npm - @happyvertical/smrt-chat - Versions diffs - 0.30.0 → 0.31.1 - Mend

@happyvertical/smrt-chat 0.30.0 → 0.31.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (31) hide show

package/dist/chunks/{ChatService-Dpzc1Pa5.js.map → ChatService-ByEPKa30.js.map} RENAMED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"ChatService-Dpzc1Pa5.js","sources":["../../src/models/AgentSession.ts","../../src/models/ChatMessage.ts","../../src/models/ChatParticipant.ts","../../src/models/ChatReaction.ts","../../src/models/ChatRoom.ts","../../src/models/ChatThread.ts","../../src/collections/AgentSessionCollection.ts","../../src/collections/ChatMessageCollection.ts","../../src/collections/ChatParticipantCollection.ts","../../src/collections/ChatReactionCollection.ts","../../src/collections/ChatRoomCollection.ts","../../src/collections/ChatThreadCollection.ts","../../src/services/ChatService.ts"],"sourcesContent":["import {\n crossPackageRef,\n field,\n foreignKey,\n SmrtObject,\n smrt,\n} from '@happyvertical/smrt-core';\nimport { TenantScoped, tenantId } from '@happyvertical/smrt-tenancy';\nimport type { AgentSessionOptions, AgentSessionStatus } from '../types.js';\n\n/*\n Agent conversation session. Internal model — sessions must be created via\n * {@link ChatService.createAgentSession} and their security-relevant config\n * (`allowedTools` / `systemPrompt` / `chatRoomId` / `participantProfileId`)\n * mutated only via the owner-checked {@link ChatService.updateAgentSessionConfig}\n * (S5 #1392). The generated CRUD surface is read-only (`get`/`list`);\n * `create`/`update`/`delete` are NOT generated, otherwise a `PUT` could rewrite\n * the tool allow-list or system prompt and bypass the owner check.\n /\n@TenantScoped({ mode: 'optional' })\n@smrt({\n tableName: 'agent_sessions',\n api: { include: ['list', 'get'] },\n mcp: { include: ['list', 'get'] },\n cli: true,\n})\nexport class AgentSession extends SmrtObject {\n /\n Reserved `sessionContext` key that scopes a session's identity to a caller-\n * supplied conversation subject (e.g. a content id) (S5 #1392).\n \n `createAgentSession`'s reuse path keys on `(agentId, participantProfileId,\n * tenantId)`; without a discriminator a session opened for subject A would be\n * reused (and its context rewritten) for a request about subject B, returning\n * A's room/threads on B's route. Storing the key here lets the reuse lookup\n * require an exact match so distinct subjects get distinct sessions.\n /\n static readonly SESSION_KEY_CONTEXT_FIELD = '__sessionKey';\n\n @tenantId({ nullable: true })\n tenantId: string \| null = null;\n\n @field({ required: true })\n agentId: string = '';\n\n @crossPackageRef('@happyvertical/smrt-profiles:Profile', { required: true })\n participantProfileId: string = '';\n\n @foreignKey('ChatRoom')\n chatRoomId: string \| null = null;\n\n @field({ required: true })\n status: AgentSessionStatus = 'active';\n\n /* JSON array of tool names the consuming app has allowed for this session /\n @field()\n allowedTools: string = '[]';\n\n /* Conversation context/memory for multi-turn state (JSON string) /\n @field()\n sessionContext: string = '{}';\n\n /* System prompt override for this session /\n @field()\n systemPrompt: string = '';\n\n @field()\n messageCount: number = 0;\n @field()\n totalTokensUsed: number = 0;\n @field()\n maxTokens: number = 0;\n @field()\n maxMessages: number = 0;\n\n @field()\n lastMessageAt: Date \| null = null;\n @field()\n expiresAt: Date \| null = null;\n @field()\n closedAt: Date \| null = null;\n\n constructor(options: AgentSessionOptions = {}) {\n super(options);\n if (options.tenantId !== undefined) this.tenantId = options.tenantId;\n if (options.agentId !== undefined) this.agentId = options.agentId;\n if (options.participantProfileId !== undefined)\n this.participantProfileId = options.participantProfileId;\n if (options.chatRoomId !== undefined) this.chatRoomId = options.chatRoomId;\n if (options.status !== undefined) this.status = options.status;\n if (options.allowedTools !== undefined)\n this.allowedTools = options.allowedTools;\n if (options.sessionContext !== undefined)\n this.sessionContext = options.sessionContext;\n if (options.systemPrompt !== undefined)\n this.systemPrompt = options.systemPrompt;\n if (options.messageCount !== undefined)\n this.messageCount = options.messageCount;\n if (options.totalTokensUsed !== undefined)\n this.totalTokensUsed = options.totalTokensUsed;\n if (options.maxTokens !== undefined) this.maxTokens = options.maxTokens;\n if (options.maxMessages !== undefined)\n this.maxMessages = options.maxMessages;\n if (options.lastMessageAt !== undefined)\n this.lastMessageAt = options.lastMessageAt;\n if (options.expiresAt !== undefined) this.expiresAt = options.expiresAt;\n if (options.closedAt !== undefined) this.closedAt = options.closedAt;\n }\n\n getAllowedTools(): string[] {\n try {\n const parsed = JSON.parse(this.allowedTools);\n return Array.isArray(parsed)\n ? parsed.filter((t): t is string => typeof t === 'string')\n : [];\n } catch {\n return [];\n }\n }\n\n setAllowedTools(tools: string[]): void {\n this.allowedTools = JSON.stringify(tools);\n }\n\n /\n Fail-closed authorization check for an agent tool call (S5 #1392).\n \n A tool may only be invoked when it appears in this session's allow-list.\n * If the allow-list is empty or unparseable, NO tools are permitted. This is\n * deliberately conservative: an empty whitelist means \"no tools\", never\n * \"all tools\".\n /\n isToolAllowed(toolName: string): boolean {\n if (typeof toolName !== 'string' \|\| toolName.length === 0) return false;\n return this.getAllowedTools().includes(toolName);\n }\n\n isActive(): boolean {\n if (this.status !== 'active') return false;\n if (this.expiresAt && new Date() >= this.expiresAt) return false;\n if (this.maxMessages > 0 && this.messageCount >= this.maxMessages)\n return false;\n if (this.maxTokens > 0 && this.totalTokensUsed >= this.maxTokens)\n return false;\n return true;\n }\n\n isExpired(): boolean {\n return this.expiresAt !== null && new Date() >= this.expiresAt;\n }\n\n async close(): Promise<void> {\n this.status = 'closed';\n this.closedAt = new Date();\n await this.save();\n }\n\n async expire(): Promise<void> {\n this.status = 'expired';\n this.closedAt = new Date();\n await this.save();\n }\n\n getSessionContext(): Record<string, unknown> {\n try {\n return JSON.parse(this.sessionContext);\n } catch {\n return {};\n }\n }\n\n setSessionContext(ctx: Record<string, unknown>): void {\n this.sessionContext = JSON.stringify(ctx);\n }\n\n /\n Stable identity key that scopes this session to a conversation subject\n * (S5 #1392). Returns `null` when the session is not subject-scoped. Used by\n * the reuse lookup so a session opened for one subject is never reused for a\n * request about a different subject.\n /\n getSessionKey(): string \| null {\n const value =\n this.getSessionContext()[AgentSession.SESSION_KEY_CONTEXT_FIELD];\n return typeof value === 'string' && value.length > 0 ? value : null;\n }\n\n async updateSessionContext(updates: Record<string, unknown>): Promise<void> {\n const current = this.getSessionContext();\n this.sessionContext = JSON.stringify({ ...current, ...updates });\n await this.save();\n }\n\n async recordMessage(tokensUsed: number = 0): Promise<void> {\n this.messageCount++;\n this.totalTokensUsed += tokensUsed;\n this.lastMessageAt = new Date();\n await this.save();\n }\n}\n","import {\n crossPackageRef,\n field,\n foreignKey,\n SmrtObject,\n smrt,\n} from '@happyvertical/smrt-core';\nimport { TenantScoped, tenantId } from '@happyvertical/smrt-tenancy';\nimport type {\n ChatMessageOptions,\n ChatMessageRole,\n ChatMessageType,\n} from '../types.js';\n\n/\n Chat message. Internal model — all mutations must go through the\n * membership-checked {@link ChatService} (S5 #1392). The generated CRUD surface\n * is read-only (`get`/`list`); `create`/`update`/`delete` are intentionally NOT\n * generated so an authenticated caller cannot write into an arbitrary room via\n * the raw collection routes, bypassing the room-membership authorization in\n * {@link ChatService.sendMessage}.\n /\n@TenantScoped({ mode: 'required' })\n@smrt({\n tableName: 'chat_messages',\n api: { include: ['list', 'get'] },\n mcp: { include: ['list', 'get'] },\n cli: true,\n})\nexport class ChatMessage extends SmrtObject {\n @tenantId()\n tenantId: string = '';\n\n @foreignKey('ChatRoom', { required: true })\n roomId: string = '';\n @foreignKey('ChatThread')\n threadId: string \| null = null;\n @crossPackageRef('@happyvertical/smrt-profiles:Profile', { required: true })\n senderProfileId: string = '';\n @foreignKey('AgentSession')\n agentSessionId: string \| null = null;\n\n @field()\n content: string = '';\n @field({ required: true })\n messageType: ChatMessageType = 'text';\n @field({ required: true })\n role: ChatMessageRole = 'user';\n\n @field()\n isEdited: boolean = false;\n @field()\n editedAt: Date \| null = null;\n @field()\n isDeleted: boolean = false;\n @foreignKey('ChatMessage')\n replyToMessageId: string \| null = null;\n\n @field()\n metadata: string = '{}';\n @field()\n toolCallData: string \| null = null;\n @field()\n attachments: string = '[]';\n\n constructor(options: ChatMessageOptions = {}) {\n super(options);\n if (options.tenantId !== undefined) this.tenantId = options.tenantId;\n if (options.roomId !== undefined) this.roomId = options.roomId;\n if (options.threadId !== undefined) this.threadId = options.threadId;\n if (options.senderProfileId !== undefined)\n this.senderProfileId = options.senderProfileId;\n if (options.agentSessionId !== undefined)\n this.agentSessionId = options.agentSessionId;\n if (options.content !== undefined) this.content = options.content;\n if (options.messageType !== undefined)\n this.messageType = options.messageType;\n if (options.role !== undefined) this.role = options.role;\n if (options.isEdited !== undefined) this.isEdited = options.isEdited;\n if (options.editedAt !== undefined) this.editedAt = options.editedAt;\n if (options.isDeleted !== undefined) this.isDeleted = options.isDeleted;\n if (options.replyToMessageId !== undefined)\n this.replyToMessageId = options.replyToMessageId;\n if (options.metadata !== undefined)\n this.metadata =\n typeof options.metadata === 'string'\n ? options.metadata\n : JSON.stringify(options.metadata);\n if (options.toolCallData !== undefined)\n this.toolCallData =\n options.toolCallData === null\n ? null\n : typeof options.toolCallData === 'string'\n ? options.toolCallData\n : JSON.stringify(options.toolCallData);\n if (options.attachments !== undefined)\n this.attachments = options.attachments;\n }\n\n getAttachments(): Array<{\n id: string;\n filename: string;\n contentType: string;\n size: number;\n url?: string;\n }> {\n try {\n return JSON.parse(this.attachments);\n } catch {\n return [];\n }\n }\n\n setAttachments(\n items: Array<{\n id: string;\n filename: string;\n contentType: string;\n size: number;\n url?: string;\n }>,\n ): void {\n this.attachments = JSON.stringify(items);\n }\n\n getMetadata(): Record<string, unknown> {\n try {\n return JSON.parse(this.metadata);\n } catch {\n return {};\n }\n }\n\n setMetadata(data: Record<string, unknown>): void {\n this.metadata = JSON.stringify(data);\n }\n\n getToolCallData(): Record<string, unknown> \| null {\n if (!this.toolCallData) return null;\n try {\n return JSON.parse(this.toolCallData);\n } catch {\n return null;\n }\n }\n\n setToolCallData(data: Record<string, unknown> \| null): void {\n this.toolCallData = data ? JSON.stringify(data) : null;\n }\n\n hasAttachments(): boolean {\n return this.getAttachments().length > 0;\n }\n\n isToolCall(): boolean {\n return this.messageType === 'tool_call';\n }\n\n isToolResult(): boolean {\n return this.messageType === 'tool_result';\n }\n\n isFromAgent(): boolean {\n return this.role === 'assistant';\n }\n\n isSystemMessage(): boolean {\n return this.role === 'system';\n }\n\n async edit(newContent: string): Promise<void> {\n this.content = newContent;\n this.isEdited = true;\n this.editedAt = new Date();\n await this.save();\n }\n\n async softDelete(): Promise<void> {\n this.isDeleted = true;\n this.content = '';\n await this.save();\n }\n\n getPreview(maxLength = 100): string {\n if (this.isDeleted) return '(deleted)';\n const text = this.content \|\| '';\n if (text.length <= maxLength) return text;\n return `${text.slice(0, maxLength)}...`;\n }\n}\n","import {\n crossPackageRef,\n field,\n foreignKey,\n SmrtObject,\n smrt,\n} from '@happyvertical/smrt-core';\nimport { TenantScoped, tenantId } from '@happyvertical/smrt-tenancy';\nimport type {\n ChatParticipantOptions,\n ChatParticipantRole,\n ChatParticipantStatus,\n OnlineStatus,\n} from '../types.js';\n\n/\n Room membership row. Internal model — membership must be established and\n * mutated only through the membership/owner-checked {@link ChatService}\n * (S5 #1392). The generated CRUD surface is read-only (`get`/`list`);\n * `create`/`update`/`delete` are NOT generated, otherwise an authenticated\n * caller could POST a ChatParticipant to forge their own membership of any room\n * (privilege escalation) and bypass every downstream membership check.\n /\n@TenantScoped({ mode: 'required' })\n@smrt({\n tableName: 'chat_participants',\n api: { include: ['list', 'get'] },\n mcp: { include: ['list', 'get'] },\n cli: true,\n})\nexport class ChatParticipant extends SmrtObject {\n @tenantId()\n tenantId: string = '';\n\n @foreignKey('ChatRoom', { required: true })\n roomId: string = '';\n @crossPackageRef('@happyvertical/smrt-profiles:Profile', { required: true })\n profileId: string = '';\n @field({ required: true })\n role: ChatParticipantRole = 'member';\n @field({ required: true })\n status: ChatParticipantStatus = 'active';\n @field({ required: true })\n onlineStatus: OnlineStatus = 'offline';\n @foreignKey('ChatMessage')\n lastReadMessageId: string \| null = null;\n @field()\n lastSeenAt: Date \| null = null;\n @field()\n joinedAt: Date \| null = null;\n @field()\n nickname: string = '';\n @field()\n isMuted: boolean = false;\n @field()\n isPinned: boolean = false;\n\n constructor(options: ChatParticipantOptions = {}) {\n super(options);\n if (options.tenantId !== undefined) this.tenantId = options.tenantId;\n if (options.roomId !== undefined) this.roomId = options.roomId;\n if (options.profileId !== undefined) this.profileId = options.profileId;\n if (options.role !== undefined) this.role = options.role;\n if (options.status !== undefined) this.status = options.status;\n if (options.onlineStatus !== undefined)\n this.onlineStatus = options.onlineStatus;\n if (options.lastReadMessageId !== undefined)\n this.lastReadMessageId = options.lastReadMessageId;\n if (options.lastSeenAt !== undefined) this.lastSeenAt = options.lastSeenAt;\n if (options.joinedAt !== undefined) this.joinedAt = options.joinedAt;\n if (options.nickname !== undefined) this.nickname = options.nickname;\n if (options.isMuted !== undefined) this.isMuted = options.isMuted;\n if (options.isPinned !== undefined) this.isPinned = options.isPinned;\n }\n\n isActive(): boolean {\n return this.status === 'active';\n }\n\n isOwner(): boolean {\n return this.role === 'owner';\n }\n\n isAdmin(): boolean {\n return this.role === 'admin' \|\| this.role === 'owner';\n }\n\n async markRead(messageId: string): Promise<void> {\n this.lastReadMessageId = messageId;\n this.lastSeenAt = new Date();\n await this.save();\n }\n\n async leave(): Promise<void> {\n this.status = 'left';\n await this.save();\n }\n\n async setOnline(status: OnlineStatus): Promise<void> {\n this.onlineStatus = status;\n this.lastSeenAt = new Date();\n await this.save();\n }\n}\n","import {\n crossPackageRef,\n field,\n foreignKey,\n SmrtObject,\n smrt,\n} from '@happyvertical/smrt-core';\nimport { TenantScoped, tenantId } from '@happyvertical/smrt-tenancy';\nimport type { ChatReactionOptions } from '../types.js';\n\n/\n Message reaction. Internal model — reactions must be added/removed only\n * through the membership-checked {@link ChatService} (S5 #1392). The generated\n * CRUD surface is read-only (`list`); `create`/`update`/`delete` are NOT\n * generated, otherwise a caller could POST a reaction (forging a `profileId`)\n * onto a message in a room they do not belong to, or DELETE another member's\n * reaction, via the raw collection routes — bypassing the room-membership\n * authorization in {@link ChatService.addReaction}/{@link ChatService.removeReaction}.\n /\n@TenantScoped({ mode: 'required' })\n@smrt({\n tableName: 'chat_reactions',\n api: { include: ['list'] },\n mcp: { include: ['list'] },\n cli: false,\n})\nexport class ChatReaction extends SmrtObject {\n @tenantId()\n tenantId: string = '';\n\n @foreignKey('ChatMessage', { required: true })\n messageId: string = '';\n @crossPackageRef('@happyvertical/smrt-profiles:Profile', { required: true })\n profileId: string = '';\n @field({ required: true })\n emoji: string = '';\n\n constructor(options: ChatReactionOptions = {}) {\n super(options);\n if (options.tenantId !== undefined) this.tenantId = options.tenantId;\n if (options.messageId !== undefined) this.messageId = options.messageId;\n if (options.profileId !== undefined) this.profileId = options.profileId;\n if (options.emoji !== undefined) this.emoji = options.emoji;\n }\n}\n","import {\n crossPackageRef,\n field,\n SmrtObject,\n smrt,\n} from '@happyvertical/smrt-core';\nimport { TenantScoped, tenantId } from '@happyvertical/smrt-tenancy';\nimport type {\n ChatRoomOptions,\n ChatRoomStatus,\n ChatRoomType,\n} from '../types.js';\n\ntype ChatRoomMetadata = Record<string, unknown>;\n\n/\n Chat room supporting public channels, private groups, DMs, and agent conversations.\n \n @remarks\n * Room types: `public`, `private`, `dm`, `agent`. Agent rooms are auto-created by\n * {@link ChatService.createAgentSession} with `maxParticipants: 2`. DM rooms are\n * found-or-created via {@link ChatService.getOrCreateDM}. Threads are tracked via\n * {@link ChatThread} linked by `roomId`. Tenant-scoped (required).\n \n Internal model — room creation and mutation must go through the\n * membership/owner-checked {@link ChatService} (S5 #1392). The generated CRUD\n * surface is read-only (`get`/`list`); `create`/`update`/`delete` are NOT\n * generated, so a caller cannot forge a room or mutate room state via the raw\n * collection routes, skipping the ChatService authorization paths.\n /\n@TenantScoped({ mode: 'required' })\n@smrt({\n tableName: 'chat_rooms',\n api: { include: ['list', 'get'] },\n mcp: { include: ['list', 'get'] },\n cli: true,\n})\nexport class ChatRoom extends SmrtObject {\n @tenantId()\n tenantId: string = '';\n\n @field()\n name: string = '';\n @field()\n description: string = '';\n @field({ required: true })\n roomType: ChatRoomType = 'public';\n @field({ required: true })\n status: ChatRoomStatus = 'active';\n @field()\n topic: string = '';\n @field()\n avatarUrl: string = '';\n @field()\n isArchived: boolean = false;\n @field()\n maxParticipants: number = 0;\n @field()\n metadata: string = '{}';\n @crossPackageRef('@happyvertical/smrt-profiles:Profile')\n createdByProfileId: string = '';\n @field()\n lastMessageAt: Date \| null = null;\n\n constructor(options: ChatRoomOptions = {}) {\n super(options);\n if (options.tenantId !== undefined) this.tenantId = options.tenantId;\n if (options.name !== undefined) this.name = options.name;\n if (options.description !== undefined)\n this.description = options.description;\n if (options.roomType !== undefined) this.roomType = options.roomType;\n if (options.status !== undefined) this.status = options.status;\n if (options.topic !== undefined) this.topic = options.topic;\n if (options.avatarUrl !== undefined) this.avatarUrl = options.avatarUrl;\n if (options.isArchived !== undefined) this.isArchived = options.isArchived;\n if (options.maxParticipants !== undefined)\n this.maxParticipants = options.maxParticipants;\n if (options.metadata !== undefined)\n this.metadata =\n typeof options.metadata === 'string'\n ? options.metadata\n : JSON.stringify(options.metadata);\n if (options.createdByProfileId !== undefined)\n this.createdByProfileId = options.createdByProfileId;\n if (options.lastMessageAt !== undefined)\n this.lastMessageAt = options.lastMessageAt;\n }\n\n getMetadata(): ChatRoomMetadata {\n try {\n return JSON.parse(this.metadata);\n } catch {\n return {};\n }\n }\n\n setMetadata(data: ChatRoomMetadata): void {\n this.metadata = JSON.stringify(data);\n }\n\n updateMetadata(updates: ChatRoomMetadata): void {\n const current = this.getMetadata();\n this.metadata = JSON.stringify({ ...current, ...updates });\n }\n\n isDM(): boolean {\n return this.roomType === 'dm';\n }\n\n isAgentRoom(): boolean {\n return this.roomType === 'agent';\n }\n\n isPublic(): boolean {\n return this.roomType === 'public';\n }\n\n isActive(): boolean {\n return this.status === 'active';\n }\n\n async archive(): Promise<void> {\n this.isArchived = true;\n this.status = 'archived';\n await this.save();\n }\n\n async unarchive(): Promise<void> {\n this.isArchived = false;\n this.status = 'active';\n await this.save();\n }\n}\n","import { field, foreignKey, SmrtObject, smrt } from '@happyvertical/smrt-core';\nimport { TenantScoped, tenantId } from '@happyvertical/smrt-tenancy';\nimport type { ChatThreadOptions } from '../types.js';\n\n/\n Conversation thread. Internal model — threads must be created/mutated only\n * through the membership-checked {@link ChatService} (S5 #1392). The generated\n * CRUD surface is read-only (`get`/`list`); `create`/`update`/`delete` are NOT\n * generated, otherwise a caller could POST a thread rooted in an arbitrary room\n * (or mutate `messageCount`/`isResolved`) via the raw collection routes,\n * bypassing the room-membership authorization in {@link ChatService.startThread}.\n /\n@TenantScoped({ mode: 'required' })\n@smrt({\n tableName: 'chat_threads',\n api: { include: ['list', 'get'] },\n mcp: { include: ['list', 'get'] },\n cli: true,\n})\nexport class ChatThread extends SmrtObject {\n @tenantId()\n tenantId: string = '';\n\n @foreignKey('ChatRoom', { required: true })\n roomId: string = '';\n // Nullable FK (S5 #1392): a thread can be opened WITHOUT a root message (e.g.\n // a content/agent-editor thread). The previous `= ''` default wrote an empty\n // string into this FK column, which breaks native-`uuid` DBs (Postgres/DuckDB\n // reject `''` as a uuid). `null` is the correct \"no root\" value.\n @foreignKey('ChatMessage', { nullable: true })\n rootMessageId: string \| null = null;\n @field()\n title: string = '';\n @field()\n isResolved: boolean = false;\n @field()\n messageCount: number = 0;\n @field()\n lastMessageAt: Date \| null = null;\n @field()\n participantCount: number = 0;\n\n constructor(options: ChatThreadOptions = {}) {\n super(options);\n if (options.tenantId !== undefined) this.tenantId = options.tenantId;\n if (options.roomId !== undefined) this.roomId = options.roomId;\n if (options.rootMessageId !== undefined)\n this.rootMessageId = options.rootMessageId;\n if (options.title !== undefined) this.title = options.title;\n if (options.isResolved !== undefined) this.isResolved = options.isResolved;\n if (options.messageCount !== undefined)\n this.messageCount = options.messageCount;\n if (options.lastMessageAt !== undefined)\n this.lastMessageAt = options.lastMessageAt;\n if (options.participantCount !== undefined)\n this.participantCount = options.participantCount;\n }\n\n async resolve(): Promise<void> {\n this.isResolved = true;\n await this.save();\n }\n\n async reopen(): Promise<void> {\n this.isResolved = false;\n await this.save();\n }\n}\n","import { SmrtCollection } from '@happyvertical/smrt-core';\nimport { AgentSession } from '../models/AgentSession.js';\n\nexport class AgentSessionCollection extends SmrtCollection<AgentSession> {\n static readonly _itemClass = AgentSession;\n\n async findActiveByParticipant(\n participantProfileId: string,\n ): Promise<AgentSession[]> {\n const sessions = await this.list({\n where: { participantProfileId, status: 'active' },\n });\n return sessions.filter((s) => s.isActive());\n }\n\n /\n Resolve the active agent session for an (agent, participant) pair within a\n * tenant (S5 #1392).\n \n `tenantId` is REQUIRED and always bound into the WHERE clause — including the\n * `null` (untenanted) case — so the lookup can never silently drop its tenant\n * predicate and resolve a session from another tenant. AgentSession uses\n * optional tenancy, so `null` is a legitimate, explicitly-bound scope rather\n * than \"any tenant\".\n \n When `sessionKey` is supplied the result is additionally narrowed to the\n * session whose stored {@link AgentSession.getSessionKey} matches EXACTLY\n * (S5 #1392). This binds session identity to a conversation subject (e.g. a\n * content id) so a session opened for one subject is never reused for another;\n * `sessionContext` is a JSON blob so the discriminator is matched in memory\n * after the tenant-bound SQL filter.\n /\n async findActiveSession(\n agentId: string,\n participantProfileId: string,\n tenantId: string \| null,\n sessionKey?: string \| null,\n ): Promise<AgentSession \| null> {\n const where: Record<string, unknown> = {\n agentId,\n participantProfileId,\n status: 'active',\n tenantId,\n };\n const sessions = await this.list({ where });\n const active = sessions.find(\n (s) =>\n s.isActive() &&\n (sessionKey === undefined \|\|\n s.getSessionKey() === (sessionKey ?? null)),\n );\n return active ?? null;\n }\n\n async findOrCreate(params: {\n agentId: string;\n participantProfileId: string;\n tenantId: string \| null;\n allowedTools?: string[];\n chatRoomId?: string \| null;\n systemPrompt?: string;\n /\n Optional subject-scoping key (S5 #1392). When set, an existing active\n * session is reused only if its stored session key matches, and the created\n * session records the key so future lookups stay subject-scoped.\n /\n sessionKey?: string \| null;\n }): Promise<AgentSession> {\n const existing = await this.findActiveSession(\n params.agentId,\n params.participantProfileId,\n params.tenantId,\n params.sessionKey,\n );\n if (existing) return existing;\n\n const sessionContext =\n params.sessionKey != null\n ? JSON.stringify({\n [AgentSession.SESSION_KEY_CONTEXT_FIELD]: params.sessionKey,\n })\n : undefined;\n\n const session = await this.create({\n agentId: params.agentId,\n participantProfileId: params.participantProfileId,\n tenantId: params.tenantId ?? null,\n allowedTools: JSON.stringify(params.allowedTools ?? []),\n chatRoomId: params.chatRoomId ?? null,\n systemPrompt: params.systemPrompt ?? '',\n status: 'active',\n ...(sessionContext !== undefined ? { sessionContext } : {}),\n });\n return session;\n }\n\n async findByAgent(agentId: string): Promise<AgentSession[]> {\n return this.list({ where: { agentId } });\n }\n\n /\n Expire active sessions whose last activity predates `olderThan`.\n \n Caller-scoping (S5 #1392): pass `scope` to restrict the sweep to a single\n * tenant and/or agent. Without a scope this expires stale sessions across the\n * whole (tenant-filtered) collection — only safe for trusted maintenance\n * callers, never for a per-tenant request handler.\n \n The candidate set is narrowed in SQL (status + activity timestamp) rather\n * than loading every active session into memory and filtering in JS\n * (DoS hardening). `lastMessageAt < olderThan` is applied server-side; rows\n * that never recorded a message fall back to `created_at`.\n /\n async expireStale(\n olderThan: Date,\n scope?: { tenantId?: string \| null; agentId?: string },\n ): Promise<number> {\n const baseWhere: Record<string, unknown> = { status: 'active' };\n if (scope?.tenantId !== undefined) baseWhere.tenantId = scope.tenantId;\n if (scope?.agentId !== undefined) baseWhere.agentId = scope.agentId;\n\n // Sessions stale by their last message timestamp.\n const byLastMessage = await this.list({\n where: { ...baseWhere, 'lastMessageAt <': olderThan },\n });\n\n // Sessions that never recorded a message: judge by creation time.\n const neverMessaged = await this.list({\n where: { ...baseWhere, lastMessageAt: null, 'created_at <': olderThan },\n });\n\n const seen = new Set<string>();\n let expired = 0;\n for (const session of [...byLastMessage, ...neverMessaged]) {\n const id = session.id as string;\n if (!id \|\| seen.has(id)) continue;\n seen.add(id);\n await session.expire();\n expired++;\n }\n return expired;\n }\n}\n","import { SmrtCollection } from '@happyvertical/smrt-core';\nimport { ChatMessage } from '../models/ChatMessage.js';\nimport type { ChatMessageSearchFilters } from '../types.js';\n\nexport class ChatMessageCollection extends SmrtCollection<ChatMessage> {\n static readonly _itemClass = ChatMessage;\n\n /\n Get messages for a room (newest first), excluding threads and deleted.\n \n Filtering, ordering and pagination are pushed into SQL rather than loading\n * the full room history into memory (S5 #1392, DoS hardening). Thread replies\n * are excluded via `threadId IS NULL` (the WHERE API maps a `null` value to\n * `IS NULL`).\n \n `tenantId` is REQUIRED and bound into BOTH the message window AND the cursor\n * lookup (S5 #1392): room ids are not globally unique, so a roomId-only read\n * could surface another tenant's messages for a same-id room. The caller's\n * membership gate is tenant-scoped, so the read MUST be too.\n /\n async getByRoom(\n roomId: string,\n tenantId: string,\n options?: { limit?: number; before?: string },\n ): Promise<ChatMessage[]> {\n const where: Record<string, unknown> = {\n roomId,\n tenantId,\n isDeleted: false,\n threadId: null,\n };\n\n // Cursor-based pagination: only messages older than the cursor message.\n // The cursor must belong to the SAME root-message set of the SAME room AND\n // tenant (S5 #1392); a cursor id from another room/thread/tenant is silently\n // ignored rather than allowing it to influence this room's window.\n if (options?.before) {\n const cursorMsg = await this.get({\n id: options.before,\n roomId,\n tenantId,\n isDeleted: false,\n threadId: null,\n });\n if (cursorMsg?.created_at) {\n where['created_at <'] = cursorMsg.created_at;\n }\n }\n\n return this.list({\n where,\n orderBy: 'created_at DESC',\n limit: options?.limit,\n });\n }\n\n /\n Get messages in a thread, tenant-bound (S5 #1392).\n \n `tenantId` is bound into the query so a thread id from another tenant can\n * never surface that tenant's thread history.\n /\n async getByThread(\n threadId: string,\n tenantId: string,\n ): Promise<ChatMessage[]> {\n return this.list({ where: { threadId, tenantId, isDeleted: false } });\n }\n\n /\n Get messages for an agent session, tenant-bound (S5 #1392).\n \n `tenantId` is bound into the query so a session id from another tenant can\n * never surface that tenant's session messages.\n /\n async getByAgentSession(\n agentSessionId: string,\n tenantId: string,\n ): Promise<ChatMessage[]> {\n return this.list({ where: { agentSessionId, tenantId, isDeleted: false } });\n }\n\n /\n Search messages with filters.\n \n All structural filters (tenant/room/thread/sender/type/role/date/text) are\n * pushed into SQL instead of loading the full message set and filtering in JS\n * (S5 #1392, DoS hardening). `tenantId` is REQUIRED and always bound so the\n * search can never cross a tenant boundary.\n \n `hasAttachments` is derived from the stored `attachments` JSON column and is\n * pushed into SQL as a `!=`/`=` pre-filter against the empty-array sentinel\n * (`'[]'`, the column default) so the `LIMIT` applies to the ALREADY-FILTERED\n * set, not the raw window (S5 #1392). Previously the limit truncated the\n * newest-N window first and the JS filter ran afterwards, so a room whose\n * newest messages lacked attachments could return fewer (or zero)\n * attachment-bearing rows than existed. A precise JS pass on\n * `hasAttachments()` still runs to reject any malformed/empty column value the\n * coarse SQL sentinel can't distinguish, and the requested `limit` is enforced\n * on the filtered result.\n /\n async search(\n filters: ChatMessageSearchFilters & { tenantId: string; limit?: number },\n ): Promise<ChatMessage[]> {\n const where: Record<string, unknown> = {\n tenantId: filters.tenantId,\n isDeleted: false,\n };\n if (filters.roomId) where.roomId = filters.roomId;\n if (filters.threadId) where.threadId = filters.threadId;\n if (filters.senderProfileId)\n where.senderProfileId = filters.senderProfileId;\n if (filters.messageType) where.messageType = filters.messageType;\n if (filters.role) where.role = filters.role;\n if (filters.query) where['content like'] = `%${filters.query}%`;\n if (filters.sinceDate) where['created_at >='] = filters.sinceDate;\n if (filters.beforeDate) where['created_at <'] = filters.beforeDate;\n\n const limit = filters.limit ?? 100;\n\n // Push the attachment predicate into SQL against the empty-array sentinel so\n // the LIMIT applies to the filtered set, not the raw window. `'[]'` is the\n // ChatMessage.attachments column default, so `!= '[]'` keeps rows carrying a\n // non-empty attachment array and `= '[]'` keeps the rest.\n if (filters.hasAttachments === true) {\n where['attachments !='] = '[]';\n } else if (filters.hasAttachments === false) {\n where.attachments = '[]';\n }\n\n const messages = await this.list({\n where,\n orderBy: 'created_at DESC',\n limit,\n });\n\n // The SQL sentinel can't tell a malformed/empty column (e.g. '', whitespace)\n // from a genuinely-empty array, so re-apply the precise computed predicate\n // and enforce the limit on the filtered result.\n if (filters.hasAttachments !== undefined) {\n return messages\n .filter((m) => m.hasAttachments() === filters.hasAttachments)\n .slice(0, limit);\n }\n\n return messages;\n }\n\n /\n Get unread count for a participant in a room (excludes thread replies).\n \n Counting is pushed into SQL via `count()` rather than loading the whole\n * room history into memory (S5 #1392, DoS hardening). `tenantId` is REQUIRED\n * and bound into both the count and the read-cursor lookup so the count can\n * never include another tenant's messages for a same-id room.\n /\n async getUnreadCount(\n roomId: string,\n tenantId: string,\n lastReadMessageId: string \| null,\n ): Promise<number> {\n const base = { roomId, tenantId, isDeleted: false, threadId: null };\n\n if (!lastReadMessageId) return this.count({ where: base });\n\n // The read-cursor must belong to the same room's root-message set in the\n // same tenant; a cursor from another room/thread/tenant is ignored rather\n // than skewing the count (S5 #1392).\n const lastReadMsg = await this.get({\n id: lastReadMessageId,\n roomId,\n tenantId,\n isDeleted: false,\n threadId: null,\n });\n if (!lastReadMsg?.created_at) return this.count({ where: base });\n\n return this.count({\n where: { ...base, 'created_at >': lastReadMsg.created_at },\n });\n }\n\n /\n Get most recent root message for each room (for room list preview).\n \n Each room is fetched with `orderBy created_at DESC, limit 1` so we never\n * load the full per-room history into memory (S5 #1392, DoS hardening).\n * `tenantId` is REQUIRED and bound into each per-room read so a same-id room\n * from another tenant can never leak a preview message.\n /\n async getLatestPerRoom(\n roomIds: string[],\n tenantId: string,\n ): Promise<Map<string, ChatMessage>> {\n const result = new Map<string, ChatMessage>();\n for (const roomId of roomIds) {\n const latest = await this.list({\n where: { roomId, tenantId, isDeleted: false, threadId: null },\n orderBy: 'created_at DESC',\n limit: 1,\n });\n if (latest.length > 0) {\n result.set(roomId, latest[0]);\n }\n }\n return result;\n }\n}\n","import { SmrtCollection } from '@happyvertical/smrt-core';\nimport { ChatParticipant } from '../models/ChatParticipant.js';\n\nexport class ChatParticipantCollection extends SmrtCollection<ChatParticipant> {\n static readonly _itemClass = ChatParticipant;\n\n async getByRoom(roomId: string): Promise<ChatParticipant[]> {\n return this.list({ where: { roomId, status: 'active' } });\n }\n\n async getByProfile(profileId: string): Promise<ChatParticipant[]> {\n return this.list({ where: { profileId, status: 'active' } });\n }\n\n async findMembership(\n roomId: string,\n profileId: string,\n tenantId?: string,\n ): Promise<ChatParticipant \| null> {\n const where: Record<string, unknown> = { roomId, profileId };\n if (tenantId !== undefined) where.tenantId = tenantId;\n const results = await this.list({ where });\n return results[0] ?? null;\n }\n\n /\n Returns the participant row only if the profile is an ACTIVE member of the\n * room (not left/kicked/banned). Used by ChatService to gate sends and reads\n * on room membership (S5 #1392, IDOR hardening).\n \n `tenantId` is REQUIRED and always bound into the WHERE clause so a membership\n * lookup can never resolve a row belonging to another tenant, even when no ALS\n * tenant context is active to drive the tenancy interceptor (defense in depth).\n * Making it a required parameter (rather than optional) closes the hole where a\n * caller could omit it and silently drop the tenant predicate from the query.\n /\n async findActiveMembership(\n roomId: string,\n profileId: string,\n tenantId: string,\n ): Promise<ChatParticipant \| null> {\n const where: Record<string, unknown> = {\n roomId,\n profileId,\n status: 'active',\n tenantId,\n };\n const results = await this.list({ where, limit: 1 });\n return results[0] ?? null;\n }\n\n /* True when the profile is an active member of the room (tenant-bound). /\n async isActiveMember(\n roomId: string,\n profileId: string,\n tenantId: string,\n ): Promise<boolean> {\n return (\n (await this.findActiveMembership(roomId, profileId, tenantId)) !== null\n );\n }\n\n async getOnlineInRoom(roomId: string): Promise<ChatParticipant[]> {\n const participants = await this.list({\n where: { roomId, status: 'active' },\n });\n return participants.filter((p) => p.onlineStatus !== 'offline');\n }\n\n async getAdminsInRoom(roomId: string): Promise<ChatParticipant[]> {\n const participants = await this.list({\n where: { roomId, status: 'active' },\n });\n return participants.filter((p) => p.isAdmin());\n }\n\n async countInRoom(roomId: string): Promise<number> {\n const participants = await this.list({\n where: { roomId, status: 'active' },\n });\n return participants.length;\n }\n}\n","import { SmrtCollection } from '@happyvertical/smrt-core';\nimport { ChatReaction } from '../models/ChatReaction.js';\n\nexport class ChatReactionCollection extends SmrtCollection<ChatReaction> {\n static readonly _itemClass = ChatReaction;\n\n async getByMessage(messageId: string): Promise<ChatReaction[]> {\n return this.list({ where: { messageId } });\n }\n\n /* Get reaction counts grouped by emoji for a message /\n async getReactionCounts(\n messageId: string,\n ): Promise<Map<string, { count: number; profileIds: string[] }>> {\n const reactions = await this.list({ where: { messageId } });\n const counts = new Map<string, { count: number; profileIds: string[] }>();\n\n for (const reaction of reactions) {\n const existing = counts.get(reaction.emoji);\n if (existing) {\n existing.count++;\n existing.profileIds.push(reaction.profileId);\n } else {\n counts.set(reaction.emoji, {\n count: 1,\n profileIds: [reaction.profileId],\n });\n }\n }\n\n return counts;\n }\n\n /\n Toggle a reaction: add if not present, remove if already reacted.\n \n `tenantId` is bound into the existence lookup (S5 #1392) so the toggle can\n * never match or delete a reaction row belonging to another tenant. Prefer the\n * membership-checked {@link ChatService.addReaction}/{@link ChatService.removeReaction}\n * for request-driven flows; this low-level helper performs no membership check.\n /\n async toggle(\n messageId: string,\n profileId: string,\n emoji: string,\n tenantId: string,\n ): Promise<{ added: boolean }> {\n const existing = await this.list({\n where: { messageId, profileId, emoji, tenantId },\n });\n\n if (existing.length > 0) {\n await existing[0].delete();\n return { added: false };\n }\n\n await this.create({\n tenantId,\n messageId,\n profileId,\n emoji,\n });\n return { added: true };\n }\n}\n","import { createHash } from 'node:crypto';\nimport { SmrtCollection } from '@happyvertical/smrt-core';\nimport type { ChatParticipantCollection } from '../collections/ChatParticipantCollection.js';\nimport { ChatRoom } from '../models/ChatRoom.js';\nimport type { ChatRoomType } from '../types.js';\n\n/\n Deterministic, order-independent room id for a 1:1 DM between two profiles\n * within a tenant (S5 #1392, DM race hardening).\n \n Concurrent {@link ChatRoomCollection.findOrCreateDM} calls for the same pair\n * compute the SAME id, so the underlying upsert (which conflicts on `id` for new\n * objects) collapses the racing inserts onto one row instead of creating\n * duplicate DM rooms. The id is a deterministic UUIDv5-shaped value derived from\n * the tenant and the sorted profile pair.\n /\nexport function canonicalDmRoomId(\n tenantId: string,\n profileId1: string,\n profileId2: string,\n): string {\n const [a, b] = [profileId1, profileId2].sort();\n const key = `dm ${tenantId} ${a} ${b}`;\n const hash = createHash('sha1').update(key).digest('hex');\n // Shape the digest as a v5 UUID (set version/variant nibbles).\n return [\n hash.slice(0, 8),\n hash.slice(8, 12),\n `5${hash.slice(13, 16)}`,\n ((Number.parseInt(hash.slice(16, 18), 16) & 0x3f) \| 0x80)\n .toString(16)\n .padStart(2, '0') + hash.slice(18, 20),\n hash.slice(20, 32),\n ].join('-');\n}\n\nexport class ChatRoomCollection extends SmrtCollection<ChatRoom> {\n static readonly _itemClass = ChatRoom;\n\n async findByType(roomType: ChatRoomType): Promise<ChatRoom[]> {\n return this.list({ where: { roomType, status: 'active' } });\n }\n\n async findPublic(): Promise<ChatRoom[]> {\n return this.list({ where: { roomType: 'public', status: 'active' } });\n }\n\n async findDMs(): Promise<ChatRoom[]> {\n return this.list({ where: { roomType: 'dm', status: 'active' } });\n }\n\n async findAgentRooms(): Promise<ChatRoom[]> {\n return this.list({ where: { roomType: 'agent', status: 'active' } });\n }\n\n /\n Search rooms by name/description/topic.\n \n Filtering and limiting are pushed into SQL via `LIKE` instead of loading\n * the entire tenant room set and filtering in JS (S5 #1392, DoS hardening).\n * The WHERE API does not support OR, so we issue one bounded query per\n * searchable column and merge the results, capping the total returned.\n /\n async search(\n query: string,\n options?: { limit?: number },\n ): Promise<ChatRoom[]> {\n const limit = options?.limit ?? 50;\n const like = `%${query}%`;\n const columns = ['name', 'description', 'topic'] as const;\n\n const merged = new Map<string, ChatRoom>();\n for (const column of columns) {\n const matches = await this.list({\n where: { status: 'active', [`${column} like`]: like },\n orderBy: 'created_at DESC',\n limit,\n });\n for (const room of matches) {\n if (room.id) merged.set(room.id, room);\n }\n if (merged.size >= limit) break;\n }\n\n return Array.from(merged.values()).slice(0, limit);\n }\n\n /\n Find an existing 1:1 DM room between two profiles, or create one.\n \n DM identity is derived from the authoritative `chat_participants` join\n * (server-controlled) rather than client-mutable room metadata (S5 #1392).\n * Callers are responsible for attaching both profiles as participants after\n * creation; {@link ChatService.getOrCreateDM} does this.\n /\n async findOrCreateDM(\n profileId1: string,\n profileId2: string,\n tenantId: string,\n participants: ChatParticipantCollection,\n ): Promise<ChatRoom> {\n // Fast, race-safe path: a DM for a tenant + profile pair has a deterministic\n // id, so a prior (or concurrently-created) DM resolves directly (S5 #1392).\n const dmId = canonicalDmRoomId(tenantId, profileId1, profileId2);\n const canonical = await this.get({ id: dmId, tenantId });\n if (canonical && canonical.roomType === 'dm') {\n return canonical;\n }\n\n // Legacy fallback: DMs created before the deterministic-id scheme are still\n // discovered via the authoritative chat_participants join. tenantId is bound\n // into every lookup so a DM can never be resolved (or reused) across tenants,\n // even without an ALS tenant context.\n const memberships1 = await participants.list({\n where: { profileId: profileId1, status: 'active', tenantId },\n });\n const candidateRoomIds = memberships1.map((m) => m.roomId);\n\n for (const roomId of candidateRoomIds) {\n const dm = await this.get({ id: roomId, tenantId });\n if (!dm \|\| dm.roomType !== 'dm' \|\| dm.status !== 'active') continue;\n\n // Confirm profile2 is also an active participant of this same room.\n const others = await participants.list({\n where: { roomId, profileId: profileId2, status: 'active', tenantId },\n });\n if (others.length > 0) {\n return dm;\n }\n }\n\n // Create new DM room with the deterministic id. Membership is established by\n // the caller via the chat_participants join — not via client metadata. The\n // deterministic id makes concurrent creates upsert onto a single row,\n // eliminating the former check-then-create duplicate-DM race.\n const room = await this.create({\n id: dmId,\n tenantId,\n name: '',\n roomType: 'dm',\n status: 'active',\n maxParticipants: 2,\n });\n return room;\n }\n}\n","import { SmrtCollection } from '@happyvertical/smrt-core';\nimport { ChatThread } from '../models/ChatThread.js';\n\nexport class ChatThreadCollection extends SmrtCollection<ChatThread> {\n static readonly _itemClass = ChatThread;\n\n async getByRoom(roomId: string): Promise<ChatThread[]> {\n return this.list({ where: { roomId } });\n }\n\n async getActive(roomId: string): Promise<ChatThread[]> {\n const threads = await this.list({ where: { roomId } });\n return threads.filter((t) => !t.isResolved);\n }\n\n async getUnresolved(): Promise<ChatThread[]> {\n const threads = await this.list({});\n return threads.filter((t) => !t.isResolved);\n }\n}\n","import {\n ObjectRegistry,\n type SmrtObjectOptions,\n} from '@happyvertical/smrt-core';\nimport { AgentSessionCollection } from '../collections/AgentSessionCollection.js';\nimport { ChatMessageCollection } from '../collections/ChatMessageCollection.js';\nimport { ChatParticipantCollection } from '../collections/ChatParticipantCollection.js';\nimport { ChatReactionCollection } from '../collections/ChatReactionCollection.js';\nimport { ChatRoomCollection } from '../collections/ChatRoomCollection.js';\nimport { ChatThreadCollection } from '../collections/ChatThreadCollection.js';\nimport type { AgentSession } from '../models/AgentSession.js';\nimport type { ChatMessage } from '../models/ChatMessage.js';\nimport type { ChatThread } from '../models/ChatThread.js';\nimport type {\n ChatMessageRole,\n ChatMessageType,\n ChatParticipantRole,\n ChatRoomStatus,\n ChatRoomType,\n} from '../types.js';\n\n/\n Internal write descriptor for {@link ChatService.writeMessage}. This shape can\n * author a message as an arbitrary profile/role and may skip the membership\n * check, so it MUST NOT be reachable from any public/route-facing signature\n * (S5 #1392). Only the trusted in-class callers below construct it.\n /\ninterface InternalMessageWrite {\n tenantId: string;\n roomId: string;\n senderProfileId: string;\n content: string;\n role: ChatMessageRole;\n messageType?: ChatMessageType;\n threadId?: string \| null;\n agentSessionId?: string \| null;\n replyToMessageId?: string \| null;\n toolCallData?: Record<string, unknown> \| null;\n /* Internal-only escape hatch for system-authored writes. /\n skipMembershipCheck?: boolean;\n}\n\n/\n Parameters for emitting an agent-authored (assistant/tool) message. Used only\n * by the internal {@link sendAgentReply} bridge below — NOT a public surface.\n /\nexport interface AgentReplyParams {\n tenantId: string;\n agentSessionId: string;\n content: string;\n kind?: 'assistant' \| 'tool';\n messageType?: ChatMessageType;\n toolCallData?: Record<string, unknown> \| null;\n /\n Optional thread to attach the agent reply to. It MUST belong to the same\n * room/tenant as the session (validated in {@link ChatService.writeMessage}).\n /\n threadId?: string \| null;\n}\n\n/* Tenant-bound agent session lookup descriptor for the read facade. /\nexport interface AgentSessionLookup {\n agentSessionId: string;\n tenantId: string \| null;\n}\n\n/* Tenant-bound thread lookup descriptor for the read facade. /\nexport interface ThreadLookup {\n threadId: string;\n tenantId: string;\n}\n\n/\n Module-private bridge key for the agent-reply path (S5 #1392).\n \n The agent-authoring path is reachable only through the {@link sendAgentReply}\n * function (re-exported solely from `./internal/agent-runtime`). To let that\n * module-local function reach the `private` {@link ChatService.emitAgentReply}\n * without widening the class's PUBLIC surface, the class exposes a single\n * symbol-keyed static. A symbol key is not a named member: it does not appear on\n * the `ChatService` type, is not enumerable, and is callable only by code that\n * holds this non-exported symbol. This replaces the previous public\n * `_runAgentReply` static, which any consumer of the root-exported `ChatService`\n * could call to author messages as the agent.\n /\nconst RUN_AGENT_REPLY = Symbol('smrt-chat.runAgentReply');\n\nexport class ChatService {\n // Raw persistence collections are PRIVATE (S5 #1392). They can author/mutate\n // any row with no actor/membership check, so they must NOT appear on the\n // public `ChatService` type, and the package index no longer re-exports the\n // collection classes for direct construction around the service. Every\n // external read/write goes through the authorized facade methods below.\n readonly #rooms: ChatRoomCollection;\n readonly #messages: ChatMessageCollection;\n readonly #participants: ChatParticipantCollection;\n readonly #threads: ChatThreadCollection;\n readonly #agentSessions: AgentSessionCollection;\n readonly #reactions: ChatReactionCollection;\n\n private constructor(\n rooms: ChatRoomCollection,\n messages: ChatMessageCollection,\n participants: ChatParticipantCollection,\n threads: ChatThreadCollection,\n agentSessions: AgentSessionCollection,\n reactions: ChatReactionCollection,\n ) {\n this.#rooms = rooms;\n this.#messages = messages;\n this.#participants = participants;\n this.#threads = threads;\n this.#agentSessions = agentSessions;\n this.#reactions = reactions;\n }\n\n static async create(options: SmrtObjectOptions): Promise<ChatService> {\n ObjectRegistry.registerCollection(\n '@happyvertical/smrt-chat:ChatRoom',\n ChatRoomCollection,\n );\n ObjectRegistry.registerCollection(\n '@happyvertical/smrt-chat:ChatMessage',\n ChatMessageCollection,\n );\n ObjectRegistry.registerCollection(\n '@happyvertical/smrt-chat:ChatParticipant',\n ChatParticipantCollection,\n );\n ObjectRegistry.registerCollection(\n '@happyvertical/smrt-chat:ChatThread',\n ChatThreadCollection,\n );\n ObjectRegistry.registerCollection(\n '@happyvertical/smrt-chat:AgentSession',\n AgentSessionCollection,\n );\n ObjectRegistry.registerCollection(\n '@happyvertical/smrt-chat:ChatReaction',\n ChatReactionCollection,\n );\n\n const rooms = (await ObjectRegistry.getCollection(\n '@happyvertical/smrt-chat:ChatRoom',\n options,\n )) as ChatRoomCollection;\n const messages = (await ObjectRegistry.getCollection(\n '@happyvertical/smrt-chat:ChatMessage',\n options,\n )) as ChatMessageCollection;\n const participants = (await ObjectRegistry.getCollection(\n '@happyvertical/smrt-chat:ChatParticipant',\n options,\n )) as ChatParticipantCollection;\n const threads = (await ObjectRegistry.getCollection(\n '@happyvertical/smrt-chat:ChatThread',\n options,\n )) as ChatThreadCollection;\n const agentSessions = (await ObjectRegistry.getCollection(\n '@happyvertical/smrt-chat:AgentSession',\n options,\n )) as AgentSessionCollection;\n const reactions = (await ObjectRegistry.getCollection(\n '@happyvertical/smrt-chat:ChatReaction',\n options,\n )) as ChatReactionCollection;\n\n return new ChatService(\n rooms,\n messages,\n participants,\n threads,\n agentSessions,\n reactions,\n );\n }\n\n /* Initialize all underlying collections (table creation) /\n async initialize(): Promise<void> {\n await this.#rooms.initialize();\n await this.#messages.initialize();\n await this.#participants.initialize();\n await this.#threads.initialize();\n await this.#agentSessions.initialize();\n await this.#reactions.initialize();\n }\n\n /\n Create a room and add the creating actor as owner (S5 #1392).\n \n The acting identity is the server-supplied `actorProfileId` (the\n * authenticated principal the route injects). The creator/owner is ALWAYS the\n * actor — a caller cannot supply a `createdByProfileId` to attribute the room\n * to (and enroll as owner) some other profile.\n /\n async createRoom(params: {\n tenantId: string;\n name: string;\n roomType: ChatRoomType;\n actorProfileId: string;\n description?: string;\n topic?: string;\n }) {\n const room = await this.#rooms.create({\n tenantId: params.tenantId,\n name: params.name,\n roomType: params.roomType,\n createdByProfileId: params.actorProfileId,\n description: params.description ?? '',\n topic: params.topic ?? '',\n status: 'active',\n });\n\n await this.#enrollParticipant({\n tenantId: params.tenantId,\n roomId: room.id as string,\n profileId: params.actorProfileId,\n role: 'owner',\n });\n\n return room;\n }\n\n /\n Send a USER message to a room as the authenticated caller (S5 #1392).\n \n The acting identity is the server-supplied `actorProfileId` (the\n * authenticated principal the route injects). The message is ALWAYS authored\n * as `actorProfileId` with `role: 'user'` — the caller cannot supply a\n * `senderProfileId` to impersonate another profile or the agent, and cannot\n * supply a privileged `role` (assistant/system/tool). Agent-authored messages\n * go exclusively through the internal {@link ChatService.sendAgentReply}.\n \n Authorization: `actorProfileId` must be an ACTIVE participant of the target\n * room, preventing cross-room IDOR within a tenant. There is no public\n * membership-skip parameter; system-authored writes use the internal\n * {@link ChatService.writeMessage} path.\n /\n async sendMessage(params: {\n tenantId: string;\n roomId: string;\n actorProfileId: string;\n content: string;\n messageType?: ChatMessageType;\n threadId?: string \| null;\n agentSessionId?: string \| null;\n replyToMessageId?: string \| null;\n }) {\n return this.#writeMessage({\n tenantId: params.tenantId,\n roomId: params.roomId,\n senderProfileId: params.actorProfileId,\n content: params.content,\n role: 'user',\n messageType: params.messageType ?? 'text',\n threadId: params.threadId ?? null,\n agentSessionId: params.agentSessionId ?? null,\n replyToMessageId: params.replyToMessageId ?? null,\n });\n }\n\n /\n INTERNAL persistence path for all message writes. Not exposed publicly: it\n * accepts an arbitrary author/role and an internal-only `skipMembershipCheck`\n * (S5 #1392). Every public entry point (`sendMessage`, `sendAgentUserMessage`,\n * `sendAgentReply`) funnels through here with a server-derived author/role.\n \n Membership is enforced unless `skipMembershipCheck` is set, which only the\n * in-class system-authored callers may do.\n /\n async #writeMessage(write: InternalMessageWrite) {\n if (!write.skipMembershipCheck) {\n const isMember = await this.#participants.isActiveMember(\n write.roomId,\n write.senderProfileId,\n write.tenantId,\n );\n if (!isMember) {\n throw new Error(\n 'Sender is not an active member of the room (authorization denied)',\n );\n }\n }\n\n // Every supplied reference (thread / agent session / reply-to message) MUST\n // belong to the SAME room AND tenant as the message being written (S5\n // #1392). Without this, an active member of one room could attach a message\n // to — or pull in/mutate the stats of — an unrelated thread/session/message\n // from another room or tenant. Bind roomId + tenantId into each lookup and\n // reject any mismatch. The validated rows are reused below for stat updates,\n // so there is no second, tenant-UNBOUND lookup.\n const thread = write.threadId\n ? await this.#threads.get({\n id: write.threadId,\n roomId: write.roomId,\n tenantId: write.tenantId,\n })\n : null;\n if (write.threadId && !thread) {\n throw new Error(\n 'threadId does not belong to this room/tenant (authorization denied)',\n );\n }\n\n const session = write.agentSessionId\n ? await this.#agentSessions.get({\n id: write.agentSessionId,\n chatRoomId: write.roomId,\n tenantId: write.tenantId,\n })\n : null;\n if (write.agentSessionId && !session) {\n throw new Error(\n 'agentSessionId does not belong to this room/tenant (authorization denied)',\n );\n }\n\n if (write.replyToMessageId) {\n const replyTo = await this.#messages.get({\n id: write.replyToMessageId,\n roomId: write.roomId,\n tenantId: write.tenantId,\n });\n if (!replyTo) {\n throw new Error(\n 'replyToMessageId does not belong to this room/tenant (authorization denied)',\n );\n }\n }\n\n const message = await this.#messages.create({\n tenantId: write.tenantId,\n roomId: write.roomId,\n senderProfileId: write.senderProfileId,\n content: write.content,\n messageType: write.messageType ?? 'text',\n role: write.role,\n threadId: write.threadId ?? null,\n agentSessionId: write.agentSessionId ?? null,\n replyToMessageId: write.replyToMessageId ?? null,\n toolCallData: write.toolCallData\n ? JSON.stringify(write.toolCallData)\n : null,\n });\n\n // Update room's lastMessageAt\n const room = await this.#rooms.get({\n id: write.roomId,\n tenantId: write.tenantId,\n });\n if (room) {\n room.lastMessageAt = new Date();\n await room.save();\n }\n\n // Update thread stats if threaded (reuse the validated row)\n if (thread) {\n thread.messageCount++;\n thread.lastMessageAt = new Date();\n await thread.save();\n }\n\n // Record on agent session if applicable (reuse the validated row)\n if (session) {\n await session.recordMessage();\n }\n\n return message;\n }\n\n /\n Start a thread in a room (S5 #1392).\n \n The acting identity is the server-supplied `actorProfileId`, which must be\n * an active member of the room. Generated thread `create` is disabled, so this\n * is the only path to create a thread.\n \n When a `rootMessageId` is supplied it is bound to `{ id, roomId, tenantId }`\n * and rejected unless it belongs to the SAME room and tenant — without this a\n * member of one room could anchor a thread to a message from another\n * room/tenant. `rootMessageId` is optional (a thread can be opened without a\n * root message, e.g. an agent-editor thread).\n /\n async startThread(params: {\n tenantId: string;\n roomId: string;\n actorProfileId: string;\n rootMessageId?: string \| null;\n title?: string;\n }) {\n await this.#requireActiveMembership(\n params.roomId,\n params.actorProfileId,\n params.tenantId,\n );\n if (params.rootMessageId) {\n const rootMessage = await this.#messages.get({\n id: params.rootMessageId,\n roomId: params.roomId,\n tenantId: params.tenantId,\n });\n if (!rootMessage) {\n throw new Error(\n 'rootMessageId does not belong to this room/tenant (authorization denied)',\n );\n }\n }\n const thread = await this.#threads.create({\n tenantId: params.tenantId,\n roomId: params.roomId,\n rootMessageId: params.rootMessageId ?? null,\n title: params.title ?? '',\n messageCount: 0,\n });\n return thread;\n }\n\n /\n Add a participant to a room (S5 #1392).\n \n Authorization: the acting identity is the server-supplied `actorProfileId`,\n * which MUST be an owner/admin of the target room. This prevents an arbitrary\n * tenant member from adding anyone (or themselves) to any room with any role —\n * a privilege-escalation / IDOR. System-bootstrap enrollment (room creation,\n * DM/agent-session setup) uses the internal {@link ChatService.enrollParticipant}.\n /\n async addParticipant(params: {\n tenantId: string;\n roomId: string;\n actorProfileId: string;\n profileId: string;\n role?: ChatParticipantRole;\n }) {\n await this.#requireRoomAdmin(\n params.roomId,\n params.actorProfileId,\n params.tenantId,\n );\n return this.#enrollParticipant({\n tenantId: params.tenantId,\n roomId: params.roomId,\n profileId: params.profileId,\n role: params.role,\n });\n }\n\n /\n INTERNAL participant enrollment (S5 #1392). No authorization check — only\n * the trusted in-class bootstrap paths (room creation, DM/agent-session setup)\n * and the owner-checked {@link ChatService.addParticipant} call this. Not\n * exposed publicly so a route cannot enroll an arbitrary profile.\n /\n async #enrollParticipant(params: {\n tenantId: string;\n roomId: string;\n profileId: string;\n role?: ChatParticipantRole;\n }) {\n const existing = await this.#participants.findMembership(\n params.roomId,\n params.profileId,\n params.tenantId,\n );\n if (existing) {\n if (existing.status !== 'active') {\n existing.status = 'active';\n existing.joinedAt = new Date();\n await existing.save();\n }\n return existing;\n }\n\n const participant = await this.#participants.create({\n tenantId: params.tenantId,\n roomId: params.roomId,\n profileId: params.profileId,\n role: params.role ?? 'member',\n status: 'active',\n joinedAt: new Date(),\n });\n return participant;\n }\n\n /\n Remove (soft-leave) a participant from a room (S5 #1392).\n \n Authorization: the server-supplied `actorProfileId` may remove THEMSELVES\n * (leave) at any time; removing ANOTHER profile requires the actor to be an\n * owner/admin of the room. An admin who is not an owner cannot remove an owner.\n /\n async removeParticipant(params: {\n tenantId: string;\n roomId: string;\n actorProfileId: string;\n profileId: string;\n }) {\n const target = await this.#participants.findMembership(\n params.roomId,\n params.profileId,\n params.tenantId,\n );\n if (!target) return;\n\n const isSelf = params.actorProfileId === params.profileId;\n if (!isSelf) {\n const actor = await this.#participants.findActiveMembership(\n params.roomId,\n params.actorProfileId,\n params.tenantId,\n );\n if (!actor \|\| !actor.isAdmin()) {\n throw new Error(\n 'Only a room owner/admin may remove another participant (authorization denied)',\n );\n }\n // An admin (non-owner) cannot remove an owner.\n if (target.isOwner() && !actor.isOwner()) {\n throw new Error(\n 'Only a room owner may remove an owner (authorization denied)',\n );\n }\n }\n\n target.status = 'left';\n await target.save();\n }\n\n /\n Update mutable room fields, restricted to a room owner/admin (S5 #1392).\n \n Generated `update` on ChatRoom is disabled, so this owner-checked path is the\n * only way to mutate room state. The acting identity is the server-supplied\n * `actorProfileId`.\n /\n async updateRoom(params: {\n tenantId: string;\n roomId: string;\n actorProfileId: string;\n name?: string;\n description?: string;\n topic?: string;\n avatarUrl?: string;\n status?: ChatRoomStatus;\n }) {\n await this.#requireRoomAdmin(\n params.roomId,\n params.actorProfileId,\n params.tenantId,\n );\n const room = await this.#rooms.get({\n id: params.roomId,\n tenantId: params.tenantId,\n });\n if (!room) throw new Error('Room not found');\n\n if (params.name !== undefined) room.name = params.name;\n if (params.description !== undefined) room.description = params.description;\n if (params.topic !== undefined) room.topic = params.topic;\n if (params.avatarUrl !== undefined) room.avatarUrl = params.avatarUrl;\n if (params.status !== undefined) room.status = params.status;\n await room.save();\n return room;\n }\n\n /\n Add a reaction to a message as the authenticated caller (S5 #1392).\n \n Generated `create` on ChatReaction is disabled. The reaction is always\n * authored as the server-supplied `actorProfileId` (no caller-supplied\n * `profileId`), and the actor must be an active member of the room that owns\n * the message. Idempotent: re-reacting with the same emoji returns the\n * existing row.\n /\n async addReaction(params: {\n tenantId: string;\n messageId: string;\n actorProfileId: string;\n emoji: string;\n }) {\n const message = await this.#messages.get({\n id: params.messageId,\n tenantId: params.tenantId,\n });\n if (!message) throw new Error('Message not found');\n\n await this.#requireActiveMembership(\n message.roomId,\n params.actorProfileId,\n params.tenantId,\n );\n\n const existing = await this.#reactions.list({\n where: {\n tenantId: params.tenantId,\n messageId: params.messageId,\n profileId: params.actorProfileId,\n emoji: params.emoji,\n },\n limit: 1,\n });\n if (existing[0]) return existing[0];\n\n return this.#reactions.create({\n tenantId: params.tenantId,\n messageId: params.messageId,\n profileId: params.actorProfileId,\n emoji: params.emoji,\n });\n }\n\n /\n Remove the caller's own reaction from a message (S5 #1392).\n \n Generated `delete` on ChatReaction is disabled. A caller may only delete\n * THEIR OWN reaction (keyed on `actorProfileId`), so the route cannot remove\n * another member's reaction.\n /\n async removeReaction(params: {\n tenantId: string;\n messageId: string;\n actorProfileId: string;\n emoji: string;\n }): Promise<boolean> {\n const existing = await this.#reactions.list({\n where: {\n tenantId: params.tenantId,\n messageId: params.messageId,\n profileId: params.actorProfileId,\n emoji: params.emoji,\n },\n limit: 1,\n });\n if (existing[0]) {\n await existing[0].delete();\n return true;\n }\n return false;\n }\n\n /\n Get or create a DM room with auto-participant setup.\n \n The acting identity is the server-supplied `actorProfileId`, which must be\n * one of the two DM participants — a caller cannot open a DM between two other\n * profiles on their behalf (S5 #1392). Enrollment uses the internal system\n * path (no owner check needed for a DM the actor is part of).\n /\n async getOrCreateDM(params: {\n tenantId: string;\n actorProfileId: string;\n profileId1: string;\n profileId2: string;\n }) {\n if (\n params.actorProfileId !== params.profileId1 &&\n params.actorProfileId !== params.profileId2\n ) {\n throw new Error(\n 'Caller must be a participant of the DM (authorization denied)',\n );\n }\n\n const room = await this.#rooms.findOrCreateDM(\n params.profileId1,\n params.profileId2,\n params.tenantId,\n this.#participants,\n );\n\n await this.#enrollParticipant({\n tenantId: params.tenantId,\n roomId: room.id as string,\n profileId: params.profileId1,\n });\n await this.#enrollParticipant({\n tenantId: params.tenantId,\n roomId: room.id as string,\n profileId: params.profileId2,\n });\n\n return room;\n }\n\n /\n Create an agent conversation session with a linked chat room (S5 #1392).\n \n The acting identity is the server-supplied `actorProfileId`; the session is\n * ALWAYS created for that actor as the owning participant. A caller cannot\n * supply a `participantProfileId` to open (and own) a session on behalf of\n * another profile.\n \n `sessionKey` scopes the session's identity to a conversation subject (e.g. a\n * content id) (S5 #1392). The reuse lookup keys on `(agentId,\n * participantProfileId, tenantId)`, which is too coarse for callers that open\n * separate conversations for distinct subjects under one agent/profile/tenant:\n * without a key, a session opened for subject A would be reused for a request\n * about subject B, returning A's room/threads on B's route. When `sessionKey`\n * is set, an existing session is reused ONLY if its key matches exactly, and a\n * newly created session records the key; distinct keys therefore get distinct\n * sessions and rooms. When omitted, behavior is unchanged (single session per\n * agent/profile/tenant).\n /\n async createAgentSession(params: {\n tenantId: string;\n agentId: string;\n actorProfileId: string;\n allowedTools?: string[];\n systemPrompt?: string;\n maxTokens?: number;\n maxMessages?: number;\n sessionKey?: string \| null;\n }) {\n const participantProfileId = params.actorProfileId;\n const sessionKey = params.sessionKey ?? null;\n // Check for existing active session first to avoid orphaned rooms. When a\n // sessionKey is supplied the reuse lookup is narrowed to a matching key so a\n // session opened for a different subject is never reused/rewritten here.\n const existingSession = await this.#agentSessions.findActiveSession(\n params.agentId,\n participantProfileId,\n params.tenantId,\n sessionKey,\n );\n if (existingSession && existingSession.tenantId === params.tenantId) {\n if (existingSession.chatRoomId) {\n // Tenant-bind the room lookup (S5 #1392): the session's chatRoomId must\n // resolve a room within the SAME tenant, never one from another tenant.\n const existingRoom = await this.#rooms.get({\n id: existingSession.chatRoomId,\n tenantId: params.tenantId,\n });\n if (existingRoom) {\n // Ensure both the participant and the agent are enrolled even on the\n // existing-session path. Legacy sessions created before the agent was\n // enrolled as a member would otherwise fail sendAgentReply's\n // membership check (S5 #1392). enrollParticipant is idempotent.\n await this.#enrollParticipant({\n tenantId: params.tenantId,\n roomId: existingRoom.id as string,\n profileId: participantProfileId,\n role: 'owner',\n });\n await this.#enrollParticipant({\n tenantId: params.tenantId,\n roomId: existingRoom.id as string,\n profileId: params.agentId,\n role: 'member',\n });\n return { session: existingSession, room: existingRoom };\n }\n }\n // Session exists but room is missing/orphaned — expire it so we create fresh\n await existingSession.expire();\n }\n\n // Create an agent-type room for this session\n const room = await this.#rooms.create({\n tenantId: params.tenantId,\n name: '',\n roomType: 'agent',\n createdByProfileId: participantProfileId,\n status: 'active',\n maxParticipants: 2,\n });\n\n // Add participant\n await this.#enrollParticipant({\n tenantId: params.tenantId,\n roomId: room.id as string,\n profileId: participantProfileId,\n role: 'owner',\n });\n\n // Add the agent itself as a member so its assistant/tool messages pass the\n // room-membership authorization check in sendMessage (S5 #1392).\n await this.#enrollParticipant({\n tenantId: params.tenantId,\n roomId: room.id as string,\n profileId: params.agentId,\n role: 'member',\n });\n\n // Create session (subject-scoped when a sessionKey is supplied, so the key\n // is persisted on the new session and future reuse lookups stay scoped).\n const session = await this.#agentSessions.findOrCreate({\n agentId: params.agentId,\n participantProfileId,\n tenantId: params.tenantId,\n allowedTools: params.allowedTools,\n chatRoomId: room.id as string,\n systemPrompt: params.systemPrompt,\n sessionKey,\n });\n\n if (params.maxTokens) session.maxTokens = params.maxTokens;\n if (params.maxMessages) session.maxMessages = params.maxMessages;\n await session.save();\n\n return { session, room };\n }\n\n /\n Send a USER message within an agent session (S5 #1392).\n \n The authenticated caller (`actorProfileId`) must be the session's owning\n * participant. The message is always authored as `session.participantProfileId`\n * — the caller cannot supply a `senderProfileId`, a `role`, or tool-call data,\n * so this path can never be used to post as the agent (`assistant`/`tool`) or\n * to impersonate another profile. Agent replies go through the internal\n * {@link ChatService.sendAgentReply}.\n /\n async sendAgentUserMessage(params: {\n tenantId: string;\n agentSessionId: string;\n actorProfileId: string;\n content: string;\n messageType?: ChatMessageType;\n }) {\n const session = await this.#loadActiveSession(\n params.agentSessionId,\n params.tenantId,\n );\n\n if (params.actorProfileId !== session.participantProfileId) {\n throw new Error(\n 'Only the session participant may post user messages in this agent session (authorization denied)',\n );\n }\n\n return this.#writeMessage({\n tenantId: params.tenantId,\n roomId: session.chatRoomId as string,\n senderProfileId: session.participantProfileId,\n content: params.content,\n role: 'user',\n messageType: params.messageType ?? 'text',\n agentSessionId: params.agentSessionId,\n });\n }\n\n /\n Emit an ASSISTANT or TOOL message authored by the agent (S5 #1392).\n \n INTERNAL authority: this is the only path that authors a message as the\n * agent, and it is not reachable with a caller-supplied `senderProfileId`/\n * `role`. The author is always `session.agentId`. Tool calls are gated\n * fail-closed against the session's allow-list. Intended for the trusted\n * agent-runtime, never a per-tenant request handler driven by client-supplied\n * role/sender.\n \n This is a `private` method and is NOT exported from the package index. The\n * in-process agent runtime reaches it through the {@link sendAgentReply}\n * bridge in this module, which is deliberately not re-exported from\n * `src/index.ts`, so a route/consumer can never author a message as the agent.\n /\n async #emitAgentReply(params: AgentReplyParams) {\n const session = await this.#loadActiveSession(\n params.agentSessionId,\n params.tenantId,\n );\n\n const role: ChatMessageRole = params.kind === 'tool' ? 'tool' : 'assistant';\n\n // Enforce the per-session tool allow-list, fail-closed (S5 #1392). A tool\n // call carries its tool name in toolCallData.name (or .tool); any call to a\n // tool not on the session's whitelist is rejected.\n if (\n params.messageType === 'tool_call' \|\|\n role === 'tool' \|\|\n params.toolCallData\n ) {\n const toolName = ChatService.#extractToolName(params.toolCallData);\n if (!toolName) {\n throw new Error('Tool call is missing a tool name');\n }\n if (!session.isToolAllowed(toolName)) {\n throw new Error(\n `Tool '${toolName}' is not allowed for this agent session (authorization denied)`,\n );\n }\n }\n\n return this.#writeMessage({\n tenantId: params.tenantId,\n roomId: session.chatRoomId as string,\n senderProfileId: session.agentId,\n content: params.content,\n role,\n messageType: params.messageType ?? 'text',\n threadId: params.threadId ?? null,\n agentSessionId: params.agentSessionId,\n toolCallData: params.toolCallData ?? null,\n });\n }\n\n /* Load an active agent session by id, tenant-bound, or throw. /\n async #loadActiveSession(agentSessionId: string, tenantId: string) {\n const session = await this.#agentSessions.get({\n id: agentSessionId,\n tenantId,\n });\n if (!session) throw new Error('Agent session not found');\n if (!session.isActive()) throw new Error('Agent session is not active');\n if (!session.chatRoomId) throw new Error('Agent session has no chat room');\n return session;\n }\n\n /\n Read messages in a room, gated on the AUTHENTICATED CALLER's active\n * membership (S5 #1392).\n \n The acting identity is the server-supplied `actorProfileId` (the\n * authenticated principal the route injects), NOT a caller-controlled\n * `profileId`. Authorizing a supplied `profileId` would make a route a\n * confused deputy: any caller could read a room by smuggling some member's\n * profile id. Throws if `actorProfileId` is not an active participant of\n * `roomId`. `tenantId` is required so the membership gate is always\n * tenant-scoped.\n /\n async getRoomMessages(params: {\n roomId: string;\n actorProfileId: string;\n tenantId: string;\n limit?: number;\n before?: string;\n }) {\n await this.#requireActiveMembership(\n params.roomId,\n params.actorProfileId,\n params.tenantId,\n );\n return this.#messages.getByRoom(params.roomId, params.tenantId, {\n limit: params.limit,\n before: params.before,\n });\n }\n\n /\n Load a room only if the AUTHENTICATED CALLER is an active member (S5 #1392).\n \n The acting identity is the server-supplied `actorProfileId`, never a\n * caller-controlled `profileId` (confused-deputy avoidance — see\n * {@link ChatService.getRoomMessages}). Returns null when the room does not\n * exist; throws when the actor is not an active participant. `tenantId` is\n * required so the lookup and the membership gate are always tenant-scoped.\n /\n async getRoomForMember(\n roomId: string,\n actorProfileId: string,\n tenantId: string,\n ) {\n const room = await this.#rooms.get({ id: roomId, tenantId });\n if (!room) return null;\n await this.#requireActiveMembership(roomId, actorProfileId, tenantId);\n return room;\n }\n\n /\n Tenant-bound read of a single agent session (S5 #1392).\n \n The lookup ALWAYS binds `tenantId` (including the `null`/untenanted scope),\n * so a caller can never resolve a session belonging to another tenant by id.\n * Returns `null` when no session matches the id within the tenant. Replaces\n * direct `agentSessions.get(id)` reach-ins in package consumers; consumers\n * still apply their own ownership/context authorization on the returned row.\n /\n async getAgentSession(\n lookup: AgentSessionLookup,\n ): Promise<AgentSession \| null> {\n const session = await this.#agentSessions.get({\n id: lookup.agentSessionId,\n tenantId: lookup.tenantId,\n });\n return session ?? null;\n }\n\n /\n Tenant-bound list of ACTIVE agent sessions for an (agent, participant) pair\n * (S5 #1392).\n \n Binds `tenantId` into the query so the result can never include a session\n * from another tenant. Replaces direct `agentSessions.list({ where })`\n * reach-ins; consumers apply their own per-session context authorization.\n /\n async findActiveAgentSessions(params: {\n tenantId: string \| null;\n agentId: string;\n participantProfileId: string;\n }): Promise<AgentSession[]> {\n const sessions = await this.#agentSessions.list({\n where: {\n tenantId: params.tenantId,\n agentId: params.agentId,\n participantProfileId: params.participantProfileId,\n status: 'active',\n },\n });\n return sessions.filter((s) => s.isActive());\n }\n\n /\n Tenant-bound read of a single thread (S5 #1392).\n \n Binds `tenantId` into the lookup so a thread from another tenant can never\n * be resolved by id. Returns `null` when no thread matches within the tenant.\n * Replaces direct `threads.get(id)` reach-ins.\n /\n async getThread(lookup: ThreadLookup): Promise<ChatThread \| null> {\n const thread = await this.#threads.get({\n id: lookup.threadId,\n tenantId: lookup.tenantId,\n });\n return thread ?? null;\n }\n\n /\n List a room's threads, gated on the caller's active membership (S5 #1392).\n \n Tenant- and membership-scoped: throws if `actorProfileId` is not an active\n * participant of `roomId`. Replaces direct `threads.list({ where: { roomId } })`\n * reach-ins that returned threads without a membership/tenant gate.\n /\n async listRoomThreads(params: {\n roomId: string;\n actorProfileId: string;\n tenantId: string;\n }): Promise<ChatThread[]> {\n await this.#requireActiveMembership(\n params.roomId,\n params.actorProfileId,\n params.tenantId,\n );\n return this.#threads.list({\n where: { tenantId: params.tenantId, roomId: params.roomId },\n orderBy: 'createdAt DESC',\n });\n }\n\n /\n Read messages within a thread, tenant- and membership-bound (S5 #1392).\n \n The thread is resolved tenant-bound; the caller must be an active member of\n * the thread's room. Messages are returned oldest-first (chronological).\n * Replaces direct `messages.list({ where: { threadId } })` reach-ins that\n * could read another tenant's/room's thread history by raw id.\n /\n async getThreadMessages(params: {\n threadId: string;\n actorProfileId: string;\n tenantId: string;\n limit?: number;\n }): Promise<ChatMessage[]> {\n const thread = await this.#threads.get({\n id: params.threadId,\n tenantId: params.tenantId,\n });\n if (!thread) {\n throw new Error('Thread not found');\n }\n await this.#requireActiveMembership(\n thread.roomId,\n params.actorProfileId,\n params.tenantId,\n );\n const messages = await this.#messages.list({\n where: {\n tenantId: params.tenantId,\n threadId: params.threadId,\n isDeleted: false,\n },\n orderBy: 'created_at DESC',\n limit: params.limit,\n });\n return messages.reverse();\n }\n\n /\n Update the per-session agent configuration (allowedTools / systemPrompt),\n * restricted to the session owner — the room owner participant (S5 #1392).\n \n Tool whitelist and system prompt govern what the agent may do, so only the\n * owning participant (not arbitrary tenant members or the agent itself) may\n * mutate them.\n /\n async updateAgentSessionConfig(params: {\n agentSessionId: string;\n actorProfileId: string;\n tenantId: string \| null;\n allowedTools?: string[];\n systemPrompt?: string;\n }) {\n // `tenantId` is mandatory and ALWAYS bound into the lookup (S5 #1392).\n // AgentSession tenancy is optional, so `null` is the explicit \"no tenant\"\n // scope — never \"any tenant\". This prevents mutating allowedTools /\n // systemPrompt on a session belonging to another tenant via an unbound get.\n const session = await this.#agentSessions.get({\n id: params.agentSessionId,\n tenantId: params.tenantId,\n });\n if (!session) throw new Error('Agent session not found');\n\n const isOwner = params.actorProfileId === session.participantProfileId;\n if (!isOwner) {\n throw new Error(\n 'Only the session owner may update agent session configuration (authorization denied)',\n );\n }\n\n if (params.allowedTools !== undefined) {\n session.setAllowedTools(params.allowedTools);\n }\n if (params.systemPrompt !== undefined) {\n session.systemPrompt = params.systemPrompt;\n }\n await session.save();\n return session;\n }\n\n /* Throw unless the profile is an active participant of the room. /\n async #requireActiveMembership(\n roomId: string,\n profileId: string,\n tenantId: string,\n ): Promise<void> {\n const isMember = await this.#participants.isActiveMember(\n roomId,\n profileId,\n tenantId,\n );\n if (!isMember) {\n throw new Error(\n 'Caller is not an active member of the room (authorization denied)',\n );\n }\n }\n\n /* Throw unless the profile is an active owner/admin of the room. /\n async #requireRoomAdmin(\n roomId: string,\n profileId: string,\n tenantId: string,\n ): Promise<void> {\n const actor = await this.#participants.findActiveMembership(\n roomId,\n profileId,\n tenantId,\n );\n if (!actor \|\| !actor.isAdmin()) {\n throw new Error(\n 'Caller must be a room owner/admin (authorization denied)',\n );\n }\n }\n\n /* Extract a tool name from tool-call payload data, if present. /\n static #extractToolName(\n data: Record<string, unknown> \| null \| undefined,\n ): string \| null {\n if (!data \|\| typeof data !== 'object') return null;\n const candidate =\n (data.name as unknown) ??\n (data.tool as unknown) ??\n (data.toolName as unknown);\n return typeof candidate === 'string' && candidate.length > 0\n ? candidate\n : null;\n }\n\n /\n Symbol-keyed bridge to the `private` {@link ChatService.emitAgentReply} for\n * the module-local {@link sendAgentReply} function (S5 #1392). A static member\n * may reach a private instance member of its own class, so this is the\n * sanctioned \"friend\" access without widening the public instance surface.\n \n Keyed on the module-private {@link RUN_AGENT_REPLY} symbol — NOT a named\n * static — so it does not appear on the `ChatService` type, is not enumerable,\n * and is callable only by code holding the (non-exported) symbol. This is the\n * sole path the agent-runtime bridge uses to author a message as the agent.\n /\n static [RUN_AGENT_REPLY](\n service: AgentReplyService,\n params: AgentReplyParams,\n ) {\n // The structural param lets this bridge be called across pnpm\n // module-instance boundaries (src vs dist). Any real instance is a\n // ChatService, so reaching the private `emitAgentReply` here is safe.\n return (service as ChatService).#emitAgentReply(params);\n }\n}\n\n/\n Structural ChatService surface accepted by {@link sendAgentReply}. The chat\n * collections are `#private`, so they cannot appear in a `Pick`; this opaque\n * marker type keeps the agent-runtime bridge callable across module-instance\n * boundaries (in a pnpm workspace a consumer's `ChatService` type may resolve to\n * the package source while this function resolves to dist) without naming any\n * private member. Any real ChatService instance satisfies it.\n /\nexport type AgentReplyService = Pick<ChatService, 'initialize'>;\n\n/\n Internal agent-runtime entry point: emit an ASSISTANT/TOOL message authored\n * as the session's agent (S5 #1392).\n \n NOT re-exported from `src/index.ts`. Only in-process, trusted agent-runtime\n * code that imports this module path directly can author messages as the agent;\n * route handlers and package consumers (which import from the package index)\n * cannot. The author is always `session.agentId`, never a caller-supplied\n * sender/role, and tool calls are gated fail-closed against `allowedTools`.\n \n Because this lives in the same module as {@link ChatService}, reaching the\n * symbol-keyed bridge (and through it the `private` method) is the owning\n * module's sanctioned \"friend\" access, not an external private reach-in.\n */\nexport function sendAgentReply(\n service: AgentReplyService,\n params: AgentReplyParams,\n) {\n return ChatService[RUN_AGENT_REPLY](service, params);\n}\n"],"names":["__decorateClass","tenantId"],"mappings":";;;;;;;;;;;;;;;AA0BO,IAAM,eAAN,cAA2B,WAAW;AAAA,EAc3C,WAA0B;AAAA,EAG1B,UAAkB;AAAA,EAGlB,uBAA+B;AAAA,EAG/B,aAA4B;AAAA,EAG5B,SAA6B;AAAA,EAI7B,eAAuB;AAAA,EAIvB,iBAAyB;AAAA,EAIzB,eAAuB;AAAA,EAGvB,eAAuB;AAAA,EAEvB,kBAA0B;AAAA,EAE1B,YAAoB;AAAA,EAEpB,cAAsB;AAAA,EAGtB,gBAA6B;AAAA,EAE7B,YAAyB;AAAA,EAEzB,WAAwB;AAAA,EAExB,YAAY,UAA+B,IAAI;AAC7C,UAAM,OAAO;AACb,QAAI,QAAQ,aAAa,OAAW,MAAK,WAAW,QAAQ;AAC5D,QAAI,QAAQ,YAAY,OAAW,MAAK,UAAU,QAAQ;AAC1D,QAAI,QAAQ,yBAAyB;AACnC,WAAK,uBAAuB,QAAQ;AACtC,QAAI,QAAQ,eAAe,OAAW,MAAK,aAAa,QAAQ;AAChE,QAAI,QAAQ,WAAW,OAAW,MAAK,SAAS,QAAQ;AACxD,QAAI,QAAQ,iBAAiB;AAC3B,WAAK,eAAe,QAAQ;AAC9B,QAAI,QAAQ,mBAAmB;AAC7B,WAAK,iBAAiB,QAAQ;AAChC,QAAI,QAAQ,iBAAiB;AAC3B,WAAK,eAAe,QAAQ;AAC9B,QAAI,QAAQ,iBAAiB;AAC3B,WAAK,eAAe,QAAQ;AAC9B,QAAI,QAAQ,oBAAoB;AAC9B,WAAK,kBAAkB,QAAQ;AACjC,QAAI,QAAQ,cAAc,OAAW,MAAK,YAAY,QAAQ;AAC9D,QAAI,QAAQ,gBAAgB;AAC1B,WAAK,cAAc,QAAQ;AAC7B,QAAI,QAAQ,kBAAkB;AAC5B,WAAK,gBAAgB,QAAQ;AAC/B,QAAI,QAAQ,cAAc,OAAW,MAAK,YAAY,QAAQ;AAC9D,QAAI,QAAQ,aAAa,OAAW,MAAK,WAAW,QAAQ;AAAA,EAC9D;AAAA,EAEA,kBAA4B;AAC1B,QAAI;AACF,YAAM,SAAS,KAAK,MAAM,KAAK,YAAY;AAC3C,aAAO,MAAM,QAAQ,MAAM,IACvB,OAAO,OAAO,CAAC,MAAmB,OAAO,MAAM,QAAQ,IACvD,CAAA;AAAA,IACN,QAAQ;AACN,aAAO,CAAA;AAAA,IACT;AAAA,EACF;AAAA,EAEA,gBAAgB,OAAuB;AACrC,SAAK,eAAe,KAAK,UAAU,KAAK;AAAA,EAC1C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,cAAc,UAA2B;AACvC,QAAI,OAAO,aAAa,YAAY,SAAS,WAAW,EAAG,QAAO;AAClE,WAAO,KAAK,kBAAkB,SAAS,QAAQ;AAAA,EACjD;AAAA,EAEA,WAAoB;AAClB,QAAI,KAAK,WAAW,SAAU,QAAO;AACrC,QAAI,KAAK,aAAa,oBAAI,UAAU,KAAK,UAAW,QAAO;AAC3D,QAAI,KAAK,cAAc,KAAK,KAAK,gBAAgB,KAAK;AACpD,aAAO;AACT,QAAI,KAAK,YAAY,KAAK,KAAK,mBAAmB,KAAK;AACrD,aAAO;AACT,WAAO;AAAA,EACT;AAAA,EAEA,YAAqB;AACnB,WAAO,KAAK,cAAc,QAAQ,oBAAI,KAAA,KAAU,KAAK;AAAA,EACvD;AAAA,EAEA,MAAM,QAAuB;AAC3B,SAAK,SAAS;AACd,SAAK,+BAAe,KAAA;AACpB,UAAM,KAAK,KAAA;AAAA,EACb;AAAA,EAEA,MAAM,SAAwB;AAC5B,SAAK,SAAS;AACd,SAAK,+BAAe,KAAA;AACpB,UAAM,KAAK,KAAA;AAAA,EACb;AAAA,EAEA,oBAA6C;AAC3C,QAAI;AACF,aAAO,KAAK,MAAM,KAAK,cAAc;AAAA,IACvC,QAAQ;AACN,aAAO,CAAA;AAAA,IACT;AAAA,EACF;AAAA,EAEA,kBAAkB,KAAoC;AACpD,SAAK,iBAAiB,KAAK,UAAU,GAAG;AAAA,EAC1C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,gBAA+B;AAC7B,UAAM,QACJ,KAAK,kBAAA,EAAoB,aAAa,yBAAyB;AACjE,WAAO,OAAO,UAAU,YAAY,MAAM,SAAS,IAAI,QAAQ;AAAA,EACjE;AAAA,EAEA,MAAM,qBAAqB,SAAiD;AAC1E,UAAM,UAAU,KAAK,kBAAA;AACrB,SAAK,iBAAiB,KAAK,UAAU,EAAE,GAAG,SAAS,GAAG,SAAS;AAC/D,UAAM,KAAK,KAAA;AAAA,EACb;AAAA,EAEA,MAAM,cAAc,aAAqB,GAAkB;AACzD,SAAK;AACL,SAAK,mBAAmB;AACxB,SAAK,oCAAoB,KAAA;AACzB,UAAM,KAAK,KAAA;AAAA,EACb;AACF;AAlKE,cAXW,cAWK,6BAA4B,cAAA;AAG5CA,kBAAA;AAAA,EADC,SAAS,EAAE,UAAU,KAAA,CAAM;AAAA,GAbjB,aAcX,WAAA,YAAA,CAAA;AAGAA,kBAAA;AAAA,EADC,MAAM,EAAE,UAAU,KAAA,CAAM;AAAA,GAhBd,aAiBX,WAAA,WAAA,CAAA;AAGAA,kBAAA;AAAA,EADC,gBAAgB,wCAAwC,EAAE,UAAU,MAAM;AAAA,GAnBhE,aAoBX,WAAA,wBAAA,CAAA;AAGAA,kBAAA;AAAA,EADC,WAAW,UAAU;AAAA,GAtBX,aAuBX,WAAA,cAAA,CAAA;AAGAA,kBAAA;AAAA,EADC,MAAM,EAAE,UAAU,KAAA,CAAM;AAAA,GAzBd,aA0BX,WAAA,UAAA,CAAA;AAIAA,kBAAA;AAAA,EADC,MAAA;AAAM,GA7BI,aA8BX,WAAA,gBAAA,CAAA;AAIAA,kBAAA;AAAA,EADC,MAAA;AAAM,GAjCI,aAkCX,WAAA,kBAAA,CAAA;AAIAA,kBAAA;AAAA,EADC,MAAA;AAAM,GArCI,aAsCX,WAAA,gBAAA,CAAA;AAGAA,kBAAA;AAAA,EADC,MAAA;AAAM,GAxCI,aAyCX,WAAA,gBAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GA1CI,aA2CX,WAAA,mBAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GA5CI,aA6CX,WAAA,aAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GA9CI,aA+CX,WAAA,eAAA,CAAA;AAGAA,kBAAA;AAAA,EADC,MAAA;AAAM,GAjDI,aAkDX,WAAA,iBAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GAnDI,aAoDX,WAAA,aAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GArDI,aAsDX,WAAA,YAAA,CAAA;AAtDW,eAANA,kBAAA;AAAA,EAPN,aAAa,EAAE,MAAM,YAAY;AAAA,EACjC,KAAK;AAAA,IACJ,WAAW;AAAA,IACX,KAAK,EAAE,SAAS,CAAC,QAAQ,KAAK,EAAA;AAAA,IAC9B,KAAK,EAAE,SAAS,CAAC,QAAQ,KAAK,EAAA;AAAA,IAC9B,KAAK;AAAA,EAAA,CACN;AAAA,GACY,YAAA;;;;;;;;;;;ACGN,IAAM,cAAN,cAA0B,WAAW;AAAA,EAE1C,WAAmB;AAAA,EAGnB,SAAiB;AAAA,EAEjB,WAA0B;AAAA,EAE1B,kBAA0B;AAAA,EAE1B,iBAAgC;AAAA,EAGhC,UAAkB;AAAA,EAElB,cAA+B;AAAA,EAE/B,OAAwB;AAAA,EAGxB,WAAoB;AAAA,EAEpB,WAAwB;AAAA,EAExB,YAAqB;AAAA,EAErB,mBAAkC;AAAA,EAGlC,WAAmB;AAAA,EAEnB,eAA8B;AAAA,EAE9B,cAAsB;AAAA,EAEtB,YAAY,UAA8B,IAAI;AAC5C,UAAM,OAAO;AACb,QAAI,QAAQ,aAAa,OAAW,MAAK,WAAW,QAAQ;AAC5D,QAAI,QAAQ,WAAW,OAAW,MAAK,SAAS,QAAQ;AACxD,QAAI,QAAQ,aAAa,OAAW,MAAK,WAAW,QAAQ;AAC5D,QAAI,QAAQ,oBAAoB;AAC9B,WAAK,kBAAkB,QAAQ;AACjC,QAAI,QAAQ,mBAAmB;AAC7B,WAAK,iBAAiB,QAAQ;AAChC,QAAI,QAAQ,YAAY,OAAW,MAAK,UAAU,QAAQ;AAC1D,QAAI,QAAQ,gBAAgB;AAC1B,WAAK,cAAc,QAAQ;AAC7B,QAAI,QAAQ,SAAS,OAAW,MAAK,OAAO,QAAQ;AACpD,QAAI,QAAQ,aAAa,OAAW,MAAK,WAAW,QAAQ;AAC5D,QAAI,QAAQ,aAAa,OAAW,MAAK,WAAW,QAAQ;AAC5D,QAAI,QAAQ,cAAc,OAAW,MAAK,YAAY,QAAQ;AAC9D,QAAI,QAAQ,qBAAqB;AAC/B,WAAK,mBAAmB,QAAQ;AAClC,QAAI,QAAQ,aAAa;AACvB,WAAK,WACH,OAAO,QAAQ,aAAa,WACxB,QAAQ,WACR,KAAK,UAAU,QAAQ,QAAQ;AACvC,QAAI,QAAQ,iBAAiB;AAC3B,WAAK,eACH,QAAQ,iBAAiB,OACrB,OACA,OAAO,QAAQ,iBAAiB,WAC9B,QAAQ,eACR,KAAK,UAAU,QAAQ,YAAY;AAC7C,QAAI,QAAQ,gBAAgB;AAC1B,WAAK,cAAc,QAAQ;AAAA,EAC/B;AAAA,EAEA,iBAMG;AACD,QAAI;AACF,aAAO,KAAK,MAAM,KAAK,WAAW;AAAA,IACpC,QAAQ;AACN,aAAO,CAAA;AAAA,IACT;AAAA,EACF;AAAA,EAEA,eACE,OAOM;AACN,SAAK,cAAc,KAAK,UAAU,KAAK;AAAA,EACzC;AAAA,EAEA,cAAuC;AACrC,QAAI;AACF,aAAO,KAAK,MAAM,KAAK,QAAQ;AAAA,IACjC,QAAQ;AACN,aAAO,CAAA;AAAA,IACT;AAAA,EACF;AAAA,EAEA,YAAY,MAAqC;AAC/C,SAAK,WAAW,KAAK,UAAU,IAAI;AAAA,EACrC;AAAA,EAEA,kBAAkD;AAChD,QAAI,CAAC,KAAK,aAAc,QAAO;AAC/B,QAAI;AACF,aAAO,KAAK,MAAM,KAAK,YAAY;AAAA,IACrC,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEA,gBAAgB,MAA4C;AAC1D,SAAK,eAAe,OAAO,KAAK,UAAU,IAAI,IAAI;AAAA,EACpD;AAAA,EAEA,iBAA0B;AACxB,WAAO,KAAK,iBAAiB,SAAS;AAAA,EACxC;AAAA,EAEA,aAAsB;AACpB,WAAO,KAAK,gBAAgB;AAAA,EAC9B;AAAA,EAEA,eAAwB;AACtB,WAAO,KAAK,gBAAgB;AAAA,EAC9B;AAAA,EAEA,cAAuB;AACrB,WAAO,KAAK,SAAS;AAAA,EACvB;AAAA,EAEA,kBAA2B;AACzB,WAAO,KAAK,SAAS;AAAA,EACvB;AAAA,EAEA,MAAM,KAAK,YAAmC;AAC5C,SAAK,UAAU;AACf,SAAK,WAAW;AAChB,SAAK,+BAAe,KAAA;AACpB,UAAM,KAAK,KAAA;AAAA,EACb;AAAA,EAEA,MAAM,aAA4B;AAChC,SAAK,YAAY;AACjB,SAAK,UAAU;AACf,UAAM,KAAK,KAAA;AAAA,EACb;AAAA,EAEA,WAAW,YAAY,KAAa;AAClC,QAAI,KAAK,UAAW,QAAO;AAC3B,UAAM,OAAO,KAAK,WAAW;AAC7B,QAAI,KAAK,UAAU,UAAW,QAAO;AACrC,WAAO,GAAG,KAAK,MAAM,GAAG,SAAS,CAAC;AAAA,EACpC;AACF;AA9JEA,kBAAA;AAAA,EADC,SAAA;AAAS,GADC,YAEX,WAAA,YAAA,CAAA;AAGAA,kBAAA;AAAA,EADC,WAAW,YAAY,EAAE,UAAU,MAAM;AAAA,GAJ/B,YAKX,WAAA,UAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,WAAW,YAAY;AAAA,GANb,YAOX,WAAA,YAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,gBAAgB,wCAAwC,EAAE,UAAU,MAAM;AAAA,GARhE,YASX,WAAA,mBAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,WAAW,cAAc;AAAA,GAVf,YAWX,WAAA,kBAAA,CAAA;AAGAA,kBAAA;AAAA,EADC,MAAA;AAAM,GAbI,YAcX,WAAA,WAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAM,EAAE,UAAU,KAAA,CAAM;AAAA,GAfd,YAgBX,WAAA,eAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAM,EAAE,UAAU,KAAA,CAAM;AAAA,GAjBd,YAkBX,WAAA,QAAA,CAAA;AAGAA,kBAAA;AAAA,EADC,MAAA;AAAM,GApBI,YAqBX,WAAA,YAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GAtBI,YAuBX,WAAA,YAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GAxBI,YAyBX,WAAA,aAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,WAAW,aAAa;AAAA,GA1Bd,YA2BX,WAAA,oBAAA,CAAA;AAGAA,kBAAA;AAAA,EADC,MAAA;AAAM,GA7BI,YA8BX,WAAA,YAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GA/BI,YAgCX,WAAA,gBAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GAjCI,YAkCX,WAAA,eAAA,CAAA;AAlCW,cAANA,kBAAA;AAAA,EAPN,aAAa,EAAE,MAAM,YAAY;AAAA,EACjC,KAAK;AAAA,IACJ,WAAW;AAAA,IACX,KAAK,EAAE,SAAS,CAAC,QAAQ,KAAK,EAAA;AAAA,IAC9B,KAAK,EAAE,SAAS,CAAC,QAAQ,KAAK,EAAA;AAAA,IAC9B,KAAK;AAAA,EAAA,CACN;AAAA,GACY,WAAA;;;;;;;;;;;ACCN,IAAM,kBAAN,cAA8B,WAAW;AAAA,EAE9C,WAAmB;AAAA,EAGnB,SAAiB;AAAA,EAEjB,YAAoB;AAAA,EAEpB,OAA4B;AAAA,EAE5B,SAAgC;AAAA,EAEhC,eAA6B;AAAA,EAE7B,oBAAmC;AAAA,EAEnC,aAA0B;AAAA,EAE1B,WAAwB;AAAA,EAExB,WAAmB;AAAA,EAEnB,UAAmB;AAAA,EAEnB,WAAoB;AAAA,EAEpB,YAAY,UAAkC,IAAI;AAChD,UAAM,OAAO;AACb,QAAI,QAAQ,aAAa,OAAW,MAAK,WAAW,QAAQ;AAC5D,QAAI,QAAQ,WAAW,OAAW,MAAK,SAAS,QAAQ;AACxD,QAAI,QAAQ,cAAc,OAAW,MAAK,YAAY,QAAQ;AAC9D,QAAI,QAAQ,SAAS,OAAW,MAAK,OAAO,QAAQ;AACpD,QAAI,QAAQ,WAAW,OAAW,MAAK,SAAS,QAAQ;AACxD,QAAI,QAAQ,iBAAiB;AAC3B,WAAK,eAAe,QAAQ;AAC9B,QAAI,QAAQ,sBAAsB;AAChC,WAAK,oBAAoB,QAAQ;AACnC,QAAI,QAAQ,eAAe,OAAW,MAAK,aAAa,QAAQ;AAChE,QAAI,QAAQ,aAAa,OAAW,MAAK,WAAW,QAAQ;AAC5D,QAAI,QAAQ,aAAa,OAAW,MAAK,WAAW,QAAQ;AAC5D,QAAI,QAAQ,YAAY,OAAW,MAAK,UAAU,QAAQ;AAC1D,QAAI,QAAQ,aAAa,OAAW,MAAK,WAAW,QAAQ;AAAA,EAC9D;AAAA,EAEA,WAAoB;AAClB,WAAO,KAAK,WAAW;AAAA,EACzB;AAAA,EAEA,UAAmB;AACjB,WAAO,KAAK,SAAS;AAAA,EACvB;AAAA,EAEA,UAAmB;AACjB,WAAO,KAAK,SAAS,WAAW,KAAK,SAAS;AAAA,EAChD;AAAA,EAEA,MAAM,SAAS,WAAkC;AAC/C,SAAK,oBAAoB;AACzB,SAAK,iCAAiB,KAAA;AACtB,UAAM,KAAK,KAAA;AAAA,EACb;AAAA,EAEA,MAAM,QAAuB;AAC3B,SAAK,SAAS;AACd,UAAM,KAAK,KAAA;AAAA,EACb;AAAA,EAEA,MAAM,UAAU,QAAqC;AACnD,SAAK,eAAe;AACpB,SAAK,iCAAiB,KAAA;AACtB,UAAM,KAAK,KAAA;AAAA,EACb;AACF;AAvEEA,kBAAA;AAAA,EADC,SAAA;AAAS,GADC,gBAEX,WAAA,YAAA,CAAA;AAGAA,kBAAA;AAAA,EADC,WAAW,YAAY,EAAE,UAAU,MAAM;AAAA,GAJ/B,gBAKX,WAAA,UAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,gBAAgB,wCAAwC,EAAE,UAAU,MAAM;AAAA,GANhE,gBAOX,WAAA,aAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAM,EAAE,UAAU,KAAA,CAAM;AAAA,GARd,gBASX,WAAA,QAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAM,EAAE,UAAU,KAAA,CAAM;AAAA,GAVd,gBAWX,WAAA,UAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAM,EAAE,UAAU,KAAA,CAAM;AAAA,GAZd,gBAaX,WAAA,gBAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,WAAW,aAAa;AAAA,GAdd,gBAeX,WAAA,qBAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GAhBI,gBAiBX,WAAA,cAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GAlBI,gBAmBX,WAAA,YAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GApBI,gBAqBX,WAAA,YAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GAtBI,gBAuBX,WAAA,WAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GAxBI,gBAyBX,WAAA,YAAA,CAAA;AAzBW,kBAANA,kBAAA;AAAA,EAPN,aAAa,EAAE,MAAM,YAAY;AAAA,EACjC,KAAK;AAAA,IACJ,WAAW;AAAA,IACX,KAAK,EAAE,SAAS,CAAC,QAAQ,KAAK,EAAA;AAAA,IAC9B,KAAK,EAAE,SAAS,CAAC,QAAQ,KAAK,EAAA;AAAA,IAC9B,KAAK;AAAA,EAAA,CACN;AAAA,GACY,eAAA;;;;;;;;;;;ACJN,IAAM,eAAN,cAA2B,WAAW;AAAA,EAE3C,WAAmB;AAAA,EAGnB,YAAoB;AAAA,EAEpB,YAAoB;AAAA,EAEpB,QAAgB;AAAA,EAEhB,YAAY,UAA+B,IAAI;AAC7C,UAAM,OAAO;AACb,QAAI,QAAQ,aAAa,OAAW,MAAK,WAAW,QAAQ;AAC5D,QAAI,QAAQ,cAAc,OAAW,MAAK,YAAY,QAAQ;AAC9D,QAAI,QAAQ,cAAc,OAAW,MAAK,YAAY,QAAQ;AAC9D,QAAI,QAAQ,UAAU,OAAW,MAAK,QAAQ,QAAQ;AAAA,EACxD;AACF;AAhBEA,kBAAA;AAAA,EADC,SAAA;AAAS,GADC,aAEX,WAAA,YAAA,CAAA;AAGAA,kBAAA;AAAA,EADC,WAAW,eAAe,EAAE,UAAU,MAAM;AAAA,GAJlC,aAKX,WAAA,aAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,gBAAgB,wCAAwC,EAAE,UAAU,MAAM;AAAA,GANhE,aAOX,WAAA,aAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAM,EAAE,UAAU,KAAA,CAAM;AAAA,GARd,aASX,WAAA,SAAA,CAAA;AATW,eAANA,kBAAA;AAAA,EAPN,aAAa,EAAE,MAAM,YAAY;AAAA,EACjC,KAAK;AAAA,IACJ,WAAW;AAAA,IACX,KAAK,EAAE,SAAS,CAAC,MAAM,EAAA;AAAA,IACvB,KAAK,EAAE,SAAS,CAAC,MAAM,EAAA;AAAA,IACvB,KAAK;AAAA,EAAA,CACN;AAAA,GACY,YAAA;;;;;;;;;;;ACWN,IAAM,WAAN,cAAuB,WAAW;AAAA,EAEvC,WAAmB;AAAA,EAGnB,OAAe;AAAA,EAEf,cAAsB;AAAA,EAEtB,WAAyB;AAAA,EAEzB,SAAyB;AAAA,EAEzB,QAAgB;AAAA,EAEhB,YAAoB;AAAA,EAEpB,aAAsB;AAAA,EAEtB,kBAA0B;AAAA,EAE1B,WAAmB;AAAA,EAEnB,qBAA6B;AAAA,EAE7B,gBAA6B;AAAA,EAE7B,YAAY,UAA2B,IAAI;AACzC,UAAM,OAAO;AACb,QAAI,QAAQ,aAAa,OAAW,MAAK,WAAW,QAAQ;AAC5D,QAAI,QAAQ,SAAS,OAAW,MAAK,OAAO,QAAQ;AACpD,QAAI,QAAQ,gBAAgB;AAC1B,WAAK,cAAc,QAAQ;AAC7B,QAAI,QAAQ,aAAa,OAAW,MAAK,WAAW,QAAQ;AAC5D,QAAI,QAAQ,WAAW,OAAW,MAAK,SAAS,QAAQ;AACxD,QAAI,QAAQ,UAAU,OAAW,MAAK,QAAQ,QAAQ;AACtD,QAAI,QAAQ,cAAc,OAAW,MAAK,YAAY,QAAQ;AAC9D,QAAI,QAAQ,eAAe,OAAW,MAAK,aAAa,QAAQ;AAChE,QAAI,QAAQ,oBAAoB;AAC9B,WAAK,kBAAkB,QAAQ;AACjC,QAAI,QAAQ,aAAa;AACvB,WAAK,WACH,OAAO,QAAQ,aAAa,WACxB,QAAQ,WACR,KAAK,UAAU,QAAQ,QAAQ;AACvC,QAAI,QAAQ,uBAAuB;AACjC,WAAK,qBAAqB,QAAQ;AACpC,QAAI,QAAQ,kBAAkB;AAC5B,WAAK,gBAAgB,QAAQ;AAAA,EACjC;AAAA,EAEA,cAAgC;AAC9B,QAAI;AACF,aAAO,KAAK,MAAM,KAAK,QAAQ;AAAA,IACjC,QAAQ;AACN,aAAO,CAAA;AAAA,IACT;AAAA,EACF;AAAA,EAEA,YAAY,MAA8B;AACxC,SAAK,WAAW,KAAK,UAAU,IAAI;AAAA,EACrC;AAAA,EAEA,eAAe,SAAiC;AAC9C,UAAM,UAAU,KAAK,YAAA;AACrB,SAAK,WAAW,KAAK,UAAU,EAAE,GAAG,SAAS,GAAG,SAAS;AAAA,EAC3D;AAAA,EAEA,OAAgB;AACd,WAAO,KAAK,aAAa;AAAA,EAC3B;AAAA,EAEA,cAAuB;AACrB,WAAO,KAAK,aAAa;AAAA,EAC3B;AAAA,EAEA,WAAoB;AAClB,WAAO,KAAK,aAAa;AAAA,EAC3B;AAAA,EAEA,WAAoB;AAClB,WAAO,KAAK,WAAW;AAAA,EACzB;AAAA,EAEA,MAAM,UAAyB;AAC7B,SAAK,aAAa;AAClB,SAAK,SAAS;AACd,UAAM,KAAK,KAAA;AAAA,EACb;AAAA,EAEA,MAAM,YAA2B;AAC/B,SAAK,aAAa;AAClB,SAAK,SAAS;AACd,UAAM,KAAK,KAAA;AAAA,EACb;AACF;AA7FEA,kBAAA;AAAA,EADC,SAAA;AAAS,GADC,SAEX,WAAA,YAAA,CAAA;AAGAA,kBAAA;AAAA,EADC,MAAA;AAAM,GAJI,SAKX,WAAA,QAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GANI,SAOX,WAAA,eAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAM,EAAE,UAAU,KAAA,CAAM;AAAA,GARd,SASX,WAAA,YAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAM,EAAE,UAAU,KAAA,CAAM;AAAA,GAVd,SAWX,WAAA,UAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GAZI,SAaX,WAAA,SAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GAdI,SAeX,WAAA,aAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GAhBI,SAiBX,WAAA,cAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GAlBI,SAmBX,WAAA,mBAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GApBI,SAqBX,WAAA,YAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,gBAAgB,sCAAsC;AAAA,GAtB5C,SAuBX,WAAA,sBAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GAxBI,SAyBX,WAAA,iBAAA,CAAA;AAzBW,WAANA,kBAAA;AAAA,EAPN,aAAa,EAAE,MAAM,YAAY;AAAA,EACjC,KAAK;AAAA,IACJ,WAAW;AAAA,IACX,KAAK,EAAE,SAAS,CAAC,QAAQ,KAAK,EAAA;AAAA,IAC9B,KAAK,EAAE,SAAS,CAAC,QAAQ,KAAK,EAAA;AAAA,IAC9B,KAAK;AAAA,EAAA,CACN;AAAA,GACY,QAAA;;;;;;;;;;;AClBN,IAAM,aAAN,cAAyB,WAAW;AAAA,EAEzC,WAAmB;AAAA,EAGnB,SAAiB;AAAA,EAMjB,gBAA+B;AAAA,EAE/B,QAAgB;AAAA,EAEhB,aAAsB;AAAA,EAEtB,eAAuB;AAAA,EAEvB,gBAA6B;AAAA,EAE7B,mBAA2B;AAAA,EAE3B,YAAY,UAA6B,IAAI;AAC3C,UAAM,OAAO;AACb,QAAI,QAAQ,aAAa,OAAW,MAAK,WAAW,QAAQ;AAC5D,QAAI,QAAQ,WAAW,OAAW,MAAK,SAAS,QAAQ;AACxD,QAAI,QAAQ,kBAAkB;AAC5B,WAAK,gBAAgB,QAAQ;AAC/B,QAAI,QAAQ,UAAU,OAAW,MAAK,QAAQ,QAAQ;AACtD,QAAI,QAAQ,eAAe,OAAW,MAAK,aAAa,QAAQ;AAChE,QAAI,QAAQ,iBAAiB;AAC3B,WAAK,eAAe,QAAQ;AAC9B,QAAI,QAAQ,kBAAkB;AAC5B,WAAK,gBAAgB,QAAQ;AAC/B,QAAI,QAAQ,qBAAqB;AAC/B,WAAK,mBAAmB,QAAQ;AAAA,EACpC;AAAA,EAEA,MAAM,UAAyB;AAC7B,SAAK,aAAa;AAClB,UAAM,KAAK,KAAA;AAAA,EACb;AAAA,EAEA,MAAM,SAAwB;AAC5B,SAAK,aAAa;AAClB,UAAM,KAAK,KAAA;AAAA,EACb;AACF;AA9CE,gBAAA;AAAA,EADC,SAAA;AAAS,GADC,WAEX,WAAA,YAAA,CAAA;AAGA,gBAAA;AAAA,EADC,WAAW,YAAY,EAAE,UAAU,MAAM;AAAA,GAJ/B,WAKX,WAAA,UAAA,CAAA;AAMA,gBAAA;AAAA,EADC,WAAW,eAAe,EAAE,UAAU,MAAM;AAAA,GAVlC,WAWX,WAAA,iBAAA,CAAA;AAEA,gBAAA;AAAA,EADC,MAAA;AAAM,GAZI,WAaX,WAAA,SAAA,CAAA;AAEA,gBAAA;AAAA,EADC,MAAA;AAAM,GAdI,WAeX,WAAA,cAAA,CAAA;AAEA,gBAAA;AAAA,EADC,MAAA;AAAM,GAhBI,WAiBX,WAAA,gBAAA,CAAA;AAEA,gBAAA;AAAA,EADC,MAAA;AAAM,GAlBI,WAmBX,WAAA,iBAAA,CAAA;AAEA,gBAAA;AAAA,EADC,MAAA;AAAM,GApBI,WAqBX,WAAA,oBAAA,CAAA;AArBW,aAAN,gBAAA;AAAA,EAPN,aAAa,EAAE,MAAM,YAAY;AAAA,EACjC,KAAK;AAAA,IACJ,WAAW;AAAA,IACX,KAAK,EAAE,SAAS,CAAC,QAAQ,KAAK,EAAA;AAAA,IAC9B,KAAK,EAAE,SAAS,CAAC,QAAQ,KAAK,EAAA;AAAA,IAC9B,KAAK;AAAA,EAAA,CACN;AAAA,GACY,UAAA;AChBN,MAAM,+BAA+B,eAA6B;AAAA,EACvE,OAAgB,aAAa;AAAA,EAE7B,MAAM,wBACJ,sBACyB;AACzB,UAAM,WAAW,MAAM,KAAK,KAAK;AAAA,MAC/B,OAAO,EAAE,sBAAsB,QAAQ,SAAA;AAAA,IAAS,CACjD;AACD,WAAO,SAAS,OAAO,CAAC,MAAM,EAAE,UAAU;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAmBA,MAAM,kBACJ,SACA,sBACAC,WACA,YAC8B;AAC9B,UAAM,QAAiC;AAAA,MACrC;AAAA,MACA;AAAA,MACA,QAAQ;AAAA,MACR,UAAAA;AAAA,IAAA;AAEF,UAAM,WAAW,MAAM,KAAK,KAAK,EAAE,OAAO;AAC1C,UAAM,SAAS,SAAS;AAAA,MACtB,CAAC,MACC,EAAE,SAAA,MACD,eAAe,UACd,EAAE,cAAA,OAAqB,cAAc;AAAA,IAAA;AAE3C,WAAO,UAAU;AAAA,EACnB;AAAA,EAEA,MAAM,aAAa,QAaO;AACxB,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B,OAAO;AAAA,MACP,OAAO;AAAA,MACP,OAAO;AAAA,MACP,OAAO;AAAA,IAAA;AAET,QAAI,SAAU,QAAO;AAErB,UAAM,iBACJ,OAAO,cAAc,OACjB,KAAK,UAAU;AAAA,MACb,CAAC,aAAa,yBAAyB,GAAG,OAAO;AAAA,IAAA,CAClD,IACD;AAEN,UAAM,UAAU,MAAM,KAAK,OAAO;AAAA,MAChC,SAAS,OAAO;AAAA,MAChB,sBAAsB,OAAO;AAAA,MAC7B,UAAU,OAAO,YAAY;AAAA,MAC7B,cAAc,KAAK,UAAU,OAAO,gBAAgB,CAAA,CAAE;AAAA,MACtD,YAAY,OAAO,cAAc;AAAA,MACjC,cAAc,OAAO,gBAAgB;AAAA,MACrC,QAAQ;AAAA,MACR,GAAI,mBAAmB,SAAY,EAAE,mBAAmB,CAAA;AAAA,IAAC,CAC1D;AACD,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,YAAY,SAA0C;AAC1D,WAAO,KAAK,KAAK,EAAE,OAAO,EAAE,QAAA,GAAW;AAAA,EACzC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAeA,MAAM,YACJ,WACA,OACiB;AACjB,UAAM,YAAqC,EAAE,QAAQ,SAAA;AACrD,QAAI,OAAO,aAAa,OAAW,WAAU,WAAW,MAAM;AAC9D,QAAI,OAAO,YAAY,OAAW,WAAU,UAAU,MAAM;AAG5D,UAAM,gBAAgB,MAAM,KAAK,KAAK;AAAA,MACpC,OAAO,EAAE,GAAG,WAAW,mBAAmB,UAAA;AAAA,IAAU,CACrD;AAGD,UAAM,gBAAgB,MAAM,KAAK,KAAK;AAAA,MACpC,OAAO,EAAE,GAAG,WAAW,eAAe,MAAM,gBAAgB,UAAA;AAAA,IAAU,CACvE;AAED,UAAM,2BAAW,IAAA;AACjB,QAAI,UAAU;AACd,eAAW,WAAW,CAAC,GAAG,eAAe,GAAG,aAAa,GAAG;AAC1D,YAAM,KAAK,QAAQ;AACnB,UAAI,CAAC,MAAM,KAAK,IAAI,EAAE,EAAG;AACzB,WAAK,IAAI,EAAE;AACX,YAAM,QAAQ,OAAA;AACd;AAAA,IACF;AACA,WAAO;AAAA,EACT;AACF;AC1IO,MAAM,8BAA8B,eAA4B;AAAA,EACrE,OAAgB,aAAa;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAe7B,MAAM,UACJ,QACAA,WACA,SACwB;AACxB,UAAM,QAAiC;AAAA,MACrC;AAAA,MACA,UAAAA;AAAA,MACA,WAAW;AAAA,MACX,UAAU;AAAA,IAAA;AAOZ,QAAI,SAAS,QAAQ;AACnB,YAAM,YAAY,MAAM,KAAK,IAAI;AAAA,QAC/B,IAAI,QAAQ;AAAA,QACZ;AAAA,QACA,UAAAA;AAAA,QACA,WAAW;AAAA,QACX,UAAU;AAAA,MAAA,CACX;AACD,UAAI,WAAW,YAAY;AACzB,cAAM,cAAc,IAAI,UAAU;AAAA,MACpC;AAAA,IACF;AAEA,WAAO,KAAK,KAAK;AAAA,MACf;AAAA,MACA,SAAS;AAAA,MACT,OAAO,SAAS;AAAA,IAAA,CACjB;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,YACJ,UACAA,WACwB;AACxB,WAAO,KAAK,KAAK,EAAE,OAAO,EAAE,UAAU,UAAAA,WAAU,WAAW,MAAA,GAAS;AAAA,EACtE;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,kBACJ,gBACAA,WACwB;AACxB,WAAO,KAAK,KAAK,EAAE,OAAO,EAAE,gBAAgB,UAAAA,WAAU,WAAW,MAAA,GAAS;AAAA,EAC5E;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAqBA,MAAM,OACJ,SACwB;AACxB,UAAM,QAAiC;AAAA,MACrC,UAAU,QAAQ;AAAA,MAClB,WAAW;AAAA,IAAA;AAEb,QAAI,QAAQ,OAAQ,OAAM,SAAS,QAAQ;AAC3C,QAAI,QAAQ,SAAU,OAAM,WAAW,QAAQ;AAC/C,QAAI,QAAQ;AACV,YAAM,kBAAkB,QAAQ;AAClC,QAAI,QAAQ,YAAa,OAAM,cAAc,QAAQ;AACrD,QAAI,QAAQ,KAAM,OAAM,OAAO,QAAQ;AACvC,QAAI,QAAQ,MAAO,OAAM,cAAc,IAAI,IAAI,QAAQ,KAAK;AAC5D,QAAI,QAAQ,UAAW,OAAM,eAAe,IAAI,QAAQ;AACxD,QAAI,QAAQ,WAAY,OAAM,cAAc,IAAI,QAAQ;AAExD,UAAM,QAAQ,QAAQ,SAAS;AAM/B,QAAI,QAAQ,mBAAmB,MAAM;AACnC,YAAM,gBAAgB,IAAI;AAAA,IAC5B,WAAW,QAAQ,mBAAmB,OAAO;AAC3C,YAAM,cAAc;AAAA,IACtB;AAEA,UAAM,WAAW,MAAM,KAAK,KAAK;AAAA,MAC/B;AAAA,MACA,SAAS;AAAA,MACT;AAAA,IAAA,CACD;AAKD,QAAI,QAAQ,mBAAmB,QAAW;AACxC,aAAO,SACJ,OAAO,CAAC,MAAM,EAAE,qBAAqB,QAAQ,cAAc,EAC3D,MAAM,GAAG,KAAK;AAAA,IACnB;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,MAAM,eACJ,QACAA,WACA,mBACiB;AACjB,UAAM,OAAO,EAAE,QAAQ,UAAAA,WAAU,WAAW,OAAO,UAAU,KAAA;AAE7D,QAAI,CAAC,kBAAmB,QAAO,KAAK,MAAM,EAAE,OAAO,MAAM;AAKzD,UAAM,cAAc,MAAM,KAAK,IAAI;AAAA,MACjC,IAAI;AAAA,MACJ;AAAA,MACA,UAAAA;AAAA,MACA,WAAW;AAAA,MACX,UAAU;AAAA,IAAA,CACX;AACD,QAAI,CAAC,aAAa,WAAY,QAAO,KAAK,MAAM,EAAE,OAAO,MAAM;AAE/D,WAAO,KAAK,MAAM;AAAA,MAChB,OAAO,EAAE,GAAG,MAAM,gBAAgB,YAAY,WAAA;AAAA,IAAW,CAC1D;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,MAAM,iBACJ,SACAA,WACmC;AACnC,UAAM,6BAAa,IAAA;AACnB,eAAW,UAAU,SAAS;AAC5B,YAAM,SAAS,MAAM,KAAK,KAAK;AAAA,QAC7B,OAAO,EAAE,QAAQ,UAAAA,WAAU,WAAW,OAAO,UAAU,KAAA;AAAA,QACvD,SAAS;AAAA,QACT,OAAO;AAAA,MAAA,CACR;AACD,UAAI,OAAO,SAAS,GAAG;AACrB,eAAO,IAAI,QAAQ,OAAO,CAAC,CAAC;AAAA,MAC9B;AAAA,IACF;AACA,WAAO;AAAA,EACT;AACF;AC5MO,MAAM,kCAAkC,eAAgC;AAAA,EAC7E,OAAgB,aAAa;AAAA,EAE7B,MAAM,UAAU,QAA4C;AAC1D,WAAO,KAAK,KAAK,EAAE,OAAO,EAAE,QAAQ,QAAQ,SAAA,GAAY;AAAA,EAC1D;AAAA,EAEA,MAAM,aAAa,WAA+C;AAChE,WAAO,KAAK,KAAK,EAAE,OAAO,EAAE,WAAW,QAAQ,SAAA,GAAY;AAAA,EAC7D;AAAA,EAEA,MAAM,eACJ,QACA,WACAA,WACiC;AACjC,UAAM,QAAiC,EAAE,QAAQ,UAAA;AACjD,QAAIA,cAAa,OAAW,OAAM,WAAWA;AAC7C,UAAM,UAAU,MAAM,KAAK,KAAK,EAAE,OAAO;AACzC,WAAO,QAAQ,CAAC,KAAK;AAAA,EACvB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,MAAM,qBACJ,QACA,WACAA,WACiC;AACjC,UAAM,QAAiC;AAAA,MACrC;AAAA,MACA;AAAA,MACA,QAAQ;AAAA,MACR,UAAAA;AAAA,IAAA;AAEF,UAAM,UAAU,MAAM,KAAK,KAAK,EAAE,OAAO,OAAO,GAAG;AACnD,WAAO,QAAQ,CAAC,KAAK;AAAA,EACvB;AAAA;AAAA,EAGA,MAAM,eACJ,QACA,WACAA,WACkB;AAClB,WACG,MAAM,KAAK,qBAAqB,QAAQ,WAAWA,SAAQ,MAAO;AAAA,EAEvE;AAAA,EAEA,MAAM,gBAAgB,QAA4C;AAChE,UAAM,eAAe,MAAM,KAAK,KAAK;AAAA,MACnC,OAAO,EAAE,QAAQ,QAAQ,SAAA;AAAA,IAAS,CACnC;AACD,WAAO,aAAa,OAAO,CAAC,MAAM,EAAE,iBAAiB,SAAS;AAAA,EAChE;AAAA,EAEA,MAAM,gBAAgB,QAA4C;AAChE,UAAM,eAAe,MAAM,KAAK,KAAK;AAAA,MACnC,OAAO,EAAE,QAAQ,QAAQ,SAAA;AAAA,IAAS,CACnC;AACD,WAAO,aAAa,OAAO,CAAC,MAAM,EAAE,SAAS;AAAA,EAC/C;AAAA,EAEA,MAAM,YAAY,QAAiC;AACjD,UAAM,eAAe,MAAM,KAAK,KAAK;AAAA,MACnC,OAAO,EAAE,QAAQ,QAAQ,SAAA;AAAA,IAAS,CACnC;AACD,WAAO,aAAa;AAAA,EACtB;AACF;AC/EO,MAAM,+BAA+B,eAA6B;AAAA,EACvE,OAAgB,aAAa;AAAA,EAE7B,MAAM,aAAa,WAA4C;AAC7D,WAAO,KAAK,KAAK,EAAE,OAAO,EAAE,UAAA,GAAa;AAAA,EAC3C;AAAA;AAAA,EAGA,MAAM,kBACJ,WAC+D;AAC/D,UAAM,YAAY,MAAM,KAAK,KAAK,EAAE,OAAO,EAAE,UAAA,GAAa;AAC1D,UAAM,6BAAa,IAAA;AAEnB,eAAW,YAAY,WAAW;AAChC,YAAM,WAAW,OAAO,IAAI,SAAS,KAAK;AAC1C,UAAI,UAAU;AACZ,iBAAS;AACT,iBAAS,WAAW,KAAK,SAAS,SAAS;AAAA,MAC7C,OAAO;AACL,eAAO,IAAI,SAAS,OAAO;AAAA,UACzB,OAAO;AAAA,UACP,YAAY,CAAC,SAAS,SAAS;AAAA,QAAA,CAChC;AAAA,MACH;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,MAAM,OACJ,WACA,WACA,OACAA,WAC6B;AAC7B,UAAM,WAAW,MAAM,KAAK,KAAK;AAAA,MAC/B,OAAO,EAAE,WAAW,WAAW,OAAO,UAAAA,UAAA;AAAA,IAAS,CAChD;AAED,QAAI,SAAS,SAAS,GAAG;AACvB,YAAM,SAAS,CAAC,EAAE,OAAA;AAClB,aAAO,EAAE,OAAO,MAAA;AAAA,IAClB;AAEA,UAAM,KAAK,OAAO;AAAA,MAChB,UAAAA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IAAA,CACD;AACD,WAAO,EAAE,OAAO,KAAA;AAAA,EAClB;AACF;AChDO,SAAS,kBACdA,WACA,YACA,YACQ;AACR,QAAM,CAAC,GAAG,CAAC,IAAI,CAAC,YAAY,UAAU,EAAE,KAAA;AACxC,QAAM,MAAM,MAAMA,SAAQ,IAAI,CAAC,IAAI,CAAC;AACpC,QAAM,OAAO,WAAW,MAAM,EAAE,OAAO,GAAG,EAAE,OAAO,KAAK;AAExD,SAAO;AAAA,IACL,KAAK,MAAM,GAAG,CAAC;AAAA,IACf,KAAK,MAAM,GAAG,EAAE;AAAA,IAChB,IAAI,KAAK,MAAM,IAAI,EAAE,CAAC;AAAA,KACpB,OAAO,SAAS,KAAK,MAAM,IAAI,EAAE,GAAG,EAAE,IAAI,KAAQ,KACjD,SAAS,EAAE,EACX,SAAS,GAAG,GAAG,IAAI,KAAK,MAAM,IAAI,EAAE;AAAA,IACvC,KAAK,MAAM,IAAI,EAAE;AAAA,EAAA,EACjB,KAAK,GAAG;AACZ;AAEO,MAAM,2BAA2B,eAAyB;AAAA,EAC/D,OAAgB,aAAa;AAAA,EAE7B,MAAM,WAAW,UAA6C;AAC5D,WAAO,KAAK,KAAK,EAAE,OAAO,EAAE,UAAU,QAAQ,SAAA,GAAY;AAAA,EAC5D;AAAA,EAEA,MAAM,aAAkC;AACtC,WAAO,KAAK,KAAK,EAAE,OAAO,EAAE,UAAU,UAAU,QAAQ,SAAA,GAAY;AAAA,EACtE;AAAA,EAEA,MAAM,UAA+B;AACnC,WAAO,KAAK,KAAK,EAAE,OAAO,EAAE,UAAU,MAAM,QAAQ,SAAA,GAAY;AAAA,EAClE;AAAA,EAEA,MAAM,iBAAsC;AAC1C,WAAO,KAAK,KAAK,EAAE,OAAO,EAAE,UAAU,SAAS,QAAQ,SAAA,GAAY;AAAA,EACrE;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,MAAM,OACJ,OACA,SACqB;AACrB,UAAM,QAAQ,SAAS,SAAS;AAChC,UAAM,OAAO,IAAI,KAAK;AACtB,UAAM,UAAU,CAAC,QAAQ,eAAe,OAAO;AAE/C,UAAM,6BAAa,IAAA;AACnB,eAAW,UAAU,SAAS;AAC5B,YAAM,UAAU,MAAM,KAAK,KAAK;AAAA,QAC9B,OAAO,EAAE,QAAQ,UAAU,CAAC,GAAG,MAAM,OAAO,GAAG,KAAA;AAAA,QAC/C,SAAS;AAAA,QACT;AAAA,MAAA,CACD;AACD,iBAAW,QAAQ,SAAS;AAC1B,YAAI,KAAK,GAAI,QAAO,IAAI,KAAK,IAAI,IAAI;AAAA,MACvC;AACA,UAAI,OAAO,QAAQ,MAAO;AAAA,IAC5B;AAEA,WAAO,MAAM,KAAK,OAAO,OAAA,CAAQ,EAAE,MAAM,GAAG,KAAK;AAAA,EACnD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,MAAM,eACJ,YACA,YACAA,WACA,cACmB;AAGnB,UAAM,OAAO,kBAAkBA,WAAU,YAAY,UAAU;AAC/D,UAAM,YAAY,MAAM,KAAK,IAAI,EAAE,IAAI,MAAM,UAAAA,WAAU;AACvD,QAAI,aAAa,UAAU,aAAa,MAAM;AAC5C,aAAO;AAAA,IACT;AAMA,UAAM,eAAe,MAAM,aAAa,KAAK;AAAA,MAC3C,OAAO,EAAE,WAAW,YAAY,QAAQ,UAAU,UAAAA,UAAA;AAAA,IAAS,CAC5D;AACD,UAAM,mBAAmB,aAAa,IAAI,CAAC,MAAM,EAAE,MAAM;AAEzD,eAAW,UAAU,kBAAkB;AACrC,YAAM,KAAK,MAAM,KAAK,IAAI,EAAE,IAAI,QAAQ,UAAAA,WAAU;AAClD,UAAI,CAAC,MAAM,GAAG,aAAa,QAAQ,GAAG,WAAW,SAAU;AAG3D,YAAM,SAAS,MAAM,aAAa,KAAK;AAAA,QACrC,OAAO,EAAE,QAAQ,WAAW,YAAY,QAAQ,UAAU,UAAAA,UAAA;AAAA,MAAS,CACpE;AACD,UAAI,OAAO,SAAS,GAAG;AACrB,eAAO;AAAA,MACT;AAAA,IACF;AAMA,UAAM,OAAO,MAAM,KAAK,OAAO;AAAA,MAC7B,IAAI;AAAA,MACJ,UAAAA;AAAA,MACA,MAAM;AAAA,MACN,UAAU;AAAA,MACV,QAAQ;AAAA,MACR,iBAAiB;AAAA,IAAA,CAClB;AACD,WAAO;AAAA,EACT;AACF;AC9IO,MAAM,6BAA6B,eAA2B;AAAA,EACnE,OAAgB,aAAa;AAAA,EAE7B,MAAM,UAAU,QAAuC;AACrD,WAAO,KAAK,KAAK,EAAE,OAAO,EAAE,OAAA,GAAU;AAAA,EACxC;AAAA,EAEA,MAAM,UAAU,QAAuC;AACrD,UAAM,UAAU,MAAM,KAAK,KAAK,EAAE,OAAO,EAAE,OAAA,GAAU;AACrD,WAAO,QAAQ,OAAO,CAAC,MAAM,CAAC,EAAE,UAAU;AAAA,EAC5C;AAAA,EAEA,MAAM,gBAAuC;AAC3C,UAAM,UAAU,MAAM,KAAK,KAAK,CAAA,CAAE;AAClC,WAAO,QAAQ,OAAO,CAAC,MAAM,CAAC,EAAE,UAAU;AAAA,EAC5C;AACF;ACkEA,MAAM,yCAAyB,yBAAyB;AAEjD,MAAM,YAAY;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAMd;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAED,YACN,OACA,UACA,cACA,SACA,eACA,WACA;AACA,SAAK,SAAS;AACd,SAAK,YAAY;AACjB,SAAK,gBAAgB;AACrB,SAAK,WAAW;AAChB,SAAK,iBAAiB;AACtB,SAAK,aAAa;AAAA,EACpB;AAAA,EAEA,aAAa,OAAO,SAAkD;AACpE,mBAAe;AAAA,MACb;AAAA,MACA;AAAA,IAAA;AAEF,mBAAe;AAAA,MACb;AAAA,MACA;AAAA,IAAA;AAEF,mBAAe;AAAA,MACb;AAAA,MACA;AAAA,IAAA;AAEF,mBAAe;AAAA,MACb;AAAA,MACA;AAAA,IAAA;AAEF,mBAAe;AAAA,MACb;AAAA,MACA;AAAA,IAAA;AAEF,mBAAe;AAAA,MACb;AAAA,MACA;AAAA,IAAA;AAGF,UAAM,QAAS,MAAM,eAAe;AAAA,MAClC;AAAA,MACA;AAAA,IAAA;AAEF,UAAM,WAAY,MAAM,eAAe;AAAA,MACrC;AAAA,MACA;AAAA,IAAA;AAEF,UAAM,eAAgB,MAAM,eAAe;AAAA,MACzC;AAAA,MACA;AAAA,IAAA;AAEF,UAAM,UAAW,MAAM,eAAe;AAAA,MACpC;AAAA,MACA;AAAA,IAAA;AAEF,UAAM,gBAAiB,MAAM,eAAe;AAAA,MAC1C;AAAA,MACA;AAAA,IAAA;AAEF,UAAM,YAAa,MAAM,eAAe;AAAA,MACtC;AAAA,MACA;AAAA,IAAA;AAGF,WAAO,IAAI;AAAA,MACT;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IAAA;AAAA,EAEJ;AAAA;AAAA,EAGA,MAAM,aAA4B;AAChC,UAAM,KAAK,OAAO,WAAA;AAClB,UAAM,KAAK,UAAU,WAAA;AACrB,UAAM,KAAK,cAAc,WAAA;AACzB,UAAM,KAAK,SAAS,WAAA;AACpB,UAAM,KAAK,eAAe,WAAA;AAC1B,UAAM,KAAK,WAAW,WAAA;AAAA,EACxB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,MAAM,WAAW,QAOd;AACD,UAAM,OAAO,MAAM,KAAK,OAAO,OAAO;AAAA,MACpC,UAAU,OAAO;AAAA,MACjB,MAAM,OAAO;AAAA,MACb,UAAU,OAAO;AAAA,MACjB,oBAAoB,OAAO;AAAA,MAC3B,aAAa,OAAO,eAAe;AAAA,MACnC,OAAO,OAAO,SAAS;AAAA,MACvB,QAAQ;AAAA,IAAA,CACT;AAED,UAAM,KAAK,mBAAmB;AAAA,MAC5B,UAAU,OAAO;AAAA,MACjB,QAAQ,KAAK;AAAA,MACb,WAAW,OAAO;AAAA,MAClB,MAAM;AAAA,IAAA,CACP;AAED,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAiBA,MAAM,YAAY,QASf;AACD,WAAO,KAAK,cAAc;AAAA,MACxB,UAAU,OAAO;AAAA,MACjB,QAAQ,OAAO;AAAA,MACf,iBAAiB,OAAO;AAAA,MACxB,SAAS,OAAO;AAAA,MAChB,MAAM;AAAA,MACN,aAAa,OAAO,eAAe;AAAA,MACnC,UAAU,OAAO,YAAY;AAAA,MAC7B,gBAAgB,OAAO,kBAAkB;AAAA,MACzC,kBAAkB,OAAO,oBAAoB;AAAA,IAAA,CAC9C;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWA,MAAM,cAAc,OAA6B;AAC/C,QAAI,CAAC,MAAM,qBAAqB;AAC9B,YAAM,WAAW,MAAM,KAAK,cAAc;AAAA,QACxC,MAAM;AAAA,QACN,MAAM;AAAA,QACN,MAAM;AAAA,MAAA;AAER,UAAI,CAAC,UAAU;AACb,cAAM,IAAI;AAAA,UACR;AAAA,QAAA;AAAA,MAEJ;AAAA,IACF;AASA,UAAM,SAAS,MAAM,WACjB,MAAM,KAAK,SAAS,IAAI;AAAA,MACtB,IAAI,MAAM;AAAA,MACV,QAAQ,MAAM;AAAA,MACd,UAAU,MAAM;AAAA,IAAA,CACjB,IACD;AACJ,QAAI,MAAM,YAAY,CAAC,QAAQ;AAC7B,YAAM,IAAI;AAAA,QACR;AAAA,MAAA;AAAA,IAEJ;AAEA,UAAM,UAAU,MAAM,iBAClB,MAAM,KAAK,eAAe,IAAI;AAAA,MAC5B,IAAI,MAAM;AAAA,MACV,YAAY,MAAM;AAAA,MAClB,UAAU,MAAM;AAAA,IAAA,CACjB,IACD;AACJ,QAAI,MAAM,kBAAkB,CAAC,SAAS;AACpC,YAAM,IAAI;AAAA,QACR;AAAA,MAAA;AAAA,IAEJ;AAEA,QAAI,MAAM,kBAAkB;AAC1B,YAAM,UAAU,MAAM,KAAK,UAAU,IAAI;AAAA,QACvC,IAAI,MAAM;AAAA,QACV,QAAQ,MAAM;AAAA,QACd,UAAU,MAAM;AAAA,MAAA,CACjB;AACD,UAAI,CAAC,SAAS;AACZ,cAAM,IAAI;AAAA,UACR;AAAA,QAAA;AAAA,MAEJ;AAAA,IACF;AAEA,UAAM,UAAU,MAAM,KAAK,UAAU,OAAO;AAAA,MAC1C,UAAU,MAAM;AAAA,MAChB,QAAQ,MAAM;AAAA,MACd,iBAAiB,MAAM;AAAA,MACvB,SAAS,MAAM;AAAA,MACf,aAAa,MAAM,eAAe;AAAA,MAClC,MAAM,MAAM;AAAA,MACZ,UAAU,MAAM,YAAY;AAAA,MAC5B,gBAAgB,MAAM,kBAAkB;AAAA,MACxC,kBAAkB,MAAM,oBAAoB;AAAA,MAC5C,cAAc,MAAM,eAChB,KAAK,UAAU,MAAM,YAAY,IACjC;AAAA,IAAA,CACL;AAGD,UAAM,OAAO,MAAM,KAAK,OAAO,IAAI;AAAA,MACjC,IAAI,MAAM;AAAA,MACV,UAAU,MAAM;AAAA,IAAA,CACjB;AACD,QAAI,MAAM;AACR,WAAK,oCAAoB,KAAA;AACzB,YAAM,KAAK,KAAA;AAAA,IACb;AAGA,QAAI,QAAQ;AACV,aAAO;AACP,aAAO,oCAAoB,KAAA;AAC3B,YAAM,OAAO,KAAA;AAAA,IACf;AAGA,QAAI,SAAS;AACX,YAAM,QAAQ,cAAA;AAAA,IAChB;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAeA,MAAM,YAAY,QAMf;AACD,UAAM,KAAK;AAAA,MACT,OAAO;AAAA,MACP,OAAO;AAAA,MACP,OAAO;AAAA,IAAA;AAET,QAAI,OAAO,eAAe;AACxB,YAAM,cAAc,MAAM,KAAK,UAAU,IAAI;AAAA,QAC3C,IAAI,OAAO;AAAA,QACX,QAAQ,OAAO;AAAA,QACf,UAAU,OAAO;AAAA,MAAA,CAClB;AACD,UAAI,CAAC,aAAa;AAChB,cAAM,IAAI;AAAA,UACR;AAAA,QAAA;AAAA,MAEJ;AAAA,IACF;AACA,UAAM,SAAS,MAAM,KAAK,SAAS,OAAO;AAAA,MACxC,UAAU,OAAO;AAAA,MACjB,QAAQ,OAAO;AAAA,MACf,eAAe,OAAO,iBAAiB;AAAA,MACvC,OAAO,OAAO,SAAS;AAAA,MACvB,cAAc;AAAA,IAAA,CACf;AACD,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWA,MAAM,eAAe,QAMlB;AACD,UAAM,KAAK;AAAA,MACT,OAAO;AAAA,MACP,OAAO;AAAA,MACP,OAAO;AAAA,IAAA;AAET,WAAO,KAAK,mBAAmB;AAAA,MAC7B,UAAU,OAAO;AAAA,MACjB,QAAQ,OAAO;AAAA,MACf,WAAW,OAAO;AAAA,MAClB,MAAM,OAAO;AAAA,IAAA,CACd;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,mBAAmB,QAKtB;AACD,UAAM,WAAW,MAAM,KAAK,cAAc;AAAA,MACxC,OAAO;AAAA,MACP,OAAO;AAAA,MACP,OAAO;AAAA,IAAA;AAET,QAAI,UAAU;AACZ,UAAI,SAAS,WAAW,UAAU;AAChC,iBAAS,SAAS;AAClB,iBAAS,+BAAe,KAAA;AACxB,cAAM,SAAS,KAAA;AAAA,MACjB;AACA,aAAO;AAAA,IACT;AAEA,UAAM,cAAc,MAAM,KAAK,cAAc,OAAO;AAAA,MAClD,UAAU,OAAO;AAAA,MACjB,QAAQ,OAAO;AAAA,MACf,WAAW,OAAO;AAAA,MAClB,MAAM,OAAO,QAAQ;AAAA,MACrB,QAAQ;AAAA,MACR,8BAAc,KAAA;AAAA,IAAK,CACpB;AACD,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,MAAM,kBAAkB,QAKrB;AACD,UAAM,SAAS,MAAM,KAAK,cAAc;AAAA,MACtC,OAAO;AAAA,MACP,OAAO;AAAA,MACP,OAAO;AAAA,IAAA;AAET,QAAI,CAAC,OAAQ;AAEb,UAAM,SAAS,OAAO,mBAAmB,OAAO;AAChD,QAAI,CAAC,QAAQ;AACX,YAAM,QAAQ,MAAM,KAAK,cAAc;AAAA,QACrC,OAAO;AAAA,QACP,OAAO;AAAA,QACP,OAAO;AAAA,MAAA;AAET,UAAI,CAAC,SAAS,CAAC,MAAM,WAAW;AAC9B,cAAM,IAAI;AAAA,UACR;AAAA,QAAA;AAAA,MAEJ;AAEA,UAAI,OAAO,QAAA,KAAa,CAAC,MAAM,WAAW;AACxC,cAAM,IAAI;AAAA,UACR;AAAA,QAAA;AAAA,MAEJ;AAAA,IACF;AAEA,WAAO,SAAS;AAChB,UAAM,OAAO,KAAA;AAAA,EACf;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,MAAM,WAAW,QASd;AACD,UAAM,KAAK;AAAA,MACT,OAAO;AAAA,MACP,OAAO;AAAA,MACP,OAAO;AAAA,IAAA;AAET,UAAM,OAAO,MAAM,KAAK,OAAO,IAAI;AAAA,MACjC,IAAI,OAAO;AAAA,MACX,UAAU,OAAO;AAAA,IAAA,CAClB;AACD,QAAI,CAAC,KAAM,OAAM,IAAI,MAAM,gBAAgB;AAE3C,QAAI,OAAO,SAAS,OAAW,MAAK,OAAO,OAAO;AAClD,QAAI,OAAO,gBAAgB,OAAW,MAAK,cAAc,OAAO;AAChE,QAAI,OAAO,UAAU,OAAW,MAAK,QAAQ,OAAO;AACpD,QAAI,OAAO,cAAc,OAAW,MAAK,YAAY,OAAO;AAC5D,QAAI,OAAO,WAAW,OAAW,MAAK,SAAS,OAAO;AACtD,UAAM,KAAK,KAAA;AACX,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWA,MAAM,YAAY,QAKf;AACD,UAAM,UAAU,MAAM,KAAK,UAAU,IAAI;AAAA,MACvC,IAAI,OAAO;AAAA,MACX,UAAU,OAAO;AAAA,IAAA,CAClB;AACD,QAAI,CAAC,QAAS,OAAM,IAAI,MAAM,mBAAmB;AAEjD,UAAM,KAAK;AAAA,MACT,QAAQ;AAAA,MACR,OAAO;AAAA,MACP,OAAO;AAAA,IAAA;AAGT,UAAM,WAAW,MAAM,KAAK,WAAW,KAAK;AAAA,MAC1C,OAAO;AAAA,QACL,UAAU,OAAO;AAAA,QACjB,WAAW,OAAO;AAAA,QAClB,WAAW,OAAO;AAAA,QAClB,OAAO,OAAO;AAAA,MAAA;AAAA,MAEhB,OAAO;AAAA,IAAA,CACR;AACD,QAAI,SAAS,CAAC,EAAG,QAAO,SAAS,CAAC;AAElC,WAAO,KAAK,WAAW,OAAO;AAAA,MAC5B,UAAU,OAAO;AAAA,MACjB,WAAW,OAAO;AAAA,MAClB,WAAW,OAAO;AAAA,MAClB,OAAO,OAAO;AAAA,IAAA,CACf;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,MAAM,eAAe,QAKA;AACnB,UAAM,WAAW,MAAM,KAAK,WAAW,KAAK;AAAA,MAC1C,OAAO;AAAA,QACL,UAAU,OAAO;AAAA,QACjB,WAAW,OAAO;AAAA,QAClB,WAAW,OAAO;AAAA,QAClB,OAAO,OAAO;AAAA,MAAA;AAAA,MAEhB,OAAO;AAAA,IAAA,CACR;AACD,QAAI,SAAS,CAAC,GAAG;AACf,YAAM,SAAS,CAAC,EAAE,OAAA;AAClB,aAAO;AAAA,IACT;AACA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,MAAM,cAAc,QAKjB;AACD,QACE,OAAO,mBAAmB,OAAO,cACjC,OAAO,mBAAmB,OAAO,YACjC;AACA,YAAM,IAAI;AAAA,QACR;AAAA,MAAA;AAAA,IAEJ;AAEA,UAAM,OAAO,MAAM,KAAK,OAAO;AAAA,MAC7B,OAAO;AAAA,MACP,OAAO;AAAA,MACP,OAAO;AAAA,MACP,KAAK;AAAA,IAAA;AAGP,UAAM,KAAK,mBAAmB;AAAA,MAC5B,UAAU,OAAO;AAAA,MACjB,QAAQ,KAAK;AAAA,MACb,WAAW,OAAO;AAAA,IAAA,CACnB;AACD,UAAM,KAAK,mBAAmB;AAAA,MAC5B,UAAU,OAAO;AAAA,MACjB,QAAQ,KAAK;AAAA,MACb,WAAW,OAAO;AAAA,IAAA,CACnB;AAED,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAqBA,MAAM,mBAAmB,QAStB;AACD,UAAM,uBAAuB,OAAO;AACpC,UAAM,aAAa,OAAO,cAAc;AAIxC,UAAM,kBAAkB,MAAM,KAAK,eAAe;AAAA,MAChD,OAAO;AAAA,MACP;AAAA,MACA,OAAO;AAAA,MACP;AAAA,IAAA;AAEF,QAAI,mBAAmB,gBAAgB,aAAa,OAAO,UAAU;AACnE,UAAI,gBAAgB,YAAY;AAG9B,cAAM,eAAe,MAAM,KAAK,OAAO,IAAI;AAAA,UACzC,IAAI,gBAAgB;AAAA,UACpB,UAAU,OAAO;AAAA,QAAA,CAClB;AACD,YAAI,cAAc;AAKhB,gBAAM,KAAK,mBAAmB;AAAA,YAC5B,UAAU,OAAO;AAAA,YACjB,QAAQ,aAAa;AAAA,YACrB,WAAW;AAAA,YACX,MAAM;AAAA,UAAA,CACP;AACD,gBAAM,KAAK,mBAAmB;AAAA,YAC5B,UAAU,OAAO;AAAA,YACjB,QAAQ,aAAa;AAAA,YACrB,WAAW,OAAO;AAAA,YAClB,MAAM;AAAA,UAAA,CACP;AACD,iBAAO,EAAE,SAAS,iBAAiB,MAAM,aAAA;AAAA,QAC3C;AAAA,MACF;AAEA,YAAM,gBAAgB,OAAA;AAAA,IACxB;AAGA,UAAM,OAAO,MAAM,KAAK,OAAO,OAAO;AAAA,MACpC,UAAU,OAAO;AAAA,MACjB,MAAM;AAAA,MACN,UAAU;AAAA,MACV,oBAAoB;AAAA,MACpB,QAAQ;AAAA,MACR,iBAAiB;AAAA,IAAA,CAClB;AAGD,UAAM,KAAK,mBAAmB;AAAA,MAC5B,UAAU,OAAO;AAAA,MACjB,QAAQ,KAAK;AAAA,MACb,WAAW;AAAA,MACX,MAAM;AAAA,IAAA,CACP;AAID,UAAM,KAAK,mBAAmB;AAAA,MAC5B,UAAU,OAAO;AAAA,MACjB,QAAQ,KAAK;AAAA,MACb,WAAW,OAAO;AAAA,MAClB,MAAM;AAAA,IAAA,CACP;AAID,UAAM,UAAU,MAAM,KAAK,eAAe,aAAa;AAAA,MACrD,SAAS,OAAO;AAAA,MAChB;AAAA,MACA,UAAU,OAAO;AAAA,MACjB,cAAc,OAAO;AAAA,MACrB,YAAY,KAAK;AAAA,MACjB,cAAc,OAAO;AAAA,MACrB;AAAA,IAAA,CACD;AAED,QAAI,OAAO,UAAW,SAAQ,YAAY,OAAO;AACjD,QAAI,OAAO,YAAa,SAAQ,cAAc,OAAO;AACrD,UAAM,QAAQ,KAAA;AAEd,WAAO,EAAE,SAAS,KAAA;AAAA,EACpB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAYA,MAAM,qBAAqB,QAMxB;AACD,UAAM,UAAU,MAAM,KAAK;AAAA,MACzB,OAAO;AAAA,MACP,OAAO;AAAA,IAAA;AAGT,QAAI,OAAO,mBAAmB,QAAQ,sBAAsB;AAC1D,YAAM,IAAI;AAAA,QACR;AAAA,MAAA;AAAA,IAEJ;AAEA,WAAO,KAAK,cAAc;AAAA,MACxB,UAAU,OAAO;AAAA,MACjB,QAAQ,QAAQ;AAAA,MAChB,iBAAiB,QAAQ;AAAA,MACzB,SAAS,OAAO;AAAA,MAChB,MAAM;AAAA,MACN,aAAa,OAAO,eAAe;AAAA,MACnC,gBAAgB,OAAO;AAAA,IAAA,CACxB;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAiBA,MAAM,gBAAgB,QAA0B;AAC9C,UAAM,UAAU,MAAM,KAAK;AAAA,MACzB,OAAO;AAAA,MACP,OAAO;AAAA,IAAA;AAGT,UAAM,OAAwB,OAAO,SAAS,SAAS,SAAS;AAKhE,QACE,OAAO,gBAAgB,eACvB,SAAS,UACT,OAAO,cACP;AACA,YAAM,WAAW,YAAY,iBAAiB,OAAO,YAAY;AACjE,UAAI,CAAC,UAAU;AACb,cAAM,IAAI,MAAM,kCAAkC;AAAA,MACpD;AACA,UAAI,CAAC,QAAQ,cAAc,QAAQ,GAAG;AACpC,cAAM,IAAI;AAAA,UACR,SAAS,QAAQ;AAAA,QAAA;AAAA,MAErB;AAAA,IACF;AAEA,WAAO,KAAK,cAAc;AAAA,MACxB,UAAU,OAAO;AAAA,MACjB,QAAQ,QAAQ;AAAA,MAChB,iBAAiB,QAAQ;AAAA,MACzB,SAAS,OAAO;AAAA,MAChB;AAAA,MACA,aAAa,OAAO,eAAe;AAAA,MACnC,UAAU,OAAO,YAAY;AAAA,MAC7B,gBAAgB,OAAO;AAAA,MACvB,cAAc,OAAO,gBAAgB;AAAA,IAAA,CACtC;AAAA,EACH;AAAA;AAAA,EAGA,MAAM,mBAAmB,gBAAwBA,WAAkB;AACjE,UAAM,UAAU,MAAM,KAAK,eAAe,IAAI;AAAA,MAC5C,IAAI;AAAA,MACJ,UAAAA;AAAA,IAAA,CACD;AACD,QAAI,CAAC,QAAS,OAAM,IAAI,MAAM,yBAAyB;AACvD,QAAI,CAAC,QAAQ,SAAA,EAAY,OAAM,IAAI,MAAM,6BAA6B;AACtE,QAAI,CAAC,QAAQ,WAAY,OAAM,IAAI,MAAM,gCAAgC;AACzE,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAcA,MAAM,gBAAgB,QAMnB;AACD,UAAM,KAAK;AAAA,MACT,OAAO;AAAA,MACP,OAAO;AAAA,MACP,OAAO;AAAA,IAAA;AAET,WAAO,KAAK,UAAU,UAAU,OAAO,QAAQ,OAAO,UAAU;AAAA,MAC9D,OAAO,OAAO;AAAA,MACd,QAAQ,OAAO;AAAA,IAAA,CAChB;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWA,MAAM,iBACJ,QACA,gBACAA,WACA;AACA,UAAM,OAAO,MAAM,KAAK,OAAO,IAAI,EAAE,IAAI,QAAQ,UAAAA,WAAU;AAC3D,QAAI,CAAC,KAAM,QAAO;AAClB,UAAM,KAAK,yBAAyB,QAAQ,gBAAgBA,SAAQ;AACpE,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWA,MAAM,gBACJ,QAC8B;AAC9B,UAAM,UAAU,MAAM,KAAK,eAAe,IAAI;AAAA,MAC5C,IAAI,OAAO;AAAA,MACX,UAAU,OAAO;AAAA,IAAA,CAClB;AACD,WAAO,WAAW;AAAA,EACpB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,MAAM,wBAAwB,QAIF;AAC1B,UAAM,WAAW,MAAM,KAAK,eAAe,KAAK;AAAA,MAC9C,OAAO;AAAA,QACL,UAAU,OAAO;AAAA,QACjB,SAAS,OAAO;AAAA,QAChB,sBAAsB,OAAO;AAAA,QAC7B,QAAQ;AAAA,MAAA;AAAA,IACV,CACD;AACD,WAAO,SAAS,OAAO,CAAC,MAAM,EAAE,UAAU;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,MAAM,UAAU,QAAkD;AAChE,UAAM,SAAS,MAAM,KAAK,SAAS,IAAI;AAAA,MACrC,IAAI,OAAO;AAAA,MACX,UAAU,OAAO;AAAA,IAAA,CAClB;AACD,WAAO,UAAU;AAAA,EACnB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,MAAM,gBAAgB,QAII;AACxB,UAAM,KAAK;AAAA,MACT,OAAO;AAAA,MACP,OAAO;AAAA,MACP,OAAO;AAAA,IAAA;AAET,WAAO,KAAK,SAAS,KAAK;AAAA,MACxB,OAAO,EAAE,UAAU,OAAO,UAAU,QAAQ,OAAO,OAAA;AAAA,MACnD,SAAS;AAAA,IAAA,CACV;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,MAAM,kBAAkB,QAKG;AACzB,UAAM,SAAS,MAAM,KAAK,SAAS,IAAI;AAAA,MACrC,IAAI,OAAO;AAAA,MACX,UAAU,OAAO;AAAA,IAAA,CAClB;AACD,QAAI,CAAC,QAAQ;AACX,YAAM,IAAI,MAAM,kBAAkB;AAAA,IACpC;AACA,UAAM,KAAK;AAAA,MACT,OAAO;AAAA,MACP,OAAO;AAAA,MACP,OAAO;AAAA,IAAA;AAET,UAAM,WAAW,MAAM,KAAK,UAAU,KAAK;AAAA,MACzC,OAAO;AAAA,QACL,UAAU,OAAO;AAAA,QACjB,UAAU,OAAO;AAAA,QACjB,WAAW;AAAA,MAAA;AAAA,MAEb,SAAS;AAAA,MACT,OAAO,OAAO;AAAA,IAAA,CACf;AACD,WAAO,SAAS,QAAA;AAAA,EAClB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,MAAM,yBAAyB,QAM5B;AAKD,UAAM,UAAU,MAAM,KAAK,eAAe,IAAI;AAAA,MAC5C,IAAI,OAAO;AAAA,MACX,UAAU,OAAO;AAAA,IAAA,CAClB;AACD,QAAI,CAAC,QAAS,OAAM,IAAI,MAAM,yBAAyB;AAEvD,UAAM,UAAU,OAAO,mBAAmB,QAAQ;AAClD,QAAI,CAAC,SAAS;AACZ,YAAM,IAAI;AAAA,QACR;AAAA,MAAA;AAAA,IAEJ;AAEA,QAAI,OAAO,iBAAiB,QAAW;AACrC,cAAQ,gBAAgB,OAAO,YAAY;AAAA,IAC7C;AACA,QAAI,OAAO,iBAAiB,QAAW;AACrC,cAAQ,eAAe,OAAO;AAAA,IAChC;AACA,UAAM,QAAQ,KAAA;AACd,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,MAAM,yBACJ,QACA,WACAA,WACe;AACf,UAAM,WAAW,MAAM,KAAK,cAAc;AAAA,MACxC;AAAA,MACA;AAAA,MACAA;AAAA,IAAA;AAEF,QAAI,CAAC,UAAU;AACb,YAAM,IAAI;AAAA,QACR;AAAA,MAAA;AAAA,IAEJ;AAAA,EACF;AAAA;AAAA,EAGA,MAAM,kBACJ,QACA,WACAA,WACe;AACf,UAAM,QAAQ,MAAM,KAAK,cAAc;AAAA,MACrC;AAAA,MACA;AAAA,MACAA;AAAA,IAAA;AAEF,QAAI,CAAC,SAAS,CAAC,MAAM,WAAW;AAC9B,YAAM,IAAI;AAAA,QACR;AAAA,MAAA;AAAA,IAEJ;AAAA,EACF;AAAA;AAAA,EAGA,OAAO,iBACL,MACe;AACf,QAAI,CAAC,QAAQ,OAAO,SAAS,SAAU,QAAO;AAC9C,UAAM,YACH,KAAK,QACL,KAAK,QACL,KAAK;AACR,WAAO,OAAO,cAAc,YAAY,UAAU,SAAS,IACvD,YACA;AAAA,EACN;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,QAAQ,eAAe,EACrB,SACA,QACA;AAIA,WAAQ,QAAwB,gBAAgB,MAAM;AAAA,EACxD;AACF;AA0BO,SAAS,eACd,SACA,QACA;AACA,SAAO,YAAY,eAAe,EAAE,SAAS,MAAM;AACrD;"}
1	+ {"version":3,"file":"ChatService-ByEPKa30.js","sources":["../../src/models/AgentSession.ts","../../src/models/ChatMessage.ts","../../src/models/ChatParticipant.ts","../../src/models/ChatReaction.ts","../../src/models/ChatRoom.ts","../../src/models/ChatThread.ts","../../src/collections/AgentSessionCollection.ts","../../src/collections/ChatMessageCollection.ts","../../src/collections/ChatParticipantCollection.ts","../../src/collections/ChatReactionCollection.ts","../../src/collections/ChatRoomCollection.ts","../../src/collections/ChatThreadCollection.ts","../../src/services/ChatService.ts"],"sourcesContent":["import {\n crossPackageRef,\n field,\n foreignKey,\n SmrtObject,\n smrt,\n} from '@happyvertical/smrt-core';\nimport { TenantScoped, tenantId } from '@happyvertical/smrt-tenancy';\nimport type { AgentSessionOptions, AgentSessionStatus } from '../types.js';\n\n/*\n Agent conversation session. Internal model — sessions must be created via\n * {@link ChatService.createAgentSession} and their security-relevant config\n * (`allowedTools` / `systemPrompt` / `chatRoomId` / `participantProfileId`)\n * mutated only via the owner-checked {@link ChatService.updateAgentSessionConfig}\n * (S5 #1392). The generated CRUD surface is read-only (`get`/`list`);\n * `create`/`update`/`delete` are NOT generated, otherwise a `PUT` could rewrite\n * the tool allow-list or system prompt and bypass the owner check.\n /\n@TenantScoped({ mode: 'optional' })\n@smrt({\n tableName: 'agent_sessions',\n api: { include: ['list', 'get'] },\n mcp: { include: ['list', 'get'] },\n cli: true,\n})\nexport class AgentSession extends SmrtObject {\n /\n Reserved `sessionContext` key that scopes a session's identity to a caller-\n * supplied conversation subject (e.g. a content id) (S5 #1392).\n \n `createAgentSession`'s reuse path keys on `(agentId, participantProfileId,\n * tenantId)`; without a discriminator a session opened for subject A would be\n * reused (and its context rewritten) for a request about subject B, returning\n * A's room/threads on B's route. Storing the key here lets the reuse lookup\n * require an exact match so distinct subjects get distinct sessions.\n /\n static readonly SESSION_KEY_CONTEXT_FIELD = '__sessionKey';\n\n @tenantId({ nullable: true })\n tenantId: string \| null = null;\n\n @field({ required: true })\n agentId: string = '';\n\n @crossPackageRef('@happyvertical/smrt-profiles:Profile', { required: true })\n participantProfileId: string = '';\n\n @foreignKey('ChatRoom')\n chatRoomId: string \| null = null;\n\n @field({ required: true })\n status: AgentSessionStatus = 'active';\n\n /* JSON array of tool names the consuming app has allowed for this session /\n @field()\n allowedTools: string = '[]';\n\n /* Conversation context/memory for multi-turn state (JSON string) /\n @field()\n sessionContext: string = '{}';\n\n /* System prompt override for this session /\n @field()\n systemPrompt: string = '';\n\n @field()\n messageCount: number = 0;\n @field()\n totalTokensUsed: number = 0;\n @field()\n maxTokens: number = 0;\n @field()\n maxMessages: number = 0;\n\n @field()\n lastMessageAt: Date \| null = null;\n @field()\n expiresAt: Date \| null = null;\n @field()\n closedAt: Date \| null = null;\n\n constructor(options: AgentSessionOptions = {}) {\n super(options);\n if (options.tenantId !== undefined) this.tenantId = options.tenantId;\n if (options.agentId !== undefined) this.agentId = options.agentId;\n if (options.participantProfileId !== undefined)\n this.participantProfileId = options.participantProfileId;\n if (options.chatRoomId !== undefined) this.chatRoomId = options.chatRoomId;\n if (options.status !== undefined) this.status = options.status;\n if (options.allowedTools !== undefined)\n this.allowedTools = options.allowedTools;\n if (options.sessionContext !== undefined)\n this.sessionContext = options.sessionContext;\n if (options.systemPrompt !== undefined)\n this.systemPrompt = options.systemPrompt;\n if (options.messageCount !== undefined)\n this.messageCount = options.messageCount;\n if (options.totalTokensUsed !== undefined)\n this.totalTokensUsed = options.totalTokensUsed;\n if (options.maxTokens !== undefined) this.maxTokens = options.maxTokens;\n if (options.maxMessages !== undefined)\n this.maxMessages = options.maxMessages;\n if (options.lastMessageAt !== undefined)\n this.lastMessageAt = options.lastMessageAt;\n if (options.expiresAt !== undefined) this.expiresAt = options.expiresAt;\n if (options.closedAt !== undefined) this.closedAt = options.closedAt;\n }\n\n getAllowedTools(): string[] {\n try {\n const parsed = JSON.parse(this.allowedTools);\n return Array.isArray(parsed)\n ? parsed.filter((t): t is string => typeof t === 'string')\n : [];\n } catch {\n return [];\n }\n }\n\n setAllowedTools(tools: string[]): void {\n this.allowedTools = JSON.stringify(tools);\n }\n\n /\n Fail-closed authorization check for an agent tool call (S5 #1392).\n \n A tool may only be invoked when it appears in this session's allow-list.\n * If the allow-list is empty or unparseable, NO tools are permitted. This is\n * deliberately conservative: an empty whitelist means \"no tools\", never\n * \"all tools\".\n /\n isToolAllowed(toolName: string): boolean {\n if (typeof toolName !== 'string' \|\| toolName.length === 0) return false;\n return this.getAllowedTools().includes(toolName);\n }\n\n isActive(): boolean {\n if (this.status !== 'active') return false;\n if (this.expiresAt && new Date() >= this.expiresAt) return false;\n if (this.maxMessages > 0 && this.messageCount >= this.maxMessages)\n return false;\n if (this.maxTokens > 0 && this.totalTokensUsed >= this.maxTokens)\n return false;\n return true;\n }\n\n isExpired(): boolean {\n return this.expiresAt !== null && new Date() >= this.expiresAt;\n }\n\n async close(): Promise<void> {\n this.status = 'closed';\n this.closedAt = new Date();\n await this.save();\n }\n\n async expire(): Promise<void> {\n this.status = 'expired';\n this.closedAt = new Date();\n await this.save();\n }\n\n getSessionContext(): Record<string, unknown> {\n try {\n return JSON.parse(this.sessionContext);\n } catch {\n return {};\n }\n }\n\n setSessionContext(ctx: Record<string, unknown>): void {\n this.sessionContext = JSON.stringify(ctx);\n }\n\n /\n Stable identity key that scopes this session to a conversation subject\n * (S5 #1392). Returns `null` when the session is not subject-scoped. Used by\n * the reuse lookup so a session opened for one subject is never reused for a\n * request about a different subject.\n /\n getSessionKey(): string \| null {\n const value =\n this.getSessionContext()[AgentSession.SESSION_KEY_CONTEXT_FIELD];\n return typeof value === 'string' && value.length > 0 ? value : null;\n }\n\n async updateSessionContext(updates: Record<string, unknown>): Promise<void> {\n const current = this.getSessionContext();\n this.sessionContext = JSON.stringify({ ...current, ...updates });\n await this.save();\n }\n\n async recordMessage(tokensUsed: number = 0): Promise<void> {\n this.messageCount++;\n this.totalTokensUsed += tokensUsed;\n this.lastMessageAt = new Date();\n await this.save();\n }\n}\n","import {\n crossPackageRef,\n field,\n foreignKey,\n SmrtObject,\n smrt,\n} from '@happyvertical/smrt-core';\nimport { TenantScoped, tenantId } from '@happyvertical/smrt-tenancy';\nimport type {\n ChatMessageOptions,\n ChatMessageRole,\n ChatMessageType,\n} from '../types.js';\n\n/\n Chat message. Internal model — all mutations must go through the\n * membership-checked {@link ChatService} (S5 #1392). The generated CRUD surface\n * is read-only (`get`/`list`); `create`/`update`/`delete` are intentionally NOT\n * generated so an authenticated caller cannot write into an arbitrary room via\n * the raw collection routes, bypassing the room-membership authorization in\n * {@link ChatService.sendMessage}.\n /\n@TenantScoped({ mode: 'required' })\n@smrt({\n tableName: 'chat_messages',\n api: { include: ['list', 'get'] },\n mcp: { include: ['list', 'get'] },\n cli: true,\n})\nexport class ChatMessage extends SmrtObject {\n @tenantId()\n tenantId: string = '';\n\n @foreignKey('ChatRoom', { required: true })\n roomId: string = '';\n @foreignKey('ChatThread')\n threadId: string \| null = null;\n @crossPackageRef('@happyvertical/smrt-profiles:Profile', { required: true })\n senderProfileId: string = '';\n @foreignKey('AgentSession')\n agentSessionId: string \| null = null;\n\n @field()\n content: string = '';\n @field({ required: true })\n messageType: ChatMessageType = 'text';\n @field({ required: true })\n role: ChatMessageRole = 'user';\n\n @field()\n isEdited: boolean = false;\n @field()\n editedAt: Date \| null = null;\n @field()\n isDeleted: boolean = false;\n @foreignKey('ChatMessage')\n replyToMessageId: string \| null = null;\n\n @field()\n metadata: string = '{}';\n @field()\n toolCallData: string \| null = null;\n @field()\n attachments: string = '[]';\n\n constructor(options: ChatMessageOptions = {}) {\n super(options);\n if (options.tenantId !== undefined) this.tenantId = options.tenantId;\n if (options.roomId !== undefined) this.roomId = options.roomId;\n if (options.threadId !== undefined) this.threadId = options.threadId;\n if (options.senderProfileId !== undefined)\n this.senderProfileId = options.senderProfileId;\n if (options.agentSessionId !== undefined)\n this.agentSessionId = options.agentSessionId;\n if (options.content !== undefined) this.content = options.content;\n if (options.messageType !== undefined)\n this.messageType = options.messageType;\n if (options.role !== undefined) this.role = options.role;\n if (options.isEdited !== undefined) this.isEdited = options.isEdited;\n if (options.editedAt !== undefined) this.editedAt = options.editedAt;\n if (options.isDeleted !== undefined) this.isDeleted = options.isDeleted;\n if (options.replyToMessageId !== undefined)\n this.replyToMessageId = options.replyToMessageId;\n if (options.metadata !== undefined)\n this.metadata =\n typeof options.metadata === 'string'\n ? options.metadata\n : JSON.stringify(options.metadata);\n if (options.toolCallData !== undefined)\n this.toolCallData =\n options.toolCallData === null\n ? null\n : typeof options.toolCallData === 'string'\n ? options.toolCallData\n : JSON.stringify(options.toolCallData);\n if (options.attachments !== undefined)\n this.attachments = options.attachments;\n }\n\n getAttachments(): Array<{\n id: string;\n filename: string;\n contentType: string;\n size: number;\n url?: string;\n }> {\n try {\n return JSON.parse(this.attachments);\n } catch {\n return [];\n }\n }\n\n setAttachments(\n items: Array<{\n id: string;\n filename: string;\n contentType: string;\n size: number;\n url?: string;\n }>,\n ): void {\n this.attachments = JSON.stringify(items);\n }\n\n getMetadata(): Record<string, unknown> {\n try {\n return JSON.parse(this.metadata);\n } catch {\n return {};\n }\n }\n\n setMetadata(data: Record<string, unknown>): void {\n this.metadata = JSON.stringify(data);\n }\n\n getToolCallData(): Record<string, unknown> \| null {\n if (!this.toolCallData) return null;\n try {\n return JSON.parse(this.toolCallData);\n } catch {\n return null;\n }\n }\n\n setToolCallData(data: Record<string, unknown> \| null): void {\n this.toolCallData = data ? JSON.stringify(data) : null;\n }\n\n hasAttachments(): boolean {\n return this.getAttachments().length > 0;\n }\n\n isToolCall(): boolean {\n return this.messageType === 'tool_call';\n }\n\n isToolResult(): boolean {\n return this.messageType === 'tool_result';\n }\n\n isFromAgent(): boolean {\n return this.role === 'assistant';\n }\n\n isSystemMessage(): boolean {\n return this.role === 'system';\n }\n\n async edit(newContent: string): Promise<void> {\n this.content = newContent;\n this.isEdited = true;\n this.editedAt = new Date();\n await this.save();\n }\n\n async softDelete(): Promise<void> {\n this.isDeleted = true;\n this.content = '';\n await this.save();\n }\n\n getPreview(maxLength = 100): string {\n if (this.isDeleted) return '(deleted)';\n const text = this.content \|\| '';\n if (text.length <= maxLength) return text;\n return `${text.slice(0, maxLength)}...`;\n }\n}\n","import {\n crossPackageRef,\n field,\n foreignKey,\n SmrtObject,\n smrt,\n} from '@happyvertical/smrt-core';\nimport { TenantScoped, tenantId } from '@happyvertical/smrt-tenancy';\nimport type {\n ChatParticipantOptions,\n ChatParticipantRole,\n ChatParticipantStatus,\n OnlineStatus,\n} from '../types.js';\n\n/\n Room membership row. Internal model — membership must be established and\n * mutated only through the membership/owner-checked {@link ChatService}\n * (S5 #1392). The generated CRUD surface is read-only (`get`/`list`);\n * `create`/`update`/`delete` are NOT generated, otherwise an authenticated\n * caller could POST a ChatParticipant to forge their own membership of any room\n * (privilege escalation) and bypass every downstream membership check.\n /\n@TenantScoped({ mode: 'required' })\n@smrt({\n tableName: 'chat_participants',\n api: { include: ['list', 'get'] },\n mcp: { include: ['list', 'get'] },\n cli: true,\n})\nexport class ChatParticipant extends SmrtObject {\n @tenantId()\n tenantId: string = '';\n\n @foreignKey('ChatRoom', { required: true })\n roomId: string = '';\n @crossPackageRef('@happyvertical/smrt-profiles:Profile', { required: true })\n profileId: string = '';\n @field({ required: true })\n role: ChatParticipantRole = 'member';\n @field({ required: true })\n status: ChatParticipantStatus = 'active';\n @field({ required: true })\n onlineStatus: OnlineStatus = 'offline';\n @foreignKey('ChatMessage')\n lastReadMessageId: string \| null = null;\n @field()\n lastSeenAt: Date \| null = null;\n @field()\n joinedAt: Date \| null = null;\n @field()\n nickname: string = '';\n @field()\n isMuted: boolean = false;\n @field()\n isPinned: boolean = false;\n\n constructor(options: ChatParticipantOptions = {}) {\n super(options);\n if (options.tenantId !== undefined) this.tenantId = options.tenantId;\n if (options.roomId !== undefined) this.roomId = options.roomId;\n if (options.profileId !== undefined) this.profileId = options.profileId;\n if (options.role !== undefined) this.role = options.role;\n if (options.status !== undefined) this.status = options.status;\n if (options.onlineStatus !== undefined)\n this.onlineStatus = options.onlineStatus;\n if (options.lastReadMessageId !== undefined)\n this.lastReadMessageId = options.lastReadMessageId;\n if (options.lastSeenAt !== undefined) this.lastSeenAt = options.lastSeenAt;\n if (options.joinedAt !== undefined) this.joinedAt = options.joinedAt;\n if (options.nickname !== undefined) this.nickname = options.nickname;\n if (options.isMuted !== undefined) this.isMuted = options.isMuted;\n if (options.isPinned !== undefined) this.isPinned = options.isPinned;\n }\n\n isActive(): boolean {\n return this.status === 'active';\n }\n\n isOwner(): boolean {\n return this.role === 'owner';\n }\n\n isAdmin(): boolean {\n return this.role === 'admin' \|\| this.role === 'owner';\n }\n\n async markRead(messageId: string): Promise<void> {\n this.lastReadMessageId = messageId;\n this.lastSeenAt = new Date();\n await this.save();\n }\n\n async leave(): Promise<void> {\n this.status = 'left';\n await this.save();\n }\n\n async setOnline(status: OnlineStatus): Promise<void> {\n this.onlineStatus = status;\n this.lastSeenAt = new Date();\n await this.save();\n }\n}\n","import {\n crossPackageRef,\n field,\n foreignKey,\n SmrtObject,\n smrt,\n} from '@happyvertical/smrt-core';\nimport { TenantScoped, tenantId } from '@happyvertical/smrt-tenancy';\nimport type { ChatReactionOptions } from '../types.js';\n\n/\n Message reaction. Internal model — reactions must be added/removed only\n * through the membership-checked {@link ChatService} (S5 #1392). The generated\n * CRUD surface is read-only (`list`); `create`/`update`/`delete` are NOT\n * generated, otherwise a caller could POST a reaction (forging a `profileId`)\n * onto a message in a room they do not belong to, or DELETE another member's\n * reaction, via the raw collection routes — bypassing the room-membership\n * authorization in {@link ChatService.addReaction}/{@link ChatService.removeReaction}.\n /\n@TenantScoped({ mode: 'required' })\n@smrt({\n tableName: 'chat_reactions',\n api: { include: ['list'] },\n mcp: { include: ['list'] },\n cli: false,\n})\nexport class ChatReaction extends SmrtObject {\n @tenantId()\n tenantId: string = '';\n\n @foreignKey('ChatMessage', { required: true })\n messageId: string = '';\n @crossPackageRef('@happyvertical/smrt-profiles:Profile', { required: true })\n profileId: string = '';\n @field({ required: true })\n emoji: string = '';\n\n constructor(options: ChatReactionOptions = {}) {\n super(options);\n if (options.tenantId !== undefined) this.tenantId = options.tenantId;\n if (options.messageId !== undefined) this.messageId = options.messageId;\n if (options.profileId !== undefined) this.profileId = options.profileId;\n if (options.emoji !== undefined) this.emoji = options.emoji;\n }\n}\n","import {\n crossPackageRef,\n field,\n SmrtObject,\n smrt,\n} from '@happyvertical/smrt-core';\nimport { TenantScoped, tenantId } from '@happyvertical/smrt-tenancy';\nimport type {\n ChatRoomOptions,\n ChatRoomStatus,\n ChatRoomType,\n} from '../types.js';\n\ntype ChatRoomMetadata = Record<string, unknown>;\n\n/\n Chat room supporting public channels, private groups, DMs, and agent conversations.\n \n @remarks\n * Room types: `public`, `private`, `dm`, `agent`. Agent rooms are auto-created by\n * {@link ChatService.createAgentSession} with `maxParticipants: 2`. DM rooms are\n * found-or-created via {@link ChatService.getOrCreateDM}. Threads are tracked via\n * {@link ChatThread} linked by `roomId`. Tenant-scoped (required).\n \n Internal model — room creation and mutation must go through the\n * membership/owner-checked {@link ChatService} (S5 #1392). The generated CRUD\n * surface is read-only (`get`/`list`); `create`/`update`/`delete` are NOT\n * generated, so a caller cannot forge a room or mutate room state via the raw\n * collection routes, skipping the ChatService authorization paths.\n /\n@TenantScoped({ mode: 'required' })\n@smrt({\n tableName: 'chat_rooms',\n api: { include: ['list', 'get'] },\n mcp: { include: ['list', 'get'] },\n cli: true,\n})\nexport class ChatRoom extends SmrtObject {\n @tenantId()\n tenantId: string = '';\n\n @field()\n name: string = '';\n @field()\n description: string = '';\n @field({ required: true })\n roomType: ChatRoomType = 'public';\n @field({ required: true })\n status: ChatRoomStatus = 'active';\n @field()\n topic: string = '';\n @field()\n avatarUrl: string = '';\n @field()\n isArchived: boolean = false;\n @field()\n maxParticipants: number = 0;\n @field()\n metadata: string = '{}';\n @crossPackageRef('@happyvertical/smrt-profiles:Profile')\n createdByProfileId: string = '';\n @field()\n lastMessageAt: Date \| null = null;\n\n constructor(options: ChatRoomOptions = {}) {\n super(options);\n if (options.tenantId !== undefined) this.tenantId = options.tenantId;\n if (options.name !== undefined) this.name = options.name;\n if (options.description !== undefined)\n this.description = options.description;\n if (options.roomType !== undefined) this.roomType = options.roomType;\n if (options.status !== undefined) this.status = options.status;\n if (options.topic !== undefined) this.topic = options.topic;\n if (options.avatarUrl !== undefined) this.avatarUrl = options.avatarUrl;\n if (options.isArchived !== undefined) this.isArchived = options.isArchived;\n if (options.maxParticipants !== undefined)\n this.maxParticipants = options.maxParticipants;\n if (options.metadata !== undefined)\n this.metadata =\n typeof options.metadata === 'string'\n ? options.metadata\n : JSON.stringify(options.metadata);\n if (options.createdByProfileId !== undefined)\n this.createdByProfileId = options.createdByProfileId;\n if (options.lastMessageAt !== undefined)\n this.lastMessageAt = options.lastMessageAt;\n }\n\n getMetadata(): ChatRoomMetadata {\n try {\n return JSON.parse(this.metadata);\n } catch {\n return {};\n }\n }\n\n setMetadata(data: ChatRoomMetadata): void {\n this.metadata = JSON.stringify(data);\n }\n\n updateMetadata(updates: ChatRoomMetadata): void {\n const current = this.getMetadata();\n this.metadata = JSON.stringify({ ...current, ...updates });\n }\n\n isDM(): boolean {\n return this.roomType === 'dm';\n }\n\n isAgentRoom(): boolean {\n return this.roomType === 'agent';\n }\n\n isPublic(): boolean {\n return this.roomType === 'public';\n }\n\n isActive(): boolean {\n return this.status === 'active';\n }\n\n async archive(): Promise<void> {\n this.isArchived = true;\n this.status = 'archived';\n await this.save();\n }\n\n async unarchive(): Promise<void> {\n this.isArchived = false;\n this.status = 'active';\n await this.save();\n }\n}\n","import { field, foreignKey, SmrtObject, smrt } from '@happyvertical/smrt-core';\nimport { TenantScoped, tenantId } from '@happyvertical/smrt-tenancy';\nimport type { ChatThreadOptions } from '../types.js';\n\n/\n Conversation thread. Internal model — threads must be created/mutated only\n * through the membership-checked {@link ChatService} (S5 #1392). The generated\n * CRUD surface is read-only (`get`/`list`); `create`/`update`/`delete` are NOT\n * generated, otherwise a caller could POST a thread rooted in an arbitrary room\n * (or mutate `messageCount`/`isResolved`) via the raw collection routes,\n * bypassing the room-membership authorization in {@link ChatService.startThread}.\n /\n@TenantScoped({ mode: 'required' })\n@smrt({\n tableName: 'chat_threads',\n api: { include: ['list', 'get'] },\n mcp: { include: ['list', 'get'] },\n cli: true,\n})\nexport class ChatThread extends SmrtObject {\n @tenantId()\n tenantId: string = '';\n\n @foreignKey('ChatRoom', { required: true })\n roomId: string = '';\n // Nullable FK (S5 #1392): a thread can be opened WITHOUT a root message (e.g.\n // a content/agent-editor thread). The previous `= ''` default wrote an empty\n // string into this FK column, which breaks native-`uuid` DBs (Postgres/DuckDB\n // reject `''` as a uuid). `null` is the correct \"no root\" value.\n @foreignKey('ChatMessage', { nullable: true })\n rootMessageId: string \| null = null;\n @field()\n title: string = '';\n @field()\n isResolved: boolean = false;\n @field()\n messageCount: number = 0;\n @field()\n lastMessageAt: Date \| null = null;\n @field()\n participantCount: number = 0;\n\n constructor(options: ChatThreadOptions = {}) {\n super(options);\n if (options.tenantId !== undefined) this.tenantId = options.tenantId;\n if (options.roomId !== undefined) this.roomId = options.roomId;\n if (options.rootMessageId !== undefined)\n this.rootMessageId = options.rootMessageId;\n if (options.title !== undefined) this.title = options.title;\n if (options.isResolved !== undefined) this.isResolved = options.isResolved;\n if (options.messageCount !== undefined)\n this.messageCount = options.messageCount;\n if (options.lastMessageAt !== undefined)\n this.lastMessageAt = options.lastMessageAt;\n if (options.participantCount !== undefined)\n this.participantCount = options.participantCount;\n }\n\n async resolve(): Promise<void> {\n this.isResolved = true;\n await this.save();\n }\n\n async reopen(): Promise<void> {\n this.isResolved = false;\n await this.save();\n }\n}\n","import { SmrtCollection } from '@happyvertical/smrt-core';\nimport { AgentSession } from '../models/AgentSession.js';\n\nexport class AgentSessionCollection extends SmrtCollection<AgentSession> {\n static readonly _itemClass = AgentSession;\n\n async findActiveByParticipant(\n participantProfileId: string,\n ): Promise<AgentSession[]> {\n const sessions = await this.list({\n where: { participantProfileId, status: 'active' },\n });\n return sessions.filter((s) => s.isActive());\n }\n\n /\n Resolve the active agent session for an (agent, participant) pair within a\n * tenant (S5 #1392).\n \n `tenantId` is REQUIRED and always bound into the WHERE clause — including the\n * `null` (untenanted) case — so the lookup can never silently drop its tenant\n * predicate and resolve a session from another tenant. AgentSession uses\n * optional tenancy, so `null` is a legitimate, explicitly-bound scope rather\n * than \"any tenant\".\n \n When `sessionKey` is supplied the result is additionally narrowed to the\n * session whose stored {@link AgentSession.getSessionKey} matches EXACTLY\n * (S5 #1392). This binds session identity to a conversation subject (e.g. a\n * content id) so a session opened for one subject is never reused for another;\n * `sessionContext` is a JSON blob so the discriminator is matched in memory\n * after the tenant-bound SQL filter.\n /\n async findActiveSession(\n agentId: string,\n participantProfileId: string,\n tenantId: string \| null,\n sessionKey?: string \| null,\n ): Promise<AgentSession \| null> {\n const where: Record<string, unknown> = {\n agentId,\n participantProfileId,\n status: 'active',\n tenantId,\n };\n const sessions = await this.list({ where });\n const active = sessions.find(\n (s) =>\n s.isActive() &&\n (sessionKey === undefined \|\|\n s.getSessionKey() === (sessionKey ?? null)),\n );\n return active ?? null;\n }\n\n async findOrCreate(params: {\n agentId: string;\n participantProfileId: string;\n tenantId: string \| null;\n allowedTools?: string[];\n chatRoomId?: string \| null;\n systemPrompt?: string;\n /\n Optional subject-scoping key (S5 #1392). When set, an existing active\n * session is reused only if its stored session key matches, and the created\n * session records the key so future lookups stay subject-scoped.\n /\n sessionKey?: string \| null;\n }): Promise<AgentSession> {\n const existing = await this.findActiveSession(\n params.agentId,\n params.participantProfileId,\n params.tenantId,\n params.sessionKey,\n );\n if (existing) return existing;\n\n const sessionContext =\n params.sessionKey != null\n ? JSON.stringify({\n [AgentSession.SESSION_KEY_CONTEXT_FIELD]: params.sessionKey,\n })\n : undefined;\n\n const session = await this.create({\n agentId: params.agentId,\n participantProfileId: params.participantProfileId,\n tenantId: params.tenantId ?? null,\n allowedTools: JSON.stringify(params.allowedTools ?? []),\n chatRoomId: params.chatRoomId ?? null,\n systemPrompt: params.systemPrompt ?? '',\n status: 'active',\n ...(sessionContext !== undefined ? { sessionContext } : {}),\n });\n return session;\n }\n\n async findByAgent(agentId: string): Promise<AgentSession[]> {\n return this.list({ where: { agentId } });\n }\n\n /\n Expire active sessions whose last activity predates `olderThan`.\n \n Caller-scoping (S5 #1392): pass `scope` to restrict the sweep to a single\n * tenant and/or agent. Without a scope this expires stale sessions across the\n * whole (tenant-filtered) collection — only safe for trusted maintenance\n * callers, never for a per-tenant request handler.\n \n The candidate set is narrowed in SQL (status + activity timestamp) rather\n * than loading every active session into memory and filtering in JS\n * (DoS hardening). `lastMessageAt < olderThan` is applied server-side; rows\n * that never recorded a message fall back to `created_at`.\n /\n async expireStale(\n olderThan: Date,\n scope?: { tenantId?: string \| null; agentId?: string },\n ): Promise<number> {\n const baseWhere: Record<string, unknown> = { status: 'active' };\n if (scope?.tenantId !== undefined) baseWhere.tenantId = scope.tenantId;\n if (scope?.agentId !== undefined) baseWhere.agentId = scope.agentId;\n\n // Sessions stale by their last message timestamp.\n const byLastMessage = await this.list({\n where: { ...baseWhere, 'lastMessageAt <': olderThan },\n });\n\n // Sessions that never recorded a message: judge by creation time.\n const neverMessaged = await this.list({\n where: { ...baseWhere, lastMessageAt: null, 'created_at <': olderThan },\n });\n\n const seen = new Set<string>();\n let expired = 0;\n for (const session of [...byLastMessage, ...neverMessaged]) {\n const id = session.id as string;\n if (!id \|\| seen.has(id)) continue;\n seen.add(id);\n await session.expire();\n expired++;\n }\n return expired;\n }\n}\n","import { SmrtCollection } from '@happyvertical/smrt-core';\nimport { ChatMessage } from '../models/ChatMessage.js';\nimport type { ChatMessageSearchFilters } from '../types.js';\n\nexport class ChatMessageCollection extends SmrtCollection<ChatMessage> {\n static readonly _itemClass = ChatMessage;\n\n /\n Get messages for a room (newest first), excluding threads and deleted.\n \n Filtering, ordering and pagination are pushed into SQL rather than loading\n * the full room history into memory (S5 #1392, DoS hardening). Thread replies\n * are excluded via `threadId IS NULL` (the WHERE API maps a `null` value to\n * `IS NULL`).\n \n `tenantId` is REQUIRED and bound into BOTH the message window AND the cursor\n * lookup (S5 #1392): room ids are not globally unique, so a roomId-only read\n * could surface another tenant's messages for a same-id room. The caller's\n * membership gate is tenant-scoped, so the read MUST be too.\n /\n async getByRoom(\n roomId: string,\n tenantId: string,\n options?: { limit?: number; before?: string },\n ): Promise<ChatMessage[]> {\n const where: Record<string, unknown> = {\n roomId,\n tenantId,\n isDeleted: false,\n threadId: null,\n };\n\n // Cursor-based pagination: only messages older than the cursor message.\n // The cursor must belong to the SAME root-message set of the SAME room AND\n // tenant (S5 #1392); a cursor id from another room/thread/tenant is silently\n // ignored rather than allowing it to influence this room's window.\n if (options?.before) {\n const cursorMsg = await this.get({\n id: options.before,\n roomId,\n tenantId,\n isDeleted: false,\n threadId: null,\n });\n if (cursorMsg?.created_at) {\n where['created_at <'] = cursorMsg.created_at;\n }\n }\n\n return this.list({\n where,\n orderBy: 'created_at DESC',\n limit: options?.limit,\n });\n }\n\n /\n Get messages in a thread, tenant-bound (S5 #1392).\n \n `tenantId` is bound into the query so a thread id from another tenant can\n * never surface that tenant's thread history.\n /\n async getByThread(\n threadId: string,\n tenantId: string,\n ): Promise<ChatMessage[]> {\n return this.list({ where: { threadId, tenantId, isDeleted: false } });\n }\n\n /\n Get messages for an agent session, tenant-bound (S5 #1392).\n \n `tenantId` is bound into the query so a session id from another tenant can\n * never surface that tenant's session messages.\n /\n async getByAgentSession(\n agentSessionId: string,\n tenantId: string,\n ): Promise<ChatMessage[]> {\n return this.list({ where: { agentSessionId, tenantId, isDeleted: false } });\n }\n\n /\n Search messages with filters.\n \n All structural filters (tenant/room/thread/sender/type/role/date/text) are\n * pushed into SQL instead of loading the full message set and filtering in JS\n * (S5 #1392, DoS hardening). `tenantId` is REQUIRED and always bound so the\n * search can never cross a tenant boundary.\n \n `hasAttachments` is derived from the stored `attachments` JSON column and is\n * pushed into SQL as a `!=`/`=` pre-filter against the empty-array sentinel\n * (`'[]'`, the column default) so the `LIMIT` applies to the ALREADY-FILTERED\n * set, not the raw window (S5 #1392). Previously the limit truncated the\n * newest-N window first and the JS filter ran afterwards, so a room whose\n * newest messages lacked attachments could return fewer (or zero)\n * attachment-bearing rows than existed. A precise JS pass on\n * `hasAttachments()` still runs to reject any malformed/empty column value the\n * coarse SQL sentinel can't distinguish, and the requested `limit` is enforced\n * on the filtered result.\n /\n async search(\n filters: ChatMessageSearchFilters & { tenantId: string; limit?: number },\n ): Promise<ChatMessage[]> {\n const where: Record<string, unknown> = {\n tenantId: filters.tenantId,\n isDeleted: false,\n };\n if (filters.roomId) where.roomId = filters.roomId;\n if (filters.threadId) where.threadId = filters.threadId;\n if (filters.senderProfileId)\n where.senderProfileId = filters.senderProfileId;\n if (filters.messageType) where.messageType = filters.messageType;\n if (filters.role) where.role = filters.role;\n if (filters.query) where['content like'] = `%${filters.query}%`;\n if (filters.sinceDate) where['created_at >='] = filters.sinceDate;\n if (filters.beforeDate) where['created_at <'] = filters.beforeDate;\n\n const limit = filters.limit ?? 100;\n\n // Push the attachment predicate into SQL against the empty-array sentinel so\n // the LIMIT applies to the filtered set, not the raw window. `'[]'` is the\n // ChatMessage.attachments column default, so `!= '[]'` keeps rows carrying a\n // non-empty attachment array and `= '[]'` keeps the rest.\n if (filters.hasAttachments === true) {\n where['attachments !='] = '[]';\n } else if (filters.hasAttachments === false) {\n where.attachments = '[]';\n }\n\n const messages = await this.list({\n where,\n orderBy: 'created_at DESC',\n limit,\n });\n\n // The SQL sentinel can't tell a malformed/empty column (e.g. '', whitespace)\n // from a genuinely-empty array, so re-apply the precise computed predicate\n // and enforce the limit on the filtered result.\n if (filters.hasAttachments !== undefined) {\n return messages\n .filter((m) => m.hasAttachments() === filters.hasAttachments)\n .slice(0, limit);\n }\n\n return messages;\n }\n\n /\n Get unread count for a participant in a room (excludes thread replies).\n \n Counting is pushed into SQL via `count()` rather than loading the whole\n * room history into memory (S5 #1392, DoS hardening). `tenantId` is REQUIRED\n * and bound into both the count and the read-cursor lookup so the count can\n * never include another tenant's messages for a same-id room.\n /\n async getUnreadCount(\n roomId: string,\n tenantId: string,\n lastReadMessageId: string \| null,\n ): Promise<number> {\n const base = { roomId, tenantId, isDeleted: false, threadId: null };\n\n if (!lastReadMessageId) return this.count({ where: base });\n\n // The read-cursor must belong to the same room's root-message set in the\n // same tenant; a cursor from another room/thread/tenant is ignored rather\n // than skewing the count (S5 #1392).\n const lastReadMsg = await this.get({\n id: lastReadMessageId,\n roomId,\n tenantId,\n isDeleted: false,\n threadId: null,\n });\n if (!lastReadMsg?.created_at) return this.count({ where: base });\n\n return this.count({\n where: { ...base, 'created_at >': lastReadMsg.created_at },\n });\n }\n\n /\n Get most recent root message for each room (for room list preview).\n \n Each room is fetched with `orderBy created_at DESC, limit 1` so we never\n * load the full per-room history into memory (S5 #1392, DoS hardening).\n * `tenantId` is REQUIRED and bound into each per-room read so a same-id room\n * from another tenant can never leak a preview message.\n /\n async getLatestPerRoom(\n roomIds: string[],\n tenantId: string,\n ): Promise<Map<string, ChatMessage>> {\n const result = new Map<string, ChatMessage>();\n for (const roomId of roomIds) {\n const latest = await this.list({\n where: { roomId, tenantId, isDeleted: false, threadId: null },\n orderBy: 'created_at DESC',\n limit: 1,\n });\n if (latest.length > 0) {\n result.set(roomId, latest[0]);\n }\n }\n return result;\n }\n}\n","import { SmrtCollection } from '@happyvertical/smrt-core';\nimport { ChatParticipant } from '../models/ChatParticipant.js';\n\nexport class ChatParticipantCollection extends SmrtCollection<ChatParticipant> {\n static readonly _itemClass = ChatParticipant;\n\n async getByRoom(roomId: string): Promise<ChatParticipant[]> {\n return this.list({ where: { roomId, status: 'active' } });\n }\n\n async getByProfile(profileId: string): Promise<ChatParticipant[]> {\n return this.list({ where: { profileId, status: 'active' } });\n }\n\n async findMembership(\n roomId: string,\n profileId: string,\n tenantId?: string,\n ): Promise<ChatParticipant \| null> {\n const where: Record<string, unknown> = { roomId, profileId };\n if (tenantId !== undefined) where.tenantId = tenantId;\n const results = await this.list({ where });\n return results[0] ?? null;\n }\n\n /\n Returns the participant row only if the profile is an ACTIVE member of the\n * room (not left/kicked/banned). Used by ChatService to gate sends and reads\n * on room membership (S5 #1392, IDOR hardening).\n \n `tenantId` is REQUIRED and always bound into the WHERE clause so a membership\n * lookup can never resolve a row belonging to another tenant, even when no ALS\n * tenant context is active to drive the tenancy interceptor (defense in depth).\n * Making it a required parameter (rather than optional) closes the hole where a\n * caller could omit it and silently drop the tenant predicate from the query.\n /\n async findActiveMembership(\n roomId: string,\n profileId: string,\n tenantId: string,\n ): Promise<ChatParticipant \| null> {\n const where: Record<string, unknown> = {\n roomId,\n profileId,\n status: 'active',\n tenantId,\n };\n const results = await this.list({ where, limit: 1 });\n return results[0] ?? null;\n }\n\n /* True when the profile is an active member of the room (tenant-bound). /\n async isActiveMember(\n roomId: string,\n profileId: string,\n tenantId: string,\n ): Promise<boolean> {\n return (\n (await this.findActiveMembership(roomId, profileId, tenantId)) !== null\n );\n }\n\n async getOnlineInRoom(roomId: string): Promise<ChatParticipant[]> {\n const participants = await this.list({\n where: { roomId, status: 'active' },\n });\n return participants.filter((p) => p.onlineStatus !== 'offline');\n }\n\n async getAdminsInRoom(roomId: string): Promise<ChatParticipant[]> {\n const participants = await this.list({\n where: { roomId, status: 'active' },\n });\n return participants.filter((p) => p.isAdmin());\n }\n\n async countInRoom(roomId: string): Promise<number> {\n const participants = await this.list({\n where: { roomId, status: 'active' },\n });\n return participants.length;\n }\n}\n","import { SmrtCollection } from '@happyvertical/smrt-core';\nimport { ChatReaction } from '../models/ChatReaction.js';\n\nexport class ChatReactionCollection extends SmrtCollection<ChatReaction> {\n static readonly _itemClass = ChatReaction;\n\n async getByMessage(messageId: string): Promise<ChatReaction[]> {\n return this.list({ where: { messageId } });\n }\n\n /* Get reaction counts grouped by emoji for a message /\n async getReactionCounts(\n messageId: string,\n ): Promise<Map<string, { count: number; profileIds: string[] }>> {\n const reactions = await this.list({ where: { messageId } });\n const counts = new Map<string, { count: number; profileIds: string[] }>();\n\n for (const reaction of reactions) {\n const existing = counts.get(reaction.emoji);\n if (existing) {\n existing.count++;\n existing.profileIds.push(reaction.profileId);\n } else {\n counts.set(reaction.emoji, {\n count: 1,\n profileIds: [reaction.profileId],\n });\n }\n }\n\n return counts;\n }\n\n /\n Toggle a reaction: add if not present, remove if already reacted.\n \n `tenantId` is bound into the existence lookup (S5 #1392) so the toggle can\n * never match or delete a reaction row belonging to another tenant. Prefer the\n * membership-checked {@link ChatService.addReaction}/{@link ChatService.removeReaction}\n * for request-driven flows; this low-level helper performs no membership check.\n /\n async toggle(\n messageId: string,\n profileId: string,\n emoji: string,\n tenantId: string,\n ): Promise<{ added: boolean }> {\n const existing = await this.list({\n where: { messageId, profileId, emoji, tenantId },\n });\n\n if (existing.length > 0) {\n await existing[0].delete();\n return { added: false };\n }\n\n await this.create({\n tenantId,\n messageId,\n profileId,\n emoji,\n });\n return { added: true };\n }\n}\n","import { createHash } from 'node:crypto';\nimport { SmrtCollection } from '@happyvertical/smrt-core';\nimport type { ChatParticipantCollection } from '../collections/ChatParticipantCollection.js';\nimport { ChatRoom } from '../models/ChatRoom.js';\nimport type { ChatRoomType } from '../types.js';\n\n/\n Deterministic, order-independent room id for a 1:1 DM between two profiles\n * within a tenant (S5 #1392, DM race hardening).\n \n Concurrent {@link ChatRoomCollection.findOrCreateDM} calls for the same pair\n * compute the SAME id, so the underlying upsert (which conflicts on `id` for new\n * objects) collapses the racing inserts onto one row instead of creating\n * duplicate DM rooms. The id is a deterministic UUIDv5-shaped value derived from\n * the tenant and the sorted profile pair.\n /\nexport function canonicalDmRoomId(\n tenantId: string,\n profileId1: string,\n profileId2: string,\n): string {\n const [a, b] = [profileId1, profileId2].sort();\n const key = `dm ${tenantId} ${a} ${b}`;\n const hash = createHash('sha1').update(key).digest('hex');\n // Shape the digest as a v5 UUID (set version/variant nibbles).\n return [\n hash.slice(0, 8),\n hash.slice(8, 12),\n `5${hash.slice(13, 16)}`,\n ((Number.parseInt(hash.slice(16, 18), 16) & 0x3f) \| 0x80)\n .toString(16)\n .padStart(2, '0') + hash.slice(18, 20),\n hash.slice(20, 32),\n ].join('-');\n}\n\nexport class ChatRoomCollection extends SmrtCollection<ChatRoom> {\n static readonly _itemClass = ChatRoom;\n\n async findByType(roomType: ChatRoomType): Promise<ChatRoom[]> {\n return this.list({ where: { roomType, status: 'active' } });\n }\n\n async findPublic(): Promise<ChatRoom[]> {\n return this.list({ where: { roomType: 'public', status: 'active' } });\n }\n\n async findDMs(): Promise<ChatRoom[]> {\n return this.list({ where: { roomType: 'dm', status: 'active' } });\n }\n\n async findAgentRooms(): Promise<ChatRoom[]> {\n return this.list({ where: { roomType: 'agent', status: 'active' } });\n }\n\n /\n Search rooms by name/description/topic.\n \n Filtering and limiting are pushed into SQL via `LIKE` instead of loading\n * the entire tenant room set and filtering in JS (S5 #1392, DoS hardening).\n * The WHERE API does not support OR, so we issue one bounded query per\n * searchable column and merge the results, capping the total returned.\n /\n async search(\n query: string,\n options?: { limit?: number },\n ): Promise<ChatRoom[]> {\n const limit = options?.limit ?? 50;\n const like = `%${query}%`;\n const columns = ['name', 'description', 'topic'] as const;\n\n const merged = new Map<string, ChatRoom>();\n for (const column of columns) {\n const matches = await this.list({\n where: { status: 'active', [`${column} like`]: like },\n orderBy: 'created_at DESC',\n limit,\n });\n for (const room of matches) {\n if (room.id) merged.set(room.id, room);\n }\n if (merged.size >= limit) break;\n }\n\n return Array.from(merged.values()).slice(0, limit);\n }\n\n /\n Find an existing 1:1 DM room between two profiles, or create one.\n \n DM identity is derived from the authoritative `chat_participants` join\n * (server-controlled) rather than client-mutable room metadata (S5 #1392).\n * Callers are responsible for attaching both profiles as participants after\n * creation; {@link ChatService.getOrCreateDM} does this.\n /\n async findOrCreateDM(\n profileId1: string,\n profileId2: string,\n tenantId: string,\n participants: ChatParticipantCollection,\n ): Promise<ChatRoom> {\n // Fast, race-safe path: a DM for a tenant + profile pair has a deterministic\n // id, so a prior (or concurrently-created) DM resolves directly (S5 #1392).\n const dmId = canonicalDmRoomId(tenantId, profileId1, profileId2);\n const canonical = await this.get({ id: dmId, tenantId });\n if (canonical && canonical.roomType === 'dm') {\n return canonical;\n }\n\n // Legacy fallback: DMs created before the deterministic-id scheme are still\n // discovered via the authoritative chat_participants join. tenantId is bound\n // into every lookup so a DM can never be resolved (or reused) across tenants,\n // even without an ALS tenant context.\n const memberships1 = await participants.list({\n where: { profileId: profileId1, status: 'active', tenantId },\n });\n const candidateRoomIds = memberships1.map((m) => m.roomId);\n\n for (const roomId of candidateRoomIds) {\n const dm = await this.get({ id: roomId, tenantId });\n if (!dm \|\| dm.roomType !== 'dm' \|\| dm.status !== 'active') continue;\n\n // Confirm profile2 is also an active participant of this same room.\n const others = await participants.list({\n where: { roomId, profileId: profileId2, status: 'active', tenantId },\n });\n if (others.length > 0) {\n return dm;\n }\n }\n\n // Create new DM room with the deterministic id. Membership is established by\n // the caller via the chat_participants join — not via client metadata. The\n // deterministic id makes concurrent creates upsert onto a single row,\n // eliminating the former check-then-create duplicate-DM race.\n const room = await this.create({\n id: dmId,\n tenantId,\n name: '',\n roomType: 'dm',\n status: 'active',\n maxParticipants: 2,\n });\n return room;\n }\n}\n","import { SmrtCollection } from '@happyvertical/smrt-core';\nimport { ChatThread } from '../models/ChatThread.js';\n\nexport class ChatThreadCollection extends SmrtCollection<ChatThread> {\n static readonly _itemClass = ChatThread;\n\n async getByRoom(roomId: string): Promise<ChatThread[]> {\n return this.list({ where: { roomId } });\n }\n\n async getActive(roomId: string): Promise<ChatThread[]> {\n const threads = await this.list({ where: { roomId } });\n return threads.filter((t) => !t.isResolved);\n }\n\n async getUnresolved(): Promise<ChatThread[]> {\n const threads = await this.list({});\n return threads.filter((t) => !t.isResolved);\n }\n}\n","import {\n ObjectRegistry,\n type SmrtObjectOptions,\n} from '@happyvertical/smrt-core';\nimport { AgentSessionCollection } from '../collections/AgentSessionCollection.js';\nimport { ChatMessageCollection } from '../collections/ChatMessageCollection.js';\nimport { ChatParticipantCollection } from '../collections/ChatParticipantCollection.js';\nimport { ChatReactionCollection } from '../collections/ChatReactionCollection.js';\nimport { ChatRoomCollection } from '../collections/ChatRoomCollection.js';\nimport { ChatThreadCollection } from '../collections/ChatThreadCollection.js';\nimport type { AgentSession } from '../models/AgentSession.js';\nimport type { ChatMessage } from '../models/ChatMessage.js';\nimport type { ChatThread } from '../models/ChatThread.js';\nimport type {\n ChatMessageRole,\n ChatMessageType,\n ChatParticipantRole,\n ChatRoomStatus,\n ChatRoomType,\n} from '../types.js';\n\n/\n Internal write descriptor for {@link ChatService.writeMessage}. This shape can\n * author a message as an arbitrary profile/role and may skip the membership\n * check, so it MUST NOT be reachable from any public/route-facing signature\n * (S5 #1392). Only the trusted in-class callers below construct it.\n /\ninterface InternalMessageWrite {\n tenantId: string;\n roomId: string;\n senderProfileId: string;\n content: string;\n role: ChatMessageRole;\n messageType?: ChatMessageType;\n threadId?: string \| null;\n agentSessionId?: string \| null;\n replyToMessageId?: string \| null;\n toolCallData?: Record<string, unknown> \| null;\n /* Internal-only escape hatch for system-authored writes. /\n skipMembershipCheck?: boolean;\n}\n\n/\n Parameters for emitting an agent-authored (assistant/tool) message. Used only\n * by the internal {@link sendAgentReply} bridge below — NOT a public surface.\n /\nexport interface AgentReplyParams {\n tenantId: string;\n agentSessionId: string;\n content: string;\n kind?: 'assistant' \| 'tool';\n messageType?: ChatMessageType;\n toolCallData?: Record<string, unknown> \| null;\n /\n Optional thread to attach the agent reply to. It MUST belong to the same\n * room/tenant as the session (validated in {@link ChatService.writeMessage}).\n /\n threadId?: string \| null;\n}\n\n/* Tenant-bound agent session lookup descriptor for the read facade. /\nexport interface AgentSessionLookup {\n agentSessionId: string;\n tenantId: string \| null;\n}\n\n/* Tenant-bound thread lookup descriptor for the read facade. /\nexport interface ThreadLookup {\n threadId: string;\n tenantId: string;\n}\n\n/\n Module-private bridge key for the agent-reply path (S5 #1392).\n \n The agent-authoring path is reachable only through the {@link sendAgentReply}\n * function (re-exported solely from `./internal/agent-runtime`). To let that\n * module-local function reach the `private` {@link ChatService.emitAgentReply}\n * without widening the class's PUBLIC surface, the class exposes a single\n * symbol-keyed static. A symbol key is not a named member: it does not appear on\n * the `ChatService` type, is not enumerable, and is callable only by code that\n * holds this non-exported symbol. This replaces the previous public\n * `_runAgentReply` static, which any consumer of the root-exported `ChatService`\n * could call to author messages as the agent.\n /\nconst RUN_AGENT_REPLY = Symbol('smrt-chat.runAgentReply');\n\nexport class ChatService {\n // Raw persistence collections are PRIVATE (S5 #1392). They can author/mutate\n // any row with no actor/membership check, so they must NOT appear on the\n // public `ChatService` type, and the package index no longer re-exports the\n // collection classes for direct construction around the service. Every\n // external read/write goes through the authorized facade methods below.\n readonly #rooms: ChatRoomCollection;\n readonly #messages: ChatMessageCollection;\n readonly #participants: ChatParticipantCollection;\n readonly #threads: ChatThreadCollection;\n readonly #agentSessions: AgentSessionCollection;\n readonly #reactions: ChatReactionCollection;\n\n private constructor(\n rooms: ChatRoomCollection,\n messages: ChatMessageCollection,\n participants: ChatParticipantCollection,\n threads: ChatThreadCollection,\n agentSessions: AgentSessionCollection,\n reactions: ChatReactionCollection,\n ) {\n this.#rooms = rooms;\n this.#messages = messages;\n this.#participants = participants;\n this.#threads = threads;\n this.#agentSessions = agentSessions;\n this.#reactions = reactions;\n }\n\n static async create(options: SmrtObjectOptions): Promise<ChatService> {\n ObjectRegistry.registerCollection(\n '@happyvertical/smrt-chat:ChatRoom',\n ChatRoomCollection,\n );\n ObjectRegistry.registerCollection(\n '@happyvertical/smrt-chat:ChatMessage',\n ChatMessageCollection,\n );\n ObjectRegistry.registerCollection(\n '@happyvertical/smrt-chat:ChatParticipant',\n ChatParticipantCollection,\n );\n ObjectRegistry.registerCollection(\n '@happyvertical/smrt-chat:ChatThread',\n ChatThreadCollection,\n );\n ObjectRegistry.registerCollection(\n '@happyvertical/smrt-chat:AgentSession',\n AgentSessionCollection,\n );\n ObjectRegistry.registerCollection(\n '@happyvertical/smrt-chat:ChatReaction',\n ChatReactionCollection,\n );\n\n const rooms = (await ObjectRegistry.getCollection(\n '@happyvertical/smrt-chat:ChatRoom',\n options,\n )) as ChatRoomCollection;\n const messages = (await ObjectRegistry.getCollection(\n '@happyvertical/smrt-chat:ChatMessage',\n options,\n )) as ChatMessageCollection;\n const participants = (await ObjectRegistry.getCollection(\n '@happyvertical/smrt-chat:ChatParticipant',\n options,\n )) as ChatParticipantCollection;\n const threads = (await ObjectRegistry.getCollection(\n '@happyvertical/smrt-chat:ChatThread',\n options,\n )) as ChatThreadCollection;\n const agentSessions = (await ObjectRegistry.getCollection(\n '@happyvertical/smrt-chat:AgentSession',\n options,\n )) as AgentSessionCollection;\n const reactions = (await ObjectRegistry.getCollection(\n '@happyvertical/smrt-chat:ChatReaction',\n options,\n )) as ChatReactionCollection;\n\n return new ChatService(\n rooms,\n messages,\n participants,\n threads,\n agentSessions,\n reactions,\n );\n }\n\n /* Initialize all underlying collections (table creation) /\n async initialize(): Promise<void> {\n await this.#rooms.initialize();\n await this.#messages.initialize();\n await this.#participants.initialize();\n await this.#threads.initialize();\n await this.#agentSessions.initialize();\n await this.#reactions.initialize();\n }\n\n /\n Create a room and add the creating actor as owner (S5 #1392).\n \n The acting identity is the server-supplied `actorProfileId` (the\n * authenticated principal the route injects). The creator/owner is ALWAYS the\n * actor — a caller cannot supply a `createdByProfileId` to attribute the room\n * to (and enroll as owner) some other profile.\n /\n async createRoom(params: {\n tenantId: string;\n name: string;\n roomType: ChatRoomType;\n actorProfileId: string;\n description?: string;\n topic?: string;\n }) {\n const room = await this.#rooms.create({\n tenantId: params.tenantId,\n name: params.name,\n roomType: params.roomType,\n createdByProfileId: params.actorProfileId,\n description: params.description ?? '',\n topic: params.topic ?? '',\n status: 'active',\n });\n\n await this.#enrollParticipant({\n tenantId: params.tenantId,\n roomId: room.id as string,\n profileId: params.actorProfileId,\n role: 'owner',\n });\n\n return room;\n }\n\n /\n Send a USER message to a room as the authenticated caller (S5 #1392).\n \n The acting identity is the server-supplied `actorProfileId` (the\n * authenticated principal the route injects). The message is ALWAYS authored\n * as `actorProfileId` with `role: 'user'` — the caller cannot supply a\n * `senderProfileId` to impersonate another profile or the agent, and cannot\n * supply a privileged `role` (assistant/system/tool). Agent-authored messages\n * go exclusively through the internal {@link ChatService.sendAgentReply}.\n \n Authorization: `actorProfileId` must be an ACTIVE participant of the target\n * room, preventing cross-room IDOR within a tenant. There is no public\n * membership-skip parameter; system-authored writes use the internal\n * {@link ChatService.writeMessage} path.\n /\n async sendMessage(params: {\n tenantId: string;\n roomId: string;\n actorProfileId: string;\n content: string;\n messageType?: ChatMessageType;\n threadId?: string \| null;\n agentSessionId?: string \| null;\n replyToMessageId?: string \| null;\n }) {\n return this.#writeMessage({\n tenantId: params.tenantId,\n roomId: params.roomId,\n senderProfileId: params.actorProfileId,\n content: params.content,\n role: 'user',\n messageType: params.messageType ?? 'text',\n threadId: params.threadId ?? null,\n agentSessionId: params.agentSessionId ?? null,\n replyToMessageId: params.replyToMessageId ?? null,\n });\n }\n\n /\n INTERNAL persistence path for all message writes. Not exposed publicly: it\n * accepts an arbitrary author/role and an internal-only `skipMembershipCheck`\n * (S5 #1392). Every public entry point (`sendMessage`, `sendAgentUserMessage`,\n * `sendAgentReply`) funnels through here with a server-derived author/role.\n \n Membership is enforced unless `skipMembershipCheck` is set, which only the\n * in-class system-authored callers may do.\n /\n async #writeMessage(write: InternalMessageWrite) {\n if (!write.skipMembershipCheck) {\n const isMember = await this.#participants.isActiveMember(\n write.roomId,\n write.senderProfileId,\n write.tenantId,\n );\n if (!isMember) {\n throw new Error(\n 'Sender is not an active member of the room (authorization denied)',\n );\n }\n }\n\n // Every supplied reference (thread / agent session / reply-to message) MUST\n // belong to the SAME room AND tenant as the message being written (S5\n // #1392). Without this, an active member of one room could attach a message\n // to — or pull in/mutate the stats of — an unrelated thread/session/message\n // from another room or tenant. Bind roomId + tenantId into each lookup and\n // reject any mismatch. The validated rows are reused below for stat updates,\n // so there is no second, tenant-UNBOUND lookup.\n const thread = write.threadId\n ? await this.#threads.get({\n id: write.threadId,\n roomId: write.roomId,\n tenantId: write.tenantId,\n })\n : null;\n if (write.threadId && !thread) {\n throw new Error(\n 'threadId does not belong to this room/tenant (authorization denied)',\n );\n }\n\n const session = write.agentSessionId\n ? await this.#agentSessions.get({\n id: write.agentSessionId,\n chatRoomId: write.roomId,\n tenantId: write.tenantId,\n })\n : null;\n if (write.agentSessionId && !session) {\n throw new Error(\n 'agentSessionId does not belong to this room/tenant (authorization denied)',\n );\n }\n\n if (write.replyToMessageId) {\n const replyTo = await this.#messages.get({\n id: write.replyToMessageId,\n roomId: write.roomId,\n tenantId: write.tenantId,\n });\n if (!replyTo) {\n throw new Error(\n 'replyToMessageId does not belong to this room/tenant (authorization denied)',\n );\n }\n }\n\n const message = await this.#messages.create({\n tenantId: write.tenantId,\n roomId: write.roomId,\n senderProfileId: write.senderProfileId,\n content: write.content,\n messageType: write.messageType ?? 'text',\n role: write.role,\n threadId: write.threadId ?? null,\n agentSessionId: write.agentSessionId ?? null,\n replyToMessageId: write.replyToMessageId ?? null,\n toolCallData: write.toolCallData\n ? JSON.stringify(write.toolCallData)\n : null,\n });\n\n // Update room's lastMessageAt\n const room = await this.#rooms.get({\n id: write.roomId,\n tenantId: write.tenantId,\n });\n if (room) {\n room.lastMessageAt = new Date();\n await room.save();\n }\n\n // Update thread stats if threaded (reuse the validated row)\n if (thread) {\n thread.messageCount++;\n thread.lastMessageAt = new Date();\n await thread.save();\n }\n\n // Record on agent session if applicable (reuse the validated row)\n if (session) {\n await session.recordMessage();\n }\n\n return message;\n }\n\n /\n Start a thread in a room (S5 #1392).\n \n The acting identity is the server-supplied `actorProfileId`, which must be\n * an active member of the room. Generated thread `create` is disabled, so this\n * is the only path to create a thread.\n \n When a `rootMessageId` is supplied it is bound to `{ id, roomId, tenantId }`\n * and rejected unless it belongs to the SAME room and tenant — without this a\n * member of one room could anchor a thread to a message from another\n * room/tenant. `rootMessageId` is optional (a thread can be opened without a\n * root message, e.g. an agent-editor thread).\n /\n async startThread(params: {\n tenantId: string;\n roomId: string;\n actorProfileId: string;\n rootMessageId?: string \| null;\n title?: string;\n }) {\n await this.#requireActiveMembership(\n params.roomId,\n params.actorProfileId,\n params.tenantId,\n );\n if (params.rootMessageId) {\n const rootMessage = await this.#messages.get({\n id: params.rootMessageId,\n roomId: params.roomId,\n tenantId: params.tenantId,\n });\n if (!rootMessage) {\n throw new Error(\n 'rootMessageId does not belong to this room/tenant (authorization denied)',\n );\n }\n }\n const thread = await this.#threads.create({\n tenantId: params.tenantId,\n roomId: params.roomId,\n rootMessageId: params.rootMessageId ?? null,\n title: params.title ?? '',\n messageCount: 0,\n });\n return thread;\n }\n\n /\n Add a participant to a room (S5 #1392).\n \n Authorization: the acting identity is the server-supplied `actorProfileId`,\n * which MUST be an owner/admin of the target room. This prevents an arbitrary\n * tenant member from adding anyone (or themselves) to any room with any role —\n * a privilege-escalation / IDOR. System-bootstrap enrollment (room creation,\n * DM/agent-session setup) uses the internal {@link ChatService.enrollParticipant}.\n /\n async addParticipant(params: {\n tenantId: string;\n roomId: string;\n actorProfileId: string;\n profileId: string;\n role?: ChatParticipantRole;\n }) {\n await this.#requireRoomAdmin(\n params.roomId,\n params.actorProfileId,\n params.tenantId,\n );\n return this.#enrollParticipant({\n tenantId: params.tenantId,\n roomId: params.roomId,\n profileId: params.profileId,\n role: params.role,\n });\n }\n\n /\n INTERNAL participant enrollment (S5 #1392). No authorization check — only\n * the trusted in-class bootstrap paths (room creation, DM/agent-session setup)\n * and the owner-checked {@link ChatService.addParticipant} call this. Not\n * exposed publicly so a route cannot enroll an arbitrary profile.\n /\n async #enrollParticipant(params: {\n tenantId: string;\n roomId: string;\n profileId: string;\n role?: ChatParticipantRole;\n }) {\n const existing = await this.#participants.findMembership(\n params.roomId,\n params.profileId,\n params.tenantId,\n );\n if (existing) {\n if (existing.status !== 'active') {\n existing.status = 'active';\n existing.joinedAt = new Date();\n await existing.save();\n }\n return existing;\n }\n\n const participant = await this.#participants.create({\n tenantId: params.tenantId,\n roomId: params.roomId,\n profileId: params.profileId,\n role: params.role ?? 'member',\n status: 'active',\n joinedAt: new Date(),\n });\n return participant;\n }\n\n /\n Remove (soft-leave) a participant from a room (S5 #1392).\n \n Authorization: the server-supplied `actorProfileId` may remove THEMSELVES\n * (leave) at any time; removing ANOTHER profile requires the actor to be an\n * owner/admin of the room. An admin who is not an owner cannot remove an owner.\n /\n async removeParticipant(params: {\n tenantId: string;\n roomId: string;\n actorProfileId: string;\n profileId: string;\n }) {\n const target = await this.#participants.findMembership(\n params.roomId,\n params.profileId,\n params.tenantId,\n );\n if (!target) return;\n\n const isSelf = params.actorProfileId === params.profileId;\n if (!isSelf) {\n const actor = await this.#participants.findActiveMembership(\n params.roomId,\n params.actorProfileId,\n params.tenantId,\n );\n if (!actor \|\| !actor.isAdmin()) {\n throw new Error(\n 'Only a room owner/admin may remove another participant (authorization denied)',\n );\n }\n // An admin (non-owner) cannot remove an owner.\n if (target.isOwner() && !actor.isOwner()) {\n throw new Error(\n 'Only a room owner may remove an owner (authorization denied)',\n );\n }\n }\n\n target.status = 'left';\n await target.save();\n }\n\n /\n Update mutable room fields, restricted to a room owner/admin (S5 #1392).\n \n Generated `update` on ChatRoom is disabled, so this owner-checked path is the\n * only way to mutate room state. The acting identity is the server-supplied\n * `actorProfileId`.\n /\n async updateRoom(params: {\n tenantId: string;\n roomId: string;\n actorProfileId: string;\n name?: string;\n description?: string;\n topic?: string;\n avatarUrl?: string;\n status?: ChatRoomStatus;\n }) {\n await this.#requireRoomAdmin(\n params.roomId,\n params.actorProfileId,\n params.tenantId,\n );\n const room = await this.#rooms.get({\n id: params.roomId,\n tenantId: params.tenantId,\n });\n if (!room) throw new Error('Room not found');\n\n if (params.name !== undefined) room.name = params.name;\n if (params.description !== undefined) room.description = params.description;\n if (params.topic !== undefined) room.topic = params.topic;\n if (params.avatarUrl !== undefined) room.avatarUrl = params.avatarUrl;\n if (params.status !== undefined) room.status = params.status;\n await room.save();\n return room;\n }\n\n /\n Add a reaction to a message as the authenticated caller (S5 #1392).\n \n Generated `create` on ChatReaction is disabled. The reaction is always\n * authored as the server-supplied `actorProfileId` (no caller-supplied\n * `profileId`), and the actor must be an active member of the room that owns\n * the message. Idempotent: re-reacting with the same emoji returns the\n * existing row.\n /\n async addReaction(params: {\n tenantId: string;\n messageId: string;\n actorProfileId: string;\n emoji: string;\n }) {\n const message = await this.#messages.get({\n id: params.messageId,\n tenantId: params.tenantId,\n });\n if (!message) throw new Error('Message not found');\n\n await this.#requireActiveMembership(\n message.roomId,\n params.actorProfileId,\n params.tenantId,\n );\n\n const existing = await this.#reactions.list({\n where: {\n tenantId: params.tenantId,\n messageId: params.messageId,\n profileId: params.actorProfileId,\n emoji: params.emoji,\n },\n limit: 1,\n });\n if (existing[0]) return existing[0];\n\n return this.#reactions.create({\n tenantId: params.tenantId,\n messageId: params.messageId,\n profileId: params.actorProfileId,\n emoji: params.emoji,\n });\n }\n\n /\n Remove the caller's own reaction from a message (S5 #1392).\n \n Generated `delete` on ChatReaction is disabled. A caller may only delete\n * THEIR OWN reaction (keyed on `actorProfileId`), so the route cannot remove\n * another member's reaction.\n /\n async removeReaction(params: {\n tenantId: string;\n messageId: string;\n actorProfileId: string;\n emoji: string;\n }): Promise<boolean> {\n const existing = await this.#reactions.list({\n where: {\n tenantId: params.tenantId,\n messageId: params.messageId,\n profileId: params.actorProfileId,\n emoji: params.emoji,\n },\n limit: 1,\n });\n if (existing[0]) {\n await existing[0].delete();\n return true;\n }\n return false;\n }\n\n /\n Get or create a DM room with auto-participant setup.\n \n The acting identity is the server-supplied `actorProfileId`, which must be\n * one of the two DM participants — a caller cannot open a DM between two other\n * profiles on their behalf (S5 #1392). Enrollment uses the internal system\n * path (no owner check needed for a DM the actor is part of).\n /\n async getOrCreateDM(params: {\n tenantId: string;\n actorProfileId: string;\n profileId1: string;\n profileId2: string;\n }) {\n if (\n params.actorProfileId !== params.profileId1 &&\n params.actorProfileId !== params.profileId2\n ) {\n throw new Error(\n 'Caller must be a participant of the DM (authorization denied)',\n );\n }\n\n const room = await this.#rooms.findOrCreateDM(\n params.profileId1,\n params.profileId2,\n params.tenantId,\n this.#participants,\n );\n\n await this.#enrollParticipant({\n tenantId: params.tenantId,\n roomId: room.id as string,\n profileId: params.profileId1,\n });\n await this.#enrollParticipant({\n tenantId: params.tenantId,\n roomId: room.id as string,\n profileId: params.profileId2,\n });\n\n return room;\n }\n\n /\n Create an agent conversation session with a linked chat room (S5 #1392).\n \n The acting identity is the server-supplied `actorProfileId`; the session is\n * ALWAYS created for that actor as the owning participant. A caller cannot\n * supply a `participantProfileId` to open (and own) a session on behalf of\n * another profile.\n \n `sessionKey` scopes the session's identity to a conversation subject (e.g. a\n * content id) (S5 #1392). The reuse lookup keys on `(agentId,\n * participantProfileId, tenantId)`, which is too coarse for callers that open\n * separate conversations for distinct subjects under one agent/profile/tenant:\n * without a key, a session opened for subject A would be reused for a request\n * about subject B, returning A's room/threads on B's route. When `sessionKey`\n * is set, an existing session is reused ONLY if its key matches exactly, and a\n * newly created session records the key; distinct keys therefore get distinct\n * sessions and rooms. When omitted, behavior is unchanged (single session per\n * agent/profile/tenant).\n /\n async createAgentSession(params: {\n tenantId: string;\n agentId: string;\n actorProfileId: string;\n allowedTools?: string[];\n systemPrompt?: string;\n maxTokens?: number;\n maxMessages?: number;\n sessionKey?: string \| null;\n }) {\n const participantProfileId = params.actorProfileId;\n const sessionKey = params.sessionKey ?? null;\n // Check for existing active session first to avoid orphaned rooms. When a\n // sessionKey is supplied the reuse lookup is narrowed to a matching key so a\n // session opened for a different subject is never reused/rewritten here.\n const existingSession = await this.#agentSessions.findActiveSession(\n params.agentId,\n participantProfileId,\n params.tenantId,\n sessionKey,\n );\n if (existingSession && existingSession.tenantId === params.tenantId) {\n if (existingSession.chatRoomId) {\n // Tenant-bind the room lookup (S5 #1392): the session's chatRoomId must\n // resolve a room within the SAME tenant, never one from another tenant.\n const existingRoom = await this.#rooms.get({\n id: existingSession.chatRoomId,\n tenantId: params.tenantId,\n });\n if (existingRoom) {\n // Ensure both the participant and the agent are enrolled even on the\n // existing-session path. Legacy sessions created before the agent was\n // enrolled as a member would otherwise fail sendAgentReply's\n // membership check (S5 #1392). enrollParticipant is idempotent.\n await this.#enrollParticipant({\n tenantId: params.tenantId,\n roomId: existingRoom.id as string,\n profileId: participantProfileId,\n role: 'owner',\n });\n await this.#enrollParticipant({\n tenantId: params.tenantId,\n roomId: existingRoom.id as string,\n profileId: params.agentId,\n role: 'member',\n });\n return { session: existingSession, room: existingRoom };\n }\n }\n // Session exists but room is missing/orphaned — expire it so we create fresh\n await existingSession.expire();\n }\n\n // Create an agent-type room for this session\n const room = await this.#rooms.create({\n tenantId: params.tenantId,\n name: '',\n roomType: 'agent',\n createdByProfileId: participantProfileId,\n status: 'active',\n maxParticipants: 2,\n });\n\n // Add participant\n await this.#enrollParticipant({\n tenantId: params.tenantId,\n roomId: room.id as string,\n profileId: participantProfileId,\n role: 'owner',\n });\n\n // Add the agent itself as a member so its assistant/tool messages pass the\n // room-membership authorization check in sendMessage (S5 #1392).\n await this.#enrollParticipant({\n tenantId: params.tenantId,\n roomId: room.id as string,\n profileId: params.agentId,\n role: 'member',\n });\n\n // Create session (subject-scoped when a sessionKey is supplied, so the key\n // is persisted on the new session and future reuse lookups stay scoped).\n const session = await this.#agentSessions.findOrCreate({\n agentId: params.agentId,\n participantProfileId,\n tenantId: params.tenantId,\n allowedTools: params.allowedTools,\n chatRoomId: room.id as string,\n systemPrompt: params.systemPrompt,\n sessionKey,\n });\n\n if (params.maxTokens) session.maxTokens = params.maxTokens;\n if (params.maxMessages) session.maxMessages = params.maxMessages;\n await session.save();\n\n return { session, room };\n }\n\n /\n Send a USER message within an agent session (S5 #1392).\n \n The authenticated caller (`actorProfileId`) must be the session's owning\n * participant. The message is always authored as `session.participantProfileId`\n * — the caller cannot supply a `senderProfileId`, a `role`, or tool-call data,\n * so this path can never be used to post as the agent (`assistant`/`tool`) or\n * to impersonate another profile. Agent replies go through the internal\n * {@link ChatService.sendAgentReply}.\n /\n async sendAgentUserMessage(params: {\n tenantId: string;\n agentSessionId: string;\n actorProfileId: string;\n content: string;\n messageType?: ChatMessageType;\n }) {\n const session = await this.#loadActiveSession(\n params.agentSessionId,\n params.tenantId,\n );\n\n if (params.actorProfileId !== session.participantProfileId) {\n throw new Error(\n 'Only the session participant may post user messages in this agent session (authorization denied)',\n );\n }\n\n return this.#writeMessage({\n tenantId: params.tenantId,\n roomId: session.chatRoomId as string,\n senderProfileId: session.participantProfileId,\n content: params.content,\n role: 'user',\n messageType: params.messageType ?? 'text',\n agentSessionId: params.agentSessionId,\n });\n }\n\n /\n Emit an ASSISTANT or TOOL message authored by the agent (S5 #1392).\n \n INTERNAL authority: this is the only path that authors a message as the\n * agent, and it is not reachable with a caller-supplied `senderProfileId`/\n * `role`. The author is always `session.agentId`. Tool calls are gated\n * fail-closed against the session's allow-list. Intended for the trusted\n * agent-runtime, never a per-tenant request handler driven by client-supplied\n * role/sender.\n \n This is a `private` method and is NOT exported from the package index. The\n * in-process agent runtime reaches it through the {@link sendAgentReply}\n * bridge in this module, which is deliberately not re-exported from\n * `src/index.ts`, so a route/consumer can never author a message as the agent.\n /\n async #emitAgentReply(params: AgentReplyParams) {\n const session = await this.#loadActiveSession(\n params.agentSessionId,\n params.tenantId,\n );\n\n const role: ChatMessageRole = params.kind === 'tool' ? 'tool' : 'assistant';\n\n // Enforce the per-session tool allow-list, fail-closed (S5 #1392, broadened\n // T2 #1391). A tool message carries its tool name in toolCallData.name (or\n // .tool); any call to a tool not on the session's whitelist is rejected.\n // The gate covers every tool-shaped message — `tool_call` AND `tool_result`\n // message types, the `tool` role, and any payload that carries toolCallData\n // — so a `tool_result` emitted with the default `assistant` kind and no\n // toolCallData can never render a tool bubble for a non-whitelisted tool.\n if (\n params.messageType === 'tool_call' \|\|\n params.messageType === 'tool_result' \|\|\n role === 'tool' \|\|\n params.toolCallData\n ) {\n const toolName = ChatService.#extractToolName(params.toolCallData);\n if (!toolName) {\n throw new Error('Tool call is missing a tool name');\n }\n if (!session.isToolAllowed(toolName)) {\n throw new Error(\n `Tool '${toolName}' is not allowed for this agent session (authorization denied)`,\n );\n }\n }\n\n return this.#writeMessage({\n tenantId: params.tenantId,\n roomId: session.chatRoomId as string,\n senderProfileId: session.agentId,\n content: params.content,\n role,\n messageType: params.messageType ?? 'text',\n threadId: params.threadId ?? null,\n agentSessionId: params.agentSessionId,\n toolCallData: params.toolCallData ?? null,\n });\n }\n\n /* Load an active agent session by id, tenant-bound, or throw. /\n async #loadActiveSession(agentSessionId: string, tenantId: string) {\n const session = await this.#agentSessions.get({\n id: agentSessionId,\n tenantId,\n });\n if (!session) throw new Error('Agent session not found');\n if (!session.isActive()) throw new Error('Agent session is not active');\n if (!session.chatRoomId) throw new Error('Agent session has no chat room');\n return session;\n }\n\n /\n Read messages in a room, gated on the AUTHENTICATED CALLER's active\n * membership (S5 #1392).\n \n The acting identity is the server-supplied `actorProfileId` (the\n * authenticated principal the route injects), NOT a caller-controlled\n * `profileId`. Authorizing a supplied `profileId` would make a route a\n * confused deputy: any caller could read a room by smuggling some member's\n * profile id. Throws if `actorProfileId` is not an active participant of\n * `roomId`. `tenantId` is required so the membership gate is always\n * tenant-scoped.\n /\n async getRoomMessages(params: {\n roomId: string;\n actorProfileId: string;\n tenantId: string;\n limit?: number;\n before?: string;\n }) {\n await this.#requireActiveMembership(\n params.roomId,\n params.actorProfileId,\n params.tenantId,\n );\n return this.#messages.getByRoom(params.roomId, params.tenantId, {\n limit: params.limit,\n before: params.before,\n });\n }\n\n /\n Load a room only if the AUTHENTICATED CALLER is an active member (S5 #1392).\n \n The acting identity is the server-supplied `actorProfileId`, never a\n * caller-controlled `profileId` (confused-deputy avoidance — see\n * {@link ChatService.getRoomMessages}). Returns null when the room does not\n * exist; throws when the actor is not an active participant. `tenantId` is\n * required so the lookup and the membership gate are always tenant-scoped.\n /\n async getRoomForMember(\n roomId: string,\n actorProfileId: string,\n tenantId: string,\n ) {\n const room = await this.#rooms.get({ id: roomId, tenantId });\n if (!room) return null;\n await this.#requireActiveMembership(roomId, actorProfileId, tenantId);\n return room;\n }\n\n /\n Tenant-bound read of a single agent session (S5 #1392).\n \n The lookup ALWAYS binds `tenantId` (including the `null`/untenanted scope),\n * so a caller can never resolve a session belonging to another tenant by id.\n * Returns `null` when no session matches the id within the tenant. Replaces\n * direct `agentSessions.get(id)` reach-ins in package consumers; consumers\n * still apply their own ownership/context authorization on the returned row.\n /\n async getAgentSession(\n lookup: AgentSessionLookup,\n ): Promise<AgentSession \| null> {\n const session = await this.#agentSessions.get({\n id: lookup.agentSessionId,\n tenantId: lookup.tenantId,\n });\n return session ?? null;\n }\n\n /\n Tenant-bound list of ACTIVE agent sessions for an (agent, participant) pair\n * (S5 #1392).\n \n Binds `tenantId` into the query so the result can never include a session\n * from another tenant. Replaces direct `agentSessions.list({ where })`\n * reach-ins; consumers apply their own per-session context authorization.\n /\n async findActiveAgentSessions(params: {\n tenantId: string \| null;\n agentId: string;\n participantProfileId: string;\n }): Promise<AgentSession[]> {\n const sessions = await this.#agentSessions.list({\n where: {\n tenantId: params.tenantId,\n agentId: params.agentId,\n participantProfileId: params.participantProfileId,\n status: 'active',\n },\n });\n return sessions.filter((s) => s.isActive());\n }\n\n /\n Tenant-bound read of a single thread (S5 #1392).\n \n Binds `tenantId` into the lookup so a thread from another tenant can never\n * be resolved by id. Returns `null` when no thread matches within the tenant.\n * Replaces direct `threads.get(id)` reach-ins.\n /\n async getThread(lookup: ThreadLookup): Promise<ChatThread \| null> {\n const thread = await this.#threads.get({\n id: lookup.threadId,\n tenantId: lookup.tenantId,\n });\n return thread ?? null;\n }\n\n /\n List a room's threads, gated on the caller's active membership (S5 #1392).\n \n Tenant- and membership-scoped: throws if `actorProfileId` is not an active\n * participant of `roomId`. Replaces direct `threads.list({ where: { roomId } })`\n * reach-ins that returned threads without a membership/tenant gate.\n /\n async listRoomThreads(params: {\n roomId: string;\n actorProfileId: string;\n tenantId: string;\n }): Promise<ChatThread[]> {\n await this.#requireActiveMembership(\n params.roomId,\n params.actorProfileId,\n params.tenantId,\n );\n return this.#threads.list({\n where: { tenantId: params.tenantId, roomId: params.roomId },\n orderBy: 'createdAt DESC',\n });\n }\n\n /\n Read messages within a thread, tenant- and membership-bound (S5 #1392).\n \n The thread is resolved tenant-bound; the caller must be an active member of\n * the thread's room. Messages are returned oldest-first (chronological).\n * Replaces direct `messages.list({ where: { threadId } })` reach-ins that\n * could read another tenant's/room's thread history by raw id.\n /\n async getThreadMessages(params: {\n threadId: string;\n actorProfileId: string;\n tenantId: string;\n limit?: number;\n }): Promise<ChatMessage[]> {\n const thread = await this.#threads.get({\n id: params.threadId,\n tenantId: params.tenantId,\n });\n if (!thread) {\n throw new Error('Thread not found');\n }\n await this.#requireActiveMembership(\n thread.roomId,\n params.actorProfileId,\n params.tenantId,\n );\n const messages = await this.#messages.list({\n where: {\n tenantId: params.tenantId,\n threadId: params.threadId,\n isDeleted: false,\n },\n orderBy: 'created_at DESC',\n limit: params.limit,\n });\n return messages.reverse();\n }\n\n /\n Update the per-session agent configuration (allowedTools / systemPrompt),\n * restricted to the session owner — the room owner participant (S5 #1392).\n \n Tool whitelist and system prompt govern what the agent may do, so only the\n * owning participant (not arbitrary tenant members or the agent itself) may\n * mutate them.\n /\n async updateAgentSessionConfig(params: {\n agentSessionId: string;\n actorProfileId: string;\n tenantId: string \| null;\n allowedTools?: string[];\n systemPrompt?: string;\n }) {\n // `tenantId` is mandatory and ALWAYS bound into the lookup (S5 #1392).\n // AgentSession tenancy is optional, so `null` is the explicit \"no tenant\"\n // scope — never \"any tenant\". This prevents mutating allowedTools /\n // systemPrompt on a session belonging to another tenant via an unbound get.\n const session = await this.#agentSessions.get({\n id: params.agentSessionId,\n tenantId: params.tenantId,\n });\n if (!session) throw new Error('Agent session not found');\n\n const isOwner = params.actorProfileId === session.participantProfileId;\n if (!isOwner) {\n throw new Error(\n 'Only the session owner may update agent session configuration (authorization denied)',\n );\n }\n\n if (params.allowedTools !== undefined) {\n session.setAllowedTools(params.allowedTools);\n }\n if (params.systemPrompt !== undefined) {\n session.systemPrompt = params.systemPrompt;\n }\n await session.save();\n return session;\n }\n\n /* Throw unless the profile is an active participant of the room. /\n async #requireActiveMembership(\n roomId: string,\n profileId: string,\n tenantId: string,\n ): Promise<void> {\n const isMember = await this.#participants.isActiveMember(\n roomId,\n profileId,\n tenantId,\n );\n if (!isMember) {\n throw new Error(\n 'Caller is not an active member of the room (authorization denied)',\n );\n }\n }\n\n /* Throw unless the profile is an active owner/admin of the room. /\n async #requireRoomAdmin(\n roomId: string,\n profileId: string,\n tenantId: string,\n ): Promise<void> {\n const actor = await this.#participants.findActiveMembership(\n roomId,\n profileId,\n tenantId,\n );\n if (!actor \|\| !actor.isAdmin()) {\n throw new Error(\n 'Caller must be a room owner/admin (authorization denied)',\n );\n }\n }\n\n /* Extract a tool name from tool-call payload data, if present. /\n static #extractToolName(\n data: Record<string, unknown> \| null \| undefined,\n ): string \| null {\n if (!data \|\| typeof data !== 'object') return null;\n const candidate =\n (data.name as unknown) ??\n (data.tool as unknown) ??\n (data.toolName as unknown);\n return typeof candidate === 'string' && candidate.length > 0\n ? candidate\n : null;\n }\n\n /\n Symbol-keyed bridge to the `private` {@link ChatService.emitAgentReply} for\n * the module-local {@link sendAgentReply} function (S5 #1392). A static member\n * may reach a private instance member of its own class, so this is the\n * sanctioned \"friend\" access without widening the public instance surface.\n \n Keyed on the module-private {@link RUN_AGENT_REPLY} symbol — NOT a named\n * static — so it does not appear on the `ChatService` type, is not enumerable,\n * and is callable only by code holding the (non-exported) symbol. This is the\n * sole path the agent-runtime bridge uses to author a message as the agent.\n /\n static [RUN_AGENT_REPLY](\n service: AgentReplyService,\n params: AgentReplyParams,\n ) {\n // The structural param lets this bridge be called across pnpm\n // module-instance boundaries (src vs dist). Any real instance is a\n // ChatService, so reaching the private `emitAgentReply` here is safe.\n return (service as ChatService).#emitAgentReply(params);\n }\n}\n\n/\n Structural ChatService surface accepted by {@link sendAgentReply}. The chat\n * collections are `#private`, so they cannot appear in a `Pick`; this opaque\n * marker type keeps the agent-runtime bridge callable across module-instance\n * boundaries (in a pnpm workspace a consumer's `ChatService` type may resolve to\n * the package source while this function resolves to dist) without naming any\n * private member. Any real ChatService instance satisfies it.\n /\nexport type AgentReplyService = Pick<ChatService, 'initialize'>;\n\n/\n Internal agent-runtime entry point: emit an ASSISTANT/TOOL message authored\n * as the session's agent (S5 #1392).\n \n NOT re-exported from `src/index.ts`. Only in-process, trusted agent-runtime\n * code that imports this module path directly can author messages as the agent;\n * route handlers and package consumers (which import from the package index)\n * cannot. The author is always `session.agentId`, never a caller-supplied\n * sender/role, and tool calls are gated fail-closed against `allowedTools`.\n \n Because this lives in the same module as {@link ChatService}, reaching the\n * symbol-keyed bridge (and through it the `private` method) is the owning\n * module's sanctioned \"friend\" access, not an external private reach-in.\n */\nexport function sendAgentReply(\n service: AgentReplyService,\n params: AgentReplyParams,\n) {\n return ChatService[RUN_AGENT_REPLY](service, params);\n}\n"],"names":["__decorateClass","tenantId"],"mappings":";;;;;;;;;;;;;;;AA0BO,IAAM,eAAN,cAA2B,WAAW;AAAA,EAc3C,WAA0B;AAAA,EAG1B,UAAkB;AAAA,EAGlB,uBAA+B;AAAA,EAG/B,aAA4B;AAAA,EAG5B,SAA6B;AAAA,EAI7B,eAAuB;AAAA,EAIvB,iBAAyB;AAAA,EAIzB,eAAuB;AAAA,EAGvB,eAAuB;AAAA,EAEvB,kBAA0B;AAAA,EAE1B,YAAoB;AAAA,EAEpB,cAAsB;AAAA,EAGtB,gBAA6B;AAAA,EAE7B,YAAyB;AAAA,EAEzB,WAAwB;AAAA,EAExB,YAAY,UAA+B,IAAI;AAC7C,UAAM,OAAO;AACb,QAAI,QAAQ,aAAa,OAAW,MAAK,WAAW,QAAQ;AAC5D,QAAI,QAAQ,YAAY,OAAW,MAAK,UAAU,QAAQ;AAC1D,QAAI,QAAQ,yBAAyB;AACnC,WAAK,uBAAuB,QAAQ;AACtC,QAAI,QAAQ,eAAe,OAAW,MAAK,aAAa,QAAQ;AAChE,QAAI,QAAQ,WAAW,OAAW,MAAK,SAAS,QAAQ;AACxD,QAAI,QAAQ,iBAAiB;AAC3B,WAAK,eAAe,QAAQ;AAC9B,QAAI,QAAQ,mBAAmB;AAC7B,WAAK,iBAAiB,QAAQ;AAChC,QAAI,QAAQ,iBAAiB;AAC3B,WAAK,eAAe,QAAQ;AAC9B,QAAI,QAAQ,iBAAiB;AAC3B,WAAK,eAAe,QAAQ;AAC9B,QAAI,QAAQ,oBAAoB;AAC9B,WAAK,kBAAkB,QAAQ;AACjC,QAAI,QAAQ,cAAc,OAAW,MAAK,YAAY,QAAQ;AAC9D,QAAI,QAAQ,gBAAgB;AAC1B,WAAK,cAAc,QAAQ;AAC7B,QAAI,QAAQ,kBAAkB;AAC5B,WAAK,gBAAgB,QAAQ;AAC/B,QAAI,QAAQ,cAAc,OAAW,MAAK,YAAY,QAAQ;AAC9D,QAAI,QAAQ,aAAa,OAAW,MAAK,WAAW,QAAQ;AAAA,EAC9D;AAAA,EAEA,kBAA4B;AAC1B,QAAI;AACF,YAAM,SAAS,KAAK,MAAM,KAAK,YAAY;AAC3C,aAAO,MAAM,QAAQ,MAAM,IACvB,OAAO,OAAO,CAAC,MAAmB,OAAO,MAAM,QAAQ,IACvD,CAAA;AAAA,IACN,QAAQ;AACN,aAAO,CAAA;AAAA,IACT;AAAA,EACF;AAAA,EAEA,gBAAgB,OAAuB;AACrC,SAAK,eAAe,KAAK,UAAU,KAAK;AAAA,EAC1C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,cAAc,UAA2B;AACvC,QAAI,OAAO,aAAa,YAAY,SAAS,WAAW,EAAG,QAAO;AAClE,WAAO,KAAK,kBAAkB,SAAS,QAAQ;AAAA,EACjD;AAAA,EAEA,WAAoB;AAClB,QAAI,KAAK,WAAW,SAAU,QAAO;AACrC,QAAI,KAAK,aAAa,oBAAI,UAAU,KAAK,UAAW,QAAO;AAC3D,QAAI,KAAK,cAAc,KAAK,KAAK,gBAAgB,KAAK;AACpD,aAAO;AACT,QAAI,KAAK,YAAY,KAAK,KAAK,mBAAmB,KAAK;AACrD,aAAO;AACT,WAAO;AAAA,EACT;AAAA,EAEA,YAAqB;AACnB,WAAO,KAAK,cAAc,QAAQ,oBAAI,KAAA,KAAU,KAAK;AAAA,EACvD;AAAA,EAEA,MAAM,QAAuB;AAC3B,SAAK,SAAS;AACd,SAAK,+BAAe,KAAA;AACpB,UAAM,KAAK,KAAA;AAAA,EACb;AAAA,EAEA,MAAM,SAAwB;AAC5B,SAAK,SAAS;AACd,SAAK,+BAAe,KAAA;AACpB,UAAM,KAAK,KAAA;AAAA,EACb;AAAA,EAEA,oBAA6C;AAC3C,QAAI;AACF,aAAO,KAAK,MAAM,KAAK,cAAc;AAAA,IACvC,QAAQ;AACN,aAAO,CAAA;AAAA,IACT;AAAA,EACF;AAAA,EAEA,kBAAkB,KAAoC;AACpD,SAAK,iBAAiB,KAAK,UAAU,GAAG;AAAA,EAC1C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,gBAA+B;AAC7B,UAAM,QACJ,KAAK,kBAAA,EAAoB,aAAa,yBAAyB;AACjE,WAAO,OAAO,UAAU,YAAY,MAAM,SAAS,IAAI,QAAQ;AAAA,EACjE;AAAA,EAEA,MAAM,qBAAqB,SAAiD;AAC1E,UAAM,UAAU,KAAK,kBAAA;AACrB,SAAK,iBAAiB,KAAK,UAAU,EAAE,GAAG,SAAS,GAAG,SAAS;AAC/D,UAAM,KAAK,KAAA;AAAA,EACb;AAAA,EAEA,MAAM,cAAc,aAAqB,GAAkB;AACzD,SAAK;AACL,SAAK,mBAAmB;AACxB,SAAK,oCAAoB,KAAA;AACzB,UAAM,KAAK,KAAA;AAAA,EACb;AACF;AAlKE,cAXW,cAWK,6BAA4B,cAAA;AAG5CA,kBAAA;AAAA,EADC,SAAS,EAAE,UAAU,KAAA,CAAM;AAAA,GAbjB,aAcX,WAAA,YAAA,CAAA;AAGAA,kBAAA;AAAA,EADC,MAAM,EAAE,UAAU,KAAA,CAAM;AAAA,GAhBd,aAiBX,WAAA,WAAA,CAAA;AAGAA,kBAAA;AAAA,EADC,gBAAgB,wCAAwC,EAAE,UAAU,MAAM;AAAA,GAnBhE,aAoBX,WAAA,wBAAA,CAAA;AAGAA,kBAAA;AAAA,EADC,WAAW,UAAU;AAAA,GAtBX,aAuBX,WAAA,cAAA,CAAA;AAGAA,kBAAA;AAAA,EADC,MAAM,EAAE,UAAU,KAAA,CAAM;AAAA,GAzBd,aA0BX,WAAA,UAAA,CAAA;AAIAA,kBAAA;AAAA,EADC,MAAA;AAAM,GA7BI,aA8BX,WAAA,gBAAA,CAAA;AAIAA,kBAAA;AAAA,EADC,MAAA;AAAM,GAjCI,aAkCX,WAAA,kBAAA,CAAA;AAIAA,kBAAA;AAAA,EADC,MAAA;AAAM,GArCI,aAsCX,WAAA,gBAAA,CAAA;AAGAA,kBAAA;AAAA,EADC,MAAA;AAAM,GAxCI,aAyCX,WAAA,gBAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GA1CI,aA2CX,WAAA,mBAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GA5CI,aA6CX,WAAA,aAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GA9CI,aA+CX,WAAA,eAAA,CAAA;AAGAA,kBAAA;AAAA,EADC,MAAA;AAAM,GAjDI,aAkDX,WAAA,iBAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GAnDI,aAoDX,WAAA,aAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GArDI,aAsDX,WAAA,YAAA,CAAA;AAtDW,eAANA,kBAAA;AAAA,EAPN,aAAa,EAAE,MAAM,YAAY;AAAA,EACjC,KAAK;AAAA,IACJ,WAAW;AAAA,IACX,KAAK,EAAE,SAAS,CAAC,QAAQ,KAAK,EAAA;AAAA,IAC9B,KAAK,EAAE,SAAS,CAAC,QAAQ,KAAK,EAAA;AAAA,IAC9B,KAAK;AAAA,EAAA,CACN;AAAA,GACY,YAAA;;;;;;;;;;;ACGN,IAAM,cAAN,cAA0B,WAAW;AAAA,EAE1C,WAAmB;AAAA,EAGnB,SAAiB;AAAA,EAEjB,WAA0B;AAAA,EAE1B,kBAA0B;AAAA,EAE1B,iBAAgC;AAAA,EAGhC,UAAkB;AAAA,EAElB,cAA+B;AAAA,EAE/B,OAAwB;AAAA,EAGxB,WAAoB;AAAA,EAEpB,WAAwB;AAAA,EAExB,YAAqB;AAAA,EAErB,mBAAkC;AAAA,EAGlC,WAAmB;AAAA,EAEnB,eAA8B;AAAA,EAE9B,cAAsB;AAAA,EAEtB,YAAY,UAA8B,IAAI;AAC5C,UAAM,OAAO;AACb,QAAI,QAAQ,aAAa,OAAW,MAAK,WAAW,QAAQ;AAC5D,QAAI,QAAQ,WAAW,OAAW,MAAK,SAAS,QAAQ;AACxD,QAAI,QAAQ,aAAa,OAAW,MAAK,WAAW,QAAQ;AAC5D,QAAI,QAAQ,oBAAoB;AAC9B,WAAK,kBAAkB,QAAQ;AACjC,QAAI,QAAQ,mBAAmB;AAC7B,WAAK,iBAAiB,QAAQ;AAChC,QAAI,QAAQ,YAAY,OAAW,MAAK,UAAU,QAAQ;AAC1D,QAAI,QAAQ,gBAAgB;AAC1B,WAAK,cAAc,QAAQ;AAC7B,QAAI,QAAQ,SAAS,OAAW,MAAK,OAAO,QAAQ;AACpD,QAAI,QAAQ,aAAa,OAAW,MAAK,WAAW,QAAQ;AAC5D,QAAI,QAAQ,aAAa,OAAW,MAAK,WAAW,QAAQ;AAC5D,QAAI,QAAQ,cAAc,OAAW,MAAK,YAAY,QAAQ;AAC9D,QAAI,QAAQ,qBAAqB;AAC/B,WAAK,mBAAmB,QAAQ;AAClC,QAAI,QAAQ,aAAa;AACvB,WAAK,WACH,OAAO,QAAQ,aAAa,WACxB,QAAQ,WACR,KAAK,UAAU,QAAQ,QAAQ;AACvC,QAAI,QAAQ,iBAAiB;AAC3B,WAAK,eACH,QAAQ,iBAAiB,OACrB,OACA,OAAO,QAAQ,iBAAiB,WAC9B,QAAQ,eACR,KAAK,UAAU,QAAQ,YAAY;AAC7C,QAAI,QAAQ,gBAAgB;AAC1B,WAAK,cAAc,QAAQ;AAAA,EAC/B;AAAA,EAEA,iBAMG;AACD,QAAI;AACF,aAAO,KAAK,MAAM,KAAK,WAAW;AAAA,IACpC,QAAQ;AACN,aAAO,CAAA;AAAA,IACT;AAAA,EACF;AAAA,EAEA,eACE,OAOM;AACN,SAAK,cAAc,KAAK,UAAU,KAAK;AAAA,EACzC;AAAA,EAEA,cAAuC;AACrC,QAAI;AACF,aAAO,KAAK,MAAM,KAAK,QAAQ;AAAA,IACjC,QAAQ;AACN,aAAO,CAAA;AAAA,IACT;AAAA,EACF;AAAA,EAEA,YAAY,MAAqC;AAC/C,SAAK,WAAW,KAAK,UAAU,IAAI;AAAA,EACrC;AAAA,EAEA,kBAAkD;AAChD,QAAI,CAAC,KAAK,aAAc,QAAO;AAC/B,QAAI;AACF,aAAO,KAAK,MAAM,KAAK,YAAY;AAAA,IACrC,QAAQ;AACN,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEA,gBAAgB,MAA4C;AAC1D,SAAK,eAAe,OAAO,KAAK,UAAU,IAAI,IAAI;AAAA,EACpD;AAAA,EAEA,iBAA0B;AACxB,WAAO,KAAK,iBAAiB,SAAS;AAAA,EACxC;AAAA,EAEA,aAAsB;AACpB,WAAO,KAAK,gBAAgB;AAAA,EAC9B;AAAA,EAEA,eAAwB;AACtB,WAAO,KAAK,gBAAgB;AAAA,EAC9B;AAAA,EAEA,cAAuB;AACrB,WAAO,KAAK,SAAS;AAAA,EACvB;AAAA,EAEA,kBAA2B;AACzB,WAAO,KAAK,SAAS;AAAA,EACvB;AAAA,EAEA,MAAM,KAAK,YAAmC;AAC5C,SAAK,UAAU;AACf,SAAK,WAAW;AAChB,SAAK,+BAAe,KAAA;AACpB,UAAM,KAAK,KAAA;AAAA,EACb;AAAA,EAEA,MAAM,aAA4B;AAChC,SAAK,YAAY;AACjB,SAAK,UAAU;AACf,UAAM,KAAK,KAAA;AAAA,EACb;AAAA,EAEA,WAAW,YAAY,KAAa;AAClC,QAAI,KAAK,UAAW,QAAO;AAC3B,UAAM,OAAO,KAAK,WAAW;AAC7B,QAAI,KAAK,UAAU,UAAW,QAAO;AACrC,WAAO,GAAG,KAAK,MAAM,GAAG,SAAS,CAAC;AAAA,EACpC;AACF;AA9JEA,kBAAA;AAAA,EADC,SAAA;AAAS,GADC,YAEX,WAAA,YAAA,CAAA;AAGAA,kBAAA;AAAA,EADC,WAAW,YAAY,EAAE,UAAU,MAAM;AAAA,GAJ/B,YAKX,WAAA,UAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,WAAW,YAAY;AAAA,GANb,YAOX,WAAA,YAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,gBAAgB,wCAAwC,EAAE,UAAU,MAAM;AAAA,GARhE,YASX,WAAA,mBAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,WAAW,cAAc;AAAA,GAVf,YAWX,WAAA,kBAAA,CAAA;AAGAA,kBAAA;AAAA,EADC,MAAA;AAAM,GAbI,YAcX,WAAA,WAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAM,EAAE,UAAU,KAAA,CAAM;AAAA,GAfd,YAgBX,WAAA,eAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAM,EAAE,UAAU,KAAA,CAAM;AAAA,GAjBd,YAkBX,WAAA,QAAA,CAAA;AAGAA,kBAAA;AAAA,EADC,MAAA;AAAM,GApBI,YAqBX,WAAA,YAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GAtBI,YAuBX,WAAA,YAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GAxBI,YAyBX,WAAA,aAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,WAAW,aAAa;AAAA,GA1Bd,YA2BX,WAAA,oBAAA,CAAA;AAGAA,kBAAA;AAAA,EADC,MAAA;AAAM,GA7BI,YA8BX,WAAA,YAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GA/BI,YAgCX,WAAA,gBAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GAjCI,YAkCX,WAAA,eAAA,CAAA;AAlCW,cAANA,kBAAA;AAAA,EAPN,aAAa,EAAE,MAAM,YAAY;AAAA,EACjC,KAAK;AAAA,IACJ,WAAW;AAAA,IACX,KAAK,EAAE,SAAS,CAAC,QAAQ,KAAK,EAAA;AAAA,IAC9B,KAAK,EAAE,SAAS,CAAC,QAAQ,KAAK,EAAA;AAAA,IAC9B,KAAK;AAAA,EAAA,CACN;AAAA,GACY,WAAA;;;;;;;;;;;ACCN,IAAM,kBAAN,cAA8B,WAAW;AAAA,EAE9C,WAAmB;AAAA,EAGnB,SAAiB;AAAA,EAEjB,YAAoB;AAAA,EAEpB,OAA4B;AAAA,EAE5B,SAAgC;AAAA,EAEhC,eAA6B;AAAA,EAE7B,oBAAmC;AAAA,EAEnC,aAA0B;AAAA,EAE1B,WAAwB;AAAA,EAExB,WAAmB;AAAA,EAEnB,UAAmB;AAAA,EAEnB,WAAoB;AAAA,EAEpB,YAAY,UAAkC,IAAI;AAChD,UAAM,OAAO;AACb,QAAI,QAAQ,aAAa,OAAW,MAAK,WAAW,QAAQ;AAC5D,QAAI,QAAQ,WAAW,OAAW,MAAK,SAAS,QAAQ;AACxD,QAAI,QAAQ,cAAc,OAAW,MAAK,YAAY,QAAQ;AAC9D,QAAI,QAAQ,SAAS,OAAW,MAAK,OAAO,QAAQ;AACpD,QAAI,QAAQ,WAAW,OAAW,MAAK,SAAS,QAAQ;AACxD,QAAI,QAAQ,iBAAiB;AAC3B,WAAK,eAAe,QAAQ;AAC9B,QAAI,QAAQ,sBAAsB;AAChC,WAAK,oBAAoB,QAAQ;AACnC,QAAI,QAAQ,eAAe,OAAW,MAAK,aAAa,QAAQ;AAChE,QAAI,QAAQ,aAAa,OAAW,MAAK,WAAW,QAAQ;AAC5D,QAAI,QAAQ,aAAa,OAAW,MAAK,WAAW,QAAQ;AAC5D,QAAI,QAAQ,YAAY,OAAW,MAAK,UAAU,QAAQ;AAC1D,QAAI,QAAQ,aAAa,OAAW,MAAK,WAAW,QAAQ;AAAA,EAC9D;AAAA,EAEA,WAAoB;AAClB,WAAO,KAAK,WAAW;AAAA,EACzB;AAAA,EAEA,UAAmB;AACjB,WAAO,KAAK,SAAS;AAAA,EACvB;AAAA,EAEA,UAAmB;AACjB,WAAO,KAAK,SAAS,WAAW,KAAK,SAAS;AAAA,EAChD;AAAA,EAEA,MAAM,SAAS,WAAkC;AAC/C,SAAK,oBAAoB;AACzB,SAAK,iCAAiB,KAAA;AACtB,UAAM,KAAK,KAAA;AAAA,EACb;AAAA,EAEA,MAAM,QAAuB;AAC3B,SAAK,SAAS;AACd,UAAM,KAAK,KAAA;AAAA,EACb;AAAA,EAEA,MAAM,UAAU,QAAqC;AACnD,SAAK,eAAe;AACpB,SAAK,iCAAiB,KAAA;AACtB,UAAM,KAAK,KAAA;AAAA,EACb;AACF;AAvEEA,kBAAA;AAAA,EADC,SAAA;AAAS,GADC,gBAEX,WAAA,YAAA,CAAA;AAGAA,kBAAA;AAAA,EADC,WAAW,YAAY,EAAE,UAAU,MAAM;AAAA,GAJ/B,gBAKX,WAAA,UAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,gBAAgB,wCAAwC,EAAE,UAAU,MAAM;AAAA,GANhE,gBAOX,WAAA,aAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAM,EAAE,UAAU,KAAA,CAAM;AAAA,GARd,gBASX,WAAA,QAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAM,EAAE,UAAU,KAAA,CAAM;AAAA,GAVd,gBAWX,WAAA,UAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAM,EAAE,UAAU,KAAA,CAAM;AAAA,GAZd,gBAaX,WAAA,gBAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,WAAW,aAAa;AAAA,GAdd,gBAeX,WAAA,qBAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GAhBI,gBAiBX,WAAA,cAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GAlBI,gBAmBX,WAAA,YAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GApBI,gBAqBX,WAAA,YAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GAtBI,gBAuBX,WAAA,WAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GAxBI,gBAyBX,WAAA,YAAA,CAAA;AAzBW,kBAANA,kBAAA;AAAA,EAPN,aAAa,EAAE,MAAM,YAAY;AAAA,EACjC,KAAK;AAAA,IACJ,WAAW;AAAA,IACX,KAAK,EAAE,SAAS,CAAC,QAAQ,KAAK,EAAA;AAAA,IAC9B,KAAK,EAAE,SAAS,CAAC,QAAQ,KAAK,EAAA;AAAA,IAC9B,KAAK;AAAA,EAAA,CACN;AAAA,GACY,eAAA;;;;;;;;;;;ACJN,IAAM,eAAN,cAA2B,WAAW;AAAA,EAE3C,WAAmB;AAAA,EAGnB,YAAoB;AAAA,EAEpB,YAAoB;AAAA,EAEpB,QAAgB;AAAA,EAEhB,YAAY,UAA+B,IAAI;AAC7C,UAAM,OAAO;AACb,QAAI,QAAQ,aAAa,OAAW,MAAK,WAAW,QAAQ;AAC5D,QAAI,QAAQ,cAAc,OAAW,MAAK,YAAY,QAAQ;AAC9D,QAAI,QAAQ,cAAc,OAAW,MAAK,YAAY,QAAQ;AAC9D,QAAI,QAAQ,UAAU,OAAW,MAAK,QAAQ,QAAQ;AAAA,EACxD;AACF;AAhBEA,kBAAA;AAAA,EADC,SAAA;AAAS,GADC,aAEX,WAAA,YAAA,CAAA;AAGAA,kBAAA;AAAA,EADC,WAAW,eAAe,EAAE,UAAU,MAAM;AAAA,GAJlC,aAKX,WAAA,aAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,gBAAgB,wCAAwC,EAAE,UAAU,MAAM;AAAA,GANhE,aAOX,WAAA,aAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAM,EAAE,UAAU,KAAA,CAAM;AAAA,GARd,aASX,WAAA,SAAA,CAAA;AATW,eAANA,kBAAA;AAAA,EAPN,aAAa,EAAE,MAAM,YAAY;AAAA,EACjC,KAAK;AAAA,IACJ,WAAW;AAAA,IACX,KAAK,EAAE,SAAS,CAAC,MAAM,EAAA;AAAA,IACvB,KAAK,EAAE,SAAS,CAAC,MAAM,EAAA;AAAA,IACvB,KAAK;AAAA,EAAA,CACN;AAAA,GACY,YAAA;;;;;;;;;;;ACWN,IAAM,WAAN,cAAuB,WAAW;AAAA,EAEvC,WAAmB;AAAA,EAGnB,OAAe;AAAA,EAEf,cAAsB;AAAA,EAEtB,WAAyB;AAAA,EAEzB,SAAyB;AAAA,EAEzB,QAAgB;AAAA,EAEhB,YAAoB;AAAA,EAEpB,aAAsB;AAAA,EAEtB,kBAA0B;AAAA,EAE1B,WAAmB;AAAA,EAEnB,qBAA6B;AAAA,EAE7B,gBAA6B;AAAA,EAE7B,YAAY,UAA2B,IAAI;AACzC,UAAM,OAAO;AACb,QAAI,QAAQ,aAAa,OAAW,MAAK,WAAW,QAAQ;AAC5D,QAAI,QAAQ,SAAS,OAAW,MAAK,OAAO,QAAQ;AACpD,QAAI,QAAQ,gBAAgB;AAC1B,WAAK,cAAc,QAAQ;AAC7B,QAAI,QAAQ,aAAa,OAAW,MAAK,WAAW,QAAQ;AAC5D,QAAI,QAAQ,WAAW,OAAW,MAAK,SAAS,QAAQ;AACxD,QAAI,QAAQ,UAAU,OAAW,MAAK,QAAQ,QAAQ;AACtD,QAAI,QAAQ,cAAc,OAAW,MAAK,YAAY,QAAQ;AAC9D,QAAI,QAAQ,eAAe,OAAW,MAAK,aAAa,QAAQ;AAChE,QAAI,QAAQ,oBAAoB;AAC9B,WAAK,kBAAkB,QAAQ;AACjC,QAAI,QAAQ,aAAa;AACvB,WAAK,WACH,OAAO,QAAQ,aAAa,WACxB,QAAQ,WACR,KAAK,UAAU,QAAQ,QAAQ;AACvC,QAAI,QAAQ,uBAAuB;AACjC,WAAK,qBAAqB,QAAQ;AACpC,QAAI,QAAQ,kBAAkB;AAC5B,WAAK,gBAAgB,QAAQ;AAAA,EACjC;AAAA,EAEA,cAAgC;AAC9B,QAAI;AACF,aAAO,KAAK,MAAM,KAAK,QAAQ;AAAA,IACjC,QAAQ;AACN,aAAO,CAAA;AAAA,IACT;AAAA,EACF;AAAA,EAEA,YAAY,MAA8B;AACxC,SAAK,WAAW,KAAK,UAAU,IAAI;AAAA,EACrC;AAAA,EAEA,eAAe,SAAiC;AAC9C,UAAM,UAAU,KAAK,YAAA;AACrB,SAAK,WAAW,KAAK,UAAU,EAAE,GAAG,SAAS,GAAG,SAAS;AAAA,EAC3D;AAAA,EAEA,OAAgB;AACd,WAAO,KAAK,aAAa;AAAA,EAC3B;AAAA,EAEA,cAAuB;AACrB,WAAO,KAAK,aAAa;AAAA,EAC3B;AAAA,EAEA,WAAoB;AAClB,WAAO,KAAK,aAAa;AAAA,EAC3B;AAAA,EAEA,WAAoB;AAClB,WAAO,KAAK,WAAW;AAAA,EACzB;AAAA,EAEA,MAAM,UAAyB;AAC7B,SAAK,aAAa;AAClB,SAAK,SAAS;AACd,UAAM,KAAK,KAAA;AAAA,EACb;AAAA,EAEA,MAAM,YAA2B;AAC/B,SAAK,aAAa;AAClB,SAAK,SAAS;AACd,UAAM,KAAK,KAAA;AAAA,EACb;AACF;AA7FEA,kBAAA;AAAA,EADC,SAAA;AAAS,GADC,SAEX,WAAA,YAAA,CAAA;AAGAA,kBAAA;AAAA,EADC,MAAA;AAAM,GAJI,SAKX,WAAA,QAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GANI,SAOX,WAAA,eAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAM,EAAE,UAAU,KAAA,CAAM;AAAA,GARd,SASX,WAAA,YAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAM,EAAE,UAAU,KAAA,CAAM;AAAA,GAVd,SAWX,WAAA,UAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GAZI,SAaX,WAAA,SAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GAdI,SAeX,WAAA,aAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GAhBI,SAiBX,WAAA,cAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GAlBI,SAmBX,WAAA,mBAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GApBI,SAqBX,WAAA,YAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,gBAAgB,sCAAsC;AAAA,GAtB5C,SAuBX,WAAA,sBAAA,CAAA;AAEAA,kBAAA;AAAA,EADC,MAAA;AAAM,GAxBI,SAyBX,WAAA,iBAAA,CAAA;AAzBW,WAANA,kBAAA;AAAA,EAPN,aAAa,EAAE,MAAM,YAAY;AAAA,EACjC,KAAK;AAAA,IACJ,WAAW;AAAA,IACX,KAAK,EAAE,SAAS,CAAC,QAAQ,KAAK,EAAA;AAAA,IAC9B,KAAK,EAAE,SAAS,CAAC,QAAQ,KAAK,EAAA;AAAA,IAC9B,KAAK;AAAA,EAAA,CACN;AAAA,GACY,QAAA;;;;;;;;;;;AClBN,IAAM,aAAN,cAAyB,WAAW;AAAA,EAEzC,WAAmB;AAAA,EAGnB,SAAiB;AAAA,EAMjB,gBAA+B;AAAA,EAE/B,QAAgB;AAAA,EAEhB,aAAsB;AAAA,EAEtB,eAAuB;AAAA,EAEvB,gBAA6B;AAAA,EAE7B,mBAA2B;AAAA,EAE3B,YAAY,UAA6B,IAAI;AAC3C,UAAM,OAAO;AACb,QAAI,QAAQ,aAAa,OAAW,MAAK,WAAW,QAAQ;AAC5D,QAAI,QAAQ,WAAW,OAAW,MAAK,SAAS,QAAQ;AACxD,QAAI,QAAQ,kBAAkB;AAC5B,WAAK,gBAAgB,QAAQ;AAC/B,QAAI,QAAQ,UAAU,OAAW,MAAK,QAAQ,QAAQ;AACtD,QAAI,QAAQ,eAAe,OAAW,MAAK,aAAa,QAAQ;AAChE,QAAI,QAAQ,iBAAiB;AAC3B,WAAK,eAAe,QAAQ;AAC9B,QAAI,QAAQ,kBAAkB;AAC5B,WAAK,gBAAgB,QAAQ;AAC/B,QAAI,QAAQ,qBAAqB;AAC/B,WAAK,mBAAmB,QAAQ;AAAA,EACpC;AAAA,EAEA,MAAM,UAAyB;AAC7B,SAAK,aAAa;AAClB,UAAM,KAAK,KAAA;AAAA,EACb;AAAA,EAEA,MAAM,SAAwB;AAC5B,SAAK,aAAa;AAClB,UAAM,KAAK,KAAA;AAAA,EACb;AACF;AA9CE,gBAAA;AAAA,EADC,SAAA;AAAS,GADC,WAEX,WAAA,YAAA,CAAA;AAGA,gBAAA;AAAA,EADC,WAAW,YAAY,EAAE,UAAU,MAAM;AAAA,GAJ/B,WAKX,WAAA,UAAA,CAAA;AAMA,gBAAA;AAAA,EADC,WAAW,eAAe,EAAE,UAAU,MAAM;AAAA,GAVlC,WAWX,WAAA,iBAAA,CAAA;AAEA,gBAAA;AAAA,EADC,MAAA;AAAM,GAZI,WAaX,WAAA,SAAA,CAAA;AAEA,gBAAA;AAAA,EADC,MAAA;AAAM,GAdI,WAeX,WAAA,cAAA,CAAA;AAEA,gBAAA;AAAA,EADC,MAAA;AAAM,GAhBI,WAiBX,WAAA,gBAAA,CAAA;AAEA,gBAAA;AAAA,EADC,MAAA;AAAM,GAlBI,WAmBX,WAAA,iBAAA,CAAA;AAEA,gBAAA;AAAA,EADC,MAAA;AAAM,GApBI,WAqBX,WAAA,oBAAA,CAAA;AArBW,aAAN,gBAAA;AAAA,EAPN,aAAa,EAAE,MAAM,YAAY;AAAA,EACjC,KAAK;AAAA,IACJ,WAAW;AAAA,IACX,KAAK,EAAE,SAAS,CAAC,QAAQ,KAAK,EAAA;AAAA,IAC9B,KAAK,EAAE,SAAS,CAAC,QAAQ,KAAK,EAAA;AAAA,IAC9B,KAAK;AAAA,EAAA,CACN;AAAA,GACY,UAAA;AChBN,MAAM,+BAA+B,eAA6B;AAAA,EACvE,OAAgB,aAAa;AAAA,EAE7B,MAAM,wBACJ,sBACyB;AACzB,UAAM,WAAW,MAAM,KAAK,KAAK;AAAA,MAC/B,OAAO,EAAE,sBAAsB,QAAQ,SAAA;AAAA,IAAS,CACjD;AACD,WAAO,SAAS,OAAO,CAAC,MAAM,EAAE,UAAU;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAmBA,MAAM,kBACJ,SACA,sBACAC,WACA,YAC8B;AAC9B,UAAM,QAAiC;AAAA,MACrC;AAAA,MACA;AAAA,MACA,QAAQ;AAAA,MACR,UAAAA;AAAA,IAAA;AAEF,UAAM,WAAW,MAAM,KAAK,KAAK,EAAE,OAAO;AAC1C,UAAM,SAAS,SAAS;AAAA,MACtB,CAAC,MACC,EAAE,SAAA,MACD,eAAe,UACd,EAAE,cAAA,OAAqB,cAAc;AAAA,IAAA;AAE3C,WAAO,UAAU;AAAA,EACnB;AAAA,EAEA,MAAM,aAAa,QAaO;AACxB,UAAM,WAAW,MAAM,KAAK;AAAA,MAC1B,OAAO;AAAA,MACP,OAAO;AAAA,MACP,OAAO;AAAA,MACP,OAAO;AAAA,IAAA;AAET,QAAI,SAAU,QAAO;AAErB,UAAM,iBACJ,OAAO,cAAc,OACjB,KAAK,UAAU;AAAA,MACb,CAAC,aAAa,yBAAyB,GAAG,OAAO;AAAA,IAAA,CAClD,IACD;AAEN,UAAM,UAAU,MAAM,KAAK,OAAO;AAAA,MAChC,SAAS,OAAO;AAAA,MAChB,sBAAsB,OAAO;AAAA,MAC7B,UAAU,OAAO,YAAY;AAAA,MAC7B,cAAc,KAAK,UAAU,OAAO,gBAAgB,CAAA,CAAE;AAAA,MACtD,YAAY,OAAO,cAAc;AAAA,MACjC,cAAc,OAAO,gBAAgB;AAAA,MACrC,QAAQ;AAAA,MACR,GAAI,mBAAmB,SAAY,EAAE,mBAAmB,CAAA;AAAA,IAAC,CAC1D;AACD,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,YAAY,SAA0C;AAC1D,WAAO,KAAK,KAAK,EAAE,OAAO,EAAE,QAAA,GAAW;AAAA,EACzC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAeA,MAAM,YACJ,WACA,OACiB;AACjB,UAAM,YAAqC,EAAE,QAAQ,SAAA;AACrD,QAAI,OAAO,aAAa,OAAW,WAAU,WAAW,MAAM;AAC9D,QAAI,OAAO,YAAY,OAAW,WAAU,UAAU,MAAM;AAG5D,UAAM,gBAAgB,MAAM,KAAK,KAAK;AAAA,MACpC,OAAO,EAAE,GAAG,WAAW,mBAAmB,UAAA;AAAA,IAAU,CACrD;AAGD,UAAM,gBAAgB,MAAM,KAAK,KAAK;AAAA,MACpC,OAAO,EAAE,GAAG,WAAW,eAAe,MAAM,gBAAgB,UAAA;AAAA,IAAU,CACvE;AAED,UAAM,2BAAW,IAAA;AACjB,QAAI,UAAU;AACd,eAAW,WAAW,CAAC,GAAG,eAAe,GAAG,aAAa,GAAG;AAC1D,YAAM,KAAK,QAAQ;AACnB,UAAI,CAAC,MAAM,KAAK,IAAI,EAAE,EAAG;AACzB,WAAK,IAAI,EAAE;AACX,YAAM,QAAQ,OAAA;AACd;AAAA,IACF;AACA,WAAO;AAAA,EACT;AACF;AC1IO,MAAM,8BAA8B,eAA4B;AAAA,EACrE,OAAgB,aAAa;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAe7B,MAAM,UACJ,QACAA,WACA,SACwB;AACxB,UAAM,QAAiC;AAAA,MACrC;AAAA,MACA,UAAAA;AAAA,MACA,WAAW;AAAA,MACX,UAAU;AAAA,IAAA;AAOZ,QAAI,SAAS,QAAQ;AACnB,YAAM,YAAY,MAAM,KAAK,IAAI;AAAA,QAC/B,IAAI,QAAQ;AAAA,QACZ;AAAA,QACA,UAAAA;AAAA,QACA,WAAW;AAAA,QACX,UAAU;AAAA,MAAA,CACX;AACD,UAAI,WAAW,YAAY;AACzB,cAAM,cAAc,IAAI,UAAU;AAAA,MACpC;AAAA,IACF;AAEA,WAAO,KAAK,KAAK;AAAA,MACf;AAAA,MACA,SAAS;AAAA,MACT,OAAO,SAAS;AAAA,IAAA,CACjB;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,YACJ,UACAA,WACwB;AACxB,WAAO,KAAK,KAAK,EAAE,OAAO,EAAE,UAAU,UAAAA,WAAU,WAAW,MAAA,GAAS;AAAA,EACtE;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,kBACJ,gBACAA,WACwB;AACxB,WAAO,KAAK,KAAK,EAAE,OAAO,EAAE,gBAAgB,UAAAA,WAAU,WAAW,MAAA,GAAS;AAAA,EAC5E;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAqBA,MAAM,OACJ,SACwB;AACxB,UAAM,QAAiC;AAAA,MACrC,UAAU,QAAQ;AAAA,MAClB,WAAW;AAAA,IAAA;AAEb,QAAI,QAAQ,OAAQ,OAAM,SAAS,QAAQ;AAC3C,QAAI,QAAQ,SAAU,OAAM,WAAW,QAAQ;AAC/C,QAAI,QAAQ;AACV,YAAM,kBAAkB,QAAQ;AAClC,QAAI,QAAQ,YAAa,OAAM,cAAc,QAAQ;AACrD,QAAI,QAAQ,KAAM,OAAM,OAAO,QAAQ;AACvC,QAAI,QAAQ,MAAO,OAAM,cAAc,IAAI,IAAI,QAAQ,KAAK;AAC5D,QAAI,QAAQ,UAAW,OAAM,eAAe,IAAI,QAAQ;AACxD,QAAI,QAAQ,WAAY,OAAM,cAAc,IAAI,QAAQ;AAExD,UAAM,QAAQ,QAAQ,SAAS;AAM/B,QAAI,QAAQ,mBAAmB,MAAM;AACnC,YAAM,gBAAgB,IAAI;AAAA,IAC5B,WAAW,QAAQ,mBAAmB,OAAO;AAC3C,YAAM,cAAc;AAAA,IACtB;AAEA,UAAM,WAAW,MAAM,KAAK,KAAK;AAAA,MAC/B;AAAA,MACA,SAAS;AAAA,MACT;AAAA,IAAA,CACD;AAKD,QAAI,QAAQ,mBAAmB,QAAW;AACxC,aAAO,SACJ,OAAO,CAAC,MAAM,EAAE,qBAAqB,QAAQ,cAAc,EAC3D,MAAM,GAAG,KAAK;AAAA,IACnB;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,MAAM,eACJ,QACAA,WACA,mBACiB;AACjB,UAAM,OAAO,EAAE,QAAQ,UAAAA,WAAU,WAAW,OAAO,UAAU,KAAA;AAE7D,QAAI,CAAC,kBAAmB,QAAO,KAAK,MAAM,EAAE,OAAO,MAAM;AAKzD,UAAM,cAAc,MAAM,KAAK,IAAI;AAAA,MACjC,IAAI;AAAA,MACJ;AAAA,MACA,UAAAA;AAAA,MACA,WAAW;AAAA,MACX,UAAU;AAAA,IAAA,CACX;AACD,QAAI,CAAC,aAAa,WAAY,QAAO,KAAK,MAAM,EAAE,OAAO,MAAM;AAE/D,WAAO,KAAK,MAAM;AAAA,MAChB,OAAO,EAAE,GAAG,MAAM,gBAAgB,YAAY,WAAA;AAAA,IAAW,CAC1D;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,MAAM,iBACJ,SACAA,WACmC;AACnC,UAAM,6BAAa,IAAA;AACnB,eAAW,UAAU,SAAS;AAC5B,YAAM,SAAS,MAAM,KAAK,KAAK;AAAA,QAC7B,OAAO,EAAE,QAAQ,UAAAA,WAAU,WAAW,OAAO,UAAU,KAAA;AAAA,QACvD,SAAS;AAAA,QACT,OAAO;AAAA,MAAA,CACR;AACD,UAAI,OAAO,SAAS,GAAG;AACrB,eAAO,IAAI,QAAQ,OAAO,CAAC,CAAC;AAAA,MAC9B;AAAA,IACF;AACA,WAAO;AAAA,EACT;AACF;AC5MO,MAAM,kCAAkC,eAAgC;AAAA,EAC7E,OAAgB,aAAa;AAAA,EAE7B,MAAM,UAAU,QAA4C;AAC1D,WAAO,KAAK,KAAK,EAAE,OAAO,EAAE,QAAQ,QAAQ,SAAA,GAAY;AAAA,EAC1D;AAAA,EAEA,MAAM,aAAa,WAA+C;AAChE,WAAO,KAAK,KAAK,EAAE,OAAO,EAAE,WAAW,QAAQ,SAAA,GAAY;AAAA,EAC7D;AAAA,EAEA,MAAM,eACJ,QACA,WACAA,WACiC;AACjC,UAAM,QAAiC,EAAE,QAAQ,UAAA;AACjD,QAAIA,cAAa,OAAW,OAAM,WAAWA;AAC7C,UAAM,UAAU,MAAM,KAAK,KAAK,EAAE,OAAO;AACzC,WAAO,QAAQ,CAAC,KAAK;AAAA,EACvB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,MAAM,qBACJ,QACA,WACAA,WACiC;AACjC,UAAM,QAAiC;AAAA,MACrC;AAAA,MACA;AAAA,MACA,QAAQ;AAAA,MACR,UAAAA;AAAA,IAAA;AAEF,UAAM,UAAU,MAAM,KAAK,KAAK,EAAE,OAAO,OAAO,GAAG;AACnD,WAAO,QAAQ,CAAC,KAAK;AAAA,EACvB;AAAA;AAAA,EAGA,MAAM,eACJ,QACA,WACAA,WACkB;AAClB,WACG,MAAM,KAAK,qBAAqB,QAAQ,WAAWA,SAAQ,MAAO;AAAA,EAEvE;AAAA,EAEA,MAAM,gBAAgB,QAA4C;AAChE,UAAM,eAAe,MAAM,KAAK,KAAK;AAAA,MACnC,OAAO,EAAE,QAAQ,QAAQ,SAAA;AAAA,IAAS,CACnC;AACD,WAAO,aAAa,OAAO,CAAC,MAAM,EAAE,iBAAiB,SAAS;AAAA,EAChE;AAAA,EAEA,MAAM,gBAAgB,QAA4C;AAChE,UAAM,eAAe,MAAM,KAAK,KAAK;AAAA,MACnC,OAAO,EAAE,QAAQ,QAAQ,SAAA;AAAA,IAAS,CACnC;AACD,WAAO,aAAa,OAAO,CAAC,MAAM,EAAE,SAAS;AAAA,EAC/C;AAAA,EAEA,MAAM,YAAY,QAAiC;AACjD,UAAM,eAAe,MAAM,KAAK,KAAK;AAAA,MACnC,OAAO,EAAE,QAAQ,QAAQ,SAAA;AAAA,IAAS,CACnC;AACD,WAAO,aAAa;AAAA,EACtB;AACF;AC/EO,MAAM,+BAA+B,eAA6B;AAAA,EACvE,OAAgB,aAAa;AAAA,EAE7B,MAAM,aAAa,WAA4C;AAC7D,WAAO,KAAK,KAAK,EAAE,OAAO,EAAE,UAAA,GAAa;AAAA,EAC3C;AAAA;AAAA,EAGA,MAAM,kBACJ,WAC+D;AAC/D,UAAM,YAAY,MAAM,KAAK,KAAK,EAAE,OAAO,EAAE,UAAA,GAAa;AAC1D,UAAM,6BAAa,IAAA;AAEnB,eAAW,YAAY,WAAW;AAChC,YAAM,WAAW,OAAO,IAAI,SAAS,KAAK;AAC1C,UAAI,UAAU;AACZ,iBAAS;AACT,iBAAS,WAAW,KAAK,SAAS,SAAS;AAAA,MAC7C,OAAO;AACL,eAAO,IAAI,SAAS,OAAO;AAAA,UACzB,OAAO;AAAA,UACP,YAAY,CAAC,SAAS,SAAS;AAAA,QAAA,CAChC;AAAA,MACH;AAAA,IACF;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,MAAM,OACJ,WACA,WACA,OACAA,WAC6B;AAC7B,UAAM,WAAW,MAAM,KAAK,KAAK;AAAA,MAC/B,OAAO,EAAE,WAAW,WAAW,OAAO,UAAAA,UAAA;AAAA,IAAS,CAChD;AAED,QAAI,SAAS,SAAS,GAAG;AACvB,YAAM,SAAS,CAAC,EAAE,OAAA;AAClB,aAAO,EAAE,OAAO,MAAA;AAAA,IAClB;AAEA,UAAM,KAAK,OAAO;AAAA,MAChB,UAAAA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IAAA,CACD;AACD,WAAO,EAAE,OAAO,KAAA;AAAA,EAClB;AACF;AChDO,SAAS,kBACdA,WACA,YACA,YACQ;AACR,QAAM,CAAC,GAAG,CAAC,IAAI,CAAC,YAAY,UAAU,EAAE,KAAA;AACxC,QAAM,MAAM,MAAMA,SAAQ,IAAI,CAAC,IAAI,CAAC;AACpC,QAAM,OAAO,WAAW,MAAM,EAAE,OAAO,GAAG,EAAE,OAAO,KAAK;AAExD,SAAO;AAAA,IACL,KAAK,MAAM,GAAG,CAAC;AAAA,IACf,KAAK,MAAM,GAAG,EAAE;AAAA,IAChB,IAAI,KAAK,MAAM,IAAI,EAAE,CAAC;AAAA,KACpB,OAAO,SAAS,KAAK,MAAM,IAAI,EAAE,GAAG,EAAE,IAAI,KAAQ,KACjD,SAAS,EAAE,EACX,SAAS,GAAG,GAAG,IAAI,KAAK,MAAM,IAAI,EAAE;AAAA,IACvC,KAAK,MAAM,IAAI,EAAE;AAAA,EAAA,EACjB,KAAK,GAAG;AACZ;AAEO,MAAM,2BAA2B,eAAyB;AAAA,EAC/D,OAAgB,aAAa;AAAA,EAE7B,MAAM,WAAW,UAA6C;AAC5D,WAAO,KAAK,KAAK,EAAE,OAAO,EAAE,UAAU,QAAQ,SAAA,GAAY;AAAA,EAC5D;AAAA,EAEA,MAAM,aAAkC;AACtC,WAAO,KAAK,KAAK,EAAE,OAAO,EAAE,UAAU,UAAU,QAAQ,SAAA,GAAY;AAAA,EACtE;AAAA,EAEA,MAAM,UAA+B;AACnC,WAAO,KAAK,KAAK,EAAE,OAAO,EAAE,UAAU,MAAM,QAAQ,SAAA,GAAY;AAAA,EAClE;AAAA,EAEA,MAAM,iBAAsC;AAC1C,WAAO,KAAK,KAAK,EAAE,OAAO,EAAE,UAAU,SAAS,QAAQ,SAAA,GAAY;AAAA,EACrE;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,MAAM,OACJ,OACA,SACqB;AACrB,UAAM,QAAQ,SAAS,SAAS;AAChC,UAAM,OAAO,IAAI,KAAK;AACtB,UAAM,UAAU,CAAC,QAAQ,eAAe,OAAO;AAE/C,UAAM,6BAAa,IAAA;AACnB,eAAW,UAAU,SAAS;AAC5B,YAAM,UAAU,MAAM,KAAK,KAAK;AAAA,QAC9B,OAAO,EAAE,QAAQ,UAAU,CAAC,GAAG,MAAM,OAAO,GAAG,KAAA;AAAA,QAC/C,SAAS;AAAA,QACT;AAAA,MAAA,CACD;AACD,iBAAW,QAAQ,SAAS;AAC1B,YAAI,KAAK,GAAI,QAAO,IAAI,KAAK,IAAI,IAAI;AAAA,MACvC;AACA,UAAI,OAAO,QAAQ,MAAO;AAAA,IAC5B;AAEA,WAAO,MAAM,KAAK,OAAO,OAAA,CAAQ,EAAE,MAAM,GAAG,KAAK;AAAA,EACnD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,MAAM,eACJ,YACA,YACAA,WACA,cACmB;AAGnB,UAAM,OAAO,kBAAkBA,WAAU,YAAY,UAAU;AAC/D,UAAM,YAAY,MAAM,KAAK,IAAI,EAAE,IAAI,MAAM,UAAAA,WAAU;AACvD,QAAI,aAAa,UAAU,aAAa,MAAM;AAC5C,aAAO;AAAA,IACT;AAMA,UAAM,eAAe,MAAM,aAAa,KAAK;AAAA,MAC3C,OAAO,EAAE,WAAW,YAAY,QAAQ,UAAU,UAAAA,UAAA;AAAA,IAAS,CAC5D;AACD,UAAM,mBAAmB,aAAa,IAAI,CAAC,MAAM,EAAE,MAAM;AAEzD,eAAW,UAAU,kBAAkB;AACrC,YAAM,KAAK,MAAM,KAAK,IAAI,EAAE,IAAI,QAAQ,UAAAA,WAAU;AAClD,UAAI,CAAC,MAAM,GAAG,aAAa,QAAQ,GAAG,WAAW,SAAU;AAG3D,YAAM,SAAS,MAAM,aAAa,KAAK;AAAA,QACrC,OAAO,EAAE,QAAQ,WAAW,YAAY,QAAQ,UAAU,UAAAA,UAAA;AAAA,MAAS,CACpE;AACD,UAAI,OAAO,SAAS,GAAG;AACrB,eAAO;AAAA,MACT;AAAA,IACF;AAMA,UAAM,OAAO,MAAM,KAAK,OAAO;AAAA,MAC7B,IAAI;AAAA,MACJ,UAAAA;AAAA,MACA,MAAM;AAAA,MACN,UAAU;AAAA,MACV,QAAQ;AAAA,MACR,iBAAiB;AAAA,IAAA,CAClB;AACD,WAAO;AAAA,EACT;AACF;AC9IO,MAAM,6BAA6B,eAA2B;AAAA,EACnE,OAAgB,aAAa;AAAA,EAE7B,MAAM,UAAU,QAAuC;AACrD,WAAO,KAAK,KAAK,EAAE,OAAO,EAAE,OAAA,GAAU;AAAA,EACxC;AAAA,EAEA,MAAM,UAAU,QAAuC;AACrD,UAAM,UAAU,MAAM,KAAK,KAAK,EAAE,OAAO,EAAE,OAAA,GAAU;AACrD,WAAO,QAAQ,OAAO,CAAC,MAAM,CAAC,EAAE,UAAU;AAAA,EAC5C;AAAA,EAEA,MAAM,gBAAuC;AAC3C,UAAM,UAAU,MAAM,KAAK,KAAK,CAAA,CAAE;AAClC,WAAO,QAAQ,OAAO,CAAC,MAAM,CAAC,EAAE,UAAU;AAAA,EAC5C;AACF;ACkEA,MAAM,yCAAyB,yBAAyB;AAEjD,MAAM,YAAY;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAMd;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAED,YACN,OACA,UACA,cACA,SACA,eACA,WACA;AACA,SAAK,SAAS;AACd,SAAK,YAAY;AACjB,SAAK,gBAAgB;AACrB,SAAK,WAAW;AAChB,SAAK,iBAAiB;AACtB,SAAK,aAAa;AAAA,EACpB;AAAA,EAEA,aAAa,OAAO,SAAkD;AACpE,mBAAe;AAAA,MACb;AAAA,MACA;AAAA,IAAA;AAEF,mBAAe;AAAA,MACb;AAAA,MACA;AAAA,IAAA;AAEF,mBAAe;AAAA,MACb;AAAA,MACA;AAAA,IAAA;AAEF,mBAAe;AAAA,MACb;AAAA,MACA;AAAA,IAAA;AAEF,mBAAe;AAAA,MACb;AAAA,MACA;AAAA,IAAA;AAEF,mBAAe;AAAA,MACb;AAAA,MACA;AAAA,IAAA;AAGF,UAAM,QAAS,MAAM,eAAe;AAAA,MAClC;AAAA,MACA;AAAA,IAAA;AAEF,UAAM,WAAY,MAAM,eAAe;AAAA,MACrC;AAAA,MACA;AAAA,IAAA;AAEF,UAAM,eAAgB,MAAM,eAAe;AAAA,MACzC;AAAA,MACA;AAAA,IAAA;AAEF,UAAM,UAAW,MAAM,eAAe;AAAA,MACpC;AAAA,MACA;AAAA,IAAA;AAEF,UAAM,gBAAiB,MAAM,eAAe;AAAA,MAC1C;AAAA,MACA;AAAA,IAAA;AAEF,UAAM,YAAa,MAAM,eAAe;AAAA,MACtC;AAAA,MACA;AAAA,IAAA;AAGF,WAAO,IAAI;AAAA,MACT;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IAAA;AAAA,EAEJ;AAAA;AAAA,EAGA,MAAM,aAA4B;AAChC,UAAM,KAAK,OAAO,WAAA;AAClB,UAAM,KAAK,UAAU,WAAA;AACrB,UAAM,KAAK,cAAc,WAAA;AACzB,UAAM,KAAK,SAAS,WAAA;AACpB,UAAM,KAAK,eAAe,WAAA;AAC1B,UAAM,KAAK,WAAW,WAAA;AAAA,EACxB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,MAAM,WAAW,QAOd;AACD,UAAM,OAAO,MAAM,KAAK,OAAO,OAAO;AAAA,MACpC,UAAU,OAAO;AAAA,MACjB,MAAM,OAAO;AAAA,MACb,UAAU,OAAO;AAAA,MACjB,oBAAoB,OAAO;AAAA,MAC3B,aAAa,OAAO,eAAe;AAAA,MACnC,OAAO,OAAO,SAAS;AAAA,MACvB,QAAQ;AAAA,IAAA,CACT;AAED,UAAM,KAAK,mBAAmB;AAAA,MAC5B,UAAU,OAAO;AAAA,MACjB,QAAQ,KAAK;AAAA,MACb,WAAW,OAAO;AAAA,MAClB,MAAM;AAAA,IAAA,CACP;AAED,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAiBA,MAAM,YAAY,QASf;AACD,WAAO,KAAK,cAAc;AAAA,MACxB,UAAU,OAAO;AAAA,MACjB,QAAQ,OAAO;AAAA,MACf,iBAAiB,OAAO;AAAA,MACxB,SAAS,OAAO;AAAA,MAChB,MAAM;AAAA,MACN,aAAa,OAAO,eAAe;AAAA,MACnC,UAAU,OAAO,YAAY;AAAA,MAC7B,gBAAgB,OAAO,kBAAkB;AAAA,MACzC,kBAAkB,OAAO,oBAAoB;AAAA,IAAA,CAC9C;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWA,MAAM,cAAc,OAA6B;AAC/C,QAAI,CAAC,MAAM,qBAAqB;AAC9B,YAAM,WAAW,MAAM,KAAK,cAAc;AAAA,QACxC,MAAM;AAAA,QACN,MAAM;AAAA,QACN,MAAM;AAAA,MAAA;AAER,UAAI,CAAC,UAAU;AACb,cAAM,IAAI;AAAA,UACR;AAAA,QAAA;AAAA,MAEJ;AAAA,IACF;AASA,UAAM,SAAS,MAAM,WACjB,MAAM,KAAK,SAAS,IAAI;AAAA,MACtB,IAAI,MAAM;AAAA,MACV,QAAQ,MAAM;AAAA,MACd,UAAU,MAAM;AAAA,IAAA,CACjB,IACD;AACJ,QAAI,MAAM,YAAY,CAAC,QAAQ;AAC7B,YAAM,IAAI;AAAA,QACR;AAAA,MAAA;AAAA,IAEJ;AAEA,UAAM,UAAU,MAAM,iBAClB,MAAM,KAAK,eAAe,IAAI;AAAA,MAC5B,IAAI,MAAM;AAAA,MACV,YAAY,MAAM;AAAA,MAClB,UAAU,MAAM;AAAA,IAAA,CACjB,IACD;AACJ,QAAI,MAAM,kBAAkB,CAAC,SAAS;AACpC,YAAM,IAAI;AAAA,QACR;AAAA,MAAA;AAAA,IAEJ;AAEA,QAAI,MAAM,kBAAkB;AAC1B,YAAM,UAAU,MAAM,KAAK,UAAU,IAAI;AAAA,QACvC,IAAI,MAAM;AAAA,QACV,QAAQ,MAAM;AAAA,QACd,UAAU,MAAM;AAAA,MAAA,CACjB;AACD,UAAI,CAAC,SAAS;AACZ,cAAM,IAAI;AAAA,UACR;AAAA,QAAA;AAAA,MAEJ;AAAA,IACF;AAEA,UAAM,UAAU,MAAM,KAAK,UAAU,OAAO;AAAA,MAC1C,UAAU,MAAM;AAAA,MAChB,QAAQ,MAAM;AAAA,MACd,iBAAiB,MAAM;AAAA,MACvB,SAAS,MAAM;AAAA,MACf,aAAa,MAAM,eAAe;AAAA,MAClC,MAAM,MAAM;AAAA,MACZ,UAAU,MAAM,YAAY;AAAA,MAC5B,gBAAgB,MAAM,kBAAkB;AAAA,MACxC,kBAAkB,MAAM,oBAAoB;AAAA,MAC5C,cAAc,MAAM,eAChB,KAAK,UAAU,MAAM,YAAY,IACjC;AAAA,IAAA,CACL;AAGD,UAAM,OAAO,MAAM,KAAK,OAAO,IAAI;AAAA,MACjC,IAAI,MAAM;AAAA,MACV,UAAU,MAAM;AAAA,IAAA,CACjB;AACD,QAAI,MAAM;AACR,WAAK,oCAAoB,KAAA;AACzB,YAAM,KAAK,KAAA;AAAA,IACb;AAGA,QAAI,QAAQ;AACV,aAAO;AACP,aAAO,oCAAoB,KAAA;AAC3B,YAAM,OAAO,KAAA;AAAA,IACf;AAGA,QAAI,SAAS;AACX,YAAM,QAAQ,cAAA;AAAA,IAChB;AAEA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAeA,MAAM,YAAY,QAMf;AACD,UAAM,KAAK;AAAA,MACT,OAAO;AAAA,MACP,OAAO;AAAA,MACP,OAAO;AAAA,IAAA;AAET,QAAI,OAAO,eAAe;AACxB,YAAM,cAAc,MAAM,KAAK,UAAU,IAAI;AAAA,QAC3C,IAAI,OAAO;AAAA,QACX,QAAQ,OAAO;AAAA,QACf,UAAU,OAAO;AAAA,MAAA,CAClB;AACD,UAAI,CAAC,aAAa;AAChB,cAAM,IAAI;AAAA,UACR;AAAA,QAAA;AAAA,MAEJ;AAAA,IACF;AACA,UAAM,SAAS,MAAM,KAAK,SAAS,OAAO;AAAA,MACxC,UAAU,OAAO;AAAA,MACjB,QAAQ,OAAO;AAAA,MACf,eAAe,OAAO,iBAAiB;AAAA,MACvC,OAAO,OAAO,SAAS;AAAA,MACvB,cAAc;AAAA,IAAA,CACf;AACD,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWA,MAAM,eAAe,QAMlB;AACD,UAAM,KAAK;AAAA,MACT,OAAO;AAAA,MACP,OAAO;AAAA,MACP,OAAO;AAAA,IAAA;AAET,WAAO,KAAK,mBAAmB;AAAA,MAC7B,UAAU,OAAO;AAAA,MACjB,QAAQ,OAAO;AAAA,MACf,WAAW,OAAO;AAAA,MAClB,MAAM,OAAO;AAAA,IAAA,CACd;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,mBAAmB,QAKtB;AACD,UAAM,WAAW,MAAM,KAAK,cAAc;AAAA,MACxC,OAAO;AAAA,MACP,OAAO;AAAA,MACP,OAAO;AAAA,IAAA;AAET,QAAI,UAAU;AACZ,UAAI,SAAS,WAAW,UAAU;AAChC,iBAAS,SAAS;AAClB,iBAAS,+BAAe,KAAA;AACxB,cAAM,SAAS,KAAA;AAAA,MACjB;AACA,aAAO;AAAA,IACT;AAEA,UAAM,cAAc,MAAM,KAAK,cAAc,OAAO;AAAA,MAClD,UAAU,OAAO;AAAA,MACjB,QAAQ,OAAO;AAAA,MACf,WAAW,OAAO;AAAA,MAClB,MAAM,OAAO,QAAQ;AAAA,MACrB,QAAQ;AAAA,MACR,8BAAc,KAAA;AAAA,IAAK,CACpB;AACD,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,MAAM,kBAAkB,QAKrB;AACD,UAAM,SAAS,MAAM,KAAK,cAAc;AAAA,MACtC,OAAO;AAAA,MACP,OAAO;AAAA,MACP,OAAO;AAAA,IAAA;AAET,QAAI,CAAC,OAAQ;AAEb,UAAM,SAAS,OAAO,mBAAmB,OAAO;AAChD,QAAI,CAAC,QAAQ;AACX,YAAM,QAAQ,MAAM,KAAK,cAAc;AAAA,QACrC,OAAO;AAAA,QACP,OAAO;AAAA,QACP,OAAO;AAAA,MAAA;AAET,UAAI,CAAC,SAAS,CAAC,MAAM,WAAW;AAC9B,cAAM,IAAI;AAAA,UACR;AAAA,QAAA;AAAA,MAEJ;AAEA,UAAI,OAAO,QAAA,KAAa,CAAC,MAAM,WAAW;AACxC,cAAM,IAAI;AAAA,UACR;AAAA,QAAA;AAAA,MAEJ;AAAA,IACF;AAEA,WAAO,SAAS;AAChB,UAAM,OAAO,KAAA;AAAA,EACf;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,MAAM,WAAW,QASd;AACD,UAAM,KAAK;AAAA,MACT,OAAO;AAAA,MACP,OAAO;AAAA,MACP,OAAO;AAAA,IAAA;AAET,UAAM,OAAO,MAAM,KAAK,OAAO,IAAI;AAAA,MACjC,IAAI,OAAO;AAAA,MACX,UAAU,OAAO;AAAA,IAAA,CAClB;AACD,QAAI,CAAC,KAAM,OAAM,IAAI,MAAM,gBAAgB;AAE3C,QAAI,OAAO,SAAS,OAAW,MAAK,OAAO,OAAO;AAClD,QAAI,OAAO,gBAAgB,OAAW,MAAK,cAAc,OAAO;AAChE,QAAI,OAAO,UAAU,OAAW,MAAK,QAAQ,OAAO;AACpD,QAAI,OAAO,cAAc,OAAW,MAAK,YAAY,OAAO;AAC5D,QAAI,OAAO,WAAW,OAAW,MAAK,SAAS,OAAO;AACtD,UAAM,KAAK,KAAA;AACX,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWA,MAAM,YAAY,QAKf;AACD,UAAM,UAAU,MAAM,KAAK,UAAU,IAAI;AAAA,MACvC,IAAI,OAAO;AAAA,MACX,UAAU,OAAO;AAAA,IAAA,CAClB;AACD,QAAI,CAAC,QAAS,OAAM,IAAI,MAAM,mBAAmB;AAEjD,UAAM,KAAK;AAAA,MACT,QAAQ;AAAA,MACR,OAAO;AAAA,MACP,OAAO;AAAA,IAAA;AAGT,UAAM,WAAW,MAAM,KAAK,WAAW,KAAK;AAAA,MAC1C,OAAO;AAAA,QACL,UAAU,OAAO;AAAA,QACjB,WAAW,OAAO;AAAA,QAClB,WAAW,OAAO;AAAA,QAClB,OAAO,OAAO;AAAA,MAAA;AAAA,MAEhB,OAAO;AAAA,IAAA,CACR;AACD,QAAI,SAAS,CAAC,EAAG,QAAO,SAAS,CAAC;AAElC,WAAO,KAAK,WAAW,OAAO;AAAA,MAC5B,UAAU,OAAO;AAAA,MACjB,WAAW,OAAO;AAAA,MAClB,WAAW,OAAO;AAAA,MAClB,OAAO,OAAO;AAAA,IAAA,CACf;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,MAAM,eAAe,QAKA;AACnB,UAAM,WAAW,MAAM,KAAK,WAAW,KAAK;AAAA,MAC1C,OAAO;AAAA,QACL,UAAU,OAAO;AAAA,QACjB,WAAW,OAAO;AAAA,QAClB,WAAW,OAAO;AAAA,QAClB,OAAO,OAAO;AAAA,MAAA;AAAA,MAEhB,OAAO;AAAA,IAAA,CACR;AACD,QAAI,SAAS,CAAC,GAAG;AACf,YAAM,SAAS,CAAC,EAAE,OAAA;AAClB,aAAO;AAAA,IACT;AACA,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,MAAM,cAAc,QAKjB;AACD,QACE,OAAO,mBAAmB,OAAO,cACjC,OAAO,mBAAmB,OAAO,YACjC;AACA,YAAM,IAAI;AAAA,QACR;AAAA,MAAA;AAAA,IAEJ;AAEA,UAAM,OAAO,MAAM,KAAK,OAAO;AAAA,MAC7B,OAAO;AAAA,MACP,OAAO;AAAA,MACP,OAAO;AAAA,MACP,KAAK;AAAA,IAAA;AAGP,UAAM,KAAK,mBAAmB;AAAA,MAC5B,UAAU,OAAO;AAAA,MACjB,QAAQ,KAAK;AAAA,MACb,WAAW,OAAO;AAAA,IAAA,CACnB;AACD,UAAM,KAAK,mBAAmB;AAAA,MAC5B,UAAU,OAAO;AAAA,MACjB,QAAQ,KAAK;AAAA,MACb,WAAW,OAAO;AAAA,IAAA,CACnB;AAED,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAqBA,MAAM,mBAAmB,QAStB;AACD,UAAM,uBAAuB,OAAO;AACpC,UAAM,aAAa,OAAO,cAAc;AAIxC,UAAM,kBAAkB,MAAM,KAAK,eAAe;AAAA,MAChD,OAAO;AAAA,MACP;AAAA,MACA,OAAO;AAAA,MACP;AAAA,IAAA;AAEF,QAAI,mBAAmB,gBAAgB,aAAa,OAAO,UAAU;AACnE,UAAI,gBAAgB,YAAY;AAG9B,cAAM,eAAe,MAAM,KAAK,OAAO,IAAI;AAAA,UACzC,IAAI,gBAAgB;AAAA,UACpB,UAAU,OAAO;AAAA,QAAA,CAClB;AACD,YAAI,cAAc;AAKhB,gBAAM,KAAK,mBAAmB;AAAA,YAC5B,UAAU,OAAO;AAAA,YACjB,QAAQ,aAAa;AAAA,YACrB,WAAW;AAAA,YACX,MAAM;AAAA,UAAA,CACP;AACD,gBAAM,KAAK,mBAAmB;AAAA,YAC5B,UAAU,OAAO;AAAA,YACjB,QAAQ,aAAa;AAAA,YACrB,WAAW,OAAO;AAAA,YAClB,MAAM;AAAA,UAAA,CACP;AACD,iBAAO,EAAE,SAAS,iBAAiB,MAAM,aAAA;AAAA,QAC3C;AAAA,MACF;AAEA,YAAM,gBAAgB,OAAA;AAAA,IACxB;AAGA,UAAM,OAAO,MAAM,KAAK,OAAO,OAAO;AAAA,MACpC,UAAU,OAAO;AAAA,MACjB,MAAM;AAAA,MACN,UAAU;AAAA,MACV,oBAAoB;AAAA,MACpB,QAAQ;AAAA,MACR,iBAAiB;AAAA,IAAA,CAClB;AAGD,UAAM,KAAK,mBAAmB;AAAA,MAC5B,UAAU,OAAO;AAAA,MACjB,QAAQ,KAAK;AAAA,MACb,WAAW;AAAA,MACX,MAAM;AAAA,IAAA,CACP;AAID,UAAM,KAAK,mBAAmB;AAAA,MAC5B,UAAU,OAAO;AAAA,MACjB,QAAQ,KAAK;AAAA,MACb,WAAW,OAAO;AAAA,MAClB,MAAM;AAAA,IAAA,CACP;AAID,UAAM,UAAU,MAAM,KAAK,eAAe,aAAa;AAAA,MACrD,SAAS,OAAO;AAAA,MAChB;AAAA,MACA,UAAU,OAAO;AAAA,MACjB,cAAc,OAAO;AAAA,MACrB,YAAY,KAAK;AAAA,MACjB,cAAc,OAAO;AAAA,MACrB;AAAA,IAAA,CACD;AAED,QAAI,OAAO,UAAW,SAAQ,YAAY,OAAO;AACjD,QAAI,OAAO,YAAa,SAAQ,cAAc,OAAO;AACrD,UAAM,QAAQ,KAAA;AAEd,WAAO,EAAE,SAAS,KAAA;AAAA,EACpB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAYA,MAAM,qBAAqB,QAMxB;AACD,UAAM,UAAU,MAAM,KAAK;AAAA,MACzB,OAAO;AAAA,MACP,OAAO;AAAA,IAAA;AAGT,QAAI,OAAO,mBAAmB,QAAQ,sBAAsB;AAC1D,YAAM,IAAI;AAAA,QACR;AAAA,MAAA;AAAA,IAEJ;AAEA,WAAO,KAAK,cAAc;AAAA,MACxB,UAAU,OAAO;AAAA,MACjB,QAAQ,QAAQ;AAAA,MAChB,iBAAiB,QAAQ;AAAA,MACzB,SAAS,OAAO;AAAA,MAChB,MAAM;AAAA,MACN,aAAa,OAAO,eAAe;AAAA,MACnC,gBAAgB,OAAO;AAAA,IAAA,CACxB;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAiBA,MAAM,gBAAgB,QAA0B;AAC9C,UAAM,UAAU,MAAM,KAAK;AAAA,MACzB,OAAO;AAAA,MACP,OAAO;AAAA,IAAA;AAGT,UAAM,OAAwB,OAAO,SAAS,SAAS,SAAS;AAShE,QACE,OAAO,gBAAgB,eACvB,OAAO,gBAAgB,iBACvB,SAAS,UACT,OAAO,cACP;AACA,YAAM,WAAW,YAAY,iBAAiB,OAAO,YAAY;AACjE,UAAI,CAAC,UAAU;AACb,cAAM,IAAI,MAAM,kCAAkC;AAAA,MACpD;AACA,UAAI,CAAC,QAAQ,cAAc,QAAQ,GAAG;AACpC,cAAM,IAAI;AAAA,UACR,SAAS,QAAQ;AAAA,QAAA;AAAA,MAErB;AAAA,IACF;AAEA,WAAO,KAAK,cAAc;AAAA,MACxB,UAAU,OAAO;AAAA,MACjB,QAAQ,QAAQ;AAAA,MAChB,iBAAiB,QAAQ;AAAA,MACzB,SAAS,OAAO;AAAA,MAChB;AAAA,MACA,aAAa,OAAO,eAAe;AAAA,MACnC,UAAU,OAAO,YAAY;AAAA,MAC7B,gBAAgB,OAAO;AAAA,MACvB,cAAc,OAAO,gBAAgB;AAAA,IAAA,CACtC;AAAA,EACH;AAAA;AAAA,EAGA,MAAM,mBAAmB,gBAAwBA,WAAkB;AACjE,UAAM,UAAU,MAAM,KAAK,eAAe,IAAI;AAAA,MAC5C,IAAI;AAAA,MACJ,UAAAA;AAAA,IAAA,CACD;AACD,QAAI,CAAC,QAAS,OAAM,IAAI,MAAM,yBAAyB;AACvD,QAAI,CAAC,QAAQ,SAAA,EAAY,OAAM,IAAI,MAAM,6BAA6B;AACtE,QAAI,CAAC,QAAQ,WAAY,OAAM,IAAI,MAAM,gCAAgC;AACzE,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAcA,MAAM,gBAAgB,QAMnB;AACD,UAAM,KAAK;AAAA,MACT,OAAO;AAAA,MACP,OAAO;AAAA,MACP,OAAO;AAAA,IAAA;AAET,WAAO,KAAK,UAAU,UAAU,OAAO,QAAQ,OAAO,UAAU;AAAA,MAC9D,OAAO,OAAO;AAAA,MACd,QAAQ,OAAO;AAAA,IAAA,CAChB;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWA,MAAM,iBACJ,QACA,gBACAA,WACA;AACA,UAAM,OAAO,MAAM,KAAK,OAAO,IAAI,EAAE,IAAI,QAAQ,UAAAA,WAAU;AAC3D,QAAI,CAAC,KAAM,QAAO;AAClB,UAAM,KAAK,yBAAyB,QAAQ,gBAAgBA,SAAQ;AACpE,WAAO;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAWA,MAAM,gBACJ,QAC8B;AAC9B,UAAM,UAAU,MAAM,KAAK,eAAe,IAAI;AAAA,MAC5C,IAAI,OAAO;AAAA,MACX,UAAU,OAAO;AAAA,IAAA,CAClB;AACD,WAAO,WAAW;AAAA,EACpB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,MAAM,wBAAwB,QAIF;AAC1B,UAAM,WAAW,MAAM,KAAK,eAAe,KAAK;AAAA,MAC9C,OAAO;AAAA,QACL,UAAU,OAAO;AAAA,QACjB,SAAS,OAAO;AAAA,QAChB,sBAAsB,OAAO;AAAA,QAC7B,QAAQ;AAAA,MAAA;AAAA,IACV,CACD;AACD,WAAO,SAAS,OAAO,CAAC,MAAM,EAAE,UAAU;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,MAAM,UAAU,QAAkD;AAChE,UAAM,SAAS,MAAM,KAAK,SAAS,IAAI;AAAA,MACrC,IAAI,OAAO;AAAA,MACX,UAAU,OAAO;AAAA,IAAA,CAClB;AACD,WAAO,UAAU;AAAA,EACnB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EASA,MAAM,gBAAgB,QAII;AACxB,UAAM,KAAK;AAAA,MACT,OAAO;AAAA,MACP,OAAO;AAAA,MACP,OAAO;AAAA,IAAA;AAET,WAAO,KAAK,SAAS,KAAK;AAAA,MACxB,OAAO,EAAE,UAAU,OAAO,UAAU,QAAQ,OAAO,OAAA;AAAA,MACnD,SAAS;AAAA,IAAA,CACV;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,MAAM,kBAAkB,QAKG;AACzB,UAAM,SAAS,MAAM,KAAK,SAAS,IAAI;AAAA,MACrC,IAAI,OAAO;AAAA,MACX,UAAU,OAAO;AAAA,IAAA,CAClB;AACD,QAAI,CAAC,QAAQ;AACX,YAAM,IAAI,MAAM,kBAAkB;AAAA,IACpC;AACA,UAAM,KAAK;AAAA,MACT,OAAO;AAAA,MACP,OAAO;AAAA,MACP,OAAO;AAAA,IAAA;AAET,UAAM,WAAW,MAAM,KAAK,UAAU,KAAK;AAAA,MACzC,OAAO;AAAA,QACL,UAAU,OAAO;AAAA,QACjB,UAAU,OAAO;AAAA,QACjB,WAAW;AAAA,MAAA;AAAA,MAEb,SAAS;AAAA,MACT,OAAO,OAAO;AAAA,IAAA,CACf;AACD,WAAO,SAAS,QAAA;AAAA,EAClB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,MAAM,yBAAyB,QAM5B;AAKD,UAAM,UAAU,MAAM,KAAK,eAAe,IAAI;AAAA,MAC5C,IAAI,OAAO;AAAA,MACX,UAAU,OAAO;AAAA,IAAA,CAClB;AACD,QAAI,CAAC,QAAS,OAAM,IAAI,MAAM,yBAAyB;AAEvD,UAAM,UAAU,OAAO,mBAAmB,QAAQ;AAClD,QAAI,CAAC,SAAS;AACZ,YAAM,IAAI;AAAA,QACR;AAAA,MAAA;AAAA,IAEJ;AAEA,QAAI,OAAO,iBAAiB,QAAW;AACrC,cAAQ,gBAAgB,OAAO,YAAY;AAAA,IAC7C;AACA,QAAI,OAAO,iBAAiB,QAAW;AACrC,cAAQ,eAAe,OAAO;AAAA,IAChC;AACA,UAAM,QAAQ,KAAA;AACd,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,MAAM,yBACJ,QACA,WACAA,WACe;AACf,UAAM,WAAW,MAAM,KAAK,cAAc;AAAA,MACxC;AAAA,MACA;AAAA,MACAA;AAAA,IAAA;AAEF,QAAI,CAAC,UAAU;AACb,YAAM,IAAI;AAAA,QACR;AAAA,MAAA;AAAA,IAEJ;AAAA,EACF;AAAA;AAAA,EAGA,MAAM,kBACJ,QACA,WACAA,WACe;AACf,UAAM,QAAQ,MAAM,KAAK,cAAc;AAAA,MACrC;AAAA,MACA;AAAA,MACAA;AAAA,IAAA;AAEF,QAAI,CAAC,SAAS,CAAC,MAAM,WAAW;AAC9B,YAAM,IAAI;AAAA,QACR;AAAA,MAAA;AAAA,IAEJ;AAAA,EACF;AAAA;AAAA,EAGA,OAAO,iBACL,MACe;AACf,QAAI,CAAC,QAAQ,OAAO,SAAS,SAAU,QAAO;AAC9C,UAAM,YACH,KAAK,QACL,KAAK,QACL,KAAK;AACR,WAAO,OAAO,cAAc,YAAY,UAAU,SAAS,IACvD,YACA;AAAA,EACN;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAaA,QAAQ,eAAe,EACrB,SACA,QACA;AAIA,WAAQ,QAAwB,gBAAgB,MAAM;AAAA,EACxD;AACF;AA0BO,SAAS,eACd,SACA,QACA;AACA,SAAO,YAAY,eAAe,EAAE,SAAS,MAAM;AACrD;"}