@open-mercato/core 0.4.2-canary-d0a025141f → 0.4.2-canary-3efa759f5c

package/dist/modules/business_rules/lib/rule-engine.js.map

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../src/modules/business_rules/lib/rule-engine.ts"],
-  "sourcesContent": ["import type { EntityManager } from '@mikro-orm/core'\nimport { BusinessRule, RuleExecutionLog, type RuleType } from '../data/entities'\nimport * as ruleEvaluator from './rule-evaluator'\nimport * as actionExecutor from './action-executor'\nimport type { RuleEvaluationContext } from './rule-evaluator'\nimport type { ActionContext, ActionExecutionOutcome } from './action-executor'\nimport { ruleEngineContextSchema, ruleDiscoveryOptionsSchema, directRuleExecutionContextSchema, ruleIdExecutionContextSchema } from '../data/validators'\n\n/**\n * Constants\n */\nconst DEFAULT_ENTITY_ID = 'unknown'\nconst RULE_TYPE_GUARD = 'GUARD'\nconst EXECUTION_RESULT_ERROR = 'ERROR'\nconst EXECUTION_RESULT_SUCCESS = 'SUCCESS'\nconst EXECUTION_RESULT_FAILURE = 'FAILURE'\n\n/**\n * Execution limits\n */\nconst MAX_RULES_PER_EXECUTION = 100\nconst MAX_SINGLE_RULE_TIMEOUT_MS = 30000  // 30 seconds\nconst MAX_TOTAL_EXECUTION_TIMEOUT_MS = 60000  // 60 seconds\n\n/**\n * Rule execution context\n */\nexport interface RuleEngineContext {\n  entityType: string\n  entityId?: string\n  eventType?: string\n  data: any\n  user?: {\n    id?: string\n    email?: string\n    role?: string\n    [key: string]: any\n  }\n  tenant?: {\n    id?: string\n    [key: string]: any\n  }\n  organization?: {\n    id?: string\n    [key: string]: any\n  }\n  tenantId: string\n  organizationId: string\n  executedBy?: string\n  dryRun?: boolean\n  [key: string]: any\n}\n\n/**\n * Single rule execution result\n */\nexport interface RuleExecutionResult {\n  rule: BusinessRule\n  conditionResult: boolean\n  actionsExecuted: ActionExecutionOutcome | null\n  executionTime: number\n  error?: string\n  logId?: string  // Database log ID (if logged)\n}\n\n/**\n * Overall rule engine result\n */\nexport interface RuleEngineResult {\n  allowed: boolean\n  executedRules: RuleExecutionResult[]\n  totalExecutionTime: number\n  errors?: string[]\n  logIds?: string[]\n}\n\n/**\n * Rule discovery options\n */\nexport interface RuleDiscoveryOptions {\n  entityType: string\n  eventType?: string\n  tenantId: string\n  organizationId: string\n  ruleType?: RuleType\n}\n\n/**\n * Direct rule execution context (for executing a specific rule by ID)\n */\nexport interface DirectRuleExecutionContext {\n  ruleId: string  // Database UUID of the rule\n  data: any\n  user?: {\n    id?: string\n    email?: string\n    role?: string\n    [key: string]: any\n  }\n  tenantId: string\n  organizationId: string\n  executedBy?: string\n  dryRun?: boolean\n  // Optional for logging (falls back to rule's entityType)\n  entityType?: string\n  entityId?: string\n  eventType?: string\n}\n\n/**\n * Direct rule execution result\n */\nexport interface DirectRuleExecutionResult {\n  success: boolean\n  ruleId: string\n  ruleName: string\n  conditionResult: boolean\n  actionsExecuted: ActionExecutionOutcome | null\n  executionTime: number\n  error?: string\n  logId?: string\n}\n\n/**\n * Context for executing a rule by its string rule_id identifier\n * Unlike DirectRuleExecutionContext which uses database UUID,\n * this uses the string identifier (e.g., \"workflow_checkout_inventory_available\")\n */\nexport interface RuleIdExecutionContext {\n  ruleId: string  // String identifier (e.g., \"workflow_checkout_inventory_available\")\n  data: any\n  user?: {\n    id?: string\n    email?: string\n    role?: string\n    [key: string]: any\n  }\n  tenantId: string\n  organizationId: string\n  executedBy?: string\n  dryRun?: boolean\n  entityType?: string\n  entityId?: string\n  eventType?: string\n}\n\n/**\n * Execute a function with a timeout\n */\nasync function withTimeout<T>(\n  promise: Promise<T>,\n  timeoutMs: number,\n  errorMessage: string\n): Promise<T> {\n  let timeoutId: NodeJS.Timeout\n\n  const timeoutPromise = new Promise<never>((_, reject) => {\n    timeoutId = setTimeout(() => {\n      reject(new Error(`${errorMessage} (timeout: ${timeoutMs}ms)`))\n    }, timeoutMs)\n  })\n\n  try {\n    return await Promise.race([promise, timeoutPromise])\n  } finally {\n    clearTimeout(timeoutId!)\n  }\n}\n\n/**\n * Execute all applicable rules for the given context\n */\nexport async function executeRules(\n  em: EntityManager,\n  context: RuleEngineContext\n): Promise<RuleEngineResult> {\n  // Validate input\n  const validation = ruleEngineContextSchema.safeParse(context)\n  if (!validation.success) {\n    const validationErrors = validation.error.issues.map(e => `${e.path.join('.')}: ${e.message}`)\n    return {\n      allowed: false,\n      executedRules: [],\n      totalExecutionTime: 0,\n      errors: validationErrors,\n    }\n  }\n\n  const startTime = Date.now()\n  const executedRules: RuleExecutionResult[] = []\n  const errors: string[] = []\n  const logIds: string[] = []\n\n  try {\n    // Discover applicable rules\n    const rules = await findApplicableRules(em, {\n      entityType: context.entityType,\n      eventType: context.eventType,\n      tenantId: context.tenantId,\n      organizationId: context.organizationId,\n    })\n\n    // Check rule count limit\n    if (rules.length > MAX_RULES_PER_EXECUTION) {\n      errors.push(\n        `Rule count limit exceeded: ${rules.length} rules found, maximum is ${MAX_RULES_PER_EXECUTION}`\n      )\n      return {\n        allowed: false,\n        executedRules: [],\n        totalExecutionTime: Date.now() - startTime,\n        errors,\n      }\n    }\n\n    // Rules already sorted by database query (priority DESC, ruleId ASC)\n    // Execute each rule with total timeout\n    const executionPromise = (async () => {\n      for (const rule of rules) {\n      try {\n        const ruleResult = await executeSingleRule(em, rule, context)\n        executedRules.push(ruleResult)\n\n        if (ruleResult.logId) {\n          logIds.push(ruleResult.logId)\n        }\n\n        if (ruleResult.error) {\n          errors.push(\n            `Rule execution failed [ruleId=${rule.ruleId}, type=${rule.ruleType}, entityType=${context.entityType}]: ${ruleResult.error}`\n          )\n        }\n      } catch (error) {\n        const errorMessage = error instanceof Error ? error.message : String(error)\n        errors.push(\n          `Unexpected error in rule execution [ruleId=${rule.ruleId}, type=${rule.ruleType}]: ${errorMessage}`\n        )\n\n        executedRules.push({\n          rule,\n          conditionResult: false,\n          actionsExecuted: null,\n          executionTime: 0,\n          error: errorMessage,\n        })\n      }\n      }\n    })()\n\n    // Execute with timeout\n    await withTimeout(\n      executionPromise,\n      MAX_TOTAL_EXECUTION_TIMEOUT_MS,\n      `Total rule execution timeout [entityType=${context.entityType}]`\n    )\n\n    // Determine overall allowed status\n    // For GUARD rules: all must pass for operation to be allowed\n    const guardRules = executedRules.filter((r) => r.rule.ruleType === RULE_TYPE_GUARD)\n    const allowed = guardRules.length === 0 || guardRules.every((r) => r.conditionResult)\n\n    const totalExecutionTime = Date.now() - startTime\n\n    return {\n      allowed,\n      executedRules,\n      totalExecutionTime,\n      errors: errors.length > 0 ? errors : undefined,\n      logIds: logIds.length > 0 ? logIds : undefined,\n    }\n  } catch (error) {\n    const errorMessage = error instanceof Error ? error.message : String(error)\n    const stack = error instanceof Error ? error.stack : undefined\n    errors.push(\n      `Critical rule engine error [entityType=${context.entityType}, entityId=${context.entityId || 'unknown'}]: ${errorMessage}${stack ? `\\nStack: ${stack}` : ''}`\n    )\n\n    const totalExecutionTime = Date.now() - startTime\n\n    return {\n      allowed: false,\n      executedRules,\n      totalExecutionTime,\n      errors,\n    }\n  }\n}\n\n/**\n * Execute a single rule\n */\nexport async function executeSingleRule(\n  em: EntityManager,\n  rule: BusinessRule,\n  context: RuleEngineContext\n): Promise<RuleExecutionResult> {\n  const startTime = Date.now()\n\n  try {\n    // Wrap execution in timeout\n    const executeWithTimeout = async () => {\n      // Build evaluation context\n      const evalContext: RuleEvaluationContext = {\n        entityType: context.entityType,\n        entityId: context.entityId,\n        eventType: context.eventType,\n        user: context.user,\n        tenant: context.tenant,\n        organization: context.organization,\n      }\n\n      // Evaluate rule conditions\n      const result = await ruleEvaluator.evaluateSingleRule(rule, context.data, evalContext)\n\n      // Check if evaluation completed (not just if conditions passed)\n      if (!result.evaluationCompleted) {\n        const executionTime = Date.now() - startTime\n\n        let logId: string | undefined\n\n        // Log failure if not dry run\n        if (!context.dryRun) {\n          logId = await logRuleExecution(em, {\n            rule,\n            context,\n            conditionResult: false,\n            actionsExecuted: null,\n            executionTime,\n            error: result.error,\n          })\n        }\n\n        return {\n          rule,\n          conditionResult: false,\n          actionsExecuted: null,\n          executionTime,\n          error: result.error,\n          logId,\n        }\n      }\n\n      // Evaluation completed successfully - determine which actions to execute\n      const actions = result.conditionsPassed ? rule.successActions : rule.failureActions\n\n      let actionsExecuted: ActionExecutionOutcome | null = null\n\n      if (actions && Array.isArray(actions) && actions.length > 0) {\n        // Build action context\n        const actionContext: ActionContext = {\n          ...evalContext,\n          data: context.data,\n          ruleId: rule.ruleId,\n          ruleName: rule.ruleName,\n        }\n\n        // Execute actions\n        actionsExecuted = await actionExecutor.executeActions(actions, actionContext)\n      }\n\n      const executionTime = Date.now() - startTime\n\n      let logId: string | undefined\n\n      // Log execution if not dry run\n      if (!context.dryRun) {\n        logId = await logRuleExecution(em, {\n          rule,\n          context,\n          conditionResult: result.conditionsPassed,\n          actionsExecuted,\n          executionTime,\n        })\n      }\n\n      return {\n        rule,\n        conditionResult: result.conditionsPassed,\n        actionsExecuted,\n        executionTime,\n        logId,\n      }\n    }\n\n    // Execute with single rule timeout\n    return await withTimeout(\n      executeWithTimeout(),\n      MAX_SINGLE_RULE_TIMEOUT_MS,\n      `Single rule execution timeout [ruleId=${rule.ruleId}]`\n    )\n  } catch (error) {\n    const executionTime = Date.now() - startTime\n    const errorMessage = error instanceof Error ? error.message : String(error)\n    const enhancedError = `Failed to execute rule [ruleId=${rule.ruleId}, entityType=${context.entityType}]: ${errorMessage}`\n\n    let logId: string | undefined\n\n    // Log error if not dry run\n    if (!context.dryRun) {\n      logId = await logRuleExecution(em, {\n        rule,\n        context,\n        conditionResult: false,\n        actionsExecuted: null,\n        executionTime,\n        error: enhancedError,\n      })\n    }\n\n    return {\n      rule,\n      conditionResult: false,\n      actionsExecuted: null,\n      executionTime,\n      error: enhancedError,\n      logId,\n    }\n  }\n}\n\n/**\n * Find all applicable rules for the given criteria\n */\nexport async function findApplicableRules(\n  em: EntityManager,\n  options: RuleDiscoveryOptions\n): Promise<BusinessRule[]> {\n  // Validate input\n  ruleDiscoveryOptionsSchema.parse(options)\n\n  const { entityType, eventType, tenantId, organizationId, ruleType } = options\n\n  const where: Partial<BusinessRule> = {\n    entityType,\n    tenantId,\n    organizationId,\n    enabled: true,\n    deletedAt: null,\n  }\n\n  if (eventType) {\n    where.eventType = eventType\n  }\n\n  if (ruleType) {\n    where.ruleType = ruleType\n  }\n\n  const rules = await em.find(BusinessRule, where, {\n    orderBy: { priority: 'DESC', ruleId: 'ASC' },\n  })\n\n  // Filter by effective date range\n  const now = new Date()\n  return rules.filter((rule) => {\n    if (rule.effectiveFrom && rule.effectiveFrom > now) {\n      return false\n    }\n    if (rule.effectiveTo && rule.effectiveTo < now) {\n      return false\n    }\n    return true\n  })\n}\n\n/**\n * Execute a specific rule by its database UUID\n * This bypasses the entityType/eventType discovery mechanism and directly executes the rule\n */\nexport async function executeRuleById(\n  em: EntityManager,\n  context: DirectRuleExecutionContext\n): Promise<DirectRuleExecutionResult> {\n  const startTime = Date.now()\n\n  // Validate input\n  const validation = directRuleExecutionContextSchema.safeParse(context)\n  if (!validation.success) {\n    const validationErrors = validation.error.issues.map(e => `${e.path.join('.')}: ${e.message}`)\n    return {\n      success: false,\n      ruleId: context.ruleId,\n      ruleName: 'Unknown',\n      conditionResult: false,\n      actionsExecuted: null,\n      executionTime: Date.now() - startTime,\n      error: `Validation failed: ${validationErrors.join(', ')}`,\n    }\n  }\n\n  // Fetch rule by ID with tenant/org validation\n  const rule = await em.findOne(BusinessRule, {\n    id: context.ruleId,\n    tenantId: context.tenantId,\n    organizationId: context.organizationId,\n    deletedAt: null,\n  })\n\n  if (!rule) {\n    return {\n      success: false,\n      ruleId: context.ruleId,\n      ruleName: 'Unknown',\n      conditionResult: false,\n      actionsExecuted: null,\n      executionTime: Date.now() - startTime,\n      error: 'Rule not found',\n    }\n  }\n\n  if (!rule.enabled) {\n    return {\n      success: false,\n      ruleId: rule.ruleId,\n      ruleName: rule.ruleName,\n      conditionResult: false,\n      actionsExecuted: null,\n      executionTime: Date.now() - startTime,\n      error: 'Rule is disabled',\n    }\n  }\n\n  // Check effective date range\n  const now = new Date()\n  if (rule.effectiveFrom && rule.effectiveFrom > now) {\n    return {\n      success: false,\n      ruleId: rule.ruleId,\n      ruleName: rule.ruleName,\n      conditionResult: false,\n      actionsExecuted: null,\n      executionTime: Date.now() - startTime,\n      error: `Rule is not yet effective (starts ${rule.effectiveFrom.toISOString()})`,\n    }\n  }\n  if (rule.effectiveTo && rule.effectiveTo < now) {\n    return {\n      success: false,\n      ruleId: rule.ruleId,\n      ruleName: rule.ruleName,\n      conditionResult: false,\n      actionsExecuted: null,\n      executionTime: Date.now() - startTime,\n      error: `Rule has expired (ended ${rule.effectiveTo.toISOString()})`,\n    }\n  }\n\n  // Build RuleEngineContext (use provided entityType or fall back to rule's)\n  const engineContext: RuleEngineContext = {\n    entityType: context.entityType || rule.entityType,\n    entityId: context.entityId,\n    eventType: context.eventType || rule.eventType || undefined,\n    data: context.data,\n    user: context.user,\n    tenantId: context.tenantId,\n    organizationId: context.organizationId,\n    executedBy: context.executedBy,\n    dryRun: context.dryRun,\n  }\n\n  // Execute via existing executeSingleRule\n  const result = await executeSingleRule(em, rule, engineContext)\n\n  return {\n    success: !result.error,\n    ruleId: rule.ruleId,\n    ruleName: rule.ruleName,\n    conditionResult: result.conditionResult,\n    actionsExecuted: result.actionsExecuted,\n    executionTime: result.executionTime,\n    error: result.error,\n    logId: result.logId,\n  }\n}\n\n/**\n * Execute a rule by its string rule_id identifier\n * Looks up rule by rule_id (string column) + tenant_id (unique constraint)\n * This is useful for workflow conditions that reference rules by their string identifiers\n */\nexport async function executeRuleByRuleId(\n  em: EntityManager,\n  context: RuleIdExecutionContext\n): Promise<DirectRuleExecutionResult> {\n  const startTime = Date.now()\n\n  // Validate input\n  const validation = ruleIdExecutionContextSchema.safeParse(context)\n  if (!validation.success) {\n    const validationErrors = validation.error.issues.map(e => `${e.path.join('.')}: ${e.message}`)\n    return {\n      success: false,\n      ruleId: context.ruleId || 'unknown',\n      ruleName: 'Unknown',\n      conditionResult: false,\n      actionsExecuted: null,\n      executionTime: Date.now() - startTime,\n      error: `Validation failed: ${validationErrors.join(', ')}`,\n    }\n  }\n\n  // Fetch rule by rule_id (string identifier) + tenant/org\n  const rule = await em.findOne(BusinessRule, {\n    ruleId: context.ruleId,  // String identifier column\n    tenantId: context.tenantId,\n    organizationId: context.organizationId,\n    deletedAt: null,\n  })\n\n  if (!rule) {\n    return {\n      success: false,\n      ruleId: context.ruleId,\n      ruleName: 'Unknown',\n      conditionResult: false,\n      actionsExecuted: null,\n      executionTime: Date.now() - startTime,\n      error: 'Rule not found',\n    }\n  }\n\n  if (!rule.enabled) {\n    return {\n      success: false,\n      ruleId: rule.ruleId,\n      ruleName: rule.ruleName,\n      conditionResult: false,\n      actionsExecuted: null,\n      executionTime: Date.now() - startTime,\n      error: 'Rule is disabled',\n    }\n  }\n\n  // Check effective date range\n  const now = new Date()\n  if (rule.effectiveFrom && rule.effectiveFrom > now) {\n    return {\n      success: false,\n      ruleId: rule.ruleId,\n      ruleName: rule.ruleName,\n      conditionResult: false,\n      actionsExecuted: null,\n      executionTime: Date.now() - startTime,\n      error: `Rule is not yet effective (starts ${rule.effectiveFrom.toISOString()})`,\n    }\n  }\n  if (rule.effectiveTo && rule.effectiveTo < now) {\n    return {\n      success: false,\n      ruleId: rule.ruleId,\n      ruleName: rule.ruleName,\n      conditionResult: false,\n      actionsExecuted: null,\n      executionTime: Date.now() - startTime,\n      error: `Rule has expired (ended ${rule.effectiveTo.toISOString()})`,\n    }\n  }\n\n  // Build RuleEngineContext (use provided entityType or fall back to rule's)\n  const engineContext: RuleEngineContext = {\n    entityType: context.entityType || rule.entityType,\n    entityId: context.entityId,\n    eventType: context.eventType || rule.eventType || undefined,\n    data: context.data,\n    user: context.user,\n    tenantId: context.tenantId,\n    organizationId: context.organizationId,\n    executedBy: context.executedBy,\n    dryRun: context.dryRun,\n  }\n\n  // Execute via existing executeSingleRule\n  const result = await executeSingleRule(em, rule, engineContext)\n\n  return {\n    success: !result.error,\n    ruleId: rule.ruleId,\n    ruleName: rule.ruleName,\n    conditionResult: result.conditionResult,\n    actionsExecuted: result.actionsExecuted,\n    executionTime: result.executionTime,\n    error: result.error,\n    logId: result.logId,\n  }\n}\n\n/**\n * Sensitive field patterns to exclude from logs\n */\nconst SENSITIVE_FIELD_PATTERNS = [\n  /password/i,\n  /passwd/i,\n  /pwd/i,\n  /secret/i,\n  /token/i,\n  /api[_-]?key/i,\n  /auth/i,\n  /credit[_-]?card/i,\n  /card[_-]?number/i,\n  /cvv/i,\n  /ssn/i,\n  /social[_-]?security/i,\n  /tax[_-]?id/i,\n  /driver[_-]?license/i,\n  /passport/i,\n]\n\n/**\n * Maximum depth for nested object sanitization\n */\nconst MAX_SANITIZATION_DEPTH = 5\n\n/**\n * Sanitize data for logging by removing sensitive fields\n */\nfunction sanitizeForLogging(data: any, depth: number = 0): any {\n  // Prevent infinite recursion\n  if (depth > MAX_SANITIZATION_DEPTH) {\n    return '[Max depth exceeded]'\n  }\n\n  // Handle null/undefined\n  if (data === null || data === undefined) {\n    return data\n  }\n\n  // Handle primitives\n  if (typeof data !== 'object') {\n    return data\n  }\n\n  // Handle arrays\n  if (Array.isArray(data)) {\n    return data.map(item => sanitizeForLogging(item, depth + 1))\n  }\n\n  // Handle objects\n  const sanitized: Record<string, any> = {}\n\n  for (const [key, value] of Object.entries(data)) {\n    // Check if field name matches sensitive patterns\n    const isSensitive = SENSITIVE_FIELD_PATTERNS.some(pattern => pattern.test(key))\n\n    if (isSensitive) {\n      sanitized[key] = '[REDACTED]'\n    } else if (typeof value === 'object' && value !== null) {\n      sanitized[key] = sanitizeForLogging(value, depth + 1)\n    } else {\n      sanitized[key] = value\n    }\n  }\n\n  return sanitized\n}\n\n/**\n * Sanitize user object for logging (keep only safe fields)\n */\nfunction sanitizeUser(user: any): any {\n  if (!user) {\n    return undefined\n  }\n\n  // Only log safe user fields\n  return {\n    id: user.id,\n    role: user.role,\n    // Don't log: email, name, phone, address, etc.\n  }\n}\n\n/**\n * Log rule execution to database\n */\ninterface LogExecutionOptions {\n  rule: BusinessRule\n  context: RuleEngineContext\n  conditionResult: boolean\n  actionsExecuted: ActionExecutionOutcome | null\n  executionTime: number\n  error?: string\n}\n\nexport async function logRuleExecution(\n  em: EntityManager,\n  options: LogExecutionOptions\n): Promise<string> {\n  const { rule, context, conditionResult, actionsExecuted, executionTime, error } = options\n\n  const executionResult: 'SUCCESS' | 'FAILURE' | 'ERROR' = error\n    ? EXECUTION_RESULT_ERROR\n    : conditionResult\n      ? EXECUTION_RESULT_SUCCESS\n      : EXECUTION_RESULT_FAILURE\n\n  const log = em.create(RuleExecutionLog, {\n    rule,\n    entityId: context.entityId || DEFAULT_ENTITY_ID,\n    entityType: context.entityType,\n    executionResult,\n    inputContext: {\n      data: sanitizeForLogging(context.data),\n      eventType: context.eventType,\n      user: sanitizeUser(context.user),\n    },\n    outputContext: actionsExecuted\n      ? {\n          conditionResult,\n          actionsExecuted: actionsExecuted.results.map((r) => ({\n            type: r.action.type,\n            success: r.success,\n            error: r.error,\n          })),\n        }\n      : null,\n    errorMessage: error || null,\n    executionTimeMs: executionTime,\n    tenantId: context.tenantId,\n    organizationId: context.organizationId,\n    executedBy: context.executedBy || null,\n  })\n\n  await em.persistAndFlush(log)\n\n  return log.id\n}\n"],
-  "mappings": "AACA,SAAS,cAAc,wBAAuC;AAC9D,YAAY,mBAAmB;AAC/B,YAAY,oBAAoB;AAGhC,SAAS,yBAAyB,4BAA4B,kCAAkC,oCAAoC;AAKpI,MAAM,oBAAoB;AAC1B,MAAM,kBAAkB;AACxB,MAAM,yBAAyB;AAC/B,MAAM,2BAA2B;AACjC,MAAM,2BAA2B;AAKjC,MAAM,0BAA0B;AAChC,MAAM,6BAA6B;AACnC,MAAM,iCAAiC;AA+HvC,eAAe,YACb,SACA,WACA,cACY;AACZ,MAAI;AAEJ,QAAM,iBAAiB,IAAI,QAAe,CAAC,GAAG,WAAW;AACvD,gBAAY,WAAW,MAAM;AAC3B,aAAO,IAAI,MAAM,GAAG,YAAY,cAAc,SAAS,KAAK,CAAC;AAAA,IAC/D,GAAG,SAAS;AAAA,EACd,CAAC;AAED,MAAI;AACF,WAAO,MAAM,QAAQ,KAAK,CAAC,SAAS,cAAc,CAAC;AAAA,EACrD,UAAE;AACA,iBAAa,SAAU;AAAA,EACzB;AACF;AAKA,eAAsB,aACpB,IACA,SAC2B;AAE3B,QAAM,aAAa,wBAAwB,UAAU,OAAO;AAC5D,MAAI,CAAC,WAAW,SAAS;AACvB,UAAM,mBAAmB,WAAW,MAAM,OAAO,IAAI,OAAK,GAAG,EAAE,KAAK,KAAK,GAAG,CAAC,KAAK,EAAE,OAAO,EAAE;AAC7F,WAAO;AAAA,MACL,SAAS;AAAA,MACT,eAAe,CAAC;AAAA,MAChB,oBAAoB;AAAA,MACpB,QAAQ;AAAA,IACV;AAAA,EACF;AAEA,QAAM,YAAY,KAAK,IAAI;AAC3B,QAAM,gBAAuC,CAAC;AAC9C,QAAM,SAAmB,CAAC;AAC1B,QAAM,SAAmB,CAAC;AAE1B,MAAI;AAEF,UAAM,QAAQ,MAAM,oBAAoB,IAAI;AAAA,MAC1C,YAAY,QAAQ;AAAA,MACpB,WAAW,QAAQ;AAAA,MACnB,UAAU,QAAQ;AAAA,MAClB,gBAAgB,QAAQ;AAAA,IAC1B,CAAC;AAGD,QAAI,MAAM,SAAS,yBAAyB;AAC1C,aAAO;AAAA,QACL,8BAA8B,MAAM,MAAM,4BAA4B,uBAAuB;AAAA,MAC/F;AACA,aAAO;AAAA,QACL,SAAS;AAAA,QACT,eAAe,CAAC;AAAA,QAChB,oBAAoB,KAAK,IAAI,IAAI;AAAA,QACjC;AAAA,MACF;AAAA,IACF;AAIA,UAAM,oBAAoB,YAAY;AACpC,iBAAW,QAAQ,OAAO;AAC1B,YAAI;AACF,gBAAM,aAAa,MAAM,kBAAkB,IAAI,MAAM,OAAO;AAC5D,wBAAc,KAAK,UAAU;AAE7B,cAAI,WAAW,OAAO;AACpB,mBAAO,KAAK,WAAW,KAAK;AAAA,UAC9B;AAEA,cAAI,WAAW,OAAO;AACpB,mBAAO;AAAA,cACL,iCAAiC,KAAK,MAAM,UAAU,KAAK,QAAQ,gBAAgB,QAAQ,UAAU,MAAM,WAAW,KAAK;AAAA,YAC7H;AAAA,UACF;AAAA,QACF,SAAS,OAAO;AACd,gBAAM,eAAe,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK;AAC1E,iBAAO;AAAA,YACL,8CAA8C,KAAK,MAAM,UAAU,KAAK,QAAQ,MAAM,YAAY;AAAA,UACpG;AAEA,wBAAc,KAAK;AAAA,YACjB;AAAA,YACA,iBAAiB;AAAA,YACjB,iBAAiB;AAAA,YACjB,eAAe;AAAA,YACf,OAAO;AAAA,UACT,CAAC;AAAA,QACH;AAAA,MACA;AAAA,IACF,GAAG;AAGH,UAAM;AAAA,MACJ;AAAA,MACA;AAAA,MACA,4CAA4C,QAAQ,UAAU;AAAA,IAChE;AAIA,UAAM,aAAa,cAAc,OAAO,CAAC,MAAM,EAAE,KAAK,aAAa,eAAe;AAClF,UAAM,UAAU,WAAW,WAAW,KAAK,WAAW,MAAM,CAAC,MAAM,EAAE,eAAe;AAEpF,UAAM,qBAAqB,KAAK,IAAI,IAAI;AAExC,WAAO;AAAA,MACL;AAAA,MACA;AAAA,MACA;AAAA,MACA,QAAQ,OAAO,SAAS,IAAI,SAAS;AAAA,MACrC,QAAQ,OAAO,SAAS,IAAI,SAAS;AAAA,IACvC;AAAA,EACF,SAAS,OAAO;AACd,UAAM,eAAe,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK;AAC1E,UAAM,QAAQ,iBAAiB,QAAQ,MAAM,QAAQ;AACrD,WAAO;AAAA,MACL,0CAA0C,QAAQ,UAAU,cAAc,QAAQ,YAAY,SAAS,MAAM,YAAY,GAAG,QAAQ;AAAA,SAAY,KAAK,KAAK,EAAE;AAAA,IAC9J;AAEA,UAAM,qBAAqB,KAAK,IAAI,IAAI;AAExC,WAAO;AAAA,MACL,SAAS;AAAA,MACT;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,EACF;AACF;AAKA,eAAsB,kBACpB,IACA,MACA,SAC8B;AAC9B,QAAM,YAAY,KAAK,IAAI;AAE3B,MAAI;AAEF,UAAM,qBAAqB,YAAY;AAErC,YAAM,cAAqC;AAAA,QACzC,YAAY,QAAQ;AAAA,QACpB,UAAU,QAAQ;AAAA,QAClB,WAAW,QAAQ;AAAA,QACnB,MAAM,QAAQ;AAAA,QACd,QAAQ,QAAQ;AAAA,QAChB,cAAc,QAAQ;AAAA,MACxB;AAGA,YAAM,SAAS,MAAM,cAAc,mBAAmB,MAAM,QAAQ,MAAM,WAAW;AAGrF,UAAI,CAAC,OAAO,qBAAqB;AAC/B,cAAMA,iBAAgB,KAAK,IAAI,IAAI;AAEnC,YAAIC;AAGJ,YAAI,CAAC,QAAQ,QAAQ;AACnB,UAAAA,SAAQ,MAAM,iBAAiB,IAAI;AAAA,YACjC;AAAA,YACA;AAAA,YACA,iBAAiB;AAAA,YACjB,iBAAiB;AAAA,YACjB,eAAAD;AAAA,YACA,OAAO,OAAO;AAAA,UAChB,CAAC;AAAA,QACH;AAEA,eAAO;AAAA,UACL;AAAA,UACA,iBAAiB;AAAA,UACjB,iBAAiB;AAAA,UACjB,eAAAA;AAAA,UACA,OAAO,OAAO;AAAA,UACd,OAAAC;AAAA,QACF;AAAA,MACF;AAGA,YAAM,UAAU,OAAO,mBAAmB,KAAK,iBAAiB,KAAK;AAErE,UAAI,kBAAiD;AAErD,UAAI,WAAW,MAAM,QAAQ,OAAO,KAAK,QAAQ,SAAS,GAAG;AAE3D,cAAM,gBAA+B;AAAA,UACnC,GAAG;AAAA,UACH,MAAM,QAAQ;AAAA,UACd,QAAQ,KAAK;AAAA,UACb,UAAU,KAAK;AAAA,QACjB;AAGA,0BAAkB,MAAM,eAAe,eAAe,SAAS,aAAa;AAAA,MAC9E;AAEA,YAAM,gBAAgB,KAAK,IAAI,IAAI;AAEnC,UAAI;AAGJ,UAAI,CAAC,QAAQ,QAAQ;AACnB,gBAAQ,MAAM,iBAAiB,IAAI;AAAA,UACjC;AAAA,UACA;AAAA,UACA,iBAAiB,OAAO;AAAA,UACxB;AAAA,UACA;AAAA,QACF,CAAC;AAAA,MACH;AAEA,aAAO;AAAA,QACL;AAAA,QACA,iBAAiB,OAAO;AAAA,QACxB;AAAA,QACA;AAAA,QACA;AAAA,MACF;AAAA,IACF;AAGA,WAAO,MAAM;AAAA,MACX,mBAAmB;AAAA,MACnB;AAAA,MACA,yCAAyC,KAAK,MAAM;AAAA,IACtD;AAAA,EACF,SAAS,OAAO;AACd,UAAM,gBAAgB,KAAK,IAAI,IAAI;AACnC,UAAM,eAAe,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK;AAC1E,UAAM,gBAAgB,kCAAkC,KAAK,MAAM,gBAAgB,QAAQ,UAAU,MAAM,YAAY;AAEvH,QAAI;AAGJ,QAAI,CAAC,QAAQ,QAAQ;AACnB,cAAQ,MAAM,iBAAiB,IAAI;AAAA,QACjC;AAAA,QACA;AAAA,QACA,iBAAiB;AAAA,QACjB,iBAAiB;AAAA,QACjB;AAAA,QACA,OAAO;AAAA,MACT,CAAC;AAAA,IACH;AAEA,WAAO;AAAA,MACL;AAAA,MACA,iBAAiB;AAAA,MACjB,iBAAiB;AAAA,MACjB;AAAA,MACA,OAAO;AAAA,MACP;AAAA,IACF;AAAA,EACF;AACF;AAKA,eAAsB,oBACpB,IACA,SACyB;AAEzB,6BAA2B,MAAM,OAAO;AAExC,QAAM,EAAE,YAAY,WAAW,UAAU,gBAAgB,SAAS,IAAI;AAEtE,QAAM,QAA+B;AAAA,IACnC;AAAA,IACA;AAAA,IACA;AAAA,IACA,SAAS;AAAA,IACT,WAAW;AAAA,EACb;AAEA,MAAI,WAAW;AACb,UAAM,YAAY;AAAA,EACpB;AAEA,MAAI,UAAU;AACZ,UAAM,WAAW;AAAA,EACnB;AAEA,QAAM,QAAQ,MAAM,GAAG,KAAK,cAAc,OAAO;AAAA,IAC/C,SAAS,EAAE,UAAU,QAAQ,QAAQ,MAAM;AAAA,EAC7C,CAAC;AAGD,QAAM,MAAM,oBAAI,KAAK;AACrB,SAAO,MAAM,OAAO,CAAC,SAAS;AAC5B,QAAI,KAAK,iBAAiB,KAAK,gBAAgB,KAAK;AAClD,aAAO;AAAA,IACT;AACA,QAAI,KAAK,eAAe,KAAK,cAAc,KAAK;AAC9C,aAAO;AAAA,IACT;AACA,WAAO;AAAA,EACT,CAAC;AACH;AAMA,eAAsB,gBACpB,IACA,SACoC;AACpC,QAAM,YAAY,KAAK,IAAI;AAG3B,QAAM,aAAa,iCAAiC,UAAU,OAAO;AACrE,MAAI,CAAC,WAAW,SAAS;AACvB,UAAM,mBAAmB,WAAW,MAAM,OAAO,IAAI,OAAK,GAAG,EAAE,KAAK,KAAK,GAAG,CAAC,KAAK,EAAE,OAAO,EAAE;AAC7F,WAAO;AAAA,MACL,SAAS;AAAA,MACT,QAAQ,QAAQ;AAAA,MAChB,UAAU;AAAA,MACV,iBAAiB;AAAA,MACjB,iBAAiB;AAAA,MACjB,eAAe,KAAK,IAAI,IAAI;AAAA,MAC5B,OAAO,sBAAsB,iBAAiB,KAAK,IAAI,CAAC;AAAA,IAC1D;AAAA,EACF;AAGA,QAAM,OAAO,MAAM,GAAG,QAAQ,cAAc;AAAA,IAC1C,IAAI,QAAQ;AAAA,IACZ,UAAU,QAAQ;AAAA,IAClB,gBAAgB,QAAQ;AAAA,IACxB,WAAW;AAAA,EACb,CAAC;AAED,MAAI,CAAC,MAAM;AACT,WAAO;AAAA,MACL,SAAS;AAAA,MACT,QAAQ,QAAQ;AAAA,MAChB,UAAU;AAAA,MACV,iBAAiB;AAAA,MACjB,iBAAiB;AAAA,MACjB,eAAe,KAAK,IAAI,IAAI;AAAA,MAC5B,OAAO;AAAA,IACT;AAAA,EACF;AAEA,MAAI,CAAC,KAAK,SAAS;AACjB,WAAO;AAAA,MACL,SAAS;AAAA,MACT,QAAQ,KAAK;AAAA,MACb,UAAU,KAAK;AAAA,MACf,iBAAiB;AAAA,MACjB,iBAAiB;AAAA,MACjB,eAAe,KAAK,IAAI,IAAI;AAAA,MAC5B,OAAO;AAAA,IACT;AAAA,EACF;AAGA,QAAM,MAAM,oBAAI,KAAK;AACrB,MAAI,KAAK,iBAAiB,KAAK,gBAAgB,KAAK;AAClD,WAAO;AAAA,MACL,SAAS;AAAA,MACT,QAAQ,KAAK;AAAA,MACb,UAAU,KAAK;AAAA,MACf,iBAAiB;AAAA,MACjB,iBAAiB;AAAA,MACjB,eAAe,KAAK,IAAI,IAAI;AAAA,MAC5B,OAAO,qCAAqC,KAAK,cAAc,YAAY,CAAC;AAAA,IAC9E;AAAA,EACF;AACA,MAAI,KAAK,eAAe,KAAK,cAAc,KAAK;AAC9C,WAAO;AAAA,MACL,SAAS;AAAA,MACT,QAAQ,KAAK;AAAA,MACb,UAAU,KAAK;AAAA,MACf,iBAAiB;AAAA,MACjB,iBAAiB;AAAA,MACjB,eAAe,KAAK,IAAI,IAAI;AAAA,MAC5B,OAAO,2BAA2B,KAAK,YAAY,YAAY,CAAC;AAAA,IAClE;AAAA,EACF;AAGA,QAAM,gBAAmC;AAAA,IACvC,YAAY,QAAQ,cAAc,KAAK;AAAA,IACvC,UAAU,QAAQ;AAAA,IAClB,WAAW,QAAQ,aAAa,KAAK,aAAa;AAAA,IAClD,MAAM,QAAQ;AAAA,IACd,MAAM,QAAQ;AAAA,IACd,UAAU,QAAQ;AAAA,IAClB,gBAAgB,QAAQ;AAAA,IACxB,YAAY,QAAQ;AAAA,IACpB,QAAQ,QAAQ;AAAA,EAClB;AAGA,QAAM,SAAS,MAAM,kBAAkB,IAAI,MAAM,aAAa;AAE9D,SAAO;AAAA,IACL,SAAS,CAAC,OAAO;AAAA,IACjB,QAAQ,KAAK;AAAA,IACb,UAAU,KAAK;AAAA,IACf,iBAAiB,OAAO;AAAA,IACxB,iBAAiB,OAAO;AAAA,IACxB,eAAe,OAAO;AAAA,IACtB,OAAO,OAAO;AAAA,IACd,OAAO,OAAO;AAAA,EAChB;AACF;AAOA,eAAsB,oBACpB,IACA,SACoC;AACpC,QAAM,YAAY,KAAK,IAAI;AAG3B,QAAM,aAAa,6BAA6B,UAAU,OAAO;AACjE,MAAI,CAAC,WAAW,SAAS;AACvB,UAAM,mBAAmB,WAAW,MAAM,OAAO,IAAI,OAAK,GAAG,EAAE,KAAK,KAAK,GAAG,CAAC,KAAK,EAAE,OAAO,EAAE;AAC7F,WAAO;AAAA,MACL,SAAS;AAAA,MACT,QAAQ,QAAQ,UAAU;AAAA,MAC1B,UAAU;AAAA,MACV,iBAAiB;AAAA,MACjB,iBAAiB;AAAA,MACjB,eAAe,KAAK,IAAI,IAAI;AAAA,MAC5B,OAAO,sBAAsB,iBAAiB,KAAK,IAAI,CAAC;AAAA,IAC1D;AAAA,EACF;AAGA,QAAM,OAAO,MAAM,GAAG,QAAQ,cAAc;AAAA,IAC1C,QAAQ,QAAQ;AAAA;AAAA,IAChB,UAAU,QAAQ;AAAA,IAClB,gBAAgB,QAAQ;AAAA,IACxB,WAAW;AAAA,EACb,CAAC;AAED,MAAI,CAAC,MAAM;AACT,WAAO;AAAA,MACL,SAAS;AAAA,MACT,QAAQ,QAAQ;AAAA,MAChB,UAAU;AAAA,MACV,iBAAiB;AAAA,MACjB,iBAAiB;AAAA,MACjB,eAAe,KAAK,IAAI,IAAI;AAAA,MAC5B,OAAO;AAAA,IACT;AAAA,EACF;AAEA,MAAI,CAAC,KAAK,SAAS;AACjB,WAAO;AAAA,MACL,SAAS;AAAA,MACT,QAAQ,KAAK;AAAA,MACb,UAAU,KAAK;AAAA,MACf,iBAAiB;AAAA,MACjB,iBAAiB;AAAA,MACjB,eAAe,KAAK,IAAI,IAAI;AAAA,MAC5B,OAAO;AAAA,IACT;AAAA,EACF;AAGA,QAAM,MAAM,oBAAI,KAAK;AACrB,MAAI,KAAK,iBAAiB,KAAK,gBAAgB,KAAK;AAClD,WAAO;AAAA,MACL,SAAS;AAAA,MACT,QAAQ,KAAK;AAAA,MACb,UAAU,KAAK;AAAA,MACf,iBAAiB;AAAA,MACjB,iBAAiB;AAAA,MACjB,eAAe,KAAK,IAAI,IAAI;AAAA,MAC5B,OAAO,qCAAqC,KAAK,cAAc,YAAY,CAAC;AAAA,IAC9E;AAAA,EACF;AACA,MAAI,KAAK,eAAe,KAAK,cAAc,KAAK;AAC9C,WAAO;AAAA,MACL,SAAS;AAAA,MACT,QAAQ,KAAK;AAAA,MACb,UAAU,KAAK;AAAA,MACf,iBAAiB;AAAA,MACjB,iBAAiB;AAAA,MACjB,eAAe,KAAK,IAAI,IAAI;AAAA,MAC5B,OAAO,2BAA2B,KAAK,YAAY,YAAY,CAAC;AAAA,IAClE;AAAA,EACF;AAGA,QAAM,gBAAmC;AAAA,IACvC,YAAY,QAAQ,cAAc,KAAK;AAAA,IACvC,UAAU,QAAQ;AAAA,IAClB,WAAW,QAAQ,aAAa,KAAK,aAAa;AAAA,IAClD,MAAM,QAAQ;AAAA,IACd,MAAM,QAAQ;AAAA,IACd,UAAU,QAAQ;AAAA,IAClB,gBAAgB,QAAQ;AAAA,IACxB,YAAY,QAAQ;AAAA,IACpB,QAAQ,QAAQ;AAAA,EAClB;AAGA,QAAM,SAAS,MAAM,kBAAkB,IAAI,MAAM,aAAa;AAE9D,SAAO;AAAA,IACL,SAAS,CAAC,OAAO;AAAA,IACjB,QAAQ,KAAK;AAAA,IACb,UAAU,KAAK;AAAA,IACf,iBAAiB,OAAO;AAAA,IACxB,iBAAiB,OAAO;AAAA,IACxB,eAAe,OAAO;AAAA,IACtB,OAAO,OAAO;AAAA,IACd,OAAO,OAAO;AAAA,EAChB;AACF;AAKA,MAAM,2BAA2B;AAAA,EAC/B;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF;AAKA,MAAM,yBAAyB;AAK/B,SAAS,mBAAmB,MAAW,QAAgB,GAAQ;AAE7D,MAAI,QAAQ,wBAAwB;AAClC,WAAO;AAAA,EACT;AAGA,MAAI,SAAS,QAAQ,SAAS,QAAW;AACvC,WAAO;AAAA,EACT;AAGA,MAAI,OAAO,SAAS,UAAU;AAC5B,WAAO;AAAA,EACT;AAGA,MAAI,MAAM,QAAQ,IAAI,GAAG;AACvB,WAAO,KAAK,IAAI,UAAQ,mBAAmB,MAAM,QAAQ,CAAC,CAAC;AAAA,EAC7D;AAGA,QAAM,YAAiC,CAAC;AAExC,aAAW,CAAC,KAAK,KAAK,KAAK,OAAO,QAAQ,IAAI,GAAG;AAE/C,UAAM,cAAc,yBAAyB,KAAK,aAAW,QAAQ,KAAK,GAAG,CAAC;AAE9E,QAAI,aAAa;AACf,gBAAU,GAAG,IAAI;AAAA,IACnB,WAAW,OAAO,UAAU,YAAY,UAAU,MAAM;AACtD,gBAAU,GAAG,IAAI,mBAAmB,OAAO,QAAQ,CAAC;AAAA,IACtD,OAAO;AACL,gBAAU,GAAG,IAAI;AAAA,IACnB;AAAA,EACF;AAEA,SAAO;AACT;AAKA,SAAS,aAAa,MAAgB;AACpC,MAAI,CAAC,MAAM;AACT,WAAO;AAAA,EACT;AAGA,SAAO;AAAA,IACL,IAAI,KAAK;AAAA,IACT,MAAM,KAAK;AAAA;AAAA,EAEb;AACF;AAcA,eAAsB,iBACpB,IACA,SACiB;AACjB,QAAM,EAAE,MAAM,SAAS,iBAAiB,iBAAiB,eAAe,MAAM,IAAI;AAElF,QAAM,kBAAmD,QACrD,yBACA,kBACE,2BACA;AAEN,QAAM,MAAM,GAAG,OAAO,kBAAkB;AAAA,IACtC;AAAA,IACA,UAAU,QAAQ,YAAY;AAAA,IAC9B,YAAY,QAAQ;AAAA,IACpB;AAAA,IACA,cAAc;AAAA,MACZ,MAAM,mBAAmB,QAAQ,IAAI;AAAA,MACrC,WAAW,QAAQ;AAAA,MACnB,MAAM,aAAa,QAAQ,IAAI;AAAA,IACjC;AAAA,IACA,eAAe,kBACX;AAAA,MACE;AAAA,MACA,iBAAiB,gBAAgB,QAAQ,IAAI,CAAC,OAAO;AAAA,QACnD,MAAM,EAAE,OAAO;AAAA,QACf,SAAS,EAAE;AAAA,QACX,OAAO,EAAE;AAAA,MACX,EAAE;AAAA,IACJ,IACA;AAAA,IACJ,cAAc,SAAS;AAAA,IACvB,iBAAiB;AAAA,IACjB,UAAU,QAAQ;AAAA,IAClB,gBAAgB,QAAQ;AAAA,IACxB,YAAY,QAAQ,cAAc;AAAA,EACpC,CAAC;AAED,QAAM,GAAG,gBAAgB,GAAG;AAE5B,SAAO,IAAI;AACb;",
+  "sourcesContent": ["import type { EntityManager } from '@mikro-orm/core'\nimport { BusinessRule, RuleExecutionLog, type RuleType } from '../data/entities'\nimport * as ruleEvaluator from './rule-evaluator'\nimport * as actionExecutor from './action-executor'\nimport type { RuleEvaluationContext } from './rule-evaluator'\nimport type { ActionContext, ActionExecutionOutcome } from './action-executor'\nimport { ruleEngineContextSchema, ruleDiscoveryOptionsSchema } from '../data/validators'\n\n/**\n * Constants\n */\nconst DEFAULT_ENTITY_ID = 'unknown'\nconst RULE_TYPE_GUARD = 'GUARD'\nconst EXECUTION_RESULT_ERROR = 'ERROR'\nconst EXECUTION_RESULT_SUCCESS = 'SUCCESS'\nconst EXECUTION_RESULT_FAILURE = 'FAILURE'\n\n/**\n * Execution limits\n */\nconst MAX_RULES_PER_EXECUTION = 100\nconst MAX_SINGLE_RULE_TIMEOUT_MS = 30000  // 30 seconds\nconst MAX_TOTAL_EXECUTION_TIMEOUT_MS = 60000  // 60 seconds\n\n/**\n * Rule execution context\n */\nexport interface RuleEngineContext {\n  entityType: string\n  entityId?: string\n  eventType?: string\n  data: any\n  user?: {\n    id?: string\n    email?: string\n    role?: string\n    [key: string]: any\n  }\n  tenant?: {\n    id?: string\n    [key: string]: any\n  }\n  organization?: {\n    id?: string\n    [key: string]: any\n  }\n  tenantId: string\n  organizationId: string\n  executedBy?: string\n  dryRun?: boolean\n  [key: string]: any\n}\n\n/**\n * Single rule execution result\n */\nexport interface RuleExecutionResult {\n  rule: BusinessRule\n  conditionResult: boolean\n  actionsExecuted: ActionExecutionOutcome | null\n  executionTime: number\n  error?: string\n  logId?: string  // Database log ID (if logged)\n}\n\n/**\n * Overall rule engine result\n */\nexport interface RuleEngineResult {\n  allowed: boolean\n  executedRules: RuleExecutionResult[]\n  totalExecutionTime: number\n  errors?: string[]\n  logIds?: string[]\n}\n\n/**\n * Rule discovery options\n */\nexport interface RuleDiscoveryOptions {\n  entityType: string\n  eventType?: string\n  tenantId: string\n  organizationId: string\n  ruleType?: RuleType\n}\n\n/**\n * Execute a function with a timeout\n */\nasync function withTimeout<T>(\n  promise: Promise<T>,\n  timeoutMs: number,\n  errorMessage: string\n): Promise<T> {\n  let timeoutId: NodeJS.Timeout\n\n  const timeoutPromise = new Promise<never>((_, reject) => {\n    timeoutId = setTimeout(() => {\n      reject(new Error(`${errorMessage} (timeout: ${timeoutMs}ms)`))\n    }, timeoutMs)\n  })\n\n  try {\n    return await Promise.race([promise, timeoutPromise])\n  } finally {\n    clearTimeout(timeoutId!)\n  }\n}\n\n/**\n * Execute all applicable rules for the given context\n */\nexport async function executeRules(\n  em: EntityManager,\n  context: RuleEngineContext\n): Promise<RuleEngineResult> {\n  // Validate input\n  const validation = ruleEngineContextSchema.safeParse(context)\n  if (!validation.success) {\n    const validationErrors = validation.error.issues.map(e => `${e.path.join('.')}: ${e.message}`)\n    return {\n      allowed: false,\n      executedRules: [],\n      totalExecutionTime: 0,\n      errors: validationErrors,\n    }\n  }\n\n  const startTime = Date.now()\n  const executedRules: RuleExecutionResult[] = []\n  const errors: string[] = []\n  const logIds: string[] = []\n\n  try {\n    // Discover applicable rules\n    const rules = await findApplicableRules(em, {\n      entityType: context.entityType,\n      eventType: context.eventType,\n      tenantId: context.tenantId,\n      organizationId: context.organizationId,\n    })\n\n    // Check rule count limit\n    if (rules.length > MAX_RULES_PER_EXECUTION) {\n      errors.push(\n        `Rule count limit exceeded: ${rules.length} rules found, maximum is ${MAX_RULES_PER_EXECUTION}`\n      )\n      return {\n        allowed: false,\n        executedRules: [],\n        totalExecutionTime: Date.now() - startTime,\n        errors,\n      }\n    }\n\n    // Rules already sorted by database query (priority DESC, ruleId ASC)\n    // Execute each rule with total timeout\n    const executionPromise = (async () => {\n      for (const rule of rules) {\n      try {\n        const ruleResult = await executeSingleRule(em, rule, context)\n        executedRules.push(ruleResult)\n\n        if (ruleResult.logId) {\n          logIds.push(ruleResult.logId)\n        }\n\n        if (ruleResult.error) {\n          errors.push(\n            `Rule execution failed [ruleId=${rule.ruleId}, type=${rule.ruleType}, entityType=${context.entityType}]: ${ruleResult.error}`\n          )\n        }\n      } catch (error) {\n        const errorMessage = error instanceof Error ? error.message : String(error)\n        errors.push(\n          `Unexpected error in rule execution [ruleId=${rule.ruleId}, type=${rule.ruleType}]: ${errorMessage}`\n        )\n\n        executedRules.push({\n          rule,\n          conditionResult: false,\n          actionsExecuted: null,\n          executionTime: 0,\n          error: errorMessage,\n        })\n      }\n      }\n    })()\n\n    // Execute with timeout\n    await withTimeout(\n      executionPromise,\n      MAX_TOTAL_EXECUTION_TIMEOUT_MS,\n      `Total rule execution timeout [entityType=${context.entityType}]`\n    )\n\n    // Determine overall allowed status\n    // For GUARD rules: all must pass for operation to be allowed\n    const guardRules = executedRules.filter((r) => r.rule.ruleType === RULE_TYPE_GUARD)\n    const allowed = guardRules.length === 0 || guardRules.every((r) => r.conditionResult)\n\n    const totalExecutionTime = Date.now() - startTime\n\n    return {\n      allowed,\n      executedRules,\n      totalExecutionTime,\n      errors: errors.length > 0 ? errors : undefined,\n      logIds: logIds.length > 0 ? logIds : undefined,\n    }\n  } catch (error) {\n    const errorMessage = error instanceof Error ? error.message : String(error)\n    const stack = error instanceof Error ? error.stack : undefined\n    errors.push(\n      `Critical rule engine error [entityType=${context.entityType}, entityId=${context.entityId || 'unknown'}]: ${errorMessage}${stack ? `\\nStack: ${stack}` : ''}`\n    )\n\n    const totalExecutionTime = Date.now() - startTime\n\n    return {\n      allowed: false,\n      executedRules,\n      totalExecutionTime,\n      errors,\n    }\n  }\n}\n\n/**\n * Execute a single rule\n */\nexport async function executeSingleRule(\n  em: EntityManager,\n  rule: BusinessRule,\n  context: RuleEngineContext\n): Promise<RuleExecutionResult> {\n  const startTime = Date.now()\n\n  try {\n    // Wrap execution in timeout\n    const executeWithTimeout = async () => {\n      // Build evaluation context\n      const evalContext: RuleEvaluationContext = {\n        entityType: context.entityType,\n        entityId: context.entityId,\n        eventType: context.eventType,\n        user: context.user,\n        tenant: context.tenant,\n        organization: context.organization,\n      }\n\n      // Evaluate rule conditions\n      const result = await ruleEvaluator.evaluateSingleRule(rule, context.data, evalContext)\n\n      // Check if evaluation completed (not just if conditions passed)\n      if (!result.evaluationCompleted) {\n        const executionTime = Date.now() - startTime\n\n        let logId: string | undefined\n\n        // Log failure if not dry run\n        if (!context.dryRun) {\n          logId = await logRuleExecution(em, {\n            rule,\n            context,\n            conditionResult: false,\n            actionsExecuted: null,\n            executionTime,\n            error: result.error,\n          })\n        }\n\n        return {\n          rule,\n          conditionResult: false,\n          actionsExecuted: null,\n          executionTime,\n          error: result.error,\n          logId,\n        }\n      }\n\n      // Evaluation completed successfully - determine which actions to execute\n      const actions = result.conditionsPassed ? rule.successActions : rule.failureActions\n\n      let actionsExecuted: ActionExecutionOutcome | null = null\n\n      if (actions && Array.isArray(actions) && actions.length > 0) {\n        // Build action context\n        const actionContext: ActionContext = {\n          ...evalContext,\n          data: context.data,\n          ruleId: rule.ruleId,\n          ruleName: rule.ruleName,\n        }\n\n        // Execute actions\n        actionsExecuted = await actionExecutor.executeActions(actions, actionContext)\n      }\n\n      const executionTime = Date.now() - startTime\n\n      let logId: string | undefined\n\n      // Log execution if not dry run\n      if (!context.dryRun) {\n        logId = await logRuleExecution(em, {\n          rule,\n          context,\n          conditionResult: result.conditionsPassed,\n          actionsExecuted,\n          executionTime,\n        })\n      }\n\n      return {\n        rule,\n        conditionResult: result.conditionsPassed,\n        actionsExecuted,\n        executionTime,\n        logId,\n      }\n    }\n\n    // Execute with single rule timeout\n    return await withTimeout(\n      executeWithTimeout(),\n      MAX_SINGLE_RULE_TIMEOUT_MS,\n      `Single rule execution timeout [ruleId=${rule.ruleId}]`\n    )\n  } catch (error) {\n    const executionTime = Date.now() - startTime\n    const errorMessage = error instanceof Error ? error.message : String(error)\n    const enhancedError = `Failed to execute rule [ruleId=${rule.ruleId}, entityType=${context.entityType}]: ${errorMessage}`\n\n    let logId: string | undefined\n\n    // Log error if not dry run\n    if (!context.dryRun) {\n      logId = await logRuleExecution(em, {\n        rule,\n        context,\n        conditionResult: false,\n        actionsExecuted: null,\n        executionTime,\n        error: enhancedError,\n      })\n    }\n\n    return {\n      rule,\n      conditionResult: false,\n      actionsExecuted: null,\n      executionTime,\n      error: enhancedError,\n      logId,\n    }\n  }\n}\n\n/**\n * Find all applicable rules for the given criteria\n */\nexport async function findApplicableRules(\n  em: EntityManager,\n  options: RuleDiscoveryOptions\n): Promise<BusinessRule[]> {\n  // Validate input\n  ruleDiscoveryOptionsSchema.parse(options)\n\n  const { entityType, eventType, tenantId, organizationId, ruleType } = options\n\n  const where: Partial<BusinessRule> = {\n    entityType,\n    tenantId,\n    organizationId,\n    enabled: true,\n    deletedAt: null,\n  }\n\n  if (eventType) {\n    where.eventType = eventType\n  }\n\n  if (ruleType) {\n    where.ruleType = ruleType\n  }\n\n  const rules = await em.find(BusinessRule, where, {\n    orderBy: { priority: 'DESC', ruleId: 'ASC' },\n  })\n\n  // Filter by effective date range\n  const now = new Date()\n  return rules.filter((rule) => {\n    if (rule.effectiveFrom && rule.effectiveFrom > now) {\n      return false\n    }\n    if (rule.effectiveTo && rule.effectiveTo < now) {\n      return false\n    }\n    return true\n  })\n}\n\n/**\n * Sensitive field patterns to exclude from logs\n */\nconst SENSITIVE_FIELD_PATTERNS = [\n  /password/i,\n  /passwd/i,\n  /pwd/i,\n  /secret/i,\n  /token/i,\n  /api[_-]?key/i,\n  /auth/i,\n  /credit[_-]?card/i,\n  /card[_-]?number/i,\n  /cvv/i,\n  /ssn/i,\n  /social[_-]?security/i,\n  /tax[_-]?id/i,\n  /driver[_-]?license/i,\n  /passport/i,\n]\n\n/**\n * Maximum depth for nested object sanitization\n */\nconst MAX_SANITIZATION_DEPTH = 5\n\n/**\n * Sanitize data for logging by removing sensitive fields\n */\nfunction sanitizeForLogging(data: any, depth: number = 0): any {\n  // Prevent infinite recursion\n  if (depth > MAX_SANITIZATION_DEPTH) {\n    return '[Max depth exceeded]'\n  }\n\n  // Handle null/undefined\n  if (data === null || data === undefined) {\n    return data\n  }\n\n  // Handle primitives\n  if (typeof data !== 'object') {\n    return data\n  }\n\n  // Handle arrays\n  if (Array.isArray(data)) {\n    return data.map(item => sanitizeForLogging(item, depth + 1))\n  }\n\n  // Handle objects\n  const sanitized: Record<string, any> = {}\n\n  for (const [key, value] of Object.entries(data)) {\n    // Check if field name matches sensitive patterns\n    const isSensitive = SENSITIVE_FIELD_PATTERNS.some(pattern => pattern.test(key))\n\n    if (isSensitive) {\n      sanitized[key] = '[REDACTED]'\n    } else if (typeof value === 'object' && value !== null) {\n      sanitized[key] = sanitizeForLogging(value, depth + 1)\n    } else {\n      sanitized[key] = value\n    }\n  }\n\n  return sanitized\n}\n\n/**\n * Sanitize user object for logging (keep only safe fields)\n */\nfunction sanitizeUser(user: any): any {\n  if (!user) {\n    return undefined\n  }\n\n  // Only log safe user fields\n  return {\n    id: user.id,\n    role: user.role,\n    // Don't log: email, name, phone, address, etc.\n  }\n}\n\n/**\n * Log rule execution to database\n */\ninterface LogExecutionOptions {\n  rule: BusinessRule\n  context: RuleEngineContext\n  conditionResult: boolean\n  actionsExecuted: ActionExecutionOutcome | null\n  executionTime: number\n  error?: string\n}\n\nexport async function logRuleExecution(\n  em: EntityManager,\n  options: LogExecutionOptions\n): Promise<string> {\n  const { rule, context, conditionResult, actionsExecuted, executionTime, error } = options\n\n  const executionResult: 'SUCCESS' | 'FAILURE' | 'ERROR' = error\n    ? EXECUTION_RESULT_ERROR\n    : conditionResult\n      ? EXECUTION_RESULT_SUCCESS\n      : EXECUTION_RESULT_FAILURE\n\n  const log = em.create(RuleExecutionLog, {\n    rule,\n    entityId: context.entityId || DEFAULT_ENTITY_ID,\n    entityType: context.entityType,\n    executionResult,\n    inputContext: {\n      data: sanitizeForLogging(context.data),\n      eventType: context.eventType,\n      user: sanitizeUser(context.user),\n    },\n    outputContext: actionsExecuted\n      ? {\n          conditionResult,\n          actionsExecuted: actionsExecuted.results.map((r) => ({\n            type: r.action.type,\n            success: r.success,\n            error: r.error,\n          })),\n        }\n      : null,\n    errorMessage: error || null,\n    executionTimeMs: executionTime,\n    tenantId: context.tenantId,\n    organizationId: context.organizationId,\n    executedBy: context.executedBy || null,\n  })\n\n  await em.persistAndFlush(log)\n\n  return log.id\n}\n"],
+  "mappings": "AACA,SAAS,cAAc,wBAAuC;AAC9D,YAAY,mBAAmB;AAC/B,YAAY,oBAAoB;AAGhC,SAAS,yBAAyB,kCAAkC;AAKpE,MAAM,oBAAoB;AAC1B,MAAM,kBAAkB;AACxB,MAAM,yBAAyB;AAC/B,MAAM,2BAA2B;AACjC,MAAM,2BAA2B;AAKjC,MAAM,0BAA0B;AAChC,MAAM,6BAA6B;AACnC,MAAM,iCAAiC;AAoEvC,eAAe,YACb,SACA,WACA,cACY;AACZ,MAAI;AAEJ,QAAM,iBAAiB,IAAI,QAAe,CAAC,GAAG,WAAW;AACvD,gBAAY,WAAW,MAAM;AAC3B,aAAO,IAAI,MAAM,GAAG,YAAY,cAAc,SAAS,KAAK,CAAC;AAAA,IAC/D,GAAG,SAAS;AAAA,EACd,CAAC;AAED,MAAI;AACF,WAAO,MAAM,QAAQ,KAAK,CAAC,SAAS,cAAc,CAAC;AAAA,EACrD,UAAE;AACA,iBAAa,SAAU;AAAA,EACzB;AACF;AAKA,eAAsB,aACpB,IACA,SAC2B;AAE3B,QAAM,aAAa,wBAAwB,UAAU,OAAO;AAC5D,MAAI,CAAC,WAAW,SAAS;AACvB,UAAM,mBAAmB,WAAW,MAAM,OAAO,IAAI,OAAK,GAAG,EAAE,KAAK,KAAK,GAAG,CAAC,KAAK,EAAE,OAAO,EAAE;AAC7F,WAAO;AAAA,MACL,SAAS;AAAA,MACT,eAAe,CAAC;AAAA,MAChB,oBAAoB;AAAA,MACpB,QAAQ;AAAA,IACV;AAAA,EACF;AAEA,QAAM,YAAY,KAAK,IAAI;AAC3B,QAAM,gBAAuC,CAAC;AAC9C,QAAM,SAAmB,CAAC;AAC1B,QAAM,SAAmB,CAAC;AAE1B,MAAI;AAEF,UAAM,QAAQ,MAAM,oBAAoB,IAAI;AAAA,MAC1C,YAAY,QAAQ;AAAA,MACpB,WAAW,QAAQ;AAAA,MACnB,UAAU,QAAQ;AAAA,MAClB,gBAAgB,QAAQ;AAAA,IAC1B,CAAC;AAGD,QAAI,MAAM,SAAS,yBAAyB;AAC1C,aAAO;AAAA,QACL,8BAA8B,MAAM,MAAM,4BAA4B,uBAAuB;AAAA,MAC/F;AACA,aAAO;AAAA,QACL,SAAS;AAAA,QACT,eAAe,CAAC;AAAA,QAChB,oBAAoB,KAAK,IAAI,IAAI;AAAA,QACjC;AAAA,MACF;AAAA,IACF;AAIA,UAAM,oBAAoB,YAAY;AACpC,iBAAW,QAAQ,OAAO;AAC1B,YAAI;AACF,gBAAM,aAAa,MAAM,kBAAkB,IAAI,MAAM,OAAO;AAC5D,wBAAc,KAAK,UAAU;AAE7B,cAAI,WAAW,OAAO;AACpB,mBAAO,KAAK,WAAW,KAAK;AAAA,UAC9B;AAEA,cAAI,WAAW,OAAO;AACpB,mBAAO;AAAA,cACL,iCAAiC,KAAK,MAAM,UAAU,KAAK,QAAQ,gBAAgB,QAAQ,UAAU,MAAM,WAAW,KAAK;AAAA,YAC7H;AAAA,UACF;AAAA,QACF,SAAS,OAAO;AACd,gBAAM,eAAe,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK;AAC1E,iBAAO;AAAA,YACL,8CAA8C,KAAK,MAAM,UAAU,KAAK,QAAQ,MAAM,YAAY;AAAA,UACpG;AAEA,wBAAc,KAAK;AAAA,YACjB;AAAA,YACA,iBAAiB;AAAA,YACjB,iBAAiB;AAAA,YACjB,eAAe;AAAA,YACf,OAAO;AAAA,UACT,CAAC;AAAA,QACH;AAAA,MACA;AAAA,IACF,GAAG;AAGH,UAAM;AAAA,MACJ;AAAA,MACA;AAAA,MACA,4CAA4C,QAAQ,UAAU;AAAA,IAChE;AAIA,UAAM,aAAa,cAAc,OAAO,CAAC,MAAM,EAAE,KAAK,aAAa,eAAe;AAClF,UAAM,UAAU,WAAW,WAAW,KAAK,WAAW,MAAM,CAAC,MAAM,EAAE,eAAe;AAEpF,UAAM,qBAAqB,KAAK,IAAI,IAAI;AAExC,WAAO;AAAA,MACL;AAAA,MACA;AAAA,MACA;AAAA,MACA,QAAQ,OAAO,SAAS,IAAI,SAAS;AAAA,MACrC,QAAQ,OAAO,SAAS,IAAI,SAAS;AAAA,IACvC;AAAA,EACF,SAAS,OAAO;AACd,UAAM,eAAe,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK;AAC1E,UAAM,QAAQ,iBAAiB,QAAQ,MAAM,QAAQ;AACrD,WAAO;AAAA,MACL,0CAA0C,QAAQ,UAAU,cAAc,QAAQ,YAAY,SAAS,MAAM,YAAY,GAAG,QAAQ;AAAA,SAAY,KAAK,KAAK,EAAE;AAAA,IAC9J;AAEA,UAAM,qBAAqB,KAAK,IAAI,IAAI;AAExC,WAAO;AAAA,MACL,SAAS;AAAA,MACT;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,EACF;AACF;AAKA,eAAsB,kBACpB,IACA,MACA,SAC8B;AAC9B,QAAM,YAAY,KAAK,IAAI;AAE3B,MAAI;AAEF,UAAM,qBAAqB,YAAY;AAErC,YAAM,cAAqC;AAAA,QACzC,YAAY,QAAQ;AAAA,QACpB,UAAU,QAAQ;AAAA,QAClB,WAAW,QAAQ;AAAA,QACnB,MAAM,QAAQ;AAAA,QACd,QAAQ,QAAQ;AAAA,QAChB,cAAc,QAAQ;AAAA,MACxB;AAGA,YAAM,SAAS,MAAM,cAAc,mBAAmB,MAAM,QAAQ,MAAM,WAAW;AAGrF,UAAI,CAAC,OAAO,qBAAqB;AAC/B,cAAMA,iBAAgB,KAAK,IAAI,IAAI;AAEnC,YAAIC;AAGJ,YAAI,CAAC,QAAQ,QAAQ;AACnB,UAAAA,SAAQ,MAAM,iBAAiB,IAAI;AAAA,YACjC;AAAA,YACA;AAAA,YACA,iBAAiB;AAAA,YACjB,iBAAiB;AAAA,YACjB,eAAAD;AAAA,YACA,OAAO,OAAO;AAAA,UAChB,CAAC;AAAA,QACH;AAEA,eAAO;AAAA,UACL;AAAA,UACA,iBAAiB;AAAA,UACjB,iBAAiB;AAAA,UACjB,eAAAA;AAAA,UACA,OAAO,OAAO;AAAA,UACd,OAAAC;AAAA,QACF;AAAA,MACF;AAGA,YAAM,UAAU,OAAO,mBAAmB,KAAK,iBAAiB,KAAK;AAErE,UAAI,kBAAiD;AAErD,UAAI,WAAW,MAAM,QAAQ,OAAO,KAAK,QAAQ,SAAS,GAAG;AAE3D,cAAM,gBAA+B;AAAA,UACnC,GAAG;AAAA,UACH,MAAM,QAAQ;AAAA,UACd,QAAQ,KAAK;AAAA,UACb,UAAU,KAAK;AAAA,QACjB;AAGA,0BAAkB,MAAM,eAAe,eAAe,SAAS,aAAa;AAAA,MAC9E;AAEA,YAAM,gBAAgB,KAAK,IAAI,IAAI;AAEnC,UAAI;AAGJ,UAAI,CAAC,QAAQ,QAAQ;AACnB,gBAAQ,MAAM,iBAAiB,IAAI;AAAA,UACjC;AAAA,UACA;AAAA,UACA,iBAAiB,OAAO;AAAA,UACxB;AAAA,UACA;AAAA,QACF,CAAC;AAAA,MACH;AAEA,aAAO;AAAA,QACL;AAAA,QACA,iBAAiB,OAAO;AAAA,QACxB;AAAA,QACA;AAAA,QACA;AAAA,MACF;AAAA,IACF;AAGA,WAAO,MAAM;AAAA,MACX,mBAAmB;AAAA,MACnB;AAAA,MACA,yCAAyC,KAAK,MAAM;AAAA,IACtD;AAAA,EACF,SAAS,OAAO;AACd,UAAM,gBAAgB,KAAK,IAAI,IAAI;AACnC,UAAM,eAAe,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK;AAC1E,UAAM,gBAAgB,kCAAkC,KAAK,MAAM,gBAAgB,QAAQ,UAAU,MAAM,YAAY;AAEvH,QAAI;AAGJ,QAAI,CAAC,QAAQ,QAAQ;AACnB,cAAQ,MAAM,iBAAiB,IAAI;AAAA,QACjC;AAAA,QACA;AAAA,QACA,iBAAiB;AAAA,QACjB,iBAAiB;AAAA,QACjB;AAAA,QACA,OAAO;AAAA,MACT,CAAC;AAAA,IACH;AAEA,WAAO;AAAA,MACL;AAAA,MACA,iBAAiB;AAAA,MACjB,iBAAiB;AAAA,MACjB;AAAA,MACA,OAAO;AAAA,MACP;AAAA,IACF;AAAA,EACF;AACF;AAKA,eAAsB,oBACpB,IACA,SACyB;AAEzB,6BAA2B,MAAM,OAAO;AAExC,QAAM,EAAE,YAAY,WAAW,UAAU,gBAAgB,SAAS,IAAI;AAEtE,QAAM,QAA+B;AAAA,IACnC;AAAA,IACA;AAAA,IACA;AAAA,IACA,SAAS;AAAA,IACT,WAAW;AAAA,EACb;AAEA,MAAI,WAAW;AACb,UAAM,YAAY;AAAA,EACpB;AAEA,MAAI,UAAU;AACZ,UAAM,WAAW;AAAA,EACnB;AAEA,QAAM,QAAQ,MAAM,GAAG,KAAK,cAAc,OAAO;AAAA,IAC/C,SAAS,EAAE,UAAU,QAAQ,QAAQ,MAAM;AAAA,EAC7C,CAAC;AAGD,QAAM,MAAM,oBAAI,KAAK;AACrB,SAAO,MAAM,OAAO,CAAC,SAAS;AAC5B,QAAI,KAAK,iBAAiB,KAAK,gBAAgB,KAAK;AAClD,aAAO;AAAA,IACT;AACA,QAAI,KAAK,eAAe,KAAK,cAAc,KAAK;AAC9C,aAAO;AAAA,IACT;AACA,WAAO;AAAA,EACT,CAAC;AACH;AAKA,MAAM,2BAA2B;AAAA,EAC/B;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF;AAKA,MAAM,yBAAyB;AAK/B,SAAS,mBAAmB,MAAW,QAAgB,GAAQ;AAE7D,MAAI,QAAQ,wBAAwB;AAClC,WAAO;AAAA,EACT;AAGA,MAAI,SAAS,QAAQ,SAAS,QAAW;AACvC,WAAO;AAAA,EACT;AAGA,MAAI,OAAO,SAAS,UAAU;AAC5B,WAAO;AAAA,EACT;AAGA,MAAI,MAAM,QAAQ,IAAI,GAAG;AACvB,WAAO,KAAK,IAAI,UAAQ,mBAAmB,MAAM,QAAQ,CAAC,CAAC;AAAA,EAC7D;AAGA,QAAM,YAAiC,CAAC;AAExC,aAAW,CAAC,KAAK,KAAK,KAAK,OAAO,QAAQ,IAAI,GAAG;AAE/C,UAAM,cAAc,yBAAyB,KAAK,aAAW,QAAQ,KAAK,GAAG,CAAC;AAE9E,QAAI,aAAa;AACf,gBAAU,GAAG,IAAI;AAAA,IACnB,WAAW,OAAO,UAAU,YAAY,UAAU,MAAM;AACtD,gBAAU,GAAG,IAAI,mBAAmB,OAAO,QAAQ,CAAC;AAAA,IACtD,OAAO;AACL,gBAAU,GAAG,IAAI;AAAA,IACnB;AAAA,EACF;AAEA,SAAO;AACT;AAKA,SAAS,aAAa,MAAgB;AACpC,MAAI,CAAC,MAAM;AACT,WAAO;AAAA,EACT;AAGA,SAAO;AAAA,IACL,IAAI,KAAK;AAAA,IACT,MAAM,KAAK;AAAA;AAAA,EAEb;AACF;AAcA,eAAsB,iBACpB,IACA,SACiB;AACjB,QAAM,EAAE,MAAM,SAAS,iBAAiB,iBAAiB,eAAe,MAAM,IAAI;AAElF,QAAM,kBAAmD,QACrD,yBACA,kBACE,2BACA;AAEN,QAAM,MAAM,GAAG,OAAO,kBAAkB;AAAA,IACtC;AAAA,IACA,UAAU,QAAQ,YAAY;AAAA,IAC9B,YAAY,QAAQ;AAAA,IACpB;AAAA,IACA,cAAc;AAAA,MACZ,MAAM,mBAAmB,QAAQ,IAAI;AAAA,MACrC,WAAW,QAAQ;AAAA,MACnB,MAAM,aAAa,QAAQ,IAAI;AAAA,IACjC;AAAA,IACA,eAAe,kBACX;AAAA,MACE;AAAA,MACA,iBAAiB,gBAAgB,QAAQ,IAAI,CAAC,OAAO;AAAA,QACnD,MAAM,EAAE,OAAO;AAAA,QACf,SAAS,EAAE;AAAA,QACX,OAAO,EAAE;AAAA,MACX,EAAE;AAAA,IACJ,IACA;AAAA,IACJ,cAAc,SAAS;AAAA,IACvB,iBAAiB;AAAA,IACjB,UAAU,QAAQ;AAAA,IAClB,gBAAgB,QAAQ;AAAA,IACxB,YAAY,QAAQ,cAAc;AAAA,EACpC,CAAC;AAED,QAAM,GAAG,gBAAgB,GAAG;AAE5B,SAAO,IAAI;AACb;",
   "names": ["executionTime", "logId"]
 }

package/dist/modules/sales/acl.js

@@ -1,7 +1,6 @@
 const features = [
   { id: "sales.orders.view", title: "View sales orders", module: "sales" },
   { id: "sales.orders.manage", title: "Manage sales orders", module: "sales" },
-  { id: "sales.orders.approve", title: "Approve sales orders", module: "sales" },
   { id: "sales.quotes.view", title: "View sales quotes", module: "sales" },
   { id: "sales.quotes.manage", title: "Manage sales quotes", module: "sales" },
   { id: "sales.shipments.manage", title: "Manage order shipments", module: "sales" },

package/dist/modules/sales/acl.js.map

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../src/modules/sales/acl.ts"],
-  "sourcesContent": ["export const features = [\n  { id: 'sales.orders.view', title: 'View sales orders', module: 'sales' },\n  { id: 'sales.orders.manage', title: 'Manage sales orders', module: 'sales' },\n  { id: 'sales.orders.approve', title: 'Approve sales orders', module: 'sales' },\n  { id: 'sales.quotes.view', title: 'View sales quotes', module: 'sales' },\n  { id: 'sales.quotes.manage', title: 'Manage sales quotes', module: 'sales' },\n  { id: 'sales.shipments.manage', title: 'Manage order shipments', module: 'sales' },\n  { id: 'sales.payments.manage', title: 'Manage order payments', module: 'sales' },\n  { id: 'sales.invoices.manage', title: 'Manage sales invoices', module: 'sales' },\n  { id: 'sales.credit_memos.manage', title: 'Manage credit memos', module: 'sales' },\n  { id: 'sales.channels.manage', title: 'Manage sales channels', module: 'sales' },\n  { id: 'sales.settings.manage', title: 'Manage sales configuration', module: 'sales' },\n]\n\nexport default features\n"],
-  "mappings": "AAAO,MAAM,WAAW;AAAA,EACtB,EAAE,IAAI,qBAAqB,OAAO,qBAAqB,QAAQ,QAAQ;AAAA,EACvE,EAAE,IAAI,uBAAuB,OAAO,uBAAuB,QAAQ,QAAQ;AAAA,EAC3E,EAAE,IAAI,wBAAwB,OAAO,wBAAwB,QAAQ,QAAQ;AAAA,EAC7E,EAAE,IAAI,qBAAqB,OAAO,qBAAqB,QAAQ,QAAQ;AAAA,EACvE,EAAE,IAAI,uBAAuB,OAAO,uBAAuB,QAAQ,QAAQ;AAAA,EAC3E,EAAE,IAAI,0BAA0B,OAAO,0BAA0B,QAAQ,QAAQ;AAAA,EACjF,EAAE,IAAI,yBAAyB,OAAO,yBAAyB,QAAQ,QAAQ;AAAA,EAC/E,EAAE,IAAI,yBAAyB,OAAO,yBAAyB,QAAQ,QAAQ;AAAA,EAC/E,EAAE,IAAI,6BAA6B,OAAO,uBAAuB,QAAQ,QAAQ;AAAA,EACjF,EAAE,IAAI,yBAAyB,OAAO,yBAAyB,QAAQ,QAAQ;AAAA,EAC/E,EAAE,IAAI,yBAAyB,OAAO,8BAA8B,QAAQ,QAAQ;AACtF;AAEA,IAAO,cAAQ;",
+  "sourcesContent": ["export const features = [\n  { id: 'sales.orders.view', title: 'View sales orders', module: 'sales' },\n  { id: 'sales.orders.manage', title: 'Manage sales orders', module: 'sales' },\n  { id: 'sales.quotes.view', title: 'View sales quotes', module: 'sales' },\n  { id: 'sales.quotes.manage', title: 'Manage sales quotes', module: 'sales' },\n  { id: 'sales.shipments.manage', title: 'Manage order shipments', module: 'sales' },\n  { id: 'sales.payments.manage', title: 'Manage order payments', module: 'sales' },\n  { id: 'sales.invoices.manage', title: 'Manage sales invoices', module: 'sales' },\n  { id: 'sales.credit_memos.manage', title: 'Manage credit memos', module: 'sales' },\n  { id: 'sales.channels.manage', title: 'Manage sales channels', module: 'sales' },\n  { id: 'sales.settings.manage', title: 'Manage sales configuration', module: 'sales' },\n]\n\nexport default features\n"],
+  "mappings": "AAAO,MAAM,WAAW;AAAA,EACtB,EAAE,IAAI,qBAAqB,OAAO,qBAAqB,QAAQ,QAAQ;AAAA,EACvE,EAAE,IAAI,uBAAuB,OAAO,uBAAuB,QAAQ,QAAQ;AAAA,EAC3E,EAAE,IAAI,qBAAqB,OAAO,qBAAqB,QAAQ,QAAQ;AAAA,EACvE,EAAE,IAAI,uBAAuB,OAAO,uBAAuB,QAAQ,QAAQ;AAAA,EAC3E,EAAE,IAAI,0BAA0B,OAAO,0BAA0B,QAAQ,QAAQ;AAAA,EACjF,EAAE,IAAI,yBAAyB,OAAO,yBAAyB,QAAQ,QAAQ;AAAA,EAC/E,EAAE,IAAI,yBAAyB,OAAO,yBAAyB,QAAQ,QAAQ;AAAA,EAC/E,EAAE,IAAI,6BAA6B,OAAO,uBAAuB,QAAQ,QAAQ;AAAA,EACjF,EAAE,IAAI,yBAAyB,OAAO,yBAAyB,QAAQ,QAAQ;AAAA,EAC/E,EAAE,IAAI,yBAAyB,OAAO,8BAA8B,QAAQ,QAAQ;AACtF;AAEA,IAAO,cAAQ;",
   "names": []
 }

package/dist/modules/sales/backend/sales/documents/[id]/page.js

@@ -44,9 +44,6 @@ import {
   emitSalesDocumentTotalsRefresh,
   subscribeSalesDocumentTotalsRefresh
 } from "@open-mercato/core/modules/sales/lib/frontend/documentTotalsEvents";
-import {
-  subscribeSalesDocumentDataRefresh
-} from "@open-mercato/core/modules/sales/lib/frontend/documentDataEvents";
 import { ICON_SUGGESTIONS } from "@open-mercato/core/modules/customers/lib/dictionaries";
 import { readMarkdownPreferenceCookie, writeMarkdownPreferenceCookie } from "@open-mercato/core/modules/customers/lib/markdownPreference";
 import { InjectionSpot, useInjectionWidgets } from "@open-mercato/ui/backend/injection/InjectionSpot";
@@ -2097,15 +2094,6 @@ function SalesDocumentDetailPage({
     }),
     [kind, record?.id, refreshDocumentTotals]
   );
-  React.useEffect(
-    () => subscribeSalesDocumentDataRefresh((detail) => {
-      if (!record?.id) return;
-      if (detail.documentId !== record.id) return;
-      if (detail.kind && detail.kind !== kind) return;
-      setReloadKey((prev) => prev + 1);
-    }),
-    [kind, record?.id]
-  );
   const statusDictionaryMap = React.useMemo(
     () => createDictionaryMap(
       statusOptions.map((option) => ({