npm - @open-mercato/core - Versions diffs - 0.5.1-develop.2683.4878a05b8e → 0.5.1-develop.2694.732417c5ec - Mend

@open-mercato/core 0.5.1-develop.2683.4878a05b8e → 0.5.1-develop.2694.732417c5ec

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (416) hide show

package/dist/modules/attachments/api/partitions/route.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../../src/modules/attachments/api/partitions/route.ts"],
-  "sourcesContent": ["import { NextResponse } from 'next/server'\nimport { z } from 'zod'\nimport type { OpenApiRouteDoc } from '@open-mercato/shared/lib/openapi'\nimport { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { Attachment, AttachmentPartition } from '../../data/entities'\nimport { ensureDefaultPartitions, DEFAULT_ATTACHMENT_PARTITIONS, sanitizePartitionCode, isPartitionSettingsLocked } from '../../lib/partitions'\nimport { resolvePartitionEnvKey } from '../../lib/partitionEnv'\nimport type { EntityManager } from '@mikro-orm/postgresql'\nimport { resolveDefaultAttachmentOcrEnabled } from '../../lib/ocrConfig'\nimport {\n  attachmentsTag,\n  partitionCreateSchema,\n  partitionUpdateSchema,\n  partitionResponseSchema,\n  partitionListResponseSchema,\n  attachmentErrorSchema,\n} from '../openapi'\n\nconst deleteSchema = z.object({\n  id: z.string().uuid(),\n})\n\nconst DEFAULT_CODES = new Set(DEFAULT_ATTACHMENT_PARTITIONS.map((entry) => entry.code))\n\nfunction serializePartition(entry: AttachmentPartition) {\n  return {\n    id: entry.id,\n    code: entry.code,\n    title: entry.title,\n    description: entry.description ?? null,\n    isPublic: entry.isPublic ?? false,\n    requiresOcr: entry.requiresOcr ?? resolveDefaultAttachmentOcrEnabled(),\n    ocrModel: entry.ocrModel ?? null,\n    createdAt: entry.createdAt instanceof Date ? entry.createdAt.toISOString() : null,\n    updatedAt: entry.updatedAt instanceof Date ? entry.updatedAt.toISOString() : null,\n    envKey: resolvePartitionEnvKey(entry.code),\n  }\n}\n\nexport const metadata = {\n  GET: { requireAuth: true, requireFeatures: ['attachments.manage'] },\n  POST: { requireAuth: true, requireFeatures: ['attachments.manage'] },\n  PUT: { requireAuth: true, requireFeatures: ['attachments.manage'] },\n  DELETE: { requireAuth: true, requireFeatures: ['attachments.manage'] },\n} as const\n\nasync function resolveEm() {\n  const { resolve } = await createRequestContainer()\n  return resolve('em') as EntityManager\n}\n\nexport async function GET(req: Request) {\n  const auth = await getAuthFromRequest(req)\n  if (!auth?.sub) {\n    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n  }\n  const em = await resolveEm()\n  await ensureDefaultPartitions(em)\n  const rows = await em.find(AttachmentPartition, {}, { orderBy: { createdAt: 'asc' } })\n  return NextResponse.json({ items: rows.map((entry) => serializePartition(entry)) })\n}\n\nexport async function POST(req: Request) {\n  if (isPartitionSettingsLocked()) {\n    return NextResponse.json(\n      { error: 'Attachment partitions are managed by the environment in demo/onboarding mode.' },\n      { status: 403 },\n    )\n  }\n  const auth = await getAuthFromRequest(req)\n  if (!auth?.sub) {\n    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n  }\n  let json: unknown = null\n  try {\n    json = await req.json()\n  } catch {\n    json = null\n  }\n  const parsed = partitionCreateSchema.safeParse(json)\n  if (!parsed.success) {\n    return NextResponse.json({ error: 'Invalid payload' }, { status: 400 })\n  }\n  const code = sanitizePartitionCode(parsed.data.code)\n  if (!code) {\n    return NextResponse.json({ error: 'Partition code is required.' }, { status: 400 })\n  }\n  const em = await resolveEm()\n  await ensureDefaultPartitions(em)\n  const exists = await em.findOne(AttachmentPartition, { code })\n  if (exists) {\n    return NextResponse.json({ error: 'Partition code already exists.' }, { status: 409 })\n  }\n  const entry = em.create(AttachmentPartition, {\n    code,\n    title: parsed.data.title.trim(),\n    description: parsed.data.description?.trim() ?? null,\n    storageDriver: 'local',\n    isPublic: parsed.data.isPublic ?? false,\n    requiresOcr:\n      typeof parsed.data.requiresOcr === 'boolean'\n        ? parsed.data.requiresOcr\n        : resolveDefaultAttachmentOcrEnabled(),\n    ocrModel: parsed.data.ocrModel?.trim() || null,\n  })\n  await em.persistAndFlush(entry)\n  return NextResponse.json({ item: serializePartition(entry) }, { status: 201 })\n}\n\nexport async function PUT(req: Request) {\n  if (isPartitionSettingsLocked()) {\n    return NextResponse.json(\n      { error: 'Attachment partitions are managed by the environment in demo/onboarding mode.' },\n      { status: 403 },\n    )\n  }\n  const auth = await getAuthFromRequest(req)\n  if (!auth?.sub) {\n    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n  }\n  let json: unknown = null\n  try {\n    json = await req.json()\n  } catch {\n    json = null\n  }\n  const parsed = partitionUpdateSchema.safeParse(json)\n  if (!parsed.success) {\n    return NextResponse.json({ error: 'Invalid payload' }, { status: 400 })\n  }\n  const em = await resolveEm()\n  const entry = await em.findOne(AttachmentPartition, { id: parsed.data.id })\n  if (!entry) {\n    return NextResponse.json({ error: 'Partition not found' }, { status: 404 })\n  }\n  if (sanitizePartitionCode(parsed.data.code) !== entry.code) {\n    return NextResponse.json({ error: 'Partition code cannot be changed.' }, { status: 400 })\n  }\n  entry.title = parsed.data.title.trim()\n  entry.description = parsed.data.description?.trim() ?? null\n  entry.isPublic = parsed.data.isPublic ?? false\n  if (typeof parsed.data.requiresOcr === 'boolean') {\n    entry.requiresOcr = parsed.data.requiresOcr\n  }\n  if (parsed.data.ocrModel !== undefined) {\n    entry.ocrModel = parsed.data.ocrModel?.trim() || null\n  }\n  await em.persistAndFlush(entry)\n  return NextResponse.json({ item: serializePartition(entry) })\n}\n\nexport async function DELETE(req: Request) {\n  if (isPartitionSettingsLocked()) {\n    return NextResponse.json(\n      { error: 'Attachment partitions are managed by the environment in demo/onboarding mode.' },\n      { status: 403 },\n    )\n  }\n  const auth = await getAuthFromRequest(req)\n  if (!auth?.sub) {\n    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n  }\n  const url = new URL(req.url)\n  const id = url.searchParams.get('id')\n  const parsed = deleteSchema.safeParse({ id })\n  if (!parsed.success) {\n    return NextResponse.json({ error: 'Partition id is required' }, { status: 400 })\n  }\n  const em = await resolveEm()\n  const entry = await em.findOne(AttachmentPartition, { id: parsed.data.id })\n  if (!entry) {\n    return NextResponse.json({ error: 'Partition not found' }, { status: 404 })\n  }\n  if (DEFAULT_CODES.has(entry.code)) {\n    return NextResponse.json({ error: 'Default partitions cannot be removed.' }, { status: 400 })\n  }\n  const usage = await em.count(Attachment, { partitionCode: entry.code })\n  if (usage > 0) {\n    return NextResponse.json({ error: 'Partition is in use and cannot be removed.' }, { status: 409 })\n  }\n  await em.removeAndFlush(entry)\n  return NextResponse.json({ ok: true })\n}\n\nexport const openApi: OpenApiRouteDoc = {\n  tag: attachmentsTag,\n  summary: 'Attachment partition management',\n  methods: {\n    GET: {\n      summary: 'List all attachment partitions',\n      description: 'Returns all configured attachment partitions with storage settings, OCR configuration, and access control settings.',\n      responses: [\n        { status: 200, description: 'List of partitions', schema: partitionListResponseSchema },\n      ],\n      errors: [\n        { status: 401, description: 'Unauthorized', schema: attachmentErrorSchema },\n      ],\n    },\n    POST: {\n      summary: 'Create new partition',\n      description: 'Creates a new attachment partition with specified storage and OCR settings. Requires unique partition code.',\n      requestBody: {\n        contentType: 'application/json',\n        schema: partitionCreateSchema,\n      },\n      responses: [\n        { status: 201, description: 'Partition created successfully', schema: partitionResponseSchema },\n      ],\n      errors: [\n        { status: 400, description: 'Invalid payload or partition code', schema: attachmentErrorSchema },\n        { status: 401, description: 'Unauthorized', schema: attachmentErrorSchema },\n        { status: 403, description: 'Partitions locked in demo mode', schema: attachmentErrorSchema },\n        { status: 409, description: 'Partition code already exists', schema: attachmentErrorSchema },\n      ],\n    },\n    PUT: {\n      summary: 'Update partition',\n      description: 'Updates an existing partition. Partition code cannot be changed. Title, description, OCR settings, and access control can be modified.',\n      requestBody: {\n        contentType: 'application/json',\n        schema: partitionUpdateSchema,\n      },\n      responses: [\n        { status: 200, description: 'Partition updated successfully', schema: partitionResponseSchema },\n      ],\n      errors: [\n        { status: 400, description: 'Invalid payload or code change attempt', schema: attachmentErrorSchema },\n        { status: 401, description: 'Unauthorized', schema: attachmentErrorSchema },\n        { status: 403, description: 'Partitions locked in demo mode', schema: attachmentErrorSchema },\n        { status: 404, description: 'Partition not found', schema: attachmentErrorSchema },\n      ],\n    },\n    DELETE: {\n      summary: 'Delete partition',\n      description: 'Deletes a partition. Default partitions cannot be deleted. Partitions with existing attachments cannot be deleted.',\n      responses: [\n        { status: 200, description: 'Partition deleted successfully', schema: z.object({ ok: z.literal(true) }) },\n      ],\n      errors: [\n        { status: 400, description: 'Invalid ID or default partition deletion attempt', schema: attachmentErrorSchema },\n        { status: 401, description: 'Unauthorized', schema: attachmentErrorSchema },\n        { status: 403, description: 'Partitions locked in demo mode', schema: attachmentErrorSchema },\n        { status: 404, description: 'Partition not found', schema: attachmentErrorSchema },\n        { status: 409, description: 'Partition in use', schema: attachmentErrorSchema },\n      ],\n    },\n  },\n}\n"],
-  "mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,SAAS;AAElB,SAAS,0BAA0B;AACnC,SAAS,8BAA8B;AACvC,SAAS,YAAY,2BAA2B;AAChD,SAAS,yBAAyB,+BAA+B,uBAAuB,iCAAiC;AACzH,SAAS,8BAA8B;AAEvC,SAAS,0CAA0C;AACnD;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;AAEP,MAAM,eAAe,EAAE,OAAO;AAAA,EAC5B,IAAI,EAAE,OAAO,EAAE,KAAK;AACtB,CAAC;AAED,MAAM,gBAAgB,IAAI,IAAI,8BAA8B,IAAI,CAAC,UAAU,MAAM,IAAI,CAAC;AAEtF,SAAS,mBAAmB,OAA4B;AACtD,SAAO;AAAA,IACL,IAAI,MAAM;AAAA,IACV,MAAM,MAAM;AAAA,IACZ,OAAO,MAAM;AAAA,IACb,aAAa,MAAM,eAAe;AAAA,IAClC,UAAU,MAAM,YAAY;AAAA,IAC5B,aAAa,MAAM,eAAe,mCAAmC;AAAA,IACrE,UAAU,MAAM,YAAY;AAAA,IAC5B,WAAW,MAAM,qBAAqB,OAAO,MAAM,UAAU,YAAY,IAAI;AAAA,IAC7E,WAAW,MAAM,qBAAqB,OAAO,MAAM,UAAU,YAAY,IAAI;AAAA,IAC7E,QAAQ,uBAAuB,MAAM,IAAI;AAAA,EAC3C;AACF;AAEO,MAAM,WAAW;AAAA,EACtB,KAAK,EAAE,aAAa,MAAM,iBAAiB,CAAC,oBAAoB,EAAE;AAAA,EAClE,MAAM,EAAE,aAAa,MAAM,iBAAiB,CAAC,oBAAoB,EAAE;AAAA,EACnE,KAAK,EAAE,aAAa,MAAM,iBAAiB,CAAC,oBAAoB,EAAE;AAAA,EAClE,QAAQ,EAAE,aAAa,MAAM,iBAAiB,CAAC,oBAAoB,EAAE;AACvE;AAEA,eAAe,YAAY;AACzB,QAAM,EAAE,QAAQ,IAAI,MAAM,uBAAuB;AACjD,SAAO,QAAQ,IAAI;AACrB;AAEA,eAAsB,IAAI,KAAc;AACtC,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,MAAM,KAAK;AACd,WAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACrE;AACA,QAAM,KAAK,MAAM,UAAU;AAC3B,QAAM,wBAAwB,EAAE;AAChC,QAAM,OAAO,MAAM,GAAG,KAAK,qBAAqB,CAAC,GAAG,EAAE,SAAS,EAAE,WAAW,MAAM,EAAE,CAAC;AACrF,SAAO,aAAa,KAAK,EAAE,OAAO,KAAK,IAAI,CAAC,UAAU,mBAAmB,KAAK,CAAC,EAAE,CAAC;AACpF;AAEA,eAAsB,KAAK,KAAc;AACvC,MAAI,0BAA0B,GAAG;AAC/B,WAAO,aAAa;AAAA,MAClB,EAAE,OAAO,gFAAgF;AAAA,MACzF,EAAE,QAAQ,IAAI;AAAA,IAChB;AAAA,EACF;AACA,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,MAAM,KAAK;AACd,WAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACrE;AACA,MAAI,OAAgB;AACpB,MAAI;AACF,WAAO,MAAM,IAAI,KAAK;AAAA,EACxB,QAAQ;AACN,WAAO;AAAA,EACT;AACA,QAAM,SAAS,sBAAsB,UAAU,IAAI;AACnD,MAAI,CAAC,OAAO,SAAS;AACnB,WAAO,aAAa,KAAK,EAAE,OAAO,kBAAkB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACxE;AACA,QAAM,OAAO,sBAAsB,OAAO,KAAK,IAAI;AACnD,MAAI,CAAC,MAAM;AACT,WAAO,aAAa,KAAK,EAAE,OAAO,8BAA8B,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACpF;AACA,QAAM,KAAK,MAAM,UAAU;AAC3B,QAAM,wBAAwB,EAAE;AAChC,QAAM,SAAS,MAAM,GAAG,QAAQ,qBAAqB,EAAE,KAAK,CAAC;AAC7D,MAAI,QAAQ;AACV,WAAO,aAAa,KAAK,EAAE,OAAO,iCAAiC,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACvF;AACA,QAAM,QAAQ,GAAG,OAAO,qBAAqB;AAAA,IAC3C;AAAA,IACA,OAAO,OAAO,KAAK,MAAM,KAAK;AAAA,IAC9B,aAAa,OAAO,KAAK,aAAa,KAAK,KAAK;AAAA,IAChD,eAAe;AAAA,IACf,UAAU,OAAO,KAAK,YAAY;AAAA,IAClC,aACE,OAAO,OAAO,KAAK,gBAAgB,YAC/B,OAAO,KAAK,cACZ,mCAAmC;AAAA,IACzC,UAAU,OAAO,KAAK,UAAU,KAAK,KAAK;AAAA,EAC5C,CAAC;AACD,QAAM,GAAG,gBAAgB,KAAK;AAC9B,SAAO,aAAa,KAAK,EAAE,MAAM,mBAAmB,KAAK,EAAE,GAAG,EAAE,QAAQ,IAAI,CAAC;AAC/E;AAEA,eAAsB,IAAI,KAAc;AACtC,MAAI,0BAA0B,GAAG;AAC/B,WAAO,aAAa;AAAA,MAClB,EAAE,OAAO,gFAAgF;AAAA,MACzF,EAAE,QAAQ,IAAI;AAAA,IAChB;AAAA,EACF;AACA,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,MAAM,KAAK;AACd,WAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACrE;AACA,MAAI,OAAgB;AACpB,MAAI;AACF,WAAO,MAAM,IAAI,KAAK;AAAA,EACxB,QAAQ;AACN,WAAO;AAAA,EACT;AACA,QAAM,SAAS,sBAAsB,UAAU,IAAI;AACnD,MAAI,CAAC,OAAO,SAAS;AACnB,WAAO,aAAa,KAAK,EAAE,OAAO,kBAAkB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACxE;AACA,QAAM,KAAK,MAAM,UAAU;AAC3B,QAAM,QAAQ,MAAM,GAAG,QAAQ,qBAAqB,EAAE,IAAI,OAAO,KAAK,GAAG,CAAC;AAC1E,MAAI,CAAC,OAAO;AACV,WAAO,aAAa,KAAK,EAAE,OAAO,sBAAsB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC5E;AACA,MAAI,sBAAsB,OAAO,KAAK,IAAI,MAAM,MAAM,MAAM;AAC1D,WAAO,aAAa,KAAK,EAAE,OAAO,oCAAoC,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC1F;AACA,QAAM,QAAQ,OAAO,KAAK,MAAM,KAAK;AACrC,QAAM,cAAc,OAAO,KAAK,aAAa,KAAK,KAAK;AACvD,QAAM,WAAW,OAAO,KAAK,YAAY;AACzC,MAAI,OAAO,OAAO,KAAK,gBAAgB,WAAW;AAChD,UAAM,cAAc,OAAO,KAAK;AAAA,EAClC;AACA,MAAI,OAAO,KAAK,aAAa,QAAW;AACtC,UAAM,WAAW,OAAO,KAAK,UAAU,KAAK,KAAK;AAAA,EACnD;AACA,QAAM,GAAG,gBAAgB,KAAK;AAC9B,SAAO,aAAa,KAAK,EAAE,MAAM,mBAAmB,KAAK,EAAE,CAAC;AAC9D;AAEA,eAAsB,OAAO,KAAc;AACzC,MAAI,0BAA0B,GAAG;AAC/B,WAAO,aAAa;AAAA,MAClB,EAAE,OAAO,gFAAgF;AAAA,MACzF,EAAE,QAAQ,IAAI;AAAA,IAChB;AAAA,EACF;AACA,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,MAAM,KAAK;AACd,WAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACrE;AACA,QAAM,MAAM,IAAI,IAAI,IAAI,GAAG;AAC3B,QAAM,KAAK,IAAI,aAAa,IAAI,IAAI;AACpC,QAAM,SAAS,aAAa,UAAU,EAAE,GAAG,CAAC;AAC5C,MAAI,CAAC,OAAO,SAAS;AACnB,WAAO,aAAa,KAAK,EAAE,OAAO,2BAA2B,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACjF;AACA,QAAM,KAAK,MAAM,UAAU;AAC3B,QAAM,QAAQ,MAAM,GAAG,QAAQ,qBAAqB,EAAE,IAAI,OAAO,KAAK,GAAG,CAAC;AAC1E,MAAI,CAAC,OAAO;AACV,WAAO,aAAa,KAAK,EAAE,OAAO,sBAAsB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC5E;AACA,MAAI,cAAc,IAAI,MAAM,IAAI,GAAG;AACjC,WAAO,aAAa,KAAK,EAAE,OAAO,wCAAwC,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC9F;AACA,QAAM,QAAQ,MAAM,GAAG,MAAM,YAAY,EAAE,eAAe,MAAM,KAAK,CAAC;AACtE,MAAI,QAAQ,GAAG;AACb,WAAO,aAAa,KAAK,EAAE,OAAO,6CAA6C,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACnG;AACA,QAAM,GAAG,eAAe,KAAK;AAC7B,SAAO,aAAa,KAAK,EAAE,IAAI,KAAK,CAAC;AACvC;AAEO,MAAM,UAA2B;AAAA,EACtC,KAAK;AAAA,EACL,SAAS;AAAA,EACT,SAAS;AAAA,IACP,KAAK;AAAA,MACH,SAAS;AAAA,MACT,aAAa;AAAA,MACb,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,sBAAsB,QAAQ,4BAA4B;AAAA,MACxF;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,sBAAsB;AAAA,MAC5E;AAAA,IACF;AAAA,IACA,MAAM;AAAA,MACJ,SAAS;AAAA,MACT,aAAa;AAAA,MACb,aAAa;AAAA,QACX,aAAa;AAAA,QACb,QAAQ;AAAA,MACV;AAAA,MACA,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,kCAAkC,QAAQ,wBAAwB;AAAA,MAChG;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,qCAAqC,QAAQ,sBAAsB;AAAA,QAC/F,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,sBAAsB;AAAA,QAC1E,EAAE,QAAQ,KAAK,aAAa,kCAAkC,QAAQ,sBAAsB;AAAA,QAC5F,EAAE,QAAQ,KAAK,aAAa,iCAAiC,QAAQ,sBAAsB;AAAA,MAC7F;AAAA,IACF;AAAA,IACA,KAAK;AAAA,MACH,SAAS;AAAA,MACT,aAAa;AAAA,MACb,aAAa;AAAA,QACX,aAAa;AAAA,QACb,QAAQ;AAAA,MACV;AAAA,MACA,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,kCAAkC,QAAQ,wBAAwB;AAAA,MAChG;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,0CAA0C,QAAQ,sBAAsB;AAAA,QACpG,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,sBAAsB;AAAA,QAC1E,EAAE,QAAQ,KAAK,aAAa,kCAAkC,QAAQ,sBAAsB;AAAA,QAC5F,EAAE,QAAQ,KAAK,aAAa,uBAAuB,QAAQ,sBAAsB;AAAA,MACnF;AAAA,IACF;AAAA,IACA,QAAQ;AAAA,MACN,SAAS;AAAA,MACT,aAAa;AAAA,MACb,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,kCAAkC,QAAQ,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,IAAI,EAAE,CAAC,EAAE;AAAA,MAC1G;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,oDAAoD,QAAQ,sBAAsB;AAAA,QAC9G,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,sBAAsB;AAAA,QAC1E,EAAE,QAAQ,KAAK,aAAa,kCAAkC,QAAQ,sBAAsB;AAAA,QAC5F,EAAE,QAAQ,KAAK,aAAa,uBAAuB,QAAQ,sBAAsB;AAAA,QACjF,EAAE,QAAQ,KAAK,aAAa,oBAAoB,QAAQ,sBAAsB;AAAA,MAChF;AAAA,IACF;AAAA,EACF;AACF;",
+  "sourcesContent": ["import { NextResponse } from 'next/server'\nimport { z } from 'zod'\nimport type { OpenApiRouteDoc } from '@open-mercato/shared/lib/openapi'\nimport { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { Attachment, AttachmentPartition } from '../../data/entities'\nimport { ensureDefaultPartitions, DEFAULT_ATTACHMENT_PARTITIONS, sanitizePartitionCode, isPartitionSettingsLocked } from '../../lib/partitions'\nimport { resolvePartitionEnvKey } from '../../lib/partitionEnv'\nimport type { EntityManager } from '@mikro-orm/postgresql'\nimport { resolveDefaultAttachmentOcrEnabled } from '../../lib/ocrConfig'\nimport {\n  attachmentsTag,\n  partitionCreateSchema,\n  partitionUpdateSchema,\n  partitionResponseSchema,\n  partitionListResponseSchema,\n  attachmentErrorSchema,\n} from '../openapi'\n\nconst deleteSchema = z.object({\n  id: z.string().uuid(),\n})\n\nconst DEFAULT_CODES = new Set(DEFAULT_ATTACHMENT_PARTITIONS.map((entry) => entry.code))\n\nfunction serializePartition(entry: AttachmentPartition) {\n  return {\n    id: entry.id,\n    code: entry.code,\n    title: entry.title,\n    description: entry.description ?? null,\n    isPublic: entry.isPublic ?? false,\n    requiresOcr: entry.requiresOcr ?? resolveDefaultAttachmentOcrEnabled(),\n    ocrModel: entry.ocrModel ?? null,\n    createdAt: entry.createdAt instanceof Date ? entry.createdAt.toISOString() : null,\n    updatedAt: entry.updatedAt instanceof Date ? entry.updatedAt.toISOString() : null,\n    envKey: resolvePartitionEnvKey(entry.code),\n  }\n}\n\nexport const metadata = {\n  GET: { requireAuth: true, requireFeatures: ['attachments.manage'] },\n  POST: { requireAuth: true, requireFeatures: ['attachments.manage'] },\n  PUT: { requireAuth: true, requireFeatures: ['attachments.manage'] },\n  DELETE: { requireAuth: true, requireFeatures: ['attachments.manage'] },\n} as const\n\nasync function resolveEm() {\n  const { resolve } = await createRequestContainer()\n  return resolve('em') as EntityManager\n}\n\nexport async function GET(req: Request) {\n  const auth = await getAuthFromRequest(req)\n  if (!auth?.sub) {\n    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n  }\n  const em = await resolveEm()\n  await ensureDefaultPartitions(em)\n  const rows = await em.find(AttachmentPartition, {}, { orderBy: { createdAt: 'asc' } })\n  return NextResponse.json({ items: rows.map((entry) => serializePartition(entry)) })\n}\n\nexport async function POST(req: Request) {\n  if (isPartitionSettingsLocked()) {\n    return NextResponse.json(\n      { error: 'Attachment partitions are managed by the environment in demo/onboarding mode.' },\n      { status: 403 },\n    )\n  }\n  const auth = await getAuthFromRequest(req)\n  if (!auth?.sub) {\n    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n  }\n  let json: unknown = null\n  try {\n    json = await req.json()\n  } catch {\n    json = null\n  }\n  const parsed = partitionCreateSchema.safeParse(json)\n  if (!parsed.success) {\n    return NextResponse.json({ error: 'Invalid payload' }, { status: 400 })\n  }\n  const code = sanitizePartitionCode(parsed.data.code)\n  if (!code) {\n    return NextResponse.json({ error: 'Partition code is required.' }, { status: 400 })\n  }\n  const em = await resolveEm()\n  await ensureDefaultPartitions(em)\n  const exists = await em.findOne(AttachmentPartition, { code })\n  if (exists) {\n    return NextResponse.json({ error: 'Partition code already exists.' }, { status: 409 })\n  }\n  const entry = em.create(AttachmentPartition, {\n    code,\n    title: parsed.data.title.trim(),\n    description: parsed.data.description?.trim() ?? null,\n    storageDriver: 'local',\n    isPublic: parsed.data.isPublic ?? false,\n    requiresOcr:\n      typeof parsed.data.requiresOcr === 'boolean'\n        ? parsed.data.requiresOcr\n        : resolveDefaultAttachmentOcrEnabled(),\n    ocrModel: parsed.data.ocrModel?.trim() || null,\n  })\n  await em.persist(entry).flush()\n  return NextResponse.json({ item: serializePartition(entry) }, { status: 201 })\n}\n\nexport async function PUT(req: Request) {\n  if (isPartitionSettingsLocked()) {\n    return NextResponse.json(\n      { error: 'Attachment partitions are managed by the environment in demo/onboarding mode.' },\n      { status: 403 },\n    )\n  }\n  const auth = await getAuthFromRequest(req)\n  if (!auth?.sub) {\n    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n  }\n  let json: unknown = null\n  try {\n    json = await req.json()\n  } catch {\n    json = null\n  }\n  const parsed = partitionUpdateSchema.safeParse(json)\n  if (!parsed.success) {\n    return NextResponse.json({ error: 'Invalid payload' }, { status: 400 })\n  }\n  const em = await resolveEm()\n  const entry = await em.findOne(AttachmentPartition, { id: parsed.data.id })\n  if (!entry) {\n    return NextResponse.json({ error: 'Partition not found' }, { status: 404 })\n  }\n  if (sanitizePartitionCode(parsed.data.code) !== entry.code) {\n    return NextResponse.json({ error: 'Partition code cannot be changed.' }, { status: 400 })\n  }\n  entry.title = parsed.data.title.trim()\n  entry.description = parsed.data.description?.trim() ?? null\n  entry.isPublic = parsed.data.isPublic ?? false\n  if (typeof parsed.data.requiresOcr === 'boolean') {\n    entry.requiresOcr = parsed.data.requiresOcr\n  }\n  if (parsed.data.ocrModel !== undefined) {\n    entry.ocrModel = parsed.data.ocrModel?.trim() || null\n  }\n  await em.persist(entry).flush()\n  return NextResponse.json({ item: serializePartition(entry) })\n}\n\nexport async function DELETE(req: Request) {\n  if (isPartitionSettingsLocked()) {\n    return NextResponse.json(\n      { error: 'Attachment partitions are managed by the environment in demo/onboarding mode.' },\n      { status: 403 },\n    )\n  }\n  const auth = await getAuthFromRequest(req)\n  if (!auth?.sub) {\n    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n  }\n  const url = new URL(req.url)\n  const id = url.searchParams.get('id')\n  const parsed = deleteSchema.safeParse({ id })\n  if (!parsed.success) {\n    return NextResponse.json({ error: 'Partition id is required' }, { status: 400 })\n  }\n  const em = await resolveEm()\n  const entry = await em.findOne(AttachmentPartition, { id: parsed.data.id })\n  if (!entry) {\n    return NextResponse.json({ error: 'Partition not found' }, { status: 404 })\n  }\n  if (DEFAULT_CODES.has(entry.code)) {\n    return NextResponse.json({ error: 'Default partitions cannot be removed.' }, { status: 400 })\n  }\n  const usage = await em.count(Attachment, { partitionCode: entry.code })\n  if (usage > 0) {\n    return NextResponse.json({ error: 'Partition is in use and cannot be removed.' }, { status: 409 })\n  }\n  await em.remove(entry).flush()\n  return NextResponse.json({ ok: true })\n}\n\nexport const openApi: OpenApiRouteDoc = {\n  tag: attachmentsTag,\n  summary: 'Attachment partition management',\n  methods: {\n    GET: {\n      summary: 'List all attachment partitions',\n      description: 'Returns all configured attachment partitions with storage settings, OCR configuration, and access control settings.',\n      responses: [\n        { status: 200, description: 'List of partitions', schema: partitionListResponseSchema },\n      ],\n      errors: [\n        { status: 401, description: 'Unauthorized', schema: attachmentErrorSchema },\n      ],\n    },\n    POST: {\n      summary: 'Create new partition',\n      description: 'Creates a new attachment partition with specified storage and OCR settings. Requires unique partition code.',\n      requestBody: {\n        contentType: 'application/json',\n        schema: partitionCreateSchema,\n      },\n      responses: [\n        { status: 201, description: 'Partition created successfully', schema: partitionResponseSchema },\n      ],\n      errors: [\n        { status: 400, description: 'Invalid payload or partition code', schema: attachmentErrorSchema },\n        { status: 401, description: 'Unauthorized', schema: attachmentErrorSchema },\n        { status: 403, description: 'Partitions locked in demo mode', schema: attachmentErrorSchema },\n        { status: 409, description: 'Partition code already exists', schema: attachmentErrorSchema },\n      ],\n    },\n    PUT: {\n      summary: 'Update partition',\n      description: 'Updates an existing partition. Partition code cannot be changed. Title, description, OCR settings, and access control can be modified.',\n      requestBody: {\n        contentType: 'application/json',\n        schema: partitionUpdateSchema,\n      },\n      responses: [\n        { status: 200, description: 'Partition updated successfully', schema: partitionResponseSchema },\n      ],\n      errors: [\n        { status: 400, description: 'Invalid payload or code change attempt', schema: attachmentErrorSchema },\n        { status: 401, description: 'Unauthorized', schema: attachmentErrorSchema },\n        { status: 403, description: 'Partitions locked in demo mode', schema: attachmentErrorSchema },\n        { status: 404, description: 'Partition not found', schema: attachmentErrorSchema },\n      ],\n    },\n    DELETE: {\n      summary: 'Delete partition',\n      description: 'Deletes a partition. Default partitions cannot be deleted. Partitions with existing attachments cannot be deleted.',\n      responses: [\n        { status: 200, description: 'Partition deleted successfully', schema: z.object({ ok: z.literal(true) }) },\n      ],\n      errors: [\n        { status: 400, description: 'Invalid ID or default partition deletion attempt', schema: attachmentErrorSchema },\n        { status: 401, description: 'Unauthorized', schema: attachmentErrorSchema },\n        { status: 403, description: 'Partitions locked in demo mode', schema: attachmentErrorSchema },\n        { status: 404, description: 'Partition not found', schema: attachmentErrorSchema },\n        { status: 409, description: 'Partition in use', schema: attachmentErrorSchema },\n      ],\n    },\n  },\n}\n"],
+  "mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,SAAS;AAElB,SAAS,0BAA0B;AACnC,SAAS,8BAA8B;AACvC,SAAS,YAAY,2BAA2B;AAChD,SAAS,yBAAyB,+BAA+B,uBAAuB,iCAAiC;AACzH,SAAS,8BAA8B;AAEvC,SAAS,0CAA0C;AACnD;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;AAEP,MAAM,eAAe,EAAE,OAAO;AAAA,EAC5B,IAAI,EAAE,OAAO,EAAE,KAAK;AACtB,CAAC;AAED,MAAM,gBAAgB,IAAI,IAAI,8BAA8B,IAAI,CAAC,UAAU,MAAM,IAAI,CAAC;AAEtF,SAAS,mBAAmB,OAA4B;AACtD,SAAO;AAAA,IACL,IAAI,MAAM;AAAA,IACV,MAAM,MAAM;AAAA,IACZ,OAAO,MAAM;AAAA,IACb,aAAa,MAAM,eAAe;AAAA,IAClC,UAAU,MAAM,YAAY;AAAA,IAC5B,aAAa,MAAM,eAAe,mCAAmC;AAAA,IACrE,UAAU,MAAM,YAAY;AAAA,IAC5B,WAAW,MAAM,qBAAqB,OAAO,MAAM,UAAU,YAAY,IAAI;AAAA,IAC7E,WAAW,MAAM,qBAAqB,OAAO,MAAM,UAAU,YAAY,IAAI;AAAA,IAC7E,QAAQ,uBAAuB,MAAM,IAAI;AAAA,EAC3C;AACF;AAEO,MAAM,WAAW;AAAA,EACtB,KAAK,EAAE,aAAa,MAAM,iBAAiB,CAAC,oBAAoB,EAAE;AAAA,EAClE,MAAM,EAAE,aAAa,MAAM,iBAAiB,CAAC,oBAAoB,EAAE;AAAA,EACnE,KAAK,EAAE,aAAa,MAAM,iBAAiB,CAAC,oBAAoB,EAAE;AAAA,EAClE,QAAQ,EAAE,aAAa,MAAM,iBAAiB,CAAC,oBAAoB,EAAE;AACvE;AAEA,eAAe,YAAY;AACzB,QAAM,EAAE,QAAQ,IAAI,MAAM,uBAAuB;AACjD,SAAO,QAAQ,IAAI;AACrB;AAEA,eAAsB,IAAI,KAAc;AACtC,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,MAAM,KAAK;AACd,WAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACrE;AACA,QAAM,KAAK,MAAM,UAAU;AAC3B,QAAM,wBAAwB,EAAE;AAChC,QAAM,OAAO,MAAM,GAAG,KAAK,qBAAqB,CAAC,GAAG,EAAE,SAAS,EAAE,WAAW,MAAM,EAAE,CAAC;AACrF,SAAO,aAAa,KAAK,EAAE,OAAO,KAAK,IAAI,CAAC,UAAU,mBAAmB,KAAK,CAAC,EAAE,CAAC;AACpF;AAEA,eAAsB,KAAK,KAAc;AACvC,MAAI,0BAA0B,GAAG;AAC/B,WAAO,aAAa;AAAA,MAClB,EAAE,OAAO,gFAAgF;AAAA,MACzF,EAAE,QAAQ,IAAI;AAAA,IAChB;AAAA,EACF;AACA,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,MAAM,KAAK;AACd,WAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACrE;AACA,MAAI,OAAgB;AACpB,MAAI;AACF,WAAO,MAAM,IAAI,KAAK;AAAA,EACxB,QAAQ;AACN,WAAO;AAAA,EACT;AACA,QAAM,SAAS,sBAAsB,UAAU,IAAI;AACnD,MAAI,CAAC,OAAO,SAAS;AACnB,WAAO,aAAa,KAAK,EAAE,OAAO,kBAAkB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACxE;AACA,QAAM,OAAO,sBAAsB,OAAO,KAAK,IAAI;AACnD,MAAI,CAAC,MAAM;AACT,WAAO,aAAa,KAAK,EAAE,OAAO,8BAA8B,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACpF;AACA,QAAM,KAAK,MAAM,UAAU;AAC3B,QAAM,wBAAwB,EAAE;AAChC,QAAM,SAAS,MAAM,GAAG,QAAQ,qBAAqB,EAAE,KAAK,CAAC;AAC7D,MAAI,QAAQ;AACV,WAAO,aAAa,KAAK,EAAE,OAAO,iCAAiC,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACvF;AACA,QAAM,QAAQ,GAAG,OAAO,qBAAqB;AAAA,IAC3C;AAAA,IACA,OAAO,OAAO,KAAK,MAAM,KAAK;AAAA,IAC9B,aAAa,OAAO,KAAK,aAAa,KAAK,KAAK;AAAA,IAChD,eAAe;AAAA,IACf,UAAU,OAAO,KAAK,YAAY;AAAA,IAClC,aACE,OAAO,OAAO,KAAK,gBAAgB,YAC/B,OAAO,KAAK,cACZ,mCAAmC;AAAA,IACzC,UAAU,OAAO,KAAK,UAAU,KAAK,KAAK;AAAA,EAC5C,CAAC;AACD,QAAM,GAAG,QAAQ,KAAK,EAAE,MAAM;AAC9B,SAAO,aAAa,KAAK,EAAE,MAAM,mBAAmB,KAAK,EAAE,GAAG,EAAE,QAAQ,IAAI,CAAC;AAC/E;AAEA,eAAsB,IAAI,KAAc;AACtC,MAAI,0BAA0B,GAAG;AAC/B,WAAO,aAAa;AAAA,MAClB,EAAE,OAAO,gFAAgF;AAAA,MACzF,EAAE,QAAQ,IAAI;AAAA,IAChB;AAAA,EACF;AACA,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,MAAM,KAAK;AACd,WAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACrE;AACA,MAAI,OAAgB;AACpB,MAAI;AACF,WAAO,MAAM,IAAI,KAAK;AAAA,EACxB,QAAQ;AACN,WAAO;AAAA,EACT;AACA,QAAM,SAAS,sBAAsB,UAAU,IAAI;AACnD,MAAI,CAAC,OAAO,SAAS;AACnB,WAAO,aAAa,KAAK,EAAE,OAAO,kBAAkB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACxE;AACA,QAAM,KAAK,MAAM,UAAU;AAC3B,QAAM,QAAQ,MAAM,GAAG,QAAQ,qBAAqB,EAAE,IAAI,OAAO,KAAK,GAAG,CAAC;AAC1E,MAAI,CAAC,OAAO;AACV,WAAO,aAAa,KAAK,EAAE,OAAO,sBAAsB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC5E;AACA,MAAI,sBAAsB,OAAO,KAAK,IAAI,MAAM,MAAM,MAAM;AAC1D,WAAO,aAAa,KAAK,EAAE,OAAO,oCAAoC,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC1F;AACA,QAAM,QAAQ,OAAO,KAAK,MAAM,KAAK;AACrC,QAAM,cAAc,OAAO,KAAK,aAAa,KAAK,KAAK;AACvD,QAAM,WAAW,OAAO,KAAK,YAAY;AACzC,MAAI,OAAO,OAAO,KAAK,gBAAgB,WAAW;AAChD,UAAM,cAAc,OAAO,KAAK;AAAA,EAClC;AACA,MAAI,OAAO,KAAK,aAAa,QAAW;AACtC,UAAM,WAAW,OAAO,KAAK,UAAU,KAAK,KAAK;AAAA,EACnD;AACA,QAAM,GAAG,QAAQ,KAAK,EAAE,MAAM;AAC9B,SAAO,aAAa,KAAK,EAAE,MAAM,mBAAmB,KAAK,EAAE,CAAC;AAC9D;AAEA,eAAsB,OAAO,KAAc;AACzC,MAAI,0BAA0B,GAAG;AAC/B,WAAO,aAAa;AAAA,MAClB,EAAE,OAAO,gFAAgF;AAAA,MACzF,EAAE,QAAQ,IAAI;AAAA,IAChB;AAAA,EACF;AACA,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,MAAM,KAAK;AACd,WAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACrE;AACA,QAAM,MAAM,IAAI,IAAI,IAAI,GAAG;AAC3B,QAAM,KAAK,IAAI,aAAa,IAAI,IAAI;AACpC,QAAM,SAAS,aAAa,UAAU,EAAE,GAAG,CAAC;AAC5C,MAAI,CAAC,OAAO,SAAS;AACnB,WAAO,aAAa,KAAK,EAAE,OAAO,2BAA2B,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACjF;AACA,QAAM,KAAK,MAAM,UAAU;AAC3B,QAAM,QAAQ,MAAM,GAAG,QAAQ,qBAAqB,EAAE,IAAI,OAAO,KAAK,GAAG,CAAC;AAC1E,MAAI,CAAC,OAAO;AACV,WAAO,aAAa,KAAK,EAAE,OAAO,sBAAsB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC5E;AACA,MAAI,cAAc,IAAI,MAAM,IAAI,GAAG;AACjC,WAAO,aAAa,KAAK,EAAE,OAAO,wCAAwC,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC9F;AACA,QAAM,QAAQ,MAAM,GAAG,MAAM,YAAY,EAAE,eAAe,MAAM,KAAK,CAAC;AACtE,MAAI,QAAQ,GAAG;AACb,WAAO,aAAa,KAAK,EAAE,OAAO,6CAA6C,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACnG;AACA,QAAM,GAAG,OAAO,KAAK,EAAE,MAAM;AAC7B,SAAO,aAAa,KAAK,EAAE,IAAI,KAAK,CAAC;AACvC;AAEO,MAAM,UAA2B;AAAA,EACtC,KAAK;AAAA,EACL,SAAS;AAAA,EACT,SAAS;AAAA,IACP,KAAK;AAAA,MACH,SAAS;AAAA,MACT,aAAa;AAAA,MACb,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,sBAAsB,QAAQ,4BAA4B;AAAA,MACxF;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,sBAAsB;AAAA,MAC5E;AAAA,IACF;AAAA,IACA,MAAM;AAAA,MACJ,SAAS;AAAA,MACT,aAAa;AAAA,MACb,aAAa;AAAA,QACX,aAAa;AAAA,QACb,QAAQ;AAAA,MACV;AAAA,MACA,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,kCAAkC,QAAQ,wBAAwB;AAAA,MAChG;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,qCAAqC,QAAQ,sBAAsB;AAAA,QAC/F,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,sBAAsB;AAAA,QAC1E,EAAE,QAAQ,KAAK,aAAa,kCAAkC,QAAQ,sBAAsB;AAAA,QAC5F,EAAE,QAAQ,KAAK,aAAa,iCAAiC,QAAQ,sBAAsB;AAAA,MAC7F;AAAA,IACF;AAAA,IACA,KAAK;AAAA,MACH,SAAS;AAAA,MACT,aAAa;AAAA,MACb,aAAa;AAAA,QACX,aAAa;AAAA,QACb,QAAQ;AAAA,MACV;AAAA,MACA,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,kCAAkC,QAAQ,wBAAwB;AAAA,MAChG;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,0CAA0C,QAAQ,sBAAsB;AAAA,QACpG,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,sBAAsB;AAAA,QAC1E,EAAE,QAAQ,KAAK,aAAa,kCAAkC,QAAQ,sBAAsB;AAAA,QAC5F,EAAE,QAAQ,KAAK,aAAa,uBAAuB,QAAQ,sBAAsB;AAAA,MACnF;AAAA,IACF;AAAA,IACA,QAAQ;AAAA,MACN,SAAS;AAAA,MACT,aAAa;AAAA,MACb,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,kCAAkC,QAAQ,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,IAAI,EAAE,CAAC,EAAE;AAAA,MAC1G;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,oDAAoD,QAAQ,sBAAsB;AAAA,QAC9G,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,sBAAsB;AAAA,QAC1E,EAAE,QAAQ,KAAK,aAAa,kCAAkC,QAAQ,sBAAsB;AAAA,QAC5F,EAAE,QAAQ,KAAK,aAAa,uBAAuB,QAAQ,sBAAsB;AAAA,QACjF,EAAE,QAAQ,KAAK,aAAa,oBAAoB,QAAQ,sBAAsB;AAAA,MAChF;AAAA,IACF;AAAA,EACF;AACF;",
   "names": []
 }

package/dist/modules/attachments/api/route.js CHANGED Viewed

@@ -2,6 +2,7 @@ import { NextResponse } from "next/server";
 import { createRequestContainer } from "@open-mercato/shared/lib/di/container";
 import { getAuthFromRequest } from "@open-mercato/shared/lib/auth/server";
 import { z } from "zod";
+import { sql } from "kysely";
 import { buildAttachmentFileUrl, buildAttachmentImageUrl, slugifyAttachmentFileName } from "../lib/imageUrls.js";
 import { ensureDefaultPartitions, resolveDefaultPartitionCode, sanitizePartitionCode } from "../lib/partitions.js";
 import { Attachment, AttachmentPartition } from "../data/entities.js";
@@ -384,7 +385,7 @@ async function POST(req) {
     content: extractedContent,
     storageMetadata: metadata2
   });
-  await em.persistAndFlush(att);
+  await em.persist(att).flush();
   if (useLlmOcr) {
     requestOcrProcessing(em, att, stored.absolutePath).catch((error) => {
       console.error("[attachments] failed to queue OCR processing", error);
@@ -442,9 +443,9 @@ async function POST(req) {
 }
 async function readTenantAttachmentUsageBytes(em, tenantId) {
   try {
-    const knex = em.getConnection().getKnex();
-    const row = await knex("attachments").where({ tenant_id: tenantId }).sum({ totalSize: "file_size" }).first();
-    const total = row?.totalSize;
+    const db = em.getKysely();
+    const row = await db.selectFrom("attachments").select(sql`sum(file_size)`.as("total_size")).where("tenant_id", "=", tenantId).executeTakeFirst();
+    const total = row?.total_size;
     if (typeof total === "number") return Number.isFinite(total) ? total : 0;
     if (typeof total === "string") {
       const parsed = Number(total);
@@ -467,7 +468,7 @@ async function DELETE(req) {
   const deleteFilter = { id, tenantId: auth.tenantId, organizationId: auth.orgId };
   const record = await em.findOne(Attachment, deleteFilter);
   if (!record) return NextResponse.json({ error: "Attachment not found" }, { status: 404 });
-  await em.removeAndFlush(record);
+  await em.remove(record).flush();
   await clearAttachmentThumbnailCache(record.partitionCode, record.id).catch((error) => {
     console.error("[attachments] failed to cleanup cached thumbnails", error);
   });

package/dist/modules/attachments/api/route.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../src/modules/attachments/api/route.ts"],
-  "sourcesContent": ["import { NextResponse } from 'next/server'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'\nimport { z } from 'zod'\nimport type { OpenApiRouteDoc } from '@open-mercato/shared/lib/openapi'\nimport { buildAttachmentFileUrl, buildAttachmentImageUrl, slugifyAttachmentFileName } from '../lib/imageUrls'\nimport { ensureDefaultPartitions, resolveDefaultPartitionCode, sanitizePartitionCode } from '../lib/partitions'\nimport { Attachment, AttachmentPartition } from '../data/entities'\nimport { storePartitionFile, deletePartitionFile } from '../lib/storage'\nimport { extractAttachmentContent } from '../lib/textExtraction'\nimport { requestOcrProcessing } from '../lib/ocrQueue'\nimport { OcrService, shouldUseLlmOcr } from '../lib/ocrService'\nimport { clearAttachmentThumbnailCache } from '../lib/thumbnailCache'\nimport {\n  mergeAttachmentMetadata,\n  normalizeAttachmentAssignments,\n  normalizeAttachmentTags,\n  readAttachmentMetadata,\n  upsertAssignment,\n  type AttachmentAssignment,\n} from '../lib/metadata'\nimport { randomUUID } from 'crypto'\nimport type { EntityManager } from '@mikro-orm/postgresql'\nimport { splitCustomFieldPayload } from '@open-mercato/shared/lib/crud/custom-fields'\nimport { emitCrudSideEffects, setCustomFieldsIfAny } from '@open-mercato/shared/lib/commands/helpers'\nimport { resolveTranslations } from '@open-mercato/shared/lib/i18n/server'\nimport { attachmentCrudEvents, attachmentCrudIndexer } from '../lib/crud'\nimport { E } from '#generated/entities.ids.generated'\nimport { resolveDefaultAttachmentOcrEnabled } from '../lib/ocrConfig'\nimport {\n  detectAttachmentMimeType,\n  hasDangerousExecutableExtension,\n  isActiveContentAttachment,\n  sanitizeUploadedFileName,\n} from '../lib/security'\nimport {\n  isMultipartRequestWithinUploadLimit,\n  resolveAttachmentMaxBytes,\n  willExceedAttachmentTenantQuota,\n} from '../lib/upload-limits'\nimport { findWithDecryption } from '@open-mercato/shared/lib/encryption/find'\n\nexport const metadata = {\n  GET: { requireAuth: true, requireFeatures: ['attachments.view'] },\n  POST: { requireAuth: true, requireFeatures: ['attachments.manage'] },\n  DELETE: { requireAuth: true, requireFeatures: ['attachments.manage'] },\n}\n\nconst attachmentQuerySchema = z.object({\n  entityId: z.string().min(1).describe('Entity identifier that owns the attachments'),\n  recordId: z.string().min(1).describe('Record identifier within the entity'),\n  page: z.coerce.number().min(1).optional(),\n  pageSize: z.coerce.number().min(1).max(100).optional(),\n})\n\nconst attachmentAssignmentSchema = z.object({\n  type: z.string().describe('Assignment type identifier'),\n  id: z.string().describe('Assignment record identifier'),\n  href: z.string().nullable().optional().describe('Optional link to the related record'),\n  label: z.string().nullable().optional().describe('Optional label for the assignment'),\n})\n\nconst attachmentItemSchema = z.object({\n  id: z.string().describe('Attachment identifier'),\n  url: z.string().describe('Public path to the stored asset'),\n  fileName: z.string().describe('Original filename'),\n  fileSize: z.number().int().nonnegative().describe('File size in bytes'),\n  createdAt: z.string().describe('Upload timestamp (ISO 8601)'),\n  mimeType: z.string().nullable().optional().describe('MIME type of the file'),\n  thumbnailUrl: z.string().optional().describe('Helper route that renders a thumbnail'),\n  partitionCode: z.string().optional().describe('Partition identifier'),\n  tags: z.array(z.string()).optional().describe('Tags assigned to the attachment'),\n  content: z.string().nullable().optional().describe('Extracted text or markdown content'),\n  assignments: z.array(attachmentAssignmentSchema).optional().describe('Records that reference this attachment'),\n})\n\nconst attachmentListResponseSchema = z.object({\n  items: z.array(attachmentItemSchema),\n  total: z.number().int().nonnegative().optional(),\n  page: z.number().int().min(1).optional(),\n  pageSize: z.number().int().min(1).optional(),\n  totalPages: z.number().int().min(1).optional(),\n})\n\nconst attachmentUploadBodySchema = z.object({\n  entityId: z.string().min(1),\n  recordId: z.string().min(1),\n  fieldKey: z.string().optional(),\n  file: z.string().min(1).describe('Binary file payload; supplied as multipart form-data'),\n  customFields: z\n    .string()\n    .optional()\n    .describe('JSON encoded map of custom field values collected from the upload form.'),\n})\n\nconst attachmentDeleteQuerySchema = z.object({\n  id: z.string().uuid(),\n})\n\nconst uploadResponseSchema = z.object({\n  ok: z.literal(true),\n  item: z.object({\n    id: z.string(),\n    url: z.string(),\n    fileName: z.string(),\n    fileSize: z.number().int().nonnegative(),\n    thumbnailUrl: z.string().optional(),\n    content: z.string().nullable().optional(),\n    tags: z.array(z.string()).optional(),\n    assignments: z.array(attachmentAssignmentSchema).optional(),\n    customFields: z.record(z.string(), z.unknown()).optional(),\n  }),\n})\n\nconst errorSchema = z.object({\n  error: z.string(),\n})\n\nconst LIBRARY_ENTITY_ID = 'attachments:library'\n\nfunction parseCustomFieldsEntry(value: FormDataEntryValue | null): Record<string, unknown> {\n  if (!value) return {}\n  if (typeof value === 'string') {\n    const trimmed = value.trim()\n    if (!trimmed) return {}\n    try {\n      const parsed = JSON.parse(trimmed)\n      if (parsed && typeof parsed === 'object' && !Array.isArray(parsed)) {\n        return parsed as Record<string, unknown>\n      }\n    } catch {\n      return {}\n    }\n  }\n  if (typeof value === 'object' && !Array.isArray(value) && !(value instanceof File)) {\n    return { ...(value as Record<string, unknown>) }\n  }\n  return {}\n}\n\nfunction buildFormPayload(form: FormData): Record<string, unknown> {\n  const payload: Record<string, unknown> = {}\n  form.forEach((value, key) => {\n    if (key === 'customFields') {\n      payload.customFields = parseCustomFieldsEntry(value)\n      return\n    }\n    payload[key] = value\n  })\n  return payload\n}\n\nfunction parseFormTags(value: FormDataEntryValue | null): string[] {\n  if (!value) return []\n  if (typeof value === 'string') {\n    const trimmed = value.trim()\n    if (!trimmed) return []\n    try {\n      const parsed = JSON.parse(trimmed)\n      return normalizeAttachmentTags(parsed)\n    } catch {\n      return normalizeAttachmentTags(value)\n    }\n  }\n  return []\n}\n\nfunction parseFormAssignments(value: FormDataEntryValue | null): AttachmentAssignment[] {\n  if (!value) return []\n  if (typeof value !== 'string') return []\n  const trimmed = value.trim()\n  if (!trimmed) return []\n  try {\n    const parsed = JSON.parse(trimmed)\n    return normalizeAttachmentAssignments(parsed)\n  } catch {\n    return []\n  }\n}\n\nexport async function GET(req: Request) {\n  const auth = await getAuthFromRequest(req)\n  if (!auth || !auth.tenantId || (!auth.orgId && !auth.isSuperAdmin)) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n  const url = new URL(req.url)\n  const parsedQuery = attachmentQuerySchema.safeParse({\n    entityId: url.searchParams.get('entityId') || '',\n    recordId: url.searchParams.get('recordId') || '',\n    page: url.searchParams.get('page') ?? undefined,\n    pageSize: url.searchParams.get('pageSize') ?? undefined,\n  })\n  if (!parsedQuery.success) {\n    return NextResponse.json({ error: 'entityId and recordId are required' }, { status: 400 })\n  }\n  const { entityId, recordId, page, pageSize } = parsedQuery.data\n\n  const { resolve } = await createRequestContainer()\n  const em = resolve('em') as EntityManager\n  const filter: Record<string, unknown> = { entityId, recordId, tenantId: auth.tenantId! }\n  if (auth.orgId) filter.organizationId = auth.orgId\n  const orderBy: Record<string, 'ASC' | 'DESC'> = { createdAt: 'DESC' }\n  const usePaging = typeof page === 'number' && typeof pageSize === 'number'\n  const total = usePaging ? await em.count(Attachment, filter) : null\n  const currentPage = usePaging ? Math.max(1, page) : null\n  const currentPageSize = usePaging ? pageSize : null\n  const totalPages = usePaging && total !== null ? Math.max(1, Math.ceil(total / currentPageSize!)) : null\n  const pageOffset = usePaging ? (Math.min(currentPage!, totalPages!) - 1) * currentPageSize! : undefined\n  const items = await findWithDecryption(\n    em,\n    Attachment,\n    filter,\n    {\n      orderBy,\n      ...(usePaging\n        ? {\n            limit: currentPageSize!,\n            offset: pageOffset,\n          }\n        : {}),\n    },\n    {\n      tenantId: auth.tenantId ?? null,\n      organizationId: auth.orgId ?? null,\n    },\n  )\n  return NextResponse.json({\n    items: items.map((a: any) => {\n      const metadata = readAttachmentMetadata(a.storageMetadata)\n      return {\n        id: a.id,\n        url: a.url,\n        fileName: a.fileName,\n        fileSize: a.fileSize,\n        createdAt: a.createdAt,\n        mimeType: a.mimeType ?? null,\n        partitionCode: a.partitionCode,\n        content: a.content ?? null,\n        thumbnailUrl: buildAttachmentImageUrl(a.id, {\n          width: 320,\n          height: 320,\n          slug: slugifyAttachmentFileName(a.fileName),\n        }),\n        tags: metadata.tags ?? [],\n        assignments: metadata.assignments ?? [],\n      }\n    }),\n    ...(usePaging\n      ? {\n          total,\n          page: Math.min(currentPage!, totalPages!),\n          pageSize: currentPageSize,\n          totalPages,\n        }\n      : {}),\n  })\n}\n\nexport async function POST(req: Request) {\n  const { t } = await resolveTranslations()\n  const auth = await getAuthFromRequest(req)\n  if (!auth || !auth.tenantId || !auth.orgId) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n  const tenantId = auth.tenantId\n  const orgId = auth.orgId\n\n  const contentType = req.headers.get('content-type') || ''\n  if (!contentType.toLowerCase().includes('multipart/form-data')) {\n    return NextResponse.json({ error: 'Expected multipart/form-data' }, { status: 400 })\n  }\n  if (!isMultipartRequestWithinUploadLimit(req.headers.get('content-length'))) {\n    return NextResponse.json({ error: 'Attachment exceeds the maximum upload size.' }, { status: 413 })\n  }\n\n  const form = await req.formData()\n  const formPayload = buildFormPayload(form)\n  const customFieldValues = splitCustomFieldPayload(formPayload).custom\n  const entityId = String(form.get('entityId') || '')\n  const recordId = String(form.get('recordId') || '')\n  const fieldKey = String(form.get('fieldKey') || '')\n  const file = form.get('file') as unknown as File | null\n  if (!entityId || !recordId || !file) return NextResponse.json({ error: 'entityId, recordId and file are required' }, { status: 400 })\n  const partitionOverrideRaw = form.get('partitionCode')\n  const partitionOverride =\n    typeof partitionOverrideRaw === 'string' && partitionOverrideRaw.trim().length > 0\n      ? sanitizePartitionCode(partitionOverrideRaw)\n      : null\n  const tags = parseFormTags(form.get('tags'))\n  const assignmentsFromForm = parseFormAssignments(form.get('assignments'))\n\n  const { resolve } = await createRequestContainer()\n  const em = resolve('em') as EntityManager\n  const dataEngine = resolve('dataEngine')\n  await ensureDefaultPartitions(em)\n  // Optional per-field validations\n  let partitionFromField: string | null = null\n  let fieldMaxAttachmentSizeMb: number | null = null\n  if (fieldKey) {\n    try {\n      const { CustomFieldDef } = await import('@open-mercato/core/modules/entities/data/entities')\n      const def = await em.findOne(CustomFieldDef, {\n        entityId,\n        key: fieldKey,\n        $and: [\n          { $or: [ { tenantId: auth.tenantId }, { tenantId: null } ] },\n        ],\n        isActive: true,\n      })\n      const cfg = (def as any)?.configJson || {}\n      const ext = (file.name || '').split('.').pop()?.toLowerCase() || ''\n      if (Array.isArray(cfg.acceptExtensions) && cfg.acceptExtensions.length) {\n        const allowed = new Set((cfg.acceptExtensions as any[]).map((x: any) => String(x).toLowerCase().replace(/^\\./, '')))\n        if (!allowed.has(ext)) return NextResponse.json({ error: 'File type not allowed' }, { status: 400 })\n      }\n      if (typeof cfg.maxAttachmentSizeMb === 'number' && cfg.maxAttachmentSizeMb > 0) {\n        fieldMaxAttachmentSizeMb = cfg.maxAttachmentSizeMb\n      }\n      if (typeof cfg.partitionCode === 'string' && cfg.partitionCode.trim().length > 0) {\n        partitionFromField = sanitizePartitionCode(cfg.partitionCode)\n      }\n    } catch {}\n  }\n  if (hasDangerousExecutableExtension(file.name)) {\n    return NextResponse.json({\n      error: t('attachments.errors.dangerousExecutable', 'Executable file types are not allowed as attachments.'),\n    }, { status: 400 })\n  }\n  const effectiveMaxBytes = resolveAttachmentMaxBytes(fieldMaxAttachmentSizeMb)\n  if (file.size > effectiveMaxBytes) {\n    return NextResponse.json({\n      error: t('attachments.errors.maxUploadSize', 'Attachment exceeds the maximum upload size.'),\n    }, { status: 413 })\n  }\n  const tenantUsageBytes = await readTenantAttachmentUsageBytes(em, tenantId)\n  if (willExceedAttachmentTenantQuota(tenantUsageBytes, file.size)) {\n    return NextResponse.json({\n      error: t('attachments.errors.quotaExceeded', 'Attachment storage quota exceeded for this tenant.'),\n    }, { status: 413 })\n  }\n  const buf = Buffer.from(await file.arrayBuffer())\n  const safeName = sanitizeUploadedFileName(file.name)\n  const fileMimeType = detectAttachmentMimeType(buf, safeName, (file as any).type)\n  if (isActiveContentAttachment(buf, safeName, fileMimeType)) {\n    return NextResponse.json({ error: t('attachments.errors.activeContentBlocked', 'Active content uploads are not allowed.') }, { status: 400 })\n  }\n  const defaultPartitionCode = resolveDefaultPartitionCode(entityId)\n  const resolvedPartitionCode = partitionOverride ?? partitionFromField ?? defaultPartitionCode\n  const partitionCodeCandidates = Array.from(\n    new Set(\n      [partitionOverride, partitionFromField, resolvedPartitionCode].filter(\n        (code): code is string => typeof code === 'string' && code.length > 0,\n      ),\n    ),\n  )\n  let partition: AttachmentPartition | null = null\n  for (const code of partitionCodeCandidates) {\n    const record = await em.findOne(AttachmentPartition, { code })\n    if (record) {\n      partition = record\n      break\n    }\n  }\n  if (!partition) {\n    partition = await em.findOne(AttachmentPartition, { code: defaultPartitionCode })\n  }\n  if (!partition) {\n    return NextResponse.json({ error: 'Storage partition is not configured.' }, { status: 400 })\n  }\n  const requestedPublicOverride =\n    typeof partitionOverride === 'string' &&\n    partitionOverride.length > 0 &&\n    partition.code === partitionOverride &&\n    partition.isPublic === true &&\n    partition.code !== defaultPartitionCode &&\n    partition.code !== partitionFromField\n  if (requestedPublicOverride) {\n    return NextResponse.json({ error: t('attachments.errors.publicPartitionBlocked', 'Public storage partitions cannot be selected explicitly for this upload.') }, { status: 403 })\n  }\n  let stored\n  try {\n    stored = await storePartitionFile({\n      partitionCode: partition.code,\n      orgId,\n      tenantId,\n      fileName: safeName,\n      buffer: buf,\n    })\n  } catch (error) {\n    console.error('[attachments] failed to persist file', error)\n    return NextResponse.json({ error: 'Failed to persist attachment.' }, { status: 500 })\n  }\n\n  const requiresOcr =\n    typeof (partition as any).requiresOcr === 'boolean'\n      ? Boolean((partition as any).requiresOcr)\n      : resolveDefaultAttachmentOcrEnabled()\n  let extractedContent: string | null = null\n  const wantsLlmOcr = requiresOcr && shouldUseLlmOcr(fileMimeType, safeName)\n  const ocrService = wantsLlmOcr ? new OcrService() : null\n  const useLlmOcr = Boolean(wantsLlmOcr && ocrService?.available)\n\n  if (requiresOcr && !useLlmOcr) {\n    try {\n      extractedContent = await extractAttachmentContent({\n        filePath: stored.absolutePath,\n        mimeType: fileMimeType,\n      })\n    } catch (error) {\n      console.error('[attachments] failed to extract attachment content', error)\n    }\n  }\n\n  let assignments = assignmentsFromForm.slice()\n  if (entityId !== LIBRARY_ENTITY_ID) {\n    assignments = upsertAssignment(assignments, { type: entityId, id: recordId })\n  }\n  const metadata = mergeAttachmentMetadata(null, { assignments, tags })\n  const attachmentId = randomUUID()\n  const att = em.create(Attachment, {\n    id: attachmentId,\n    entityId,\n    recordId,\n    organizationId: auth.orgId!,\n    tenantId: auth.tenantId!,\n    fileName: safeName,\n    mimeType: fileMimeType,\n    fileSize: buf.length,\n    partitionCode: partition.code,\n    storageDriver: partition.storageDriver || 'local',\n    storagePath: stored.storagePath,\n    url: buildAttachmentFileUrl(attachmentId),\n    content: extractedContent,\n    storageMetadata: metadata,\n  })\n  await em.persistAndFlush(att)\n\n  if (useLlmOcr) {\n    requestOcrProcessing(em, att, stored.absolutePath).catch((error) => {\n      console.error('[attachments] failed to queue OCR processing', error)\n    })\n  } else if (wantsLlmOcr) {\n    console.warn('[attachments] OCR requested but OPENAI_API_KEY not configured, falling back to text extraction when available')\n  }\n\n  if (dataEngine) {\n    try {\n      await setCustomFieldsIfAny({\n        dataEngine,\n        entityId: E.attachments.attachment,\n        recordId: attachmentId,\n        tenantId,\n        organizationId: orgId,\n        values: customFieldValues,\n      })\n    } catch (error) {\n      console.error('[attachments] failed to persist custom attributes', error)\n      return NextResponse.json({ error: 'Failed to save attachment attributes.' }, { status: 500 })\n    }\n    await emitCrudSideEffects({\n      dataEngine,\n      action: 'created',\n      entity: att,\n      identifiers: {\n        id: att.id,\n        organizationId: att.organizationId ?? null,\n        tenantId: att.tenantId ?? null,\n      },\n      events: attachmentCrudEvents,\n      indexer: attachmentCrudIndexer,\n    })\n    await dataEngine.flushOrmEntityChanges()\n  }\n\n  return NextResponse.json({\n    ok: true,\n    item: {\n      id: attachmentId,\n      url: att.url,\n      fileName: safeName,\n      fileSize: buf.length,\n      partitionCode: partition.code,\n      thumbnailUrl: buildAttachmentImageUrl(attachmentId, {\n        width: 320,\n        height: 320,\n        slug: slugifyAttachmentFileName(safeName),\n      }),\n      content: extractedContent ?? null,\n      tags: metadata.tags ?? [],\n      assignments: metadata.assignments ?? [],\n      customFields: Object.keys(customFieldValues).length ? customFieldValues : undefined,\n    },\n  })\n}\n\nasync function readTenantAttachmentUsageBytes(em: EntityManager, tenantId: string): Promise<number> {\n  try {\n    const knex = (em as any).getConnection().getKnex()\n    const row = await knex('attachments')\n      .where({ tenant_id: tenantId })\n      .sum({ totalSize: 'file_size' })\n      .first()\n    const total = row?.totalSize\n    if (typeof total === 'number') return Number.isFinite(total) ? total : 0\n    if (typeof total === 'string') {\n      const parsed = Number(total)\n      return Number.isFinite(parsed) ? parsed : 0\n    }\n    return 0\n  } catch {\n    return 0\n  }\n}\n\nexport async function DELETE(req: Request) {\n  const auth = await getAuthFromRequest(req)\n  if (!auth || !auth.tenantId || !auth.orgId) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n  const url = new URL(req.url)\n  const id = url.searchParams.get('id') || ''\n  if (!id) return NextResponse.json({ error: 'Attachment id is required' }, { status: 400 })\n  const { resolve } = await createRequestContainer()\n  const em = resolve('em') as EntityManager\n  const dataEngine = resolve('dataEngine')\n  const deleteFilter: Record<string, unknown> = { id, tenantId: auth.tenantId!, organizationId: auth.orgId }\n  const record = await em.findOne(Attachment, deleteFilter)\n  if (!record) return NextResponse.json({ error: 'Attachment not found' }, { status: 404 })\n  await em.removeAndFlush(record)\n  await clearAttachmentThumbnailCache(record.partitionCode, record.id).catch((error) => {\n    console.error('[attachments] failed to cleanup cached thumbnails', error)\n  })\n  if (record.storagePath) {\n    await deletePartitionFile(record.partitionCode, record.storagePath, record.storageDriver)\n  }\n  if (dataEngine) {\n    await emitCrudSideEffects({\n      dataEngine,\n      action: 'deleted',\n      entity: record,\n      identifiers: {\n        id: record.id,\n        organizationId: record.organizationId ?? null,\n        tenantId: record.tenantId ?? null,\n      },\n      events: attachmentCrudEvents,\n      indexer: attachmentCrudIndexer,\n    })\n    await dataEngine.flushOrmEntityChanges()\n  }\n  return NextResponse.json({ ok: true })\n}\n\nexport const openApi: OpenApiRouteDoc = {\n  summary: 'Manage entity attachments',\n  description: 'Upload and list attachments associated with module entities and records.',\n  methods: {\n    GET: {\n      summary: 'List attachments for a record',\n      description: 'Returns uploaded attachments for the given entity record, ordered by newest first.',\n      query: attachmentQuerySchema,\n      responses: [\n        { status: 200, description: 'Attachments found for the record', schema: attachmentListResponseSchema },\n      ],\n      errors: [\n        { status: 400, description: 'Missing entity or record identifiers', schema: errorSchema },\n        { status: 401, description: 'Unauthorized', schema: errorSchema },\n      ],\n    },\n    POST: {\n      summary: 'Upload attachment',\n      description: 'Uploads a new attachment using multipart form-data and stores metadata for later retrieval.',\n      requestBody: {\n        contentType: 'multipart/form-data',\n        schema: attachmentUploadBodySchema,\n      },\n      responses: [\n        { status: 200, description: 'Attachment stored successfully', schema: uploadResponseSchema },\n      ],\n      errors: [\n        { status: 400, description: 'Payload validation error', schema: errorSchema },\n        { status: 401, description: 'Unauthorized', schema: errorSchema },\n        { status: 403, description: 'Attachment violates field constraints', schema: errorSchema },\n      ],\n    },\n    DELETE: {\n      summary: 'Delete attachment',\n      description: 'Removes an uploaded attachment and deletes the stored asset.',\n      query: attachmentDeleteQuerySchema,\n      responses: [\n        { status: 200, description: 'Attachment deleted', schema: z.object({ ok: z.literal(true) }) },\n        { status: 404, description: 'Attachment not found', schema: errorSchema },\n      ],\n      errors: [\n        { status: 400, description: 'Missing attachment identifier', schema: errorSchema },\n        { status: 401, description: 'Unauthorized', schema: errorSchema },\n      ],\n    },\n  },\n}\n"],
-  "mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,8BAA8B;AACvC,SAAS,0BAA0B;AACnC,SAAS,SAAS;AAElB,SAAS,wBAAwB,yBAAyB,iCAAiC;AAC3F,SAAS,yBAAyB,6BAA6B,6BAA6B;AAC5F,SAAS,YAAY,2BAA2B;AAChD,SAAS,oBAAoB,2BAA2B;AACxD,SAAS,gCAAgC;AACzC,SAAS,4BAA4B;AACrC,SAAS,YAAY,uBAAuB;AAC5C,SAAS,qCAAqC;AAC9C;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OAEK;AACP,SAAS,kBAAkB;AAE3B,SAAS,+BAA+B;AACxC,SAAS,qBAAqB,4BAA4B;AAC1D,SAAS,2BAA2B;AACpC,SAAS,sBAAsB,6BAA6B;AAC5D,SAAS,SAAS;AAClB,SAAS,0CAA0C;AACnD;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;AACP;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,OACK;AACP,SAAS,0BAA0B;AAE5B,MAAM,WAAW;AAAA,EACtB,KAAK,EAAE,aAAa,MAAM,iBAAiB,CAAC,kBAAkB,EAAE;AAAA,EAChE,MAAM,EAAE,aAAa,MAAM,iBAAiB,CAAC,oBAAoB,EAAE;AAAA,EACnE,QAAQ,EAAE,aAAa,MAAM,iBAAiB,CAAC,oBAAoB,EAAE;AACvE;AAEA,MAAM,wBAAwB,EAAE,OAAO;AAAA,EACrC,UAAU,EAAE,OAAO,EAAE,IAAI,CAAC,EAAE,SAAS,6CAA6C;AAAA,EAClF,UAAU,EAAE,OAAO,EAAE,IAAI,CAAC,EAAE,SAAS,qCAAqC;AAAA,EAC1E,MAAM,EAAE,OAAO,OAAO,EAAE,IAAI,CAAC,EAAE,SAAS;AAAA,EACxC,UAAU,EAAE,OAAO,OAAO,EAAE,IAAI,CAAC,EAAE,IAAI,GAAG,EAAE,SAAS;AACvD,CAAC;AAED,MAAM,6BAA6B,EAAE,OAAO;AAAA,EAC1C,MAAM,EAAE,OAAO,EAAE,SAAS,4BAA4B;AAAA,EACtD,IAAI,EAAE,OAAO,EAAE,SAAS,8BAA8B;AAAA,EACtD,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,SAAS,qCAAqC;AAAA,EACrF,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,SAAS,mCAAmC;AACtF,CAAC;AAED,MAAM,uBAAuB,EAAE,OAAO;AAAA,EACpC,IAAI,EAAE,OAAO,EAAE,SAAS,uBAAuB;AAAA,EAC/C,KAAK,EAAE,OAAO,EAAE,SAAS,iCAAiC;AAAA,EAC1D,UAAU,EAAE,OAAO,EAAE,SAAS,mBAAmB;AAAA,EACjD,UAAU,EAAE,OAAO,EAAE,IAAI,EAAE,YAAY,EAAE,SAAS,oBAAoB;AAAA,EACtE,WAAW,EAAE,OAAO,EAAE,SAAS,6BAA6B;AAAA,EAC5D,UAAU,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,SAAS,uBAAuB;AAAA,EAC3E,cAAc,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,uCAAuC;AAAA,EACpF,eAAe,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,sBAAsB;AAAA,EACpE,MAAM,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,SAAS,EAAE,SAAS,iCAAiC;AAAA,EAC/E,SAAS,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,SAAS,oCAAoC;AAAA,EACvF,aAAa,EAAE,MAAM,0BAA0B,EAAE,SAAS,EAAE,SAAS,wCAAwC;AAC/G,CAAC;AAED,MAAM,+BAA+B,EAAE,OAAO;AAAA,EAC5C,OAAO,EAAE,MAAM,oBAAoB;AAAA,EACnC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,YAAY,EAAE,SAAS;AAAA,EAC/C,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,EAAE,SAAS;AAAA,EACvC,UAAU,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,EAAE,SAAS;AAAA,EAC3C,YAAY,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,EAAE,SAAS;AAC/C,CAAC;AAED,MAAM,6BAA6B,EAAE,OAAO;AAAA,EAC1C,UAAU,EAAE,OAAO,EAAE,IAAI,CAAC;AAAA,EAC1B,UAAU,EAAE,OAAO,EAAE,IAAI,CAAC;AAAA,EAC1B,UAAU,EAAE,OAAO,EAAE,SAAS;AAAA,EAC9B,MAAM,EAAE,OAAO,EAAE,IAAI,CAAC,EAAE,SAAS,sDAAsD;AAAA,EACvF,cAAc,EACX,OAAO,EACP,SAAS,EACT,SAAS,yEAAyE;AACvF,CAAC;AAED,MAAM,8BAA8B,EAAE,OAAO;AAAA,EAC3C,IAAI,EAAE,OAAO,EAAE,KAAK;AACtB,CAAC;AAED,MAAM,uBAAuB,EAAE,OAAO;AAAA,EACpC,IAAI,EAAE,QAAQ,IAAI;AAAA,EAClB,MAAM,EAAE,OAAO;AAAA,IACb,IAAI,EAAE,OAAO;AAAA,IACb,KAAK,EAAE,OAAO;AAAA,IACd,UAAU,EAAE,OAAO;AAAA,IACnB,UAAU,EAAE,OAAO,EAAE,IAAI,EAAE,YAAY;AAAA,IACvC,cAAc,EAAE,OAAO,EAAE,SAAS;AAAA,IAClC,SAAS,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,IACxC,MAAM,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,SAAS;AAAA,IACnC,aAAa,EAAE,MAAM,0BAA0B,EAAE,SAAS;AAAA,IAC1D,cAAc,EAAE,OAAO,EAAE,OAAO,GAAG,EAAE,QAAQ,CAAC,EAAE,SAAS;AAAA,EAC3D,CAAC;AACH,CAAC;AAED,MAAM,cAAc,EAAE,OAAO;AAAA,EAC3B,OAAO,EAAE,OAAO;AAClB,CAAC;AAED,MAAM,oBAAoB;AAE1B,SAAS,uBAAuB,OAA2D;AACzF,MAAI,CAAC,MAAO,QAAO,CAAC;AACpB,MAAI,OAAO,UAAU,UAAU;AAC7B,UAAM,UAAU,MAAM,KAAK;AAC3B,QAAI,CAAC,QAAS,QAAO,CAAC;AACtB,QAAI;AACF,YAAM,SAAS,KAAK,MAAM,OAAO;AACjC,UAAI,UAAU,OAAO,WAAW,YAAY,CAAC,MAAM,QAAQ,MAAM,GAAG;AAClE,eAAO;AAAA,MACT;AAAA,IACF,QAAQ;AACN,aAAO,CAAC;AAAA,IACV;AAAA,EACF;AACA,MAAI,OAAO,UAAU,YAAY,CAAC,MAAM,QAAQ,KAAK,KAAK,EAAE,iBAAiB,OAAO;AAClF,WAAO,EAAE,GAAI,MAAkC;AAAA,EACjD;AACA,SAAO,CAAC;AACV;AAEA,SAAS,iBAAiB,MAAyC;AACjE,QAAM,UAAmC,CAAC;AAC1C,OAAK,QAAQ,CAAC,OAAO,QAAQ;AAC3B,QAAI,QAAQ,gBAAgB;AAC1B,cAAQ,eAAe,uBAAuB,KAAK;AACnD;AAAA,IACF;AACA,YAAQ,GAAG,IAAI;AAAA,EACjB,CAAC;AACD,SAAO;AACT;AAEA,SAAS,cAAc,OAA4C;AACjE,MAAI,CAAC,MAAO,QAAO,CAAC;AACpB,MAAI,OAAO,UAAU,UAAU;AAC7B,UAAM,UAAU,MAAM,KAAK;AAC3B,QAAI,CAAC,QAAS,QAAO,CAAC;AACtB,QAAI;AACF,YAAM,SAAS,KAAK,MAAM,OAAO;AACjC,aAAO,wBAAwB,MAAM;AAAA,IACvC,QAAQ;AACN,aAAO,wBAAwB,KAAK;AAAA,IACtC;AAAA,EACF;AACA,SAAO,CAAC;AACV;AAEA,SAAS,qBAAqB,OAA0D;AACtF,MAAI,CAAC,MAAO,QAAO,CAAC;AACpB,MAAI,OAAO,UAAU,SAAU,QAAO,CAAC;AACvC,QAAM,UAAU,MAAM,KAAK;AAC3B,MAAI,CAAC,QAAS,QAAO,CAAC;AACtB,MAAI;AACF,UAAM,SAAS,KAAK,MAAM,OAAO;AACjC,WAAO,+BAA+B,MAAM;AAAA,EAC9C,QAAQ;AACN,WAAO,CAAC;AAAA,EACV;AACF;AAEA,eAAsB,IAAI,KAAc;AACtC,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,QAAQ,CAAC,KAAK,YAAa,CAAC,KAAK,SAAS,CAAC,KAAK,aAAe,QAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AACvI,QAAM,MAAM,IAAI,IAAI,IAAI,GAAG;AAC3B,QAAM,cAAc,sBAAsB,UAAU;AAAA,IAClD,UAAU,IAAI,aAAa,IAAI,UAAU,KAAK;AAAA,IAC9C,UAAU,IAAI,aAAa,IAAI,UAAU,KAAK;AAAA,IAC9C,MAAM,IAAI,aAAa,IAAI,MAAM,KAAK;AAAA,IACtC,UAAU,IAAI,aAAa,IAAI,UAAU,KAAK;AAAA,EAChD,CAAC;AACD,MAAI,CAAC,YAAY,SAAS;AACxB,WAAO,aAAa,KAAK,EAAE,OAAO,qCAAqC,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC3F;AACA,QAAM,EAAE,UAAU,UAAU,MAAM,SAAS,IAAI,YAAY;AAE3D,QAAM,EAAE,QAAQ,IAAI,MAAM,uBAAuB;AACjD,QAAM,KAAK,QAAQ,IAAI;AACvB,QAAM,SAAkC,EAAE,UAAU,UAAU,UAAU,KAAK,SAAU;AACvF,MAAI,KAAK,MAAO,QAAO,iBAAiB,KAAK;AAC7C,QAAM,UAA0C,EAAE,WAAW,OAAO;AACpE,QAAM,YAAY,OAAO,SAAS,YAAY,OAAO,aAAa;AAClE,QAAM,QAAQ,YAAY,MAAM,GAAG,MAAM,YAAY,MAAM,IAAI;AAC/D,QAAM,cAAc,YAAY,KAAK,IAAI,GAAG,IAAI,IAAI;AACpD,QAAM,kBAAkB,YAAY,WAAW;AAC/C,QAAM,aAAa,aAAa,UAAU,OAAO,KAAK,IAAI,GAAG,KAAK,KAAK,QAAQ,eAAgB,CAAC,IAAI;AACpG,QAAM,aAAa,aAAa,KAAK,IAAI,aAAc,UAAW,IAAI,KAAK,kBAAmB;AAC9F,QAAM,QAAQ,MAAM;AAAA,IAClB;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,MACE;AAAA,MACA,GAAI,YACA;AAAA,QACE,OAAO;AAAA,QACP,QAAQ;AAAA,MACV,IACA,CAAC;AAAA,IACP;AAAA,IACA;AAAA,MACE,UAAU,KAAK,YAAY;AAAA,MAC3B,gBAAgB,KAAK,SAAS;AAAA,IAChC;AAAA,EACF;AACA,SAAO,aAAa,KAAK;AAAA,IACvB,OAAO,MAAM,IAAI,CAAC,MAAW;AAC3B,YAAMA,YAAW,uBAAuB,EAAE,eAAe;AACzD,aAAO;AAAA,QACL,IAAI,EAAE;AAAA,QACN,KAAK,EAAE;AAAA,QACP,UAAU,EAAE;AAAA,QACZ,UAAU,EAAE;AAAA,QACZ,WAAW,EAAE;AAAA,QACb,UAAU,EAAE,YAAY;AAAA,QACxB,eAAe,EAAE;AAAA,QACjB,SAAS,EAAE,WAAW;AAAA,QACtB,cAAc,wBAAwB,EAAE,IAAI;AAAA,UAC1C,OAAO;AAAA,UACP,QAAQ;AAAA,UACR,MAAM,0BAA0B,EAAE,QAAQ;AAAA,QAC5C,CAAC;AAAA,QACD,MAAMA,UAAS,QAAQ,CAAC;AAAA,QACxB,aAAaA,UAAS,eAAe,CAAC;AAAA,MACxC;AAAA,IACF,CAAC;AAAA,IACD,GAAI,YACA;AAAA,MACE;AAAA,MACA,MAAM,KAAK,IAAI,aAAc,UAAW;AAAA,MACxC,UAAU;AAAA,MACV;AAAA,IACF,IACA,CAAC;AAAA,EACP,CAAC;AACH;AAEA,eAAsB,KAAK,KAAc;AACvC,QAAM,EAAE,EAAE,IAAI,MAAM,oBAAoB;AACxC,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,QAAQ,CAAC,KAAK,YAAY,CAAC,KAAK,MAAO,QAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAC/G,QAAM,WAAW,KAAK;AACtB,QAAM,QAAQ,KAAK;AAEnB,QAAM,cAAc,IAAI,QAAQ,IAAI,cAAc,KAAK;AACvD,MAAI,CAAC,YAAY,YAAY,EAAE,SAAS,qBAAqB,GAAG;AAC9D,WAAO,aAAa,KAAK,EAAE,OAAO,+BAA+B,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACrF;AACA,MAAI,CAAC,oCAAoC,IAAI,QAAQ,IAAI,gBAAgB,CAAC,GAAG;AAC3E,WAAO,aAAa,KAAK,EAAE,OAAO,8CAA8C,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACpG;AAEA,QAAM,OAAO,MAAM,IAAI,SAAS;AAChC,QAAM,cAAc,iBAAiB,IAAI;AACzC,QAAM,oBAAoB,wBAAwB,WAAW,EAAE;AAC/D,QAAM,WAAW,OAAO,KAAK,IAAI,UAAU,KAAK,EAAE;AAClD,QAAM,WAAW,OAAO,KAAK,IAAI,UAAU,KAAK,EAAE;AAClD,QAAM,WAAW,OAAO,KAAK,IAAI,UAAU,KAAK,EAAE;AAClD,QAAM,OAAO,KAAK,IAAI,MAAM;AAC5B,MAAI,CAAC,YAAY,CAAC,YAAY,CAAC,KAAM,QAAO,aAAa,KAAK,EAAE,OAAO,2CAA2C,GAAG,EAAE,QAAQ,IAAI,CAAC;AACpI,QAAM,uBAAuB,KAAK,IAAI,eAAe;AACrD,QAAM,oBACJ,OAAO,yBAAyB,YAAY,qBAAqB,KAAK,EAAE,SAAS,IAC7E,sBAAsB,oBAAoB,IAC1C;AACN,QAAM,OAAO,cAAc,KAAK,IAAI,MAAM,CAAC;AAC3C,QAAM,sBAAsB,qBAAqB,KAAK,IAAI,aAAa,CAAC;AAExE,QAAM,EAAE,QAAQ,IAAI,MAAM,uBAAuB;AACjD,QAAM,KAAK,QAAQ,IAAI;AACvB,QAAM,aAAa,QAAQ,YAAY;AACvC,QAAM,wBAAwB,EAAE;AAEhC,MAAI,qBAAoC;AACxC,MAAI,2BAA0C;AAC9C,MAAI,UAAU;AACZ,QAAI;AACF,YAAM,EAAE,eAAe,IAAI,MAAM,OAAO,mDAAmD;AAC3F,YAAM,MAAM,MAAM,GAAG,QAAQ,gBAAgB;AAAA,QAC3C;AAAA,QACA,KAAK;AAAA,QACL,MAAM;AAAA,UACJ,EAAE,KAAK,CAAE,EAAE,UAAU,KAAK,SAAS,GAAG,EAAE,UAAU,KAAK,CAAE,EAAE;AAAA,QAC7D;AAAA,QACA,UAAU;AAAA,MACZ,CAAC;AACD,YAAM,MAAO,KAAa,cAAc,CAAC;AACzC,YAAM,OAAO,KAAK,QAAQ,IAAI,MAAM,GAAG,EAAE,IAAI,GAAG,YAAY,KAAK;AACjE,UAAI,MAAM,QAAQ,IAAI,gBAAgB,KAAK,IAAI,iBAAiB,QAAQ;AACtE,cAAM,UAAU,IAAI,IAAK,IAAI,iBAA2B,IAAI,CAAC,MAAW,OAAO,CAAC,EAAE,YAAY,EAAE,QAAQ,OAAO,EAAE,CAAC,CAAC;AACnH,YAAI,CAAC,QAAQ,IAAI,GAAG,EAAG,QAAO,aAAa,KAAK,EAAE,OAAO,wBAAwB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,MACrG;AACA,UAAI,OAAO,IAAI,wBAAwB,YAAY,IAAI,sBAAsB,GAAG;AAC9E,mCAA2B,IAAI;AAAA,MACjC;AACA,UAAI,OAAO,IAAI,kBAAkB,YAAY,IAAI,cAAc,KAAK,EAAE,SAAS,GAAG;AAChF,6BAAqB,sBAAsB,IAAI,aAAa;AAAA,MAC9D;AAAA,IACF,QAAQ;AAAA,IAAC;AAAA,EACX;AACA,MAAI,gCAAgC,KAAK,IAAI,GAAG;AAC9C,WAAO,aAAa,KAAK;AAAA,MACvB,OAAO,EAAE,0CAA0C,uDAAuD;AAAA,IAC5G,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACpB;AACA,QAAM,oBAAoB,0BAA0B,wBAAwB;AAC5E,MAAI,KAAK,OAAO,mBAAmB;AACjC,WAAO,aAAa,KAAK;AAAA,MACvB,OAAO,EAAE,oCAAoC,6CAA6C;AAAA,IAC5F,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACpB;AACA,QAAM,mBAAmB,MAAM,+BAA+B,IAAI,QAAQ;AAC1E,MAAI,gCAAgC,kBAAkB,KAAK,IAAI,GAAG;AAChE,WAAO,aAAa,KAAK;AAAA,MACvB,OAAO,EAAE,oCAAoC,oDAAoD;AAAA,IACnG,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACpB;AACA,QAAM,MAAM,OAAO,KAAK,MAAM,KAAK,YAAY,CAAC;AAChD,QAAM,WAAW,yBAAyB,KAAK,IAAI;AACnD,QAAM,eAAe,yBAAyB,KAAK,UAAW,KAAa,IAAI;AAC/E,MAAI,0BAA0B,KAAK,UAAU,YAAY,GAAG;AAC1D,WAAO,aAAa,KAAK,EAAE,OAAO,EAAE,2CAA2C,yCAAyC,EAAE,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC9I;AACA,QAAM,uBAAuB,4BAA4B,QAAQ;AACjE,QAAM,wBAAwB,qBAAqB,sBAAsB;AACzE,QAAM,0BAA0B,MAAM;AAAA,IACpC,IAAI;AAAA,MACF,CAAC,mBAAmB,oBAAoB,qBAAqB,EAAE;AAAA,QAC7D,CAAC,SAAyB,OAAO,SAAS,YAAY,KAAK,SAAS;AAAA,MACtE;AAAA,IACF;AAAA,EACF;AACA,MAAI,YAAwC;AAC5C,aAAW,QAAQ,yBAAyB;AAC1C,UAAM,SAAS,MAAM,GAAG,QAAQ,qBAAqB,EAAE,KAAK,CAAC;AAC7D,QAAI,QAAQ;AACV,kBAAY;AACZ;AAAA,IACF;AAAA,EACF;AACA,MAAI,CAAC,WAAW;AACd,gBAAY,MAAM,GAAG,QAAQ,qBAAqB,EAAE,MAAM,qBAAqB,CAAC;AAAA,EAClF;AACA,MAAI,CAAC,WAAW;AACd,WAAO,aAAa,KAAK,EAAE,OAAO,uCAAuC,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC7F;AACA,QAAM,0BACJ,OAAO,sBAAsB,YAC7B,kBAAkB,SAAS,KAC3B,UAAU,SAAS,qBACnB,UAAU,aAAa,QACvB,UAAU,SAAS,wBACnB,UAAU,SAAS;AACrB,MAAI,yBAAyB;AAC3B,WAAO,aAAa,KAAK,EAAE,OAAO,EAAE,6CAA6C,0EAA0E,EAAE,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACjL;AACA,MAAI;AACJ,MAAI;AACF,aAAS,MAAM,mBAAmB;AAAA,MAChC,eAAe,UAAU;AAAA,MACzB;AAAA,MACA;AAAA,MACA,UAAU;AAAA,MACV,QAAQ;AAAA,IACV,CAAC;AAAA,EACH,SAAS,OAAO;AACd,YAAQ,MAAM,wCAAwC,KAAK;AAC3D,WAAO,aAAa,KAAK,EAAE,OAAO,gCAAgC,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACtF;AAEA,QAAM,cACJ,OAAQ,UAAkB,gBAAgB,YACtC,QAAS,UAAkB,WAAW,IACtC,mCAAmC;AACzC,MAAI,mBAAkC;AACtC,QAAM,cAAc,eAAe,gBAAgB,cAAc,QAAQ;AACzE,QAAM,aAAa,cAAc,IAAI,WAAW,IAAI;AACpD,QAAM,YAAY,QAAQ,eAAe,YAAY,SAAS;AAE9D,MAAI,eAAe,CAAC,WAAW;AAC7B,QAAI;AACF,yBAAmB,MAAM,yBAAyB;AAAA,QAChD,UAAU,OAAO;AAAA,QACjB,UAAU;AAAA,MACZ,CAAC;AAAA,IACH,SAAS,OAAO;AACd,cAAQ,MAAM,sDAAsD,KAAK;AAAA,IAC3E;AAAA,EACF;AAEA,MAAI,cAAc,oBAAoB,MAAM;AAC5C,MAAI,aAAa,mBAAmB;AAClC,kBAAc,iBAAiB,aAAa,EAAE,MAAM,UAAU,IAAI,SAAS,CAAC;AAAA,EAC9E;AACA,QAAMA,YAAW,wBAAwB,MAAM,EAAE,aAAa,KAAK,CAAC;AACpE,QAAM,eAAe,WAAW;AAChC,QAAM,MAAM,GAAG,OAAO,YAAY;AAAA,IAChC,IAAI;AAAA,IACJ;AAAA,IACA;AAAA,IACA,gBAAgB,KAAK;AAAA,IACrB,UAAU,KAAK;AAAA,IACf,UAAU;AAAA,IACV,UAAU;AAAA,IACV,UAAU,IAAI;AAAA,IACd,eAAe,UAAU;AAAA,IACzB,eAAe,UAAU,iBAAiB;AAAA,IAC1C,aAAa,OAAO;AAAA,IACpB,KAAK,uBAAuB,YAAY;AAAA,IACxC,SAAS;AAAA,IACT,iBAAiBA;AAAA,EACnB,CAAC;AACD,QAAM,GAAG,gBAAgB,GAAG;AAE5B,MAAI,WAAW;AACb,yBAAqB,IAAI,KAAK,OAAO,YAAY,EAAE,MAAM,CAAC,UAAU;AAClE,cAAQ,MAAM,gDAAgD,KAAK;AAAA,IACrE,CAAC;AAAA,EACH,WAAW,aAAa;AACtB,YAAQ,KAAK,+GAA+G;AAAA,EAC9H;AAEA,MAAI,YAAY;AACd,QAAI;AACF,YAAM,qBAAqB;AAAA,QACzB;AAAA,QACA,UAAU,EAAE,YAAY;AAAA,QACxB,UAAU;AAAA,QACV;AAAA,QACA,gBAAgB;AAAA,QAChB,QAAQ;AAAA,MACV,CAAC;AAAA,IACH,SAAS,OAAO;AACd,cAAQ,MAAM,qDAAqD,KAAK;AACxE,aAAO,aAAa,KAAK,EAAE,OAAO,wCAAwC,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,IAC9F;AACA,UAAM,oBAAoB;AAAA,MACxB;AAAA,MACA,QAAQ;AAAA,MACR,QAAQ;AAAA,MACR,aAAa;AAAA,QACX,IAAI,IAAI;AAAA,QACR,gBAAgB,IAAI,kBAAkB;AAAA,QACtC,UAAU,IAAI,YAAY;AAAA,MAC5B;AAAA,MACA,QAAQ;AAAA,MACR,SAAS;AAAA,IACX,CAAC;AACD,UAAM,WAAW,sBAAsB;AAAA,EACzC;AAEA,SAAO,aAAa,KAAK;AAAA,IACvB,IAAI;AAAA,IACJ,MAAM;AAAA,MACJ,IAAI;AAAA,MACJ,KAAK,IAAI;AAAA,MACT,UAAU;AAAA,MACV,UAAU,IAAI;AAAA,MACd,eAAe,UAAU;AAAA,MACzB,cAAc,wBAAwB,cAAc;AAAA,QAClD,OAAO;AAAA,QACP,QAAQ;AAAA,QACR,MAAM,0BAA0B,QAAQ;AAAA,MAC1C,CAAC;AAAA,MACD,SAAS,oBAAoB;AAAA,MAC7B,MAAMA,UAAS,QAAQ,CAAC;AAAA,MACxB,aAAaA,UAAS,eAAe,CAAC;AAAA,MACtC,cAAc,OAAO,KAAK,iBAAiB,EAAE,SAAS,oBAAoB;AAAA,IAC5E;AAAA,EACF,CAAC;AACH;AAEA,eAAe,+BAA+B,IAAmB,UAAmC;AAClG,MAAI;AACF,UAAM,OAAQ,GAAW,cAAc,EAAE,QAAQ;AACjD,UAAM,MAAM,MAAM,KAAK,aAAa,EACjC,MAAM,EAAE,WAAW,SAAS,CAAC,EAC7B,IAAI,EAAE,WAAW,YAAY,CAAC,EAC9B,MAAM;AACT,UAAM,QAAQ,KAAK;AACnB,QAAI,OAAO,UAAU,SAAU,QAAO,OAAO,SAAS,KAAK,IAAI,QAAQ;AACvE,QAAI,OAAO,UAAU,UAAU;AAC7B,YAAM,SAAS,OAAO,KAAK;AAC3B,aAAO,OAAO,SAAS,MAAM,IAAI,SAAS;AAAA,IAC5C;AACA,WAAO;AAAA,EACT,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAEA,eAAsB,OAAO,KAAc;AACzC,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,QAAQ,CAAC,KAAK,YAAY,CAAC,KAAK,MAAO,QAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAC/G,QAAM,MAAM,IAAI,IAAI,IAAI,GAAG;AAC3B,QAAM,KAAK,IAAI,aAAa,IAAI,IAAI,KAAK;AACzC,MAAI,CAAC,GAAI,QAAO,aAAa,KAAK,EAAE,OAAO,4BAA4B,GAAG,EAAE,QAAQ,IAAI,CAAC;AACzF,QAAM,EAAE,QAAQ,IAAI,MAAM,uBAAuB;AACjD,QAAM,KAAK,QAAQ,IAAI;AACvB,QAAM,aAAa,QAAQ,YAAY;AACvC,QAAM,eAAwC,EAAE,IAAI,UAAU,KAAK,UAAW,gBAAgB,KAAK,MAAM;AACzG,QAAM,SAAS,MAAM,GAAG,QAAQ,YAAY,YAAY;AACxD,MAAI,CAAC,OAAQ,QAAO,aAAa,KAAK,EAAE,OAAO,uBAAuB,GAAG,EAAE,QAAQ,IAAI,CAAC;AACxF,QAAM,GAAG,eAAe,MAAM;AAC9B,QAAM,8BAA8B,OAAO,eAAe,OAAO,EAAE,EAAE,MAAM,CAAC,UAAU;AACpF,YAAQ,MAAM,qDAAqD,KAAK;AAAA,EAC1E,CAAC;AACD,MAAI,OAAO,aAAa;AACtB,UAAM,oBAAoB,OAAO,eAAe,OAAO,aAAa,OAAO,aAAa;AAAA,EAC1F;AACA,MAAI,YAAY;AACd,UAAM,oBAAoB;AAAA,MACxB;AAAA,MACA,QAAQ;AAAA,MACR,QAAQ;AAAA,MACR,aAAa;AAAA,QACX,IAAI,OAAO;AAAA,QACX,gBAAgB,OAAO,kBAAkB;AAAA,QACzC,UAAU,OAAO,YAAY;AAAA,MAC/B;AAAA,MACA,QAAQ;AAAA,MACR,SAAS;AAAA,IACX,CAAC;AACD,UAAM,WAAW,sBAAsB;AAAA,EACzC;AACA,SAAO,aAAa,KAAK,EAAE,IAAI,KAAK,CAAC;AACvC;AAEO,MAAM,UAA2B;AAAA,EACtC,SAAS;AAAA,EACT,aAAa;AAAA,EACb,SAAS;AAAA,IACP,KAAK;AAAA,MACH,SAAS;AAAA,MACT,aAAa;AAAA,MACb,OAAO;AAAA,MACP,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,oCAAoC,QAAQ,6BAA6B;AAAA,MACvG;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,wCAAwC,QAAQ,YAAY;AAAA,QACxF,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,YAAY;AAAA,MAClE;AAAA,IACF;AAAA,IACA,MAAM;AAAA,MACJ,SAAS;AAAA,MACT,aAAa;AAAA,MACb,aAAa;AAAA,QACX,aAAa;AAAA,QACb,QAAQ;AAAA,MACV;AAAA,MACA,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,kCAAkC,QAAQ,qBAAqB;AAAA,MAC7F;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,4BAA4B,QAAQ,YAAY;AAAA,QAC5E,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,YAAY;AAAA,QAChE,EAAE,QAAQ,KAAK,aAAa,yCAAyC,QAAQ,YAAY;AAAA,MAC3F;AAAA,IACF;AAAA,IACA,QAAQ;AAAA,MACN,SAAS;AAAA,MACT,aAAa;AAAA,MACb,OAAO;AAAA,MACP,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,sBAAsB,QAAQ,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,IAAI,EAAE,CAAC,EAAE;AAAA,QAC5F,EAAE,QAAQ,KAAK,aAAa,wBAAwB,QAAQ,YAAY;AAAA,MAC1E;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,iCAAiC,QAAQ,YAAY;AAAA,QACjF,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,YAAY;AAAA,MAClE;AAAA,IACF;AAAA,EACF;AACF;",
+  "sourcesContent": ["import { NextResponse } from 'next/server'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'\nimport { z } from 'zod'\nimport { sql } from 'kysely'\nimport type { OpenApiRouteDoc } from '@open-mercato/shared/lib/openapi'\nimport { buildAttachmentFileUrl, buildAttachmentImageUrl, slugifyAttachmentFileName } from '../lib/imageUrls'\nimport { ensureDefaultPartitions, resolveDefaultPartitionCode, sanitizePartitionCode } from '../lib/partitions'\nimport { Attachment, AttachmentPartition } from '../data/entities'\nimport { storePartitionFile, deletePartitionFile } from '../lib/storage'\nimport { extractAttachmentContent } from '../lib/textExtraction'\nimport { requestOcrProcessing } from '../lib/ocrQueue'\nimport { OcrService, shouldUseLlmOcr } from '../lib/ocrService'\nimport { clearAttachmentThumbnailCache } from '../lib/thumbnailCache'\nimport {\n  mergeAttachmentMetadata,\n  normalizeAttachmentAssignments,\n  normalizeAttachmentTags,\n  readAttachmentMetadata,\n  upsertAssignment,\n  type AttachmentAssignment,\n} from '../lib/metadata'\nimport { randomUUID } from 'crypto'\nimport type { EntityManager } from '@mikro-orm/postgresql'\nimport { splitCustomFieldPayload } from '@open-mercato/shared/lib/crud/custom-fields'\nimport { emitCrudSideEffects, setCustomFieldsIfAny } from '@open-mercato/shared/lib/commands/helpers'\nimport { resolveTranslations } from '@open-mercato/shared/lib/i18n/server'\nimport { attachmentCrudEvents, attachmentCrudIndexer } from '../lib/crud'\nimport { E } from '#generated/entities.ids.generated'\nimport { resolveDefaultAttachmentOcrEnabled } from '../lib/ocrConfig'\nimport {\n  detectAttachmentMimeType,\n  hasDangerousExecutableExtension,\n  isActiveContentAttachment,\n  sanitizeUploadedFileName,\n} from '../lib/security'\nimport {\n  isMultipartRequestWithinUploadLimit,\n  resolveAttachmentMaxBytes,\n  willExceedAttachmentTenantQuota,\n} from '../lib/upload-limits'\nimport { findWithDecryption } from '@open-mercato/shared/lib/encryption/find'\n\nexport const metadata = {\n  GET: { requireAuth: true, requireFeatures: ['attachments.view'] },\n  POST: { requireAuth: true, requireFeatures: ['attachments.manage'] },\n  DELETE: { requireAuth: true, requireFeatures: ['attachments.manage'] },\n}\n\nconst attachmentQuerySchema = z.object({\n  entityId: z.string().min(1).describe('Entity identifier that owns the attachments'),\n  recordId: z.string().min(1).describe('Record identifier within the entity'),\n  page: z.coerce.number().min(1).optional(),\n  pageSize: z.coerce.number().min(1).max(100).optional(),\n})\n\nconst attachmentAssignmentSchema = z.object({\n  type: z.string().describe('Assignment type identifier'),\n  id: z.string().describe('Assignment record identifier'),\n  href: z.string().nullable().optional().describe('Optional link to the related record'),\n  label: z.string().nullable().optional().describe('Optional label for the assignment'),\n})\n\nconst attachmentItemSchema = z.object({\n  id: z.string().describe('Attachment identifier'),\n  url: z.string().describe('Public path to the stored asset'),\n  fileName: z.string().describe('Original filename'),\n  fileSize: z.number().int().nonnegative().describe('File size in bytes'),\n  createdAt: z.string().describe('Upload timestamp (ISO 8601)'),\n  mimeType: z.string().nullable().optional().describe('MIME type of the file'),\n  thumbnailUrl: z.string().optional().describe('Helper route that renders a thumbnail'),\n  partitionCode: z.string().optional().describe('Partition identifier'),\n  tags: z.array(z.string()).optional().describe('Tags assigned to the attachment'),\n  content: z.string().nullable().optional().describe('Extracted text or markdown content'),\n  assignments: z.array(attachmentAssignmentSchema).optional().describe('Records that reference this attachment'),\n})\n\nconst attachmentListResponseSchema = z.object({\n  items: z.array(attachmentItemSchema),\n  total: z.number().int().nonnegative().optional(),\n  page: z.number().int().min(1).optional(),\n  pageSize: z.number().int().min(1).optional(),\n  totalPages: z.number().int().min(1).optional(),\n})\n\nconst attachmentUploadBodySchema = z.object({\n  entityId: z.string().min(1),\n  recordId: z.string().min(1),\n  fieldKey: z.string().optional(),\n  file: z.string().min(1).describe('Binary file payload; supplied as multipart form-data'),\n  customFields: z\n    .string()\n    .optional()\n    .describe('JSON encoded map of custom field values collected from the upload form.'),\n})\n\nconst attachmentDeleteQuerySchema = z.object({\n  id: z.string().uuid(),\n})\n\nconst uploadResponseSchema = z.object({\n  ok: z.literal(true),\n  item: z.object({\n    id: z.string(),\n    url: z.string(),\n    fileName: z.string(),\n    fileSize: z.number().int().nonnegative(),\n    thumbnailUrl: z.string().optional(),\n    content: z.string().nullable().optional(),\n    tags: z.array(z.string()).optional(),\n    assignments: z.array(attachmentAssignmentSchema).optional(),\n    customFields: z.record(z.string(), z.unknown()).optional(),\n  }),\n})\n\nconst errorSchema = z.object({\n  error: z.string(),\n})\n\nconst LIBRARY_ENTITY_ID = 'attachments:library'\n\nfunction parseCustomFieldsEntry(value: FormDataEntryValue | null): Record<string, unknown> {\n  if (!value) return {}\n  if (typeof value === 'string') {\n    const trimmed = value.trim()\n    if (!trimmed) return {}\n    try {\n      const parsed = JSON.parse(trimmed)\n      if (parsed && typeof parsed === 'object' && !Array.isArray(parsed)) {\n        return parsed as Record<string, unknown>\n      }\n    } catch {\n      return {}\n    }\n  }\n  if (typeof value === 'object' && !Array.isArray(value) && !(value instanceof File)) {\n    return { ...(value as Record<string, unknown>) }\n  }\n  return {}\n}\n\nfunction buildFormPayload(form: FormData): Record<string, unknown> {\n  const payload: Record<string, unknown> = {}\n  form.forEach((value, key) => {\n    if (key === 'customFields') {\n      payload.customFields = parseCustomFieldsEntry(value)\n      return\n    }\n    payload[key] = value\n  })\n  return payload\n}\n\nfunction parseFormTags(value: FormDataEntryValue | null): string[] {\n  if (!value) return []\n  if (typeof value === 'string') {\n    const trimmed = value.trim()\n    if (!trimmed) return []\n    try {\n      const parsed = JSON.parse(trimmed)\n      return normalizeAttachmentTags(parsed)\n    } catch {\n      return normalizeAttachmentTags(value)\n    }\n  }\n  return []\n}\n\nfunction parseFormAssignments(value: FormDataEntryValue | null): AttachmentAssignment[] {\n  if (!value) return []\n  if (typeof value !== 'string') return []\n  const trimmed = value.trim()\n  if (!trimmed) return []\n  try {\n    const parsed = JSON.parse(trimmed)\n    return normalizeAttachmentAssignments(parsed)\n  } catch {\n    return []\n  }\n}\n\nexport async function GET(req: Request) {\n  const auth = await getAuthFromRequest(req)\n  if (!auth || !auth.tenantId || (!auth.orgId && !auth.isSuperAdmin)) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n  const url = new URL(req.url)\n  const parsedQuery = attachmentQuerySchema.safeParse({\n    entityId: url.searchParams.get('entityId') || '',\n    recordId: url.searchParams.get('recordId') || '',\n    page: url.searchParams.get('page') ?? undefined,\n    pageSize: url.searchParams.get('pageSize') ?? undefined,\n  })\n  if (!parsedQuery.success) {\n    return NextResponse.json({ error: 'entityId and recordId are required' }, { status: 400 })\n  }\n  const { entityId, recordId, page, pageSize } = parsedQuery.data\n\n  const { resolve } = await createRequestContainer()\n  const em = resolve('em') as EntityManager\n  const filter: Record<string, unknown> = { entityId, recordId, tenantId: auth.tenantId! }\n  if (auth.orgId) filter.organizationId = auth.orgId\n  const orderBy: Record<string, 'ASC' | 'DESC'> = { createdAt: 'DESC' }\n  const usePaging = typeof page === 'number' && typeof pageSize === 'number'\n  const total = usePaging ? await em.count(Attachment, filter) : null\n  const currentPage = usePaging ? Math.max(1, page) : null\n  const currentPageSize = usePaging ? pageSize : null\n  const totalPages = usePaging && total !== null ? Math.max(1, Math.ceil(total / currentPageSize!)) : null\n  const pageOffset = usePaging ? (Math.min(currentPage!, totalPages!) - 1) * currentPageSize! : undefined\n  const items = await findWithDecryption(\n    em,\n    Attachment,\n    filter,\n    {\n      orderBy,\n      ...(usePaging\n        ? {\n            limit: currentPageSize!,\n            offset: pageOffset,\n          }\n        : {}),\n    },\n    {\n      tenantId: auth.tenantId ?? null,\n      organizationId: auth.orgId ?? null,\n    },\n  )\n  return NextResponse.json({\n    items: items.map((a: any) => {\n      const metadata = readAttachmentMetadata(a.storageMetadata)\n      return {\n        id: a.id,\n        url: a.url,\n        fileName: a.fileName,\n        fileSize: a.fileSize,\n        createdAt: a.createdAt,\n        mimeType: a.mimeType ?? null,\n        partitionCode: a.partitionCode,\n        content: a.content ?? null,\n        thumbnailUrl: buildAttachmentImageUrl(a.id, {\n          width: 320,\n          height: 320,\n          slug: slugifyAttachmentFileName(a.fileName),\n        }),\n        tags: metadata.tags ?? [],\n        assignments: metadata.assignments ?? [],\n      }\n    }),\n    ...(usePaging\n      ? {\n          total,\n          page: Math.min(currentPage!, totalPages!),\n          pageSize: currentPageSize,\n          totalPages,\n        }\n      : {}),\n  })\n}\n\nexport async function POST(req: Request) {\n  const { t } = await resolveTranslations()\n  const auth = await getAuthFromRequest(req)\n  if (!auth || !auth.tenantId || !auth.orgId) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n  const tenantId = auth.tenantId\n  const orgId = auth.orgId\n\n  const contentType = req.headers.get('content-type') || ''\n  if (!contentType.toLowerCase().includes('multipart/form-data')) {\n    return NextResponse.json({ error: 'Expected multipart/form-data' }, { status: 400 })\n  }\n  if (!isMultipartRequestWithinUploadLimit(req.headers.get('content-length'))) {\n    return NextResponse.json({ error: 'Attachment exceeds the maximum upload size.' }, { status: 413 })\n  }\n\n  const form = await req.formData()\n  const formPayload = buildFormPayload(form)\n  const customFieldValues = splitCustomFieldPayload(formPayload).custom\n  const entityId = String(form.get('entityId') || '')\n  const recordId = String(form.get('recordId') || '')\n  const fieldKey = String(form.get('fieldKey') || '')\n  const file = form.get('file') as unknown as File | null\n  if (!entityId || !recordId || !file) return NextResponse.json({ error: 'entityId, recordId and file are required' }, { status: 400 })\n  const partitionOverrideRaw = form.get('partitionCode')\n  const partitionOverride =\n    typeof partitionOverrideRaw === 'string' && partitionOverrideRaw.trim().length > 0\n      ? sanitizePartitionCode(partitionOverrideRaw)\n      : null\n  const tags = parseFormTags(form.get('tags'))\n  const assignmentsFromForm = parseFormAssignments(form.get('assignments'))\n\n  const { resolve } = await createRequestContainer()\n  const em = resolve('em') as EntityManager\n  const dataEngine = resolve('dataEngine')\n  await ensureDefaultPartitions(em)\n  // Optional per-field validations\n  let partitionFromField: string | null = null\n  let fieldMaxAttachmentSizeMb: number | null = null\n  if (fieldKey) {\n    try {\n      const { CustomFieldDef } = await import('@open-mercato/core/modules/entities/data/entities')\n      const def = await em.findOne(CustomFieldDef, {\n        entityId,\n        key: fieldKey,\n        $and: [\n          { $or: [ { tenantId: auth.tenantId }, { tenantId: null } ] },\n        ],\n        isActive: true,\n      })\n      const cfg = (def as any)?.configJson || {}\n      const ext = (file.name || '').split('.').pop()?.toLowerCase() || ''\n      if (Array.isArray(cfg.acceptExtensions) && cfg.acceptExtensions.length) {\n        const allowed = new Set((cfg.acceptExtensions as any[]).map((x: any) => String(x).toLowerCase().replace(/^\\./, '')))\n        if (!allowed.has(ext)) return NextResponse.json({ error: 'File type not allowed' }, { status: 400 })\n      }\n      if (typeof cfg.maxAttachmentSizeMb === 'number' && cfg.maxAttachmentSizeMb > 0) {\n        fieldMaxAttachmentSizeMb = cfg.maxAttachmentSizeMb\n      }\n      if (typeof cfg.partitionCode === 'string' && cfg.partitionCode.trim().length > 0) {\n        partitionFromField = sanitizePartitionCode(cfg.partitionCode)\n      }\n    } catch {}\n  }\n  if (hasDangerousExecutableExtension(file.name)) {\n    return NextResponse.json({\n      error: t('attachments.errors.dangerousExecutable', 'Executable file types are not allowed as attachments.'),\n    }, { status: 400 })\n  }\n  const effectiveMaxBytes = resolveAttachmentMaxBytes(fieldMaxAttachmentSizeMb)\n  if (file.size > effectiveMaxBytes) {\n    return NextResponse.json({\n      error: t('attachments.errors.maxUploadSize', 'Attachment exceeds the maximum upload size.'),\n    }, { status: 413 })\n  }\n  const tenantUsageBytes = await readTenantAttachmentUsageBytes(em, tenantId)\n  if (willExceedAttachmentTenantQuota(tenantUsageBytes, file.size)) {\n    return NextResponse.json({\n      error: t('attachments.errors.quotaExceeded', 'Attachment storage quota exceeded for this tenant.'),\n    }, { status: 413 })\n  }\n  const buf = Buffer.from(await file.arrayBuffer())\n  const safeName = sanitizeUploadedFileName(file.name)\n  const fileMimeType = detectAttachmentMimeType(buf, safeName, (file as any).type)\n  if (isActiveContentAttachment(buf, safeName, fileMimeType)) {\n    return NextResponse.json({ error: t('attachments.errors.activeContentBlocked', 'Active content uploads are not allowed.') }, { status: 400 })\n  }\n  const defaultPartitionCode = resolveDefaultPartitionCode(entityId)\n  const resolvedPartitionCode = partitionOverride ?? partitionFromField ?? defaultPartitionCode\n  const partitionCodeCandidates = Array.from(\n    new Set(\n      [partitionOverride, partitionFromField, resolvedPartitionCode].filter(\n        (code): code is string => typeof code === 'string' && code.length > 0,\n      ),\n    ),\n  )\n  let partition: AttachmentPartition | null = null\n  for (const code of partitionCodeCandidates) {\n    const record = await em.findOne(AttachmentPartition, { code })\n    if (record) {\n      partition = record\n      break\n    }\n  }\n  if (!partition) {\n    partition = await em.findOne(AttachmentPartition, { code: defaultPartitionCode })\n  }\n  if (!partition) {\n    return NextResponse.json({ error: 'Storage partition is not configured.' }, { status: 400 })\n  }\n  const requestedPublicOverride =\n    typeof partitionOverride === 'string' &&\n    partitionOverride.length > 0 &&\n    partition.code === partitionOverride &&\n    partition.isPublic === true &&\n    partition.code !== defaultPartitionCode &&\n    partition.code !== partitionFromField\n  if (requestedPublicOverride) {\n    return NextResponse.json({ error: t('attachments.errors.publicPartitionBlocked', 'Public storage partitions cannot be selected explicitly for this upload.') }, { status: 403 })\n  }\n  let stored\n  try {\n    stored = await storePartitionFile({\n      partitionCode: partition.code,\n      orgId,\n      tenantId,\n      fileName: safeName,\n      buffer: buf,\n    })\n  } catch (error) {\n    console.error('[attachments] failed to persist file', error)\n    return NextResponse.json({ error: 'Failed to persist attachment.' }, { status: 500 })\n  }\n\n  const requiresOcr =\n    typeof (partition as any).requiresOcr === 'boolean'\n      ? Boolean((partition as any).requiresOcr)\n      : resolveDefaultAttachmentOcrEnabled()\n  let extractedContent: string | null = null\n  const wantsLlmOcr = requiresOcr && shouldUseLlmOcr(fileMimeType, safeName)\n  const ocrService = wantsLlmOcr ? new OcrService() : null\n  const useLlmOcr = Boolean(wantsLlmOcr && ocrService?.available)\n\n  if (requiresOcr && !useLlmOcr) {\n    try {\n      extractedContent = await extractAttachmentContent({\n        filePath: stored.absolutePath,\n        mimeType: fileMimeType,\n      })\n    } catch (error) {\n      console.error('[attachments] failed to extract attachment content', error)\n    }\n  }\n\n  let assignments = assignmentsFromForm.slice()\n  if (entityId !== LIBRARY_ENTITY_ID) {\n    assignments = upsertAssignment(assignments, { type: entityId, id: recordId })\n  }\n  const metadata = mergeAttachmentMetadata(null, { assignments, tags })\n  const attachmentId = randomUUID()\n  const att = em.create(Attachment, {\n    id: attachmentId,\n    entityId,\n    recordId,\n    organizationId: auth.orgId!,\n    tenantId: auth.tenantId!,\n    fileName: safeName,\n    mimeType: fileMimeType,\n    fileSize: buf.length,\n    partitionCode: partition.code,\n    storageDriver: partition.storageDriver || 'local',\n    storagePath: stored.storagePath,\n    url: buildAttachmentFileUrl(attachmentId),\n    content: extractedContent,\n    storageMetadata: metadata,\n  })\n  await em.persist(att).flush()\n\n  if (useLlmOcr) {\n    requestOcrProcessing(em, att, stored.absolutePath).catch((error) => {\n      console.error('[attachments] failed to queue OCR processing', error)\n    })\n  } else if (wantsLlmOcr) {\n    console.warn('[attachments] OCR requested but OPENAI_API_KEY not configured, falling back to text extraction when available')\n  }\n\n  if (dataEngine) {\n    try {\n      await setCustomFieldsIfAny({\n        dataEngine,\n        entityId: E.attachments.attachment,\n        recordId: attachmentId,\n        tenantId,\n        organizationId: orgId,\n        values: customFieldValues,\n      })\n    } catch (error) {\n      console.error('[attachments] failed to persist custom attributes', error)\n      return NextResponse.json({ error: 'Failed to save attachment attributes.' }, { status: 500 })\n    }\n    await emitCrudSideEffects({\n      dataEngine,\n      action: 'created',\n      entity: att,\n      identifiers: {\n        id: att.id,\n        organizationId: att.organizationId ?? null,\n        tenantId: att.tenantId ?? null,\n      },\n      events: attachmentCrudEvents,\n      indexer: attachmentCrudIndexer,\n    })\n    await dataEngine.flushOrmEntityChanges()\n  }\n\n  return NextResponse.json({\n    ok: true,\n    item: {\n      id: attachmentId,\n      url: att.url,\n      fileName: safeName,\n      fileSize: buf.length,\n      partitionCode: partition.code,\n      thumbnailUrl: buildAttachmentImageUrl(attachmentId, {\n        width: 320,\n        height: 320,\n        slug: slugifyAttachmentFileName(safeName),\n      }),\n      content: extractedContent ?? null,\n      tags: metadata.tags ?? [],\n      assignments: metadata.assignments ?? [],\n      customFields: Object.keys(customFieldValues).length ? customFieldValues : undefined,\n    },\n  })\n}\n\nasync function readTenantAttachmentUsageBytes(em: EntityManager, tenantId: string): Promise<number> {\n  try {\n    const db = em.getKysely<any>() as any\n    const row = await db\n      .selectFrom('attachments')\n      .select(sql<string>`sum(file_size)`.as('total_size'))\n      .where('tenant_id', '=', tenantId)\n      .executeTakeFirst() as { total_size: string | number | null } | undefined\n    const total = row?.total_size\n    if (typeof total === 'number') return Number.isFinite(total) ? total : 0\n    if (typeof total === 'string') {\n      const parsed = Number(total)\n      return Number.isFinite(parsed) ? parsed : 0\n    }\n    return 0\n  } catch {\n    return 0\n  }\n}\n\nexport async function DELETE(req: Request) {\n  const auth = await getAuthFromRequest(req)\n  if (!auth || !auth.tenantId || !auth.orgId) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n  const url = new URL(req.url)\n  const id = url.searchParams.get('id') || ''\n  if (!id) return NextResponse.json({ error: 'Attachment id is required' }, { status: 400 })\n  const { resolve } = await createRequestContainer()\n  const em = resolve('em') as EntityManager\n  const dataEngine = resolve('dataEngine')\n  const deleteFilter: Record<string, unknown> = { id, tenantId: auth.tenantId!, organizationId: auth.orgId }\n  const record = await em.findOne(Attachment, deleteFilter)\n  if (!record) return NextResponse.json({ error: 'Attachment not found' }, { status: 404 })\n  await em.remove(record).flush()\n  await clearAttachmentThumbnailCache(record.partitionCode, record.id).catch((error) => {\n    console.error('[attachments] failed to cleanup cached thumbnails', error)\n  })\n  if (record.storagePath) {\n    await deletePartitionFile(record.partitionCode, record.storagePath, record.storageDriver)\n  }\n  if (dataEngine) {\n    await emitCrudSideEffects({\n      dataEngine,\n      action: 'deleted',\n      entity: record,\n      identifiers: {\n        id: record.id,\n        organizationId: record.organizationId ?? null,\n        tenantId: record.tenantId ?? null,\n      },\n      events: attachmentCrudEvents,\n      indexer: attachmentCrudIndexer,\n    })\n    await dataEngine.flushOrmEntityChanges()\n  }\n  return NextResponse.json({ ok: true })\n}\n\nexport const openApi: OpenApiRouteDoc = {\n  summary: 'Manage entity attachments',\n  description: 'Upload and list attachments associated with module entities and records.',\n  methods: {\n    GET: {\n      summary: 'List attachments for a record',\n      description: 'Returns uploaded attachments for the given entity record, ordered by newest first.',\n      query: attachmentQuerySchema,\n      responses: [\n        { status: 200, description: 'Attachments found for the record', schema: attachmentListResponseSchema },\n      ],\n      errors: [\n        { status: 400, description: 'Missing entity or record identifiers', schema: errorSchema },\n        { status: 401, description: 'Unauthorized', schema: errorSchema },\n      ],\n    },\n    POST: {\n      summary: 'Upload attachment',\n      description: 'Uploads a new attachment using multipart form-data and stores metadata for later retrieval.',\n      requestBody: {\n        contentType: 'multipart/form-data',\n        schema: attachmentUploadBodySchema,\n      },\n      responses: [\n        { status: 200, description: 'Attachment stored successfully', schema: uploadResponseSchema },\n      ],\n      errors: [\n        { status: 400, description: 'Payload validation error', schema: errorSchema },\n        { status: 401, description: 'Unauthorized', schema: errorSchema },\n        { status: 403, description: 'Attachment violates field constraints', schema: errorSchema },\n      ],\n    },\n    DELETE: {\n      summary: 'Delete attachment',\n      description: 'Removes an uploaded attachment and deletes the stored asset.',\n      query: attachmentDeleteQuerySchema,\n      responses: [\n        { status: 200, description: 'Attachment deleted', schema: z.object({ ok: z.literal(true) }) },\n        { status: 404, description: 'Attachment not found', schema: errorSchema },\n      ],\n      errors: [\n        { status: 400, description: 'Missing attachment identifier', schema: errorSchema },\n        { status: 401, description: 'Unauthorized', schema: errorSchema },\n      ],\n    },\n  },\n}\n"],
+  "mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,8BAA8B;AACvC,SAAS,0BAA0B;AACnC,SAAS,SAAS;AAClB,SAAS,WAAW;AAEpB,SAAS,wBAAwB,yBAAyB,iCAAiC;AAC3F,SAAS,yBAAyB,6BAA6B,6BAA6B;AAC5F,SAAS,YAAY,2BAA2B;AAChD,SAAS,oBAAoB,2BAA2B;AACxD,SAAS,gCAAgC;AACzC,SAAS,4BAA4B;AACrC,SAAS,YAAY,uBAAuB;AAC5C,SAAS,qCAAqC;AAC9C;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OAEK;AACP,SAAS,kBAAkB;AAE3B,SAAS,+BAA+B;AACxC,SAAS,qBAAqB,4BAA4B;AAC1D,SAAS,2BAA2B;AACpC,SAAS,sBAAsB,6BAA6B;AAC5D,SAAS,SAAS;AAClB,SAAS,0CAA0C;AACnD;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;AACP;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,OACK;AACP,SAAS,0BAA0B;AAE5B,MAAM,WAAW;AAAA,EACtB,KAAK,EAAE,aAAa,MAAM,iBAAiB,CAAC,kBAAkB,EAAE;AAAA,EAChE,MAAM,EAAE,aAAa,MAAM,iBAAiB,CAAC,oBAAoB,EAAE;AAAA,EACnE,QAAQ,EAAE,aAAa,MAAM,iBAAiB,CAAC,oBAAoB,EAAE;AACvE;AAEA,MAAM,wBAAwB,EAAE,OAAO;AAAA,EACrC,UAAU,EAAE,OAAO,EAAE,IAAI,CAAC,EAAE,SAAS,6CAA6C;AAAA,EAClF,UAAU,EAAE,OAAO,EAAE,IAAI,CAAC,EAAE,SAAS,qCAAqC;AAAA,EAC1E,MAAM,EAAE,OAAO,OAAO,EAAE,IAAI,CAAC,EAAE,SAAS;AAAA,EACxC,UAAU,EAAE,OAAO,OAAO,EAAE,IAAI,CAAC,EAAE,IAAI,GAAG,EAAE,SAAS;AACvD,CAAC;AAED,MAAM,6BAA6B,EAAE,OAAO;AAAA,EAC1C,MAAM,EAAE,OAAO,EAAE,SAAS,4BAA4B;AAAA,EACtD,IAAI,EAAE,OAAO,EAAE,SAAS,8BAA8B;AAAA,EACtD,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,SAAS,qCAAqC;AAAA,EACrF,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,SAAS,mCAAmC;AACtF,CAAC;AAED,MAAM,uBAAuB,EAAE,OAAO;AAAA,EACpC,IAAI,EAAE,OAAO,EAAE,SAAS,uBAAuB;AAAA,EAC/C,KAAK,EAAE,OAAO,EAAE,SAAS,iCAAiC;AAAA,EAC1D,UAAU,EAAE,OAAO,EAAE,SAAS,mBAAmB;AAAA,EACjD,UAAU,EAAE,OAAO,EAAE,IAAI,EAAE,YAAY,EAAE,SAAS,oBAAoB;AAAA,EACtE,WAAW,EAAE,OAAO,EAAE,SAAS,6BAA6B;AAAA,EAC5D,UAAU,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,SAAS,uBAAuB;AAAA,EAC3E,cAAc,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,uCAAuC;AAAA,EACpF,eAAe,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,sBAAsB;AAAA,EACpE,MAAM,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,SAAS,EAAE,SAAS,iCAAiC;AAAA,EAC/E,SAAS,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,SAAS,oCAAoC;AAAA,EACvF,aAAa,EAAE,MAAM,0BAA0B,EAAE,SAAS,EAAE,SAAS,wCAAwC;AAC/G,CAAC;AAED,MAAM,+BAA+B,EAAE,OAAO;AAAA,EAC5C,OAAO,EAAE,MAAM,oBAAoB;AAAA,EACnC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,YAAY,EAAE,SAAS;AAAA,EAC/C,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,EAAE,SAAS;AAAA,EACvC,UAAU,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,EAAE,SAAS;AAAA,EAC3C,YAAY,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,CAAC,EAAE,SAAS;AAC/C,CAAC;AAED,MAAM,6BAA6B,EAAE,OAAO;AAAA,EAC1C,UAAU,EAAE,OAAO,EAAE,IAAI,CAAC;AAAA,EAC1B,UAAU,EAAE,OAAO,EAAE,IAAI,CAAC;AAAA,EAC1B,UAAU,EAAE,OAAO,EAAE,SAAS;AAAA,EAC9B,MAAM,EAAE,OAAO,EAAE,IAAI,CAAC,EAAE,SAAS,sDAAsD;AAAA,EACvF,cAAc,EACX,OAAO,EACP,SAAS,EACT,SAAS,yEAAyE;AACvF,CAAC;AAED,MAAM,8BAA8B,EAAE,OAAO;AAAA,EAC3C,IAAI,EAAE,OAAO,EAAE,KAAK;AACtB,CAAC;AAED,MAAM,uBAAuB,EAAE,OAAO;AAAA,EACpC,IAAI,EAAE,QAAQ,IAAI;AAAA,EAClB,MAAM,EAAE,OAAO;AAAA,IACb,IAAI,EAAE,OAAO;AAAA,IACb,KAAK,EAAE,OAAO;AAAA,IACd,UAAU,EAAE,OAAO;AAAA,IACnB,UAAU,EAAE,OAAO,EAAE,IAAI,EAAE,YAAY;AAAA,IACvC,cAAc,EAAE,OAAO,EAAE,SAAS;AAAA,IAClC,SAAS,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS;AAAA,IACxC,MAAM,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,SAAS;AAAA,IACnC,aAAa,EAAE,MAAM,0BAA0B,EAAE,SAAS;AAAA,IAC1D,cAAc,EAAE,OAAO,EAAE,OAAO,GAAG,EAAE,QAAQ,CAAC,EAAE,SAAS;AAAA,EAC3D,CAAC;AACH,CAAC;AAED,MAAM,cAAc,EAAE,OAAO;AAAA,EAC3B,OAAO,EAAE,OAAO;AAClB,CAAC;AAED,MAAM,oBAAoB;AAE1B,SAAS,uBAAuB,OAA2D;AACzF,MAAI,CAAC,MAAO,QAAO,CAAC;AACpB,MAAI,OAAO,UAAU,UAAU;AAC7B,UAAM,UAAU,MAAM,KAAK;AAC3B,QAAI,CAAC,QAAS,QAAO,CAAC;AACtB,QAAI;AACF,YAAM,SAAS,KAAK,MAAM,OAAO;AACjC,UAAI,UAAU,OAAO,WAAW,YAAY,CAAC,MAAM,QAAQ,MAAM,GAAG;AAClE,eAAO;AAAA,MACT;AAAA,IACF,QAAQ;AACN,aAAO,CAAC;AAAA,IACV;AAAA,EACF;AACA,MAAI,OAAO,UAAU,YAAY,CAAC,MAAM,QAAQ,KAAK,KAAK,EAAE,iBAAiB,OAAO;AAClF,WAAO,EAAE,GAAI,MAAkC;AAAA,EACjD;AACA,SAAO,CAAC;AACV;AAEA,SAAS,iBAAiB,MAAyC;AACjE,QAAM,UAAmC,CAAC;AAC1C,OAAK,QAAQ,CAAC,OAAO,QAAQ;AAC3B,QAAI,QAAQ,gBAAgB;AAC1B,cAAQ,eAAe,uBAAuB,KAAK;AACnD;AAAA,IACF;AACA,YAAQ,GAAG,IAAI;AAAA,EACjB,CAAC;AACD,SAAO;AACT;AAEA,SAAS,cAAc,OAA4C;AACjE,MAAI,CAAC,MAAO,QAAO,CAAC;AACpB,MAAI,OAAO,UAAU,UAAU;AAC7B,UAAM,UAAU,MAAM,KAAK;AAC3B,QAAI,CAAC,QAAS,QAAO,CAAC;AACtB,QAAI;AACF,YAAM,SAAS,KAAK,MAAM,OAAO;AACjC,aAAO,wBAAwB,MAAM;AAAA,IACvC,QAAQ;AACN,aAAO,wBAAwB,KAAK;AAAA,IACtC;AAAA,EACF;AACA,SAAO,CAAC;AACV;AAEA,SAAS,qBAAqB,OAA0D;AACtF,MAAI,CAAC,MAAO,QAAO,CAAC;AACpB,MAAI,OAAO,UAAU,SAAU,QAAO,CAAC;AACvC,QAAM,UAAU,MAAM,KAAK;AAC3B,MAAI,CAAC,QAAS,QAAO,CAAC;AACtB,MAAI;AACF,UAAM,SAAS,KAAK,MAAM,OAAO;AACjC,WAAO,+BAA+B,MAAM;AAAA,EAC9C,QAAQ;AACN,WAAO,CAAC;AAAA,EACV;AACF;AAEA,eAAsB,IAAI,KAAc;AACtC,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,QAAQ,CAAC,KAAK,YAAa,CAAC,KAAK,SAAS,CAAC,KAAK,aAAe,QAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AACvI,QAAM,MAAM,IAAI,IAAI,IAAI,GAAG;AAC3B,QAAM,cAAc,sBAAsB,UAAU;AAAA,IAClD,UAAU,IAAI,aAAa,IAAI,UAAU,KAAK;AAAA,IAC9C,UAAU,IAAI,aAAa,IAAI,UAAU,KAAK;AAAA,IAC9C,MAAM,IAAI,aAAa,IAAI,MAAM,KAAK;AAAA,IACtC,UAAU,IAAI,aAAa,IAAI,UAAU,KAAK;AAAA,EAChD,CAAC;AACD,MAAI,CAAC,YAAY,SAAS;AACxB,WAAO,aAAa,KAAK,EAAE,OAAO,qCAAqC,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC3F;AACA,QAAM,EAAE,UAAU,UAAU,MAAM,SAAS,IAAI,YAAY;AAE3D,QAAM,EAAE,QAAQ,IAAI,MAAM,uBAAuB;AACjD,QAAM,KAAK,QAAQ,IAAI;AACvB,QAAM,SAAkC,EAAE,UAAU,UAAU,UAAU,KAAK,SAAU;AACvF,MAAI,KAAK,MAAO,QAAO,iBAAiB,KAAK;AAC7C,QAAM,UAA0C,EAAE,WAAW,OAAO;AACpE,QAAM,YAAY,OAAO,SAAS,YAAY,OAAO,aAAa;AAClE,QAAM,QAAQ,YAAY,MAAM,GAAG,MAAM,YAAY,MAAM,IAAI;AAC/D,QAAM,cAAc,YAAY,KAAK,IAAI,GAAG,IAAI,IAAI;AACpD,QAAM,kBAAkB,YAAY,WAAW;AAC/C,QAAM,aAAa,aAAa,UAAU,OAAO,KAAK,IAAI,GAAG,KAAK,KAAK,QAAQ,eAAgB,CAAC,IAAI;AACpG,QAAM,aAAa,aAAa,KAAK,IAAI,aAAc,UAAW,IAAI,KAAK,kBAAmB;AAC9F,QAAM,QAAQ,MAAM;AAAA,IAClB;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,MACE;AAAA,MACA,GAAI,YACA;AAAA,QACE,OAAO;AAAA,QACP,QAAQ;AAAA,MACV,IACA,CAAC;AAAA,IACP;AAAA,IACA;AAAA,MACE,UAAU,KAAK,YAAY;AAAA,MAC3B,gBAAgB,KAAK,SAAS;AAAA,IAChC;AAAA,EACF;AACA,SAAO,aAAa,KAAK;AAAA,IACvB,OAAO,MAAM,IAAI,CAAC,MAAW;AAC3B,YAAMA,YAAW,uBAAuB,EAAE,eAAe;AACzD,aAAO;AAAA,QACL,IAAI,EAAE;AAAA,QACN,KAAK,EAAE;AAAA,QACP,UAAU,EAAE;AAAA,QACZ,UAAU,EAAE;AAAA,QACZ,WAAW,EAAE;AAAA,QACb,UAAU,EAAE,YAAY;AAAA,QACxB,eAAe,EAAE;AAAA,QACjB,SAAS,EAAE,WAAW;AAAA,QACtB,cAAc,wBAAwB,EAAE,IAAI;AAAA,UAC1C,OAAO;AAAA,UACP,QAAQ;AAAA,UACR,MAAM,0BAA0B,EAAE,QAAQ;AAAA,QAC5C,CAAC;AAAA,QACD,MAAMA,UAAS,QAAQ,CAAC;AAAA,QACxB,aAAaA,UAAS,eAAe,CAAC;AAAA,MACxC;AAAA,IACF,CAAC;AAAA,IACD,GAAI,YACA;AAAA,MACE;AAAA,MACA,MAAM,KAAK,IAAI,aAAc,UAAW;AAAA,MACxC,UAAU;AAAA,MACV;AAAA,IACF,IACA,CAAC;AAAA,EACP,CAAC;AACH;AAEA,eAAsB,KAAK,KAAc;AACvC,QAAM,EAAE,EAAE,IAAI,MAAM,oBAAoB;AACxC,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,QAAQ,CAAC,KAAK,YAAY,CAAC,KAAK,MAAO,QAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAC/G,QAAM,WAAW,KAAK;AACtB,QAAM,QAAQ,KAAK;AAEnB,QAAM,cAAc,IAAI,QAAQ,IAAI,cAAc,KAAK;AACvD,MAAI,CAAC,YAAY,YAAY,EAAE,SAAS,qBAAqB,GAAG;AAC9D,WAAO,aAAa,KAAK,EAAE,OAAO,+BAA+B,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACrF;AACA,MAAI,CAAC,oCAAoC,IAAI,QAAQ,IAAI,gBAAgB,CAAC,GAAG;AAC3E,WAAO,aAAa,KAAK,EAAE,OAAO,8CAA8C,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACpG;AAEA,QAAM,OAAO,MAAM,IAAI,SAAS;AAChC,QAAM,cAAc,iBAAiB,IAAI;AACzC,QAAM,oBAAoB,wBAAwB,WAAW,EAAE;AAC/D,QAAM,WAAW,OAAO,KAAK,IAAI,UAAU,KAAK,EAAE;AAClD,QAAM,WAAW,OAAO,KAAK,IAAI,UAAU,KAAK,EAAE;AAClD,QAAM,WAAW,OAAO,KAAK,IAAI,UAAU,KAAK,EAAE;AAClD,QAAM,OAAO,KAAK,IAAI,MAAM;AAC5B,MAAI,CAAC,YAAY,CAAC,YAAY,CAAC,KAAM,QAAO,aAAa,KAAK,EAAE,OAAO,2CAA2C,GAAG,EAAE,QAAQ,IAAI,CAAC;AACpI,QAAM,uBAAuB,KAAK,IAAI,eAAe;AACrD,QAAM,oBACJ,OAAO,yBAAyB,YAAY,qBAAqB,KAAK,EAAE,SAAS,IAC7E,sBAAsB,oBAAoB,IAC1C;AACN,QAAM,OAAO,cAAc,KAAK,IAAI,MAAM,CAAC;AAC3C,QAAM,sBAAsB,qBAAqB,KAAK,IAAI,aAAa,CAAC;AAExE,QAAM,EAAE,QAAQ,IAAI,MAAM,uBAAuB;AACjD,QAAM,KAAK,QAAQ,IAAI;AACvB,QAAM,aAAa,QAAQ,YAAY;AACvC,QAAM,wBAAwB,EAAE;AAEhC,MAAI,qBAAoC;AACxC,MAAI,2BAA0C;AAC9C,MAAI,UAAU;AACZ,QAAI;AACF,YAAM,EAAE,eAAe,IAAI,MAAM,OAAO,mDAAmD;AAC3F,YAAM,MAAM,MAAM,GAAG,QAAQ,gBAAgB;AAAA,QAC3C;AAAA,QACA,KAAK;AAAA,QACL,MAAM;AAAA,UACJ,EAAE,KAAK,CAAE,EAAE,UAAU,KAAK,SAAS,GAAG,EAAE,UAAU,KAAK,CAAE,EAAE;AAAA,QAC7D;AAAA,QACA,UAAU;AAAA,MACZ,CAAC;AACD,YAAM,MAAO,KAAa,cAAc,CAAC;AACzC,YAAM,OAAO,KAAK,QAAQ,IAAI,MAAM,GAAG,EAAE,IAAI,GAAG,YAAY,KAAK;AACjE,UAAI,MAAM,QAAQ,IAAI,gBAAgB,KAAK,IAAI,iBAAiB,QAAQ;AACtE,cAAM,UAAU,IAAI,IAAK,IAAI,iBAA2B,IAAI,CAAC,MAAW,OAAO,CAAC,EAAE,YAAY,EAAE,QAAQ,OAAO,EAAE,CAAC,CAAC;AACnH,YAAI,CAAC,QAAQ,IAAI,GAAG,EAAG,QAAO,aAAa,KAAK,EAAE,OAAO,wBAAwB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,MACrG;AACA,UAAI,OAAO,IAAI,wBAAwB,YAAY,IAAI,sBAAsB,GAAG;AAC9E,mCAA2B,IAAI;AAAA,MACjC;AACA,UAAI,OAAO,IAAI,kBAAkB,YAAY,IAAI,cAAc,KAAK,EAAE,SAAS,GAAG;AAChF,6BAAqB,sBAAsB,IAAI,aAAa;AAAA,MAC9D;AAAA,IACF,QAAQ;AAAA,IAAC;AAAA,EACX;AACA,MAAI,gCAAgC,KAAK,IAAI,GAAG;AAC9C,WAAO,aAAa,KAAK;AAAA,MACvB,OAAO,EAAE,0CAA0C,uDAAuD;AAAA,IAC5G,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACpB;AACA,QAAM,oBAAoB,0BAA0B,wBAAwB;AAC5E,MAAI,KAAK,OAAO,mBAAmB;AACjC,WAAO,aAAa,KAAK;AAAA,MACvB,OAAO,EAAE,oCAAoC,6CAA6C;AAAA,IAC5F,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACpB;AACA,QAAM,mBAAmB,MAAM,+BAA+B,IAAI,QAAQ;AAC1E,MAAI,gCAAgC,kBAAkB,KAAK,IAAI,GAAG;AAChE,WAAO,aAAa,KAAK;AAAA,MACvB,OAAO,EAAE,oCAAoC,oDAAoD;AAAA,IACnG,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACpB;AACA,QAAM,MAAM,OAAO,KAAK,MAAM,KAAK,YAAY,CAAC;AAChD,QAAM,WAAW,yBAAyB,KAAK,IAAI;AACnD,QAAM,eAAe,yBAAyB,KAAK,UAAW,KAAa,IAAI;AAC/E,MAAI,0BAA0B,KAAK,UAAU,YAAY,GAAG;AAC1D,WAAO,aAAa,KAAK,EAAE,OAAO,EAAE,2CAA2C,yCAAyC,EAAE,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC9I;AACA,QAAM,uBAAuB,4BAA4B,QAAQ;AACjE,QAAM,wBAAwB,qBAAqB,sBAAsB;AACzE,QAAM,0BAA0B,MAAM;AAAA,IACpC,IAAI;AAAA,MACF,CAAC,mBAAmB,oBAAoB,qBAAqB,EAAE;AAAA,QAC7D,CAAC,SAAyB,OAAO,SAAS,YAAY,KAAK,SAAS;AAAA,MACtE;AAAA,IACF;AAAA,EACF;AACA,MAAI,YAAwC;AAC5C,aAAW,QAAQ,yBAAyB;AAC1C,UAAM,SAAS,MAAM,GAAG,QAAQ,qBAAqB,EAAE,KAAK,CAAC;AAC7D,QAAI,QAAQ;AACV,kBAAY;AACZ;AAAA,IACF;AAAA,EACF;AACA,MAAI,CAAC,WAAW;AACd,gBAAY,MAAM,GAAG,QAAQ,qBAAqB,EAAE,MAAM,qBAAqB,CAAC;AAAA,EAClF;AACA,MAAI,CAAC,WAAW;AACd,WAAO,aAAa,KAAK,EAAE,OAAO,uCAAuC,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC7F;AACA,QAAM,0BACJ,OAAO,sBAAsB,YAC7B,kBAAkB,SAAS,KAC3B,UAAU,SAAS,qBACnB,UAAU,aAAa,QACvB,UAAU,SAAS,wBACnB,UAAU,SAAS;AACrB,MAAI,yBAAyB;AAC3B,WAAO,aAAa,KAAK,EAAE,OAAO,EAAE,6CAA6C,0EAA0E,EAAE,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACjL;AACA,MAAI;AACJ,MAAI;AACF,aAAS,MAAM,mBAAmB;AAAA,MAChC,eAAe,UAAU;AAAA,MACzB;AAAA,MACA;AAAA,MACA,UAAU;AAAA,MACV,QAAQ;AAAA,IACV,CAAC;AAAA,EACH,SAAS,OAAO;AACd,YAAQ,MAAM,wCAAwC,KAAK;AAC3D,WAAO,aAAa,KAAK,EAAE,OAAO,gCAAgC,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACtF;AAEA,QAAM,cACJ,OAAQ,UAAkB,gBAAgB,YACtC,QAAS,UAAkB,WAAW,IACtC,mCAAmC;AACzC,MAAI,mBAAkC;AACtC,QAAM,cAAc,eAAe,gBAAgB,cAAc,QAAQ;AACzE,QAAM,aAAa,cAAc,IAAI,WAAW,IAAI;AACpD,QAAM,YAAY,QAAQ,eAAe,YAAY,SAAS;AAE9D,MAAI,eAAe,CAAC,WAAW;AAC7B,QAAI;AACF,yBAAmB,MAAM,yBAAyB;AAAA,QAChD,UAAU,OAAO;AAAA,QACjB,UAAU;AAAA,MACZ,CAAC;AAAA,IACH,SAAS,OAAO;AACd,cAAQ,MAAM,sDAAsD,KAAK;AAAA,IAC3E;AAAA,EACF;AAEA,MAAI,cAAc,oBAAoB,MAAM;AAC5C,MAAI,aAAa,mBAAmB;AAClC,kBAAc,iBAAiB,aAAa,EAAE,MAAM,UAAU,IAAI,SAAS,CAAC;AAAA,EAC9E;AACA,QAAMA,YAAW,wBAAwB,MAAM,EAAE,aAAa,KAAK,CAAC;AACpE,QAAM,eAAe,WAAW;AAChC,QAAM,MAAM,GAAG,OAAO,YAAY;AAAA,IAChC,IAAI;AAAA,IACJ;AAAA,IACA;AAAA,IACA,gBAAgB,KAAK;AAAA,IACrB,UAAU,KAAK;AAAA,IACf,UAAU;AAAA,IACV,UAAU;AAAA,IACV,UAAU,IAAI;AAAA,IACd,eAAe,UAAU;AAAA,IACzB,eAAe,UAAU,iBAAiB;AAAA,IAC1C,aAAa,OAAO;AAAA,IACpB,KAAK,uBAAuB,YAAY;AAAA,IACxC,SAAS;AAAA,IACT,iBAAiBA;AAAA,EACnB,CAAC;AACD,QAAM,GAAG,QAAQ,GAAG,EAAE,MAAM;AAE5B,MAAI,WAAW;AACb,yBAAqB,IAAI,KAAK,OAAO,YAAY,EAAE,MAAM,CAAC,UAAU;AAClE,cAAQ,MAAM,gDAAgD,KAAK;AAAA,IACrE,CAAC;AAAA,EACH,WAAW,aAAa;AACtB,YAAQ,KAAK,+GAA+G;AAAA,EAC9H;AAEA,MAAI,YAAY;AACd,QAAI;AACF,YAAM,qBAAqB;AAAA,QACzB;AAAA,QACA,UAAU,EAAE,YAAY;AAAA,QACxB,UAAU;AAAA,QACV;AAAA,QACA,gBAAgB;AAAA,QAChB,QAAQ;AAAA,MACV,CAAC;AAAA,IACH,SAAS,OAAO;AACd,cAAQ,MAAM,qDAAqD,KAAK;AACxE,aAAO,aAAa,KAAK,EAAE,OAAO,wCAAwC,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,IAC9F;AACA,UAAM,oBAAoB;AAAA,MACxB;AAAA,MACA,QAAQ;AAAA,MACR,QAAQ;AAAA,MACR,aAAa;AAAA,QACX,IAAI,IAAI;AAAA,QACR,gBAAgB,IAAI,kBAAkB;AAAA,QACtC,UAAU,IAAI,YAAY;AAAA,MAC5B;AAAA,MACA,QAAQ;AAAA,MACR,SAAS;AAAA,IACX,CAAC;AACD,UAAM,WAAW,sBAAsB;AAAA,EACzC;AAEA,SAAO,aAAa,KAAK;AAAA,IACvB,IAAI;AAAA,IACJ,MAAM;AAAA,MACJ,IAAI;AAAA,MACJ,KAAK,IAAI;AAAA,MACT,UAAU;AAAA,MACV,UAAU,IAAI;AAAA,MACd,eAAe,UAAU;AAAA,MACzB,cAAc,wBAAwB,cAAc;AAAA,QAClD,OAAO;AAAA,QACP,QAAQ;AAAA,QACR,MAAM,0BAA0B,QAAQ;AAAA,MAC1C,CAAC;AAAA,MACD,SAAS,oBAAoB;AAAA,MAC7B,MAAMA,UAAS,QAAQ,CAAC;AAAA,MACxB,aAAaA,UAAS,eAAe,CAAC;AAAA,MACtC,cAAc,OAAO,KAAK,iBAAiB,EAAE,SAAS,oBAAoB;AAAA,IAC5E;AAAA,EACF,CAAC;AACH;AAEA,eAAe,+BAA+B,IAAmB,UAAmC;AAClG,MAAI;AACF,UAAM,KAAK,GAAG,UAAe;AAC7B,UAAM,MAAM,MAAM,GACf,WAAW,aAAa,EACxB,OAAO,oBAA4B,GAAG,YAAY,CAAC,EACnD,MAAM,aAAa,KAAK,QAAQ,EAChC,iBAAiB;AACpB,UAAM,QAAQ,KAAK;AACnB,QAAI,OAAO,UAAU,SAAU,QAAO,OAAO,SAAS,KAAK,IAAI,QAAQ;AACvE,QAAI,OAAO,UAAU,UAAU;AAC7B,YAAM,SAAS,OAAO,KAAK;AAC3B,aAAO,OAAO,SAAS,MAAM,IAAI,SAAS;AAAA,IAC5C;AACA,WAAO;AAAA,EACT,QAAQ;AACN,WAAO;AAAA,EACT;AACF;AAEA,eAAsB,OAAO,KAAc;AACzC,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,QAAQ,CAAC,KAAK,YAAY,CAAC,KAAK,MAAO,QAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAC/G,QAAM,MAAM,IAAI,IAAI,IAAI,GAAG;AAC3B,QAAM,KAAK,IAAI,aAAa,IAAI,IAAI,KAAK;AACzC,MAAI,CAAC,GAAI,QAAO,aAAa,KAAK,EAAE,OAAO,4BAA4B,GAAG,EAAE,QAAQ,IAAI,CAAC;AACzF,QAAM,EAAE,QAAQ,IAAI,MAAM,uBAAuB;AACjD,QAAM,KAAK,QAAQ,IAAI;AACvB,QAAM,aAAa,QAAQ,YAAY;AACvC,QAAM,eAAwC,EAAE,IAAI,UAAU,KAAK,UAAW,gBAAgB,KAAK,MAAM;AACzG,QAAM,SAAS,MAAM,GAAG,QAAQ,YAAY,YAAY;AACxD,MAAI,CAAC,OAAQ,QAAO,aAAa,KAAK,EAAE,OAAO,uBAAuB,GAAG,EAAE,QAAQ,IAAI,CAAC;AACxF,QAAM,GAAG,OAAO,MAAM,EAAE,MAAM;AAC9B,QAAM,8BAA8B,OAAO,eAAe,OAAO,EAAE,EAAE,MAAM,CAAC,UAAU;AACpF,YAAQ,MAAM,qDAAqD,KAAK;AAAA,EAC1E,CAAC;AACD,MAAI,OAAO,aAAa;AACtB,UAAM,oBAAoB,OAAO,eAAe,OAAO,aAAa,OAAO,aAAa;AAAA,EAC1F;AACA,MAAI,YAAY;AACd,UAAM,oBAAoB;AAAA,MACxB;AAAA,MACA,QAAQ;AAAA,MACR,QAAQ;AAAA,MACR,aAAa;AAAA,QACX,IAAI,OAAO;AAAA,QACX,gBAAgB,OAAO,kBAAkB;AAAA,QACzC,UAAU,OAAO,YAAY;AAAA,MAC/B;AAAA,MACA,QAAQ;AAAA,MACR,SAAS;AAAA,IACX,CAAC;AACD,UAAM,WAAW,sBAAsB;AAAA,EACzC;AACA,SAAO,aAAa,KAAK,EAAE,IAAI,KAAK,CAAC;AACvC;AAEO,MAAM,UAA2B;AAAA,EACtC,SAAS;AAAA,EACT,aAAa;AAAA,EACb,SAAS;AAAA,IACP,KAAK;AAAA,MACH,SAAS;AAAA,MACT,aAAa;AAAA,MACb,OAAO;AAAA,MACP,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,oCAAoC,QAAQ,6BAA6B;AAAA,MACvG;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,wCAAwC,QAAQ,YAAY;AAAA,QACxF,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,YAAY;AAAA,MAClE;AAAA,IACF;AAAA,IACA,MAAM;AAAA,MACJ,SAAS;AAAA,MACT,aAAa;AAAA,MACb,aAAa;AAAA,QACX,aAAa;AAAA,QACb,QAAQ;AAAA,MACV;AAAA,MACA,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,kCAAkC,QAAQ,qBAAqB;AAAA,MAC7F;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,4BAA4B,QAAQ,YAAY;AAAA,QAC5E,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,YAAY;AAAA,QAChE,EAAE,QAAQ,KAAK,aAAa,yCAAyC,QAAQ,YAAY;AAAA,MAC3F;AAAA,IACF;AAAA,IACA,QAAQ;AAAA,MACN,SAAS;AAAA,MACT,aAAa;AAAA,MACb,OAAO;AAAA,MACP,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,sBAAsB,QAAQ,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,IAAI,EAAE,CAAC,EAAE;AAAA,QAC5F,EAAE,QAAQ,KAAK,aAAa,wBAAwB,QAAQ,YAAY;AAAA,MAC1E;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,iCAAiC,QAAQ,YAAY;AAAA,QACjF,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,YAAY;AAAA,MAClE;AAAA,IACF;AAAA,EACF;AACF;",
   "names": ["metadata"]
 }

package/dist/modules/attachments/api/transfer/route.js CHANGED Viewed

@@ -65,7 +65,7 @@ async function POST(req) {
     }) ?? [];
     record.storageMetadata = mergeAttachmentMetadata(record.storageMetadata, { assignments: nextAssignments });
   }
-  await em.persistAndFlush(records);
+  await em.persist(records).flush();
   return NextResponse.json({ ok: true, updated: records.length });
 }
 const openApi = {

package/dist/modules/attachments/api/transfer/route.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../../src/modules/attachments/api/transfer/route.ts"],
-  "sourcesContent": ["import { NextResponse } from 'next/server'\nimport { z } from 'zod'\nimport type { OpenApiRouteDoc } from '@open-mercato/shared/lib/openapi'\nimport { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { mergeAttachmentMetadata, readAttachmentMetadata } from '../../lib/metadata'\nimport {\n  attachmentsTag,\n  transferAttachmentsRequestSchema,\n  transferAttachmentsResponseSchema,\n  attachmentErrorSchema,\n} from '../openapi'\n\nconst transferSchema = z.object({\n  entityId: z.string().min(1),\n  attachmentIds: z.array(z.string().uuid()).min(1),\n  fromRecordId: z.string().min(1).optional(),\n  toRecordId: z.string().min(1),\n})\n\nexport const metadata = {\n  POST: { requireAuth: true, requireFeatures: ['attachments.manage'] },\n}\n\nexport async function POST(req: Request) {\n  const auth = await getAuthFromRequest(req)\n  if (!auth || !auth.tenantId || !auth.orgId) {\n    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n  }\n  const json = await req.json().catch(() => null)\n  const parsed = transferSchema.safeParse(json)\n  if (!parsed.success) {\n    return NextResponse.json({ error: 'Invalid payload' }, { status: 400 })\n  }\n  const { attachmentIds, entityId, fromRecordId, toRecordId } = parsed.data\n  const { resolve } = await createRequestContainer()\n  const em = resolve('em') as any\n  let AttachmentEntity: any\n  try {\n    const mod = await import('@open-mercato/core/modules/attachments/data/entities')\n    AttachmentEntity = mod.Attachment\n  } catch {\n    return NextResponse.json({ error: 'Attachment model missing' }, { status: 500 })\n  }\n  const filters: Record<string, unknown> = {\n    id: { $in: attachmentIds },\n    entityId,\n    tenantId: auth.tenantId,\n    organizationId: auth.orgId,\n  }\n  if (fromRecordId) {\n    filters.recordId = fromRecordId\n  }\n  const records = await em.find(AttachmentEntity, filters)\n  if (!records.length) {\n    return NextResponse.json({ error: 'Attachments not found' }, { status: 404 })\n  }\n  for (const record of records) {\n    const previousRecordId = record.recordId\n    record.recordId = toRecordId\n    const metadata = readAttachmentMetadata(record.storageMetadata)\n    const nextAssignments =\n      metadata.assignments?.map((assignment) => {\n        const matchesType = assignment.type === entityId\n        const matchesRecord = fromRecordId\n          ? assignment.id === fromRecordId\n          : assignment.id === previousRecordId\n        if (matchesType && matchesRecord) {\n          return { ...assignment, id: toRecordId }\n        }\n        return assignment\n      }) ?? []\n    record.storageMetadata = mergeAttachmentMetadata(record.storageMetadata, { assignments: nextAssignments })\n  }\n  await em.persistAndFlush(records)\n  return NextResponse.json({ ok: true, updated: records.length })\n}\n\nexport const openApi: OpenApiRouteDoc = {\n  tag: attachmentsTag,\n  summary: 'Transfer attachments between records',\n  methods: {\n    POST: {\n      summary: 'Transfer attachments to different record',\n      description: 'Transfers one or more attachments from one record to another within the same entity type. Updates attachment assignments and metadata to reflect the new record.',\n      requestBody: {\n        contentType: 'application/json',\n        schema: transferAttachmentsRequestSchema,\n      },\n      responses: [\n        { status: 200, description: 'Attachments transferred successfully', schema: transferAttachmentsResponseSchema },\n      ],\n      errors: [\n        { status: 400, description: 'Invalid payload', schema: attachmentErrorSchema },\n        { status: 401, description: 'Unauthorized', schema: attachmentErrorSchema },\n        { status: 404, description: 'Attachments not found', schema: attachmentErrorSchema },\n        { status: 500, description: 'Attachment model missing', schema: attachmentErrorSchema },\n      ],\n    },\n  },\n}\n"],
-  "mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,SAAS;AAElB,SAAS,0BAA0B;AACnC,SAAS,8BAA8B;AACvC,SAAS,yBAAyB,8BAA8B;AAChE;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;AAEP,MAAM,iBAAiB,EAAE,OAAO;AAAA,EAC9B,UAAU,EAAE,OAAO,EAAE,IAAI,CAAC;AAAA,EAC1B,eAAe,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,CAAC,EAAE,IAAI,CAAC;AAAA,EAC/C,cAAc,EAAE,OAAO,EAAE,IAAI,CAAC,EAAE,SAAS;AAAA,EACzC,YAAY,EAAE,OAAO,EAAE,IAAI,CAAC;AAC9B,CAAC;AAEM,MAAM,WAAW;AAAA,EACtB,MAAM,EAAE,aAAa,MAAM,iBAAiB,CAAC,oBAAoB,EAAE;AACrE;AAEA,eAAsB,KAAK,KAAc;AACvC,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,QAAQ,CAAC,KAAK,YAAY,CAAC,KAAK,OAAO;AAC1C,WAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACrE;AACA,QAAM,OAAO,MAAM,IAAI,KAAK,EAAE,MAAM,MAAM,IAAI;AAC9C,QAAM,SAAS,eAAe,UAAU,IAAI;AAC5C,MAAI,CAAC,OAAO,SAAS;AACnB,WAAO,aAAa,KAAK,EAAE,OAAO,kBAAkB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACxE;AACA,QAAM,EAAE,eAAe,UAAU,cAAc,WAAW,IAAI,OAAO;AACrE,QAAM,EAAE,QAAQ,IAAI,MAAM,uBAAuB;AACjD,QAAM,KAAK,QAAQ,IAAI;AACvB,MAAI;AACJ,MAAI;AACF,UAAM,MAAM,MAAM,OAAO,sDAAsD;AAC/E,uBAAmB,IAAI;AAAA,EACzB,QAAQ;AACN,WAAO,aAAa,KAAK,EAAE,OAAO,2BAA2B,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACjF;AACA,QAAM,UAAmC;AAAA,IACvC,IAAI,EAAE,KAAK,cAAc;AAAA,IACzB;AAAA,IACA,UAAU,KAAK;AAAA,IACf,gBAAgB,KAAK;AAAA,EACvB;AACA,MAAI,cAAc;AAChB,YAAQ,WAAW;AAAA,EACrB;AACA,QAAM,UAAU,MAAM,GAAG,KAAK,kBAAkB,OAAO;AACvD,MAAI,CAAC,QAAQ,QAAQ;AACnB,WAAO,aAAa,KAAK,EAAE,OAAO,wBAAwB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC9E;AACA,aAAW,UAAU,SAAS;AAC5B,UAAM,mBAAmB,OAAO;AAChC,WAAO,WAAW;AAClB,UAAMA,YAAW,uBAAuB,OAAO,eAAe;AAC9D,UAAM,kBACJA,UAAS,aAAa,IAAI,CAAC,eAAe;AACxC,YAAM,cAAc,WAAW,SAAS;AACxC,YAAM,gBAAgB,eAClB,WAAW,OAAO,eAClB,WAAW,OAAO;AACtB,UAAI,eAAe,eAAe;AAChC,eAAO,EAAE,GAAG,YAAY,IAAI,WAAW;AAAA,MACzC;AACA,aAAO;AAAA,IACT,CAAC,KAAK,CAAC;AACT,WAAO,kBAAkB,wBAAwB,OAAO,iBAAiB,EAAE,aAAa,gBAAgB,CAAC;AAAA,EAC3G;AACA,QAAM,GAAG,gBAAgB,OAAO;AAChC,SAAO,aAAa,KAAK,EAAE,IAAI,MAAM,SAAS,QAAQ,OAAO,CAAC;AAChE;AAEO,MAAM,UAA2B;AAAA,EACtC,KAAK;AAAA,EACL,SAAS;AAAA,EACT,SAAS;AAAA,IACP,MAAM;AAAA,MACJ,SAAS;AAAA,MACT,aAAa;AAAA,MACb,aAAa;AAAA,QACX,aAAa;AAAA,QACb,QAAQ;AAAA,MACV;AAAA,MACA,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,wCAAwC,QAAQ,kCAAkC;AAAA,MAChH;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,mBAAmB,QAAQ,sBAAsB;AAAA,QAC7E,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,sBAAsB;AAAA,QAC1E,EAAE,QAAQ,KAAK,aAAa,yBAAyB,QAAQ,sBAAsB;AAAA,QACnF,EAAE,QAAQ,KAAK,aAAa,4BAA4B,QAAQ,sBAAsB;AAAA,MACxF;AAAA,IACF;AAAA,EACF;AACF;",
+  "sourcesContent": ["import { NextResponse } from 'next/server'\nimport { z } from 'zod'\nimport type { OpenApiRouteDoc } from '@open-mercato/shared/lib/openapi'\nimport { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { mergeAttachmentMetadata, readAttachmentMetadata } from '../../lib/metadata'\nimport {\n  attachmentsTag,\n  transferAttachmentsRequestSchema,\n  transferAttachmentsResponseSchema,\n  attachmentErrorSchema,\n} from '../openapi'\n\nconst transferSchema = z.object({\n  entityId: z.string().min(1),\n  attachmentIds: z.array(z.string().uuid()).min(1),\n  fromRecordId: z.string().min(1).optional(),\n  toRecordId: z.string().min(1),\n})\n\nexport const metadata = {\n  POST: { requireAuth: true, requireFeatures: ['attachments.manage'] },\n}\n\nexport async function POST(req: Request) {\n  const auth = await getAuthFromRequest(req)\n  if (!auth || !auth.tenantId || !auth.orgId) {\n    return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n  }\n  const json = await req.json().catch(() => null)\n  const parsed = transferSchema.safeParse(json)\n  if (!parsed.success) {\n    return NextResponse.json({ error: 'Invalid payload' }, { status: 400 })\n  }\n  const { attachmentIds, entityId, fromRecordId, toRecordId } = parsed.data\n  const { resolve } = await createRequestContainer()\n  const em = resolve('em') as any\n  let AttachmentEntity: any\n  try {\n    const mod = await import('@open-mercato/core/modules/attachments/data/entities')\n    AttachmentEntity = mod.Attachment\n  } catch {\n    return NextResponse.json({ error: 'Attachment model missing' }, { status: 500 })\n  }\n  const filters: Record<string, unknown> = {\n    id: { $in: attachmentIds },\n    entityId,\n    tenantId: auth.tenantId,\n    organizationId: auth.orgId,\n  }\n  if (fromRecordId) {\n    filters.recordId = fromRecordId\n  }\n  const records = await em.find(AttachmentEntity, filters)\n  if (!records.length) {\n    return NextResponse.json({ error: 'Attachments not found' }, { status: 404 })\n  }\n  for (const record of records) {\n    const previousRecordId = record.recordId\n    record.recordId = toRecordId\n    const metadata = readAttachmentMetadata(record.storageMetadata)\n    const nextAssignments =\n      metadata.assignments?.map((assignment) => {\n        const matchesType = assignment.type === entityId\n        const matchesRecord = fromRecordId\n          ? assignment.id === fromRecordId\n          : assignment.id === previousRecordId\n        if (matchesType && matchesRecord) {\n          return { ...assignment, id: toRecordId }\n        }\n        return assignment\n      }) ?? []\n    record.storageMetadata = mergeAttachmentMetadata(record.storageMetadata, { assignments: nextAssignments })\n  }\n  await em.persist(records).flush()\n  return NextResponse.json({ ok: true, updated: records.length })\n}\n\nexport const openApi: OpenApiRouteDoc = {\n  tag: attachmentsTag,\n  summary: 'Transfer attachments between records',\n  methods: {\n    POST: {\n      summary: 'Transfer attachments to different record',\n      description: 'Transfers one or more attachments from one record to another within the same entity type. Updates attachment assignments and metadata to reflect the new record.',\n      requestBody: {\n        contentType: 'application/json',\n        schema: transferAttachmentsRequestSchema,\n      },\n      responses: [\n        { status: 200, description: 'Attachments transferred successfully', schema: transferAttachmentsResponseSchema },\n      ],\n      errors: [\n        { status: 400, description: 'Invalid payload', schema: attachmentErrorSchema },\n        { status: 401, description: 'Unauthorized', schema: attachmentErrorSchema },\n        { status: 404, description: 'Attachments not found', schema: attachmentErrorSchema },\n        { status: 500, description: 'Attachment model missing', schema: attachmentErrorSchema },\n      ],\n    },\n  },\n}\n"],
+  "mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,SAAS;AAElB,SAAS,0BAA0B;AACnC,SAAS,8BAA8B;AACvC,SAAS,yBAAyB,8BAA8B;AAChE;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;AAEP,MAAM,iBAAiB,EAAE,OAAO;AAAA,EAC9B,UAAU,EAAE,OAAO,EAAE,IAAI,CAAC;AAAA,EAC1B,eAAe,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,CAAC,EAAE,IAAI,CAAC;AAAA,EAC/C,cAAc,EAAE,OAAO,EAAE,IAAI,CAAC,EAAE,SAAS;AAAA,EACzC,YAAY,EAAE,OAAO,EAAE,IAAI,CAAC;AAC9B,CAAC;AAEM,MAAM,WAAW;AAAA,EACtB,MAAM,EAAE,aAAa,MAAM,iBAAiB,CAAC,oBAAoB,EAAE;AACrE;AAEA,eAAsB,KAAK,KAAc;AACvC,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,QAAQ,CAAC,KAAK,YAAY,CAAC,KAAK,OAAO;AAC1C,WAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACrE;AACA,QAAM,OAAO,MAAM,IAAI,KAAK,EAAE,MAAM,MAAM,IAAI;AAC9C,QAAM,SAAS,eAAe,UAAU,IAAI;AAC5C,MAAI,CAAC,OAAO,SAAS;AACnB,WAAO,aAAa,KAAK,EAAE,OAAO,kBAAkB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACxE;AACA,QAAM,EAAE,eAAe,UAAU,cAAc,WAAW,IAAI,OAAO;AACrE,QAAM,EAAE,QAAQ,IAAI,MAAM,uBAAuB;AACjD,QAAM,KAAK,QAAQ,IAAI;AACvB,MAAI;AACJ,MAAI;AACF,UAAM,MAAM,MAAM,OAAO,sDAAsD;AAC/E,uBAAmB,IAAI;AAAA,EACzB,QAAQ;AACN,WAAO,aAAa,KAAK,EAAE,OAAO,2BAA2B,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACjF;AACA,QAAM,UAAmC;AAAA,IACvC,IAAI,EAAE,KAAK,cAAc;AAAA,IACzB;AAAA,IACA,UAAU,KAAK;AAAA,IACf,gBAAgB,KAAK;AAAA,EACvB;AACA,MAAI,cAAc;AAChB,YAAQ,WAAW;AAAA,EACrB;AACA,QAAM,UAAU,MAAM,GAAG,KAAK,kBAAkB,OAAO;AACvD,MAAI,CAAC,QAAQ,QAAQ;AACnB,WAAO,aAAa,KAAK,EAAE,OAAO,wBAAwB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAC9E;AACA,aAAW,UAAU,SAAS;AAC5B,UAAM,mBAAmB,OAAO;AAChC,WAAO,WAAW;AAClB,UAAMA,YAAW,uBAAuB,OAAO,eAAe;AAC9D,UAAM,kBACJA,UAAS,aAAa,IAAI,CAAC,eAAe;AACxC,YAAM,cAAc,WAAW,SAAS;AACxC,YAAM,gBAAgB,eAClB,WAAW,OAAO,eAClB,WAAW,OAAO;AACtB,UAAI,eAAe,eAAe;AAChC,eAAO,EAAE,GAAG,YAAY,IAAI,WAAW;AAAA,MACzC;AACA,aAAO;AAAA,IACT,CAAC,KAAK,CAAC;AACT,WAAO,kBAAkB,wBAAwB,OAAO,iBAAiB,EAAE,aAAa,gBAAgB,CAAC;AAAA,EAC3G;AACA,QAAM,GAAG,QAAQ,OAAO,EAAE,MAAM;AAChC,SAAO,aAAa,KAAK,EAAE,IAAI,MAAM,SAAS,QAAQ,OAAO,CAAC;AAChE;AAEO,MAAM,UAA2B;AAAA,EACtC,KAAK;AAAA,EACL,SAAS;AAAA,EACT,SAAS;AAAA,IACP,MAAM;AAAA,MACJ,SAAS;AAAA,MACT,aAAa;AAAA,MACb,aAAa;AAAA,QACX,aAAa;AAAA,QACb,QAAQ;AAAA,MACV;AAAA,MACA,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,wCAAwC,QAAQ,kCAAkC;AAAA,MAChH;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,mBAAmB,QAAQ,sBAAsB;AAAA,QAC7E,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,sBAAsB;AAAA,QAC1E,EAAE,QAAQ,KAAK,aAAa,yBAAyB,QAAQ,sBAAsB;AAAA,QACnF,EAAE,QAAQ,KAAK,aAAa,4BAA4B,QAAQ,sBAAsB;AAAA,MACxF;AAAA,IACF;AAAA,EACF;AACF;",
   "names": ["metadata"]
 }

package/dist/modules/attachments/data/entities.js CHANGED Viewed

@@ -8,7 +8,8 @@ var __decorateClass = (decorators, target, key, kind) => {
   if (kind && result) __defProp(target, key, result);
   return result;
 };
-import { Entity, Index, OptionalProps, PrimaryKey, Property, Unique } from "@mikro-orm/core";
+import { OptionalProps } from "@mikro-orm/core";
+import { Entity, Index, PrimaryKey, Property, Unique } from "@mikro-orm/decorators/legacy";
 import { resolveDefaultAttachmentOcrEnabled } from "../lib/ocrConfig.js";
 OptionalProps;
 let AttachmentPartition = class {

package/dist/modules/attachments/data/entities.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../src/modules/attachments/data/entities.ts"],
-  "sourcesContent": ["import { Entity, Index, OptionalProps, PrimaryKey, Property, Unique } from '@mikro-orm/core'\nimport { resolveDefaultAttachmentOcrEnabled } from '../lib/ocrConfig'\n\n@Entity({ tableName: 'attachment_partitions' })\n@Unique({ name: 'attachment_partitions_code_unique', properties: ['code'] })\nexport class AttachmentPartition {\n  [OptionalProps]?: 'createdAt' | 'updatedAt'\n\n  @PrimaryKey({ type: 'uuid', defaultRaw: 'gen_random_uuid()' })\n  id!: string\n\n  @Property({ type: 'text' })\n  code!: string\n\n  @Property({ type: 'text' })\n  title!: string\n\n  @Property({ type: 'text', nullable: true })\n  description?: string | null\n\n  @Property({ name: 'storage_driver', type: 'text', default: 'local' })\n  storageDriver: string = 'local'\n\n  @Property({ name: 'config_json', type: 'json', nullable: true })\n  configJson?: Record<string, unknown> | null\n\n  @Property({ name: 'is_public', type: 'boolean', default: false })\n  isPublic: boolean = false\n\n  @Property({ name: 'requires_ocr', type: 'boolean', default: resolveDefaultAttachmentOcrEnabled() })\n  requiresOcr: boolean = resolveDefaultAttachmentOcrEnabled()\n\n  @Property({ name: 'ocr_model', type: 'text', nullable: true })\n  ocrModel?: string | null\n\n  @Property({ name: 'created_at', type: Date, onCreate: () => new Date() })\n  createdAt: Date = new Date()\n\n  @Property({ name: 'updated_at', type: Date, onUpdate: () => new Date() })\n  updatedAt: Date = new Date()\n}\n\n@Entity({ tableName: 'attachments' })\nexport class Attachment {\n  [OptionalProps]?: 'createdAt'\n\n  @PrimaryKey({ type: 'uuid', defaultRaw: 'gen_random_uuid()' })\n  id!: string\n\n  @Property({ name: 'entity_id', type: 'text' })\n  entityId!: string\n\n  @Property({ name: 'record_id', type: 'text' })\n  @Index({ name: 'attachments_entity_record_idx' })\n  recordId!: string\n\n  @Property({ name: 'organization_id', type: 'uuid', nullable: true })\n  organizationId?: string | null\n\n  @Property({ name: 'tenant_id', type: 'uuid', nullable: true })\n  tenantId?: string | null\n\n  @Property({ name: 'partition_code', type: 'text' })\n  @Index({ name: 'attachments_partition_code_idx' })\n  partitionCode!: string\n\n  @Property({ name: 'file_name', type: 'text' })\n  fileName!: string\n\n  @Property({ name: 'mime_type', type: 'text' })\n  mimeType!: string\n\n  @Property({ name: 'file_size', type: 'int' })\n  fileSize!: number\n\n  @Property({ name: 'storage_driver', type: 'text', default: 'local' })\n  storageDriver: string = 'local'\n\n  @Property({ name: 'storage_path', type: 'text' })\n  storagePath!: string\n\n  @Property({ name: 'storage_metadata', type: 'jsonb', nullable: true })\n  storageMetadata?: Record<string, unknown> | null\n\n  @Property({ name: 'url', type: 'text' })\n  url!: string\n\n  @Property({ name: 'content', type: 'text', nullable: true })\n  content: string | null = null\n\n  @Property({ name: 'created_at', type: Date, onCreate: () => new Date() })\n  createdAt: Date = new Date()\n}\n"],
-  "mappings": ";;;;;;;;;;AAAA,SAAS,QAAQ,OAAO,eAAe,YAAY,UAAU,cAAc;AAC3E,SAAS,0CAA0C;AAKhD;AADI,IAAM,sBAAN,MAA0B;AAAA,EAA1B;AAgBL,yBAAwB;AAMxB,oBAAoB;AAGpB,uBAAuB,mCAAmC;AAM1D,qBAAkB,oBAAI,KAAK;AAG3B,qBAAkB,oBAAI,KAAK;AAAA;AAC7B;AA/BE;AAAA,EADC,WAAW,EAAE,MAAM,QAAQ,YAAY,oBAAoB,CAAC;AAAA,GAHlD,oBAIX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,OAAO,CAAC;AAAA,GANf,oBAOX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,OAAO,CAAC;AAAA,GATf,oBAUX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GAZ/B,oBAaX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,kBAAkB,MAAM,QAAQ,SAAS,QAAQ,CAAC;AAAA,GAfzD,oBAgBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,eAAe,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GAlBpD,oBAmBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,aAAa,MAAM,WAAW,SAAS,MAAM,CAAC;AAAA,GArBrD,oBAsBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,gBAAgB,MAAM,WAAW,SAAS,mCAAmC,EAAE,CAAC;AAAA,GAxBvF,oBAyBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,aAAa,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GA3BlD,oBA4BX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,EAAE,CAAC;AAAA,GA9B7D,oBA+BX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,EAAE,CAAC;AAAA,GAjC7D,oBAkCX;AAlCW,sBAAN;AAAA,EAFN,OAAO,EAAE,WAAW,wBAAwB,CAAC;AAAA,EAC7C,OAAO,EAAE,MAAM,qCAAqC,YAAY,CAAC,MAAM,EAAE,CAAC;AAAA,GAC9D;AAuCV;AADI,IAAM,aAAN,MAAiB;AAAA,EAAjB;AAiCL,yBAAwB;AAYxB,mBAAyB;AAGzB,qBAAkB,oBAAI,KAAK;AAAA;AAC7B;AA7CE;AAAA,EADC,WAAW,EAAE,MAAM,QAAQ,YAAY,oBAAoB,CAAC;AAAA,GAHlD,WAIX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,aAAa,MAAM,OAAO,CAAC;AAAA,GANlC,WAOX;AAIA;AAAA,EAFC,SAAS,EAAE,MAAM,aAAa,MAAM,OAAO,CAAC;AAAA,EAC5C,MAAM,EAAE,MAAM,gCAAgC,CAAC;AAAA,GAVrC,WAWX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,mBAAmB,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GAbxD,WAcX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,aAAa,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GAhBlD,WAiBX;AAIA;AAAA,EAFC,SAAS,EAAE,MAAM,kBAAkB,MAAM,OAAO,CAAC;AAAA,EACjD,MAAM,EAAE,MAAM,iCAAiC,CAAC;AAAA,GApBtC,WAqBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,aAAa,MAAM,OAAO,CAAC;AAAA,GAvBlC,WAwBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,aAAa,MAAM,OAAO,CAAC;AAAA,GA1BlC,WA2BX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,aAAa,MAAM,MAAM,CAAC;AAAA,GA7BjC,WA8BX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,kBAAkB,MAAM,QAAQ,SAAS,QAAQ,CAAC;AAAA,GAhCzD,WAiCX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,gBAAgB,MAAM,OAAO,CAAC;AAAA,GAnCrC,WAoCX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,oBAAoB,MAAM,SAAS,UAAU,KAAK,CAAC;AAAA,GAtC1D,WAuCX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,OAAO,MAAM,OAAO,CAAC;AAAA,GAzC5B,WA0CX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,WAAW,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GA5ChD,WA6CX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,EAAE,CAAC;AAAA,GA/C7D,WAgDX;AAhDW,aAAN;AAAA,EADN,OAAO,EAAE,WAAW,cAAc,CAAC;AAAA,GACvB;",
+  "sourcesContent": ["import { OptionalProps } from '@mikro-orm/core'\nimport { Entity, Index, PrimaryKey, Property, Unique } from '@mikro-orm/decorators/legacy'\nimport { resolveDefaultAttachmentOcrEnabled } from '../lib/ocrConfig'\n\n@Entity({ tableName: 'attachment_partitions' })\n@Unique({ name: 'attachment_partitions_code_unique', properties: ['code'] })\nexport class AttachmentPartition {\n  [OptionalProps]?: 'createdAt' | 'updatedAt'\n\n  @PrimaryKey({ type: 'uuid', defaultRaw: 'gen_random_uuid()' })\n  id!: string\n\n  @Property({ type: 'text' })\n  code!: string\n\n  @Property({ type: 'text' })\n  title!: string\n\n  @Property({ type: 'text', nullable: true })\n  description?: string | null\n\n  @Property({ name: 'storage_driver', type: 'text', default: 'local' })\n  storageDriver: string = 'local'\n\n  @Property({ name: 'config_json', type: 'json', nullable: true })\n  configJson?: Record<string, unknown> | null\n\n  @Property({ name: 'is_public', type: 'boolean', default: false })\n  isPublic: boolean = false\n\n  @Property({ name: 'requires_ocr', type: 'boolean', default: resolveDefaultAttachmentOcrEnabled() })\n  requiresOcr: boolean = resolveDefaultAttachmentOcrEnabled()\n\n  @Property({ name: 'ocr_model', type: 'text', nullable: true })\n  ocrModel?: string | null\n\n  @Property({ name: 'created_at', type: Date, onCreate: () => new Date() })\n  createdAt: Date = new Date()\n\n  @Property({ name: 'updated_at', type: Date, onUpdate: () => new Date() })\n  updatedAt: Date = new Date()\n}\n\n@Entity({ tableName: 'attachments' })\nexport class Attachment {\n  [OptionalProps]?: 'createdAt'\n\n  @PrimaryKey({ type: 'uuid', defaultRaw: 'gen_random_uuid()' })\n  id!: string\n\n  @Property({ name: 'entity_id', type: 'text' })\n  entityId!: string\n\n  @Property({ name: 'record_id', type: 'text' })\n  @Index({ name: 'attachments_entity_record_idx' })\n  recordId!: string\n\n  @Property({ name: 'organization_id', type: 'uuid', nullable: true })\n  organizationId?: string | null\n\n  @Property({ name: 'tenant_id', type: 'uuid', nullable: true })\n  tenantId?: string | null\n\n  @Property({ name: 'partition_code', type: 'text' })\n  @Index({ name: 'attachments_partition_code_idx' })\n  partitionCode!: string\n\n  @Property({ name: 'file_name', type: 'text' })\n  fileName!: string\n\n  @Property({ name: 'mime_type', type: 'text' })\n  mimeType!: string\n\n  @Property({ name: 'file_size', type: 'int' })\n  fileSize!: number\n\n  @Property({ name: 'storage_driver', type: 'text', default: 'local' })\n  storageDriver: string = 'local'\n\n  @Property({ name: 'storage_path', type: 'text' })\n  storagePath!: string\n\n  @Property({ name: 'storage_metadata', type: 'jsonb', nullable: true })\n  storageMetadata?: Record<string, unknown> | null\n\n  @Property({ name: 'url', type: 'text' })\n  url!: string\n\n  @Property({ name: 'content', type: 'text', nullable: true })\n  content: string | null = null\n\n  @Property({ name: 'created_at', type: Date, onCreate: () => new Date() })\n  createdAt: Date = new Date()\n}\n"],
+  "mappings": ";;;;;;;;;;AAAA,SAAS,qBAAqB;AAC9B,SAAS,QAAQ,OAAO,YAAY,UAAU,cAAc;AAC5D,SAAS,0CAA0C;AAKhD;AADI,IAAM,sBAAN,MAA0B;AAAA,EAA1B;AAgBL,yBAAwB;AAMxB,oBAAoB;AAGpB,uBAAuB,mCAAmC;AAM1D,qBAAkB,oBAAI,KAAK;AAG3B,qBAAkB,oBAAI,KAAK;AAAA;AAC7B;AA/BE;AAAA,EADC,WAAW,EAAE,MAAM,QAAQ,YAAY,oBAAoB,CAAC;AAAA,GAHlD,oBAIX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,OAAO,CAAC;AAAA,GANf,oBAOX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,OAAO,CAAC;AAAA,GATf,oBAUX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GAZ/B,oBAaX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,kBAAkB,MAAM,QAAQ,SAAS,QAAQ,CAAC;AAAA,GAfzD,oBAgBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,eAAe,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GAlBpD,oBAmBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,aAAa,MAAM,WAAW,SAAS,MAAM,CAAC;AAAA,GArBrD,oBAsBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,gBAAgB,MAAM,WAAW,SAAS,mCAAmC,EAAE,CAAC;AAAA,GAxBvF,oBAyBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,aAAa,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GA3BlD,oBA4BX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,EAAE,CAAC;AAAA,GA9B7D,oBA+BX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,EAAE,CAAC;AAAA,GAjC7D,oBAkCX;AAlCW,sBAAN;AAAA,EAFN,OAAO,EAAE,WAAW,wBAAwB,CAAC;AAAA,EAC7C,OAAO,EAAE,MAAM,qCAAqC,YAAY,CAAC,MAAM,EAAE,CAAC;AAAA,GAC9D;AAuCV;AADI,IAAM,aAAN,MAAiB;AAAA,EAAjB;AAiCL,yBAAwB;AAYxB,mBAAyB;AAGzB,qBAAkB,oBAAI,KAAK;AAAA;AAC7B;AA7CE;AAAA,EADC,WAAW,EAAE,MAAM,QAAQ,YAAY,oBAAoB,CAAC;AAAA,GAHlD,WAIX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,aAAa,MAAM,OAAO,CAAC;AAAA,GANlC,WAOX;AAIA;AAAA,EAFC,SAAS,EAAE,MAAM,aAAa,MAAM,OAAO,CAAC;AAAA,EAC5C,MAAM,EAAE,MAAM,gCAAgC,CAAC;AAAA,GAVrC,WAWX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,mBAAmB,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GAbxD,WAcX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,aAAa,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GAhBlD,WAiBX;AAIA;AAAA,EAFC,SAAS,EAAE,MAAM,kBAAkB,MAAM,OAAO,CAAC;AAAA,EACjD,MAAM,EAAE,MAAM,iCAAiC,CAAC;AAAA,GApBtC,WAqBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,aAAa,MAAM,OAAO,CAAC;AAAA,GAvBlC,WAwBX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,aAAa,MAAM,OAAO,CAAC;AAAA,GA1BlC,WA2BX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,aAAa,MAAM,MAAM,CAAC;AAAA,GA7BjC,WA8BX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,kBAAkB,MAAM,QAAQ,SAAS,QAAQ,CAAC;AAAA,GAhCzD,WAiCX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,gBAAgB,MAAM,OAAO,CAAC;AAAA,GAnCrC,WAoCX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,oBAAoB,MAAM,SAAS,UAAU,KAAK,CAAC;AAAA,GAtC1D,WAuCX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,OAAO,MAAM,OAAO,CAAC;AAAA,GAzC5B,WA0CX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,WAAW,MAAM,QAAQ,UAAU,KAAK,CAAC;AAAA,GA5ChD,WA6CX;AAGA;AAAA,EADC,SAAS,EAAE,MAAM,cAAc,MAAM,MAAM,UAAU,MAAM,oBAAI,KAAK,EAAE,CAAC;AAAA,GA/C7D,WAgDX;AAhDW,aAAN;AAAA,EADN,OAAO,EAAE,WAAW,cAAc,CAAC;AAAA,GACvB;",
   "names": []
 }

package/dist/modules/attachments/lib/ocrQueue.js CHANGED Viewed

@@ -27,7 +27,7 @@ async function processAttachmentOcr(em, payload) {
       return;
     }
     attachment.content = result.content;
-    await em.persistAndFlush(attachment);
+    await em.persist(attachment).flush();
     console.log(`[attachments.ocr] Processing completed:`, {
       attachmentId,
       pageCount: result.pageCount,

package/dist/modules/attachments/lib/ocrQueue.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../src/modules/attachments/lib/ocrQueue.ts"],
-  "sourcesContent": ["import type { EntityManager } from '@mikro-orm/postgresql'\nimport { Attachment, AttachmentPartition } from '../data/entities'\nimport { OcrService } from './ocrService'\n\nexport type OcrRequestedEvent = {\n  attachmentId: string\n  filePath: string\n  mimeType: string\n  partitionCode: string\n  organizationId: string | null\n  tenantId: string | null\n}\n\nexport async function processAttachmentOcr(\n  em: EntityManager,\n  payload: OcrRequestedEvent\n): Promise<void> {\n  const { attachmentId, filePath, mimeType, partitionCode } = payload\n\n  console.log(`[attachments.ocr] Processing started for attachment: ${attachmentId}`)\n  const startTime = Date.now()\n\n  try {\n    const partition = await em.findOne(AttachmentPartition, { code: partitionCode })\n    const resolvedModel = partition?.ocrModel ?? process.env.OCR_MODEL ?? 'gpt-4o'\n\n    const ocrService = new OcrService()\n\n    if (!ocrService.available) {\n      console.warn(`[attachments.ocr] OPENAI_API_KEY not configured, skipping OCR for: ${attachmentId}`)\n      return\n    }\n\n    const result = await ocrService.processFile({\n      filePath,\n      mimeType,\n      model: resolvedModel,\n    })\n\n    if (!result) {\n      console.log(`[attachments.ocr] No content extracted for attachment: ${attachmentId}`)\n      return\n    }\n\n    const attachment = await em.findOne(Attachment, { id: attachmentId })\n    if (!attachment) {\n      console.error(`[attachments.ocr] Attachment not found: ${attachmentId}`)\n      return\n    }\n\n    attachment.content = result.content\n    await em.persistAndFlush(attachment)\n\n    console.log(`[attachments.ocr] Processing completed:`, {\n      attachmentId,\n      pageCount: result.pageCount,\n      contentLength: result.content.length,\n      timeMs: result.processingTimeMs,\n      totalTimeMs: Date.now() - startTime,\n    })\n  } catch (error) {\n    console.error(`[attachments.ocr] Processing failed:`, {\n      attachmentId,\n      error: error instanceof Error ? error.message : String(error),\n    })\n  }\n}\n\nexport async function requestOcrProcessing(\n  em: EntityManager,\n  attachment: Attachment,\n  filePath: string\n): Promise<void> {\n  const payload: OcrRequestedEvent = {\n    attachmentId: attachment.id,\n    filePath,\n    mimeType: attachment.mimeType,\n    partitionCode: attachment.partitionCode,\n    organizationId: attachment.organizationId ?? null,\n    tenantId: attachment.tenantId ?? null,\n  }\n\n  setImmediate(() => {\n    const workerEm = typeof (em as any)?.fork === 'function' ? (em as any).fork() : em\n    processAttachmentOcr(workerEm, payload).catch((error) => {\n      console.error(`[attachments.ocr] Background processing error:`, error)\n    })\n  })\n}\n"],
-  "mappings": "AACA,SAAS,YAAY,2BAA2B;AAChD,SAAS,kBAAkB;AAW3B,eAAsB,qBACpB,IACA,SACe;AACf,QAAM,EAAE,cAAc,UAAU,UAAU,cAAc,IAAI;AAE5D,UAAQ,IAAI,wDAAwD,YAAY,EAAE;AAClF,QAAM,YAAY,KAAK,IAAI;AAE3B,MAAI;AACF,UAAM,YAAY,MAAM,GAAG,QAAQ,qBAAqB,EAAE,MAAM,cAAc,CAAC;AAC/E,UAAM,gBAAgB,WAAW,YAAY,QAAQ,IAAI,aAAa;AAEtE,UAAM,aAAa,IAAI,WAAW;AAElC,QAAI,CAAC,WAAW,WAAW;AACzB,cAAQ,KAAK,sEAAsE,YAAY,EAAE;AACjG;AAAA,IACF;AAEA,UAAM,SAAS,MAAM,WAAW,YAAY;AAAA,MAC1C;AAAA,MACA;AAAA,MACA,OAAO;AAAA,IACT,CAAC;AAED,QAAI,CAAC,QAAQ;AACX,cAAQ,IAAI,0DAA0D,YAAY,EAAE;AACpF;AAAA,IACF;AAEA,UAAM,aAAa,MAAM,GAAG,QAAQ,YAAY,EAAE,IAAI,aAAa,CAAC;AACpE,QAAI,CAAC,YAAY;AACf,cAAQ,MAAM,2CAA2C,YAAY,EAAE;AACvE;AAAA,IACF;AAEA,eAAW,UAAU,OAAO;AAC5B,UAAM,GAAG,gBAAgB,UAAU;AAEnC,YAAQ,IAAI,2CAA2C;AAAA,MACrD;AAAA,MACA,WAAW,OAAO;AAAA,MAClB,eAAe,OAAO,QAAQ;AAAA,MAC9B,QAAQ,OAAO;AAAA,MACf,aAAa,KAAK,IAAI,IAAI;AAAA,IAC5B,CAAC;AAAA,EACH,SAAS,OAAO;AACd,YAAQ,MAAM,wCAAwC;AAAA,MACpD;AAAA,MACA,OAAO,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK;AAAA,IAC9D,CAAC;AAAA,EACH;AACF;AAEA,eAAsB,qBACpB,IACA,YACA,UACe;AACf,QAAM,UAA6B;AAAA,IACjC,cAAc,WAAW;AAAA,IACzB;AAAA,IACA,UAAU,WAAW;AAAA,IACrB,eAAe,WAAW;AAAA,IAC1B,gBAAgB,WAAW,kBAAkB;AAAA,IAC7C,UAAU,WAAW,YAAY;AAAA,EACnC;AAEA,eAAa,MAAM;AACjB,UAAM,WAAW,OAAQ,IAAY,SAAS,aAAc,GAAW,KAAK,IAAI;AAChF,yBAAqB,UAAU,OAAO,EAAE,MAAM,CAAC,UAAU;AACvD,cAAQ,MAAM,kDAAkD,KAAK;AAAA,IACvE,CAAC;AAAA,EACH,CAAC;AACH;",
+  "sourcesContent": ["import type { EntityManager } from '@mikro-orm/postgresql'\nimport { Attachment, AttachmentPartition } from '../data/entities'\nimport { OcrService } from './ocrService'\n\nexport type OcrRequestedEvent = {\n  attachmentId: string\n  filePath: string\n  mimeType: string\n  partitionCode: string\n  organizationId: string | null\n  tenantId: string | null\n}\n\nexport async function processAttachmentOcr(\n  em: EntityManager,\n  payload: OcrRequestedEvent\n): Promise<void> {\n  const { attachmentId, filePath, mimeType, partitionCode } = payload\n\n  console.log(`[attachments.ocr] Processing started for attachment: ${attachmentId}`)\n  const startTime = Date.now()\n\n  try {\n    const partition = await em.findOne(AttachmentPartition, { code: partitionCode })\n    const resolvedModel = partition?.ocrModel ?? process.env.OCR_MODEL ?? 'gpt-4o'\n\n    const ocrService = new OcrService()\n\n    if (!ocrService.available) {\n      console.warn(`[attachments.ocr] OPENAI_API_KEY not configured, skipping OCR for: ${attachmentId}`)\n      return\n    }\n\n    const result = await ocrService.processFile({\n      filePath,\n      mimeType,\n      model: resolvedModel,\n    })\n\n    if (!result) {\n      console.log(`[attachments.ocr] No content extracted for attachment: ${attachmentId}`)\n      return\n    }\n\n    const attachment = await em.findOne(Attachment, { id: attachmentId })\n    if (!attachment) {\n      console.error(`[attachments.ocr] Attachment not found: ${attachmentId}`)\n      return\n    }\n\n    attachment.content = result.content\n    await em.persist(attachment).flush()\n\n    console.log(`[attachments.ocr] Processing completed:`, {\n      attachmentId,\n      pageCount: result.pageCount,\n      contentLength: result.content.length,\n      timeMs: result.processingTimeMs,\n      totalTimeMs: Date.now() - startTime,\n    })\n  } catch (error) {\n    console.error(`[attachments.ocr] Processing failed:`, {\n      attachmentId,\n      error: error instanceof Error ? error.message : String(error),\n    })\n  }\n}\n\nexport async function requestOcrProcessing(\n  em: EntityManager,\n  attachment: Attachment,\n  filePath: string\n): Promise<void> {\n  const payload: OcrRequestedEvent = {\n    attachmentId: attachment.id,\n    filePath,\n    mimeType: attachment.mimeType,\n    partitionCode: attachment.partitionCode,\n    organizationId: attachment.organizationId ?? null,\n    tenantId: attachment.tenantId ?? null,\n  }\n\n  setImmediate(() => {\n    const workerEm = typeof (em as any)?.fork === 'function' ? (em as any).fork() : em\n    processAttachmentOcr(workerEm, payload).catch((error) => {\n      console.error(`[attachments.ocr] Background processing error:`, error)\n    })\n  })\n}\n"],
+  "mappings": "AACA,SAAS,YAAY,2BAA2B;AAChD,SAAS,kBAAkB;AAW3B,eAAsB,qBACpB,IACA,SACe;AACf,QAAM,EAAE,cAAc,UAAU,UAAU,cAAc,IAAI;AAE5D,UAAQ,IAAI,wDAAwD,YAAY,EAAE;AAClF,QAAM,YAAY,KAAK,IAAI;AAE3B,MAAI;AACF,UAAM,YAAY,MAAM,GAAG,QAAQ,qBAAqB,EAAE,MAAM,cAAc,CAAC;AAC/E,UAAM,gBAAgB,WAAW,YAAY,QAAQ,IAAI,aAAa;AAEtE,UAAM,aAAa,IAAI,WAAW;AAElC,QAAI,CAAC,WAAW,WAAW;AACzB,cAAQ,KAAK,sEAAsE,YAAY,EAAE;AACjG;AAAA,IACF;AAEA,UAAM,SAAS,MAAM,WAAW,YAAY;AAAA,MAC1C;AAAA,MACA;AAAA,MACA,OAAO;AAAA,IACT,CAAC;AAED,QAAI,CAAC,QAAQ;AACX,cAAQ,IAAI,0DAA0D,YAAY,EAAE;AACpF;AAAA,IACF;AAEA,UAAM,aAAa,MAAM,GAAG,QAAQ,YAAY,EAAE,IAAI,aAAa,CAAC;AACpE,QAAI,CAAC,YAAY;AACf,cAAQ,MAAM,2CAA2C,YAAY,EAAE;AACvE;AAAA,IACF;AAEA,eAAW,UAAU,OAAO;AAC5B,UAAM,GAAG,QAAQ,UAAU,EAAE,MAAM;AAEnC,YAAQ,IAAI,2CAA2C;AAAA,MACrD;AAAA,MACA,WAAW,OAAO;AAAA,MAClB,eAAe,OAAO,QAAQ;AAAA,MAC9B,QAAQ,OAAO;AAAA,MACf,aAAa,KAAK,IAAI,IAAI;AAAA,IAC5B,CAAC;AAAA,EACH,SAAS,OAAO;AACd,YAAQ,MAAM,wCAAwC;AAAA,MACpD;AAAA,MACA,OAAO,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK;AAAA,IAC9D,CAAC;AAAA,EACH;AACF;AAEA,eAAsB,qBACpB,IACA,YACA,UACe;AACf,QAAM,UAA6B;AAAA,IACjC,cAAc,WAAW;AAAA,IACzB;AAAA,IACA,UAAU,WAAW;AAAA,IACrB,eAAe,WAAW;AAAA,IAC1B,gBAAgB,WAAW,kBAAkB;AAAA,IAC7C,UAAU,WAAW,YAAY;AAAA,EACnC;AAEA,eAAa,MAAM;AACjB,UAAM,WAAW,OAAQ,IAAY,SAAS,aAAc,GAAW,KAAK,IAAI;AAChF,yBAAqB,UAAU,OAAO,EAAE,MAAM,CAAC,UAAU;AACvD,cAAQ,MAAM,kDAAkD,KAAK;AAAA,IACvE,CAAC;AAAA,EACH,CAAC;AACH;",
   "names": []
 }

package/dist/modules/audit_logs/api/audit-logs/actions/export/route.js.map CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../../../../../../src/modules/audit_logs/api/audit-logs/actions/export/route.ts"],
-  "sourcesContent": ["import { NextResponse } from 'next/server'\nimport { z } from 'zod'\nimport type { EntityManager } from '@mikro-orm/postgresql'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'\nimport { defaultExportFilename, serializeExport, type PreparedExport } from '@open-mercato/shared/lib/crud/exporters'\nimport type { OpenApiRouteDoc } from '@open-mercato/shared/lib/openapi'\nimport { parseBooleanToken } from '@open-mercato/shared/lib/boolean'\nimport { resolveFeatureCheckContext } from '@open-mercato/core/modules/directory/utils/organizationScope'\nimport type { RbacService } from '@open-mercato/core/modules/auth/services/rbacService'\nimport { extractChangeRows } from '@open-mercato/core/modules/audit_logs/lib/changeRows'\nimport {\n  ACTION_LOG_FILTER_TYPES,\n  deriveActionLogActionType,\n  deriveActionLogSource,\n} from '@open-mercato/core/modules/audit_logs/lib/projections'\nimport { ActionLogService } from '@open-mercato/core/modules/audit_logs/services/actionLogService'\nimport { loadAuditLogDisplayMaps } from '../../display'\n\nexport const metadata = {\n  GET: { requireAuth: true, requireFeatures: ['audit_logs.view_self'] },\n}\n\nconst ACTION_TYPE_TOKENS = ACTION_LOG_FILTER_TYPES\nconst SORT_FIELDS = ['createdAt', 'user', 'action', 'field', 'source'] as const\nconst SORT_DIRECTIONS = ['asc', 'desc'] as const\n\nconst exportQuerySchema = z.object({\n  organizationId: z.string().uuid().describe('Limit results to a specific organization').optional(),\n  actorUserId: z\n    .string()\n    .describe('Filter logs created by specific actor IDs (tenant administrators only). Accepts a single UUID or a comma-separated UUID list.')\n    .optional(),\n  resourceKind: z.string().describe('Filter by resource kind (e.g., \"order\", \"product\")').optional(),\n  resourceId: z.string().describe('Filter by resource ID (UUID of the specific record)').optional(),\n  actionType: z\n    .string()\n    .describe('Filter by action type (`create`, `edit`, `delete`, `assign`). Accepts a single value or a comma-separated list.')\n    .optional(),\n  fieldName: z\n    .string()\n    .describe('Filter to entries where the given field changed. Accepts a single field name or a comma-separated list.')\n    .optional(),\n  includeRelated: z\n    .enum(['true', 'false'])\n    .default('false')\n    .describe('When `true`, also returns changes to child entities linked via parentResourceKind/parentResourceId')\n    .optional(),\n  undoableOnly: z\n    .enum(['true', 'false'])\n    .default('false')\n    .describe('When `true`, only undoable actions are returned')\n    .optional(),\n  limit: z.string().describe('Maximum number of records to export (default 1000, capped at 1000)').optional(),\n  sortField: z\n    .enum(SORT_FIELDS)\n    .describe('Sort field: `createdAt`, `user`, `action`, `field`, or `source`.')\n    .optional(),\n  sortDir: z\n    .enum(SORT_DIRECTIONS)\n    .describe('Sort direction: `asc` or `desc`.')\n    .optional(),\n  before: z.string().describe('Return actions created before this ISO-8601 timestamp').optional(),\n  after: z.string().describe('Return actions created after this ISO-8601 timestamp').optional(),\n})\n\nconst responseSchema = z.object({\n  file: z.literal('csv'),\n})\n\nconst errorSchema = z.object({\n  error: z.string(),\n})\n\nfunction splitCsv(value: string | null): string[] {\n  if (!value) return []\n  return value\n    .split(',')\n    .map((entry) => entry.trim())\n    .filter(Boolean)\n}\n\nfunction parseActionTypes(param: string | null) {\n  return splitCsv(param).filter((value): value is (typeof ACTION_TYPE_TOKENS)[number] =>\n    ACTION_TYPE_TOKENS.includes(value as (typeof ACTION_TYPE_TOKENS)[number]),\n  )\n}\n\nfunction parseLimit(param: string | null): number {\n  if (!param) return 1000\n  const value = Number(param)\n  if (!Number.isFinite(value)) return 1000\n  return Math.min(Math.max(Math.trunc(value), 1), 1000)\n}\n\nfunction parseDate(value: string | null): Date | undefined {\n  if (!value) return undefined\n  const timestamp = Date.parse(value)\n  if (Number.isNaN(timestamp)) return undefined\n  return new Date(timestamp)\n}\n\nfunction formatValue(value: unknown): string {\n  if (value == null) return ''\n  if (value instanceof Date) return value.toISOString()\n  if (Array.isArray(value)) return value.map((entry) => formatValue(entry)).filter(Boolean).join(', ')\n  if (typeof value === 'object') return JSON.stringify(value)\n  return String(value)\n}\n\nexport async function GET(req: Request) {\n  const auth = await getAuthFromRequest(req)\n  if (!auth) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n\n  const container = await createRequestContainer()\n  const { organizationId: defaultOrganizationId, scope } = await resolveFeatureCheckContext({ container, auth, request: req })\n  const rbac = container.resolve('rbacService') as RbacService\n  const actionLogs = container.resolve('actionLogService') as ActionLogService\n  const em = container.resolve('em') as EntityManager\n\n  const canViewTenant = await rbac.userHasAllFeatures(\n    auth.sub,\n    ['audit_logs.view_tenant'],\n    { tenantId: auth.tenantId ?? null, organizationId: defaultOrganizationId ?? null },\n  )\n\n  const url = new URL(req.url)\n  const queryOrgId = url.searchParams.get('organizationId')\n  const actorQuery = url.searchParams.get('actorUserId')\n  const resourceKind = url.searchParams.get('resourceKind') ?? undefined\n  const resourceId = url.searchParams.get('resourceId') ?? undefined\n  const actionTypes = parseActionTypes(url.searchParams.get('actionType'))\n  const fieldNames = splitCsv(url.searchParams.get('fieldName'))\n  const includeRelated = parseBooleanToken(url.searchParams.get('includeRelated')) === true\n  const undoableOnly = parseBooleanToken(url.searchParams.get('undoableOnly')) === true\n  const limit = parseLimit(url.searchParams.get('limit'))\n  const sortField = SORT_FIELDS.find((value) => value === url.searchParams.get('sortField')) ?? 'createdAt'\n  const sortDir = SORT_DIRECTIONS.find((value) => value === url.searchParams.get('sortDir')) ?? 'desc'\n  const before = parseDate(url.searchParams.get('before'))\n  const after = parseDate(url.searchParams.get('after'))\n\n  let organizationId = defaultOrganizationId\n  if (queryOrgId) {\n    if (scope.allowedIds === null || scope.allowedIds.includes(queryOrgId)) {\n      organizationId = queryOrgId\n    }\n  }\n\n  let actorUserId: string | undefined = canViewTenant ? undefined : auth.sub\n  let actorUserIds: string[] | undefined\n  if (canViewTenant && actorQuery) {\n    const parsedActorUserIds = splitCsv(actorQuery)\n    if (parsedActorUserIds.length === 1) {\n      actorUserId = parsedActorUserIds[0]\n    } else if (parsedActorUserIds.length > 1) {\n      actorUserId = undefined\n      actorUserIds = parsedActorUserIds\n    }\n  }\n\n  const entriesResult = await actionLogs.list({\n    tenantId: auth.tenantId ?? undefined,\n    organizationId: organizationId ?? undefined,\n    actorUserId,\n    actorUserIds,\n    resourceKind,\n    resourceId,\n    actionTypes,\n    fieldNames,\n    includeRelated,\n    undoableOnly,\n    sortField,\n    sortDir,\n    limit,\n    before,\n    after,\n  })\n  const entries = entriesResult.items\n\n  const displayMaps = await loadAuditLogDisplayMaps(em, {\n    userIds: entries.map((entry) => entry.actorUserId).filter((value): value is string => Boolean(value)),\n    tenantIds: entries.map((entry) => entry.tenantId).filter((value): value is string => Boolean(value)),\n    organizationIds: entries.map((entry) => entry.organizationId).filter((value): value is string => Boolean(value)),\n  })\n\n  const rows = entries.flatMap((entry) => {\n    const actionType = deriveActionLogActionType(entry)\n    const actionLabel = actionType === 'system'\n      ? entry.actionLabel ?? 'System'\n      : actionType.charAt(0).toUpperCase() + actionType.slice(1)\n    const baseRow = {\n      when: entry.createdAt?.toISOString?.() ?? '',\n      user: entry.actorUserId ? displayMaps.users[entry.actorUserId] ?? entry.actorUserId : 'System',\n      action: actionLabel,\n      source: deriveActionLogSource(entry.contextJson, entry.actorUserId).toUpperCase(),\n    }\n    const changes = extractChangeRows(entry.changesJson, entry.snapshotBefore)\n\n    if (changes.length === 0) {\n      return [{\n        ...baseRow,\n        field: '',\n        oldValue: '',\n        newValue: '',\n      }]\n    }\n\n    return changes.map((change) => {\n      return {\n        ...baseRow,\n        field: change.field,\n        oldValue: formatValue(change.from),\n        newValue: formatValue(change.to),\n      }\n    })\n  })\n\n  const prepared: PreparedExport = {\n    columns: [\n      { field: 'when', header: 'When' },\n      { field: 'user', header: 'User' },\n      { field: 'action', header: 'Action' },\n      { field: 'field', header: 'Field' },\n      { field: 'oldValue', header: 'Old Value' },\n      { field: 'newValue', header: 'New Value' },\n      { field: 'source', header: 'Source' },\n    ],\n    rows,\n  }\n\n  const serialized = serializeExport(prepared, 'csv')\n  const filename = defaultExportFilename('changelog-export', 'csv')\n\n  return new Response(serialized.body, {\n    headers: {\n      'content-type': serialized.contentType,\n      'content-disposition': `attachment; filename=\"${filename}\"`,\n    },\n  })\n}\n\nexport const openApi: OpenApiRouteDoc = {\n  summary: 'Export action audit logs',\n  description: 'Exports filtered action audit log entries for the current tenant as CSV.',\n  methods: {\n    GET: {\n      summary: 'Export action logs as CSV',\n      description:\n        'Returns a CSV attachment containing filtered action audit log entries. Tenant administrators can widen the scope to other actors or organizations.',\n      query: exportQuerySchema,\n      responses: [\n        { status: 200, description: 'CSV export generated successfully', schema: responseSchema },\n      ],\n      errors: [\n        { status: 400, description: 'Invalid filter values', schema: errorSchema },\n        { status: 401, description: 'Authentication required', schema: errorSchema },\n      ],\n    },\n  },\n}\n"],
-  "mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,SAAS;AAElB,SAAS,8BAA8B;AACvC,SAAS,0BAA0B;AACnC,SAAS,uBAAuB,uBAA4C;AAE5E,SAAS,yBAAyB;AAClC,SAAS,kCAAkC;AAE3C,SAAS,yBAAyB;AAClC;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,OACK;AAEP,SAAS,+BAA+B;AAEjC,MAAM,WAAW;AAAA,EACtB,KAAK,EAAE,aAAa,MAAM,iBAAiB,CAAC,sBAAsB,EAAE;AACtE;AAEA,MAAM,qBAAqB;AAC3B,MAAM,cAAc,CAAC,aAAa,QAAQ,UAAU,SAAS,QAAQ;AACrE,MAAM,kBAAkB,CAAC,OAAO,MAAM;AAEtC,MAAM,oBAAoB,EAAE,OAAO;AAAA,EACjC,gBAAgB,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,0CAA0C,EAAE,SAAS;AAAA,EAChG,aAAa,EACV,OAAO,EACP,SAAS,+HAA+H,EACxI,SAAS;AAAA,EACZ,cAAc,EAAE,OAAO,EAAE,SAAS,oDAAoD,EAAE,SAAS;AAAA,EACjG,YAAY,EAAE,OAAO,EAAE,SAAS,qDAAqD,EAAE,SAAS;AAAA,EAChG,YAAY,EACT,OAAO,EACP,SAAS,iHAAiH,EAC1H,SAAS;AAAA,EACZ,WAAW,EACR,OAAO,EACP,SAAS,yGAAyG,EAClH,SAAS;AAAA,EACZ,gBAAgB,EACb,KAAK,CAAC,QAAQ,OAAO,CAAC,EACtB,QAAQ,OAAO,EACf,SAAS,oGAAoG,EAC7G,SAAS;AAAA,EACZ,cAAc,EACX,KAAK,CAAC,QAAQ,OAAO,CAAC,EACtB,QAAQ,OAAO,EACf,SAAS,iDAAiD,EAC1D,SAAS;AAAA,EACZ,OAAO,EAAE,OAAO,EAAE,SAAS,oEAAoE,EAAE,SAAS;AAAA,EAC1G,WAAW,EACR,KAAK,WAAW,EAChB,SAAS,kEAAkE,EAC3E,SAAS;AAAA,EACZ,SAAS,EACN,KAAK,eAAe,EACpB,SAAS,kCAAkC,EAC3C,SAAS;AAAA,EACZ,QAAQ,EAAE,OAAO,EAAE,SAAS,uDAAuD,EAAE,SAAS;AAAA,EAC9F,OAAO,EAAE,OAAO,EAAE,SAAS,sDAAsD,EAAE,SAAS;AAC9F,CAAC;AAED,MAAM,iBAAiB,EAAE,OAAO;AAAA,EAC9B,MAAM,EAAE,QAAQ,KAAK;AACvB,CAAC;AAED,MAAM,cAAc,EAAE,OAAO;AAAA,EAC3B,OAAO,EAAE,OAAO;AAClB,CAAC;AAED,SAAS,SAAS,OAAgC;AAChD,MAAI,CAAC,MAAO,QAAO,CAAC;AACpB,SAAO,MACJ,MAAM,GAAG,EACT,IAAI,CAAC,UAAU,MAAM,KAAK,CAAC,EAC3B,OAAO,OAAO;AACnB;AAEA,SAAS,iBAAiB,OAAsB;AAC9C,SAAO,SAAS,KAAK,EAAE;AAAA,IAAO,CAAC,UAC7B,mBAAmB,SAAS,KAA4C;AAAA,EAC1E;AACF;AAEA,SAAS,WAAW,OAA8B;AAChD,MAAI,CAAC,MAAO,QAAO;AACnB,QAAM,QAAQ,OAAO,KAAK;AAC1B,MAAI,CAAC,OAAO,SAAS,KAAK,EAAG,QAAO;AACpC,SAAO,KAAK,IAAI,KAAK,IAAI,KAAK,MAAM,KAAK,GAAG,CAAC,GAAG,GAAI;AACtD;AAEA,SAAS,UAAU,OAAwC;AACzD,MAAI,CAAC,MAAO,QAAO;AACnB,QAAM,YAAY,KAAK,MAAM,KAAK;AAClC,MAAI,OAAO,MAAM,SAAS,EAAG,QAAO;AACpC,SAAO,IAAI,KAAK,SAAS;AAC3B;AAEA,SAAS,YAAY,OAAwB;AAC3C,MAAI,SAAS,KAAM,QAAO;AAC1B,MAAI,iBAAiB,KAAM,QAAO,MAAM,YAAY;AACpD,MAAI,MAAM,QAAQ,KAAK,EAAG,QAAO,MAAM,IAAI,CAAC,UAAU,YAAY,KAAK,CAAC,EAAE,OAAO,OAAO,EAAE,KAAK,IAAI;AACnG,MAAI,OAAO,UAAU,SAAU,QAAO,KAAK,UAAU,KAAK;AAC1D,SAAO,OAAO,KAAK;AACrB;AAEA,eAAsB,IAAI,KAAc;AACtC,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,KAAM,QAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAE9E,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,EAAE,gBAAgB,uBAAuB,MAAM,IAAI,MAAM,2BAA2B,EAAE,WAAW,MAAM,SAAS,IAAI,CAAC;AAC3H,QAAM,OAAO,UAAU,QAAQ,aAAa;AAC5C,QAAM,aAAa,UAAU,QAAQ,kBAAkB;AACvD,QAAM,KAAK,UAAU,QAAQ,IAAI;AAEjC,QAAM,gBAAgB,MAAM,KAAK;AAAA,IAC/B,KAAK;AAAA,IACL,CAAC,wBAAwB;AAAA,IACzB,EAAE,UAAU,KAAK,YAAY,MAAM,gBAAgB,yBAAyB,KAAK;AAAA,EACnF;AAEA,QAAM,MAAM,IAAI,IAAI,IAAI,GAAG;AAC3B,QAAM,aAAa,IAAI,aAAa,IAAI,gBAAgB;AACxD,QAAM,aAAa,IAAI,aAAa,IAAI,aAAa;AACrD,QAAM,eAAe,IAAI,aAAa,IAAI,cAAc,KAAK;AAC7D,QAAM,aAAa,IAAI,aAAa,IAAI,YAAY,KAAK;AACzD,QAAM,cAAc,iBAAiB,IAAI,aAAa,IAAI,YAAY,CAAC;AACvE,QAAM,aAAa,SAAS,IAAI,aAAa,IAAI,WAAW,CAAC;AAC7D,QAAM,iBAAiB,kBAAkB,IAAI,aAAa,IAAI,gBAAgB,CAAC,MAAM;AACrF,QAAM,eAAe,kBAAkB,IAAI,aAAa,IAAI,cAAc,CAAC,MAAM;AACjF,QAAM,QAAQ,WAAW,IAAI,aAAa,IAAI,OAAO,CAAC;AACtD,QAAM,YAAY,YAAY,KAAK,CAAC,UAAU,UAAU,IAAI,aAAa,IAAI,WAAW,CAAC,KAAK;AAC9F,QAAM,UAAU,gBAAgB,KAAK,CAAC,UAAU,UAAU,IAAI,aAAa,IAAI,SAAS,CAAC,KAAK;AAC9F,QAAM,SAAS,UAAU,IAAI,aAAa,IAAI,QAAQ,CAAC;AACvD,QAAM,QAAQ,UAAU,IAAI,aAAa,IAAI,OAAO,CAAC;AAErD,MAAI,iBAAiB;AACrB,MAAI,YAAY;AACd,QAAI,MAAM,eAAe,QAAQ,MAAM,WAAW,SAAS,UAAU,GAAG;AACtE,uBAAiB;AAAA,IACnB;AAAA,EACF;AAEA,MAAI,cAAkC,gBAAgB,SAAY,KAAK;AACvE,MAAI;AACJ,MAAI,iBAAiB,YAAY;AAC/B,UAAM,qBAAqB,SAAS,UAAU;AAC9C,QAAI,mBAAmB,WAAW,GAAG;AACnC,oBAAc,mBAAmB,CAAC;AAAA,IACpC,WAAW,mBAAmB,SAAS,GAAG;AACxC,oBAAc;AACd,qBAAe;AAAA,IACjB;AAAA,EACF;AAEA,QAAM,gBAAgB,MAAM,WAAW,KAAK;AAAA,IAC1C,UAAU,KAAK,YAAY;AAAA,IAC3B,gBAAgB,kBAAkB;AAAA,IAClC;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AACD,QAAM,UAAU,cAAc;AAE9B,QAAM,cAAc,MAAM,wBAAwB,IAAI;AAAA,IACpD,SAAS,QAAQ,IAAI,CAAC,UAAU,MAAM,WAAW,EAAE,OAAO,CAAC,UAA2B,QAAQ,KAAK,CAAC;AAAA,IACpG,WAAW,QAAQ,IAAI,CAAC,UAAU,MAAM,QAAQ,EAAE,OAAO,CAAC,UAA2B,QAAQ,KAAK,CAAC;AAAA,IACnG,iBAAiB,QAAQ,IAAI,CAAC,UAAU,MAAM,cAAc,EAAE,OAAO,CAAC,UAA2B,QAAQ,KAAK,CAAC;AAAA,EACjH,CAAC;AAED,QAAM,OAAO,QAAQ,QAAQ,CAAC,UAAU;AACtC,UAAM,aAAa,0BAA0B,KAAK;AAClD,UAAM,cAAc,eAAe,WAC/B,MAAM,eAAe,WACrB,WAAW,OAAO,CAAC,EAAE,YAAY,IAAI,WAAW,MAAM,CAAC;AAC3D,UAAM,UAAU;AAAA,MACd,MAAM,MAAM,WAAW,cAAc,KAAK;AAAA,MAC1C,MAAM,MAAM,cAAc,YAAY,MAAM,MAAM,WAAW,KAAK,MAAM,cAAc;AAAA,MACtF,QAAQ;AAAA,MACR,QAAQ,sBAAsB,MAAM,aAAa,MAAM,WAAW,EAAE,YAAY;AAAA,IAClF;AACA,UAAM,UAAU,kBAAkB,MAAM,aAAa,MAAM,cAAc;AAEzE,QAAI,QAAQ,WAAW,GAAG;AACxB,aAAO,CAAC;AAAA,QACN,GAAG;AAAA,QACH,OAAO;AAAA,QACP,UAAU;AAAA,QACV,UAAU;AAAA,MACZ,CAAC;AAAA,IACH;AAEA,WAAO,QAAQ,IAAI,CAAC,WAAW;AAC7B,aAAO;AAAA,QACL,GAAG;AAAA,QACH,OAAO,OAAO;AAAA,QACd,UAAU,YAAY,OAAO,IAAI;AAAA,QACjC,UAAU,YAAY,OAAO,EAAE;AAAA,MACjC;AAAA,IACF,CAAC;AAAA,EACH,CAAC;AAED,QAAM,WAA2B;AAAA,IAC/B,SAAS;AAAA,MACP,EAAE,OAAO,QAAQ,QAAQ,OAAO;AAAA,MAChC,EAAE,OAAO,QAAQ,QAAQ,OAAO;AAAA,MAChC,EAAE,OAAO,UAAU,QAAQ,SAAS;AAAA,MACpC,EAAE,OAAO,SAAS,QAAQ,QAAQ;AAAA,MAClC,EAAE,OAAO,YAAY,QAAQ,YAAY;AAAA,MACzC,EAAE,OAAO,YAAY,QAAQ,YAAY;AAAA,MACzC,EAAE,OAAO,UAAU,QAAQ,SAAS;AAAA,IACtC;AAAA,IACA;AAAA,EACF;AAEA,QAAM,aAAa,gBAAgB,UAAU,KAAK;AAClD,QAAM,WAAW,sBAAsB,oBAAoB,KAAK;AAEhE,SAAO,IAAI,SAAS,WAAW,MAAM;AAAA,IACnC,SAAS;AAAA,MACP,gBAAgB,WAAW;AAAA,MAC3B,uBAAuB,yBAAyB,QAAQ;AAAA,IAC1D;AAAA,EACF,CAAC;AACH;AAEO,MAAM,UAA2B;AAAA,EACtC,SAAS;AAAA,EACT,aAAa;AAAA,EACb,SAAS;AAAA,IACP,KAAK;AAAA,MACH,SAAS;AAAA,MACT,aACE;AAAA,MACF,OAAO;AAAA,MACP,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,qCAAqC,QAAQ,eAAe;AAAA,MAC1F;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,yBAAyB,QAAQ,YAAY;AAAA,QACzE,EAAE,QAAQ,KAAK,aAAa,2BAA2B,QAAQ,YAAY;AAAA,MAC7E;AAAA,IACF;AAAA,EACF;AACF;",
+  "sourcesContent": ["import { NextResponse } from 'next/server'\nimport { z } from 'zod'\nimport type { EntityManager } from '@mikro-orm/postgresql'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'\nimport { defaultExportFilename, serializeExport, type PreparedExport } from '@open-mercato/shared/lib/crud/exporters'\nimport type { OpenApiRouteDoc } from '@open-mercato/shared/lib/openapi'\nimport { parseBooleanToken } from '@open-mercato/shared/lib/boolean'\nimport { resolveFeatureCheckContext } from '@open-mercato/core/modules/directory/utils/organizationScope'\nimport type { RbacService } from '@open-mercato/core/modules/auth/services/rbacService'\nimport { extractChangeRows } from '@open-mercato/core/modules/audit_logs/lib/changeRows'\nimport {\n  ACTION_LOG_FILTER_TYPES,\n  deriveActionLogActionType,\n  deriveActionLogSource,\n} from '@open-mercato/core/modules/audit_logs/lib/projections'\nimport { ActionLogService } from '@open-mercato/core/modules/audit_logs/services/actionLogService'\nimport { loadAuditLogDisplayMaps } from '../../display'\n\nexport const metadata = {\n  GET: { requireAuth: true, requireFeatures: ['audit_logs.view_self'] },\n}\n\nconst ACTION_TYPE_TOKENS = ACTION_LOG_FILTER_TYPES\nconst SORT_FIELDS = ['createdAt', 'user', 'action', 'field', 'source'] as const\nconst SORT_DIRECTIONS = ['asc', 'desc'] as const\n\nconst exportQuerySchema = z.object({\n  organizationId: z.string().uuid().describe('Limit results to a specific organization').optional(),\n  actorUserId: z\n    .string()\n    .describe('Filter logs created by specific actor IDs (tenant administrators only). Accepts a single UUID or a comma-separated UUID list.')\n    .optional(),\n  resourceKind: z.string().describe('Filter by resource kind (e.g., \"order\", \"product\")').optional(),\n  resourceId: z.string().describe('Filter by resource ID (UUID of the specific record)').optional(),\n  actionType: z\n    .string()\n    .describe('Filter by action type (`create`, `edit`, `delete`, `assign`). Accepts a single value or a comma-separated list.')\n    .optional(),\n  fieldName: z\n    .string()\n    .describe('Filter to entries where the given field changed. Accepts a single field name or a comma-separated list.')\n    .optional(),\n  includeRelated: z\n    .enum(['true', 'false'])\n    .default('false')\n    .describe('When `true`, also returns changes to child entities linked via parentResourceKind/parentResourceId')\n    .optional(),\n  undoableOnly: z\n    .enum(['true', 'false'])\n    .default('false')\n    .describe('When `true`, only undoable actions are returned')\n    .optional(),\n  limit: z.string().describe('Maximum number of records to export (default 1000, capped at 1000)').optional(),\n  sortField: z\n    .enum(SORT_FIELDS)\n    .describe('Sort field: `createdAt`, `user`, `action`, `field`, or `source`.')\n    .optional(),\n  sortDir: z\n    .enum(SORT_DIRECTIONS)\n    .describe('Sort direction: `asc` or `desc`.')\n    .optional(),\n  before: z.string().describe('Return actions created before this ISO-8601 timestamp').optional(),\n  after: z.string().describe('Return actions created after this ISO-8601 timestamp').optional(),\n})\n\nconst responseSchema = z.object({\n  file: z.literal('csv'),\n})\n\nconst errorSchema = z.object({\n  error: z.string(),\n})\n\nfunction splitCsv(value: string | null): string[] {\n  if (!value) return []\n  return value\n    .split(',')\n    .map((entry) => entry.trim())\n    .filter(Boolean)\n}\n\nfunction parseActionTypes(param: string | null) {\n  return splitCsv(param).filter((value): value is (typeof ACTION_TYPE_TOKENS)[number] =>\n    ACTION_TYPE_TOKENS.includes(value as (typeof ACTION_TYPE_TOKENS)[number]),\n  )\n}\n\nfunction parseLimit(param: string | null): number {\n  if (!param) return 1000\n  const value = Number(param)\n  if (!Number.isFinite(value)) return 1000\n  return Math.min(Math.max(Math.trunc(value), 1), 1000)\n}\n\nfunction parseDate(value: string | null): Date | undefined {\n  if (!value) return undefined\n  const timestamp = Date.parse(value)\n  if (Number.isNaN(timestamp)) return undefined\n  return new Date(timestamp)\n}\n\nfunction formatValue(value: unknown): string {\n  if (value == null) return ''\n  if (value instanceof Date) return value.toISOString()\n  if (Array.isArray(value)) return value.map((entry) => formatValue(entry)).filter(Boolean).join(', ')\n  if (typeof value === 'object') return JSON.stringify(value)\n  return String(value)\n}\n\nexport async function GET(req: Request) {\n  const auth = await getAuthFromRequest(req)\n  if (!auth) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n\n  const container = await createRequestContainer()\n  const { organizationId: defaultOrganizationId, scope } = await resolveFeatureCheckContext({ container, auth, request: req })\n  const rbac = container.resolve('rbacService') as RbacService\n  const actionLogs = container.resolve('actionLogService') as ActionLogService\n  const em = container.resolve('em') as EntityManager\n\n  const canViewTenant = await rbac.userHasAllFeatures(\n    auth.sub,\n    ['audit_logs.view_tenant'],\n    { tenantId: auth.tenantId ?? null, organizationId: defaultOrganizationId ?? null },\n  )\n\n  const url = new URL(req.url)\n  const queryOrgId = url.searchParams.get('organizationId')\n  const actorQuery = url.searchParams.get('actorUserId')\n  const resourceKind = url.searchParams.get('resourceKind') ?? undefined\n  const resourceId = url.searchParams.get('resourceId') ?? undefined\n  const actionTypes = parseActionTypes(url.searchParams.get('actionType'))\n  const fieldNames = splitCsv(url.searchParams.get('fieldName'))\n  const includeRelated = parseBooleanToken(url.searchParams.get('includeRelated')) === true\n  const undoableOnly = parseBooleanToken(url.searchParams.get('undoableOnly')) === true\n  const limit = parseLimit(url.searchParams.get('limit'))\n  const sortField = SORT_FIELDS.find((value) => value === url.searchParams.get('sortField')) ?? 'createdAt'\n  const sortDir = SORT_DIRECTIONS.find((value) => value === url.searchParams.get('sortDir')) ?? 'desc'\n  const before = parseDate(url.searchParams.get('before'))\n  const after = parseDate(url.searchParams.get('after'))\n\n  let organizationId = defaultOrganizationId\n  if (queryOrgId) {\n    if (scope.allowedIds === null || scope.allowedIds.includes(queryOrgId)) {\n      organizationId = queryOrgId\n    }\n  }\n\n  let actorUserId: string | undefined = canViewTenant ? undefined : auth.sub\n  let actorUserIds: string[] | undefined\n  if (canViewTenant && actorQuery) {\n    const parsedActorUserIds = splitCsv(actorQuery)\n    if (parsedActorUserIds.length === 1) {\n      actorUserId = parsedActorUserIds[0]\n    } else if (parsedActorUserIds.length > 1) {\n      actorUserId = undefined\n      actorUserIds = parsedActorUserIds\n    }\n  }\n\n  const entriesResult = await actionLogs.list({\n    tenantId: auth.tenantId ?? undefined,\n    organizationId: organizationId ?? undefined,\n    actorUserId,\n    actorUserIds,\n    resourceKind,\n    resourceId,\n    actionTypes,\n    fieldNames,\n    includeRelated,\n    undoableOnly,\n    sortField,\n    sortDir,\n    limit,\n    before,\n    after,\n  })\n  const entries = entriesResult.items\n\n  const displayMaps = await loadAuditLogDisplayMaps(em, {\n    userIds: entries.map((entry: any) => entry.actorUserId).filter((value: any): value is string => Boolean(value)),\n    tenantIds: entries.map((entry: any) => entry.tenantId).filter((value: any): value is string => Boolean(value)),\n    organizationIds: entries.map((entry: any) => entry.organizationId).filter((value: any): value is string => Boolean(value)),\n  })\n\n  const rows = entries.flatMap((entry: any) => {\n    const actionType = deriveActionLogActionType(entry)\n    const actionLabel = actionType === 'system'\n      ? entry.actionLabel ?? 'System'\n      : actionType.charAt(0).toUpperCase() + actionType.slice(1)\n    const baseRow = {\n      when: entry.createdAt?.toISOString?.() ?? '',\n      user: entry.actorUserId ? displayMaps.users[entry.actorUserId] ?? entry.actorUserId : 'System',\n      action: actionLabel,\n      source: deriveActionLogSource(entry.contextJson, entry.actorUserId).toUpperCase(),\n    }\n    const changes = extractChangeRows(entry.changesJson, entry.snapshotBefore)\n\n    if (changes.length === 0) {\n      return [{\n        ...baseRow,\n        field: '',\n        oldValue: '',\n        newValue: '',\n      }]\n    }\n\n    return changes.map((change) => {\n      return {\n        ...baseRow,\n        field: change.field,\n        oldValue: formatValue(change.from),\n        newValue: formatValue(change.to),\n      }\n    })\n  })\n\n  const prepared: PreparedExport = {\n    columns: [\n      { field: 'when', header: 'When' },\n      { field: 'user', header: 'User' },\n      { field: 'action', header: 'Action' },\n      { field: 'field', header: 'Field' },\n      { field: 'oldValue', header: 'Old Value' },\n      { field: 'newValue', header: 'New Value' },\n      { field: 'source', header: 'Source' },\n    ],\n    rows,\n  }\n\n  const serialized = serializeExport(prepared, 'csv')\n  const filename = defaultExportFilename('changelog-export', 'csv')\n\n  return new Response(serialized.body, {\n    headers: {\n      'content-type': serialized.contentType,\n      'content-disposition': `attachment; filename=\"${filename}\"`,\n    },\n  })\n}\n\nexport const openApi: OpenApiRouteDoc = {\n  summary: 'Export action audit logs',\n  description: 'Exports filtered action audit log entries for the current tenant as CSV.',\n  methods: {\n    GET: {\n      summary: 'Export action logs as CSV',\n      description:\n        'Returns a CSV attachment containing filtered action audit log entries. Tenant administrators can widen the scope to other actors or organizations.',\n      query: exportQuerySchema,\n      responses: [\n        { status: 200, description: 'CSV export generated successfully', schema: responseSchema },\n      ],\n      errors: [\n        { status: 400, description: 'Invalid filter values', schema: errorSchema },\n        { status: 401, description: 'Authentication required', schema: errorSchema },\n      ],\n    },\n  },\n}\n"],
+  "mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,SAAS;AAElB,SAAS,8BAA8B;AACvC,SAAS,0BAA0B;AACnC,SAAS,uBAAuB,uBAA4C;AAE5E,SAAS,yBAAyB;AAClC,SAAS,kCAAkC;AAE3C,SAAS,yBAAyB;AAClC;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,OACK;AAEP,SAAS,+BAA+B;AAEjC,MAAM,WAAW;AAAA,EACtB,KAAK,EAAE,aAAa,MAAM,iBAAiB,CAAC,sBAAsB,EAAE;AACtE;AAEA,MAAM,qBAAqB;AAC3B,MAAM,cAAc,CAAC,aAAa,QAAQ,UAAU,SAAS,QAAQ;AACrE,MAAM,kBAAkB,CAAC,OAAO,MAAM;AAEtC,MAAM,oBAAoB,EAAE,OAAO;AAAA,EACjC,gBAAgB,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,0CAA0C,EAAE,SAAS;AAAA,EAChG,aAAa,EACV,OAAO,EACP,SAAS,+HAA+H,EACxI,SAAS;AAAA,EACZ,cAAc,EAAE,OAAO,EAAE,SAAS,oDAAoD,EAAE,SAAS;AAAA,EACjG,YAAY,EAAE,OAAO,EAAE,SAAS,qDAAqD,EAAE,SAAS;AAAA,EAChG,YAAY,EACT,OAAO,EACP,SAAS,iHAAiH,EAC1H,SAAS;AAAA,EACZ,WAAW,EACR,OAAO,EACP,SAAS,yGAAyG,EAClH,SAAS;AAAA,EACZ,gBAAgB,EACb,KAAK,CAAC,QAAQ,OAAO,CAAC,EACtB,QAAQ,OAAO,EACf,SAAS,oGAAoG,EAC7G,SAAS;AAAA,EACZ,cAAc,EACX,KAAK,CAAC,QAAQ,OAAO,CAAC,EACtB,QAAQ,OAAO,EACf,SAAS,iDAAiD,EAC1D,SAAS;AAAA,EACZ,OAAO,EAAE,OAAO,EAAE,SAAS,oEAAoE,EAAE,SAAS;AAAA,EAC1G,WAAW,EACR,KAAK,WAAW,EAChB,SAAS,kEAAkE,EAC3E,SAAS;AAAA,EACZ,SAAS,EACN,KAAK,eAAe,EACpB,SAAS,kCAAkC,EAC3C,SAAS;AAAA,EACZ,QAAQ,EAAE,OAAO,EAAE,SAAS,uDAAuD,EAAE,SAAS;AAAA,EAC9F,OAAO,EAAE,OAAO,EAAE,SAAS,sDAAsD,EAAE,SAAS;AAC9F,CAAC;AAED,MAAM,iBAAiB,EAAE,OAAO;AAAA,EAC9B,MAAM,EAAE,QAAQ,KAAK;AACvB,CAAC;AAED,MAAM,cAAc,EAAE,OAAO;AAAA,EAC3B,OAAO,EAAE,OAAO;AAClB,CAAC;AAED,SAAS,SAAS,OAAgC;AAChD,MAAI,CAAC,MAAO,QAAO,CAAC;AACpB,SAAO,MACJ,MAAM,GAAG,EACT,IAAI,CAAC,UAAU,MAAM,KAAK,CAAC,EAC3B,OAAO,OAAO;AACnB;AAEA,SAAS,iBAAiB,OAAsB;AAC9C,SAAO,SAAS,KAAK,EAAE;AAAA,IAAO,CAAC,UAC7B,mBAAmB,SAAS,KAA4C;AAAA,EAC1E;AACF;AAEA,SAAS,WAAW,OAA8B;AAChD,MAAI,CAAC,MAAO,QAAO;AACnB,QAAM,QAAQ,OAAO,KAAK;AAC1B,MAAI,CAAC,OAAO,SAAS,KAAK,EAAG,QAAO;AACpC,SAAO,KAAK,IAAI,KAAK,IAAI,KAAK,MAAM,KAAK,GAAG,CAAC,GAAG,GAAI;AACtD;AAEA,SAAS,UAAU,OAAwC;AACzD,MAAI,CAAC,MAAO,QAAO;AACnB,QAAM,YAAY,KAAK,MAAM,KAAK;AAClC,MAAI,OAAO,MAAM,SAAS,EAAG,QAAO;AACpC,SAAO,IAAI,KAAK,SAAS;AAC3B;AAEA,SAAS,YAAY,OAAwB;AAC3C,MAAI,SAAS,KAAM,QAAO;AAC1B,MAAI,iBAAiB,KAAM,QAAO,MAAM,YAAY;AACpD,MAAI,MAAM,QAAQ,KAAK,EAAG,QAAO,MAAM,IAAI,CAAC,UAAU,YAAY,KAAK,CAAC,EAAE,OAAO,OAAO,EAAE,KAAK,IAAI;AACnG,MAAI,OAAO,UAAU,SAAU,QAAO,KAAK,UAAU,KAAK;AAC1D,SAAO,OAAO,KAAK;AACrB;AAEA,eAAsB,IAAI,KAAc;AACtC,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,KAAM,QAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAE9E,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,EAAE,gBAAgB,uBAAuB,MAAM,IAAI,MAAM,2BAA2B,EAAE,WAAW,MAAM,SAAS,IAAI,CAAC;AAC3H,QAAM,OAAO,UAAU,QAAQ,aAAa;AAC5C,QAAM,aAAa,UAAU,QAAQ,kBAAkB;AACvD,QAAM,KAAK,UAAU,QAAQ,IAAI;AAEjC,QAAM,gBAAgB,MAAM,KAAK;AAAA,IAC/B,KAAK;AAAA,IACL,CAAC,wBAAwB;AAAA,IACzB,EAAE,UAAU,KAAK,YAAY,MAAM,gBAAgB,yBAAyB,KAAK;AAAA,EACnF;AAEA,QAAM,MAAM,IAAI,IAAI,IAAI,GAAG;AAC3B,QAAM,aAAa,IAAI,aAAa,IAAI,gBAAgB;AACxD,QAAM,aAAa,IAAI,aAAa,IAAI,aAAa;AACrD,QAAM,eAAe,IAAI,aAAa,IAAI,cAAc,KAAK;AAC7D,QAAM,aAAa,IAAI,aAAa,IAAI,YAAY,KAAK;AACzD,QAAM,cAAc,iBAAiB,IAAI,aAAa,IAAI,YAAY,CAAC;AACvE,QAAM,aAAa,SAAS,IAAI,aAAa,IAAI,WAAW,CAAC;AAC7D,QAAM,iBAAiB,kBAAkB,IAAI,aAAa,IAAI,gBAAgB,CAAC,MAAM;AACrF,QAAM,eAAe,kBAAkB,IAAI,aAAa,IAAI,cAAc,CAAC,MAAM;AACjF,QAAM,QAAQ,WAAW,IAAI,aAAa,IAAI,OAAO,CAAC;AACtD,QAAM,YAAY,YAAY,KAAK,CAAC,UAAU,UAAU,IAAI,aAAa,IAAI,WAAW,CAAC,KAAK;AAC9F,QAAM,UAAU,gBAAgB,KAAK,CAAC,UAAU,UAAU,IAAI,aAAa,IAAI,SAAS,CAAC,KAAK;AAC9F,QAAM,SAAS,UAAU,IAAI,aAAa,IAAI,QAAQ,CAAC;AACvD,QAAM,QAAQ,UAAU,IAAI,aAAa,IAAI,OAAO,CAAC;AAErD,MAAI,iBAAiB;AACrB,MAAI,YAAY;AACd,QAAI,MAAM,eAAe,QAAQ,MAAM,WAAW,SAAS,UAAU,GAAG;AACtE,uBAAiB;AAAA,IACnB;AAAA,EACF;AAEA,MAAI,cAAkC,gBAAgB,SAAY,KAAK;AACvE,MAAI;AACJ,MAAI,iBAAiB,YAAY;AAC/B,UAAM,qBAAqB,SAAS,UAAU;AAC9C,QAAI,mBAAmB,WAAW,GAAG;AACnC,oBAAc,mBAAmB,CAAC;AAAA,IACpC,WAAW,mBAAmB,SAAS,GAAG;AACxC,oBAAc;AACd,qBAAe;AAAA,IACjB;AAAA,EACF;AAEA,QAAM,gBAAgB,MAAM,WAAW,KAAK;AAAA,IAC1C,UAAU,KAAK,YAAY;AAAA,IAC3B,gBAAgB,kBAAkB;AAAA,IAClC;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AACD,QAAM,UAAU,cAAc;AAE9B,QAAM,cAAc,MAAM,wBAAwB,IAAI;AAAA,IACpD,SAAS,QAAQ,IAAI,CAAC,UAAe,MAAM,WAAW,EAAE,OAAO,CAAC,UAAgC,QAAQ,KAAK,CAAC;AAAA,IAC9G,WAAW,QAAQ,IAAI,CAAC,UAAe,MAAM,QAAQ,EAAE,OAAO,CAAC,UAAgC,QAAQ,KAAK,CAAC;AAAA,IAC7G,iBAAiB,QAAQ,IAAI,CAAC,UAAe,MAAM,cAAc,EAAE,OAAO,CAAC,UAAgC,QAAQ,KAAK,CAAC;AAAA,EAC3H,CAAC;AAED,QAAM,OAAO,QAAQ,QAAQ,CAAC,UAAe;AAC3C,UAAM,aAAa,0BAA0B,KAAK;AAClD,UAAM,cAAc,eAAe,WAC/B,MAAM,eAAe,WACrB,WAAW,OAAO,CAAC,EAAE,YAAY,IAAI,WAAW,MAAM,CAAC;AAC3D,UAAM,UAAU;AAAA,MACd,MAAM,MAAM,WAAW,cAAc,KAAK;AAAA,MAC1C,MAAM,MAAM,cAAc,YAAY,MAAM,MAAM,WAAW,KAAK,MAAM,cAAc;AAAA,MACtF,QAAQ;AAAA,MACR,QAAQ,sBAAsB,MAAM,aAAa,MAAM,WAAW,EAAE,YAAY;AAAA,IAClF;AACA,UAAM,UAAU,kBAAkB,MAAM,aAAa,MAAM,cAAc;AAEzE,QAAI,QAAQ,WAAW,GAAG;AACxB,aAAO,CAAC;AAAA,QACN,GAAG;AAAA,QACH,OAAO;AAAA,QACP,UAAU;AAAA,QACV,UAAU;AAAA,MACZ,CAAC;AAAA,IACH;AAEA,WAAO,QAAQ,IAAI,CAAC,WAAW;AAC7B,aAAO;AAAA,QACL,GAAG;AAAA,QACH,OAAO,OAAO;AAAA,QACd,UAAU,YAAY,OAAO,IAAI;AAAA,QACjC,UAAU,YAAY,OAAO,EAAE;AAAA,MACjC;AAAA,IACF,CAAC;AAAA,EACH,CAAC;AAED,QAAM,WAA2B;AAAA,IAC/B,SAAS;AAAA,MACP,EAAE,OAAO,QAAQ,QAAQ,OAAO;AAAA,MAChC,EAAE,OAAO,QAAQ,QAAQ,OAAO;AAAA,MAChC,EAAE,OAAO,UAAU,QAAQ,SAAS;AAAA,MACpC,EAAE,OAAO,SAAS,QAAQ,QAAQ;AAAA,MAClC,EAAE,OAAO,YAAY,QAAQ,YAAY;AAAA,MACzC,EAAE,OAAO,YAAY,QAAQ,YAAY;AAAA,MACzC,EAAE,OAAO,UAAU,QAAQ,SAAS;AAAA,IACtC;AAAA,IACA;AAAA,EACF;AAEA,QAAM,aAAa,gBAAgB,UAAU,KAAK;AAClD,QAAM,WAAW,sBAAsB,oBAAoB,KAAK;AAEhE,SAAO,IAAI,SAAS,WAAW,MAAM;AAAA,IACnC,SAAS;AAAA,MACP,gBAAgB,WAAW;AAAA,MAC3B,uBAAuB,yBAAyB,QAAQ;AAAA,IAC1D;AAAA,EACF,CAAC;AACH;AAEO,MAAM,UAA2B;AAAA,EACtC,SAAS;AAAA,EACT,aAAa;AAAA,EACb,SAAS;AAAA,IACP,KAAK;AAAA,MACH,SAAS;AAAA,MACT,aACE;AAAA,MACF,OAAO;AAAA,MACP,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,qCAAqC,QAAQ,eAAe;AAAA,MAC1F;AAAA,MACA,QAAQ;AAAA,QACN,EAAE,QAAQ,KAAK,aAAa,yBAAyB,QAAQ,YAAY;AAAA,QACzE,EAAE,QAAQ,KAAK,aAAa,2BAA2B,QAAQ,YAAY;AAAA,MAC7E;AAAA,IACF;AAAA,EACF;AACF;",
   "names": []
 }