@edge-base/server 0.2.4 → 0.2.6

package/src/routes/room.ts

@@ -45,6 +45,26 @@ const roomConnectDiagnosticSchema = z.object({
   pendingCount: z.number().optional(),
   maxPending: z.number().optional(),
 });
+const roomSummarySchema = z.object({
+  namespace: z.string(),
+  roomId: z.string(),
+  metadata: z.record(z.string(), z.unknown()),
+  occupancy: z.object({
+    activeMembers: z.number(),
+    activeConnections: z.number(),
+  }),
+  updatedAt: z.string(),
+});
+const roomSummaryBatchBodySchema = z.object({
+  namespace: z.string().openapi({ description: 'Room namespace shared by the requested room IDs' }),
+  ids: z.array(z.string()).min(1).max(100).openapi({ description: 'Room IDs to summarize' }),
+});
+const roomSummaryCollectionSchema = z.object({
+  namespace: z.string(),
+  items: z.array(roomSummarySchema),
+  deniedIds: z.array(z.string()),
+  updatedAt: z.string(),
+});
 const roomRealtimeSessionDescriptionSchema = z.object({
   sdp: z.string().openapi({ description: 'WebRTC session description payload' }),
   type: z.enum(['offer', 'answer']).openapi({ description: 'Session description type' }),
@@ -157,6 +177,22 @@ function isRoomOperationPublic(
   return !!namespaceConfig.public[operation];
 }
 
+function warnRoomDevelopmentFallback(
+  namespace: string,
+  operation: 'metadata' | 'join' | 'action',
+): void {
+  const warningKey = `${namespace}:${operation}`;
+  if (roomFallbackWarnings.has(warningKey)) {
+    return;
+  }
+  roomFallbackWarnings.add(warningKey);
+  console.warn(
+    `[Room] ${warningKey} is allowed because release=false and no explicit room rule was found. `
+    + `This fallback is local-dev only. Add rooms.${namespace}.access.${operation} or set `
+    + `rooms.${namespace}.public.${operation}=true to make the behavior explicit.`,
+  );
+}
+
 function getRoomAuthContext(
   auth: {
     id?: string;
@@ -188,11 +224,11 @@ export async function proxyRoomDoRequest(
   const roomId = c.req.query('id');
 
   if (!namespace || !roomId) {
-    return c.json({ code: 400, message: 'namespace and id query parameters required' }, 400);
+    return c.json({ code: 400, message: "Missing required query parameters 'namespace' and 'id' for room requests." }, 400);
   }
 
   if (options?.requireAuth && !c.get('auth')) {
-    return c.json({ code: 401, message: 'Authentication required' }, 401);
+    return c.json({ code: 401, message: 'Authentication required. Sign in before trying to access this room.' }, 401);
   }
 
   const config = parseConfig(c.env);
@@ -433,6 +469,42 @@ const getRoomMetadata = createRoute({
   },
 });
 
+const getRoomSummary = createRoute({
+  operationId: 'getRoomSummary',
+  method: 'get',
+  path: '/summary',
+  tags: ['client'],
+  summary: 'Get room summary',
+  description: 'Returns lobby-safe room metadata plus current occupancy without joining the room.',
+  request: {
+    query: roomQuerySchema,
+  },
+  responses: {
+    200: { description: 'Room summary', content: { 'application/json': { schema: roomSummarySchema } } },
+    400: { description: 'Bad request', content: { 'application/json': { schema: errorResponseSchema } } },
+    403: { description: 'Forbidden', content: { 'application/json': { schema: errorResponseSchema } } },
+    404: { description: 'Not found', content: { 'application/json': { schema: errorResponseSchema } } },
+  },
+});
+
+const getRoomSummaries = createRoute({
+  operationId: 'getRoomSummaries',
+  method: 'post',
+  path: '/summaries',
+  tags: ['client'],
+  summary: 'Get summaries for multiple rooms',
+  description: 'Returns lobby-safe room metadata plus current occupancy for multiple room IDs in the same namespace.',
+  request: {
+    body: { content: { 'application/json': { schema: roomSummaryBatchBodySchema } }, required: true },
+  },
+  responses: {
+    200: { description: 'Room summaries', content: { 'application/json': { schema: roomSummaryCollectionSchema } } },
+    400: { description: 'Bad request', content: { 'application/json': { schema: errorResponseSchema } } },
+    403: { description: 'Forbidden', content: { 'application/json': { schema: errorResponseSchema } } },
+    404: { description: 'Room feature not configured', content: { 'application/json': { schema: errorResponseSchema } } },
+  },
+});
+
 roomRoute.openapi(getRoomMetadata, async (c) => {
   const namespace = c.req.query('namespace');
   const roomId = c.req.query('id');
@@ -459,11 +531,7 @@ roomRoute.openapi(getRoomMetadata, async (c) => {
       return c.json({ code: 403, message: 'Room metadata requires access.metadata or public.metadata in release mode' }, 403);
     }
     if (!config.release) {
-      const warningKey = `${namespace}:metadata`;
-      if (!roomFallbackWarnings.has(warningKey)) {
-        roomFallbackWarnings.add(warningKey);
-        console.warn(`[Room] ${warningKey} is using development-mode allow-by-default. Add rooms.${namespace}.access.metadata or public.metadata to make this explicit.`);
-      }
+      warnRoomDevelopmentFallback(namespace, 'metadata');
     }
   }
   if (metadataAccess) {
@@ -498,6 +566,146 @@ roomRoute.openapi(getRoomMetadata, async (c) => {
   return doStub.fetch(doRequest);
 });
 
+roomRoute.openapi(getRoomSummary, async (c) => {
+  const namespace = c.req.query('namespace');
+  const roomId = c.req.query('id');
+
+  if (!namespace || !roomId) {
+    return c.json({ code: 400, message: 'namespace and id query parameters required' }, 400);
+  }
+
+  const config = parseConfig(c.env);
+  const namespaceConfig = config.rooms?.[namespace];
+  if (config.release) {
+    if (!config.rooms?.[namespace]) {
+      return c.json({
+        code: 403,
+        message: `Room namespace '${namespace}' not configured`,
+      }, 403);
+    }
+  }
+
+  const metadataAccess = namespaceConfig?.access?.metadata;
+  if (!metadataAccess) {
+    if (config.release && !isRoomOperationPublic(namespaceConfig, 'metadata')) {
+      return c.json({ code: 403, message: 'Room summary requires access.metadata or public.metadata in release mode' }, 403);
+    }
+    if (!config.release) {
+      warnRoomDevelopmentFallback(namespace, 'metadata');
+    }
+  }
+  if (metadataAccess) {
+    const auth = (c.get('auth') as { id?: string; role?: string; email?: string | null; custom?: Record<string, unknown> | null; isAnonymous?: boolean; meta?: Record<string, unknown> } | null | undefined) ?? null;
+    const allowed = await Promise.resolve(metadataAccess(
+      getRoomAuthContext(auth),
+      roomId,
+    )).catch(() => false);
+    if (!allowed) {
+      return c.json({ code: 403, message: 'Denied by room metadata access rule' }, 403);
+    }
+  }
+
+  const runtime = resolveRoomRuntime(c.env);
+  if (!runtime.binding) {
+    return c.json({ code: 404, message: `Room runtime '${runtime.target}' not configured` }, 404);
+  }
+
+  const doName = `${namespace}::${roomId}`;
+  const doId = runtime.binding.idFromName(doName);
+  const doStub = runtime.binding.get(doId);
+
+  const url = new URL(c.req.url);
+  url.pathname = '/summary';
+  url.searchParams.set('room', doName);
+  const doRequest = new Request(url.toString(), {
+    method: 'GET',
+    headers: c.req.raw.headers,
+  });
+
+  return doStub.fetch(doRequest);
+});
+
+roomRoute.openapi(getRoomSummaries, async (c) => {
+  const body = c.req.valid('json') as z.infer<typeof roomSummaryBatchBodySchema>;
+  const namespace = body.namespace;
+  const roomIds = [...new Set(body.ids)];
+
+  const config = parseConfig(c.env);
+  const namespaceConfig = config.rooms?.[namespace];
+  if (config.release && !namespaceConfig) {
+    return c.json({
+      code: 403,
+      message: `Room namespace '${namespace}' not configured`,
+    }, 403);
+  }
+
+  const metadataAccess = namespaceConfig?.access?.metadata;
+  if (!metadataAccess) {
+    if (config.release && !isRoomOperationPublic(namespaceConfig, 'metadata')) {
+      return c.json({ code: 403, message: 'Room summaries require access.metadata or public.metadata in release mode' }, 403);
+    }
+    if (!config.release) {
+      warnRoomDevelopmentFallback(namespace, 'metadata');
+    }
+  }
+
+  const runtime = resolveRoomRuntime(c.env);
+  if (!runtime.binding) {
+    return c.json({ code: 404, message: `Room runtime '${runtime.target}' not configured` }, 404);
+  }
+
+  const auth = (c.get('auth') as { id?: string; role?: string; email?: string | null; custom?: Record<string, unknown> | null; isAnonymous?: boolean; meta?: Record<string, unknown> } | null | undefined) ?? null;
+  const authContext = getRoomAuthContext(auth);
+  const allowedRoomIds: string[] = [];
+  const deniedIds: string[] = [];
+
+  if (metadataAccess) {
+    for (const roomId of roomIds) {
+      const allowed = await Promise.resolve(metadataAccess(authContext, roomId)).catch(() => false);
+      if (allowed) {
+        allowedRoomIds.push(roomId);
+      } else {
+        deniedIds.push(roomId);
+      }
+    }
+  } else {
+    allowedRoomIds.push(...roomIds);
+  }
+
+  const items = await Promise.all(
+    allowedRoomIds.map(async (roomId) => {
+      const doName = `${namespace}::${roomId}`;
+      const doId = runtime.binding!.idFromName(doName);
+      const doStub = runtime.binding!.get(doId);
+
+      const url = new URL(c.req.url);
+      url.pathname = '/summary';
+      url.searchParams.set('room', doName);
+      const doResponse = await doStub.fetch(new Request(url.toString(), {
+        method: 'GET',
+        headers: c.req.raw.headers,
+      }));
+
+      if (!doResponse.ok) {
+        const errorPayload = await doResponse.json().catch(() => null) as { message?: string } | null;
+        throw new Error(
+          errorPayload?.message
+            ?? `Failed to load room summary for '${roomId}' in namespace '${namespace}'.`,
+        );
+      }
+
+      return doResponse.json() as Promise<z.infer<typeof roomSummarySchema>>;
+    }),
+  );
+
+  return c.json({
+    namespace,
+    items,
+    deniedIds,
+    updatedAt: new Date().toISOString(),
+  });
+});
+
 const getRoomRealtimeSession = createRoute({
   operationId: 'getRoomRealtimeSession',
   method: 'get',

package/src/routes/schema-endpoint.ts

@@ -45,14 +45,14 @@ schemaRoute.openapi(getSchema, async (c) => {
       buildConstraintCtx(c.env, c.req),
     );
     if (skResult === 'invalid') {
-      throw new EdgeBaseError(401, 'Unauthorized. Invalid Service Key.');
+      throw new EdgeBaseError(401, 'Invalid X-EdgeBase-Service-Key for schema reads.');
     }
     const serviceKeyBypass = skResult === 'valid';
 
     if (!serviceKeyBypass) {
       const auth = c.get('auth');
       if (!auth) {
-        throw new EdgeBaseError(401, 'Authentication required.');
+        throw new EdgeBaseError(401, 'Authentication required to read the schema endpoint.');
       }
     }
   }

package/src/routes/sql.ts

@@ -39,6 +39,10 @@ import { executeProviderAwareSql } from '../lib/provider-aware-sql.js';
 
 export const sqlRoute = new OpenAPIHono<HonoEnv>({ defaultHook: zodDefaultHook });
 
+function invalidSqlJsonMessage(): string {
+  return 'Invalid JSON body for SQL execution. Send application/json with { namespace, sql, params? }.';
+}
+
 /**
  * POST /api/sql
  * Body: { namespace: string, id?: string, sql: string, params?: unknown[] }
@@ -81,19 +85,19 @@ sqlRoute.openapi(executeSql, async (c) => {
   try {
     body = await c.req.json();
   } catch {
-    return c.json({ code: 400, message: 'Invalid JSON body' }, 400);
+    return c.json({ code: 400, message: invalidSqlJsonMessage() }, 400);
   }
 
   const { namespace, id, sql, params } = body;
 
   if (!namespace || typeof namespace !== 'string') {
-    return c.json({ code: 400, message: 'namespace is required' }, 400);
+    return c.json({ code: 400, message: "Missing required field 'namespace' for SQL execution." }, 400);
   }
   if (id !== undefined && id !== null && typeof id !== 'string') {
-    return c.json({ code: 400, message: 'id must be a string' }, 400);
+    return c.json({ code: 400, message: "Field 'id' must be a string when provided for SQL execution." }, 400);
   }
   if (!sql || typeof sql !== 'string') {
-    return c.json({ code: 400, message: 'sql is required' }, 400);
+    return c.json({ code: 400, message: "Missing required field 'sql' for SQL execution." }, 400);
   }
 
   // Validate namespace is declared in databases config (§1)
@@ -124,10 +128,10 @@ sqlRoute.openapi(executeSql, async (c) => {
     buildConstraintCtx(c.env, c.req),
   );
   if (skResult === 'missing') {
-    return c.json({ code: 403, message: 'Service Key required to execute SQL' }, 403);
+    return c.json({ code: 403, message: `X-EdgeBase-Service-Key is required to execute SQL for database namespace '${namespace}'.` }, 403);
   }
   if (skResult === 'invalid') {
-    return c.json({ code: 401, message: 'Unauthorized. Invalid Service Key.' }, 401);
+    return c.json({ code: 401, message: `Invalid X-EdgeBase-Service-Key for SQL execution in database namespace '${namespace}'.` }, 401);
   }
 
   try {

package/src/routes/storage.ts

@@ -297,7 +297,7 @@ function checkServiceKey(env: Env, header: string | undefined, scope: string, re
   const { result } = validateKey(header, scope, config, env, undefined, constraintCtx);
   if (result === 'valid') return true;
   if (result === 'invalid') {
-    throw new EdgeBaseError(401, 'Unauthorized. Invalid Service Key.', undefined, 'unauthenticated');
+    throw new EdgeBaseError(401, `Invalid X-EdgeBase-Service-Key for storage scope '${scope}'.`, undefined, 'unauthenticated');
   }
   return false; // 'missing' → continue to normal rules
 }
@@ -1236,7 +1236,9 @@ storage.openapi(deleteBatch, async (c) => {
       // afterDelete — plugin-registered storage hooks (per-file, non-blocking)
       executeStorageHooks('afterDelete', { ...fileMeta, bucket: bucketName }, auth, c.executionCtx, c.env, getWorkerUrl(c.req.url, c.env));
     } catch (e) {
-      const msg = e instanceof EdgeBaseError ? e.message : 'Unknown error.';
+      const msg = e instanceof EdgeBaseError
+        ? e.message
+        : 'Delete failed with an unexpected storage error. Check worker logs for details.';
       failed.push({ key, error: msg });
     }
   }

package/src/routes/vectorize.ts

@@ -35,9 +35,14 @@ const READ_ACTIONS: Action[] = ['search', 'getByIds', 'queryById', 'describe'];
 
 const STUB_WARNING = 'Vectorize not available in this environment';
 const VECTOR_BATCH_LIMIT = 20;
+const vectorizeStubWarnings = new Set<string>();
 
 export const vectorizeRoute = new OpenAPIHono<HonoEnv>({ defaultHook: zodDefaultHook });
 
+function invalidVectorizeJsonMessage(): string {
+  return 'Invalid JSON body for Vectorize. Send application/json with { action, ...payload }.';
+}
+
 /**
  * POST /api/vectorize/:index
  * Body: { action, vectors?, vector?, vectorId?, topK?, filter?, ids?, namespace?, returnValues?, returnMetadata? }
@@ -78,7 +83,7 @@ vectorizeRoute.openapi(vectorizeOperation, async (c) => {
   try {
     body = await c.req.json();
   } catch {
-    return c.json({ code: 400, message: 'Invalid JSON body' }, 400);
+    return c.json({ code: 400, message: invalidVectorizeJsonMessage() }, 400);
   }
 
   const { action } = body;
@@ -108,10 +113,10 @@ vectorizeRoute.openapi(vectorizeOperation, async (c) => {
     buildConstraintCtx(c.env, c.req),
   );
   if (skResult === 'missing') {
-    return c.json({ code: 403, message: 'Service Key required to access Vectorize' }, 403);
+    return c.json({ code: 403, message: `X-EdgeBase-Service-Key is required to access Vectorize index '${nameParam}'.` }, 403);
   }
   if (skResult === 'invalid') {
-    return c.json({ code: 401, message: 'Unauthorized. Invalid Service Key.' }, 401);
+    return c.json({ code: 401, message: `Invalid X-EdgeBase-Service-Key for Vectorize index '${nameParam}'.` }, 401);
   }
 
   // ─── Input validation ─────────────────────────────────────────────────
@@ -165,7 +170,14 @@ vectorizeRoute.openapi(vectorizeOperation, async (c) => {
   const bindingName = vectorConfig.binding ?? `VECTORIZE_${nameParam.toUpperCase()}`;
   const binding = (c.env as unknown as Record<string, unknown>)[bindingName] as VectorizeIndex | undefined;
   if (!binding) {
-    console.warn(`⚠️ Vectorize binding '${bindingName}' for '${nameParam}' not available. Running locally or binding not configured.`);
+    const warningKey = `${nameParam}:${bindingName}`;
+    if (!vectorizeStubWarnings.has(warningKey)) {
+      vectorizeStubWarnings.add(warningKey);
+      console.warn(
+        `[Vectorize] '${nameParam}' is running with a local stub because binding '${bindingName}' is unavailable. `
+        + 'Search and mutation calls will return no-op stub data until the binding is configured in Cloudflare.',
+      );
+    }
     // Return stub responses for local development
     // Include both v1 (count) and v2 (mutationId) fields so code for either version works.
     switch (action) {

package/admin-build/_app/immutable/chunks/BYI6CUvd.js

@@ -1 +0,0 @@
-import{w as h,g as m}from"./Bn2NtlTj.js";import{b as g}from"./DBsVqhuh.js";function c(e){return e.replace(/\/+$/,"")}function T(e){return!e||e==="/"?"":(e.startsWith("/")?e:`/${e}`).replace(/\/+$/,"")}function u(e,n){const t=c(e),a=n.startsWith("/")?n:`/${n}`;return`${t}${a}`}const l=c(""),d=c(""),j=T(g);function k(){return d||window.location.origin}function f(){return l||k()}function i(e=""){const n=e.replace(/^\/+/,"");return u(f(),n?`/admin/api/${n}`:"/admin/api")}function N(e=""){return u(f(),e||"/")}const p="edgebase_admin_auth",r=p;function y(){try{const e=localStorage.getItem(r);if(e){const n=JSON.parse(e);return{accessToken:n.accessToken??null,refreshToken:n.refreshToken??null,admin:n.admin??null}}}catch{try{localStorage.removeItem(r)}catch{}}return{accessToken:null,refreshToken:null,admin:null}}function S(e){try{localStorage.setItem(r,JSON.stringify(e))}catch{console.warn("[EdgeBase] Failed to save auth state to localStorage")}}function w(){try{localStorage.removeItem(r)}catch{console.warn("[EdgeBase] Failed to clear auth state from localStorage")}}const A=y(),o=h(A);o.subscribe(e=>{e.accessToken?S(e):w()});async function O(e,n){const t=await fetch(i("auth/login"),{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({email:e,password:n})});if(!t.ok){const s=await t.json().catch(()=>({}));throw new Error(s.message??"Login failed. Please check your email and password.")}const a=await t.json();o.set({accessToken:a.accessToken,refreshToken:a.refreshToken,admin:a.admin})}async function b(e,n){const t=await fetch(i("setup"),{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({email:e,password:n})});if(!t.ok){const s=await t.json().catch(()=>({}));throw new Error(s.message??"Failed to create admin account. Please check your details and try again.")}const a=await t.json();o.set({accessToken:a.accessToken,refreshToken:a.refreshToken,admin:a.admin})}async function P(){const e=m(o);if(!e.refreshToken)return!1;try{const n=await fetch(i("auth/refresh"),{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({refreshToken:e.refreshToken})});if(!n.ok)return!1;const t=await n.json();return o.set({accessToken:t.accessToken,refreshToken:t.refreshToken,admin:t.admin}),!0}catch{return!1}}function E(){o.set({accessToken:null,refreshToken:null,admin:null})}const R={subscribe:o.subscribe,set:o.set,update:o.update,login:O,setup:b,refresh:P,logout:E};export{p as A,R as a,f as b,N as c,j as d,i as g};

package/admin-build/_app/immutable/chunks/C6lpZLE2.js

@@ -1 +0,0 @@
-var ge=Object.defineProperty;var _e=(e,n,r)=>n in e?ge(e,n,{enumerable:!0,configurable:!0,writable:!0,value:r}):e[n]=r;var F=(e,n,r)=>_e(e,typeof n!="symbol"?n+"":n,r);import{a2 as q,x as me,au as he,h as k,n as L,v as Ee,e as we,g as oe,y as Te,A as Ae,B as ie,D as V,k as U,C as ye,av as Ie,aw as fe,_ as Ne,ax as w,a3 as G,ay as xe,a5 as Se,X as Ce,az as Re,aA as J,aB as ke,aC as De,a7 as Oe,aD as ue,aE as He,$ as ve,a1 as pe,aF as X,I as Me,aG as be,aH as Fe,aI as Ue,a0 as ze,l as $e,M as Z}from"./BdTBlfLy.js";import{g as K}from"./Bn2NtlTj.js";import{g as Be,a as Y}from"./BYI6CUvd.js";import{l as qe,d as ce}from"./XQM1k9PM.js";function an(e,n){return n}function Le(e,n,r){for(var f=[],u=n.length,i,c=n.length,v=0;v<u;v++){let m=n[v];pe(m,()=>{if(i){if(i.pending.delete(m),i.done.add(m),i.pending.size===0){var l=e.outrogroups;P(J(i.done)),l.delete(i),l.size===0&&(e.outrogroups=null)}}else c-=1},!1)}if(c===0){var o=f.length===0&&r!==null;if(o){var d=r,t=d.parentNode;Ue(t),t.append(d),e.items.clear()}P(n,!o)}else i={pending:new Set(n),done:new Set},(e.outrogroups??(e.outrogroups=new Set)).add(i)}function P(e,n=!0){for(var r=0;r<e.length;r++)ze(e[r],n)}var le;function tn(e,n,r,f,u,i=null){var c=e,v=new Map,o=(n&he)!==0;if(o){var d=e;c=k?L(Ee(d)):d.appendChild(q())}k&&we();var t=null,m=Ce(()=>{var s=r();return Re(s)?s:s==null?[]:J(s)}),l,h=!0;function A(){a.fallback=t,Ve(a,l,c,n,f),t!==null&&(l.length===0?(t.f&w)===0?ve(t):(t.f^=w,H(t,null,c)):pe(t,()=>{t=null}))}var N=me(()=>{l=oe(m);var s=l.length;let x=!1;if(k){var S=Te(c)===Ae;S!==(s===0)&&(c=ie(),L(c),V(!1),x=!0)}for(var g=new Set,y=Ne,C=Se(),p=0;p<s;p+=1){k&&U.nodeType===ye&&U.data===Ie&&(c=U,x=!0,V(!1));var I=l[p],R=f(I,p),_=h?null:v.get(R);_?(_.v&&fe(_.v,I),_.i&&fe(_.i,p),C&&y.unskip_effect(_.e)):(_=Xe(v,h?c:le??(le=q()),I,R,p,u,n,r),h||(_.e.f|=w),v.set(R,_)),g.add(R)}if(s===0&&i&&!t&&(h?t=G(()=>i(c)):(t=G(()=>i(le??(le=q()))),t.f|=w)),s>g.size&&xe(),k&&s>0&&L(ie()),!h)if(C){for(const[M,b]of v)g.has(M)||y.skip_effect(b.e);y.oncommit(A),y.ondiscard(()=>{})}else A();x&&V(!0),oe(m)}),a={effect:N,items:v,outrogroups:null,fallback:t};h=!1,k&&(c=U)}function O(e){for(;e!==null&&(e.f&be)===0;)e=e.next;return e}function Ve(e,n,r,f,u){var _,M,b,j,ee,ne,re,ae,te;var i=(f&Fe)!==0,c=n.length,v=e.items,o=O(e.effect.first),d,t=null,m,l=[],h=[],A,N,a,s;if(i)for(s=0;s<c;s+=1)A=n[s],N=u(A,s),a=v.get(N).e,(a.f&w)===0&&((M=(_=a.nodes)==null?void 0:_.a)==null||M.measure(),(m??(m=new Set)).add(a));for(s=0;s<c;s+=1){if(A=n[s],N=u(A,s),a=v.get(N).e,e.outrogroups!==null)for(const E of e.outrogroups)E.pending.delete(a),E.done.delete(a);if((a.f&w)!==0)if(a.f^=w,a===o)H(a,null,r);else{var x=t?t.next:o;a===e.effect.last&&(e.effect.last=a.prev),a.prev&&(a.prev.next=a.next),a.next&&(a.next.prev=a.prev),T(e,t,a),T(e,a,x),H(a,x,r),t=a,l=[],h=[],o=O(t.next);continue}if((a.f&X)!==0&&(ve(a),i&&((j=(b=a.nodes)==null?void 0:b.a)==null||j.unfix(),(m??(m=new Set)).delete(a))),a!==o){if(d!==void 0&&d.has(a)){if(l.length<h.length){var S=h[0],g;t=S.prev;var y=l[0],C=l[l.length-1];for(g=0;g<l.length;g+=1)H(l[g],S,r);for(g=0;g<h.length;g+=1)d.delete(h[g]);T(e,y.prev,C.next),T(e,t,y),T(e,C,S),o=S,t=C,s-=1,l=[],h=[]}else d.delete(a),H(a,o,r),T(e,a.prev,a.next),T(e,a,t===null?e.effect.first:t.next),T(e,t,a),t=a;continue}for(l=[],h=[];o!==null&&o!==a;)(d??(d=new Set)).add(o),h.push(o),o=O(o.next);if(o===null)continue}(a.f&w)===0&&l.push(a),t=a,o=O(a.next)}if(e.outrogroups!==null){for(const E of e.outrogroups)E.pending.size===0&&(P(J(E.done)),(ee=e.outrogroups)==null||ee.delete(E));e.outrogroups.size===0&&(e.outrogroups=null)}if(o!==null||d!==void 0){var p=[];if(d!==void 0)for(a of d)(a.f&X)===0&&p.push(a);for(;o!==null;)(o.f&X)===0&&o!==e.fallback&&p.push(o),o=O(o.next);var I=p.length;if(I>0){var R=(f&he)!==0&&c===0?r:null;if(i){for(s=0;s<I;s+=1)(re=(ne=p[s].nodes)==null?void 0:ne.a)==null||re.measure();for(s=0;s<I;s+=1)(te=(ae=p[s].nodes)==null?void 0:ae.a)==null||te.fix()}Le(e,p,R)}}i&&Me(()=>{var E,se;if(m!==void 0)for(a of m)(se=(E=a.nodes)==null?void 0:E.a)==null||se.apply()})}function Xe(e,n,r,f,u,i,c,v){var o=(c&ke)!==0?(c&De)===0?Oe(r,!1,!1):ue(r):null,d=(c&He)!==0?ue(u):null;return{v:o,i:d,e:G(()=>(i(n,o??r,d??u,v),()=>{e.delete(f)}))}}function H(e,n,r){if(e.nodes)for(var f=e.nodes.start,u=e.nodes.end,i=n&&(n.f&w)===0?n.nodes.start:r;f!==null;){var c=$e(f);if(i.before(f),f===u)return;f=c}}function T(e,n,r){n===null?e.effect.first=r:n.next=r,r===null?e.effect.last=n:r.prev=n}const Ye={success:3e3,error:5e3,info:4e3,warning:4e3},de=50;let Ge=1,W=Z([]),z=Z([]);const $=Z({count:0});function sn(){return $.count}function B(e){const n=Ge++,r={id:n,...e};W.push(r),z.unshift({...r,timestamp:Date.now()}),z.length>de&&(z.length=de),$.count++;const f=Ye[e.type];return setTimeout(()=>{Ke(n)},f),n}function Ke(e){const n=W.findIndex(r=>r.id===e);n!==-1&&W.splice(n,1)}function on(){$.count=0}function fn(){z.length=0,$.count=0}function un(e){return B({type:"success",message:e})}function cn(e){return B({type:"error",message:e})}function ln(e){return B({type:"info",message:e})}class D extends Error{constructor(r,f,u,i){super(u);F(this,"code");F(this,"status");F(this,"data");this.name="ApiError",this.status=r,this.code=f,this.data=i}}async function Pe(e){try{const n=await e.json();return{code:n.code??"UNKNOWN",message:n.message??e.statusText,data:n.data}}catch{return{code:"UNKNOWN",message:e.statusText}}}async function Q(e,n={}){const r=K(Y),f={"Content-Type":"application/json",...n.headers};r.accessToken&&(f.Authorization=`Bearer ${r.accessToken}`);const u=await fetch(e,{method:n.method??"GET",headers:f,body:n.body!==void 0?JSON.stringify(n.body):void 0});if(u.status===401&&!n._skipRefresh){if(await Y.refresh())return Q(e,{...n,_skipRefresh:!0});throw Y.logout(),new D(401,"UNAUTHORIZED","Session expired")}if(!u.ok){const i=await Pe(u);throw new D(u.status,i.code,i.message,i.data)}if(u.status!==204)return u.json()}async function We(e,n={}){const r=Be(e);return Q(r,n)}async function Je(e,n={}){let r=K(ce);if(r.loaded||(await qe(),r=K(ce)),!r.devMode||r.sidecarPort===null)throw new D(0,"NOT_DEV_MODE","Schema mutations require dev mode with sidecar");const f=`http://localhost:${r.sidecarPort}/${e}`;try{return await Q(f,n)}catch(u){throw u instanceof D&&u.status===404?new D(404,u.code,"This dashboard action is not available on the current dev sidecar yet. Restart `pnpm dev` and try again."):u}}async function Ze(e,n){try{return await e()}catch(r){const f=r instanceof D||r instanceof Error?r.message:"Unknown error";return B({type:"error",message:n?`${n}: ${f}`:f}),null}}const dn={fetch:We,schemaMutation:Je,safeFetch:Ze};export{D as A,dn as a,un as b,B as c,ln as d,tn as e,z as f,sn as g,fn as h,an as i,W as j,on as m,Ke as r,cn as t};

package/admin-build/_app/immutable/chunks/CoI6jjbg.js

@@ -1,2 +0,0 @@
-import{b5 as z,a0 as R,a3 as B,F as q,h as T,aa as x,_ as M,a8 as rr,az as ir,b6 as fr,ad as ar,ac as tr,b7 as er,b8 as ur,b9 as sr,ba as or,g as cr,bb as lr,bc as nr,bd as C,D as V,be as vr,bf as dr,I as br,bg as gr}from"./BdTBlfLy.js";import{i as hr,a as _r,d as Ar,c as Sr,n as Tr,b as Nr}from"./DtZk82gG.js";function pr(r,f){var i=void 0,a;z(()=>{i!==(i=f())&&(a&&(R(a),a=null),i&&(a=B(()=>{q(()=>i(r))})))})}function F(r){var f,i,a="";if(typeof r=="string"||typeof r=="number")a+=r;else if(typeof r=="object")if(Array.isArray(r)){var t=r.length;for(f=0;f<t;f++)r[f]&&(i=F(r[f]))&&(a&&(a+=" "),a+=i)}else for(i in r)r[i]&&(a&&(a+=" "),a+=i);return a}function Or(){for(var r,f,i=0,a="",t=arguments.length;i<t;i++)(r=arguments[i])&&(f=F(r))&&(a&&(a+=" "),a+=f);return a}function Er(r){return typeof r=="object"?Or(r):r??""}const D=[...` 	
-\r\f \v\uFEFF`];function Ir(r,f,i){var a=r==null?"":""+r;if(f&&(a=a?a+" "+f:f),i){for(var t of Object.keys(i))if(i[t])a=a?a+" "+t:t;else if(a.length)for(var e=t.length,u=0;(u=a.indexOf(t,u))>=0;){var o=u+e;(u===0||D.includes(a[u-1]))&&(o===a.length||D.includes(a[o]))?a=(u===0?"":a.substring(0,u))+a.substring(o+1):u=o}}return a===""?null:a}function K(r,f=!1){var i=f?" !important;":";",a="";for(var t of Object.keys(r)){var e=r[t];e!=null&&e!==""&&(a+=" "+t+": "+e+i)}return a}function j(r){return r[0]!=="-"||r[1]!=="-"?r.toLowerCase():r}function Lr(r,f){if(f){var i="",a,t;if(Array.isArray(f)?(a=f[0],t=f[1]):a=f,r){r=String(r).replaceAll(/\s*\/\*.*?\*\/\s*/g,"").trim();var e=!1,u=0,o=!1,n=[];a&&n.push(...Object.keys(a).map(j)),t&&n.push(...Object.keys(t).map(j));var v=0,h=-1;const p=r.length;for(var d=0;d<p;d++){var s=r[d];if(o?s==="/"&&r[d-1]==="*"&&(o=!1):e?e===s&&(e=!1):s==="/"&&r[d+1]==="*"?o=!0:s==='"'||s==="'"?e=s:s==="("?u++:s===")"&&u--,!o&&e===!1&&u===0){if(s===":"&&h===-1)h=d;else if(s===";"||d===p-1){if(h!==-1){var N=j(r.substring(v,h).trim());if(!n.includes(N)){s!==";"&&d++;var S=r.substring(v,d).trim();i+=" "+S+";"}}v=d+1,h=-1}}}}return a&&(i+=K(a)),t&&(i+=K(t,!0)),i=i.trim(),i===""?null:i}return r==null?null:String(r)}function kr(r,f,i,a,t,e){var u=r.__className;if(T||u!==i||u===void 0){var o=Ir(i,a,e);(!T||o!==r.getAttribute("class"))&&(o==null?r.removeAttribute("class"):f?r.className=o:r.setAttribute("class",o)),r.__className=i}else if(e&&t!==e)for(var n in e){var v=!!e[n];(t==null||v!==!!t[n])&&r.classList.toggle(n,v)}return e}function G(r,f={},i,a){for(var t in i){var e=i[t];f[t]!==e&&(i[t]==null?r.style.removeProperty(t):r.style.setProperty(t,e,a))}}function Cr(r,f,i,a){var t=r.__style;if(T||t!==f){var e=Lr(f,a);(!T||e!==r.getAttribute("style"))&&(e==null?r.removeAttribute("style"):r.style.cssText=e),r.__style=f}else a&&(Array.isArray(a)?(G(r,i==null?void 0:i[0],a[0]),G(r,i==null?void 0:i[1],a[1],"important")):G(r,i,a));return a}function P(r,f,i=!1){if(r.multiple){if(f==null)return;if(!ir(f))return fr();for(var a of r.options)a.selected=f.includes(k(a));return}for(a of r.options){var t=k(a);if(ar(t,f)){a.selected=!0;return}}(!i||f!==void 0)&&(r.selectedIndex=-1)}function W(r){var f=new MutationObserver(()=>{P(r,r.__value)});f.observe(r,{childList:!0,subtree:!0,attributes:!0,attributeFilter:["value"]}),rr(()=>{f.disconnect()})}function Hr(r,f,i=f){var a=new WeakSet,t=!0;x(r,"change",e=>{var u=e?"[selected]":":checked",o;if(r.multiple)o=[].map.call(r.querySelectorAll(u),k);else{var n=r.querySelector(u)??r.querySelector("option:not([disabled])");o=n&&k(n)}i(o),M!==null&&a.add(M)}),q(()=>{var e=f();if(r===document.activeElement){var u=tr??M;if(a.has(u))return}if(P(r,e,t),t&&e===void 0){var o=r.querySelector(":checked");o!==null&&(e=k(o),i(e))}r.__value=e,t=!1}),W(r)}function k(r){return"__value"in r?r.__value:r.value}const I=Symbol("class"),L=Symbol("style"),X=Symbol("is custom element"),Z=Symbol("is html"),Pr=C?"link":"LINK",wr=C?"input":"INPUT",yr=C?"option":"OPTION",Mr=C?"select":"SELECT",jr=C?"progress":"PROGRESS";function Gr(r){if(T){var f=!1,i=()=>{if(!f){if(f=!0,r.hasAttribute("value")){var a=r.value;w(r,"value",null),r.value=a}if(r.hasAttribute("checked")){var t=r.checked;w(r,"checked",null),r.checked=t}}};r.__on_r=i,br(i),gr()}}function Vr(r,f){var i=y(r);i.value===(i.value=f??void 0)||r.value===f&&(f!==0||r.nodeName!==jr)||(r.value=f??"")}function Dr(r,f){var i=y(r);i.checked!==(i.checked=f??void 0)&&(r.checked=f)}function Rr(r,f){f?r.hasAttribute("selected")||r.setAttribute("selected",""):r.removeAttribute("selected")}function w(r,f,i,a){var t=y(r);T&&(t[f]=r.getAttribute(f),f==="src"||f==="srcset"||f==="href"&&r.nodeName===Pr)||t[f]!==(t[f]=i)&&(f==="loading"&&(r[ur]=i),i==null?r.removeAttribute(f):typeof i!="string"&&J(r).includes(f)?r[f]=i:r.setAttribute(f,i))}function qr(r,f,i,a,t=!1,e=!1){if(T&&t&&r.nodeName===wr){var u=r,o=u.type==="checkbox"?"defaultChecked":"defaultValue";o in i||Gr(u)}var n=y(r),v=n[X],h=!n[Z];let d=T&&v;d&&V(!1);var s=f||{},N=r.nodeName===yr;for(var S in f)S in i||(i[S]=null);i.class?i.class=Er(i.class):(a||i[I])&&(i.class=null),i[L]&&(i.style??(i.style=null));var p=J(r);for(const c in i){let l=i[c];if(N&&c==="value"&&l==null){r.value=r.__value="",s[c]=l;continue}if(c==="class"){var E=r.namespaceURI==="http://www.w3.org/1999/xhtml";kr(r,E,l,a,f==null?void 0:f[I],i[I]),s[c]=l,s[I]=i[I];continue}if(c==="style"){Cr(r,l,f==null?void 0:f[L],i[L]),s[c]=l,s[L]=i[L];continue}var _=s[c];if(!(l===_&&!(l===void 0&&r.hasAttribute(c)))){s[c]=l;var U=c[0]+c[1];if(U!=="$$")if(U==="on"){const A={},O="$$"+c;let g=c.slice(2);var $=Nr(g);if(hr(g)&&(g=g.slice(0,-7),A.capture=!0),!$&&_){if(l!=null)continue;r.removeEventListener(g,s[O],A),s[O]=null}if($)_r(g,r,l),Ar([g]);else if(l!=null){let Q=function(m){s[c].call(this,m)};s[O]=Sr(g,r,Q,A)}}else if(c==="style")w(r,c,l);else if(c==="autofocus")vr(r,!!l);else if(!v&&(c==="__value"||c==="value"&&l!=null))r.value=r.__value=l;else if(c==="selected"&&N)Rr(r,l);else{var b=c;h||(b=Tr(b));var H=b==="defaultValue"||b==="defaultChecked";if(l==null&&!v&&!H)if(n[c]=null,b==="value"||b==="checked"){let A=r;const O=f===void 0;if(b==="value"){let g=A.defaultValue;A.removeAttribute(b),A.defaultValue=g,A.value=A.__value=O?g:null}else{let g=A.defaultChecked;A.removeAttribute(b),A.defaultChecked=g,A.checked=O?g:!1}}else r.removeAttribute(c);else H||p.includes(b)&&(v||typeof l!="string")?(r[b]=l,b in n&&(n[b]=dr)):typeof l!="function"&&w(r,b,l)}}}return d&&V(!0),s}function Kr(r,f,i=[],a=[],t=[],e,u=!1,o=!1){er(t,i,a,n=>{var v=void 0,h={},d=r.nodeName===Mr,s=!1;if(z(()=>{var S=f(...n.map(cr)),p=qr(r,v,S,e,u,o);s&&d&&"value"in S&&P(r,S.value);for(let _ of Object.getOwnPropertySymbols(h))S[_]||R(h[_]);for(let _ of Object.getOwnPropertySymbols(S)){var E=S[_];_.description===lr&&(!v||E!==v[_])&&(h[_]&&R(h[_]),h[_]=B(()=>pr(r,()=>E))),p[_]=E}v=p}),d){var N=r;q(()=>{P(N,v.value,!0),W(N)})}s=!0})}function y(r){return r.__attributes??(r.__attributes={[X]:r.nodeName.includes("-"),[Z]:r.namespaceURI===sr})}var Y=new Map;function J(r){var f=r.getAttribute("is")||r.nodeName,i=Y.get(f);if(i)return i;Y.set(f,i=[]);for(var a,t=r,e=Element.prototype;e!==t;){a=nr(t);for(var u in a)a[u].set&&i.push(u);t=or(t)}return i}export{I as C,w as a,Hr as b,Cr as c,Kr as d,Dr as e,Er as f,Vr as g,P as h,W as i,Gr as r,kr as s};