@objectstack/platform-objects 7.5.0 → 7.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (17) hide show
  1. package/dist/audit/index.d.mts +27 -27
  2. package/dist/audit/index.d.ts +27 -27
  3. package/dist/identity/index.d.mts +60 -68
  4. package/dist/identity/index.d.ts +60 -68
  5. package/dist/identity/index.js +5 -11
  6. package/dist/identity/index.js.map +1 -1
  7. package/dist/identity/index.mjs +5 -11
  8. package/dist/identity/index.mjs.map +1 -1
  9. package/dist/index.js +5 -11
  10. package/dist/index.js.map +1 -1
  11. package/dist/index.mjs +5 -11
  12. package/dist/index.mjs.map +1 -1
  13. package/dist/metadata/index.d.mts +12 -12
  14. package/dist/metadata/index.d.ts +12 -12
  15. package/dist/system/index.d.mts +9 -9
  16. package/dist/system/index.d.ts +9 -9
  17. package/package.json +2 -2
package/dist/identity/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../src/identity/sys-user.object.ts","../../src/identity/sys-session.object.ts","../../src/identity/sys-account.object.ts","../../src/identity/sys-verification.object.ts","../../src/identity/sys-organization.object.ts","../../src/identity/sys-member.object.ts","../../src/identity/sys-invitation.object.ts","../../src/identity/sys-team.object.ts","../../src/identity/sys-team-member.object.ts","../../src/identity/sys-department.object.ts","../../src/identity/sys-department-member.object.ts","../../src/identity/sys-api-key.object.ts","../../src/identity/sys-two-factor.object.ts","../../src/identity/sys-device-code.object.ts","../../src/identity/sys-user-preference.object.ts","../../src/identity/sys-oauth-application.object.ts","../../src/identity/sys-oauth-access-token.object.ts","../../src/identity/sys-oauth-refresh-token.object.ts","../../src/identity/sys-oauth-consent.object.ts","../../src/identity/sys-jwks.object.ts"],"names":["ObjectSchema","Field"],"mappings":";;;;;AAeO,IAAM,OAAA,GAAUA,kBAAa,MAAA,CAAO;AAAA,EACzC,IAAA,EAAM,UAAA;AAAA,EACN,KAAA,EAAO,MAAA;AAAA,EACP,WAAA,EAAa,OAAA;AAAA,EACb,IAAA,EAAM,MAAA;AAAA,EACN,QAAA,EAAU,IAAA;AAAA,EACV,SAAA,EAAW,aAAA;AAAA;AAAA,EAEX,UAAA,EAAY;AAAA,IACV,IAAA,EAAM,MAAA;AAAA,IACN,MAAA,EAAQ,4DAAA;AAAA,IACR,OAAA,EAAS;AAAA,GACX;AAAA,EACA,WAAA,EAAa,kCAAA;AAAA,EACb,gBAAA,EAAkB,MAAA;AAAA,EAClB,WAAA,EAAa,QAAA;AAAA,EACb,aAAA,EAAe,CAAC,MAAA,EAAQ,OAAA,EAAS,gBAAgB,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQjD,OAAA,EAAS;AAAA,IACP;AAAA,MACE,IAAA,EAAM,aAAA;AAAA,MACN,KAAA,EAAO,aAAA;AAAA,MACP,IAAA,EAAM,WAAA;AAAA,MACN,OAAA,EAAS,SAAA;AAAA,MACT,SAAA,EAAW,CAAC,cAAc,CAAA;AAAA,MAC1B,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,yCAAA;AAAA,MACR,cAAA,EAAgB,iBAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,KAAA,EAAO,OAAA,EAAS,QAAA,EAAU,IAAA,EAAK;AAAA,QACjC,EAAE,KAAA,EAAO,MAAA,EAAQ,cAAA,EAAgB,YAAA,EAAc,UAAU,IAAA;AAAK;AAChE,KACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA;AAAA,MACE,IAAA,EAAM,UAAA;AAAA,MACN,KAAA,EAAO,UAAA;AAAA,MACP,IAAA,EAAM,KAAA;AAAA,MACN,OAAA,EAAS,QAAA;AAAA,MACT,SAAA,EAAW,CAAC,WAAW,CAAA;AAAA,MACvB,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,6BAAA;AAAA,MACR,aAAA,EAAe,QAAA;AAAA,MACf,cAAA,EAAgB,aAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,WAAA,EAAa,8EAAA;AAAA,MACb,MAAA,EAAQ;AAAA,QACN,EAAE,MAAM,WAAA,EAAa,KAAA,EAAO,cAAc,IAAA,EAAM,MAAA,EAAQ,UAAU,KAAA;AAAM;AAC1E,KACF;AAAA,IACA;AAAA,MACE,IAAA,EAAM,YAAA;AAAA,MACN,KAAA,EAAO,YAAA;AAAA,MACP,IAAA,EAAM,gBAAA;AAAA,MACN,OAAA,EAAS,WAAA;AAAA,MACT,SAAA,EAAW,CAAC,WAAW,CAAA;AAAA,MACvB,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,+BAAA;AAAA,MACR,aAAA,EAAe,QAAA;AAAA,MACf,cAAA,EAAgB,eAAA;AAAA,MAChB,YAAA,EAAc;AAAA,KAChB;AAAA,IACA;AAAA,MACE,IAAA,EAAM,mBAAA;AAAA,MACN,KAAA,EAAO,cAAA;AAAA,MACP,IAAA,EAAM,WAAA;AAAA,MACN,OAAA,EAAS,WAAA;AAAA,MACT,SAAA,EAAW,CAAC,WAAW,CAAA;AAAA,MACvB,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,sCAAA;AAAA,MACR,aAAA,EAAe,QAAA;AAAA,MACf,cAAA,EAAgB,kBAAA;AAAA,MAChB,YAAA,EAAc,KAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,MAAM,aAAA,EAAe,KAAA,EAAO,gBAAgB,IAAA,EAAM,MAAA,EAAQ,UAAU,IAAA;AAAK;AAC7E,KACF;AAAA,IACA;AAAA,MACE,IAAA,EAAM,eAAA;AAAA,MACN,KAAA,EAAO,mBAAA;AAAA,MACP,IAAA,EAAM,cAAA;AAAA,MACN,OAAA,EAAS,WAAA;AAAA,MACT,SAAA,EAAW,CAAC,WAAW,CAAA;AAAA,MACvB,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,6BAAA;AAAA,MACR,aAAA,EAAe,QAAA;AAAA,MACf,cAAA,EAAgB,cAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,MAAM,MAAA,EAAQ,KAAA,EAAO,iBAAiB,IAAA,EAAM,MAAA,EAAQ,UAAU,IAAA;AAAK;AACvE,KACF;AAAA,IACA;AAAA,MACE,IAAA,EAAM,kBAAA;AAAA,MACN,KAAA,EAAO,kBAAA;AAAA,MACP,IAAA,EAAM,UAAA;AAAA,MACN,OAAA,EAAS,WAAA;AAAA,MACT,SAAA,EAAW,CAAC,WAAW,CAAA;AAAA,MACvB,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,qCAAA;AAAA,MACR,aAAA,EAAe,QAAA;AAAA,MACf,cAAA,EAAgB,wBAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,WAAA,EAAa;AAAA,KACf;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA;AAAA,MACE,IAAA,EAAM,mBAAA;AAAA,MACN,KAAA,EAAO,gBAAA;AAAA,MACP,IAAA,EAAM,UAAA;AAAA,MACN,OAAA,EAAS,SAAA;AAAA,MACT,IAAA,EAAM,MAAA;AAAA,MACN,SAAA,EAAW,CAAC,eAAe,CAAA;AAAA,MAC3B,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,0BAAA;AAAA,MACR,OAAA,EAAS,0BAAA;AAAA,MACT,cAAA,EAAgB,iBAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,KAAA,EAAO,gBAAgB,IAAA,EAAK;AAAA,QACvD,EAAE,KAAA,EAAO,OAAA,EAAS,QAAA,EAAU,KAAA,EAAO,gBAAgB,IAAA;AAAK;AAC1D,KACF;AAAA,IACA;AAAA,MACE,IAAA,EAAM,oBAAA;AAAA,MACN,KAAA,EAAO,iBAAA;AAAA,MACP,IAAA,EAAM,KAAA;AAAA,MACN,OAAA,EAAS,WAAA;AAAA,MACT,SAAA,EAAW,CAAC,eAAA,EAAiB,aAAA,EAAe,gBAAgB,CAAA;AAAA,MAC5D,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,8BAAA;AAAA,MACR,OAAA,EAAS,0BAAA;AAAA,MACT,cAAA,EAAgB,kBAAA;AAAA,MAChB,YAAA,EAAc,KAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,MAAM,iBAAA,EAAmB,KAAA,EAAO,oBAAoB,IAAA,EAAM,MAAA,EAAQ,UAAU,IAAA,EAAK;AAAA,QACnF,EAAE,MAAM,aAAA,EAAe,KAAA,EAAO,gBAAgB,IAAA,EAAM,MAAA,EAAQ,UAAU,IAAA,EAAK;AAAA,QAC3E,EAAE,IAAA,EAAM,qBAAA,EAAuB,KAAA,EAAO,wBAAA,EAA0B,MAAM,SAAA,EAAW,QAAA,EAAU,KAAA,EAAO,YAAA,EAAc,IAAA;AAAK;AACvH,KACF;AAAA,IACA;AAAA,MACE,IAAA,EAAM,iBAAA;AAAA,MACN,KAAA,EAAO,cAAA;AAAA,MACP,IAAA,EAAM,MAAA;AAAA,MACN,OAAA,EAAS,WAAA;AAAA,MACT,SAAA,EAAW,CAAC,eAAA,EAAiB,aAAA,EAAe,gBAAgB,CAAA;AAAA,MAC5D,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,2BAAA;AAAA,MACR,OAAA,EAAS,0BAAA;AAAA,MACT,cAAA,EAAgB,kEAAA;AAAA,MAChB,YAAA,EAAc,KAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,MAAM,UAAA,EAAY,KAAA,EAAO,aAAa,IAAA,EAAM,OAAA,EAAS,UAAU,IAAA;AAAK;AACxE,KACF;AAAA,IACA;AAAA,MACE,IAAA,EAAM,2BAAA;AAAA,MACN,KAAA,EAAO,2BAAA;AAAA,MACP,IAAA,EAAM,YAAA;AAAA,MACN,OAAA,EAAS,WAAA;AAAA,MACT,SAAA,EAAW,CAAC,eAAA,EAAiB,aAAA,EAAe,gBAAgB,CAAA;AAAA,MAC5D,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,sCAAA;AAAA;AAAA;AAAA,MAGR,OAAA,EAAS,4DAAA;AAAA,MACT,cAAA,EAAgB,kDAAA;AAAA,MAChB,YAAA,EAAc,KAAA;AAAA,MACd,QAAQ;AAAC,KACX;AAAA,IACA;AAAA,MACE,IAAA,EAAM,mBAAA;AAAA,MACN,KAAA,EAAO,mBAAA;AAAA,MACP,IAAA,EAAM,QAAA;AAAA,MACN,OAAA,EAAS,QAAA;AAAA,MACT,IAAA,EAAM,QAAA;AAAA,MACN,SAAA,EAAW,CAAC,aAAA,EAAe,gBAAgB,CAAA;AAAA,MAC3C,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,0BAAA;AAAA,MACR,OAAA,EAAS,0BAAA;AAAA,MACT,WAAA,EAAa,8KAAA;AAAA,MACb,cAAA,EAAgB,iBAAA;AAAA,MAChB,YAAA,EAAc,KAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,MAAM,UAAA,EAAY,KAAA,EAAO,oBAAoB,IAAA,EAAM,MAAA,EAAQ,UAAU,IAAA;AAAK;AAC9E,KACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAOA;AAAA,MACE,IAAA,EAAM,mBAAA;AAAA,MACN,KAAA,EAAO,wBAAA;AAAA,MACP,IAAA,EAAM,aAAA;AAAA,MACN,OAAA,EAAS,SAAA;AAAA,MACT,SAAA,EAAW,CAAC,gBAAgB,CAAA;AAAA,MAC5B,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,gCAAA;AAAA,MACR,OAAA,EAAS,+DAAA;AAAA,MACT,cAAA,EAAgB,iJAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,MAAM,UAAA,EAAY,KAAA,EAAO,oBAAoB,IAAA,EAAM,MAAA,EAAQ,UAAU,IAAA;AAAK;AAC9E,KACF;AAAA,IACA;AAAA,MACE,IAAA,EAAM,oBAAA;AAAA,MACN,KAAA,EAAO,yBAAA;AAAA,MACP,IAAA,EAAM,YAAA;AAAA,MACN,OAAA,EAAS,QAAA;AAAA,MACT,SAAA,EAAW,CAAC,gBAAgB,CAAA;AAAA,MAC5B,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,iCAAA;AAAA,MACR,OAAA,EAAS,+DAAA;AAAA,MACT,WAAA,EAAa,uEAAA;AAAA,MACb,cAAA,EAAgB,qCAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,MAAM,UAAA,EAAY,KAAA,EAAO,oBAAoB,IAAA,EAAM,MAAA,EAAQ,UAAU,IAAA;AAAK;AAC9E,KACF;AAAA,IACA;AAAA,MACE,IAAA,EAAM,uBAAA;AAAA,MACN,KAAA,EAAO,yBAAA;AAAA,MACP,IAAA,EAAM,cAAA;AAAA,MACN,OAAA,EAAS,WAAA;AAAA,MACT,SAAA,EAAW,CAAC,gBAAgB,CAAA;AAAA,MAC5B,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,+CAAA;AAAA,MACR,OAAA,EAAS,+DAAA;AAAA,MACT,WAAA,EAAa,uFAAA;AAAA,MACb,cAAA,EAAgB,6DAAA;AAAA,MAChB,YAAA,EAAc,KAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,MAAM,UAAA,EAAY,KAAA,EAAO,oBAAoB,IAAA,EAAM,MAAA,EAAQ,UAAU,IAAA;AAAK;AAC9E;AACF,GACF;AAAA,EAEA,SAAA,EAAW;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAMT,EAAA,EAAI;AAAA,MACF,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,IAAA;AAAA,MACN,KAAA,EAAO,YAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,UAAA,EAAW;AAAA,MAC/C,SAAS,CAAC,MAAA,EAAQ,OAAA,EAAS,gBAAA,EAAkB,sBAAsB,YAAY,CAAA;AAAA,MAC/E,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,MAAM,QAAA,EAAU,QAAA,EAAU,KAAA,EAAO,mBAAA,EAAqB,CAAA;AAAA,MACxE,MAAM,CAAC,EAAE,OAAO,MAAA,EAAQ,KAAA,EAAO,OAAO,CAAA;AAAA,MACtC,UAAA,EAAY,EAAE,QAAA,EAAU,CAAA;AAAE,KAC5B;AAAA,IACA,SAAA,EAAW;AAAA,MACT,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,WAAA;AAAA,MACN,KAAA,EAAO,WAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,UAAA,EAAW;AAAA,MAC/C,SAAS,CAAC,MAAA,EAAQ,OAAA,EAAS,gBAAA,EAAkB,sBAAsB,YAAY,CAAA;AAAA,MAC/E,MAAM,CAAC,EAAE,OAAO,MAAA,EAAQ,KAAA,EAAO,OAAO,CAAA;AAAA,MACtC,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG,KAC7B;AAAA,IACA,UAAA,EAAY;AAAA,MACV,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,YAAA;AAAA,MACN,KAAA,EAAO,YAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,UAAA,EAAW;AAAA,MAC/C,OAAA,EAAS,CAAC,MAAA,EAAQ,OAAA,EAAS,YAAY,CAAA;AAAA,MACvC,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,kBAAkB,QAAA,EAAU,QAAA,EAAU,KAAA,EAAO,KAAA,EAAO,CAAA;AAAA,MACtE,MAAM,CAAC,EAAE,OAAO,YAAA,EAAc,KAAA,EAAO,QAAQ,CAAA;AAAA,MAC7C,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG,KAC7B;AAAA,IACA,UAAA,EAAY;AAAA,MACV,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,YAAA;AAAA,MACN,KAAA,EAAO,aAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,UAAA,EAAW;AAAA,MAC/C,OAAA,EAAS,CAAC,MAAA,EAAQ,OAAA,EAAS,sBAAsB,YAAY,CAAA;AAAA,MAC7D,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,sBAAsB,QAAA,EAAU,QAAA,EAAU,KAAA,EAAO,IAAA,EAAM,CAAA;AAAA,MACzE,MAAM,CAAC,EAAE,OAAO,MAAA,EAAQ,KAAA,EAAO,OAAO,CAAA;AAAA,MACtC,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG,KAC7B;AAAA,IACA,MAAA,EAAQ;AAAA,MACN,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,QAAA;AAAA,MACN,KAAA,EAAO,QAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,UAAA,EAAW;AAAA,MAC/C,SAAS,CAAC,MAAA,EAAQ,OAAA,EAAS,QAAA,EAAU,cAAc,aAAa,CAAA;AAAA,MAChE,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,UAAU,QAAA,EAAU,QAAA,EAAU,KAAA,EAAO,IAAA,EAAM,CAAA;AAAA,MAC7D,MAAM,CAAC,EAAE,OAAO,YAAA,EAAc,KAAA,EAAO,QAAQ,CAAA;AAAA,MAC7C,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG;AAC7B,GACF;AAAA,EAEA,MAAA,EAAQ;AAAA;AAAA,IAEN,IAAA,EAAMC,WAAM,IAAA,CAAK;AAAA,MACf,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,UAAA,EAAY,IAAA;AAAA,MACZ,SAAA,EAAW,GAAA;AAAA,MACX,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,KAAA,EAAOA,WAAM,KAAA,CAAM;AAAA,MACjB,KAAA,EAAO,OAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,UAAA,EAAY,IAAA;AAAA,MACZ,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,cAAA,EAAgBA,WAAM,OAAA,CAAQ;AAAA,MAC5B,KAAA,EAAO,gBAAA;AAAA,MACP,YAAA,EAAc,KAAA;AAAA,MACd,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,kBAAA,EAAoBA,WAAM,OAAA,CAAQ;AAAA,MAChC,KAAA,EAAO,oBAAA;AAAA,MACP,YAAA,EAAc,KAAA;AAAA,MACd,KAAA,EAAO,UAAA;AAAA,MACP,WAAA,EAAa;AAAA,KACd,CAAA;AAAA;AAAA,IAGD,IAAA,EAAMA,WAAM,IAAA,CAAK;AAAA,MACf,KAAA,EAAO,eAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,SAAA,EAAW,EAAA;AAAA,MACX,KAAA,EAAO,OAAA;AAAA,MACP,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,MAAA,EAAQA,WAAM,OAAA,CAAQ;AAAA,MACpB,KAAA,EAAO,QAAA;AAAA,MACP,YAAA,EAAc,KAAA;AAAA,MACd,KAAA,EAAO,OAAA;AAAA,MACP,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,IAAA,CAAK;AAAA,MACrB,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,SAAA,EAAW,GAAA;AAAA,MACX,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,WAAA,EAAaA,WAAM,QAAA,CAAS;AAAA,MAC1B,KAAA,EAAO,aAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,KAAA,EAAO,OAAA;AAAA,MACP,WAAA,EAAa;AAAA,KACd,CAAA;AAAA;AAAA,IAGD,KAAA,EAAOA,WAAM,GAAA,CAAI;AAAA,MACf,KAAA,EAAO,eAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA;AAAA,IAGD,EAAA,EAAIA,WAAM,IAAA,CAAK;AAAA,MACb,KAAA,EAAO,SAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR;AAAA,GACH;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,EAAE,MAAA,EAAQ,CAAC,OAAO,CAAA,EAAG,QAAQ,IAAA,EAAK;AAAA,IAClC,EAAE,MAAA,EAAQ,CAAC,YAAY,CAAA,EAAG,QAAQ,KAAA;AAAM,GAC1C;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,YAAA,EAAc,IAAA;AAAA,IACd,UAAA,EAAY,IAAA;AAAA,IACZ,UAAA,EAAY,IAAA;AAAA,IACZ,YAAY,CAAC,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,UAAU,QAAQ,CAAA;AAAA,IACxD,KAAA,EAAO,IAAA;AAAA,IACP,GAAA,EAAK;AAAA,GACP;AAAA,EAEA,WAAA,EAAa;AAAA,IACX;AAAA,MACE,IAAA,EAAM,cAAA;AAAA,MACN,IAAA,EAAM,QAAA;AAAA,MACN,QAAA,EAAU,OAAA;AAAA,MACV,OAAA,EAAS,sBAAA;AAAA,MACT,MAAA,EAAQ,CAAC,OAAO,CAAA;AAAA,MAChB,aAAA,EAAe;AAAA;AACjB;AAEJ,CAAC;ACnbM,IAAM,UAAA,GAAaD,kBAAa,MAAA,CAAO;AAAA,EAC5C,IAAA,EAAM,aAAA;AAAA,EACN,KAAA,EAAO,SAAA;AAAA,EACP,WAAA,EAAa,UAAA;AAAA,EACb,IAAA,EAAM,KAAA;AAAA,EACN,QAAA,EAAU,IAAA;AAAA,EACV,SAAA,EAAW,aAAA;AAAA;AAAA;AAAA;AAAA,EAIX,UAAA,EAAY;AAAA,IACV,IAAA,EAAM,MAAA;AAAA,IACN,MAAA,EAAQ,4DAAA;AAAA,IACR,OAAA,EAAS;AAAA,GACX;AAAA,EACA,WAAA,EAAa,sBAAA;AAAA,EACb,gBAAA,EAAkB,SAAA;AAAA,EAClB,WAAA,EAAa,0BAAA;AAAA,EACb,aAAA,EAAe,CAAC,SAAA,EAAW,YAAA,EAAc,YAAY,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOrD,OAAA,EAAS;AAAA,IACP;AAAA,MACE,IAAA,EAAM,0BAAA;AAAA,MACN,KAAA,EAAO,wBAAA;AAAA,MACP,IAAA,EAAM,SAAA;AAAA,MACN,OAAA,EAAS,QAAA;AAAA,MACT,SAAA,EAAW,CAAC,cAAc,CAAA;AAAA,MAC1B,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,oCAAA;AAAA,MACR,WAAA,EAAa,2GAAA;AAAA,MACb,cAAA,EAAgB,4BAAA;AAAA,MAChB,YAAA,EAAc;AAAA,KAChB;AAAA,IACA;AAAA,MACE,IAAA,EAAM,gBAAA;AAAA,MACN,KAAA,EAAO,gBAAA;AAAA,MACP,IAAA,EAAM,SAAA;AAAA,MACN,OAAA,EAAS,QAAA;AAAA,MACT,IAAA,EAAM,QAAA;AAAA,MACN,SAAA,EAAW,CAAC,WAAW,CAAA;AAAA,MACvB,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,6BAAA;AAAA;AAAA,MAER,aAAA,EAAe,OAAA;AAAA,MACf,aAAA,EAAe,OAAA;AAAA,MACf,WAAA,EAAa,oEAAA;AAAA,MACb,cAAA,EAAgB,iBAAA;AAAA,MAChB,YAAA,EAAc;AAAA;AAChB,GACF;AAAA,EAEA,SAAA,EAAW;AAAA,IACT,IAAA,EAAM;AAAA,MACJ,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,MAAA;AAAA,MACN,KAAA,EAAO,aAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,aAAA,EAAc;AAAA,MAClD,OAAA,EAAS,CAAC,YAAA,EAAc,wBAAA,EAA0B,cAAc,YAAY,CAAA;AAAA,MAC5E,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,WAAW,QAAA,EAAU,QAAA,EAAU,KAAA,EAAO,mBAAA,EAAqB,CAAA;AAAA,MAC7E,MAAM,CAAC,EAAE,OAAO,YAAA,EAAc,KAAA,EAAO,QAAQ,CAAA;AAAA,MAC7C,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG,KAC7B;AAAA,IACA,YAAA,EAAc;AAAA,MACZ,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,cAAA;AAAA,MACN,KAAA,EAAO,KAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,aAAA,EAAc;AAAA,MAClD,SAAS,CAAC,SAAA,EAAW,YAAA,EAAc,wBAAA,EAA0B,cAAc,YAAY,CAAA;AAAA,MACvF,MAAM,CAAC,EAAE,OAAO,YAAA,EAAc,KAAA,EAAO,QAAQ,CAAA;AAAA,MAC7C,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG;AAC7B,GACF;AAAA,EAEA,MAAA,EAAQ;AAAA;AAAA,IAEN,OAAA,EAASC,UAAAA,CAAM,MAAA,CAAO,UAAA,EAAY;AAAA,MAChC,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,UAAA,EAAY,IAAA;AAAA,MACZ,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA;AAAA,IAGD,sBAAA,EAAwBA,UAAAA,CAAM,MAAA,CAAO,kBAAA,EAAoB;AAAA,MACvD,KAAA,EAAO,qBAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,cAAA,EAAgBA,UAAAA,CAAM,MAAA,CAAO,UAAA,EAAY;AAAA,MACvC,KAAA,EAAO,aAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA;AAAA,IAGD,UAAA,EAAYA,WAAM,IAAA,CAAK;AAAA,MACrB,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,SAAA,EAAW,EAAA;AAAA;AAAA,MACX,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA;AAAA,IAGD,eAAA,EAAiBA,UAAAA,CAAM,MAAA,CAAO,UAAA,EAAY;AAAA,MACxC,KAAA,EAAO,iBAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,KAAA,EAAO,OAAA;AAAA,MACP,WAAA,EAAa;AAAA,KACd,CAAA;AAAA;AAAA,IAGD,KAAA,EAAOA,WAAM,IAAA,CAAK;AAAA,MAChB,KAAA,EAAO,eAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,MAAA,EAAQ,IAAA;AAAA,MACR,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa,iDAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA;AAAA,IAGD,EAAA,EAAIA,WAAM,IAAA,CAAK;AAAA,MACb,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR;AAAA,GACH;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,EAAE,MAAA,EAAQ,CAAC,OAAO,CAAA,EAAG,QAAQ,IAAA,EAAK;AAAA,IAClC,EAAE,MAAA,EAAQ,CAAC,SAAS,CAAA,EAAG,QAAQ,KAAA,EAAM;AAAA,IACrC,EAAE,MAAA,EAAQ,CAAC,YAAY,CAAA,EAAG,QAAQ,KAAA;AAAM,GAC1C;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,YAAA,EAAc,KAAA;AAAA,IACd,UAAA,EAAY,KAAA;AAAA,IACZ,UAAA,EAAY,IAAA;AAAA,IACZ,UAAA,EAAY,CAAC,KAAA,EAAO,MAAA,EAAQ,UAAU,QAAQ,CAAA;AAAA,IAC9C,KAAA,EAAO,KAAA;AAAA,IACP,GAAA,EAAK,KAAA;AAAA,IACL,KAAA,EAAO;AAAA;AAEX,CAAC;ACpLM,IAAM,UAAA,GAAaD,kBAAa,MAAA,CAAO;AAAA,EAC5C,IAAA,EAAM,aAAA;AAAA,EACN,KAAA,EAAO,SAAA;AAAA,EACP,WAAA,EAAa,UAAA;AAAA,EACb,IAAA,EAAM,MAAA;AAAA,EACN,QAAA,EAAU,IAAA;AAAA,EACV,SAAA,EAAW,aAAA;AAAA;AAAA;AAAA;AAAA,EAIX,UAAA,EAAY;AAAA,IACV,IAAA,EAAM,MAAA;AAAA,IACN,MAAA,EAAQ,4DAAA;AAAA,IACR,OAAA,EAAS;AAAA,GACX;AAAA,EACA,WAAA,EAAa,4CAAA;AAAA,EACb,WAAA,EAAa,8BAAA;AAAA,EACb,aAAA,EAAe,CAAC,aAAA,EAAe,SAAA,EAAW,YAAY,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EActD,OAAA,EAAS;AAAA,IACP;AAAA,MACE,IAAA,EAAM,aAAA;AAAA,MACN,KAAA,EAAO,qBAAA;AAAA,MACP,IAAA,EAAM,QAAA;AAAA,MACN,OAAA,EAAS,SAAA;AAAA,MACT,IAAA,EAAM,QAAA;AAAA,MACN,SAAA,EAAW,CAAC,cAAc,CAAA;AAAA,MAC1B,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,oHAAA;AAAA,MACR,MAAA,EAAQ;AAAA,QACN;AAAA,UACE,IAAA,EAAM,UAAA;AAAA,UACN,KAAA,EAAO,UAAA;AAAA,UACP,IAAA,EAAM,QAAA;AAAA,UACN,QAAA,EAAU,IAAA;AAAA,UACV,OAAA,EAAS;AAAA,YACP,EAAE,KAAA,EAAO,QAAA,EAAU,KAAA,EAAO,QAAA,EAAS;AAAA,YACnC,EAAE,KAAA,EAAO,QAAA,EAAU,KAAA,EAAO,QAAA,EAAS;AAAA,YACnC,EAAE,KAAA,EAAO,WAAA,EAAa,KAAA,EAAO,WAAA,EAAY;AAAA,YACzC,EAAE,KAAA,EAAO,OAAA,EAAS,KAAA,EAAO,OAAA,EAAQ;AAAA,YACjC,EAAE,KAAA,EAAO,UAAA,EAAY,KAAA,EAAO,UAAA,EAAW;AAAA,YACvC,EAAE,KAAA,EAAO,QAAA,EAAU,KAAA,EAAO,QAAA,EAAS;AAAA,YACnC,EAAE,KAAA,EAAO,SAAA,EAAW,KAAA,EAAO,SAAA;AAAU;AACvC;AACF;AACF,KACF;AAAA,IACA;AAAA,MACE,IAAA,EAAM,gBAAA;AAAA,MACN,KAAA,EAAO,gBAAA;AAAA,MACP,IAAA,EAAM,QAAA;AAAA,MACN,OAAA,EAAS,QAAA;AAAA,MACT,IAAA,EAAM,QAAA;AAAA,MACN,SAAA,EAAW,CAAC,WAAA,EAAa,eAAe,CAAA;AAAA,MACxC,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,6BAAA;AAAA,MACR,WAAA,EAAa,6IAAA;AAAA,MACb,cAAA,EAAgB,uBAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,MAAM,YAAA,EAAc,KAAA,EAAO,eAAe,cAAA,EAAgB,IAAA,EAAM,UAAU,IAAA,EAAK;AAAA,QACjF,EAAE,MAAM,WAAA,EAAa,KAAA,EAAO,cAAc,cAAA,EAAgB,IAAA,EAAM,UAAU,IAAA;AAAK;AACjF;AACF,GACF;AAAA,EAEA,SAAA,EAAW;AAAA,IACT,IAAA,EAAM;AAAA,MACJ,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,MAAA;AAAA,MACN,KAAA,EAAO,UAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,aAAA,EAAc;AAAA,MAClD,OAAA,EAAS,CAAC,aAAA,EAAe,YAAA,EAAc,cAAc,YAAY,CAAA;AAAA,MACjE,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,WAAW,QAAA,EAAU,QAAA,EAAU,KAAA,EAAO,mBAAA,EAAqB,CAAA;AAAA,MAC7E,MAAM,CAAC,EAAE,OAAO,aAAA,EAAe,KAAA,EAAO,OAAO,CAAA;AAAA,MAC7C,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG,KAC7B;AAAA,IACA,WAAA,EAAa;AAAA,MACX,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,aAAA;AAAA,MACN,KAAA,EAAO,aAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,aAAA,EAAc;AAAA,MAClD,OAAA,EAAS,CAAC,aAAA,EAAe,SAAA,EAAW,cAAc,YAAY,CAAA;AAAA,MAC9D,IAAA,EAAM,CAAC,EAAE,KAAA,EAAO,aAAA,EAAe,KAAA,EAAO,KAAA,EAAM,EAAG,EAAE,KAAA,EAAO,YAAA,EAAc,KAAA,EAAO,QAAQ,CAAA;AAAA,MACrF,QAAA,EAAU,EAAE,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,aAAA,EAAe,KAAA,EAAO,KAAA,EAAO,SAAA,EAAW,KAAA,EAAO,CAAA,EAAE;AAAA,MAC/E,UAAA,EAAY,EAAE,QAAA,EAAU,GAAA;AAAI,KAC9B;AAAA,IACA,SAAA,EAAW;AAAA,MACT,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,WAAA;AAAA,MACN,KAAA,EAAO,KAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,aAAA,EAAc;AAAA,MAClD,SAAS,CAAC,aAAA,EAAe,SAAA,EAAW,YAAA,EAAc,cAAc,YAAY,CAAA;AAAA,MAC5E,MAAM,CAAC,EAAE,OAAO,YAAA,EAAc,KAAA,EAAO,QAAQ,CAAA;AAAA,MAC7C,UAAA,EAAY,EAAE,QAAA,EAAU,GAAA;AAAI;AAC9B,GACF;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,EAAA,EAAIC,WAAM,IAAA,CAAK;AAAA,MACb,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,WAAA,EAAaA,WAAM,IAAA,CAAK;AAAA,MACtB,KAAA,EAAO,aAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,IAAA,CAAK;AAAA,MACrB,KAAA,EAAO,qBAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,OAAA,EAASA,UAAAA,CAAM,MAAA,CAAO,UAAA,EAAY;AAAA,MAChC,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,YAAA,EAAcA,WAAM,QAAA,CAAS;AAAA,MAC3B,KAAA,EAAO,cAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,aAAA,EAAeA,WAAM,QAAA,CAAS;AAAA,MAC5B,KAAA,EAAO,eAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,QAAA,EAAUA,WAAM,QAAA,CAAS;AAAA,MACvB,KAAA,EAAO,UAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,uBAAA,EAAyBA,WAAM,QAAA,CAAS;AAAA,MACtC,KAAA,EAAO,yBAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,wBAAA,EAA0BA,WAAM,QAAA,CAAS;AAAA,MACvC,KAAA,EAAO,0BAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,KAAA,EAAOA,WAAM,IAAA,CAAK;AAAA,MAChB,KAAA,EAAO,aAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,QAAA,EAAUA,WAAM,IAAA,CAAK;AAAA,MACnB,KAAA,EAAO,eAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd;AAAA,GACH;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,EAAE,MAAA,EAAQ,CAAC,SAAS,CAAA,EAAG,QAAQ,KAAA,EAAM;AAAA,IACrC,EAAE,MAAA,EAAQ,CAAC,eAAe,YAAY,CAAA,EAAG,QAAQ,IAAA;AAAK,GACxD;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,YAAA,EAAc,KAAA;AAAA,IACd,UAAA,EAAY,KAAA;AAAA,IACZ,UAAA,EAAY,IAAA;AAAA,IACZ,YAAY,CAAC,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,UAAU,QAAQ,CAAA;AAAA,IACxD,KAAA,EAAO,IAAA;AAAA,IACP,GAAA,EAAK;AAAA;AAET,CAAC;ACrMM,IAAM,eAAA,GAAkBD,kBAAa,MAAA,CAAO;AAAA,EACjD,IAAA,EAAM,kBAAA;AAAA,EACN,KAAA,EAAO,cAAA;AAAA,EACP,WAAA,EAAa,eAAA;AAAA,EACb,IAAA,EAAM,cAAA;AAAA,EACN,QAAA,EAAU,IAAA;AAAA,EACV,SAAA,EAAW,aAAA;AAAA;AAAA;AAAA;AAAA,EAIX,UAAA,EAAY;AAAA,IACV,IAAA,EAAM,MAAA;AAAA,IACN,MAAA,EAAQ,4DAAA;AAAA,IACR,OAAA,EAAS;AAAA,GACX;AAAA,EACA,WAAA,EAAa,qCAAA;AAAA,EACb,WAAA,EAAa,+BAAA;AAAA,EACb,aAAA,EAAe,CAAC,YAAA,EAAc,YAAA,EAAc,YAAY,CAAA;AAAA,EAExD,MAAA,EAAQ;AAAA,IACN,EAAA,EAAIC,WAAM,IAAA,CAAK;AAAA,MACb,KAAA,EAAO,iBAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,KAAA,EAAOA,WAAM,IAAA,CAAK;AAAA,MAChB,KAAA,EAAO,oBAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,IAAA,CAAK;AAAA,MACrB,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd;AAAA,GACH;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,EAAE,MAAA,EAAQ,CAAC,OAAO,CAAA,EAAG,QAAQ,IAAA,EAAK;AAAA,IAClC,EAAE,MAAA,EAAQ,CAAC,YAAY,CAAA,EAAG,QAAQ,KAAA,EAAM;AAAA,IACxC,EAAE,MAAA,EAAQ,CAAC,YAAY,CAAA,EAAG,QAAQ,KAAA;AAAM,GAC1C;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,YAAA,EAAc,KAAA;AAAA,IACd,UAAA,EAAY,KAAA;AAAA,IACZ,UAAA,EAAY,IAAA;AAAA,IACZ,UAAA,EAAY,CAAC,KAAA,EAAO,QAAA,EAAU,QAAQ,CAAA;AAAA,IACtC,KAAA,EAAO,KAAA;AAAA,IACP,GAAA,EAAK;AAAA;AAET,CAAC;ACtEM,IAAM,eAAA,GAAkBD,kBAAa,MAAA,CAAO;AAAA,EACjD,IAAA,EAAM,kBAAA;AAAA,EACN,KAAA,EAAO,cAAA;AAAA,EACP,WAAA,EAAa,eAAA;AAAA,EACb,IAAA,EAAM,YAAA;AAAA,EACN,QAAA,EAAU,IAAA;AAAA,EACV,SAAA,EAAW,aAAA;AAAA;AAAA;AAAA;AAAA,EAIX,UAAA,EAAY;AAAA,IACV,IAAA,EAAM,MAAA;AAAA,IACN,MAAA,EAAQ,4DAAA;AAAA,IACR,OAAA,EAAS;AAAA,GACX;AAAA,EACA,WAAA,EAAa,yCAAA;AAAA,EACb,gBAAA,EAAkB,MAAA;AAAA,EAClB,WAAA,EAAa,QAAA;AAAA,EACb,aAAA,EAAe,CAAC,MAAA,EAAQ,MAAM,CAAA;AAAA;AAAA;AAAA,EAI9B,OAAA,EAAS;AAAA,IACP;AAAA,MACE,IAAA,EAAM,qBAAA;AAAA,MACN,KAAA,EAAO,qBAAA;AAAA,MACP,IAAA,EAAM,MAAA;AAAA,MACN,OAAA,EAAS,SAAA;AAAA,MACT,SAAA,EAAW,CAAC,cAAc,CAAA;AAAA,MAC1B,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,kCAAA;AAAA,MACR,cAAA,EAAgB,sBAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,MAMd,OAAA,EAAS,mCAAA;AAAA,MACT,MAAA,EAAQ;AAAA,QACN,EAAE,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,IAAA,EAAK;AAAA,QAChC,EAAE,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,IAAA,EAAK;AAAA,QAChC,EAAE,OAAO,MAAA;AAAO;AAClB,KACF;AAAA,IACA;AAAA,MACE,IAAA,EAAM,qBAAA;AAAA,MACN,KAAA,EAAO,mBAAA;AAAA,MACP,IAAA,EAAM,QAAA;AAAA,MACN,IAAA,EAAM,MAAA;AAAA,MACN,SAAA,EAAW,CAAC,WAAW,CAAA;AAAA,MACvB,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,kCAAA;AAAA,MACR,aAAA,EAAe,gBAAA;AAAA;AAAA,MAEf,SAAA,EAAW,EAAE,IAAA,EAAM,MAAA,EAAO;AAAA,MAC1B,cAAA,EAAgB,sBAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,IAAA,EAAM,gBAAgB,IAAA,EAAK;AAAA,QACtD,EAAE,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,IAAA,EAAM,gBAAgB,IAAA,EAAK;AAAA,QACtD,EAAE,KAAA,EAAO,MAAA,EAAQ,cAAA,EAAgB,IAAA;AAAK;AACxC,KACF;AAAA,IACA;AAAA,MACE,IAAA,EAAM,qBAAA;AAAA,MACN,KAAA,EAAO,qBAAA;AAAA,MACP,IAAA,EAAM,SAAA;AAAA,MACN,OAAA,EAAS,QAAA;AAAA,MACT,IAAA,EAAM,QAAA;AAAA,MACN,SAAA,EAAW,CAAC,WAAW,CAAA;AAAA,MACvB,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,kCAAA;AAAA,MACR,aAAA,EAAe,gBAAA;AAAA,MACf,WAAA,EAAa,4FAAA;AAAA,MACb,cAAA,EAAgB,sBAAA;AAAA,MAChB,YAAA,EAAc;AAAA,KAChB;AAAA,IACA;AAAA;AAAA;AAAA;AAAA;AAAA,MAKE,IAAA,EAAM,yBAAA;AAAA,MACN,KAAA,EAAO,YAAA;AAAA,MACP,IAAA,EAAM,gBAAA;AAAA,MACN,OAAA,EAAS,WAAA;AAAA,MACT,IAAA,EAAM,QAAA;AAAA,MACN,SAAA,EAAW,CAAC,WAAA,EAAa,eAAe,CAAA;AAAA,MACxC,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,sCAAA;AAAA,MACR,aAAA,EAAe,gBAAA;AAAA,MACf,cAAA,EAAgB,8BAAA;AAAA,MAChB,YAAA,EAAc;AAAA,KAChB;AAAA,IACA;AAAA;AAAA;AAAA;AAAA,MAIE,IAAA,EAAM,oBAAA;AAAA,MACN,KAAA,EAAO,oBAAA;AAAA,MACP,IAAA,EAAM,SAAA;AAAA,MACN,OAAA,EAAS,QAAA;AAAA,MACT,IAAA,EAAM,QAAA;AAAA,MACN,SAAA,EAAW,CAAC,WAAA,EAAa,eAAe,CAAA;AAAA,MACxC,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,iCAAA;AAAA,MACR,aAAA,EAAe,gBAAA;AAAA,MACf,WAAA,EAAa,wEAAA;AAAA,MACb,cAAA,EAAgB,gCAAA;AAAA,MAChB,YAAA,EAAc;AAAA,KAChB;AAAA,IACA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,MAQE,IAAA,EAAM,aAAA;AAAA,MACN,KAAA,EAAO,aAAA;AAAA,MACP,IAAA,EAAM,QAAA;AAAA,MACN,OAAA,EAAS,WAAA;AAAA,MACT,IAAA,EAAM,QAAA;AAAA,MACN,SAAA,EAAW,CAAC,eAAe,CAAA;AAAA,MAC3B,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,8CAAA;AAAA,MACR,MAAA,EAAQ,MAAA;AAAA,MACR,WAAA,EAAa,gHAAA;AAAA,MACb,cAAA,EAAgB,2BAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,IAAA,EAAM,gBAAgB,IAAA;AAAK;AACxD;AACF,GACF;AAAA,EAEA,SAAA,EAAW;AAAA,IACT,QAAA,EAAU;AAAA,MACR,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,UAAA;AAAA,MACN,KAAA,EAAO,KAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,kBAAA,EAAmB;AAAA,MACvD,OAAA,EAAS,CAAC,MAAA,EAAQ,MAAA,EAAQ,cAAc,YAAY,CAAA;AAAA,MACpD,MAAM,CAAC,EAAE,OAAO,MAAA,EAAQ,KAAA,EAAO,OAAO,CAAA;AAAA,MACtC,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG;AAC7B,GACF;AAAA,EAEA,MAAA,EAAQ;AAAA;AAAA,IAEN,IAAA,EAAMC,WAAM,IAAA,CAAK;AAAA,MACf,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,UAAA,EAAY,IAAA;AAAA,MACZ,SAAA,EAAW,GAAA;AAAA,MACX,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,IAAA,EAAMA,WAAM,IAAA,CAAK;AAAA,MACf,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,UAAA,EAAY,IAAA;AAAA,MACZ,SAAA,EAAW,GAAA;AAAA,MACX,WAAA,EAAa,yBAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA;AAAA,IAGD,IAAA,EAAMA,WAAM,GAAA,CAAI;AAAA,MACd,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA;AAAA,IAGD,QAAA,EAAUA,WAAM,QAAA,CAAS;AAAA,MACvB,KAAA,EAAO,UAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,uCAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA;AAAA,IAGD,EAAA,EAAIA,WAAM,IAAA,CAAK;AAAA,MACb,KAAA,EAAO,iBAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR;AAAA,GACH;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,EAAE,MAAA,EAAQ,CAAC,MAAM,CAAA,EAAG,QAAQ,IAAA,EAAK;AAAA,IACjC,EAAE,MAAA,EAAQ,CAAC,MAAM,CAAA;AAAE,GACrB;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,YAAA,EAAc,IAAA;AAAA,IACd,UAAA,EAAY,IAAA;AAAA,IACZ,UAAA,EAAY,IAAA;AAAA,IACZ,YAAY,CAAC,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,UAAU,QAAQ,CAAA;AAAA,IACxD,KAAA,EAAO,IAAA;AAAA,IACP,GAAA,EAAK;AAAA;AAET,CAAC;AC5NM,IAAM,SAAA,GAAYD,kBAAa,MAAA,CAAO;AAAA,EAC3C,IAAA,EAAM,YAAA;AAAA,EACN,KAAA,EAAO,QAAA;AAAA,EACP,WAAA,EAAa,SAAA;AAAA,EACb,IAAA,EAAM,YAAA;AAAA,EACN,QAAA,EAAU,IAAA;AAAA,EACV,SAAA,EAAW,aAAA;AAAA;AAAA;AAAA;AAAA,EAIX,UAAA,EAAY;AAAA,IACV,IAAA,EAAM,MAAA;AAAA,IACN,MAAA,EAAQ,4DAAA;AAAA,IACR,OAAA,EAAS;AAAA,GACX;AAAA,EACA,WAAA,EAAa,iCAAA;AAAA,EACb,WAAA,EAAa,gCAAA;AAAA,EACb,aAAA,EAAe,CAAC,SAAA,EAAW,iBAAA,EAAmB,MAAM,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOpD,OAAA,EAAS;AAAA,IACP;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,MAME,IAAA,EAAM,YAAA;AAAA,MACN,KAAA,EAAO,YAAA;AAAA,MACP,IAAA,EAAM,WAAA;AAAA,MACN,OAAA,EAAS,SAAA;AAAA,MACT,SAAA,EAAW,CAAC,cAAc,CAAA;AAAA,MAC1B,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,sCAAA;AAAA,MACR,cAAA,EAAgB,cAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,IAAA,EAAM,QAAA,EAAU,KAAA,EAAO,SAAA,EAAW,UAAU,IAAA,EAAK;AAAA,QACnD,EAAE,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,IAAA,EAAK;AAAA,QAChC,EAAE,IAAA,EAAM,gBAAA,EAAkB,KAAA,EAAO,iBAAA;AAAkB;AACrD,KACF;AAAA,IACA;AAAA,MACE,IAAA,EAAM,oBAAA;AAAA,MACN,KAAA,EAAO,aAAA;AAAA,MACP,IAAA,EAAM,QAAA;AAAA,MACN,IAAA,EAAM,MAAA;AAAA,MACN,SAAA,EAAW,CAAC,WAAW,CAAA;AAAA,MACvB,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,8CAAA;AAAA,MACR,aAAA,EAAe,UAAA;AAAA,MACf,cAAA,EAAgB,qBAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,IAAA,EAAM,gBAAgB,IAAA;AAAK;AACxD,KACF;AAAA,IACA;AAAA,MACE,IAAA,EAAM,eAAA;AAAA,MACN,KAAA,EAAO,eAAA;AAAA,MACP,IAAA,EAAM,YAAA;AAAA,MACN,OAAA,EAAS,QAAA;AAAA,MACT,IAAA,EAAM,QAAA;AAAA,MACN,SAAA,EAAW,CAAC,WAAW,CAAA;AAAA,MACvB,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,yCAAA;AAAA,MACR,aAAA,EAAe,iBAAA;AAAA,MACf,WAAA,EAAa,uFAAA;AAAA,MACb,cAAA,EAAgB,gBAAA;AAAA,MAChB,YAAA,EAAc;AAAA,KAChB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAOA;AAAA,MACE,IAAA,EAAM,oBAAA;AAAA,MACN,KAAA,EAAO,oBAAA;AAAA,MACP,IAAA,EAAM,OAAA;AAAA,MACN,OAAA,EAAS,QAAA;AAAA,MACT,IAAA,EAAM,QAAA;AAAA,MACN,SAAA,EAAW,CAAC,WAAW,CAAA;AAAA,MACvB,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,8CAAA;AAAA,MACR,aAAA,EAAe,UAAA;AAAA,MACf,SAAA,EAAW,EAAE,IAAA,EAAM,OAAA,EAAQ;AAAA,MAC3B,OAAA,EAAS,wBAAA;AAAA,MACT,WAAA,EAAa,8HAAA;AAAA,MACb,cAAA,EAAgB,uBAAA;AAAA,MAChB,YAAA,EAAc;AAAA;AAChB,GACF;AAAA,EAEA,SAAA,EAAW;AAAA,IACT,IAAA,EAAM;AAAA,MACJ,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,MAAA;AAAA,MACN,KAAA,EAAO,gBAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,YAAA,EAAa;AAAA,MACjD,OAAA,EAAS,CAAC,iBAAA,EAAmB,MAAA,EAAQ,YAAY,CAAA;AAAA,MACjD,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,WAAW,QAAA,EAAU,QAAA,EAAU,KAAA,EAAO,mBAAA,EAAqB,CAAA;AAAA,MAC7E,MAAM,CAAC,EAAE,OAAO,YAAA,EAAc,KAAA,EAAO,QAAQ,CAAA;AAAA,MAC7C,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA,EAAG;AAAA,MAC3B,UAAA,EAAY;AAAA,QACV,KAAA,EAAO,sBAAA;AAAA,QACP,OAAA,EAAS;AAAA;AACX;AACF,GACF;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,EAAA,EAAIC,WAAM,IAAA,CAAK;AAAA,MACb,KAAA,EAAO,WAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,eAAA,EAAiBA,UAAAA,CAAM,MAAA,CAAO,kBAAA,EAAoB;AAAA,MAChD,KAAA,EAAO,cAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,OAAA,EAASA,UAAAA,CAAM,MAAA,CAAO,UAAA,EAAY;AAAA,MAChC,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,IAAA,EAAMA,WAAM,MAAA,CAAO;AAAA,MACjB,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,qCAAA;AAAA,MACb,OAAA,EAAS;AAAA,QACP,EAAE,KAAA,EAAO,OAAA,EAAS,KAAA,EAAO,OAAA,EAAQ;AAAA,QACjC,EAAE,KAAA,EAAO,OAAA,EAAS,KAAA,EAAO,OAAA,EAAQ;AAAA,QACjC,EAAE,KAAA,EAAO,QAAA,EAAU,KAAA,EAAO,QAAA;AAAS,OACrC;AAAA,MACA,YAAA,EAAc;AAAA,KACf;AAAA,GACH;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,EAAE,MAAA,EAAQ,CAAC,mBAAmB,SAAS,CAAA,EAAG,QAAQ,IAAA,EAAK;AAAA,IACvD,EAAE,MAAA,EAAQ,CAAC,SAAS,CAAA;AAAE,GACxB;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,YAAA,EAAc,IAAA;AAAA,IACd,UAAA,EAAY,KAAA;AAAA,IACZ,UAAA,EAAY,IAAA;AAAA,IACZ,YAAY,CAAC,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,UAAU,QAAQ,CAAA;AAAA,IACxD,KAAA,EAAO,KAAA;AAAA,IACP,GAAA,EAAK;AAAA;AAET,CAAC;ACrKM,IAAM,aAAA,GAAgBD,kBAAa,MAAA,CAAO;AAAA,EAC/C,IAAA,EAAM,gBAAA;AAAA,EACN,KAAA,EAAO,YAAA;AAAA,EACP,WAAA,EAAa,aAAA;AAAA,EACb,IAAA,EAAM,MAAA;AAAA,EACN,QAAA,EAAU,IAAA;AAAA,EACV,SAAA,EAAW,aAAA;AAAA;AAAA;AAAA;AAAA,EAIX,UAAA,EAAY;AAAA,IACV,IAAA,EAAM,MAAA;AAAA,IACN,MAAA,EAAQ,4DAAA;AAAA,IACR,OAAA,EAAS;AAAA,GACX;AAAA,EACA,WAAA,EAAa,8CAAA;AAAA,EACb,WAAA,EAAa,iCAAA;AAAA,EACb,aAAA,EAAe,CAAC,OAAA,EAAS,iBAAA,EAAmB,QAAQ,CAAA;AAAA;AAAA;AAAA;AAAA,EAKpD,OAAA,EAAS;AAAA,IACP;AAAA,MACE,IAAA,EAAM,aAAA;AAAA,MACN,KAAA,EAAO,aAAA;AAAA,MACP,IAAA,EAAM,WAAA;AAAA,MACN,OAAA,EAAS,SAAA;AAAA,MACT,SAAA,EAAW,CAAC,cAAc,CAAA;AAAA,MAC1B,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,yCAAA;AAAA,MACR,cAAA,EAAgB,iBAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,KAAA,EAAO,OAAA,EAAS,QAAA,EAAU,IAAA,EAAK;AAAA,QACjC,EAAE,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,IAAA;AAAK;AAClC,KACF;AAAA,IACA;AAAA,MACE,IAAA,EAAM,mBAAA;AAAA,MACN,KAAA,EAAO,mBAAA;AAAA,MACP,IAAA,EAAM,UAAA;AAAA,MACN,OAAA,EAAS,QAAA;AAAA,MACT,IAAA,EAAM,QAAA;AAAA,MACN,SAAA,EAAW,CAAC,WAAW,CAAA;AAAA,MACvB,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,6CAAA;AAAA,MACR,aAAA,EAAe,cAAA;AAAA,MACf,WAAA,EAAa,4EAAA;AAAA,MACb,cAAA,EAAgB,qBAAA;AAAA,MAChB,YAAA,EAAc;AAAA,KAChB;AAAA,IACA;AAAA,MACE,IAAA,EAAM,mBAAA;AAAA,MACN,KAAA,EAAO,mBAAA;AAAA,MACP,IAAA,EAAM,MAAA;AAAA,MACN,OAAA,EAAS,WAAA;AAAA,MACT,SAAA,EAAW,CAAC,WAAW,CAAA;AAAA,MACvB,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,yCAAA;AAAA,MACR,SAAA,EAAW,EAAE,MAAA,EAAQ,IAAA,EAAK;AAAA,MAC1B,cAAA,EAAgB,mBAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,KAAA,EAAO,OAAA,EAAS,QAAA,EAAU,IAAA,EAAM,gBAAgB,IAAA,EAAK;AAAA,QACvD,EAAE,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,IAAA,EAAM,gBAAgB,IAAA;AAAK;AACxD,KACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IASA;AAAA,MACE,IAAA,EAAM,mBAAA;AAAA,MACN,KAAA,EAAO,mBAAA;AAAA,MACP,IAAA,EAAM,OAAA;AAAA,MACN,OAAA,EAAS,SAAA;AAAA,MACT,SAAA,EAAW,CAAC,WAAA,EAAa,eAAe,CAAA;AAAA,MACxC,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,6CAAA;AAAA,MACR,aAAA,EAAe,cAAA;AAAA,MACf,OAAA,EAAS,8DAAA;AAAA,MACT,cAAA,EAAgB,qBAAA;AAAA,MAChB,YAAA,EAAc;AAAA,KAChB;AAAA,IACA;AAAA,MACE,IAAA,EAAM,mBAAA;AAAA,MACN,KAAA,EAAO,oBAAA;AAAA,MACP,IAAA,EAAM,GAAA;AAAA,MACN,OAAA,EAAS,OAAA;AAAA,MACT,SAAA,EAAW,CAAC,WAAA,EAAa,eAAe,CAAA;AAAA,MACxC,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,6CAAA;AAAA,MACR,aAAA,EAAe,cAAA;AAAA,MACf,OAAA,EAAS,8DAAA;AAAA,MACT,WAAA,EAAa,mGAAA;AAAA,MACb,cAAA,EAAgB,qBAAA;AAAA,MAChB,YAAA,EAAc;AAAA;AAChB,GACF;AAAA,EAEA,SAAA,EAAW;AAAA,IACT,OAAA,EAAS;AAAA,MACP,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,SAAA;AAAA,MACN,KAAA,EAAO,SAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,gBAAA,EAAiB;AAAA,MACrD,SAAS,CAAC,OAAA,EAAS,MAAA,EAAQ,iBAAA,EAAmB,cAAc,YAAY,CAAA;AAAA,MACxE,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,UAAU,QAAA,EAAU,QAAA,EAAU,KAAA,EAAO,SAAA,EAAW,CAAA;AAAA,MAClE,MAAM,CAAC,EAAE,OAAO,YAAA,EAAc,KAAA,EAAO,OAAO,CAAA;AAAA,MAC5C,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG,KAC7B;AAAA,IACA,QAAA,EAAU;AAAA,MACR,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,UAAA;AAAA,MACN,KAAA,EAAO,UAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,gBAAA,EAAiB;AAAA,MACrD,SAAS,CAAC,OAAA,EAAS,MAAA,EAAQ,iBAAA,EAAmB,cAAc,YAAY,CAAA;AAAA,MACxE,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,UAAU,QAAA,EAAU,QAAA,EAAU,KAAA,EAAO,UAAA,EAAY,CAAA;AAAA,MACnE,MAAM,CAAC,EAAE,OAAO,YAAA,EAAc,KAAA,EAAO,QAAQ,CAAA;AAAA,MAC7C,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG,KAC7B;AAAA,IACA,OAAA,EAAS;AAAA,MACP,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,SAAA;AAAA,MACN,KAAA,EAAO,oBAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,gBAAA,EAAiB;AAAA,MACrD,OAAA,EAAS,CAAC,OAAA,EAAS,QAAA,EAAU,mBAAmB,YAAY,CAAA;AAAA,MAC5D,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,QAAA,EAAU,QAAA,EAAU,IAAA,EAAM,KAAA,EAAO,CAAC,SAAA,EAAW,UAAA,EAAY,UAAU,GAAG,CAAA;AAAA,MACxF,MAAM,CAAC,EAAE,OAAO,YAAA,EAAc,KAAA,EAAO,QAAQ,CAAA;AAAA,MAC7C,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG,KAC7B;AAAA,IACA,eAAA,EAAiB;AAAA,MACf,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,iBAAA;AAAA,MACN,KAAA,EAAO,KAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,gBAAA,EAAiB;AAAA,MACrD,SAAS,CAAC,OAAA,EAAS,UAAU,MAAA,EAAQ,iBAAA,EAAmB,cAAc,YAAY,CAAA;AAAA,MAClF,MAAM,CAAC,EAAE,OAAO,YAAA,EAAc,KAAA,EAAO,QAAQ,CAAA;AAAA,MAC7C,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG;AAC7B,GACF;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,EAAA,EAAIC,WAAM,IAAA,CAAK;AAAA,MACb,KAAA,EAAO,eAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,eAAA,EAAiBA,UAAAA,CAAM,MAAA,CAAO,kBAAA,EAAoB;AAAA,MAChD,KAAA,EAAO,cAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,KAAA,EAAOA,WAAM,KAAA,CAAM;AAAA,MACjB,KAAA,EAAO,OAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,IAAA,EAAMA,WAAM,MAAA,CAAO;AAAA,MACjB,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,gCAAA;AAAA,MACb,OAAA,EAAS;AAAA,QACP,EAAE,KAAA,EAAO,OAAA,EAAS,KAAA,EAAO,OAAA,EAAQ;AAAA,QACjC,EAAE,KAAA,EAAO,OAAA,EAAS,KAAA,EAAO,OAAA,EAAQ;AAAA,QACjC,EAAE,KAAA,EAAO,QAAA,EAAU,KAAA,EAAO,QAAA;AAAS,OACrC;AAAA,MACA,YAAA,EAAc;AAAA,KACf,CAAA;AAAA,IAED,MAAA,EAAQA,WAAM,MAAA,CAAO,CAAC,WAAW,UAAA,EAAY,UAAA,EAAY,SAAA,EAAW,UAAU,CAAA,EAAG;AAAA,MAC/E,KAAA,EAAO,QAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,YAAA,EAAc;AAAA,KACf,CAAA;AAAA,IAED,UAAA,EAAYA,UAAAA,CAAM,MAAA,CAAO,UAAA,EAAY;AAAA,MACnC,KAAA,EAAO,SAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,OAAA,EAASA,UAAAA,CAAM,MAAA,CAAO,UAAA,EAAY;AAAA,MAChC,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd;AAAA,GACH;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,EAAE,MAAA,EAAQ,CAAC,iBAAiB,CAAA,EAAE;AAAA,IAC9B,EAAE,MAAA,EAAQ,CAAC,OAAO,CAAA,EAAE;AAAA,IACpB,EAAE,MAAA,EAAQ,CAAC,YAAY,CAAA;AAAE,GAC3B;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,YAAA,EAAc,IAAA;AAAA,IACd,UAAA,EAAY,KAAA;AAAA,IACZ,UAAA,EAAY,IAAA;AAAA,IACZ,YAAY,CAAC,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,UAAU,QAAQ,CAAA;AAAA,IACxD,KAAA,EAAO,KAAA;AAAA,IACP,GAAA,EAAK;AAAA;AAET,CAAC;AC7NM,IAAM,OAAA,GAAUD,kBAAa,MAAA,CAAO;AAAA,EACzC,IAAA,EAAM,UAAA;AAAA,EACN,KAAA,EAAO,MAAA;AAAA,EACP,WAAA,EAAa,OAAA;AAAA,EACb,IAAA,EAAM,OAAA;AAAA,EACN,QAAA,EAAU,IAAA;AAAA,EACV,SAAA,EAAW,aAAA;AAAA;AAAA;AAAA;AAAA,EAIX,UAAA,EAAY;AAAA,IACV,IAAA,EAAM,MAAA;AAAA,IACN,MAAA,EAAQ,4DAAA;AAAA,IACR,OAAA,EAAS;AAAA,GACX;AAAA,EACA,WAAA,EAAa,sDAAA;AAAA,EACb,gBAAA,EAAkB,MAAA;AAAA,EAClB,WAAA,EAAa,QAAA;AAAA,EACb,aAAA,EAAe,CAAC,MAAA,EAAQ,iBAAiB,CAAA;AAAA;AAAA;AAAA;AAAA,EAKzC,OAAA,EAAS;AAAA,IACP;AAAA;AAAA;AAAA,MAGE,IAAA,EAAM,aAAA;AAAA,MACN,KAAA,EAAO,aAAA;AAAA,MACP,IAAA,EAAM,MAAA;AAAA,MACN,OAAA,EAAS,SAAA;AAAA,MACT,SAAA,EAAW,CAAC,cAAc,CAAA;AAAA,MAC1B,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,uCAAA;AAAA,MACR,cAAA,EAAgB,cAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,IAAA,EAAK;AAAA,QAChC,EAAE,IAAA,EAAM,gBAAA,EAAkB,KAAA,EAAO,iBAAA;AAAkB;AACrD,KACF;AAAA,IACA;AAAA;AAAA;AAAA;AAAA,MAIE,IAAA,EAAM,aAAA;AAAA,MACN,KAAA,EAAO,WAAA;AAAA,MACP,IAAA,EAAM,QAAA;AAAA,MACN,IAAA,EAAM,MAAA;AAAA,MACN,SAAA,EAAW,CAAC,WAAW,CAAA;AAAA,MACvB,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,uCAAA;AAAA,MACR,aAAA,EAAe,QAAA;AAAA,MACf,SAAA,EAAW,EAAE,IAAA,EAAM,MAAA,EAAO;AAAA,MAC1B,cAAA,EAAgB,cAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,IAAA,EAAM,gBAAgB,IAAA;AAAK;AACxD,KACF;AAAA,IACA;AAAA;AAAA;AAAA,MAGE,IAAA,EAAM,aAAA;AAAA,MACN,KAAA,EAAO,aAAA;AAAA,MACP,IAAA,EAAM,SAAA;AAAA,MACN,OAAA,EAAS,QAAA;AAAA,MACT,IAAA,EAAM,QAAA;AAAA,MACN,SAAA,EAAW,CAAC,WAAW,CAAA;AAAA,MACvB,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,uCAAA;AAAA,MACR,aAAA,EAAe,QAAA;AAAA,MACf,WAAA,EAAa,oFAAA;AAAA,MACb,cAAA,EAAgB,cAAA;AAAA,MAChB,YAAA,EAAc;AAAA;AAChB,GACF;AAAA,EAEA,SAAA,EAAW;AAAA,IACT,MAAA,EAAQ;AAAA,MACN,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,QAAA;AAAA,MACN,KAAA,EAAO,iBAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,UAAA,EAAW;AAAA,MAC/C,OAAA,EAAS,CAAC,iBAAA,EAAmB,MAAA,EAAQ,cAAc,YAAY,CAAA;AAAA,MAC/D,IAAA,EAAM,CAAC,EAAE,KAAA,EAAO,iBAAA,EAAmB,KAAA,EAAO,KAAA,EAAM,EAAG,EAAE,KAAA,EAAO,MAAA,EAAQ,KAAA,EAAO,OAAO,CAAA;AAAA,MAClF,QAAA,EAAU,EAAE,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,iBAAA,EAAmB,KAAA,EAAO,KAAA,EAAO,SAAA,EAAW,KAAA,EAAO,CAAA,EAAE;AAAA,MACnF,UAAA,EAAY,EAAE,QAAA,EAAU,GAAA;AAAI,KAC9B;AAAA,IACA,SAAA,EAAW;AAAA,MACT,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,WAAA;AAAA,MACN,KAAA,EAAO,KAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,UAAA,EAAW;AAAA,MAC/C,OAAA,EAAS,CAAC,MAAA,EAAQ,iBAAA,EAAmB,cAAc,YAAY,CAAA;AAAA,MAC/D,MAAM,CAAC,EAAE,OAAO,MAAA,EAAQ,KAAA,EAAO,OAAO,CAAA;AAAA,MACtC,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG;AAC7B,GACF;AAAA,EAEA,MAAA,EAAQ;AAAA;AAAA,IAEN,IAAA,EAAMC,WAAM,IAAA,CAAK;AAAA,MACf,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,UAAA,EAAY,IAAA;AAAA,MACZ,SAAA,EAAW,GAAA;AAAA,MACX,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,eAAA,EAAiBA,UAAAA,CAAM,MAAA,CAAO,kBAAA,EAAoB;AAAA,MAChD,KAAA,EAAO,cAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa,mCAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA;AAAA,IAGD,EAAA,EAAIA,WAAM,IAAA,CAAK;AAAA,MACb,KAAA,EAAO,SAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR;AAAA,GACH;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,EAAE,MAAA,EAAQ,CAAC,iBAAiB,CAAA,EAAE;AAAA,IAC9B,EAAE,MAAA,EAAQ,CAAC,QAAQ,iBAAiB,CAAA,EAAG,QAAQ,IAAA;AAAK,GACtD;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,YAAA,EAAc,IAAA;AAAA,IACd,UAAA,EAAY,IAAA;AAAA,IACZ,UAAA,EAAY,IAAA;AAAA,IACZ,YAAY,CAAC,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,UAAU,QAAQ,CAAA;AAAA,IACxD,KAAA,EAAO,IAAA;AAAA,IACP,GAAA,EAAK;AAAA;AAET,CAAC;ACzJM,IAAM,aAAA,GAAgBD,kBAAa,MAAA,CAAO;AAAA,EAC/C,IAAA,EAAM,iBAAA;AAAA,EACN,KAAA,EAAO,aAAA;AAAA,EACP,WAAA,EAAa,cAAA;AAAA,EACb,IAAA,EAAM,WAAA;AAAA,EACN,QAAA,EAAU,IAAA;AAAA,EACV,SAAA,EAAW,aAAA;AAAA;AAAA;AAAA;AAAA,EAIX,UAAA,EAAY;AAAA,IACV,IAAA,EAAM,MAAA;AAAA,IACN,MAAA,EAAQ,4DAAA;AAAA,IACR,OAAA,EAAS;AAAA,GACX;AAAA,EACA,WAAA,EAAa,gDAAA;AAAA,EACb,WAAA,EAAa,wBAAA;AAAA,EACb,aAAA,EAAe,CAAC,SAAA,EAAW,SAAA,EAAW,YAAY,CAAA;AAAA;AAAA;AAAA;AAAA,EAKlD,OAAA,EAAS;AAAA,IACP;AAAA;AAAA,MAEE,IAAA,EAAM,iBAAA;AAAA,MACN,KAAA,EAAO,YAAA;AAAA,MACP,IAAA,EAAM,WAAA;AAAA,MACN,OAAA,EAAS,SAAA;AAAA,MACT,SAAA,EAAW,CAAC,cAAc,CAAA;AAAA,MAC1B,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,2CAAA;AAAA,MACR,cAAA,EAAgB,mBAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,IAAA,EAAM,QAAA,EAAU,KAAA,EAAO,SAAA,EAAW,UAAU,IAAA,EAAK;AAAA,QACnD,EAAE,IAAA,EAAM,QAAA,EAAU,KAAA,EAAO,SAAA,EAAW,UAAU,IAAA;AAAK;AACrD,KACF;AAAA,IACA;AAAA;AAAA;AAAA;AAAA;AAAA,MAKE,IAAA,EAAM,oBAAA;AAAA,MACN,KAAA,EAAO,kBAAA;AAAA,MACP,IAAA,EAAM,YAAA;AAAA,MACN,OAAA,EAAS,QAAA;AAAA,MACT,IAAA,EAAM,QAAA;AAAA,MACN,SAAA,EAAW,CAAC,WAAW,CAAA;AAAA,MACvB,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,8CAAA;AAAA,MACR,WAAA,EAAa,wEAAA;AAAA,MACb,cAAA,EAAgB,qBAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,MAAM,QAAA,EAAU,KAAA,EAAO,WAAW,QAAA,EAAU,IAAA,EAAM,gBAAgB,IAAA,EAAK;AAAA,QACzE,EAAE,MAAM,QAAA,EAAU,KAAA,EAAO,WAAW,QAAA,EAAU,IAAA,EAAM,gBAAgB,IAAA;AAAK;AAC3E;AACF,GACF;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,EAAA,EAAIC,WAAM,IAAA,CAAK;AAAA,MACb,KAAA,EAAO,gBAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,OAAA,EAASA,UAAAA,CAAM,MAAA,CAAO,UAAA,EAAY;AAAA,MAChC,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,OAAA,EAASA,UAAAA,CAAM,MAAA,CAAO,UAAA,EAAY;AAAA,MAChC,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACX;AAAA,GACH;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,EAAE,MAAA,EAAQ,CAAC,WAAW,SAAS,CAAA,EAAG,QAAQ,IAAA,EAAK;AAAA,IAC/C,EAAE,MAAA,EAAQ,CAAC,SAAS,CAAA;AAAE,GACxB;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,YAAA,EAAc,IAAA;AAAA,IACd,UAAA,EAAY,KAAA;AAAA,IACZ,UAAA,EAAY,IAAA;AAAA,IACZ,UAAA,EAAY,CAAC,KAAA,EAAO,MAAA,EAAQ,UAAU,QAAQ,CAAA;AAAA,IAC9C,KAAA,EAAO,KAAA;AAAA,IACP,GAAA,EAAK;AAAA;AAET,CAAC;ACzFM,IAAM,aAAA,GAAgBD,kBAAa,MAAA,CAAO;AAAA,EAC/C,IAAA,EAAM,gBAAA;AAAA,EACN,KAAA,EAAO,YAAA;AAAA,EACP,WAAA,EAAa,aAAA;AAAA,EACb,IAAA,EAAM,UAAA;AAAA,EACN,QAAA,EAAU,IAAA;AAAA,EACV,SAAA,EAAW,UAAA;AAAA,EACX,WAAA,EAAa,kFAAA;AAAA,EACb,gBAAA,EAAkB,MAAA;AAAA,EAClB,WAAA,EAAa,QAAA;AAAA,EACb,aAAA,EAAe,CAAC,MAAA,EAAQ,MAAA,EAAQ,wBAAwB,iBAAiB,CAAA;AAAA,EAEzE,SAAA,EAAW;AAAA,IACT,MAAA,EAAQ;AAAA,MACN,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,QAAA;AAAA,MACN,KAAA,EAAO,QAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,gBAAA,EAAiB;AAAA,MACrD,SAAS,CAAC,MAAA,EAAQ,QAAQ,MAAA,EAAQ,sBAAA,EAAwB,mBAAmB,gBAAgB,CAAA;AAAA,MAC7F,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,UAAU,QAAA,EAAU,QAAA,EAAU,KAAA,EAAO,IAAA,EAAM,CAAA;AAAA,MAC7D,MAAM,CAAC,EAAE,OAAO,MAAA,EAAQ,KAAA,EAAO,OAAO,CAAA;AAAA,MACtC,UAAA,EAAY,EAAE,QAAA,EAAU,GAAA;AAAI,KAC9B;AAAA,IACA,QAAA,EAAU;AAAA,MACR,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,UAAA;AAAA,MACN,KAAA,EAAO,UAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,gBAAA,EAAiB;AAAA,MACrD,OAAA,EAAS,CAAC,MAAA,EAAQ,MAAA,EAAQ,QAAQ,cAAc,CAAA;AAAA,MAChD,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,UAAU,QAAA,EAAU,QAAA,EAAU,KAAA,EAAO,KAAA,EAAO,CAAA;AAAA,MAC9D,MAAM,CAAC,EAAE,OAAO,cAAA,EAAgB,KAAA,EAAO,QAAQ,CAAA;AAAA,MAC/C,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG,KAC7B;AAAA,IACA,OAAA,EAAS;AAAA,MACP,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,SAAA;AAAA,MACN,KAAA,EAAO,SAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,gBAAA,EAAiB;AAAA,MACrD,SAAS,CAAC,MAAA,EAAQ,QAAQ,MAAA,EAAQ,sBAAA,EAAwB,mBAAmB,QAAQ,CAAA;AAAA,MACrF,IAAA,EAAM,CAAC,EAAE,KAAA,EAAO,MAAA,EAAQ,KAAA,EAAO,KAAA,EAAM,EAAG,EAAE,KAAA,EAAO,MAAA,EAAQ,KAAA,EAAO,OAAO,CAAA;AAAA,MACvE,QAAA,EAAU,EAAE,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,MAAA,EAAQ,KAAA,EAAO,KAAA,EAAO,SAAA,EAAW,KAAA,EAAO,CAAA,EAAE;AAAA,MACxE,UAAA,EAAY,EAAE,QAAA,EAAU,GAAA;AAAI,KAC9B;AAAA,IACA,eAAA,EAAiB;AAAA,MACf,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,iBAAA;AAAA,MACN,KAAA,EAAO,KAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,gBAAA,EAAiB;AAAA,MACrD,SAAS,CAAC,MAAA,EAAQ,QAAQ,MAAA,EAAQ,sBAAA,EAAwB,mBAAmB,QAAQ,CAAA;AAAA,MACrF,MAAM,CAAC,EAAE,OAAO,MAAA,EAAQ,KAAA,EAAO,OAAO,CAAA;AAAA,MACtC,UAAA,EAAY,EAAE,QAAA,EAAU,GAAA;AAAI;AAC9B,GACF;AAAA,EAEA,MAAA,EAAQ;AAAA;AAAA,IAEN,IAAA,EAAMC,WAAM,IAAA,CAAK;AAAA,MACf,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,UAAA,EAAY,IAAA;AAAA,MACZ,SAAA,EAAW,GAAA;AAAA,MACX,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,IAAA,EAAMA,WAAM,IAAA,CAAK;AAAA,MACf,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,UAAA,EAAY,IAAA;AAAA,MACZ,SAAA,EAAW,EAAA;AAAA,MACX,WAAA,EAAa,4DAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,MAAMA,UAAAA,CAAM,MAAA;AAAA,MACV,CAAC,SAAA,EAAW,UAAA,EAAY,YAAA,EAAc,MAAA,EAAQ,UAAU,aAAa,CAAA;AAAA,MACrE;AAAA,QACE,KAAA,EAAO,MAAA;AAAA,QACP,QAAA,EAAU,IAAA;AAAA,QACV,YAAA,EAAc,YAAA;AAAA,QACd,WAAA,EAAa,6DAAA;AAAA,QACb,KAAA,EAAO;AAAA;AACT,KACF;AAAA;AAAA,IAGA,oBAAA,EAAsBA,UAAAA,CAAM,MAAA,CAAO,gBAAA,EAAkB;AAAA,MACnD,KAAA,EAAO,mBAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,yDAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,eAAA,EAAiBA,UAAAA,CAAM,MAAA,CAAO,kBAAA,EAAoB;AAAA,MAChD,KAAA,EAAO,cAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa,eAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA;AAAA,IAGD,eAAA,EAAiBA,UAAAA,CAAM,MAAA,CAAO,UAAA,EAAY;AAAA,MACxC,KAAA,EAAO,iBAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,8DAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA;AAAA,IAGD,MAAA,EAAQA,WAAM,OAAA,CAAQ;AAAA,MACpB,KAAA,EAAO,QAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,YAAA,EAAc,IAAA;AAAA,MACd,WAAA,EAAa,wDAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,cAAA,EAAgBA,WAAM,QAAA,CAAS;AAAA,MAC7B,KAAA,EAAO,gBAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,uDAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,YAAA,EAAcA,WAAM,QAAA,CAAS;AAAA,MAC3B,KAAA,EAAO,cAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,+CAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,YAAA,EAAcA,WAAM,IAAA,CAAK;AAAA,MACvB,KAAA,EAAO,oBAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,SAAA,EAAW,GAAA;AAAA,MACX,WAAA,EAAa,wDAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA;AAAA,IAGD,EAAA,EAAIA,WAAM,IAAA,CAAK;AAAA,MACb,KAAA,EAAO,eAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR;AAAA,GACH;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,EAAE,MAAA,EAAQ,CAAC,iBAAiB,CAAA,EAAE;AAAA,IAC9B,EAAE,MAAA,EAAQ,CAAC,sBAAsB,CAAA,EAAE;AAAA,IACnC,EAAE,MAAA,EAAQ,CAAC,QAAQ,iBAAiB,CAAA,EAAG,QAAQ,IAAA,EAAK;AAAA,IACpD,EAAE,MAAA,EAAQ,CAAC,QAAQ,CAAA;AAAE,GACvB;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,YAAA,EAAc,IAAA;AAAA,IACd,UAAA,EAAY,IAAA;AAAA,IACZ,UAAA,EAAY,IAAA;AAAA,IACZ,YAAY,CAAC,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,UAAU,QAAQ,CAAA;AAAA,IACxD,KAAA,EAAO,IAAA;AAAA,IACP,GAAA,EAAK;AAAA;AAET,CAAC;ACtLM,IAAM,mBAAA,GAAsBD,kBAAa,MAAA,CAAO;AAAA,EACrD,IAAA,EAAM,uBAAA;AAAA,EACN,KAAA,EAAO,mBAAA;AAAA,EACP,WAAA,EAAa,oBAAA;AAAA,EACb,IAAA,EAAM,UAAA;AAAA,EACN,QAAA,EAAU,IAAA;AAAA,EACV,SAAA,EAAW,UAAA;AAAA,EACX,WAAA,EAAa,yEAAA;AAAA,EACb,WAAA,EAAa,8BAAA;AAAA,EACb,aAAA,EAAe,CAAC,SAAA,EAAW,eAAA,EAAiB,sBAAsB,YAAY,CAAA;AAAA,EAE9E,MAAA,EAAQ;AAAA,IACN,EAAA,EAAIC,WAAM,IAAA,CAAK;AAAA,MACb,KAAA,EAAO,WAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,aAAA,EAAeA,UAAAA,CAAM,MAAA,CAAO,gBAAA,EAAkB;AAAA,MAC5C,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,OAAA,EAASA,UAAAA,CAAM,MAAA,CAAO,UAAA,EAAY;AAAA,MAChC,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,oBAAoBA,UAAAA,CAAM,MAAA;AAAA,MACxB,CAAC,QAAA,EAAU,MAAA,EAAQ,QAAQ,CAAA;AAAA,MAC3B;AAAA,QACE,KAAA,EAAO,oBAAA;AAAA,QACP,QAAA,EAAU,KAAA;AAAA,QACV,YAAA,EAAc,QAAA;AAAA,QACd,WAAA,EAAa,wFAAA;AAAA,QACb,KAAA,EAAO;AAAA;AACT,KACF;AAAA,IAEA,UAAA,EAAYA,WAAM,OAAA,CAAQ;AAAA,MACxB,KAAA,EAAO,oBAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,YAAA,EAAc,IAAA;AAAA,MACd,WAAA,EAAa,uFAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,cAAA,EAAgBA,WAAM,QAAA,CAAS;AAAA,MAC7B,KAAA,EAAO,gBAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,YAAA,EAAcA,WAAM,QAAA,CAAS;AAAA,MAC3B,KAAA,EAAO,cAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR;AAAA,GACH;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,EAAE,MAAA,EAAQ,CAAC,iBAAiB,SAAS,CAAA,EAAG,QAAQ,IAAA,EAAK;AAAA,IACrD,EAAE,MAAA,EAAQ,CAAC,SAAS,CAAA,EAAE;AAAA,IACtB,EAAE,MAAA,EAAQ,CAAC,YAAY,CAAA;AAAE,GAC3B;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,YAAA,EAAc,IAAA;AAAA,IACd,UAAA,EAAY,IAAA;AAAA,IACZ,UAAA,EAAY,IAAA;AAAA,IACZ,YAAY,CAAC,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,UAAU,QAAQ,CAAA;AAAA,IACxD,KAAA,EAAO,IAAA;AAAA,IACP,GAAA,EAAK;AAAA;AAET,CAAC;AC5FM,IAAM,SAAA,GAAYD,kBAAa,MAAA,CAAO;AAAA,EAC3C,IAAA,EAAM,aAAA;AAAA,EACN,KAAA,EAAO,SAAA;AAAA,EACP,WAAA,EAAa,UAAA;AAAA,EACb,IAAA,EAAM,WAAA;AAAA,EACN,QAAA,EAAU,IAAA;AAAA,EACV,SAAA,EAAW,aAAA;AAAA;AAAA;AAAA;AAAA,EAIX,UAAA,EAAY;AAAA,IACV,IAAA,EAAM,MAAA;AAAA,IACN,MAAA,EAAQ,4DAAA;AAAA,IACR,OAAA,EAAS;AAAA,GACX;AAAA,EACA,WAAA,EAAa,kCAAA;AAAA,EACb,gBAAA,EAAkB,MAAA;AAAA,EAClB,WAAA,EAAa,QAAA;AAAA,EACb,eAAe,CAAC,MAAA,EAAQ,QAAA,EAAU,SAAA,EAAW,cAAc,SAAS,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAMpE,OAAA,EAAS;AAAA,IACP;AAAA,MACE,IAAA,EAAM,gBAAA;AAAA,MACN,KAAA,EAAO,gBAAA;AAAA,MACP,IAAA,EAAM,YAAA;AAAA,MACN,OAAA,EAAS,QAAA;AAAA,MACT,IAAA,EAAM,QAAA;AAAA,MACN,SAAA,EAAW,CAAC,WAAW,CAAA;AAAA,MACvB,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,OAAA;AAAA,MACR,MAAA,EAAQ,+BAAA;AAAA,MACR,SAAA,EAAW,EAAE,OAAA,EAAS,IAAA,EAAK;AAAA,MAC3B,WAAA,EAAa,yEAAA;AAAA,MACb,cAAA,EAAgB,iBAAA;AAAA,MAChB,YAAA,EAAc;AAAA,KAChB;AAAA,IACA;AAAA,MACE,IAAA,EAAM,iBAAA;AAAA,MACN,KAAA,EAAO,iBAAA;AAAA,MACP,IAAA,EAAM,cAAA;AAAA,MACN,OAAA,EAAS,WAAA;AAAA,MACT,IAAA,EAAM,QAAA;AAAA,MACN,SAAA,EAAW,CAAC,WAAW,CAAA;AAAA,MACvB,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,OAAA;AAAA,MACR,MAAA,EAAQ,+BAAA;AAAA,MACR,SAAA,EAAW,EAAE,OAAA,EAAS,KAAA,EAAM;AAAA,MAC5B,WAAA,EAAa,oFAAA;AAAA,MACb,cAAA,EAAgB,kBAAA;AAAA,MAChB,YAAA,EAAc;AAAA;AAChB,GACF;AAAA,EAEA,SAAA,EAAW;AAAA,IACT,IAAA,EAAM;AAAA,MACJ,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,MAAA;AAAA,MACN,KAAA,EAAO,SAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,aAAA,EAAc;AAAA,MAClD,SAAS,CAAC,MAAA,EAAQ,QAAA,EAAU,YAAA,EAAc,gBAAgB,SAAS,CAAA;AAAA,MACnE,MAAA,EAAQ;AAAA,QACN,EAAE,KAAA,EAAO,SAAA,EAAW,QAAA,EAAU,QAAA,EAAU,OAAO,mBAAA;AAAoB,OACrE;AAAA,MACA,MAAM,CAAC,EAAE,OAAO,YAAA,EAAc,KAAA,EAAO,QAAQ,CAAA;AAAA,MAC7C,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG,KAC7B;AAAA,IACA,MAAA,EAAQ;AAAA,MACN,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,QAAA;AAAA,MACN,KAAA,EAAO,QAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,aAAA,EAAc;AAAA,MAClD,SAAS,CAAC,MAAA,EAAQ,QAAA,EAAU,SAAA,EAAW,cAAc,cAAc,CAAA;AAAA,MACnE,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,WAAW,QAAA,EAAU,QAAA,EAAU,KAAA,EAAO,KAAA,EAAO,CAAA;AAAA,MAC/D,MAAM,CAAC,EAAE,OAAO,cAAA,EAAgB,KAAA,EAAO,QAAQ,CAAA;AAAA,MAC/C,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG,KAC7B;AAAA,IACA,OAAA,EAAS;AAAA,MACP,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,SAAA;AAAA,MACN,KAAA,EAAO,SAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,aAAA,EAAc;AAAA,MAClD,SAAS,CAAC,MAAA,EAAQ,QAAA,EAAU,SAAA,EAAW,cAAc,YAAY,CAAA;AAAA,MACjE,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,WAAW,QAAA,EAAU,QAAA,EAAU,KAAA,EAAO,IAAA,EAAM,CAAA;AAAA,MAC9D,MAAM,CAAC,EAAE,OAAO,YAAA,EAAc,KAAA,EAAO,QAAQ,CAAA;AAAA,MAC7C,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG,KAC7B;AAAA,IACA,QAAA,EAAU;AAAA,MACR,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,UAAA;AAAA,MACN,KAAA,EAAO,KAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,aAAA,EAAc;AAAA,MAClD,SAAS,CAAC,MAAA,EAAQ,UAAU,SAAA,EAAW,YAAA,EAAc,gBAAgB,SAAS,CAAA;AAAA,MAC9E,MAAM,CAAC,EAAE,OAAO,YAAA,EAAc,KAAA,EAAO,QAAQ,CAAA;AAAA,MAC7C,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG;AAC7B,GACF;AAAA,EAEA,MAAA,EAAQ;AAAA;AAAA,IAEN,IAAA,EAAMC,WAAM,IAAA,CAAK;AAAA,MACf,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,UAAA,EAAY,IAAA;AAAA,MACZ,SAAA,EAAW,GAAA;AAAA,MACX,WAAA,EAAa,sCAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,MAAA,EAAQA,WAAM,IAAA,CAAK;AAAA,MACjB,KAAA,EAAO,QAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,SAAA,EAAW,EAAA;AAAA,MACX,WAAA,EAAa,uDAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,OAAA,EAASA,UAAAA,CAAM,MAAA,CAAO,UAAA,EAAY;AAAA,MAChC,KAAA,EAAO,OAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa,4BAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA;AAAA,IAGD,MAAA,EAAQA,WAAM,QAAA,CAAS;AAAA,MACrB,KAAA,EAAO,QAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,iCAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA;AAAA,IAGD,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,YAAA,EAAcA,WAAM,QAAA,CAAS;AAAA,MAC3B,KAAA,EAAO,cAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa,wCAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,OAAA,EAASA,WAAM,OAAA,CAAQ;AAAA,MACrB,KAAA,EAAO,SAAA;AAAA,MACP,YAAA,EAAc,KAAA;AAAA,MACd,KAAA,EAAO;AAAA,KACR,CAAA;AAAA;AAAA,IAGD,GAAA,EAAKA,WAAM,IAAA,CAAK;AAAA,MACd,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,MAAA,EAAQ,IAAA;AAAA,MACR,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa,sDAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA;AAAA,IAGD,EAAA,EAAIA,WAAM,IAAA,CAAK;AAAA,MACb,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR;AAAA,GACH;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,EAAE,MAAA,EAAQ,CAAC,KAAK,CAAA,EAAG,QAAQ,IAAA,EAAK;AAAA,IAChC,EAAE,MAAA,EAAQ,CAAC,SAAS,CAAA,EAAE;AAAA,IACtB,EAAE,MAAA,EAAQ,CAAC,QAAQ,CAAA,EAAE;AAAA,IACrB,EAAE,MAAA,EAAQ,CAAC,SAAS,CAAA;AAAE,GACxB;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,YAAA,EAAc,IAAA;AAAA,IACd,UAAA,EAAY,KAAA;AAAA,IACZ,UAAA,EAAY,IAAA;AAAA,IACZ,YAAY,CAAC,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,UAAU,QAAQ,CAAA;AAAA,IACxD,KAAA,EAAO,KAAA;AAAA,IACP,GAAA,EAAK;AAAA;AAET,CAAC;AC/MM,IAAM,YAAA,GAAeD,kBAAa,MAAA,CAAO;AAAA,EAC9C,IAAA,EAAM,gBAAA;AAAA,EACN,KAAA,EAAO,YAAA;AAAA,EACP,WAAA,EAAa,wBAAA;AAAA,EACb,IAAA,EAAM,YAAA;AAAA,EACN,QAAA,EAAU,IAAA;AAAA,EACV,SAAA,EAAW,aAAA;AAAA;AAAA;AAAA;AAAA,EAIX,UAAA,EAAY;AAAA,IACV,IAAA,EAAM,MAAA;AAAA,IACN,MAAA,EAAQ,4DAAA;AAAA,IACR,OAAA,EAAS;AAAA,GACX;AAAA,EACA,WAAA,EAAa,uCAAA;AAAA,EACb,WAAA,EAAa,0BAAA;AAAA,EACb,aAAA,EAAe,CAAC,SAAA,EAAW,YAAY,CAAA;AAAA,EAEvC,SAAA,EAAW;AAAA,IACT,IAAA,EAAM;AAAA,MACJ,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,MAAA;AAAA,MACN,KAAA,EAAO,eAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,gBAAA,EAAiB;AAAA,MACrD,OAAA,EAAS,CAAC,YAAA,EAAc,YAAY,CAAA;AAAA,MACpC,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,WAAW,QAAA,EAAU,QAAA,EAAU,KAAA,EAAO,mBAAA,EAAqB,CAAA;AAAA,MAC7E,MAAM,CAAC,EAAE,OAAO,YAAA,EAAc,KAAA,EAAO,QAAQ,CAAA;AAAA,MAC7C,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG,KAC7B;AAAA,IACA,eAAA,EAAiB;AAAA,MACf,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,iBAAA;AAAA,MACN,KAAA,EAAO,KAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,gBAAA,EAAiB;AAAA,MACrD,OAAA,EAAS,CAAC,SAAA,EAAW,YAAA,EAAc,YAAY,CAAA;AAAA,MAC/C,MAAM,CAAC,EAAE,OAAO,YAAA,EAAc,KAAA,EAAO,QAAQ,CAAA;AAAA,MAC7C,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG;AAC7B,GACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,OAAA,EAAS;AAAA,IACP;AAAA,MACE,IAAA,EAAM,mBAAA;AAAA,MACN,KAAA,EAAO,YAAA;AAAA,MACP,IAAA,EAAM,cAAA;AAAA,MACN,OAAA,EAAS,SAAA;AAAA,MACT,SAAA,EAAW,CAAC,cAAc,CAAA;AAAA,MAC1B,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,gCAAA;AAAA,MACR,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,MAAM,UAAA,EAAY,KAAA,EAAO,oBAAoB,IAAA,EAAM,MAAA,EAAQ,UAAU,IAAA;AAAK,OAC9E;AAAA,MACA,YAAA,EAAc;AAAA,QACZ,KAAA,EAAO,mCAAA;AAAA,QACP,WAAA,EAAa,gIAAA;AAAA,QACb,WAAA,EAAa,8BAAA;AAAA,QACb,MAAA,EAAQ;AAAA,UACN,EAAE,IAAA,EAAM,SAAA,EAAW,KAAA,EAAO,mBAAA,EAAqB,QAAQ,QAAA,EAAS;AAAA,UAChE,EAAE,IAAA,EAAM,aAAA,EAAe,KAAA,EAAO,cAAA,EAAgB,QAAQ,WAAA;AAAY;AACpE;AACF,KACF;AAAA,IACA;AAAA,MACE,IAAA,EAAM,oBAAA;AAAA,MACN,KAAA,EAAO,aAAA;AAAA,MACP,IAAA,EAAM,YAAA;AAAA,MACN,OAAA,EAAS,QAAA;AAAA,MACT,SAAA,EAAW,CAAC,cAAc,CAAA;AAAA,MAC1B,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,iCAAA;AAAA,MACR,WAAA,EAAa,oDAAA;AAAA,MACb,cAAA,EAAgB,cAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,MAAM,UAAA,EAAY,KAAA,EAAO,oBAAoB,IAAA,EAAM,MAAA,EAAQ,UAAU,IAAA;AAAK;AAC9E,KACF;AAAA,IACA;AAAA,MACE,IAAA,EAAM,yBAAA;AAAA,MACN,KAAA,EAAO,yBAAA;AAAA,MACP,IAAA,EAAM,YAAA;AAAA,MACN,OAAA,EAAS,WAAA;AAAA,MACT,SAAA,EAAW,CAAC,cAAA,EAAgB,WAAW,CAAA;AAAA,MACvC,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,+CAAA;AAAA,MACR,WAAA,EAAa,mFAAA;AAAA,MACb,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,MAAM,UAAA,EAAY,KAAA,EAAO,oBAAoB,IAAA,EAAM,MAAA,EAAQ,UAAU,IAAA;AAAK,OAC9E;AAAA,MACA,YAAA,EAAc;AAAA,QACZ,KAAA,EAAO,4BAAA;AAAA,QACP,WAAA,EAAa,6GAAA;AAAA,QACb,WAAA,EAAa,4BAAA;AAAA,QACb,MAAA,EAAQ;AAAA,UACN,EAAE,IAAA,EAAM,aAAA,EAAe,KAAA,EAAO,cAAA,EAAgB,QAAQ,WAAA;AAAY;AACpE;AACF;AACF,GACF;AAAA,EAGA,MAAA,EAAQ;AAAA,IACN,EAAA,EAAIC,WAAM,IAAA,CAAK;AAAA,MACb,KAAA,EAAO,eAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,OAAA,EAASA,UAAAA,CAAM,MAAA,CAAO,UAAA,EAAY;AAAA,MAChC,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,MAAA,EAAQA,WAAM,IAAA,CAAK;AAAA,MACjB,KAAA,EAAO,QAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,YAAA,EAAcA,WAAM,QAAA,CAAS;AAAA,MAC3B,KAAA,EAAO,cAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,QAAA,EAAUA,WAAM,OAAA,CAAQ;AAAA,MACtB,KAAA,EAAO,UAAA;AAAA,MACP,YAAA,EAAc,IAAA;AAAA,MACd,WAAA,EAAa;AAAA,KACd;AAAA,GACH;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,EAAE,MAAA,EAAQ,CAAC,SAAS,CAAA,EAAG,QAAQ,IAAA;AAAK,GACtC;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,YAAA,EAAc,KAAA;AAAA,IACd,UAAA,EAAY,KAAA;AAAA,IACZ,UAAA,EAAY,IAAA;AAAA,IACZ,UAAA,EAAY,CAAC,KAAA,EAAO,QAAA,EAAU,UAAU,QAAQ,CAAA;AAAA,IAChD,KAAA,EAAO,KAAA;AAAA,IACP,GAAA,EAAK;AAAA;AAET,CAAC;AC5JM,IAAM,aAAA,GAAgBD,kBAAa,MAAA,CAAO;AAAA,EAC/C,IAAA,EAAM,iBAAA;AAAA,EACN,KAAA,EAAO,aAAA;AAAA,EACP,WAAA,EAAa,cAAA;AAAA,EACb,IAAA,EAAM,WAAA;AAAA,EACN,QAAA,EAAU,IAAA;AAAA,EACV,SAAA,EAAW,aAAA;AAAA;AAAA;AAAA;AAAA,EAIX,UAAA,EAAY;AAAA,IACV,IAAA,EAAM,MAAA;AAAA,IACN,MAAA,EAAQ,4DAAA;AAAA,IACR,OAAA,EAAS;AAAA,GACX;AAAA,EACA,WAAA,EAAa,kEAAA;AAAA,EACb,WAAA,EAAa,aAAA;AAAA,EACb,aAAA,EAAe,CAAC,WAAA,EAAa,QAAA,EAAU,aAAa,YAAY,CAAA;AAAA,EAEhE,MAAA,EAAQ;AAAA,IACN,EAAA,EAAIC,WAAM,IAAA,CAAK;AAAA,MACb,KAAA,EAAO,gBAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU;AAAA,KACX,CAAA;AAAA;AAAA,IAGD,WAAA,EAAaA,WAAM,IAAA,CAAK;AAAA,MACtB,KAAA,EAAO,aAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA;AAAA,IAGD,SAAA,EAAWA,WAAM,IAAA,CAAK;AAAA,MACpB,KAAA,EAAO,WAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA;AAAA,IAGD,OAAA,EAASA,UAAAA,CAAM,MAAA,CAAO,UAAA,EAAY;AAAA,MAChC,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA;AAAA,IAGD,MAAA,EAAQA,WAAM,IAAA,CAAK;AAAA,MACjB,KAAA,EAAO,QAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,cAAA,EAAgBA,WAAM,QAAA,CAAS;AAAA,MAC7B,KAAA,EAAO,gBAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,gBAAA,EAAkBA,WAAM,MAAA,CAAO;AAAA,MAC7B,KAAA,EAAO,uBAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,SAAA,EAAWA,WAAM,IAAA,CAAK;AAAA,MACpB,KAAA,EAAO,WAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,KAAA,EAAOA,WAAM,IAAA,CAAK;AAAA,MAChB,KAAA,EAAO,OAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd;AAAA,GACH;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,EAAE,MAAA,EAAQ,CAAC,aAAa,CAAA,EAAG,QAAQ,IAAA,EAAK;AAAA,IACxC,EAAE,MAAA,EAAQ,CAAC,WAAW,CAAA,EAAG,QAAQ,IAAA,EAAK;AAAA,IACtC,EAAE,MAAA,EAAQ,CAAC,QAAQ,CAAA,EAAG,QAAQ,KAAA;AAAM,GACtC;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,YAAA,EAAc,KAAA;AAAA,IACd,UAAA,EAAY,KAAA;AAAA,IACZ,UAAA,EAAY,IAAA;AAAA,IACZ,UAAA,EAAY,CAAC,KAAA,EAAO,QAAA,EAAU,UAAU,QAAQ,CAAA;AAAA,IAChD,KAAA,EAAO,KAAA;AAAA,IACP,GAAA,EAAK;AAAA;AAET,CAAC;AClHM,IAAM,iBAAA,GAAoBD,kBAAa,MAAA,CAAO;AAAA,EACnD,IAAA,EAAM,qBAAA;AAAA,EACN,KAAA,EAAO,iBAAA;AAAA,EACP,WAAA,EAAa,kBAAA;AAAA,EACb,IAAA,EAAM,UAAA;AAAA,EACN,QAAA,EAAU,IAAA;AAAA;AAAA;AAAA;AAAA,EAIV,SAAA,EAAW,QAAA;AAAA,EACX,WAAA,EAAa,sDAAA;AAAA,EACb,WAAA,EAAa,OAAA;AAAA,EACb,aAAA,EAAe,CAAC,SAAA,EAAW,KAAK,CAAA;AAAA,EAEhC,SAAA,EAAW;AAAA,IACT,IAAA,EAAM;AAAA,MACJ,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,MAAA;AAAA,MACN,KAAA,EAAO,gBAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,qBAAA,EAAsB;AAAA,MAC1D,OAAA,EAAS,CAAC,KAAA,EAAO,YAAY,CAAA;AAAA,MAC7B,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,WAAW,QAAA,EAAU,QAAA,EAAU,KAAA,EAAO,mBAAA,EAAqB,CAAA;AAAA,MAC7E,MAAM,CAAC,EAAE,OAAO,KAAA,EAAO,KAAA,EAAO,OAAO,CAAA;AAAA,MACrC,UAAA,EAAY,EAAE,QAAA,EAAU,GAAA;AAAI,KAC9B;AAAA,IACA,OAAA,EAAS;AAAA,MACP,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,SAAA;AAAA,MACN,KAAA,EAAO,SAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,qBAAA,EAAsB;AAAA,MAC1D,OAAA,EAAS,CAAC,SAAA,EAAW,KAAA,EAAO,YAAY,CAAA;AAAA,MACxC,IAAA,EAAM,CAAC,EAAE,KAAA,EAAO,SAAA,EAAW,KAAA,EAAO,KAAA,EAAM,EAAG,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAO,OAAO,CAAA;AAAA,MACzE,QAAA,EAAU,EAAE,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,SAAA,EAAW,KAAA,EAAO,KAAA,EAAO,SAAA,EAAW,IAAA,EAAM,CAAA,EAAE;AAAA,MAC1E,UAAA,EAAY,EAAE,QAAA,EAAU,GAAA;AAAI,KAC9B;AAAA,IACA,eAAA,EAAiB;AAAA,MACf,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,iBAAA;AAAA,MACN,KAAA,EAAO,KAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,qBAAA,EAAsB;AAAA,MAC1D,OAAA,EAAS,CAAC,SAAA,EAAW,KAAA,EAAO,cAAc,YAAY,CAAA;AAAA,MACtD,MAAM,CAAC,EAAE,OAAO,YAAA,EAAc,KAAA,EAAO,QAAQ,CAAA;AAAA,MAC7C,UAAA,EAAY,EAAE,QAAA,EAAU,GAAA;AAAI;AAC9B,GACF;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,EAAA,EAAIC,WAAM,IAAA,CAAK;AAAA,MACb,KAAA,EAAO,eAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,OAAA,EAASA,UAAAA,CAAM,MAAA,CAAO,UAAA,EAAY;AAAA,MAChC,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,GAAA,EAAKA,WAAM,IAAA,CAAK;AAAA,MACd,KAAA,EAAO,KAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,SAAA,EAAW,GAAA;AAAA,MACX,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,KAAA,EAAOA,WAAM,IAAA,CAAK;AAAA,MAChB,KAAA,EAAO,OAAA;AAAA,MACP,WAAA,EAAa;AAAA,KACd;AAAA,GACH;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,EAAE,MAAA,EAAQ,CAAC,WAAW,KAAK,CAAA,EAAG,QAAQ,IAAA,EAAK;AAAA,IAC3C,EAAE,MAAA,EAAQ,CAAC,SAAS,CAAA,EAAG,QAAQ,KAAA;AAAM,GACvC;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,YAAA,EAAc,KAAA;AAAA,IACd,UAAA,EAAY,KAAA;AAAA,IACZ,UAAA,EAAY,IAAA;AAAA,IACZ,YAAY,CAAC,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,UAAU,QAAQ,CAAA;AAAA,IACxD,KAAA,EAAO,KAAA;AAAA,IACP,GAAA,EAAK;AAAA;AAET,CAAC;AChGM,IAAM,mBAAA,GAAsBD,kBAAa,MAAA,CAAO;AAAA,EACrD,IAAA,EAAM,uBAAA;AAAA,EACN,KAAA,EAAO,mBAAA;AAAA,EACP,WAAA,EAAa,oBAAA;AAAA,EACb,IAAA,EAAM,WAAA;AAAA,EACN,QAAA,EAAU,IAAA;AAAA,EACV,SAAA,EAAW,aAAA;AAAA;AAAA;AAAA;AAAA,EAIX,UAAA,EAAY;AAAA,IACV,IAAA,EAAM,MAAA;AAAA,IACN,MAAA,EAAQ,4DAAA;AAAA,IACR,OAAA,EAAS;AAAA,GACX;AAAA,EACA,WAAA,EAAa,2CAAA;AAAA,EACb,gBAAA,EAAkB,MAAA;AAAA,EAClB,WAAA,EAAa,QAAA;AAAA,EACb,aAAA,EAAe,CAAC,MAAA,EAAQ,WAAA,EAAa,QAAQ,UAAU,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAkBvD,OAAA,EAAS;AAAA,IACP;AAAA,MACE,IAAA,EAAM,2BAAA;AAAA,MACN,KAAA,EAAO,2BAAA;AAAA,MACP,IAAA,EAAM,cAAA;AAAA,MACN,OAAA,EAAS,WAAA;AAAA,MACT,IAAA,EAAM,QAAA;AAAA,MACN,SAAA,EAAW,CAAC,WAAA,EAAa,eAAe,CAAA;AAAA,MACxC,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,MAAA;AAAA,MACR,MAAA,EAAQ,2CAAA;AAAA,MACR,WAAA,EAAa,gNAAA;AAAA,MACb,cAAA,EAAgB,4BAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,OAAA,EAAS,kBAAA;AAAA,MACT,SAAA,EAAW,EAAE,QAAA,EAAU,IAAA,EAAK;AAAA,MAC5B,MAAA,EAAQ;AAAA,QACN,EAAE,MAAM,WAAA,EAAa,KAAA,EAAO,aAAa,cAAA,EAAgB,IAAA,EAAM,UAAU,IAAA;AAAK;AAChF,KACF;AAAA,IACA;AAAA,MACE,IAAA,EAAM,0BAAA;AAAA,MACN,KAAA,EAAO,0BAAA;AAAA,MACP,IAAA,EAAM,aAAA;AAAA,MACN,OAAA,EAAS,SAAA;AAAA,MACT,IAAA,EAAM,QAAA;AAAA,MACN,SAAA,EAAW,CAAC,WAAA,EAAa,eAAe,CAAA;AAAA,MACxC,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,MAAA;AAAA,MACR,MAAA,EAAQ,2CAAA;AAAA,MACR,WAAA,EAAa,6GAAA;AAAA,MACb,cAAA,EAAgB,2BAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,OAAA,EAAS,iBAAA;AAAA,MACT,SAAA,EAAW,EAAE,QAAA,EAAU,KAAA,EAAM;AAAA,MAC7B,MAAA,EAAQ;AAAA,QACN,EAAE,MAAM,WAAA,EAAa,KAAA,EAAO,aAAa,cAAA,EAAgB,IAAA,EAAM,UAAU,IAAA;AAAK;AAChF,KACF;AAAA,IACA;AAAA,MACE,IAAA,EAAM,0BAAA;AAAA,MACN,KAAA,EAAO,4BAAA;AAAA,MACP,IAAA,EAAM,aAAA;AAAA,MACN,OAAA,EAAS,SAAA;AAAA,MACT,IAAA,EAAM,QAAA;AAAA,MACN,SAAA,EAAW,CAAC,cAAc,CAAA;AAAA,MAC1B,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,MAAA;AAAA,MACR,MAAA,EAAQ,6CAAA;AAAA,MACR,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,MAAM,MAAA,EAAQ,KAAA,EAAO,oBAAoB,IAAA,EAAM,MAAA,EAAQ,UAAU,IAAA,EAAK;AAAA,QACxE,EAAE,IAAA,EAAM,cAAA,EAAgB,KAAA,EAAO,eAAA,EAAiB,MAAM,UAAA,EAAY,QAAA,EAAU,IAAA,EAAM,QAAA,EAAU,oDAAA,EAAqD;AAAA,QACjJ,EAAE,IAAA,EAAM,MAAA,EAAQ,KAAA,EAAO,kBAAA,EAAoB,IAAA,EAAM,QAAA,EAAU,QAAA,EAAU,IAAA,EAAM,YAAA,EAAc,KAAA,EAAO,OAAA,EAAS;AAAA,UACvG,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAO,KAAA,EAAM;AAAA,UAC7B,EAAE,KAAA,EAAO,QAAA,EAAU,KAAA,EAAO,QAAA,EAAS;AAAA,UACnC,EAAE,KAAA,EAAO,kBAAA,EAAoB,KAAA,EAAO,kBAAA,EAAmB;AAAA,UACvD,EAAE,KAAA,EAAO,QAAA,EAAU,KAAA,EAAO,QAAA;AAAS,SACrC;AAAE,OACJ;AAAA,MACA,YAAA,EAAc;AAAA,QACZ,KAAA,EAAO,8BAAA;AAAA,QACP,WAAA,EAAa,uHAAA;AAAA,QACb,WAAA,EAAa,gCAAA;AAAA,QACb,MAAA,EAAQ;AAAA,UACN,EAAE,IAAA,EAAM,kBAAA,EAAoB,KAAA,EAAO,WAAA,EAAa,QAAQ,MAAA,EAAO;AAAA,UAC/D,EAAE,IAAA,EAAM,sBAAA,EAAwB,KAAA,EAAO,eAAA,EAAiB,QAAQ,QAAA;AAAS;AAC3E;AACF,KACF;AAAA,IACA;AAAA,MACE,IAAA,EAAM,sBAAA;AAAA,MACN,KAAA,EAAO,sBAAA;AAAA,MACP,IAAA,EAAM,YAAA;AAAA,MACN,OAAA,EAAS,WAAA;AAAA,MACT,IAAA,EAAM,QAAA;AAAA,MACN,SAAA,EAAW,CAAC,WAAA,EAAa,eAAe,CAAA;AAAA,MACxC,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,MAAA;AAAA,MACR,MAAA,EAAQ,0CAAA;AAAA,MACR,WAAA,EAAa,8MAAA;AAAA,MACb,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,MAAM,WAAA,EAAa,KAAA,EAAO,aAAa,cAAA,EAAgB,IAAA,EAAM,UAAU,IAAA;AAAK,OAChF;AAAA,MACA,YAAA,EAAc;AAAA,QACZ,KAAA,EAAO,uBAAA;AAAA,QACP,WAAA,EAAa,gIAAA;AAAA,QACb,WAAA,EAAa,gCAAA;AAAA,QACb,MAAA,EAAQ;AAAA,UACN,EAAE,IAAA,EAAM,eAAA,EAAiB,KAAA,EAAO,mBAAA,EAAqB,QAAQ,QAAA;AAAS;AACxE;AACF,KACF;AAAA,IACA;AAAA,MACE,IAAA,EAAM,0BAAA;AAAA,MACN,KAAA,EAAO,0BAAA;AAAA,MACP,IAAA,EAAM,SAAA;AAAA,MACN,OAAA,EAAS,QAAA;AAAA,MACT,IAAA,EAAM,QAAA;AAAA,MACN,SAAA,EAAW,CAAC,WAAA,EAAa,eAAe,CAAA;AAAA,MACxC,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,MAAA;AAAA,MACR,MAAA,EAAQ,mCAAA;AAAA,MACR,WAAA,EAAa,2LAAA;AAAA,MACb,cAAA,EAAgB,2BAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,MAAM,WAAA,EAAa,KAAA,EAAO,aAAa,cAAA,EAAgB,IAAA,EAAM,UAAU,IAAA;AAAK;AAChF;AACF,GACF;AAAA,EAEA,SAAA,EAAW;AAAA,IACT,IAAA,EAAM;AAAA,MACJ,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,MAAA;AAAA,MACN,KAAA,EAAO,iBAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,uBAAA,EAAwB;AAAA,MAC5D,SAAS,CAAC,MAAA,EAAQ,WAAA,EAAa,MAAA,EAAQ,YAAY,YAAY,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA,MAK/D,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,WAAW,QAAA,EAAU,QAAA,EAAU,KAAA,EAAO,mBAAA,EAAqB,CAAA;AAAA,MAC7E,MAAM,CAAC,EAAE,OAAO,YAAA,EAAc,KAAA,EAAO,QAAQ,CAAA;AAAA,MAC7C,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG,KAC7B;AAAA,IACA,MAAA,EAAQ;AAAA,MACN,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,QAAA;AAAA,MACN,KAAA,EAAO,QAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,uBAAA,EAAwB;AAAA,MAC5D,OAAA,EAAS,CAAC,MAAA,EAAQ,WAAA,EAAa,QAAQ,YAAY,CAAA;AAAA,MACnD,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,YAAY,QAAA,EAAU,QAAA,EAAU,KAAA,EAAO,KAAA,EAAO,CAAA;AAAA,MAChE,MAAM,CAAC,EAAE,OAAO,MAAA,EAAQ,KAAA,EAAO,OAAO,CAAA;AAAA,MACtC,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG,KAC7B;AAAA,IACA,aAAA,EAAe;AAAA,MACb,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,eAAA;AAAA,MACN,KAAA,EAAO,UAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,uBAAA,EAAwB;AAAA,MAC5D,OAAA,EAAS,CAAC,MAAA,EAAQ,WAAA,EAAa,QAAQ,YAAY,CAAA;AAAA,MACnD,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,YAAY,QAAA,EAAU,QAAA,EAAU,KAAA,EAAO,IAAA,EAAM,CAAA;AAAA,MAC/D,MAAM,CAAC,EAAE,OAAO,YAAA,EAAc,KAAA,EAAO,QAAQ,CAAA;AAAA,MAC7C,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG,KAC7B;AAAA,IACA,QAAA,EAAU;AAAA,MACR,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,UAAA;AAAA,MACN,KAAA,EAAO,KAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,uBAAA,EAAwB;AAAA,MAC5D,SAAS,CAAC,MAAA,EAAQ,WAAA,EAAa,MAAA,EAAQ,YAAY,YAAY,CAAA;AAAA,MAC/D,MAAM,CAAC,EAAE,OAAO,MAAA,EAAQ,KAAA,EAAO,OAAO,CAAA;AAAA,MACtC,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG;AAC7B,GACF;AAAA,EAEA,MAAA,EAAQ;AAAA;AAAA,IAEN,EAAA,EAAIC,WAAM,IAAA,CAAK;AAAA,MACb,KAAA,EAAO,IAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,IAAA,EAAMA,WAAM,IAAA,CAAK;AAAA,MACf,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,UAAA,EAAY,IAAA;AAAA,MACZ,SAAA,EAAW,GAAA;AAAA,MACX,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,IAAA,EAAMA,WAAM,GAAA,CAAI;AAAA,MACd,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,sCAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,GAAA,EAAKA,WAAM,GAAA,CAAI;AAAA,MACb,KAAA,EAAO,UAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,0CAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,QAAA,EAAUA,WAAM,QAAA,CAAS;AAAA,MACvB,KAAA,EAAO,UAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,iDAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,GAAA,EAAKA,WAAM,GAAA,CAAI;AAAA,MACb,KAAA,EAAO,kBAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,MAAA,EAAQA,WAAM,GAAA,CAAI;AAAA,MAChB,KAAA,EAAO,gBAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,QAAA,EAAUA,WAAM,QAAA,CAAS;AAAA,MACvB,KAAA,EAAO,UAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,sCAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA;AAAA,IAGD,SAAA,EAAWA,WAAM,IAAA,CAAK;AAAA,MACpB,KAAA,EAAO,WAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU,IAAA;AAAA,MACV,SAAA,EAAW,GAAA;AAAA,MACX,WAAA,EAAa,gCAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,aAAA,EAAeA,WAAM,IAAA,CAAK;AAAA,MACxB,KAAA,EAAO,eAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,SAAA,EAAW,IAAA;AAAA,MACX,WAAA,EAAa,gDAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,aAAA,EAAeA,WAAM,QAAA,CAAS;AAAA,MAC5B,KAAA,EAAO,eAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa,+CAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,yBAAA,EAA2BA,WAAM,QAAA,CAAS;AAAA,MACxC,KAAA,EAAO,2BAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,2DAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,IAAA,EAAMA,WAAM,MAAA,CAAO,CAAC,OAAO,QAAA,EAAU,kBAAA,EAAoB,QAAQ,CAAA,EAAG;AAAA,MAClE,KAAA,EAAO,aAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,YAAA,EAAc,KAAA;AAAA,MACd,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,MAAA,EAAQA,WAAM,OAAA,CAAQ;AAAA,MACpB,KAAA,EAAO,eAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,8DAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,YAAA,EAAcA,WAAM,OAAA,CAAQ;AAAA,MAC1B,KAAA,EAAO,cAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,0BAAA,EAA4BA,WAAM,IAAA,CAAK;AAAA,MACrC,KAAA,EAAO,4BAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,SAAA,EAAW,EAAA;AAAA,MACX,WAAA,EAAa,oDAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,WAAA,EAAaA,WAAM,QAAA,CAAS;AAAA,MAC1B,KAAA,EAAO,aAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,6CAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,cAAA,EAAgBA,WAAM,QAAA,CAAS;AAAA,MAC7B,KAAA,EAAO,gBAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,gDAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,MAAA,EAAQA,WAAM,QAAA,CAAS;AAAA,MACrB,KAAA,EAAO,gBAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,uDAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,YAAA,EAAcA,WAAM,IAAA,CAAK;AAAA,MACvB,KAAA,EAAO,cAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,SAAA,EAAW,EAAA;AAAA,MACX,WAAA,EAAa,2CAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA;AAAA,IAGD,QAAA,EAAUA,WAAM,OAAA,CAAQ;AAAA,MACtB,KAAA,EAAO,UAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,YAAA,EAAc,KAAA;AAAA,MACd,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,YAAA,EAAcA,WAAM,OAAA,CAAQ;AAAA,MAC1B,KAAA,EAAO,cAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,yDAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,kBAAA,EAAoBA,WAAM,OAAA,CAAQ;AAAA,MAChC,KAAA,EAAO,oBAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,wDAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA;AAAA,IAGD,WAAA,EAAaA,WAAM,IAAA,CAAK;AAAA,MACtB,KAAA,EAAO,aAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,SAAA,EAAW,GAAA;AAAA,MACX,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,gBAAA,EAAkBA,WAAM,IAAA,CAAK;AAAA,MAC3B,KAAA,EAAO,kBAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,SAAA,EAAW,EAAA;AAAA,MACX,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,kBAAA,EAAoBA,WAAM,QAAA,CAAS;AAAA,MACjC,KAAA,EAAO,oBAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,6DAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA;AAAA,IAGD,OAAA,EAASA,UAAAA,CAAM,MAAA,CAAO,UAAA,EAAY;AAAA,MAChC,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,sCAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,YAAA,EAAcA,WAAM,IAAA,CAAK;AAAA,MACvB,KAAA,EAAO,cAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,SAAA,EAAW,GAAA;AAAA,MACX,WAAA,EAAa,wCAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR;AAAA,GACH;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,EAAE,MAAA,EAAQ,CAAC,WAAW,CAAA,EAAG,QAAQ,IAAA,EAAK;AAAA,IACtC,EAAE,MAAA,EAAQ,CAAC,SAAS,CAAA,EAAE;AAAA,IACtB,EAAE,MAAA,EAAQ,CAAC,cAAc,CAAA;AAAE,GAC7B;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,YAAA,EAAc,IAAA;AAAA,IACd,UAAA,EAAY,IAAA;AAAA,IACZ,UAAA,EAAY,IAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAMZ,UAAA,EAAY,CAAC,KAAA,EAAO,MAAM,CAAA;AAAA,IAC1B,KAAA,EAAO,KAAA;AAAA,IACP,GAAA,EAAK;AAAA;AAET,CAAC;ACrbM,IAAM,mBAAA,GAAsBD,kBAAa,MAAA,CAAO;AAAA,EACrD,IAAA,EAAM,wBAAA;AAAA,EACN,KAAA,EAAO,oBAAA;AAAA,EACP,WAAA,EAAa,qBAAA;AAAA,EACb,IAAA,EAAM,QAAA;AAAA,EACN,QAAA,EAAU,IAAA;AAAA,EACV,SAAA,EAAW,aAAA;AAAA;AAAA;AAAA;AAAA,EAIX,UAAA,EAAY;AAAA,IACV,IAAA,EAAM,MAAA;AAAA,IACN,MAAA,EAAQ,4DAAA;AAAA,IACR,OAAA,EAAS;AAAA,GACX;AAAA,EACA,WAAA,EAAa,0DAAA;AAAA,EACb,aAAA,EAAe,CAAC,WAAA,EAAa,SAAA,EAAW,YAAY,CAAA;AAAA,EAEpD,MAAA,EAAQ;AAAA,IACN,EAAA,EAAIC,WAAM,IAAA,CAAK;AAAA,MACb,KAAA,EAAO,IAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,KAAA,EAAOA,WAAM,IAAA,CAAK;AAAA,MAChB,KAAA,EAAO,OAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,SAAA,EAAW,IAAA;AAAA,MACX,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,SAAA,EAAWA,WAAM,IAAA,CAAK;AAAA,MACpB,KAAA,EAAO,WAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,UAAA,EAAYA,UAAAA,CAAM,MAAA,CAAO,aAAA,EAAe;AAAA,MACtC,KAAA,EAAO,SAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,OAAA,EAASA,UAAAA,CAAM,MAAA,CAAO,UAAA,EAAY;AAAA,MAChC,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,UAAA,EAAYA,UAAAA,CAAM,MAAA,CAAO,yBAAA,EAA2B;AAAA,MAClD,KAAA,EAAO,eAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,YAAA,EAAcA,WAAM,IAAA,CAAK;AAAA,MACvB,KAAA,EAAO,cAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,SAAA,EAAW,GAAA;AAAA,MACX,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,MAAA,EAAQA,WAAM,QAAA,CAAS;AAAA,MACrB,KAAA,EAAO,QAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU;AAAA,KACX;AAAA,GACH;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,EAAE,MAAA,EAAQ,CAAC,OAAO,CAAA,EAAG,QAAQ,IAAA,EAAK;AAAA,IAClC,EAAE,MAAA,EAAQ,CAAC,WAAW,CAAA,EAAE;AAAA,IACxB,EAAE,MAAA,EAAQ,CAAC,YAAY,CAAA,EAAE;AAAA,IACzB,EAAE,MAAA,EAAQ,CAAC,SAAS,CAAA,EAAE;AAAA,IACtB,EAAE,MAAA,EAAQ,CAAC,YAAY,CAAA;AAAE,GAC3B;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,YAAA,EAAc,KAAA;AAAA,IACd,UAAA,EAAY,KAAA;AAAA,IACZ,UAAA,EAAY,KAAA;AAAA,IACZ,YAAY,EAAC;AAAA,IACb,KAAA,EAAO,KAAA;AAAA,IACP,GAAA,EAAK;AAAA;AAET,CAAC;AClGM,IAAM,oBAAA,GAAuBD,kBAAa,MAAA,CAAO;AAAA,EACtD,IAAA,EAAM,yBAAA;AAAA,EACN,KAAA,EAAO,qBAAA;AAAA,EACP,WAAA,EAAa,sBAAA;AAAA,EACb,IAAA,EAAM,YAAA;AAAA,EACN,QAAA,EAAU,IAAA;AAAA,EACV,SAAA,EAAW,aAAA;AAAA;AAAA;AAAA;AAAA,EAIX,UAAA,EAAY;AAAA,IACV,IAAA,EAAM,MAAA;AAAA,IACN,MAAA,EAAQ,4DAAA;AAAA,IACR,OAAA,EAAS;AAAA,GACX;AAAA,EACA,WAAA,EAAa,mDAAA;AAAA,EACb,aAAA,EAAe,CAAC,WAAA,EAAa,SAAA,EAAW,YAAY,CAAA;AAAA,EAEpD,MAAA,EAAQ;AAAA,IACN,EAAA,EAAIC,WAAM,IAAA,CAAK;AAAA,MACb,KAAA,EAAO,IAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,KAAA,EAAOA,WAAM,IAAA,CAAK;AAAA,MAChB,KAAA,EAAO,OAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,SAAA,EAAW,IAAA;AAAA,MACX,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,SAAA,EAAWA,WAAM,IAAA,CAAK;AAAA,MACpB,KAAA,EAAO,WAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,UAAA,EAAYA,UAAAA,CAAM,MAAA,CAAO,aAAA,EAAe;AAAA,MACtC,KAAA,EAAO,SAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,OAAA,EAASA,UAAAA,CAAM,MAAA,CAAO,UAAA,EAAY;AAAA,MAChC,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,YAAA,EAAcA,WAAM,IAAA,CAAK;AAAA,MACvB,KAAA,EAAO,cAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,SAAA,EAAW,GAAA;AAAA,MACX,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,MAAA,EAAQA,WAAM,QAAA,CAAS;AAAA,MACrB,KAAA,EAAO,QAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,OAAA,EAASA,WAAM,QAAA,CAAS;AAAA,MACtB,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,SAAA,EAAWA,WAAM,QAAA,CAAS;AAAA,MACxB,KAAA,EAAO,WAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd;AAAA,GACH;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,EAAE,MAAA,EAAQ,CAAC,OAAO,CAAA,EAAG,QAAQ,IAAA,EAAK;AAAA,IAClC,EAAE,MAAA,EAAQ,CAAC,WAAW,CAAA,EAAE;AAAA,IACxB,EAAE,MAAA,EAAQ,CAAC,YAAY,CAAA,EAAE;AAAA,IACzB,EAAE,MAAA,EAAQ,CAAC,SAAS,CAAA;AAAE,GACxB;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,YAAA,EAAc,KAAA;AAAA,IACd,UAAA,EAAY,KAAA;AAAA,IACZ,UAAA,EAAY,KAAA;AAAA,IACZ,YAAY,EAAC;AAAA,IACb,KAAA,EAAO,KAAA;AAAA,IACP,GAAA,EAAK;AAAA;AAET,CAAC;ACpGM,IAAM,eAAA,GAAkBD,kBAAa,MAAA,CAAO;AAAA,EACjD,IAAA,EAAM,mBAAA;AAAA,EACN,KAAA,EAAO,eAAA;AAAA,EACP,WAAA,EAAa,gBAAA;AAAA,EACb,IAAA,EAAM,cAAA;AAAA,EACN,QAAA,EAAU,IAAA;AAAA,EACV,SAAA,EAAW,aAAA;AAAA;AAAA;AAAA;AAAA,EAIX,UAAA,EAAY;AAAA,IACV,IAAA,EAAM,MAAA;AAAA,IACN,MAAA,EAAQ,4DAAA;AAAA,IACR,OAAA,EAAS;AAAA,GACX;AAAA,EACA,WAAA,EAAa,oDAAA;AAAA,EACb,aAAA,EAAe,CAAC,WAAA,EAAa,SAAA,EAAW,QAAQ,CAAA;AAAA,EAEhD,MAAA,EAAQ;AAAA,IACN,EAAA,EAAIC,WAAM,IAAA,CAAK;AAAA,MACb,KAAA,EAAO,IAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,SAAA,EAAWA,WAAM,IAAA,CAAK;AAAA,MACpB,KAAA,EAAO,WAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,OAAA,EAASA,UAAAA,CAAM,MAAA,CAAO,UAAA,EAAY;AAAA,MAChC,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,YAAA,EAAcA,WAAM,IAAA,CAAK;AAAA,MACvB,KAAA,EAAO,cAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,SAAA,EAAW,GAAA;AAAA,MACX,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,MAAA,EAAQA,WAAM,QAAA,CAAS;AAAA,MACrB,KAAA,EAAO,QAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU;AAAA,KACX;AAAA,GACH;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,EAAE,MAAA,EAAQ,CAAC,WAAW,CAAA,EAAE;AAAA,IACxB,EAAE,MAAA,EAAQ,CAAC,SAAS,CAAA;AAAE,GACxB;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,YAAA,EAAc,KAAA;AAAA,IACd,UAAA,EAAY,KAAA;AAAA,IACZ,UAAA,EAAY,KAAA;AAAA,IACZ,YAAY,EAAC;AAAA,IACb,KAAA,EAAO,KAAA;AAAA,IACP,GAAA,EAAK;AAAA;AAET,CAAC;AC9EM,IAAM,OAAA,GAAUD,kBAAa,MAAA,CAAO;AAAA,EACzC,IAAA,EAAM,UAAA;AAAA,EACN,KAAA,EAAO,UAAA;AAAA,EACP,WAAA,EAAa,WAAA;AAAA,EACb,IAAA,EAAM,KAAA;AAAA,EACN,QAAA,EAAU,IAAA;AAAA,EACV,SAAA,EAAW,aAAA;AAAA;AAAA;AAAA;AAAA,EAIX,UAAA,EAAY;AAAA,IACV,IAAA,EAAM,MAAA;AAAA,IACN,MAAA,EAAQ,4DAAA;AAAA,IACR,OAAA,EAAS;AAAA,GACX;AAAA,EACA,WAAA,EAAa,0DAAA;AAAA,EACb,aAAA,EAAe,CAAC,IAAA,EAAM,YAAA,EAAc,YAAY,CAAA;AAAA,EAEhD,MAAA,EAAQ;AAAA,IACN,EAAA,EAAIC,WAAM,IAAA,CAAK;AAAA,MACb,KAAA,EAAO,QAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,WAAA,EAAaA,WAAM,QAAA,CAAS;AAAA,MAC1B,KAAA,EAAO,aAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd;AAAA,GACH;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,YAAA,EAAc,KAAA;AAAA,IACd,UAAA,EAAY,KAAA;AAAA,IACZ,UAAA,EAAY,KAAA;AAAA,IACZ,YAAY,EAAC;AAAA,IACb,KAAA,EAAO,KAAA;AAAA,IACP,GAAA,EAAK;AAAA;AAET,CAAC","file":"index.js","sourcesContent":["// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { ObjectSchema, Field } from '@objectstack/spec/data';\n\n/**\n * sys_user — System User Object\n *\n * Canonical user identity record for the ObjectStack platform.\n * Backed by better-auth's `user` model with ObjectStack field conventions.\n *\n * Field order drives default list/form layout: identity first, then profile,\n * then system-managed audit fields (hidden from create/edit forms).\n *\n * @namespace sys\n */\nexport const SysUser = ObjectSchema.create({\n name: 'sys_user',\n label: 'User',\n pluralLabel: 'Users',\n icon: 'user',\n isSystem: true,\n managedBy: 'better-auth',\n // ADR-0010 §3.7 — identity table is managed by better-auth; schema must not drift.\n protection: {\n lock: 'full',\n reason: 'Identity table managed by better-auth — see ADR-0010.',\n docsUrl: 'https://docs.objectstack.ai/adr/0010-metadata-protection',\n },\n description: 'User accounts for authentication',\n displayNameField: 'name',\n titleFormat: '{name}',\n compactLayout: ['name', 'email', 'email_verified'],\n\n // Custom actions — generic CRUD is suppressed because user accounts are\n // managed by better-auth, but we still need first-class affordances for\n // common operations. Each action delegates to a Console-side named script\n // registered on the ActionRunner (see objectui `AppContent.tsx`). Adding\n // new affordances (reset password, revoke session, …) is now a pure\n // schema + script-registration change — no per-view code.\n actions: [\n {\n name: 'invite_user',\n label: 'Invite User',\n icon: 'user-plus',\n variant: 'primary',\n locations: ['list_toolbar'],\n type: 'api',\n target: '/api/v1/auth/organization/invite-member',\n successMessage: 'Invitation sent',\n refreshAfter: true,\n params: [\n { field: 'email', required: true },\n { field: 'role', objectOverride: 'sys_member', required: true },\n ],\n },\n\n // ── Platform admin operations (require better-auth `admin` plugin) ─\n //\n // These actions hit /api/v1/auth/admin/* endpoints that are only\n // wired when `auth.plugins.admin` is enabled. When the plugin is\n // disabled the actions still render (schema is static) but server\n // returns 404. UI surfaces them under the row menu so platform\n // admins can manage accounts without dropping to SQL or\n // a custom Setup wizard.\n {\n name: 'ban_user',\n label: 'Ban User',\n icon: 'ban',\n variant: 'danger',\n locations: ['list_item'],\n type: 'api',\n target: '/api/v1/auth/admin/ban-user',\n recordIdParam: 'userId',\n successMessage: 'User banned',\n refreshAfter: true,\n confirmText: 'Ban this user? They will be signed out and unable to sign in until unbanned.',\n params: [\n { name: 'banReason', label: 'Ban Reason', type: 'text', required: false },\n ],\n },\n {\n name: 'unban_user',\n label: 'Unban User',\n icon: 'check-circle-2',\n variant: 'secondary',\n locations: ['list_item'],\n type: 'api',\n target: '/api/v1/auth/admin/unban-user',\n recordIdParam: 'userId',\n successMessage: 'User unbanned',\n refreshAfter: true,\n },\n {\n name: 'set_user_password',\n label: 'Set Password',\n icon: 'key-round',\n variant: 'secondary',\n locations: ['list_item'],\n type: 'api',\n target: '/api/v1/auth/admin/set-user-password',\n recordIdParam: 'userId',\n successMessage: 'Password updated',\n refreshAfter: false,\n params: [\n { name: 'newPassword', label: 'New Password', type: 'text', required: true },\n ],\n },\n {\n name: 'set_user_role',\n label: 'Set Platform Role',\n icon: 'shield-check',\n variant: 'secondary',\n locations: ['list_item'],\n type: 'api',\n target: '/api/v1/auth/admin/set-role',\n recordIdParam: 'userId',\n successMessage: 'Role updated',\n refreshAfter: true,\n params: [\n { name: 'role', label: 'Platform Role', type: 'text', required: true },\n ],\n },\n {\n name: 'impersonate_user',\n label: 'Impersonate User',\n icon: 'user-cog',\n variant: 'secondary',\n locations: ['list_item'],\n type: 'api',\n target: '/api/v1/auth/admin/impersonate-user',\n recordIdParam: 'userId',\n successMessage: 'Now impersonating user',\n refreshAfter: true,\n confirmText: 'Start an impersonation session for this user? Use only for legitimate support cases — actions will be logged.',\n },\n\n // ── Self-service actions (the row owner only) ─────────────────────\n //\n // These four actions are the \"account settings\" surfaces the standalone\n // Account SPA used to own (`/account/profile`, `/account/security`).\n // They are visible only when the current row is the signed-in user —\n // i.e. opened from the user's own detail page or a \"My Account\" view —\n // via the `visible` CEL predicate. Admin equivalents (set_user_password\n // for any account) are above and stay separate.\n {\n name: 'update_my_profile',\n label: 'Update Profile',\n icon: 'user-pen',\n variant: 'primary',\n mode: 'edit',\n locations: ['record_header'],\n type: 'api',\n target: '/api/v1/auth/update-user',\n visible: 'record.id == ctx.user.id',\n successMessage: 'Profile updated',\n refreshAfter: true,\n params: [\n { field: 'name', required: false, defaultFromRow: true },\n { field: 'image', required: false, defaultFromRow: true },\n ],\n },\n {\n name: 'change_my_password',\n label: 'Change Password',\n icon: 'key',\n variant: 'secondary',\n locations: ['record_header', 'record_more', 'record_section'],\n type: 'api',\n target: '/api/v1/auth/change-password',\n visible: 'record.id == ctx.user.id',\n successMessage: 'Password changed',\n refreshAfter: false,\n params: [\n { name: 'currentPassword', label: 'Current Password', type: 'text', required: true },\n { name: 'newPassword', label: 'New Password', type: 'text', required: true },\n { name: 'revokeOtherSessions', label: 'Sign out other devices', type: 'boolean', required: false, defaultValue: true },\n ],\n },\n {\n name: 'change_my_email',\n label: 'Change Email',\n icon: 'mail',\n variant: 'secondary',\n locations: ['record_header', 'record_more', 'record_section'],\n type: 'api',\n target: '/api/v1/auth/change-email',\n visible: 'record.id == ctx.user.id',\n successMessage: 'Verification email sent — check the new address to confirm.',\n refreshAfter: false,\n params: [\n { name: 'newEmail', label: 'New Email', type: 'email', required: true },\n ],\n },\n {\n name: 'resend_verification_email',\n label: 'Resend Verification Email',\n icon: 'mail-check',\n variant: 'secondary',\n locations: ['record_header', 'record_more', 'record_section'],\n type: 'api',\n target: '/api/v1/auth/send-verification-email',\n // Only render for the row owner AND when their email is still\n // unverified — there's nothing to resend once verified.\n visible: 'record.id == ctx.user.id && record.email_verified == false',\n successMessage: 'Verification email sent — check your inbox.',\n refreshAfter: false,\n params: [],\n },\n {\n name: 'delete_my_account',\n label: 'Delete My Account',\n icon: 'user-x',\n variant: 'danger',\n mode: 'delete',\n locations: ['record_more', 'record_section'],\n type: 'api',\n target: '/api/v1/auth/delete-user',\n visible: 'record.id == ctx.user.id',\n confirmText: 'Permanently delete your account? This cannot be undone — all your sessions will be terminated and all data you own will be removed per the configured retention policy.',\n successMessage: 'Account deleted',\n refreshAfter: false,\n params: [\n { name: 'password', label: 'Current Password', type: 'text', required: true },\n ],\n },\n // ── Two-factor authentication ─────────────────────────────────\n // Enable flow returns { totpURI, backupCodes } — surfacing those\n // safely needs a QR + verify UI that the generic action engine\n // can't render yet. We still expose it so the API call works\n // and the success toast displays the otpauth:// URI that users\n // can manually add to an authenticator app as a fallback.\n {\n name: 'enable_two_factor',\n label: 'Enable Two-Factor Auth',\n icon: 'shield-plus',\n variant: 'primary',\n locations: ['record_section'],\n type: 'api',\n target: '/api/v1/auth/two-factor/enable',\n visible: 'record.id == ctx.user.id && record.two_factor_enabled != true',\n successMessage: 'Two-factor authentication enabled. Scan the QR code or paste the otpauth URI into your authenticator app, then verify a code to complete setup.',\n refreshAfter: true,\n params: [\n { name: 'password', label: 'Current Password', type: 'text', required: true },\n ],\n },\n {\n name: 'disable_two_factor',\n label: 'Disable Two-Factor Auth',\n icon: 'shield-off',\n variant: 'danger',\n locations: ['record_section'],\n type: 'api',\n target: '/api/v1/auth/two-factor/disable',\n visible: 'record.id == ctx.user.id && record.two_factor_enabled == true',\n confirmText: 'Turn off two-factor authentication? Your account will be less secure.',\n successMessage: 'Two-factor authentication disabled.',\n refreshAfter: true,\n params: [\n { name: 'password', label: 'Current Password', type: 'text', required: true },\n ],\n },\n {\n name: 'generate_backup_codes',\n label: 'Regenerate Backup Codes',\n icon: 'list-restart',\n variant: 'secondary',\n locations: ['record_section'],\n type: 'api',\n target: '/api/v1/auth/two-factor/generate-backup-codes',\n visible: 'record.id == ctx.user.id && record.two_factor_enabled == true',\n confirmText: 'Generate a new set of backup codes? Any previously generated codes will stop working.',\n successMessage: 'New backup codes generated — save them somewhere safe.',\n refreshAfter: false,\n params: [\n { name: 'password', label: 'Current Password', type: 'text', required: true },\n ],\n },\n ],\n\n listViews: {\n // Self-service profile entry — surfaced by the Account App so every\n // authenticated user can view / edit their own basic profile (name,\n // email, avatar). Filtered to a single row (the caller) via the\n // `{current_user_id}` template variable; RLS additionally enforces\n // that non-admins cannot read other users' rows.\n me: {\n type: 'grid',\n name: 'me',\n label: 'My Profile',\n data: { provider: 'object', object: 'sys_user' },\n columns: ['name', 'email', 'email_verified', 'two_factor_enabled', 'updated_at'],\n filter: [{ field: 'id', operator: 'equals', value: '{current_user_id}' }],\n sort: [{ field: 'name', order: 'asc' }],\n pagination: { pageSize: 1 },\n },\n all_users: {\n type: 'grid',\n name: 'all_users',\n label: 'All Users',\n data: { provider: 'object', object: 'sys_user' },\n columns: ['name', 'email', 'email_verified', 'two_factor_enabled', 'created_at'],\n sort: [{ field: 'name', order: 'asc' }],\n pagination: { pageSize: 50 },\n },\n unverified: {\n type: 'grid',\n name: 'unverified',\n label: 'Unverified',\n data: { provider: 'object', object: 'sys_user' },\n columns: ['name', 'email', 'created_at'],\n filter: [{ field: 'email_verified', operator: 'equals', value: false }],\n sort: [{ field: 'created_at', order: 'desc' }],\n pagination: { pageSize: 50 },\n },\n two_factor: {\n type: 'grid',\n name: 'two_factor',\n label: '2FA Enabled',\n data: { provider: 'object', object: 'sys_user' },\n columns: ['name', 'email', 'two_factor_enabled', 'updated_at'],\n filter: [{ field: 'two_factor_enabled', operator: 'equals', value: true }],\n sort: [{ field: 'name', order: 'asc' }],\n pagination: { pageSize: 50 },\n },\n banned: {\n type: 'grid',\n name: 'banned',\n label: 'Banned',\n data: { provider: 'object', object: 'sys_user' },\n columns: ['name', 'email', 'banned', 'ban_reason', 'ban_expires'],\n filter: [{ field: 'banned', operator: 'equals', value: true }],\n sort: [{ field: 'updated_at', order: 'desc' }],\n pagination: { pageSize: 50 },\n },\n },\n\n fields: {\n // ── Identity (primary business fields) ───────────────────────\n name: Field.text({\n label: 'Name',\n required: true,\n searchable: true,\n maxLength: 255,\n group: 'Identity',\n }),\n\n email: Field.email({\n label: 'Email',\n required: true,\n searchable: true,\n group: 'Identity',\n }),\n\n email_verified: Field.boolean({\n label: 'Email Verified',\n defaultValue: false,\n group: 'Identity',\n }),\n\n two_factor_enabled: Field.boolean({\n label: 'Two-Factor Enabled',\n defaultValue: false,\n group: 'Identity',\n description: 'Whether two-factor authentication is enabled for this user. Maintained by the better-auth `twoFactor` plugin.',\n }),\n\n // ── Admin (managed by better-auth `admin` plugin when enabled) ───\n role: Field.text({\n label: 'Platform Role',\n required: false,\n maxLength: 64,\n group: 'Admin',\n description: 'Platform-level role (admin, user, …). Set via the Set Platform Role action.',\n }),\n\n banned: Field.boolean({\n label: 'Banned',\n defaultValue: false,\n group: 'Admin',\n description: 'When true, the user cannot sign in. Toggle via Ban User / Unban User actions.',\n }),\n\n ban_reason: Field.text({\n label: 'Ban Reason',\n required: false,\n maxLength: 255,\n group: 'Admin',\n }),\n\n ban_expires: Field.datetime({\n label: 'Ban Expires',\n required: false,\n group: 'Admin',\n description: 'When set, the ban auto-clears at this time.',\n }),\n\n // ── Profile ──────────────────────────────────────────────────\n image: Field.url({\n label: 'Profile Image',\n required: false,\n group: 'Profile',\n }),\n\n // ── System (auto-managed, hidden from create/edit forms) ─────\n id: Field.text({\n label: 'User ID',\n required: true,\n readonly: true,\n group: 'System',\n }),\n\n created_at: Field.datetime({\n label: 'Created At',\n defaultValue: 'NOW()',\n readonly: true,\n group: 'System',\n }),\n\n updated_at: Field.datetime({\n label: 'Updated At',\n defaultValue: 'NOW()',\n readonly: true,\n group: 'System',\n }),\n },\n\n indexes: [\n { fields: ['email'], unique: true },\n { fields: ['created_at'], unique: false },\n ],\n\n enable: {\n trackHistory: true,\n searchable: true,\n apiEnabled: true,\n apiMethods: ['get', 'list', 'create', 'update', 'delete'],\n trash: true,\n mru: true,\n },\n\n validations: [\n {\n name: 'email_unique',\n type: 'unique',\n severity: 'error',\n message: 'Email must be unique',\n fields: ['email'],\n caseSensitive: false,\n },\n ],\n});\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { ObjectSchema, Field } from '@objectstack/spec/data';\n\n/**\n * sys_session — System Session Object\n *\n * Active user session record for the ObjectStack platform.\n * Backed by better-auth's `session` model with ObjectStack field conventions.\n *\n * The `token` field is hidden by default — sessions are managed by the\n * auth plugin, not edited manually. Admins see session metadata\n * (user, expiry, IP, active context) without exposing the token value.\n *\n * @namespace sys\n */\nexport const SysSession = ObjectSchema.create({\n name: 'sys_session',\n label: 'Session',\n pluralLabel: 'Sessions',\n icon: 'key',\n isSystem: true,\n managedBy: 'better-auth',\n // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,\n // but may add overlay row-level config. Use `no-overlay` if you need to\n // forbid sys_metadata overlays entirely.\n protection: {\n lock: 'full',\n reason: 'Identity table managed by better-auth — see ADR-0010.',\n docsUrl: 'https://docs.objectstack.ai/adr/0010-metadata-protection',\n },\n description: 'Active user sessions',\n displayNameField: 'user_id',\n titleFormat: 'Session — {user_id}',\n compactLayout: ['user_id', 'ip_address', 'expires_at'],\n\n // Custom actions — sessions are managed by better-auth (generic CRUD\n // suppressed). \"Sign out other devices\" is the high-value self-service\n // affordance every IdP exposes. Maps to better-auth's\n // `revoke-other-sessions` endpoint which terminates every session for\n // the current user except the one making the request.\n actions: [\n {\n name: 'revoke_my_other_sessions',\n label: 'Sign out other devices',\n icon: 'log-out',\n variant: 'danger',\n locations: ['list_toolbar'],\n type: 'api',\n target: '/api/v1/auth/revoke-other-sessions',\n confirmText: 'Sign out of every other device where you\\'re currently logged in? Your current session will remain active.',\n successMessage: 'All other sessions revoked',\n refreshAfter: true,\n },\n {\n name: 'revoke_session',\n label: 'Revoke Session',\n icon: 'log-out',\n variant: 'danger',\n mode: 'delete',\n locations: ['list_item'],\n type: 'api',\n target: '/api/v1/auth/revoke-session',\n // better-auth `revoke-session` keys off the session token, not the id.\n recordIdParam: 'token',\n recordIdField: 'token',\n confirmText: 'Revoke this session? The user will be signed out from that device.',\n successMessage: 'Session revoked',\n refreshAfter: true,\n },\n ],\n\n listViews: {\n mine: {\n type: 'grid',\n name: 'mine',\n label: 'My Sessions',\n data: { provider: 'object', object: 'sys_session' },\n columns: ['ip_address', 'active_organization_id', 'created_at', 'expires_at'],\n filter: [{ field: 'user_id', operator: 'equals', value: '{current_user_id}' }],\n sort: [{ field: 'created_at', order: 'desc' }],\n pagination: { pageSize: 50 },\n },\n all_sessions: {\n type: 'grid',\n name: 'all_sessions',\n label: 'All',\n data: { provider: 'object', object: 'sys_session' },\n columns: ['user_id', 'ip_address', 'active_organization_id', 'created_at', 'expires_at'],\n sort: [{ field: 'created_at', order: 'desc' }],\n pagination: { pageSize: 50 },\n },\n },\n\n fields: {\n // ── Session owner & expiry ──────────────────────────────────\n user_id: Field.lookup('sys_user', {\n label: 'User',\n required: true,\n searchable: true,\n group: 'Session',\n }),\n\n expires_at: Field.datetime({\n label: 'Expires At',\n required: true,\n group: 'Session',\n }),\n\n // ── Active context (multi-org/team) ──────────────────────────\n active_organization_id: Field.lookup('sys_organization', {\n label: 'Active Organization',\n required: false,\n group: 'Context',\n }),\n\n active_team_id: Field.lookup('sys_team', {\n label: 'Active Team',\n required: false,\n group: 'Context',\n }),\n\n // ── Client fingerprint ───────────────────────────────────────\n ip_address: Field.text({\n label: 'IP Address',\n required: false,\n maxLength: 45, // Support IPv6\n group: 'Client',\n }),\n\n user_agent: Field.textarea({\n label: 'User Agent',\n required: false,\n group: 'Client',\n }),\n\n // ── Admin (managed by better-auth `admin` plugin) ────────────\n impersonated_by: Field.lookup('sys_user', {\n label: 'Impersonated By',\n required: false,\n group: 'Admin',\n description: 'User id of the admin that started this impersonation session, if any.',\n }),\n\n // ── Secret (hidden by default) ──────────────────────────────\n token: Field.text({\n label: 'Session Token',\n required: true,\n hidden: true,\n readonly: true,\n description: 'Opaque session token — never exposed in UI',\n group: 'Secret',\n }),\n\n // ── System ───────────────────────────────────────────────────\n id: Field.text({\n label: 'Session ID',\n required: true,\n readonly: true,\n group: 'System',\n }),\n\n created_at: Field.datetime({\n label: 'Created At',\n defaultValue: 'NOW()',\n readonly: true,\n group: 'System',\n }),\n\n updated_at: Field.datetime({\n label: 'Updated At',\n defaultValue: 'NOW()',\n readonly: true,\n group: 'System',\n }),\n },\n\n indexes: [\n { fields: ['token'], unique: true },\n { fields: ['user_id'], unique: false },\n { fields: ['expires_at'], unique: false },\n ],\n\n enable: {\n trackHistory: false,\n searchable: false,\n apiEnabled: true,\n apiMethods: ['get', 'list', 'create', 'delete'],\n trash: false,\n mru: false,\n clone: false,\n },\n});\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { ObjectSchema, Field } from '@objectstack/spec/data';\n\n/**\n * sys_account — System Account Object\n *\n * OAuth / credential provider account record.\n * Backed by better-auth's `account` model with ObjectStack field conventions.\n *\n * @namespace sys\n */\nexport const SysAccount = ObjectSchema.create({\n name: 'sys_account',\n label: 'Account',\n pluralLabel: 'Accounts',\n icon: 'link',\n isSystem: true,\n managedBy: 'better-auth',\n // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,\n // but may add overlay row-level config. Use `no-overlay` if you need to\n // forbid sys_metadata overlays entirely.\n protection: {\n lock: 'full',\n reason: 'Identity table managed by better-auth — see ADR-0010.',\n docsUrl: 'https://docs.objectstack.ai/adr/0010-metadata-protection',\n },\n description: 'OAuth and authentication provider accounts',\n titleFormat: '{provider_id} - {account_id}',\n compactLayout: ['provider_id', 'user_id', 'account_id'],\n\n // Custom actions — sysadmins routinely need to revoke a user's OAuth\n // link (e.g. when an SSO provider is decommissioned or the user\n // requests it). Better-auth exposes `/unlink-account { providerId,\n // accountId }` for this. The form is locked to the row's values so\n // it acts as a one-click confirmation rather than a free-form edit.\n //\n // `link_social` is the self-service counterpart — a toolbar action\n // that redirects the browser to better-auth's social sign-in endpoint\n // with a callbackURL pointing back to the linked-accounts view. The\n // endpoint sets the link cookie and OAuth-dances through the provider,\n // which is why it's `type: 'url'` (full page navigation) rather than\n // `type: 'api'` (XHR — would block on CORS / 302).\n actions: [\n {\n name: 'link_social',\n label: 'Link Social Account',\n icon: 'link-2',\n variant: 'primary',\n mode: 'create',\n locations: ['list_toolbar'],\n type: 'url',\n target: '/api/v1/auth/sign-in/social?provider=${param.provider}&callbackURL=${ctx.origin}/_console/apps/account/sys_account',\n params: [\n {\n name: 'provider',\n label: 'Provider',\n type: 'select',\n required: true,\n options: [\n { label: 'Google', value: 'google' },\n { label: 'GitHub', value: 'github' },\n { label: 'Microsoft', value: 'microsoft' },\n { label: 'Apple', value: 'apple' },\n { label: 'Facebook', value: 'facebook' },\n { label: 'GitLab', value: 'gitlab' },\n { label: 'Discord', value: 'discord' },\n ],\n },\n ],\n },\n {\n name: 'unlink_account',\n label: 'Unlink Account',\n icon: 'unlink',\n variant: 'danger',\n mode: 'delete',\n locations: ['list_item', 'record_header'],\n type: 'api',\n target: '/api/v1/auth/unlink-account',\n confirmText: 'Unlink this identity link? The user will no longer be able to sign in with this provider until they re-link it from their account settings.',\n successMessage: 'Identity link removed',\n refreshAfter: true,\n params: [\n { name: 'providerId', field: 'provider_id', defaultFromRow: true, required: true },\n { name: 'accountId', field: 'account_id', defaultFromRow: true, required: true },\n ],\n },\n ],\n\n listViews: {\n mine: {\n type: 'grid',\n name: 'mine',\n label: 'My Links',\n data: { provider: 'object', object: 'sys_account' },\n columns: ['provider_id', 'account_id', 'created_at', 'updated_at'],\n filter: [{ field: 'user_id', operator: 'equals', value: '{current_user_id}' }],\n sort: [{ field: 'provider_id', order: 'asc' }],\n pagination: { pageSize: 50 },\n },\n by_provider: {\n type: 'grid',\n name: 'by_provider',\n label: 'By Provider',\n data: { provider: 'object', object: 'sys_account' },\n columns: ['provider_id', 'user_id', 'account_id', 'created_at'],\n sort: [{ field: 'provider_id', order: 'asc' }, { field: 'created_at', order: 'desc' }],\n grouping: { fields: [{ field: 'provider_id', order: 'asc', collapsed: false }] },\n pagination: { pageSize: 100 },\n },\n all_links: {\n type: 'grid',\n name: 'all_links',\n label: 'All',\n data: { provider: 'object', object: 'sys_account' },\n columns: ['provider_id', 'user_id', 'account_id', 'created_at', 'updated_at'],\n sort: [{ field: 'created_at', order: 'desc' }],\n pagination: { pageSize: 100 },\n },\n },\n \n fields: {\n id: Field.text({\n label: 'Account ID',\n required: true,\n readonly: true,\n }),\n \n created_at: Field.datetime({\n label: 'Created At',\n defaultValue: 'NOW()',\n readonly: true,\n }),\n \n updated_at: Field.datetime({\n label: 'Updated At',\n defaultValue: 'NOW()',\n readonly: true,\n }),\n \n provider_id: Field.text({\n label: 'Provider ID',\n required: true,\n description: 'OAuth provider identifier (google, github, etc.)',\n }),\n \n account_id: Field.text({\n label: 'Provider Account ID',\n required: true,\n description: \"User's ID in the provider's system\",\n }),\n \n user_id: Field.lookup('sys_user', {\n label: 'User',\n required: true,\n description: 'Link to user table',\n }),\n \n access_token: Field.textarea({\n label: 'Access Token',\n required: false,\n }),\n \n refresh_token: Field.textarea({\n label: 'Refresh Token',\n required: false,\n }),\n \n id_token: Field.textarea({\n label: 'ID Token',\n required: false,\n }),\n \n access_token_expires_at: Field.datetime({\n label: 'Access Token Expires At',\n required: false,\n }),\n \n refresh_token_expires_at: Field.datetime({\n label: 'Refresh Token Expires At',\n required: false,\n }),\n \n scope: Field.text({\n label: 'OAuth Scope',\n required: false,\n }),\n \n password: Field.text({\n label: 'Password Hash',\n required: false,\n description: 'Hashed password for email/password provider',\n }),\n },\n \n indexes: [\n { fields: ['user_id'], unique: false },\n { fields: ['provider_id', 'account_id'], unique: true },\n ],\n \n enable: {\n trackHistory: false,\n searchable: false,\n apiEnabled: true,\n apiMethods: ['get', 'list', 'create', 'update', 'delete'],\n trash: true,\n mru: false,\n },\n});\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { ObjectSchema, Field } from '@objectstack/spec/data';\n\n/**\n * sys_verification — System Verification Object\n *\n * Email and phone verification token record.\n * Backed by better-auth's `verification` model with ObjectStack field conventions.\n *\n * @namespace sys\n */\nexport const SysVerification = ObjectSchema.create({\n name: 'sys_verification',\n label: 'Verification',\n pluralLabel: 'Verifications',\n icon: 'shield-check',\n isSystem: true,\n managedBy: 'better-auth',\n // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,\n // but may add overlay row-level config. Use `no-overlay` if you need to\n // forbid sys_metadata overlays entirely.\n protection: {\n lock: 'full',\n reason: 'Identity table managed by better-auth — see ADR-0010.',\n docsUrl: 'https://docs.objectstack.ai/adr/0010-metadata-protection',\n },\n description: 'Email and phone verification tokens',\n titleFormat: 'Verification for {identifier}',\n compactLayout: ['identifier', 'expires_at', 'created_at'],\n \n fields: {\n id: Field.text({\n label: 'Verification ID',\n required: true,\n readonly: true,\n }),\n \n created_at: Field.datetime({\n label: 'Created At',\n defaultValue: 'NOW()',\n readonly: true,\n }),\n \n updated_at: Field.datetime({\n label: 'Updated At',\n defaultValue: 'NOW()',\n readonly: true,\n }),\n \n value: Field.text({\n label: 'Verification Token',\n required: true,\n description: 'Token or code for verification',\n }),\n \n expires_at: Field.datetime({\n label: 'Expires At',\n required: true,\n }),\n \n identifier: Field.text({\n label: 'Identifier',\n required: true,\n description: 'Email address or phone number',\n }),\n },\n \n indexes: [\n { fields: ['value'], unique: true },\n { fields: ['identifier'], unique: false },\n { fields: ['expires_at'], unique: false },\n ],\n \n enable: {\n trackHistory: false,\n searchable: false,\n apiEnabled: true,\n apiMethods: ['get', 'create', 'delete'],\n trash: false,\n mru: false,\n },\n});\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { ObjectSchema, Field } from '@objectstack/spec/data';\n\n/**\n * sys_organization — System Organization Object\n *\n * Multi-organization support for the ObjectStack platform.\n * Backed by better-auth's organization plugin.\n *\n * @namespace sys\n */\nexport const SysOrganization = ObjectSchema.create({\n name: 'sys_organization',\n label: 'Organization',\n pluralLabel: 'Organizations',\n icon: 'building-2',\n isSystem: true,\n managedBy: 'better-auth',\n // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,\n // but may add overlay row-level config. Use `no-overlay` if you need to\n // forbid sys_metadata overlays entirely.\n protection: {\n lock: 'full',\n reason: 'Identity table managed by better-auth — see ADR-0010.',\n docsUrl: 'https://docs.objectstack.ai/adr/0010-metadata-protection',\n },\n description: 'Organizations for multi-tenant grouping',\n displayNameField: 'name',\n titleFormat: '{name}',\n compactLayout: ['name', 'slug'],\n\n // Custom actions — generic CRUD is suppressed (better-auth-managed),\n // but admins still need to create new orgs from the Setup app.\n actions: [\n {\n name: 'create_organization',\n label: 'Create Organization',\n icon: 'plus',\n variant: 'primary',\n locations: ['list_toolbar'],\n type: 'api',\n target: '/api/v1/auth/organization/create',\n successMessage: 'Organization created',\n refreshAfter: true,\n // Hidden when the deployment is provisioned in single-org mode\n // (`OS_MULTI_ORG_ENABLED=false`). `features.multiOrgEnabled` is\n // populated by the console/account shells from `/auth/config`;\n // we default to visible when the flag is undefined so we don't\n // accidentally hide the button while auth config is still loading.\n visible: 'features.multiOrgEnabled != false',\n params: [\n { field: 'name', required: true },\n { field: 'slug', required: true },\n { field: 'logo' },\n ],\n },\n {\n name: 'update_organization',\n label: 'Edit Organization',\n icon: 'pencil',\n mode: 'edit',\n locations: ['list_item'],\n type: 'api',\n target: '/api/v1/auth/organization/update',\n recordIdParam: 'organizationId',\n // better-auth `organization/update` nests editable fields under `data`.\n bodyShape: { wrap: 'data' },\n successMessage: 'Organization updated',\n refreshAfter: true,\n params: [\n { field: 'name', required: true, defaultFromRow: true },\n { field: 'slug', required: true, defaultFromRow: true },\n { field: 'logo', defaultFromRow: true },\n ],\n },\n {\n name: 'delete_organization',\n label: 'Delete Organization',\n icon: 'trash-2',\n variant: 'danger',\n mode: 'delete',\n locations: ['list_item'],\n type: 'api',\n target: '/api/v1/auth/organization/delete',\n recordIdParam: 'organizationId',\n confirmText: 'Delete this organization? All members will lose access immediately. This cannot be undone.',\n successMessage: 'Organization deleted',\n refreshAfter: true,\n },\n {\n // Switch the caller's active organization context. Standard\n // better-auth endpoint; no extra params needed (org id ships as\n // the row id). Used from the Setup list and the record header so\n // admins can context-switch without leaving the page.\n name: 'set_active_organization',\n label: 'Set Active',\n icon: 'check-circle-2',\n variant: 'secondary',\n mode: 'custom',\n locations: ['list_item', 'record_header'],\n type: 'api',\n target: '/api/v1/auth/organization/set-active',\n recordIdParam: 'organizationId',\n successMessage: 'Active organization switched',\n refreshAfter: true,\n },\n {\n // Current user leaves the org. Distinct from `delete_organization`\n // (admin-only, destroys the org) — `leave` only removes the caller's\n // own membership. Better-auth: `organization/leave { organizationId }`.\n name: 'leave_organization',\n label: 'Leave Organization',\n icon: 'log-out',\n variant: 'danger',\n mode: 'custom',\n locations: ['list_item', 'record_header'],\n type: 'api',\n target: '/api/v1/auth/organization/leave',\n recordIdParam: 'organizationId',\n confirmText: 'Leave this organization? You will lose access to all of its resources.',\n successMessage: 'You have left the organization',\n refreshAfter: true,\n },\n {\n // Rename the organization slug (URL prefix). Backed by the cloud\n // orchestrator at /api/v1/cloud/organizations/{id}/change-slug,\n // which atomically updates sys_organization.slug, rewrites\n // platform_subdomain sys_domain rows under the new slug, soft-\n // retires the old rows with a redirect window, parks the old\n // slug in sys_slug_reservation, and refreshes the registry\n // mirror. See cloud `docs/design/sys-domain.md` §6.\n name: 'change_slug',\n label: 'Change Slug',\n icon: 'edit-3',\n variant: 'secondary',\n mode: 'custom',\n locations: ['record_header'],\n type: 'api',\n target: '/api/v1/cloud/organizations/{id}/change-slug',\n method: 'POST',\n confirmText: 'Renaming the slug rewrites every platform subdomain for this org and parks the old slug for 90 days. Continue?',\n successMessage: 'Organization slug changed',\n refreshAfter: true,\n params: [\n { field: 'slug', required: true, defaultFromRow: true },\n ],\n },\n ],\n\n listViews: {\n all_orgs: {\n type: 'grid',\n name: 'all_orgs',\n label: 'All',\n data: { provider: 'object', object: 'sys_organization' },\n columns: ['name', 'slug', 'created_at', 'updated_at'],\n sort: [{ field: 'name', order: 'asc' }],\n pagination: { pageSize: 50 },\n },\n },\n\n fields: {\n // ── Identity ─────────────────────────────────────────────────\n name: Field.text({\n label: 'Name',\n required: true,\n searchable: true,\n maxLength: 255,\n group: 'Identity',\n }),\n\n slug: Field.text({\n label: 'Slug',\n required: false,\n searchable: true,\n maxLength: 255,\n description: 'URL-friendly identifier',\n group: 'Identity',\n }),\n\n // ── Branding ─────────────────────────────────────────────────\n logo: Field.url({\n label: 'Logo',\n required: false,\n group: 'Branding',\n }),\n\n // ── Configuration ────────────────────────────────────────────\n metadata: Field.textarea({\n label: 'Metadata',\n required: false,\n description: 'JSON-serialized organization metadata',\n group: 'Configuration',\n }),\n\n // ── System ───────────────────────────────────────────────────\n id: Field.text({\n label: 'Organization ID',\n required: true,\n readonly: true,\n group: 'System',\n }),\n\n created_at: Field.datetime({\n label: 'Created At',\n defaultValue: 'NOW()',\n readonly: true,\n group: 'System',\n }),\n\n updated_at: Field.datetime({\n label: 'Updated At',\n defaultValue: 'NOW()',\n readonly: true,\n group: 'System',\n }),\n },\n\n indexes: [\n { fields: ['slug'], unique: true },\n { fields: ['name'] },\n ],\n\n enable: {\n trackHistory: true,\n searchable: true,\n apiEnabled: true,\n apiMethods: ['get', 'list', 'create', 'update', 'delete'],\n trash: true,\n mru: true,\n },\n});\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { ObjectSchema, Field } from '@objectstack/spec/data';\n\n/**\n * sys_member — System Member Object\n *\n * Organization membership linking users to organizations with roles.\n * Backed by better-auth's organization plugin.\n *\n * @namespace sys\n */\nexport const SysMember = ObjectSchema.create({\n name: 'sys_member',\n label: 'Member',\n pluralLabel: 'Members',\n icon: 'user-check',\n isSystem: true,\n managedBy: 'better-auth',\n // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,\n // but may add overlay row-level config. Use `no-overlay` if you need to\n // forbid sys_metadata overlays entirely.\n protection: {\n lock: 'full',\n reason: 'Identity table managed by better-auth — see ADR-0010.',\n docsUrl: 'https://docs.objectstack.ai/adr/0010-metadata-protection',\n },\n description: 'Organization membership records',\n titleFormat: '{user_id} in {organization_id}',\n compactLayout: ['user_id', 'organization_id', 'role'],\n\n // Row-level actions: better-auth `organization/update-member-role` and\n // `organization/remove-member`. Generic CRUD is suppressed on better-auth\n // managed tables, so these are the canonical edit/delete entry points.\n // The `add_member` toolbar action covers the admin \"attach an existing\n // user directly without sending an invitation\" flow.\n actions: [\n {\n // Admin-only: directly attach an existing user to the active org,\n // bypassing the invite-accept flow. Better-auth:\n // `organization/add-member { userId, role, organizationId?, teamId? }`.\n // organizationId/teamId default to the caller's active org/team when\n // omitted, so we leave them as optional params.\n name: 'add_member',\n label: 'Add Member',\n icon: 'user-plus',\n variant: 'primary',\n locations: ['list_toolbar'],\n type: 'api',\n target: '/api/v1/auth/organization/add-member',\n successMessage: 'Member added',\n refreshAfter: true,\n params: [\n { name: 'userId', field: 'user_id', required: true },\n { field: 'role', required: true },\n { name: 'organizationId', field: 'organization_id' },\n ],\n },\n {\n name: 'update_member_role',\n label: 'Change Role',\n icon: 'shield',\n mode: 'edit',\n locations: ['list_item'],\n type: 'api',\n target: '/api/v1/auth/organization/update-member-role',\n recordIdParam: 'memberId',\n successMessage: 'Member role updated',\n refreshAfter: true,\n params: [\n { field: 'role', required: true, defaultFromRow: true },\n ],\n },\n {\n name: 'remove_member',\n label: 'Remove Member',\n icon: 'user-minus',\n variant: 'danger',\n mode: 'delete',\n locations: ['list_item'],\n type: 'api',\n target: '/api/v1/auth/organization/remove-member',\n recordIdParam: 'memberIdOrEmail',\n confirmText: 'Remove this member from the organization? They will lose access to all org resources.',\n successMessage: 'Member removed',\n refreshAfter: true,\n },\n // Transfer ownership is modeled as `update-member-role` with role=owner\n // (better-auth's organization plugin auto-demotes the previous owner\n // to admin). Kept as a separate action so the row menu can present a\n // distinct destructive-style affordance with the right confirm copy —\n // mixing it into `update_member_role` would hide the ownership-handoff\n // semantics behind a generic role dropdown.\n {\n name: 'transfer_ownership',\n label: 'Transfer Ownership',\n icon: 'crown',\n variant: 'danger',\n mode: 'custom',\n locations: ['list_item'],\n type: 'api',\n target: '/api/v1/auth/organization/update-member-role',\n recordIdParam: 'memberId',\n bodyExtra: { role: 'owner' },\n visible: \"record.role != 'owner'\",\n confirmText: 'Transfer ownership of this organization to the selected member? You will be demoted to admin and lose owner-only privileges.',\n successMessage: 'Ownership transferred',\n refreshAfter: true,\n },\n ],\n\n listViews: {\n mine: {\n type: 'grid',\n name: 'mine',\n label: 'My Memberships',\n data: { provider: 'object', object: 'sys_member' },\n columns: ['organization_id', 'role', 'created_at'],\n filter: [{ field: 'user_id', operator: 'equals', value: '{current_user_id}' }],\n sort: [{ field: 'created_at', order: 'desc' }],\n pagination: { pageSize: 50 },\n emptyState: {\n title: 'No organizations yet',\n message: 'You haven\\'t joined any organizations.',\n },\n },\n },\n\n fields: {\n id: Field.text({\n label: 'Member ID',\n required: true,\n readonly: true,\n }),\n \n created_at: Field.datetime({\n label: 'Created At',\n defaultValue: 'NOW()',\n readonly: true,\n }),\n \n organization_id: Field.lookup('sys_organization', {\n label: 'Organization',\n required: true,\n }),\n \n user_id: Field.lookup('sys_user', {\n label: 'User',\n required: true,\n }),\n \n role: Field.select({\n label: 'Role',\n required: false,\n description: 'Member role within the organization',\n options: [\n { label: 'Owner', value: 'owner' },\n { label: 'Admin', value: 'admin' },\n { label: 'Member', value: 'member' },\n ],\n defaultValue: 'member',\n }),\n },\n \n indexes: [\n { fields: ['organization_id', 'user_id'], unique: true },\n { fields: ['user_id'] },\n ],\n \n enable: {\n trackHistory: true,\n searchable: false,\n apiEnabled: true,\n apiMethods: ['get', 'list', 'create', 'update', 'delete'],\n trash: false,\n mru: false,\n },\n});\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { ObjectSchema, Field } from '@objectstack/spec/data';\n\n/**\n * sys_invitation — System Invitation Object\n *\n * Organization invitation tokens for inviting users.\n * Backed by better-auth's organization plugin.\n *\n * @namespace sys\n */\nexport const SysInvitation = ObjectSchema.create({\n name: 'sys_invitation',\n label: 'Invitation',\n pluralLabel: 'Invitations',\n icon: 'mail',\n isSystem: true,\n managedBy: 'better-auth',\n // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,\n // but may add overlay row-level config. Use `no-overlay` if you need to\n // forbid sys_metadata overlays entirely.\n protection: {\n lock: 'full',\n reason: 'Identity table managed by better-auth — see ADR-0010.',\n docsUrl: 'https://docs.objectstack.ai/adr/0010-metadata-protection',\n },\n description: 'Organization invitations for user onboarding',\n titleFormat: 'Invitation to {organization_id}',\n compactLayout: ['email', 'organization_id', 'status'],\n\n // Custom actions — generic CRUD is suppressed (better-auth-managed).\n // Mirror the `invite_user` toolbar action from sys_user here so admins\n // landing on the Invitations page get an obvious entry point.\n actions: [\n {\n name: 'invite_user',\n label: 'Invite User',\n icon: 'user-plus',\n variant: 'primary',\n locations: ['list_toolbar'],\n type: 'api',\n target: '/api/v1/auth/organization/invite-member',\n successMessage: 'Invitation sent',\n refreshAfter: true,\n params: [\n { field: 'email', required: true },\n { field: 'role', required: true },\n ],\n },\n {\n name: 'cancel_invitation',\n label: 'Cancel Invitation',\n icon: 'x-circle',\n variant: 'danger',\n mode: 'delete',\n locations: ['list_item'],\n type: 'api',\n target: '/api/v1/auth/organization/cancel-invitation',\n recordIdParam: 'invitationId',\n confirmText: 'Cancel this invitation? The recipient will no longer be able to accept it.',\n successMessage: 'Invitation canceled',\n refreshAfter: true,\n },\n {\n name: 'resend_invitation',\n label: 'Resend Invitation',\n icon: 'send',\n variant: 'secondary',\n locations: ['list_item'],\n type: 'api',\n target: '/api/v1/auth/organization/invite-member',\n bodyExtra: { resend: true },\n successMessage: 'Invitation resent',\n refreshAfter: true,\n params: [\n { field: 'email', required: true, defaultFromRow: true },\n { field: 'role', required: true, defaultFromRow: true },\n ],\n },\n\n // ── Recipient-side actions (the invited user) ────────────────────\n //\n // These two are the counterpart to invite/cancel/resend: they are\n // visible only on invitations addressed to the current user. Used\n // by an \"Inbox / Pending invitations\" list opened from the user's\n // own account page. The recipient-only `visible` predicate keeps\n // them out of the admin org-management view.\n {\n name: 'accept_invitation',\n label: 'Accept Invitation',\n icon: 'check',\n variant: 'primary',\n locations: ['list_item', 'record_header'],\n type: 'api',\n target: '/api/v1/auth/organization/accept-invitation',\n recordIdParam: 'invitationId',\n visible: \"record.email == ctx.user.email && record.status == 'pending'\",\n successMessage: 'Invitation accepted',\n refreshAfter: true,\n },\n {\n name: 'reject_invitation',\n label: 'Decline Invitation',\n icon: 'x',\n variant: 'ghost',\n locations: ['list_item', 'record_header'],\n type: 'api',\n target: '/api/v1/auth/organization/reject-invitation',\n recordIdParam: 'invitationId',\n visible: \"record.email == ctx.user.email && record.status == 'pending'\",\n confirmText: 'Decline this invitation? The inviter will be notified and you will need a new invitation to join.',\n successMessage: 'Invitation declined',\n refreshAfter: true,\n },\n ],\n\n listViews: {\n pending: {\n type: 'grid',\n name: 'pending',\n label: 'Pending',\n data: { provider: 'object', object: 'sys_invitation' },\n columns: ['email', 'role', 'organization_id', 'inviter_id', 'expires_at'],\n filter: [{ field: 'status', operator: 'equals', value: 'pending' }],\n sort: [{ field: 'expires_at', order: 'asc' }],\n pagination: { pageSize: 50 },\n },\n accepted: {\n type: 'grid',\n name: 'accepted',\n label: 'Accepted',\n data: { provider: 'object', object: 'sys_invitation' },\n columns: ['email', 'role', 'organization_id', 'inviter_id', 'created_at'],\n filter: [{ field: 'status', operator: 'equals', value: 'accepted' }],\n sort: [{ field: 'created_at', order: 'desc' }],\n pagination: { pageSize: 50 },\n },\n expired: {\n type: 'grid',\n name: 'expired',\n label: 'Expired / Canceled',\n data: { provider: 'object', object: 'sys_invitation' },\n columns: ['email', 'status', 'organization_id', 'expires_at'],\n filter: [{ field: 'status', operator: 'in', value: ['expired', 'rejected', 'canceled'] }],\n sort: [{ field: 'expires_at', order: 'desc' }],\n pagination: { pageSize: 50 },\n },\n all_invitations: {\n type: 'grid',\n name: 'all_invitations',\n label: 'All',\n data: { provider: 'object', object: 'sys_invitation' },\n columns: ['email', 'status', 'role', 'organization_id', 'inviter_id', 'created_at'],\n sort: [{ field: 'created_at', order: 'desc' }],\n pagination: { pageSize: 50 },\n },\n },\n \n fields: {\n id: Field.text({\n label: 'Invitation ID',\n required: true,\n readonly: true,\n }),\n \n created_at: Field.datetime({\n label: 'Created At',\n defaultValue: 'NOW()',\n readonly: true,\n }),\n \n organization_id: Field.lookup('sys_organization', {\n label: 'Organization',\n required: true,\n }),\n \n email: Field.email({\n label: 'Email',\n required: true,\n description: 'Email address of the invited user',\n }),\n \n role: Field.select({\n label: 'Role',\n required: false,\n description: 'Role to assign upon acceptance',\n options: [\n { label: 'Owner', value: 'owner' },\n { label: 'Admin', value: 'admin' },\n { label: 'Member', value: 'member' },\n ],\n defaultValue: 'member',\n }),\n \n status: Field.select(['pending', 'accepted', 'rejected', 'expired', 'canceled'], {\n label: 'Status',\n required: true,\n defaultValue: 'pending',\n }),\n \n inviter_id: Field.lookup('sys_user', {\n label: 'Inviter',\n required: true,\n description: 'User who sent the invitation',\n }),\n \n expires_at: Field.datetime({\n label: 'Expires At',\n required: true,\n }),\n \n team_id: Field.lookup('sys_team', {\n label: 'Team',\n required: false,\n description: 'Optional team to assign upon acceptance',\n }),\n },\n \n indexes: [\n { fields: ['organization_id'] },\n { fields: ['email'] },\n { fields: ['expires_at'] },\n ],\n \n enable: {\n trackHistory: true,\n searchable: false,\n apiEnabled: true,\n apiMethods: ['get', 'list', 'create', 'update', 'delete'],\n trash: false,\n mru: false,\n },\n});\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { ObjectSchema, Field } from '@objectstack/spec/data';\n\n/**\n * sys_team — System Team Object\n *\n * Teams within an organization for fine-grained grouping.\n * Backed by better-auth's organization plugin (teams feature).\n *\n * @namespace sys\n */\nexport const SysTeam = ObjectSchema.create({\n name: 'sys_team',\n label: 'Team',\n pluralLabel: 'Teams',\n icon: 'users',\n isSystem: true,\n managedBy: 'better-auth',\n // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,\n // but may add overlay row-level config. Use `no-overlay` if you need to\n // forbid sys_metadata overlays entirely.\n protection: {\n lock: 'full',\n reason: 'Identity table managed by better-auth — see ADR-0010.',\n docsUrl: 'https://docs.objectstack.ai/adr/0010-metadata-protection',\n },\n description: 'Teams within organizations for fine-grained grouping',\n displayNameField: 'name',\n titleFormat: '{name}',\n compactLayout: ['name', 'organization_id'],\n\n // Custom actions calling better-auth's team endpoints. Generic CRUD is\n // suppressed (managedBy: 'better-auth'), so these are the canonical\n // entry points for create/update/delete.\n actions: [\n {\n // Better-auth: `organization/create-team { name, organizationId? }`.\n // organizationId defaults to the caller's active org when omitted.\n name: 'create_team',\n label: 'Create Team',\n icon: 'plus',\n variant: 'primary',\n locations: ['list_toolbar'],\n type: 'api',\n target: '/api/v1/auth/organization/create-team',\n successMessage: 'Team created',\n refreshAfter: true,\n params: [\n { field: 'name', required: true },\n { name: 'organizationId', field: 'organization_id' },\n ],\n },\n {\n // Better-auth: `organization/update-team { teamId, data: { name } }`.\n // teamId stays flat (top-level); the user-editable params nest under\n // `data` via bodyShape.\n name: 'update_team',\n label: 'Edit Team',\n icon: 'pencil',\n mode: 'edit',\n locations: ['list_item'],\n type: 'api',\n target: '/api/v1/auth/organization/update-team',\n recordIdParam: 'teamId',\n bodyShape: { wrap: 'data' },\n successMessage: 'Team updated',\n refreshAfter: true,\n params: [\n { field: 'name', required: true, defaultFromRow: true },\n ],\n },\n {\n // Better-auth: `organization/remove-team { teamId, organizationId? }`.\n // organizationId defaults to the caller's active org when omitted.\n name: 'remove_team',\n label: 'Delete Team',\n icon: 'trash-2',\n variant: 'danger',\n mode: 'delete',\n locations: ['list_item'],\n type: 'api',\n target: '/api/v1/auth/organization/remove-team',\n recordIdParam: 'teamId',\n confirmText: 'Delete this team? Members will lose any team-scoped access. This cannot be undone.',\n successMessage: 'Team deleted',\n refreshAfter: true,\n },\n ],\n\n listViews: {\n by_org: {\n type: 'grid',\n name: 'by_org',\n label: 'By Organization',\n data: { provider: 'object', object: 'sys_team' },\n columns: ['organization_id', 'name', 'created_at', 'updated_at'],\n sort: [{ field: 'organization_id', order: 'asc' }, { field: 'name', order: 'asc' }],\n grouping: { fields: [{ field: 'organization_id', order: 'asc', collapsed: false }] },\n pagination: { pageSize: 100 },\n },\n all_teams: {\n type: 'grid',\n name: 'all_teams',\n label: 'All',\n data: { provider: 'object', object: 'sys_team' },\n columns: ['name', 'organization_id', 'created_at', 'updated_at'],\n sort: [{ field: 'name', order: 'asc' }],\n pagination: { pageSize: 50 },\n },\n },\n\n fields: {\n // ── Identity ─────────────────────────────────────────────────\n name: Field.text({\n label: 'Name',\n required: true,\n searchable: true,\n maxLength: 255,\n group: 'Identity',\n }),\n\n organization_id: Field.lookup('sys_organization', {\n label: 'Organization',\n required: true,\n description: 'Parent organization for this team',\n group: 'Identity',\n }),\n\n // ── System ───────────────────────────────────────────────────\n id: Field.text({\n label: 'Team ID',\n required: true,\n readonly: true,\n group: 'System',\n }),\n\n created_at: Field.datetime({\n label: 'Created At',\n defaultValue: 'NOW()',\n readonly: true,\n group: 'System',\n }),\n\n updated_at: Field.datetime({\n label: 'Updated At',\n defaultValue: 'NOW()',\n readonly: true,\n group: 'System',\n }),\n },\n\n indexes: [\n { fields: ['organization_id'] },\n { fields: ['name', 'organization_id'], unique: true },\n ],\n\n enable: {\n trackHistory: true,\n searchable: true,\n apiEnabled: true,\n apiMethods: ['get', 'list', 'create', 'update', 'delete'],\n trash: true,\n mru: false,\n },\n});\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { ObjectSchema, Field } from '@objectstack/spec/data';\n\n/**\n * sys_team_member — System Team Member Object\n *\n * Links users to teams within organizations.\n * Backed by better-auth's organization plugin (teams feature).\n *\n * @namespace sys\n */\nexport const SysTeamMember = ObjectSchema.create({\n name: 'sys_team_member',\n label: 'Team Member',\n pluralLabel: 'Team Members',\n icon: 'user-plus',\n isSystem: true,\n managedBy: 'better-auth',\n // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,\n // but may add overlay row-level config. Use `no-overlay` if you need to\n // forbid sys_metadata overlays entirely.\n protection: {\n lock: 'full',\n reason: 'Identity table managed by better-auth — see ADR-0010.',\n docsUrl: 'https://docs.objectstack.ai/adr/0010-metadata-protection',\n },\n description: 'Team membership records linking users to teams',\n titleFormat: '{user_id} in {team_id}',\n compactLayout: ['user_id', 'team_id', 'created_at'],\n\n // Custom actions calling better-auth's team-member endpoints. Generic\n // CRUD is suppressed (managedBy: 'better-auth') so these are the\n // canonical add/remove entry points.\n actions: [\n {\n // Better-auth: `organization/add-team-member { teamId, userId }`.\n name: 'add_team_member',\n label: 'Add Member',\n icon: 'user-plus',\n variant: 'primary',\n locations: ['list_toolbar'],\n type: 'api',\n target: '/api/v1/auth/organization/add-team-member',\n successMessage: 'Team member added',\n refreshAfter: true,\n params: [\n { name: 'teamId', field: 'team_id', required: true },\n { name: 'userId', field: 'user_id', required: true },\n ],\n },\n {\n // Better-auth: `organization/remove-team-member { teamId, userId }`.\n // The endpoint identifies the membership by the (teamId, userId)\n // pair rather than the join-row id, so we pull both from the row\n // via `defaultFromRow` instead of using `recordIdParam`.\n name: 'remove_team_member',\n label: 'Remove from Team',\n icon: 'user-minus',\n variant: 'danger',\n mode: 'delete',\n locations: ['list_item'],\n type: 'api',\n target: '/api/v1/auth/organization/remove-team-member',\n confirmText: 'Remove this user from the team? They will lose any team-scoped access.',\n successMessage: 'Team member removed',\n refreshAfter: true,\n params: [\n { name: 'teamId', field: 'team_id', required: true, defaultFromRow: true },\n { name: 'userId', field: 'user_id', required: true, defaultFromRow: true },\n ],\n },\n ],\n\n fields: {\n id: Field.text({\n label: 'Team Member ID',\n required: true,\n readonly: true,\n }),\n \n created_at: Field.datetime({\n label: 'Created At',\n defaultValue: 'NOW()',\n readonly: true,\n }),\n \n team_id: Field.lookup('sys_team', {\n label: 'Team',\n required: true,\n }),\n \n user_id: Field.lookup('sys_user', {\n label: 'User',\n required: true,\n }),\n },\n \n indexes: [\n { fields: ['team_id', 'user_id'], unique: true },\n { fields: ['user_id'] },\n ],\n \n enable: {\n trackHistory: true,\n searchable: false,\n apiEnabled: true,\n apiMethods: ['get', 'list', 'create', 'delete'],\n trash: false,\n mru: false,\n },\n});\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { ObjectSchema, Field } from '@objectstack/spec/data';\n\n/**\n * sys_department — Enterprise Org-Skeleton Node\n *\n * The persistent, hierarchical org chart node. **This is distinct from\n * `sys_team`** (which is the flat better-auth collaboration grouping).\n *\n * A single tenant typically has one `kind='company'` root, then nested\n * `division` / `department` / `team` / `office` nodes underneath. The\n * `kind` enum is purely a display/categorisation hint — the recursive\n * structure works identically regardless of value.\n *\n * Drives:\n * - `recipient_type='department'` sharing rules\n * - `dept:` approver prefix in the approval engine\n * - Report rollups and manager chains in CRM/PM apps\n *\n * @namespace sys\n */\nexport const SysDepartment = ObjectSchema.create({\n name: 'sys_department',\n label: 'Department',\n pluralLabel: 'Departments',\n icon: 'building',\n isSystem: true,\n managedBy: 'platform',\n description: 'Hierarchical org-skeleton node (department / division / business unit / office).',\n displayNameField: 'name',\n titleFormat: '{name}',\n compactLayout: ['name', 'kind', 'parent_department_id', 'manager_user_id'],\n\n listViews: {\n active: {\n type: 'grid',\n name: 'active',\n label: 'Active',\n data: { provider: 'object', object: 'sys_department' },\n columns: ['name', 'code', 'kind', 'parent_department_id', 'manager_user_id', 'effective_from'],\n filter: [{ field: 'active', operator: 'equals', value: true }],\n sort: [{ field: 'name', order: 'asc' }],\n pagination: { pageSize: 100 },\n },\n inactive: {\n type: 'grid',\n name: 'inactive',\n label: 'Inactive',\n data: { provider: 'object', object: 'sys_department' },\n columns: ['name', 'code', 'kind', 'effective_to'],\n filter: [{ field: 'active', operator: 'equals', value: false }],\n sort: [{ field: 'effective_to', order: 'desc' }],\n pagination: { pageSize: 50 },\n },\n by_kind: {\n type: 'grid',\n name: 'by_kind',\n label: 'By Kind',\n data: { provider: 'object', object: 'sys_department' },\n columns: ['kind', 'name', 'code', 'parent_department_id', 'manager_user_id', 'active'],\n sort: [{ field: 'kind', order: 'asc' }, { field: 'name', order: 'asc' }],\n grouping: { fields: [{ field: 'kind', order: 'asc', collapsed: false }] },\n pagination: { pageSize: 100 },\n },\n all_departments: {\n type: 'grid',\n name: 'all_departments',\n label: 'All',\n data: { provider: 'object', object: 'sys_department' },\n columns: ['name', 'code', 'kind', 'parent_department_id', 'manager_user_id', 'active'],\n sort: [{ field: 'name', order: 'asc' }],\n pagination: { pageSize: 100 },\n },\n },\n\n fields: {\n // ── Identity ─────────────────────────────────────────────────\n name: Field.text({\n label: 'Name',\n required: true,\n searchable: true,\n maxLength: 255,\n group: 'Identity',\n }),\n\n code: Field.text({\n label: 'Code',\n required: false,\n searchable: true,\n maxLength: 64,\n description: 'Short stable code (e.g. EMEA-SALES). Unique within tenant.',\n group: 'Identity',\n }),\n\n kind: Field.select(\n ['company', 'division', 'department', 'team', 'office', 'cost_center'],\n {\n label: 'Kind',\n required: true,\n defaultValue: 'department',\n description: 'Categorisation hint — does not change graph semantics.',\n group: 'Identity',\n },\n ),\n\n // ── Hierarchy ────────────────────────────────────────────────\n parent_department_id: Field.lookup('sys_department', {\n label: 'Parent Department',\n required: false,\n description: 'Self-reference for the org tree. Null = root of tenant.',\n group: 'Hierarchy',\n }),\n\n organization_id: Field.lookup('sys_organization', {\n label: 'Organization',\n required: true,\n description: 'Tenant scope.',\n group: 'Hierarchy',\n }),\n\n // ── Leadership ───────────────────────────────────────────────\n manager_user_id: Field.lookup('sys_user', {\n label: 'Department Head',\n required: false,\n description: 'User responsible for this org unit (department head / lead).',\n group: 'Leadership',\n }),\n\n // ── Lifecycle ────────────────────────────────────────────────\n active: Field.boolean({\n label: 'Active',\n required: false,\n defaultValue: true,\n description: 'When false, members are not expanded by graph queries.',\n group: 'Lifecycle',\n }),\n\n effective_from: Field.datetime({\n label: 'Effective From',\n required: false,\n description: 'When this department came into existence (HRIS sync).',\n group: 'Lifecycle',\n }),\n\n effective_to: Field.datetime({\n label: 'Effective To',\n required: false,\n description: 'When this department was retired (HRIS sync).',\n group: 'Lifecycle',\n }),\n\n external_ref: Field.text({\n label: 'External Reference',\n required: false,\n maxLength: 200,\n description: 'ID in upstream HRIS (Workday / SAP HR / 北森).',\n group: 'Lifecycle',\n }),\n\n // ── System ───────────────────────────────────────────────────\n id: Field.text({\n label: 'Department ID',\n required: true,\n readonly: true,\n group: 'System',\n }),\n\n created_at: Field.datetime({\n label: 'Created At',\n defaultValue: 'NOW()',\n readonly: true,\n group: 'System',\n }),\n\n updated_at: Field.datetime({\n label: 'Updated At',\n defaultValue: 'NOW()',\n readonly: true,\n group: 'System',\n }),\n },\n\n indexes: [\n { fields: ['organization_id'] },\n { fields: ['parent_department_id'] },\n { fields: ['code', 'organization_id'], unique: true },\n { fields: ['active'] },\n ],\n\n enable: {\n trackHistory: true,\n searchable: true,\n apiEnabled: true,\n apiMethods: ['get', 'list', 'create', 'update', 'delete'],\n trash: true,\n mru: false,\n },\n});\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { ObjectSchema, Field } from '@objectstack/spec/data';\n\n/**\n * sys_department_member — User ↔ Department Assignment\n *\n * Many-to-many between `sys_user` and `sys_department`. A user can belong\n * to multiple departments (matrix orgs) but exactly one is marked\n * `is_primary` to drive the default reporting view.\n *\n * Effective-dated so that historical reports & audits can reconstruct\n * who reported to which unit at any point in time.\n *\n * @namespace sys\n */\nexport const SysDepartmentMember = ObjectSchema.create({\n name: 'sys_department_member',\n label: 'Department Member',\n pluralLabel: 'Department Members',\n icon: 'user-cog',\n isSystem: true,\n managedBy: 'platform',\n description: 'User assignment to a department (matrix-org friendly, effective-dated).',\n titleFormat: '{user_id} in {department_id}',\n compactLayout: ['user_id', 'department_id', 'role_in_department', 'is_primary'],\n\n fields: {\n id: Field.text({\n label: 'Member ID',\n required: true,\n readonly: true,\n group: 'System',\n }),\n\n department_id: Field.lookup('sys_department', {\n label: 'Department',\n required: true,\n group: 'Assignment',\n }),\n\n user_id: Field.lookup('sys_user', {\n label: 'User',\n required: true,\n group: 'Assignment',\n }),\n\n role_in_department: Field.select(\n ['member', 'lead', 'deputy'],\n {\n label: 'Role in Department',\n required: false,\n defaultValue: 'member',\n description: '`lead` is the day-to-day head; `deputy` may stand in for the lead in approval routing.',\n group: 'Assignment',\n },\n ),\n\n is_primary: Field.boolean({\n label: 'Primary Assignment',\n required: false,\n defaultValue: true,\n description: 'When the user is in multiple departments, this marks the canonical one for reporting.',\n group: 'Assignment',\n }),\n\n effective_from: Field.datetime({\n label: 'Effective From',\n required: false,\n group: 'Lifecycle',\n }),\n\n effective_to: Field.datetime({\n label: 'Effective To',\n required: false,\n group: 'Lifecycle',\n }),\n\n created_at: Field.datetime({\n label: 'Created At',\n defaultValue: 'NOW()',\n readonly: true,\n group: 'System',\n }),\n\n updated_at: Field.datetime({\n label: 'Updated At',\n defaultValue: 'NOW()',\n readonly: true,\n group: 'System',\n }),\n },\n\n indexes: [\n { fields: ['department_id', 'user_id'], unique: true },\n { fields: ['user_id'] },\n { fields: ['is_primary'] },\n ],\n\n enable: {\n trackHistory: true,\n searchable: true,\n apiEnabled: true,\n apiMethods: ['get', 'list', 'create', 'update', 'delete'],\n trash: true,\n mru: false,\n },\n});\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { ObjectSchema, Field } from '@objectstack/spec/data';\n\n/**\n * sys_api_key — System API Key Object\n *\n * API keys for programmatic/machine access to the platform.\n *\n * Field `key` stores a hashed value and is marked hidden so it never\n * leaks into default list/form rendering; the raw token is only\n * returned once on creation via the auth plugin API.\n *\n * @namespace sys\n */\nexport const SysApiKey = ObjectSchema.create({\n name: 'sys_api_key',\n label: 'API Key',\n pluralLabel: 'API Keys',\n icon: 'key-round',\n isSystem: true,\n managedBy: 'better-auth',\n // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,\n // but may add overlay row-level config. Use `no-overlay` if you need to\n // forbid sys_metadata overlays entirely.\n protection: {\n lock: 'full',\n reason: 'Identity table managed by better-auth — see ADR-0010.',\n docsUrl: 'https://docs.objectstack.ai/adr/0010-metadata-protection',\n },\n description: 'API keys for programmatic access',\n displayNameField: 'name',\n titleFormat: '{name}',\n compactLayout: ['name', 'prefix', 'user_id', 'expires_at', 'revoked'],\n\n // Custom actions — sys_api_key is managed-by 'better-auth' but the\n // `revoked` boolean is a column we control via the data API. These row\n // actions use the generic PATCH /api/v1/sys_api_key/{id} endpoint with\n // `bodyExtra` to set the `revoked` flag explicitly.\n actions: [\n {\n name: 'revoke_api_key',\n label: 'Revoke API Key',\n icon: 'shield-off',\n variant: 'danger',\n mode: 'custom',\n locations: ['list_item'],\n type: 'api',\n method: 'PATCH',\n target: '/api/v1/data/sys_api_key/{id}',\n bodyExtra: { revoked: true },\n confirmText: 'Revoke this API key? Any clients using it will immediately lose access.',\n successMessage: 'API key revoked',\n refreshAfter: true,\n },\n {\n name: 'restore_api_key',\n label: 'Restore API Key',\n icon: 'shield-check',\n variant: 'secondary',\n mode: 'custom',\n locations: ['list_item'],\n type: 'api',\n method: 'PATCH',\n target: '/api/v1/data/sys_api_key/{id}',\n bodyExtra: { revoked: false },\n confirmText: 'Restore this revoked API key? Existing clients holding the key will regain access.',\n successMessage: 'API key restored',\n refreshAfter: true,\n },\n ],\n\n listViews: {\n mine: {\n type: 'grid',\n name: 'mine',\n label: 'My Keys',\n data: { provider: 'object', object: 'sys_api_key' },\n columns: ['name', 'prefix', 'expires_at', 'last_used_at', 'revoked'],\n filter: [\n { field: 'user_id', operator: 'equals', value: '{current_user_id}' },\n ],\n sort: [{ field: 'created_at', order: 'desc' }],\n pagination: { pageSize: 50 },\n },\n active: {\n type: 'grid',\n name: 'active',\n label: 'Active',\n data: { provider: 'object', object: 'sys_api_key' },\n columns: ['name', 'prefix', 'user_id', 'expires_at', 'last_used_at'],\n filter: [{ field: 'revoked', operator: 'equals', value: false }],\n sort: [{ field: 'last_used_at', order: 'desc' }],\n pagination: { pageSize: 50 },\n },\n revoked: {\n type: 'grid',\n name: 'revoked',\n label: 'Revoked',\n data: { provider: 'object', object: 'sys_api_key' },\n columns: ['name', 'prefix', 'user_id', 'expires_at', 'updated_at'],\n filter: [{ field: 'revoked', operator: 'equals', value: true }],\n sort: [{ field: 'updated_at', order: 'desc' }],\n pagination: { pageSize: 50 },\n },\n all_keys: {\n type: 'grid',\n name: 'all_keys',\n label: 'All',\n data: { provider: 'object', object: 'sys_api_key' },\n columns: ['name', 'prefix', 'user_id', 'expires_at', 'last_used_at', 'revoked'],\n sort: [{ field: 'created_at', order: 'desc' }],\n pagination: { pageSize: 50 },\n },\n },\n\n fields: {\n // ── Identity ─────────────────────────────────────────────────\n name: Field.text({\n label: 'Name',\n required: true,\n searchable: true,\n maxLength: 255,\n description: 'Human-readable label for the API key',\n group: 'Identity',\n }),\n\n prefix: Field.text({\n label: 'Prefix',\n required: false,\n maxLength: 16,\n description: 'Visible prefix for identifying the key (e.g., \"osk_\")',\n group: 'Identity',\n }),\n\n user_id: Field.lookup('sys_user', {\n label: 'Owner',\n required: true,\n description: 'User who owns this API key',\n group: 'Identity',\n }),\n\n // ── Access ───────────────────────────────────────────────────\n scopes: Field.textarea({\n label: 'Scopes',\n required: false,\n description: 'JSON array of permission scopes',\n group: 'Access',\n }),\n\n // ── Lifecycle ────────────────────────────────────────────────\n expires_at: Field.datetime({\n label: 'Expires At',\n required: false,\n group: 'Lifecycle',\n }),\n\n last_used_at: Field.datetime({\n label: 'Last Used At',\n required: false,\n readonly: true,\n description: 'Automatically updated on each API call',\n group: 'Lifecycle',\n }),\n\n revoked: Field.boolean({\n label: 'Revoked',\n defaultValue: false,\n group: 'Lifecycle',\n }),\n\n // ── Secret (hidden by default) ──────────────────────────────\n key: Field.text({\n label: 'Hashed Key',\n required: true,\n hidden: true,\n readonly: true,\n description: 'Hashed API key value — never exposed to clients',\n group: 'Secret',\n }),\n\n // ── System ───────────────────────────────────────────────────\n id: Field.text({\n label: 'API Key ID',\n required: true,\n readonly: true,\n group: 'System',\n }),\n\n created_at: Field.datetime({\n label: 'Created At',\n defaultValue: 'NOW()',\n readonly: true,\n group: 'System',\n }),\n\n updated_at: Field.datetime({\n label: 'Updated At',\n defaultValue: 'NOW()',\n readonly: true,\n group: 'System',\n }),\n },\n\n indexes: [\n { fields: ['key'], unique: true },\n { fields: ['user_id'] },\n { fields: ['prefix'] },\n { fields: ['revoked'] },\n ],\n\n enable: {\n trackHistory: true,\n searchable: false,\n apiEnabled: true,\n apiMethods: ['get', 'list', 'create', 'update', 'delete'],\n trash: false,\n mru: false,\n },\n});\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { ObjectSchema, Field } from '@objectstack/spec/data';\n\n/**\n * sys_two_factor — System Two-Factor Object\n *\n * Two-factor authentication credentials (TOTP, backup codes).\n * Backed by better-auth's two-factor plugin.\n *\n * @namespace sys\n */\nexport const SysTwoFactor = ObjectSchema.create({\n name: 'sys_two_factor',\n label: 'Two Factor',\n pluralLabel: 'Two Factor Credentials',\n icon: 'smartphone',\n isSystem: true,\n managedBy: 'better-auth',\n // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,\n // but may add overlay row-level config. Use `no-overlay` if you need to\n // forbid sys_metadata overlays entirely.\n protection: {\n lock: 'full',\n reason: 'Identity table managed by better-auth — see ADR-0010.',\n docsUrl: 'https://docs.objectstack.ai/adr/0010-metadata-protection',\n },\n description: 'Two-factor authentication credentials',\n titleFormat: 'Two-factor for {user_id}',\n compactLayout: ['user_id', 'created_at'],\n\n listViews: {\n mine: {\n type: 'grid',\n name: 'mine',\n label: 'My Enrollment',\n data: { provider: 'object', object: 'sys_two_factor' },\n columns: ['created_at', 'updated_at'],\n filter: [{ field: 'user_id', operator: 'equals', value: '{current_user_id}' }],\n sort: [{ field: 'created_at', order: 'desc' }],\n pagination: { pageSize: 50 },\n },\n all_enrollments: {\n type: 'grid',\n name: 'all_enrollments',\n label: 'All',\n data: { provider: 'object', object: 'sys_two_factor' },\n columns: ['user_id', 'created_at', 'updated_at'],\n sort: [{ field: 'created_at', order: 'desc' }],\n pagination: { pageSize: 50 },\n },\n },\n\n // Toolbar actions for self-service 2FA enrollment. Better-auth's\n // `/two-factor/enable` returns `{ totpURI, backupCodes }` — the user must\n // scan the URI into an authenticator app and save the backup codes NOW;\n // they are never recoverable afterward. The `resultDialog` field tells\n // the renderer to open a one-shot reveal dialog instead of toasting the\n // success message. Same shape used by `regenerate_backup_codes`.\n actions: [\n {\n name: 'enable_two_factor',\n label: 'Enable 2FA',\n icon: 'shield-check',\n variant: 'primary',\n locations: ['list_toolbar'],\n type: 'api',\n target: '/api/v1/auth/two-factor/enable',\n refreshAfter: true,\n params: [\n { name: 'password', label: 'Current Password', type: 'text', required: true },\n ],\n resultDialog: {\n title: 'Two-factor authentication enabled',\n description: 'Scan the QR code with your authenticator app, then save the backup codes somewhere safe. The backup codes are shown only once.',\n acknowledge: 'I have saved my backup codes',\n fields: [\n { path: 'totpURI', label: 'Authenticator URI', format: 'qrcode' },\n { path: 'backupCodes', label: 'Backup Codes', format: 'code-list' },\n ],\n },\n },\n {\n name: 'disable_two_factor',\n label: 'Disable 2FA',\n icon: 'shield-off',\n variant: 'danger',\n locations: ['list_toolbar'],\n type: 'api',\n target: '/api/v1/auth/two-factor/disable',\n confirmText: 'Disable two-factor authentication on your account?',\n successMessage: '2FA disabled',\n refreshAfter: true,\n params: [\n { name: 'password', label: 'Current Password', type: 'text', required: true },\n ],\n },\n {\n name: 'regenerate_backup_codes',\n label: 'Regenerate Backup Codes',\n icon: 'refresh-cw',\n variant: 'secondary',\n locations: ['list_toolbar', 'list_item'],\n type: 'api',\n target: '/api/v1/auth/two-factor/generate-backup-codes',\n confirmText: 'Regenerate backup codes? All previous backup codes will stop working immediately.',\n refreshAfter: true,\n params: [\n { name: 'password', label: 'Current Password', type: 'text', required: true },\n ],\n resultDialog: {\n title: 'New backup codes generated',\n description: 'Previous backup codes are now invalid. Save these new codes somewhere safe — they are shown only once.',\n acknowledge: 'I have saved the new codes',\n fields: [\n { path: 'backupCodes', label: 'Backup Codes', format: 'code-list' },\n ],\n },\n },\n ],\n\n \n fields: {\n id: Field.text({\n label: 'Two Factor ID',\n required: true,\n readonly: true,\n }),\n \n created_at: Field.datetime({\n label: 'Created At',\n defaultValue: 'NOW()',\n readonly: true,\n }),\n \n updated_at: Field.datetime({\n label: 'Updated At',\n defaultValue: 'NOW()',\n readonly: true,\n }),\n \n user_id: Field.lookup('sys_user', {\n label: 'User',\n required: true,\n }),\n \n secret: Field.text({\n label: 'Secret',\n required: true,\n description: 'TOTP secret key',\n }),\n \n backup_codes: Field.textarea({\n label: 'Backup Codes',\n required: false,\n description: 'JSON-serialized backup recovery codes',\n }),\n\n verified: Field.boolean({\n label: 'Verified',\n defaultValue: true,\n description: 'Whether the enrollment was confirmed with a valid TOTP code (managed by better-auth)',\n }),\n },\n \n indexes: [\n { fields: ['user_id'], unique: true },\n ],\n \n enable: {\n trackHistory: false,\n searchable: false,\n apiEnabled: true,\n apiMethods: ['get', 'create', 'update', 'delete'],\n trash: false,\n mru: false,\n },\n});\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { ObjectSchema, Field } from '@objectstack/spec/data';\n\n/**\n * sys_device_code — System Device Authorization Code Object\n *\n * Stores pending RFC 8628 OAuth Device Authorization Grant requests.\n * Backed by better-auth's `device-authorization` plugin (`deviceCode` model).\n *\n * Lifecycle:\n * 1. CLI calls `POST /device/code` → row inserted with status='pending'\n * 2. Browser visits `verification_uri_complete` and the signed-in user\n * calls `POST /device/approve` (or `/device/deny`) → status flips\n * 3. CLI's next `POST /device/token` poll either receives a session token\n * (status=approved) or one of the standard error codes\n * (`authorization_pending`, `slow_down`, `expired_token`,\n * `access_denied`). Approved rows are deleted on token issuance.\n *\n * @namespace sys\n */\nexport const SysDeviceCode = ObjectSchema.create({\n name: 'sys_device_code',\n label: 'Device Code',\n pluralLabel: 'Device Codes',\n icon: 'key-round',\n isSystem: true,\n managedBy: 'better-auth',\n // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,\n // but may add overlay row-level config. Use `no-overlay` if you need to\n // forbid sys_metadata overlays entirely.\n protection: {\n lock: 'full',\n reason: 'Identity table managed by better-auth — see ADR-0010.',\n docsUrl: 'https://docs.objectstack.ai/adr/0010-metadata-protection',\n },\n description: 'OAuth 2.0 Device Authorization Grant (RFC 8628) pending requests',\n titleFormat: '{user_code}',\n compactLayout: ['user_code', 'status', 'client_id', 'expires_at'],\n\n fields: {\n id: Field.text({\n label: 'Device Code ID',\n required: true,\n readonly: true,\n }),\n\n created_at: Field.datetime({\n label: 'Created At',\n defaultValue: 'NOW()',\n readonly: true,\n }),\n\n updated_at: Field.datetime({\n label: 'Updated At',\n defaultValue: 'NOW()',\n readonly: true,\n }),\n\n /** High-entropy token returned to the device (CLI). Polled at /device/token. */\n device_code: Field.text({\n label: 'Device Code',\n required: true,\n description: 'High-entropy token returned to the polling device',\n }),\n\n /** Human-readable short code displayed to the user (e.g. ABCD-EFGH). */\n user_code: Field.text({\n label: 'User Code',\n required: true,\n description: 'Short user-facing code (e.g. ABCD-EFGH)',\n }),\n\n /** Owning user — populated when the request is approved. */\n user_id: Field.lookup('sys_user', {\n label: 'User',\n required: false,\n description: 'User who approved the device authorization',\n }),\n\n expires_at: Field.datetime({\n label: 'Expires At',\n required: true,\n description: 'When the device & user codes are no longer valid',\n }),\n\n /** 'pending' | 'approved' | 'denied' */\n status: Field.text({\n label: 'Status',\n required: true,\n description: \"Current status: 'pending' | 'approved' | 'denied'\",\n }),\n\n last_polled_at: Field.datetime({\n label: 'Last Polled At',\n required: false,\n description: 'Timestamp of the most recent /device/token poll',\n }),\n\n polling_interval: Field.number({\n label: 'Polling Interval (ms)',\n required: false,\n description: 'Server-recommended minimum polling interval, in ms',\n }),\n\n client_id: Field.text({\n label: 'Client ID',\n required: false,\n description: 'OAuth client identifier of the requesting device',\n }),\n\n scope: Field.text({\n label: 'Scope',\n required: false,\n description: 'Space-separated OAuth scopes requested by the device',\n }),\n },\n\n indexes: [\n { fields: ['device_code'], unique: true },\n { fields: ['user_code'], unique: true },\n { fields: ['status'], unique: false },\n ],\n\n enable: {\n trackHistory: false,\n searchable: false,\n apiEnabled: true,\n apiMethods: ['get', 'create', 'update', 'delete'],\n trash: false,\n mru: false,\n },\n});\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { ObjectSchema, Field } from '@objectstack/spec/data';\n\n/**\n * sys_user_preference — System User Preference Object\n *\n * Per-user key-value preferences for storing UI state, settings, and personalization.\n * Supports the User Preferences layer in the Config Resolution hierarchy\n * (Runtime > User Preferences > Tenant > Env).\n *\n * Common use cases:\n * - UI preferences: theme, locale, timezone, sidebar state\n * - Feature flags: plugin.ai.auto_save, plugin.dev.debug_mode\n * - User-specific settings: default_view, notifications_enabled\n *\n * @namespace sys\n */\nexport const SysUserPreference = ObjectSchema.create({\n name: 'sys_user_preference',\n label: 'User Preference',\n pluralLabel: 'User Preferences',\n icon: 'settings',\n isSystem: true,\n // managedBy: 'system' — preferences are per-user state authored from\n // the user's own settings page, never created by an admin. The list\n // surface in Setup is a support/diagnostic view only.\n managedBy: 'system',\n description: 'Per-user key-value preferences (theme, locale, etc.)',\n titleFormat: '{key}',\n compactLayout: ['user_id', 'key'],\n\n listViews: {\n mine: {\n type: 'grid',\n name: 'mine',\n label: 'My Preferences',\n data: { provider: 'object', object: 'sys_user_preference' },\n columns: ['key', 'updated_at'],\n filter: [{ field: 'user_id', operator: 'equals', value: '{current_user_id}' }],\n sort: [{ field: 'key', order: 'asc' }],\n pagination: { pageSize: 100 },\n },\n by_user: {\n type: 'grid',\n name: 'by_user',\n label: 'By User',\n data: { provider: 'object', object: 'sys_user_preference' },\n columns: ['user_id', 'key', 'updated_at'],\n sort: [{ field: 'user_id', order: 'asc' }, { field: 'key', order: 'asc' }],\n grouping: { fields: [{ field: 'user_id', order: 'asc', collapsed: true }] },\n pagination: { pageSize: 200 },\n },\n all_preferences: {\n type: 'grid',\n name: 'all_preferences',\n label: 'All',\n data: { provider: 'object', object: 'sys_user_preference' },\n columns: ['user_id', 'key', 'created_at', 'updated_at'],\n sort: [{ field: 'updated_at', order: 'desc' }],\n pagination: { pageSize: 100 },\n },\n },\n\n fields: {\n id: Field.text({\n label: 'Preference ID',\n required: true,\n readonly: true,\n }),\n\n created_at: Field.datetime({\n label: 'Created At',\n defaultValue: 'NOW()',\n readonly: true,\n }),\n\n updated_at: Field.datetime({\n label: 'Updated At',\n defaultValue: 'NOW()',\n readonly: true,\n }),\n\n user_id: Field.lookup('sys_user', {\n label: 'User',\n required: true,\n description: 'Owner user of this preference',\n }),\n\n key: Field.text({\n label: 'Key',\n required: true,\n maxLength: 255,\n description: 'Preference key (e.g., theme, locale, plugin.ai.auto_save)',\n }),\n\n value: Field.json({\n label: 'Value',\n description: 'Preference value (any JSON-serializable type)',\n }),\n },\n\n indexes: [\n { fields: ['user_id', 'key'], unique: true },\n { fields: ['user_id'], unique: false },\n ],\n\n enable: {\n trackHistory: false,\n searchable: false,\n apiEnabled: true,\n apiMethods: ['get', 'list', 'create', 'update', 'delete'],\n trash: false,\n mru: false,\n },\n});\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { ObjectSchema, Field } from '@objectstack/spec/data';\n\n/**\n * sys_oauth_application — Registered OAuth/OIDC client application\n *\n * Backed by `@better-auth/oauth-provider`'s `oauthClient` model. Each row\n * represents an external application that has been registered to authenticate\n * users against this ObjectStack server (acting as an OpenID Connect IdP).\n *\n * The table name is preserved from the deprecated `oidc-provider` plugin\n * (which used the `oauthApplication` model name) so existing data remains\n * accessible. The new model exposes a richer set of OAuth 2.1 / OIDC\n * registration fields — see RFC 7591 (Dynamic Client Registration) and\n * RFC 8414 (Authorization Server Metadata).\n *\n * @namespace sys\n */\nexport const SysOauthApplication = ObjectSchema.create({\n name: 'sys_oauth_application',\n label: 'OAuth Application',\n pluralLabel: 'OAuth Applications',\n icon: 'key-round',\n isSystem: true,\n managedBy: 'better-auth',\n // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,\n // but may add overlay row-level config. Use `no-overlay` if you need to\n // forbid sys_metadata overlays entirely.\n protection: {\n lock: 'full',\n reason: 'Identity table managed by better-auth — see ADR-0010.',\n docsUrl: 'https://docs.objectstack.ai/adr/0010-metadata-protection',\n },\n description: 'Registered OAuth/OIDC client applications',\n displayNameField: 'name',\n titleFormat: '{name}',\n compactLayout: ['name', 'client_id', 'type', 'disabled'],\n\n // Custom actions — all OAuth-application mutations are routed through\n // better-auth's `@better-auth/oauth-provider` endpoints (and a thin\n // ObjectStack-added auth route for the enable/disable toggle) rather\n // than the generic data layer, so server-side validation, secret\n // hashing, and audit hooks all run. The generic `delete` API method\n // is intentionally dropped from `apiMethods` below so the only delete\n // path is the better-auth wrapper.\n //\n // Upstream gap (better-auth 1.6.11): the stock `/admin/oauth2/update-client`\n // endpoint's Zod body schema does NOT accept the `disabled` flag, even\n // though the column exists and the runtime honours it. We bridge the\n // gap with `POST /api/v1/auth/admin/oauth2/toggle-disabled`, registered\n // by plugin-auth, which writes through better-auth's own adapter under\n // the auth namespace (no generic data-layer bypass). When upstream\n // ships `disabled` support, retarget the enable/disable actions and\n // delete the bridge route.\n actions: [\n {\n name: 'disable_oauth_application',\n label: 'Disable OAuth Application',\n icon: 'pause-circle',\n variant: 'secondary',\n mode: 'custom',\n locations: ['list_item', 'record_header'],\n type: 'api',\n method: 'POST',\n target: '/api/v1/auth/admin/oauth2/toggle-disabled',\n confirmText: 'Disable this OAuth application? Active access/refresh tokens issued to it will continue to be rejected at the token, authorize, and introspect endpoints. Existing integrations will stop working immediately.',\n successMessage: 'OAuth application disabled',\n refreshAfter: true,\n visible: '!record.disabled',\n bodyExtra: { disabled: true },\n params: [\n { name: 'client_id', field: 'client_id', defaultFromRow: true, required: true },\n ],\n },\n {\n name: 'enable_oauth_application',\n label: 'Enable OAuth Application',\n icon: 'play-circle',\n variant: 'primary',\n mode: 'custom',\n locations: ['list_item', 'record_header'],\n type: 'api',\n method: 'POST',\n target: '/api/v1/auth/admin/oauth2/toggle-disabled',\n confirmText: 'Re-enable this OAuth application? Token issuance, authorization, and introspection will resume immediately.',\n successMessage: 'OAuth application enabled',\n refreshAfter: true,\n visible: 'record.disabled',\n bodyExtra: { disabled: false },\n params: [\n { name: 'client_id', field: 'client_id', defaultFromRow: true, required: true },\n ],\n },\n {\n name: 'create_oauth_application',\n label: 'Register OAuth Application',\n icon: 'plus-circle',\n variant: 'primary',\n mode: 'create',\n locations: ['list_toolbar'],\n type: 'api',\n method: 'POST',\n target: '/api/v1/auth/sys-oauth-application/register',\n refreshAfter: true,\n params: [\n { name: 'name', label: 'Application Name', type: 'text', required: true },\n { name: 'redirectURLs', label: 'Redirect URLs', type: 'textarea', required: true, helpText: 'One URL per line. Must use https:// in production.' },\n { name: 'type', label: 'Application Type', type: 'select', required: true, defaultValue: 'web', options: [\n { label: 'Web', value: 'web' },\n { label: 'Native', value: 'native' },\n { label: 'User-agent based', value: 'user-agent-based' },\n { label: 'Public', value: 'public' },\n ] },\n ],\n resultDialog: {\n title: 'OAuth application registered',\n description: 'Save the client_secret now — it is shown only once and cannot be recovered. You can rotate it later if it leaks.',\n acknowledge: 'I have saved the client secret',\n fields: [\n { path: 'client.client_id', label: 'Client ID', format: 'text' },\n { path: 'client.client_secret', label: 'Client Secret', format: 'secret' },\n ],\n },\n },\n {\n name: 'rotate_client_secret',\n label: 'Rotate Client Secret',\n icon: 'refresh-cw',\n variant: 'secondary',\n mode: 'custom',\n locations: ['list_item', 'record_header'],\n type: 'api',\n method: 'POST',\n target: '/api/v1/auth/oauth2/client/rotate-secret',\n confirmText: 'Rotate this OAuth client\\'s secret? The previous secret will stop working immediately and any integrations using it will break until they are updated with the new secret. The new secret is shown only once.',\n refreshAfter: true,\n params: [\n { name: 'client_id', field: 'client_id', defaultFromRow: true, required: true },\n ],\n resultDialog: {\n title: 'Client secret rotated',\n description: 'Save the new secret now — it is shown only once. Update every integration before the previous secret\\'s grace period ends.',\n acknowledge: 'I have updated my integrations',\n fields: [\n { path: 'client_secret', label: 'New Client Secret', format: 'secret' },\n ],\n },\n },\n {\n name: 'delete_oauth_application',\n label: 'Delete OAuth Application',\n icon: 'trash-2',\n variant: 'danger',\n mode: 'delete',\n locations: ['list_item', 'record_header'],\n type: 'api',\n method: 'POST',\n target: '/api/v1/auth/oauth2/delete-client',\n confirmText: 'Permanently delete this OAuth application? All issued tokens and consents will be invalidated and integrations using this client_id will stop working immediately. This cannot be undone.',\n successMessage: 'OAuth application deleted',\n refreshAfter: true,\n params: [\n { name: 'client_id', field: 'client_id', defaultFromRow: true, required: true },\n ],\n },\n ],\n\n listViews: {\n mine: {\n type: 'grid',\n name: 'mine',\n label: 'My Applications',\n data: { provider: 'object', object: 'sys_oauth_application' },\n columns: ['name', 'client_id', 'type', 'disabled', 'created_at'],\n // Self-service Account view — scope to the signed-in user's own\n // registrations so they don't see other developers' apps. Admins\n // get the unfiltered `active` / `disabled_apps` / `all_apps` views\n // via the Setup → OAuth Applications nav.\n filter: [{ field: 'user_id', operator: 'equals', value: '{current_user_id}' }],\n sort: [{ field: 'created_at', order: 'desc' }],\n pagination: { pageSize: 50 },\n },\n active: {\n type: 'grid',\n name: 'active',\n label: 'Active',\n data: { provider: 'object', object: 'sys_oauth_application' },\n columns: ['name', 'client_id', 'type', 'updated_at'],\n filter: [{ field: 'disabled', operator: 'equals', value: false }],\n sort: [{ field: 'name', order: 'asc' }],\n pagination: { pageSize: 50 },\n },\n disabled_apps: {\n type: 'grid',\n name: 'disabled_apps',\n label: 'Disabled',\n data: { provider: 'object', object: 'sys_oauth_application' },\n columns: ['name', 'client_id', 'type', 'updated_at'],\n filter: [{ field: 'disabled', operator: 'equals', value: true }],\n sort: [{ field: 'updated_at', order: 'desc' }],\n pagination: { pageSize: 50 },\n },\n all_apps: {\n type: 'grid',\n name: 'all_apps',\n label: 'All',\n data: { provider: 'object', object: 'sys_oauth_application' },\n columns: ['name', 'client_id', 'type', 'disabled', 'created_at'],\n sort: [{ field: 'name', order: 'asc' }],\n pagination: { pageSize: 50 },\n },\n },\n\n fields: {\n // ── Identity ─────────────────────────────────────────────────\n id: Field.text({\n label: 'ID',\n required: true,\n readonly: true,\n group: 'System',\n }),\n\n name: Field.text({\n label: 'Name',\n required: false,\n searchable: true,\n maxLength: 255,\n group: 'Identity',\n }),\n\n icon: Field.url({\n label: 'Icon',\n required: false,\n description: 'Logo URL shown on the consent screen',\n group: 'Identity',\n }),\n\n uri: Field.url({\n label: 'Home URI',\n required: false,\n description: 'Public homepage of the registered client',\n group: 'Identity',\n }),\n\n contacts: Field.textarea({\n label: 'Contacts',\n required: false,\n description: 'JSON-serialized list of contact email addresses',\n group: 'Identity',\n }),\n\n tos: Field.url({\n label: 'Terms of Service',\n required: false,\n group: 'Identity',\n }),\n\n policy: Field.url({\n label: 'Privacy Policy',\n required: false,\n group: 'Identity',\n }),\n\n metadata: Field.textarea({\n label: 'Metadata',\n required: false,\n description: 'JSON-serialized application metadata',\n group: 'Identity',\n }),\n\n // ── OAuth Credentials ────────────────────────────────────────\n client_id: Field.text({\n label: 'Client ID',\n required: true,\n readonly: true,\n maxLength: 255,\n description: 'Public OAuth client identifier',\n group: 'Credentials',\n }),\n\n client_secret: Field.text({\n label: 'Client Secret',\n required: false,\n maxLength: 1024,\n description: 'OAuth client secret (hashed/encrypted at rest)',\n group: 'Credentials',\n }),\n\n redirect_uris: Field.textarea({\n label: 'Redirect URIs',\n required: true,\n description: 'JSON-serialized list of allowed redirect URIs',\n group: 'Credentials',\n }),\n\n post_logout_redirect_uris: Field.textarea({\n label: 'Post-logout Redirect URIs',\n required: false,\n description: 'JSON-serialized list of allowed post-logout redirect URIs',\n group: 'Credentials',\n }),\n\n type: Field.select(['web', 'native', 'user-agent-based', 'public'], {\n label: 'Client Type',\n required: false,\n defaultValue: 'web',\n group: 'Credentials',\n }),\n\n public: Field.boolean({\n label: 'Public Client',\n required: false,\n description: 'Marks the client as a public (non-confidential) OAuth client',\n group: 'Credentials',\n }),\n\n require_pkce: Field.boolean({\n label: 'Require PKCE',\n required: false,\n group: 'Credentials',\n }),\n\n token_endpoint_auth_method: Field.text({\n label: 'Token Endpoint Auth Method',\n required: false,\n maxLength: 64,\n description: 'e.g. client_secret_basic, client_secret_post, none',\n group: 'Credentials',\n }),\n\n grant_types: Field.textarea({\n label: 'Grant Types',\n required: false,\n description: 'JSON-serialized list of allowed grant types',\n group: 'Credentials',\n }),\n\n response_types: Field.textarea({\n label: 'Response Types',\n required: false,\n description: 'JSON-serialized list of allowed response types',\n group: 'Credentials',\n }),\n\n scopes: Field.textarea({\n label: 'Allowed Scopes',\n required: false,\n description: 'JSON-serialized list of scopes the client may request',\n group: 'Credentials',\n }),\n\n subject_type: Field.text({\n label: 'Subject Type',\n required: false,\n maxLength: 32,\n description: 'OIDC subject type (e.g. public, pairwise)',\n group: 'Credentials',\n }),\n\n // ── Behaviour flags ──────────────────────────────────────────\n disabled: Field.boolean({\n label: 'Disabled',\n required: false,\n defaultValue: false,\n group: 'Behaviour',\n }),\n\n skip_consent: Field.boolean({\n label: 'Skip Consent',\n required: false,\n description: 'Treat as a trusted client and bypass the consent screen',\n group: 'Behaviour',\n }),\n\n enable_end_session: Field.boolean({\n label: 'Enable End Session',\n required: false,\n description: 'Allow the client to call the OIDC end-session endpoint',\n group: 'Behaviour',\n }),\n\n // ── Software statement (RFC 7591 §2.3) ───────────────────────\n software_id: Field.text({\n label: 'Software ID',\n required: false,\n maxLength: 255,\n group: 'Software',\n }),\n\n software_version: Field.text({\n label: 'Software Version',\n required: false,\n maxLength: 64,\n group: 'Software',\n }),\n\n software_statement: Field.textarea({\n label: 'Software Statement',\n required: false,\n description: 'Signed JWT asserting the client metadata (RFC 7591 §2.3)',\n group: 'Software',\n }),\n\n // ── Ownership / system ───────────────────────────────────────\n user_id: Field.lookup('sys_user', {\n label: 'Owner User',\n required: false,\n description: 'User who registered this application',\n group: 'System',\n }),\n\n reference_id: Field.text({\n label: 'Reference ID',\n required: false,\n maxLength: 255,\n description: 'Caller-supplied correlation identifier',\n group: 'System',\n }),\n\n created_at: Field.datetime({\n label: 'Created At',\n defaultValue: 'NOW()',\n readonly: true,\n group: 'System',\n }),\n\n updated_at: Field.datetime({\n label: 'Updated At',\n defaultValue: 'NOW()',\n readonly: true,\n group: 'System',\n }),\n },\n\n indexes: [\n { fields: ['client_id'], unique: true },\n { fields: ['user_id'] },\n { fields: ['reference_id'] },\n ],\n\n enable: {\n trackHistory: true,\n searchable: true,\n apiEnabled: true,\n // All mutations (create/update/delete) must go through better-auth's\n // oauth-provider endpoints under /api/v1/auth/{admin/,}oauth2/* — the\n // generic data layer is read-only for this object so sysadmins cannot\n // bypass server-side OAuth validation. The Delete row action above is\n // wired to /api/v1/auth/oauth2/delete-client.\n apiMethods: ['get', 'list'],\n trash: false,\n mru: false,\n },\n});\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { ObjectSchema, Field } from '@objectstack/spec/data';\n\n/**\n * sys_oauth_access_token — Issued OAuth/OIDC opaque access token\n *\n * Backed by `@better-auth/oauth-provider`'s `oauthAccessToken` model. One\n * row per opaque access token issuance. Tokens are short-lived; expired\n * rows can be safely pruned.\n *\n * Refresh tokens have been split into a sibling table — see\n * {@link SysOauthRefreshToken}. The optional `refresh_id` column links an\n * access token back to the refresh-token row that minted it.\n *\n * @namespace sys\n */\nexport const SysOauthAccessToken = ObjectSchema.create({\n name: 'sys_oauth_access_token',\n label: 'OAuth Access Token',\n pluralLabel: 'OAuth Access Tokens',\n icon: 'ticket',\n isSystem: true,\n managedBy: 'better-auth',\n // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,\n // but may add overlay row-level config. Use `no-overlay` if you need to\n // forbid sys_metadata overlays entirely.\n protection: {\n lock: 'full',\n reason: 'Identity table managed by better-auth — see ADR-0010.',\n docsUrl: 'https://docs.objectstack.ai/adr/0010-metadata-protection',\n },\n description: 'Opaque OAuth access tokens issued to client applications',\n compactLayout: ['client_id', 'user_id', 'expires_at'],\n\n fields: {\n id: Field.text({\n label: 'ID',\n required: true,\n readonly: true,\n }),\n\n token: Field.text({\n label: 'Token',\n required: true,\n maxLength: 1024,\n description: 'Opaque access token value',\n }),\n\n client_id: Field.text({\n label: 'Client ID',\n required: true,\n description: 'Foreign key to sys_oauth_application.client_id',\n }),\n\n session_id: Field.lookup('sys_session', {\n label: 'Session',\n required: false,\n description: 'Foreign key to sys_session.id',\n }),\n\n user_id: Field.lookup('sys_user', {\n label: 'User',\n required: false,\n description: 'Foreign key to sys_user.id',\n }),\n\n refresh_id: Field.lookup('sys_oauth_refresh_token', {\n label: 'Refresh Token',\n required: false,\n description: 'Foreign key to sys_oauth_refresh_token.id',\n }),\n\n reference_id: Field.text({\n label: 'Reference ID',\n required: false,\n maxLength: 255,\n description: 'Caller-supplied correlation identifier',\n }),\n\n scopes: Field.textarea({\n label: 'Scopes',\n required: true,\n description: 'JSON-serialized list of scopes granted to this token',\n }),\n\n expires_at: Field.datetime({\n label: 'Expires At',\n required: true,\n }),\n\n created_at: Field.datetime({\n label: 'Created At',\n defaultValue: 'NOW()',\n readonly: true,\n }),\n },\n\n indexes: [\n { fields: ['token'], unique: true },\n { fields: ['client_id'] },\n { fields: ['session_id'] },\n { fields: ['user_id'] },\n { fields: ['refresh_id'] },\n ],\n\n enable: {\n trackHistory: false,\n searchable: false,\n apiEnabled: false,\n apiMethods: [],\n trash: false,\n mru: false,\n },\n});\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { ObjectSchema, Field } from '@objectstack/spec/data';\n\n/**\n * sys_oauth_refresh_token — Issued OAuth/OIDC refresh token\n *\n * Backed by `@better-auth/oauth-provider`'s `oauthRefreshToken` model.\n * Refresh tokens are issued for the `offline_access` scope and are bound\n * to a specific session (`session_id`) and client (`client_id`).\n *\n * Each access-token rotation produces a new refresh-token row; revoked\n * tokens are kept (with `revoked` set) for audit purposes until pruned.\n *\n * @namespace sys\n */\nexport const SysOauthRefreshToken = ObjectSchema.create({\n name: 'sys_oauth_refresh_token',\n label: 'OAuth Refresh Token',\n pluralLabel: 'OAuth Refresh Tokens',\n icon: 'refresh-cw',\n isSystem: true,\n managedBy: 'better-auth',\n // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,\n // but may add overlay row-level config. Use `no-overlay` if you need to\n // forbid sys_metadata overlays entirely.\n protection: {\n lock: 'full',\n reason: 'Identity table managed by better-auth — see ADR-0010.',\n docsUrl: 'https://docs.objectstack.ai/adr/0010-metadata-protection',\n },\n description: 'Opaque OAuth refresh tokens (linked to a session)',\n compactLayout: ['client_id', 'user_id', 'expires_at'],\n\n fields: {\n id: Field.text({\n label: 'ID',\n required: true,\n readonly: true,\n }),\n\n token: Field.text({\n label: 'Token',\n required: true,\n maxLength: 1024,\n description: 'Opaque refresh token value',\n }),\n\n client_id: Field.text({\n label: 'Client ID',\n required: true,\n description: 'Foreign key to sys_oauth_application.client_id',\n }),\n\n session_id: Field.lookup('sys_session', {\n label: 'Session',\n required: false,\n description: 'Foreign key to sys_session.id',\n }),\n\n user_id: Field.lookup('sys_user', {\n label: 'User',\n required: true,\n description: 'Foreign key to sys_user.id',\n }),\n\n reference_id: Field.text({\n label: 'Reference ID',\n required: false,\n maxLength: 255,\n description: 'Caller-supplied correlation identifier',\n }),\n\n scopes: Field.textarea({\n label: 'Scopes',\n required: true,\n description: 'JSON-serialized list of scopes granted to this token',\n }),\n\n expires_at: Field.datetime({\n label: 'Expires At',\n required: true,\n }),\n\n created_at: Field.datetime({\n label: 'Created At',\n defaultValue: 'NOW()',\n readonly: true,\n }),\n\n revoked: Field.datetime({\n label: 'Revoked At',\n required: false,\n description: 'Timestamp at which this refresh token was revoked',\n }),\n\n auth_time: Field.datetime({\n label: 'Auth Time',\n required: false,\n description: 'When the user originally authenticated for this token chain',\n }),\n },\n\n indexes: [\n { fields: ['token'], unique: true },\n { fields: ['client_id'] },\n { fields: ['session_id'] },\n { fields: ['user_id'] },\n ],\n\n enable: {\n trackHistory: false,\n searchable: false,\n apiEnabled: false,\n apiMethods: [],\n trash: false,\n mru: false,\n },\n});\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { ObjectSchema, Field } from '@objectstack/spec/data';\n\n/**\n * sys_oauth_consent — Recorded user consent for an OAuth client + scopes\n *\n * Backed by `@better-auth/oauth-provider`'s `oauthConsent` model. When a\n * user consents to a client requesting a particular set of scopes, the\n * decision is persisted here so future authorization requests for the same\n * client+scopes can skip the consent screen.\n *\n * The presence of a row implies consent was given for the listed scopes —\n * the previous boolean `consent_given` flag was removed in the migration\n * from `better-auth/plugins/oidc-provider` to `@better-auth/oauth-provider`.\n *\n * @namespace sys\n */\nexport const SysOauthConsent = ObjectSchema.create({\n name: 'sys_oauth_consent',\n label: 'OAuth Consent',\n pluralLabel: 'OAuth Consents',\n icon: 'shield-check',\n isSystem: true,\n managedBy: 'better-auth',\n // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,\n // but may add overlay row-level config. Use `no-overlay` if you need to\n // forbid sys_metadata overlays entirely.\n protection: {\n lock: 'full',\n reason: 'Identity table managed by better-auth — see ADR-0010.',\n docsUrl: 'https://docs.objectstack.ai/adr/0010-metadata-protection',\n },\n description: 'User consent records for OAuth client applications',\n compactLayout: ['client_id', 'user_id', 'scopes'],\n\n fields: {\n id: Field.text({\n label: 'ID',\n required: true,\n readonly: true,\n }),\n\n client_id: Field.text({\n label: 'Client ID',\n required: true,\n description: 'Foreign key to sys_oauth_application.client_id',\n }),\n\n user_id: Field.lookup('sys_user', {\n label: 'User',\n required: false,\n description: 'Foreign key to sys_user.id',\n }),\n\n reference_id: Field.text({\n label: 'Reference ID',\n required: false,\n maxLength: 255,\n description: 'Caller-supplied correlation identifier',\n }),\n\n scopes: Field.textarea({\n label: 'Scopes',\n required: true,\n description: 'JSON-serialized list of scopes the user consented to',\n }),\n\n created_at: Field.datetime({\n label: 'Created At',\n defaultValue: 'NOW()',\n readonly: true,\n }),\n\n updated_at: Field.datetime({\n label: 'Updated At',\n defaultValue: 'NOW()',\n readonly: true,\n }),\n },\n\n indexes: [\n { fields: ['client_id'] },\n { fields: ['user_id'] },\n ],\n\n enable: {\n trackHistory: false,\n searchable: false,\n apiEnabled: false,\n apiMethods: [],\n trash: false,\n mru: false,\n },\n});\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { ObjectSchema, Field } from '@objectstack/spec/data';\n\n/**\n * sys_jwks — JWKS (JSON Web Key Set) key pair store\n *\n * Backed by better-auth's `jwt` plugin. Each row is a single asymmetric\n * key pair used to sign and verify JWTs (id_tokens, JWT access tokens)\n * issued by this ObjectStack server when it acts as an OAuth/OIDC IdP.\n *\n * The plugin rotates keys automatically — older rows are kept until\n * `expires_at` so existing tokens can still be verified.\n *\n * @namespace sys\n */\nexport const SysJwks = ObjectSchema.create({\n name: 'sys_jwks',\n label: 'JWKS Key',\n pluralLabel: 'JWKS Keys',\n icon: 'key',\n isSystem: true,\n managedBy: 'better-auth',\n // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,\n // but may add overlay row-level config. Use `no-overlay` if you need to\n // forbid sys_metadata overlays entirely.\n protection: {\n lock: 'full',\n reason: 'Identity table managed by better-auth — see ADR-0010.',\n docsUrl: 'https://docs.objectstack.ai/adr/0010-metadata-protection',\n },\n description: 'Asymmetric key pairs used to sign and verify issued JWTs',\n compactLayout: ['id', 'created_at', 'expires_at'],\n\n fields: {\n id: Field.text({\n label: 'Key ID',\n required: true,\n readonly: true,\n description: 'JWK `kid` value',\n }),\n\n public_key: Field.textarea({\n label: 'Public Key',\n required: true,\n description: 'JSON-serialized JWK public key',\n }),\n\n private_key: Field.textarea({\n label: 'Private Key',\n required: true,\n description: 'JSON-serialized JWK private key (encrypted at rest)',\n }),\n\n created_at: Field.datetime({\n label: 'Created At',\n required: true,\n defaultValue: 'NOW()',\n readonly: true,\n }),\n\n expires_at: Field.datetime({\n label: 'Expires At',\n required: false,\n description: 'When the key may no longer be used to verify tokens',\n }),\n },\n\n enable: {\n trackHistory: false,\n searchable: false,\n apiEnabled: false,\n apiMethods: [],\n trash: false,\n mru: false,\n },\n});\n"]}
1
+ {"version":3,"sources":["../../src/identity/sys-user.object.ts","../../src/identity/sys-session.object.ts","../../src/identity/sys-account.object.ts","../../src/identity/sys-verification.object.ts","../../src/identity/sys-organization.object.ts","../../src/identity/sys-member.object.ts","../../src/identity/sys-invitation.object.ts","../../src/identity/sys-team.object.ts","../../src/identity/sys-team-member.object.ts","../../src/identity/sys-department.object.ts","../../src/identity/sys-department-member.object.ts","../../src/identity/sys-api-key.object.ts","../../src/identity/sys-two-factor.object.ts","../../src/identity/sys-device-code.object.ts","../../src/identity/sys-user-preference.object.ts","../../src/identity/sys-oauth-application.object.ts","../../src/identity/sys-oauth-access-token.object.ts","../../src/identity/sys-oauth-refresh-token.object.ts","../../src/identity/sys-oauth-consent.object.ts","../../src/identity/sys-jwks.object.ts"],"names":["ObjectSchema","Field"],"mappings":";;;;;AAeO,IAAM,OAAA,GAAUA,kBAAa,MAAA,CAAO;AAAA,EACzC,IAAA,EAAM,UAAA;AAAA,EACN,KAAA,EAAO,MAAA;AAAA,EACP,WAAA,EAAa,OAAA;AAAA,EACb,IAAA,EAAM,MAAA;AAAA,EACN,QAAA,EAAU,IAAA;AAAA,EACV,SAAA,EAAW,aAAA;AAAA;AAAA,EAEX,UAAA,EAAY;AAAA,IACV,IAAA,EAAM,MAAA;AAAA,IACN,MAAA,EAAQ,4DAAA;AAAA,IACR,OAAA,EAAS;AAAA,GACX;AAAA,EACA,WAAA,EAAa,kCAAA;AAAA,EACb,gBAAA,EAAkB,MAAA;AAAA,EAClB,WAAA,EAAa,QAAA;AAAA,EACb,aAAA,EAAe,CAAC,MAAA,EAAQ,OAAA,EAAS,gBAAgB,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQjD,OAAA,EAAS;AAAA,IACP;AAAA,MACE,IAAA,EAAM,aAAA;AAAA,MACN,KAAA,EAAO,aAAA;AAAA,MACP,IAAA,EAAM,WAAA;AAAA,MACN,OAAA,EAAS,SAAA;AAAA,MACT,SAAA,EAAW,CAAC,cAAc,CAAA;AAAA,MAC1B,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,yCAAA;AAAA,MACR,cAAA,EAAgB,iBAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,KAAA,EAAO,OAAA,EAAS,QAAA,EAAU,IAAA,EAAK;AAAA,QACjC,EAAE,KAAA,EAAO,MAAA,EAAQ,cAAA,EAAgB,YAAA,EAAc,UAAU,IAAA;AAAK;AAChE,KACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA;AAAA,MACE,IAAA,EAAM,UAAA;AAAA,MACN,KAAA,EAAO,UAAA;AAAA,MACP,IAAA,EAAM,KAAA;AAAA,MACN,OAAA,EAAS,QAAA;AAAA,MACT,SAAA,EAAW,CAAC,WAAW,CAAA;AAAA,MACvB,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,6BAAA;AAAA,MACR,aAAA,EAAe,QAAA;AAAA,MACf,cAAA,EAAgB,aAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,WAAA,EAAa,8EAAA;AAAA,MACb,MAAA,EAAQ;AAAA,QACN,EAAE,MAAM,WAAA,EAAa,KAAA,EAAO,cAAc,IAAA,EAAM,MAAA,EAAQ,UAAU,KAAA;AAAM;AAC1E,KACF;AAAA,IACA;AAAA,MACE,IAAA,EAAM,YAAA;AAAA,MACN,KAAA,EAAO,YAAA;AAAA,MACP,IAAA,EAAM,gBAAA;AAAA,MACN,OAAA,EAAS,WAAA;AAAA,MACT,SAAA,EAAW,CAAC,WAAW,CAAA;AAAA,MACvB,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,+BAAA;AAAA,MACR,aAAA,EAAe,QAAA;AAAA,MACf,cAAA,EAAgB,eAAA;AAAA,MAChB,YAAA,EAAc;AAAA,KAChB;AAAA,IACA;AAAA,MACE,IAAA,EAAM,mBAAA;AAAA,MACN,KAAA,EAAO,cAAA;AAAA,MACP,IAAA,EAAM,WAAA;AAAA,MACN,OAAA,EAAS,WAAA;AAAA,MACT,SAAA,EAAW,CAAC,WAAW,CAAA;AAAA,MACvB,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,sCAAA;AAAA,MACR,aAAA,EAAe,QAAA;AAAA,MACf,cAAA,EAAgB,kBAAA;AAAA,MAChB,YAAA,EAAc,KAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,MAAM,aAAA,EAAe,KAAA,EAAO,gBAAgB,IAAA,EAAM,MAAA,EAAQ,UAAU,IAAA;AAAK;AAC7E,KACF;AAAA,IACA;AAAA,MACE,IAAA,EAAM,eAAA;AAAA,MACN,KAAA,EAAO,mBAAA;AAAA,MACP,IAAA,EAAM,cAAA;AAAA,MACN,OAAA,EAAS,WAAA;AAAA,MACT,SAAA,EAAW,CAAC,WAAW,CAAA;AAAA,MACvB,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,6BAAA;AAAA,MACR,aAAA,EAAe,QAAA;AAAA,MACf,cAAA,EAAgB,cAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,MAAM,MAAA,EAAQ,KAAA,EAAO,iBAAiB,IAAA,EAAM,MAAA,EAAQ,UAAU,IAAA;AAAK;AACvE,KACF;AAAA,IACA;AAAA,MACE,IAAA,EAAM,kBAAA;AAAA,MACN,KAAA,EAAO,kBAAA;AAAA,MACP,IAAA,EAAM,UAAA;AAAA,MACN,OAAA,EAAS,WAAA;AAAA,MACT,SAAA,EAAW,CAAC,WAAW,CAAA;AAAA,MACvB,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,qCAAA;AAAA,MACR,aAAA,EAAe,QAAA;AAAA,MACf,cAAA,EAAgB,wBAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,WAAA,EAAa;AAAA,KACf;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAUA;AAAA,MACE,IAAA,EAAM,mBAAA;AAAA,MACN,KAAA,EAAO,gBAAA;AAAA,MACP,IAAA,EAAM,UAAA;AAAA,MACN,OAAA,EAAS,SAAA;AAAA,MACT,IAAA,EAAM,MAAA;AAAA,MACN,SAAA,EAAW,CAAC,eAAe,CAAA;AAAA,MAC3B,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,0BAAA;AAAA,MACR,OAAA,EAAS,0BAAA;AAAA,MACT,cAAA,EAAgB,iBAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,KAAA,EAAO,gBAAgB,IAAA,EAAK;AAAA,QACvD,EAAE,KAAA,EAAO,OAAA,EAAS,QAAA,EAAU,KAAA,EAAO,gBAAgB,IAAA;AAAK;AAC1D,KACF;AAAA,IACA;AAAA,MACE,IAAA,EAAM,oBAAA;AAAA,MACN,KAAA,EAAO,iBAAA;AAAA,MACP,IAAA,EAAM,KAAA;AAAA,MACN,OAAA,EAAS,WAAA;AAAA,MACT,SAAA,EAAW,CAAC,eAAA,EAAiB,aAAA,EAAe,gBAAgB,CAAA;AAAA,MAC5D,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,8BAAA;AAAA,MACR,OAAA,EAAS,0BAAA;AAAA,MACT,cAAA,EAAgB,kBAAA;AAAA,MAChB,YAAA,EAAc,KAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,MAAM,iBAAA,EAAmB,KAAA,EAAO,oBAAoB,IAAA,EAAM,MAAA,EAAQ,UAAU,IAAA,EAAK;AAAA,QACnF,EAAE,MAAM,aAAA,EAAe,KAAA,EAAO,gBAAgB,IAAA,EAAM,MAAA,EAAQ,UAAU,IAAA,EAAK;AAAA,QAC3E,EAAE,IAAA,EAAM,qBAAA,EAAuB,KAAA,EAAO,wBAAA,EAA0B,MAAM,SAAA,EAAW,QAAA,EAAU,KAAA,EAAO,YAAA,EAAc,IAAA;AAAK;AACvH,KACF;AAAA,IACA;AAAA,MACE,IAAA,EAAM,iBAAA;AAAA,MACN,KAAA,EAAO,cAAA;AAAA,MACP,IAAA,EAAM,MAAA;AAAA,MACN,OAAA,EAAS,WAAA;AAAA,MACT,SAAA,EAAW,CAAC,eAAA,EAAiB,aAAA,EAAe,gBAAgB,CAAA;AAAA,MAC5D,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,2BAAA;AAAA,MACR,OAAA,EAAS,0BAAA;AAAA,MACT,cAAA,EAAgB,kEAAA;AAAA,MAChB,YAAA,EAAc,KAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,MAAM,UAAA,EAAY,KAAA,EAAO,aAAa,IAAA,EAAM,OAAA,EAAS,UAAU,IAAA;AAAK;AACxE,KACF;AAAA,IACA;AAAA,MACE,IAAA,EAAM,2BAAA;AAAA,MACN,KAAA,EAAO,2BAAA;AAAA,MACP,IAAA,EAAM,YAAA;AAAA,MACN,OAAA,EAAS,WAAA;AAAA,MACT,SAAA,EAAW,CAAC,eAAA,EAAiB,aAAA,EAAe,gBAAgB,CAAA;AAAA,MAC5D,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,sCAAA;AAAA;AAAA;AAAA,MAGR,OAAA,EAAS,4DAAA;AAAA,MACT,cAAA,EAAgB,kDAAA;AAAA,MAChB,YAAA,EAAc,KAAA;AAAA,MACd,QAAQ;AAAC,KACX;AAAA,IACA;AAAA,MACE,IAAA,EAAM,mBAAA;AAAA,MACN,KAAA,EAAO,mBAAA;AAAA,MACP,IAAA,EAAM,QAAA;AAAA,MACN,OAAA,EAAS,QAAA;AAAA,MACT,IAAA,EAAM,QAAA;AAAA,MACN,SAAA,EAAW,CAAC,aAAA,EAAe,gBAAgB,CAAA;AAAA,MAC3C,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,0BAAA;AAAA,MACR,OAAA,EAAS,0BAAA;AAAA,MACT,WAAA,EAAa,8KAAA;AAAA,MACb,cAAA,EAAgB,iBAAA;AAAA,MAChB,YAAA,EAAc,KAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,MAAM,UAAA,EAAY,KAAA,EAAO,oBAAoB,IAAA,EAAM,MAAA,EAAQ,UAAU,IAAA;AAAK;AAC9E,KACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAOA;AAAA,MACE,IAAA,EAAM,mBAAA;AAAA,MACN,KAAA,EAAO,wBAAA;AAAA,MACP,IAAA,EAAM,aAAA;AAAA,MACN,OAAA,EAAS,SAAA;AAAA,MACT,SAAA,EAAW,CAAC,gBAAgB,CAAA;AAAA,MAC5B,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,gCAAA;AAAA,MACR,OAAA,EAAS,+DAAA;AAAA,MACT,cAAA,EAAgB,iJAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,MAAM,UAAA,EAAY,KAAA,EAAO,oBAAoB,IAAA,EAAM,MAAA,EAAQ,UAAU,IAAA;AAAK;AAC9E,KACF;AAAA,IACA;AAAA,MACE,IAAA,EAAM,oBAAA;AAAA,MACN,KAAA,EAAO,yBAAA;AAAA,MACP,IAAA,EAAM,YAAA;AAAA,MACN,OAAA,EAAS,QAAA;AAAA,MACT,SAAA,EAAW,CAAC,gBAAgB,CAAA;AAAA,MAC5B,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,iCAAA;AAAA,MACR,OAAA,EAAS,+DAAA;AAAA,MACT,WAAA,EAAa,uEAAA;AAAA,MACb,cAAA,EAAgB,qCAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,MAAM,UAAA,EAAY,KAAA,EAAO,oBAAoB,IAAA,EAAM,MAAA,EAAQ,UAAU,IAAA;AAAK;AAC9E,KACF;AAAA,IACA;AAAA,MACE,IAAA,EAAM,uBAAA;AAAA,MACN,KAAA,EAAO,yBAAA;AAAA,MACP,IAAA,EAAM,cAAA;AAAA,MACN,OAAA,EAAS,WAAA;AAAA,MACT,SAAA,EAAW,CAAC,gBAAgB,CAAA;AAAA,MAC5B,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,+CAAA;AAAA,MACR,OAAA,EAAS,+DAAA;AAAA,MACT,WAAA,EAAa,uFAAA;AAAA,MACb,cAAA,EAAgB,6DAAA;AAAA,MAChB,YAAA,EAAc,KAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,MAAM,UAAA,EAAY,KAAA,EAAO,oBAAoB,IAAA,EAAM,MAAA,EAAQ,UAAU,IAAA;AAAK;AAC9E;AACF,GACF;AAAA,EAEA,SAAA,EAAW;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAMT,EAAA,EAAI;AAAA,MACF,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,IAAA;AAAA,MACN,KAAA,EAAO,YAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,UAAA,EAAW;AAAA,MAC/C,SAAS,CAAC,MAAA,EAAQ,OAAA,EAAS,gBAAA,EAAkB,sBAAsB,YAAY,CAAA;AAAA,MAC/E,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,MAAM,QAAA,EAAU,QAAA,EAAU,KAAA,EAAO,mBAAA,EAAqB,CAAA;AAAA,MACxE,MAAM,CAAC,EAAE,OAAO,MAAA,EAAQ,KAAA,EAAO,OAAO,CAAA;AAAA,MACtC,UAAA,EAAY,EAAE,QAAA,EAAU,CAAA;AAAE,KAC5B;AAAA,IACA,SAAA,EAAW;AAAA,MACT,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,WAAA;AAAA,MACN,KAAA,EAAO,WAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,UAAA,EAAW;AAAA,MAC/C,SAAS,CAAC,MAAA,EAAQ,OAAA,EAAS,gBAAA,EAAkB,sBAAsB,YAAY,CAAA;AAAA,MAC/E,MAAM,CAAC,EAAE,OAAO,MAAA,EAAQ,KAAA,EAAO,OAAO,CAAA;AAAA,MACtC,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG,KAC7B;AAAA,IACA,UAAA,EAAY;AAAA,MACV,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,YAAA;AAAA,MACN,KAAA,EAAO,YAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,UAAA,EAAW;AAAA,MAC/C,OAAA,EAAS,CAAC,MAAA,EAAQ,OAAA,EAAS,YAAY,CAAA;AAAA,MACvC,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,kBAAkB,QAAA,EAAU,QAAA,EAAU,KAAA,EAAO,KAAA,EAAO,CAAA;AAAA,MACtE,MAAM,CAAC,EAAE,OAAO,YAAA,EAAc,KAAA,EAAO,QAAQ,CAAA;AAAA,MAC7C,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG,KAC7B;AAAA,IACA,UAAA,EAAY;AAAA,MACV,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,YAAA;AAAA,MACN,KAAA,EAAO,aAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,UAAA,EAAW;AAAA,MAC/C,OAAA,EAAS,CAAC,MAAA,EAAQ,OAAA,EAAS,sBAAsB,YAAY,CAAA;AAAA,MAC7D,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,sBAAsB,QAAA,EAAU,QAAA,EAAU,KAAA,EAAO,IAAA,EAAM,CAAA;AAAA,MACzE,MAAM,CAAC,EAAE,OAAO,MAAA,EAAQ,KAAA,EAAO,OAAO,CAAA;AAAA,MACtC,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG,KAC7B;AAAA,IACA,MAAA,EAAQ;AAAA,MACN,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,QAAA;AAAA,MACN,KAAA,EAAO,QAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,UAAA,EAAW;AAAA,MAC/C,SAAS,CAAC,MAAA,EAAQ,OAAA,EAAS,QAAA,EAAU,cAAc,aAAa,CAAA;AAAA,MAChE,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,UAAU,QAAA,EAAU,QAAA,EAAU,KAAA,EAAO,IAAA,EAAM,CAAA;AAAA,MAC7D,MAAM,CAAC,EAAE,OAAO,YAAA,EAAc,KAAA,EAAO,QAAQ,CAAA;AAAA,MAC7C,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG;AAC7B,GACF;AAAA,EAEA,MAAA,EAAQ;AAAA;AAAA,IAEN,IAAA,EAAMC,WAAM,IAAA,CAAK;AAAA,MACf,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,UAAA,EAAY,IAAA;AAAA,MACZ,SAAA,EAAW,GAAA;AAAA,MACX,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,KAAA,EAAOA,WAAM,KAAA,CAAM;AAAA,MACjB,KAAA,EAAO,OAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,UAAA,EAAY,IAAA;AAAA,MACZ,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,cAAA,EAAgBA,WAAM,OAAA,CAAQ;AAAA,MAC5B,KAAA,EAAO,gBAAA;AAAA,MACP,YAAA,EAAc,KAAA;AAAA,MACd,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,kBAAA,EAAoBA,WAAM,OAAA,CAAQ;AAAA,MAChC,KAAA,EAAO,oBAAA;AAAA,MACP,YAAA,EAAc,KAAA;AAAA,MACd,KAAA,EAAO,UAAA;AAAA,MACP,WAAA,EAAa;AAAA,KACd,CAAA;AAAA;AAAA,IAGD,IAAA,EAAMA,WAAM,IAAA,CAAK;AAAA,MACf,KAAA,EAAO,eAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,SAAA,EAAW,EAAA;AAAA,MACX,KAAA,EAAO,OAAA;AAAA,MACP,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,MAAA,EAAQA,WAAM,OAAA,CAAQ;AAAA,MACpB,KAAA,EAAO,QAAA;AAAA,MACP,YAAA,EAAc,KAAA;AAAA,MACd,KAAA,EAAO,OAAA;AAAA,MACP,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,IAAA,CAAK;AAAA,MACrB,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,SAAA,EAAW,GAAA;AAAA,MACX,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,WAAA,EAAaA,WAAM,QAAA,CAAS;AAAA,MAC1B,KAAA,EAAO,aAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,KAAA,EAAO,OAAA;AAAA,MACP,WAAA,EAAa;AAAA,KACd,CAAA;AAAA;AAAA,IAGD,KAAA,EAAOA,WAAM,GAAA,CAAI;AAAA,MACf,KAAA,EAAO,eAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA;AAAA,IAGD,EAAA,EAAIA,WAAM,IAAA,CAAK;AAAA,MACb,KAAA,EAAO,SAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR;AAAA,GACH;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,EAAE,MAAA,EAAQ,CAAC,OAAO,CAAA,EAAG,QAAQ,IAAA,EAAK;AAAA,IAClC,EAAE,MAAA,EAAQ,CAAC,YAAY,CAAA,EAAG,QAAQ,KAAA;AAAM,GAC1C;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,YAAA,EAAc,IAAA;AAAA,IACd,UAAA,EAAY,IAAA;AAAA,IACZ,UAAA,EAAY,IAAA;AAAA,IACZ,YAAY,CAAC,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,UAAU,QAAQ,CAAA;AAAA,IACxD,KAAA,EAAO,IAAA;AAAA,IACP,GAAA,EAAK;AAAA;AACP;AAAA;AAAA;AAAA;AAMF,CAAC;AC7aM,IAAM,UAAA,GAAaD,kBAAa,MAAA,CAAO;AAAA,EAC5C,IAAA,EAAM,aAAA;AAAA,EACN,KAAA,EAAO,SAAA;AAAA,EACP,WAAA,EAAa,UAAA;AAAA,EACb,IAAA,EAAM,KAAA;AAAA,EACN,QAAA,EAAU,IAAA;AAAA,EACV,SAAA,EAAW,aAAA;AAAA;AAAA;AAAA;AAAA,EAIX,UAAA,EAAY;AAAA,IACV,IAAA,EAAM,MAAA;AAAA,IACN,MAAA,EAAQ,4DAAA;AAAA,IACR,OAAA,EAAS;AAAA,GACX;AAAA,EACA,WAAA,EAAa,sBAAA;AAAA,EACb,gBAAA,EAAkB,SAAA;AAAA,EAClB,WAAA,EAAa,0BAAA;AAAA,EACb,aAAA,EAAe,CAAC,SAAA,EAAW,YAAA,EAAc,YAAY,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOrD,OAAA,EAAS;AAAA,IACP;AAAA,MACE,IAAA,EAAM,0BAAA;AAAA,MACN,KAAA,EAAO,wBAAA;AAAA,MACP,IAAA,EAAM,SAAA;AAAA,MACN,OAAA,EAAS,QAAA;AAAA,MACT,SAAA,EAAW,CAAC,cAAc,CAAA;AAAA,MAC1B,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,oCAAA;AAAA,MACR,WAAA,EAAa,2GAAA;AAAA,MACb,cAAA,EAAgB,4BAAA;AAAA,MAChB,YAAA,EAAc;AAAA,KAChB;AAAA,IACA;AAAA,MACE,IAAA,EAAM,gBAAA;AAAA,MACN,KAAA,EAAO,gBAAA;AAAA,MACP,IAAA,EAAM,SAAA;AAAA,MACN,OAAA,EAAS,QAAA;AAAA,MACT,IAAA,EAAM,QAAA;AAAA,MACN,SAAA,EAAW,CAAC,WAAW,CAAA;AAAA,MACvB,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,6BAAA;AAAA;AAAA,MAER,aAAA,EAAe,OAAA;AAAA,MACf,aAAA,EAAe,OAAA;AAAA,MACf,WAAA,EAAa,oEAAA;AAAA,MACb,cAAA,EAAgB,iBAAA;AAAA,MAChB,YAAA,EAAc;AAAA;AAChB,GACF;AAAA,EAEA,SAAA,EAAW;AAAA,IACT,IAAA,EAAM;AAAA,MACJ,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,MAAA;AAAA,MACN,KAAA,EAAO,aAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,aAAA,EAAc;AAAA,MAClD,OAAA,EAAS,CAAC,YAAA,EAAc,wBAAA,EAA0B,cAAc,YAAY,CAAA;AAAA,MAC5E,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,WAAW,QAAA,EAAU,QAAA,EAAU,KAAA,EAAO,mBAAA,EAAqB,CAAA;AAAA,MAC7E,MAAM,CAAC,EAAE,OAAO,YAAA,EAAc,KAAA,EAAO,QAAQ,CAAA;AAAA,MAC7C,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG,KAC7B;AAAA,IACA,YAAA,EAAc;AAAA,MACZ,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,cAAA;AAAA,MACN,KAAA,EAAO,KAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,aAAA,EAAc;AAAA,MAClD,SAAS,CAAC,SAAA,EAAW,YAAA,EAAc,wBAAA,EAA0B,cAAc,YAAY,CAAA;AAAA,MACvF,MAAM,CAAC,EAAE,OAAO,YAAA,EAAc,KAAA,EAAO,QAAQ,CAAA;AAAA,MAC7C,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG;AAC7B,GACF;AAAA,EAEA,MAAA,EAAQ;AAAA;AAAA,IAEN,OAAA,EAASC,UAAAA,CAAM,MAAA,CAAO,UAAA,EAAY;AAAA,MAChC,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,UAAA,EAAY,IAAA;AAAA,MACZ,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA;AAAA,IAGD,sBAAA,EAAwBA,UAAAA,CAAM,MAAA,CAAO,kBAAA,EAAoB;AAAA,MACvD,KAAA,EAAO,qBAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,cAAA,EAAgBA,UAAAA,CAAM,MAAA,CAAO,UAAA,EAAY;AAAA,MACvC,KAAA,EAAO,aAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA;AAAA,IAGD,UAAA,EAAYA,WAAM,IAAA,CAAK;AAAA,MACrB,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,SAAA,EAAW,EAAA;AAAA;AAAA,MACX,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA;AAAA,IAGD,eAAA,EAAiBA,UAAAA,CAAM,MAAA,CAAO,UAAA,EAAY;AAAA,MACxC,KAAA,EAAO,iBAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,KAAA,EAAO,OAAA;AAAA,MACP,WAAA,EAAa;AAAA,KACd,CAAA;AAAA;AAAA,IAGD,KAAA,EAAOA,WAAM,IAAA,CAAK;AAAA,MAChB,KAAA,EAAO,eAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,MAAA,EAAQ,IAAA;AAAA,MACR,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa,iDAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA;AAAA,IAGD,EAAA,EAAIA,WAAM,IAAA,CAAK;AAAA,MACb,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR;AAAA,GACH;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,EAAE,MAAA,EAAQ,CAAC,OAAO,CAAA,EAAG,QAAQ,IAAA,EAAK;AAAA,IAClC,EAAE,MAAA,EAAQ,CAAC,SAAS,CAAA,EAAG,QAAQ,KAAA,EAAM;AAAA,IACrC,EAAE,MAAA,EAAQ,CAAC,YAAY,CAAA,EAAG,QAAQ,KAAA;AAAM,GAC1C;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,YAAA,EAAc,KAAA;AAAA,IACd,UAAA,EAAY,KAAA;AAAA,IACZ,UAAA,EAAY,IAAA;AAAA,IACZ,UAAA,EAAY,CAAC,KAAA,EAAO,MAAA,EAAQ,UAAU,QAAQ,CAAA;AAAA,IAC9C,KAAA,EAAO,KAAA;AAAA,IACP,GAAA,EAAK,KAAA;AAAA,IACL,KAAA,EAAO;AAAA;AAEX,CAAC;ACpLM,IAAM,UAAA,GAAaD,kBAAa,MAAA,CAAO;AAAA,EAC5C,IAAA,EAAM,aAAA;AAAA,EACN,KAAA,EAAO,SAAA;AAAA,EACP,WAAA,EAAa,UAAA;AAAA,EACb,IAAA,EAAM,MAAA;AAAA,EACN,QAAA,EAAU,IAAA;AAAA,EACV,SAAA,EAAW,aAAA;AAAA;AAAA;AAAA;AAAA,EAIX,UAAA,EAAY;AAAA,IACV,IAAA,EAAM,MAAA;AAAA,IACN,MAAA,EAAQ,4DAAA;AAAA,IACR,OAAA,EAAS;AAAA,GACX;AAAA,EACA,WAAA,EAAa,4CAAA;AAAA,EACb,WAAA,EAAa,8BAAA;AAAA,EACb,aAAA,EAAe,CAAC,aAAA,EAAe,SAAA,EAAW,YAAY,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EActD,OAAA,EAAS;AAAA,IACP;AAAA,MACE,IAAA,EAAM,aAAA;AAAA,MACN,KAAA,EAAO,qBAAA;AAAA,MACP,IAAA,EAAM,QAAA;AAAA,MACN,OAAA,EAAS,SAAA;AAAA,MACT,IAAA,EAAM,QAAA;AAAA,MACN,SAAA,EAAW,CAAC,cAAc,CAAA;AAAA,MAC1B,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,oHAAA;AAAA,MACR,MAAA,EAAQ;AAAA,QACN;AAAA,UACE,IAAA,EAAM,UAAA;AAAA,UACN,KAAA,EAAO,UAAA;AAAA,UACP,IAAA,EAAM,QAAA;AAAA,UACN,QAAA,EAAU,IAAA;AAAA,UACV,OAAA,EAAS;AAAA,YACP,EAAE,KAAA,EAAO,QAAA,EAAU,KAAA,EAAO,QAAA,EAAS;AAAA,YACnC,EAAE,KAAA,EAAO,QAAA,EAAU,KAAA,EAAO,QAAA,EAAS;AAAA,YACnC,EAAE,KAAA,EAAO,WAAA,EAAa,KAAA,EAAO,WAAA,EAAY;AAAA,YACzC,EAAE,KAAA,EAAO,OAAA,EAAS,KAAA,EAAO,OAAA,EAAQ;AAAA,YACjC,EAAE,KAAA,EAAO,UAAA,EAAY,KAAA,EAAO,UAAA,EAAW;AAAA,YACvC,EAAE,KAAA,EAAO,QAAA,EAAU,KAAA,EAAO,QAAA,EAAS;AAAA,YACnC,EAAE,KAAA,EAAO,SAAA,EAAW,KAAA,EAAO,SAAA;AAAU;AACvC;AACF;AACF,KACF;AAAA,IACA;AAAA,MACE,IAAA,EAAM,gBAAA;AAAA,MACN,KAAA,EAAO,gBAAA;AAAA,MACP,IAAA,EAAM,QAAA;AAAA,MACN,OAAA,EAAS,QAAA;AAAA,MACT,IAAA,EAAM,QAAA;AAAA,MACN,SAAA,EAAW,CAAC,WAAA,EAAa,eAAe,CAAA;AAAA,MACxC,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,6BAAA;AAAA,MACR,WAAA,EAAa,6IAAA;AAAA,MACb,cAAA,EAAgB,uBAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,MAAM,YAAA,EAAc,KAAA,EAAO,eAAe,cAAA,EAAgB,IAAA,EAAM,UAAU,IAAA,EAAK;AAAA,QACjF,EAAE,MAAM,WAAA,EAAa,KAAA,EAAO,cAAc,cAAA,EAAgB,IAAA,EAAM,UAAU,IAAA;AAAK;AACjF;AACF,GACF;AAAA,EAEA,SAAA,EAAW;AAAA,IACT,IAAA,EAAM;AAAA,MACJ,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,MAAA;AAAA,MACN,KAAA,EAAO,UAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,aAAA,EAAc;AAAA,MAClD,OAAA,EAAS,CAAC,aAAA,EAAe,YAAA,EAAc,cAAc,YAAY,CAAA;AAAA,MACjE,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,WAAW,QAAA,EAAU,QAAA,EAAU,KAAA,EAAO,mBAAA,EAAqB,CAAA;AAAA,MAC7E,MAAM,CAAC,EAAE,OAAO,aAAA,EAAe,KAAA,EAAO,OAAO,CAAA;AAAA,MAC7C,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG,KAC7B;AAAA,IACA,WAAA,EAAa;AAAA,MACX,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,aAAA;AAAA,MACN,KAAA,EAAO,aAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,aAAA,EAAc;AAAA,MAClD,OAAA,EAAS,CAAC,aAAA,EAAe,SAAA,EAAW,cAAc,YAAY,CAAA;AAAA,MAC9D,IAAA,EAAM,CAAC,EAAE,KAAA,EAAO,aAAA,EAAe,KAAA,EAAO,KAAA,EAAM,EAAG,EAAE,KAAA,EAAO,YAAA,EAAc,KAAA,EAAO,QAAQ,CAAA;AAAA,MACrF,QAAA,EAAU,EAAE,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,aAAA,EAAe,KAAA,EAAO,KAAA,EAAO,SAAA,EAAW,KAAA,EAAO,CAAA,EAAE;AAAA,MAC/E,UAAA,EAAY,EAAE,QAAA,EAAU,GAAA;AAAI,KAC9B;AAAA,IACA,SAAA,EAAW;AAAA,MACT,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,WAAA;AAAA,MACN,KAAA,EAAO,KAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,aAAA,EAAc;AAAA,MAClD,SAAS,CAAC,aAAA,EAAe,SAAA,EAAW,YAAA,EAAc,cAAc,YAAY,CAAA;AAAA,MAC5E,MAAM,CAAC,EAAE,OAAO,YAAA,EAAc,KAAA,EAAO,QAAQ,CAAA;AAAA,MAC7C,UAAA,EAAY,EAAE,QAAA,EAAU,GAAA;AAAI;AAC9B,GACF;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,EAAA,EAAIC,WAAM,IAAA,CAAK;AAAA,MACb,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,WAAA,EAAaA,WAAM,IAAA,CAAK;AAAA,MACtB,KAAA,EAAO,aAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,IAAA,CAAK;AAAA,MACrB,KAAA,EAAO,qBAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,OAAA,EAASA,UAAAA,CAAM,MAAA,CAAO,UAAA,EAAY;AAAA,MAChC,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,YAAA,EAAcA,WAAM,QAAA,CAAS;AAAA,MAC3B,KAAA,EAAO,cAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,aAAA,EAAeA,WAAM,QAAA,CAAS;AAAA,MAC5B,KAAA,EAAO,eAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,QAAA,EAAUA,WAAM,QAAA,CAAS;AAAA,MACvB,KAAA,EAAO,UAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,uBAAA,EAAyBA,WAAM,QAAA,CAAS;AAAA,MACtC,KAAA,EAAO,yBAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,wBAAA,EAA0BA,WAAM,QAAA,CAAS;AAAA,MACvC,KAAA,EAAO,0BAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,KAAA,EAAOA,WAAM,IAAA,CAAK;AAAA,MAChB,KAAA,EAAO,aAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,QAAA,EAAUA,WAAM,IAAA,CAAK;AAAA,MACnB,KAAA,EAAO,eAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd;AAAA,GACH;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,EAAE,MAAA,EAAQ,CAAC,SAAS,CAAA,EAAG,QAAQ,KAAA,EAAM;AAAA,IACrC,EAAE,MAAA,EAAQ,CAAC,eAAe,YAAY,CAAA,EAAG,QAAQ,IAAA;AAAK,GACxD;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,YAAA,EAAc,KAAA;AAAA,IACd,UAAA,EAAY,KAAA;AAAA,IACZ,UAAA,EAAY,IAAA;AAAA,IACZ,YAAY,CAAC,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,UAAU,QAAQ,CAAA;AAAA,IACxD,KAAA,EAAO,IAAA;AAAA,IACP,GAAA,EAAK;AAAA;AAET,CAAC;ACrMM,IAAM,eAAA,GAAkBD,kBAAa,MAAA,CAAO;AAAA,EACjD,IAAA,EAAM,kBAAA;AAAA,EACN,KAAA,EAAO,cAAA;AAAA,EACP,WAAA,EAAa,eAAA;AAAA,EACb,IAAA,EAAM,cAAA;AAAA,EACN,QAAA,EAAU,IAAA;AAAA,EACV,SAAA,EAAW,aAAA;AAAA;AAAA;AAAA;AAAA,EAIX,UAAA,EAAY;AAAA,IACV,IAAA,EAAM,MAAA;AAAA,IACN,MAAA,EAAQ,4DAAA;AAAA,IACR,OAAA,EAAS;AAAA,GACX;AAAA,EACA,WAAA,EAAa,qCAAA;AAAA,EACb,WAAA,EAAa,+BAAA;AAAA,EACb,aAAA,EAAe,CAAC,YAAA,EAAc,YAAA,EAAc,YAAY,CAAA;AAAA,EAExD,MAAA,EAAQ;AAAA,IACN,EAAA,EAAIC,WAAM,IAAA,CAAK;AAAA,MACb,KAAA,EAAO,iBAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,KAAA,EAAOA,WAAM,IAAA,CAAK;AAAA,MAChB,KAAA,EAAO,oBAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,IAAA,CAAK;AAAA,MACrB,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd;AAAA,GACH;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,EAAE,MAAA,EAAQ,CAAC,OAAO,CAAA,EAAG,QAAQ,IAAA,EAAK;AAAA,IAClC,EAAE,MAAA,EAAQ,CAAC,YAAY,CAAA,EAAG,QAAQ,KAAA,EAAM;AAAA,IACxC,EAAE,MAAA,EAAQ,CAAC,YAAY,CAAA,EAAG,QAAQ,KAAA;AAAM,GAC1C;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,YAAA,EAAc,KAAA;AAAA,IACd,UAAA,EAAY,KAAA;AAAA,IACZ,UAAA,EAAY,IAAA;AAAA,IACZ,UAAA,EAAY,CAAC,KAAA,EAAO,QAAA,EAAU,QAAQ,CAAA;AAAA,IACtC,KAAA,EAAO,KAAA;AAAA,IACP,GAAA,EAAK;AAAA;AAET,CAAC;ACtEM,IAAM,eAAA,GAAkBD,kBAAa,MAAA,CAAO;AAAA,EACjD,IAAA,EAAM,kBAAA;AAAA,EACN,KAAA,EAAO,cAAA;AAAA,EACP,WAAA,EAAa,eAAA;AAAA,EACb,IAAA,EAAM,YAAA;AAAA,EACN,QAAA,EAAU,IAAA;AAAA,EACV,SAAA,EAAW,aAAA;AAAA;AAAA;AAAA;AAAA,EAIX,UAAA,EAAY;AAAA,IACV,IAAA,EAAM,MAAA;AAAA,IACN,MAAA,EAAQ,4DAAA;AAAA,IACR,OAAA,EAAS;AAAA,GACX;AAAA,EACA,WAAA,EAAa,yCAAA;AAAA,EACb,gBAAA,EAAkB,MAAA;AAAA,EAClB,WAAA,EAAa,QAAA;AAAA,EACb,aAAA,EAAe,CAAC,MAAA,EAAQ,MAAM,CAAA;AAAA;AAAA;AAAA,EAI9B,OAAA,EAAS;AAAA,IACP;AAAA,MACE,IAAA,EAAM,qBAAA;AAAA,MACN,KAAA,EAAO,qBAAA;AAAA,MACP,IAAA,EAAM,MAAA;AAAA,MACN,OAAA,EAAS,SAAA;AAAA,MACT,SAAA,EAAW,CAAC,cAAc,CAAA;AAAA,MAC1B,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,kCAAA;AAAA,MACR,cAAA,EAAgB,sBAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,MAMd,OAAA,EAAS,mCAAA;AAAA,MACT,MAAA,EAAQ;AAAA,QACN,EAAE,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,IAAA,EAAK;AAAA,QAChC,EAAE,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,IAAA,EAAK;AAAA,QAChC,EAAE,OAAO,MAAA;AAAO;AAClB,KACF;AAAA,IACA;AAAA,MACE,IAAA,EAAM,qBAAA;AAAA,MACN,KAAA,EAAO,mBAAA;AAAA,MACP,IAAA,EAAM,QAAA;AAAA,MACN,IAAA,EAAM,MAAA;AAAA,MACN,SAAA,EAAW,CAAC,WAAW,CAAA;AAAA,MACvB,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,kCAAA;AAAA,MACR,aAAA,EAAe,gBAAA;AAAA;AAAA,MAEf,SAAA,EAAW,EAAE,IAAA,EAAM,MAAA,EAAO;AAAA,MAC1B,cAAA,EAAgB,sBAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,IAAA,EAAM,gBAAgB,IAAA,EAAK;AAAA,QACtD,EAAE,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,IAAA,EAAM,gBAAgB,IAAA,EAAK;AAAA,QACtD,EAAE,KAAA,EAAO,MAAA,EAAQ,cAAA,EAAgB,IAAA;AAAK;AACxC,KACF;AAAA,IACA;AAAA,MACE,IAAA,EAAM,qBAAA;AAAA,MACN,KAAA,EAAO,qBAAA;AAAA,MACP,IAAA,EAAM,SAAA;AAAA,MACN,OAAA,EAAS,QAAA;AAAA,MACT,IAAA,EAAM,QAAA;AAAA,MACN,SAAA,EAAW,CAAC,WAAW,CAAA;AAAA,MACvB,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,kCAAA;AAAA,MACR,aAAA,EAAe,gBAAA;AAAA,MACf,WAAA,EAAa,4FAAA;AAAA,MACb,cAAA,EAAgB,sBAAA;AAAA,MAChB,YAAA,EAAc;AAAA,KAChB;AAAA,IACA;AAAA;AAAA;AAAA;AAAA;AAAA,MAKE,IAAA,EAAM,yBAAA;AAAA,MACN,KAAA,EAAO,YAAA;AAAA,MACP,IAAA,EAAM,gBAAA;AAAA,MACN,OAAA,EAAS,WAAA;AAAA,MACT,IAAA,EAAM,QAAA;AAAA,MACN,SAAA,EAAW,CAAC,WAAA,EAAa,eAAe,CAAA;AAAA,MACxC,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,sCAAA;AAAA,MACR,aAAA,EAAe,gBAAA;AAAA,MACf,cAAA,EAAgB,8BAAA;AAAA,MAChB,YAAA,EAAc;AAAA,KAChB;AAAA,IACA;AAAA;AAAA;AAAA;AAAA,MAIE,IAAA,EAAM,oBAAA;AAAA,MACN,KAAA,EAAO,oBAAA;AAAA,MACP,IAAA,EAAM,SAAA;AAAA,MACN,OAAA,EAAS,QAAA;AAAA,MACT,IAAA,EAAM,QAAA;AAAA,MACN,SAAA,EAAW,CAAC,WAAA,EAAa,eAAe,CAAA;AAAA,MACxC,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,iCAAA;AAAA,MACR,aAAA,EAAe,gBAAA;AAAA,MACf,WAAA,EAAa,wEAAA;AAAA,MACb,cAAA,EAAgB,gCAAA;AAAA,MAChB,YAAA,EAAc;AAAA,KAChB;AAAA,IACA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,MAQE,IAAA,EAAM,aAAA;AAAA,MACN,KAAA,EAAO,aAAA;AAAA,MACP,IAAA,EAAM,QAAA;AAAA,MACN,OAAA,EAAS,WAAA;AAAA,MACT,IAAA,EAAM,QAAA;AAAA,MACN,SAAA,EAAW,CAAC,eAAe,CAAA;AAAA,MAC3B,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,8CAAA;AAAA,MACR,MAAA,EAAQ,MAAA;AAAA,MACR,WAAA,EAAa,gHAAA;AAAA,MACb,cAAA,EAAgB,2BAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,IAAA,EAAM,gBAAgB,IAAA;AAAK;AACxD;AACF,GACF;AAAA,EAEA,SAAA,EAAW;AAAA,IACT,QAAA,EAAU;AAAA,MACR,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,UAAA;AAAA,MACN,KAAA,EAAO,KAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,kBAAA,EAAmB;AAAA,MACvD,OAAA,EAAS,CAAC,MAAA,EAAQ,MAAA,EAAQ,cAAc,YAAY,CAAA;AAAA,MACpD,MAAM,CAAC,EAAE,OAAO,MAAA,EAAQ,KAAA,EAAO,OAAO,CAAA;AAAA,MACtC,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG;AAC7B,GACF;AAAA,EAEA,MAAA,EAAQ;AAAA;AAAA,IAEN,IAAA,EAAMC,WAAM,IAAA,CAAK;AAAA,MACf,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,UAAA,EAAY,IAAA;AAAA,MACZ,SAAA,EAAW,GAAA;AAAA,MACX,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,IAAA,EAAMA,WAAM,IAAA,CAAK;AAAA,MACf,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,UAAA,EAAY,IAAA;AAAA,MACZ,SAAA,EAAW,GAAA;AAAA,MACX,WAAA,EAAa,yBAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA;AAAA,IAGD,IAAA,EAAMA,WAAM,GAAA,CAAI;AAAA,MACd,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA;AAAA,IAGD,QAAA,EAAUA,WAAM,QAAA,CAAS;AAAA,MACvB,KAAA,EAAO,UAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,uCAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA;AAAA,IAGD,EAAA,EAAIA,WAAM,IAAA,CAAK;AAAA,MACb,KAAA,EAAO,iBAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR;AAAA,GACH;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,EAAE,MAAA,EAAQ,CAAC,MAAM,CAAA,EAAG,QAAQ,IAAA,EAAK;AAAA,IACjC,EAAE,MAAA,EAAQ,CAAC,MAAM,CAAA;AAAE,GACrB;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,YAAA,EAAc,IAAA;AAAA,IACd,UAAA,EAAY,IAAA;AAAA,IACZ,UAAA,EAAY,IAAA;AAAA,IACZ,YAAY,CAAC,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,UAAU,QAAQ,CAAA;AAAA,IACxD,KAAA,EAAO,IAAA;AAAA,IACP,GAAA,EAAK;AAAA;AAET,CAAC;AC5NM,IAAM,SAAA,GAAYD,kBAAa,MAAA,CAAO;AAAA,EAC3C,IAAA,EAAM,YAAA;AAAA,EACN,KAAA,EAAO,QAAA;AAAA,EACP,WAAA,EAAa,SAAA;AAAA,EACb,IAAA,EAAM,YAAA;AAAA,EACN,QAAA,EAAU,IAAA;AAAA,EACV,SAAA,EAAW,aAAA;AAAA;AAAA;AAAA;AAAA,EAIX,UAAA,EAAY;AAAA,IACV,IAAA,EAAM,MAAA;AAAA,IACN,MAAA,EAAQ,4DAAA;AAAA,IACR,OAAA,EAAS;AAAA,GACX;AAAA,EACA,WAAA,EAAa,iCAAA;AAAA,EACb,WAAA,EAAa,gCAAA;AAAA,EACb,aAAA,EAAe,CAAC,SAAA,EAAW,iBAAA,EAAmB,MAAM,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOpD,OAAA,EAAS;AAAA,IACP;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,MAME,IAAA,EAAM,YAAA;AAAA,MACN,KAAA,EAAO,YAAA;AAAA,MACP,IAAA,EAAM,WAAA;AAAA,MACN,OAAA,EAAS,SAAA;AAAA,MACT,SAAA,EAAW,CAAC,cAAc,CAAA;AAAA,MAC1B,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,sCAAA;AAAA,MACR,cAAA,EAAgB,cAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,IAAA,EAAM,QAAA,EAAU,KAAA,EAAO,SAAA,EAAW,UAAU,IAAA,EAAK;AAAA,QACnD,EAAE,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,IAAA,EAAK;AAAA,QAChC,EAAE,IAAA,EAAM,gBAAA,EAAkB,KAAA,EAAO,iBAAA;AAAkB;AACrD,KACF;AAAA,IACA;AAAA,MACE,IAAA,EAAM,oBAAA;AAAA,MACN,KAAA,EAAO,aAAA;AAAA,MACP,IAAA,EAAM,QAAA;AAAA,MACN,IAAA,EAAM,MAAA;AAAA,MACN,SAAA,EAAW,CAAC,WAAW,CAAA;AAAA,MACvB,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,8CAAA;AAAA,MACR,aAAA,EAAe,UAAA;AAAA,MACf,cAAA,EAAgB,qBAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,IAAA,EAAM,gBAAgB,IAAA;AAAK;AACxD,KACF;AAAA,IACA;AAAA,MACE,IAAA,EAAM,eAAA;AAAA,MACN,KAAA,EAAO,eAAA;AAAA,MACP,IAAA,EAAM,YAAA;AAAA,MACN,OAAA,EAAS,QAAA;AAAA,MACT,IAAA,EAAM,QAAA;AAAA,MACN,SAAA,EAAW,CAAC,WAAW,CAAA;AAAA,MACvB,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,yCAAA;AAAA,MACR,aAAA,EAAe,iBAAA;AAAA,MACf,WAAA,EAAa,uFAAA;AAAA,MACb,cAAA,EAAgB,gBAAA;AAAA,MAChB,YAAA,EAAc;AAAA,KAChB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAOA;AAAA,MACE,IAAA,EAAM,oBAAA;AAAA,MACN,KAAA,EAAO,oBAAA;AAAA,MACP,IAAA,EAAM,OAAA;AAAA,MACN,OAAA,EAAS,QAAA;AAAA,MACT,IAAA,EAAM,QAAA;AAAA,MACN,SAAA,EAAW,CAAC,WAAW,CAAA;AAAA,MACvB,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,8CAAA;AAAA,MACR,aAAA,EAAe,UAAA;AAAA,MACf,SAAA,EAAW,EAAE,IAAA,EAAM,OAAA,EAAQ;AAAA,MAC3B,OAAA,EAAS,wBAAA;AAAA,MACT,WAAA,EAAa,8HAAA;AAAA,MACb,cAAA,EAAgB,uBAAA;AAAA,MAChB,YAAA,EAAc;AAAA;AAChB,GACF;AAAA,EAEA,SAAA,EAAW;AAAA,IACT,IAAA,EAAM;AAAA,MACJ,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,MAAA;AAAA,MACN,KAAA,EAAO,gBAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,YAAA,EAAa;AAAA,MACjD,OAAA,EAAS,CAAC,iBAAA,EAAmB,MAAA,EAAQ,YAAY,CAAA;AAAA,MACjD,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,WAAW,QAAA,EAAU,QAAA,EAAU,KAAA,EAAO,mBAAA,EAAqB,CAAA;AAAA,MAC7E,MAAM,CAAC,EAAE,OAAO,YAAA,EAAc,KAAA,EAAO,QAAQ,CAAA;AAAA,MAC7C,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA,EAAG;AAAA,MAC3B,UAAA,EAAY;AAAA,QACV,KAAA,EAAO,sBAAA;AAAA,QACP,OAAA,EAAS;AAAA;AACX;AACF,GACF;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,EAAA,EAAIC,WAAM,IAAA,CAAK;AAAA,MACb,KAAA,EAAO,WAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,eAAA,EAAiBA,UAAAA,CAAM,MAAA,CAAO,kBAAA,EAAoB;AAAA,MAChD,KAAA,EAAO,cAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,OAAA,EAASA,UAAAA,CAAM,MAAA,CAAO,UAAA,EAAY;AAAA,MAChC,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,IAAA,EAAMA,WAAM,MAAA,CAAO;AAAA,MACjB,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,qCAAA;AAAA,MACb,OAAA,EAAS;AAAA,QACP,EAAE,KAAA,EAAO,OAAA,EAAS,KAAA,EAAO,OAAA,EAAQ;AAAA,QACjC,EAAE,KAAA,EAAO,OAAA,EAAS,KAAA,EAAO,OAAA,EAAQ;AAAA,QACjC,EAAE,KAAA,EAAO,QAAA,EAAU,KAAA,EAAO,QAAA;AAAS,OACrC;AAAA,MACA,YAAA,EAAc;AAAA,KACf;AAAA,GACH;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,EAAE,MAAA,EAAQ,CAAC,mBAAmB,SAAS,CAAA,EAAG,QAAQ,IAAA,EAAK;AAAA,IACvD,EAAE,MAAA,EAAQ,CAAC,SAAS,CAAA;AAAE,GACxB;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,YAAA,EAAc,IAAA;AAAA,IACd,UAAA,EAAY,KAAA;AAAA,IACZ,UAAA,EAAY,IAAA;AAAA,IACZ,YAAY,CAAC,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,UAAU,QAAQ,CAAA;AAAA,IACxD,KAAA,EAAO,KAAA;AAAA,IACP,GAAA,EAAK;AAAA;AAET,CAAC;ACrKM,IAAM,aAAA,GAAgBD,kBAAa,MAAA,CAAO;AAAA,EAC/C,IAAA,EAAM,gBAAA;AAAA,EACN,KAAA,EAAO,YAAA;AAAA,EACP,WAAA,EAAa,aAAA;AAAA,EACb,IAAA,EAAM,MAAA;AAAA,EACN,QAAA,EAAU,IAAA;AAAA,EACV,SAAA,EAAW,aAAA;AAAA;AAAA;AAAA;AAAA,EAIX,UAAA,EAAY;AAAA,IACV,IAAA,EAAM,MAAA;AAAA,IACN,MAAA,EAAQ,4DAAA;AAAA,IACR,OAAA,EAAS;AAAA,GACX;AAAA,EACA,WAAA,EAAa,8CAAA;AAAA,EACb,WAAA,EAAa,iCAAA;AAAA,EACb,aAAA,EAAe,CAAC,OAAA,EAAS,iBAAA,EAAmB,QAAQ,CAAA;AAAA;AAAA;AAAA;AAAA,EAKpD,OAAA,EAAS;AAAA,IACP;AAAA,MACE,IAAA,EAAM,aAAA;AAAA,MACN,KAAA,EAAO,aAAA;AAAA,MACP,IAAA,EAAM,WAAA;AAAA,MACN,OAAA,EAAS,SAAA;AAAA,MACT,SAAA,EAAW,CAAC,cAAc,CAAA;AAAA,MAC1B,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,yCAAA;AAAA,MACR,cAAA,EAAgB,iBAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,KAAA,EAAO,OAAA,EAAS,QAAA,EAAU,IAAA,EAAK;AAAA,QACjC,EAAE,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,IAAA;AAAK;AAClC,KACF;AAAA,IACA;AAAA,MACE,IAAA,EAAM,mBAAA;AAAA,MACN,KAAA,EAAO,mBAAA;AAAA,MACP,IAAA,EAAM,UAAA;AAAA,MACN,OAAA,EAAS,QAAA;AAAA,MACT,IAAA,EAAM,QAAA;AAAA,MACN,SAAA,EAAW,CAAC,WAAW,CAAA;AAAA,MACvB,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,6CAAA;AAAA,MACR,aAAA,EAAe,cAAA;AAAA,MACf,WAAA,EAAa,4EAAA;AAAA,MACb,cAAA,EAAgB,qBAAA;AAAA,MAChB,YAAA,EAAc;AAAA,KAChB;AAAA,IACA;AAAA,MACE,IAAA,EAAM,mBAAA;AAAA,MACN,KAAA,EAAO,mBAAA;AAAA,MACP,IAAA,EAAM,MAAA;AAAA,MACN,OAAA,EAAS,WAAA;AAAA,MACT,SAAA,EAAW,CAAC,WAAW,CAAA;AAAA,MACvB,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,yCAAA;AAAA,MACR,SAAA,EAAW,EAAE,MAAA,EAAQ,IAAA,EAAK;AAAA,MAC1B,cAAA,EAAgB,mBAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,KAAA,EAAO,OAAA,EAAS,QAAA,EAAU,IAAA,EAAM,gBAAgB,IAAA,EAAK;AAAA,QACvD,EAAE,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,IAAA,EAAM,gBAAgB,IAAA;AAAK;AACxD,KACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IASA;AAAA,MACE,IAAA,EAAM,mBAAA;AAAA,MACN,KAAA,EAAO,mBAAA;AAAA,MACP,IAAA,EAAM,OAAA;AAAA,MACN,OAAA,EAAS,SAAA;AAAA,MACT,SAAA,EAAW,CAAC,WAAA,EAAa,eAAe,CAAA;AAAA,MACxC,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,6CAAA;AAAA,MACR,aAAA,EAAe,cAAA;AAAA,MACf,OAAA,EAAS,8DAAA;AAAA,MACT,cAAA,EAAgB,qBAAA;AAAA,MAChB,YAAA,EAAc;AAAA,KAChB;AAAA,IACA;AAAA,MACE,IAAA,EAAM,mBAAA;AAAA,MACN,KAAA,EAAO,oBAAA;AAAA,MACP,IAAA,EAAM,GAAA;AAAA,MACN,OAAA,EAAS,OAAA;AAAA,MACT,SAAA,EAAW,CAAC,WAAA,EAAa,eAAe,CAAA;AAAA,MACxC,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,6CAAA;AAAA,MACR,aAAA,EAAe,cAAA;AAAA,MACf,OAAA,EAAS,8DAAA;AAAA,MACT,WAAA,EAAa,mGAAA;AAAA,MACb,cAAA,EAAgB,qBAAA;AAAA,MAChB,YAAA,EAAc;AAAA;AAChB,GACF;AAAA,EAEA,SAAA,EAAW;AAAA,IACT,OAAA,EAAS;AAAA,MACP,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,SAAA;AAAA,MACN,KAAA,EAAO,SAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,gBAAA,EAAiB;AAAA,MACrD,SAAS,CAAC,OAAA,EAAS,MAAA,EAAQ,iBAAA,EAAmB,cAAc,YAAY,CAAA;AAAA,MACxE,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,UAAU,QAAA,EAAU,QAAA,EAAU,KAAA,EAAO,SAAA,EAAW,CAAA;AAAA,MAClE,MAAM,CAAC,EAAE,OAAO,YAAA,EAAc,KAAA,EAAO,OAAO,CAAA;AAAA,MAC5C,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG,KAC7B;AAAA,IACA,QAAA,EAAU;AAAA,MACR,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,UAAA;AAAA,MACN,KAAA,EAAO,UAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,gBAAA,EAAiB;AAAA,MACrD,SAAS,CAAC,OAAA,EAAS,MAAA,EAAQ,iBAAA,EAAmB,cAAc,YAAY,CAAA;AAAA,MACxE,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,UAAU,QAAA,EAAU,QAAA,EAAU,KAAA,EAAO,UAAA,EAAY,CAAA;AAAA,MACnE,MAAM,CAAC,EAAE,OAAO,YAAA,EAAc,KAAA,EAAO,QAAQ,CAAA;AAAA,MAC7C,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG,KAC7B;AAAA,IACA,OAAA,EAAS;AAAA,MACP,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,SAAA;AAAA,MACN,KAAA,EAAO,oBAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,gBAAA,EAAiB;AAAA,MACrD,OAAA,EAAS,CAAC,OAAA,EAAS,QAAA,EAAU,mBAAmB,YAAY,CAAA;AAAA,MAC5D,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,QAAA,EAAU,QAAA,EAAU,IAAA,EAAM,KAAA,EAAO,CAAC,SAAA,EAAW,UAAA,EAAY,UAAU,GAAG,CAAA;AAAA,MACxF,MAAM,CAAC,EAAE,OAAO,YAAA,EAAc,KAAA,EAAO,QAAQ,CAAA;AAAA,MAC7C,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG,KAC7B;AAAA,IACA,eAAA,EAAiB;AAAA,MACf,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,iBAAA;AAAA,MACN,KAAA,EAAO,KAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,gBAAA,EAAiB;AAAA,MACrD,SAAS,CAAC,OAAA,EAAS,UAAU,MAAA,EAAQ,iBAAA,EAAmB,cAAc,YAAY,CAAA;AAAA,MAClF,MAAM,CAAC,EAAE,OAAO,YAAA,EAAc,KAAA,EAAO,QAAQ,CAAA;AAAA,MAC7C,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG;AAC7B,GACF;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,EAAA,EAAIC,WAAM,IAAA,CAAK;AAAA,MACb,KAAA,EAAO,eAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,eAAA,EAAiBA,UAAAA,CAAM,MAAA,CAAO,kBAAA,EAAoB;AAAA,MAChD,KAAA,EAAO,cAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,KAAA,EAAOA,WAAM,KAAA,CAAM;AAAA,MACjB,KAAA,EAAO,OAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,IAAA,EAAMA,WAAM,MAAA,CAAO;AAAA,MACjB,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,gCAAA;AAAA,MACb,OAAA,EAAS;AAAA,QACP,EAAE,KAAA,EAAO,OAAA,EAAS,KAAA,EAAO,OAAA,EAAQ;AAAA,QACjC,EAAE,KAAA,EAAO,OAAA,EAAS,KAAA,EAAO,OAAA,EAAQ;AAAA,QACjC,EAAE,KAAA,EAAO,QAAA,EAAU,KAAA,EAAO,QAAA;AAAS,OACrC;AAAA,MACA,YAAA,EAAc;AAAA,KACf,CAAA;AAAA,IAED,MAAA,EAAQA,WAAM,MAAA,CAAO,CAAC,WAAW,UAAA,EAAY,UAAA,EAAY,SAAA,EAAW,UAAU,CAAA,EAAG;AAAA,MAC/E,KAAA,EAAO,QAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,YAAA,EAAc;AAAA,KACf,CAAA;AAAA,IAED,UAAA,EAAYA,UAAAA,CAAM,MAAA,CAAO,UAAA,EAAY;AAAA,MACnC,KAAA,EAAO,SAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,OAAA,EAASA,UAAAA,CAAM,MAAA,CAAO,UAAA,EAAY;AAAA,MAChC,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd;AAAA,GACH;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,EAAE,MAAA,EAAQ,CAAC,iBAAiB,CAAA,EAAE;AAAA,IAC9B,EAAE,MAAA,EAAQ,CAAC,OAAO,CAAA,EAAE;AAAA,IACpB,EAAE,MAAA,EAAQ,CAAC,YAAY,CAAA;AAAE,GAC3B;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,YAAA,EAAc,IAAA;AAAA,IACd,UAAA,EAAY,KAAA;AAAA,IACZ,UAAA,EAAY,IAAA;AAAA,IACZ,YAAY,CAAC,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,UAAU,QAAQ,CAAA;AAAA,IACxD,KAAA,EAAO,KAAA;AAAA,IACP,GAAA,EAAK;AAAA;AAET,CAAC;AC7NM,IAAM,OAAA,GAAUD,kBAAa,MAAA,CAAO;AAAA,EACzC,IAAA,EAAM,UAAA;AAAA,EACN,KAAA,EAAO,MAAA;AAAA,EACP,WAAA,EAAa,OAAA;AAAA,EACb,IAAA,EAAM,OAAA;AAAA,EACN,QAAA,EAAU,IAAA;AAAA,EACV,SAAA,EAAW,aAAA;AAAA;AAAA;AAAA;AAAA,EAIX,UAAA,EAAY;AAAA,IACV,IAAA,EAAM,MAAA;AAAA,IACN,MAAA,EAAQ,4DAAA;AAAA,IACR,OAAA,EAAS;AAAA,GACX;AAAA,EACA,WAAA,EAAa,sDAAA;AAAA,EACb,gBAAA,EAAkB,MAAA;AAAA,EAClB,WAAA,EAAa,QAAA;AAAA,EACb,aAAA,EAAe,CAAC,MAAA,EAAQ,iBAAiB,CAAA;AAAA;AAAA;AAAA;AAAA,EAKzC,OAAA,EAAS;AAAA,IACP;AAAA;AAAA;AAAA,MAGE,IAAA,EAAM,aAAA;AAAA,MACN,KAAA,EAAO,aAAA;AAAA,MACP,IAAA,EAAM,MAAA;AAAA,MACN,OAAA,EAAS,SAAA;AAAA,MACT,SAAA,EAAW,CAAC,cAAc,CAAA;AAAA,MAC1B,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,uCAAA;AAAA,MACR,cAAA,EAAgB,cAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,IAAA,EAAK;AAAA,QAChC,EAAE,IAAA,EAAM,gBAAA,EAAkB,KAAA,EAAO,iBAAA;AAAkB;AACrD,KACF;AAAA,IACA;AAAA;AAAA;AAAA;AAAA,MAIE,IAAA,EAAM,aAAA;AAAA,MACN,KAAA,EAAO,WAAA;AAAA,MACP,IAAA,EAAM,QAAA;AAAA,MACN,IAAA,EAAM,MAAA;AAAA,MACN,SAAA,EAAW,CAAC,WAAW,CAAA;AAAA,MACvB,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,uCAAA;AAAA,MACR,aAAA,EAAe,QAAA;AAAA,MACf,SAAA,EAAW,EAAE,IAAA,EAAM,MAAA,EAAO;AAAA,MAC1B,cAAA,EAAgB,cAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,IAAA,EAAM,gBAAgB,IAAA;AAAK;AACxD,KACF;AAAA,IACA;AAAA;AAAA;AAAA,MAGE,IAAA,EAAM,aAAA;AAAA,MACN,KAAA,EAAO,aAAA;AAAA,MACP,IAAA,EAAM,SAAA;AAAA,MACN,OAAA,EAAS,QAAA;AAAA,MACT,IAAA,EAAM,QAAA;AAAA,MACN,SAAA,EAAW,CAAC,WAAW,CAAA;AAAA,MACvB,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,uCAAA;AAAA,MACR,aAAA,EAAe,QAAA;AAAA,MACf,WAAA,EAAa,oFAAA;AAAA,MACb,cAAA,EAAgB,cAAA;AAAA,MAChB,YAAA,EAAc;AAAA;AAChB,GACF;AAAA,EAEA,SAAA,EAAW;AAAA,IACT,MAAA,EAAQ;AAAA,MACN,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,QAAA;AAAA,MACN,KAAA,EAAO,iBAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,UAAA,EAAW;AAAA,MAC/C,OAAA,EAAS,CAAC,iBAAA,EAAmB,MAAA,EAAQ,cAAc,YAAY,CAAA;AAAA,MAC/D,IAAA,EAAM,CAAC,EAAE,KAAA,EAAO,iBAAA,EAAmB,KAAA,EAAO,KAAA,EAAM,EAAG,EAAE,KAAA,EAAO,MAAA,EAAQ,KAAA,EAAO,OAAO,CAAA;AAAA,MAClF,QAAA,EAAU,EAAE,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,iBAAA,EAAmB,KAAA,EAAO,KAAA,EAAO,SAAA,EAAW,KAAA,EAAO,CAAA,EAAE;AAAA,MACnF,UAAA,EAAY,EAAE,QAAA,EAAU,GAAA;AAAI,KAC9B;AAAA,IACA,SAAA,EAAW;AAAA,MACT,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,WAAA;AAAA,MACN,KAAA,EAAO,KAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,UAAA,EAAW;AAAA,MAC/C,OAAA,EAAS,CAAC,MAAA,EAAQ,iBAAA,EAAmB,cAAc,YAAY,CAAA;AAAA,MAC/D,MAAM,CAAC,EAAE,OAAO,MAAA,EAAQ,KAAA,EAAO,OAAO,CAAA;AAAA,MACtC,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG;AAC7B,GACF;AAAA,EAEA,MAAA,EAAQ;AAAA;AAAA,IAEN,IAAA,EAAMC,WAAM,IAAA,CAAK;AAAA,MACf,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,UAAA,EAAY,IAAA;AAAA,MACZ,SAAA,EAAW,GAAA;AAAA,MACX,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,eAAA,EAAiBA,UAAAA,CAAM,MAAA,CAAO,kBAAA,EAAoB;AAAA,MAChD,KAAA,EAAO,cAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa,mCAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA;AAAA,IAGD,EAAA,EAAIA,WAAM,IAAA,CAAK;AAAA,MACb,KAAA,EAAO,SAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR;AAAA,GACH;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,EAAE,MAAA,EAAQ,CAAC,iBAAiB,CAAA,EAAE;AAAA,IAC9B,EAAE,MAAA,EAAQ,CAAC,QAAQ,iBAAiB,CAAA,EAAG,QAAQ,IAAA;AAAK,GACtD;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,YAAA,EAAc,IAAA;AAAA,IACd,UAAA,EAAY,IAAA;AAAA,IACZ,UAAA,EAAY,IAAA;AAAA,IACZ,YAAY,CAAC,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,UAAU,QAAQ,CAAA;AAAA,IACxD,KAAA,EAAO,IAAA;AAAA,IACP,GAAA,EAAK;AAAA;AAET,CAAC;ACzJM,IAAM,aAAA,GAAgBD,kBAAa,MAAA,CAAO;AAAA,EAC/C,IAAA,EAAM,iBAAA;AAAA,EACN,KAAA,EAAO,aAAA;AAAA,EACP,WAAA,EAAa,cAAA;AAAA,EACb,IAAA,EAAM,WAAA;AAAA,EACN,QAAA,EAAU,IAAA;AAAA,EACV,SAAA,EAAW,aAAA;AAAA;AAAA;AAAA;AAAA,EAIX,UAAA,EAAY;AAAA,IACV,IAAA,EAAM,MAAA;AAAA,IACN,MAAA,EAAQ,4DAAA;AAAA,IACR,OAAA,EAAS;AAAA,GACX;AAAA,EACA,WAAA,EAAa,gDAAA;AAAA,EACb,WAAA,EAAa,wBAAA;AAAA,EACb,aAAA,EAAe,CAAC,SAAA,EAAW,SAAA,EAAW,YAAY,CAAA;AAAA;AAAA;AAAA;AAAA,EAKlD,OAAA,EAAS;AAAA,IACP;AAAA;AAAA,MAEE,IAAA,EAAM,iBAAA;AAAA,MACN,KAAA,EAAO,YAAA;AAAA,MACP,IAAA,EAAM,WAAA;AAAA,MACN,OAAA,EAAS,SAAA;AAAA,MACT,SAAA,EAAW,CAAC,cAAc,CAAA;AAAA,MAC1B,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,2CAAA;AAAA,MACR,cAAA,EAAgB,mBAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,IAAA,EAAM,QAAA,EAAU,KAAA,EAAO,SAAA,EAAW,UAAU,IAAA,EAAK;AAAA,QACnD,EAAE,IAAA,EAAM,QAAA,EAAU,KAAA,EAAO,SAAA,EAAW,UAAU,IAAA;AAAK;AACrD,KACF;AAAA,IACA;AAAA;AAAA;AAAA;AAAA;AAAA,MAKE,IAAA,EAAM,oBAAA;AAAA,MACN,KAAA,EAAO,kBAAA;AAAA,MACP,IAAA,EAAM,YAAA;AAAA,MACN,OAAA,EAAS,QAAA;AAAA,MACT,IAAA,EAAM,QAAA;AAAA,MACN,SAAA,EAAW,CAAC,WAAW,CAAA;AAAA,MACvB,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,8CAAA;AAAA,MACR,WAAA,EAAa,wEAAA;AAAA,MACb,cAAA,EAAgB,qBAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,MAAM,QAAA,EAAU,KAAA,EAAO,WAAW,QAAA,EAAU,IAAA,EAAM,gBAAgB,IAAA,EAAK;AAAA,QACzE,EAAE,MAAM,QAAA,EAAU,KAAA,EAAO,WAAW,QAAA,EAAU,IAAA,EAAM,gBAAgB,IAAA;AAAK;AAC3E;AACF,GACF;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,EAAA,EAAIC,WAAM,IAAA,CAAK;AAAA,MACb,KAAA,EAAO,gBAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,OAAA,EAASA,UAAAA,CAAM,MAAA,CAAO,UAAA,EAAY;AAAA,MAChC,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,OAAA,EAASA,UAAAA,CAAM,MAAA,CAAO,UAAA,EAAY;AAAA,MAChC,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACX;AAAA,GACH;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,EAAE,MAAA,EAAQ,CAAC,WAAW,SAAS,CAAA,EAAG,QAAQ,IAAA,EAAK;AAAA,IAC/C,EAAE,MAAA,EAAQ,CAAC,SAAS,CAAA;AAAE,GACxB;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,YAAA,EAAc,IAAA;AAAA,IACd,UAAA,EAAY,KAAA;AAAA,IACZ,UAAA,EAAY,IAAA;AAAA,IACZ,UAAA,EAAY,CAAC,KAAA,EAAO,MAAA,EAAQ,UAAU,QAAQ,CAAA;AAAA,IAC9C,KAAA,EAAO,KAAA;AAAA,IACP,GAAA,EAAK;AAAA;AAET,CAAC;ACzFM,IAAM,aAAA,GAAgBD,kBAAa,MAAA,CAAO;AAAA,EAC/C,IAAA,EAAM,gBAAA;AAAA,EACN,KAAA,EAAO,YAAA;AAAA,EACP,WAAA,EAAa,aAAA;AAAA,EACb,IAAA,EAAM,UAAA;AAAA,EACN,QAAA,EAAU,IAAA;AAAA,EACV,SAAA,EAAW,UAAA;AAAA,EACX,WAAA,EAAa,kFAAA;AAAA,EACb,gBAAA,EAAkB,MAAA;AAAA,EAClB,WAAA,EAAa,QAAA;AAAA,EACb,aAAA,EAAe,CAAC,MAAA,EAAQ,MAAA,EAAQ,wBAAwB,iBAAiB,CAAA;AAAA,EAEzE,SAAA,EAAW;AAAA,IACT,MAAA,EAAQ;AAAA,MACN,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,QAAA;AAAA,MACN,KAAA,EAAO,QAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,gBAAA,EAAiB;AAAA,MACrD,SAAS,CAAC,MAAA,EAAQ,QAAQ,MAAA,EAAQ,sBAAA,EAAwB,mBAAmB,gBAAgB,CAAA;AAAA,MAC7F,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,UAAU,QAAA,EAAU,QAAA,EAAU,KAAA,EAAO,IAAA,EAAM,CAAA;AAAA,MAC7D,MAAM,CAAC,EAAE,OAAO,MAAA,EAAQ,KAAA,EAAO,OAAO,CAAA;AAAA,MACtC,UAAA,EAAY,EAAE,QAAA,EAAU,GAAA;AAAI,KAC9B;AAAA,IACA,QAAA,EAAU;AAAA,MACR,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,UAAA;AAAA,MACN,KAAA,EAAO,UAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,gBAAA,EAAiB;AAAA,MACrD,OAAA,EAAS,CAAC,MAAA,EAAQ,MAAA,EAAQ,QAAQ,cAAc,CAAA;AAAA,MAChD,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,UAAU,QAAA,EAAU,QAAA,EAAU,KAAA,EAAO,KAAA,EAAO,CAAA;AAAA,MAC9D,MAAM,CAAC,EAAE,OAAO,cAAA,EAAgB,KAAA,EAAO,QAAQ,CAAA;AAAA,MAC/C,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG,KAC7B;AAAA,IACA,OAAA,EAAS;AAAA,MACP,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,SAAA;AAAA,MACN,KAAA,EAAO,SAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,gBAAA,EAAiB;AAAA,MACrD,SAAS,CAAC,MAAA,EAAQ,QAAQ,MAAA,EAAQ,sBAAA,EAAwB,mBAAmB,QAAQ,CAAA;AAAA,MACrF,IAAA,EAAM,CAAC,EAAE,KAAA,EAAO,MAAA,EAAQ,KAAA,EAAO,KAAA,EAAM,EAAG,EAAE,KAAA,EAAO,MAAA,EAAQ,KAAA,EAAO,OAAO,CAAA;AAAA,MACvE,QAAA,EAAU,EAAE,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,MAAA,EAAQ,KAAA,EAAO,KAAA,EAAO,SAAA,EAAW,KAAA,EAAO,CAAA,EAAE;AAAA,MACxE,UAAA,EAAY,EAAE,QAAA,EAAU,GAAA;AAAI,KAC9B;AAAA,IACA,eAAA,EAAiB;AAAA,MACf,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,iBAAA;AAAA,MACN,KAAA,EAAO,KAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,gBAAA,EAAiB;AAAA,MACrD,SAAS,CAAC,MAAA,EAAQ,QAAQ,MAAA,EAAQ,sBAAA,EAAwB,mBAAmB,QAAQ,CAAA;AAAA,MACrF,MAAM,CAAC,EAAE,OAAO,MAAA,EAAQ,KAAA,EAAO,OAAO,CAAA;AAAA,MACtC,UAAA,EAAY,EAAE,QAAA,EAAU,GAAA;AAAI;AAC9B,GACF;AAAA,EAEA,MAAA,EAAQ;AAAA;AAAA,IAEN,IAAA,EAAMC,WAAM,IAAA,CAAK;AAAA,MACf,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,UAAA,EAAY,IAAA;AAAA,MACZ,SAAA,EAAW,GAAA;AAAA,MACX,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,IAAA,EAAMA,WAAM,IAAA,CAAK;AAAA,MACf,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,UAAA,EAAY,IAAA;AAAA,MACZ,SAAA,EAAW,EAAA;AAAA,MACX,WAAA,EAAa,4DAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,MAAMA,UAAAA,CAAM,MAAA;AAAA,MACV,CAAC,SAAA,EAAW,UAAA,EAAY,YAAA,EAAc,MAAA,EAAQ,UAAU,aAAa,CAAA;AAAA,MACrE;AAAA,QACE,KAAA,EAAO,MAAA;AAAA,QACP,QAAA,EAAU,IAAA;AAAA,QACV,YAAA,EAAc,YAAA;AAAA,QACd,WAAA,EAAa,6DAAA;AAAA,QACb,KAAA,EAAO;AAAA;AACT,KACF;AAAA;AAAA,IAGA,oBAAA,EAAsBA,UAAAA,CAAM,MAAA,CAAO,gBAAA,EAAkB;AAAA,MACnD,KAAA,EAAO,mBAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,yDAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,eAAA,EAAiBA,UAAAA,CAAM,MAAA,CAAO,kBAAA,EAAoB;AAAA,MAChD,KAAA,EAAO,cAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa,eAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA;AAAA,IAGD,eAAA,EAAiBA,UAAAA,CAAM,MAAA,CAAO,UAAA,EAAY;AAAA,MACxC,KAAA,EAAO,iBAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,8DAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA;AAAA,IAGD,MAAA,EAAQA,WAAM,OAAA,CAAQ;AAAA,MACpB,KAAA,EAAO,QAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,YAAA,EAAc,IAAA;AAAA,MACd,WAAA,EAAa,wDAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,cAAA,EAAgBA,WAAM,QAAA,CAAS;AAAA,MAC7B,KAAA,EAAO,gBAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,uDAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,YAAA,EAAcA,WAAM,QAAA,CAAS;AAAA,MAC3B,KAAA,EAAO,cAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,+CAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,YAAA,EAAcA,WAAM,IAAA,CAAK;AAAA,MACvB,KAAA,EAAO,oBAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,SAAA,EAAW,GAAA;AAAA,MACX,WAAA,EAAa,wDAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA;AAAA,IAGD,EAAA,EAAIA,WAAM,IAAA,CAAK;AAAA,MACb,KAAA,EAAO,eAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR;AAAA,GACH;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,EAAE,MAAA,EAAQ,CAAC,iBAAiB,CAAA,EAAE;AAAA,IAC9B,EAAE,MAAA,EAAQ,CAAC,sBAAsB,CAAA,EAAE;AAAA,IACnC,EAAE,MAAA,EAAQ,CAAC,QAAQ,iBAAiB,CAAA,EAAG,QAAQ,IAAA,EAAK;AAAA,IACpD,EAAE,MAAA,EAAQ,CAAC,QAAQ,CAAA;AAAE,GACvB;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,YAAA,EAAc,IAAA;AAAA,IACd,UAAA,EAAY,IAAA;AAAA,IACZ,UAAA,EAAY,IAAA;AAAA,IACZ,YAAY,CAAC,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,UAAU,QAAQ,CAAA;AAAA,IACxD,KAAA,EAAO,IAAA;AAAA,IACP,GAAA,EAAK;AAAA;AAET,CAAC;ACtLM,IAAM,mBAAA,GAAsBD,kBAAa,MAAA,CAAO;AAAA,EACrD,IAAA,EAAM,uBAAA;AAAA,EACN,KAAA,EAAO,mBAAA;AAAA,EACP,WAAA,EAAa,oBAAA;AAAA,EACb,IAAA,EAAM,UAAA;AAAA,EACN,QAAA,EAAU,IAAA;AAAA,EACV,SAAA,EAAW,UAAA;AAAA,EACX,WAAA,EAAa,yEAAA;AAAA,EACb,WAAA,EAAa,8BAAA;AAAA,EACb,aAAA,EAAe,CAAC,SAAA,EAAW,eAAA,EAAiB,sBAAsB,YAAY,CAAA;AAAA,EAE9E,MAAA,EAAQ;AAAA,IACN,EAAA,EAAIC,WAAM,IAAA,CAAK;AAAA,MACb,KAAA,EAAO,WAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,aAAA,EAAeA,UAAAA,CAAM,MAAA,CAAO,gBAAA,EAAkB;AAAA,MAC5C,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,OAAA,EAASA,UAAAA,CAAM,MAAA,CAAO,UAAA,EAAY;AAAA,MAChC,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,oBAAoBA,UAAAA,CAAM,MAAA;AAAA,MACxB,CAAC,QAAA,EAAU,MAAA,EAAQ,QAAQ,CAAA;AAAA,MAC3B;AAAA,QACE,KAAA,EAAO,oBAAA;AAAA,QACP,QAAA,EAAU,KAAA;AAAA,QACV,YAAA,EAAc,QAAA;AAAA,QACd,WAAA,EAAa,wFAAA;AAAA,QACb,KAAA,EAAO;AAAA;AACT,KACF;AAAA,IAEA,UAAA,EAAYA,WAAM,OAAA,CAAQ;AAAA,MACxB,KAAA,EAAO,oBAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,YAAA,EAAc,IAAA;AAAA,MACd,WAAA,EAAa,uFAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,cAAA,EAAgBA,WAAM,QAAA,CAAS;AAAA,MAC7B,KAAA,EAAO,gBAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,YAAA,EAAcA,WAAM,QAAA,CAAS;AAAA,MAC3B,KAAA,EAAO,cAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR;AAAA,GACH;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,EAAE,MAAA,EAAQ,CAAC,iBAAiB,SAAS,CAAA,EAAG,QAAQ,IAAA,EAAK;AAAA,IACrD,EAAE,MAAA,EAAQ,CAAC,SAAS,CAAA,EAAE;AAAA,IACtB,EAAE,MAAA,EAAQ,CAAC,YAAY,CAAA;AAAE,GAC3B;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,YAAA,EAAc,IAAA;AAAA,IACd,UAAA,EAAY,IAAA;AAAA,IACZ,UAAA,EAAY,IAAA;AAAA,IACZ,YAAY,CAAC,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,UAAU,QAAQ,CAAA;AAAA,IACxD,KAAA,EAAO,IAAA;AAAA,IACP,GAAA,EAAK;AAAA;AAET,CAAC;AC5FM,IAAM,SAAA,GAAYD,kBAAa,MAAA,CAAO;AAAA,EAC3C,IAAA,EAAM,aAAA;AAAA,EACN,KAAA,EAAO,SAAA;AAAA,EACP,WAAA,EAAa,UAAA;AAAA,EACb,IAAA,EAAM,WAAA;AAAA,EACN,QAAA,EAAU,IAAA;AAAA,EACV,SAAA,EAAW,aAAA;AAAA;AAAA;AAAA;AAAA,EAIX,UAAA,EAAY;AAAA,IACV,IAAA,EAAM,MAAA;AAAA,IACN,MAAA,EAAQ,4DAAA;AAAA,IACR,OAAA,EAAS;AAAA,GACX;AAAA,EACA,WAAA,EAAa,kCAAA;AAAA,EACb,gBAAA,EAAkB,MAAA;AAAA,EAClB,WAAA,EAAa,QAAA;AAAA,EACb,eAAe,CAAC,MAAA,EAAQ,QAAA,EAAU,SAAA,EAAW,cAAc,SAAS,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAMpE,OAAA,EAAS;AAAA,IACP;AAAA,MACE,IAAA,EAAM,gBAAA;AAAA,MACN,KAAA,EAAO,gBAAA;AAAA,MACP,IAAA,EAAM,YAAA;AAAA,MACN,OAAA,EAAS,QAAA;AAAA,MACT,IAAA,EAAM,QAAA;AAAA,MACN,SAAA,EAAW,CAAC,WAAW,CAAA;AAAA,MACvB,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,OAAA;AAAA,MACR,MAAA,EAAQ,+BAAA;AAAA,MACR,SAAA,EAAW,EAAE,OAAA,EAAS,IAAA,EAAK;AAAA,MAC3B,WAAA,EAAa,yEAAA;AAAA,MACb,cAAA,EAAgB,iBAAA;AAAA,MAChB,YAAA,EAAc;AAAA,KAChB;AAAA,IACA;AAAA,MACE,IAAA,EAAM,iBAAA;AAAA,MACN,KAAA,EAAO,iBAAA;AAAA,MACP,IAAA,EAAM,cAAA;AAAA,MACN,OAAA,EAAS,WAAA;AAAA,MACT,IAAA,EAAM,QAAA;AAAA,MACN,SAAA,EAAW,CAAC,WAAW,CAAA;AAAA,MACvB,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,OAAA;AAAA,MACR,MAAA,EAAQ,+BAAA;AAAA,MACR,SAAA,EAAW,EAAE,OAAA,EAAS,KAAA,EAAM;AAAA,MAC5B,WAAA,EAAa,oFAAA;AAAA,MACb,cAAA,EAAgB,kBAAA;AAAA,MAChB,YAAA,EAAc;AAAA;AAChB,GACF;AAAA,EAEA,SAAA,EAAW;AAAA,IACT,IAAA,EAAM;AAAA,MACJ,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,MAAA;AAAA,MACN,KAAA,EAAO,SAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,aAAA,EAAc;AAAA,MAClD,SAAS,CAAC,MAAA,EAAQ,QAAA,EAAU,YAAA,EAAc,gBAAgB,SAAS,CAAA;AAAA,MACnE,MAAA,EAAQ;AAAA,QACN,EAAE,KAAA,EAAO,SAAA,EAAW,QAAA,EAAU,QAAA,EAAU,OAAO,mBAAA;AAAoB,OACrE;AAAA,MACA,MAAM,CAAC,EAAE,OAAO,YAAA,EAAc,KAAA,EAAO,QAAQ,CAAA;AAAA,MAC7C,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG,KAC7B;AAAA,IACA,MAAA,EAAQ;AAAA,MACN,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,QAAA;AAAA,MACN,KAAA,EAAO,QAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,aAAA,EAAc;AAAA,MAClD,SAAS,CAAC,MAAA,EAAQ,QAAA,EAAU,SAAA,EAAW,cAAc,cAAc,CAAA;AAAA,MACnE,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,WAAW,QAAA,EAAU,QAAA,EAAU,KAAA,EAAO,KAAA,EAAO,CAAA;AAAA,MAC/D,MAAM,CAAC,EAAE,OAAO,cAAA,EAAgB,KAAA,EAAO,QAAQ,CAAA;AAAA,MAC/C,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG,KAC7B;AAAA,IACA,OAAA,EAAS;AAAA,MACP,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,SAAA;AAAA,MACN,KAAA,EAAO,SAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,aAAA,EAAc;AAAA,MAClD,SAAS,CAAC,MAAA,EAAQ,QAAA,EAAU,SAAA,EAAW,cAAc,YAAY,CAAA;AAAA,MACjE,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,WAAW,QAAA,EAAU,QAAA,EAAU,KAAA,EAAO,IAAA,EAAM,CAAA;AAAA,MAC9D,MAAM,CAAC,EAAE,OAAO,YAAA,EAAc,KAAA,EAAO,QAAQ,CAAA;AAAA,MAC7C,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG,KAC7B;AAAA,IACA,QAAA,EAAU;AAAA,MACR,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,UAAA;AAAA,MACN,KAAA,EAAO,KAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,aAAA,EAAc;AAAA,MAClD,SAAS,CAAC,MAAA,EAAQ,UAAU,SAAA,EAAW,YAAA,EAAc,gBAAgB,SAAS,CAAA;AAAA,MAC9E,MAAM,CAAC,EAAE,OAAO,YAAA,EAAc,KAAA,EAAO,QAAQ,CAAA;AAAA,MAC7C,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG;AAC7B,GACF;AAAA,EAEA,MAAA,EAAQ;AAAA;AAAA,IAEN,IAAA,EAAMC,WAAM,IAAA,CAAK;AAAA,MACf,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,UAAA,EAAY,IAAA;AAAA,MACZ,SAAA,EAAW,GAAA;AAAA,MACX,WAAA,EAAa,sCAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,MAAA,EAAQA,WAAM,IAAA,CAAK;AAAA,MACjB,KAAA,EAAO,QAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,SAAA,EAAW,EAAA;AAAA,MACX,WAAA,EAAa,uDAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,OAAA,EAASA,UAAAA,CAAM,MAAA,CAAO,UAAA,EAAY;AAAA,MAChC,KAAA,EAAO,OAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa,4BAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA;AAAA,IAGD,MAAA,EAAQA,WAAM,QAAA,CAAS;AAAA,MACrB,KAAA,EAAO,QAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,iCAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA;AAAA,IAGD,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,YAAA,EAAcA,WAAM,QAAA,CAAS;AAAA,MAC3B,KAAA,EAAO,cAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa,wCAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,OAAA,EAASA,WAAM,OAAA,CAAQ;AAAA,MACrB,KAAA,EAAO,SAAA;AAAA,MACP,YAAA,EAAc,KAAA;AAAA,MACd,KAAA,EAAO;AAAA,KACR,CAAA;AAAA;AAAA,IAGD,GAAA,EAAKA,WAAM,IAAA,CAAK;AAAA,MACd,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,MAAA,EAAQ,IAAA;AAAA,MACR,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa,sDAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA;AAAA,IAGD,EAAA,EAAIA,WAAM,IAAA,CAAK;AAAA,MACb,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR;AAAA,GACH;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,EAAE,MAAA,EAAQ,CAAC,KAAK,CAAA,EAAG,QAAQ,IAAA,EAAK;AAAA,IAChC,EAAE,MAAA,EAAQ,CAAC,SAAS,CAAA,EAAE;AAAA,IACtB,EAAE,MAAA,EAAQ,CAAC,QAAQ,CAAA,EAAE;AAAA,IACrB,EAAE,MAAA,EAAQ,CAAC,SAAS,CAAA;AAAE,GACxB;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,YAAA,EAAc,IAAA;AAAA,IACd,UAAA,EAAY,KAAA;AAAA,IACZ,UAAA,EAAY,IAAA;AAAA,IACZ,YAAY,CAAC,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,UAAU,QAAQ,CAAA;AAAA,IACxD,KAAA,EAAO,KAAA;AAAA,IACP,GAAA,EAAK;AAAA;AAET,CAAC;AC/MM,IAAM,YAAA,GAAeD,kBAAa,MAAA,CAAO;AAAA,EAC9C,IAAA,EAAM,gBAAA;AAAA,EACN,KAAA,EAAO,YAAA;AAAA,EACP,WAAA,EAAa,wBAAA;AAAA,EACb,IAAA,EAAM,YAAA;AAAA,EACN,QAAA,EAAU,IAAA;AAAA,EACV,SAAA,EAAW,aAAA;AAAA;AAAA;AAAA;AAAA,EAIX,UAAA,EAAY;AAAA,IACV,IAAA,EAAM,MAAA;AAAA,IACN,MAAA,EAAQ,4DAAA;AAAA,IACR,OAAA,EAAS;AAAA,GACX;AAAA,EACA,WAAA,EAAa,uCAAA;AAAA,EACb,WAAA,EAAa,0BAAA;AAAA,EACb,aAAA,EAAe,CAAC,SAAA,EAAW,YAAY,CAAA;AAAA,EAEvC,SAAA,EAAW;AAAA,IACT,IAAA,EAAM;AAAA,MACJ,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,MAAA;AAAA,MACN,KAAA,EAAO,eAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,gBAAA,EAAiB;AAAA,MACrD,OAAA,EAAS,CAAC,YAAA,EAAc,YAAY,CAAA;AAAA,MACpC,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,WAAW,QAAA,EAAU,QAAA,EAAU,KAAA,EAAO,mBAAA,EAAqB,CAAA;AAAA,MAC7E,MAAM,CAAC,EAAE,OAAO,YAAA,EAAc,KAAA,EAAO,QAAQ,CAAA;AAAA,MAC7C,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG,KAC7B;AAAA,IACA,eAAA,EAAiB;AAAA,MACf,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,iBAAA;AAAA,MACN,KAAA,EAAO,KAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,gBAAA,EAAiB;AAAA,MACrD,OAAA,EAAS,CAAC,SAAA,EAAW,YAAA,EAAc,YAAY,CAAA;AAAA,MAC/C,MAAM,CAAC,EAAE,OAAO,YAAA,EAAc,KAAA,EAAO,QAAQ,CAAA;AAAA,MAC7C,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG;AAC7B,GACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,OAAA,EAAS;AAAA,IACP;AAAA,MACE,IAAA,EAAM,mBAAA;AAAA,MACN,KAAA,EAAO,YAAA;AAAA,MACP,IAAA,EAAM,cAAA;AAAA,MACN,OAAA,EAAS,SAAA;AAAA,MACT,SAAA,EAAW,CAAC,cAAc,CAAA;AAAA,MAC1B,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,gCAAA;AAAA,MACR,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,MAAM,UAAA,EAAY,KAAA,EAAO,oBAAoB,IAAA,EAAM,MAAA,EAAQ,UAAU,IAAA;AAAK,OAC9E;AAAA,MACA,YAAA,EAAc;AAAA,QACZ,KAAA,EAAO,mCAAA;AAAA,QACP,WAAA,EAAa,gIAAA;AAAA,QACb,WAAA,EAAa,8BAAA;AAAA,QACb,MAAA,EAAQ;AAAA,UACN,EAAE,IAAA,EAAM,SAAA,EAAW,KAAA,EAAO,mBAAA,EAAqB,QAAQ,QAAA,EAAS;AAAA,UAChE,EAAE,IAAA,EAAM,aAAA,EAAe,KAAA,EAAO,cAAA,EAAgB,QAAQ,WAAA;AAAY;AACpE;AACF,KACF;AAAA,IACA;AAAA,MACE,IAAA,EAAM,oBAAA;AAAA,MACN,KAAA,EAAO,aAAA;AAAA,MACP,IAAA,EAAM,YAAA;AAAA,MACN,OAAA,EAAS,QAAA;AAAA,MACT,SAAA,EAAW,CAAC,cAAc,CAAA;AAAA,MAC1B,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,iCAAA;AAAA,MACR,WAAA,EAAa,oDAAA;AAAA,MACb,cAAA,EAAgB,cAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,MAAM,UAAA,EAAY,KAAA,EAAO,oBAAoB,IAAA,EAAM,MAAA,EAAQ,UAAU,IAAA;AAAK;AAC9E,KACF;AAAA,IACA;AAAA,MACE,IAAA,EAAM,yBAAA;AAAA,MACN,KAAA,EAAO,yBAAA;AAAA,MACP,IAAA,EAAM,YAAA;AAAA,MACN,OAAA,EAAS,WAAA;AAAA,MACT,SAAA,EAAW,CAAC,cAAA,EAAgB,WAAW,CAAA;AAAA,MACvC,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,+CAAA;AAAA,MACR,WAAA,EAAa,mFAAA;AAAA,MACb,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,MAAM,UAAA,EAAY,KAAA,EAAO,oBAAoB,IAAA,EAAM,MAAA,EAAQ,UAAU,IAAA;AAAK,OAC9E;AAAA,MACA,YAAA,EAAc;AAAA,QACZ,KAAA,EAAO,4BAAA;AAAA,QACP,WAAA,EAAa,6GAAA;AAAA,QACb,WAAA,EAAa,4BAAA;AAAA,QACb,MAAA,EAAQ;AAAA,UACN,EAAE,IAAA,EAAM,aAAA,EAAe,KAAA,EAAO,cAAA,EAAgB,QAAQ,WAAA;AAAY;AACpE;AACF;AACF,GACF;AAAA,EAGA,MAAA,EAAQ;AAAA,IACN,EAAA,EAAIC,WAAM,IAAA,CAAK;AAAA,MACb,KAAA,EAAO,eAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,OAAA,EAASA,UAAAA,CAAM,MAAA,CAAO,UAAA,EAAY;AAAA,MAChC,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,MAAA,EAAQA,WAAM,IAAA,CAAK;AAAA,MACjB,KAAA,EAAO,QAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,YAAA,EAAcA,WAAM,QAAA,CAAS;AAAA,MAC3B,KAAA,EAAO,cAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,QAAA,EAAUA,WAAM,OAAA,CAAQ;AAAA,MACtB,KAAA,EAAO,UAAA;AAAA,MACP,YAAA,EAAc,IAAA;AAAA,MACd,WAAA,EAAa;AAAA,KACd;AAAA,GACH;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,EAAE,MAAA,EAAQ,CAAC,SAAS,CAAA,EAAG,QAAQ,IAAA;AAAK,GACtC;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,YAAA,EAAc,KAAA;AAAA,IACd,UAAA,EAAY,KAAA;AAAA,IACZ,UAAA,EAAY,IAAA;AAAA,IACZ,UAAA,EAAY,CAAC,KAAA,EAAO,QAAA,EAAU,UAAU,QAAQ,CAAA;AAAA,IAChD,KAAA,EAAO,KAAA;AAAA,IACP,GAAA,EAAK;AAAA;AAET,CAAC;AC5JM,IAAM,aAAA,GAAgBD,kBAAa,MAAA,CAAO;AAAA,EAC/C,IAAA,EAAM,iBAAA;AAAA,EACN,KAAA,EAAO,aAAA;AAAA,EACP,WAAA,EAAa,cAAA;AAAA,EACb,IAAA,EAAM,WAAA;AAAA,EACN,QAAA,EAAU,IAAA;AAAA,EACV,SAAA,EAAW,aAAA;AAAA;AAAA;AAAA;AAAA,EAIX,UAAA,EAAY;AAAA,IACV,IAAA,EAAM,MAAA;AAAA,IACN,MAAA,EAAQ,4DAAA;AAAA,IACR,OAAA,EAAS;AAAA,GACX;AAAA,EACA,WAAA,EAAa,kEAAA;AAAA,EACb,WAAA,EAAa,aAAA;AAAA,EACb,aAAA,EAAe,CAAC,WAAA,EAAa,QAAA,EAAU,aAAa,YAAY,CAAA;AAAA,EAEhE,MAAA,EAAQ;AAAA,IACN,EAAA,EAAIC,WAAM,IAAA,CAAK;AAAA,MACb,KAAA,EAAO,gBAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU;AAAA,KACX,CAAA;AAAA;AAAA,IAGD,WAAA,EAAaA,WAAM,IAAA,CAAK;AAAA,MACtB,KAAA,EAAO,aAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA;AAAA,IAGD,SAAA,EAAWA,WAAM,IAAA,CAAK;AAAA,MACpB,KAAA,EAAO,WAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA;AAAA,IAGD,OAAA,EAASA,UAAAA,CAAM,MAAA,CAAO,UAAA,EAAY;AAAA,MAChC,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA;AAAA,IAGD,MAAA,EAAQA,WAAM,IAAA,CAAK;AAAA,MACjB,KAAA,EAAO,QAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,cAAA,EAAgBA,WAAM,QAAA,CAAS;AAAA,MAC7B,KAAA,EAAO,gBAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,gBAAA,EAAkBA,WAAM,MAAA,CAAO;AAAA,MAC7B,KAAA,EAAO,uBAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,SAAA,EAAWA,WAAM,IAAA,CAAK;AAAA,MACpB,KAAA,EAAO,WAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,KAAA,EAAOA,WAAM,IAAA,CAAK;AAAA,MAChB,KAAA,EAAO,OAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd;AAAA,GACH;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,EAAE,MAAA,EAAQ,CAAC,aAAa,CAAA,EAAG,QAAQ,IAAA,EAAK;AAAA,IACxC,EAAE,MAAA,EAAQ,CAAC,WAAW,CAAA,EAAG,QAAQ,IAAA,EAAK;AAAA,IACtC,EAAE,MAAA,EAAQ,CAAC,QAAQ,CAAA,EAAG,QAAQ,KAAA;AAAM,GACtC;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,YAAA,EAAc,KAAA;AAAA,IACd,UAAA,EAAY,KAAA;AAAA,IACZ,UAAA,EAAY,IAAA;AAAA,IACZ,UAAA,EAAY,CAAC,KAAA,EAAO,QAAA,EAAU,UAAU,QAAQ,CAAA;AAAA,IAChD,KAAA,EAAO,KAAA;AAAA,IACP,GAAA,EAAK;AAAA;AAET,CAAC;AClHM,IAAM,iBAAA,GAAoBD,kBAAa,MAAA,CAAO;AAAA,EACnD,IAAA,EAAM,qBAAA;AAAA,EACN,KAAA,EAAO,iBAAA;AAAA,EACP,WAAA,EAAa,kBAAA;AAAA,EACb,IAAA,EAAM,UAAA;AAAA,EACN,QAAA,EAAU,IAAA;AAAA;AAAA;AAAA;AAAA,EAIV,SAAA,EAAW,QAAA;AAAA,EACX,WAAA,EAAa,sDAAA;AAAA,EACb,WAAA,EAAa,OAAA;AAAA,EACb,aAAA,EAAe,CAAC,SAAA,EAAW,KAAK,CAAA;AAAA,EAEhC,SAAA,EAAW;AAAA,IACT,IAAA,EAAM;AAAA,MACJ,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,MAAA;AAAA,MACN,KAAA,EAAO,gBAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,qBAAA,EAAsB;AAAA,MAC1D,OAAA,EAAS,CAAC,KAAA,EAAO,YAAY,CAAA;AAAA,MAC7B,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,WAAW,QAAA,EAAU,QAAA,EAAU,KAAA,EAAO,mBAAA,EAAqB,CAAA;AAAA,MAC7E,MAAM,CAAC,EAAE,OAAO,KAAA,EAAO,KAAA,EAAO,OAAO,CAAA;AAAA,MACrC,UAAA,EAAY,EAAE,QAAA,EAAU,GAAA;AAAI,KAC9B;AAAA,IACA,OAAA,EAAS;AAAA,MACP,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,SAAA;AAAA,MACN,KAAA,EAAO,SAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,qBAAA,EAAsB;AAAA,MAC1D,OAAA,EAAS,CAAC,SAAA,EAAW,KAAA,EAAO,YAAY,CAAA;AAAA,MACxC,IAAA,EAAM,CAAC,EAAE,KAAA,EAAO,SAAA,EAAW,KAAA,EAAO,KAAA,EAAM,EAAG,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAO,OAAO,CAAA;AAAA,MACzE,QAAA,EAAU,EAAE,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,SAAA,EAAW,KAAA,EAAO,KAAA,EAAO,SAAA,EAAW,IAAA,EAAM,CAAA,EAAE;AAAA,MAC1E,UAAA,EAAY,EAAE,QAAA,EAAU,GAAA;AAAI,KAC9B;AAAA,IACA,eAAA,EAAiB;AAAA,MACf,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,iBAAA;AAAA,MACN,KAAA,EAAO,KAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,qBAAA,EAAsB;AAAA,MAC1D,OAAA,EAAS,CAAC,SAAA,EAAW,KAAA,EAAO,cAAc,YAAY,CAAA;AAAA,MACtD,MAAM,CAAC,EAAE,OAAO,YAAA,EAAc,KAAA,EAAO,QAAQ,CAAA;AAAA,MAC7C,UAAA,EAAY,EAAE,QAAA,EAAU,GAAA;AAAI;AAC9B,GACF;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,EAAA,EAAIC,WAAM,IAAA,CAAK;AAAA,MACb,KAAA,EAAO,eAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,OAAA,EAASA,UAAAA,CAAM,MAAA,CAAO,UAAA,EAAY;AAAA,MAChC,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,GAAA,EAAKA,WAAM,IAAA,CAAK;AAAA,MACd,KAAA,EAAO,KAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,SAAA,EAAW,GAAA;AAAA,MACX,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,KAAA,EAAOA,WAAM,IAAA,CAAK;AAAA,MAChB,KAAA,EAAO,OAAA;AAAA,MACP,WAAA,EAAa;AAAA,KACd;AAAA,GACH;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,EAAE,MAAA,EAAQ,CAAC,WAAW,KAAK,CAAA,EAAG,QAAQ,IAAA,EAAK;AAAA,IAC3C,EAAE,MAAA,EAAQ,CAAC,SAAS,CAAA,EAAG,QAAQ,KAAA;AAAM,GACvC;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,YAAA,EAAc,KAAA;AAAA,IACd,UAAA,EAAY,KAAA;AAAA,IACZ,UAAA,EAAY,IAAA;AAAA,IACZ,YAAY,CAAC,KAAA,EAAO,MAAA,EAAQ,QAAA,EAAU,UAAU,QAAQ,CAAA;AAAA,IACxD,KAAA,EAAO,KAAA;AAAA,IACP,GAAA,EAAK;AAAA;AAET,CAAC;AChGM,IAAM,mBAAA,GAAsBD,kBAAa,MAAA,CAAO;AAAA,EACrD,IAAA,EAAM,uBAAA;AAAA,EACN,KAAA,EAAO,mBAAA;AAAA,EACP,WAAA,EAAa,oBAAA;AAAA,EACb,IAAA,EAAM,WAAA;AAAA,EACN,QAAA,EAAU,IAAA;AAAA,EACV,SAAA,EAAW,aAAA;AAAA;AAAA;AAAA;AAAA,EAIX,UAAA,EAAY;AAAA,IACV,IAAA,EAAM,MAAA;AAAA,IACN,MAAA,EAAQ,4DAAA;AAAA,IACR,OAAA,EAAS;AAAA,GACX;AAAA,EACA,WAAA,EAAa,2CAAA;AAAA,EACb,gBAAA,EAAkB,MAAA;AAAA,EAClB,WAAA,EAAa,QAAA;AAAA,EACb,aAAA,EAAe,CAAC,MAAA,EAAQ,WAAA,EAAa,QAAQ,UAAU,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAkBvD,OAAA,EAAS;AAAA,IACP;AAAA,MACE,IAAA,EAAM,2BAAA;AAAA,MACN,KAAA,EAAO,2BAAA;AAAA,MACP,IAAA,EAAM,cAAA;AAAA,MACN,OAAA,EAAS,WAAA;AAAA,MACT,IAAA,EAAM,QAAA;AAAA,MACN,SAAA,EAAW,CAAC,WAAA,EAAa,eAAe,CAAA;AAAA,MACxC,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,MAAA;AAAA,MACR,MAAA,EAAQ,2CAAA;AAAA,MACR,WAAA,EAAa,gNAAA;AAAA,MACb,cAAA,EAAgB,4BAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,OAAA,EAAS,kBAAA;AAAA,MACT,SAAA,EAAW,EAAE,QAAA,EAAU,IAAA,EAAK;AAAA,MAC5B,MAAA,EAAQ;AAAA,QACN,EAAE,MAAM,WAAA,EAAa,KAAA,EAAO,aAAa,cAAA,EAAgB,IAAA,EAAM,UAAU,IAAA;AAAK;AAChF,KACF;AAAA,IACA;AAAA,MACE,IAAA,EAAM,0BAAA;AAAA,MACN,KAAA,EAAO,0BAAA;AAAA,MACP,IAAA,EAAM,aAAA;AAAA,MACN,OAAA,EAAS,SAAA;AAAA,MACT,IAAA,EAAM,QAAA;AAAA,MACN,SAAA,EAAW,CAAC,WAAA,EAAa,eAAe,CAAA;AAAA,MACxC,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,MAAA;AAAA,MACR,MAAA,EAAQ,2CAAA;AAAA,MACR,WAAA,EAAa,6GAAA;AAAA,MACb,cAAA,EAAgB,2BAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,OAAA,EAAS,iBAAA;AAAA,MACT,SAAA,EAAW,EAAE,QAAA,EAAU,KAAA,EAAM;AAAA,MAC7B,MAAA,EAAQ;AAAA,QACN,EAAE,MAAM,WAAA,EAAa,KAAA,EAAO,aAAa,cAAA,EAAgB,IAAA,EAAM,UAAU,IAAA;AAAK;AAChF,KACF;AAAA,IACA;AAAA,MACE,IAAA,EAAM,0BAAA;AAAA,MACN,KAAA,EAAO,4BAAA;AAAA,MACP,IAAA,EAAM,aAAA;AAAA,MACN,OAAA,EAAS,SAAA;AAAA,MACT,IAAA,EAAM,QAAA;AAAA,MACN,SAAA,EAAW,CAAC,cAAc,CAAA;AAAA,MAC1B,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,MAAA;AAAA,MACR,MAAA,EAAQ,6CAAA;AAAA,MACR,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,MAAM,MAAA,EAAQ,KAAA,EAAO,oBAAoB,IAAA,EAAM,MAAA,EAAQ,UAAU,IAAA,EAAK;AAAA,QACxE,EAAE,IAAA,EAAM,cAAA,EAAgB,KAAA,EAAO,eAAA,EAAiB,MAAM,UAAA,EAAY,QAAA,EAAU,IAAA,EAAM,QAAA,EAAU,oDAAA,EAAqD;AAAA,QACjJ,EAAE,IAAA,EAAM,MAAA,EAAQ,KAAA,EAAO,kBAAA,EAAoB,IAAA,EAAM,QAAA,EAAU,QAAA,EAAU,IAAA,EAAM,YAAA,EAAc,KAAA,EAAO,OAAA,EAAS;AAAA,UACvG,EAAE,KAAA,EAAO,KAAA,EAAO,KAAA,EAAO,KAAA,EAAM;AAAA,UAC7B,EAAE,KAAA,EAAO,QAAA,EAAU,KAAA,EAAO,QAAA,EAAS;AAAA,UACnC,EAAE,KAAA,EAAO,kBAAA,EAAoB,KAAA,EAAO,kBAAA,EAAmB;AAAA,UACvD,EAAE,KAAA,EAAO,QAAA,EAAU,KAAA,EAAO,QAAA;AAAS,SACrC;AAAE,OACJ;AAAA,MACA,YAAA,EAAc;AAAA,QACZ,KAAA,EAAO,8BAAA;AAAA,QACP,WAAA,EAAa,uHAAA;AAAA,QACb,WAAA,EAAa,gCAAA;AAAA,QACb,MAAA,EAAQ;AAAA,UACN,EAAE,IAAA,EAAM,kBAAA,EAAoB,KAAA,EAAO,WAAA,EAAa,QAAQ,MAAA,EAAO;AAAA,UAC/D,EAAE,IAAA,EAAM,sBAAA,EAAwB,KAAA,EAAO,eAAA,EAAiB,QAAQ,QAAA;AAAS;AAC3E;AACF,KACF;AAAA,IACA;AAAA,MACE,IAAA,EAAM,sBAAA;AAAA,MACN,KAAA,EAAO,sBAAA;AAAA,MACP,IAAA,EAAM,YAAA;AAAA,MACN,OAAA,EAAS,WAAA;AAAA,MACT,IAAA,EAAM,QAAA;AAAA,MACN,SAAA,EAAW,CAAC,WAAA,EAAa,eAAe,CAAA;AAAA,MACxC,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,MAAA;AAAA,MACR,MAAA,EAAQ,0CAAA;AAAA,MACR,WAAA,EAAa,8MAAA;AAAA,MACb,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,MAAM,WAAA,EAAa,KAAA,EAAO,aAAa,cAAA,EAAgB,IAAA,EAAM,UAAU,IAAA;AAAK,OAChF;AAAA,MACA,YAAA,EAAc;AAAA,QACZ,KAAA,EAAO,uBAAA;AAAA,QACP,WAAA,EAAa,gIAAA;AAAA,QACb,WAAA,EAAa,gCAAA;AAAA,QACb,MAAA,EAAQ;AAAA,UACN,EAAE,IAAA,EAAM,eAAA,EAAiB,KAAA,EAAO,mBAAA,EAAqB,QAAQ,QAAA;AAAS;AACxE;AACF,KACF;AAAA,IACA;AAAA,MACE,IAAA,EAAM,0BAAA;AAAA,MACN,KAAA,EAAO,0BAAA;AAAA,MACP,IAAA,EAAM,SAAA;AAAA,MACN,OAAA,EAAS,QAAA;AAAA,MACT,IAAA,EAAM,QAAA;AAAA,MACN,SAAA,EAAW,CAAC,WAAA,EAAa,eAAe,CAAA;AAAA,MACxC,IAAA,EAAM,KAAA;AAAA,MACN,MAAA,EAAQ,MAAA;AAAA,MACR,MAAA,EAAQ,mCAAA;AAAA,MACR,WAAA,EAAa,2LAAA;AAAA,MACb,cAAA,EAAgB,2BAAA;AAAA,MAChB,YAAA,EAAc,IAAA;AAAA,MACd,MAAA,EAAQ;AAAA,QACN,EAAE,MAAM,WAAA,EAAa,KAAA,EAAO,aAAa,cAAA,EAAgB,IAAA,EAAM,UAAU,IAAA;AAAK;AAChF;AACF,GACF;AAAA,EAEA,SAAA,EAAW;AAAA,IACT,IAAA,EAAM;AAAA,MACJ,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,MAAA;AAAA,MACN,KAAA,EAAO,iBAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,uBAAA,EAAwB;AAAA,MAC5D,SAAS,CAAC,MAAA,EAAQ,WAAA,EAAa,MAAA,EAAQ,YAAY,YAAY,CAAA;AAAA;AAAA;AAAA;AAAA;AAAA,MAK/D,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,WAAW,QAAA,EAAU,QAAA,EAAU,KAAA,EAAO,mBAAA,EAAqB,CAAA;AAAA,MAC7E,MAAM,CAAC,EAAE,OAAO,YAAA,EAAc,KAAA,EAAO,QAAQ,CAAA;AAAA,MAC7C,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG,KAC7B;AAAA,IACA,MAAA,EAAQ;AAAA,MACN,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,QAAA;AAAA,MACN,KAAA,EAAO,QAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,uBAAA,EAAwB;AAAA,MAC5D,OAAA,EAAS,CAAC,MAAA,EAAQ,WAAA,EAAa,QAAQ,YAAY,CAAA;AAAA,MACnD,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,YAAY,QAAA,EAAU,QAAA,EAAU,KAAA,EAAO,KAAA,EAAO,CAAA;AAAA,MAChE,MAAM,CAAC,EAAE,OAAO,MAAA,EAAQ,KAAA,EAAO,OAAO,CAAA;AAAA,MACtC,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG,KAC7B;AAAA,IACA,aAAA,EAAe;AAAA,MACb,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,eAAA;AAAA,MACN,KAAA,EAAO,UAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,uBAAA,EAAwB;AAAA,MAC5D,OAAA,EAAS,CAAC,MAAA,EAAQ,WAAA,EAAa,QAAQ,YAAY,CAAA;AAAA,MACnD,MAAA,EAAQ,CAAC,EAAE,KAAA,EAAO,YAAY,QAAA,EAAU,QAAA,EAAU,KAAA,EAAO,IAAA,EAAM,CAAA;AAAA,MAC/D,MAAM,CAAC,EAAE,OAAO,YAAA,EAAc,KAAA,EAAO,QAAQ,CAAA;AAAA,MAC7C,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG,KAC7B;AAAA,IACA,QAAA,EAAU;AAAA,MACR,IAAA,EAAM,MAAA;AAAA,MACN,IAAA,EAAM,UAAA;AAAA,MACN,KAAA,EAAO,KAAA;AAAA,MACP,IAAA,EAAM,EAAE,QAAA,EAAU,QAAA,EAAU,QAAQ,uBAAA,EAAwB;AAAA,MAC5D,SAAS,CAAC,MAAA,EAAQ,WAAA,EAAa,MAAA,EAAQ,YAAY,YAAY,CAAA;AAAA,MAC/D,MAAM,CAAC,EAAE,OAAO,MAAA,EAAQ,KAAA,EAAO,OAAO,CAAA;AAAA,MACtC,UAAA,EAAY,EAAE,QAAA,EAAU,EAAA;AAAG;AAC7B,GACF;AAAA,EAEA,MAAA,EAAQ;AAAA;AAAA,IAEN,EAAA,EAAIC,WAAM,IAAA,CAAK;AAAA,MACb,KAAA,EAAO,IAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,IAAA,EAAMA,WAAM,IAAA,CAAK;AAAA,MACf,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,UAAA,EAAY,IAAA;AAAA,MACZ,SAAA,EAAW,GAAA;AAAA,MACX,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,IAAA,EAAMA,WAAM,GAAA,CAAI;AAAA,MACd,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,sCAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,GAAA,EAAKA,WAAM,GAAA,CAAI;AAAA,MACb,KAAA,EAAO,UAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,0CAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,QAAA,EAAUA,WAAM,QAAA,CAAS;AAAA,MACvB,KAAA,EAAO,UAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,iDAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,GAAA,EAAKA,WAAM,GAAA,CAAI;AAAA,MACb,KAAA,EAAO,kBAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,MAAA,EAAQA,WAAM,GAAA,CAAI;AAAA,MAChB,KAAA,EAAO,gBAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,QAAA,EAAUA,WAAM,QAAA,CAAS;AAAA,MACvB,KAAA,EAAO,UAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,sCAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA;AAAA,IAGD,SAAA,EAAWA,WAAM,IAAA,CAAK;AAAA,MACpB,KAAA,EAAO,WAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU,IAAA;AAAA,MACV,SAAA,EAAW,GAAA;AAAA,MACX,WAAA,EAAa,gCAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,aAAA,EAAeA,WAAM,IAAA,CAAK;AAAA,MACxB,KAAA,EAAO,eAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,SAAA,EAAW,IAAA;AAAA,MACX,WAAA,EAAa,gDAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,aAAA,EAAeA,WAAM,QAAA,CAAS;AAAA,MAC5B,KAAA,EAAO,eAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa,+CAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,yBAAA,EAA2BA,WAAM,QAAA,CAAS;AAAA,MACxC,KAAA,EAAO,2BAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,2DAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,IAAA,EAAMA,WAAM,MAAA,CAAO,CAAC,OAAO,QAAA,EAAU,kBAAA,EAAoB,QAAQ,CAAA,EAAG;AAAA,MAClE,KAAA,EAAO,aAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,YAAA,EAAc,KAAA;AAAA,MACd,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,MAAA,EAAQA,WAAM,OAAA,CAAQ;AAAA,MACpB,KAAA,EAAO,eAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,8DAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,YAAA,EAAcA,WAAM,OAAA,CAAQ;AAAA,MAC1B,KAAA,EAAO,cAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,0BAAA,EAA4BA,WAAM,IAAA,CAAK;AAAA,MACrC,KAAA,EAAO,4BAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,SAAA,EAAW,EAAA;AAAA,MACX,WAAA,EAAa,oDAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,WAAA,EAAaA,WAAM,QAAA,CAAS;AAAA,MAC1B,KAAA,EAAO,aAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,6CAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,cAAA,EAAgBA,WAAM,QAAA,CAAS;AAAA,MAC7B,KAAA,EAAO,gBAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,gDAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,MAAA,EAAQA,WAAM,QAAA,CAAS;AAAA,MACrB,KAAA,EAAO,gBAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,uDAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,YAAA,EAAcA,WAAM,IAAA,CAAK;AAAA,MACvB,KAAA,EAAO,cAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,SAAA,EAAW,EAAA;AAAA,MACX,WAAA,EAAa,2CAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA;AAAA,IAGD,QAAA,EAAUA,WAAM,OAAA,CAAQ;AAAA,MACtB,KAAA,EAAO,UAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,YAAA,EAAc,KAAA;AAAA,MACd,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,YAAA,EAAcA,WAAM,OAAA,CAAQ;AAAA,MAC1B,KAAA,EAAO,cAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,yDAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,kBAAA,EAAoBA,WAAM,OAAA,CAAQ;AAAA,MAChC,KAAA,EAAO,oBAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,wDAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA;AAAA,IAGD,WAAA,EAAaA,WAAM,IAAA,CAAK;AAAA,MACtB,KAAA,EAAO,aAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,SAAA,EAAW,GAAA;AAAA,MACX,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,gBAAA,EAAkBA,WAAM,IAAA,CAAK;AAAA,MAC3B,KAAA,EAAO,kBAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,SAAA,EAAW,EAAA;AAAA,MACX,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,kBAAA,EAAoBA,WAAM,QAAA,CAAS;AAAA,MACjC,KAAA,EAAO,oBAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,6DAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA;AAAA,IAGD,OAAA,EAASA,UAAAA,CAAM,MAAA,CAAO,UAAA,EAAY;AAAA,MAChC,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa,sCAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,YAAA,EAAcA,WAAM,IAAA,CAAK;AAAA,MACvB,KAAA,EAAO,cAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,SAAA,EAAW,GAAA;AAAA,MACX,WAAA,EAAa,wCAAA;AAAA,MACb,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU,IAAA;AAAA,MACV,KAAA,EAAO;AAAA,KACR;AAAA,GACH;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,EAAE,MAAA,EAAQ,CAAC,WAAW,CAAA,EAAG,QAAQ,IAAA,EAAK;AAAA,IACtC,EAAE,MAAA,EAAQ,CAAC,SAAS,CAAA,EAAE;AAAA,IACtB,EAAE,MAAA,EAAQ,CAAC,cAAc,CAAA;AAAE,GAC7B;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,YAAA,EAAc,IAAA;AAAA,IACd,UAAA,EAAY,IAAA;AAAA,IACZ,UAAA,EAAY,IAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAMZ,UAAA,EAAY,CAAC,KAAA,EAAO,MAAM,CAAA;AAAA,IAC1B,KAAA,EAAO,KAAA;AAAA,IACP,GAAA,EAAK;AAAA;AAET,CAAC;ACrbM,IAAM,mBAAA,GAAsBD,kBAAa,MAAA,CAAO;AAAA,EACrD,IAAA,EAAM,wBAAA;AAAA,EACN,KAAA,EAAO,oBAAA;AAAA,EACP,WAAA,EAAa,qBAAA;AAAA,EACb,IAAA,EAAM,QAAA;AAAA,EACN,QAAA,EAAU,IAAA;AAAA,EACV,SAAA,EAAW,aAAA;AAAA;AAAA;AAAA;AAAA,EAIX,UAAA,EAAY;AAAA,IACV,IAAA,EAAM,MAAA;AAAA,IACN,MAAA,EAAQ,4DAAA;AAAA,IACR,OAAA,EAAS;AAAA,GACX;AAAA,EACA,WAAA,EAAa,0DAAA;AAAA,EACb,aAAA,EAAe,CAAC,WAAA,EAAa,SAAA,EAAW,YAAY,CAAA;AAAA,EAEpD,MAAA,EAAQ;AAAA,IACN,EAAA,EAAIC,WAAM,IAAA,CAAK;AAAA,MACb,KAAA,EAAO,IAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,KAAA,EAAOA,WAAM,IAAA,CAAK;AAAA,MAChB,KAAA,EAAO,OAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,SAAA,EAAW,IAAA;AAAA,MACX,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,SAAA,EAAWA,WAAM,IAAA,CAAK;AAAA,MACpB,KAAA,EAAO,WAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,UAAA,EAAYA,UAAAA,CAAM,MAAA,CAAO,aAAA,EAAe;AAAA,MACtC,KAAA,EAAO,SAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,OAAA,EAASA,UAAAA,CAAM,MAAA,CAAO,UAAA,EAAY;AAAA,MAChC,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,UAAA,EAAYA,UAAAA,CAAM,MAAA,CAAO,yBAAA,EAA2B;AAAA,MAClD,KAAA,EAAO,eAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,YAAA,EAAcA,WAAM,IAAA,CAAK;AAAA,MACvB,KAAA,EAAO,cAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,SAAA,EAAW,GAAA;AAAA,MACX,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,MAAA,EAAQA,WAAM,QAAA,CAAS;AAAA,MACrB,KAAA,EAAO,QAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU;AAAA,KACX;AAAA,GACH;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,EAAE,MAAA,EAAQ,CAAC,OAAO,CAAA,EAAG,QAAQ,IAAA,EAAK;AAAA,IAClC,EAAE,MAAA,EAAQ,CAAC,WAAW,CAAA,EAAE;AAAA,IACxB,EAAE,MAAA,EAAQ,CAAC,YAAY,CAAA,EAAE;AAAA,IACzB,EAAE,MAAA,EAAQ,CAAC,SAAS,CAAA,EAAE;AAAA,IACtB,EAAE,MAAA,EAAQ,CAAC,YAAY,CAAA;AAAE,GAC3B;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,YAAA,EAAc,KAAA;AAAA,IACd,UAAA,EAAY,KAAA;AAAA,IACZ,UAAA,EAAY,KAAA;AAAA,IACZ,YAAY,EAAC;AAAA,IACb,KAAA,EAAO,KAAA;AAAA,IACP,GAAA,EAAK;AAAA;AAET,CAAC;AClGM,IAAM,oBAAA,GAAuBD,kBAAa,MAAA,CAAO;AAAA,EACtD,IAAA,EAAM,yBAAA;AAAA,EACN,KAAA,EAAO,qBAAA;AAAA,EACP,WAAA,EAAa,sBAAA;AAAA,EACb,IAAA,EAAM,YAAA;AAAA,EACN,QAAA,EAAU,IAAA;AAAA,EACV,SAAA,EAAW,aAAA;AAAA;AAAA;AAAA;AAAA,EAIX,UAAA,EAAY;AAAA,IACV,IAAA,EAAM,MAAA;AAAA,IACN,MAAA,EAAQ,4DAAA;AAAA,IACR,OAAA,EAAS;AAAA,GACX;AAAA,EACA,WAAA,EAAa,mDAAA;AAAA,EACb,aAAA,EAAe,CAAC,WAAA,EAAa,SAAA,EAAW,YAAY,CAAA;AAAA,EAEpD,MAAA,EAAQ;AAAA,IACN,EAAA,EAAIC,WAAM,IAAA,CAAK;AAAA,MACb,KAAA,EAAO,IAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,KAAA,EAAOA,WAAM,IAAA,CAAK;AAAA,MAChB,KAAA,EAAO,OAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,SAAA,EAAW,IAAA;AAAA,MACX,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,SAAA,EAAWA,WAAM,IAAA,CAAK;AAAA,MACpB,KAAA,EAAO,WAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,UAAA,EAAYA,UAAAA,CAAM,MAAA,CAAO,aAAA,EAAe;AAAA,MACtC,KAAA,EAAO,SAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,OAAA,EAASA,UAAAA,CAAM,MAAA,CAAO,UAAA,EAAY;AAAA,MAChC,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,YAAA,EAAcA,WAAM,IAAA,CAAK;AAAA,MACvB,KAAA,EAAO,cAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,SAAA,EAAW,GAAA;AAAA,MACX,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,MAAA,EAAQA,WAAM,QAAA,CAAS;AAAA,MACrB,KAAA,EAAO,QAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,OAAA,EAASA,WAAM,QAAA,CAAS;AAAA,MACtB,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,SAAA,EAAWA,WAAM,QAAA,CAAS;AAAA,MACxB,KAAA,EAAO,WAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd;AAAA,GACH;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,EAAE,MAAA,EAAQ,CAAC,OAAO,CAAA,EAAG,QAAQ,IAAA,EAAK;AAAA,IAClC,EAAE,MAAA,EAAQ,CAAC,WAAW,CAAA,EAAE;AAAA,IACxB,EAAE,MAAA,EAAQ,CAAC,YAAY,CAAA,EAAE;AAAA,IACzB,EAAE,MAAA,EAAQ,CAAC,SAAS,CAAA;AAAE,GACxB;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,YAAA,EAAc,KAAA;AAAA,IACd,UAAA,EAAY,KAAA;AAAA,IACZ,UAAA,EAAY,KAAA;AAAA,IACZ,YAAY,EAAC;AAAA,IACb,KAAA,EAAO,KAAA;AAAA,IACP,GAAA,EAAK;AAAA;AAET,CAAC;ACpGM,IAAM,eAAA,GAAkBD,kBAAa,MAAA,CAAO;AAAA,EACjD,IAAA,EAAM,mBAAA;AAAA,EACN,KAAA,EAAO,eAAA;AAAA,EACP,WAAA,EAAa,gBAAA;AAAA,EACb,IAAA,EAAM,cAAA;AAAA,EACN,QAAA,EAAU,IAAA;AAAA,EACV,SAAA,EAAW,aAAA;AAAA;AAAA;AAAA;AAAA,EAIX,UAAA,EAAY;AAAA,IACV,IAAA,EAAM,MAAA;AAAA,IACN,MAAA,EAAQ,4DAAA;AAAA,IACR,OAAA,EAAS;AAAA,GACX;AAAA,EACA,WAAA,EAAa,oDAAA;AAAA,EACb,aAAA,EAAe,CAAC,WAAA,EAAa,SAAA,EAAW,QAAQ,CAAA;AAAA,EAEhD,MAAA,EAAQ;AAAA,IACN,EAAA,EAAIC,WAAM,IAAA,CAAK;AAAA,MACb,KAAA,EAAO,IAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,SAAA,EAAWA,WAAM,IAAA,CAAK;AAAA,MACpB,KAAA,EAAO,WAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,OAAA,EAASA,UAAAA,CAAM,MAAA,CAAO,UAAA,EAAY;AAAA,MAChC,KAAA,EAAO,MAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,YAAA,EAAcA,WAAM,IAAA,CAAK;AAAA,MACvB,KAAA,EAAO,cAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,SAAA,EAAW,GAAA;AAAA,MACX,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,MAAA,EAAQA,WAAM,QAAA,CAAS;AAAA,MACrB,KAAA,EAAO,QAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU;AAAA,KACX;AAAA,GACH;AAAA,EAEA,OAAA,EAAS;AAAA,IACP,EAAE,MAAA,EAAQ,CAAC,WAAW,CAAA,EAAE;AAAA,IACxB,EAAE,MAAA,EAAQ,CAAC,SAAS,CAAA;AAAE,GACxB;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,YAAA,EAAc,KAAA;AAAA,IACd,UAAA,EAAY,KAAA;AAAA,IACZ,UAAA,EAAY,KAAA;AAAA,IACZ,YAAY,EAAC;AAAA,IACb,KAAA,EAAO,KAAA;AAAA,IACP,GAAA,EAAK;AAAA;AAET,CAAC;AC9EM,IAAM,OAAA,GAAUD,kBAAa,MAAA,CAAO;AAAA,EACzC,IAAA,EAAM,UAAA;AAAA,EACN,KAAA,EAAO,UAAA;AAAA,EACP,WAAA,EAAa,WAAA;AAAA,EACb,IAAA,EAAM,KAAA;AAAA,EACN,QAAA,EAAU,IAAA;AAAA,EACV,SAAA,EAAW,aAAA;AAAA;AAAA;AAAA;AAAA,EAIX,UAAA,EAAY;AAAA,IACV,IAAA,EAAM,MAAA;AAAA,IACN,MAAA,EAAQ,4DAAA;AAAA,IACR,OAAA,EAAS;AAAA,GACX;AAAA,EACA,WAAA,EAAa,0DAAA;AAAA,EACb,aAAA,EAAe,CAAC,IAAA,EAAM,YAAA,EAAc,YAAY,CAAA;AAAA,EAEhD,MAAA,EAAQ;AAAA,IACN,EAAA,EAAIC,WAAM,IAAA,CAAK;AAAA,MACb,KAAA,EAAO,QAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,WAAA,EAAaA,WAAM,QAAA,CAAS;AAAA,MAC1B,KAAA,EAAO,aAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU,IAAA;AAAA,MACV,YAAA,EAAc,OAAA;AAAA,MACd,QAAA,EAAU;AAAA,KACX,CAAA;AAAA,IAED,UAAA,EAAYA,WAAM,QAAA,CAAS;AAAA,MACzB,KAAA,EAAO,YAAA;AAAA,MACP,QAAA,EAAU,KAAA;AAAA,MACV,WAAA,EAAa;AAAA,KACd;AAAA,GACH;AAAA,EAEA,MAAA,EAAQ;AAAA,IACN,YAAA,EAAc,KAAA;AAAA,IACd,UAAA,EAAY,KAAA;AAAA,IACZ,UAAA,EAAY,KAAA;AAAA,IACZ,YAAY,EAAC;AAAA,IACb,KAAA,EAAO,KAAA;AAAA,IACP,GAAA,EAAK;AAAA;AAET,CAAC","file":"index.js","sourcesContent":["// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { ObjectSchema, Field } from '@objectstack/spec/data';\n\n/**\n * sys_user — System User Object\n *\n * Canonical user identity record for the ObjectStack platform.\n * Backed by better-auth's `user` model with ObjectStack field conventions.\n *\n * Field order drives default list/form layout: identity first, then profile,\n * then system-managed audit fields (hidden from create/edit forms).\n *\n * @namespace sys\n */\nexport const SysUser = ObjectSchema.create({\n name: 'sys_user',\n label: 'User',\n pluralLabel: 'Users',\n icon: 'user',\n isSystem: true,\n managedBy: 'better-auth',\n // ADR-0010 §3.7 — identity table is managed by better-auth; schema must not drift.\n protection: {\n lock: 'full',\n reason: 'Identity table managed by better-auth — see ADR-0010.',\n docsUrl: 'https://docs.objectstack.ai/adr/0010-metadata-protection',\n },\n description: 'User accounts for authentication',\n displayNameField: 'name',\n titleFormat: '{name}',\n compactLayout: ['name', 'email', 'email_verified'],\n\n // Custom actions — generic CRUD is suppressed because user accounts are\n // managed by better-auth, but we still need first-class affordances for\n // common operations. Each action delegates to a Console-side named script\n // registered on the ActionRunner (see objectui `AppContent.tsx`). Adding\n // new affordances (reset password, revoke session, …) is now a pure\n // schema + script-registration change — no per-view code.\n actions: [\n {\n name: 'invite_user',\n label: 'Invite User',\n icon: 'user-plus',\n variant: 'primary',\n locations: ['list_toolbar'],\n type: 'api',\n target: '/api/v1/auth/organization/invite-member',\n successMessage: 'Invitation sent',\n refreshAfter: true,\n params: [\n { field: 'email', required: true },\n { field: 'role', objectOverride: 'sys_member', required: true },\n ],\n },\n\n // ── Platform admin operations (require better-auth `admin` plugin) ─\n //\n // These actions hit /api/v1/auth/admin/* endpoints that are only\n // wired when `auth.plugins.admin` is enabled. When the plugin is\n // disabled the actions still render (schema is static) but server\n // returns 404. UI surfaces them under the row menu so platform\n // admins can manage accounts without dropping to SQL or\n // a custom Setup wizard.\n {\n name: 'ban_user',\n label: 'Ban User',\n icon: 'ban',\n variant: 'danger',\n locations: ['list_item'],\n type: 'api',\n target: '/api/v1/auth/admin/ban-user',\n recordIdParam: 'userId',\n successMessage: 'User banned',\n refreshAfter: true,\n confirmText: 'Ban this user? They will be signed out and unable to sign in until unbanned.',\n params: [\n { name: 'banReason', label: 'Ban Reason', type: 'text', required: false },\n ],\n },\n {\n name: 'unban_user',\n label: 'Unban User',\n icon: 'check-circle-2',\n variant: 'secondary',\n locations: ['list_item'],\n type: 'api',\n target: '/api/v1/auth/admin/unban-user',\n recordIdParam: 'userId',\n successMessage: 'User unbanned',\n refreshAfter: true,\n },\n {\n name: 'set_user_password',\n label: 'Set Password',\n icon: 'key-round',\n variant: 'secondary',\n locations: ['list_item'],\n type: 'api',\n target: '/api/v1/auth/admin/set-user-password',\n recordIdParam: 'userId',\n successMessage: 'Password updated',\n refreshAfter: false,\n params: [\n { name: 'newPassword', label: 'New Password', type: 'text', required: true },\n ],\n },\n {\n name: 'set_user_role',\n label: 'Set Platform Role',\n icon: 'shield-check',\n variant: 'secondary',\n locations: ['list_item'],\n type: 'api',\n target: '/api/v1/auth/admin/set-role',\n recordIdParam: 'userId',\n successMessage: 'Role updated',\n refreshAfter: true,\n params: [\n { name: 'role', label: 'Platform Role', type: 'text', required: true },\n ],\n },\n {\n name: 'impersonate_user',\n label: 'Impersonate User',\n icon: 'user-cog',\n variant: 'secondary',\n locations: ['list_item'],\n type: 'api',\n target: '/api/v1/auth/admin/impersonate-user',\n recordIdParam: 'userId',\n successMessage: 'Now impersonating user',\n refreshAfter: true,\n confirmText: 'Start an impersonation session for this user? Use only for legitimate support cases — actions will be logged.',\n },\n\n // ── Self-service actions (the row owner only) ─────────────────────\n //\n // These four actions are the \"account settings\" surfaces the standalone\n // Account SPA used to own (`/account/profile`, `/account/security`).\n // They are visible only when the current row is the signed-in user —\n // i.e. opened from the user's own detail page or a \"My Account\" view —\n // via the `visible` CEL predicate. Admin equivalents (set_user_password\n // for any account) are above and stay separate.\n {\n name: 'update_my_profile',\n label: 'Update Profile',\n icon: 'user-pen',\n variant: 'primary',\n mode: 'edit',\n locations: ['record_header'],\n type: 'api',\n target: '/api/v1/auth/update-user',\n visible: 'record.id == ctx.user.id',\n successMessage: 'Profile updated',\n refreshAfter: true,\n params: [\n { field: 'name', required: false, defaultFromRow: true },\n { field: 'image', required: false, defaultFromRow: true },\n ],\n },\n {\n name: 'change_my_password',\n label: 'Change Password',\n icon: 'key',\n variant: 'secondary',\n locations: ['record_header', 'record_more', 'record_section'],\n type: 'api',\n target: '/api/v1/auth/change-password',\n visible: 'record.id == ctx.user.id',\n successMessage: 'Password changed',\n refreshAfter: false,\n params: [\n { name: 'currentPassword', label: 'Current Password', type: 'text', required: true },\n { name: 'newPassword', label: 'New Password', type: 'text', required: true },\n { name: 'revokeOtherSessions', label: 'Sign out other devices', type: 'boolean', required: false, defaultValue: true },\n ],\n },\n {\n name: 'change_my_email',\n label: 'Change Email',\n icon: 'mail',\n variant: 'secondary',\n locations: ['record_header', 'record_more', 'record_section'],\n type: 'api',\n target: '/api/v1/auth/change-email',\n visible: 'record.id == ctx.user.id',\n successMessage: 'Verification email sent — check the new address to confirm.',\n refreshAfter: false,\n params: [\n { name: 'newEmail', label: 'New Email', type: 'email', required: true },\n ],\n },\n {\n name: 'resend_verification_email',\n label: 'Resend Verification Email',\n icon: 'mail-check',\n variant: 'secondary',\n locations: ['record_header', 'record_more', 'record_section'],\n type: 'api',\n target: '/api/v1/auth/send-verification-email',\n // Only render for the row owner AND when their email is still\n // unverified — there's nothing to resend once verified.\n visible: 'record.id == ctx.user.id && record.email_verified == false',\n successMessage: 'Verification email sent — check your inbox.',\n refreshAfter: false,\n params: [],\n },\n {\n name: 'delete_my_account',\n label: 'Delete My Account',\n icon: 'user-x',\n variant: 'danger',\n mode: 'delete',\n locations: ['record_more', 'record_section'],\n type: 'api',\n target: '/api/v1/auth/delete-user',\n visible: 'record.id == ctx.user.id',\n confirmText: 'Permanently delete your account? This cannot be undone — all your sessions will be terminated and all data you own will be removed per the configured retention policy.',\n successMessage: 'Account deleted',\n refreshAfter: false,\n params: [\n { name: 'password', label: 'Current Password', type: 'text', required: true },\n ],\n },\n // ── Two-factor authentication ─────────────────────────────────\n // Enable flow returns { totpURI, backupCodes } — surfacing those\n // safely needs a QR + verify UI that the generic action engine\n // can't render yet. We still expose it so the API call works\n // and the success toast displays the otpauth:// URI that users\n // can manually add to an authenticator app as a fallback.\n {\n name: 'enable_two_factor',\n label: 'Enable Two-Factor Auth',\n icon: 'shield-plus',\n variant: 'primary',\n locations: ['record_section'],\n type: 'api',\n target: '/api/v1/auth/two-factor/enable',\n visible: 'record.id == ctx.user.id && record.two_factor_enabled != true',\n successMessage: 'Two-factor authentication enabled. Scan the QR code or paste the otpauth URI into your authenticator app, then verify a code to complete setup.',\n refreshAfter: true,\n params: [\n { name: 'password', label: 'Current Password', type: 'text', required: true },\n ],\n },\n {\n name: 'disable_two_factor',\n label: 'Disable Two-Factor Auth',\n icon: 'shield-off',\n variant: 'danger',\n locations: ['record_section'],\n type: 'api',\n target: '/api/v1/auth/two-factor/disable',\n visible: 'record.id == ctx.user.id && record.two_factor_enabled == true',\n confirmText: 'Turn off two-factor authentication? Your account will be less secure.',\n successMessage: 'Two-factor authentication disabled.',\n refreshAfter: true,\n params: [\n { name: 'password', label: 'Current Password', type: 'text', required: true },\n ],\n },\n {\n name: 'generate_backup_codes',\n label: 'Regenerate Backup Codes',\n icon: 'list-restart',\n variant: 'secondary',\n locations: ['record_section'],\n type: 'api',\n target: '/api/v1/auth/two-factor/generate-backup-codes',\n visible: 'record.id == ctx.user.id && record.two_factor_enabled == true',\n confirmText: 'Generate a new set of backup codes? Any previously generated codes will stop working.',\n successMessage: 'New backup codes generated — save them somewhere safe.',\n refreshAfter: false,\n params: [\n { name: 'password', label: 'Current Password', type: 'text', required: true },\n ],\n },\n ],\n\n listViews: {\n // Self-service profile entry — surfaced by the Account App so every\n // authenticated user can view / edit their own basic profile (name,\n // email, avatar). Filtered to a single row (the caller) via the\n // `{current_user_id}` template variable; RLS additionally enforces\n // that non-admins cannot read other users' rows.\n me: {\n type: 'grid',\n name: 'me',\n label: 'My Profile',\n data: { provider: 'object', object: 'sys_user' },\n columns: ['name', 'email', 'email_verified', 'two_factor_enabled', 'updated_at'],\n filter: [{ field: 'id', operator: 'equals', value: '{current_user_id}' }],\n sort: [{ field: 'name', order: 'asc' }],\n pagination: { pageSize: 1 },\n },\n all_users: {\n type: 'grid',\n name: 'all_users',\n label: 'All Users',\n data: { provider: 'object', object: 'sys_user' },\n columns: ['name', 'email', 'email_verified', 'two_factor_enabled', 'created_at'],\n sort: [{ field: 'name', order: 'asc' }],\n pagination: { pageSize: 50 },\n },\n unverified: {\n type: 'grid',\n name: 'unverified',\n label: 'Unverified',\n data: { provider: 'object', object: 'sys_user' },\n columns: ['name', 'email', 'created_at'],\n filter: [{ field: 'email_verified', operator: 'equals', value: false }],\n sort: [{ field: 'created_at', order: 'desc' }],\n pagination: { pageSize: 50 },\n },\n two_factor: {\n type: 'grid',\n name: 'two_factor',\n label: '2FA Enabled',\n data: { provider: 'object', object: 'sys_user' },\n columns: ['name', 'email', 'two_factor_enabled', 'updated_at'],\n filter: [{ field: 'two_factor_enabled', operator: 'equals', value: true }],\n sort: [{ field: 'name', order: 'asc' }],\n pagination: { pageSize: 50 },\n },\n banned: {\n type: 'grid',\n name: 'banned',\n label: 'Banned',\n data: { provider: 'object', object: 'sys_user' },\n columns: ['name', 'email', 'banned', 'ban_reason', 'ban_expires'],\n filter: [{ field: 'banned', operator: 'equals', value: true }],\n sort: [{ field: 'updated_at', order: 'desc' }],\n pagination: { pageSize: 50 },\n },\n },\n\n fields: {\n // ── Identity (primary business fields) ───────────────────────\n name: Field.text({\n label: 'Name',\n required: true,\n searchable: true,\n maxLength: 255,\n group: 'Identity',\n }),\n\n email: Field.email({\n label: 'Email',\n required: true,\n searchable: true,\n group: 'Identity',\n }),\n\n email_verified: Field.boolean({\n label: 'Email Verified',\n defaultValue: false,\n group: 'Identity',\n }),\n\n two_factor_enabled: Field.boolean({\n label: 'Two-Factor Enabled',\n defaultValue: false,\n group: 'Identity',\n description: 'Whether two-factor authentication is enabled for this user. Maintained by the better-auth `twoFactor` plugin.',\n }),\n\n // ── Admin (managed by better-auth `admin` plugin when enabled) ───\n role: Field.text({\n label: 'Platform Role',\n required: false,\n maxLength: 64,\n group: 'Admin',\n description: 'Platform-level role (admin, user, …). Set via the Set Platform Role action.',\n }),\n\n banned: Field.boolean({\n label: 'Banned',\n defaultValue: false,\n group: 'Admin',\n description: 'When true, the user cannot sign in. Toggle via Ban User / Unban User actions.',\n }),\n\n ban_reason: Field.text({\n label: 'Ban Reason',\n required: false,\n maxLength: 255,\n group: 'Admin',\n }),\n\n ban_expires: Field.datetime({\n label: 'Ban Expires',\n required: false,\n group: 'Admin',\n description: 'When set, the ban auto-clears at this time.',\n }),\n\n // ── Profile ──────────────────────────────────────────────────\n image: Field.url({\n label: 'Profile Image',\n required: false,\n group: 'Profile',\n }),\n\n // ── System (auto-managed, hidden from create/edit forms) ─────\n id: Field.text({\n label: 'User ID',\n required: true,\n readonly: true,\n group: 'System',\n }),\n\n created_at: Field.datetime({\n label: 'Created At',\n defaultValue: 'NOW()',\n readonly: true,\n group: 'System',\n }),\n\n updated_at: Field.datetime({\n label: 'Updated At',\n defaultValue: 'NOW()',\n readonly: true,\n group: 'System',\n }),\n },\n\n indexes: [\n { fields: ['email'], unique: true },\n { fields: ['created_at'], unique: false },\n ],\n\n enable: {\n trackHistory: true,\n searchable: true,\n apiEnabled: true,\n apiMethods: ['get', 'list', 'create', 'update', 'delete'],\n trash: true,\n mru: true,\n },\n\n // Email uniqueness is enforced by the unique index above (and better-auth's\n // managed user table). A declarative `unique` validation rule is intentionally\n // not used — uniqueness needs a DB lookup, not a synchronous validation, so it\n // is not one of the declarable validation-rule types.\n});\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { ObjectSchema, Field } from '@objectstack/spec/data';\n\n/**\n * sys_session — System Session Object\n *\n * Active user session record for the ObjectStack platform.\n * Backed by better-auth's `session` model with ObjectStack field conventions.\n *\n * The `token` field is hidden by default — sessions are managed by the\n * auth plugin, not edited manually. Admins see session metadata\n * (user, expiry, IP, active context) without exposing the token value.\n *\n * @namespace sys\n */\nexport const SysSession = ObjectSchema.create({\n name: 'sys_session',\n label: 'Session',\n pluralLabel: 'Sessions',\n icon: 'key',\n isSystem: true,\n managedBy: 'better-auth',\n // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,\n // but may add overlay row-level config. Use `no-overlay` if you need to\n // forbid sys_metadata overlays entirely.\n protection: {\n lock: 'full',\n reason: 'Identity table managed by better-auth — see ADR-0010.',\n docsUrl: 'https://docs.objectstack.ai/adr/0010-metadata-protection',\n },\n description: 'Active user sessions',\n displayNameField: 'user_id',\n titleFormat: 'Session — {user_id}',\n compactLayout: ['user_id', 'ip_address', 'expires_at'],\n\n // Custom actions — sessions are managed by better-auth (generic CRUD\n // suppressed). \"Sign out other devices\" is the high-value self-service\n // affordance every IdP exposes. Maps to better-auth's\n // `revoke-other-sessions` endpoint which terminates every session for\n // the current user except the one making the request.\n actions: [\n {\n name: 'revoke_my_other_sessions',\n label: 'Sign out other devices',\n icon: 'log-out',\n variant: 'danger',\n locations: ['list_toolbar'],\n type: 'api',\n target: '/api/v1/auth/revoke-other-sessions',\n confirmText: 'Sign out of every other device where you\\'re currently logged in? Your current session will remain active.',\n successMessage: 'All other sessions revoked',\n refreshAfter: true,\n },\n {\n name: 'revoke_session',\n label: 'Revoke Session',\n icon: 'log-out',\n variant: 'danger',\n mode: 'delete',\n locations: ['list_item'],\n type: 'api',\n target: '/api/v1/auth/revoke-session',\n // better-auth `revoke-session` keys off the session token, not the id.\n recordIdParam: 'token',\n recordIdField: 'token',\n confirmText: 'Revoke this session? The user will be signed out from that device.',\n successMessage: 'Session revoked',\n refreshAfter: true,\n },\n ],\n\n listViews: {\n mine: {\n type: 'grid',\n name: 'mine',\n label: 'My Sessions',\n data: { provider: 'object', object: 'sys_session' },\n columns: ['ip_address', 'active_organization_id', 'created_at', 'expires_at'],\n filter: [{ field: 'user_id', operator: 'equals', value: '{current_user_id}' }],\n sort: [{ field: 'created_at', order: 'desc' }],\n pagination: { pageSize: 50 },\n },\n all_sessions: {\n type: 'grid',\n name: 'all_sessions',\n label: 'All',\n data: { provider: 'object', object: 'sys_session' },\n columns: ['user_id', 'ip_address', 'active_organization_id', 'created_at', 'expires_at'],\n sort: [{ field: 'created_at', order: 'desc' }],\n pagination: { pageSize: 50 },\n },\n },\n\n fields: {\n // ── Session owner & expiry ──────────────────────────────────\n user_id: Field.lookup('sys_user', {\n label: 'User',\n required: true,\n searchable: true,\n group: 'Session',\n }),\n\n expires_at: Field.datetime({\n label: 'Expires At',\n required: true,\n group: 'Session',\n }),\n\n // ── Active context (multi-org/team) ──────────────────────────\n active_organization_id: Field.lookup('sys_organization', {\n label: 'Active Organization',\n required: false,\n group: 'Context',\n }),\n\n active_team_id: Field.lookup('sys_team', {\n label: 'Active Team',\n required: false,\n group: 'Context',\n }),\n\n // ── Client fingerprint ───────────────────────────────────────\n ip_address: Field.text({\n label: 'IP Address',\n required: false,\n maxLength: 45, // Support IPv6\n group: 'Client',\n }),\n\n user_agent: Field.textarea({\n label: 'User Agent',\n required: false,\n group: 'Client',\n }),\n\n // ── Admin (managed by better-auth `admin` plugin) ────────────\n impersonated_by: Field.lookup('sys_user', {\n label: 'Impersonated By',\n required: false,\n group: 'Admin',\n description: 'User id of the admin that started this impersonation session, if any.',\n }),\n\n // ── Secret (hidden by default) ──────────────────────────────\n token: Field.text({\n label: 'Session Token',\n required: true,\n hidden: true,\n readonly: true,\n description: 'Opaque session token — never exposed in UI',\n group: 'Secret',\n }),\n\n // ── System ───────────────────────────────────────────────────\n id: Field.text({\n label: 'Session ID',\n required: true,\n readonly: true,\n group: 'System',\n }),\n\n created_at: Field.datetime({\n label: 'Created At',\n defaultValue: 'NOW()',\n readonly: true,\n group: 'System',\n }),\n\n updated_at: Field.datetime({\n label: 'Updated At',\n defaultValue: 'NOW()',\n readonly: true,\n group: 'System',\n }),\n },\n\n indexes: [\n { fields: ['token'], unique: true },\n { fields: ['user_id'], unique: false },\n { fields: ['expires_at'], unique: false },\n ],\n\n enable: {\n trackHistory: false,\n searchable: false,\n apiEnabled: true,\n apiMethods: ['get', 'list', 'create', 'delete'],\n trash: false,\n mru: false,\n clone: false,\n },\n});\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { ObjectSchema, Field } from '@objectstack/spec/data';\n\n/**\n * sys_account — System Account Object\n *\n * OAuth / credential provider account record.\n * Backed by better-auth's `account` model with ObjectStack field conventions.\n *\n * @namespace sys\n */\nexport const SysAccount = ObjectSchema.create({\n name: 'sys_account',\n label: 'Account',\n pluralLabel: 'Accounts',\n icon: 'link',\n isSystem: true,\n managedBy: 'better-auth',\n // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,\n // but may add overlay row-level config. Use `no-overlay` if you need to\n // forbid sys_metadata overlays entirely.\n protection: {\n lock: 'full',\n reason: 'Identity table managed by better-auth — see ADR-0010.',\n docsUrl: 'https://docs.objectstack.ai/adr/0010-metadata-protection',\n },\n description: 'OAuth and authentication provider accounts',\n titleFormat: '{provider_id} - {account_id}',\n compactLayout: ['provider_id', 'user_id', 'account_id'],\n\n // Custom actions — sysadmins routinely need to revoke a user's OAuth\n // link (e.g. when an SSO provider is decommissioned or the user\n // requests it). Better-auth exposes `/unlink-account { providerId,\n // accountId }` for this. The form is locked to the row's values so\n // it acts as a one-click confirmation rather than a free-form edit.\n //\n // `link_social` is the self-service counterpart — a toolbar action\n // that redirects the browser to better-auth's social sign-in endpoint\n // with a callbackURL pointing back to the linked-accounts view. The\n // endpoint sets the link cookie and OAuth-dances through the provider,\n // which is why it's `type: 'url'` (full page navigation) rather than\n // `type: 'api'` (XHR — would block on CORS / 302).\n actions: [\n {\n name: 'link_social',\n label: 'Link Social Account',\n icon: 'link-2',\n variant: 'primary',\n mode: 'create',\n locations: ['list_toolbar'],\n type: 'url',\n target: '/api/v1/auth/sign-in/social?provider=${param.provider}&callbackURL=${ctx.origin}/_console/apps/account/sys_account',\n params: [\n {\n name: 'provider',\n label: 'Provider',\n type: 'select',\n required: true,\n options: [\n { label: 'Google', value: 'google' },\n { label: 'GitHub', value: 'github' },\n { label: 'Microsoft', value: 'microsoft' },\n { label: 'Apple', value: 'apple' },\n { label: 'Facebook', value: 'facebook' },\n { label: 'GitLab', value: 'gitlab' },\n { label: 'Discord', value: 'discord' },\n ],\n },\n ],\n },\n {\n name: 'unlink_account',\n label: 'Unlink Account',\n icon: 'unlink',\n variant: 'danger',\n mode: 'delete',\n locations: ['list_item', 'record_header'],\n type: 'api',\n target: '/api/v1/auth/unlink-account',\n confirmText: 'Unlink this identity link? The user will no longer be able to sign in with this provider until they re-link it from their account settings.',\n successMessage: 'Identity link removed',\n refreshAfter: true,\n params: [\n { name: 'providerId', field: 'provider_id', defaultFromRow: true, required: true },\n { name: 'accountId', field: 'account_id', defaultFromRow: true, required: true },\n ],\n },\n ],\n\n listViews: {\n mine: {\n type: 'grid',\n name: 'mine',\n label: 'My Links',\n data: { provider: 'object', object: 'sys_account' },\n columns: ['provider_id', 'account_id', 'created_at', 'updated_at'],\n filter: [{ field: 'user_id', operator: 'equals', value: '{current_user_id}' }],\n sort: [{ field: 'provider_id', order: 'asc' }],\n pagination: { pageSize: 50 },\n },\n by_provider: {\n type: 'grid',\n name: 'by_provider',\n label: 'By Provider',\n data: { provider: 'object', object: 'sys_account' },\n columns: ['provider_id', 'user_id', 'account_id', 'created_at'],\n sort: [{ field: 'provider_id', order: 'asc' }, { field: 'created_at', order: 'desc' }],\n grouping: { fields: [{ field: 'provider_id', order: 'asc', collapsed: false }] },\n pagination: { pageSize: 100 },\n },\n all_links: {\n type: 'grid',\n name: 'all_links',\n label: 'All',\n data: { provider: 'object', object: 'sys_account' },\n columns: ['provider_id', 'user_id', 'account_id', 'created_at', 'updated_at'],\n sort: [{ field: 'created_at', order: 'desc' }],\n pagination: { pageSize: 100 },\n },\n },\n \n fields: {\n id: Field.text({\n label: 'Account ID',\n required: true,\n readonly: true,\n }),\n \n created_at: Field.datetime({\n label: 'Created At',\n defaultValue: 'NOW()',\n readonly: true,\n }),\n \n updated_at: Field.datetime({\n label: 'Updated At',\n defaultValue: 'NOW()',\n readonly: true,\n }),\n \n provider_id: Field.text({\n label: 'Provider ID',\n required: true,\n description: 'OAuth provider identifier (google, github, etc.)',\n }),\n \n account_id: Field.text({\n label: 'Provider Account ID',\n required: true,\n description: \"User's ID in the provider's system\",\n }),\n \n user_id: Field.lookup('sys_user', {\n label: 'User',\n required: true,\n description: 'Link to user table',\n }),\n \n access_token: Field.textarea({\n label: 'Access Token',\n required: false,\n }),\n \n refresh_token: Field.textarea({\n label: 'Refresh Token',\n required: false,\n }),\n \n id_token: Field.textarea({\n label: 'ID Token',\n required: false,\n }),\n \n access_token_expires_at: Field.datetime({\n label: 'Access Token Expires At',\n required: false,\n }),\n \n refresh_token_expires_at: Field.datetime({\n label: 'Refresh Token Expires At',\n required: false,\n }),\n \n scope: Field.text({\n label: 'OAuth Scope',\n required: false,\n }),\n \n password: Field.text({\n label: 'Password Hash',\n required: false,\n description: 'Hashed password for email/password provider',\n }),\n },\n \n indexes: [\n { fields: ['user_id'], unique: false },\n { fields: ['provider_id', 'account_id'], unique: true },\n ],\n \n enable: {\n trackHistory: false,\n searchable: false,\n apiEnabled: true,\n apiMethods: ['get', 'list', 'create', 'update', 'delete'],\n trash: true,\n mru: false,\n },\n});\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { ObjectSchema, Field } from '@objectstack/spec/data';\n\n/**\n * sys_verification — System Verification Object\n *\n * Email and phone verification token record.\n * Backed by better-auth's `verification` model with ObjectStack field conventions.\n *\n * @namespace sys\n */\nexport const SysVerification = ObjectSchema.create({\n name: 'sys_verification',\n label: 'Verification',\n pluralLabel: 'Verifications',\n icon: 'shield-check',\n isSystem: true,\n managedBy: 'better-auth',\n // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,\n // but may add overlay row-level config. Use `no-overlay` if you need to\n // forbid sys_metadata overlays entirely.\n protection: {\n lock: 'full',\n reason: 'Identity table managed by better-auth — see ADR-0010.',\n docsUrl: 'https://docs.objectstack.ai/adr/0010-metadata-protection',\n },\n description: 'Email and phone verification tokens',\n titleFormat: 'Verification for {identifier}',\n compactLayout: ['identifier', 'expires_at', 'created_at'],\n \n fields: {\n id: Field.text({\n label: 'Verification ID',\n required: true,\n readonly: true,\n }),\n \n created_at: Field.datetime({\n label: 'Created At',\n defaultValue: 'NOW()',\n readonly: true,\n }),\n \n updated_at: Field.datetime({\n label: 'Updated At',\n defaultValue: 'NOW()',\n readonly: true,\n }),\n \n value: Field.text({\n label: 'Verification Token',\n required: true,\n description: 'Token or code for verification',\n }),\n \n expires_at: Field.datetime({\n label: 'Expires At',\n required: true,\n }),\n \n identifier: Field.text({\n label: 'Identifier',\n required: true,\n description: 'Email address or phone number',\n }),\n },\n \n indexes: [\n { fields: ['value'], unique: true },\n { fields: ['identifier'], unique: false },\n { fields: ['expires_at'], unique: false },\n ],\n \n enable: {\n trackHistory: false,\n searchable: false,\n apiEnabled: true,\n apiMethods: ['get', 'create', 'delete'],\n trash: false,\n mru: false,\n },\n});\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { ObjectSchema, Field } from '@objectstack/spec/data';\n\n/**\n * sys_organization — System Organization Object\n *\n * Multi-organization support for the ObjectStack platform.\n * Backed by better-auth's organization plugin.\n *\n * @namespace sys\n */\nexport const SysOrganization = ObjectSchema.create({\n name: 'sys_organization',\n label: 'Organization',\n pluralLabel: 'Organizations',\n icon: 'building-2',\n isSystem: true,\n managedBy: 'better-auth',\n // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,\n // but may add overlay row-level config. Use `no-overlay` if you need to\n // forbid sys_metadata overlays entirely.\n protection: {\n lock: 'full',\n reason: 'Identity table managed by better-auth — see ADR-0010.',\n docsUrl: 'https://docs.objectstack.ai/adr/0010-metadata-protection',\n },\n description: 'Organizations for multi-tenant grouping',\n displayNameField: 'name',\n titleFormat: '{name}',\n compactLayout: ['name', 'slug'],\n\n // Custom actions — generic CRUD is suppressed (better-auth-managed),\n // but admins still need to create new orgs from the Setup app.\n actions: [\n {\n name: 'create_organization',\n label: 'Create Organization',\n icon: 'plus',\n variant: 'primary',\n locations: ['list_toolbar'],\n type: 'api',\n target: '/api/v1/auth/organization/create',\n successMessage: 'Organization created',\n refreshAfter: true,\n // Hidden when the deployment is provisioned in single-org mode\n // (`OS_MULTI_ORG_ENABLED=false`). `features.multiOrgEnabled` is\n // populated by the console/account shells from `/auth/config`;\n // we default to visible when the flag is undefined so we don't\n // accidentally hide the button while auth config is still loading.\n visible: 'features.multiOrgEnabled != false',\n params: [\n { field: 'name', required: true },\n { field: 'slug', required: true },\n { field: 'logo' },\n ],\n },\n {\n name: 'update_organization',\n label: 'Edit Organization',\n icon: 'pencil',\n mode: 'edit',\n locations: ['list_item'],\n type: 'api',\n target: '/api/v1/auth/organization/update',\n recordIdParam: 'organizationId',\n // better-auth `organization/update` nests editable fields under `data`.\n bodyShape: { wrap: 'data' },\n successMessage: 'Organization updated',\n refreshAfter: true,\n params: [\n { field: 'name', required: true, defaultFromRow: true },\n { field: 'slug', required: true, defaultFromRow: true },\n { field: 'logo', defaultFromRow: true },\n ],\n },\n {\n name: 'delete_organization',\n label: 'Delete Organization',\n icon: 'trash-2',\n variant: 'danger',\n mode: 'delete',\n locations: ['list_item'],\n type: 'api',\n target: '/api/v1/auth/organization/delete',\n recordIdParam: 'organizationId',\n confirmText: 'Delete this organization? All members will lose access immediately. This cannot be undone.',\n successMessage: 'Organization deleted',\n refreshAfter: true,\n },\n {\n // Switch the caller's active organization context. Standard\n // better-auth endpoint; no extra params needed (org id ships as\n // the row id). Used from the Setup list and the record header so\n // admins can context-switch without leaving the page.\n name: 'set_active_organization',\n label: 'Set Active',\n icon: 'check-circle-2',\n variant: 'secondary',\n mode: 'custom',\n locations: ['list_item', 'record_header'],\n type: 'api',\n target: '/api/v1/auth/organization/set-active',\n recordIdParam: 'organizationId',\n successMessage: 'Active organization switched',\n refreshAfter: true,\n },\n {\n // Current user leaves the org. Distinct from `delete_organization`\n // (admin-only, destroys the org) — `leave` only removes the caller's\n // own membership. Better-auth: `organization/leave { organizationId }`.\n name: 'leave_organization',\n label: 'Leave Organization',\n icon: 'log-out',\n variant: 'danger',\n mode: 'custom',\n locations: ['list_item', 'record_header'],\n type: 'api',\n target: '/api/v1/auth/organization/leave',\n recordIdParam: 'organizationId',\n confirmText: 'Leave this organization? You will lose access to all of its resources.',\n successMessage: 'You have left the organization',\n refreshAfter: true,\n },\n {\n // Rename the organization slug (URL prefix). Backed by the cloud\n // orchestrator at /api/v1/cloud/organizations/{id}/change-slug,\n // which atomically updates sys_organization.slug, rewrites\n // platform_subdomain sys_domain rows under the new slug, soft-\n // retires the old rows with a redirect window, parks the old\n // slug in sys_slug_reservation, and refreshes the registry\n // mirror. See cloud `docs/design/sys-domain.md` §6.\n name: 'change_slug',\n label: 'Change Slug',\n icon: 'edit-3',\n variant: 'secondary',\n mode: 'custom',\n locations: ['record_header'],\n type: 'api',\n target: '/api/v1/cloud/organizations/{id}/change-slug',\n method: 'POST',\n confirmText: 'Renaming the slug rewrites every platform subdomain for this org and parks the old slug for 90 days. Continue?',\n successMessage: 'Organization slug changed',\n refreshAfter: true,\n params: [\n { field: 'slug', required: true, defaultFromRow: true },\n ],\n },\n ],\n\n listViews: {\n all_orgs: {\n type: 'grid',\n name: 'all_orgs',\n label: 'All',\n data: { provider: 'object', object: 'sys_organization' },\n columns: ['name', 'slug', 'created_at', 'updated_at'],\n sort: [{ field: 'name', order: 'asc' }],\n pagination: { pageSize: 50 },\n },\n },\n\n fields: {\n // ── Identity ─────────────────────────────────────────────────\n name: Field.text({\n label: 'Name',\n required: true,\n searchable: true,\n maxLength: 255,\n group: 'Identity',\n }),\n\n slug: Field.text({\n label: 'Slug',\n required: false,\n searchable: true,\n maxLength: 255,\n description: 'URL-friendly identifier',\n group: 'Identity',\n }),\n\n // ── Branding ─────────────────────────────────────────────────\n logo: Field.url({\n label: 'Logo',\n required: false,\n group: 'Branding',\n }),\n\n // ── Configuration ────────────────────────────────────────────\n metadata: Field.textarea({\n label: 'Metadata',\n required: false,\n description: 'JSON-serialized organization metadata',\n group: 'Configuration',\n }),\n\n // ── System ───────────────────────────────────────────────────\n id: Field.text({\n label: 'Organization ID',\n required: true,\n readonly: true,\n group: 'System',\n }),\n\n created_at: Field.datetime({\n label: 'Created At',\n defaultValue: 'NOW()',\n readonly: true,\n group: 'System',\n }),\n\n updated_at: Field.datetime({\n label: 'Updated At',\n defaultValue: 'NOW()',\n readonly: true,\n group: 'System',\n }),\n },\n\n indexes: [\n { fields: ['slug'], unique: true },\n { fields: ['name'] },\n ],\n\n enable: {\n trackHistory: true,\n searchable: true,\n apiEnabled: true,\n apiMethods: ['get', 'list', 'create', 'update', 'delete'],\n trash: true,\n mru: true,\n },\n});\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { ObjectSchema, Field } from '@objectstack/spec/data';\n\n/**\n * sys_member — System Member Object\n *\n * Organization membership linking users to organizations with roles.\n * Backed by better-auth's organization plugin.\n *\n * @namespace sys\n */\nexport const SysMember = ObjectSchema.create({\n name: 'sys_member',\n label: 'Member',\n pluralLabel: 'Members',\n icon: 'user-check',\n isSystem: true,\n managedBy: 'better-auth',\n // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,\n // but may add overlay row-level config. Use `no-overlay` if you need to\n // forbid sys_metadata overlays entirely.\n protection: {\n lock: 'full',\n reason: 'Identity table managed by better-auth — see ADR-0010.',\n docsUrl: 'https://docs.objectstack.ai/adr/0010-metadata-protection',\n },\n description: 'Organization membership records',\n titleFormat: '{user_id} in {organization_id}',\n compactLayout: ['user_id', 'organization_id', 'role'],\n\n // Row-level actions: better-auth `organization/update-member-role` and\n // `organization/remove-member`. Generic CRUD is suppressed on better-auth\n // managed tables, so these are the canonical edit/delete entry points.\n // The `add_member` toolbar action covers the admin \"attach an existing\n // user directly without sending an invitation\" flow.\n actions: [\n {\n // Admin-only: directly attach an existing user to the active org,\n // bypassing the invite-accept flow. Better-auth:\n // `organization/add-member { userId, role, organizationId?, teamId? }`.\n // organizationId/teamId default to the caller's active org/team when\n // omitted, so we leave them as optional params.\n name: 'add_member',\n label: 'Add Member',\n icon: 'user-plus',\n variant: 'primary',\n locations: ['list_toolbar'],\n type: 'api',\n target: '/api/v1/auth/organization/add-member',\n successMessage: 'Member added',\n refreshAfter: true,\n params: [\n { name: 'userId', field: 'user_id', required: true },\n { field: 'role', required: true },\n { name: 'organizationId', field: 'organization_id' },\n ],\n },\n {\n name: 'update_member_role',\n label: 'Change Role',\n icon: 'shield',\n mode: 'edit',\n locations: ['list_item'],\n type: 'api',\n target: '/api/v1/auth/organization/update-member-role',\n recordIdParam: 'memberId',\n successMessage: 'Member role updated',\n refreshAfter: true,\n params: [\n { field: 'role', required: true, defaultFromRow: true },\n ],\n },\n {\n name: 'remove_member',\n label: 'Remove Member',\n icon: 'user-minus',\n variant: 'danger',\n mode: 'delete',\n locations: ['list_item'],\n type: 'api',\n target: '/api/v1/auth/organization/remove-member',\n recordIdParam: 'memberIdOrEmail',\n confirmText: 'Remove this member from the organization? They will lose access to all org resources.',\n successMessage: 'Member removed',\n refreshAfter: true,\n },\n // Transfer ownership is modeled as `update-member-role` with role=owner\n // (better-auth's organization plugin auto-demotes the previous owner\n // to admin). Kept as a separate action so the row menu can present a\n // distinct destructive-style affordance with the right confirm copy —\n // mixing it into `update_member_role` would hide the ownership-handoff\n // semantics behind a generic role dropdown.\n {\n name: 'transfer_ownership',\n label: 'Transfer Ownership',\n icon: 'crown',\n variant: 'danger',\n mode: 'custom',\n locations: ['list_item'],\n type: 'api',\n target: '/api/v1/auth/organization/update-member-role',\n recordIdParam: 'memberId',\n bodyExtra: { role: 'owner' },\n visible: \"record.role != 'owner'\",\n confirmText: 'Transfer ownership of this organization to the selected member? You will be demoted to admin and lose owner-only privileges.',\n successMessage: 'Ownership transferred',\n refreshAfter: true,\n },\n ],\n\n listViews: {\n mine: {\n type: 'grid',\n name: 'mine',\n label: 'My Memberships',\n data: { provider: 'object', object: 'sys_member' },\n columns: ['organization_id', 'role', 'created_at'],\n filter: [{ field: 'user_id', operator: 'equals', value: '{current_user_id}' }],\n sort: [{ field: 'created_at', order: 'desc' }],\n pagination: { pageSize: 50 },\n emptyState: {\n title: 'No organizations yet',\n message: 'You haven\\'t joined any organizations.',\n },\n },\n },\n\n fields: {\n id: Field.text({\n label: 'Member ID',\n required: true,\n readonly: true,\n }),\n \n created_at: Field.datetime({\n label: 'Created At',\n defaultValue: 'NOW()',\n readonly: true,\n }),\n \n organization_id: Field.lookup('sys_organization', {\n label: 'Organization',\n required: true,\n }),\n \n user_id: Field.lookup('sys_user', {\n label: 'User',\n required: true,\n }),\n \n role: Field.select({\n label: 'Role',\n required: false,\n description: 'Member role within the organization',\n options: [\n { label: 'Owner', value: 'owner' },\n { label: 'Admin', value: 'admin' },\n { label: 'Member', value: 'member' },\n ],\n defaultValue: 'member',\n }),\n },\n \n indexes: [\n { fields: ['organization_id', 'user_id'], unique: true },\n { fields: ['user_id'] },\n ],\n \n enable: {\n trackHistory: true,\n searchable: false,\n apiEnabled: true,\n apiMethods: ['get', 'list', 'create', 'update', 'delete'],\n trash: false,\n mru: false,\n },\n});\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { ObjectSchema, Field } from '@objectstack/spec/data';\n\n/**\n * sys_invitation — System Invitation Object\n *\n * Organization invitation tokens for inviting users.\n * Backed by better-auth's organization plugin.\n *\n * @namespace sys\n */\nexport const SysInvitation = ObjectSchema.create({\n name: 'sys_invitation',\n label: 'Invitation',\n pluralLabel: 'Invitations',\n icon: 'mail',\n isSystem: true,\n managedBy: 'better-auth',\n // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,\n // but may add overlay row-level config. Use `no-overlay` if you need to\n // forbid sys_metadata overlays entirely.\n protection: {\n lock: 'full',\n reason: 'Identity table managed by better-auth — see ADR-0010.',\n docsUrl: 'https://docs.objectstack.ai/adr/0010-metadata-protection',\n },\n description: 'Organization invitations for user onboarding',\n titleFormat: 'Invitation to {organization_id}',\n compactLayout: ['email', 'organization_id', 'status'],\n\n // Custom actions — generic CRUD is suppressed (better-auth-managed).\n // Mirror the `invite_user` toolbar action from sys_user here so admins\n // landing on the Invitations page get an obvious entry point.\n actions: [\n {\n name: 'invite_user',\n label: 'Invite User',\n icon: 'user-plus',\n variant: 'primary',\n locations: ['list_toolbar'],\n type: 'api',\n target: '/api/v1/auth/organization/invite-member',\n successMessage: 'Invitation sent',\n refreshAfter: true,\n params: [\n { field: 'email', required: true },\n { field: 'role', required: true },\n ],\n },\n {\n name: 'cancel_invitation',\n label: 'Cancel Invitation',\n icon: 'x-circle',\n variant: 'danger',\n mode: 'delete',\n locations: ['list_item'],\n type: 'api',\n target: '/api/v1/auth/organization/cancel-invitation',\n recordIdParam: 'invitationId',\n confirmText: 'Cancel this invitation? The recipient will no longer be able to accept it.',\n successMessage: 'Invitation canceled',\n refreshAfter: true,\n },\n {\n name: 'resend_invitation',\n label: 'Resend Invitation',\n icon: 'send',\n variant: 'secondary',\n locations: ['list_item'],\n type: 'api',\n target: '/api/v1/auth/organization/invite-member',\n bodyExtra: { resend: true },\n successMessage: 'Invitation resent',\n refreshAfter: true,\n params: [\n { field: 'email', required: true, defaultFromRow: true },\n { field: 'role', required: true, defaultFromRow: true },\n ],\n },\n\n // ── Recipient-side actions (the invited user) ────────────────────\n //\n // These two are the counterpart to invite/cancel/resend: they are\n // visible only on invitations addressed to the current user. Used\n // by an \"Inbox / Pending invitations\" list opened from the user's\n // own account page. The recipient-only `visible` predicate keeps\n // them out of the admin org-management view.\n {\n name: 'accept_invitation',\n label: 'Accept Invitation',\n icon: 'check',\n variant: 'primary',\n locations: ['list_item', 'record_header'],\n type: 'api',\n target: '/api/v1/auth/organization/accept-invitation',\n recordIdParam: 'invitationId',\n visible: \"record.email == ctx.user.email && record.status == 'pending'\",\n successMessage: 'Invitation accepted',\n refreshAfter: true,\n },\n {\n name: 'reject_invitation',\n label: 'Decline Invitation',\n icon: 'x',\n variant: 'ghost',\n locations: ['list_item', 'record_header'],\n type: 'api',\n target: '/api/v1/auth/organization/reject-invitation',\n recordIdParam: 'invitationId',\n visible: \"record.email == ctx.user.email && record.status == 'pending'\",\n confirmText: 'Decline this invitation? The inviter will be notified and you will need a new invitation to join.',\n successMessage: 'Invitation declined',\n refreshAfter: true,\n },\n ],\n\n listViews: {\n pending: {\n type: 'grid',\n name: 'pending',\n label: 'Pending',\n data: { provider: 'object', object: 'sys_invitation' },\n columns: ['email', 'role', 'organization_id', 'inviter_id', 'expires_at'],\n filter: [{ field: 'status', operator: 'equals', value: 'pending' }],\n sort: [{ field: 'expires_at', order: 'asc' }],\n pagination: { pageSize: 50 },\n },\n accepted: {\n type: 'grid',\n name: 'accepted',\n label: 'Accepted',\n data: { provider: 'object', object: 'sys_invitation' },\n columns: ['email', 'role', 'organization_id', 'inviter_id', 'created_at'],\n filter: [{ field: 'status', operator: 'equals', value: 'accepted' }],\n sort: [{ field: 'created_at', order: 'desc' }],\n pagination: { pageSize: 50 },\n },\n expired: {\n type: 'grid',\n name: 'expired',\n label: 'Expired / Canceled',\n data: { provider: 'object', object: 'sys_invitation' },\n columns: ['email', 'status', 'organization_id', 'expires_at'],\n filter: [{ field: 'status', operator: 'in', value: ['expired', 'rejected', 'canceled'] }],\n sort: [{ field: 'expires_at', order: 'desc' }],\n pagination: { pageSize: 50 },\n },\n all_invitations: {\n type: 'grid',\n name: 'all_invitations',\n label: 'All',\n data: { provider: 'object', object: 'sys_invitation' },\n columns: ['email', 'status', 'role', 'organization_id', 'inviter_id', 'created_at'],\n sort: [{ field: 'created_at', order: 'desc' }],\n pagination: { pageSize: 50 },\n },\n },\n \n fields: {\n id: Field.text({\n label: 'Invitation ID',\n required: true,\n readonly: true,\n }),\n \n created_at: Field.datetime({\n label: 'Created At',\n defaultValue: 'NOW()',\n readonly: true,\n }),\n \n organization_id: Field.lookup('sys_organization', {\n label: 'Organization',\n required: true,\n }),\n \n email: Field.email({\n label: 'Email',\n required: true,\n description: 'Email address of the invited user',\n }),\n \n role: Field.select({\n label: 'Role',\n required: false,\n description: 'Role to assign upon acceptance',\n options: [\n { label: 'Owner', value: 'owner' },\n { label: 'Admin', value: 'admin' },\n { label: 'Member', value: 'member' },\n ],\n defaultValue: 'member',\n }),\n \n status: Field.select(['pending', 'accepted', 'rejected', 'expired', 'canceled'], {\n label: 'Status',\n required: true,\n defaultValue: 'pending',\n }),\n \n inviter_id: Field.lookup('sys_user', {\n label: 'Inviter',\n required: true,\n description: 'User who sent the invitation',\n }),\n \n expires_at: Field.datetime({\n label: 'Expires At',\n required: true,\n }),\n \n team_id: Field.lookup('sys_team', {\n label: 'Team',\n required: false,\n description: 'Optional team to assign upon acceptance',\n }),\n },\n \n indexes: [\n { fields: ['organization_id'] },\n { fields: ['email'] },\n { fields: ['expires_at'] },\n ],\n \n enable: {\n trackHistory: true,\n searchable: false,\n apiEnabled: true,\n apiMethods: ['get', 'list', 'create', 'update', 'delete'],\n trash: false,\n mru: false,\n },\n});\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { ObjectSchema, Field } from '@objectstack/spec/data';\n\n/**\n * sys_team — System Team Object\n *\n * Teams within an organization for fine-grained grouping.\n * Backed by better-auth's organization plugin (teams feature).\n *\n * @namespace sys\n */\nexport const SysTeam = ObjectSchema.create({\n name: 'sys_team',\n label: 'Team',\n pluralLabel: 'Teams',\n icon: 'users',\n isSystem: true,\n managedBy: 'better-auth',\n // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,\n // but may add overlay row-level config. Use `no-overlay` if you need to\n // forbid sys_metadata overlays entirely.\n protection: {\n lock: 'full',\n reason: 'Identity table managed by better-auth — see ADR-0010.',\n docsUrl: 'https://docs.objectstack.ai/adr/0010-metadata-protection',\n },\n description: 'Teams within organizations for fine-grained grouping',\n displayNameField: 'name',\n titleFormat: '{name}',\n compactLayout: ['name', 'organization_id'],\n\n // Custom actions calling better-auth's team endpoints. Generic CRUD is\n // suppressed (managedBy: 'better-auth'), so these are the canonical\n // entry points for create/update/delete.\n actions: [\n {\n // Better-auth: `organization/create-team { name, organizationId? }`.\n // organizationId defaults to the caller's active org when omitted.\n name: 'create_team',\n label: 'Create Team',\n icon: 'plus',\n variant: 'primary',\n locations: ['list_toolbar'],\n type: 'api',\n target: '/api/v1/auth/organization/create-team',\n successMessage: 'Team created',\n refreshAfter: true,\n params: [\n { field: 'name', required: true },\n { name: 'organizationId', field: 'organization_id' },\n ],\n },\n {\n // Better-auth: `organization/update-team { teamId, data: { name } }`.\n // teamId stays flat (top-level); the user-editable params nest under\n // `data` via bodyShape.\n name: 'update_team',\n label: 'Edit Team',\n icon: 'pencil',\n mode: 'edit',\n locations: ['list_item'],\n type: 'api',\n target: '/api/v1/auth/organization/update-team',\n recordIdParam: 'teamId',\n bodyShape: { wrap: 'data' },\n successMessage: 'Team updated',\n refreshAfter: true,\n params: [\n { field: 'name', required: true, defaultFromRow: true },\n ],\n },\n {\n // Better-auth: `organization/remove-team { teamId, organizationId? }`.\n // organizationId defaults to the caller's active org when omitted.\n name: 'remove_team',\n label: 'Delete Team',\n icon: 'trash-2',\n variant: 'danger',\n mode: 'delete',\n locations: ['list_item'],\n type: 'api',\n target: '/api/v1/auth/organization/remove-team',\n recordIdParam: 'teamId',\n confirmText: 'Delete this team? Members will lose any team-scoped access. This cannot be undone.',\n successMessage: 'Team deleted',\n refreshAfter: true,\n },\n ],\n\n listViews: {\n by_org: {\n type: 'grid',\n name: 'by_org',\n label: 'By Organization',\n data: { provider: 'object', object: 'sys_team' },\n columns: ['organization_id', 'name', 'created_at', 'updated_at'],\n sort: [{ field: 'organization_id', order: 'asc' }, { field: 'name', order: 'asc' }],\n grouping: { fields: [{ field: 'organization_id', order: 'asc', collapsed: false }] },\n pagination: { pageSize: 100 },\n },\n all_teams: {\n type: 'grid',\n name: 'all_teams',\n label: 'All',\n data: { provider: 'object', object: 'sys_team' },\n columns: ['name', 'organization_id', 'created_at', 'updated_at'],\n sort: [{ field: 'name', order: 'asc' }],\n pagination: { pageSize: 50 },\n },\n },\n\n fields: {\n // ── Identity ─────────────────────────────────────────────────\n name: Field.text({\n label: 'Name',\n required: true,\n searchable: true,\n maxLength: 255,\n group: 'Identity',\n }),\n\n organization_id: Field.lookup('sys_organization', {\n label: 'Organization',\n required: true,\n description: 'Parent organization for this team',\n group: 'Identity',\n }),\n\n // ── System ───────────────────────────────────────────────────\n id: Field.text({\n label: 'Team ID',\n required: true,\n readonly: true,\n group: 'System',\n }),\n\n created_at: Field.datetime({\n label: 'Created At',\n defaultValue: 'NOW()',\n readonly: true,\n group: 'System',\n }),\n\n updated_at: Field.datetime({\n label: 'Updated At',\n defaultValue: 'NOW()',\n readonly: true,\n group: 'System',\n }),\n },\n\n indexes: [\n { fields: ['organization_id'] },\n { fields: ['name', 'organization_id'], unique: true },\n ],\n\n enable: {\n trackHistory: true,\n searchable: true,\n apiEnabled: true,\n apiMethods: ['get', 'list', 'create', 'update', 'delete'],\n trash: true,\n mru: false,\n },\n});\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { ObjectSchema, Field } from '@objectstack/spec/data';\n\n/**\n * sys_team_member — System Team Member Object\n *\n * Links users to teams within organizations.\n * Backed by better-auth's organization plugin (teams feature).\n *\n * @namespace sys\n */\nexport const SysTeamMember = ObjectSchema.create({\n name: 'sys_team_member',\n label: 'Team Member',\n pluralLabel: 'Team Members',\n icon: 'user-plus',\n isSystem: true,\n managedBy: 'better-auth',\n // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,\n // but may add overlay row-level config. Use `no-overlay` if you need to\n // forbid sys_metadata overlays entirely.\n protection: {\n lock: 'full',\n reason: 'Identity table managed by better-auth — see ADR-0010.',\n docsUrl: 'https://docs.objectstack.ai/adr/0010-metadata-protection',\n },\n description: 'Team membership records linking users to teams',\n titleFormat: '{user_id} in {team_id}',\n compactLayout: ['user_id', 'team_id', 'created_at'],\n\n // Custom actions calling better-auth's team-member endpoints. Generic\n // CRUD is suppressed (managedBy: 'better-auth') so these are the\n // canonical add/remove entry points.\n actions: [\n {\n // Better-auth: `organization/add-team-member { teamId, userId }`.\n name: 'add_team_member',\n label: 'Add Member',\n icon: 'user-plus',\n variant: 'primary',\n locations: ['list_toolbar'],\n type: 'api',\n target: '/api/v1/auth/organization/add-team-member',\n successMessage: 'Team member added',\n refreshAfter: true,\n params: [\n { name: 'teamId', field: 'team_id', required: true },\n { name: 'userId', field: 'user_id', required: true },\n ],\n },\n {\n // Better-auth: `organization/remove-team-member { teamId, userId }`.\n // The endpoint identifies the membership by the (teamId, userId)\n // pair rather than the join-row id, so we pull both from the row\n // via `defaultFromRow` instead of using `recordIdParam`.\n name: 'remove_team_member',\n label: 'Remove from Team',\n icon: 'user-minus',\n variant: 'danger',\n mode: 'delete',\n locations: ['list_item'],\n type: 'api',\n target: '/api/v1/auth/organization/remove-team-member',\n confirmText: 'Remove this user from the team? They will lose any team-scoped access.',\n successMessage: 'Team member removed',\n refreshAfter: true,\n params: [\n { name: 'teamId', field: 'team_id', required: true, defaultFromRow: true },\n { name: 'userId', field: 'user_id', required: true, defaultFromRow: true },\n ],\n },\n ],\n\n fields: {\n id: Field.text({\n label: 'Team Member ID',\n required: true,\n readonly: true,\n }),\n \n created_at: Field.datetime({\n label: 'Created At',\n defaultValue: 'NOW()',\n readonly: true,\n }),\n \n team_id: Field.lookup('sys_team', {\n label: 'Team',\n required: true,\n }),\n \n user_id: Field.lookup('sys_user', {\n label: 'User',\n required: true,\n }),\n },\n \n indexes: [\n { fields: ['team_id', 'user_id'], unique: true },\n { fields: ['user_id'] },\n ],\n \n enable: {\n trackHistory: true,\n searchable: false,\n apiEnabled: true,\n apiMethods: ['get', 'list', 'create', 'delete'],\n trash: false,\n mru: false,\n },\n});\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { ObjectSchema, Field } from '@objectstack/spec/data';\n\n/**\n * sys_department — Enterprise Org-Skeleton Node\n *\n * The persistent, hierarchical org chart node. **This is distinct from\n * `sys_team`** (which is the flat better-auth collaboration grouping).\n *\n * A single tenant typically has one `kind='company'` root, then nested\n * `division` / `department` / `team` / `office` nodes underneath. The\n * `kind` enum is purely a display/categorisation hint — the recursive\n * structure works identically regardless of value.\n *\n * Drives:\n * - `recipient_type='department'` sharing rules\n * - `dept:` approver prefix in the approval engine\n * - Report rollups and manager chains in CRM/PM apps\n *\n * @namespace sys\n */\nexport const SysDepartment = ObjectSchema.create({\n name: 'sys_department',\n label: 'Department',\n pluralLabel: 'Departments',\n icon: 'building',\n isSystem: true,\n managedBy: 'platform',\n description: 'Hierarchical org-skeleton node (department / division / business unit / office).',\n displayNameField: 'name',\n titleFormat: '{name}',\n compactLayout: ['name', 'kind', 'parent_department_id', 'manager_user_id'],\n\n listViews: {\n active: {\n type: 'grid',\n name: 'active',\n label: 'Active',\n data: { provider: 'object', object: 'sys_department' },\n columns: ['name', 'code', 'kind', 'parent_department_id', 'manager_user_id', 'effective_from'],\n filter: [{ field: 'active', operator: 'equals', value: true }],\n sort: [{ field: 'name', order: 'asc' }],\n pagination: { pageSize: 100 },\n },\n inactive: {\n type: 'grid',\n name: 'inactive',\n label: 'Inactive',\n data: { provider: 'object', object: 'sys_department' },\n columns: ['name', 'code', 'kind', 'effective_to'],\n filter: [{ field: 'active', operator: 'equals', value: false }],\n sort: [{ field: 'effective_to', order: 'desc' }],\n pagination: { pageSize: 50 },\n },\n by_kind: {\n type: 'grid',\n name: 'by_kind',\n label: 'By Kind',\n data: { provider: 'object', object: 'sys_department' },\n columns: ['kind', 'name', 'code', 'parent_department_id', 'manager_user_id', 'active'],\n sort: [{ field: 'kind', order: 'asc' }, { field: 'name', order: 'asc' }],\n grouping: { fields: [{ field: 'kind', order: 'asc', collapsed: false }] },\n pagination: { pageSize: 100 },\n },\n all_departments: {\n type: 'grid',\n name: 'all_departments',\n label: 'All',\n data: { provider: 'object', object: 'sys_department' },\n columns: ['name', 'code', 'kind', 'parent_department_id', 'manager_user_id', 'active'],\n sort: [{ field: 'name', order: 'asc' }],\n pagination: { pageSize: 100 },\n },\n },\n\n fields: {\n // ── Identity ─────────────────────────────────────────────────\n name: Field.text({\n label: 'Name',\n required: true,\n searchable: true,\n maxLength: 255,\n group: 'Identity',\n }),\n\n code: Field.text({\n label: 'Code',\n required: false,\n searchable: true,\n maxLength: 64,\n description: 'Short stable code (e.g. EMEA-SALES). Unique within tenant.',\n group: 'Identity',\n }),\n\n kind: Field.select(\n ['company', 'division', 'department', 'team', 'office', 'cost_center'],\n {\n label: 'Kind',\n required: true,\n defaultValue: 'department',\n description: 'Categorisation hint — does not change graph semantics.',\n group: 'Identity',\n },\n ),\n\n // ── Hierarchy ────────────────────────────────────────────────\n parent_department_id: Field.lookup('sys_department', {\n label: 'Parent Department',\n required: false,\n description: 'Self-reference for the org tree. Null = root of tenant.',\n group: 'Hierarchy',\n }),\n\n organization_id: Field.lookup('sys_organization', {\n label: 'Organization',\n required: true,\n description: 'Tenant scope.',\n group: 'Hierarchy',\n }),\n\n // ── Leadership ───────────────────────────────────────────────\n manager_user_id: Field.lookup('sys_user', {\n label: 'Department Head',\n required: false,\n description: 'User responsible for this org unit (department head / lead).',\n group: 'Leadership',\n }),\n\n // ── Lifecycle ────────────────────────────────────────────────\n active: Field.boolean({\n label: 'Active',\n required: false,\n defaultValue: true,\n description: 'When false, members are not expanded by graph queries.',\n group: 'Lifecycle',\n }),\n\n effective_from: Field.datetime({\n label: 'Effective From',\n required: false,\n description: 'When this department came into existence (HRIS sync).',\n group: 'Lifecycle',\n }),\n\n effective_to: Field.datetime({\n label: 'Effective To',\n required: false,\n description: 'When this department was retired (HRIS sync).',\n group: 'Lifecycle',\n }),\n\n external_ref: Field.text({\n label: 'External Reference',\n required: false,\n maxLength: 200,\n description: 'ID in upstream HRIS (Workday / SAP HR / 北森).',\n group: 'Lifecycle',\n }),\n\n // ── System ───────────────────────────────────────────────────\n id: Field.text({\n label: 'Department ID',\n required: true,\n readonly: true,\n group: 'System',\n }),\n\n created_at: Field.datetime({\n label: 'Created At',\n defaultValue: 'NOW()',\n readonly: true,\n group: 'System',\n }),\n\n updated_at: Field.datetime({\n label: 'Updated At',\n defaultValue: 'NOW()',\n readonly: true,\n group: 'System',\n }),\n },\n\n indexes: [\n { fields: ['organization_id'] },\n { fields: ['parent_department_id'] },\n { fields: ['code', 'organization_id'], unique: true },\n { fields: ['active'] },\n ],\n\n enable: {\n trackHistory: true,\n searchable: true,\n apiEnabled: true,\n apiMethods: ['get', 'list', 'create', 'update', 'delete'],\n trash: true,\n mru: false,\n },\n});\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { ObjectSchema, Field } from '@objectstack/spec/data';\n\n/**\n * sys_department_member — User ↔ Department Assignment\n *\n * Many-to-many between `sys_user` and `sys_department`. A user can belong\n * to multiple departments (matrix orgs) but exactly one is marked\n * `is_primary` to drive the default reporting view.\n *\n * Effective-dated so that historical reports & audits can reconstruct\n * who reported to which unit at any point in time.\n *\n * @namespace sys\n */\nexport const SysDepartmentMember = ObjectSchema.create({\n name: 'sys_department_member',\n label: 'Department Member',\n pluralLabel: 'Department Members',\n icon: 'user-cog',\n isSystem: true,\n managedBy: 'platform',\n description: 'User assignment to a department (matrix-org friendly, effective-dated).',\n titleFormat: '{user_id} in {department_id}',\n compactLayout: ['user_id', 'department_id', 'role_in_department', 'is_primary'],\n\n fields: {\n id: Field.text({\n label: 'Member ID',\n required: true,\n readonly: true,\n group: 'System',\n }),\n\n department_id: Field.lookup('sys_department', {\n label: 'Department',\n required: true,\n group: 'Assignment',\n }),\n\n user_id: Field.lookup('sys_user', {\n label: 'User',\n required: true,\n group: 'Assignment',\n }),\n\n role_in_department: Field.select(\n ['member', 'lead', 'deputy'],\n {\n label: 'Role in Department',\n required: false,\n defaultValue: 'member',\n description: '`lead` is the day-to-day head; `deputy` may stand in for the lead in approval routing.',\n group: 'Assignment',\n },\n ),\n\n is_primary: Field.boolean({\n label: 'Primary Assignment',\n required: false,\n defaultValue: true,\n description: 'When the user is in multiple departments, this marks the canonical one for reporting.',\n group: 'Assignment',\n }),\n\n effective_from: Field.datetime({\n label: 'Effective From',\n required: false,\n group: 'Lifecycle',\n }),\n\n effective_to: Field.datetime({\n label: 'Effective To',\n required: false,\n group: 'Lifecycle',\n }),\n\n created_at: Field.datetime({\n label: 'Created At',\n defaultValue: 'NOW()',\n readonly: true,\n group: 'System',\n }),\n\n updated_at: Field.datetime({\n label: 'Updated At',\n defaultValue: 'NOW()',\n readonly: true,\n group: 'System',\n }),\n },\n\n indexes: [\n { fields: ['department_id', 'user_id'], unique: true },\n { fields: ['user_id'] },\n { fields: ['is_primary'] },\n ],\n\n enable: {\n trackHistory: true,\n searchable: true,\n apiEnabled: true,\n apiMethods: ['get', 'list', 'create', 'update', 'delete'],\n trash: true,\n mru: false,\n },\n});\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { ObjectSchema, Field } from '@objectstack/spec/data';\n\n/**\n * sys_api_key — System API Key Object\n *\n * API keys for programmatic/machine access to the platform.\n *\n * Field `key` stores a hashed value and is marked hidden so it never\n * leaks into default list/form rendering; the raw token is only\n * returned once on creation via the auth plugin API.\n *\n * @namespace sys\n */\nexport const SysApiKey = ObjectSchema.create({\n name: 'sys_api_key',\n label: 'API Key',\n pluralLabel: 'API Keys',\n icon: 'key-round',\n isSystem: true,\n managedBy: 'better-auth',\n // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,\n // but may add overlay row-level config. Use `no-overlay` if you need to\n // forbid sys_metadata overlays entirely.\n protection: {\n lock: 'full',\n reason: 'Identity table managed by better-auth — see ADR-0010.',\n docsUrl: 'https://docs.objectstack.ai/adr/0010-metadata-protection',\n },\n description: 'API keys for programmatic access',\n displayNameField: 'name',\n titleFormat: '{name}',\n compactLayout: ['name', 'prefix', 'user_id', 'expires_at', 'revoked'],\n\n // Custom actions — sys_api_key is managed-by 'better-auth' but the\n // `revoked` boolean is a column we control via the data API. These row\n // actions use the generic PATCH /api/v1/sys_api_key/{id} endpoint with\n // `bodyExtra` to set the `revoked` flag explicitly.\n actions: [\n {\n name: 'revoke_api_key',\n label: 'Revoke API Key',\n icon: 'shield-off',\n variant: 'danger',\n mode: 'custom',\n locations: ['list_item'],\n type: 'api',\n method: 'PATCH',\n target: '/api/v1/data/sys_api_key/{id}',\n bodyExtra: { revoked: true },\n confirmText: 'Revoke this API key? Any clients using it will immediately lose access.',\n successMessage: 'API key revoked',\n refreshAfter: true,\n },\n {\n name: 'restore_api_key',\n label: 'Restore API Key',\n icon: 'shield-check',\n variant: 'secondary',\n mode: 'custom',\n locations: ['list_item'],\n type: 'api',\n method: 'PATCH',\n target: '/api/v1/data/sys_api_key/{id}',\n bodyExtra: { revoked: false },\n confirmText: 'Restore this revoked API key? Existing clients holding the key will regain access.',\n successMessage: 'API key restored',\n refreshAfter: true,\n },\n ],\n\n listViews: {\n mine: {\n type: 'grid',\n name: 'mine',\n label: 'My Keys',\n data: { provider: 'object', object: 'sys_api_key' },\n columns: ['name', 'prefix', 'expires_at', 'last_used_at', 'revoked'],\n filter: [\n { field: 'user_id', operator: 'equals', value: '{current_user_id}' },\n ],\n sort: [{ field: 'created_at', order: 'desc' }],\n pagination: { pageSize: 50 },\n },\n active: {\n type: 'grid',\n name: 'active',\n label: 'Active',\n data: { provider: 'object', object: 'sys_api_key' },\n columns: ['name', 'prefix', 'user_id', 'expires_at', 'last_used_at'],\n filter: [{ field: 'revoked', operator: 'equals', value: false }],\n sort: [{ field: 'last_used_at', order: 'desc' }],\n pagination: { pageSize: 50 },\n },\n revoked: {\n type: 'grid',\n name: 'revoked',\n label: 'Revoked',\n data: { provider: 'object', object: 'sys_api_key' },\n columns: ['name', 'prefix', 'user_id', 'expires_at', 'updated_at'],\n filter: [{ field: 'revoked', operator: 'equals', value: true }],\n sort: [{ field: 'updated_at', order: 'desc' }],\n pagination: { pageSize: 50 },\n },\n all_keys: {\n type: 'grid',\n name: 'all_keys',\n label: 'All',\n data: { provider: 'object', object: 'sys_api_key' },\n columns: ['name', 'prefix', 'user_id', 'expires_at', 'last_used_at', 'revoked'],\n sort: [{ field: 'created_at', order: 'desc' }],\n pagination: { pageSize: 50 },\n },\n },\n\n fields: {\n // ── Identity ─────────────────────────────────────────────────\n name: Field.text({\n label: 'Name',\n required: true,\n searchable: true,\n maxLength: 255,\n description: 'Human-readable label for the API key',\n group: 'Identity',\n }),\n\n prefix: Field.text({\n label: 'Prefix',\n required: false,\n maxLength: 16,\n description: 'Visible prefix for identifying the key (e.g., \"osk_\")',\n group: 'Identity',\n }),\n\n user_id: Field.lookup('sys_user', {\n label: 'Owner',\n required: true,\n description: 'User who owns this API key',\n group: 'Identity',\n }),\n\n // ── Access ───────────────────────────────────────────────────\n scopes: Field.textarea({\n label: 'Scopes',\n required: false,\n description: 'JSON array of permission scopes',\n group: 'Access',\n }),\n\n // ── Lifecycle ────────────────────────────────────────────────\n expires_at: Field.datetime({\n label: 'Expires At',\n required: false,\n group: 'Lifecycle',\n }),\n\n last_used_at: Field.datetime({\n label: 'Last Used At',\n required: false,\n readonly: true,\n description: 'Automatically updated on each API call',\n group: 'Lifecycle',\n }),\n\n revoked: Field.boolean({\n label: 'Revoked',\n defaultValue: false,\n group: 'Lifecycle',\n }),\n\n // ── Secret (hidden by default) ──────────────────────────────\n key: Field.text({\n label: 'Hashed Key',\n required: true,\n hidden: true,\n readonly: true,\n description: 'Hashed API key value — never exposed to clients',\n group: 'Secret',\n }),\n\n // ── System ───────────────────────────────────────────────────\n id: Field.text({\n label: 'API Key ID',\n required: true,\n readonly: true,\n group: 'System',\n }),\n\n created_at: Field.datetime({\n label: 'Created At',\n defaultValue: 'NOW()',\n readonly: true,\n group: 'System',\n }),\n\n updated_at: Field.datetime({\n label: 'Updated At',\n defaultValue: 'NOW()',\n readonly: true,\n group: 'System',\n }),\n },\n\n indexes: [\n { fields: ['key'], unique: true },\n { fields: ['user_id'] },\n { fields: ['prefix'] },\n { fields: ['revoked'] },\n ],\n\n enable: {\n trackHistory: true,\n searchable: false,\n apiEnabled: true,\n apiMethods: ['get', 'list', 'create', 'update', 'delete'],\n trash: false,\n mru: false,\n },\n});\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { ObjectSchema, Field } from '@objectstack/spec/data';\n\n/**\n * sys_two_factor — System Two-Factor Object\n *\n * Two-factor authentication credentials (TOTP, backup codes).\n * Backed by better-auth's two-factor plugin.\n *\n * @namespace sys\n */\nexport const SysTwoFactor = ObjectSchema.create({\n name: 'sys_two_factor',\n label: 'Two Factor',\n pluralLabel: 'Two Factor Credentials',\n icon: 'smartphone',\n isSystem: true,\n managedBy: 'better-auth',\n // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,\n // but may add overlay row-level config. Use `no-overlay` if you need to\n // forbid sys_metadata overlays entirely.\n protection: {\n lock: 'full',\n reason: 'Identity table managed by better-auth — see ADR-0010.',\n docsUrl: 'https://docs.objectstack.ai/adr/0010-metadata-protection',\n },\n description: 'Two-factor authentication credentials',\n titleFormat: 'Two-factor for {user_id}',\n compactLayout: ['user_id', 'created_at'],\n\n listViews: {\n mine: {\n type: 'grid',\n name: 'mine',\n label: 'My Enrollment',\n data: { provider: 'object', object: 'sys_two_factor' },\n columns: ['created_at', 'updated_at'],\n filter: [{ field: 'user_id', operator: 'equals', value: '{current_user_id}' }],\n sort: [{ field: 'created_at', order: 'desc' }],\n pagination: { pageSize: 50 },\n },\n all_enrollments: {\n type: 'grid',\n name: 'all_enrollments',\n label: 'All',\n data: { provider: 'object', object: 'sys_two_factor' },\n columns: ['user_id', 'created_at', 'updated_at'],\n sort: [{ field: 'created_at', order: 'desc' }],\n pagination: { pageSize: 50 },\n },\n },\n\n // Toolbar actions for self-service 2FA enrollment. Better-auth's\n // `/two-factor/enable` returns `{ totpURI, backupCodes }` — the user must\n // scan the URI into an authenticator app and save the backup codes NOW;\n // they are never recoverable afterward. The `resultDialog` field tells\n // the renderer to open a one-shot reveal dialog instead of toasting the\n // success message. Same shape used by `regenerate_backup_codes`.\n actions: [\n {\n name: 'enable_two_factor',\n label: 'Enable 2FA',\n icon: 'shield-check',\n variant: 'primary',\n locations: ['list_toolbar'],\n type: 'api',\n target: '/api/v1/auth/two-factor/enable',\n refreshAfter: true,\n params: [\n { name: 'password', label: 'Current Password', type: 'text', required: true },\n ],\n resultDialog: {\n title: 'Two-factor authentication enabled',\n description: 'Scan the QR code with your authenticator app, then save the backup codes somewhere safe. The backup codes are shown only once.',\n acknowledge: 'I have saved my backup codes',\n fields: [\n { path: 'totpURI', label: 'Authenticator URI', format: 'qrcode' },\n { path: 'backupCodes', label: 'Backup Codes', format: 'code-list' },\n ],\n },\n },\n {\n name: 'disable_two_factor',\n label: 'Disable 2FA',\n icon: 'shield-off',\n variant: 'danger',\n locations: ['list_toolbar'],\n type: 'api',\n target: '/api/v1/auth/two-factor/disable',\n confirmText: 'Disable two-factor authentication on your account?',\n successMessage: '2FA disabled',\n refreshAfter: true,\n params: [\n { name: 'password', label: 'Current Password', type: 'text', required: true },\n ],\n },\n {\n name: 'regenerate_backup_codes',\n label: 'Regenerate Backup Codes',\n icon: 'refresh-cw',\n variant: 'secondary',\n locations: ['list_toolbar', 'list_item'],\n type: 'api',\n target: '/api/v1/auth/two-factor/generate-backup-codes',\n confirmText: 'Regenerate backup codes? All previous backup codes will stop working immediately.',\n refreshAfter: true,\n params: [\n { name: 'password', label: 'Current Password', type: 'text', required: true },\n ],\n resultDialog: {\n title: 'New backup codes generated',\n description: 'Previous backup codes are now invalid. Save these new codes somewhere safe — they are shown only once.',\n acknowledge: 'I have saved the new codes',\n fields: [\n { path: 'backupCodes', label: 'Backup Codes', format: 'code-list' },\n ],\n },\n },\n ],\n\n \n fields: {\n id: Field.text({\n label: 'Two Factor ID',\n required: true,\n readonly: true,\n }),\n \n created_at: Field.datetime({\n label: 'Created At',\n defaultValue: 'NOW()',\n readonly: true,\n }),\n \n updated_at: Field.datetime({\n label: 'Updated At',\n defaultValue: 'NOW()',\n readonly: true,\n }),\n \n user_id: Field.lookup('sys_user', {\n label: 'User',\n required: true,\n }),\n \n secret: Field.text({\n label: 'Secret',\n required: true,\n description: 'TOTP secret key',\n }),\n \n backup_codes: Field.textarea({\n label: 'Backup Codes',\n required: false,\n description: 'JSON-serialized backup recovery codes',\n }),\n\n verified: Field.boolean({\n label: 'Verified',\n defaultValue: true,\n description: 'Whether the enrollment was confirmed with a valid TOTP code (managed by better-auth)',\n }),\n },\n \n indexes: [\n { fields: ['user_id'], unique: true },\n ],\n \n enable: {\n trackHistory: false,\n searchable: false,\n apiEnabled: true,\n apiMethods: ['get', 'create', 'update', 'delete'],\n trash: false,\n mru: false,\n },\n});\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { ObjectSchema, Field } from '@objectstack/spec/data';\n\n/**\n * sys_device_code — System Device Authorization Code Object\n *\n * Stores pending RFC 8628 OAuth Device Authorization Grant requests.\n * Backed by better-auth's `device-authorization` plugin (`deviceCode` model).\n *\n * Lifecycle:\n * 1. CLI calls `POST /device/code` → row inserted with status='pending'\n * 2. Browser visits `verification_uri_complete` and the signed-in user\n * calls `POST /device/approve` (or `/device/deny`) → status flips\n * 3. CLI's next `POST /device/token` poll either receives a session token\n * (status=approved) or one of the standard error codes\n * (`authorization_pending`, `slow_down`, `expired_token`,\n * `access_denied`). Approved rows are deleted on token issuance.\n *\n * @namespace sys\n */\nexport const SysDeviceCode = ObjectSchema.create({\n name: 'sys_device_code',\n label: 'Device Code',\n pluralLabel: 'Device Codes',\n icon: 'key-round',\n isSystem: true,\n managedBy: 'better-auth',\n // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,\n // but may add overlay row-level config. Use `no-overlay` if you need to\n // forbid sys_metadata overlays entirely.\n protection: {\n lock: 'full',\n reason: 'Identity table managed by better-auth — see ADR-0010.',\n docsUrl: 'https://docs.objectstack.ai/adr/0010-metadata-protection',\n },\n description: 'OAuth 2.0 Device Authorization Grant (RFC 8628) pending requests',\n titleFormat: '{user_code}',\n compactLayout: ['user_code', 'status', 'client_id', 'expires_at'],\n\n fields: {\n id: Field.text({\n label: 'Device Code ID',\n required: true,\n readonly: true,\n }),\n\n created_at: Field.datetime({\n label: 'Created At',\n defaultValue: 'NOW()',\n readonly: true,\n }),\n\n updated_at: Field.datetime({\n label: 'Updated At',\n defaultValue: 'NOW()',\n readonly: true,\n }),\n\n /** High-entropy token returned to the device (CLI). Polled at /device/token. */\n device_code: Field.text({\n label: 'Device Code',\n required: true,\n description: 'High-entropy token returned to the polling device',\n }),\n\n /** Human-readable short code displayed to the user (e.g. ABCD-EFGH). */\n user_code: Field.text({\n label: 'User Code',\n required: true,\n description: 'Short user-facing code (e.g. ABCD-EFGH)',\n }),\n\n /** Owning user — populated when the request is approved. */\n user_id: Field.lookup('sys_user', {\n label: 'User',\n required: false,\n description: 'User who approved the device authorization',\n }),\n\n expires_at: Field.datetime({\n label: 'Expires At',\n required: true,\n description: 'When the device & user codes are no longer valid',\n }),\n\n /** 'pending' | 'approved' | 'denied' */\n status: Field.text({\n label: 'Status',\n required: true,\n description: \"Current status: 'pending' | 'approved' | 'denied'\",\n }),\n\n last_polled_at: Field.datetime({\n label: 'Last Polled At',\n required: false,\n description: 'Timestamp of the most recent /device/token poll',\n }),\n\n polling_interval: Field.number({\n label: 'Polling Interval (ms)',\n required: false,\n description: 'Server-recommended minimum polling interval, in ms',\n }),\n\n client_id: Field.text({\n label: 'Client ID',\n required: false,\n description: 'OAuth client identifier of the requesting device',\n }),\n\n scope: Field.text({\n label: 'Scope',\n required: false,\n description: 'Space-separated OAuth scopes requested by the device',\n }),\n },\n\n indexes: [\n { fields: ['device_code'], unique: true },\n { fields: ['user_code'], unique: true },\n { fields: ['status'], unique: false },\n ],\n\n enable: {\n trackHistory: false,\n searchable: false,\n apiEnabled: true,\n apiMethods: ['get', 'create', 'update', 'delete'],\n trash: false,\n mru: false,\n },\n});\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { ObjectSchema, Field } from '@objectstack/spec/data';\n\n/**\n * sys_user_preference — System User Preference Object\n *\n * Per-user key-value preferences for storing UI state, settings, and personalization.\n * Supports the User Preferences layer in the Config Resolution hierarchy\n * (Runtime > User Preferences > Tenant > Env).\n *\n * Common use cases:\n * - UI preferences: theme, locale, timezone, sidebar state\n * - Feature flags: plugin.ai.auto_save, plugin.dev.debug_mode\n * - User-specific settings: default_view, notifications_enabled\n *\n * @namespace sys\n */\nexport const SysUserPreference = ObjectSchema.create({\n name: 'sys_user_preference',\n label: 'User Preference',\n pluralLabel: 'User Preferences',\n icon: 'settings',\n isSystem: true,\n // managedBy: 'system' — preferences are per-user state authored from\n // the user's own settings page, never created by an admin. The list\n // surface in Setup is a support/diagnostic view only.\n managedBy: 'system',\n description: 'Per-user key-value preferences (theme, locale, etc.)',\n titleFormat: '{key}',\n compactLayout: ['user_id', 'key'],\n\n listViews: {\n mine: {\n type: 'grid',\n name: 'mine',\n label: 'My Preferences',\n data: { provider: 'object', object: 'sys_user_preference' },\n columns: ['key', 'updated_at'],\n filter: [{ field: 'user_id', operator: 'equals', value: '{current_user_id}' }],\n sort: [{ field: 'key', order: 'asc' }],\n pagination: { pageSize: 100 },\n },\n by_user: {\n type: 'grid',\n name: 'by_user',\n label: 'By User',\n data: { provider: 'object', object: 'sys_user_preference' },\n columns: ['user_id', 'key', 'updated_at'],\n sort: [{ field: 'user_id', order: 'asc' }, { field: 'key', order: 'asc' }],\n grouping: { fields: [{ field: 'user_id', order: 'asc', collapsed: true }] },\n pagination: { pageSize: 200 },\n },\n all_preferences: {\n type: 'grid',\n name: 'all_preferences',\n label: 'All',\n data: { provider: 'object', object: 'sys_user_preference' },\n columns: ['user_id', 'key', 'created_at', 'updated_at'],\n sort: [{ field: 'updated_at', order: 'desc' }],\n pagination: { pageSize: 100 },\n },\n },\n\n fields: {\n id: Field.text({\n label: 'Preference ID',\n required: true,\n readonly: true,\n }),\n\n created_at: Field.datetime({\n label: 'Created At',\n defaultValue: 'NOW()',\n readonly: true,\n }),\n\n updated_at: Field.datetime({\n label: 'Updated At',\n defaultValue: 'NOW()',\n readonly: true,\n }),\n\n user_id: Field.lookup('sys_user', {\n label: 'User',\n required: true,\n description: 'Owner user of this preference',\n }),\n\n key: Field.text({\n label: 'Key',\n required: true,\n maxLength: 255,\n description: 'Preference key (e.g., theme, locale, plugin.ai.auto_save)',\n }),\n\n value: Field.json({\n label: 'Value',\n description: 'Preference value (any JSON-serializable type)',\n }),\n },\n\n indexes: [\n { fields: ['user_id', 'key'], unique: true },\n { fields: ['user_id'], unique: false },\n ],\n\n enable: {\n trackHistory: false,\n searchable: false,\n apiEnabled: true,\n apiMethods: ['get', 'list', 'create', 'update', 'delete'],\n trash: false,\n mru: false,\n },\n});\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { ObjectSchema, Field } from '@objectstack/spec/data';\n\n/**\n * sys_oauth_application — Registered OAuth/OIDC client application\n *\n * Backed by `@better-auth/oauth-provider`'s `oauthClient` model. Each row\n * represents an external application that has been registered to authenticate\n * users against this ObjectStack server (acting as an OpenID Connect IdP).\n *\n * The table name is preserved from the deprecated `oidc-provider` plugin\n * (which used the `oauthApplication` model name) so existing data remains\n * accessible. The new model exposes a richer set of OAuth 2.1 / OIDC\n * registration fields — see RFC 7591 (Dynamic Client Registration) and\n * RFC 8414 (Authorization Server Metadata).\n *\n * @namespace sys\n */\nexport const SysOauthApplication = ObjectSchema.create({\n name: 'sys_oauth_application',\n label: 'OAuth Application',\n pluralLabel: 'OAuth Applications',\n icon: 'key-round',\n isSystem: true,\n managedBy: 'better-auth',\n // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,\n // but may add overlay row-level config. Use `no-overlay` if you need to\n // forbid sys_metadata overlays entirely.\n protection: {\n lock: 'full',\n reason: 'Identity table managed by better-auth — see ADR-0010.',\n docsUrl: 'https://docs.objectstack.ai/adr/0010-metadata-protection',\n },\n description: 'Registered OAuth/OIDC client applications',\n displayNameField: 'name',\n titleFormat: '{name}',\n compactLayout: ['name', 'client_id', 'type', 'disabled'],\n\n // Custom actions — all OAuth-application mutations are routed through\n // better-auth's `@better-auth/oauth-provider` endpoints (and a thin\n // ObjectStack-added auth route for the enable/disable toggle) rather\n // than the generic data layer, so server-side validation, secret\n // hashing, and audit hooks all run. The generic `delete` API method\n // is intentionally dropped from `apiMethods` below so the only delete\n // path is the better-auth wrapper.\n //\n // Upstream gap (better-auth 1.6.11): the stock `/admin/oauth2/update-client`\n // endpoint's Zod body schema does NOT accept the `disabled` flag, even\n // though the column exists and the runtime honours it. We bridge the\n // gap with `POST /api/v1/auth/admin/oauth2/toggle-disabled`, registered\n // by plugin-auth, which writes through better-auth's own adapter under\n // the auth namespace (no generic data-layer bypass). When upstream\n // ships `disabled` support, retarget the enable/disable actions and\n // delete the bridge route.\n actions: [\n {\n name: 'disable_oauth_application',\n label: 'Disable OAuth Application',\n icon: 'pause-circle',\n variant: 'secondary',\n mode: 'custom',\n locations: ['list_item', 'record_header'],\n type: 'api',\n method: 'POST',\n target: '/api/v1/auth/admin/oauth2/toggle-disabled',\n confirmText: 'Disable this OAuth application? Active access/refresh tokens issued to it will continue to be rejected at the token, authorize, and introspect endpoints. Existing integrations will stop working immediately.',\n successMessage: 'OAuth application disabled',\n refreshAfter: true,\n visible: '!record.disabled',\n bodyExtra: { disabled: true },\n params: [\n { name: 'client_id', field: 'client_id', defaultFromRow: true, required: true },\n ],\n },\n {\n name: 'enable_oauth_application',\n label: 'Enable OAuth Application',\n icon: 'play-circle',\n variant: 'primary',\n mode: 'custom',\n locations: ['list_item', 'record_header'],\n type: 'api',\n method: 'POST',\n target: '/api/v1/auth/admin/oauth2/toggle-disabled',\n confirmText: 'Re-enable this OAuth application? Token issuance, authorization, and introspection will resume immediately.',\n successMessage: 'OAuth application enabled',\n refreshAfter: true,\n visible: 'record.disabled',\n bodyExtra: { disabled: false },\n params: [\n { name: 'client_id', field: 'client_id', defaultFromRow: true, required: true },\n ],\n },\n {\n name: 'create_oauth_application',\n label: 'Register OAuth Application',\n icon: 'plus-circle',\n variant: 'primary',\n mode: 'create',\n locations: ['list_toolbar'],\n type: 'api',\n method: 'POST',\n target: '/api/v1/auth/sys-oauth-application/register',\n refreshAfter: true,\n params: [\n { name: 'name', label: 'Application Name', type: 'text', required: true },\n { name: 'redirectURLs', label: 'Redirect URLs', type: 'textarea', required: true, helpText: 'One URL per line. Must use https:// in production.' },\n { name: 'type', label: 'Application Type', type: 'select', required: true, defaultValue: 'web', options: [\n { label: 'Web', value: 'web' },\n { label: 'Native', value: 'native' },\n { label: 'User-agent based', value: 'user-agent-based' },\n { label: 'Public', value: 'public' },\n ] },\n ],\n resultDialog: {\n title: 'OAuth application registered',\n description: 'Save the client_secret now — it is shown only once and cannot be recovered. You can rotate it later if it leaks.',\n acknowledge: 'I have saved the client secret',\n fields: [\n { path: 'client.client_id', label: 'Client ID', format: 'text' },\n { path: 'client.client_secret', label: 'Client Secret', format: 'secret' },\n ],\n },\n },\n {\n name: 'rotate_client_secret',\n label: 'Rotate Client Secret',\n icon: 'refresh-cw',\n variant: 'secondary',\n mode: 'custom',\n locations: ['list_item', 'record_header'],\n type: 'api',\n method: 'POST',\n target: '/api/v1/auth/oauth2/client/rotate-secret',\n confirmText: 'Rotate this OAuth client\\'s secret? The previous secret will stop working immediately and any integrations using it will break until they are updated with the new secret. The new secret is shown only once.',\n refreshAfter: true,\n params: [\n { name: 'client_id', field: 'client_id', defaultFromRow: true, required: true },\n ],\n resultDialog: {\n title: 'Client secret rotated',\n description: 'Save the new secret now — it is shown only once. Update every integration before the previous secret\\'s grace period ends.',\n acknowledge: 'I have updated my integrations',\n fields: [\n { path: 'client_secret', label: 'New Client Secret', format: 'secret' },\n ],\n },\n },\n {\n name: 'delete_oauth_application',\n label: 'Delete OAuth Application',\n icon: 'trash-2',\n variant: 'danger',\n mode: 'delete',\n locations: ['list_item', 'record_header'],\n type: 'api',\n method: 'POST',\n target: '/api/v1/auth/oauth2/delete-client',\n confirmText: 'Permanently delete this OAuth application? All issued tokens and consents will be invalidated and integrations using this client_id will stop working immediately. This cannot be undone.',\n successMessage: 'OAuth application deleted',\n refreshAfter: true,\n params: [\n { name: 'client_id', field: 'client_id', defaultFromRow: true, required: true },\n ],\n },\n ],\n\n listViews: {\n mine: {\n type: 'grid',\n name: 'mine',\n label: 'My Applications',\n data: { provider: 'object', object: 'sys_oauth_application' },\n columns: ['name', 'client_id', 'type', 'disabled', 'created_at'],\n // Self-service Account view — scope to the signed-in user's own\n // registrations so they don't see other developers' apps. Admins\n // get the unfiltered `active` / `disabled_apps` / `all_apps` views\n // via the Setup → OAuth Applications nav.\n filter: [{ field: 'user_id', operator: 'equals', value: '{current_user_id}' }],\n sort: [{ field: 'created_at', order: 'desc' }],\n pagination: { pageSize: 50 },\n },\n active: {\n type: 'grid',\n name: 'active',\n label: 'Active',\n data: { provider: 'object', object: 'sys_oauth_application' },\n columns: ['name', 'client_id', 'type', 'updated_at'],\n filter: [{ field: 'disabled', operator: 'equals', value: false }],\n sort: [{ field: 'name', order: 'asc' }],\n pagination: { pageSize: 50 },\n },\n disabled_apps: {\n type: 'grid',\n name: 'disabled_apps',\n label: 'Disabled',\n data: { provider: 'object', object: 'sys_oauth_application' },\n columns: ['name', 'client_id', 'type', 'updated_at'],\n filter: [{ field: 'disabled', operator: 'equals', value: true }],\n sort: [{ field: 'updated_at', order: 'desc' }],\n pagination: { pageSize: 50 },\n },\n all_apps: {\n type: 'grid',\n name: 'all_apps',\n label: 'All',\n data: { provider: 'object', object: 'sys_oauth_application' },\n columns: ['name', 'client_id', 'type', 'disabled', 'created_at'],\n sort: [{ field: 'name', order: 'asc' }],\n pagination: { pageSize: 50 },\n },\n },\n\n fields: {\n // ── Identity ─────────────────────────────────────────────────\n id: Field.text({\n label: 'ID',\n required: true,\n readonly: true,\n group: 'System',\n }),\n\n name: Field.text({\n label: 'Name',\n required: false,\n searchable: true,\n maxLength: 255,\n group: 'Identity',\n }),\n\n icon: Field.url({\n label: 'Icon',\n required: false,\n description: 'Logo URL shown on the consent screen',\n group: 'Identity',\n }),\n\n uri: Field.url({\n label: 'Home URI',\n required: false,\n description: 'Public homepage of the registered client',\n group: 'Identity',\n }),\n\n contacts: Field.textarea({\n label: 'Contacts',\n required: false,\n description: 'JSON-serialized list of contact email addresses',\n group: 'Identity',\n }),\n\n tos: Field.url({\n label: 'Terms of Service',\n required: false,\n group: 'Identity',\n }),\n\n policy: Field.url({\n label: 'Privacy Policy',\n required: false,\n group: 'Identity',\n }),\n\n metadata: Field.textarea({\n label: 'Metadata',\n required: false,\n description: 'JSON-serialized application metadata',\n group: 'Identity',\n }),\n\n // ── OAuth Credentials ────────────────────────────────────────\n client_id: Field.text({\n label: 'Client ID',\n required: true,\n readonly: true,\n maxLength: 255,\n description: 'Public OAuth client identifier',\n group: 'Credentials',\n }),\n\n client_secret: Field.text({\n label: 'Client Secret',\n required: false,\n maxLength: 1024,\n description: 'OAuth client secret (hashed/encrypted at rest)',\n group: 'Credentials',\n }),\n\n redirect_uris: Field.textarea({\n label: 'Redirect URIs',\n required: true,\n description: 'JSON-serialized list of allowed redirect URIs',\n group: 'Credentials',\n }),\n\n post_logout_redirect_uris: Field.textarea({\n label: 'Post-logout Redirect URIs',\n required: false,\n description: 'JSON-serialized list of allowed post-logout redirect URIs',\n group: 'Credentials',\n }),\n\n type: Field.select(['web', 'native', 'user-agent-based', 'public'], {\n label: 'Client Type',\n required: false,\n defaultValue: 'web',\n group: 'Credentials',\n }),\n\n public: Field.boolean({\n label: 'Public Client',\n required: false,\n description: 'Marks the client as a public (non-confidential) OAuth client',\n group: 'Credentials',\n }),\n\n require_pkce: Field.boolean({\n label: 'Require PKCE',\n required: false,\n group: 'Credentials',\n }),\n\n token_endpoint_auth_method: Field.text({\n label: 'Token Endpoint Auth Method',\n required: false,\n maxLength: 64,\n description: 'e.g. client_secret_basic, client_secret_post, none',\n group: 'Credentials',\n }),\n\n grant_types: Field.textarea({\n label: 'Grant Types',\n required: false,\n description: 'JSON-serialized list of allowed grant types',\n group: 'Credentials',\n }),\n\n response_types: Field.textarea({\n label: 'Response Types',\n required: false,\n description: 'JSON-serialized list of allowed response types',\n group: 'Credentials',\n }),\n\n scopes: Field.textarea({\n label: 'Allowed Scopes',\n required: false,\n description: 'JSON-serialized list of scopes the client may request',\n group: 'Credentials',\n }),\n\n subject_type: Field.text({\n label: 'Subject Type',\n required: false,\n maxLength: 32,\n description: 'OIDC subject type (e.g. public, pairwise)',\n group: 'Credentials',\n }),\n\n // ── Behaviour flags ──────────────────────────────────────────\n disabled: Field.boolean({\n label: 'Disabled',\n required: false,\n defaultValue: false,\n group: 'Behaviour',\n }),\n\n skip_consent: Field.boolean({\n label: 'Skip Consent',\n required: false,\n description: 'Treat as a trusted client and bypass the consent screen',\n group: 'Behaviour',\n }),\n\n enable_end_session: Field.boolean({\n label: 'Enable End Session',\n required: false,\n description: 'Allow the client to call the OIDC end-session endpoint',\n group: 'Behaviour',\n }),\n\n // ── Software statement (RFC 7591 §2.3) ───────────────────────\n software_id: Field.text({\n label: 'Software ID',\n required: false,\n maxLength: 255,\n group: 'Software',\n }),\n\n software_version: Field.text({\n label: 'Software Version',\n required: false,\n maxLength: 64,\n group: 'Software',\n }),\n\n software_statement: Field.textarea({\n label: 'Software Statement',\n required: false,\n description: 'Signed JWT asserting the client metadata (RFC 7591 §2.3)',\n group: 'Software',\n }),\n\n // ── Ownership / system ───────────────────────────────────────\n user_id: Field.lookup('sys_user', {\n label: 'Owner User',\n required: false,\n description: 'User who registered this application',\n group: 'System',\n }),\n\n reference_id: Field.text({\n label: 'Reference ID',\n required: false,\n maxLength: 255,\n description: 'Caller-supplied correlation identifier',\n group: 'System',\n }),\n\n created_at: Field.datetime({\n label: 'Created At',\n defaultValue: 'NOW()',\n readonly: true,\n group: 'System',\n }),\n\n updated_at: Field.datetime({\n label: 'Updated At',\n defaultValue: 'NOW()',\n readonly: true,\n group: 'System',\n }),\n },\n\n indexes: [\n { fields: ['client_id'], unique: true },\n { fields: ['user_id'] },\n { fields: ['reference_id'] },\n ],\n\n enable: {\n trackHistory: true,\n searchable: true,\n apiEnabled: true,\n // All mutations (create/update/delete) must go through better-auth's\n // oauth-provider endpoints under /api/v1/auth/{admin/,}oauth2/* — the\n // generic data layer is read-only for this object so sysadmins cannot\n // bypass server-side OAuth validation. The Delete row action above is\n // wired to /api/v1/auth/oauth2/delete-client.\n apiMethods: ['get', 'list'],\n trash: false,\n mru: false,\n },\n});\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { ObjectSchema, Field } from '@objectstack/spec/data';\n\n/**\n * sys_oauth_access_token — Issued OAuth/OIDC opaque access token\n *\n * Backed by `@better-auth/oauth-provider`'s `oauthAccessToken` model. One\n * row per opaque access token issuance. Tokens are short-lived; expired\n * rows can be safely pruned.\n *\n * Refresh tokens have been split into a sibling table — see\n * {@link SysOauthRefreshToken}. The optional `refresh_id` column links an\n * access token back to the refresh-token row that minted it.\n *\n * @namespace sys\n */\nexport const SysOauthAccessToken = ObjectSchema.create({\n name: 'sys_oauth_access_token',\n label: 'OAuth Access Token',\n pluralLabel: 'OAuth Access Tokens',\n icon: 'ticket',\n isSystem: true,\n managedBy: 'better-auth',\n // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,\n // but may add overlay row-level config. Use `no-overlay` if you need to\n // forbid sys_metadata overlays entirely.\n protection: {\n lock: 'full',\n reason: 'Identity table managed by better-auth — see ADR-0010.',\n docsUrl: 'https://docs.objectstack.ai/adr/0010-metadata-protection',\n },\n description: 'Opaque OAuth access tokens issued to client applications',\n compactLayout: ['client_id', 'user_id', 'expires_at'],\n\n fields: {\n id: Field.text({\n label: 'ID',\n required: true,\n readonly: true,\n }),\n\n token: Field.text({\n label: 'Token',\n required: true,\n maxLength: 1024,\n description: 'Opaque access token value',\n }),\n\n client_id: Field.text({\n label: 'Client ID',\n required: true,\n description: 'Foreign key to sys_oauth_application.client_id',\n }),\n\n session_id: Field.lookup('sys_session', {\n label: 'Session',\n required: false,\n description: 'Foreign key to sys_session.id',\n }),\n\n user_id: Field.lookup('sys_user', {\n label: 'User',\n required: false,\n description: 'Foreign key to sys_user.id',\n }),\n\n refresh_id: Field.lookup('sys_oauth_refresh_token', {\n label: 'Refresh Token',\n required: false,\n description: 'Foreign key to sys_oauth_refresh_token.id',\n }),\n\n reference_id: Field.text({\n label: 'Reference ID',\n required: false,\n maxLength: 255,\n description: 'Caller-supplied correlation identifier',\n }),\n\n scopes: Field.textarea({\n label: 'Scopes',\n required: true,\n description: 'JSON-serialized list of scopes granted to this token',\n }),\n\n expires_at: Field.datetime({\n label: 'Expires At',\n required: true,\n }),\n\n created_at: Field.datetime({\n label: 'Created At',\n defaultValue: 'NOW()',\n readonly: true,\n }),\n },\n\n indexes: [\n { fields: ['token'], unique: true },\n { fields: ['client_id'] },\n { fields: ['session_id'] },\n { fields: ['user_id'] },\n { fields: ['refresh_id'] },\n ],\n\n enable: {\n trackHistory: false,\n searchable: false,\n apiEnabled: false,\n apiMethods: [],\n trash: false,\n mru: false,\n },\n});\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { ObjectSchema, Field } from '@objectstack/spec/data';\n\n/**\n * sys_oauth_refresh_token — Issued OAuth/OIDC refresh token\n *\n * Backed by `@better-auth/oauth-provider`'s `oauthRefreshToken` model.\n * Refresh tokens are issued for the `offline_access` scope and are bound\n * to a specific session (`session_id`) and client (`client_id`).\n *\n * Each access-token rotation produces a new refresh-token row; revoked\n * tokens are kept (with `revoked` set) for audit purposes until pruned.\n *\n * @namespace sys\n */\nexport const SysOauthRefreshToken = ObjectSchema.create({\n name: 'sys_oauth_refresh_token',\n label: 'OAuth Refresh Token',\n pluralLabel: 'OAuth Refresh Tokens',\n icon: 'refresh-cw',\n isSystem: true,\n managedBy: 'better-auth',\n // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,\n // but may add overlay row-level config. Use `no-overlay` if you need to\n // forbid sys_metadata overlays entirely.\n protection: {\n lock: 'full',\n reason: 'Identity table managed by better-auth — see ADR-0010.',\n docsUrl: 'https://docs.objectstack.ai/adr/0010-metadata-protection',\n },\n description: 'Opaque OAuth refresh tokens (linked to a session)',\n compactLayout: ['client_id', 'user_id', 'expires_at'],\n\n fields: {\n id: Field.text({\n label: 'ID',\n required: true,\n readonly: true,\n }),\n\n token: Field.text({\n label: 'Token',\n required: true,\n maxLength: 1024,\n description: 'Opaque refresh token value',\n }),\n\n client_id: Field.text({\n label: 'Client ID',\n required: true,\n description: 'Foreign key to sys_oauth_application.client_id',\n }),\n\n session_id: Field.lookup('sys_session', {\n label: 'Session',\n required: false,\n description: 'Foreign key to sys_session.id',\n }),\n\n user_id: Field.lookup('sys_user', {\n label: 'User',\n required: true,\n description: 'Foreign key to sys_user.id',\n }),\n\n reference_id: Field.text({\n label: 'Reference ID',\n required: false,\n maxLength: 255,\n description: 'Caller-supplied correlation identifier',\n }),\n\n scopes: Field.textarea({\n label: 'Scopes',\n required: true,\n description: 'JSON-serialized list of scopes granted to this token',\n }),\n\n expires_at: Field.datetime({\n label: 'Expires At',\n required: true,\n }),\n\n created_at: Field.datetime({\n label: 'Created At',\n defaultValue: 'NOW()',\n readonly: true,\n }),\n\n revoked: Field.datetime({\n label: 'Revoked At',\n required: false,\n description: 'Timestamp at which this refresh token was revoked',\n }),\n\n auth_time: Field.datetime({\n label: 'Auth Time',\n required: false,\n description: 'When the user originally authenticated for this token chain',\n }),\n },\n\n indexes: [\n { fields: ['token'], unique: true },\n { fields: ['client_id'] },\n { fields: ['session_id'] },\n { fields: ['user_id'] },\n ],\n\n enable: {\n trackHistory: false,\n searchable: false,\n apiEnabled: false,\n apiMethods: [],\n trash: false,\n mru: false,\n },\n});\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { ObjectSchema, Field } from '@objectstack/spec/data';\n\n/**\n * sys_oauth_consent — Recorded user consent for an OAuth client + scopes\n *\n * Backed by `@better-auth/oauth-provider`'s `oauthConsent` model. When a\n * user consents to a client requesting a particular set of scopes, the\n * decision is persisted here so future authorization requests for the same\n * client+scopes can skip the consent screen.\n *\n * The presence of a row implies consent was given for the listed scopes —\n * the previous boolean `consent_given` flag was removed in the migration\n * from `better-auth/plugins/oidc-provider` to `@better-auth/oauth-provider`.\n *\n * @namespace sys\n */\nexport const SysOauthConsent = ObjectSchema.create({\n name: 'sys_oauth_consent',\n label: 'OAuth Consent',\n pluralLabel: 'OAuth Consents',\n icon: 'shield-check',\n isSystem: true,\n managedBy: 'better-auth',\n // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,\n // but may add overlay row-level config. Use `no-overlay` if you need to\n // forbid sys_metadata overlays entirely.\n protection: {\n lock: 'full',\n reason: 'Identity table managed by better-auth — see ADR-0010.',\n docsUrl: 'https://docs.objectstack.ai/adr/0010-metadata-protection',\n },\n description: 'User consent records for OAuth client applications',\n compactLayout: ['client_id', 'user_id', 'scopes'],\n\n fields: {\n id: Field.text({\n label: 'ID',\n required: true,\n readonly: true,\n }),\n\n client_id: Field.text({\n label: 'Client ID',\n required: true,\n description: 'Foreign key to sys_oauth_application.client_id',\n }),\n\n user_id: Field.lookup('sys_user', {\n label: 'User',\n required: false,\n description: 'Foreign key to sys_user.id',\n }),\n\n reference_id: Field.text({\n label: 'Reference ID',\n required: false,\n maxLength: 255,\n description: 'Caller-supplied correlation identifier',\n }),\n\n scopes: Field.textarea({\n label: 'Scopes',\n required: true,\n description: 'JSON-serialized list of scopes the user consented to',\n }),\n\n created_at: Field.datetime({\n label: 'Created At',\n defaultValue: 'NOW()',\n readonly: true,\n }),\n\n updated_at: Field.datetime({\n label: 'Updated At',\n defaultValue: 'NOW()',\n readonly: true,\n }),\n },\n\n indexes: [\n { fields: ['client_id'] },\n { fields: ['user_id'] },\n ],\n\n enable: {\n trackHistory: false,\n searchable: false,\n apiEnabled: false,\n apiMethods: [],\n trash: false,\n mru: false,\n },\n});\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { ObjectSchema, Field } from '@objectstack/spec/data';\n\n/**\n * sys_jwks — JWKS (JSON Web Key Set) key pair store\n *\n * Backed by better-auth's `jwt` plugin. Each row is a single asymmetric\n * key pair used to sign and verify JWTs (id_tokens, JWT access tokens)\n * issued by this ObjectStack server when it acts as an OAuth/OIDC IdP.\n *\n * The plugin rotates keys automatically — older rows are kept until\n * `expires_at` so existing tokens can still be verified.\n *\n * @namespace sys\n */\nexport const SysJwks = ObjectSchema.create({\n name: 'sys_jwks',\n label: 'JWKS Key',\n pluralLabel: 'JWKS Keys',\n icon: 'key',\n isSystem: true,\n managedBy: 'better-auth',\n // ADR-0010 §3.7 — managed by better-auth; tenants may not edit schema,\n // but may add overlay row-level config. Use `no-overlay` if you need to\n // forbid sys_metadata overlays entirely.\n protection: {\n lock: 'full',\n reason: 'Identity table managed by better-auth — see ADR-0010.',\n docsUrl: 'https://docs.objectstack.ai/adr/0010-metadata-protection',\n },\n description: 'Asymmetric key pairs used to sign and verify issued JWTs',\n compactLayout: ['id', 'created_at', 'expires_at'],\n\n fields: {\n id: Field.text({\n label: 'Key ID',\n required: true,\n readonly: true,\n description: 'JWK `kid` value',\n }),\n\n public_key: Field.textarea({\n label: 'Public Key',\n required: true,\n description: 'JSON-serialized JWK public key',\n }),\n\n private_key: Field.textarea({\n label: 'Private Key',\n required: true,\n description: 'JSON-serialized JWK private key (encrypted at rest)',\n }),\n\n created_at: Field.datetime({\n label: 'Created At',\n required: true,\n defaultValue: 'NOW()',\n readonly: true,\n }),\n\n expires_at: Field.datetime({\n label: 'Expires At',\n required: false,\n description: 'When the key may no longer be used to verify tokens',\n }),\n },\n\n enable: {\n trackHistory: false,\n searchable: false,\n apiEnabled: false,\n apiMethods: [],\n trash: false,\n mru: false,\n },\n});\n"]}