@kyro-cms/core 0.9.0 → 0.9.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (248) hide show
  1. package/README.md +57 -589
  2. package/dist/{WebhookService-118ZTFis.d.ts → WebhookService-CUTb9XOy.d.ts} +1 -1
  3. package/dist/{WebhookService-AefJfqX0.d.cts → WebhookService-Yg2UEOB4.d.cts} +1 -1
  4. package/dist/api-handler-graphql.cjs +44 -0
  5. package/dist/api-handler-graphql.cjs.map +1 -0
  6. package/dist/api-handler-graphql.d.cts +6 -0
  7. package/dist/api-handler-graphql.d.ts +6 -0
  8. package/dist/api-handler-graphql.js +41 -0
  9. package/dist/api-handler-graphql.js.map +1 -0
  10. package/dist/api-handler-trpc.cjs +38 -0
  11. package/dist/api-handler-trpc.cjs.map +1 -0
  12. package/dist/api-handler-trpc.d.cts +5 -0
  13. package/dist/api-handler-trpc.d.ts +5 -0
  14. package/dist/api-handler-trpc.js +36 -0
  15. package/dist/api-handler-trpc.js.map +1 -0
  16. package/dist/api-handler.cjs +31 -97
  17. package/dist/api-handler.cjs.map +1 -1
  18. package/dist/api-handler.d.cts +2 -1
  19. package/dist/api-handler.d.ts +2 -1
  20. package/dist/api-handler.js +19 -95
  21. package/dist/api-handler.js.map +1 -1
  22. package/dist/{tenant-B1YB0Jy8.d.ts → base-B71y_EAF.d.cts} +6 -12
  23. package/dist/{tenant-Cpeveji6.d.cts → base-DaqY2GhA.d.ts} +6 -12
  24. package/dist/bootstrap-5NLASFOG.cjs +32 -0
  25. package/dist/{bootstrap-AKAUP6F6.cjs.map → bootstrap-5NLASFOG.cjs.map} +1 -1
  26. package/dist/bootstrap-T5BK77LD.js +7 -0
  27. package/dist/{bootstrap-JCML6NFO.js.map → bootstrap-T5BK77LD.js.map} +1 -1
  28. package/dist/{chunk-35U3FROB.js → chunk-22M4O4ZJ.js} +607 -63
  29. package/dist/chunk-22M4O4ZJ.js.map +1 -0
  30. package/dist/chunk-2HZRBATX.cjs +253 -0
  31. package/dist/chunk-2HZRBATX.cjs.map +1 -0
  32. package/dist/{chunk-VJT6P4N6.cjs → chunk-3HR772HI.cjs} +199 -32
  33. package/dist/chunk-3HR772HI.cjs.map +1 -0
  34. package/dist/chunk-3KTWGODI.cjs +178 -0
  35. package/dist/chunk-3KTWGODI.cjs.map +1 -0
  36. package/dist/{chunk-QXIQWPAP.js → chunk-3UK5XBVJ.js} +4 -134
  37. package/dist/chunk-3UK5XBVJ.js.map +1 -0
  38. package/dist/{chunk-FXYP2HA6.js → chunk-4AO3A3JM.js} +48 -4
  39. package/dist/chunk-4AO3A3JM.js.map +1 -0
  40. package/dist/chunk-4M7X5HAB.cjs +173 -0
  41. package/dist/chunk-4M7X5HAB.cjs.map +1 -0
  42. package/dist/chunk-5EPFQUQD.js +3243 -0
  43. package/dist/chunk-5EPFQUQD.js.map +1 -0
  44. package/dist/{chunk-Y3N7UUDO.js → chunk-7OGPN7MP.js} +5 -2
  45. package/dist/chunk-7OGPN7MP.js.map +1 -0
  46. package/dist/{chunk-WOWUL7ZY.js → chunk-AL5KX63J.js} +4 -3
  47. package/dist/chunk-AL5KX63J.js.map +1 -0
  48. package/dist/{chunk-2OL4O2TH.cjs → chunk-C36TMDTY.cjs} +66 -61
  49. package/dist/chunk-C36TMDTY.cjs.map +1 -0
  50. package/dist/{chunk-ES5HNFFT.js → chunk-CF7OL6HR.js} +4 -2
  51. package/dist/chunk-CF7OL6HR.js.map +1 -0
  52. package/dist/chunk-CJONKRHJ.js +162 -0
  53. package/dist/chunk-CJONKRHJ.js.map +1 -0
  54. package/dist/{chunk-2KVHZE6O.cjs → chunk-COIASRDK.cjs} +202 -46
  55. package/dist/chunk-COIASRDK.cjs.map +1 -0
  56. package/dist/chunk-DEVFAKCQ.cjs +3291 -0
  57. package/dist/chunk-DEVFAKCQ.cjs.map +1 -0
  58. package/dist/{chunk-3ZFYL34R.js → chunk-DYTZ6FQ7.js} +12 -185
  59. package/dist/chunk-DYTZ6FQ7.js.map +1 -0
  60. package/dist/{chunk-QPPDLRNR.js → chunk-EJN2PAOE.js} +197 -41
  61. package/dist/chunk-EJN2PAOE.js.map +1 -0
  62. package/dist/chunk-FAXU7BMP.js +220 -0
  63. package/dist/chunk-FAXU7BMP.js.map +1 -0
  64. package/dist/{chunk-OHVB4AJ7.js → chunk-FOPGUM27.js} +22 -17
  65. package/dist/chunk-FOPGUM27.js.map +1 -0
  66. package/dist/chunk-GAOXD3XT.js +175 -0
  67. package/dist/chunk-GAOXD3XT.js.map +1 -0
  68. package/dist/{chunk-4DA7QPLA.cjs → chunk-GXFOGU7N.cjs} +5 -2
  69. package/dist/chunk-GXFOGU7N.cjs.map +1 -0
  70. package/dist/{chunk-I7HHI6QV.cjs → chunk-IDVRRRAK.cjs} +17 -9
  71. package/dist/chunk-IDVRRRAK.cjs.map +1 -0
  72. package/dist/{chunk-WQBRWOQT.cjs → chunk-JOPVMWTM.cjs} +3 -2
  73. package/dist/chunk-JOPVMWTM.cjs.map +1 -0
  74. package/dist/chunk-KC2GDBLS.cjs +84 -0
  75. package/dist/chunk-KC2GDBLS.cjs.map +1 -0
  76. package/dist/{chunk-K7JPTH3G.cjs → chunk-KNRSROWB.cjs} +132 -74
  77. package/dist/chunk-KNRSROWB.cjs.map +1 -0
  78. package/dist/{chunk-3AJE4SEG.js → chunk-KPA4AN4R.js} +125 -67
  79. package/dist/chunk-KPA4AN4R.js.map +1 -0
  80. package/dist/{chunk-QUW2RZTM.cjs → chunk-L46ROHUS.cjs} +51 -7
  81. package/dist/chunk-L46ROHUS.cjs.map +1 -0
  82. package/dist/chunk-L4EZKIEX.js +185 -0
  83. package/dist/chunk-L4EZKIEX.js.map +1 -0
  84. package/dist/{chunk-REK7AYOC.js → chunk-L5UKKZQN.js} +199 -32
  85. package/dist/chunk-L5UKKZQN.js.map +1 -0
  86. package/dist/chunk-NKPKR5BW.cjs +188 -0
  87. package/dist/chunk-NKPKR5BW.cjs.map +1 -0
  88. package/dist/{chunk-Y3QQN7PN.js → chunk-P2HKJ7P5.js} +13 -4
  89. package/dist/chunk-P2HKJ7P5.js.map +1 -0
  90. package/dist/{chunk-SA7NSSIQ.cjs → chunk-PI73NNOK.cjs} +13 -187
  91. package/dist/chunk-PI73NNOK.cjs.map +1 -0
  92. package/dist/{chunk-HXRD4B37.js → chunk-PU2Z5VWF.js} +1279 -556
  93. package/dist/chunk-PU2Z5VWF.js.map +1 -0
  94. package/dist/{chunk-H727JIG7.js → chunk-Q72BOAPK.js} +16 -8
  95. package/dist/chunk-Q72BOAPK.js.map +1 -0
  96. package/dist/{chunk-IBG6V56E.cjs → chunk-QFLB4EIJ.cjs} +2 -139
  97. package/dist/chunk-QFLB4EIJ.cjs.map +1 -0
  98. package/dist/{chunk-YVUJBEXE.cjs → chunk-RAMGUDJN.cjs} +16 -7
  99. package/dist/chunk-RAMGUDJN.cjs.map +1 -0
  100. package/dist/{chunk-LINKCEG4.cjs → chunk-ROJHKAQ4.cjs} +617 -73
  101. package/dist/chunk-ROJHKAQ4.cjs.map +1 -0
  102. package/dist/{chunk-5KVM3WEY.cjs → chunk-RSF3UU7H.cjs} +1330 -602
  103. package/dist/chunk-RSF3UU7H.cjs.map +1 -0
  104. package/dist/{chunk-V3LKPM3O.cjs → chunk-SHTTJMLT.cjs} +4 -2
  105. package/dist/chunk-SHTTJMLT.cjs.map +1 -0
  106. package/dist/chunk-SPBTLUN6.js +92 -0
  107. package/dist/chunk-SPBTLUN6.js.map +1 -0
  108. package/dist/{chunk-57P6MJKC.js → chunk-TXSZFA4G.js} +3 -3
  109. package/dist/chunk-TXSZFA4G.js.map +1 -0
  110. package/dist/chunk-UERVXYVK.cjs +99 -0
  111. package/dist/chunk-UERVXYVK.cjs.map +1 -0
  112. package/dist/{chunk-PDYFVNUX.cjs → chunk-V2TVSCV5.cjs} +16 -23
  113. package/dist/chunk-V2TVSCV5.cjs.map +1 -0
  114. package/dist/{chunk-DXHRBMGB.js → chunk-VO35MNPH.js} +12 -19
  115. package/dist/chunk-VO35MNPH.js.map +1 -0
  116. package/dist/{chunk-IA6AU5PI.cjs → chunk-WNCYAKF3.cjs} +3 -3
  117. package/dist/chunk-WNCYAKF3.cjs.map +1 -0
  118. package/dist/chunk-XEB7PH2E.js +81 -0
  119. package/dist/chunk-XEB7PH2E.js.map +1 -0
  120. package/dist/cli/index.cjs +5 -5
  121. package/dist/cli/index.cjs.map +1 -1
  122. package/dist/cli/index.js +5 -5
  123. package/dist/cli/index.js.map +1 -1
  124. package/dist/client.cjs +3 -3
  125. package/dist/client.d.cts +3 -3
  126. package/dist/client.d.ts +3 -3
  127. package/dist/client.js +1 -1
  128. package/dist/drizzle/index.cjs +14 -13
  129. package/dist/drizzle/index.d.cts +9 -7
  130. package/dist/drizzle/index.d.ts +9 -7
  131. package/dist/drizzle/index.js +5 -4
  132. package/dist/fields/index.cjs +21 -37
  133. package/dist/fields/index.d.cts +2 -22
  134. package/dist/fields/index.d.ts +2 -22
  135. package/dist/fields/index.js +1 -1
  136. package/dist/graphql/index.cjs +5 -4
  137. package/dist/graphql/index.d.cts +5 -3
  138. package/dist/graphql/index.d.ts +5 -3
  139. package/dist/graphql/index.js +3 -2
  140. package/dist/index-CJXPB_ot.d.ts +276 -0
  141. package/dist/index-CaTNnLGd.d.cts +276 -0
  142. package/dist/index.cjs +304 -162
  143. package/dist/index.cjs.map +1 -1
  144. package/dist/index.d.cts +129 -205
  145. package/dist/index.d.ts +129 -205
  146. package/dist/index.js +172 -33
  147. package/dist/index.js.map +1 -1
  148. package/dist/integration.cjs +2 -2
  149. package/dist/integration.js +1 -1
  150. package/dist/mongo-auth-adapter-ISOM7FSS.cjs +17 -0
  151. package/dist/{mongo-auth-adapter-NHHUJHVH.cjs.map → mongo-auth-adapter-ISOM7FSS.cjs.map} +1 -1
  152. package/dist/mongo-auth-adapter-MO6STCV3.js +4 -0
  153. package/dist/{mongo-auth-adapter-NJQUUCTP.js.map → mongo-auth-adapter-MO6STCV3.js.map} +1 -1
  154. package/dist/mongodb/index.cjs +8 -7
  155. package/dist/mongodb/index.d.cts +5 -7
  156. package/dist/mongodb/index.d.ts +5 -7
  157. package/dist/mongodb/index.js +4 -3
  158. package/dist/postgres-auth-adapter-DWDR7P5G.js +5 -0
  159. package/dist/{postgres-auth-adapter-3T2NKTSE.js.map → postgres-auth-adapter-DWDR7P5G.js.map} +1 -1
  160. package/dist/postgres-auth-adapter-WRWSJD4E.cjs +14 -0
  161. package/dist/{postgres-auth-adapter-7IEENCKQ.cjs.map → postgres-auth-adapter-WRWSJD4E.cjs.map} +1 -1
  162. package/dist/redis-adapter-HGTPWIGV.js +4 -0
  163. package/dist/{redis-adapter-VQXD7ESY.js.map → redis-adapter-HGTPWIGV.js.map} +1 -1
  164. package/dist/redis-adapter-KJ3YOOT6.cjs +13 -0
  165. package/dist/{redis-adapter-D2E2S3GB.cjs.map → redis-adapter-KJ3YOOT6.cjs.map} +1 -1
  166. package/dist/rest/index.cjs +15 -14
  167. package/dist/rest/index.d.cts +4 -4
  168. package/dist/rest/index.d.ts +4 -4
  169. package/dist/rest/index.js +13 -12
  170. package/dist/{schema-5PHL5IVB.js → schema-6I5OFR4Z.js} +3 -3
  171. package/dist/{schema-5PHL5IVB.js.map → schema-6I5OFR4Z.js.map} +1 -1
  172. package/dist/{schema-37SE2F4B.cjs → schema-TTFE4467.cjs} +14 -14
  173. package/dist/{schema-37SE2F4B.cjs.map → schema-TTFE4467.cjs.map} +1 -1
  174. package/dist/sqlite-adapter-6GEUSVXQ.js +4 -0
  175. package/dist/{sqlite-adapter-TR3U3W6Q.js.map → sqlite-adapter-6GEUSVXQ.js.map} +1 -1
  176. package/dist/sqlite-adapter-CSIZE5SX.cjs +13 -0
  177. package/dist/{sqlite-adapter-LVK5PS4T.cjs.map → sqlite-adapter-CSIZE5SX.cjs.map} +1 -1
  178. package/dist/templates/index.cjs +133 -31
  179. package/dist/templates/index.d.cts +52 -9
  180. package/dist/templates/index.d.ts +52 -9
  181. package/dist/templates/index.js +3 -1
  182. package/dist/trpc/index.cjs +13 -12
  183. package/dist/trpc/index.d.cts +55 -49
  184. package/dist/trpc/index.d.ts +55 -49
  185. package/dist/trpc/index.js +4 -3
  186. package/dist/{types-D6ZLRGbH.d.cts → types-CpjuXbe7.d.cts} +2 -0
  187. package/dist/{types-D6ZLRGbH.d.ts → types-CpjuXbe7.d.ts} +2 -0
  188. package/dist/{types-Bs1up4yP.d.ts → types-CyCQ6SAI.d.ts} +28 -2
  189. package/dist/{types-J3R9nVsZ.d.cts → types-DJxD9394.d.cts} +28 -2
  190. package/dist/{types-VtjUxIMp.d.cts → types-Z6FBiqa2.d.cts} +35 -14
  191. package/dist/{types-VtjUxIMp.d.ts → types-Z6FBiqa2.d.ts} +35 -14
  192. package/package.json +22 -4
  193. package/dist/bootstrap-AKAUP6F6.cjs +0 -32
  194. package/dist/bootstrap-JCML6NFO.js +0 -7
  195. package/dist/chunk-2KVHZE6O.cjs.map +0 -1
  196. package/dist/chunk-2OL4O2TH.cjs.map +0 -1
  197. package/dist/chunk-35U3FROB.js.map +0 -1
  198. package/dist/chunk-3AJE4SEG.js.map +0 -1
  199. package/dist/chunk-3J4MFTI3.js +0 -3872
  200. package/dist/chunk-3J4MFTI3.js.map +0 -1
  201. package/dist/chunk-3ZFYL34R.js.map +0 -1
  202. package/dist/chunk-4DA7QPLA.cjs.map +0 -1
  203. package/dist/chunk-57P6MJKC.js.map +0 -1
  204. package/dist/chunk-5KVM3WEY.cjs.map +0 -1
  205. package/dist/chunk-6IMPH6WV.cjs +0 -3897
  206. package/dist/chunk-6IMPH6WV.cjs.map +0 -1
  207. package/dist/chunk-ATBOUGQP.cjs +0 -513
  208. package/dist/chunk-ATBOUGQP.cjs.map +0 -1
  209. package/dist/chunk-DXHRBMGB.js.map +0 -1
  210. package/dist/chunk-ES5HNFFT.js.map +0 -1
  211. package/dist/chunk-FXYP2HA6.js.map +0 -1
  212. package/dist/chunk-H727JIG7.js.map +0 -1
  213. package/dist/chunk-HXRD4B37.js.map +0 -1
  214. package/dist/chunk-I7HHI6QV.cjs.map +0 -1
  215. package/dist/chunk-IA6AU5PI.cjs.map +0 -1
  216. package/dist/chunk-IBG6V56E.cjs.map +0 -1
  217. package/dist/chunk-K7JPTH3G.cjs.map +0 -1
  218. package/dist/chunk-LINKCEG4.cjs.map +0 -1
  219. package/dist/chunk-OHVB4AJ7.js.map +0 -1
  220. package/dist/chunk-PDYFVNUX.cjs.map +0 -1
  221. package/dist/chunk-Q23JB3KL.js +0 -488
  222. package/dist/chunk-Q23JB3KL.js.map +0 -1
  223. package/dist/chunk-QPPDLRNR.js.map +0 -1
  224. package/dist/chunk-QUW2RZTM.cjs.map +0 -1
  225. package/dist/chunk-QXIQWPAP.js.map +0 -1
  226. package/dist/chunk-R3XIBBAW.cjs +0 -34
  227. package/dist/chunk-R3XIBBAW.cjs.map +0 -1
  228. package/dist/chunk-REK7AYOC.js.map +0 -1
  229. package/dist/chunk-SA7NSSIQ.cjs.map +0 -1
  230. package/dist/chunk-SDMNUYVU.js +0 -30
  231. package/dist/chunk-SDMNUYVU.js.map +0 -1
  232. package/dist/chunk-V3LKPM3O.cjs.map +0 -1
  233. package/dist/chunk-VJT6P4N6.cjs.map +0 -1
  234. package/dist/chunk-WOWUL7ZY.js.map +0 -1
  235. package/dist/chunk-WQBRWOQT.cjs.map +0 -1
  236. package/dist/chunk-Y3N7UUDO.js.map +0 -1
  237. package/dist/chunk-Y3QQN7PN.js.map +0 -1
  238. package/dist/chunk-YVUJBEXE.cjs.map +0 -1
  239. package/dist/index-CLp-DRKA.d.ts +0 -64
  240. package/dist/index-DfO7G4kN.d.cts +0 -64
  241. package/dist/mongo-auth-adapter-NHHUJHVH.cjs +0 -17
  242. package/dist/mongo-auth-adapter-NJQUUCTP.js +0 -4
  243. package/dist/postgres-auth-adapter-3T2NKTSE.js +0 -5
  244. package/dist/postgres-auth-adapter-7IEENCKQ.cjs +0 -14
  245. package/dist/redis-adapter-D2E2S3GB.cjs +0 -13
  246. package/dist/redis-adapter-VQXD7ESY.js +0 -4
  247. package/dist/sqlite-adapter-LVK5PS4T.cjs +0 -13
  248. package/dist/sqlite-adapter-TR3U3W6Q.js +0 -4
package/dist/chunk-KNRSROWB.cjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/api/trpc/context.ts","../src/api/trpc/procedures.ts","../src/api/trpc/router.ts"],"names":["createWebhookService","extractApiKeyFromRequest","validateApiKey","createApiKeyContext","WEBHOOK_EVENTS","hasApiKeyPermission","hasPermission","evaluateAccess"],"mappings":";;;;;;;AAsCA,eAAsB,cAAc,OAAA,EAOX;AACvB,EAAA,MAAM,cAAA,GAAiBA,sCAAA,CAAqB,OAAA,CAAQ,EAAE,CAAA;AAEtD,EAAA,MAAM,WAAA,GAA2B;AAAA,IAC/B,IAAI,OAAA,CAAQ,EAAA;AAAA,IACZ,UAAU,OAAA,CAAQ,QAAA;AAAA,IAClB,KAAK,OAAA,CAAQ,GAAA;AAAA,IACb,MAAM,OAAA,CAAQ,IAAA;AAAA,IACd,UAAU,OAAA,CAAQ,QAAA;AAAA,IAClB,cAAA;AAAA,IACA,UAAU,OAAA,CAAQ;AAAA,GACpB;AAEA,EAAA,MAAM,SAAA,GAAYC,0CAAA,CAAyB,OAAA,CAAQ,GAAU,CAAA;AAC7D,EAAA,IAAI,SAAA,EAAW;AACb,IAAA,MAAM,MAAA,GAAS,MAAMC,gCAAA,CAAe,SAAA,EAAW,QAAQ,EAAE,CAAA;AACzD,IAAA,IAAI,OAAO,KAAA,EAAO;AAChB,MAAA,WAAA,CAAY,IAAA,GAAQ,MAAA,CAAO,IAAA,IAAiB,OAAA,CAAQ,IAAA;AACpD,MAAA,WAAA,CAAY,QAAA,GAAW,MAAA,CAAO,QAAA,IAAY,OAAA,CAAQ,QAAA;AAClD,MAAA,WAAA,CAAY,MAAA,GAASC,sCAAoB,MAAM,CAAA;AAAA,IACjD;AAAA,EACF;AAEA,EAAA,OAAO,WAAA;AACT;;;ACtDA,IAAM,oBAAA,GAGF;AAAA,EACF,MAAA,EAAQ;AAAA,IACN,QAAQC,gCAAA,CAAe,YAAA;AAAA,IACvB,QAAQA,gCAAA,CAAe,YAAA;AAAA,IACvB,QAAQA,gCAAA,CAAe;AAAA;AAE3B,CAAA;AAEA,SAAS,eAAA,CACP,YACA,SAAA,EACc;AACd,EAAA,MAAM,MAAA,GAAS,qBAAqB,UAAU,CAAA;AAC9C,EAAA,IAAI,MAAA,EAAQ,OAAO,MAAA,CAAO,SAAS,CAAA;AACnC,EAAA,OAAO,cAAc,SAAS,CAAA,CAAA;AAChC;AAEA,eAAe,cAAA,CACb,GAAA,EACA,KAAA,EACA,OAAA,EAMA;AACA,EAAA,IAAI,CAAC,IAAI,cAAA,EAAgB;AACzB,EAAA,IAAI;AACF,IAAA,MAAM,GAAA,CAAI,cAAA,CAAe,OAAA,CAAQ,KAAA,EAAO;AAAA,MACtC,YAAY,OAAA,CAAQ,UAAA;AAAA,MACpB,WAAW,OAAA,CAAQ,SAAA;AAAA,MACnB,MAAM,OAAA,CAAQ,IAAA;AAAA,MACd,cAAc,OAAA,CAAQ,YAAA;AAAA,MACtB,MAAM,GAAA,CAAI,IAAA,GACN,EAAE,EAAA,EAAI,IAAI,IAAA,CAAK,EAAA,EAAI,KAAA,EAAO,GAAA,CAAI,KAAK,KAAA,EAAO,IAAA,EAAM,GAAA,CAAI,IAAA,CAAK,MAAK,GAC9D,KAAA,CAAA;AAAA,MACJ,UAAU,GAAA,CAAI;AAAA,KACf,CAAA;AAAA,EACH,SAAS,GAAA,EAAK;AACZ,IAAA,OAAA,CAAQ,KAAA,CAAM,CAAA,4BAAA,EAA+B,KAAK,CAAA,CAAA,CAAA,EAAK,GAAG,CAAA;AAAA,EAC5D;AACF;AAMA,eAAe,eAAA,CACb,MAAA,EACA,SAAA,EACA,GAAA,EACe;AACf,EAAA,MAAM,UAAA,GAAa,MAAA,CAAO,MAAA,GAAS,SAAS,CAAA;AAG5C,EAAA,MAAM,SAAS,GAAA,CAAI,MAAA;AACnB,EAAA,IAAI,UAAU,MAAA,CAAO,WAAA,IAAe,MAAA,CAAO,WAAA,CAAY,SAAS,CAAA,EAAG;AACjE,IAAA,MAAM,WAAW,MAAA,CAAO,IAAA;AACxB,IAAA,MAAM,SAAS,SAAA,KAAc,MAAA,GAAS,MAAA,GAAS,SAAA,KAAc,WAAW,QAAA,GAAW,QAAA;AACnF,IAAA,MAAM,UAAA,GAAa,CAAA,EAAG,QAAQ,CAAA,CAAA,EAAI,MAAM,CAAA,CAAA;AACxC,IAAA,IACE,CAACC,qCAAA,CAAoB,MAAA,CAAO,WAAA,EAAa,UAAU,CAAA,IACnD,CAACA,qCAAA,CAAoB,MAAA,CAAO,WAAA,EAAa,CAAA,EAAG,QAAQ,QAAQ,CAAA,EAC5D;AACA,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,0CAAA,EAA6C,UAAU,CAAA,CAAE,CAAA;AAAA,IAC3E;AAAA,EACF;AAGA,EAAA,IAAI,IAAI,IAAA,EAAM;AACZ,IAAA,MAAM,WAAW,MAAA,CAAO,IAAA;AACxB,IAAA,MAAM,MAAA,GAAS,cAAc,MAAA,GAAS,MAAA,GAAS,cAAc,QAAA,GAAW,QAAA,GAAW,SAAA,KAAc,QAAA,GAAW,QAAA,GAAW,QAAA;AACvH,IAAA,MAAM,UAAA,GAAa,CAAA,EAAG,QAAQ,CAAA,CAAA,EAAI,MAAM,CAAA,CAAA;AACxC,IAAA,MAAM,iBAAA,GAAoBC,+BAAA;AAAA,MACxB,EAAE,EAAA,EAAI,GAAA,CAAI,IAAA,CAAK,EAAA,EAAI,KAAA,EAAO,GAAA,CAAI,IAAA,CAAK,KAAA,EAAO,IAAA,EAAM,GAAA,CAAI,IAAA,CAAK,IAAA,EAAK;AAAA,MAC9D;AAAA,KACF;AACA,IAAA,IAAI,CAAC,qBAAqB,CAACA,+BAAA;AAAA,MACzB,EAAE,EAAA,EAAI,GAAA,CAAI,IAAA,CAAK,EAAA,EAAI,KAAA,EAAO,GAAA,CAAI,IAAA,CAAK,KAAA,EAAO,IAAA,EAAM,GAAA,CAAI,IAAA,CAAK,IAAA,EAAK;AAAA,MAC9D,GAAG,QAAQ,CAAA,MAAA;AAAA,KACb,EAAG;AACD,MAAA,IAAI,CAAC,UAAA,EAAY;AACf,QAAA,MAAM,IAAI,KAAA,CAAM,CAAA,uCAAA,EAA0C,UAAU,CAAA,CAAE,CAAA;AAAA,MACxE;AAAA,IACF;AAAA,EACF;AAEA,EAAA,IAAI,UAAA,EAAY;AACd,IAAA,MAAM,OAAA,GAAU,MAAMC,gCAAA,CAAe,UAAA,EAAY;AAAA,MAC/C,KAAK,GAAA,CAAI,GAAA;AAAA,MACT,MAAM,GAAA,CAAI,IAAA;AAAA,MACV,UAAU,GAAA,CAAI;AAAA,KACf,CAAA;AACD,IAAA,IAAI,OAAA,KAAY,KAAA,EAAO,MAAM,IAAI,MAAM,eAAe,CAAA;AAAA,EACxD,WAAW,CAAC,GAAA,CAAI,IAAA,IAAQ,CAAC,IAAI,MAAA,EAAQ;AACnC,IAAA,MAAM,IAAI,MAAM,wCAAwC,CAAA;AAAA,EAC1D;AAGA,EAAA,IAAI,IAAI,QAAA,EAAU;AAChB,IAAA,GAAA,CAAI,EAAA,CAAG,iBAAiB,EAAE,QAAA,EAAU,IAAI,QAAA,EAAU,MAAA,EAAQ,IAAI,IAAA,EAAM,EAAA,IAAM,IAAI,IAAA,EAAM,GAAA,CAAI,MAAM,IAAA,EAAM,YAAA,EAAc,IAAI,IAAA,EAAM,IAAA,KAAS,eAAe,CAAA;AAAA,EACtJ;AACF;AAMO,SAAS,oBAAoB,GAAA,EAAkB;AACpD,EAAA,OAAO,OAAO,KAAA,KASR;AACJ,IAAA,MAAM,EAAE,YAAY,KAAA,EAAO,IAAA,EAAM,OAAO,IAAA,EAAM,KAAA,EAAO,MAAA,EAAQ,KAAA,EAAM,GAAI,KAAA;AACvE,IAAA,MAAM,MAAA,GAAS,GAAA,CAAI,QAAA,CAAS,aAAA,CAAc,UAAU,CAAA;AAEpD,IAAA,MAAM,eAAA,CAAgB,MAAA,EAAQ,MAAA,EAAQ,GAAG,CAAA;AAGzC,IAAA,IAAI,MAAA,CAAO,OAAO,UAAA,EAAY;AAC5B,MAAA,KAAA,MAAW,IAAA,IAAQ,MAAA,CAAO,KAAA,CAAM,UAAA,EAAY;AAC1C,QAAA,MAAM,IAAA,CAAK;AAAA,UACT,UAAA;AAAA,UACA,KAAK,GAAA,CAAI,GAAA;AAAA,UACT,MAAM,GAAA,CAAI,IAAA;AAAA,UACV,UAAU,GAAA,CAAI,QAAA;AAAA,UACd,SAAA,EAAW,MAAA;AAAA,UACX;AAAA,SACD,CAAA;AAAA,MACH;AAAA,IACF;AAEA,IAAA,MAAM,OAAA,GAAU,KAAA,IAAS,CAAC,CAAC,GAAA,CAAI,IAAA;AAG/B,IAAA,MAAM,MAAA,GAAS,MAAM,GAAA,CAAI,EAAA,CAAG,IAAA,CAAK;AAAA,MAC/B,UAAA;AAAA,MACA,KAAA,EAAO,SAAS,EAAC;AAAA,MACjB,IAAA;AAAA,MACA,OAAO,KAAA,IAAS,EAAA;AAAA,MAChB,MAAM,IAAA,IAAQ,CAAA;AAAA,MACd,OAAO,KAAA,IAAS,CAAA;AAAA,MAChB,UAAU,GAAA,CAAI,QAAA;AAAA,MACd,MAAA;AAAA,MACA,KAAA,EAAO;AAAA,KACR,CAAA;AAGD,IAAA,IAAI,MAAA,CAAO,OAAO,SAAA,EAAW;AAC3B,MAAA,KAAA,MAAW,GAAA,IAAO,OAAO,IAAA,EAAM;AAC7B,QAAA,KAAA,MAAW,IAAA,IAAQ,MAAA,CAAO,KAAA,CAAM,SAAA,EAAW;AACzC,UAAA,MAAM,IAAA,CAAK;AAAA,YACT,UAAA;AAAA,YACA,GAAA;AAAA,YACA,KAAK,GAAA,CAAI,GAAA;AAAA,YACT,MAAM,GAAA,CAAI,IAAA;AAAA,YACV,UAAU,GAAA,CAAI,QAAA;AAAA,YACd,SAAA,EAAW;AAAA,WACZ,CAAA;AAAA,QACH;AAAA,MACF;AAAA,IACF;AAEA,IAAA,OAAO,MAAA;AAAA,EACT,CAAA;AACF;AAEO,SAAS,wBAAwB,GAAA,EAAkB;AACxD,EAAA,OAAO,OAAO,KAAA,KAMR;AACJ,IAAA,MAAM,EAAE,UAAA,EAAY,EAAA,EAAI,KAAA,EAAO,MAAA,EAAQ,OAAM,GAAI,KAAA;AACjD,IAAA,MAAM,MAAA,GAAS,GAAA,CAAI,QAAA,CAAS,aAAA,CAAc,UAAU,CAAA;AAEpD,IAAA,MAAM,eAAA,CAAgB,MAAA,EAAQ,MAAA,EAAQ,GAAG,CAAA;AAEzC,IAAA,MAAM,OAAA,GAAU,KAAA,IAAS,CAAC,CAAC,GAAA,CAAI,IAAA;AAE/B,IAAA,MAAM,GAAA,GAAM,MAAM,GAAA,CAAI,EAAA,CAAG,QAAA,CAAS;AAAA,MAChC,UAAA;AAAA,MACA,EAAA;AAAA,MACA,OAAO,KAAA,IAAS,CAAA;AAAA,MAChB,UAAU,GAAA,CAAI,QAAA;AAAA,MACd,MAAA;AAAA,MACA,KAAA,EAAO;AAAA,KACR,CAAA;AAED,IAAA,IAAI,CAAC,KAAK,MAAM,IAAI,MAAM,CAAA,oBAAA,EAAuB,UAAU,CAAA,CAAA,EAAI,EAAE,CAAA,CAAE,CAAA;AAGnE,IAAA,IAAI,MAAA,CAAO,OAAO,SAAA,EAAW;AAC3B,MAAA,KAAA,MAAW,IAAA,IAAQ,MAAA,CAAO,KAAA,CAAM,SAAA,EAAW;AACzC,QAAA,MAAM,IAAA,CAAK;AAAA,UACT,UAAA;AAAA,UACA,GAAA;AAAA,UACA,KAAK,GAAA,CAAI,GAAA;AAAA,UACT,MAAM,GAAA,CAAI,IAAA;AAAA,UACV,UAAU,GAAA,CAAI,QAAA;AAAA,UACd,SAAA,EAAW,MAAA;AAAA,UACX;AAAA,SACD,CAAA;AAAA,MACH;AAAA,IACF;AAEA,IAAA,OAAO,GAAA;AAAA,EACT,CAAA;AACF;AAEO,SAAS,sBAAsB,GAAA,EAAkB;AACtD,EAAA,OAAO,OAAO,KAAA,KAKR;AACJ,IAAA,MAAM,EAAE,UAAA,EAAY,IAAA,EAAM,KAAA,EAAO,QAAO,GAAI,KAAA;AAC5C,IAAA,MAAM,MAAA,GAAS,GAAA,CAAI,QAAA,CAAS,aAAA,CAAc,UAAU,CAAA;AAEpD,IAAA,MAAM,eAAA,CAAgB,MAAA,EAAQ,QAAA,EAAU,GAAG,CAAA;AAG3C,IAAA,MAAM,MAAA,GAAS,GAAA,CAAI,QAAA,CAAS,kBAAA,CAAmB,UAAU,CAAA;AACzD,IAAA,MAAM,SAAA,GAAY,MAAA,CAAO,KAAA,CAAM,IAAI,CAAA;AAGnC,IAAA,IAAI,MAAA,CAAO,YAAA,IAAgB,GAAA,CAAI,QAAA,EAAU;AACvC,MAAA,SAAA,CAAU,WAAW,GAAA,CAAI,QAAA;AAAA,IAC3B;AAGA,IAAA,IAAI,MAAA,CAAO,OAAO,cAAA,EAAgB;AAChC,MAAA,KAAA,MAAW,IAAA,IAAQ,MAAA,CAAO,KAAA,CAAM,cAAA,EAAgB;AAC9C,QAAA,MAAM,UAAA,GAAa,MAAM,IAAA,CAAK;AAAA,UAC5B,UAAA;AAAA,UACA,IAAA,EAAM,SAAA;AAAA,UACN,KAAK,GAAA,CAAI,GAAA;AAAA,UACT,MAAM,GAAA,CAAI,IAAA;AAAA,UACV,UAAU,GAAA,CAAI,QAAA;AAAA,UACd,SAAA,EAAW;AAAA,SACZ,CAAA;AACD,QAAA,IAAI,UAAA,EAAY,MAAA,CAAO,MAAA,CAAO,SAAA,EAAW,UAAU,CAAA;AAAA,MACrD;AAAA,IACF;AAGA,IAAA,IAAI,MAAA,CAAO,OAAO,YAAA,EAAc;AAC9B,MAAA,KAAA,MAAW,IAAA,IAAQ,MAAA,CAAO,KAAA,CAAM,YAAA,EAAc;AAC5C,QAAA,MAAM,UAAA,GAAa,MAAM,IAAA,CAAK;AAAA,UAC5B,UAAA;AAAA,UACA,IAAA,EAAM,SAAA;AAAA,UACN,KAAK,GAAA,CAAI,GAAA;AAAA,UACT,MAAM,GAAA,CAAI,IAAA;AAAA,UACV,UAAU,GAAA,CAAI,QAAA;AAAA,UACd,SAAA,EAAW;AAAA,SACZ,CAAA;AACD,QAAA,IAAI,UAAA,EAAY,MAAA,CAAO,MAAA,CAAO,SAAA,EAAW,UAAU,CAAA;AAAA,MACrD;AAAA,IACF;AAGA,IAAA,MAAM,GAAA,GAAM,MAAM,GAAA,CAAI,EAAA,CAAG,MAAA,CAAO;AAAA,MAC9B,UAAA;AAAA,MACA,IAAA,EAAM,SAAA;AAAA,MACN,OAAO,KAAA,IAAS,CAAA;AAAA,MAChB,UAAU,GAAA,CAAI,QAAA;AAAA,MACd;AAAA,KACD,CAAA;AAGD,IAAA,IAAI,MAAA,CAAO,OAAO,WAAA,EAAa;AAC7B,MAAA,KAAA,MAAW,IAAA,IAAQ,MAAA,CAAO,KAAA,CAAM,WAAA,EAAa;AAC3C,QAAA,MAAM,IAAA,CAAK;AAAA,UACT,UAAA;AAAA,UACA,GAAA;AAAA,UACA,IAAA,EAAM,SAAA;AAAA,UACN,KAAK,GAAA,CAAI,GAAA;AAAA,UACT,MAAM,GAAA,CAAI,IAAA;AAAA,UACV,UAAU,GAAA,CAAI,QAAA;AAAA,UACd,SAAA,EAAW;AAAA,SACZ,CAAA;AAAA,MACH;AAAA,IACF;AAEA,IAAA,MAAM,cAAA,CAAe,GAAA,EAAK,eAAA,CAAgB,UAAA,EAAY,QAAQ,CAAA,EAAG;AAAA,MAC/D,UAAA;AAAA,MACA,IAAA,EAAM,GAAA;AAAA,MACN,SAAA,EAAW;AAAA,KACZ,CAAA;AAED,IAAA,OAAO,EAAE,GAAA,EAAI;AAAA,EACf,CAAA;AACF;AAEO,SAAS,sBAAsB,GAAA,EAAkB;AACtD,EAAA,OAAO,OAAO,KAAA,KAOR;AACJ,IAAA,MAAM,EAAE,UAAA,EAAY,EAAA,EAAI,MAAM,KAAA,EAAO,MAAA,EAAQ,eAAc,GAAI,KAAA;AAC/D,IAAA,MAAM,MAAA,GAAS,GAAA,CAAI,QAAA,CAAS,aAAA,CAAc,UAAU,CAAA;AAEpD,IAAA,MAAM,eAAA,CAAgB,MAAA,EAAQ,QAAA,EAAU,GAAG,CAAA;AAG3C,IAAA,MAAM,WAAA,GAAc,MAAM,GAAA,CAAI,EAAA,CAAG,QAAA,CAAS;AAAA,MACxC,UAAA;AAAA,MACA,EAAA;AAAA,MACA,UAAU,GAAA,CAAI,QAAA;AAAA,MACd,KAAA,EAAO;AAAA,KACR,CAAA;AAED,IAAA,IAAI,CAAC,WAAA;AACH,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,oBAAA,EAAuB,UAAU,CAAA,CAAA,EAAI,EAAE,CAAA,CAAE,CAAA;AAG3D,IAAA,IAAI,aAAA,IAAkB,WAAA,CAAoC,SAAA,IAAa,aAAA,KAAmB,YAAoC,SAAA,EAAW;AACvI,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,8CAAA,EAAiD,aAAa,CAAA,qBAAA,EAAyB,WAAA,CAAoC,SAAS,CAAA,CAAE,CAAA;AAAA,IACxJ;AAGA,IAAA,MAAM,MAAA,GAAS,GAAA,CAAI,QAAA,CAAS,kBAAA,CAAmB,UAAU,CAAA;AACzD,IAAA,MAAM,SAAA,GAAY,MAAA,CAAO,KAAA,CAAM,IAAI,CAAA;AAGnC,IAAA,IAAI,MAAA,CAAO,YAAA,IAAgB,GAAA,CAAI,QAAA,EAAU;AACvC,MAAA,SAAA,CAAU,WAAW,GAAA,CAAI,QAAA;AAAA,IAC3B;AAGA,IAAA,IAAI,MAAA,CAAO,OAAO,cAAA,EAAgB;AAChC,MAAA,KAAA,MAAW,IAAA,IAAQ,MAAA,CAAO,KAAA,CAAM,cAAA,EAAgB;AAC9C,QAAA,MAAM,UAAA,GAAa,MAAM,IAAA,CAAK;AAAA,UAC5B,UAAA;AAAA,UACA,IAAA,EAAM,SAAA;AAAA,UACN,WAAA;AAAA,UACA,KAAK,GAAA,CAAI,GAAA;AAAA,UACT,MAAM,GAAA,CAAI,IAAA;AAAA,UACV,UAAU,GAAA,CAAI,QAAA;AAAA,UACd,SAAA,EAAW,QAAA;AAAA,UACX;AAAA,SACD,CAAA;AACD,QAAA,IAAI,UAAA,EAAY,MAAA,CAAO,MAAA,CAAO,SAAA,EAAW,UAAU,CAAA;AAAA,MACrD;AAAA,IACF;AAGA,IAAA,IAAI,MAAA,CAAO,OAAO,YAAA,EAAc;AAC9B,MAAA,KAAA,MAAW,IAAA,IAAQ,MAAA,CAAO,KAAA,CAAM,YAAA,EAAc;AAC5C,QAAA,MAAM,UAAA,GAAa,MAAM,IAAA,CAAK;AAAA,UAC5B,UAAA;AAAA,UACA,IAAA,EAAM,SAAA;AAAA,UACN,WAAA;AAAA,UACA,KAAK,GAAA,CAAI,GAAA;AAAA,UACT,MAAM,GAAA,CAAI,IAAA;AAAA,UACV,UAAU,GAAA,CAAI,QAAA;AAAA,UACd,SAAA,EAAW,QAAA;AAAA,UACX;AAAA,SACD,CAAA;AACD,QAAA,IAAI,UAAA,EAAY,MAAA,CAAO,MAAA,CAAO,SAAA,EAAW,UAAU,CAAA;AAAA,MACrD;AAAA,IACF;AAGA,IAAA,MAAM,GAAA,GAAM,MAAM,GAAA,CAAI,EAAA,CAAG,MAAA,CAAO;AAAA,MAC9B,UAAA;AAAA,MACA,EAAA;AAAA,MACA,IAAA,EAAM,SAAA;AAAA,MACN,OAAO,KAAA,IAAS,CAAA;AAAA,MAChB,UAAU,GAAA,CAAI,QAAA;AAAA,MACd;AAAA,KACD,CAAA;AAGD,IAAA,IAAI,MAAA,CAAO,OAAO,WAAA,EAAa;AAC7B,MAAA,KAAA,MAAW,IAAA,IAAQ,MAAA,CAAO,KAAA,CAAM,WAAA,EAAa;AAC3C,QAAA,MAAM,IAAA,CAAK;AAAA,UACT,UAAA;AAAA,UACA,GAAA;AAAA,UACA,IAAA,EAAM,SAAA;AAAA,UACN,WAAA;AAAA,UACA,KAAK,GAAA,CAAI,GAAA;AAAA,UACT,MAAM,GAAA,CAAI,IAAA;AAAA,UACV,UAAU,GAAA,CAAI,QAAA;AAAA,UACd,SAAA,EAAW,QAAA;AAAA,UACX;AAAA,SACD,CAAA;AAAA,MACH;AAAA,IACF;AAEA,IAAA,MAAM,cAAA,CAAe,GAAA,EAAK,eAAA,CAAgB,UAAA,EAAY,QAAQ,CAAA,EAAG;AAAA,MAC/D,UAAA;AAAA,MACA,IAAA,EAAM,GAAA;AAAA,MACN,YAAA,EAAc,WAAA;AAAA,MACd,SAAA,EAAW;AAAA,KACZ,CAAA;AAED,IAAA,OAAO,EAAE,GAAA,EAAI;AAAA,EACf,CAAA;AACF;AAEO,SAAS,sBAAsB,GAAA,EAAkB;AACtD,EAAA,OAAO,OAAO,KAAA,KAA8C;AAC1D,IAAA,MAAM,EAAE,UAAA,EAAY,EAAA,EAAG,GAAI,KAAA;AAC3B,IAAA,MAAM,MAAA,GAAS,GAAA,CAAI,QAAA,CAAS,aAAA,CAAc,UAAU,CAAA;AAEpD,IAAA,MAAM,eAAA,CAAgB,MAAA,EAAQ,QAAA,EAAU,GAAG,CAAA;AAG3C,IAAA,MAAM,WAAA,GAAc,MAAM,GAAA,CAAI,EAAA,CAAG,QAAA,CAAS;AAAA,MACxC,UAAA;AAAA,MACA,EAAA;AAAA,MACA,UAAU,GAAA,CAAI,QAAA;AAAA,MACd,KAAA,EAAO;AAAA,KACR,CAAA;AAED,IAAA,IAAI,CAAC,WAAA;AACH,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,oBAAA,EAAuB,UAAU,CAAA,CAAA,EAAI,EAAE,CAAA,CAAE,CAAA;AAG3D,IAAA,IAAI,MAAA,CAAO,OAAO,YAAA,EAAc;AAC9B,MAAA,KAAA,MAAW,IAAA,IAAQ,MAAA,CAAO,KAAA,CAAM,YAAA,EAAc;AAC5C,QAAA,MAAM,IAAA,CAAK;AAAA,UACT,UAAA;AAAA,UACA,GAAA,EAAK,WAAA;AAAA,UACL,KAAK,GAAA,CAAI,GAAA;AAAA,UACT,MAAM,GAAA,CAAI,IAAA;AAAA,UACV,UAAU,GAAA,CAAI,QAAA;AAAA,UACd,SAAA,EAAW,QAAA;AAAA,UACX;AAAA,SACD,CAAA;AAAA,MACH;AAAA,IACF;AAGA,IAAA,MAAM,GAAA,GAAM,MAAM,GAAA,CAAI,EAAA,CAAG,MAAA,CAAO;AAAA,MAC9B,UAAA;AAAA,MACA,EAAA;AAAA,MACA,UAAU,GAAA,CAAI;AAAA,KACf,CAAA;AAGD,IAAA,IAAI,MAAA,CAAO,OAAO,WAAA,EAAa;AAC7B,MAAA,KAAA,MAAW,IAAA,IAAQ,MAAA,CAAO,KAAA,CAAM,WAAA,EAAa;AAC3C,QAAA,MAAM,IAAA,CAAK;AAAA,UACT,UAAA;AAAA,UACA,GAAA;AAAA,UACA,KAAK,GAAA,CAAI,GAAA;AAAA,UACT,MAAM,GAAA,CAAI,IAAA;AAAA,UACV,UAAU,GAAA,CAAI,QAAA;AAAA,UACd,SAAA,EAAW,QAAA;AAAA,UACX;AAAA,SACD,CAAA;AAAA,MACH;AAAA,IACF;AAEA,IAAA,MAAM,cAAA,CAAe,GAAA,EAAK,eAAA,CAAgB,UAAA,EAAY,QAAQ,CAAA,EAAG;AAAA,MAC/D,UAAA;AAAA,MACA,IAAA,EAAM,GAAA;AAAA,MACN,YAAA,EAAc,WAAA;AAAA,MACd,SAAA,EAAW;AAAA,KACZ,CAAA;AAED,IAAA,OAAO,EAAE,GAAA,EAAK,OAAA,EAAS,sBAAA,EAAuB;AAAA,EAChD,CAAA;AACF;AAEO,SAAS,qBAAqB,GAAA,EAAkB;AACrD,EAAA,OAAO,OAAO,KAAA,KAA+D;AAC3E,IAAA,MAAM,EAAE,UAAA,EAAY,KAAA,EAAM,GAAI,KAAA;AAC9B,IAAA,MAAM,MAAA,GAAS,GAAA,CAAI,QAAA,CAAS,aAAA,CAAc,UAAU,CAAA;AAEpD,IAAA,MAAM,eAAA,CAAgB,MAAA,EAAQ,MAAA,EAAQ,GAAG,CAAA;AAEzC,IAAA,MAAM,SAAA,GAAY,MAAM,GAAA,CAAI,EAAA,CAAG,KAAA,CAAM;AAAA,MACnC,UAAA;AAAA,MACA,KAAA,EAAO,SAAS,EAAC;AAAA,MACjB,UAAU,GAAA,CAAI;AAAA,KACf,CAAA;AAED,IAAA,OAAO,EAAE,SAAA,EAAU;AAAA,EACrB,CAAA;AACF;;;ACjfA,eAAe,qBAAA,CACb,MAAA,EACA,SAAA,EACA,GAAA,EACe;AACf,EAAA,MAAM,UAAA,GAAa,MAAA,CAAO,MAAA,GAAS,SAAS,CAAA;AAE5C,EAAA,MAAM,SAAS,GAAA,CAAI,MAAA;AACnB,EAAA,IAAI,UAAU,MAAA,CAAO,WAAA,IAAe,MAAA,CAAO,WAAA,CAAY,SAAS,CAAA,EAAG;AACjE,IAAA,MAAM,UAAA,GAAa,WAAW,SAAS,CAAA,CAAA;AACvC,IAAA,IACE,CAACF,qCAAA,CAAoB,MAAA,CAAO,WAAA,EAAa,UAAU,CAAA,IACnD,CAACA,qCAAA,CAAoB,MAAA,CAAO,WAAA,EAAa,eAAe,CAAA,EACxD;AACA,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,0CAAA,EAA6C,UAAU,CAAA,CAAE,CAAA;AAAA,IAC3E;AAAA,EACF;AAEA,EAAA,IAAI,IAAI,IAAA,EAAM;AACZ,IAAA,MAAM,UAAA,GAAa,WAAW,SAAS,CAAA,CAAA;AACvC,IAAA,MAAM,iBAAA,GAAoBC,+BAAA;AAAA,MACxB,EAAE,EAAA,EAAI,GAAA,CAAI,IAAA,CAAK,EAAA,EAAI,KAAA,EAAO,GAAA,CAAI,IAAA,CAAK,KAAA,EAAO,IAAA,EAAM,GAAA,CAAI,IAAA,CAAK,IAAA,EAAK;AAAA,MAC9D;AAAA,KACF;AACA,IAAA,IAAI,CAAC,qBAAqB,CAACA,+BAAA;AAAA,MACzB,EAAE,EAAA,EAAI,GAAA,CAAI,IAAA,CAAK,EAAA,EAAI,KAAA,EAAO,GAAA,CAAI,IAAA,CAAK,KAAA,EAAO,IAAA,EAAM,GAAA,CAAI,IAAA,CAAK,IAAA,EAAK;AAAA,MAC9D;AAAA,KACF,EAAG;AACD,MAAA,IAAI,CAAC,UAAA,EAAY;AACf,QAAA,MAAM,IAAI,KAAA,CAAM,CAAA,uCAAA,EAA0C,UAAU,CAAA,CAAE,CAAA;AAAA,MACxE;AAAA,IACF;AAAA,EACF;AAEA,EAAA,IAAI,UAAA,EAAY;AACd,IAAA,MAAM,OAAA,GAAU,MAAMC,gCAAA,CAAe,UAAA,EAAY;AAAA,MAC/C,KAAK,GAAA,CAAI,GAAA;AAAA,MACT,MAAM,GAAA,CAAI,IAAA;AAAA,MACV,UAAU,GAAA,CAAI;AAAA,KACf,CAAA;AACD,IAAA,IAAI,OAAA,KAAY,KAAA,EAAO,MAAM,IAAI,MAAM,eAAe,CAAA;AAAA,EACxD,WAAW,CAAC,GAAA,CAAI,IAAA,IAAQ,CAAC,IAAI,MAAA,EAAQ;AACnC,IAAA,MAAM,IAAI,MAAM,wCAAwC,CAAA;AAAA,EAC1D;AAEA,EAAA,IAAI,IAAI,QAAA,EAAU;AAChB,IAAA,GAAA,CAAI,EAAA,CAAG,iBAAiB,EAAE,QAAA,EAAU,IAAI,QAAA,EAAU,MAAA,EAAQ,IAAI,IAAA,EAAM,EAAA,IAAM,IAAI,IAAA,EAAM,GAAA,CAAI,MAAM,IAAA,EAAM,YAAA,EAAc,IAAI,IAAA,EAAM,IAAA,KAAS,eAAe,CAAA;AAAA,EACtJ;AACF;AAMO,SAAS,oBAAoB,GAAA,EAAkB;AACpD,EAAA,MAAM,SAA8B,EAAC;AACrC,EAAA,MAAM,WAAA,GAAc,GAAA,CAAI,QAAA,CAAS,cAAA,EAAe;AAEhD,EAAA,KAAA,MAAW,cAAc,WAAA,EAAa;AACpC,IAAA,MAAM,OAAO,UAAA,CAAW,IAAA;AAExB,IAAA,MAAA,CAAO,IAAI,CAAA,GAAI;AAAA,MACb,IAAA,EAAM,oBAAoB,GAAG,CAAA;AAAA,MAC7B,QAAA,EAAU,wBAAwB,GAAG,CAAA;AAAA,MACrC,MAAA,EAAQ,sBAAsB,GAAG,CAAA;AAAA,MACjC,MAAA,EAAQ,sBAAsB,GAAG,CAAA;AAAA,MACjC,MAAA,EAAQ,sBAAsB,GAAG,CAAA;AAAA,MACjC,KAAA,EAAO,qBAAqB,GAAG;AAAA,KACjC;AAAA,EACF;AAGA,EAAA,MAAM,OAAA,GAAU,GAAA,CAAI,QAAA,CAAS,UAAA,EAAW;AACxC,EAAA,KAAA,MAAW,UAAU,OAAA,EAAS;AAC5B,IAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAEpB,IAAA,MAAA,CAAO,CAAA,SAAA,EAAY,IAAI,CAAA,CAAE,CAAA,GAAI;AAAA,MAC3B,KAAK,YAAY;AACf,QAAA,MAAM,qBAAA,CAAsB,MAAA,EAAQ,MAAA,EAAQ,GAAG,CAAA;AAE/C,QAAA,MAAM,GAAA,GAAM,MAAM,GAAA,CAAI,EAAA,CAAG,OAAA,CAAQ;AAAA,UAC/B,UAAA,EAAY,YAAY,IAAI,CAAA,CAAA;AAAA,UAC5B,OAAO,EAAC;AAAA,UACR,UAAU,GAAA,CAAI;AAAA,SACf,CAAA;AACD,QAAA,OAAO,GAAA;AAAA,MACT,CAAA;AAAA,MACA,MAAA,EAAQ,OAAO,KAAA,KAAyC;AACtD,QAAA,MAAM,qBAAA,CAAsB,MAAA,EAAQ,QAAA,EAAU,GAAG,CAAA;AAEjD,QAAA,MAAM,MAAA,GAAS,GAAA,CAAI,QAAA,CAAS,YAAA,CAAa,IAAI,CAAA;AAC7C,QAAA,MAAM,SAAA,GAAY,MAAA,CAAO,KAAA,CAAM,KAAA,CAAM,IAAI,CAAA;AAEzC,QAAA,MAAM,QAAA,GAAW,MAAM,GAAA,CAAI,EAAA,CAAG,OAAA,CAAQ;AAAA,UACpC,UAAA,EAAY,YAAY,IAAI,CAAA,CAAA;AAAA,UAC5B,OAAO,EAAC;AAAA,UACR,UAAU,GAAA,CAAI;AAAA,SACf,CAAA;AAED,QAAA,IAAI,GAAA;AACJ,QAAA,IAAI,QAAA,EAAU;AACZ,UAAA,GAAA,GAAM,MAAM,GAAA,CAAI,EAAA,CAAG,MAAA,CAAO;AAAA,YACxB,UAAA,EAAY,YAAY,IAAI,CAAA,CAAA;AAAA,YAC5B,IAAI,QAAA,CAAS,EAAA;AAAA,YACb,IAAA,EAAM,SAAA;AAAA,YACN,UAAU,GAAA,CAAI;AAAA,WACf,CAAA;AAAA,QACH,CAAA,MAAO;AACL,UAAA,GAAA,GAAM,MAAM,GAAA,CAAI,EAAA,CAAG,MAAA,CAAO;AAAA,YACxB,UAAA,EAAY,YAAY,IAAI,CAAA,CAAA;AAAA,YAC5B,IAAA,EAAM,EAAE,GAAG,SAAA,EAAW,IAAI,IAAA,EAAK;AAAA,YAC/B,UAAU,GAAA,CAAI;AAAA,WACf,CAAA;AAAA,QACH;AAEA,QAAA,OAAO,GAAA;AAAA,MACT;AAAA,KACF;AAAA,EACF;AAEA,EAAA,OAAO,MAAA;AACT;AAyDO,SAAS,iBAAiB,GAAA,EAA8B;AAE7D,EAAA,MAAM,SAAA,GAAY,GAAA,CAAI,QAAA,EAAU,MAAA,EAAQ,SAAA;AACxC,EAAA,IAAI,SAAA,EAAW,gBAAgB,KAAA,EAAO;AACpC,IAAA,MAAM,IAAI,MAAM,sBAAsB,CAAA;AAAA,EACxC;AAEA,EAAA,OAAO,oBAAoB,GAAG,CAAA;AAChC","file":"chunk-KNRSROWB.cjs","sourcesContent":["import type { BaseAdapter } from \"../../registry/types.js\";\nimport type { User, Request } from \"../../hooks/types.js\";\nimport {\n validateApiKey,\n extractApiKeyFromRequest,\n createApiKeyContext,\n} from \"../../auth/api-key.js\";\nimport { createWebhookService } from \"../../webhooks/index.js\";\n\n// ============================================================================\n// Context Types\n// ============================================================================\n\nexport interface ApiKeyContext {\n userId: string;\n user: Partial<User>;\n permissions: string[];\n apiKeyId: string;\n tenantId?: string;\n role?: string;\n}\n\nexport interface KyroContext {\n db: BaseAdapter;\n registry: any;\n user?: User;\n tenantID?: string;\n req: Request;\n apiKey?: ApiKeyContext;\n webhookService?: ReturnType<typeof createWebhookService>;\n settings?: Record<string, any>;\n [key: string]: any;\n}\n\n// ============================================================================\n// Context Factory\n// ============================================================================\n\nexport async function createContext(options: {\n db: BaseAdapter;\n registry: any;\n req: Request;\n user?: User;\n tenantID?: string;\n settings?: Record<string, any>;\n}): Promise<KyroContext> {\n const webhookService = createWebhookService(options.db);\n\n const baseContext: KyroContext = {\n db: options.db,\n registry: options.registry,\n req: options.req,\n user: options.user,\n tenantID: options.tenantID,\n webhookService,\n settings: options.settings,\n };\n\n const apiKeyRaw = extractApiKeyFromRequest(options.req as any);\n if (apiKeyRaw) {\n const result = await validateApiKey(apiKeyRaw, options.db);\n if (result.valid) {\n baseContext.user = (result.user as User) || options.user;\n baseContext.tenantID = result.tenantId || options.tenantID;\n baseContext.apiKey = createApiKeyContext(result) as ApiKeyContext;\n }\n }\n\n return baseContext;\n}\n","import type {\n FindArgs,\n CreateArgs,\n UpdateArgs,\n DeleteArgs,\n} from \"../../registry/types.js\";\nimport { runHooks } from \"../../hooks/types.js\";\nimport { evaluateAccess } from \"../../access/types.js\";\nexport type { KyroContext, ApiKeyContext } from \"./context.js\";\nexport { createContext } from \"./context.js\";\nimport type { KyroContext, ApiKeyContext } from \"./context.js\";\nimport { WEBHOOK_EVENTS, type WebhookEvent } from \"../../webhooks/types.js\";\nimport { hasApiKeyPermission } from \"../../auth/api-key.js\";\nimport { hasPermission } from \"../../auth/rbac/checker.js\";\n\nconst COLLECTION_EVENT_MAP: Record<\n string,\n { create: WebhookEvent; update: WebhookEvent; delete: WebhookEvent }\n> = {\n _media: {\n create: WEBHOOK_EVENTS.MEDIA_UPLOAD,\n update: WEBHOOK_EVENTS.MEDIA_UPLOAD,\n delete: WEBHOOK_EVENTS.MEDIA_DELETE,\n },\n};\n\nfunction getWebhookEvent(\n collection: string,\n operation: \"create\" | \"update\" | \"delete\",\n): WebhookEvent {\n const mapped = COLLECTION_EVENT_MAP[collection];\n if (mapped) return mapped[operation];\n return `collection.${operation}` as WebhookEvent;\n}\n\nasync function triggerWebhook(\n ctx: KyroContext,\n event: WebhookEvent,\n payload: {\n collection: string;\n data: unknown;\n previousData?: unknown;\n operation: \"create\" | \"update\" | \"delete\";\n },\n) {\n if (!ctx.webhookService) return;\n try {\n await ctx.webhookService.trigger(event, {\n collection: payload.collection,\n operation: payload.operation,\n data: payload.data,\n previousData: payload.previousData,\n user: ctx.user\n ? { id: ctx.user.id, email: ctx.user.email, role: ctx.user.role }\n : undefined,\n tenantId: ctx.tenantID,\n });\n } catch (err) {\n console.error(`[Webhook] Failed to trigger ${event}:`, err);\n }\n}\n\n// ============================================================================\n// Access Check Helper\n// ============================================================================\n\nasync function checkTRPCAccess(\n config: { access?: any; slug: string },\n operation: \"read\" | \"create\" | \"update\" | \"delete\",\n ctx: KyroContext,\n): Promise<void> {\n const accessRule = config.access?.[operation];\n\n // API key permission check\n const apiKey = ctx.apiKey;\n if (apiKey && apiKey.permissions && apiKey.permissions.length > 0) {\n const resource = config.slug;\n const action = operation === \"read\" ? \"read\" : operation === \"create\" ? \"create\" : \"update\";\n const permission = `${resource}:${action}`;\n if (\n !hasApiKeyPermission(apiKey.permissions, permission) &&\n !hasApiKeyPermission(apiKey.permissions, `${resource}:admin`)\n ) {\n throw new Error(`Access denied: missing API key permission ${permission}`);\n }\n }\n\n // RBAC check for authenticated users\n if (ctx.user) {\n const resource = config.slug;\n const action = operation === \"read\" ? \"read\" : operation === \"create\" ? \"create\" : operation === \"update\" ? \"update\" : \"delete\";\n const permission = `${resource}:${action}`;\n const userHasPermission = hasPermission(\n { id: ctx.user.id, email: ctx.user.email, role: ctx.user.role } as any,\n permission,\n );\n if (!userHasPermission && !hasPermission(\n { id: ctx.user.id, email: ctx.user.email, role: ctx.user.role } as any,\n `${resource}:admin`,\n )) {\n if (!accessRule) {\n throw new Error(`Access denied: missing RBAC permission ${permission}`);\n }\n }\n }\n\n if (accessRule) {\n const allowed = await evaluateAccess(accessRule, {\n req: ctx.req,\n user: ctx.user,\n tenantID: ctx.tenantID,\n });\n if (allowed === false) throw new Error(\"Access denied\");\n } else if (!ctx.user && !ctx.apiKey) {\n throw new Error(\"Access denied: authentication required\");\n }\n\n // Set tenant context\n if (ctx.tenantID) {\n ctx.db.setTenantContext({ tenantId: ctx.tenantID, userId: ctx.user?.id ?? '', role: ctx.user?.role, isSuperAdmin: ctx.user?.role === 'super_admin' });\n }\n}\n\n// ============================================================================\n// CRUD Procedure Builders\n// ============================================================================\n\nexport function createFindProcedure(ctx: KyroContext) {\n return async (input: {\n collection: string;\n where?: Record<string, any>;\n sort?: string;\n limit?: number;\n page?: number;\n depth?: number;\n select?: string[];\n draft?: boolean;\n }) => {\n const { collection, where, sort, limit, page, depth, select, draft } = input;\n const config = ctx.registry.getCollection(collection);\n\n await checkTRPCAccess(config, \"read\", ctx);\n\n // Run beforeRead hooks\n if (config.hooks?.beforeRead) {\n for (const hook of config.hooks.beforeRead) {\n await hook({\n collection,\n req: ctx.req,\n user: ctx.user,\n tenantID: ctx.tenantID,\n operation: \"read\",\n where,\n });\n }\n }\n\n const isDraft = draft ?? !!ctx.user;\n\n // Execute query\n const result = await ctx.db.find({\n collection,\n where: where || {},\n sort,\n limit: limit || 10,\n page: page || 1,\n depth: depth || 0,\n tenantID: ctx.tenantID,\n select,\n draft: isDraft,\n });\n\n // Run afterRead hooks\n if (config.hooks?.afterRead) {\n for (const doc of result.docs) {\n for (const hook of config.hooks.afterRead) {\n await hook({\n collection,\n doc,\n req: ctx.req,\n user: ctx.user,\n tenantID: ctx.tenantID,\n operation: \"read\",\n });\n }\n }\n }\n\n return result;\n };\n}\n\nexport function createFindByIDProcedure(ctx: KyroContext) {\n return async (input: {\n collection: string;\n id: string;\n depth?: number;\n select?: string[];\n draft?: boolean;\n }) => {\n const { collection, id, depth, select, draft } = input;\n const config = ctx.registry.getCollection(collection);\n\n await checkTRPCAccess(config, \"read\", ctx);\n\n const isDraft = draft ?? !!ctx.user;\n\n const doc = await ctx.db.findByID({\n collection,\n id,\n depth: depth || 0,\n tenantID: ctx.tenantID,\n select,\n draft: isDraft,\n });\n\n if (!doc) throw new Error(`Document not found: ${collection}/${id}`);\n\n // Run afterRead hooks\n if (config.hooks?.afterRead) {\n for (const hook of config.hooks.afterRead) {\n await hook({\n collection,\n doc,\n req: ctx.req,\n user: ctx.user,\n tenantID: ctx.tenantID,\n operation: \"read\",\n id,\n });\n }\n }\n\n return doc;\n };\n}\n\nexport function createCreateProcedure(ctx: KyroContext) {\n return async (input: {\n collection: string;\n data: Record<string, any>;\n depth?: number;\n select?: string[];\n }) => {\n const { collection, data, depth, select } = input;\n const config = ctx.registry.getCollection(collection);\n\n await checkTRPCAccess(config, \"create\", ctx);\n\n // Validate with Zod\n const schema = ctx.registry.getCreateZodSchema(collection);\n const validated = schema.parse(data);\n\n // Add tenantID if scoped\n if (config.tenantScoped && ctx.tenantID) {\n validated.tenantID = ctx.tenantID;\n }\n\n // Run beforeValidate hooks\n if (config.hooks?.beforeValidate) {\n for (const hook of config.hooks.beforeValidate) {\n const hookResult = await hook({\n collection,\n data: validated,\n req: ctx.req,\n user: ctx.user,\n tenantID: ctx.tenantID,\n operation: \"create\",\n });\n if (hookResult) Object.assign(validated, hookResult);\n }\n }\n\n // Run beforeChange hooks\n if (config.hooks?.beforeChange) {\n for (const hook of config.hooks.beforeChange) {\n const hookResult = await hook({\n collection,\n data: validated,\n req: ctx.req,\n user: ctx.user,\n tenantID: ctx.tenantID,\n operation: \"create\",\n });\n if (hookResult) Object.assign(validated, hookResult);\n }\n }\n\n // Execute create\n const doc = await ctx.db.create({\n collection,\n data: validated,\n depth: depth || 0,\n tenantID: ctx.tenantID,\n select,\n });\n\n // Run afterChange hooks\n if (config.hooks?.afterChange) {\n for (const hook of config.hooks.afterChange) {\n await hook({\n collection,\n doc,\n data: validated,\n req: ctx.req,\n user: ctx.user,\n tenantID: ctx.tenantID,\n operation: \"create\",\n });\n }\n }\n\n await triggerWebhook(ctx, getWebhookEvent(collection, \"create\"), {\n collection,\n data: doc,\n operation: \"create\",\n });\n\n return { doc };\n };\n}\n\nexport function createUpdateProcedure(ctx: KyroContext) {\n return async (input: {\n collection: string;\n id: string;\n data: Record<string, any>;\n depth?: number;\n select?: string[];\n baseUpdatedAt?: string;\n }) => {\n const { collection, id, data, depth, select, baseUpdatedAt } = input;\n const config = ctx.registry.getCollection(collection);\n\n await checkTRPCAccess(config, \"update\", ctx);\n\n // Get original doc for hooks + conflict detection\n const originalDoc = await ctx.db.findByID({\n collection,\n id,\n tenantID: ctx.tenantID,\n draft: true,\n });\n\n if (!originalDoc)\n throw new Error(`Document not found: ${collection}/${id}`);\n\n // Revision conflict detection\n if (baseUpdatedAt && (originalDoc as Record<string, any>).updatedAt && baseUpdatedAt !== (originalDoc as Record<string, any>).updatedAt) {\n throw new Error(`Revision conflict: document has changed since ${baseUpdatedAt}. Current updatedAt: ${(originalDoc as Record<string, any>).updatedAt}`);\n }\n\n // Validate with Zod\n const schema = ctx.registry.getUpdateZodSchema(collection);\n const validated = schema.parse(data);\n\n // Add tenantID if scoped\n if (config.tenantScoped && ctx.tenantID) {\n validated.tenantID = ctx.tenantID;\n }\n\n // Run beforeValidate hooks\n if (config.hooks?.beforeValidate) {\n for (const hook of config.hooks.beforeValidate) {\n const hookResult = await hook({\n collection,\n data: validated,\n originalDoc,\n req: ctx.req,\n user: ctx.user,\n tenantID: ctx.tenantID,\n operation: \"update\",\n id,\n });\n if (hookResult) Object.assign(validated, hookResult);\n }\n }\n\n // Run beforeChange hooks\n if (config.hooks?.beforeChange) {\n for (const hook of config.hooks.beforeChange) {\n const hookResult = await hook({\n collection,\n data: validated,\n originalDoc,\n req: ctx.req,\n user: ctx.user,\n tenantID: ctx.tenantID,\n operation: \"update\",\n id,\n });\n if (hookResult) Object.assign(validated, hookResult);\n }\n }\n\n // Execute update\n const doc = await ctx.db.update({\n collection,\n id,\n data: validated,\n depth: depth || 0,\n tenantID: ctx.tenantID,\n select,\n });\n\n // Run afterChange hooks\n if (config.hooks?.afterChange) {\n for (const hook of config.hooks.afterChange) {\n await hook({\n collection,\n doc,\n data: validated,\n originalDoc,\n req: ctx.req,\n user: ctx.user,\n tenantID: ctx.tenantID,\n operation: \"update\",\n id,\n });\n }\n }\n\n await triggerWebhook(ctx, getWebhookEvent(collection, \"update\"), {\n collection,\n data: doc,\n previousData: originalDoc,\n operation: \"update\",\n });\n\n return { doc };\n };\n}\n\nexport function createDeleteProcedure(ctx: KyroContext) {\n return async (input: { collection: string; id: string }) => {\n const { collection, id } = input;\n const config = ctx.registry.getCollection(collection);\n\n await checkTRPCAccess(config, \"delete\", ctx);\n\n // Get original doc for hooks\n const originalDoc = await ctx.db.findByID({\n collection,\n id,\n tenantID: ctx.tenantID,\n draft: true,\n });\n\n if (!originalDoc)\n throw new Error(`Document not found: ${collection}/${id}`);\n\n // Run beforeDelete hooks\n if (config.hooks?.beforeDelete) {\n for (const hook of config.hooks.beforeDelete) {\n await hook({\n collection,\n doc: originalDoc,\n req: ctx.req,\n user: ctx.user,\n tenantID: ctx.tenantID,\n operation: \"delete\",\n id,\n });\n }\n }\n\n // Execute delete\n const doc = await ctx.db.delete({\n collection,\n id,\n tenantID: ctx.tenantID,\n });\n\n // Run afterDelete hooks\n if (config.hooks?.afterDelete) {\n for (const hook of config.hooks.afterDelete) {\n await hook({\n collection,\n doc,\n req: ctx.req,\n user: ctx.user,\n tenantID: ctx.tenantID,\n operation: \"delete\",\n id,\n });\n }\n }\n\n await triggerWebhook(ctx, getWebhookEvent(collection, \"delete\"), {\n collection,\n data: doc,\n previousData: originalDoc,\n operation: \"delete\",\n });\n\n return { doc, message: \"Deleted successfully\" };\n };\n}\n\nexport function createCountProcedure(ctx: KyroContext) {\n return async (input: { collection: string; where?: Record<string, any> }) => {\n const { collection, where } = input;\n const config = ctx.registry.getCollection(collection);\n\n await checkTRPCAccess(config, \"read\", ctx);\n\n const totalDocs = await ctx.db.count({\n collection,\n where: where || {},\n tenantID: ctx.tenantID,\n });\n\n return { totalDocs };\n };\n}\n","import type { KyroContext } from \"./context.js\";\nimport {\n createFindProcedure,\n createFindByIDProcedure,\n createCreateProcedure,\n createUpdateProcedure,\n createDeleteProcedure,\n createCountProcedure,\n} from \"./procedures.js\";\nimport { evaluateAccess } from \"../../access/types.js\";\nimport { hasPermission } from \"../../auth/rbac/checker.js\";\nimport { hasApiKeyPermission } from \"../../auth/api-key.js\";\n\n// ============================================================================\n// Global Access Check Helper\n// ============================================================================\n\nasync function checkGlobalAccessTRPC(\n global: { access?: any; slug: string },\n operation: \"read\" | \"update\",\n ctx: KyroContext,\n): Promise<void> {\n const accessRule = global.access?.[operation];\n\n const apiKey = ctx.apiKey;\n if (apiKey && apiKey.permissions && apiKey.permissions.length > 0) {\n const permission = `globals:${operation}`;\n if (\n !hasApiKeyPermission(apiKey.permissions, permission) &&\n !hasApiKeyPermission(apiKey.permissions, \"globals:admin\")\n ) {\n throw new Error(`Access denied: missing API key permission ${permission}`);\n }\n }\n\n if (ctx.user) {\n const permission = `globals:${operation}`;\n const userHasPermission = hasPermission(\n { id: ctx.user.id, email: ctx.user.email, role: ctx.user.role } as any,\n permission,\n );\n if (!userHasPermission && !hasPermission(\n { id: ctx.user.id, email: ctx.user.email, role: ctx.user.role } as any,\n \"globals:admin\",\n )) {\n if (!accessRule) {\n throw new Error(`Access denied: missing RBAC permission ${permission}`);\n }\n }\n }\n\n if (accessRule) {\n const allowed = await evaluateAccess(accessRule, {\n req: ctx.req,\n user: ctx.user,\n tenantID: ctx.tenantID,\n });\n if (allowed === false) throw new Error(\"Access denied\");\n } else if (!ctx.user && !ctx.apiKey) {\n throw new Error(\"Access denied: authentication required\");\n }\n\n if (ctx.tenantID) {\n ctx.db.setTenantContext({ tenantId: ctx.tenantID, userId: ctx.user?.id ?? '', role: ctx.user?.role, isSuperAdmin: ctx.user?.role === 'super_admin' });\n }\n}\n\n// ============================================================================\n// Dynamic Router Generator\n// ============================================================================\n\nexport function createDynamicRouter(ctx: KyroContext) {\n const router: Record<string, any> = {};\n const collections = ctx.registry.getCollections();\n\n for (const collection of collections) {\n const slug = collection.slug;\n\n router[slug] = {\n find: createFindProcedure(ctx),\n findByID: createFindByIDProcedure(ctx),\n create: createCreateProcedure(ctx),\n update: createUpdateProcedure(ctx),\n delete: createDeleteProcedure(ctx),\n count: createCountProcedure(ctx),\n };\n }\n\n // Add globals\n const globals = ctx.registry.getGlobals();\n for (const global of globals) {\n const slug = global.slug;\n\n router[`_globals_${slug}`] = {\n get: async () => {\n await checkGlobalAccessTRPC(global, \"read\", ctx);\n\n const doc = await ctx.db.findOne({\n collection: `_globals_${slug}`,\n where: {},\n tenantID: ctx.tenantID,\n });\n return doc;\n },\n update: async (input: { data: Record<string, any> }) => {\n await checkGlobalAccessTRPC(global, \"update\", ctx);\n\n const schema = ctx.registry.getZodSchema(slug);\n const validated = schema.parse(input.data);\n\n const existing = await ctx.db.findOne({\n collection: `_globals_${slug}`,\n where: {},\n tenantID: ctx.tenantID,\n });\n\n let doc;\n if (existing) {\n doc = await ctx.db.update({\n collection: `_globals_${slug}`,\n id: existing.id,\n data: validated,\n tenantID: ctx.tenantID,\n });\n } else {\n doc = await ctx.db.create({\n collection: `_globals_${slug}`,\n data: { ...validated, id: slug },\n tenantID: ctx.tenantID,\n });\n }\n\n return doc;\n },\n };\n }\n\n return router;\n}\n\n// ============================================================================\n// Typed Router Interface\n// ============================================================================\n\nexport interface KyroRouter {\n [collectionSlug: string]: {\n find: (input: {\n where?: Record<string, any>;\n sort?: string;\n limit?: number;\n page?: number;\n depth?: number;\n select?: string[];\n draft?: boolean;\n }) => Promise<{\n docs: any[];\n totalDocs: number;\n limit: number;\n totalPages: number;\n page: number;\n pagingCounter: number;\n hasPrevPage: boolean;\n hasNextPage: boolean;\n prevPage: number | null;\n nextPage: number | null;\n }>;\n findByID: (input: {\n id: string;\n depth?: number;\n select?: string[];\n draft?: boolean;\n }) => Promise<any>;\n create: (input: {\n data: Record<string, any>;\n depth?: number;\n select?: string[];\n }) => Promise<{ doc: any }>;\n update: (input: {\n id: string;\n data: Record<string, any>;\n depth?: number;\n select?: string[];\n baseUpdatedAt?: string;\n }) => Promise<{ doc: any }>;\n delete: (input: { id: string }) => Promise<{ doc: any; message: string }>;\n count: (input: {\n where?: Record<string, any>;\n }) => Promise<{ totalDocs: number }>;\n };\n}\n\n// ============================================================================\n// Server Entry\n// ============================================================================\n\nexport function createKyroServer(ctx: KyroContext): KyroRouter {\n // Check if tRPC is disabled in settings\n const apiAccess = ctx.settings?.access?.apiAccess;\n if (apiAccess?.trpcEnabled === false) {\n throw new Error(\"tRPC API is disabled\");\n }\n\n return createDynamicRouter(ctx) as KyroRouter;\n}\n"]}
package/dist/{chunk-3AJE4SEG.js → chunk-KPA4AN4R.js} RENAMED
@@ -1,5 +1,6 @@
1
- import { WEBHOOK_EVENTS, createWebhookService, extractApiKeyFromRequest, validateApiKey, createApiKeyContext } from './chunk-QXIQWPAP.js';
2
- import { evaluateAccess } from './chunk-SDMNUYVU.js';
1
+ import { WEBHOOK_EVENTS, createWebhookService } from './chunk-3UK5XBVJ.js';
2
+ import { extractApiKeyFromRequest, validateApiKey, createApiKeyContext, hasApiKeyPermission, evaluateAccess } from './chunk-CJONKRHJ.js';
3
+ import { hasPermission } from './chunk-L4EZKIEX.js';
3
4
 
4
5
  // src/api/trpc/context.ts
5
6
  async function createContext(options) {
@@ -53,18 +54,53 @@ async function triggerWebhook(ctx, event, payload) {
53
54
  console.error(`[Webhook] Failed to trigger ${event}:`, err);
54
55
  }
55
56
  }
57
+ async function checkTRPCAccess(config, operation, ctx) {
58
+ const accessRule = config.access?.[operation];
59
+ const apiKey = ctx.apiKey;
60
+ if (apiKey && apiKey.permissions && apiKey.permissions.length > 0) {
61
+ const resource = config.slug;
62
+ const action = operation === "read" ? "read" : operation === "create" ? "create" : "update";
63
+ const permission = `${resource}:${action}`;
64
+ if (!hasApiKeyPermission(apiKey.permissions, permission) && !hasApiKeyPermission(apiKey.permissions, `${resource}:admin`)) {
65
+ throw new Error(`Access denied: missing API key permission ${permission}`);
66
+ }
67
+ }
68
+ if (ctx.user) {
69
+ const resource = config.slug;
70
+ const action = operation === "read" ? "read" : operation === "create" ? "create" : operation === "update" ? "update" : "delete";
71
+ const permission = `${resource}:${action}`;
72
+ const userHasPermission = hasPermission(
73
+ { id: ctx.user.id, email: ctx.user.email, role: ctx.user.role },
74
+ permission
75
+ );
76
+ if (!userHasPermission && !hasPermission(
77
+ { id: ctx.user.id, email: ctx.user.email, role: ctx.user.role },
78
+ `${resource}:admin`
79
+ )) {
80
+ if (!accessRule) {
81
+ throw new Error(`Access denied: missing RBAC permission ${permission}`);
82
+ }
83
+ }
84
+ }
85
+ if (accessRule) {
86
+ const allowed = await evaluateAccess(accessRule, {
87
+ req: ctx.req,
88
+ user: ctx.user,
89
+ tenantID: ctx.tenantID
90
+ });
91
+ if (allowed === false) throw new Error("Access denied");
92
+ } else if (!ctx.user && !ctx.apiKey) {
93
+ throw new Error("Access denied: authentication required");
94
+ }
95
+ if (ctx.tenantID) {
96
+ ctx.db.setTenantContext({ tenantId: ctx.tenantID, userId: ctx.user?.id ?? "", role: ctx.user?.role, isSuperAdmin: ctx.user?.role === "super_admin" });
97
+ }
98
+ }
56
99
  function createFindProcedure(ctx) {
57
100
  return async (input) => {
58
- const { collection, where, sort, limit, page, depth, select } = input;
101
+ const { collection, where, sort, limit, page, depth, select, draft } = input;
59
102
  const config = ctx.registry.getCollection(collection);
60
- if (config.access?.read) {
61
- const allowed = await evaluateAccess(config.access.read, {
62
- req: ctx.req,
63
- user: ctx.user,
64
- tenantID: ctx.tenantID
65
- });
66
- if (allowed === false) throw new Error("Access denied");
67
- }
103
+ await checkTRPCAccess(config, "read", ctx);
68
104
  if (config.hooks?.beforeRead) {
69
105
  for (const hook of config.hooks.beforeRead) {
70
106
  await hook({
@@ -77,6 +113,7 @@ function createFindProcedure(ctx) {
77
113
  });
78
114
  }
79
115
  }
116
+ const isDraft = draft ?? !!ctx.user;
80
117
  const result = await ctx.db.find({
81
118
  collection,
82
119
  where: where || {},
@@ -85,7 +122,8 @@ function createFindProcedure(ctx) {
85
122
  page: page || 1,
86
123
  depth: depth || 0,
87
124
  tenantID: ctx.tenantID,
88
- select
125
+ select,
126
+ draft: isDraft
89
127
  });
90
128
  if (config.hooks?.afterRead) {
91
129
  for (const doc of result.docs) {
@@ -106,23 +144,17 @@ function createFindProcedure(ctx) {
106
144
  }
107
145
  function createFindByIDProcedure(ctx) {
108
146
  return async (input) => {
109
- const { collection, id, depth, select } = input;
147
+ const { collection, id, depth, select, draft } = input;
110
148
  const config = ctx.registry.getCollection(collection);
111
- if (config.access?.read) {
112
- const allowed = await evaluateAccess(config.access.read, {
113
- req: ctx.req,
114
- user: ctx.user,
115
- tenantID: ctx.tenantID,
116
- id
117
- });
118
- if (allowed === false) throw new Error("Access denied");
119
- }
149
+ await checkTRPCAccess(config, "read", ctx);
150
+ const isDraft = draft ?? !!ctx.user;
120
151
  const doc = await ctx.db.findByID({
121
152
  collection,
122
153
  id,
123
154
  depth: depth || 0,
124
155
  tenantID: ctx.tenantID,
125
- select
156
+ select,
157
+ draft: isDraft
126
158
  });
127
159
  if (!doc) throw new Error(`Document not found: ${collection}/${id}`);
128
160
  if (config.hooks?.afterRead) {
@@ -145,15 +177,7 @@ function createCreateProcedure(ctx) {
145
177
  return async (input) => {
146
178
  const { collection, data, depth, select } = input;
147
179
  const config = ctx.registry.getCollection(collection);
148
- if (config.access?.create) {
149
- const allowed = await evaluateAccess(config.access.create, {
150
- req: ctx.req,
151
- user: ctx.user,
152
- tenantID: ctx.tenantID,
153
- data
154
- });
155
- if (allowed === false) throw new Error("Access denied");
156
- }
180
+ await checkTRPCAccess(config, "create", ctx);
157
181
  const schema = ctx.registry.getCreateZodSchema(collection);
158
182
  const validated = schema.parse(data);
159
183
  if (config.tenantScoped && ctx.tenantID) {
@@ -215,25 +239,19 @@ function createCreateProcedure(ctx) {
215
239
  }
216
240
  function createUpdateProcedure(ctx) {
217
241
  return async (input) => {
218
- const { collection, id, data, depth, select } = input;
242
+ const { collection, id, data, depth, select, baseUpdatedAt } = input;
219
243
  const config = ctx.registry.getCollection(collection);
244
+ await checkTRPCAccess(config, "update", ctx);
220
245
  const originalDoc = await ctx.db.findByID({
221
246
  collection,
222
247
  id,
223
- tenantID: ctx.tenantID
248
+ tenantID: ctx.tenantID,
249
+ draft: true
224
250
  });
225
251
  if (!originalDoc)
226
252
  throw new Error(`Document not found: ${collection}/${id}`);
227
- if (config.access?.update) {
228
- const allowed = await evaluateAccess(config.access.update, {
229
- req: ctx.req,
230
- user: ctx.user,
231
- tenantID: ctx.tenantID,
232
- id,
233
- doc: originalDoc,
234
- data
235
- });
236
- if (allowed === false) throw new Error("Access denied");
253
+ if (baseUpdatedAt && originalDoc.updatedAt && baseUpdatedAt !== originalDoc.updatedAt) {
254
+ throw new Error(`Revision conflict: document has changed since ${baseUpdatedAt}. Current updatedAt: ${originalDoc.updatedAt}`);
237
255
  }
238
256
  const schema = ctx.registry.getUpdateZodSchema(collection);
239
257
  const validated = schema.parse(data);
@@ -306,23 +324,15 @@ function createDeleteProcedure(ctx) {
306
324
  return async (input) => {
307
325
  const { collection, id } = input;
308
326
  const config = ctx.registry.getCollection(collection);
327
+ await checkTRPCAccess(config, "delete", ctx);
309
328
  const originalDoc = await ctx.db.findByID({
310
329
  collection,
311
330
  id,
312
- tenantID: ctx.tenantID
331
+ tenantID: ctx.tenantID,
332
+ draft: true
313
333
  });
314
334
  if (!originalDoc)
315
335
  throw new Error(`Document not found: ${collection}/${id}`);
316
- if (config.access?.delete) {
317
- const allowed = await evaluateAccess(config.access.delete, {
318
- req: ctx.req,
319
- user: ctx.user,
320
- tenantID: ctx.tenantID,
321
- id,
322
- doc: originalDoc
323
- });
324
- if (allowed === false) throw new Error("Access denied");
325
- }
326
336
  if (config.hooks?.beforeDelete) {
327
337
  for (const hook of config.hooks.beforeDelete) {
328
338
  await hook({
@@ -367,14 +377,7 @@ function createCountProcedure(ctx) {
367
377
  return async (input) => {
368
378
  const { collection, where } = input;
369
379
  const config = ctx.registry.getCollection(collection);
370
- if (config.access?.read) {
371
- const allowed = await evaluateAccess(config.access.read, {
372
- req: ctx.req,
373
- user: ctx.user,
374
- tenantID: ctx.tenantID
375
- });
376
- if (allowed === false) throw new Error("Access denied");
377
- }
380
+ await checkTRPCAccess(config, "read", ctx);
378
381
  const totalDocs = await ctx.db.count({
379
382
  collection,
380
383
  where: where || {},
@@ -385,6 +388,44 @@ function createCountProcedure(ctx) {
385
388
  }
386
389
 
387
390
  // src/api/trpc/router.ts
391
+ async function checkGlobalAccessTRPC(global, operation, ctx) {
392
+ const accessRule = global.access?.[operation];
393
+ const apiKey = ctx.apiKey;
394
+ if (apiKey && apiKey.permissions && apiKey.permissions.length > 0) {
395
+ const permission = `globals:${operation}`;
396
+ if (!hasApiKeyPermission(apiKey.permissions, permission) && !hasApiKeyPermission(apiKey.permissions, "globals:admin")) {
397
+ throw new Error(`Access denied: missing API key permission ${permission}`);
398
+ }
399
+ }
400
+ if (ctx.user) {
401
+ const permission = `globals:${operation}`;
402
+ const userHasPermission = hasPermission(
403
+ { id: ctx.user.id, email: ctx.user.email, role: ctx.user.role },
404
+ permission
405
+ );
406
+ if (!userHasPermission && !hasPermission(
407
+ { id: ctx.user.id, email: ctx.user.email, role: ctx.user.role },
408
+ "globals:admin"
409
+ )) {
410
+ if (!accessRule) {
411
+ throw new Error(`Access denied: missing RBAC permission ${permission}`);
412
+ }
413
+ }
414
+ }
415
+ if (accessRule) {
416
+ const allowed = await evaluateAccess(accessRule, {
417
+ req: ctx.req,
418
+ user: ctx.user,
419
+ tenantID: ctx.tenantID
420
+ });
421
+ if (allowed === false) throw new Error("Access denied");
422
+ } else if (!ctx.user && !ctx.apiKey) {
423
+ throw new Error("Access denied: authentication required");
424
+ }
425
+ if (ctx.tenantID) {
426
+ ctx.db.setTenantContext({ tenantId: ctx.tenantID, userId: ctx.user?.id ?? "", role: ctx.user?.role, isSuperAdmin: ctx.user?.role === "super_admin" });
427
+ }
428
+ }
388
429
  function createDynamicRouter(ctx) {
389
430
  const router = {};
390
431
  const collections = ctx.registry.getCollections();
@@ -404,6 +445,7 @@ function createDynamicRouter(ctx) {
404
445
  const slug = global.slug;
405
446
  router[`_globals_${slug}`] = {
406
447
  get: async () => {
448
+ await checkGlobalAccessTRPC(global, "read", ctx);
407
449
  const doc = await ctx.db.findOne({
408
450
  collection: `_globals_${slug}`,
409
451
  where: {},
@@ -412,13 +454,29 @@ function createDynamicRouter(ctx) {
412
454
  return doc;
413
455
  },
414
456
  update: async (input) => {
457
+ await checkGlobalAccessTRPC(global, "update", ctx);
415
458
  const schema = ctx.registry.getZodSchema(slug);
416
459
  const validated = schema.parse(input.data);
417
- const doc = await ctx.db.create({
460
+ const existing = await ctx.db.findOne({
418
461
  collection: `_globals_${slug}`,
419
- data: { ...validated, id: slug },
462
+ where: {},
420
463
  tenantID: ctx.tenantID
421
464
  });
465
+ let doc;
466
+ if (existing) {
467
+ doc = await ctx.db.update({
468
+ collection: `_globals_${slug}`,
469
+ id: existing.id,
470
+ data: validated,
471
+ tenantID: ctx.tenantID
472
+ });
473
+ } else {
474
+ doc = await ctx.db.create({
475
+ collection: `_globals_${slug}`,
476
+ data: { ...validated, id: slug },
477
+ tenantID: ctx.tenantID
478
+ });
479
+ }
422
480
  return doc;
423
481
  }
424
482
  };
@@ -434,5 +492,5 @@ function createKyroServer(ctx) {
434
492
  }
435
493
 
436
494
  export { createContext, createCountProcedure, createCreateProcedure, createDeleteProcedure, createDynamicRouter, createFindByIDProcedure, createFindProcedure, createKyroServer, createUpdateProcedure };
437
- //# sourceMappingURL=chunk-3AJE4SEG.js.map
438
- //# sourceMappingURL=chunk-3AJE4SEG.js.map
495
+ //# sourceMappingURL=chunk-KPA4AN4R.js.map
496
+ //# sourceMappingURL=chunk-KPA4AN4R.js.map
package/dist/chunk-KPA4AN4R.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/api/trpc/context.ts","../src/api/trpc/procedures.ts","../src/api/trpc/router.ts"],"names":[],"mappings":";;;;;AAsCA,eAAsB,cAAc,OAAA,EAOX;AACvB,EAAA,MAAM,cAAA,GAAiB,oBAAA,CAAqB,OAAA,CAAQ,EAAE,CAAA;AAEtD,EAAA,MAAM,WAAA,GAA2B;AAAA,IAC/B,IAAI,OAAA,CAAQ,EAAA;AAAA,IACZ,UAAU,OAAA,CAAQ,QAAA;AAAA,IAClB,KAAK,OAAA,CAAQ,GAAA;AAAA,IACb,MAAM,OAAA,CAAQ,IAAA;AAAA,IACd,UAAU,OAAA,CAAQ,QAAA;AAAA,IAClB,cAAA;AAAA,IACA,UAAU,OAAA,CAAQ;AAAA,GACpB;AAEA,EAAA,MAAM,SAAA,GAAY,wBAAA,CAAyB,OAAA,CAAQ,GAAU,CAAA;AAC7D,EAAA,IAAI,SAAA,EAAW;AACb,IAAA,MAAM,MAAA,GAAS,MAAM,cAAA,CAAe,SAAA,EAAW,QAAQ,EAAE,CAAA;AACzD,IAAA,IAAI,OAAO,KAAA,EAAO;AAChB,MAAA,WAAA,CAAY,IAAA,GAAQ,MAAA,CAAO,IAAA,IAAiB,OAAA,CAAQ,IAAA;AACpD,MAAA,WAAA,CAAY,QAAA,GAAW,MAAA,CAAO,QAAA,IAAY,OAAA,CAAQ,QAAA;AAClD,MAAA,WAAA,CAAY,MAAA,GAAS,oBAAoB,MAAM,CAAA;AAAA,IACjD;AAAA,EACF;AAEA,EAAA,OAAO,WAAA;AACT;;;ACtDA,IAAM,oBAAA,GAGF;AAAA,EACF,MAAA,EAAQ;AAAA,IACN,QAAQ,cAAA,CAAe,YAAA;AAAA,IACvB,QAAQ,cAAA,CAAe,YAAA;AAAA,IACvB,QAAQ,cAAA,CAAe;AAAA;AAE3B,CAAA;AAEA,SAAS,eAAA,CACP,YACA,SAAA,EACc;AACd,EAAA,MAAM,MAAA,GAAS,qBAAqB,UAAU,CAAA;AAC9C,EAAA,IAAI,MAAA,EAAQ,OAAO,MAAA,CAAO,SAAS,CAAA;AACnC,EAAA,OAAO,cAAc,SAAS,CAAA,CAAA;AAChC;AAEA,eAAe,cAAA,CACb,GAAA,EACA,KAAA,EACA,OAAA,EAMA;AACA,EAAA,IAAI,CAAC,IAAI,cAAA,EAAgB;AACzB,EAAA,IAAI;AACF,IAAA,MAAM,GAAA,CAAI,cAAA,CAAe,OAAA,CAAQ,KAAA,EAAO;AAAA,MACtC,YAAY,OAAA,CAAQ,UAAA;AAAA,MACpB,WAAW,OAAA,CAAQ,SAAA;AAAA,MACnB,MAAM,OAAA,CAAQ,IAAA;AAAA,MACd,cAAc,OAAA,CAAQ,YAAA;AAAA,MACtB,MAAM,GAAA,CAAI,IAAA,GACN,EAAE,EAAA,EAAI,IAAI,IAAA,CAAK,EAAA,EAAI,KAAA,EAAO,GAAA,CAAI,KAAK,KAAA,EAAO,IAAA,EAAM,GAAA,CAAI,IAAA,CAAK,MAAK,GAC9D,KAAA,CAAA;AAAA,MACJ,UAAU,GAAA,CAAI;AAAA,KACf,CAAA;AAAA,EACH,SAAS,GAAA,EAAK;AACZ,IAAA,OAAA,CAAQ,KAAA,CAAM,CAAA,4BAAA,EAA+B,KAAK,CAAA,CAAA,CAAA,EAAK,GAAG,CAAA;AAAA,EAC5D;AACF;AAMA,eAAe,eAAA,CACb,MAAA,EACA,SAAA,EACA,GAAA,EACe;AACf,EAAA,MAAM,UAAA,GAAa,MAAA,CAAO,MAAA,GAAS,SAAS,CAAA;AAG5C,EAAA,MAAM,SAAS,GAAA,CAAI,MAAA;AACnB,EAAA,IAAI,UAAU,MAAA,CAAO,WAAA,IAAe,MAAA,CAAO,WAAA,CAAY,SAAS,CAAA,EAAG;AACjE,IAAA,MAAM,WAAW,MAAA,CAAO,IAAA;AACxB,IAAA,MAAM,SAAS,SAAA,KAAc,MAAA,GAAS,MAAA,GAAS,SAAA,KAAc,WAAW,QAAA,GAAW,QAAA;AACnF,IAAA,MAAM,UAAA,GAAa,CAAA,EAAG,QAAQ,CAAA,CAAA,EAAI,MAAM,CAAA,CAAA;AACxC,IAAA,IACE,CAAC,mBAAA,CAAoB,MAAA,CAAO,WAAA,EAAa,UAAU,CAAA,IACnD,CAAC,mBAAA,CAAoB,MAAA,CAAO,WAAA,EAAa,CAAA,EAAG,QAAQ,QAAQ,CAAA,EAC5D;AACA,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,0CAAA,EAA6C,UAAU,CAAA,CAAE,CAAA;AAAA,IAC3E;AAAA,EACF;AAGA,EAAA,IAAI,IAAI,IAAA,EAAM;AACZ,IAAA,MAAM,WAAW,MAAA,CAAO,IAAA;AACxB,IAAA,MAAM,MAAA,GAAS,cAAc,MAAA,GAAS,MAAA,GAAS,cAAc,QAAA,GAAW,QAAA,GAAW,SAAA,KAAc,QAAA,GAAW,QAAA,GAAW,QAAA;AACvH,IAAA,MAAM,UAAA,GAAa,CAAA,EAAG,QAAQ,CAAA,CAAA,EAAI,MAAM,CAAA,CAAA;AACxC,IAAA,MAAM,iBAAA,GAAoB,aAAA;AAAA,MACxB,EAAE,EAAA,EAAI,GAAA,CAAI,IAAA,CAAK,EAAA,EAAI,KAAA,EAAO,GAAA,CAAI,IAAA,CAAK,KAAA,EAAO,IAAA,EAAM,GAAA,CAAI,IAAA,CAAK,IAAA,EAAK;AAAA,MAC9D;AAAA,KACF;AACA,IAAA,IAAI,CAAC,qBAAqB,CAAC,aAAA;AAAA,MACzB,EAAE,EAAA,EAAI,GAAA,CAAI,IAAA,CAAK,EAAA,EAAI,KAAA,EAAO,GAAA,CAAI,IAAA,CAAK,KAAA,EAAO,IAAA,EAAM,GAAA,CAAI,IAAA,CAAK,IAAA,EAAK;AAAA,MAC9D,GAAG,QAAQ,CAAA,MAAA;AAAA,KACb,EAAG;AACD,MAAA,IAAI,CAAC,UAAA,EAAY;AACf,QAAA,MAAM,IAAI,KAAA,CAAM,CAAA,uCAAA,EAA0C,UAAU,CAAA,CAAE,CAAA;AAAA,MACxE;AAAA,IACF;AAAA,EACF;AAEA,EAAA,IAAI,UAAA,EAAY;AACd,IAAA,MAAM,OAAA,GAAU,MAAM,cAAA,CAAe,UAAA,EAAY;AAAA,MAC/C,KAAK,GAAA,CAAI,GAAA;AAAA,MACT,MAAM,GAAA,CAAI,IAAA;AAAA,MACV,UAAU,GAAA,CAAI;AAAA,KACf,CAAA;AACD,IAAA,IAAI,OAAA,KAAY,KAAA,EAAO,MAAM,IAAI,MAAM,eAAe,CAAA;AAAA,EACxD,WAAW,CAAC,GAAA,CAAI,IAAA,IAAQ,CAAC,IAAI,MAAA,EAAQ;AACnC,IAAA,MAAM,IAAI,MAAM,wCAAwC,CAAA;AAAA,EAC1D;AAGA,EAAA,IAAI,IAAI,QAAA,EAAU;AAChB,IAAA,GAAA,CAAI,EAAA,CAAG,iBAAiB,EAAE,QAAA,EAAU,IAAI,QAAA,EAAU,MAAA,EAAQ,IAAI,IAAA,EAAM,EAAA,IAAM,IAAI,IAAA,EAAM,GAAA,CAAI,MAAM,IAAA,EAAM,YAAA,EAAc,IAAI,IAAA,EAAM,IAAA,KAAS,eAAe,CAAA;AAAA,EACtJ;AACF;AAMO,SAAS,oBAAoB,GAAA,EAAkB;AACpD,EAAA,OAAO,OAAO,KAAA,KASR;AACJ,IAAA,MAAM,EAAE,YAAY,KAAA,EAAO,IAAA,EAAM,OAAO,IAAA,EAAM,KAAA,EAAO,MAAA,EAAQ,KAAA,EAAM,GAAI,KAAA;AACvE,IAAA,MAAM,MAAA,GAAS,GAAA,CAAI,QAAA,CAAS,aAAA,CAAc,UAAU,CAAA;AAEpD,IAAA,MAAM,eAAA,CAAgB,MAAA,EAAQ,MAAA,EAAQ,GAAG,CAAA;AAGzC,IAAA,IAAI,MAAA,CAAO,OAAO,UAAA,EAAY;AAC5B,MAAA,KAAA,MAAW,IAAA,IAAQ,MAAA,CAAO,KAAA,CAAM,UAAA,EAAY;AAC1C,QAAA,MAAM,IAAA,CAAK;AAAA,UACT,UAAA;AAAA,UACA,KAAK,GAAA,CAAI,GAAA;AAAA,UACT,MAAM,GAAA,CAAI,IAAA;AAAA,UACV,UAAU,GAAA,CAAI,QAAA;AAAA,UACd,SAAA,EAAW,MAAA;AAAA,UACX;AAAA,SACD,CAAA;AAAA,MACH;AAAA,IACF;AAEA,IAAA,MAAM,OAAA,GAAU,KAAA,IAAS,CAAC,CAAC,GAAA,CAAI,IAAA;AAG/B,IAAA,MAAM,MAAA,GAAS,MAAM,GAAA,CAAI,EAAA,CAAG,IAAA,CAAK;AAAA,MAC/B,UAAA;AAAA,MACA,KAAA,EAAO,SAAS,EAAC;AAAA,MACjB,IAAA;AAAA,MACA,OAAO,KAAA,IAAS,EAAA;AAAA,MAChB,MAAM,IAAA,IAAQ,CAAA;AAAA,MACd,OAAO,KAAA,IAAS,CAAA;AAAA,MAChB,UAAU,GAAA,CAAI,QAAA;AAAA,MACd,MAAA;AAAA,MACA,KAAA,EAAO;AAAA,KACR,CAAA;AAGD,IAAA,IAAI,MAAA,CAAO,OAAO,SAAA,EAAW;AAC3B,MAAA,KAAA,MAAW,GAAA,IAAO,OAAO,IAAA,EAAM;AAC7B,QAAA,KAAA,MAAW,IAAA,IAAQ,MAAA,CAAO,KAAA,CAAM,SAAA,EAAW;AACzC,UAAA,MAAM,IAAA,CAAK;AAAA,YACT,UAAA;AAAA,YACA,GAAA;AAAA,YACA,KAAK,GAAA,CAAI,GAAA;AAAA,YACT,MAAM,GAAA,CAAI,IAAA;AAAA,YACV,UAAU,GAAA,CAAI,QAAA;AAAA,YACd,SAAA,EAAW;AAAA,WACZ,CAAA;AAAA,QACH;AAAA,MACF;AAAA,IACF;AAEA,IAAA,OAAO,MAAA;AAAA,EACT,CAAA;AACF;AAEO,SAAS,wBAAwB,GAAA,EAAkB;AACxD,EAAA,OAAO,OAAO,KAAA,KAMR;AACJ,IAAA,MAAM,EAAE,UAAA,EAAY,EAAA,EAAI,KAAA,EAAO,MAAA,EAAQ,OAAM,GAAI,KAAA;AACjD,IAAA,MAAM,MAAA,GAAS,GAAA,CAAI,QAAA,CAAS,aAAA,CAAc,UAAU,CAAA;AAEpD,IAAA,MAAM,eAAA,CAAgB,MAAA,EAAQ,MAAA,EAAQ,GAAG,CAAA;AAEzC,IAAA,MAAM,OAAA,GAAU,KAAA,IAAS,CAAC,CAAC,GAAA,CAAI,IAAA;AAE/B,IAAA,MAAM,GAAA,GAAM,MAAM,GAAA,CAAI,EAAA,CAAG,QAAA,CAAS;AAAA,MAChC,UAAA;AAAA,MACA,EAAA;AAAA,MACA,OAAO,KAAA,IAAS,CAAA;AAAA,MAChB,UAAU,GAAA,CAAI,QAAA;AAAA,MACd,MAAA;AAAA,MACA,KAAA,EAAO;AAAA,KACR,CAAA;AAED,IAAA,IAAI,CAAC,KAAK,MAAM,IAAI,MAAM,CAAA,oBAAA,EAAuB,UAAU,CAAA,CAAA,EAAI,EAAE,CAAA,CAAE,CAAA;AAGnE,IAAA,IAAI,MAAA,CAAO,OAAO,SAAA,EAAW;AAC3B,MAAA,KAAA,MAAW,IAAA,IAAQ,MAAA,CAAO,KAAA,CAAM,SAAA,EAAW;AACzC,QAAA,MAAM,IAAA,CAAK;AAAA,UACT,UAAA;AAAA,UACA,GAAA;AAAA,UACA,KAAK,GAAA,CAAI,GAAA;AAAA,UACT,MAAM,GAAA,CAAI,IAAA;AAAA,UACV,UAAU,GAAA,CAAI,QAAA;AAAA,UACd,SAAA,EAAW,MAAA;AAAA,UACX;AAAA,SACD,CAAA;AAAA,MACH;AAAA,IACF;AAEA,IAAA,OAAO,GAAA;AAAA,EACT,CAAA;AACF;AAEO,SAAS,sBAAsB,GAAA,EAAkB;AACtD,EAAA,OAAO,OAAO,KAAA,KAKR;AACJ,IAAA,MAAM,EAAE,UAAA,EAAY,IAAA,EAAM,KAAA,EAAO,QAAO,GAAI,KAAA;AAC5C,IAAA,MAAM,MAAA,GAAS,GAAA,CAAI,QAAA,CAAS,aAAA,CAAc,UAAU,CAAA;AAEpD,IAAA,MAAM,eAAA,CAAgB,MAAA,EAAQ,QAAA,EAAU,GAAG,CAAA;AAG3C,IAAA,MAAM,MAAA,GAAS,GAAA,CAAI,QAAA,CAAS,kBAAA,CAAmB,UAAU,CAAA;AACzD,IAAA,MAAM,SAAA,GAAY,MAAA,CAAO,KAAA,CAAM,IAAI,CAAA;AAGnC,IAAA,IAAI,MAAA,CAAO,YAAA,IAAgB,GAAA,CAAI,QAAA,EAAU;AACvC,MAAA,SAAA,CAAU,WAAW,GAAA,CAAI,QAAA;AAAA,IAC3B;AAGA,IAAA,IAAI,MAAA,CAAO,OAAO,cAAA,EAAgB;AAChC,MAAA,KAAA,MAAW,IAAA,IAAQ,MAAA,CAAO,KAAA,CAAM,cAAA,EAAgB;AAC9C,QAAA,MAAM,UAAA,GAAa,MAAM,IAAA,CAAK;AAAA,UAC5B,UAAA;AAAA,UACA,IAAA,EAAM,SAAA;AAAA,UACN,KAAK,GAAA,CAAI,GAAA;AAAA,UACT,MAAM,GAAA,CAAI,IAAA;AAAA,UACV,UAAU,GAAA,CAAI,QAAA;AAAA,UACd,SAAA,EAAW;AAAA,SACZ,CAAA;AACD,QAAA,IAAI,UAAA,EAAY,MAAA,CAAO,MAAA,CAAO,SAAA,EAAW,UAAU,CAAA;AAAA,MACrD;AAAA,IACF;AAGA,IAAA,IAAI,MAAA,CAAO,OAAO,YAAA,EAAc;AAC9B,MAAA,KAAA,MAAW,IAAA,IAAQ,MAAA,CAAO,KAAA,CAAM,YAAA,EAAc;AAC5C,QAAA,MAAM,UAAA,GAAa,MAAM,IAAA,CAAK;AAAA,UAC5B,UAAA;AAAA,UACA,IAAA,EAAM,SAAA;AAAA,UACN,KAAK,GAAA,CAAI,GAAA;AAAA,UACT,MAAM,GAAA,CAAI,IAAA;AAAA,UACV,UAAU,GAAA,CAAI,QAAA;AAAA,UACd,SAAA,EAAW;AAAA,SACZ,CAAA;AACD,QAAA,IAAI,UAAA,EAAY,MAAA,CAAO,MAAA,CAAO,SAAA,EAAW,UAAU,CAAA;AAAA,MACrD;AAAA,IACF;AAGA,IAAA,MAAM,GAAA,GAAM,MAAM,GAAA,CAAI,EAAA,CAAG,MAAA,CAAO;AAAA,MAC9B,UAAA;AAAA,MACA,IAAA,EAAM,SAAA;AAAA,MACN,OAAO,KAAA,IAAS,CAAA;AAAA,MAChB,UAAU,GAAA,CAAI,QAAA;AAAA,MACd;AAAA,KACD,CAAA;AAGD,IAAA,IAAI,MAAA,CAAO,OAAO,WAAA,EAAa;AAC7B,MAAA,KAAA,MAAW,IAAA,IAAQ,MAAA,CAAO,KAAA,CAAM,WAAA,EAAa;AAC3C,QAAA,MAAM,IAAA,CAAK;AAAA,UACT,UAAA;AAAA,UACA,GAAA;AAAA,UACA,IAAA,EAAM,SAAA;AAAA,UACN,KAAK,GAAA,CAAI,GAAA;AAAA,UACT,MAAM,GAAA,CAAI,IAAA;AAAA,UACV,UAAU,GAAA,CAAI,QAAA;AAAA,UACd,SAAA,EAAW;AAAA,SACZ,CAAA;AAAA,MACH;AAAA,IACF;AAEA,IAAA,MAAM,cAAA,CAAe,GAAA,EAAK,eAAA,CAAgB,UAAA,EAAY,QAAQ,CAAA,EAAG;AAAA,MAC/D,UAAA;AAAA,MACA,IAAA,EAAM,GAAA;AAAA,MACN,SAAA,EAAW;AAAA,KACZ,CAAA;AAED,IAAA,OAAO,EAAE,GAAA,EAAI;AAAA,EACf,CAAA;AACF;AAEO,SAAS,sBAAsB,GAAA,EAAkB;AACtD,EAAA,OAAO,OAAO,KAAA,KAOR;AACJ,IAAA,MAAM,EAAE,UAAA,EAAY,EAAA,EAAI,MAAM,KAAA,EAAO,MAAA,EAAQ,eAAc,GAAI,KAAA;AAC/D,IAAA,MAAM,MAAA,GAAS,GAAA,CAAI,QAAA,CAAS,aAAA,CAAc,UAAU,CAAA;AAEpD,IAAA,MAAM,eAAA,CAAgB,MAAA,EAAQ,QAAA,EAAU,GAAG,CAAA;AAG3C,IAAA,MAAM,WAAA,GAAc,MAAM,GAAA,CAAI,EAAA,CAAG,QAAA,CAAS;AAAA,MACxC,UAAA;AAAA,MACA,EAAA;AAAA,MACA,UAAU,GAAA,CAAI,QAAA;AAAA,MACd,KAAA,EAAO;AAAA,KACR,CAAA;AAED,IAAA,IAAI,CAAC,WAAA;AACH,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,oBAAA,EAAuB,UAAU,CAAA,CAAA,EAAI,EAAE,CAAA,CAAE,CAAA;AAG3D,IAAA,IAAI,aAAA,IAAkB,WAAA,CAAoC,SAAA,IAAa,aAAA,KAAmB,YAAoC,SAAA,EAAW;AACvI,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,8CAAA,EAAiD,aAAa,CAAA,qBAAA,EAAyB,WAAA,CAAoC,SAAS,CAAA,CAAE,CAAA;AAAA,IACxJ;AAGA,IAAA,MAAM,MAAA,GAAS,GAAA,CAAI,QAAA,CAAS,kBAAA,CAAmB,UAAU,CAAA;AACzD,IAAA,MAAM,SAAA,GAAY,MAAA,CAAO,KAAA,CAAM,IAAI,CAAA;AAGnC,IAAA,IAAI,MAAA,CAAO,YAAA,IAAgB,GAAA,CAAI,QAAA,EAAU;AACvC,MAAA,SAAA,CAAU,WAAW,GAAA,CAAI,QAAA;AAAA,IAC3B;AAGA,IAAA,IAAI,MAAA,CAAO,OAAO,cAAA,EAAgB;AAChC,MAAA,KAAA,MAAW,IAAA,IAAQ,MAAA,CAAO,KAAA,CAAM,cAAA,EAAgB;AAC9C,QAAA,MAAM,UAAA,GAAa,MAAM,IAAA,CAAK;AAAA,UAC5B,UAAA;AAAA,UACA,IAAA,EAAM,SAAA;AAAA,UACN,WAAA;AAAA,UACA,KAAK,GAAA,CAAI,GAAA;AAAA,UACT,MAAM,GAAA,CAAI,IAAA;AAAA,UACV,UAAU,GAAA,CAAI,QAAA;AAAA,UACd,SAAA,EAAW,QAAA;AAAA,UACX;AAAA,SACD,CAAA;AACD,QAAA,IAAI,UAAA,EAAY,MAAA,CAAO,MAAA,CAAO,SAAA,EAAW,UAAU,CAAA;AAAA,MACrD;AAAA,IACF;AAGA,IAAA,IAAI,MAAA,CAAO,OAAO,YAAA,EAAc;AAC9B,MAAA,KAAA,MAAW,IAAA,IAAQ,MAAA,CAAO,KAAA,CAAM,YAAA,EAAc;AAC5C,QAAA,MAAM,UAAA,GAAa,MAAM,IAAA,CAAK;AAAA,UAC5B,UAAA;AAAA,UACA,IAAA,EAAM,SAAA;AAAA,UACN,WAAA;AAAA,UACA,KAAK,GAAA,CAAI,GAAA;AAAA,UACT,MAAM,GAAA,CAAI,IAAA;AAAA,UACV,UAAU,GAAA,CAAI,QAAA;AAAA,UACd,SAAA,EAAW,QAAA;AAAA,UACX;AAAA,SACD,CAAA;AACD,QAAA,IAAI,UAAA,EAAY,MAAA,CAAO,MAAA,CAAO,SAAA,EAAW,UAAU,CAAA;AAAA,MACrD;AAAA,IACF;AAGA,IAAA,MAAM,GAAA,GAAM,MAAM,GAAA,CAAI,EAAA,CAAG,MAAA,CAAO;AAAA,MAC9B,UAAA;AAAA,MACA,EAAA;AAAA,MACA,IAAA,EAAM,SAAA;AAAA,MACN,OAAO,KAAA,IAAS,CAAA;AAAA,MAChB,UAAU,GAAA,CAAI,QAAA;AAAA,MACd;AAAA,KACD,CAAA;AAGD,IAAA,IAAI,MAAA,CAAO,OAAO,WAAA,EAAa;AAC7B,MAAA,KAAA,MAAW,IAAA,IAAQ,MAAA,CAAO,KAAA,CAAM,WAAA,EAAa;AAC3C,QAAA,MAAM,IAAA,CAAK;AAAA,UACT,UAAA;AAAA,UACA,GAAA;AAAA,UACA,IAAA,EAAM,SAAA;AAAA,UACN,WAAA;AAAA,UACA,KAAK,GAAA,CAAI,GAAA;AAAA,UACT,MAAM,GAAA,CAAI,IAAA;AAAA,UACV,UAAU,GAAA,CAAI,QAAA;AAAA,UACd,SAAA,EAAW,QAAA;AAAA,UACX;AAAA,SACD,CAAA;AAAA,MACH;AAAA,IACF;AAEA,IAAA,MAAM,cAAA,CAAe,GAAA,EAAK,eAAA,CAAgB,UAAA,EAAY,QAAQ,CAAA,EAAG;AAAA,MAC/D,UAAA;AAAA,MACA,IAAA,EAAM,GAAA;AAAA,MACN,YAAA,EAAc,WAAA;AAAA,MACd,SAAA,EAAW;AAAA,KACZ,CAAA;AAED,IAAA,OAAO,EAAE,GAAA,EAAI;AAAA,EACf,CAAA;AACF;AAEO,SAAS,sBAAsB,GAAA,EAAkB;AACtD,EAAA,OAAO,OAAO,KAAA,KAA8C;AAC1D,IAAA,MAAM,EAAE,UAAA,EAAY,EAAA,EAAG,GAAI,KAAA;AAC3B,IAAA,MAAM,MAAA,GAAS,GAAA,CAAI,QAAA,CAAS,aAAA,CAAc,UAAU,CAAA;AAEpD,IAAA,MAAM,eAAA,CAAgB,MAAA,EAAQ,QAAA,EAAU,GAAG,CAAA;AAG3C,IAAA,MAAM,WAAA,GAAc,MAAM,GAAA,CAAI,EAAA,CAAG,QAAA,CAAS;AAAA,MACxC,UAAA;AAAA,MACA,EAAA;AAAA,MACA,UAAU,GAAA,CAAI,QAAA;AAAA,MACd,KAAA,EAAO;AAAA,KACR,CAAA;AAED,IAAA,IAAI,CAAC,WAAA;AACH,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,oBAAA,EAAuB,UAAU,CAAA,CAAA,EAAI,EAAE,CAAA,CAAE,CAAA;AAG3D,IAAA,IAAI,MAAA,CAAO,OAAO,YAAA,EAAc;AAC9B,MAAA,KAAA,MAAW,IAAA,IAAQ,MAAA,CAAO,KAAA,CAAM,YAAA,EAAc;AAC5C,QAAA,MAAM,IAAA,CAAK;AAAA,UACT,UAAA;AAAA,UACA,GAAA,EAAK,WAAA;AAAA,UACL,KAAK,GAAA,CAAI,GAAA;AAAA,UACT,MAAM,GAAA,CAAI,IAAA;AAAA,UACV,UAAU,GAAA,CAAI,QAAA;AAAA,UACd,SAAA,EAAW,QAAA;AAAA,UACX;AAAA,SACD,CAAA;AAAA,MACH;AAAA,IACF;AAGA,IAAA,MAAM,GAAA,GAAM,MAAM,GAAA,CAAI,EAAA,CAAG,MAAA,CAAO;AAAA,MAC9B,UAAA;AAAA,MACA,EAAA;AAAA,MACA,UAAU,GAAA,CAAI;AAAA,KACf,CAAA;AAGD,IAAA,IAAI,MAAA,CAAO,OAAO,WAAA,EAAa;AAC7B,MAAA,KAAA,MAAW,IAAA,IAAQ,MAAA,CAAO,KAAA,CAAM,WAAA,EAAa;AAC3C,QAAA,MAAM,IAAA,CAAK;AAAA,UACT,UAAA;AAAA,UACA,GAAA;AAAA,UACA,KAAK,GAAA,CAAI,GAAA;AAAA,UACT,MAAM,GAAA,CAAI,IAAA;AAAA,UACV,UAAU,GAAA,CAAI,QAAA;AAAA,UACd,SAAA,EAAW,QAAA;AAAA,UACX;AAAA,SACD,CAAA;AAAA,MACH;AAAA,IACF;AAEA,IAAA,MAAM,cAAA,CAAe,GAAA,EAAK,eAAA,CAAgB,UAAA,EAAY,QAAQ,CAAA,EAAG;AAAA,MAC/D,UAAA;AAAA,MACA,IAAA,EAAM,GAAA;AAAA,MACN,YAAA,EAAc,WAAA;AAAA,MACd,SAAA,EAAW;AAAA,KACZ,CAAA;AAED,IAAA,OAAO,EAAE,GAAA,EAAK,OAAA,EAAS,sBAAA,EAAuB;AAAA,EAChD,CAAA;AACF;AAEO,SAAS,qBAAqB,GAAA,EAAkB;AACrD,EAAA,OAAO,OAAO,KAAA,KAA+D;AAC3E,IAAA,MAAM,EAAE,UAAA,EAAY,KAAA,EAAM,GAAI,KAAA;AAC9B,IAAA,MAAM,MAAA,GAAS,GAAA,CAAI,QAAA,CAAS,aAAA,CAAc,UAAU,CAAA;AAEpD,IAAA,MAAM,eAAA,CAAgB,MAAA,EAAQ,MAAA,EAAQ,GAAG,CAAA;AAEzC,IAAA,MAAM,SAAA,GAAY,MAAM,GAAA,CAAI,EAAA,CAAG,KAAA,CAAM;AAAA,MACnC,UAAA;AAAA,MACA,KAAA,EAAO,SAAS,EAAC;AAAA,MACjB,UAAU,GAAA,CAAI;AAAA,KACf,CAAA;AAED,IAAA,OAAO,EAAE,SAAA,EAAU;AAAA,EACrB,CAAA;AACF;;;ACjfA,eAAe,qBAAA,CACb,MAAA,EACA,SAAA,EACA,GAAA,EACe;AACf,EAAA,MAAM,UAAA,GAAa,MAAA,CAAO,MAAA,GAAS,SAAS,CAAA;AAE5C,EAAA,MAAM,SAAS,GAAA,CAAI,MAAA;AACnB,EAAA,IAAI,UAAU,MAAA,CAAO,WAAA,IAAe,MAAA,CAAO,WAAA,CAAY,SAAS,CAAA,EAAG;AACjE,IAAA,MAAM,UAAA,GAAa,WAAW,SAAS,CAAA,CAAA;AACvC,IAAA,IACE,CAAC,mBAAA,CAAoB,MAAA,CAAO,WAAA,EAAa,UAAU,CAAA,IACnD,CAAC,mBAAA,CAAoB,MAAA,CAAO,WAAA,EAAa,eAAe,CAAA,EACxD;AACA,MAAA,MAAM,IAAI,KAAA,CAAM,CAAA,0CAAA,EAA6C,UAAU,CAAA,CAAE,CAAA;AAAA,IAC3E;AAAA,EACF;AAEA,EAAA,IAAI,IAAI,IAAA,EAAM;AACZ,IAAA,MAAM,UAAA,GAAa,WAAW,SAAS,CAAA,CAAA;AACvC,IAAA,MAAM,iBAAA,GAAoB,aAAA;AAAA,MACxB,EAAE,EAAA,EAAI,GAAA,CAAI,IAAA,CAAK,EAAA,EAAI,KAAA,EAAO,GAAA,CAAI,IAAA,CAAK,KAAA,EAAO,IAAA,EAAM,GAAA,CAAI,IAAA,CAAK,IAAA,EAAK;AAAA,MAC9D;AAAA,KACF;AACA,IAAA,IAAI,CAAC,qBAAqB,CAAC,aAAA;AAAA,MACzB,EAAE,EAAA,EAAI,GAAA,CAAI,IAAA,CAAK,EAAA,EAAI,KAAA,EAAO,GAAA,CAAI,IAAA,CAAK,KAAA,EAAO,IAAA,EAAM,GAAA,CAAI,IAAA,CAAK,IAAA,EAAK;AAAA,MAC9D;AAAA,KACF,EAAG;AACD,MAAA,IAAI,CAAC,UAAA,EAAY;AACf,QAAA,MAAM,IAAI,KAAA,CAAM,CAAA,uCAAA,EAA0C,UAAU,CAAA,CAAE,CAAA;AAAA,MACxE;AAAA,IACF;AAAA,EACF;AAEA,EAAA,IAAI,UAAA,EAAY;AACd,IAAA,MAAM,OAAA,GAAU,MAAM,cAAA,CAAe,UAAA,EAAY;AAAA,MAC/C,KAAK,GAAA,CAAI,GAAA;AAAA,MACT,MAAM,GAAA,CAAI,IAAA;AAAA,MACV,UAAU,GAAA,CAAI;AAAA,KACf,CAAA;AACD,IAAA,IAAI,OAAA,KAAY,KAAA,EAAO,MAAM,IAAI,MAAM,eAAe,CAAA;AAAA,EACxD,WAAW,CAAC,GAAA,CAAI,IAAA,IAAQ,CAAC,IAAI,MAAA,EAAQ;AACnC,IAAA,MAAM,IAAI,MAAM,wCAAwC,CAAA;AAAA,EAC1D;AAEA,EAAA,IAAI,IAAI,QAAA,EAAU;AAChB,IAAA,GAAA,CAAI,EAAA,CAAG,iBAAiB,EAAE,QAAA,EAAU,IAAI,QAAA,EAAU,MAAA,EAAQ,IAAI,IAAA,EAAM,EAAA,IAAM,IAAI,IAAA,EAAM,GAAA,CAAI,MAAM,IAAA,EAAM,YAAA,EAAc,IAAI,IAAA,EAAM,IAAA,KAAS,eAAe,CAAA;AAAA,EACtJ;AACF;AAMO,SAAS,oBAAoB,GAAA,EAAkB;AACpD,EAAA,MAAM,SAA8B,EAAC;AACrC,EAAA,MAAM,WAAA,GAAc,GAAA,CAAI,QAAA,CAAS,cAAA,EAAe;AAEhD,EAAA,KAAA,MAAW,cAAc,WAAA,EAAa;AACpC,IAAA,MAAM,OAAO,UAAA,CAAW,IAAA;AAExB,IAAA,MAAA,CAAO,IAAI,CAAA,GAAI;AAAA,MACb,IAAA,EAAM,oBAAoB,GAAG,CAAA;AAAA,MAC7B,QAAA,EAAU,wBAAwB,GAAG,CAAA;AAAA,MACrC,MAAA,EAAQ,sBAAsB,GAAG,CAAA;AAAA,MACjC,MAAA,EAAQ,sBAAsB,GAAG,CAAA;AAAA,MACjC,MAAA,EAAQ,sBAAsB,GAAG,CAAA;AAAA,MACjC,KAAA,EAAO,qBAAqB,GAAG;AAAA,KACjC;AAAA,EACF;AAGA,EAAA,MAAM,OAAA,GAAU,GAAA,CAAI,QAAA,CAAS,UAAA,EAAW;AACxC,EAAA,KAAA,MAAW,UAAU,OAAA,EAAS;AAC5B,IAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAEpB,IAAA,MAAA,CAAO,CAAA,SAAA,EAAY,IAAI,CAAA,CAAE,CAAA,GAAI;AAAA,MAC3B,KAAK,YAAY;AACf,QAAA,MAAM,qBAAA,CAAsB,MAAA,EAAQ,MAAA,EAAQ,GAAG,CAAA;AAE/C,QAAA,MAAM,GAAA,GAAM,MAAM,GAAA,CAAI,EAAA,CAAG,OAAA,CAAQ;AAAA,UAC/B,UAAA,EAAY,YAAY,IAAI,CAAA,CAAA;AAAA,UAC5B,OAAO,EAAC;AAAA,UACR,UAAU,GAAA,CAAI;AAAA,SACf,CAAA;AACD,QAAA,OAAO,GAAA;AAAA,MACT,CAAA;AAAA,MACA,MAAA,EAAQ,OAAO,KAAA,KAAyC;AACtD,QAAA,MAAM,qBAAA,CAAsB,MAAA,EAAQ,QAAA,EAAU,GAAG,CAAA;AAEjD,QAAA,MAAM,MAAA,GAAS,GAAA,CAAI,QAAA,CAAS,YAAA,CAAa,IAAI,CAAA;AAC7C,QAAA,MAAM,SAAA,GAAY,MAAA,CAAO,KAAA,CAAM,KAAA,CAAM,IAAI,CAAA;AAEzC,QAAA,MAAM,QAAA,GAAW,MAAM,GAAA,CAAI,EAAA,CAAG,OAAA,CAAQ;AAAA,UACpC,UAAA,EAAY,YAAY,IAAI,CAAA,CAAA;AAAA,UAC5B,OAAO,EAAC;AAAA,UACR,UAAU,GAAA,CAAI;AAAA,SACf,CAAA;AAED,QAAA,IAAI,GAAA;AACJ,QAAA,IAAI,QAAA,EAAU;AACZ,UAAA,GAAA,GAAM,MAAM,GAAA,CAAI,EAAA,CAAG,MAAA,CAAO;AAAA,YACxB,UAAA,EAAY,YAAY,IAAI,CAAA,CAAA;AAAA,YAC5B,IAAI,QAAA,CAAS,EAAA;AAAA,YACb,IAAA,EAAM,SAAA;AAAA,YACN,UAAU,GAAA,CAAI;AAAA,WACf,CAAA;AAAA,QACH,CAAA,MAAO;AACL,UAAA,GAAA,GAAM,MAAM,GAAA,CAAI,EAAA,CAAG,MAAA,CAAO;AAAA,YACxB,UAAA,EAAY,YAAY,IAAI,CAAA,CAAA;AAAA,YAC5B,IAAA,EAAM,EAAE,GAAG,SAAA,EAAW,IAAI,IAAA,EAAK;AAAA,YAC/B,UAAU,GAAA,CAAI;AAAA,WACf,CAAA;AAAA,QACH;AAEA,QAAA,OAAO,GAAA;AAAA,MACT;AAAA,KACF;AAAA,EACF;AAEA,EAAA,OAAO,MAAA;AACT;AAyDO,SAAS,iBAAiB,GAAA,EAA8B;AAE7D,EAAA,MAAM,SAAA,GAAY,GAAA,CAAI,QAAA,EAAU,MAAA,EAAQ,SAAA;AACxC,EAAA,IAAI,SAAA,EAAW,gBAAgB,KAAA,EAAO;AACpC,IAAA,MAAM,IAAI,MAAM,sBAAsB,CAAA;AAAA,EACxC;AAEA,EAAA,OAAO,oBAAoB,GAAG,CAAA;AAChC","file":"chunk-KPA4AN4R.js","sourcesContent":["import type { BaseAdapter } from \"../../registry/types.js\";\nimport type { User, Request } from \"../../hooks/types.js\";\nimport {\n validateApiKey,\n extractApiKeyFromRequest,\n createApiKeyContext,\n} from \"../../auth/api-key.js\";\nimport { createWebhookService } from \"../../webhooks/index.js\";\n\n// ============================================================================\n// Context Types\n// ============================================================================\n\nexport interface ApiKeyContext {\n userId: string;\n user: Partial<User>;\n permissions: string[];\n apiKeyId: string;\n tenantId?: string;\n role?: string;\n}\n\nexport interface KyroContext {\n db: BaseAdapter;\n registry: any;\n user?: User;\n tenantID?: string;\n req: Request;\n apiKey?: ApiKeyContext;\n webhookService?: ReturnType<typeof createWebhookService>;\n settings?: Record<string, any>;\n [key: string]: any;\n}\n\n// ============================================================================\n// Context Factory\n// ============================================================================\n\nexport async function createContext(options: {\n db: BaseAdapter;\n registry: any;\n req: Request;\n user?: User;\n tenantID?: string;\n settings?: Record<string, any>;\n}): Promise<KyroContext> {\n const webhookService = createWebhookService(options.db);\n\n const baseContext: KyroContext = {\n db: options.db,\n registry: options.registry,\n req: options.req,\n user: options.user,\n tenantID: options.tenantID,\n webhookService,\n settings: options.settings,\n };\n\n const apiKeyRaw = extractApiKeyFromRequest(options.req as any);\n if (apiKeyRaw) {\n const result = await validateApiKey(apiKeyRaw, options.db);\n if (result.valid) {\n baseContext.user = (result.user as User) || options.user;\n baseContext.tenantID = result.tenantId || options.tenantID;\n baseContext.apiKey = createApiKeyContext(result) as ApiKeyContext;\n }\n }\n\n return baseContext;\n}\n","import type {\n FindArgs,\n CreateArgs,\n UpdateArgs,\n DeleteArgs,\n} from \"../../registry/types.js\";\nimport { runHooks } from \"../../hooks/types.js\";\nimport { evaluateAccess } from \"../../access/types.js\";\nexport type { KyroContext, ApiKeyContext } from \"./context.js\";\nexport { createContext } from \"./context.js\";\nimport type { KyroContext, ApiKeyContext } from \"./context.js\";\nimport { WEBHOOK_EVENTS, type WebhookEvent } from \"../../webhooks/types.js\";\nimport { hasApiKeyPermission } from \"../../auth/api-key.js\";\nimport { hasPermission } from \"../../auth/rbac/checker.js\";\n\nconst COLLECTION_EVENT_MAP: Record<\n string,\n { create: WebhookEvent; update: WebhookEvent; delete: WebhookEvent }\n> = {\n _media: {\n create: WEBHOOK_EVENTS.MEDIA_UPLOAD,\n update: WEBHOOK_EVENTS.MEDIA_UPLOAD,\n delete: WEBHOOK_EVENTS.MEDIA_DELETE,\n },\n};\n\nfunction getWebhookEvent(\n collection: string,\n operation: \"create\" | \"update\" | \"delete\",\n): WebhookEvent {\n const mapped = COLLECTION_EVENT_MAP[collection];\n if (mapped) return mapped[operation];\n return `collection.${operation}` as WebhookEvent;\n}\n\nasync function triggerWebhook(\n ctx: KyroContext,\n event: WebhookEvent,\n payload: {\n collection: string;\n data: unknown;\n previousData?: unknown;\n operation: \"create\" | \"update\" | \"delete\";\n },\n) {\n if (!ctx.webhookService) return;\n try {\n await ctx.webhookService.trigger(event, {\n collection: payload.collection,\n operation: payload.operation,\n data: payload.data,\n previousData: payload.previousData,\n user: ctx.user\n ? { id: ctx.user.id, email: ctx.user.email, role: ctx.user.role }\n : undefined,\n tenantId: ctx.tenantID,\n });\n } catch (err) {\n console.error(`[Webhook] Failed to trigger ${event}:`, err);\n }\n}\n\n// ============================================================================\n// Access Check Helper\n// ============================================================================\n\nasync function checkTRPCAccess(\n config: { access?: any; slug: string },\n operation: \"read\" | \"create\" | \"update\" | \"delete\",\n ctx: KyroContext,\n): Promise<void> {\n const accessRule = config.access?.[operation];\n\n // API key permission check\n const apiKey = ctx.apiKey;\n if (apiKey && apiKey.permissions && apiKey.permissions.length > 0) {\n const resource = config.slug;\n const action = operation === \"read\" ? \"read\" : operation === \"create\" ? \"create\" : \"update\";\n const permission = `${resource}:${action}`;\n if (\n !hasApiKeyPermission(apiKey.permissions, permission) &&\n !hasApiKeyPermission(apiKey.permissions, `${resource}:admin`)\n ) {\n throw new Error(`Access denied: missing API key permission ${permission}`);\n }\n }\n\n // RBAC check for authenticated users\n if (ctx.user) {\n const resource = config.slug;\n const action = operation === \"read\" ? \"read\" : operation === \"create\" ? \"create\" : operation === \"update\" ? \"update\" : \"delete\";\n const permission = `${resource}:${action}`;\n const userHasPermission = hasPermission(\n { id: ctx.user.id, email: ctx.user.email, role: ctx.user.role } as any,\n permission,\n );\n if (!userHasPermission && !hasPermission(\n { id: ctx.user.id, email: ctx.user.email, role: ctx.user.role } as any,\n `${resource}:admin`,\n )) {\n if (!accessRule) {\n throw new Error(`Access denied: missing RBAC permission ${permission}`);\n }\n }\n }\n\n if (accessRule) {\n const allowed = await evaluateAccess(accessRule, {\n req: ctx.req,\n user: ctx.user,\n tenantID: ctx.tenantID,\n });\n if (allowed === false) throw new Error(\"Access denied\");\n } else if (!ctx.user && !ctx.apiKey) {\n throw new Error(\"Access denied: authentication required\");\n }\n\n // Set tenant context\n if (ctx.tenantID) {\n ctx.db.setTenantContext({ tenantId: ctx.tenantID, userId: ctx.user?.id ?? '', role: ctx.user?.role, isSuperAdmin: ctx.user?.role === 'super_admin' });\n }\n}\n\n// ============================================================================\n// CRUD Procedure Builders\n// ============================================================================\n\nexport function createFindProcedure(ctx: KyroContext) {\n return async (input: {\n collection: string;\n where?: Record<string, any>;\n sort?: string;\n limit?: number;\n page?: number;\n depth?: number;\n select?: string[];\n draft?: boolean;\n }) => {\n const { collection, where, sort, limit, page, depth, select, draft } = input;\n const config = ctx.registry.getCollection(collection);\n\n await checkTRPCAccess(config, \"read\", ctx);\n\n // Run beforeRead hooks\n if (config.hooks?.beforeRead) {\n for (const hook of config.hooks.beforeRead) {\n await hook({\n collection,\n req: ctx.req,\n user: ctx.user,\n tenantID: ctx.tenantID,\n operation: \"read\",\n where,\n });\n }\n }\n\n const isDraft = draft ?? !!ctx.user;\n\n // Execute query\n const result = await ctx.db.find({\n collection,\n where: where || {},\n sort,\n limit: limit || 10,\n page: page || 1,\n depth: depth || 0,\n tenantID: ctx.tenantID,\n select,\n draft: isDraft,\n });\n\n // Run afterRead hooks\n if (config.hooks?.afterRead) {\n for (const doc of result.docs) {\n for (const hook of config.hooks.afterRead) {\n await hook({\n collection,\n doc,\n req: ctx.req,\n user: ctx.user,\n tenantID: ctx.tenantID,\n operation: \"read\",\n });\n }\n }\n }\n\n return result;\n };\n}\n\nexport function createFindByIDProcedure(ctx: KyroContext) {\n return async (input: {\n collection: string;\n id: string;\n depth?: number;\n select?: string[];\n draft?: boolean;\n }) => {\n const { collection, id, depth, select, draft } = input;\n const config = ctx.registry.getCollection(collection);\n\n await checkTRPCAccess(config, \"read\", ctx);\n\n const isDraft = draft ?? !!ctx.user;\n\n const doc = await ctx.db.findByID({\n collection,\n id,\n depth: depth || 0,\n tenantID: ctx.tenantID,\n select,\n draft: isDraft,\n });\n\n if (!doc) throw new Error(`Document not found: ${collection}/${id}`);\n\n // Run afterRead hooks\n if (config.hooks?.afterRead) {\n for (const hook of config.hooks.afterRead) {\n await hook({\n collection,\n doc,\n req: ctx.req,\n user: ctx.user,\n tenantID: ctx.tenantID,\n operation: \"read\",\n id,\n });\n }\n }\n\n return doc;\n };\n}\n\nexport function createCreateProcedure(ctx: KyroContext) {\n return async (input: {\n collection: string;\n data: Record<string, any>;\n depth?: number;\n select?: string[];\n }) => {\n const { collection, data, depth, select } = input;\n const config = ctx.registry.getCollection(collection);\n\n await checkTRPCAccess(config, \"create\", ctx);\n\n // Validate with Zod\n const schema = ctx.registry.getCreateZodSchema(collection);\n const validated = schema.parse(data);\n\n // Add tenantID if scoped\n if (config.tenantScoped && ctx.tenantID) {\n validated.tenantID = ctx.tenantID;\n }\n\n // Run beforeValidate hooks\n if (config.hooks?.beforeValidate) {\n for (const hook of config.hooks.beforeValidate) {\n const hookResult = await hook({\n collection,\n data: validated,\n req: ctx.req,\n user: ctx.user,\n tenantID: ctx.tenantID,\n operation: \"create\",\n });\n if (hookResult) Object.assign(validated, hookResult);\n }\n }\n\n // Run beforeChange hooks\n if (config.hooks?.beforeChange) {\n for (const hook of config.hooks.beforeChange) {\n const hookResult = await hook({\n collection,\n data: validated,\n req: ctx.req,\n user: ctx.user,\n tenantID: ctx.tenantID,\n operation: \"create\",\n });\n if (hookResult) Object.assign(validated, hookResult);\n }\n }\n\n // Execute create\n const doc = await ctx.db.create({\n collection,\n data: validated,\n depth: depth || 0,\n tenantID: ctx.tenantID,\n select,\n });\n\n // Run afterChange hooks\n if (config.hooks?.afterChange) {\n for (const hook of config.hooks.afterChange) {\n await hook({\n collection,\n doc,\n data: validated,\n req: ctx.req,\n user: ctx.user,\n tenantID: ctx.tenantID,\n operation: \"create\",\n });\n }\n }\n\n await triggerWebhook(ctx, getWebhookEvent(collection, \"create\"), {\n collection,\n data: doc,\n operation: \"create\",\n });\n\n return { doc };\n };\n}\n\nexport function createUpdateProcedure(ctx: KyroContext) {\n return async (input: {\n collection: string;\n id: string;\n data: Record<string, any>;\n depth?: number;\n select?: string[];\n baseUpdatedAt?: string;\n }) => {\n const { collection, id, data, depth, select, baseUpdatedAt } = input;\n const config = ctx.registry.getCollection(collection);\n\n await checkTRPCAccess(config, \"update\", ctx);\n\n // Get original doc for hooks + conflict detection\n const originalDoc = await ctx.db.findByID({\n collection,\n id,\n tenantID: ctx.tenantID,\n draft: true,\n });\n\n if (!originalDoc)\n throw new Error(`Document not found: ${collection}/${id}`);\n\n // Revision conflict detection\n if (baseUpdatedAt && (originalDoc as Record<string, any>).updatedAt && baseUpdatedAt !== (originalDoc as Record<string, any>).updatedAt) {\n throw new Error(`Revision conflict: document has changed since ${baseUpdatedAt}. Current updatedAt: ${(originalDoc as Record<string, any>).updatedAt}`);\n }\n\n // Validate with Zod\n const schema = ctx.registry.getUpdateZodSchema(collection);\n const validated = schema.parse(data);\n\n // Add tenantID if scoped\n if (config.tenantScoped && ctx.tenantID) {\n validated.tenantID = ctx.tenantID;\n }\n\n // Run beforeValidate hooks\n if (config.hooks?.beforeValidate) {\n for (const hook of config.hooks.beforeValidate) {\n const hookResult = await hook({\n collection,\n data: validated,\n originalDoc,\n req: ctx.req,\n user: ctx.user,\n tenantID: ctx.tenantID,\n operation: \"update\",\n id,\n });\n if (hookResult) Object.assign(validated, hookResult);\n }\n }\n\n // Run beforeChange hooks\n if (config.hooks?.beforeChange) {\n for (const hook of config.hooks.beforeChange) {\n const hookResult = await hook({\n collection,\n data: validated,\n originalDoc,\n req: ctx.req,\n user: ctx.user,\n tenantID: ctx.tenantID,\n operation: \"update\",\n id,\n });\n if (hookResult) Object.assign(validated, hookResult);\n }\n }\n\n // Execute update\n const doc = await ctx.db.update({\n collection,\n id,\n data: validated,\n depth: depth || 0,\n tenantID: ctx.tenantID,\n select,\n });\n\n // Run afterChange hooks\n if (config.hooks?.afterChange) {\n for (const hook of config.hooks.afterChange) {\n await hook({\n collection,\n doc,\n data: validated,\n originalDoc,\n req: ctx.req,\n user: ctx.user,\n tenantID: ctx.tenantID,\n operation: \"update\",\n id,\n });\n }\n }\n\n await triggerWebhook(ctx, getWebhookEvent(collection, \"update\"), {\n collection,\n data: doc,\n previousData: originalDoc,\n operation: \"update\",\n });\n\n return { doc };\n };\n}\n\nexport function createDeleteProcedure(ctx: KyroContext) {\n return async (input: { collection: string; id: string }) => {\n const { collection, id } = input;\n const config = ctx.registry.getCollection(collection);\n\n await checkTRPCAccess(config, \"delete\", ctx);\n\n // Get original doc for hooks\n const originalDoc = await ctx.db.findByID({\n collection,\n id,\n tenantID: ctx.tenantID,\n draft: true,\n });\n\n if (!originalDoc)\n throw new Error(`Document not found: ${collection}/${id}`);\n\n // Run beforeDelete hooks\n if (config.hooks?.beforeDelete) {\n for (const hook of config.hooks.beforeDelete) {\n await hook({\n collection,\n doc: originalDoc,\n req: ctx.req,\n user: ctx.user,\n tenantID: ctx.tenantID,\n operation: \"delete\",\n id,\n });\n }\n }\n\n // Execute delete\n const doc = await ctx.db.delete({\n collection,\n id,\n tenantID: ctx.tenantID,\n });\n\n // Run afterDelete hooks\n if (config.hooks?.afterDelete) {\n for (const hook of config.hooks.afterDelete) {\n await hook({\n collection,\n doc,\n req: ctx.req,\n user: ctx.user,\n tenantID: ctx.tenantID,\n operation: \"delete\",\n id,\n });\n }\n }\n\n await triggerWebhook(ctx, getWebhookEvent(collection, \"delete\"), {\n collection,\n data: doc,\n previousData: originalDoc,\n operation: \"delete\",\n });\n\n return { doc, message: \"Deleted successfully\" };\n };\n}\n\nexport function createCountProcedure(ctx: KyroContext) {\n return async (input: { collection: string; where?: Record<string, any> }) => {\n const { collection, where } = input;\n const config = ctx.registry.getCollection(collection);\n\n await checkTRPCAccess(config, \"read\", ctx);\n\n const totalDocs = await ctx.db.count({\n collection,\n where: where || {},\n tenantID: ctx.tenantID,\n });\n\n return { totalDocs };\n };\n}\n","import type { KyroContext } from \"./context.js\";\nimport {\n createFindProcedure,\n createFindByIDProcedure,\n createCreateProcedure,\n createUpdateProcedure,\n createDeleteProcedure,\n createCountProcedure,\n} from \"./procedures.js\";\nimport { evaluateAccess } from \"../../access/types.js\";\nimport { hasPermission } from \"../../auth/rbac/checker.js\";\nimport { hasApiKeyPermission } from \"../../auth/api-key.js\";\n\n// ============================================================================\n// Global Access Check Helper\n// ============================================================================\n\nasync function checkGlobalAccessTRPC(\n global: { access?: any; slug: string },\n operation: \"read\" | \"update\",\n ctx: KyroContext,\n): Promise<void> {\n const accessRule = global.access?.[operation];\n\n const apiKey = ctx.apiKey;\n if (apiKey && apiKey.permissions && apiKey.permissions.length > 0) {\n const permission = `globals:${operation}`;\n if (\n !hasApiKeyPermission(apiKey.permissions, permission) &&\n !hasApiKeyPermission(apiKey.permissions, \"globals:admin\")\n ) {\n throw new Error(`Access denied: missing API key permission ${permission}`);\n }\n }\n\n if (ctx.user) {\n const permission = `globals:${operation}`;\n const userHasPermission = hasPermission(\n { id: ctx.user.id, email: ctx.user.email, role: ctx.user.role } as any,\n permission,\n );\n if (!userHasPermission && !hasPermission(\n { id: ctx.user.id, email: ctx.user.email, role: ctx.user.role } as any,\n \"globals:admin\",\n )) {\n if (!accessRule) {\n throw new Error(`Access denied: missing RBAC permission ${permission}`);\n }\n }\n }\n\n if (accessRule) {\n const allowed = await evaluateAccess(accessRule, {\n req: ctx.req,\n user: ctx.user,\n tenantID: ctx.tenantID,\n });\n if (allowed === false) throw new Error(\"Access denied\");\n } else if (!ctx.user && !ctx.apiKey) {\n throw new Error(\"Access denied: authentication required\");\n }\n\n if (ctx.tenantID) {\n ctx.db.setTenantContext({ tenantId: ctx.tenantID, userId: ctx.user?.id ?? '', role: ctx.user?.role, isSuperAdmin: ctx.user?.role === 'super_admin' });\n }\n}\n\n// ============================================================================\n// Dynamic Router Generator\n// ============================================================================\n\nexport function createDynamicRouter(ctx: KyroContext) {\n const router: Record<string, any> = {};\n const collections = ctx.registry.getCollections();\n\n for (const collection of collections) {\n const slug = collection.slug;\n\n router[slug] = {\n find: createFindProcedure(ctx),\n findByID: createFindByIDProcedure(ctx),\n create: createCreateProcedure(ctx),\n update: createUpdateProcedure(ctx),\n delete: createDeleteProcedure(ctx),\n count: createCountProcedure(ctx),\n };\n }\n\n // Add globals\n const globals = ctx.registry.getGlobals();\n for (const global of globals) {\n const slug = global.slug;\n\n router[`_globals_${slug}`] = {\n get: async () => {\n await checkGlobalAccessTRPC(global, \"read\", ctx);\n\n const doc = await ctx.db.findOne({\n collection: `_globals_${slug}`,\n where: {},\n tenantID: ctx.tenantID,\n });\n return doc;\n },\n update: async (input: { data: Record<string, any> }) => {\n await checkGlobalAccessTRPC(global, \"update\", ctx);\n\n const schema = ctx.registry.getZodSchema(slug);\n const validated = schema.parse(input.data);\n\n const existing = await ctx.db.findOne({\n collection: `_globals_${slug}`,\n where: {},\n tenantID: ctx.tenantID,\n });\n\n let doc;\n if (existing) {\n doc = await ctx.db.update({\n collection: `_globals_${slug}`,\n id: existing.id,\n data: validated,\n tenantID: ctx.tenantID,\n });\n } else {\n doc = await ctx.db.create({\n collection: `_globals_${slug}`,\n data: { ...validated, id: slug },\n tenantID: ctx.tenantID,\n });\n }\n\n return doc;\n },\n };\n }\n\n return router;\n}\n\n// ============================================================================\n// Typed Router Interface\n// ============================================================================\n\nexport interface KyroRouter {\n [collectionSlug: string]: {\n find: (input: {\n where?: Record<string, any>;\n sort?: string;\n limit?: number;\n page?: number;\n depth?: number;\n select?: string[];\n draft?: boolean;\n }) => Promise<{\n docs: any[];\n totalDocs: number;\n limit: number;\n totalPages: number;\n page: number;\n pagingCounter: number;\n hasPrevPage: boolean;\n hasNextPage: boolean;\n prevPage: number | null;\n nextPage: number | null;\n }>;\n findByID: (input: {\n id: string;\n depth?: number;\n select?: string[];\n draft?: boolean;\n }) => Promise<any>;\n create: (input: {\n data: Record<string, any>;\n depth?: number;\n select?: string[];\n }) => Promise<{ doc: any }>;\n update: (input: {\n id: string;\n data: Record<string, any>;\n depth?: number;\n select?: string[];\n baseUpdatedAt?: string;\n }) => Promise<{ doc: any }>;\n delete: (input: { id: string }) => Promise<{ doc: any; message: string }>;\n count: (input: {\n where?: Record<string, any>;\n }) => Promise<{ totalDocs: number }>;\n };\n}\n\n// ============================================================================\n// Server Entry\n// ============================================================================\n\nexport function createKyroServer(ctx: KyroContext): KyroRouter {\n // Check if tRPC is disabled in settings\n const apiAccess = ctx.settings?.access?.apiAccess;\n if (apiAccess?.trpcEnabled === false) {\n throw new Error(\"tRPC API is disabled\");\n }\n\n return createDynamicRouter(ctx) as KyroRouter;\n}\n"]}
package/dist/{chunk-QUW2RZTM.cjs → chunk-L46ROHUS.cjs} RENAMED
@@ -11,15 +11,15 @@ var fs__default = /*#__PURE__*/_interopDefault(fs);
11
11
 
12
12
  // src/integration.ts
13
13
  var API_HANDLER_ENTRYPOINT = path__default.default.resolve(
14
- new URL(".", (typeof document === 'undefined' ? require('u' + 'rl').pathToFileURL(__filename).href : (_documentCurrentScript && _documentCurrentScript.tagName.toUpperCase() === 'SCRIPT' && _documentCurrentScript.src || new URL('chunk-QUW2RZTM.cjs', document.baseURI).href))).pathname,
14
+ new URL(".", (typeof document === 'undefined' ? require('u' + 'rl').pathToFileURL(__filename).href : (_documentCurrentScript && _documentCurrentScript.tagName.toUpperCase() === 'SCRIPT' && _documentCurrentScript.src || new URL('chunk-L46ROHUS.cjs', document.baseURI).href))).pathname,
15
15
  "api-handler.js"
16
16
  );
17
17
  var GRAPHQL_HANDLER_ENTRYPOINT = path__default.default.resolve(
18
- new URL(".", (typeof document === 'undefined' ? require('u' + 'rl').pathToFileURL(__filename).href : (_documentCurrentScript && _documentCurrentScript.tagName.toUpperCase() === 'SCRIPT' && _documentCurrentScript.src || new URL('chunk-QUW2RZTM.cjs', document.baseURI).href))).pathname,
18
+ new URL(".", (typeof document === 'undefined' ? require('u' + 'rl').pathToFileURL(__filename).href : (_documentCurrentScript && _documentCurrentScript.tagName.toUpperCase() === 'SCRIPT' && _documentCurrentScript.src || new URL('chunk-L46ROHUS.cjs', document.baseURI).href))).pathname,
19
19
  "api-handler-graphql.js"
20
20
  );
21
21
  var TRPC_HANDLER_ENTRYPOINT = path__default.default.resolve(
22
- new URL(".", (typeof document === 'undefined' ? require('u' + 'rl').pathToFileURL(__filename).href : (_documentCurrentScript && _documentCurrentScript.tagName.toUpperCase() === 'SCRIPT' && _documentCurrentScript.src || new URL('chunk-QUW2RZTM.cjs', document.baseURI).href))).pathname,
22
+ new URL(".", (typeof document === 'undefined' ? require('u' + 'rl').pathToFileURL(__filename).href : (_documentCurrentScript && _documentCurrentScript.tagName.toUpperCase() === 'SCRIPT' && _documentCurrentScript.src || new URL('chunk-L46ROHUS.cjs', document.baseURI).href))).pathname,
23
23
  "api-handler-trpc.js"
24
24
  );
25
25
  function kyro(options = {}) {
@@ -47,6 +47,47 @@ function kyro(options = {}) {
47
47
  }
48
48
  updateConfig({
49
49
  vite: {
50
+ plugins: [
51
+ {
52
+ name: "use-sync-external-store-shim-fix",
53
+ enforce: "pre",
54
+ resolveId(id) {
55
+ if (id === "use-sync-external-store/shim" || id === "use-sync-external-store/shim/index.js") {
56
+ return "\0virtual:use-sync-external-store-shim";
57
+ }
58
+ if (id === "use-sync-external-store/shim/with-selector" || id === "use-sync-external-store/shim/with-selector.js") {
59
+ return "\0virtual:use-sync-external-store-shim-with-selector";
60
+ }
61
+ },
62
+ load(id) {
63
+ if (id === "\0virtual:use-sync-external-store-shim") {
64
+ return `export { useSyncExternalStore } from "react";`;
65
+ }
66
+ if (id === "\0virtual:use-sync-external-store-shim-with-selector") {
67
+ return `
68
+ import { useSyncExternalStore, useMemo } from "react";
69
+ export function useSyncExternalStoreWithSelector(subscribe, getSnapshot, getServerSnapshot, selector, isEqual) {
70
+ const memoizedSelector = useMemo(() => {
71
+ let last, lastSnap, hasMemo = false;
72
+ return (snap) => {
73
+ if (!hasMemo || !Object.is(lastSnap, snap)) {
74
+ const next = selector(snap);
75
+ if (!hasMemo || !(isEqual ? isEqual(last, next) : Object.is(last, next))) {
76
+ last = next; lastSnap = snap; hasMemo = true;
77
+ }
78
+ }
79
+ return last;
80
+ };
81
+ }, [selector, isEqual]);
82
+ const getSelection = () => memoizedSelector(getSnapshot());
83
+ const getServerSelection = getServerSnapshot != null ? () => memoizedSelector(getServerSnapshot()) : undefined;
84
+ return useSyncExternalStore(subscribe, getSelection, getServerSelection);
85
+ }
86
+ `;
87
+ }
88
+ }
89
+ }
90
+ ],
50
91
  resolve: {
51
92
  alias: {
52
93
  "kyro:config": finalConfigPath
@@ -54,7 +95,10 @@ function kyro(options = {}) {
54
95
  },
55
96
  define: {
56
97
  __KYRO_API_PATH__: JSON.stringify(apiPath),
57
- __KYRO_ADMIN_PATH__: JSON.stringify(adminPath)
98
+ __KYRO_ADMIN_PATH__: JSON.stringify(adminPath),
99
+ __KYRO_ENABLE_GRAPHQL__: JSON.stringify(enableGraphQL),
100
+ __KYRO_ENABLE_TRPC__: JSON.stringify(enableTRPC),
101
+ __KYRO_ENABLE_WS__: JSON.stringify(enableWebSocket)
58
102
  }
59
103
  }
60
104
  });
@@ -77,7 +121,7 @@ function kyro(options = {}) {
77
121
  logger.info(`tRPC endpoint enabled at ${apiPath}/trpc`);
78
122
  }
79
123
  if (enableWebSocket) {
80
- logger.info(`WebSocket support will be initialized at runtime`);
124
+ logger.info(`WebSocket support enabled (auto-starts at first request)`);
81
125
  }
82
126
  }
83
127
  }
@@ -85,5 +129,5 @@ function kyro(options = {}) {
85
129
  }
86
130
 
87
131
  exports.kyro = kyro;
88
- //# sourceMappingURL=chunk-QUW2RZTM.cjs.map
89
- //# sourceMappingURL=chunk-QUW2RZTM.cjs.map
132
+ //# sourceMappingURL=chunk-L46ROHUS.cjs.map
133
+ //# sourceMappingURL=chunk-L46ROHUS.cjs.map
package/dist/chunk-L46ROHUS.cjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/integration.ts"],"names":["path","fs"],"mappings":";;;;;;;;;;;;AAIA,IAAM,yBAAyBA,qBAAA,CAAK,OAAA;AAAA,EAClC,IAAI,GAAA,CAAI,GAAA,EAAK,oQAAe,CAAA,CAAE,QAAA;AAAA,EAC9B;AACF,CAAA;AACA,IAAM,6BAA6BA,qBAAA,CAAK,OAAA;AAAA,EACtC,IAAI,GAAA,CAAI,GAAA,EAAK,oQAAe,CAAA,CAAE,QAAA;AAAA,EAC9B;AACF,CAAA;AACA,IAAM,0BAA0BA,qBAAA,CAAK,OAAA;AAAA,EACnC,IAAI,GAAA,CAAI,GAAA,EAAK,oQAAe,CAAA,CAAE,QAAA;AAAA,EAC9B;AACF,CAAA;AAYe,SAAR,IAAA,CAAsB,OAAA,GAAkC,EAAC,EAAqB;AACnF,EAAA,MAAM;AAAA,IACJ,UAAA,GAAa,kBAAA;AAAA,IACb,OAAA,GAAU,MAAA;AAAA,IACV,SAAA,GAAY,QAAA;AAAA,IACZ,KAAA,GAAQ,IAAA;AAAA,IACR,aAAA,GAAgB,KAAA;AAAA,IAChB,UAAA,GAAa,KAAA;AAAA,IACb,eAAA,GAAkB;AAAA,GACpB,GAAI,OAAA;AAEJ,EAAA,OAAO;AAAA,IACL,IAAA,EAAM,gBAAA;AAAA,IACN,KAAA,EAAO;AAAA,MACL,sBAAsB,OAAO,EAAE,QAAQ,YAAA,EAAc,WAAA,EAAa,QAAO,KAAM;AAC7E,QAAA,MAAA,CAAO,IAAA,CAAK,CAAA,0BAAA,EAA6B,OAAO,CAAA,SAAA,EAAY,SAAS,CAAA,CAAA,CAAG,CAAA;AAExE,QAAA,IAAI,YAAY,SAAA,EAAW;AACzB,UAAA,MAAM,IAAI,KAAA,CAAM,CAAA,qDAAA,EAAwD,OAAO,CAAA,EAAA,CAAI,CAAA;AAAA,QACrF;AAEA,QAAA,MAAM,qBAAqBA,qBAAA,CAAK,OAAA,CAAQ,MAAA,CAAO,IAAA,CAAK,UAAU,UAAU,CAAA;AAExE,QAAA,IAAI,eAAA,GAAkB,kBAAA;AACtB,QAAA,IAAI,CAACC,mBAAA,CAAG,UAAA,CAAW,kBAAkB,CAAA,EAAG;AACtC,UAAA,MAAA,CAAO,IAAA,CAAK,CAAA,8BAAA,EAAiC,UAAU,CAAA,sDAAA,CAAwD,CAAA;AAAA,QACjH;AAEA,QAAA,YAAA,CAAa;AAAA,UACX,IAAA,EAAM;AAAA,YACJ,OAAA,EAAS;AAAA,cACP;AAAA,gBACE,IAAA,EAAM,kCAAA;AAAA,gBACN,OAAA,EAAS,KAAA;AAAA,gBACT,UAAU,EAAA,EAAY;AACpB,kBAAA,IACE,EAAA,KAAO,8BAAA,IACP,EAAA,KAAO,uCAAA,EACP;AACA,oBAAA,OAAO,wCAAA;AAAA,kBACT;AACA,kBAAA,IACE,EAAA,KAAO,4CAAA,IACP,EAAA,KAAO,+CAAA,EACP;AACA,oBAAA,OAAO,sDAAA;AAAA,kBACT;AAAA,gBACF,CAAA;AAAA,gBACA,KAAK,EAAA,EAAY;AACf,kBAAA,IAAI,OAAO,wCAAA,EAA0C;AACnD,oBAAA,OAAO,CAAA,6CAAA,CAAA;AAAA,kBACT;AACA,kBAAA,IAAI,OAAO,sDAAA,EAAwD;AACjE,oBAAA,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,CAAA;AAAA,kBAoBT;AAAA,gBACF;AAAA;AACF,aACF;AAAA,YACA,OAAA,EAAS;AAAA,cACP,KAAA,EAAO;AAAA,gBACL,aAAA,EAAe;AAAA;AACjB,aACF;AAAA,YACA,MAAA,EAAQ;AAAA,cACN,iBAAA,EAAmB,IAAA,CAAK,SAAA,CAAU,OAAO,CAAA;AAAA,cACzC,mBAAA,EAAqB,IAAA,CAAK,SAAA,CAAU,SAAS,CAAA;AAAA,cAC7C,uBAAA,EAAyB,IAAA,CAAK,SAAA,CAAU,aAAa,CAAA;AAAA,cACrD,oBAAA,EAAsB,IAAA,CAAK,SAAA,CAAU,UAAU,CAAA;AAAA,cAC/C,kBAAA,EAAoB,IAAA,CAAK,SAAA,CAAU,eAAe;AAAA;AACpD;AACF,SACD,CAAA;AAED,QAAA,WAAA,CAAY;AAAA,UACV,OAAA,EAAS,GAAG,OAAO,CAAA,UAAA,CAAA;AAAA,UACnB,UAAA,EAAY;AAAA,SACb,CAAA;AAED,QAAA,IAAI,aAAA,EAAe;AACjB,UAAA,WAAA,CAAY;AAAA,YACV,OAAA,EAAS,GAAG,OAAO,CAAA,QAAA,CAAA;AAAA,YACnB,UAAA,EAAY;AAAA,WACb,CAAA;AACD,UAAA,MAAA,CAAO,IAAA,CAAK,CAAA,4BAAA,EAA+B,OAAO,CAAA,QAAA,CAAU,CAAA;AAAA,QAC9D;AAEA,QAAA,IAAI,UAAA,EAAY;AACd,UAAA,WAAA,CAAY;AAAA,YACV,OAAA,EAAS,GAAG,OAAO,CAAA,eAAA,CAAA;AAAA,YACnB,UAAA,EAAY;AAAA,WACb,CAAA;AACD,UAAA,MAAA,CAAO,IAAA,CAAK,CAAA,yBAAA,EAA4B,OAAO,CAAA,KAAA,CAAO,CAAA;AAAA,QACxD;AAEA,QAAA,IAAI,eAAA,EAAiB;AACnB,UAAA,MAAA,CAAO,KAAK,CAAA,wDAAA,CAA0D,CAAA;AAAA,QACxE;AAAA,MACF;AAAA;AACF,GACF;AACF","file":"chunk-L46ROHUS.cjs","sourcesContent":["import type { AstroIntegration } from \"astro\";\nimport path from \"path\";\nimport fs from \"fs\";\n\nconst API_HANDLER_ENTRYPOINT = path.resolve(\n new URL(\".\", import.meta.url).pathname,\n \"api-handler.js\",\n);\nconst GRAPHQL_HANDLER_ENTRYPOINT = path.resolve(\n new URL(\".\", import.meta.url).pathname,\n \"api-handler-graphql.js\",\n);\nconst TRPC_HANDLER_ENTRYPOINT = path.resolve(\n new URL(\".\", import.meta.url).pathname,\n \"api-handler-trpc.js\",\n);\n\nexport interface KyroIntegrationOptions {\n configPath?: string;\n apiPath?: string;\n adminPath?: string;\n admin?: boolean;\n enableGraphQL?: boolean;\n enableTRPC?: boolean;\n enableWebSocket?: boolean;\n}\n\nexport default function kyro(options: KyroIntegrationOptions = {}): AstroIntegration {\n const {\n configPath = \"./kyro.config.ts\",\n apiPath = \"/api\",\n adminPath = \"/admin\",\n admin = true,\n enableGraphQL = false,\n enableTRPC = false,\n enableWebSocket = false,\n } = options;\n\n return {\n name: \"@kyro-cms/core\",\n hooks: {\n \"astro:config:setup\": async ({ config, updateConfig, injectRoute, logger }) => {\n logger.info(`Setting up Kyro CMS (API: ${apiPath}, Admin: ${adminPath})`);\n \n if (apiPath === adminPath) {\n throw new Error(`Kyro CMS: apiPath and adminPath cannot be the same (\"${apiPath}\")`);\n }\n\n const resolvedConfigPath = path.resolve(config.root.pathname, configPath);\n \n let finalConfigPath = resolvedConfigPath;\n if (!fs.existsSync(resolvedConfigPath)) {\n logger.warn(`Kyro config file not found at ${configPath}. The API will fail to boot if collections are needed.`);\n }\n \n updateConfig({\n vite: {\n plugins: [\n {\n name: \"use-sync-external-store-shim-fix\",\n enforce: \"pre\" as const,\n resolveId(id: string) {\n if (\n id === \"use-sync-external-store/shim\" ||\n id === \"use-sync-external-store/shim/index.js\"\n ) {\n return \"\\0virtual:use-sync-external-store-shim\";\n }\n if (\n id === \"use-sync-external-store/shim/with-selector\" ||\n id === \"use-sync-external-store/shim/with-selector.js\"\n ) {\n return \"\\0virtual:use-sync-external-store-shim-with-selector\";\n }\n },\n load(id: string) {\n if (id === \"\\0virtual:use-sync-external-store-shim\") {\n return `export { useSyncExternalStore } from \"react\";`;\n }\n if (id === \"\\0virtual:use-sync-external-store-shim-with-selector\") {\n return `\nimport { useSyncExternalStore, useMemo } from \"react\";\nexport function useSyncExternalStoreWithSelector(subscribe, getSnapshot, getServerSnapshot, selector, isEqual) {\n const memoizedSelector = useMemo(() => {\n let last, lastSnap, hasMemo = false;\n return (snap) => {\n if (!hasMemo || !Object.is(lastSnap, snap)) {\n const next = selector(snap);\n if (!hasMemo || !(isEqual ? isEqual(last, next) : Object.is(last, next))) {\n last = next; lastSnap = snap; hasMemo = true;\n }\n }\n return last;\n };\n }, [selector, isEqual]);\n const getSelection = () => memoizedSelector(getSnapshot());\n const getServerSelection = getServerSnapshot != null ? () => memoizedSelector(getServerSnapshot()) : undefined;\n return useSyncExternalStore(subscribe, getSelection, getServerSelection);\n}\n`;\n }\n },\n },\n ],\n resolve: {\n alias: {\n \"kyro:config\": finalConfigPath,\n },\n },\n define: {\n __KYRO_API_PATH__: JSON.stringify(apiPath),\n __KYRO_ADMIN_PATH__: JSON.stringify(adminPath),\n __KYRO_ENABLE_GRAPHQL__: JSON.stringify(enableGraphQL),\n __KYRO_ENABLE_TRPC__: JSON.stringify(enableTRPC),\n __KYRO_ENABLE_WS__: JSON.stringify(enableWebSocket),\n },\n },\n });\n \n injectRoute({\n pattern: `${apiPath}/[...path]`,\n entrypoint: API_HANDLER_ENTRYPOINT,\n });\n\n if (enableGraphQL) {\n injectRoute({\n pattern: `${apiPath}/graphql`,\n entrypoint: GRAPHQL_HANDLER_ENTRYPOINT,\n });\n logger.info(`GraphQL endpoint enabled at ${apiPath}/graphql`);\n }\n\n if (enableTRPC) {\n injectRoute({\n pattern: `${apiPath}/trpc/[...path]`,\n entrypoint: TRPC_HANDLER_ENTRYPOINT,\n });\n logger.info(`tRPC endpoint enabled at ${apiPath}/trpc`);\n }\n\n if (enableWebSocket) {\n logger.info(`WebSocket support enabled (auto-starts at first request)`);\n }\n },\n },\n };\n}\n"]}