npm - @mesob/auth-hono - Versions diffs - 0.3.4 → 0.4.0 - Mend

@mesob/auth-hono 0.3.4 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (30) hide show

package/dist/{index-BvdbhtRX.d.ts → index-CKOeabpa.d.ts} +23 -2
package/dist/{index-Bh3bDnP5.d.ts → index-zShda6U3.d.ts} +188 -137
package/dist/index.d.ts +5 -4
package/dist/index.js +2471 -801
package/dist/index.js.map +1 -1
package/dist/lib/cleanup.d.ts +1 -1
package/dist/lib/cleanup.js +36 -34
package/dist/lib/cleanup.js.map +1 -1
package/dist/lib/cookie.d.ts +3 -2
package/dist/lib/has-role-permission.d.ts +3 -2
package/dist/lib/has-role-permission.js +2 -4
package/dist/lib/has-role-permission.js.map +1 -1
package/dist/lib/iam-seed.d.ts +2178 -0
package/dist/lib/iam-seed.js +470 -0
package/dist/lib/iam-seed.js.map +1 -0
package/dist/lib/normalize-auth-response.d.ts +26 -0
package/dist/lib/normalize-auth-response.js +20 -0
package/dist/lib/normalize-auth-response.js.map +1 -0
package/dist/lib/normalize-user.d.ts +3 -2
package/dist/lib/openapi-config.d.ts +3 -2
package/dist/lib/permission-catalog.d.ts +27 -0
package/dist/lib/permission-catalog.js +364 -0
package/dist/lib/permission-catalog.js.map +1 -0
package/dist/lib/phone-validation.d.ts +3 -2
package/dist/lib/session.d.ts +3 -2
package/dist/lib/tenant.d.ts +3 -2
package/dist/lib/user-auth-select.d.ts +9 -0
package/dist/lib/user-auth-select.js +352 -0
package/dist/lib/user-auth-select.js.map +1 -0
package/package.json +2 -2

package/dist/lib/iam-seed.js ADDED Viewed

@@ -0,0 +1,470 @@
+// src/lib/iam-seed.ts
+import { randomUUID } from "crypto";
+import { getPermissionEntries, toTitleCase } from "@mesob/common";
+import {
+  and,
+  eq,
+  inArray,
+  notInArray,
+  sql as sql2
+} from "drizzle-orm";
+import { HTTPException } from "hono/http-exception";
+// src/db/schema.ts
+import { pgSchema, index, foreignKey, pgPolicy, check, uuid, varchar, timestamp, text, smallint, unique, inet, jsonb, boolean, uniqueIndex } from "drizzle-orm/pg-core";
+import { sql } from "drizzle-orm";
+var iam = pgSchema("iam");
+var verificationsInIam = iam.table("verifications", {
+  id: uuid().default(sql`uuid_generate_v7()`).primaryKey().notNull(),
+  tenantId: varchar("tenant_id", { length: 30 }).notNull(),
+  createdAt: timestamp("created_at", { withTimezone: true, mode: "string" }).default(sql`CURRENT_TIMESTAMP`).notNull(),
+  updatedAt: timestamp("updated_at", { withTimezone: true, mode: "string" }).default(sql`CURRENT_TIMESTAMP`).notNull(),
+  userId: uuid("user_id").notNull(),
+  code: text().notNull(),
+  expiresAt: timestamp("expires_at", { withTimezone: true, mode: "string" }).notNull(),
+  type: text(),
+  attempt: smallint().default(0),
+  to: text()
+}, (table) => [
+  index("verifications_expires_at_idx").using("btree", table.expiresAt.asc().nullsLast().op("timestamptz_ops")),
+  index("verifications_lookup_idx").using("btree", table.tenantId.asc().nullsLast().op("text_ops"), table.userId.asc().nullsLast().op("text_ops"), table.type.asc().nullsLast().op("uuid_ops"), table.to.asc().nullsLast().op("text_ops"), table.code.asc().nullsLast().op("text_ops")),
+  foreignKey({
+    columns: [table.tenantId],
+    foreignColumns: [tenantsInIam.id],
+    name: "verifications_tenant_id_fkey"
+  }).onUpdate("cascade").onDelete("cascade"),
+  foreignKey({
+    columns: [table.userId],
+    foreignColumns: [usersInIam.id],
+    name: "verifications_user_id_fkey"
+  }).onUpdate("cascade").onDelete("cascade"),
+  pgPolicy("tenant_isolation", { as: "permissive", for: "all", to: ["public"], using: sql`((tenant_id)::text = (iam.current_tenant_id())::text)`, withCheck: sql`((tenant_id)::text = (iam.current_tenant_id())::text)` }),
+  check("verifications_attempt_nonnegative_check", sql`attempt >= 0`),
+  check("verifications_expires_after_created_check", sql`expires_at > created_at`)
+]);
+var sessionsInIam = iam.table("sessions", {
+  id: uuid().default(sql`uuid_generate_v7()`).primaryKey().notNull(),
+  tenantId: varchar("tenant_id", { length: 30 }).notNull(),
+  createdAt: timestamp("created_at", { withTimezone: true, mode: "string" }).default(sql`CURRENT_TIMESTAMP`).notNull(),
+  updatedAt: timestamp("updated_at", { withTimezone: true, mode: "string" }).default(sql`CURRENT_TIMESTAMP`).notNull(),
+  userId: uuid("user_id").notNull(),
+  expiresAt: timestamp("expires_at", { withTimezone: true, mode: "string" }).notNull(),
+  userAgent: text("user_agent"),
+  ip: inet(),
+  meta: jsonb(),
+  token: text().notNull(),
+  rotatedAt: timestamp("rotated_at", { withTimezone: true, mode: "string" }).default(sql`CURRENT_TIMESTAMP`)
+}, (table) => [
+  index("sessions_expires_at_idx").using("btree", table.expiresAt.asc().nullsLast().op("timestamptz_ops")),
+  index("sessions_tenant_user_idx").using("btree", table.tenantId.asc().nullsLast().op("uuid_ops"), table.userId.asc().nullsLast().op("text_ops")),
+  foreignKey({
+    columns: [table.tenantId],
+    foreignColumns: [tenantsInIam.id],
+    name: "sessions_tenant_id_fkey"
+  }).onUpdate("cascade").onDelete("cascade"),
+  foreignKey({
+    columns: [table.userId],
+    foreignColumns: [usersInIam.id],
+    name: "sessions_user_id_fkey"
+  }).onUpdate("cascade").onDelete("cascade"),
+  unique("sessions_token_key").on(table.token),
+  pgPolicy("tenant_isolation", { as: "permissive", for: "all", to: ["public"], using: sql`((tenant_id)::text = (iam.current_tenant_id())::text)`, withCheck: sql`((tenant_id)::text = (iam.current_tenant_id())::text)` }),
+  check("sessions_expires_after_created_check", sql`expires_at > created_at`)
+]);
+var accountChangesInIam = iam.table("account_changes", {
+  id: uuid().default(sql`uuid_generate_v7()`).primaryKey().notNull(),
+  tenantId: varchar("tenant_id", { length: 30 }).notNull(),
+  userId: uuid("user_id").notNull(),
+  createdAt: timestamp("created_at", { withTimezone: true, mode: "string" }).default(sql`CURRENT_TIMESTAMP`).notNull(),
+  updatedAt: timestamp("updated_at", { withTimezone: true, mode: "string" }).default(sql`CURRENT_TIMESTAMP`).notNull(),
+  changeType: text("change_type").notNull(),
+  oldEmail: varchar("old_email"),
+  newEmail: varchar("new_email"),
+  oldPhone: text("old_phone"),
+  newPhone: text("new_phone"),
+  status: varchar().notNull(),
+  expiresAt: timestamp("expires_at", { withTimezone: true, mode: "string" }).notNull(),
+  confirmedAt: timestamp("confirmed_at", { withTimezone: true, mode: "string" }),
+  cancelledAt: timestamp("cancelled_at", { withTimezone: true, mode: "string" }),
+  reason: text()
+}, (table) => [
+  index("account_changes_expires_at_idx").using("btree", table.expiresAt.asc().nullsLast().op("timestamptz_ops")),
+  index("account_changes_tenant_user_status_idx").using("btree", table.tenantId.asc().nullsLast().op("uuid_ops"), table.userId.asc().nullsLast().op("text_ops"), table.status.asc().nullsLast().op("uuid_ops")),
+  index("idx_account_changes_expired").using("btree", table.expiresAt.asc().nullsLast().op("text_ops"), table.status.asc().nullsLast().op("text_ops")).where(sql`((status)::text = 'pending'::text)`),
+  foreignKey({
+    columns: [table.tenantId],
+    foreignColumns: [tenantsInIam.id],
+    name: "account_changes_tenant_id_fkey"
+  }).onUpdate("cascade").onDelete("cascade"),
+  foreignKey({
+    columns: [table.userId],
+    foreignColumns: [usersInIam.id],
+    name: "account_changes_user_id_fkey"
+  }).onUpdate("cascade").onDelete("cascade"),
+  pgPolicy("tenant_isolation", { as: "permissive", for: "all", to: ["public"], using: sql`((tenant_id)::text = (iam.current_tenant_id())::text)`, withCheck: sql`((tenant_id)::text = (iam.current_tenant_id())::text)` }),
+  check("account_changes_expires_after_created_check", sql`expires_at > created_at`),
+  check("account_changes_change_type_check", sql`((change_type = 'EMAIL'::text) AND (old_email IS NOT NULL) AND (new_email IS NOT NULL) AND (old_phone IS NULL) AND (new_phone IS NULL)) OR ((change_type = 'PHONE'::text) AND (old_phone IS NOT NULL) AND (new_phone IS NOT NULL) AND (old_email IS NULL) AND (new_email IS NULL))`),
+  check("account_changes_status_check", sql`(status)::text = ANY (ARRAY[('PENDING'::character varying)::text, ('APPLIED'::character varying)::text, ('CANCELLED'::character varying)::text, ('EXPIRED'::character varying)::text])`)
+]);
+var tenantsInIam = iam.table("tenants", {
+  id: varchar({ length: 30 }).primaryKey().notNull(),
+  createdAt: timestamp("created_at", { withTimezone: true, mode: "string" }).default(sql`CURRENT_TIMESTAMP`).notNull(),
+  updatedAt: timestamp("updated_at", { withTimezone: true, mode: "string" }).default(sql`CURRENT_TIMESTAMP`).notNull(),
+  name: jsonb().notNull(),
+  description: jsonb(),
+  theme: jsonb(),
+  supportedLanguages: jsonb("supported_languages"),
+  defaultLanguage: text("default_language"),
+  supportedCurrency: jsonb("supported_currency"),
+  defaultCurrency: text("default_currency"),
+  timezone: text(),
+  isActive: boolean("is_active").default(true).notNull(),
+  locale: jsonb(),
+  settings: jsonb(),
+  seo: jsonb()
+}, (table) => [
+  index("tenants_is_active_idx").using("btree", table.isActive.asc().nullsLast().op("bool_ops"))
+]);
+var rolePermissionsInIam = iam.table("role_permissions", {
+  id: uuid().default(sql`uuid_generate_v7()`).primaryKey().notNull(),
+  tenantId: varchar("tenant_id", { length: 30 }).notNull(),
+  permissionId: text("permission_id").notNull(),
+  roleId: uuid("role_id").notNull()
+}, (table) => [
+  index("idx_role_permissions_permission_id").using("btree", table.tenantId.asc().nullsLast().op("text_ops"), table.permissionId.asc().nullsLast().op("text_ops")),
+  foreignKey({
+    columns: [table.tenantId],
+    foreignColumns: [tenantsInIam.id],
+    name: "role_permissions_tenant_id_fkey"
+  }).onUpdate("cascade").onDelete("cascade"),
+  foreignKey({
+    columns: [table.permissionId],
+    foreignColumns: [permissionsInIam.id],
+    name: "role_permissions_permission_id_fkey"
+  }).onUpdate("cascade").onDelete("cascade"),
+  foreignKey({
+    columns: [table.tenantId, table.roleId],
+    foreignColumns: [rolesInIam.tenantId, rolesInIam.id],
+    name: "role_permissions_tenant_role_fkey"
+  }).onDelete("cascade"),
+  unique("role_permissions_tenant_role_permission_unique").on(table.tenantId, table.permissionId, table.roleId),
+  pgPolicy("tenant_isolation", { as: "permissive", for: "all", to: ["public"], using: sql`((tenant_id)::text = (iam.current_tenant_id())::text)`, withCheck: sql`((tenant_id)::text = (iam.current_tenant_id())::text)` })
+]);
+var permissionsInIam = iam.table("permissions", {
+  id: text().primaryKey().notNull(),
+  description: jsonb().notNull(),
+  activity: text().notNull(),
+  application: text().notNull(),
+  feature: text().notNull()
+}, (table) => [
+  unique("permissions_activity_application_feature_key").on(table.activity, table.application, table.feature)
+]);
+var accountsInIam = iam.table("accounts", {
+  id: uuid().default(sql`uuid_generate_v7()`).primaryKey().notNull(),
+  tenantId: varchar("tenant_id", { length: 30 }).notNull(),
+  userId: uuid("user_id").notNull(),
+  provider: text().notNull(),
+  providerAccountId: text("provider_account_id").notNull(),
+  password: text(),
+  passwordLastChangedAt: timestamp("password_last_changed_at", { withTimezone: true, mode: "string" }),
+  idToken: text("id_token"),
+  accessToken: text("access_token"),
+  accessTokenExpiresAt: timestamp("access_token_expires_at", { withTimezone: true, mode: "string" }),
+  refreshToken: text("refresh_token"),
+  refreshTokenExpiresAt: timestamp("refresh_token_expires_at", { withTimezone: true, mode: "string" }),
+  scope: text(),
+  expiresAt: timestamp("expires_at", { withTimezone: true, mode: "string" }),
+  meta: jsonb()
+}, (table) => [
+  index("idx_accounts_provider_lookup").using("btree", table.tenantId.asc().nullsLast().op("text_ops"), table.provider.asc().nullsLast().op("text_ops"), table.providerAccountId.asc().nullsLast().op("text_ops")),
+  index("idx_accounts_user_id").using("btree", table.tenantId.asc().nullsLast().op("text_ops"), table.userId.asc().nullsLast().op("text_ops")),
+  foreignKey({
+    columns: [table.tenantId],
+    foreignColumns: [tenantsInIam.id],
+    name: "accounts_tenant_id_fkey"
+  }).onUpdate("cascade").onDelete("cascade"),
+  foreignKey({
+    columns: [table.userId],
+    foreignColumns: [usersInIam.id],
+    name: "accounts_user_id_fkey"
+  }).onUpdate("cascade").onDelete("cascade"),
+  unique("accounts_tenant_provider_account_unique").on(table.tenantId, table.provider, table.providerAccountId),
+  pgPolicy("tenant_isolation", { as: "permissive", for: "all", to: ["public"], using: sql`((tenant_id)::text = (iam.current_tenant_id())::text)`, withCheck: sql`((tenant_id)::text = (iam.current_tenant_id())::text)` })
+]);
+var usersInIam = iam.table("users", {
+  id: uuid().default(sql`uuid_generate_v7()`).primaryKey().notNull(),
+  tenantId: varchar("tenant_id", { length: 30 }).notNull(),
+  createdAt: timestamp("created_at", { withTimezone: true, mode: "string" }).default(sql`CURRENT_TIMESTAMP`).notNull(),
+  updatedAt: timestamp("updated_at", { withTimezone: true, mode: "string" }).default(sql`CURRENT_TIMESTAMP`).notNull(),
+  fullName: text("full_name").notNull(),
+  image: text(),
+  phone: text(),
+  email: text(),
+  handle: text().notNull(),
+  emailVerified: boolean("email_verified").default(false).notNull(),
+  phoneVerified: boolean("phone_verified").default(false).notNull(),
+  bannedUntil: timestamp("banned_until", { withTimezone: true, mode: "string" }),
+  lastSignInAt: timestamp("last_sign_in_at", { withTimezone: true, mode: "string" }),
+  loginAttempt: smallint("login_attempt").default(0).notNull(),
+  userType: text("user_type").array().default(["RAY"]).notNull()
+}, (table) => [
+  index("idx_users_auth_lookup").using("btree", table.tenantId.asc().nullsLast().op("bool_ops"), table.email.asc().nullsLast().op("bool_ops"), table.id.asc().nullsLast().op("timestamptz_ops"), table.emailVerified.asc().nullsLast().op("timestamptz_ops"), table.bannedUntil.asc().nullsLast().op("uuid_ops")).where(sql`(email IS NOT NULL)`),
+  index("idx_users_email_lookup").using("btree", table.tenantId.asc().nullsLast().op("text_ops"), table.email.asc().nullsLast().op("text_ops")).where(sql`(email IS NOT NULL)`),
+  index("idx_users_handle_lookup").using("btree", table.tenantId.asc().nullsLast().op("text_ops"), table.handle.asc().nullsLast().op("text_ops")),
+  index("idx_users_phone_lookup").using("btree", table.tenantId.asc().nullsLast().op("text_ops"), table.phone.asc().nullsLast().op("text_ops")).where(sql`(phone IS NOT NULL)`),
+  index("idx_users_tenant_email_unique").using("btree", table.tenantId.asc().nullsLast().op("text_ops"), table.email.asc().nullsLast().op("text_ops")).where(sql`(email IS NOT NULL)`),
+  index("idx_users_tenant_is_admin").using("btree", table.tenantId.asc().nullsLast().op("text_ops")).where(sql`(user_type @> ARRAY['admin'::text])`),
+  index("idx_users_tenant_is_candidate").using("btree", table.tenantId.asc().nullsLast().op("text_ops")).where(sql`(user_type @> ARRAY['candidate'::text])`),
+  index("idx_users_tenant_is_employee").using("btree", table.tenantId.asc().nullsLast().op("text_ops")).where(sql`(user_type @> ARRAY['employee'::text])`),
+  index("idx_users_user_types_gin").using("gin", table.userType.asc().nullsLast().op("array_ops")),
+  uniqueIndex("users_tenant_lower_email_idx").using("btree", sql`tenant_id`, sql`lower(email)`),
+  uniqueIndex("users_tenant_lower_handle_idx").using("btree", sql`tenant_id`, sql`lower(handle)`),
+  foreignKey({
+    columns: [table.tenantId],
+    foreignColumns: [tenantsInIam.id],
+    name: "users_tenant_id_fkey"
+  }).onUpdate("cascade").onDelete("cascade"),
+  unique("users_tenant_phone_key").on(table.tenantId, table.phone),
+  pgPolicy("tenant_isolation", { as: "permissive", for: "all", to: ["public"], using: sql`((tenant_id)::text = (iam.current_tenant_id())::text)`, withCheck: sql`((tenant_id)::text = (iam.current_tenant_id())::text)` }),
+  check("users_login_attempt_nonnegative_check", sql`login_attempt >= 0`),
+  check("users_contact_required_check", sql`(email IS NOT NULL) OR (phone IS NOT NULL)`),
+  check("users_user_type_check", sql`user_type <@ ARRAY['candidate'::text, 'employee'::text, 'admin'::text]`)
+]);
+var rolesInIam = iam.table("roles", {
+  tenantId: varchar("tenant_id", { length: 30 }).notNull(),
+  createdAt: timestamp("created_at", { withTimezone: true, mode: "string" }).default(sql`CURRENT_TIMESTAMP`).notNull(),
+  updatedAt: timestamp("updated_at", { withTimezone: true, mode: "string" }).default(sql`CURRENT_TIMESTAMP`).notNull(),
+  name: jsonb().notNull(),
+  description: jsonb().notNull(),
+  code: text().notNull(),
+  id: uuid().default(sql`uuid_generate_v7()`).primaryKey().notNull(),
+  isSystem: boolean("is_system").default(false).notNull(),
+  isEditable: boolean("is_editable").default(true).notNull(),
+  isDeletable: boolean("is_deletable").default(true).notNull()
+}, (table) => [
+  foreignKey({
+    columns: [table.tenantId],
+    foreignColumns: [tenantsInIam.id],
+    name: "roles_tenant_id_fkey"
+  }).onUpdate("cascade").onDelete("cascade"),
+  unique("roles_tenant_code_unique").on(table.tenantId, table.code),
+  unique("roles_tenant_id_unique").on(table.tenantId, table.id),
+  pgPolicy("tenant_isolation", { as: "permissive", for: "all", to: ["public"], using: sql`((tenant_id)::text = (iam.current_tenant_id())::text)`, withCheck: sql`((tenant_id)::text = (iam.current_tenant_id())::text)` })
+]);
+var userRolesInIam = iam.table("user_roles", {
+  id: uuid().default(sql`uuid_generate_v7()`).primaryKey().notNull(),
+  tenantId: varchar("tenant_id", { length: 30 }).notNull(),
+  userId: uuid("user_id").notNull(),
+  roleId: uuid("role_id").notNull()
+}, (table) => [
+  index("idx_user_roles_tenant_user").using("btree", table.tenantId.asc().nullsLast().op("text_ops"), table.userId.asc().nullsLast().op("uuid_ops")),
+  foreignKey({
+    columns: [table.tenantId],
+    foreignColumns: [tenantsInIam.id],
+    name: "user_roles_tenant_id_fkey"
+  }).onUpdate("cascade").onDelete("cascade"),
+  foreignKey({
+    columns: [table.userId],
+    foreignColumns: [usersInIam.id],
+    name: "user_roles_user_id_fkey"
+  }).onUpdate("cascade").onDelete("cascade"),
+  foreignKey({
+    columns: [table.tenantId, table.roleId],
+    foreignColumns: [rolesInIam.tenantId, rolesInIam.id],
+    name: "user_roles_tenant_role_fkey"
+  }).onDelete("cascade"),
+  unique("user_roles_tenant_user_role_unique").on(table.tenantId, table.userId, table.roleId),
+  pgPolicy("tenant_isolation", { as: "permissive", for: "all", to: ["public"], using: sql`((tenant_id)::text = (iam.current_tenant_id())::text)`, withCheck: sql`((tenant_id)::text = (iam.current_tenant_id())::text)` })
+]);
+var domainsInIam = iam.table("domains", {
+  id: uuid().default(sql`uuid_generate_v7()`).primaryKey().notNull(),
+  tenantId: varchar("tenant_id", { length: 30 }).notNull(),
+  domain: text().notNull(),
+  status: text().default("pending").notNull(),
+  meta: jsonb(),
+  isPrimary: boolean("is_primary").default(false).notNull(),
+  createdAt: timestamp("created_at", { withTimezone: true, mode: "string" }).default(sql`CURRENT_TIMESTAMP`).notNull(),
+  updatedAt: timestamp("updated_at", { withTimezone: true, mode: "string" }).default(sql`CURRENT_TIMESTAMP`).notNull()
+}, (table) => [
+  uniqueIndex("domains_domain_unique_idx").using("btree", sql`lower(domain)`),
+  uniqueIndex("domains_primary_per_tenant_idx").using("btree", table.tenantId.asc().nullsLast().op("text_ops")).where(sql`(is_primary = true)`),
+  index("domains_tenant_status_idx").using("btree", table.tenantId.asc().nullsLast().op("text_ops"), table.status.asc().nullsLast().op("text_ops")),
+  index("idx_domains_tenant_domain_status").using("btree", table.tenantId.asc().nullsLast().op("text_ops"), table.domain.asc().nullsLast().op("text_ops"), table.status.asc().nullsLast().op("text_ops")),
+  foreignKey({
+    columns: [table.tenantId],
+    foreignColumns: [tenantsInIam.id],
+    name: "domains_tenant_id_fkey"
+  }).onUpdate("cascade").onDelete("cascade"),
+  pgPolicy("tenant_isolation", { as: "permissive", for: "all", to: ["public"], using: sql`((tenant_id)::text = (iam.current_tenant_id())::text)`, withCheck: sql`((tenant_id)::text = (iam.current_tenant_id())::text)` }),
+  check("domains_domain_format_check", sql`domain ~ '^[a-zA-Z0-9]([a-zA-Z0-9-]*[a-zA-Z0-9])?(\.[a-zA-Z0-9]([a-zA-Z0-9-]*[a-zA-Z0-9])?)+$'::text`),
+  check("domains_status_check", sql`status = ANY (ARRAY['PENDING'::text, 'ACTIVE'::text, 'DISABLED'::text, 'DELETED'::text])`)
+]);
+// src/lib/iam-seed.ts
+function buildPermissionDescription(code) {
+  return {
+    en: toTitleCase(code.replaceAll(":", " ").replaceAll("_", " "))
+  };
+}
+function buildPermissionSeedRows(permissions) {
+  return getPermissionEntries(permissions).map((entry) => ({
+    id: entry.code,
+    application: entry.application,
+    feature: entry.feature,
+    activity: entry.activity,
+    description: buildPermissionDescription(entry.code)
+  }));
+}
+async function seedPermissions({
+  database,
+  permissions
+}) {
+  const rows = buildPermissionSeedRows(permissions);
+  if (!rows.length) {
+    return [];
+  }
+  await database.insert(permissionsInIam).values(rows).onConflictDoUpdate({
+    target: permissionsInIam.id,
+    set: {
+      application: sql2`excluded.application`,
+      feature: sql2`excluded.feature`,
+      activity: sql2`excluded.activity`,
+      description: sql2`excluded.description`
+    }
+  });
+  return database.select().from(permissionsInIam).where(
+    inArray(
+      permissionsInIam.id,
+      rows.map((row) => row.id)
+    )
+  );
+}
+async function assertPermissionsExist({
+  database,
+  permissionIds
+}) {
+  if (!permissionIds.length) {
+    return;
+  }
+  const existing = await database.select({ id: permissionsInIam.id }).from(permissionsInIam).where(inArray(permissionsInIam.id, permissionIds));
+  const existingIds = new Set(existing.map((permission) => permission.id));
+  const missingPermissionIds = permissionIds.filter(
+    (id) => !existingIds.has(id)
+  );
+  if (missingPermissionIds.length) {
+    throw new HTTPException(400, {
+      message: `Unknown permissions: ${missingPermissionIds.join(", ")}`
+    });
+  }
+}
+async function syncRolePermissions({
+  database,
+  tenantId,
+  roleId,
+  permissionIds
+}) {
+  const uniquePermissionIds = [...new Set(permissionIds)];
+  await assertPermissionsExist({
+    database,
+    permissionIds: uniquePermissionIds
+  });
+  if (!uniquePermissionIds.length) {
+    await database.delete(rolePermissionsInIam).where(
+      and(
+        eq(rolePermissionsInIam.tenantId, tenantId),
+        eq(rolePermissionsInIam.roleId, roleId)
+      )
+    );
+    return [];
+  }
+  await database.delete(rolePermissionsInIam).where(
+    and(
+      eq(rolePermissionsInIam.tenantId, tenantId),
+      eq(rolePermissionsInIam.roleId, roleId),
+      notInArray(rolePermissionsInIam.permissionId, uniquePermissionIds)
+    )
+  );
+  await database.insert(rolePermissionsInIam).values(
+    uniquePermissionIds.map((permissionId) => ({
+      id: randomUUID(),
+      tenantId,
+      roleId,
+      permissionId
+    }))
+  ).onConflictDoNothing({
+    target: [
+      rolePermissionsInIam.tenantId,
+      rolePermissionsInIam.permissionId,
+      rolePermissionsInIam.roleId
+    ]
+  });
+  return database.select().from(rolePermissionsInIam).where(
+    and(
+      eq(rolePermissionsInIam.tenantId, tenantId),
+      eq(rolePermissionsInIam.roleId, roleId)
+    )
+  );
+}
+async function seedRoles({
+  database,
+  tenantId,
+  roles
+}) {
+  if (!roles.length) {
+    return [];
+  }
+  await database.insert(rolesInIam).values(
+    roles.map((role) => ({
+      id: randomUUID(),
+      tenantId,
+      code: role.code,
+      name: role.name,
+      description: role.description ?? { en: role.code },
+      isSystem: role.isSystem ?? false,
+      isEditable: role.isEditable ?? true,
+      isDeletable: role.isDeletable ?? true
+    }))
+  ).onConflictDoUpdate({
+    target: [rolesInIam.tenantId, rolesInIam.code],
+    set: {
+      name: sql2`excluded.name`,
+      description: sql2`excluded.description`,
+      isSystem: sql2`excluded.is_system`,
+      isEditable: sql2`excluded.is_editable`,
+      isDeletable: sql2`excluded.is_deletable`,
+      updatedAt: sql2`CURRENT_TIMESTAMP`
+    }
+  });
+  const seededRoles = await database.select().from(rolesInIam).where(
+    and(
+      eq(rolesInIam.tenantId, tenantId),
+      inArray(
+        rolesInIam.code,
+        roles.map((role) => role.code)
+      )
+    )
+  );
+  const roleByCode = new Map(
+    seededRoles.map((role) => [role.code, role])
+  );
+  for (const role of roles) {
+    const seededRole = roleByCode.get(role.code);
+    if (!seededRole) {
+      continue;
+    }
+    await syncRolePermissions({
+      database,
+      tenantId,
+      roleId: seededRole.id,
+      permissionIds: [...new Set(role.permissionIds ?? [])]
+    });
+  }
+  return seededRoles;
+}
+export {
+  buildPermissionSeedRows,
+  seedPermissions,
+  seedRoles,
+  syncRolePermissions
+};
+//# sourceMappingURL=iam-seed.js.map

package/dist/lib/iam-seed.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../../src/lib/iam-seed.ts","../../src/db/schema.ts"],"sourcesContent":["import { randomUUID } from 'node:crypto';\nimport type { PermissionTree } from '@mesob/common';\nimport { getPermissionEntries, toTitleCase } from '@mesob/common';\nimport {\n and,\n eq,\n type InferInsertModel,\n inArray,\n notInArray,\n sql,\n} from 'drizzle-orm';\nimport { HTTPException } from 'hono/http-exception';\nimport type { Database } from '../db';\nimport {\n permissionsInIam,\n rolePermissionsInIam,\n rolesInIam,\n} from '../db/schema';\nimport type { TransactionClient } from '../db/transaction';\nimport type { SeedRole } from '../types';\n\ntype DatabaseClient = Database | TransactionClient;\n\nfunction buildPermissionDescription(code: string) {\n return {\n en: toTitleCase(code.replaceAll(':', ' ').replaceAll('_', ' ')),\n };\n}\n\nexport function buildPermissionSeedRows(\n permissions?: PermissionTree | null,\n): InferInsertModel<typeof permissionsInIam>[] {\n return getPermissionEntries(permissions).map((entry) => ({\n id: entry.code,\n application: entry.application,\n feature: entry.feature,\n activity: entry.activity,\n description: buildPermissionDescription(entry.code),\n }));\n}\n\nexport async function seedPermissions({\n database,\n permissions,\n}: {\n database: DatabaseClient;\n permissions?: PermissionTree | null;\n}) {\n const rows = buildPermissionSeedRows(permissions);\n if (!rows.length) {\n return [];\n }\n\n await database\n .insert(permissionsInIam)\n .values(rows)\n .onConflictDoUpdate({\n target: permissionsInIam.id,\n set: {\n application: sql`excluded.application`,\n feature: sql`excluded.feature`,\n activity: sql`excluded.activity`,\n description: sql`excluded.description`,\n },\n });\n\n return database\n .select()\n .from(permissionsInIam)\n .where(\n inArray(\n permissionsInIam.id,\n rows.map((row) => row.id),\n ),\n );\n}\n\nasync function assertPermissionsExist({\n database,\n permissionIds,\n}: {\n database: DatabaseClient;\n permissionIds: string[];\n}) {\n if (!permissionIds.length) {\n return;\n }\n\n const existing = await database\n .select({ id: permissionsInIam.id })\n .from(permissionsInIam)\n .where(inArray(permissionsInIam.id, permissionIds));\n\n const existingIds = new Set(existing.map((permission) => permission.id));\n const missingPermissionIds = permissionIds.filter(\n (id) => !existingIds.has(id),\n );\n\n if (missingPermissionIds.length) {\n throw new HTTPException(400, {\n message: `Unknown permissions: ${missingPermissionIds.join(', ')}`,\n });\n }\n}\n\nexport async function syncRolePermissions({\n database,\n tenantId,\n roleId,\n permissionIds,\n}: {\n database: DatabaseClient;\n tenantId: string;\n roleId: string;\n permissionIds: string[];\n}) {\n const uniquePermissionIds = [...new Set(permissionIds)];\n\n await assertPermissionsExist({\n database,\n permissionIds: uniquePermissionIds,\n });\n\n if (!uniquePermissionIds.length) {\n await database\n .delete(rolePermissionsInIam)\n .where(\n and(\n eq(rolePermissionsInIam.tenantId, tenantId),\n eq(rolePermissionsInIam.roleId, roleId),\n ),\n );\n\n return [];\n }\n\n await database\n .delete(rolePermissionsInIam)\n .where(\n and(\n eq(rolePermissionsInIam.tenantId, tenantId),\n eq(rolePermissionsInIam.roleId, roleId),\n notInArray(rolePermissionsInIam.permissionId, uniquePermissionIds),\n ),\n );\n\n await database\n .insert(rolePermissionsInIam)\n .values(\n uniquePermissionIds.map((permissionId) => ({\n id: randomUUID(),\n tenantId,\n roleId,\n permissionId,\n })),\n )\n .onConflictDoNothing({\n target: [\n rolePermissionsInIam.tenantId,\n rolePermissionsInIam.permissionId,\n rolePermissionsInIam.roleId,\n ],\n });\n\n return database\n .select()\n .from(rolePermissionsInIam)\n .where(\n and(\n eq(rolePermissionsInIam.tenantId, tenantId),\n eq(rolePermissionsInIam.roleId, roleId),\n ),\n );\n}\n\nexport async function seedRoles({\n database,\n tenantId,\n roles,\n}: {\n database: DatabaseClient;\n tenantId: string;\n roles: readonly SeedRole[];\n}) {\n if (!roles.length) {\n return [];\n }\n\n await database\n .insert(rolesInIam)\n .values(\n roles.map((role) => ({\n id: randomUUID(),\n tenantId,\n code: role.code,\n name: role.name,\n description: role.description ?? { en: role.code },\n isSystem: role.isSystem ?? false,\n isEditable: role.isEditable ?? true,\n isDeletable: role.isDeletable ?? true,\n })),\n )\n .onConflictDoUpdate({\n target: [rolesInIam.tenantId, rolesInIam.code],\n set: {\n name: sql`excluded.name`,\n description: sql`excluded.description`,\n isSystem: sql`excluded.is_system`,\n isEditable: sql`excluded.is_editable`,\n isDeletable: sql`excluded.is_deletable`,\n updatedAt: sql`CURRENT_TIMESTAMP`,\n },\n });\n\n const seededRoles = await database\n .select()\n .from(rolesInIam)\n .where(\n and(\n eq(rolesInIam.tenantId, tenantId),\n inArray(\n rolesInIam.code,\n roles.map((role) => role.code),\n ),\n ),\n );\n\n const roleByCode = new Map(\n seededRoles.map((role) => [role.code, role] as const),\n );\n\n for (const role of roles) {\n const seededRole = roleByCode.get(role.code);\n if (!seededRole) {\n continue;\n }\n\n await syncRolePermissions({\n database,\n tenantId,\n roleId: seededRole.id,\n permissionIds: [...new Set(role.permissionIds ?? [])],\n });\n }\n\n return seededRoles;\n}\n","import { pgTable, pgSchema, index, foreignKey, pgPolicy, check, uuid, varchar, timestamp, text, smallint, unique, inet, jsonb, boolean, uniqueIndex } from \"drizzle-orm/pg-core\"\nimport { sql } from \"drizzle-orm\"\n\nexport const iam = pgSchema(\"iam\");\n\n\nexport const verificationsInIam = iam.table(\"verifications\", {\n\tid: uuid().default(sql`uuid_generate_v7()`).primaryKey().notNull(),\n\ttenantId: varchar(\"tenant_id\", { length: 30 }).notNull(),\n\tcreatedAt: timestamp(\"created_at\", { withTimezone: true, mode: 'string' }).default(sql`CURRENT_TIMESTAMP`).notNull(),\n\tupdatedAt: timestamp(\"updated_at\", { withTimezone: true, mode: 'string' }).default(sql`CURRENT_TIMESTAMP`).notNull(),\n\tuserId: uuid(\"user_id\").notNull(),\n\tcode: text().notNull(),\n\texpiresAt: timestamp(\"expires_at\", { withTimezone: true, mode: 'string' }).notNull(),\n\ttype: text(),\n\tattempt: smallint().default(0),\n\tto: text(),\n}, (table) => [\n\tindex(\"verifications_expires_at_idx\").using(\"btree\", table.expiresAt.asc().nullsLast().op(\"timestamptz_ops\")),\n\tindex(\"verifications_lookup_idx\").using(\"btree\", table.tenantId.asc().nullsLast().op(\"text_ops\"), table.userId.asc().nullsLast().op(\"text_ops\"), table.type.asc().nullsLast().op(\"uuid_ops\"), table.to.asc().nullsLast().op(\"text_ops\"), table.code.asc().nullsLast().op(\"text_ops\")),\n\tforeignKey({\n\t\t\tcolumns: [table.tenantId],\n\t\t\tforeignColumns: [tenantsInIam.id],\n\t\t\tname: \"verifications_tenant_id_fkey\"\n\t\t}).onUpdate(\"cascade\").onDelete(\"cascade\"),\n\tforeignKey({\n\t\t\tcolumns: [table.userId],\n\t\t\tforeignColumns: [usersInIam.id],\n\t\t\tname: \"verifications_user_id_fkey\"\n\t\t}).onUpdate(\"cascade\").onDelete(\"cascade\"),\n\tpgPolicy(\"tenant_isolation\", { as: \"permissive\", for: \"all\", to: [\"public\"], using: sql`((tenant_id)::text = (iam.current_tenant_id())::text)`, withCheck: sql`((tenant_id)::text = (iam.current_tenant_id())::text)` }),\n\tcheck(\"verifications_attempt_nonnegative_check\", sql`attempt >= 0`),\n\tcheck(\"verifications_expires_after_created_check\", sql`expires_at > created_at`),\n]);\n\nexport const sessionsInIam = iam.table(\"sessions\", {\n\tid: uuid().default(sql`uuid_generate_v7()`).primaryKey().notNull(),\n\ttenantId: varchar(\"tenant_id\", { length: 30 }).notNull(),\n\tcreatedAt: timestamp(\"created_at\", { withTimezone: true, mode: 'string' }).default(sql`CURRENT_TIMESTAMP`).notNull(),\n\tupdatedAt: timestamp(\"updated_at\", { withTimezone: true, mode: 'string' }).default(sql`CURRENT_TIMESTAMP`).notNull(),\n\tuserId: uuid(\"user_id\").notNull(),\n\texpiresAt: timestamp(\"expires_at\", { withTimezone: true, mode: 'string' }).notNull(),\n\tuserAgent: text(\"user_agent\"),\n\tip: inet(),\n\tmeta: jsonb(),\n\ttoken: text().notNull(),\n\trotatedAt: timestamp(\"rotated_at\", { withTimezone: true, mode: 'string' }).default(sql`CURRENT_TIMESTAMP`),\n}, (table) => [\n\tindex(\"sessions_expires_at_idx\").using(\"btree\", table.expiresAt.asc().nullsLast().op(\"timestamptz_ops\")),\n\tindex(\"sessions_tenant_user_idx\").using(\"btree\", table.tenantId.asc().nullsLast().op(\"uuid_ops\"), table.userId.asc().nullsLast().op(\"text_ops\")),\n\tforeignKey({\n\t\t\tcolumns: [table.tenantId],\n\t\t\tforeignColumns: [tenantsInIam.id],\n\t\t\tname: \"sessions_tenant_id_fkey\"\n\t\t}).onUpdate(\"cascade\").onDelete(\"cascade\"),\n\tforeignKey({\n\t\t\tcolumns: [table.userId],\n\t\t\tforeignColumns: [usersInIam.id],\n\t\t\tname: \"sessions_user_id_fkey\"\n\t\t}).onUpdate(\"cascade\").onDelete(\"cascade\"),\n\tunique(\"sessions_token_key\").on(table.token),\n\tpgPolicy(\"tenant_isolation\", { as: \"permissive\", for: \"all\", to: [\"public\"], using: sql`((tenant_id)::text = (iam.current_tenant_id())::text)`, withCheck: sql`((tenant_id)::text = (iam.current_tenant_id())::text)` }),\n\tcheck(\"sessions_expires_after_created_check\", sql`expires_at > created_at`),\n]);\n\nexport const accountChangesInIam = iam.table(\"account_changes\", {\n\tid: uuid().default(sql`uuid_generate_v7()`).primaryKey().notNull(),\n\ttenantId: varchar(\"tenant_id\", { length: 30 }).notNull(),\n\tuserId: uuid(\"user_id\").notNull(),\n\tcreatedAt: timestamp(\"created_at\", { withTimezone: true, mode: 'string' }).default(sql`CURRENT_TIMESTAMP`).notNull(),\n\tupdatedAt: timestamp(\"updated_at\", { withTimezone: true, mode: 'string' }).default(sql`CURRENT_TIMESTAMP`).notNull(),\n\tchangeType: text(\"change_type\").notNull(),\n\toldEmail: varchar(\"old_email\"),\n\tnewEmail: varchar(\"new_email\"),\n\toldPhone: text(\"old_phone\"),\n\tnewPhone: text(\"new_phone\"),\n\tstatus: varchar().notNull(),\n\texpiresAt: timestamp(\"expires_at\", { withTimezone: true, mode: 'string' }).notNull(),\n\tconfirmedAt: timestamp(\"confirmed_at\", { withTimezone: true, mode: 'string' }),\n\tcancelledAt: timestamp(\"cancelled_at\", { withTimezone: true, mode: 'string' }),\n\treason: text(),\n}, (table) => [\n\tindex(\"account_changes_expires_at_idx\").using(\"btree\", table.expiresAt.asc().nullsLast().op(\"timestamptz_ops\")),\n\tindex(\"account_changes_tenant_user_status_idx\").using(\"btree\", table.tenantId.asc().nullsLast().op(\"uuid_ops\"), table.userId.asc().nullsLast().op(\"text_ops\"), table.status.asc().nullsLast().op(\"uuid_ops\")),\n\tindex(\"idx_account_changes_expired\").using(\"btree\", table.expiresAt.asc().nullsLast().op(\"text_ops\"), table.status.asc().nullsLast().op(\"text_ops\")).where(sql`((status)::text = 'pending'::text)`),\n\tforeignKey({\n\t\t\tcolumns: [table.tenantId],\n\t\t\tforeignColumns: [tenantsInIam.id],\n\t\t\tname: \"account_changes_tenant_id_fkey\"\n\t\t}).onUpdate(\"cascade\").onDelete(\"cascade\"),\n\tforeignKey({\n\t\t\tcolumns: [table.userId],\n\t\t\tforeignColumns: [usersInIam.id],\n\t\t\tname: \"account_changes_user_id_fkey\"\n\t\t}).onUpdate(\"cascade\").onDelete(\"cascade\"),\n\tpgPolicy(\"tenant_isolation\", { as: \"permissive\", for: \"all\", to: [\"public\"], using: sql`((tenant_id)::text = (iam.current_tenant_id())::text)`, withCheck: sql`((tenant_id)::text = (iam.current_tenant_id())::text)` }),\n\tcheck(\"account_changes_expires_after_created_check\", sql`expires_at > created_at`),\n\tcheck(\"account_changes_change_type_check\", sql`((change_type = 'EMAIL'::text) AND (old_email IS NOT NULL) AND (new_email IS NOT NULL) AND (old_phone IS NULL) AND (new_phone IS NULL)) OR ((change_type = 'PHONE'::text) AND (old_phone IS NOT NULL) AND (new_phone IS NOT NULL) AND (old_email IS NULL) AND (new_email IS NULL))`),\n\tcheck(\"account_changes_status_check\", sql`(status)::text = ANY (ARRAY[('PENDING'::character varying)::text, ('APPLIED'::character varying)::text, ('CANCELLED'::character varying)::text, ('EXPIRED'::character varying)::text])`),\n]);\n\nexport const tenantsInIam = iam.table(\"tenants\", {\n\tid: varchar({ length: 30 }).primaryKey().notNull(),\n\tcreatedAt: timestamp(\"created_at\", { withTimezone: true, mode: 'string' }).default(sql`CURRENT_TIMESTAMP`).notNull(),\n\tupdatedAt: timestamp(\"updated_at\", { withTimezone: true, mode: 'string' }).default(sql`CURRENT_TIMESTAMP`).notNull(),\n\tname: jsonb().notNull(),\n\tdescription: jsonb(),\n\ttheme: jsonb(),\n\tsupportedLanguages: jsonb(\"supported_languages\"),\n\tdefaultLanguage: text(\"default_language\"),\n\tsupportedCurrency: jsonb(\"supported_currency\"),\n\tdefaultCurrency: text(\"default_currency\"),\n\ttimezone: text(),\n\tisActive: boolean(\"is_active\").default(true).notNull(),\n\tlocale: jsonb(),\n\tsettings: jsonb(),\n\tseo: jsonb(),\n}, (table) => [\n\tindex(\"tenants_is_active_idx\").using(\"btree\", table.isActive.asc().nullsLast().op(\"bool_ops\")),\n]);\n\nexport const rolePermissionsInIam = iam.table(\"role_permissions\", {\n\tid: uuid().default(sql`uuid_generate_v7()`).primaryKey().notNull(),\n\ttenantId: varchar(\"tenant_id\", { length: 30 }).notNull(),\n\tpermissionId: text(\"permission_id\").notNull(),\n\troleId: uuid(\"role_id\").notNull(),\n}, (table) => [\n\tindex(\"idx_role_permissions_permission_id\").using(\"btree\", table.tenantId.asc().nullsLast().op(\"text_ops\"), table.permissionId.asc().nullsLast().op(\"text_ops\")),\n\tforeignKey({\n\t\t\tcolumns: [table.tenantId],\n\t\t\tforeignColumns: [tenantsInIam.id],\n\t\t\tname: \"role_permissions_tenant_id_fkey\"\n\t\t}).onUpdate(\"cascade\").onDelete(\"cascade\"),\n\tforeignKey({\n\t\t\tcolumns: [table.permissionId],\n\t\t\tforeignColumns: [permissionsInIam.id],\n\t\t\tname: \"role_permissions_permission_id_fkey\"\n\t\t}).onUpdate(\"cascade\").onDelete(\"cascade\"),\n\tforeignKey({\n\t\t\tcolumns: [table.tenantId, table.roleId],\n\t\t\tforeignColumns: [rolesInIam.tenantId, rolesInIam.id],\n\t\t\tname: \"role_permissions_tenant_role_fkey\"\n\t\t}).onDelete(\"cascade\"),\n\tunique(\"role_permissions_tenant_role_permission_unique\").on(table.tenantId, table.permissionId, table.roleId),\n\tpgPolicy(\"tenant_isolation\", { as: \"permissive\", for: \"all\", to: [\"public\"], using: sql`((tenant_id)::text = (iam.current_tenant_id())::text)`, withCheck: sql`((tenant_id)::text = (iam.current_tenant_id())::text)` }),\n]);\n\nexport const permissionsInIam = iam.table(\"permissions\", {\n\tid: text().primaryKey().notNull(),\n\tdescription: jsonb().notNull(),\n\tactivity: text().notNull(),\n\tapplication: text().notNull(),\n\tfeature: text().notNull(),\n}, (table) => [\n\tunique(\"permissions_activity_application_feature_key\").on(table.activity, table.application, table.feature),\n]);\n\nexport const accountsInIam = iam.table(\"accounts\", {\n\tid: uuid().default(sql`uuid_generate_v7()`).primaryKey().notNull(),\n\ttenantId: varchar(\"tenant_id\", { length: 30 }).notNull(),\n\tuserId: uuid(\"user_id\").notNull(),\n\tprovider: text().notNull(),\n\tproviderAccountId: text(\"provider_account_id\").notNull(),\n\tpassword: text(),\n\tpasswordLastChangedAt: timestamp(\"password_last_changed_at\", { withTimezone: true, mode: 'string' }),\n\tidToken: text(\"id_token\"),\n\taccessToken: text(\"access_token\"),\n\taccessTokenExpiresAt: timestamp(\"access_token_expires_at\", { withTimezone: true, mode: 'string' }),\n\trefreshToken: text(\"refresh_token\"),\n\trefreshTokenExpiresAt: timestamp(\"refresh_token_expires_at\", { withTimezone: true, mode: 'string' }),\n\tscope: text(),\n\texpiresAt: timestamp(\"expires_at\", { withTimezone: true, mode: 'string' }),\n\tmeta: jsonb(),\n}, (table) => [\n\tindex(\"idx_accounts_provider_lookup\").using(\"btree\", table.tenantId.asc().nullsLast().op(\"text_ops\"), table.provider.asc().nullsLast().op(\"text_ops\"), table.providerAccountId.asc().nullsLast().op(\"text_ops\")),\n\tindex(\"idx_accounts_user_id\").using(\"btree\", table.tenantId.asc().nullsLast().op(\"text_ops\"), table.userId.asc().nullsLast().op(\"text_ops\")),\n\tforeignKey({\n\t\t\tcolumns: [table.tenantId],\n\t\t\tforeignColumns: [tenantsInIam.id],\n\t\t\tname: \"accounts_tenant_id_fkey\"\n\t\t}).onUpdate(\"cascade\").onDelete(\"cascade\"),\n\tforeignKey({\n\t\t\tcolumns: [table.userId],\n\t\t\tforeignColumns: [usersInIam.id],\n\t\t\tname: \"accounts_user_id_fkey\"\n\t\t}).onUpdate(\"cascade\").onDelete(\"cascade\"),\n\tunique(\"accounts_tenant_provider_account_unique\").on(table.tenantId, table.provider, table.providerAccountId),\n\tpgPolicy(\"tenant_isolation\", { as: \"permissive\", for: \"all\", to: [\"public\"], using: sql`((tenant_id)::text = (iam.current_tenant_id())::text)`, withCheck: sql`((tenant_id)::text = (iam.current_tenant_id())::text)` }),\n]);\n\nexport const usersInIam = iam.table(\"users\", {\n\tid: uuid().default(sql`uuid_generate_v7()`).primaryKey().notNull(),\n\ttenantId: varchar(\"tenant_id\", { length: 30 }).notNull(),\n\tcreatedAt: timestamp(\"created_at\", { withTimezone: true, mode: 'string' }).default(sql`CURRENT_TIMESTAMP`).notNull(),\n\tupdatedAt: timestamp(\"updated_at\", { withTimezone: true, mode: 'string' }).default(sql`CURRENT_TIMESTAMP`).notNull(),\n\tfullName: text(\"full_name\").notNull(),\n\timage: text(),\n\tphone: text(),\n\temail: text(),\n\thandle: text().notNull(),\n\temailVerified: boolean(\"email_verified\").default(false).notNull(),\n\tphoneVerified: boolean(\"phone_verified\").default(false).notNull(),\n\tbannedUntil: timestamp(\"banned_until\", { withTimezone: true, mode: 'string' }),\n\tlastSignInAt: timestamp(\"last_sign_in_at\", { withTimezone: true, mode: 'string' }),\n\tloginAttempt: smallint(\"login_attempt\").default(0).notNull(),\n\tuserType: text(\"user_type\").array().default([\"RAY\"]).notNull(),\n}, (table) => [\n\tindex(\"idx_users_auth_lookup\").using(\"btree\", table.tenantId.asc().nullsLast().op(\"bool_ops\"), table.email.asc().nullsLast().op(\"bool_ops\"), table.id.asc().nullsLast().op(\"timestamptz_ops\"), table.emailVerified.asc().nullsLast().op(\"timestamptz_ops\"), table.bannedUntil.asc().nullsLast().op(\"uuid_ops\")).where(sql`(email IS NOT NULL)`),\n\tindex(\"idx_users_email_lookup\").using(\"btree\", table.tenantId.asc().nullsLast().op(\"text_ops\"), table.email.asc().nullsLast().op(\"text_ops\")).where(sql`(email IS NOT NULL)`),\n\tindex(\"idx_users_handle_lookup\").using(\"btree\", table.tenantId.asc().nullsLast().op(\"text_ops\"), table.handle.asc().nullsLast().op(\"text_ops\")),\n\tindex(\"idx_users_phone_lookup\").using(\"btree\", table.tenantId.asc().nullsLast().op(\"text_ops\"), table.phone.asc().nullsLast().op(\"text_ops\")).where(sql`(phone IS NOT NULL)`),\n\tindex(\"idx_users_tenant_email_unique\").using(\"btree\", table.tenantId.asc().nullsLast().op(\"text_ops\"), table.email.asc().nullsLast().op(\"text_ops\")).where(sql`(email IS NOT NULL)`),\n\tindex(\"idx_users_tenant_is_admin\").using(\"btree\", table.tenantId.asc().nullsLast().op(\"text_ops\")).where(sql`(user_type @> ARRAY['admin'::text])`),\n\tindex(\"idx_users_tenant_is_candidate\").using(\"btree\", table.tenantId.asc().nullsLast().op(\"text_ops\")).where(sql`(user_type @> ARRAY['candidate'::text])`),\n\tindex(\"idx_users_tenant_is_employee\").using(\"btree\", table.tenantId.asc().nullsLast().op(\"text_ops\")).where(sql`(user_type @> ARRAY['employee'::text])`),\n\tindex(\"idx_users_user_types_gin\").using(\"gin\", table.userType.asc().nullsLast().op(\"array_ops\")),\n\tuniqueIndex(\"users_tenant_lower_email_idx\").using(\"btree\", sql`tenant_id`, sql`lower(email)`),\n\tuniqueIndex(\"users_tenant_lower_handle_idx\").using(\"btree\", sql`tenant_id`, sql`lower(handle)`),\n\tforeignKey({\n\t\t\tcolumns: [table.tenantId],\n\t\t\tforeignColumns: [tenantsInIam.id],\n\t\t\tname: \"users_tenant_id_fkey\"\n\t\t}).onUpdate(\"cascade\").onDelete(\"cascade\"),\n\tunique(\"users_tenant_phone_key\").on(table.tenantId, table.phone),\n\tpgPolicy(\"tenant_isolation\", { as: \"permissive\", for: \"all\", to: [\"public\"], using: sql`((tenant_id)::text = (iam.current_tenant_id())::text)`, withCheck: sql`((tenant_id)::text = (iam.current_tenant_id())::text)` }),\n\tcheck(\"users_login_attempt_nonnegative_check\", sql`login_attempt >= 0`),\n\tcheck(\"users_contact_required_check\", sql`(email IS NOT NULL) OR (phone IS NOT NULL)`),\n\tcheck(\"users_user_type_check\", sql`user_type <@ ARRAY['candidate'::text, 'employee'::text, 'admin'::text]`),\n]);\n\nexport const rolesInIam = iam.table(\"roles\", {\n\ttenantId: varchar(\"tenant_id\", { length: 30 }).notNull(),\n\tcreatedAt: timestamp(\"created_at\", { withTimezone: true, mode: 'string' }).default(sql`CURRENT_TIMESTAMP`).notNull(),\n\tupdatedAt: timestamp(\"updated_at\", { withTimezone: true, mode: 'string' }).default(sql`CURRENT_TIMESTAMP`).notNull(),\n\tname: jsonb().notNull(),\n\tdescription: jsonb().notNull(),\n\tcode: text().notNull(),\n\tid: uuid().default(sql`uuid_generate_v7()`).primaryKey().notNull(),\n\tisSystem: boolean(\"is_system\").default(false).notNull(),\n\tisEditable: boolean(\"is_editable\").default(true).notNull(),\n\tisDeletable: boolean(\"is_deletable\").default(true).notNull(),\n}, (table) => [\n\tforeignKey({\n\t\t\tcolumns: [table.tenantId],\n\t\t\tforeignColumns: [tenantsInIam.id],\n\t\t\tname: \"roles_tenant_id_fkey\"\n\t\t}).onUpdate(\"cascade\").onDelete(\"cascade\"),\n\tunique(\"roles_tenant_code_unique\").on(table.tenantId, table.code),\n\tunique(\"roles_tenant_id_unique\").on(table.tenantId, table.id),\n\tpgPolicy(\"tenant_isolation\", { as: \"permissive\", for: \"all\", to: [\"public\"], using: sql`((tenant_id)::text = (iam.current_tenant_id())::text)`, withCheck: sql`((tenant_id)::text = (iam.current_tenant_id())::text)` }),\n]);\n\nexport const userRolesInIam = iam.table(\"user_roles\", {\n\tid: uuid().default(sql`uuid_generate_v7()`).primaryKey().notNull(),\n\ttenantId: varchar(\"tenant_id\", { length: 30 }).notNull(),\n\tuserId: uuid(\"user_id\").notNull(),\n\troleId: uuid(\"role_id\").notNull(),\n}, (table) => [\n\tindex(\"idx_user_roles_tenant_user\").using(\"btree\", table.tenantId.asc().nullsLast().op(\"text_ops\"), table.userId.asc().nullsLast().op(\"uuid_ops\")),\n\tforeignKey({\n\t\t\tcolumns: [table.tenantId],\n\t\t\tforeignColumns: [tenantsInIam.id],\n\t\t\tname: \"user_roles_tenant_id_fkey\"\n\t\t}).onUpdate(\"cascade\").onDelete(\"cascade\"),\n\tforeignKey({\n\t\t\tcolumns: [table.userId],\n\t\t\tforeignColumns: [usersInIam.id],\n\t\t\tname: \"user_roles_user_id_fkey\"\n\t\t}).onUpdate(\"cascade\").onDelete(\"cascade\"),\n\tforeignKey({\n\t\t\tcolumns: [table.tenantId, table.roleId],\n\t\t\tforeignColumns: [rolesInIam.tenantId, rolesInIam.id],\n\t\t\tname: \"user_roles_tenant_role_fkey\"\n\t\t}).onDelete(\"cascade\"),\n\tunique(\"user_roles_tenant_user_role_unique\").on(table.tenantId, table.userId, table.roleId),\n\tpgPolicy(\"tenant_isolation\", { as: \"permissive\", for: \"all\", to: [\"public\"], using: sql`((tenant_id)::text = (iam.current_tenant_id())::text)`, withCheck: sql`((tenant_id)::text = (iam.current_tenant_id())::text)` }),\n]);\n\nexport const domainsInIam = iam.table(\"domains\", {\n\tid: uuid().default(sql`uuid_generate_v7()`).primaryKey().notNull(),\n\ttenantId: varchar(\"tenant_id\", { length: 30 }).notNull(),\n\tdomain: text().notNull(),\n\tstatus: text().default('pending').notNull(),\n\tmeta: jsonb(),\n\tisPrimary: boolean(\"is_primary\").default(false).notNull(),\n\tcreatedAt: timestamp(\"created_at\", { withTimezone: true, mode: 'string' }).default(sql`CURRENT_TIMESTAMP`).notNull(),\n\tupdatedAt: timestamp(\"updated_at\", { withTimezone: true, mode: 'string' }).default(sql`CURRENT_TIMESTAMP`).notNull(),\n}, (table) => [\n\tuniqueIndex(\"domains_domain_unique_idx\").using(\"btree\", sql`lower(domain)`),\n\tuniqueIndex(\"domains_primary_per_tenant_idx\").using(\"btree\", table.tenantId.asc().nullsLast().op(\"text_ops\")).where(sql`(is_primary = true)`),\n\tindex(\"domains_tenant_status_idx\").using(\"btree\", table.tenantId.asc().nullsLast().op(\"text_ops\"), table.status.asc().nullsLast().op(\"text_ops\")),\n\tindex(\"idx_domains_tenant_domain_status\").using(\"btree\", table.tenantId.asc().nullsLast().op(\"text_ops\"), table.domain.asc().nullsLast().op(\"text_ops\"), table.status.asc().nullsLast().op(\"text_ops\")),\n\tforeignKey({\n\t\t\tcolumns: [table.tenantId],\n\t\t\tforeignColumns: [tenantsInIam.id],\n\t\t\tname: \"domains_tenant_id_fkey\"\n\t\t}).onUpdate(\"cascade\").onDelete(\"cascade\"),\n\tpgPolicy(\"tenant_isolation\", { as: \"permissive\", for: \"all\", to: [\"public\"], using: sql`((tenant_id)::text = (iam.current_tenant_id())::text)`, withCheck: sql`((tenant_id)::text = (iam.current_tenant_id())::text)` }),\n\tcheck(\"domains_domain_format_check\", sql`domain ~ '^[a-zA-Z0-9]([a-zA-Z0-9-]*[a-zA-Z0-9])?(\\.[a-zA-Z0-9]([a-zA-Z0-9-]*[a-zA-Z0-9])?)+$'::text`),\n\tcheck(\"domains_status_check\", sql`status = ANY (ARRAY['PENDING'::text, 'ACTIVE'::text, 'DISABLED'::text, 'DELETED'::text])`),\n]);\n"],"mappings":";AAAA,SAAS,kBAAkB;AAE3B,SAAS,sBAAsB,mBAAmB;AAClD;AAAA,EACE;AAAA,EACA;AAAA,EAEA;AAAA,EACA;AAAA,EACA,OAAAA;AAAA,OACK;AACP,SAAS,qBAAqB;;;ACX9B,SAAkB,UAAU,OAAO,YAAY,UAAU,OAAO,MAAM,SAAS,WAAW,MAAM,UAAU,QAAQ,MAAM,OAAO,SAAS,mBAAmB;AAC3J,SAAS,WAAW;AAEb,IAAM,MAAM,SAAS,KAAK;AAG1B,IAAM,qBAAqB,IAAI,MAAM,iBAAiB;AAAA,EAC5D,IAAI,KAAK,EAAE,QAAQ,uBAAuB,EAAE,WAAW,EAAE,QAAQ;AAAA,EACjE,UAAU,QAAQ,aAAa,EAAE,QAAQ,GAAG,CAAC,EAAE,QAAQ;AAAA,EACvD,WAAW,UAAU,cAAc,EAAE,cAAc,MAAM,MAAM,SAAS,CAAC,EAAE,QAAQ,sBAAsB,EAAE,QAAQ;AAAA,EACnH,WAAW,UAAU,cAAc,EAAE,cAAc,MAAM,MAAM,SAAS,CAAC,EAAE,QAAQ,sBAAsB,EAAE,QAAQ;AAAA,EACnH,QAAQ,KAAK,SAAS,EAAE,QAAQ;AAAA,EAChC,MAAM,KAAK,EAAE,QAAQ;AAAA,EACrB,WAAW,UAAU,cAAc,EAAE,cAAc,MAAM,MAAM,SAAS,CAAC,EAAE,QAAQ;AAAA,EACnF,MAAM,KAAK;AAAA,EACX,SAAS,SAAS,EAAE,QAAQ,CAAC;AAAA,EAC7B,IAAI,KAAK;AACV,GAAG,CAAC,UAAU;AAAA,EACb,MAAM,8BAA8B,EAAE,MAAM,SAAS,MAAM,UAAU,IAAI,EAAE,UAAU,EAAE,GAAG,iBAAiB,CAAC;AAAA,EAC5G,MAAM,0BAA0B,EAAE,MAAM,SAAS,MAAM,SAAS,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,GAAG,MAAM,OAAO,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,GAAG,MAAM,KAAK,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,GAAG,MAAM,GAAG,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,GAAG,MAAM,KAAK,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,CAAC;AAAA,EACpR,WAAW;AAAA,IACT,SAAS,CAAC,MAAM,QAAQ;AAAA,IACxB,gBAAgB,CAAC,aAAa,EAAE;AAAA,IAChC,MAAM;AAAA,EACP,CAAC,EAAE,SAAS,SAAS,EAAE,SAAS,SAAS;AAAA,EAC1C,WAAW;AAAA,IACT,SAAS,CAAC,MAAM,MAAM;AAAA,IACtB,gBAAgB,CAAC,WAAW,EAAE;AAAA,IAC9B,MAAM;AAAA,EACP,CAAC,EAAE,SAAS,SAAS,EAAE,SAAS,SAAS;AAAA,EAC1C,SAAS,oBAAoB,EAAE,IAAI,cAAc,KAAK,OAAO,IAAI,CAAC,QAAQ,GAAG,OAAO,4DAA4D,WAAW,2DAA4D,CAAC;AAAA,EACxN,MAAM,2CAA2C,iBAAiB;AAAA,EAClE,MAAM,6CAA6C,4BAA4B;AAChF,CAAC;AAEM,IAAM,gBAAgB,IAAI,MAAM,YAAY;AAAA,EAClD,IAAI,KAAK,EAAE,QAAQ,uBAAuB,EAAE,WAAW,EAAE,QAAQ;AAAA,EACjE,UAAU,QAAQ,aAAa,EAAE,QAAQ,GAAG,CAAC,EAAE,QAAQ;AAAA,EACvD,WAAW,UAAU,cAAc,EAAE,cAAc,MAAM,MAAM,SAAS,CAAC,EAAE,QAAQ,sBAAsB,EAAE,QAAQ;AAAA,EACnH,WAAW,UAAU,cAAc,EAAE,cAAc,MAAM,MAAM,SAAS,CAAC,EAAE,QAAQ,sBAAsB,EAAE,QAAQ;AAAA,EACnH,QAAQ,KAAK,SAAS,EAAE,QAAQ;AAAA,EAChC,WAAW,UAAU,cAAc,EAAE,cAAc,MAAM,MAAM,SAAS,CAAC,EAAE,QAAQ;AAAA,EACnF,WAAW,KAAK,YAAY;AAAA,EAC5B,IAAI,KAAK;AAAA,EACT,MAAM,MAAM;AAAA,EACZ,OAAO,KAAK,EAAE,QAAQ;AAAA,EACtB,WAAW,UAAU,cAAc,EAAE,cAAc,MAAM,MAAM,SAAS,CAAC,EAAE,QAAQ,sBAAsB;AAC1G,GAAG,CAAC,UAAU;AAAA,EACb,MAAM,yBAAyB,EAAE,MAAM,SAAS,MAAM,UAAU,IAAI,EAAE,UAAU,EAAE,GAAG,iBAAiB,CAAC;AAAA,EACvG,MAAM,0BAA0B,EAAE,MAAM,SAAS,MAAM,SAAS,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,GAAG,MAAM,OAAO,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,CAAC;AAAA,EAC/I,WAAW;AAAA,IACT,SAAS,CAAC,MAAM,QAAQ;AAAA,IACxB,gBAAgB,CAAC,aAAa,EAAE;AAAA,IAChC,MAAM;AAAA,EACP,CAAC,EAAE,SAAS,SAAS,EAAE,SAAS,SAAS;AAAA,EAC1C,WAAW;AAAA,IACT,SAAS,CAAC,MAAM,MAAM;AAAA,IACtB,gBAAgB,CAAC,WAAW,EAAE;AAAA,IAC9B,MAAM;AAAA,EACP,CAAC,EAAE,SAAS,SAAS,EAAE,SAAS,SAAS;AAAA,EAC1C,OAAO,oBAAoB,EAAE,GAAG,MAAM,KAAK;AAAA,EAC3C,SAAS,oBAAoB,EAAE,IAAI,cAAc,KAAK,OAAO,IAAI,CAAC,QAAQ,GAAG,OAAO,4DAA4D,WAAW,2DAA4D,CAAC;AAAA,EACxN,MAAM,wCAAwC,4BAA4B;AAC3E,CAAC;AAEM,IAAM,sBAAsB,IAAI,MAAM,mBAAmB;AAAA,EAC/D,IAAI,KAAK,EAAE,QAAQ,uBAAuB,EAAE,WAAW,EAAE,QAAQ;AAAA,EACjE,UAAU,QAAQ,aAAa,EAAE,QAAQ,GAAG,CAAC,EAAE,QAAQ;AAAA,EACvD,QAAQ,KAAK,SAAS,EAAE,QAAQ;AAAA,EAChC,WAAW,UAAU,cAAc,EAAE,cAAc,MAAM,MAAM,SAAS,CAAC,EAAE,QAAQ,sBAAsB,EAAE,QAAQ;AAAA,EACnH,WAAW,UAAU,cAAc,EAAE,cAAc,MAAM,MAAM,SAAS,CAAC,EAAE,QAAQ,sBAAsB,EAAE,QAAQ;AAAA,EACnH,YAAY,KAAK,aAAa,EAAE,QAAQ;AAAA,EACxC,UAAU,QAAQ,WAAW;AAAA,EAC7B,UAAU,QAAQ,WAAW;AAAA,EAC7B,UAAU,KAAK,WAAW;AAAA,EAC1B,UAAU,KAAK,WAAW;AAAA,EAC1B,QAAQ,QAAQ,EAAE,QAAQ;AAAA,EAC1B,WAAW,UAAU,cAAc,EAAE,cAAc,MAAM,MAAM,SAAS,CAAC,EAAE,QAAQ;AAAA,EACnF,aAAa,UAAU,gBAAgB,EAAE,cAAc,MAAM,MAAM,SAAS,CAAC;AAAA,EAC7E,aAAa,UAAU,gBAAgB,EAAE,cAAc,MAAM,MAAM,SAAS,CAAC;AAAA,EAC7E,QAAQ,KAAK;AACd,GAAG,CAAC,UAAU;AAAA,EACb,MAAM,gCAAgC,EAAE,MAAM,SAAS,MAAM,UAAU,IAAI,EAAE,UAAU,EAAE,GAAG,iBAAiB,CAAC;AAAA,EAC9G,MAAM,wCAAwC,EAAE,MAAM,SAAS,MAAM,SAAS,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,GAAG,MAAM,OAAO,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,GAAG,MAAM,OAAO,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,CAAC;AAAA,EAC5M,MAAM,6BAA6B,EAAE,MAAM,SAAS,MAAM,UAAU,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,GAAG,MAAM,OAAO,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,CAAC,EAAE,MAAM,uCAAuC;AAAA,EAClM,WAAW;AAAA,IACT,SAAS,CAAC,MAAM,QAAQ;AAAA,IACxB,gBAAgB,CAAC,aAAa,EAAE;AAAA,IAChC,MAAM;AAAA,EACP,CAAC,EAAE,SAAS,SAAS,EAAE,SAAS,SAAS;AAAA,EAC1C,WAAW;AAAA,IACT,SAAS,CAAC,MAAM,MAAM;AAAA,IACtB,gBAAgB,CAAC,WAAW,EAAE;AAAA,IAC9B,MAAM;AAAA,EACP,CAAC,EAAE,SAAS,SAAS,EAAE,SAAS,SAAS;AAAA,EAC1C,SAAS,oBAAoB,EAAE,IAAI,cAAc,KAAK,OAAO,IAAI,CAAC,QAAQ,GAAG,OAAO,4DAA4D,WAAW,2DAA4D,CAAC;AAAA,EACxN,MAAM,+CAA+C,4BAA4B;AAAA,EACjF,MAAM,qCAAqC,uRAAuR;AAAA,EAClU,MAAM,gCAAgC,2LAA2L;AAClO,CAAC;AAEM,IAAM,eAAe,IAAI,MAAM,WAAW;AAAA,EAChD,IAAI,QAAQ,EAAE,QAAQ,GAAG,CAAC,EAAE,WAAW,EAAE,QAAQ;AAAA,EACjD,WAAW,UAAU,cAAc,EAAE,cAAc,MAAM,MAAM,SAAS,CAAC,EAAE,QAAQ,sBAAsB,EAAE,QAAQ;AAAA,EACnH,WAAW,UAAU,cAAc,EAAE,cAAc,MAAM,MAAM,SAAS,CAAC,EAAE,QAAQ,sBAAsB,EAAE,QAAQ;AAAA,EACnH,MAAM,MAAM,EAAE,QAAQ;AAAA,EACtB,aAAa,MAAM;AAAA,EACnB,OAAO,MAAM;AAAA,EACb,oBAAoB,MAAM,qBAAqB;AAAA,EAC/C,iBAAiB,KAAK,kBAAkB;AAAA,EACxC,mBAAmB,MAAM,oBAAoB;AAAA,EAC7C,iBAAiB,KAAK,kBAAkB;AAAA,EACxC,UAAU,KAAK;AAAA,EACf,UAAU,QAAQ,WAAW,EAAE,QAAQ,IAAI,EAAE,QAAQ;AAAA,EACrD,QAAQ,MAAM;AAAA,EACd,UAAU,MAAM;AAAA,EAChB,KAAK,MAAM;AACZ,GAAG,CAAC,UAAU;AAAA,EACb,MAAM,uBAAuB,EAAE,MAAM,SAAS,MAAM,SAAS,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,CAAC;AAC9F,CAAC;AAEM,IAAM,uBAAuB,IAAI,MAAM,oBAAoB;AAAA,EACjE,IAAI,KAAK,EAAE,QAAQ,uBAAuB,EAAE,WAAW,EAAE,QAAQ;AAAA,EACjE,UAAU,QAAQ,aAAa,EAAE,QAAQ,GAAG,CAAC,EAAE,QAAQ;AAAA,EACvD,cAAc,KAAK,eAAe,EAAE,QAAQ;AAAA,EAC5C,QAAQ,KAAK,SAAS,EAAE,QAAQ;AACjC,GAAG,CAAC,UAAU;AAAA,EACb,MAAM,oCAAoC,EAAE,MAAM,SAAS,MAAM,SAAS,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,GAAG,MAAM,aAAa,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,CAAC;AAAA,EAC/J,WAAW;AAAA,IACT,SAAS,CAAC,MAAM,QAAQ;AAAA,IACxB,gBAAgB,CAAC,aAAa,EAAE;AAAA,IAChC,MAAM;AAAA,EACP,CAAC,EAAE,SAAS,SAAS,EAAE,SAAS,SAAS;AAAA,EAC1C,WAAW;AAAA,IACT,SAAS,CAAC,MAAM,YAAY;AAAA,IAC5B,gBAAgB,CAAC,iBAAiB,EAAE;AAAA,IACpC,MAAM;AAAA,EACP,CAAC,EAAE,SAAS,SAAS,EAAE,SAAS,SAAS;AAAA,EAC1C,WAAW;AAAA,IACT,SAAS,CAAC,MAAM,UAAU,MAAM,MAAM;AAAA,IACtC,gBAAgB,CAAC,WAAW,UAAU,WAAW,EAAE;AAAA,IACnD,MAAM;AAAA,EACP,CAAC,EAAE,SAAS,SAAS;AAAA,EACtB,OAAO,gDAAgD,EAAE,GAAG,MAAM,UAAU,MAAM,cAAc,MAAM,MAAM;AAAA,EAC5G,SAAS,oBAAoB,EAAE,IAAI,cAAc,KAAK,OAAO,IAAI,CAAC,QAAQ,GAAG,OAAO,4DAA4D,WAAW,2DAA4D,CAAC;AACzN,CAAC;AAEM,IAAM,mBAAmB,IAAI,MAAM,eAAe;AAAA,EACxD,IAAI,KAAK,EAAE,WAAW,EAAE,QAAQ;AAAA,EAChC,aAAa,MAAM,EAAE,QAAQ;AAAA,EAC7B,UAAU,KAAK,EAAE,QAAQ;AAAA,EACzB,aAAa,KAAK,EAAE,QAAQ;AAAA,EAC5B,SAAS,KAAK,EAAE,QAAQ;AACzB,GAAG,CAAC,UAAU;AAAA,EACb,OAAO,8CAA8C,EAAE,GAAG,MAAM,UAAU,MAAM,aAAa,MAAM,OAAO;AAC3G,CAAC;AAEM,IAAM,gBAAgB,IAAI,MAAM,YAAY;AAAA,EAClD,IAAI,KAAK,EAAE,QAAQ,uBAAuB,EAAE,WAAW,EAAE,QAAQ;AAAA,EACjE,UAAU,QAAQ,aAAa,EAAE,QAAQ,GAAG,CAAC,EAAE,QAAQ;AAAA,EACvD,QAAQ,KAAK,SAAS,EAAE,QAAQ;AAAA,EAChC,UAAU,KAAK,EAAE,QAAQ;AAAA,EACzB,mBAAmB,KAAK,qBAAqB,EAAE,QAAQ;AAAA,EACvD,UAAU,KAAK;AAAA,EACf,uBAAuB,UAAU,4BAA4B,EAAE,cAAc,MAAM,MAAM,SAAS,CAAC;AAAA,EACnG,SAAS,KAAK,UAAU;AAAA,EACxB,aAAa,KAAK,cAAc;AAAA,EAChC,sBAAsB,UAAU,2BAA2B,EAAE,cAAc,MAAM,MAAM,SAAS,CAAC;AAAA,EACjG,cAAc,KAAK,eAAe;AAAA,EAClC,uBAAuB,UAAU,4BAA4B,EAAE,cAAc,MAAM,MAAM,SAAS,CAAC;AAAA,EACnG,OAAO,KAAK;AAAA,EACZ,WAAW,UAAU,cAAc,EAAE,cAAc,MAAM,MAAM,SAAS,CAAC;AAAA,EACzE,MAAM,MAAM;AACb,GAAG,CAAC,UAAU;AAAA,EACb,MAAM,8BAA8B,EAAE,MAAM,SAAS,MAAM,SAAS,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,GAAG,MAAM,SAAS,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,GAAG,MAAM,kBAAkB,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,CAAC;AAAA,EAC/M,MAAM,sBAAsB,EAAE,MAAM,SAAS,MAAM,SAAS,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,GAAG,MAAM,OAAO,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,CAAC;AAAA,EAC3I,WAAW;AAAA,IACT,SAAS,CAAC,MAAM,QAAQ;AAAA,IACxB,gBAAgB,CAAC,aAAa,EAAE;AAAA,IAChC,MAAM;AAAA,EACP,CAAC,EAAE,SAAS,SAAS,EAAE,SAAS,SAAS;AAAA,EAC1C,WAAW;AAAA,IACT,SAAS,CAAC,MAAM,MAAM;AAAA,IACtB,gBAAgB,CAAC,WAAW,EAAE;AAAA,IAC9B,MAAM;AAAA,EACP,CAAC,EAAE,SAAS,SAAS,EAAE,SAAS,SAAS;AAAA,EAC1C,OAAO,yCAAyC,EAAE,GAAG,MAAM,UAAU,MAAM,UAAU,MAAM,iBAAiB;AAAA,EAC5G,SAAS,oBAAoB,EAAE,IAAI,cAAc,KAAK,OAAO,IAAI,CAAC,QAAQ,GAAG,OAAO,4DAA4D,WAAW,2DAA4D,CAAC;AACzN,CAAC;AAEM,IAAM,aAAa,IAAI,MAAM,SAAS;AAAA,EAC5C,IAAI,KAAK,EAAE,QAAQ,uBAAuB,EAAE,WAAW,EAAE,QAAQ;AAAA,EACjE,UAAU,QAAQ,aAAa,EAAE,QAAQ,GAAG,CAAC,EAAE,QAAQ;AAAA,EACvD,WAAW,UAAU,cAAc,EAAE,cAAc,MAAM,MAAM,SAAS,CAAC,EAAE,QAAQ,sBAAsB,EAAE,QAAQ;AAAA,EACnH,WAAW,UAAU,cAAc,EAAE,cAAc,MAAM,MAAM,SAAS,CAAC,EAAE,QAAQ,sBAAsB,EAAE,QAAQ;AAAA,EACnH,UAAU,KAAK,WAAW,EAAE,QAAQ;AAAA,EACpC,OAAO,KAAK;AAAA,EACZ,OAAO,KAAK;AAAA,EACZ,OAAO,KAAK;AAAA,EACZ,QAAQ,KAAK,EAAE,QAAQ;AAAA,EACvB,eAAe,QAAQ,gBAAgB,EAAE,QAAQ,KAAK,EAAE,QAAQ;AAAA,EAChE,eAAe,QAAQ,gBAAgB,EAAE,QAAQ,KAAK,EAAE,QAAQ;AAAA,EAChE,aAAa,UAAU,gBAAgB,EAAE,cAAc,MAAM,MAAM,SAAS,CAAC;AAAA,EAC7E,cAAc,UAAU,mBAAmB,EAAE,cAAc,MAAM,MAAM,SAAS,CAAC;AAAA,EACjF,cAAc,SAAS,eAAe,EAAE,QAAQ,CAAC,EAAE,QAAQ;AAAA,EAC3D,UAAU,KAAK,WAAW,EAAE,MAAM,EAAE,QAAQ,CAAC,KAAK,CAAC,EAAE,QAAQ;AAC9D,GAAG,CAAC,UAAU;AAAA,EACb,MAAM,uBAAuB,EAAE,MAAM,SAAS,MAAM,SAAS,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,GAAG,MAAM,MAAM,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,GAAG,MAAM,GAAG,IAAI,EAAE,UAAU,EAAE,GAAG,iBAAiB,GAAG,MAAM,cAAc,IAAI,EAAE,UAAU,EAAE,GAAG,iBAAiB,GAAG,MAAM,YAAY,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,CAAC,EAAE,MAAM,wBAAwB;AAAA,EAC9U,MAAM,wBAAwB,EAAE,MAAM,SAAS,MAAM,SAAS,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,GAAG,MAAM,MAAM,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,CAAC,EAAE,MAAM,wBAAwB;AAAA,EAC5K,MAAM,yBAAyB,EAAE,MAAM,SAAS,MAAM,SAAS,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,GAAG,MAAM,OAAO,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,CAAC;AAAA,EAC9I,MAAM,wBAAwB,EAAE,MAAM,SAAS,MAAM,SAAS,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,GAAG,MAAM,MAAM,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,CAAC,EAAE,MAAM,wBAAwB;AAAA,EAC5K,MAAM,+BAA+B,EAAE,MAAM,SAAS,MAAM,SAAS,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,GAAG,MAAM,MAAM,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,CAAC,EAAE,MAAM,wBAAwB;AAAA,EACnL,MAAM,2BAA2B,EAAE,MAAM,SAAS,MAAM,SAAS,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,CAAC,EAAE,MAAM,wCAAwC;AAAA,EACjJ,MAAM,+BAA+B,EAAE,MAAM,SAAS,MAAM,SAAS,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,CAAC,EAAE,MAAM,4CAA4C;AAAA,EACzJ,MAAM,8BAA8B,EAAE,MAAM,SAAS,MAAM,SAAS,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,CAAC,EAAE,MAAM,2CAA2C;AAAA,EACvJ,MAAM,0BAA0B,EAAE,MAAM,OAAO,MAAM,SAAS,IAAI,EAAE,UAAU,EAAE,GAAG,WAAW,CAAC;AAAA,EAC/F,YAAY,8BAA8B,EAAE,MAAM,SAAS,gBAAgB,iBAAiB;AAAA,EAC5F,YAAY,+BAA+B,EAAE,MAAM,SAAS,gBAAgB,kBAAkB;AAAA,EAC9F,WAAW;AAAA,IACT,SAAS,CAAC,MAAM,QAAQ;AAAA,IACxB,gBAAgB,CAAC,aAAa,EAAE;AAAA,IAChC,MAAM;AAAA,EACP,CAAC,EAAE,SAAS,SAAS,EAAE,SAAS,SAAS;AAAA,EAC1C,OAAO,wBAAwB,EAAE,GAAG,MAAM,UAAU,MAAM,KAAK;AAAA,EAC/D,SAAS,oBAAoB,EAAE,IAAI,cAAc,KAAK,OAAO,IAAI,CAAC,QAAQ,GAAG,OAAO,4DAA4D,WAAW,2DAA4D,CAAC;AAAA,EACxN,MAAM,yCAAyC,uBAAuB;AAAA,EACtE,MAAM,gCAAgC,+CAA+C;AAAA,EACrF,MAAM,yBAAyB,2EAA2E;AAC3G,CAAC;AAEM,IAAM,aAAa,IAAI,MAAM,SAAS;AAAA,EAC5C,UAAU,QAAQ,aAAa,EAAE,QAAQ,GAAG,CAAC,EAAE,QAAQ;AAAA,EACvD,WAAW,UAAU,cAAc,EAAE,cAAc,MAAM,MAAM,SAAS,CAAC,EAAE,QAAQ,sBAAsB,EAAE,QAAQ;AAAA,EACnH,WAAW,UAAU,cAAc,EAAE,cAAc,MAAM,MAAM,SAAS,CAAC,EAAE,QAAQ,sBAAsB,EAAE,QAAQ;AAAA,EACnH,MAAM,MAAM,EAAE,QAAQ;AAAA,EACtB,aAAa,MAAM,EAAE,QAAQ;AAAA,EAC7B,MAAM,KAAK,EAAE,QAAQ;AAAA,EACrB,IAAI,KAAK,EAAE,QAAQ,uBAAuB,EAAE,WAAW,EAAE,QAAQ;AAAA,EACjE,UAAU,QAAQ,WAAW,EAAE,QAAQ,KAAK,EAAE,QAAQ;AAAA,EACtD,YAAY,QAAQ,aAAa,EAAE,QAAQ,IAAI,EAAE,QAAQ;AAAA,EACzD,aAAa,QAAQ,cAAc,EAAE,QAAQ,IAAI,EAAE,QAAQ;AAC5D,GAAG,CAAC,UAAU;AAAA,EACb,WAAW;AAAA,IACT,SAAS,CAAC,MAAM,QAAQ;AAAA,IACxB,gBAAgB,CAAC,aAAa,EAAE;AAAA,IAChC,MAAM;AAAA,EACP,CAAC,EAAE,SAAS,SAAS,EAAE,SAAS,SAAS;AAAA,EAC1C,OAAO,0BAA0B,EAAE,GAAG,MAAM,UAAU,MAAM,IAAI;AAAA,EAChE,OAAO,wBAAwB,EAAE,GAAG,MAAM,UAAU,MAAM,EAAE;AAAA,EAC5D,SAAS,oBAAoB,EAAE,IAAI,cAAc,KAAK,OAAO,IAAI,CAAC,QAAQ,GAAG,OAAO,4DAA4D,WAAW,2DAA4D,CAAC;AACzN,CAAC;AAEM,IAAM,iBAAiB,IAAI,MAAM,cAAc;AAAA,EACrD,IAAI,KAAK,EAAE,QAAQ,uBAAuB,EAAE,WAAW,EAAE,QAAQ;AAAA,EACjE,UAAU,QAAQ,aAAa,EAAE,QAAQ,GAAG,CAAC,EAAE,QAAQ;AAAA,EACvD,QAAQ,KAAK,SAAS,EAAE,QAAQ;AAAA,EAChC,QAAQ,KAAK,SAAS,EAAE,QAAQ;AACjC,GAAG,CAAC,UAAU;AAAA,EACb,MAAM,4BAA4B,EAAE,MAAM,SAAS,MAAM,SAAS,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,GAAG,MAAM,OAAO,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,CAAC;AAAA,EACjJ,WAAW;AAAA,IACT,SAAS,CAAC,MAAM,QAAQ;AAAA,IACxB,gBAAgB,CAAC,aAAa,EAAE;AAAA,IAChC,MAAM;AAAA,EACP,CAAC,EAAE,SAAS,SAAS,EAAE,SAAS,SAAS;AAAA,EAC1C,WAAW;AAAA,IACT,SAAS,CAAC,MAAM,MAAM;AAAA,IACtB,gBAAgB,CAAC,WAAW,EAAE;AAAA,IAC9B,MAAM;AAAA,EACP,CAAC,EAAE,SAAS,SAAS,EAAE,SAAS,SAAS;AAAA,EAC1C,WAAW;AAAA,IACT,SAAS,CAAC,MAAM,UAAU,MAAM,MAAM;AAAA,IACtC,gBAAgB,CAAC,WAAW,UAAU,WAAW,EAAE;AAAA,IACnD,MAAM;AAAA,EACP,CAAC,EAAE,SAAS,SAAS;AAAA,EACtB,OAAO,oCAAoC,EAAE,GAAG,MAAM,UAAU,MAAM,QAAQ,MAAM,MAAM;AAAA,EAC1F,SAAS,oBAAoB,EAAE,IAAI,cAAc,KAAK,OAAO,IAAI,CAAC,QAAQ,GAAG,OAAO,4DAA4D,WAAW,2DAA4D,CAAC;AACzN,CAAC;AAEM,IAAM,eAAe,IAAI,MAAM,WAAW;AAAA,EAChD,IAAI,KAAK,EAAE,QAAQ,uBAAuB,EAAE,WAAW,EAAE,QAAQ;AAAA,EACjE,UAAU,QAAQ,aAAa,EAAE,QAAQ,GAAG,CAAC,EAAE,QAAQ;AAAA,EACvD,QAAQ,KAAK,EAAE,QAAQ;AAAA,EACvB,QAAQ,KAAK,EAAE,QAAQ,SAAS,EAAE,QAAQ;AAAA,EAC1C,MAAM,MAAM;AAAA,EACZ,WAAW,QAAQ,YAAY,EAAE,QAAQ,KAAK,EAAE,QAAQ;AAAA,EACxD,WAAW,UAAU,cAAc,EAAE,cAAc,MAAM,MAAM,SAAS,CAAC,EAAE,QAAQ,sBAAsB,EAAE,QAAQ;AAAA,EACnH,WAAW,UAAU,cAAc,EAAE,cAAc,MAAM,MAAM,SAAS,CAAC,EAAE,QAAQ,sBAAsB,EAAE,QAAQ;AACpH,GAAG,CAAC,UAAU;AAAA,EACb,YAAY,2BAA2B,EAAE,MAAM,SAAS,kBAAkB;AAAA,EAC1E,YAAY,gCAAgC,EAAE,MAAM,SAAS,MAAM,SAAS,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,CAAC,EAAE,MAAM,wBAAwB;AAAA,EAC5I,MAAM,2BAA2B,EAAE,MAAM,SAAS,MAAM,SAAS,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,GAAG,MAAM,OAAO,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,CAAC;AAAA,EAChJ,MAAM,kCAAkC,EAAE,MAAM,SAAS,MAAM,SAAS,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,GAAG,MAAM,OAAO,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,GAAG,MAAM,OAAO,IAAI,EAAE,UAAU,EAAE,GAAG,UAAU,CAAC;AAAA,EACtM,WAAW;AAAA,IACT,SAAS,CAAC,MAAM,QAAQ;AAAA,IACxB,gBAAgB,CAAC,aAAa,EAAE;AAAA,IAChC,MAAM;AAAA,EACP,CAAC,EAAE,SAAS,SAAS,EAAE,SAAS,SAAS;AAAA,EAC1C,SAAS,oBAAoB,EAAE,IAAI,cAAc,KAAK,OAAO,IAAI,CAAC,QAAQ,GAAG,OAAO,4DAA4D,WAAW,2DAA4D,CAAC;AAAA,EACxN,MAAM,+BAA+B,yGAAyG;AAAA,EAC9I,MAAM,wBAAwB,6FAA6F;AAC5H,CAAC;;;ADrRD,SAAS,2BAA2B,MAAc;AAChD,SAAO;AAAA,IACL,IAAI,YAAY,KAAK,WAAW,KAAK,GAAG,EAAE,WAAW,KAAK,GAAG,CAAC;AAAA,EAChE;AACF;AAEO,SAAS,wBACd,aAC6C;AAC7C,SAAO,qBAAqB,WAAW,EAAE,IAAI,CAAC,WAAW;AAAA,IACvD,IAAI,MAAM;AAAA,IACV,aAAa,MAAM;AAAA,IACnB,SAAS,MAAM;AAAA,IACf,UAAU,MAAM;AAAA,IAChB,aAAa,2BAA2B,MAAM,IAAI;AAAA,EACpD,EAAE;AACJ;AAEA,eAAsB,gBAAgB;AAAA,EACpC;AAAA,EACA;AACF,GAGG;AACD,QAAM,OAAO,wBAAwB,WAAW;AAChD,MAAI,CAAC,KAAK,QAAQ;AAChB,WAAO,CAAC;AAAA,EACV;AAEA,QAAM,SACH,OAAO,gBAAgB,EACvB,OAAO,IAAI,EACX,mBAAmB;AAAA,IAClB,QAAQ,iBAAiB;AAAA,IACzB,KAAK;AAAA,MACH,aAAaC;AAAA,MACb,SAASA;AAAA,MACT,UAAUA;AAAA,MACV,aAAaA;AAAA,IACf;AAAA,EACF,CAAC;AAEH,SAAO,SACJ,OAAO,EACP,KAAK,gBAAgB,EACrB;AAAA,IACC;AAAA,MACE,iBAAiB;AAAA,MACjB,KAAK,IAAI,CAAC,QAAQ,IAAI,EAAE;AAAA,IAC1B;AAAA,EACF;AACJ;AAEA,eAAe,uBAAuB;AAAA,EACpC;AAAA,EACA;AACF,GAGG;AACD,MAAI,CAAC,cAAc,QAAQ;AACzB;AAAA,EACF;AAEA,QAAM,WAAW,MAAM,SACpB,OAAO,EAAE,IAAI,iBAAiB,GAAG,CAAC,EAClC,KAAK,gBAAgB,EACrB,MAAM,QAAQ,iBAAiB,IAAI,aAAa,CAAC;AAEpD,QAAM,cAAc,IAAI,IAAI,SAAS,IAAI,CAAC,eAAe,WAAW,EAAE,CAAC;AACvE,QAAM,uBAAuB,cAAc;AAAA,IACzC,CAAC,OAAO,CAAC,YAAY,IAAI,EAAE;AAAA,EAC7B;AAEA,MAAI,qBAAqB,QAAQ;AAC/B,UAAM,IAAI,cAAc,KAAK;AAAA,MAC3B,SAAS,wBAAwB,qBAAqB,KAAK,IAAI,CAAC;AAAA,IAClE,CAAC;AAAA,EACH;AACF;AAEA,eAAsB,oBAAoB;AAAA,EACxC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,GAKG;AACD,QAAM,sBAAsB,CAAC,GAAG,IAAI,IAAI,aAAa,CAAC;AAEtD,QAAM,uBAAuB;AAAA,IAC3B;AAAA,IACA,eAAe;AAAA,EACjB,CAAC;AAED,MAAI,CAAC,oBAAoB,QAAQ;AAC/B,UAAM,SACH,OAAO,oBAAoB,EAC3B;AAAA,MACC;AAAA,QACE,GAAG,qBAAqB,UAAU,QAAQ;AAAA,QAC1C,GAAG,qBAAqB,QAAQ,MAAM;AAAA,MACxC;AAAA,IACF;AAEF,WAAO,CAAC;AAAA,EACV;AAEA,QAAM,SACH,OAAO,oBAAoB,EAC3B;AAAA,IACC;AAAA,MACE,GAAG,qBAAqB,UAAU,QAAQ;AAAA,MAC1C,GAAG,qBAAqB,QAAQ,MAAM;AAAA,MACtC,WAAW,qBAAqB,cAAc,mBAAmB;AAAA,IACnE;AAAA,EACF;AAEF,QAAM,SACH,OAAO,oBAAoB,EAC3B;AAAA,IACC,oBAAoB,IAAI,CAAC,kBAAkB;AAAA,MACzC,IAAI,WAAW;AAAA,MACf;AAAA,MACA;AAAA,MACA;AAAA,IACF,EAAE;AAAA,EACJ,EACC,oBAAoB;AAAA,IACnB,QAAQ;AAAA,MACN,qBAAqB;AAAA,MACrB,qBAAqB;AAAA,MACrB,qBAAqB;AAAA,IACvB;AAAA,EACF,CAAC;AAEH,SAAO,SACJ,OAAO,EACP,KAAK,oBAAoB,EACzB;AAAA,IACC;AAAA,MACE,GAAG,qBAAqB,UAAU,QAAQ;AAAA,MAC1C,GAAG,qBAAqB,QAAQ,MAAM;AAAA,IACxC;AAAA,EACF;AACJ;AAEA,eAAsB,UAAU;AAAA,EAC9B;AAAA,EACA;AAAA,EACA;AACF,GAIG;AACD,MAAI,CAAC,MAAM,QAAQ;AACjB,WAAO,CAAC;AAAA,EACV;AAEA,QAAM,SACH,OAAO,UAAU,EACjB;AAAA,IACC,MAAM,IAAI,CAAC,UAAU;AAAA,MACnB,IAAI,WAAW;AAAA,MACf;AAAA,MACA,MAAM,KAAK;AAAA,MACX,MAAM,KAAK;AAAA,MACX,aAAa,KAAK,eAAe,EAAE,IAAI,KAAK,KAAK;AAAA,MACjD,UAAU,KAAK,YAAY;AAAA,MAC3B,YAAY,KAAK,cAAc;AAAA,MAC/B,aAAa,KAAK,eAAe;AAAA,IACnC,EAAE;AAAA,EACJ,EACC,mBAAmB;AAAA,IAClB,QAAQ,CAAC,WAAW,UAAU,WAAW,IAAI;AAAA,IAC7C,KAAK;AAAA,MACH,MAAMA;AAAA,MACN,aAAaA;AAAA,MACb,UAAUA;AAAA,MACV,YAAYA;AAAA,MACZ,aAAaA;AAAA,MACb,WAAWA;AAAA,IACb;AAAA,EACF,CAAC;AAEH,QAAM,cAAc,MAAM,SACvB,OAAO,EACP,KAAK,UAAU,EACf;AAAA,IACC;AAAA,MACE,GAAG,WAAW,UAAU,QAAQ;AAAA,MAChC;AAAA,QACE,WAAW;AAAA,QACX,MAAM,IAAI,CAAC,SAAS,KAAK,IAAI;AAAA,MAC/B;AAAA,IACF;AAAA,EACF;AAEF,QAAM,aAAa,IAAI;AAAA,IACrB,YAAY,IAAI,CAAC,SAAS,CAAC,KAAK,MAAM,IAAI,CAAU;AAAA,EACtD;AAEA,aAAW,QAAQ,OAAO;AACxB,UAAM,aAAa,WAAW,IAAI,KAAK,IAAI;AAC3C,QAAI,CAAC,YAAY;AACf;AAAA,IACF;AAEA,UAAM,oBAAoB;AAAA,MACxB;AAAA,MACA;AAAA,MACA,QAAQ,WAAW;AAAA,MACnB,eAAe,CAAC,GAAG,IAAI,IAAI,KAAK,iBAAiB,CAAC,CAAC,CAAC;AAAA,IACtD,CAAC;AAAA,EACH;AAEA,SAAO;AACT;","names":["sql","sql"]}

package/dist/lib/normalize-auth-response.d.ts ADDED Viewed

@@ -0,0 +1,26 @@
+import { U as User, c as Session } from '../index-CKOeabpa.js';
+import 'hono';
+import '@hono/zod-openapi';
+import '@mesob/common';
+import '../index-zShda6U3.js';
+import 'drizzle-orm/node-postgres';
+import 'drizzle-orm/pg-core';
+import 'drizzle-orm';
+import 'pg';
+declare const normalizeAuthUser: (user: Pick<User, "id" | "tenantId" | "fullName" | "email" | "phone" | "image" | "emailVerified" | "phoneVerified">) => {
+    id: string;
+    tenantId: string;
+    fullName: string;
+    email: string | null;
+    phone: string | null;
+    image: string | null;
+    emailVerified: boolean;
+    phoneVerified: boolean;
+};
+declare const normalizeAuthSession: (session: Pick<Session, "id" | "expiresAt"> | null) => {
+    id: string;
+    expiresAt: string;
+} | null;
+export { normalizeAuthSession, normalizeAuthUser };

package/dist/lib/normalize-auth-response.js ADDED Viewed

@@ -0,0 +1,20 @@
+// src/lib/normalize-auth-response.ts
+var normalizeAuthUser = (user) => ({
+  id: user.id,
+  tenantId: user.tenantId,
+  fullName: user.fullName,
+  email: user.email,
+  phone: user.phone,
+  image: user.image,
+  emailVerified: user.emailVerified,
+  phoneVerified: user.phoneVerified
+});
+var normalizeAuthSession = (session) => session ? {
+  id: session.id,
+  expiresAt: session.expiresAt
+} : null;
+export {
+  normalizeAuthSession,
+  normalizeAuthUser
+};
+//# sourceMappingURL=normalize-auth-response.js.map

package/dist/lib/normalize-auth-response.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../../src/lib/normalize-auth-response.ts"],"sourcesContent":["import type { Session, User } from '../types';\n\nexport const normalizeAuthUser = (\n user: Pick<\n User,\n | 'id'\n | 'tenantId'\n | 'fullName'\n | 'email'\n | 'phone'\n | 'image'\n | 'emailVerified'\n | 'phoneVerified'\n >,\n) => ({\n id: user.id,\n tenantId: user.tenantId,\n fullName: user.fullName,\n email: user.email,\n phone: user.phone,\n image: user.image,\n emailVerified: user.emailVerified,\n phoneVerified: user.phoneVerified,\n});\n\nexport const normalizeAuthSession = (\n session: Pick<Session, 'id' | 'expiresAt'> | null,\n) =>\n session\n ? {\n id: session.id,\n expiresAt: session.expiresAt,\n }\n : null;\n"],"mappings":";AAEO,IAAM,oBAAoB,CAC/B,UAWI;AAAA,EACJ,IAAI,KAAK;AAAA,EACT,UAAU,KAAK;AAAA,EACf,UAAU,KAAK;AAAA,EACf,OAAO,KAAK;AAAA,EACZ,OAAO,KAAK;AAAA,EACZ,OAAO,KAAK;AAAA,EACZ,eAAe,KAAK;AAAA,EACpB,eAAe,KAAK;AACtB;AAEO,IAAM,uBAAuB,CAClC,YAEA,UACI;AAAA,EACE,IAAI,QAAQ;AAAA,EACZ,WAAW,QAAQ;AACrB,IACA;","names":[]}

package/dist/lib/normalize-user.d.ts CHANGED Viewed

@@ -1,7 +1,8 @@
-import { U as User } from '../index-BvdbhtRX.js';
+import { U as User } from '../index-CKOeabpa.js';
 import 'hono';
 import '@hono/zod-openapi';
-import '../index-Bh3bDnP5.js';
+import '@mesob/common';
+import '../index-zShda6U3.js';
 import 'drizzle-orm/node-postgres';
 import 'drizzle-orm/pg-core';
 import 'drizzle-orm';

package/dist/lib/openapi-config.d.ts CHANGED Viewed

@@ -1,7 +1,8 @@
-import { A as AuthConfig } from '../index-BvdbhtRX.js';
+import { A as AuthConfig } from '../index-CKOeabpa.js';
 import 'hono';
 import '@hono/zod-openapi';
-import '../index-Bh3bDnP5.js';
+import '@mesob/common';
+import '../index-zShda6U3.js';
 import 'drizzle-orm/node-postgres';
 import 'drizzle-orm/pg-core';
 import 'drizzle-orm';