npm - @bsb/registry - Versions diffs - 1.0.1 - Mend

@bsb/registry 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (54) hide show

package/lib/plugins/service-bsb-registry/auth.js ADDED Viewed

@@ -0,0 +1,197 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuthManager = void 0;
+const crypto_1 = require("crypto");
+/**
+ * Authentication and user management for the registry.
+ *
+ * All persistence is delegated to the RegistryDB instance.
+ * AuthManager owns the business logic (permission checks, token
+ * construction, permission clamping) but never touches the filesystem.
+ */
+class AuthManager {
+    db;
+    requireAuth;
+    constructor(config, db) {
+        this.requireAuth = config.requireAuth;
+        this.db = db;
+    }
+    // ============================================================================
+    // Lifecycle
+    // ============================================================================
+    async init(obs) {
+        const span = obs.startSpan('AuthManager.init');
+        try {
+            if (!this.requireAuth) {
+                obs.log.info('Authentication disabled');
+                return;
+            }
+            obs.log.info('AuthManager initialized (storage delegated to RegistryDB)');
+        }
+        finally {
+            span.end();
+        }
+    }
+    // ============================================================================
+    // User CRUD
+    // ============================================================================
+    async createUser(obs, name, email, permissions) {
+        const now = new Date().toISOString();
+        const user = {
+            id: (0, crypto_1.randomUUID)(),
+            name,
+            email,
+            active: true,
+            permissions,
+            createdAt: now,
+            updatedAt: now,
+        };
+        await this.db.createUser(obs, user);
+        return user;
+    }
+    async getUser(obs, userId) {
+        return this.db.getUser(obs, userId);
+    }
+    async getUserByEmail(obs, email) {
+        return this.db.getUserByEmail(obs, email);
+    }
+    async listUsers(obs) {
+        return this.db.listUsers(obs);
+    }
+    async updateUser(obs, userId, updates) {
+        return this.db.updateUser(obs, userId, updates);
+    }
+    async deactivateUser(obs, userId) {
+        const result = await this.db.updateUser(obs, userId, { active: false });
+        return result !== null;
+    }
+    // ============================================================================
+    // Token management (tied to user)
+    // ============================================================================
+    /**
+     * Create a new API token for a user.
+     *
+     * `tokenPermissions` if provided must be a subset of the user's permissions.
+     * Any permission in `tokenPermissions` that the user does not have is silently
+     * dropped. If omitted, the token inherits all user permissions at resolve time.
+     */
+    async createToken(obs, userId, label, tokenPermissions, expiresAt) {
+        const user = await this.db.getUser(obs, userId);
+        if (!user || !user.active)
+            return null;
+        // Clamp token permissions to user permissions (token can never exceed user)
+        let perms;
+        if (tokenPermissions) {
+            perms = tokenPermissions.filter(p => user.permissions.includes(p));
+        }
+        const token = {
+            token: `bsb_${(0, crypto_1.randomBytes)(32).toString('hex')}`,
+            userId,
+            name: label,
+            permissions: perms,
+            createdAt: new Date().toISOString(),
+            expiresAt,
+        };
+        await this.db.createToken(obs, token);
+        return token;
+    }
+    /**
+     * Resolve a bearer token string to the owning user.
+     *
+     * Returns null if the token is invalid, expired, or the user is inactive.
+     * `effectivePermissions` is the intersection of user and token permissions.
+     * If the token has no explicit permissions, user permissions are inherited.
+     */
+    async resolveToken(obs, tokenString) {
+        const token = await this.db.getToken(obs, tokenString);
+        if (!token)
+            return null;
+        // Check expiration
+        if (token.expiresAt && new Date(token.expiresAt) < new Date()) {
+            return null;
+        }
+        const user = await this.db.getUser(obs, token.userId);
+        if (!user || !user.active)
+            return null;
+        // Compute effective permissions: intersection of user and token
+        let effectivePermissions;
+        if (token.permissions && token.permissions.length > 0) {
+            // Token has explicit scope -- intersect with current user permissions
+            effectivePermissions = token.permissions.filter(p => user.permissions.includes(p));
+        }
+        else {
+            // Token inherits all user permissions
+            effectivePermissions = [...user.permissions];
+        }
+        return { userId: user.id, user, token, effectivePermissions };
+    }
+    /**
+     * Get all tokens belonging to a user.
+     */
+    async getTokensForUser(obs, userId) {
+        return this.db.getTokensForUser(obs, userId);
+    }
+    /**
+     * Revoke (delete) a specific token.
+     */
+    async revokeToken(obs, tokenString) {
+        return this.db.deleteToken(obs, tokenString);
+    }
+    /**
+     * Revoke all tokens belonging to a user.
+     */
+    async revokeAllTokensForUser(obs, userId) {
+        return this.db.deleteTokensForUser(obs, userId);
+    }
+    // ============================================================================
+    // Permission checking (pure logic -- no storage access)
+    // ============================================================================
+    /**
+     * Check if the resolved auth has a specific user-level permission.
+     * Uses `effectivePermissions` (intersection of user + token perms).
+     */
+    hasUserPermission(auth, required) {
+        return auth.effectivePermissions.includes(required);
+    }
+    /**
+     * Check if a user has the required resource-level permission on a package.
+     *
+     * Resolution order:
+     *  1. Package-level permissions (if any) -- explicit grant wins
+     *  2. Org-level membership -- inherited from org members list
+     *  3. Deny
+     *
+     * The caller must also separately check that the auth token has the
+     * user-level 'write' permission for write operations.
+     */
+    hasResourcePermission(userId, requiredLevel, packagePermissions, orgMembers) {
+        // 1. Check package-level permissions first
+        if (packagePermissions && packagePermissions.length > 0) {
+            const pkgPerm = packagePermissions.find(p => p.userId === userId);
+            if (pkgPerm) {
+                return this.resourcePermSatisfies(pkgPerm.permission, requiredLevel);
+            }
+        }
+        // 2. Fall back to org membership
+        if (orgMembers && orgMembers.length > 0) {
+            const orgMember = orgMembers.find(m => m.userId === userId);
+            if (orgMember) {
+                return this.resourcePermSatisfies(orgMember.permission, requiredLevel);
+            }
+        }
+        // 3. No permission found
+        return false;
+    }
+    /**
+     * Check if the granted resource permission satisfies the required level.
+     * 'write' satisfies both 'read' and 'write'.
+     * 'read' only satisfies 'read'.
+     */
+    resourcePermSatisfies(granted, required) {
+        if (granted === 'write')
+            return true; // write implies read
+        return required === 'read';
+    }
+}
+exports.AuthManager = AuthManager;
+//# sourceMappingURL=auth.js.map

package/lib/plugins/service-bsb-registry/auth.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"auth.js","sourceRoot":"","sources":["../../../src/plugins/service-bsb-registry/auth.ts"],"names":[],"mappings":";;;AAAA,mCAAiD;AA2BjD;;;;;;GAMG;AACH,MAAa,WAAW;IACL,EAAE,CAAa;IAChB,WAAW,CAAU;IAErC,YAAY,MAAkB,EAAE,EAAc;QAC5C,IAAI,CAAC,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC;QACtC,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC;IACf,CAAC;IAED,+EAA+E;IAC/E,YAAY;IACZ,+EAA+E;IAE/E,KAAK,CAAC,IAAI,CAAC,GAAe;QACxB,MAAM,IAAI,GAAG,GAAG,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAC;QAC/C,IAAI,CAAC;YACH,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;gBACtB,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;gBACxC,OAAO;YACT,CAAC;YACD,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,2DAA2D,CAAC,CAAC;QAC5E,CAAC;gBAAS,CAAC;YACT,IAAI,CAAC,GAAG,EAAE,CAAC;QACb,CAAC;IACH,CAAC;IAED,+EAA+E;IAC/E,YAAY;IACZ,+EAA+E;IAE/E,KAAK,CAAC,UAAU,CAAC,GAAe,EAAE,IAAY,EAAE,KAAa,EAAE,WAA6B;QAC1F,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACrC,MAAM,IAAI,GAAS;YACjB,EAAE,EAAE,IAAA,mBAAU,GAAE;YAChB,IAAI;YACJ,KAAK;YACL,MAAM,EAAE,IAAI;YACZ,WAAW;YACX,SAAS,EAAE,GAAG;YACd,SAAS,EAAE,GAAG;SACf,CAAC;QACF,MAAM,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QACpC,OAAO,IAAI,CAAC;IACd,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,GAAe,EAAE,MAAc;QAC3C,OAAO,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;IACtC,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,GAAe,EAAE,KAAa;QACjD,OAAO,IAAI,CAAC,EAAE,CAAC,cAAc,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAC5C,CAAC;IAED,KAAK,CAAC,SAAS,CAAC,GAAe;QAC7B,OAAO,IAAI,CAAC,EAAE,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;IAChC,CAAC;IAED,KAAK,CAAC,UAAU,CACd,GAAe,EACf,MAAc,EACd,OAAyE;QAEzE,OAAO,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC;IAClD,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,GAAe,EAAE,MAAc;QAClD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG,EAAE,MAAM,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;QACxE,OAAO,MAAM,KAAK,IAAI,CAAC;IACzB,CAAC;IAED,+EAA+E;IAC/E,kCAAkC;IAClC,+EAA+E;IAE/E;;;;;;OAMG;IACH,KAAK,CAAC,WAAW,CACf,GAAe,EACf,MAAc,EACd,KAAa,EACb,gBAAmC,EACnC,SAAkB;QAElB,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QAChD,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM;YAAE,OAAO,IAAI,CAAC;QAEvC,4EAA4E;QAC5E,IAAI,KAAmC,CAAC;QACxC,IAAI,gBAAgB,EAAE,CAAC;YACrB,KAAK,GAAG,gBAAgB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;QACrE,CAAC;QAED,MAAM,KAAK,GAAc;YACvB,KAAK,EAAE,OAAO,IAAA,oBAAW,EAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE;YAC/C,MAAM;YACN,IAAI,EAAE,KAAK;YACX,WAAW,EAAE,KAAK;YAClB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,SAAS;SACV,CAAC;QACF,MAAM,IAAI,CAAC,EAAE,CAAC,WAAW,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QACtC,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,YAAY,CAAC,GAAe,EAAE,WAAmB;QACrD,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC;QACvD,IAAI,CAAC,KAAK;YAAE,OAAO,IAAI,CAAC;QAExB,mBAAmB;QACnB,IAAI,KAAK,CAAC,SAAS,IAAI,IAAI,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;YAC9D,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;QACtD,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM;YAAE,OAAO,IAAI,CAAC;QAEvC,gEAAgE;QAChE,IAAI,oBAAsC,CAAC;QAC3C,IAAI,KAAK,CAAC,WAAW,IAAI,KAAK,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACtD,sEAAsE;YACtE,oBAAoB,GAAG,KAAK,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;QACrF,CAAC;aAAM,CAAC;YACN,sCAAsC;YACtC,oBAAoB,GAAG,CAAC,GAAG,IAAI,CAAC,WAAW,CAAC,CAAC;QAC/C,CAAC;QAED,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,oBAAoB,EAAE,CAAC;IAChE,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,gBAAgB,CAAC,GAAe,EAAE,MAAc;QACpD,OAAO,IAAI,CAAC,EAAE,CAAC,gBAAgB,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;IAC/C,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,WAAW,CAAC,GAAe,EAAE,WAAmB;QACpD,OAAO,IAAI,CAAC,EAAE,CAAC,WAAW,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC;IAC/C,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,sBAAsB,CAAC,GAAe,EAAE,MAAc;QAC1D,OAAO,IAAI,CAAC,EAAE,CAAC,mBAAmB,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;IAClD,CAAC;IAED,+EAA+E;IAC/E,wDAAwD;IACxD,+EAA+E;IAE/E;;;OAGG;IACH,iBAAiB,CAAC,IAAkB,EAAE,QAAwB;QAC5D,OAAO,IAAI,CAAC,oBAAoB,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IACtD,CAAC;IAED;;;;;;;;;;OAUG;IACH,qBAAqB,CACnB,MAAc,EACd,aAAiC,EACjC,kBAAmD,EACnD,UAAmC;QAEnC,2CAA2C;QAC3C,IAAI,kBAAkB,IAAI,kBAAkB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACxD,MAAM,OAAO,GAAG,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC;YAClE,IAAI,OAAO,EAAE,CAAC;gBACZ,OAAO,IAAI,CAAC,qBAAqB,CAAC,OAAO,CAAC,UAAU,EAAE,aAAa,CAAC,CAAC;YACvE,CAAC;QACH,CAAC;QAED,iCAAiC;QACjC,IAAI,UAAU,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACxC,MAAM,SAAS,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC;YAC5D,IAAI,SAAS,EAAE,CAAC;gBACd,OAAO,IAAI,CAAC,qBAAqB,CAAC,SAAS,CAAC,UAAU,EAAE,aAAa,CAAC,CAAC;YACzE,CAAC;QACH,CAAC;QAED,yBAAyB;QACzB,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;;;OAIG;IACK,qBAAqB,CAAC,OAA2B,EAAE,QAA4B;QACrF,IAAI,OAAO,KAAK,OAAO;YAAE,OAAO,IAAI,CAAC,CAAC,qBAAqB;QAC3D,OAAO,QAAQ,KAAK,MAAM,CAAC;IAC7B,CAAC;CACF;AA5ND,kCA4NC"}

package/lib/plugins/service-bsb-registry/db/file.d.ts ADDED Viewed

@@ -0,0 +1,73 @@
+/**
+ * File-based database implementation for BSB Registry.
+ *
+ * Layout on disk:
+ *   <dataDir>/
+ *     orgs/
+ *       <orgId>.json                  Organization metadata (includes members)
+ *     plugins/
+ *       <org>/
+ *         <name>/
+ *           <version>.json            Full RegistryEntry for each version
+ *     users.json                      User[] - all registered users
+ *     tokens.json                     AuthToken[] - all auth tokens
+ */
+import type { Observable } from '@bsb/base';
+import type { RegistryDB } from './index';
+import type { RegistryEntry, ListQuery, SearchQuery, RegistryStats, VersionInfo, Organization, OrgMember, ResourcePermission, User, AuthToken } from '../types';
+export declare class FileDB implements RegistryDB {
+    private readonly dataDir;
+    private readonly pluginsDir;
+    private readonly orgsDir;
+    private readonly usersFile;
+    private readonly tokensFile;
+    constructor(dataDir: string);
+    init(obs: Observable): Promise<void>;
+    dispose(): Promise<void>;
+    versionExists(obs: Observable, org: string, name: string, version: string): Promise<boolean>;
+    insert(obs: Observable, entry: RegistryEntry): Promise<void>;
+    get(obs: Observable, org: string, name: string, version?: string): Promise<RegistryEntry | null>;
+    delete(obs: Observable, org: string, name: string, version?: string): Promise<void>;
+    list(obs: Observable, query: ListQuery): Promise<{
+        results: RegistryEntry[];
+        total: number;
+    }>;
+    search(obs: Observable, query: SearchQuery): Promise<{
+        results: RegistryEntry[];
+        total: number;
+    }>;
+    getVersions(obs: Observable, org: string, name: string, majorMinor?: string): Promise<VersionInfo[]>;
+    getStats(obs: Observable): Promise<RegistryStats>;
+    getOrganization(obs: Observable, orgId: string): Promise<Organization | null>;
+    createOrganization(obs: Observable, orgId: string, displayName: string, visibility: 'public' | 'private'): Promise<Organization>;
+    setOrgMember(obs: Observable, orgId: string, userId: string, permission: ResourcePermission): Promise<void>;
+    removeOrgMember(obs: Observable, orgId: string, userId: string): Promise<void>;
+    getOrgMembers(obs: Observable, orgId: string): Promise<OrgMember[]>;
+    getUser(obs: Observable, userId: string): Promise<User | null>;
+    getUserByEmail(obs: Observable, email: string): Promise<User | null>;
+    listUsers(obs: Observable): Promise<User[]>;
+    createUser(obs: Observable, user: User): Promise<void>;
+    updateUser(obs: Observable, userId: string, updates: Partial<Pick<User, 'name' | 'email' | 'active' | 'permissions'>>): Promise<User | null>;
+    getToken(obs: Observable, tokenString: string): Promise<AuthToken | null>;
+    getTokensForUser(obs: Observable, userId: string): Promise<AuthToken[]>;
+    createToken(obs: Observable, token: AuthToken): Promise<void>;
+    deleteToken(obs: Observable, tokenString: string): Promise<boolean>;
+    deleteTokensForUser(obs: Observable, userId: string): Promise<number>;
+    private pluginDir;
+    private versionPath;
+    /** List version JSON files in a plugin directory. Returns filenames (no path). */
+    private listVersionFiles;
+    /** Read a single version entry. Returns null if file does not exist. */
+    private readVersion;
+    /** Read every version entry for a plugin. */
+    private readAllVersions;
+    /** Walk every org/plugin directory and return the latest entry of each plugin. */
+    private allLatestEntries;
+    /** Pick the entry with the most recent publishedAt. */
+    private latestEntry;
+    /** Remove a directory if it exists and is empty. */
+    private rmdir;
+    private readJson;
+    private writeJson;
+}
+//# sourceMappingURL=file.d.ts.map

package/lib/plugins/service-bsb-registry/db/file.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"file.d.ts","sourceRoot":"","sources":["../../../../src/plugins/service-bsb-registry/db/file.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAIH,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;AAC5C,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AAC1C,OAAO,KAAK,EACV,aAAa,EACb,SAAS,EACT,WAAW,EACX,aAAa,EACb,WAAW,EACX,YAAY,EACZ,SAAS,EACT,kBAAkB,EAClB,IAAI,EACJ,SAAS,EACV,MAAM,UAAU,CAAC;AAElB,qBAAa,MAAO,YAAW,UAAU;IACvC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;IACjC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAS;IACpC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;IACjC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAS;IACnC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAS;gBAExB,OAAO,EAAE,MAAM;IAYrB,IAAI,CAAC,GAAG,EAAE,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC;IAoBpC,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IAQxB,aAAa,CAAC,GAAG,EAAE,UAAU,EAAE,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAI5F,MAAM,CAAC,GAAG,EAAE,UAAU,EAAE,KAAK,EAAE,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC;IA2B5D,GAAG,CAAC,GAAG,EAAE,UAAU,EAAE,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC;IAehG,MAAM,CAAC,GAAG,EAAE,UAAU,EAAE,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IA+BnF,IAAI,CAAC,GAAG,EAAE,UAAU,EAAE,KAAK,EAAE,SAAS,GAAG,OAAO,CAAC;QAAE,OAAO,EAAE,aAAa,EAAE,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC;IAuB7F,MAAM,CAAC,GAAG,EAAE,UAAU,EAAE,KAAK,EAAE,WAAW,GAAG,OAAO,CAAC;QAAE,OAAO,EAAE,aAAa,EAAE,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC;IA6BjG,WAAW,CAAC,GAAG,EAAE,UAAU,EAAE,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC;IAqBpG,QAAQ,CAAC,GAAG,EAAE,UAAU,GAAG,OAAO,CAAC,aAAa,CAAC;IA6BjD,eAAe,CAAC,GAAG,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,GAAG,IAAI,CAAC;IAuB7E,kBAAkB,CACtB,GAAG,EAAE,UAAU,EACf,KAAK,EAAE,MAAM,EACb,WAAW,EAAE,MAAM,EACnB,UAAU,EAAE,QAAQ,GAAG,SAAS,GAC/B,OAAO,CAAC,YAAY,CAAC;IA0BlB,YAAY,CAAC,GAAG,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,kBAAkB,GAAG,OAAO,CAAC,IAAI,CAAC;IA2B3G,eAAe,CAAC,GAAG,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAe9E,aAAa,CAAC,GAAG,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,EAAE,CAAC;IAiBnE,OAAO,CAAC,GAAG,EAAE,UAAU,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;IAU9D,cAAc,CAAC,GAAG,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;IAUpE,SAAS,CAAC,GAAG,EAAE,UAAU,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC;IAS3C,UAAU,CAAC,GAAG,EAAE,UAAU,EAAE,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;IAetD,UAAU,CACd,GAAG,EAAE,UAAU,EACf,MAAM,EAAE,MAAM,EACd,OAAO,EAAE,OAAO,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,GAAG,QAAQ,GAAG,aAAa,CAAC,CAAC,GACxE,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;IA6BjB,QAAQ,CAAC,GAAG,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC;IAUzE,gBAAgB,CAAC,GAAG,EAAE,UAAU,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,EAAE,CAAC;IAUvE,WAAW,CAAC,GAAG,EAAE,UAAU,EAAE,KAAK,EAAE,SAAS,GAAG,OAAO,CAAC,IAAI,CAAC;IAY7D,WAAW,CAAC,GAAG,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAcnE,mBAAmB,CAAC,GAAG,EAAE,UAAU,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAoB3E,OAAO,CAAC,SAAS;IAIjB,OAAO,CAAC,WAAW;IAInB,kFAAkF;IAClF,OAAO,CAAC,gBAAgB;IAMxB,wEAAwE;IACxE,OAAO,CAAC,WAAW;IAMnB,6CAA6C;IAC7C,OAAO,CAAC,eAAe;IAcvB,kFAAkF;IAClF,OAAO,CAAC,gBAAgB;IAwBxB,uDAAuD;IACvD,OAAO,CAAC,WAAW;IAWnB,oDAAoD;IACpD,OAAO,CAAC,KAAK;IAUb,OAAO,CAAC,QAAQ;IAIhB,OAAO,CAAC,SAAS;CAGlB"}