npm - @byline/db-postgres - Versions diffs - 0.9.3 - Mend

@byline/db-postgres 0.9.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (99) hide show

package/dist/database/schema/auth.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../../src/database/schema/auth.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAuCH,eAAO,MAAM,UAAU;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAiCtB,CAAA;AAMD,eAAO,MAAM,UAAU;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAgBtB,CAAA;AAMD,eAAO,MAAM,kBAAkB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAe9B,CAAA;AAMD,eAAO,MAAM,gBAAgB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAiB5B,CAAA;AAMD;;;;;;GAMG;AACH,eAAO,MAAM,kBAAkB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA2B9B,CAAA;AAMD,eAAO,MAAM,mBAAmB;;;EAG7B,CAAA;AAEH,eAAO,MAAM,mBAAmB;;;EAG7B,CAAA;AAEH,eAAO,MAAM,2BAA2B;;;EASrC,CAAA;AAEH,eAAO,MAAM,yBAAyB;;EAKnC,CAAA;AAEH,eAAO,MAAM,2BAA2B;;EAKrC,CAAA"}

package/dist/database/schema/auth.js ADDED Viewed

@@ -0,0 +1,176 @@
+/**
+ * This Source Code is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ * Copyright (c) Infonomic Company Limited
+ */
+/**
+ * Auth schema — admin identity, roles, role-user assignment, and per-role
+ * ability grants.
+ *
+ * All tables carry the `byline_` prefix so Byline can coexist with other
+ * schemas in a shared database. The TypeScript exports are unprefixed —
+ * the prefix is a DB-side concern.
+ *
+ * Shape mirrors the mature Modulus Learning implementation with minor
+ * Byline conventions:
+ *   - UUIDv7 primary keys (generated at insert time in the repository).
+ *   - `vid` integer version column for optimistic concurrency (defaults
+ *     to 1; bumped by write paths when needed).
+ *   - snake_case column names matching the rest of the Byline schema.
+ *
+ * See docs/analysis/AUTHN-AUTHZ-ANALYSIS.md for the full data model and
+ * phased rollout.
+ */
+import { relations } from 'drizzle-orm';
+import { boolean, index, integer, pgTable, primaryKey, text, timestamp, unique, uuid, varchar, } from 'drizzle-orm/pg-core';
+// ---------------------------------------------------------------------------
+// byline_admin_users
+// ---------------------------------------------------------------------------
+export const adminUsers = pgTable('byline_admin_users', {
+    id: uuid('id').primaryKey(),
+    vid: integer('vid').notNull().default(1),
+    given_name: varchar('given_name', { length: 100 }),
+    family_name: varchar('family_name', { length: 100 }),
+    /** Optional — email is the primary identifier. Unique when present. */
+    username: varchar('username', { length: 64 }).unique(),
+    email: varchar('email', { length: 254 }).notNull().unique(),
+    /** Full PHC string, e.g. `$argon2id$v=19$m=…$…$…`. */
+    password: varchar('password', { length: 255 }).notNull(),
+    remember_me: boolean('remember_me').notNull().default(false),
+    last_login: timestamp('last_login', { precision: 6, withTimezone: true }),
+    last_login_ip: varchar('last_login_ip', { length: 45 }),
+    failed_login_attempts: integer('failed_login_attempts').notNull().default(0),
+    /**
+     * Actor-level super-admin bypass. When true, `AdminAuth.isSuperAdmin`
+     * short-circuits every ability check. Set only via the seed script
+     * (or manually by a DB admin) — never via the admin UI.
+     */
+    is_super_admin: boolean('is_super_admin').notNull().default(false),
+    /**
+     * Account enablement. Defaults to `false` so accounts created through
+     * any future admin UI require a deliberate enable step. The super-admin
+     * seed sets this to `true`.
+     */
+    is_enabled: boolean('is_enabled').notNull().default(false),
+    is_email_verified: boolean('is_email_verified').notNull().default(false),
+    created_at: timestamp('created_at').notNull().defaultNow(),
+    updated_at: timestamp('updated_at').notNull().defaultNow(),
+}, (table) => [index('idx_byline_admin_users_email').on(table.email)]);
+// ---------------------------------------------------------------------------
+// byline_admin_roles
+// ---------------------------------------------------------------------------
+export const adminRoles = pgTable('byline_admin_roles', {
+    id: uuid('id').primaryKey(),
+    vid: integer('vid').notNull().default(1),
+    /** Human-readable label, e.g. `'Editor'`. */
+    name: varchar('name', { length: 128 }).notNull(),
+    /** Stable identifier used in code, e.g. `'editor'`, `'super-admin'`. */
+    machine_name: varchar('machine_name', { length: 128 }).notNull().unique(),
+    description: text('description'),
+    /** Display ordering in the role-editor UI. */
+    order: integer('order').notNull().default(0),
+    created_at: timestamp('created_at').notNull().defaultNow(),
+    updated_at: timestamp('updated_at').notNull().defaultNow(),
+}, (table) => [index('idx_byline_admin_roles_machine_name').on(table.machine_name)]);
+// ---------------------------------------------------------------------------
+// byline_admin_role_admin_user — many-to-many join
+// ---------------------------------------------------------------------------
+export const adminRoleAdminUser = pgTable('byline_admin_role_admin_user', {
+    admin_role_id: uuid('admin_role_id')
+        .notNull()
+        .references(() => adminRoles.id, { onDelete: 'cascade' }),
+    admin_user_id: uuid('admin_user_id')
+        .notNull()
+        .references(() => adminUsers.id, { onDelete: 'cascade' }),
+    created_at: timestamp('created_at').notNull().defaultNow(),
+}, (table) => [
+    primaryKey({ columns: [table.admin_role_id, table.admin_user_id] }),
+    index('idx_byline_admin_role_admin_user_user').on(table.admin_user_id),
+]);
+// ---------------------------------------------------------------------------
+// byline_admin_permissions — one row per (role, ability) grant
+// ---------------------------------------------------------------------------
+export const adminPermissions = pgTable('byline_admin_permissions', {
+    id: uuid('id').primaryKey(),
+    vid: integer('vid').notNull().default(1),
+    admin_role_id: uuid('admin_role_id')
+        .notNull()
+        .references(() => adminRoles.id, { onDelete: 'cascade' }),
+    /** Flat dotted ability key — see `@byline/auth` AbilityRegistry. */
+    ability: varchar('ability', { length: 128 }).notNull(),
+    created_at: timestamp('created_at').notNull().defaultNow(),
+    updated_at: timestamp('updated_at').notNull().defaultNow(),
+}, (table) => [
+    unique('uq_byline_admin_permissions_role_ability').on(table.admin_role_id, table.ability),
+    index('idx_byline_admin_permissions_role').on(table.admin_role_id),
+]);
+// ---------------------------------------------------------------------------
+// byline_admin_refresh_tokens — JWT session provider's refresh-token store
+// ---------------------------------------------------------------------------
+/**
+ * Refresh tokens are opaque random strings minted by `JwtSessionProvider`.
+ * We never store the plaintext — only a SHA-256 hash (`token_hash`). When
+ * a token is rotated, `revoked_at` is stamped and `rotated_to_id` points
+ * at the replacement row; presenting a rotated token is treated as replay
+ * and revokes the whole chain.
+ */
+export const adminRefreshTokens = pgTable('byline_admin_refresh_tokens', {
+    id: uuid('id').primaryKey(),
+    admin_user_id: uuid('admin_user_id')
+        .notNull()
+        .references(() => adminUsers.id, { onDelete: 'cascade' }),
+    /** SHA-256 hex digest of the raw refresh-token string. 64 chars. */
+    token_hash: varchar('token_hash', { length: 64 }).notNull().unique(),
+    issued_at: timestamp('issued_at', { precision: 6, withTimezone: true }).notNull().defaultNow(),
+    expires_at: timestamp('expires_at', { precision: 6, withTimezone: true }).notNull(),
+    revoked_at: timestamp('revoked_at', { precision: 6, withTimezone: true }),
+    /**
+     * When this token was rotated, the id of the new token issued in its
+     * place. Self-referential; set atomically alongside `revoked_at`.
+     */
+    rotated_to_id: uuid('rotated_to_id'),
+    last_used_at: timestamp('last_used_at', { precision: 6, withTimezone: true }),
+    user_agent: varchar('user_agent', { length: 512 }),
+    ip: varchar('ip', { length: 45 }),
+    created_at: timestamp('created_at').notNull().defaultNow(),
+    updated_at: timestamp('updated_at').notNull().defaultNow(),
+}, (table) => [
+    index('idx_byline_admin_refresh_tokens_user').on(table.admin_user_id),
+    index('idx_byline_admin_refresh_tokens_token_hash').on(table.token_hash),
+]);
+// ---------------------------------------------------------------------------
+// Relations (drizzle query helpers)
+// ---------------------------------------------------------------------------
+export const adminUsersRelations = relations(adminUsers, ({ many }) => ({
+    roleAssignments: many(adminRoleAdminUser),
+    refreshTokens: many(adminRefreshTokens),
+}));
+export const adminRolesRelations = relations(adminRoles, ({ many }) => ({
+    userAssignments: many(adminRoleAdminUser),
+    permissions: many(adminPermissions),
+}));
+export const adminRoleAdminUserRelations = relations(adminRoleAdminUser, ({ one }) => ({
+    role: one(adminRoles, {
+        fields: [adminRoleAdminUser.admin_role_id],
+        references: [adminRoles.id],
+    }),
+    user: one(adminUsers, {
+        fields: [adminRoleAdminUser.admin_user_id],
+        references: [adminUsers.id],
+    }),
+}));
+export const adminPermissionsRelations = relations(adminPermissions, ({ one }) => ({
+    role: one(adminRoles, {
+        fields: [adminPermissions.admin_role_id],
+        references: [adminRoles.id],
+    }),
+}));
+export const adminRefreshTokensRelations = relations(adminRefreshTokens, ({ one }) => ({
+    user: one(adminUsers, {
+        fields: [adminRefreshTokens.admin_user_id],
+        references: [adminUsers.id],
+    }),
+}));
+//# sourceMappingURL=auth.js.map

package/dist/database/schema/auth.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"auth.js","sourceRoot":"","sources":["../../../src/database/schema/auth.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH;;;;;;;;;;;;;;;;;GAiBG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAA;AACvC,OAAO,EACL,OAAO,EACP,KAAK,EACL,OAAO,EACP,OAAO,EACP,UAAU,EACV,IAAI,EACJ,SAAS,EACT,MAAM,EACN,IAAI,EACJ,OAAO,GACR,MAAM,qBAAqB,CAAA;AAE5B,8EAA8E;AAC9E,qBAAqB;AACrB,8EAA8E;AAE9E,MAAM,CAAC,MAAM,UAAU,GAAG,OAAO,CAC/B,oBAAoB,EACpB;IACE,EAAE,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE;IAC3B,GAAG,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;IACxC,UAAU,EAAE,OAAO,CAAC,YAAY,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC;IAClD,WAAW,EAAE,OAAO,CAAC,aAAa,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC;IACpD,uEAAuE;IACvE,QAAQ,EAAE,OAAO,CAAC,UAAU,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,CAAC,MAAM,EAAE;IACtD,KAAK,EAAE,OAAO,CAAC,OAAO,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,MAAM,EAAE;IAC3D,sDAAsD;IACtD,QAAQ,EAAE,OAAO,CAAC,UAAU,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,OAAO,EAAE;IACxD,WAAW,EAAE,OAAO,CAAC,aAAa,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC;IAC5D,UAAU,EAAE,SAAS,CAAC,YAAY,EAAE,EAAE,SAAS,EAAE,CAAC,EAAE,YAAY,EAAE,IAAI,EAAE,CAAC;IACzE,aAAa,EAAE,OAAO,CAAC,eAAe,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC;IACvD,qBAAqB,EAAE,OAAO,CAAC,uBAAuB,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;IAC5E;;;;OAIG;IACH,cAAc,EAAE,OAAO,CAAC,gBAAgB,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC;IAClE;;;;OAIG;IACH,UAAU,EAAE,OAAO,CAAC,YAAY,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC;IAC1D,iBAAiB,EAAE,OAAO,CAAC,mBAAmB,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC;IACxE,UAAU,EAAE,SAAS,CAAC,YAAY,CAAC,CAAC,OAAO,EAAE,CAAC,UAAU,EAAE;IAC1D,UAAU,EAAE,SAAS,CAAC,YAAY,CAAC,CAAC,OAAO,EAAE,CAAC,UAAU,EAAE;CAC3D,EACD,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CACnE,CAAA;AAED,8EAA8E;AAC9E,qBAAqB;AACrB,8EAA8E;AAE9E,MAAM,CAAC,MAAM,UAAU,GAAG,OAAO,CAC/B,oBAAoB,EACpB;IACE,EAAE,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE;IAC3B,GAAG,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;IACxC,6CAA6C;IAC7C,IAAI,EAAE,OAAO,CAAC,MAAM,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,OAAO,EAAE;IAChD,wEAAwE;IACxE,YAAY,EAAE,OAAO,CAAC,cAAc,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,MAAM,EAAE;IACzE,WAAW,EAAE,IAAI,CAAC,aAAa,CAAC;IAChC,8CAA8C;IAC9C,KAAK,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;IAC5C,UAAU,EAAE,SAAS,CAAC,YAAY,CAAC,CAAC,OAAO,EAAE,CAAC,UAAU,EAAE;IAC1D,UAAU,EAAE,SAAS,CAAC,YAAY,CAAC,CAAC,OAAO,EAAE,CAAC,UAAU,EAAE;CAC3D,EACD,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,qCAAqC,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CACjF,CAAA;AAED,8EAA8E;AAC9E,mDAAmD;AACnD,8EAA8E;AAE9E,MAAM,CAAC,MAAM,kBAAkB,GAAG,OAAO,CACvC,8BAA8B,EAC9B;IACE,aAAa,EAAE,IAAI,CAAC,eAAe,CAAC;SACjC,OAAO,EAAE;SACT,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,EAAE,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC;IAC3D,aAAa,EAAE,IAAI,CAAC,eAAe,CAAC;SACjC,OAAO,EAAE;SACT,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,EAAE,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC;IAC3D,UAAU,EAAE,SAAS,CAAC,YAAY,CAAC,CAAC,OAAO,EAAE,CAAC,UAAU,EAAE;CAC3D,EACD,CAAC,KAAK,EAAE,EAAE,CAAC;IACT,UAAU,CAAC,EAAE,OAAO,EAAE,CAAC,KAAK,CAAC,aAAa,EAAE,KAAK,CAAC,aAAa,CAAC,EAAE,CAAC;IACnE,KAAK,CAAC,uCAAuC,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,aAAa,CAAC;CACvE,CACF,CAAA;AAED,8EAA8E;AAC9E,+DAA+D;AAC/D,8EAA8E;AAE9E,MAAM,CAAC,MAAM,gBAAgB,GAAG,OAAO,CACrC,0BAA0B,EAC1B;IACE,EAAE,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE;IAC3B,GAAG,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;IACxC,aAAa,EAAE,IAAI,CAAC,eAAe,CAAC;SACjC,OAAO,EAAE;SACT,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,EAAE,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC;IAC3D,oEAAoE;IACpE,OAAO,EAAE,OAAO,CAAC,SAAS,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,OAAO,EAAE;IACtD,UAAU,EAAE,SAAS,CAAC,YAAY,CAAC,CAAC,OAAO,EAAE,CAAC,UAAU,EAAE;IAC1D,UAAU,EAAE,SAAS,CAAC,YAAY,CAAC,CAAC,OAAO,EAAE,CAAC,UAAU,EAAE;CAC3D,EACD,CAAC,KAAK,EAAE,EAAE,CAAC;IACT,MAAM,CAAC,0CAA0C,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,aAAa,EAAE,KAAK,CAAC,OAAO,CAAC;IACzF,KAAK,CAAC,mCAAmC,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,aAAa,CAAC;CACnE,CACF,CAAA;AAED,8EAA8E;AAC9E,2EAA2E;AAC3E,8EAA8E;AAE9E;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAG,OAAO,CACvC,6BAA6B,EAC7B;IACE,EAAE,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE;IAC3B,aAAa,EAAE,IAAI,CAAC,eAAe,CAAC;SACjC,OAAO,EAAE;SACT,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,EAAE,EAAE,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC;IAC3D,oEAAoE;IACpE,UAAU,EAAE,OAAO,CAAC,YAAY,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,MAAM,EAAE;IACpE,SAAS,EAAE,SAAS,CAAC,WAAW,EAAE,EAAE,SAAS,EAAE,CAAC,EAAE,YAAY,EAAE,IAAI,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,UAAU,EAAE;IAC9F,UAAU,EAAE,SAAS,CAAC,YAAY,EAAE,EAAE,SAAS,EAAE,CAAC,EAAE,YAAY,EAAE,IAAI,EAAE,CAAC,CAAC,OAAO,EAAE;IACnF,UAAU,EAAE,SAAS,CAAC,YAAY,EAAE,EAAE,SAAS,EAAE,CAAC,EAAE,YAAY,EAAE,IAAI,EAAE,CAAC;IACzE;;;OAGG;IACH,aAAa,EAAE,IAAI,CAAC,eAAe,CAAC;IACpC,YAAY,EAAE,SAAS,CAAC,cAAc,EAAE,EAAE,SAAS,EAAE,CAAC,EAAE,YAAY,EAAE,IAAI,EAAE,CAAC;IAC7E,UAAU,EAAE,OAAO,CAAC,YAAY,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC;IAClD,EAAE,EAAE,OAAO,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC;IACjC,UAAU,EAAE,SAAS,CAAC,YAAY,CAAC,CAAC,OAAO,EAAE,CAAC,UAAU,EAAE;IAC1D,UAAU,EAAE,SAAS,CAAC,YAAY,CAAC,CAAC,OAAO,EAAE,CAAC,UAAU,EAAE;CAC3D,EACD,CAAC,KAAK,EAAE,EAAE,CAAC;IACT,KAAK,CAAC,sCAAsC,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,aAAa,CAAC;IACrE,KAAK,CAAC,4CAA4C,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC;CACzE,CACF,CAAA;AAED,8EAA8E;AAC9E,oCAAoC;AACpC,8EAA8E;AAE9E,MAAM,CAAC,MAAM,mBAAmB,GAAG,SAAS,CAAC,UAAU,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC;IACtE,eAAe,EAAE,IAAI,CAAC,kBAAkB,CAAC;IACzC,aAAa,EAAE,IAAI,CAAC,kBAAkB,CAAC;CACxC,CAAC,CAAC,CAAA;AAEH,MAAM,CAAC,MAAM,mBAAmB,GAAG,SAAS,CAAC,UAAU,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC;IACtE,eAAe,EAAE,IAAI,CAAC,kBAAkB,CAAC;IACzC,WAAW,EAAE,IAAI,CAAC,gBAAgB,CAAC;CACpC,CAAC,CAAC,CAAA;AAEH,MAAM,CAAC,MAAM,2BAA2B,GAAG,SAAS,CAAC,kBAAkB,EAAE,CAAC,EAAE,GAAG,EAAE,EAAE,EAAE,CAAC,CAAC;IACrF,IAAI,EAAE,GAAG,CAAC,UAAU,EAAE;QACpB,MAAM,EAAE,CAAC,kBAAkB,CAAC,aAAa,CAAC;QAC1C,UAAU,EAAE,CAAC,UAAU,CAAC,EAAE,CAAC;KAC5B,CAAC;IACF,IAAI,EAAE,GAAG,CAAC,UAAU,EAAE;QACpB,MAAM,EAAE,CAAC,kBAAkB,CAAC,aAAa,CAAC;QAC1C,UAAU,EAAE,CAAC,UAAU,CAAC,EAAE,CAAC;KAC5B,CAAC;CACH,CAAC,CAAC,CAAA;AAEH,MAAM,CAAC,MAAM,yBAAyB,GAAG,SAAS,CAAC,gBAAgB,EAAE,CAAC,EAAE,GAAG,EAAE,EAAE,EAAE,CAAC,CAAC;IACjF,IAAI,EAAE,GAAG,CAAC,UAAU,EAAE;QACpB,MAAM,EAAE,CAAC,gBAAgB,CAAC,aAAa,CAAC;QACxC,UAAU,EAAE,CAAC,UAAU,CAAC,EAAE,CAAC;KAC5B,CAAC;CACH,CAAC,CAAC,CAAA;AAEH,MAAM,CAAC,MAAM,2BAA2B,GAAG,SAAS,CAAC,kBAAkB,EAAE,CAAC,EAAE,GAAG,EAAE,EAAE,EAAE,CAAC,CAAC;IACrF,IAAI,EAAE,GAAG,CAAC,UAAU,EAAE;QACpB,MAAM,EAAE,CAAC,kBAAkB,CAAC,aAAa,CAAC;QAC1C,UAAU,EAAE,CAAC,UAAU,CAAC,EAAE,CAAC;KAC5B,CAAC;CACH,CAAC,CAAC,CAAA"}