAA;AACjB,EAAA,OAAO,SAAA,CAAU,eAAA;AACjB,EAAA,OAAO,SAAA;AACR;AAEA,SAAS,kBAAkB,OAAA,EAAsD;AAChF,EAAA,MAAM,kBAAuE,EAAC;AAC9E,EAAA,IAAI,SAAS,eAAA,EAAiB;AAC7B,IAAA,KAAA,MAAW,CAAC,KAAK,KAAK,CAAA,IAAK,OAAO,OAAA,CAAQ,OAAA,CAAQ,eAAe,CAAA,EAAG;AACnE,MAAA,eAAA,CAAgB,GAAG,CAAA,GAAI;AAAA,QACtB,SAAS,KAAA,CAAM,OAAA;AAAA,QACf,IAAA,EAAM,MAAM,IAAA,IAAQ;AAAA,OACrB;AAAA,IACD;AAAA,EACD;AAEA,EAAA,OAAO;AAAA,IACN,WAAA,EAAa;AAAA,MACZ,GAAA,EAAK,OAAA,EAAS,WAAA,EAAa,GAAA,IAAO,KAAA;AAAA,MAClC,aAAA,EAAe,OAAA,EAAS,WAAA,EAAa,aAAA,IAAiB,IAAA;AAAA,MACtD,OAAA,EAAS,OAAA,EAAS,WAAA,EAAa,OAAA,IAAW,KAAA;AAAA,MAC1C,SAAA,EAAW,OAAA,EAAS,WAAA,EAAa,SAAA,IAAa,KAAA;AAAA,MAC9C,QAAA,EAAU,OAAA,EAAS,WAAA,EAAa,QAAA,IAAY,KAAA;AAAA,MAC5C,SAAA,EAAW,OAAA,EAAS,WAAA,EAAa,SAAA,IAAa,KAAA;AAAA,MAC9C,YAAA,EAAc,OAAA,EAAS,WAAA,EAAa,YAAA,IAAgB,KAAA;AAAA,MACpD,SAAA,EAAW,OAAA,EAAS,WAAA,EAAa,SAAA,IAAa,KAAA;AAAA,MAC9C,QAAA,EAAU,OAAA,EAAS,WAAA,EAAa,QAAA,IAAY;AAAA,KAC7C;AAAA,IACA,eAAA;AAAA,IACA,QAAA,EAAU;AAAA,MACT,QAAA,EAAU,OAAA,EAAS,QAAA,EAAU,QAAA,IAAY,KAAA;AAAA,MACzC,MAAA,EAAQ,OAAA,EAAS,QAAA,EAAU,MAAA,IAAU,IAAA;AAAA,MACrC,GAAA,EAAK,OAAA,EAAS,QAAA,EAAU,GAAA,IAAO,KAAA;AAAA,MAC/B,YAAA,EAAc,OAAA,EAAS,QAAA,EAAU,YAAA,IAAgB;AAAA,KAClD;AAAA,IACA,QAAA,EAAU;AAAA,MACT,gBAAA,EAAkB,OAAA,EAAS,QAAA,EAAU,gBAAA,IAAoB,QAAA;AAAA,MACzD,mBAAA,EAAqB,OAAA,EAAS,QAAA,EAAU,mBAAA,IAAuB,YAAA;AAAA,MAC/D,iBAAA,EAAmB,OAAA,EAAS,QAAA,EAAU,iBAAA,IAAqB,QAAA;AAAA,MAC3D,WAAA,EAAa,OAAA,EAAS,QAAA,EAAU,WAAA,IAAe;AAAC;AACjD,GACD;AACD;AASA,SAAS,eAAA,CACR,QACA,OAAA,EACwB;AACxB,EAAA,IAAI,OAAA,CAAQ,WAAA,IAAe,OAAO,OAAA,CAAQ,gBAAgB,QAAA,EAAU;AACnE,IAAA,MAAM,MAAM,OAAA,CAAQ,WAAA;AACpB,IAAA,KAAA,MAAW,GAAA,IAAO,MAAA,CAAO,IAAA,CAAK,GAAG,CAAA,EAAG;AACnC,MAAA,IAAI,OAAO,MAAA,CAAO,WAAA,IAAe,OAAO,GAAA,CAAI,GAAG,MAAM,SAAA,EAAW;AAC/D,QAAC,MAAA,CAAO,WAAA,CAAwC,GAAG,CAAA,GAAI,IAAI,GAAG,CAAA;AAAA,MAC/D;AAAA,IACD;AAAA,EACD;AAEA,EAAA,IAAI,OAAA,CAAQ,eAAA,IAAmB,OAAO,OAAA,CAAQ,oBAAoB,QAAA,EAAU;AAC3E,IAAA,MAAM,MAAM,OAAA,CAAQ,eAAA;AACpB,IAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,GAAG,CAAA,EAAG;AAC/C,MAAA,MAAA,CAAO,eAAA,CAAgB,GAAG,CAAA,GAAI;AAAA,QAC7B,SAAS,KAAA,CAAM,OAAA;AAAA,QACf,IAAA,EAAM,MAAM,IAAA,IAAQ;AAAA,OACrB;AAAA,IACD;AAAA,EACD;AAEA,EAAA,IAAI,OAAA,CAAQ,QAAA,IAAY,OAAO,OAAA,CAAQ,aAAa,QAAA,EAAU;AAC7D,IAAA,MAAM,MAAM,OAAA,CAAQ,QAAA;AACpB,IAAA,KAAA,MAAW,GAAA,IAAO,MAAA,CAAO,IAAA,CAAK,GAAG,CAAA,EAAG;AACnC,MAAA,IAAI,OAAO,MAAA,CAAO,QAAA,IAAY,OAAO,GAAA,CAAI,GAAG,MAAM,SAAA,EAAW;AAC5D,QAAC,MAAA,CAAO,QAAA,CAAqC,GAAG,CAAA,GAAI,IAAI,GAAG,CAAA;AAAA,MAC5D;AAAA,IACD;AAAA,EACD;AAEA,EAAA,IAAI,OAAA,CAAQ,QAAA,IAAY,OAAO,OAAA,CAAQ,aAAa,QAAA,EAAU;AAC7D,IAAA,MAAM,MAAM,OAAA,CAAQ,QAAA;AACpB,IAAA,IAAI,OAAO,IAAI,gBAAA,KAAqB,QAAA;AACnC,MAAA,MAAA,CAAO,QAAA,CAAS,mBAAmB,GAAA,CAAI,gBAAA;AACxC,IAAA,IAAI,OAAO,IAAI,mBAAA,KAAwB,QAAA;AACtC,MAAA,MAAA,CAAO,QAAA,CAAS,sBAAsB,GAAA,CAAI,mBAAA;AAC3C,IAAA,IAAI,OAAO,IAAI,iBAAA,KAAsB,QAAA;AACpC,MAAA,MAAA,CAAO,QAAA,CAAS,oBAAoB,GAAA,CAAI,iBAAA;AACzC,IAAA,IAAI,KAAA,CAAM,QAAQ,GAAA,CAAI,WAAW,GAAG,MAAA,CAAO,QAAA,CAAS,cAAc,GAAA,CAAI,WAAA;AAAA,EACvE;AAEA,EAAA,OAAO,MAAA;AACR;AAaO,SAAS,aAAa,OAAA,EAAiD;AAK7E,EAAA,MAAM,WAAA,uBAAkB,GAAA,EAAmC;AAC3D,EAAA,MAAM,UAAA,uBAAiB,GAAA,EAAY;AAEnC,EAAA,SAAS,SAAS,SAAA,EAA4B;AAC7C,IAAA,OAAO,SAAA,IAAa,QAAA;AAAA,EACrB;AAEA,EAAA,SAAS,kBAAkB,SAAA,EAA2C;AACrE,IAAA,MAAM,GAAA,GAAM,SAAS,SAAS,CAAA;AAC9B,IAAA,IAAI,GAAA,GAAM,WAAA,CAAY,GAAA,CAAI,GAAG,CAAA;AAC7B,IAAA,IAAI,CAAC,GAAA,EAAK;AACT,MAAA,GAAA,GAAM,kBAAkB,OAAO,CAAA;AAC/B,MAAA,WAAA,CAAY,GAAA,CAAI,KAAK,GAAG,CAAA;AAAA,IACzB;AACA,IAAA,OAAO,GAAA;AAAA,EACR;AAOA,EAAA,eAAe,wBAAA,CACd,IACA,SAAA,EACiC;AACjC,IAAA,MAAM,GAAA,GAAM,SAAS,SAAS,CAAA;AAC9B,IAAA,MAAM,GAAA,GAAM,kBAAkB,SAAS,CAAA;AACvC,IAAA,IAAI,UAAA,CAAW,GAAA,CAAI,GAAG,CAAA,EAAG,OAAO,GAAA;AAChC,IAAA,UAAA,CAAW,IAAI,GAAG,CAAA;AAClB,IAAA,IAAI;AACH,MAAA,MAAM,aAA4B,EAAC;AACnC,MAAA,IAAI,SAAA,aAAsB,IAAA,CAAK,EAAE,OAAO,WAAA,EAAa,KAAA,EAAO,WAAW,CAAA;AAEvE,MAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAA6B;AAAA,QAClD,KAAA,EAAO,iBAAA;AAAA,QACP,KAAA,EAAO,UAAA;AAAA,QACP,KAAA,EAAO;AAAA,OACP,CAAA;AACD,MAAA,IAAI,KAAK,MAAA,GAAS,CAAA,IAAK,IAAA,CAAK,CAAC,GAAG,UAAA,EAAY;AAC3C,QAAA,MAAM,SAAA,GAAY,yBAAA;AAAA,UACjB,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,CAAC,EAAE,UAAU;AAAA,SAC9B;AACA,QAAA,eAAA,CAAgB,KAAK,SAAS,CAAA;AAAA,MAC/B;AAAA,IACD,CAAA,CAAA,MAAQ;AAAA,IAER;AACA,IAAA,OAAO,GAAA;AAAA,EACR;AAEA,EAAA,eAAe,uBAAA,CACd,GAAA,EACA,EAAA,EACA,IAAA,EACA,UAAA,EACC;AACD,IAAA,MAAM,KAAA,GAAQ,gBAAgB,IAAI,CAAA;AAClC,IAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,MACnC,EAAA;AAAA,MACA,UAAA;AAAA,MACA,WAAW,KAAA,CAAM;AAAA,KACjB,CAAA;AACD,IAAA,OAAO,KAAA;AAAA,EACR;AAEA,EAAA,OAAO;AAAA,IACN,EAAA,EAAI,eAAA;AAAA;AAAA;AAAA;AAAA,IAKJ,MAAA,EAAQ;AAAA,MACP,eAAA,EAAiB;AAAA,QAChB,MAAA,EAAQ;AAAA,UACP,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAmB,UAAU,KAAA,EAAM;AAAA,UACtD,UAAA,EAAY,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC7C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC5C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA;AAAK;AAC7C,OACD;AAAA,MACA,cAAA,EAAgB;AAAA,QACf,MAAA,EAAQ;AAAA,UACP,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAmB,UAAU,KAAA,EAAM;AAAA,UACtD,IAAA,EAAM,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UACvC,IAAA,EAAM,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UACvC,WAAA,EAAa,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAC/C,WAAA,EAAa,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAC/C,WAAW,EAAE,IAAA,EAAM,WAAW,QAAA,EAAU,KAAA,EAAO,cAAc,KAAA,EAAM;AAAA,UACnE,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC5C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA;AAAK;AAC7C,OACD;AAAA,MACA,oBAAA,EAAsB;AAAA,QACrB,MAAA,EAAQ;AAAA,UACP,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAmB,UAAU,KAAA,EAAM;AAAA,UACtD,IAAA,EAAM,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UACvC,IAAA,EAAM,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UACvC,WAAA,EAAa,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAC/C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC5C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA;AAAK;AAC7C,OACD;AAAA,MACA,cAAA,EAAgB;AAAA,QACf,MAAA,EAAQ;AAAA,UACP,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAmB,UAAU,KAAA,EAAM;AAAA,UACtD,YAAA,EAAc,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAChD,OAAA,EAAS,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAC3C,YAAA,EAAc,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAChD,QAAA,EAAU,EAAE,IAAA,EAAM,SAAA,EAAW,UAAU,KAAA,EAAM;AAAA,UAC7C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAC7C,IAAA,EAAM,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UACxC,OAAA,EAAS,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAC3C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC5C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA;AAAK;AAC7C,OACD;AAAA,MACA,WAAA,EAAa;AAAA,QACZ,MAAA,EAAQ;AAAA,UACP,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAmB,UAAU,KAAA,EAAM;AAAA,UACtD,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC5C,IAAA,EAAM,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UACvC,WAAA,EAAa,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAC/C,OAAA,EAAS,EAAE,IAAA,EAAM,SAAA,EAAW,UAAU,IAAA,EAAK;AAAA,UAC3C,QAAA,EAAU,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC3C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC5C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA;AAAK;AAC7C,OACD;AAAA,MACA,YAAA,EAAc;AAAA,QACb,MAAA,EAAQ;AAAA,UACP,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAmB,UAAU,KAAA,EAAM;AAAA,UACtD,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC5C,KAAA,EAAO,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UACxC,WAAA,EAAa,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAC/C,KAAA,EAAO,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UACxC,SAAA,EAAW,EAAE,IAAA,EAAM,SAAA,EAAW,UAAU,KAAA,EAAM;AAAA,UAC9C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC5C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA;AAAK;AAC7C,OACD;AAAA,MACA,cAAA,EAAgB;AAAA,QACf,MAAA,EAAQ;AAAA,UACP,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAmB,UAAU,KAAA,EAAM;AAAA,UACtD,UAAA,EAAY,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC7C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC5C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA;AAAK;AAC7C,OACD;AAAA,MACA,YAAA,EAAc;AAAA,QACb,MAAA,EAAQ;AAAA,UACP,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAmB,UAAU,KAAA,EAAM;AAAA,UACtD,IAAA,EAAM,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UACvC,WAAA,EAAa,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAC/C,YAAA,EAAc,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC/C,UAAA,EAAY,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC7C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC5C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA;AAAK;AAC7C,OACD;AAAA,MACA,WAAA,EAAa;AAAA,QACZ,MAAA,EAAQ;AAAA,UACP,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAmB,UAAU,KAAA,EAAM;AAAA,UACtD,UAAA,EAAY,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC7C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC5C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA;AAAK;AAC7C,OACD;AAAA,MACA,mBAAA,EAAqB;AAAA,QACpB,MAAA,EAAQ;AAAA,UACP,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAmB,UAAU,KAAA,EAAM;AAAA,UACtD,UAAA,EAAY,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC7C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC5C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA;AAAK;AAC7C,OACD;AAAA,MACA,YAAA,EAAc;AAAA,QACb,MAAA,EAAQ;AAAA,UACP,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAmB,UAAU,KAAA,EAAM;AAAA,UACtD,IAAA,EAAM,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UACvC,IAAA,EAAM,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UACvC,WAAA,EAAa,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAC/C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC5C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA;AAAK;AAC7C,OACD;AAAA,MACA,WAAA,EAAa;AAAA,QACZ,MAAA,EAAQ;AAAA,UACP,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAmB,UAAU,KAAA,EAAM;AAAA,UACtD,UAAA,EAAY,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC7C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC5C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA;AAAK;AAC7C,OACD;AAAA,MACA,aAAA,EAAe;AAAA,QACd,MAAA,EAAQ;AAAA,UACP,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAmB,UAAU,KAAA,EAAM;AAAA,UACtD,UAAA,EAAY,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC7C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC5C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA;AAAK;AAC7C;AACD,KACD;AAAA,IAEA,SAAA,EAAW;AAAA;AAAA;AAAA;AAAA,MAKD,eAAA,EAAiBE,kBAAAA;AAAA,QACb,uBAAA;AAAA,QACA;AAAA,UACI,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACV;AAAA,QACA,OAAO,GAAA,KAAQ,GAAA,CAAI,IAAA,CAAK,iBAAA,CAAkB,OAAO,CAAC;AAAA,OACtD;AAAA,MAET,kBAAA,EAAoBA,kBAAAA;AAAA,QACnB,0BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,QAAQ,MAAM,uBAAA,CAAwB,GAAA,EAAK,EAAA,EAAI,MAAM,gBAAgB,CAAA;AAC3E,UAAA,MAAM,GAAA,GAAM,MAAM,wBAAA,CAAyB,EAAA,EAAI,MAAM,SAAS,CAAA;AAC9D,UAAA,OAAO,GAAA,CAAI,KAAK,GAAG,CAAA;AAAA,QACpB;AAAA,OACD;AAAA,MAEA,mBAAA,EAAqBA,kBAAAA;AAAA,QACpB,+BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,UAAA,MAAM,QAAQ,MAAM,uBAAA,CAAwB,GAAA,EAAK,EAAA,EAAI,MAAM,kBAAkB,CAAA;AAE7E,UAAA,IAAI,IAAA,CAAK,WAAA,IAAe,IAAA,CAAK,eAAA,EAAiB;AAC7C,YAAA,MAAM,GAAA,CAAI,MAAM,aAAA,EAAe;AAAA,cAC9B,OAAA,EAAS;AAAA,aACT,CAAA;AAAA,UACF;AAGA,UAAA,MAAM,GAAA,GAAM,MAAM,wBAAA,CAAyB,EAAA,EAAI,MAAM,SAAS,CAAA;AAC9D,UAAA,MAAM,aAAA,GAAgB,0BAA0B,IAAI,CAAA;AAGpD,UAAA,eAAA,CAAgB,KAAK,aAAa,CAAA;AAGlC,UAAA,IAAI;AACH,YAAA,MAAM,aAAa,IAAA,CAAK,SAAA;AAAA,cACvB,0BAA0B,GAAyC;AAAA,aACpE;AACA,YAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAA6B;AAAA,cAClD,KAAA,EAAO,iBAAA;AAAA,cACP,OAAO,KAAA,CAAM,KAAA;AAAA,cACb,KAAA,EAAO;AAAA,aACP,CAAA;AAED,YAAA,IAAI,IAAA,CAAK,MAAA,GAAS,CAAA,IAAK,IAAA,CAAK,CAAC,CAAA,EAAG;AAC/B,cAAA,MAAM,GAAG,MAAA,CAA2B;AAAA,gBACnC,KAAA,EAAO,iBAAA;AAAA,gBACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,QAAA,EAAU,IAAA,EAAM,KAAA,EAAO,IAAA,CAAK,CAAC,CAAA,CAAE,EAAA,EAAI,CAAA;AAAA,gBAC1D,MAAA,EAAQ,EAAE,UAAA,EAAY,SAAA,EAAW,GAAA;AAAI,eACrC,CAAA;AAAA,YACF,CAAA,MAAO;AACN,cAAA,MAAM,GAAG,MAAA,CAA2B;AAAA,gBACnC,KAAA,EAAO,iBAAA;AAAA,gBACP,IAAA,EAAM;AAAA,kBACL,GAAG,KAAA,CAAM,IAAA;AAAA,kBACT,UAAA;AAAA,kBACA,SAAA,EAAW,GAAA;AAAA,kBACX,SAAA,EAAW;AAAA;AACZ,eACA,CAAA;AAAA,YACF;AAAA,UACD,CAAA,CAAA,MAAQ;AAAA,UAGR;AAEA,UAAA,OAAO,GAAA,CAAI,KAAK,GAAG,CAAA;AAAA,QACpB;AAAA,OACD;AAAA;AAAA;AAAA;AAAA,MAMA,SAAA,EAAWA,kBAAAA;AAAA,QACV,2BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,KAAA,GAAQ,eAAA,CAAgB,GAAA,CAAI,IAA+B,CAAA;AACjE,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,UAAA,EAAY,WAAA;AAAA,YACZ,WAAW,KAAA,CAAM;AAAA,WACjB,CAAA;AACD,UAAA,MAAM,yBAAA,CAA0B,EAAA,EAAI,KAAA,CAAM,IAAA,CAAK,SAAS,CAAA;AAExD,UAAA,MAAM,KAAA,GAAQ,MAAM,EAAA,CAAG,QAAA,CAA4B;AAAA,YAClD,KAAA,EAAO,gBAAA;AAAA,YACP,KAAA,EAAO,CAAC,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YACtB,KAAA,EAAO,GAAA;AAAA,YACP,MAAA,EAAQ,EAAE,KAAA,EAAO,WAAA,EAAa,WAAW,KAAA;AAAM,WAC/C,CAAA;AAED,UAAA,MAAM,MAAA,GAAS,KAAA,CAAM,GAAA,CAAI,CAAC,CAAA,MAAO;AAAA,YAChC,IAAI,CAAA,CAAE,EAAA;AAAA,YACN,MAAM,CAAA,CAAE,IAAA;AAAA,YACR,MAAM,CAAA,CAAE,IAAA;AAAA,YACR,WAAA,EAAa,EAAE,WAAA,IAAe,EAAA;AAAA,YAC9B,WAAA,EAAa,EAAE,WAAA,GAAe,IAAA,CAAK,MAAM,CAAA,CAAE,WAAW,IAAiB,EAAC;AAAA,YACxE,SAAA,EAAW,EAAE,SAAA,IAAa,KAAA;AAAA,YAC1B,WAAW,IAAI,IAAA,CAAK,CAAA,CAAE,SAAS,EAAE,WAAA;AAAY,WAC9C,CAAE,CAAA;AAEF,UAAA,OAAO,GAAA,CAAI,IAAA,CAAK,EAAE,KAAA,EAAO,QAAQ,CAAA;AAAA,QAClC;AAAA,OACD;AAAA,MAEA,UAAA,EAAYA,kBAAAA;AAAA,QACX,6BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,UAAA,MAAM,KAAA,GAAQ,gBAAgB,IAA+B,CAAA;AAC7D,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,UAAA,EAAY,aAAA;AAAA,YACZ,WAAW,KAAA,CAAM;AAAA,WACjB,CAAA;AACD,UAAA,MAAM,yBAAA,CAA0B,EAAA,EAAI,KAAA,CAAM,IAAA,CAAK,SAAS,CAAA;AACxD,UAAA,MAAM,iBAAA,mBAAoB,IAAI,GAAA,CAAI,CAAC,qBAAqB,CAAC,CAAA;AACzD,UAAA,IAAI,iBAAA,CAAkB,GAAA,CAAI,IAAA,CAAK,IAAI,CAAA,EAAG;AACrC,YAAA,MAAM,GAAA,CAAI,MAAM,aAAA,EAAe;AAAA,cAC9B,OAAA,EAAS,CAAA,WAAA,EAAe,IAAA,CAAK,IAAI,CAAA,aAAA;AAAA,aACjC,CAAA;AAAA,UACF;AAGA,UAAA,MAAM,QAAA,GAAW,MAAM,EAAA,CAAG,QAAA,CAA4B;AAAA,YACrD,KAAA,EAAO,gBAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,MAAA,EAAQ,KAAA,EAAO,IAAA,CAAK,IAAA,EAAK,EAAG,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YAC3D,KAAA,EAAO;AAAA,WACP,CAAA;AACD,UAAA,IAAI,QAAA,CAAS,SAAS,CAAA,EAAG;AACxB,YAAA,MAAM,GAAA,CAAI,MAAM,UAAA,EAAY;AAAA,cAC3B,OAAA,EAAS;AAAA,aACT,CAAA;AAAA,UACF;AAEA,UAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,MAAA,CAA0B;AAAA,YAC/C,KAAA,EAAO,gBAAA;AAAA,YACP,IAAA,EAAM;AAAA,cACL,GAAG,KAAA,CAAM,IAAA;AAAA,cACT,MAAM,IAAA,CAAK,IAAA;AAAA,cACX,MAAM,IAAA,CAAK,IAAA;AAAA,cACX,WAAA,EAAa,KAAK,WAAA,IAAe,EAAA;AAAA,cACjC,WAAA,EAAa,IAAA,CAAK,SAAA,CAAU,EAAE,CAAA;AAAA,cAC9B,SAAA,EAAW,KAAA;AAAA,cACX,SAAA,EAAW,GAAA;AAAA,cACX,SAAA,EAAW;AAAA;AACZ,WACA,CAAA;AAED,UAAA,OAAO,IAAI,IAAA,CAAK;AAAA,YACf,IAAA,EAAM;AAAA,cACL,IAAI,IAAA,CAAK,EAAA;AAAA,cACT,MAAM,IAAA,CAAK,IAAA;AAAA,cACX,MAAM,IAAA,CAAK,IAAA;AAAA,cACX,WAAA,EAAa,KAAK,WAAA,IAAe,EAAA;AAAA,cACjC,aAAa,EAAC;AAAA,cACd,SAAA,EAAW,KAAA;AAAA,cACX,SAAA,EAAW,IAAI,IAAA,CAAK,GAAG,EAAE,WAAA;AAAY;AACtC,WACA,CAAA;AAAA,QACF;AAAA,OACD;AAAA,MAEA,UAAA,EAAYA,kBAAAA;AAAA,QACX,6BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,KAAA,GAAQ,gBAAgB,IAA+B,CAAA;AAC7D,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,UAAA,EAAY,aAAA;AAAA,YACZ,WAAW,KAAA,CAAM;AAAA,WACjB,CAAA;AACD,UAAA,MAAM,yBAAA,CAA0B,EAAA,EAAI,KAAA,CAAM,IAAA,CAAK,SAAS,CAAA;AAExD,UAAA,MAAM,QAAA,GAAW,MAAM,EAAA,CAAG,QAAA,CAA4B;AAAA,YACrD,KAAA,EAAO,gBAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,QAAA,EAAU,IAAA,EAAM,KAAA,EAAO,IAAA,CAAK,EAAA,EAAG,EAAG,GAAG,MAAM,KAAK,CAAA;AAAA,YACvE,KAAA,EAAO;AAAA,WACP,CAAA;AACD,UAAA,IACC,QAAA,CAAS,MAAA,GAAS,CAAA,KACjB,QAAA,CAAS,CAAC,CAAA,EAAG,IAAA,KAAS,qBAAA,IAAyB,QAAA,CAAS,CAAC,CAAA,EAAG,SAAA,CAAA,EAC5D;AACD,YAAA,MAAM,GAAA,CAAI,MAAM,WAAA,EAAa;AAAA,cAC5B,OAAA,EAAS;AAAA,aACT,CAAA;AAAA,UACF;AAEA,UAAA,MAAM,GAAG,MAAA,CAAO;AAAA,YACf,KAAA,EAAO,gBAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,QAAA,EAAU,IAAA,EAAM,KAAA,EAAO,IAAA,CAAK,EAAA,EAAG,EAAG,GAAG,MAAM,KAAK;AAAA,WACvE,CAAA;AAED,UAAA,OAAO,GAAA,CAAI,IAAA,CAAK,EAAE,OAAA,EAAS,MAAM,CAAA;AAAA,QAClC;AAAA,OACD;AAAA;AAAA;AAAA;AAAA,MAMA,eAAA,EAAiBA,kBAAAA;AAAA,QAChB,iCAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,KAAA,GAAQ,eAAA,CAAgB,GAAA,CAAI,IAA+B,CAAA;AACjE,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,UAAA,EAAY,iBAAA;AAAA,YACZ,WAAW,KAAA,CAAM;AAAA,WACjB,CAAA;AACD,UAAA,MAAM,yBAAA,CAA0B,EAAA,EAAI,KAAA,CAAM,IAAA,CAAK,SAAS,CAAA;AAExD,UAAA,MAAM,WAAA,GAAc,MAAM,EAAA,CAAG,QAAA,CAAkC;AAAA,YAC9D,KAAA,EAAO,sBAAA;AAAA,YACP,KAAA,EAAO,CAAC,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YACtB,KAAA,EAAO,GAAA;AAAA,YACP,MAAA,EAAQ,EAAE,KAAA,EAAO,WAAA,EAAa,WAAW,KAAA;AAAM,WAC/C,CAAA;AAED,UAAA,MAAM,MAAA,GAAS,WAAA,CAAY,GAAA,CAAI,CAACD,EAAAA,MAAO;AAAA,YACtC,IAAIA,EAAAA,CAAE,EAAA;AAAA,YACN,MAAMA,EAAAA,CAAE,IAAA;AAAA,YACR,MAAMA,EAAAA,CAAE,IAAA;AAAA,YACR,WAAA,EAAaA,GAAE,WAAA,IAAe,EAAA;AAAA,YAC9B,WAAW,IAAI,IAAA,CAAKA,EAAAA,CAAE,SAAS,EAAE,WAAA;AAAY,WAC9C,CAAE,CAAA;AAEF,UAAA,OAAO,GAAA,CAAI,IAAA,CAAK,EAAE,WAAA,EAAa,QAAQ,CAAA;AAAA,QACxC;AAAA,OACD;AAAA,MAEA,gBAAA,EAAkBC,kBAAAA;AAAA,QACjB,mCAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,UAAA,MAAM,KAAA,GAAQ,gBAAgB,IAA+B,CAAA;AAC7D,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,UAAA,EAAY,mBAAA;AAAA,YACZ,WAAW,KAAA,CAAM;AAAA,WACjB,CAAA;AACD,UAAA,MAAM,yBAAA,CAA0B,EAAA,EAAI,KAAA,CAAM,IAAA,CAAK,SAAS,CAAA;AAGxD,UAAA,MAAM,QAAA,GAAW,MAAM,EAAA,CAAG,QAAA,CAAkC;AAAA,YAC3D,KAAA,EAAO,sBAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,MAAA,EAAQ,KAAA,EAAO,IAAA,CAAK,IAAA,EAAK,EAAG,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YAC3D,KAAA,EAAO;AAAA,WACP,CAAA;AACD,UAAA,IAAI,QAAA,CAAS,SAAS,CAAA,EAAG;AACxB,YAAA,MAAM,GAAA,CAAI,MAAM,UAAA,EAAY;AAAA,cAC3B,OAAA,EAAS;AAAA,aACT,CAAA;AAAA,UACF;AAEA,UAAA,MAAM,UAAA,GAAa,MAAM,EAAA,CAAG,MAAA,CAAgC;AAAA,YAC3D,KAAA,EAAO,sBAAA;AAAA,YACP,IAAA,EAAM;AAAA,cACL,GAAG,KAAA,CAAM,IAAA;AAAA,cACT,MAAM,IAAA,CAAK,IAAA;AAAA,cACX,MAAM,IAAA,CAAK,IAAA;AAAA,cACX,WAAA,EAAa,KAAK,WAAA,IAAe,EAAA;AAAA,cACjC,SAAA,EAAW,GAAA;AAAA,cACX,SAAA,EAAW;AAAA;AACZ,WACA,CAAA;AACD,UAAA,MAAM,0BAA0B,EAAA,EAAI,KAAA,CAAM,IAAA,CAAK,SAAA,EAAW,WAAW,IAAI,CAAA;AAEzE,UAAA,OAAO,IAAI,IAAA,CAAK;AAAA,YACf,UAAA,EAAY;AAAA,cACX,IAAI,UAAA,CAAW,EAAA;AAAA,cACf,MAAM,UAAA,CAAW,IAAA;AAAA,cACjB,MAAM,UAAA,CAAW,IAAA;AAAA,cACjB,WAAA,EAAa,WAAW,WAAA,IAAe,EAAA;AAAA,cACvC,SAAA,EAAW,IAAI,IAAA,CAAK,GAAG,EAAE,WAAA;AAAY;AACtC,WACA,CAAA;AAAA,QACF;AAAA,OACD;AAAA,MAEA,gBAAA,EAAkBA,kBAAAA;AAAA,QACjB,mCAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,KAAA,GAAQ,gBAAgB,IAA+B,CAAA;AAC7D,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,UAAA,EAAY,mBAAA;AAAA,YACZ,WAAW,KAAA,CAAM;AAAA,WACjB,CAAA;AACD,UAAA,MAAM,yBAAA,CAA0B,EAAA,EAAI,KAAA,CAAM,IAAA,CAAK,SAAS,CAAA;AAExD,UAAA,MAAM,QAAA,GAAW,MAAM,EAAA,CAAG,QAAA,CAAkC;AAAA,YAC3D,KAAA,EAAO,sBAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,QAAA,EAAU,IAAA,EAAM,KAAA,EAAO,IAAA,CAAK,EAAA,EAAG,EAAG,GAAG,MAAM,KAAK,CAAA;AAAA,YACvE,KAAA,EAAO;AAAA,WACP,CAAA;AACD,UAAA,IAAI,QAAA,CAAS,SAAS,CAAA,EAAG;AACxB,YAAA,MAAM,YAAA,GAAe,IAAI,GAAA,CAAI,oBAAA,CAAqB,IAAI,CAACD,EAAAA,KAAMA,EAAAA,CAAE,IAAI,CAAC,CAAA;AACpE,YAAA,MAAM,cAAA,GAAiB,QAAA,CAAS,CAAC,CAAA,CAAG,IAAA;AACpC,YAAA,IAAI,YAAA,CAAa,GAAA,CAAI,cAAc,CAAA,EAAG;AACrC,cAAA,MAAM,GAAA,CAAI,MAAM,WAAA,EAAa;AAAA,gBAC5B,OAAA,EAAS;AAAA,eACT,CAAA;AAAA,YACF;AAEA,YAAA,MAAM,KAAA,GAAQ,MAAM,EAAA,CAAG,QAAA,CAA4B;AAAA,cAClD,KAAA,EAAO,gBAAA;AAAA,cACP,KAAA,EAAO,CAAC,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,cACtB,KAAA,EAAO;AAAA,aACP,CAAA;AACD,YAAA,KAAA,MAAW,QAAQ,KAAA,EAAO;AACzB,cAAA,MAAM,SAAA,GAAY,KAAK,WAAA,GAAe,IAAA,CAAK,MAAM,IAAA,CAAK,WAAW,IAAiB,EAAC;AACnF,cAAA,IAAI,CAAC,SAAA,CAAU,QAAA,CAAS,cAAc,CAAA,EAAG;AACzC,cAAA,MAAM,GAAG,MAAA,CAA0B;AAAA,gBAClC,KAAA,EAAO,gBAAA;AAAA,gBACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,MAAM,KAAA,EAAO,IAAA,CAAK,IAAI,CAAA;AAAA,gBACvC,MAAA,EAAQ;AAAA,kBACP,WAAA,EAAa,IAAA,CAAK,SAAA,CAAU,SAAA,CAAU,MAAA,CAAO,CAACA,EAAAA,KAAMA,EAAAA,KAAM,cAAc,CAAA,CAAE,IAAA,EAAM,CAAA;AAAA,kBAChF,SAAA,EAAW,KAAK,GAAA;AAAI;AACrB,eACA,CAAA;AAAA,YACF;AAAA,UACD;AAEA,UAAA,MAAM,GAAG,MAAA,CAAO;AAAA,YACf,KAAA,EAAO,sBAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,QAAA,EAAU,IAAA,EAAM,KAAA,EAAO,IAAA,CAAK,EAAA,EAAG,EAAG,GAAG,MAAM,KAAK;AAAA,WACvE,CAAA;AAED,UAAA,OAAO,GAAA,CAAI,IAAA,CAAK,EAAE,OAAA,EAAS,MAAM,CAAA;AAAA,QAClC;AAAA,OACD;AAAA;AAAA;AAAA;AAAA,MAMA,aAAA,EAAeC,kBAAAA;AAAA,QACd,6BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAE,IAAA,EAAK,GAAI,oBAAA,CAAqB,GAAG,CAAA;AACzC,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,KAAA,GAAQ,eAAA,CAAgB,GAAA,CAAI,IAA+B,CAAA;AAEjE,UAAA,MAAM,WAAA,GAAc,MAAM,8BAAA,CAA+B,EAAA,EAAI;AAAA,YAC5D,QAAQ,IAAA,CAAK,EAAA;AAAA,YACb,WAAW,KAAA,CAAM;AAAA,WACjB,CAAA;AAED,UAAA,OAAO,IAAI,IAAA,CAAK;AAAA,YACf,WAAA,EAAa,KAAA,CAAM,IAAA,CAAK,WAAW,EAAE,IAAA;AAAK,WAC1C,CAAA;AAAA,QACF;AAAA,OACD;AAAA,MAEA,eAAA,EAAiBA,kBAAAA;AAAA,QAChB,+BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAE,IAAA,EAAK,GAAI,oBAAA,CAAqB,GAAG,CAAA;AACzC,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,KAAA,GAAQ,eAAA,CAAgB,GAAA,CAAI,IAA+B,CAAA;AACjE,UAAA,MAAM,WAAA,GAAc,MAAM,8BAAA,CAA+B,EAAA,EAAI;AAAA,YAC5D,QAAQ,IAAA,CAAK,EAAA;AAAA,YACb,WAAW,KAAA,CAAM;AAAA,WACjB,CAAA;AAED,UAAA,OAAO,IAAI,IAAA,CAAK;AAAA,YACf,OAAA,EAAS,YAAY,GAAA,CAAI,GAAG,KAAK,WAAA,CAAY,GAAA,CAAI,GAAA,CAAI,IAAA,CAAK,UAAU;AAAA,WACpE,CAAA;AAAA,QACF;AAAA,OACD;AAAA,MAEA,gBAAA,EAAkBA,kBAAAA;AAAA,QACjB,gCAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAE,IAAA,EAAK,GAAI,oBAAA,CAAqB,GAAG,CAAA;AACzC,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,KAAA,GAAQ,eAAA,CAAgB,GAAA,CAAI,IAA+B,CAAA;AACjE,UAAA,MAAM,WAAA,GAAc,MAAM,8BAAA,CAA+B,EAAA,EAAI;AAAA,YAC5D,QAAQ,IAAA,CAAK,EAAA;AAAA,YACb,WAAW,KAAA,CAAM;AAAA,WACjB,CAAA;AACD,UAAA,MAAM,QAAA,GAAW,GAAA,CAAI,IAAA,CAAK,QAAA,IAAY,KAAA;AACtC,UAAA,MAAM,MAAA,GAAS,GAAA,CAAI,IAAA,CAAK,WAAA,CAAY,IAAA;AAAA,YACnC,CAAC,eAAe,WAAA,CAAY,GAAA,CAAI,GAAG,CAAA,IAAK,WAAA,CAAY,IAAI,UAAU;AAAA,WACnE;AACA,UAAA,MAAM,MAAA,GAAS,GAAA,CAAI,IAAA,CAAK,WAAA,CAAY,KAAA;AAAA,YACnC,CAAC,eAAe,WAAA,CAAY,GAAA,CAAI,GAAG,CAAA,IAAK,WAAA,CAAY,IAAI,UAAU;AAAA,WACnE;AAEA,UAAA,OAAO,IAAI,IAAA,CAAK;AAAA,YACf,OAAA,EAAS,QAAA,KAAa,KAAA,GAAQ,MAAA,GAAS;AAAA,WACvC,CAAA;AAAA,QACF;AAAA,OACD;AAAA;AAAA;AAAA;AAAA,MAMA,iBAAA,EAAmBA,kBAAAA;AAAA,QAClB,6BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,QAAQ,MAAM,uBAAA;AAAA,YACnB,GAAA;AAAA,YACA,EAAA;AAAA,YACA,GAAA,CAAI,IAAA;AAAA,YACJ;AAAA,WACD;AAEA,UAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAA4B;AAAA,YACjD,KAAA,EAAO,gBAAA;AAAA,YACP,KAAA,EAAO,CAAC,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YACtB,KAAA,EAAO;AAAA,WACP,CAAA;AAED,UAAA,MAAM,MAAM,IAAA,CAAK,MAAA,GAAS,CAAA,GAAI,IAAA,CAAK,CAAC,CAAA,GAAI,IAAA;AACxC,UAAA,MAAM,MAAA,GAAS;AAAA,YACd,YAAA,EAAc,KAAK,YAAA,IAAgB,SAAA;AAAA,YACnC,OAAA,EAAS,KAAK,OAAA,IAAW,SAAA;AAAA,YACzB,YAAA,EAAc,KAAK,YAAA,IAAgB,CAAA;AAAA,YACnC,QAAA,EAAU,KAAK,QAAA,IAAY,IAAA;AAAA,YAC3B,SAAA,EAAW,KAAK,SAAA,IAAa,EAAA;AAAA,YAC7B,IAAA,EAAM,KAAK,IAAA,IAAQ,OAAA;AAAA,YACnB,OAAA,EAAS,KAAK,OAAA,IAAW;AAAA,WAC1B;AAEA,UAAA,OAAO,GAAA,CAAI,KAAK,MAAM,CAAA;AAAA,QACvB;AAAA,OACD;AAAA,MAEA,kBAAA,EAAoBA,kBAAAA;AAAA,QACnB,8BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,UAAA,MAAM,QAAQ,MAAM,uBAAA;AAAA,YACnB,GAAA;AAAA,YACA,EAAA;AAAA,YACA,IAAA;AAAA,YACA;AAAA,WACD;AAGA,UAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAA4B;AAAA,YACjD,KAAA,EAAO,gBAAA;AAAA,YACP,KAAA,EAAO,CAAC,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YACtB,KAAA,EAAO;AAAA,WACP,CAAA;AAED,UAAA,MAAM,OAAA,GAAmC,EAAE,SAAA,EAAW,GAAA,EAAI;AAC1D,UAAA,IAAI,IAAA,CAAK,YAAA,KAAiB,MAAA,EAAW,OAAA,CAAQ,eAAe,IAAA,CAAK,YAAA;AACjE,UAAA,IAAI,IAAA,CAAK,OAAA,KAAY,MAAA,EAAW,OAAA,CAAQ,UAAU,IAAA,CAAK,OAAA;AACvD,UAAA,IAAI,IAAA,CAAK,YAAA,KAAiB,MAAA,EAAW,OAAA,CAAQ,eAAe,IAAA,CAAK,YAAA;AACjE,UAAA,IAAI,IAAA,CAAK,QAAA,KAAa,MAAA,EAAW,OAAA,CAAQ,WAAW,IAAA,CAAK,QAAA;AACzD,UAAA,IAAI,KAAK,SAAA,KAAc,MAAA,UAAmB,SAAA,GAAY,WAAA,CAAY,KAAK,SAAS,CAAA;AAChF,UAAA,IAAI,IAAA,CAAK,IAAA,KAAS,MAAA,EAAW,OAAA,CAAQ,OAAO,IAAA,CAAK,IAAA;AACjD,UAAA,IAAI,IAAA,CAAK,OAAA,KAAY,MAAA,EAAW,OAAA,CAAQ,UAAU,IAAA,CAAK,OAAA;AAEvD,UAAA,IAAI,MAAA;AAEJ,UAAA,IAAI,IAAA,CAAK,MAAA,GAAS,CAAA,IAAK,IAAA,CAAK,CAAC,CAAA,EAAG;AAE/B,YAAA,MAAA,GAAS,MAAM,GAAG,MAAA,CAA0B;AAAA,cAC3C,KAAA,EAAO,gBAAA;AAAA,cACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,QAAA,EAAU,IAAA,EAAM,KAAA,EAAO,IAAA,CAAK,CAAC,CAAA,CAAE,EAAA,EAAI,CAAA;AAAA,cAC1D,MAAA,EAAQ;AAAA,aACR,CAAA;AAAA,UACF,CAAA,MAAO;AAEN,YAAA,MAAA,GAAS,MAAM,GAAG,MAAA,CAA0B;AAAA,cAC3C,KAAA,EAAO,gBAAA;AAAA,cACP,IAAA,EAAM;AAAA,gBACL,GAAG,KAAA,CAAM,IAAA;AAAA,gBACT,YAAA,EAAc,KAAK,YAAA,IAAgB,SAAA;AAAA,gBACnC,OAAA,EAAS,KAAK,OAAA,IAAW,SAAA;AAAA,gBACzB,YAAA,EAAc,KAAK,YAAA,IAAgB,CAAA;AAAA,gBACnC,QAAA,EAAU,KAAK,QAAA,IAAY,IAAA;AAAA,gBAC3B,WAAW,IAAA,CAAK,SAAA,GAAY,WAAA,CAAY,IAAA,CAAK,SAAS,CAAA,GAAI,EAAA;AAAA,gBAC1D,IAAA,EAAM,KAAK,IAAA,IAAQ,OAAA;AAAA,gBACnB,OAAA,EAAS,KAAK,OAAA,IAAW,EAAA;AAAA,gBACzB,SAAA,EAAW,GAAA;AAAA,gBACX,SAAA,EAAW;AAAA;AACZ,aACA,CAAA;AAAA,UACF;AAEA,UAAA,OAAO,IAAI,IAAA,CAAK;AAAA,YACf,YAAA,EAAc,QAAQ,YAAA,IAAgB,SAAA;AAAA,YACtC,OAAA,EAAS,QAAQ,OAAA,IAAW,SAAA;AAAA,YAC5B,YAAA,EAAc,QAAQ,YAAA,IAAgB,CAAA;AAAA,YACtC,QAAA,EAAU,QAAQ,QAAA,IAAY,IAAA;AAAA,YAC9B,SAAA,EAAW,QAAQ,SAAA,IAAa,EAAA;AAAA,YAChC,IAAA,EAAM,QAAQ,IAAA,IAAQ,OAAA;AAAA,YACtB,OAAA,EAAS,QAAQ,OAAA,IAAW;AAAA,WAC5B,CAAA;AAAA,QACF;AAAA,OACD;AAAA;AAAA;AAAA;AAAA,MAMA,eAAA,EAAiBA,kBAAAA;AAAA,QAChB,4BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,QAAQ,MAAM,uBAAA;AAAA,YACnB,GAAA;AAAA,YACA,EAAA;AAAA,YACA,GAAA,CAAI,IAAA;AAAA,YACJ;AAAA,WACD;AAEA,UAAA,IAAI,MAAA,GAAS,MAAM,EAAA,CAAG,QAAA,CAAyB;AAAA,YAC9C,KAAA,EAAO,aAAA;AAAA,YACP,KAAA,EAAO,CAAC,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YACtB,KAAA,EAAO,GAAA;AAAA,YACP,MAAA,EAAQ,EAAE,KAAA,EAAO,WAAA,EAAa,WAAW,KAAA;AAAM,WAC/C,CAAA;AAGD,UAAA,IAAI,MAAA,CAAO,WAAW,CAAA,EAAG;AACxB,YAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,YAAA,KAAA,MAAW,OAAO,mBAAA,EAAqB;AACtC,cAAA,MAAM,GAAG,MAAA,CAAuB;AAAA,gBAC/B,KAAA,EAAO,aAAA;AAAA,gBACP,IAAA,EAAM;AAAA,kBACL,GAAG,KAAA,CAAM,IAAA;AAAA,kBACT,WAAW,GAAA,CAAI,SAAA;AAAA,kBACf,MAAM,GAAA,CAAI,IAAA;AAAA,kBACV,aAAa,GAAA,CAAI,WAAA;AAAA,kBACjB,OAAA,EAAS,IAAA;AAAA,kBACT,UAAU,GAAA,CAAI,QAAA;AAAA,kBACd,SAAA,EAAW,GAAA;AAAA,kBACX,SAAA,EAAW;AAAA;AACZ,eACA,CAAA;AAAA,YACF;AACA,YAAA,MAAA,GAAS,MAAM,GAAG,QAAA,CAAyB;AAAA,cAC1C,KAAA,EAAO,aAAA;AAAA,cACP,KAAA,EAAO,CAAC,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,cACtB,KAAA,EAAO,GAAA;AAAA,cACP,MAAA,EAAQ,EAAE,KAAA,EAAO,WAAA,EAAa,WAAW,KAAA;AAAM,aAC/C,CAAA;AAAA,UACF;AAEA,UAAA,MAAM,MAAA,GAAS,MAAA,CAAO,GAAA,CAAI,CAAC,CAAA,MAAO;AAAA,YACjC,IAAI,CAAA,CAAE,EAAA;AAAA,YACN,MAAM,CAAA,CAAE,IAAA;AAAA,YACR,WAAA,EAAa,EAAE,WAAA,IAAe,EAAA;AAAA,YAC9B,SAAS,CAAA,CAAE,OAAA;AAAA,YACX,UAAU,CAAA,CAAE;AAAA,WACb,CAAE,CAAA;AAEF,UAAA,OAAO,GAAA,CAAI,IAAA,CAAK,EAAE,MAAA,EAAQ,QAAQ,CAAA;AAAA,QACnC;AAAA,OACD;AAAA,MAEA,iBAAA,EAAmBA,kBAAAA;AAAA,QAClB,8BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,UAAA,MAAM,QAAQ,MAAM,uBAAA;AAAA,YACnB,GAAA;AAAA,YACA,EAAA;AAAA,YACA,IAAA;AAAA,YACA;AAAA,WACD;AAEA,UAAA,MAAM,GAAG,MAAA,CAAuB;AAAA,YAC/B,KAAA,EAAO,aAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,QAAA,EAAU,IAAA,EAAM,KAAA,EAAO,IAAA,CAAK,EAAA,EAAG,EAAG,GAAG,MAAM,KAAK,CAAA;AAAA,YACvE,MAAA,EAAQ;AAAA,cACP,SAAS,IAAA,CAAK,OAAA;AAAA,cACd,SAAA,EAAW;AAAA;AACZ,WACA,CAAA;AAGD,UAAA,MAAM,MAAA,GAAS,MAAM,EAAA,CAAG,QAAA,CAAyB;AAAA,YAChD,KAAA,EAAO,aAAA;AAAA,YACP,KAAA,EAAO,CAAC,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YACtB,KAAA,EAAO,GAAA;AAAA,YACP,MAAA,EAAQ,EAAE,KAAA,EAAO,WAAA,EAAa,WAAW,KAAA;AAAM,WAC/C,CAAA;AAED,UAAA,MAAM,MAAA,GAAS,MAAA,CAAO,GAAA,CAAI,CAAC,CAAA,MAAO;AAAA,YACjC,IAAI,CAAA,CAAE,EAAA;AAAA,YACN,MAAM,CAAA,CAAE,IAAA;AAAA,YACR,WAAA,EAAa,EAAE,WAAA,IAAe,EAAA;AAAA,YAC9B,SAAS,CAAA,CAAE,OAAA;AAAA,YACX,UAAU,CAAA,CAAE;AAAA,WACb,CAAE,CAAA;AAEF,UAAA,OAAO,GAAA,CAAI,IAAA,CAAK,EAAE,MAAA,EAAQ,QAAQ,CAAA;AAAA,QACnC;AAAA,OACD;AAAA;AAAA;AAAA;AAAA,MAMA,WAAA,EAAaA,kBAAAA;AAAA,QACZ,6BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,QAAQ,MAAM,uBAAA;AAAA,YACnB,GAAA;AAAA,YACA,EAAA;AAAA,YACA,GAAA,CAAI,IAAA;AAAA,YACJ;AAAA,WACD;AAEA,UAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAA0B;AAAA,YAC/C,KAAA,EAAO,cAAA;AAAA,YACP,KAAA,EAAO,CAAC,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YACtB,KAAA,EAAO,GAAA;AAAA,YACP,MAAA,EAAQ,EAAE,KAAA,EAAO,WAAA,EAAa,WAAW,KAAA;AAAM,WAC/C,CAAA;AAED,UAAA,MAAM,OAAA,GAAU,IAAA,CAAK,GAAA,CAAI,CAAC,CAAA,MAAO;AAAA,YAChC,IAAI,CAAA,CAAE,EAAA;AAAA,YACN,WAAW,CAAA,CAAE,SAAA;AAAA,YACb,OAAO,CAAA,CAAE,KAAA;AAAA,YACT,WAAA,EAAa,EAAE,WAAA,IAAe,EAAA;AAAA,YAC9B,OAAO,CAAA,CAAE,KAAA;AAAA,YACT,SAAA,EAAW,EAAE,SAAA,IAAa;AAAA,WAC3B,CAAE,CAAA;AAEF,UAAA,OAAO,GAAA,CAAI,IAAA,CAAK,EAAE,OAAA,EAAS,CAAA;AAAA,QAC5B;AAAA,OACD;AAAA,MAEA,UAAA,EAAYA,kBAAAA;AAAA,QACX,6BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,UAAA,MAAM,QAAQ,MAAM,uBAAA;AAAA,YACnB,GAAA;AAAA,YACA,EAAA;AAAA,YACA,IAAA;AAAA,YACA;AAAA,WACD;AAGA,UAAA,MAAM,QAAA,GAAW,MAAM,EAAA,CAAG,QAAA,CAA0B;AAAA,YACnD,KAAA,EAAO,cAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,WAAA,EAAa,KAAA,EAAO,IAAA,CAAK,SAAA,EAAU,EAAG,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YACrE,KAAA,EAAO;AAAA,WACP,CAAA;AAED,UAAA,IAAI,QAAA,CAAS,MAAA,GAAS,CAAA,IAAK,QAAA,CAAS,CAAC,CAAA,EAAG;AACvC,YAAA,MAAM,GAAG,MAAA,CAAwB;AAAA,cAChC,KAAA,EAAO,cAAA;AAAA,cACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,QAAA,EAAU,IAAA,EAAM,KAAA,EAAO,QAAA,CAAS,CAAC,CAAA,CAAE,EAAA,EAAI,CAAA;AAAA,cAC9D,MAAA,EAAQ;AAAA,gBACP,OAAO,IAAA,CAAK,KAAA;AAAA,gBACZ,WAAA,EAAa,KAAK,WAAA,IAAe,EAAA;AAAA,gBACjC,OAAO,IAAA,CAAK,KAAA;AAAA,gBACZ,SAAA,EAAW,IAAA,CAAK,SAAA,IAAa,QAAA,CAAS,CAAC,CAAA,CAAE,SAAA;AAAA,gBACzC,SAAA,EAAW;AAAA;AACZ,aACA,CAAA;AAAA,UACF,CAAA,MAAO;AACN,YAAA,MAAM,GAAG,MAAA,CAAwB;AAAA,cAChC,KAAA,EAAO,cAAA;AAAA,cACP,IAAA,EAAM;AAAA,gBACL,GAAG,KAAA,CAAM,IAAA;AAAA,gBACT,WAAW,IAAA,CAAK,SAAA;AAAA,gBAChB,OAAO,IAAA,CAAK,KAAA;AAAA,gBACZ,WAAA,EAAa,KAAK,WAAA,IAAe,EAAA;AAAA,gBACjC,OAAO,IAAA,CAAK,KAAA;AAAA,gBACZ,SAAA,EAAW,KAAK,SAAA,IAAa,KAAA;AAAA,gBAC7B,SAAA,EAAW,GAAA;AAAA,gBACX,SAAA,EAAW;AAAA;AACZ,aACA,CAAA;AAAA,UACF;AAEA,UAAA,OAAO,GAAA,CAAI,IAAA,CAAK,EAAE,OAAA,EAAS,MAAM,CAAA;AAAA,QAClC;AAAA,OACD;AAAA,MAEA,YAAA,EAAcA,kBAAAA;AAAA,QACb,+BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,QAAQ,MAAM,uBAAA;AAAA,YACnB,GAAA;AAAA,YACA,EAAA;AAAA,YACA,IAAA;AAAA,YACA;AAAA,WACD;AAEA,UAAA,MAAM,GAAG,MAAA,CAAO;AAAA,YACf,KAAA,EAAO,cAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,WAAA,EAAa,KAAA,EAAO,IAAA,CAAK,SAAA,EAAU,EAAG,GAAG,KAAA,CAAM,KAAK;AAAA,WACrE,CAAA;AAED,UAAA,OAAO,GAAA,CAAI,IAAA,CAAK,EAAE,OAAA,EAAS,MAAM,CAAA;AAAA,QAClC;AAAA,OACD;AAAA;AAAA;AAAA;AAAA,MAMA,YAAA,EAAcA,kBAAAA;AAAA,QACb,8BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,QAAQ,MAAM,uBAAA;AAAA,YACnB,GAAA;AAAA,YACA,EAAA;AAAA,YACA,GAAA,CAAI,IAAA;AAAA,YACJ;AAAA,WACD;AAEA,UAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAA4B;AAAA,YACjD,KAAA,EAAO,gBAAA;AAAA,YACP,KAAA,EAAO,CAAC,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YACtB,KAAA,EAAO;AAAA,WACP,CAAA;AAED,UAAA,IAAI,KAAK,MAAA,GAAS,CAAA,IAAK,IAAA,CAAK,CAAC,GAAG,UAAA,EAAY;AAC3C,YAAA,OAAO,GAAA,CAAI,KAAK,IAAA,CAAK,KAAA,CAAM,KAAK,CAAC,CAAA,CAAE,UAAU,CAAC,CAAA;AAAA,UAC/C;AAEA,UAAA,OAAO,GAAA,CAAI,IAAA,CAAK,EAAE,CAAA;AAAA,QACnB;AAAA,OACD;AAAA,MAEA,aAAA,EAAeA,kBAAAA;AAAA,QACd,+BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,UAAA,MAAM,UAAA,GAAa,IAAA,CAAK,SAAA,CAAU,IAAA,CAAK,MAAM,CAAA;AAC7C,UAAA,MAAM,QAAQ,MAAM,uBAAA;AAAA,YACnB,GAAA;AAAA,YACA,EAAA;AAAA,YACA,IAAA;AAAA,YACA;AAAA,WACD;AAEA,UAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAA4B;AAAA,YACjD,KAAA,EAAO,gBAAA;AAAA,YACP,KAAA,EAAO,CAAC,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YACtB,KAAA,EAAO;AAAA,WACP,CAAA;AAED,UAAA,IAAI,IAAA,CAAK,MAAA,GAAS,CAAA,IAAK,IAAA,CAAK,CAAC,CAAA,EAAG;AAC/B,YAAA,MAAM,GAAG,MAAA,CAA0B;AAAA,cAClC,KAAA,EAAO,gBAAA;AAAA,cACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,QAAA,EAAU,IAAA,EAAM,KAAA,EAAO,IAAA,CAAK,CAAC,CAAA,CAAE,EAAA,EAAI,CAAA;AAAA,cAC1D,MAAA,EAAQ,EAAE,UAAA,EAAY,SAAA,EAAW,GAAA;AAAI,aACrC,CAAA;AAAA,UACF,CAAA,MAAO;AACN,YAAA,MAAM,GAAG,MAAA,CAA0B;AAAA,cAClC,KAAA,EAAO,gBAAA;AAAA,cACP,IAAA,EAAM;AAAA,gBACL,GAAG,KAAA,CAAM,IAAA;AAAA,gBACT,UAAA;AAAA,gBACA,SAAA,EAAW,GAAA;AAAA,gBACX,SAAA,EAAW;AAAA;AACZ,aACA,CAAA;AAAA,UACF;AAEA,UAAA,OAAO,GAAA,CAAI,IAAA,CAAK,IAAA,CAAK,MAAM,CAAA;AAAA,QAC5B;AAAA,OACD;AAAA;AAAA;AAAA;AAAA,MAMA,WAAA,EAAaA,kBAAAA;AAAA,QACZ,6BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,QAAQ,MAAM,uBAAA;AAAA,YACnB,GAAA;AAAA,YACA,EAAA;AAAA,YACA,GAAA,CAAI,IAAA;AAAA,YACJ;AAAA,WACD;AAEA,UAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAA0B;AAAA,YAC/C,KAAA,EAAO,cAAA;AAAA,YACP,KAAA,EAAO,CAAC,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YACtB,KAAA,EAAO,GAAA;AAAA,YACP,MAAA,EAAQ,EAAE,KAAA,EAAO,WAAA,EAAa,WAAW,KAAA;AAAM,WAC/C,CAAA;AAED,UAAA,MAAM,OAAA,GAAU,IAAA,CAAK,GAAA,CAAI,CAAC,CAAA,MAAO;AAAA,YAChC,IAAI,CAAA,CAAE,EAAA;AAAA,YACN,MAAM,CAAA,CAAE,IAAA;AAAA,YACR,WAAA,EAAa,EAAE,WAAA,IAAe,EAAA;AAAA,YAC9B,cAAc,CAAA,CAAE,YAAA;AAAA,YAChB,YAAY,CAAA,CAAE,UAAA;AAAA,YACd,WAAW,IAAI,IAAA,CAAK,CAAA,CAAE,SAAS,EAAE,WAAA;AAAY,WAC9C,CAAE,CAAA;AAEF,UAAA,OAAO,GAAA,CAAI,IAAA,CAAK,EAAE,OAAA,EAAS,CAAA;AAAA,QAC5B;AAAA,OACD;AAAA,MAEA,YAAA,EAAcA,kBAAAA;AAAA,QACb,+BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,UAAA,MAAM,QAAQ,MAAM,uBAAA;AAAA,YACnB,GAAA;AAAA,YACA,EAAA;AAAA,YACA,IAAA;AAAA,YACA;AAAA,WACD;AAEA,UAAA,MAAM,MAAA,GAAS,MAAM,EAAA,CAAG,MAAA,CAAwB;AAAA,YAC/C,KAAA,EAAO,cAAA;AAAA,YACP,IAAA,EAAM;AAAA,cACL,GAAG,KAAA,CAAM,IAAA;AAAA,cACT,MAAM,IAAA,CAAK,IAAA;AAAA,cACX,WAAA,EAAa,KAAK,WAAA,IAAe,EAAA;AAAA,cACjC,cAAc,IAAA,CAAK,YAAA;AAAA,cACnB,YAAY,IAAA,CAAK,UAAA;AAAA,cACjB,SAAA,EAAW,GAAA;AAAA,cACX,SAAA,EAAW;AAAA;AACZ,WACA,CAAA;AAED,UAAA,OAAO,IAAI,IAAA,CAAK;AAAA,YACf,MAAA,EAAQ;AAAA,cACP,IAAI,MAAA,CAAO,EAAA;AAAA,cACX,MAAM,MAAA,CAAO,IAAA;AAAA,cACb,WAAA,EAAa,OAAO,WAAA,IAAe,EAAA;AAAA,cACnC,cAAc,MAAA,CAAO,YAAA;AAAA,cACrB,YAAY,MAAA,CAAO,UAAA;AAAA,cACnB,SAAA,EAAW,IAAI,IAAA,CAAK,GAAG,EAAE,WAAA;AAAY;AACtC,WACA,CAAA;AAAA,QACF;AAAA,OACD;AAAA,MAEA,YAAA,EAAcA,kBAAAA;AAAA,QACb,+BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,QAAQ,MAAM,uBAAA;AAAA,YACnB,GAAA;AAAA,YACA,EAAA;AAAA,YACA,IAAA;AAAA,YACA;AAAA,WACD;AAEA,UAAA,MAAM,GAAG,MAAA,CAAO;AAAA,YACf,KAAA,EAAO,cAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,QAAA,EAAU,IAAA,EAAM,KAAA,EAAO,IAAA,CAAK,EAAA,EAAG,EAAG,GAAG,MAAM,KAAK;AAAA,WACvE,CAAA;AAED,UAAA,OAAO,GAAA,CAAI,IAAA,CAAK,EAAE,OAAA,EAAS,MAAM,CAAA;AAAA,QAClC;AAAA,OACD;AAAA;AAAA;AAAA;AAAA,MAMA,cAAA,EAAgBA,kBAAAA;AAAA,QACf,0BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,QAAQ,MAAM,uBAAA;AAAA,YACnB,GAAA;AAAA,YACA,EAAA;AAAA,YACA,GAAA,CAAI,IAAA;AAAA,YACJ;AAAA,WACD;AAEA,UAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAAyB;AAAA,YAC9C,KAAA,EAAO,aAAA;AAAA,YACP,KAAA,EAAO,CAAC,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YACtB,KAAA,EAAO;AAAA,WACP,CAAA;AAED,UAAA,MAAM,QAAA,GAAW;AAAA,YAChB,OAAA,EAAS,KAAA;AAAA,YACT,qBAAA,EAAuB,IAAA;AAAA,YACvB,oBAAA,EAAsB,IAAA;AAAA,YACtB,YAAA,EAAc,KAAA;AAAA,YACd,YAAA,EAAc,KAAA;AAAA,YACd,WAAA,EAAa,IAAA;AAAA,YACb,wBAAwB;AAAC,WAC1B;AAEA,UAAA,IAAI,KAAK,MAAA,GAAS,CAAA,IAAK,IAAA,CAAK,CAAC,GAAG,UAAA,EAAY;AAC3C,YAAA,OAAO,GAAA,CAAI,IAAA,CAAK,EAAE,GAAG,QAAA,EAAU,GAAG,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,CAAC,CAAA,CAAE,UAAU,GAAG,CAAA;AAAA,UACnE;AAEA,UAAA,OAAO,GAAA,CAAI,KAAK,QAAQ,CAAA;AAAA,QACzB;AAAA,OACD;AAAA,MAEA,eAAA,EAAiBA,kBAAAA;AAAA,QAChB,2BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,UAAA,MAAM,QAAQ,MAAM,uBAAA;AAAA,YACnB,GAAA;AAAA,YACA,EAAA;AAAA,YACA,IAAA;AAAA,YACA;AAAA,WACD;AAGA,UAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAAyB;AAAA,YAC9C,KAAA,EAAO,aAAA;AAAA,YACP,KAAA,EAAO,CAAC,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YACtB,KAAA,EAAO;AAAA,WACP,CAAA;AAED,UAAA,MAAM,QAAA,GACL,IAAA,CAAK,MAAA,GAAS,CAAA,IAAK,KAAK,CAAC,CAAA,EAAG,UAAA,GACxB,IAAA,CAAK,MAAM,IAAA,CAAK,CAAC,CAAA,CAAE,UAAU,IAC9B,EAAC;AAGL,UAAA,MAAM,EAAE,SAAA,EAAW,EAAA,EAAI,GAAG,UAAS,GAAI,IAAA;AACvC,UAAA,MAAM,MAAA,GAAS,EAAE,GAAG,QAAA,EAAU,GAAG,QAAA,EAAS;AAC1C,UAAA,MAAM,UAAA,GAAa,IAAA,CAAK,SAAA,CAAU,MAAM,CAAA;AAExC,UAAA,IAAI,IAAA,CAAK,MAAA,GAAS,CAAA,IAAK,IAAA,CAAK,CAAC,CAAA,EAAG;AAC/B,YAAA,MAAM,GAAG,MAAA,CAAuB;AAAA,cAC/B,KAAA,EAAO,aAAA;AAAA,cACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,QAAA,EAAU,IAAA,EAAM,KAAA,EAAO,IAAA,CAAK,CAAC,CAAA,CAAE,EAAA,EAAI,CAAA;AAAA,cAC1D,MAAA,EAAQ,EAAE,UAAA,EAAY,SAAA,EAAW,GAAA;AAAI,aACrC,CAAA;AAAA,UACF,CAAA,MAAO;AACN,YAAA,MAAM,GAAG,MAAA,CAAuB;AAAA,cAC/B,KAAA,EAAO,aAAA;AAAA,cACP,IAAA,EAAM;AAAA,gBACL,GAAG,KAAA,CAAM,IAAA;AAAA,gBACT,UAAA;AAAA,gBACA,SAAA,EAAW,GAAA;AAAA,gBACX,SAAA,EAAW;AAAA;AACZ,aACA,CAAA;AAAA,UACF;AAEA,UAAA,OAAO,GAAA,CAAI,KAAK,MAAM,CAAA;AAAA,QACvB;AAAA,OACD;AAAA;AAAA;AAAA;AAAA,MAMA,sBAAA,EAAwBA,kBAAAA;AAAA,QACvB,oCAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,QAAQ,MAAM,uBAAA;AAAA,YACnB,GAAA;AAAA,YACA,EAAA;AAAA,YACA,GAAA,CAAI,IAAA;AAAA,YACJ;AAAA,WACD;AAEA,UAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAAiC;AAAA,YACtD,KAAA,EAAO,qBAAA;AAAA,YACP,KAAA,EAAO,CAAC,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YACtB,KAAA,EAAO;AAAA,WACP,CAAA;AAED,UAAA,IAAI,KAAK,MAAA,GAAS,CAAA,IAAK,IAAA,CAAK,CAAC,GAAG,UAAA,EAAY;AAC3C,YAAA,OAAO,GAAA,CAAI,KAAK,IAAA,CAAK,KAAA,CAAM,KAAK,CAAC,CAAA,CAAE,UAAU,CAAC,CAAA;AAAA,UAC/C;AAEA,UAAA,OAAO,GAAA,CAAI,KAAK,EAAE,SAAA,EAAW,EAAC,EAAG,cAAA,EAAgB,MAAM,CAAA;AAAA,QACxD;AAAA,OACD;AAAA,MAEA,uBAAA,EAAyBA,kBAAAA;AAAA,QACxB,qCAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,UAAA,MAAM,QAAQ,MAAM,uBAAA;AAAA,YACnB,GAAA;AAAA,YACA,EAAA;AAAA,YACA,IAAA;AAAA,YACA;AAAA,WACD;AAGA,UAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAAiC;AAAA,YACtD,KAAA,EAAO,qBAAA;AAAA,YACP,KAAA,EAAO,CAAC,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YACtB,KAAA,EAAO;AAAA,WACP,CAAA;AAED,UAAA,MAAM,QAAA,GACL,KAAK,MAAA,GAAS,CAAA,IAAK,KAAK,CAAC,CAAA,EAAG,aACxB,IAAA,CAAK,KAAA,CAAM,KAAK,CAAC,CAAA,CAAE,UAAU,CAAA,GAC9B,EAAE,WAAW,EAAC,EAAG,gBAAgB,IAAA,EAAK;AAG1C,UAAA,MAAM,iBAAA,GAAqB,QAAA,CAAS,SAAA,IAAa,EAAC;AAClD,UAAA,MAAM,eAAA,GAAkB;AAAA,YACvB,GAAG,iBAAA;AAAA,YACH,GAAI,IAAA,CAAK,SAAA,IAAa;AAAC,WACxB;AACA,UAAA,MAAM,MAAA,GAAS;AAAA,YACd,GAAG,QAAA;AAAA,YACH,SAAA,EAAW,eAAA;AAAA,YACX,gBACC,IAAA,CAAK,cAAA,KAAmB,MAAA,GAAY,IAAA,CAAK,iBAAiB,QAAA,CAAS;AAAA,WACrE;AACA,UAAA,MAAM,UAAA,GAAa,IAAA,CAAK,SAAA,CAAU,MAAM,CAAA;AAExC,UAAA,IAAI,IAAA,CAAK,MAAA,GAAS,CAAA,IAAK,IAAA,CAAK,CAAC,CAAA,EAAG;AAC/B,YAAA,MAAM,GAAG,MAAA,CAA+B;AAAA,cACvC,KAAA,EAAO,qBAAA;AAAA,cACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,QAAA,EAAU,IAAA,EAAM,KAAA,EAAO,IAAA,CAAK,CAAC,CAAA,CAAE,EAAA,EAAI,CAAA;AAAA,cAC1D,MAAA,EAAQ,EAAE,UAAA,EAAY,SAAA,EAAW,GAAA;AAAI,aACrC,CAAA;AAAA,UACF,CAAA,MAAO;AACN,YAAA,MAAM,GAAG,MAAA,CAA+B;AAAA,cACvC,KAAA,EAAO,qBAAA;AAAA,cACP,IAAA,EAAM;AAAA,gBACL,GAAG,KAAA,CAAM,IAAA;AAAA,gBACT,UAAA;AAAA,gBACA,SAAA,EAAW,GAAA;AAAA,gBACX,SAAA,EAAW;AAAA;AACZ,aACA,CAAA;AAAA,UACF;AAEA,UAAA,OAAO,GAAA,CAAI,KAAK,MAAM,CAAA;AAAA,QACvB;AAAA,OACD;AAAA;AAAA;AAAA;AAAA,MAMA,iBAAA,EAAmBA,kBAAAA;AAAA,QAClB,oCAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,QAAQ,MAAM,uBAAA;AAAA,YACnB,GAAA;AAAA,YACA,EAAA;AAAA,YACA,GAAA,CAAI,IAAA;AAAA,YACJ;AAAA,WACD;AAEA,UAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAA0B;AAAA,YAC/C,KAAA,EAAO,cAAA;AAAA,YACP,KAAA,EAAO,CAAC,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YACtB,KAAA,EAAO,GAAA;AAAA,YACP,MAAA,EAAQ,EAAE,KAAA,EAAO,WAAA,EAAa,WAAW,KAAA;AAAM,WAC/C,CAAA;AAED,UAAA,MAAM,aAAA,GAAgB,IAAA,CAAK,GAAA,CAAI,CAAC,CAAA,MAAO;AAAA,YACtC,IAAI,CAAA,CAAE,EAAA;AAAA,YACN,MAAM,CAAA,CAAE,IAAA;AAAA,YACR,MAAM,CAAA,CAAE,IAAA;AAAA,YACR,WAAA,EAAa,EAAE,WAAA,IAAe,EAAA;AAAA,YAC9B,WAAW,IAAI,IAAA,CAAK,CAAA,CAAE,SAAS,EAAE,WAAA;AAAY,WAC9C,CAAE,CAAA;AAEF,UAAA,OAAO,GAAA,CAAI,IAAA,CAAK,EAAE,aAAA,EAAe,CAAA;AAAA,QAClC;AAAA,OACD;AAAA,MAEA,kBAAA,EAAoBA,kBAAAA;AAAA,QACnB,sCAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,UAAA,MAAM,QAAQ,MAAM,uBAAA;AAAA,YACnB,GAAA;AAAA,YACA,EAAA;AAAA,YACA,IAAA;AAAA,YACA;AAAA,WACD;AAGA,UAAA,MAAM,QAAA,GAAW,MAAM,EAAA,CAAG,QAAA,CAA0B;AAAA,YACnD,KAAA,EAAO,cAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,MAAA,EAAQ,KAAA,EAAO,IAAA,CAAK,IAAA,EAAK,EAAG,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YAC3D,KAAA,EAAO;AAAA,WACP,CAAA;AACD,UAAA,IAAI,QAAA,CAAS,SAAS,CAAA,EAAG;AACxB,YAAA,MAAM,GAAA,CAAI,MAAM,UAAA,EAAY;AAAA,cAC3B,OAAA,EAAS;AAAA,aACT,CAAA;AAAA,UACF;AAEA,UAAA,MAAM,YAAA,GAAe,MAAM,EAAA,CAAG,MAAA,CAAwB;AAAA,YACrD,KAAA,EAAO,cAAA;AAAA,YACP,IAAA,EAAM;AAAA,cACL,GAAG,KAAA,CAAM,IAAA;AAAA,cACT,MAAM,IAAA,CAAK,IAAA;AAAA,cACX,MAAM,IAAA,CAAK,IAAA;AAAA,cACX,WAAA,EAAa,KAAK,WAAA,IAAe,EAAA;AAAA,cACjC,SAAA,EAAW,GAAA;AAAA,cACX,SAAA,EAAW;AAAA;AACZ,WACA,CAAA;AAED,UAAA,OAAO,IAAI,IAAA,CAAK;AAAA,YACf,YAAA,EAAc;AAAA,cACb,IAAI,YAAA,CAAa,EAAA;AAAA,cACjB,MAAM,YAAA,CAAa,IAAA;AAAA,cACnB,MAAM,YAAA,CAAa,IAAA;AAAA,cACnB,WAAA,EAAa,aAAa,WAAA,IAAe,EAAA;AAAA,cACzC,SAAA,EAAW,IAAI,IAAA,CAAK,GAAG,EAAE,WAAA;AAAY;AACtC,WACA,CAAA;AAAA,QACF;AAAA,OACD;AAAA,MAEA,kBAAA,EAAoBA,kBAAAA;AAAA,QACnB,sCAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,QAAQ,MAAM,uBAAA;AAAA,YACnB,GAAA;AAAA,YACA,EAAA;AAAA,YACA,IAAA;AAAA,YACA;AAAA,WACD;AAEA,UAAA,MAAM,GAAG,MAAA,CAAO;AAAA,YACf,KAAA,EAAO,cAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,QAAA,EAAU,IAAA,EAAM,KAAA,EAAO,IAAA,CAAK,EAAA,EAAG,EAAG,GAAG,MAAM,KAAK;AAAA,WACvE,CAAA;AAED,UAAA,OAAO,GAAA,CAAI,IAAA,CAAK,EAAE,OAAA,EAAS,MAAM,CAAA;AAAA,QAClC;AAAA,OACD;AAAA;AAAA;AAAA;AAAA,MAMA,cAAA,EAAgBA,kBAAAA;AAAA,QACf,2BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,QAAQ,MAAM,uBAAA;AAAA,YACnB,GAAA;AAAA,YACA,EAAA;AAAA,YACA,GAAA,CAAI,IAAA;AAAA,YACJ;AAAA,WACD;AAEA,UAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAAyB;AAAA,YAC9C,KAAA,EAAO,aAAA;AAAA,YACP,KAAA,EAAO,CAAC,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YACtB,KAAA,EAAO;AAAA,WACP,CAAA;AAED,UAAA,IAAI,KAAK,MAAA,GAAS,CAAA,IAAK,IAAA,CAAK,CAAC,GAAG,UAAA,EAAY;AAC3C,YAAA,OAAO,GAAA,CAAI,KAAK,IAAA,CAAK,KAAA,CAAM,KAAK,CAAC,CAAA,CAAE,UAAU,CAAC,CAAA;AAAA,UAC/C;AAEA,UAAA,OAAO,IAAI,IAAA,CAAK,EAAE,MAAA,EAAQ,IAAI,CAAA;AAAA,QAC/B;AAAA,OACD;AAAA,MAEA,eAAA,EAAiBA,kBAAAA;AAAA,QAChB,4BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,UAAA,MAAM,QAAQ,MAAM,uBAAA;AAAA,YACnB,GAAA;AAAA,YACA,EAAA;AAAA,YACA,IAAA;AAAA,YACA;AAAA,WACD;AAEA,UAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAAyB;AAAA,YAC9C,KAAA,EAAO,aAAA;AAAA,YACP,KAAA,EAAO,CAAC,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YACtB,KAAA,EAAO;AAAA,WACP,CAAA;AAED,UAAA,MAAM,WACL,IAAA,CAAK,MAAA,GAAS,KAAK,IAAA,CAAK,CAAC,GAAG,UAAA,GACxB,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,CAAC,CAAA,CAAE,UAAU,IAG9B,EAAE,MAAA,EAAQ,EAAC,EAAE;AAEjB,UAAA,MAAM,MAAA,GAAS;AAAA,YACd,MAAA,EAAQ,EAAE,GAAI,QAAA,CAAS,UAAU,EAAC,EAAI,GAAG,IAAA,CAAK,MAAA;AAAO,WACtD;AACA,UAAA,MAAM,UAAA,GAAa,IAAA,CAAK,SAAA,CAAU,MAAM,CAAA;AAExC,UAAA,IAAI,IAAA,CAAK,MAAA,GAAS,CAAA,IAAK,IAAA,CAAK,CAAC,CAAA,EAAG;AAC/B,YAAA,MAAM,GAAG,MAAA,CAAuB;AAAA,cAC/B,KAAA,EAAO,aAAA;AAAA,cACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,QAAA,EAAU,IAAA,EAAM,KAAA,EAAO,IAAA,CAAK,CAAC,CAAA,CAAE,EAAA,EAAI,CAAA;AAAA,cAC1D,MAAA,EAAQ,EAAE,UAAA,EAAY,SAAA,EAAW,GAAA;AAAI,aACrC,CAAA;AAAA,UACF,CAAA,MAAO;AACN,YAAA,MAAM,GAAG,MAAA,CAAuB;AAAA,cAC/B,KAAA,EAAO,aAAA;AAAA,cACP,IAAA,EAAM;AAAA,gBACL,GAAG,KAAA,CAAM,IAAA;AAAA,gBACT,UAAA;AAAA,gBACA,SAAA,EAAW,GAAA;AAAA,gBACX,SAAA,EAAW;AAAA;AACZ,aACA,CAAA;AAAA,UACF;AAEA,UAAA,OAAO,GAAA,CAAI,KAAK,MAAM,CAAA;AAAA,QACvB;AAAA,OACD;AAAA;AAAA;AAAA;AAAA,MAMA,oBAAA,EAAsBA,kBAAAA;AAAA,QACrB,gCAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,QAAQ,MAAM,uBAAA,CAAwB,GAAA,EAAK,EAAA,EAAI,MAAM,gBAAgB,CAAA;AAE3E,UAAA,MAAM,GAAA,GAAM,MAAM,wBAAA,CAAyB,EAAA,EAAI,MAAM,SAAS,CAAA;AAG9D,UAAA,MAAM,SAAA,GAAY,GAAA;AAClB,UAAA,MAAM,UAAA,GAAc,UAAU,iBAAA,IAAqB;AAAA,YAClD,cAAA,EAAgB,KAAA;AAAA,YAChB,aAAA,EAAe,KAAA;AAAA,YACf,iBAAA,EAAmB;AAAA,WACpB;AAEA,UAAA,OAAO,GAAA,CAAI,KAAK,UAAU,CAAA;AAAA,QAC3B;AAAA,OACD;AAAA,MAEA,qBAAA,EAAuBA,kBAAAA;AAAA,QACtB,iCAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,UAAA,MAAM,QAAQ,MAAM,uBAAA;AAAA,YACnB,GAAA;AAAA,YACA,EAAA;AAAA,YACA,IAAA;AAAA,YACA;AAAA,WACD;AAEA,UAAA,MAAM,GAAA,GAAM,MAAM,wBAAA,CAAyB,EAAA,EAAI,MAAM,SAAS,CAAA;AAG9D,UAAA,MAAM,SAAA,GAAY,GAAA;AAClB,UAAA,MAAM,QAAA,GAAY,UAAU,iBAAA,IAAqB;AAAA,YAChD,cAAA,EAAgB,KAAA;AAAA,YAChB,aAAA,EAAe,KAAA;AAAA,YACf,iBAAA,EAAmB;AAAA,WACpB;AAEA,UAAA,MAAM,MAAA,GAAS,EAAE,GAAG,QAAA,EAAS;AAC7B,UAAA,IAAI,IAAA,CAAK,cAAA,KAAmB,MAAA,EAAW,MAAA,CAAO,iBAAiB,IAAA,CAAK,cAAA;AACpE,UAAA,IAAI,IAAA,CAAK,aAAA,KAAkB,MAAA,EAAW,MAAA,CAAO,gBAAgB,IAAA,CAAK,aAAA;AAClE,UAAA,IAAI,KAAK,iBAAA,KAAsB,MAAA;AAC9B,YAAA,MAAA,CAAO,oBAAoB,IAAA,CAAK,iBAAA;AAEjC,UAAA,SAAA,CAAU,iBAAA,GAAoB,MAAA;AAG9B,UAAA,IAAI;AACH,YAAA,MAAM,UAAA,GAAa,IAAA,CAAK,SAAA,CAAU,GAAG,CAAA;AACrC,YAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAA6B;AAAA,cAClD,KAAA,EAAO,iBAAA;AAAA,cACP,KAAA,EAAO,CAAC,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,cACtB,KAAA,EAAO;AAAA,aACP,CAAA;AAED,YAAA,IAAI,IAAA,CAAK,MAAA,GAAS,CAAA,IAAK,IAAA,CAAK,CAAC,CAAA,EAAG;AAC/B,cAAA,MAAM,GAAG,MAAA,CAA2B;AAAA,gBACnC,KAAA,EAAO,iBAAA;AAAA,gBACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,QAAA,EAAU,IAAA,EAAM,KAAA,EAAO,IAAA,CAAK,CAAC,CAAA,CAAE,EAAA,EAAI,CAAA;AAAA,gBAC1D,MAAA,EAAQ,EAAE,UAAA,EAAY,SAAA,EAAW,GAAA;AAAI,eACrC,CAAA;AAAA,YACF,CAAA,MAAO;AACN,cAAA,MAAM,GAAG,MAAA,CAA2B;AAAA,gBACnC,KAAA,EAAO,iBAAA;AAAA,gBACP,IAAA,EAAM;AAAA,kBACL,GAAG,KAAA,CAAM,IAAA;AAAA,kBACT,UAAA;AAAA,kBACA,SAAA,EAAW,GAAA;AAAA,kBACX,SAAA,EAAW;AAAA;AACZ,eACA,CAAA;AAAA,YACF;AAAA,UACD,CAAA,CAAA,MAAQ;AAAA,UAER;AAEA,UAAA,OAAO,GAAA,CAAI,KAAK,MAAM,CAAA;AAAA,QACvB;AAAA,OACD;AAAA;AAAA;AAAA;AAAA,MAMA,gBAAA,EAAkBA,kBAAAA;AAAA,QACjB,4BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,QAAQ,MAAM,uBAAA;AAAA,YACnB,GAAA;AAAA,YACA,EAAA;AAAA,YACA,GAAA,CAAI,IAAA;AAAA,YACJ;AAAA,WACD;AAEA,UAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAA2B;AAAA,YAChD,KAAA,EAAO,eAAA;AAAA,YACP,KAAA,EAAO,CAAC,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YACtB,KAAA,EAAO;AAAA,WACP,CAAA;AAED,UAAA,MAAM,QAAA,GAAW;AAAA,YAChB,WAAA,EAAa,mBAAA;AAAA,YACb,kBAAA,EAAoB,EAAA;AAAA,YACpB,QAAA,EAAU,GAAA,CAAI,OAAA,CAAQ,OAAA,IAAW;AAAA,WAClC;AAEA,UAAA,IAAI,KAAK,MAAA,GAAS,CAAA,IAAK,IAAA,CAAK,CAAC,GAAG,UAAA,EAAY;AAC3C,YAAA,MAAM,QAAQ,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,CAAC,EAAE,UAAU,CAAA;AAC3C,YAAA,OAAO,IAAI,IAAA,CAAK;AAAA,cACf,WAAA,EAAc,KAAA,CAAM,WAAA,IAA0B,QAAA,CAAS,WAAA;AAAA,cACvD,kBAAA,EACE,KAAA,CAAM,kBAAA,IAAiC,QAAA,CAAS,kBAAA;AAAA,cAClD,UAAU,QAAA,CAAS;AAAA,aACnB,CAAA;AAAA,UACF;AAEA,UAAA,OAAO,GAAA,CAAI,KAAK,QAAQ,CAAA;AAAA,QACzB;AAAA,OACD;AAAA,MAEA,iBAAA,EAAmBA,kBAAAA;AAAA,QAClB,6BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,UAAA,MAAM,QAAQ,MAAM,uBAAA;AAAA,YACnB,GAAA;AAAA,YACA,EAAA;AAAA,YACA,IAAA;AAAA,YACA;AAAA,WACD;AAGA,UAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAA2B;AAAA,YAChD,KAAA,EAAO,eAAA;AAAA,YACP,KAAA,EAAO,CAAC,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YACtB,KAAA,EAAO;AAAA,WACP,CAAA;AAED,UAAA,MAAM,QAAA,GACL,IAAA,CAAK,MAAA,GAAS,CAAA,IAAK,KAAK,CAAC,CAAA,EAAG,UAAA,GACxB,IAAA,CAAK,MAAM,IAAA,CAAK,CAAC,CAAA,CAAE,UAAU,IAC9B,EAAC;AAEL,UAAA,MAAM,MAAA,GAAS,EAAE,GAAG,QAAA,EAAS;AAC7B,UAAA,IAAI,IAAA,CAAK,WAAA,KAAgB,MAAA,EAAW,MAAA,CAAO,cAAc,IAAA,CAAK,WAAA;AAC9D,UAAA,IAAI,KAAK,kBAAA,KAAuB,MAAA;AAC/B,YAAA,MAAA,CAAO,qBAAqB,IAAA,CAAK,kBAAA;AAElC,UAAA,MAAM,UAAA,GAAa,IAAA,CAAK,SAAA,CAAU,MAAM,CAAA;AAExC,UAAA,IAAI,IAAA,CAAK,MAAA,GAAS,CAAA,IAAK,IAAA,CAAK,CAAC,CAAA,EAAG;AAC/B,YAAA,MAAM,GAAG,MAAA,CAAyB;AAAA,cACjC,KAAA,EAAO,eAAA;AAAA,cACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,QAAA,EAAU,IAAA,EAAM,KAAA,EAAO,IAAA,CAAK,CAAC,CAAA,CAAE,EAAA,EAAI,CAAA;AAAA,cAC1D,MAAA,EAAQ,EAAE,UAAA,EAAY,SAAA,EAAW,GAAA;AAAI,aACrC,CAAA;AAAA,UACF,CAAA,MAAO;AACN,YAAA,MAAM,GAAG,MAAA,CAAyB;AAAA,cACjC,KAAA,EAAO,eAAA;AAAA,cACP,IAAA,EAAM;AAAA,gBACL,GAAG,KAAA,CAAM,IAAA;AAAA,gBACT,UAAA;AAAA,gBACA,SAAA,EAAW,GAAA;AAAA,gBACX,SAAA,EAAW;AAAA;AACZ,aACA,CAAA;AAAA,UACF;AAEA,UAAA,OAAO,IAAI,IAAA,CAAK;AAAA,YACf,WAAA,EAAc,OAAO,WAAA,IAA0B,mBAAA;AAAA,YAC/C,kBAAA,EAAqB,OAAO,kBAAA,IAAiC,EAAA;AAAA,YAC7D,QAAA,EAAU,GAAA,CAAI,OAAA,CAAQ,OAAA,IAAW;AAAA,WACjC,CAAA;AAAA,QACF;AAAA;AACD;AACD,GACD;AACD;ACpjFA,IAAM,UAAA,GAAa,oBAAA;AACnB,IAAM,WAAA,GAAc,CAAA,GAAI,EAAA,GAAK,EAAA,GAAK,EAAA,GAAK,GAAA;AAEvC,IAAM,wBAAA,GAA2BF,EAC/B,MAAA,CAAO;AAAA,EACP,cAAA,EAAgBA,CAAAA,CAAE,MAAA,EAAO,CAAE,IAAI,CAAC,CAAA;AAAA,EAChC,MAAA,EAAQA,CAAAA,CAAE,MAAA,EAAO,CAAE,IAAI,CAAC;AACzB,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,oBAAA,GAAuBA,EAC3B,MAAA,CAAO;AAAA,EACP,EAAA,EAAIA,CAAAA,CAAE,MAAA,EAAO,CAAE,IAAI,CAAC;AACrB,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,uBAAA,GAA0BA,EAC9B,MAAA,CAAO;AAAA,EACP,cAAA,EAAgBA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACpC,KAAA,EAAOA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AACnB,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,SAAS,gBAAgB,MAAA,EAAgB;AACxC,EAAA,OAAO,MAAA,CAAO,IAAA,EAAK,CAAE,WAAA,EAAY,CAAE,OAAA,CAAQ,OAAA,EAAS,EAAE,CAAA,CAAE,OAAA,CAAQ,KAAA,EAAO,EAAE,CAAA;AAC1E;AAEA,SAAS,mBAAmB,KAAA,EAAe;AAC1C,EAAA,OAAO,MAAM,OAAA,CAAQ,QAAA,EAAU,EAAE,CAAA,CAAE,OAAA,CAAQ,UAAU,EAAE,CAAA;AACxD;AAEA,SAAS,mBAAmB,MAAA,EAAgB;AAC3C,EAAA,OAAO,CAAA,EAAG,UAAU,CAAA,CAAA,EAAI,eAAA,CAAgB,MAAM,CAAC,CAAA,CAAA;AAChD;AAEA,SAAS,sBAAsB,GAAA,EAA4B;AAC1D,EAAA,OAAO;AAAA,IACN,IAAI,GAAA,CAAI,EAAA;AAAA,IACR,gBAAgB,GAAA,CAAI,cAAA;AAAA,IACpB,QAAQ,GAAA,CAAI,MAAA;AAAA,IACZ,OAAO,GAAA,CAAI,KAAA;AAAA,IACX,QAAQ,GAAA,CAAI,MAAA;AAAA,IACZ,SAAA,EAAW;AAAA,MACV,MAAM,GAAA,CAAI,aAAA;AAAA,MACV,OAAO,GAAA,CAAI;AAAA,KACZ;AAAA,IACA,UAAA,EAAY,IAAI,UAAA,IAAc,IAAA;AAAA,IAC9B,SAAA,EAAW,IAAI,SAAA,IAAa,IAAA;AAAA,IAC5B,aAAA,EAAe,IAAI,aAAA,IAAiB,IAAA;AAAA,IACpC,UAAA,EAAY,IAAI,UAAA,IAAc,CAAA;AAAA,IAC9B,WAAW,GAAA,CAAI,SAAA;AAAA,IACf,WAAW,GAAA,CAAI;AAAA,GAChB;AACD;AAEA,eAAe,2BAAA,CACd,EAAA,EACA,cAAA,EACA,SAAA,EACC;AACD,EAAA,MAAM,YAAA,GAAe,MAAM,EAAA,CAAG,OAAA,CAAyB;AAAA,IACtD,KAAA,EAAO,cAAA;AAAA,IACP,KAAA,EAAO;AAAA,MACN,EAAE,KAAA,EAAO,IAAA,EAAM,KAAA,EAAO,cAAA,EAAe;AAAA,MACrC,EAAE,KAAA,EAAO,WAAA,EAAa,KAAA,EAAO,SAAA;AAAU;AACxC,GACA,CAAA;AACD,EAAA,IAAI,CAAC,YAAA,EAAc;AAClB,IAAA,MAAM,IAAI,MAAM,0CAA0C,CAAA;AAAA,EAC3D;AACD;AAEA,eAAe,mCAAA,CACd,EAAA,EACA,SAAA,EACA,cAAA,EACC;AACD,EAAA,MAAM,CAAC,SAAA,EAAW,eAAe,CAAA,GAAI,MAAM,QAAQ,GAAA,CAAI;AAAA,IACtD,GAAG,QAAA,CAAyB;AAAA,MAC3B,KAAA,EAAO,aAAA;AAAA,MACP,KAAA,EAAO;AAAA,QACN,EAAE,KAAA,EAAO,WAAA,EAAa,KAAA,EAAO,SAAA,EAAU;AAAA,QACvC,EAAE,KAAA,EAAO,gBAAA,EAAkB,KAAA,EAAO,cAAA;AAAe,OAClD;AAAA,MACA,KAAA,EAAO;AAAA,KACP,CAAA;AAAA,IACD,GAAG,QAAA,CAAgC;AAAA,MAClC,KAAA,EAAO,oBAAA;AAAA,MACP,KAAA,EAAO;AAAA,QACN,EAAE,KAAA,EAAO,WAAA,EAAa,KAAA,EAAO,SAAA,EAAU;AAAA,QACvC,EAAE,KAAA,EAAO,gBAAA,EAAkB,KAAA,EAAO,cAAA,EAAe;AAAA,QACjD,EAAE,KAAA,EAAO,OAAA,EAAS,KAAA,EAAO,UAAA;AAAW,OACrC;AAAA,MACA,KAAA,EAAO;AAAA,KACP;AAAA,GACD,CAAA;AAED,EAAA,MAAM,eAAA,GAAkB,IAAI,GAAA,CAAI,eAAA,CAAgB,GAAA,CAAI,CAAC,MAAA,KAAW,eAAA,CAAgB,MAAA,CAAO,MAAM,CAAC,CAAC,CAAA;AAC/F,EAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AAErB,EAAA,KAAA,MAAW,YAAY,SAAA,EAAW;AACjC,IAAA,MAAM,OAAA,GAAU,QAAA,CAAS,MAAA,CACvB,KAAA,CAAM,GAAG,CAAA,CACT,GAAA,CAAI,CAAC,KAAA,KAAU,eAAA,CAAgB,KAAK,CAAC,CAAA,CACrC,OAAO,OAAO,CAAA;AAChB,IAAA,MAAM,SAAA,GAAY,OAAA,CAAQ,MAAA,GAAS,CAAA,IAAK,OAAA,CAAQ,KAAA,CAAM,CAAC,MAAA,KAAW,eAAA,CAAgB,GAAA,CAAI,MAAM,CAAC,CAAA;AAC7F,IAAA,IAAA,CAAK,QAAA,CAAS,cAAA,IAAkB,KAAA,MAAW,SAAA,EAAW;AACrD,MAAA;AAAA,IACD;AACA,IAAA,MAAM,GAAG,MAAA,CAAuB;AAAA,MAC/B,KAAA,EAAO,aAAA;AAAA,MACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,MAAM,KAAA,EAAO,QAAA,CAAS,IAAI,CAAA;AAAA,MAC3C,MAAA,EAAQ;AAAA,QACP,cAAA,EAAgB,SAAA;AAAA,QAChB,SAAA,EAAW;AAAA;AACZ,KACA,CAAA;AAAA,EACF;AACD;AAEA,eAAe,gBAAgB,UAAA,EAAuC;AACrE,EAAA,MAAM,WAAW,MAAM,KAAA;AAAA,IACtB,CAAA,gCAAA,EAAmC,kBAAA,CAAmB,UAAU,CAAC,CAAA,SAAA,CAAA;AAAA,IACjE;AAAA,MACC,OAAA,EAAS,EAAE,MAAA,EAAQ,sBAAA;AAAuB;AAC3C,GACD;AACA,EAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AACjB,IAAA,OAAO,EAAC;AAAA,EACT;AACA,EAAA,MAAM,OAAA,GAAW,MAAM,QAAA,CAAS,IAAA,EAAK;AACrC,EAAA,OAAA,CAAQ,QAAQ,MAAA,IAAU,IACxB,GAAA,CAAI,CAAC,WAAY,OAAO,MAAA,CAAO,IAAA,KAAS,QAAA,GAAW,mBAAmB,MAAA,CAAO,IAAI,IAAI,EAAG,CAAA,CACxF,OAAO,OAAO,CAAA;AACjB;AAEO,SAAS,aAAA,GAAkC;AACjD,EAAA,OAAO;AAAA,IACN,EAAA,EAAI,gBAAA;AAAA,IACJ,SAAA,EAAW;AAAA,MACV,kBAAA,EAAoBE,kBAAAA;AAAA,QACnB,wBAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM,wBAAA;AAAA,UACN,GAAA,EAAK,CAAC,iBAAiB;AAAA,SACxB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,KAAA,GAAQ,eAAA,CAAgB,GAAA,CAAI,IAAI,CAAA;AACtC,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,WAAW,KAAA,CAAM,SAAA;AAAA,YACjB,UAAA,EAAY;AAAA,WACZ,CAAA;AACD,UAAA,MAAM,4BAA4B,EAAA,EAAI,GAAA,CAAI,IAAA,CAAK,cAAA,EAAgB,MAAM,SAAU,CAAA;AAE/E,UAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,UAAA,MAAM,MAAA,GAAS,eAAA,CAAgB,GAAA,CAAI,IAAA,CAAK,MAAM,CAAA;AAC9C,UAAA,MAAM,UAAA,GAAa;AAAA,YAClB,WAAW,KAAA,CAAM,SAAA;AAAA,YACjB,cAAA,EAAgB,IAAI,IAAA,CAAK,cAAA;AAAA,YACzB,MAAA;AAAA,YACA,KAAA,EAAO,SAAA;AAAA,YACP,MAAA,EAAQ,SAAA;AAAA,YACR,aAAA,EAAe,mBAAmB,MAAM,CAAA;AAAA,YACxC,cAAA,EAAgB,qBAAqB,EAAE,CAAA;AAAA,YACvC,UAAA,EAAY,IAAA;AAAA,YACZ,WAAW,GAAA,GAAM,WAAA;AAAA,YACjB,aAAA,EAAe,IAAA;AAAA,YACf,UAAA,EAAY,CAAA;AAAA,YACZ,SAAA,EAAW;AAAA,WACZ;AAEA,UAAA,MAAM,QAAA,GAAW,MAAM,EAAA,CAAG,OAAA,CAA+B;AAAA,YACxD,KAAA,EAAO,oBAAA;AAAA,YACP,KAAA,EAAO;AAAA,cACN,EAAE,KAAA,EAAO,WAAA,EAAa,KAAA,EAAO,MAAM,SAAA,EAAW;AAAA,cAC9C,EAAE,KAAA,EAAO,gBAAA,EAAkB,KAAA,EAAO,GAAA,CAAI,KAAK,cAAA,EAAe;AAAA,cAC1D,EAAE,KAAA,EAAO,QAAA,EAAU,KAAA,EAAO,MAAA;AAAO;AAClC,WACA,CAAA;AAED,UAAA,MAAM,MAAA,GAAS,QAAA,GACZ,MAAM,EAAA,CAAG,MAAA,CAA8B;AAAA,YACvC,KAAA,EAAO,oBAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,MAAM,KAAA,EAAO,QAAA,CAAS,IAAI,CAAA;AAAA,YAC3C,MAAA,EAAQ;AAAA,WACR,CAAA,GACA,MAAM,EAAA,CAAG,MAAA,CAA8B;AAAA,YACvC,KAAA,EAAO,oBAAA;AAAA,YACP,IAAA,EAAM;AAAA,cACL,GAAG,UAAA;AAAA,cACH,SAAA,EAAW;AAAA;AACZ,WACA,CAAA;AAEH,UAAA,IAAI,CAAC,MAAA,EAAQ;AACZ,YAAA,MAAM,GAAA,CAAI,MAAM,uBAAA,EAAyB;AAAA,cACxC,OAAA,EAAS;AAAA,aACT,CAAA;AAAA,UACF;AAEA,UAAA,MAAM,oCAAoC,EAAA,EAAI,KAAA,CAAM,SAAA,EAAY,GAAA,CAAI,KAAK,cAAc,CAAA;AACvF,UAAA,OAAO,GAAA,CAAI,IAAA,CAAK,qBAAA,CAAsB,MAAM,CAAC,CAAA;AAAA,QAC9C;AAAA,OACD;AAAA,MAEA,eAAA,EAAiBA,kBAAAA;AAAA,QAChB,qBAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM,oBAAA;AAAA,UACN,GAAA,EAAK,CAAC,iBAAiB;AAAA,SACxB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,KAAA,GAAQ,eAAA,CAAgB,GAAA,CAAI,IAAI,CAAA;AACtC,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,WAAW,KAAA,CAAM,SAAA;AAAA,YACjB,UAAA,EAAY;AAAA,WACZ,CAAA;AACD,UAAA,MAAM,MAAA,GAAS,MAAM,EAAA,CAAG,OAAA,CAA+B;AAAA,YACtD,KAAA,EAAO,oBAAA;AAAA,YACP,KAAA,EAAO;AAAA,cACN,EAAE,KAAA,EAAO,IAAA,EAAM,KAAA,EAAO,GAAA,CAAI,KAAK,EAAA,EAAG;AAAA,cAClC,EAAE,KAAA,EAAO,WAAA,EAAa,KAAA,EAAO,MAAM,SAAA;AAAW;AAC/C,WACA,CAAA;AACD,UAAA,IAAI,CAAC,MAAA,EAAQ;AACZ,YAAA,MAAM,IAAI,KAAA,CAAM,WAAA,EAAa,EAAE,OAAA,EAAS,iCAAiC,CAAA;AAAA,UAC1E;AACA,UAAA,OAAO,GAAA,CAAI,IAAA,CAAK,qBAAA,CAAsB,MAAM,CAAC,CAAA;AAAA,QAC9C;AAAA,OACD;AAAA,MAEA,YAAA,EAAcA,kBAAAA;AAAA,QACb,wBAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM,oBAAA;AAAA,UACN,GAAA,EAAK,CAAC,iBAAiB;AAAA,SACxB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,KAAA,GAAQ,eAAA,CAAgB,GAAA,CAAI,IAAI,CAAA;AACtC,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,WAAW,KAAA,CAAM,SAAA;AAAA,YACjB,UAAA,EAAY;AAAA,WACZ,CAAA;AACD,UAAA,MAAM,MAAA,GAAS,MAAM,EAAA,CAAG,OAAA,CAA+B;AAAA,YACtD,KAAA,EAAO,oBAAA;AAAA,YACP,KAAA,EAAO;AAAA,cACN,EAAE,KAAA,EAAO,IAAA,EAAM,KAAA,EAAO,GAAA,CAAI,KAAK,EAAA,EAAG;AAAA,cAClC,EAAE,KAAA,EAAO,WAAA,EAAa,KAAA,EAAO,MAAM,SAAA;AAAW;AAC/C,WACA,CAAA;AACD,UAAA,IAAI,CAAC,MAAA,EAAQ;AACZ,YAAA,MAAM,IAAI,KAAA,CAAM,WAAA,EAAa,EAAE,OAAA,EAAS,iCAAiC,CAAA;AAAA,UAC1E;AAEA,UAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,UAAA,MAAM,OAAA,GAAU,MAAM,eAAA,CAAgB,MAAA,CAAO,aAAa,CAAA;AAC1D,UAAA,MAAM,SAAA,GAAY,OAAA,CAAQ,QAAA,CAAS,MAAA,CAAO,cAAc,CAAA,GACrD,UAAA,GACA,MAAA,CAAO,SAAA,IAAa,IAAA,IAAQ,MAAA,CAAO,SAAA,GAAY,MAC9C,SAAA,GACA,QAAA;AACJ,UAAA,MAAM,OAAA,GAAU,MAAM,EAAA,CAAG,MAAA,CAA8B;AAAA,YACtD,KAAA,EAAO,oBAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,MAAM,KAAA,EAAO,MAAA,CAAO,IAAI,CAAA;AAAA,YACzC,MAAA,EAAQ;AAAA,cACP,KAAA,EAAO,SAAA;AAAA,cACP,UAAA,EAAY,SAAA,KAAc,UAAA,GAAa,GAAA,GAAM,IAAA;AAAA,cAC7C,aAAA,EAAe,GAAA;AAAA,cACf,UAAA,EAAA,CAAa,MAAA,CAAO,UAAA,IAAc,CAAA,IAAK,CAAA;AAAA,cACvC,SAAA,EAAW;AAAA;AACZ,WACA,CAAA;AAED,UAAA,IAAI,CAAC,OAAA,EAAS;AACb,YAAA,MAAM,GAAA,CAAI,MAAM,uBAAA,EAAyB;AAAA,cACxC,OAAA,EAAS;AAAA,aACT,CAAA;AAAA,UACF;AAEA,UAAA,MAAM,mCAAA;AAAA,YACL,EAAA;AAAA,YACA,KAAA,CAAM,SAAA;AAAA,YACN,MAAA,CAAO;AAAA,WACR;AACA,UAAA,OAAO,GAAA,CAAI,IAAA,CAAK,qBAAA,CAAsB,OAAO,CAAC,CAAA;AAAA,QAC/C;AAAA,OACD;AAAA,MAEA,iBAAA,EAAmBA,kBAAAA;AAAA,QAClB,sBAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM,uBAAA;AAAA,UACN,GAAA,EAAK,CAAC,iBAAiB;AAAA,SACxB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,KAAA,GAAQ,eAAA,CAAgB,GAAA,CAAI,IAAI,CAAA;AACtC,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,WAAW,KAAA,CAAM,SAAA;AAAA,YACjB,UAAA,EAAY;AAAA,WACZ,CAAA;AACD,UAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAAgC;AAAA,YACrD,KAAA,EAAO,oBAAA;AAAA,YACP,KAAA,EAAO;AAAA,cACN,GAAG,KAAA,CAAM,KAAA;AAAA,cACT,GAAI,GAAA,CAAI,IAAA,CAAK,cAAA,GACV,CAAC,EAAE,KAAA,EAAO,gBAAA,EAAkB,KAAA,EAAO,GAAA,CAAI,IAAA,CAAK,cAAA,EAAgB,IAC5D;AAAC,aACL;AAAA,YACA,OAAO,IAAA,CAAK,GAAA,CAAI,IAAI,IAAA,CAAK,KAAA,IAAS,KAAK,GAAG,CAAA;AAAA,YAC1C,MAAA,EAAQ,EAAE,KAAA,EAAO,WAAA,EAAa,WAAW,MAAA;AAAO,WAChD,CAAA;AACD,UAAA,OAAO,IAAI,IAAA,CAAK;AAAA,YACf,IAAA,EAAM,IAAA,CAAK,GAAA,CAAI,qBAAqB;AAAA,WACpC,CAAA;AAAA,QACF;AAAA,OACD;AAAA,MAEA,kBAAA,EAAoBA,kBAAAA;AAAA,QACnB,wBAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM,oBAAA;AAAA,UACN,GAAA,EAAK,CAAC,iBAAiB;AAAA,SACxB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,KAAA,GAAQ,eAAA,CAAgB,GAAA,CAAI,IAAI,CAAA;AACtC,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,WAAW,KAAA,CAAM,SAAA;AAAA,YACjB,UAAA,EAAY;AAAA,WACZ,CAAA;AACD,UAAA,MAAM,MAAA,GAAS,MAAM,EAAA,CAAG,OAAA,CAA+B;AAAA,YACtD,KAAA,EAAO,oBAAA;AAAA,YACP,KAAA,EAAO;AAAA,cACN,EAAE,KAAA,EAAO,IAAA,EAAM,KAAA,EAAO,GAAA,CAAI,KAAK,EAAA,EAAG;AAAA,cAClC,EAAE,KAAA,EAAO,WAAA,EAAa,KAAA,EAAO,MAAM,SAAA;AAAW;AAC/C,WACA,CAAA;AACD,UAAA,IAAI,CAAC,MAAA,EAAQ;AACZ,YAAA,MAAM,IAAI,KAAA,CAAM,WAAA,EAAa,EAAE,OAAA,EAAS,iCAAiC,CAAA;AAAA,UAC1E;AACA,UAAA,MAAM,GAAG,MAAA,CAAO;AAAA,YACf,KAAA,EAAO,oBAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,MAAM,KAAA,EAAO,MAAA,CAAO,IAAI;AAAA,WACzC,CAAA;AACD,UAAA,MAAM,mCAAA;AAAA,YACL,EAAA;AAAA,YACA,KAAA,CAAM,SAAA;AAAA,YACN,MAAA,CAAO;AAAA,WACR;AACA,UAAA,OAAO,GAAA,CAAI,IAAA,CAAK,EAAE,OAAA,EAAS,MAAM,CAAA;AAAA,QAClC;AAAA;AACD;AACD,GACD;AACD;;;ACtWA,eAAe,aAAA,CACd,KACA,KAAA,EACsB;AACtB,EAAA,IAAI,CAAC,MAAM,MAAA,EAAQ,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,OAAO,+BAAA,EAAgC;AAEnF,EAAA,MAAM,GAAA,GAAM,MAAM,KAAA,CAAM,+BAAA,EAAiC;AAAA,IACxD,MAAA,EAAQ,MAAA;AAAA,IACR,OAAA,EAAS;AAAA,MACR,aAAA,EAAe,CAAA,OAAA,EAAU,KAAA,CAAM,MAAM,CAAA,CAAA;AAAA,MACrC,cAAA,EAAgB;AAAA,KACjB;AAAA,IACA,IAAA,EAAM,KAAK,SAAA,CAAU;AAAA,MACpB,MAAM,GAAA,CAAI,IAAA;AAAA,MACV,EAAA,EAAI,CAAC,GAAA,CAAI,EAAE,CAAA;AAAA,MACX,SAAS,GAAA,CAAI,OAAA;AAAA,MACb,MAAM,GAAA,CAAI,IAAA;AAAA,MACV,MAAM,GAAA,CAAI,IAAA;AAAA,MACV,UAAU,GAAA,CAAI;AAAA,KACd;AAAA,GACD,CAAA;AAED,EAAA,IAAI,IAAI,EAAA,EAAI;AACX,IAAA,MAAM,IAAA,GAAQ,MAAM,GAAA,CAAI,IAAA,EAAK;AAC7B,IAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,SAAA,EAAW,KAAK,EAAA,EAAG;AAAA,EAC5C;AAEA,EAAA,MAAM,GAAA,GAAM,MAAM,GAAA,CAAI,IAAA,EAAK;AAC3B,EAAA,OAAO,EAAE,SAAS,KAAA,EAAO,KAAA,EAAO,UAAU,GAAA,CAAI,MAAM,CAAA,EAAA,EAAK,GAAG,CAAA,CAAA,EAAG;AAChE;AAEA,eAAe,eAAA,CACd,KACA,KAAA,EACsB;AACtB,EAAA,IAAI,CAAC,MAAM,MAAA,EAAQ,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,OAAO,iCAAA,EAAkC;AAErF,EAAA,MAAM,GAAA,GAAM,MAAM,KAAA,CAAM,uCAAA,EAAyC;AAAA,IAChE,MAAA,EAAQ,MAAA;AAAA,IACR,OAAA,EAAS;AAAA,MACR,aAAA,EAAe,CAAA,OAAA,EAAU,KAAA,CAAM,MAAM,CAAA,CAAA;AAAA,MACrC,cAAA,EAAgB;AAAA,KACjB;AAAA,IACA,IAAA,EAAM,KAAK,SAAA,CAAU;AAAA,MACpB,gBAAA,EAAkB,CAAC,EAAE,EAAA,EAAI,CAAC,EAAE,KAAA,EAAO,GAAA,CAAI,EAAA,EAAI,CAAA,EAAG,CAAA;AAAA,MAC9C,IAAA,EAAM,iBAAA,CAAkB,GAAA,CAAI,IAAI,CAAA;AAAA,MAChC,SAAS,GAAA,CAAI,OAAA;AAAA,MACb,OAAA,EAAS;AAAA,QACR,GAAI,GAAA,CAAI,IAAA,GAAO,CAAC,EAAE,IAAA,EAAM,YAAA,EAAc,KAAA,EAAO,GAAA,CAAI,IAAA,EAAM,CAAA,GAAI,EAAC;AAAA,QAC5D,EAAE,IAAA,EAAM,WAAA,EAAa,KAAA,EAAO,IAAI,IAAA;AAAK,OACtC;AAAA,MACA,GAAI,GAAA,CAAI,OAAA,GAAU,EAAE,QAAA,EAAU,kBAAkB,GAAA,CAAI,OAAO,CAAA,EAAE,GAAI;AAAC,KAClE;AAAA,GACD,CAAA;AAED,EAAA,IAAI,GAAA,CAAI,EAAA,IAAM,GAAA,CAAI,MAAA,KAAW,GAAA,EAAK;AACjC,IAAA,MAAM,SAAA,GAAY,GAAA,CAAI,OAAA,CAAQ,GAAA,CAAI,cAAc,CAAA,IAAK,MAAA;AACrD,IAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,SAAA,EAAU;AAAA,EACnC;AAEA,EAAA,MAAM,GAAA,GAAM,MAAM,GAAA,CAAI,IAAA,EAAK;AAC3B,EAAA,OAAO,EAAE,SAAS,KAAA,EAAO,KAAA,EAAO,YAAY,GAAA,CAAI,MAAM,CAAA,EAAA,EAAK,GAAG,CAAA,CAAA,EAAG;AAClE;AAEA,eAAe,cAAA,CACd,KACA,KAAA,EACsB;AACtB,EAAA,IAAI,CAAC,MAAM,MAAA,EAAQ,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,OAAO,gCAAA,EAAiC;AAEpF,EAAA,MAAM,MAAA,GAAS,MAAM,MAAA,IAAU,gBAAA;AAC/B,EAAA,MAAM,aAAa,CAAA,MAAA,EAAS,IAAA,CAAK,OAAO,KAAA,CAAM,MAAM,EAAE,CAAC,CAAA,CAAA;AAEvD,EAAA,MAAM,QAAA,GAAW,IAAI,eAAA,EAAgB;AACrC,EAAA,QAAA,CAAS,MAAA,CAAO,MAAA,EAAQ,GAAA,CAAI,IAAI,CAAA;AAChC,EAAA,QAAA,CAAS,MAAA,CAAO,IAAA,EAAM,GAAA,CAAI,EAAE,CAAA;AAC5B,EAAA,QAAA,CAAS,MAAA,CAAO,SAAA,EAAW,GAAA,CAAI,OAAO,CAAA;AACtC,EAAA,QAAA,CAAS,MAAA,CAAO,MAAA,EAAQ,GAAA,CAAI,IAAI,CAAA;AAChC,EAAA,IAAI,IAAI,IAAA,EAAM,QAAA,CAAS,MAAA,CAAO,MAAA,EAAQ,IAAI,IAAI,CAAA;AAC9C,EAAA,IAAI,IAAI,OAAA,EAAS,QAAA,CAAS,MAAA,CAAO,YAAA,EAAc,IAAI,OAAO,CAAA;AAE1D,EAAA,MAAM,GAAA,GAAM,MAAM,KAAA,CAAM,CAAA,2BAAA,EAA8B,MAAM,CAAA,SAAA,CAAA,EAAa;AAAA,IACxE,MAAA,EAAQ,MAAA;AAAA,IACR,OAAA,EAAS;AAAA,MACR,aAAA,EAAe,UAAA;AAAA,MACf,cAAA,EAAgB;AAAA,KACjB;AAAA,IACA,IAAA,EAAM,SAAS,QAAA;AAAS,GACxB,CAAA;AAED,EAAA,IAAI,IAAI,EAAA,EAAI;AACX,IAAA,MAAM,IAAA,GAAQ,MAAM,GAAA,CAAI,IAAA,EAAK;AAC7B,IAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,SAAA,EAAW,KAAK,EAAA,EAAG;AAAA,EAC5C;AAEA,EAAA,MAAM,GAAA,GAAM,MAAM,GAAA,CAAI,IAAA,EAAK;AAC3B,EAAA,OAAO,EAAE,SAAS,KAAA,EAAO,KAAA,EAAO,WAAW,GAAA,CAAI,MAAM,CAAA,EAAA,EAAK,GAAG,CAAA,CAAA,EAAG;AACjE;AAEA,eAAe,eAAA,CACd,KACA,KAAA,EACsB;AACtB,EAAA,IAAI,CAAC,MAAM,MAAA,EAAQ,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,OAAO,sCAAA,EAAuC;AAE1F,EAAA,MAAM,GAAA,GAAM,MAAM,KAAA,CAAM,mCAAA,EAAqC;AAAA,IAC5D,MAAA,EAAQ,MAAA;AAAA,IACR,OAAA,EAAS;AAAA,MACR,2BAA2B,KAAA,CAAM,MAAA;AAAA,MACjC,cAAA,EAAgB,kBAAA;AAAA,MAChB,MAAA,EAAQ;AAAA,KACT;AAAA,IACA,IAAA,EAAM,KAAK,SAAA,CAAU;AAAA,MACpB,MAAM,GAAA,CAAI,IAAA;AAAA,MACV,IAAI,GAAA,CAAI,EAAA;AAAA,MACR,SAAS,GAAA,CAAI,OAAA;AAAA,MACb,UAAU,GAAA,CAAI,IAAA;AAAA,MACd,UAAU,GAAA,CAAI,IAAA;AAAA,MACd,SAAS,GAAA,CAAI,OAAA;AAAA,MACb,aAAA,EAAe;AAAA,KACf;AAAA,GACD,CAAA;AAED,EAAA,IAAI,IAAI,EAAA,EAAI;AACX,IAAA,MAAM,IAAA,GAAQ,MAAM,GAAA,CAAI,IAAA,EAAK;AAC7B,IAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,SAAA,EAAW,KAAK,SAAA,EAAU;AAAA,EACnD;AAEA,EAAA,MAAM,GAAA,GAAM,MAAM,GAAA,CAAI,IAAA,EAAK;AAC3B,EAAA,OAAO,EAAE,SAAS,KAAA,EAAO,KAAA,EAAO,YAAY,GAAA,CAAI,MAAM,CAAA,EAAA,EAAK,GAAG,CAAA,CAAA,EAAG;AAClE;AAEA,eAAe,UAAA,CAAW,KAAmB,KAAA,EAAsD;AAIlG,EAAA,IAAI,CAAC,KAAA,CAAM,WAAA,IAAe,CAAC,MAAM,eAAA,EAAiB;AAGjD,IAAA,IAAI,MAAM,MAAA,EAAQ;AACjB,MAAA,OAAO,iBAAiB,GAAA,EAAK,KAAA,CAAM,MAAA,EAAQ,KAAA,CAAM,UAAU,WAAW,CAAA;AAAA,IACvE;AACA,IAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,oCAAA,EAAqC;AAAA,EACtE;AAEA,EAAA,OAAO,gBAAA;AAAA,IACN,GAAA;AAAA,IACA,KAAA,CAAM,WAAA;AAAA,IACN,MAAM,MAAA,IAAU,WAAA;AAAA,IAChB,KAAA,CAAM;AAAA,GACP;AACD;AAMA,eAAe,gBAAA,CACd,GAAA,EACA,WAAA,EACA,MAAA,EACA,eAAA,EACsB;AAKtB,EAAA,IAAI,CAAC,eAAA,EAAiB;AACrB,IAAA,OAAO;AAAA,MACN,OAAA,EAAS,KAAA;AAAA,MACT,KAAA,EACC;AAAA,KACF;AAAA,EACD;AAEA,EAAA,MAAM,QAAA,GAAW,iBAAiB,MAAM,CAAA,cAAA,CAAA;AACxC,EAAA,MAAM,GAAA,uBAAU,IAAA,EAAK;AACrB,EAAA,MAAM,SAAA,GAAY,GAAA,CAAI,WAAA,EAAY,CAAE,OAAA,CAAQ,SAAS,EAAE,CAAA,CAAE,KAAA,CAAM,CAAA,EAAG,CAAC,CAAA;AACnE,EAAA,MAAM,OAAA,GAAU,GAAA,CACd,WAAA,EAAY,CACZ,OAAA,CAAQ,SAAS,EAAE,CAAA,CACnB,OAAA,CAAQ,SAAA,EAAW,EAAE,CAAA;AAGvB,EAAA,MAAM,IAAA,GAAO,KAAK,SAAA,CAAU;AAAA,IAC3B,OAAA,EAAS;AAAA,MACR,MAAA,EAAQ;AAAA,QACP,SAAS,EAAE,IAAA,EAAM,GAAA,CAAI,OAAA,EAAS,SAAS,OAAA,EAAQ;AAAA,QAC/C,IAAA,EAAM;AAAA,UACL,MAAM,EAAE,IAAA,EAAM,GAAA,CAAI,IAAA,EAAM,SAAS,OAAA,EAAQ;AAAA,UACzC,GAAI,GAAA,CAAI,IAAA,GAAO,EAAE,IAAA,EAAM,EAAE,IAAA,EAAM,GAAA,CAAI,IAAA,EAAM,OAAA,EAAS,OAAA,EAAQ,KAAM;AAAC;AAClE;AACD,KACD;AAAA,IACA,aAAa,EAAE,WAAA,EAAa,CAAC,GAAA,CAAI,EAAE,CAAA,EAAE;AAAA,IACrC,kBAAkB,GAAA,CAAI,IAAA;AAAA,IACtB,GAAI,GAAA,CAAI,OAAA,GAAU,EAAE,gBAAA,EAAkB,CAAC,GAAA,CAAI,OAAO,CAAA,EAAE,GAAI;AAAC,GACzD,CAAA;AAGD,EAAA,MAAM,OAAA,GAAU,KAAA;AAChB,EAAA,MAAM,kBAAkB,CAAA,EAAG,SAAS,CAAA,CAAA,EAAI,MAAM,IAAI,OAAO,CAAA,aAAA,CAAA;AAEzD,EAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY;AAEhC,EAAA,eAAe,IAAA,CAAK,KAA+B,IAAA,EAAoC;AACtF,IAAA,MAAM,SAAA,GAAY,MAAM,MAAA,CAAO,MAAA,CAAO,SAAA;AAAA,MACrC,KAAA;AAAA,MACA,GAAA,YAAe,WAAA,GAAc,IAAI,UAAA,CAAW,GAAG,CAAA,GAAI,GAAA;AAAA,MACnD,EAAE,IAAA,EAAM,MAAA,EAAQ,IAAA,EAAM,SAAA,EAAU;AAAA,MAChC,KAAA;AAAA,MACA,CAAC,MAAM;AAAA,KACR;AACA,IAAA,OAAO,MAAA,CAAO,OAAO,IAAA,CAAK,MAAA,EAAQ,WAAW,OAAA,CAAQ,MAAA,CAAO,IAAI,CAAC,CAAA;AAAA,EAClE;AAEA,EAAA,eAAe,OAAO,IAAA,EAA+B;AACpD,IAAA,MAAM,IAAA,GAAO,MAAM,MAAA,CAAO,MAAA,CAAO,OAAO,SAAA,EAAW,OAAA,CAAQ,MAAA,CAAO,IAAI,CAAC,CAAA;AACvE,IAAA,OAAO,KAAA,CAAM,KAAK,IAAI,UAAA,CAAW,IAAI,CAAC,CAAA,CACpC,IAAI,CAAC,CAAA,KAAM,EAAE,QAAA,CAAS,EAAE,EAAE,QAAA,CAAS,CAAA,EAAG,GAAG,CAAC,CAAA,CAC1C,KAAK,EAAE,CAAA;AAAA,EACV;AAEA,EAAA,MAAM,WAAA,GAAc,MAAM,MAAA,CAAO,IAAI,CAAA;AAErC,EAAA,MAAM,gBAAA,GAAmB;AAAA,IACxB,+BAAA;AAAA,IACA,cAAc,MAAM,CAAA,cAAA,CAAA;AAAA,IACpB,cAAc,OAAO,CAAA,CAAA;AAAA,IACrB;AAAA,GACD,CAAE,KAAK,IAAI,CAAA;AAEX,EAAA,MAAM,aAAA,GAAgB,8BAAA;AAEtB,EAAA,MAAM,gBAAA,GAAmB;AAAA,IACxB,MAAA;AAAA,IACA,2BAAA;AAAA,IACA,EAAA;AAAA,IACA,gBAAA;AAAA,IACA,aAAA;AAAA,IACA;AAAA,GACD,CAAE,KAAK,IAAI,CAAA;AAEX,EAAA,MAAM,oBAAA,GAAuB,MAAM,MAAA,CAAO,gBAAgB,CAAA;AAE1D,EAAA,MAAM,eAAe,CAAC,kBAAA,EAAoB,OAAA,EAAS,eAAA,EAAiB,oBAAoB,CAAA,CAAE,IAAA;AAAA,IACzF;AAAA,GACD;AAGA,EAAA,MAAM,KAAA,GAAQ,MAAM,IAAA,CAAK,OAAA,CAAQ,OAAO,CAAA,IAAA,EAAO,eAAe,CAAA,CAAE,CAAA,EAAG,SAAS,CAAA;AAC5E,EAAA,MAAM,OAAA,GAAU,MAAM,IAAA,CAAK,KAAA,EAAO,MAAM,CAAA;AACxC,EAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,OAAA,EAAS,OAAO,CAAA;AAC5C,EAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,QAAA,EAAU,cAAc,CAAA;AACpD,EAAA,MAAM,cAAA,GAAiB,MAAM,IAAA,CAAK,QAAA,EAAU,YAAY,CAAA;AACxD,EAAA,MAAM,SAAA,GAAY,MAAM,IAAA,CAAK,IAAI,WAAW,cAAc,CAAC,EACzD,GAAA,CAAI,CAAC,MAAM,CAAA,CAAE,QAAA,CAAS,EAAE,CAAA,CAAE,QAAA,CAAS,GAAG,GAAG,CAAC,CAAA,CAC1C,IAAA,CAAK,EAAE,CAAA;AAET,EAAA,MAAM,mBAAA,GAAsB,+BAA+B,WAAW,CAAA,CAAA,EAAI,eAAe,CAAA,gBAAA,EAAmB,aAAa,eAAe,SAAS,CAAA,CAAA;AAEjJ,EAAA,MAAM,GAAA,GAAM,MAAM,KAAA,CAAM,CAAA,EAAG,QAAQ,CAAA,yBAAA,CAAA,EAA6B;AAAA,IAC/D,MAAA,EAAQ,MAAA;AAAA,IACR,OAAA,EAAS;AAAA,MACR,cAAA,EAAgB,kBAAA;AAAA,MAChB,YAAA,EAAc,OAAA;AAAA,MACd,aAAA,EAAe;AAAA,KAChB;AAAA,IACA;AAAA,GACA,CAAA;AAED,EAAA,IAAI,IAAI,EAAA,EAAI;AACX,IAAA,MAAM,IAAA,GAAQ,MAAM,GAAA,CAAI,IAAA,EAAK;AAC7B,IAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,SAAA,EAAW,KAAK,SAAA,EAAU;AAAA,EACnD;AAEA,EAAA,MAAM,GAAA,GAAM,MAAM,GAAA,CAAI,IAAA,EAAK;AAC3B,EAAA,OAAO,EAAE,SAAS,KAAA,EAAO,KAAA,EAAO,OAAO,GAAA,CAAI,MAAM,CAAA,EAAA,EAAK,GAAG,CAAA,CAAA,EAAG;AAC7D;AAOA,SAAS,kBAAkB,OAAA,EAAmD;AAC7E,EAAA,MAAM,KAAA,GAAQ,OAAA,CAAQ,KAAA,CAAM,kBAAkB,CAAA;AAC9C,EAAA,IAAI,KAAA,GAAQ,CAAC,CAAA,IAAK,KAAA,CAAM,CAAC,CAAA,EAAG;AAC3B,IAAA,OAAO,EAAE,IAAA,EAAM,KAAA,CAAM,CAAC,CAAA,CAAE,IAAA,EAAK,EAAG,KAAA,EAAO,KAAA,CAAM,CAAC,CAAA,CAAE,IAAA,EAAK,EAAE;AAAA,EACxD;AACA,EAAA,OAAO,EAAE,KAAA,EAAO,OAAA,CAAQ,IAAA,EAAK,EAAE;AAChC;AAwBA,eAAsB,SAAA,CACrB,QAAA,EACA,OAAA,EACA,WAAA,EACsB;AACtB,EAAA,QAAQ,QAAA;AAAU,IACjB,KAAK,QAAA;AACJ,MAAA,OAAO,aAAA,CAAc,SAAS,WAAW,CAAA;AAAA,IAC1C,KAAK,UAAA;AACJ,MAAA,OAAO,eAAA,CAAgB,SAAS,WAAW,CAAA;AAAA,IAC5C,KAAK,KAAA;AACJ,MAAA,OAAO,UAAA,CAAW,SAAS,WAAW,CAAA;AAAA,IACvC,KAAK,SAAA;AACJ,MAAA,OAAO,cAAA,CAAe,SAAS,WAAW,CAAA;AAAA,IAC3C,KAAK,UAAA;AACJ,MAAA,OAAO,eAAA,CAAgB,SAAS,WAAW,CAAA;AAAA,IAC5C,SAAS;AACR,MAAA,MAAM,WAAA,GAAqB,QAAA;AAC3B,MAAA,OAAO;AAAA,QACN,OAAA,EAAS,KAAA;AAAA,QACT,KAAA,EAAO,2BAA2B,WAAqB,CAAA;AAAA,OACxD;AAAA,IACD;AAAA;AAEF;AAKO,SAAS,mBAAA,CACf,UACA,WAAA,EACwC;AACxC,EAAA,MAAM,UAAoB,EAAC;AAE3B,EAAA,QAAQ,QAAA;AAAU,IACjB,KAAK,QAAA;AAAA,IACL,KAAK,UAAA;AAAA,IACL,KAAK,UAAA;AACJ,MAAA,IAAI,CAAC,WAAA,CAAY,MAAA,EAAQ,OAAA,CAAQ,KAAK,QAAQ,CAAA;AAC9C,MAAA;AAAA,IACD,KAAK,SAAA;AACJ,MAAA,IAAI,CAAC,WAAA,CAAY,MAAA,EAAQ,OAAA,CAAQ,KAAK,QAAQ,CAAA;AAC9C,MAAA,IAAI,CAAC,WAAA,CAAY,MAAA,EAAQ,OAAA,CAAQ,KAAK,QAAQ,CAAA;AAC9C,MAAA;AAAA,IACD,KAAK,KAAA;AACJ,MAAA,IAAI,CAAC,WAAA,CAAY,WAAA,EAAa,OAAA,CAAQ,KAAK,aAAa,CAAA;AACxD,MAAA,IAAI,CAAC,WAAA,CAAY,eAAA,EAAiB,OAAA,CAAQ,KAAK,iBAAiB,CAAA;AAChE,MAAA;AAAA;AAGF,EAAA,OAAO,EAAE,KAAA,EAAO,OAAA,CAAQ,MAAA,KAAW,GAAG,OAAA,EAAQ;AAC/C;;;AC/XA,IAAM,gBAAA,GAAkC;AAAA,EACvC,OAAA,EAAS,aAAA;AAAA,EACT,YAAA,EAAc,SAAA;AAAA,EACd,OAAA,EAAS,SAAA;AAAA,EACT,YAAA,EAAc,CAAA;AAAA,EACd,UAAA,EACC,4FAAA;AAAA,EACD,QAAA,EAAU;AACX,CAAA;AAKO,SAAS,gBAAgB,IAAA,EAAqD;AACpF,EAAA,QAAQ,IAAA;AAAM,IACb,KAAK,OAAA;AACJ,MAAA,OAAO,4EAAA;AAAA,IACR,KAAK,QAAA;AACJ,MAAA,OAAO,4FAAA;AAAA,IACR,KAAK,QAAA;AACJ,MAAA,OAAO,qEAAA;AAAA,IACR,KAAK,WAAA;AACJ,MAAA,OAAO,gFAAA;AAAA,IACR,KAAK,MAAA;AACJ,MAAA,OAAO,2EAAA;AAAA,IACR,KAAK,SAAA;AACJ,MAAA,OAAO,8EAAA;AAAA,IACR;AACC,MAAA,OAAO,MAAA;AAAA;AAEV;AA0EA,SAAS,IAAI,GAAA,EAAqB;AACjC,EAAA,OAAO,IACL,OAAA,CAAQ,IAAA,EAAM,OAAO,CAAA,CACrB,OAAA,CAAQ,MAAM,MAAM,CAAA,CACpB,QAAQ,IAAA,EAAM,MAAM,EACpB,OAAA,CAAQ,IAAA,EAAM,QAAQ,CAAA,CACtB,OAAA,CAAQ,MAAM,QAAQ,CAAA;AACzB;AAEA,SAAS,MAAA,CAAO,GAAkB,OAAA,EAAyB;AAC1D,EAAA,MAAM,IAAA,GAAO,CAAA,CAAE,OAAA,GACZ,CAAA,UAAA,EAAa,GAAA,CAAI,CAAA,CAAE,OAAO,CAAC,CAAA,OAAA,EAAU,GAAA,CAAI,CAAA,CAAE,OAAO,CAAC,CAAA,uFAAA,CAAA,GACnD,EAAA;AAGH,EAAA,MAAM,MAAA,GAAS,CAAA,CAAE,QAAA,GAAW,SAAA,GAAY,SAAA;AACxC,EAAA,MAAM,UAAA,GAAa,CAAA,CAAE,QAAA,GAAW,SAAA,GAAY,SAAA;AAC5C,EAAA,MAAM,WAAA,GAAc,CAAA,CAAE,QAAA,GAAW,SAAA,GAAY,SAAA;AAC7C,EAAA,MAAM,WAAA,GAAc,CAAA,CAAE,QAAA,GAAW,MAAA,GAAS,OAAA;AAG1C,EAAA,MAAM,mBAAmB,CAAA,CAAE,SAAA,GAAY,CAAA,OAAA,EAAU,CAAA,CAAE,SAAS,CAAA,QAAA,CAAA,GAAa,EAAA;AAEzE,EAAA,OAAO;AAAA,IACN,iBAAA;AAAA,IACA,kBAAA;AAAA,IACA,QAAA;AAAA,IACA,0BAAA;AAAA,IACA,wEAAA;AAAA,IACA,sCAAsC,WAAW,CAAA,IAAA,CAAA;AAAA,IACjD,iDAAiD,WAAW,CAAA,IAAA,CAAA;AAAA,IAC5D,CAAA,OAAA,EAAU,GAAA,CAAI,CAAA,CAAE,OAAO,CAAC,CAAA,QAAA,CAAA;AAAA,IACxB,eAAA;AAAA,IACA,gEAAA;AAAA,IACA,cAAA;AAAA,IACA,gBAAA;AAAA,IACA,SAAA;AAAA,IACA,CAAA,iDAAA,EAAoD,CAAA,CAAE,OAAO,CAAA,aAAA,EAAgB,EAAE,UAAU,CAAA,sCAAA,CAAA;AAAA,IACzF,CAAA,gGAAA,EAAmG,EAAE,OAAO,CAAA,GAAA,CAAA;AAAA,IAC5G,MAAA;AAAA,IACA,gDAAA;AAAA,IACA,iHAAA;AAAA,IACA,MAAA;AAAA,IACA,CAAA,yCAAA,EAA4C,MAAM,CAAA,kBAAA,EAAqB,UAAU,CAAA,sBAAA,CAAA;AAAA,IACjF,IAAA;AAAA,IACA,OAAA;AAAA,IACA,OAAA;AAAA,IACA,OAAA;AAAA,IACA,MAAA;AAAA,IACA,kDAAA;AAAA,IACA,2DAA2D,WAAW,CAAA,GAAA,CAAA;AAAA,IACtE,CAAA,uBAAA,EAA0B,GAAA,CAAI,CAAA,CAAE,OAAO,CAAC,CAAA,CAAA,CAAA;AAAA,IACxC,4DAAA;AAAA,IACA,MAAA;AAAA,IACA,OAAA;AAAA,IACA,OAAA;AAAA,IACA,UAAA;AAAA,IACA,OAAA;AAAA,IACA,OAAA;AAAA,IACA,UAAA;AAAA,IACA,SAAA;AAAA,IACA;AAAA,GACD,CAAE,KAAK,IAAI,CAAA;AACZ;AAEA,SAAS,GAAA,CAAI,KAAA,EAAe,GAAA,EAAa,CAAA,EAA0B;AAClE,EAAA,MAAM,MAAM,IAAA,CAAK,KAAA,CAAO,CAAA,CAAE,YAAA,GAAe,KAAM,GAAG,CAAA;AAClD,EAAA,OAAO;AAAA,IACN,iGAAA;AAAA,IACA,MAAA;AAAA,IACA,qBAAA;AAAA,IACA,eAAA;AAAA,IACA,CAAA,2DAAA,EAA8D,IAAI,GAAG,CAAC,oEAAoE,GAAG,CAAA,cAAA,EAAiB,EAAE,YAAY,CAAA,EAAA,CAAA;AAAA,IAC5K,CAAA,2FAAA,EAA8F,GAAA,CAAI,KAAK,CAAC,CAAA,SAAA,CAAA;AAAA,IACxG,gBAAA;AAAA,IACA,cAAA;AAAA,IACA,qBAAA;AAAA,IACA,CAAA,SAAA,EAAY,IAAI,GAAG,CAAC,oFAAoF,CAAA,CAAE,YAAY,CAAA,iFAAA,EAAoF,CAAA,CAAE,YAAY,CAAA,qBAAA,CAAA;AAAA,IACxN,IAAI,KAAK,CAAA;AAAA,IACT,MAAA;AAAA,IACA,kBAAA;AAAA,IACA,OAAA;AAAA,IACA,OAAA;AAAA,IACA;AAAA,GACD,CAAE,KAAK,IAAI,CAAA;AACZ;AAEA,SAAS,EAAA,CAAG,IAAA,EAAc,IAAA,GAAO,KAAA,EAAe;AAC/C,EAAA,MAAM,KAAA,GAAQ,OAAO,SAAA,GAAY,SAAA;AACjC,EAAA,OAAO,CAAA,+DAAA,EAAkE,KAAK,CAAA,qCAAA,EAAwC,GAAA,CAAI,IAAI,CAAC,CAAA,KAAA,CAAA;AAChI;AAEA,SAAS,CAAA,CAAE,IAAA,EAAc,IAAA,GAAO,KAAA,EAAe;AAC9C,EAAA,MAAM,KAAA,GAAQ,OAAO,SAAA,GAAY,SAAA;AACjC,EAAA,OAAO,CAAA,+DAAA,EAAkE,KAAK,CAAA,GAAA,EAAM,IAAI,CAAA,IAAA,CAAA;AACzF;AAEA,SAAS,IAAA,CAAK,KAAA,EAAe,IAAA,GAAO,KAAA,EAAe;AAClD,EAAA,MAAM,MAAA,GAAS,OAAO,SAAA,GAAY,SAAA;AAClC,EAAA,MAAM,UAAA,GAAa,OAAO,SAAA,GAAY,SAAA;AACtC,EAAA,MAAM,SAAA,GAAY,OAAO,SAAA,GAAY,SAAA;AACrC,EAAA,OAAO;AAAA,IACN,iGAAA;AAAA,IACA,MAAA;AAAA,IACA,qBAAA;AAAA,IACA,CAAA,oEAAA,EAAuE,MAAM,CAAA,kBAAA,EAAqB,UAAU,kHAAkH,SAAS,CAAA,GAAA,CAAA;AAAA,IACvO,IAAI,KAAK,CAAA;AAAA,IACT,QAAA;AAAA,IACA,OAAA;AAAA,IACA,OAAA;AAAA,IACA;AAAA,GACD,CAAE,KAAK,IAAI,CAAA;AACZ;AAEA,SAAS,EAAA,CAAG,OAAO,KAAA,EAAe;AACjC,EAAA,MAAM,KAAA,GAAQ,OAAO,SAAA,GAAY,SAAA;AACjC,EAAA,OAAO,6DAA6D,KAAK,CAAA,KAAA,CAAA;AAC1E;AAEA,SAAS,WAAA,CAAY,KAAa,CAAA,EAA0B;AAC3D,EAAA,OAAO,2CAA2C,CAAA,CAAE,YAAY,CAAA,wBAAA,EAA2B,GAAA,CAAI,GAAG,CAAC,CAAA,IAAA,CAAA;AACpG;AAEA,SAAS,KAAA,CAAM,IAAA,EAAc,IAAA,GAAO,KAAA,EAAe;AAClD,EAAA,MAAM,KAAA,GAAQ,OAAO,SAAA,GAAY,SAAA;AACjC,EAAA,OAAO,EAAE,CAAA,kCAAA,EAAqC,KAAK,CAAA,GAAA,EAAM,IAAI,WAAW,IAAI,CAAA;AAC7E;AAIA,SAAS,IAAI,KAAA,EAAyB;AACrC,EAAA,OAAO,KAAA,CAAM,KAAK,IAAI,CAAA;AACvB;AAIA,SAAS,kBAAA,CAAmB,GAA0B,CAAA,EAAiC;AACtF,EAAA,MAAM,OAAA,GAAU,CAAA,yBAAA,EAA4B,CAAA,CAAE,OAAO,CAAA,CAAA;AACrD,EAAA,MAAM,KAAK,CAAA,CAAE,QAAA;AAEb,EAAA,MAAM,IAAA,GAAO,MAAA;AAAA,IACZ,CAAA;AAAA,IACA;AAAA,MACC,EAAA,CAAG,6BAA6B,EAAE,CAAA;AAAA,MAClC,EAAE,CAAA,GAAA,EAAM,GAAA,CAAI,EAAE,QAAQ,CAAC,KAAK,EAAE,CAAA;AAAA,MAC9B,CAAA;AAAA,QACC,uFAAA;AAAA,QACA;AAAA,OACD;AAAA,MACA,GAAA,CAAI,cAAA,EAAgB,CAAA,CAAE,eAAA,EAAiB,CAAC,CAAA;AAAA,MACxC,GAAG,EAAE,CAAA;AAAA,MACL,KAAA,CAAM,0EAA0E,EAAE,CAAA;AAAA,MAClF,WAAA,CAAY,CAAA,CAAE,eAAA,EAAiB,CAAC;AAAA,KACjC,CAAE,KAAK,IAAI;AAAA,GACZ;AAEA,EAAA,MAAM,OAAO,GAAA,CAAI;AAAA,IAChB,2BAAA;AAAA,IACA,EAAA;AAAA,IACA,CAAA,GAAA,EAAM,EAAE,QAAQ,CAAA,CAAA,CAAA;AAAA,IAChB,EAAA;AAAA,IACA,sEAAA;AAAA,IACA,CAAA,CAAE,eAAA;AAAA,IACF,EAAA;AAAA,IACA,CAAA,OAAA,EAAU,EAAE,OAAO,CAAA;AAAA,GACnB,CAAA;AAED,EAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,IAAA,EAAK;AAC9B;AAEA,SAAS,mBAAA,CAAoB,GAA2B,CAAA,EAAiC;AACxF,EAAA,MAAM,OAAA,GAAU,CAAA,2BAAA,EAA8B,CAAA,CAAE,OAAO,CAAA,CAAA;AACvD,EAAA,MAAM,KAAK,CAAA,CAAE,QAAA;AAEb,EAAA,MAAM,IAAA,GAAO,MAAA;AAAA,IACZ,CAAA;AAAA,IACA;AAAA,MACC,EAAA,CAAG,uBAAuB,EAAE,CAAA;AAAA,MAC5B,EAAE,CAAA,GAAA,EAAM,GAAA,CAAI,EAAE,QAAQ,CAAC,KAAK,EAAE,CAAA;AAAA,MAC9B,CAAA;AAAA,QACC,gGAAA;AAAA,QACA;AAAA,OACD;AAAA,MACA,GAAA,CAAI,gBAAA,EAAkB,CAAA,CAAE,QAAA,EAAU,CAAC,CAAA;AAAA,MACnC,GAAG,EAAE,CAAA;AAAA,MACL,KAAA;AAAA,QACC,wGAAA;AAAA,QACA;AAAA,OACD;AAAA,MACA,WAAA,CAAY,CAAA,CAAE,QAAA,EAAU,CAAC;AAAA,KAC1B,CAAE,KAAK,IAAI;AAAA,GACZ;AAEA,EAAA,MAAM,OAAO,GAAA,CAAI;AAAA,IAChB,qBAAA;AAAA,IACA,EAAA;AAAA,IACA,CAAA,GAAA,EAAM,EAAE,QAAQ,CAAA,CAAA,CAAA;AAAA,IAChB,EAAA;AAAA,IACA,gEAAA;AAAA,IACA,CAAA,CAAE,QAAA;AAAA,IACF,EAAA;AAAA,IACA,8BAAA;AAAA,IACA,+DAAA;AAAA,IACA,EAAA;AAAA,IACA,CAAA,OAAA,EAAU,EAAE,OAAO,CAAA;AAAA,GACnB,CAAA;AAED,EAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,IAAA,EAAK;AAC9B;AAEA,SAAS,eAAA,CAAgB,GAAuB,CAAA,EAAiC;AAChF,EAAA,MAAM,OAAA,GAAU,CAAA,WAAA,EAAc,CAAA,CAAE,OAAO,CAAA,CAAA;AACvC,EAAA,MAAM,KAAK,CAAA,CAAE,QAAA;AAEb,EAAA,MAAM,IAAA,GAAO,MAAA;AAAA,IACZ,CAAA;AAAA,IACA;AAAA,MACC,EAAA,CAAG,2BAA2B,EAAE,CAAA;AAAA,MAChC,CAAA,CAAE,aAAa,EAAE,CAAA;AAAA,MACjB,CAAA,CAAE,uFAAuF,EAAE,CAAA;AAAA,MAC3F,GAAA,CAAI,SAAA,EAAW,CAAA,CAAE,YAAA,EAAc,CAAC,CAAA;AAAA,MAChC,GAAG,EAAE,CAAA;AAAA,MACL,KAAA,CAAM,sEAAsE,EAAE,CAAA;AAAA,MAC9E,WAAA,CAAY,CAAA,CAAE,YAAA,EAAc,CAAC;AAAA,KAC9B,CAAE,KAAK,IAAI;AAAA,GACZ;AAEA,EAAA,MAAM,OAAO,GAAA,CAAI;AAAA,IAChB,yBAAA;AAAA,IACA,EAAA;AAAA,IACA,qDAAA;AAAA,IACA,CAAA,CAAE,YAAA;AAAA,IACF,EAAA;AAAA,IACA,+DAAA;AAAA,IACA,EAAA;AAAA,IACA,CAAA,OAAA,EAAU,EAAE,OAAO,CAAA;AAAA,GACnB,CAAA;AAED,EAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,IAAA,EAAK;AAC9B;AAEA,SAAS,cAAA,CAAe,GAAiB,CAAA,EAAiC;AACzE,EAAA,MAAM,UAAU,CAAA,EAAG,CAAA,CAAE,GAAG,CAAA,kCAAA,EAAqC,EAAE,OAAO,CAAA,CAAA;AACtE,EAAA,MAAM,KAAK,CAAA,CAAE,QAAA;AAEb,EAAA,MAAM,IAAA,GAAO,MAAA;AAAA,IACZ,CAAA;AAAA,IACA;AAAA,MACC,EAAA,CAAG,0BAA0B,EAAE,CAAA;AAAA,MAC/B,CAAA,CAAE,yEAAyE,EAAE,CAAA;AAAA,MAC7E,IAAA,CAAK,CAAA,CAAE,GAAA,EAAK,EAAE,CAAA;AAAA,MACd,GAAG,EAAE,CAAA;AAAA,MACL,KAAA;AAAA,QACC,uGAAA;AAAA,QACA;AAAA;AACD,KACD,CAAE,KAAK,IAAI;AAAA,GACZ;AAEA,EAAA,MAAM,OAAO,GAAA,CAAI;AAAA,IAChB,wBAAA;AAAA,IACA,EAAA;AAAA,IACA,CAAA,WAAA,EAAc,EAAE,GAAG,CAAA,CAAA;AAAA,IACnB,EAAA;AAAA,IACA,kCAAA;AAAA,IACA,+DAAA;AAAA,IACA,EAAA;AAAA,IACA,CAAA,OAAA,EAAU,EAAE,OAAO,CAAA;AAAA,GACnB,CAAA;AAED,EAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,IAAA,EAAK;AAC9B;AAEA,SAAS,gBAAA,CAAiB,GAAwB,CAAA,EAAiC;AAClF,EAAA,MAAM,OAAA,GAAU,GAAG,CAAA,CAAE,WAAW,mBAAmB,CAAA,CAAE,gBAAgB,CAAA,QAAA,EAAW,CAAA,CAAE,OAAO,CAAA,CAAA;AACzF,EAAA,MAAM,KAAK,CAAA,CAAE,QAAA;AACb,EAAA,MAAM,MAAA,GAAS,KAAK,SAAA,GAAY,SAAA;AAEhC,EAAA,MAAM,KAAA,GAAkB;AAAA,IACvB,EAAA,CAAG,uBAAuB,EAAE,CAAA;AAAA,IAC5B,CAAA;AAAA,MACC,CAAA,QAAA,EAAW,GAAA,CAAI,CAAA,CAAE,WAAW,CAAC,CAAA,0CAAA,EAA6C,GAAA,CAAI,CAAA,CAAE,gBAAgB,CAAC,CAAA,aAAA,EAAgB,GAAA,CAAI,CAAA,CAAE,OAAO,CAAC,CAAA,CAAA,CAAA;AAAA,MAC/H;AAAA;AACD,GACD;AAEA,EAAA,IAAI,EAAE,SAAA,EAAW;AAChB,IAAA,KAAA,CAAM,KAAK,GAAA,CAAI,mBAAA,EAAqB,CAAA,CAAE,SAAA,EAAW,CAAC,CAAC,CAAA;AACnD,IAAA,KAAA,CAAM,IAAA,CAAK,EAAA,CAAG,EAAE,CAAC,CAAA;AACjB,IAAA,KAAA,CAAM,IAAA,CAAK,WAAA,CAAY,CAAA,CAAE,SAAA,EAAW,CAAC,CAAC,CAAA;AAAA,EACvC,CAAA,MAAO;AACN,IAAA,KAAA,CAAM,IAAA;AAAA,MACL,KAAA;AAAA,QACC,8EAA8E,MAAM,CAAA,qCAAA,EAAwC,GAAA,CAAI,CAAA,CAAE,YAAY,CAAC,CAAA,OAAA,CAAA;AAAA,QAC/I;AAAA;AACD,KACD;AAAA,EACD;AAEA,EAAA,MAAM,OAAO,MAAA,CAAO,CAAA,EAAG,KAAA,CAAM,IAAA,CAAK,IAAI,CAAC,CAAA;AAEvC,EAAA,MAAM,SAAA,GAAY;AAAA,IACjB,qBAAA;AAAA,IACA,EAAA;AAAA,IACA,CAAA,EAAG,EAAE,WAAW,CAAA,yBAAA,EAA4B,EAAE,gBAAgB,CAAA,IAAA,EAAO,EAAE,OAAO,CAAA,CAAA,CAAA;AAAA,IAC9E;AAAA,GACD;AACA,EAAA,IAAI,EAAE,SAAA,EAAW;AAChB,IAAA,SAAA,CAAU,IAAA,CAAK,CAAA,uBAAA,EAA0B,CAAA,CAAE,SAAS,CAAA,CAAE,CAAA;AAAA,EACvD,CAAA,MAAO;AACN,IAAA,SAAA,CAAU,IAAA,CAAK,CAAA,eAAA,EAAkB,CAAA,CAAE,YAAY,CAAA,CAAE,CAAA;AAAA,EAClD;AACA,EAAA,SAAA,CAAU,IAAA,CAAK,EAAA,EAAI,CAAA,OAAA,EAAU,CAAA,CAAE,OAAO,CAAA,CAAE,CAAA;AAExC,EAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,IAAA,EAAM,GAAA,CAAI,SAAS,CAAA,EAAE;AAC9C;AAEA,SAAS,aAAA,CAAc,GAAqB,CAAA,EAAiC;AAC5E,EAAA,MAAM,OAAA,GAAU,CAAA,WAAA,EAAc,CAAA,CAAE,OAAO,CAAA,CAAA;AACvC,EAAA,MAAM,KAAK,CAAA,CAAE,QAAA;AAEb,EAAA,MAAM,KAAA,GAAkB;AAAA,IACvB,GAAG,CAAA,WAAA,EAAc,GAAA,CAAI,EAAE,OAAO,CAAC,IAAI,EAAE,CAAA;AAAA,IACrC,EAAE,CAAA,GAAA,EAAM,GAAA,CAAI,EAAE,QAAQ,CAAC,KAAK,EAAE,CAAA;AAAA,IAC9B,CAAA,CAAE,8EAA8E,EAAE;AAAA,GACnF;AAEA,EAAA,IAAI,EAAE,YAAA,EAAc;AACnB,IAAA,KAAA,CAAM,KAAK,GAAA,CAAI,iBAAA,EAAmB,CAAA,CAAE,YAAA,EAAc,CAAC,CAAC,CAAA;AAAA,EACrD;AAEA,EAAA,KAAA,CAAM,IAAA,CAAK,EAAA,CAAG,EAAE,CAAC,CAAA;AACjB,EAAA,KAAA,CAAM,IAAA,CAAK,KAAA,CAAM,4DAAA,EAA8D,EAAE,CAAC,CAAA;AAElF,EAAA,MAAM,OAAO,MAAA,CAAO,CAAA,EAAG,KAAA,CAAM,IAAA,CAAK,IAAI,CAAC,CAAA;AAEvC,EAAA,MAAM,SAAA,GAAY;AAAA,IACjB,CAAA,WAAA,EAAc,EAAE,OAAO,CAAA,CAAA;AAAA,IACvB,EAAA;AAAA,IACA,CAAA,GAAA,EAAM,EAAE,QAAQ,CAAA,CAAA,CAAA;AAAA,IAChB,EAAA;AAAA,IACA;AAAA,GACD;AACA,EAAA,IAAI,EAAE,YAAA,EAAc;AACnB,IAAA,SAAA,CAAU,IAAA,CAAK,CAAA,aAAA,EAAgB,CAAA,CAAE,YAAY,CAAA,CAAE,CAAA;AAAA,EAChD;AACA,EAAA,SAAA,CAAU,IAAA,CAAK,EAAA,EAAI,CAAA,OAAA,EAAU,CAAA,CAAE,OAAO,CAAA,CAAE,CAAA;AAExC,EAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,IAAA,EAAM,GAAA,CAAI,SAAS,CAAA,EAAE;AAC9C;AAgBO,SAAS,WAAA,CACf,MACA,iBAAA,EACgB;AAChB,EAAA,MAAM,QAAA,GAA0B,EAAE,GAAG,gBAAA,EAAkB,GAAG,iBAAA,EAAkB;AAE5E,EAAA,QAAQ,KAAK,IAAA;AAAM,IAClB,KAAK,cAAA;AACJ,MAAA,OAAO,kBAAA,CAAmB,MAAM,QAAQ,CAAA;AAAA,IACzC,KAAK,gBAAA;AACJ,MAAA,OAAO,mBAAA,CAAoB,MAAM,QAAQ,CAAA;AAAA,IAC1C,KAAK,YAAA;AACJ,MAAA,OAAO,eAAA,CAAgB,MAAM,QAAQ,CAAA;AAAA,IACtC,KAAK,WAAA;AACJ,MAAA,OAAO,cAAA,CAAe,MAAM,QAAQ,CAAA;AAAA,IACrC,KAAK,YAAA;AACJ,MAAA,OAAO,gBAAA,CAAiB,MAAM,QAAQ,CAAA;AAAA,IACvC,KAAK,SAAA;AACJ,MAAA,OAAO,aAAA,CAAc,MAAM,QAAQ,CAAA;AAAA,IACpC,SAAS;AACR,MAAA,MAAM,WAAA,GAAqB,IAAA;AAC3B,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,6BAAA,EAAiC,WAAA,CAA0B,IAAI,CAAA,CAAE,CAAA;AAAA,IAClF;AAAA;AAEF;AA2BO,SAAS,eAAe,IAAA,EAAoC;AAClE,EAAA,QAAQ,IAAA;AAAM,IACb,KAAK,cAAA;AACJ,MAAA,OAAO;AAAA,QACN,IAAA,EAAM,cAAA;AAAA,QACN,QAAA,EAAU,UAAA;AAAA,QACV,eAAA,EAAiB,6CAAA;AAAA,QACjB,KAAA,EAAO;AAAA,OACR;AAAA,IACD,KAAK,gBAAA;AACJ,MAAA,OAAO;AAAA,QACN,IAAA,EAAM,gBAAA;AAAA,QACN,QAAA,EAAU,UAAA;AAAA,QACV,QAAA,EAAU,qDAAA;AAAA,QACV,KAAA,EAAO;AAAA,OACR;AAAA,IACD,KAAK,YAAA;AACJ,MAAA,OAAO;AAAA,QACN,IAAA,EAAM,YAAA;AAAA,QACN,KAAA,EAAO,kBAAA;AAAA,QACP,YAAA,EAAc,iDAAA;AAAA,QACd,KAAA,EAAO;AAAA,OACR;AAAA,IACD,KAAK,WAAA;AACJ,MAAA,OAAO;AAAA,QACN,IAAA,EAAM,WAAA;AAAA,QACN,KAAA,EAAO,kBAAA;AAAA,QACP,GAAA,EAAK;AAAA,OACN;AAAA,IACD,KAAK,YAAA;AACJ,MAAA,OAAO;AAAA,QACN,IAAA,EAAM,YAAA;AAAA,QACN,KAAA,EAAO,kBAAA;AAAA,QACP,YAAA,EAAc,YAAA;AAAA,QACd,gBAAA,EAAkB,WAAA;AAAA,QAClB,WAAA,EAAa,YAAA;AAAA,QACb,SAAA,EAAW;AAAA,OACZ;AAAA,IACD,KAAK,SAAA;AACJ,MAAA,OAAO;AAAA,QACN,IAAA,EAAM,SAAA;AAAA,QACN,QAAA,EAAU,UAAA;AAAA,QACV,YAAA,EAAc;AAAA,OACf;AAAA;AAEH;;;ACjgBA,IAAM,mBAAA,GAAsBF,EAAE,IAAA,CAAK;AAAA,EAClC,cAAA;AAAA,EACA,gBAAA;AAAA,EACA,YAAA;AAAA,EACA,WAAA;AAAA,EACA,YAAA;AAAA,EACA;AACD,CAAC,CAAA;AAED,IAAM,eAAA,GAAkBA,EACtB,MAAA,CAAO;AAAA,EACP,EAAA,EAAIA,EAAE,MAAA,EAAO;AAAA;AAAA,EAEb,QAAA,EAAUA,EAAE,MAAA,EAAO;AAAA,EACnB,IAAA,EAAMA,CAAAA,CAAE,MAAA,CAAOA,CAAAA,CAAE,SAAS;AAC3B,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,kBAAA,GAAqBA,EACzB,MAAA,CAAO;AAAA,EACP,QAAA,EAAUA,EAAE,MAAA,EAAO;AAAA,EACnB,MAAMA,CAAAA,CAAE,MAAA,CAAOA,EAAE,OAAA,EAAS,EAAE,QAAA;AAC7B,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,eAAA,GAAkBA,EACtB,MAAA,CAAO;AAAA,EACP,EAAA,EAAIA,EAAE,MAAA,EAAO;AAAA,EACb,QAAA,EAAUA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AACtB,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAG1B,IAAM,oBAAA,GAAuBA,EAAE,IAAA,CAAK;AAAA,EACnC,MAAA;AAAA,EACA,WAAA;AAAA,EACA,eAAA;AAAA,EACA,YAAA;AAAA,EACA,cAAA;AAAA,EACA;AACD,CAAC,CAAA;AAED,IAAM,oBAAA,GAAuBA,EAC3B,MAAA,CAAO;AAAA,EACP,IAAA,EAAMA,EAAE,MAAA,EAAO,CAAE,IAAI,CAAC,CAAA,CAAE,IAAI,GAAG,CAAA;AAAA,EAC/B,IAAA,EAAMA,EAAE,MAAA,EAAO,CAAE,IAAI,CAAC,CAAA,CAAE,IAAI,GAAG,CAAA;AAAA,EAC/B,OAAA,EAASA,EAAE,MAAA,EAAO,CAAE,IAAI,CAAC,CAAA,CAAE,IAAI,GAAG,CAAA;AAAA,EAClC,aAAaA,CAAAA,CAAE,MAAA,GAAS,GAAA,CAAI,GAAG,EAAE,QAAA,EAAS;AAAA,EAC1C,QAAA,EAAU,oBAAA;AAAA,EACV,aAAaA,CAAAA,CAAE,MAAA,GAAS,GAAA,CAAI,GAAI,EAAE,QAAA,EAAS;AAAA,EAC3C,UAAA,EAAYA,EAAE,MAAA,EAAO;AAAA,EACrB,aAAA,EAAeA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACnC,OAAA,EAASA,CAAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,EAC9B,WAAA,EAAa,oBAAoB,QAAA;AAClC,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,oBAAA,GAAuBA,EAC3B,MAAA,CAAO;AAAA,EACP,EAAA,EAAIA,EAAE,MAAA,EAAO;AAAA,EACb,IAAA,EAAMA,CAAAA,CAAE,MAAA,EAAO,CAAE,GAAA,CAAI,CAAC,CAAA,CAAE,GAAA,CAAI,GAAG,CAAA,CAAE,QAAA,EAAS;AAAA,EAC1C,IAAA,EAAMA,CAAAA,CAAE,MAAA,EAAO,CAAE,GAAA,CAAI,CAAC,CAAA,CAAE,GAAA,CAAI,GAAG,CAAA,CAAE,QAAA,EAAS;AAAA,EAC1C,OAAA,EAASA,CAAAA,CAAE,MAAA,EAAO,CAAE,GAAA,CAAI,CAAC,CAAA,CAAE,GAAA,CAAI,GAAG,CAAA,CAAE,QAAA,EAAS;AAAA,EAC7C,aAAaA,CAAAA,CAAE,MAAA,GAAS,GAAA,CAAI,GAAG,EAAE,QAAA,EAAS;AAAA,EAC1C,QAAA,EAAU,qBAAqB,QAAA,EAAS;AAAA,EACxC,aAAaA,CAAAA,CAAE,MAAA,GAAS,GAAA,CAAI,GAAI,EAAE,QAAA,EAAS;AAAA,EAC3C,UAAA,EAAYA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAChC,aAAA,EAAeA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AAC3B,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,oBAAA,GAAuBA,EAC3B,MAAA,CAAO;AAAA,EACP,EAAA,EAAIA,EAAE,MAAA;AACP,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,iBAAA,GAAoBA,EACxB,MAAA,CAAO;AAAA;AAAA,EAEP,QAAA,EAAUA,EAAE,MAAA;AACb,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,mBAAA,GAAsBA,EAC1B,MAAA,CAAO;AAAA,EACP,QAAA,EAAU,qBAAqB,QAAA,EAAS;AAAA,EACxC,KAAA,EAAOA,CAAAA,CAAE,MAAA,EAAO,CAAE,GAAA,EAAI,CAAE,GAAA,CAAI,CAAC,CAAA,CAAE,GAAA,CAAI,GAAG,CAAA,CAAE,QAAA;AACzC,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAI1B,eAAe,kBAAA,CACd,IACA,UAAA,EACgF;AAChF,EAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAAiC;AAAA,IACtD,KAAA,EAAO,qBAAA;AAAA,IACP,KAAA,EAAO,cAAc,EAAC;AAAA,IACtB,KAAA,EAAO;AAAA,GACP,CAAA;AAED,EAAA,IAAI,IAAA,CAAK,WAAW,CAAA,IAAK,CAAC,KAAK,CAAC,CAAA,EAAG,YAAY,OAAO,IAAA;AAEtD,EAAA,IAAI,MAAA;AACJ,EAAA,IAAI;AACH,IAAA,MAAA,GAAS,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,CAAC,EAAE,UAAU,CAAA;AAAA,EACvC,CAAA,CAAA,MAAQ;AACP,IAAA,OAAO,IAAA;AAAA,EACR;AAEA,EAAA,MAAM,WAAW,MAAA,CAAO,cAAA;AACxB,EAAA,IAAI,CAAC,UAAU,OAAO,IAAA;AAEtB,EAAA,MAAM,cAAA,GAAiB,MAAA,CAAO,SAAA,CAAU,QAAQ,CAAA;AAChD,EAAA,IAAI,CAAC,cAAA,EAAgB,OAAA,IAAW,CAAC,cAAA,CAAe,QAAQ,OAAO,IAAA;AAE/D,EAAA,MAAM,WAAA,GAAiC;AAAA,IACtC,QAAQ,cAAA,CAAe,MAAA;AAAA,IACvB,QAAQ,cAAA,CAAe,MAAA;AAAA,IACvB,QAAQ,cAAA,CAAe,MAAA;AAAA,IACvB,aAAa,cAAA,CAAe,WAAA;AAAA,IAC5B,iBAAiB,cAAA,CAAe;AAAA,GACjC;AAEA,EAAA,MAAM,UAAA,GAAa,mBAAA,CAAoB,QAAA,EAA6B,WAAW,CAAA;AAC/E,EAAA,IAAI,CAAC,UAAA,CAAW,KAAA,EAAO,OAAO,IAAA;AAE9B,EAAA,OAAO,EAAE,QAAA,EAAU,QAAA,EAA6B,WAAA,EAAY;AAC7D;AAIA,eAAe,YAAA,CACd,IACA,UAAA,EACkC;AAClC,EAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAA4B;AAAA,IACjD,KAAA,EAAO,gBAAA;AAAA,IACP,KAAA,EAAO,cAAc,EAAC;AAAA,IACtB,KAAA,EAAO;AAAA,GACP,CAAA;AAED,EAAA,IAAI,IAAA,CAAK,WAAW,CAAA,IAAK,CAAC,KAAK,CAAC,CAAA,SAAU,EAAC;AAE3C,EAAA,MAAM,GAAA,GAAM,KAAK,CAAC,CAAA;AAClB,EAAA,OAAO;AAAA,IACN,YAAA,EAAc,IAAI,YAAA,IAAgB,MAAA;AAAA,IAClC,OAAA,EAAS,IAAI,OAAA,IAAW,MAAA;AAAA,IACxB,YAAA,EAAc,IAAI,YAAA,IAAgB,MAAA;AAAA,IAClC,OAAA,EAAS,IAAI,OAAA,IAAW,MAAA;AAAA,IACxB,QAAA,EAAU,IAAI,QAAA,IAAY,MAAA;AAAA,IAC1B,SAAA,EAAW,IAAI,SAAA,IAAa,MAAA;AAAA,IAC5B,UAAA,EAAY,eAAA,CAAgB,GAAA,CAAI,IAAI;AAAA,GACrC;AACD;AAIA,eAAe,kBAAA,CACd,EAAA,EACA,IAAA,EACA,UAAA,EACmC;AACnC,EAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAA2B;AAAA,IAChD,KAAA,EAAO,eAAA;AAAA,IACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,MAAA,EAAQ,KAAA,EAAO,IAAA,EAAK,EAAG,GAAI,UAAA,IAAc,EAAG,CAAA;AAAA,IAC7D,KAAA,EAAO;AAAA,GACP,CAAA;AACD,EAAA,OAAO,IAAA,CAAK,CAAC,CAAA,IAAK,IAAA;AACnB;AAEA,eAAe,gBAAA,CACd,EAAA,EACA,EAAA,EACA,UAAA,EACmC;AACnC,EAAA,OAAO,GAAG,OAAA,CAA0B;AAAA,IACnC,KAAA,EAAO,eAAA;AAAA,IACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,KAAA,EAAO,EAAA,EAAG,EAAG,GAAI,UAAA,IAAc,EAAG;AAAA,GACzD,CAAA;AACF;AAEA,eAAe,yBAAA,CACd,EAAA,EACA,WAAA,EACA,UAAA,EACmC;AACnC,EAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAA2B;AAAA,IAChD,KAAA,EAAO,eAAA;AAAA,IACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,aAAA,EAAe,KAAA,EAAO,WAAA,EAAY,EAAG,GAAI,UAAA,IAAc,EAAG,CAAA;AAAA,IAC3E,KAAA,EAAO;AAAA,GACP,CAAA;AACD,EAAA,OAAO,IAAA,CAAK,CAAC,CAAA,IAAK,IAAA;AACnB;AAUA,SAAS,kBAAA,CACR,UAAA,EACA,SAAA,EACA,QAAA,EACiC;AACjC,EAAA,IAAI,MAAA;AACJ,EAAA,IAAI;AACH,IAAA,MAAA,GAAS,IAAA,CAAK,MAAM,UAAU,CAAA;AAAA,EAC/B,CAAA,CAAA,MAAQ;AACP,IAAA,OAAO,EAAE,IAAA,EAAM,yBAAA,EAA2B,IAAA,EAAM,kBAAA,EAAmB;AAAA,EACpE;AAEA,EAAA,MAAM,EAAA,GAAK,SAAS,YAAA,IAAgB,SAAA;AACpC,EAAA,MAAM,EAAA,GAAK,SAAS,YAAA,IAAgB,CAAA;AACpC,EAAA,MAAM,EAAA,GAAK,SAAS,QAAA,IAAY,KAAA;AAChC,EAAA,MAAM,SAAA,GAAY,KAAK,SAAA,GAAY,SAAA;AACnC,EAAA,MAAM,YAAA,GAAe,KAAK,SAAA,GAAY,SAAA;AAEtC,EAAA,MAAM,MAAA,GAAS,KAAK,SAAA,GAAY,SAAA;AAChC,EAAA,MAAM,UAAA,GAAa,KAAK,SAAA,GAAY,SAAA;AACpC,EAAA,MAAM,SAAA,GAAY,KAAK,SAAA,GAAY,SAAA;AACnC,EAAA,MAAM,YAAA,GAAe,KAAK,SAAA,GAAY,SAAA;AAEtC,EAAA,SAAS,OAAO,IAAA,EAAsB;AACrC,IAAA,OAAO,IAAA,CAAK,QAAQ,gBAAA,EAAkB,CAAC,OAAO,IAAA,KAAiB,SAAA,CAAU,IAAI,CAAA,IAAK,KAAK,CAAA;AAAA,EACxF;AAEA,EAAA,SAAS,QAAQ,GAAA,EAAqB;AACrC,IAAA,OAAO,GAAA,CACL,OAAA,CAAQ,IAAA,EAAM,OAAO,EACrB,OAAA,CAAQ,IAAA,EAAM,MAAM,CAAA,CACpB,QAAQ,IAAA,EAAM,MAAM,CAAA,CACpB,OAAA,CAAQ,MAAM,QAAQ,CAAA;AAAA,EACzB;AAEA,EAAA,MAAM,YAAsB,EAAC;AAC7B,EAAA,MAAM,YAAsB,EAAC;AAE7B,EAAA,KAAA,MAAW,SAAS,MAAA,EAAQ;AAC3B,IAAA,MAAM,OAAO,KAAA,CAAM,IAAA;AACnB,IAAA,MAAM,KAAA,GAAS,KAAA,CAAM,KAAA,IAAiD,EAAC;AACvE,IAAA,MAAM,QAAA,GAAY,KAAA,CAAM,QAAA,KAAoC,IAAA,KAAS,YAAY,EAAA,GAAK,EAAA,CAAA;AACtF,IAAA,MAAM,KAAA,GACJ,KAAA,CAAM,KAAA,KAAiC,IAAA,KAAS,YAAY,YAAA,GAAe,SAAA,CAAA;AAC7E,IAAA,MAAM,KAAA,GACJ,KAAA,CAAM,SAAA,KAAqC,IAAA,KAAS,YAAY,QAAA,GAAW,MAAA,CAAA;AAE7E,IAAA,QAAQ,IAAA;AAAM,MACb,KAAK,SAAA,EAAW;AACf,QAAA,MAAM,EAAA,GAAM,MAAM,EAAA,IAAiB,IAAA;AACnC,QAAA,MAAM,IAAA,GAAO,MAAA,CAAQ,KAAA,CAAM,IAAA,IAAmB,EAAE,CAAA;AAChD,QAAA,SAAA,CAAU,IAAA;AAAA,UACT,CAAA,CAAA,EAAI,EAAE,CAAA,iCAAA,EAAoC,QAAQ,CAAA,yBAAA,EAA4B,KAAK,CAAA,YAAA,EAAe,KAAK,CAAA,mBAAA,EAAsB,IAAI,CAAA,EAAA,EAAK,EAAE,CAAA,CAAA;AAAA,SACzI;AACA,QAAA,SAAA,CAAU,IAAA,CAAK,MAAM,EAAE,CAAA;AACvB,QAAA;AAAA,MACD;AAAA,MACA,KAAK,MAAA,EAAQ;AACZ,QAAA,MAAM,OAAA,GAAW,MAAM,IAAA,IAAmB,EAAA;AAC1C,QAAA,MAAM,IAAA,GAAO,OAAO,OAAO,CAAA;AAE3B,QAAA,SAAA,CAAU,IAAA;AAAA,UACT,uCAAuC,QAAQ,CAAA,yBAAA,EAA4B,KAAK,CAAA,YAAA,EAAe,KAAK,MAAM,IAAI,CAAA,IAAA;AAAA,SAC/G;AAEA,QAAA,SAAA,CAAU,KAAK,IAAA,CAAK,OAAA,CAAQ,UAAA,EAAY,EAAE,GAAG,EAAE,CAAA;AAC/C,QAAA;AAAA,MACD;AAAA,MACA,KAAK,QAAA,EAAU;AACd,QAAA,MAAM,IAAA,GAAO,MAAA,CAAQ,KAAA,CAAM,IAAA,IAAmB,OAAO,CAAA;AACrD,QAAA,MAAM,IAAA,GAAO,MAAA,CAAQ,KAAA,CAAM,IAAA,IAAmB,GAAG,CAAA;AACjD,QAAA,MAAM,OAAA,GAAW,MAAM,OAAA,IAAsB,SAAA;AAC7C,QAAA,MAAM,EAAA,GAAK,OAAA,KAAY,SAAA,GAAY,EAAA,GAAK,aAAA;AACxC,QAAA,MAAM,EAAA,GAAK,OAAA,KAAY,SAAA,GAAY,SAAA,GAAY,EAAA;AAC/C,QAAA,MAAM,MAAA,GAAS,OAAA,KAAY,SAAA,GAAY,CAAA,UAAA,EAAa,EAAE,CAAA,CAAA,GAAK,MAAA;AAC3D,QAAA,SAAA,CAAU,IAAA;AAAA,UACT,CAAA,+HAAA,EAAkI,OAAA,CAAQ,IAAI,CAAC,oFAAoF,EAAE,CAAA,OAAA,EAAU,EAAE,CAAA,mEAAA,EAAsE,EAAE,CAAA,UAAA,EAAa,MAAM,CAAA,mBAAA,EAAsB,OAAA,CAAQ,IAAI,CAAC,CAAA,sBAAA;AAAA,SAChX;AACA,QAAA,SAAA,CAAU,KAAK,CAAA,CAAA,EAAI,IAAI,CAAA,EAAA,EAAK,IAAI,KAAK,EAAE,CAAA;AACvC,QAAA;AAAA,MACD;AAAA,MACA,KAAK,OAAA,EAAS;AACb,QAAA,MAAM,GAAA,GAAM,MAAA,CAAQ,KAAA,CAAM,GAAA,IAAkB,EAAE,CAAA;AAC9C,QAAA,MAAM,GAAA,GAAO,MAAM,GAAA,IAAkB,EAAA;AACrC,QAAA,MAAM,CAAA,GAAK,MAAM,KAAA,IAAgC,GAAA;AACjD,QAAA,SAAA,CAAU,IAAA;AAAA,UACT,CAAA,UAAA,EAAa,OAAA,CAAQ,GAAG,CAAC,CAAA,OAAA,EAAU,OAAA,CAAQ,GAAG,CAAC,CAAA,SAAA,EAAY,CAAC,CAAA,qEAAA,EAAwE,EAAE,CAAA,OAAA;AAAA,SACvI;AACA,QAAA,SAAA,CAAU,IAAA,CAAK,CAAA,QAAA,EAAW,GAAG,CAAA,CAAA,CAAA,EAAK,EAAE,CAAA;AACpC,QAAA;AAAA,MACD;AAAA,MACA,KAAK,SAAA,EAAW;AACf,QAAA,SAAA,CAAU,IAAA;AAAA,UACT,6DAA6D,YAAY,CAAA,KAAA;AAAA,SAC1E;AACA,QAAA,SAAA,CAAU,IAAA,CAAK,OAAO,EAAE,CAAA;AACxB,QAAA;AAAA,MACD;AAAA,MACA,KAAK,QAAA,EAAU;AACd,QAAA,MAAM,CAAA,GAAK,MAAM,MAAA,IAAqB,EAAA;AACtC,QAAA,SAAA,CAAU,IAAA,CAAK,CAAA,mBAAA,EAAsB,CAAC,CAAA,WAAA,CAAa,CAAA;AACnD,QAAA,SAAA,CAAU,KAAK,EAAE,CAAA;AACjB,QAAA;AAAA,MACD;AAAA,MACA,KAAK,MAAA,EAAQ;AACZ,QAAA,MAAM,IAAA,GAAO,MAAA,CAAQ,KAAA,CAAM,IAAA,IAAmB,EAAE,CAAA;AAChD,QAAA,SAAA,CAAU,IAAA;AAAA,UACT,CAAA,0LAAA,EAA6L,MAAM,CAAA,kBAAA,EAAqB,UAAU,kHAAkH,SAAS,CAAA,GAAA,EAAM,OAAA,CAAQ,IAAI,CAAC,CAAA,wBAAA;AAAA,SACjX;AACA,QAAA,SAAA,CAAU,IAAA,CAAK,CAAA,MAAA,EAAS,IAAI,CAAA,CAAA,EAAI,EAAE,CAAA;AAClC,QAAA;AAAA,MACD;AAAA,MACA,KAAK,MAAA,EAAQ;AACZ,QAAA,MAAM,IAAA,GAAO,MAAA,CAAQ,KAAA,CAAM,IAAA,IAAmB,EAAE,CAAA;AAChD,QAAA,MAAM,IAAA,GAAO,MAAA,CAAQ,KAAA,CAAM,IAAA,IAAmB,GAAG,CAAA;AACjD,QAAA,MAAM,EAAA,GAAM,MAAM,KAAA,IAAgC,EAAA;AAClD,QAAA,MAAM,GAAA,GAAO,MAAM,QAAA,IAAmC,EAAA;AACtD,QAAA,SAAA,CAAU,IAAA;AAAA,UACT,CAAA,mCAAA,EAAsC,GAAG,CAAA,cAAA,EAAiB,OAAA,CAAQ,IAAI,CAAC,CAAA,+BAAA,EAAkC,EAAE,CAAA,kDAAA,EAAqD,IAAI,CAAA,QAAA;AAAA,SACrK;AACA,QAAA,SAAA,CAAU,KAAK,CAAA,EAAG,IAAI,CAAA,EAAA,EAAK,IAAI,KAAK,EAAE,CAAA;AACtC,QAAA;AAAA,MACD;AAAA;AAAA,MAEA,KAAK,SAAA,EAAW;AACf,QAAA,MAAM,IAAA,GACJ,KAAA,CAAM,OAAA,IACP,EAAC;AACF,QAAA,SAAA,CAAU,IAAA;AAAA,UACT;AAAA,SACD;AACA,QAAA,KAAA,MAAW,OAAO,IAAA,EAAM;AACvB,UAAA,MAAM,CAAA,GAAI,IAAI,KAAA,IAAS,CAAA,EAAG,KAAK,KAAA,CAAM,GAAA,GAAM,IAAA,CAAK,MAAM,CAAC,CAAA,CAAA,CAAA;AACvD,UAAA,SAAA,CAAU,IAAA,CAAK,CAAA,iBAAA,EAAoB,CAAC,CAAA,oCAAA,CAAsC,CAAA;AAE1E,UAAA,MAAM,MAAA,GAAS,kBAAA,CAAmB,IAAA,CAAK,SAAA,CAAU,GAAA,CAAI,UAAU,EAAE,CAAA,EAAG,SAAA,EAAW,QAAQ,CAAA;AACvF,UAAA,SAAA,CAAU,IAAA,CAAK,OAAO,IAAI,CAAA;AAC1B,UAAA,SAAA,CAAU,IAAA,CAAK,OAAO,IAAI,CAAA;AAC1B,UAAA,SAAA,CAAU,KAAK,OAAO,CAAA;AAAA,QACvB;AACA,QAAA,SAAA,CAAU,KAAK,eAAe,CAAA;AAC9B,QAAA;AAAA,MACD;AAAA;AACD,EACD;AAEA,EAAA,OAAO,EAAE,IAAA,EAAM,SAAA,CAAU,IAAA,CAAK,IAAI,GAAG,IAAA,EAAM,SAAA,CAAU,IAAA,CAAK,IAAI,CAAA,EAAE;AACjE;AAKA,SAAS,kBAAA,CAAmB,SAAiB,QAAA,EAA0C;AACtF,EAAA,MAAM,CAAA,GAAI;AAAA,IACT,OAAA,EAAS,SAAS,OAAA,IAAW,aAAA;AAAA,IAC7B,YAAA,EAAc,SAAS,YAAA,IAAgB,SAAA;AAAA,IACvC,OAAA,EAAS,SAAS,OAAA,IAAW,SAAA;AAAA,IAC7B,YAAA,EAAc,SAAS,YAAA,IAAgB,CAAA;AAAA,IACvC,UAAA,EACC,SAAS,UAAA,IACT,4FAAA;AAAA,IACD,QAAA,EAAU,SAAS,QAAA,IAAY,KAAA;AAAA,IAC/B,WAAW,QAAA,CAAS,SAAA;AAAA,IACpB,SAAS,QAAA,CAAS;AAAA,GACnB;AAEA,EAAA,MAAM,MAAA,GAAS,CAAA,CAAE,QAAA,GAAW,SAAA,GAAY,SAAA;AACxC,EAAA,MAAM,UAAA,GAAa,CAAA,CAAE,QAAA,GAAW,SAAA,GAAY,SAAA;AAC5C,EAAA,MAAM,WAAA,GAAc,CAAA,CAAE,QAAA,GAAW,SAAA,GAAY,SAAA;AAC7C,EAAA,MAAM,WAAA,GAAc,CAAA,CAAE,QAAA,GAAW,MAAA,GAAS,OAAA;AAC1C,EAAA,MAAM,mBAAmB,CAAA,CAAE,SAAA,GAAY,CAAA,OAAA,EAAU,CAAA,CAAE,SAAS,CAAA,QAAA,CAAA,GAAa,EAAA;AAEzE,EAAA,SAASG,KAAI,GAAA,EAAqB;AACjC,IAAA,OAAO,GAAA,CACL,OAAA,CAAQ,IAAA,EAAM,OAAO,EACrB,OAAA,CAAQ,IAAA,EAAM,MAAM,CAAA,CACpB,QAAQ,IAAA,EAAM,MAAM,CAAA,CACpB,OAAA,CAAQ,MAAM,QAAQ,CAAA;AAAA,EACzB;AAEA,EAAA,MAAM,IAAA,GAAO,CAAA,CAAE,OAAA,GACZ,CAAA,UAAA,EAAaA,IAAAA,CAAI,CAAA,CAAE,OAAO,CAAC,CAAA,OAAA,EAAUA,IAAAA,CAAI,CAAA,CAAE,OAAO,CAAC,CAAA,uFAAA,CAAA,GACnD,EAAA;AAEH,EAAA,OAAO;AAAA,IACN,iBAAA;AAAA,IACA,kBAAA;AAAA,IACA,QAAA;AAAA,IACA,0BAAA;AAAA,IACA,wEAAA;AAAA,IACA,sCAAsC,WAAW,CAAA,IAAA,CAAA;AAAA,IACjD,CAAA,OAAA,EAAUA,IAAAA,CAAI,CAAA,CAAE,OAAO,CAAC,CAAA,QAAA,CAAA;AAAA,IACxB,eAAA;AAAA,IACA,gEAAA;AAAA,IACA,cAAA;AAAA,IACA,gBAAA;AAAA,IACA,SAAA;AAAA,IACA,CAAA,iDAAA,EAAoD,CAAA,CAAE,OAAO,CAAA,aAAA,EAAgB,EAAE,UAAU,CAAA,sCAAA,CAAA;AAAA,IACzF,CAAA,gGAAA,EAAmG,EAAE,OAAO,CAAA,GAAA,CAAA;AAAA,IAC5G,MAAA;AAAA,IACA,gDAAA;AAAA,IACA,iHAAA;AAAA,IACA,MAAA;AAAA,IACA,CAAA,yCAAA,EAA4C,MAAM,CAAA,kBAAA,EAAqB,UAAU,CAAA,sBAAA,CAAA;AAAA,IACjF,IAAA;AAAA,IACA,OAAA;AAAA,IACA,OAAA;AAAA,IACA,OAAA;AAAA,IACA,MAAA;AAAA,IACA,kDAAA;AAAA,IACA,2DAA2D,WAAW,CAAA,GAAA,CAAA;AAAA,IACtE,CAAA,uBAAA,EAA0BA,IAAAA,CAAI,CAAA,CAAE,OAAO,CAAC,CAAA,CAAA,CAAA;AAAA,IACxC,4DAAA;AAAA,IACA,MAAA;AAAA,IACA,OAAA;AAAA,IACA,OAAA;AAAA,IACA,UAAA;AAAA,IACA,OAAA;AAAA,IACA,OAAA;AAAA,IACA,UAAA;AAAA,IACA,SAAA;AAAA,IACA;AAAA,GACD,CAAE,KAAK,IAAI,CAAA;AACZ;AAIA,eAAe,YAAA,CACd,EAAA,EACA,EAAA,EACA,IAAA,EACA,SACA,KAAA,EACgD;AAChD,EAAA,MAAM,cAAA,GAAiB,MAAM,kBAAA,CAAmB,EAAA,EAAI,OAAO,QAAQ,CAAA;AACnE,EAAA,IAAI,CAAC,cAAA,EAAgB;AACpB,IAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,yDAAA,EAA0D;AAAA,EAC3F;AAEA,EAAA,MAAM,QAAA,GAAW,MAAM,YAAA,CAAa,EAAA,EAAI,OAAO,YAAY,CAAA;AAC3D,EAAA,IAAI,OAAA,CAAQ,OAAA,EAAS,QAAA,CAAS,OAAA,GAAU,OAAA,CAAQ,OAAA;AAEhD,EAAA,MAAM,QAAA,GAAW,WAAA,CAAY,IAAA,EAAM,QAAQ,CAAA;AAE3C,EAAA,MAAM,cACL,OAAA,CAAQ,WAAA,IAAe,CAAA,EAAG,QAAA,CAAS,WAAW,aAAa,CAAA,sBAAA,CAAA;AAE5D,EAAA,MAAM,SAAS,MAAM,SAAA;AAAA,IACpB,cAAA,CAAe,QAAA;AAAA,IACf;AAAA,MACC,IAAA,EAAM,WAAA;AAAA,MACN,EAAA;AAAA,MACA,SAAS,QAAA,CAAS,OAAA;AAAA,MAClB,MAAM,QAAA,CAAS,IAAA;AAAA,MACf,MAAM,QAAA,CAAS,IAAA;AAAA,MACf,SAAS,OAAA,CAAQ;AAAA,KAClB;AAAA,IACA,cAAA,CAAe;AAAA,GAChB;AAEA,EAAA,OAAO,MAAA;AACR;AAKA,eAAe,wBACd,EAAA,EACA,EAAA,EACA,YAAA,EACA,SAAA,EACA,SACA,KAAA,EACgD;AAChD,EAAA,MAAM,cAAA,GAAiB,MAAM,kBAAA,CAAmB,EAAA,EAAI,OAAO,QAAQ,CAAA;AACnE,EAAA,IAAI,CAAC,cAAA,EAAgB;AACpB,IAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,yDAAA,EAA0D;AAAA,EAC3F;AAEA,EAAA,MAAM,WAAW,MAAM,kBAAA,CAAmB,EAAA,EAAI,YAAA,EAAc,OAAO,YAAY,CAAA;AAC/E,EAAA,IAAI,CAAC,QAAA,EAAU;AACd,IAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,CAAA,UAAA,EAAa,YAAY,CAAA,WAAA,CAAA,EAAc;AAAA,EACxE;AAEA,EAAA,MAAM,QAAA,GAAW,MAAM,YAAA,CAAa,EAAA,EAAI,OAAO,YAAY,CAAA;AAC3D,EAAA,IAAI,OAAA,CAAQ,OAAA,EAAS,QAAA,CAAS,OAAA,GAAU,OAAA,CAAQ,OAAA;AAGhD,EAAA,MAAM,OAAA,GAAU,SAAS,OAAA,CAAQ,OAAA;AAAA,IAChC,gBAAA;AAAA,IACA,CAAC,KAAA,EAAO,IAAA,KAAiB,SAAA,CAAU,IAAI,CAAA,IAAK;AAAA,GAC7C;AAGA,EAAA,MAAM,EAAE,MAAM,SAAA,EAAW,IAAA,KAAS,kBAAA,CAAmB,QAAA,CAAS,UAAA,EAAY,SAAA,EAAW,QAAQ,CAAA;AAC7F,EAAA,MAAM,IAAA,GAAO,kBAAA,CAAmB,SAAA,EAAW,QAAQ,CAAA;AAEnD,EAAA,MAAM,cACL,OAAA,CAAQ,WAAA,IAAe,CAAA,EAAG,QAAA,CAAS,WAAW,aAAa,CAAA,sBAAA,CAAA;AAE5D,EAAA,MAAM,SAAS,MAAM,SAAA;AAAA,IACpB,cAAA,CAAe,QAAA;AAAA,IACf;AAAA,MACC,IAAA,EAAM,WAAA;AAAA,MACN,EAAA;AAAA,MACA,OAAA;AAAA,MACA,IAAA;AAAA,MACA,IAAA;AAAA,MACA,SAAS,OAAA,CAAQ;AAAA,KAClB;AAAA,IACA,cAAA,CAAe;AAAA,GAChB;AAEA,EAAA,OAAO,MAAA;AACR;AAUO,SAAS,WAAA,CAAY,OAAA,GAA8B,EAAC,EAAqB;AAC/E,EAAA,MAAM,cAAA,GAAiB;AAAA,IACtB,cAAA;AAAA,IACA,gBAAA;AAAA,IACA,YAAA;AAAA,IACA,WAAA;AAAA,IACA,YAAA;AAAA,IACA;AAAA,GACD;AAEA,EAAA,OAAO;AAAA,IACN,EAAA,EAAI,cAAA;AAAA;AAAA;AAAA,IAIJ,MAAA,EAAQ;AAAA,MACP,aAAA,EAAe;AAAA,QACd,MAAA,EAAQ;AAAA,UACP,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAmB,UAAU,KAAA,EAAM;AAAA,UACtD,IAAA,EAAM,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UACvC,IAAA,EAAM,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UACvC,OAAA,EAAS,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC1C,WAAA,EAAa,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAC/C,QAAA,EAAU,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC3C,WAAA,EAAa,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAC/C,UAAA,EAAY,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC7C,aAAA,EAAe,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UACjD,SAAS,EAAE,IAAA,EAAM,WAAW,QAAA,EAAU,KAAA,EAAO,cAAc,KAAA,EAAM;AAAA,UACjE,WAAA,EAAa,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAC/C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC5C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA;AAAK;AAC7C,OACD;AAAA,MACA,cAAA,EAAgB;AAAA,QACf,MAAA,EAAQ;AAAA,UACP,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAmB,UAAU,KAAA,EAAM;AAAA,UACtD,YAAA,EAAc,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAChD,OAAA,EAAS,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAC3C,YAAA,EAAc,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAChD,QAAA,EAAU,EAAE,IAAA,EAAM,SAAA,EAAW,UAAU,KAAA,EAAM;AAAA,UAC7C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAC7C,IAAA,EAAM,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UACxC,OAAA,EAAS,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAC3C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC5C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA;AAAK;AAC7C,OACD;AAAA,MACA,mBAAA,EAAqB;AAAA,QACpB,MAAA,EAAQ;AAAA,UACP,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAmB,UAAU,KAAA,EAAM;AAAA,UACtD,UAAA,EAAY,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC7C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC5C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA;AAAK;AAC7C;AACD,KACD;AAAA,IAEA,SAAA,EAAW;AAAA;AAAA,MAEV,iBAAA,EAAmBD,kBAAAA;AAAA,QAClB,qBAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,cAAc,IAAA,CAAK,QAAA;AACzB,UAAA,MAAM,SAAA,GAAY,gBAAgB,IAA+B,CAAA;AACjE,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,UAAA,EAAY,cAAA;AAAA,YACZ,WAAW,SAAA,CAAU;AAAA,WACrB,CAAA;AACD,UAAA,MAAM,aAAa,EAAE,QAAA,EAAU,UAAU,KAAA,EAAO,YAAA,EAAc,UAAU,KAAA,EAAM;AAG9E,UAAA,IAAI,cAAA,CAAe,QAAA,CAAS,WAAW,CAAA,EAAG;AAEzC,YAAA,MAAM,iBAAiB,MAAM,yBAAA;AAAA,cAC5B,EAAA;AAAA,cACA,WAAA;AAAA,cACA,SAAA,CAAU;AAAA,aACX;AACA,YAAA,IAAI,cAAA,EAAgB;AACnB,cAAA,MAAME,QAA+B,EAAC;AACtC,cAAA,KAAA,MAAW,CAAC,GAAG,CAAC,CAAA,IAAK,OAAO,OAAA,CAAQ,IAAA,CAAK,IAA+B,CAAA,EAAG;AAC1E,gBAAAA,KAAAA,CAAK,CAAC,CAAA,GAAI,MAAA,CAAO,KAAK,EAAE,CAAA;AAAA,cACzB;AACA,cAAA,MAAMC,UAAS,MAAM,uBAAA;AAAA,gBACpB,EAAA;AAAA,gBACA,IAAA,CAAK,EAAA;AAAA,gBACL,cAAA,CAAe,IAAA;AAAA,gBACfD,KAAAA;AAAA,gBACA,OAAA;AAAA,gBACA;AAAA,eACD;AACA,cAAA,OAAO,GAAA,CAAI,KAAKC,OAAM,CAAA;AAAA,YACvB;AAGA,YAAA,MAAM,SAAA,GAAY,cAAA;AAAA,cACjB,WAAA;AAAA,cACA,IAAA,CAAK;AAAA,aACN;AACA,YAAA,IAAI,CAAC,SAAA,EAAW;AACf,cAAA,OAAO,IAAI,IAAA,CAAK,EAAE,SAAS,KAAA,EAAO,KAAA,EAAO,yBAAyB,CAAA;AAAA,YACnE;AACA,YAAA,MAAMA,OAAAA,GAAS,MAAM,YAAA,CAAa,EAAA,EAAI,KAAK,EAAA,EAAI,SAAA,EAAW,SAAS,UAAU,CAAA;AAC7E,YAAA,OAAO,GAAA,CAAI,KAAKA,OAAM,CAAA;AAAA,UACvB;AAGA,UAAA,MAAM,OAA+B,EAAC;AACtC,UAAA,KAAA,MAAW,CAAC,GAAG,CAAC,CAAA,IAAK,OAAO,OAAA,CAAQ,IAAA,CAAK,IAA+B,CAAA,EAAG;AAC1E,YAAA,IAAA,CAAK,CAAC,CAAA,GAAI,MAAA,CAAO,CAAA,IAAK,EAAE,CAAA;AAAA,UACzB;AACA,UAAA,MAAM,SAAS,MAAM,uBAAA;AAAA,YACpB,EAAA;AAAA,YACA,IAAA,CAAK,EAAA;AAAA,YACL,WAAA;AAAA,YACA,IAAA;AAAA,YACA,OAAA;AAAA,YACA;AAAA,WACD;AACA,UAAA,OAAO,GAAA,CAAI,KAAK,MAAM,CAAA;AAAA,QACvB;AAAA,OACD;AAAA;AAAA,MAGA,oBAAA,EAAsBH,kBAAAA;AAAA,QACrB,wBAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,cAAc,IAAA,CAAK,QAAA;AACzB,UAAA,MAAM,OAAO,IAAA,CAAK,IAAA;AAClB,UAAA,MAAM,SAAA,GAAY,gBAAgB,IAA+B,CAAA;AACjE,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,UAAA,EAAY,cAAA;AAAA,YACZ,WAAW,SAAA,CAAU;AAAA,WACrB,CAAA;AAGD,UAAA,MAAM,iBAAiB,MAAM,kBAAA,CAAmB,EAAA,EAAI,WAAA,EAAa,UAAU,KAAK,CAAA;AAChF,UAAA,IAAI,cAAA,EAAgB;AACnB,YAAA,MAAM,OAA+B,EAAC;AACtC,YAAA,IAAI,IAAA,EAAM;AACT,cAAA,KAAA,MAAW,CAAC,CAAA,EAAG,CAAC,KAAK,MAAA,CAAO,OAAA,CAAQ,IAAI,CAAA,EAAG;AAC1C,gBAAA,IAAA,CAAK,CAAC,CAAA,GAAI,MAAA,CAAO,CAAA,IAAK,EAAE,CAAA;AAAA,cACzB;AAAA,YACD;AACA,YAAA,MAAM,QAAA,GAAW,MAAM,YAAA,CAAa,EAAA,EAAI,UAAU,KAAK,CAAA;AACvD,YAAA,IAAI,OAAA,CAAQ,OAAA,EAAS,QAAA,CAAS,OAAA,GAAU,OAAA,CAAQ,OAAA;AAEhD,YAAA,MAAM,OAAA,GAAU,eAAe,OAAA,CAAQ,OAAA;AAAA,cACtC,gBAAA;AAAA,cACA,CAAC,KAAA,EAAO,IAAA,KAAiB,IAAA,CAAK,IAAI,CAAA,IAAK;AAAA,aACxC;AACA,YAAA,MAAM,EAAE,IAAA,EAAM,SAAA,EAAW,IAAA,EAAK,GAAI,kBAAA;AAAA,cACjC,cAAA,CAAe,UAAA;AAAA,cACf,IAAA;AAAA,cACA;AAAA,aACD;AACA,YAAA,MAAM,IAAA,GAAO,kBAAA,CAAmB,SAAA,EAAW,QAAQ,CAAA;AACnD,YAAA,OAAO,IAAI,IAAA,CAAK,EAAE,OAAA,EAAS,IAAA,EAAM,MAAM,CAAA;AAAA,UACxC;AAGA,UAAA,IAAI,cAAA,CAAe,QAAA,CAAS,WAAW,CAAA,EAAG;AACzC,YAAA,MAAM,QAAA,GAAW,WAAA;AACjB,YAAA,MAAM,SAAA,GAAY,IAAA,GACd,cAAA,CAAe,QAAA,EAAU,IAAI,KAAK,cAAA,CAAe,QAAQ,CAAA,GAC1D,cAAA,CAAe,QAAQ,CAAA;AAE1B,YAAA,MAAM,QAAA,GAAW,MAAM,YAAA,CAAa,EAAA,EAAI,UAAU,KAAK,CAAA;AACvD,YAAA,IAAI,OAAA,CAAQ,OAAA,EAAS,QAAA,CAAS,OAAA,GAAU,OAAA,CAAQ,OAAA;AAEhD,YAAA,MAAM,QAAA,GAAW,WAAA,CAAY,SAAA,EAAW,QAAQ,CAAA;AAChD,YAAA,OAAO,IAAI,IAAA,CAAK;AAAA,cACf,SAAS,QAAA,CAAS,OAAA;AAAA,cAClB,MAAM,QAAA,CAAS,IAAA;AAAA,cACf,MAAM,QAAA,CAAS;AAAA,aACf,CAAA;AAAA,UACF;AAEA,UAAA,OAAO,IAAI,IAAA,CAAK;AAAA,YACf,OAAA,EAAS,EAAA;AAAA,YACT,IAAA,EAAM,2BAAA;AAAA,YACN,IAAA,EAAM;AAAA,WACN,CAAA;AAAA,QACF;AAAA,OACD;AAAA;AAAA,MAGA,aAAA,EAAeA,kBAAAA;AAAA,QACd,oBAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,SAAA,GAAY,gBAAgB,IAA+B,CAAA;AACjE,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,UAAA,EAAY,cAAA;AAAA,YACZ,WAAW,SAAA,CAAU;AAAA,WACrB,CAAA;AACD,UAAA,MAAM,aAAa,EAAE,QAAA,EAAU,UAAU,KAAA,EAAO,YAAA,EAAc,UAAU,KAAA,EAAM;AAE9E,UAAA,MAAM,QAAA,GAAY,KAAK,QAAA,IAAmC,SAAA;AAG1D,UAAA,MAAM,iBAAiB,MAAM,kBAAA,CAAmB,EAAA,EAAI,QAAA,EAAU,UAAU,KAAK,CAAA;AAC7E,UAAA,IAAI,cAAA,EAAgB;AACnB,YAAA,MAAM,SAAS,MAAM,uBAAA;AAAA,cACpB,EAAA;AAAA,cACA,IAAA,CAAK,EAAA;AAAA,cACL,QAAA;AAAA,cACA,EAAC;AAAA,cACD,OAAA;AAAA,cACA;AAAA,aACD;AACA,YAAA,IAAI,CAAC,OAAO,OAAA,EAAS;AACpB,cAAA,OAAO,GAAA,CAAI,KAAK,EAAE,OAAA,EAAS,OAAO,OAAA,EAAS,MAAA,CAAO,OAAO,CAAA;AAAA,YAC1D;AACA,YAAA,OAAO,IAAI,IAAA,CAAK,EAAE,SAAS,IAAA,EAAM,OAAA,EAAS,mBAAmB,CAAA;AAAA,UAC9D;AAGA,UAAA,IAAI,cAAA,CAAe,QAAA,CAAS,QAAQ,CAAA,EAAG;AACtC,YAAA,MAAM,WAAA,GAAc,eAAe,QAA6B,CAAA;AAChE,YAAA,MAAM,MAAA,GAAS,MAAM,YAAA,CAAa,EAAA,EAAI,KAAK,EAAA,EAAI,WAAA,EAAa,SAAS,UAAU,CAAA;AAC/E,YAAA,IAAI,CAAC,OAAO,OAAA,EAAS;AACpB,cAAA,OAAO,GAAA,CAAI,KAAK,EAAE,OAAA,EAAS,OAAO,OAAA,EAAS,MAAA,CAAO,OAAO,CAAA;AAAA,YAC1D;AACA,YAAA,OAAO,IAAI,IAAA,CAAK,EAAE,SAAS,IAAA,EAAM,OAAA,EAAS,mBAAmB,CAAA;AAAA,UAC9D;AAEA,UAAA,OAAO,GAAA,CAAI,KAAK,EAAE,OAAA,EAAS,OAAO,OAAA,EAAS,CAAA,UAAA,EAAa,QAAQ,CAAA,WAAA,CAAA,EAAe,CAAA;AAAA,QAChF;AAAA,OACD;AAAA;AAAA,MAIA,kBAAA,EAAoBA,kBAAAA;AAAA,QACnB,+BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,SAAA,GAAY,gBAAgB,IAA+B,CAAA;AACjE,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,UAAA,EAAY,cAAA;AAAA,YACZ,WAAW,SAAA,CAAU;AAAA,WACrB,CAAA;AAED,UAAA,MAAM,KAAA,GAAuB,CAAC,GAAG,SAAA,CAAU,KAAK,CAAA;AAChD,UAAA,IAAI,KAAK,QAAA,EAAU;AAClB,YAAA,KAAA,CAAM,KAAK,EAAE,KAAA,EAAO,YAAY,KAAA,EAAO,IAAA,CAAK,UAAU,CAAA;AAAA,UACvD;AAEA,UAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAA2B;AAAA,YAChD,KAAA,EAAO,eAAA;AAAA,YACP,KAAA,EAAO,KAAA,CAAM,MAAA,GAAS,CAAA,GAAI,KAAA,GAAQ,MAAA;AAAA,YAClC,KAAA,EAAO,KAAK,KAAA,IAAS,EAAA;AAAA,YACrB,MAAA,EAAQ,EAAE,KAAA,EAAO,WAAA,EAAa,WAAW,MAAA;AAAO,WAChD,CAAA;AAED,UAAA,MAAM,SAAA,GAAY,IAAA,CAAK,GAAA,CAAI,CAAC,GAAA,MAAS;AAAA,YACpC,IAAI,GAAA,CAAI,EAAA;AAAA,YACR,MAAM,GAAA,CAAI,IAAA;AAAA,YACV,MAAM,GAAA,CAAI,IAAA;AAAA,YACV,SAAS,GAAA,CAAI,OAAA;AAAA,YACb,aAAa,GAAA,CAAI,WAAA;AAAA,YACjB,UAAU,GAAA,CAAI,QAAA;AAAA,YACd,aAAa,GAAA,CAAI,WAAA;AAAA,YACjB,YAAY,GAAA,CAAI,UAAA;AAAA,YAChB,eAAe,GAAA,CAAI,aAAA;AAAA,YACnB,OAAA,EAAS,IAAI,OAAA,IAAW,KAAA;AAAA,YACxB,aAAa,GAAA,CAAI,WAAA;AAAA,YACjB,WAAW,GAAA,CAAI,SAAA;AAAA,YACf,WAAW,GAAA,CAAI;AAAA,WAChB,CAAE,CAAA;AAEF,UAAA,OAAO,GAAA,CAAI,IAAA,CAAK,EAAE,SAAA,EAAW,CAAA;AAAA,QAC9B;AAAA,OACD;AAAA,MAEA,gBAAA,EAAkBA,kBAAAA;AAAA,QACjB,8BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,EAAE,UAAS,GAAI,IAAA;AACrB,UAAA,MAAM,SAAA,GAAY,gBAAgB,IAA+B,CAAA;AACjE,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,UAAA,EAAY,cAAA;AAAA,YACZ,WAAW,SAAA,CAAU;AAAA,WACrB,CAAA;AAED,UAAA,IAAI,MAAM,MAAM,kBAAA,CAAmB,EAAA,EAAI,QAAA,EAAU,UAAU,KAAK,CAAA;AAChE,UAAA,IAAI,CAAC,GAAA,EAAK;AACT,YAAA,GAAA,GAAM,MAAM,gBAAA,CAAiB,EAAA,EAAI,QAAA,EAAU,UAAU,KAAK,CAAA;AAAA,UAC3D;AAEA,UAAA,IAAI,CAAC,GAAA,EAAK;AACT,YAAA,OAAO,GAAA,CAAI,IAAA,CAAK,EAAE,QAAA,EAAU,MAAM,CAAA;AAAA,UACnC;AAEA,UAAA,OAAO,IAAI,IAAA,CAAK;AAAA,YACf,QAAA,EAAU;AAAA,cACT,IAAI,GAAA,CAAI,EAAA;AAAA,cACR,MAAM,GAAA,CAAI,IAAA;AAAA,cACV,MAAM,GAAA,CAAI,IAAA;AAAA,cACV,SAAS,GAAA,CAAI,OAAA;AAAA,cACb,aAAa,GAAA,CAAI,WAAA;AAAA,cACjB,UAAU,GAAA,CAAI,QAAA;AAAA,cACd,aAAa,GAAA,CAAI,WAAA;AAAA,cACjB,YAAY,GAAA,CAAI,UAAA;AAAA,cAChB,eAAe,GAAA,CAAI,aAAA;AAAA,cACnB,OAAA,EAAS,IAAI,OAAA,IAAW,KAAA;AAAA,cACxB,aAAa,GAAA,CAAI,WAAA;AAAA,cACjB,WAAW,GAAA,CAAI,SAAA;AAAA,cACf,WAAW,GAAA,CAAI;AAAA;AAChB,WACA,CAAA;AAAA,QACF;AAAA,OACD;AAAA,MAEA,mBAAA,EAAqBA,kBAAAA;AAAA,QACpB,iCAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,SAAA,GAAY,gBAAgB,IAA+B,CAAA;AACjE,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,UAAA,EAAY,cAAA;AAAA,YACZ,WAAW,SAAA,CAAU;AAAA,WACrB,CAAA;AAGD,UAAA,MAAM,WAAW,MAAM,kBAAA,CAAmB,IAAI,IAAA,CAAK,IAAA,EAAM,UAAU,KAAK,CAAA;AACxE,UAAA,IAAI,QAAA,EAAU;AACb,YAAA,OAAO,IAAI,IAAA,CAAK;AAAA,cACf,OAAA,EAAS,KAAA;AAAA,cACT,KAAA,EAAO,CAAA,eAAA,EAAkB,IAAA,CAAK,IAAI,CAAA,gBAAA;AAAA,aAClC,CAAA;AAAA,UACF;AAEA,UAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,UAAA,MAAM,IAAA,GAAgC;AAAA,YACrC,GAAG,SAAA,CAAU,IAAA;AAAA,YACb,MAAM,IAAA,CAAK,IAAA;AAAA,YACX,MAAM,IAAA,CAAK,IAAA;AAAA,YACX,SAAS,IAAA,CAAK,OAAA;AAAA,YACd,UAAU,IAAA,CAAK,QAAA;AAAA,YACf,YAAY,IAAA,CAAK,UAAA;AAAA;AAAA,YAEjB,OAAA,EAAS,IAAA,CAAK,OAAA,IAAW,CAAC,CAAC,IAAA,CAAK,WAAA;AAAA,YAChC,SAAA,EAAW,GAAA;AAAA,YACX,SAAA,EAAW;AAAA,WACZ;AAGA,UAAA,IAAI,IAAA,CAAK,WAAA,EAAa,IAAA,CAAK,WAAA,GAAc,IAAA,CAAK,WAAA;AAC9C,UAAA,IAAI,IAAA,CAAK,WAAA,EAAa,IAAA,CAAK,WAAA,GAAc,IAAA,CAAK,WAAA;AAC9C,UAAA,IAAI,IAAA,CAAK,aAAA,EAAe,IAAA,CAAK,aAAA,GAAgB,IAAA,CAAK,aAAA;AAClD,UAAA,IAAI,IAAA,CAAK,WAAA,EAAa,IAAA,CAAK,WAAA,GAAc,IAAA,CAAK,WAAA;AAE9C,UAAA,MAAM,GAAA,GAAM,MAAM,EAAA,CAAG,MAAA,CAAyB;AAAA,YAC7C,KAAA,EAAO,eAAA;AAAA,YACP;AAAA,WACA,CAAA;AAED,UAAA,OAAO,IAAI,IAAA,CAAK,EAAE,SAAS,IAAA,EAAM,QAAA,EAAU,KAAK,CAAA;AAAA,QACjD;AAAA,OACD;AAAA,MAEA,mBAAA,EAAqBA,kBAAAA;AAAA,QACpB,iCAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,SAAA,GAAY,gBAAgB,IAA+B,CAAA;AACjE,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,UAAA,EAAY,cAAA;AAAA,YACZ,WAAW,SAAA,CAAU;AAAA,WACrB,CAAA;AAED,UAAA,MAAM,WAAW,MAAM,gBAAA,CAAiB,IAAI,IAAA,CAAK,EAAA,EAAI,UAAU,KAAK,CAAA;AACpE,UAAA,IAAI,CAAC,QAAA,EAAU;AACd,YAAA,OAAO,IAAI,IAAA,CAAK,EAAE,SAAS,KAAA,EAAO,KAAA,EAAO,sBAAsB,CAAA;AAAA,UAChE;AAGA,UAAA,IAAI,IAAA,CAAK,IAAA,IAAQ,IAAA,CAAK,IAAA,KAAS,SAAS,IAAA,EAAM;AAC7C,YAAA,MAAM,WAAW,MAAM,kBAAA,CAAmB,IAAI,IAAA,CAAK,IAAA,EAAM,UAAU,KAAK,CAAA;AACxE,YAAA,IAAI,QAAA,EAAU;AACb,cAAA,OAAO,IAAI,IAAA,CAAK;AAAA,gBACf,OAAA,EAAS,KAAA;AAAA,gBACT,KAAA,EAAO,CAAA,eAAA,EAAkB,IAAA,CAAK,IAAI,CAAA,gBAAA;AAAA,eAClC,CAAA;AAAA,YACF;AAAA,UACD;AAEA,UAAA,MAAM,MAAA,GAAkC,EAAE,SAAA,EAAW,IAAA,CAAK,KAAI,EAAE;AAChE,UAAA,IAAI,IAAA,CAAK,IAAA,KAAS,MAAA,EAAW,MAAA,CAAO,OAAO,IAAA,CAAK,IAAA;AAChD,UAAA,IAAI,IAAA,CAAK,IAAA,KAAS,MAAA,EAAW,MAAA,CAAO,OAAO,IAAA,CAAK,IAAA;AAChD,UAAA,IAAI,IAAA,CAAK,OAAA,KAAY,MAAA,EAAW,MAAA,CAAO,UAAU,IAAA,CAAK,OAAA;AACtD,UAAA,IAAI,IAAA,CAAK,WAAA,KAAgB,MAAA,EAAW,MAAA,CAAO,cAAc,IAAA,CAAK,WAAA;AAC9D,UAAA,IAAI,IAAA,CAAK,QAAA,KAAa,MAAA,EAAW,MAAA,CAAO,WAAW,IAAA,CAAK,QAAA;AACxD,UAAA,IAAI,IAAA,CAAK,WAAA,KAAgB,MAAA,EAAW,MAAA,CAAO,cAAc,IAAA,CAAK,WAAA;AAC9D,UAAA,IAAI,IAAA,CAAK,UAAA,KAAe,MAAA,EAAW,MAAA,CAAO,aAAa,IAAA,CAAK,UAAA;AAC5D,UAAA,IAAI,IAAA,CAAK,aAAA,KAAkB,MAAA,EAAW,MAAA,CAAO,gBAAgB,IAAA,CAAK,aAAA;AAElE,UAAA,MAAM,OAAA,GAAU,MAAM,EAAA,CAAG,MAAA,CAAyB;AAAA,YACjD,KAAA,EAAO,eAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,KAAA,EAAO,IAAA,CAAK,EAAA,EAAG,EAAG,GAAG,SAAA,CAAU,KAAK,CAAA;AAAA,YAC3D;AAAA,WACA,CAAA;AAED,UAAA,OAAO,IAAI,IAAA,CAAK,EAAE,SAAS,IAAA,EAAM,QAAA,EAAU,SAAS,CAAA;AAAA,QACrD;AAAA,OACD;AAAA,MAEA,mBAAA,EAAqBA,kBAAAA;AAAA,QACpB,iCAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,EAAE,IAAG,GAAI,IAAA;AACf,UAAA,MAAM,SAAA,GAAY,gBAAgB,IAA+B,CAAA;AACjE,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,UAAA,EAAY,cAAA;AAAA,YACZ,WAAW,SAAA,CAAU;AAAA,WACrB,CAAA;AAED,UAAA,MAAM,WAAW,MAAM,gBAAA,CAAiB,EAAA,EAAI,EAAA,EAAI,UAAU,KAAK,CAAA;AAC/D,UAAA,IAAI,CAAC,QAAA,EAAU;AACd,YAAA,OAAO,IAAI,IAAA,CAAK,EAAE,SAAS,KAAA,EAAO,KAAA,EAAO,sBAAsB,CAAA;AAAA,UAChE;AAEA,UAAA,IAAI,SAAS,OAAA,EAAS;AACrB,YAAA,OAAO,IAAI,IAAA,CAAK;AAAA,cACf,OAAA,EAAS,KAAA;AAAA,cACT,KAAA,EAAO;AAAA,aACP,CAAA;AAAA,UACF;AAEA,UAAA,MAAM,GAAG,MAAA,CAAO;AAAA,YACf,KAAA,EAAO,eAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,OAAO,EAAA,EAAG,EAAG,GAAG,SAAA,CAAU,KAAK;AAAA,WACtD,CAAA;AAED,UAAA,OAAO,GAAA,CAAI,IAAA,CAAK,EAAE,OAAA,EAAS,MAAM,CAAA;AAAA,QAClC;AAAA;AACD;AACD,GACD;AACD;AAiBA,eAAe,mBAAA,CACd,IACA,KAAA,EACgF;AAChF,EAAA,MAAM,KAAA,GAAQ,MAAM,EAAA,CAAG,QAAA,CAAkC;AAAA,IACxD,KAAA,EAAO,MAAA;AAAA,IACP,OAAO,CAAC,EAAE,OAAO,OAAA,EAAS,KAAA,EAAO,OAAO,CAAA;AAAA,IACxC,KAAA,EAAO,CAAA;AAAA,IACP,MAAA,EAAQ,CAAC,WAAW;AAAA,GACpB,CAAA;AACD,EAAA,MAAM,SAAA,GAAY,OAAO,KAAA,CAAM,CAAC,CAAA,EAAG,cAAc,QAAA,GAAW,KAAA,CAAM,CAAC,CAAA,CAAE,SAAA,GAAY,MAAA;AACjF,EAAA,IAAI,CAAC,WAAW,OAAO,MAAA;AACvB,EAAA,MAAM,QAAuB,CAAC,EAAE,OAAO,WAAA,EAAa,KAAA,EAAO,WAAW,CAAA;AACtE,EAAA,OAAO,EAAE,QAAA,EAAU,KAAA,EAAO,YAAA,EAAc,KAAA,EAAM;AAC/C;AAEO,SAAS,wBAAA,CACf,OACA,YAAA,EACC;AACD,EAAA,OAAO;AAAA,IACN,qBAAA,EAAuB,OAAO,MAAA,KAIxB;AACL,MAAA,IAAI;AACH,QAAA,MAAM,KAAK,KAAA,EAAM;AACjB,QAAA,MAAM,QAAQ,MAAM,mBAAA,CAAoB,EAAA,EAAI,MAAA,CAAO,KAAK,KAAK,CAAA;AAC7D,QAAA,MAAM,SAAS,MAAM,YAAA;AAAA,UACpB,EAAA;AAAA,UACA,OAAO,IAAA,CAAK,KAAA;AAAA,UACZ;AAAA,YACC,IAAA,EAAM,cAAA;AAAA,YACN,QAAA,EAAU,MAAA,CAAO,IAAA,CAAK,IAAA,IAAQ,OAAA;AAAA,YAC9B,iBAAiB,MAAA,CAAO,GAAA;AAAA,YACxB,OAAO,MAAA,CAAO;AAAA,WACf;AAAA,UACA,YAAA;AAAA,UACA;AAAA,SACD;AACA,QAAA,IAAI,CAAC,OAAO,OAAA,EAAS;AACpB,UAAA,OAAA,CAAQ,KAAA;AAAA,YACP,qDAAqD,MAAA,CAAO,IAAA,CAAK,KAAK,CAAA,EAAA,EAAK,OAAO,KAAK,CAAA;AAAA,WACxF;AAAA,QACD;AAAA,MACD,SAAS,GAAA,EAAK;AACb,QAAA,OAAA,CAAQ,KAAA,CAAM,kDAAkD,GAAG,CAAA;AAAA,MACpE;AAAA,IACD,CAAA;AAAA,IAEA,iBAAA,EAAmB,OAAO,MAAA,KAIpB;AACL,MAAA,IAAI;AACH,QAAA,MAAM,KAAK,KAAA,EAAM;AACjB,QAAA,MAAM,QAAQ,MAAM,mBAAA,CAAoB,EAAA,EAAI,MAAA,CAAO,KAAK,KAAK,CAAA;AAC7D,QAAA,MAAM,SAAS,MAAM,YAAA;AAAA,UACpB,EAAA;AAAA,UACA,OAAO,IAAA,CAAK,KAAA;AAAA,UACZ;AAAA,YACC,IAAA,EAAM,gBAAA;AAAA,YACN,QAAA,EAAU,MAAA,CAAO,IAAA,CAAK,IAAA,IAAQ,OAAA;AAAA,YAC9B,UAAU,MAAA,CAAO,GAAA;AAAA,YACjB,OAAO,MAAA,CAAO;AAAA,WACf;AAAA,UACA,YAAA;AAAA,UACA;AAAA,SACD;AACA,QAAA,IAAI,CAAC,OAAO,OAAA,EAAS;AACpB,UAAA,OAAA,CAAQ,KAAA;AAAA,YACP,uDAAuD,MAAA,CAAO,IAAA,CAAK,KAAK,CAAA,EAAA,EAAK,OAAO,KAAK,CAAA;AAAA,WAC1F;AAAA,QACD;AAAA,MACD,SAAS,GAAA,EAAK;AACb,QAAA,OAAA,CAAQ,KAAA,CAAM,oDAAoD,GAAG,CAAA;AAAA,MACtE;AAAA,IACD,CAAA;AAAA,IAEA,aAAA,EAAe,OAAO,MAAA,KAA0D;AAC/E,MAAA,IAAI;AACH,QAAA,MAAM,KAAK,KAAA,EAAM;AACjB,QAAA,MAAM,KAAA,GAAQ,MAAM,mBAAA,CAAoB,EAAA,EAAI,OAAO,KAAK,CAAA;AACxD,QAAA,MAAM,SAAS,MAAM,YAAA;AAAA,UACpB,EAAA;AAAA,UACA,MAAA,CAAO,KAAA;AAAA,UACP;AAAA,YACC,IAAA,EAAM,YAAA;AAAA,YACN,OAAO,MAAA,CAAO,KAAA;AAAA,YACd,cAAc,MAAA,CAAO,GAAA;AAAA,YACrB,OAAO,MAAA,CAAO;AAAA,WACf;AAAA,UACA,YAAA;AAAA,UACA;AAAA,SACD;AACA,QAAA,IAAI,CAAC,OAAO,OAAA,EAAS;AACpB,UAAA,OAAA,CAAQ,KAAA;AAAA,YACP,CAAA,gDAAA,EAAmD,MAAA,CAAO,KAAK,CAAA,EAAA,EAAK,OAAO,KAAK,CAAA;AAAA,WACjF;AAAA,QACD;AAAA,MACD,SAAS,GAAA,EAAK;AACb,QAAA,OAAA,CAAQ,KAAA,CAAM,gDAAgD,GAAG,CAAA;AAAA,MAClE;AAAA,IACD,CAAA;AAAA,IAEA,OAAA,EAAS,OAAO,MAAA,KAA2C;AAC1D,MAAA,IAAI;AACH,QAAA,MAAM,KAAK,KAAA,EAAM;AACjB,QAAA,MAAM,KAAA,GAAQ,MAAM,mBAAA,CAAoB,EAAA,EAAI,OAAO,KAAK,CAAA;AACxD,QAAA,MAAM,SAAS,MAAM,YAAA;AAAA,UACpB,EAAA;AAAA,UACA,MAAA,CAAO,KAAA;AAAA,UACP;AAAA,YACC,IAAA,EAAM,WAAA;AAAA,YACN,OAAO,MAAA,CAAO,KAAA;AAAA,YACd,KAAK,MAAA,CAAO;AAAA,WACb;AAAA,UACA,YAAA;AAAA,UACA;AAAA,SACD;AACA,QAAA,IAAI,CAAC,OAAO,OAAA,EAAS;AACpB,UAAA,OAAA,CAAQ,KAAA;AAAA,YACP,CAAA,yCAAA,EAA4C,MAAA,CAAO,KAAK,CAAA,EAAA,EAAK,OAAO,KAAK,CAAA;AAAA,WAC1E;AAAA,QACD;AAAA,MACD,SAAS,GAAA,EAAK;AACb,QAAA,OAAA,CAAQ,KAAA,CAAM,yCAAyC,GAAG,CAAA;AAAA,MAC3D;AAAA,IACD,CAAA;AAAA,IAEA,mBAAA,EAAqB,OAAO,MAAA,KAKtB;AACL,MAAA,IAAI;AACH,QAAA,MAAM,KAAK,KAAA,EAAM;AACjB,QAAA,MAAM,KAAA,GAAQ,MAAM,mBAAA,CAAoB,EAAA,EAAI,OAAO,KAAK,CAAA;AACxD,QAAA,MAAM,SAAS,MAAM,YAAA;AAAA,UACpB,EAAA;AAAA,UACA,MAAA,CAAO,KAAA;AAAA,UACP;AAAA,YACC,IAAA,EAAM,YAAA;AAAA,YACN,OAAO,MAAA,CAAO,KAAA;AAAA,YACd,cAAc,MAAA,CAAO,YAAA;AAAA,YACrB,kBAAkB,MAAA,CAAO,gBAAA;AAAA,YACzB,aAAa,MAAA,CAAO;AAAA,WACrB;AAAA,UACA,YAAA;AAAA,UACA;AAAA,SACD;AACA,QAAA,IAAI,CAAC,OAAO,OAAA,EAAS;AACpB,UAAA,OAAA,CAAQ,KAAA;AAAA,YACP,CAAA,gDAAA,EAAmD,MAAA,CAAO,KAAK,CAAA,EAAA,EAAK,OAAO,KAAK,CAAA;AAAA,WACjF;AAAA,QACD;AAAA,MACD,SAAS,GAAA,EAAK;AACb,QAAA,OAAA,CAAQ,KAAA,CAAM,gDAAgD,GAAG,CAAA;AAAA,MAClE;AAAA,IACD;AAAA,GACD;AACD;AAOA,SAAS,cAAA,CACR,UACA,IAAA,EACmB;AACnB,EAAA,QAAQ,QAAA;AAAU,IACjB,KAAK,cAAA;AACJ,MAAA,OAAO;AAAA,QACN,IAAA,EAAM,cAAA;AAAA,QACN,QAAA,EAAU,MAAA,CAAO,IAAA,CAAK,QAAA,IAAY,EAAE,CAAA;AAAA,QACpC,eAAA,EAAiB,MAAA,CAAO,IAAA,CAAK,eAAA,IAAmB,EAAE,CAAA;AAAA,QAClD,KAAA,EAAO,MAAA,CAAO,IAAA,CAAK,KAAA,IAAS,EAAE;AAAA,OAC/B;AAAA,IACD,KAAK,gBAAA;AACJ,MAAA,OAAO;AAAA,QACN,IAAA,EAAM,gBAAA;AAAA,QACN,QAAA,EAAU,MAAA,CAAO,IAAA,CAAK,QAAA,IAAY,EAAE,CAAA;AAAA,QACpC,QAAA,EAAU,MAAA,CAAO,IAAA,CAAK,QAAA,IAAY,EAAE,CAAA;AAAA,QACpC,KAAA,EAAO,MAAA,CAAO,IAAA,CAAK,KAAA,IAAS,EAAE;AAAA,OAC/B;AAAA,IACD,KAAK,YAAA;AACJ,MAAA,OAAO;AAAA,QACN,IAAA,EAAM,YAAA;AAAA,QACN,KAAA,EAAO,MAAA,CAAO,IAAA,CAAK,KAAA,IAAS,EAAE,CAAA;AAAA,QAC9B,YAAA,EAAc,MAAA,CAAO,IAAA,CAAK,YAAA,IAAgB,EAAE,CAAA;AAAA,QAC5C,KAAA,EAAO,MAAA,CAAO,IAAA,CAAK,KAAA,IAAS,EAAE;AAAA,OAC/B;AAAA,IACD,KAAK,WAAA;AACJ,MAAA,OAAO;AAAA,QACN,IAAA,EAAM,WAAA;AAAA,QACN,KAAA,EAAO,MAAA,CAAO,IAAA,CAAK,KAAA,IAAS,EAAE,CAAA;AAAA,QAC9B,GAAA,EAAK,MAAA,CAAO,IAAA,CAAK,GAAA,IAAO,EAAE;AAAA,OAC3B;AAAA,IACD,KAAK,YAAA;AACJ,MAAA,OAAO;AAAA,QACN,IAAA,EAAM,YAAA;AAAA,QACN,KAAA,EAAO,MAAA,CAAO,IAAA,CAAK,KAAA,IAAS,EAAE,CAAA;AAAA,QAC9B,YAAA,EAAc,MAAA,CAAO,IAAA,CAAK,YAAA,IAAgB,EAAE,CAAA;AAAA,QAC5C,gBAAA,EAAkB,MAAA,CAAO,IAAA,CAAK,gBAAA,IAAoB,EAAE,CAAA;AAAA,QACpD,WAAA,EAAa,MAAA,CAAO,IAAA,CAAK,WAAA,IAAe,EAAE,CAAA;AAAA,QAC1C,WAAW,IAAA,CAAK,SAAA,GAAY,MAAA,CAAO,IAAA,CAAK,SAAS,CAAA,GAAI;AAAA,OACtD;AAAA,IACD,KAAK,SAAA;AACJ,MAAA,OAAO;AAAA,QACN,IAAA,EAAM,SAAA;AAAA,QACN,QAAA,EAAU,MAAA,CAAO,IAAA,CAAK,QAAA,IAAY,EAAE,CAAA;AAAA,QACpC,cAAc,IAAA,CAAK,YAAA,GAAe,MAAA,CAAO,IAAA,CAAK,YAAY,CAAA,GAAI;AAAA,OAC/D;AAAA,IACD;AACC,MAAA,OAAO,IAAA;AAAA;AAEV;;;ACt0CA,SAAS,YAAY,OAAA,EAAS;AAC5B,EAAA,OAAO,UAAU,kEAAA,GAAqE,kEAAA;AACxF;AACA,SAAS,YAAA,CAAa,IAAA,EAAM,QAAA,EAAU,OAAA,EAAS;AAC7C,EAAA,IAAI,MAAA,GAAS,EAAA;AACb,EAAA,IAAI,MAAA,GAAS,CAAA;AACb,EAAA,IAAI,KAAA,GAAQ,CAAA;AACZ,EAAA,KAAA,MAAW,QAAQ,IAAA,EAAM;AACvB,IAAA,MAAA,GAAS,UAAU,CAAA,GAAI,IAAA;AACvB,IAAA,KAAA,IAAS,CAAA;AACT,IAAA,OAAO,SAAS,CAAA,EAAG;AACjB,MAAA,KAAA,IAAS,CAAA;AACT,MAAA,MAAA,IAAU,QAAA,CAAS,MAAA,IAAU,KAAA,GAAQ,EAAE,CAAA;AAAA,IACzC;AAAA,EACF;AACA,EAAA,IAAI,QAAQ,CAAA,EAAG;AACb,IAAA,MAAA,IAAU,QAAA,CAAS,MAAA,IAAU,CAAA,GAAI,KAAA,GAAQ,EAAE,CAAA;AAAA,EAC7C;AACA,EAAA,IAAI,OAAA,EAAS;AACX,IAAA,MAAM,QAAA,GAAA,CAAY,CAAA,GAAI,MAAA,CAAO,MAAA,GAAS,CAAA,IAAK,CAAA;AAC3C,IAAA,MAAA,IAAU,GAAA,CAAI,OAAO,QAAQ,CAAA;AAAA,EAC/B;AACA,EAAA,OAAO,MAAA;AACT;AACA,SAAS,YAAA,CAAa,MAAM,QAAA,EAAU;AACpC,EAAA,MAAM,SAAA,uBAAgC,GAAA,EAAI;AAC1C,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,QAAA,CAAS,QAAQ,CAAA,EAAA,EAAK;AACxC,IAAA,SAAA,CAAU,GAAA,CAAI,QAAA,CAAS,CAAC,CAAA,EAAG,CAAC,CAAA;AAAA,EAC9B;AACA,EAAA,MAAM,SAAS,EAAC;AAChB,EAAA,IAAI,MAAA,GAAS,CAAA;AACb,EAAA,IAAI,aAAA,GAAgB,CAAA;AACpB,EAAA,KAAA,MAAW,QAAQ,IAAA,EAAM;AACvB,IAAA,IAAI,IAAA,KAAS,GAAA;AACX,MAAA;AACF,IAAA,MAAM,KAAA,GAAQ,SAAA,CAAU,GAAA,CAAI,IAAI,CAAA;AAChC,IAAA,IAAI,UAAU,MAAA,EAAQ;AACpB,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,0BAAA,EAA6B,IAAI,CAAA,CAAE,CAAA;AAAA,IACrD;AACA,IAAA,MAAA,GAAS,UAAU,CAAA,GAAI,KAAA;AACvB,IAAA,aAAA,IAAiB,CAAA;AACjB,IAAA,IAAI,iBAAiB,CAAA,EAAG;AACtB,MAAA,aAAA,IAAiB,CAAA;AACjB,MAAA,MAAA,CAAO,IAAA,CAAK,MAAA,IAAU,aAAA,GAAgB,GAAG,CAAA;AAAA,IAC3C;AAAA,EACF;AACA,EAAA,OAAO,UAAA,CAAW,KAAK,MAAM,CAAA;AAC/B;AAgBA,IAAM,SAAA,GAAY;AAAA,EAChB,MAAA,CAAO,IAAA,EAAM,OAAA,GAAU,EAAC,EAAG;AACzB,IAAA,MAAM,QAAA,GAAW,YAAY,IAAI,CAAA;AACjC,IAAA,MAAM,MAAA,GAAS,OAAO,IAAA,KAAS,QAAA,GAAW,IAAI,WAAA,EAAY,CAAE,MAAA,CAAO,IAAI,CAAA,GAAI,IAAI,UAAA,CAAW,IAAI,CAAA;AAC9F,IAAA,OAAO,YAAA,CAAa,MAAA,EAAQ,QAAA,EAAU,OAAA,CAAQ,WAAW,IAAI,CAAA;AAAA,EAC/D,CAAA;AAAA,EACA,OAAO,IAAA,EAAM;AACX,IAAA,MAAM,UAAU,IAAA,CAAK,QAAA,CAAS,GAAG,CAAA,IAAK,IAAA,CAAK,SAAS,GAAG,CAAA;AACvD,IAAA,MAAM,QAAA,GAAW,YAAY,OAAO,CAAA;AACpC,IAAA,OAAO,YAAA,CAAa,MAAM,QAAQ,CAAA;AAAA,EACpC;AACF,CAAA;ACqDA,IAAM,gBAAA,GAAmBF,EAAE,MAAA,CAAO;AAAA,EACjC,MAAA,EAAQA,CAAAA,CAAE,MAAA,EAAO,CAAE,GAAA,EAAI;AAAA,EACvB,QAAA,EAAUA,CAAAA,CAAE,MAAA,EAAO,CAAE,IAAI,CAAC,CAAA;AAAA,EAC1B,YAAA,EAAcA,CAAAA,CAAE,MAAA,EAAO,CAAE,IAAI,CAAC,CAAA;AAAA,EAC9B,QAAQA,CAAAA,CAAE,KAAA,CAAMA,EAAE,MAAA,EAAQ,EAAE,QAAA,EAAS;AAAA,EACrC,cAAcA,CAAAA,CAAE,MAAA,EAAO,CAAE,GAAA,GAAM,QAAA,EAAS;AAAA,EACxC,kBAAkBA,CAAAA,CAAE,MAAA,EAAO,CAAE,GAAA,GAAM,QAAA,EAAS;AAAA,EAC5C,UAAUA,CAAAA,CAAE,MAAA,EAAO,CAAE,GAAA,GAAM,QAAA,EAAS;AAAA,EACpC,aAAaA,CAAAA,CAAE,MAAA,EAAO,CAAE,GAAA,GAAM,QAAA,EAAS;AAAA,EACvC,SAASA,CAAAA,CAAE,MAAA,EAAO,CAAE,GAAA,GAAM,QAAA,EAAS;AAAA,EACnC,uBAAA,EAAyBA,EAAE,IAAA,CAAK,CAAC,sBAAsB,qBAAqB,CAAC,EAAE,QAAA,EAAS;AAAA,EACxF,YAAA,EAAcA,CAAAA,CAAE,MAAA,CAAOA,CAAAA,CAAE,MAAA,IAAUA,CAAAA,CAAE,MAAA,EAAQ,CAAA,CAAE,QAAA;AAChD,CAAC,CAAA;AAED,IAAM,gBAAA,GAAmBA,EAAE,MAAA,CAAO;AAAA,EACjC,WAAA,EAAaA,CAAAA,CAAE,MAAA,EAAO,CAAE,IAAI,CAAC,CAAA;AAAA,EAC7B,SAAA,EAAWA,CAAAA,CAAE,MAAA,EAAO,CAAE,GAAA,EAAI;AAAA,EAC1B,cAAA,EAAgBA,CAAAA,CAAE,MAAA,EAAO,CAAE,IAAI,CAAC,CAAA;AAAA,EAChC,YAAA,EAAcA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAClC,WAAA,EAAaA,CAAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,EAClC,iBAAA,EAAmBA,CAAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,EACxC,gBAAA,EAAkBA,CAAAA,CAAE,MAAA,CAAOA,CAAAA,CAAE,MAAA,IAAUA,CAAAA,CAAE,MAAA,EAAQ,CAAA,CAAE,QAAA,EAAS;AAAA,EAC5D,UAAA,EAAYA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAChC,UAAUA,CAAAA,CAAE,MAAA,EAAO,CAAE,GAAA,GAAM,QAAA;AAC5B,CAAC,CAAA;AAE+B,iBAAiB,OAAA;AACjB,iBAAiB,OAAA;AAEjD,IAAM,uBAAA,GAA0BA,EAC9B,MAAA,CAAO;AAAA,EACP,cAAA,EAAgBA,CAAAA,CAAE,MAAA,EAAO,CAAE,IAAI,CAAC,CAAA;AAAA,EAChC,MAAMA,CAAAA,CAAE,IAAA,CAAK,CAAC,MAAA,EAAQ,MAAM,CAAC,CAAA;AAAA,EAC7B,IAAA,EAAMA,CAAAA,CAAE,MAAA,EAAO,CAAE,IAAI,CAAC,CAAA;AAAA,EACtB,MAAA,EAAQA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC5B,SAASA,CAAAA,CAAE,KAAA,CAAMA,EAAE,MAAA,EAAQ,EAAE,QAAA,EAAS;AAAA,EACtC,MAAA,EAAQA,CAAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,EAC7B,UAAA,EAAY,iBAAiB,QAAA,EAAS;AAAA,EACtC,UAAA,EAAY,iBAAiB,QAAA;AAC9B,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,uBAAA,GAA0BA,EAC9B,MAAA,CAAO;AAAA,EACP,UAAA,EAAYA,CAAAA,CAAE,MAAA,EAAO,CAAE,IAAI,CAAC,CAAA;AAAA,EAC5B,MAAMA,CAAAA,CAAE,MAAA,GAAS,GAAA,CAAI,CAAC,EAAE,QAAA,EAAS;AAAA,EACjC,MAAA,EAAQA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC5B,SAASA,CAAAA,CAAE,KAAA,CAAMA,EAAE,MAAA,EAAQ,EAAE,QAAA,EAAS;AAAA,EACtC,MAAA,EAAQA,CAAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,EAC7B,UAAA,EAAY,gBAAA,CAAiB,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,EAChD,UAAA,EAAY,gBAAA,CAAiB,OAAA,EAAQ,CAAE,QAAA;AACxC,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,sBAAA,GAAyBA,EAC7B,MAAA,CAAO;AAAA,EACP,cAAA,EAAgBA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACpC,cAAA,EAAgBA,EAAE,IAAA,CAAK,CAAC,QAAQ,MAAM,CAAC,EAAE,QAAA,EAAS;AAAA,EAClD,KAAA,EAAOA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AACnB,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,oBAAA,GAAuBA,EAC3B,MAAA,CAAO;AAAA,EACP,UAAA,EAAYA,CAAAA,CAAE,MAAA,EAAO,CAAE,IAAI,CAAC;AAC7B,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,uBAAA,GAA0B,oBAAA;AAEhC,IAAM,qBAAA,GAAwBA,EAC5B,MAAA,CAAO;AAAA,EACP,cAAA,EAAgBA,CAAAA,CAAE,MAAA,EAAO,CAAE,IAAI,CAAC,CAAA;AAAA,EAChC,IAAA,EAAMA,CAAAA,CAAE,MAAA,EAAO,CAAE,IAAI,CAAC,CAAA;AAAA,EACtB,QAAA,EAAUA,EAAE,IAAA,CAAK;AAAA,IAChB,MAAA;AAAA,IACA,eAAA;AAAA,IACA,kBAAA;AAAA,IACA,UAAA;AAAA,IACA,WAAA;AAAA,IACA,cAAA;AAAA,IACA;AAAA,GACA;AACF,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,qBAAA,GAAwBA,EAC5B,MAAA,CAAO;AAAA,EACP,cAAA,EAAgBA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACpC,KAAA,EAAOA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AACnB,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,kBAAA,GAAqBA,EACzB,MAAA,CAAO;AAAA,EACP,UAAA,EAAYA,CAAAA,CAAE,MAAA,EAAO,CAAE,IAAI,CAAC;AAC7B,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,qBAAA,GAAwB,kBAAA;AAE9B,IAAM,wBAAA,GAA2BA,EAC/B,MAAA,CAAO;AAAA,EACP,UAAA,EAAYA,CAAAA,CAAE,MAAA,EAAO,CAAE,IAAI,CAAC,CAAA;AAAA,EAC5B,KAAA,EAAOA,EAAE,IAAA,CAAK,CAAC,UAAU,WAAA,EAAa,eAAe,CAAC,CAAA,CAAE,QAAA,EAAS;AAAA,EACjE,KAAA,EAAOA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AACnB,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,sBAAA,GAAyBA,EAC7B,MAAA,CAAO;AAAA,EACP,UAAA,EAAYA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAChC,MAAA,EAAQA,CAAAA,CAAE,MAAA,EAAO,CAAE,IAAI,CAAC;AACzB,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,yBAAA,GAA4B,mBAAmB,MAAA,CAAO;AAAA,EAC3D,KAAA,EAAOA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AACnB,CAAC,CAAA;AAED,IAAM,uBAAA,GAA0BA,EAC9B,MAAA,CAAO;AAAA,EACP,OAAA,EAASA,CAAAA,CAAE,MAAA,EAAO,CAAE,IAAI,CAAC;AAC1B,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,SAAS,SAAS,MAAA,EAAgB;AACjC,EAAA,OAAO,CAAA,EAAG,MAAM,CAAA,CAAA,EAAI,MAAA,CAAO,YAAW,CAAE,OAAA,CAAQ,IAAA,EAAM,EAAE,CAAC,CAAA,CAAA;AAC1D;AAEA,SAAS,UAAa,KAAA,EAA0B;AAC/C,EAAA,IAAI,OAAO,KAAA,KAAU,QAAA,IAAY,KAAA,CAAM,MAAA,KAAW,GAAG,OAAO,IAAA;AAC5D,EAAA,IAAI;AACH,IAAA,OAAO,IAAA,CAAK,MAAM,KAAK,CAAA;AAAA,EACxB,CAAA,CAAA,MAAQ;AACP,IAAA,OAAO,IAAA;AAAA,EACR;AACD;AAEA,SAAS,gBAAA,CAAiB,SAAoB,MAAA,EAA2B;AACxE,EAAA,MAAM,MAAA,GAAS,CAAC,GAAI,OAAA,IAAW,EAAC,EAAI,GAAI,MAAA,GAAS,CAAC,MAAM,CAAA,GAAI,EAAG,CAAA,CAC7D,GAAA,CAAI,CAAC,KAAA,KAAU,KAAA,CAAM,IAAA,EAAK,CAAE,WAAA,EAAa,CAAA,CACzC,MAAA,CAAO,CAAC,KAAA,KAAU,KAAA,CAAM,MAAA,GAAS,CAAC,CAAA;AACpC,EAAA,OAAO,KAAA,CAAM,IAAA,CAAK,IAAI,GAAA,CAAI,MAAM,CAAC,CAAA;AAClC;AAEA,SAAS,wBAAwB,MAAA,EAAwB;AACxD,EAAA,OAAO,CAAA,EAAG,MAAA,CAAO,OAAA,CAAQ,KAAA,EAAO,EAAE,CAAC,CAAA,iCAAA,CAAA;AACpC;AAEA,SAAS,gBAAgB,KAAA,EAA+D;AACvF,EAAA,OAAO;AAAA,IACN,QAAQ,KAAA,CAAM,MAAA;AAAA,IACd,IAAA,EAAM,IAAA;AAAA,IACN,UAAU,KAAA,CAAM,QAAA;AAAA,IAChB,cAAc,KAAA,CAAM,YAAA;AAAA,IACpB,iBAAA,EAAmB,KAAA,CAAM,YAAA,IAAgB,uBAAA,CAAwB,MAAM,MAAM,CAAA;AAAA,IAC7E,uBAAuB,KAAA,CAAM,gBAAA;AAAA,IAC7B,eAAe,KAAA,CAAM,QAAA;AAAA,IACrB,kBAAkB,KAAA,CAAM,WAAA;AAAA,IACxB,cAAc,KAAA,CAAM,OAAA;AAAA,IACpB,2BAAA,EAA6B,MAAM,uBAAA,IAA2B,oBAAA;AAAA,IAC9D,QAAQ,KAAA,CAAM,MAAA;AAAA,IACd,OAAA,EAAS,MAAM,YAAA,GACZ;AAAA,MACA,EAAA,EAAI,MAAM,YAAA,CAAa,EAAA;AAAA,MACvB,KAAA,EAAO,MAAM,YAAA,CAAa,KAAA;AAAA,MAC1B,aAAA,EAAe,MAAM,YAAA,CAAa,aAAA;AAAA,MAClC,IAAA,EAAM,MAAM,YAAA,CAAa,IAAA;AAAA,MACzB,KAAA,EAAO,MAAM,YAAA,CAAa,KAAA;AAAA,MAC1B,aAAa,KAAA,CAAM;AAAA,KACpB,GACC;AAAA,GACJ;AACD;AAEA,SAAS,eAAA,CACR,SACA,OAAA,EACuB;AACvB,EAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,MAAA,IAAU,OAAA,EAAS,MAAA;AAC1C,EAAA,IAAI,CAAC,MAAA,EAAQ;AACZ,IAAA,MAAM,IAAI,MAAM,yBAAyB,CAAA;AAAA,EAC1C;AACA,EAAA,OAAO;AAAA,IACN,MAAA;AAAA,IACA,IAAA,EAAM,IAAA;AAAA,IACN,QAAA,EAAU,OAAA,CAAQ,QAAA,IAAY,OAAA,EAAS,QAAA,IAAY,EAAA;AAAA,IACnD,YAAA,EAAc,OAAA,CAAQ,YAAA,IAAgB,OAAA,EAAS,YAAA,IAAgB,EAAA;AAAA,IAC/D,mBACC,OAAA,CAAQ,YAAA,IACR,OAAA,EAAS,iBAAA,IACT,wBAAwB,MAAM,CAAA;AAAA,IAC/B,qBAAA,EAAuB,OAAA,CAAQ,gBAAA,IAAoB,OAAA,EAAS,qBAAA;AAAA,IAC5D,aAAA,EAAe,OAAA,CAAQ,QAAA,IAAY,OAAA,EAAS,aAAA;AAAA,IAC5C,gBAAA,EAAkB,OAAA,CAAQ,WAAA,IAAe,OAAA,EAAS,gBAAA;AAAA,IAClD,YAAA,EAAc,OAAA,CAAQ,OAAA,IAAW,OAAA,EAAS,YAAA;AAAA,IAC1C,2BAAA,EACC,OAAA,CAAQ,uBAAA,IACR,OAAA,EAAS,2BAAA,IACT,oBAAA;AAAA,IACD,MAAA,EAAQ,OAAA,CAAQ,MAAA,IAAU,OAAA,EAAS,MAAA;AAAA,IACnC,OAAA,EACC,OAAA,CAAQ,YAAA,IAAgB,IAAA,GACrB;AAAA,MACA,EAAA,EAAI,QAAQ,YAAA,CAAa,EAAA;AAAA,MACzB,KAAA,EAAO,QAAQ,YAAA,CAAa,KAAA;AAAA,MAC5B,aAAA,EAAe,QAAQ,YAAA,CAAa,aAAA;AAAA,MACpC,IAAA,EAAM,QAAQ,YAAA,CAAa,IAAA;AAAA,MAC3B,KAAA,EAAO,QAAQ,YAAA,CAAa,KAAA;AAAA,MAC5B,aAAa,OAAA,CAAQ;AAAA,QAErB,OAAA,EAAS;AAAA,GACd;AACD;AAEA,SAAS,eAAA,CACR,KAAA,EACA,UAAA,EACA,OAAA,EACuB;AACvB,EAAA,OAAO;AAAA,IACN,QAAQ,KAAA,CAAM,WAAA;AAAA,IACd,YAAY,KAAA,CAAM,SAAA;AAAA,IAClB,MAAM,KAAA,CAAM,cAAA;AAAA,IACZ,aAAa,KAAA,CAAM,QAAA,IAAY,CAAA,EAAG,OAAO,qBAAqB,UAAU,CAAA,CAAA;AAAA,IACxE,UAAU,KAAA,CAAM,UAAA;AAAA,IAChB,oBAAA,EAAsB,IAAA;AAAA,IACtB,mBAAA,EAAqB,MAAM,WAAA,IAAe,KAAA;AAAA,IAC1C,kBAAkB,KAAA,CAAM,YAAA;AAAA,IACxB,OAAA,EAAS,MAAM,gBAAA,GACZ;AAAA,MACA,EAAA,EAAI,MAAM,gBAAA,CAAiB,EAAA;AAAA,MAC3B,KAAA,EAAO,MAAM,gBAAA,CAAiB,KAAA;AAAA,MAC9B,aAAA,EAAe,MAAM,gBAAA,CAAiB,aAAA;AAAA,MACtC,IAAA,EAAM,MAAM,gBAAA,CAAiB,IAAA;AAAA,MAC7B,SAAA,EAAW,MAAM,gBAAA,CAAiB,SAAA;AAAA,MAClC,QAAA,EAAU,MAAM,gBAAA,CAAiB,QAAA;AAAA,MACjC,aAAa,KAAA,CAAM;AAAA,KACpB,GACC,MAAA;AAAA,IACH,UAAA,EAAY;AAAA,MACX,UAAU,KAAA,CAAM;AAAA;AACjB,GACD;AACD;AAEA,SAAS,eAAA,CACR,OAAA,EACA,OAAA,EACA,UAAA,EACA,OAAA,EACuB;AACvB,EAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,WAAA,IAAe,OAAA,EAAS,MAAA;AAC/C,EAAA,MAAM,UAAA,GAAa,OAAA,CAAQ,SAAA,IAAa,OAAA,EAAS,UAAA;AACjD,EAAA,MAAM,IAAA,GAAO,OAAA,CAAQ,cAAA,IAAkB,OAAA,EAAS,IAAA;AAChD,EAAA,IAAI,CAAC,MAAA,IAAU,CAAC,UAAA,IAAc,CAAC,IAAA,EAAM;AACpC,IAAA,MAAM,IAAI,MAAM,wDAAwD,CAAA;AAAA,EACzE;AACA,EAAA,OAAO;AAAA,IACN,MAAA;AAAA,IACA,UAAA;AAAA,IACA,IAAA;AAAA,IACA,WAAA,EACC,QAAQ,QAAA,IACR,OAAA,EAAS,eACT,CAAA,EAAG,OAAO,qBAAqB,UAAU,CAAA,CAAA;AAAA,IAC1C,QAAA,EAAU,OAAA,CAAQ,UAAA,IAAc,OAAA,EAAS,QAAA;AAAA,IACzC,oBAAA,EAAsB,SAAS,oBAAA,IAAwB,IAAA;AAAA,IACvD,mBAAA,EAAqB,OAAA,CAAQ,WAAA,IAAe,OAAA,EAAS,mBAAA,IAAuB,KAAA;AAAA,IAC5E,gBAAA,EAAkB,OAAA,CAAQ,YAAA,IAAgB,OAAA,EAAS,gBAAA;AAAA,IACnD,OAAA,EACC,OAAA,CAAQ,gBAAA,IAAoB,IAAA,GACzB;AAAA,MACA,EAAA,EAAI,QAAQ,gBAAA,CAAiB,EAAA;AAAA,MAC7B,KAAA,EAAO,QAAQ,gBAAA,CAAiB,KAAA;AAAA,MAChC,aAAA,EAAe,QAAQ,gBAAA,CAAiB,aAAA;AAAA,MACxC,IAAA,EAAM,QAAQ,gBAAA,CAAiB,IAAA;AAAA,MAC/B,SAAA,EAAW,QAAQ,gBAAA,CAAiB,SAAA;AAAA,MACpC,QAAA,EAAU,QAAQ,gBAAA,CAAiB,QAAA;AAAA,MACnC,aAAa,OAAA,CAAQ;AAAA,QAErB,OAAA,EAAS,OAAA;AAAA,IACb,UAAA,EAAY;AAAA,MACX,QAAA,EAAU,OAAA,CAAQ,UAAA,IAAc,OAAA,EAAS,UAAA,EAAY;AAAA;AACtD,GACD;AACD;AAEA,SAAS,mBAAA,CAAoB,KAAqB,OAAA,EAAiB;AAClE,EAAA,MAAM,UAAA,GAAa,SAAA,CAAgC,GAAA,CAAI,UAAU,CAAA;AACjE,EAAA,MAAM,UAAA,GAAa,SAAA,CAAgC,GAAA,CAAI,UAAU,CAAA;AACjE,EAAA,MAAM,IAAA,GAAQ,GAAA,CAAI,YAAA,KAAiB,MAAA,GAChC,MAAA,GACA,IAAI,YAAA,KAAiB,MAAA,GACpB,MAAA,GACA,UAAA,GACC,MAAA,GACA,MAAA;AACL,EAAA,OAAO;AAAA,IACN,IAAI,GAAA,CAAI,UAAA;AAAA,IACR,YAAY,GAAA,CAAI,UAAA;AAAA,IAChB,SAAA,EAAW,IAAI,SAAA,IAAa,IAAA;AAAA,IAC5B,cAAA,EAAgB,IAAI,cAAA,IAAkB,IAAA;AAAA,IACtC,IAAA;AAAA,IACA,IAAA,EAAM,GAAA,CAAI,IAAA,IAAQ,GAAA,CAAI,UAAA;AAAA,IACtB,QAAQ,GAAA,CAAI,MAAA;AAAA,IACZ,SAAS,GAAA,CAAI,MAAA,EAAQ,KAAA,CAAM,GAAG,EAAE,GAAA,CAAI,CAAC,KAAA,KAAU,KAAA,CAAM,MAAM,CAAA,CAAE,MAAA,CAAO,OAAO,KAAK,EAAC;AAAA,IACjF,MAAA,EAAQ,IAAI,MAAA,KAAW,KAAA;AAAA,IACvB,KAAA,EAAO,GAAA,CAAI,MAAA,KAAW,KAAA,GAAQ,UAAA,GAAa,QAAA;AAAA,IAC3C,cAAA,EAAgB,IAAI,cAAA,KAAmB,IAAA;AAAA,IACvC,WAAW,GAAA,CAAI,SAAA;AAAA,IACf,WAAW,GAAA,CAAI,SAAA;AAAA,IACf,UAAA,EACC,IAAA,KAAS,MAAA,IAAU,UAAA,GAChB;AAAA,MACA,QAAQ,UAAA,CAAW,MAAA;AAAA,MACnB,UAAU,UAAA,CAAW,QAAA;AAAA,MACrB,MAAA,EAAQ,UAAA,CAAW,MAAA,IAAU,EAAC;AAAA,MAC9B,cAAc,UAAA,CAAW,iBAAA;AAAA,MACzB,kBAAkB,UAAA,CAAW,qBAAA;AAAA,MAC7B,UAAU,UAAA,CAAW,aAAA;AAAA,MACrB,aAAa,UAAA,CAAW,gBAAA;AAAA,MACxB,SAAS,UAAA,CAAW,YAAA;AAAA,MACpB,yBAAyB,UAAA,CAAW;AAAA,KACrC,GACC,IAAA;AAAA,IACJ,UAAA,EACC,IAAA,KAAS,MAAA,IAAU,UAAA,GAChB;AAAA,MACA,aAAa,UAAA,CAAW,MAAA;AAAA,MACxB,WAAW,UAAA,CAAW,UAAA;AAAA,MACtB,gBAAgB,UAAA,CAAW,IAAA;AAAA,MAC3B,YAAA,EAAc,WAAW,gBAAA,IAAoB,IAAA;AAAA,MAC7C,WAAA,EAAa,WAAW,mBAAA,IAAuB,KAAA;AAAA,MAC/C,UAAA,EAAY,UAAA,CAAW,UAAA,CAAW,QAAA,IAAY,IAAA;AAAA,MAC9C,UAAU,UAAA,CAAW;AAAA,KACtB,GACC,IAAA;AAAA,IACJ,eAAe,CAAA,EAAG,OAAO,qCAAqC,kBAAA,CAAmB,GAAA,CAAI,UAAU,CAAC,CAAA;AAAA,GACjG;AACD;AAEA,SAAS,kBAAA,CACR,GAAA,EACA,SAAA,EACA,QAAA,EACC;AACD,EAAA,OAAO;AAAA,IACN,IAAI,GAAA,CAAI,UAAA;AAAA,IACR,YAAY,GAAA,CAAI,UAAA;AAAA,IAChB,SAAA,EAAW,IAAI,SAAA,IAAa,IAAA;AAAA,IAC5B,cAAA,EAAgB,IAAI,cAAA,IAAkB,IAAA;AAAA,IACtC,IAAA,EAAM,MAAA;AAAA,IACN,KAAA,EAAO,GAAA,CAAI,MAAA,KAAW,KAAA,GAAQ,UAAA,GAAa,QAAA;AAAA,IAC3C,IAAA,EAAM,GAAA,CAAI,IAAA,IAAQ,GAAA,CAAI,UAAA;AAAA,IACtB,QAAA,EAAW,IAAI,QAAA,IAAY,iBAAA;AAAA,IAC3B,SAAA;AAAA,IACA,UAAA,EAAY,CAAA;AAAA,IACZ,UAAA,EAAY,IAAI,UAAA,IAAc,IAAA;AAAA,IAC9B,cAAA,EACC,GAAA,CAAI,cAAA,KAAmB,SAAA,IACvB,GAAA,CAAI,cAAA,KAAmB,SAAA,IACvB,GAAA,CAAI,cAAA,KAAmB,QAAA,GACpB,GAAA,CAAI,cAAA,GACJ,IAAA;AAAA,IACJ,WAAW,GAAA,CAAI,SAAA;AAAA,IACf,WAAW,GAAA,CAAI,SAAA;AAAA,IACf,UAAA,EACC,QAAA,EAAU,WAAA,IAAe,IAAA,GACtB;AAAA,MACA,OAAA,EAAS,IAAI,WAAA,IAAe,EAAA;AAAA,MAC5B,aAAa,QAAA,CAAS;AAAA,KACvB,GACC;AAAA,GACL;AACD;AAEA,SAAS,UAAU,IAAA,EAAc;AAChC,EAAA,MAAM,OAAA,GAAU,KAAK,IAAA,EAAK;AAC1B,EAAA,IAAI,CAAC,OAAA,EAAS,OAAO,EAAE,SAAA,EAAW,EAAA,EAAI,YAAY,EAAA,EAAG;AACrD,EAAA,MAAM,CAAC,SAAA,EAAW,GAAG,IAAI,CAAA,GAAI,OAAA,CAAQ,MAAM,KAAK,CAAA;AAChD,EAAA,OAAO,EAAE,SAAA,EAAW,UAAA,EAAY,IAAA,CAAK,IAAA,CAAK,GAAG,CAAA,EAAE;AAChD;AAEA,SAAS,sBAAA,CACR,SAAA,EACA,IAAA,EACA,OAAA,EACC;AACD,EAAA,MAAM,IAAA,GAAO,SAAA,CAAU,IAAA,CAAK,IAAI,CAAA;AAChC,EAAA,OAAO;AAAA,IACN,IAAI,IAAA,CAAK,EAAA;AAAA,IACT,aAAa,SAAA,CAAU,UAAA;AAAA,IACvB,cAAA,EAAgB,UAAU,cAAA,IAAkB,IAAA;AAAA,IAC5C,QAAQ,IAAA,CAAK,EAAA;AAAA,IACb,YAAY,OAAA,CAAQ,SAAA;AAAA,IACpB,UAAU,IAAA,CAAK,KAAA;AAAA,IACf,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,IAAA,CAAK,OAAO,IAAA,EAAM,MAAA,EAAQ,OAAA,EAAS,IAAA,EAAM,CAAA;AAAA,IAC3D,IAAA,EAAM;AAAA,MACL,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,YAAY,IAAA,CAAK,UAAA;AAAA,MACjB,WAAW,IAAA,CAAK;AAAA,KACjB;AAAA,IACA,aAAa,IAAA,CAAK,IAAA;AAAA,IAClB,MAAA,EAAQ,KAAK,MAAA,KAAW,IAAA;AAAA,IACxB,KAAA,EAAO,IAAA;AAAA,IACP,UAAA,EAAY,IAAA;AAAA,IACZ,QAAQ,EAAC;AAAA,IACT,KAAA,EAAO,IAAA,CAAK,MAAA,KAAW,IAAA,GAAO,WAAA,GAAc,QAAA;AAAA,IAC5C,WAAW,IAAA,CAAK,SAAA;AAAA,IAChB,WAAW,IAAA,CAAK;AAAA,GACjB;AACD;AAEA,eAAeM,4BAAAA,CACd,GAAA,EACA,EAAA,EACA,cAAA,EACA,SAAA,EACC;AACD,EAAA,MAAM,YAAA,GAAe,MAAM,EAAA,CAAG,OAAA,CAAyB;AAAA,IACtD,KAAA,EAAO,cAAA;AAAA,IACP,KAAA,EAAO;AAAA,MACN,EAAE,KAAA,EAAO,IAAA,EAAM,KAAA,EAAO,cAAA,EAAe;AAAA,MACrC,EAAE,KAAA,EAAO,WAAA,EAAa,KAAA,EAAO,SAAA;AAAU;AACxC,GACA,CAAA;AACD,EAAA,IAAI,CAAC,YAAA,EAAc;AAClB,IAAA,MAAM,GAAA,CAAI,MAAM,aAAA,EAAe;AAAA,MAC9B,OAAA,EAAS;AAAA,KACT,CAAA;AAAA,EACF;AACD;AAEA,eAAe,eAAA,CACd,EAAA,EACA,UAAA,EACA,SAAA,EACC;AACD,EAAA,OAAO,GAAG,OAAA,CAAwB;AAAA,IACjC,KAAA,EAAO,aAAA;AAAA,IACP,KAAA,EAAO;AAAA,MACN,EAAE,KAAA,EAAO,YAAA,EAAc,KAAA,EAAO,UAAA,EAAW;AAAA,MACzC,EAAE,KAAA,EAAO,WAAA,EAAa,KAAA,EAAO,SAAA;AAAU;AACxC,GACA,CAAA;AACF;AAEA,eAAe,aAAA,CACd,EAAA,EACA,UAAA,EACA,SAAA,EACC;AACD,EAAA,OAAO,GAAG,OAAA,CAAyB;AAAA,IAClC,KAAA,EAAO,cAAA;AAAA,IACP,KAAA,EAAO;AAAA,MACN,EAAE,KAAA,EAAO,YAAA,EAAc,KAAA,EAAO,UAAA,EAAW;AAAA,MACzC,EAAE,KAAA,EAAO,WAAA,EAAa,KAAA,EAAO,SAAA;AAAU;AACxC,GACA,CAAA;AACF;AAEA,eAAe,mBAAA,CAAoB,IAAqB,UAAA,EAAoB;AAC3E,EAAA,OAAO,GAAG,KAAA,CAAM;AAAA,IACf,KAAA,EAAO,SAAA;AAAA,IACP,OAAO,CAAC,EAAE,OAAO,YAAA,EAAc,KAAA,EAAO,YAAY;AAAA,GAClD,CAAA;AACF;AAEO,SAAS,4BAAA,GAAiD;AAChE,EAAA,OAAO;AAAA,IACN,EAAA,EAAI,mBAAA;AAAA,IACJ,SAAA,EAAW;AAAA,MACV,gBAAA,EAAkBJ,kBAAAA;AAAA,QACjB,4BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM,sBAAA;AAAA,UACN,GAAA,EAAK,CAACK,iBAAiB;AAAA,SACxB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,EAAE,SAAA,EAAW,KAAA,EAAM,GAAI,eAAA,CAAgB,IAAI,IAAI,CAAA;AACrD,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,SAAA;AAAA,YACA,UAAA,EAAY;AAAA,WACZ,CAAA;AAED,UAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAAyB;AAAA,YAC9C,KAAA,EAAO,aAAA;AAAA,YACP,KAAA,EAAO;AAAA,cACN,GAAG,KAAA;AAAA,cACH,GAAI,GAAA,CAAI,IAAA,CAAK,cAAA,GACV,CAAC,EAAE,KAAA,EAAO,gBAAA,EAAkB,KAAA,EAAO,GAAA,CAAI,IAAA,CAAK,cAAA,EAAgB,IAC5D,EAAC;AAAA,cACJ,GAAI,GAAA,CAAI,IAAA,CAAK,cAAA,GACV,CAAC,EAAE,KAAA,EAAO,cAAA,EAAgB,KAAA,EAAO,GAAA,CAAI,IAAA,CAAK,cAAA,EAAgB,IAC1D;AAAC,aACL;AAAA,YACA,OAAO,IAAA,CAAK,GAAA,CAAI,IAAI,IAAA,CAAK,KAAA,IAAS,KAAK,GAAG;AAAA,WAC1C,CAAA;AACD,UAAA,MAAM,IAAA,GAAO,IAAA,CAAK,GAAA,CAAI,CAAC,GAAA,KAAQ,oBAAoB,GAAA,EAAK,GAAA,CAAI,OAAA,CAAQ,OAAO,CAAC,CAAA;AAC5E,UAAA,OAAO,IAAI,IAAA,CAAK,EAAE,IAAA,EAAM,WAAA,EAAa,MAAM,CAAA;AAAA,QAC5C;AAAA,OACD;AAAA,MAEA,cAAA,EAAgBL,kBAAAA;AAAA,QACf,0BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM,oBAAA;AAAA,UACN,GAAA,EAAK,CAACK,iBAAiB;AAAA,SACxB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,EAAE,SAAA,EAAU,GAAI,eAAA,CAAgB,IAAI,IAAI,CAAA;AAC9C,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,SAAA;AAAA,YACA,UAAA,EAAY;AAAA,WACZ,CAAA;AAED,UAAA,MAAM,MAAM,MAAM,eAAA,CAAgB,IAAI,GAAA,CAAI,IAAA,CAAK,YAAY,SAAU,CAAA;AACrE,UAAA,IAAI,CAAC,GAAA,EAAK;AACT,YAAA,MAAM,IAAI,KAAA,CAAM,WAAA,EAAa,EAAE,OAAA,EAAS,0BAA0B,CAAA;AAAA,UACnE;AACA,UAAA,OAAO,IAAI,IAAA,CAAK,mBAAA,CAAoB,KAAK,GAAA,CAAI,OAAA,CAAQ,OAAO,CAAC,CAAA;AAAA,QAC9D;AAAA,OACD;AAAA,MAEA,mBAAA,EAAqBL,kBAAAA;AAAA,QACpB,sBAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM,uBAAA;AAAA,UACN,GAAA,EAAK,CAACK,iBAAiB;AAAA,SACxB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,EAAE,IAAA,EAAK,GAAI,oBAAA,CAAqB,GAAG,CAAA;AACzC,UAAA,MAAM,EAAE,SAAA,EAAU,GAAI,eAAA,CAAgB,IAAI,IAAI,CAAA;AAC9C,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,SAAA;AAAA,YACA,UAAA,EAAY;AAAA,WACZ,CAAA;AACD,UAAA,MAAMD,6BAA4B,GAAA,EAAK,EAAA,EAAI,GAAA,CAAI,IAAA,CAAK,gBAAgB,SAAU,CAAA;AAE9E,UAAA,MAAM,UAAU,gBAAA,CAAiB,GAAA,CAAI,KAAK,OAAA,EAAS,GAAA,CAAI,KAAK,MAAM,CAAA;AAClE,UAAA,IAAI,OAAA,CAAQ,WAAW,CAAA,EAAG;AACzB,YAAA,MAAM,IAAI,KAAA,CAAM,aAAA,EAAe,EAAE,OAAA,EAAS,2CAA2C,CAAA;AAAA,UACtF;AAEA,UAAA,MAAM,UAAA,GAAa,SAAS,KAAK,CAAA;AACjC,UAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,UAAA,IAAI,UAAA,GAA0C,IAAA;AAC9C,UAAA,IAAI,UAAA,GAA0C,IAAA;AAC9C,UAAA,IAAI,GAAA,CAAI,IAAA,CAAK,IAAA,KAAS,MAAA,EAAQ;AAC7B,YAAA,IAAI,CAAC,GAAA,CAAI,IAAA,CAAK,UAAA,EAAY;AACzB,cAAA,MAAM,IAAI,KAAA,CAAM,aAAA,EAAe,EAAE,OAAA,EAAS,2BAA2B,CAAA;AAAA,YACtE;AACA,YAAA,UAAA,GAAa,eAAA,CAAgB,GAAA,CAAI,IAAA,CAAK,UAAU,CAAA;AAAA,UACjD,CAAA,MAAO;AACN,YAAA,IAAI,CAAC,GAAA,CAAI,IAAA,CAAK,UAAA,EAAY;AACzB,cAAA,MAAM,IAAI,KAAA,CAAM,aAAA,EAAe,EAAE,OAAA,EAAS,2BAA2B,CAAA;AAAA,YACtE;AACA,YAAA,UAAA,GAAa,gBAAgB,GAAA,CAAI,IAAA,CAAK,YAAY,UAAA,EAAY,GAAA,CAAI,QAAQ,OAAO,CAAA;AAAA,UAClF;AAEA,UAAA,MAAM,GAAA,GAAM,MAAM,EAAA,CAAG,MAAA,CAAuB;AAAA,YAC3C,KAAA,EAAO,aAAA;AAAA,YACP,IAAA,EAAM;AAAA,cACL,UAAA;AAAA,cACA,SAAA;AAAA,cACA,cAAA,EAAgB,IAAI,IAAA,CAAK,cAAA;AAAA,cACzB,IAAA,EAAM,IAAI,IAAA,CAAK,IAAA;AAAA,cACf,MAAA,EAAQ,UAAA,EAAY,MAAA,IAAU,UAAA,EAAY,MAAA,IAAU,UAAA;AAAA,cACpD,MAAA,EAAQ,OAAA,CAAQ,IAAA,CAAK,GAAG,CAAA;AAAA,cACxB,YAAA,EAAc,IAAI,IAAA,CAAK,IAAA;AAAA,cACvB,MAAA,EAAQ,GAAA,CAAI,IAAA,CAAK,MAAA,IAAU,IAAA;AAAA,cAC3B,cAAA,EAAgB,KAAA;AAAA,cAChB,UAAA,EAAY,UAAA,GAAa,IAAA,CAAK,SAAA,CAAU,UAAU,CAAA,GAAI,IAAA;AAAA,cACtD,UAAA,EAAY,UAAA,GAAa,IAAA,CAAK,SAAA,CAAU,UAAU,CAAA,GAAI,IAAA;AAAA,cACtD,QAAQ,IAAA,CAAK,EAAA;AAAA,cACb,SAAA,EAAW,GAAA;AAAA,cACX,SAAA,EAAW;AAAA;AACZ,WACA,CAAA;AAED,UAAA,OAAO,IAAI,IAAA,CAAK,mBAAA,CAAoB,KAAK,GAAA,CAAI,OAAA,CAAQ,OAAO,CAAC,CAAA;AAAA,QAC9D;AAAA,OACD;AAAA,MAEA,iBAAA,EAAmBJ,kBAAAA;AAAA,QAClB,6BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM,uBAAA;AAAA,UACN,GAAA,EAAK,CAACK,iBAAiB;AAAA,SACxB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,EAAE,SAAA,EAAU,GAAI,eAAA,CAAgB,IAAI,IAAI,CAAA;AAC9C,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,SAAA;AAAA,YACA,UAAA,EAAY;AAAA,WACZ,CAAA;AAED,UAAA,MAAM,UAAU,MAAM,eAAA,CAAgB,IAAI,GAAA,CAAI,IAAA,CAAK,YAAY,SAAU,CAAA;AACzE,UAAA,IAAI,CAAC,OAAA,EAAS;AACb,YAAA,MAAM,IAAI,KAAA,CAAM,WAAA,EAAa,EAAE,OAAA,EAAS,0BAA0B,CAAA;AAAA,UACnE;AAEA,UAAA,MAAM,MAAA,GAAkC;AAAA,YACvC,SAAA,EAAW,KAAK,GAAA;AAAI,WACrB;AACA,UAAA,IAAI,IAAI,IAAA,CAAK,IAAA,KAAS,QAAW,MAAA,CAAO,IAAA,GAAO,IAAI,IAAA,CAAK,IAAA;AACxD,UAAA,IAAI,IAAI,IAAA,CAAK,MAAA,KAAW,QAAW,MAAA,CAAO,MAAA,GAAS,IAAI,IAAA,CAAK,MAAA;AAC5D,UAAA,IAAI,IAAI,IAAA,CAAK,OAAA,KAAY,UAAa,GAAA,CAAI,IAAA,CAAK,WAAW,MAAA,EAAW;AACpE,YAAA,MAAM,UAAU,gBAAA,CAAiB,GAAA,CAAI,KAAK,OAAA,EAAS,GAAA,CAAI,KAAK,MAAM,CAAA;AAClE,YAAA,IAAI,OAAA,CAAQ,WAAW,CAAA,EAAG;AACzB,cAAA,MAAM,IAAI,KAAA,CAAM,aAAA,EAAe,EAAE,OAAA,EAAS,2CAA2C,CAAA;AAAA,YACtF;AACA,YAAA,MAAA,CAAO,MAAA,GAAS,OAAA,CAAQ,IAAA,CAAK,GAAG,CAAA;AAChC,YAAA,MAAA,CAAO,cAAA,GAAiB,KAAA;AAAA,UACzB;AAEA,UAAA,IAAI,GAAA,CAAI,KAAK,UAAA,EAAY;AACxB,YAAA,MAAM,MAAA,GAAS,eAAA;AAAA,cACd,SAAA,CAAgC,QAAQ,UAAU,CAAA;AAAA,cAClD,IAAI,IAAA,CAAK;AAAA,aACV;AACA,YAAA,MAAA,CAAO,SAAS,MAAA,CAAO,MAAA;AACvB,YAAA,MAAA,CAAO,YAAA,GAAe,MAAA;AACtB,YAAA,MAAA,CAAO,UAAA,GAAa,IAAA,CAAK,SAAA,CAAU,MAAM,CAAA;AACzC,YAAA,MAAA,CAAO,UAAA,GAAa,IAAA;AAAA,UACrB;AAEA,UAAA,IAAI,GAAA,CAAI,KAAK,UAAA,EAAY;AACxB,YAAA,MAAM,MAAA,GAAS,eAAA;AAAA,cACd,SAAA,CAAgC,QAAQ,UAAU,CAAA;AAAA,cAClD,IAAI,IAAA,CAAK,UAAA;AAAA,cACT,OAAA,CAAQ,UAAA;AAAA,cACR,IAAI,OAAA,CAAQ;AAAA,aACb;AACA,YAAA,MAAA,CAAO,SAAS,MAAA,CAAO,MAAA;AACvB,YAAA,MAAA,CAAO,YAAA,GAAe,MAAA;AACtB,YAAA,MAAA,CAAO,UAAA,GAAa,IAAA,CAAK,SAAA,CAAU,MAAM,CAAA;AACzC,YAAA,MAAA,CAAO,UAAA,GAAa,IAAA;AAAA,UACrB;AAEA,UAAA,MAAM,OAAA,GAAU,MAAM,EAAA,CAAG,MAAA,CAAuB;AAAA,YAC/C,KAAA,EAAO,aAAA;AAAA,YACP,KAAA,EAAO;AAAA,cACN,EAAE,KAAA,EAAO,YAAA,EAAc,KAAA,EAAO,GAAA,CAAI,KAAK,UAAA,EAAW;AAAA,cAClD,EAAE,KAAA,EAAO,WAAA,EAAa,KAAA,EAAO,SAAA;AAAW,aACzC;AAAA,YACA;AAAA,WACA,CAAA;AACD,UAAA,IAAI,CAAC,OAAA,EAAS;AACb,YAAA,MAAM,IAAI,KAAA,CAAM,WAAA,EAAa,EAAE,OAAA,EAAS,0BAA0B,CAAA;AAAA,UACnE;AACA,UAAA,OAAO,IAAI,IAAA,CAAK,mBAAA,CAAoB,SAAS,GAAA,CAAI,OAAA,CAAQ,OAAO,CAAC,CAAA;AAAA,QAClE;AAAA,OACD;AAAA,MAEA,iBAAA,EAAmBL,kBAAAA;AAAA,QAClB,6BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM,uBAAA;AAAA,UACN,GAAA,EAAK,CAACK,iBAAiB;AAAA,SACxB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,EAAE,SAAA,EAAU,GAAI,eAAA,CAAgB,IAAI,IAAI,CAAA;AAC9C,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,SAAA;AAAA,YACA,UAAA,EAAY;AAAA,WACZ,CAAA;AACD,UAAA,MAAM,GAAG,MAAA,CAAO;AAAA,YACf,KAAA,EAAO,aAAA;AAAA,YACP,KAAA,EAAO;AAAA,cACN,EAAE,KAAA,EAAO,YAAA,EAAc,KAAA,EAAO,GAAA,CAAI,KAAK,UAAA,EAAW;AAAA,cAClD,EAAE,KAAA,EAAO,WAAA,EAAa,KAAA,EAAO,SAAA;AAAW;AACzC,WACA,CAAA;AACD,UAAA,OAAO,GAAA,CAAI,IAAA,CAAK,EAAE,OAAA,EAAS,MAAM,CAAA;AAAA,QAClC;AAAA,OACD;AAAA,MAEA,eAAA,EAAiBL,kBAAAA;AAAA,QAChB,6BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM,qBAAA;AAAA,UACN,GAAA,EAAK,CAACK,iBAAiB;AAAA,SACxB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,EAAE,SAAA,EAAW,KAAA,EAAM,GAAI,eAAA,CAAgB,IAAI,IAAI,CAAA;AACrD,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,SAAA;AAAA,YACA,UAAA,EAAY;AAAA,WACZ,CAAA;AAED,UAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAA0B;AAAA,YAC/C,KAAA,EAAO,cAAA;AAAA,YACP,KAAA,EAAO;AAAA,cACN,GAAG,KAAA;AAAA,cACH,GAAI,GAAA,CAAI,IAAA,CAAK,cAAA,GACV,CAAC,EAAE,KAAA,EAAO,gBAAA,EAAkB,KAAA,EAAO,GAAA,CAAI,IAAA,CAAK,cAAA,EAAgB,IAC5D;AAAC,aACL;AAAA,YACA,OAAO,IAAA,CAAK,GAAA,CAAI,IAAI,IAAA,CAAK,KAAA,IAAS,KAAK,GAAG;AAAA,WAC1C,CAAA;AACD,UAAA,MAAM,IAAA,GAAO,MAAM,OAAA,CAAQ,GAAA;AAAA,YAC1B,IAAA,CAAK,GAAA;AAAA,cAAI,OAAO,QACf,kBAAA,CAAmB,GAAA,EAAK,MAAM,mBAAA,CAAoB,EAAA,EAAI,GAAA,CAAI,UAAU,CAAC;AAAA;AACtE,WACD;AACA,UAAA,OAAO,IAAI,IAAA,CAAK,EAAE,IAAA,EAAM,WAAA,EAAa,MAAM,CAAA;AAAA,QAC5C;AAAA,OACD;AAAA,MAEA,YAAA,EAAcL,kBAAAA;AAAA,QACb,2BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM,kBAAA;AAAA,UACN,GAAA,EAAK,CAACK,iBAAiB;AAAA,SACxB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,EAAE,SAAA,EAAU,GAAI,eAAA,CAAgB,IAAI,IAAI,CAAA;AAC9C,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,SAAA;AAAA,YACA,UAAA,EAAY;AAAA,WACZ,CAAA;AACD,UAAA,MAAM,MAAM,MAAM,aAAA,CAAc,IAAI,GAAA,CAAI,IAAA,CAAK,YAAY,SAAU,CAAA;AACnE,UAAA,IAAI,CAAC,GAAA,EAAK;AACT,YAAA,MAAM,IAAI,KAAA,CAAM,WAAA,EAAa,EAAE,OAAA,EAAS,4BAA4B,CAAA;AAAA,UACrE;AACA,UAAA,OAAO,GAAA,CAAI,IAAA;AAAA,YACV,mBAAmB,GAAA,EAAK,MAAM,oBAAoB,EAAA,EAAI,GAAA,CAAI,UAAU,CAAC;AAAA,WACtE;AAAA,QACD;AAAA,OACD;AAAA,MAEA,iBAAA,EAAmBL,kBAAAA;AAAA,QAClB,uBAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM,qBAAA;AAAA,UACN,GAAA,EAAK,CAACK,iBAAiB;AAAA,SACxB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,EAAE,IAAA,EAAK,GAAI,oBAAA,CAAqB,GAAG,CAAA;AACzC,UAAA,MAAM,EAAE,SAAA,EAAU,GAAI,eAAA,CAAgB,IAAI,IAAI,CAAA;AAC9C,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,SAAA;AAAA,YACA,UAAA,EAAY;AAAA,WACZ,CAAA;AACD,UAAA,MAAMD,6BAA4B,GAAA,EAAK,EAAA,EAAI,GAAA,CAAI,IAAA,CAAK,gBAAgB,SAAU,CAAA;AAE9E,UAAA,MAAM,QAAA,GAAW,MAAM,EAAA,CAAG,OAAA,CAAyB;AAAA,YAClD,KAAA,EAAO,cAAA;AAAA,YACP,KAAA,EAAO;AAAA,cACN,EAAE,KAAA,EAAO,gBAAA,EAAkB,KAAA,EAAO,GAAA,CAAI,KAAK,cAAA,EAAe;AAAA,cAC1D,EAAE,KAAA,EAAO,WAAA,EAAa,KAAA,EAAO,SAAA;AAAW;AACzC,WACA,CAAA;AACD,UAAA,MAAM,UAAA,GAAa,QAAA,EAAU,UAAA,IAAc,QAAA,CAAS,KAAK,CAAA;AACzD,UAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,UAAA,MAAM,SAAA,GAAYE,qBAAqB,EAAE,CAAA;AACzC,UAAA,MAAM,cAAc,SAAA,CAAU,MAAA;AAAA,YAC7B,GAAG,SAAS,CAAA,CAAA,EAAI,UAAU,CAAA,CAAA,EAAI,GAAA,CAAI,KAAK,cAAc,CAAA;AAAA,WACtD;AACA,UAAA,MAAM,WAAA,GAAc,MAAM,gBAAA,CAAiB,SAAS,CAAA;AACpD,UAAA,MAAM,WAAA,GAAc,CAAA,EAAG,GAAA,CAAI,OAAA,CAAQ,OAAO,CAAA,QAAA,CAAA;AAC1C,UAAA,MAAM,aAAA,GAAgB;AAAA,YACrB,UAAA;AAAA,YACA,SAAA;AAAA,YACA,cAAA,EAAgB,IAAI,IAAA,CAAK,cAAA;AAAA,YACzB,IAAA,EAAM,IAAI,IAAA,CAAK,IAAA;AAAA,YACf,QAAA,EAAU,IAAI,IAAA,CAAK,QAAA;AAAA,YACnB,SAAA,EAAW,WAAA;AAAA,YACX,SAAA,EAAW,WAAA;AAAA,YACX,WAAA;AAAA,YACA,MAAA,EAAQ,IAAA;AAAA,YACR,QAAQ,IAAA,CAAK,EAAA;AAAA,YACb,UAAA,EAAY,UAAU,UAAA,IAAc,IAAA;AAAA,YACpC,cAAA,EAAgB,UAAU,cAAA,IAAkB,IAAA;AAAA,YAC5C,SAAA,EAAW;AAAA,WACZ;AAEA,UAAA,MAAM,GAAA,GAAM,QAAA,GACT,MAAM,EAAA,CAAG,MAAA,CAAwB;AAAA,YACjC,KAAA,EAAO,cAAA;AAAA,YACP,KAAA,EAAO;AAAA,cACN,EAAE,KAAA,EAAO,YAAA,EAAc,KAAA,EAAO,UAAA,EAAW;AAAA,cACzC,EAAE,KAAA,EAAO,WAAA,EAAa,KAAA,EAAO,SAAA;AAAW,aACzC;AAAA,YACA,MAAA,EAAQ;AAAA,WACR,CAAA,GACA,MAAM,EAAA,CAAG,MAAA,CAAwB;AAAA,YACjC,KAAA,EAAO,cAAA;AAAA,YACP,IAAA,EAAM;AAAA,cACL,GAAG,aAAA;AAAA,cACH,SAAA,EAAW;AAAA;AACZ,WACA,CAAA;AACH,UAAA,IAAI,CAAC,GAAA,EAAK;AACT,YAAA,MAAM,GAAA,CAAI,MAAM,uBAAA,EAAyB;AAAA,cACxC,OAAA,EAAS;AAAA,aACT,CAAA;AAAA,UACF;AACA,UAAA,OAAO,GAAA,CAAI,IAAA;AAAA,YACV,mBAAmB,GAAA,EAAK,MAAM,oBAAoB,EAAA,EAAI,GAAA,CAAI,UAAU,CAAA,EAAG;AAAA,cACtE;AAAA,aACA;AAAA,WACF;AAAA,QACD;AAAA,OACD;AAAA,MAEA,eAAA,EAAiBN,kBAAAA;AAAA,QAChB,8BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM,qBAAA;AAAA,UACN,GAAA,EAAK,CAACK,iBAAiB;AAAA,SACxB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,EAAE,SAAA,EAAU,GAAI,eAAA,CAAgB,IAAI,IAAI,CAAA;AAC9C,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,SAAA;AAAA,YACA,UAAA,EAAY;AAAA,WACZ,CAAA;AACD,UAAA,MAAM,GAAG,MAAA,CAAO;AAAA,YACf,KAAA,EAAO,cAAA;AAAA,YACP,KAAA,EAAO;AAAA,cACN,EAAE,KAAA,EAAO,YAAA,EAAc,KAAA,EAAO,GAAA,CAAI,KAAK,UAAA,EAAW;AAAA,cAClD,EAAE,KAAA,EAAO,WAAA,EAAa,KAAA,EAAO,SAAA;AAAW;AACzC,WACA,CAAA;AACD,UAAA,OAAO,GAAA,CAAI,IAAA,CAAK,EAAE,OAAA,EAAS,MAAM,CAAA;AAAA,QAClC;AAAA,OACD;AAAA,MAEA,kBAAA,EAAoBL,kBAAAA;AAAA,QACnB,yBAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM,wBAAA;AAAA,UACN,GAAA,EAAK,CAACK,iBAAiB;AAAA,SACxB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,EAAE,SAAA,EAAU,GAAI,eAAA,CAAgB,IAAI,IAAI,CAAA;AAC9C,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,SAAA;AAAA,YACA,UAAA,EAAY;AAAA,WACZ,CAAA;AACD,UAAA,MAAM,YAAY,MAAM,aAAA,CAAc,IAAI,GAAA,CAAI,IAAA,CAAK,YAAY,SAAU,CAAA;AACzE,UAAA,IAAI,CAAC,SAAA,EAAW;AACf,YAAA,MAAM,IAAI,KAAA,CAAM,WAAA,EAAa,EAAE,OAAA,EAAS,4BAA4B,CAAA;AAAA,UACrE;AACA,UAAA,MAAM,QAAA,GAAW,MAAM,EAAA,CAAG,QAAA,CAAqB;AAAA,YAC9C,KAAA,EAAO,SAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,cAAc,KAAA,EAAO,SAAA,CAAU,YAAY,CAAA;AAAA,YAC5D,OAAO,IAAA,CAAK,GAAA,CAAI,IAAI,IAAA,CAAK,KAAA,IAAS,KAAK,GAAG;AAAA,WAC1C,CAAA;AACD,UAAA,MAAM,OAAA,GAAU,KAAA,CAAM,IAAA,CAAK,IAAI,GAAA,CAAI,QAAA,CAAS,GAAA,CAAI,CAAC,OAAA,KAAY,OAAA,CAAQ,MAAM,CAAC,CAAC,CAAA;AAC7E,UAAA,MAAM,QACL,OAAA,CAAQ,MAAA,GAAS,CAAA,GACd,MAAM,GAAG,QAAA,CAAkB;AAAA,YAC3B,KAAA,EAAO,MAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,MAAM,KAAA,EAAO,OAAA,EAAS,QAAA,EAAU,IAAA,EAAM,CAAA;AAAA,YACvD,OAAO,OAAA,CAAQ;AAAA,WACf,IACA,EAAC;AACL,UAAA,MAAM,SAAA,GAAY,IAAI,GAAA,CAAI,KAAA,CAAM,GAAA,CAAI,CAAC,IAAA,KAAS,CAAC,IAAA,CAAK,EAAA,EAAI,IAAI,CAAC,CAAC,CAAA;AAC9D,UAAA,MAAM,IAAA,GAAO,QAAA,CACX,GAAA,CAAI,CAAC,OAAA,KAAY;AACjB,YAAA,MAAM,IAAA,GAAO,SAAA,CAAU,GAAA,CAAI,OAAA,CAAQ,MAAM,CAAA;AACzC,YAAA,OAAO,IAAA,GAAO,sBAAA,CAAuB,SAAA,EAAW,IAAA,EAAM,OAAO,CAAA,GAAI,IAAA;AAAA,UAClE,CAAC,CAAA,CACA,MAAA,CAAO,CAAC,KAAA,KAA8C,KAAA,KAAU,IAAI,CAAA,CACpE,MAAA,CAAO,CAAC,KAAA,KAAW,GAAA,CAAI,KAAK,KAAA,GAAQ,KAAA,CAAM,UAAU,GAAA,CAAI,IAAA,CAAK,QAAQ,IAAK,CAAA;AAC5E,UAAA,OAAO,IAAI,IAAA,CAAK,EAAE,IAAA,EAAM,KAAA,EAAO,MAAM,CAAA;AAAA,QACtC;AAAA,OACD;AAAA,MAEA,gBAAA,EAAkBL,kBAAAA;AAAA,QACjB,uBAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM,sBAAA;AAAA,UACN,GAAA,EAAK,CAACK,iBAAiB;AAAA,SACxB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,EAAE,SAAA,EAAU,GAAI,eAAA,CAAgB,IAAI,IAAI,CAAA;AAC9C,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,SAAA;AAAA,YACA,UAAA,EAAY;AAAA,WACZ,CAAA;AAED,UAAA,MAAM,OAAA,GAAU,MAAM,EAAA,CAAG,OAAA,CAAoB;AAAA,YAC5C,KAAA,EAAO,SAAA;AAAA,YACP,KAAA,EAAO;AAAA,cACN,EAAE,KAAA,EAAO,QAAA,EAAU,KAAA,EAAO,GAAA,CAAI,KAAK,MAAA,EAAO;AAAA,cAC1C,GAAI,GAAA,CAAI,IAAA,CAAK,UAAA,GACV,CAAC,EAAE,KAAA,EAAO,YAAA,EAAc,KAAA,EAAO,GAAA,CAAI,IAAA,CAAK,UAAA,EAAY,IACpD;AAAC;AACL,WACA,CAAA;AACD,UAAA,IAAI,CAAC,OAAA,EAAS;AACb,YAAA,MAAM,IAAI,KAAA,CAAM,WAAA,EAAa,EAAE,OAAA,EAAS,4BAA4B,CAAA;AAAA,UACrE;AACA,UAAA,MAAM,YAAY,MAAM,aAAA,CAAc,EAAA,EAAI,OAAA,CAAQ,YAAY,SAAU,CAAA;AACxE,UAAA,IAAI,CAAC,SAAA,EAAW;AACf,YAAA,MAAM,IAAI,KAAA,CAAM,WAAA,EAAa,EAAE,OAAA,EAAS,4BAA4B,CAAA;AAAA,UACrE;AACA,UAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,OAAA,CAAiB;AAAA,YACtC,KAAA,EAAO,MAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,MAAM,KAAA,EAAO,GAAA,CAAI,IAAA,CAAK,MAAA,EAAQ;AAAA,WAC/C,CAAA;AACD,UAAA,IAAI,CAAC,IAAA,EAAM;AACV,YAAA,MAAM,IAAI,KAAA,CAAM,WAAA,EAAa,EAAE,OAAA,EAAS,kBAAkB,CAAA;AAAA,UAC3D;AACA,UAAA,OAAO,IAAI,IAAA,CAAK,sBAAA,CAAuB,SAAA,EAAW,IAAA,EAAM,OAAO,CAAC,CAAA;AAAA,QACjE;AAAA,OACD;AAAA,MAEA,mBAAA,EAAqBL,kBAAAA;AAAA,QACpB,0BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM,yBAAA;AAAA,UACN,GAAA,EAAK,CAACK,iBAAiB;AAAA,SACxB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,EAAE,SAAA,EAAU,GAAI,eAAA,CAAgB,IAAI,IAAI,CAAA;AAC9C,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,SAAA;AAAA,YACA,UAAA,EAAY;AAAA,WACZ,CAAA;AACD,UAAA,OAAO,GAAA,CAAI,KAAK,EAAE,IAAA,EAAM,EAAC,EAAG,MAAA,EAAQ,EAAC,EAAG,CAAA;AAAA,QACzC;AAAA,OACD;AAAA,MAEA,iBAAA,EAAmBL,kBAAAA;AAAA,QAClB,wBAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UAAQ,cAAA,EAAgB,IAAA;AAAA,UAChC,IAAA,EAAM,uBAAA;AAAA,UACN,GAAA,EAAK,CAACK,iBAAiB;AAAA,SACxB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,EAAE,SAAA,EAAU,GAAI,eAAA,CAAgB,IAAI,IAAI,CAAA;AAC9C,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,SAAA;AAAA,YACA,UAAA,EAAY;AAAA,WACZ,CAAA;AACD,UAAA,MAAM,GAAA,CAAI,MAAM,WAAA,EAAa;AAAA,YAC5B,OAAA,EAAS;AAAA,WACT,CAAA;AAAA,QACF;AAAA;AACD;AACD,GACD;AACD;AC/jCA,IAAM,gBAAA,GAAmBP,EACvB,MAAA,CAAO;AAAA;AAAA,EAEP,YAAYA,CAAAA,CAAE,KAAA,CAAMA,EAAE,MAAA,EAAQ,EAAE,QAAA,EAAS;AAAA;AAAA,EAEzC,KAAA,EAAOA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA;AAAA,EAE3B,KAAA,EAAOA,CAAAA,CAAE,MAAA,EAAO,CAAE,GAAA,EAAI,CAAE,QAAA,EAAS,CAAE,GAAA,CAAI,GAAG,CAAA,CAAE,QAAA,EAAS;AAAA;AAAA,EAErD,cAAA,EAAgBA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA;AAAA,EAEpC,UAAA,EAAYA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA;AAAA,EAEhC,QAAA,EAAUA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AACtB,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAQnB,SAAS,eAAe,GAAA,EAA6C;AAC3E,EAAA,OAAO;AAAA,IACN,IAAI,GAAA,CAAI,EAAA;AAAA,IACR,MAAM,GAAA,CAAI,MAAA;AAAA,IACV,IAAA,EAAM;AAAA,MACL,WAAW,GAAA,CAAI,SAAA;AAAA,MACf,SAAS,GAAA,CAAI,OAAA;AAAA,MACb,WAAW,GAAA,CAAI,SAAA;AAAA,MACf,YAAY,GAAA,CAAI,UAAA;AAAA,MAChB,gBAAgB,GAAA,CAAI,cAAA;AAAA,MACpB,SAAS,GAAA,CAAI,OAAA,GAAU,aAAA,CAAc,GAAA,CAAI,OAAiB,CAAA,GAAI,MAAA;AAAA,MAC9D,SAAS,GAAA,CAAI,OAAA,GAAU,aAAA,CAAc,GAAA,CAAI,OAAiB,CAAA,GAAI,MAAA;AAAA,MAC9D,UAAU,GAAA,CAAI,QAAA,GAAW,aAAA,CAAc,GAAA,CAAI,QAAkB,CAAA,GAAI,MAAA;AAAA,MACjE,WAAW,GAAA,CAAI,SAAA;AAAA,MACf,WAAW,GAAA,CAAI;AAAA,KAChB;AAAA,IACA,SAAA,EAAW,GAAA,CAAI,UAAA,IAAc,GAAA,CAAI;AAAA,GAClC;AACD;AAEA,SAAS,cAAc,KAAA,EAAwB;AAC9C,EAAA,IAAI;AACH,IAAA,OAAO,IAAA,CAAK,MAAM,KAAK,CAAA;AAAA,EACxB,CAAA,CAAA,MAAQ;AACP,IAAA,OAAO,KAAA;AAAA,EACR;AACD;AAsBO,SAAS,YAAA,GAAiC;AAChD,EAAA,OAAO;AAAA,IACN,EAAA,EAAI,eAAA;AAAA;AAAA,IAIJ,SAAA,EAAW;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,MAQV,UAAA,EAAYE,kBAAAA;AAAA,QACX,qBAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UACR,IAAA,EAAM,gBAAA;AAAA,UACN,cAAA,EAAgB;AAAA,SACjB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,KAAA,GAAQ,gBAAgB,IAA+B,CAAA;AAC7D,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,UAAA,EAAY,YAAA;AAAA,YACZ,WAAW,KAAA,CAAM;AAAA,WACjB,CAAA;AAED,UAAA,MAAM,QAAQ,IAAA,CAAK,GAAA,CAAI,IAAA,CAAK,KAAA,IAAS,IAAI,GAAG,CAAA;AAC5C,UAAA,MAAM,OAAA,GAAyB,CAAC,GAAG,KAAA,CAAM,KAAK,CAAA;AAG9C,UAAA,IAAI,IAAA,CAAK,UAAA,IAAc,IAAA,CAAK,UAAA,CAAW,SAAS,CAAA,EAAG;AAClD,YAAA,IAAI,IAAA,CAAK,UAAA,CAAW,MAAA,KAAW,CAAA,EAAG;AACjC,cAAA,OAAA,CAAQ,IAAA,CAAK,EAAE,KAAA,EAAO,QAAA,EAAU,OAAO,IAAA,CAAK,UAAA,CAAW,CAAC,CAAA,EAAI,CAAA;AAAA,YAC7D,CAAA,MAAO;AACN,cAAA,OAAA,CAAQ,IAAA,CAAK;AAAA,gBACZ,KAAA,EAAO,QAAA;AAAA,gBACP,QAAA,EAAU,IAAA;AAAA,gBACV,OAAO,IAAA,CAAK;AAAA,eACZ,CAAA;AAAA,YACF;AAAA,UACD;AAGA,UAAA,IAAI,KAAK,cAAA,EAAgB;AACxB,YAAA,OAAA,CAAQ,KAAK,EAAE,KAAA,EAAO,kBAAkB,KAAA,EAAO,IAAA,CAAK,gBAAgB,CAAA;AAAA,UACrE;AAGA,UAAA,IAAI,IAAA,CAAK,eAAe,MAAA,EAAW;AAClC,YAAA,OAAA,CAAQ,IAAA,CAAK;AAAA,cACZ,KAAA,EAAO,YAAA;AAAA,cACP,QAAA,EAAU,KAAA;AAAA,cACV,OAAO,IAAA,CAAK;AAAA,aACZ,CAAA;AAAA,UACF;AACA,UAAA,IAAI,IAAA,CAAK,aAAa,MAAA,EAAW;AAChC,YAAA,OAAA,CAAQ,IAAA,CAAK;AAAA,cACZ,KAAA,EAAO,YAAA;AAAA,cACP,QAAA,EAAU,KAAA;AAAA,cACV,OAAO,IAAA,CAAK;AAAA,aACZ,CAAA;AAAA,UACF;AAKA,UAAA,IAAI,KAAK,KAAA,EAAO;AAEf,YAAA,MAAM,UAAA,GAAa,MAAM,EAAA,CAAG,QAAA,CAAwB;AAAA,cACnD,KAAA,EAAO,YAAA;AAAA,cACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,KAAA,EAAO,IAAA,CAAK,KAAA,EAAM,EAAG,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,cAC1D,KAAA,EAAO;AAAA,aACP,CAAA;AACD,YAAA,IAAI,UAAA,CAAW,CAAC,CAAA,EAAG;AAClB,cAAA,OAAA,CAAQ,IAAA,CAAK;AAAA,gBACZ,KAAA,EAAO,YAAA;AAAA,gBACP,QAAA,EAAU,IAAA;AAAA,gBACV,KAAA,EAAO,UAAA,CAAW,CAAC,CAAA,CAAE;AAAA,eACrB,CAAA;AAAA,YACF;AAAA,UACD;AAEA,UAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAAwB;AAAA,YAC7C,KAAA,EAAO,YAAA;AAAA,YACP,KAAA,EAAO,OAAA;AAAA,YACP,OAAO,KAAA,GAAQ,CAAA;AAAA;AAAA,YACf,MAAA,EAAQ,EAAE,KAAA,EAAO,YAAA,EAAc,WAAW,MAAA;AAAO,WACjD,CAAA;AAED,UAAA,MAAM,OAAA,GAAU,KAAK,MAAA,GAAS,KAAA;AAC9B,UAAA,MAAM,SAAS,OAAA,GAAU,IAAA,CAAK,KAAA,CAAM,CAAA,EAAG,KAAK,CAAA,GAAI,IAAA;AAChD,UAAA,MAAM,SAAA,GAAY,MAAA,CAAO,MAAA,CAAO,MAAA,GAAS,CAAC,CAAA;AAC1C,UAAA,MAAM,MAAA,GAAS,SAAA,GAAa,SAAA,CAAU,EAAA,GAAgB,MAAA;AAEtD,UAAA,OAAO,IAAI,IAAA,CAAK;AAAA,YACf,IAAA,EAAM,MAAA,CAAO,GAAA,CAAI,cAAc,CAAA;AAAA,YAC/B,MAAA,EAAQ,UAAU,MAAA,GAAS,MAAA;AAAA,YAC3B;AAAA,WACA,CAAA;AAAA,QACF;AAAA;AACD;AACD,GACD;AACD;AC7JA,IAAMO,sBAAAA,GAAwB,aAAA;AAC9B,IAAM,cAAA,mBAAiB,IAAI,GAAA,CAAI,CAACA,sBAAqB,CAAC,CAAA;AACtD,IAAM,oBAAA,GAAuB,GAAA,GAAO,EAAA,GAAK,EAAA,GAAK,EAAA;AAI9C,IAAM,wBAAA,GAA2BT,EAC/B,MAAA,CAAO;AAAA,EACP,IAAA,EAAMA,CAAAA,CAAE,MAAA,EAAO,CAAE,IAAI,CAAC,CAAA;AAAA,EACtB,IAAA,EAAMA,CAAAA,CAAE,MAAA,EAAO,CAAE,IAAI,CAAC,CAAA;AAAA,EACtB,IAAA,EAAMA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC1B,QAAA,EAAUA,CAAAA,CAAE,MAAA,CAAOA,CAAAA,CAAE,MAAA,IAAUA,CAAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS;AAAA,EACrD,6BAAA,EAA+BA,CAAAA,CAAE,OAAA,EAAQ,CAAE,QAAA;AAC5C,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,oBAAA,GAAuBA,EAC3B,MAAA,CAAO;AAAA,EACP,cAAA,EAAgBA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACpC,gBAAA,EAAkBA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AAC9B,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,kBAAA,GAAqBA,EACzB,MAAA,CAAO;AAAA,EACP,KAAA,EAAOA,CAAAA,CAAE,MAAA,EAAO,CAAE,KAAA,EAAM;AAAA,EACxB,IAAA,EAAMA,CAAAA,CAAE,KAAA,CAAM,CAACA,CAAAA,CAAE,MAAA,EAAO,EAAGA,CAAAA,CAAE,KAAA,CAAMA,CAAAA,CAAE,MAAA,EAAQ,CAAC,CAAC,CAAA;AAAA,EAC/C,cAAA,EAAgBA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACpC,MAAA,EAAQA,CAAAA,CAAE,OAAA,EAAQ,CAAE,QAAA;AACrB,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,sBAAA,GAAyBA,EAC7B,MAAA,CAAO;AAAA,EACP,QAAA,EAAUA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC9B,gBAAA,EAAkBA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACtC,IAAA,EAAMA,CAAAA,CAAE,KAAA,CAAM,CAACA,CAAAA,CAAE,MAAA,EAAO,EAAGA,CAAAA,CAAE,KAAA,CAAMA,CAAAA,CAAE,MAAA,EAAQ,CAAC,CAAC,CAAA;AAAA,EAC/C,cAAA,EAAgBA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AAC5B,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,kBAAA,GAAqBA,EACzB,MAAA,CAAO;AAAA,EACP,eAAA,EAAiBA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACrC,gBAAA,EAAkBA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACtC,cAAA,EAAgBA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AAC5B,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,wBAAA,GAA2BA,EAC/B,MAAA,CAAO;AAAA,EACP,YAAA,EAAcA,EAAE,MAAA;AACjB,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,kBAAA,GAAqBA,EACzB,MAAA,CAAO;AAAA,EACP,YAAA,EAAcA,EAAE,MAAA;AACjB,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,mBAAA,GAAsBA,EAC1B,MAAA,CAAO;AAAA,EACP,EAAA,EAAIA,EAAE,MAAA;AACP,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,qBAAA,GAAwBA,EAC5B,MAAA,CAAO;AAAA,EACP,cAAA,EAAgBA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AAC5B,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,yBAAA,GAA4BA,EAChC,MAAA,CAAO;AAAA,EACP,OAAOA,CAAAA,CAAE,MAAA,EAAO,CAAE,KAAA,GAAQ,QAAA;AAC3B,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,SAAS,kBAAkB,GAAA,EAKzB;AACD,EAAA,MAAM,EAAE,OAAA,EAAS,IAAA,EAAK,GAAI,qBAAqB,GAAG,CAAA;AAClD,EAAA,OAAO;AAAA,IACN,QAAQ,IAAA,CAAK,EAAA;AAAA,IACb,UAAU,IAAA,CAAK,IAAA;AAAA,IACf,sBAAsB,OAAA,CAAQ,oBAAA;AAAA,IAC9B,OAAO,OAAA,CAAQ;AAAA,GAChB;AACD;AAEA,SAAS,WAAW,IAAA,EAAmC;AACtD,EAAA,OAAO,eAAe,IAAI,CAAA;AAC3B;AAEA,eAAe,+BAAA,CACd,EAAA,EACA,KAAA,EACA,cAAA,EACgB;AAChB,EAAA,IAAI,CAAC,KAAA,EAAO;AACZ,EAAA,MAAM,GAAG,MAAA,CAAO;AAAA,IACf,KAAA,EAAO,SAAA;AAAA,IACP,OAAO,CAAC,EAAE,OAAO,OAAA,EAAS,KAAA,EAAO,OAAO,CAAA;AAAA,IACxC,MAAA,EAAQ;AAAA,MACP,oBAAA,EAAsB,cAAA;AAAA,MACtB,SAAA,sBAAe,IAAA;AAAK;AACrB,GACA,CAAA;AACF;AAEA,eAAe,mBAAA,CACd,IACA,MAAA,EAMkC;AAClC,EAAA,IAAI,OAAO,cAAA,EAAgB;AAC1B,IAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAA0B;AAAA,MAC/C,KAAA,EAAO,cAAA;AAAA,MACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,KAAA,EAAO,MAAA,CAAO,cAAA,EAAe,EAAG,GAAG,MAAA,CAAO,UAAU,CAAA;AAAA,MAC3E,KAAA,EAAO;AAAA,KACP,CAAA;AACD,IAAA,OAAO,IAAA,CAAK,CAAC,CAAA,IAAK,IAAA;AAAA,EACnB;AACA,EAAA,IAAI,OAAO,gBAAA,EAAkB;AAC5B,IAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAA0B;AAAA,MAC/C,KAAA,EAAO,cAAA;AAAA,MACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,MAAA,EAAQ,KAAA,EAAO,MAAA,CAAO,gBAAA,EAAiB,EAAG,GAAG,MAAA,CAAO,UAAU,CAAA;AAAA,MAC/E,KAAA,EAAO;AAAA,KACP,CAAA;AACD,IAAA,OAAO,IAAA,CAAK,CAAC,CAAA,IAAK,IAAA;AAAA,EACnB;AACA,EAAA,IAAI,OAAO,oBAAA,EAAsB;AAChC,IAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAA0B;AAAA,MAC/C,KAAA,EAAO,cAAA;AAAA,MACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,KAAA,EAAO,MAAA,CAAO,oBAAA,EAAqB,EAAG,GAAG,MAAA,CAAO,UAAU,CAAA;AAAA,MACjF,KAAA,EAAO;AAAA,KACP,CAAA;AACD,IAAA,OAAO,IAAA,CAAK,CAAC,CAAA,IAAK,IAAA;AAAA,EACnB;AACA,EAAA,OAAO,IAAA;AACR;AAEA,eAAe,iBAAA,CACd,GAAA,EACA,EAAA,EACA,cAAA,EACA,QACA,UAAA,EACqB;AACrB,EAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAAoB;AAAA,IACzC,KAAA,EAAO,QAAA;AAAA,IACP,KAAA,EAAO;AAAA,MACN,EAAE,KAAA,EAAO,gBAAA,EAAkB,KAAA,EAAO,cAAA,EAAe;AAAA,MACjD,EAAE,KAAA,EAAO,QAAA,EAAU,KAAA,EAAO,MAAA,EAAO;AAAA,MACjC,GAAG;AAAA,KACJ;AAAA,IACA,KAAA,EAAO;AAAA,GACP,CAAA;AACD,EAAA,IAAI,CAAC,IAAA,CAAK,CAAC,CAAA,EAAG;AACb,IAAA,MAAM,IAAI,KAAA,CAAM,WAAA,EAAa,EAAE,OAAA,EAAS,6CAA6C,CAAA;AAAA,EACtF;AACA,EAAA,OAAO,KAAK,CAAC,CAAA;AACd;AAEA,eAAe,0BAAA,CACd,GAAA,EACA,EAAA,EACA,SAAA,EACA,KAAA,EACgB;AAChB,EAAA,IAAI,CAAC,SAAA,EAAW;AAChB,EAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAA4B;AAAA,IACjD,KAAA,EAAO,gBAAA;AAAA,IACP,OAAO,CAAC,EAAE,OAAO,WAAA,EAAa,KAAA,EAAO,WAAW,CAAA;AAAA,IAChD,KAAA,EAAO;AAAA,GACP,CAAA;AACD,EAAA,MAAM,KAAA,GAAQ,IAAI,GAAA,CAAI,IAAA,CAAK,IAAI,CAAC,CAAA,KAAM,CAAA,CAAE,IAAI,CAAC,CAAA;AAC7C,EAAA,MAAM,OAAA,GAAU,MAAM,MAAA,CAAO,CAAC,MAAM,CAAC,KAAA,CAAM,GAAA,CAAI,CAAC,CAAC,CAAA;AACjD,EAAA,IAAI,OAAA,CAAQ,SAAS,CAAA,EAAG;AACvB,IAAA,MAAM,GAAA,CAAI,MAAM,aAAA,EAAe;AAAA,MAC9B,OAAA,EAAS,CAAA,iBAAA,EAAoB,OAAA,CAAQ,IAAA,CAAK,IAAI,CAAC,CAAA;AAAA,KAC/C,CAAA;AAAA,EACF;AACD;AAEA,SAAS,aAAA,CAAc,QAAmB,QAAA,EAA2B;AACpE,EAAA,OAAO,cAAA,CAAe,MAAA,CAAO,IAAI,CAAA,CAAE,SAAS,QAAQ,CAAA;AACrD;AAEA,eAAe,wBAAA,CACd,IACA,MAAA,EAKmB;AACnB,EAAA,IAAI,kBAAkB,EAAE,IAAA,EAAM,MAAA,CAAO,QAAA,EAAU,CAAA,EAAG;AACjD,IAAA,OAAO,IAAA;AAAA,EACR;AACA,EAAA,IAAI,CAAC,OAAO,SAAA,EAAW;AACtB,IAAA,OAAO,KAAA;AAAA,EACR;AAEA,EAAA,MAAM,WAAA,GAAc,MAAM,EAAA,CAAG,QAAA,CAA0B;AAAA,IACtD,KAAA,EAAO,SAAA;AAAA,IACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,MAAM,KAAA,EAAO,MAAA,CAAO,WAAW,CAAA;AAAA,IAChD,KAAA,EAAO;AAAA,GACP,CAAA;AACD,EAAA,OAAO,WAAA,CAAY,CAAC,CAAA,EAAG,OAAA,KAAY,MAAA,CAAO,MAAA;AAC3C;AAEA,eAAe,oBAAA,CACd,IACA,MAAA,EAIuB;AACvB,EAAA,MAAM,SAAA,GAAY,cAAA,CAAe,MAAA,CAAO,MAAA,CAAO,IAAI,CAAA;AACnD,EAAA,IAAI,SAAA,CAAU,QAAA,CAASS,sBAAqB,CAAA,EAAG;AAC9C,IAAA,uBAAO,IAAI,GAAA,CAAI,CAAC,GAAG,CAAC,CAAA;AAAA,EACrB;AACA,EAAA,OAAO,mBAAmB,EAAA,EAAI;AAAA,IAC7B,WAAW,MAAA,CAAO,SAAA;AAAA,IAClB;AAAA,GACA,CAAA;AACF;AAEA,eAAe,6BAAA,CACd,GAAA,EACA,EAAA,EACA,MAAA,EAQ4B;AAC5B,EAAA,IACC,MAAM,yBAAyB,EAAA,EAAI;AAAA,IAClC,QAAQ,MAAA,CAAO,MAAA;AAAA,IACf,UAAU,MAAA,CAAO,QAAA;AAAA,IACjB,WAAW,MAAA,CAAO;AAAA,GAClB,CAAA,EACA;AACD,IAAA,OAAO,IAAA;AAAA,EACR;AAEA,EAAA,MAAM,SAAS,MAAM,iBAAA;AAAA,IACpB,GAAA;AAAA,IACA,EAAA;AAAA,IACA,MAAA,CAAO,cAAA;AAAA,IACP,MAAA,CAAO,MAAA;AAAA,IACP,MAAA,CAAO;AAAA,GACR;AACA,EAAA,MAAM,WAAA,GAAc,MAAM,oBAAA,CAAqB,EAAA,EAAI;AAAA,IAClD,WAAW,MAAA,CAAO,SAAA;AAAA,IAClB;AAAA,GACA,CAAA;AACD,EAAA,IAAI,WAAA,CAAY,IAAI,GAAG,CAAA,IAAK,YAAY,GAAA,CAAI,MAAA,CAAO,UAAU,CAAA,EAAG;AAC/D,IAAA,OAAO,MAAA;AAAA,EACR;AAEA,EAAA,MAAM,GAAA,CAAI,MAAM,WAAA,EAAa,EAAE,SAAS,CAAA,oBAAA,EAAuB,MAAA,CAAO,UAAU,CAAA,CAAA,EAAI,CAAA;AACrF;AAEA,eAAe,mCAAA,CACd,GAAA,EACA,EAAA,EACA,MAAA,EAMgB;AAChB,EAAA,IAAI,CAAC,aAAA,CAAc,MAAA,CAAO,MAAA,EAAQA,sBAAqB,CAAA,EAAG;AACzD,IAAA;AAAA,EACD;AACA,EAAA,IAAI,MAAA,CAAO,aAAA,EAAe,QAAA,CAASA,sBAAqB,CAAA,EAAG;AAC1D,IAAA;AAAA,EACD;AAEA,EAAA,MAAM,OAAA,GAAU,MAAM,EAAA,CAAG,QAAA,CAAoB;AAAA,IAC5C,KAAA,EAAO,QAAA;AAAA,IACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,gBAAA,EAAkB,KAAA,EAAO,MAAA,CAAO,cAAA,EAAe,EAAG,GAAG,MAAA,CAAO,UAAU,CAAA;AAAA,IACvF,KAAA,EAAO;AAAA,GACP,CAAA;AACD,EAAA,MAAM,mBAAmB,OAAA,CAAQ,MAAA;AAAA,IAChC,CAAC,WAAW,MAAA,CAAO,EAAA,KAAO,OAAO,MAAA,CAAO,EAAA,IAAM,aAAA,CAAc,MAAA,EAAQA,sBAAqB;AAAA,GAC1F;AACA,EAAA,IAAI,gBAAA,CAAiB,WAAW,CAAA,EAAG;AAClC,IAAA,MAAM,GAAA,CAAI,MAAM,aAAA,EAAe;AAAA,MAC9B,OAAA,EAAS;AAAA,KACT,CAAA;AAAA,EACF;AACD;AAEA,eAAe,oBAAA,CACd,IACA,SAAA,EACgB;AAChB,EAAA,IAAI,CAAC,SAAA,EAAW;AAChB,EAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,EAAA,MAAM,KAAA,GAAQ,MAAM,EAAA,CAAG,QAAA,CAA4B;AAAA,IAClD,KAAA,EAAO,gBAAA;AAAA,IACP,KAAA,EAAO;AAAA,MACN,EAAE,KAAA,EAAO,WAAA,EAAa,KAAA,EAAO,SAAA,EAAU;AAAA,MACvC,EAAE,KAAA,EAAO,MAAA,EAAQ,KAAA,EAAOA,sBAAAA;AAAsB,KAC/C;AAAA,IACA,KAAA,EAAO;AAAA,GACP,CAAA;AACD,EAAA,IAAI,KAAA,CAAM,CAAC,CAAA,EAAG;AAEd,EAAA,MAAM,KAAA,GAAQ,MAAM,EAAA,CAAG,QAAA,CAAkC;AAAA,IACxD,KAAA,EAAO,sBAAA;AAAA,IACP,OAAO,CAAC,EAAE,OAAO,WAAA,EAAa,KAAA,EAAO,WAAW,CAAA;AAAA,IAChD,KAAA,EAAO;AAAA,GACP,CAAA;AACD,EAAA,MAAM,GAAG,MAAA,CAA0B;AAAA,IAClC,KAAA,EAAO,gBAAA;AAAA,IACP,IAAA,EAAM;AAAA,MACL,SAAA;AAAA,MACA,IAAA,EAAM,aAAA;AAAA,MACN,IAAA,EAAMA,sBAAAA;AAAA,MACN,WAAA,EAAa,wDAAA;AAAA,MACb,WAAA,EAAa,IAAA,CAAK,SAAA,CAAU,KAAA,CAAM,GAAA,CAAI,CAACR,EAAAA,KAAMA,EAAAA,CAAE,IAAI,CAAA,CAAE,IAAA,EAAM,CAAA;AAAA,MAC3D,SAAA,EAAW,IAAA;AAAA,MACX,SAAA,EAAW,GAAA;AAAA,MACX,SAAA,EAAW;AAAA;AACZ,GACA,CAAA;AACF;AAEO,SAAS,sBAAA,GAA2C;AAC1D,EAAA,OAAO;AAAA,IACN,EAAA,EAAI,0BAAA;AAAA,IACJ,MAAA,EAAQ;AAAA,MACP,YAAA,EAAc;AAAA,QACb,MAAA,EAAQ;AAAA,UACP,IAAA,EAAM,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UACvC,IAAA,EAAM,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UACvC,IAAA,EAAM,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UACxC,QAAA,EAAU,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAC5C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAC7C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC5C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA;AAAK;AAC7C,OACD;AAAA,MACA,MAAA,EAAQ;AAAA,QACP,MAAA,EAAQ;AAAA,UACP,cAAA,EAAgB,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UACjD,MAAA,EAAQ,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UACzC,IAAA,EAAM,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UACvC,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAC7C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC5C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA;AAAK;AAC7C,OACD;AAAA,MACA,UAAA,EAAY;AAAA,QACX,MAAA,EAAQ;AAAA,UACP,cAAA,EAAgB,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UACjD,KAAA,EAAO,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UACxC,IAAA,EAAM,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UACvC,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC5C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAC7C,MAAA,EAAQ,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UACzC,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC5C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA;AAAK;AAC7C;AACD,KACD;AAAA,IACA,SAAA,EAAW;AAAA,MACV,kBAAA,EAAoBC,kBAAAA;AAAA,QACnB,sBAAA;AAAA,QACA,EAAE,MAAA,EAAQ,MAAA,EAAQ,IAAA,EAAM,wBAAA,EAA0B,gBAAgB,IAAA,EAAK;AAAA,QACvE,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAM,GAAI,kBAAkB,GAAG,CAAA;AAC/C,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,KAAA,GAAQ,gBAAgB,IAA+B,CAAA;AAC7D,UAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AAErB,UAAA,MAAM,YAAA,GAAe,MAAM,EAAA,CAAG,QAAA,CAA0B;AAAA,YACvD,KAAA,EAAO,cAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,MAAA,EAAQ,KAAA,EAAO,IAAA,CAAK,IAAA,EAAK,EAAG,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YAC3D,KAAA,EAAO;AAAA,WACP,CAAA;AACD,UAAA,IAAI,YAAA,CAAa,CAAC,CAAA,EAAG;AACpB,YAAA,MAAM,IAAI,KAAA,CAAM,aAAA,EAAe,EAAE,OAAA,EAAS,oCAAoC,CAAA;AAAA,UAC/E;AAEA,UAAA,MAAM,oBAAA,CAAqB,EAAA,EAAI,KAAA,CAAM,IAAA,CAAK,SAAS,CAAA;AACnD,UAAA,MAAM,YAAA,GAAe,MAAM,EAAA,CAAG,MAAA,CAAwB;AAAA,YACrD,KAAA,EAAO,cAAA;AAAA,YACP,IAAA,EAAM;AAAA,cACL,GAAG,KAAA,CAAM,IAAA;AAAA,cACT,MAAM,IAAA,CAAK,IAAA;AAAA,cACX,MAAM,IAAA,CAAK,IAAA;AAAA,cACX,MAAM,IAAA,CAAK,IAAA;AAAA,cACX,UAAU,IAAA,CAAK,QAAA,GAAW,KAAK,SAAA,CAAU,IAAA,CAAK,QAAQ,CAAA,GAAI,MAAA;AAAA,cAC1D,SAAA,EAAW,GAAA;AAAA,cACX,SAAA,EAAW;AAAA;AACZ,WACA,CAAA;AAED,UAAA,MAAM,MAAA,GAAS,MAAM,EAAA,CAAG,MAAA,CAAkB;AAAA,YACzC,KAAA,EAAO,QAAA;AAAA,YACP,IAAA,EAAM;AAAA,cACL,GAAG,KAAA,CAAM,IAAA;AAAA,cACT,gBAAgB,YAAA,CAAa,EAAA;AAAA,cAC7B,MAAA;AAAA,cACA,IAAA,EAAMO,sBAAAA;AAAA,cACN,SAAA,EAAW,GAAA;AAAA,cACX,SAAA,EAAW;AAAA;AACZ,WACA,CAAA;AAED,UAAA,IAAI,CAAC,KAAK,6BAAA,EAA+B;AACxC,YAAA,MAAM,+BAAA,CAAgC,EAAA,EAAI,KAAA,EAAO,YAAA,CAAa,EAAE,CAAA;AAAA,UACjE;AAEA,UAAA,OAAO,GAAA,CAAI,KAAK,EAAE,GAAG,cAAc,OAAA,EAAS,CAAC,MAAM,CAAA,EAAG,CAAA;AAAA,QACvD;AAAA,OACD;AAAA,MAEA,iBAAA,EAAmBP,kBAAAA;AAAA,QAClB,oBAAA;AAAA,QACA,EAAE,MAAA,EAAQ,MAAA,EAAQ,IAAA,EAAM,kBAAA,EAAoB,gBAAgB,IAAA,EAAK;AAAA,QACjE,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAE,MAAA,EAAQ,QAAA,EAAS,GAAI,kBAAkB,GAAG,CAAA;AAClD,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,KAAA,GAAQ,eAAA,CAAgB,GAAA,CAAI,IAA+B,CAAA;AAEjE,UAAA,IACC,MAAM,yBAAyB,EAAA,EAAI;AAAA,YAClC,MAAA;AAAA,YACA,QAAA;AAAA,YACA,WAAW,KAAA,CAAM;AAAA,WACjB,CAAA,EACA;AACD,YAAA,MAAMQ,cAAAA,GAAgB,MAAM,EAAA,CAAG,QAAA,CAA0B;AAAA,cACxD,KAAA,EAAO,cAAA;AAAA,cACP,KAAA,EAAO,CAAC,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,cACtB,KAAA,EAAO,GAAA;AAAA,cACP,MAAA,EAAQ,EAAE,KAAA,EAAO,WAAA,EAAa,WAAW,MAAA;AAAO,aAChD,CAAA;AACD,YAAA,OAAO,IAAI,IAAA,CAAK;AAAA,cACf,IAAA,EAAMA,cAAAA,CAAc,GAAA,CAAI,CAAC,GAAA,MAAS;AAAA,gBACjC,GAAG,GAAA;AAAA,gBACH,QAAA,EACC,OAAO,GAAA,CAAI,QAAA,KAAa,QAAA,GACrB,KAAK,KAAA,CAAM,GAAA,CAAI,QAAkB,CAAA,GACjC,GAAA,CAAI;AAAA,eACT,CAAE,CAAA;AAAA,cACF,YAAA,EAAc,EAAE,MAAA,EAAQ,IAAA,EAAM,OAAO,IAAA;AAAK,aAC1C,CAAA;AAAA,UACF;AAEA,UAAA,MAAM,WAAA,GAAc,MAAM,EAAA,CAAG,QAAA,CAAoB;AAAA,YAChD,KAAA,EAAO,QAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,QAAA,EAAU,OAAO,MAAA,EAAO,EAAG,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YAC1D,KAAA,EAAO;AAAA,WACP,CAAA;AACD,UAAA,IAAI,WAAA,CAAY,WAAW,CAAA,EAAG;AAC7B,YAAA,OAAO,IAAI,IAAA,CAAK;AAAA,cACf,MAAM,EAAC;AAAA,cACP,YAAA,EAAc,EAAE,MAAA,EAAQ,IAAA,EAAM,OAAO,IAAA;AAAK,aAC1C,CAAA;AAAA,UACF;AAEA,UAAA,MAAM,SAAS,WAAA,CAAY,GAAA,CAAI,CAAC,CAAA,KAAM,EAAE,cAAc,CAAA;AACtD,UAAA,MAAM,aAAA,GAAgB,MAAM,EAAA,CAAG,QAAA,CAA0B;AAAA,YACxD,KAAA,EAAO,cAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,QAAA,EAAU,IAAA,EAAM,KAAA,EAAO,MAAA,EAAO,EAAG,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YACtE,KAAA,EAAO,GAAA;AAAA,YACP,MAAA,EAAQ,EAAE,KAAA,EAAO,WAAA,EAAa,WAAW,MAAA;AAAO,WAChD,CAAA;AACD,UAAA,OAAO,IAAI,IAAA,CAAK;AAAA,YACf,IAAA,EAAM,aAAA,CAAc,GAAA,CAAI,CAAC,GAAA,MAAS;AAAA,cACjC,GAAG,GAAA;AAAA,cACH,QAAA,EACC,OAAO,GAAA,CAAI,QAAA,KAAa,QAAA,GACrB,KAAK,KAAA,CAAM,GAAA,CAAI,QAAkB,CAAA,GACjC,GAAA,CAAI;AAAA,aACT,CAAE,CAAA;AAAA,YACF,YAAA,EAAc,EAAE,MAAA,EAAQ,IAAA,EAAM,OAAO,IAAA;AAAK,WAC1C,CAAA;AAAA,QACF;AAAA,OACD;AAAA,MAEA,mBAAA,EAAqBR,kBAAAA;AAAA,QACpB,qCAAA;AAAA,QACA,EAAE,MAAA,EAAQ,MAAA,EAAQ,IAAA,EAAM,oBAAA,EAAsB,gBAAgB,IAAA,EAAK;AAAA,QACnE,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAE,MAAA,EAAQ,oBAAA,EAAsB,QAAA,EAAS,GAAI,kBAAkB,GAAG,CAAA;AACxE,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,KAAA,GAAQ,eAAA,CAAgB,GAAA,CAAI,IAA+B,CAAA;AAEjE,UAAA,MAAM,GAAA,GAAM,MAAM,mBAAA,CAAoB,EAAA,EAAI;AAAA,YACzC,cAAA,EAAgB,IAAI,IAAA,CAAK,cAAA;AAAA,YACzB,gBAAA,EAAkB,IAAI,IAAA,CAAK,gBAAA;AAAA,YAC3B,oBAAA;AAAA,YACA,YAAY,KAAA,CAAM;AAAA,WAClB,CAAA;AACD,UAAA,IAAI,CAAC,GAAA,EAAK,OAAO,GAAA,CAAI,KAAK,IAAI,CAAA;AAE9B,UAAA,MAAM,6BAAA,CAA8B,KAAK,EAAA,EAAI;AAAA,YAC5C,WAAW,KAAA,CAAM,SAAA;AAAA,YACjB,gBAAgB,GAAA,CAAI,EAAA;AAAA,YACpB,MAAA;AAAA,YACA,QAAA;AAAA,YACA,YAAY,KAAA,CAAM,KAAA;AAAA,YAClB,UAAA,EAAY;AAAA,WACZ,CAAA;AAED,UAAA,MAAM,OAAA,GAAU,MAAM,EAAA,CAAG,QAAA,CAAoB;AAAA,YAC5C,KAAA,EAAO,QAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,gBAAA,EAAkB,KAAA,EAAO,GAAA,CAAI,EAAA,EAAG,EAAG,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YAClE,KAAA,EAAO;AAAA,WACP,CAAA;AACD,UAAA,MAAM,WAAA,GAAc,MAAM,EAAA,CAAG,QAAA,CAAwB;AAAA,YACpD,KAAA,EAAO,YAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,gBAAA,EAAkB,KAAA,EAAO,GAAA,CAAI,EAAA,EAAG,EAAG,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YAClE,KAAA,EAAO;AAAA,WACP,CAAA;AAED,UAAA,OAAO,IAAI,IAAA,CAAK;AAAA,YACf,GAAG,GAAA;AAAA,YACH,QAAA,EACC,OAAO,GAAA,CAAI,QAAA,KAAa,QAAA,GAAW,KAAK,KAAA,CAAM,GAAA,CAAI,QAAkB,CAAA,GAAI,GAAA,CAAI,QAAA;AAAA,YAC7E,OAAA;AAAA,YACA;AAAA,WACA,CAAA;AAAA,QACF;AAAA,OACD;AAAA,MAEA,qBAAA,EAAuBA,kBAAAA;AAAA,QACtB,0BAAA;AAAA,QACA,EAAE,MAAA,EAAQ,MAAA,EAAQ,IAAA,EAAM,oBAAA,EAAsB,gBAAgB,IAAA,EAAK;AAAA,QACnE,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAO,QAAA,EAAS,GAAI,kBAAkB,GAAG,CAAA;AACzD,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,KAAA,GAAQ,eAAA,CAAgB,GAAA,CAAI,IAA+B,CAAA;AACjE,UAAA,MAAM,GAAA,GAAM,MAAM,mBAAA,CAAoB,EAAA,EAAI;AAAA,YACzC,cAAA,EAAgB,IAAI,IAAA,CAAK,cAAA;AAAA,YACzB,gBAAA,EAAkB,IAAI,IAAA,CAAK,gBAAA;AAAA,YAC3B,YAAY,KAAA,CAAM;AAAA,WAClB,CAAA;AACD,UAAA,IAAI,CAAC,GAAA,EAAK;AACT,YAAA,MAAM,+BAAA,CAAgC,EAAA,EAAI,KAAA,EAAO,IAAI,CAAA;AACrD,YAAA,OAAO,GAAA,CAAI,KAAK,IAAI,CAAA;AAAA,UACrB;AAEA,UAAA,IACC,CAAE,MAAM,wBAAA,CAAyB,EAAA,EAAI;AAAA,YACpC,MAAA;AAAA,YACA,QAAA;AAAA,YACA,WAAW,KAAA,CAAM;AAAA,WACjB,CAAA,EACA;AACD,YAAA,MAAM,kBAAkB,GAAA,EAAK,EAAA,EAAI,IAAI,EAAA,EAAI,MAAA,EAAQ,MAAM,KAAK,CAAA;AAAA,UAC7D;AACA,UAAA,MAAM,+BAAA,CAAgC,EAAA,EAAI,KAAA,EAAO,GAAA,CAAI,EAAE,CAAA;AACvD,UAAA,OAAO,GAAA,CAAI,KAAK,GAAG,CAAA;AAAA,QACpB;AAAA,OACD;AAAA,MAEA,YAAA,EAAcA,kBAAAA;AAAA,QACb,6BAAA;AAAA,QACA,EAAE,MAAA,EAAQ,MAAA,EAAQ,IAAA,EAAM,kBAAA,EAAoB,gBAAgB,IAAA,EAAK;AAAA,QACjE,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAE,MAAA,EAAQ,oBAAA,EAAsB,QAAA,EAAS,GAAI,kBAAkB,GAAG,CAAA;AACxE,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,KAAA,GAAQ,gBAAgB,IAA+B,CAAA;AAC7D,UAAA,MAAM,SAAA,GAAY,MAAM,IAAA,CAAK,SAAA;AAC7B,UAAA,MAAM,KAAA,GAAQ,KAAK,cAAA,IAAkB,oBAAA;AACrC,UAAA,IAAI,CAAC,OAAO,MAAM,GAAA,CAAI,MAAM,aAAA,EAAe,EAAE,OAAA,EAAS,uBAAA,EAAyB,CAAA;AAE/E,UAAA,MAAM,6BAAA,CAA8B,KAAK,EAAA,EAAI;AAAA,YAC5C,WAAW,KAAA,CAAM,SAAA;AAAA,YACjB,cAAA,EAAgB,KAAA;AAAA,YAChB,MAAA;AAAA,YACA,QAAA;AAAA,YACA,YAAY,KAAA,CAAM,KAAA;AAAA,YAClB,UAAA,EAAY;AAAA,WACZ,CAAA;AAED,UAAA,MAAM,KAAA,GAAQ,UAAA,CAAW,IAAA,CAAK,IAAI,CAAA;AAClC,UAAA,IAAI,KAAA,CAAM,IAAA,CAAK,CAAC,CAAA,KAAM,cAAA,CAAe,IAAI,CAAC,CAAA,IAAK,CAAA,KAAMO,sBAAqB,CAAA,EAAG;AAC5E,YAAA,MAAM,IAAI,KAAA,CAAM,aAAA,EAAe,EAAE,OAAA,EAAS,qCAAqC,CAAA;AAAA,UAChF;AACA,UAAA,MAAM,0BAAA,CAA2B,GAAA,EAAK,EAAA,EAAI,SAAA,EAAW,KAAK,CAAA;AAE1D,UAAA,MAAM,KAAA,GAAQ,IAAA,CAAK,KAAA,CAAM,WAAA,EAAY;AACrC,UAAA,MAAM,eAAA,GAAkB,MAAM,EAAA,CAAG,QAAA,CAAwB;AAAA,YACxD,KAAA,EAAO,YAAA;AAAA,YACP,KAAA,EAAO;AAAA,cACN,EAAE,KAAA,EAAO,gBAAA,EAAkB,KAAA,EAAO,KAAA,EAAM;AAAA,cACxC,EAAE,KAAA,EAAO,OAAA,EAAS,KAAA,EAAO,KAAA,EAAM;AAAA,cAC/B,EAAE,KAAA,EAAO,QAAA,EAAU,KAAA,EAAO,SAAA,EAAU;AAAA,cACpC,GAAG,KAAA,CAAM;AAAA,aACV;AAAA,YACA,KAAA,EAAO;AAAA,WACP,CAAA;AACD,UAAA,IAAI,eAAA,CAAgB,CAAC,CAAA,IAAK,CAAC,KAAK,MAAA,EAAQ;AACvC,YAAA,MAAM,IAAI,KAAA,CAAM,aAAA,EAAe,EAAE,OAAA,EAAS,2BAA2B,CAAA;AAAA,UACtE;AAEA,UAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,UAAA,IAAI,eAAA,CAAgB,CAAC,CAAA,IAAK,IAAA,CAAK,MAAA,EAAQ;AACtC,YAAA,MAAME,WAAAA,GAAa,MAAM,EAAA,CAAG,MAAA,CAAsB;AAAA,cACjD,KAAA,EAAO,YAAA;AAAA,cACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,KAAA,EAAO,eAAA,CAAgB,CAAC,CAAA,CAAE,EAAA,EAAG,EAAG,GAAG,MAAM,KAAK,CAAA;AAAA,cACrE,MAAA,EAAQ;AAAA,gBACP,IAAA,EAAM,KAAA,CAAM,IAAA,CAAK,GAAG,CAAA;AAAA,gBACpB,WAAW,GAAA,GAAM,oBAAA;AAAA,gBACjB,MAAA,EAAQ;AAAA;AACT,aACA,CAAA;AACD,YAAA,OAAO,GAAA,CAAI,KAAKA,WAAU,CAAA;AAAA,UAC3B;AAEA,UAAA,MAAM,UAAA,GAAa,MAAM,EAAA,CAAG,MAAA,CAAsB;AAAA,YACjD,KAAA,EAAO,YAAA;AAAA,YACP,IAAA,EAAM;AAAA,cACL,GAAG,KAAA,CAAM,IAAA;AAAA,cACT,cAAA,EAAgB,KAAA;AAAA,cAChB,KAAA;AAAA,cACA,IAAA,EAAM,KAAA,CAAM,IAAA,CAAK,GAAG,CAAA;AAAA,cACpB,SAAA,EAAW,MAAA;AAAA,cACX,MAAA,EAAQ,SAAA;AAAA,cACR,WAAW,GAAA,GAAM,oBAAA;AAAA,cACjB,SAAA,EAAW;AAAA;AACZ,WACA,CAAA;AACD,UAAA,OAAO,GAAA,CAAI,KAAK,UAAU,CAAA;AAAA,QAC3B;AAAA,OACD;AAAA,MAEA,gBAAA,EAAkBT,kBAAAA;AAAA,QACjB,iCAAA;AAAA,QACA,EAAE,MAAA,EAAQ,MAAA,EAAQ,IAAA,EAAM,wBAAA,EAA0B,gBAAgB,IAAA,EAAK;AAAA,QACvE,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAE,OAAA,EAAS,IAAA,EAAK,GAAI,qBAAqB,GAAG,CAAA;AAClD,UAAA,MAAM,SAAS,IAAA,CAAK,EAAA;AACpB,UAAA,MAAM,QAAQ,OAAA,CAAQ,KAAA;AACtB,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,KAAA,GAAQ,eAAA,CAAgB,GAAA,CAAI,IAA+B,CAAA;AACjE,UAAA,MAAM,UAAA,GAAa,MAAM,EAAA,CAAG,QAAA,CAAwB;AAAA,YACnD,KAAA,EAAO,YAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,KAAA,EAAO,GAAA,CAAI,IAAA,CAAK,YAAA,EAAa,EAAG,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YACrE,KAAA,EAAO;AAAA,WACP,CAAA;AACD,UAAA,MAAM,UAAA,GAAa,WAAW,CAAC,CAAA;AAC/B,UAAA,IAAI,CAAC,cAAc,UAAA,CAAW,MAAA,KAAW,aAAa,UAAA,CAAW,SAAA,GAAY,IAAA,CAAK,GAAA,EAAI,EAAG;AACxF,YAAA,MAAM,IAAI,KAAA,CAAM,aAAA,EAAe,EAAE,OAAA,EAAS,wBAAwB,CAAA;AAAA,UACnE;AAEA,UAAA,IAAI,UAAA,CAAW,KAAA,KAAU,IAAA,CAAK,KAAA,EAAO;AACpC,YAAA,MAAM,GAAA,CAAI,MAAM,WAAA,EAAa;AAAA,cAC5B,OAAA,EAAS;AAAA,aACT,CAAA;AAAA,UACF;AAEA,UAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,UAAA,MAAM,GAAG,MAAA,CAAsB;AAAA,YAC9B,KAAA,EAAO,YAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,KAAA,EAAO,UAAA,CAAW,EAAA,EAAG,EAAG,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YAC7D,MAAA,EAAQ,EAAE,MAAA,EAAQ,UAAA;AAAW,WAC7B,CAAA;AAED,UAAA,MAAM,cAAA,GAAiB,MAAM,EAAA,CAAG,QAAA,CAAoB;AAAA,YACnD,KAAA,EAAO,QAAA;AAAA,YACP,KAAA,EAAO;AAAA,cACN,EAAE,KAAA,EAAO,gBAAA,EAAkB,KAAA,EAAO,WAAW,cAAA,EAAe;AAAA,cAC5D,EAAE,KAAA,EAAO,QAAA,EAAU,KAAA,EAAO,MAAA,EAAO;AAAA,cACjC,GAAG,KAAA,CAAM;AAAA,aACV;AAAA,YACA,KAAA,EAAO;AAAA,WACP,CAAA;AACD,UAAA,MAAM,SACL,cAAA,CAAe,CAAC,CAAA,IACf,MAAM,GAAG,MAAA,CAAkB;AAAA,YAC3B,KAAA,EAAO,QAAA;AAAA,YACP,IAAA,EAAM;AAAA,cACL,GAAG,KAAA,CAAM,IAAA;AAAA,cACT,gBAAgB,UAAA,CAAW,cAAA;AAAA,cAC3B,MAAA;AAAA,cACA,MAAM,UAAA,CAAW,IAAA;AAAA,cACjB,SAAA,EAAW,GAAA;AAAA,cACX,SAAA,EAAW;AAAA;AACZ,WACA,CAAA;AAEF,UAAA,MAAM,+BAAA,CAAgC,EAAA,EAAI,KAAA,EAAO,UAAA,CAAW,cAAc,CAAA;AAC1E,UAAA,OAAO,GAAA,CAAI,IAAA,CAAK,EAAE,UAAA,EAAY,EAAE,GAAG,UAAA,EAAY,MAAA,EAAQ,UAAA,EAAW,EAAG,MAAA,EAAQ,CAAA;AAAA,QAC9E;AAAA,OACD;AAAA,MAEA,gBAAA,EAAkBA,kBAAAA;AAAA,QACjB,iCAAA;AAAA,QACA,EAAE,MAAA,EAAQ,MAAA,EAAQ,IAAA,EAAM,wBAAA,EAA0B,gBAAgB,IAAA,EAAK;AAAA,QACvE,OAAO,GAAA,KAAQ;AAEd,UAAA,MAAM,EAAW,IAAA,EAAK,GAAI,qBAAqB,GAAG,CAAA;AAClD,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,KAAA,GAAQ,eAAA,CAAgB,GAAA,CAAI,IAA+B,CAAA;AACjE,UAAA,MAAM,UAAA,GAAa,MAAM,EAAA,CAAG,QAAA,CAAwB;AAAA,YACnD,KAAA,EAAO,YAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,KAAA,EAAO,GAAA,CAAI,IAAA,CAAK,YAAA,EAAa,EAAG,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YACrE,KAAA,EAAO;AAAA,WACP,CAAA;AACD,UAAA,MAAM,UAAA,GAAa,WAAW,CAAC,CAAA;AAC/B,UAAA,IAAI,CAAC,UAAA,IAAc,UAAA,CAAW,MAAA,KAAW,SAAA,EAAW;AACnD,YAAA,MAAM,IAAI,KAAA,CAAM,aAAA,EAAe,EAAE,OAAA,EAAS,wBAAwB,CAAA;AAAA,UACnE;AAEA,UAAA,IAAI,UAAA,CAAW,KAAA,KAAU,IAAA,CAAK,KAAA,EAAO;AACpC,YAAA,MAAM,GAAA,CAAI,MAAM,WAAA,EAAa;AAAA,cAC5B,OAAA,EAAS;AAAA,aACT,CAAA;AAAA,UACF;AACA,UAAA,MAAM,OAAA,GAAU,MAAM,EAAA,CAAG,MAAA,CAAsB;AAAA,YAC9C,KAAA,EAAO,YAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,KAAA,EAAO,UAAA,CAAW,EAAA,EAAG,EAAG,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YAC7D,MAAA,EAAQ,EAAE,MAAA,EAAQ,UAAA;AAAW,WAC7B,CAAA;AACD,UAAA,OAAO,IAAI,IAAA,CAAK,EAAE,YAAY,OAAA,EAAS,MAAA,EAAQ,MAAM,CAAA;AAAA,QACtD;AAAA,OACD;AAAA,MAEA,gBAAA,EAAkBA,kBAAAA;AAAA,QACjB,iCAAA;AAAA,QACA,EAAE,MAAA,EAAQ,MAAA,EAAQ,IAAA,EAAM,kBAAA,EAAoB,gBAAgB,IAAA,EAAK;AAAA,QACjE,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAE,MAAA,EAAQ,QAAA,EAAS,GAAI,kBAAkB,GAAG,CAAA;AAClD,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,KAAA,GAAQ,eAAA,CAAgB,GAAA,CAAI,IAA+B,CAAA;AACjE,UAAA,MAAM,UAAA,GAAa,MAAM,EAAA,CAAG,QAAA,CAAwB;AAAA,YACnD,KAAA,EAAO,YAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,KAAA,EAAO,GAAA,CAAI,IAAA,CAAK,YAAA,EAAa,EAAG,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YACrE,KAAA,EAAO;AAAA,WACP,CAAA;AACD,UAAA,MAAM,UAAA,GAAa,WAAW,CAAC,CAAA;AAC/B,UAAA,IAAI,CAAC,YAAY,MAAM,GAAA,CAAI,MAAM,aAAA,EAAe,EAAE,OAAA,EAAS,sBAAA,EAAwB,CAAA;AACnF,UAAA,MAAM,6BAAA,CAA8B,KAAK,EAAA,EAAI;AAAA,YAC5C,WAAW,KAAA,CAAM,SAAA;AAAA,YACjB,gBAAgB,UAAA,CAAW,cAAA;AAAA,YAC3B,MAAA;AAAA,YACA,QAAA;AAAA,YACA,YAAY,KAAA,CAAM,KAAA;AAAA,YAClB,UAAA,EAAY;AAAA,WACZ,CAAA;AACD,UAAA,MAAM,OAAA,GAAU,MAAM,EAAA,CAAG,MAAA,CAAsB;AAAA,YAC9C,KAAA,EAAO,YAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,KAAA,EAAO,UAAA,CAAW,EAAA,EAAG,EAAG,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YAC7D,MAAA,EAAQ,EAAE,MAAA,EAAQ,UAAA;AAAW,WAC7B,CAAA;AACD,UAAA,OAAO,GAAA,CAAI,KAAK,OAAO,CAAA;AAAA,QACxB;AAAA,OACD;AAAA,MAEA,aAAA,EAAeA,kBAAAA;AAAA,QACd,8BAAA;AAAA,QACA,EAAE,MAAA,EAAQ,MAAA,EAAQ,IAAA,EAAM,mBAAA,EAAqB,gBAAgB,IAAA,EAAK;AAAA,QAClE,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAE,IAAA,EAAK,GAAI,oBAAA,CAAqB,GAAG,CAAA;AACzC,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,KAAA,GAAQ,eAAA,CAAgB,GAAA,CAAI,IAA+B,CAAA;AACjE,UAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAAwB;AAAA,YAC7C,KAAA,EAAO,YAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,KAAA,EAAO,GAAA,CAAI,IAAA,CAAK,EAAA,EAAG,EAAG,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YAC3D,KAAA,EAAO;AAAA,WACP,CAAA;AACD,UAAA,IAAI,CAAC,IAAA,CAAK,CAAC,CAAA,EAAG,MAAM,GAAA,CAAI,KAAA,CAAM,aAAA,EAAe,EAAE,OAAA,EAAS,sBAAA,EAAwB,CAAA;AAChF,UAAA,MAAM,UAAA,GAAa,KAAK,CAAC,CAAA;AAEzB,UAAA,IAAI,UAAA,CAAW,KAAA,KAAU,IAAA,CAAK,KAAA,EAAO;AACpC,YAAA,MAAM,UAAA,GAAa,MAAM,EAAA,CAAG,QAAA,CAAoB;AAAA,cAC/C,KAAA,EAAO,QAAA;AAAA,cACP,KAAA,EAAO;AAAA,gBACN,EAAE,KAAA,EAAO,gBAAA,EAAkB,KAAA,EAAO,WAAW,cAAA,EAAe;AAAA,gBAC5D,EAAE,KAAA,EAAO,QAAA,EAAU,KAAA,EAAO,KAAK,EAAA,EAAG;AAAA,gBAClC,GAAG,KAAA,CAAM;AAAA,eACV;AAAA,cACA,KAAA,EAAO;AAAA,aACP,CAAA;AACD,YAAA,IAAI,CAAC,UAAA,CAAW,CAAC,CAAA,EAAG;AACnB,cAAA,MAAM,GAAA,CAAI,MAAM,WAAA,EAAa;AAAA,gBAC5B,OAAA,EAAS;AAAA,eACT,CAAA;AAAA,YACF;AAAA,UACD;AACA,UAAA,OAAO,GAAA,CAAI,KAAK,UAAU,CAAA;AAAA,QAC3B;AAAA,OACD;AAAA,MAEA,eAAA,EAAiBA,kBAAAA;AAAA,QAChB,gCAAA;AAAA,QACA,EAAE,MAAA,EAAQ,MAAA,EAAQ,IAAA,EAAM,qBAAA,EAAuB,gBAAgB,IAAA,EAAK;AAAA,QACpE,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAE,MAAA,EAAQ,oBAAA,EAAsB,QAAA,EAAS,GAAI,kBAAkB,GAAG,CAAA;AACxE,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,KAAA,GAAQ,eAAA,CAAgB,GAAA,CAAI,IAA+B,CAAA;AACjE,UAAA,MAAM,KAAA,GAAQ,GAAA,CAAI,IAAA,CAAK,cAAA,IAAkB,oBAAA;AACzC,UAAA,IAAI,CAAC,OAAO,MAAM,GAAA,CAAI,MAAM,aAAA,EAAe,EAAE,OAAA,EAAS,uBAAA,EAAyB,CAAA;AAC/E,UAAA,MAAM,6BAAA,CAA8B,KAAK,EAAA,EAAI;AAAA,YAC5C,WAAW,KAAA,CAAM,SAAA;AAAA,YACjB,cAAA,EAAgB,KAAA;AAAA,YAChB,MAAA;AAAA,YACA,QAAA;AAAA,YACA,YAAY,KAAA,CAAM,KAAA;AAAA,YAClB,UAAA,EAAY;AAAA,WACZ,CAAA;AACD,UAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAAwB;AAAA,YAC7C,KAAA,EAAO,YAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,gBAAA,EAAkB,OAAO,KAAA,EAAM,EAAG,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YACjE,KAAA,EAAO;AAAA,WACP,CAAA;AACD,UAAA,OAAO,IAAI,IAAA,CAAK;AAAA,YACf,IAAA,EAAM,IAAA;AAAA,YACN,YAAA,EAAc,EAAE,MAAA,EAAQ,IAAA,EAAM,OAAO,IAAA;AAAK,WAC1C,CAAA;AAAA,QACF;AAAA,OACD;AAAA,MAEA,mBAAA,EAAqBA,kBAAAA;AAAA,QACpB,qCAAA;AAAA,QACA,EAAE,MAAA,EAAQ,MAAA,EAAQ,IAAA,EAAM,yBAAA,EAA2B,gBAAgB,IAAA,EAAK;AAAA,QACxE,OAAO,GAAA,KAAQ;AAEd,UAAA,MAAM,EAAE,IAAA,EAAK,GAAI,oBAAA,CAAqB,GAAG,CAAA;AACzC,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,KAAA,GAAQ,eAAA,CAAgB,GAAA,CAAI,IAA+B,CAAA;AACjE,UAAA,MAAM,WAAA,GAAc,IAAA,CAAK,KAAA,EAAO,WAAA,EAAY;AAC5C,UAAA,IAAI,CAAC,aAAa,MAAM,GAAA,CAAI,MAAM,aAAA,EAAe,EAAE,OAAA,EAAS,mBAAA,EAAqB,CAAA;AAEjF,UAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAAwB;AAAA,YAC7C,KAAA,EAAO,YAAA;AAAA,YACP,KAAA,EAAO;AAAA,cACN,EAAE,KAAA,EAAO,OAAA,EAAS,KAAA,EAAO,WAAA,EAAY;AAAA,cACrC,EAAE,KAAA,EAAO,QAAA,EAAU,KAAA,EAAO,SAAA,EAAU;AAAA,cACpC,GAAG,KAAA,CAAM;AAAA,aACV;AAAA,YACA,KAAA,EAAO;AAAA,WACP,CAAA;AACD,UAAA,OAAO,GAAA,CAAI,KAAK,IAAI,CAAA;AAAA,QACrB;AAAA,OACD;AAAA,MAEA,WAAA,EAAaA,kBAAAA;AAAA,QACZ,4BAAA;AAAA,QACA,EAAE,MAAA,EAAQ,MAAA,EAAQ,IAAA,EAAM,qBAAA,EAAuB,gBAAgB,IAAA,EAAK;AAAA,QACpE,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAE,MAAA,EAAQ,oBAAA,EAAsB,QAAA,EAAS,GAAI,kBAAkB,GAAG,CAAA;AACxE,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,KAAA,GAAQ,eAAA,CAAgB,GAAA,CAAI,IAA+B,CAAA;AACjE,UAAA,MAAM,KAAA,GAAQ,GAAA,CAAI,IAAA,CAAK,cAAA,IAAkB,oBAAA;AACzC,UAAA,IAAI,CAAC,OAAO,MAAM,GAAA,CAAI,MAAM,aAAA,EAAe,EAAE,OAAA,EAAS,uBAAA,EAAyB,CAAA;AAC/E,UAAA,MAAM,6BAAA,CAA8B,KAAK,EAAA,EAAI;AAAA,YAC5C,WAAW,KAAA,CAAM,SAAA;AAAA,YACjB,cAAA,EAAgB,KAAA;AAAA,YAChB,MAAA;AAAA,YACA,QAAA;AAAA,YACA,YAAY,KAAA,CAAM,KAAA;AAAA,YAClB,UAAA,EAAY;AAAA,WACZ,CAAA;AACD,UAAA,MAAM,OAAA,GAAU,MAAM,EAAA,CAAG,QAAA,CAAoB;AAAA,YAC5C,KAAA,EAAO,QAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,gBAAA,EAAkB,OAAO,KAAA,EAAM,EAAG,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YACjE,KAAA,EAAO;AAAA,WACP,CAAA;AACD,UAAA,OAAO,IAAI,IAAA,CAAK;AAAA,YACf,IAAA,EAAM,OAAA;AAAA,YACN,YAAA,EAAc,EAAE,MAAA,EAAQ,IAAA,EAAM,OAAO,IAAA;AAAK,WAC1C,CAAA;AAAA,QACF;AAAA,OACD;AAAA,MAEA,gBAAA,EAAkBA,kBAAAA;AAAA,QACjB,kCAAA;AAAA,QACA,EAAE,MAAA,EAAQ,MAAA,EAAQ,IAAA,EAAM,sBAAA,EAAwB,gBAAgB,IAAA,EAAK;AAAA,QACrE,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAE,MAAA,EAAQ,oBAAA,EAAsB,QAAA,EAAS,GAAI,kBAAkB,GAAG,CAAA;AACxE,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,KAAA,GAAQ,gBAAgB,IAA+B,CAAA;AAC7D,UAAA,MAAM,KAAA,GAAQ,KAAK,cAAA,IAAkB,oBAAA;AACrC,UAAA,IAAI,CAAC,OAAO,MAAM,GAAA,CAAI,MAAM,aAAA,EAAe,EAAE,OAAA,EAAS,uBAAA,EAAyB,CAAA;AAE/E,UAAA,MAAM,6BAAA,CAA8B,KAAK,EAAA,EAAI;AAAA,YAC5C,WAAW,KAAA,CAAM,SAAA;AAAA,YACjB,cAAA,EAAgB,KAAA;AAAA,YAChB,MAAA;AAAA,YACA,QAAA;AAAA,YACA,YAAY,KAAA,CAAM,KAAA;AAAA,YAClB,UAAA,EAAY;AAAA,WACZ,CAAA;AACD,UAAA,MAAM,KAAA,GAAQ,UAAA,CAAW,IAAA,CAAK,IAAI,CAAA;AAClC,UAAA,IAAI,KAAA,CAAM,IAAA,CAAK,CAAC,CAAA,KAAM,cAAA,CAAe,IAAI,CAAC,CAAA,IAAK,CAAA,KAAMO,sBAAqB,CAAA,EAAG;AAC5E,YAAA,MAAM,IAAI,KAAA,CAAM,aAAA,EAAe,EAAE,OAAA,EAAS,qCAAqC,CAAA;AAAA,UAChF;AACA,UAAA,MAAM,2BAA2B,GAAA,EAAK,EAAA,EAAI,KAAA,CAAM,IAAA,CAAK,WAAW,KAAK,CAAA;AAErE,UAAA,MAAM,gBAAA,GAAmB,IAAA,CAAK,QAAA,IAAY,IAAA,CAAK,gBAAA;AAC/C,UAAA,IAAI,CAAC,gBAAA,EAAkB;AACtB,YAAA,MAAM,IAAI,KAAA,CAAM,aAAA,EAAe,EAAE,OAAA,EAAS,8BAA8B,CAAA;AAAA,UACzE;AAEA,UAAA,IAAI,WAAA,GAA6B;AAAA,YAChC,EAAE,KAAA,EAAO,IAAA,EAAM,KAAA,EAAO,gBAAA,EAAiB;AAAA,YACvC,GAAG,KAAA,CAAM;AAAA,WACV;AACA,UAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAAoB;AAAA,YACzC,KAAA,EAAO,QAAA;AAAA,YACP,KAAA,EAAO,WAAA;AAAA,YACP,KAAA,EAAO;AAAA,WACP,CAAA;AACD,UAAA,IAAI,CAAC,IAAA,CAAK,CAAC,CAAA,EAAG;AACb,YAAA,WAAA,GAAc;AAAA,cACb,EAAE,KAAA,EAAO,gBAAA,EAAkB,KAAA,EAAO,KAAA,EAAM;AAAA,cACxC,EAAE,KAAA,EAAO,QAAA,EAAU,KAAA,EAAO,gBAAA,EAAiB;AAAA,cAC3C,GAAG,KAAA,CAAM;AAAA,aACV;AAAA,UACD;AACA,UAAA,MAAM,UAAA,GAAa,MAAM,EAAA,CAAG,QAAA,CAAoB;AAAA,YAC/C,KAAA,EAAO,QAAA;AAAA,YACP,KAAA,EAAO,WAAA;AAAA,YACP,KAAA,EAAO;AAAA,WACP,CAAA;AACD,UAAA,MAAM,MAAA,GAAS,WAAW,CAAC,CAAA;AAC3B,UAAA,IAAI,CAAC,MAAA,EAAQ;AACZ,YAAA,MAAM,IAAI,KAAA,CAAM,aAAA,EAAe,EAAE,OAAA,EAAS,oBAAoB,CAAA;AAAA,UAC/D;AACA,UAAA,MAAM,mCAAA,CAAoC,KAAK,EAAA,EAAI;AAAA,YAClD,cAAA,EAAgB,KAAA;AAAA,YAChB,YAAY,KAAA,CAAM,KAAA;AAAA,YAClB,MAAA;AAAA,YACA,aAAA,EAAe;AAAA,WACf,CAAA;AAED,UAAA,MAAM,OAAA,GAAU,MAAM,EAAA,CAAG,MAAA,CAAkB;AAAA,YAC1C,KAAA,EAAO,QAAA;AAAA,YACP,KAAA,EAAO,WAAA;AAAA,YACP,MAAA,EAAQ;AAAA,cACP,IAAA,EAAM,KAAA,CAAM,IAAA,CAAK,GAAG,CAAA;AAAA,cACpB,SAAA,EAAW,KAAK,GAAA;AAAI;AACrB,WACA,CAAA;AACD,UAAA,OAAO,GAAA,CAAI,KAAK,OAAO,CAAA;AAAA,QACxB;AAAA,OACD;AAAA,MAEA,YAAA,EAAcP,kBAAAA;AAAA,QACb,6BAAA;AAAA,QACA,EAAE,MAAA,EAAQ,MAAA,EAAQ,IAAA,EAAM,kBAAA,EAAoB,gBAAgB,IAAA,EAAK;AAAA,QACjE,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAE,MAAA,EAAQ,oBAAA,EAAsB,OAAO,QAAA,EAAS,GAAI,kBAAkB,GAAG,CAAA;AAC/E,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,KAAA,GAAQ,gBAAgB,IAA+B,CAAA;AAC7D,UAAA,MAAM,KAAA,GAAQ,KAAK,cAAA,IAAkB,oBAAA;AACrC,UAAA,IAAI,CAAC,OAAO,MAAM,GAAA,CAAI,MAAM,aAAA,EAAe,EAAE,OAAA,EAAS,uBAAA,EAAyB,CAAA;AAE/E,UAAA,MAAM,6BAAA,CAA8B,KAAK,EAAA,EAAI;AAAA,YAC5C,WAAW,KAAA,CAAM,SAAA;AAAA,YACjB,cAAA,EAAgB,KAAA;AAAA,YAChB,MAAA;AAAA,YACA,QAAA;AAAA,YACA,YAAY,KAAA,CAAM,KAAA;AAAA,YAClB,UAAA,EAAY;AAAA,WACZ,CAAA;AAED,UAAA,MAAM,UAAA,GAAa,IAAA,CAAK,eAAA,IAAmB,IAAA,CAAK,gBAAA;AAChD,UAAA,IAAI,CAAC,UAAA,EAAY;AAChB,YAAA,MAAM,IAAI,KAAA,CAAM,aAAA,EAAe,EAAE,OAAA,EAAS,8BAA8B,CAAA;AAAA,UACzE;AAEA,UAAA,IAAI,MAAA,GAA2B,IAAA;AAC/B,UAAA,IAAI,UAAA,CAAW,QAAA,CAAS,GAAG,CAAA,EAAG;AAC7B,YAAA,MAAM,QAAA,GAAW,MAAM,EAAA,CAAG,QAAA,CAAwC;AAAA,cACjE,KAAA,EAAO,MAAA;AAAA,cACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,OAAA,EAAS,KAAA,EAAO,UAAA,CAAW,WAAA,EAAY,EAAE,EAAG,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,cAC3E,KAAA,EAAO;AAAA,aACP,CAAA;AACD,YAAA,IAAI,QAAA,CAAS,CAAC,CAAA,EAAG;AAChB,cAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAAoB;AAAA,gBACzC,KAAA,EAAO,QAAA;AAAA,gBACP,KAAA,EAAO;AAAA,kBACN,EAAE,KAAA,EAAO,gBAAA,EAAkB,KAAA,EAAO,KAAA,EAAM;AAAA,kBACxC,EAAE,KAAA,EAAO,QAAA,EAAU,OAAO,QAAA,CAAS,CAAC,EAAE,EAAA,EAAG;AAAA,kBACzC,GAAG,KAAA,CAAM;AAAA,iBACV;AAAA,gBACA,KAAA,EAAO;AAAA,eACP,CAAA;AACD,cAAA,MAAA,GAAS,IAAA,CAAK,CAAC,CAAA,IAAK,IAAA;AAAA,YACrB;AAAA,UACD,CAAA,MAAO;AACN,YAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAAoB;AAAA,cACzC,KAAA,EAAO,QAAA;AAAA,cACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,OAAO,UAAA,EAAW,EAAG,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,cAC1D,KAAA,EAAO;AAAA,aACP,CAAA;AACD,YAAA,IAAI,IAAA,CAAK,CAAC,CAAA,EAAG;AACZ,cAAA,MAAA,GAAS,KAAK,CAAC,CAAA;AAAA,YAChB,CAAA,MAAA,IAAW,KAAK,gBAAA,EAAkB;AACjC,cAAA,MAAM,UAAA,GAAa,MAAM,EAAA,CAAG,QAAA,CAAoB;AAAA,gBAC/C,KAAA,EAAO,QAAA;AAAA,gBACP,KAAA,EAAO;AAAA,kBACN,EAAE,KAAA,EAAO,gBAAA,EAAkB,KAAA,EAAO,KAAA,EAAM;AAAA,kBACxC,EAAE,KAAA,EAAO,QAAA,EAAU,KAAA,EAAO,KAAK,gBAAA,EAAiB;AAAA,kBAChD,GAAG,KAAA,CAAM;AAAA,iBACV;AAAA,gBACA,KAAA,EAAO;AAAA,eACP,CAAA;AACD,cAAA,MAAA,GAAS,UAAA,CAAW,CAAC,CAAA,IAAK,IAAA;AAAA,YAC3B;AAAA,UACD;AAEA,UAAA,IAAI,CAAC,MAAA,IAAU,MAAA,CAAO,cAAA,KAAmB,KAAA,EAAO;AAC/C,YAAA,MAAM,IAAI,KAAA,CAAM,aAAA,EAAe,EAAE,OAAA,EAAS,oBAAoB,CAAA;AAAA,UAC/D;AACA,UAAA,IAAI,MAAA,CAAO,WAAW,MAAA,EAAQ;AAC7B,YAAA,MAAM,IAAI,KAAA,CAAM,aAAA,EAAe,EAAE,OAAA,EAAS,4CAA4C,CAAA;AAAA,UACvF;AACA,UAAA,MAAM,mCAAA,CAAoC,KAAK,EAAA,EAAI;AAAA,YAClD,cAAA,EAAgB,KAAA;AAAA,YAChB,YAAY,KAAA,CAAM,KAAA;AAAA,YAClB,MAAA;AAAA,YACA,eAAe;AAAC,WAChB,CAAA;AAED,UAAA,MAAM,GAAG,MAAA,CAAO;AAAA,YACf,KAAA,EAAO,QAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,KAAA,EAAO,MAAA,CAAO,EAAA,EAAG,EAAG,GAAG,KAAA,CAAM,KAAK;AAAA,WACzD,CAAA;AACD,UAAA,IAAI,MAAA,CAAO,WAAW,MAAA,EAAQ;AAC7B,YAAA,MAAM,+BAAA,CAAgC,EAAA,EAAI,KAAA,EAAO,IAAI,CAAA;AAAA,UACtD;AACA,UAAA,OAAO,GAAA,CAAI,IAAA,CAAK,EAAE,MAAA,EAAQ,QAAQ,CAAA;AAAA,QACnC;AAAA,OACD;AAAA,MAEA,iBAAA,EAAmBA,kBAAAA;AAAA,QAClB,qBAAA;AAAA,QACA,EAAE,MAAA,EAAQ,MAAA,EAAQ,IAAA,EAAM,oBAAA,EAAsB,gBAAgB,IAAA,EAAK;AAAA,QACnE,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAE,MAAA,EAAQ,KAAA,EAAO,oBAAA,EAAqB,GAAI,kBAAkB,GAAG,CAAA;AACrE,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,KAAA,GAAQ,eAAA,CAAgB,GAAA,CAAI,IAA+B,CAAA;AACjE,UAAA,MAAM,KAAA,GAAQ,GAAA,CAAI,IAAA,CAAK,cAAA,IAAkB,oBAAA;AACzC,UAAA,IAAI,CAAC,OAAO,MAAM,GAAA,CAAI,MAAM,aAAA,EAAe,EAAE,OAAA,EAAS,uBAAA,EAAyB,CAAA;AAE/E,UAAA,MAAM,MAAA,GAAS,MAAM,iBAAA,CAAkB,GAAA,EAAK,IAAI,KAAA,EAAO,MAAA,EAAQ,MAAM,KAAK,CAAA;AAC1E,UAAA,MAAM,mCAAA,CAAoC,KAAK,EAAA,EAAI;AAAA,YAClD,cAAA,EAAgB,KAAA;AAAA,YAChB,YAAY,KAAA,CAAM,KAAA;AAAA,YAClB,MAAA,EAAQ,MAAA;AAAA,YACR,eAAe;AAAC,WAChB,CAAA;AACD,UAAA,MAAM,GAAG,MAAA,CAAO;AAAA,YACf,KAAA,EAAO,QAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,KAAA,EAAO,MAAA,CAAO,EAAA,EAAG,EAAG,GAAG,KAAA,CAAM,KAAK;AAAA,WACzD,CAAA;AACD,UAAA,IAAI,yBAAyB,KAAA,EAAO;AACnC,YAAA,MAAM,+BAAA,CAAgC,EAAA,EAAI,KAAA,EAAO,IAAI,CAAA;AAAA,UACtD;AACA,UAAA,OAAO,GAAA,CAAI,KAAK,MAAM,CAAA;AAAA,QACvB;AAAA,OACD;AAAA,MAEA,kBAAA,EAAoBA,kBAAAA;AAAA,QACnB,sBAAA;AAAA,QACA,EAAE,MAAA,EAAQ,MAAA,EAAQ,IAAA,EAAM,oBAAA,EAAsB,gBAAgB,IAAA,EAAK;AAAA,QACnE,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAE,MAAA,EAAQ,QAAA,EAAS,GAAI,kBAAkB,GAAG,CAAA;AAClD,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,KAAA,GAAQ,eAAA,CAAgB,GAAA,CAAI,IAA+B,CAAA;AACjE,UAAA,MAAM,GAAA,GAAM,MAAM,mBAAA,CAAoB,EAAA,EAAI;AAAA,YACzC,cAAA,EAAgB,IAAI,IAAA,CAAK,cAAA;AAAA,YACzB,gBAAA,EAAkB,IAAI,IAAA,CAAK,gBAAA;AAAA,YAC3B,YAAY,KAAA,CAAM;AAAA,WAClB,CAAA;AACD,UAAA,IAAI,CAAC,KAAK,MAAM,GAAA,CAAI,MAAM,aAAA,EAAe,EAAE,OAAA,EAAS,wBAAA,EAA0B,CAAA;AAC9E,UAAA,MAAM,6BAAA,CAA8B,KAAK,EAAA,EAAI;AAAA,YAC5C,WAAW,KAAA,CAAM,SAAA;AAAA,YACjB,gBAAgB,GAAA,CAAI,EAAA;AAAA,YACpB,MAAA;AAAA,YACA,QAAA;AAAA,YACA,YAAY,KAAA,CAAM,KAAA;AAAA,YAClB,UAAA,EAAY;AAAA,WACZ,CAAA;AAED,UAAA,MAAM,GAAG,MAAA,CAAO;AAAA,YACf,KAAA,EAAO,YAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,gBAAA,EAAkB,KAAA,EAAO,GAAA,CAAI,EAAA,EAAG,EAAG,GAAG,KAAA,CAAM,KAAK;AAAA,WAClE,CAAA;AACD,UAAA,MAAM,GAAG,MAAA,CAAO;AAAA,YACf,KAAA,EAAO,QAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,gBAAA,EAAkB,KAAA,EAAO,GAAA,CAAI,EAAA,EAAG,EAAG,GAAG,KAAA,CAAM,KAAK;AAAA,WAClE,CAAA;AACD,UAAA,MAAM,GAAG,MAAA,CAAO;AAAA,YACf,KAAA,EAAO,cAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,KAAA,EAAO,GAAA,CAAI,EAAA,EAAG,EAAG,GAAG,KAAA,CAAM,KAAK;AAAA,WACtD,CAAA;AACD,UAAA,OAAO,GAAA,CAAI,KAAK,GAAG,CAAA;AAAA,QACpB;AAAA,OACD;AAAA,MAEA,kBAAA,EAAoBA,kBAAAA;AAAA,QACnB,sBAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UACR,IAAA,EAAMF,EACJ,MAAA,CAAO;AAAA,YACP,cAAA,EAAgBA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,YACpC,IAAA,EAAMA,EACJ,MAAA,CAAO;AAAA,cACP,IAAA,EAAMA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,cAC1B,IAAA,EAAMA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,cAC1B,IAAA,EAAMA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,cAC1B,QAAA,EAAUA,CAAAA,CAAE,MAAA,CAAOA,CAAAA,CAAE,MAAA,IAAUA,CAAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA;AAAS,aACrD,EACA,OAAA;AAAQ,WACV,CAAA,CACA,KAAA,CAAM,kBAAkB,CAAA;AAAA,UAC1B,cAAA,EAAgB;AAAA,SACjB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAE,MAAA,EAAQ,oBAAA,EAAsB,QAAA,EAAS,GAAI,kBAAkB,GAAG,CAAA;AACxE,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,KAAA,GAAQ,eAAA,CAAgB,GAAA,CAAI,IAA+B,CAAA;AACjE,UAAA,MAAM,KAAA,GAAQ,GAAA,CAAI,IAAA,CAAK,cAAA,IAAkB,oBAAA;AACzC,UAAA,IAAI,CAAC,OAAO,MAAM,GAAA,CAAI,MAAM,aAAA,EAAe,EAAE,OAAA,EAAS,uBAAA,EAAyB,CAAA;AAE/E,UAAA,MAAM,6BAAA,CAA8B,KAAK,EAAA,EAAI;AAAA,YAC5C,WAAW,KAAA,CAAM,SAAA;AAAA,YACjB,cAAA,EAAgB,KAAA;AAAA,YAChB,MAAA;AAAA,YACA,QAAA;AAAA,YACA,YAAY,KAAA,CAAM,KAAA;AAAA,YAClB,UAAA,EAAY;AAAA,WACZ,CAAA;AACD,UAAA,IAAI,GAAA,CAAI,IAAA,CAAK,IAAA,CAAK,IAAA,EAAM;AACvB,YAAA,MAAM,QAAA,GAAW,MAAM,EAAA,CAAG,QAAA,CAA0B;AAAA,cACnD,KAAA,EAAO,cAAA;AAAA,cACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,MAAA,EAAQ,KAAA,EAAO,GAAA,CAAI,IAAA,CAAK,IAAA,CAAK,IAAA,EAAK,EAAG,GAAG,MAAM,KAAK,CAAA;AAAA,cACpE,KAAA,EAAO;AAAA,aACP,CAAA;AACD,YAAA,IAAI,SAAS,CAAC,CAAA,IAAK,SAAS,CAAC,CAAA,CAAE,OAAO,KAAA,EAAO;AAC5C,cAAA,MAAM,IAAI,KAAA,CAAM,aAAA,EAAe,EAAE,OAAA,EAAS,oCAAoC,CAAA;AAAA,YAC/E;AAAA,UACD;AAEA,UAAA,MAAM,OAAA,GAAU,MAAM,EAAA,CAAG,MAAA,CAAwB;AAAA,YAChD,KAAA,EAAO,cAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,OAAO,KAAA,EAAM,EAAG,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YACrD,MAAA,EAAQ;AAAA,cACP,GAAG,IAAI,IAAA,CAAK,IAAA;AAAA,cACZ,QAAA,EAAU,GAAA,CAAI,IAAA,CAAK,IAAA,CAAK,QAAA,GAAW,IAAA,CAAK,SAAA,CAAU,GAAA,CAAI,IAAA,CAAK,IAAA,CAAK,QAAQ,CAAA,GAAI,MAAA;AAAA,cAC5E,SAAA,EAAW,KAAK,GAAA;AAAI;AACrB,WACA,CAAA;AACD,UAAA,OAAO,GAAA,CAAI,KAAK,OAAO,CAAA;AAAA,QACxB;AAAA,OACD;AAAA,MAEA,qBAAA,EAAuBE,kBAAAA;AAAA,QACtB,0BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UACR,IAAA,EAAMF,CAAAA,CAAE,MAAA,CAAO,EAAE,IAAA,EAAMA,CAAAA,CAAE,MAAA,EAAO,EAAG,CAAA,CAAE,KAAA,CAAM,kBAAkB,CAAA;AAAA,UAC7D,cAAA,EAAgB;AAAA,SACjB;AAAA,QACA,OAAO,GAAA,KAAQ;AAEd,UAAA,oBAAA,CAAqB,GAAG,CAAA;AACxB,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,KAAA,GAAQ,eAAA,CAAgB,GAAA,CAAI,IAA+B,CAAA;AACjE,UAAA,MAAM,QAAA,GAAW,MAAM,EAAA,CAAG,QAAA,CAA0B;AAAA,YACnD,KAAA,EAAO,cAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,MAAA,EAAQ,KAAA,EAAO,GAAA,CAAI,IAAA,CAAK,IAAA,EAAK,EAAG,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YAC/D,KAAA,EAAO;AAAA,WACP,CAAA;AACD,UAAA,IAAI,QAAA,CAAS,CAAC,CAAA,EAAG;AAChB,YAAA,MAAM,IAAI,KAAA,CAAM,aAAA,EAAe,EAAE,OAAA,EAAS,mCAAmC,CAAA;AAAA,UAC9E;AACA,UAAA,OAAO,GAAA,CAAI,IAAA,CAAK,EAAE,MAAA,EAAQ,MAAM,CAAA;AAAA,QACjC;AAAA,OACD;AAAA,MAEA,eAAA,EAAiBE,kBAAAA;AAAA,QAChB,iCAAA;AAAA,QACA,EAAE,MAAA,EAAQ,MAAA,EAAQ,IAAA,EAAM,kBAAA,EAAoB,gBAAgB,IAAA,EAAK;AAAA,QACjE,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAE,MAAA,EAAQ,oBAAA,EAAqB,GAAI,kBAAkB,GAAG,CAAA;AAC9D,UAAA,IAAI,CAAC,oBAAA,EAAsB;AAC1B,YAAA,MAAM,IAAI,KAAA,CAAM,aAAA,EAAe,EAAE,OAAA,EAAS,0BAA0B,CAAA;AAAA,UACrE;AACA,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,KAAA,GAAQ,eAAA,CAAgB,GAAA,CAAI,IAA+B,CAAA;AACjE,UAAA,MAAM,SAAS,MAAM,iBAAA;AAAA,YACpB,GAAA;AAAA,YACA,EAAA;AAAA,YACA,oBAAA;AAAA,YACA,MAAA;AAAA,YACA,KAAA,CAAM;AAAA,WACP;AACA,UAAA,OAAO,GAAA,CAAI,KAAK,MAAM,CAAA;AAAA,QACvB;AAAA,OACD;AAAA,MAEA,mBAAA,EAAqBA,kBAAAA;AAAA,QACpB,sCAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UACR,IAAA,EAAMF,EACJ,MAAA,CAAO;AAAA,YACP,MAAA,EAAQA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,YAC5B,cAAA,EAAgBA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,YACpC,gBAAA,EAAkBA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AAAS,WACtC,CAAA,CACA,KAAA,CAAM,kBAAkB,CAAA;AAAA,UAC1B,cAAA,EAAgB;AAAA,SACjB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,OAAA,GAAU,kBAAkB,GAAG,CAAA;AACrC,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,KAAA,GAAQ,eAAA,CAAgB,GAAA,CAAI,IAA+B,CAAA;AACjE,UAAA,MAAM,GAAA,GAAM,MAAM,mBAAA,CAAoB,EAAA,EAAI;AAAA,YACzC,cAAA,EAAgB,IAAI,IAAA,CAAK,cAAA;AAAA,YACzB,gBAAA,EAAkB,IAAI,IAAA,CAAK,gBAAA;AAAA,YAC3B,sBAAsB,OAAA,CAAQ,oBAAA;AAAA,YAC9B,YAAY,KAAA,CAAM;AAAA,WAClB,CAAA;AACD,UAAA,IAAI,CAAC,KAAK,MAAM,GAAA,CAAI,MAAM,aAAA,EAAe,EAAE,OAAA,EAAS,wBAAA,EAA0B,CAAA;AAE9E,UAAA,MAAM,iBAAA,CAAkB,KAAK,EAAA,EAAI,GAAA,CAAI,IAAI,OAAA,CAAQ,MAAA,EAAQ,MAAM,KAAK,CAAA;AACpE,UAAA,MAAM,YAAA,GAAe,GAAA,CAAI,IAAA,CAAK,MAAA,IAAU,OAAA,CAAQ,MAAA;AAChD,UAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAAoB;AAAA,YACzC,KAAA,EAAO,QAAA;AAAA,YACP,KAAA,EAAO;AAAA,cACN,EAAE,KAAA,EAAO,gBAAA,EAAkB,KAAA,EAAO,IAAI,EAAA,EAAG;AAAA,cACzC,EAAE,KAAA,EAAO,QAAA,EAAU,KAAA,EAAO,YAAA,EAAa;AAAA,cACvC,GAAG,KAAA,CAAM;AAAA,aACV;AAAA,YACA,KAAA,EAAO;AAAA,WACP,CAAA;AACD,UAAA,IAAI,CAAC,IAAA,CAAK,CAAC,CAAA,EAAG,MAAM,GAAA,CAAI,KAAA,CAAM,aAAA,EAAe,EAAE,OAAA,EAAS,kBAAA,EAAoB,CAAA;AAC5E,UAAA,OAAO,GAAA,CAAI,KAAK,EAAE,IAAA,EAAM,KAAK,CAAC,CAAA,CAAE,MAAM,CAAA;AAAA,QACvC;AAAA;AACD;AACD,GACD;AACD;AC1wCA,IAAM,qBAAA,GAAwB,IAAI,EAAA,GAAK,GAAA;AAGvC,IAAM,iBAAA,GAAoB,KAAK,EAAA,GAAK,GAAA;AAGpC,IAAM,cAAA,GAAiB;AAAA,EACtB,KAAA;AAAA,EACA,OAAA;AAAA,EACA,qBAAA;AAAA,EACA,YAAA;AAAA,EACA,aAAA;AAAA,EACA;AACD,CAAA;AAiBA,IAAM,kBAAA,GAAqBA,EACzB,MAAA,CAAO;AAAA;AAAA,EAEP,cAAA,EAAgBA,CAAAA,CAAE,MAAA,EAAO,CAAE,IAAI,CAAC,CAAA;AAAA;AAAA,EAEhC,MAAA,EAAQA,CAAAA,CAAE,IAAA,CAAK,cAAc,CAAA;AAAA;AAAA,EAE7B,WAAWA,CAAAA,CAAE,MAAA,EAAO,CAAE,GAAA,GAAM,QAAA,EAAS;AAAA;AAAA,EAErC,SAAA,EAAWA,CAAAA,CAAE,MAAA,EAAO,CAAE,GAAA,EAAI,CAAE,QAAA,EAAS,CAAE,GAAA,CAAI,IAAI,CAAA,CAAE,QAAA;AAClD,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAQ1B,SAAS,aAAA,GAAwB;AAChC,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,EAAE,CAAA;AAC/B,EAAA,MAAA,CAAO,gBAAgB,KAAK,CAAA;AAC5B,EAAA,OAAO,MAAM,IAAA,CAAK,KAAK,CAAA,CACrB,GAAA,CAAI,CAAC,CAAA,KAAM,CAAA,CAAE,QAAA,CAAS,EAAE,EAAE,QAAA,CAAS,CAAA,EAAG,GAAG,CAAC,CAAA,CAC1C,KAAK,EAAE,CAAA;AACV;AAsBO,SAAS,YAAA,GAAiC;AAChD,EAAA,OAAO;AAAA,IACN,EAAA,EAAI,eAAA;AAAA,IAEJ,MAAA,EAAQ;AAAA,MACP,aAAA,EAAe;AAAA,QACd,MAAA,EAAQ;AAAA,UACP,cAAA,EAAgB;AAAA,YACf,IAAA,EAAM,QAAA;AAAA,YACN,QAAA,EAAU;AAAA,WACX;AAAA,UACA,MAAA,EAAQ;AAAA,YACP,IAAA,EAAM,QAAA;AAAA,YACN,QAAA,EAAU;AAAA,WACX;AAAA,UACA,SAAA,EAAW;AAAA,YACV,IAAA,EAAM,QAAA;AAAA,YACN,QAAA,EAAU;AAAA,WACX;AAAA,UACA,KAAA,EAAO;AAAA,YACN,IAAA,EAAM,QAAA;AAAA,YACN,QAAA,EAAU,IAAA;AAAA,YACV,MAAA,EAAQ;AAAA,WACT;AAAA,UACA,SAAA,EAAW;AAAA,YACV,IAAA,EAAM,QAAA;AAAA,YACN,QAAA,EAAU;AAAA,WACX;AAAA,UACA,SAAA,EAAW;AAAA,YACV,IAAA,EAAM,QAAA;AAAA,YACN,QAAA,EAAU;AAAA,WACX;AAAA,UACA,SAAA,EAAW;AAAA,YACV,IAAA,EAAM,QAAA;AAAA,YACN,QAAA,EAAU;AAAA;AACX;AACD;AACD,KACD;AAAA,IAEA,SAAA,EAAW;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,MAUV,kBAAA,EAAoBE,kBAAAA;AAAA,QACnB,8BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UACR,IAAA,EAAM,kBAAA;AAAA,UACN,cAAA,EAAgB;AAAA,SACjB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,KAAA,GAAQ,gBAAgB,IAA+B,CAAA;AAC7D,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,UAAA,EAAY,eAAA;AAAA,YACZ,WAAW,KAAA,CAAM;AAAA,WACjB,CAAA;AAGD,UAAA,MAAM,OAAA,GAAU,MAAM,EAAA,CAAG,QAAA,CAAS;AAAA,YACjC,KAAA,EAAO,cAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,KAAA,EAAO,IAAA,CAAK,cAAA,EAAe,EAAG,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YACnE,KAAA,EAAO;AAAA,WACP,CAAA;AACD,UAAA,IAAI,OAAA,CAAQ,WAAW,CAAA,EAAG;AACzB,YAAA,MAAM,GAAA,CAAI,MAAM,WAAA,EAAa;AAAA,cAC5B,OAAA,EAAS,CAAA,wBAAA,EAA2B,IAAA,CAAK,cAAc,CAAA;AAAA,aACvD,CAAA;AAAA,UACF;AAEA,UAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,UAAA,MAAM,WAAA,GAAc,KAAK,SAAA,GACtB,IAAA,CAAK,IAAI,IAAA,CAAK,SAAA,GAAY,GAAA,EAAM,iBAAiB,CAAA,GACjD,qBAAA;AACH,UAAA,MAAM,YAAY,GAAA,GAAM,WAAA;AACxB,UAAA,MAAM,QAAQ,aAAA,EAAc;AAE5B,UAAA,MAAM,EAAA,GACL,GAAA,CAAI,OAAA,CAAQ,UAAA,CAAW,EAAE,KAAA,EAAO,eAAA,EAAiB,CAAA,IACjD,MAAM,aAAA,EAAc,CAAE,KAAA,CAAM,CAAA,EAAG,EAAE,CAAC,CAAA,CAAA;AAEnC,UAAA,MAAM,GAAG,MAAA,CAAO;AAAA,YACf,KAAA,EAAO,eAAA;AAAA,YACP,IAAA,EAAM;AAAA,cACL,EAAA;AAAA,cACA,gBAAgB,IAAA,CAAK,cAAA;AAAA,cACrB,QAAQ,IAAA,CAAK,MAAA;AAAA,cACb,SAAA,EAAW,KAAK,SAAA,IAAa,IAAA;AAAA,cAC7B,KAAA;AAAA,cACA,SAAA;AAAA,cACA,SAAA,EAAW,GAAA;AAAA,cACX,GAAG,KAAA,CAAM;AAAA;AACV,WACA,CAAA;AAGD,UAAA,MAAM,OAAA,GAAU,IAAI,OAAA,CAAQ,OAAA;AAC5B,UAAA,MAAM,YAAY,CAAA,EAAG,OAAO,iBAAiB,KAAK,CAAA,QAAA,EAAW,KAAK,MAAM,CAAA,CAAA;AAExE,UAAA,OAAO,IAAI,IAAA,CAAK;AAAA,YACf,IAAA,EAAM,SAAA;AAAA,YACN,SAAA,EAAW,EAAA;AAAA,YACX,QAAQ,IAAA,CAAK,MAAA;AAAA,YACb,gBAAgB,IAAA,CAAK,cAAA;AAAA,YACrB,SAAA,EAAW,IAAI,IAAA,CAAK,SAAS,EAAE,WAAA;AAAY,WAC3C,CAAA;AAAA,QACF;AAAA,OACD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,MAWA,qBAAA,EAAuBA,kBAAAA;AAAA,QACtB,iCAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UACR,IAAA,EAAMF,EAAE,MAAA,CAAO;AAAA,YACd,KAAA,EAAOA,CAAAA,CAAE,MAAA,EAAO,CAAE,IAAI,CAAC;AAAA,WACvB,CAAA;AAAA,UACD,cAAA,EAAgB;AAAA,SACjB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,EAAE,KAAA,EAAM,GAAI,GAAA,CAAI,IAAA;AAEtB,UAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAA2B;AAAA,YAChD,KAAA,EAAO,eAAA;AAAA,YACP,OAAO,CAAC,EAAE,OAAO,OAAA,EAAS,KAAA,EAAO,OAAO,CAAA;AAAA,YACxC,KAAA,EAAO;AAAA,WACP,CAAA;AAED,UAAA,MAAM,OAAA,GAAU,KAAK,CAAC,CAAA;AACtB,UAAA,IAAI,CAAC,OAAA,EAAS;AACb,YAAA,MAAM,GAAA,CAAI,MAAM,WAAA,EAAa;AAAA,cAC5B,OAAA,EAAS;AAAA,aACT,CAAA;AAAA,UACF;AAEA,UAAA,IAAI,OAAA,CAAQ,SAAA,GAAY,IAAA,CAAK,GAAA,EAAI,EAAG;AAEnC,YAAA,MAAM,GAAG,MAAA,CAAO;AAAA,cACf,KAAA,EAAO,eAAA;AAAA,cACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,MAAM,KAAA,EAAO,OAAA,CAAQ,IAAI;AAAA,aAC1C,CAAA;AACD,YAAA,MAAM,GAAA,CAAI,MAAM,cAAA,EAAgB;AAAA,cAC/B,OAAA,EAAS;AAAA,aACT,CAAA;AAAA,UACF;AAEA,UAAA,OAAO,IAAI,IAAA,CAAK;AAAA,YACf,WAAW,OAAA,CAAQ,EAAA;AAAA,YACnB,gBAAgB,OAAA,CAAQ,cAAA;AAAA,YACxB,QAAQ,OAAA,CAAQ,MAAA;AAAA,YAChB,WAAW,OAAA,CAAQ,SAAA;AAAA,YACnB,WAAW,IAAI,IAAA,CAAK,OAAA,CAAQ,SAAS,EAAE,WAAA;AAAY,WACnD,CAAA;AAAA,QACF;AAAA;AACD;AACD,GACD;AACD;ACjQA,IAAM,mBAAA,GAAsBA,EAAE,MAAA,CAAO;AAAA,EACpC,IAAA,EAAMA,EAAE,MAAA,EAAO,CAAE,IAAI,CAAC,CAAA,CAAE,IAAI,GAAG,CAAA;AAAA,EAC/B,IAAA,EAAMA,CAAAA,CACJ,MAAA,EAAO,CACP,GAAA,CAAI,CAAC,CAAA,CACL,GAAA,CAAI,GAAG,CAAA,CACP,KAAA,CAAM,cAAA,EAAgB,kDAAkD,CAAA;AAAA,EAC1E,aAAaA,CAAAA,CAAE,MAAA,GAAS,GAAA,CAAI,GAAG,EAAE,QAAA,EAAS;AAAA,EAC1C,SAASA,CAAAA,CAAE,MAAA,EAAO,CAAE,GAAA,GAAM,QAAA;AAC3B,CAAC,CAAA;AAED,IAAM,mBAAA,GAAsBA,EAAE,MAAA,CAAO;AAAA,EACpC,EAAA,EAAIA,EAAE,MAAA,EAAO;AAAA,EACb,IAAA,EAAMA,CAAAA,CAAE,MAAA,EAAO,CAAE,GAAA,CAAI,CAAC,CAAA,CAAE,GAAA,CAAI,GAAG,CAAA,CAAE,QAAA,EAAS;AAAA,EAC1C,IAAA,EAAMA,CAAAA,CACJ,MAAA,EAAO,CACP,GAAA,CAAI,CAAC,CAAA,CACL,GAAA,CAAI,GAAG,CAAA,CACP,KAAA,CAAM,cAAc,EACpB,QAAA,EAAS;AAAA,EACX,aAAaA,CAAAA,CAAE,MAAA,GAAS,GAAA,CAAI,GAAG,EAAE,QAAA,EAAS;AAAA,EAC1C,SAASA,CAAAA,CAAE,MAAA,EAAO,CAAE,GAAA,GAAM,QAAA;AAC3B,CAAC,CAAA;AAID,IAAMS,sBAAAA,GAAwB,aAAA;AAa9B,IAAMG,qBAAAA,GAAgD;AAAA,EACrD;AAAA,IACC,IAAA,EAAM,mBAAA;AAAA,IACN,IAAA,EAAM,mBAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA;AAAA,IACC,IAAA,EAAM,qBAAA;AAAA,IACN,IAAA,EAAM,qBAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA;AAAA,IACC,IAAA,EAAM,qBAAA;AAAA,IACN,IAAA,EAAM,qBAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA,EAAE,IAAA,EAAM,eAAA,EAAiB,IAAA,EAAM,gBAAA,EAAkB,aAAa,gCAAA,EAAiC;AAAA,EAC/F,EAAE,IAAA,EAAM,aAAA,EAAe,IAAA,EAAM,cAAA,EAAgB,aAAa,4BAAA,EAA6B;AAAA,EACvF;AAAA,IACC,IAAA,EAAM,oBAAA;AAAA,IACN,IAAA,EAAM,oBAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA;AAAA,IACC,IAAA,EAAM,eAAA;AAAA,IACN,IAAA,EAAM,gBAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA,EAAE,IAAA,EAAM,aAAA,EAAe,IAAA,EAAM,cAAA,EAAgB,aAAa,sBAAA,EAAuB;AAAA,EACjF,EAAE,IAAA,EAAM,WAAA,EAAa,IAAA,EAAM,YAAA,EAAc,aAAa,yBAAA,EAA0B;AAAA,EAChF,EAAE,IAAA,EAAM,aAAA,EAAe,IAAA,EAAM,cAAA,EAAgB,aAAa,oBAAA,EAAqB;AAAA,EAC/E,EAAE,IAAA,EAAM,aAAA,EAAe,IAAA,EAAM,cAAA,EAAgB,aAAa,sBAAA,EAAuB;AAAA,EACjF;AAAA,IACC,IAAA,EAAM,mBAAA;AAAA,IACN,IAAA,EAAM,oBAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA;AAAA,IACC,IAAA,EAAM,iBAAA;AAAA,IACN,IAAA,EAAM,kBAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA;AAAA,IACC,IAAA,EAAM,mBAAA;AAAA,IACN,IAAA,EAAM,oBAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA,EAAE,IAAA,EAAM,gBAAA,EAAkB,IAAA,EAAM,iBAAA,EAAmB,aAAa,kBAAA,EAAmB;AAAA,EACnF,EAAE,IAAA,EAAM,cAAA,EAAgB,IAAA,EAAM,eAAA,EAAiB,aAAa,gBAAA,EAAiB;AAAA,EAC7E,EAAE,IAAA,EAAM,gBAAA,EAAkB,IAAA,EAAM,iBAAA,EAAmB,aAAa,kBAAA,EAAmB;AAAA,EACnF;AAAA,IACC,IAAA,EAAM,UAAA;AAAA,IACN,IAAA,EAAM,sBAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA;AAAA,IACC,IAAA,EAAM,YAAA;AAAA,IACN,IAAA,EAAM,wBAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA;AAAA,IACC,IAAA,EAAM,gBAAA;AAAA,IACN,IAAA,EAAM,kBAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA;AAAA,IACC,IAAA,EAAM,kBAAA;AAAA,IACN,IAAA,EAAM,oBAAA;AAAA,IACN,WAAA,EAAa;AAAA,GACd;AAAA,EACA,EAAE,IAAA,EAAM,gBAAA,EAAkB,IAAA,EAAM,kBAAA,EAAoB,aAAa,8BAAA,EAA+B;AAAA,EAChG,EAAE,IAAA,EAAM,cAAA,EAAgB,IAAA,EAAM,gBAAA,EAAkB,aAAa,uBAAA,EAAwB;AAAA,EACrF,EAAE,IAAA,EAAM,gBAAA,EAAkB,IAAA,EAAM,kBAAA,EAAoB,aAAa,mBAAA,EAAoB;AAAA,EACrF,EAAE,IAAA,EAAM,gBAAA,EAAkB,IAAA,EAAM,gBAAA,EAAkB,aAAa,2BAAA,EAA4B;AAAA,EAC3F,EAAE,IAAA,EAAM,iBAAA,EAAmB,IAAA,EAAM,iBAAA,EAAmB,aAAa,yBAAA,EAA0B;AAAA,EAC3F,EAAE,IAAA,EAAM,cAAA,EAAgB,IAAA,EAAM,cAAA,EAAgB,aAAa,uBAAA,EAAwB;AAAA,EACnF,EAAE,IAAA,EAAM,gBAAA,EAAkB,IAAA,EAAM,gBAAA,EAAkB,aAAa,2BAAA;AAChE,CAAA;AAEA,eAAe,qBAAA,CACd,EAAA,EACA,SAAA,EACA,GAAA,EACgB;AAChB,EAAA,MAAM,mBAAA,GAAsB,MAAM,EAAA,CAAG,QAAA,CAAkC;AAAA,IACtE,KAAA,EAAO,sBAAA;AAAA,IACP,OAAO,CAAC,EAAE,OAAO,WAAA,EAAa,KAAA,EAAO,WAAW,CAAA;AAAA,IAChD,KAAA,EAAO;AAAA,GACP,CAAA;AACD,EAAA,MAAM,uBAAA,GAA0B,IAAI,GAAA,CAAI,mBAAA,CAAoB,IAAI,CAACX,EAAAA,KAAMA,EAAAA,CAAE,IAAI,CAAC,CAAA;AAE9E,EAAA,KAAA,MAAW,OAAOW,qBAAAA,EAAsB;AACvC,IAAA,IAAI,uBAAA,CAAwB,GAAA,CAAI,GAAA,CAAI,IAAI,CAAA,EAAG;AAC3C,IAAA,MAAM,GAAG,MAAA,CAAgC;AAAA,MACxC,KAAA,EAAO,sBAAA;AAAA,MACP,IAAA,EAAM;AAAA,QACL,SAAA;AAAA,QACA,MAAM,GAAA,CAAI,IAAA;AAAA,QACV,MAAM,GAAA,CAAI,IAAA;AAAA,QACV,aAAa,GAAA,CAAI,WAAA;AAAA,QACjB,SAAA,EAAW,GAAA;AAAA,QACX,SAAA,EAAW;AAAA;AACZ,KACA,CAAA;AACD,IAAA,uBAAA,CAAwB,GAAA,CAAI,IAAI,IAAI,CAAA;AAAA,EACrC;AAEA,EAAA,MAAM,kBAAA,GAAqB,KAAA,CAAM,IAAA,CAAK,uBAAuB,EAAE,IAAA,EAAK;AACpE,EAAA,MAAM,cAAA,GAAiB,MAAM,EAAA,CAAG,QAAA,CAA4B;AAAA,IAC3D,KAAA,EAAO,gBAAA;AAAA,IACP,KAAA,EAAO;AAAA,MACN,EAAE,KAAA,EAAO,WAAA,EAAa,KAAA,EAAO,SAAA,EAAU;AAAA,MACvC,EAAE,KAAA,EAAO,MAAA,EAAQ,KAAA,EAAOH,sBAAAA;AAAsB,KAC/C;AAAA,IACA,KAAA,EAAO;AAAA,GACP,CAAA;AAED,EAAA,IAAI,eAAe,MAAA,KAAW,CAAA,IAAK,CAAC,cAAA,CAAe,CAAC,CAAA,EAAG;AACtD,IAAA,MAAM,GAAG,MAAA,CAA0B;AAAA,MAClC,KAAA,EAAO,gBAAA;AAAA,MACP,IAAA,EAAM;AAAA,QACL,SAAA;AAAA,QACA,IAAA,EAAM,aAAA;AAAA,QACN,IAAA,EAAMA,sBAAAA;AAAA,QACN,WAAA,EAAa,wDAAA;AAAA,QACb,WAAA,EAAa,IAAA,CAAK,SAAA,CAAU,kBAAkB,CAAA;AAAA,QAC9C,SAAA,EAAW,IAAA;AAAA,QACX,SAAA,EAAW,GAAA;AAAA,QACX,SAAA,EAAW;AAAA;AACZ,KACA,CAAA;AACD,IAAA;AAAA,EACD;AAEA,EAAA,MAAM,UAAA,GAAa,eAAe,CAAC,CAAA;AACnC,EAAA,MAAM,YAAA,GAAe,WAAW,WAAA,GAC5B,IAAA,CAAK,MAAM,UAAA,CAAW,WAAW,IAClC,EAAC;AACJ,EAAA,MAAM,WAAA,GAAc,KAAA,CAAM,IAAA,iBAAK,IAAI,GAAA,CAAI,CAAC,GAAG,YAAA,EAAc,GAAG,kBAAkB,CAAC,CAAC,EAAE,IAAA,EAAK;AACvF,EAAA,MAAM,GAAG,MAAA,CAA0B;AAAA,IAClC,KAAA,EAAO,gBAAA;AAAA,IACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,MAAM,KAAA,EAAO,UAAA,CAAW,IAAI,CAAA;AAAA,IAC7C,MAAA,EAAQ;AAAA,MACP,WAAA,EAAa,IAAA,CAAK,SAAA,CAAU,WAAW,CAAA;AAAA,MACvC,SAAA,EAAW,IAAA;AAAA,MACX,SAAA,EAAW;AAAA;AACZ,GACA,CAAA;AACF;AAEA,eAAe,oBAAA,CAAqB,IAAqB,MAAA,EAAmC;AAC3F,EAAA,IAAI;AACH,IAAA,MAAM,WAAA,GAAc,MAAM,EAAA,CAAG,QAAA,CAA2B;AAAA,MACvD,KAAA,EAAO,QAAA;AAAA,MACP,OAAO,CAAC,EAAE,OAAO,QAAA,EAAU,KAAA,EAAO,QAAQ,CAAA;AAAA,MAC1C,KAAA,EAAO;AAAA,KACP,CAAA;AACD,IAAA,OAAO,KAAA,CAAM,IAAA;AAAA,MACZ,IAAI,GAAA;AAAA,QACH,WAAA,CACE,GAAA,CAAI,CAAC,UAAA,KAAe,UAAA,CAAW,SAAS,CAAA,CACxC,MAAA,CAAO,CAAC,SAAA,KAAmC,OAAO,SAAA,KAAc,QAAQ;AAAA;AAC3E,KACD;AAAA,EACD,CAAA,CAAA,MAAQ;AAGP,IAAA,OAAO,EAAC;AAAA,EACT;AACD;AAEA,SAAS,aAAa,QAAA,EAAsC;AAC3D,EAAA,OAAO,CAAC,GAAG,QAAQ,CAAA,CAAE,IAAA,CAAK,CAAC,CAAA,EAAG,CAAA,KAAM,CAAA,CAAE,SAAA,GAAY,CAAA,CAAE,SAAS,CAAA;AAC9D;AAEA,eAAe,sBAAA,CACd,IACA,IAAA,EACwB;AACxB,EAAA,IAAI,iBAAA,CAAkB,IAAI,CAAA,EAAG;AAC5B,IAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAAqB;AAAA,MAC1C,KAAA,EAAO,SAAA;AAAA,MACP,OAAO,EAAC;AAAA,MACR,KAAA,EAAO,GAAA;AAAA,MACP,MAAA,EAAQ,EAAE,KAAA,EAAO,WAAA,EAAa,WAAW,MAAA;AAAO,KAChD,CAAA;AACD,IAAA,OAAO,IAAA;AAAA,EACR;AAEA,EAAA,MAAM,YAAA,uBAAmB,GAAA,EAAwB;AACjD,EAAA,MAAM,aAAA,GAAgB,MAAM,EAAA,CAAG,QAAA,CAAqB;AAAA,IACnD,KAAA,EAAO,SAAA;AAAA,IACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,WAAW,KAAA,EAAO,IAAA,CAAK,IAAI,CAAA;AAAA,IAC5C,KAAA,EAAO,GAAA;AAAA,IACP,MAAA,EAAQ,EAAE,KAAA,EAAO,WAAA,EAAa,WAAW,MAAA;AAAO,GAChD,CAAA;AACD,EAAA,KAAA,MAAW,WAAW,aAAA,EAAe;AACpC,IAAA,YAAA,CAAa,GAAA,CAAI,OAAA,CAAQ,EAAA,EAAI,OAAO,CAAA;AAAA,EACrC;AAEA,EAAA,MAAM,gBAAA,GAAmB,MAAM,oBAAA,CAAqB,EAAA,EAAI,KAAK,EAAE,CAAA;AAC/D,EAAA,IAAI,gBAAA,CAAiB,SAAS,CAAA,EAAG;AAChC,IAAA,MAAM,cAAA,GAAiB,MAAM,EAAA,CAAG,QAAA,CAAqB;AAAA,MACpD,KAAA,EAAO,SAAA;AAAA,MACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,MAAM,QAAA,EAAU,IAAA,EAAM,KAAA,EAAO,gBAAA,EAAkB,CAAA;AAAA,MAChE,KAAA,EAAO,GAAA;AAAA,MACP,MAAA,EAAQ,EAAE,KAAA,EAAO,WAAA,EAAa,WAAW,MAAA;AAAO,KAChD,CAAA;AACD,IAAA,KAAA,MAAW,WAAW,cAAA,EAAgB;AACrC,MAAA,YAAA,CAAa,GAAA,CAAI,OAAA,CAAQ,EAAA,EAAI,OAAO,CAAA;AAAA,IACrC;AAAA,EACD;AAEA,EAAA,OAAO,aAAa,KAAA,CAAM,IAAA,CAAK,YAAA,CAAa,MAAA,EAAQ,CAAC,CAAA;AACtD;AAEA,eAAe,eAAA,CAAgB,IAAqB,SAAA,EAA+C;AAClG,EAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAAqB;AAAA,IAC1C,KAAA,EAAO,SAAA;AAAA,IACP,OAAO,CAAC,EAAE,OAAO,IAAA,EAAM,KAAA,EAAO,WAAW,CAAA;AAAA,IACzC,KAAA,EAAO;AAAA,GACP,CAAA;AACD,EAAA,OAAO,IAAA,CAAK,CAAC,CAAA,IAAK,IAAA;AACnB;AAEA,eAAe,qBAAA,CACd,GAAA,EACA,EAAA,EACA,OAAA,EACA,IAAA,EACgB;AAChB,EAAA,IAAI,kBAAkB,IAAI,CAAA,IAAK,OAAA,CAAQ,OAAA,KAAY,KAAK,EAAA,EAAI;AAC3D,IAAA;AAAA,EACD;AAEA,EAAA,MAAM,gBAAA,GAAmB,MAAM,oBAAA,CAAqB,EAAA,EAAI,KAAK,EAAE,CAAA;AAC/D,EAAA,IAAI,gBAAA,CAAiB,QAAA,CAAS,OAAA,CAAQ,EAAE,CAAA,EAAG;AAC1C,IAAA;AAAA,EACD;AAEA,EAAA,MAAM,IAAI,KAAA,CAAM,WAAA,EAAa,EAAE,OAAA,EAAS,0CAA0C,CAAA;AACnF;AAEA,SAAS,qBAAA,CAAsB,GAAA,EAAU,OAAA,EAAqB,IAAA,EAAyB;AACtF,EAAA,IAAI,kBAAkB,IAAI,CAAA,IAAK,OAAA,CAAQ,OAAA,KAAY,KAAK,EAAA,EAAI;AAC3D,IAAA;AAAA,EACD;AAEA,EAAA,MAAM,IAAI,KAAA,CAAM,WAAA,EAAa,EAAE,OAAA,EAAS,kDAAkD,CAAA;AAC3F;AAaO,SAAS,cAAA,CAAe,OAAA,GAAiC,EAAC,EAAqB;AACrF,EAAA,MAAM,EAAE,iBAAA,GAAoB,IAAA,EAAM,kBAAA,GAAqB,mBAAkB,GAAI,OAAA;AAE7E,EAAA,OAAO;AAAA,IACN,EAAA,EAAI,iBAAA;AAAA,IAEJ,MAAA,EAAQ;AAAA,MACP,OAAA,EAAS;AAAA,QACR,MAAA,EAAQ;AAAA,UACP,IAAA,EAAM,EAAE,IAAA,EAAM,QAAA,EAAmB,UAAU,IAAA,EAAK;AAAA,UAChD,MAAM,EAAE,IAAA,EAAM,UAAmB,QAAA,EAAU,IAAA,EAAM,QAAQ,IAAA,EAAK;AAAA,UAC9D,WAAA,EAAa,EAAE,IAAA,EAAM,QAAA,EAAmB,UAAU,KAAA,EAAM;AAAA,UACxD,OAAA,EAAS,EAAE,IAAA,EAAM,QAAA,EAAmB,UAAU,KAAA,EAAM;AAAA,UACpD,OAAA,EAAS,EAAE,IAAA,EAAM,QAAA,EAAmB,UAAU,IAAA,EAAK;AAAA,UACnD,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAmB,UAAU,IAAA,EAAK;AAAA,UACrD,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAmB,UAAU,IAAA;AAAK;AACtD;AACD,KACD;AAAA,IAEA,SAAA,EAAW;AAAA;AAAA;AAAA;AAAA;AAAA,MAMV,YAAA,EAAcP,kBAAAA;AAAA,QACb,uBAAA;AAAA,QACA,EAAE,MAAA,EAAQ,MAAA,EAAQ,cAAA,EAAgB,IAAA,EAAK;AAAA,QACvC,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAE,IAAA,EAAK,GAAI,oBAAA,CAAqB,GAAG,CAAA;AACzC,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,QAAA,GAAW,MAAM,sBAAA,CAAuB,EAAA,EAAI,IAAI,CAAA;AACtD,UAAA,OAAO,GAAA,CAAI,IAAA,CAAK,EAAE,QAAA,EAAU,CAAA;AAAA,QAC7B;AAAA,OACD;AAAA;AAAA;AAAA;AAAA,MAKA,UAAA,EAAYA,kBAAAA;AAAA,QACX,sBAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UACR,cAAA,EAAgB,IAAA;AAAA,UAChB,IAAA,EAAMF,EAAE,MAAA,CAAO,EAAE,IAAIA,CAAAA,CAAE,MAAA,IAAU;AAAA,SAClC;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAE,IAAA,EAAK,GAAI,oBAAA,CAAqB,GAAG,CAAA;AACzC,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,UAAU,MAAM,eAAA,CAAgB,EAAA,EAAI,GAAA,CAAI,KAAK,EAAE,CAAA;AACrD,UAAA,IAAI,CAAC,OAAA,EAAS;AACb,YAAA,OAAO,GAAA,CAAI,IAAA,CAAK,EAAE,OAAA,EAAS,MAAM,CAAA;AAAA,UAClC;AAEA,UAAA,MAAM,qBAAA,CAAsB,GAAA,EAAK,EAAA,EAAI,OAAA,EAAS,IAAI,CAAA;AAClD,UAAA,OAAO,GAAA,CAAI,IAAA,CAAK,EAAE,OAAA,EAAS,CAAA;AAAA,QAC5B;AAAA,OACD;AAAA;AAAA;AAAA;AAAA,MAKA,aAAA,EAAeE,kBAAAA;AAAA,QACd,yBAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UACR,cAAA,EAAgB,IAAA;AAAA,UAChB,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAE,IAAA,EAAK,GAAI,oBAAA,CAAqB,GAAG,CAAA;AACzC,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AAGjB,UAAA,MAAM,QAAA,GAAW,MAAM,EAAA,CAAG,QAAA,CAAqB;AAAA,YAC9C,KAAA,EAAO,SAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,QAAQ,KAAA,EAAO,IAAA,CAAK,MAAM;AAAA,WAC3C,CAAA;AACD,UAAA,IAAI,QAAA,CAAS,SAAS,CAAA,EAAG;AACxB,YAAA,OAAO,IAAI,IAAA,CAAK;AAAA,cACf,OAAA,EAAS,KAAA;AAAA,cACT,KAAA,EAAO,CAAA,cAAA,EAAiB,IAAA,CAAK,IAAI,CAAA,gBAAA;AAAA,aACjC,CAAA;AAAA,UACF;AAGA,UAAA,MAAM,SAAS,IAAA,CAAK,EAAA;AACpB,UAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AAErB,UAAA,MAAM,IAAA,GAAgC;AAAA,YACrC,MAAM,IAAA,CAAK,IAAA;AAAA,YACX,MAAM,IAAA,CAAK,IAAA;AAAA,YACX,OAAA,EAAS,MAAA;AAAA,YACT,SAAA,EAAW,GAAA;AAAA,YACX,SAAA,EAAW;AAAA,WACZ;AACA,UAAA,IAAI,IAAA,CAAK,WAAA,EAAa,IAAA,CAAK,WAAA,GAAc,IAAA,CAAK,WAAA;AAC9C,UAAA,IAAI,IAAA,CAAK,OAAA,EAAS,IAAA,CAAK,OAAA,GAAU,IAAA,CAAK,OAAA;AAEtC,UAAA,MAAM,OAAA,GAAU,MAAM,EAAA,CAAG,MAAA,CAAmB;AAAA,YAC3C,KAAA,EAAO,SAAA;AAAA,YACP;AAAA,WACA,CAAA;AAED,UAAA,MAAM,qBAAA,CAAsB,EAAA,EAAI,OAAA,CAAQ,EAAA,EAAI,GAAG,CAAA;AAE/C,UAAA,OAAO,IAAI,IAAA,CAAK,EAAE,OAAA,EAAS,IAAA,EAAM,SAAS,CAAA;AAAA,QAC3C;AAAA,OACD;AAAA;AAAA;AAAA;AAAA,MAKA,aAAA,EAAeA,kBAAAA;AAAA,QACd,yBAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UACR,cAAA,EAAgB,IAAA;AAAA,UAChB,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAE,IAAA,EAAK,GAAI,oBAAA,CAAqB,GAAG,CAAA;AACzC,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,OAAA,GAAU,MAAM,eAAA,CAAgB,EAAA,EAAI,KAAK,EAAE,CAAA;AACjD,UAAA,IAAI,CAAC,OAAA,EAAS;AACb,YAAA,MAAM,IAAI,KAAA,CAAM,aAAA,EAAe,EAAE,OAAA,EAAS,qBAAqB,CAAA;AAAA,UAChE;AACA,UAAA,qBAAA,CAAsB,GAAA,EAAK,SAAS,IAAI,CAAA;AAGxC,UAAA,IAAI,KAAK,IAAA,EAAM;AACd,YAAA,MAAM,QAAA,GAAW,MAAM,EAAA,CAAG,QAAA,CAAqB;AAAA,cAC9C,KAAA,EAAO,SAAA;AAAA,cACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,QAAQ,KAAA,EAAO,IAAA,CAAK,MAAM;AAAA,aAC3C,CAAA;AACD,YAAA,IAAI,QAAA,CAAS,SAAS,CAAA,IAAK,QAAA,CAAS,CAAC,CAAA,CAAG,EAAA,KAAO,KAAK,EAAA,EAAI;AACvD,cAAA,OAAO,IAAI,IAAA,CAAK;AAAA,gBACf,OAAA,EAAS,KAAA;AAAA,gBACT,KAAA,EAAO,CAAA,cAAA,EAAiB,IAAA,CAAK,IAAI,CAAA,gBAAA;AAAA,eACjC,CAAA;AAAA,YACF;AAAA,UACD;AAEA,UAAA,MAAM,MAAA,GAAkC,EAAE,SAAA,EAAW,IAAA,CAAK,KAAI,EAAE;AAChE,UAAA,IAAI,IAAA,CAAK,IAAA,KAAS,MAAA,EAAW,MAAA,CAAO,OAAO,IAAA,CAAK,IAAA;AAChD,UAAA,IAAI,IAAA,CAAK,IAAA,KAAS,MAAA,EAAW,MAAA,CAAO,OAAO,IAAA,CAAK,IAAA;AAChD,UAAA,IAAI,IAAA,CAAK,WAAA,KAAgB,MAAA,EAAW,MAAA,CAAO,cAAc,IAAA,CAAK,WAAA;AAC9D,UAAA,IAAI,IAAA,CAAK,OAAA,KAAY,MAAA,EAAW,MAAA,CAAO,UAAU,IAAA,CAAK,OAAA;AAEtD,UAAA,MAAM,OAAA,GAAU,MAAM,EAAA,CAAG,MAAA,CAAmB;AAAA,YAC3C,KAAA,EAAO,SAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,MAAM,KAAA,EAAO,IAAA,CAAK,IAAI,CAAA;AAAA,YACvC;AAAA,WACA,CAAA;AAED,UAAA,OAAO,IAAI,IAAA,CAAK,EAAE,SAAS,IAAA,EAAM,OAAA,EAAS,SAAS,CAAA;AAAA,QACpD;AAAA,OACD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,MAOA,aAAA,EAAeA,kBAAAA;AAAA,QACd,yBAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UACR,cAAA,EAAgB,IAAA;AAAA,UAChB,IAAA,EAAMF,EAAE,MAAA,CAAO,EAAE,IAAIA,CAAAA,CAAE,MAAA,IAAU;AAAA,SAClC;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAE,IAAA,EAAK,GAAI,oBAAA,CAAqB,GAAG,CAAA;AACzC,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,UAAU,MAAM,eAAA,CAAgB,EAAA,EAAI,GAAA,CAAI,KAAK,EAAE,CAAA;AACrD,UAAA,IAAI,CAAC,OAAA,EAAS;AACb,YAAA,MAAM,IAAI,KAAA,CAAM,aAAA,EAAe,EAAE,OAAA,EAAS,qBAAqB,CAAA;AAAA,UAChE;AACA,UAAA,qBAAA,CAAsB,GAAA,EAAK,SAAS,IAAI,CAAA;AAGxC,UAAA,MAAM,GAAG,MAAA,CAAO;AAAA,YACf,KAAA,EAAO,SAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,MAAM,KAAA,EAAO,GAAA,CAAI,IAAA,CAAK,EAAA,EAAI;AAAA,WAC3C,CAAA;AAED,UAAA,OAAO,GAAA,CAAI,IAAA,CAAK,EAAE,OAAA,EAAS,MAAM,CAAA;AAAA,QAClC;AAAA,OACD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,MASA,oBAAA,EAAsBE,kBAAAA;AAAA,QACrB,iCAAA;AAAA,QACA,EAAE,MAAA,EAAQ,MAAA,EAAQ,cAAA,EAAgB,IAAA,EAAK;AAAA,QACvC,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,EAAE,IAAA,EAAK,GAAI,oBAAA,CAAqB,GAAG,CAAA;AACzC,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AAEvB,UAAA,MAAM,gBAAA,GAAmB,MAAM,EAAA,CAAG,QAAA,CAAqB;AAAA,YACtD,KAAA,EAAO,SAAA;AAAA,YACP,OAAO,EAAC;AAAA,YACR,KAAA,EAAO,GAAA;AAAA,YACP,MAAA,EAAQ,EAAE,KAAA,EAAO,WAAA,EAAa,WAAW,MAAA;AAAO,WAChD,CAAA;AAED,UAAA,IAAI,gBAAA,CAAiB,SAAS,CAAA,EAAG;AAChC,YAAA,MAAM,kBAAA,GAAqB,MAAM,sBAAA,CAAuB,EAAA,EAAI,IAAI,CAAA;AAChE,YAAA,MAAMW,QAAAA,GAAU,kBAAA,CAAmB,CAAC,CAAA,IAAK,IAAA;AACzC,YAAA,IAAIA,QAAAA,EAAS;AACZ,cAAA,MAAM,sBAAsB,EAAA,EAAIA,QAAAA,CAAQ,EAAA,EAAI,IAAA,CAAK,KAAK,CAAA;AAAA,YACvD;AAEA,YAAA,OAAO,IAAI,IAAA,CAAK;AAAA,cACf,OAAA,EAAS,KAAA;AAAA,cACT,OAAA,EAAAA;AAAA,aACA,CAAA;AAAA,UACF;AAEA,UAAA,IAAI,CAAC,iBAAA,EAAmB;AACvB,YAAA,OAAO,IAAI,IAAA,CAAK,EAAE,SAAS,KAAA,EAAO,OAAA,EAAS,MAAM,CAAA;AAAA,UAClD;AAGA,UAAA,MAAM,SAAS,IAAA,CAAK,EAAA;AACpB,UAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AAErB,UAAA,MAAM,OAAA,GAAU,MAAM,EAAA,CAAG,MAAA,CAAmB;AAAA,YAC3C,KAAA,EAAO,SAAA;AAAA,YACP,IAAA,EAAM;AAAA,cACL,IAAA,EAAM,kBAAA;AAAA,cACN,IAAA,EAAM,SAAA;AAAA,cACN,OAAA,EAAS,MAAA;AAAA,cACT,SAAA,EAAW,GAAA;AAAA,cACX,SAAA,EAAW;AAAA;AACZ,WACA,CAAA;AAED,UAAA,MAAM,qBAAA,CAAsB,EAAA,EAAI,OAAA,CAAQ,EAAA,EAAI,GAAG,CAAA;AAE/C,UAAA,OAAO,IAAI,IAAA,CAAK,EAAE,OAAA,EAAS,IAAA,EAAM,SAAS,CAAA;AAAA,QAC3C;AAAA;AACD;AACD,GACD;AACD;;;AC/cA,IAAM,uBAAA,GAA0B,CAAC,UAAA,EAAY,UAAA,EAAY,oBAAoB,iBAAiB,CAAA;AAE9F,IAAM,yBAAA,GAA4B,CAAC,MAAM,CAAA;AA+BlC,SAAS,gBAAA,CAAiB,OAAA,GAAmC,EAAC,EAAqB;AACzF,EAAA,MAAM;AAAA,IACL,OAAA,GAAU,IAAA;AAAA,IACV,cAAA,GAAiB,uBAAA;AAAA,IACjB,gBAAA,GAAmB,yBAAA;AAAA,IACnB,aAAA;AAAA,IACA,cAAA,GAAiB,8BAAA;AAAA,IACjB,aAAA;AAAA,IACA,QAAA,GAAW;AAAA,GACZ,GAAI,OAAA;AAGJ,EAAA,MAAM,SAAA,GAAY,IAAI,GAAA,CAAI,gBAAA,CAAiB,GAAA,CAAI,CAAC,CAAA,KAAM,CAAA,CAAE,WAAA,EAAa,CAAC,CAAA;AAEtE,EAAA,OAAO;AAAA,IACN,EAAA,EAAI,mBAAA;AAAA,IAEJ,SAAA,EAAW,OAAO,OAAA,EAAS,IAAA,KAAS;AAEnC,MAAA,IAAI,CAAC,OAAA,IAAW,CAAC,aAAA,EAAe;AAC/B,QAAA,OAAO,MAAA;AAAA,MACR;AAGA,MAAA,IAAI,CAAC,SAAA,CAAU,GAAA,CAAI,QAAQ,MAAA,CAAO,WAAA,EAAa,CAAA,EAAG;AACjD,QAAA,OAAO,MAAA;AAAA,MACR;AAGA,MAAA,MAAM,GAAA,GAAM,IAAI,GAAA,CAAI,OAAA,CAAQ,GAAG,CAAA;AAC/B,MAAA,MAAM,cAAc,cAAA,CAAe,IAAA;AAAA,QAClC,CAAC,IAAA,KAAS,GAAA,CAAI,QAAA,CAAS,QAAA,CAAS,IAAI,CAAA,IAAK,GAAA,CAAI,QAAA,CAAS,QAAA,CAAS,IAAI;AAAA,OACpE;AAEA,MAAA,IAAI,CAAC,WAAA,EAAa;AACjB,QAAA,OAAO,MAAA;AAAA,MACR;AAGA,MAAA,IAAI;AACH,QAAA,MAAM,MAAA,GAAS,MAAM,aAAA,CAAc,OAAO,CAAA;AAE1C,QAAA,IAAI,OAAO,KAAA,EAAO;AAEjB,UAAA,IAAI,aAAA,EAAe;AAClB,YAAA,IAAI;AACH,cAAA,MAAM,aAAA,CAAc,SAAS,MAAM,CAAA;AAAA,YACpC,CAAA,CAAA,MAAQ;AAAA,YAER;AAAA,UACD;AAGA,UAAA,OAAO;AAAA,YACN,UAAU,IAAI,QAAA;AAAA,cACb,KAAK,SAAA,CAAU;AAAA,gBACd,KAAA,EAAO,cAAA;AAAA,gBACP,GAAI,OAAO,MAAA,GAAS,EAAE,QAAQ,MAAA,CAAO,MAAA,KAAW;AAAC,eACjD,CAAA;AAAA,cACD;AAAA,gBACC,MAAA,EAAQ,GAAA;AAAA,gBACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA;AAAmB;AAC/C;AACD,WACD;AAAA,QACD;AAGA,QAAA,OAAO,KAAA,CAAA;AAAA,MACR,SAAS,KAAA,EAAO;AACf,QAAA,IAAI,QAAA,EAAU;AAEb,UAAA,OAAA,CAAQ,IAAA;AAAA,YACP,gFAAA;AAAA,YACA,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU;AAAA,WAC1C;AACA,UAAA,OAAO,MAAA;AAAA,QACR;AAGA,QAAA,OAAO;AAAA,UACN,UAAU,IAAI,QAAA;AAAA,YACb,IAAA,CAAK,SAAA,CAAU,EAAE,KAAA,EAAO,mDAAmD,CAAA;AAAA,YAC3E;AAAA,cACC,MAAA,EAAQ,GAAA;AAAA,cACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA;AAAmB;AAC/C;AACD,SACD;AAAA,MACD;AAAA,IACD;AAAA,GACD;AACD;AC/GA,IAAM,mBAAA,GAAsBb,EAC1B,MAAA,CAAO;AAAA,EACP,KAAA,EAAOA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC3B,cAAA,EAAgBA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACpC,IAAA,EAAMA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC1B,KAAA,EAAOA,CAAAA,CAAE,MAAA,EAAO,CAAE,GAAA,EAAI,CAAE,QAAA,EAAS,CAAE,GAAA,CAAI,GAAG,CAAA,CAAE,QAAA,EAAS;AAAA,EACrD,MAAA,EAAQA,EAAE,MAAA,EAAO,CAAE,KAAI,CAAE,GAAA,CAAI,CAAC,CAAA,CAAE,QAAA,EAAS;AAAA,EACzC,MAAA,EAAQA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC5B,aAAA,EAAeA,EAAE,IAAA,CAAK,CAAC,OAAO,MAAM,CAAC,EAAE,QAAA,EAAS;AAAA,EAChD,WAAA,EAAaA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACjC,WAAA,EAAaA,EAAE,IAAA,CAAK,CAAC,SAAS,MAAM,CAAC,EAAE,QAAA,EAAS;AAAA,EAChD,cAAA,EAAgBA,EAAE,IAAA,CAAK,CAAC,YAAY,aAAA,EAAe,WAAW,CAAC,CAAA,CAAE,QAAA,EAAS;AAAA,EAC1E,WAAA,EAAaA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACjC,WAAA,EAAaA,CAAAA,CAAE,KAAA,CAAM,CAACA,EAAE,MAAA,EAAO,EAAGA,CAAAA,CAAE,MAAA,IAAUA,CAAAA,CAAE,OAAA,EAAS,CAAC,EAAE,QAAA,EAAS;AAAA,EACrE,cAAA,EAAgBA,CAAAA,CACd,IAAA,CAAK,CAAC,MAAM,IAAA,EAAM,IAAA,EAAM,KAAA,EAAO,IAAA,EAAM,OAAO,UAAA,EAAY,aAAA,EAAe,WAAW,CAAC,EACnF,QAAA,EAAS;AAAA,EACX,MAAA,EAAQA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC5B,KAAA,EAAOA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC3B,KAAA,EAAOA,EAAE,IAAA,CAAK,CAAC,OAAO,MAAM,CAAC,EAAE,QAAA;AAChC,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,oBAAA,GAAuBA,EAAE,MAAA,CAAO;AAAA,EACrC,SAAA,EAAWA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC/B,KAAA,EAAOA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC3B,cAAA,EAAgBA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACpC,IAAA,EAAMA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC1B,KAAA,EAAOA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC3B,MAAA,EAAQA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC5B,MAAA,EAAQA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC5B,aAAA,EAAeA,EAAE,IAAA,CAAK,CAAC,OAAO,MAAM,CAAC,EAAE,QAAA,EAAS;AAAA,EAChD,WAAA,EAAaA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACjC,WAAA,EAAaA,EAAE,IAAA,CAAK,CAAC,SAAS,MAAM,CAAC,EAAE,QAAA,EAAS;AAAA,EAChD,cAAA,EAAgBA,EAAE,IAAA,CAAK,CAAC,YAAY,aAAA,EAAe,WAAW,CAAC,CAAA,CAAE,QAAA,EAAS;AAAA,EAC1E,WAAA,EAAaA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACjC,WAAA,EAAaA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACjC,cAAA,EAAgBA,CAAAA,CACd,IAAA,CAAK,CAAC,MAAM,IAAA,EAAM,IAAA,EAAM,KAAA,EAAO,IAAA,EAAM,OAAO,UAAA,EAAY,aAAA,EAAe,WAAW,CAAC,EACnF,QAAA,EAAS;AAAA,EACX,MAAA,EAAQA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC5B,KAAA,EAAOA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC3B,KAAA,EAAOA,EAAE,IAAA,CAAK,CAAC,OAAO,MAAM,CAAC,EAAE,QAAA;AAChC,CAAC,CAAA;AAED,IAAM,iBAAA,GAAoBA,EACxB,MAAA,CAAO;AAAA,EACP,MAAA,EAAQA,EAAE,MAAA;AACX,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,kBAAA,GAAqBA,EACzB,MAAA,CAAO;AAAA,EACP,EAAA,EAAIA,EAAE,MAAA;AACP,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,oBAAA,GAAuBA,EAC3B,MAAA,CAAO;AAAA,EACP,KAAA,EAAOA,CAAAA,CAAE,MAAA,EAAO,CAAE,KAAA,EAAM;AAAA,EACxB,UAAUA,CAAAA,CAAE,MAAA,GAAS,GAAA,CAAI,CAAC,EAAE,QAAA,EAAS;AAAA,EACrC,IAAA,EAAMA,CAAAA,CAAE,MAAA,EAAO,CAAE,IAAI,CAAC,CAAA;AAAA,EACtB,KAAA,EAAOA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC3B,QAAA,EAAUA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC9B,WAAA,EAAaA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACjC,aAAA,EAAeA,CAAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,EACpC,IAAA,EAAMA,CAAAA,CAAE,KAAA,CAAM,CAACA,EAAE,MAAA,EAAO,EAAGA,CAAAA,CAAE,KAAA,CAAMA,EAAE,MAAA,EAAQ,CAAC,CAAC,EAAE,QAAA,EAAS;AAAA,EAC1D,QAAA,EAAUA,CAAAA,CAAE,MAAA,CAAOA,CAAAA,CAAE,MAAA,IAAUA,CAAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS;AAAA,EACrD,IAAA,EAAMA,CAAAA,CAAE,MAAA,CAAOA,CAAAA,CAAE,MAAA,IAAUA,CAAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA;AACzC,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,oBAAA,GAAuBA,EAC3B,MAAA,CAAO;AAAA,EACP,MAAA,EAAQA,EAAE,MAAA,EAAO;AAAA,EACjB,IAAA,EAAMA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC1B,KAAA,EAAOA,CAAAA,CAAE,KAAA,CAAM,CAACA,CAAAA,CAAE,MAAA,EAAO,EAAGA,CAAAA,CAAE,IAAA,EAAM,CAAC,CAAA,CAAE,QAAA,EAAS;AAAA,EAChD,QAAA,EAAUA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC9B,WAAA,EAAaA,CAAAA,CAAE,KAAA,CAAM,CAACA,CAAAA,CAAE,MAAA,EAAO,EAAGA,CAAAA,CAAE,IAAA,EAAM,CAAC,CAAA,CAAE,QAAA,EAAS;AAAA,EACtD,aAAA,EAAeA,CAAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,EACpC,UAAUA,CAAAA,CAAE,MAAA,GAAS,GAAA,CAAI,CAAC,EAAE,QAAA,EAAS;AAAA,EACrC,IAAA,EAAMA,CAAAA,CAAE,KAAA,CAAM,CAACA,EAAE,MAAA,EAAO,EAAGA,CAAAA,CAAE,KAAA,CAAMA,EAAE,MAAA,EAAQ,CAAC,CAAC,EAAE,QAAA,EAAS;AAAA,EAC1D,QAAA,EAAUA,CAAAA,CAAE,MAAA,CAAOA,CAAAA,CAAE,MAAA,IAAUA,CAAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS;AAAA,EACrD,IAAA,EAAMA,CAAAA,CAAE,MAAA,CAAOA,CAAAA,CAAE,MAAA,IAAUA,CAAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA;AACzC,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,iBAAA,GAAoBA,EACxB,MAAA,CAAO;AAAA,EACP,MAAA,EAAQA,EAAE,MAAA,EAAO;AAAA,EACjB,IAAA,EAAMA,CAAAA,CAAE,KAAA,CAAM,CAACA,CAAAA,CAAE,MAAA,EAAO,EAAGA,CAAAA,CAAE,KAAA,CAAMA,CAAAA,CAAE,MAAA,EAAQ,CAAC,CAAC;AAChD,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,iBAAA,GAAoBA,EACxB,MAAA,CAAO;AAAA,EACP,MAAA,EAAQA,EAAE,MAAA,EAAO;AAAA,EACjB,SAAA,EAAWA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC/B,UAAA,EAAYA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAChC,YAAA,EAAcA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AAC1B,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,uBAAA,GAA0BA,EAC9B,MAAA,CAAO;AAAA,EACP,SAAA,EAAWA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC/B,YAAA,EAAcA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AAC1B,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,4BAAA,GAA+BA,EACnC,MAAA,CAAO;AAAA,EACP,MAAA,EAAQA,EAAE,MAAA;AACX,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,yBAAA,GAA4BA,EAChC,MAAA,CAAO;AAAA,EACP,MAAA,EAAQA,EAAE,MAAA;AACX,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,yBAAA,GAA4BA,EAChC,MAAA,CAAO;AAAA,EACP,MAAA,EAAQA,EAAE,MAAA,EAAO;AAAA,EACjB,WAAA,EAAaA,CAAAA,CAAE,MAAA,EAAO,CAAE,IAAI,CAAC;AAC9B,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,0BAAA,GAA6BA,CAAAA,CAAE,MAAA,CAAOA,CAAAA,CAAE,MAAA,EAAO,EAAGA,CAAAA,CAAE,KAAA,CAAMA,CAAAA,CAAE,MAAA,EAAQ,CAAC,CAAA;AAE3E,IAAM,uBAAA,GAA0BA,EAC9B,MAAA,CAAO;AAAA,EACP,MAAA,EAAQA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC5B,IAAA,EAAMA,CAAAA,CAAE,KAAA,CAAM,CAACA,EAAE,MAAA,EAAO,EAAGA,CAAAA,CAAE,KAAA,CAAMA,EAAE,MAAA,EAAQ,CAAC,CAAC,EAAE,QAAA;AAClD,CAAC,CAAA,CACA,KAAA,CAAM,kBAAkB,CAAA,CACxB,GAAA;AAAA,EACAA,EAAE,KAAA,CAAM;AAAA,IACPA,EAAE,MAAA,CAAO;AAAA,MACR,UAAA,EAAYA,CAAAA,CAAE,KAAA,CAAM,CAACA,CAAAA,CAAE,MAAA,EAAO,CAAE,GAAA,CAAI,CAAC,CAAA,EAAG,0BAA0B,CAAC,CAAA;AAAA,MACnE,WAAA,EAAaA,EAAE,SAAA;AAAU,KACzB,CAAA;AAAA,IACDA,EAAE,MAAA,CAAO;AAAA,MACR,UAAA,EAAYA,EAAE,SAAA,EAAU;AAAA,MACxB,aAAaA,CAAAA,CAAE,KAAA,CAAM,CAACA,CAAAA,CAAE,MAAMA,CAAAA,CAAE,MAAA,EAAO,CAAE,GAAA,CAAI,CAAC,CAAC,CAAA,CAAE,IAAI,CAAC,CAAA,EAAG,0BAA0B,CAAC;AAAA,KACpF;AAAA,GACD;AACF,CAAA;AAED,SAAS,mBAAmB,IAAA,EAAgE;AAC3F,EAAA,MAAM,KAAA,GAAQ,eAAe,IAAI,CAAA;AACjC,EAAA,OAAO,MAAM,MAAA,GAAS,CAAA,GAAI,KAAA,CAAM,IAAA,CAAK,GAAG,CAAA,GAAI,MAAA;AAC7C;AAEO,SAAS,4BAA4B,KAAA,EAAmD;AAC9F,EAAA,IAAI,CAAC,KAAA,EAAO,OAAO,EAAC;AACpB,EAAA,IAAI,OAAO,UAAU,QAAA,EAAU;AAC9B,IAAA,OAAO,MAAM,MAAA,GAAS,CAAA,GAAI,CAAC,KAAK,IAAI,EAAC;AAAA,EACtC;AACA,EAAA,IAAI,KAAA,CAAM,OAAA,CAAQ,KAAK,CAAA,EAAG;AACzB,IAAA,OAAO,KAAA,CAAM,OAAO,CAAC,KAAA,KAA2B,OAAO,KAAA,KAAU,QAAA,IAAY,KAAA,CAAM,MAAA,GAAS,CAAC,CAAA;AAAA,EAC9F;AAEA,EAAA,MAAM,WAAA,uBAAkB,GAAA,EAAY;AACpC,EAAA,KAAA,MAAW,CAAC,QAAA,EAAU,OAAO,KAAK,MAAA,CAAO,OAAA,CAAQ,KAAK,CAAA,EAAG;AACxD,IAAA,IAAI,CAAC,QAAA,IAAY,CAAC,KAAA,CAAM,OAAA,CAAQ,OAAO,CAAA,EAAG;AAC1C,IAAA,KAAA,MAAW,UAAU,OAAA,EAAS;AAC7B,MAAA,IAAI,OAAO,MAAA,KAAW,QAAA,IAAY,MAAA,CAAO,SAAS,CAAA,EAAG;AACpD,QAAA,WAAA,CAAY,GAAA,CAAI,CAAA,EAAG,QAAQ,CAAA,CAAA,EAAI,MAAM,CAAA,CAAE,CAAA;AAAA,MACxC;AAAA,IACD;AAAA,EACD;AAEA,EAAA,OAAO,KAAA,CAAM,KAAK,WAAW,CAAA;AAC9B;AAEO,SAAS,uBAAA,CAAwB,SAAsB,SAAA,EAA8B;AAC3F,EAAA,IAAI,SAAA,CAAU,MAAA,KAAW,CAAA,EAAG,OAAO,KAAA;AACnC,EAAA,IAAI,OAAA,CAAQ,GAAA,CAAI,GAAG,CAAA,EAAG,OAAO,IAAA;AAC7B,EAAA,OAAO,UAAU,KAAA,CAAM,CAAC,eAAe,OAAA,CAAQ,GAAA,CAAI,UAAU,CAAC,CAAA;AAC/D;AAEA,SAAS,0BAA0B,KAAA,EAAyD;AAC3F,EAAA,MAAM,OAAA,GAAmC,EAAE,GAAG,KAAA,EAAM;AAEpD,EAAA,KAAA,MAAW,UAAA,IAAc,CAAC,OAAA,EAAS,QAAQ,CAAA,EAAG;AAC7C,IAAA,MAAM,KAAA,GAAQ,QAAQ,UAAU,CAAA;AAChC,IAAA,IAAI,OAAO,KAAA,KAAU,QAAA,IAAY,KAAA,CAAM,SAAS,CAAA,EAAG;AAClD,MAAA,MAAM,MAAA,GAAS,OAAO,KAAK,CAAA;AAC3B,MAAA,IAAI,MAAA,CAAO,QAAA,CAAS,MAAM,CAAA,EAAG;AAC5B,QAAA,OAAA,CAAQ,UAAU,CAAA,GAAI,MAAA;AAAA,MACvB;AAAA,IACD;AAAA,EACD;AAEA,EAAA,IAAI,OAAO,OAAA,CAAQ,WAAA,KAAgB,QAAA,EAAU;AAC5C,IAAA,IAAI,OAAA,CAAQ,WAAA,KAAgB,MAAA,EAAQ,OAAA,CAAQ,WAAA,GAAc,IAAA;AAAA,SAAA,IACjD,OAAA,CAAQ,WAAA,KAAgB,OAAA,EAAS,OAAA,CAAQ,WAAA,GAAc,KAAA;AAAA,SAAA,IACvD,OAAA,CAAQ,WAAA,CAAY,IAAA,EAAK,KAAM,EAAA,IAAM,MAAA,CAAO,QAAA,CAAS,MAAA,CAAO,OAAA,CAAQ,WAAW,CAAC,CAAA,EAAG;AAC3F,MAAA,OAAA,CAAQ,WAAA,GAAc,MAAA,CAAO,OAAA,CAAQ,WAAW,CAAA;AAAA,IACjD;AAAA,EACD;AAEA,EAAA,OAAO,OAAA;AACR;AAEA,SAAS,gBAAgB,OAAA,EAAqB;AAC7C,EAAA,OAAO;AAAA,IACN,IAAI,OAAA,CAAQ,EAAA;AAAA,IACZ,QAAQ,OAAA,CAAQ,MAAA;AAAA,IAChB,WAAW,OAAA,CAAQ,SAAA;AAAA,IACnB,SAAA,EAAW,QAAQ,SAAA,IAAa,IAAA;AAAA,IAChC,SAAA,EAAW,QAAQ,SAAA,IAAa,IAAA;AAAA,IAChC,oBAAA,EAAsB,QAAQ,oBAAA,IAAwB,IAAA;AAAA,IACtD,cAAA,EAAgB,QAAQ,cAAA,IAAkB,IAAA;AAAA,IAC1C,WAAW,OAAA,CAAQ,SAAA;AAAA,IACnB,WAAW,OAAA,CAAQ,SAAA;AAAA,IACnB,WAAW,OAAA,CAAQ;AAAA,GACpB;AACD;AAEA,SAAS,gBAAgB,OAAA,EAAqB;AAC7C,EAAA,OAAO;AAAA,IACN,IAAI,OAAA,CAAQ,EAAA;AAAA,IACZ,QAAQ,OAAA,CAAQ,MAAA;AAAA,IAChB,WAAW,OAAA,CAAQ,SAAA;AAAA,IACnB,YAAY,OAAA,CAAQ,UAAA;AAAA,IACpB,WAAW,OAAA,CAAQ,SAAA;AAAA,IACnB,WAAW,OAAA,CAAQ,SAAA;AAAA,IACnB,WAAW,OAAA,CAAQ;AAAA,GACpB;AACD;AAEA,SAAS,mBAAmB,SAAA,EAAoB;AAC/C,EAAA,IAAI,CAAC,SAAA,EAAW;AACf,IAAA,OAAO,EAAE,WAAW,MAAA,EAAW,KAAA,EAAO,EAAC,EAAoB,IAAA,EAAM,EAAC,EAA4B;AAAA,EAC/F;AACA,EAAA,OAAO;AAAA,IACN,SAAA;AAAA,IACA,OAAO,CAAC,EAAE,OAAO,WAAA,EAAa,KAAA,EAAO,WAAW,CAAA;AAAA,IAChD,IAAA,EAAM,EAAE,SAAA;AAAU,GACnB;AACD;AAEA,eAAe,YAAA,CAAa,IAAqB,MAAA,EAAyC;AACzF,EAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAAkB;AAAA,IACvC,KAAA,EAAO,MAAA;AAAA,IACP,OAAO,CAAC,EAAE,OAAO,IAAA,EAAM,KAAA,EAAO,QAAQ,CAAA;AAAA,IACtC,KAAA,EAAO;AAAA,GACP,CAAA;AACD,EAAA,OAAO,IAAA,CAAK,CAAC,CAAA,IAAK,IAAA;AACnB;AAEA,eAAe,cAAA,CACd,IACA,MAAA,EAI6B;AAC7B,EAAA,IAAI,OAAO,SAAA,EAAW;AACrB,IAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAAqB;AAAA,MAC1C,KAAA,EAAO,SAAA;AAAA,MACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,MAAM,KAAA,EAAO,MAAA,CAAO,WAAW,CAAA;AAAA,MAChD,KAAA,EAAO;AAAA,KACP,CAAA;AACD,IAAA,IAAI,IAAA,CAAK,CAAC,CAAA,EAAG;AACZ,MAAA,OAAO,KAAK,CAAC,CAAA;AAAA,IACd;AAAA,EACD;AACA,EAAA,IAAI,OAAO,YAAA,EAAc;AACxB,IAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAAqB;AAAA,MAC1C,KAAA,EAAO,SAAA;AAAA,MACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,SAAS,KAAA,EAAO,MAAA,CAAO,cAAc,CAAA;AAAA,MACtD,KAAA,EAAO;AAAA,KACP,CAAA;AACD,IAAA,OAAO,IAAA,CAAK,CAAC,CAAA,IAAK,IAAA;AAAA,EACnB;AACA,EAAA,OAAO,IAAA;AACR;AAEA,eAAe,qBAAA,CACd,GAAA,EACA,EAAA,EACA,IAAA,EACA,UAAA,EACC;AACD,EAAA,MAAM,QAAQ,eAAA,CAAgB,IAAA,EAAM,EAAE,QAAA,EAAU,MAAM,CAAA;AACtD,EAAA,IAAI,CAAC,MAAM,SAAA,EAAW;AACrB,IAAA,kBAAA,CAAmB,GAAG,CAAA;AACtB,IAAA,OAAO,KAAA;AAAA,EACR;AACA,EAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,IACnC,EAAA;AAAA,IACA,UAAA;AAAA,IACA,WAAW,KAAA,CAAM;AAAA,GACjB,CAAA;AACD,EAAA,OAAO,KAAA;AACR;AAEA,eAAe,iBAAA,CACd,GAAA,EACA,EAAA,EACA,MAAA,EAKC;AACD,EAAA,MAAM,IAAA,GAAO,MAAM,YAAA,CAAa,EAAA,EAAI,OAAO,MAAM,CAAA;AACjD,EAAA,IAAI,CAAC,IAAA,EAAM;AACV,IAAA,MAAM,IAAI,KAAA,CAAM,aAAA,EAAe,EAAE,OAAA,EAAS,kBAAkB,CAAA;AAAA,EAC7D;AAEA,EAAA,MAAM,gBAAgB,eAAA,CAAgB,MAAA,CAAO,MAAM,EAAE,QAAA,EAAU,MAAM,CAAA;AACrE,EAAA,IAAI,cAAc,SAAA,IAAa,IAAA,CAAK,aAAa,IAAA,CAAK,SAAA,KAAc,cAAc,SAAA,EAAW;AAC5F,IAAA,MAAM,IAAI,KAAA,CAAM,WAAA,EAAa,EAAE,OAAA,EAAS,iDAAiD,CAAA;AAAA,EAC1F;AAEA,EAAA,MAAM,SAAA,GAAY,aAAA,CAAc,SAAA,IAAa,IAAA,CAAK,SAAA;AAClD,EAAA,IAAI,CAAC,SAAA,EAAW;AACf,IAAA,kBAAA,CAAmB,GAAG,CAAA;AACtB,IAAA,OAAO,EAAE,IAAA,EAAM,KAAA,EAAO,aAAA,EAAc;AAAA,EACrC;AAEA,EAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,IACnC,EAAA;AAAA,IACA,YAAY,MAAA,CAAO,UAAA;AAAA,IACnB;AAAA,GACA,CAAA;AACD,EAAA,OAAO,EAAE,IAAA,EAAM,KAAA,EAAO,kBAAA,CAAmB,SAAS,CAAA,EAAE;AACrD;AAEA,eAAe,oBAAA,CACd,GAAA,EACA,EAAA,EACA,MAAA,EAIC;AACD,EAAA,MAAM,OAAA,GAAU,MAAM,cAAA,CAAe,EAAA,EAAI;AAAA,IACxC,SAAA,EAAW,OAAO,MAAA,CAAO,IAAA,CAAK,cAAc,QAAA,GAAW,MAAA,CAAO,KAAK,SAAA,GAAY,MAAA;AAAA,IAC/E,YAAA,EACC,OAAO,MAAA,CAAO,IAAA,CAAK,iBAAiB,QAAA,GAAW,MAAA,CAAO,KAAK,YAAA,GAAe;AAAA,GAC3E,CAAA;AACD,EAAA,IAAI,CAAC,OAAA,EAAS;AACb,IAAA,MAAM,IAAI,KAAA,CAAM,aAAA,EAAe,EAAE,OAAA,EAAS,qBAAqB,CAAA;AAAA,EAChE;AAEA,EAAA,MAAM,gBAAgB,eAAA,CAAgB,MAAA,CAAO,MAAM,EAAE,QAAA,EAAU,MAAM,CAAA;AACrE,EAAA,IACC,cAAc,SAAA,IACd,OAAA,CAAQ,aACR,OAAA,CAAQ,SAAA,KAAc,cAAc,SAAA,EACnC;AACD,IAAA,MAAM,IAAI,KAAA,CAAM,WAAA,EAAa,EAAE,OAAA,EAAS,oDAAoD,CAAA;AAAA,EAC7F;AAEA,EAAA,MAAM,SAAA,GAAY,aAAA,CAAc,SAAA,IAAa,OAAA,CAAQ,SAAA;AACrD,EAAA,IAAI,CAAC,SAAA,EAAW;AACf,IAAA,kBAAA,CAAmB,GAAG,CAAA;AACtB,IAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,aAAA,EAAc;AAAA,EACxC;AAEA,EAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,IACnC,EAAA;AAAA,IACA,YAAY,MAAA,CAAO,UAAA;AAAA,IACnB;AAAA,GACA,CAAA;AACD,EAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,kBAAA,CAAmB,SAAS,CAAA,EAAE;AACxD;AAEA,eAAe,6BAAA,CACd,GAAA,EACA,EAAA,EACA,IAAA,EACuB;AACvB,EAAA,MAAM,gBAAgB,eAAA,CAAgB,IAAA,EAAM,EAAE,QAAA,EAAU,MAAM,CAAA;AAC9D,EAAA,MAAM,SAAA,GACL,OAAO,IAAA,CAAK,IAAA,KAAS,QAAA,IAAY,KAAA,CAAM,OAAA,CAAQ,IAAA,CAAK,IAAI,CAAA,GAAI,IAAA,CAAK,IAAA,GAAO,MAAA;AAEzE,EAAA,IAAI,SAAA,EAAW;AACd,IAAA,MAAM,SAAA,GAAY,eAAe,SAAS,CAAA;AAC1C,IAAA,IAAI,SAAA,CAAU,WAAW,CAAA,EAAG;AAC3B,MAAA,MAAM,IAAI,KAAA,CAAM,aAAA,EAAe,EAAE,OAAA,EAAS,oBAAoB,CAAA;AAAA,IAC/D;AAEA,IAAA,IAAI,CAAC,cAAc,SAAA,EAAW;AAC7B,MAAA,IAAI,iBAAA,CAAkB,EAAE,IAAA,EAAM,SAAA,CAAU,KAAK,GAAG,CAAA,EAAG,CAAA,EAAG;AACrD,QAAA,uBAAO,IAAI,GAAA,CAAI,CAAC,GAAG,CAAC,CAAA;AAAA,MACrB;AACA,MAAA,MAAM,GAAA,CAAI,MAAM,aAAA,EAAe;AAAA,QAC9B,OAAA,EAAS;AAAA,OACT,CAAA;AAAA,IACF;AAEA,IAAA,OAAO,mBAAmB,EAAA,EAAI;AAAA,MAC7B,WAAW,aAAA,CAAc,SAAA;AAAA,MACzB;AAAA,KACA,CAAA;AAAA,EACF;AAEA,EAAA,MAAM,IAAA,GAAO,qBAAqB,GAAG,CAAA;AACrC,EAAA,MAAM,eAAA,GACL,OAAO,IAAA,CAAK,MAAA,KAAW,QAAA,IAAY,IAAA,CAAK,MAAA,CAAO,MAAA,GAAS,CAAA,GAAI,IAAA,CAAK,MAAA,GAAS,IAAA,CAAK,IAAA,CAAK,EAAA;AACrF,EAAA,MAAM,IAAA,GAAO,MAAM,YAAA,CAAa,EAAA,EAAI,eAAe,CAAA;AACnD,EAAA,IAAI,CAAC,IAAA,EAAM;AACV,IAAA,MAAM,IAAI,KAAA,CAAM,aAAA,EAAe,EAAE,OAAA,EAAS,kBAAkB,CAAA;AAAA,EAC7D;AAEA,EAAA,IAAI,cAAc,SAAA,IAAa,IAAA,CAAK,aAAa,IAAA,CAAK,SAAA,KAAc,cAAc,SAAA,EAAW;AAC5F,IAAA,MAAM,IAAI,KAAA,CAAM,WAAA,EAAa,EAAE,OAAA,EAAS,iDAAiD,CAAA;AAAA,EAC1F;AAEA,EAAA,MAAM,SAAA,GAAY,aAAA,CAAc,SAAA,IAAa,IAAA,CAAK,SAAA;AAClD,EAAA,IAAI,CAAC,SAAA,EAAW;AACf,IAAA,IAAI,iBAAA,CAAkB,IAAI,CAAA,EAAG;AAC5B,MAAA,uBAAO,IAAI,GAAA,CAAI,CAAC,GAAG,CAAC,CAAA;AAAA,IACrB;AACA,IAAA,MAAM,GAAA,CAAI,MAAM,aAAA,EAAe;AAAA,MAC9B,OAAA,EAAS;AAAA,KACT,CAAA;AAAA,EACF;AAEA,EAAA,OAAO,+BAA+B,EAAA,EAAI;AAAA,IACzC,QAAQ,IAAA,CAAK,EAAA;AAAA,IACb;AAAA,GACA,CAAA;AACF;AAEA,eAAe,gCAAA,CACd,GAAA,EACA,EAAA,EACA,MAAA,EAI8B;AAC9B,EAAA,MAAM,IAAA,GAAO,qBAAqB,GAAG,CAAA;AACrC,EAAA,IAAI,IAAA,CAAK,IAAA,CAAK,EAAA,KAAO,MAAA,CAAO,WAAW,EAAA,EAAI;AAC1C,IAAA,MAAM,IAAI,KAAA,CAAM,aAAA,EAAe,EAAE,OAAA,EAAS,0CAA0C,CAAA;AAAA,EACrF;AAEA,EAAA,MAAM,gBAAgB,eAAA,CAAgB,MAAA,CAAO,MAAM,EAAE,QAAA,EAAU,MAAM,CAAA;AACrE,EAAA,IACC,aAAA,CAAc,aACd,MAAA,CAAO,UAAA,CAAW,aAClB,MAAA,CAAO,UAAA,CAAW,SAAA,KAAc,aAAA,CAAc,SAAA,EAC7C;AACD,IAAA,MAAM,IAAI,KAAA,CAAM,WAAA,EAAa,EAAE,OAAA,EAAS,iDAAiD,CAAA;AAAA,EAC1F;AAEA,EAAA,MAAM,SAAA,GAAY,aAAA,CAAc,SAAA,IAAa,MAAA,CAAO,UAAA,CAAW,SAAA;AAC/D,EAAA,IAAI,CAAC,SAAA,EAAW;AACf,IAAA,kBAAA,CAAmB,GAAG,CAAA;AACtB,IAAA,IAAI,iBAAA,CAAkB,MAAA,CAAO,UAAU,CAAA,EAAG;AACzC,MAAA,MAAM,IAAI,KAAA,CAAM,WAAA,EAAa,EAAE,OAAA,EAAS,yCAAyC,CAAA;AAAA,IAClF;AACA,IAAA,OAAO,MAAA;AAAA,EACR;AAEA,EAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,IACnC,EAAA;AAAA,IACA,UAAA,EAAY,kBAAA;AAAA,IACZ;AAAA,GACA,CAAA;AAED,EAAA,MAAM,iBAAA,GAAoB,MAAM,8BAAA,CAA+B,EAAA,EAAI;AAAA,IAClE,MAAA,EAAQ,OAAO,UAAA,CAAW,EAAA;AAAA,IAC1B;AAAA,GACA,CAAA;AACD,EAAA,IAAI,kBAAkB,GAAA,CAAI,GAAG,KAAK,iBAAA,CAAkB,GAAA,CAAI,kBAAkB,CAAA,EAAG;AAC5E,IAAA,MAAM,IAAI,KAAA,CAAM,WAAA,EAAa,EAAE,OAAA,EAAS,yCAAyC,CAAA;AAAA,EAClF;AAEA,EAAA,OAAO,SAAA;AACR;AAEO,SAAS,oBAAA,GAAyC;AAExD,EAAA,MAAM,mBAAA,uBAA0B,GAAA,CAAI;AAAA,IACnC,WAAA;AAAA,IACA,WAAA;AAAA,IACA,OAAA;AAAA,IACA,MAAA;AAAA,IACA,MAAA;AAAA,IACA,eAAA;AAAA,IACA;AAAA,GACA,CAAA;AACD,EAAA,MAAM,qBAAA,uBAA4B,GAAA,CAAI;AAAA,IACrC,OAAA;AAAA,IACA,MAAA;AAAA,IACA,MAAA;AAAA,IACA,eAAA;AAAA,IACA,QAAA;AAAA,IACA,WAAA;AAAA,IACA;AAAA,GACA,CAAA;AAED,EAAA,eAAe,eAAA,CAAgB,KAA4B,OAAA,EAAkC;AAC5F,IAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,IAAA,MAAM,QAAQ,MAAM,qBAAA,CAAsB,GAAA,EAAK,EAAA,EAAI,SAAS,gBAAgB,CAAA;AAC5E,IAAA,MAAM,KAAA,GAAQ,OAAO,OAAA,CAAQ,KAAA,KAAU,QAAA,GAAW,KAAK,GAAA,CAAI,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,GAAI,GAAA;AACjF,IAAA,MAAM,SAAS,OAAO,OAAA,CAAQ,MAAA,KAAW,QAAA,GAAW,QAAQ,MAAA,GAAS,CAAA;AACrE,IAAA,MAAM,gBACL,OAAA,CAAQ,aAAA,KAAkB,SAAS,OAAA,CAAQ,KAAA,KAAU,QAAQ,KAAA,GAAQ,MAAA;AACtE,IAAA,MAAM,SAAA,GACL,OAAO,OAAA,CAAQ,MAAA,KAAW,QAAA,IAAY,QAAQ,MAAA,CAAO,MAAA,GAAS,CAAA,GAC3D,OAAA,CAAQ,MAAA,GACR,WAAA;AACJ,IAAA,MAAM,MAAA,GAAS,mBAAA,CAAoB,GAAA,CAAI,SAAS,IAAI,SAAA,GAAY,WAAA;AAEhE,IAAA,MAAM,KAAA,GAAuB,CAAC,GAAG,KAAA,CAAM,KAAK,CAAA;AAC5C,IAAA,IAAI,OAAO,OAAA,CAAQ,KAAA,KAAU,YAAY,OAAA,CAAQ,KAAA,CAAM,SAAS,CAAA,EAAG;AAClE,MAAA,KAAA,CAAM,IAAA,CAAK,EAAE,KAAA,EAAO,OAAA,EAAS,OAAO,OAAA,CAAQ,KAAA,CAAM,WAAA,EAAY,EAAG,CAAA;AAAA,IAClE;AACA,IAAA,IAAI,OAAO,OAAA,CAAQ,IAAA,KAAS,YAAY,OAAA,CAAQ,IAAA,CAAK,SAAS,CAAA,EAAG;AAChE,MAAA,KAAA,CAAM,KAAK,EAAE,KAAA,EAAO,QAAQ,KAAA,EAAO,OAAA,CAAQ,MAAM,CAAA;AAAA,IAClD;AACA,IAAA,IAAI,OAAO,OAAA,CAAQ,WAAA,KAAgB,YAAY,OAAA,CAAQ,WAAA,CAAY,SAAS,CAAA,EAAG;AAC9E,MAAA,KAAA,CAAM,IAAA,CAAK;AAAA,QACV,KAAA,EACC,QAAQ,WAAA,KAAgB,MAAA,IAAU,QAAQ,WAAA,KAAgB,OAAA,GACvD,QAAQ,WAAA,GACR,OAAA;AAAA,QACJ,QAAA,EACC,OAAA,CAAQ,cAAA,KAAmB,aAAA,IAC3B,OAAA,CAAQ,cAAA,KAAmB,WAAA,IAC3B,OAAA,CAAQ,cAAA,KAAmB,UAAA,GACxB,OAAA,CAAQ,cAAA,GACR,UAAA;AAAA,QACJ,OAAO,OAAA,CAAQ;AAAA,OACf,CAAA;AAAA,IACF;AACA,IAAA,IACC,OAAA,CAAQ,WAAA,KAAgB,MAAA,IACxB,OAAO,OAAA,CAAQ,WAAA,KAAgB,QAAA,IAC/B,qBAAA,CAAsB,GAAA,CAAI,OAAA,CAAQ,WAAW,CAAA,EAC5C;AACD,MAAA,KAAA,CAAM,IAAA,CAAK;AAAA,QACV,OAAO,OAAA,CAAQ,WAAA;AAAA,QACf,QAAA,EACC,OAAA,CAAQ,cAAA,KAAmB,IAAA,IAC3B,OAAA,CAAQ,cAAA,KAAmB,IAAA,IAC3B,OAAA,CAAQ,cAAA,KAAmB,KAAA,IAC3B,OAAA,CAAQ,cAAA,KAAmB,IAAA,IAC3B,QAAQ,cAAA,KAAmB,KAAA,IAC3B,OAAA,CAAQ,cAAA,KAAmB,UAAA,IAC3B,OAAA,CAAQ,cAAA,KAAmB,aAAA,IAC3B,OAAA,CAAQ,cAAA,KAAmB,WAAA,GACxB,OAAA,CAAQ,cAAA,GACR,IAAA;AAAA,QACJ,OAAO,OAAA,CAAQ;AAAA,OACf,CAAA;AAAA,IACF;AAEA,IAAA,IAAI,OAAO,OAAA,CAAQ,cAAA,KAAmB,YAAY,OAAA,CAAQ,cAAA,CAAe,SAAS,CAAA,EAAG;AACpF,MAAA,MAAM,WAAA,GAAc,MAAM,EAAA,CAAG,QAAA,CAA6B;AAAA,QACzD,KAAA,EAAO,QAAA;AAAA,QACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,gBAAA,EAAkB,KAAA,EAAO,OAAA,CAAQ,cAAA,EAAe,EAAG,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,QAClF,KAAA,EAAO;AAAA,OACP,CAAA;AACD,MAAA,MAAM,OAAA,GAAU,KAAA,CAAM,IAAA,CAAK,IAAI,GAAA,CAAI,WAAA,CAAY,GAAA,CAAI,CAAC,UAAA,KAAe,UAAA,CAAW,MAAM,CAAC,CAAC,CAAA;AACtF,MAAA,IAAI,OAAA,CAAQ,WAAW,CAAA,EAAG;AACzB,QAAA,OAAO,GAAA,CAAI,IAAA,CAAK,EAAE,KAAA,EAAO,EAAC,EAAG,IAAA,EAAM,EAAC,EAAG,KAAA,EAAO,CAAA,EAAG,KAAA,EAAO,QAAQ,CAAA;AAAA,MACjE;AACA,MAAA,KAAA,CAAM,IAAA,CAAK,EAAE,KAAA,EAAO,IAAA,EAAM,UAAU,IAAA,EAAM,KAAA,EAAO,SAAS,CAAA;AAAA,IAC3D;AAEA,IAAA,MAAM,KAAA,GAAQ,MAAM,EAAA,CAAG,QAAA,CAAkB;AAAA,MACxC,KAAA,EAAO,MAAA;AAAA,MACP,KAAA;AAAA,MACA,KAAA;AAAA,MACA,MAAA;AAAA,MACA,MAAA,EAAQ,EAAE,KAAA,EAAO,MAAA,EAAQ,WAAW,aAAA;AAAc,KAClD,CAAA;AACD,IAAA,MAAM,KAAA,GAAQ,MAAM,EAAA,CAAG,KAAA,CAAM;AAAA,MAC5B,KAAA,EAAO,MAAA;AAAA,MACP;AAAA,KACA,CAAA;AACD,IAAA,OAAO,IAAI,IAAA,CAAK;AAAA,MACf,KAAA;AAAA,MACA,IAAA,EAAM,KAAA;AAAA,MACN,KAAA;AAAA,MACA,KAAA;AAAA,MACA;AAAA,KACA,CAAA;AAAA,EACF;AAEA,EAAA,OAAO;AAAA,IACN,EAAA,EAAI,wBAAA;AAAA,IACJ,SAAA,EAAW;AAAA,MACV,YAAA,EAAcE,kBAAAA;AAAA,QACb,mBAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,KAAA;AAAA,UACR,KAAA,EAAO,oBAAA;AAAA,UACP,cAAA,EAAgB;AAAA,SACjB;AAAA,QACA,OAAO,GAAA,KACN,eAAA;AAAA,UACC,GAAA;AAAA,UACA,yBAAA,CAA0B,IAAI,KAAgC;AAAA;AAC/D,OACF;AAAA,MAEA,aAAA,EAAeA,kBAAAA;AAAA,QACd,mBAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UACR,IAAA,EAAM,mBAAA;AAAA,UACN,cAAA,EAAgB;AAAA,SACjB;AAAA,QACA,OAAO,GAAA,KACN,eAAA;AAAA,UACC,GAAA;AAAA,UACA,yBAAA,CAA0B,IAAI,IAA+B;AAAA;AAC9D,OACF;AAAA,MAEA,OAAA,EAASA,kBAAAA;AAAA,QACR,iBAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UACR,IAAA,EAAM,iBAAA;AAAA,UACN,cAAA,EAAgB;AAAA,SACjB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,QAAA,GAAW,GAAA;AACjB,UAAA,MAAM,EAAA,GAAK,SAAS,OAAA,CAAQ,OAAA;AAC5B,UAAA,MAAM,EAAE,IAAA,EAAK,GAAI,MAAM,iBAAA,CAAkB,UAAU,EAAA,EAAI;AAAA,YACtD,MAAA,EAAQ,IAAI,IAAA,CAAK,MAAA;AAAA,YACjB,MAAM,GAAA,CAAI,IAAA;AAAA,YACV,UAAA,EAAY;AAAA,WACZ,CAAA;AACD,UAAA,OAAO,QAAA,CAAS,KAAK,IAAI,CAAA;AAAA,QAC1B;AAAA,OACD;AAAA,MAEA,UAAA,EAAYA,kBAAAA;AAAA,QACX,iBAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,KAAA;AAAA,UACR,KAAA,EAAO,kBAAA;AAAA,UACP,cAAA,EAAgB;AAAA,SACjB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,QAAA,GAAW,GAAA;AACjB,UAAA,MAAM,EAAA,GAAK,SAAS,OAAA,CAAQ,OAAA;AAC5B,UAAA,MAAM,EAAE,IAAA,EAAK,GAAI,MAAM,iBAAA,CAAkB,UAAU,EAAA,EAAI;AAAA,YACtD,MAAA,EAAQ,IAAI,KAAA,CAAM,EAAA;AAAA,YAClB,MAAM,GAAA,CAAI,KAAA;AAAA,YACV,UAAA,EAAY;AAAA,WACZ,CAAA;AACD,UAAA,OAAO,QAAA,CAAS,KAAK,IAAI,CAAA;AAAA,QAC1B;AAAA,OACD;AAAA,MAEA,UAAA,EAAYA,kBAAAA;AAAA,QACX,oBAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UACR,IAAA,EAAM,oBAAA;AAAA,UACN,cAAA,EAAgB;AAAA,SACjB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,QAAA,GAAW,GAAA;AACjB,UAAA,MAAM,EAAA,GAAK,SAAS,OAAA,CAAQ,OAAA;AAC5B,UAAA,MAAM,QAAQ,eAAA,CAAgB,GAAA,CAAI,MAAM,EAAE,QAAA,EAAU,MAAM,CAAA;AAC1D,UAAA,IAAI,MAAM,SAAA,EAAW;AACpB,YAAA,MAAM,yBAAyB,QAAA,EAAU;AAAA,cACxC,EAAA;AAAA,cACA,UAAA,EAAY,kBAAA;AAAA,cACZ,WAAW,KAAA,CAAM;AAAA,aACjB,CAAA;AAAA,UACF,CAAA,MAAO;AACN,YAAA,kBAAA,CAAmB,QAAQ,CAAA;AAAA,UAC5B;AAEA,UAAA,MAAM,QAAA,GAAW,MAAM,EAAA,CAAG,QAAA,CAAkB;AAAA,YAC3C,KAAA,EAAO,MAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,SAAS,KAAA,EAAO,GAAA,CAAI,IAAA,CAAK,KAAA,CAAM,WAAA,EAAY,EAAE,EAAG,GAAG,MAAM,KAAK,CAAA;AAAA,YAC/E,KAAA,EAAO;AAAA,WACP,CAAA;AACD,UAAA,IAAI,QAAA,CAAS,CAAC,CAAA,EAAG;AAChB,YAAA,MAAM,SAAS,KAAA,CAAM,aAAA,EAAe,EAAE,OAAA,EAAS,uBAAuB,CAAA;AAAA,UACvE;AAEA,UAAA,MAAM,IAAA,GAAO,kBAAA,CAAmB,GAAA,CAAI,IAAA,CAAK,IAAI,CAAA,IAAK,MAAA;AAClD,UAAA,MAAM,SAAA,GACL,OAAO,GAAA,CAAI,IAAA,CAAK,IAAA,KAAS,QAAA,IAAY,GAAA,CAAI,IAAA,CAAK,IAAA,KAAS,IAAA,GACnD,GAAA,CAAI,IAAA,CAAK,OACV,EAAC;AACL,UAAA,MAAM,eAAA,GAAkB,SAAS,OAAA,CAAQ,eAAA;AACzC,UAAA,MAAM,IAAA,GAAO,MAAM,eAAA,CAAgB,UAAA,CAAW;AAAA,YAC7C,GAAG,SAAA;AAAA,YACH,GAAI,MAAM,SAAA,GAAY,EAAE,WAAW,KAAA,CAAM,SAAA,KAAc,EAAC;AAAA,YACxD,KAAA,EAAO,GAAA,CAAI,IAAA,CAAK,KAAA,CAAM,WAAA,EAAY;AAAA,YAClC,IAAA,EAAM,IAAI,IAAA,CAAK,IAAA;AAAA,YACf,IAAA;AAAA,YACA,KAAA,EACC,IAAI,IAAA,CAAK,KAAA,KAAU,OAAO,SAAA,CAAU,KAAA,KAAU,QAAA,GAAW,SAAA,CAAU,KAAA,GAAQ,MAAA,CAAA;AAAA,YAC5E,QAAA,EACC,IAAI,IAAA,CAAK,QAAA,KACR,OAAO,SAAA,CAAU,QAAA,KAAa,QAAA,GAAW,SAAA,CAAU,QAAA,GAAW,MAAA,CAAA;AAAA,YAChE,WAAA,EACC,IAAI,IAAA,CAAK,WAAA,KACR,OAAO,SAAA,CAAU,WAAA,KAAgB,QAAA,GAAW,SAAA,CAAU,WAAA,GAAc,MAAA,CAAA;AAAA,YACtE,aAAA,EACC,IAAI,IAAA,CAAK,aAAA,KACR,OAAO,SAAA,CAAU,aAAA,KAAkB,SAAA,GAAY,SAAA,CAAU,aAAA,GAAgB,KAAA,CAAA;AAAA,YAC3E,QAAA,EAAU,GAAA,CAAI,IAAA,CAAK,QAAA,IAAY,SAAA,CAAU;AAAA,WACzC,CAAA;AACD,UAAA,IAAI,CAAC,IAAA,EAAM;AACV,YAAA,MAAM,SAAS,KAAA,CAAM,aAAA,EAAe,EAAE,OAAA,EAAS,yBAAyB,CAAA;AAAA,UACzE;AAEA,UAAA,IAAI,GAAA,CAAI,KAAK,QAAA,EAAU;AACtB,YAAA,MAAM,cAAA,GAAiB,MAAM,QAAA,CAAS,OAAA,CAAQ,SAAS,IAAA,CAAK,GAAA,CAAI,KAAK,QAAQ,CAAA;AAC7E,YAAA,MAAM,gBAAgB,WAAA,CAAY;AAAA,cACjC,WAAW,IAAA,CAAK,EAAA;AAAA,cAChB,UAAA,EAAY,YAAA;AAAA,cACZ,QAAA,EAAU,cAAA;AAAA,cACV,QAAQ,IAAA,CAAK,EAAA;AAAA,cACb,WAAW,KAAA,CAAM;AAAA,aACjB,CAAA;AAAA,UACF;AAEA,UAAA,OAAO,QAAA,CAAS,IAAA,CAAK,EAAE,IAAA,EAAM,CAAA;AAAA,QAC9B;AAAA,OACD;AAAA,MAEA,UAAA,EAAYA,kBAAAA;AAAA,QACX,oBAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UACR,IAAA,EAAM,oBAAA;AAAA,UACN,cAAA,EAAgB;AAAA,SACjB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,QAAA,GAAW,GAAA;AACjB,UAAA,MAAM,EAAA,GAAK,SAAS,OAAA,CAAQ,OAAA;AAC5B,UAAA,MAAM,EAAE,IAAA,EAAM,KAAA,KAAU,MAAM,iBAAA,CAAkB,UAAU,EAAA,EAAI;AAAA,YAC7D,MAAA,EAAQ,IAAI,IAAA,CAAK,MAAA;AAAA,YACjB,MAAM,GAAA,CAAI,IAAA;AAAA,YACV,UAAA,EAAY;AAAA,WACZ,CAAA;AACD,UAAA,MAAM,YACL,OAAO,GAAA,CAAI,IAAA,CAAK,IAAA,KAAS,YAAY,GAAA,CAAI,IAAA,CAAK,IAAA,KAAS,IAAA,GACpD,EAAE,GAAI,GAAA,CAAI,IAAA,CAAK,IAAA,KACf,EAAC;AACL,UAAA,MAAM,MAAA,GAAkC,EAAE,GAAG,SAAA,EAAU;AACvD,UAAA,IAAI,IAAI,IAAA,CAAK,IAAA,KAAS,QAAW,MAAA,CAAO,IAAA,GAAO,IAAI,IAAA,CAAK,IAAA;AACxD,UAAA,IAAI,IAAI,IAAA,CAAK,KAAA,KAAU,MAAA,IAAa,GAAA,CAAI,KAAK,KAAA,KAAU,IAAA;AACtD,YAAA,MAAA,CAAO,KAAA,GAAQ,IAAI,IAAA,CAAK,KAAA;AACzB,UAAA,IAAI,IAAI,IAAA,CAAK,QAAA,KAAa,QAAW,MAAA,CAAO,QAAA,GAAW,IAAI,IAAA,CAAK,QAAA;AAChE,UAAA,IAAI,IAAI,IAAA,CAAK,WAAA,KAAgB,MAAA,IAAa,GAAA,CAAI,KAAK,WAAA,KAAgB,IAAA;AAClE,YAAA,MAAA,CAAO,WAAA,GAAc,IAAI,IAAA,CAAK,WAAA;AAC/B,UAAA,IAAI,IAAI,IAAA,CAAK,aAAA,KAAkB,QAAW,MAAA,CAAO,aAAA,GAAgB,IAAI,IAAA,CAAK,aAAA;AAC1E,UAAA,IAAI,IAAI,IAAA,CAAK,QAAA,KAAa,QAAW,MAAA,CAAO,QAAA,GAAW,IAAI,IAAA,CAAK,QAAA;AAChE,UAAA,MAAM,YACL,GAAA,CAAI,IAAA,CAAK,SAAS,MAAA,GACf,GAAA,CAAI,KAAK,IAAA,GACT,OAAO,SAAA,CAAU,IAAA,KAAS,YAAY,KAAA,CAAM,OAAA,CAAQ,UAAU,IAAI,CAAA,GACjE,UAAU,IAAA,GACV,MAAA;AACL,UAAA,IAAI,cAAc,MAAA,EAAW;AAC5B,YAAA,MAAA,CAAO,IAAA,GAAO,mBAAmB,SAAS,CAAA;AAAA,UAC3C;AACA,UAAA,IAAI,KAAA,CAAM,SAAA,IAAa,CAAC,IAAA,CAAK,SAAA,EAAW;AACvC,YAAA,MAAA,CAAO,YAAY,KAAA,CAAM,SAAA;AAAA,UAC1B;AAEA,UAAA,MAAM,WAAA,GAAc,MAAA,CAAO,IAAA,CAAK,MAAM,EAAE,MAAA,GACrC,MAAM,QAAA,CAAS,OAAA,CAAQ,gBAAgB,UAAA,CAAW,GAAA,CAAI,IAAA,CAAK,MAAA,EAAQ,MAAM,CAAA,GACzE,IAAA;AAEH,UAAA,IAAI,GAAA,CAAI,KAAK,QAAA,EAAU;AACtB,YAAA,MAAM,cAAA,GAAiB,MAAM,QAAA,CAAS,OAAA,CAAQ,SAAS,IAAA,CAAK,GAAA,CAAI,KAAK,QAAQ,CAAA;AAC7E,YAAA,MAAM,SAAS,OAAA,CAAQ,eAAA,CAAgB,eAAe,GAAA,CAAI,IAAA,CAAK,QAAQ,cAAc,CAAA;AAAA,UACtF;AAEA,UAAA,OAAO,QAAA,CAAS,KAAK,WAAW,CAAA;AAAA,QACjC;AAAA,OACD;AAAA,MAEA,UAAA,EAAYA,kBAAAA;AAAA,QACX,oBAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UACR,IAAA,EAAM,iBAAA;AAAA,UACN,cAAA,EAAgB;AAAA,SACjB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,QAAA,GAAW,GAAA;AACjB,UAAA,MAAM,EAAA,GAAK,SAAS,OAAA,CAAQ,OAAA;AAC5B,UAAA,MAAM,IAAA,GAAO,qBAAqB,QAAQ,CAAA;AAC1C,UAAA,IAAI,IAAA,CAAK,IAAA,CAAK,EAAA,KAAO,GAAA,CAAI,KAAK,MAAA,EAAQ;AACrC,YAAA,MAAM,SAAS,KAAA,CAAM,aAAA,EAAe,EAAE,OAAA,EAAS,mCAAmC,CAAA;AAAA,UACnF;AACA,UAAA,MAAM,iBAAA,CAAkB,UAAU,EAAA,EAAI;AAAA,YACrC,MAAA,EAAQ,IAAI,IAAA,CAAK,MAAA;AAAA,YACjB,MAAM,GAAA,CAAI,IAAA;AAAA,YACV,UAAA,EAAY;AAAA,WACZ,CAAA;AACD,UAAA,MAAM,SAAS,OAAA,CAAQ,eAAA,CAAgB,UAAA,CAAW,GAAA,CAAI,KAAK,MAAM,CAAA;AACjE,UAAA,OAAO,QAAA,CAAS,IAAA,CAAK,EAAE,OAAA,EAAS,MAAM,CAAA;AAAA,QACvC;AAAA,OACD;AAAA,MAEA,OAAA,EAASA,kBAAAA;AAAA,QACR,iBAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UACR,IAAA,EAAM,iBAAA;AAAA,UACN,cAAA,EAAgB;AAAA,SACjB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,QAAA,GAAW,GAAA;AACjB,UAAA,MAAM,EAAA,GAAK,SAAS,OAAA,CAAQ,OAAA;AAC5B,UAAA,MAAM,IAAA,GAAO,qBAAqB,QAAQ,CAAA;AAC1C,UAAA,IAAI,IAAA,CAAK,IAAA,CAAK,EAAA,KAAO,GAAA,CAAI,KAAK,MAAA,EAAQ;AACrC,YAAA,MAAM,SAAS,KAAA,CAAM,aAAA,EAAe,EAAE,OAAA,EAAS,gCAAgC,CAAA;AAAA,UAChF;AACA,UAAA,MAAM,EAAE,IAAA,EAAK,GAAI,MAAM,iBAAA,CAAkB,UAAU,EAAA,EAAI;AAAA,YACtD,MAAA,EAAQ,IAAI,IAAA,CAAK,MAAA;AAAA,YACjB,MAAM,GAAA,CAAI,IAAA;AAAA,YACV,UAAA,EAAY;AAAA,WACZ,CAAA;AACD,UAAA,MAAM,UAAA,GACL,OAAO,GAAA,CAAI,IAAA,CAAK,eAAe,QAAA,GAC5B,GAAA,CAAI,KAAK,UAAA,GACT,OAAO,IAAI,IAAA,CAAK,YAAA,KAAiB,WAChC,IAAA,CAAK,GAAA,KAAQ,GAAA,CAAI,IAAA,CAAK,eAAe,GAAA,GACrC,IAAA;AACL,UAAA,MAAM,cAAc,MAAM,QAAA,CAAS,QAAQ,eAAA,CAAgB,UAAA,CAAW,KAAK,EAAA,EAAI;AAAA,YAC9E,MAAA,EAAQ,IAAA;AAAA,YACR,SAAA,EAAW,GAAA,CAAI,IAAA,CAAK,SAAA,IAAa,mBAAA;AAAA,YACjC,UAAA;AAAA,YACA,SAAA,sBAAe,IAAA;AAAK,WACpB,CAAA;AACD,UAAA,MAAM,QAAA,CAAS,OAAA,CAAQ,eAAA,CAAgB,cAAA,CAAe,KAAK,EAAE,CAAA;AAC7D,UAAA,OAAO,QAAA,CAAS,IAAA,CAAK,EAAE,IAAA,EAAM,aAAa,CAAA;AAAA,QAC3C;AAAA,OACD;AAAA,MAEA,SAAA,EAAWA,kBAAAA;AAAA,QACV,mBAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UACR,IAAA,EAAM,iBAAA;AAAA,UACN,cAAA,EAAgB;AAAA,SACjB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,QAAA,GAAW,GAAA;AACjB,UAAA,MAAM,EAAA,GAAK,SAAS,OAAA,CAAQ,OAAA;AAC5B,UAAA,MAAM,EAAE,IAAA,EAAK,GAAI,MAAM,iBAAA,CAAkB,UAAU,EAAA,EAAI;AAAA,YACtD,MAAA,EAAQ,IAAI,IAAA,CAAK,MAAA;AAAA,YACjB,MAAM,GAAA,CAAI,IAAA;AAAA,YACV,UAAA,EAAY;AAAA,WACZ,CAAA;AACD,UAAA,MAAM,cAAc,MAAM,QAAA,CAAS,QAAQ,eAAA,CAAgB,UAAA,CAAW,KAAK,EAAA,EAAI;AAAA,YAC9E,MAAA,EAAQ,KAAA;AAAA,YACR,SAAA,EAAW,IAAA;AAAA,YACX,UAAA,EAAY,IAAA;AAAA,YACZ,SAAA,sBAAe,IAAA;AAAK,WACpB,CAAA;AACD,UAAA,OAAO,QAAA,CAAS,IAAA,CAAK,EAAE,IAAA,EAAM,aAAa,CAAA;AAAA,QAC3C;AAAA,OACD;AAAA,MAEA,OAAA,EAASA,kBAAAA;AAAA,QACR,iBAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UACR,IAAA,EAAM,iBAAA;AAAA,UACN,cAAA,EAAgB;AAAA,SACjB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,QAAA,GAAW,GAAA;AACjB,UAAA,MAAM,EAAA,GAAK,SAAS,OAAA,CAAQ,OAAA;AAC5B,UAAA,MAAM,EAAE,IAAA,EAAK,GAAI,MAAM,iBAAA,CAAkB,UAAU,EAAA,EAAI;AAAA,YACtD,MAAA,EAAQ,IAAI,IAAA,CAAK,MAAA;AAAA,YACjB,MAAM,GAAA,CAAI,IAAA;AAAA,YACV,UAAA,EAAY;AAAA,WACZ,CAAA;AACD,UAAA,MAAM,cAAc,MAAM,QAAA,CAAS,QAAQ,eAAA,CAAgB,UAAA,CAAW,KAAK,EAAA,EAAI;AAAA,YAC9E,IAAA,EAAM,kBAAA,CAAmB,GAAA,CAAI,IAAA,CAAK,IAAI,CAAA,IAAK,MAAA;AAAA,YAC3C,SAAA,sBAAe,IAAA;AAAK,WACpB,CAAA;AACD,UAAA,OAAO,QAAA,CAAS,IAAA,CAAK,EAAE,IAAA,EAAM,aAAa,CAAA;AAAA,QAC3C;AAAA,OACD;AAAA,MAEA,eAAA,EAAiBA,kBAAAA;AAAA,QAChB,yBAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UACR,IAAA,EAAM,yBAAA;AAAA,UACN,cAAA,EAAgB;AAAA,SACjB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,QAAA,GAAW,GAAA;AACjB,UAAA,MAAM,EAAA,GAAK,SAAS,OAAA,CAAQ,OAAA;AAC5B,UAAA,MAAM,IAAA,GAAO,qBAAqB,QAAQ,CAAA;AAC1C,UAAA,MAAM,aAAa,MAAM,YAAA,CAAa,EAAA,EAAI,GAAA,CAAI,KAAK,MAAM,CAAA;AACzD,UAAA,IAAI,CAAC,UAAA,EAAY;AAChB,YAAA,MAAM,SAAS,KAAA,CAAM,aAAA,EAAe,EAAE,OAAA,EAAS,kBAAkB,CAAA;AAAA,UAClE;AAEA,UAAA,MAAM,SAAA,GAAY,MAAM,gCAAA,CAAiC,QAAA,EAAU,EAAA,EAAI;AAAA,YACtE,UAAA;AAAA,YACA,MAAM,GAAA,CAAI;AAAA,WACV,CAAA;AAED,UAAA,MAAM,OAAA,GAAU,MAAM,QAAA,CAAS,OAAA,CAAQ,eAAA,CAAgB,aAAA;AAAA,YACtD,UAAA,CAAW,EAAA;AAAA,YACX,IAAA;AAAA,YACA;AAAA,cACC,cAAA,EAAgB,KAAK,IAAA,CAAK,EAAA;AAAA,cAC1B,SAAA,EAAW,IAAI,IAAA,CAAK,IAAA,CAAK,KAAI,GAAI,EAAA,GAAK,KAAK,GAAI,CAAA;AAAA,cAC/C,GAAI,SAAA,GAAY,EAAE,SAAA,KAAc;AAAC,aAClC;AAAA,YACA;AAAA,WACD;AACA,UAAA,IAAI,CAAC,OAAA,EAAS;AACb,YAAA,MAAM,QAAA,CAAS,MAAM,uBAAA,EAAyB;AAAA,cAC7C,OAAA,EAAS;AAAA,aACT,CAAA;AAAA,UACF;AAEA,UAAA,mBAAA,CAAoB,QAAe,CAAA;AACnC,UAAA,MAAM,oBAAA,GAAuB,MAAM,QAAA,CAAS,eAAA;AAAA,YAC3C,QAAA,CAAS,OAAA,CAAQ,WAAA,CAAY,iBAAA,CAAkB,IAAA;AAAA,YAC/C,SAAS,OAAA,CAAQ;AAAA,WAClB;AACA,UAAA,MAAM,WAAA,GAAc,QAAA,CAAS,OAAA,CAAQ,gBAAA,CAAiB,eAAe,CAAA;AACrE,UAAA,MAAM,QAAA,CAAS,eAAA;AAAA,YACd,WAAA,CAAY,IAAA;AAAA,YACZ,GAAG,IAAA,CAAK,OAAA,CAAQ,KAAK,CAAA,CAAA,EAAI,wBAAwB,EAAE,CAAA,CAAA;AAAA,YACnD,SAAS,OAAA,CAAQ,MAAA;AAAA,YACjB,QAAA,CAAS,OAAA,CAAQ,WAAA,CAAY,YAAA,CAAa;AAAA,WAC3C;AACA,UAAA,MAAM,gBAAA;AAAA,YACL,QAAA;AAAA,YACA;AAAA,cACC,OAAA;AAAA,cACA,IAAA,EAAM;AAAA,aACP;AAAA,YACA;AAAA,WACD;AAEA,UAAA,OAAO,SAAS,IAAA,CAAK;AAAA,YACpB,OAAA,EAAS,gBAAgB,OAAO,CAAA;AAAA,YAChC,IAAA,EAAM;AAAA,WACN,CAAA;AAAA,QACF;AAAA,OACD;AAAA,MAEA,iBAAA,EAAmBA,kBAAAA;AAAA,QAClB,2BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UACR,cAAA,EAAgB;AAAA,SACjB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,QAAA,GAAW,GAAA;AACjB,UAAA,MAAM,EAAA,GAAK,SAAS,OAAA,CAAQ,OAAA;AAC5B,UAAA,MAAM,WAAA,GAAc,MAAM,iBAAA,CAAkB,GAAG,CAAA;AAC/C,UAAA,IAAI,CAAC,WAAA,EAAa;AACjB,YAAA,MAAM,SAAS,KAAA,CAAM,cAAA,EAAgB,EAAE,OAAA,EAAS,2BAA2B,CAAA;AAAA,UAC5E;AACA,UAAA,IAAI,CAAC,WAAA,CAAY,OAAA,CAAQ,cAAA,EAAgB;AACxC,YAAA,MAAM,QAAA,CAAS,MAAM,aAAA,EAAe;AAAA,cACnC,OAAA,EAAS;AAAA,aACT,CAAA;AAAA,UACF;AAEA,UAAA,MAAM,WAAA,GAAc,QAAA,CAAS,OAAA,CAAQ,gBAAA,CAAiB,eAAe,CAAA;AACrE,UAAA,MAAM,kBAAA,GAAqB,MAAM,QAAA,CAAS,eAAA;AAAA,YACzC,WAAA,CAAY,IAAA;AAAA,YACZ,SAAS,OAAA,CAAQ;AAAA,WAClB;AACA,UAAA,IAAI,CAAC,kBAAA,EAAoB;AACxB,YAAA,MAAM,QAAA,CAAS,MAAM,uBAAA,EAAyB;AAAA,cAC7C,OAAA,EAAS;AAAA,aACT,CAAA;AAAA,UACF;AAEA,UAAA,MAAM,CAAC,iBAAA,EAAmB,oBAAoB,CAAA,GAAI,kBAAA,CAAmB,MAAM,GAAG,CAAA;AAC9E,UAAA,IAAI,CAAC,iBAAA,EAAmB;AACvB,YAAA,MAAM,QAAA,CAAS,MAAM,uBAAA,EAAyB;AAAA,cAC7C,OAAA,EAAS;AAAA,aACT,CAAA;AAAA,UACF;AAEA,UAAA,MAAM,YAAA,GAAe,MAAM,cAAA,CAAe,EAAA,EAAI;AAAA,YAC7C,YAAA,EAAc;AAAA,WACd,CAAA;AACD,UAAA,IAAI,CAAC,YAAA,IAAgB,YAAA,CAAa,MAAA,KAAW,WAAA,CAAY,QAAQ,cAAA,EAAgB;AAChF,YAAA,MAAM,QAAA,CAAS,MAAM,uBAAA,EAAyB;AAAA,cAC7C,OAAA,EAAS;AAAA,aACT,CAAA;AAAA,UACF;AAEA,UAAA,MAAM,SAAA,GAAY,MAAM,YAAA,CAAa,EAAA,EAAI,aAAa,MAAM,CAAA;AAC5D,UAAA,IAAI,CAAC,SAAA,EAAW;AACf,YAAA,MAAM,QAAA,CAAS,MAAM,uBAAA,EAAyB;AAAA,cAC7C,OAAA,EAAS;AAAA,aACT,CAAA;AAAA,UACF;AAEA,UAAA,MAAM,SAAS,OAAA,CAAQ,eAAA,CAAgB,aAAA,CAAc,WAAA,CAAY,QAAQ,KAAK,CAAA;AAC9E,UAAA,MAAM,gBAAA;AAAA,YACL,QAAA;AAAA,YACA;AAAA,cACC,OAAA,EAAS,YAAA;AAAA,cACT,IAAA,EAAM;AAAA,aACP;AAAA,YACA,CAAC,CAAC;AAAA,WACH;AACA,UAAA,YAAA,CAAa,UAAiB,WAAkB,CAAA;AAEhD,UAAA,OAAO,SAAS,IAAA,CAAK;AAAA,YACpB,OAAA,EAAS,gBAAgB,YAAY,CAAA;AAAA,YACrC,IAAA,EAAM;AAAA,WACN,CAAA;AAAA,QACF;AAAA,OACD;AAAA,MAEA,gBAAA,EAAkBA,kBAAAA;AAAA,QACjB,2BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UACR,IAAA,EAAM,iBAAA;AAAA,UACN,cAAA,EAAgB;AAAA,SACjB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,QAAA,GAAW,GAAA;AACjB,UAAA,MAAM,EAAA,GAAK,SAAS,OAAA,CAAQ,OAAA;AAC5B,UAAA,MAAM,EAAE,IAAA,EAAM,KAAA,KAAU,MAAM,iBAAA,CAAkB,UAAU,EAAA,EAAI;AAAA,YAC7D,MAAA,EAAQ,IAAI,IAAA,CAAK,MAAA;AAAA,YACjB,MAAM,GAAA,CAAI,IAAA;AAAA,YACV,UAAA,EAAY;AAAA,WACZ,CAAA;AACD,UAAA,MAAM,QAAA,GAAW,MAAM,EAAA,CAAG,QAAA,CAAqB;AAAA,YAC9C,KAAA,EAAO,SAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,QAAA,EAAU,KAAA,EAAO,IAAA,CAAK,EAAA,EAAG,EAAG,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YAC3D,KAAA,EAAO,GAAA;AAAA,YACP,MAAA,EAAQ,EAAE,KAAA,EAAO,WAAA,EAAa,WAAW,MAAA;AAAO,WAChD,CAAA;AACD,UAAA,MAAM,IAAA,GAAO,QAAA,CAAS,GAAA,CAAI,eAAe,CAAA;AACzC,UAAA,OAAO,SAAS,IAAA,CAAK,EAAE,QAAA,EAAU,IAAA,EAAM,MAAM,CAAA;AAAA,QAC9C;AAAA,OACD;AAAA,MAEA,gBAAA,EAAkBA,kBAAAA;AAAA,QACjB,2BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UACR,IAAA,EAAM,iBAAA;AAAA,UACN,cAAA,EAAgB;AAAA,SACjB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,QAAA,GAAW,GAAA;AACjB,UAAA,MAAM,EAAA,GAAK,SAAS,OAAA,CAAQ,OAAA;AAC5B,UAAA,MAAM,EAAE,IAAA,EAAM,KAAA,KAAU,MAAM,iBAAA,CAAkB,UAAU,EAAA,EAAI;AAAA,YAC7D,MAAA,EAAQ,IAAI,IAAA,CAAK,MAAA;AAAA,YACjB,MAAM,GAAA,CAAI,IAAA;AAAA,YACV,UAAA,EAAY;AAAA,WACZ,CAAA;AACD,UAAA,MAAM,QAAA,GAAW,MAAM,EAAA,CAAG,QAAA,CAAqB;AAAA,YAC9C,KAAA,EAAO,SAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,QAAA,EAAU,KAAA,EAAO,IAAA,CAAK,EAAA,EAAG,EAAG,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YAC3D,KAAA,EAAO,GAAA;AAAA,YACP,MAAA,EAAQ,EAAE,KAAA,EAAO,WAAA,EAAa,WAAW,MAAA;AAAO,WAChD,CAAA;AACD,UAAA,MAAM,IAAA,GAAO,QAAA,CAAS,GAAA,CAAI,eAAe,CAAA;AACzC,UAAA,OAAO,SAAS,IAAA,CAAK,EAAE,QAAA,EAAU,IAAA,EAAM,MAAM,CAAA;AAAA,QAC9C;AAAA,OACD;AAAA,MAEA,iBAAA,EAAmBA,kBAAAA;AAAA,QAClB,4BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UACR,IAAA,EAAM,uBAAA;AAAA,UACN,cAAA,EAAgB;AAAA,SACjB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,QAAA,GAAW,GAAA;AACjB,UAAA,MAAM,EAAA,GAAK,SAAS,OAAA,CAAQ,OAAA;AAC5B,UAAA,MAAM,EAAE,OAAA,EAAQ,GAAI,MAAM,oBAAA,CAAqB,UAAU,EAAA,EAAI;AAAA,YAC5D,MAAM,GAAA,CAAI,IAAA;AAAA,YACV,UAAA,EAAY;AAAA,WACZ,CAAA;AACD,UAAA,MAAM,QAAA,CAAS,OAAA,CAAQ,eAAA,CAAgB,aAAA,CAAc,QAAQ,KAAK,CAAA;AAClE,UAAA,OAAO,QAAA,CAAS,IAAA,CAAK,EAAE,OAAA,EAAS,MAAM,CAAA;AAAA,QACvC;AAAA,OACD;AAAA,MAEA,kBAAA,EAAoBA,kBAAAA;AAAA,QACnB,6BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UACR,IAAA,EAAM,4BAAA;AAAA,UACN,cAAA,EAAgB;AAAA,SACjB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,QAAA,GAAW,GAAA;AACjB,UAAA,MAAM,EAAA,GAAK,SAAS,OAAA,CAAQ,OAAA;AAC5B,UAAA,MAAM,EAAE,IAAA,EAAK,GAAI,MAAM,iBAAA,CAAkB,UAAU,EAAA,EAAI;AAAA,YACtD,MAAA,EAAQ,IAAI,IAAA,CAAK,MAAA;AAAA,YACjB,MAAM,GAAA,CAAI,IAAA;AAAA,YACV,UAAA,EAAY;AAAA,WACZ,CAAA;AACD,UAAA,MAAM,QAAA,CAAS,OAAA,CAAQ,eAAA,CAAgB,cAAA,CAAe,KAAK,EAAE,CAAA;AAC7D,UAAA,OAAO,QAAA,CAAS,IAAA,CAAK,EAAE,OAAA,EAAS,MAAM,CAAA;AAAA,QACvC;AAAA,OACD;AAAA,MAEA,eAAA,EAAiBA,kBAAAA;AAAA,QAChB,0BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UACR,IAAA,EAAM,yBAAA;AAAA,UACN,cAAA,EAAgB;AAAA,SACjB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,QAAA,GAAW,GAAA;AACjB,UAAA,MAAM,EAAA,GAAK,SAAS,OAAA,CAAQ,OAAA;AAC5B,UAAA,MAAM,iBAAA,CAAkB,UAAU,EAAA,EAAI;AAAA,YACrC,MAAA,EAAQ,IAAI,IAAA,CAAK,MAAA;AAAA,YACjB,MAAM,GAAA,CAAI,IAAA;AAAA,YACV,UAAA,EAAY;AAAA,WACZ,CAAA;AAED,UAAA,MAAM,iBAAA,GAAoB,QAAA,CAAS,OAAA,CAAQ,QAAA,CAAS,QAAQ,iBAAA,IAAqB,CAAA;AACjF,UAAA,IAAI,GAAA,CAAI,IAAA,CAAK,WAAA,CAAY,MAAA,GAAS,iBAAA,EAAmB;AACpD,YAAA,MAAM,QAAA,CAAS,MAAM,aAAA,EAAe;AAAA,cACnC,OAAA,EAAS,6BAA6B,iBAAiB,CAAA,gBAAA;AAAA,aACvD,CAAA;AAAA,UACF;AAEA,UAAA,MAAM,iBAAA,GAAoB,QAAA,CAAS,OAAA,CAAQ,QAAA,CAAS,QAAQ,iBAAA,IAAqB,GAAA;AACjF,UAAA,IAAI,GAAA,CAAI,IAAA,CAAK,WAAA,CAAY,MAAA,GAAS,iBAAA,EAAmB;AACpD,YAAA,MAAM,QAAA,CAAS,MAAM,aAAA,EAAe;AAAA,cACnC,OAAA,EAAS,4BAA4B,iBAAiB,CAAA,gBAAA;AAAA,aACtD,CAAA;AAAA,UACF;AAEA,UAAA,MAAM,cAAA,GAAiB,MAAM,QAAA,CAAS,OAAA,CAAQ,SAAS,IAAA,CAAK,GAAA,CAAI,KAAK,WAAW,CAAA;AAChF,UAAA,MAAM,SAAS,OAAA,CAAQ,eAAA,CAAgB,eAAe,GAAA,CAAI,IAAA,CAAK,QAAQ,cAAc,CAAA;AACrF,UAAA,OAAO,QAAA,CAAS,IAAA,CAAK,EAAE,MAAA,EAAQ,MAAM,CAAA;AAAA,QACtC;AAAA,OACD;AAAA,MAEA,aAAA,EAAeA,kBAAAA;AAAA,QACd,uBAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UACR,IAAA,EAAM,uBAAA;AAAA,UACN,cAAA,EAAgB;AAAA,SACjB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,QAAA,GAAW,GAAA;AACjB,UAAA,MAAM,EAAA,GAAK,SAAS,OAAA,CAAQ,OAAA;AAC5B,UAAA,MAAM,oBAAA,GAAuB,2BAAA;AAAA,YAC3B,GAAA,CAAI,IAAA,CAAK,WAAA,IAAe,GAAA,CAAI,IAAA,CAAK;AAAA,WACnC;AACA,UAAA,IAAI,oBAAA,CAAqB,WAAW,CAAA,EAAG;AACtC,YAAA,MAAM,QAAA,CAAS,MAAM,aAAA,EAAe;AAAA,cACnC,OAAA,EAAS;AAAA,aACT,CAAA;AAAA,UACF;AAEA,UAAA,MAAM,qBAAqB,MAAM,6BAAA,CAA8B,QAAA,EAAU,EAAA,EAAI,IAAI,IAAI,CAAA;AACrF,UAAA,OAAO,SAAS,IAAA,CAAK;AAAA,YACpB,KAAA,EAAO,IAAA;AAAA,YACP,OAAA,EAAS,uBAAA,CAAwB,kBAAA,EAAoB,oBAAoB;AAAA,WACzE,CAAA;AAAA,QACF;AAAA;AACD;AACD,GACD;AACD;AC9uCA,IAAM,SAAA,GAAY,SAAA;AAClB,IAAM,UAAA,GAAa,GAAA;AACnB,IAAM,SAAA,GAAY,EAAA;AAClB,IAAM,eAAA,GAAkB,CAAA;AAQxB,eAAsB,SAAA,CAAU,cAAsB,OAAA,EAAiB;AACtE,EAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY;AAChC,EAAA,MAAM,WAAA,GAAc,MAAM,MAAA,CAAO,MAAA,CAAO,SAAA;AAAA,IACvC,KAAA;AAAA,IACA,OAAA,CAAQ,OAAO,YAAY,CAAA;AAAA,IAC3B,MAAA;AAAA,IACA,KAAA;AAAA,IACA,CAAC,WAAW;AAAA,GACb;AACA,EAAA,OAAO,OAAO,MAAA,CAAO,SAAA;AAAA,IACpB;AAAA,MACC,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,SAAA;AAAA,MACN,IAAA,EAAM,OAAA,CAAQ,MAAA,CAAO,CAAA,cAAA,EAAiB,OAAO,CAAA,CAAE,CAAA;AAAA,MAC/C,IAAA,EAAM,OAAA,CAAQ,MAAA,CAAO,yBAAyB;AAAA,KAC/C;AAAA,IACA,WAAA;AAAA,IACA,EAAE,IAAA,EAAM,SAAA,EAAW,MAAA,EAAQ,UAAA,EAAW;AAAA,IACtC,KAAA;AAAA,IACA,CAAC,WAAW,SAAS;AAAA,GACtB;AACD;AAOA,eAAsB,YAAA,CACrB,SAAA,EACA,YAAA,EACA,OAAA,EACkD;AAClD,EAAA,MAAM,GAAA,GAAM,MAAM,SAAA,CAAU,YAAA,EAAc,OAAO,CAAA;AACjD,EAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY;AAChC,EAAA,MAAM,KAAK,MAAA,CAAO,eAAA,CAAgB,IAAI,UAAA,CAAW,SAAS,CAAC,CAAA;AAE3D,EAAA,MAAM,UAAA,GAAa,MAAM,MAAA,CAAO,MAAA,CAAO,OAAA;AAAA,IACtC,EAAE,IAAA,EAAM,SAAA,EAAW,EAAA,EAAG;AAAA,IACtB,GAAA;AAAA,IACA,OAAA,CAAQ,OAAO,SAAS;AAAA,GACzB;AAEA,EAAA,OAAO;AAAA,IACN,cAAA,EAAgB,aAAA,CAAc,IAAI,UAAA,CAAW,UAAU,CAAC,CAAA;AAAA,IACxD,EAAA,EAAI,cAAc,EAAE;AAAA,GACrB;AACD;AAMA,eAAsB,YAAA,CACrB,cAAA,EACA,EAAA,EACA,YAAA,EACA,OAAA,EACkB;AAClB,EAAA,MAAM,GAAA,GAAM,MAAM,SAAA,CAAU,YAAA,EAAc,OAAO,CAAA;AACjD,EAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY;AAEhC,EAAA,MAAM,SAAA,GAAY,MAAM,MAAA,CAAO,MAAA,CAAO,OAAA;AAAA,IACrC,EAAE,IAAA,EAAM,SAAA,EAAW,EAAA,EAAI,aAAA,CAAc,EAAE,CAAA,EAAE;AAAA,IACzC,GAAA;AAAA,IACA,cAAc,cAAc;AAAA,GAC7B;AAEA,EAAA,OAAO,OAAA,CAAQ,OAAO,SAAS,CAAA;AAChC;AAMA,eAAe,iBAAA,CAAkB,IAAqB,UAAA,EAA4C;AACjG,EAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAAyB;AAAA,IAC9C,KAAA,EAAO,aAAA;AAAA,IACP,KAAA,EAAO,CAAC,GAAG,UAAU,CAAA;AAAA,IACrB,KAAA,EAAO,CAAA;AAAA,IACP,MAAA,EAAQ,EAAE,KAAA,EAAO,SAAA,EAAW,WAAW,MAAA;AAAO,GAC9C,CAAA;AACD,EAAA,OAAO,KAAK,CAAC,CAAA,GAAI,IAAA,CAAK,CAAC,EAAE,OAAA,GAAU,eAAA;AACpC;AAGO,SAAS,cAAc,KAAA,EAA2B;AACxD,EAAA,IAAI,MAAA,GAAS,EAAA;AACb,EAAA,KAAA,MAAW,QAAQ,KAAA,EAAO;AACzB,IAAA,MAAA,IAAU,MAAA,CAAO,aAAa,IAAI,CAAA;AAAA,EACnC;AACA,EAAA,OAAO,KAAK,MAAM,CAAA;AACnB;AAGO,SAAS,cAAc,MAAA,EAA4B;AACzD,EAAA,MAAM,MAAA,GAAS,KAAK,MAAM,CAAA;AAC1B,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,MAAA,CAAO,MAAM,CAAA;AAC1C,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,MAAA,CAAO,QAAQ,CAAA,EAAA,EAAK;AACvC,IAAA,KAAA,CAAM,CAAC,CAAA,GAAI,MAAA,CAAO,UAAA,CAAW,CAAC,CAAA;AAAA,EAC/B;AACA,EAAA,OAAO,KAAA;AACR;AAIA,IAAM,aAAA,GAAgBF,EACpB,MAAA,CAAO;AAAA,EACP,IAAA,EAAMA,EAAE,MAAA,EAAO,CAAE,IAAI,CAAC,CAAA,CAAE,IAAI,GAAG,CAAA;AAAA,EAC/B,IAAA,EAAMA,CAAAA,CAAE,MAAA,EAAO,CAAE,IAAI,CAAC,CAAA;AAAA,EACtB,SAASA,CAAAA,CAAE,MAAA,GAAS,GAAA,CAAI,GAAG,EAAE,QAAA,EAAS;AAAA,EACtC,cAAA,EAAgBA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACpC,UAAUA,CAAAA,CAAE,MAAA,CAAOA,EAAE,MAAA,EAAQ,EAAE,QAAA;AAChC,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,aAAA,GAAgBA,EACpB,MAAA,CAAO;AAAA,EACP,QAAA,EAAUA,EAAE,MAAA,EAAO;AAAA,EACnB,OAAA,EAASA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AACrB,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,iBAAA,GAAoBA,EACxB,MAAA,CAAO;AAAA,EACP,cAAA,EAAgBA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACpC,KAAA,EAAOA,CAAAA,CAAE,MAAA,EAAO,CAAE,GAAA,EAAI,CAAE,QAAA,EAAS,CAAE,GAAA,CAAI,GAAG,CAAA,CAAE,QAAA,EAAS;AAAA,EACrD,MAAA,EAAQA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC5B,KAAA,EAAOA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AACnB,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,kBAAA,GAAqBA,EACzB,MAAA,CAAO;AAAA,EACP,EAAA,EAAIA,EAAE,MAAA;AACP,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,eAAA,GAAkBA,EACtB,MAAA,CAAO;AAAA;AAAA,EAEP,SAAA,EAAWA,CAAAA,CAAE,MAAA,EAAO,CAAE,GAAA,EAAI,CAAE,QAAA,EAAS,CAAE,GAAA,CAAI,GAAG,CAAA,CAAE,QAAA;AACjD,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAuBnB,SAAS,YAAY,OAAA,EAAgD;AAC3E,EAAA,SAAS,eAAA,GAA0B;AAClC,IAAA,MAAM,MAAA,GAAkC,OAAA,CAAQ,GAAA,CAAI,kBAAA;AACpD,IAAA,IAAI,CAAC,MAAA,EAAQ;AACZ,MAAA,MAAM,IAAI,KAAA;AAAA,QACT;AAAA,OAED;AAAA,IACD;AACA,IAAA,OAAO,MAAA;AAAA,EACR;AAEA,EAAA,OAAO;AAAA,IACN,EAAA,EAAI,cAAA;AAAA;AAAA,IAGJ,MAAA,EAAQ;AAAA,MACP,WAAA,EAAa;AAAA,QACZ,MAAA,EAAQ;AAAA,UACP,IAAA,EAAM,EAAE,IAAA,EAAM,QAAA,EAAmB,UAAU,IAAA,EAAK;AAAA,UAChD,cAAA,EAAgB,EAAE,IAAA,EAAM,QAAA,EAAmB,UAAU,IAAA,EAAK;AAAA,UAC1D,EAAA,EAAI,EAAE,IAAA,EAAM,QAAA,EAAmB,UAAU,IAAA,EAAK;AAAA,UAC9C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAmB,UAAU,KAAA,EAAM;AAAA,UACtD,OAAA,EAAS,EAAE,IAAA,EAAM,QAAA,EAAmB,UAAU,KAAA,EAAM;AAAA,UACpD,cAAA,EAAgB,EAAE,IAAA,EAAM,QAAA,EAAmB,UAAU,KAAA,EAAM;AAAA,UAC3D,OAAA,EAAS,EAAE,IAAA,EAAM,QAAA,EAAmB,UAAU,IAAA,EAAK;AAAA,UACnD,QAAA,EAAU,EAAE,IAAA,EAAM,QAAA,EAAmB,UAAU,KAAA,EAAM;AAAA,UACrD,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAmB,UAAU,IAAA,EAAK;AAAA,UACrD,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAmB,UAAU,IAAA;AAAK;AACtD;AACD,KACD;AAAA,IAEA,SAAA,EAAW;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,MAMV,YAAA,EAAcE,kBAAAA;AAAA,QACb,uBAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UACR,IAAA,EAAM,aAAA;AAAA,UACN,cAAA,EAAgB;AAAA,SACjB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,KAAA,GAAQ,gBAAgB,IAA+B,CAAA;AAC7D,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,UAAA,EAAY,aAAA;AAAA,YACZ,WAAW,KAAA,CAAM;AAAA,WACjB,CAAA;AAED,UAAA,MAAM,eAAe,eAAA,EAAgB;AACrC,UAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,UAAA,MAAM,cAAA,GAAiB,MAAM,iBAAA,CAAkB,EAAA,EAAI,MAAM,KAAK,CAAA;AAC9D,UAAA,MAAM,EAAE,cAAA,EAAgB,EAAA,EAAG,GAAI,MAAM,YAAA;AAAA,YACpC,IAAA,CAAK,IAAA;AAAA,YACL,YAAA;AAAA,YACA;AAAA,WACD;AAEA,UAAA,MAAM,IAAA,GAAgC;AAAA,YACrC,GAAG,KAAA,CAAM,IAAA;AAAA,YACT,MAAM,IAAA,CAAK,IAAA;AAAA,YACX,cAAA;AAAA,YACA,EAAA;AAAA,YACA,OAAA,EAAS,cAAA;AAAA,YACT,SAAA,EAAW,GAAA;AAAA,YACX,SAAA,EAAW;AAAA,WACZ;AACA,UAAA,IAAI,IAAA,CAAK,OAAA,EAAS,IAAA,CAAK,OAAA,GAAU,IAAA,CAAK,OAAA;AACtC,UAAA,IAAI,IAAA,CAAK,cAAA,EAAgB,IAAA,CAAK,cAAA,GAAiB,IAAA,CAAK,cAAA;AACpD,UAAA,IAAI,KAAK,QAAA,EAAU,IAAA,CAAK,WAAW,IAAA,CAAK,SAAA,CAAU,KAAK,QAAQ,CAAA;AAE/D,UAAA,MAAM,MAAA,GAAS,MAAM,EAAA,CAAG,MAAA,CAAuB;AAAA,YAC9C,KAAA,EAAO,aAAA;AAAA,YACP;AAAA,WACA,CAAA;AAED,UAAA,OAAO,IAAI,IAAA,CAAK,EAAE,EAAA,EAAI,MAAA,CAAO,IAAI,CAAA;AAAA,QAClC;AAAA,OACD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,MAOA,YAAA,EAAcA,kBAAAA;AAAA,QACb,uBAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UACR,IAAA,EAAM,aAAA;AAAA,UACN,cAAA,EAAgB;AAAA,SACjB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,KAAA,GAAQ,gBAAgB,IAA+B,CAAA;AAC7D,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,UAAA,EAAY,YAAA;AAAA,YACZ,WAAW,KAAA,CAAM;AAAA,WACjB,CAAA;AAED,UAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAAyB;AAAA,YAC9C,KAAA,EAAO,aAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,KAAA,EAAO,IAAA,CAAK,QAAA,EAAS,EAAG,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YAC7D,KAAA,EAAO;AAAA,WACP,CAAA;AACD,UAAA,MAAM,MAAA,GAAS,KAAK,CAAC,CAAA;AACrB,UAAA,IAAI,CAAC,MAAA,EAAQ;AACZ,YAAA,MAAM,IAAI,KAAA,CAAM,WAAA,EAAa,EAAE,OAAA,EAAS,oBAAoB,CAAA;AAAA,UAC7D;AAGA,UAAA,IAAI,MAAA,CAAO,OAAA,IAAW,IAAA,CAAK,OAAA,KAAY,OAAO,OAAA,EAAS;AACtD,YAAA,MAAM,GAAA,CAAI,MAAM,WAAA,EAAa;AAAA,cAC5B,OAAA,EAAS;AAAA,aACT,CAAA;AAAA,UACF;AAEA,UAAA,MAAM,eAAe,eAAA,EAAgB;AACrC,UAAA,IAAI;AACH,YAAA,MAAM,YAAY,MAAM,YAAA;AAAA,cACvB,MAAA,CAAO,cAAA;AAAA,cACP,MAAA,CAAO,EAAA;AAAA,cACP,YAAA;AAAA,cACA,MAAA,CAAO;AAAA,aACR;AACA,YAAA,OAAO,GAAA,CAAI,IAAA,CAAK,EAAE,IAAA,EAAM,WAAW,CAAA;AAAA,UACpC,CAAA,CAAA,MAAQ;AACP,YAAA,MAAM,GAAA,CAAI,MAAM,uBAAA,EAAyB;AAAA,cACxC,OAAA,EAAS;AAAA,aACT,CAAA;AAAA,UACF;AAAA,QACD;AAAA,OACD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,MAOA,SAAA,EAAWA,kBAAAA;AAAA,QACV,oBAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UACR,IAAA,EAAM,iBAAA;AAAA,UACN,cAAA,EAAgB;AAAA,SACjB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,KAAA,GAAQ,gBAAgB,IAA+B,CAAA;AAC7D,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,UAAA,EAAY,YAAA;AAAA,YACZ,WAAW,KAAA,CAAM;AAAA,WACjB,CAAA;AAED,UAAA,MAAM,QAAQ,IAAA,CAAK,GAAA,CAAI,IAAA,CAAK,KAAA,IAAS,IAAI,GAAG,CAAA;AAC5C,UAAA,MAAM,OAAA,GAAyB,CAAC,GAAG,KAAA,CAAM,KAAK,CAAA;AAE9C,UAAA,IAAI,KAAK,cAAA,EAAgB;AACxB,YAAA,OAAA,CAAQ,KAAK,EAAE,KAAA,EAAO,kBAAkB,KAAA,EAAO,IAAA,CAAK,gBAAgB,CAAA;AAAA,UACrE;AAGA,UAAA,IAAI,KAAK,KAAA,EAAO;AACf,YAAA,MAAM,UAAA,GAAa,MAAM,EAAA,CAAG,QAAA,CAAyB;AAAA,cACpD,KAAA,EAAO,aAAA;AAAA,cACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,KAAA,EAAO,IAAA,CAAK,KAAA,EAAM,EAAG,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,cAC1D,KAAA,EAAO;AAAA,aACP,CAAA;AACD,YAAA,IAAI,UAAA,CAAW,CAAC,CAAA,EAAG;AAClB,cAAA,OAAA,CAAQ,IAAA,CAAK;AAAA,gBACZ,KAAA,EAAO,WAAA;AAAA,gBACP,QAAA,EAAU,IAAA;AAAA,gBACV,KAAA,EAAO,UAAA,CAAW,CAAC,CAAA,CAAE;AAAA,eACrB,CAAA;AAAA,YACF;AAAA,UACD;AACA,UAAA,IAAI,KAAK,MAAA,EAAQ;AAChB,YAAA,MAAM,UAAA,GAAa,MAAM,EAAA,CAAG,QAAA,CAAyB;AAAA,cACpD,KAAA,EAAO,aAAA;AAAA,cACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,KAAA,EAAO,IAAA,CAAK,MAAA,EAAO,EAAG,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,cAC3D,KAAA,EAAO;AAAA,aACP,CAAA;AACD,YAAA,IAAI,UAAA,CAAW,CAAC,CAAA,EAAG;AAClB,cAAA,OAAA,CAAQ,IAAA,CAAK;AAAA,gBACZ,KAAA,EAAO,WAAA;AAAA,gBACP,QAAA,EAAU,IAAA;AAAA,gBACV,KAAA,EAAO,UAAA,CAAW,CAAC,CAAA,CAAE;AAAA,eACrB,CAAA;AAAA,YACF;AAAA,UACD;AAEA,UAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAAyB;AAAA,YAC9C,KAAA,EAAO,aAAA;AAAA,YACP,KAAA,EAAO,OAAA;AAAA,YACP,OAAO,KAAA,GAAQ,CAAA;AAAA;AAAA,YACf,MAAA,EAAQ,EAAE,KAAA,EAAO,WAAA,EAAa,WAAW,MAAA;AAAO,WAChD,CAAA;AAED,UAAA,MAAM,OAAA,GAAU,KAAK,MAAA,GAAS,KAAA;AAC9B,UAAA,MAAM,QAAQ,OAAA,GAAU,IAAA,CAAK,KAAA,CAAM,CAAA,EAAG,KAAK,CAAA,GAAI,IAAA;AAC/C,UAAA,MAAM,SAAA,GAAY,MAAM,CAAC,CAAA;AACzB,UAAA,MAAM,QAAA,GAAW,KAAA,CAAM,KAAA,CAAM,MAAA,GAAS,CAAC,CAAA;AAGvC,UAAA,MAAM,IAAA,GAAO,KAAA,CAAM,GAAA,CAAI,CAAC,GAAA,MAAS;AAAA,YAChC,IAAI,GAAA,CAAI,EAAA;AAAA,YACR,MAAM,GAAA,CAAI,IAAA;AAAA,YACV,OAAA,EAAS,IAAI,OAAA,IAAW,IAAA;AAAA,YACxB,cAAA,EAAgB,IAAI,cAAA,IAAkB,IAAA;AAAA,YACtC,SAAS,GAAA,CAAI,OAAA;AAAA,YACb,QAAA,EAAU,GAAA,CAAI,QAAA,GACX,OAAO,GAAA,CAAI,QAAA,KAAa,QAAA,GACvBY,cAAAA,CAAc,GAAA,CAAI,QAAQ,CAAA,GAC1B,GAAA,CAAI,QAAA,GACL,IAAA;AAAA,YACH,WAAW,GAAA,CAAI,SAAA;AAAA,YACf,WAAW,GAAA,CAAI;AAAA,WAChB,CAAE,CAAA;AAEF,UAAA,OAAO,IAAI,IAAA,CAAK;AAAA,YACf,IAAA;AAAA,YACA,YAAA,EAAc;AAAA,cACb,MAAA,EAAQ,SAAA,GAAa,SAAA,CAAU,EAAA,GAAgB,IAAA;AAAA,cAC/C,KAAA,EAAO,OAAA,IAAW,QAAA,GAAY,QAAA,CAAS,EAAA,GAAgB;AAAA;AACxD,WACA,CAAA;AAAA,QACF;AAAA,OACD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,MAOA,WAAA,EAAaZ,kBAAAA;AAAA,QACZ,sBAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UACR,IAAA,EAAM,kBAAA;AAAA,UACN,cAAA,EAAgB;AAAA,SACjB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,KAAA,GAAQ,gBAAgB,IAA+B,CAAA;AAC7D,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,UAAA,EAAY,aAAA;AAAA,YACZ,WAAW,KAAA,CAAM;AAAA,WACjB,CAAA;AAED,UAAA,MAAM,IAAA,GAAO,MAAM,EAAA,CAAG,QAAA,CAAyB;AAAA,YAC9C,KAAA,EAAO,aAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,KAAA,EAAO,IAAA,CAAK,EAAA,EAAG,EAAG,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YACvD,KAAA,EAAO;AAAA,WACP,CAAA;AACD,UAAA,IAAI,CAAC,IAAA,CAAK,CAAC,CAAA,EAAG;AACb,YAAA,MAAM,IAAI,KAAA,CAAM,WAAA,EAAa,EAAE,OAAA,EAAS,oBAAoB,CAAA;AAAA,UAC7D;AAEA,UAAA,MAAM,GAAG,MAAA,CAAO;AAAA,YACf,KAAA,EAAO,aAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,KAAA,EAAO,IAAA,CAAK,EAAA,EAAG,EAAG,GAAG,KAAA,CAAM,KAAK;AAAA,WACvD,CAAA;AAED,UAAA,OAAO,GAAA,CAAI,IAAA,CAAK,EAAE,MAAA,EAAQ,WAAW,CAAA;AAAA,QACtC;AAAA,OACD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,MAWA,cAAA,EAAgBA,kBAAAA;AAAA,QACf,0BAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UACR,IAAA,EAAM,eAAA;AAAA,UACN,cAAA,EAAgB;AAAA,SACjB;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,KAAA,GAAQ,gBAAgB,IAA+B,CAAA;AAC7D,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,UAAA,EAAY,cAAA;AAAA,YACZ,WAAW,KAAA,CAAM;AAAA,WACjB,CAAA;AAED,UAAA,MAAM,eAAe,eAAA,EAAgB;AACrC,UAAA,MAAM,SAAA,GAAY,KAAK,SAAA,IAAa,GAAA;AACpC,UAAA,MAAM,cAAA,GAAiB,MAAM,iBAAA,CAAkB,EAAA,EAAI,MAAM,KAAK,CAAA;AAC9D,UAAA,MAAM,aAAa,cAAA,GAAiB,CAAA;AAGpC,UAAA,MAAM,QAAA,GAAW,MAAM,EAAA,CAAG,QAAA,CAAyB;AAAA,YAClD,KAAA,EAAO,aAAA;AAAA,YACP,KAAA,EAAO;AAAA,cACN,EAAE,KAAA,EAAO,SAAA,EAAW,QAAA,EAAU,IAAA,EAAe,OAAO,UAAA,EAAW;AAAA,cAC/D,GAAG,KAAA,CAAM;AAAA,aACV;AAAA,YACA,KAAA,EAAO;AAAA,WACP,CAAA;AAED,UAAA,IAAI,OAAA,GAAU,CAAA;AACd,UAAA,IAAI,MAAA,GAAS,CAAA;AAEb,UAAA,KAAA,MAAW,UAAU,QAAA,EAAU;AAC9B,YAAA,IAAI;AAEH,cAAA,MAAM,YAAY,MAAM,YAAA;AAAA,gBACvB,MAAA,CAAO,cAAA;AAAA,gBACP,MAAA,CAAO,EAAA;AAAA,gBACP,YAAA;AAAA,gBACA,MAAA,CAAO;AAAA,eACR;AAGA,cAAA,MAAM,EAAE,cAAA,EAAgB,EAAA,EAAG,GAAI,MAAM,YAAA;AAAA,gBACpC,SAAA;AAAA,gBACA,YAAA;AAAA,gBACA;AAAA,eACD;AAEA,cAAA,MAAM,GAAG,MAAA,CAAO;AAAA,gBACf,KAAA,EAAO,aAAA;AAAA,gBACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,KAAA,EAAO,MAAA,CAAO,EAAA,EAAG,EAAG,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,gBACzD,MAAA,EAAQ;AAAA,kBACP,cAAA;AAAA,kBACA,EAAA;AAAA,kBACA,OAAA,EAAS,UAAA;AAAA,kBACT,SAAA,EAAW,KAAK,GAAA;AAAI;AACrB,eACA,CAAA;AACD,cAAA,OAAA,EAAA;AAAA,YACD,SAAS,GAAA,EAAK;AACb,cAAA,OAAA,CAAQ,KAAA;AAAA,gBACP,+CAAA;AAAA,gBACA,GAAA,YAAe,KAAA,GAAQ,GAAA,CAAI,OAAA,GAAU;AAAA,eACtC;AACA,cAAA,MAAA,EAAA;AAAA,YACD;AAAA,UACD;AAEA,UAAA,OAAO,IAAI,IAAA,CAAK;AAAA,YACf,MAAA,EAAQ,QAAA,CAAS,MAAA,KAAW,CAAA,GAAI,YAAA,GAAe,SAAA;AAAA,YAC/C,OAAA;AAAA,YACA,MAAA;AAAA,YACA,WAAW,IAAA,CAAK,GAAA,CAAI,GAAG,QAAA,CAAS,MAAA,GAAS,UAAU,MAAM;AAAA,WACzD,CAAA;AAAA,QACF;AAAA;AACD;AACD,GACD;AACD;AAIA,SAASY,eAAc,KAAA,EAAwB;AAC9C,EAAA,IAAI;AACH,IAAA,OAAO,IAAA,CAAK,MAAM,KAAK,CAAA;AAAA,EACxB,CAAA,CAAA,MAAQ;AACP,IAAA,OAAO,KAAA;AAAA,EACR;AACD;ACrkBA,SAAS,UAAU,SAAA,EAA2B;AAC7C,EAAA,MAAM,GAAA,GAAM,IAAI,UAAA,CAAW,SAAS,CAAA;AACpC,EAAA,MAAA,CAAO,gBAAgB,GAAG,CAAA;AAC1B,EAAA,OAAO,KAAA,CAAM,IAAA,CAAK,GAAA,EAAK,CAAC,MAAM,CAAA,CAAE,QAAA,CAAS,EAAE,CAAA,CAAE,SAAS,CAAA,EAAG,GAAG,CAAC,CAAA,CAAE,KAAK,EAAE,CAAA;AACvE;AA2BA,IAAM,kBAAA,GAAqBd,EACzB,MAAA,CAAO;AAAA,EACP,KAAA,EAAOA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC3B,KAAA,EAAOA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC3B,MAAA,EAAQA,CAAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AACpB,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,mBAAA,GAAsBA,EAC1B,MAAA,CAAO;AAAA,EACP,GAAA,EAAKA,CAAAA,CACH,MAAA,EAAO,CACP,GAAA,CAAI,aAAa,CAAA,CACjB,MAAA,CAAO,CAAC,GAAA,KAAQ,mBAAA,CAAoB,GAAG,CAAA,EAAG;AAAA,IAC1C,OAAA,EAAS;AAAA,GACT,CAAA;AAAA,EACF,YAAYA,CAAAA,CAAE,KAAA,CAAMA,EAAE,MAAA,EAAQ,EAAE,QAAA,EAAS;AAAA,EACzC,OAAA,EAASA,CAAAA,CAAE,OAAA,EAAQ,CAAE,QAAA;AACtB,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,mBAAA,GAAsBA,EAC1B,MAAA,CAAO;AAAA,EACP,EAAA,EAAIA,EAAE,MAAA,EAAO;AAAA,EACb,GAAA,EAAKA,CAAAA,CACH,MAAA,EAAO,CACP,GAAA,CAAI,aAAa,CAAA,CACjB,MAAA,CAAO,CAAC,GAAA,KAAQ,mBAAA,CAAoB,GAAG,CAAA,EAAG;AAAA,IAC1C,OAAA,EAAS;AAAA,GACT,EACA,QAAA,EAAS;AAAA,EACX,YAAYA,CAAAA,CAAE,KAAA,CAAMA,EAAE,MAAA,EAAQ,EAAE,QAAA,EAAS;AAAA,EACzC,OAAA,EAASA,CAAAA,CAAE,OAAA,EAAQ,CAAE,QAAA;AACtB,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,IAAM,mBAAA,GAAsBA,EAC1B,MAAA,CAAO;AAAA,EACP,EAAA,EAAIA,EAAE,MAAA;AACP,CAAC,CAAA,CACA,MAAM,kBAAkB,CAAA;AAE1B,SAAS,oBAAoB,GAAA,EAAsB;AAClD,EAAA,IAAI,GAAA,CAAI,UAAA,CAAW,UAAU,CAAA,EAAG,OAAO,IAAA;AACvC,EAAA,OACC,GAAA,CAAI,UAAA,CAAW,kBAAkB,CAAA,IACjC,GAAA,CAAI,WAAW,kBAAkB,CAAA,IACjC,GAAA,CAAI,UAAA,CAAW,gBAAgB,CAAA;AAEjC;AAaO,SAAS,cAAc,QAAA,EAAmD;AAChF,EAAA,OAAO;AAAA,IACN,EAAA,EAAI,uBAAA;AAAA;AAAA,IAGJ,MAAA,EAAQ;AAAA,MACP,eAAA,EAAiB;AAAA,QAChB,MAAA,EAAQ;AAAA,UACP,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAmB,UAAU,KAAA,EAAM;AAAA,UACtD,GAAA,EAAK,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UACtC,MAAA,EAAQ,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UACzC,UAAA,EAAY,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAC9C,OAAA,EAAS,EAAE,IAAA,EAAM,SAAA,EAAW,UAAU,IAAA,EAAK;AAAA,UAC3C,YAAA,EAAc,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAChD,YAAA,EAAc,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAChD,mBAAA,EAAqB,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UACvD,cAAA,EAAgB,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAClD,kBAAA,EAAoB,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UACtD,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC5C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA;AAAK;AAC7C,OACD;AAAA,MACA,eAAA,EAAiB;AAAA,QAChB,MAAA,EAAQ;AAAA,UACP,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAmB,UAAU,KAAA,EAAM;AAAA,UACtD,UAAA,EAAY;AAAA,YACX,IAAA,EAAM,QAAA;AAAA,YACN,QAAA,EAAU,IAAA;AAAA,YACV,UAAA,EAAY,EAAE,KAAA,EAAO,iBAAA,EAAmB,OAAO,IAAA;AAAK,WACrD;AAAA,UACA,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC5C,OAAA,EAAS,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC1C,OAAA,EAAS,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC1C,WAAA,EAAa,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UAC9C,MAAA,EAAQ,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA,EAAK;AAAA,UACzC,UAAA,EAAY,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAC9C,YAAA,EAAc,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAChD,YAAA,EAAc,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAChD,WAAA,EAAa,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAC/C,WAAA,EAAa,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,KAAA,EAAM;AAAA,UAC/C,SAAA,EAAW,EAAE,IAAA,EAAM,QAAA,EAAU,UAAU,IAAA;AAAK;AAC7C;AACD,KACD;AAAA,IAEA,SAAA,EAAW;AAAA;AAAA,MAEV,oBAAA,EAAsBE,kBAAAA;AAAA,QACrB,uBAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UACR,cAAA,EAAgB,IAAA;AAAA,UAChB,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,KAAA,GAAQ,KAAK,KAAA,IAAS,EAAA;AAC5B,UAAA,MAAM,KAAA,GAAQ,gBAAgB,IAA+B,CAAA;AAC7D,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,UAAA,EAAY,gBAAA;AAAA,YACZ,WAAW,KAAA,CAAM;AAAA,WACjB,CAAA;AAED,UAAA,MAAM,SAAA,GAAY,MAAM,EAAA,CAAG,QAAA,CAA6B;AAAA,YACvD,KAAA,EAAO,iBAAA;AAAA,YACP,KAAA,EAAO,CAAC,GAAG,KAAA,CAAM,KAAK,CAAA;AAAA,YACtB,KAAA;AAAA,YACA,MAAA,EAAQ,EAAE,KAAA,EAAO,WAAA,EAAa,WAAW,MAAA;AAAO,WAChD,CAAA;AAGD,UAAA,MAAM,SAAA,GAAY,SAAA,CAAU,GAAA,CAAI,CAAC,EAAA,MAAQ;AAAA,YACxC,IAAI,EAAA,CAAG,EAAA;AAAA,YACP,KAAK,EAAA,CAAG,GAAA;AAAA,YACR,YAAY,EAAA,CAAG,UAAA;AAAA,YACf,SAAS,EAAA,CAAG,OAAA;AAAA,YACZ,cAAc,EAAA,CAAG,YAAA;AAAA,YACjB,cAAc,EAAA,CAAG,YAAA;AAAA,YACjB,qBAAqB,EAAA,CAAG,mBAAA;AAAA,YACxB,gBAAgB,EAAA,CAAG,cAAA;AAAA,YACnB,oBAAoB,EAAA,CAAG,kBAAA;AAAA,YACvB,WAAW,EAAA,CAAG,SAAA;AAAA,YACd,WAAW,EAAA,CAAG;AAAA,WACf,CAAE,CAAA;AAEF,UAAA,OAAO,IAAI,IAAA,CAAK;AAAA,YACf,IAAA,EAAM,SAAA;AAAA,YACN,YAAA,EAAc,EAAE,MAAA,EAAQ,IAAA,EAAM,OAAO,IAAA;AAAK,WAC1C,CAAA;AAAA,QACF;AAAA,OACD;AAAA;AAAA,MAGA,qBAAA,EAAuBA,kBAAAA;AAAA,QACtB,yBAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UACR,cAAA,EAAgB,IAAA;AAAA,UAChB,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,UAAA,MAAM,KAAA,GAAQ,gBAAgB,IAA+B,CAAA;AAC7D,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,UAAA,EAAY,gBAAA;AAAA,YACZ,WAAW,KAAA,CAAM;AAAA,WACjB,CAAA;AAGD,UAAA,MAAM,MAAA,GAAS,CAAA,MAAA,EAAS,SAAA,CAAU,EAAE,CAAC,CAAA,CAAA;AAGrC,UAAA,MAAM,QAAA,GAAW,MAAM,EAAA,CAAG,MAAA,CAA2B;AAAA,YACpD,KAAA,EAAO,iBAAA;AAAA,YACP,IAAA,EAAM;AAAA,cACL,GAAG,KAAA,CAAM,IAAA;AAAA,cACT,KAAK,IAAA,CAAK,GAAA;AAAA,cACV,MAAA;AAAA,cACA,UAAA,EAAY,IAAA,CAAK,UAAA,GAAa,IAAA,CAAK,SAAA,CAAU,IAAA,CAAK,UAAU,CAAA,GAAI,IAAA,CAAK,SAAA,CAAU,EAAE,CAAA;AAAA,cACjF,OAAA,EAAS,KAAK,OAAA,KAAY,KAAA;AAAA,cAC1B,YAAA,EAAc,CAAA;AAAA,cACd,YAAA,EAAc,CAAA;AAAA,cACd,mBAAA,EAAqB,CAAA;AAAA,cACrB,SAAA,EAAW,GAAA;AAAA,cACX,SAAA,EAAW;AAAA;AACZ,WACA,CAAA;AAID,UAAA,OAAO,IAAI,IAAA,CAAK;AAAA,YACf,IAAI,QAAA,CAAS,EAAA;AAAA,YACb,KAAK,QAAA,CAAS,GAAA;AAAA,YACd,QAAQ,QAAA,CAAS,MAAA;AAAA,YACjB,YAAY,QAAA,CAAS,UAAA;AAAA,YACrB,SAAS,QAAA,CAAS,OAAA;AAAA,YAClB,cAAc,QAAA,CAAS,YAAA;AAAA,YACvB,cAAc,QAAA,CAAS,YAAA;AAAA,YACvB,qBAAqB,QAAA,CAAS,mBAAA;AAAA,YAC9B,gBAAgB,QAAA,CAAS,cAAA;AAAA,YACzB,oBAAoB,QAAA,CAAS,kBAAA;AAAA,YAC7B,WAAW,QAAA,CAAS,SAAA;AAAA,YACpB,WAAW,QAAA,CAAS;AAAA,WACpB,CAAA;AAAA,QACF;AAAA,OACD;AAAA;AAAA,MAGA,qBAAA,EAAuBA,kBAAAA;AAAA,QACtB,yBAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UACR,cAAA,EAAgB,IAAA;AAAA,UAChB,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,UAAA,MAAM,KAAA,GAAQ,gBAAgB,IAA+B,CAAA;AAC7D,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,UAAA,EAAY,gBAAA;AAAA,YACZ,WAAW,KAAA,CAAM;AAAA,WACjB,CAAA;AAED,UAAA,MAAM,OAAA,GAAmC,EAAE,SAAA,EAAW,GAAA,EAAI;AAC1D,UAAA,IAAI,IAAA,CAAK,GAAA,KAAQ,MAAA,EAAW,OAAA,CAAQ,MAAM,IAAA,CAAK,GAAA;AAC/C,UAAA,IAAI,IAAA,CAAK,eAAe,MAAA,EAAW,OAAA,CAAQ,aAAa,IAAA,CAAK,SAAA,CAAU,KAAK,UAAU,CAAA;AACtF,UAAA,IAAI,IAAA,CAAK,OAAA,KAAY,MAAA,EAAW,OAAA,CAAQ,UAAU,IAAA,CAAK,OAAA;AAEvD,UAAA,MAAM,QAAA,GAAW,MAAM,EAAA,CAAG,MAAA,CAA2B;AAAA,YACpD,KAAA,EAAO,iBAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,QAAA,EAAU,IAAA,EAAM,KAAA,EAAO,IAAA,CAAK,EAAA,EAAG,EAAG,GAAG,MAAM,KAAK,CAAA;AAAA,YACvE,MAAA,EAAQ;AAAA,WACR,CAAA;AAED,UAAA,OAAO,GAAA,CAAI,KAAK,QAAQ,CAAA;AAAA,QACzB;AAAA,OACD;AAAA;AAAA,MAGA,qBAAA,EAAuBA,kBAAAA;AAAA,QACtB,yBAAA;AAAA,QACA;AAAA,UACC,MAAA,EAAQ,MAAA;AAAA,UACR,cAAA,EAAgB,IAAA;AAAA,UAChB,IAAA,EAAM;AAAA,SACP;AAAA,QACA,OAAO,GAAA,KAAQ;AACd,UAAA,MAAM,OAAO,GAAA,CAAI,IAAA;AACjB,UAAA,MAAM,EAAA,GAAK,IAAI,OAAA,CAAQ,OAAA;AACvB,UAAA,MAAM,KAAA,GAAQ,gBAAgB,IAA+B,CAAA;AAC7D,UAAA,MAAM,yBAAyB,GAAA,EAAK;AAAA,YACnC,EAAA;AAAA,YACA,UAAA,EAAY,gBAAA;AAAA,YACZ,WAAW,KAAA,CAAM;AAAA,WACjB,CAAA;AAED,UAAA,MAAM,GAAG,MAAA,CAAO;AAAA,YACf,KAAA,EAAO,iBAAA;AAAA,YACP,KAAA,EAAO,CAAC,EAAE,KAAA,EAAO,IAAA,EAAM,QAAA,EAAU,IAAA,EAAM,KAAA,EAAO,IAAA,CAAK,EAAA,EAAG,EAAG,GAAG,MAAM,KAAK;AAAA,WACvE,CAAA;AAED,UAAA,OAAO,GAAA,CAAI,IAAA,CAAK,EAAE,OAAA,EAAS,MAAM,CAAA;AAAA,QAClC;AAAA;AACD;AACD,GACD;AACD;;;ACkEO,SAAS,uBAAA,CACf,KACA,MAAA,EAKoB;AACpB,EAAA,MAAM,EAAE,aAAA,EAAe,UAAA,EAAY,MAAA,EAAO,GAAI,MAAA;AAC9C,EAAA,MAAM,OAAA,GAAU,MAAA,CAAO,WAAA,IAAe,EAAC;AAGvC,EAAA,MAAM,eAAA,GAAkB,oBAAA,CAAqB,MAAA,CAAO,eAAe,CAAA;AAKnE,EAAA,MAAM,SAAA,GAAY,aAAA,CAAc,OAAA,CAAQ,GAAG,CAAA;AAC3C,EAAA,MAAM,SAAA,GAAgC;AAAA,IACrC,SAAS,MAAA,CAAO,OAAA;AAAA,IAChB,GAAG,MAAA,CAAO;AAAA,GACX;AACA,EAAA,MAAM,aAAA,GAAgB,wBAAA;AAAA,IACrB,MAAM,SAAA;AAAA,IACN;AAAA,GACD;AAGA,EAAA,MAAM,OAAA,GAAU,YAAA,CAAa,MAAA,EAAQ,OAAA,EAAS,eAAe,SAAS,CAAA;AAGtE,EAAA,MAAM,cAAA,GAA2B,CAAC,MAAA,CAAO,OAAO,CAAA;AAChD,EAAA,IAAI,OAAO,cAAA,EAAgB;AAC1B,IAAA,KAAA,MAAW,MAAA,IAAU,OAAO,cAAA,EAAgB;AAC3C,MAAA,IAAI,CAAC,cAAA,CAAe,QAAA,CAAS,MAAM,CAAA,EAAG;AACrC,QAAA,cAAA,CAAe,KAAK,MAAM,CAAA;AAAA,MAC3B;AAAA,IACD;AAAA,EACD;AAGA,EAAA,MAAM,iBAAA,GAAoB,MAAA,CAAO,KAAA,EAAO,iBAAA,IAAqB,aAAA,CAAc,iBAAA;AAG3E,EAAA,MAAM,OAAA,GAA6B;AAAA,IAClC,OAAA,EAAS,OAAO,OAAA,IAAW,aAAA;AAAA,IAC3B,SAAS,MAAA,CAAO,OAAA;AAAA,IAChB,QAAQ,MAAA,CAAO,MAAA;AAAA,IACf,cAAA;AAAA,IACA,QAAA,EAAU,SAAA;AAAA,IACV,gBAAA,EAAkB;AAAA,MACjB,OAAA,EAAS,QAAQ,aAAA,KAAkB,KAAA;AAAA,MACnC,wBAAA,EAA0B,IAAA;AAAA,MAC1B,iBAAA,EAAmB,CAAA;AAAA,MACnB,iBAAA,EAAmB,GAAA;AAAA,MACnB,mBAAmB,OAAO;AAAA,QACzB,IAAA;AAAA,QACA,GAAA;AAAA,QACA;AAAA,OACD,KAA6E;AAC5E,QAAA,MAAM,iBAAA,CAAkB,EAAE,IAAA,EAAM,GAAA,EAAK,OAAO,CAAA;AAAA,MAC7C,CAAA;AAAA,MACA,UAAA,EAAY;AAAA,KACb;AAAA;AAAA;AAAA,IAGA,SAAA,EAAW;AAAA,MACV,OAAA,EAAS,IAAA;AAAA,MACT,MAAA,EAAQ,EAAA;AAAA;AAAA,MACR,KAAK,WAAA,CAAY,OAAA;AAAA;AAAA,MACjB,WAAA,EAAa;AAAA,QACZ,YAAA,EAAc;AAAA,UACb,MAAA,EAAQ,EAAA;AAAA,UACR,KAAK,WAAA,CAAY;AAAA,SAClB;AAAA,QACA,YAAA,EAAc;AAAA,UACb,MAAA,EAAQ,EAAA;AAAA,UACR,KAAK,WAAA,CAAY;AAAA,SAClB;AAAA,QACA,kBAAA,EAAoB;AAAA,UACnB,MAAA,EAAQ,EAAA;AAAA,UACR,KAAK,WAAA,CAAY;AAAA,SAClB;AAAA,QACA,iBAAA,EAAmB;AAAA,UAClB,MAAA,EAAQ,EAAA;AAAA,UACR,KAAK,WAAA,CAAY;AAAA,SAClB;AAAA,QACA,cAAA,EAAgB;AAAA,UACf,MAAA,EAAQ,EAAA;AAAA,UACR,KAAK,WAAA,CAAY;AAAA,SAClB;AAAA,QACA,eAAA,EAAiB;AAAA,UAChB,MAAA,EAAQ,EAAA;AAAA,UACR,KAAK,WAAA,CAAY;AAAA,SAClB;AAAA,QACA,UAAA,EAAY;AAAA,UACX,MAAA,EAAQ,EAAA;AAAA,UACR,KAAK,WAAA,CAAY;AAAA;AAClB;AACD,KACD;AAAA,IACA,GAAI,eAAA,IAAmB,IAAA,IAAQ,EAAE,eAAA,EAAgB;AAAA,IACjD,OAAA,EAAS;AAAA;AAAA,MAER,MAAA,CAAO;AAAA,QACN,UAAA;AAAA;AAAA,QAEA,gCAAA,EAAkC;AAAA,OAClC,CAAA;AAAA,MACD,GAAG;AAAA,KACJ;AAAA;AAAA,IAEA,aAAA,EAAe,mBAAA,CAAoB,GAAA,EAAK,MAAA,CAAO,QAAQ,CAAA;AAAA;AAAA,IAEvD,GAAG,MAAA,CAAO;AAAA,GACX;AAEA,EAAA,OAAO,OAAA;AACR;AA8DA,SAAS,qBACR,SAAA,EACmD;AACnD,EAAA,IAAI,SAAA,IAAa,MAAM,OAAO,MAAA;AAE9B,EAAA,MAAM,OAAA,GAAU,MAAA,CAAO,OAAA,CAAQ,SAAS,CAAA;AACxC,EAAA,IAAI,OAAA,CAAQ,MAAA,KAAW,CAAA,EAAG,OAAO,MAAA;AAIjC,EAAA,MAAM,SAA+C,EAAC;AACtD,EAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,CAAA,IAAK,OAAA,EAAS;AACnC,IAAA,IAAI,SAAS,IAAA,EAAM;AAClB,MAAA,MAAA,CAAO,GAAG,CAAA,GAAI,KAAA;AAAA,IACf;AAAA,EACD;AAIA,EAAA,OAAO,MAAA;AACR;AASA,SAAS,2BACR,SAAA,EACkE;AAClE,EAAA,IAAI,SAAA,IAAa,MAAM,OAAO,MAAA;AAE9B,EAAA,MAAM,SAA8D,EAAC;AACrE,EAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,SAAS,CAAA,EAAG;AACrD,IAAA,IAAI,SAAS,IAAA,EAAM;AAClB,MAAA,MAAA,CAAO,GAAG,CAAA,GAAI;AAAA,QACb,OAAA,EAAS,MAAM,OAAA,KAAY,KAAA;AAAA,QAC3B,IAAA,EAAM;AAAA,OACP;AAAA,IACD;AAAA,EACD;AACA,EAAA,OAAO,OAAO,IAAA,CAAK,MAAM,CAAA,CAAE,MAAA,GAAS,IAAI,MAAA,GAAS,MAAA;AAClD;AAKA,SAAS,YAAA,CACR,MAAA,EACA,OAAA,EACA,aAAA,EACA,SAAA,EACqB;AACrB,EAAA,MAAM,OAAA,GAA8B;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAOnC,QAAA,EAAS;AAAA;AAAA,IAGT,aAAA,EAAc;AAAA;AAAA,IAGd,YAAA,CAAa;AAAA,MACZ,WAAA,EAAa,OAAA;AAAA,MACb,eAAA,EAAiB,0BAAA,CAA2B,MAAA,CAAO,eAAe,CAAA;AAAA,MAClE,QAAA,EAAU;AAAA,QACT,QAAA,EAAU,KAAA;AAAA;AAAA,QACV,MAAA,EAAQ,QAAQ,aAAA,KAAkB,KAAA;AAAA,QAClC,GAAA,EAAK,QAAQ,SAAA,KAAc,KAAA;AAAA,QAC3B,YAAA,EAAc;AAAA,OACf;AAAA,MACA,QAAA,EAAU;AAAA,QACT,gBAAA,EAAkB,QAAA;AAAA,QAClB,mBAAA,EAAqB,YAAA;AAAA,QACrB,iBAAA,EAAmB;AAAA;AACpB,KACA,CAAA;AAAA;AAAA,IAGD,YAAY,SAAS,CAAA;AAAA;AAAA,IAGrB,cAAA,EAAe;AAAA;AAAA,IAGf,4BAAA,EAA6B;AAAA;AAAA,IAG7B,aAAA,EAAc;AAAA;AAAA,IAGd,YAAA,EAAa;AAAA;AAAA,IAGb,WAAA,EAAY;AAAA;AAAA,IAGZ,YAAA,EAAa;AAAA;AAAA,IAGb,oBAAA,EAAqB;AAAA;AAAA,IAGrB,MAAA,EAAO;AAAA;AAAA,IAGP,QAAA;AAAS,GACV;AAKA,EAAA,IAAI,OAAA,CAAQ,cAAc,KAAA,EAAO;AAChC,IAAA,MAAM,qBAAA,GAAwB,MAAA,CAAO,KAAA,EAAO,aAAA,IAAiB,aAAA,CAAc,aAAA;AAC3E,IAAA,OAAA,CAAQ,IAAA;AAAA,MACP,SAAA,CAAU;AAAA,QACT,SAAA,EAAW,GAAA;AAAA,QACX,eAAe,OAAO;AAAA,UACrB,KAAA;AAAA,UACA,GAAA;AAAA,UACA;AAAA,SACD,KAAqD;AACpD,UAAA,MAAM,qBAAA,CAAsB,EAAE,KAAA,EAAO,GAAA,EAAK,OAAO,CAAA;AAAA,QAClD;AAAA,OACA;AAAA,KACF;AAAA,EACD;AAGA,EAAA,IAAI,OAAA,CAAQ,aAAa,KAAA,EAAO;AAC/B,IAAA,MAAM,eAAA,GAAkB,MAAA,CAAO,KAAA,EAAO,OAAA,IAAW,aAAA,CAAc,OAAA;AAC/D,IAAA,OAAA,CAAQ,IAAA;AAAA,MACP,QAAA,CAAS;AAAA,QACR,SAAA,EAAW,GAAA;AAAA,QACX,SAAA,EAAW,CAAA;AAAA,QACX,mBAAA,EAAqB,OAAO,EAAE,KAAA,EAAO,KAAI,KAAsC;AAC9E,UAAA,MAAM,eAAA,CAAgB,EAAE,KAAA,EAAO,GAAA,EAAK,CAAA;AAAA,QACrC;AAAA,OACA;AAAA,KACF;AAAA,EACD;AAEA,EAAA,IAAI,OAAA,CAAQ,cAAc,KAAA,EAAO;AAChC,IAAA,OAAA,CAAQ,IAAA;AAAA,MACP,SAAA,CAAU;AAAA,QACT,MAAA,EAAQ,OAAO,OAAA,IAAW,aAAA;AAAA,QAC1B,WAAA,EAAa;AAAA,UACZ,MAAA,EAAQ,CAAA;AAAA,UACR,UAAA,EAAY;AAAA;AACb,OACA;AAAA,KACF;AAAA,EACD;AAEA,EAAA,IAAI,OAAA,CAAQ,OAAA,KAAY,KAAA,IAAS,MAAA,CAAO,OAAA,EAAS;AAChD,IAAA,OAAA,CAAQ,IAAA;AAAA,MACP,OAAA,CAAQ;AAAA,QACP,IAAA,EAAM,OAAO,OAAA,CAAQ,IAAA;AAAA,QACrB,MAAA,EAAQ,OAAO,OAAA,CAAQ,MAAA;AAAA,QACvB,MAAA,EAAQ,OAAO,OAAA,CAAQ;AAAA,OACvB;AAAA,KACF;AAAA,EACD;AAEA,EAAA,IAAI,OAAA,CAAQ,cAAc,KAAA,EAAO;AAChC,IAAA,OAAA,CAAQ,IAAA,CAAK,WAAW,CAAA;AAAA,EACzB;AAEA,EAAA,IAAI,OAAA,CAAQ,iBAAiB,KAAA,EAAO;AACnC,IAAA,OAAA,CAAQ,IAAA,CAAK,cAAc,CAAA;AAAA,EAC5B;AAEA,EAAA,IAAI,OAAA,CAAQ,iBAAiB,KAAA,EAAO;AACnC,IAAA,OAAA,CAAQ,IAAA,CAAK,wBAAwB,CAAA;AAAA,EACtC;AAGA,EAAA,IAAI,OAAA,CAAQ,SAAS,KAAA,EAAO;AAC3B,IAAA,OAAA,CAAQ,IAAA;AAAA,MACP,IAAA,CAAK;AAAA,QACJ,cAAA,EAAgB;AAAA,OAChB;AAAA,KACF;AAAA,EACD;AAKA,EAAA,IAAI,OAAA,CAAQ,WAAW,KAAA,EAAO;AAC7B,IAAA,OAAA,CAAQ,IAAA,CAAK,QAAQ,CAAA;AAAA,EACtB;AAGA,EAAA,IAAI,OAAO,UAAA,EAAY;AACtB,IAAA,OAAA,CAAQ,IAAA,CAAK,gBAAA,CAAiB,MAAA,CAAO,UAAU,CAAC,CAAA;AAAA,EACjD;AAEA,EAAA,OAAO,OAAA;AACR;;;ACtwBA,IAAM,yBAAA,GAA4B;AAAA,EACjC,eAAA;AAAA,EACA,kCAAA;AAAA,EACA,oBAAA;AAAA,EACA;AACD,CAAA;AAEA,IAAM,4BAAA,GAA+B,CAAC,gBAAgB,CAAA;AAoBtD,SAAS,mBAAA,CAAoB,SAAkB,OAAA,EAAiB;AAC/D,EAAA,MAAM,QAAA,GAAW,IAAI,GAAA,CAAI,OAAA,CAAQ,GAAG,CAAA,CAAE,QAAA;AACtC,EAAA,MAAM,QAAA,GAAW,IAAI,GAAA,CAAI,OAAO,EAAE,QAAA,CAAS,OAAA,CAAQ,OAAO,EAAE,CAAA;AAC5D,EAAA,IAAI,aAAa,QAAA,EAAU;AAC1B,IAAA,OAAO,GAAA;AAAA,EACR;AACA,EAAA,IAAI,QAAA,CAAS,UAAA,CAAW,CAAA,EAAG,QAAQ,GAAG,CAAA,EAAG;AACxC,IAAA,OAAO,QAAA,CAAS,KAAA,CAAM,QAAA,CAAS,MAAM,CAAA;AAAA,EACtC;AACA,EAAA,OAAO,QAAA;AACR;AAEA,SAAS,aAAA,CAAc,QAAiB,OAAA,EAAiC;AACxE,EAAA,KAAA,MAAW,UAAU,OAAA,EAAS;AAC7B,IAAA,MAAA,CAAO,MAAA,CAAO,MAAA,CAAO,GAAA,EAAK,MAAA,CAAO,KAAK,CAAA;AAAA,EACvC;AACD;AAEA,SAAS,iBAAiB,OAAA,EAA0C;AACnE,EAAA,MAAM,aAAa,KAAA,CAAM,IAAA,CAAK,OAAA,CAAQ,OAAA,EAAS,CAAA,CAAE,GAAA,CAAI,CAAC,CAAC,KAAK,KAAK,CAAA,MAAO,EAAE,GAAA,EAAK,OAAM,CAAE,CAAA;AACvF,EAAA,MAAM,eAAgB,OAAA,CAAwD,YAAA;AAC9E,EAAA,IAAI,CAAC,YAAA,EAAc;AAClB,IAAA,OAAO,UAAA;AAAA,EACR;AACA,EAAA,MAAM,UAAA,GAAa,YAAA,CAAa,IAAA,CAAK,OAAO,CAAA;AAC5C,EAAA,IAAI,UAAA,CAAW,WAAW,CAAA,EAAG;AAC5B,IAAA,OAAO,UAAA;AAAA,EACR;AACA,EAAA,OAAO;AAAA,IACN,GAAG,WAAW,MAAA,CAAO,CAAC,WAAW,MAAA,CAAO,GAAA,CAAI,WAAA,EAAY,KAAM,YAAY,CAAA;AAAA,IAC1E,GAAG,WAAW,GAAA,CAAI,CAAC,WAAW,EAAE,GAAA,EAAK,YAAA,EAAc,KAAA,EAAM,CAAE;AAAA,GAC5D;AACD;AAEA,SAAS,gBAAgB,MAAA,EAAsC;AAC9D,EAAA,MAAM,qBAAqB,MAAA,CAAO,SAAA,EAAW,qBAC1C,EAAE,OAAA,EAAS,MAAK,GAChB,MAAA;AACH,EAAA,MAAM,wBAAA,GACL,OAAO,SAAA,EAAW,qBAAA,KAA0B,QACzC,EAAE,QAAA,EAAU,MAAK,GACjB,MAAA;AAEJ,EAAA,OAAO;AAAA,IACN,cAAA,EAAgB,CAAA;AAAA,IAChB,GAAI,kBAAA,GAAqB,EAAE,kBAAA,KAAuB,EAAC;AAAA,IACnD,GAAI,wBAAA,GAA2B,EAAE,wBAAA,KAA6B;AAAC,GAChE;AACD;AAEO,SAAS,0BAAA,GAA+C;AAC9D,EAAA,OAAO;AAAA,IACN,EAAA,EAAI,8BAAA;AAAA,IACJ,SAAA,EAAW,OAAO,OAAA,EAAS,GAAA,KAAQ;AAClC,MAAA,MAAM,YAAA,GAAe,mBAAA,CAAoB,OAAA,EAAS,GAAA,CAAI,OAAO,CAAA;AAC7D,MAAA,IAAI,yBAAA,CAA0B,QAAA,CAAS,YAA0D,CAAA,EAAG;AACnG,QAAA,OAAO,EAAE,UAAU,IAAI,QAAA,CAAS,aAAa,EAAE,MAAA,EAAQ,GAAA,EAAK,CAAA,EAAE;AAAA,MAC/D;AACA,MAAA,IACC,4BAAA,CAA6B,IAAA;AAAA,QAC5B,CAAC,WAAW,YAAA,KAAiB,MAAA,IAAU,aAAa,UAAA,CAAW,CAAA,EAAG,MAAM,CAAA,CAAA,CAAG;AAAA,OAC5E,EACC;AACD,QAAA,OAAO,EAAE,UAAU,IAAI,QAAA,CAAS,aAAa,EAAE,MAAA,EAAQ,GAAA,EAAK,CAAA,EAAE;AAAA,MAC/D;AACA,MAAA,OAAO,MAAA;AAAA,IACR;AAAA,GACD;AACD;AAEO,SAAS,2BAAA,CACf,KACA,MAAA,EAKC;AACD,EAAA,MAAM,WAAA,GAAc,uBAAA,CAAwB,GAAA,EAAK,MAAM,CAAA;AACvD,EAAA,MAAM,OAAA,GAAU,CAAC,GAAI,WAAA,CAAY,WAAW,EAAC,EAAI,4BAA4B,CAAA;AAE7E,EAAA,IAAI,MAAA,CAAO,MAAA,CAAO,WAAA,EAAa,GAAA,KAAQ,KAAA,EAAO;AAC7C,IAAA,OAAA,CAAQ,KAAK,GAAA,CAAI,eAAA,CAAgB,MAAA,CAAO,MAAM,CAAC,CAAC,CAAA;AAAA,EACjD;AAEA,EAAA,OAAO;AAAA,IACN,GAAG,WAAA;AAAA,IACH,eAAe,KAAA,CAAM,IAAA;AAAA,sBACpB,IAAI,GAAA,CAAI,CAAC,GAAI,WAAA,CAAY,iBAAiB,EAAC,EAAI,GAAG,yBAAyB,CAAC;AAAA,KAC7E;AAAA,IACA;AAAA,GACD;AACD;AAEO,SAAS,oBAAA,CACf,KACA,MAAA,EAKiB;AACjB,EAAA,OAAOa,UAAAA,CAAW,2BAAA,CAA4B,GAAA,EAAK,MAAM,CAAC,CAAA;AAC3D;AAEA,SAAS,cAAc,UAAA,EAAmC;AACzD,EAAA,MAAM,OAAA,GAAU,IAAI,OAAA,EAAQ;AAC5B,EAAA,aAAA,CAAc,OAAA,EAAS,WAAW,OAAO,CAAA;AACzC,EAAA,MAAM,OAAA,GAAU,WAAW,IAAA,KAAS,IAAA,IAAQ,WAAW,MAAA,KAAW,KAAA,IAAS,WAAW,MAAA,KAAW,MAAA;AACjG,EAAA,OAAO,IAAI,OAAA,CAAQ,UAAA,CAAW,GAAA,EAAK;AAAA,IAClC,QAAQ,UAAA,CAAW,MAAA;AAAA,IACnB,OAAA;AAAA,IACA,IAAA,EAAM,OAAA,GAAU,UAAA,CAAW,IAAA,GAAO;AAAA,GAClC,CAAA;AACF;AAEA,eAAe,kBAAkB,QAAA,EAAqD;AACrF,EAAA,OAAO;AAAA,IACN,QAAQ,QAAA,CAAS,MAAA;AAAA,IACjB,OAAA,EAAS,gBAAA,CAAiB,QAAA,CAAS,OAAO,CAAA;AAAA,IAC1C,MAAM,QAAA,CAAS,IAAA,KAAS,OAAO,IAAA,GAAO,MAAM,SAAS,IAAA;AAAK,GAC3D;AACD;AAEO,SAAS,wBAAwB,UAAA,EAAoC;AAC3E,EAAA,MAAM,OAAA,GAAU,IAAI,OAAA,EAAQ;AAC5B,EAAA,aAAA,CAAc,OAAA,EAAS,WAAW,OAAO,CAAA;AACzC,EAAA,OAAO,IAAI,QAAA,CAAS,UAAA,CAAW,IAAA,EAAM;AAAA,IACpC,QAAQ,UAAA,CAAW,MAAA;AAAA,IACnB;AAAA,GACA,CAAA;AACF;AAEA,eAAsB,2BAAA,CACrB,GAAA,EACA,UAAA,EACA,UAAA,EACC;AACD,EAAA,MAAM,IAAA,GAAO,WAAW,GAAG,CAAA;AAC3B,EAAA,MAAM,WAAW,MAAM,IAAA,CAAK,OAAA,CAAQ,aAAA,CAAc,UAAU,CAAC,CAAA;AAC7D,EAAA,OAAO,MAAM,kBAAkB,QAAQ,CAAA;AACxC","file":"node.js","sourcesContent":["/**\n * Convex trigger system for Banata Auth lifecycle events.\n *\n * Triggers allow consumers to run custom logic when auth-related\n * events occur (user created, user updated, session created, etc.).\n * These are modeled after Convex's trigger pattern.\n *\n * @example\n * ```ts\n * import { defineBanataAuthTriggers } from \"@banata-auth/convex/triggers\";\n *\n * export const triggers = defineBanataAuthTriggers({\n * onUserCreated: async (ctx, user) => {\n * // Send welcome email, create default org, etc.\n * console.log(\"New user:\", user.email);\n * },\n * onUserUpdated: async (ctx, { oldUser, newUser }) => {\n * // Sync user data to external systems\n * },\n * onSessionCreated: async (ctx, session) => {\n * // Log sign-in event\n * },\n * });\n * ```\n */\n\nimport type { GenericCtx } from \"@convex-dev/better-auth/utils\";\nimport type { FunctionReference, GenericDataModel } from \"convex/server\";\n\n// ─── Trigger Event Types ────────────────────────────────────────────\n\n/** Structured metadata for trigger data. */\nexport type TriggerMetadata = Record<string, string | number | boolean | null>;\n\nexport interface TriggerUser {\n\t_id: string;\n\tname: string;\n\temail: string;\n\temailVerified: boolean;\n\timage?: string;\n\tusername?: string;\n\trole?: string;\n\tbanned?: boolean;\n\ttwoFactorEnabled?: boolean;\n\tisAnonymous?: boolean;\n\tmetadata?: TriggerMetadata;\n\tcreatedAt: number;\n\tupdatedAt: number;\n}\n\nexport interface TriggerSession {\n\t_id: string;\n\tuserId: string;\n\texpiresAt: number;\n\tipAddress?: string;\n\tuserAgent?: string;\n\tactiveOrganizationId?: string;\n\timpersonatedBy?: string;\n\tcreatedAt: number;\n\tupdatedAt: number;\n}\n\nexport interface TriggerOrganization {\n\t_id: string;\n\tname: string;\n\tslug: string;\n\tlogo?: string;\n\tmetadata?: TriggerMetadata;\n\tcreatedAt: number;\n\tupdatedAt: number;\n}\n\nexport interface TriggerMember {\n\t_id: string;\n\torganizationId: string;\n\tuserId: string;\n\trole: string;\n\tcreatedAt: number;\n\tupdatedAt: number;\n}\n\n// ─── Trigger Handler Types ──────────────────────────────────────────\n\n/**\n * Context provided to trigger handlers.\n * This is a subset of the Convex mutation context, fully typed.\n */\nexport interface TriggerContext {\n\t/** Run a Convex query. */\n\trunQuery: <Args extends Record<string, unknown>, Output>(\n\t\tquery: FunctionReference<\"query\", \"public\" | \"internal\", Args, Output>,\n\t\targs: Args,\n\t) => Promise<Output>;\n\t/** Run a Convex mutation. */\n\trunMutation: <Args extends Record<string, unknown>, Output>(\n\t\tmutation: FunctionReference<\"mutation\", \"public\" | \"internal\", Args, Output>,\n\t\targs: Args,\n\t) => Promise<Output>;\n\t/** Run a Convex action. */\n\trunAction: <Args extends Record<string, unknown>, Output>(\n\t\taction: FunctionReference<\"action\", \"public\" | \"internal\", Args, Output>,\n\t\targs: Args,\n\t) => Promise<Output>;\n\t/** Schedule a function to run later. */\n\tscheduler: {\n\t\trunAfter: <Args extends Record<string, unknown>>(\n\t\t\tdelayMs: number,\n\t\t\tfn: FunctionReference<\"mutation\" | \"action\", \"public\" | \"internal\", Args>,\n\t\t\targs: Args,\n\t\t) => Promise<string>;\n\t\trunAt: <Args extends Record<string, unknown>>(\n\t\t\ttimestamp: number,\n\t\t\tfn: FunctionReference<\"mutation\" | \"action\", \"public\" | \"internal\", Args>,\n\t\t\targs: Args,\n\t\t) => Promise<string>;\n\t};\n}\n\nexport interface BanataAuthTriggers {\n\t/** Fired when a new user is created (sign-up, OAuth first login, SCIM provisioning). */\n\tonUserCreated?: (ctx: TriggerContext, user: TriggerUser) => Promise<void>;\n\n\t/** Fired when a user is updated (profile change, role change, ban/unban). */\n\tonUserUpdated?: (\n\t\tctx: TriggerContext,\n\t\tdata: { oldUser: TriggerUser; newUser: TriggerUser },\n\t) => Promise<void>;\n\n\t/** Fired when a user is deleted. */\n\tonUserDeleted?: (ctx: TriggerContext, user: TriggerUser) => Promise<void>;\n\n\t/** Fired when a new session is created (sign-in). */\n\tonSessionCreated?: (ctx: TriggerContext, session: TriggerSession) => Promise<void>;\n\n\t/** Fired when a session is revoked (sign-out). */\n\tonSessionRevoked?: (ctx: TriggerContext, session: TriggerSession) => Promise<void>;\n\n\t/** Fired when an organization is created. */\n\tonOrganizationCreated?: (ctx: TriggerContext, org: TriggerOrganization) => Promise<void>;\n\n\t/** Fired when an organization is updated. */\n\tonOrganizationUpdated?: (\n\t\tctx: TriggerContext,\n\t\tdata: { oldOrg: TriggerOrganization; newOrg: TriggerOrganization },\n\t) => Promise<void>;\n\n\t/** Fired when an organization is deleted. */\n\tonOrganizationDeleted?: (ctx: TriggerContext, org: TriggerOrganization) => Promise<void>;\n\n\t/** Fired when a member is added to an organization. */\n\tonMemberAdded?: (ctx: TriggerContext, member: TriggerMember) => Promise<void>;\n\n\t/** Fired when a member is removed from an organization. */\n\tonMemberRemoved?: (ctx: TriggerContext, member: TriggerMember) => Promise<void>;\n\n\t/** Fired when a member's role changes. */\n\tonMemberRoleChanged?: (\n\t\tctx: TriggerContext,\n\t\tdata: { member: TriggerMember; oldRole: string; newRole: string },\n\t) => Promise<void>;\n\n\t/** Fired when email verification completes. */\n\tonEmailVerified?: (ctx: TriggerContext, user: TriggerUser) => Promise<void>;\n\n\t/** Fired when two-factor auth is enabled for a user. */\n\tonTwoFactorEnabled?: (ctx: TriggerContext, user: TriggerUser) => Promise<void>;\n\n\t/** Fired when two-factor auth is disabled for a user. */\n\tonTwoFactorDisabled?: (ctx: TriggerContext, user: TriggerUser) => Promise<void>;\n}\n\n// ─── Trigger Registration ───────────────────────────────────────────\n\n/**\n * Define lifecycle triggers for Banata Auth events.\n *\n * This function validates and returns the trigger configuration\n * that will be used by the Banata Auth component to fire lifecycle hooks.\n *\n * @param triggers - The trigger handlers to register\n * @returns The validated trigger configuration\n */\nexport function defineBanataAuthTriggers(triggers: BanataAuthTriggers): BanataAuthTriggers {\n\treturn triggers;\n}\n\n/**\n * Execute a trigger handler safely.\n *\n * This wraps trigger execution with error handling so that a failing\n * trigger doesn't break the auth flow. Errors are logged but not thrown.\n *\n * @internal\n */\nexport async function executeTrigger<T>(\n\ttriggerName: string,\n\thandler: ((ctx: TriggerContext, data: T) => Promise<void>) | undefined,\n\tctx: TriggerContext,\n\tdata: T,\n): Promise<void> {\n\tif (!handler) return;\n\n\ttry {\n\t\tawait handler(ctx, data);\n\t} catch (error) {\n\t\t// Log but don't throw — triggers should not break auth flows\n\t\tconsole.error(\n\t\t\t`[BanataAuth] Trigger \"${triggerName}\" failed:`,\n\t\t\terror instanceof Error ? error.message : String(error),\n\t\t);\n\t}\n}\n\n/**\n * Create a TriggerContext from a Convex GenericCtx.\n *\n * This adapts the Convex function context to the trigger context shape\n * expected by trigger handlers.\n *\n * @internal\n */\nexport function createTriggerContext(ctx: GenericCtx<GenericDataModel>): TriggerContext {\n\t// The GenericCtx union (query | mutation | action) doesn't guarantee all\n\t// methods exist. We cast to the widest shape — at runtime, the actual\n\t// context will have the right methods based on the calling function type.\n\tconst ctxRecord = ctx as unknown as Record<string, unknown>;\n\n\treturn {\n\t\trunQuery: (ctxRecord.runQuery ?? noop) as TriggerContext[\"runQuery\"],\n\t\trunMutation: (ctxRecord.runMutation ?? noop) as TriggerContext[\"runMutation\"],\n\t\trunAction: (ctxRecord.runAction ?? noop) as TriggerContext[\"runAction\"],\n\t\tscheduler: (ctxRecord.scheduler ?? {\n\t\t\trunAfter: noop,\n\t\t\trunAt: noop,\n\t\t}) as TriggerContext[\"scheduler\"],\n\t};\n}\n\nasync function noop(): Promise<never> {\n\tthrow new Error(\n\t\t\"[BanataAuth] This context method is not available in the current function type.\",\n\t);\n}\n","/**\n * Bridge between Banata Auth triggers and Better Auth's databaseHooks.\n *\n * Better Auth provides databaseHooks that fire when database operations occur.\n * This module converts BanataAuthTriggers into the databaseHooks format.\n *\n * @see https://www.better-auth.com/docs/concepts/database-hooks\n */\n\nimport type { GenericCtx } from \"@convex-dev/better-auth/utils\";\nimport type { BetterAuthOptions } from \"better-auth\";\nimport type { GenericDataModel } from \"convex/server\";\nimport type {\n\tBanataAuthTriggers,\n\tTriggerMember,\n\tTriggerOrganization,\n\tTriggerSession,\n\tTriggerUser,\n} from \"./triggers\";\nimport { createTriggerContext, executeTrigger } from \"./triggers\";\n\n// ─── Database Hook Record Types ─────────────────────────────────────\n// Better Auth passes raw database records to hook callbacks.\n// We type these as Record<string, unknown> and map them through\n// the trigger conversion functions for safety.\n\n/**\n * Map a raw database record to a TriggerUser shape.\n */\nfunction toTriggerUser(record: Record<string, unknown>): TriggerUser {\n\treturn {\n\t\t_id: String(record.id ?? record._id ?? \"\"),\n\t\tname: String(record.name ?? \"\"),\n\t\temail: String(record.email ?? \"\"),\n\t\temailVerified: Boolean(record.emailVerified),\n\t\timage: record.image as string | undefined,\n\t\tusername: record.username as string | undefined,\n\t\trole: record.role as string | undefined,\n\t\tbanned: record.banned as boolean | undefined,\n\t\ttwoFactorEnabled: record.twoFactorEnabled as boolean | undefined,\n\t\tisAnonymous: record.isAnonymous as boolean | undefined,\n\t\tmetadata: record.metadata as TriggerUser[\"metadata\"],\n\t\tcreatedAt: Number(record.createdAt ?? Date.now()),\n\t\tupdatedAt: Number(record.updatedAt ?? Date.now()),\n\t};\n}\n\n/**\n * Map a raw database record to a TriggerSession shape.\n */\nfunction toTriggerSession(record: Record<string, unknown>): TriggerSession {\n\treturn {\n\t\t_id: String(record.id ?? record._id ?? \"\"),\n\t\tuserId: String(record.userId ?? \"\"),\n\t\texpiresAt: Number(record.expiresAt ?? 0),\n\t\tipAddress: record.ipAddress as string | undefined,\n\t\tuserAgent: record.userAgent as string | undefined,\n\t\tactiveOrganizationId: record.activeOrganizationId as string | undefined,\n\t\timpersonatedBy: record.impersonatedBy as string | undefined,\n\t\tcreatedAt: Number(record.createdAt ?? Date.now()),\n\t\tupdatedAt: Number(record.updatedAt ?? Date.now()),\n\t};\n}\n\n/**\n * Map a raw database record to a TriggerOrganization shape.\n */\nfunction toTriggerOrganization(record: Record<string, unknown>): TriggerOrganization {\n\treturn {\n\t\t_id: String(record.id ?? record._id ?? \"\"),\n\t\tname: String(record.name ?? \"\"),\n\t\tslug: String(record.slug ?? \"\"),\n\t\tlogo: record.logo as string | undefined,\n\t\tmetadata: record.metadata as TriggerOrganization[\"metadata\"],\n\t\tcreatedAt: Number(record.createdAt ?? Date.now()),\n\t\tupdatedAt: Number(record.updatedAt ?? Date.now()),\n\t};\n}\n\n/**\n * Map a raw database record to a TriggerMember shape.\n */\nfunction toTriggerMember(record: Record<string, unknown>): TriggerMember {\n\treturn {\n\t\t_id: String(record.id ?? record._id ?? \"\"),\n\t\torganizationId: String(record.organizationId ?? \"\"),\n\t\tuserId: String(record.userId ?? \"\"),\n\t\trole: String(record.role ?? \"\"),\n\t\tcreatedAt: Number(record.createdAt ?? Date.now()),\n\t\tupdatedAt: Number(record.updatedAt ?? Date.now()),\n\t};\n}\n\n/**\n * Safely convert a hook callback argument to a Record<string, unknown>.\n *\n * Better Auth's databaseHooks pass the raw database record as the\n * callback argument. The exact shape depends on the table/model.\n * We normalize it to Record<string, unknown> for safe access.\n */\nfunction toRecord(value: unknown): Record<string, unknown> {\n\tif (typeof value === \"object\" && value !== null) {\n\t\treturn value as Record<string, unknown>;\n\t}\n\treturn {};\n}\n\n// ─── Hook Builder Types ─────────────────────────────────────────────\n// Better Auth's databaseHooks type is:\n// { [model: string]: { create?: { after?; before? }; update?: { after?; before? } } }\n// The callback signature is (record: T) => void | Promise<void>\n// where T depends on the model. Since these are runtime records from\n// the database adapter, we accept `unknown` and normalize.\n\ninterface ModelHookCallbacks {\n\tcreate?: {\n\t\tafter?: (record: unknown) => Promise<void>;\n\t};\n\tupdate?: {\n\t\tafter?: (record: unknown) => Promise<void>;\n\t};\n}\n\ninterface DatabaseHooksMap {\n\tuser: ModelHookCallbacks;\n\tsession: ModelHookCallbacks;\n\torganization: ModelHookCallbacks;\n\tmember: ModelHookCallbacks;\n}\n\n/**\n * Create Better Auth databaseHooks from Banata Auth triggers.\n *\n * This bridges the two systems: when Better Auth fires a database hook\n * (e.g., after creating a user), the corresponding trigger handler is\n * invoked with a properly typed TriggerContext.\n *\n * @param ctx - Convex function context (for creating TriggerContext)\n * @param triggers - The registered trigger handlers\n * @returns BetterAuthOptions[\"databaseHooks\"] compatible object\n */\nexport function createDatabaseHooks(\n\tctx: GenericCtx<GenericDataModel>,\n\ttriggers: BanataAuthTriggers | undefined,\n): BetterAuthOptions[\"databaseHooks\"] {\n\tif (!triggers) return undefined;\n\n\tconst triggerCtx = createTriggerContext(ctx);\n\n\tconst hooks: DatabaseHooksMap = {\n\t\tuser: {\n\t\t\tcreate: {\n\t\t\t\tafter: async (record: unknown) => {\n\t\t\t\t\tawait executeTrigger(\n\t\t\t\t\t\t\"onUserCreated\",\n\t\t\t\t\t\ttriggers.onUserCreated,\n\t\t\t\t\t\ttriggerCtx,\n\t\t\t\t\t\ttoTriggerUser(toRecord(record)),\n\t\t\t\t\t);\n\t\t\t\t},\n\t\t\t},\n\t\t\tupdate: {\n\t\t\t\tafter: async (record: unknown) => {\n\t\t\t\t\t// Better Auth's update hook doesn't provide oldUser,\n\t\t\t\t\t// so we pass the updated user for both old and new.\n\t\t\t\t\t// Consumers who need the old value should use Convex triggers directly.\n\t\t\t\t\tconst triggerUser = toTriggerUser(toRecord(record));\n\t\t\t\t\tawait executeTrigger(\"onUserUpdated\", triggers.onUserUpdated, triggerCtx, {\n\t\t\t\t\t\toldUser: triggerUser,\n\t\t\t\t\t\tnewUser: triggerUser,\n\t\t\t\t\t});\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\t\tsession: {\n\t\t\tcreate: {\n\t\t\t\tafter: async (record: unknown) => {\n\t\t\t\t\tawait executeTrigger(\n\t\t\t\t\t\t\"onSessionCreated\",\n\t\t\t\t\t\ttriggers.onSessionCreated,\n\t\t\t\t\t\ttriggerCtx,\n\t\t\t\t\t\ttoTriggerSession(toRecord(record)),\n\t\t\t\t\t);\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\t\torganization: {\n\t\t\tcreate: {\n\t\t\t\tafter: async (record: unknown) => {\n\t\t\t\t\tawait executeTrigger(\n\t\t\t\t\t\t\"onOrganizationCreated\",\n\t\t\t\t\t\ttriggers.onOrganizationCreated,\n\t\t\t\t\t\ttriggerCtx,\n\t\t\t\t\t\ttoTriggerOrganization(toRecord(record)),\n\t\t\t\t\t);\n\t\t\t\t},\n\t\t\t},\n\t\t\tupdate: {\n\t\t\t\tafter: async (record: unknown) => {\n\t\t\t\t\tconst triggerOrg = toTriggerOrganization(toRecord(record));\n\t\t\t\t\tawait executeTrigger(\n\t\t\t\t\t\t\"onOrganizationUpdated\",\n\t\t\t\t\t\ttriggers.onOrganizationUpdated,\n\t\t\t\t\t\ttriggerCtx,\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\toldOrg: triggerOrg,\n\t\t\t\t\t\t\tnewOrg: triggerOrg,\n\t\t\t\t\t\t},\n\t\t\t\t\t);\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\t\tmember: {\n\t\t\tcreate: {\n\t\t\t\tafter: async (record: unknown) => {\n\t\t\t\t\tawait executeTrigger(\n\t\t\t\t\t\t\"onMemberAdded\",\n\t\t\t\t\t\ttriggers.onMemberAdded,\n\t\t\t\t\t\ttriggerCtx,\n\t\t\t\t\t\ttoTriggerMember(toRecord(record)),\n\t\t\t\t\t);\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\t};\n\n\t// Cast through unknown to satisfy BetterAuthOptions[\"databaseHooks\"]\n\t// which uses a mapped type over all model names. Our hooks object\n\t// provides the correct runtime structure but TypeScript cannot verify\n\t// the mapped type statically without importing internal BA types.\n\treturn hooks as unknown as BetterAuthOptions[\"databaseHooks\"];\n}\n","/**\n * Shared type definitions for Banata Auth plugins.\n *\n * These types provide type-safe interfaces for the Better Auth plugin system,\n * replacing raw `any` usage throughout the plugin codebase.\n *\n * Better Auth's plugin system uses `better-call` endpoints under the hood.\n * The handler context (`EndpointContext`) includes the full `AuthContext` which\n * contains the database adapter, session info, and more.\n *\n * @see https://www.better-auth.com/docs/plugins/custom-plugin\n */\n\nimport type { BetterAuthOptions } from \"better-auth\";\nimport { z } from \"zod\";\n\n// ─── Database Adapter Types ────────────────────────────────────────\n// These mirror better-auth's DBAdapter interface with narrower types\n// to avoid importing internal types that may not be stable.\n\n/**\n * Where clause for database queries.\n * Matches Better Auth's Where type from @better-auth/core/dist/db/adapter.\n */\nexport interface WhereClause {\n\tfield: string;\n\tvalue: string | number | boolean | string[] | number[] | Date | null;\n\toperator?:\n\t\t| \"eq\"\n\t\t| \"ne\"\n\t\t| \"lt\"\n\t\t| \"lte\"\n\t\t| \"gt\"\n\t\t| \"gte\"\n\t\t| \"in\"\n\t\t| \"not_in\"\n\t\t| \"contains\"\n\t\t| \"starts_with\"\n\t\t| \"ends_with\";\n\tconnector?: \"AND\" | \"OR\";\n}\n\n/**\n * Sort specification for database queries.\n */\nexport interface SortBy {\n\tfield: string;\n\tdirection: \"asc\" | \"desc\";\n}\n\n/**\n * Typed subset of Better Auth's DBAdapter.\n *\n * This represents the adapter available on `ctx.context.adapter`.\n * We use generic `Record<string, unknown>` for data instead of `any`.\n */\nexport interface PluginDBAdapter {\n\tcreate: <T extends Record<string, unknown> = Record<string, unknown>>(data: {\n\t\tmodel: string;\n\t\tdata: Record<string, unknown>;\n\t\tselect?: string[];\n\t\tforceAllowId?: boolean;\n\t}) => Promise<T>;\n\n\tfindOne: <T = Record<string, unknown>>(data: {\n\t\tmodel: string;\n\t\twhere: WhereClause[];\n\t\tselect?: string[];\n\t}) => Promise<T | null>;\n\n\tfindMany: <T = Record<string, unknown>>(data: {\n\t\tmodel: string;\n\t\twhere?: WhereClause[];\n\t\tlimit?: number;\n\t\tselect?: string[];\n\t\tsortBy?: SortBy;\n\t\toffset?: number;\n\t}) => Promise<T[]>;\n\n\tupdate: <T = Record<string, unknown>>(data: {\n\t\tmodel: string;\n\t\twhere: WhereClause[];\n\t\tupdate: Record<string, unknown>;\n\t}) => Promise<T | null>;\n\n\tdelete: (data: {\n\t\tmodel: string;\n\t\twhere: WhereClause[];\n\t}) => Promise<void>;\n\n\tdeleteMany: (data: {\n\t\tmodel: string;\n\t\twhere: WhereClause[];\n\t}) => Promise<number>;\n\n\tcount: (data: {\n\t\tmodel: string;\n\t\twhere?: WhereClause[];\n\t}) => Promise<number>;\n}\n\n// ─── Session Types ──────────────────────────────────────────────────\n\n/**\n * Shape of a user record from the session context.\n */\nexport interface SessionUser {\n\tid: string;\n\temail: string;\n\tname: string;\n\temailVerified: boolean;\n\timage?: string | null;\n\trole?: string;\n\tbanned?: boolean;\n\t[key: string]: unknown;\n}\n\n/**\n * Shape of a session record from the session context.\n */\nexport interface SessionRecord {\n\tid: string;\n\tuserId: string;\n\ttoken: string;\n\texpiresAt: number | Date;\n\tipAddress?: string | null;\n\tuserAgent?: string | null;\n\tactiveOrganizationId?: string | null;\n\timpersonatedBy?: string | null;\n\tcreatedAt: number | Date;\n\tupdatedAt: number | Date;\n\t[key: string]: unknown;\n}\n\n// ─── Plugin Endpoint Context ────────────────────────────────────────\n\n/**\n * The AuthContext subset available on `ctx.context` in endpoint handlers.\n *\n * This is a narrowed version of Better Auth's full AuthContext, including\n * only the fields typically used by custom plugins.\n */\nexport interface PluginAuthContext {\n\tadapter: PluginDBAdapter;\n\tsession: {\n\t\tsession: SessionRecord;\n\t\tuser: SessionUser;\n\t} | null;\n\toptions: BetterAuthOptions;\n\tsecret: string;\n\tbaseURL: string;\n\tappName: string;\n\tgenerateId: (options: { model: string; size?: number }) => string | false;\n}\n\n/**\n * The full endpoint handler context for plugin endpoints.\n *\n * This is the `ctx` parameter received by endpoint handlers registered\n * in a BetterAuthPlugin's `endpoints` object.\n */\nexport interface PluginEndpointContext<TBody = Record<string, unknown>> {\n\t/** Parsed and validated request body */\n\tbody: TBody;\n\t/** Request query parameters */\n\tquery: Record<string, string | undefined>;\n\t/** Request headers */\n\theaders: Headers | undefined;\n\t/** The auth context containing adapter, session, etc. */\n\tcontext: PluginAuthContext;\n\t/** Return a JSON response */\n\tjson: <R extends Record<string, unknown> | null>(\n\t\tdata: R,\n\t\toptions?: { status?: number; headers?: Record<string, string> } | Response,\n\t) => Promise<R>;\n\t/** Return an error response */\n\terror: (\n\t\tstatus: number | string,\n\t\tbody?: { message?: string; code?: string } & Record<string, unknown>,\n\t\theaders?: Record<string, string>,\n\t) => Error;\n\t/** The request path */\n\tpath: string;\n\t/** The request object */\n\trequest: Request | undefined;\n\t/** Get a request header */\n\tgetHeader: (key: string) => string | null;\n}\n\n// ─── Hook Types ─────────────────────────────────────────────────────\n\n/**\n * Context passed to plugin hook matchers and handlers.\n */\nexport interface PluginHookContext {\n\tpath?: string;\n\tcontext: PluginAuthContext & {\n\t\treturned?: unknown;\n\t\tresponseHeaders?: Headers;\n\t};\n\theaders?: Headers;\n\tbody?: Record<string, unknown>;\n\tquery?: Record<string, string | undefined>;\n}\n\n// ─── Database Record Types ──────────────────────────────────────────\n// Typed shapes for database rows used across plugins.\n\n/**\n * Row shape for the `auditEvent` table.\n *\n * Index signature allows these types to satisfy Record<string, unknown>\n * which is required by Better Auth's DBAdapter generic constraints.\n */\nexport interface AuditEventRow extends Record<string, unknown> {\n\tid: string;\n\taction: string;\n\tversion: number | null;\n\tactorType: string;\n\tactorId: string;\n\tactorName: string | null;\n\tactorEmail: string | null;\n\t/** JSON-serialized Record<string, string> */\n\tactorMetadata: string | null;\n\ttargets: string | null;\n\torganizationId: string | null;\n\tipAddress: string | null;\n\tuserAgent: string | null;\n\trequestId: string | null;\n\tchanges: string | null;\n\tidempotencyKey: string | null;\n\t/** JSON-serialized Record<string, string> */\n\tmetadata: string | null;\n\toccurredAt: number;\n\tcreatedAt: number;\n}\n\n/**\n * Row shape for the `webhookEndpoint` table.\n */\nexport interface WebhookEndpointRow extends Record<string, unknown> {\n\tid: string;\n\turl: string;\n\tsecret: string;\n\teventTypes: string | null;\n\tenabled: boolean;\n\tsuccessCount: number | null;\n\tfailureCount: number | null;\n\tconsecutiveFailures: number | null;\n\tlastDeliveryAt: number | null;\n\tlastDeliveryStatus: string | null;\n\tcreatedAt: number;\n\tupdatedAt: number;\n}\n\n/**\n * Row shape for the `webhookDelivery` table.\n */\nexport interface WebhookDeliveryRow extends Record<string, unknown> {\n\tid: string;\n\tendpointId: string;\n\teventType: string;\n\tpayload: string;\n\tattempt: number;\n\tmaxAttempts: number;\n\tstatus: \"pending\" | \"success\" | \"failed\" | \"retrying\";\n\thttpStatus: number | null;\n\tresponseBody: string | null;\n\terrorMessage: string | null;\n\tnextRetryAt: number | null;\n\tdeliveredAt: number | null;\n\tcreatedAt: number;\n}\n\n/**\n * Row shape for the `roleDefinition` table.\n */\nexport interface RoleDefinitionRow extends Record<string, unknown> {\n\tid: string;\n\tname: string;\n\tslug: string;\n\tdescription: string | null;\n\tpermissions: string | null; // JSON stringified array\n\tisDefault: boolean | null;\n\tcreatedAt: number;\n\tupdatedAt: number;\n}\n\n/**\n * Row shape for the `permissionDefinition` table.\n */\nexport interface PermissionDefinitionRow extends Record<string, unknown> {\n\tid: string;\n\tname: string;\n\tslug: string;\n\tdescription: string | null;\n\tcreatedAt: number;\n\tupdatedAt: number;\n}\n\n/**\n * Row shape for the `brandingConfig` table.\n */\nexport interface BrandingConfigRow extends Record<string, unknown> {\n\tid: string;\n\tprimaryColor: string | null;\n\tbgColor: string | null;\n\tborderRadius: number | null;\n\tdarkMode: boolean | null;\n\tcustomCss: string | null;\n\tfont: string | null;\n\tlogoUrl: string | null;\n\tcreatedAt: number;\n\tupdatedAt: number;\n}\n\n/**\n * Row shape for the `emailTemplate` table.\n */\nexport interface EmailTemplateRow extends Record<string, unknown> {\n\tid: string;\n\tname: string;\n\tslug: string;\n\tsubject: string;\n\tpreviewText: string | null;\n\tcategory: string;\n\tdescription: string | null;\n\t/** JSON-serialized EmailBlock[] array. */\n\tblocksJson: string;\n\t/** JSON-serialized EmailTemplateVariable[] array. */\n\tvariablesJson: string | null;\n\tbuiltIn: boolean | null;\n\tbuiltInType: string | null;\n\tcreatedAt: number;\n\tupdatedAt: number;\n}\n\n/**\n * Row shape for the `emailConfig` table.\n */\nexport interface EmailConfigRow extends Record<string, unknown> {\n\tid: string;\n\temailType: string;\n\tname: string;\n\tdescription: string | null;\n\tenabled: boolean;\n\tcategory: string;\n\tcreatedAt: number;\n\tupdatedAt: number;\n}\n\n/**\n * Row shape for the `dashboardConfig` table.\n * Singleton row pattern: at most one row exists.\n * Stores JSON-serialized partial dashboard config overrides.\n */\nexport interface DashboardConfigRow extends Record<string, unknown> {\n\tid: string;\n\t/** JSON-serialized partial dashboard config overrides */\n\tconfigJson: string;\n\tcreatedAt: number;\n\tupdatedAt: number;\n}\n\n/**\n * Row shape for the `domainConfig` table.\n */\nexport interface DomainConfigRow extends Record<string, unknown> {\n\tid: string;\n\tdomainKey: string;\n\ttitle: string;\n\tdescription: string | null;\n\tvalue: string;\n\tisDefault: boolean | null;\n\tcreatedAt: number;\n\tupdatedAt: number;\n}\n\n/**\n * Row shape for the `redirectConfig` table.\n * Singleton row with JSON-serialized redirect settings.\n */\nexport interface RedirectConfigRow extends Record<string, unknown> {\n\tid: string;\n\tconfigJson: string;\n\tcreatedAt: number;\n\tupdatedAt: number;\n}\n\n/**\n * Row shape for the `actionConfig` table.\n */\nexport interface ActionConfigRow extends Record<string, unknown> {\n\tid: string;\n\tname: string;\n\tdescription: string | null;\n\ttriggerEvent: string;\n\twebhookUrl: string;\n\tcreatedAt: number;\n\tupdatedAt: number;\n}\n\n/**\n * Row shape for the `radarConfig` table.\n * Singleton row with JSON-serialized radar/bot protection settings.\n */\nexport interface RadarConfigRow extends Record<string, unknown> {\n\tid: string;\n\tconfigJson: string;\n\tcreatedAt: number;\n\tupdatedAt: number;\n}\n\n/**\n * Row shape for the `emailProviderConfig` table.\n * Singleton row with JSON-serialized email provider settings.\n */\nexport interface EmailProviderConfigRow extends Record<string, unknown> {\n\tid: string;\n\tconfigJson: string;\n\tcreatedAt: number;\n\tupdatedAt: number;\n}\n\n/**\n * Row shape for the `resourceType` table.\n */\nexport interface ResourceTypeRow extends Record<string, unknown> {\n\tid: string;\n\tname: string;\n\tslug: string;\n\tdescription: string | null;\n\tcreatedAt: number;\n\tupdatedAt: number;\n}\n\n/**\n * Row shape for the `addonConfig` table.\n * Singleton row with JSON-serialized addon states.\n */\nexport interface AddonConfigRow extends Record<string, unknown> {\n\tid: string;\n\tconfigJson: string;\n\tcreatedAt: number;\n\tupdatedAt: number;\n}\n\n/**\n * Row shape for the `projectConfig` table.\n * One row per project with JSON-serialized project settings.\n */\nexport interface ProjectConfigRow extends Record<string, unknown> {\n\tid: string;\n\tconfigJson: string;\n\tprojectId?: string;\n\tcreatedAt: number;\n\tupdatedAt: number;\n}\n\n// ─── Project Row Types ─────────────────────────────────────────────\n\n/**\n * Row shape for the `project` table.\n * Each project is a fully isolated auth tenant.\n */\nexport interface ProjectRow extends Record<string, unknown> {\n\tid: string;\n\tname: string;\n\tslug: string;\n\tdescription?: string;\n\tlogoUrl?: string;\n\townerId: string;\n\tcreatedAt: number;\n\tupdatedAt: number;\n}\n\ninterface MemberPermissionRow extends Record<string, unknown> {\n\tid: string;\n\tuserId: string;\n\trole: string;\n\tprojectId?: string;\n}\n\ninterface ProjectOwnerRow extends Record<string, unknown> {\n\tid: string;\n\townerId: string;\n}\n\nexport function parseRoleSlugs(value: string | string[] | null | undefined): string[] {\n\tconst raw = Array.isArray(value) ? value : typeof value === \"string\" ? value.split(\",\") : [];\n\treturn Array.from(new Set(raw.map((role) => role.trim()).filter(Boolean)));\n}\n\nexport function isGlobalAdminRole(role: string | null | undefined): boolean {\n\treturn role === \"admin\" || role === \"super_admin\";\n}\n\nexport function isGlobalAdminUser(user: Pick<SessionUser, \"role\"> | null | undefined): boolean {\n\treturn isGlobalAdminRole(user?.role);\n}\n\n// ─── Admin Authorization Helper ────────────────────────────────────\n\n/**\n * Verify that the current request has an authenticated session.\n *\n * This MUST be called at the top of every custom plugin endpoint\n * that performs administrative operations (webhook CRUD, audit log\n * management, roles/permissions CRUD, branding, email config, etc.).\n *\n * The function uses a loose type signature to remain compatible with\n * Better Auth's `EndpointContext` which uses a narrower union type\n * for error status codes (e.g. `\"UNAUTHORIZED\" | \"FORBIDDEN\" | ...`)\n * rather than `string | number`.\n *\n * @param ctx - The endpoint handler context from Better Auth\n * @throws Error with status \"UNAUTHORIZED\" if not authenticated\n */\n// biome-ignore lint: ctx type is intentionally loose to match Better Auth's EndpointContext\nexport function requireAuthenticated(ctx: any): {\n\tsession: SessionRecord;\n\tuser: SessionUser;\n} {\n\tconst authSession = ctx.context?.session;\n\tif (!authSession?.user?.id || !authSession?.session?.id) {\n\t\tthrow ctx.error(\"UNAUTHORIZED\", { message: \"Authentication required\" });\n\t}\n\n\treturn {\n\t\tsession: authSession.session as SessionRecord,\n\t\tuser: authSession.user as SessionUser,\n\t};\n}\n\n/**\n * @deprecated Use `requireAuthenticated` or `requireGlobalAdmin` instead.\n */\nexport function requireAdmin(ctx: any): {\n\tsession: SessionRecord;\n\tuser: SessionUser;\n} {\n\treturn requireAuthenticated(ctx);\n}\n\n// biome-ignore lint: ctx type is intentionally loose to match Better Auth's EndpointContext\nexport function requireGlobalAdmin(ctx: any): {\n\tsession: SessionRecord;\n\tuser: SessionUser;\n} {\n\tconst auth = requireAuthenticated(ctx);\n\tif (!isGlobalAdminUser(auth.user)) {\n\t\tthrow ctx.error(\"FORBIDDEN\", { message: \"Global admin access required\" });\n\t}\n\n\treturn auth;\n}\n\nexport async function getRolePermissions(\n\tdb: PluginDBAdapter,\n\tparams: {\n\t\tprojectId?: string;\n\t\troleSlugs: string[];\n\t},\n): Promise<Set<string>> {\n\tconst permissions = new Set<string>();\n\tconst { projectId, roleSlugs } = params;\n\n\tif (roleSlugs.length === 0) return permissions;\n\tif (roleSlugs.includes(\"super_admin\")) {\n\t\tpermissions.add(\"*\");\n\t\treturn permissions;\n\t}\n\tif (!projectId) return permissions;\n\n\tconst requestedRoleSlugs = new Set(roleSlugs);\n\tconst roleRows = await db.findMany<RoleDefinitionRow>({\n\t\tmodel: \"roleDefinition\",\n\t\twhere: [{ field: \"projectId\", value: projectId }],\n\t\tlimit: 1000,\n\t});\n\n\tfor (const row of roleRows) {\n\t\tif (!requestedRoleSlugs.has(row.slug) || !row.permissions) continue;\n\t\ttry {\n\t\t\tconst rowPermissions = JSON.parse(row.permissions) as string[];\n\t\t\tfor (const permission of rowPermissions) {\n\t\t\t\tif (typeof permission === \"string\" && permission.length > 0) {\n\t\t\t\t\tpermissions.add(permission);\n\t\t\t\t}\n\t\t\t}\n\t\t} catch {\n\t\t\t// Ignore malformed permission blobs instead of failing open.\n\t\t}\n\t}\n\n\treturn permissions;\n}\n\n/**\n * Resolve the effective permission slugs for a user in a project.\n *\n * Permission sources:\n * 1) Global Better Auth admin role (`user.role`)\n * 2) Project ownership (`project.ownerId`)\n * 3) Organization membership roles in the project (`member.role`)\n */\nexport async function getEffectiveProjectPermissions(\n\tdb: PluginDBAdapter,\n\tparams: {\n\t\tuserId: string;\n\t\tprojectId?: string;\n\t},\n): Promise<Set<string>> {\n\tconst permissions = new Set<string>();\n\tconst { userId, projectId } = params;\n\n\tif (!projectId) return permissions;\n\n\tconst userRows = await db.findMany<SessionUser>({\n\t\tmodel: \"user\",\n\t\twhere: [{ field: \"id\", value: userId }],\n\t\tlimit: 1,\n\t});\n\tconst user = userRows[0];\n\tif (isGlobalAdminUser(user)) {\n\t\tpermissions.add(\"*\");\n\t\treturn permissions;\n\t}\n\n\tconst projectRows = await db.findMany<ProjectOwnerRow>({\n\t\tmodel: \"project\",\n\t\twhere: [{ field: \"id\", value: projectId }],\n\t\tlimit: 1,\n\t});\n\tif (projectRows[0]?.ownerId === userId) {\n\t\tpermissions.add(\"*\");\n\t\treturn permissions;\n\t}\n\n\tconst memberRows = await db.findMany<MemberPermissionRow>({\n\t\tmodel: \"member\",\n\t\twhere: [\n\t\t\t{ field: \"projectId\", value: projectId },\n\t\t\t{ field: \"userId\", value: userId },\n\t\t],\n\t\tlimit: 200,\n\t});\n\tif (memberRows.length === 0) return permissions;\n\n\tconst roleSlugs = new Set<string>();\n\tfor (const member of memberRows) {\n\t\tfor (const slug of parseRoleSlugs(member.role)) {\n\t\t\troleSlugs.add(slug);\n\t\t}\n\t}\n\tif (roleSlugs.size === 0) return permissions;\n\n\tconst rolePermissions = await getRolePermissions(db, {\n\t\tprojectId,\n\t\troleSlugs: Array.from(roleSlugs),\n\t});\n\tfor (const permission of rolePermissions) {\n\t\tpermissions.add(permission);\n\t}\n\n\treturn permissions;\n}\n\n/**\n * Throws FORBIDDEN unless the current user has the given permission in project scope.\n */\nexport async function requireProjectPermission(\n\tctx: any,\n\tparams: {\n\t\tdb: PluginDBAdapter;\n\t\tpermission: string;\n\t\tprojectId?: string;\n\t},\n): Promise<void> {\n\tconst { user } = requireAuthenticated(ctx);\n\tconst { db, permission, projectId } = params;\n\n\tif (!projectId) {\n\t\tthrow ctx.error(\"FORBIDDEN\", {\n\t\t\tmessage: `Project scope is required to check permission \\\"${permission}\\\"`,\n\t\t});\n\t}\n\n\tconst permissions = await getEffectiveProjectPermissions(db, {\n\t\tuserId: user.id,\n\t\tprojectId,\n\t});\n\tif (permissions.has(\"*\") || permissions.has(permission)) {\n\t\treturn;\n\t}\n\n\tthrow ctx.error(\"FORBIDDEN\", {\n\t\tmessage: `Missing permission: ${permission}`,\n\t});\n}\n\n// ─── Shared Zod Schemas for Project Scoping ────────────────────────\n\n/**\n * Zod schema partial for project-scoped endpoints.\n * Add `.merge(projectScopeSchema)` to any endpoint body schema that\n * should accept an optional projectId.\n */\nexport const projectScopeSchema = z.object({\n\tprojectId: z.string().optional(),\n});\n\n/**\n * Extract projectId from a parsed body and return scope helpers.\n *\n * **Strict by default**: throws if `projectId` is missing.\n * All project-scoped data MUST be isolated — returning empty filters\n * would silently leak data across projects.\n *\n * Pass `{ optional: true }` only for endpoints that genuinely operate\n * across all projects (e.g. project list, ensure-default).\n */\nexport function getProjectScope(\n\tbody: Record<string, unknown>,\n\topts?: { optional?: boolean },\n): {\n\t/** Where clause filter for findMany/findOne/update/delete. */\n\twhere: WhereClause[];\n\t/** Data fields to include in create. */\n\tdata: Record<string, string>;\n\t/** The resolved projectId (always present when strict). */\n\tprojectId: string | undefined;\n} {\n\tconst projectId = typeof body.projectId === \"string\" ? body.projectId : undefined;\n\tif (!projectId) {\n\t\tif (opts?.optional) {\n\t\t\treturn { where: [], data: {}, projectId: undefined };\n\t\t}\n\t\tthrow new Error(\n\t\t\t\"projectId is required for this endpoint. The dashboard must send a projectId to scope data correctly.\",\n\t\t);\n\t}\n\treturn {\n\t\twhere: [{ field: \"projectId\", value: projectId }],\n\t\tdata: { projectId },\n\t\tprojectId,\n\t};\n}\n\r\n","/**\n * Audit log plugin for Banata Auth.\n *\n * Provides:\n * - API endpoints for listing, creating, and exporting audit events\n * - Automatic logging of auth events via Better Auth hooks\n * - Organization-scoped audit trails\n *\n * This plugin follows Better Auth's plugin pattern and uses the Convex\n * database adapter (from Better Auth's context) to store events in the\n * `auditEvent` table defined in the component schema.\n *\n * @see {@link ../../component/schema.ts} for the auditEvent table definition\n * @see {@link ../../../shared/src/types.ts} for the AuditEvent SDK type\n */\n\nimport type { BetterAuthPlugin } from \"better-auth\";\nimport { createAuthEndpoint, createAuthMiddleware } from \"better-auth/api\";\nimport { z } from \"zod\";\nimport {\n\ttype AuditEventRow,\n\ttype PluginDBAdapter,\n\ttype WhereClause,\n\tgetProjectScope,\n\tprojectScopeSchema,\n\trequireProjectPermission,\n} from \"./types\";\n\n// ─── Types ──────────────────────────────────────────────────────────\n\nexport interface AuditLogPluginOptions {\n\t/** Actions to automatically log. If empty, logs all auth actions. */\n\tautoLogActions?: string[];\n\t/** Whether to auto-log all Better Auth endpoint calls. Default: true */\n\tautoLog?: boolean;\n}\n\n// ─── Path → Action Mapping ──────────────────────────────────────────\n\n/**\n * Map a Better Auth endpoint path to an audit action string.\n *\n * These action strings follow the `resource.verb` convention used\n * throughout the Banata Auth audit system (see shared/src/types.ts).\n */\nfunction pathToAction(path: string): string | null {\n\tconst map: Record<string, string> = {\n\t\t// Authentication\n\t\t\"/sign-in/email\": \"user.login\",\n\t\t\"/sign-in/social\": \"user.login.social\",\n\t\t\"/sign-up/email\": \"user.create\",\n\t\t\"/sign-out\": \"user.logout\",\n\n\t\t// Password management\n\t\t\"/forget-password\": \"user.password_reset_request\",\n\t\t\"/reset-password\": \"user.password_reset\",\n\t\t\"/change-password\": \"user.password_change\",\n\n\t\t// Profile\n\t\t\"/update-user\": \"user.update\",\n\t\t\"/verify-email\": \"user.email_verified\",\n\n\t\t// Two-factor\n\t\t\"/two-factor/enable\": \"user.two_factor_enable\",\n\t\t\"/two-factor/disable\": \"user.two_factor_disable\",\n\n\t\t// Organization\n\t\t\"/organization/create\": \"organization.create\",\n\t\t\"/organization/update\": \"organization.update\",\n\t\t\"/organization/delete\": \"organization.delete\",\n\t\t\"/organization/invite-member\": \"organization.member_invite\",\n\t\t\"/organization/remove-member\": \"organization.member_remove\",\n\t\t\"/organization/update-member-role\": \"organization.member_role_change\",\n\n\t\t// Admin\n\t\t\"/admin/ban-user\": \"admin.user_ban\",\n\t\t\"/admin/unban-user\": \"admin.user_unban\",\n\t\t\"/admin/set-role\": \"admin.user_role_change\",\n\t\t\"/admin/remove-user\": \"admin.user_delete\",\n\t\t\"/admin/impersonate-user\": \"admin.impersonate\",\n\n\t\t// SSO\n\t\t\"/banata/sso/register\": \"sso.connection_create\",\n\t\t\"/banata/sso/update-provider\": \"sso.connection_update\",\n\t\t\"/banata/sso/delete-provider\": \"sso.connection_delete\",\n\t\t\"/sign-in/sso\": \"sso.login\",\n\n\t\t// SCIM\n\t\t\"/banata/scim/register\": \"scim.directory_create\",\n\t\t\"/banata/scim/delete-provider\": \"scim.directory_delete\",\n\n\t\t// Domain verification\n\t\t\"/banata/domains/create\": \"sso.domain_verification_create\",\n\t\t\"/banata/domains/verify\": \"sso.domain_verification_verify\",\n\t\t\"/banata/domains/delete\": \"sso.domain_verification_delete\",\n\n\t\t// API Key\n\t\t\"/api-key/create\": \"api_key.create\",\n\t\t\"/api-key/delete\": \"api_key.delete\",\n\t};\n\n\t// Match partial paths — Better Auth prepends a base path\n\tfor (const [pattern, action] of Object.entries(map)) {\n\t\tif (path.endsWith(pattern) || path.includes(pattern)) {\n\t\t\treturn action;\n\t\t}\n\t}\n\treturn null;\n}\n\n// ─── Zod Schemas ────────────────────────────────────────────────────\n\nconst listAuditLogsSchema = z\n\t.object({\n\t\torganizationId: z.string().optional(),\n\t\taction: z.string().optional(),\n\t\tactorId: z.string().optional(),\n\t\tlimit: z.number().optional(),\n\t\tafter: z.string().optional(),\n\t\tbefore: z.string().optional(),\n\t})\n\t.merge(projectScopeSchema);\n\nconst createAuditLogSchema = z\n\t.object({\n\t\taction: z.string(),\n\t\tactorType: z.string(),\n\t\tactorId: z.string(),\n\t\tactorName: z.string().optional(),\n\t\tactorEmail: z.string().optional(),\n\t\ttargets: z.string().optional(),\n\t\torganizationId: z.string().optional(),\n\t\tipAddress: z.string().optional(),\n\t\tuserAgent: z.string().optional(),\n\t\tchanges: z.string().optional(),\n\t\tmetadata: z.string().optional(),\n\t\tidempotencyKey: z.string().optional(),\n\t\toccurredAt: z.number().optional(),\n\t})\n\t.merge(projectScopeSchema);\n\nconst exportAuditLogsSchema = z\n\t.object({\n\t\torganizationId: z.string().optional(),\n\t\taction: z.string().optional(),\n\t\tstartDate: z.number().optional(),\n\t\tendDate: z.number().optional(),\n\t\tformat: z.string().optional(),\n\t\t/** Maximum number of records to return per page. Capped at 1000. Default: 1000. */\n\t\tlimit: z.number().min(1).max(1000).optional(),\n\t\t/** Cursor-based pagination: pass the last event's `occurredAt` from the previous page. */\n\t\tcursor: z.number().optional(),\n\t})\n\t.merge(projectScopeSchema);\n\n// ─── Plugin Factory ─────────────────────────────────────────────────\n\n/**\n * Audit log plugin for Banata Auth.\n *\n * Registers custom API endpoints under `/api/auth/banata/audit-logs/`\n * for listing, creating, and exporting audit events.\n *\n * Also installs an `after` hook on all Better Auth endpoints to\n * automatically log auth events (sign-in, sign-up, password changes,\n * organization operations, admin actions, etc.) into the `auditEvent`\n * table via the Convex database adapter.\n *\n * @param options - Optional configuration for auto-logging behavior\n * @returns A Better Auth plugin descriptor\n *\n * @example\n * ```ts\n * import { auditLog } from \"./plugins/audit\";\n *\n * const plugins = [\n * auditLog(),\n * // ... other plugins\n * ];\n * ```\n */\nexport function auditLog(options?: AuditLogPluginOptions): BetterAuthPlugin {\n\tconst autoLog = options?.autoLog !== false;\n\tconst autoLogActions = options?.autoLogActions ?? [];\n\n\treturn {\n\t\tid: \"banata-audit-log\",\n\n\t\t// ─── Schema Registration ──────────────────────────────────\n\t\tschema: {\n\t\t\tauditEvent: {\n\t\t\t\tfields: {\n\t\t\t\t\tprojectId: { type: \"string\" as const, required: false },\n\t\t\t\t\taction: { type: \"string\", required: true },\n\t\t\t\t\tversion: { type: \"number\", required: false },\n\t\t\t\t\tactorType: { type: \"string\", required: true },\n\t\t\t\t\tactorId: { type: \"string\", required: true },\n\t\t\t\t\tactorName: { type: \"string\", required: false },\n\t\t\t\t\tactorEmail: { type: \"string\", required: false },\n\t\t\t\t\tactorMetadata: { type: \"string\", required: false },\n\t\t\t\t\ttargets: { type: \"string\", required: false },\n\t\t\t\t\torganizationId: { type: \"string\", required: false },\n\t\t\t\t\tipAddress: { type: \"string\", required: false },\n\t\t\t\t\tuserAgent: { type: \"string\", required: false },\n\t\t\t\t\trequestId: { type: \"string\", required: false },\n\t\t\t\t\tchanges: { type: \"string\", required: false },\n\t\t\t\t\tidempotencyKey: { type: \"string\", required: false },\n\t\t\t\t\tmetadata: { type: \"string\", required: false },\n\t\t\t\t\toccurredAt: { type: \"number\", required: true },\n\t\t\t\t\tcreatedAt: { type: \"number\", required: true },\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\n\t\t// ── Custom API Endpoints ────────────────────────────────────\n\t\tendpoints: {\n\t\t\t/**\n\t\t\t * List audit events with optional filters.\n\t\t\t *\n\t\t\t * POST /api/auth/banata/audit-logs/list\n\t\t\t *\n\t\t\t * Supports filtering by organizationId, action, actorId,\n\t\t\t * and pagination via limit/after/before cursors.\n\t\t\t */\n\t\t\tlistAuditLogs: createAuthEndpoint(\n\t\t\t\t\"/banata/audit-logs/list\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\trequireHeaders: true,\n\t\t\t\t\tbody: listAuditLogsSchema,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst body = ctx.body;\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst scope = getProjectScope(body as Record<string, unknown>);\n\t\t\t\t\tawait requireProjectPermission(ctx, {\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tpermission: \"audit.read\",\n\t\t\t\t\t\tprojectId: scope.projectId,\n\t\t\t\t\t});\n\n\t\t\t\t\t// Build where clause from optional filters + project scope\n\t\t\t\t\tconst filters: WhereClause[] = [...scope.where];\n\t\t\t\t\tif (body.organizationId) {\n\t\t\t\t\t\tfilters.push({ field: \"organizationId\", value: body.organizationId });\n\t\t\t\t\t}\n\t\t\t\t\tif (body.action) {\n\t\t\t\t\t\tfilters.push({ field: \"action\", value: body.action });\n\t\t\t\t\t}\n\t\t\t\t\tif (body.actorId) {\n\t\t\t\t\t\tfilters.push({ field: \"actorId\", value: body.actorId });\n\t\t\t\t\t}\n\n\t\t\t\t\tconst limit = body.limit ?? 50;\n\n\t\t\t\t\tconst events = await db.findMany<AuditEventRow>({\n\t\t\t\t\t\tmodel: \"auditEvent\",\n\t\t\t\t\t\twhere: filters,\n\t\t\t\t\t\tlimit,\n\t\t\t\t\t\tsortBy: { field: \"occurredAt\", direction: \"desc\" },\n\t\t\t\t\t});\n\n\t\t\t\t\treturn ctx.json({\n\t\t\t\t\t\tdata: events,\n\t\t\t\t\t\tlistMetadata: { before: null, after: null },\n\t\t\t\t\t});\n\t\t\t\t},\n\t\t\t),\n\n\t\t\t/**\n\t\t\t * Create a new audit event manually.\n\t\t\t *\n\t\t\t * POST /api/auth/banata/audit-logs/create\n\t\t\t *\n\t\t\t * Used for logging custom application events that don't\n\t\t\t * originate from Better Auth endpoints (e.g., API key usage,\n\t\t\t * resource access, policy changes).\n\t\t\t */\n\t\t\tcreateAuditLog: createAuthEndpoint(\n\t\t\t\t\"/banata/audit-logs/create\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\trequireHeaders: true,\n\t\t\t\t\tbody: createAuditLogSchema,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst body = ctx.body;\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst now = Date.now();\n\t\t\t\t\tconst scope = getProjectScope(body as Record<string, unknown>);\n\t\t\t\t\tawait requireProjectPermission(ctx, {\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tpermission: \"audit.read\",\n\t\t\t\t\t\tprojectId: scope.projectId,\n\t\t\t\t\t});\n\n\t\t\t\t\t// Build data object, omitting optional fields when absent.\n\t\t\t\t\t// Convex v.optional() accepts undefined but NOT null.\n\t\t\t\t\tconst data: Record<string, unknown> = {\n\t\t\t\t\t\t...scope.data,\n\t\t\t\t\t\taction: body.action,\n\t\t\t\t\t\tversion: 1,\n\t\t\t\t\t\tactorType: body.actorType,\n\t\t\t\t\t\tactorId: body.actorId,\n\t\t\t\t\t\toccurredAt: body.occurredAt ?? now,\n\t\t\t\t\t\tcreatedAt: now,\n\t\t\t\t\t};\n\t\t\t\t\tif (body.actorName) data.actorName = body.actorName;\n\t\t\t\t\tif (body.actorEmail) data.actorEmail = body.actorEmail;\n\t\t\t\t\tif (body.targets) data.targets = body.targets;\n\t\t\t\t\tif (body.organizationId) data.organizationId = body.organizationId;\n\t\t\t\t\tif (body.ipAddress) data.ipAddress = body.ipAddress;\n\t\t\t\t\tif (body.userAgent) data.userAgent = body.userAgent;\n\t\t\t\t\tif (body.changes) data.changes = body.changes;\n\t\t\t\t\tif (body.idempotencyKey) data.idempotencyKey = body.idempotencyKey;\n\t\t\t\t\tif (body.metadata) data.metadata = body.metadata;\n\n\t\t\t\t\tconst event = await db.create<AuditEventRow>({\n\t\t\t\t\t\tmodel: \"auditEvent\",\n\t\t\t\t\t\tdata: data as AuditEventRow,\n\t\t\t\t\t});\n\n\t\t\t\t\treturn ctx.json(event);\n\t\t\t\t},\n\t\t\t),\n\n\t\t\t/**\n\t\t\t * Export audit events for compliance / reporting.\n\t\t\t *\n\t\t\t * POST /api/auth/banata/audit-logs/export\n\t\t\t *\n\t\t\t * Returns up to 10 000 events matching the given filters.\n\t\t\t * Consumers can pass startDate/endDate (epoch ms) for\n\t\t\t * time-range scoping and a format hint (reserved for future\n\t\t\t * CSV/JSON format support).\n\t\t\t */\n\t\t\texportAuditLogs: createAuthEndpoint(\n\t\t\t\t\"/banata/audit-logs/export\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\trequireHeaders: true,\n\t\t\t\t\tbody: exportAuditLogsSchema,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst body = ctx.body;\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst pageLimit = body.limit ?? 1000;\n\t\t\t\t\tconst scope = getProjectScope(body as Record<string, unknown>);\n\t\t\t\t\tawait requireProjectPermission(ctx, {\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tpermission: \"audit.read\",\n\t\t\t\t\t\tprojectId: scope.projectId,\n\t\t\t\t\t});\n\n\t\t\t\t\tconst filters: WhereClause[] = [...scope.where];\n\t\t\t\t\tif (body.organizationId) {\n\t\t\t\t\t\tfilters.push({\n\t\t\t\t\t\t\tfield: \"organizationId\",\n\t\t\t\t\t\t\tvalue: body.organizationId,\n\t\t\t\t\t\t});\n\t\t\t\t\t}\n\t\t\t\t\tif (body.action) {\n\t\t\t\t\t\tfilters.push({ field: \"action\", value: body.action });\n\t\t\t\t\t}\n\t\t\t\t\t// Cursor-based pagination: only fetch events older than the cursor\n\t\t\t\t\tif (body.cursor !== undefined) {\n\t\t\t\t\t\tfilters.push({\n\t\t\t\t\t\t\tfield: \"occurredAt\",\n\t\t\t\t\t\t\toperator: \"lt\" as const,\n\t\t\t\t\t\t\tvalue: body.cursor,\n\t\t\t\t\t\t});\n\t\t\t\t\t}\n\n\t\t\t\t\tconst events = await db.findMany<AuditEventRow>({\n\t\t\t\t\t\tmodel: \"auditEvent\",\n\t\t\t\t\t\twhere: filters,\n\t\t\t\t\t\tlimit: pageLimit,\n\t\t\t\t\t\tsortBy: { field: \"occurredAt\", direction: \"desc\" },\n\t\t\t\t\t});\n\n\t\t\t\t\t// If we got a full page, provide a cursor for the next page\n\t\t\t\t\tconst lastEvent = events[events.length - 1];\n\t\t\t\t\tconst nextCursor =\n\t\t\t\t\t\tevents.length === pageLimit && lastEvent ? (lastEvent.occurredAt as number) : null;\n\n\t\t\t\t\treturn ctx.json({\n\t\t\t\t\t\tdata: events,\n\t\t\t\t\t\tcount: events.length,\n\t\t\t\t\t\tnextCursor,\n\t\t\t\t\t});\n\t\t\t\t},\n\t\t\t),\n\t\t},\n\n\t\t// ── Automatic Auth Event Logging ────────────────────────────\n\t\thooks: {\n\t\t\tafter: [\n\t\t\t\t{\n\t\t\t\t\tmatcher: () => true,\n\t\t\t\t\thandler: createAuthMiddleware(async (ctx) => {\n\t\t\t\t\t\tif (!autoLog) return;\n\n\t\t\t\t\t\t// Only log when there is an authenticated session\n\t\t\t\t\t\tconst sessionData = ctx.context?.session;\n\t\t\t\t\t\tif (!sessionData) return;\n\n\t\t\t\t\t\tconst path: string = (ctx as unknown as { path?: string }).path ?? \"\";\n\t\t\t\t\t\tconst action = pathToAction(path);\n\t\t\t\t\t\tif (!action) return;\n\n\t\t\t\t\t\t// If a whitelist is configured, only log listed actions\n\t\t\t\t\t\tif (autoLogActions.length > 0 && !autoLogActions.includes(action)) {\n\t\t\t\t\t\t\treturn;\n\t\t\t\t\t\t}\n\n\t\t\t\t\t\ttry {\n\t\t\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\t\t\tconst sessionRecord = sessionData.session;\n\t\t\t\t\t\t\t// Build data object, omitting optional fields when absent.\n\t\t\t\t\t\t\t// Convex v.optional() accepts undefined but NOT null.\n\t\t\t\t\t\t\tconst auditData: Record<string, unknown> = {\n\t\t\t\t\t\t\t\taction,\n\t\t\t\t\t\t\t\tversion: 1,\n\t\t\t\t\t\t\t\tactorType: \"user\",\n\t\t\t\t\t\t\t\tactorId: sessionRecord.userId ?? \"unknown\",\n\t\t\t\t\t\t\t\toccurredAt: Date.now(),\n\t\t\t\t\t\t\t\tcreatedAt: Date.now(),\n\t\t\t\t\t\t\t};\n\t\t\t\t\t\t\t// Include projectId from the request body if available\n\t\t\t\t\t\t\tconst reqBody = (ctx as unknown as { body?: Record<string, unknown> }).body;\n\t\t\t\t\t\t\tif (reqBody?.projectId && typeof reqBody.projectId === \"string\") {\n\t\t\t\t\t\t\t\tauditData.projectId = reqBody.projectId;\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t\tconst orgId = (sessionRecord as Record<string, unknown>).activeOrganizationId as\n\t\t\t\t\t\t\t\t| string\n\t\t\t\t\t\t\t\t| undefined;\n\t\t\t\t\t\t\tif (orgId) auditData.organizationId = orgId;\n\t\t\t\t\t\t\tconst ip = ctx.headers?.get(\"x-forwarded-for\");\n\t\t\t\t\t\t\tif (ip) auditData.ipAddress = ip;\n\t\t\t\t\t\t\tconst ua = ctx.headers?.get(\"user-agent\");\n\t\t\t\t\t\t\tif (ua) auditData.userAgent = ua;\n\n\t\t\t\t\t\t\tawait db.create<AuditEventRow>({\n\t\t\t\t\t\t\t\tmodel: \"auditEvent\",\n\t\t\t\t\t\t\t\tdata: auditData as AuditEventRow,\n\t\t\t\t\t\t\t});\n\t\t\t\t\t\t} catch (err) {\n\t\t\t\t\t\t\t// Audit logging should never break auth flows.\n\t\t\t\t\t\t\tconsole.error(\n\t\t\t\t\t\t\t\t\"[BanataAuth] Auto-log audit event failed:\",\n\t\t\t\t\t\t\t\taction,\n\t\t\t\t\t\t\t\terr instanceof Error ? err.message : \"unknown error\",\n\t\t\t\t\t\t\t);\n\t\t\t\t\t\t}\n\t\t\t\t\t}),\n\t\t\t\t},\n\t\t\t],\n\t\t},\n\t};\n}\n\n// ─── Helper: logAuditEvent ──────────────────────────────────────────\n\n/**\n * Parameters for the `logAuditEvent` helper.\n *\n * Maps directly to the `auditEvent` table columns defined in\n * the component schema (see `src/component/schema.ts`).\n */\nexport interface LogAuditEventParams {\n\t/** Optional project scope for multi-tenant isolation. */\n\tprojectId?: string;\n\taction: string;\n\tactorType: \"user\" | \"admin\" | \"system\" | \"api_key\" | \"scim\";\n\tactorId: string;\n\tactorName?: string;\n\tactorEmail?: string;\n\tactorMetadata?: Record<string, string>;\n\ttargets?: Array<{\n\t\ttype: string;\n\t\tid: string;\n\t\tname?: string;\n\t\tmetadata?: Record<string, string>;\n\t}>;\n\torganizationId?: string;\n\tipAddress?: string;\n\tuserAgent?: string;\n\trequestId?: string;\n\tchanges?: { before?: Record<string, unknown>; after?: Record<string, unknown> };\n\tidempotencyKey?: string;\n\tmetadata?: Record<string, string>;\n}\n\n/**\n * Log an audit event from a Better Auth hook or trigger handler.\n *\n * This helper can be called from Better Auth hooks, Convex triggers,\n * or any code that has access to the database adapter to create an\n * audit event record without going through the HTTP endpoint.\n *\n * @param adapter - The Better Auth database adapter (ctx.context.adapter)\n * @param params - The audit event data\n *\n * @example\n * ```ts\n * import { logAuditEvent } from \"./plugins/audit\";\n *\n * // Inside a Better Auth hook or trigger:\n * await logAuditEvent(ctx.context.adapter, {\n * action: \"user.login\",\n * actorType: \"user\",\n * actorId: user.id,\n * actorEmail: user.email,\n * ipAddress: request.headers.get(\"x-forwarded-for\"),\n * });\n * ```\n */\nexport async function logAuditEvent(\n\tadapter: Pick<PluginDBAdapter, \"create\">,\n\tparams: LogAuditEventParams,\n): Promise<void> {\n\tconst now = Date.now();\n\n\ttry {\n\t\t// Build data object, omitting optional fields when absent.\n\t\t// Convex v.optional() accepts undefined but NOT null.\n\t\tconst data: Record<string, unknown> = {\n\t\t\taction: params.action,\n\t\t\tversion: 1,\n\t\t\tactorType: params.actorType,\n\t\t\tactorId: params.actorId,\n\t\t\toccurredAt: now,\n\t\t\tcreatedAt: now,\n\t\t};\n\t\tif (params.projectId) data.projectId = params.projectId;\n\t\tif (params.actorName) data.actorName = params.actorName;\n\t\tif (params.actorEmail) data.actorEmail = params.actorEmail;\n\t\tif (params.actorMetadata) data.actorMetadata = JSON.stringify(params.actorMetadata);\n\t\tif (params.targets) data.targets = JSON.stringify(params.targets);\n\t\tif (params.organizationId) data.organizationId = params.organizationId;\n\t\tif (params.ipAddress) data.ipAddress = params.ipAddress;\n\t\tif (params.userAgent) data.userAgent = params.userAgent;\n\t\tif (params.requestId) data.requestId = params.requestId;\n\t\tif (params.changes) data.changes = JSON.stringify(params.changes);\n\t\tif (params.idempotencyKey) data.idempotencyKey = params.idempotencyKey;\n\t\tif (params.metadata) data.metadata = JSON.stringify(params.metadata);\n\n\t\tawait adapter.create({\n\t\t\tmodel: \"auditEvent\",\n\t\t\tdata,\n\t\t});\n\t} catch {\n\t\t// Audit logging should never break auth flows\n\t\tconsole.error(\"[BanataAuth] Failed to log audit event:\", params.action);\n\t}\n}\n","/**\r\n * Dashboard configuration plugin for Banata Auth.\r\n *\r\n * Provides CRUD endpoints for dashboard configuration data that\r\n * doesn't exist natively in Better Auth:\r\n *\r\n * - `/banata/config/public` — Read runtime auth config for public UIs\r\n * - `/banata/config/dashboard` — Read dashboard config (with persisted overrides)\r\n * - `/banata/config/dashboard/save` — Save partial dashboard config overrides\r\n * - `/banata/config/roles/list` — List custom role definitions\r\n * - `/banata/config/roles/create` — Create a role definition\r\n * - `/banata/config/roles/delete` — Delete a role definition\r\n * - `/banata/config/permissions/list` — List custom permission definitions\r\n * - `/banata/config/permissions/create` — Create a permission definition\r\n * - `/banata/config/permissions/delete` — Delete a permission definition\r\n * - `/banata/config/branding/get` — Get branding config\r\n * - `/banata/config/branding/save` — Upsert branding config\r\n * - `/banata/config/emails/list` — List email toggles\r\n * - `/banata/config/emails/toggle` — Toggle an email type on/off\r\n * - `/banata/config/project/get` — Get project config (name, description, env)\r\n * - `/banata/config/project/save` — Save project config\r\n *\r\n * All endpoints are registered under `/api/auth/banata/config/...` through\r\n * Better Auth's plugin system and proxied via the existing catch-all route.\r\n *\r\n * @see {@link ../../component/schema.ts} for table definitions\r\n * @see {@link ../auth.ts} for plugin registration\r\n */\r\n\r\nimport type { BetterAuthPlugin } from \"better-auth\";\r\nimport { createAuthEndpoint } from \"better-auth/api\";\r\nimport { z } from \"zod\";\r\nimport {\r\n\ttype ActionConfigRow,\r\n\ttype AddonConfigRow,\r\n\ttype BrandingConfigRow,\r\n\ttype DashboardConfigRow,\r\n\ttype DomainConfigRow,\r\n\ttype EmailConfigRow,\r\n\ttype EmailProviderConfigRow,\r\n\ttype PermissionDefinitionRow,\r\n\ttype PluginDBAdapter,\r\n\ttype ProjectConfigRow,\r\n\ttype RadarConfigRow,\r\n\ttype RedirectConfigRow,\r\n\ttype ResourceTypeRow,\r\n\ttype RoleDefinitionRow,\r\n\ttype WhereClause,\r\n\tgetEffectiveProjectPermissions,\r\n\tgetProjectScope,\r\n\tprojectScopeSchema,\r\n\trequireAuthenticated,\r\n\trequireProjectPermission,\r\n} from \"./types\";\r\n\r\n// ─── Plugin Options ─────────────────────────────────────────────────\r\n\r\nexport interface ConfigPluginOptions {\r\n\t/**\r\n\t * Static auth methods config — mirrors BanataAuthConfig.authMethods.\r\n\t * These are read from the server environment, not stored in DB.\r\n\t */\r\n\tauthMethods?: {\r\n\t\tsso?: boolean;\r\n\t\temailPassword?: boolean;\r\n\t\tpasskey?: boolean;\r\n\t\tmagicLink?: boolean;\r\n\t\temailOtp?: boolean;\r\n\t\ttwoFactor?: boolean;\r\n\t\torganization?: boolean;\r\n\t\tanonymous?: boolean;\r\n\t\tusername?: boolean;\r\n\t};\r\n\r\n\t/**\r\n\t * Social providers config — keys are provider names, values indicate\r\n\t * whether they are enabled + whether they use demo credentials.\r\n\t */\r\n\tsocialProviders?: Record<string, { enabled: boolean; demo?: boolean }>;\r\n\r\n\t/**\r\n\t * Static feature flags.\r\n\t */\r\n\tfeatures?: {\r\n\t\thostedUi?: boolean;\r\n\t\tsignUp?: boolean;\r\n\t\tmfa?: boolean;\r\n\t\tlocalization?: boolean;\r\n\t};\r\n\r\n\t/**\r\n\t * Static session configuration.\r\n\t */\r\n\tsessions?: {\r\n\t\tmaxSessionLength?: string;\r\n\t\taccessTokenDuration?: string;\r\n\t\tinactivityTimeout?: string;\r\n\t\tcorsOrigins?: string[];\r\n\t};\r\n}\r\n\r\n// ─── Default email types ────────────────────────────────────────────\r\n\r\ninterface DefaultEmailType {\r\n\temailType: string;\r\n\tname: string;\r\n\tdescription: string;\r\n\tcategory: string;\r\n}\r\n\r\nconst DEFAULT_EMAIL_TYPES: DefaultEmailType[] = [\r\n\t{\r\n\t\temailType: \"welcome\",\r\n\t\tname: \"Welcome email\",\r\n\t\tdescription: \"Sent when a new user signs up.\",\r\n\t\tcategory: \"auth\",\r\n\t},\r\n\t{\r\n\t\temailType: \"verification\",\r\n\t\tname: \"Email verification\",\r\n\t\tdescription: \"Sent to verify the user's email address.\",\r\n\t\tcategory: \"auth\",\r\n\t},\r\n\t{\r\n\t\temailType: \"password-reset\",\r\n\t\tname: \"Password reset\",\r\n\t\tdescription: \"Sent when a user requests a password reset.\",\r\n\t\tcategory: \"auth\",\r\n\t},\r\n\t{\r\n\t\temailType: \"magic-link\",\r\n\t\tname: \"Magic link\",\r\n\t\tdescription: \"Sent for passwordless sign-in via magic link.\",\r\n\t\tcategory: \"auth\",\r\n\t},\r\n\t{\r\n\t\temailType: \"email-otp\",\r\n\t\tname: \"Email OTP\",\r\n\t\tdescription: \"Sent for email-based one-time password verification.\",\r\n\t\tcategory: \"auth\",\r\n\t},\r\n\t{\r\n\t\temailType: \"org-invitation\",\r\n\t\tname: \"Organization invitation\",\r\n\t\tdescription: \"Sent when a user is invited to join an organization.\",\r\n\t\tcategory: \"org\",\r\n\t},\r\n\t{\r\n\t\temailType: \"mfa-setup\",\r\n\t\tname: \"MFA setup\",\r\n\t\tdescription: \"Sent with MFA setup instructions and backup codes.\",\r\n\t\tcategory: \"auth\",\r\n\t},\r\n];\r\n\r\ninterface BuiltInPermissionSeed {\r\n\tslug: string;\r\n\tname: string;\r\n\tdescription: string;\r\n}\r\n\r\nconst BUILT_IN_PERMISSIONS: BuiltInPermissionSeed[] = [\r\n\t{\r\n\t\tslug: \"dashboard.read\",\r\n\t\tname: \"Read dashboard\",\r\n\t\tdescription: \"Read dashboard and configuration data.\",\r\n\t},\r\n\t{\r\n\t\tslug: \"dashboard.manage\",\r\n\t\tname: \"Manage dashboard\",\r\n\t\tdescription: \"Create, update, and delete dashboard configuration.\",\r\n\t},\r\n\t{\r\n\t\tslug: \"webhook.manage\",\r\n\t\tname: \"Manage webhooks\",\r\n\t\tdescription: \"Create, update, and delete webhook endpoints.\",\r\n\t},\r\n\t{\r\n\t\tslug: \"email.manage\",\r\n\t\tname: \"Manage emails\",\r\n\t\tdescription: \"Manage email templates and provider settings.\",\r\n\t},\r\n\t{\r\n\t\tslug: \"audit.read\",\r\n\t\tname: \"Read audit logs\",\r\n\t\tdescription: \"View and export audit logs.\",\r\n\t},\r\n\t{\r\n\t\tslug: \"organization.read\",\r\n\t\tname: \"Read organization\",\r\n\t\tdescription: \"View organization details.\",\r\n\t},\r\n\t{\r\n\t\tslug: \"organization.update\",\r\n\t\tname: \"Update organization\",\r\n\t\tdescription: \"Update organization metadata and settings.\",\r\n\t},\r\n\t{\r\n\t\tslug: \"organization.delete\",\r\n\t\tname: \"Delete organization\",\r\n\t\tdescription: \"Delete an organization.\",\r\n\t},\r\n\t{\r\n\t\tslug: \"member.invite\",\r\n\t\tname: \"Invite members\",\r\n\t\tdescription: \"Invite users to organizations.\",\r\n\t},\r\n\t{\r\n\t\tslug: \"member.read\",\r\n\t\tname: \"Read members\",\r\n\t\tdescription: \"List organization members.\",\r\n\t},\r\n\t{\r\n\t\tslug: \"member.update_role\",\r\n\t\tname: \"Update member role\",\r\n\t\tdescription: \"Change member role assignments.\",\r\n\t},\r\n\t{\r\n\t\tslug: \"member.remove\",\r\n\t\tname: \"Remove members\",\r\n\t\tdescription: \"Remove members from organizations.\",\r\n\t},\r\n\t{\r\n\t\tslug: \"role.create\",\r\n\t\tname: \"Create roles\",\r\n\t\tdescription: \"Create custom roles.\",\r\n\t},\r\n\t{\r\n\t\tslug: \"role.read\",\r\n\t\tname: \"Read roles\",\r\n\t\tdescription: \"List and inspect roles.\",\r\n\t},\r\n\t{\r\n\t\tslug: \"role.update\",\r\n\t\tname: \"Update roles\",\r\n\t\tdescription: \"Edit custom roles.\",\r\n\t},\r\n\t{\r\n\t\tslug: \"role.delete\",\r\n\t\tname: \"Delete roles\",\r\n\t\tdescription: \"Delete custom roles.\",\r\n\t},\r\n\t{\r\n\t\tslug: \"permission.create\",\r\n\t\tname: \"Create permissions\",\r\n\t\tdescription: \"Create custom permissions.\",\r\n\t},\r\n\t{\r\n\t\tslug: \"permission.read\",\r\n\t\tname: \"Read permissions\",\r\n\t\tdescription: \"List and inspect permissions.\",\r\n\t},\r\n\t{\r\n\t\tslug: \"permission.delete\",\r\n\t\tname: \"Delete permissions\",\r\n\t\tdescription: \"Delete custom permissions.\",\r\n\t},\r\n\t{\r\n\t\tslug: \"api_key.create\",\r\n\t\tname: \"Create API keys\",\r\n\t\tdescription: \"Create API keys.\",\r\n\t},\r\n\t{\r\n\t\tslug: \"api_key.read\",\r\n\t\tname: \"Read API keys\",\r\n\t\tdescription: \"List API keys.\",\r\n\t},\r\n\t{\r\n\t\tslug: \"api_key.delete\",\r\n\t\tname: \"Delete API keys\",\r\n\t\tdescription: \"Revoke API keys.\",\r\n\t},\r\n\t{\r\n\t\tslug: \"sso.read\",\r\n\t\tname: \"Read SSO connections\",\r\n\t\tdescription: \"List and inspect enterprise SSO connections.\",\r\n\t},\r\n\t{\r\n\t\tslug: \"sso.manage\",\r\n\t\tname: \"Manage SSO connections\",\r\n\t\tdescription: \"Create, update, and delete enterprise SSO connections.\",\r\n\t},\r\n\t{\r\n\t\tslug: \"directory.read\",\r\n\t\tname: \"Read directories\",\r\n\t\tdescription: \"List and inspect SCIM directories and synced users.\",\r\n\t},\r\n\t{\r\n\t\tslug: \"directory.manage\",\r\n\t\tname: \"Manage directories\",\r\n\t\tdescription: \"Create and delete SCIM directories and tokens.\",\r\n\t},\r\n\t{\r\n\t\tslug: \"sandbox.create\",\r\n\t\tname: \"Create sandboxes\",\r\n\t\tdescription: \"Create AI/runtime sandboxes.\",\r\n\t},\r\n\t{\r\n\t\tslug: \"sandbox.read\",\r\n\t\tname: \"Read sandboxes\",\r\n\t\tdescription: \"View sandbox details.\",\r\n\t},\r\n\t{\r\n\t\tslug: \"sandbox.delete\",\r\n\t\tname: \"Delete sandboxes\",\r\n\t\tdescription: \"Delete sandboxes.\",\r\n\t},\r\n\t{\r\n\t\tslug: \"browser.launch\",\r\n\t\tname: \"Launch browser\",\r\n\t\tdescription: \"Launch browser sandboxes.\",\r\n\t},\r\n\t{\r\n\t\tslug: \"browser.connect\",\r\n\t\tname: \"Connect browser\",\r\n\t\tdescription: \"Connect to browser CDP.\",\r\n\t},\r\n\t{\r\n\t\tslug: \"billing.read\",\r\n\t\tname: \"Read billing\",\r\n\t\tdescription: \"View billing details.\",\r\n\t},\r\n\t{\r\n\t\tslug: \"billing.manage\",\r\n\t\tname: \"Manage billing\",\r\n\t\tdescription: \"Manage billing and plans.\",\r\n\t},\r\n];\r\n\r\nconst SUPER_ADMIN_ROLE_SLUG = \"super_admin\";\r\nconst SUPER_ADMIN_ROLE_NAME = \"Super Admin\";\r\n\r\nasync function ensureProjectRbacDefaults(\r\n\tdb: PluginDBAdapter,\r\n\tprojectId: string | undefined,\r\n): Promise<void> {\r\n\tif (!projectId) return;\r\n\r\n\tconst where: WhereClause[] = [{ field: \"projectId\", value: projectId }];\r\n\tconst now = Date.now();\r\n\r\n\tconst existingPermissions = await db.findMany<PermissionDefinitionRow>({\r\n\t\tmodel: \"permissionDefinition\",\r\n\t\twhere,\r\n\t\tlimit: 1000,\r\n\t});\r\n\tconst permissionBySlug = new Map(existingPermissions.map((p) => [p.slug, p]));\r\n\r\n\tfor (const def of BUILT_IN_PERMISSIONS) {\r\n\t\tif (permissionBySlug.has(def.slug)) continue;\r\n\t\tconst created = await db.create<PermissionDefinitionRow>({\r\n\t\t\tmodel: \"permissionDefinition\",\r\n\t\t\tdata: {\r\n\t\t\t\tprojectId,\r\n\t\t\t\tname: def.name,\r\n\t\t\t\tslug: def.slug,\r\n\t\t\t\tdescription: def.description,\r\n\t\t\t\tcreatedAt: now,\r\n\t\t\t\tupdatedAt: now,\r\n\t\t\t},\r\n\t\t});\r\n\t\tpermissionBySlug.set(def.slug, created);\r\n\t}\r\n\r\n\tconst roleRows = await db.findMany<RoleDefinitionRow>({\r\n\t\tmodel: \"roleDefinition\",\r\n\t\twhere: [{ field: \"slug\", value: SUPER_ADMIN_ROLE_SLUG }, ...where],\r\n\t\tlimit: 1,\r\n\t});\r\n\r\n\tconst allPermissionSlugs = Array.from(permissionBySlug.keys()).sort();\r\n\tconst allPermissionsJson = JSON.stringify(allPermissionSlugs);\r\n\r\n\tif (roleRows.length === 0) {\r\n\t\tawait db.create<RoleDefinitionRow>({\r\n\t\t\tmodel: \"roleDefinition\",\r\n\t\t\tdata: {\r\n\t\t\t\tprojectId,\r\n\t\t\t\tname: SUPER_ADMIN_ROLE_NAME,\r\n\t\t\t\tslug: SUPER_ADMIN_ROLE_SLUG,\r\n\t\t\t\tdescription: \"Full access across this project and its organizations.\",\r\n\t\t\t\tpermissions: allPermissionsJson,\r\n\t\t\t\tisDefault: true,\r\n\t\t\t\tcreatedAt: now,\r\n\t\t\t\tupdatedAt: now,\r\n\t\t\t},\r\n\t\t});\r\n\t\treturn;\r\n\t}\r\n\r\n\tconst role = roleRows[0]!;\r\n\tconst existingPerms = role.permissions ? (JSON.parse(role.permissions) as string[]) : [];\r\n\tconst mergedPerms = Array.from(new Set([...existingPerms, ...allPermissionSlugs])).sort();\r\n\tawait db.update<RoleDefinitionRow>({\r\n\t\tmodel: \"roleDefinition\",\r\n\t\twhere: [{ field: \"id\", value: role.id }],\r\n\t\tupdate: {\r\n\t\t\tname: role.name || SUPER_ADMIN_ROLE_NAME,\r\n\t\t\tisDefault: true,\r\n\t\t\tpermissions: JSON.stringify(mergedPerms),\r\n\t\t\tupdatedAt: now,\r\n\t\t},\r\n\t});\r\n}\r\n\r\nasync function addPermissionToSuperAdmin(\r\n\tdb: PluginDBAdapter,\r\n\tprojectId: string | undefined,\r\n\tpermissionSlug: string,\r\n): Promise<void> {\r\n\tif (!projectId) return;\r\n\tconst roleRows = await db.findMany<RoleDefinitionRow>({\r\n\t\tmodel: \"roleDefinition\",\r\n\t\twhere: [\r\n\t\t\t{ field: \"projectId\", value: projectId },\r\n\t\t\t{ field: \"slug\", value: SUPER_ADMIN_ROLE_SLUG },\r\n\t\t],\r\n\t\tlimit: 1,\r\n\t});\r\n\tif (roleRows.length === 0 || !roleRows[0]) return;\r\n\r\n\tconst role = roleRows[0];\r\n\tconst currentPerms = role.permissions ? (JSON.parse(role.permissions) as string[]) : [];\r\n\tif (currentPerms.includes(permissionSlug)) return;\r\n\r\n\tawait db.update<RoleDefinitionRow>({\r\n\t\tmodel: \"roleDefinition\",\r\n\t\twhere: [{ field: \"id\", value: role.id }],\r\n\t\tupdate: {\r\n\t\t\tpermissions: JSON.stringify([...currentPerms, permissionSlug].sort()),\r\n\t\t\tupdatedAt: Date.now(),\r\n\t\t},\r\n\t});\r\n}\r\n\r\n// ─── CSS Sanitization ───────────────────────────────────────────────\r\n\r\n/**\r\n * Patterns that are dangerous in user-supplied CSS.\r\n *\r\n * - `url(` can exfiltrate data or load external resources\r\n * - `@import` can load external stylesheets\r\n * - `expression(` is an IE CSS expression (JS execution)\r\n * - `behavior:` loads HTC components in IE\r\n * - `javascript:` protocol in values\r\n * - `-moz-binding` can load XBL bindings in old Firefox\r\n */\r\nconst DANGEROUS_CSS_PATTERNS = [\r\n\t/url\\s*\\(/gi,\r\n\t/@import\\b/gi,\r\n\t/expression\\s*\\(/gi,\r\n\t/behavior\\s*:/gi,\r\n\t/javascript\\s*:/gi,\r\n\t/-moz-binding\\s*:/gi,\r\n\t/<\\/?script/gi,\r\n\t/<\\/?style/gi,\r\n];\r\n\r\n/**\r\n * Maximum length for customCss to prevent abuse.\r\n */\r\nconst MAX_CUSTOM_CSS_LENGTH = 10_000;\r\n\r\n/**\r\n * Strip dangerous CSS patterns from user-supplied custom CSS.\r\n * Returns the sanitized string, or an empty string if the input\r\n * contains patterns that cannot be safely cleaned.\r\n */\r\nfunction sanitizeCss(raw: string): string {\r\n\tif (raw.length > MAX_CUSTOM_CSS_LENGTH) {\r\n\t\treturn raw.slice(0, MAX_CUSTOM_CSS_LENGTH);\r\n\t}\r\n\tlet css = raw;\r\n\tfor (const pattern of DANGEROUS_CSS_PATTERNS) {\r\n\t\tcss = css.replace(pattern, \"/* [removed] */\");\r\n\t}\r\n\treturn css;\r\n}\r\n\r\n// ─── Zod Schemas ────────────────────────────────────────────────────\r\n\r\nconst emptySchema = z.object({});\r\n\r\n/** Empty body with optional projectId for project-scoped GET endpoints. */\r\nconst projectScopedEmpty = emptySchema.merge(projectScopeSchema);\r\n\r\nconst createRoleSchema = z\r\n\t.object({\r\n\t\tname: z.string(),\r\n\t\tslug: z.string(),\r\n\t\tdescription: z.string().optional(),\r\n\t})\r\n\t.merge(projectScopeSchema);\r\n\r\nconst deleteByIdSchema = z\r\n\t.object({\r\n\t\tid: z.string(),\r\n\t})\r\n\t.merge(projectScopeSchema);\r\n\r\nconst createPermissionSchema = z\r\n\t.object({\r\n\t\tname: z.string(),\r\n\t\tslug: z.string(),\r\n\t\tdescription: z.string().optional(),\r\n\t})\r\n\t.merge(projectScopeSchema);\r\n\r\nconst checkPermissionSchema = z\r\n\t.object({\r\n\t\tpermission: z.string().min(1),\r\n\t})\r\n\t.merge(projectScopeSchema);\r\n\r\nconst checkPermissionsSchema = z\r\n\t.object({\r\n\t\tpermissions: z.array(z.string().min(1)).min(1),\r\n\t\toperator: z.enum([\"all\", \"any\"]).optional(),\r\n\t})\r\n\t.merge(projectScopeSchema);\r\n\r\nconst saveBrandingSchema = z\r\n\t.object({\r\n\t\tprimaryColor: z.string().optional(),\r\n\t\tbgColor: z.string().optional(),\r\n\t\tborderRadius: z.number().optional(),\r\n\t\tdarkMode: z.boolean().optional(),\r\n\t\tcustomCss: z.string().max(MAX_CUSTOM_CSS_LENGTH).optional(),\r\n\t\tfont: z.string().optional(),\r\n\t\tlogoUrl: z.string().optional(),\r\n\t})\r\n\t.merge(projectScopeSchema);\r\n\r\nconst toggleEmailSchema = z\r\n\t.object({\r\n\t\tid: z.string(),\r\n\t\tenabled: z.boolean(),\r\n\t})\r\n\t.merge(projectScopeSchema);\r\n\r\n// ─── Domain Config Schemas ──────────────────────────────────────────\r\n\r\nconst saveDomainSchema = z\r\n\t.object({\r\n\t\tdomainKey: z.string(),\r\n\t\ttitle: z.string(),\r\n\t\tdescription: z.string().optional(),\r\n\t\tvalue: z.string(),\r\n\t\tisDefault: z.boolean().optional(),\r\n\t})\r\n\t.merge(projectScopeSchema);\r\n\r\nconst deleteDomainSchema = z\r\n\t.object({\r\n\t\tdomainKey: z.string(),\r\n\t})\r\n\t.merge(projectScopeSchema);\r\n\r\n// ─── Redirect Config Schemas ────────────────────────────────────────\r\n\r\nconst saveRedirectsSchema = z\r\n\t.object({\r\n\t\tconfig: z.record(z.string(), z.union([z.string(), z.array(z.string())])),\r\n\t})\r\n\t.merge(projectScopeSchema);\r\n\r\n// ─── Action Config Schemas ──────────────────────────────────────────\r\n\r\nconst createActionSchema = z\r\n\t.object({\r\n\t\tname: z.string(),\r\n\t\tdescription: z.string().optional(),\r\n\t\ttriggerEvent: z.string(),\r\n\t\twebhookUrl: z.string().url(),\r\n\t})\r\n\t.merge(projectScopeSchema);\r\n\r\nconst deleteActionSchema = z\r\n\t.object({\r\n\t\tid: z.string(),\r\n\t})\r\n\t.merge(projectScopeSchema);\r\n\r\n// ─── Radar Config Schema ────────────────────────────────────────────\r\n\r\nconst saveRadarConfigSchema = z\r\n\t.object({\r\n\t\tenabled: z.boolean().optional(),\r\n\t\tblockImpossibleTravel: z.boolean().optional(),\r\n\t\tdeviceFingerprinting: z.boolean().optional(),\r\n\t\trateLimiting: z.boolean().optional(),\r\n\t\tbotDetection: z.boolean().optional(),\r\n\t\t/** Bot detection provider: \"botid\" | \"turnstile\" | \"recaptcha\" | \"hcaptcha\" | null */\r\n\t\tbotProvider: z.string().nullable().optional(),\r\n\t\t/** Provider-specific credentials (e.g. API key, site key, secret key) */\r\n\t\tbotProviderCredentials: z\r\n\t\t\t.object({\r\n\t\t\t\tapiKey: z.string().optional(),\r\n\t\t\t\tsiteKey: z.string().optional(),\r\n\t\t\t\tsecretKey: z.string().optional(),\r\n\t\t\t})\r\n\t\t\t.optional(),\r\n\t})\r\n\t.merge(projectScopeSchema);\r\n\r\n// ─── Email Provider Config Schema ───────────────────────────────────\r\n\r\nconst saveEmailProviderConfigSchema = z\r\n\t.object({\r\n\t\tproviders: z\r\n\t\t\t.record(\r\n\t\t\t\tz.string(),\r\n\t\t\t\tz.object({\r\n\t\t\t\t\tenabled: z.boolean(),\r\n\t\t\t\t\tapiKey: z.string().optional(),\r\n\t\t\t\t}),\r\n\t\t\t)\r\n\t\t\t.optional(),\r\n\t\tactiveProvider: z.string().nullable().optional(),\r\n\t})\r\n\t.merge(projectScopeSchema);\r\n\r\n// ─── Resource Type Schemas ──────────────────────────────────────────\r\n\r\nconst createResourceTypeSchema = z\r\n\t.object({\r\n\t\tname: z.string(),\r\n\t\tslug: z.string(),\r\n\t\tdescription: z.string().optional(),\r\n\t})\r\n\t.merge(projectScopeSchema);\r\n\r\nconst deleteResourceTypeSchema = z\r\n\t.object({\r\n\t\tid: z.string(),\r\n\t})\r\n\t.merge(projectScopeSchema);\r\n\r\n// ─── Addon Config Schema ────────────────────────────────────────────\r\n\r\nconst saveAddonConfigSchema = z\r\n\t.object({\r\n\t\taddons: z.record(z.string(), z.object({ enabled: z.boolean() })),\r\n\t})\r\n\t.merge(projectScopeSchema);\r\n\r\n// ─── Auth Configuration Schema ──────────────────────────────────────\r\n\r\nconst saveAuthConfigSchema = z\r\n\t.object({\r\n\t\troleAssignment: z.boolean().optional(),\r\n\t\tmultipleRoles: z.boolean().optional(),\r\n\t\tapiKeyPermissions: z.boolean().optional(),\r\n\t})\r\n\t.merge(projectScopeSchema);\r\n\r\n// ─── Project Config Schema ──────────────────────────────────────────\r\n\r\nconst saveProjectConfigSchema = z\r\n\t.object({\r\n\t\tprojectName: z.string().max(100).optional(),\r\n\t\tprojectDescription: z.string().max(500).optional(),\r\n\t})\r\n\t.merge(projectScopeSchema);\r\n\r\nconst saveDashboardConfigSchema = z\r\n\t.object({\r\n\t\tauthMethods: z\r\n\t\t\t.object({\r\n\t\t\t\tsso: z.boolean().optional(),\r\n\t\t\t\temailPassword: z.boolean().optional(),\r\n\t\t\t\tpasskey: z.boolean().optional(),\r\n\t\t\t\tmagicLink: z.boolean().optional(),\r\n\t\t\t\temailOtp: z.boolean().optional(),\r\n\t\t\t\ttwoFactor: z.boolean().optional(),\r\n\t\t\t\torganization: z.boolean().optional(),\r\n\t\t\t\tanonymous: z.boolean().optional(),\r\n\t\t\t\tusername: z.boolean().optional(),\r\n\t\t\t})\r\n\t\t\t.optional(),\r\n\t\tsocialProviders: z\r\n\t\t\t.record(z.string(), z.object({ enabled: z.boolean(), demo: z.boolean().optional() }))\r\n\t\t\t.optional(),\r\n\t\tfeatures: z\r\n\t\t\t.object({\r\n\t\t\t\thostedUi: z.boolean().optional(),\r\n\t\t\t\tsignUp: z.boolean().optional(),\r\n\t\t\t\tmfa: z.boolean().optional(),\r\n\t\t\t\tlocalization: z.boolean().optional(),\r\n\t\t\t})\r\n\t\t\t.optional(),\r\n\t\tsessions: z\r\n\t\t\t.object({\r\n\t\t\t\tmaxSessionLength: z.string().optional(),\r\n\t\t\t\taccessTokenDuration: z.string().optional(),\r\n\t\t\t\tinactivityTimeout: z.string().optional(),\r\n\t\t\t\tcorsOrigins: z.array(z.string()).optional(),\r\n\t\t\t})\r\n\t\t\t.optional(),\r\n\t})\r\n\t.merge(projectScopeSchema);\r\n\r\n// ─── Static Config Builder ──────────────────────────────────────────\r\n\r\ninterface StaticDashboardConfig {\r\n\tauthMethods: {\r\n\t\tsso: boolean;\r\n\t\temailPassword: boolean;\r\n\t\tpasskey: boolean;\r\n\t\tmagicLink: boolean;\r\n\t\temailOtp: boolean;\r\n\t\ttwoFactor: boolean;\r\n\t\torganization: boolean;\r\n\t\tanonymous: boolean;\r\n\t\tusername: boolean;\r\n\t};\r\n\tsocialProviders: Record<string, { enabled: boolean; demo: boolean }>;\r\n\tfeatures: {\r\n\t\thostedUi: boolean;\r\n\t\tsignUp: boolean;\r\n\t\tmfa: boolean;\r\n\t\tlocalization: boolean;\r\n\t};\r\n\tsessions: {\r\n\t\tmaxSessionLength: string;\r\n\t\taccessTokenDuration: string;\r\n\t\tinactivityTimeout: string;\r\n\t\tcorsOrigins: string[];\r\n\t};\r\n}\r\n\r\nconst RUNTIME_MANAGED_CONFIG_MESSAGE =\r\n\t\"Auth methods and social providers are managed from your Banata auth config and environment variables.\";\r\n\r\nfunction stripRuntimeManagedConfig(\r\n\tpartial: Record<string, unknown>,\r\n): Record<string, unknown> {\r\n\tconst sanitized = { ...partial };\r\n\tdelete sanitized.authMethods;\r\n\tdelete sanitized.socialProviders;\r\n\treturn sanitized;\r\n}\r\n\r\nfunction buildStaticConfig(options?: ConfigPluginOptions): StaticDashboardConfig {\r\n\tconst socialProviders: Record<string, { enabled: boolean; demo: boolean }> = {};\r\n\tif (options?.socialProviders) {\r\n\t\tfor (const [key, value] of Object.entries(options.socialProviders)) {\r\n\t\t\tsocialProviders[key] = {\r\n\t\t\t\tenabled: value.enabled,\r\n\t\t\t\tdemo: value.demo ?? false,\r\n\t\t\t};\r\n\t\t}\r\n\t}\r\n\r\n\treturn {\r\n\t\tauthMethods: {\r\n\t\t\tsso: options?.authMethods?.sso ?? false,\r\n\t\t\temailPassword: options?.authMethods?.emailPassword ?? true,\r\n\t\t\tpasskey: options?.authMethods?.passkey ?? false,\r\n\t\t\tmagicLink: options?.authMethods?.magicLink ?? false,\r\n\t\t\temailOtp: options?.authMethods?.emailOtp ?? false,\r\n\t\t\ttwoFactor: options?.authMethods?.twoFactor ?? false,\r\n\t\t\torganization: options?.authMethods?.organization ?? false,\r\n\t\t\tanonymous: options?.authMethods?.anonymous ?? false,\r\n\t\t\tusername: options?.authMethods?.username ?? false,\r\n\t\t},\r\n\t\tsocialProviders,\r\n\t\tfeatures: {\r\n\t\t\thostedUi: options?.features?.hostedUi ?? false,\r\n\t\t\tsignUp: options?.features?.signUp ?? true,\r\n\t\t\tmfa: options?.features?.mfa ?? false,\r\n\t\t\tlocalization: options?.features?.localization ?? false,\r\n\t\t},\r\n\t\tsessions: {\r\n\t\t\tmaxSessionLength: options?.sessions?.maxSessionLength ?? \"7 days\",\r\n\t\t\taccessTokenDuration: options?.sessions?.accessTokenDuration ?? \"15 minutes\",\r\n\t\t\tinactivityTimeout: options?.sessions?.inactivityTimeout ?? \"2 days\",\r\n\t\t\tcorsOrigins: options?.sessions?.corsOrigins ?? [],\r\n\t\t},\r\n\t};\r\n}\r\n\r\n// ─── Deep Merge Helper ──────────────────────────────────────────────\r\n\r\n/**\r\n * Deep-merges a partial dashboard config into a full config object.\r\n * Only defined keys in `partial` overwrite the target. Returns the\r\n * mutated `target` for convenience.\r\n */\r\nfunction deepMergeConfig(\r\n\ttarget: StaticDashboardConfig,\r\n\tpartial: Record<string, unknown>,\r\n): StaticDashboardConfig {\r\n\tif (partial.authMethods && typeof partial.authMethods === \"object\") {\r\n\t\tconst src = partial.authMethods as Record<string, unknown>;\r\n\t\tfor (const key of Object.keys(src)) {\r\n\t\t\tif (key in target.authMethods && typeof src[key] === \"boolean\") {\r\n\t\t\t\t(target.authMethods as Record<string, boolean>)[key] = src[key] as boolean;\r\n\t\t\t}\r\n\t\t}\r\n\t}\r\n\r\n\tif (partial.socialProviders && typeof partial.socialProviders === \"object\") {\r\n\t\tconst src = partial.socialProviders as Record<string, { enabled: boolean; demo?: boolean }>;\r\n\t\tfor (const [key, value] of Object.entries(src)) {\r\n\t\t\ttarget.socialProviders[key] = {\r\n\t\t\t\tenabled: value.enabled,\r\n\t\t\t\tdemo: value.demo ?? false,\r\n\t\t\t};\r\n\t\t}\r\n\t}\r\n\r\n\tif (partial.features && typeof partial.features === \"object\") {\r\n\t\tconst src = partial.features as Record<string, unknown>;\r\n\t\tfor (const key of Object.keys(src)) {\r\n\t\t\tif (key in target.features && typeof src[key] === \"boolean\") {\r\n\t\t\t\t(target.features as Record<string, boolean>)[key] = src[key] as boolean;\r\n\t\t\t}\r\n\t\t}\r\n\t}\r\n\r\n\tif (partial.sessions && typeof partial.sessions === \"object\") {\r\n\t\tconst src = partial.sessions as Record<string, unknown>;\r\n\t\tif (typeof src.maxSessionLength === \"string\")\r\n\t\t\ttarget.sessions.maxSessionLength = src.maxSessionLength;\r\n\t\tif (typeof src.accessTokenDuration === \"string\")\r\n\t\t\ttarget.sessions.accessTokenDuration = src.accessTokenDuration;\r\n\t\tif (typeof src.inactivityTimeout === \"string\")\r\n\t\t\ttarget.sessions.inactivityTimeout = src.inactivityTimeout;\r\n\t\tif (Array.isArray(src.corsOrigins)) target.sessions.corsOrigins = src.corsOrigins as string[];\r\n\t}\r\n\r\n\treturn target;\r\n}\r\n\r\n// ─── Plugin Factory ─────────────────────────────────────────────────\r\n\r\n/**\r\n * Config plugin for the Banata Auth dashboard.\r\n *\r\n * Registers endpoints under `/api/auth/banata/config/...` for managing\r\n * dashboard configuration, roles, permissions, branding, and emails.\r\n *\r\n * @param options - Static config values sourced from environment/auth config\r\n * @returns A Better Auth plugin descriptor\r\n */\r\nexport function configPlugin(options?: ConfigPluginOptions): BetterAuthPlugin {\r\n\t/**\r\n\t * Per-project in-memory config cache.\r\n\t * Key format: `${projectId ?? \"global\"}`\r\n\t */\r\n\tconst configCache = new Map<string, StaticDashboardConfig>();\r\n\tconst loadedKeys = new Set<string>();\r\n\r\n\tfunction cacheKey(projectId?: string): string {\r\n\t\treturn projectId ?? \"global\";\r\n\t}\r\n\r\n\tfunction getOrCreateConfig(projectId?: string): StaticDashboardConfig {\r\n\t\tconst key = cacheKey(projectId);\r\n\t\tlet cfg = configCache.get(key);\r\n\t\tif (!cfg) {\r\n\t\t\tcfg = buildStaticConfig(options);\r\n\t\t\tconfigCache.set(key, cfg);\r\n\t\t}\r\n\t\treturn cfg;\r\n\t}\r\n\r\n\t/**\r\n\t * Loads any persisted config overrides from the DB and merges them\r\n\t * into the in-memory config for the given project scope.\r\n\t * Only runs once per scope key per process.\r\n\t */\r\n\tasync function ensurePersistedOverrides(\r\n\t\tdb: PluginDBAdapter,\r\n\t\tprojectId?: string,\r\n\t): Promise<StaticDashboardConfig> {\r\n\t\tconst key = cacheKey(projectId);\r\n\t\tconst cfg = getOrCreateConfig(projectId);\r\n\t\tif (loadedKeys.has(key)) return cfg;\r\n\t\tloadedKeys.add(key);\r\n\t\ttry {\r\n\t\t\tconst scopeWhere: WhereClause[] = [];\r\n\t\t\tif (projectId) scopeWhere.push({ field: \"projectId\", value: projectId });\r\n\r\n\t\t\tconst rows = await db.findMany<DashboardConfigRow>({\r\n\t\t\t\tmodel: \"dashboardConfig\",\r\n\t\t\t\twhere: scopeWhere,\r\n\t\t\t\tlimit: 1,\r\n\t\t\t});\r\n\t\t\tif (rows.length > 0 && rows[0]?.configJson) {\r\n\t\t\t\tconst overrides = stripRuntimeManagedConfig(\r\n\t\t\t\t\tJSON.parse(rows[0].configJson) as Record<string, unknown>,\r\n\t\t\t\t);\r\n\t\t\t\tdeepMergeConfig(cfg, overrides);\r\n\t\t\t}\r\n\t\t} catch {\r\n\t\t\t// If the table doesn't exist yet or is empty, continue with defaults\r\n\t\t}\r\n\t\treturn cfg;\r\n\t}\r\n\r\n\tasync function requireScopedPermission(\r\n\t\tctx: any,\r\n\t\tdb: PluginDBAdapter,\r\n\t\tbody: Record<string, unknown>,\r\n\t\tpermission: string,\r\n\t) {\r\n\t\tconst scope = getProjectScope(body);\r\n\t\tawait requireProjectPermission(ctx, {\r\n\t\t\tdb,\r\n\t\t\tpermission,\r\n\t\t\tprojectId: scope.projectId,\r\n\t\t});\r\n\t\treturn scope;\r\n\t}\r\n\r\n\treturn {\r\n\t\tid: \"banata-config\",\r\n\r\n\t\t// ─── Schema Registration ──────────────────────────────────\r\n\t\t// Declare all custom models so Better Auth's adapter recognises them.\r\n\t\t// projectId = per-project scoping.\r\n\t\tschema: {\r\n\t\t\tdashboardConfig: {\r\n\t\t\t\tfields: {\r\n\t\t\t\t\tprojectId: { type: \"string\" as const, required: false },\r\n\t\t\t\t\tconfigJson: { type: \"string\", required: true },\r\n\t\t\t\t\tcreatedAt: { type: \"number\", required: true },\r\n\t\t\t\t\tupdatedAt: { type: \"number\", required: true },\r\n\t\t\t\t},\r\n\t\t\t},\r\n\t\t\troleDefinition: {\r\n\t\t\t\tfields: {\r\n\t\t\t\t\tprojectId: { type: \"string\" as const, required: false },\r\n\t\t\t\t\tname: { type: \"string\", required: true },\r\n\t\t\t\t\tslug: { type: \"string\", required: true },\r\n\t\t\t\t\tdescription: { type: \"string\", required: false },\r\n\t\t\t\t\tpermissions: { type: \"string\", required: false },\r\n\t\t\t\t\tisDefault: { type: \"boolean\", required: false, defaultValue: false },\r\n\t\t\t\t\tcreatedAt: { type: \"number\", required: true },\r\n\t\t\t\t\tupdatedAt: { type: \"number\", required: true },\r\n\t\t\t\t},\r\n\t\t\t},\r\n\t\t\tpermissionDefinition: {\r\n\t\t\t\tfields: {\r\n\t\t\t\t\tprojectId: { type: \"string\" as const, required: false },\r\n\t\t\t\t\tname: { type: \"string\", required: true },\r\n\t\t\t\t\tslug: { type: \"string\", required: true },\r\n\t\t\t\t\tdescription: { type: \"string\", required: false },\r\n\t\t\t\t\tcreatedAt: { type: \"number\", required: true },\r\n\t\t\t\t\tupdatedAt: { type: \"number\", required: true },\r\n\t\t\t\t},\r\n\t\t\t},\r\n\t\t\tbrandingConfig: {\r\n\t\t\t\tfields: {\r\n\t\t\t\t\tprojectId: { type: \"string\" as const, required: false },\r\n\t\t\t\t\tprimaryColor: { type: \"string\", required: false },\r\n\t\t\t\t\tbgColor: { type: \"string\", required: false },\r\n\t\t\t\t\tborderRadius: { type: \"number\", required: false },\r\n\t\t\t\t\tdarkMode: { type: \"boolean\", required: false },\r\n\t\t\t\t\tcustomCss: { type: \"string\", required: false },\r\n\t\t\t\t\tfont: { type: \"string\", required: false },\r\n\t\t\t\t\tlogoUrl: { type: \"string\", required: false },\r\n\t\t\t\t\tcreatedAt: { type: \"number\", required: true },\r\n\t\t\t\t\tupdatedAt: { type: \"number\", required: true },\r\n\t\t\t\t},\r\n\t\t\t},\r\n\t\t\temailConfig: {\r\n\t\t\t\tfields: {\r\n\t\t\t\t\tprojectId: { type: \"string\" as const, required: false },\r\n\t\t\t\t\temailType: { type: \"string\", required: true },\r\n\t\t\t\t\tname: { type: \"string\", required: true },\r\n\t\t\t\t\tdescription: { type: \"string\", required: false },\r\n\t\t\t\t\tenabled: { type: \"boolean\", required: true },\r\n\t\t\t\t\tcategory: { type: \"string\", required: true },\r\n\t\t\t\t\tcreatedAt: { type: \"number\", required: true },\r\n\t\t\t\t\tupdatedAt: { type: \"number\", required: true },\r\n\t\t\t\t},\r\n\t\t\t},\r\n\t\t\tdomainConfig: {\r\n\t\t\t\tfields: {\r\n\t\t\t\t\tprojectId: { type: \"string\" as const, required: false },\r\n\t\t\t\t\tdomainKey: { type: \"string\", required: true },\r\n\t\t\t\t\ttitle: { type: \"string\", required: true },\r\n\t\t\t\t\tdescription: { type: \"string\", required: false },\r\n\t\t\t\t\tvalue: { type: \"string\", required: true },\r\n\t\t\t\t\tisDefault: { type: \"boolean\", required: false },\r\n\t\t\t\t\tcreatedAt: { type: \"number\", required: true },\r\n\t\t\t\t\tupdatedAt: { type: \"number\", required: true },\r\n\t\t\t\t},\r\n\t\t\t},\r\n\t\t\tredirectConfig: {\r\n\t\t\t\tfields: {\r\n\t\t\t\t\tprojectId: { type: \"string\" as const, required: false },\r\n\t\t\t\t\tconfigJson: { type: \"string\", required: true },\r\n\t\t\t\t\tcreatedAt: { type: \"number\", required: true },\r\n\t\t\t\t\tupdatedAt: { type: \"number\", required: true },\r\n\t\t\t\t},\r\n\t\t\t},\r\n\t\t\tactionConfig: {\r\n\t\t\t\tfields: {\r\n\t\t\t\t\tprojectId: { type: \"string\" as const, required: false },\r\n\t\t\t\t\tname: { type: \"string\", required: true },\r\n\t\t\t\t\tdescription: { type: \"string\", required: false },\r\n\t\t\t\t\ttriggerEvent: { type: \"string\", required: true },\r\n\t\t\t\t\twebhookUrl: { type: \"string\", required: true },\r\n\t\t\t\t\tcreatedAt: { type: \"number\", required: true },\r\n\t\t\t\t\tupdatedAt: { type: \"number\", required: true },\r\n\t\t\t\t},\r\n\t\t\t},\r\n\t\t\tradarConfig: {\r\n\t\t\t\tfields: {\r\n\t\t\t\t\tprojectId: { type: \"string\" as const, required: false },\r\n\t\t\t\t\tconfigJson: { type: \"string\", required: true },\r\n\t\t\t\t\tcreatedAt: { type: \"number\", required: true },\r\n\t\t\t\t\tupdatedAt: { type: \"number\", required: true },\r\n\t\t\t\t},\r\n\t\t\t},\r\n\t\t\temailProviderConfig: {\r\n\t\t\t\tfields: {\r\n\t\t\t\t\tprojectId: { type: \"string\" as const, required: false },\r\n\t\t\t\t\tconfigJson: { type: \"string\", required: true },\r\n\t\t\t\t\tcreatedAt: { type: \"number\", required: true },\r\n\t\t\t\t\tupdatedAt: { type: \"number\", required: true },\r\n\t\t\t\t},\r\n\t\t\t},\r\n\t\t\tresourceType: {\r\n\t\t\t\tfields: {\r\n\t\t\t\t\tprojectId: { type: \"string\" as const, required: false },\r\n\t\t\t\t\tname: { type: \"string\", required: true },\r\n\t\t\t\t\tslug: { type: \"string\", required: true },\r\n\t\t\t\t\tdescription: { type: \"string\", required: false },\r\n\t\t\t\t\tcreatedAt: { type: \"number\", required: true },\r\n\t\t\t\t\tupdatedAt: { type: \"number\", required: true },\r\n\t\t\t\t},\r\n\t\t\t},\r\n\t\t\taddonConfig: {\r\n\t\t\t\tfields: {\r\n\t\t\t\t\tprojectId: { type: \"string\" as const, required: false },\r\n\t\t\t\t\tconfigJson: { type: \"string\", required: true },\r\n\t\t\t\t\tcreatedAt: { type: \"number\", required: true },\r\n\t\t\t\t\tupdatedAt: { type: \"number\", required: true },\r\n\t\t\t\t},\r\n\t\t\t},\r\n\t\t\tprojectConfig: {\r\n\t\t\t\tfields: {\r\n\t\t\t\t\tprojectId: { type: \"string\" as const, required: false },\r\n\t\t\t\t\tconfigJson: { type: \"string\", required: true },\r\n\t\t\t\t\tcreatedAt: { type: \"number\", required: true },\r\n\t\t\t\t\tupdatedAt: { type: \"number\", required: true },\r\n\t\t\t\t},\r\n\t\t\t},\r\n\t\t},\r\n\r\n\t\tendpoints: {\r\n\t\t\t// ════════════════════════════════════════════════════════════\r\n\t\t\t// Dashboard Config\r\n\t\t\t// ════════════════════════════════════════════════════════════\r\n\r\n getPublicConfig: createAuthEndpoint(\r\n \"/banata/config/public\",\r\n {\r\n method: \"POST\", requireHeaders: true,\r\n body: emptySchema,\r\n },\r\n async (ctx) => ctx.json(buildStaticConfig(options)),\r\n ),\r\n\r\n\t\t\tgetDashboardConfig: createAuthEndpoint(\r\n\t\t\t\t\"/banata/config/dashboard\",\r\n\t\t\t\t{\r\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\r\n\t\t\t\t\tbody: projectScopedEmpty,\r\n\t\t\t\t},\r\n\t\t\t\tasync (ctx) => {\r\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\r\n\t\t\t\t\tconst body = ctx.body as Record<string, unknown>;\r\n\t\t\t\t\tconst scope = await requireScopedPermission(ctx, db, body, \"dashboard.read\");\r\n\t\t\t\t\tconst cfg = await ensurePersistedOverrides(db, scope.projectId);\r\n\t\t\t\t\treturn ctx.json(cfg);\r\n\t\t\t\t},\r\n\t\t\t),\r\n\r\n\t\t\tsaveDashboardConfig: createAuthEndpoint(\r\n\t\t\t\t\"/banata/config/dashboard/save\",\r\n\t\t\t\t{\r\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\r\n\t\t\t\t\tbody: saveDashboardConfigSchema,\r\n\t\t\t\t},\r\n\t\t\t\tasync (ctx) => {\r\n\t\t\t\t\tconst body = ctx.body as Record<string, unknown>;\r\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\r\n\t\t\t\t\tconst now = Date.now();\r\n\t\t\t\t\tconst scope = await requireScopedPermission(ctx, db, body, \"dashboard.manage\");\r\n\r\n\t\t\t\t\tif (body.authMethods || body.socialProviders) {\r\n\t\t\t\t\t\tthrow ctx.error(\"BAD_REQUEST\", {\r\n\t\t\t\t\t\t\tmessage: RUNTIME_MANAGED_CONFIG_MESSAGE,\r\n\t\t\t\t\t\t});\r\n\t\t\t\t\t}\r\n\r\n\t\t\t\t\t// Ensure we have the latest persisted state before merging\r\n\t\t\t\t\tconst cfg = await ensurePersistedOverrides(db, scope.projectId);\r\n\t\t\t\t\tconst persistedBody = stripRuntimeManagedConfig(body);\r\n\r\n\t\t\t\t\t// Deep-merge the incoming partial config into the in-memory config\r\n\t\t\t\t\tdeepMergeConfig(cfg, persistedBody);\r\n\r\n\t\t\t\t\t// Persist the full config to DB (scoped upsert)\r\n\t\t\t\t\ttry {\r\n\t\t\t\t\t\tconst configJson = JSON.stringify(\r\n\t\t\t\t\t\t\tstripRuntimeManagedConfig(cfg as unknown as Record<string, unknown>),\r\n\t\t\t\t\t\t);\r\n\t\t\t\t\t\tconst rows = await db.findMany<DashboardConfigRow>({\r\n\t\t\t\t\t\t\tmodel: \"dashboardConfig\",\r\n\t\t\t\t\t\t\twhere: scope.where,\r\n\t\t\t\t\t\t\tlimit: 1,\r\n\t\t\t\t\t\t});\r\n\r\n\t\t\t\t\t\tif (rows.length > 0 && rows[0]) {\r\n\t\t\t\t\t\t\tawait db.update<DashboardConfigRow>({\r\n\t\t\t\t\t\t\t\tmodel: \"dashboardConfig\",\r\n\t\t\t\t\t\t\t\twhere: [{ field: \"id\", operator: \"eq\", value: rows[0].id }],\r\n\t\t\t\t\t\t\t\tupdate: { configJson, updatedAt: now },\r\n\t\t\t\t\t\t\t});\r\n\t\t\t\t\t\t} else {\r\n\t\t\t\t\t\t\tawait db.create<DashboardConfigRow>({\r\n\t\t\t\t\t\t\t\tmodel: \"dashboardConfig\",\r\n\t\t\t\t\t\t\t\tdata: {\r\n\t\t\t\t\t\t\t\t\t...scope.data,\r\n\t\t\t\t\t\t\t\t\tconfigJson,\r\n\t\t\t\t\t\t\t\t\tcreatedAt: now,\r\n\t\t\t\t\t\t\t\t\tupdatedAt: now,\r\n\t\t\t\t\t\t\t\t},\r\n\t\t\t\t\t\t\t});\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t} catch {\r\n\t\t\t\t\t\t// Persistence failed — in-memory config is still updated.\r\n\t\t\t\t\t\t// The next GET will return the updated config for this process lifetime.\r\n\t\t\t\t\t}\r\n\r\n\t\t\t\t\treturn ctx.json(cfg);\r\n\t\t\t\t},\r\n\t\t\t),\r\n\r\n\t\t\t// ════════════════════════════════════════════════════════════\r\n\t\t\t// Roles CRUD\r\n\t\t\t// ════════════════════════════════════════════════════════════\r\n\r\n\t\t\tlistRoles: createAuthEndpoint(\r\n\t\t\t\t\"/banata/config/roles/list\",\r\n\t\t\t\t{\r\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\r\n\t\t\t\t\tbody: projectScopedEmpty,\r\n\t\t\t\t},\r\n\t\t\t\tasync (ctx) => {\r\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\r\n\t\t\t\t\tconst scope = getProjectScope(ctx.body as Record<string, unknown>);\r\n\t\t\t\t\tawait requireProjectPermission(ctx, {\r\n\t\t\t\t\t\tdb,\r\n\t\t\t\t\t\tpermission: \"role.read\",\r\n\t\t\t\t\t\tprojectId: scope.projectId,\r\n\t\t\t\t\t});\r\n\t\t\t\t\tawait ensureProjectRbacDefaults(db, scope.data.projectId);\r\n\r\n\t\t\t\t\tconst roles = await db.findMany<RoleDefinitionRow>({\r\n\t\t\t\t\t\tmodel: \"roleDefinition\",\r\n\t\t\t\t\t\twhere: [...scope.where],\r\n\t\t\t\t\t\tlimit: 200,\r\n\t\t\t\t\t\tsortBy: { field: \"createdAt\", direction: \"asc\" },\r\n\t\t\t\t\t});\r\n\r\n\t\t\t\t\tconst parsed = roles.map((r) => ({\r\n\t\t\t\t\t\tid: r.id,\r\n\t\t\t\t\t\tname: r.name,\r\n\t\t\t\t\t\tslug: r.slug,\r\n\t\t\t\t\t\tdescription: r.description ?? \"\",\r\n\t\t\t\t\t\tpermissions: r.permissions ? (JSON.parse(r.permissions) as string[]) : [],\r\n\t\t\t\t\t\tisDefault: r.isDefault ?? false,\r\n\t\t\t\t\t\tcreatedAt: new Date(r.createdAt).toISOString(),\r\n\t\t\t\t\t}));\r\n\r\n\t\t\t\t\treturn ctx.json({ roles: parsed });\r\n\t\t\t\t},\r\n\t\t\t),\r\n\r\n\t\t\tcreateRole: createAuthEndpoint(\r\n\t\t\t\t\"/banata/config/roles/create\",\r\n\t\t\t\t{\r\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\r\n\t\t\t\t\tbody: createRoleSchema,\r\n\t\t\t\t},\r\n\t\t\t\tasync (ctx) => {\r\n\t\t\t\t\tconst body = ctx.body;\r\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\r\n\t\t\t\t\tconst now = Date.now();\r\n\t\t\t\t\tconst scope = getProjectScope(body as Record<string, unknown>);\r\n\t\t\t\t\tawait requireProjectPermission(ctx, {\r\n\t\t\t\t\t\tdb,\r\n\t\t\t\t\t\tpermission: \"role.create\",\r\n\t\t\t\t\t\tprojectId: scope.projectId,\r\n\t\t\t\t\t});\r\n\t\t\t\t\tawait ensureProjectRbacDefaults(db, scope.data.projectId);\r\n\t\t\t\t\tconst reservedRoleSlugs = new Set([SUPER_ADMIN_ROLE_SLUG]);\r\n\t\t\t\t\tif (reservedRoleSlugs.has(body.slug)) {\r\n\t\t\t\t\t\tthrow ctx.error(\"BAD_REQUEST\", {\r\n\t\t\t\t\t\t\tmessage: `Role slug \\\"${body.slug}\\\" is reserved`,\r\n\t\t\t\t\t\t});\r\n\t\t\t\t\t}\r\n\r\n\t\t\t\t\t// Check for duplicate slug (within project scope)\r\n\t\t\t\t\tconst existing = await db.findMany<RoleDefinitionRow>({\r\n\t\t\t\t\t\tmodel: \"roleDefinition\",\r\n\t\t\t\t\t\twhere: [{ field: \"slug\", value: body.slug }, ...scope.where],\r\n\t\t\t\t\t\tlimit: 1,\r\n\t\t\t\t\t});\r\n\t\t\t\t\tif (existing.length > 0) {\r\n\t\t\t\t\t\tthrow ctx.error(\"CONFLICT\", {\r\n\t\t\t\t\t\t\tmessage: \"A role with this slug already exists\",\r\n\t\t\t\t\t\t});\r\n\t\t\t\t\t}\r\n\r\n\t\t\t\t\tconst role = await db.create<RoleDefinitionRow>({\r\n\t\t\t\t\t\tmodel: \"roleDefinition\",\r\n\t\t\t\t\t\tdata: {\r\n\t\t\t\t\t\t\t...scope.data,\r\n\t\t\t\t\t\t\tname: body.name,\r\n\t\t\t\t\t\t\tslug: body.slug,\r\n\t\t\t\t\t\t\tdescription: body.description ?? \"\",\r\n\t\t\t\t\t\t\tpermissions: JSON.stringify([]),\r\n\t\t\t\t\t\t\tisDefault: false,\r\n\t\t\t\t\t\t\tcreatedAt: now,\r\n\t\t\t\t\t\t\tupdatedAt: now,\r\n\t\t\t\t\t\t},\r\n\t\t\t\t\t});\r\n\r\n\t\t\t\t\treturn ctx.json({\r\n\t\t\t\t\t\trole: {\r\n\t\t\t\t\t\t\tid: role.id,\r\n\t\t\t\t\t\t\tname: role.name,\r\n\t\t\t\t\t\t\tslug: role.slug,\r\n\t\t\t\t\t\t\tdescription: role.description ?? \"\",\r\n\t\t\t\t\t\t\tpermissions: [] as string[],\r\n\t\t\t\t\t\t\tisDefault: false,\r\n\t\t\t\t\t\t\tcreatedAt: new Date(now).toISOString(),\r\n\t\t\t\t\t\t},\r\n\t\t\t\t\t});\r\n\t\t\t\t},\r\n\t\t\t),\r\n\r\n\t\t\tdeleteRole: createAuthEndpoint(\r\n\t\t\t\t\"/banata/config/roles/delete\",\r\n\t\t\t\t{\r\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\r\n\t\t\t\t\tbody: deleteByIdSchema,\r\n\t\t\t\t},\r\n\t\t\t\tasync (ctx) => {\r\n\t\t\t\t\tconst body = ctx.body;\r\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\r\n\t\t\t\t\tconst scope = getProjectScope(body as Record<string, unknown>);\r\n\t\t\t\t\tawait requireProjectPermission(ctx, {\r\n\t\t\t\t\t\tdb,\r\n\t\t\t\t\t\tpermission: \"role.delete\",\r\n\t\t\t\t\t\tprojectId: scope.projectId,\r\n\t\t\t\t\t});\r\n\t\t\t\t\tawait ensureProjectRbacDefaults(db, scope.data.projectId);\r\n\r\n\t\t\t\t\tconst existing = await db.findMany<RoleDefinitionRow>({\r\n\t\t\t\t\t\tmodel: \"roleDefinition\",\r\n\t\t\t\t\t\twhere: [{ field: \"id\", operator: \"eq\", value: body.id }, ...scope.where],\r\n\t\t\t\t\t\tlimit: 1,\r\n\t\t\t\t\t});\r\n\t\t\t\t\tif (\r\n\t\t\t\t\t\texisting.length > 0 &&\r\n\t\t\t\t\t\t(existing[0]?.slug === SUPER_ADMIN_ROLE_SLUG || existing[0]?.isDefault)\r\n\t\t\t\t\t) {\r\n\t\t\t\t\t\tthrow ctx.error(\"FORBIDDEN\", {\r\n\t\t\t\t\t\t\tmessage: \"Default system roles cannot be deleted\",\r\n\t\t\t\t\t\t});\r\n\t\t\t\t\t}\r\n\r\n\t\t\t\t\tawait db.delete({\r\n\t\t\t\t\t\tmodel: \"roleDefinition\",\r\n\t\t\t\t\t\twhere: [{ field: \"id\", operator: \"eq\", value: body.id }, ...scope.where],\r\n\t\t\t\t\t});\r\n\r\n\t\t\t\t\treturn ctx.json({ success: true });\r\n\t\t\t\t},\r\n\t\t\t),\r\n\r\n\t\t\t// ════════════════════════════════════════════════════════════\r\n\t\t\t// Permissions CRUD\r\n\t\t\t// ════════════════════════════════════════════════════════════\r\n\r\n\t\t\tlistPermissions: createAuthEndpoint(\r\n\t\t\t\t\"/banata/config/permissions/list\",\r\n\t\t\t\t{\r\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\r\n\t\t\t\t\tbody: projectScopedEmpty,\r\n\t\t\t\t},\r\n\t\t\t\tasync (ctx) => {\r\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\r\n\t\t\t\t\tconst scope = getProjectScope(ctx.body as Record<string, unknown>);\r\n\t\t\t\t\tawait requireProjectPermission(ctx, {\r\n\t\t\t\t\t\tdb,\r\n\t\t\t\t\t\tpermission: \"permission.read\",\r\n\t\t\t\t\t\tprojectId: scope.projectId,\r\n\t\t\t\t\t});\r\n\t\t\t\t\tawait ensureProjectRbacDefaults(db, scope.data.projectId);\r\n\r\n\t\t\t\t\tconst permissions = await db.findMany<PermissionDefinitionRow>({\r\n\t\t\t\t\t\tmodel: \"permissionDefinition\",\r\n\t\t\t\t\t\twhere: [...scope.where],\r\n\t\t\t\t\t\tlimit: 500,\r\n\t\t\t\t\t\tsortBy: { field: \"createdAt\", direction: \"asc\" },\r\n\t\t\t\t\t});\r\n\r\n\t\t\t\t\tconst parsed = permissions.map((p) => ({\r\n\t\t\t\t\t\tid: p.id,\r\n\t\t\t\t\t\tname: p.name,\r\n\t\t\t\t\t\tslug: p.slug,\r\n\t\t\t\t\t\tdescription: p.description ?? \"\",\r\n\t\t\t\t\t\tcreatedAt: new Date(p.createdAt).toISOString(),\r\n\t\t\t\t\t}));\r\n\r\n\t\t\t\t\treturn ctx.json({ permissions: parsed });\r\n\t\t\t\t},\r\n\t\t\t),\r\n\r\n\t\t\tcreatePermission: createAuthEndpoint(\r\n\t\t\t\t\"/banata/config/permissions/create\",\r\n\t\t\t\t{\r\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\r\n\t\t\t\t\tbody: createPermissionSchema,\r\n\t\t\t\t},\r\n\t\t\t\tasync (ctx) => {\r\n\t\t\t\t\tconst body = ctx.body;\r\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\r\n\t\t\t\t\tconst now = Date.now();\r\n\t\t\t\t\tconst scope = getProjectScope(body as Record<string, unknown>);\r\n\t\t\t\t\tawait requireProjectPermission(ctx, {\r\n\t\t\t\t\t\tdb,\r\n\t\t\t\t\t\tpermission: \"permission.create\",\r\n\t\t\t\t\t\tprojectId: scope.projectId,\r\n\t\t\t\t\t});\r\n\t\t\t\t\tawait ensureProjectRbacDefaults(db, scope.data.projectId);\r\n\r\n\t\t\t\t\t// Check for duplicate slug (within project scope)\r\n\t\t\t\t\tconst existing = await db.findMany<PermissionDefinitionRow>({\r\n\t\t\t\t\t\tmodel: \"permissionDefinition\",\r\n\t\t\t\t\t\twhere: [{ field: \"slug\", value: body.slug }, ...scope.where],\r\n\t\t\t\t\t\tlimit: 1,\r\n\t\t\t\t\t});\r\n\t\t\t\t\tif (existing.length > 0) {\r\n\t\t\t\t\t\tthrow ctx.error(\"CONFLICT\", {\r\n\t\t\t\t\t\t\tmessage: \"A permission with this slug already exists\",\r\n\t\t\t\t\t\t});\r\n\t\t\t\t\t}\r\n\r\n\t\t\t\t\tconst permission = await db.create<PermissionDefinitionRow>({\r\n\t\t\t\t\t\tmodel: \"permissionDefinition\",\r\n\t\t\t\t\t\tdata: {\r\n\t\t\t\t\t\t\t...scope.data,\r\n\t\t\t\t\t\t\tname: body.name,\r\n\t\t\t\t\t\t\tslug: body.slug,\r\n\t\t\t\t\t\t\tdescription: body.description ?? \"\",\r\n\t\t\t\t\t\t\tcreatedAt: now,\r\n\t\t\t\t\t\t\tupdatedAt: now,\r\n\t\t\t\t\t\t},\r\n\t\t\t\t\t});\r\n\t\t\t\t\tawait addPermissionToSuperAdmin(db, scope.data.projectId, permission.slug);\r\n\r\n\t\t\t\t\treturn ctx.json({\r\n\t\t\t\t\t\tpermission: {\r\n\t\t\t\t\t\t\tid: permission.id,\r\n\t\t\t\t\t\t\tname: permission.name,\r\n\t\t\t\t\t\t\tslug: permission.slug,\r\n\t\t\t\t\t\t\tdescription: permission.description ?? \"\",\r\n\t\t\t\t\t\t\tcreatedAt: new Date(now).toISOString(),\r\n\t\t\t\t\t\t},\r\n\t\t\t\t\t});\r\n\t\t\t\t},\r\n\t\t\t),\r\n\r\n\t\t\tdeletePermission: createAuthEndpoint(\r\n\t\t\t\t\"/banata/config/permissions/delete\",\r\n\t\t\t\t{\r\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\r\n\t\t\t\t\tbody: deleteByIdSchema,\r\n\t\t\t\t},\r\n\t\t\t\tasync (ctx) => {\r\n\t\t\t\t\tconst body = ctx.body;\r\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\r\n\t\t\t\t\tconst scope = getProjectScope(body as Record<string, unknown>);\r\n\t\t\t\t\tawait requireProjectPermission(ctx, {\r\n\t\t\t\t\t\tdb,\r\n\t\t\t\t\t\tpermission: \"permission.delete\",\r\n\t\t\t\t\t\tprojectId: scope.projectId,\r\n\t\t\t\t\t});\r\n\t\t\t\t\tawait ensureProjectRbacDefaults(db, scope.data.projectId);\r\n\r\n\t\t\t\t\tconst existing = await db.findMany<PermissionDefinitionRow>({\r\n\t\t\t\t\t\tmodel: \"permissionDefinition\",\r\n\t\t\t\t\t\twhere: [{ field: \"id\", operator: \"eq\", value: body.id }, ...scope.where],\r\n\t\t\t\t\t\tlimit: 1,\r\n\t\t\t\t\t});\r\n\t\t\t\t\tif (existing.length > 0) {\r\n\t\t\t\t\t\tconst builtInSlugs = new Set(BUILT_IN_PERMISSIONS.map((p) => p.slug));\r\n\t\t\t\t\t\tconst permissionSlug = existing[0]!.slug;\r\n\t\t\t\t\t\tif (builtInSlugs.has(permissionSlug)) {\r\n\t\t\t\t\t\t\tthrow ctx.error(\"FORBIDDEN\", {\r\n\t\t\t\t\t\t\t\tmessage: \"Built-in permissions cannot be deleted\",\r\n\t\t\t\t\t\t\t});\r\n\t\t\t\t\t\t}\r\n\r\n\t\t\t\t\t\tconst roles = await db.findMany<RoleDefinitionRow>({\r\n\t\t\t\t\t\t\tmodel: \"roleDefinition\",\r\n\t\t\t\t\t\t\twhere: [...scope.where],\r\n\t\t\t\t\t\t\tlimit: 500,\r\n\t\t\t\t\t\t});\r\n\t\t\t\t\t\tfor (const role of roles) {\r\n\t\t\t\t\t\t\tconst rolePerms = role.permissions ? (JSON.parse(role.permissions) as string[]) : [];\r\n\t\t\t\t\t\t\tif (!rolePerms.includes(permissionSlug)) continue;\r\n\t\t\t\t\t\t\tawait db.update<RoleDefinitionRow>({\r\n\t\t\t\t\t\t\t\tmodel: \"roleDefinition\",\r\n\t\t\t\t\t\t\t\twhere: [{ field: \"id\", value: role.id }],\r\n\t\t\t\t\t\t\t\tupdate: {\r\n\t\t\t\t\t\t\t\t\tpermissions: JSON.stringify(rolePerms.filter((p) => p !== permissionSlug).sort()),\r\n\t\t\t\t\t\t\t\t\tupdatedAt: Date.now(),\r\n\t\t\t\t\t\t\t\t},\r\n\t\t\t\t\t\t\t});\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t}\r\n\r\n\t\t\t\t\tawait db.delete({\r\n\t\t\t\t\t\tmodel: \"permissionDefinition\",\r\n\t\t\t\t\t\twhere: [{ field: \"id\", operator: \"eq\", value: body.id }, ...scope.where],\r\n\t\t\t\t\t});\r\n\r\n\t\t\t\t\treturn ctx.json({ success: true });\r\n\t\t\t\t},\r\n\t\t\t),\r\n\r\n\t\t\t// ════════════════════════════════════════════════════════════\r\n\t\t\t// RBAC Helpers (customer-facing)\r\n\t\t\t// ════════════════════════════════════════════════════════════\r\n\r\n\t\t\tmyPermissions: createAuthEndpoint(\r\n\t\t\t\t\"/banata/rbac/my-permissions\",\r\n\t\t\t\t{\r\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\r\n\t\t\t\t\tbody: projectScopedEmpty,\r\n\t\t\t\t},\r\n\t\t\t\tasync (ctx) => {\r\n\t\t\t\t\tconst { user } = requireAuthenticated(ctx);\r\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\r\n\t\t\t\t\tconst scope = getProjectScope(ctx.body as Record<string, unknown>);\r\n\r\n\t\t\t\t\tconst permissions = await getEffectiveProjectPermissions(db, {\r\n\t\t\t\t\t\tuserId: user.id,\r\n\t\t\t\t\t\tprojectId: scope.projectId,\r\n\t\t\t\t\t});\r\n\r\n\t\t\t\t\treturn ctx.json({\r\n\t\t\t\t\t\tpermissions: Array.from(permissions).sort(),\r\n\t\t\t\t\t});\r\n\t\t\t\t},\r\n\t\t\t),\r\n\r\n\t\t\tcheckPermission: createAuthEndpoint(\r\n\t\t\t\t\"/banata/rbac/check-permission\",\r\n\t\t\t\t{\r\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\r\n\t\t\t\t\tbody: checkPermissionSchema,\r\n\t\t\t\t},\r\n\t\t\t\tasync (ctx) => {\r\n\t\t\t\t\tconst { user } = requireAuthenticated(ctx);\r\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\r\n\t\t\t\t\tconst scope = getProjectScope(ctx.body as Record<string, unknown>);\r\n\t\t\t\t\tconst permissions = await getEffectiveProjectPermissions(db, {\r\n\t\t\t\t\t\tuserId: user.id,\r\n\t\t\t\t\t\tprojectId: scope.projectId,\r\n\t\t\t\t\t});\r\n\r\n\t\t\t\t\treturn ctx.json({\r\n\t\t\t\t\t\tallowed: permissions.has(\"*\") || permissions.has(ctx.body.permission),\r\n\t\t\t\t\t});\r\n\t\t\t\t},\r\n\t\t\t),\r\n\r\n\t\t\tcheckPermissions: createAuthEndpoint(\r\n\t\t\t\t\"/banata/rbac/check-permissions\",\r\n\t\t\t\t{\r\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\r\n\t\t\t\t\tbody: checkPermissionsSchema,\r\n\t\t\t\t},\r\n\t\t\t\tasync (ctx) => {\r\n\t\t\t\t\tconst { user } = requireAuthenticated(ctx);\r\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\r\n\t\t\t\t\tconst scope = getProjectScope(ctx.body as Record<string, unknown>);\r\n\t\t\t\t\tconst permissions = await getEffectiveProjectPermissions(db, {\r\n\t\t\t\t\t\tuserId: user.id,\r\n\t\t\t\t\t\tprojectId: scope.projectId,\r\n\t\t\t\t\t});\r\n\t\t\t\t\tconst operator = ctx.body.operator ?? \"all\";\r\n\t\t\t\t\tconst hasAny = ctx.body.permissions.some(\r\n\t\t\t\t\t\t(permission) => permissions.has(\"*\") || permissions.has(permission),\r\n\t\t\t\t\t);\r\n\t\t\t\t\tconst hasAll = ctx.body.permissions.every(\r\n\t\t\t\t\t\t(permission) => permissions.has(\"*\") || permissions.has(permission),\r\n\t\t\t\t\t);\r\n\r\n\t\t\t\t\treturn ctx.json({\r\n\t\t\t\t\t\tallowed: operator === \"any\" ? hasAny : hasAll,\r\n\t\t\t\t\t});\r\n\t\t\t\t},\r\n\t\t\t),\r\n\r\n\t\t\t// ════════════════════════════════════════════════════════════\r\n\t\t\t// Branding Config\r\n\t\t\t// ════════════════════════════════════════════════════════════\r\n\r\n\t\t\tgetBrandingConfig: createAuthEndpoint(\r\n\t\t\t\t\"/banata/config/branding/get\",\r\n\t\t\t\t{\r\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\r\n\t\t\t\t\tbody: projectScopedEmpty,\r\n\t\t\t\t},\r\n\t\t\t\tasync (ctx) => {\r\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\r\n\t\t\t\t\tconst scope = await requireScopedPermission(\r\n\t\t\t\t\t\tctx,\r\n\t\t\t\t\t\tdb,\r\n\t\t\t\t\t\tctx.body as Record<string, unknown>,\r\n\t\t\t\t\t\t\"dashboard.read\",\r\n\t\t\t\t\t);\r\n\r\n\t\t\t\t\tconst rows = await db.findMany<BrandingConfigRow>({\r\n\t\t\t\t\t\tmodel: \"brandingConfig\",\r\n\t\t\t\t\t\twhere: [...scope.where],\r\n\t\t\t\t\t\tlimit: 1,\r\n\t\t\t\t\t});\r\n\r\n\t\t\t\t\tconst row = rows.length > 0 ? rows[0] : null;\r\n\t\t\t\t\tconst config = {\r\n\t\t\t\t\t\tprimaryColor: row?.primaryColor ?? \"#6366f1\",\r\n\t\t\t\t\t\tbgColor: row?.bgColor ?? \"#09090b\",\r\n\t\t\t\t\t\tborderRadius: row?.borderRadius ?? 8,\r\n\t\t\t\t\t\tdarkMode: row?.darkMode ?? true,\r\n\t\t\t\t\t\tcustomCss: row?.customCss ?? \"\",\r\n\t\t\t\t\t\tfont: row?.font ?? \"inter\",\r\n\t\t\t\t\t\tlogoUrl: row?.logoUrl ?? \"\",\r\n\t\t\t\t\t};\r\n\r\n\t\t\t\t\treturn ctx.json(config);\r\n\t\t\t\t},\r\n\t\t\t),\r\n\r\n\t\t\tsaveBrandingConfig: createAuthEndpoint(\r\n\t\t\t\t\"/banata/config/branding/save\",\r\n\t\t\t\t{\r\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\r\n\t\t\t\t\tbody: saveBrandingSchema,\r\n\t\t\t\t},\r\n\t\t\t\tasync (ctx) => {\r\n\t\t\t\t\tconst body = ctx.body;\r\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\r\n\t\t\t\t\tconst now = Date.now();\r\n\t\t\t\t\tconst scope = await requireScopedPermission(\r\n\t\t\t\t\t\tctx,\r\n\t\t\t\t\t\tdb,\r\n\t\t\t\t\t\tbody as Record<string, unknown>,\r\n\t\t\t\t\t\t\"dashboard.manage\",\r\n\t\t\t\t\t);\r\n\r\n\t\t\t\t\t// Try to find existing config row (scoped singleton)\r\n\t\t\t\t\tconst rows = await db.findMany<BrandingConfigRow>({\r\n\t\t\t\t\t\tmodel: \"brandingConfig\",\r\n\t\t\t\t\t\twhere: [...scope.where],\r\n\t\t\t\t\t\tlimit: 1,\r\n\t\t\t\t\t});\r\n\r\n\t\t\t\t\tconst updates: Record<string, unknown> = { updatedAt: now };\r\n\t\t\t\t\tif (body.primaryColor !== undefined) updates.primaryColor = body.primaryColor;\r\n\t\t\t\t\tif (body.bgColor !== undefined) updates.bgColor = body.bgColor;\r\n\t\t\t\t\tif (body.borderRadius !== undefined) updates.borderRadius = body.borderRadius;\r\n\t\t\t\t\tif (body.darkMode !== undefined) updates.darkMode = body.darkMode;\r\n\t\t\t\t\tif (body.customCss !== undefined) updates.customCss = sanitizeCss(body.customCss);\r\n\t\t\t\t\tif (body.font !== undefined) updates.font = body.font;\r\n\t\t\t\t\tif (body.logoUrl !== undefined) updates.logoUrl = body.logoUrl;\r\n\r\n\t\t\t\t\tlet result: BrandingConfigRow | null;\r\n\r\n\t\t\t\t\tif (rows.length > 0 && rows[0]) {\r\n\t\t\t\t\t\t// Update existing\r\n\t\t\t\t\t\tresult = await db.update<BrandingConfigRow>({\r\n\t\t\t\t\t\t\tmodel: \"brandingConfig\",\r\n\t\t\t\t\t\t\twhere: [{ field: \"id\", operator: \"eq\", value: rows[0].id }],\r\n\t\t\t\t\t\t\tupdate: updates,\r\n\t\t\t\t\t\t});\r\n\t\t\t\t\t} else {\r\n\t\t\t\t\t\t// Create new\r\n\t\t\t\t\t\tresult = await db.create<BrandingConfigRow>({\r\n\t\t\t\t\t\t\tmodel: \"brandingConfig\",\r\n\t\t\t\t\t\t\tdata: {\r\n\t\t\t\t\t\t\t\t...scope.data,\r\n\t\t\t\t\t\t\t\tprimaryColor: body.primaryColor ?? \"#6366f1\",\r\n\t\t\t\t\t\t\t\tbgColor: body.bgColor ?? \"#09090b\",\r\n\t\t\t\t\t\t\t\tborderRadius: body.borderRadius ?? 8,\r\n\t\t\t\t\t\t\t\tdarkMode: body.darkMode ?? true,\r\n\t\t\t\t\t\t\t\tcustomCss: body.customCss ? sanitizeCss(body.customCss) : \"\",\r\n\t\t\t\t\t\t\t\tfont: body.font ?? \"inter\",\r\n\t\t\t\t\t\t\t\tlogoUrl: body.logoUrl ?? \"\",\r\n\t\t\t\t\t\t\t\tcreatedAt: now,\r\n\t\t\t\t\t\t\t\tupdatedAt: now,\r\n\t\t\t\t\t\t\t},\r\n\t\t\t\t\t\t});\r\n\t\t\t\t\t}\r\n\r\n\t\t\t\t\treturn ctx.json({\r\n\t\t\t\t\t\tprimaryColor: result?.primaryColor ?? \"#6366f1\",\r\n\t\t\t\t\t\tbgColor: result?.bgColor ?? \"#09090b\",\r\n\t\t\t\t\t\tborderRadius: result?.borderRadius ?? 8,\r\n\t\t\t\t\t\tdarkMode: result?.darkMode ?? true,\r\n\t\t\t\t\t\tcustomCss: result?.customCss ?? \"\",\r\n\t\t\t\t\t\tfont: result?.font ?? \"inter\",\r\n\t\t\t\t\t\tlogoUrl: result?.logoUrl ?? \"\",\r\n\t\t\t\t\t});\r\n\t\t\t\t},\r\n\t\t\t),\r\n\r\n\t\t\t// ════════════════════════════════════════════════════════════\r\n\t\t\t// Email Config\r\n\t\t\t// ════════════════════════════════════════════════════════════\r\n\r\n\t\t\tlistEmailConfig: createAuthEndpoint(\r\n\t\t\t\t\"/banata/config/emails/list\",\r\n\t\t\t\t{\r\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\r\n\t\t\t\t\tbody: projectScopedEmpty,\r\n\t\t\t\t},\r\n\t\t\t\tasync (ctx) => {\r\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\r\n\t\t\t\t\tconst scope = await requireScopedPermission(\r\n\t\t\t\t\t\tctx,\r\n\t\t\t\t\t\tdb,\r\n\t\t\t\t\t\tctx.body as Record<string, unknown>,\r\n\t\t\t\t\t\t\"email.manage\",\r\n\t\t\t\t\t);\r\n\r\n\t\t\t\t\tlet emails = await db.findMany<EmailConfigRow>({\r\n\t\t\t\t\t\tmodel: \"emailConfig\",\r\n\t\t\t\t\t\twhere: [...scope.where],\r\n\t\t\t\t\t\tlimit: 100,\r\n\t\t\t\t\t\tsortBy: { field: \"createdAt\", direction: \"asc\" },\r\n\t\t\t\t\t});\r\n\r\n\t\t\t\t\t// Seed defaults on first access (scoped to project)\r\n\t\t\t\t\tif (emails.length === 0) {\r\n\t\t\t\t\t\tconst now = Date.now();\r\n\t\t\t\t\t\tfor (const def of DEFAULT_EMAIL_TYPES) {\r\n\t\t\t\t\t\t\tawait db.create<EmailConfigRow>({\r\n\t\t\t\t\t\t\t\tmodel: \"emailConfig\",\r\n\t\t\t\t\t\t\t\tdata: {\r\n\t\t\t\t\t\t\t\t\t...scope.data,\r\n\t\t\t\t\t\t\t\t\temailType: def.emailType,\r\n\t\t\t\t\t\t\t\t\tname: def.name,\r\n\t\t\t\t\t\t\t\t\tdescription: def.description,\r\n\t\t\t\t\t\t\t\t\tenabled: true,\r\n\t\t\t\t\t\t\t\t\tcategory: def.category,\r\n\t\t\t\t\t\t\t\t\tcreatedAt: now,\r\n\t\t\t\t\t\t\t\t\tupdatedAt: now,\r\n\t\t\t\t\t\t\t\t},\r\n\t\t\t\t\t\t\t});\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t\temails = await db.findMany<EmailConfigRow>({\r\n\t\t\t\t\t\t\tmodel: \"emailConfig\",\r\n\t\t\t\t\t\t\twhere: [...scope.where],\r\n\t\t\t\t\t\t\tlimit: 100,\r\n\t\t\t\t\t\t\tsortBy: { field: \"createdAt\", direction: \"asc\" },\r\n\t\t\t\t\t\t});\r\n\t\t\t\t\t}\r\n\r\n\t\t\t\t\tconst parsed = emails.map((e) => ({\r\n\t\t\t\t\t\tid: e.id,\r\n\t\t\t\t\t\tname: e.name,\r\n\t\t\t\t\t\tdescription: e.description ?? \"\",\r\n\t\t\t\t\t\tenabled: e.enabled,\r\n\t\t\t\t\t\tcategory: e.category,\r\n\t\t\t\t\t}));\r\n\r\n\t\t\t\t\treturn ctx.json({ emails: parsed });\r\n\t\t\t\t},\r\n\t\t\t),\r\n\r\n\t\t\ttoggleEmailConfig: createAuthEndpoint(\r\n\t\t\t\t\"/banata/config/emails/toggle\",\r\n\t\t\t\t{\r\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\r\n\t\t\t\t\tbody: toggleEmailSchema,\r\n\t\t\t\t},\r\n\t\t\t\tasync (ctx) => {\r\n\t\t\t\t\tconst body = ctx.body;\r\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\r\n\t\t\t\t\tconst now = Date.now();\r\n\t\t\t\t\tconst scope = await requireScopedPermission(\r\n\t\t\t\t\t\tctx,\r\n\t\t\t\t\t\tdb,\r\n\t\t\t\t\t\tbody as Record<string, unknown>,\r\n\t\t\t\t\t\t\"email.manage\",\r\n\t\t\t\t\t);\r\n\r\n\t\t\t\t\tawait db.update<EmailConfigRow>({\r\n\t\t\t\t\t\tmodel: \"emailConfig\",\r\n\t\t\t\t\t\twhere: [{ field: \"id\", operator: \"eq\", value: body.id }, ...scope.where],\r\n\t\t\t\t\t\tupdate: {\r\n\t\t\t\t\t\t\tenabled: body.enabled,\r\n\t\t\t\t\t\t\tupdatedAt: now,\r\n\t\t\t\t\t\t},\r\n\t\t\t\t\t});\r\n\r\n\t\t\t\t\t// Return updated list (scoped to project)\r\n\t\t\t\t\tconst emails = await db.findMany<EmailConfigRow>({\r\n\t\t\t\t\t\tmodel: \"emailConfig\",\r\n\t\t\t\t\t\twhere: [...scope.where],\r\n\t\t\t\t\t\tlimit: 100,\r\n\t\t\t\t\t\tsortBy: { field: \"createdAt\", direction: \"asc\" },\r\n\t\t\t\t\t});\r\n\r\n\t\t\t\t\tconst parsed = emails.map((e) => ({\r\n\t\t\t\t\t\tid: e.id,\r\n\t\t\t\t\t\tname: e.name,\r\n\t\t\t\t\t\tdescription: e.description ?? \"\",\r\n\t\t\t\t\t\tenabled: e.enabled,\r\n\t\t\t\t\t\tcategory: e.category,\r\n\t\t\t\t\t}));\r\n\r\n\t\t\t\t\treturn ctx.json({ emails: parsed });\r\n\t\t\t\t},\r\n\t\t\t),\r\n\r\n\t\t\t// ════════════════════════════════════════════════════════════\r\n\t\t\t// Domain Config CRUD\r\n\t\t\t// ════════════════════════════════════════════════════════════\r\n\r\n\t\t\tlistDomains: createAuthEndpoint(\r\n\t\t\t\t\"/banata/config/domains/list\",\r\n\t\t\t\t{\r\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\r\n\t\t\t\t\tbody: projectScopedEmpty,\r\n\t\t\t\t},\r\n\t\t\t\tasync (ctx) => {\r\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\r\n\t\t\t\t\tconst scope = await requireScopedPermission(\r\n\t\t\t\t\t\tctx,\r\n\t\t\t\t\t\tdb,\r\n\t\t\t\t\t\tctx.body as Record<string, unknown>,\r\n\t\t\t\t\t\t\"dashboard.read\",\r\n\t\t\t\t\t);\r\n\r\n\t\t\t\t\tconst rows = await db.findMany<DomainConfigRow>({\r\n\t\t\t\t\t\tmodel: \"domainConfig\",\r\n\t\t\t\t\t\twhere: [...scope.where],\r\n\t\t\t\t\t\tlimit: 100,\r\n\t\t\t\t\t\tsortBy: { field: \"createdAt\", direction: \"asc\" },\r\n\t\t\t\t\t});\r\n\r\n\t\t\t\t\tconst domains = rows.map((r) => ({\r\n\t\t\t\t\t\tid: r.id,\r\n\t\t\t\t\t\tdomainKey: r.domainKey,\r\n\t\t\t\t\t\ttitle: r.title,\r\n\t\t\t\t\t\tdescription: r.description ?? \"\",\r\n\t\t\t\t\t\tvalue: r.value,\r\n\t\t\t\t\t\tisDefault: r.isDefault ?? false,\r\n\t\t\t\t\t}));\r\n\r\n\t\t\t\t\treturn ctx.json({ domains });\r\n\t\t\t\t},\r\n\t\t\t),\r\n\r\n\t\t\tsaveDomain: createAuthEndpoint(\r\n\t\t\t\t\"/banata/config/domains/save\",\r\n\t\t\t\t{\r\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\r\n\t\t\t\t\tbody: saveDomainSchema,\r\n\t\t\t\t},\r\n\t\t\t\tasync (ctx) => {\r\n\t\t\t\t\tconst body = ctx.body;\r\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\r\n\t\t\t\t\tconst now = Date.now();\r\n\t\t\t\t\tconst scope = await requireScopedPermission(\r\n\t\t\t\t\t\tctx,\r\n\t\t\t\t\t\tdb,\r\n\t\t\t\t\t\tbody as Record<string, unknown>,\r\n\t\t\t\t\t\t\"dashboard.manage\",\r\n\t\t\t\t\t);\r\n\r\n\t\t\t\t\t// Upsert by domainKey (scoped)\r\n\t\t\t\t\tconst existing = await db.findMany<DomainConfigRow>({\r\n\t\t\t\t\t\tmodel: \"domainConfig\",\r\n\t\t\t\t\t\twhere: [{ field: \"domainKey\", value: body.domainKey }, ...scope.where],\r\n\t\t\t\t\t\tlimit: 1,\r\n\t\t\t\t\t});\r\n\r\n\t\t\t\t\tif (existing.length > 0 && existing[0]) {\r\n\t\t\t\t\t\tawait db.update<DomainConfigRow>({\r\n\t\t\t\t\t\t\tmodel: \"domainConfig\",\r\n\t\t\t\t\t\t\twhere: [{ field: \"id\", operator: \"eq\", value: existing[0].id }],\r\n\t\t\t\t\t\t\tupdate: {\r\n\t\t\t\t\t\t\t\ttitle: body.title,\r\n\t\t\t\t\t\t\t\tdescription: body.description ?? \"\",\r\n\t\t\t\t\t\t\t\tvalue: body.value,\r\n\t\t\t\t\t\t\t\tisDefault: body.isDefault ?? existing[0].isDefault,\r\n\t\t\t\t\t\t\t\tupdatedAt: now,\r\n\t\t\t\t\t\t\t},\r\n\t\t\t\t\t\t});\r\n\t\t\t\t\t} else {\r\n\t\t\t\t\t\tawait db.create<DomainConfigRow>({\r\n\t\t\t\t\t\t\tmodel: \"domainConfig\",\r\n\t\t\t\t\t\t\tdata: {\r\n\t\t\t\t\t\t\t\t...scope.data,\r\n\t\t\t\t\t\t\t\tdomainKey: body.domainKey,\r\n\t\t\t\t\t\t\t\ttitle: body.title,\r\n\t\t\t\t\t\t\t\tdescription: body.description ?? \"\",\r\n\t\t\t\t\t\t\t\tvalue: body.value,\r\n\t\t\t\t\t\t\t\tisDefault: body.isDefault ?? false,\r\n\t\t\t\t\t\t\t\tcreatedAt: now,\r\n\t\t\t\t\t\t\t\tupdatedAt: now,\r\n\t\t\t\t\t\t\t},\r\n\t\t\t\t\t\t});\r\n\t\t\t\t\t}\r\n\r\n\t\t\t\t\treturn ctx.json({ success: true });\r\n\t\t\t\t},\r\n\t\t\t),\r\n\r\n\t\t\tdeleteDomain: createAuthEndpoint(\r\n\t\t\t\t\"/banata/config/domains/delete\",\r\n\t\t\t\t{\r\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\r\n\t\t\t\t\tbody: deleteDomainSchema,\r\n\t\t\t\t},\r\n\t\t\t\tasync (ctx) => {\r\n\t\t\t\t\tconst body = ctx.body;\r\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\r\n\t\t\t\t\tconst scope = await requireScopedPermission(\r\n\t\t\t\t\t\tctx,\r\n\t\t\t\t\t\tdb,\r\n\t\t\t\t\t\tbody as Record<string, unknown>,\r\n\t\t\t\t\t\t\"dashboard.manage\",\r\n\t\t\t\t\t);\r\n\r\n\t\t\t\t\tawait db.delete({\r\n\t\t\t\t\t\tmodel: \"domainConfig\",\r\n\t\t\t\t\t\twhere: [{ field: \"domainKey\", value: body.domainKey }, ...scope.where],\r\n\t\t\t\t\t});\r\n\r\n\t\t\t\t\treturn ctx.json({ success: true });\r\n\t\t\t\t},\r\n\t\t\t),\r\n\r\n\t\t\t// ════════════════════════════════════════════════════════════\r\n\t\t\t// Redirect Config\r\n\t\t\t// ════════════════════════════════════════════════════════════\r\n\r\n\t\t\tgetRedirects: createAuthEndpoint(\r\n\t\t\t\t\"/banata/config/redirects/get\",\r\n\t\t\t\t{\r\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\r\n\t\t\t\t\tbody: projectScopedEmpty,\r\n\t\t\t\t},\r\n\t\t\t\tasync (ctx) => {\r\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\r\n\t\t\t\t\tconst scope = await requireScopedPermission(\r\n\t\t\t\t\t\tctx,\r\n\t\t\t\t\t\tdb,\r\n\t\t\t\t\t\tctx.body as Record<string, unknown>,\r\n\t\t\t\t\t\t\"dashboard.read\",\r\n\t\t\t\t\t);\r\n\r\n\t\t\t\t\tconst rows = await db.findMany<RedirectConfigRow>({\r\n\t\t\t\t\t\tmodel: \"redirectConfig\",\r\n\t\t\t\t\t\twhere: [...scope.where],\r\n\t\t\t\t\t\tlimit: 1,\r\n\t\t\t\t\t});\r\n\r\n\t\t\t\t\tif (rows.length > 0 && rows[0]?.configJson) {\r\n\t\t\t\t\t\treturn ctx.json(JSON.parse(rows[0].configJson));\r\n\t\t\t\t\t}\r\n\r\n\t\t\t\t\treturn ctx.json({});\r\n\t\t\t\t},\r\n\t\t\t),\r\n\r\n\t\t\tsaveRedirects: createAuthEndpoint(\r\n\t\t\t\t\"/banata/config/redirects/save\",\r\n\t\t\t\t{\r\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\r\n\t\t\t\t\tbody: saveRedirectsSchema,\r\n\t\t\t\t},\r\n\t\t\t\tasync (ctx) => {\r\n\t\t\t\t\tconst body = ctx.body;\r\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\r\n\t\t\t\t\tconst now = Date.now();\r\n\t\t\t\t\tconst configJson = JSON.stringify(body.config);\r\n\t\t\t\t\tconst scope = await requireScopedPermission(\r\n\t\t\t\t\t\tctx,\r\n\t\t\t\t\t\tdb,\r\n\t\t\t\t\t\tbody as Record<string, unknown>,\r\n\t\t\t\t\t\t\"dashboard.manage\",\r\n\t\t\t\t\t);\r\n\r\n\t\t\t\t\tconst rows = await db.findMany<RedirectConfigRow>({\r\n\t\t\t\t\t\tmodel: \"redirectConfig\",\r\n\t\t\t\t\t\twhere: [...scope.where],\r\n\t\t\t\t\t\tlimit: 1,\r\n\t\t\t\t\t});\r\n\r\n\t\t\t\t\tif (rows.length > 0 && rows[0]) {\r\n\t\t\t\t\t\tawait db.update<RedirectConfigRow>({\r\n\t\t\t\t\t\t\tmodel: \"redirectConfig\",\r\n\t\t\t\t\t\t\twhere: [{ field: \"id\", operator: \"eq\", value: rows[0].id }],\r\n\t\t\t\t\t\t\tupdate: { configJson, updatedAt: now },\r\n\t\t\t\t\t\t});\r\n\t\t\t\t\t} else {\r\n\t\t\t\t\t\tawait db.create<RedirectConfigRow>({\r\n\t\t\t\t\t\t\tmodel: \"redirectConfig\",\r\n\t\t\t\t\t\t\tdata: {\r\n\t\t\t\t\t\t\t\t...scope.data,\r\n\t\t\t\t\t\t\t\tconfigJson,\r\n\t\t\t\t\t\t\t\tcreatedAt: now,\r\n\t\t\t\t\t\t\t\tupdatedAt: now,\r\n\t\t\t\t\t\t\t},\r\n\t\t\t\t\t\t});\r\n\t\t\t\t\t}\r\n\r\n\t\t\t\t\treturn ctx.json(body.config);\r\n\t\t\t\t},\r\n\t\t\t),\r\n\r\n\t\t\t// ════════════════════════════════════════════════════════════\r\n\t\t\t// Actions CRUD\r\n\t\t\t// ════════════════════════════════════════════════════════════\r\n\r\n\t\t\tlistActions: createAuthEndpoint(\r\n\t\t\t\t\"/banata/config/actions/list\",\r\n\t\t\t\t{\r\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\r\n\t\t\t\t\tbody: projectScopedEmpty,\r\n\t\t\t\t},\r\n\t\t\t\tasync (ctx) => {\r\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\r\n\t\t\t\t\tconst scope = await requireScopedPermission(\r\n\t\t\t\t\t\tctx,\r\n\t\t\t\t\t\tdb,\r\n\t\t\t\t\t\tctx.body as Record<string, unknown>,\r\n\t\t\t\t\t\t\"dashboard.read\",\r\n\t\t\t\t\t);\r\n\r\n\t\t\t\t\tconst rows = await db.findMany<ActionConfigRow>({\r\n\t\t\t\t\t\tmodel: \"actionConfig\",\r\n\t\t\t\t\t\twhere: [...scope.where],\r\n\t\t\t\t\t\tlimit: 200,\r\n\t\t\t\t\t\tsortBy: { field: \"createdAt\", direction: \"asc\" },\r\n\t\t\t\t\t});\r\n\r\n\t\t\t\t\tconst actions = rows.map((r) => ({\r\n\t\t\t\t\t\tid: r.id,\r\n\t\t\t\t\t\tname: r.name,\r\n\t\t\t\t\t\tdescription: r.description ?? \"\",\r\n\t\t\t\t\t\ttriggerEvent: r.triggerEvent,\r\n\t\t\t\t\t\twebhookUrl: r.webhookUrl,\r\n\t\t\t\t\t\tcreatedAt: new Date(r.createdAt).toISOString(),\r\n\t\t\t\t\t}));\r\n\r\n\t\t\t\t\treturn ctx.json({ actions });\r\n\t\t\t\t},\r\n\t\t\t),\r\n\r\n\t\t\tcreateAction: createAuthEndpoint(\r\n\t\t\t\t\"/banata/config/actions/create\",\r\n\t\t\t\t{\r\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\r\n\t\t\t\t\tbody: createActionSchema,\r\n\t\t\t\t},\r\n\t\t\t\tasync (ctx) => {\r\n\t\t\t\t\tconst body = ctx.body;\r\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\r\n\t\t\t\t\tconst now = Date.now();\r\n\t\t\t\t\tconst scope = await requireScopedPermission(\r\n\t\t\t\t\t\tctx,\r\n\t\t\t\t\t\tdb,\r\n\t\t\t\t\t\tbody as Record<string, unknown>,\r\n\t\t\t\t\t\t\"dashboard.manage\",\r\n\t\t\t\t\t);\r\n\r\n\t\t\t\t\tconst action = await db.create<ActionConfigRow>({\r\n\t\t\t\t\t\tmodel: \"actionConfig\",\r\n\t\t\t\t\t\tdata: {\r\n\t\t\t\t\t\t\t...scope.data,\r\n\t\t\t\t\t\t\tname: body.name,\r\n\t\t\t\t\t\t\tdescription: body.description ?? \"\",\r\n\t\t\t\t\t\t\ttriggerEvent: body.triggerEvent,\r\n\t\t\t\t\t\t\twebhookUrl: body.webhookUrl,\r\n\t\t\t\t\t\t\tcreatedAt: now,\r\n\t\t\t\t\t\t\tupdatedAt: now,\r\n\t\t\t\t\t\t},\r\n\t\t\t\t\t});\r\n\r\n\t\t\t\t\treturn ctx.json({\r\n\t\t\t\t\t\taction: {\r\n\t\t\t\t\t\t\tid: action.id,\r\n\t\t\t\t\t\t\tname: action.name,\r\n\t\t\t\t\t\t\tdescription: action.description ?? \"\",\r\n\t\t\t\t\t\t\ttriggerEvent: action.triggerEvent,\r\n\t\t\t\t\t\t\twebhookUrl: action.webhookUrl,\r\n\t\t\t\t\t\t\tcreatedAt: new Date(now).toISOString(),\r\n\t\t\t\t\t\t},\r\n\t\t\t\t\t});\r\n\t\t\t\t},\r\n\t\t\t),\r\n\r\n\t\t\tdeleteAction: createAuthEndpoint(\r\n\t\t\t\t\"/banata/config/actions/delete\",\r\n\t\t\t\t{\r\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\r\n\t\t\t\t\tbody: deleteActionSchema,\r\n\t\t\t\t},\r\n\t\t\t\tasync (ctx) => {\r\n\t\t\t\t\tconst body = ctx.body;\r\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\r\n\t\t\t\t\tconst scope = await requireScopedPermission(\r\n\t\t\t\t\t\tctx,\r\n\t\t\t\t\t\tdb,\r\n\t\t\t\t\t\tbody as Record<string, unknown>,\r\n\t\t\t\t\t\t\"dashboard.manage\",\r\n\t\t\t\t\t);\r\n\r\n\t\t\t\t\tawait db.delete({\r\n\t\t\t\t\t\tmodel: \"actionConfig\",\r\n\t\t\t\t\t\twhere: [{ field: \"id\", operator: \"eq\", value: body.id }, ...scope.where],\r\n\t\t\t\t\t});\r\n\r\n\t\t\t\t\treturn ctx.json({ success: true });\r\n\t\t\t\t},\r\n\t\t\t),\r\n\r\n\t\t\t// ════════════════════════════════════════════════════════════\r\n\t\t\t// Radar / Bot Protection Config\r\n\t\t\t// ════════════════════════════════════════════════════════════\r\n\r\n\t\t\tgetRadarConfig: createAuthEndpoint(\r\n\t\t\t\t\"/banata/config/radar/get\",\r\n\t\t\t\t{\r\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\r\n\t\t\t\t\tbody: projectScopedEmpty,\r\n\t\t\t\t},\r\n\t\t\t\tasync (ctx) => {\r\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\r\n\t\t\t\t\tconst scope = await requireScopedPermission(\r\n\t\t\t\t\t\tctx,\r\n\t\t\t\t\t\tdb,\r\n\t\t\t\t\t\tctx.body as Record<string, unknown>,\r\n\t\t\t\t\t\t\"dashboard.read\",\r\n\t\t\t\t\t);\r\n\r\n\t\t\t\t\tconst rows = await db.findMany<RadarConfigRow>({\r\n\t\t\t\t\t\tmodel: \"radarConfig\",\r\n\t\t\t\t\t\twhere: [...scope.where],\r\n\t\t\t\t\t\tlimit: 1,\r\n\t\t\t\t\t});\r\n\r\n\t\t\t\t\tconst defaults = {\r\n\t\t\t\t\t\tenabled: false,\r\n\t\t\t\t\t\tblockImpossibleTravel: true,\r\n\t\t\t\t\t\tdeviceFingerprinting: true,\r\n\t\t\t\t\t\trateLimiting: false,\r\n\t\t\t\t\t\tbotDetection: false,\r\n\t\t\t\t\t\tbotProvider: null as string | null,\r\n\t\t\t\t\t\tbotProviderCredentials: {} as Record<string, string>,\r\n\t\t\t\t\t};\r\n\r\n\t\t\t\t\tif (rows.length > 0 && rows[0]?.configJson) {\r\n\t\t\t\t\t\treturn ctx.json({ ...defaults, ...JSON.parse(rows[0].configJson) });\r\n\t\t\t\t\t}\r\n\r\n\t\t\t\t\treturn ctx.json(defaults);\r\n\t\t\t\t},\r\n\t\t\t),\r\n\r\n\t\t\tsaveRadarConfig: createAuthEndpoint(\r\n\t\t\t\t\"/banata/config/radar/save\",\r\n\t\t\t\t{\r\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\r\n\t\t\t\t\tbody: saveRadarConfigSchema,\r\n\t\t\t\t},\r\n\t\t\t\tasync (ctx) => {\r\n\t\t\t\t\tconst body = ctx.body;\r\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\r\n\t\t\t\t\tconst now = Date.now();\r\n\t\t\t\t\tconst scope = await requireScopedPermission(\r\n\t\t\t\t\t\tctx,\r\n\t\t\t\t\t\tdb,\r\n\t\t\t\t\t\tbody as Record<string, unknown>,\r\n\t\t\t\t\t\t\"dashboard.manage\",\r\n\t\t\t\t\t);\r\n\r\n\t\t\t\t\t// Read existing and merge (scoped)\r\n\t\t\t\t\tconst rows = await db.findMany<RadarConfigRow>({\r\n\t\t\t\t\t\tmodel: \"radarConfig\",\r\n\t\t\t\t\t\twhere: [...scope.where],\r\n\t\t\t\t\t\tlimit: 1,\r\n\t\t\t\t\t});\r\n\r\n\t\t\t\t\tconst existing =\r\n\t\t\t\t\t\trows.length > 0 && rows[0]?.configJson\r\n\t\t\t\t\t\t\t? (JSON.parse(rows[0].configJson) as Record<string, unknown>)\r\n\t\t\t\t\t\t\t: {};\r\n\r\n\t\t\t\t\t// Strip scope keys from the merge to avoid storing them in configJson\r\n\t\t\t\t\tconst { projectId: _p, ...bodyData } = body as Record<string, unknown>;\r\n\t\t\t\t\tconst merged = { ...existing, ...bodyData };\r\n\t\t\t\t\tconst configJson = JSON.stringify(merged);\r\n\r\n\t\t\t\t\tif (rows.length > 0 && rows[0]) {\r\n\t\t\t\t\t\tawait db.update<RadarConfigRow>({\r\n\t\t\t\t\t\t\tmodel: \"radarConfig\",\r\n\t\t\t\t\t\t\twhere: [{ field: \"id\", operator: \"eq\", value: rows[0].id }],\r\n\t\t\t\t\t\t\tupdate: { configJson, updatedAt: now },\r\n\t\t\t\t\t\t});\r\n\t\t\t\t\t} else {\r\n\t\t\t\t\t\tawait db.create<RadarConfigRow>({\r\n\t\t\t\t\t\t\tmodel: \"radarConfig\",\r\n\t\t\t\t\t\t\tdata: {\r\n\t\t\t\t\t\t\t\t...scope.data,\r\n\t\t\t\t\t\t\t\tconfigJson,\r\n\t\t\t\t\t\t\t\tcreatedAt: now,\r\n\t\t\t\t\t\t\t\tupdatedAt: now,\r\n\t\t\t\t\t\t\t},\r\n\t\t\t\t\t\t});\r\n\t\t\t\t\t}\r\n\r\n\t\t\t\t\treturn ctx.json(merged);\r\n\t\t\t\t},\r\n\t\t\t),\r\n\r\n\t\t\t// ════════════════════════════════════════════════════════════\r\n\t\t\t// Email Provider Config\r\n\t\t\t// ════════════════════════════════════════════════════════════\r\n\r\n\t\t\tgetEmailProviderConfig: createAuthEndpoint(\r\n\t\t\t\t\"/banata/config/email-providers/get\",\r\n\t\t\t\t{\r\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\r\n\t\t\t\t\tbody: projectScopedEmpty,\r\n\t\t\t\t},\r\n\t\t\t\tasync (ctx) => {\r\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\r\n\t\t\t\t\tconst scope = await requireScopedPermission(\r\n\t\t\t\t\t\tctx,\r\n\t\t\t\t\t\tdb,\r\n\t\t\t\t\t\tctx.body as Record<string, unknown>,\r\n\t\t\t\t\t\t\"email.manage\",\r\n\t\t\t\t\t);\r\n\r\n\t\t\t\t\tconst rows = await db.findMany<EmailProviderConfigRow>({\r\n\t\t\t\t\t\tmodel: \"emailProviderConfig\",\r\n\t\t\t\t\t\twhere: [...scope.where],\r\n\t\t\t\t\t\tlimit: 1,\r\n\t\t\t\t\t});\r\n\r\n\t\t\t\t\tif (rows.length > 0 && rows[0]?.configJson) {\r\n\t\t\t\t\t\treturn ctx.json(JSON.parse(rows[0].configJson));\r\n\t\t\t\t\t}\r\n\r\n\t\t\t\t\treturn ctx.json({ providers: {}, activeProvider: null });\r\n\t\t\t\t},\r\n\t\t\t),\r\n\r\n\t\t\tsaveEmailProviderConfig: createAuthEndpoint(\r\n\t\t\t\t\"/banata/config/email-providers/save\",\r\n\t\t\t\t{\r\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\r\n\t\t\t\t\tbody: saveEmailProviderConfigSchema,\r\n\t\t\t\t},\r\n\t\t\t\tasync (ctx) => {\r\n\t\t\t\t\tconst body = ctx.body;\r\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\r\n\t\t\t\t\tconst now = Date.now();\r\n\t\t\t\t\tconst scope = await requireScopedPermission(\r\n\t\t\t\t\t\tctx,\r\n\t\t\t\t\t\tdb,\r\n\t\t\t\t\t\tbody as Record<string, unknown>,\r\n\t\t\t\t\t\t\"email.manage\",\r\n\t\t\t\t\t);\r\n\r\n\t\t\t\t\t// Read existing and merge (scoped)\r\n\t\t\t\t\tconst rows = await db.findMany<EmailProviderConfigRow>({\r\n\t\t\t\t\t\tmodel: \"emailProviderConfig\",\r\n\t\t\t\t\t\twhere: [...scope.where],\r\n\t\t\t\t\t\tlimit: 1,\r\n\t\t\t\t\t});\r\n\r\n\t\t\t\t\tconst existing =\r\n\t\t\t\t\t\trows.length > 0 && rows[0]?.configJson\r\n\t\t\t\t\t\t\t? (JSON.parse(rows[0].configJson) as Record<string, unknown>)\r\n\t\t\t\t\t\t\t: { providers: {}, activeProvider: null };\r\n\r\n\t\t\t\t\t// Merge providers\r\n\t\t\t\t\tconst existingProviders = (existing.providers ?? {}) as Record<string, unknown>;\r\n\t\t\t\t\tconst mergedProviders = {\r\n\t\t\t\t\t\t...existingProviders,\r\n\t\t\t\t\t\t...(body.providers ?? {}),\r\n\t\t\t\t\t};\r\n\t\t\t\t\tconst merged = {\r\n\t\t\t\t\t\t...existing,\r\n\t\t\t\t\t\tproviders: mergedProviders,\r\n\t\t\t\t\t\tactiveProvider:\r\n\t\t\t\t\t\t\tbody.activeProvider !== undefined ? body.activeProvider : existing.activeProvider,\r\n\t\t\t\t\t};\r\n\t\t\t\t\tconst configJson = JSON.stringify(merged);\r\n\r\n\t\t\t\t\tif (rows.length > 0 && rows[0]) {\r\n\t\t\t\t\t\tawait db.update<EmailProviderConfigRow>({\r\n\t\t\t\t\t\t\tmodel: \"emailProviderConfig\",\r\n\t\t\t\t\t\t\twhere: [{ field: \"id\", operator: \"eq\", value: rows[0].id }],\r\n\t\t\t\t\t\t\tupdate: { configJson, updatedAt: now },\r\n\t\t\t\t\t\t});\r\n\t\t\t\t\t} else {\r\n\t\t\t\t\t\tawait db.create<EmailProviderConfigRow>({\r\n\t\t\t\t\t\t\tmodel: \"emailProviderConfig\",\r\n\t\t\t\t\t\t\tdata: {\r\n\t\t\t\t\t\t\t\t...scope.data,\r\n\t\t\t\t\t\t\t\tconfigJson,\r\n\t\t\t\t\t\t\t\tcreatedAt: now,\r\n\t\t\t\t\t\t\t\tupdatedAt: now,\r\n\t\t\t\t\t\t\t},\r\n\t\t\t\t\t\t});\r\n\t\t\t\t\t}\r\n\r\n\t\t\t\t\treturn ctx.json(merged);\r\n\t\t\t\t},\r\n\t\t\t),\r\n\r\n\t\t\t// ════════════════════════════════════════════════════════════\r\n\t\t\t// Resource Types CRUD\r\n\t\t\t// ════════════════════════════════════════════════════════════\r\n\r\n\t\t\tlistResourceTypes: createAuthEndpoint(\r\n\t\t\t\t\"/banata/config/resource-types/list\",\r\n\t\t\t\t{\r\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\r\n\t\t\t\t\tbody: projectScopedEmpty,\r\n\t\t\t\t},\r\n\t\t\t\tasync (ctx) => {\r\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\r\n\t\t\t\t\tconst scope = await requireScopedPermission(\r\n\t\t\t\t\t\tctx,\r\n\t\t\t\t\t\tdb,\r\n\t\t\t\t\t\tctx.body as Record<string, unknown>,\r\n\t\t\t\t\t\t\"dashboard.read\",\r\n\t\t\t\t\t);\r\n\r\n\t\t\t\t\tconst rows = await db.findMany<ResourceTypeRow>({\r\n\t\t\t\t\t\tmodel: \"resourceType\",\r\n\t\t\t\t\t\twhere: [...scope.where],\r\n\t\t\t\t\t\tlimit: 200,\r\n\t\t\t\t\t\tsortBy: { field: \"createdAt\", direction: \"asc\" },\r\n\t\t\t\t\t});\r\n\r\n\t\t\t\t\tconst resourceTypes = rows.map((r) => ({\r\n\t\t\t\t\t\tid: r.id,\r\n\t\t\t\t\t\tname: r.name,\r\n\t\t\t\t\t\tslug: r.slug,\r\n\t\t\t\t\t\tdescription: r.description ?? \"\",\r\n\t\t\t\t\t\tcreatedAt: new Date(r.createdAt).toISOString(),\r\n\t\t\t\t\t}));\r\n\r\n\t\t\t\t\treturn ctx.json({ resourceTypes });\r\n\t\t\t\t},\r\n\t\t\t),\r\n\r\n\t\t\tcreateResourceType: createAuthEndpoint(\r\n\t\t\t\t\"/banata/config/resource-types/create\",\r\n\t\t\t\t{\r\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\r\n\t\t\t\t\tbody: createResourceTypeSchema,\r\n\t\t\t\t},\r\n\t\t\t\tasync (ctx) => {\r\n\t\t\t\t\tconst body = ctx.body;\r\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\r\n\t\t\t\t\tconst now = Date.now();\r\n\t\t\t\t\tconst scope = await requireScopedPermission(\r\n\t\t\t\t\t\tctx,\r\n\t\t\t\t\t\tdb,\r\n\t\t\t\t\t\tbody as Record<string, unknown>,\r\n\t\t\t\t\t\t\"dashboard.manage\",\r\n\t\t\t\t\t);\r\n\r\n\t\t\t\t\t// Check for duplicate slug (within project scope)\r\n\t\t\t\t\tconst existing = await db.findMany<ResourceTypeRow>({\r\n\t\t\t\t\t\tmodel: \"resourceType\",\r\n\t\t\t\t\t\twhere: [{ field: \"slug\", value: body.slug }, ...scope.where],\r\n\t\t\t\t\t\tlimit: 1,\r\n\t\t\t\t\t});\r\n\t\t\t\t\tif (existing.length > 0) {\r\n\t\t\t\t\t\tthrow ctx.error(\"CONFLICT\", {\r\n\t\t\t\t\t\t\tmessage: \"A resource type with this slug already exists\",\r\n\t\t\t\t\t\t});\r\n\t\t\t\t\t}\r\n\r\n\t\t\t\t\tconst resourceType = await db.create<ResourceTypeRow>({\r\n\t\t\t\t\t\tmodel: \"resourceType\",\r\n\t\t\t\t\t\tdata: {\r\n\t\t\t\t\t\t\t...scope.data,\r\n\t\t\t\t\t\t\tname: body.name,\r\n\t\t\t\t\t\t\tslug: body.slug,\r\n\t\t\t\t\t\t\tdescription: body.description ?? \"\",\r\n\t\t\t\t\t\t\tcreatedAt: now,\r\n\t\t\t\t\t\t\tupdatedAt: now,\r\n\t\t\t\t\t\t},\r\n\t\t\t\t\t});\r\n\r\n\t\t\t\t\treturn ctx.json({\r\n\t\t\t\t\t\tresourceType: {\r\n\t\t\t\t\t\t\tid: resourceType.id,\r\n\t\t\t\t\t\t\tname: resourceType.name,\r\n\t\t\t\t\t\t\tslug: resourceType.slug,\r\n\t\t\t\t\t\t\tdescription: resourceType.description ?? \"\",\r\n\t\t\t\t\t\t\tcreatedAt: new Date(now).toISOString(),\r\n\t\t\t\t\t\t},\r\n\t\t\t\t\t});\r\n\t\t\t\t},\r\n\t\t\t),\r\n\r\n\t\t\tdeleteResourceType: createAuthEndpoint(\r\n\t\t\t\t\"/banata/config/resource-types/delete\",\r\n\t\t\t\t{\r\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\r\n\t\t\t\t\tbody: deleteResourceTypeSchema,\r\n\t\t\t\t},\r\n\t\t\t\tasync (ctx) => {\r\n\t\t\t\t\tconst body = ctx.body;\r\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\r\n\t\t\t\t\tconst scope = await requireScopedPermission(\r\n\t\t\t\t\t\tctx,\r\n\t\t\t\t\t\tdb,\r\n\t\t\t\t\t\tbody as Record<string, unknown>,\r\n\t\t\t\t\t\t\"dashboard.manage\",\r\n\t\t\t\t\t);\r\n\r\n\t\t\t\t\tawait db.delete({\r\n\t\t\t\t\t\tmodel: \"resourceType\",\r\n\t\t\t\t\t\twhere: [{ field: \"id\", operator: \"eq\", value: body.id }, ...scope.where],\r\n\t\t\t\t\t});\r\n\r\n\t\t\t\t\treturn ctx.json({ success: true });\r\n\t\t\t\t},\r\n\t\t\t),\r\n\r\n\t\t\t// ════════════════════════════════════════════════════════════\r\n\t\t\t// Addon Config\r\n\t\t\t// ════════════════════════════════════════════════════════════\r\n\r\n\t\t\tgetAddonConfig: createAuthEndpoint(\r\n\t\t\t\t\"/banata/config/addons/get\",\r\n\t\t\t\t{\r\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\r\n\t\t\t\t\tbody: projectScopedEmpty,\r\n\t\t\t\t},\r\n\t\t\t\tasync (ctx) => {\r\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\r\n\t\t\t\t\tconst scope = await requireScopedPermission(\r\n\t\t\t\t\t\tctx,\r\n\t\t\t\t\t\tdb,\r\n\t\t\t\t\t\tctx.body as Record<string, unknown>,\r\n\t\t\t\t\t\t\"dashboard.read\",\r\n\t\t\t\t\t);\r\n\r\n\t\t\t\t\tconst rows = await db.findMany<AddonConfigRow>({\r\n\t\t\t\t\t\tmodel: \"addonConfig\",\r\n\t\t\t\t\t\twhere: [...scope.where],\r\n\t\t\t\t\t\tlimit: 1,\r\n\t\t\t\t\t});\r\n\r\n\t\t\t\t\tif (rows.length > 0 && rows[0]?.configJson) {\r\n\t\t\t\t\t\treturn ctx.json(JSON.parse(rows[0].configJson));\r\n\t\t\t\t\t}\r\n\r\n\t\t\t\t\treturn ctx.json({ addons: {} });\r\n\t\t\t\t},\r\n\t\t\t),\r\n\r\n\t\t\tsaveAddonConfig: createAuthEndpoint(\r\n\t\t\t\t\"/banata/config/addons/save\",\r\n\t\t\t\t{\r\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\r\n\t\t\t\t\tbody: saveAddonConfigSchema,\r\n\t\t\t\t},\r\n\t\t\t\tasync (ctx) => {\r\n\t\t\t\t\tconst body = ctx.body;\r\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\r\n\t\t\t\t\tconst now = Date.now();\r\n\t\t\t\t\tconst scope = await requireScopedPermission(\r\n\t\t\t\t\t\tctx,\r\n\t\t\t\t\t\tdb,\r\n\t\t\t\t\t\tbody as Record<string, unknown>,\r\n\t\t\t\t\t\t\"dashboard.manage\",\r\n\t\t\t\t\t);\r\n\r\n\t\t\t\t\tconst rows = await db.findMany<AddonConfigRow>({\r\n\t\t\t\t\t\tmodel: \"addonConfig\",\r\n\t\t\t\t\t\twhere: [...scope.where],\r\n\t\t\t\t\t\tlimit: 1,\r\n\t\t\t\t\t});\r\n\r\n\t\t\t\t\tconst existing =\r\n\t\t\t\t\t\trows.length > 0 && rows[0]?.configJson\r\n\t\t\t\t\t\t\t? (JSON.parse(rows[0].configJson) as {\r\n\t\t\t\t\t\t\t\t\taddons?: Record<string, unknown>;\r\n\t\t\t\t\t\t\t\t})\r\n\t\t\t\t\t\t\t: { addons: {} };\r\n\r\n\t\t\t\t\tconst merged = {\r\n\t\t\t\t\t\taddons: { ...(existing.addons ?? {}), ...body.addons },\r\n\t\t\t\t\t};\r\n\t\t\t\t\tconst configJson = JSON.stringify(merged);\r\n\r\n\t\t\t\t\tif (rows.length > 0 && rows[0]) {\r\n\t\t\t\t\t\tawait db.update<AddonConfigRow>({\r\n\t\t\t\t\t\t\tmodel: \"addonConfig\",\r\n\t\t\t\t\t\t\twhere: [{ field: \"id\", operator: \"eq\", value: rows[0].id }],\r\n\t\t\t\t\t\t\tupdate: { configJson, updatedAt: now },\r\n\t\t\t\t\t\t});\r\n\t\t\t\t\t} else {\r\n\t\t\t\t\t\tawait db.create<AddonConfigRow>({\r\n\t\t\t\t\t\t\tmodel: \"addonConfig\",\r\n\t\t\t\t\t\t\tdata: {\r\n\t\t\t\t\t\t\t\t...scope.data,\r\n\t\t\t\t\t\t\t\tconfigJson,\r\n\t\t\t\t\t\t\t\tcreatedAt: now,\r\n\t\t\t\t\t\t\t\tupdatedAt: now,\r\n\t\t\t\t\t\t\t},\r\n\t\t\t\t\t\t});\r\n\t\t\t\t\t}\r\n\r\n\t\t\t\t\treturn ctx.json(merged);\r\n\t\t\t\t},\r\n\t\t\t),\r\n\r\n\t\t\t// ════════════════════════════════════════════════════════════\r\n\t\t\t// Auth Configuration (authorization config page)\r\n\t\t\t// ════════════════════════════════════════════════════════════\r\n\r\n\t\t\tgetAuthConfiguration: createAuthEndpoint(\r\n\t\t\t\t\"/banata/config/auth-config/get\",\r\n\t\t\t\t{\r\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\r\n\t\t\t\t\tbody: projectScopedEmpty,\r\n\t\t\t\t},\r\n\t\t\t\tasync (ctx) => {\r\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\r\n\t\t\t\t\tconst body = ctx.body as Record<string, unknown>;\r\n\t\t\t\t\tconst scope = await requireScopedPermission(ctx, db, body, \"dashboard.read\");\r\n\r\n\t\t\t\t\tconst cfg = await ensurePersistedOverrides(db, scope.projectId);\r\n\r\n\t\t\t\t\t// Auth configuration is stored as part of dashboardConfig\r\n\t\t\t\t\tconst configAny = cfg as unknown as Record<string, unknown>;\r\n\t\t\t\t\tconst authConfig = (configAny.authConfiguration ?? {\r\n\t\t\t\t\t\troleAssignment: false,\r\n\t\t\t\t\t\tmultipleRoles: false,\r\n\t\t\t\t\t\tapiKeyPermissions: false,\r\n\t\t\t\t\t}) as Record<string, boolean>;\r\n\r\n\t\t\t\t\treturn ctx.json(authConfig);\r\n\t\t\t\t},\r\n\t\t\t),\r\n\r\n\t\t\tsaveAuthConfiguration: createAuthEndpoint(\r\n\t\t\t\t\"/banata/config/auth-config/save\",\r\n\t\t\t\t{\r\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\r\n\t\t\t\t\tbody: saveAuthConfigSchema,\r\n\t\t\t\t},\r\n\t\t\t\tasync (ctx) => {\r\n\t\t\t\t\tconst body = ctx.body;\r\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\r\n\t\t\t\t\tconst now = Date.now();\r\n\t\t\t\t\tconst scope = await requireScopedPermission(\r\n\t\t\t\t\t\tctx,\r\n\t\t\t\t\t\tdb,\r\n\t\t\t\t\t\tbody as Record<string, unknown>,\r\n\t\t\t\t\t\t\"dashboard.manage\",\r\n\t\t\t\t\t);\r\n\r\n\t\t\t\t\tconst cfg = await ensurePersistedOverrides(db, scope.projectId);\r\n\r\n\t\t\t\t\t// Store in dashboardConfig as authConfiguration key\r\n\t\t\t\t\tconst configAny = cfg as unknown as Record<string, unknown>;\r\n\t\t\t\t\tconst existing = (configAny.authConfiguration ?? {\r\n\t\t\t\t\t\troleAssignment: false,\r\n\t\t\t\t\t\tmultipleRoles: false,\r\n\t\t\t\t\t\tapiKeyPermissions: false,\r\n\t\t\t\t\t}) as Record<string, boolean>;\r\n\r\n\t\t\t\t\tconst merged = { ...existing };\r\n\t\t\t\t\tif (body.roleAssignment !== undefined) merged.roleAssignment = body.roleAssignment;\r\n\t\t\t\t\tif (body.multipleRoles !== undefined) merged.multipleRoles = body.multipleRoles;\r\n\t\t\t\t\tif (body.apiKeyPermissions !== undefined)\r\n\t\t\t\t\t\tmerged.apiKeyPermissions = body.apiKeyPermissions;\r\n\r\n\t\t\t\t\tconfigAny.authConfiguration = merged;\r\n\r\n\t\t\t\t\t// Persist (scoped)\r\n\t\t\t\t\ttry {\r\n\t\t\t\t\t\tconst configJson = JSON.stringify(cfg);\r\n\t\t\t\t\t\tconst rows = await db.findMany<DashboardConfigRow>({\r\n\t\t\t\t\t\t\tmodel: \"dashboardConfig\",\r\n\t\t\t\t\t\t\twhere: [...scope.where],\r\n\t\t\t\t\t\t\tlimit: 1,\r\n\t\t\t\t\t\t});\r\n\r\n\t\t\t\t\t\tif (rows.length > 0 && rows[0]) {\r\n\t\t\t\t\t\t\tawait db.update<DashboardConfigRow>({\r\n\t\t\t\t\t\t\t\tmodel: \"dashboardConfig\",\r\n\t\t\t\t\t\t\t\twhere: [{ field: \"id\", operator: \"eq\", value: rows[0].id }],\r\n\t\t\t\t\t\t\t\tupdate: { configJson, updatedAt: now },\r\n\t\t\t\t\t\t\t});\r\n\t\t\t\t\t\t} else {\r\n\t\t\t\t\t\t\tawait db.create<DashboardConfigRow>({\r\n\t\t\t\t\t\t\t\tmodel: \"dashboardConfig\",\r\n\t\t\t\t\t\t\t\tdata: {\r\n\t\t\t\t\t\t\t\t\t...scope.data,\r\n\t\t\t\t\t\t\t\t\tconfigJson,\r\n\t\t\t\t\t\t\t\t\tcreatedAt: now,\r\n\t\t\t\t\t\t\t\t\tupdatedAt: now,\r\n\t\t\t\t\t\t\t\t},\r\n\t\t\t\t\t\t\t});\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t} catch {\r\n\t\t\t\t\t\t// In-memory state updated even if persistence fails\r\n\t\t\t\t\t}\r\n\r\n\t\t\t\t\treturn ctx.json(merged);\r\n\t\t\t\t},\r\n\t\t\t),\r\n\r\n\t\t\t// ════════════════════════════════════════════════════════════\r\n\t\t\t// Project Config\r\n\t\t\t// ════════════════════════════════════════════════════════════\r\n\r\n\t\t\tgetProjectConfig: createAuthEndpoint(\r\n\t\t\t\t\"/banata/config/project/get\",\r\n\t\t\t\t{\r\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\r\n\t\t\t\t\tbody: projectScopedEmpty,\r\n\t\t\t\t},\r\n\t\t\t\tasync (ctx) => {\r\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\r\n\t\t\t\t\tconst scope = await requireScopedPermission(\r\n\t\t\t\t\t\tctx,\r\n\t\t\t\t\t\tdb,\r\n\t\t\t\t\t\tctx.body as Record<string, unknown>,\r\n\t\t\t\t\t\t\"dashboard.read\",\r\n\t\t\t\t\t);\r\n\r\n\t\t\t\t\tconst rows = await db.findMany<ProjectConfigRow>({\r\n\t\t\t\t\t\tmodel: \"projectConfig\",\r\n\t\t\t\t\t\twhere: [...scope.where],\r\n\t\t\t\t\t\tlimit: 1,\r\n\t\t\t\t\t});\r\n\r\n\t\t\t\t\tconst defaults = {\r\n\t\t\t\t\t\tprojectName: \"My Banata Project\",\r\n\t\t\t\t\t\tprojectDescription: \"\",\r\n\t\t\t\t\t\tclientId: ctx.context.appName || \"banata-auth\",\r\n\t\t\t\t\t};\r\n\r\n\t\t\t\t\tif (rows.length > 0 && rows[0]?.configJson) {\r\n\t\t\t\t\t\tconst saved = JSON.parse(rows[0].configJson) as Record<string, unknown>;\r\n\t\t\t\t\t\treturn ctx.json({\r\n\t\t\t\t\t\t\tprojectName: (saved.projectName as string) ?? defaults.projectName,\r\n\t\t\t\t\t\t\tprojectDescription:\r\n\t\t\t\t\t\t\t\t(saved.projectDescription as string) ?? defaults.projectDescription,\r\n\t\t\t\t\t\t\tclientId: defaults.clientId,\r\n\t\t\t\t\t\t});\r\n\t\t\t\t\t}\r\n\r\n\t\t\t\t\treturn ctx.json(defaults);\r\n\t\t\t\t},\r\n\t\t\t),\r\n\r\n\t\t\tsaveProjectConfig: createAuthEndpoint(\r\n\t\t\t\t\"/banata/config/project/save\",\r\n\t\t\t\t{\r\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\r\n\t\t\t\t\tbody: saveProjectConfigSchema,\r\n\t\t\t\t},\r\n\t\t\t\tasync (ctx) => {\r\n\t\t\t\t\tconst body = ctx.body;\r\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\r\n\t\t\t\t\tconst now = Date.now();\r\n\t\t\t\t\tconst scope = await requireScopedPermission(\r\n\t\t\t\t\t\tctx,\r\n\t\t\t\t\t\tdb,\r\n\t\t\t\t\t\tbody as Record<string, unknown>,\r\n\t\t\t\t\t\t\"dashboard.manage\",\r\n\t\t\t\t\t);\r\n\r\n\t\t\t\t\t// Read existing (scoped)\r\n\t\t\t\t\tconst rows = await db.findMany<ProjectConfigRow>({\r\n\t\t\t\t\t\tmodel: \"projectConfig\",\r\n\t\t\t\t\t\twhere: [...scope.where],\r\n\t\t\t\t\t\tlimit: 1,\r\n\t\t\t\t\t});\r\n\r\n\t\t\t\t\tconst existing =\r\n\t\t\t\t\t\trows.length > 0 && rows[0]?.configJson\r\n\t\t\t\t\t\t\t? (JSON.parse(rows[0].configJson) as Record<string, unknown>)\r\n\t\t\t\t\t\t\t: {};\r\n\r\n\t\t\t\t\tconst merged = { ...existing };\r\n\t\t\t\t\tif (body.projectName !== undefined) merged.projectName = body.projectName;\r\n\t\t\t\t\tif (body.projectDescription !== undefined)\r\n\t\t\t\t\t\tmerged.projectDescription = body.projectDescription;\r\n\r\n\t\t\t\t\tconst configJson = JSON.stringify(merged);\r\n\r\n\t\t\t\t\tif (rows.length > 0 && rows[0]) {\r\n\t\t\t\t\t\tawait db.update<ProjectConfigRow>({\r\n\t\t\t\t\t\t\tmodel: \"projectConfig\",\r\n\t\t\t\t\t\t\twhere: [{ field: \"id\", operator: \"eq\", value: rows[0].id }],\r\n\t\t\t\t\t\t\tupdate: { configJson, updatedAt: now },\r\n\t\t\t\t\t\t});\r\n\t\t\t\t\t} else {\r\n\t\t\t\t\t\tawait db.create<ProjectConfigRow>({\r\n\t\t\t\t\t\t\tmodel: \"projectConfig\",\r\n\t\t\t\t\t\t\tdata: {\r\n\t\t\t\t\t\t\t\t...scope.data,\r\n\t\t\t\t\t\t\t\tconfigJson,\r\n\t\t\t\t\t\t\t\tcreatedAt: now,\r\n\t\t\t\t\t\t\t\tupdatedAt: now,\r\n\t\t\t\t\t\t\t},\r\n\t\t\t\t\t\t});\r\n\t\t\t\t\t}\r\n\r\n\t\t\t\t\treturn ctx.json({\r\n\t\t\t\t\t\tprojectName: (merged.projectName as string) ?? \"My Banata Project\",\r\n\t\t\t\t\t\tprojectDescription: (merged.projectDescription as string) ?? \"\",\r\n\t\t\t\t\t\tclientId: ctx.context.appName || \"banata-auth\",\r\n\t\t\t\t\t});\r\n\t\t\t\t},\r\n\t\t\t),\r\n\t\t},\r\n\t};\r\n}\r\n\r\n\r\n\r\n","import type { BetterAuthPlugin } from \"better-auth\";\nimport { createAuthEndpoint, sessionMiddleware } from \"better-auth/api\";\nimport { generateRandomString } from \"better-auth/crypto\";\nimport { z } from \"zod\";\nimport {\n\ttype PluginDBAdapter,\n\tgetProjectScope,\n\tprojectScopeSchema,\n\trequireProjectPermission,\n} from \"./types\";\n\ninterface DomainVerificationRow extends Record<string, unknown> {\n\tid: string;\n\torganizationId: string;\n\tdomain: string;\n\tprojectId?: string | null;\n\tstate: \"pending\" | \"verified\" | \"failed\" | \"expired\";\n\tmethod: \"dns_txt\";\n\ttxtRecordName: string;\n\ttxtRecordValue: string;\n\tverifiedAt?: number | null;\n\texpiresAt?: number | null;\n\tlastCheckedAt?: number | null;\n\tcheckCount?: number | null;\n\tcreatedAt: number;\n\tupdatedAt: number;\n}\n\ninterface OrganizationRow extends Record<string, unknown> {\n\tid: string;\n\tprojectId?: string | null;\n}\n\ninterface SSOProviderRow extends Record<string, unknown> {\n\tid: string;\n\torganizationId?: string | null;\n\tprojectId?: string | null;\n\tdomain: string;\n\tdomainVerified?: boolean | null;\n\tupdatedAt: number;\n}\n\ntype DnsJsonAnswer = { data?: string };\ntype DnsJsonResponse = { Answer?: DnsJsonAnswer[] };\n\nconst TXT_PREFIX = \"_better-auth-token\";\nconst ONE_WEEK_MS = 7 * 24 * 60 * 60 * 1000;\n\nconst createVerificationSchema = z\n\t.object({\n\t\torganizationId: z.string().min(1),\n\t\tdomain: z.string().min(1),\n\t})\n\t.merge(projectScopeSchema);\n\nconst verificationIdSchema = z\n\t.object({\n\t\tid: z.string().min(1),\n\t})\n\t.merge(projectScopeSchema);\n\nconst listVerificationsSchema = z\n\t.object({\n\t\torganizationId: z.string().optional(),\n\t\tlimit: z.number().optional(),\n\t})\n\t.merge(projectScopeSchema);\n\nfunction normalizeDomain(domain: string) {\n\treturn domain.trim().toLowerCase().replace(/^\\*\\./, \"\").replace(/\\.$/, \"\");\n}\n\nfunction normalizeTxtAnswer(value: string) {\n\treturn value.replace(/^\"|\"$/g, \"\").replace(/\"\\s+\"/g, \"\");\n}\n\nfunction buildTxtRecordName(domain: string) {\n\treturn `${TXT_PREFIX}.${normalizeDomain(domain)}`;\n}\n\nfunction serializeVerification(row: DomainVerificationRow) {\n\treturn {\n\t\tid: row.id,\n\t\torganizationId: row.organizationId,\n\t\tdomain: row.domain,\n\t\tstate: row.state,\n\t\tmethod: row.method,\n\t\ttxtRecord: {\n\t\t\tname: row.txtRecordName,\n\t\t\tvalue: row.txtRecordValue,\n\t\t},\n\t\tverifiedAt: row.verifiedAt ?? null,\n\t\texpiresAt: row.expiresAt ?? null,\n\t\tlastCheckedAt: row.lastCheckedAt ?? null,\n\t\tcheckCount: row.checkCount ?? 0,\n\t\tcreatedAt: row.createdAt,\n\t\tupdatedAt: row.updatedAt,\n\t};\n}\n\nasync function ensureOrganizationInProject(\n\tdb: PluginDBAdapter,\n\torganizationId: string,\n\tprojectId: string,\n) {\n\tconst organization = await db.findOne<OrganizationRow>({\n\t\tmodel: \"organization\",\n\t\twhere: [\n\t\t\t{ field: \"id\", value: organizationId },\n\t\t\t{ field: \"projectId\", value: projectId },\n\t\t],\n\t});\n\tif (!organization) {\n\t\tthrow new Error(\"Organization not found for project scope\");\n\t}\n}\n\nasync function recomputeProviderDomainVerification(\n\tdb: PluginDBAdapter,\n\tprojectId: string,\n\torganizationId: string,\n) {\n\tconst [providers, verifiedRecords] = await Promise.all([\n\t\tdb.findMany<SSOProviderRow>({\n\t\t\tmodel: \"ssoProvider\",\n\t\t\twhere: [\n\t\t\t\t{ field: \"projectId\", value: projectId },\n\t\t\t\t{ field: \"organizationId\", value: organizationId },\n\t\t\t],\n\t\t\tlimit: 500,\n\t\t}),\n\t\tdb.findMany<DomainVerificationRow>({\n\t\t\tmodel: \"domainVerification\",\n\t\t\twhere: [\n\t\t\t\t{ field: \"projectId\", value: projectId },\n\t\t\t\t{ field: \"organizationId\", value: organizationId },\n\t\t\t\t{ field: \"state\", value: \"verified\" },\n\t\t\t],\n\t\t\tlimit: 500,\n\t\t}),\n\t]);\n\n\tconst verifiedDomains = new Set(verifiedRecords.map((record) => normalizeDomain(record.domain)));\n\tconst now = Date.now();\n\n\tfor (const provider of providers) {\n\t\tconst domains = provider.domain\n\t\t\t.split(\",\")\n\t\t\t.map((entry) => normalizeDomain(entry))\n\t\t\t.filter(Boolean);\n\t\tconst nextValue = domains.length > 0 && domains.every((domain) => verifiedDomains.has(domain));\n\t\tif ((provider.domainVerified ?? false) === nextValue) {\n\t\t\tcontinue;\n\t\t}\n\t\tawait db.update<SSOProviderRow>({\n\t\t\tmodel: \"ssoProvider\",\n\t\t\twhere: [{ field: \"id\", value: provider.id }],\n\t\t\tupdate: {\n\t\t\t\tdomainVerified: nextValue,\n\t\t\t\tupdatedAt: now,\n\t\t\t},\n\t\t});\n\t}\n}\n\nasync function fetchTxtAnswers(recordName: string): Promise<string[]> {\n\tconst response = await fetch(\n\t\t`https://dns.google/resolve?name=${encodeURIComponent(recordName)}&type=TXT`,\n\t\t{\n\t\t\theaders: { accept: \"application/dns-json\" },\n\t\t},\n\t);\n\tif (!response.ok) {\n\t\treturn [];\n\t}\n\tconst payload = (await response.json()) as DnsJsonResponse;\n\treturn (payload.Answer ?? [])\n\t\t.map((answer) => (typeof answer.data === \"string\" ? normalizeTxtAnswer(answer.data) : \"\"))\n\t\t.filter(Boolean);\n}\n\nexport function domainsPlugin(): BetterAuthPlugin {\n\treturn {\n\t\tid: \"banata-domains\",\n\t\tendpoints: {\n\t\t\tcreateVerification: createAuthEndpoint(\n\t\t\t\t\"/banata/domains/create\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\n\t\t\t\t\tbody: createVerificationSchema,\n\t\t\t\t\tuse: [sessionMiddleware],\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst scope = getProjectScope(ctx.body);\n\t\t\t\t\tawait requireProjectPermission(ctx, {\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tprojectId: scope.projectId,\n\t\t\t\t\t\tpermission: \"sso.manage\",\n\t\t\t\t\t});\n\t\t\t\t\tawait ensureOrganizationInProject(db, ctx.body.organizationId, scope.projectId!);\n\n\t\t\t\t\tconst now = Date.now();\n\t\t\t\t\tconst domain = normalizeDomain(ctx.body.domain);\n\t\t\t\t\tconst recordData = {\n\t\t\t\t\t\tprojectId: scope.projectId,\n\t\t\t\t\t\torganizationId: ctx.body.organizationId,\n\t\t\t\t\t\tdomain,\n\t\t\t\t\t\tstate: \"pending\" as const,\n\t\t\t\t\t\tmethod: \"dns_txt\" as const,\n\t\t\t\t\t\ttxtRecordName: buildTxtRecordName(domain),\n\t\t\t\t\t\ttxtRecordValue: generateRandomString(32),\n\t\t\t\t\t\tverifiedAt: null,\n\t\t\t\t\t\texpiresAt: now + ONE_WEEK_MS,\n\t\t\t\t\t\tlastCheckedAt: null,\n\t\t\t\t\t\tcheckCount: 0,\n\t\t\t\t\t\tupdatedAt: now,\n\t\t\t\t\t};\n\n\t\t\t\t\tconst existing = await db.findOne<DomainVerificationRow>({\n\t\t\t\t\t\tmodel: \"domainVerification\",\n\t\t\t\t\t\twhere: [\n\t\t\t\t\t\t\t{ field: \"projectId\", value: scope.projectId! },\n\t\t\t\t\t\t\t{ field: \"organizationId\", value: ctx.body.organizationId },\n\t\t\t\t\t\t\t{ field: \"domain\", value: domain },\n\t\t\t\t\t\t],\n\t\t\t\t\t});\n\n\t\t\t\t\tconst record = existing\n\t\t\t\t\t\t? await db.update<DomainVerificationRow>({\n\t\t\t\t\t\t\t\tmodel: \"domainVerification\",\n\t\t\t\t\t\t\t\twhere: [{ field: \"id\", value: existing.id }],\n\t\t\t\t\t\t\t\tupdate: recordData,\n\t\t\t\t\t\t\t})\n\t\t\t\t\t\t: await db.create<DomainVerificationRow>({\n\t\t\t\t\t\t\t\tmodel: \"domainVerification\",\n\t\t\t\t\t\t\t\tdata: {\n\t\t\t\t\t\t\t\t\t...recordData,\n\t\t\t\t\t\t\t\t\tcreatedAt: now,\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t});\n\n\t\t\t\t\tif (!record) {\n\t\t\t\t\t\tthrow ctx.error(\"INTERNAL_SERVER_ERROR\", {\n\t\t\t\t\t\t\tmessage: \"Failed to create domain verification\",\n\t\t\t\t\t\t});\n\t\t\t\t\t}\n\n\t\t\t\t\tawait recomputeProviderDomainVerification(db, scope.projectId!, ctx.body.organizationId);\n\t\t\t\t\treturn ctx.json(serializeVerification(record));\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tgetVerification: createAuthEndpoint(\n\t\t\t\t\"/banata/domains/get\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\n\t\t\t\t\tbody: verificationIdSchema,\n\t\t\t\t\tuse: [sessionMiddleware],\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst scope = getProjectScope(ctx.body);\n\t\t\t\t\tawait requireProjectPermission(ctx, {\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tprojectId: scope.projectId,\n\t\t\t\t\t\tpermission: \"sso.read\",\n\t\t\t\t\t});\n\t\t\t\t\tconst record = await db.findOne<DomainVerificationRow>({\n\t\t\t\t\t\tmodel: \"domainVerification\",\n\t\t\t\t\t\twhere: [\n\t\t\t\t\t\t\t{ field: \"id\", value: ctx.body.id },\n\t\t\t\t\t\t\t{ field: \"projectId\", value: scope.projectId! },\n\t\t\t\t\t\t],\n\t\t\t\t\t});\n\t\t\t\t\tif (!record) {\n\t\t\t\t\t\tthrow ctx.error(\"NOT_FOUND\", { message: \"Domain verification not found\" });\n\t\t\t\t\t}\n\t\t\t\t\treturn ctx.json(serializeVerification(record));\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tverifyDomain: createAuthEndpoint(\n\t\t\t\t\"/banata/domains/verify\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\n\t\t\t\t\tbody: verificationIdSchema,\n\t\t\t\t\tuse: [sessionMiddleware],\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst scope = getProjectScope(ctx.body);\n\t\t\t\t\tawait requireProjectPermission(ctx, {\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tprojectId: scope.projectId,\n\t\t\t\t\t\tpermission: \"sso.manage\",\n\t\t\t\t\t});\n\t\t\t\t\tconst record = await db.findOne<DomainVerificationRow>({\n\t\t\t\t\t\tmodel: \"domainVerification\",\n\t\t\t\t\t\twhere: [\n\t\t\t\t\t\t\t{ field: \"id\", value: ctx.body.id },\n\t\t\t\t\t\t\t{ field: \"projectId\", value: scope.projectId! },\n\t\t\t\t\t\t],\n\t\t\t\t\t});\n\t\t\t\t\tif (!record) {\n\t\t\t\t\t\tthrow ctx.error(\"NOT_FOUND\", { message: \"Domain verification not found\" });\n\t\t\t\t\t}\n\n\t\t\t\t\tconst now = Date.now();\n\t\t\t\t\tconst answers = await fetchTxtAnswers(record.txtRecordName);\n\t\t\t\t\tconst nextState = answers.includes(record.txtRecordValue)\n\t\t\t\t\t\t? \"verified\"\n\t\t\t\t\t\t: record.expiresAt != null && record.expiresAt < now\n\t\t\t\t\t\t\t? \"expired\"\n\t\t\t\t\t\t\t: \"failed\";\n\t\t\t\t\tconst updated = await db.update<DomainVerificationRow>({\n\t\t\t\t\t\tmodel: \"domainVerification\",\n\t\t\t\t\t\twhere: [{ field: \"id\", value: record.id }],\n\t\t\t\t\t\tupdate: {\n\t\t\t\t\t\t\tstate: nextState,\n\t\t\t\t\t\t\tverifiedAt: nextState === \"verified\" ? now : null,\n\t\t\t\t\t\t\tlastCheckedAt: now,\n\t\t\t\t\t\t\tcheckCount: (record.checkCount ?? 0) + 1,\n\t\t\t\t\t\t\tupdatedAt: now,\n\t\t\t\t\t\t},\n\t\t\t\t\t});\n\n\t\t\t\t\tif (!updated) {\n\t\t\t\t\t\tthrow ctx.error(\"INTERNAL_SERVER_ERROR\", {\n\t\t\t\t\t\t\tmessage: \"Failed to update domain verification\",\n\t\t\t\t\t\t});\n\t\t\t\t\t}\n\n\t\t\t\t\tawait recomputeProviderDomainVerification(\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tscope.projectId!,\n\t\t\t\t\t\trecord.organizationId,\n\t\t\t\t\t);\n\t\t\t\t\treturn ctx.json(serializeVerification(updated));\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tlistVerifications: createAuthEndpoint(\n\t\t\t\t\"/banata/domains/list\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\n\t\t\t\t\tbody: listVerificationsSchema,\n\t\t\t\t\tuse: [sessionMiddleware],\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst scope = getProjectScope(ctx.body);\n\t\t\t\t\tawait requireProjectPermission(ctx, {\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tprojectId: scope.projectId,\n\t\t\t\t\t\tpermission: \"sso.read\",\n\t\t\t\t\t});\n\t\t\t\t\tconst rows = await db.findMany<DomainVerificationRow>({\n\t\t\t\t\t\tmodel: \"domainVerification\",\n\t\t\t\t\t\twhere: [\n\t\t\t\t\t\t\t...scope.where,\n\t\t\t\t\t\t\t...(ctx.body.organizationId\n\t\t\t\t\t\t\t\t? [{ field: \"organizationId\", value: ctx.body.organizationId }]\n\t\t\t\t\t\t\t\t: []),\n\t\t\t\t\t\t],\n\t\t\t\t\t\tlimit: Math.min(ctx.body.limit ?? 100, 100),\n\t\t\t\t\t\tsortBy: { field: \"createdAt\", direction: \"desc\" },\n\t\t\t\t\t});\n\t\t\t\t\treturn ctx.json({\n\t\t\t\t\t\tdata: rows.map(serializeVerification),\n\t\t\t\t\t});\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tdeleteVerification: createAuthEndpoint(\n\t\t\t\t\"/banata/domains/delete\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\n\t\t\t\t\tbody: verificationIdSchema,\n\t\t\t\t\tuse: [sessionMiddleware],\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst scope = getProjectScope(ctx.body);\n\t\t\t\t\tawait requireProjectPermission(ctx, {\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tprojectId: scope.projectId,\n\t\t\t\t\t\tpermission: \"sso.manage\",\n\t\t\t\t\t});\n\t\t\t\t\tconst record = await db.findOne<DomainVerificationRow>({\n\t\t\t\t\t\tmodel: \"domainVerification\",\n\t\t\t\t\t\twhere: [\n\t\t\t\t\t\t\t{ field: \"id\", value: ctx.body.id },\n\t\t\t\t\t\t\t{ field: \"projectId\", value: scope.projectId! },\n\t\t\t\t\t\t],\n\t\t\t\t\t});\n\t\t\t\t\tif (!record) {\n\t\t\t\t\t\tthrow ctx.error(\"NOT_FOUND\", { message: \"Domain verification not found\" });\n\t\t\t\t\t}\n\t\t\t\t\tawait db.delete({\n\t\t\t\t\t\tmodel: \"domainVerification\",\n\t\t\t\t\t\twhere: [{ field: \"id\", value: record.id }],\n\t\t\t\t\t});\n\t\t\t\t\tawait recomputeProviderDomainVerification(\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tscope.projectId!,\n\t\t\t\t\t\trecord.organizationId,\n\t\t\t\t\t);\n\t\t\t\t\treturn ctx.json({ success: true });\n\t\t\t\t},\n\t\t\t),\n\t\t},\n\t};\n}\r\n","/**\n * Provider-agnostic email sending abstraction for Banata Auth.\n *\n * All providers use the Fetch API directly (no Node.js SDKs), making this\n * compatible with Convex's runtime, Cloudflare Workers, Deno, and any\n * other edge/serverless environment.\n *\n * Supported providers:\n * - Resend (https://resend.com)\n * - SendGrid (https://sendgrid.com)\n * - Amazon SES (https://aws.amazon.com/ses) — via SES v2 HTTP API\n * - Mailgun (https://mailgun.com)\n * - Postmark (https://postmarkapp.com)\n */\n\n// ─── Types ─────────────────────────────────────────────────────────\n\nexport type EmailProviderId = \"resend\" | \"sendgrid\" | \"ses\" | \"mailgun\" | \"postmark\";\n\nexport interface EmailMessage {\n\t/** Sender address (e.g., \"noreply@acme.com\" or \"Acme <noreply@acme.com>\"). */\n\tfrom: string;\n\t/** Recipient address. */\n\tto: string;\n\t/** Email subject. */\n\tsubject: string;\n\t/** HTML body. */\n\thtml: string;\n\t/** Plain text body (fallback). */\n\ttext?: string;\n\t/** Reply-to address. */\n\treplyTo?: string;\n}\n\nexport interface EmailProviderCredentials {\n\t/** API key (used by Resend, SendGrid, Mailgun, Postmark). */\n\tapiKey?: string;\n\t/** AWS region (used by SES). */\n\tregion?: string;\n\t/** AWS access key ID (used by SES). */\n\taccessKeyId?: string;\n\t/** AWS secret access key (used by SES). */\n\tsecretAccessKey?: string;\n\t/** Mailgun domain (e.g., \"mg.example.com\"). */\n\tdomain?: string;\n}\n\nexport interface SendResult {\n\tsuccess: boolean;\n\tmessageId?: string;\n\terror?: string;\n}\n\n// ─── Provider Implementations ──────────────────────────────────────\n\nasync function sendViaResend(\n\tmsg: EmailMessage,\n\tcreds: EmailProviderCredentials,\n): Promise<SendResult> {\n\tif (!creds.apiKey) return { success: false, error: \"Resend API key not configured\" };\n\n\tconst res = await fetch(\"https://api.resend.com/emails\", {\n\t\tmethod: \"POST\",\n\t\theaders: {\n\t\t\tAuthorization: `Bearer ${creds.apiKey}`,\n\t\t\t\"Content-Type\": \"application/json\",\n\t\t},\n\t\tbody: JSON.stringify({\n\t\t\tfrom: msg.from,\n\t\t\tto: [msg.to],\n\t\t\tsubject: msg.subject,\n\t\t\thtml: msg.html,\n\t\t\ttext: msg.text,\n\t\t\treply_to: msg.replyTo,\n\t\t}),\n\t});\n\n\tif (res.ok) {\n\t\tconst data = (await res.json()) as { id?: string };\n\t\treturn { success: true, messageId: data.id };\n\t}\n\n\tconst err = await res.text();\n\treturn { success: false, error: `Resend ${res.status}: ${err}` };\n}\n\nasync function sendViaSendGrid(\n\tmsg: EmailMessage,\n\tcreds: EmailProviderCredentials,\n): Promise<SendResult> {\n\tif (!creds.apiKey) return { success: false, error: \"SendGrid API key not configured\" };\n\n\tconst res = await fetch(\"https://api.sendgrid.com/v3/mail/send\", {\n\t\tmethod: \"POST\",\n\t\theaders: {\n\t\t\tAuthorization: `Bearer ${creds.apiKey}`,\n\t\t\t\"Content-Type\": \"application/json\",\n\t\t},\n\t\tbody: JSON.stringify({\n\t\t\tpersonalizations: [{ to: [{ email: msg.to }] }],\n\t\t\tfrom: parseEmailAddress(msg.from),\n\t\t\tsubject: msg.subject,\n\t\t\tcontent: [\n\t\t\t\t...(msg.text ? [{ type: \"text/plain\", value: msg.text }] : []),\n\t\t\t\t{ type: \"text/html\", value: msg.html },\n\t\t\t],\n\t\t\t...(msg.replyTo ? { reply_to: parseEmailAddress(msg.replyTo) } : {}),\n\t\t}),\n\t});\n\n\tif (res.ok || res.status === 202) {\n\t\tconst messageId = res.headers.get(\"x-message-id\") ?? undefined;\n\t\treturn { success: true, messageId };\n\t}\n\n\tconst err = await res.text();\n\treturn { success: false, error: `SendGrid ${res.status}: ${err}` };\n}\n\nasync function sendViaMailgun(\n\tmsg: EmailMessage,\n\tcreds: EmailProviderCredentials,\n): Promise<SendResult> {\n\tif (!creds.apiKey) return { success: false, error: \"Mailgun API key not configured\" };\n\n\tconst domain = creds.domain ?? \"mg.example.com\";\n\tconst authHeader = `Basic ${btoa(`api:${creds.apiKey}`)}`;\n\n\tconst formData = new URLSearchParams();\n\tformData.append(\"from\", msg.from);\n\tformData.append(\"to\", msg.to);\n\tformData.append(\"subject\", msg.subject);\n\tformData.append(\"html\", msg.html);\n\tif (msg.text) formData.append(\"text\", msg.text);\n\tif (msg.replyTo) formData.append(\"h:Reply-To\", msg.replyTo);\n\n\tconst res = await fetch(`https://api.mailgun.net/v3/${domain}/messages`, {\n\t\tmethod: \"POST\",\n\t\theaders: {\n\t\t\tAuthorization: authHeader,\n\t\t\t\"Content-Type\": \"application/x-www-form-urlencoded\",\n\t\t},\n\t\tbody: formData.toString(),\n\t});\n\n\tif (res.ok) {\n\t\tconst data = (await res.json()) as { id?: string };\n\t\treturn { success: true, messageId: data.id };\n\t}\n\n\tconst err = await res.text();\n\treturn { success: false, error: `Mailgun ${res.status}: ${err}` };\n}\n\nasync function sendViaPostmark(\n\tmsg: EmailMessage,\n\tcreds: EmailProviderCredentials,\n): Promise<SendResult> {\n\tif (!creds.apiKey) return { success: false, error: \"Postmark server token not configured\" };\n\n\tconst res = await fetch(\"https://api.postmarkapp.com/email\", {\n\t\tmethod: \"POST\",\n\t\theaders: {\n\t\t\t\"X-Postmark-Server-Token\": creds.apiKey,\n\t\t\t\"Content-Type\": \"application/json\",\n\t\t\tAccept: \"application/json\",\n\t\t},\n\t\tbody: JSON.stringify({\n\t\t\tFrom: msg.from,\n\t\t\tTo: msg.to,\n\t\t\tSubject: msg.subject,\n\t\t\tHtmlBody: msg.html,\n\t\t\tTextBody: msg.text,\n\t\t\tReplyTo: msg.replyTo,\n\t\t\tMessageStream: \"outbound\",\n\t\t}),\n\t});\n\n\tif (res.ok) {\n\t\tconst data = (await res.json()) as { MessageID?: string };\n\t\treturn { success: true, messageId: data.MessageID };\n\t}\n\n\tconst err = await res.text();\n\treturn { success: false, error: `Postmark ${res.status}: ${err}` };\n}\n\nasync function sendViaSes(msg: EmailMessage, creds: EmailProviderCredentials): Promise<SendResult> {\n\t// SES v2 SendEmail via HTTP API using AWS Signature v4\n\t// For simplicity in edge runtimes, we use the SES v1 simple email format\n\t// via the query string API which is simpler to sign.\n\tif (!creds.accessKeyId || !creds.secretAccessKey) {\n\t\t// Fall back to using apiKey as a basic auth mechanism if SES is configured\n\t\t// with an SMTP-style credential via a gateway\n\t\tif (creds.apiKey) {\n\t\t\treturn sendViaSesSimple(msg, creds.apiKey, creds.region ?? \"us-east-1\");\n\t\t}\n\t\treturn { success: false, error: \"AWS SES credentials not configured\" };\n\t}\n\n\treturn sendViaSesSimple(\n\t\tmsg,\n\t\tcreds.accessKeyId,\n\t\tcreds.region ?? \"us-east-1\",\n\t\tcreds.secretAccessKey,\n\t);\n}\n\n/**\n * Simplified SES sending using the v2 SendEmail API.\n * Uses pre-signed requests with AWS Signature v4.\n */\nasync function sendViaSesSimple(\n\tmsg: EmailMessage,\n\taccessKeyId: string,\n\tregion: string,\n\tsecretAccessKey?: string,\n): Promise<SendResult> {\n\t// If no secret key, we can't sign the request properly\n\t// In this case, the apiKey field is treated as an SES SMTP password\n\t// and we use the SES v2 API with simple bearer auth (not standard, but\n\t// some SES gateways support this pattern)\n\tif (!secretAccessKey) {\n\t\treturn {\n\t\t\tsuccess: false,\n\t\t\terror:\n\t\t\t\t\"AWS SES requires both accessKeyId and secretAccessKey. Configure these in the email provider settings.\",\n\t\t};\n\t}\n\n\tconst endpoint = `https://email.${region}.amazonaws.com`;\n\tconst now = new Date();\n\tconst dateStamp = now.toISOString().replace(/[-:]/g, \"\").slice(0, 8);\n\tconst amzDate = now\n\t\t.toISOString()\n\t\t.replace(/[-:]/g, \"\")\n\t\t.replace(/\\.\\d{3}/, \"\");\n\n\t// Build the SES v2 SendEmail request body\n\tconst body = JSON.stringify({\n\t\tContent: {\n\t\t\tSimple: {\n\t\t\t\tSubject: { Data: msg.subject, Charset: \"UTF-8\" },\n\t\t\t\tBody: {\n\t\t\t\t\tHtml: { Data: msg.html, Charset: \"UTF-8\" },\n\t\t\t\t\t...(msg.text ? { Text: { Data: msg.text, Charset: \"UTF-8\" } } : {}),\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\t\tDestination: { ToAddresses: [msg.to] },\n\t\tFromEmailAddress: msg.from,\n\t\t...(msg.replyTo ? { ReplyToAddresses: [msg.replyTo] } : {}),\n\t});\n\n\t// AWS Signature v4 signing\n\tconst service = \"ses\";\n\tconst credentialScope = `${dateStamp}/${region}/${service}/aws4_request`;\n\n\tconst encoder = new TextEncoder();\n\n\tasync function hmac(key: ArrayBuffer | Uint8Array, data: string): Promise<ArrayBuffer> {\n\t\tconst cryptoKey = await crypto.subtle.importKey(\n\t\t\t\"raw\",\n\t\t\tkey instanceof ArrayBuffer ? new Uint8Array(key) : key,\n\t\t\t{ name: \"HMAC\", hash: \"SHA-256\" },\n\t\t\tfalse,\n\t\t\t[\"sign\"],\n\t\t);\n\t\treturn crypto.subtle.sign(\"HMAC\", cryptoKey, encoder.encode(data));\n\t}\n\n\tasync function sha256(data: string): Promise<string> {\n\t\tconst hash = await crypto.subtle.digest(\"SHA-256\", encoder.encode(data));\n\t\treturn Array.from(new Uint8Array(hash))\n\t\t\t.map((b) => b.toString(16).padStart(2, \"0\"))\n\t\t\t.join(\"\");\n\t}\n\n\tconst payloadHash = await sha256(body);\n\n\tconst canonicalHeaders = [\n\t\t\"content-type:application/json\",\n\t\t`host:email.${region}.amazonaws.com`,\n\t\t`x-amz-date:${amzDate}`,\n\t\t\"\",\n\t].join(\"\\n\");\n\n\tconst signedHeaders = \"content-type;host;x-amz-date\";\n\n\tconst canonicalRequest = [\n\t\t\"POST\",\n\t\t\"/v2/email/outbound-emails\",\n\t\t\"\",\n\t\tcanonicalHeaders,\n\t\tsignedHeaders,\n\t\tpayloadHash,\n\t].join(\"\\n\");\n\n\tconst canonicalRequestHash = await sha256(canonicalRequest);\n\n\tconst stringToSign = [\"AWS4-HMAC-SHA256\", amzDate, credentialScope, canonicalRequestHash].join(\n\t\t\"\\n\",\n\t);\n\n\t// Derive signing key\n\tconst kDate = await hmac(encoder.encode(`AWS4${secretAccessKey}`), dateStamp);\n\tconst kRegion = await hmac(kDate, region);\n\tconst kService = await hmac(kRegion, service);\n\tconst kSigning = await hmac(kService, \"aws4_request\");\n\tconst signatureBytes = await hmac(kSigning, stringToSign);\n\tconst signature = Array.from(new Uint8Array(signatureBytes))\n\t\t.map((b) => b.toString(16).padStart(2, \"0\"))\n\t\t.join(\"\");\n\n\tconst authorizationHeader = `AWS4-HMAC-SHA256 Credential=${accessKeyId}/${credentialScope}, SignedHeaders=${signedHeaders}, Signature=${signature}`;\n\n\tconst res = await fetch(`${endpoint}/v2/email/outbound-emails`, {\n\t\tmethod: \"POST\",\n\t\theaders: {\n\t\t\t\"Content-Type\": \"application/json\",\n\t\t\t\"X-Amz-Date\": amzDate,\n\t\t\tAuthorization: authorizationHeader,\n\t\t},\n\t\tbody,\n\t});\n\n\tif (res.ok) {\n\t\tconst data = (await res.json()) as { MessageId?: string };\n\t\treturn { success: true, messageId: data.MessageId };\n\t}\n\n\tconst err = await res.text();\n\treturn { success: false, error: `SES ${res.status}: ${err}` };\n}\n\n// ─── Helpers ───────────────────────────────────────────────────────\n\n/**\n * Parse \"Name <email>\" or \"email\" into { name, email } for SendGrid format.\n */\nfunction parseEmailAddress(address: string): { email: string; name?: string } {\n\tconst match = address.match(/^(.+?)\\s*<(.+)>$/);\n\tif (match?.[1] && match[2]) {\n\t\treturn { name: match[1].trim(), email: match[2].trim() };\n\t}\n\treturn { email: address.trim() };\n}\n\n// ─── Main Send Function ────────────────────────────────────────────\n\n/**\n * Send an email using the specified provider.\n *\n * This is the main entry point for sending emails. It dispatches to the\n * appropriate provider implementation based on the `provider` parameter.\n *\n * @example\n * ```ts\n * import { sendEmail } from \"@banata-auth/convex/plugins\";\n *\n * await sendEmail(\"resend\", {\n * from: \"noreply@acme.com\",\n * to: \"user@example.com\",\n * subject: \"Welcome!\",\n * html: \"<h1>Welcome</h1>\",\n * }, {\n * apiKey: \"re_xxxxx\",\n * });\n * ```\n */\nexport async function sendEmail(\n\tprovider: EmailProviderId,\n\tmessage: EmailMessage,\n\tcredentials: EmailProviderCredentials,\n): Promise<SendResult> {\n\tswitch (provider) {\n\t\tcase \"resend\":\n\t\t\treturn sendViaResend(message, credentials);\n\t\tcase \"sendgrid\":\n\t\t\treturn sendViaSendGrid(message, credentials);\n\t\tcase \"ses\":\n\t\t\treturn sendViaSes(message, credentials);\n\t\tcase \"mailgun\":\n\t\t\treturn sendViaMailgun(message, credentials);\n\t\tcase \"postmark\":\n\t\t\treturn sendViaPostmark(message, credentials);\n\t\tdefault: {\n\t\t\tconst _exhaustive: never = provider;\n\t\t\treturn {\n\t\t\t\tsuccess: false,\n\t\t\t\terror: `Unknown email provider: ${_exhaustive as string}`,\n\t\t\t};\n\t\t}\n\t}\n}\n\n/**\n * Validate that the required credentials are present for a given provider.\n */\nexport function validateCredentials(\n\tprovider: EmailProviderId,\n\tcredentials: EmailProviderCredentials,\n): { valid: boolean; missing: string[] } {\n\tconst missing: string[] = [];\n\n\tswitch (provider) {\n\t\tcase \"resend\":\n\t\tcase \"sendgrid\":\n\t\tcase \"postmark\":\n\t\t\tif (!credentials.apiKey) missing.push(\"apiKey\");\n\t\t\tbreak;\n\t\tcase \"mailgun\":\n\t\t\tif (!credentials.apiKey) missing.push(\"apiKey\");\n\t\t\tif (!credentials.domain) missing.push(\"domain\");\n\t\t\tbreak;\n\t\tcase \"ses\":\n\t\t\tif (!credentials.accessKeyId) missing.push(\"accessKeyId\");\n\t\t\tif (!credentials.secretAccessKey) missing.push(\"secretAccessKey\");\n\t\t\tbreak;\n\t}\n\n\treturn { valid: missing.length === 0, missing };\n}\n","/**\n * Built-in email templates for Banata Auth.\n *\n * Server-renderable HTML email templates designed for maximum email client\n * compatibility. Uses inline styles and table-based layouts (the email\n * industry standard) for consistent rendering across Gmail, Outlook,\n * Apple Mail, Yahoo Mail, and others.\n *\n * Templates are parameterized with branding (colors, logo, app name)\n * and can be overridden per-template via the dashboard.\n *\n * The visual design follows React Email / Resend conventions:\n * - Clean, minimal layout\n * - Centered card with subtle border\n * - Primary-colored CTA button\n * - Muted footer with legal text\n */\n\n// ─── Branding ──────────────────────────────────────────────────────\n\nexport interface EmailBranding {\n\t/** Application name displayed in the email header. */\n\tappName: string;\n\t/** Primary color for buttons and accents (hex). */\n\tprimaryColor: string;\n\t/** Background color of the email body (hex). */\n\tbgColor: string;\n\t/** Logo URL (optional, displayed above the heading). */\n\tlogoUrl?: string;\n\t/** Border radius for buttons in pixels. */\n\tborderRadius: number;\n\t/** Font family stack (full CSS value). */\n\tfontFamily: string;\n\t/** Whether dark mode is enabled. Affects card/text colors. */\n\tdarkMode: boolean;\n\t/** Custom CSS to inject into a <style> block in the email. */\n\tcustomCss?: string;\n}\n\nconst DEFAULT_BRANDING: EmailBranding = {\n\tappName: \"Banata Auth\",\n\tprimaryColor: \"#6366f1\",\n\tbgColor: \"#f8fafc\",\n\tborderRadius: 8,\n\tfontFamily:\n\t\t'-apple-system, BlinkMacSystemFont, \"Segoe UI\", Roboto, \"Helvetica Neue\", Arial, sans-serif',\n\tdarkMode: false,\n};\n\n/**\n * Map a short font name (stored in DB) to a full CSS font-family stack.\n */\nexport function fontNameToStack(font: string | null | undefined): string | undefined {\n\tswitch (font) {\n\t\tcase \"inter\":\n\t\t\treturn '\"Inter\", -apple-system, BlinkMacSystemFont, \"Segoe UI\", Roboto, sans-serif';\n\t\tcase \"system\":\n\t\t\treturn '-apple-system, BlinkMacSystemFont, \"Segoe UI\", Roboto, \"Helvetica Neue\", Arial, sans-serif';\n\t\tcase \"roboto\":\n\t\t\treturn '\"Roboto\", -apple-system, BlinkMacSystemFont, \"Segoe UI\", sans-serif';\n\t\tcase \"open-sans\":\n\t\t\treturn '\"Open Sans\", -apple-system, BlinkMacSystemFont, \"Segoe UI\", Roboto, sans-serif';\n\t\tcase \"lato\":\n\t\t\treturn '\"Lato\", -apple-system, BlinkMacSystemFont, \"Segoe UI\", Roboto, sans-serif';\n\t\tcase \"poppins\":\n\t\t\treturn '\"Poppins\", -apple-system, BlinkMacSystemFont, \"Segoe UI\", Roboto, sans-serif';\n\t\tdefault:\n\t\t\treturn undefined;\n\t}\n}\n\n// ─── Template Types ────────────────────────────────────────────────\n\nexport type EmailTemplateType =\n\t| \"verification\"\n\t| \"password-reset\"\n\t| \"magic-link\"\n\t| \"email-otp\"\n\t| \"invitation\"\n\t| \"welcome\";\n\nexport interface VerificationEmailData {\n\ttype: \"verification\";\n\tuserName: string;\n\tverificationUrl: string;\n\ttoken: string;\n}\n\nexport interface PasswordResetEmailData {\n\ttype: \"password-reset\";\n\tuserName: string;\n\tresetUrl: string;\n\ttoken: string;\n}\n\nexport interface MagicLinkEmailData {\n\ttype: \"magic-link\";\n\temail: string;\n\tmagicLinkUrl: string;\n\ttoken: string;\n}\n\nexport interface EmailOtpData {\n\ttype: \"email-otp\";\n\temail: string;\n\totp: string;\n}\n\nexport interface InvitationEmailData {\n\ttype: \"invitation\";\n\temail: string;\n\tinvitationId: string;\n\torganizationName: string;\n\tinviterName: string;\n\t/** If the consumer provides a URL builder, we can include a direct link. */\n\tacceptUrl?: string;\n}\n\nexport interface WelcomeEmailData {\n\ttype: \"welcome\";\n\tuserName: string;\n\t/** URL to the app dashboard or getting-started page. */\n\tdashboardUrl?: string;\n}\n\nexport type EmailData =\n\t| VerificationEmailData\n\t| PasswordResetEmailData\n\t| MagicLinkEmailData\n\t| EmailOtpData\n\t| InvitationEmailData\n\t| WelcomeEmailData;\n\n// ─── Rendered Email ────────────────────────────────────────────────\n\nexport interface RenderedEmail {\n\tsubject: string;\n\thtml: string;\n\ttext: string;\n}\n\n// ─── HTML Helpers ──────────────────────────────────────────────────\n\nfunction esc(str: string): string {\n\treturn str\n\t\t.replace(/&/g, \"&amp;\")\n\t\t.replace(/</g, \"&lt;\")\n\t\t.replace(/>/g, \"&gt;\")\n\t\t.replace(/\"/g, \"&quot;\")\n\t\t.replace(/'/g, \"&#x27;\");\n}\n\nfunction layout(b: EmailBranding, content: string): string {\n\tconst logo = b.logoUrl\n\t\t? `<img src=\"${esc(b.logoUrl)}\" alt=\"${esc(b.appName)}\" width=\"48\" height=\"48\" style=\"display:block;margin:0 auto 16px;border-radius:8px;\" />`\n\t\t: \"\";\n\n\t// Dark / light palette for the card and text\n\tconst cardBg = b.darkMode ? \"#1a1a2e\" : \"#ffffff\";\n\tconst cardBorder = b.darkMode ? \"#2a2a3e\" : \"#e2e8f0\";\n\tconst footerColor = b.darkMode ? \"#64748b\" : \"#94a3b8\";\n\tconst colorScheme = b.darkMode ? \"dark\" : \"light\";\n\n\t// Custom CSS block (sanitized at save-time by the dashboard)\n\tconst customStyleBlock = b.customCss ? `<style>${b.customCss}</style>` : \"\";\n\n\treturn [\n\t\t\"<!DOCTYPE html>\",\n\t\t'<html lang=\"en\">',\n\t\t\"<head>\",\n\t\t'<meta charset=\"utf-8\" />',\n\t\t'<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\" />',\n\t\t`<meta name=\"color-scheme\" content=\"${colorScheme}\" />`,\n\t\t`<meta name=\"supported-color-schemes\" content=\"${colorScheme}\" />`,\n\t\t`<title>${esc(b.appName)}</title>`,\n\t\t\"<!--[if mso]>\",\n\t\t\"<style>table,td,div,p,a{font-family:Arial,sans-serif;}</style>\",\n\t\t\"<![endif]-->\",\n\t\tcustomStyleBlock,\n\t\t\"</head>\",\n\t\t`<body style=\"margin:0;padding:0;background-color:${b.bgColor};font-family:${b.fontFamily};-webkit-font-smoothing:antialiased;\">`,\n\t\t`<table role=\"presentation\" width=\"100%\" cellpadding=\"0\" cellspacing=\"0\" style=\"background-color:${b.bgColor};\">`,\n\t\t\"<tr>\",\n\t\t'<td align=\"center\" style=\"padding:40px 16px;\">',\n\t\t'<table role=\"presentation\" width=\"100%\" cellpadding=\"0\" cellspacing=\"0\" style=\"max-width:480px;margin:0 auto;\">',\n\t\t\"<tr>\",\n\t\t`<td style=\"padding:32px;background-color:${cardBg};border:1px solid ${cardBorder};border-radius:12px;\">`,\n\t\tlogo,\n\t\tcontent,\n\t\t\"</td>\",\n\t\t\"</tr>\",\n\t\t\"<tr>\",\n\t\t'<td style=\"padding:24px 0 0;text-align:center;\">',\n\t\t`<p style=\"margin:0;font-size:12px;line-height:1.5;color:${footerColor};\">`,\n\t\t`This email was sent by ${esc(b.appName)}.`,\n\t\t\"If you didn't expect this email, you can safely ignore it.\",\n\t\t\"</p>\",\n\t\t\"</td>\",\n\t\t\"</tr>\",\n\t\t\"</table>\",\n\t\t\"</td>\",\n\t\t\"</tr>\",\n\t\t\"</table>\",\n\t\t\"</body>\",\n\t\t\"</html>\",\n\t].join(\"\\n\");\n}\n\nfunction btn(label: string, url: string, b: EmailBranding): string {\n\tconst arc = Math.round((b.borderRadius / 44) * 100);\n\treturn [\n\t\t'<table role=\"presentation\" width=\"100%\" cellpadding=\"0\" cellspacing=\"0\" style=\"margin:24px 0;\">',\n\t\t\"<tr>\",\n\t\t'<td align=\"center\">',\n\t\t\"<!--[if mso]>\",\n\t\t`<v:roundrect xmlns:v=\"urn:schemas-microsoft-com:vml\" href=\"${esc(url)}\" style=\"height:44px;v-text-anchor:middle;width:200px;\" arcsize=\"${arc}%\" fillcolor=\"${b.primaryColor}\">`,\n\t\t`<center style=\"color:#ffffff;font-family:Arial,sans-serif;font-size:14px;font-weight:600;\">${esc(label)}</center>`,\n\t\t\"</v:roundrect>\",\n\t\t\"<![endif]-->\",\n\t\t\"<!--[if !mso]><!-->\",\n\t\t`<a href=\"${esc(url)}\" target=\"_blank\" style=\"display:inline-block;padding:12px 32px;background-color:${b.primaryColor};color:#ffffff;font-size:14px;font-weight:600;text-decoration:none;border-radius:${b.borderRadius}px;line-height:1.2;\">`,\n\t\tesc(label),\n\t\t\"</a>\",\n\t\t\"<!--<![endif]-->\",\n\t\t\"</td>\",\n\t\t\"</tr>\",\n\t\t\"</table>\",\n\t].join(\"\\n\");\n}\n\nfunction h1(text: string, dark = false): string {\n\tconst color = dark ? \"#e2e8f0\" : \"#0f172a\";\n\treturn `<h1 style=\"margin:0 0 8px;font-size:22px;font-weight:700;color:${color};text-align:center;line-height:1.3;\">${esc(text)}</h1>`;\n}\n\nfunction p(html: string, dark = false): string {\n\tconst color = dark ? \"#94a3b8\" : \"#475569\";\n\treturn `<p style=\"margin:0 0 16px;font-size:14px;line-height:1.6;color:${color};\">${html}</p>`;\n}\n\nfunction code(value: string, dark = false): string {\n\tconst codeBg = dark ? \"#1e293b\" : \"#f1f5f9\";\n\tconst codeBorder = dark ? \"#334155\" : \"#e2e8f0\";\n\tconst codeColor = dark ? \"#e2e8f0\" : \"#0f172a\";\n\treturn [\n\t\t'<table role=\"presentation\" width=\"100%\" cellpadding=\"0\" cellspacing=\"0\" style=\"margin:24px 0;\">',\n\t\t\"<tr>\",\n\t\t'<td align=\"center\">',\n\t\t`<div style=\"display:inline-block;padding:16px 32px;background-color:${codeBg};border:1px solid ${codeBorder};border-radius:8px;font-family:'Courier New',monospace;font-size:28px;font-weight:700;letter-spacing:6px;color:${codeColor};\">`,\n\t\tesc(value),\n\t\t\"</div>\",\n\t\t\"</td>\",\n\t\t\"</tr>\",\n\t\t\"</table>\",\n\t].join(\"\\n\");\n}\n\nfunction hr(dark = false): string {\n\tconst color = dark ? \"#334155\" : \"#e2e8f0\";\n\treturn `<hr style=\"margin:24px 0;border:none;border-top:1px solid ${color};\" />`;\n}\n\nfunction urlFallback(url: string, b: EmailBranding): string {\n\treturn `<p style=\"margin:0;font-size:12px;color:${b.primaryColor};word-break:break-all;\">${esc(url)}</p>`;\n}\n\nfunction muted(text: string, dark = false): string {\n\tconst color = dark ? \"#64748b\" : \"#94a3b8\";\n\treturn p(`<span style=\"font-size:12px;color:${color};\">${text}</span>`, dark);\n}\n\n// ─── Plaintext Builder ─────────────────────────────────────────────\n\nfunction txt(lines: string[]): string {\n\treturn lines.join(\"\\n\");\n}\n\n// ─── Template Renderers ────────────────────────────────────────────\n\nfunction renderVerification(d: VerificationEmailData, b: EmailBranding): RenderedEmail {\n\tconst subject = `Verify your email \\u2014 ${b.appName}`;\n\tconst dk = b.darkMode;\n\n\tconst html = layout(\n\t\tb,\n\t\t[\n\t\t\th1(\"Verify your email address\", dk),\n\t\t\tp(`Hi ${esc(d.userName)},`, dk),\n\t\t\tp(\n\t\t\t\t\"Thanks for signing up! Please verify your email address by clicking the button below.\",\n\t\t\t\tdk,\n\t\t\t),\n\t\t\tbtn(\"Verify Email\", d.verificationUrl, b),\n\t\t\thr(dk),\n\t\t\tmuted(\"If the button doesn't work, copy and paste this URL into your browser:\", dk),\n\t\t\turlFallback(d.verificationUrl, b),\n\t\t].join(\"\\n\"),\n\t);\n\n\tconst text = txt([\n\t\t\"Verify your email address\",\n\t\t\"\",\n\t\t`Hi ${d.userName},`,\n\t\t\"\",\n\t\t\"Thanks for signing up! Please verify your email address by visiting:\",\n\t\td.verificationUrl,\n\t\t\"\",\n\t\t`\\u2014 ${b.appName}`,\n\t]);\n\n\treturn { subject, html, text };\n}\n\nfunction renderPasswordReset(d: PasswordResetEmailData, b: EmailBranding): RenderedEmail {\n\tconst subject = `Reset your password \\u2014 ${b.appName}`;\n\tconst dk = b.darkMode;\n\n\tconst html = layout(\n\t\tb,\n\t\t[\n\t\t\th1(\"Reset your password\", dk),\n\t\t\tp(`Hi ${esc(d.userName)},`, dk),\n\t\t\tp(\n\t\t\t\t\"We received a request to reset your password. Click the button below to choose a new password.\",\n\t\t\t\tdk,\n\t\t\t),\n\t\t\tbtn(\"Reset Password\", d.resetUrl, b),\n\t\t\thr(dk),\n\t\t\tmuted(\n\t\t\t\t\"This link expires in 1 hour. If you didn't request a password reset, you can safely ignore this email.\",\n\t\t\t\tdk,\n\t\t\t),\n\t\t\turlFallback(d.resetUrl, b),\n\t\t].join(\"\\n\"),\n\t);\n\n\tconst text = txt([\n\t\t\"Reset your password\",\n\t\t\"\",\n\t\t`Hi ${d.userName},`,\n\t\t\"\",\n\t\t\"We received a request to reset your password. Visit this link:\",\n\t\td.resetUrl,\n\t\t\"\",\n\t\t\"This link expires in 1 hour.\",\n\t\t\"If you didn't request this, you can safely ignore this email.\",\n\t\t\"\",\n\t\t`\\u2014 ${b.appName}`,\n\t]);\n\n\treturn { subject, html, text };\n}\n\nfunction renderMagicLink(d: MagicLinkEmailData, b: EmailBranding): RenderedEmail {\n\tconst subject = `Sign in to ${b.appName}`;\n\tconst dk = b.darkMode;\n\n\tconst html = layout(\n\t\tb,\n\t\t[\n\t\t\th1(\"Sign in to your account\", dk),\n\t\t\tp(\"Hi there,\", dk),\n\t\t\tp(\"Click the button below to sign in to your account. This link expires in 10 minutes.\", dk),\n\t\t\tbtn(\"Sign In\", d.magicLinkUrl, b),\n\t\t\thr(dk),\n\t\t\tmuted(\"If you didn't request this link, you can safely ignore this email.\", dk),\n\t\t\turlFallback(d.magicLinkUrl, b),\n\t\t].join(\"\\n\"),\n\t);\n\n\tconst text = txt([\n\t\t\"Sign in to your account\",\n\t\t\"\",\n\t\t\"Click this link to sign in (expires in 10 minutes):\",\n\t\td.magicLinkUrl,\n\t\t\"\",\n\t\t\"If you didn't request this, you can safely ignore this email.\",\n\t\t\"\",\n\t\t`\\u2014 ${b.appName}`,\n\t]);\n\n\treturn { subject, html, text };\n}\n\nfunction renderEmailOtp(d: EmailOtpData, b: EmailBranding): RenderedEmail {\n\tconst subject = `${d.otp} is your verification code \\u2014 ${b.appName}`;\n\tconst dk = b.darkMode;\n\n\tconst html = layout(\n\t\tb,\n\t\t[\n\t\t\th1(\"Your verification code\", dk),\n\t\t\tp(\"Use the code below to verify your identity. It expires in 10 minutes.\", dk),\n\t\t\tcode(d.otp, dk),\n\t\t\thr(dk),\n\t\t\tmuted(\n\t\t\t\t\"If you didn't request this code, you can safely ignore this email. Never share this code with anyone.\",\n\t\t\t\tdk,\n\t\t\t),\n\t\t].join(\"\\n\"),\n\t);\n\n\tconst text = txt([\n\t\t\"Your verification code\",\n\t\t\"\",\n\t\t`Your code: ${d.otp}`,\n\t\t\"\",\n\t\t\"This code expires in 10 minutes.\",\n\t\t\"If you didn't request this, you can safely ignore this email.\",\n\t\t\"\",\n\t\t`\\u2014 ${b.appName}`,\n\t]);\n\n\treturn { subject, html, text };\n}\n\nfunction renderInvitation(d: InvitationEmailData, b: EmailBranding): RenderedEmail {\n\tconst subject = `${d.inviterName} invited you to ${d.organizationName} \\u2014 ${b.appName}`;\n\tconst dk = b.darkMode;\n\tconst codeBg = dk ? \"#1e293b\" : \"#f1f5f9\";\n\n\tconst parts: string[] = [\n\t\th1(\"You've been invited\", dk),\n\t\tp(\n\t\t\t`<strong>${esc(d.inviterName)}</strong> has invited you to join <strong>${esc(d.organizationName)}</strong> on ${esc(b.appName)}.`,\n\t\t\tdk,\n\t\t),\n\t];\n\n\tif (d.acceptUrl) {\n\t\tparts.push(btn(\"Accept Invitation\", d.acceptUrl, b));\n\t\tparts.push(hr(dk));\n\t\tparts.push(urlFallback(d.acceptUrl, b));\n\t} else {\n\t\tparts.push(\n\t\t\tmuted(\n\t\t\t\t`Invitation ID: <code style=\"font-family:'Courier New',monospace;background:${codeBg};padding:2px 6px;border-radius:4px;\">${esc(d.invitationId)}</code>`,\n\t\t\t\tdk,\n\t\t\t),\n\t\t);\n\t}\n\n\tconst html = layout(b, parts.join(\"\\n\"));\n\n\tconst textLines = [\n\t\t\"You've been invited\",\n\t\t\"\",\n\t\t`${d.inviterName} has invited you to join ${d.organizationName} on ${b.appName}.`,\n\t\t\"\",\n\t];\n\tif (d.acceptUrl) {\n\t\ttextLines.push(`Accept the invitation: ${d.acceptUrl}`);\n\t} else {\n\t\ttextLines.push(`Invitation ID: ${d.invitationId}`);\n\t}\n\ttextLines.push(\"\", `\\u2014 ${b.appName}`);\n\n\treturn { subject, html, text: txt(textLines) };\n}\n\nfunction renderWelcome(d: WelcomeEmailData, b: EmailBranding): RenderedEmail {\n\tconst subject = `Welcome to ${b.appName}`;\n\tconst dk = b.darkMode;\n\n\tconst parts: string[] = [\n\t\th1(`Welcome to ${esc(b.appName)}`, dk),\n\t\tp(`Hi ${esc(d.userName)},`, dk),\n\t\tp(\"Your account has been created successfully. You're all set to get started.\", dk),\n\t];\n\n\tif (d.dashboardUrl) {\n\t\tparts.push(btn(\"Go to Dashboard\", d.dashboardUrl, b));\n\t}\n\n\tparts.push(hr(dk));\n\tparts.push(muted(\"If you didn't create this account, please contact support.\", dk));\n\n\tconst html = layout(b, parts.join(\"\\n\"));\n\n\tconst textLines = [\n\t\t`Welcome to ${b.appName}`,\n\t\t\"\",\n\t\t`Hi ${d.userName},`,\n\t\t\"\",\n\t\t\"Your account has been created successfully.\",\n\t];\n\tif (d.dashboardUrl) {\n\t\ttextLines.push(`Get started: ${d.dashboardUrl}`);\n\t}\n\ttextLines.push(\"\", `\\u2014 ${b.appName}`);\n\n\treturn { subject, html, text: txt(textLines) };\n}\n\n// ─── Main Render Function ──────────────────────────────────────────\n\n/**\n * Render an email template with the given data and branding.\n *\n * Can be called from:\n * - The Convex auth plugin (automatic sending on auth events)\n * - The SDK (`banataAuth.emails.send(...)`)\n * - The dashboard (template preview)\n *\n * @param data - The email data (type-discriminated union)\n * @param brandingOverrides - Partial branding, merged with defaults\n * @returns The rendered email with subject, HTML, and plain text\n */\nexport function renderEmail(\n\tdata: EmailData,\n\tbrandingOverrides?: Partial<EmailBranding>,\n): RenderedEmail {\n\tconst branding: EmailBranding = { ...DEFAULT_BRANDING, ...brandingOverrides };\n\n\tswitch (data.type) {\n\t\tcase \"verification\":\n\t\t\treturn renderVerification(data, branding);\n\t\tcase \"password-reset\":\n\t\t\treturn renderPasswordReset(data, branding);\n\t\tcase \"magic-link\":\n\t\t\treturn renderMagicLink(data, branding);\n\t\tcase \"email-otp\":\n\t\t\treturn renderEmailOtp(data, branding);\n\t\tcase \"invitation\":\n\t\t\treturn renderInvitation(data, branding);\n\t\tcase \"welcome\":\n\t\t\treturn renderWelcome(data, branding);\n\t\tdefault: {\n\t\t\tconst _exhaustive: never = data;\n\t\t\tthrow new Error(`Unknown email template type: ${(_exhaustive as EmailData).type}`);\n\t\t}\n\t}\n}\n\n/**\n * Get the subject line for a given email template type.\n * Useful for the dashboard template preview.\n */\nexport function getTemplateSubject(type: EmailTemplateType, appName = \"Banata Auth\"): string {\n\tswitch (type) {\n\t\tcase \"verification\":\n\t\t\treturn `Verify your email \\u2014 ${appName}`;\n\t\tcase \"password-reset\":\n\t\t\treturn `Reset your password \\u2014 ${appName}`;\n\t\tcase \"magic-link\":\n\t\t\treturn `Sign in to ${appName}`;\n\t\tcase \"email-otp\":\n\t\t\treturn `Your verification code \\u2014 ${appName}`;\n\t\tcase \"invitation\":\n\t\t\treturn `You've been invited \\u2014 ${appName}`;\n\t\tcase \"welcome\":\n\t\t\treturn `Welcome to ${appName}`;\n\t}\n}\n\n/**\n * Generate preview data for a template type.\n * Used by the dashboard template preview and the SDK.\n */\nexport function getPreviewData(type: EmailTemplateType): EmailData {\n\tswitch (type) {\n\t\tcase \"verification\":\n\t\t\treturn {\n\t\t\t\ttype: \"verification\",\n\t\t\t\tuserName: \"Jane Doe\",\n\t\t\t\tverificationUrl: \"https://app.example.com/verify?token=abc123\",\n\t\t\t\ttoken: \"abc123\",\n\t\t\t};\n\t\tcase \"password-reset\":\n\t\t\treturn {\n\t\t\t\ttype: \"password-reset\",\n\t\t\t\tuserName: \"Jane Doe\",\n\t\t\t\tresetUrl: \"https://app.example.com/reset-password?token=xyz789\",\n\t\t\t\ttoken: \"xyz789\",\n\t\t\t};\n\t\tcase \"magic-link\":\n\t\t\treturn {\n\t\t\t\ttype: \"magic-link\",\n\t\t\t\temail: \"jane@example.com\",\n\t\t\t\tmagicLinkUrl: \"https://app.example.com/auth/magic?token=mlk456\",\n\t\t\t\ttoken: \"mlk456\",\n\t\t\t};\n\t\tcase \"email-otp\":\n\t\t\treturn {\n\t\t\t\ttype: \"email-otp\",\n\t\t\t\temail: \"jane@example.com\",\n\t\t\t\totp: \"847291\",\n\t\t\t};\n\t\tcase \"invitation\":\n\t\t\treturn {\n\t\t\t\ttype: \"invitation\",\n\t\t\t\temail: \"jane@example.com\",\n\t\t\t\tinvitationId: \"inv_abc123\",\n\t\t\t\torganizationName: \"Acme Corp\",\n\t\t\t\tinviterName: \"John Smith\",\n\t\t\t\tacceptUrl: \"https://app.example.com/invite/accept?id=inv_abc123\",\n\t\t\t};\n\t\tcase \"welcome\":\n\t\t\treturn {\n\t\t\t\ttype: \"welcome\",\n\t\t\t\tuserName: \"Jane Doe\",\n\t\t\t\tdashboardUrl: \"https://app.example.com/dashboard\",\n\t\t\t};\n\t}\n}\n","/**\n * Built-in email plugin for Banata Auth.\n *\n * Provides automatic email sending on auth events (verification,\n * password reset, magic link, OTP, invitation, welcome) using the\n * provider and credentials configured through the dashboard.\n *\n * The plugin:\n * 1. Reads the active email provider + API key from the DB (set via dashboard)\n * 2. Reads branding config from the DB (colors, logo, app name)\n * 3. Renders built-in HTML email templates with the branding\n * 4. Sends via the configured provider's HTTP API (no Node.js SDKs)\n *\n * Consumer callbacks (in BanataAuthEmailConfig) still work as overrides:\n * if a consumer provides e.g. `sendVerificationEmail`, it takes priority\n * over the built-in sending for that email type.\n *\n * Also exposes API endpoints for the SDK and dashboard:\n * - POST /banata/emails/send — SDK-driven email sending\n * - POST /banata/emails/preview — Template preview for dashboard\n * - POST /banata/test-email — Send test email\n */\n\nimport type { BetterAuthPlugin } from \"better-auth\";\nimport { createAuthEndpoint } from \"better-auth/api\";\nimport { z } from \"zod\";\nimport {\n\ttype EmailProviderId,\n\ttype EmailProviderCredentials as SenderCredentials,\n\tsendEmail,\n\tvalidateCredentials,\n} from \"./email-sender\";\nimport {\n\ttype EmailBranding,\n\ttype EmailData,\n\ttype EmailTemplateType,\n\tfontNameToStack,\n\tgetPreviewData,\n\trenderEmail,\n} from \"./email-templates\";\nimport {\n\ttype BrandingConfigRow,\n\ttype EmailProviderConfigRow,\n\ttype EmailTemplateRow,\n\ttype PluginDBAdapter,\n\ttype WhereClause,\n\tgetProjectScope,\n\tprojectScopeSchema,\n\trequireProjectPermission,\n} from \"./types\";\n\n// ─── Types ─────────────────────────────────────────────────────────\n\n/** Shape of the emailProviderConfig JSON blob. */\ninterface ProviderConfigJson {\n\tproviders: Record<\n\t\tstring,\n\t\t{\n\t\t\tenabled?: boolean;\n\t\t\tapiKey?: string;\n\t\t\tdomain?: string;\n\t\t\tregion?: string;\n\t\t\taccessKeyId?: string;\n\t\t\tsecretAccessKey?: string;\n\t\t}\n\t>;\n\tactiveProvider: string | null;\n}\n\n/** Options for the banataEmail plugin. */\nexport interface BanataEmailOptions {\n\t/**\n\t * Default \"from\" address for all outgoing emails.\n\t * Can include a name: \"Acme <noreply@acme.com>\"\n\t */\n\tfromAddress?: string;\n\n\t/**\n\t * Default \"reply-to\" address for outgoing emails.\n\t */\n\treplyTo?: string;\n\n\t/**\n\t * Application name used in email templates.\n\t * Falls back to branding config, then \"Banata Auth\".\n\t */\n\tappName?: string;\n}\n\n// ─── Zod Schemas ───────────────────────────────────────────────────\n\nconst builtInTemplateEnum = z.enum([\n\t\"verification\",\n\t\"password-reset\",\n\t\"magic-link\",\n\t\"email-otp\",\n\t\"invitation\",\n\t\"welcome\",\n]);\n\nconst sendEmailSchema = z\n\t.object({\n\t\tto: z.string(),\n\t\t/** Either a built-in template type or a custom template slug. */\n\t\ttemplate: z.string(),\n\t\tdata: z.record(z.unknown()),\n\t})\n\t.merge(projectScopeSchema);\n\nconst previewEmailSchema = z\n\t.object({\n\t\ttemplate: z.string(),\n\t\tdata: z.record(z.unknown()).optional(),\n\t})\n\t.merge(projectScopeSchema);\n\nconst testEmailSchema = z\n\t.object({\n\t\tto: z.string(),\n\t\ttemplate: z.string().optional(),\n\t})\n\t.merge(projectScopeSchema);\n\n// Template CRUD schemas\nconst templateCategoryEnum = z.enum([\n\t\"auth\",\n\t\"marketing\",\n\t\"transactional\",\n\t\"onboarding\",\n\t\"notification\",\n\t\"custom\",\n]);\n\nconst createTemplateSchema = z\n\t.object({\n\t\tname: z.string().min(1).max(200),\n\t\tslug: z.string().min(1).max(200),\n\t\tsubject: z.string().min(1).max(500),\n\t\tpreviewText: z.string().max(200).optional(),\n\t\tcategory: templateCategoryEnum,\n\t\tdescription: z.string().max(1000).optional(),\n\t\tblocksJson: z.string(),\n\t\tvariablesJson: z.string().optional(),\n\t\tbuiltIn: z.boolean().optional(),\n\t\tbuiltInType: builtInTemplateEnum.optional(),\n\t})\n\t.merge(projectScopeSchema);\n\nconst updateTemplateSchema = z\n\t.object({\n\t\tid: z.string(),\n\t\tname: z.string().min(1).max(200).optional(),\n\t\tslug: z.string().min(1).max(200).optional(),\n\t\tsubject: z.string().min(1).max(500).optional(),\n\t\tpreviewText: z.string().max(200).optional(),\n\t\tcategory: templateCategoryEnum.optional(),\n\t\tdescription: z.string().max(1000).optional(),\n\t\tblocksJson: z.string().optional(),\n\t\tvariablesJson: z.string().optional(),\n\t})\n\t.merge(projectScopeSchema);\n\nconst deleteTemplateSchema = z\n\t.object({\n\t\tid: z.string(),\n\t})\n\t.merge(projectScopeSchema);\n\nconst getTemplateSchema = z\n\t.object({\n\t\t/** Either an ID or a slug. */\n\t\tidOrSlug: z.string(),\n\t})\n\t.merge(projectScopeSchema);\n\nconst listTemplatesSchema = z\n\t.object({\n\t\tcategory: templateCategoryEnum.optional(),\n\t\tlimit: z.number().int().min(1).max(100).optional(),\n\t})\n\t.merge(projectScopeSchema);\n\n// ─── Helper: Load Provider Config from DB ──────────────────────────\n\nasync function loadProviderConfig(\n\tdb: PluginDBAdapter,\n\tscopeWhere?: WhereClause[],\n): Promise<{ provider: EmailProviderId; credentials: SenderCredentials } | null> {\n\tconst rows = await db.findMany<EmailProviderConfigRow>({\n\t\tmodel: \"emailProviderConfig\",\n\t\twhere: scopeWhere ?? [],\n\t\tlimit: 1,\n\t});\n\n\tif (rows.length === 0 || !rows[0]?.configJson) return null;\n\n\tlet config: ProviderConfigJson;\n\ttry {\n\t\tconfig = JSON.parse(rows[0].configJson) as ProviderConfigJson;\n\t} catch {\n\t\treturn null;\n\t}\n\n\tconst activeId = config.activeProvider;\n\tif (!activeId) return null;\n\n\tconst providerConfig = config.providers[activeId];\n\tif (!providerConfig?.enabled || !providerConfig.apiKey) return null;\n\n\tconst credentials: SenderCredentials = {\n\t\tapiKey: providerConfig.apiKey,\n\t\tdomain: providerConfig.domain,\n\t\tregion: providerConfig.region,\n\t\taccessKeyId: providerConfig.accessKeyId,\n\t\tsecretAccessKey: providerConfig.secretAccessKey,\n\t};\n\n\tconst validation = validateCredentials(activeId as EmailProviderId, credentials);\n\tif (!validation.valid) return null;\n\n\treturn { provider: activeId as EmailProviderId, credentials };\n}\n\n// ─── Helper: Load Branding from DB ─────────────────────────────────\n\nasync function loadBranding(\n\tdb: PluginDBAdapter,\n\tscopeWhere?: WhereClause[],\n): Promise<Partial<EmailBranding>> {\n\tconst rows = await db.findMany<BrandingConfigRow>({\n\t\tmodel: \"brandingConfig\",\n\t\twhere: scopeWhere ?? [],\n\t\tlimit: 1,\n\t});\n\n\tif (rows.length === 0 || !rows[0]) return {};\n\n\tconst row = rows[0];\n\treturn {\n\t\tprimaryColor: row.primaryColor ?? undefined,\n\t\tbgColor: row.bgColor ?? undefined,\n\t\tborderRadius: row.borderRadius ?? undefined,\n\t\tlogoUrl: row.logoUrl ?? undefined,\n\t\tdarkMode: row.darkMode ?? undefined,\n\t\tcustomCss: row.customCss ?? undefined,\n\t\tfontFamily: fontNameToStack(row.font),\n\t};\n}\n\n// ─── Helper: Load Custom Template from DB ──────────────────────────\n\nasync function loadTemplateBySlug(\n\tdb: PluginDBAdapter,\n\tslug: string,\n\tscopeWhere?: WhereClause[],\n): Promise<EmailTemplateRow | null> {\n\tconst rows = await db.findMany<EmailTemplateRow>({\n\t\tmodel: \"emailTemplate\",\n\t\twhere: [{ field: \"slug\", value: slug }, ...(scopeWhere ?? [])],\n\t\tlimit: 1,\n\t});\n\treturn rows[0] ?? null;\n}\n\nasync function loadTemplateById(\n\tdb: PluginDBAdapter,\n\tid: string,\n\tscopeWhere?: WhereClause[],\n): Promise<EmailTemplateRow | null> {\n\treturn db.findOne<EmailTemplateRow>({\n\t\tmodel: \"emailTemplate\",\n\t\twhere: [{ field: \"id\", value: id }, ...(scopeWhere ?? [])],\n\t});\n}\n\nasync function loadTemplateByBuiltInType(\n\tdb: PluginDBAdapter,\n\tbuiltInType: string,\n\tscopeWhere?: WhereClause[],\n): Promise<EmailTemplateRow | null> {\n\tconst rows = await db.findMany<EmailTemplateRow>({\n\t\tmodel: \"emailTemplate\",\n\t\twhere: [{ field: \"builtInType\", value: builtInType }, ...(scopeWhere ?? [])],\n\t\tlimit: 1,\n\t});\n\treturn rows[0] ?? null;\n}\n\n// ─── Helper: Render Custom Template Blocks to HTML ─────────────────\n\n/**\n * Render custom template blocks to HTML.\n * This is a server-side renderer for the Convex runtime (no React/JSX).\n * Uses the same table-based layout as the built-in templates for email\n * client compatibility.\n */\nfunction renderBlocksToHtml(\n\tblocksJson: string,\n\tvariables: Record<string, string>,\n\tbranding: Partial<EmailBranding>,\n): { html: string; text: string } {\n\tlet blocks: Array<Record<string, unknown>>;\n\ttry {\n\t\tblocks = JSON.parse(blocksJson) as Array<Record<string, unknown>>;\n\t} catch {\n\t\treturn { html: \"<p>Invalid template</p>\", text: \"Invalid template\" };\n\t}\n\n\tconst pc = branding.primaryColor ?? \"#6366f1\";\n\tconst br = branding.borderRadius ?? 8;\n\tconst dk = branding.darkMode ?? false;\n\tconst textColor = dk ? \"#94a3b8\" : \"#475569\";\n\tconst headingColor = dk ? \"#e2e8f0\" : \"#0f172a\";\n\tconst mutedColor = dk ? \"#64748b\" : \"#94a3b8\";\n\tconst codeBg = dk ? \"#1e293b\" : \"#f1f5f9\";\n\tconst codeBorder = dk ? \"#334155\" : \"#e2e8f0\";\n\tconst codeColor = dk ? \"#e2e8f0\" : \"#0f172a\";\n\tconst dividerColor = dk ? \"#334155\" : \"#e2e8f0\";\n\n\tfunction interp(text: string): string {\n\t\treturn text.replace(/\\{\\{(\\w+)\\}\\}/g, (match, name: string) => variables[name] ?? match);\n\t}\n\n\tfunction escHtml(str: string): string {\n\t\treturn str\n\t\t\t.replace(/&/g, \"&amp;\")\n\t\t\t.replace(/</g, \"&lt;\")\n\t\t\t.replace(/>/g, \"&gt;\")\n\t\t\t.replace(/\"/g, \"&quot;\");\n\t}\n\n\tconst htmlParts: string[] = [];\n\tconst textParts: string[] = [];\n\n\tfor (const block of blocks) {\n\t\tconst type = block.type as string;\n\t\tconst style = (block.style as Record<string, unknown> | undefined) ?? {};\n\t\tconst fontSize = (style.fontSize as number | undefined) ?? (type === \"heading\" ? 22 : 14);\n\t\tconst color =\n\t\t\t(style.color as string | undefined) ?? (type === \"heading\" ? headingColor : textColor);\n\t\tconst align =\n\t\t\t(style.textAlign as string | undefined) ?? (type === \"heading\" ? \"center\" : \"left\");\n\n\t\tswitch (type) {\n\t\t\tcase \"heading\": {\n\t\t\t\tconst as = (block.as as string) ?? \"h1\";\n\t\t\t\tconst text = interp((block.text as string) ?? \"\");\n\t\t\t\thtmlParts.push(\n\t\t\t\t\t`<${as} style=\"margin:0 0 8px;font-size:${fontSize}px;font-weight:700;color:${color};text-align:${align};line-height:1.3;\">${text}</${as}>`,\n\t\t\t\t);\n\t\t\t\ttextParts.push(text, \"\");\n\t\t\t\tbreak;\n\t\t\t}\n\t\t\tcase \"text\": {\n\t\t\t\tconst rawText = (block.text as string) ?? \"\";\n\t\t\t\tconst text = interp(rawText);\n\t\t\t\t// Allow basic HTML in text blocks (bold, italic, links)\n\t\t\t\thtmlParts.push(\n\t\t\t\t\t`<p style=\"margin:0 0 16px;font-size:${fontSize}px;line-height:1.6;color:${color};text-align:${align};\">${text}</p>`,\n\t\t\t\t);\n\t\t\t\t// Strip HTML for plain text\n\t\t\t\ttextParts.push(text.replace(/<[^>]*>/g, \"\"), \"\");\n\t\t\t\tbreak;\n\t\t\t}\n\t\t\tcase \"button\": {\n\t\t\t\tconst text = interp((block.text as string) ?? \"Click\");\n\t\t\t\tconst href = interp((block.href as string) ?? \"#\");\n\t\t\t\tconst variant = (block.variant as string) ?? \"primary\";\n\t\t\t\tconst bg = variant === \"primary\" ? pc : \"transparent\";\n\t\t\t\tconst fc = variant === \"primary\" ? \"#ffffff\" : pc;\n\t\t\t\tconst border = variant === \"outline\" ? `1px solid ${pc}` : \"none\";\n\t\t\t\thtmlParts.push(\n\t\t\t\t\t`<table role=\"presentation\" width=\"100%\" cellpadding=\"0\" cellspacing=\"0\" style=\"margin:24px 0;\"><tr><td align=\"center\"><a href=\"${escHtml(href)}\" target=\"_blank\" style=\"display:inline-block;padding:12px 32px;background-color:${bg};color:${fc};font-size:14px;font-weight:600;text-decoration:none;border-radius:${br}px;border:${border};line-height:1.2;\">${escHtml(text)}</a></td></tr></table>`,\n\t\t\t\t);\n\t\t\t\ttextParts.push(`[${text}](${href})`, \"\");\n\t\t\t\tbreak;\n\t\t\t}\n\t\t\tcase \"image\": {\n\t\t\t\tconst src = interp((block.src as string) ?? \"\");\n\t\t\t\tconst alt = (block.alt as string) ?? \"\";\n\t\t\t\tconst w = (block.width as number | undefined) ?? 600;\n\t\t\t\thtmlParts.push(\n\t\t\t\t\t`<img src=\"${escHtml(src)}\" alt=\"${escHtml(alt)}\" width=\"${w}\" style=\"display:block;margin:16px auto;max-width:100%;border-radius:${br}px;\" />`,\n\t\t\t\t);\n\t\t\t\ttextParts.push(`[Image: ${alt}]`, \"\");\n\t\t\t\tbreak;\n\t\t\t}\n\t\t\tcase \"divider\": {\n\t\t\t\thtmlParts.push(\n\t\t\t\t\t`<hr style=\"margin:24px 0;border:none;border-top:1px solid ${dividerColor};\" />`,\n\t\t\t\t);\n\t\t\t\ttextParts.push(\"---\", \"\");\n\t\t\t\tbreak;\n\t\t\t}\n\t\t\tcase \"spacer\": {\n\t\t\t\tconst h = (block.height as number) ?? 24;\n\t\t\t\thtmlParts.push(`<div style=\"height:${h}px;\"></div>`);\n\t\t\t\ttextParts.push(\"\");\n\t\t\t\tbreak;\n\t\t\t}\n\t\t\tcase \"code\": {\n\t\t\t\tconst text = interp((block.text as string) ?? \"\");\n\t\t\t\thtmlParts.push(\n\t\t\t\t\t`<table role=\"presentation\" width=\"100%\" cellpadding=\"0\" cellspacing=\"0\" style=\"margin:24px 0;\"><tr><td align=\"center\"><div style=\"display:inline-block;padding:16px 32px;background-color:${codeBg};border:1px solid ${codeBorder};border-radius:8px;font-family:'Courier New',monospace;font-size:28px;font-weight:700;letter-spacing:6px;color:${codeColor};\">${escHtml(text)}</div></td></tr></table>`,\n\t\t\t\t);\n\t\t\t\ttextParts.push(`Code: ${text}`, \"\");\n\t\t\t\tbreak;\n\t\t\t}\n\t\t\tcase \"link\": {\n\t\t\t\tconst text = interp((block.text as string) ?? \"\");\n\t\t\t\tconst href = interp((block.href as string) ?? \"#\");\n\t\t\t\tconst lc = (style.color as string | undefined) ?? pc;\n\t\t\t\tconst lfs = (style.fontSize as number | undefined) ?? 14;\n\t\t\t\thtmlParts.push(\n\t\t\t\t\t`<p style=\"margin:0 0 8px;font-size:${lfs}px;\"><a href=\"${escHtml(href)}\" target=\"_blank\" style=\"color:${lc};text-decoration:underline;word-break:break-all;\">${text}</a></p>`,\n\t\t\t\t);\n\t\t\t\ttextParts.push(`${text} [${href}]`, \"\");\n\t\t\t\tbreak;\n\t\t\t}\n\t\t\t// Columns are rendered as a simple table row\n\t\t\tcase \"columns\": {\n\t\t\t\tconst cols =\n\t\t\t\t\t(block.columns as Array<{ width?: string; blocks: Array<Record<string, unknown>> }>) ??\n\t\t\t\t\t[];\n\t\t\t\thtmlParts.push(\n\t\t\t\t\t'<table role=\"presentation\" width=\"100%\" cellpadding=\"0\" cellspacing=\"0\"><tr>',\n\t\t\t\t);\n\t\t\t\tfor (const col of cols) {\n\t\t\t\t\tconst w = col.width ?? `${Math.floor(100 / cols.length)}%`;\n\t\t\t\t\thtmlParts.push(`<td style=\"width:${w};vertical-align:top;padding:0 8px;\">`);\n\t\t\t\t\t// Recursively render nested blocks (simplified — just text/heading for now)\n\t\t\t\t\tconst nested = renderBlocksToHtml(JSON.stringify(col.blocks ?? []), variables, branding);\n\t\t\t\t\thtmlParts.push(nested.html);\n\t\t\t\t\ttextParts.push(nested.text);\n\t\t\t\t\thtmlParts.push(\"</td>\");\n\t\t\t\t}\n\t\t\t\thtmlParts.push(\"</tr></table>\");\n\t\t\t\tbreak;\n\t\t\t}\n\t\t}\n\t}\n\n\treturn { html: htmlParts.join(\"\\n\"), text: textParts.join(\"\\n\") };\n}\n\n/**\n * Wrap rendered block content in a full email layout (identical to built-in templates).\n */\nfunction wrapBlocksInLayout(content: string, branding: Partial<EmailBranding>): string {\n\tconst b = {\n\t\tappName: branding.appName ?? \"Banata Auth\",\n\t\tprimaryColor: branding.primaryColor ?? \"#6366f1\",\n\t\tbgColor: branding.bgColor ?? \"#f8fafc\",\n\t\tborderRadius: branding.borderRadius ?? 8,\n\t\tfontFamily:\n\t\t\tbranding.fontFamily ??\n\t\t\t'-apple-system, BlinkMacSystemFont, \"Segoe UI\", Roboto, \"Helvetica Neue\", Arial, sans-serif',\n\t\tdarkMode: branding.darkMode ?? false,\n\t\tcustomCss: branding.customCss,\n\t\tlogoUrl: branding.logoUrl,\n\t};\n\n\tconst cardBg = b.darkMode ? \"#1a1a2e\" : \"#ffffff\";\n\tconst cardBorder = b.darkMode ? \"#2a2a3e\" : \"#e2e8f0\";\n\tconst footerColor = b.darkMode ? \"#64748b\" : \"#94a3b8\";\n\tconst colorScheme = b.darkMode ? \"dark\" : \"light\";\n\tconst customStyleBlock = b.customCss ? `<style>${b.customCss}</style>` : \"\";\n\n\tfunction esc(str: string): string {\n\t\treturn str\n\t\t\t.replace(/&/g, \"&amp;\")\n\t\t\t.replace(/</g, \"&lt;\")\n\t\t\t.replace(/>/g, \"&gt;\")\n\t\t\t.replace(/\"/g, \"&quot;\");\n\t}\n\n\tconst logo = b.logoUrl\n\t\t? `<img src=\"${esc(b.logoUrl)}\" alt=\"${esc(b.appName)}\" width=\"48\" height=\"48\" style=\"display:block;margin:0 auto 16px;border-radius:8px;\" />`\n\t\t: \"\";\n\n\treturn [\n\t\t\"<!DOCTYPE html>\",\n\t\t'<html lang=\"en\">',\n\t\t\"<head>\",\n\t\t'<meta charset=\"utf-8\" />',\n\t\t'<meta name=\"viewport\" content=\"width=device-width, initial-scale=1\" />',\n\t\t`<meta name=\"color-scheme\" content=\"${colorScheme}\" />`,\n\t\t`<title>${esc(b.appName)}</title>`,\n\t\t\"<!--[if mso]>\",\n\t\t\"<style>table,td,div,p,a{font-family:Arial,sans-serif;}</style>\",\n\t\t\"<![endif]-->\",\n\t\tcustomStyleBlock,\n\t\t\"</head>\",\n\t\t`<body style=\"margin:0;padding:0;background-color:${b.bgColor};font-family:${b.fontFamily};-webkit-font-smoothing:antialiased;\">`,\n\t\t`<table role=\"presentation\" width=\"100%\" cellpadding=\"0\" cellspacing=\"0\" style=\"background-color:${b.bgColor};\">`,\n\t\t\"<tr>\",\n\t\t'<td align=\"center\" style=\"padding:40px 16px;\">',\n\t\t'<table role=\"presentation\" width=\"100%\" cellpadding=\"0\" cellspacing=\"0\" style=\"max-width:480px;margin:0 auto;\">',\n\t\t\"<tr>\",\n\t\t`<td style=\"padding:32px;background-color:${cardBg};border:1px solid ${cardBorder};border-radius:12px;\">`,\n\t\tlogo,\n\t\tcontent,\n\t\t\"</td>\",\n\t\t\"</tr>\",\n\t\t\"<tr>\",\n\t\t'<td style=\"padding:24px 0 0;text-align:center;\">',\n\t\t`<p style=\"margin:0;font-size:12px;line-height:1.5;color:${footerColor};\">`,\n\t\t`This email was sent by ${esc(b.appName)}.`,\n\t\t\"If you didn't expect this email, you can safely ignore it.\",\n\t\t\"</p>\",\n\t\t\"</td>\",\n\t\t\"</tr>\",\n\t\t\"</table>\",\n\t\t\"</td>\",\n\t\t\"</tr>\",\n\t\t\"</table>\",\n\t\t\"</body>\",\n\t\t\"</html>\",\n\t].join(\"\\n\");\n}\n\n// ─── Helper: Send One Email ────────────────────────────────────────\n\nasync function sendOneEmail(\n\tdb: PluginDBAdapter,\n\tto: string,\n\tdata: EmailData,\n\toptions: BanataEmailOptions,\n\tscope?: { envWhere?: WhereClause[]; projectWhere?: WhereClause[] },\n): Promise<{ success: boolean; error?: string }> {\n\tconst providerResult = await loadProviderConfig(db, scope?.envWhere);\n\tif (!providerResult) {\n\t\treturn { success: false, error: \"No email provider configured. Set one in the dashboard.\" };\n\t}\n\n\tconst branding = await loadBranding(db, scope?.projectWhere);\n\tif (options.appName) branding.appName = options.appName;\n\n\tconst rendered = renderEmail(data, branding);\n\n\tconst fromAddress =\n\t\toptions.fromAddress ?? `${branding.appName ?? \"Banata Auth\"} <noreply@example.com>`;\n\n\tconst result = await sendEmail(\n\t\tproviderResult.provider,\n\t\t{\n\t\t\tfrom: fromAddress,\n\t\t\tto,\n\t\t\tsubject: rendered.subject,\n\t\t\thtml: rendered.html,\n\t\t\ttext: rendered.text,\n\t\t\treplyTo: options.replyTo,\n\t\t},\n\t\tproviderResult.credentials,\n\t);\n\n\treturn result;\n}\n\n/**\n * Send an email using a custom template (by slug or built-in type).\n */\nasync function sendCustomTemplateEmail(\n\tdb: PluginDBAdapter,\n\tto: string,\n\ttemplateSlug: string,\n\tvariables: Record<string, string>,\n\toptions: BanataEmailOptions,\n\tscope?: { envWhere?: WhereClause[]; projectWhere?: WhereClause[] },\n): Promise<{ success: boolean; error?: string }> {\n\tconst providerResult = await loadProviderConfig(db, scope?.envWhere);\n\tif (!providerResult) {\n\t\treturn { success: false, error: \"No email provider configured. Set one in the dashboard.\" };\n\t}\n\n\tconst template = await loadTemplateBySlug(db, templateSlug, scope?.projectWhere);\n\tif (!template) {\n\t\treturn { success: false, error: `Template \"${templateSlug}\" not found` };\n\t}\n\n\tconst branding = await loadBranding(db, scope?.projectWhere);\n\tif (options.appName) branding.appName = options.appName;\n\n\t// Interpolate subject\n\tconst subject = template.subject.replace(\n\t\t/\\{\\{(\\w+)\\}\\}/g,\n\t\t(match, name: string) => variables[name] ?? match,\n\t);\n\n\t// Render blocks to HTML\n\tconst { html: blockHtml, text } = renderBlocksToHtml(template.blocksJson, variables, branding);\n\tconst html = wrapBlocksInLayout(blockHtml, branding);\n\n\tconst fromAddress =\n\t\toptions.fromAddress ?? `${branding.appName ?? \"Banata Auth\"} <noreply@example.com>`;\n\n\tconst result = await sendEmail(\n\t\tproviderResult.provider,\n\t\t{\n\t\t\tfrom: fromAddress,\n\t\t\tto,\n\t\t\tsubject,\n\t\t\thtml,\n\t\t\ttext,\n\t\t\treplyTo: options.replyTo,\n\t\t},\n\t\tproviderResult.credentials,\n\t);\n\n\treturn result;\n}\n\n// ─── Plugin Factory ────────────────────────────────────────────────\n\n/**\n * Create the Banata Auth email plugin.\n *\n * Registers API endpoints for SDK-driven email sending, template\n * preview, and test email delivery.\n */\nexport function banataEmail(options: BanataEmailOptions = {}): BetterAuthPlugin {\n\tconst BUILT_IN_TYPES = [\n\t\t\"verification\",\n\t\t\"password-reset\",\n\t\t\"magic-link\",\n\t\t\"email-otp\",\n\t\t\"invitation\",\n\t\t\"welcome\",\n\t];\n\n\treturn {\n\t\tid: \"banata-email\",\n\n\t\t// ─── Schema Registration ──────────────────────────────────\n\t\t// Declare all custom models so Better Auth's adapter recognises them.\n\t\tschema: {\n\t\t\temailTemplate: {\n\t\t\t\tfields: {\n\t\t\t\t\tprojectId: { type: \"string\" as const, required: false },\n\t\t\t\t\tname: { type: \"string\", required: true },\n\t\t\t\t\tslug: { type: \"string\", required: true },\n\t\t\t\t\tsubject: { type: \"string\", required: true },\n\t\t\t\t\tpreviewText: { type: \"string\", required: false },\n\t\t\t\t\tcategory: { type: \"string\", required: true },\n\t\t\t\t\tdescription: { type: \"string\", required: false },\n\t\t\t\t\tblocksJson: { type: \"string\", required: true },\n\t\t\t\t\tvariablesJson: { type: \"string\", required: false },\n\t\t\t\t\tbuiltIn: { type: \"boolean\", required: false, defaultValue: false },\n\t\t\t\t\tbuiltInType: { type: \"string\", required: false },\n\t\t\t\t\tcreatedAt: { type: \"number\", required: true },\n\t\t\t\t\tupdatedAt: { type: \"number\", required: true },\n\t\t\t\t},\n\t\t\t},\n\t\t\tbrandingConfig: {\n\t\t\t\tfields: {\n\t\t\t\t\tprojectId: { type: \"string\" as const, required: false },\n\t\t\t\t\tprimaryColor: { type: \"string\", required: false },\n\t\t\t\t\tbgColor: { type: \"string\", required: false },\n\t\t\t\t\tborderRadius: { type: \"number\", required: false },\n\t\t\t\t\tdarkMode: { type: \"boolean\", required: false },\n\t\t\t\t\tcustomCss: { type: \"string\", required: false },\n\t\t\t\t\tfont: { type: \"string\", required: false },\n\t\t\t\t\tlogoUrl: { type: \"string\", required: false },\n\t\t\t\t\tcreatedAt: { type: \"number\", required: true },\n\t\t\t\t\tupdatedAt: { type: \"number\", required: true },\n\t\t\t\t},\n\t\t\t},\n\t\t\temailProviderConfig: {\n\t\t\t\tfields: {\n\t\t\t\t\tprojectId: { type: \"string\" as const, required: false },\n\t\t\t\t\tconfigJson: { type: \"string\", required: true },\n\t\t\t\t\tcreatedAt: { type: \"number\", required: true },\n\t\t\t\t\tupdatedAt: { type: \"number\", required: true },\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\n\t\tendpoints: {\n\t\t\t// ─── Send Email (supports built-in + custom templates) ──────\n\t\t\tsendEmailEndpoint: createAuthEndpoint(\n\t\t\t\t\"/banata/emails/send\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\n\t\t\t\t\tbody: sendEmailSchema,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst body = ctx.body;\n\t\t\t\t\tconst templateKey = body.template as string;\n\t\t\t\t\tconst projScope = getProjectScope(body as Record<string, unknown>);\n\t\t\t\t\tawait requireProjectPermission(ctx, {\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tpermission: \"email.manage\",\n\t\t\t\t\t\tprojectId: projScope.projectId,\n\t\t\t\t\t});\n\t\t\t\t\tconst emailScope = { envWhere: projScope.where, projectWhere: projScope.where };\n\n\t\t\t\t\t// Check if it's a built-in template type\n\t\t\t\t\tif (BUILT_IN_TYPES.includes(templateKey)) {\n\t\t\t\t\t\t// Check if there's a custom template override for this built-in type\n\t\t\t\t\t\tconst customOverride = await loadTemplateByBuiltInType(\n\t\t\t\t\t\t\tdb,\n\t\t\t\t\t\t\ttemplateKey,\n\t\t\t\t\t\t\tprojScope.where,\n\t\t\t\t\t\t);\n\t\t\t\t\t\tif (customOverride) {\n\t\t\t\t\t\t\tconst vars: Record<string, string> = {};\n\t\t\t\t\t\t\tfor (const [k, v] of Object.entries(body.data as Record<string, unknown>)) {\n\t\t\t\t\t\t\t\tvars[k] = String(v ?? \"\");\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t\tconst result = await sendCustomTemplateEmail(\n\t\t\t\t\t\t\t\tdb,\n\t\t\t\t\t\t\t\tbody.to,\n\t\t\t\t\t\t\t\tcustomOverride.slug,\n\t\t\t\t\t\t\t\tvars,\n\t\t\t\t\t\t\t\toptions,\n\t\t\t\t\t\t\t\temailScope,\n\t\t\t\t\t\t\t);\n\t\t\t\t\t\t\treturn ctx.json(result);\n\t\t\t\t\t\t}\n\n\t\t\t\t\t\t// Use built-in renderer\n\t\t\t\t\t\tconst emailData = buildEmailData(\n\t\t\t\t\t\t\ttemplateKey as EmailTemplateType,\n\t\t\t\t\t\t\tbody.data as Record<string, unknown>,\n\t\t\t\t\t\t);\n\t\t\t\t\t\tif (!emailData) {\n\t\t\t\t\t\t\treturn ctx.json({ success: false, error: \"Invalid template data\" });\n\t\t\t\t\t\t}\n\t\t\t\t\t\tconst result = await sendOneEmail(db, body.to, emailData, options, emailScope);\n\t\t\t\t\t\treturn ctx.json(result);\n\t\t\t\t\t}\n\n\t\t\t\t\t// Custom template (by slug)\n\t\t\t\t\tconst vars: Record<string, string> = {};\n\t\t\t\t\tfor (const [k, v] of Object.entries(body.data as Record<string, unknown>)) {\n\t\t\t\t\t\tvars[k] = String(v ?? \"\");\n\t\t\t\t\t}\n\t\t\t\t\tconst result = await sendCustomTemplateEmail(\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tbody.to,\n\t\t\t\t\t\ttemplateKey,\n\t\t\t\t\t\tvars,\n\t\t\t\t\t\toptions,\n\t\t\t\t\t\temailScope,\n\t\t\t\t\t);\n\t\t\t\t\treturn ctx.json(result);\n\t\t\t\t},\n\t\t\t),\n\n\t\t\t// ─── Preview Email Template ────────────────────────────────\n\t\t\tpreviewEmailTemplate: createAuthEndpoint(\n\t\t\t\t\"/banata/emails/preview\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\n\t\t\t\t\tbody: previewEmailSchema,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst body = ctx.body;\n\t\t\t\t\tconst templateKey = body.template as string;\n\t\t\t\t\tconst data = body.data as Record<string, unknown> | undefined;\n\t\t\t\t\tconst projScope = getProjectScope(body as Record<string, unknown>);\n\t\t\t\t\tawait requireProjectPermission(ctx, {\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tpermission: \"email.manage\",\n\t\t\t\t\t\tprojectId: projScope.projectId,\n\t\t\t\t\t});\n\n\t\t\t\t\t// Try custom template first\n\t\t\t\t\tconst customTemplate = await loadTemplateBySlug(db, templateKey, projScope.where);\n\t\t\t\t\tif (customTemplate) {\n\t\t\t\t\t\tconst vars: Record<string, string> = {};\n\t\t\t\t\t\tif (data) {\n\t\t\t\t\t\t\tfor (const [k, v] of Object.entries(data)) {\n\t\t\t\t\t\t\t\tvars[k] = String(v ?? \"\");\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t}\n\t\t\t\t\t\tconst branding = await loadBranding(db, projScope.where);\n\t\t\t\t\t\tif (options.appName) branding.appName = options.appName;\n\n\t\t\t\t\t\tconst subject = customTemplate.subject.replace(\n\t\t\t\t\t\t\t/\\{\\{(\\w+)\\}\\}/g,\n\t\t\t\t\t\t\t(match, name: string) => vars[name] ?? match,\n\t\t\t\t\t\t);\n\t\t\t\t\t\tconst { html: blockHtml, text } = renderBlocksToHtml(\n\t\t\t\t\t\t\tcustomTemplate.blocksJson,\n\t\t\t\t\t\t\tvars,\n\t\t\t\t\t\t\tbranding,\n\t\t\t\t\t\t);\n\t\t\t\t\t\tconst html = wrapBlocksInLayout(blockHtml, branding);\n\t\t\t\t\t\treturn ctx.json({ subject, html, text });\n\t\t\t\t\t}\n\n\t\t\t\t\t// Fall back to built-in\n\t\t\t\t\tif (BUILT_IN_TYPES.includes(templateKey)) {\n\t\t\t\t\t\tconst template = templateKey as EmailTemplateType;\n\t\t\t\t\t\tconst emailData = data\n\t\t\t\t\t\t\t? (buildEmailData(template, data) ?? getPreviewData(template))\n\t\t\t\t\t\t\t: getPreviewData(template);\n\n\t\t\t\t\t\tconst branding = await loadBranding(db, projScope.where);\n\t\t\t\t\t\tif (options.appName) branding.appName = options.appName;\n\n\t\t\t\t\t\tconst rendered = renderEmail(emailData, branding);\n\t\t\t\t\t\treturn ctx.json({\n\t\t\t\t\t\t\tsubject: rendered.subject,\n\t\t\t\t\t\t\thtml: rendered.html,\n\t\t\t\t\t\t\ttext: rendered.text,\n\t\t\t\t\t\t});\n\t\t\t\t\t}\n\n\t\t\t\t\treturn ctx.json({\n\t\t\t\t\t\tsubject: \"\",\n\t\t\t\t\t\thtml: \"<p>Template not found</p>\",\n\t\t\t\t\t\ttext: \"Template not found\",\n\t\t\t\t\t});\n\t\t\t\t},\n\t\t\t),\n\n\t\t\t// ─── Send Test Email ───────────────────────────────────────\n\t\t\tsendTestEmail: createAuthEndpoint(\n\t\t\t\t\"/banata/test-email\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\n\t\t\t\t\tbody: testEmailSchema,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst body = ctx.body;\n\t\t\t\t\tconst projScope = getProjectScope(body as Record<string, unknown>);\n\t\t\t\t\tawait requireProjectPermission(ctx, {\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tpermission: \"email.manage\",\n\t\t\t\t\t\tprojectId: projScope.projectId,\n\t\t\t\t\t});\n\t\t\t\t\tconst emailScope = { envWhere: projScope.where, projectWhere: projScope.where };\n\n\t\t\t\t\tconst template = (body.template as string | undefined) ?? \"welcome\";\n\n\t\t\t\t\t// Try custom template first\n\t\t\t\t\tconst customTemplate = await loadTemplateBySlug(db, template, projScope.where);\n\t\t\t\t\tif (customTemplate) {\n\t\t\t\t\t\tconst result = await sendCustomTemplateEmail(\n\t\t\t\t\t\t\tdb,\n\t\t\t\t\t\t\tbody.to,\n\t\t\t\t\t\t\ttemplate,\n\t\t\t\t\t\t\t{},\n\t\t\t\t\t\t\toptions,\n\t\t\t\t\t\t\temailScope,\n\t\t\t\t\t\t);\n\t\t\t\t\t\tif (!result.success) {\n\t\t\t\t\t\t\treturn ctx.json({ success: false, message: result.error });\n\t\t\t\t\t\t}\n\t\t\t\t\t\treturn ctx.json({ success: true, message: \"Test email sent\" });\n\t\t\t\t\t}\n\n\t\t\t\t\t// Fall back to built-in\n\t\t\t\t\tif (BUILT_IN_TYPES.includes(template)) {\n\t\t\t\t\t\tconst previewData = getPreviewData(template as EmailTemplateType);\n\t\t\t\t\t\tconst result = await sendOneEmail(db, body.to, previewData, options, emailScope);\n\t\t\t\t\t\tif (!result.success) {\n\t\t\t\t\t\t\treturn ctx.json({ success: false, message: result.error });\n\t\t\t\t\t\t}\n\t\t\t\t\t\treturn ctx.json({ success: true, message: \"Test email sent\" });\n\t\t\t\t\t}\n\n\t\t\t\t\treturn ctx.json({ success: false, message: `Template \"${template}\" not found` });\n\t\t\t\t},\n\t\t\t),\n\n\t\t\t// ─── Template CRUD ─────────────────────────────────────────\n\n\t\t\tlistEmailTemplates: createAuthEndpoint(\n\t\t\t\t\"/banata/emails/templates/list\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\n\t\t\t\t\tbody: listTemplatesSchema,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst body = ctx.body;\n\t\t\t\t\tconst projScope = getProjectScope(body as Record<string, unknown>);\n\t\t\t\t\tawait requireProjectPermission(ctx, {\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tpermission: \"email.manage\",\n\t\t\t\t\t\tprojectId: projScope.projectId,\n\t\t\t\t\t});\n\n\t\t\t\t\tconst where: WhereClause[] = [...projScope.where];\n\t\t\t\t\tif (body.category) {\n\t\t\t\t\t\twhere.push({ field: \"category\", value: body.category });\n\t\t\t\t\t}\n\n\t\t\t\t\tconst rows = await db.findMany<EmailTemplateRow>({\n\t\t\t\t\t\tmodel: \"emailTemplate\",\n\t\t\t\t\t\twhere: where.length > 0 ? where : undefined,\n\t\t\t\t\t\tlimit: body.limit ?? 50,\n\t\t\t\t\t\tsortBy: { field: \"createdAt\", direction: \"desc\" },\n\t\t\t\t\t});\n\n\t\t\t\t\tconst templates = rows.map((row) => ({\n\t\t\t\t\t\tid: row.id,\n\t\t\t\t\t\tname: row.name,\n\t\t\t\t\t\tslug: row.slug,\n\t\t\t\t\t\tsubject: row.subject,\n\t\t\t\t\t\tpreviewText: row.previewText,\n\t\t\t\t\t\tcategory: row.category,\n\t\t\t\t\t\tdescription: row.description,\n\t\t\t\t\t\tblocksJson: row.blocksJson,\n\t\t\t\t\t\tvariablesJson: row.variablesJson,\n\t\t\t\t\t\tbuiltIn: row.builtIn ?? false,\n\t\t\t\t\t\tbuiltInType: row.builtInType,\n\t\t\t\t\t\tcreatedAt: row.createdAt,\n\t\t\t\t\t\tupdatedAt: row.updatedAt,\n\t\t\t\t\t}));\n\n\t\t\t\t\treturn ctx.json({ templates });\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tgetEmailTemplate: createAuthEndpoint(\n\t\t\t\t\"/banata/emails/templates/get\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\n\t\t\t\t\tbody: getTemplateSchema,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst body = ctx.body;\n\t\t\t\t\tconst { idOrSlug } = body;\n\t\t\t\t\tconst projScope = getProjectScope(body as Record<string, unknown>);\n\t\t\t\t\tawait requireProjectPermission(ctx, {\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tpermission: \"email.manage\",\n\t\t\t\t\t\tprojectId: projScope.projectId,\n\t\t\t\t\t});\n\n\t\t\t\t\tlet row = await loadTemplateBySlug(db, idOrSlug, projScope.where);\n\t\t\t\t\tif (!row) {\n\t\t\t\t\t\trow = await loadTemplateById(db, idOrSlug, projScope.where);\n\t\t\t\t\t}\n\n\t\t\t\t\tif (!row) {\n\t\t\t\t\t\treturn ctx.json({ template: null });\n\t\t\t\t\t}\n\n\t\t\t\t\treturn ctx.json({\n\t\t\t\t\t\ttemplate: {\n\t\t\t\t\t\t\tid: row.id,\n\t\t\t\t\t\t\tname: row.name,\n\t\t\t\t\t\t\tslug: row.slug,\n\t\t\t\t\t\t\tsubject: row.subject,\n\t\t\t\t\t\t\tpreviewText: row.previewText,\n\t\t\t\t\t\t\tcategory: row.category,\n\t\t\t\t\t\t\tdescription: row.description,\n\t\t\t\t\t\t\tblocksJson: row.blocksJson,\n\t\t\t\t\t\t\tvariablesJson: row.variablesJson,\n\t\t\t\t\t\t\tbuiltIn: row.builtIn ?? false,\n\t\t\t\t\t\t\tbuiltInType: row.builtInType,\n\t\t\t\t\t\t\tcreatedAt: row.createdAt,\n\t\t\t\t\t\t\tupdatedAt: row.updatedAt,\n\t\t\t\t\t\t},\n\t\t\t\t\t});\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tcreateEmailTemplate: createAuthEndpoint(\n\t\t\t\t\"/banata/emails/templates/create\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\n\t\t\t\t\tbody: createTemplateSchema,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst body = ctx.body;\n\t\t\t\t\tconst projScope = getProjectScope(body as Record<string, unknown>);\n\t\t\t\t\tawait requireProjectPermission(ctx, {\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tpermission: \"email.manage\",\n\t\t\t\t\t\tprojectId: projScope.projectId,\n\t\t\t\t\t});\n\n\t\t\t\t\t// Check slug uniqueness within the project scope\n\t\t\t\t\tconst existing = await loadTemplateBySlug(db, body.slug, projScope.where);\n\t\t\t\t\tif (existing) {\n\t\t\t\t\t\treturn ctx.json({\n\t\t\t\t\t\t\tsuccess: false,\n\t\t\t\t\t\t\terror: `Template slug \"${body.slug}\" already exists`,\n\t\t\t\t\t\t});\n\t\t\t\t\t}\n\n\t\t\t\t\tconst now = Date.now();\n\t\t\t\t\tconst data: Record<string, unknown> = {\n\t\t\t\t\t\t...projScope.data,\n\t\t\t\t\t\tname: body.name,\n\t\t\t\t\t\tslug: body.slug,\n\t\t\t\t\t\tsubject: body.subject,\n\t\t\t\t\t\tcategory: body.category,\n\t\t\t\t\t\tblocksJson: body.blocksJson,\n\t\t\t\t\t\t// Auto-set builtIn flag when builtInType is provided\n\t\t\t\t\t\tbuiltIn: body.builtIn ?? !!body.builtInType,\n\t\t\t\t\t\tcreatedAt: now,\n\t\t\t\t\t\tupdatedAt: now,\n\t\t\t\t\t};\n\t\t\t\t\t// Only include optional fields if they have actual string values.\n\t\t\t\t\t// Convex validators use v.optional() which accepts undefined but NOT null.\n\t\t\t\t\tif (body.previewText) data.previewText = body.previewText;\n\t\t\t\t\tif (body.description) data.description = body.description;\n\t\t\t\t\tif (body.variablesJson) data.variablesJson = body.variablesJson;\n\t\t\t\t\tif (body.builtInType) data.builtInType = body.builtInType;\n\n\t\t\t\t\tconst row = await db.create<EmailTemplateRow>({\n\t\t\t\t\t\tmodel: \"emailTemplate\",\n\t\t\t\t\t\tdata: data as EmailTemplateRow,\n\t\t\t\t\t});\n\n\t\t\t\t\treturn ctx.json({ success: true, template: row });\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tupdateEmailTemplate: createAuthEndpoint(\n\t\t\t\t\"/banata/emails/templates/update\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\n\t\t\t\t\tbody: updateTemplateSchema,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst body = ctx.body;\n\t\t\t\t\tconst projScope = getProjectScope(body as Record<string, unknown>);\n\t\t\t\t\tawait requireProjectPermission(ctx, {\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tpermission: \"email.manage\",\n\t\t\t\t\t\tprojectId: projScope.projectId,\n\t\t\t\t\t});\n\n\t\t\t\t\tconst existing = await loadTemplateById(db, body.id, projScope.where);\n\t\t\t\t\tif (!existing) {\n\t\t\t\t\t\treturn ctx.json({ success: false, error: \"Template not found\" });\n\t\t\t\t\t}\n\n\t\t\t\t\t// If slug is being changed, check uniqueness within the project scope\n\t\t\t\t\tif (body.slug && body.slug !== existing.slug) {\n\t\t\t\t\t\tconst conflict = await loadTemplateBySlug(db, body.slug, projScope.where);\n\t\t\t\t\t\tif (conflict) {\n\t\t\t\t\t\t\treturn ctx.json({\n\t\t\t\t\t\t\t\tsuccess: false,\n\t\t\t\t\t\t\t\terror: `Template slug \"${body.slug}\" already exists`,\n\t\t\t\t\t\t\t});\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\n\t\t\t\t\tconst update: Record<string, unknown> = { updatedAt: Date.now() };\n\t\t\t\t\tif (body.name !== undefined) update.name = body.name;\n\t\t\t\t\tif (body.slug !== undefined) update.slug = body.slug;\n\t\t\t\t\tif (body.subject !== undefined) update.subject = body.subject;\n\t\t\t\t\tif (body.previewText !== undefined) update.previewText = body.previewText;\n\t\t\t\t\tif (body.category !== undefined) update.category = body.category;\n\t\t\t\t\tif (body.description !== undefined) update.description = body.description;\n\t\t\t\t\tif (body.blocksJson !== undefined) update.blocksJson = body.blocksJson;\n\t\t\t\t\tif (body.variablesJson !== undefined) update.variablesJson = body.variablesJson;\n\n\t\t\t\t\tconst updated = await db.update<EmailTemplateRow>({\n\t\t\t\t\t\tmodel: \"emailTemplate\",\n\t\t\t\t\t\twhere: [{ field: \"id\", value: body.id }, ...projScope.where],\n\t\t\t\t\t\tupdate,\n\t\t\t\t\t});\n\n\t\t\t\t\treturn ctx.json({ success: true, template: updated });\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tdeleteEmailTemplate: createAuthEndpoint(\n\t\t\t\t\"/banata/emails/templates/delete\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\n\t\t\t\t\tbody: deleteTemplateSchema,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst body = ctx.body;\n\t\t\t\t\tconst { id } = body;\n\t\t\t\t\tconst projScope = getProjectScope(body as Record<string, unknown>);\n\t\t\t\t\tawait requireProjectPermission(ctx, {\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tpermission: \"email.manage\",\n\t\t\t\t\t\tprojectId: projScope.projectId,\n\t\t\t\t\t});\n\n\t\t\t\t\tconst existing = await loadTemplateById(db, id, projScope.where);\n\t\t\t\t\tif (!existing) {\n\t\t\t\t\t\treturn ctx.json({ success: false, error: \"Template not found\" });\n\t\t\t\t\t}\n\n\t\t\t\t\tif (existing.builtIn) {\n\t\t\t\t\t\treturn ctx.json({\n\t\t\t\t\t\t\tsuccess: false,\n\t\t\t\t\t\t\terror: \"Cannot delete built-in templates. You can customize them instead.\",\n\t\t\t\t\t\t});\n\t\t\t\t\t}\n\n\t\t\t\t\tawait db.delete({\n\t\t\t\t\t\tmodel: \"emailTemplate\",\n\t\t\t\t\t\twhere: [{ field: \"id\", value: id }, ...projScope.where],\n\t\t\t\t\t});\n\n\t\t\t\t\treturn ctx.json({ success: true });\n\t\t\t\t},\n\t\t\t),\n\t\t},\n\t};\n}\n\n// ─── Auto-Send Callbacks ───────────────────────────────────────────\n\n/**\n * Create email callback functions that use the built-in email system.\n *\n * These are wired into Better Auth's email hooks (sendVerificationEmail,\n * sendResetPassword, sendMagicLink, sendOtp, sendInvitationEmail).\n *\n * Consumer-provided callbacks take priority — these are only used\n * as the fallback when no consumer callback is provided.\n */\n/**\n * Look up a user's projectId by email so we can load the correct\n * project's email provider and branding for auto-sent emails.\n */\nasync function resolveProjectScope(\n\tdb: PluginDBAdapter,\n\temail: string,\n): Promise<{ envWhere: WhereClause[]; projectWhere: WhereClause[] } | undefined> {\n\tconst users = await db.findMany<Record<string, unknown>>({\n\t\tmodel: \"user\",\n\t\twhere: [{ field: \"email\", value: email }],\n\t\tlimit: 1,\n\t\tselect: [\"projectId\"],\n\t});\n\tconst projectId = typeof users[0]?.projectId === \"string\" ? users[0].projectId : undefined;\n\tif (!projectId) return undefined;\n\tconst where: WhereClause[] = [{ field: \"projectId\", value: projectId }];\n\treturn { envWhere: where, projectWhere: where };\n}\n\nexport function createAutoEmailCallbacks(\n\tgetDb: () => PluginDBAdapter,\n\temailOptions: BanataEmailOptions,\n) {\n\treturn {\n\t\tsendVerificationEmail: async (params: {\n\t\t\tuser: { email: string; name: string };\n\t\t\turl: string;\n\t\t\ttoken: string;\n\t\t}) => {\n\t\t\ttry {\n\t\t\t\tconst db = getDb();\n\t\t\t\tconst scope = await resolveProjectScope(db, params.user.email);\n\t\t\t\tconst result = await sendOneEmail(\n\t\t\t\t\tdb,\n\t\t\t\t\tparams.user.email,\n\t\t\t\t\t{\n\t\t\t\t\t\ttype: \"verification\",\n\t\t\t\t\t\tuserName: params.user.name || \"there\",\n\t\t\t\t\t\tverificationUrl: params.url,\n\t\t\t\t\t\ttoken: params.token,\n\t\t\t\t\t},\n\t\t\t\t\temailOptions,\n\t\t\t\t\tscope,\n\t\t\t\t);\n\t\t\t\tif (!result.success) {\n\t\t\t\t\tconsole.error(\n\t\t\t\t\t\t`[BanataAuth] Failed to send verification email to ${params.user.email}: ${result.error}`,\n\t\t\t\t\t);\n\t\t\t\t}\n\t\t\t} catch (err) {\n\t\t\t\tconsole.error(\"[BanataAuth] Error sending verification email:\", err);\n\t\t\t}\n\t\t},\n\n\t\tsendResetPassword: async (params: {\n\t\t\tuser: { email: string; name: string };\n\t\t\turl: string;\n\t\t\ttoken: string;\n\t\t}) => {\n\t\t\ttry {\n\t\t\t\tconst db = getDb();\n\t\t\t\tconst scope = await resolveProjectScope(db, params.user.email);\n\t\t\t\tconst result = await sendOneEmail(\n\t\t\t\t\tdb,\n\t\t\t\t\tparams.user.email,\n\t\t\t\t\t{\n\t\t\t\t\t\ttype: \"password-reset\",\n\t\t\t\t\t\tuserName: params.user.name || \"there\",\n\t\t\t\t\t\tresetUrl: params.url,\n\t\t\t\t\t\ttoken: params.token,\n\t\t\t\t\t},\n\t\t\t\t\temailOptions,\n\t\t\t\t\tscope,\n\t\t\t\t);\n\t\t\t\tif (!result.success) {\n\t\t\t\t\tconsole.error(\n\t\t\t\t\t\t`[BanataAuth] Failed to send password reset email to ${params.user.email}: ${result.error}`,\n\t\t\t\t\t);\n\t\t\t\t}\n\t\t\t} catch (err) {\n\t\t\t\tconsole.error(\"[BanataAuth] Error sending password reset email:\", err);\n\t\t\t}\n\t\t},\n\n\t\tsendMagicLink: async (params: { email: string; url: string; token: string }) => {\n\t\t\ttry {\n\t\t\t\tconst db = getDb();\n\t\t\t\tconst scope = await resolveProjectScope(db, params.email);\n\t\t\t\tconst result = await sendOneEmail(\n\t\t\t\t\tdb,\n\t\t\t\t\tparams.email,\n\t\t\t\t\t{\n\t\t\t\t\t\ttype: \"magic-link\",\n\t\t\t\t\t\temail: params.email,\n\t\t\t\t\t\tmagicLinkUrl: params.url,\n\t\t\t\t\t\ttoken: params.token,\n\t\t\t\t\t},\n\t\t\t\t\temailOptions,\n\t\t\t\t\tscope,\n\t\t\t\t);\n\t\t\t\tif (!result.success) {\n\t\t\t\t\tconsole.error(\n\t\t\t\t\t\t`[BanataAuth] Failed to send magic link email to ${params.email}: ${result.error}`,\n\t\t\t\t\t);\n\t\t\t\t}\n\t\t\t} catch (err) {\n\t\t\t\tconsole.error(\"[BanataAuth] Error sending magic link email:\", err);\n\t\t\t}\n\t\t},\n\n\t\tsendOtp: async (params: { email: string; otp: string }) => {\n\t\t\ttry {\n\t\t\t\tconst db = getDb();\n\t\t\t\tconst scope = await resolveProjectScope(db, params.email);\n\t\t\t\tconst result = await sendOneEmail(\n\t\t\t\t\tdb,\n\t\t\t\t\tparams.email,\n\t\t\t\t\t{\n\t\t\t\t\t\ttype: \"email-otp\",\n\t\t\t\t\t\temail: params.email,\n\t\t\t\t\t\totp: params.otp,\n\t\t\t\t\t},\n\t\t\t\t\temailOptions,\n\t\t\t\t\tscope,\n\t\t\t\t);\n\t\t\t\tif (!result.success) {\n\t\t\t\t\tconsole.error(\n\t\t\t\t\t\t`[BanataAuth] Failed to send OTP email to ${params.email}: ${result.error}`,\n\t\t\t\t\t);\n\t\t\t\t}\n\t\t\t} catch (err) {\n\t\t\t\tconsole.error(\"[BanataAuth] Error sending OTP email:\", err);\n\t\t\t}\n\t\t},\n\n\t\tsendInvitationEmail: async (params: {\n\t\t\temail: string;\n\t\t\tinvitationId: string;\n\t\t\torganizationName: string;\n\t\t\tinviterName: string;\n\t\t}) => {\n\t\t\ttry {\n\t\t\t\tconst db = getDb();\n\t\t\t\tconst scope = await resolveProjectScope(db, params.email);\n\t\t\t\tconst result = await sendOneEmail(\n\t\t\t\t\tdb,\n\t\t\t\t\tparams.email,\n\t\t\t\t\t{\n\t\t\t\t\t\ttype: \"invitation\",\n\t\t\t\t\t\temail: params.email,\n\t\t\t\t\t\tinvitationId: params.invitationId,\n\t\t\t\t\t\torganizationName: params.organizationName,\n\t\t\t\t\t\tinviterName: params.inviterName,\n\t\t\t\t\t},\n\t\t\t\t\temailOptions,\n\t\t\t\t\tscope,\n\t\t\t\t);\n\t\t\t\tif (!result.success) {\n\t\t\t\t\tconsole.error(\n\t\t\t\t\t\t`[BanataAuth] Failed to send invitation email to ${params.email}: ${result.error}`,\n\t\t\t\t\t);\n\t\t\t\t}\n\t\t\t} catch (err) {\n\t\t\t\tconsole.error(\"[BanataAuth] Error sending invitation email:\", err);\n\t\t\t}\n\t\t},\n\t};\n}\n\n// ─── Helpers ───────────────────────────────────────────────────────\n\n/**\n * Build a typed EmailData object from a template name and plain data.\n */\nfunction buildEmailData(\n\ttemplate: EmailTemplateType,\n\tdata: Record<string, unknown>,\n): EmailData | null {\n\tswitch (template) {\n\t\tcase \"verification\":\n\t\t\treturn {\n\t\t\t\ttype: \"verification\",\n\t\t\t\tuserName: String(data.userName ?? \"\"),\n\t\t\t\tverificationUrl: String(data.verificationUrl ?? \"\"),\n\t\t\t\ttoken: String(data.token ?? \"\"),\n\t\t\t};\n\t\tcase \"password-reset\":\n\t\t\treturn {\n\t\t\t\ttype: \"password-reset\",\n\t\t\t\tuserName: String(data.userName ?? \"\"),\n\t\t\t\tresetUrl: String(data.resetUrl ?? \"\"),\n\t\t\t\ttoken: String(data.token ?? \"\"),\n\t\t\t};\n\t\tcase \"magic-link\":\n\t\t\treturn {\n\t\t\t\ttype: \"magic-link\",\n\t\t\t\temail: String(data.email ?? \"\"),\n\t\t\t\tmagicLinkUrl: String(data.magicLinkUrl ?? \"\"),\n\t\t\t\ttoken: String(data.token ?? \"\"),\n\t\t\t};\n\t\tcase \"email-otp\":\n\t\t\treturn {\n\t\t\t\ttype: \"email-otp\",\n\t\t\t\temail: String(data.email ?? \"\"),\n\t\t\t\totp: String(data.otp ?? \"\"),\n\t\t\t};\n\t\tcase \"invitation\":\n\t\t\treturn {\n\t\t\t\ttype: \"invitation\",\n\t\t\t\temail: String(data.email ?? \"\"),\n\t\t\t\tinvitationId: String(data.invitationId ?? \"\"),\n\t\t\t\torganizationName: String(data.organizationName ?? \"\"),\n\t\t\t\tinviterName: String(data.inviterName ?? \"\"),\n\t\t\t\tacceptUrl: data.acceptUrl ? String(data.acceptUrl) : undefined,\n\t\t\t};\n\t\tcase \"welcome\":\n\t\t\treturn {\n\t\t\t\ttype: \"welcome\",\n\t\t\t\tuserName: String(data.userName ?? \"\"),\n\t\t\t\tdashboardUrl: data.dashboardUrl ? String(data.dashboardUrl) : undefined,\n\t\t\t};\n\t\tdefault:\n\t\t\treturn null;\n\t}\n}\n","function getAlphabet(urlSafe) {\n return urlSafe ? \"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_\" : \"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/\";\n}\nfunction base64Encode(data, alphabet, padding) {\n let result = \"\";\n let buffer = 0;\n let shift = 0;\n for (const byte of data) {\n buffer = buffer << 8 | byte;\n shift += 8;\n while (shift >= 6) {\n shift -= 6;\n result += alphabet[buffer >> shift & 63];\n }\n }\n if (shift > 0) {\n result += alphabet[buffer << 6 - shift & 63];\n }\n if (padding) {\n const padCount = (4 - result.length % 4) % 4;\n result += \"=\".repeat(padCount);\n }\n return result;\n}\nfunction base64Decode(data, alphabet) {\n const decodeMap = /* @__PURE__ */ new Map();\n for (let i = 0; i < alphabet.length; i++) {\n decodeMap.set(alphabet[i], i);\n }\n const result = [];\n let buffer = 0;\n let bitsCollected = 0;\n for (const char of data) {\n if (char === \"=\")\n break;\n const value = decodeMap.get(char);\n if (value === void 0) {\n throw new Error(`Invalid Base64 character: ${char}`);\n }\n buffer = buffer << 6 | value;\n bitsCollected += 6;\n if (bitsCollected >= 8) {\n bitsCollected -= 8;\n result.push(buffer >> bitsCollected & 255);\n }\n }\n return Uint8Array.from(result);\n}\nconst base64 = {\n encode(data, options = {}) {\n const alphabet = getAlphabet(false);\n const buffer = typeof data === \"string\" ? new TextEncoder().encode(data) : new Uint8Array(data);\n return base64Encode(buffer, alphabet, options.padding ?? true);\n },\n decode(data) {\n if (typeof data !== \"string\") {\n data = new TextDecoder().decode(data);\n }\n const urlSafe = data.includes(\"-\") || data.includes(\"_\");\n const alphabet = getAlphabet(urlSafe);\n return base64Decode(data, alphabet);\n }\n};\nconst base64Url = {\n encode(data, options = {}) {\n const alphabet = getAlphabet(true);\n const buffer = typeof data === \"string\" ? new TextEncoder().encode(data) : new Uint8Array(data);\n return base64Encode(buffer, alphabet, options.padding ?? true);\n },\n decode(data) {\n const urlSafe = data.includes(\"-\") || data.includes(\"_\");\n const alphabet = getAlphabet(urlSafe);\n return base64Decode(data, alphabet);\n }\n};\n\nexport { base64, base64Url };\n","import type { BetterAuthPlugin } from \"better-auth\";\nimport { createAuthEndpoint, sessionMiddleware } from \"better-auth/api\";\nimport { generateRandomString } from \"better-auth/crypto\";\nimport { base64Url } from \"@better-auth/utils/base64\";\nimport { defaultKeyHasher } from \"better-auth/plugins\";\nimport { z } from \"zod\";\nimport {\n\ttype PluginDBAdapter,\n\tgetProjectScope,\n\tprojectScopeSchema,\n\trequireAuthenticated,\n\trequireProjectPermission,\n} from \"./types\";\n\ntype ConnectionType = \"oidc\" | \"saml\";\ntype DirectoryProvider =\n\t| \"okta\"\n\t| \"azure_scim_v2\"\n\t| \"google_workspace\"\n\t| \"onelogin\"\n\t| \"jumpcloud\"\n\t| \"pingfederate\"\n\t| \"generic_scim_v2\";\n\ninterface OrganizationRow extends Record<string, unknown> {\n\tid: string;\n\tprojectId?: string | null;\n}\n\ninterface SSOProviderRow extends Record<string, unknown> {\n\tid: string;\n\tproviderId: string;\n\tissuer: string;\n\tdomain: string;\n\torganizationId?: string | null;\n\tprojectId?: string | null;\n\tname?: string | null;\n\toidcConfig?: string | null;\n\tsamlConfig?: string | null;\n\tproviderType?: string | null;\n\tactive?: boolean | null;\n\tdomainVerified?: boolean | null;\n\tuserId?: string | null;\n\tcreatedAt: number;\n\tupdatedAt: number;\n}\n\ninterface SCIMProviderRow extends Record<string, unknown> {\n\tid: string;\n\tproviderId: string;\n\tscimToken?: string | null;\n\ttokenHash?: string | null;\n\torganizationId?: string | null;\n\tprojectId?: string | null;\n\tname?: string | null;\n\tprovider?: string | null;\n\tendpointUrl?: string | null;\n\tactive?: boolean | null;\n\tlastSyncAt?: number | null;\n\tlastSyncStatus?: string | null;\n\tuserId?: string | null;\n\tcreatedAt: number;\n\tupdatedAt: number;\n}\n\ninterface AccountRow extends Record<string, unknown> {\n\tid: string;\n\tuserId: string;\n\taccountId: string;\n\tproviderId: string;\n}\n\ninterface UserRow extends Record<string, unknown> {\n\tid: string;\n\temail: string;\n\tname: string;\n\tbanned?: boolean | null;\n\tmetadata?: unknown;\n\tcreatedAt: number;\n\tupdatedAt: number;\n}\n\ninterface BetterAuthOidcConfig {\n\tissuer: string;\n\tpkce: boolean;\n\tclientId: string;\n\tclientSecret: string;\n\tdiscoveryEndpoint: string;\n\tauthorizationEndpoint?: string;\n\ttokenEndpoint?: string;\n\tuserInfoEndpoint?: string;\n\tjwksEndpoint?: string;\n\ttokenEndpointAuthentication?: \"client_secret_post\" | \"client_secret_basic\";\n\tscopes?: string[];\n\tmapping?: {\n\t\tid?: string;\n\t\temail?: string;\n\t\temailVerified?: string;\n\t\tname?: string;\n\t\timage?: string;\n\t\textraFields?: Record<string, string>;\n\t};\n}\n\ninterface BetterAuthSamlConfig {\n\tissuer: string;\n\tentryPoint: string;\n\tcert: string;\n\tcallbackUrl: string;\n\taudience?: string;\n\twantAssertionsSigned?: boolean;\n\tauthnRequestsSigned?: boolean;\n\tidentifierFormat?: string;\n\tmapping?: {\n\t\tid?: string;\n\t\temail?: string;\n\t\temailVerified?: string;\n\t\tname?: string;\n\t\tfirstName?: string;\n\t\tlastName?: string;\n\t\textraFields?: Record<string, string>;\n\t};\n\tspMetadata: {\n\t\tentityID?: string;\n\t};\n}\n\nconst oidcConfigSchema = z.object({\n\tissuer: z.string().url(),\n\tclientId: z.string().min(1),\n\tclientSecret: z.string().min(1),\n\tscopes: z.array(z.string()).optional(),\n\tdiscoveryUrl: z.string().url().optional(),\n\tauthorizationUrl: z.string().url().optional(),\n\ttokenUrl: z.string().url().optional(),\n\tuserinfoUrl: z.string().url().optional(),\n\tjwksUrl: z.string().url().optional(),\n\ttokenEndpointAuthMethod: z.enum([\"client_secret_post\", \"client_secret_basic\"]).optional(),\n\tclaimMapping: z.record(z.string(), z.string()).optional(),\n});\n\nconst samlConfigSchema = z.object({\n\tidpEntityId: z.string().min(1),\n\tidpSsoUrl: z.string().url(),\n\tidpCertificate: z.string().min(1),\n\tnameIdFormat: z.string().optional(),\n\tsignRequest: z.boolean().optional(),\n\tallowIdpInitiated: z.boolean().optional(),\n\tattributeMapping: z.record(z.string(), z.string()).optional(),\n\tspEntityId: z.string().optional(),\n\tspAcsUrl: z.string().url().optional(),\n});\n\nconst partialOidcConfigSchema = oidcConfigSchema.partial();\nconst partialSamlConfigSchema = samlConfigSchema.partial();\n\nconst createSsoProviderSchema = z\n\t.object({\n\t\torganizationId: z.string().min(1),\n\t\ttype: z.enum([\"oidc\", \"saml\"]),\n\t\tname: z.string().min(1),\n\t\tdomain: z.string().optional(),\n\t\tdomains: z.array(z.string()).optional(),\n\t\tactive: z.boolean().optional(),\n\t\toidcConfig: oidcConfigSchema.optional(),\n\t\tsamlConfig: samlConfigSchema.optional(),\n\t})\n\t.merge(projectScopeSchema);\n\nconst updateSsoProviderSchema = z\n\t.object({\n\t\tproviderId: z.string().min(1),\n\t\tname: z.string().min(1).optional(),\n\t\tdomain: z.string().optional(),\n\t\tdomains: z.array(z.string()).optional(),\n\t\tactive: z.boolean().optional(),\n\t\toidcConfig: oidcConfigSchema.partial().optional(),\n\t\tsamlConfig: samlConfigSchema.partial().optional(),\n\t})\n\t.merge(projectScopeSchema);\n\nconst listSsoProvidersSchema = z\n\t.object({\n\t\torganizationId: z.string().optional(),\n\t\tconnectionType: z.enum([\"oidc\", \"saml\"]).optional(),\n\t\tlimit: z.number().optional(),\n\t})\n\t.merge(projectScopeSchema);\n\nconst getSsoProviderSchema = z\n\t.object({\n\t\tproviderId: z.string().min(1),\n\t})\n\t.merge(projectScopeSchema);\n\nconst deleteSsoProviderSchema = getSsoProviderSchema;\n\nconst createDirectorySchema = z\n\t.object({\n\t\torganizationId: z.string().min(1),\n\t\tname: z.string().min(1),\n\t\tprovider: z.enum([\n\t\t\t\"okta\",\n\t\t\t\"azure_scim_v2\",\n\t\t\t\"google_workspace\",\n\t\t\t\"onelogin\",\n\t\t\t\"jumpcloud\",\n\t\t\t\"pingfederate\",\n\t\t\t\"generic_scim_v2\",\n\t\t]),\n\t})\n\t.merge(projectScopeSchema);\n\nconst listDirectoriesSchema = z\n\t.object({\n\t\torganizationId: z.string().optional(),\n\t\tlimit: z.number().optional(),\n\t})\n\t.merge(projectScopeSchema);\n\nconst getDirectorySchema = z\n\t.object({\n\t\tproviderId: z.string().min(1),\n\t})\n\t.merge(projectScopeSchema);\n\nconst deleteDirectorySchema = getDirectorySchema;\n\nconst listDirectoryUsersSchema = z\n\t.object({\n\t\tproviderId: z.string().min(1),\n\t\tstate: z.enum([\"active\", \"suspended\", \"deprovisioned\"]).optional(),\n\t\tlimit: z.number().optional(),\n\t})\n\t.merge(projectScopeSchema);\n\nconst getDirectoryUserSchema = z\n\t.object({\n\t\tproviderId: z.string().optional(),\n\t\tuserId: z.string().min(1),\n\t})\n\t.merge(projectScopeSchema);\n\nconst listDirectoryGroupsSchema = getDirectorySchema.extend({\n\tlimit: z.number().optional(),\n});\n\nconst getDirectoryGroupSchema = z\n\t.object({\n\t\tgroupId: z.string().min(1),\n\t})\n\t.merge(projectScopeSchema);\n\nfunction randomId(prefix: string) {\n\treturn `${prefix}_${crypto.randomUUID().replace(/-/g, \"\")}`;\n}\n\nfunction parseJson<T>(value: unknown): T | null {\n\tif (typeof value !== \"string\" || value.length === 0) return null;\n\ttry {\n\t\treturn JSON.parse(value) as T;\n\t} catch {\n\t\treturn null;\n\t}\n}\n\nfunction normalizeDomains(domains?: string[], domain?: string): string[] {\n\tconst values = [...(domains ?? []), ...(domain ? [domain] : [])]\n\t\t.map((value) => value.trim().toLowerCase())\n\t\t.filter((value) => value.length > 0);\n\treturn Array.from(new Set(values));\n}\n\nfunction defaultOidcDiscoveryUrl(issuer: string): string {\n\treturn `${issuer.replace(/\\/$/, \"\")}/.well-known/openid-configuration`;\n}\n\nfunction buildOidcConfig(input: z.infer<typeof oidcConfigSchema>): BetterAuthOidcConfig {\n\treturn {\n\t\tissuer: input.issuer,\n\t\tpkce: true,\n\t\tclientId: input.clientId,\n\t\tclientSecret: input.clientSecret,\n\t\tdiscoveryEndpoint: input.discoveryUrl ?? defaultOidcDiscoveryUrl(input.issuer),\n\t\tauthorizationEndpoint: input.authorizationUrl,\n\t\ttokenEndpoint: input.tokenUrl,\n\t\tuserInfoEndpoint: input.userinfoUrl,\n\t\tjwksEndpoint: input.jwksUrl,\n\t\ttokenEndpointAuthentication: input.tokenEndpointAuthMethod ?? \"client_secret_post\",\n\t\tscopes: input.scopes,\n\t\tmapping: input.claimMapping\n\t\t\t? {\n\t\t\t\t\tid: input.claimMapping.id,\n\t\t\t\t\temail: input.claimMapping.email,\n\t\t\t\t\temailVerified: input.claimMapping.emailVerified,\n\t\t\t\t\tname: input.claimMapping.name,\n\t\t\t\t\timage: input.claimMapping.image,\n\t\t\t\t\textraFields: input.claimMapping,\n\t\t\t\t}\n\t\t\t: undefined,\n\t};\n}\n\nfunction mergeOidcConfig(\n\tcurrent: BetterAuthOidcConfig | null,\n\tpartial: z.infer<typeof partialOidcConfigSchema>,\n): BetterAuthOidcConfig {\n\tconst issuer = partial.issuer ?? current?.issuer;\n\tif (!issuer) {\n\t\tthrow new Error(\"OIDC issuer is required\");\n\t}\n\treturn {\n\t\tissuer,\n\t\tpkce: true,\n\t\tclientId: partial.clientId ?? current?.clientId ?? \"\",\n\t\tclientSecret: partial.clientSecret ?? current?.clientSecret ?? \"\",\n\t\tdiscoveryEndpoint:\n\t\t\tpartial.discoveryUrl ??\n\t\t\tcurrent?.discoveryEndpoint ??\n\t\t\tdefaultOidcDiscoveryUrl(issuer),\n\t\tauthorizationEndpoint: partial.authorizationUrl ?? current?.authorizationEndpoint,\n\t\ttokenEndpoint: partial.tokenUrl ?? current?.tokenEndpoint,\n\t\tuserInfoEndpoint: partial.userinfoUrl ?? current?.userInfoEndpoint,\n\t\tjwksEndpoint: partial.jwksUrl ?? current?.jwksEndpoint,\n\t\ttokenEndpointAuthentication:\n\t\t\tpartial.tokenEndpointAuthMethod ??\n\t\t\tcurrent?.tokenEndpointAuthentication ??\n\t\t\t\"client_secret_post\",\n\t\tscopes: partial.scopes ?? current?.scopes,\n\t\tmapping:\n\t\t\tpartial.claimMapping != null\n\t\t\t\t? {\n\t\t\t\t\t\tid: partial.claimMapping.id,\n\t\t\t\t\t\temail: partial.claimMapping.email,\n\t\t\t\t\t\temailVerified: partial.claimMapping.emailVerified,\n\t\t\t\t\t\tname: partial.claimMapping.name,\n\t\t\t\t\t\timage: partial.claimMapping.image,\n\t\t\t\t\t\textraFields: partial.claimMapping,\n\t\t\t\t\t}\n\t\t\t\t: current?.mapping,\n\t};\n}\n\nfunction buildSamlConfig(\n\tinput: z.infer<typeof samlConfigSchema>,\n\tproviderId: string,\n\tbaseURL: string,\n): BetterAuthSamlConfig {\n\treturn {\n\t\tissuer: input.idpEntityId,\n\t\tentryPoint: input.idpSsoUrl,\n\t\tcert: input.idpCertificate,\n\t\tcallbackUrl: input.spAcsUrl ?? `${baseURL}/sso/saml2/sp/acs/${providerId}`,\n\t\taudience: input.spEntityId,\n\t\twantAssertionsSigned: true,\n\t\tauthnRequestsSigned: input.signRequest ?? false,\n\t\tidentifierFormat: input.nameIdFormat,\n\t\tmapping: input.attributeMapping\n\t\t\t? {\n\t\t\t\t\tid: input.attributeMapping.id,\n\t\t\t\t\temail: input.attributeMapping.email,\n\t\t\t\t\temailVerified: input.attributeMapping.emailVerified,\n\t\t\t\t\tname: input.attributeMapping.name,\n\t\t\t\t\tfirstName: input.attributeMapping.firstName,\n\t\t\t\t\tlastName: input.attributeMapping.lastName,\n\t\t\t\t\textraFields: input.attributeMapping,\n\t\t\t\t}\n\t\t\t: undefined,\n\t\tspMetadata: {\n\t\t\tentityID: input.spEntityId,\n\t\t},\n\t};\n}\n\nfunction mergeSamlConfig(\n\tcurrent: BetterAuthSamlConfig | null,\n\tpartial: z.infer<typeof partialSamlConfigSchema>,\n\tproviderId: string,\n\tbaseURL: string,\n): BetterAuthSamlConfig {\n\tconst issuer = partial.idpEntityId ?? current?.issuer;\n\tconst entryPoint = partial.idpSsoUrl ?? current?.entryPoint;\n\tconst cert = partial.idpCertificate ?? current?.cert;\n\tif (!issuer || !entryPoint || !cert) {\n\t\tthrow new Error(\"SAML issuer, entry point, and certificate are required\");\n\t}\n\treturn {\n\t\tissuer,\n\t\tentryPoint,\n\t\tcert,\n\t\tcallbackUrl:\n\t\t\tpartial.spAcsUrl ??\n\t\t\tcurrent?.callbackUrl ??\n\t\t\t`${baseURL}/sso/saml2/sp/acs/${providerId}`,\n\t\taudience: partial.spEntityId ?? current?.audience,\n\t\twantAssertionsSigned: current?.wantAssertionsSigned ?? true,\n\t\tauthnRequestsSigned: partial.signRequest ?? current?.authnRequestsSigned ?? false,\n\t\tidentifierFormat: partial.nameIdFormat ?? current?.identifierFormat,\n\t\tmapping:\n\t\t\tpartial.attributeMapping != null\n\t\t\t\t? {\n\t\t\t\t\t\tid: partial.attributeMapping.id,\n\t\t\t\t\t\temail: partial.attributeMapping.email,\n\t\t\t\t\t\temailVerified: partial.attributeMapping.emailVerified,\n\t\t\t\t\t\tname: partial.attributeMapping.name,\n\t\t\t\t\t\tfirstName: partial.attributeMapping.firstName,\n\t\t\t\t\t\tlastName: partial.attributeMapping.lastName,\n\t\t\t\t\t\textraFields: partial.attributeMapping,\n\t\t\t\t\t}\n\t\t\t\t: current?.mapping,\n\t\tspMetadata: {\n\t\t\tentityID: partial.spEntityId ?? current?.spMetadata?.entityID,\n\t\t},\n\t};\n}\n\nfunction serializeConnection(row: SSOProviderRow, baseURL: string) {\n\tconst oidcConfig = parseJson<BetterAuthOidcConfig>(row.oidcConfig);\n\tconst samlConfig = parseJson<BetterAuthSamlConfig>(row.samlConfig);\n\tconst type = (row.providerType === \"saml\"\n\t\t? \"saml\"\n\t\t: row.providerType === \"oidc\"\n\t\t\t? \"oidc\"\n\t\t\t: samlConfig\n\t\t\t\t? \"saml\"\n\t\t\t\t: \"oidc\") as ConnectionType;\n\treturn {\n\t\tid: row.providerId,\n\t\tproviderId: row.providerId,\n\t\tprojectId: row.projectId ?? null,\n\t\torganizationId: row.organizationId ?? null,\n\t\ttype,\n\t\tname: row.name ?? row.providerId,\n\t\tdomain: row.domain,\n\t\tdomains: row.domain?.split(\",\").map((value) => value.trim()).filter(Boolean) ?? [],\n\t\tactive: row.active !== false,\n\t\tstate: row.active === false ? \"inactive\" : \"active\",\n\t\tdomainVerified: row.domainVerified === true,\n\t\tcreatedAt: row.createdAt,\n\t\tupdatedAt: row.updatedAt,\n\t\toidcConfig:\n\t\t\ttype === \"oidc\" && oidcConfig\n\t\t\t\t? {\n\t\t\t\t\t\tissuer: oidcConfig.issuer,\n\t\t\t\t\t\tclientId: oidcConfig.clientId,\n\t\t\t\t\t\tscopes: oidcConfig.scopes ?? [],\n\t\t\t\t\t\tdiscoveryUrl: oidcConfig.discoveryEndpoint,\n\t\t\t\t\t\tauthorizationUrl: oidcConfig.authorizationEndpoint,\n\t\t\t\t\t\ttokenUrl: oidcConfig.tokenEndpoint,\n\t\t\t\t\t\tuserinfoUrl: oidcConfig.userInfoEndpoint,\n\t\t\t\t\t\tjwksUrl: oidcConfig.jwksEndpoint,\n\t\t\t\t\t\ttokenEndpointAuthMethod: oidcConfig.tokenEndpointAuthentication,\n\t\t\t\t\t}\n\t\t\t\t: null,\n\t\tsamlConfig:\n\t\t\ttype === \"saml\" && samlConfig\n\t\t\t\t? {\n\t\t\t\t\t\tidpEntityId: samlConfig.issuer,\n\t\t\t\t\t\tidpSsoUrl: samlConfig.entryPoint,\n\t\t\t\t\t\tidpCertificate: samlConfig.cert,\n\t\t\t\t\t\tnameIdFormat: samlConfig.identifierFormat ?? null,\n\t\t\t\t\t\tsignRequest: samlConfig.authnRequestsSigned ?? false,\n\t\t\t\t\t\tspEntityId: samlConfig.spMetadata.entityID ?? null,\n\t\t\t\t\t\tspAcsUrl: samlConfig.callbackUrl,\n\t\t\t\t\t}\n\t\t\t\t: null,\n\t\tspMetadataUrl: `${baseURL}/sso/saml2/sp/metadata?providerId=${encodeURIComponent(row.providerId)}`,\n\t};\n}\n\nfunction serializeDirectory(\n\trow: SCIMProviderRow,\n\tuserCount: number,\n\toverride?: { bearerToken?: string },\n) {\n\treturn {\n\t\tid: row.providerId,\n\t\tproviderId: row.providerId,\n\t\tprojectId: row.projectId ?? null,\n\t\torganizationId: row.organizationId ?? null,\n\t\ttype: \"scim\" as const,\n\t\tstate: row.active === false ? \"unlinked\" : \"linked\",\n\t\tname: row.name ?? row.providerId,\n\t\tprovider: (row.provider ?? \"generic_scim_v2\") as DirectoryProvider,\n\t\tuserCount,\n\t\tgroupCount: 0,\n\t\tlastSyncAt: row.lastSyncAt ?? null,\n\t\tlastSyncStatus:\n\t\t\trow.lastSyncStatus === \"success\" ||\n\t\t\trow.lastSyncStatus === \"partial\" ||\n\t\t\trow.lastSyncStatus === \"failed\"\n\t\t\t\t? row.lastSyncStatus\n\t\t\t\t: null,\n\t\tcreatedAt: row.createdAt,\n\t\tupdatedAt: row.updatedAt,\n\t\tscimConfig:\n\t\t\toverride?.bearerToken != null\n\t\t\t\t? {\n\t\t\t\t\t\tbaseUrl: row.endpointUrl ?? \"\",\n\t\t\t\t\t\tbearerToken: override.bearerToken,\n\t\t\t\t\t}\n\t\t\t\t: undefined,\n\t};\n}\n\nfunction splitName(name: string) {\n\tconst trimmed = name.trim();\n\tif (!trimmed) return { givenName: \"\", familyName: \"\" };\n\tconst [givenName, ...rest] = trimmed.split(/\\s+/);\n\treturn { givenName, familyName: rest.join(\" \") };\n}\n\nfunction serializeDirectoryUser(\n\tdirectory: SCIMProviderRow,\n\tuser: UserRow,\n\taccount: AccountRow,\n) {\n\tconst name = splitName(user.name);\n\treturn {\n\t\tid: user.id,\n\t\tdirectoryId: directory.providerId,\n\t\torganizationId: directory.organizationId ?? null,\n\t\tuserId: user.id,\n\t\texternalId: account.accountId,\n\t\tuserName: user.email,\n\t\temails: [{ value: user.email, type: \"work\", primary: true }],\n\t\tname: {\n\t\t\tgivenName: name.givenName,\n\t\t\tfamilyName: name.familyName,\n\t\t\tformatted: user.name,\n\t\t},\n\t\tdisplayName: user.name,\n\t\tactive: user.banned !== true,\n\t\ttitle: null,\n\t\tdepartment: null,\n\t\tgroups: [],\n\t\tstate: user.banned === true ? \"suspended\" : \"active\",\n\t\tcreatedAt: user.createdAt,\n\t\tupdatedAt: user.updatedAt,\n\t};\n}\n\nasync function ensureOrganizationInProject(\n\tctx: any,\n\tdb: PluginDBAdapter,\n\torganizationId: string,\n\tprojectId: string,\n) {\n\tconst organization = await db.findOne<OrganizationRow>({\n\t\tmodel: \"organization\",\n\t\twhere: [\n\t\t\t{ field: \"id\", value: organizationId },\n\t\t\t{ field: \"projectId\", value: projectId },\n\t\t],\n\t});\n\tif (!organization) {\n\t\tthrow ctx.error(\"BAD_REQUEST\", {\n\t\t\tmessage: \"Organization not found in the requested project\",\n\t\t});\n\t}\n}\n\nasync function findSsoProvider(\n\tdb: PluginDBAdapter,\n\tproviderId: string,\n\tprojectId: string,\n) {\n\treturn db.findOne<SSOProviderRow>({\n\t\tmodel: \"ssoProvider\",\n\t\twhere: [\n\t\t\t{ field: \"providerId\", value: providerId },\n\t\t\t{ field: \"projectId\", value: projectId },\n\t\t],\n\t});\n}\n\nasync function findDirectory(\n\tdb: PluginDBAdapter,\n\tproviderId: string,\n\tprojectId: string,\n) {\n\treturn db.findOne<SCIMProviderRow>({\n\t\tmodel: \"scimProvider\",\n\t\twhere: [\n\t\t\t{ field: \"providerId\", value: providerId },\n\t\t\t{ field: \"projectId\", value: projectId },\n\t\t],\n\t});\n}\n\nasync function countDirectoryUsers(db: PluginDBAdapter, providerId: string) {\n\treturn db.count({\n\t\tmodel: \"account\",\n\t\twhere: [{ field: \"providerId\", value: providerId }],\n\t});\n}\n\nexport function enterpriseProvisioningPlugin(): BetterAuthPlugin {\n\treturn {\n\t\tid: \"banata-enterprise\",\n\t\tendpoints: {\n\t\t\tlistSsoProviders: createAuthEndpoint(\n\t\t\t\t\"/banata/sso/list-providers\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\n\t\t\t\t\tbody: listSsoProvidersSchema,\n\t\t\t\t\tuse: [sessionMiddleware],\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst { projectId, where } = getProjectScope(ctx.body);\n\t\t\t\t\tawait requireProjectPermission(ctx, {\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tprojectId,\n\t\t\t\t\t\tpermission: \"sso.read\",\n\t\t\t\t\t});\n\n\t\t\t\t\tconst rows = await db.findMany<SSOProviderRow>({\n\t\t\t\t\t\tmodel: \"ssoProvider\",\n\t\t\t\t\t\twhere: [\n\t\t\t\t\t\t\t...where,\n\t\t\t\t\t\t\t...(ctx.body.organizationId\n\t\t\t\t\t\t\t\t? [{ field: \"organizationId\", value: ctx.body.organizationId }]\n\t\t\t\t\t\t\t\t: []),\n\t\t\t\t\t\t\t...(ctx.body.connectionType\n\t\t\t\t\t\t\t\t? [{ field: \"providerType\", value: ctx.body.connectionType }]\n\t\t\t\t\t\t\t\t: []),\n\t\t\t\t\t\t],\n\t\t\t\t\t\tlimit: Math.min(ctx.body.limit ?? 100, 100),\n\t\t\t\t\t});\n\t\t\t\t\tconst data = rows.map((row) => serializeConnection(row, ctx.context.baseURL));\n\t\t\t\t\treturn ctx.json({ data, connections: data });\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tgetSsoProvider: createAuthEndpoint(\n\t\t\t\t\"/banata/sso/get-provider\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\n\t\t\t\t\tbody: getSsoProviderSchema,\n\t\t\t\t\tuse: [sessionMiddleware],\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst { projectId } = getProjectScope(ctx.body);\n\t\t\t\t\tawait requireProjectPermission(ctx, {\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tprojectId,\n\t\t\t\t\t\tpermission: \"sso.read\",\n\t\t\t\t\t});\n\n\t\t\t\t\tconst row = await findSsoProvider(db, ctx.body.providerId, projectId!);\n\t\t\t\t\tif (!row) {\n\t\t\t\t\t\tthrow ctx.error(\"NOT_FOUND\", { message: \"SSO provider not found\" });\n\t\t\t\t\t}\n\t\t\t\t\treturn ctx.json(serializeConnection(row, ctx.context.baseURL));\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tregisterSsoProvider: createAuthEndpoint(\n\t\t\t\t\"/banata/sso/register\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\n\t\t\t\t\tbody: createSsoProviderSchema,\n\t\t\t\t\tuse: [sessionMiddleware],\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst { user } = requireAuthenticated(ctx);\n\t\t\t\t\tconst { projectId } = getProjectScope(ctx.body);\n\t\t\t\t\tawait requireProjectPermission(ctx, {\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tprojectId,\n\t\t\t\t\t\tpermission: \"sso.manage\",\n\t\t\t\t\t});\n\t\t\t\t\tawait ensureOrganizationInProject(ctx, db, ctx.body.organizationId, projectId!);\n\n\t\t\t\t\tconst domains = normalizeDomains(ctx.body.domains, ctx.body.domain);\n\t\t\t\t\tif (domains.length === 0) {\n\t\t\t\t\t\tthrow ctx.error(\"BAD_REQUEST\", { message: \"At least one routing domain is required\" });\n\t\t\t\t\t}\n\n\t\t\t\t\tconst providerId = randomId(\"sso\");\n\t\t\t\t\tconst now = Date.now();\n\t\t\t\t\tlet oidcConfig: BetterAuthOidcConfig | null = null;\n\t\t\t\t\tlet samlConfig: BetterAuthSamlConfig | null = null;\n\t\t\t\t\tif (ctx.body.type === \"oidc\") {\n\t\t\t\t\t\tif (!ctx.body.oidcConfig) {\n\t\t\t\t\t\t\tthrow ctx.error(\"BAD_REQUEST\", { message: \"OIDC config is required\" });\n\t\t\t\t\t\t}\n\t\t\t\t\t\toidcConfig = buildOidcConfig(ctx.body.oidcConfig);\n\t\t\t\t\t} else {\n\t\t\t\t\t\tif (!ctx.body.samlConfig) {\n\t\t\t\t\t\t\tthrow ctx.error(\"BAD_REQUEST\", { message: \"SAML config is required\" });\n\t\t\t\t\t\t}\n\t\t\t\t\t\tsamlConfig = buildSamlConfig(ctx.body.samlConfig, providerId, ctx.context.baseURL);\n\t\t\t\t\t}\n\n\t\t\t\t\tconst row = await db.create<SSOProviderRow>({\n\t\t\t\t\t\tmodel: \"ssoProvider\",\n\t\t\t\t\t\tdata: {\n\t\t\t\t\t\t\tproviderId,\n\t\t\t\t\t\t\tprojectId,\n\t\t\t\t\t\t\torganizationId: ctx.body.organizationId,\n\t\t\t\t\t\t\tname: ctx.body.name,\n\t\t\t\t\t\t\tissuer: oidcConfig?.issuer ?? samlConfig?.issuer ?? providerId,\n\t\t\t\t\t\t\tdomain: domains.join(\",\"),\n\t\t\t\t\t\t\tproviderType: ctx.body.type,\n\t\t\t\t\t\t\tactive: ctx.body.active ?? true,\n\t\t\t\t\t\t\tdomainVerified: false,\n\t\t\t\t\t\t\toidcConfig: oidcConfig ? JSON.stringify(oidcConfig) : null,\n\t\t\t\t\t\t\tsamlConfig: samlConfig ? JSON.stringify(samlConfig) : null,\n\t\t\t\t\t\t\tuserId: user.id,\n\t\t\t\t\t\t\tcreatedAt: now,\n\t\t\t\t\t\t\tupdatedAt: now,\n\t\t\t\t\t\t},\n\t\t\t\t\t});\n\n\t\t\t\t\treturn ctx.json(serializeConnection(row, ctx.context.baseURL));\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tupdateSsoProvider: createAuthEndpoint(\n\t\t\t\t\"/banata/sso/update-provider\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\n\t\t\t\t\tbody: updateSsoProviderSchema,\n\t\t\t\t\tuse: [sessionMiddleware],\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst { projectId } = getProjectScope(ctx.body);\n\t\t\t\t\tawait requireProjectPermission(ctx, {\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tprojectId,\n\t\t\t\t\t\tpermission: \"sso.manage\",\n\t\t\t\t\t});\n\n\t\t\t\t\tconst current = await findSsoProvider(db, ctx.body.providerId, projectId!);\n\t\t\t\t\tif (!current) {\n\t\t\t\t\t\tthrow ctx.error(\"NOT_FOUND\", { message: \"SSO provider not found\" });\n\t\t\t\t\t}\n\n\t\t\t\t\tconst update: Record<string, unknown> = {\n\t\t\t\t\t\tupdatedAt: Date.now(),\n\t\t\t\t\t};\n\t\t\t\t\tif (ctx.body.name !== undefined) update.name = ctx.body.name;\n\t\t\t\t\tif (ctx.body.active !== undefined) update.active = ctx.body.active;\n\t\t\t\t\tif (ctx.body.domains !== undefined || ctx.body.domain !== undefined) {\n\t\t\t\t\t\tconst domains = normalizeDomains(ctx.body.domains, ctx.body.domain);\n\t\t\t\t\t\tif (domains.length === 0) {\n\t\t\t\t\t\t\tthrow ctx.error(\"BAD_REQUEST\", { message: \"At least one routing domain is required\" });\n\t\t\t\t\t\t}\n\t\t\t\t\t\tupdate.domain = domains.join(\",\");\n\t\t\t\t\t\tupdate.domainVerified = false;\n\t\t\t\t\t}\n\n\t\t\t\t\tif (ctx.body.oidcConfig) {\n\t\t\t\t\t\tconst merged = mergeOidcConfig(\n\t\t\t\t\t\t\tparseJson<BetterAuthOidcConfig>(current.oidcConfig),\n\t\t\t\t\t\t\tctx.body.oidcConfig,\n\t\t\t\t\t\t);\n\t\t\t\t\t\tupdate.issuer = merged.issuer;\n\t\t\t\t\t\tupdate.providerType = \"oidc\";\n\t\t\t\t\t\tupdate.oidcConfig = JSON.stringify(merged);\n\t\t\t\t\t\tupdate.samlConfig = null;\n\t\t\t\t\t}\n\n\t\t\t\t\tif (ctx.body.samlConfig) {\n\t\t\t\t\t\tconst merged = mergeSamlConfig(\n\t\t\t\t\t\t\tparseJson<BetterAuthSamlConfig>(current.samlConfig),\n\t\t\t\t\t\t\tctx.body.samlConfig,\n\t\t\t\t\t\t\tcurrent.providerId,\n\t\t\t\t\t\t\tctx.context.baseURL,\n\t\t\t\t\t\t);\n\t\t\t\t\t\tupdate.issuer = merged.issuer;\n\t\t\t\t\t\tupdate.providerType = \"saml\";\n\t\t\t\t\t\tupdate.samlConfig = JSON.stringify(merged);\n\t\t\t\t\t\tupdate.oidcConfig = null;\n\t\t\t\t\t}\n\n\t\t\t\t\tconst updated = await db.update<SSOProviderRow>({\n\t\t\t\t\t\tmodel: \"ssoProvider\",\n\t\t\t\t\t\twhere: [\n\t\t\t\t\t\t\t{ field: \"providerId\", value: ctx.body.providerId },\n\t\t\t\t\t\t\t{ field: \"projectId\", value: projectId! },\n\t\t\t\t\t\t],\n\t\t\t\t\t\tupdate,\n\t\t\t\t\t});\n\t\t\t\t\tif (!updated) {\n\t\t\t\t\t\tthrow ctx.error(\"NOT_FOUND\", { message: \"SSO provider not found\" });\n\t\t\t\t\t}\n\t\t\t\t\treturn ctx.json(serializeConnection(updated, ctx.context.baseURL));\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tdeleteSsoProvider: createAuthEndpoint(\n\t\t\t\t\"/banata/sso/delete-provider\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\n\t\t\t\t\tbody: deleteSsoProviderSchema,\n\t\t\t\t\tuse: [sessionMiddleware],\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst { projectId } = getProjectScope(ctx.body);\n\t\t\t\t\tawait requireProjectPermission(ctx, {\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tprojectId,\n\t\t\t\t\t\tpermission: \"sso.manage\",\n\t\t\t\t\t});\n\t\t\t\t\tawait db.delete({\n\t\t\t\t\t\tmodel: \"ssoProvider\",\n\t\t\t\t\t\twhere: [\n\t\t\t\t\t\t\t{ field: \"providerId\", value: ctx.body.providerId },\n\t\t\t\t\t\t\t{ field: \"projectId\", value: projectId! },\n\t\t\t\t\t\t],\n\t\t\t\t\t});\n\t\t\t\t\treturn ctx.json({ success: true });\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tlistDirectories: createAuthEndpoint(\n\t\t\t\t\"/banata/scim/list-providers\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\n\t\t\t\t\tbody: listDirectoriesSchema,\n\t\t\t\t\tuse: [sessionMiddleware],\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst { projectId, where } = getProjectScope(ctx.body);\n\t\t\t\t\tawait requireProjectPermission(ctx, {\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tprojectId,\n\t\t\t\t\t\tpermission: \"directory.read\",\n\t\t\t\t\t});\n\n\t\t\t\t\tconst rows = await db.findMany<SCIMProviderRow>({\n\t\t\t\t\t\tmodel: \"scimProvider\",\n\t\t\t\t\t\twhere: [\n\t\t\t\t\t\t\t...where,\n\t\t\t\t\t\t\t...(ctx.body.organizationId\n\t\t\t\t\t\t\t\t? [{ field: \"organizationId\", value: ctx.body.organizationId }]\n\t\t\t\t\t\t\t\t: []),\n\t\t\t\t\t\t],\n\t\t\t\t\t\tlimit: Math.min(ctx.body.limit ?? 100, 100),\n\t\t\t\t\t});\n\t\t\t\t\tconst data = await Promise.all(\n\t\t\t\t\t\trows.map(async (row) =>\n\t\t\t\t\t\t\tserializeDirectory(row, await countDirectoryUsers(db, row.providerId)),\n\t\t\t\t\t\t),\n\t\t\t\t\t);\n\t\t\t\t\treturn ctx.json({ data, directories: data });\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tgetDirectory: createAuthEndpoint(\n\t\t\t\t\"/banata/scim/get-provider\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\n\t\t\t\t\tbody: getDirectorySchema,\n\t\t\t\t\tuse: [sessionMiddleware],\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst { projectId } = getProjectScope(ctx.body);\n\t\t\t\t\tawait requireProjectPermission(ctx, {\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tprojectId,\n\t\t\t\t\t\tpermission: \"directory.read\",\n\t\t\t\t\t});\n\t\t\t\t\tconst row = await findDirectory(db, ctx.body.providerId, projectId!);\n\t\t\t\t\tif (!row) {\n\t\t\t\t\t\tthrow ctx.error(\"NOT_FOUND\", { message: \"SCIM directory not found\" });\n\t\t\t\t\t}\n\t\t\t\t\treturn ctx.json(\n\t\t\t\t\t\tserializeDirectory(row, await countDirectoryUsers(db, row.providerId)),\n\t\t\t\t\t);\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tregisterDirectory: createAuthEndpoint(\n\t\t\t\t\"/banata/scim/register\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\n\t\t\t\t\tbody: createDirectorySchema,\n\t\t\t\t\tuse: [sessionMiddleware],\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst { user } = requireAuthenticated(ctx);\n\t\t\t\t\tconst { projectId } = getProjectScope(ctx.body);\n\t\t\t\t\tawait requireProjectPermission(ctx, {\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tprojectId,\n\t\t\t\t\t\tpermission: \"directory.manage\",\n\t\t\t\t\t});\n\t\t\t\t\tawait ensureOrganizationInProject(ctx, db, ctx.body.organizationId, projectId!);\n\n\t\t\t\t\tconst existing = await db.findOne<SCIMProviderRow>({\n\t\t\t\t\t\tmodel: \"scimProvider\",\n\t\t\t\t\t\twhere: [\n\t\t\t\t\t\t\t{ field: \"organizationId\", value: ctx.body.organizationId },\n\t\t\t\t\t\t\t{ field: \"projectId\", value: projectId! },\n\t\t\t\t\t\t],\n\t\t\t\t\t});\n\t\t\t\t\tconst providerId = existing?.providerId ?? randomId(\"dir\");\n\t\t\t\t\tconst now = Date.now();\n\t\t\t\t\tconst baseToken = generateRandomString(24);\n\t\t\t\t\tconst bearerToken = base64Url.encode(\n\t\t\t\t\t\t`${baseToken}:${providerId}:${ctx.body.organizationId}`,\n\t\t\t\t\t);\n\t\t\t\t\tconst storedToken = await defaultKeyHasher(baseToken);\n\t\t\t\t\tconst endpointUrl = `${ctx.context.baseURL}/scim/v2`;\n\t\t\t\t\tconst directoryData = {\n\t\t\t\t\t\tproviderId,\n\t\t\t\t\t\tprojectId,\n\t\t\t\t\t\torganizationId: ctx.body.organizationId,\n\t\t\t\t\t\tname: ctx.body.name,\n\t\t\t\t\t\tprovider: ctx.body.provider,\n\t\t\t\t\t\tscimToken: storedToken,\n\t\t\t\t\t\ttokenHash: storedToken,\n\t\t\t\t\t\tendpointUrl,\n\t\t\t\t\t\tactive: true,\n\t\t\t\t\t\tuserId: user.id,\n\t\t\t\t\t\tlastSyncAt: existing?.lastSyncAt ?? null,\n\t\t\t\t\t\tlastSyncStatus: existing?.lastSyncStatus ?? null,\n\t\t\t\t\t\tupdatedAt: now,\n\t\t\t\t\t};\n\n\t\t\t\t\tconst row = existing\n\t\t\t\t\t\t? await db.update<SCIMProviderRow>({\n\t\t\t\t\t\t\t\tmodel: \"scimProvider\",\n\t\t\t\t\t\t\t\twhere: [\n\t\t\t\t\t\t\t\t\t{ field: \"providerId\", value: providerId },\n\t\t\t\t\t\t\t\t\t{ field: \"projectId\", value: projectId! },\n\t\t\t\t\t\t\t\t],\n\t\t\t\t\t\t\t\tupdate: directoryData,\n\t\t\t\t\t\t\t})\n\t\t\t\t\t\t: await db.create<SCIMProviderRow>({\n\t\t\t\t\t\t\t\tmodel: \"scimProvider\",\n\t\t\t\t\t\t\t\tdata: {\n\t\t\t\t\t\t\t\t\t...directoryData,\n\t\t\t\t\t\t\t\t\tcreatedAt: now,\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t});\n\t\t\t\t\tif (!row) {\n\t\t\t\t\t\tthrow ctx.error(\"INTERNAL_SERVER_ERROR\", {\n\t\t\t\t\t\t\tmessage: \"Failed to create SCIM directory\",\n\t\t\t\t\t\t});\n\t\t\t\t\t}\n\t\t\t\t\treturn ctx.json(\n\t\t\t\t\t\tserializeDirectory(row, await countDirectoryUsers(db, row.providerId), {\n\t\t\t\t\t\t\tbearerToken,\n\t\t\t\t\t\t}),\n\t\t\t\t\t);\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tdeleteDirectory: createAuthEndpoint(\n\t\t\t\t\"/banata/scim/delete-provider\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\n\t\t\t\t\tbody: deleteDirectorySchema,\n\t\t\t\t\tuse: [sessionMiddleware],\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst { projectId } = getProjectScope(ctx.body);\n\t\t\t\t\tawait requireProjectPermission(ctx, {\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tprojectId,\n\t\t\t\t\t\tpermission: \"directory.manage\",\n\t\t\t\t\t});\n\t\t\t\t\tawait db.delete({\n\t\t\t\t\t\tmodel: \"scimProvider\",\n\t\t\t\t\t\twhere: [\n\t\t\t\t\t\t\t{ field: \"providerId\", value: ctx.body.providerId },\n\t\t\t\t\t\t\t{ field: \"projectId\", value: projectId! },\n\t\t\t\t\t\t],\n\t\t\t\t\t});\n\t\t\t\t\treturn ctx.json({ success: true });\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tlistDirectoryUsers: createAuthEndpoint(\n\t\t\t\t\"/banata/scim/list-users\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\n\t\t\t\t\tbody: listDirectoryUsersSchema,\n\t\t\t\t\tuse: [sessionMiddleware],\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst { projectId } = getProjectScope(ctx.body);\n\t\t\t\t\tawait requireProjectPermission(ctx, {\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tprojectId,\n\t\t\t\t\t\tpermission: \"directory.read\",\n\t\t\t\t\t});\n\t\t\t\t\tconst directory = await findDirectory(db, ctx.body.providerId, projectId!);\n\t\t\t\t\tif (!directory) {\n\t\t\t\t\t\tthrow ctx.error(\"NOT_FOUND\", { message: \"SCIM directory not found\" });\n\t\t\t\t\t}\n\t\t\t\t\tconst accounts = await db.findMany<AccountRow>({\n\t\t\t\t\t\tmodel: \"account\",\n\t\t\t\t\t\twhere: [{ field: \"providerId\", value: directory.providerId }],\n\t\t\t\t\t\tlimit: Math.min(ctx.body.limit ?? 100, 100),\n\t\t\t\t\t});\n\t\t\t\t\tconst userIds = Array.from(new Set(accounts.map((account) => account.userId)));\n\t\t\t\t\tconst users =\n\t\t\t\t\t\tuserIds.length > 0\n\t\t\t\t\t\t\t? await db.findMany<UserRow>({\n\t\t\t\t\t\t\t\t\tmodel: \"user\",\n\t\t\t\t\t\t\t\t\twhere: [{ field: \"id\", value: userIds, operator: \"in\" }],\n\t\t\t\t\t\t\t\t\tlimit: userIds.length,\n\t\t\t\t\t\t\t\t})\n\t\t\t\t\t\t\t: [];\n\t\t\t\t\tconst usersById = new Map(users.map((user) => [user.id, user]));\n\t\t\t\t\tconst data = accounts\n\t\t\t\t\t\t.map((account) => {\n\t\t\t\t\t\t\tconst user = usersById.get(account.userId);\n\t\t\t\t\t\t\treturn user ? serializeDirectoryUser(directory, user, account) : null;\n\t\t\t\t\t\t})\n\t\t\t\t\t\t.filter((entry): entry is NonNullable<typeof entry> => entry !== null)\n\t\t\t\t\t\t.filter((entry) => (ctx.body.state ? entry.state === ctx.body.state : true));\n\t\t\t\t\treturn ctx.json({ data, users: data });\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tgetDirectoryUser: createAuthEndpoint(\n\t\t\t\t\"/banata/scim/get-user\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\n\t\t\t\t\tbody: getDirectoryUserSchema,\n\t\t\t\t\tuse: [sessionMiddleware],\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst { projectId } = getProjectScope(ctx.body);\n\t\t\t\t\tawait requireProjectPermission(ctx, {\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tprojectId,\n\t\t\t\t\t\tpermission: \"directory.read\",\n\t\t\t\t\t});\n\n\t\t\t\t\tconst account = await db.findOne<AccountRow>({\n\t\t\t\t\t\tmodel: \"account\",\n\t\t\t\t\t\twhere: [\n\t\t\t\t\t\t\t{ field: \"userId\", value: ctx.body.userId },\n\t\t\t\t\t\t\t...(ctx.body.providerId\n\t\t\t\t\t\t\t\t? [{ field: \"providerId\", value: ctx.body.providerId }]\n\t\t\t\t\t\t\t\t: []),\n\t\t\t\t\t\t],\n\t\t\t\t\t});\n\t\t\t\t\tif (!account) {\n\t\t\t\t\t\tthrow ctx.error(\"NOT_FOUND\", { message: \"Directory user not found\" });\n\t\t\t\t\t}\n\t\t\t\t\tconst directory = await findDirectory(db, account.providerId, projectId!);\n\t\t\t\t\tif (!directory) {\n\t\t\t\t\t\tthrow ctx.error(\"NOT_FOUND\", { message: \"SCIM directory not found\" });\n\t\t\t\t\t}\n\t\t\t\t\tconst user = await db.findOne<UserRow>({\n\t\t\t\t\t\tmodel: \"user\",\n\t\t\t\t\t\twhere: [{ field: \"id\", value: ctx.body.userId }],\n\t\t\t\t\t});\n\t\t\t\t\tif (!user) {\n\t\t\t\t\t\tthrow ctx.error(\"NOT_FOUND\", { message: \"User not found\" });\n\t\t\t\t\t}\n\t\t\t\t\treturn ctx.json(serializeDirectoryUser(directory, user, account));\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tlistDirectoryGroups: createAuthEndpoint(\n\t\t\t\t\"/banata/scim/list-groups\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\n\t\t\t\t\tbody: listDirectoryGroupsSchema,\n\t\t\t\t\tuse: [sessionMiddleware],\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst { projectId } = getProjectScope(ctx.body);\n\t\t\t\t\tawait requireProjectPermission(ctx, {\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tprojectId,\n\t\t\t\t\t\tpermission: \"directory.read\",\n\t\t\t\t\t});\n\t\t\t\t\treturn ctx.json({ data: [], groups: [] });\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tgetDirectoryGroup: createAuthEndpoint(\n\t\t\t\t\"/banata/scim/get-group\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\", requireHeaders: true,\n\t\t\t\t\tbody: getDirectoryGroupSchema,\n\t\t\t\t\tuse: [sessionMiddleware],\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst { projectId } = getProjectScope(ctx.body);\n\t\t\t\t\tawait requireProjectPermission(ctx, {\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tprojectId,\n\t\t\t\t\t\tpermission: \"directory.read\",\n\t\t\t\t\t});\n\t\t\t\t\tthrow ctx.error(\"NOT_FOUND\", {\n\t\t\t\t\t\tmessage: \"SCIM groups are not implemented in this release\",\n\t\t\t\t\t});\n\t\t\t\t},\n\t\t\t),\n\t\t},\n\t};\n}\r\n","/**\n * Events plugin for Banata Auth.\n *\n * Provides a unified event stream API that queries the existing `auditEvent`\n * table and maps records into lightweight `WebhookEvent`-compatible shapes.\n *\n * This gives consumers a simple, poll-based alternative to webhooks —\n * similar to WorkOS's Events API. Under the hood, events are sourced from\n * audit log records stored by the audit plugin.\n *\n * @see {@link ./audit.ts} for the underlying audit log plugin\n * @see {@link ../../../shared/src/types.ts} for the WebhookEvent SDK type\n */\n\nimport type { BetterAuthPlugin } from \"better-auth\";\nimport { createAuthEndpoint } from \"better-auth/api\";\nimport { z } from \"zod\";\nimport {\n\ttype AuditEventRow,\n\ttype PluginDBAdapter,\n\ttype WhereClause,\n\tgetProjectScope,\n\tprojectScopeSchema,\n\trequireProjectPermission,\n} from \"./types\";\n\n// ─── Zod Schemas ────────────────────────────────────────────────────\n\nconst listEventsSchema = z\n\t.object({\n\t\t/** Filter by one or more event types (action strings). */\n\t\teventTypes: z.array(z.string()).optional(),\n\t\t/** Cursor for forward pagination — pass the last event's ID. */\n\t\tafter: z.string().optional(),\n\t\t/** Maximum number of events to return. Default: 50, max: 200. */\n\t\tlimit: z.number().int().positive().max(200).optional(),\n\t\t/** Filter by organization. */\n\t\torganizationId: z.string().optional(),\n\t\t/** Range start (epoch ms). */\n\t\trangeStart: z.number().optional(),\n\t\t/** Range end (epoch ms). */\n\t\trangeEnd: z.number().optional(),\n\t})\n\t.merge(projectScopeSchema);\n\n// ─── Helpers ────────────────────────────────────────────────────────\n\n/**\n * Map an audit event row to a lightweight event payload.\n */\n/** @internal Exported for testing. */\nexport function toEventPayload(row: AuditEventRow): Record<string, unknown> {\n\treturn {\n\t\tid: row.id,\n\t\ttype: row.action,\n\t\tdata: {\n\t\t\tactorType: row.actorType,\n\t\t\tactorId: row.actorId,\n\t\t\tactorName: row.actorName,\n\t\t\tactorEmail: row.actorEmail,\n\t\t\torganizationId: row.organizationId,\n\t\t\ttargets: row.targets ? safeJsonParse(row.targets as string) : undefined,\n\t\t\tchanges: row.changes ? safeJsonParse(row.changes as string) : undefined,\n\t\t\tmetadata: row.metadata ? safeJsonParse(row.metadata as string) : undefined,\n\t\t\tipAddress: row.ipAddress,\n\t\t\tuserAgent: row.userAgent,\n\t\t},\n\t\tcreatedAt: row.occurredAt ?? row.createdAt,\n\t};\n}\n\nfunction safeJsonParse(value: string): unknown {\n\ttry {\n\t\treturn JSON.parse(value);\n\t} catch {\n\t\treturn value;\n\t}\n}\n\n// ─── Plugin Factory ─────────────────────────────────────────────────\n\n/**\n * Events plugin for Banata Auth.\n *\n * Registers a single API endpoint under `/api/auth/banata/events/list`\n * that exposes audit events as a lightweight, pollable event stream.\n *\n * @returns A Better Auth plugin descriptor\n *\n * @example\n * ```ts\n * import { eventsPlugin } from \"./plugins/events\";\n *\n * const plugins = [\n * eventsPlugin(),\n * // ... other plugins\n * ];\n * ```\n */\nexport function eventsPlugin(): BetterAuthPlugin {\n\treturn {\n\t\tid: \"banata-events\",\n\n\t\t// No additional schema — events are sourced from the auditEvent table.\n\n\t\tendpoints: {\n\t\t\t/**\n\t\t\t * List events with optional filters.\n\t\t\t *\n\t\t\t * POST /api/auth/banata/events/list\n\t\t\t *\n\t\t\t * Returns a paginated list of events with cursor-based pagination.\n\t\t\t */\n\t\t\tlistEvents: createAuthEndpoint(\n\t\t\t\t\"/banata/events/list\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\tbody: listEventsSchema,\n\t\t\t\t\trequireHeaders: true,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst body = ctx.body;\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst scope = getProjectScope(body as Record<string, unknown>);\n\t\t\t\t\tawait requireProjectPermission(ctx, {\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tpermission: \"audit.read\",\n\t\t\t\t\t\tprojectId: scope.projectId,\n\t\t\t\t\t});\n\n\t\t\t\t\tconst limit = Math.min(body.limit ?? 50, 200);\n\t\t\t\t\tconst filters: WhereClause[] = [...scope.where];\n\n\t\t\t\t\t// Filter by event types (action strings)\n\t\t\t\t\tif (body.eventTypes && body.eventTypes.length > 0) {\n\t\t\t\t\t\tif (body.eventTypes.length === 1) {\n\t\t\t\t\t\t\tfilters.push({ field: \"action\", value: body.eventTypes[0]! });\n\t\t\t\t\t\t} else {\n\t\t\t\t\t\t\tfilters.push({\n\t\t\t\t\t\t\t\tfield: \"action\",\n\t\t\t\t\t\t\t\toperator: \"in\" as const,\n\t\t\t\t\t\t\t\tvalue: body.eventTypes,\n\t\t\t\t\t\t\t});\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\n\t\t\t\t\t// Filter by organization\n\t\t\t\t\tif (body.organizationId) {\n\t\t\t\t\t\tfilters.push({ field: \"organizationId\", value: body.organizationId });\n\t\t\t\t\t}\n\n\t\t\t\t\t// Date range filters\n\t\t\t\t\tif (body.rangeStart !== undefined) {\n\t\t\t\t\t\tfilters.push({\n\t\t\t\t\t\t\tfield: \"occurredAt\",\n\t\t\t\t\t\t\toperator: \"gte\" as const,\n\t\t\t\t\t\t\tvalue: body.rangeStart,\n\t\t\t\t\t\t});\n\t\t\t\t\t}\n\t\t\t\t\tif (body.rangeEnd !== undefined) {\n\t\t\t\t\t\tfilters.push({\n\t\t\t\t\t\t\tfield: \"occurredAt\",\n\t\t\t\t\t\t\toperator: \"lte\" as const,\n\t\t\t\t\t\t\tvalue: body.rangeEnd,\n\t\t\t\t\t\t});\n\t\t\t\t\t}\n\n\t\t\t\t\t// Cursor-based pagination: fetch events created after the cursor\n\t\t\t\t\t// \"after\" here is the ID of the last event from the previous page.\n\t\t\t\t\t// We use occurredAt desc, so we need events with occurredAt < cursor's occurredAt.\n\t\t\t\t\tif (body.after) {\n\t\t\t\t\t\t// Look up the cursor event to get its occurredAt\n\t\t\t\t\t\tconst cursorRows = await db.findMany<AuditEventRow>({\n\t\t\t\t\t\t\tmodel: \"auditEvent\",\n\t\t\t\t\t\t\twhere: [{ field: \"id\", value: body.after }, ...scope.where],\n\t\t\t\t\t\t\tlimit: 1,\n\t\t\t\t\t\t});\n\t\t\t\t\t\tif (cursorRows[0]) {\n\t\t\t\t\t\t\tfilters.push({\n\t\t\t\t\t\t\t\tfield: \"occurredAt\",\n\t\t\t\t\t\t\t\toperator: \"lt\" as const,\n\t\t\t\t\t\t\t\tvalue: cursorRows[0].occurredAt,\n\t\t\t\t\t\t\t});\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\n\t\t\t\t\tconst rows = await db.findMany<AuditEventRow>({\n\t\t\t\t\t\tmodel: \"auditEvent\",\n\t\t\t\t\t\twhere: filters,\n\t\t\t\t\t\tlimit: limit + 1, // Fetch one extra to determine hasMore\n\t\t\t\t\t\tsortBy: { field: \"occurredAt\", direction: \"desc\" },\n\t\t\t\t\t});\n\n\t\t\t\t\tconst hasMore = rows.length > limit;\n\t\t\t\t\tconst events = hasMore ? rows.slice(0, limit) : rows;\n\t\t\t\t\tconst lastEvent = events[events.length - 1];\n\t\t\t\t\tconst cursor = lastEvent ? (lastEvent.id as string) : undefined;\n\n\t\t\t\t\treturn ctx.json({\n\t\t\t\t\t\tdata: events.map(toEventPayload),\n\t\t\t\t\t\tcursor: hasMore ? cursor : undefined,\n\t\t\t\t\t\thasMore,\n\t\t\t\t\t});\n\t\t\t\t},\n\t\t\t),\n\t\t},\n\t};\n}\n","import type { BetterAuthPlugin } from \"better-auth\";\nimport { createAuthEndpoint } from \"better-auth/api\";\nimport { z } from \"zod\";\nimport {\n\ttype PermissionDefinitionRow,\n\ttype PluginDBAdapter,\n\ttype ProjectRow,\n\ttype RoleDefinitionRow,\n\ttype WhereClause,\n\tgetProjectScope,\n\tgetRolePermissions,\n\tisGlobalAdminUser,\n\tparseRoleSlugs,\n\tprojectScopeSchema,\n\trequireAuthenticated,\n} from \"./types\";\n\ninterface OrganizationRow extends Record<string, unknown> {\n\tid: string;\n\tname: string;\n\tslug: string;\n\tlogo?: string;\n\tmetadata?: unknown;\n\tprojectId?: string;\n\tcreatedAt: number;\n\tupdatedAt: number;\n}\n\ninterface MemberRow extends Record<string, unknown> {\n\tid: string;\n\torganizationId: string;\n\tuserId: string;\n\trole: string;\n\tprojectId?: string;\n\tcreatedAt: number;\n\tupdatedAt: number;\n}\n\ninterface InvitationRow extends Record<string, unknown> {\n\tid: string;\n\torganizationId: string;\n\temail: string;\n\trole: string;\n\tinviterId: string;\n\tstatus: string;\n\texpiresAt: number;\n\tprojectId?: string;\n\tcreatedAt: number;\n}\n\nconst SUPER_ADMIN_ROLE_SLUG = \"super_admin\";\nconst RESERVED_ROLES = new Set([SUPER_ADMIN_ROLE_SLUG]);\nconst INVITATION_EXPIRY_MS = 1000 * 60 * 60 * 48;\n\ninterface ProjectOwnerRow extends Pick<ProjectRow, \"id\" | \"ownerId\"> {}\n\nconst createOrganizationSchema = z\n\t.object({\n\t\tname: z.string().min(1),\n\t\tslug: z.string().min(1),\n\t\tlogo: z.string().optional(),\n\t\tmetadata: z.record(z.string(), z.unknown()).optional(),\n\t\tkeepCurrentActiveOrganization: z.boolean().optional(),\n\t})\n\t.merge(projectScopeSchema);\n\nconst organizationIdSchema = z\n\t.object({\n\t\torganizationId: z.string().optional(),\n\t\torganizationSlug: z.string().optional(),\n\t})\n\t.merge(projectScopeSchema);\n\nconst inviteMemberSchema = z\n\t.object({\n\t\temail: z.string().email(),\n\t\trole: z.union([z.string(), z.array(z.string())]),\n\t\torganizationId: z.string().optional(),\n\t\tresend: z.boolean().optional(),\n\t})\n\t.merge(projectScopeSchema);\n\nconst updateMemberRoleSchema = z\n\t.object({\n\t\tmemberId: z.string().optional(),\n\t\tmemberIdOrUserId: z.string().optional(),\n\t\trole: z.union([z.string(), z.array(z.string())]),\n\t\torganizationId: z.string().optional(),\n\t})\n\t.merge(projectScopeSchema);\n\nconst removeMemberSchema = z\n\t.object({\n\t\tmemberIdOrEmail: z.string().optional(),\n\t\tmemberIdOrUserId: z.string().optional(),\n\t\torganizationId: z.string().optional(),\n\t})\n\t.merge(projectScopeSchema);\n\nconst acceptRejectInviteSchema = z\n\t.object({\n\t\tinvitationId: z.string(),\n\t})\n\t.merge(projectScopeSchema);\n\nconst cancelInviteSchema = z\n\t.object({\n\t\tinvitationId: z.string(),\n\t})\n\t.merge(projectScopeSchema);\n\nconst getInvitationSchema = z\n\t.object({\n\t\tid: z.string(),\n\t})\n\t.merge(projectScopeSchema);\n\nconst listInvitationsSchema = z\n\t.object({\n\t\torganizationId: z.string().optional(),\n\t})\n\t.merge(projectScopeSchema);\n\nconst listUserInvitationsSchema = z\n\t.object({\n\t\temail: z.string().email().optional(),\n\t})\n\t.merge(projectScopeSchema);\n\nfunction getSessionOrThrow(ctx: any): {\n\tuserId: string;\n\tactiveOrganizationId?: string;\n\ttoken?: string;\n\tuserRole?: string;\n} {\n\tconst { session, user } = requireAuthenticated(ctx);\n\treturn {\n\t\tuserId: user.id,\n\t\tuserRole: user.role,\n\t\tactiveOrganizationId: session.activeOrganizationId as string | undefined,\n\t\ttoken: session.token as string | undefined,\n\t};\n}\n\nfunction parseRoles(role: string | string[]): string[] {\n\treturn parseRoleSlugs(role);\n}\n\nasync function setActiveOrganizationIfPossible(\n\tdb: PluginDBAdapter,\n\ttoken: string | undefined,\n\torganizationId: string | null,\n): Promise<void> {\n\tif (!token) return;\n\tawait db.update({\n\t\tmodel: \"session\",\n\t\twhere: [{ field: \"token\", value: token }],\n\t\tupdate: {\n\t\t\tactiveOrganizationId: organizationId,\n\t\t\tupdatedAt: new Date(),\n\t\t},\n\t});\n}\n\nasync function resolveOrganization(\n\tdb: PluginDBAdapter,\n\tparams: {\n\t\torganizationId?: string;\n\t\torganizationSlug?: string;\n\t\tactiveOrganizationId?: string;\n\t\tscopeWhere: WhereClause[];\n\t},\n): Promise<OrganizationRow | null> {\n\tif (params.organizationId) {\n\t\tconst rows = await db.findMany<OrganizationRow>({\n\t\t\tmodel: \"organization\",\n\t\t\twhere: [{ field: \"id\", value: params.organizationId }, ...params.scopeWhere],\n\t\t\tlimit: 1,\n\t\t});\n\t\treturn rows[0] ?? null;\n\t}\n\tif (params.organizationSlug) {\n\t\tconst rows = await db.findMany<OrganizationRow>({\n\t\t\tmodel: \"organization\",\n\t\t\twhere: [{ field: \"slug\", value: params.organizationSlug }, ...params.scopeWhere],\n\t\t\tlimit: 1,\n\t\t});\n\t\treturn rows[0] ?? null;\n\t}\n\tif (params.activeOrganizationId) {\n\t\tconst rows = await db.findMany<OrganizationRow>({\n\t\t\tmodel: \"organization\",\n\t\t\twhere: [{ field: \"id\", value: params.activeOrganizationId }, ...params.scopeWhere],\n\t\t\tlimit: 1,\n\t\t});\n\t\treturn rows[0] ?? null;\n\t}\n\treturn null;\n}\n\nasync function findMemberOrThrow(\n\tctx: any,\n\tdb: PluginDBAdapter,\n\torganizationId: string,\n\tuserId: string,\n\tscopeWhere: WhereClause[],\n): Promise<MemberRow> {\n\tconst rows = await db.findMany<MemberRow>({\n\t\tmodel: \"member\",\n\t\twhere: [\n\t\t\t{ field: \"organizationId\", value: organizationId },\n\t\t\t{ field: \"userId\", value: userId },\n\t\t\t...scopeWhere,\n\t\t],\n\t\tlimit: 1,\n\t});\n\tif (!rows[0]) {\n\t\tthrow ctx.error(\"FORBIDDEN\", { message: \"You are not a member of this organization\" });\n\t}\n\treturn rows[0];\n}\n\nasync function ensureRoleExistsForProject(\n\tctx: any,\n\tdb: PluginDBAdapter,\n\tprojectId: string | undefined,\n\troles: string[],\n): Promise<void> {\n\tif (!projectId) return;\n\tconst rows = await db.findMany<RoleDefinitionRow>({\n\t\tmodel: \"roleDefinition\",\n\t\twhere: [{ field: \"projectId\", value: projectId }],\n\t\tlimit: 1000,\n\t});\n\tconst slugs = new Set(rows.map((r) => r.slug));\n\tconst missing = roles.filter((r) => !slugs.has(r));\n\tif (missing.length > 0) {\n\t\tthrow ctx.error(\"BAD_REQUEST\", {\n\t\t\tmessage: `Unknown role(s): ${missing.join(\", \")}`,\n\t\t});\n\t}\n}\n\nfunction memberHasRole(member: MemberRow, roleSlug: string): boolean {\n\treturn parseRoleSlugs(member.role).includes(roleSlug);\n}\n\nasync function hasProjectWildcardAccess(\n\tdb: PluginDBAdapter,\n\tparams: {\n\t\tuserId: string;\n\t\tuserRole?: string;\n\t\tprojectId?: string;\n\t},\n): Promise<boolean> {\n\tif (isGlobalAdminUser({ role: params.userRole })) {\n\t\treturn true;\n\t}\n\tif (!params.projectId) {\n\t\treturn false;\n\t}\n\n\tconst projectRows = await db.findMany<ProjectOwnerRow>({\n\t\tmodel: \"project\",\n\t\twhere: [{ field: \"id\", value: params.projectId }],\n\t\tlimit: 1,\n\t});\n\treturn projectRows[0]?.ownerId === params.userId;\n}\n\nasync function getMemberPermissions(\n\tdb: PluginDBAdapter,\n\tparams: {\n\t\tprojectId?: string;\n\t\tmember: MemberRow;\n\t},\n): Promise<Set<string>> {\n\tconst roleSlugs = parseRoleSlugs(params.member.role);\n\tif (roleSlugs.includes(SUPER_ADMIN_ROLE_SLUG)) {\n\t\treturn new Set([\"*\"]);\n\t}\n\treturn getRolePermissions(db, {\n\t\tprojectId: params.projectId,\n\t\troleSlugs,\n\t});\n}\n\nasync function requireOrganizationPermission(\n\tctx: any,\n\tdb: PluginDBAdapter,\n\tparams: {\n\t\tprojectId?: string;\n\t\torganizationId: string;\n\t\tuserId: string;\n\t\tuserRole?: string;\n\t\tscopeWhere: WhereClause[];\n\t\tpermission: string;\n\t},\n): Promise<MemberRow | null> {\n\tif (\n\t\tawait hasProjectWildcardAccess(db, {\n\t\t\tuserId: params.userId,\n\t\t\tuserRole: params.userRole,\n\t\t\tprojectId: params.projectId,\n\t\t})\n\t) {\n\t\treturn null;\n\t}\n\n\tconst member = await findMemberOrThrow(\n\t\tctx,\n\t\tdb,\n\t\tparams.organizationId,\n\t\tparams.userId,\n\t\tparams.scopeWhere,\n\t);\n\tconst permissions = await getMemberPermissions(db, {\n\t\tprojectId: params.projectId,\n\t\tmember,\n\t});\n\tif (permissions.has(\"*\") || permissions.has(params.permission)) {\n\t\treturn member;\n\t}\n\n\tthrow ctx.error(\"FORBIDDEN\", { message: `Missing permission: ${params.permission}` });\n}\n\nasync function ensureOrganizationRetainsSuperAdmin(\n\tctx: any,\n\tdb: PluginDBAdapter,\n\tparams: {\n\t\torganizationId: string;\n\t\tscopeWhere: WhereClause[];\n\t\ttarget: MemberRow;\n\t\tnextRoleSlugs?: string[];\n\t},\n): Promise<void> {\n\tif (!memberHasRole(params.target, SUPER_ADMIN_ROLE_SLUG)) {\n\t\treturn;\n\t}\n\tif (params.nextRoleSlugs?.includes(SUPER_ADMIN_ROLE_SLUG)) {\n\t\treturn;\n\t}\n\n\tconst members = await db.findMany<MemberRow>({\n\t\tmodel: \"member\",\n\t\twhere: [{ field: \"organizationId\", value: params.organizationId }, ...params.scopeWhere],\n\t\tlimit: 1000,\n\t});\n\tconst otherSuperAdmins = members.filter(\n\t\t(member) => member.id !== params.target.id && memberHasRole(member, SUPER_ADMIN_ROLE_SLUG),\n\t);\n\tif (otherSuperAdmins.length === 0) {\n\t\tthrow ctx.error(\"BAD_REQUEST\", {\n\t\t\tmessage: \"Organization must retain at least one super_admin\",\n\t\t});\n\t}\n}\n\nasync function ensureSuperAdminRole(\n\tdb: PluginDBAdapter,\n\tprojectId: string | undefined,\n): Promise<void> {\n\tif (!projectId) return;\n\tconst now = Date.now();\n\tconst roles = await db.findMany<RoleDefinitionRow>({\n\t\tmodel: \"roleDefinition\",\n\t\twhere: [\n\t\t\t{ field: \"projectId\", value: projectId },\n\t\t\t{ field: \"slug\", value: SUPER_ADMIN_ROLE_SLUG },\n\t\t],\n\t\tlimit: 1,\n\t});\n\tif (roles[0]) return;\n\n\tconst perms = await db.findMany<PermissionDefinitionRow>({\n\t\tmodel: \"permissionDefinition\",\n\t\twhere: [{ field: \"projectId\", value: projectId }],\n\t\tlimit: 1000,\n\t});\n\tawait db.create<RoleDefinitionRow>({\n\t\tmodel: \"roleDefinition\",\n\t\tdata: {\n\t\t\tprojectId,\n\t\t\tname: \"Super Admin\",\n\t\t\tslug: SUPER_ADMIN_ROLE_SLUG,\n\t\t\tdescription: \"Full access across this project and its organizations.\",\n\t\t\tpermissions: JSON.stringify(perms.map((p) => p.slug).sort()),\n\t\t\tisDefault: true,\n\t\t\tcreatedAt: now,\n\t\t\tupdatedAt: now,\n\t\t},\n\t});\n}\n\nexport function organizationRbacPlugin(): BetterAuthPlugin {\n\treturn {\n\t\tid: \"banata-organization-rbac\",\n\t\tschema: {\n\t\t\torganization: {\n\t\t\t\tfields: {\n\t\t\t\t\tname: { type: \"string\", required: true },\n\t\t\t\t\tslug: { type: \"string\", required: true },\n\t\t\t\t\tlogo: { type: \"string\", required: false },\n\t\t\t\t\tmetadata: { type: \"string\", required: false },\n\t\t\t\t\tprojectId: { type: \"string\", required: false },\n\t\t\t\t\tcreatedAt: { type: \"number\", required: true },\n\t\t\t\t\tupdatedAt: { type: \"number\", required: true },\n\t\t\t\t},\n\t\t\t},\n\t\t\tmember: {\n\t\t\t\tfields: {\n\t\t\t\t\torganizationId: { type: \"string\", required: true },\n\t\t\t\t\tuserId: { type: \"string\", required: true },\n\t\t\t\t\trole: { type: \"string\", required: true },\n\t\t\t\t\tprojectId: { type: \"string\", required: false },\n\t\t\t\t\tcreatedAt: { type: \"number\", required: true },\n\t\t\t\t\tupdatedAt: { type: \"number\", required: true },\n\t\t\t\t},\n\t\t\t},\n\t\t\tinvitation: {\n\t\t\t\tfields: {\n\t\t\t\t\torganizationId: { type: \"string\", required: true },\n\t\t\t\t\temail: { type: \"string\", required: true },\n\t\t\t\t\trole: { type: \"string\", required: true },\n\t\t\t\t\tinviterId: { type: \"string\", required: true },\n\t\t\t\t\tprojectId: { type: \"string\", required: false },\n\t\t\t\t\tstatus: { type: \"string\", required: true },\n\t\t\t\t\texpiresAt: { type: \"number\", required: true },\n\t\t\t\t\tcreatedAt: { type: \"number\", required: true },\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\t\tendpoints: {\n\t\t\tcreateOrganization: createAuthEndpoint(\n\t\t\t\t\"/organization/create\",\n\t\t\t\t{ method: \"POST\", body: createOrganizationSchema, requireHeaders: true },\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst { userId, token } = getSessionOrThrow(ctx);\n\t\t\t\t\tconst body = ctx.body;\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst scope = getProjectScope(body as Record<string, unknown>);\n\t\t\t\t\tconst now = Date.now();\n\n\t\t\t\t\tconst existingSlug = await db.findMany<OrganizationRow>({\n\t\t\t\t\t\tmodel: \"organization\",\n\t\t\t\t\t\twhere: [{ field: \"slug\", value: body.slug }, ...scope.where],\n\t\t\t\t\t\tlimit: 1,\n\t\t\t\t\t});\n\t\t\t\t\tif (existingSlug[0]) {\n\t\t\t\t\t\tthrow ctx.error(\"BAD_REQUEST\", { message: \"Organization slug already exists\" });\n\t\t\t\t\t}\n\n\t\t\t\t\tawait ensureSuperAdminRole(db, scope.data.projectId);\n\t\t\t\t\tconst organization = await db.create<OrganizationRow>({\n\t\t\t\t\t\tmodel: \"organization\",\n\t\t\t\t\t\tdata: {\n\t\t\t\t\t\t\t...scope.data,\n\t\t\t\t\t\t\tname: body.name,\n\t\t\t\t\t\t\tslug: body.slug,\n\t\t\t\t\t\t\tlogo: body.logo,\n\t\t\t\t\t\t\tmetadata: body.metadata ? JSON.stringify(body.metadata) : undefined,\n\t\t\t\t\t\t\tcreatedAt: now,\n\t\t\t\t\t\t\tupdatedAt: now,\n\t\t\t\t\t\t},\n\t\t\t\t\t});\n\n\t\t\t\t\tconst member = await db.create<MemberRow>({\n\t\t\t\t\t\tmodel: \"member\",\n\t\t\t\t\t\tdata: {\n\t\t\t\t\t\t\t...scope.data,\n\t\t\t\t\t\t\torganizationId: organization.id,\n\t\t\t\t\t\t\tuserId,\n\t\t\t\t\t\t\trole: SUPER_ADMIN_ROLE_SLUG,\n\t\t\t\t\t\t\tcreatedAt: now,\n\t\t\t\t\t\t\tupdatedAt: now,\n\t\t\t\t\t\t},\n\t\t\t\t\t});\n\n\t\t\t\t\tif (!body.keepCurrentActiveOrganization) {\n\t\t\t\t\t\tawait setActiveOrganizationIfPossible(db, token, organization.id);\n\t\t\t\t\t}\n\n\t\t\t\t\treturn ctx.json({ ...organization, members: [member] });\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tlistOrganizations: createAuthEndpoint(\n\t\t\t\t\"/organization/list\",\n\t\t\t\t{ method: \"POST\", body: projectScopeSchema, requireHeaders: true },\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst { userId, userRole } = getSessionOrThrow(ctx);\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst scope = getProjectScope(ctx.body as Record<string, unknown>);\n\n\t\t\t\t\tif (\n\t\t\t\t\t\tawait hasProjectWildcardAccess(db, {\n\t\t\t\t\t\t\tuserId,\n\t\t\t\t\t\t\tuserRole,\n\t\t\t\t\t\t\tprojectId: scope.projectId,\n\t\t\t\t\t\t})\n\t\t\t\t\t) {\n\t\t\t\t\t\tconst organizations = await db.findMany<OrganizationRow>({\n\t\t\t\t\t\t\tmodel: \"organization\",\n\t\t\t\t\t\t\twhere: [...scope.where],\n\t\t\t\t\t\t\tlimit: 1000,\n\t\t\t\t\t\t\tsortBy: { field: \"createdAt\", direction: \"desc\" },\n\t\t\t\t\t\t});\n\t\t\t\t\t\treturn ctx.json({\n\t\t\t\t\t\t\tdata: organizations.map((org) => ({\n\t\t\t\t\t\t\t\t...org,\n\t\t\t\t\t\t\t\tmetadata:\n\t\t\t\t\t\t\t\t\ttypeof org.metadata === \"string\"\n\t\t\t\t\t\t\t\t\t\t? JSON.parse(org.metadata as string)\n\t\t\t\t\t\t\t\t\t\t: org.metadata,\n\t\t\t\t\t\t\t})),\n\t\t\t\t\t\t\tlistMetadata: { before: null, after: null },\n\t\t\t\t\t\t});\n\t\t\t\t\t}\n\n\t\t\t\t\tconst memberships = await db.findMany<MemberRow>({\n\t\t\t\t\t\tmodel: \"member\",\n\t\t\t\t\t\twhere: [{ field: \"userId\", value: userId }, ...scope.where],\n\t\t\t\t\t\tlimit: 1000,\n\t\t\t\t\t});\n\t\t\t\t\tif (memberships.length === 0) {\n\t\t\t\t\t\treturn ctx.json({\n\t\t\t\t\t\t\tdata: [],\n\t\t\t\t\t\t\tlistMetadata: { before: null, after: null },\n\t\t\t\t\t\t});\n\t\t\t\t\t}\n\n\t\t\t\t\tconst orgIds = memberships.map((m) => m.organizationId);\n\t\t\t\t\tconst organizations = await db.findMany<OrganizationRow>({\n\t\t\t\t\t\tmodel: \"organization\",\n\t\t\t\t\t\twhere: [{ field: \"id\", operator: \"in\", value: orgIds }, ...scope.where],\n\t\t\t\t\t\tlimit: 1000,\n\t\t\t\t\t\tsortBy: { field: \"createdAt\", direction: \"desc\" },\n\t\t\t\t\t});\n\t\t\t\t\treturn ctx.json({\n\t\t\t\t\t\tdata: organizations.map((org) => ({\n\t\t\t\t\t\t\t...org,\n\t\t\t\t\t\t\tmetadata:\n\t\t\t\t\t\t\t\ttypeof org.metadata === \"string\"\n\t\t\t\t\t\t\t\t\t? JSON.parse(org.metadata as string)\n\t\t\t\t\t\t\t\t\t: org.metadata,\n\t\t\t\t\t\t})),\n\t\t\t\t\t\tlistMetadata: { before: null, after: null },\n\t\t\t\t\t});\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tgetFullOrganization: createAuthEndpoint(\n\t\t\t\t\"/organization/get-full-organization\",\n\t\t\t\t{ method: \"POST\", body: organizationIdSchema, requireHeaders: true },\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst { userId, activeOrganizationId, userRole } = getSessionOrThrow(ctx);\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst scope = getProjectScope(ctx.body as Record<string, unknown>);\n\n\t\t\t\t\tconst org = await resolveOrganization(db, {\n\t\t\t\t\t\torganizationId: ctx.body.organizationId,\n\t\t\t\t\t\torganizationSlug: ctx.body.organizationSlug,\n\t\t\t\t\t\tactiveOrganizationId,\n\t\t\t\t\t\tscopeWhere: scope.where,\n\t\t\t\t\t});\n\t\t\t\t\tif (!org) return ctx.json(null);\n\n\t\t\t\t\tawait requireOrganizationPermission(ctx, db, {\n\t\t\t\t\t\tprojectId: scope.projectId,\n\t\t\t\t\t\torganizationId: org.id,\n\t\t\t\t\t\tuserId,\n\t\t\t\t\t\tuserRole,\n\t\t\t\t\t\tscopeWhere: scope.where,\n\t\t\t\t\t\tpermission: \"member.read\",\n\t\t\t\t\t});\n\n\t\t\t\t\tconst members = await db.findMany<MemberRow>({\n\t\t\t\t\t\tmodel: \"member\",\n\t\t\t\t\t\twhere: [{ field: \"organizationId\", value: org.id }, ...scope.where],\n\t\t\t\t\t\tlimit: 1000,\n\t\t\t\t\t});\n\t\t\t\t\tconst invitations = await db.findMany<InvitationRow>({\n\t\t\t\t\t\tmodel: \"invitation\",\n\t\t\t\t\t\twhere: [{ field: \"organizationId\", value: org.id }, ...scope.where],\n\t\t\t\t\t\tlimit: 1000,\n\t\t\t\t\t});\n\n\t\t\t\t\treturn ctx.json({\n\t\t\t\t\t\t...org,\n\t\t\t\t\t\tmetadata:\n\t\t\t\t\t\t\ttypeof org.metadata === \"string\" ? JSON.parse(org.metadata as string) : org.metadata,\n\t\t\t\t\t\tmembers,\n\t\t\t\t\t\tinvitations,\n\t\t\t\t\t});\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tsetActiveOrganization: createAuthEndpoint(\n\t\t\t\t\"/organization/set-active\",\n\t\t\t\t{ method: \"POST\", body: organizationIdSchema, requireHeaders: true },\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst { userId, token, userRole } = getSessionOrThrow(ctx);\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst scope = getProjectScope(ctx.body as Record<string, unknown>);\n\t\t\t\t\tconst org = await resolveOrganization(db, {\n\t\t\t\t\t\torganizationId: ctx.body.organizationId,\n\t\t\t\t\t\torganizationSlug: ctx.body.organizationSlug,\n\t\t\t\t\t\tscopeWhere: scope.where,\n\t\t\t\t\t});\n\t\t\t\t\tif (!org) {\n\t\t\t\t\t\tawait setActiveOrganizationIfPossible(db, token, null);\n\t\t\t\t\t\treturn ctx.json(null);\n\t\t\t\t\t}\n\n\t\t\t\t\tif (\n\t\t\t\t\t\t!(await hasProjectWildcardAccess(db, {\n\t\t\t\t\t\t\tuserId,\n\t\t\t\t\t\t\tuserRole,\n\t\t\t\t\t\t\tprojectId: scope.projectId,\n\t\t\t\t\t\t}))\n\t\t\t\t\t) {\n\t\t\t\t\t\tawait findMemberOrThrow(ctx, db, org.id, userId, scope.where);\n\t\t\t\t\t}\n\t\t\t\t\tawait setActiveOrganizationIfPossible(db, token, org.id);\n\t\t\t\t\treturn ctx.json(org);\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tinviteMember: createAuthEndpoint(\n\t\t\t\t\"/organization/invite-member\",\n\t\t\t\t{ method: \"POST\", body: inviteMemberSchema, requireHeaders: true },\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst { userId, activeOrganizationId, userRole } = getSessionOrThrow(ctx);\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst body = ctx.body;\n\t\t\t\t\tconst scope = getProjectScope(body as Record<string, unknown>);\n\t\t\t\t\tconst projectId = scope.data.projectId;\n\t\t\t\t\tconst orgId = body.organizationId ?? activeOrganizationId;\n\t\t\t\t\tif (!orgId) throw ctx.error(\"BAD_REQUEST\", { message: \"Organization required\" });\n\n\t\t\t\t\tawait requireOrganizationPermission(ctx, db, {\n\t\t\t\t\t\tprojectId: scope.projectId,\n\t\t\t\t\t\torganizationId: orgId,\n\t\t\t\t\t\tuserId,\n\t\t\t\t\t\tuserRole,\n\t\t\t\t\t\tscopeWhere: scope.where,\n\t\t\t\t\t\tpermission: \"member.invite\",\n\t\t\t\t\t});\n\n\t\t\t\t\tconst roles = parseRoles(body.role);\n\t\t\t\t\tif (roles.some((r) => RESERVED_ROLES.has(r) && r !== SUPER_ADMIN_ROLE_SLUG)) {\n\t\t\t\t\t\tthrow ctx.error(\"BAD_REQUEST\", { message: \"Reserved roles are not assignable\" });\n\t\t\t\t\t}\n\t\t\t\t\tawait ensureRoleExistsForProject(ctx, db, projectId, roles);\n\n\t\t\t\t\tconst email = body.email.toLowerCase();\n\t\t\t\t\tconst existingPending = await db.findMany<InvitationRow>({\n\t\t\t\t\t\tmodel: \"invitation\",\n\t\t\t\t\t\twhere: [\n\t\t\t\t\t\t\t{ field: \"organizationId\", value: orgId },\n\t\t\t\t\t\t\t{ field: \"email\", value: email },\n\t\t\t\t\t\t\t{ field: \"status\", value: \"pending\" },\n\t\t\t\t\t\t\t...scope.where,\n\t\t\t\t\t\t],\n\t\t\t\t\t\tlimit: 1,\n\t\t\t\t\t});\n\t\t\t\t\tif (existingPending[0] && !body.resend) {\n\t\t\t\t\t\tthrow ctx.error(\"BAD_REQUEST\", { message: \"User is already invited\" });\n\t\t\t\t\t}\n\n\t\t\t\t\tconst now = Date.now();\n\t\t\t\t\tif (existingPending[0] && body.resend) {\n\t\t\t\t\t\tconst invitation = await db.update<InvitationRow>({\n\t\t\t\t\t\t\tmodel: \"invitation\",\n\t\t\t\t\t\t\twhere: [{ field: \"id\", value: existingPending[0].id }, ...scope.where],\n\t\t\t\t\t\t\tupdate: {\n\t\t\t\t\t\t\t\trole: roles.join(\",\"),\n\t\t\t\t\t\t\t\texpiresAt: now + INVITATION_EXPIRY_MS,\n\t\t\t\t\t\t\t\tstatus: \"pending\",\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t});\n\t\t\t\t\t\treturn ctx.json(invitation);\n\t\t\t\t\t}\n\n\t\t\t\t\tconst invitation = await db.create<InvitationRow>({\n\t\t\t\t\t\tmodel: \"invitation\",\n\t\t\t\t\t\tdata: {\n\t\t\t\t\t\t\t...scope.data,\n\t\t\t\t\t\t\torganizationId: orgId,\n\t\t\t\t\t\t\temail,\n\t\t\t\t\t\t\trole: roles.join(\",\"),\n\t\t\t\t\t\t\tinviterId: userId,\n\t\t\t\t\t\t\tstatus: \"pending\",\n\t\t\t\t\t\t\texpiresAt: now + INVITATION_EXPIRY_MS,\n\t\t\t\t\t\t\tcreatedAt: now,\n\t\t\t\t\t\t},\n\t\t\t\t\t});\n\t\t\t\t\treturn ctx.json(invitation);\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tacceptInvitation: createAuthEndpoint(\n\t\t\t\t\"/organization/accept-invitation\",\n\t\t\t\t{ method: \"POST\", body: acceptRejectInviteSchema, requireHeaders: true },\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst { session, user } = requireAuthenticated(ctx);\n\t\t\t\t\tconst userId = user.id;\n\t\t\t\t\tconst token = session.token;\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst scope = getProjectScope(ctx.body as Record<string, unknown>);\n\t\t\t\t\tconst inviteRows = await db.findMany<InvitationRow>({\n\t\t\t\t\t\tmodel: \"invitation\",\n\t\t\t\t\t\twhere: [{ field: \"id\", value: ctx.body.invitationId }, ...scope.where],\n\t\t\t\t\t\tlimit: 1,\n\t\t\t\t\t});\n\t\t\t\t\tconst invitation = inviteRows[0];\n\t\t\t\t\tif (!invitation || invitation.status !== \"pending\" || invitation.expiresAt < Date.now()) {\n\t\t\t\t\t\tthrow ctx.error(\"BAD_REQUEST\", { message: \"Invitation not found\" });\n\t\t\t\t\t}\n\t\t\t\t\t// Ensure the authenticated user's email matches the invitation target\n\t\t\t\t\tif (invitation.email !== user.email) {\n\t\t\t\t\t\tthrow ctx.error(\"FORBIDDEN\", {\n\t\t\t\t\t\t\tmessage: \"This invitation is not addressed to you\",\n\t\t\t\t\t\t});\n\t\t\t\t\t}\n\n\t\t\t\t\tconst now = Date.now();\n\t\t\t\t\tawait db.update<InvitationRow>({\n\t\t\t\t\t\tmodel: \"invitation\",\n\t\t\t\t\t\twhere: [{ field: \"id\", value: invitation.id }, ...scope.where],\n\t\t\t\t\t\tupdate: { status: \"accepted\" },\n\t\t\t\t\t});\n\n\t\t\t\t\tconst existingMember = await db.findMany<MemberRow>({\n\t\t\t\t\t\tmodel: \"member\",\n\t\t\t\t\t\twhere: [\n\t\t\t\t\t\t\t{ field: \"organizationId\", value: invitation.organizationId },\n\t\t\t\t\t\t\t{ field: \"userId\", value: userId },\n\t\t\t\t\t\t\t...scope.where,\n\t\t\t\t\t\t],\n\t\t\t\t\t\tlimit: 1,\n\t\t\t\t\t});\n\t\t\t\t\tconst member =\n\t\t\t\t\t\texistingMember[0] ??\n\t\t\t\t\t\t(await db.create<MemberRow>({\n\t\t\t\t\t\t\tmodel: \"member\",\n\t\t\t\t\t\t\tdata: {\n\t\t\t\t\t\t\t\t...scope.data,\n\t\t\t\t\t\t\t\torganizationId: invitation.organizationId,\n\t\t\t\t\t\t\t\tuserId,\n\t\t\t\t\t\t\t\trole: invitation.role,\n\t\t\t\t\t\t\t\tcreatedAt: now,\n\t\t\t\t\t\t\t\tupdatedAt: now,\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t}));\n\n\t\t\t\t\tawait setActiveOrganizationIfPossible(db, token, invitation.organizationId);\n\t\t\t\t\treturn ctx.json({ invitation: { ...invitation, status: \"accepted\" }, member });\n\t\t\t\t},\n\t\t\t),\n\n\t\t\trejectInvitation: createAuthEndpoint(\n\t\t\t\t\"/organization/reject-invitation\",\n\t\t\t\t{ method: \"POST\", body: acceptRejectInviteSchema, requireHeaders: true },\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\t// Verify the caller is the invitation target\n\t\t\t\t\tconst { session, user } = requireAuthenticated(ctx);\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst scope = getProjectScope(ctx.body as Record<string, unknown>);\n\t\t\t\t\tconst inviteRows = await db.findMany<InvitationRow>({\n\t\t\t\t\t\tmodel: \"invitation\",\n\t\t\t\t\t\twhere: [{ field: \"id\", value: ctx.body.invitationId }, ...scope.where],\n\t\t\t\t\t\tlimit: 1,\n\t\t\t\t\t});\n\t\t\t\t\tconst invitation = inviteRows[0];\n\t\t\t\t\tif (!invitation || invitation.status !== \"pending\") {\n\t\t\t\t\t\tthrow ctx.error(\"BAD_REQUEST\", { message: \"Invitation not found\" });\n\t\t\t\t\t}\n\t\t\t\t\t// Ensure the authenticated user's email matches the invitation target\n\t\t\t\t\tif (invitation.email !== user.email) {\n\t\t\t\t\t\tthrow ctx.error(\"FORBIDDEN\", {\n\t\t\t\t\t\t\tmessage: \"You can only reject invitations addressed to you\",\n\t\t\t\t\t\t});\n\t\t\t\t\t}\n\t\t\t\t\tconst updated = await db.update<InvitationRow>({\n\t\t\t\t\t\tmodel: \"invitation\",\n\t\t\t\t\t\twhere: [{ field: \"id\", value: invitation.id }, ...scope.where],\n\t\t\t\t\t\tupdate: { status: \"rejected\" },\n\t\t\t\t\t});\n\t\t\t\t\treturn ctx.json({ invitation: updated, member: null });\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tcancelInvitation: createAuthEndpoint(\n\t\t\t\t\"/organization/cancel-invitation\",\n\t\t\t\t{ method: \"POST\", body: cancelInviteSchema, requireHeaders: true },\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst { userId, userRole } = getSessionOrThrow(ctx);\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst scope = getProjectScope(ctx.body as Record<string, unknown>);\n\t\t\t\t\tconst inviteRows = await db.findMany<InvitationRow>({\n\t\t\t\t\t\tmodel: \"invitation\",\n\t\t\t\t\t\twhere: [{ field: \"id\", value: ctx.body.invitationId }, ...scope.where],\n\t\t\t\t\t\tlimit: 1,\n\t\t\t\t\t});\n\t\t\t\t\tconst invitation = inviteRows[0];\n\t\t\t\t\tif (!invitation) throw ctx.error(\"BAD_REQUEST\", { message: \"Invitation not found\" });\n\t\t\t\t\tawait requireOrganizationPermission(ctx, db, {\n\t\t\t\t\t\tprojectId: scope.projectId,\n\t\t\t\t\t\torganizationId: invitation.organizationId,\n\t\t\t\t\t\tuserId,\n\t\t\t\t\t\tuserRole,\n\t\t\t\t\t\tscopeWhere: scope.where,\n\t\t\t\t\t\tpermission: \"member.invite\",\n\t\t\t\t\t});\n\t\t\t\t\tconst updated = await db.update<InvitationRow>({\n\t\t\t\t\t\tmodel: \"invitation\",\n\t\t\t\t\t\twhere: [{ field: \"id\", value: invitation.id }, ...scope.where],\n\t\t\t\t\t\tupdate: { status: \"canceled\" },\n\t\t\t\t\t});\n\t\t\t\t\treturn ctx.json(updated);\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tgetInvitation: createAuthEndpoint(\n\t\t\t\t\"/organization/get-invitation\",\n\t\t\t\t{ method: \"POST\", body: getInvitationSchema, requireHeaders: true },\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst { user } = requireAuthenticated(ctx);\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst scope = getProjectScope(ctx.body as Record<string, unknown>);\n\t\t\t\t\tconst rows = await db.findMany<InvitationRow>({\n\t\t\t\t\t\tmodel: \"invitation\",\n\t\t\t\t\t\twhere: [{ field: \"id\", value: ctx.body.id }, ...scope.where],\n\t\t\t\t\t\tlimit: 1,\n\t\t\t\t\t});\n\t\t\t\t\tif (!rows[0]) throw ctx.error(\"BAD_REQUEST\", { message: \"Invitation not found\" });\n\t\t\t\t\tconst invitation = rows[0];\n\t\t\t\t\t// Allow access if the caller is the invitation target or an org admin\n\t\t\t\t\tif (invitation.email !== user.email) {\n\t\t\t\t\t\tconst memberRows = await db.findMany<MemberRow>({\n\t\t\t\t\t\t\tmodel: \"member\",\n\t\t\t\t\t\t\twhere: [\n\t\t\t\t\t\t\t\t{ field: \"organizationId\", value: invitation.organizationId },\n\t\t\t\t\t\t\t\t{ field: \"userId\", value: user.id },\n\t\t\t\t\t\t\t\t...scope.where,\n\t\t\t\t\t\t\t],\n\t\t\t\t\t\t\tlimit: 1,\n\t\t\t\t\t\t});\n\t\t\t\t\t\tif (!memberRows[0]) {\n\t\t\t\t\t\t\tthrow ctx.error(\"FORBIDDEN\", {\n\t\t\t\t\t\t\t\tmessage: \"You do not have access to this invitation\",\n\t\t\t\t\t\t\t});\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t\treturn ctx.json(invitation);\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tlistInvitations: createAuthEndpoint(\n\t\t\t\t\"/organization/list-invitations\",\n\t\t\t\t{ method: \"POST\", body: listInvitationsSchema, requireHeaders: true },\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst { userId, activeOrganizationId, userRole } = getSessionOrThrow(ctx);\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst scope = getProjectScope(ctx.body as Record<string, unknown>);\n\t\t\t\t\tconst orgId = ctx.body.organizationId ?? activeOrganizationId;\n\t\t\t\t\tif (!orgId) throw ctx.error(\"BAD_REQUEST\", { message: \"Organization required\" });\n\t\t\t\t\tawait requireOrganizationPermission(ctx, db, {\n\t\t\t\t\t\tprojectId: scope.projectId,\n\t\t\t\t\t\torganizationId: orgId,\n\t\t\t\t\t\tuserId,\n\t\t\t\t\t\tuserRole,\n\t\t\t\t\t\tscopeWhere: scope.where,\n\t\t\t\t\t\tpermission: \"member.invite\",\n\t\t\t\t\t});\n\t\t\t\t\tconst rows = await db.findMany<InvitationRow>({\n\t\t\t\t\t\tmodel: \"invitation\",\n\t\t\t\t\t\twhere: [{ field: \"organizationId\", value: orgId }, ...scope.where],\n\t\t\t\t\t\tlimit: 1000,\n\t\t\t\t\t});\n\t\t\t\t\treturn ctx.json({\n\t\t\t\t\t\tdata: rows,\n\t\t\t\t\t\tlistMetadata: { before: null, after: null },\n\t\t\t\t\t});\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tlistUserInvitations: createAuthEndpoint(\n\t\t\t\t\"/organization/list-user-invitations\",\n\t\t\t\t{ method: \"POST\", body: listUserInvitationsSchema, requireHeaders: true },\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\t// Always use the authenticated user's own email to prevent enumeration (S9)\n\t\t\t\t\tconst { user } = requireAuthenticated(ctx);\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst scope = getProjectScope(ctx.body as Record<string, unknown>);\n\t\t\t\t\tconst targetEmail = user.email?.toLowerCase();\n\t\t\t\t\tif (!targetEmail) throw ctx.error(\"BAD_REQUEST\", { message: \"Email is required\" });\n\n\t\t\t\t\tconst rows = await db.findMany<InvitationRow>({\n\t\t\t\t\t\tmodel: \"invitation\",\n\t\t\t\t\t\twhere: [\n\t\t\t\t\t\t\t{ field: \"email\", value: targetEmail },\n\t\t\t\t\t\t\t{ field: \"status\", value: \"pending\" },\n\t\t\t\t\t\t\t...scope.where,\n\t\t\t\t\t\t],\n\t\t\t\t\t\tlimit: 1000,\n\t\t\t\t\t});\n\t\t\t\t\treturn ctx.json(rows);\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tlistMembers: createAuthEndpoint(\n\t\t\t\t\"/organization/list-members\",\n\t\t\t\t{ method: \"POST\", body: listInvitationsSchema, requireHeaders: true },\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst { userId, activeOrganizationId, userRole } = getSessionOrThrow(ctx);\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst scope = getProjectScope(ctx.body as Record<string, unknown>);\n\t\t\t\t\tconst orgId = ctx.body.organizationId ?? activeOrganizationId;\n\t\t\t\t\tif (!orgId) throw ctx.error(\"BAD_REQUEST\", { message: \"Organization required\" });\n\t\t\t\t\tawait requireOrganizationPermission(ctx, db, {\n\t\t\t\t\t\tprojectId: scope.projectId,\n\t\t\t\t\t\torganizationId: orgId,\n\t\t\t\t\t\tuserId,\n\t\t\t\t\t\tuserRole,\n\t\t\t\t\t\tscopeWhere: scope.where,\n\t\t\t\t\t\tpermission: \"member.read\",\n\t\t\t\t\t});\n\t\t\t\t\tconst members = await db.findMany<MemberRow>({\n\t\t\t\t\t\tmodel: \"member\",\n\t\t\t\t\t\twhere: [{ field: \"organizationId\", value: orgId }, ...scope.where],\n\t\t\t\t\t\tlimit: 1000,\n\t\t\t\t\t});\n\t\t\t\t\treturn ctx.json({\n\t\t\t\t\t\tdata: members,\n\t\t\t\t\t\tlistMetadata: { before: null, after: null },\n\t\t\t\t\t});\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tupdateMemberRole: createAuthEndpoint(\n\t\t\t\t\"/organization/update-member-role\",\n\t\t\t\t{ method: \"POST\", body: updateMemberRoleSchema, requireHeaders: true },\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst { userId, activeOrganizationId, userRole } = getSessionOrThrow(ctx);\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst body = ctx.body;\n\t\t\t\t\tconst scope = getProjectScope(body as Record<string, unknown>);\n\t\t\t\t\tconst orgId = body.organizationId ?? activeOrganizationId;\n\t\t\t\t\tif (!orgId) throw ctx.error(\"BAD_REQUEST\", { message: \"Organization required\" });\n\n\t\t\t\t\tawait requireOrganizationPermission(ctx, db, {\n\t\t\t\t\t\tprojectId: scope.projectId,\n\t\t\t\t\t\torganizationId: orgId,\n\t\t\t\t\t\tuserId,\n\t\t\t\t\t\tuserRole,\n\t\t\t\t\t\tscopeWhere: scope.where,\n\t\t\t\t\t\tpermission: \"member.update_role\",\n\t\t\t\t\t});\n\t\t\t\t\tconst roles = parseRoles(body.role);\n\t\t\t\t\tif (roles.some((r) => RESERVED_ROLES.has(r) && r !== SUPER_ADMIN_ROLE_SLUG)) {\n\t\t\t\t\t\tthrow ctx.error(\"BAD_REQUEST\", { message: \"Reserved roles are not assignable\" });\n\t\t\t\t\t}\n\t\t\t\t\tawait ensureRoleExistsForProject(ctx, db, scope.data.projectId, roles);\n\n\t\t\t\t\tconst memberIdentifier = body.memberId ?? body.memberIdOrUserId;\n\t\t\t\t\tif (!memberIdentifier) {\n\t\t\t\t\t\tthrow ctx.error(\"BAD_REQUEST\", { message: \"Member identifier required\" });\n\t\t\t\t\t}\n\n\t\t\t\t\tlet memberWhere: WhereClause[] = [\n\t\t\t\t\t\t{ field: \"id\", value: memberIdentifier },\n\t\t\t\t\t\t...scope.where,\n\t\t\t\t\t];\n\t\t\t\t\tconst byId = await db.findMany<MemberRow>({\n\t\t\t\t\t\tmodel: \"member\",\n\t\t\t\t\t\twhere: memberWhere,\n\t\t\t\t\t\tlimit: 1,\n\t\t\t\t\t});\n\t\t\t\t\tif (!byId[0]) {\n\t\t\t\t\t\tmemberWhere = [\n\t\t\t\t\t\t\t{ field: \"organizationId\", value: orgId },\n\t\t\t\t\t\t\t{ field: \"userId\", value: memberIdentifier },\n\t\t\t\t\t\t\t...scope.where,\n\t\t\t\t\t\t];\n\t\t\t\t\t}\n\t\t\t\t\tconst targetRows = await db.findMany<MemberRow>({\n\t\t\t\t\t\tmodel: \"member\",\n\t\t\t\t\t\twhere: memberWhere,\n\t\t\t\t\t\tlimit: 1,\n\t\t\t\t\t});\n\t\t\t\t\tconst target = targetRows[0];\n\t\t\t\t\tif (!target) {\n\t\t\t\t\t\tthrow ctx.error(\"BAD_REQUEST\", { message: \"Member not found\" });\n\t\t\t\t\t}\n\t\t\t\t\tawait ensureOrganizationRetainsSuperAdmin(ctx, db, {\n\t\t\t\t\t\torganizationId: orgId,\n\t\t\t\t\t\tscopeWhere: scope.where,\n\t\t\t\t\t\ttarget,\n\t\t\t\t\t\tnextRoleSlugs: roles,\n\t\t\t\t\t});\n\n\t\t\t\t\tconst updated = await db.update<MemberRow>({\n\t\t\t\t\t\tmodel: \"member\",\n\t\t\t\t\t\twhere: memberWhere,\n\t\t\t\t\t\tupdate: {\n\t\t\t\t\t\t\trole: roles.join(\",\"),\n\t\t\t\t\t\t\tupdatedAt: Date.now(),\n\t\t\t\t\t\t},\n\t\t\t\t\t});\n\t\t\t\t\treturn ctx.json(updated);\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tremoveMember: createAuthEndpoint(\n\t\t\t\t\"/organization/remove-member\",\n\t\t\t\t{ method: \"POST\", body: removeMemberSchema, requireHeaders: true },\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst { userId, activeOrganizationId, token, userRole } = getSessionOrThrow(ctx);\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst body = ctx.body;\n\t\t\t\t\tconst scope = getProjectScope(body as Record<string, unknown>);\n\t\t\t\t\tconst orgId = body.organizationId ?? activeOrganizationId;\n\t\t\t\t\tif (!orgId) throw ctx.error(\"BAD_REQUEST\", { message: \"Organization required\" });\n\n\t\t\t\t\tawait requireOrganizationPermission(ctx, db, {\n\t\t\t\t\t\tprojectId: scope.projectId,\n\t\t\t\t\t\torganizationId: orgId,\n\t\t\t\t\t\tuserId,\n\t\t\t\t\t\tuserRole,\n\t\t\t\t\t\tscopeWhere: scope.where,\n\t\t\t\t\t\tpermission: \"member.remove\",\n\t\t\t\t\t});\n\n\t\t\t\t\tconst identifier = body.memberIdOrEmail ?? body.memberIdOrUserId;\n\t\t\t\t\tif (!identifier) {\n\t\t\t\t\t\tthrow ctx.error(\"BAD_REQUEST\", { message: \"Member identifier required\" });\n\t\t\t\t\t}\n\n\t\t\t\t\tlet target: MemberRow | null = null;\n\t\t\t\t\tif (identifier.includes(\"@\")) {\n\t\t\t\t\t\tconst userRows = await db.findMany<{ id: string; email: string }>({\n\t\t\t\t\t\t\tmodel: \"user\",\n\t\t\t\t\t\t\twhere: [{ field: \"email\", value: identifier.toLowerCase() }, ...scope.where],\n\t\t\t\t\t\t\tlimit: 1,\n\t\t\t\t\t\t});\n\t\t\t\t\t\tif (userRows[0]) {\n\t\t\t\t\t\t\tconst rows = await db.findMany<MemberRow>({\n\t\t\t\t\t\t\t\tmodel: \"member\",\n\t\t\t\t\t\t\t\twhere: [\n\t\t\t\t\t\t\t\t\t{ field: \"organizationId\", value: orgId },\n\t\t\t\t\t\t\t\t\t{ field: \"userId\", value: userRows[0].id },\n\t\t\t\t\t\t\t\t\t...scope.where,\n\t\t\t\t\t\t\t\t],\n\t\t\t\t\t\t\t\tlimit: 1,\n\t\t\t\t\t\t\t});\n\t\t\t\t\t\t\ttarget = rows[0] ?? null;\n\t\t\t\t\t\t}\n\t\t\t\t\t} else {\n\t\t\t\t\t\tconst rows = await db.findMany<MemberRow>({\n\t\t\t\t\t\t\tmodel: \"member\",\n\t\t\t\t\t\t\twhere: [{ field: \"id\", value: identifier }, ...scope.where],\n\t\t\t\t\t\t\tlimit: 1,\n\t\t\t\t\t\t});\n\t\t\t\t\t\tif (rows[0]) {\n\t\t\t\t\t\t\ttarget = rows[0];\n\t\t\t\t\t\t} else if (body.memberIdOrUserId) {\n\t\t\t\t\t\t\tconst byUserRows = await db.findMany<MemberRow>({\n\t\t\t\t\t\t\t\tmodel: \"member\",\n\t\t\t\t\t\t\t\twhere: [\n\t\t\t\t\t\t\t\t\t{ field: \"organizationId\", value: orgId },\n\t\t\t\t\t\t\t\t\t{ field: \"userId\", value: body.memberIdOrUserId },\n\t\t\t\t\t\t\t\t\t...scope.where,\n\t\t\t\t\t\t\t\t],\n\t\t\t\t\t\t\t\tlimit: 1,\n\t\t\t\t\t\t\t});\n\t\t\t\t\t\t\ttarget = byUserRows[0] ?? null;\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\n\t\t\t\t\tif (!target || target.organizationId !== orgId) {\n\t\t\t\t\t\tthrow ctx.error(\"BAD_REQUEST\", { message: \"Member not found\" });\n\t\t\t\t\t}\n\t\t\t\t\tif (target.userId === userId) {\n\t\t\t\t\t\tthrow ctx.error(\"BAD_REQUEST\", { message: \"Use leave endpoint to leave organization\" });\n\t\t\t\t\t}\n\t\t\t\t\tawait ensureOrganizationRetainsSuperAdmin(ctx, db, {\n\t\t\t\t\t\torganizationId: orgId,\n\t\t\t\t\t\tscopeWhere: scope.where,\n\t\t\t\t\t\ttarget,\n\t\t\t\t\t\tnextRoleSlugs: [],\n\t\t\t\t\t});\n\n\t\t\t\t\tawait db.delete({\n\t\t\t\t\t\tmodel: \"member\",\n\t\t\t\t\t\twhere: [{ field: \"id\", value: target.id }, ...scope.where],\n\t\t\t\t\t});\n\t\t\t\t\tif (target.userId === userId) {\n\t\t\t\t\t\tawait setActiveOrganizationIfPossible(db, token, null);\n\t\t\t\t\t}\n\t\t\t\t\treturn ctx.json({ member: target });\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tleaveOrganization: createAuthEndpoint(\n\t\t\t\t\"/organization/leave\",\n\t\t\t\t{ method: \"POST\", body: organizationIdSchema, requireHeaders: true },\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst { userId, token, activeOrganizationId } = getSessionOrThrow(ctx);\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst scope = getProjectScope(ctx.body as Record<string, unknown>);\n\t\t\t\t\tconst orgId = ctx.body.organizationId ?? activeOrganizationId;\n\t\t\t\t\tif (!orgId) throw ctx.error(\"BAD_REQUEST\", { message: \"Organization required\" });\n\n\t\t\t\t\tconst member = await findMemberOrThrow(ctx, db, orgId, userId, scope.where);\n\t\t\t\t\tawait ensureOrganizationRetainsSuperAdmin(ctx, db, {\n\t\t\t\t\t\torganizationId: orgId,\n\t\t\t\t\t\tscopeWhere: scope.where,\n\t\t\t\t\t\ttarget: member,\n\t\t\t\t\t\tnextRoleSlugs: [],\n\t\t\t\t\t});\n\t\t\t\t\tawait db.delete({\n\t\t\t\t\t\tmodel: \"member\",\n\t\t\t\t\t\twhere: [{ field: \"id\", value: member.id }, ...scope.where],\n\t\t\t\t\t});\n\t\t\t\t\tif (activeOrganizationId === orgId) {\n\t\t\t\t\t\tawait setActiveOrganizationIfPossible(db, token, null);\n\t\t\t\t\t}\n\t\t\t\t\treturn ctx.json(member);\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tdeleteOrganization: createAuthEndpoint(\n\t\t\t\t\"/organization/delete\",\n\t\t\t\t{ method: \"POST\", body: organizationIdSchema, requireHeaders: true },\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst { userId, userRole } = getSessionOrThrow(ctx);\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst scope = getProjectScope(ctx.body as Record<string, unknown>);\n\t\t\t\t\tconst org = await resolveOrganization(db, {\n\t\t\t\t\t\torganizationId: ctx.body.organizationId,\n\t\t\t\t\t\torganizationSlug: ctx.body.organizationSlug,\n\t\t\t\t\t\tscopeWhere: scope.where,\n\t\t\t\t\t});\n\t\t\t\t\tif (!org) throw ctx.error(\"BAD_REQUEST\", { message: \"Organization not found\" });\n\t\t\t\t\tawait requireOrganizationPermission(ctx, db, {\n\t\t\t\t\t\tprojectId: scope.projectId,\n\t\t\t\t\t\torganizationId: org.id,\n\t\t\t\t\t\tuserId,\n\t\t\t\t\t\tuserRole,\n\t\t\t\t\t\tscopeWhere: scope.where,\n\t\t\t\t\t\tpermission: \"organization.delete\",\n\t\t\t\t\t});\n\n\t\t\t\t\tawait db.delete({\n\t\t\t\t\t\tmodel: \"invitation\",\n\t\t\t\t\t\twhere: [{ field: \"organizationId\", value: org.id }, ...scope.where],\n\t\t\t\t\t});\n\t\t\t\t\tawait db.delete({\n\t\t\t\t\t\tmodel: \"member\",\n\t\t\t\t\t\twhere: [{ field: \"organizationId\", value: org.id }, ...scope.where],\n\t\t\t\t\t});\n\t\t\t\t\tawait db.delete({\n\t\t\t\t\t\tmodel: \"organization\",\n\t\t\t\t\t\twhere: [{ field: \"id\", value: org.id }, ...scope.where],\n\t\t\t\t\t});\n\t\t\t\t\treturn ctx.json(org);\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tupdateOrganization: createAuthEndpoint(\n\t\t\t\t\"/organization/update\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\tbody: z\n\t\t\t\t\t\t.object({\n\t\t\t\t\t\t\torganizationId: z.string().optional(),\n\t\t\t\t\t\t\tdata: z\n\t\t\t\t\t\t\t\t.object({\n\t\t\t\t\t\t\t\t\tname: z.string().optional(),\n\t\t\t\t\t\t\t\t\tslug: z.string().optional(),\n\t\t\t\t\t\t\t\t\tlogo: z.string().optional(),\n\t\t\t\t\t\t\t\t\tmetadata: z.record(z.string(), z.unknown()).optional(),\n\t\t\t\t\t\t\t\t})\n\t\t\t\t\t\t\t\t.partial(),\n\t\t\t\t\t\t})\n\t\t\t\t\t\t.merge(projectScopeSchema),\n\t\t\t\t\trequireHeaders: true,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst { userId, activeOrganizationId, userRole } = getSessionOrThrow(ctx);\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst scope = getProjectScope(ctx.body as Record<string, unknown>);\n\t\t\t\t\tconst orgId = ctx.body.organizationId ?? activeOrganizationId;\n\t\t\t\t\tif (!orgId) throw ctx.error(\"BAD_REQUEST\", { message: \"Organization required\" });\n\n\t\t\t\t\tawait requireOrganizationPermission(ctx, db, {\n\t\t\t\t\t\tprojectId: scope.projectId,\n\t\t\t\t\t\torganizationId: orgId,\n\t\t\t\t\t\tuserId,\n\t\t\t\t\t\tuserRole,\n\t\t\t\t\t\tscopeWhere: scope.where,\n\t\t\t\t\t\tpermission: \"organization.update\",\n\t\t\t\t\t});\n\t\t\t\t\tif (ctx.body.data.slug) {\n\t\t\t\t\t\tconst conflict = await db.findMany<OrganizationRow>({\n\t\t\t\t\t\t\tmodel: \"organization\",\n\t\t\t\t\t\t\twhere: [{ field: \"slug\", value: ctx.body.data.slug }, ...scope.where],\n\t\t\t\t\t\t\tlimit: 1,\n\t\t\t\t\t\t});\n\t\t\t\t\t\tif (conflict[0] && conflict[0].id !== orgId) {\n\t\t\t\t\t\t\tthrow ctx.error(\"BAD_REQUEST\", { message: \"Organization slug already exists\" });\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\n\t\t\t\t\tconst updated = await db.update<OrganizationRow>({\n\t\t\t\t\t\tmodel: \"organization\",\n\t\t\t\t\t\twhere: [{ field: \"id\", value: orgId }, ...scope.where],\n\t\t\t\t\t\tupdate: {\n\t\t\t\t\t\t\t...ctx.body.data,\n\t\t\t\t\t\t\tmetadata: ctx.body.data.metadata ? JSON.stringify(ctx.body.data.metadata) : undefined,\n\t\t\t\t\t\t\tupdatedAt: Date.now(),\n\t\t\t\t\t\t},\n\t\t\t\t\t});\n\t\t\t\t\treturn ctx.json(updated);\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tcheckOrganizationSlug: createAuthEndpoint(\n\t\t\t\t\"/organization/check-slug\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\tbody: z.object({ slug: z.string() }).merge(projectScopeSchema),\n\t\t\t\t\trequireHeaders: true,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\t// Require authentication to prevent unauthenticated slug enumeration\n\t\t\t\t\trequireAuthenticated(ctx);\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst scope = getProjectScope(ctx.body as Record<string, unknown>);\n\t\t\t\t\tconst existing = await db.findMany<OrganizationRow>({\n\t\t\t\t\t\tmodel: \"organization\",\n\t\t\t\t\t\twhere: [{ field: \"slug\", value: ctx.body.slug }, ...scope.where],\n\t\t\t\t\t\tlimit: 1,\n\t\t\t\t\t});\n\t\t\t\t\tif (existing[0]) {\n\t\t\t\t\t\tthrow ctx.error(\"BAD_REQUEST\", { message: \"Organization slug already taken\" });\n\t\t\t\t\t}\n\t\t\t\t\treturn ctx.json({ status: true });\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tgetActiveMember: createAuthEndpoint(\n\t\t\t\t\"/organization/get-active-member\",\n\t\t\t\t{ method: \"POST\", body: projectScopeSchema, requireHeaders: true },\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst { userId, activeOrganizationId } = getSessionOrThrow(ctx);\n\t\t\t\t\tif (!activeOrganizationId) {\n\t\t\t\t\t\tthrow ctx.error(\"BAD_REQUEST\", { message: \"No active organization\" });\n\t\t\t\t\t}\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst scope = getProjectScope(ctx.body as Record<string, unknown>);\n\t\t\t\t\tconst member = await findMemberOrThrow(\n\t\t\t\t\t\tctx,\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tactiveOrganizationId,\n\t\t\t\t\t\tuserId,\n\t\t\t\t\t\tscope.where,\n\t\t\t\t\t);\n\t\t\t\t\treturn ctx.json(member);\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tgetActiveMemberRole: createAuthEndpoint(\n\t\t\t\t\"/organization/get-active-member-role\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\tbody: z\n\t\t\t\t\t\t.object({\n\t\t\t\t\t\t\tuserId: z.string().optional(),\n\t\t\t\t\t\t\torganizationId: z.string().optional(),\n\t\t\t\t\t\t\torganizationSlug: z.string().optional(),\n\t\t\t\t\t\t})\n\t\t\t\t\t\t.merge(projectScopeSchema),\n\t\t\t\t\trequireHeaders: true,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst session = getSessionOrThrow(ctx);\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst scope = getProjectScope(ctx.body as Record<string, unknown>);\n\t\t\t\t\tconst org = await resolveOrganization(db, {\n\t\t\t\t\t\torganizationId: ctx.body.organizationId,\n\t\t\t\t\t\torganizationSlug: ctx.body.organizationSlug,\n\t\t\t\t\t\tactiveOrganizationId: session.activeOrganizationId,\n\t\t\t\t\t\tscopeWhere: scope.where,\n\t\t\t\t\t});\n\t\t\t\t\tif (!org) throw ctx.error(\"BAD_REQUEST\", { message: \"Organization not found\" });\n\n\t\t\t\t\tawait findMemberOrThrow(ctx, db, org.id, session.userId, scope.where);\n\t\t\t\t\tconst targetUserId = ctx.body.userId ?? session.userId;\n\t\t\t\t\tconst rows = await db.findMany<MemberRow>({\n\t\t\t\t\t\tmodel: \"member\",\n\t\t\t\t\t\twhere: [\n\t\t\t\t\t\t\t{ field: \"organizationId\", value: org.id },\n\t\t\t\t\t\t\t{ field: \"userId\", value: targetUserId },\n\t\t\t\t\t\t\t...scope.where,\n\t\t\t\t\t\t],\n\t\t\t\t\t\tlimit: 1,\n\t\t\t\t\t});\n\t\t\t\t\tif (!rows[0]) throw ctx.error(\"BAD_REQUEST\", { message: \"Member not found\" });\n\t\t\t\t\treturn ctx.json({ role: rows[0].role });\n\t\t\t\t},\n\t\t\t),\n\t\t},\n\t};\n}\n","/**\n * Portal plugin for Banata Auth.\n *\n * Provides an Admin Portal link generation API that creates short-lived,\n * scoped portal sessions for organization IT admins. Each portal link\n * grants access to a specific intent (SSO, Directory Sync, Audit Logs, etc.)\n * within an organization context.\n *\n * This mirrors WorkOS's Admin Portal feature, allowing you to generate\n * a URL that redirects an org admin to a self-serve configuration page.\n *\n * @see {@link ../../../shared/src/types.ts} for the PortalSession SDK type\n */\n\nimport type { BetterAuthPlugin } from \"better-auth\";\nimport { createAuthEndpoint } from \"better-auth/api\";\nimport { z } from \"zod\";\nimport {\n\ttype PluginDBAdapter,\n\tgetProjectScope,\n\tprojectScopeSchema,\n\trequireProjectPermission,\n} from \"./types\";\n\n// ─── Constants ──────────────────────────────────────────────────────\n\n/** Default portal session lifetime: 5 minutes (300 000 ms). */\nconst DEFAULT_EXPIRES_IN_MS = 5 * 60 * 1000;\n\n/** Maximum portal session lifetime: 1 hour (3 600 000 ms). */\nconst MAX_EXPIRES_IN_MS = 60 * 60 * 1000;\n\n/** Valid portal intent values. */\nconst PORTAL_INTENTS = [\n\t\"sso\",\n\t\"dsync\",\n\t\"domain_verification\",\n\t\"audit_logs\",\n\t\"log_streams\",\n\t\"users\",\n] as const;\n\n// ─── Row Type ───────────────────────────────────────────────────────\n\ninterface PortalSessionRow extends Record<string, unknown> {\n\tid: string;\n\torganizationId: string;\n\tintent: string;\n\treturnUrl: string | null;\n\ttoken: string;\n\texpiresAt: number;\n\tprojectId?: string;\n\tcreatedAt: number;\n}\n\n// ─── Zod Schemas ────────────────────────────────────────────────────\n\nconst generateLinkSchema = z\n\t.object({\n\t\t/** The organization to generate a portal link for. */\n\t\torganizationId: z.string().min(1),\n\t\t/** The portal section to open. */\n\t\tintent: z.enum(PORTAL_INTENTS),\n\t\t/** URL to redirect the admin back to after completing the portal flow. */\n\t\treturnUrl: z.string().url().optional(),\n\t\t/** Session lifetime in seconds. Default: 300 (5 minutes). Max: 3600 (1 hour). */\n\t\texpiresIn: z.number().int().positive().max(3600).optional(),\n\t})\n\t.merge(projectScopeSchema);\n\n// ─── Helpers ────────────────────────────────────────────────────────\n\n/**\n * Generate a cryptographically random token for the portal session.\n * Uses 32 bytes of randomness encoded as hex (64 chars).\n */\nfunction generateToken(): string {\n\tconst bytes = new Uint8Array(32);\n\tcrypto.getRandomValues(bytes);\n\treturn Array.from(bytes)\n\t\t.map((b) => b.toString(16).padStart(2, \"0\"))\n\t\t.join(\"\");\n}\n\n// ─── Plugin Factory ─────────────────────────────────────────────────\n\n/**\n * Portal plugin for Banata Auth.\n *\n * Registers API endpoints under `/api/auth/banata/portal/*` that allow\n * programmatic generation of short-lived admin portal links.\n *\n * @returns A Better Auth plugin descriptor\n *\n * @example\n * ```ts\n * import { portalPlugin } from \"./plugins/portal\";\n *\n * const plugins = [\n * portalPlugin(),\n * // ... other plugins\n * ];\n * ```\n */\nexport function portalPlugin(): BetterAuthPlugin {\n\treturn {\n\t\tid: \"banata-portal\",\n\n\t\tschema: {\n\t\t\tportalSession: {\n\t\t\t\tfields: {\n\t\t\t\t\torganizationId: {\n\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\trequired: true,\n\t\t\t\t\t},\n\t\t\t\t\tintent: {\n\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\trequired: true,\n\t\t\t\t\t},\n\t\t\t\t\treturnUrl: {\n\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\trequired: false,\n\t\t\t\t\t},\n\t\t\t\t\ttoken: {\n\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\trequired: true,\n\t\t\t\t\t\tunique: true,\n\t\t\t\t\t},\n\t\t\t\t\tprojectId: {\n\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\trequired: false,\n\t\t\t\t\t},\n\t\t\t\t\texpiresAt: {\n\t\t\t\t\t\ttype: \"number\",\n\t\t\t\t\t\trequired: true,\n\t\t\t\t\t},\n\t\t\t\t\tcreatedAt: {\n\t\t\t\t\t\ttype: \"number\",\n\t\t\t\t\t\trequired: true,\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\n\t\tendpoints: {\n\t\t\t/**\n\t\t\t * Generate a short-lived admin portal link.\n\t\t\t *\n\t\t\t * POST /api/auth/banata/portal/generate-link\n\t\t\t *\n\t\t\t * Creates a portal session and returns the portal URL with an\n\t\t\t * embedded session token. The link expires after the configured\n\t\t\t * lifetime (default: 5 minutes).\n\t\t\t */\n\t\t\tgeneratePortalLink: createAuthEndpoint(\n\t\t\t\t\"/banata/portal/generate-link\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\tbody: generateLinkSchema,\n\t\t\t\t\trequireHeaders: true,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst body = ctx.body;\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst scope = getProjectScope(body as Record<string, unknown>);\n\t\t\t\t\tawait requireProjectPermission(ctx, {\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tpermission: \"portal.create\",\n\t\t\t\t\t\tprojectId: scope.projectId,\n\t\t\t\t\t});\n\n\t\t\t\t\t// Verify the organization exists\n\t\t\t\t\tconst orgRows = await db.findMany({\n\t\t\t\t\t\tmodel: \"organization\",\n\t\t\t\t\t\twhere: [{ field: \"id\", value: body.organizationId }, ...scope.where],\n\t\t\t\t\t\tlimit: 1,\n\t\t\t\t\t});\n\t\t\t\t\tif (orgRows.length === 0) {\n\t\t\t\t\t\tthrow ctx.error(\"NOT_FOUND\", {\n\t\t\t\t\t\t\tmessage: `Organization not found: ${body.organizationId}`,\n\t\t\t\t\t\t});\n\t\t\t\t\t}\n\n\t\t\t\t\tconst now = Date.now();\n\t\t\t\t\tconst expiresInMs = body.expiresIn\n\t\t\t\t\t\t? Math.min(body.expiresIn * 1000, MAX_EXPIRES_IN_MS)\n\t\t\t\t\t\t: DEFAULT_EXPIRES_IN_MS;\n\t\t\t\t\tconst expiresAt = now + expiresInMs;\n\t\t\t\t\tconst token = generateToken();\n\n\t\t\t\t\tconst id =\n\t\t\t\t\t\tctx.context.generateId({ model: \"portalSession\" }) ||\n\t\t\t\t\t\t`ps_${generateToken().slice(0, 24)}`;\n\n\t\t\t\t\tawait db.create({\n\t\t\t\t\t\tmodel: \"portalSession\",\n\t\t\t\t\t\tdata: {\n\t\t\t\t\t\t\tid,\n\t\t\t\t\t\t\torganizationId: body.organizationId,\n\t\t\t\t\t\t\tintent: body.intent,\n\t\t\t\t\t\t\treturnUrl: body.returnUrl ?? null,\n\t\t\t\t\t\t\ttoken,\n\t\t\t\t\t\t\texpiresAt,\n\t\t\t\t\t\t\tcreatedAt: now,\n\t\t\t\t\t\t\t...scope.data,\n\t\t\t\t\t\t},\n\t\t\t\t\t});\n\n\t\t\t\t\t// Build the portal URL using the auth base URL\n\t\t\t\t\tconst baseUrl = ctx.context.baseURL;\n\t\t\t\t\tconst portalUrl = `${baseUrl}/portal?token=${token}&intent=${body.intent}`;\n\n\t\t\t\t\treturn ctx.json({\n\t\t\t\t\t\tlink: portalUrl,\n\t\t\t\t\t\tsessionId: id,\n\t\t\t\t\t\tintent: body.intent,\n\t\t\t\t\t\torganizationId: body.organizationId,\n\t\t\t\t\t\texpiresAt: new Date(expiresAt).toISOString(),\n\t\t\t\t\t});\n\t\t\t\t},\n\t\t\t),\n\n\t\t\t/**\n\t\t\t * Validate a portal session token.\n\t\t\t *\n\t\t\t * POST /api/auth/banata/portal/validate-session\n\t\t\t *\n\t\t\t * Validates that the token is valid, not expired, and returns\n\t\t\t * the session details. Used by the portal frontend to verify\n\t\t\t * access before rendering the portal UI.\n\t\t\t */\n\t\t\tvalidatePortalSession: createAuthEndpoint(\n\t\t\t\t\"/banata/portal/validate-session\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\tbody: z.object({\n\t\t\t\t\t\ttoken: z.string().min(1),\n\t\t\t\t\t}),\n\t\t\t\t\trequireHeaders: true,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst { token } = ctx.body;\n\n\t\t\t\t\tconst rows = await db.findMany<PortalSessionRow>({\n\t\t\t\t\t\tmodel: \"portalSession\",\n\t\t\t\t\t\twhere: [{ field: \"token\", value: token }],\n\t\t\t\t\t\tlimit: 1,\n\t\t\t\t\t});\n\n\t\t\t\t\tconst session = rows[0];\n\t\t\t\t\tif (!session) {\n\t\t\t\t\t\tthrow ctx.error(\"NOT_FOUND\", {\n\t\t\t\t\t\t\tmessage: \"Portal session not found or expired\",\n\t\t\t\t\t\t});\n\t\t\t\t\t}\n\n\t\t\t\t\tif (session.expiresAt < Date.now()) {\n\t\t\t\t\t\t// Clean up expired session\n\t\t\t\t\t\tawait db.delete({\n\t\t\t\t\t\t\tmodel: \"portalSession\",\n\t\t\t\t\t\t\twhere: [{ field: \"id\", value: session.id }],\n\t\t\t\t\t\t});\n\t\t\t\t\t\tthrow ctx.error(\"UNAUTHORIZED\", {\n\t\t\t\t\t\t\tmessage: \"Portal session has expired\",\n\t\t\t\t\t\t});\n\t\t\t\t\t}\n\n\t\t\t\t\treturn ctx.json({\n\t\t\t\t\t\tsessionId: session.id,\n\t\t\t\t\t\torganizationId: session.organizationId,\n\t\t\t\t\t\tintent: session.intent,\n\t\t\t\t\t\treturnUrl: session.returnUrl,\n\t\t\t\t\t\texpiresAt: new Date(session.expiresAt).toISOString(),\n\t\t\t\t\t});\n\t\t\t\t},\n\t\t\t),\n\t\t},\n\t};\n}\n","/**\n * Banata Auth Projects Plugin\n *\n * Provides multi-project support.\n * Each project is a fully isolated auth tenant with its own users, sessions,\n * organizations, branding, email templates, API keys, webhooks, etc.\n */\n\nimport type { BetterAuthPlugin } from \"better-auth\";\nimport { createAuthEndpoint } from \"better-auth/api\";\nimport { z } from \"zod\";\nimport type {\n\tPermissionDefinitionRow,\n\tPluginDBAdapter,\n\tProjectRow,\n\tRoleDefinitionRow,\n\tSessionUser,\n} from \"./types\";\nimport { isGlobalAdminUser, requireAuthenticated } from \"./types\";\n\n// ─── Zod Schemas ──────────────────────────────────────────────────\n\nconst createProjectSchema = z.object({\n\tname: z.string().min(1).max(100),\n\tslug: z\n\t\t.string()\n\t\t.min(1)\n\t\t.max(100)\n\t\t.regex(/^[a-z0-9-]+$/, \"Slug must be lowercase alphanumeric with hyphens\"),\n\tdescription: z.string().max(500).optional(),\n\tlogoUrl: z.string().url().optional(),\n});\n\nconst updateProjectSchema = z.object({\n\tid: z.string(),\n\tname: z.string().min(1).max(100).optional(),\n\tslug: z\n\t\t.string()\n\t\t.min(1)\n\t\t.max(100)\n\t\t.regex(/^[a-z0-9-]+$/)\n\t\t.optional(),\n\tdescription: z.string().max(500).optional(),\n\tlogoUrl: z.string().url().optional(),\n});\n\n// ─── Built-in RBAC Seeds ──────────────────────────────────────────\n\nconst SUPER_ADMIN_ROLE_SLUG = \"super_admin\";\n\ninterface MemberProjectRow extends Record<string, unknown> {\n\tprojectId?: string;\n\tuserId: string;\n}\n\ninterface BuiltInPermissionSeed {\n\tslug: string;\n\tname: string;\n\tdescription: string;\n}\n\nconst BUILT_IN_PERMISSIONS: BuiltInPermissionSeed[] = [\n\t{\n\t\tslug: \"organization.read\",\n\t\tname: \"Read organization\",\n\t\tdescription: \"View organization details.\",\n\t},\n\t{\n\t\tslug: \"organization.update\",\n\t\tname: \"Update organization\",\n\t\tdescription: \"Update organization metadata and settings.\",\n\t},\n\t{\n\t\tslug: \"organization.delete\",\n\t\tname: \"Delete organization\",\n\t\tdescription: \"Delete an organization.\",\n\t},\n\t{ slug: \"member.invite\", name: \"Invite members\", description: \"Invite users to organizations.\" },\n\t{ slug: \"member.read\", name: \"Read members\", description: \"List organization members.\" },\n\t{\n\t\tslug: \"member.update_role\",\n\t\tname: \"Update member role\",\n\t\tdescription: \"Change member role assignments.\",\n\t},\n\t{\n\t\tslug: \"member.remove\",\n\t\tname: \"Remove members\",\n\t\tdescription: \"Remove members from organizations.\",\n\t},\n\t{ slug: \"role.create\", name: \"Create roles\", description: \"Create custom roles.\" },\n\t{ slug: \"role.read\", name: \"Read roles\", description: \"List and inspect roles.\" },\n\t{ slug: \"role.update\", name: \"Update roles\", description: \"Edit custom roles.\" },\n\t{ slug: \"role.delete\", name: \"Delete roles\", description: \"Delete custom roles.\" },\n\t{\n\t\tslug: \"permission.create\",\n\t\tname: \"Create permissions\",\n\t\tdescription: \"Create custom permissions.\",\n\t},\n\t{\n\t\tslug: \"permission.read\",\n\t\tname: \"Read permissions\",\n\t\tdescription: \"List and inspect permissions.\",\n\t},\n\t{\n\t\tslug: \"permission.delete\",\n\t\tname: \"Delete permissions\",\n\t\tdescription: \"Delete custom permissions.\",\n\t},\n\t{ slug: \"api_key.create\", name: \"Create API keys\", description: \"Create API keys.\" },\n\t{ slug: \"api_key.read\", name: \"Read API keys\", description: \"List API keys.\" },\n\t{ slug: \"api_key.delete\", name: \"Delete API keys\", description: \"Revoke API keys.\" },\n\t{\n\t\tslug: \"sso.read\",\n\t\tname: \"Read SSO connections\",\n\t\tdescription: \"List and inspect enterprise SSO connections.\",\n\t},\n\t{\n\t\tslug: \"sso.manage\",\n\t\tname: \"Manage SSO connections\",\n\t\tdescription: \"Create, update, and delete enterprise SSO connections.\",\n\t},\n\t{\n\t\tslug: \"directory.read\",\n\t\tname: \"Read directories\",\n\t\tdescription: \"List and inspect SCIM directories and synced users.\",\n\t},\n\t{\n\t\tslug: \"directory.manage\",\n\t\tname: \"Manage directories\",\n\t\tdescription: \"Create and delete SCIM directories and tokens.\",\n\t},\n\t{ slug: \"sandbox.create\", name: \"Create sandboxes\", description: \"Create AI/runtime sandboxes.\" },\n\t{ slug: \"sandbox.read\", name: \"Read sandboxes\", description: \"View sandbox details.\" },\n\t{ slug: \"sandbox.delete\", name: \"Delete sandboxes\", description: \"Delete sandboxes.\" },\n\t{ slug: \"browser.launch\", name: \"Launch browser\", description: \"Launch browser sandboxes.\" },\n\t{ slug: \"browser.connect\", name: \"Connect browser\", description: \"Connect to browser CDP.\" },\n\t{ slug: \"billing.read\", name: \"Read billing\", description: \"View billing details.\" },\n\t{ slug: \"billing.manage\", name: \"Manage billing\", description: \"Manage billing and plans.\" },\n];\n\nasync function ensureProjectRbacSeed(\n\tdb: PluginDBAdapter,\n\tprojectId: string,\n\tnow: number,\n): Promise<void> {\n\tconst existingPermissions = await db.findMany<PermissionDefinitionRow>({\n\t\tmodel: \"permissionDefinition\",\n\t\twhere: [{ field: \"projectId\", value: projectId }],\n\t\tlimit: 1000,\n\t});\n\tconst existingPermissionSlugs = new Set(existingPermissions.map((p) => p.slug));\n\n\tfor (const def of BUILT_IN_PERMISSIONS) {\n\t\tif (existingPermissionSlugs.has(def.slug)) continue;\n\t\tawait db.create<PermissionDefinitionRow>({\n\t\t\tmodel: \"permissionDefinition\",\n\t\t\tdata: {\n\t\t\t\tprojectId,\n\t\t\t\tname: def.name,\n\t\t\t\tslug: def.slug,\n\t\t\t\tdescription: def.description,\n\t\t\t\tcreatedAt: now,\n\t\t\t\tupdatedAt: now,\n\t\t\t},\n\t\t});\n\t\texistingPermissionSlugs.add(def.slug);\n\t}\n\n\tconst allPermissionSlugs = Array.from(existingPermissionSlugs).sort();\n\tconst superAdminRows = await db.findMany<RoleDefinitionRow>({\n\t\tmodel: \"roleDefinition\",\n\t\twhere: [\n\t\t\t{ field: \"projectId\", value: projectId },\n\t\t\t{ field: \"slug\", value: SUPER_ADMIN_ROLE_SLUG },\n\t\t],\n\t\tlimit: 1,\n\t});\n\n\tif (superAdminRows.length === 0 || !superAdminRows[0]) {\n\t\tawait db.create<RoleDefinitionRow>({\n\t\t\tmodel: \"roleDefinition\",\n\t\t\tdata: {\n\t\t\t\tprojectId,\n\t\t\t\tname: \"Super Admin\",\n\t\t\t\tslug: SUPER_ADMIN_ROLE_SLUG,\n\t\t\t\tdescription: \"Full access across this project and its organizations.\",\n\t\t\t\tpermissions: JSON.stringify(allPermissionSlugs),\n\t\t\t\tisDefault: true,\n\t\t\t\tcreatedAt: now,\n\t\t\t\tupdatedAt: now,\n\t\t\t},\n\t\t});\n\t\treturn;\n\t}\n\n\tconst superAdmin = superAdminRows[0];\n\tconst currentPerms = superAdmin.permissions\n\t\t? (JSON.parse(superAdmin.permissions) as string[])\n\t\t: [];\n\tconst mergedPerms = Array.from(new Set([...currentPerms, ...allPermissionSlugs])).sort();\n\tawait db.update<RoleDefinitionRow>({\n\t\tmodel: \"roleDefinition\",\n\t\twhere: [{ field: \"id\", value: superAdmin.id }],\n\t\tupdate: {\n\t\t\tpermissions: JSON.stringify(mergedPerms),\n\t\t\tisDefault: true,\n\t\t\tupdatedAt: now,\n\t\t},\n\t});\n}\n\nasync function findMemberProjectIds(db: PluginDBAdapter, userId: string): Promise<string[]> {\n\ttry {\n\t\tconst memberships = await db.findMany<MemberProjectRow>({\n\t\t\tmodel: \"member\",\n\t\t\twhere: [{ field: \"userId\", value: userId }],\n\t\t\tlimit: 1000,\n\t\t});\n\t\treturn Array.from(\n\t\t\tnew Set(\n\t\t\t\tmemberships\n\t\t\t\t\t.map((membership) => membership.projectId)\n\t\t\t\t\t.filter((projectId): projectId is string => typeof projectId === \"string\"),\n\t\t\t),\n\t\t);\n\t} catch {\n\t\t// The organization plugin owns the `member` model. If it is disabled,\n\t\t// project access falls back to ownership only.\n\t\treturn [];\n\t}\n}\n\nfunction sortProjects(projects: ProjectRow[]): ProjectRow[] {\n\treturn [...projects].sort((a, b) => b.createdAt - a.createdAt);\n}\n\nasync function listAccessibleProjects(\n\tdb: PluginDBAdapter,\n\tuser: SessionUser,\n): Promise<ProjectRow[]> {\n\tif (isGlobalAdminUser(user)) {\n\t\tconst rows = await db.findMany<ProjectRow>({\n\t\t\tmodel: \"project\",\n\t\t\twhere: [],\n\t\t\tlimit: 1000,\n\t\t\tsortBy: { field: \"createdAt\", direction: \"desc\" },\n\t\t});\n\t\treturn rows;\n\t}\n\n\tconst projectsById = new Map<string, ProjectRow>();\n\tconst ownedProjects = await db.findMany<ProjectRow>({\n\t\tmodel: \"project\",\n\t\twhere: [{ field: \"ownerId\", value: user.id }],\n\t\tlimit: 1000,\n\t\tsortBy: { field: \"createdAt\", direction: \"desc\" },\n\t});\n\tfor (const project of ownedProjects) {\n\t\tprojectsById.set(project.id, project);\n\t}\n\n\tconst memberProjectIds = await findMemberProjectIds(db, user.id);\n\tif (memberProjectIds.length > 0) {\n\t\tconst memberProjects = await db.findMany<ProjectRow>({\n\t\t\tmodel: \"project\",\n\t\t\twhere: [{ field: \"id\", operator: \"in\", value: memberProjectIds }],\n\t\t\tlimit: 1000,\n\t\t\tsortBy: { field: \"createdAt\", direction: \"desc\" },\n\t\t});\n\t\tfor (const project of memberProjects) {\n\t\t\tprojectsById.set(project.id, project);\n\t\t}\n\t}\n\n\treturn sortProjects(Array.from(projectsById.values()));\n}\n\nasync function findProjectById(db: PluginDBAdapter, projectId: string): Promise<ProjectRow | null> {\n\tconst rows = await db.findMany<ProjectRow>({\n\t\tmodel: \"project\",\n\t\twhere: [{ field: \"id\", value: projectId }],\n\t\tlimit: 1,\n\t});\n\treturn rows[0] ?? null;\n}\n\nasync function assertProjectReadable(\n\tctx: any,\n\tdb: PluginDBAdapter,\n\tproject: ProjectRow,\n\tuser: SessionUser,\n): Promise<void> {\n\tif (isGlobalAdminUser(user) || project.ownerId === user.id) {\n\t\treturn;\n\t}\n\n\tconst memberProjectIds = await findMemberProjectIds(db, user.id);\n\tif (memberProjectIds.includes(project.id)) {\n\t\treturn;\n\t}\n\n\tthrow ctx.error(\"FORBIDDEN\", { message: \"You do not have access to this project\" });\n}\n\nfunction assertProjectWritable(ctx: any, project: ProjectRow, user: SessionUser): void {\n\tif (isGlobalAdminUser(user) || project.ownerId === user.id) {\n\t\treturn;\n\t}\n\n\tthrow ctx.error(\"FORBIDDEN\", { message: \"Only the project owner can modify this project\" });\n}\n\n// ─── Plugin Options ───────────────────────────────────────────────\n\nexport interface ProjectsPluginOptions {\n\t/** Whether to auto-create a default project if none exist. Default: true */\n\tautoCreateDefault?: boolean;\n\t/** Default project name when auto-creating. Default: \"Default Project\" */\n\tdefaultProjectName?: string;\n}\n\n// ─── Plugin Definition ────────────────────────────────────────────\n\nexport function projectsPlugin(options: ProjectsPluginOptions = {}): BetterAuthPlugin {\n\tconst { autoCreateDefault = true, defaultProjectName = \"Default Project\" } = options;\n\n\treturn {\n\t\tid: \"banata-projects\" as const,\n\n\t\tschema: {\n\t\t\tproject: {\n\t\t\t\tfields: {\n\t\t\t\t\tname: { type: \"string\" as const, required: true },\n\t\t\t\t\tslug: { type: \"string\" as const, required: true, unique: true },\n\t\t\t\t\tdescription: { type: \"string\" as const, required: false },\n\t\t\t\t\tlogoUrl: { type: \"string\" as const, required: false },\n\t\t\t\t\townerId: { type: \"string\" as const, required: true },\n\t\t\t\t\tcreatedAt: { type: \"number\" as const, required: true },\n\t\t\t\t\tupdatedAt: { type: \"number\" as const, required: true },\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\n\t\tendpoints: {\n\t\t\t// ─── Project CRUD ───────────────────────────────────────\n\n\t\t\t/**\n\t\t\t * List all projects the current user has access to.\n\t\t\t */\n\t\t\tlistProjects: createAuthEndpoint(\n\t\t\t\t\"/banata/projects/list\",\n\t\t\t\t{ method: \"POST\", requireHeaders: true },\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst { user } = requireAuthenticated(ctx);\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst projects = await listAccessibleProjects(db, user);\n\t\t\t\t\treturn ctx.json({ projects });\n\t\t\t\t},\n\t\t\t),\n\n\t\t\t/**\n\t\t\t * Get a single project by ID.\n\t\t\t */\n\t\t\tgetProject: createAuthEndpoint(\n\t\t\t\t\"/banata/projects/get\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\trequireHeaders: true,\n\t\t\t\t\tbody: z.object({ id: z.string() }),\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst { user } = requireAuthenticated(ctx);\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst project = await findProjectById(db, ctx.body.id);\n\t\t\t\t\tif (!project) {\n\t\t\t\t\t\treturn ctx.json({ project: null });\n\t\t\t\t\t}\n\n\t\t\t\t\tawait assertProjectReadable(ctx, db, project, user);\n\t\t\t\t\treturn ctx.json({ project });\n\t\t\t\t},\n\t\t\t),\n\n\t\t\t/**\n\t\t\t * Create a new project.\n\t\t\t */\n\t\t\tcreateProject: createAuthEndpoint(\n\t\t\t\t\"/banata/projects/create\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\trequireHeaders: true,\n\t\t\t\t\tbody: createProjectSchema,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst { user } = requireAuthenticated(ctx);\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst body = ctx.body;\n\n\t\t\t\t\t// Check slug uniqueness\n\t\t\t\t\tconst existing = await db.findMany<ProjectRow>({\n\t\t\t\t\t\tmodel: \"project\",\n\t\t\t\t\t\twhere: [{ field: \"slug\", value: body.slug }],\n\t\t\t\t\t});\n\t\t\t\t\tif (existing.length > 0) {\n\t\t\t\t\t\treturn ctx.json({\n\t\t\t\t\t\t\tsuccess: false,\n\t\t\t\t\t\t\terror: `Project slug \"${body.slug}\" already exists`,\n\t\t\t\t\t\t});\n\t\t\t\t\t}\n\n\t\t\t\t\t// Get current user ID from session\n\t\t\t\t\tconst userId = user.id;\n\t\t\t\t\tconst now = Date.now();\n\n\t\t\t\t\tconst data: Record<string, unknown> = {\n\t\t\t\t\t\tname: body.name,\n\t\t\t\t\t\tslug: body.slug,\n\t\t\t\t\t\townerId: userId,\n\t\t\t\t\t\tcreatedAt: now,\n\t\t\t\t\t\tupdatedAt: now,\n\t\t\t\t\t};\n\t\t\t\t\tif (body.description) data.description = body.description;\n\t\t\t\t\tif (body.logoUrl) data.logoUrl = body.logoUrl;\n\n\t\t\t\t\tconst project = await db.create<ProjectRow>({\n\t\t\t\t\t\tmodel: \"project\",\n\t\t\t\t\t\tdata: data as ProjectRow,\n\t\t\t\t\t});\n\n\t\t\t\t\tawait ensureProjectRbacSeed(db, project.id, now);\n\n\t\t\t\t\treturn ctx.json({ success: true, project });\n\t\t\t\t},\n\t\t\t),\n\n\t\t\t/**\n\t\t\t * Update a project's metadata.\n\t\t\t */\n\t\t\tupdateProject: createAuthEndpoint(\n\t\t\t\t\"/banata/projects/update\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\trequireHeaders: true,\n\t\t\t\t\tbody: updateProjectSchema,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst { user } = requireAuthenticated(ctx);\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst body = ctx.body;\n\t\t\t\t\tconst project = await findProjectById(db, body.id);\n\t\t\t\t\tif (!project) {\n\t\t\t\t\t\tthrow ctx.error(\"BAD_REQUEST\", { message: \"Project not found\" });\n\t\t\t\t\t}\n\t\t\t\t\tassertProjectWritable(ctx, project, user);\n\n\t\t\t\t\t// If slug is being changed, check uniqueness\n\t\t\t\t\tif (body.slug) {\n\t\t\t\t\t\tconst existing = await db.findMany<ProjectRow>({\n\t\t\t\t\t\t\tmodel: \"project\",\n\t\t\t\t\t\t\twhere: [{ field: \"slug\", value: body.slug }],\n\t\t\t\t\t\t});\n\t\t\t\t\t\tif (existing.length > 0 && existing[0]!.id !== body.id) {\n\t\t\t\t\t\t\treturn ctx.json({\n\t\t\t\t\t\t\t\tsuccess: false,\n\t\t\t\t\t\t\t\terror: `Project slug \"${body.slug}\" already exists`,\n\t\t\t\t\t\t\t});\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\n\t\t\t\t\tconst update: Record<string, unknown> = { updatedAt: Date.now() };\n\t\t\t\t\tif (body.name !== undefined) update.name = body.name;\n\t\t\t\t\tif (body.slug !== undefined) update.slug = body.slug;\n\t\t\t\t\tif (body.description !== undefined) update.description = body.description;\n\t\t\t\t\tif (body.logoUrl !== undefined) update.logoUrl = body.logoUrl;\n\n\t\t\t\t\tconst updated = await db.update<ProjectRow>({\n\t\t\t\t\t\tmodel: \"project\",\n\t\t\t\t\t\twhere: [{ field: \"id\", value: body.id }],\n\t\t\t\t\t\tupdate,\n\t\t\t\t\t});\n\n\t\t\t\t\treturn ctx.json({ success: true, project: updated });\n\t\t\t\t},\n\t\t\t),\n\n\t\t\t/**\n\t\t\t * Delete a project.\n\t\t\t * WARNING: This does NOT cascade-delete project data (users, etc.) — that\n\t\t\t * requires a more complex migration. This only deletes the project metadata.\n\t\t\t */\n\t\t\tdeleteProject: createAuthEndpoint(\n\t\t\t\t\"/banata/projects/delete\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\trequireHeaders: true,\n\t\t\t\t\tbody: z.object({ id: z.string() }),\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst { user } = requireAuthenticated(ctx);\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst project = await findProjectById(db, ctx.body.id);\n\t\t\t\t\tif (!project) {\n\t\t\t\t\t\tthrow ctx.error(\"BAD_REQUEST\", { message: \"Project not found\" });\n\t\t\t\t\t}\n\t\t\t\t\tassertProjectWritable(ctx, project, user);\n\n\t\t\t\t\t// Delete the project\n\t\t\t\t\tawait db.delete({\n\t\t\t\t\t\tmodel: \"project\",\n\t\t\t\t\t\twhere: [{ field: \"id\", value: ctx.body.id }],\n\t\t\t\t\t});\n\n\t\t\t\t\treturn ctx.json({ success: true });\n\t\t\t\t},\n\t\t\t),\n\n\t\t\t// ─── Initialization / Bootstrap ─────────────────────────\n\n\t\t\t/**\n\t\t\t * Ensure at least one project exists. If none exist and autoCreateDefault\n\t\t\t * is enabled, creates a \"Default Project\".\n\t\t\t * Called by the dashboard on first load.\n\t\t\t */\n\t\t\tensureDefaultProject: createAuthEndpoint(\n\t\t\t\t\"/banata/projects/ensure-default\",\n\t\t\t\t{ method: \"POST\", requireHeaders: true },\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst { user } = requireAuthenticated(ctx);\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\n\t\t\t\t\tconst existingProjects = await db.findMany<ProjectRow>({\n\t\t\t\t\t\tmodel: \"project\",\n\t\t\t\t\t\twhere: [],\n\t\t\t\t\t\tlimit: 1000,\n\t\t\t\t\t\tsortBy: { field: \"createdAt\", direction: \"desc\" },\n\t\t\t\t\t});\n\n\t\t\t\t\tif (existingProjects.length > 0) {\n\t\t\t\t\t\tconst accessibleProjects = await listAccessibleProjects(db, user);\n\t\t\t\t\t\tconst project = accessibleProjects[0] ?? null;\n\t\t\t\t\t\tif (project) {\n\t\t\t\t\t\t\tawait ensureProjectRbacSeed(db, project.id, Date.now());\n\t\t\t\t\t\t}\n\n\t\t\t\t\t\treturn ctx.json({\n\t\t\t\t\t\t\tcreated: false,\n\t\t\t\t\t\t\tproject,\n\t\t\t\t\t\t});\n\t\t\t\t\t}\n\n\t\t\t\t\tif (!autoCreateDefault) {\n\t\t\t\t\t\treturn ctx.json({ created: false, project: null });\n\t\t\t\t\t}\n\n\t\t\t\t\t// Create default project\n\t\t\t\t\tconst userId = user.id;\n\t\t\t\t\tconst now = Date.now();\n\n\t\t\t\t\tconst project = await db.create<ProjectRow>({\n\t\t\t\t\t\tmodel: \"project\",\n\t\t\t\t\t\tdata: {\n\t\t\t\t\t\t\tname: defaultProjectName,\n\t\t\t\t\t\t\tslug: \"default\",\n\t\t\t\t\t\t\townerId: userId,\n\t\t\t\t\t\t\tcreatedAt: now,\n\t\t\t\t\t\t\tupdatedAt: now,\n\t\t\t\t\t\t} as ProjectRow,\n\t\t\t\t\t});\n\n\t\t\t\t\tawait ensureProjectRbacSeed(db, project.id, now);\n\n\t\t\t\t\treturn ctx.json({ created: true, project });\n\t\t\t\t},\n\t\t\t),\n\t\t},\n\t};\n}\n","/**\n * Bot protection plugin for Banata Auth.\n *\n * Provides request-level bot detection and abuse prevention using\n * Better Auth's `onRequest` hook. This plugin intercepts incoming\n * requests BEFORE any auth processing occurs and can short-circuit\n * with a 403 if a bot is detected.\n *\n * The plugin is provider-agnostic — it accepts a `verifyRequest`\n * callback that consumers implement with their preferred bot detection\n * service (Vercel BotID, Cloudflare Turnstile, hCaptcha, reCAPTCHA, etc.).\n *\n * @example\n * ```ts\n * import { banataProtection } from \"@banata-auth/convex/plugins\";\n *\n * // The plugin is automatically included when you configure protection\n * // in your BanataAuthConfig:\n * const config: BanataAuthConfig = {\n * protection: {\n * enabled: true,\n * protectedPaths: [\"/sign-in\", \"/sign-up\", \"/forget-password\", \"/reset-password\"],\n * verifyRequest: async (request) => {\n * // Implement your bot verification logic here\n * return { isBot: false };\n * },\n * },\n * };\n * ```\n */\n\nimport type { BetterAuthPlugin } from \"better-auth\";\n\n// ─── Types ──────────────────────────────────────────────────────────\n\n/**\n * Result of a bot verification check.\n */\nexport interface BotVerificationResult {\n\t/** Whether the request was identified as coming from a bot. */\n\tisBot: boolean;\n\t/** Optional reason for the bot detection (for logging). */\n\treason?: string;\n}\n\n/**\n * Function that verifies whether a request is from a bot.\n * Implement this with your bot detection provider of choice.\n *\n * @param request - The incoming HTTP request\n * @returns Verification result indicating whether the request is from a bot\n */\nexport type BotVerifyFn = (request: Request) => Promise<BotVerificationResult>;\n\n/**\n * Configuration for the bot protection plugin.\n */\nexport interface BanataProtectionOptions {\n\t/**\n\t * Whether bot protection is enabled.\n\t * When false, all requests pass through without verification.\n\t * @default true\n\t */\n\tenabled?: boolean;\n\n\t/**\n\t * Path prefixes to protect from bots.\n\t * Only requests whose pathname starts with one of these prefixes\n\t * will be verified. All other requests pass through.\n\t *\n\t * @default [\"/sign-in\", \"/sign-up\", \"/forget-password\", \"/reset-password\"]\n\t */\n\tprotectedPaths?: string[];\n\n\t/**\n\t * The bot verification function.\n\t * Called for every request that matches a protected path.\n\t * If not provided, requests pass through (useful for development).\n\t */\n\tverifyRequest?: BotVerifyFn;\n\n\t/**\n\t * HTTP methods to check. By default only POST requests are verified\n\t * since GET requests to auth endpoints are typically metadata/redirect\n\t * flows, not credential submissions.\n\t *\n\t * @default [\"POST\"]\n\t */\n\tprotectedMethods?: string[];\n\n\t/**\n\t * Custom error message returned when a bot is detected.\n\t * @default \"Bot detected. Access denied.\"\n\t */\n\tblockedMessage?: string;\n\n\t/**\n\t * Called when a bot is detected (for logging/analytics).\n\t */\n\tonBotDetected?: (request: Request, result: BotVerificationResult) => void | Promise<void>;\n\n\t/**\n\t * Whether to fail open (allow request) when the verification\n\t * function throws an error. This prevents legitimate users from\n\t * being locked out if the bot detection service is unavailable.\n\t *\n\t * @default true\n\t */\n\tfailOpen?: boolean;\n}\n\n// ─── Default Configuration ──────────────────────────────────────────\n\nconst DEFAULT_PROTECTED_PATHS = [\"/sign-in\", \"/sign-up\", \"/forget-password\", \"/reset-password\"];\n\nconst DEFAULT_PROTECTED_METHODS = [\"POST\"];\n\n// ─── Plugin ─────────────────────────────────────────────────────────\n\n/**\n * Bot protection plugin for Banata Auth.\n *\n * Uses Better Auth's `onRequest` hook to intercept requests before\n * any auth processing. Protected paths are checked against the\n * configured `verifyRequest` function.\n *\n * @param options - Protection configuration\n * @returns A Better Auth plugin\n *\n * @example\n * ```ts\n * import { banataProtection } from \"@banata-auth/convex/plugins\";\n * import { checkBotId } from \"botid/server\";\n *\n * banataProtection({\n * verifyRequest: async (request) => {\n * try {\n * const result = await checkBotId();\n * return { isBot: result.isBot };\n * } catch {\n * return { isBot: false }; // fail open\n * }\n * },\n * });\n * ```\n */\nexport function banataProtection(options: BanataProtectionOptions = {}): BetterAuthPlugin {\n\tconst {\n\t\tenabled = true,\n\t\tprotectedPaths = DEFAULT_PROTECTED_PATHS,\n\t\tprotectedMethods = DEFAULT_PROTECTED_METHODS,\n\t\tverifyRequest,\n\t\tblockedMessage = \"Bot detected. Access denied.\",\n\t\tonBotDetected,\n\t\tfailOpen = true,\n\t} = options;\n\n\t// Pre-compile the method set for fast lookup\n\tconst methodSet = new Set(protectedMethods.map((m) => m.toUpperCase()));\n\n\treturn {\n\t\tid: \"banata-protection\",\n\n\t\tonRequest: async (request, _ctx) => {\n\t\t\t// Short-circuit if disabled or no verify function\n\t\t\tif (!enabled || !verifyRequest) {\n\t\t\t\treturn undefined;\n\t\t\t}\n\n\t\t\t// Only check configured HTTP methods\n\t\t\tif (!methodSet.has(request.method.toUpperCase())) {\n\t\t\t\treturn undefined;\n\t\t\t}\n\n\t\t\t// Only check requests matching protected paths\n\t\t\tconst url = new URL(request.url);\n\t\t\tconst isProtected = protectedPaths.some(\n\t\t\t\t(path) => url.pathname.endsWith(path) || url.pathname.includes(path),\n\t\t\t);\n\n\t\t\tif (!isProtected) {\n\t\t\t\treturn undefined;\n\t\t\t}\n\n\t\t\t// Run bot verification\n\t\t\ttry {\n\t\t\t\tconst result = await verifyRequest(request);\n\n\t\t\t\tif (result.isBot) {\n\t\t\t\t\t// Notify callback if provided\n\t\t\t\t\tif (onBotDetected) {\n\t\t\t\t\t\ttry {\n\t\t\t\t\t\t\tawait onBotDetected(request, result);\n\t\t\t\t\t\t} catch {\n\t\t\t\t\t\t\t// Don't fail the request if the callback throws\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\n\t\t\t\t\t// Block the request\n\t\t\t\t\treturn {\n\t\t\t\t\t\tresponse: new Response(\n\t\t\t\t\t\t\tJSON.stringify({\n\t\t\t\t\t\t\t\terror: blockedMessage,\n\t\t\t\t\t\t\t\t...(result.reason ? { reason: result.reason } : {}),\n\t\t\t\t\t\t\t}),\n\t\t\t\t\t\t\t{\n\t\t\t\t\t\t\t\tstatus: 403,\n\t\t\t\t\t\t\t\theaders: { \"Content-Type\": \"application/json\" },\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t),\n\t\t\t\t\t};\n\t\t\t\t}\n\n\t\t\t\t// Human verified — proceed\n\t\t\t\treturn undefined;\n\t\t\t} catch (error) {\n\t\t\t\tif (failOpen) {\n\t\t\t\t\t// Verification service unavailable — allow through\n\t\t\t\t\tconsole.warn(\n\t\t\t\t\t\t\"[banata-protection] Bot verification failed, allowing request (failOpen=true):\",\n\t\t\t\t\t\terror instanceof Error ? error.message : error,\n\t\t\t\t\t);\n\t\t\t\t\treturn undefined;\n\t\t\t\t}\n\n\t\t\t\t// Fail closed — block the request\n\t\t\t\treturn {\n\t\t\t\t\tresponse: new Response(\n\t\t\t\t\t\tJSON.stringify({ error: \"Bot verification unavailable. Please try again.\" }),\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tstatus: 503,\n\t\t\t\t\t\t\theaders: { \"Content-Type\": \"application/json\" },\n\t\t\t\t\t\t},\n\t\t\t\t\t),\n\t\t\t\t};\n\t\t\t}\n\t\t},\n\t};\n}\n","import type { BetterAuthPlugin } from \"better-auth\";\nimport { createAuthEndpoint, getSessionFromCtx } from \"better-auth/api\";\nimport { deleteSessionCookie, expireCookie, setSessionCookie } from \"better-auth/cookies\";\nimport { z } from \"zod\";\nimport {\n\ttype PluginDBAdapter,\n\ttype SessionRecord,\n\ttype SessionUser,\n\ttype WhereClause,\n\tgetEffectiveProjectPermissions,\n\tgetProjectScope,\n\tgetRolePermissions,\n\tisGlobalAdminUser,\n\tparseRoleSlugs,\n\tprojectScopeSchema,\n\trequireAuthenticated,\n\trequireGlobalAdmin,\n\trequireProjectPermission,\n} from \"./types\";\n\ninterface UserRow extends Record<string, unknown> {\n\tid: string;\n\temail: string;\n\tname: string;\n\temailVerified: boolean;\n\timage?: string;\n\tprojectId?: string;\n\tusername?: string;\n\tphoneNumber?: string;\n\tphoneNumberVerified?: boolean;\n\trole?: string;\n\tbanned?: boolean;\n\tbanReason?: string | null;\n\tbanExpires?: number | null;\n\tmetadata?: unknown;\n\tcreatedAt: number;\n\tupdatedAt: number;\n}\n\ninterface SessionRow extends Record<string, unknown> {\n\tid: string;\n\tuserId: string;\n\ttoken: string;\n\tprojectId?: string;\n\texpiresAt: number | Date;\n\tipAddress?: string | null;\n\tuserAgent?: string | null;\n\tactiveOrganizationId?: string | null;\n\timpersonatedBy?: string | null;\n\tcreatedAt: number | Date;\n\tupdatedAt: number | Date;\n}\n\ninterface AccountRow extends Record<string, unknown> {\n\tid: string;\n\tuserId: string;\n\taccountId: string;\n\tproviderId: string;\n\tprojectId?: string;\n\tcreatedAt: number | Date;\n\tupdatedAt: number | Date;\n\tpassword?: string;\n\taccessToken?: string;\n\trefreshToken?: string;\n\tidToken?: string;\n}\n\ninterface UserManagementContext {\n\tcontext: {\n\t\tadapter: PluginDBAdapter;\n\t\tinternalAdapter: {\n\t\t\tcreateUser: (data: Record<string, unknown>) => Promise<UserRow | null>;\n\t\t\tcreateSession: (\n\t\t\t\tuserId: string,\n\t\t\t\trememberMe?: boolean,\n\t\t\t\tdata?: Record<string, unknown>,\n\t\t\t\tdisableSessionCache?: boolean,\n\t\t\t) => Promise<SessionRow | null>;\n\t\t\tfindUserById: (userId: string) => Promise<UserRow | null>;\n\t\t\tupdateUser: (userId: string, data: Record<string, unknown>) => Promise<UserRow>;\n\t\t\tupdatePassword: (userId: string, password: string) => Promise<void>;\n\t\t\tlinkAccount: (data: Record<string, unknown>) => Promise<AccountRow>;\n\t\t\tdeleteUser: (userId: string) => Promise<void>;\n\t\t\tdeleteSession: (token: string) => Promise<void>;\n\t\t\tdeleteSessions: (userIdOrTokens: string | string[]) => Promise<void>;\n\t\t};\n\t\tpassword: {\n\t\t\thash: (password: string) => Promise<string>;\n\t\t\tconfig?: {\n\t\t\t\tminPasswordLength?: number;\n\t\t\t\tmaxPasswordLength?: number;\n\t\t\t};\n\t\t};\n\t\tauthCookies: {\n\t\t\tsessionToken: {\n\t\t\t\tattributes: Record<string, unknown>;\n\t\t\t};\n\t\t\tdontRememberToken: {\n\t\t\t\tname: string;\n\t\t\t};\n\t\t};\n\t\tsecret: string;\n\t\tcreateAuthCookie: (name: string) => {\n\t\t\tname: string;\n\t\t\tattributes: Record<string, unknown>;\n\t\t};\n\t\tsession: {\n\t\t\tsession: SessionRecord;\n\t\t\tuser: SessionUser;\n\t\t} | null;\n\t};\n\tbody: Record<string, unknown>;\n\tquery: Record<string, string | undefined>;\n\terror: (status: string, body?: { message?: string }) => Error;\n\tjson: <T>(data: T) => Promise<T>;\n\tgetSignedCookie: (name: string, secret: string) => Promise<string | undefined>;\n\tsetSignedCookie: (\n\t\tname: string,\n\t\tvalue: string,\n\t\tsecret: string,\n\t\tattributes: Record<string, unknown>,\n\t) => Promise<void>;\n}\n\ntype PermissionStatements = Record<string, string[]>;\ntype PermissionCheckInput = string | string[] | PermissionStatements;\n\nconst listUsersBodySchema = z\n\t.object({\n\t\temail: z.string().optional(),\n\t\torganizationId: z.string().optional(),\n\t\trole: z.string().optional(),\n\t\tlimit: z.number().int().positive().max(200).optional(),\n\t\toffset: z.number().int().min(0).optional(),\n\t\tsortBy: z.string().optional(),\n\t\tsortDirection: z.enum([\"asc\", \"desc\"]).optional(),\n\t\tsearchValue: z.string().optional(),\n\t\tsearchField: z.enum([\"email\", \"name\"]).optional(),\n\t\tsearchOperator: z.enum([\"contains\", \"starts_with\", \"ends_with\"]).optional(),\n\t\tfilterField: z.string().optional(),\n\t\tfilterValue: z.union([z.string(), z.number(), z.boolean()]).optional(),\n\t\tfilterOperator: z\n\t\t\t.enum([\"eq\", \"ne\", \"lt\", \"lte\", \"gt\", \"gte\", \"contains\", \"starts_with\", \"ends_with\"])\n\t\t\t.optional(),\n\t\tbefore: z.string().optional(),\n\t\tafter: z.string().optional(),\n\t\torder: z.enum([\"asc\", \"desc\"]).optional(),\n\t})\n\t.merge(projectScopeSchema);\n\nconst listUsersQuerySchema = z.object({\n\tprojectId: z.string().optional(),\n\temail: z.string().optional(),\n\torganizationId: z.string().optional(),\n\trole: z.string().optional(),\n\tlimit: z.string().optional(),\n\toffset: z.string().optional(),\n\tsortBy: z.string().optional(),\n\tsortDirection: z.enum([\"asc\", \"desc\"]).optional(),\n\tsearchValue: z.string().optional(),\n\tsearchField: z.enum([\"email\", \"name\"]).optional(),\n\tsearchOperator: z.enum([\"contains\", \"starts_with\", \"ends_with\"]).optional(),\n\tfilterField: z.string().optional(),\n\tfilterValue: z.string().optional(),\n\tfilterOperator: z\n\t\t.enum([\"eq\", \"ne\", \"lt\", \"lte\", \"gt\", \"gte\", \"contains\", \"starts_with\", \"ends_with\"])\n\t\t.optional(),\n\tbefore: z.string().optional(),\n\tafter: z.string().optional(),\n\torder: z.enum([\"asc\", \"desc\"]).optional(),\n});\n\nconst getUserBodySchema = z\n\t.object({\n\t\tuserId: z.string(),\n\t})\n\t.merge(projectScopeSchema);\n\nconst getUserQuerySchema = z\n\t.object({\n\t\tid: z.string(),\n\t})\n\t.merge(projectScopeSchema);\n\nconst createUserBodySchema = z\n\t.object({\n\t\temail: z.string().email(),\n\t\tpassword: z.string().min(8).optional(),\n\t\tname: z.string().min(1),\n\t\timage: z.string().optional(),\n\t\tusername: z.string().optional(),\n\t\tphoneNumber: z.string().optional(),\n\t\temailVerified: z.boolean().optional(),\n\t\trole: z.union([z.string(), z.array(z.string())]).optional(),\n\t\tmetadata: z.record(z.string(), z.unknown()).optional(),\n\t\tdata: z.record(z.string(), z.unknown()).optional(),\n\t})\n\t.merge(projectScopeSchema);\n\nconst updateUserBodySchema = z\n\t.object({\n\t\tuserId: z.string(),\n\t\tname: z.string().optional(),\n\t\timage: z.union([z.string(), z.null()]).optional(),\n\t\tusername: z.string().optional(),\n\t\tphoneNumber: z.union([z.string(), z.null()]).optional(),\n\t\temailVerified: z.boolean().optional(),\n\t\tpassword: z.string().min(8).optional(),\n\t\trole: z.union([z.string(), z.array(z.string())]).optional(),\n\t\tmetadata: z.record(z.string(), z.unknown()).optional(),\n\t\tdata: z.record(z.string(), z.unknown()).optional(),\n\t})\n\t.merge(projectScopeSchema);\n\nconst setRoleBodySchema = z\n\t.object({\n\t\tuserId: z.string(),\n\t\trole: z.union([z.string(), z.array(z.string())]),\n\t})\n\t.merge(projectScopeSchema);\n\nconst banUserBodySchema = z\n\t.object({\n\t\tuserId: z.string(),\n\t\tbanReason: z.string().optional(),\n\t\tbanExpires: z.number().optional(),\n\t\tbanExpiresIn: z.number().optional(),\n\t})\n\t.merge(projectScopeSchema);\n\nconst revokeSessionBodySchema = z\n\t.object({\n\t\tsessionId: z.string().optional(),\n\t\tsessionToken: z.string().optional(),\n\t})\n\t.merge(projectScopeSchema);\n\nconst revokeUserSessionsBodySchema = z\n\t.object({\n\t\tuserId: z.string(),\n\t})\n\t.merge(projectScopeSchema);\n\nconst impersonateUserBodySchema = z\n\t.object({\n\t\tuserId: z.string(),\n\t})\n\t.merge(projectScopeSchema);\n\nconst setUserPasswordBodySchema = z\n\t.object({\n\t\tuserId: z.string(),\n\t\tnewPassword: z.string().min(1),\n\t})\n\t.merge(projectScopeSchema);\n\nconst permissionStatementsSchema = z.record(z.string(), z.array(z.string()));\n\nconst hasPermissionBodySchema = z\n\t.object({\n\t\tuserId: z.string().optional(),\n\t\trole: z.union([z.string(), z.array(z.string())]).optional(),\n\t})\n\t.merge(projectScopeSchema)\n\t.and(\n\t\tz.union([\n\t\t\tz.object({\n\t\t\t\tpermission: z.union([z.string().min(1), permissionStatementsSchema]),\n\t\t\t\tpermissions: z.undefined(),\n\t\t\t}),\n\t\t\tz.object({\n\t\t\t\tpermission: z.undefined(),\n\t\t\t\tpermissions: z.union([z.array(z.string().min(1)).min(1), permissionStatementsSchema]),\n\t\t\t}),\n\t\t]),\n\t);\n\nfunction serializeRoleInput(role: string | string[] | null | undefined): string | undefined {\n\tconst roles = parseRoleSlugs(role);\n\treturn roles.length > 0 ? roles.join(\",\") : undefined;\n}\n\nexport function flattenPermissionCheckInput(input: PermissionCheckInput | undefined): string[] {\n\tif (!input) return [];\n\tif (typeof input === \"string\") {\n\t\treturn input.length > 0 ? [input] : [];\n\t}\n\tif (Array.isArray(input)) {\n\t\treturn input.filter((value): value is string => typeof value === \"string\" && value.length > 0);\n\t}\n\n\tconst permissions = new Set<string>();\n\tfor (const [resource, actions] of Object.entries(input)) {\n\t\tif (!resource || !Array.isArray(actions)) continue;\n\t\tfor (const action of actions) {\n\t\t\tif (typeof action === \"string\" && action.length > 0) {\n\t\t\t\tpermissions.add(`${resource}.${action}`);\n\t\t\t}\n\t\t}\n\t}\n\n\treturn Array.from(permissions);\n}\n\nexport function hasRequestedPermissions(granted: Set<string>, requested: string[]): boolean {\n\tif (requested.length === 0) return false;\n\tif (granted.has(\"*\")) return true;\n\treturn requested.every((permission) => granted.has(permission));\n}\n\nfunction normalizeListUsersPayload(input: Record<string, unknown>): Record<string, unknown> {\n\tconst payload: Record<string, unknown> = { ...input };\n\n\tfor (const numericKey of [\"limit\", \"offset\"]) {\n\t\tconst value = payload[numericKey];\n\t\tif (typeof value === \"string\" && value.length > 0) {\n\t\t\tconst parsed = Number(value);\n\t\t\tif (Number.isFinite(parsed)) {\n\t\t\t\tpayload[numericKey] = parsed;\n\t\t\t}\n\t\t}\n\t}\n\n\tif (typeof payload.filterValue === \"string\") {\n\t\tif (payload.filterValue === \"true\") payload.filterValue = true;\n\t\telse if (payload.filterValue === \"false\") payload.filterValue = false;\n\t\telse if (payload.filterValue.trim() !== \"\" && Number.isFinite(Number(payload.filterValue))) {\n\t\t\tpayload.filterValue = Number(payload.filterValue);\n\t\t}\n\t}\n\n\treturn payload;\n}\n\nfunction sanitizeSession(session: SessionRow) {\n\treturn {\n\t\tid: session.id,\n\t\tuserId: session.userId,\n\t\tprojectId: session.projectId,\n\t\tipAddress: session.ipAddress ?? null,\n\t\tuserAgent: session.userAgent ?? null,\n\t\tactiveOrganizationId: session.activeOrganizationId ?? null,\n\t\timpersonatedBy: session.impersonatedBy ?? null,\n\t\texpiresAt: session.expiresAt,\n\t\tcreatedAt: session.createdAt,\n\t\tupdatedAt: session.updatedAt,\n\t};\n}\n\nfunction sanitizeAccount(account: AccountRow) {\n\treturn {\n\t\tid: account.id,\n\t\tuserId: account.userId,\n\t\taccountId: account.accountId,\n\t\tproviderId: account.providerId,\n\t\tprojectId: account.projectId,\n\t\tcreatedAt: account.createdAt,\n\t\tupdatedAt: account.updatedAt,\n\t};\n}\n\nfunction scopeFromProjectId(projectId?: string) {\n\tif (!projectId) {\n\t\treturn { projectId: undefined, where: [] as WhereClause[], data: {} as Record<string, string> };\n\t}\n\treturn {\n\t\tprojectId,\n\t\twhere: [{ field: \"projectId\", value: projectId }] as WhereClause[],\n\t\tdata: { projectId },\n\t};\n}\n\nasync function findUserById(db: PluginDBAdapter, userId: string): Promise<UserRow | null> {\n\tconst rows = await db.findMany<UserRow>({\n\t\tmodel: \"user\",\n\t\twhere: [{ field: \"id\", value: userId }],\n\t\tlimit: 1,\n\t});\n\treturn rows[0] ?? null;\n}\n\nasync function findSessionRow(\n\tdb: PluginDBAdapter,\n\tparams: {\n\t\tsessionId?: string;\n\t\tsessionToken?: string;\n\t},\n): Promise<SessionRow | null> {\n\tif (params.sessionId) {\n\t\tconst rows = await db.findMany<SessionRow>({\n\t\t\tmodel: \"session\",\n\t\t\twhere: [{ field: \"id\", value: params.sessionId }],\n\t\t\tlimit: 1,\n\t\t});\n\t\tif (rows[0]) {\n\t\t\treturn rows[0];\n\t\t}\n\t}\n\tif (params.sessionToken) {\n\t\tconst rows = await db.findMany<SessionRow>({\n\t\t\tmodel: \"session\",\n\t\t\twhere: [{ field: \"token\", value: params.sessionToken }],\n\t\t\tlimit: 1,\n\t\t});\n\t\treturn rows[0] ?? null;\n\t}\n\treturn null;\n}\n\nasync function requireListPermission(\n\tctx: UserManagementContext,\n\tdb: PluginDBAdapter,\n\tbody: Record<string, unknown>,\n\tpermission: string,\n) {\n\tconst scope = getProjectScope(body, { optional: true });\n\tif (!scope.projectId) {\n\t\trequireGlobalAdmin(ctx);\n\t\treturn scope;\n\t}\n\tawait requireProjectPermission(ctx, {\n\t\tdb,\n\t\tpermission,\n\t\tprojectId: scope.projectId,\n\t});\n\treturn scope;\n}\n\nasync function resolveUserAccess(\n\tctx: UserManagementContext,\n\tdb: PluginDBAdapter,\n\tparams: {\n\t\tuserId: string;\n\t\tbody: Record<string, unknown>;\n\t\tpermission: string;\n\t},\n) {\n\tconst user = await findUserById(db, params.userId);\n\tif (!user) {\n\t\tthrow ctx.error(\"BAD_REQUEST\", { message: \"User not found\" });\n\t}\n\n\tconst explicitScope = getProjectScope(params.body, { optional: true });\n\tif (explicitScope.projectId && user.projectId && user.projectId !== explicitScope.projectId) {\n\t\tthrow ctx.error(\"FORBIDDEN\", { message: \"User does not belong to the requested project\" });\n\t}\n\n\tconst projectId = explicitScope.projectId ?? user.projectId;\n\tif (!projectId) {\n\t\trequireGlobalAdmin(ctx);\n\t\treturn { user, scope: explicitScope };\n\t}\n\n\tawait requireProjectPermission(ctx, {\n\t\tdb,\n\t\tpermission: params.permission,\n\t\tprojectId,\n\t});\n\treturn { user, scope: scopeFromProjectId(projectId) };\n}\n\nasync function resolveSessionAccess(\n\tctx: UserManagementContext,\n\tdb: PluginDBAdapter,\n\tparams: {\n\t\tbody: Record<string, unknown>;\n\t\tpermission: string;\n\t},\n) {\n\tconst session = await findSessionRow(db, {\n\t\tsessionId: typeof params.body.sessionId === \"string\" ? params.body.sessionId : undefined,\n\t\tsessionToken:\n\t\t\ttypeof params.body.sessionToken === \"string\" ? params.body.sessionToken : undefined,\n\t});\n\tif (!session) {\n\t\tthrow ctx.error(\"BAD_REQUEST\", { message: \"Session not found\" });\n\t}\n\n\tconst explicitScope = getProjectScope(params.body, { optional: true });\n\tif (\n\t\texplicitScope.projectId &&\n\t\tsession.projectId &&\n\t\tsession.projectId !== explicitScope.projectId\n\t) {\n\t\tthrow ctx.error(\"FORBIDDEN\", { message: \"Session does not belong to the requested project\" });\n\t}\n\n\tconst projectId = explicitScope.projectId ?? session.projectId;\n\tif (!projectId) {\n\t\trequireGlobalAdmin(ctx);\n\t\treturn { session, scope: explicitScope };\n\t}\n\n\tawait requireProjectPermission(ctx, {\n\t\tdb,\n\t\tpermission: params.permission,\n\t\tprojectId,\n\t});\n\treturn { session, scope: scopeFromProjectId(projectId) };\n}\n\nasync function resolvePermissionCheckSubject(\n\tctx: UserManagementContext,\n\tdb: PluginDBAdapter,\n\tbody: Record<string, unknown>,\n): Promise<Set<string>> {\n\tconst explicitScope = getProjectScope(body, { optional: true });\n\tconst roleInput =\n\t\ttypeof body.role === \"string\" || Array.isArray(body.role) ? body.role : undefined;\n\n\tif (roleInput) {\n\t\tconst roleSlugs = parseRoleSlugs(roleInput);\n\t\tif (roleSlugs.length === 0) {\n\t\t\tthrow ctx.error(\"BAD_REQUEST\", { message: \"Role is required\" });\n\t\t}\n\n\t\tif (!explicitScope.projectId) {\n\t\t\tif (isGlobalAdminUser({ role: roleSlugs.join(\",\") })) {\n\t\t\t\treturn new Set([\"*\"]);\n\t\t\t}\n\t\t\tthrow ctx.error(\"BAD_REQUEST\", {\n\t\t\t\tmessage: \"projectId is required when checking project-scoped roles\",\n\t\t\t});\n\t\t}\n\n\t\treturn getRolePermissions(db, {\n\t\t\tprojectId: explicitScope.projectId,\n\t\t\troleSlugs,\n\t\t});\n\t}\n\n\tconst auth = requireAuthenticated(ctx);\n\tconst requestedUserId =\n\t\ttypeof body.userId === \"string\" && body.userId.length > 0 ? body.userId : auth.user.id;\n\tconst user = await findUserById(db, requestedUserId);\n\tif (!user) {\n\t\tthrow ctx.error(\"BAD_REQUEST\", { message: \"User not found\" });\n\t}\n\n\tif (explicitScope.projectId && user.projectId && user.projectId !== explicitScope.projectId) {\n\t\tthrow ctx.error(\"FORBIDDEN\", { message: \"User does not belong to the requested project\" });\n\t}\n\n\tconst projectId = explicitScope.projectId ?? user.projectId;\n\tif (!projectId) {\n\t\tif (isGlobalAdminUser(user)) {\n\t\t\treturn new Set([\"*\"]);\n\t\t}\n\t\tthrow ctx.error(\"BAD_REQUEST\", {\n\t\t\tmessage: \"projectId is required when checking project-scoped users\",\n\t\t});\n\t}\n\n\treturn getEffectiveProjectPermissions(db, {\n\t\tuserId: user.id,\n\t\tprojectId,\n\t});\n}\n\nasync function assertImpersonationTargetAllowed(\n\tctx: UserManagementContext,\n\tdb: PluginDBAdapter,\n\tparams: {\n\t\ttargetUser: UserRow;\n\t\tbody: Record<string, unknown>;\n\t},\n): Promise<string | undefined> {\n\tconst auth = requireAuthenticated(ctx);\n\tif (auth.user.id === params.targetUser.id) {\n\t\tthrow ctx.error(\"BAD_REQUEST\", { message: \"You are already signed in as this user\" });\n\t}\n\n\tconst explicitScope = getProjectScope(params.body, { optional: true });\n\tif (\n\t\texplicitScope.projectId &&\n\t\tparams.targetUser.projectId &&\n\t\tparams.targetUser.projectId !== explicitScope.projectId\n\t) {\n\t\tthrow ctx.error(\"FORBIDDEN\", { message: \"User does not belong to the requested project\" });\n\t}\n\n\tconst projectId = explicitScope.projectId ?? params.targetUser.projectId;\n\tif (!projectId) {\n\t\trequireGlobalAdmin(ctx);\n\t\tif (isGlobalAdminUser(params.targetUser)) {\n\t\t\tthrow ctx.error(\"FORBIDDEN\", { message: \"You cannot impersonate elevated users\" });\n\t\t}\n\t\treturn undefined;\n\t}\n\n\tawait requireProjectPermission(ctx, {\n\t\tdb,\n\t\tpermission: \"dashboard.manage\",\n\t\tprojectId,\n\t});\n\n\tconst targetPermissions = await getEffectiveProjectPermissions(db, {\n\t\tuserId: params.targetUser.id,\n\t\tprojectId,\n\t});\n\tif (targetPermissions.has(\"*\") || targetPermissions.has(\"dashboard.manage\")) {\n\t\tthrow ctx.error(\"FORBIDDEN\", { message: \"You cannot impersonate elevated users\" });\n\t}\n\n\treturn projectId;\n}\n\nexport function userManagementPlugin(): BetterAuthPlugin {\n\t// Allowlist of user fields that can be used for sorting and filtering\n\tconst ALLOWED_SORT_FIELDS = new Set([\n\t\t\"createdAt\",\n\t\t\"updatedAt\",\n\t\t\"email\",\n\t\t\"name\",\n\t\t\"role\",\n\t\t\"emailVerified\",\n\t\t\"banned\",\n\t]);\n\tconst ALLOWED_FILTER_FIELDS = new Set([\n\t\t\"email\",\n\t\t\"name\",\n\t\t\"role\",\n\t\t\"emailVerified\",\n\t\t\"banned\",\n\t\t\"createdAt\",\n\t\t\"updatedAt\",\n\t]);\n\n\tasync function handleListUsers(ctx: UserManagementContext, payload: Record<string, unknown>) {\n\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\tconst scope = await requireListPermission(ctx, db, payload, \"dashboard.read\");\n\t\tconst limit = typeof payload.limit === \"number\" ? Math.min(payload.limit, 200) : 100;\n\t\tconst offset = typeof payload.offset === \"number\" ? payload.offset : 0;\n\t\tconst sortDirection =\n\t\t\tpayload.sortDirection === \"asc\" || payload.order === \"asc\" ? \"asc\" : \"desc\";\n\t\tconst rawSortBy =\n\t\t\ttypeof payload.sortBy === \"string\" && payload.sortBy.length > 0\n\t\t\t\t? payload.sortBy\n\t\t\t\t: \"createdAt\";\n\t\tconst sortBy = ALLOWED_SORT_FIELDS.has(rawSortBy) ? rawSortBy : \"createdAt\";\n\n\t\tconst where: WhereClause[] = [...scope.where];\n\t\tif (typeof payload.email === \"string\" && payload.email.length > 0) {\n\t\t\twhere.push({ field: \"email\", value: payload.email.toLowerCase() });\n\t\t}\n\t\tif (typeof payload.role === \"string\" && payload.role.length > 0) {\n\t\t\twhere.push({ field: \"role\", value: payload.role });\n\t\t}\n\t\tif (typeof payload.searchValue === \"string\" && payload.searchValue.length > 0) {\n\t\t\twhere.push({\n\t\t\t\tfield:\n\t\t\t\t\tpayload.searchField === \"name\" || payload.searchField === \"email\"\n\t\t\t\t\t\t? payload.searchField\n\t\t\t\t\t\t: \"email\",\n\t\t\t\toperator:\n\t\t\t\t\tpayload.searchOperator === \"starts_with\" ||\n\t\t\t\t\tpayload.searchOperator === \"ends_with\" ||\n\t\t\t\t\tpayload.searchOperator === \"contains\"\n\t\t\t\t\t\t? payload.searchOperator\n\t\t\t\t\t\t: \"contains\",\n\t\t\t\tvalue: payload.searchValue,\n\t\t\t});\n\t\t}\n\t\tif (\n\t\t\tpayload.filterValue !== undefined &&\n\t\t\ttypeof payload.filterField === \"string\" &&\n\t\t\tALLOWED_FILTER_FIELDS.has(payload.filterField)\n\t\t) {\n\t\t\twhere.push({\n\t\t\t\tfield: payload.filterField,\n\t\t\t\toperator:\n\t\t\t\t\tpayload.filterOperator === \"ne\" ||\n\t\t\t\t\tpayload.filterOperator === \"lt\" ||\n\t\t\t\t\tpayload.filterOperator === \"lte\" ||\n\t\t\t\t\tpayload.filterOperator === \"gt\" ||\n\t\t\t\t\tpayload.filterOperator === \"gte\" ||\n\t\t\t\t\tpayload.filterOperator === \"contains\" ||\n\t\t\t\t\tpayload.filterOperator === \"starts_with\" ||\n\t\t\t\t\tpayload.filterOperator === \"ends_with\"\n\t\t\t\t\t\t? payload.filterOperator\n\t\t\t\t\t\t: \"eq\",\n\t\t\t\tvalue: payload.filterValue as string | number | boolean,\n\t\t\t});\n\t\t}\n\n\t\tif (typeof payload.organizationId === \"string\" && payload.organizationId.length > 0) {\n\t\t\tconst memberships = await db.findMany<{ userId: string }>({\n\t\t\t\tmodel: \"member\",\n\t\t\t\twhere: [{ field: \"organizationId\", value: payload.organizationId }, ...scope.where],\n\t\t\t\tlimit: 1000,\n\t\t\t});\n\t\t\tconst userIds = Array.from(new Set(memberships.map((membership) => membership.userId)));\n\t\t\tif (userIds.length === 0) {\n\t\t\t\treturn ctx.json({ users: [], data: [], total: 0, limit, offset });\n\t\t\t}\n\t\t\twhere.push({ field: \"id\", operator: \"in\", value: userIds });\n\t\t}\n\n\t\tconst users = await db.findMany<UserRow>({\n\t\t\tmodel: \"user\",\n\t\t\twhere,\n\t\t\tlimit,\n\t\t\toffset,\n\t\t\tsortBy: { field: sortBy, direction: sortDirection },\n\t\t});\n\t\tconst total = await db.count({\n\t\t\tmodel: \"user\",\n\t\t\twhere,\n\t\t});\n\t\treturn ctx.json({\n\t\t\tusers,\n\t\t\tdata: users,\n\t\t\ttotal,\n\t\t\tlimit,\n\t\t\toffset,\n\t\t});\n\t}\n\n\treturn {\n\t\tid: \"banata-user-management\",\n\t\tendpoints: {\n\t\t\tlistUsersGet: createAuthEndpoint(\n\t\t\t\t\"/admin/list-users\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"GET\",\n\t\t\t\t\tquery: listUsersQuerySchema,\n\t\t\t\t\trequireHeaders: true,\n\t\t\t\t},\n\t\t\t\tasync (ctx) =>\n\t\t\t\t\thandleListUsers(\n\t\t\t\t\t\tctx as unknown as UserManagementContext,\n\t\t\t\t\t\tnormalizeListUsersPayload(ctx.query as Record<string, unknown>),\n\t\t\t\t\t),\n\t\t\t),\n\n\t\t\tlistUsersPost: createAuthEndpoint(\n\t\t\t\t\"/admin/list-users\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\tbody: listUsersBodySchema,\n\t\t\t\t\trequireHeaders: true,\n\t\t\t\t},\n\t\t\t\tasync (ctx) =>\n\t\t\t\t\thandleListUsers(\n\t\t\t\t\t\tctx as unknown as UserManagementContext,\n\t\t\t\t\t\tnormalizeListUsersPayload(ctx.body as Record<string, unknown>),\n\t\t\t\t\t),\n\t\t\t),\n\n\t\t\tgetUser: createAuthEndpoint(\n\t\t\t\t\"/admin/get-user\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\tbody: getUserBodySchema,\n\t\t\t\t\trequireHeaders: true,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst typedCtx = ctx as unknown as UserManagementContext;\n\t\t\t\t\tconst db = typedCtx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst { user } = await resolveUserAccess(typedCtx, db, {\n\t\t\t\t\t\tuserId: ctx.body.userId,\n\t\t\t\t\t\tbody: ctx.body,\n\t\t\t\t\t\tpermission: \"dashboard.read\",\n\t\t\t\t\t});\n\t\t\t\t\treturn typedCtx.json(user);\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tgetUserGet: createAuthEndpoint(\n\t\t\t\t\"/admin/get-user\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"GET\",\n\t\t\t\t\tquery: getUserQuerySchema,\n\t\t\t\t\trequireHeaders: true,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst typedCtx = ctx as unknown as UserManagementContext;\n\t\t\t\t\tconst db = typedCtx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst { user } = await resolveUserAccess(typedCtx, db, {\n\t\t\t\t\t\tuserId: ctx.query.id,\n\t\t\t\t\t\tbody: ctx.query,\n\t\t\t\t\t\tpermission: \"dashboard.read\",\n\t\t\t\t\t});\n\t\t\t\t\treturn typedCtx.json(user);\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tcreateUser: createAuthEndpoint(\n\t\t\t\t\"/admin/create-user\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\tbody: createUserBodySchema,\n\t\t\t\t\trequireHeaders: true,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst typedCtx = ctx as unknown as UserManagementContext;\n\t\t\t\t\tconst db = typedCtx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst scope = getProjectScope(ctx.body, { optional: true });\n\t\t\t\t\tif (scope.projectId) {\n\t\t\t\t\t\tawait requireProjectPermission(typedCtx, {\n\t\t\t\t\t\t\tdb,\n\t\t\t\t\t\t\tpermission: \"dashboard.manage\",\n\t\t\t\t\t\t\tprojectId: scope.projectId,\n\t\t\t\t\t\t});\n\t\t\t\t\t} else {\n\t\t\t\t\t\trequireGlobalAdmin(typedCtx);\n\t\t\t\t\t}\n\n\t\t\t\t\tconst existing = await db.findMany<UserRow>({\n\t\t\t\t\t\tmodel: \"user\",\n\t\t\t\t\t\twhere: [{ field: \"email\", value: ctx.body.email.toLowerCase() }, ...scope.where],\n\t\t\t\t\t\tlimit: 1,\n\t\t\t\t\t});\n\t\t\t\t\tif (existing[0]) {\n\t\t\t\t\t\tthrow typedCtx.error(\"BAD_REQUEST\", { message: \"User already exists\" });\n\t\t\t\t\t}\n\n\t\t\t\t\tconst role = serializeRoleInput(ctx.body.role) ?? \"user\";\n\t\t\t\t\tconst extraData =\n\t\t\t\t\t\ttypeof ctx.body.data === \"object\" && ctx.body.data !== null\n\t\t\t\t\t\t\t? (ctx.body.data as Record<string, unknown>)\n\t\t\t\t\t\t\t: {};\n\t\t\t\t\tconst internalAdapter = typedCtx.context.internalAdapter;\n\t\t\t\t\tconst user = await internalAdapter.createUser({\n\t\t\t\t\t\t...extraData,\n\t\t\t\t\t\t...(scope.projectId ? { projectId: scope.projectId } : {}),\n\t\t\t\t\t\temail: ctx.body.email.toLowerCase(),\n\t\t\t\t\t\tname: ctx.body.name,\n\t\t\t\t\t\trole,\n\t\t\t\t\t\timage:\n\t\t\t\t\t\t\tctx.body.image ?? (typeof extraData.image === \"string\" ? extraData.image : undefined),\n\t\t\t\t\t\tusername:\n\t\t\t\t\t\t\tctx.body.username ??\n\t\t\t\t\t\t\t(typeof extraData.username === \"string\" ? extraData.username : undefined),\n\t\t\t\t\t\tphoneNumber:\n\t\t\t\t\t\t\tctx.body.phoneNumber ??\n\t\t\t\t\t\t\t(typeof extraData.phoneNumber === \"string\" ? extraData.phoneNumber : undefined),\n\t\t\t\t\t\temailVerified:\n\t\t\t\t\t\t\tctx.body.emailVerified ??\n\t\t\t\t\t\t\t(typeof extraData.emailVerified === \"boolean\" ? extraData.emailVerified : false),\n\t\t\t\t\t\tmetadata: ctx.body.metadata ?? extraData.metadata,\n\t\t\t\t\t});\n\t\t\t\t\tif (!user) {\n\t\t\t\t\t\tthrow typedCtx.error(\"BAD_REQUEST\", { message: \"Failed to create user\" });\n\t\t\t\t\t}\n\n\t\t\t\t\tif (ctx.body.password) {\n\t\t\t\t\t\tconst hashedPassword = await typedCtx.context.password.hash(ctx.body.password);\n\t\t\t\t\t\tawait internalAdapter.linkAccount({\n\t\t\t\t\t\t\taccountId: user.id,\n\t\t\t\t\t\t\tproviderId: \"credential\",\n\t\t\t\t\t\t\tpassword: hashedPassword,\n\t\t\t\t\t\t\tuserId: user.id,\n\t\t\t\t\t\t\tprojectId: scope.projectId,\n\t\t\t\t\t\t});\n\t\t\t\t\t}\n\n\t\t\t\t\treturn typedCtx.json({ user });\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tupdateUser: createAuthEndpoint(\n\t\t\t\t\"/admin/update-user\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\tbody: updateUserBodySchema,\n\t\t\t\t\trequireHeaders: true,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst typedCtx = ctx as unknown as UserManagementContext;\n\t\t\t\t\tconst db = typedCtx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst { user, scope } = await resolveUserAccess(typedCtx, db, {\n\t\t\t\t\t\tuserId: ctx.body.userId,\n\t\t\t\t\t\tbody: ctx.body,\n\t\t\t\t\t\tpermission: \"dashboard.manage\",\n\t\t\t\t\t});\n\t\t\t\t\tconst extraData =\n\t\t\t\t\t\ttypeof ctx.body.data === \"object\" && ctx.body.data !== null\n\t\t\t\t\t\t\t? { ...(ctx.body.data as Record<string, unknown>) }\n\t\t\t\t\t\t\t: {};\n\t\t\t\t\tconst update: Record<string, unknown> = { ...extraData };\n\t\t\t\t\tif (ctx.body.name !== undefined) update.name = ctx.body.name;\n\t\t\t\t\tif (ctx.body.image !== undefined && ctx.body.image !== null)\n\t\t\t\t\t\tupdate.image = ctx.body.image;\n\t\t\t\t\tif (ctx.body.username !== undefined) update.username = ctx.body.username;\n\t\t\t\t\tif (ctx.body.phoneNumber !== undefined && ctx.body.phoneNumber !== null)\n\t\t\t\t\t\tupdate.phoneNumber = ctx.body.phoneNumber;\n\t\t\t\t\tif (ctx.body.emailVerified !== undefined) update.emailVerified = ctx.body.emailVerified;\n\t\t\t\t\tif (ctx.body.metadata !== undefined) update.metadata = ctx.body.metadata;\n\t\t\t\t\tconst roleInput =\n\t\t\t\t\t\tctx.body.role !== undefined\n\t\t\t\t\t\t\t? ctx.body.role\n\t\t\t\t\t\t\t: typeof extraData.role === \"string\" || Array.isArray(extraData.role)\n\t\t\t\t\t\t\t\t? extraData.role\n\t\t\t\t\t\t\t\t: undefined;\n\t\t\t\t\tif (roleInput !== undefined) {\n\t\t\t\t\t\tupdate.role = serializeRoleInput(roleInput);\n\t\t\t\t\t}\n\t\t\t\t\tif (scope.projectId && !user.projectId) {\n\t\t\t\t\t\tupdate.projectId = scope.projectId;\n\t\t\t\t\t}\n\n\t\t\t\t\tconst updatedUser = Object.keys(update).length\n\t\t\t\t\t\t? await typedCtx.context.internalAdapter.updateUser(ctx.body.userId, update)\n\t\t\t\t\t\t: user;\n\n\t\t\t\t\tif (ctx.body.password) {\n\t\t\t\t\t\tconst hashedPassword = await typedCtx.context.password.hash(ctx.body.password);\n\t\t\t\t\t\tawait typedCtx.context.internalAdapter.updatePassword(ctx.body.userId, hashedPassword);\n\t\t\t\t\t}\n\n\t\t\t\t\treturn typedCtx.json(updatedUser);\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tremoveUser: createAuthEndpoint(\n\t\t\t\t\"/admin/remove-user\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\tbody: getUserBodySchema,\n\t\t\t\t\trequireHeaders: true,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst typedCtx = ctx as unknown as UserManagementContext;\n\t\t\t\t\tconst db = typedCtx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst auth = requireAuthenticated(typedCtx);\n\t\t\t\t\tif (auth.user.id === ctx.body.userId) {\n\t\t\t\t\t\tthrow typedCtx.error(\"BAD_REQUEST\", { message: \"You cannot delete your own user\" });\n\t\t\t\t\t}\n\t\t\t\t\tawait resolveUserAccess(typedCtx, db, {\n\t\t\t\t\t\tuserId: ctx.body.userId,\n\t\t\t\t\t\tbody: ctx.body,\n\t\t\t\t\t\tpermission: \"dashboard.manage\",\n\t\t\t\t\t});\n\t\t\t\t\tawait typedCtx.context.internalAdapter.deleteUser(ctx.body.userId);\n\t\t\t\t\treturn typedCtx.json({ success: true });\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tbanUser: createAuthEndpoint(\n\t\t\t\t\"/admin/ban-user\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\tbody: banUserBodySchema,\n\t\t\t\t\trequireHeaders: true,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst typedCtx = ctx as unknown as UserManagementContext;\n\t\t\t\t\tconst db = typedCtx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst auth = requireAuthenticated(typedCtx);\n\t\t\t\t\tif (auth.user.id === ctx.body.userId) {\n\t\t\t\t\t\tthrow typedCtx.error(\"BAD_REQUEST\", { message: \"You cannot ban your own user\" });\n\t\t\t\t\t}\n\t\t\t\t\tconst { user } = await resolveUserAccess(typedCtx, db, {\n\t\t\t\t\t\tuserId: ctx.body.userId,\n\t\t\t\t\t\tbody: ctx.body,\n\t\t\t\t\t\tpermission: \"dashboard.manage\",\n\t\t\t\t\t});\n\t\t\t\t\tconst banExpires =\n\t\t\t\t\t\ttypeof ctx.body.banExpires === \"number\"\n\t\t\t\t\t\t\t? ctx.body.banExpires\n\t\t\t\t\t\t\t: typeof ctx.body.banExpiresIn === \"number\"\n\t\t\t\t\t\t\t\t? Date.now() + ctx.body.banExpiresIn * 1000\n\t\t\t\t\t\t\t\t: null;\n\t\t\t\t\tconst updatedUser = await typedCtx.context.internalAdapter.updateUser(user.id, {\n\t\t\t\t\t\tbanned: true,\n\t\t\t\t\t\tbanReason: ctx.body.banReason ?? \"Disabled by admin\",\n\t\t\t\t\t\tbanExpires,\n\t\t\t\t\t\tupdatedAt: new Date(),\n\t\t\t\t\t});\n\t\t\t\t\tawait typedCtx.context.internalAdapter.deleteSessions(user.id);\n\t\t\t\t\treturn typedCtx.json({ user: updatedUser });\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tunbanUser: createAuthEndpoint(\n\t\t\t\t\"/admin/unban-user\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\tbody: getUserBodySchema,\n\t\t\t\t\trequireHeaders: true,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst typedCtx = ctx as unknown as UserManagementContext;\n\t\t\t\t\tconst db = typedCtx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst { user } = await resolveUserAccess(typedCtx, db, {\n\t\t\t\t\t\tuserId: ctx.body.userId,\n\t\t\t\t\t\tbody: ctx.body,\n\t\t\t\t\t\tpermission: \"dashboard.manage\",\n\t\t\t\t\t});\n\t\t\t\t\tconst updatedUser = await typedCtx.context.internalAdapter.updateUser(user.id, {\n\t\t\t\t\t\tbanned: false,\n\t\t\t\t\t\tbanReason: null,\n\t\t\t\t\t\tbanExpires: null,\n\t\t\t\t\t\tupdatedAt: new Date(),\n\t\t\t\t\t});\n\t\t\t\t\treturn typedCtx.json({ user: updatedUser });\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tsetRole: createAuthEndpoint(\n\t\t\t\t\"/admin/set-role\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\tbody: setRoleBodySchema,\n\t\t\t\t\trequireHeaders: true,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst typedCtx = ctx as unknown as UserManagementContext;\n\t\t\t\t\tconst db = typedCtx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst { user } = await resolveUserAccess(typedCtx, db, {\n\t\t\t\t\t\tuserId: ctx.body.userId,\n\t\t\t\t\t\tbody: ctx.body,\n\t\t\t\t\t\tpermission: \"dashboard.manage\",\n\t\t\t\t\t});\n\t\t\t\t\tconst updatedUser = await typedCtx.context.internalAdapter.updateUser(user.id, {\n\t\t\t\t\t\trole: serializeRoleInput(ctx.body.role) ?? \"user\",\n\t\t\t\t\t\tupdatedAt: new Date(),\n\t\t\t\t\t});\n\t\t\t\t\treturn typedCtx.json({ user: updatedUser });\n\t\t\t\t},\n\t\t\t),\n\n\t\t\timpersonateUser: createAuthEndpoint(\n\t\t\t\t\"/admin/impersonate-user\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\tbody: impersonateUserBodySchema,\n\t\t\t\t\trequireHeaders: true,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst typedCtx = ctx as unknown as UserManagementContext;\n\t\t\t\t\tconst db = typedCtx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst auth = requireAuthenticated(typedCtx);\n\t\t\t\t\tconst targetUser = await findUserById(db, ctx.body.userId);\n\t\t\t\t\tif (!targetUser) {\n\t\t\t\t\t\tthrow typedCtx.error(\"BAD_REQUEST\", { message: \"User not found\" });\n\t\t\t\t\t}\n\n\t\t\t\t\tconst projectId = await assertImpersonationTargetAllowed(typedCtx, db, {\n\t\t\t\t\t\ttargetUser,\n\t\t\t\t\t\tbody: ctx.body,\n\t\t\t\t\t});\n\n\t\t\t\t\tconst session = await typedCtx.context.internalAdapter.createSession(\n\t\t\t\t\t\ttargetUser.id,\n\t\t\t\t\t\ttrue,\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\timpersonatedBy: auth.user.id,\n\t\t\t\t\t\t\texpiresAt: new Date(Date.now() + 60 * 60 * 1000),\n\t\t\t\t\t\t\t...(projectId ? { projectId } : {}),\n\t\t\t\t\t\t},\n\t\t\t\t\t\ttrue,\n\t\t\t\t\t);\n\t\t\t\t\tif (!session) {\n\t\t\t\t\t\tthrow typedCtx.error(\"INTERNAL_SERVER_ERROR\", {\n\t\t\t\t\t\t\tmessage: \"Failed to create impersonation session\",\n\t\t\t\t\t\t});\n\t\t\t\t\t}\n\n\t\t\t\t\tdeleteSessionCookie(typedCtx as any);\n\t\t\t\t\tconst dontRememberMeCookie = await typedCtx.getSignedCookie(\n\t\t\t\t\t\ttypedCtx.context.authCookies.dontRememberToken.name,\n\t\t\t\t\t\ttypedCtx.context.secret,\n\t\t\t\t\t);\n\t\t\t\t\tconst adminCookie = typedCtx.context.createAuthCookie(\"admin_session\");\n\t\t\t\t\tawait typedCtx.setSignedCookie(\n\t\t\t\t\t\tadminCookie.name,\n\t\t\t\t\t\t`${auth.session.token}:${dontRememberMeCookie ?? \"\"}`,\n\t\t\t\t\t\ttypedCtx.context.secret,\n\t\t\t\t\t\ttypedCtx.context.authCookies.sessionToken.attributes,\n\t\t\t\t\t);\n\t\t\t\t\tawait setSessionCookie(\n\t\t\t\t\t\ttypedCtx as any,\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tsession: session as any,\n\t\t\t\t\t\t\tuser: targetUser as any,\n\t\t\t\t\t\t},\n\t\t\t\t\t\ttrue,\n\t\t\t\t\t);\n\n\t\t\t\t\treturn typedCtx.json({\n\t\t\t\t\t\tsession: sanitizeSession(session),\n\t\t\t\t\t\tuser: targetUser,\n\t\t\t\t\t});\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tstopImpersonating: createAuthEndpoint(\n\t\t\t\t\"/admin/stop-impersonating\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\trequireHeaders: true,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst typedCtx = ctx as unknown as UserManagementContext;\n\t\t\t\t\tconst db = typedCtx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst authSession = await getSessionFromCtx(ctx);\n\t\t\t\t\tif (!authSession) {\n\t\t\t\t\t\tthrow typedCtx.error(\"UNAUTHORIZED\", { message: \"Authentication required\" });\n\t\t\t\t\t}\n\t\t\t\t\tif (!authSession.session.impersonatedBy) {\n\t\t\t\t\t\tthrow typedCtx.error(\"BAD_REQUEST\", {\n\t\t\t\t\t\t\tmessage: \"You are not impersonating anyone\",\n\t\t\t\t\t\t});\n\t\t\t\t\t}\n\n\t\t\t\t\tconst adminCookie = typedCtx.context.createAuthCookie(\"admin_session\");\n\t\t\t\t\tconst storedAdminSession = await typedCtx.getSignedCookie(\n\t\t\t\t\t\tadminCookie.name,\n\t\t\t\t\t\ttypedCtx.context.secret,\n\t\t\t\t\t);\n\t\t\t\t\tif (!storedAdminSession) {\n\t\t\t\t\t\tthrow typedCtx.error(\"INTERNAL_SERVER_ERROR\", {\n\t\t\t\t\t\t\tmessage: \"Failed to find admin session\",\n\t\t\t\t\t\t});\n\t\t\t\t\t}\n\n\t\t\t\t\tconst [adminSessionToken, dontRememberMeCookie] = storedAdminSession.split(\":\");\n\t\t\t\t\tif (!adminSessionToken) {\n\t\t\t\t\t\tthrow typedCtx.error(\"INTERNAL_SERVER_ERROR\", {\n\t\t\t\t\t\t\tmessage: \"Failed to parse admin session\",\n\t\t\t\t\t\t});\n\t\t\t\t\t}\n\n\t\t\t\t\tconst adminSession = await findSessionRow(db, {\n\t\t\t\t\t\tsessionToken: adminSessionToken,\n\t\t\t\t\t});\n\t\t\t\t\tif (!adminSession || adminSession.userId !== authSession.session.impersonatedBy) {\n\t\t\t\t\t\tthrow typedCtx.error(\"INTERNAL_SERVER_ERROR\", {\n\t\t\t\t\t\t\tmessage: \"Failed to find admin session\",\n\t\t\t\t\t\t});\n\t\t\t\t\t}\n\n\t\t\t\t\tconst adminUser = await findUserById(db, adminSession.userId);\n\t\t\t\t\tif (!adminUser) {\n\t\t\t\t\t\tthrow typedCtx.error(\"INTERNAL_SERVER_ERROR\", {\n\t\t\t\t\t\t\tmessage: \"Failed to find admin user\",\n\t\t\t\t\t\t});\n\t\t\t\t\t}\n\n\t\t\t\t\tawait typedCtx.context.internalAdapter.deleteSession(authSession.session.token);\n\t\t\t\t\tawait setSessionCookie(\n\t\t\t\t\t\ttypedCtx as any,\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tsession: adminSession as any,\n\t\t\t\t\t\t\tuser: adminUser as any,\n\t\t\t\t\t\t},\n\t\t\t\t\t\t!!dontRememberMeCookie,\n\t\t\t\t\t);\n\t\t\t\t\texpireCookie(typedCtx as any, adminCookie as any);\n\n\t\t\t\t\treturn typedCtx.json({\n\t\t\t\t\t\tsession: sanitizeSession(adminSession),\n\t\t\t\t\t\tuser: adminUser,\n\t\t\t\t\t});\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tlistUserAccounts: createAuthEndpoint(\n\t\t\t\t\"/admin/list-user-accounts\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\tbody: getUserBodySchema,\n\t\t\t\t\trequireHeaders: true,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst typedCtx = ctx as unknown as UserManagementContext;\n\t\t\t\t\tconst db = typedCtx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst { user, scope } = await resolveUserAccess(typedCtx, db, {\n\t\t\t\t\t\tuserId: ctx.body.userId,\n\t\t\t\t\t\tbody: ctx.body,\n\t\t\t\t\t\tpermission: \"dashboard.read\",\n\t\t\t\t\t});\n\t\t\t\t\tconst accounts = await db.findMany<AccountRow>({\n\t\t\t\t\t\tmodel: \"account\",\n\t\t\t\t\t\twhere: [{ field: \"userId\", value: user.id }, ...scope.where],\n\t\t\t\t\t\tlimit: 200,\n\t\t\t\t\t\tsortBy: { field: \"createdAt\", direction: \"desc\" },\n\t\t\t\t\t});\n\t\t\t\t\tconst data = accounts.map(sanitizeAccount);\n\t\t\t\t\treturn typedCtx.json({ accounts: data, data });\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tlistUserSessions: createAuthEndpoint(\n\t\t\t\t\"/admin/list-user-sessions\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\tbody: getUserBodySchema,\n\t\t\t\t\trequireHeaders: true,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst typedCtx = ctx as unknown as UserManagementContext;\n\t\t\t\t\tconst db = typedCtx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst { user, scope } = await resolveUserAccess(typedCtx, db, {\n\t\t\t\t\t\tuserId: ctx.body.userId,\n\t\t\t\t\t\tbody: ctx.body,\n\t\t\t\t\t\tpermission: \"dashboard.read\",\n\t\t\t\t\t});\n\t\t\t\t\tconst sessions = await db.findMany<SessionRow>({\n\t\t\t\t\t\tmodel: \"session\",\n\t\t\t\t\t\twhere: [{ field: \"userId\", value: user.id }, ...scope.where],\n\t\t\t\t\t\tlimit: 200,\n\t\t\t\t\t\tsortBy: { field: \"createdAt\", direction: \"desc\" },\n\t\t\t\t\t});\n\t\t\t\t\tconst data = sessions.map(sanitizeSession);\n\t\t\t\t\treturn typedCtx.json({ sessions: data, data });\n\t\t\t\t},\n\t\t\t),\n\n\t\t\trevokeUserSession: createAuthEndpoint(\n\t\t\t\t\"/admin/revoke-user-session\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\tbody: revokeSessionBodySchema,\n\t\t\t\t\trequireHeaders: true,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst typedCtx = ctx as unknown as UserManagementContext;\n\t\t\t\t\tconst db = typedCtx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst { session } = await resolveSessionAccess(typedCtx, db, {\n\t\t\t\t\t\tbody: ctx.body,\n\t\t\t\t\t\tpermission: \"dashboard.manage\",\n\t\t\t\t\t});\n\t\t\t\t\tawait typedCtx.context.internalAdapter.deleteSession(session.token);\n\t\t\t\t\treturn typedCtx.json({ success: true });\n\t\t\t\t},\n\t\t\t),\n\n\t\t\trevokeUserSessions: createAuthEndpoint(\n\t\t\t\t\"/admin/revoke-user-sessions\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\tbody: revokeUserSessionsBodySchema,\n\t\t\t\t\trequireHeaders: true,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst typedCtx = ctx as unknown as UserManagementContext;\n\t\t\t\t\tconst db = typedCtx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst { user } = await resolveUserAccess(typedCtx, db, {\n\t\t\t\t\t\tuserId: ctx.body.userId,\n\t\t\t\t\t\tbody: ctx.body,\n\t\t\t\t\t\tpermission: \"dashboard.manage\",\n\t\t\t\t\t});\n\t\t\t\t\tawait typedCtx.context.internalAdapter.deleteSessions(user.id);\n\t\t\t\t\treturn typedCtx.json({ success: true });\n\t\t\t\t},\n\t\t\t),\n\n\t\t\tsetUserPassword: createAuthEndpoint(\n\t\t\t\t\"/admin/set-user-password\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\tbody: setUserPasswordBodySchema,\n\t\t\t\t\trequireHeaders: true,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst typedCtx = ctx as unknown as UserManagementContext;\n\t\t\t\t\tconst db = typedCtx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tawait resolveUserAccess(typedCtx, db, {\n\t\t\t\t\t\tuserId: ctx.body.userId,\n\t\t\t\t\t\tbody: ctx.body,\n\t\t\t\t\t\tpermission: \"dashboard.manage\",\n\t\t\t\t\t});\n\n\t\t\t\t\tconst minPasswordLength = typedCtx.context.password.config?.minPasswordLength ?? 8;\n\t\t\t\t\tif (ctx.body.newPassword.length < minPasswordLength) {\n\t\t\t\t\t\tthrow typedCtx.error(\"BAD_REQUEST\", {\n\t\t\t\t\t\t\tmessage: `Password must be at least ${minPasswordLength} characters long`,\n\t\t\t\t\t\t});\n\t\t\t\t\t}\n\n\t\t\t\t\tconst maxPasswordLength = typedCtx.context.password.config?.maxPasswordLength ?? 128;\n\t\t\t\t\tif (ctx.body.newPassword.length > maxPasswordLength) {\n\t\t\t\t\t\tthrow typedCtx.error(\"BAD_REQUEST\", {\n\t\t\t\t\t\t\tmessage: `Password must be at most ${maxPasswordLength} characters long`,\n\t\t\t\t\t\t});\n\t\t\t\t\t}\n\n\t\t\t\t\tconst hashedPassword = await typedCtx.context.password.hash(ctx.body.newPassword);\n\t\t\t\t\tawait typedCtx.context.internalAdapter.updatePassword(ctx.body.userId, hashedPassword);\n\t\t\t\t\treturn typedCtx.json({ status: true });\n\t\t\t\t},\n\t\t\t),\n\n\t\t\thasPermission: createAuthEndpoint(\n\t\t\t\t\"/admin/has-permission\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\tbody: hasPermissionBodySchema,\n\t\t\t\t\trequireHeaders: true,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst typedCtx = ctx as unknown as UserManagementContext;\n\t\t\t\t\tconst db = typedCtx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst requestedPermissions = flattenPermissionCheckInput(\n\t\t\t\t\t\t(ctx.body.permissions ?? ctx.body.permission) as PermissionCheckInput | undefined,\n\t\t\t\t\t);\n\t\t\t\t\tif (requestedPermissions.length === 0) {\n\t\t\t\t\t\tthrow typedCtx.error(\"BAD_REQUEST\", {\n\t\t\t\t\t\t\tmessage: \"invalid permission check. no permission(s) were passed.\",\n\t\t\t\t\t\t});\n\t\t\t\t\t}\n\n\t\t\t\t\tconst grantedPermissions = await resolvePermissionCheckSubject(typedCtx, db, ctx.body);\n\t\t\t\t\treturn typedCtx.json({\n\t\t\t\t\t\terror: null,\n\t\t\t\t\t\tsuccess: hasRequestedPermissions(grantedPermissions, requestedPermissions),\n\t\t\t\t\t});\n\t\t\t\t},\n\t\t\t),\n\t\t},\n\t};\n}\n","/**\n * Vault plugin for Banata Auth.\n *\n * Provides envelope encryption for secrets using AES-256-GCM via the\n * Web Crypto API. Secrets are encrypted at rest in the `vaultSecret`\n * table and can only be decrypted by providing the correct context.\n *\n * The data encryption key (DEK) is derived from `BETTER_AUTH_SECRET`\n * using HKDF with a per-version salt, enabling key rotation without\n * re-deploying the application.\n *\n * @see {@link ../../component/schema.ts} for the vaultSecret table definition\n * @see {@link ../../../shared/src/types.ts} for the VaultSecret SDK type\n */\n\nimport type { BetterAuthPlugin } from \"better-auth\";\nimport { createAuthEndpoint } from \"better-auth/api\";\nimport { z } from \"zod\";\nimport {\n\ttype PluginDBAdapter,\n\ttype WhereClause,\n\tgetProjectScope,\n\tprojectScopeSchema,\n\trequireProjectPermission,\n} from \"./types\";\n\n// ─── Types ──────────────────────────────────────────────────────────\n\nexport interface VaultPluginOptions {\n\t/**\n\t * The master secret used to derive encryption keys.\n\t * Defaults to `BETTER_AUTH_SECRET` from the environment.\n\t */\n\tmasterSecret?: string;\n}\n\ninterface VaultSecretRow extends Record<string, unknown> {\n\tid: string;\n\tname: string;\n\tencryptedValue: string;\n\tiv: string;\n\tprojectId?: string;\n\tcontext?: string;\n\torganizationId?: string;\n\tversion: number;\n\tmetadata?: unknown;\n\tcreatedAt: number;\n\tupdatedAt: number;\n}\n\n// ─── Crypto Helpers ─────────────────────────────────────────────────\n\nconst ALGORITHM = \"AES-GCM\";\nconst KEY_LENGTH = 256;\nconst IV_LENGTH = 12; // 96-bit IV for AES-GCM\nconst INITIAL_VERSION = 1;\n\n/**\n * Derive an AES-256 key from the master secret using HKDF.\n * The version number is included in the info parameter so that\n * key rotation produces a different DEK for each version.\n */\n/** @internal Exported for testing. */\nexport async function deriveKey(masterSecret: string, version: number) {\n\tconst encoder = new TextEncoder();\n\tconst keyMaterial = await crypto.subtle.importKey(\n\t\t\"raw\",\n\t\tencoder.encode(masterSecret),\n\t\t\"HKDF\",\n\t\tfalse,\n\t\t[\"deriveKey\"],\n\t);\n\treturn crypto.subtle.deriveKey(\n\t\t{\n\t\t\tname: \"HKDF\",\n\t\t\thash: \"SHA-256\",\n\t\t\tsalt: encoder.encode(`banata-vault-v${version}`),\n\t\t\tinfo: encoder.encode(\"banata-vault-encryption\"),\n\t\t},\n\t\tkeyMaterial,\n\t\t{ name: ALGORITHM, length: KEY_LENGTH },\n\t\tfalse,\n\t\t[\"encrypt\", \"decrypt\"],\n\t);\n}\n\n/**\n * Encrypt a plaintext string using AES-256-GCM.\n * Returns the ciphertext and IV as base64-encoded strings.\n */\n/** @internal Exported for testing. */\nexport async function encryptValue(\n\tplaintext: string,\n\tmasterSecret: string,\n\tversion: number,\n): Promise<{ encryptedValue: string; iv: string }> {\n\tconst key = await deriveKey(masterSecret, version);\n\tconst encoder = new TextEncoder();\n\tconst iv = crypto.getRandomValues(new Uint8Array(IV_LENGTH));\n\n\tconst ciphertext = await crypto.subtle.encrypt(\n\t\t{ name: ALGORITHM, iv },\n\t\tkey,\n\t\tencoder.encode(plaintext),\n\t);\n\n\treturn {\n\t\tencryptedValue: uint8ToBase64(new Uint8Array(ciphertext)),\n\t\tiv: uint8ToBase64(iv),\n\t};\n}\n\n/**\n * Decrypt a ciphertext string using AES-256-GCM.\n */\n/** @internal Exported for testing. */\nexport async function decryptValue(\n\tencryptedValue: string,\n\tiv: string,\n\tmasterSecret: string,\n\tversion: number,\n): Promise<string> {\n\tconst key = await deriveKey(masterSecret, version);\n\tconst decoder = new TextDecoder();\n\n\tconst plaintext = await crypto.subtle.decrypt(\n\t\t{ name: ALGORITHM, iv: base64ToUint8(iv) },\n\t\tkey,\n\t\tbase64ToUint8(encryptedValue),\n\t);\n\n\treturn decoder.decode(plaintext);\n}\n\n/**\n * Get the current (maximum) encryption version from the DB.\n * Falls back to INITIAL_VERSION if no secrets exist yet.\n */\nasync function getCurrentVersion(db: PluginDBAdapter, scopeWhere: WhereClause[]): Promise<number> {\n\tconst rows = await db.findMany<VaultSecretRow>({\n\t\tmodel: \"vaultSecret\",\n\t\twhere: [...scopeWhere],\n\t\tlimit: 1,\n\t\tsortBy: { field: \"version\", direction: \"desc\" },\n\t});\n\treturn rows[0] ? rows[0].version : INITIAL_VERSION;\n}\n\n/** @internal Exported for testing. */\nexport function uint8ToBase64(bytes: Uint8Array): string {\n\tlet binary = \"\";\n\tfor (const byte of bytes) {\n\t\tbinary += String.fromCharCode(byte);\n\t}\n\treturn btoa(binary);\n}\n\n/** @internal Exported for testing. */\nexport function base64ToUint8(base64: string): Uint8Array {\n\tconst binary = atob(base64);\n\tconst bytes = new Uint8Array(binary.length);\n\tfor (let i = 0; i < binary.length; i++) {\n\t\tbytes[i] = binary.charCodeAt(i);\n\t}\n\treturn bytes;\n}\n\n// ─── Zod Schemas ────────────────────────────────────────────────────\n\nconst encryptSchema = z\n\t.object({\n\t\tname: z.string().min(1).max(256),\n\t\tdata: z.string().min(1),\n\t\tcontext: z.string().max(256).optional(),\n\t\torganizationId: z.string().optional(),\n\t\tmetadata: z.record(z.string()).optional(),\n\t})\n\t.merge(projectScopeSchema);\n\nconst decryptSchema = z\n\t.object({\n\t\tsecretId: z.string(),\n\t\tcontext: z.string().optional(),\n\t})\n\t.merge(projectScopeSchema);\n\nconst listSecretsSchema = z\n\t.object({\n\t\torganizationId: z.string().optional(),\n\t\tlimit: z.number().int().positive().max(200).optional(),\n\t\tbefore: z.string().optional(),\n\t\tafter: z.string().optional(),\n\t})\n\t.merge(projectScopeSchema);\n\nconst deleteSecretSchema = z\n\t.object({\n\t\tid: z.string(),\n\t})\n\t.merge(projectScopeSchema);\n\nconst rotateKeySchema = z\n\t.object({\n\t\t/** Maximum number of secrets to re-encrypt per call. Default: 100. */\n\t\tbatchSize: z.number().int().positive().max(500).optional(),\n\t})\n\t.merge(projectScopeSchema);\n\n// ─── Plugin Factory ─────────────────────────────────────────────────\n\n/**\n * Vault plugin for Banata Auth.\n *\n * Registers API endpoints under `/api/auth/banata/vault/` for\n * encrypting, decrypting, listing, deleting, and rotating vault secrets.\n *\n * @param options - Optional configuration\n * @returns A Better Auth plugin descriptor\n *\n * @example\n * ```ts\n * import { vaultPlugin } from \"./plugins/vault\";\n *\n * const plugins = [\n * vaultPlugin(),\n * // ... other plugins\n * ];\n * ```\n */\nexport function vaultPlugin(options?: VaultPluginOptions): BetterAuthPlugin {\n\tfunction getMasterSecret(): string {\n\t\tconst secret = options?.masterSecret ?? process.env.BETTER_AUTH_SECRET;\n\t\tif (!secret) {\n\t\t\tthrow new Error(\n\t\t\t\t\"[BanataAuth Vault] BETTER_AUTH_SECRET is required for vault operations. \" +\n\t\t\t\t\t\"Set it as an environment variable or pass masterSecret in vault plugin options.\",\n\t\t\t);\n\t\t}\n\t\treturn secret;\n\t}\n\n\treturn {\n\t\tid: \"banata-vault\",\n\n\t\t// ─── Schema Registration ──────────────────────────────────\n\t\tschema: {\n\t\t\tvaultSecret: {\n\t\t\t\tfields: {\n\t\t\t\t\tname: { type: \"string\" as const, required: true },\n\t\t\t\t\tencryptedValue: { type: \"string\" as const, required: true },\n\t\t\t\t\tiv: { type: \"string\" as const, required: true },\n\t\t\t\t\tprojectId: { type: \"string\" as const, required: false },\n\t\t\t\t\tcontext: { type: \"string\" as const, required: false },\n\t\t\t\t\torganizationId: { type: \"string\" as const, required: false },\n\t\t\t\t\tversion: { type: \"number\" as const, required: true },\n\t\t\t\t\tmetadata: { type: \"string\" as const, required: false },\n\t\t\t\t\tcreatedAt: { type: \"number\" as const, required: true },\n\t\t\t\t\tupdatedAt: { type: \"number\" as const, required: true },\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\n\t\tendpoints: {\n\t\t\t/**\n\t\t\t * Encrypt and store a secret.\n\t\t\t *\n\t\t\t * POST /api/auth/banata/vault/encrypt\n\t\t\t */\n\t\t\tvaultEncrypt: createAuthEndpoint(\n\t\t\t\t\"/banata/vault/encrypt\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\tbody: encryptSchema,\n\t\t\t\t\trequireHeaders: true,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst body = ctx.body;\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst scope = getProjectScope(body as Record<string, unknown>);\n\t\t\t\t\tawait requireProjectPermission(ctx, {\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tpermission: \"vault.write\",\n\t\t\t\t\t\tprojectId: scope.projectId,\n\t\t\t\t\t});\n\n\t\t\t\t\tconst masterSecret = getMasterSecret();\n\t\t\t\t\tconst now = Date.now();\n\t\t\t\t\tconst currentVersion = await getCurrentVersion(db, scope.where);\n\t\t\t\t\tconst { encryptedValue, iv } = await encryptValue(\n\t\t\t\t\t\tbody.data,\n\t\t\t\t\t\tmasterSecret,\n\t\t\t\t\t\tcurrentVersion,\n\t\t\t\t\t);\n\n\t\t\t\t\tconst data: Record<string, unknown> = {\n\t\t\t\t\t\t...scope.data,\n\t\t\t\t\t\tname: body.name,\n\t\t\t\t\t\tencryptedValue,\n\t\t\t\t\t\tiv,\n\t\t\t\t\t\tversion: currentVersion,\n\t\t\t\t\t\tcreatedAt: now,\n\t\t\t\t\t\tupdatedAt: now,\n\t\t\t\t\t};\n\t\t\t\t\tif (body.context) data.context = body.context;\n\t\t\t\t\tif (body.organizationId) data.organizationId = body.organizationId;\n\t\t\t\t\tif (body.metadata) data.metadata = JSON.stringify(body.metadata);\n\n\t\t\t\t\tconst secret = await db.create<VaultSecretRow>({\n\t\t\t\t\t\tmodel: \"vaultSecret\",\n\t\t\t\t\t\tdata: data as VaultSecretRow,\n\t\t\t\t\t});\n\n\t\t\t\t\treturn ctx.json({ id: secret.id });\n\t\t\t\t},\n\t\t\t),\n\n\t\t\t/**\n\t\t\t * Decrypt and return a secret by ID.\n\t\t\t *\n\t\t\t * POST /api/auth/banata/vault/decrypt\n\t\t\t */\n\t\t\tvaultDecrypt: createAuthEndpoint(\n\t\t\t\t\"/banata/vault/decrypt\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\tbody: decryptSchema,\n\t\t\t\t\trequireHeaders: true,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst body = ctx.body;\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst scope = getProjectScope(body as Record<string, unknown>);\n\t\t\t\t\tawait requireProjectPermission(ctx, {\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tpermission: \"vault.read\",\n\t\t\t\t\t\tprojectId: scope.projectId,\n\t\t\t\t\t});\n\n\t\t\t\t\tconst rows = await db.findMany<VaultSecretRow>({\n\t\t\t\t\t\tmodel: \"vaultSecret\",\n\t\t\t\t\t\twhere: [{ field: \"id\", value: body.secretId }, ...scope.where],\n\t\t\t\t\t\tlimit: 1,\n\t\t\t\t\t});\n\t\t\t\t\tconst secret = rows[0];\n\t\t\t\t\tif (!secret) {\n\t\t\t\t\t\tthrow ctx.error(\"NOT_FOUND\", { message: \"Secret not found\" });\n\t\t\t\t\t}\n\n\t\t\t\t\t// Verify context matches if the secret was stored with one\n\t\t\t\t\tif (secret.context && body.context !== secret.context) {\n\t\t\t\t\t\tthrow ctx.error(\"FORBIDDEN\", {\n\t\t\t\t\t\t\tmessage: \"Context mismatch: the provided context does not match the secret's context\",\n\t\t\t\t\t\t});\n\t\t\t\t\t}\n\n\t\t\t\t\tconst masterSecret = getMasterSecret();\n\t\t\t\t\ttry {\n\t\t\t\t\t\tconst plaintext = await decryptValue(\n\t\t\t\t\t\t\tsecret.encryptedValue,\n\t\t\t\t\t\t\tsecret.iv,\n\t\t\t\t\t\t\tmasterSecret,\n\t\t\t\t\t\t\tsecret.version,\n\t\t\t\t\t\t);\n\t\t\t\t\t\treturn ctx.json({ data: plaintext });\n\t\t\t\t\t} catch {\n\t\t\t\t\t\tthrow ctx.error(\"INTERNAL_SERVER_ERROR\", {\n\t\t\t\t\t\t\tmessage: \"Failed to decrypt secret. The master key may have changed.\",\n\t\t\t\t\t\t});\n\t\t\t\t\t}\n\t\t\t\t},\n\t\t\t),\n\n\t\t\t/**\n\t\t\t * List vault secrets (metadata only — no decrypted values).\n\t\t\t *\n\t\t\t * POST /api/auth/banata/vault/list\n\t\t\t */\n\t\t\tvaultList: createAuthEndpoint(\n\t\t\t\t\"/banata/vault/list\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\tbody: listSecretsSchema,\n\t\t\t\t\trequireHeaders: true,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst body = ctx.body;\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst scope = getProjectScope(body as Record<string, unknown>);\n\t\t\t\t\tawait requireProjectPermission(ctx, {\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tpermission: \"vault.read\",\n\t\t\t\t\t\tprojectId: scope.projectId,\n\t\t\t\t\t});\n\n\t\t\t\t\tconst limit = Math.min(body.limit ?? 50, 200);\n\t\t\t\t\tconst filters: WhereClause[] = [...scope.where];\n\n\t\t\t\t\tif (body.organizationId) {\n\t\t\t\t\t\tfilters.push({ field: \"organizationId\", value: body.organizationId });\n\t\t\t\t\t}\n\n\t\t\t\t\t// Cursor-based pagination using createdAt (descending order)\n\t\t\t\t\tif (body.after) {\n\t\t\t\t\t\tconst cursorRows = await db.findMany<VaultSecretRow>({\n\t\t\t\t\t\t\tmodel: \"vaultSecret\",\n\t\t\t\t\t\t\twhere: [{ field: \"id\", value: body.after }, ...scope.where],\n\t\t\t\t\t\t\tlimit: 1,\n\t\t\t\t\t\t});\n\t\t\t\t\t\tif (cursorRows[0]) {\n\t\t\t\t\t\t\tfilters.push({\n\t\t\t\t\t\t\t\tfield: \"createdAt\",\n\t\t\t\t\t\t\t\toperator: \"lt\" as const,\n\t\t\t\t\t\t\t\tvalue: cursorRows[0].createdAt,\n\t\t\t\t\t\t\t});\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t\tif (body.before) {\n\t\t\t\t\t\tconst cursorRows = await db.findMany<VaultSecretRow>({\n\t\t\t\t\t\t\tmodel: \"vaultSecret\",\n\t\t\t\t\t\t\twhere: [{ field: \"id\", value: body.before }, ...scope.where],\n\t\t\t\t\t\t\tlimit: 1,\n\t\t\t\t\t\t});\n\t\t\t\t\t\tif (cursorRows[0]) {\n\t\t\t\t\t\t\tfilters.push({\n\t\t\t\t\t\t\t\tfield: \"createdAt\",\n\t\t\t\t\t\t\t\toperator: \"gt\" as const,\n\t\t\t\t\t\t\t\tvalue: cursorRows[0].createdAt,\n\t\t\t\t\t\t\t});\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\n\t\t\t\t\tconst rows = await db.findMany<VaultSecretRow>({\n\t\t\t\t\t\tmodel: \"vaultSecret\",\n\t\t\t\t\t\twhere: filters,\n\t\t\t\t\t\tlimit: limit + 1, // Fetch one extra to determine hasMore\n\t\t\t\t\t\tsortBy: { field: \"createdAt\", direction: \"desc\" },\n\t\t\t\t\t});\n\n\t\t\t\t\tconst hasMore = rows.length > limit;\n\t\t\t\t\tconst items = hasMore ? rows.slice(0, limit) : rows;\n\t\t\t\t\tconst firstItem = items[0];\n\t\t\t\t\tconst lastItem = items[items.length - 1];\n\n\t\t\t\t\t// Return metadata only — never expose encrypted values\n\t\t\t\t\tconst data = items.map((row) => ({\n\t\t\t\t\t\tid: row.id,\n\t\t\t\t\t\tname: row.name,\n\t\t\t\t\t\tcontext: row.context ?? null,\n\t\t\t\t\t\torganizationId: row.organizationId ?? null,\n\t\t\t\t\t\tversion: row.version,\n\t\t\t\t\t\tmetadata: row.metadata\n\t\t\t\t\t\t\t? typeof row.metadata === \"string\"\n\t\t\t\t\t\t\t\t? safeJsonParse(row.metadata)\n\t\t\t\t\t\t\t\t: row.metadata\n\t\t\t\t\t\t\t: null,\n\t\t\t\t\t\tcreatedAt: row.createdAt,\n\t\t\t\t\t\tupdatedAt: row.updatedAt,\n\t\t\t\t\t}));\n\n\t\t\t\t\treturn ctx.json({\n\t\t\t\t\t\tdata,\n\t\t\t\t\t\tlistMetadata: {\n\t\t\t\t\t\t\tbefore: firstItem ? (firstItem.id as string) : null,\n\t\t\t\t\t\t\tafter: hasMore && lastItem ? (lastItem.id as string) : null,\n\t\t\t\t\t\t},\n\t\t\t\t\t});\n\t\t\t\t},\n\t\t\t),\n\n\t\t\t/**\n\t\t\t * Delete a vault secret by ID.\n\t\t\t *\n\t\t\t * POST /api/auth/banata/vault/delete\n\t\t\t */\n\t\t\tvaultDelete: createAuthEndpoint(\n\t\t\t\t\"/banata/vault/delete\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\tbody: deleteSecretSchema,\n\t\t\t\t\trequireHeaders: true,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst body = ctx.body;\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst scope = getProjectScope(body as Record<string, unknown>);\n\t\t\t\t\tawait requireProjectPermission(ctx, {\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tpermission: \"vault.write\",\n\t\t\t\t\t\tprojectId: scope.projectId,\n\t\t\t\t\t});\n\n\t\t\t\t\tconst rows = await db.findMany<VaultSecretRow>({\n\t\t\t\t\t\tmodel: \"vaultSecret\",\n\t\t\t\t\t\twhere: [{ field: \"id\", value: body.id }, ...scope.where],\n\t\t\t\t\t\tlimit: 1,\n\t\t\t\t\t});\n\t\t\t\t\tif (!rows[0]) {\n\t\t\t\t\t\tthrow ctx.error(\"NOT_FOUND\", { message: \"Secret not found\" });\n\t\t\t\t\t}\n\n\t\t\t\t\tawait db.delete({\n\t\t\t\t\t\tmodel: \"vaultSecret\",\n\t\t\t\t\t\twhere: [{ field: \"id\", value: body.id }, ...scope.where],\n\t\t\t\t\t});\n\n\t\t\t\t\treturn ctx.json({ status: \"deleted\" });\n\t\t\t\t},\n\t\t\t),\n\n\t\t\t/**\n\t\t\t * Rotate the encryption key by re-encrypting all secrets\n\t\t\t * with the next version's derived key.\n\t\t\t *\n\t\t\t * POST /api/auth/banata/vault/rotate-key\n\t\t\t *\n\t\t\t * This operation is idempotent — secrets already at the\n\t\t\t * latest version are skipped.\n\t\t\t */\n\t\t\tvaultRotateKey: createAuthEndpoint(\n\t\t\t\t\"/banata/vault/rotate-key\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\tbody: rotateKeySchema,\n\t\t\t\t\trequireHeaders: true,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst body = ctx.body;\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst scope = getProjectScope(body as Record<string, unknown>);\n\t\t\t\t\tawait requireProjectPermission(ctx, {\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tpermission: \"vault.manage\",\n\t\t\t\t\t\tprojectId: scope.projectId,\n\t\t\t\t\t});\n\n\t\t\t\t\tconst masterSecret = getMasterSecret();\n\t\t\t\t\tconst batchSize = body.batchSize ?? 100;\n\t\t\t\t\tconst currentVersion = await getCurrentVersion(db, scope.where);\n\t\t\t\t\tconst newVersion = currentVersion + 1;\n\n\t\t\t\t\t// Find secrets that aren't at the latest version\n\t\t\t\t\tconst outdated = await db.findMany<VaultSecretRow>({\n\t\t\t\t\t\tmodel: \"vaultSecret\",\n\t\t\t\t\t\twhere: [\n\t\t\t\t\t\t\t{ field: \"version\", operator: \"lt\" as const, value: newVersion },\n\t\t\t\t\t\t\t...scope.where,\n\t\t\t\t\t\t],\n\t\t\t\t\t\tlimit: batchSize,\n\t\t\t\t\t});\n\n\t\t\t\t\tlet rotated = 0;\n\t\t\t\t\tlet failed = 0;\n\n\t\t\t\t\tfor (const secret of outdated) {\n\t\t\t\t\t\ttry {\n\t\t\t\t\t\t\t// Decrypt with old version key\n\t\t\t\t\t\t\tconst plaintext = await decryptValue(\n\t\t\t\t\t\t\t\tsecret.encryptedValue,\n\t\t\t\t\t\t\t\tsecret.iv,\n\t\t\t\t\t\t\t\tmasterSecret,\n\t\t\t\t\t\t\t\tsecret.version,\n\t\t\t\t\t\t\t);\n\n\t\t\t\t\t\t\t// Re-encrypt with new version key\n\t\t\t\t\t\t\tconst { encryptedValue, iv } = await encryptValue(\n\t\t\t\t\t\t\t\tplaintext,\n\t\t\t\t\t\t\t\tmasterSecret,\n\t\t\t\t\t\t\t\tnewVersion,\n\t\t\t\t\t\t\t);\n\n\t\t\t\t\t\t\tawait db.update({\n\t\t\t\t\t\t\t\tmodel: \"vaultSecret\",\n\t\t\t\t\t\t\t\twhere: [{ field: \"id\", value: secret.id }, ...scope.where],\n\t\t\t\t\t\t\t\tupdate: {\n\t\t\t\t\t\t\t\t\tencryptedValue,\n\t\t\t\t\t\t\t\t\tiv,\n\t\t\t\t\t\t\t\t\tversion: newVersion,\n\t\t\t\t\t\t\t\t\tupdatedAt: Date.now(),\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t});\n\t\t\t\t\t\t\trotated++;\n\t\t\t\t\t\t} catch (err) {\n\t\t\t\t\t\t\tconsole.error(\n\t\t\t\t\t\t\t\t\"[BanataAuth Vault] Failed to rotate a secret:\",\n\t\t\t\t\t\t\t\terr instanceof Error ? err.message : \"unknown error\",\n\t\t\t\t\t\t\t);\n\t\t\t\t\t\t\tfailed++;\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\n\t\t\t\t\treturn ctx.json({\n\t\t\t\t\t\tstatus: outdated.length === 0 ? \"up_to_date\" : \"rotated\",\n\t\t\t\t\t\trotated,\n\t\t\t\t\t\tfailed,\n\t\t\t\t\t\tremaining: Math.max(0, outdated.length - rotated - failed),\n\t\t\t\t\t});\n\t\t\t\t},\n\t\t\t),\n\t\t},\n\t};\n}\n\n// ─── Helpers ────────────────────────────────────────────────────────\n\nfunction safeJsonParse(value: string): unknown {\n\ttry {\n\t\treturn JSON.parse(value);\n\t} catch {\n\t\treturn value;\n\t}\n}\n","/**\n * Banata Auth Webhook System Plugin.\n *\n * Provides CRUD management of webhook endpoints, HMAC-SHA256 signed payloads,\n * retry with exponential backoff, and delivery tracking via an audit trail.\n *\n * Endpoints are registered under `/api/auth/banata/webhooks/` and exposed to\n * admin consumers for configuring outbound webhook subscriptions.\n *\n * Other plugins (audit, lifecycle triggers) call `dispatchWebhookEvent()` to\n * fire webhooks when auth events occur.\n */\n\nimport { WEBHOOK_MAX_CONSECUTIVE_FAILURES } from \"@banata-auth/shared\";\nimport type { BetterAuthPlugin } from \"better-auth\";\nimport { createAuthEndpoint } from \"better-auth/api\";\nimport { z } from \"zod\";\nimport {\n\ttype PluginDBAdapter,\n\ttype WebhookEndpointRow,\n\ttype WhereClause,\n\tgetProjectScope,\n\tprojectScopeSchema,\n\trequireProjectPermission,\n} from \"./types\";\n\n// ─── Crypto Helpers (Web Crypto API — works in Convex V8 + Node.js) ──\n\n/** Generate a hex string of `byteCount` random bytes. */\nfunction randomHex(byteCount: number): string {\n\tconst buf = new Uint8Array(byteCount);\n\tcrypto.getRandomValues(buf);\n\treturn Array.from(buf, (b) => b.toString(16).padStart(2, \"0\")).join(\"\");\n}\n\n/** HMAC-SHA256 sign `data` with `key`, returning a hex digest. */\nasync function hmacSha256(key: string, data: string): Promise<string> {\n\tconst enc = new TextEncoder();\n\tconst cryptoKey = await crypto.subtle.importKey(\n\t\t\"raw\",\n\t\tenc.encode(key),\n\t\t{ name: \"HMAC\", hash: \"SHA-256\" },\n\t\tfalse,\n\t\t[\"sign\"],\n\t);\n\tconst sig = await crypto.subtle.sign(\"HMAC\", cryptoKey, enc.encode(data));\n\treturn Array.from(new Uint8Array(sig), (b) => b.toString(16).padStart(2, \"0\")).join(\"\");\n}\n\n// ─── Plugin Options ─────────────────────────────────────────────────\n\nexport interface WebhookPluginOptions {\n\t/** Max retry attempts for failed deliveries. Default: 5 */\n\tmaxRetries?: number;\n\t/** Retry delays in ms. Default: [0, 5min, 30min, 2hr, 24hr] */\n\tretryDelays?: number[];\n}\n\n// ─── Zod Schemas ────────────────────────────────────────────────────\n\nconst listWebhooksSchema = z\n\t.object({\n\t\tlimit: z.number().optional(),\n\t\tafter: z.string().optional(),\n\t\tbefore: z.string().optional(),\n\t})\n\t.merge(projectScopeSchema);\n\nconst createWebhookSchema = z\n\t.object({\n\t\turl: z\n\t\t\t.string()\n\t\t\t.url(\"Invalid URL\")\n\t\t\t.refine((url) => isAllowedWebhookUrl(url), {\n\t\t\t\tmessage: \"Webhook URL must use HTTPS (localhost HTTP allowed in development)\",\n\t\t\t}),\n\t\teventTypes: z.array(z.string()).optional(),\n\t\tenabled: z.boolean().optional(),\n\t})\n\t.merge(projectScopeSchema);\n\nconst updateWebhookSchema = z\n\t.object({\n\t\tid: z.string(),\n\t\turl: z\n\t\t\t.string()\n\t\t\t.url(\"Invalid URL\")\n\t\t\t.refine((url) => isAllowedWebhookUrl(url), {\n\t\t\t\tmessage: \"Webhook URL must use HTTPS (localhost HTTP allowed in development)\",\n\t\t\t})\n\t\t\t.optional(),\n\t\teventTypes: z.array(z.string()).optional(),\n\t\tenabled: z.boolean().optional(),\n\t})\n\t.merge(projectScopeSchema);\n\nconst deleteWebhookSchema = z\n\t.object({\n\t\tid: z.string(),\n\t})\n\t.merge(projectScopeSchema);\n\nfunction isAllowedWebhookUrl(url: string): boolean {\n\tif (url.startsWith(\"https://\")) return true;\n\treturn (\n\t\turl.startsWith(\"http://localhost\") ||\n\t\turl.startsWith(\"http://127.0.0.1\") ||\n\t\turl.startsWith(\"http://0.0.0.0\")\n\t);\n}\n\n// ─── Plugin Factory ─────────────────────────────────────────────────\n\n/**\n * Webhook system plugin for Banata Auth.\n *\n * Provides:\n * - CRUD management of webhook endpoints\n * - HMAC-SHA256 signed payloads\n * - Retry with exponential backoff\n * - Delivery tracking and audit trail\n */\nexport function webhookSystem(_options?: WebhookPluginOptions): BetterAuthPlugin {\n\treturn {\n\t\tid: \"banata-webhook-system\",\n\n\t\t// ─── Schema Registration ──────────────────────────────────\n\t\tschema: {\n\t\t\twebhookEndpoint: {\n\t\t\t\tfields: {\n\t\t\t\t\tprojectId: { type: \"string\" as const, required: false },\n\t\t\t\t\turl: { type: \"string\", required: true },\n\t\t\t\t\tsecret: { type: \"string\", required: true },\n\t\t\t\t\teventTypes: { type: \"string\", required: false },\n\t\t\t\t\tenabled: { type: \"boolean\", required: true },\n\t\t\t\t\tsuccessCount: { type: \"number\", required: false },\n\t\t\t\t\tfailureCount: { type: \"number\", required: false },\n\t\t\t\t\tconsecutiveFailures: { type: \"number\", required: false },\n\t\t\t\t\tlastDeliveryAt: { type: \"number\", required: false },\n\t\t\t\t\tlastDeliveryStatus: { type: \"string\", required: false },\n\t\t\t\t\tcreatedAt: { type: \"number\", required: true },\n\t\t\t\t\tupdatedAt: { type: \"number\", required: true },\n\t\t\t\t},\n\t\t\t},\n\t\t\twebhookDelivery: {\n\t\t\t\tfields: {\n\t\t\t\t\tprojectId: { type: \"string\" as const, required: false },\n\t\t\t\t\tendpointId: {\n\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\trequired: true,\n\t\t\t\t\t\treferences: { model: \"webhookEndpoint\", field: \"id\" },\n\t\t\t\t\t},\n\t\t\t\t\teventType: { type: \"string\", required: true },\n\t\t\t\t\tpayload: { type: \"string\", required: true },\n\t\t\t\t\tattempt: { type: \"number\", required: true },\n\t\t\t\t\tmaxAttempts: { type: \"number\", required: true },\n\t\t\t\t\tstatus: { type: \"string\", required: true },\n\t\t\t\t\thttpStatus: { type: \"number\", required: false },\n\t\t\t\t\tresponseBody: { type: \"string\", required: false },\n\t\t\t\t\terrorMessage: { type: \"string\", required: false },\n\t\t\t\t\tnextRetryAt: { type: \"number\", required: false },\n\t\t\t\t\tdeliveredAt: { type: \"number\", required: false },\n\t\t\t\t\tcreatedAt: { type: \"number\", required: true },\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\n\t\tendpoints: {\n\t\t\t// ── List webhook endpoints ──────────────────────────────────\n\t\t\tlistWebhookEndpoints: createAuthEndpoint(\n\t\t\t\t\"/banata/webhooks/list\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\trequireHeaders: true,\n\t\t\t\t\tbody: listWebhooksSchema,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst body = ctx.body;\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst limit = body.limit ?? 50;\n\t\t\t\t\tconst scope = getProjectScope(body as Record<string, unknown>);\n\t\t\t\t\tawait requireProjectPermission(ctx, {\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tpermission: \"webhook.manage\",\n\t\t\t\t\t\tprojectId: scope.projectId,\n\t\t\t\t\t});\n\n\t\t\t\t\tconst endpoints = await db.findMany<WebhookEndpointRow>({\n\t\t\t\t\t\tmodel: \"webhookEndpoint\",\n\t\t\t\t\t\twhere: [...scope.where],\n\t\t\t\t\t\tlimit,\n\t\t\t\t\t\tsortBy: { field: \"createdAt\", direction: \"desc\" },\n\t\t\t\t\t});\n\n\t\t\t\t\t// Strip secrets from response — consumers should never see signing secrets\n\t\t\t\t\tconst sanitized = endpoints.map((ep) => ({\n\t\t\t\t\t\tid: ep.id,\n\t\t\t\t\t\turl: ep.url,\n\t\t\t\t\t\teventTypes: ep.eventTypes,\n\t\t\t\t\t\tenabled: ep.enabled,\n\t\t\t\t\t\tsuccessCount: ep.successCount,\n\t\t\t\t\t\tfailureCount: ep.failureCount,\n\t\t\t\t\t\tconsecutiveFailures: ep.consecutiveFailures,\n\t\t\t\t\t\tlastDeliveryAt: ep.lastDeliveryAt,\n\t\t\t\t\t\tlastDeliveryStatus: ep.lastDeliveryStatus,\n\t\t\t\t\t\tcreatedAt: ep.createdAt,\n\t\t\t\t\t\tupdatedAt: ep.updatedAt,\n\t\t\t\t\t}));\n\n\t\t\t\t\treturn ctx.json({\n\t\t\t\t\t\tdata: sanitized,\n\t\t\t\t\t\tlistMetadata: { before: null, after: null },\n\t\t\t\t\t});\n\t\t\t\t},\n\t\t\t),\n\n\t\t\t// ── Create webhook endpoint ─────────────────────────────────\n\t\t\tcreateWebhookEndpoint: createAuthEndpoint(\n\t\t\t\t\"/banata/webhooks/create\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\trequireHeaders: true,\n\t\t\t\t\tbody: createWebhookSchema,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst body = ctx.body;\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst now = Date.now();\n\t\t\t\t\tconst scope = getProjectScope(body as Record<string, unknown>);\n\t\t\t\t\tawait requireProjectPermission(ctx, {\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tpermission: \"webhook.manage\",\n\t\t\t\t\t\tprojectId: scope.projectId,\n\t\t\t\t\t});\n\n\t\t\t\t\t// Generate a signing secret prefixed for easy identification\n\t\t\t\t\tconst secret = `whsec_${randomHex(32)}`;\n\n\t\t\t\t\t// Omit optional fields — Convex v.optional() accepts undefined but NOT null.\n\t\t\t\t\tconst endpoint = await db.create<WebhookEndpointRow>({\n\t\t\t\t\t\tmodel: \"webhookEndpoint\",\n\t\t\t\t\t\tdata: {\n\t\t\t\t\t\t\t...scope.data,\n\t\t\t\t\t\t\turl: body.url,\n\t\t\t\t\t\t\tsecret,\n\t\t\t\t\t\t\teventTypes: body.eventTypes ? JSON.stringify(body.eventTypes) : JSON.stringify([]),\n\t\t\t\t\t\t\tenabled: body.enabled !== false,\n\t\t\t\t\t\t\tsuccessCount: 0,\n\t\t\t\t\t\t\tfailureCount: 0,\n\t\t\t\t\t\t\tconsecutiveFailures: 0,\n\t\t\t\t\t\t\tcreatedAt: now,\n\t\t\t\t\t\t\tupdatedAt: now,\n\t\t\t\t\t\t} as WebhookEndpointRow,\n\t\t\t\t\t});\n\n\t\t\t\t\t// Return the endpoint with the secret visible ONLY on creation.\n\t\t\t\t\t// After this response, the secret is never returned again.\n\t\t\t\t\treturn ctx.json({\n\t\t\t\t\t\tid: endpoint.id,\n\t\t\t\t\t\turl: endpoint.url,\n\t\t\t\t\t\tsecret: endpoint.secret,\n\t\t\t\t\t\teventTypes: endpoint.eventTypes,\n\t\t\t\t\t\tenabled: endpoint.enabled,\n\t\t\t\t\t\tsuccessCount: endpoint.successCount,\n\t\t\t\t\t\tfailureCount: endpoint.failureCount,\n\t\t\t\t\t\tconsecutiveFailures: endpoint.consecutiveFailures,\n\t\t\t\t\t\tlastDeliveryAt: endpoint.lastDeliveryAt,\n\t\t\t\t\t\tlastDeliveryStatus: endpoint.lastDeliveryStatus,\n\t\t\t\t\t\tcreatedAt: endpoint.createdAt,\n\t\t\t\t\t\tupdatedAt: endpoint.updatedAt,\n\t\t\t\t\t});\n\t\t\t\t},\n\t\t\t),\n\n\t\t\t// ── Update webhook endpoint ─────────────────────────────────\n\t\t\tupdateWebhookEndpoint: createAuthEndpoint(\n\t\t\t\t\"/banata/webhooks/update\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\trequireHeaders: true,\n\t\t\t\t\tbody: updateWebhookSchema,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst body = ctx.body;\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst now = Date.now();\n\t\t\t\t\tconst scope = getProjectScope(body as Record<string, unknown>);\n\t\t\t\t\tawait requireProjectPermission(ctx, {\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tpermission: \"webhook.manage\",\n\t\t\t\t\t\tprojectId: scope.projectId,\n\t\t\t\t\t});\n\n\t\t\t\t\tconst updates: Record<string, unknown> = { updatedAt: now };\n\t\t\t\t\tif (body.url !== undefined) updates.url = body.url;\n\t\t\t\t\tif (body.eventTypes !== undefined) updates.eventTypes = JSON.stringify(body.eventTypes);\n\t\t\t\t\tif (body.enabled !== undefined) updates.enabled = body.enabled;\n\n\t\t\t\t\tconst endpoint = await db.update<WebhookEndpointRow>({\n\t\t\t\t\t\tmodel: \"webhookEndpoint\",\n\t\t\t\t\t\twhere: [{ field: \"id\", operator: \"eq\", value: body.id }, ...scope.where],\n\t\t\t\t\t\tupdate: updates,\n\t\t\t\t\t});\n\n\t\t\t\t\treturn ctx.json(endpoint);\n\t\t\t\t},\n\t\t\t),\n\n\t\t\t// ── Delete webhook endpoint ─────────────────────────────────\n\t\t\tdeleteWebhookEndpoint: createAuthEndpoint(\n\t\t\t\t\"/banata/webhooks/delete\",\n\t\t\t\t{\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\trequireHeaders: true,\n\t\t\t\t\tbody: deleteWebhookSchema,\n\t\t\t\t},\n\t\t\t\tasync (ctx) => {\n\t\t\t\t\tconst body = ctx.body;\n\t\t\t\t\tconst db = ctx.context.adapter as unknown as PluginDBAdapter;\n\t\t\t\t\tconst scope = getProjectScope(body as Record<string, unknown>);\n\t\t\t\t\tawait requireProjectPermission(ctx, {\n\t\t\t\t\t\tdb,\n\t\t\t\t\t\tpermission: \"webhook.manage\",\n\t\t\t\t\t\tprojectId: scope.projectId,\n\t\t\t\t\t});\n\n\t\t\t\t\tawait db.delete({\n\t\t\t\t\t\tmodel: \"webhookEndpoint\",\n\t\t\t\t\t\twhere: [{ field: \"id\", operator: \"eq\", value: body.id }, ...scope.where],\n\t\t\t\t\t});\n\n\t\t\t\t\treturn ctx.json({ success: true });\n\t\t\t\t},\n\t\t\t),\n\t\t},\n\t};\n}\n\n// ─── Signature Utilities ────────────────────────────────────────────\n\n/**\n * Sign a webhook payload using HMAC-SHA256.\n *\n * @param payload - JSON stringified payload\n * @param secret - The webhook endpoint's signing secret\n * @param timestamp - Unix timestamp in seconds\n * @returns The signature string in the format \"v1,<hex>\"\n */\nexport async function signWebhookPayload(\n\tpayload: string,\n\tsecret: string,\n\ttimestamp: number,\n): Promise<string> {\n\tconst signaturePayload = `${timestamp}.${payload}`;\n\tconst hex = await hmacSha256(secret, signaturePayload);\n\treturn `v1,${hex}`;\n}\n\n/**\n * Verify a webhook signature.\n *\n * @param payload - Raw request body string\n * @param signature - The Banata-Webhook-Signature header value (format: \"t=<ts>,v1=<hex>\")\n * @param secret - The webhook endpoint's signing secret\n * @param tolerance - Max age in seconds (default: 300 = 5 minutes)\n * @returns true if valid\n */\nexport async function verifyWebhookSignature(\n\tpayload: string,\n\tsignature: string,\n\tsecret: string,\n\ttolerance = 300,\n): Promise<boolean> {\n\tconst parts = signature.split(\",\");\n\tif (parts.length < 2) return false;\n\n\t// Parse timestamp from \"t=<timestamp>\"\n\tconst tPart = parts.find((p) => p.startsWith(\"t=\"));\n\tif (!tPart) return false;\n\tconst timestamp = Number.parseInt(tPart.slice(2), 10);\n\tif (Number.isNaN(timestamp)) return false;\n\n\t// Check tolerance — reject if too old or too far in the future\n\tconst age = Math.floor(Date.now() / 1000) - timestamp;\n\tif (Math.abs(age) > tolerance) return false;\n\n\t// Find v1 signature\n\tconst sigPart = parts.find((p) => p.startsWith(\"v1=\"));\n\tif (!sigPart) return false;\n\tconst receivedSig = sigPart.slice(3);\n\n\t// Compute expected signature\n\tconst signaturePayload = `${timestamp}.${payload}`;\n\tconst expectedSig = await hmacSha256(secret, signaturePayload);\n\n\t// Constant-time comparison to prevent timing attacks\n\tif (receivedSig.length !== expectedSig.length) return false;\n\tlet result = 0;\n\tfor (let i = 0; i < receivedSig.length; i++) {\n\t\tresult |= receivedSig.charCodeAt(i) ^ expectedSig.charCodeAt(i);\n\t}\n\treturn result === 0;\n}\n\n// ─── Dispatch Helper ────────────────────────────────────────────────\n\n/**\n * Dispatch a webhook event to all matching endpoints.\n *\n * This is a helper intended to be called from other plugins (audit, triggers)\n * to fire webhooks when events occur. It is designed to never throw — webhook\n * delivery failures must not break the calling flow.\n *\n * @param adapter - The Better Auth database adapter (subset of methods needed)\n * @param eventType - The event type string (e.g., \"user.created\", \"session.revoked\")\n * @param data - The event payload data\n * @param scope - Optional project+environment scope for multi-tenant isolation\n */\nexport async function dispatchWebhookEvent(\n\tadapter: Pick<PluginDBAdapter, \"findMany\" | \"create\" | \"update\">,\n\teventType: string,\n\tdata: Record<string, unknown>,\n\tscope?: { projectId?: string },\n): Promise<void> {\n\ttry {\n\t\t// Find all enabled endpoints, scoped to project+environment if provided\n\t\tconst where: WhereClause[] = [{ field: \"enabled\", value: true }];\n\t\tif (scope?.projectId) where.push({ field: \"projectId\", value: scope.projectId });\n\n\t\tconst endpoints = await adapter.findMany<WebhookEndpointRow>({\n\t\t\tmodel: \"webhookEndpoint\",\n\t\t\twhere,\n\t\t\tlimit: 100,\n\t\t});\n\n\t\tif (!endpoints || endpoints.length === 0) return;\n\n\t\tconst now = Date.now();\n\t\tconst timestamp = Math.floor(now / 1000);\n\t\tconst payload = JSON.stringify({\n\t\t\tid: `evt_${now}_${Math.random().toString(36).slice(2, 10)}`,\n\t\t\ttype: eventType,\n\t\t\tdata,\n\t\t\tcreated_at: new Date(now).toISOString(),\n\t\t});\n\n\t\tfor (const endpoint of endpoints) {\n\t\t\t// Check if endpoint subscribes to this event type\n\t\t\tconst eventTypes: string[] = endpoint.eventTypes\n\t\t\t\t? (JSON.parse(endpoint.eventTypes) as string[])\n\t\t\t\t: [];\n\t\t\tif (eventTypes.length > 0 && !eventTypes.includes(eventType)) continue;\n\n\t\t\tconst signature = await signWebhookPayload(payload, endpoint.secret, timestamp);\n\n\t\t\t// Create delivery record for audit trail.\n\t\t\t// Omit optional fields — Convex v.optional() accepts undefined but NOT null.\n\t\t\tconst deliveryData: Record<string, unknown> = {\n\t\t\t\tendpointId: endpoint.id,\n\t\t\t\teventType,\n\t\t\t\tpayload,\n\t\t\t\tattempt: 1,\n\t\t\t\tmaxAttempts: 5,\n\t\t\t\tstatus: \"pending\",\n\t\t\t\tcreatedAt: now,\n\t\t\t};\n\t\t\tif (scope?.projectId) deliveryData.projectId = scope.projectId;\n\t\t\tawait adapter.create({\n\t\t\t\tmodel: \"webhookDelivery\",\n\t\t\t\tdata: deliveryData,\n\t\t\t});\n\n\t\t\t// Attempt delivery (fire and forget — actual retry logic would use Convex scheduler)\n\t\t\ttry {\n\t\t\t\tconst response = await fetch(endpoint.url, {\n\t\t\t\t\tmethod: \"POST\",\n\t\t\t\t\theaders: {\n\t\t\t\t\t\t\"Content-Type\": \"application/json\",\n\t\t\t\t\t\t\"Banata-Webhook-Signature\": `t=${timestamp},${signature}`,\n\t\t\t\t\t\t\"Banata-Webhook-Id\": `evt_${now}`,\n\t\t\t\t\t\t\"User-Agent\": \"BanataAuth-Webhook/1.0\",\n\t\t\t\t\t},\n\t\t\t\t\tbody: payload,\n\t\t\t\t\tsignal: AbortSignal.timeout(30_000),\n\t\t\t\t});\n\n\t\t\t\tconst success = response.status >= 200 && response.status < 300;\n\t\t\t\tconst newConsecutiveFailures = success ? 0 : (endpoint.consecutiveFailures ?? 0) + 1;\n\n\t\t\t\t// Auto-disable endpoint if it exceeds max consecutive failures\n\t\t\t\tconst shouldDisable =\n\t\t\t\t\t!success && newConsecutiveFailures >= WEBHOOK_MAX_CONSECUTIVE_FAILURES;\n\n\t\t\t\t// Update endpoint stats\n\t\t\t\tawait adapter.update<WebhookEndpointRow>({\n\t\t\t\t\tmodel: \"webhookEndpoint\",\n\t\t\t\t\twhere: [{ field: \"id\", operator: \"eq\", value: endpoint.id }],\n\t\t\t\t\tupdate: {\n\t\t\t\t\t\tlastDeliveryAt: now,\n\t\t\t\t\t\tlastDeliveryStatus: success ? \"success\" : \"failure\",\n\t\t\t\t\t\tsuccessCount: (endpoint.successCount ?? 0) + (success ? 1 : 0),\n\t\t\t\t\t\tfailureCount: (endpoint.failureCount ?? 0) + (success ? 0 : 1),\n\t\t\t\t\t\tconsecutiveFailures: newConsecutiveFailures,\n\t\t\t\t\t\t...(shouldDisable && { enabled: false }),\n\t\t\t\t\t\tupdatedAt: now,\n\t\t\t\t\t},\n\t\t\t\t});\n\t\t\t} catch {\n\t\t\t\t// Network error — mark as failed, retry later via Convex scheduler\n\t\t\t\tconst newConsecutiveFailures = (endpoint.consecutiveFailures ?? 0) + 1;\n\t\t\t\tconst shouldDisable = newConsecutiveFailures >= WEBHOOK_MAX_CONSECUTIVE_FAILURES;\n\n\t\t\t\tawait adapter.update<WebhookEndpointRow>({\n\t\t\t\t\tmodel: \"webhookEndpoint\",\n\t\t\t\t\twhere: [{ field: \"id\", operator: \"eq\", value: endpoint.id }],\n\t\t\t\t\tupdate: {\n\t\t\t\t\t\tlastDeliveryAt: now,\n\t\t\t\t\t\tlastDeliveryStatus: \"failure\",\n\t\t\t\t\t\tfailureCount: (endpoint.failureCount ?? 0) + 1,\n\t\t\t\t\t\tconsecutiveFailures: newConsecutiveFailures,\n\t\t\t\t\t\t...(shouldDisable && { enabled: false }),\n\t\t\t\t\t\tupdatedAt: now,\n\t\t\t\t\t},\n\t\t\t\t});\n\t\t\t}\n\t\t}\n\t} catch {\n\t\t// Webhook dispatch should never break the calling flow\n\t}\n}\n","/**\n * Banata Auth Convex integration — core auth instance factory.\n *\n * This module provides factory functions to wire Better Auth with Convex,\n * pre-configured with all plugins needed for WorkOS-equivalent functionality.\n *\n * Architecture:\n * - `@convex-dev/better-auth` bridges Better Auth to Convex's document DB\n * - `createClient()` creates the component client with the DB adapter\n * - `betterAuth()` is configured with all Phase 1 plugins\n * - HTTP routes are registered on Convex's httpRouter\n * - JWTs are signed with RS256 keys stored in the jwks table\n * - Convex validates JWTs via the JWKS endpoint\n *\n * Usage in consumer's convex/ directory:\n *\n * ```ts\n * // convex/banataAuth/auth.ts\n * import { createBanataAuthComponent, createBanataAuthOptions, createBanataAuth } from \"@banata-auth/convex\";\n * import { components } from \"../_generated/api\";\n * import type { DataModel } from \"../_generated/dataModel\";\n * import authConfig from \"../auth.config\";\n * import schema from \"./schema\";\n *\n * export const authComponent = createBanataAuthComponent(components.banataAuth, schema);\n *\n * export const createAuthOptions = (ctx: GenericCtx<DataModel>) =>\n * createBanataAuthOptions(ctx, {\n * authComponent,\n * authConfig,\n * siteUrl: process.env.SITE_URL!,\n * secret: process.env.BETTER_AUTH_SECRET!,\n * });\n *\n * export const createAuth = (ctx: GenericCtx<DataModel>) =>\n * createBanataAuth(ctx, { authComponent, authConfig, config: { ... } });\n * ```\n */\n\nimport { RATE_LIMITS } from \"@banata-auth/shared\";\nimport { passkey } from \"@better-auth/passkey\";\n// SCIM runs in Convex's standard runtime. SSO protocol endpoints are mounted\n// through a Node action proxy in ./node.ts so samlify can run inside Convex.\nimport { scim } from \"@better-auth/scim\";\nimport { createClient } from \"@convex-dev/better-auth\";\nimport { convex } from \"@convex-dev/better-auth/plugins\";\nimport type { GenericCtx } from \"@convex-dev/better-auth/utils\";\nimport type { BetterAuthOptions, BetterAuthPlugin } from \"better-auth\";\nimport { betterAuth } from \"better-auth\";\nimport { apiKey } from \"better-auth/plugins\";\nimport { anonymous } from \"better-auth/plugins/anonymous\";\nimport { bearer } from \"better-auth/plugins/bearer\";\nimport { emailOTP } from \"better-auth/plugins/email-otp\";\n// jwt is handled internally by the convex() plugin — do not import separately\nimport { magicLink } from \"better-auth/plugins/magic-link\";\nimport { multiSession } from \"better-auth/plugins/multi-session\";\nimport { twoFactor } from \"better-auth/plugins/two-factor\";\nimport { username } from \"better-auth/plugins/username\";\nimport type {\n\tAuthConfig,\n\tFunctionReference,\n\tGenericDataModel,\n\tGenericSchema,\n\tSchemaDefinition,\n} from \"convex/server\";\nimport { createDatabaseHooks } from \"./hooks\";\nimport { auditLog } from \"./plugins/audit\";\nimport { configPlugin } from \"./plugins/config\";\nimport { domainsPlugin } from \"./plugins/domains\";\nimport { type BanataEmailOptions, banataEmail, createAutoEmailCallbacks } from \"./plugins/email\";\nimport { enterpriseProvisioningPlugin } from \"./plugins/enterprise\";\nimport { eventsPlugin } from \"./plugins/events\";\nimport { organizationRbacPlugin } from \"./plugins/organization-rbac\";\nimport { portalPlugin } from \"./plugins/portal\";\nimport { projectsPlugin } from \"./plugins/projects\";\nimport { type BanataProtectionOptions, banataProtection } from \"./plugins/protection\";\nimport { userManagementPlugin } from \"./plugins/user-management\";\nimport { vaultPlugin } from \"./plugins/vault\";\nimport { webhookSystem } from \"./plugins/webhook\";\n\n// ─── Slim Component API ─────────────────────────────────────────────\n// Structural supertype matching @convex-dev/better-auth's internal SlimComponentApi.\n// We define it here to avoid `any` on the component reference parameter.\n\ninterface BanataAuthComponentApi {\n\tadapter: {\n\t\tcreate: FunctionReference<\"mutation\", \"internal\">;\n\t\tfindOne: FunctionReference<\"query\", \"internal\">;\n\t\tfindMany: FunctionReference<\"query\", \"internal\">;\n\t\tupdateOne: FunctionReference<\"mutation\", \"internal\">;\n\t\tupdateMany: FunctionReference<\"mutation\", \"internal\">;\n\t\tdeleteOne: FunctionReference<\"mutation\", \"internal\">;\n\t\tdeleteMany: FunctionReference<\"mutation\", \"internal\">;\n\t};\n}\n\n// ─── Types ──────────────────────────────────────────────────────────\n\n/**\n * Configuration for email callbacks used by various auth methods.\n */\nexport interface BanataAuthEmailConfig {\n\t/** Send email verification link to new users. */\n\tsendVerificationEmail?: (params: {\n\t\tuser: { email: string; name: string };\n\t\turl: string;\n\t\ttoken: string;\n\t}) => Promise<void>;\n\n\t/** Send password reset link. */\n\tsendResetPassword?: (params: {\n\t\tuser: { email: string; name: string };\n\t\turl: string;\n\t\ttoken: string;\n\t}) => Promise<void>;\n\n\t/** Send magic link for passwordless sign-in. */\n\tsendMagicLink?: (params: {\n\t\temail: string;\n\t\turl: string;\n\t\ttoken: string;\n\t}) => Promise<void>;\n\n\t/** Send one-time password for email OTP auth. */\n\tsendOtp?: (params: {\n\t\temail: string;\n\t\totp: string;\n\t}) => Promise<void>;\n\n\t/**\n\t * Send organization invitation email.\n\t * Note: The invitation ID is provided instead of a URL.\n\t * The consumer constructs the accept URL from the ID.\n\t */\n\tsendInvitationEmail?: (params: {\n\t\temail: string;\n\t\tinvitationId: string;\n\t\torganizationName: string;\n\t\tinviterName: string;\n\t}) => Promise<void>;\n\n\t/** Send domain verification email. */\n\tsendDomainVerification?: (params: {\n\t\temail: string;\n\t\tdomain: string;\n\t\tverificationToken: string;\n\t}) => Promise<void>;\n}\n\n/**\n * Social provider credentials.\n */\nexport interface SocialProviderConfig {\n\tclientId: string;\n\tclientSecret: string;\n\tenabled?: boolean;\n}\n\n/**\n * Supported social providers and their config shapes.\n * Matches a subset of BetterAuthOptions[\"socialProviders\"] keys.\n */\nexport interface BanataAuthSocialProviders {\n\tgoogle?: SocialProviderConfig;\n\tgithub?: SocialProviderConfig;\n\tmicrosoft?: SocialProviderConfig & { tenantId?: string };\n\tapple?: SocialProviderConfig;\n\tdiscord?: SocialProviderConfig;\n\tfacebook?: SocialProviderConfig;\n\ttwitter?: SocialProviderConfig;\n\tlinkedin?: SocialProviderConfig;\n\tgitlab?: SocialProviderConfig;\n\tslack?: SocialProviderConfig;\n}\n\n/**\n * Configuration for the Banata Auth instance.\n */\nexport interface BanataAuthConfig {\n\t/** App name displayed in emails and OAuth consent screens. */\n\tappName?: string;\n\n\t/**\n\t * Site URL — your application's public URL.\n\t * Used as Better Auth's `baseURL` for OAuth callbacks and email links.\n\t * Typically `process.env.SITE_URL` (e.g., \"http://localhost:3000\").\n\t *\n\t * The Next.js route handler at `/api/auth/[...all]` proxies auth\n\t * requests to Convex, so OAuth providers redirect to this URL and\n\t * the proxy forwards the callback to Convex for processing.\n\t */\n\tsiteUrl: string;\n\n\t/**\n\t * Better Auth secret for signing/encryption.\n\t * Typically process.env.BETTER_AUTH_SECRET.\n\t */\n\tsecret: string;\n\n\t/** Social providers configuration (object, not array). */\n\tsocialProviders?: BanataAuthSocialProviders;\n\n\t/** Email callback configuration (optional overrides). */\n\temail?: BanataAuthEmailConfig;\n\n\t/**\n\t * Built-in email sending options.\n\t *\n\t * When an email provider is configured through the dashboard, emails\n\t * are sent automatically on auth events (verification, password reset,\n\t * magic link, OTP, invitation). No consumer callbacks needed.\n\t *\n\t * Consumer-provided callbacks in `email` still take priority.\n\t */\n\temailOptions?: BanataEmailOptions;\n\n\t/**\n\t * Enable/disable specific auth methods.\n\t * All default to true unless explicitly set to false.\n\t */\n\tauthMethods?: {\n\t\temailPassword?: boolean;\n\t\tmagicLink?: boolean;\n\t\temailOtp?: boolean;\n\t\tpasskey?: boolean;\n\t\ttwoFactor?: boolean;\n\t\tanonymous?: boolean;\n\t\tusername?: boolean;\n\t\tmultiSession?: boolean;\n\t\torganization?: boolean;\n\t\tsso?: boolean;\n\t\tscim?: boolean;\n\t\tapiKey?: boolean;\n\t};\n\n\t/**\n\t * Passkey (WebAuthn) configuration.\n\t * Required if authMethods.passkey is enabled.\n\t */\n\tpasskey?: {\n\t\trpId: string;\n\t\trpName: string;\n\t\torigin: string;\n\t};\n\n\t/**\n\t * Organization plugin configuration.\n\t */\n\torganizationConfig?: {\n\t\t/** Allow users to create organizations (default: true). */\n\t\tallowUserToCreateOrg?: boolean;\n\t\t/** Creator role when a user creates an org (default: \"owner\"). */\n\t\tcreatorRole?: string;\n\t\t/** Maximum organizations a user can create. */\n\t\tmaxOrganizations?: number;\n\t};\n\n\t/** SSO plugin configuration. */\n\tssoConfig?: {\n\t\t/** Issuer URL for SAML SP entity ID construction. */\n\t\tissuer?: string;\n\t\t/** Enable domain verification for SSO connections. */\n\t\tdomainVerification?: boolean;\n\t\t/** Default organization provisioning behavior. */\n\t\tprovisionOrganization?: boolean;\n\t};\n\n\t/** SCIM plugin configuration. */\n\tscimConfig?: {\n\t\t/** Default role for SCIM-provisioned users. */\n\t\tdefaultRole?: string;\n\t\t/** Whether to auto-create organizations from SCIM groups. */\n\t\tautoCreateOrganizations?: boolean;\n\t};\n\n\t/** API Key plugin configuration. */\n\tapiKeyConfig?: {\n\t\t/** API key prefix (e.g., \"sk_live\"). */\n\t\tprefix?: string;\n\t\t/** Default API key expiration in seconds. */\n\t\tdefaultExpiresIn?: number;\n\t};\n\n\t/**\n\t * Bot protection configuration.\n\t *\n\t * When configured, Banata Auth intercepts requests to sensitive auth\n\t * endpoints (sign-in, sign-up, password reset) and verifies them using\n\t * the provided `verifyRequest` function before any auth processing occurs.\n\t *\n\t * This is provider-agnostic — implement `verifyRequest` with Vercel BotID,\n\t * Cloudflare Turnstile, hCaptcha, reCAPTCHA, or any other service.\n\t *\n\t * @example\n\t * ```ts\n\t * protection: {\n\t * enabled: true,\n\t * verifyRequest: async (request) => {\n\t * const result = await checkBotId();\n\t * return { isBot: result.isBot };\n\t * },\n\t * },\n\t * ```\n\t */\n\tprotection?: BanataProtectionOptions;\n\n\t/** Lifecycle trigger handlers. */\n\ttriggers?: import(\"./triggers\").BanataAuthTriggers;\n\n\t/**\n\t * Trusted origins for CSRF/origin validation.\n\t *\n\t * Better Auth validates the `Origin` header on cookie-bearing requests.\n\t * By default, only `siteUrl` is trusted. In development, the Next.js\n\t * proxy may run on a different port (e.g. `http://localhost:3002`)\n\t * and forward the browser's `Origin` header, causing a 403.\n\t *\n\t * Add all origins your dashboard/app may run on:\n\t * ```ts\n\t * trustedOrigins: [\"http://localhost:3000\", \"http://localhost:3002\"]\n\t * ```\n\t */\n\ttrustedOrigins?: string[];\n\n\t/**\n\t * Additional Better Auth options to merge.\n\t * Use this for advanced configuration not covered by the typed config.\n\t */\n\tadvanced?: Partial<BetterAuthOptions>;\n}\n\n/**\n * Re-export Convex's AuthConfig for convenience.\n * This is the type consumers use in `convex/auth.config.ts`.\n */\nexport type { AuthConfig as BanataAuthConvexAuthConfig } from \"convex/server\";\n\n// ─── Component Client Type ──────────────────────────────────────────\n\n/** The return type of `createClient` with GenericDataModel defaults. */\ntype ComponentClient = ReturnType<typeof createClient>;\n\n// ─── Factory Functions ──────────────────────────────────────────────\n\n/**\n * Create the Better Auth Convex component client.\n *\n * This bridges `@convex-dev/better-auth` to your Convex component,\n * providing the database adapter and HTTP route registration.\n *\n * @param componentRef - The component reference from `components.banataAuth`\n * @param schema - The component schema definition\n * @param options - Optional client options\n * @returns The component client with adapter and registerRoutes\n *\n * @example\n * ```ts\n * import { createBanataAuthComponent } from \"@banata-auth/convex\";\n * import { components } from \"../_generated/api\";\n * import schema from \"./schema\";\n *\n * export const authComponent = createBanataAuthComponent(\n * components.banataAuth,\n * schema,\n * );\n * ```\n */\nexport function createBanataAuthComponent<\n\tTDataModel extends GenericDataModel,\n\tTSchema extends SchemaDefinition<GenericSchema, true>,\n>(componentRef: BanataAuthComponentApi, schema: TSchema, options?: { verbose?: boolean }) {\n\treturn createClient<TDataModel, TSchema, BanataAuthComponentApi>(componentRef, {\n\t\tlocal: { schema },\n\t\tverbose: options?.verbose ?? false,\n\t});\n}\n\n/**\n * Build the Better Auth options object from Banata Auth config.\n *\n * This configures all Phase 1 plugins and returns a BetterAuthOptions\n * that can be passed to `betterAuth()`. The Convex database adapter\n * is injected from the component client.\n *\n * @param ctx - Convex function context\n * @param params - Configuration parameters\n * @returns BetterAuthOptions ready for `betterAuth()`\n *\n * @example\n * ```ts\n * export const createAuthOptions = (ctx: GenericCtx<DataModel>) =>\n * createBanataAuthOptions(ctx, {\n * authComponent,\n * authConfig,\n * config: {\n * siteUrl: process.env.SITE_URL!,\n * secret: process.env.BETTER_AUTH_SECRET!,\n * socialProviders: { github: { clientId: \"...\", clientSecret: \"...\" } },\n * },\n * });\n * ```\n */\nexport function createBanataAuthOptions(\n\tctx: GenericCtx<GenericDataModel>,\n\tparams: {\n\t\tauthComponent: ComponentClient;\n\t\tauthConfig: AuthConfig;\n\t\tconfig: BanataAuthConfig;\n\t},\n): BetterAuthOptions {\n\tconst { authComponent, authConfig, config } = params;\n\tconst methods = config.authMethods ?? {};\n\n\t// Build social providers object — Better Auth expects { github?: {...}, google?: {...} }\n\tconst socialProviders = buildSocialProviders(config.socialProviders);\n\n\t// ── Built-in email system ──\n\t// Create auto-email callbacks that read provider config from the DB.\n\t// These serve as fallbacks when the consumer doesn't provide their own.\n\tconst dbAdapter = authComponent.adapter(ctx);\n\tconst emailOpts: BanataEmailOptions = {\n\t\tappName: config.appName,\n\t\t...config.emailOptions,\n\t};\n\tconst autoCallbacks = createAutoEmailCallbacks(\n\t\t() => dbAdapter as unknown as import(\"./plugins/types\").PluginDBAdapter,\n\t\temailOpts,\n\t);\n\n\t// Build plugins array (pass auto-email callbacks for magic link, OTP, etc.)\n\tconst plugins = buildPlugins(config, methods, autoCallbacks, emailOpts);\n\n\t// Build trustedOrigins — always include siteUrl, plus any extras\n\tconst trustedOrigins: string[] = [config.siteUrl];\n\tif (config.trustedOrigins) {\n\t\tfor (const origin of config.trustedOrigins) {\n\t\t\tif (!trustedOrigins.includes(origin)) {\n\t\t\t\ttrustedOrigins.push(origin);\n\t\t\t}\n\t\t}\n\t}\n\n\t// Merge: consumer callback > auto callback\n\tconst resolvedSendReset = config.email?.sendResetPassword ?? autoCallbacks.sendResetPassword;\n\n\t// Build the options\n\tconst options: BetterAuthOptions = {\n\t\tappName: config.appName ?? \"Banata Auth\",\n\t\tbaseURL: config.siteUrl,\n\t\tsecret: config.secret,\n\t\ttrustedOrigins,\n\t\tdatabase: dbAdapter,\n\t\temailAndPassword: {\n\t\t\tenabled: methods.emailPassword !== false,\n\t\t\trequireEmailVerification: true,\n\t\t\tminPasswordLength: 8,\n\t\t\tmaxPasswordLength: 128,\n\t\t\tsendResetPassword: async ({\n\t\t\t\tuser,\n\t\t\t\turl,\n\t\t\t\ttoken,\n\t\t\t}: { user: { email: string; name: string }; url: string; token: string }) => {\n\t\t\t\tawait resolvedSendReset({ user, url, token });\n\t\t\t},\n\t\t\tautoSignIn: true,\n\t\t},\n\t\t// Rate limiting — protects sign-in, sign-up, password reset, and OTP endpoints\n\t\t// from brute-force and credential-stuffing attacks.\n\t\trateLimit: {\n\t\t\tenabled: true,\n\t\t\twindow: 60, // 1-minute window\n\t\t\tmax: RATE_LIMITS.general, // default max per window\n\t\t\tcustomRules: {\n\t\t\t\t\"/sign-in/*\": {\n\t\t\t\t\twindow: 60,\n\t\t\t\t\tmax: RATE_LIMITS.signIn,\n\t\t\t\t},\n\t\t\t\t\"/sign-up/*\": {\n\t\t\t\t\twindow: 60,\n\t\t\t\t\tmax: RATE_LIMITS.signUp,\n\t\t\t\t},\n\t\t\t\t\"/forget-password\": {\n\t\t\t\t\twindow: 60,\n\t\t\t\t\tmax: RATE_LIMITS.passwordReset,\n\t\t\t\t},\n\t\t\t\t\"/reset-password\": {\n\t\t\t\t\twindow: 60,\n\t\t\t\t\tmax: RATE_LIMITS.passwordReset,\n\t\t\t\t},\n\t\t\t\t\"/email-otp/*\": {\n\t\t\t\t\twindow: 60,\n\t\t\t\t\tmax: RATE_LIMITS.emailOperations,\n\t\t\t\t},\n\t\t\t\t\"/magic-link/*\": {\n\t\t\t\t\twindow: 60,\n\t\t\t\t\tmax: RATE_LIMITS.emailOperations,\n\t\t\t\t},\n\t\t\t\t\"/admin/*\": {\n\t\t\t\t\twindow: 60,\n\t\t\t\t\tmax: RATE_LIMITS.admin,\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\t\t...(socialProviders != null && { socialProviders }),\n\t\tplugins: [\n\t\t\t// Core Convex plugin — handles JWT/JWKS for Convex auth\n\t\t\tconvex({\n\t\t\t\tauthConfig,\n\t\t\t\t// Auto-rotate JWKS keys if the algorithm changed (e.g. EdDSA → RS256)\n\t\t\t\tjwksRotateOnTokenGenerationError: true,\n\t\t\t}),\n\t\t\t...plugins,\n\t\t],\n\t\t// Wire lifecycle triggers into Better Auth's database hooks\n\t\tdatabaseHooks: createDatabaseHooks(ctx, config.triggers),\n\t\t// Merge any advanced config\n\t\t...config.advanced,\n\t};\n\n\treturn options;\n}\n\n/**\n * Create the Better Auth instance for a given Convex context.\n *\n * This is the main factory function that creates a fully configured\n * Better Auth instance ready to handle auth requests.\n *\n * @param ctx - Convex function context\n * @param params - Same params as createBanataAuthOptions\n * @returns A Better Auth instance\n *\n * @example\n * ```ts\n * export const createAuth = (ctx: GenericCtx<DataModel>) =>\n * createBanataAuth(ctx, {\n * authComponent,\n * authConfig,\n * config: { siteUrl: \"...\", secret: \"...\" },\n * });\n * ```\n */\nexport function createBanataAuth(\n\tctx: GenericCtx<GenericDataModel>,\n\tparams: {\n\t\tauthComponent: ComponentClient;\n\t\tauthConfig: AuthConfig;\n\t\tconfig: BanataAuthConfig;\n\t},\n) {\n\treturn betterAuth(createBanataAuthOptions(ctx, params));\n}\n\n/**\n * Helper to create the static auth options for schema generation.\n *\n * The `npx auth generate` CLI needs a static options object (not bound to\n * a Convex context). This creates one with a dummy adapter.\n *\n * @example\n * ```ts\n * // For CLI: npx auth generate --config ./convex/banataAuth/auth.ts\n * export const options = createBanataAuthStaticOptions({ ... });\n * ```\n */\nexport function createBanataAuthStaticOptions(params: {\n\tauthComponent: ComponentClient;\n\tauthConfig: AuthConfig;\n\tconfig: BanataAuthConfig;\n}) {\n\t// Pass an empty object as ctx — the adapter won't be used during schema generation\n\treturn createBanataAuthOptions({} as GenericCtx<GenericDataModel>, params);\n}\n\n// ─── Internal Helpers ───────────────────────────────────────────────\n\n/**\n * Build the BetterAuth social providers object from our typed config.\n *\n * Better Auth expects `{ github?: { clientId, clientSecret, enabled? }, ... }`,\n * NOT an array.\n */\nfunction buildSocialProviders(\n\tproviders: BanataAuthSocialProviders | undefined,\n): BetterAuthOptions[\"socialProviders\"] | undefined {\n\tif (providers == null) return undefined;\n\n\tconst entries = Object.entries(providers);\n\tif (entries.length === 0) return undefined;\n\n\t// Build the social providers object matching BetterAuth's SocialProviders mapped type.\n\t// Each key is a provider name, value is { clientId, clientSecret, enabled? }.\n\tconst result: Record<string, SocialProviderConfig> = {};\n\tfor (const [key, value] of entries) {\n\t\tif (value != null) {\n\t\t\tresult[key] = value;\n\t\t}\n\t}\n\n\t// Cast to the expected type — we're building the correct shape\n\t// but TypeScript can't verify the keys match the mapped type exactly.\n\treturn result as BetterAuthOptions[\"socialProviders\"];\n}\n\n/**\n * Build the config plugin's social providers map from our typed config.\n *\n * Converts BanataAuthSocialProviders (which has clientId/clientSecret)\n * into the simpler { enabled: boolean, demo: boolean } shape that the\n * config plugin exposes to the dashboard.\n */\nfunction buildConfigSocialProviders(\n\tproviders: BanataAuthSocialProviders | undefined,\n): Record<string, { enabled: boolean; demo: boolean }> | undefined {\n\tif (providers == null) return undefined;\n\n\tconst result: Record<string, { enabled: boolean; demo: boolean }> = {};\n\tfor (const [key, value] of Object.entries(providers)) {\n\t\tif (value != null) {\n\t\t\tresult[key] = {\n\t\t\t\tenabled: value.enabled !== false,\n\t\t\t\tdemo: false,\n\t\t\t};\n\t\t}\n\t}\n\treturn Object.keys(result).length > 0 ? result : undefined;\n}\n\n/**\n * Build the plugins array based on enabled auth methods.\n */\nfunction buildPlugins(\n\tconfig: BanataAuthConfig,\n\tmethods: NonNullable<BanataAuthConfig[\"authMethods\"]>,\n\tautoCallbacks: ReturnType<typeof createAutoEmailCallbacks>,\n\temailOpts: BanataEmailOptions,\n): BetterAuthPlugin[] {\n\tconst plugins: BetterAuthPlugin[] = [\n\t\t// NOTE: Do NOT add jwt() here — the convex() plugin already includes\n\t\t// JWT functionality with the correct RS256 algorithm configuration.\n\t\t// Adding a standalone jwt() would create a duplicate with EdDSA defaults,\n\t\t// causing JOSENotSupported errors.\n\n\t\t// Audit log plugin — always enabled, logs all auth events\n\t\tauditLog(),\n\n\t\t// Webhook system plugin — manages outbound webhook endpoints and delivery\n\t\twebhookSystem(),\n\n\t\t// Config plugin — dashboard config, roles, permissions, branding, emails\n\t\tconfigPlugin({\n\t\t\tauthMethods: methods,\n\t\t\tsocialProviders: buildConfigSocialProviders(config.socialProviders),\n\t\t\tfeatures: {\n\t\t\t\thostedUi: false, // Will be enabled when auth-ui app is deployed\n\t\t\t\tsignUp: methods.emailPassword !== false,\n\t\t\t\tmfa: methods.twoFactor !== false,\n\t\t\t\tlocalization: false,\n\t\t\t},\n\t\t\tsessions: {\n\t\t\t\tmaxSessionLength: \"7 days\",\n\t\t\t\taccessTokenDuration: \"15 minutes\",\n\t\t\t\tinactivityTimeout: \"2 days\",\n\t\t\t},\n\t\t}),\n\n\t\t// Email plugin — auto-sends emails using dashboard-configured provider\n\t\tbanataEmail(emailOpts),\n\n\t\t// Projects plugin — multi-project and multi-environment support\n\t\tprojectsPlugin(),\n\n\t\t// Enterprise provisioning plugin — project-scoped SSO and SCIM management endpoints\n\t\tenterpriseProvisioningPlugin(),\n\n\t\t// Domain verification plugin — DNS-based enterprise domain ownership checks\n\t\tdomainsPlugin(),\n\n\t\t// Events plugin — unified event stream (query layer over audit events)\n\t\teventsPlugin(),\n\n\t\t// Vault plugin — envelope encryption for secrets via AES-256-GCM\n\t\tvaultPlugin(),\n\n\t\t// Portal plugin — short-lived admin portal link generation\n\t\tportalPlugin(),\n\n\t\t// User management plugin — project-scoped /admin/* compatibility without Better Auth admin\n\t\tuserManagementPlugin(),\n\n\t\t// Bearer token plugin — API key-style auth\n\t\tbearer(),\n\n\t\t// Username plugin — sign-in with username\n\t\tusername(),\n\t];\n\n\t// ── Magic Link ──\n\t// Enabled if the method is on AND either consumer provided a callback\n\t// OR an email provider is configured (auto callbacks always available)\n\tif (methods.magicLink !== false) {\n\t\tconst resolvedSendMagicLink = config.email?.sendMagicLink ?? autoCallbacks.sendMagicLink;\n\t\tplugins.push(\n\t\t\tmagicLink({\n\t\t\t\texpiresIn: 600,\n\t\t\t\tsendMagicLink: async ({\n\t\t\t\t\temail,\n\t\t\t\t\turl,\n\t\t\t\t\ttoken,\n\t\t\t\t}: { email: string; url: string; token: string }) => {\n\t\t\t\t\tawait resolvedSendMagicLink({ email, url, token });\n\t\t\t\t},\n\t\t\t}),\n\t\t);\n\t}\n\n\t// ── Email OTP ──\n\tif (methods.emailOtp !== false) {\n\t\tconst resolvedSendOtp = config.email?.sendOtp ?? autoCallbacks.sendOtp;\n\t\tplugins.push(\n\t\t\temailOTP({\n\t\t\t\texpiresIn: 600,\n\t\t\t\totpLength: 6,\n\t\t\t\tsendVerificationOTP: async ({ email, otp }: { email: string; otp: string }) => {\n\t\t\t\t\tawait resolvedSendOtp({ email, otp });\n\t\t\t\t},\n\t\t\t}),\n\t\t);\n\t}\n\n\tif (methods.twoFactor !== false) {\n\t\tplugins.push(\n\t\t\ttwoFactor({\n\t\t\t\tissuer: config.appName ?? \"Banata Auth\",\n\t\t\t\tbackupCodes: {\n\t\t\t\t\tlength: 8,\n\t\t\t\t\tcharacters: \"ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789\",\n\t\t\t\t},\n\t\t\t}),\n\t\t);\n\t}\n\n\tif (methods.passkey !== false && config.passkey) {\n\t\tplugins.push(\n\t\t\tpasskey({\n\t\t\t\trpID: config.passkey.rpId,\n\t\t\t\trpName: config.passkey.rpName,\n\t\t\t\torigin: config.passkey.origin,\n\t\t\t}),\n\t\t);\n\t}\n\n\tif (methods.anonymous !== false) {\n\t\tplugins.push(anonymous());\n\t}\n\n\tif (methods.multiSession !== false) {\n\t\tplugins.push(multiSession());\n\t}\n\n\tif (methods.organization !== false) {\n\t\tplugins.push(organizationRbacPlugin());\n\t}\n\n\t// SCIM — Better Auth stores `scimProvider.scimToken`; keep it hashed at rest.\n\tif (methods.scim !== false) {\n\t\tplugins.push(\n\t\t\tscim({\n\t\t\t\tstoreSCIMToken: \"hashed\",\n\t\t\t}),\n\t\t);\n\t}\n\n\t// SSO protocol endpoints are mounted by the Node auth factory in ./node.ts.\n\t// Management endpoints stay on the RBAC-backed enterprise provisioning plugin above.\n\n\tif (methods.apiKey !== false) {\n\t\tplugins.push(apiKey());\n\t}\n\n\t// Bot protection plugin — intercepts requests before auth processing\n\tif (config.protection) {\n\t\tplugins.push(banataProtection(config.protection));\n\t}\n\n\treturn plugins;\n}\n","import { sso, type SSOOptions } from \"@better-auth/sso\";\nimport type { createClient } from \"@convex-dev/better-auth\";\nimport type { GenericCtx } from \"@convex-dev/better-auth/utils\";\nimport type { BetterAuthPlugin } from \"better-auth\";\nimport { betterAuth } from \"better-auth\";\nimport type { AuthConfig, GenericDataModel } from \"convex/server\";\nimport { createBanataAuthOptions, type BanataAuthConfig } from \"./auth\";\n\ntype ComponentClient = ReturnType<typeof createClient>;\n\ntype CreateNodeAuth = ReturnType<typeof betterAuth>;\n\nconst DISABLED_ENTERPRISE_PATHS = [\n\t\"/sso/register\",\n\t\"/sso/request-domain-verification\",\n\t\"/sso/verify-domain\",\n\t\"/scim/generate-token\",\n] as const;\n\nconst DISABLED_ENTERPRISE_PREFIXES = [\"/sso/providers\"] as const;\n\nexport interface SerializedAuthHeader {\n\tkey: string;\n\tvalue: string;\n}\n\nexport interface SerializedAuthRequest {\n\tmethod: string;\n\turl: string;\n\theaders: SerializedAuthHeader[];\n\tbody: string | null;\n}\n\nexport interface SerializedAuthResponse {\n\tstatus: number;\n\theaders: SerializedAuthHeader[];\n\tbody: string | null;\n}\n\nfunction getRelativeAuthPath(request: Request, baseURL: string) {\n\tconst pathname = new URL(request.url).pathname;\n\tconst basePath = new URL(baseURL).pathname.replace(/\\/$/, \"\");\n\tif (pathname === basePath) {\n\t\treturn \"/\";\n\t}\n\tif (pathname.startsWith(`${basePath}/`)) {\n\t\treturn pathname.slice(basePath.length);\n\t}\n\treturn pathname;\n}\n\nfunction appendHeaders(target: Headers, headers: SerializedAuthHeader[]) {\n\tfor (const header of headers) {\n\t\ttarget.append(header.key, header.value);\n\t}\n}\n\nfunction serializeHeaders(headers: Headers): SerializedAuthHeader[] {\n\tconst serialized = Array.from(headers.entries()).map(([key, value]) => ({ key, value }));\n\tconst getSetCookie = (headers as Headers & { getSetCookie?: () => string[] }).getSetCookie;\n\tif (!getSetCookie) {\n\t\treturn serialized;\n\t}\n\tconst setCookies = getSetCookie.call(headers);\n\tif (setCookies.length === 0) {\n\t\treturn serialized;\n\t}\n\treturn [\n\t\t...serialized.filter((header) => header.key.toLowerCase() !== \"set-cookie\"),\n\t\t...setCookies.map((value) => ({ key: \"set-cookie\", value })),\n\t];\n}\n\nfunction buildSsoOptions(config: BanataAuthConfig): SSOOptions {\n\tconst domainVerification = config.ssoConfig?.domainVerification\n\t\t? { enabled: true }\n\t\t: undefined;\n\tconst organizationProvisioning =\n\t\tconfig.ssoConfig?.provisionOrganization === false\n\t\t\t? { disabled: true }\n\t\t\t: undefined;\n\n\treturn {\n\t\tprovidersLimit: 0,\n\t\t...(domainVerification ? { domainVerification } : {}),\n\t\t...(organizationProvisioning ? { organizationProvisioning } : {}),\n\t};\n}\n\nexport function blockUnsafeEnterprisePaths(): BetterAuthPlugin {\n\treturn {\n\t\tid: \"banata-enterprise-path-guard\",\n\t\tonRequest: async (request, ctx) => {\n\t\t\tconst relativePath = getRelativeAuthPath(request, ctx.baseURL);\n\t\t\tif (DISABLED_ENTERPRISE_PATHS.includes(relativePath as (typeof DISABLED_ENTERPRISE_PATHS)[number])) {\n\t\t\t\treturn { response: new Response(\"Not Found\", { status: 404 }) };\n\t\t\t}\n\t\t\tif (\n\t\t\t\tDISABLED_ENTERPRISE_PREFIXES.some(\n\t\t\t\t\t(prefix) => relativePath === prefix || relativePath.startsWith(`${prefix}/`),\n\t\t\t\t)\n\t\t\t) {\n\t\t\t\treturn { response: new Response(\"Not Found\", { status: 404 }) };\n\t\t\t}\n\t\t\treturn undefined;\n\t\t},\n\t};\n}\n\nexport function createBanataNodeAuthOptions(\n\tctx: GenericCtx<GenericDataModel>,\n\tparams: {\n\t\tauthComponent: ComponentClient;\n\t\tauthConfig: AuthConfig;\n\t\tconfig: BanataAuthConfig;\n\t},\n) {\n\tconst baseOptions = createBanataAuthOptions(ctx, params);\n\tconst plugins = [...(baseOptions.plugins ?? []), blockUnsafeEnterprisePaths()];\n\n\tif (params.config.authMethods?.sso !== false) {\n\t\tplugins.push(sso(buildSsoOptions(params.config)));\n\t}\n\n\treturn {\n\t\t...baseOptions,\n\t\tdisabledPaths: Array.from(\n\t\t\tnew Set([...(baseOptions.disabledPaths ?? []), ...DISABLED_ENTERPRISE_PATHS]),\n\t\t),\n\t\tplugins,\n\t};\n}\n\nexport function createBanataNodeAuth(\n\tctx: GenericCtx<GenericDataModel>,\n\tparams: {\n\t\tauthComponent: ComponentClient;\n\t\tauthConfig: AuthConfig;\n\t\tconfig: BanataAuthConfig;\n\t},\n): CreateNodeAuth {\n\treturn betterAuth(createBanataNodeAuthOptions(ctx, params));\n}\n\nfunction createRequest(serialized: SerializedAuthRequest) {\n\tconst headers = new Headers();\n\tappendHeaders(headers, serialized.headers);\n\tconst hasBody = serialized.body !== null && serialized.method !== \"GET\" && serialized.method !== \"HEAD\";\n\treturn new Request(serialized.url, {\n\t\tmethod: serialized.method,\n\t\theaders,\n\t\tbody: hasBody ? serialized.body : undefined,\n\t});\n}\n\nasync function serializeResponse(response: Response): Promise<SerializedAuthResponse> {\n\treturn {\n\t\tstatus: response.status,\n\t\theaders: serializeHeaders(response.headers),\n\t\tbody: response.body === null ? null : await response.text(),\n\t};\n}\n\nexport function deserializeAuthResponse(serialized: SerializedAuthResponse) {\n\tconst headers = new Headers();\n\tappendHeaders(headers, serialized.headers);\n\treturn new Response(serialized.body, {\n\t\tstatus: serialized.status,\n\t\theaders,\n\t});\n}\n\nexport async function handleBanataNodeAuthRequest(\n\tctx: GenericCtx<GenericDataModel>,\n\tcreateAuth: (ctx: GenericCtx<GenericDataModel>) => CreateNodeAuth,\n\tserialized: SerializedAuthRequest,\n) {\n\tconst auth = createAuth(ctx);\n\tconst response = await auth.handler(createRequest(serialized));\n\treturn await serializeResponse(response);\n}\r\n"]}