@de-otio/chaoskb-server 0.2.0

package/dist/lib/handler/routes/invites.js

@@ -0,0 +1,445 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.handleCreateInvite = handleCreateInvite;
+exports.handleListInvites = handleListInvites;
+exports.handleAcceptInvite = handleAcceptInvite;
+exports.handleDeclineInvite = handleDeclineInvite;
+const crypto = __importStar(require("crypto"));
+const lib_dynamodb_1 = require("@aws-sdk/lib-dynamodb");
+const logger_js_1 = require("../logger.js");
+const audit_js_1 = require("./audit.js");
+const JSON_HEADERS = { 'Content-Type': 'application/json' };
+const FOURTEEN_DAYS_MS = 14 * 24 * 60 * 60 * 1000;
+const FOURTEEN_DAYS_SECONDS = 14 * 24 * 60 * 60;
+const TWENTY_FOUR_HOURS_SECONDS = 24 * 60 * 60;
+const HOUR_SECONDS = 3600;
+const DAY_SECONDS = 86400;
+const HOURLY_INVITE_LIMIT = 10;
+const DAILY_INVITE_LIMIT = 50;
+const MAX_PENDING_INVITES = 20;
+/**
+ * Check sender rate limits for invite creation.
+ * Uses DynamoDB counters with hourly and daily windows.
+ */
+async function checkInviteRateLimit(senderFingerprint, ddb, tableName) {
+    const now = Math.floor(Date.now() / 1000);
+    const hourWindow = Math.floor(now / HOUR_SECONDS);
+    const dayWindow = Math.floor(now / DAY_SECONDS);
+    // Check hourly limit
+    const hourResult = await ddb.send(new lib_dynamodb_1.UpdateCommand({
+        TableName: tableName,
+        Key: {
+            PK: `RATE#INVITE#${senderFingerprint}`,
+            SK: `HOUR#${hourWindow}`,
+        },
+        UpdateExpression: 'SET #count = if_not_exists(#count, :zero) + :one, #ttl = :ttl',
+        ExpressionAttributeNames: {
+            '#count': 'count',
+            '#ttl': 'ttl',
+        },
+        ExpressionAttributeValues: {
+            ':zero': 0,
+            ':one': 1,
+            ':ttl': hourWindow * HOUR_SECONDS + HOUR_SECONDS + 120,
+        },
+        ReturnValues: 'UPDATED_NEW',
+    }));
+    const hourlyCount = hourResult.Attributes?.['count'] ?? 1;
+    if (hourlyCount > HOURLY_INVITE_LIMIT) {
+        return { allowed: false, message: 'Hourly invite limit exceeded (max 10/hour)' };
+    }
+    // Check daily limit
+    const dayResult = await ddb.send(new lib_dynamodb_1.UpdateCommand({
+        TableName: tableName,
+        Key: {
+            PK: `RATE#INVITE#${senderFingerprint}`,
+            SK: `DAY#${dayWindow}`,
+        },
+        UpdateExpression: 'SET #count = if_not_exists(#count, :zero) + :one, #ttl = :ttl',
+        ExpressionAttributeNames: {
+            '#count': 'count',
+            '#ttl': 'ttl',
+        },
+        ExpressionAttributeValues: {
+            ':zero': 0,
+            ':one': 1,
+            ':ttl': dayWindow * DAY_SECONDS + DAY_SECONDS + 120,
+        },
+        ReturnValues: 'UPDATED_NEW',
+    }));
+    const dailyCount = dayResult.Attributes?.['count'] ?? 1;
+    if (dailyCount > DAILY_INVITE_LIMIT) {
+        return { allowed: false, message: 'Daily invite limit exceeded (max 50/day)' };
+    }
+    return { allowed: true };
+}
+/**
+ * Check that the recipient doesn't have too many pending invites.
+ */
+async function checkRecipientPendingCount(recipientFingerprint, ddb, tableName) {
+    const result = await ddb.send(new lib_dynamodb_1.QueryCommand({
+        TableName: tableName,
+        IndexName: 'GSI-RecipientFingerprint',
+        KeyConditionExpression: 'recipientFingerprint = :fp',
+        FilterExpression: '#status = :pending',
+        ExpressionAttributeNames: {
+            '#status': 'status',
+        },
+        ExpressionAttributeValues: {
+            ':fp': recipientFingerprint,
+            ':pending': 'pending',
+        },
+        Select: 'COUNT',
+    }));
+    return (result.Count ?? 0) < MAX_PENDING_INVITES;
+}
+/**
+ * POST /v1/invites - Create an invite
+ */
+async function handleCreateInvite(tenantId, fingerprint, body, ddb, tableName) {
+    if (!body) {
+        return {
+            statusCode: 400,
+            headers: JSON_HEADERS,
+            body: JSON.stringify({ error: 'invalid_request', message: 'Request body is required' }),
+        };
+    }
+    let parsed;
+    try {
+        parsed = JSON.parse(body);
+    }
+    catch {
+        return {
+            statusCode: 400,
+            headers: JSON_HEADERS,
+            body: JSON.stringify({ error: 'invalid_request', message: 'Invalid JSON body' }),
+        };
+    }
+    if (!parsed.recipientFingerprint ||
+        !parsed.projectTenantId ||
+        !parsed.encryptedPayload ||
+        !parsed.role) {
+        return {
+            statusCode: 400,
+            headers: JSON_HEADERS,
+            body: JSON.stringify({
+                error: 'invalid_request',
+                message: 'recipientFingerprint, projectTenantId, encryptedPayload, and role are required',
+            }),
+        };
+    }
+    // Validate encryptedPayload is valid base64
+    if (!/^[A-Za-z0-9+/]+=*$/.test(parsed.encryptedPayload)) {
+        return {
+            statusCode: 400,
+            headers: JSON_HEADERS,
+            body: JSON.stringify({ error: 'invalid_request', message: 'encryptedPayload must be valid base64' }),
+        };
+    }
+    // Check sender rate limits
+    const rateCheck = await checkInviteRateLimit(fingerprint, ddb, tableName);
+    if (!rateCheck.allowed) {
+        return {
+            statusCode: 429,
+            headers: JSON_HEADERS,
+            body: JSON.stringify({ error: 'rate_limited', message: rateCheck.message }),
+        };
+    }
+    // Check recipient pending count
+    const recipientOk = await checkRecipientPendingCount(parsed.recipientFingerprint, ddb, tableName);
+    if (!recipientOk) {
+        return {
+            statusCode: 409,
+            headers: JSON_HEADERS,
+            body: JSON.stringify({
+                error: 'recipient_limit',
+                message: 'Recipient has too many pending invites',
+            }),
+        };
+    }
+    const inviteId = crypto.randomUUID();
+    const now = new Date();
+    const createdAt = now.toISOString();
+    const expiresAt = new Date(now.getTime() + FOURTEEN_DAYS_MS).toISOString();
+    const ttl = Math.floor(now.getTime() / 1000) + FOURTEEN_DAYS_SECONDS;
+    await ddb.send(new lib_dynamodb_1.PutCommand({
+        TableName: tableName,
+        Item: {
+            PK: `INVITE#${inviteId}`,
+            SK: 'META',
+            inviteId,
+            status: 'pending',
+            senderFingerprint: fingerprint,
+            recipientFingerprint: parsed.recipientFingerprint,
+            projectTenantId: parsed.projectTenantId,
+            encryptedPayload: parsed.encryptedPayload,
+            role: parsed.role,
+            createdAt,
+            expiresAt,
+            ttl,
+        },
+    }));
+    await (0, audit_js_1.logAuditEvent)(ddb, tableName, tenantId, {
+        eventType: 'invite-created',
+        fingerprint,
+        metadata: {
+            inviteId,
+            recipientFingerprint: parsed.recipientFingerprint,
+            projectTenantId: parsed.projectTenantId,
+            role: parsed.role,
+        },
+    });
+    logger_js_1.logger.info('Invite created', { tenantId, inviteId });
+    return {
+        statusCode: 201,
+        headers: JSON_HEADERS,
+        body: JSON.stringify({ inviteId, status: 'pending' }),
+    };
+}
+/**
+ * GET /v1/invites - List pending invites for the authenticated user
+ */
+async function handleListInvites(tenantId, fingerprint, ddb, tableName) {
+    const now = new Date().toISOString();
+    const result = await ddb.send(new lib_dynamodb_1.QueryCommand({
+        TableName: tableName,
+        IndexName: 'GSI-RecipientFingerprint',
+        KeyConditionExpression: 'recipientFingerprint = :fp',
+        FilterExpression: '#status = :pending AND expiresAt > :now',
+        ExpressionAttributeNames: {
+            '#status': 'status',
+        },
+        ExpressionAttributeValues: {
+            ':fp': fingerprint,
+            ':pending': 'pending',
+            ':now': now,
+        },
+    }));
+    const invites = (result.Items ?? []).map((item) => ({
+        inviteId: item['inviteId'],
+        senderFingerprint: item['senderFingerprint'],
+        projectTenantId: item['projectTenantId'],
+        role: item['role'],
+        createdAt: item['createdAt'],
+    }));
+    return {
+        statusCode: 200,
+        headers: JSON_HEADERS,
+        body: JSON.stringify({ invites }),
+    };
+}
+/**
+ * POST /v1/invites/{id}/accept - Accept an invite
+ */
+async function handleAcceptInvite(tenantId, fingerprint, inviteId, ddb, tableName) {
+    const result = await ddb.send(new lib_dynamodb_1.GetCommand({
+        TableName: tableName,
+        Key: {
+            PK: `INVITE#${inviteId}`,
+            SK: 'META',
+        },
+    }));
+    if (!result.Item) {
+        return {
+            statusCode: 404,
+            headers: JSON_HEADERS,
+            body: JSON.stringify({ error: 'not_found', message: 'Invite not found' }),
+        };
+    }
+    const invite = result.Item;
+    // Check recipient matches
+    if (invite['recipientFingerprint'] !== fingerprint) {
+        return {
+            statusCode: 403,
+            headers: JSON_HEADERS,
+            body: JSON.stringify({ error: 'forbidden', message: 'Not authorized to accept this invite' }),
+        };
+    }
+    // Idempotent: already accepted
+    if (invite['status'] === 'accepted') {
+        return {
+            statusCode: 200,
+            headers: JSON_HEADERS,
+            body: JSON.stringify({
+                status: 'already_accepted',
+                encryptedPayload: invite['encryptedPayload'],
+                projectTenantId: invite['projectTenantId'],
+            }),
+        };
+    }
+    // Check status is pending
+    if (invite['status'] !== 'pending') {
+        return {
+            statusCode: 409,
+            headers: JSON_HEADERS,
+            body: JSON.stringify({ error: 'conflict', message: `Invite is ${invite['status']}` }),
+        };
+    }
+    // Check not expired
+    if (new Date(invite['expiresAt']) < new Date()) {
+        return {
+            statusCode: 410,
+            headers: JSON_HEADERS,
+            body: JSON.stringify({ error: 'expired', message: 'Invite has expired' }),
+        };
+    }
+    const now = new Date();
+    const acceptedAt = now.toISOString();
+    // Schedule cleanup: TTL 24 hours after acceptance
+    const cleanupTtl = Math.floor(now.getTime() / 1000) + TWENTY_FOUR_HOURS_SECONDS;
+    await ddb.send(new lib_dynamodb_1.UpdateCommand({
+        TableName: tableName,
+        Key: {
+            PK: `INVITE#${inviteId}`,
+            SK: 'META',
+        },
+        UpdateExpression: 'SET #status = :accepted, acceptedAt = :acceptedAt, #ttl = :ttl',
+        ExpressionAttributeNames: {
+            '#status': 'status',
+            '#ttl': 'ttl',
+        },
+        ExpressionAttributeValues: {
+            ':accepted': 'accepted',
+            ':acceptedAt': acceptedAt,
+            ':ttl': cleanupTtl,
+        },
+    }));
+    await (0, audit_js_1.logAuditEvent)(ddb, tableName, tenantId, {
+        eventType: 'invite-accepted',
+        fingerprint,
+        metadata: {
+            inviteId,
+            projectTenantId: invite['projectTenantId'],
+        },
+    });
+    logger_js_1.logger.info('Invite accepted', { tenantId, inviteId });
+    return {
+        statusCode: 200,
+        headers: JSON_HEADERS,
+        body: JSON.stringify({
+            status: 'accepted',
+            encryptedPayload: invite['encryptedPayload'],
+            projectTenantId: invite['projectTenantId'],
+        }),
+    };
+}
+/**
+ * POST /v1/invites/{id}/decline - Decline an invite
+ */
+async function handleDeclineInvite(tenantId, fingerprint, inviteId, body, ddb, tableName) {
+    const result = await ddb.send(new lib_dynamodb_1.GetCommand({
+        TableName: tableName,
+        Key: {
+            PK: `INVITE#${inviteId}`,
+            SK: 'META',
+        },
+    }));
+    if (!result.Item) {
+        return {
+            statusCode: 404,
+            headers: JSON_HEADERS,
+            body: JSON.stringify({ error: 'not_found', message: 'Invite not found' }),
+        };
+    }
+    const invite = result.Item;
+    // Check recipient matches
+    if (invite['recipientFingerprint'] !== fingerprint) {
+        return {
+            statusCode: 403,
+            headers: JSON_HEADERS,
+            body: JSON.stringify({ error: 'forbidden', message: 'Not authorized to decline this invite' }),
+        };
+    }
+    // Check status is pending
+    if (invite['status'] !== 'pending') {
+        return {
+            statusCode: 409,
+            headers: JSON_HEADERS,
+            body: JSON.stringify({ error: 'conflict', message: `Invite is already ${invite['status']}` }),
+        };
+    }
+    await ddb.send(new lib_dynamodb_1.UpdateCommand({
+        TableName: tableName,
+        Key: {
+            PK: `INVITE#${inviteId}`,
+            SK: 'META',
+        },
+        UpdateExpression: 'SET #status = :declined, declinedAt = :declinedAt',
+        ExpressionAttributeNames: {
+            '#status': 'status',
+        },
+        ExpressionAttributeValues: {
+            ':declined': 'declined',
+            ':declinedAt': new Date().toISOString(),
+        },
+    }));
+    // Handle optional block
+    let parsed = {};
+    if (body) {
+        try {
+            parsed = JSON.parse(body);
+        }
+        catch {
+            // Ignore invalid JSON in decline body — blocking is optional
+        }
+    }
+    if (parsed.block && parsed.senderFingerprint) {
+        await ddb.send(new lib_dynamodb_1.PutCommand({
+            TableName: tableName,
+            Item: {
+                PK: `TENANT#${tenantId}`,
+                SK: `BLOCK#${parsed.senderFingerprint}`,
+                blockedAt: new Date().toISOString(),
+            },
+        }));
+        logger_js_1.logger.info('Sender blocked', { tenantId, senderFingerprint: parsed.senderFingerprint });
+    }
+    await (0, audit_js_1.logAuditEvent)(ddb, tableName, tenantId, {
+        eventType: 'invite-declined',
+        fingerprint,
+        metadata: {
+            inviteId,
+            blocked: parsed.block ?? false,
+        },
+    });
+    logger_js_1.logger.info('Invite declined', { tenantId, inviteId });
+    return {
+        statusCode: 200,
+        headers: JSON_HEADERS,
+        body: JSON.stringify({ status: 'declined' }),
+    };
+}
+//# sourceMappingURL=invites.js.map

package/dist/lib/handler/routes/invites.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"invites.js","sourceRoot":"","sources":["../../../../lib/handler/routes/invites.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAkIA,gDA+HC;AAKD,8CAsCC;AAKD,gDAgHC;AAKD,kDAwGC;AA9gBD,+CAAiC;AACjC,wDAM+B;AAC/B,4CAAsC;AACtC,yCAA2C;AAQ3C,MAAM,YAAY,GAAG,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC;AAE5D,MAAM,gBAAgB,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;AAClD,MAAM,qBAAqB,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;AAChD,MAAM,yBAAyB,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC;AAE/C,MAAM,YAAY,GAAG,IAAI,CAAC;AAC1B,MAAM,WAAW,GAAG,KAAK,CAAC;AAC1B,MAAM,mBAAmB,GAAG,EAAE,CAAC;AAC/B,MAAM,kBAAkB,GAAG,EAAE,CAAC;AAC9B,MAAM,mBAAmB,GAAG,EAAE,CAAC;AAE/B;;;GAGG;AACH,KAAK,UAAU,oBAAoB,CACjC,iBAAyB,EACzB,GAA2B,EAC3B,SAAiB;IAEjB,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAC1C,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,YAAY,CAAC,CAAC;IAClD,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,WAAW,CAAC,CAAC;IAEhD,qBAAqB;IACrB,MAAM,UAAU,GAAG,MAAM,GAAG,CAAC,IAAI,CAC/B,IAAI,4BAAa,CAAC;QAChB,SAAS,EAAE,SAAS;QACpB,GAAG,EAAE;YACH,EAAE,EAAE,eAAe,iBAAiB,EAAE;YACtC,EAAE,EAAE,QAAQ,UAAU,EAAE;SACzB;QACD,gBAAgB,EAAE,+DAA+D;QACjF,wBAAwB,EAAE;YACxB,QAAQ,EAAE,OAAO;YACjB,MAAM,EAAE,KAAK;SACd;QACD,yBAAyB,EAAE;YACzB,OAAO,EAAE,CAAC;YACV,MAAM,EAAE,CAAC;YACT,MAAM,EAAE,UAAU,GAAG,YAAY,GAAG,YAAY,GAAG,GAAG;SACvD;QACD,YAAY,EAAE,aAAa;KAC5B,CAAC,CACH,CAAC;IAEF,MAAM,WAAW,GAAI,UAAU,CAAC,UAAU,EAAE,CAAC,OAAO,CAAY,IAAI,CAAC,CAAC;IACtE,IAAI,WAAW,GAAG,mBAAmB,EAAE,CAAC;QACtC,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,4CAA4C,EAAE,CAAC;IACnF,CAAC;IAED,oBAAoB;IACpB,MAAM,SAAS,GAAG,MAAM,GAAG,CAAC,IAAI,CAC9B,IAAI,4BAAa,CAAC;QAChB,SAAS,EAAE,SAAS;QACpB,GAAG,EAAE;YACH,EAAE,EAAE,eAAe,iBAAiB,EAAE;YACtC,EAAE,EAAE,OAAO,SAAS,EAAE;SACvB;QACD,gBAAgB,EAAE,+DAA+D;QACjF,wBAAwB,EAAE;YACxB,QAAQ,EAAE,OAAO;YACjB,MAAM,EAAE,KAAK;SACd;QACD,yBAAyB,EAAE;YACzB,OAAO,EAAE,CAAC;YACV,MAAM,EAAE,CAAC;YACT,MAAM,EAAE,SAAS,GAAG,WAAW,GAAG,WAAW,GAAG,GAAG;SACpD;QACD,YAAY,EAAE,aAAa;KAC5B,CAAC,CACH,CAAC;IAEF,MAAM,UAAU,GAAI,SAAS,CAAC,UAAU,EAAE,CAAC,OAAO,CAAY,IAAI,CAAC,CAAC;IACpE,IAAI,UAAU,GAAG,kBAAkB,EAAE,CAAC;QACpC,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,0CAA0C,EAAE,CAAC;IACjF,CAAC;IAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;AAC3B,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,0BAA0B,CACvC,oBAA4B,EAC5B,GAA2B,EAC3B,SAAiB;IAEjB,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,IAAI,CAC3B,IAAI,2BAAY,CAAC;QACf,SAAS,EAAE,SAAS;QACpB,SAAS,EAAE,0BAA0B;QACrC,sBAAsB,EAAE,4BAA4B;QACpD,gBAAgB,EAAE,oBAAoB;QACtC,wBAAwB,EAAE;YACxB,SAAS,EAAE,QAAQ;SACpB;QACD,yBAAyB,EAAE;YACzB,KAAK,EAAE,oBAAoB;YAC3B,UAAU,EAAE,SAAS;SACtB;QACD,MAAM,EAAE,OAAO;KAChB,CAAC,CACH,CAAC;IAEF,OAAO,CAAC,MAAM,CAAC,KAAK,IAAI,CAAC,CAAC,GAAG,mBAAmB,CAAC;AACnD,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,kBAAkB,CACtC,QAAgB,EAChB,WAAmB,EACnB,IAA+B,EAC/B,GAA2B,EAC3B,SAAiB;IAEjB,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,OAAO;YACL,UAAU,EAAE,GAAG;YACf,OAAO,EAAE,YAAY;YACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,iBAAiB,EAAE,OAAO,EAAE,0BAA0B,EAAE,CAAC;SACxF,CAAC;IACJ,CAAC;IAED,IAAI,MAKH,CAAC;IACF,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC5B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO;YACL,UAAU,EAAE,GAAG;YACf,OAAO,EAAE,YAAY;YACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,iBAAiB,EAAE,OAAO,EAAE,mBAAmB,EAAE,CAAC;SACjF,CAAC;IACJ,CAAC;IAED,IACE,CAAC,MAAM,CAAC,oBAAoB;QAC5B,CAAC,MAAM,CAAC,eAAe;QACvB,CAAC,MAAM,CAAC,gBAAgB;QACxB,CAAC,MAAM,CAAC,IAAI,EACZ,CAAC;QACD,OAAO;YACL,UAAU,EAAE,GAAG;YACf,OAAO,EAAE,YAAY;YACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,KAAK,EAAE,iBAAiB;gBACxB,OAAO,EAAE,gFAAgF;aAC1F,CAAC;SACH,CAAC;IACJ,CAAC;IAED,4CAA4C;IAC5C,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,MAAM,CAAC,gBAAgB,CAAC,EAAE,CAAC;QACxD,OAAO;YACL,UAAU,EAAE,GAAG;YACf,OAAO,EAAE,YAAY;YACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,iBAAiB,EAAE,OAAO,EAAE,uCAAuC,EAAE,CAAC;SACrG,CAAC;IACJ,CAAC;IAED,2BAA2B;IAC3B,MAAM,SAAS,GAAG,MAAM,oBAAoB,CAAC,WAAW,EAAE,GAAG,EAAE,SAAS,CAAC,CAAC;IAC1E,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC;QACvB,OAAO;YACL,UAAU,EAAE,GAAG;YACf,OAAO,EAAE,YAAY;YACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,OAAO,EAAE,SAAS,CAAC,OAAO,EAAE,CAAC;SAC5E,CAAC;IACJ,CAAC;IAED,gCAAgC;IAChC,MAAM,WAAW,GAAG,MAAM,0BAA0B,CAClD,MAAM,CAAC,oBAAoB,EAC3B,GAAG,EACH,SAAS,CACV,CAAC;IACF,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO;YACL,UAAU,EAAE,GAAG;YACf,OAAO,EAAE,YAAY;YACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,KAAK,EAAE,iBAAiB;gBACxB,OAAO,EAAE,wCAAwC;aAClD,CAAC;SACH,CAAC;IACJ,CAAC;IAED,MAAM,QAAQ,GAAG,MAAM,CAAC,UAAU,EAAE,CAAC;IACrC,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;IACvB,MAAM,SAAS,GAAG,GAAG,CAAC,WAAW,EAAE,CAAC;IACpC,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,gBAAgB,CAAC,CAAC,WAAW,EAAE,CAAC;IAC3E,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,GAAG,qBAAqB,CAAC;IAErE,MAAM,GAAG,CAAC,IAAI,CACZ,IAAI,yBAAU,CAAC;QACb,SAAS,EAAE,SAAS;QACpB,IAAI,EAAE;YACJ,EAAE,EAAE,UAAU,QAAQ,EAAE;YACxB,EAAE,EAAE,MAAM;YACV,QAAQ;YACR,MAAM,EAAE,SAAS;YACjB,iBAAiB,EAAE,WAAW;YAC9B,oBAAoB,EAAE,MAAM,CAAC,oBAAoB;YACjD,eAAe,EAAE,MAAM,CAAC,eAAe;YACvC,gBAAgB,EAAE,MAAM,CAAC,gBAAgB;YACzC,IAAI,EAAE,MAAM,CAAC,IAAI;YACjB,SAAS;YACT,SAAS;YACT,GAAG;SACJ;KACF,CAAC,CACH,CAAC;IAEF,MAAM,IAAA,wBAAa,EAAC,GAAG,EAAE,SAAS,EAAE,QAAQ,EAAE;QAC5C,SAAS,EAAE,gBAAuB;QAClC,WAAW;QACX,QAAQ,EAAE;YACR,QAAQ;YACR,oBAAoB,EAAE,MAAM,CAAC,oBAAoB;YACjD,eAAe,EAAE,MAAM,CAAC,eAAe;YACvC,IAAI,EAAE,MAAM,CAAC,IAAI;SAClB;KACF,CAAC,CAAC;IAEH,kBAAM,CAAC,IAAI,CAAC,gBAAgB,EAAE,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC,CAAC;IAEtD,OAAO;QACL,UAAU,EAAE,GAAG;QACf,OAAO,EAAE,YAAY;QACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;KACtD,CAAC;AACJ,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,iBAAiB,CACrC,QAAgB,EAChB,WAAmB,EACnB,GAA2B,EAC3B,SAAiB;IAEjB,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAErC,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,IAAI,CAC3B,IAAI,2BAAY,CAAC;QACf,SAAS,EAAE,SAAS;QACpB,SAAS,EAAE,0BAA0B;QACrC,sBAAsB,EAAE,4BAA4B;QACpD,gBAAgB,EAAE,yCAAyC;QAC3D,wBAAwB,EAAE;YACxB,SAAS,EAAE,QAAQ;SACpB;QACD,yBAAyB,EAAE;YACzB,KAAK,EAAE,WAAW;YAClB,UAAU,EAAE,SAAS;YACrB,MAAM,EAAE,GAAG;SACZ;KACF,CAAC,CACH,CAAC;IAEF,MAAM,OAAO,GAAG,CAAC,MAAM,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;QAClD,QAAQ,EAAE,IAAI,CAAC,UAAU,CAAC;QAC1B,iBAAiB,EAAE,IAAI,CAAC,mBAAmB,CAAC;QAC5C,eAAe,EAAE,IAAI,CAAC,iBAAiB,CAAC;QACxC,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC;QAClB,SAAS,EAAE,IAAI,CAAC,WAAW,CAAC;KAC7B,CAAC,CAAC,CAAC;IAEJ,OAAO;QACL,UAAU,EAAE,GAAG;QACf,OAAO,EAAE,YAAY;QACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,CAAC;KAClC,CAAC;AACJ,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,kBAAkB,CACtC,QAAgB,EAChB,WAAmB,EACnB,QAAgB,EAChB,GAA2B,EAC3B,SAAiB;IAEjB,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,IAAI,CAC3B,IAAI,yBAAU,CAAC;QACb,SAAS,EAAE,SAAS;QACpB,GAAG,EAAE;YACH,EAAE,EAAE,UAAU,QAAQ,EAAE;YACxB,EAAE,EAAE,MAAM;SACX;KACF,CAAC,CACH,CAAC;IAEF,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;QACjB,OAAO;YACL,UAAU,EAAE,GAAG;YACf,OAAO,EAAE,YAAY;YACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,OAAO,EAAE,kBAAkB,EAAE,CAAC;SAC1E,CAAC;IACJ,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC;IAE3B,0BAA0B;IAC1B,IAAI,MAAM,CAAC,sBAAsB,CAAC,KAAK,WAAW,EAAE,CAAC;QACnD,OAAO;YACL,UAAU,EAAE,GAAG;YACf,OAAO,EAAE,YAAY;YACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,OAAO,EAAE,sCAAsC,EAAE,CAAC;SAC9F,CAAC;IACJ,CAAC;IAED,+BAA+B;IAC/B,IAAI,MAAM,CAAC,QAAQ,CAAC,KAAK,UAAU,EAAE,CAAC;QACpC,OAAO;YACL,UAAU,EAAE,GAAG;YACf,OAAO,EAAE,YAAY;YACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,MAAM,EAAE,kBAAkB;gBAC1B,gBAAgB,EAAE,MAAM,CAAC,kBAAkB,CAAC;gBAC5C,eAAe,EAAE,MAAM,CAAC,iBAAiB,CAAC;aAC3C,CAAC;SACH,CAAC;IACJ,CAAC;IAED,0BAA0B;IAC1B,IAAI,MAAM,CAAC,QAAQ,CAAC,KAAK,SAAS,EAAE,CAAC;QACnC,OAAO;YACL,UAAU,EAAE,GAAG;YACf,OAAO,EAAE,YAAY;YACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,UAAU,EAAE,OAAO,EAAE,aAAa,MAAM,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;SACtF,CAAC;IACJ,CAAC;IAED,oBAAoB;IACpB,IAAI,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,CAAW,CAAC,GAAG,IAAI,IAAI,EAAE,EAAE,CAAC;QACzD,OAAO;YACL,UAAU,EAAE,GAAG;YACf,OAAO,EAAE,YAAY;YACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,OAAO,EAAE,oBAAoB,EAAE,CAAC;SAC1E,CAAC;IACJ,CAAC;IAED,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;IACvB,MAAM,UAAU,GAAG,GAAG,CAAC,WAAW,EAAE,CAAC;IACrC,kDAAkD;IAClD,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,GAAG,yBAAyB,CAAC;IAEhF,MAAM,GAAG,CAAC,IAAI,CACZ,IAAI,4BAAa,CAAC;QAChB,SAAS,EAAE,SAAS;QACpB,GAAG,EAAE;YACH,EAAE,EAAE,UAAU,QAAQ,EAAE;YACxB,EAAE,EAAE,MAAM;SACX;QACD,gBAAgB,EAAE,gEAAgE;QAClF,wBAAwB,EAAE;YACxB,SAAS,EAAE,QAAQ;YACnB,MAAM,EAAE,KAAK;SACd;QACD,yBAAyB,EAAE;YACzB,WAAW,EAAE,UAAU;YACvB,aAAa,EAAE,UAAU;YACzB,MAAM,EAAE,UAAU;SACnB;KACF,CAAC,CACH,CAAC;IAEF,MAAM,IAAA,wBAAa,EAAC,GAAG,EAAE,SAAS,EAAE,QAAQ,EAAE;QAC5C,SAAS,EAAE,iBAAwB;QACnC,WAAW;QACX,QAAQ,EAAE;YACR,QAAQ;YACR,eAAe,EAAE,MAAM,CAAC,iBAAiB,CAAC;SAC3C;KACF,CAAC,CAAC;IAEH,kBAAM,CAAC,IAAI,CAAC,iBAAiB,EAAE,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC,CAAC;IAEvD,OAAO;QACL,UAAU,EAAE,GAAG;QACf,OAAO,EAAE,YAAY;QACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;YACnB,MAAM,EAAE,UAAU;YAClB,gBAAgB,EAAE,MAAM,CAAC,kBAAkB,CAAC;YAC5C,eAAe,EAAE,MAAM,CAAC,iBAAiB,CAAC;SAC3C,CAAC;KACH,CAAC;AACJ,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,mBAAmB,CACvC,QAAgB,EAChB,WAAmB,EACnB,QAAgB,EAChB,IAA+B,EAC/B,GAA2B,EAC3B,SAAiB;IAEjB,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,IAAI,CAC3B,IAAI,yBAAU,CAAC;QACb,SAAS,EAAE,SAAS;QACpB,GAAG,EAAE;YACH,EAAE,EAAE,UAAU,QAAQ,EAAE;YACxB,EAAE,EAAE,MAAM;SACX;KACF,CAAC,CACH,CAAC;IAEF,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;QACjB,OAAO;YACL,UAAU,EAAE,GAAG;YACf,OAAO,EAAE,YAAY;YACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,OAAO,EAAE,kBAAkB,EAAE,CAAC;SAC1E,CAAC;IACJ,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC;IAE3B,0BAA0B;IAC1B,IAAI,MAAM,CAAC,sBAAsB,CAAC,KAAK,WAAW,EAAE,CAAC;QACnD,OAAO;YACL,UAAU,EAAE,GAAG;YACf,OAAO,EAAE,YAAY;YACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,OAAO,EAAE,uCAAuC,EAAE,CAAC;SAC/F,CAAC;IACJ,CAAC;IAED,0BAA0B;IAC1B,IAAI,MAAM,CAAC,QAAQ,CAAC,KAAK,SAAS,EAAE,CAAC;QACnC,OAAO;YACL,UAAU,EAAE,GAAG;YACf,OAAO,EAAE,YAAY;YACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,UAAU,EAAE,OAAO,EAAE,qBAAqB,MAAM,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;SAC9F,CAAC;IACJ,CAAC;IAED,MAAM,GAAG,CAAC,IAAI,CACZ,IAAI,4BAAa,CAAC;QAChB,SAAS,EAAE,SAAS;QACpB,GAAG,EAAE;YACH,EAAE,EAAE,UAAU,QAAQ,EAAE;YACxB,EAAE,EAAE,MAAM;SACX;QACD,gBAAgB,EAAE,mDAAmD;QACrE,wBAAwB,EAAE;YACxB,SAAS,EAAE,QAAQ;SACpB;QACD,yBAAyB,EAAE;YACzB,WAAW,EAAE,UAAU;YACvB,aAAa,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACxC;KACF,CAAC,CACH,CAAC;IAEF,wBAAwB;IACxB,IAAI,MAAM,GAAoD,EAAE,CAAC;IACjE,IAAI,IAAI,EAAE,CAAC;QACT,IAAI,CAAC;YACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC5B,CAAC;QAAC,MAAM,CAAC;YACP,6DAA6D;QAC/D,CAAC;IACH,CAAC;IAED,IAAI,MAAM,CAAC,KAAK,IAAI,MAAM,CAAC,iBAAiB,EAAE,CAAC;QAC7C,MAAM,GAAG,CAAC,IAAI,CACZ,IAAI,yBAAU,CAAC;YACb,SAAS,EAAE,SAAS;YACpB,IAAI,EAAE;gBACJ,EAAE,EAAE,UAAU,QAAQ,EAAE;gBACxB,EAAE,EAAE,SAAS,MAAM,CAAC,iBAAiB,EAAE;gBACvC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;aACpC;SACF,CAAC,CACH,CAAC;QACF,kBAAM,CAAC,IAAI,CAAC,gBAAgB,EAAE,EAAE,QAAQ,EAAE,iBAAiB,EAAE,MAAM,CAAC,iBAAiB,EAAE,CAAC,CAAC;IAC3F,CAAC;IAED,MAAM,IAAA,wBAAa,EAAC,GAAG,EAAE,SAAS,EAAE,QAAQ,EAAE;QAC5C,SAAS,EAAE,iBAAwB;QACnC,WAAW;QACX,QAAQ,EAAE;YACR,QAAQ;YACR,OAAO,EAAE,MAAM,CAAC,KAAK,IAAI,KAAK;SAC/B;KACF,CAAC,CAAC;IAEH,kBAAM,CAAC,IAAI,CAAC,iBAAiB,EAAE,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC,CAAC;IAEvD,OAAO;QACL,UAAU,EAAE,GAAG;QACf,OAAO,EAAE,YAAY;QACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC;KAC7C,CAAC;AACJ,CAAC"}