@dotsetlabs/tollgate 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +21 -0
- package/README.md +885 -0
- package/dist/analyzers/filesystem.d.ts +26 -0
- package/dist/analyzers/filesystem.d.ts.map +1 -0
- package/dist/analyzers/filesystem.js +284 -0
- package/dist/analyzers/filesystem.js.map +1 -0
- package/dist/analyzers/http.d.ts +90 -0
- package/dist/analyzers/http.d.ts.map +1 -0
- package/dist/analyzers/http.js +433 -0
- package/dist/analyzers/http.js.map +1 -0
- package/dist/analyzers/index.d.ts +101 -0
- package/dist/analyzers/index.d.ts.map +1 -0
- package/dist/analyzers/index.js +342 -0
- package/dist/analyzers/index.js.map +1 -0
- package/dist/analyzers/loader.d.ts +114 -0
- package/dist/analyzers/loader.d.ts.map +1 -0
- package/dist/analyzers/loader.js +184 -0
- package/dist/analyzers/loader.js.map +1 -0
- package/dist/analyzers/prompt-injection.d.ts +95 -0
- package/dist/analyzers/prompt-injection.d.ts.map +1 -0
- package/dist/analyzers/prompt-injection.js +725 -0
- package/dist/analyzers/prompt-injection.js.map +1 -0
- package/dist/analyzers/sdk.d.ts +230 -0
- package/dist/analyzers/sdk.d.ts.map +1 -0
- package/dist/analyzers/sdk.js +283 -0
- package/dist/analyzers/sdk.js.map +1 -0
- package/dist/analyzers/shell.d.ts +20 -0
- package/dist/analyzers/shell.d.ts.map +1 -0
- package/dist/analyzers/shell.js +297 -0
- package/dist/analyzers/shell.js.map +1 -0
- package/dist/analyzers/sql.d.ts +37 -0
- package/dist/analyzers/sql.d.ts.map +1 -0
- package/dist/analyzers/sql.js +455 -0
- package/dist/analyzers/sql.js.map +1 -0
- package/dist/analyzers/types.d.ts +117 -0
- package/dist/analyzers/types.d.ts.map +1 -0
- package/dist/analyzers/types.js +46 -0
- package/dist/analyzers/types.js.map +1 -0
- package/dist/approval/interactive.d.ts +72 -0
- package/dist/approval/interactive.d.ts.map +1 -0
- package/dist/approval/interactive.js +550 -0
- package/dist/approval/interactive.js.map +1 -0
- package/dist/approval/terminal.d.ts +59 -0
- package/dist/approval/terminal.d.ts.map +1 -0
- package/dist/approval/terminal.js +238 -0
- package/dist/approval/terminal.js.map +1 -0
- package/dist/approval/types.d.ts +66 -0
- package/dist/approval/types.d.ts.map +1 -0
- package/dist/approval/types.js +2 -0
- package/dist/approval/types.js.map +1 -0
- package/dist/audit/exporter.d.ts +138 -0
- package/dist/audit/exporter.d.ts.map +1 -0
- package/dist/audit/exporter.js +366 -0
- package/dist/audit/exporter.js.map +1 -0
- package/dist/audit/logger.d.ts +156 -0
- package/dist/audit/logger.d.ts.map +1 -0
- package/dist/audit/logger.js +406 -0
- package/dist/audit/logger.js.map +1 -0
- package/dist/audit/redaction.d.ts +110 -0
- package/dist/audit/redaction.d.ts.map +1 -0
- package/dist/audit/redaction.js +307 -0
- package/dist/audit/redaction.js.map +1 -0
- package/dist/audit/schema.d.ts +76 -0
- package/dist/audit/schema.d.ts.map +1 -0
- package/dist/audit/schema.js +122 -0
- package/dist/audit/schema.js.map +1 -0
- package/dist/cli/commands/doctor.d.ts +34 -0
- package/dist/cli/commands/doctor.d.ts.map +1 -0
- package/dist/cli/commands/doctor.js +431 -0
- package/dist/cli/commands/doctor.js.map +1 -0
- package/dist/cli/commands/export.d.ts +18 -0
- package/dist/cli/commands/export.d.ts.map +1 -0
- package/dist/cli/commands/export.js +63 -0
- package/dist/cli/commands/export.js.map +1 -0
- package/dist/cli/commands/init.d.ts +12 -0
- package/dist/cli/commands/init.d.ts.map +1 -0
- package/dist/cli/commands/init.js +102 -0
- package/dist/cli/commands/init.js.map +1 -0
- package/dist/cli/commands/logs.d.ts +11 -0
- package/dist/cli/commands/logs.d.ts.map +1 -0
- package/dist/cli/commands/logs.js +60 -0
- package/dist/cli/commands/logs.js.map +1 -0
- package/dist/cli/commands/scan.d.ts +29 -0
- package/dist/cli/commands/scan.d.ts.map +1 -0
- package/dist/cli/commands/scan.js +251 -0
- package/dist/cli/commands/scan.js.map +1 -0
- package/dist/cli/commands/serve.d.ts +26 -0
- package/dist/cli/commands/serve.d.ts.map +1 -0
- package/dist/cli/commands/serve.js +424 -0
- package/dist/cli/commands/serve.js.map +1 -0
- package/dist/cli/commands/start.d.ts +20 -0
- package/dist/cli/commands/start.d.ts.map +1 -0
- package/dist/cli/commands/start.js +82 -0
- package/dist/cli/commands/start.js.map +1 -0
- package/dist/cli/commands/stats.d.ts +10 -0
- package/dist/cli/commands/stats.d.ts.map +1 -0
- package/dist/cli/commands/stats.js +42 -0
- package/dist/cli/commands/stats.js.map +1 -0
- package/dist/cli/commands/templates.d.ts +26 -0
- package/dist/cli/commands/templates.d.ts.map +1 -0
- package/dist/cli/commands/templates.js +221 -0
- package/dist/cli/commands/templates.js.map +1 -0
- package/dist/cli/commands/validate.d.ts +12 -0
- package/dist/cli/commands/validate.d.ts.map +1 -0
- package/dist/cli/commands/validate.js +107 -0
- package/dist/cli/commands/validate.js.map +1 -0
- package/dist/cli/commands/wrap.d.ts +19 -0
- package/dist/cli/commands/wrap.d.ts.map +1 -0
- package/dist/cli/commands/wrap.js +59 -0
- package/dist/cli/commands/wrap.js.map +1 -0
- package/dist/cli/index.d.ts +17 -0
- package/dist/cli/index.d.ts.map +1 -0
- package/dist/cli/index.js +202 -0
- package/dist/cli/index.js.map +1 -0
- package/dist/cli/ui.d.ts +139 -0
- package/dist/cli/ui.d.ts.map +1 -0
- package/dist/cli/ui.js +271 -0
- package/dist/cli/ui.js.map +1 -0
- package/dist/constants.d.ts +33 -0
- package/dist/constants.d.ts.map +1 -0
- package/dist/constants.js +54 -0
- package/dist/constants.js.map +1 -0
- package/dist/errors.d.ts +28 -0
- package/dist/errors.d.ts.map +1 -0
- package/dist/errors.js +37 -0
- package/dist/errors.js.map +1 -0
- package/dist/index.d.ts +49 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +82 -0
- package/dist/index.js.map +1 -0
- package/dist/orchestrator/index.d.ts +11 -0
- package/dist/orchestrator/index.d.ts.map +1 -0
- package/dist/orchestrator/index.js +10 -0
- package/dist/orchestrator/index.js.map +1 -0
- package/dist/orchestrator/manager.d.ts +127 -0
- package/dist/orchestrator/manager.d.ts.map +1 -0
- package/dist/orchestrator/manager.js +498 -0
- package/dist/orchestrator/manager.js.map +1 -0
- package/dist/orchestrator/types.d.ts +141 -0
- package/dist/orchestrator/types.d.ts.map +1 -0
- package/dist/orchestrator/types.js +9 -0
- package/dist/orchestrator/types.js.map +1 -0
- package/dist/policy/engine.d.ts +55 -0
- package/dist/policy/engine.d.ts.map +1 -0
- package/dist/policy/engine.js +288 -0
- package/dist/policy/engine.js.map +1 -0
- package/dist/policy/natural-language.d.ts +141 -0
- package/dist/policy/natural-language.d.ts.map +1 -0
- package/dist/policy/natural-language.js +552 -0
- package/dist/policy/natural-language.js.map +1 -0
- package/dist/policy/parser.d.ts +141 -0
- package/dist/policy/parser.d.ts.map +1 -0
- package/dist/policy/parser.js +314 -0
- package/dist/policy/parser.js.map +1 -0
- package/dist/policy/types.d.ts +428 -0
- package/dist/policy/types.d.ts.map +1 -0
- package/dist/policy/types.js +32 -0
- package/dist/policy/types.js.map +1 -0
- package/dist/policy/validator.d.ts +72 -0
- package/dist/policy/validator.d.ts.map +1 -0
- package/dist/policy/validator.js +453 -0
- package/dist/policy/validator.js.map +1 -0
- package/dist/proxy/bridge.d.ts +84 -0
- package/dist/proxy/bridge.d.ts.map +1 -0
- package/dist/proxy/bridge.js +217 -0
- package/dist/proxy/bridge.js.map +1 -0
- package/dist/proxy/client.d.ts +130 -0
- package/dist/proxy/client.d.ts.map +1 -0
- package/dist/proxy/client.js +290 -0
- package/dist/proxy/client.js.map +1 -0
- package/dist/proxy/server.d.ts +111 -0
- package/dist/proxy/server.d.ts.map +1 -0
- package/dist/proxy/server.js +444 -0
- package/dist/proxy/server.js.map +1 -0
- package/dist/scanner.d.ts +91 -0
- package/dist/scanner.d.ts.map +1 -0
- package/dist/scanner.js +373 -0
- package/dist/scanner.js.map +1 -0
- package/dist/session/index.d.ts +32 -0
- package/dist/session/index.d.ts.map +1 -0
- package/dist/session/index.js +31 -0
- package/dist/session/index.js.map +1 -0
- package/dist/session/manager.d.ts +166 -0
- package/dist/session/manager.d.ts.map +1 -0
- package/dist/session/manager.js +454 -0
- package/dist/session/manager.js.map +1 -0
- package/dist/session/sqlite-store.d.ts +54 -0
- package/dist/session/sqlite-store.d.ts.map +1 -0
- package/dist/session/sqlite-store.js +209 -0
- package/dist/session/sqlite-store.js.map +1 -0
- package/dist/session/types.d.ts +179 -0
- package/dist/session/types.d.ts.map +1 -0
- package/dist/session/types.js +38 -0
- package/dist/session/types.js.map +1 -0
- package/dist/templates.d.ts +64 -0
- package/dist/templates.d.ts.map +1 -0
- package/dist/templates.js +451 -0
- package/dist/templates.js.map +1 -0
- package/dist/utils/config.d.ts +57 -0
- package/dist/utils/config.d.ts.map +1 -0
- package/dist/utils/config.js +104 -0
- package/dist/utils/config.js.map +1 -0
- package/dist/utils/errors.d.ts +18 -0
- package/dist/utils/errors.d.ts.map +1 -0
- package/dist/utils/errors.js +35 -0
- package/dist/utils/errors.js.map +1 -0
- package/dist/utils/logger.d.ts +144 -0
- package/dist/utils/logger.d.ts.map +1 -0
- package/dist/utils/logger.js +300 -0
- package/dist/utils/logger.js.map +1 -0
- package/dist/wizard.d.ts +68 -0
- package/dist/wizard.d.ts.map +1 -0
- package/dist/wizard.js +395 -0
- package/dist/wizard.js.map +1 -0
- package/package.json +99 -0
|
@@ -0,0 +1,141 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Configuration Parser for Tollgate
|
|
3
|
+
*
|
|
4
|
+
* This module handles parsing and validation of Tollgate configuration.
|
|
5
|
+
* It validates the structure and values of tollgate.yaml files, normalizes
|
|
6
|
+
* shorthand policy syntax, and resolves environment variables.
|
|
7
|
+
*
|
|
8
|
+
* @example
|
|
9
|
+
* ```typescript
|
|
10
|
+
* import { validateConfig, normalizeToolPolicy, getServerConfig } from './parser.js';
|
|
11
|
+
*
|
|
12
|
+
* // Validate a loaded configuration
|
|
13
|
+
* validateConfig(config); // Throws PolicyError if invalid
|
|
14
|
+
*
|
|
15
|
+
* // Normalize shorthand policy syntax
|
|
16
|
+
* const policy = normalizeToolPolicy('allow'); // { action: 'allow' }
|
|
17
|
+
*
|
|
18
|
+
* // Get a specific server configuration
|
|
19
|
+
* const serverConfig = getServerConfig(config, 'postgres');
|
|
20
|
+
* ```
|
|
21
|
+
*
|
|
22
|
+
* @module policy/parser
|
|
23
|
+
*/
|
|
24
|
+
import type { TollgateConfig, ServerConfig, ToolPolicy, PolicyAction } from './types.js';
|
|
25
|
+
import { type ParsedPolicy } from './natural-language.js';
|
|
26
|
+
/**
|
|
27
|
+
* Validates a Tollgate configuration object.
|
|
28
|
+
*
|
|
29
|
+
* Performs comprehensive validation including:
|
|
30
|
+
* - Schema version check
|
|
31
|
+
* - Default action validation
|
|
32
|
+
* - Server configuration validation
|
|
33
|
+
* - Tool policy validation
|
|
34
|
+
*
|
|
35
|
+
* @param config - The configuration object to validate
|
|
36
|
+
* @throws {PolicyError} If the configuration is invalid
|
|
37
|
+
*/
|
|
38
|
+
export declare function validateConfig(config: TollgateConfig): void;
|
|
39
|
+
/**
|
|
40
|
+
* Normalizes a tool policy to its full object form.
|
|
41
|
+
*
|
|
42
|
+
* Converts shorthand string actions (e.g., 'allow') to full policy objects.
|
|
43
|
+
*
|
|
44
|
+
* @param policy - Policy in shorthand or object form
|
|
45
|
+
* @returns Normalized ToolPolicy object
|
|
46
|
+
*
|
|
47
|
+
* @example
|
|
48
|
+
* ```typescript
|
|
49
|
+
* normalizeToolPolicy('allow')
|
|
50
|
+
* // Returns: { action: 'allow' }
|
|
51
|
+
*
|
|
52
|
+
* normalizeToolPolicy({ action: 'prompt', message: 'Confirm?' })
|
|
53
|
+
* // Returns: { action: 'prompt', message: 'Confirm?' }
|
|
54
|
+
* ```
|
|
55
|
+
*/
|
|
56
|
+
export declare function normalizeToolPolicy(policy: ToolPolicy | PolicyAction): ToolPolicy;
|
|
57
|
+
/**
|
|
58
|
+
* Resolves environment variables in server environment configuration.
|
|
59
|
+
*
|
|
60
|
+
* Expands `${VAR}` patterns using the current process environment.
|
|
61
|
+
*
|
|
62
|
+
* @param env - Environment variable mapping with possible placeholders
|
|
63
|
+
* @returns Resolved environment variables
|
|
64
|
+
*
|
|
65
|
+
* @example
|
|
66
|
+
* ```typescript
|
|
67
|
+
* resolveServerEnv({ DATABASE_URL: '${DATABASE_URL}' })
|
|
68
|
+
* // Returns: { DATABASE_URL: 'postgres://...' }
|
|
69
|
+
* ```
|
|
70
|
+
*/
|
|
71
|
+
export declare function resolveServerEnv(env: Record<string, string> | undefined): Record<string, string>;
|
|
72
|
+
/**
|
|
73
|
+
* Retrieves the configuration for a specific server.
|
|
74
|
+
*
|
|
75
|
+
* @param config - Root Tollgate configuration
|
|
76
|
+
* @param serverName - Name of the server to retrieve
|
|
77
|
+
* @returns Server configuration or undefined if not found
|
|
78
|
+
*/
|
|
79
|
+
export declare function getServerConfig(config: TollgateConfig, serverName: string): ServerConfig | undefined;
|
|
80
|
+
/**
|
|
81
|
+
* Result of processing natural language policies.
|
|
82
|
+
*/
|
|
83
|
+
export interface NaturalPolicyResult {
|
|
84
|
+
/** Number of policies successfully parsed */
|
|
85
|
+
successful: number;
|
|
86
|
+
/** Number of policies that failed to parse */
|
|
87
|
+
failed: number;
|
|
88
|
+
/** Details of failed policies */
|
|
89
|
+
errors: Array<{
|
|
90
|
+
input: string;
|
|
91
|
+
error: string;
|
|
92
|
+
}>;
|
|
93
|
+
/** The parsed policies */
|
|
94
|
+
parsed: ParsedPolicy[];
|
|
95
|
+
}
|
|
96
|
+
/**
|
|
97
|
+
* Process natural language policies and merge them into the configuration.
|
|
98
|
+
*
|
|
99
|
+
* This function parses natural language policy statements from the config's
|
|
100
|
+
* `policies` array and merges them into the server tool configurations.
|
|
101
|
+
*
|
|
102
|
+
* @param config - The Tollgate configuration to process
|
|
103
|
+
* @param options - Processing options
|
|
104
|
+
* @returns Result of the processing including any errors
|
|
105
|
+
*
|
|
106
|
+
* @example
|
|
107
|
+
* ```typescript
|
|
108
|
+
* const config: TollgateConfig = {
|
|
109
|
+
* version: '1',
|
|
110
|
+
* policies: [
|
|
111
|
+
* 'Allow read operations on postgres',
|
|
112
|
+
* 'Deny destructive queries on any database'
|
|
113
|
+
* ],
|
|
114
|
+
* servers: {
|
|
115
|
+
* postgres: { command: 'npx', args: ['-y', '@modelcontextprotocol/server-postgres'] }
|
|
116
|
+
* }
|
|
117
|
+
* };
|
|
118
|
+
*
|
|
119
|
+
* const result = processNaturalPolicies(config);
|
|
120
|
+
* // config.servers.postgres.tools is now populated with parsed policies
|
|
121
|
+
* ```
|
|
122
|
+
*/
|
|
123
|
+
export declare function processNaturalPolicies(config: TollgateConfig, options?: {
|
|
124
|
+
throwOnError?: boolean;
|
|
125
|
+
logger?: (msg: string) => void;
|
|
126
|
+
}): NaturalPolicyResult;
|
|
127
|
+
/**
|
|
128
|
+
* Validate natural language policies without processing them.
|
|
129
|
+
*
|
|
130
|
+
* @param policies - Array of natural language policy statements
|
|
131
|
+
* @returns Validation result with details of any invalid policies
|
|
132
|
+
*/
|
|
133
|
+
export declare function validateNaturalPolicies(policies: string[]): {
|
|
134
|
+
valid: boolean;
|
|
135
|
+
errors: Array<{
|
|
136
|
+
input: string;
|
|
137
|
+
error: string;
|
|
138
|
+
suggestions?: string[];
|
|
139
|
+
}>;
|
|
140
|
+
};
|
|
141
|
+
//# sourceMappingURL=parser.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"parser.d.ts","sourceRoot":"","sources":["../../src/policy/parser.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;GAsBG;AAEH,OAAO,KAAK,EACV,cAAc,EACd,YAAY,EACZ,UAAU,EACV,YAAY,EACb,MAAM,YAAY,CAAC;AAEpB,OAAO,EAA0C,KAAK,YAAY,EAAE,MAAM,uBAAuB,CAAC;AAclG;;;;;;;;;;;GAWG;AACH,wBAAgB,cAAc,CAAC,MAAM,EAAE,cAAc,GAAG,IAAI,CAsB3D;AAgDD;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,mBAAmB,CACjC,MAAM,EAAE,UAAU,GAAG,YAAY,GAChC,UAAU,CAKZ;AAED;;;;;;;;;;;;;GAaG;AACH,wBAAgB,gBAAgB,CAC9B,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,SAAS,GACtC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAQxB;AAMD;;;;;;GAMG;AACH,wBAAgB,eAAe,CAC7B,MAAM,EAAE,cAAc,EACtB,UAAU,EAAE,MAAM,GACjB,YAAY,GAAG,SAAS,CAE1B;AAMD;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,6CAA6C;IAC7C,UAAU,EAAE,MAAM,CAAC;IACnB,8CAA8C;IAC9C,MAAM,EAAE,MAAM,CAAC;IACf,iCAAiC;IACjC,MAAM,EAAE,KAAK,CAAC;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAChD,0BAA0B;IAC1B,MAAM,EAAE,YAAY,EAAE,CAAC;CACxB;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AACH,wBAAgB,sBAAsB,CACpC,MAAM,EAAE,cAAc,EACtB,OAAO,GAAE;IAAE,YAAY,CAAC,EAAE,OAAO,CAAC;IAAC,MAAM,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,IAAI,CAAA;CAAO,GACvE,mBAAmB,CAyFrB;AAiCD;;;;;GAKG;AACH,wBAAgB,uBAAuB,CAAC,QAAQ,EAAE,MAAM,EAAE,GAAG;IAC3D,KAAK,EAAE,OAAO,CAAC;IACf,MAAM,EAAE,KAAK,CAAC;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAC;QAAC,WAAW,CAAC,EAAE,MAAM,EAAE,CAAA;KAAE,CAAC,CAAC;CACzE,CAsBA"}
|
|
@@ -0,0 +1,314 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Configuration Parser for Tollgate
|
|
3
|
+
*
|
|
4
|
+
* This module handles parsing and validation of Tollgate configuration.
|
|
5
|
+
* It validates the structure and values of tollgate.yaml files, normalizes
|
|
6
|
+
* shorthand policy syntax, and resolves environment variables.
|
|
7
|
+
*
|
|
8
|
+
* @example
|
|
9
|
+
* ```typescript
|
|
10
|
+
* import { validateConfig, normalizeToolPolicy, getServerConfig } from './parser.js';
|
|
11
|
+
*
|
|
12
|
+
* // Validate a loaded configuration
|
|
13
|
+
* validateConfig(config); // Throws PolicyError if invalid
|
|
14
|
+
*
|
|
15
|
+
* // Normalize shorthand policy syntax
|
|
16
|
+
* const policy = normalizeToolPolicy('allow'); // { action: 'allow' }
|
|
17
|
+
*
|
|
18
|
+
* // Get a specific server configuration
|
|
19
|
+
* const serverConfig = getServerConfig(config, 'postgres');
|
|
20
|
+
* ```
|
|
21
|
+
*
|
|
22
|
+
* @module policy/parser
|
|
23
|
+
*/
|
|
24
|
+
import { PolicyError } from '../utils/errors.js';
|
|
25
|
+
import { parseNaturalPolicies, policiesToConfig } from './natural-language.js';
|
|
26
|
+
import { expandEnvVars } from '../utils/config.js';
|
|
27
|
+
// ============================================================================
|
|
28
|
+
// Constants
|
|
29
|
+
// ============================================================================
|
|
30
|
+
/** Valid policy actions */
|
|
31
|
+
const VALID_ACTIONS = ['allow', 'deny', 'prompt', 'smart'];
|
|
32
|
+
// ============================================================================
|
|
33
|
+
// Validation Functions
|
|
34
|
+
// ============================================================================
|
|
35
|
+
/**
|
|
36
|
+
* Validates a Tollgate configuration object.
|
|
37
|
+
*
|
|
38
|
+
* Performs comprehensive validation including:
|
|
39
|
+
* - Schema version check
|
|
40
|
+
* - Default action validation
|
|
41
|
+
* - Server configuration validation
|
|
42
|
+
* - Tool policy validation
|
|
43
|
+
*
|
|
44
|
+
* @param config - The configuration object to validate
|
|
45
|
+
* @throws {PolicyError} If the configuration is invalid
|
|
46
|
+
*/
|
|
47
|
+
export function validateConfig(config) {
|
|
48
|
+
if (!config.version) {
|
|
49
|
+
throw new PolicyError('Config must specify a version');
|
|
50
|
+
}
|
|
51
|
+
if (config.version !== '1') {
|
|
52
|
+
throw new PolicyError(`Unsupported config version: ${config.version}`, {
|
|
53
|
+
supportedVersions: ['1'],
|
|
54
|
+
});
|
|
55
|
+
}
|
|
56
|
+
if (config.defaults?.action && !VALID_ACTIONS.includes(config.defaults.action)) {
|
|
57
|
+
throw new PolicyError(`Invalid default action: ${config.defaults.action}`, {
|
|
58
|
+
validActions: VALID_ACTIONS,
|
|
59
|
+
});
|
|
60
|
+
}
|
|
61
|
+
if (config.servers) {
|
|
62
|
+
for (const [name, server] of Object.entries(config.servers)) {
|
|
63
|
+
validateServerConfig(name, server);
|
|
64
|
+
}
|
|
65
|
+
}
|
|
66
|
+
}
|
|
67
|
+
/**
|
|
68
|
+
* Validates a server configuration.
|
|
69
|
+
*
|
|
70
|
+
* @param name - Server name for error messages
|
|
71
|
+
* @param config - Server configuration to validate
|
|
72
|
+
* @throws {PolicyError} If the server configuration is invalid
|
|
73
|
+
*/
|
|
74
|
+
function validateServerConfig(name, config) {
|
|
75
|
+
if (!config.command) {
|
|
76
|
+
throw new PolicyError(`Server "${name}" must specify a command`);
|
|
77
|
+
}
|
|
78
|
+
if (config.tools) {
|
|
79
|
+
for (const [pattern, policy] of Object.entries(config.tools)) {
|
|
80
|
+
validateToolPolicy(name, pattern, policy);
|
|
81
|
+
}
|
|
82
|
+
}
|
|
83
|
+
}
|
|
84
|
+
/**
|
|
85
|
+
* Validates a tool policy.
|
|
86
|
+
*
|
|
87
|
+
* @param serverName - Server name for error messages
|
|
88
|
+
* @param pattern - Tool pattern or name
|
|
89
|
+
* @param policy - Policy to validate
|
|
90
|
+
* @throws {PolicyError} If the policy contains an invalid action
|
|
91
|
+
*/
|
|
92
|
+
function validateToolPolicy(serverName, pattern, policy) {
|
|
93
|
+
const action = typeof policy === 'string' ? policy : policy.action;
|
|
94
|
+
if (!VALID_ACTIONS.includes(action)) {
|
|
95
|
+
throw new PolicyError(`Invalid action "${action}" for tool "${pattern}" in server "${serverName}"`, { validActions: VALID_ACTIONS });
|
|
96
|
+
}
|
|
97
|
+
}
|
|
98
|
+
// ============================================================================
|
|
99
|
+
// Normalization Functions
|
|
100
|
+
// ============================================================================
|
|
101
|
+
/**
|
|
102
|
+
* Normalizes a tool policy to its full object form.
|
|
103
|
+
*
|
|
104
|
+
* Converts shorthand string actions (e.g., 'allow') to full policy objects.
|
|
105
|
+
*
|
|
106
|
+
* @param policy - Policy in shorthand or object form
|
|
107
|
+
* @returns Normalized ToolPolicy object
|
|
108
|
+
*
|
|
109
|
+
* @example
|
|
110
|
+
* ```typescript
|
|
111
|
+
* normalizeToolPolicy('allow')
|
|
112
|
+
* // Returns: { action: 'allow' }
|
|
113
|
+
*
|
|
114
|
+
* normalizeToolPolicy({ action: 'prompt', message: 'Confirm?' })
|
|
115
|
+
* // Returns: { action: 'prompt', message: 'Confirm?' }
|
|
116
|
+
* ```
|
|
117
|
+
*/
|
|
118
|
+
export function normalizeToolPolicy(policy) {
|
|
119
|
+
if (typeof policy === 'string') {
|
|
120
|
+
return { action: policy };
|
|
121
|
+
}
|
|
122
|
+
return policy;
|
|
123
|
+
}
|
|
124
|
+
/**
|
|
125
|
+
* Resolves environment variables in server environment configuration.
|
|
126
|
+
*
|
|
127
|
+
* Expands `${VAR}` patterns using the current process environment.
|
|
128
|
+
*
|
|
129
|
+
* @param env - Environment variable mapping with possible placeholders
|
|
130
|
+
* @returns Resolved environment variables
|
|
131
|
+
*
|
|
132
|
+
* @example
|
|
133
|
+
* ```typescript
|
|
134
|
+
* resolveServerEnv({ DATABASE_URL: '${DATABASE_URL}' })
|
|
135
|
+
* // Returns: { DATABASE_URL: 'postgres://...' }
|
|
136
|
+
* ```
|
|
137
|
+
*/
|
|
138
|
+
export function resolveServerEnv(env) {
|
|
139
|
+
if (!env)
|
|
140
|
+
return {};
|
|
141
|
+
const resolved = {};
|
|
142
|
+
for (const [key, value] of Object.entries(env)) {
|
|
143
|
+
resolved[key] = expandEnvVars(value);
|
|
144
|
+
}
|
|
145
|
+
return resolved;
|
|
146
|
+
}
|
|
147
|
+
// ============================================================================
|
|
148
|
+
// Config Accessors
|
|
149
|
+
// ============================================================================
|
|
150
|
+
/**
|
|
151
|
+
* Retrieves the configuration for a specific server.
|
|
152
|
+
*
|
|
153
|
+
* @param config - Root Tollgate configuration
|
|
154
|
+
* @param serverName - Name of the server to retrieve
|
|
155
|
+
* @returns Server configuration or undefined if not found
|
|
156
|
+
*/
|
|
157
|
+
export function getServerConfig(config, serverName) {
|
|
158
|
+
return config.servers?.[serverName];
|
|
159
|
+
}
|
|
160
|
+
/**
|
|
161
|
+
* Process natural language policies and merge them into the configuration.
|
|
162
|
+
*
|
|
163
|
+
* This function parses natural language policy statements from the config's
|
|
164
|
+
* `policies` array and merges them into the server tool configurations.
|
|
165
|
+
*
|
|
166
|
+
* @param config - The Tollgate configuration to process
|
|
167
|
+
* @param options - Processing options
|
|
168
|
+
* @returns Result of the processing including any errors
|
|
169
|
+
*
|
|
170
|
+
* @example
|
|
171
|
+
* ```typescript
|
|
172
|
+
* const config: TollgateConfig = {
|
|
173
|
+
* version: '1',
|
|
174
|
+
* policies: [
|
|
175
|
+
* 'Allow read operations on postgres',
|
|
176
|
+
* 'Deny destructive queries on any database'
|
|
177
|
+
* ],
|
|
178
|
+
* servers: {
|
|
179
|
+
* postgres: { command: 'npx', args: ['-y', '@modelcontextprotocol/server-postgres'] }
|
|
180
|
+
* }
|
|
181
|
+
* };
|
|
182
|
+
*
|
|
183
|
+
* const result = processNaturalPolicies(config);
|
|
184
|
+
* // config.servers.postgres.tools is now populated with parsed policies
|
|
185
|
+
* ```
|
|
186
|
+
*/
|
|
187
|
+
export function processNaturalPolicies(config, options = {}) {
|
|
188
|
+
const { throwOnError = false, logger } = options;
|
|
189
|
+
if (!config.policies || config.policies.length === 0) {
|
|
190
|
+
return { successful: 0, failed: 0, errors: [], parsed: [] };
|
|
191
|
+
}
|
|
192
|
+
// Parse all policies
|
|
193
|
+
const parsed = parseNaturalPolicies(config.policies);
|
|
194
|
+
// Collect errors
|
|
195
|
+
const errors = [];
|
|
196
|
+
for (const result of parsed) {
|
|
197
|
+
if (!result.success && result.error) {
|
|
198
|
+
errors.push({ input: result.input, error: result.error });
|
|
199
|
+
}
|
|
200
|
+
}
|
|
201
|
+
if (errors.length > 0 && throwOnError) {
|
|
202
|
+
throw new PolicyError(`Failed to parse ${errors.length} natural language policies:\n` +
|
|
203
|
+
errors.map(e => ` - "${e.input}": ${e.error}`).join('\n'));
|
|
204
|
+
}
|
|
205
|
+
// Convert to config structure
|
|
206
|
+
const policyConfig = policiesToConfig(parsed.filter(p => p.success));
|
|
207
|
+
// Merge into existing server configs
|
|
208
|
+
for (const [serverPattern, serverPolicies] of Object.entries(policyConfig)) {
|
|
209
|
+
// Find matching servers
|
|
210
|
+
const matchingServers = findMatchingServers(config, serverPattern);
|
|
211
|
+
// Warn if no servers match a specific (non-wildcard) pattern
|
|
212
|
+
if (matchingServers.length === 0 && serverPattern !== '*') {
|
|
213
|
+
logger?.(`Warning: Policy targets server "${serverPattern}" which is not configured`);
|
|
214
|
+
continue;
|
|
215
|
+
}
|
|
216
|
+
for (const serverName of matchingServers) {
|
|
217
|
+
if (!config.servers) {
|
|
218
|
+
config.servers = {};
|
|
219
|
+
}
|
|
220
|
+
if (!config.servers[serverName]) {
|
|
221
|
+
// This shouldn't happen since findMatchingServers only returns existing servers
|
|
222
|
+
continue;
|
|
223
|
+
}
|
|
224
|
+
// Merge tool policies
|
|
225
|
+
if (!config.servers[serverName].tools) {
|
|
226
|
+
config.servers[serverName].tools = {};
|
|
227
|
+
}
|
|
228
|
+
for (const [toolPattern, toolPolicy] of Object.entries(serverPolicies.tools)) {
|
|
229
|
+
const existing = config.servers[serverName].tools[toolPattern];
|
|
230
|
+
if (existing) {
|
|
231
|
+
// Merge with existing policy (NL policies take precedence for risks)
|
|
232
|
+
const normalized = normalizeToolPolicy(existing);
|
|
233
|
+
config.servers[serverName].tools[toolPattern] = {
|
|
234
|
+
...normalized,
|
|
235
|
+
...toolPolicy,
|
|
236
|
+
risks: toolPolicy.risks ? { ...normalized.risks, ...toolPolicy.risks } : normalized.risks,
|
|
237
|
+
};
|
|
238
|
+
}
|
|
239
|
+
else {
|
|
240
|
+
config.servers[serverName].tools[toolPattern] = toolPolicy;
|
|
241
|
+
}
|
|
242
|
+
}
|
|
243
|
+
}
|
|
244
|
+
}
|
|
245
|
+
const successful = parsed.filter(p => p.success).length;
|
|
246
|
+
const failed = parsed.filter(p => !p.success).length;
|
|
247
|
+
if (logger) {
|
|
248
|
+
if (successful > 0) {
|
|
249
|
+
logger(`Processed ${successful} natural language policies`);
|
|
250
|
+
}
|
|
251
|
+
if (failed > 0) {
|
|
252
|
+
logger(`Warning: ${failed} policies failed to parse`);
|
|
253
|
+
}
|
|
254
|
+
}
|
|
255
|
+
return {
|
|
256
|
+
successful,
|
|
257
|
+
failed,
|
|
258
|
+
errors,
|
|
259
|
+
parsed,
|
|
260
|
+
};
|
|
261
|
+
}
|
|
262
|
+
/**
|
|
263
|
+
* Find servers matching a pattern.
|
|
264
|
+
*
|
|
265
|
+
* @param config - The Tollgate configuration
|
|
266
|
+
* @param pattern - Server pattern (supports * for wildcard)
|
|
267
|
+
* @returns Array of matching server names
|
|
268
|
+
*/
|
|
269
|
+
function findMatchingServers(config, pattern) {
|
|
270
|
+
if (!config.servers)
|
|
271
|
+
return [];
|
|
272
|
+
const serverNames = Object.keys(config.servers);
|
|
273
|
+
// Exact match
|
|
274
|
+
if (!pattern.includes('*')) {
|
|
275
|
+
return serverNames.filter(name => name === pattern);
|
|
276
|
+
}
|
|
277
|
+
// Wildcard match
|
|
278
|
+
if (pattern === '*') {
|
|
279
|
+
return serverNames;
|
|
280
|
+
}
|
|
281
|
+
// Glob pattern
|
|
282
|
+
const regexPattern = pattern
|
|
283
|
+
.replace(/[.+^${}()|[\]\\]/g, '\\$&')
|
|
284
|
+
.replace(/\*/g, '.*');
|
|
285
|
+
const regex = new RegExp(`^${regexPattern}$`, 'i');
|
|
286
|
+
return serverNames.filter(name => regex.test(name));
|
|
287
|
+
}
|
|
288
|
+
/**
|
|
289
|
+
* Validate natural language policies without processing them.
|
|
290
|
+
*
|
|
291
|
+
* @param policies - Array of natural language policy statements
|
|
292
|
+
* @returns Validation result with details of any invalid policies
|
|
293
|
+
*/
|
|
294
|
+
export function validateNaturalPolicies(policies) {
|
|
295
|
+
if (!policies || policies.length === 0) {
|
|
296
|
+
return { valid: true, errors: [] };
|
|
297
|
+
}
|
|
298
|
+
const parsed = parseNaturalPolicies(policies);
|
|
299
|
+
const errors = [];
|
|
300
|
+
for (const result of parsed) {
|
|
301
|
+
if (!result.success && result.error) {
|
|
302
|
+
errors.push({
|
|
303
|
+
input: result.input,
|
|
304
|
+
error: result.error,
|
|
305
|
+
// Suggestions will be added by the caller if needed
|
|
306
|
+
});
|
|
307
|
+
}
|
|
308
|
+
}
|
|
309
|
+
return {
|
|
310
|
+
valid: errors.length === 0,
|
|
311
|
+
errors,
|
|
312
|
+
};
|
|
313
|
+
}
|
|
314
|
+
//# sourceMappingURL=parser.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"parser.js","sourceRoot":"","sources":["../../src/policy/parser.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;GAsBG;AAQH,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,oBAAoB,EAAE,gBAAgB,EAAqB,MAAM,uBAAuB,CAAC;AAClG,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AAEnD,+EAA+E;AAC/E,YAAY;AACZ,+EAA+E;AAE/E,2BAA2B;AAC3B,MAAM,aAAa,GAAmB,CAAC,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;AAE3E,+EAA+E;AAC/E,uBAAuB;AACvB,+EAA+E;AAE/E;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,cAAc,CAAC,MAAsB;IACnD,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;QACpB,MAAM,IAAI,WAAW,CAAC,+BAA+B,CAAC,CAAC;IACzD,CAAC;IAED,IAAI,MAAM,CAAC,OAAO,KAAK,GAAG,EAAE,CAAC;QAC3B,MAAM,IAAI,WAAW,CAAC,+BAA+B,MAAM,CAAC,OAAO,EAAE,EAAE;YACrE,iBAAiB,EAAE,CAAC,GAAG,CAAC;SACzB,CAAC,CAAC;IACL,CAAC;IAED,IAAI,MAAM,CAAC,QAAQ,EAAE,MAAM,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;QAC/E,MAAM,IAAI,WAAW,CAAC,2BAA2B,MAAM,CAAC,QAAQ,CAAC,MAAM,EAAE,EAAE;YACzE,YAAY,EAAE,aAAa;SAC5B,CAAC,CAAC;IACL,CAAC;IAED,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;QACnB,KAAK,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC;YAC5D,oBAAoB,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QACrC,CAAC;IACH,CAAC;AACH,CAAC;AAED;;;;;;GAMG;AACH,SAAS,oBAAoB,CAAC,IAAY,EAAE,MAAoB;IAC9D,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;QACpB,MAAM,IAAI,WAAW,CAAC,WAAW,IAAI,0BAA0B,CAAC,CAAC;IACnE,CAAC;IAED,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;QACjB,KAAK,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC;YAC7D,kBAAkB,CAAC,IAAI,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;QAC5C,CAAC;IACH,CAAC;AACH,CAAC;AAED;;;;;;;GAOG;AACH,SAAS,kBAAkB,CACzB,UAAkB,EAClB,OAAe,EACf,MAAiC;IAEjC,MAAM,MAAM,GAAG,OAAO,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC;IAEnE,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;QACpC,MAAM,IAAI,WAAW,CACnB,mBAAmB,MAAM,eAAe,OAAO,gBAAgB,UAAU,GAAG,EAC5E,EAAE,YAAY,EAAE,aAAa,EAAE,CAChC,CAAC;IACJ,CAAC;AACH,CAAC;AAED,+EAA+E;AAC/E,0BAA0B;AAC1B,+EAA+E;AAE/E;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,UAAU,mBAAmB,CACjC,MAAiC;IAEjC,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;QAC/B,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;IAC5B,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,UAAU,gBAAgB,CAC9B,GAAuC;IAEvC,IAAI,CAAC,GAAG;QAAE,OAAO,EAAE,CAAC;IAEpB,MAAM,QAAQ,GAA2B,EAAE,CAAC;IAC5C,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QAC/C,QAAQ,CAAC,GAAG,CAAC,GAAG,aAAa,CAAC,KAAK,CAAC,CAAC;IACvC,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,+EAA+E;AAC/E,mBAAmB;AACnB,+EAA+E;AAE/E;;;;;;GAMG;AACH,MAAM,UAAU,eAAe,CAC7B,MAAsB,EACtB,UAAkB;IAElB,OAAO,MAAM,CAAC,OAAO,EAAE,CAAC,UAAU,CAAC,CAAC;AACtC,CAAC;AAoBD;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AACH,MAAM,UAAU,sBAAsB,CACpC,MAAsB,EACtB,UAAsE,EAAE;IAExE,MAAM,EAAE,YAAY,GAAG,KAAK,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC;IAEjD,IAAI,CAAC,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACrD,OAAO,EAAE,UAAU,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC;IAC9D,CAAC;IAED,qBAAqB;IACrB,MAAM,MAAM,GAAG,oBAAoB,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IAErD,iBAAiB;IACjB,MAAM,MAAM,GAA4C,EAAE,CAAC;IAC3D,KAAK,MAAM,MAAM,IAAI,MAAM,EAAE,CAAC;QAC5B,IAAI,CAAC,MAAM,CAAC,OAAO,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;YACpC,MAAM,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC;QAC5D,CAAC;IACH,CAAC;IAED,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,IAAI,YAAY,EAAE,CAAC;QACtC,MAAM,IAAI,WAAW,CACnB,mBAAmB,MAAM,CAAC,MAAM,+BAA+B;YAC/D,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,QAAQ,CAAC,CAAC,KAAK,MAAM,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAC3D,CAAC;IACJ,CAAC;IAED,8BAA8B;IAC9B,MAAM,YAAY,GAAG,gBAAgB,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;IAErE,qCAAqC;IACrC,KAAK,MAAM,CAAC,aAAa,EAAE,cAAc,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,CAAC;QAC3E,wBAAwB;QACxB,MAAM,eAAe,GAAG,mBAAmB,CAAC,MAAM,EAAE,aAAa,CAAC,CAAC;QAEnE,6DAA6D;QAC7D,IAAI,eAAe,CAAC,MAAM,KAAK,CAAC,IAAI,aAAa,KAAK,GAAG,EAAE,CAAC;YAC1D,MAAM,EAAE,CAAC,mCAAmC,aAAa,2BAA2B,CAAC,CAAC;YACtF,SAAS;QACX,CAAC;QAED,KAAK,MAAM,UAAU,IAAI,eAAe,EAAE,CAAC;YACzC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;gBACpB,MAAM,CAAC,OAAO,GAAG,EAAE,CAAC;YACtB,CAAC;YAED,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,CAAC;gBAChC,gFAAgF;gBAChF,SAAS;YACX,CAAC;YAED,sBAAsB;YACtB,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,KAAK,EAAE,CAAC;gBACtC,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC;YACxC,CAAC;YAED,KAAK,MAAM,CAAC,WAAW,EAAE,UAAU,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,cAAc,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC7E,MAAM,QAAQ,GAAG,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,KAAM,CAAC,WAAW,CAAC,CAAC;gBAChE,IAAI,QAAQ,EAAE,CAAC;oBACb,qEAAqE;oBACrE,MAAM,UAAU,GAAG,mBAAmB,CAAC,QAAQ,CAAC,CAAC;oBACjD,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,KAAM,CAAC,WAAW,CAAC,GAAG;wBAC/C,GAAG,UAAU;wBACb,GAAG,UAAU;wBACb,KAAK,EAAE,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,GAAG,UAAU,CAAC,KAAK,EAAE,GAAG,UAAU,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,KAAK;qBAC1F,CAAC;gBACJ,CAAC;qBAAM,CAAC;oBACN,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,KAAM,CAAC,WAAW,CAAC,GAAG,UAAU,CAAC;gBAC9D,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC;IACxD,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC;IAErD,IAAI,MAAM,EAAE,CAAC;QACX,IAAI,UAAU,GAAG,CAAC,EAAE,CAAC;YACnB,MAAM,CAAC,aAAa,UAAU,4BAA4B,CAAC,CAAC;QAC9D,CAAC;QACD,IAAI,MAAM,GAAG,CAAC,EAAE,CAAC;YACf,MAAM,CAAC,YAAY,MAAM,2BAA2B,CAAC,CAAC;QACxD,CAAC;IACH,CAAC;IAED,OAAO;QACL,UAAU;QACV,MAAM;QACN,MAAM;QACN,MAAM;KACP,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,SAAS,mBAAmB,CAAC,MAAsB,EAAE,OAAe;IAClE,IAAI,CAAC,MAAM,CAAC,OAAO;QAAE,OAAO,EAAE,CAAC;IAE/B,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAEhD,cAAc;IACd,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QAC3B,OAAO,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,KAAK,OAAO,CAAC,CAAC;IACtD,CAAC;IAED,iBAAiB;IACjB,IAAI,OAAO,KAAK,GAAG,EAAE,CAAC;QACpB,OAAO,WAAW,CAAC;IACrB,CAAC;IAED,eAAe;IACf,MAAM,YAAY,GAAG,OAAO;SACzB,OAAO,CAAC,mBAAmB,EAAE,MAAM,CAAC;SACpC,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IACxB,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,IAAI,YAAY,GAAG,EAAE,GAAG,CAAC,CAAC;IAEnD,OAAO,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;AACtD,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,uBAAuB,CAAC,QAAkB;IAIxD,IAAI,CAAC,QAAQ,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvC,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC;IACrC,CAAC;IAED,MAAM,MAAM,GAAG,oBAAoB,CAAC,QAAQ,CAAC,CAAC;IAC9C,MAAM,MAAM,GAAoE,EAAE,CAAC;IAEnF,KAAK,MAAM,MAAM,IAAI,MAAM,EAAE,CAAC;QAC5B,IAAI,CAAC,MAAM,CAAC,OAAO,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;YACpC,MAAM,CAAC,IAAI,CAAC;gBACV,KAAK,EAAE,MAAM,CAAC,KAAK;gBACnB,KAAK,EAAE,MAAM,CAAC,KAAK;gBACnB,oDAAoD;aACrD,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO;QACL,KAAK,EAAE,MAAM,CAAC,MAAM,KAAK,CAAC;QAC1B,MAAM;KACP,CAAC;AACJ,CAAC"}
|