@open-mercato/core 0.5.1-develop.2691.d8a0934b37 → 0.5.1-develop.2694.732417c5ec

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (414) hide show
  1. package/dist/modules/api_keys/data/entities.js +1 -1
  2. package/dist/modules/api_keys/data/entities.js.map +1 -1
  3. package/dist/modules/api_keys/services/apiKeyService.js +5 -5
  4. package/dist/modules/api_keys/services/apiKeyService.js.map +2 -2
  5. package/dist/modules/attachments/api/library/[id]/route.js +1 -1
  6. package/dist/modules/attachments/api/library/[id]/route.js.map +2 -2
  7. package/dist/modules/attachments/api/library/route.js +7 -9
  8. package/dist/modules/attachments/api/library/route.js.map +2 -2
  9. package/dist/modules/attachments/api/partitions/route.js +3 -3
  10. package/dist/modules/attachments/api/partitions/route.js.map +2 -2
  11. package/dist/modules/attachments/api/route.js +6 -5
  12. package/dist/modules/attachments/api/route.js.map +2 -2
  13. package/dist/modules/attachments/api/transfer/route.js +1 -1
  14. package/dist/modules/attachments/api/transfer/route.js.map +2 -2
  15. package/dist/modules/attachments/data/entities.js +2 -1
  16. package/dist/modules/attachments/data/entities.js.map +2 -2
  17. package/dist/modules/attachments/lib/ocrQueue.js +1 -1
  18. package/dist/modules/attachments/lib/ocrQueue.js.map +2 -2
  19. package/dist/modules/audit_logs/api/audit-logs/actions/export/route.js.map +2 -2
  20. package/dist/modules/audit_logs/api/audit-logs/actions/route.js.map +2 -2
  21. package/dist/modules/audit_logs/data/entities.js +1 -1
  22. package/dist/modules/audit_logs/data/entities.js.map +1 -1
  23. package/dist/modules/audit_logs/services/actionLogService.js +77 -70
  24. package/dist/modules/audit_logs/services/actionLogService.js.map +2 -2
  25. package/dist/modules/auth/api/roles/acl/route.js +1 -1
  26. package/dist/modules/auth/api/roles/acl/route.js.map +2 -2
  27. package/dist/modules/auth/api/users/acl/route.js +2 -2
  28. package/dist/modules/auth/api/users/acl/route.js.map +2 -2
  29. package/dist/modules/auth/api/users/resend-invite/route.js +1 -1
  30. package/dist/modules/auth/api/users/resend-invite/route.js.map +2 -2
  31. package/dist/modules/auth/cli.js +12 -6
  32. package/dist/modules/auth/cli.js.map +2 -2
  33. package/dist/modules/auth/commands/users.js +1 -1
  34. package/dist/modules/auth/commands/users.js.map +2 -2
  35. package/dist/modules/auth/data/entities.js +1 -1
  36. package/dist/modules/auth/data/entities.js.map +2 -2
  37. package/dist/modules/auth/lib/setup-app.js +3 -3
  38. package/dist/modules/auth/lib/setup-app.js.map +2 -2
  39. package/dist/modules/auth/services/authService.js +2 -2
  40. package/dist/modules/auth/services/authService.js.map +2 -2
  41. package/dist/modules/business_rules/api/rules/route.js +3 -3
  42. package/dist/modules/business_rules/api/rules/route.js.map +2 -2
  43. package/dist/modules/business_rules/api/sets/[id]/members/route.js +7 -4
  44. package/dist/modules/business_rules/api/sets/[id]/members/route.js.map +2 -2
  45. package/dist/modules/business_rules/api/sets/route.js +3 -3
  46. package/dist/modules/business_rules/api/sets/route.js.map +2 -2
  47. package/dist/modules/business_rules/cli.js +1 -1
  48. package/dist/modules/business_rules/cli.js.map +2 -2
  49. package/dist/modules/business_rules/data/entities.js +2 -9
  50. package/dist/modules/business_rules/data/entities.js.map +2 -2
  51. package/dist/modules/business_rules/lib/rule-engine.js +1 -1
  52. package/dist/modules/business_rules/lib/rule-engine.js.map +2 -2
  53. package/dist/modules/catalog/api/option-schemas/route.js +0 -1
  54. package/dist/modules/catalog/api/option-schemas/route.js.map +2 -2
  55. package/dist/modules/catalog/data/entities.js +2 -11
  56. package/dist/modules/catalog/data/entities.js.map +2 -2
  57. package/dist/modules/configs/data/entities.js +2 -1
  58. package/dist/modules/configs/data/entities.js.map +2 -2
  59. package/dist/modules/currencies/commands/fetch-configs.js +3 -3
  60. package/dist/modules/currencies/commands/fetch-configs.js.map +2 -2
  61. package/dist/modules/currencies/data/entities.js +1 -1
  62. package/dist/modules/currencies/data/entities.js.map +2 -2
  63. package/dist/modules/customer_accounts/api/signup.js +1 -1
  64. package/dist/modules/customer_accounts/api/signup.js.map +2 -2
  65. package/dist/modules/customer_accounts/data/entities.js +1 -1
  66. package/dist/modules/customer_accounts/data/entities.js.map +2 -2
  67. package/dist/modules/customer_accounts/services/customerInvitationService.js +1 -1
  68. package/dist/modules/customer_accounts/services/customerInvitationService.js.map +2 -2
  69. package/dist/modules/customer_accounts/services/customerSessionService.js +1 -1
  70. package/dist/modules/customer_accounts/services/customerSessionService.js.map +2 -2
  71. package/dist/modules/customer_accounts/services/customerTokenService.js +12 -7
  72. package/dist/modules/customer_accounts/services/customerTokenService.js.map +2 -2
  73. package/dist/modules/customers/api/interactions/conflicts/route.js +19 -17
  74. package/dist/modules/customers/api/interactions/conflicts/route.js.map +2 -2
  75. package/dist/modules/customers/api/interactions/counts/route.js +7 -6
  76. package/dist/modules/customers/api/interactions/counts/route.js.map +2 -2
  77. package/dist/modules/customers/api/interactions/route.js +28 -42
  78. package/dist/modules/customers/api/interactions/route.js.map +2 -2
  79. package/dist/modules/customers/api/utils.js +29 -24
  80. package/dist/modules/customers/api/utils.js.map +2 -2
  81. package/dist/modules/customers/cli.js +45 -40
  82. package/dist/modules/customers/cli.js.map +2 -2
  83. package/dist/modules/customers/commands/dictionaries.js +1 -1
  84. package/dist/modules/customers/commands/dictionaries.js.map +2 -2
  85. package/dist/modules/customers/commands/tags.js +1 -1
  86. package/dist/modules/customers/commands/tags.js.map +2 -2
  87. package/dist/modules/customers/data/entities.js +2 -12
  88. package/dist/modules/customers/data/entities.js.map +2 -2
  89. package/dist/modules/customers/lib/interactionProjection.js +18 -15
  90. package/dist/modules/customers/lib/interactionProjection.js.map +2 -2
  91. package/dist/modules/customers/lib/personCompanyLinkTable.js +6 -8
  92. package/dist/modules/customers/lib/personCompanyLinkTable.js.map +2 -2
  93. package/dist/modules/dashboards/api/roles/widgets/route.js +1 -1
  94. package/dist/modules/dashboards/api/roles/widgets/route.js.map +2 -2
  95. package/dist/modules/dashboards/api/users/widgets/route.js +1 -1
  96. package/dist/modules/dashboards/api/users/widgets/route.js.map +2 -2
  97. package/dist/modules/dashboards/data/entities.js +1 -1
  98. package/dist/modules/dashboards/data/entities.js.map +1 -1
  99. package/dist/modules/data_sync/api/mappings/route.js +1 -1
  100. package/dist/modules/data_sync/api/mappings/route.js.map +2 -2
  101. package/dist/modules/data_sync/data/entities.js +2 -1
  102. package/dist/modules/data_sync/data/entities.js.map +2 -2
  103. package/dist/modules/data_sync/lib/id-mapping.js +1 -1
  104. package/dist/modules/data_sync/lib/id-mapping.js.map +2 -2
  105. package/dist/modules/data_sync/lib/sync-run-service.js +1 -1
  106. package/dist/modules/data_sync/lib/sync-run-service.js.map +2 -2
  107. package/dist/modules/dictionaries/commands/factory.js +1 -1
  108. package/dist/modules/dictionaries/commands/factory.js.map +2 -2
  109. package/dist/modules/dictionaries/data/entities.js +2 -9
  110. package/dist/modules/dictionaries/data/entities.js.map +2 -2
  111. package/dist/modules/directory/commands/organizations.js +4 -4
  112. package/dist/modules/directory/commands/organizations.js.map +2 -2
  113. package/dist/modules/directory/data/entities.js +2 -1
  114. package/dist/modules/directory/data/entities.js.map +2 -2
  115. package/dist/modules/entities/api/definitions.js +2 -2
  116. package/dist/modules/entities/api/definitions.js.map +2 -2
  117. package/dist/modules/entities/api/encryption.js +2 -2
  118. package/dist/modules/entities/api/encryption.js.map +2 -2
  119. package/dist/modules/entities/api/relations/options.js +2 -2
  120. package/dist/modules/entities/api/relations/options.js.map +2 -2
  121. package/dist/modules/entities/cli.js +4 -4
  122. package/dist/modules/entities/cli.js.map +2 -2
  123. package/dist/modules/entities/data/entities.js +1 -1
  124. package/dist/modules/entities/data/entities.js.map +2 -2
  125. package/dist/modules/entities/lib/field-definitions.js +2 -2
  126. package/dist/modules/entities/lib/field-definitions.js.map +2 -2
  127. package/dist/modules/entities/lib/register.js +1 -1
  128. package/dist/modules/entities/lib/register.js.map +2 -2
  129. package/dist/modules/feature_toggles/data/entities.js +2 -9
  130. package/dist/modules/feature_toggles/data/entities.js.map +2 -2
  131. package/dist/modules/inbox_ops/api/proposals/counts/route.js +3 -6
  132. package/dist/modules/inbox_ops/api/proposals/counts/route.js.map +2 -2
  133. package/dist/modules/inbox_ops/data/entities.js +2 -8
  134. package/dist/modules/inbox_ops/data/entities.js.map +2 -2
  135. package/dist/modules/inbox_ops/lib/messagesIntegration.js +6 -6
  136. package/dist/modules/inbox_ops/lib/messagesIntegration.js.map +2 -2
  137. package/dist/modules/integrations/data/entities.js +2 -1
  138. package/dist/modules/integrations/data/entities.js.map +2 -2
  139. package/dist/modules/integrations/lib/credentials-service.js +1 -1
  140. package/dist/modules/integrations/lib/credentials-service.js.map +2 -2
  141. package/dist/modules/integrations/lib/log-service.js +1 -1
  142. package/dist/modules/integrations/lib/log-service.js.map +2 -2
  143. package/dist/modules/integrations/lib/state-service.js +1 -1
  144. package/dist/modules/integrations/lib/state-service.js.map +2 -2
  145. package/dist/modules/messages/api/route.js +90 -93
  146. package/dist/modules/messages/api/route.js.map +2 -2
  147. package/dist/modules/messages/api/unread-count/route.js +8 -7
  148. package/dist/modules/messages/api/unread-count/route.js.map +2 -2
  149. package/dist/modules/messages/commands/confirmations.js +1 -1
  150. package/dist/modules/messages/commands/confirmations.js.map +2 -2
  151. package/dist/modules/messages/commands/messages.js +3 -3
  152. package/dist/modules/messages/commands/messages.js.map +2 -2
  153. package/dist/modules/messages/data/entities.js +2 -1
  154. package/dist/modules/messages/data/entities.js.map +2 -2
  155. package/dist/modules/messages/lib/email-sender.js +1 -1
  156. package/dist/modules/messages/lib/email-sender.js.map +2 -2
  157. package/dist/modules/messages/lib/searchLookup.js +8 -8
  158. package/dist/modules/messages/lib/searchLookup.js.map +2 -2
  159. package/dist/modules/messages/lib/tokenConsumption.js +9 -4
  160. package/dist/modules/messages/lib/tokenConsumption.js.map +2 -2
  161. package/dist/modules/notifications/data/entities.js +2 -1
  162. package/dist/modules/notifications/data/entities.js.map +2 -2
  163. package/dist/modules/notifications/lib/notificationRecipients.js +15 -5
  164. package/dist/modules/notifications/lib/notificationRecipients.js.map +2 -2
  165. package/dist/modules/notifications/lib/notificationService.js +39 -34
  166. package/dist/modules/notifications/lib/notificationService.js.map +2 -2
  167. package/dist/modules/notifications/workers/create-notification.worker.js +14 -13
  168. package/dist/modules/notifications/workers/create-notification.worker.js.map +2 -2
  169. package/dist/modules/payment_gateways/api/transactions/route.js +2 -2
  170. package/dist/modules/payment_gateways/api/transactions/route.js.map +2 -2
  171. package/dist/modules/payment_gateways/data/entities.js +2 -1
  172. package/dist/modules/payment_gateways/data/entities.js.map +2 -2
  173. package/dist/modules/payment_gateways/lib/gateway-service.js +1 -1
  174. package/dist/modules/payment_gateways/lib/gateway-service.js.map +2 -2
  175. package/dist/modules/payment_gateways/lib/webhook-utils.js +2 -2
  176. package/dist/modules/payment_gateways/lib/webhook-utils.js.map +2 -2
  177. package/dist/modules/perspectives/data/entities.js +1 -1
  178. package/dist/modules/perspectives/data/entities.js.map +2 -2
  179. package/dist/modules/planner/data/entities.js +1 -1
  180. package/dist/modules/planner/data/entities.js.map +2 -2
  181. package/dist/modules/progress/data/entities.js +2 -1
  182. package/dist/modules/progress/data/entities.js.map +2 -2
  183. package/dist/modules/progress/lib/progressServiceImpl.js +1 -1
  184. package/dist/modules/progress/lib/progressServiceImpl.js.map +2 -2
  185. package/dist/modules/query_index/api/status.js +66 -57
  186. package/dist/modules/query_index/api/status.js.map +2 -2
  187. package/dist/modules/query_index/cli.js +39 -24
  188. package/dist/modules/query_index/cli.js.map +2 -2
  189. package/dist/modules/query_index/data/entities.js +1 -1
  190. package/dist/modules/query_index/data/entities.js.map +2 -2
  191. package/dist/modules/query_index/di.js +25 -13
  192. package/dist/modules/query_index/di.js.map +2 -2
  193. package/dist/modules/query_index/lib/batch.js +31 -33
  194. package/dist/modules/query_index/lib/batch.js.map +2 -2
  195. package/dist/modules/query_index/lib/coverage.js +63 -50
  196. package/dist/modules/query_index/lib/coverage.js.map +2 -2
  197. package/dist/modules/query_index/lib/engine.js +592 -588
  198. package/dist/modules/query_index/lib/engine.js.map +2 -2
  199. package/dist/modules/query_index/lib/indexer.js +74 -47
  200. package/dist/modules/query_index/lib/indexer.js.map +2 -2
  201. package/dist/modules/query_index/lib/jobs.js +37 -24
  202. package/dist/modules/query_index/lib/jobs.js.map +2 -2
  203. package/dist/modules/query_index/lib/purge.js +19 -11
  204. package/dist/modules/query_index/lib/purge.js.map +2 -2
  205. package/dist/modules/query_index/lib/reindexer.js +47 -44
  206. package/dist/modules/query_index/lib/reindexer.js.map +2 -2
  207. package/dist/modules/query_index/lib/search-tokens.js +47 -25
  208. package/dist/modules/query_index/lib/search-tokens.js.map +2 -2
  209. package/dist/modules/query_index/lib/stale.js +14 -12
  210. package/dist/modules/query_index/lib/stale.js.map +2 -2
  211. package/dist/modules/query_index/lib/subscriber-scope.js +2 -2
  212. package/dist/modules/query_index/lib/subscriber-scope.js.map +2 -2
  213. package/dist/modules/query_index/subscribers/delete_one.js +3 -2
  214. package/dist/modules/query_index/subscribers/delete_one.js.map +2 -2
  215. package/dist/modules/resources/commands/tag-assignments.js +1 -1
  216. package/dist/modules/resources/commands/tag-assignments.js.map +2 -2
  217. package/dist/modules/resources/commands/tags.js +1 -1
  218. package/dist/modules/resources/commands/tags.js.map +2 -2
  219. package/dist/modules/resources/data/entities.js +2 -1
  220. package/dist/modules/resources/data/entities.js.map +2 -2
  221. package/dist/modules/sales/commands/documentAddresses.js +2 -2
  222. package/dist/modules/sales/commands/documentAddresses.js.map +2 -2
  223. package/dist/modules/sales/commands/notes.js.map +2 -2
  224. package/dist/modules/sales/commands/tags.js +1 -1
  225. package/dist/modules/sales/commands/tags.js.map +2 -2
  226. package/dist/modules/sales/data/enrichers.js +9 -8
  227. package/dist/modules/sales/data/enrichers.js.map +2 -2
  228. package/dist/modules/sales/data/entities.js +2 -11
  229. package/dist/modules/sales/data/entities.js.map +2 -2
  230. package/dist/modules/shipping_carriers/data/entities.js +2 -1
  231. package/dist/modules/shipping_carriers/data/entities.js.map +2 -2
  232. package/dist/modules/shipping_carriers/lib/shipping-service.js +1 -1
  233. package/dist/modules/shipping_carriers/lib/shipping-service.js.map +2 -2
  234. package/dist/modules/shipping_carriers/lib/webhook-utils.js +2 -2
  235. package/dist/modules/shipping_carriers/lib/webhook-utils.js.map +2 -2
  236. package/dist/modules/staff/data/entities.js +1 -1
  237. package/dist/modules/staff/data/entities.js.map +2 -2
  238. package/dist/modules/translations/api/[entityType]/[entityId]/route.js +3 -5
  239. package/dist/modules/translations/api/[entityType]/[entityId]/route.js.map +2 -2
  240. package/dist/modules/translations/api/context.js +2 -2
  241. package/dist/modules/translations/api/context.js.map +2 -2
  242. package/dist/modules/translations/commands/translations.js +46 -39
  243. package/dist/modules/translations/commands/translations.js.map +2 -2
  244. package/dist/modules/translations/components/TranslationManager.js +19 -10
  245. package/dist/modules/translations/components/TranslationManager.js.map +2 -2
  246. package/dist/modules/translations/data/entities.js +1 -1
  247. package/dist/modules/translations/data/entities.js.map +2 -2
  248. package/dist/modules/translations/lib/apply.js +4 -4
  249. package/dist/modules/translations/lib/apply.js.map +2 -2
  250. package/dist/modules/translations/lib/batch.js +3 -2
  251. package/dist/modules/translations/lib/batch.js.map +2 -2
  252. package/dist/modules/translations/subscribers/cleanup.js +3 -5
  253. package/dist/modules/translations/subscribers/cleanup.js.map +2 -2
  254. package/dist/modules/workflows/api/definitions/route.js +1 -1
  255. package/dist/modules/workflows/api/definitions/route.js.map +2 -2
  256. package/dist/modules/workflows/cli.js +5 -5
  257. package/dist/modules/workflows/cli.js.map +2 -2
  258. package/dist/modules/workflows/data/entities.js +2 -1
  259. package/dist/modules/workflows/data/entities.js.map +2 -2
  260. package/dist/modules/workflows/lib/event-logger.js +2 -2
  261. package/dist/modules/workflows/lib/event-logger.js.map +2 -2
  262. package/dist/modules/workflows/lib/seeds.js +16 -1
  263. package/dist/modules/workflows/lib/seeds.js.map +2 -2
  264. package/dist/modules/workflows/lib/step-handler.js +3 -3
  265. package/dist/modules/workflows/lib/step-handler.js.map +2 -2
  266. package/dist/modules/workflows/lib/task-handler.js +1 -1
  267. package/dist/modules/workflows/lib/task-handler.js.map +2 -2
  268. package/dist/modules/workflows/lib/transition-handler.js +1 -1
  269. package/dist/modules/workflows/lib/transition-handler.js.map +2 -2
  270. package/dist/modules/workflows/lib/workflow-executor.js +2 -2
  271. package/dist/modules/workflows/lib/workflow-executor.js.map +2 -2
  272. package/jest.config.cjs +4 -2
  273. package/package.json +3 -3
  274. package/src/modules/api_keys/data/entities.ts +1 -1
  275. package/src/modules/api_keys/services/apiKeyService.ts +5 -5
  276. package/src/modules/attachments/api/library/[id]/route.ts +1 -1
  277. package/src/modules/attachments/api/library/route.ts +10 -12
  278. package/src/modules/attachments/api/partitions/route.ts +3 -3
  279. package/src/modules/attachments/api/route.ts +10 -8
  280. package/src/modules/attachments/api/transfer/route.ts +1 -1
  281. package/src/modules/attachments/data/entities.ts +2 -1
  282. package/src/modules/attachments/lib/ocrQueue.ts +1 -1
  283. package/src/modules/audit_logs/api/audit-logs/actions/export/route.ts +4 -4
  284. package/src/modules/audit_logs/api/audit-logs/actions/route.ts +4 -4
  285. package/src/modules/audit_logs/data/entities.ts +1 -1
  286. package/src/modules/audit_logs/services/actionLogService.ts +96 -87
  287. package/src/modules/auth/api/roles/acl/route.ts +1 -1
  288. package/src/modules/auth/api/users/acl/route.ts +2 -2
  289. package/src/modules/auth/api/users/resend-invite/route.ts +1 -1
  290. package/src/modules/auth/cli.ts +46 -40
  291. package/src/modules/auth/commands/users.ts +1 -1
  292. package/src/modules/auth/data/entities.ts +1 -1
  293. package/src/modules/auth/lib/setup-app.ts +3 -3
  294. package/src/modules/auth/services/authService.ts +2 -2
  295. package/src/modules/business_rules/api/rules/route.ts +3 -3
  296. package/src/modules/business_rules/api/sets/[id]/members/route.ts +7 -4
  297. package/src/modules/business_rules/api/sets/route.ts +3 -3
  298. package/src/modules/business_rules/cli.ts +1 -1
  299. package/src/modules/business_rules/data/entities.ts +2 -9
  300. package/src/modules/business_rules/lib/rule-engine.ts +1 -1
  301. package/src/modules/catalog/api/option-schemas/route.ts +0 -1
  302. package/src/modules/catalog/data/entities.ts +2 -11
  303. package/src/modules/configs/data/entities.ts +2 -1
  304. package/src/modules/currencies/commands/fetch-configs.ts +3 -3
  305. package/src/modules/currencies/data/entities.ts +1 -1
  306. package/src/modules/customer_accounts/api/signup.ts +1 -1
  307. package/src/modules/customer_accounts/data/entities.ts +1 -1
  308. package/src/modules/customer_accounts/services/customerInvitationService.ts +1 -1
  309. package/src/modules/customer_accounts/services/customerSessionService.ts +1 -1
  310. package/src/modules/customer_accounts/services/customerTokenService.ts +26 -15
  311. package/src/modules/customers/api/interactions/conflicts/route.ts +26 -23
  312. package/src/modules/customers/api/interactions/counts/route.ts +13 -11
  313. package/src/modules/customers/api/interactions/route.ts +32 -44
  314. package/src/modules/customers/api/utils.ts +45 -37
  315. package/src/modules/customers/cli.ts +88 -67
  316. package/src/modules/customers/commands/dictionaries.ts +1 -1
  317. package/src/modules/customers/commands/tags.ts +1 -1
  318. package/src/modules/customers/data/entities.ts +2 -12
  319. package/src/modules/customers/lib/interactionProjection.ts +36 -25
  320. package/src/modules/customers/lib/personCompanyLinkTable.ts +13 -18
  321. package/src/modules/dashboards/api/roles/widgets/route.ts +1 -1
  322. package/src/modules/dashboards/api/users/widgets/route.ts +1 -1
  323. package/src/modules/dashboards/data/entities.ts +1 -1
  324. package/src/modules/data_sync/api/mappings/route.ts +1 -1
  325. package/src/modules/data_sync/data/entities.ts +2 -1
  326. package/src/modules/data_sync/lib/id-mapping.ts +1 -1
  327. package/src/modules/data_sync/lib/sync-run-service.ts +1 -1
  328. package/src/modules/dictionaries/commands/factory.ts +1 -1
  329. package/src/modules/dictionaries/data/entities.ts +2 -9
  330. package/src/modules/directory/commands/organizations.ts +4 -4
  331. package/src/modules/directory/data/entities.ts +2 -1
  332. package/src/modules/entities/api/definitions.ts +2 -2
  333. package/src/modules/entities/api/encryption.ts +2 -2
  334. package/src/modules/entities/api/relations/options.ts +8 -3
  335. package/src/modules/entities/cli.ts +4 -4
  336. package/src/modules/entities/data/entities.ts +1 -1
  337. package/src/modules/entities/lib/field-definitions.ts +2 -2
  338. package/src/modules/entities/lib/register.ts +1 -1
  339. package/src/modules/feature_toggles/data/entities.ts +2 -9
  340. package/src/modules/inbox_ops/api/proposals/counts/route.ts +10 -10
  341. package/src/modules/inbox_ops/data/entities.ts +2 -8
  342. package/src/modules/inbox_ops/lib/messagesIntegration.ts +12 -11
  343. package/src/modules/integrations/data/entities.ts +2 -1
  344. package/src/modules/integrations/lib/credentials-service.ts +1 -1
  345. package/src/modules/integrations/lib/log-service.ts +1 -1
  346. package/src/modules/integrations/lib/state-service.ts +1 -1
  347. package/src/modules/messages/api/route.ts +134 -123
  348. package/src/modules/messages/api/unread-count/route.ts +19 -16
  349. package/src/modules/messages/commands/confirmations.ts +1 -1
  350. package/src/modules/messages/commands/messages.ts +3 -3
  351. package/src/modules/messages/data/entities.ts +2 -1
  352. package/src/modules/messages/lib/email-sender.ts +1 -1
  353. package/src/modules/messages/lib/searchLookup.ts +16 -13
  354. package/src/modules/messages/lib/tokenConsumption.ts +16 -8
  355. package/src/modules/notifications/data/entities.ts +2 -1
  356. package/src/modules/notifications/lib/notificationRecipients.ts +42 -26
  357. package/src/modules/notifications/lib/notificationService.ts +53 -42
  358. package/src/modules/notifications/workers/create-notification.worker.ts +20 -17
  359. package/src/modules/payment_gateways/api/transactions/route.ts +2 -2
  360. package/src/modules/payment_gateways/data/entities.ts +2 -1
  361. package/src/modules/payment_gateways/lib/gateway-service.ts +1 -1
  362. package/src/modules/payment_gateways/lib/webhook-utils.ts +2 -2
  363. package/src/modules/perspectives/data/entities.ts +1 -1
  364. package/src/modules/planner/data/entities.ts +1 -1
  365. package/src/modules/progress/data/entities.ts +2 -1
  366. package/src/modules/progress/lib/progressServiceImpl.ts +1 -1
  367. package/src/modules/query_index/api/status.ts +85 -71
  368. package/src/modules/query_index/cli.ts +51 -31
  369. package/src/modules/query_index/data/entities.ts +1 -1
  370. package/src/modules/query_index/di.ts +41 -16
  371. package/src/modules/query_index/lib/batch.ts +68 -55
  372. package/src/modules/query_index/lib/coverage.ts +115 -88
  373. package/src/modules/query_index/lib/engine.ts +1036 -1096
  374. package/src/modules/query_index/lib/indexer.ts +115 -79
  375. package/src/modules/query_index/lib/jobs.ts +51 -31
  376. package/src/modules/query_index/lib/purge.ts +25 -19
  377. package/src/modules/query_index/lib/reindexer.ts +97 -84
  378. package/src/modules/query_index/lib/search-tokens.ts +67 -36
  379. package/src/modules/query_index/lib/stale.ts +14 -17
  380. package/src/modules/query_index/lib/subscriber-scope.ts +6 -5
  381. package/src/modules/query_index/subscribers/delete_one.ts +9 -6
  382. package/src/modules/resources/commands/tag-assignments.ts +1 -1
  383. package/src/modules/resources/commands/tags.ts +1 -1
  384. package/src/modules/resources/data/entities.ts +2 -1
  385. package/src/modules/sales/commands/documentAddresses.ts +2 -2
  386. package/src/modules/sales/commands/notes.ts +1 -1
  387. package/src/modules/sales/commands/tags.ts +1 -1
  388. package/src/modules/sales/data/enrichers.ts +17 -13
  389. package/src/modules/sales/data/entities.ts +2 -11
  390. package/src/modules/shipping_carriers/data/entities.ts +2 -1
  391. package/src/modules/shipping_carriers/lib/shipping-service.ts +1 -1
  392. package/src/modules/shipping_carriers/lib/webhook-utils.ts +2 -2
  393. package/src/modules/staff/data/entities.ts +1 -1
  394. package/src/modules/translations/api/[entityType]/[entityId]/route.ts +14 -11
  395. package/src/modules/translations/api/context.ts +4 -4
  396. package/src/modules/translations/commands/translations.ts +116 -81
  397. package/src/modules/translations/components/TranslationManager.tsx +23 -14
  398. package/src/modules/translations/data/entities.ts +1 -1
  399. package/src/modules/translations/i18n/de.json +1 -0
  400. package/src/modules/translations/i18n/en.json +1 -0
  401. package/src/modules/translations/i18n/es.json +1 -0
  402. package/src/modules/translations/i18n/pl.json +1 -0
  403. package/src/modules/translations/lib/apply.ts +6 -6
  404. package/src/modules/translations/lib/batch.ts +9 -7
  405. package/src/modules/translations/subscribers/cleanup.ts +10 -11
  406. package/src/modules/workflows/api/definitions/route.ts +1 -1
  407. package/src/modules/workflows/cli.ts +5 -5
  408. package/src/modules/workflows/data/entities.ts +2 -1
  409. package/src/modules/workflows/lib/event-logger.ts +2 -2
  410. package/src/modules/workflows/lib/seeds.ts +16 -1
  411. package/src/modules/workflows/lib/step-handler.ts +3 -3
  412. package/src/modules/workflows/lib/task-handler.ts +1 -1
  413. package/src/modules/workflows/lib/transition-handler.ts +1 -1
  414. package/src/modules/workflows/lib/workflow-executor.ts +2 -2
package/dist/modules/audit_logs/services/actionLogService.js CHANGED
@@ -1,3 +1,4 @@
1
+ import { sql } from "kysely";
1
2
  import { ActionLog } from "@open-mercato/core/modules/audit_logs/data/entities";
2
3
  import {
3
4
  actionLogCreateSchema,
@@ -123,7 +124,7 @@ class ActionLogService {
123
124
  const data = this.parseCreateInput(input);
124
125
  const fork = this.em.fork();
125
126
  const log = this.createLogEntity(fork, data);
126
- await fork.persistAndFlush(log);
127
+ await fork.persist(log).flush();
127
128
  await this.decryptEntries(log);
128
129
  return log;
129
130
  }
@@ -260,12 +261,12 @@ class ActionLogService {
260
261
  return { page, pageSize, offset, limit: pageSize };
261
262
  }
262
263
  async loadEntries(parsed, options) {
263
- const query = this.buildListQuery(parsed).select("action_logs.id as id");
264
+ let query = this.buildListQuery(parsed).select("action_logs.id as id");
264
265
  if (options?.paginate !== false) {
265
266
  const { limit, offset } = this.resolvePagination(parsed);
266
- query.limit(limit).offset(offset);
267
+ query = query.limit(limit).offset(offset);
267
268
  }
268
- const rows = await query;
269
+ const rows = await query.execute();
269
270
  const ids = rows.map((row) => row.id).filter(Boolean);
270
271
  if (ids.length === 0) return [];
271
272
  const results = await this.em.find(ActionLog, {
@@ -277,70 +278,68 @@ class ActionLogService {
277
278
  return ids.map((id) => byId.get(id)).filter((entry) => Boolean(entry));
278
279
  }
279
280
  buildListQuery(parsed) {
280
- const query = this.em.getKnex()("action_logs").whereNull("action_logs.deleted_at");
281
- if (parsed.tenantId) query.andWhere("action_logs.tenant_id", parsed.tenantId);
282
- if (parsed.organizationId) query.andWhere("action_logs.organization_id", parsed.organizationId);
281
+ let query = this.em.getKysely().selectFrom("action_logs").selectAll().where("action_logs.deleted_at", "is", null);
282
+ if (parsed.tenantId) query = query.where("action_logs.tenant_id", "=", parsed.tenantId);
283
+ if (parsed.organizationId) query = query.where("action_logs.organization_id", "=", parsed.organizationId);
283
284
  const actorUserIds = this.resolveActorUserIds(parsed);
284
- if (actorUserIds.length === 1) query.andWhere("action_logs.actor_user_id", actorUserIds[0]);
285
- if (actorUserIds.length > 1) query.whereIn("action_logs.actor_user_id", actorUserIds);
285
+ if (actorUserIds.length === 1) query = query.where("action_logs.actor_user_id", "=", actorUserIds[0]);
286
+ if (actorUserIds.length > 1) query = query.where("action_logs.actor_user_id", "in", actorUserIds);
286
287
  if (parsed.includeRelated && parsed.resourceKind && parsed.resourceId) {
287
- query.andWhere(function applyRelatedScope() {
288
- this.where({
289
- "action_logs.resource_kind": parsed.resourceKind,
290
- "action_logs.resource_id": parsed.resourceId
291
- }).orWhere({
292
- "action_logs.parent_resource_kind": parsed.resourceKind,
293
- "action_logs.parent_resource_id": parsed.resourceId
294
- });
295
- });
288
+ query = query.where(
289
+ (eb) => eb.or([
290
+ eb.and([
291
+ eb("action_logs.resource_kind", "=", parsed.resourceKind),
292
+ eb("action_logs.resource_id", "=", parsed.resourceId)
293
+ ]),
294
+ eb.and([
295
+ eb("action_logs.parent_resource_kind", "=", parsed.resourceKind),
296
+ eb("action_logs.parent_resource_id", "=", parsed.resourceId)
297
+ ])
298
+ ])
299
+ );
296
300
  } else {
297
- if (parsed.resourceKind) query.andWhere("action_logs.resource_kind", parsed.resourceKind);
298
- if (parsed.resourceId) query.andWhere("action_logs.resource_id", parsed.resourceId);
301
+ if (parsed.resourceKind) query = query.where("action_logs.resource_kind", "=", parsed.resourceKind);
302
+ if (parsed.resourceId) query = query.where("action_logs.resource_id", "=", parsed.resourceId);
299
303
  }
300
- if (parsed.undoableOnly) query.whereNotNull("action_logs.undo_token");
301
- if (parsed.before) query.andWhere("action_logs.created_at", "<", parsed.before);
302
- if (parsed.after) query.andWhere("action_logs.created_at", ">", parsed.after);
304
+ if (parsed.undoableOnly) query = query.where("action_logs.undo_token", "is not", null);
305
+ if (parsed.before) query = query.where("action_logs.created_at", "<", parsed.before);
306
+ if (parsed.after) query = query.where("action_logs.created_at", ">", parsed.after);
303
307
  const fieldNames = this.resolveFieldNames(parsed);
304
- if (fieldNames.length > 0) {
305
- const placeholders = fieldNames.map(() => "?").join(", ");
306
- query.andWhereRaw(
307
- `coalesce(action_logs.changed_fields, ARRAY[]::text[]) && ARRAY[${placeholders}]::text[]`,
308
- fieldNames
309
- );
310
- }
308
+ if (fieldNames.length === 1) query = query.where("action_logs.primary_changed_field", "=", fieldNames[0]);
309
+ if (fieldNames.length > 1) query = query.where("action_logs.primary_changed_field", "in", fieldNames);
311
310
  const actionTypes = this.resolveActionTypes(parsed);
312
- if (actionTypes.length === 1) query.andWhere("action_logs.action_type", actionTypes[0]);
313
- if (actionTypes.length > 1) query.whereIn("action_logs.action_type", actionTypes);
311
+ if (actionTypes.length === 1) query = query.where("action_logs.action_type", "=", actionTypes[0]);
312
+ if (actionTypes.length > 1) query = query.where("action_logs.action_type", "in", actionTypes);
314
313
  if (parsed.sortField === "user") {
315
- query.leftJoin("users as audit_actor", "audit_actor.id", "action_logs.actor_user_id");
314
+ query = query.leftJoin("users as audit_actor", "audit_actor.id", "action_logs.actor_user_id");
316
315
  }
317
316
  const sortDir = parsed.sortDir === "asc" ? "asc" : "desc";
318
317
  switch (parsed.sortField) {
319
318
  case "user":
320
- query.orderByRaw(`coalesce(nullif(audit_actor.name, ''), audit_actor.email, '') ${sortDir}`);
319
+ query = query.orderBy(sql`coalesce(nullif(audit_actor.name, ''), audit_actor.email, '')`, sortDir);
321
320
  break;
322
321
  case "action":
323
- query.orderByRaw(`coalesce(action_logs.action_type, '') ${sortDir}`);
322
+ query = query.orderBy(sql`coalesce(action_logs.action_type, '')`, sortDir);
324
323
  break;
325
324
  case "field":
326
- query.orderByRaw(`coalesce(action_logs.primary_changed_field, '') ${sortDir}`);
325
+ query = query.orderBy(sql`coalesce(action_logs.primary_changed_field, '')`, sortDir);
327
326
  break;
328
327
  case "source":
329
- query.orderByRaw(`coalesce(action_logs.source_key, '') ${sortDir}`);
328
+ query = query.orderBy(sql`coalesce(action_logs.source_key, '')`, sortDir);
330
329
  break;
331
330
  case "createdAt":
332
331
  default:
333
- query.orderBy(SORT_FIELDS.createdAt, sortDir);
334
- query.orderBy("action_logs.id", sortDir);
332
+ query = query.orderBy(SORT_FIELDS.createdAt, sortDir);
333
+ query = query.orderBy("action_logs.id", sortDir);
335
334
  return query;
336
335
  }
337
- query.orderBy("action_logs.created_at", "desc");
338
- query.orderBy("action_logs.id", "desc");
336
+ query = query.orderBy("action_logs.created_at", "desc");
337
+ query = query.orderBy("action_logs.id", "desc");
339
338
  return query;
340
339
  }
341
340
  async count(query) {
342
341
  const parsed = this.parseListQuery(query);
343
- const row = await this.buildListQuery(parsed).clearOrder().count({ count: "*" }).first();
342
+ const row = await this.buildListQuery(parsed).clearSelect().clearOrderBy().select(sql`count(*)`.as("count")).executeTakeFirst();
344
343
  if (!row) return 0;
345
344
  const rawCount = row.count ?? 0;
346
345
  return typeof rawCount === "number" ? rawCount : Number.parseInt(rawCount, 10) || 0;
@@ -441,35 +440,43 @@ class ActionLogService {
441
440
  let cursorCreatedAt = null;
442
441
  let cursorId = null;
443
442
  while (true) {
444
- const rowsQuery = this.em.getKnex()("action_logs").select(
445
- "id",
446
- "tenant_id",
447
- "organization_id",
448
- "actor_user_id",
449
- "command_id",
450
- "action_label",
451
- "snapshot_before",
452
- "changes_json",
453
- "context_json",
454
- "action_type",
455
- "source_key",
456
- "changed_fields",
457
- "primary_changed_field",
458
- "created_at"
459
- ).whereNull("deleted_at");
460
- if (options.tenantId) rowsQuery.andWhere("tenant_id", options.tenantId);
461
- if (options.organizationId) rowsQuery.andWhere("organization_id", options.organizationId);
443
+ const rowsQuery = this.em.getKysely().selectFrom("action_logs").select([
444
+ "action_logs.id",
445
+ "action_logs.tenant_id",
446
+ "action_logs.organization_id",
447
+ "action_logs.actor_user_id",
448
+ "action_logs.command_id",
449
+ "action_logs.action_label",
450
+ "action_logs.snapshot_before",
451
+ "action_logs.changes_json",
452
+ "action_logs.context_json",
453
+ "action_logs.action_type",
454
+ "action_logs.source_key",
455
+ "action_logs.changed_fields",
456
+ "action_logs.primary_changed_field",
457
+ "action_logs.created_at"
458
+ ]).where("action_logs.deleted_at", "is", null);
459
+ if (options.tenantId) rowsQuery.where("action_logs.tenant_id", "=", options.tenantId);
460
+ if (options.organizationId) rowsQuery.where("action_logs.organization_id", "=", options.organizationId);
462
461
  if (!options.force) {
463
- rowsQuery.andWhere((builder) => {
464
- builder.whereNull("action_type").orWhereNull("source_key").orWhereNull("changed_fields");
465
- });
462
+ rowsQuery.where(
463
+ (eb) => eb.or([
464
+ eb("action_logs.action_type", "is", null),
465
+ eb("action_logs.source_key", "is", null),
466
+ eb("action_logs.changed_fields", "is", null)
467
+ ])
468
+ );
466
469
  }
467
470
  if (cursorCreatedAt && cursorId) {
468
- rowsQuery.andWhere((builder) => {
469
- builder.where("created_at", ">", cursorCreatedAt).orWhere((nested) => {
470
- nested.where("created_at", cursorCreatedAt).andWhere("id", ">", cursorId);
471
- });
472
- });
471
+ rowsQuery.where(
472
+ (eb) => eb.or([
473
+ eb("action_logs.created_at", ">", cursorCreatedAt),
474
+ eb.and([
475
+ eb("action_logs.created_at", "=", cursorCreatedAt),
476
+ eb("action_logs.id", ">", cursorId)
477
+ ])
478
+ ])
479
+ );
473
480
  }
474
481
  const rows = await rowsQuery.orderBy("created_at", "asc").orderBy("id", "asc").limit(batchSize);
475
482
  if (rows.length === 0) break;
@@ -490,12 +497,12 @@ class ActionLogService {
490
497
  result.skipped += 1;
491
498
  continue;
492
499
  }
493
- await this.em.getKnex()("action_logs").where({ id: row.id }).update({
500
+ await this.em.getKysely().updateTable("action_logs").set({
494
501
  action_type: projection.actionType,
495
502
  changed_fields: projection.changedFields,
496
503
  primary_changed_field: projection.primaryChangedField,
497
504
  source_key: projection.sourceKey
498
- });
505
+ }).where("id", "=", row.id).execute();
499
506
  result.updated += 1;
500
507
  } catch (err) {
501
508
  result.errors += 1;
package/dist/modules/audit_logs/services/actionLogService.js.map CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "version": 3,
3
3
  "sources": ["../../../../src/modules/audit_logs/services/actionLogService.ts"],
4
- "sourcesContent": ["import type { FilterQuery } from '@mikro-orm/core'\nimport type { EntityManager } from '@mikro-orm/postgresql'\nimport { ActionLog } from '@open-mercato/core/modules/audit_logs/data/entities'\nimport {\n actionLogCreateSchema,\n actionLogListSchema,\n type ActionLogCreateInput,\n type ActionLogListQuery,\n} from '@open-mercato/core/modules/audit_logs/data/validators'\nimport { isRecord } from '@open-mercato/core/modules/audit_logs/lib/changeRows'\nimport {\n ACTION_LOG_FILTER_TYPES,\n type ActionLogFilterType,\n deriveActionLogProjection,\n} from '@open-mercato/core/modules/audit_logs/lib/projections'\nimport { decryptWithAesGcm } from '@open-mercato/shared/lib/encryption/aes'\nimport { TenantDataEncryptionService } from '@open-mercato/shared/lib/encryption/tenantDataEncryptionService'\nimport { toOptionalString } from '@open-mercato/shared/lib/string/coerce'\n\nlet validationWarningLogged = false\nlet runtimeValidationAvailable: boolean | null = null\nlet decryptionWarningLogged = false\n\nconst isZodRuntimeMissing = (err: unknown) => err instanceof TypeError && typeof err.message === 'string' && err.message.includes('_zod')\n\nconst SORT_FIELDS = {\n createdAt: 'action_logs.created_at',\n} as const\n\ntype ActionLogProjectionBackfillOptions = {\n batchSize?: number\n force?: boolean\n logger?: (message: string) => void\n organizationId?: string | null\n tenantId?: string | null\n}\n\nexport type ActionLogProjectionBackfillResult = {\n errors: number\n scanned: number\n skipped: number\n updated: number\n}\n\ntype BackfillRow = {\n action_label: string | null\n action_type: string | null\n actor_user_id: string | null\n changed_fields: string[] | null\n changes_json: Record<string, unknown> | null\n command_id: string\n context_json: Record<string, unknown> | null\n created_at: Date\n id: string\n organization_id: string | null\n primary_changed_field: string | null\n snapshot_before: unknown | null\n source_key: string | null\n tenant_id: string | null\n}\n\nfunction readString(record: Record<string, unknown>, ...keys: string[]): string | null {\n for (const key of keys) {\n const value = record[key]\n if (typeof value === 'string' && value.length > 0) return value\n }\n\n return null\n}\n\nfunction readRecord(record: Record<string, unknown>, ...keys: string[]): Record<string, unknown> | null {\n for (const key of keys) {\n const value = record[key]\n if (isRecord(value)) return value\n }\n\n return null\n}\n\nfunction readValue(record: Record<string, unknown>, ...keys: string[]): unknown {\n for (const key of keys) {\n if (Object.prototype.hasOwnProperty.call(record, key)) return record[key]\n }\n\n return undefined\n}\n\nfunction readStringArray(record: Record<string, unknown>, ...keys: string[]): string[] | null {\n for (const key of keys) {\n const value = record[key]\n if (Array.isArray(value)) {\n return value.filter((entry): entry is string => typeof entry === 'string')\n }\n }\n\n return null\n}\n\nfunction stringArraysEqual(left: string[] | null, right: string[]): boolean {\n if (!Array.isArray(left)) return false\n if (left.length !== right.length) return false\n\n return left.every((value, index) => value === right[index])\n}\n\nexport class ActionLogService {\n constructor(\n private readonly em: EntityManager,\n private readonly tenantEncryptionService?: TenantDataEncryptionService,\n ) {}\n\n private async decryptEntryPayload<T extends Record<string, unknown>>(entry: T): Promise<T> {\n if (!this.tenantEncryptionService?.isEnabled()) return entry\n\n try {\n const tenantId = readString(entry, 'tenantId', 'tenant_id')\n const organizationId = readString(entry, 'organizationId', 'organization_id')\n const dek = await this.tenantEncryptionService.getDek(tenantId)\n const deepDecrypt = (value: unknown): unknown => {\n if (!dek) return value\n if (typeof value === 'string' && value.split(':').length === 4 && value.endsWith(':v1')) {\n const decrypted = decryptWithAesGcm(value, dek.key)\n if (decrypted === null) return value\n try {\n return JSON.parse(decrypted)\n } catch {\n return decrypted\n }\n }\n if (Array.isArray(value)) return value.map((item) => deepDecrypt(item))\n if (value && typeof value === 'object') {\n const copy: Record<string, unknown> = {}\n for (const [key, item] of Object.entries(value as Record<string, unknown>)) {\n copy[key] = deepDecrypt(item)\n }\n return copy\n }\n return value\n }\n\n const decrypted = await this.tenantEncryptionService.decryptEntityPayload(\n 'audit_logs:action_log',\n entry,\n tenantId,\n organizationId,\n )\n\n const merged = {\n ...entry,\n ...decrypted,\n } as Record<string, unknown>\n\n merged.changesJson = deepDecrypt(merged.changesJson ?? merged.changes_json ?? entry.changesJson ?? entry.changes_json)\n merged.changes_json = merged.changesJson\n merged.snapshotBefore = deepDecrypt(merged.snapshotBefore ?? merged.snapshot_before ?? entry.snapshotBefore ?? entry.snapshot_before)\n merged.snapshot_before = merged.snapshotBefore\n merged.snapshotAfter = deepDecrypt(merged.snapshotAfter ?? merged.snapshot_after ?? entry.snapshotAfter ?? entry.snapshot_after)\n merged.snapshot_after = merged.snapshotAfter\n merged.commandPayload = deepDecrypt(merged.commandPayload ?? merged.command_payload ?? entry.commandPayload ?? entry.command_payload)\n merged.command_payload = merged.commandPayload\n merged.contextJson = deepDecrypt(merged.contextJson ?? merged.context_json ?? entry.contextJson ?? entry.context_json)\n merged.context_json = merged.contextJson\n\n return merged as T\n } catch (err) {\n if (!decryptionWarningLogged) {\n decryptionWarningLogged = true\n console.warn('[audit_logs] failed to decrypt action log entry', err)\n }\n return entry\n }\n }\n\n private async decryptEntries(entries: ActionLog | ActionLog[] | null | undefined): Promise<void> {\n if (!entries) return\n\n const list = Array.isArray(entries) ? entries : [entries]\n for (const entry of list) {\n Object.assign(entry as unknown as Record<string, unknown>, await this.decryptEntryPayload(entry as unknown as Record<string, unknown>))\n }\n }\n\n async log(input: ActionLogCreateInput): Promise<ActionLog | null> {\n const data = this.parseCreateInput(input)\n const fork = this.em.fork()\n const log = this.createLogEntity(fork, data)\n await fork.persistAndFlush(log)\n await this.decryptEntries(log)\n return log\n }\n\n private parseCreateInput(input: ActionLogCreateInput): ActionLogCreateInput {\n let data: ActionLogCreateInput\n const schema = actionLogCreateSchema as typeof actionLogCreateSchema & { _zod?: unknown }\n const canValidate = Boolean(schema && typeof schema.parse === 'function')\n const shouldValidate = canValidate && runtimeValidationAvailable !== false\n\n if (shouldValidate) {\n try {\n data = schema.parse(input)\n runtimeValidationAvailable = true\n } catch (err) {\n if (!isZodRuntimeMissing(err) && !validationWarningLogged) {\n validationWarningLogged = true\n console.warn('[audit_logs] falling back to permissive action log payload parser', err)\n }\n if (isZodRuntimeMissing(err)) runtimeValidationAvailable = false\n data = this.normalizeInput(input)\n }\n } else {\n data = this.normalizeInput(input)\n }\n\n return data\n }\n\n private createLogEntity(fork: EntityManager, data: ActionLogCreateInput): ActionLog {\n const projection = deriveActionLogProjection({\n actorUserId: data.actorUserId ?? null,\n actionLabel: data.actionLabel ?? null,\n changes: isRecord(data.changes) ? data.changes : null,\n commandId: data.commandId,\n context: isRecord(data.context) ? data.context : null,\n snapshotBefore: data.snapshotBefore,\n })\n\n return fork.create(ActionLog, {\n tenantId: data.tenantId ?? null,\n organizationId: data.organizationId ?? null,\n actorUserId: data.actorUserId ?? null,\n commandId: data.commandId,\n actionLabel: data.actionLabel ?? null,\n actionType: projection.actionType,\n resourceKind: data.resourceKind ?? null,\n resourceId: data.resourceId ?? null,\n parentResourceKind: data.parentResourceKind ?? null,\n parentResourceId: data.parentResourceId ?? null,\n executionState: data.executionState ?? 'done',\n undoToken: data.undoToken ?? null,\n commandPayload: data.commandPayload ?? null,\n snapshotBefore: data.snapshotBefore ?? null,\n snapshotAfter: data.snapshotAfter ?? null,\n changesJson: isRecord(data.changes) ? data.changes : null,\n changedFields: projection.changedFields,\n primaryChangedField: projection.primaryChangedField,\n contextJson: isRecord(data.context) ? data.context : null,\n sourceKey: projection.sourceKey,\n createdAt: new Date(),\n updatedAt: new Date(),\n })\n }\n\n private normalizeInput(input: Partial<ActionLogCreateInput> | null | undefined): ActionLogCreateInput {\n if (!input) {\n return {\n tenantId: null,\n organizationId: null,\n actorUserId: null,\n commandId: 'unknown',\n actionLabel: undefined,\n resourceKind: undefined,\n resourceId: undefined,\n executionState: 'done',\n undoToken: undefined,\n commandPayload: undefined,\n snapshotBefore: undefined,\n snapshotAfter: undefined,\n changes: undefined,\n context: undefined,\n }\n }\n\n const toNullableUuid = (value: unknown) => {\n if (typeof value !== 'string' || value.length === 0) return null\n if (value.startsWith('api_key:')) return value.slice('api_key:'.length)\n return value\n }\n\n const normalizeRecordLike = (value: unknown): ActionLogCreateInput['changes'] => {\n if (value === null) return null\n if (Array.isArray(value)) return value\n if (typeof value === 'object') return value as Record<string, unknown>\n return undefined\n }\n\n const normalizeContext = (value: unknown) => (\n typeof value === 'object' && value !== null && !Array.isArray(value)\n ? value as Record<string, unknown>\n : undefined\n )\n\n return {\n tenantId: toNullableUuid(input.tenantId),\n organizationId: toNullableUuid(input.organizationId),\n actorUserId: toNullableUuid(input.actorUserId),\n commandId: typeof input.commandId === 'string' && input.commandId.length > 0 ? input.commandId : 'unknown',\n actionLabel: toOptionalString(input.actionLabel) ?? undefined,\n resourceKind: toOptionalString(input.resourceKind) ?? undefined,\n resourceId: toOptionalString(input.resourceId) ?? undefined,\n parentResourceKind: toOptionalString(input.parentResourceKind) ?? null,\n parentResourceId: toOptionalString(input.parentResourceId) ?? null,\n executionState: input.executionState === 'undone' || input.executionState === 'failed' ? input.executionState : 'done',\n undoToken: toOptionalString(input.undoToken) ?? undefined,\n commandPayload: input.commandPayload,\n snapshotBefore: input.snapshotBefore,\n snapshotAfter: input.snapshotAfter,\n changes: normalizeRecordLike(input.changes),\n context: normalizeContext(input.context),\n }\n }\n\n private parseListQuery(query: Partial<ActionLogListQuery>) {\n return actionLogListSchema.parse({\n ...query,\n })\n }\n\n private resolveActorUserIds(parsed: ActionLogListQuery): string[] {\n const values = [...(parsed.actorUserIds ?? [])]\n if (parsed.actorUserId) values.push(parsed.actorUserId)\n\n return Array.from(new Set(values.map((value) => value.trim()).filter(Boolean)))\n }\n\n private resolveFieldNames(parsed: ActionLogListQuery): string[] {\n const values = [...(parsed.fieldNames ?? [])]\n if (parsed.fieldName) values.push(parsed.fieldName)\n\n return Array.from(new Set(values.map((value) => value.trim()).filter(Boolean)))\n }\n\n private resolveActionTypes(parsed: ActionLogListQuery): ActionLogFilterType[] {\n const values = [...(parsed.actionTypes ?? [])]\n if (parsed.actionType) values.push(parsed.actionType)\n\n return Array.from(new Set(values))\n .filter((value): value is ActionLogFilterType => ACTION_LOG_FILTER_TYPES.includes(value as ActionLogFilterType))\n }\n\n private resolvePagination(parsed: ActionLogListQuery): { page: number; pageSize: number; offset: number; limit: number } {\n const pageSize =\n typeof parsed.pageSize === 'number' && parsed.pageSize > 0\n ? parsed.pageSize\n : typeof parsed.limit === 'number' && parsed.limit > 0\n ? parsed.limit\n : 50\n const page = typeof parsed.page === 'number' && parsed.page > 0 ? parsed.page : 1\n const offset =\n typeof parsed.offset === 'number' && parsed.offset >= 0\n ? parsed.offset\n : (page - 1) * pageSize\n return { page, pageSize, offset, limit: pageSize }\n }\n\n private async loadEntries(parsed: ActionLogListQuery, options?: { paginate?: boolean }) {\n const query = this.buildListQuery(parsed).select<{ id: string }[]>('action_logs.id as id')\n\n if (options?.paginate !== false) {\n const { limit, offset } = this.resolvePagination(parsed)\n query.limit(limit).offset(offset)\n }\n\n const rows = await query\n const ids = rows.map((row) => row.id).filter(Boolean)\n if (ids.length === 0) return []\n\n const results = await this.em.find(ActionLog, {\n id: { $in: ids } as any,\n deletedAt: null,\n })\n await this.decryptEntries(results)\n\n const byId = new Map(results.map((entry) => [entry.id, entry]))\n return ids\n .map((id) => byId.get(id))\n .filter((entry): entry is ActionLog => Boolean(entry))\n }\n\n private buildListQuery(parsed: ActionLogListQuery) {\n const query = this.em.getKnex()('action_logs').whereNull('action_logs.deleted_at')\n\n if (parsed.tenantId) query.andWhere('action_logs.tenant_id', parsed.tenantId)\n if (parsed.organizationId) query.andWhere('action_logs.organization_id', parsed.organizationId)\n\n const actorUserIds = this.resolveActorUserIds(parsed)\n if (actorUserIds.length === 1) query.andWhere('action_logs.actor_user_id', actorUserIds[0])\n if (actorUserIds.length > 1) query.whereIn('action_logs.actor_user_id', actorUserIds)\n\n if (parsed.includeRelated && parsed.resourceKind && parsed.resourceId) {\n query.andWhere(function applyRelatedScope() {\n this.where({\n 'action_logs.resource_kind': parsed.resourceKind,\n 'action_logs.resource_id': parsed.resourceId,\n }).orWhere({\n 'action_logs.parent_resource_kind': parsed.resourceKind,\n 'action_logs.parent_resource_id': parsed.resourceId,\n })\n })\n } else {\n if (parsed.resourceKind) query.andWhere('action_logs.resource_kind', parsed.resourceKind)\n if (parsed.resourceId) query.andWhere('action_logs.resource_id', parsed.resourceId)\n }\n\n if (parsed.undoableOnly) query.whereNotNull('action_logs.undo_token')\n if (parsed.before) query.andWhere('action_logs.created_at', '<', parsed.before)\n if (parsed.after) query.andWhere('action_logs.created_at', '>', parsed.after)\n\n const fieldNames = this.resolveFieldNames(parsed)\n if (fieldNames.length > 0) {\n const placeholders = fieldNames.map(() => '?').join(', ')\n query.andWhereRaw(\n `coalesce(action_logs.changed_fields, ARRAY[]::text[]) && ARRAY[${placeholders}]::text[]`,\n fieldNames,\n )\n }\n\n const actionTypes = this.resolveActionTypes(parsed)\n if (actionTypes.length === 1) query.andWhere('action_logs.action_type', actionTypes[0])\n if (actionTypes.length > 1) query.whereIn('action_logs.action_type', actionTypes)\n\n if (parsed.sortField === 'user') {\n query.leftJoin('users as audit_actor', 'audit_actor.id', 'action_logs.actor_user_id')\n }\n\n const sortDir = parsed.sortDir === 'asc' ? 'asc' : 'desc'\n switch (parsed.sortField) {\n case 'user':\n query.orderByRaw(`coalesce(nullif(audit_actor.name, ''), audit_actor.email, '') ${sortDir}`)\n break\n case 'action':\n query.orderByRaw(`coalesce(action_logs.action_type, '') ${sortDir}`)\n break\n case 'field':\n query.orderByRaw(`coalesce(action_logs.primary_changed_field, '') ${sortDir}`)\n break\n case 'source':\n query.orderByRaw(`coalesce(action_logs.source_key, '') ${sortDir}`)\n break\n case 'createdAt':\n default:\n query.orderBy(SORT_FIELDS.createdAt, sortDir)\n query.orderBy('action_logs.id', sortDir)\n return query\n }\n\n query.orderBy('action_logs.created_at', 'desc')\n query.orderBy('action_logs.id', 'desc')\n return query\n }\n\n async count(query: Partial<ActionLogListQuery>) {\n const parsed = this.parseListQuery(query)\n const row = await this.buildListQuery(parsed)\n .clearOrder()\n .count<{ count: string | number }>({ count: '*' })\n .first()\n\n if (!row) return 0\n const rawCount = row.count ?? 0\n return typeof rawCount === 'number' ? rawCount : Number.parseInt(rawCount, 10) || 0\n }\n\n async list(query: Partial<ActionLogListQuery>) {\n const parsed = this.parseListQuery(query)\n const { page, pageSize } = this.resolvePagination(parsed)\n const [items, total] = await Promise.all([\n this.loadEntries(parsed),\n this.count(parsed),\n ])\n const totalPages = Math.max(1, Math.ceil((total || 0) / (pageSize || 1)))\n return { items, total, page, pageSize, totalPages }\n }\n\n async latestUndoableForActor(actorUserId: string, scope: { tenantId?: string | null; organizationId?: string | null }) {\n const where: FilterQuery<ActionLog> = {\n actorUserId,\n undoToken: { $ne: null } as any,\n executionState: 'done',\n deletedAt: null,\n }\n if (scope.tenantId) where.tenantId = scope.tenantId\n if (scope.organizationId) where.organizationId = scope.organizationId\n\n const entry = await this.em.findOne(ActionLog, where, { orderBy: { createdAt: 'desc' } })\n await this.decryptEntries(entry)\n return entry\n }\n\n async markUndone(id: string, traceInput?: ActionLogCreateInput) {\n const fork = this.em.fork()\n const log = await fork.findOne(ActionLog, { id, deletedAt: null })\n if (!log) return null\n\n log.executionState = 'undone'\n log.undoToken = null\n\n const traceLog = traceInput ? this.createLogEntity(fork, this.parseCreateInput(traceInput)) : null\n if (traceLog) {\n fork.persist(traceLog)\n }\n\n await fork.flush()\n await this.decryptEntries(log)\n if (traceLog) await this.decryptEntries(traceLog)\n\n return log\n }\n\n async findByUndoToken(undoToken: string) {\n const entry = await this.em.findOne(ActionLog, { undoToken, deletedAt: null })\n await this.decryptEntries(entry)\n return entry\n }\n\n async findById(id: string) {\n const entry = await this.em.findOne(ActionLog, { id, deletedAt: null })\n await this.decryptEntries(entry)\n return entry\n }\n\n async latestUndoableForResource(params: {\n actorUserId: string\n tenantId?: string | null\n organizationId?: string | null\n resourceKind?: string | null\n resourceId?: string | null\n }) {\n const where: FilterQuery<ActionLog> = {\n actorUserId: params.actorUserId,\n undoToken: { $ne: null } as any,\n executionState: 'done',\n deletedAt: null,\n }\n if (params.tenantId) where.tenantId = params.tenantId\n if (params.organizationId) where.organizationId = params.organizationId\n if (params.resourceKind) where.resourceKind = params.resourceKind\n if (params.resourceId) where.resourceId = params.resourceId\n\n const entry = await this.em.findOne(ActionLog, where, { orderBy: { createdAt: 'desc' } })\n await this.decryptEntries(entry)\n return entry\n }\n\n async latestUndoneForActor(actorUserId: string, scope: { tenantId?: string | null; organizationId?: string | null }) {\n const where: FilterQuery<ActionLog> = {\n actorUserId,\n executionState: 'undone',\n deletedAt: null,\n }\n if (scope.tenantId) where.tenantId = scope.tenantId\n if (scope.organizationId) where.organizationId = scope.organizationId\n\n const entry = await this.em.findOne(ActionLog, where, { orderBy: { updatedAt: 'desc' } })\n await this.decryptEntries(entry)\n return entry\n }\n\n async markRedone(id: string) {\n const log = await this.em.findOne(ActionLog, { id, deletedAt: null })\n if (!log) return null\n\n log.executionState = 'redone'\n log.undoToken = null\n await this.em.flush()\n return log\n }\n\n async backfillProjections(options: ActionLogProjectionBackfillOptions = {}): Promise<ActionLogProjectionBackfillResult> {\n const batchSize = Math.min(Math.max(Math.trunc(options.batchSize ?? 250), 1), 1000)\n const logger = options.logger ?? (() => {})\n const result: ActionLogProjectionBackfillResult = {\n errors: 0,\n scanned: 0,\n skipped: 0,\n updated: 0,\n }\n\n let cursorCreatedAt: Date | null = null\n let cursorId: string | null = null\n\n while (true) {\n const rowsQuery = this.em.getKnex()<BackfillRow>('action_logs')\n .select(\n 'id',\n 'tenant_id',\n 'organization_id',\n 'actor_user_id',\n 'command_id',\n 'action_label',\n 'snapshot_before',\n 'changes_json',\n 'context_json',\n 'action_type',\n 'source_key',\n 'changed_fields',\n 'primary_changed_field',\n 'created_at',\n )\n .whereNull('deleted_at')\n\n if (options.tenantId) rowsQuery.andWhere('tenant_id', options.tenantId)\n if (options.organizationId) rowsQuery.andWhere('organization_id', options.organizationId)\n\n if (!options.force) {\n rowsQuery.andWhere((builder) => {\n builder\n .whereNull('action_type')\n .orWhereNull('source_key')\n .orWhereNull('changed_fields')\n })\n }\n\n if (cursorCreatedAt && cursorId) {\n rowsQuery.andWhere((builder) => {\n builder\n .where('created_at', '>', cursorCreatedAt)\n .orWhere((nested) => {\n nested.where('created_at', cursorCreatedAt).andWhere('id', '>', cursorId)\n })\n })\n }\n\n const rows = await rowsQuery\n .orderBy('created_at', 'asc')\n .orderBy('id', 'asc')\n .limit(batchSize)\n\n if (rows.length === 0) break\n\n for (const row of rows) {\n result.scanned += 1\n\n try {\n const decrypted = await this.decryptEntryPayload(row as unknown as Record<string, unknown>)\n const projection = deriveActionLogProjection({\n actorUserId: readString(decrypted, 'actorUserId', 'actor_user_id'),\n actionLabel: readString(decrypted, 'actionLabel', 'action_label'),\n changes: readRecord(decrypted, 'changesJson', 'changes_json'),\n commandId: readString(decrypted, 'commandId', 'command_id') ?? 'unknown',\n context: readRecord(decrypted, 'contextJson', 'context_json'),\n snapshotBefore: readValue(decrypted, 'snapshotBefore', 'snapshot_before'),\n })\n\n const needsUpdate = options.force === true\n || row.action_type !== projection.actionType\n || row.source_key !== projection.sourceKey\n || row.primary_changed_field !== projection.primaryChangedField\n || !stringArraysEqual(row.changed_fields, projection.changedFields)\n\n if (!needsUpdate) {\n result.skipped += 1\n continue\n }\n\n await this.em.getKnex()('action_logs')\n .where({ id: row.id })\n .update({\n action_type: projection.actionType,\n changed_fields: projection.changedFields,\n primary_changed_field: projection.primaryChangedField,\n source_key: projection.sourceKey,\n })\n\n result.updated += 1\n } catch (err) {\n result.errors += 1\n logger(`[backfill] Failed for action log ${row.id}: ${err instanceof Error ? err.message : String(err)}`)\n }\n }\n\n const lastRow = rows[rows.length - 1]\n cursorCreatedAt = lastRow.created_at\n cursorId = lastRow.id\n\n logger(\n `[backfill] Processed ${result.scanned} action logs (updated: ${result.updated}, skipped: ${result.skipped}, errors: ${result.errors})`,\n )\n\n if (rows.length < batchSize) break\n }\n\n return result\n }\n}\n"],
5
- "mappings": "AAEA,SAAS,iBAAiB;AAC1B;AAAA,EACE;AAAA,EACA;AAAA,OAGK;AACP,SAAS,gBAAgB;AACzB;AAAA,EACE;AAAA,EAEA;AAAA,OACK;AACP,SAAS,yBAAyB;AAElC,SAAS,wBAAwB;AAEjC,IAAI,0BAA0B;AAC9B,IAAI,6BAA6C;AACjD,IAAI,0BAA0B;AAE9B,MAAM,sBAAsB,CAAC,QAAiB,eAAe,aAAa,OAAO,IAAI,YAAY,YAAY,IAAI,QAAQ,SAAS,MAAM;AAExI,MAAM,cAAc;AAAA,EAClB,WAAW;AACb;AAkCA,SAAS,WAAW,WAAoC,MAA+B;AACrF,aAAW,OAAO,MAAM;AACtB,UAAM,QAAQ,OAAO,GAAG;AACxB,QAAI,OAAO,UAAU,YAAY,MAAM,SAAS,EAAG,QAAO;AAAA,EAC5D;AAEA,SAAO;AACT;AAEA,SAAS,WAAW,WAAoC,MAAgD;AACtG,aAAW,OAAO,MAAM;AACtB,UAAM,QAAQ,OAAO,GAAG;AACxB,QAAI,SAAS,KAAK,EAAG,QAAO;AAAA,EAC9B;AAEA,SAAO;AACT;AAEA,SAAS,UAAU,WAAoC,MAAyB;AAC9E,aAAW,OAAO,MAAM;AACtB,QAAI,OAAO,UAAU,eAAe,KAAK,QAAQ,GAAG,EAAG,QAAO,OAAO,GAAG;AAAA,EAC1E;AAEA,SAAO;AACT;AAEA,SAAS,gBAAgB,WAAoC,MAAiC;AAC5F,aAAW,OAAO,MAAM;AACtB,UAAM,QAAQ,OAAO,GAAG;AACxB,QAAI,MAAM,QAAQ,KAAK,GAAG;AACxB,aAAO,MAAM,OAAO,CAAC,UAA2B,OAAO,UAAU,QAAQ;AAAA,IAC3E;AAAA,EACF;AAEA,SAAO;AACT;AAEA,SAAS,kBAAkB,MAAuB,OAA0B;AAC1E,MAAI,CAAC,MAAM,QAAQ,IAAI,EAAG,QAAO;AACjC,MAAI,KAAK,WAAW,MAAM,OAAQ,QAAO;AAEzC,SAAO,KAAK,MAAM,CAAC,OAAO,UAAU,UAAU,MAAM,KAAK,CAAC;AAC5D;AAEO,MAAM,iBAAiB;AAAA,EAC5B,YACmB,IACA,yBACjB;AAFiB;AACA;AAAA,EAChB;AAAA,EAEH,MAAc,oBAAuD,OAAsB;AACzF,QAAI,CAAC,KAAK,yBAAyB,UAAU,EAAG,QAAO;AAEvD,QAAI;AACF,YAAM,WAAW,WAAW,OAAO,YAAY,WAAW;AAC1D,YAAM,iBAAiB,WAAW,OAAO,kBAAkB,iBAAiB;AAC5E,YAAM,MAAM,MAAM,KAAK,wBAAwB,OAAO,QAAQ;AAC9D,YAAM,cAAc,CAAC,UAA4B;AAC/C,YAAI,CAAC,IAAK,QAAO;AACjB,YAAI,OAAO,UAAU,YAAY,MAAM,MAAM,GAAG,EAAE,WAAW,KAAK,MAAM,SAAS,KAAK,GAAG;AACvF,gBAAMA,aAAY,kBAAkB,OAAO,IAAI,GAAG;AAClD,cAAIA,eAAc,KAAM,QAAO;AAC/B,cAAI;AACF,mBAAO,KAAK,MAAMA,UAAS;AAAA,UAC7B,QAAQ;AACN,mBAAOA;AAAA,UACT;AAAA,QACF;AACA,YAAI,MAAM,QAAQ,KAAK,EAAG,QAAO,MAAM,IAAI,CAAC,SAAS,YAAY,IAAI,CAAC;AACtE,YAAI,SAAS,OAAO,UAAU,UAAU;AACtC,gBAAM,OAAgC,CAAC;AACvC,qBAAW,CAAC,KAAK,IAAI,KAAK,OAAO,QAAQ,KAAgC,GAAG;AAC1E,iBAAK,GAAG,IAAI,YAAY,IAAI;AAAA,UAC9B;AACA,iBAAO;AAAA,QACT;AACA,eAAO;AAAA,MACT;AAEA,YAAM,YAAY,MAAM,KAAK,wBAAwB;AAAA,QACnD;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,MACF;AAEA,YAAM,SAAS;AAAA,QACb,GAAG;AAAA,QACH,GAAG;AAAA,MACL;AAEA,aAAO,cAAc,YAAY,OAAO,eAAe,OAAO,gBAAgB,MAAM,eAAe,MAAM,YAAY;AACrH,aAAO,eAAe,OAAO;AAC7B,aAAO,iBAAiB,YAAY,OAAO,kBAAkB,OAAO,mBAAmB,MAAM,kBAAkB,MAAM,eAAe;AACpI,aAAO,kBAAkB,OAAO;AAChC,aAAO,gBAAgB,YAAY,OAAO,iBAAiB,OAAO,kBAAkB,MAAM,iBAAiB,MAAM,cAAc;AAC/H,aAAO,iBAAiB,OAAO;AAC/B,aAAO,iBAAiB,YAAY,OAAO,kBAAkB,OAAO,mBAAmB,MAAM,kBAAkB,MAAM,eAAe;AACpI,aAAO,kBAAkB,OAAO;AAChC,aAAO,cAAc,YAAY,OAAO,eAAe,OAAO,gBAAgB,MAAM,eAAe,MAAM,YAAY;AACrH,aAAO,eAAe,OAAO;AAE7B,aAAO;AAAA,IACT,SAAS,KAAK;AACZ,UAAI,CAAC,yBAAyB;AAC5B,kCAA0B;AAC1B,gBAAQ,KAAK,mDAAmD,GAAG;AAAA,MACrE;AACA,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEA,MAAc,eAAe,SAAoE;AAC/F,QAAI,CAAC,QAAS;AAEd,UAAM,OAAO,MAAM,QAAQ,OAAO,IAAI,UAAU,CAAC,OAAO;AACxD,eAAW,SAAS,MAAM;AACxB,aAAO,OAAO,OAA6C,MAAM,KAAK,oBAAoB,KAA2C,CAAC;AAAA,IACxI;AAAA,EACF;AAAA,EAEA,MAAM,IAAI,OAAwD;AAChE,UAAM,OAAO,KAAK,iBAAiB,KAAK;AACxC,UAAM,OAAO,KAAK,GAAG,KAAK;AAC1B,UAAM,MAAM,KAAK,gBAAgB,MAAM,IAAI;AAC3C,UAAM,KAAK,gBAAgB,GAAG;AAC9B,UAAM,KAAK,eAAe,GAAG;AAC7B,WAAO;AAAA,EACT;AAAA,EAEQ,iBAAiB,OAAmD;AAC1E,QAAI;AACJ,UAAM,SAAS;AACf,UAAM,cAAc,QAAQ,UAAU,OAAO,OAAO,UAAU,UAAU;AACxE,UAAM,iBAAiB,eAAe,+BAA+B;AAErE,QAAI,gBAAgB;AAClB,UAAI;AACF,eAAO,OAAO,MAAM,KAAK;AACzB,qCAA6B;AAAA,MAC/B,SAAS,KAAK;AACZ,YAAI,CAAC,oBAAoB,GAAG,KAAK,CAAC,yBAAyB;AACzD,oCAA0B;AAC1B,kBAAQ,KAAK,qEAAqE,GAAG;AAAA,QACvF;AACA,YAAI,oBAAoB,GAAG,EAAG,8BAA6B;AAC3D,eAAO,KAAK,eAAe,KAAK;AAAA,MAClC;AAAA,IACF,OAAO;AACL,aAAO,KAAK,eAAe,KAAK;AAAA,IAClC;AAEA,WAAO;AAAA,EACT;AAAA,EAEQ,gBAAgB,MAAqB,MAAuC;AAClF,UAAM,aAAa,0BAA0B;AAAA,MAC3C,aAAa,KAAK,eAAe;AAAA,MACjC,aAAa,KAAK,eAAe;AAAA,MACjC,SAAS,SAAS,KAAK,OAAO,IAAI,KAAK,UAAU;AAAA,MACjD,WAAW,KAAK;AAAA,MAChB,SAAS,SAAS,KAAK,OAAO,IAAI,KAAK,UAAU;AAAA,MACjD,gBAAgB,KAAK;AAAA,IACvB,CAAC;AAED,WAAO,KAAK,OAAO,WAAW;AAAA,MAC5B,UAAU,KAAK,YAAY;AAAA,MAC3B,gBAAgB,KAAK,kBAAkB;AAAA,MACvC,aAAa,KAAK,eAAe;AAAA,MACjC,WAAW,KAAK;AAAA,MAChB,aAAa,KAAK,eAAe;AAAA,MACjC,YAAY,WAAW;AAAA,MACvB,cAAc,KAAK,gBAAgB;AAAA,MACnC,YAAY,KAAK,cAAc;AAAA,MAC/B,oBAAoB,KAAK,sBAAsB;AAAA,MAC/C,kBAAkB,KAAK,oBAAoB;AAAA,MAC3C,gBAAgB,KAAK,kBAAkB;AAAA,MACvC,WAAW,KAAK,aAAa;AAAA,MAC7B,gBAAgB,KAAK,kBAAkB;AAAA,MACvC,gBAAgB,KAAK,kBAAkB;AAAA,MACvC,eAAe,KAAK,iBAAiB;AAAA,MACrC,aAAa,SAAS,KAAK,OAAO,IAAI,KAAK,UAAU;AAAA,MACrD,eAAe,WAAW;AAAA,MAC1B,qBAAqB,WAAW;AAAA,MAChC,aAAa,SAAS,KAAK,OAAO,IAAI,KAAK,UAAU;AAAA,MACrD,WAAW,WAAW;AAAA,MACtB,WAAW,oBAAI,KAAK;AAAA,MACpB,WAAW,oBAAI,KAAK;AAAA,IACtB,CAAC;AAAA,EACH;AAAA,EAEQ,eAAe,OAA+E;AACpG,QAAI,CAAC,OAAO;AACV,aAAO;AAAA,QACL,UAAU;AAAA,QACV,gBAAgB;AAAA,QAChB,aAAa;AAAA,QACb,WAAW;AAAA,QACX,aAAa;AAAA,QACb,cAAc;AAAA,QACd,YAAY;AAAA,QACZ,gBAAgB;AAAA,QAChB,WAAW;AAAA,QACX,gBAAgB;AAAA,QAChB,gBAAgB;AAAA,QAChB,eAAe;AAAA,QACf,SAAS;AAAA,QACT,SAAS;AAAA,MACX;AAAA,IACF;AAEA,UAAM,iBAAiB,CAAC,UAAmB;AACzC,UAAI,OAAO,UAAU,YAAY,MAAM,WAAW,EAAG,QAAO;AAC5D,UAAI,MAAM,WAAW,UAAU,EAAG,QAAO,MAAM,MAAM,WAAW,MAAM;AACtE,aAAO;AAAA,IACT;AAEA,UAAM,sBAAsB,CAAC,UAAoD;AAC/E,UAAI,UAAU,KAAM,QAAO;AAC3B,UAAI,MAAM,QAAQ,KAAK,EAAG,QAAO;AACjC,UAAI,OAAO,UAAU,SAAU,QAAO;AACtC,aAAO;AAAA,IACT;AAEA,UAAM,mBAAmB,CAAC,UACxB,OAAO,UAAU,YAAY,UAAU,QAAQ,CAAC,MAAM,QAAQ,KAAK,IAC/D,QACA;AAGN,WAAO;AAAA,MACL,UAAU,eAAe,MAAM,QAAQ;AAAA,MACvC,gBAAgB,eAAe,MAAM,cAAc;AAAA,MACnD,aAAa,eAAe,MAAM,WAAW;AAAA,MAC7C,WAAW,OAAO,MAAM,cAAc,YAAY,MAAM,UAAU,SAAS,IAAI,MAAM,YAAY;AAAA,MACjG,aAAa,iBAAiB,MAAM,WAAW,KAAK;AAAA,MACpD,cAAc,iBAAiB,MAAM,YAAY,KAAK;AAAA,MACtD,YAAY,iBAAiB,MAAM,UAAU,KAAK;AAAA,MAClD,oBAAoB,iBAAiB,MAAM,kBAAkB,KAAK;AAAA,MAClE,kBAAkB,iBAAiB,MAAM,gBAAgB,KAAK;AAAA,MAC9D,gBAAgB,MAAM,mBAAmB,YAAY,MAAM,mBAAmB,WAAW,MAAM,iBAAiB;AAAA,MAChH,WAAW,iBAAiB,MAAM,SAAS,KAAK;AAAA,MAChD,gBAAgB,MAAM;AAAA,MACtB,gBAAgB,MAAM;AAAA,MACtB,eAAe,MAAM;AAAA,MACrB,SAAS,oBAAoB,MAAM,OAAO;AAAA,MAC1C,SAAS,iBAAiB,MAAM,OAAO;AAAA,IACzC;AAAA,EACF;AAAA,EAEQ,eAAe,OAAoC;AACzD,WAAO,oBAAoB,MAAM;AAAA,MAC/B,GAAG;AAAA,IACL,CAAC;AAAA,EACH;AAAA,EAEQ,oBAAoB,QAAsC;AAChE,UAAM,SAAS,CAAC,GAAI,OAAO,gBAAgB,CAAC,CAAE;AAC9C,QAAI,OAAO,YAAa,QAAO,KAAK,OAAO,WAAW;AAEtD,WAAO,MAAM,KAAK,IAAI,IAAI,OAAO,IAAI,CAAC,UAAU,MAAM,KAAK,CAAC,EAAE,OAAO,OAAO,CAAC,CAAC;AAAA,EAChF;AAAA,EAEQ,kBAAkB,QAAsC;AAC9D,UAAM,SAAS,CAAC,GAAI,OAAO,cAAc,CAAC,CAAE;AAC5C,QAAI,OAAO,UAAW,QAAO,KAAK,OAAO,SAAS;AAElD,WAAO,MAAM,KAAK,IAAI,IAAI,OAAO,IAAI,CAAC,UAAU,MAAM,KAAK,CAAC,EAAE,OAAO,OAAO,CAAC,CAAC;AAAA,EAChF;AAAA,EAEQ,mBAAmB,QAAmD;AAC5E,UAAM,SAAS,CAAC,GAAI,OAAO,eAAe,CAAC,CAAE;AAC7C,QAAI,OAAO,WAAY,QAAO,KAAK,OAAO,UAAU;AAEpD,WAAO,MAAM,KAAK,IAAI,IAAI,MAAM,CAAC,EAC9B,OAAO,CAAC,UAAwC,wBAAwB,SAAS,KAA4B,CAAC;AAAA,EACnH;AAAA,EAEQ,kBAAkB,QAA+F;AACvH,UAAM,WACJ,OAAO,OAAO,aAAa,YAAY,OAAO,WAAW,IACrD,OAAO,WACP,OAAO,OAAO,UAAU,YAAY,OAAO,QAAQ,IACjD,OAAO,QACP;AACR,UAAM,OAAO,OAAO,OAAO,SAAS,YAAY,OAAO,OAAO,IAAI,OAAO,OAAO;AAChF,UAAM,SACJ,OAAO,OAAO,WAAW,YAAY,OAAO,UAAU,IAClD,OAAO,UACN,OAAO,KAAK;AACnB,WAAO,EAAE,MAAM,UAAU,QAAQ,OAAO,SAAS;AAAA,EACnD;AAAA,EAEA,MAAc,YAAY,QAA4B,SAAkC;AACtF,UAAM,QAAQ,KAAK,eAAe,MAAM,EAAE,OAAyB,sBAAsB;AAEzF,QAAI,SAAS,aAAa,OAAO;AAC/B,YAAM,EAAE,OAAO,OAAO,IAAI,KAAK,kBAAkB,MAAM;AACvD,YAAM,MAAM,KAAK,EAAE,OAAO,MAAM;AAAA,IAClC;AAEA,UAAM,OAAO,MAAM;AACnB,UAAM,MAAM,KAAK,IAAI,CAAC,QAAQ,IAAI,EAAE,EAAE,OAAO,OAAO;AACpD,QAAI,IAAI,WAAW,EAAG,QAAO,CAAC;AAE9B,UAAM,UAAU,MAAM,KAAK,GAAG,KAAK,WAAW;AAAA,MAC5C,IAAI,EAAE,KAAK,IAAI;AAAA,MACf,WAAW;AAAA,IACb,CAAC;AACD,UAAM,KAAK,eAAe,OAAO;AAEjC,UAAM,OAAO,IAAI,IAAI,QAAQ,IAAI,CAAC,UAAU,CAAC,MAAM,IAAI,KAAK,CAAC,CAAC;AAC9D,WAAO,IACJ,IAAI,CAAC,OAAO,KAAK,IAAI,EAAE,CAAC,EACxB,OAAO,CAAC,UAA8B,QAAQ,KAAK,CAAC;AAAA,EACzD;AAAA,EAEQ,eAAe,QAA4B;AACjD,UAAM,QAAQ,KAAK,GAAG,QAAQ,EAAE,aAAa,EAAE,UAAU,wBAAwB;AAEjF,QAAI,OAAO,SAAU,OAAM,SAAS,yBAAyB,OAAO,QAAQ;AAC5E,QAAI,OAAO,eAAgB,OAAM,SAAS,+BAA+B,OAAO,cAAc;AAE9F,UAAM,eAAe,KAAK,oBAAoB,MAAM;AACpD,QAAI,aAAa,WAAW,EAAG,OAAM,SAAS,6BAA6B,aAAa,CAAC,CAAC;AAC1F,QAAI,aAAa,SAAS,EAAG,OAAM,QAAQ,6BAA6B,YAAY;AAEpF,QAAI,OAAO,kBAAkB,OAAO,gBAAgB,OAAO,YAAY;AACrE,YAAM,SAAS,SAAS,oBAAoB;AAC1C,aAAK,MAAM;AAAA,UACT,6BAA6B,OAAO;AAAA,UACpC,2BAA2B,OAAO;AAAA,QACpC,CAAC,EAAE,QAAQ;AAAA,UACT,oCAAoC,OAAO;AAAA,UAC3C,kCAAkC,OAAO;AAAA,QAC3C,CAAC;AAAA,MACH,CAAC;AAAA,IACH,OAAO;AACL,UAAI,OAAO,aAAc,OAAM,SAAS,6BAA6B,OAAO,YAAY;AACxF,UAAI,OAAO,WAAY,OAAM,SAAS,2BAA2B,OAAO,UAAU;AAAA,IACpF;AAEA,QAAI,OAAO,aAAc,OAAM,aAAa,wBAAwB;AACpE,QAAI,OAAO,OAAQ,OAAM,SAAS,0BAA0B,KAAK,OAAO,MAAM;AAC9E,QAAI,OAAO,MAAO,OAAM,SAAS,0BAA0B,KAAK,OAAO,KAAK;AAE5E,UAAM,aAAa,KAAK,kBAAkB,MAAM;AAChD,QAAI,WAAW,SAAS,GAAG;AACzB,YAAM,eAAe,WAAW,IAAI,MAAM,GAAG,EAAE,KAAK,IAAI;AACxD,YAAM;AAAA,QACJ,kEAAkE,YAAY;AAAA,QAC9E;AAAA,MACF;AAAA,IACF;AAEA,UAAM,cAAc,KAAK,mBAAmB,MAAM;AAClD,QAAI,YAAY,WAAW,EAAG,OAAM,SAAS,2BAA2B,YAAY,CAAC,CAAC;AACtF,QAAI,YAAY,SAAS,EAAG,OAAM,QAAQ,2BAA2B,WAAW;AAEhF,QAAI,OAAO,cAAc,QAAQ;AAC/B,YAAM,SAAS,wBAAwB,kBAAkB,2BAA2B;AAAA,IACtF;AAEA,UAAM,UAAU,OAAO,YAAY,QAAQ,QAAQ;AACnD,YAAQ,OAAO,WAAW;AAAA,MACxB,KAAK;AACH,cAAM,WAAW,iEAAiE,OAAO,EAAE;AAC3F;AAAA,MACF,KAAK;AACH,cAAM,WAAW,yCAAyC,OAAO,EAAE;AACnE;AAAA,MACF,KAAK;AACH,cAAM,WAAW,mDAAmD,OAAO,EAAE;AAC7E;AAAA,MACF,KAAK;AACH,cAAM,WAAW,wCAAwC,OAAO,EAAE;AAClE;AAAA,MACF,KAAK;AAAA,MACL;AACE,cAAM,QAAQ,YAAY,WAAW,OAAO;AAC5C,cAAM,QAAQ,kBAAkB,OAAO;AACvC,eAAO;AAAA,IACX;AAEA,UAAM,QAAQ,0BAA0B,MAAM;AAC9C,UAAM,QAAQ,kBAAkB,MAAM;AACtC,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,MAAM,OAAoC;AAC9C,UAAM,SAAS,KAAK,eAAe,KAAK;AACxC,UAAM,MAAM,MAAM,KAAK,eAAe,MAAM,EACzC,WAAW,EACX,MAAkC,EAAE,OAAO,IAAI,CAAC,EAChD,MAAM;AAET,QAAI,CAAC,IAAK,QAAO;AACjB,UAAM,WAAW,IAAI,SAAS;AAC9B,WAAO,OAAO,aAAa,WAAW,WAAW,OAAO,SAAS,UAAU,EAAE,KAAK;AAAA,EACpF;AAAA,EAEA,MAAM,KAAK,OAAoC;AAC7C,UAAM,SAAS,KAAK,eAAe,KAAK;AACxC,UAAM,EAAE,MAAM,SAAS,IAAI,KAAK,kBAAkB,MAAM;AACxD,UAAM,CAAC,OAAO,KAAK,IAAI,MAAM,QAAQ,IAAI;AAAA,MACvC,KAAK,YAAY,MAAM;AAAA,MACvB,KAAK,MAAM,MAAM;AAAA,IACnB,CAAC;AACD,UAAM,aAAa,KAAK,IAAI,GAAG,KAAK,MAAM,SAAS,MAAM,YAAY,EAAE,CAAC;AACxE,WAAO,EAAE,OAAO,OAAO,MAAM,UAAU,WAAW;AAAA,EACpD;AAAA,EAEA,MAAM,uBAAuB,aAAqB,OAAqE;AACrH,UAAM,QAAgC;AAAA,MACpC;AAAA,MACA,WAAW,EAAE,KAAK,KAAK;AAAA,MACvB,gBAAgB;AAAA,MAChB,WAAW;AAAA,IACb;AACA,QAAI,MAAM,SAAU,OAAM,WAAW,MAAM;AAC3C,QAAI,MAAM,eAAgB,OAAM,iBAAiB,MAAM;AAEvD,UAAM,QAAQ,MAAM,KAAK,GAAG,QAAQ,WAAW,OAAO,EAAE,SAAS,EAAE,WAAW,OAAO,EAAE,CAAC;AACxF,UAAM,KAAK,eAAe,KAAK;AAC/B,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,WAAW,IAAY,YAAmC;AAC9D,UAAM,OAAO,KAAK,GAAG,KAAK;AAC1B,UAAM,MAAM,MAAM,KAAK,QAAQ,WAAW,EAAE,IAAI,WAAW,KAAK,CAAC;AACjE,QAAI,CAAC,IAAK,QAAO;AAEjB,QAAI,iBAAiB;AACrB,QAAI,YAAY;AAEhB,UAAM,WAAW,aAAa,KAAK,gBAAgB,MAAM,KAAK,iBAAiB,UAAU,CAAC,IAAI;AAC9F,QAAI,UAAU;AACZ,WAAK,QAAQ,QAAQ;AAAA,IACvB;AAEA,UAAM,KAAK,MAAM;AACjB,UAAM,KAAK,eAAe,GAAG;AAC7B,QAAI,SAAU,OAAM,KAAK,eAAe,QAAQ;AAEhD,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,gBAAgB,WAAmB;AACvC,UAAM,QAAQ,MAAM,KAAK,GAAG,QAAQ,WAAW,EAAE,WAAW,WAAW,KAAK,CAAC;AAC7E,UAAM,KAAK,eAAe,KAAK;AAC/B,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,SAAS,IAAY;AACzB,UAAM,QAAQ,MAAM,KAAK,GAAG,QAAQ,WAAW,EAAE,IAAI,WAAW,KAAK,CAAC;AACtE,UAAM,KAAK,eAAe,KAAK;AAC/B,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,0BAA0B,QAM7B;AACD,UAAM,QAAgC;AAAA,MACpC,aAAa,OAAO;AAAA,MACpB,WAAW,EAAE,KAAK,KAAK;AAAA,MACvB,gBAAgB;AAAA,MAChB,WAAW;AAAA,IACb;AACA,QAAI,OAAO,SAAU,OAAM,WAAW,OAAO;AAC7C,QAAI,OAAO,eAAgB,OAAM,iBAAiB,OAAO;AACzD,QAAI,OAAO,aAAc,OAAM,eAAe,OAAO;AACrD,QAAI,OAAO,WAAY,OAAM,aAAa,OAAO;AAEjD,UAAM,QAAQ,MAAM,KAAK,GAAG,QAAQ,WAAW,OAAO,EAAE,SAAS,EAAE,WAAW,OAAO,EAAE,CAAC;AACxF,UAAM,KAAK,eAAe,KAAK;AAC/B,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,qBAAqB,aAAqB,OAAqE;AACnH,UAAM,QAAgC;AAAA,MACpC;AAAA,MACA,gBAAgB;AAAA,MAChB,WAAW;AAAA,IACb;AACA,QAAI,MAAM,SAAU,OAAM,WAAW,MAAM;AAC3C,QAAI,MAAM,eAAgB,OAAM,iBAAiB,MAAM;AAEvD,UAAM,QAAQ,MAAM,KAAK,GAAG,QAAQ,WAAW,OAAO,EAAE,SAAS,EAAE,WAAW,OAAO,EAAE,CAAC;AACxF,UAAM,KAAK,eAAe,KAAK;AAC/B,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,WAAW,IAAY;AAC3B,UAAM,MAAM,MAAM,KAAK,GAAG,QAAQ,WAAW,EAAE,IAAI,WAAW,KAAK,CAAC;AACpE,QAAI,CAAC,IAAK,QAAO;AAEjB,QAAI,iBAAiB;AACrB,QAAI,YAAY;AAChB,UAAM,KAAK,GAAG,MAAM;AACpB,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,oBAAoB,UAA8C,CAAC,GAA+C;AACtH,UAAM,YAAY,KAAK,IAAI,KAAK,IAAI,KAAK,MAAM,QAAQ,aAAa,GAAG,GAAG,CAAC,GAAG,GAAI;AAClF,UAAM,SAAS,QAAQ,WAAW,MAAM;AAAA,IAAC;AACzC,UAAM,SAA4C;AAAA,MAChD,QAAQ;AAAA,MACR,SAAS;AAAA,MACT,SAAS;AAAA,MACT,SAAS;AAAA,IACX;AAEA,QAAI,kBAA+B;AACnC,QAAI,WAA0B;AAE9B,WAAO,MAAM;AACX,YAAM,YAAY,KAAK,GAAG,QAAQ,EAAe,aAAa,EAC3D;AAAA,QACC;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,MACF,EACC,UAAU,YAAY;AAEzB,UAAI,QAAQ,SAAU,WAAU,SAAS,aAAa,QAAQ,QAAQ;AACtE,UAAI,QAAQ,eAAgB,WAAU,SAAS,mBAAmB,QAAQ,cAAc;AAExF,UAAI,CAAC,QAAQ,OAAO;AAClB,kBAAU,SAAS,CAAC,YAAY;AAC9B,kBACG,UAAU,aAAa,EACvB,YAAY,YAAY,EACxB,YAAY,gBAAgB;AAAA,QACjC,CAAC;AAAA,MACH;AAEA,UAAI,mBAAmB,UAAU;AAC/B,kBAAU,SAAS,CAAC,YAAY;AAC9B,kBACG,MAAM,cAAc,KAAK,eAAe,EACxC,QAAQ,CAAC,WAAW;AACnB,mBAAO,MAAM,cAAc,eAAe,EAAE,SAAS,MAAM,KAAK,QAAQ;AAAA,UAC1E,CAAC;AAAA,QACL,CAAC;AAAA,MACH;AAEA,YAAM,OAAO,MAAM,UAChB,QAAQ,cAAc,KAAK,EAC3B,QAAQ,MAAM,KAAK,EACnB,MAAM,SAAS;AAElB,UAAI,KAAK,WAAW,EAAG;AAEvB,iBAAW,OAAO,MAAM;AACtB,eAAO,WAAW;AAElB,YAAI;AACF,gBAAM,YAAY,MAAM,KAAK,oBAAoB,GAAyC;AAC1F,gBAAM,aAAa,0BAA0B;AAAA,YAC3C,aAAa,WAAW,WAAW,eAAe,eAAe;AAAA,YACjE,aAAa,WAAW,WAAW,eAAe,cAAc;AAAA,YAChE,SAAS,WAAW,WAAW,eAAe,cAAc;AAAA,YAC5D,WAAW,WAAW,WAAW,aAAa,YAAY,KAAK;AAAA,YAC/D,SAAS,WAAW,WAAW,eAAe,cAAc;AAAA,YAC5D,gBAAgB,UAAU,WAAW,kBAAkB,iBAAiB;AAAA,UAC1E,CAAC;AAED,gBAAM,cAAc,QAAQ,UAAU,QACjC,IAAI,gBAAgB,WAAW,cAC/B,IAAI,eAAe,WAAW,aAC9B,IAAI,0BAA0B,WAAW,uBACzC,CAAC,kBAAkB,IAAI,gBAAgB,WAAW,aAAa;AAEpE,cAAI,CAAC,aAAa;AAChB,mBAAO,WAAW;AAClB;AAAA,UACF;AAEA,gBAAM,KAAK,GAAG,QAAQ,EAAE,aAAa,EAClC,MAAM,EAAE,IAAI,IAAI,GAAG,CAAC,EACpB,OAAO;AAAA,YACN,aAAa,WAAW;AAAA,YACxB,gBAAgB,WAAW;AAAA,YAC3B,uBAAuB,WAAW;AAAA,YAClC,YAAY,WAAW;AAAA,UACzB,CAAC;AAEH,iBAAO,WAAW;AAAA,QACpB,SAAS,KAAK;AACZ,iBAAO,UAAU;AACjB,iBAAO,oCAAoC,IAAI,EAAE,KAAK,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG,CAAC,EAAE;AAAA,QAC1G;AAAA,MACF;AAEA,YAAM,UAAU,KAAK,KAAK,SAAS,CAAC;AACpC,wBAAkB,QAAQ;AAC1B,iBAAW,QAAQ;AAEnB;AAAA,QACE,wBAAwB,OAAO,OAAO,0BAA0B,OAAO,OAAO,cAAc,OAAO,OAAO,aAAa,OAAO,MAAM;AAAA,MACtI;AAEA,UAAI,KAAK,SAAS,UAAW;AAAA,IAC/B;AAEA,WAAO;AAAA,EACT;AACF;",
4
+ "sourcesContent": ["import type { FilterQuery } from '@mikro-orm/core'\nimport type { EntityManager } from '@mikro-orm/postgresql'\nimport { sql } from 'kysely'\nimport { ActionLog } from '@open-mercato/core/modules/audit_logs/data/entities'\nimport {\n actionLogCreateSchema,\n actionLogListSchema,\n type ActionLogCreateInput,\n type ActionLogListQuery,\n} from '@open-mercato/core/modules/audit_logs/data/validators'\nimport { isRecord } from '@open-mercato/core/modules/audit_logs/lib/changeRows'\nimport {\n ACTION_LOG_FILTER_TYPES,\n type ActionLogFilterType,\n deriveActionLogProjection,\n} from '@open-mercato/core/modules/audit_logs/lib/projections'\nimport { decryptWithAesGcm } from '@open-mercato/shared/lib/encryption/aes'\nimport { TenantDataEncryptionService } from '@open-mercato/shared/lib/encryption/tenantDataEncryptionService'\nimport { toOptionalString } from '@open-mercato/shared/lib/string/coerce'\n\nlet validationWarningLogged = false\nlet runtimeValidationAvailable: boolean | null = null\nlet decryptionWarningLogged = false\n\nconst isZodRuntimeMissing = (err: unknown) => err instanceof TypeError && typeof err.message === 'string' && err.message.includes('_zod')\n\nconst SORT_FIELDS = {\n createdAt: 'action_logs.created_at',\n} as const\n\ntype ActionLogProjectionBackfillOptions = {\n batchSize?: number\n force?: boolean\n logger?: (message: string) => void\n organizationId?: string | null\n tenantId?: string | null\n}\n\nexport type ActionLogProjectionBackfillResult = {\n errors: number\n scanned: number\n skipped: number\n updated: number\n}\n\ntype BackfillRow = {\n action_label: string | null\n action_type: string | null\n actor_user_id: string | null\n changed_fields: string[] | null\n changes_json: Record<string, unknown> | null\n command_id: string\n context_json: Record<string, unknown> | null\n created_at: Date\n id: string\n organization_id: string | null\n primary_changed_field: string | null\n snapshot_before: unknown | null\n source_key: string | null\n tenant_id: string | null\n}\n\nfunction readString(record: Record<string, unknown>, ...keys: string[]): string | null {\n for (const key of keys) {\n const value = record[key]\n if (typeof value === 'string' && value.length > 0) return value\n }\n\n return null\n}\n\nfunction readRecord(record: Record<string, unknown>, ...keys: string[]): Record<string, unknown> | null {\n for (const key of keys) {\n const value = record[key]\n if (isRecord(value)) return value\n }\n\n return null\n}\n\nfunction readValue(record: Record<string, unknown>, ...keys: string[]): unknown {\n for (const key of keys) {\n if (Object.prototype.hasOwnProperty.call(record, key)) return record[key]\n }\n\n return undefined\n}\n\nfunction readStringArray(record: Record<string, unknown>, ...keys: string[]): string[] | null {\n for (const key of keys) {\n const value = record[key]\n if (Array.isArray(value)) {\n return value.filter((entry): entry is string => typeof entry === 'string')\n }\n }\n\n return null\n}\n\nfunction stringArraysEqual(left: string[] | null, right: string[]): boolean {\n if (!Array.isArray(left)) return false\n if (left.length !== right.length) return false\n\n return left.every((value, index) => value === right[index])\n}\n\nexport class ActionLogService {\n constructor(\n private readonly em: EntityManager,\n private readonly tenantEncryptionService?: TenantDataEncryptionService,\n ) {}\n\n private async decryptEntryPayload<T extends Record<string, unknown>>(entry: T): Promise<T> {\n if (!this.tenantEncryptionService?.isEnabled()) return entry\n\n try {\n const tenantId = readString(entry, 'tenantId', 'tenant_id')\n const organizationId = readString(entry, 'organizationId', 'organization_id')\n const dek = await this.tenantEncryptionService.getDek(tenantId)\n const deepDecrypt = (value: unknown): unknown => {\n if (!dek) return value\n if (typeof value === 'string' && value.split(':').length === 4 && value.endsWith(':v1')) {\n const decrypted = decryptWithAesGcm(value, dek.key)\n if (decrypted === null) return value\n try {\n return JSON.parse(decrypted)\n } catch {\n return decrypted\n }\n }\n if (Array.isArray(value)) return value.map((item) => deepDecrypt(item))\n if (value && typeof value === 'object') {\n const copy: Record<string, unknown> = {}\n for (const [key, item] of Object.entries(value as Record<string, unknown>)) {\n copy[key] = deepDecrypt(item)\n }\n return copy\n }\n return value\n }\n\n const decrypted = await this.tenantEncryptionService.decryptEntityPayload(\n 'audit_logs:action_log',\n entry,\n tenantId,\n organizationId,\n )\n\n const merged = {\n ...entry,\n ...decrypted,\n } as Record<string, unknown>\n\n merged.changesJson = deepDecrypt(merged.changesJson ?? merged.changes_json ?? entry.changesJson ?? entry.changes_json)\n merged.changes_json = merged.changesJson\n merged.snapshotBefore = deepDecrypt(merged.snapshotBefore ?? merged.snapshot_before ?? entry.snapshotBefore ?? entry.snapshot_before)\n merged.snapshot_before = merged.snapshotBefore\n merged.snapshotAfter = deepDecrypt(merged.snapshotAfter ?? merged.snapshot_after ?? entry.snapshotAfter ?? entry.snapshot_after)\n merged.snapshot_after = merged.snapshotAfter\n merged.commandPayload = deepDecrypt(merged.commandPayload ?? merged.command_payload ?? entry.commandPayload ?? entry.command_payload)\n merged.command_payload = merged.commandPayload\n merged.contextJson = deepDecrypt(merged.contextJson ?? merged.context_json ?? entry.contextJson ?? entry.context_json)\n merged.context_json = merged.contextJson\n\n return merged as T\n } catch (err) {\n if (!decryptionWarningLogged) {\n decryptionWarningLogged = true\n console.warn('[audit_logs] failed to decrypt action log entry', err)\n }\n return entry\n }\n }\n\n private async decryptEntries(entries: ActionLog | ActionLog[] | null | undefined): Promise<void> {\n if (!entries) return\n\n const list = Array.isArray(entries) ? entries : [entries]\n for (const entry of list) {\n Object.assign(entry as unknown as Record<string, unknown>, await this.decryptEntryPayload(entry as unknown as Record<string, unknown>))\n }\n }\n\n async log(input: ActionLogCreateInput): Promise<ActionLog | null> {\n const data = this.parseCreateInput(input)\n const fork = this.em.fork()\n const log = this.createLogEntity(fork, data)\n await fork.persist(log).flush()\n await this.decryptEntries(log)\n return log\n }\n\n private parseCreateInput(input: ActionLogCreateInput): ActionLogCreateInput {\n let data: ActionLogCreateInput\n const schema = actionLogCreateSchema as typeof actionLogCreateSchema & { _zod?: unknown }\n const canValidate = Boolean(schema && typeof schema.parse === 'function')\n const shouldValidate = canValidate && runtimeValidationAvailable !== false\n\n if (shouldValidate) {\n try {\n data = schema.parse(input)\n runtimeValidationAvailable = true\n } catch (err) {\n if (!isZodRuntimeMissing(err) && !validationWarningLogged) {\n validationWarningLogged = true\n console.warn('[audit_logs] falling back to permissive action log payload parser', err)\n }\n if (isZodRuntimeMissing(err)) runtimeValidationAvailable = false\n data = this.normalizeInput(input)\n }\n } else {\n data = this.normalizeInput(input)\n }\n\n return data\n }\n\n private createLogEntity(fork: EntityManager, data: ActionLogCreateInput): ActionLog {\n const projection = deriveActionLogProjection({\n actorUserId: data.actorUserId ?? null,\n actionLabel: data.actionLabel ?? null,\n changes: isRecord(data.changes) ? data.changes : null,\n commandId: data.commandId,\n context: isRecord(data.context) ? data.context : null,\n snapshotBefore: data.snapshotBefore,\n })\n\n return fork.create(ActionLog, {\n tenantId: data.tenantId ?? null,\n organizationId: data.organizationId ?? null,\n actorUserId: data.actorUserId ?? null,\n commandId: data.commandId,\n actionLabel: data.actionLabel ?? null,\n actionType: projection.actionType,\n resourceKind: data.resourceKind ?? null,\n resourceId: data.resourceId ?? null,\n parentResourceKind: data.parentResourceKind ?? null,\n parentResourceId: data.parentResourceId ?? null,\n executionState: data.executionState ?? 'done',\n undoToken: data.undoToken ?? null,\n commandPayload: data.commandPayload ?? null,\n snapshotBefore: data.snapshotBefore ?? null,\n snapshotAfter: data.snapshotAfter ?? null,\n changesJson: isRecord(data.changes) ? data.changes : null,\n changedFields: projection.changedFields,\n primaryChangedField: projection.primaryChangedField,\n contextJson: isRecord(data.context) ? data.context : null,\n sourceKey: projection.sourceKey,\n createdAt: new Date(),\n updatedAt: new Date(),\n })\n }\n\n private normalizeInput(input: Partial<ActionLogCreateInput> | null | undefined): ActionLogCreateInput {\n if (!input) {\n return {\n tenantId: null,\n organizationId: null,\n actorUserId: null,\n commandId: 'unknown',\n actionLabel: undefined,\n resourceKind: undefined,\n resourceId: undefined,\n executionState: 'done',\n undoToken: undefined,\n commandPayload: undefined,\n snapshotBefore: undefined,\n snapshotAfter: undefined,\n changes: undefined,\n context: undefined,\n }\n }\n\n const toNullableUuid = (value: unknown) => {\n if (typeof value !== 'string' || value.length === 0) return null\n if (value.startsWith('api_key:')) return value.slice('api_key:'.length)\n return value\n }\n\n const normalizeRecordLike = (value: unknown): ActionLogCreateInput['changes'] => {\n if (value === null) return null\n if (Array.isArray(value)) return value\n if (typeof value === 'object') return value as Record<string, unknown>\n return undefined\n }\n\n const normalizeContext = (value: unknown) => (\n typeof value === 'object' && value !== null && !Array.isArray(value)\n ? value as Record<string, unknown>\n : undefined\n )\n\n return {\n tenantId: toNullableUuid(input.tenantId),\n organizationId: toNullableUuid(input.organizationId),\n actorUserId: toNullableUuid(input.actorUserId),\n commandId: typeof input.commandId === 'string' && input.commandId.length > 0 ? input.commandId : 'unknown',\n actionLabel: toOptionalString(input.actionLabel) ?? undefined,\n resourceKind: toOptionalString(input.resourceKind) ?? undefined,\n resourceId: toOptionalString(input.resourceId) ?? undefined,\n parentResourceKind: toOptionalString(input.parentResourceKind) ?? null,\n parentResourceId: toOptionalString(input.parentResourceId) ?? null,\n executionState: input.executionState === 'undone' || input.executionState === 'failed' ? input.executionState : 'done',\n undoToken: toOptionalString(input.undoToken) ?? undefined,\n commandPayload: input.commandPayload,\n snapshotBefore: input.snapshotBefore,\n snapshotAfter: input.snapshotAfter,\n changes: normalizeRecordLike(input.changes),\n context: normalizeContext(input.context),\n }\n }\n\n private parseListQuery(query: Partial<ActionLogListQuery>) {\n return actionLogListSchema.parse({\n ...query,\n })\n }\n\n private resolveActorUserIds(parsed: ActionLogListQuery): string[] {\n const values = [...(parsed.actorUserIds ?? [])]\n if (parsed.actorUserId) values.push(parsed.actorUserId)\n\n return Array.from(new Set(values.map((value) => value.trim()).filter(Boolean)))\n }\n\n private resolveFieldNames(parsed: ActionLogListQuery): string[] {\n const values = [...(parsed.fieldNames ?? [])]\n if (parsed.fieldName) values.push(parsed.fieldName)\n\n return Array.from(new Set(values.map((value) => value.trim()).filter(Boolean)))\n }\n\n private resolveActionTypes(parsed: ActionLogListQuery): ActionLogFilterType[] {\n const values = [...(parsed.actionTypes ?? [])]\n if (parsed.actionType) values.push(parsed.actionType)\n\n return Array.from(new Set(values))\n .filter((value): value is ActionLogFilterType => ACTION_LOG_FILTER_TYPES.includes(value as ActionLogFilterType))\n }\n\n private resolvePagination(parsed: ActionLogListQuery): { page: number; pageSize: number; offset: number; limit: number } {\n const pageSize =\n typeof parsed.pageSize === 'number' && parsed.pageSize > 0\n ? parsed.pageSize\n : typeof parsed.limit === 'number' && parsed.limit > 0\n ? parsed.limit\n : 50\n const page = typeof parsed.page === 'number' && parsed.page > 0 ? parsed.page : 1\n const offset =\n typeof parsed.offset === 'number' && parsed.offset >= 0\n ? parsed.offset\n : (page - 1) * pageSize\n return { page, pageSize, offset, limit: pageSize }\n }\n\n private async loadEntries(parsed: ActionLogListQuery, options?: { paginate?: boolean }) {\n let query = (this.buildListQuery(parsed) as any).select('action_logs.id as id')\n\n if (options?.paginate !== false) {\n const { limit, offset } = this.resolvePagination(parsed)\n query = query.limit(limit).offset(offset)\n }\n\n const rows = await query.execute()\n const ids = rows.map((row: any) => row.id).filter(Boolean)\n if (ids.length === 0) return []\n\n const results = await this.em.find(ActionLog, {\n id: { $in: ids } as any,\n deletedAt: null,\n })\n await this.decryptEntries(results)\n\n const byId = new Map(results.map((entry: any) => [entry.id, entry]))\n return ids\n .map((id: any) => byId.get(id))\n .filter((entry: any): entry is ActionLog => Boolean(entry))\n }\n\n private buildListQuery(parsed: ActionLogListQuery): any {\n let query = (this.em.getKysely<any>() as any)\n .selectFrom('action_logs')\n .selectAll()\n .where('action_logs.deleted_at', 'is', null) as any\n\n if (parsed.tenantId) query = query.where('action_logs.tenant_id', '=', parsed.tenantId)\n if (parsed.organizationId) query = query.where('action_logs.organization_id', '=', parsed.organizationId)\n\n const actorUserIds = this.resolveActorUserIds(parsed)\n if (actorUserIds.length === 1) query = query.where('action_logs.actor_user_id', '=', actorUserIds[0])\n if (actorUserIds.length > 1) query = query.where('action_logs.actor_user_id', 'in', actorUserIds)\n\n if (parsed.includeRelated && parsed.resourceKind && parsed.resourceId) {\n query = query.where((eb: any) =>\n eb.or([\n eb.and([\n eb('action_logs.resource_kind', '=', parsed.resourceKind),\n eb('action_logs.resource_id', '=', parsed.resourceId),\n ]),\n eb.and([\n eb('action_logs.parent_resource_kind', '=', parsed.resourceKind),\n eb('action_logs.parent_resource_id', '=', parsed.resourceId),\n ]),\n ])\n )\n } else {\n if (parsed.resourceKind) query = query.where('action_logs.resource_kind', '=', parsed.resourceKind)\n if (parsed.resourceId) query = query.where('action_logs.resource_id', '=', parsed.resourceId)\n }\n\n if (parsed.undoableOnly) query = query.where('action_logs.undo_token', 'is not', null)\n if (parsed.before) query = query.where('action_logs.created_at', '<', parsed.before)\n if (parsed.after) query = query.where('action_logs.created_at', '>', parsed.after)\n\n const fieldNames = this.resolveFieldNames(parsed)\n if (fieldNames.length === 1) query = query.where('action_logs.primary_changed_field', '=', fieldNames[0])\n if (fieldNames.length > 1) query = query.where('action_logs.primary_changed_field', 'in', fieldNames)\n\n const actionTypes = this.resolveActionTypes(parsed)\n if (actionTypes.length === 1) query = query.where('action_logs.action_type', '=', actionTypes[0])\n if (actionTypes.length > 1) query = query.where('action_logs.action_type', 'in', actionTypes)\n\n if (parsed.sortField === 'user') {\n query = query.leftJoin('users as audit_actor', 'audit_actor.id', 'action_logs.actor_user_id')\n }\n\n const sortDir = parsed.sortDir === 'asc' ? 'asc' : 'desc'\n switch (parsed.sortField) {\n case 'user':\n query = query.orderBy(sql`coalesce(nullif(audit_actor.name, ''), audit_actor.email, '')`, sortDir)\n break\n case 'action':\n query = query.orderBy(sql`coalesce(action_logs.action_type, '')`, sortDir)\n break\n case 'field':\n query = query.orderBy(sql`coalesce(action_logs.primary_changed_field, '')`, sortDir)\n break\n case 'source':\n query = query.orderBy(sql`coalesce(action_logs.source_key, '')`, sortDir)\n break\n case 'createdAt':\n default:\n query = query.orderBy(SORT_FIELDS.createdAt, sortDir)\n query = query.orderBy('action_logs.id', sortDir)\n return query\n }\n\n query = query.orderBy('action_logs.created_at', 'desc')\n query = query.orderBy('action_logs.id', 'desc')\n return query\n }\n\n async count(query: Partial<ActionLogListQuery>) {\n const parsed = this.parseListQuery(query)\n const row = await (this.buildListQuery(parsed) as any)\n .clearSelect()\n .clearOrderBy()\n .select(sql<string>`count(*)`.as('count'))\n .executeTakeFirst()\n\n if (!row) return 0\n const rawCount = row.count ?? 0\n return typeof rawCount === 'number' ? rawCount : Number.parseInt(rawCount, 10) || 0\n }\n\n async list(query: Partial<ActionLogListQuery>) {\n const parsed = this.parseListQuery(query)\n const { page, pageSize } = this.resolvePagination(parsed)\n const [items, total] = await Promise.all([\n this.loadEntries(parsed),\n this.count(parsed),\n ])\n const totalPages = Math.max(1, Math.ceil((total || 0) / (pageSize || 1)))\n return { items, total, page, pageSize, totalPages }\n }\n\n async latestUndoableForActor(actorUserId: string, scope: { tenantId?: string | null; organizationId?: string | null }) {\n const where: FilterQuery<ActionLog> = {\n actorUserId,\n undoToken: { $ne: null } as any,\n executionState: 'done',\n deletedAt: null,\n }\n if (scope.tenantId) where.tenantId = scope.tenantId\n if (scope.organizationId) where.organizationId = scope.organizationId\n\n const entry = await this.em.findOne(ActionLog, where, { orderBy: { createdAt: 'desc' } })\n await this.decryptEntries(entry)\n return entry\n }\n\n async markUndone(id: string, traceInput?: ActionLogCreateInput) {\n const fork = this.em.fork()\n const log = await fork.findOne(ActionLog, { id, deletedAt: null })\n if (!log) return null\n\n log.executionState = 'undone'\n log.undoToken = null\n\n const traceLog = traceInput ? this.createLogEntity(fork, this.parseCreateInput(traceInput)) : null\n if (traceLog) {\n fork.persist(traceLog)\n }\n\n await fork.flush()\n await this.decryptEntries(log)\n if (traceLog) await this.decryptEntries(traceLog)\n\n return log\n }\n\n async findByUndoToken(undoToken: string) {\n const entry = await this.em.findOne(ActionLog, { undoToken, deletedAt: null })\n await this.decryptEntries(entry)\n return entry\n }\n\n async findById(id: string) {\n const entry = await this.em.findOne(ActionLog, { id, deletedAt: null })\n await this.decryptEntries(entry)\n return entry\n }\n\n async latestUndoableForResource(params: {\n actorUserId: string\n tenantId?: string | null\n organizationId?: string | null\n resourceKind?: string | null\n resourceId?: string | null\n }) {\n const where: FilterQuery<ActionLog> = {\n actorUserId: params.actorUserId,\n undoToken: { $ne: null } as any,\n executionState: 'done',\n deletedAt: null,\n }\n if (params.tenantId) where.tenantId = params.tenantId\n if (params.organizationId) where.organizationId = params.organizationId\n if (params.resourceKind) where.resourceKind = params.resourceKind\n if (params.resourceId) where.resourceId = params.resourceId\n\n const entry = await this.em.findOne(ActionLog, where, { orderBy: { createdAt: 'desc' } })\n await this.decryptEntries(entry)\n return entry\n }\n\n async latestUndoneForActor(actorUserId: string, scope: { tenantId?: string | null; organizationId?: string | null }) {\n const where: FilterQuery<ActionLog> = {\n actorUserId,\n executionState: 'undone',\n deletedAt: null,\n }\n if (scope.tenantId) where.tenantId = scope.tenantId\n if (scope.organizationId) where.organizationId = scope.organizationId\n\n const entry = await this.em.findOne(ActionLog, where, { orderBy: { updatedAt: 'desc' } })\n await this.decryptEntries(entry)\n return entry\n }\n\n async markRedone(id: string) {\n const log = await this.em.findOne(ActionLog, { id, deletedAt: null })\n if (!log) return null\n\n log.executionState = 'redone'\n log.undoToken = null\n await this.em.flush()\n return log\n }\n\n async backfillProjections(options: ActionLogProjectionBackfillOptions = {}): Promise<ActionLogProjectionBackfillResult> {\n const batchSize = Math.min(Math.max(Math.trunc(options.batchSize ?? 250), 1), 1000)\n const logger = options.logger ?? (() => {})\n const result: ActionLogProjectionBackfillResult = {\n errors: 0,\n scanned: 0,\n skipped: 0,\n updated: 0,\n }\n\n let cursorCreatedAt: Date | null = null\n let cursorId: string | null = null\n\n while (true) {\n const rowsQuery = (this.em.getKysely<any>() as any)\n .selectFrom('action_logs')\n .select([\n 'action_logs.id',\n 'action_logs.tenant_id',\n 'action_logs.organization_id',\n 'action_logs.actor_user_id',\n 'action_logs.command_id',\n 'action_logs.action_label',\n 'action_logs.snapshot_before',\n 'action_logs.changes_json',\n 'action_logs.context_json',\n 'action_logs.action_type',\n 'action_logs.source_key',\n 'action_logs.changed_fields',\n 'action_logs.primary_changed_field',\n 'action_logs.created_at',\n ])\n .where('action_logs.deleted_at', 'is', null) as any\n\n if (options.tenantId) rowsQuery.where('action_logs.tenant_id', '=', options.tenantId)\n if (options.organizationId) rowsQuery.where('action_logs.organization_id', '=', options.organizationId)\n\n if (!options.force) {\n rowsQuery.where((eb: any) =>\n eb.or([\n eb('action_logs.action_type', 'is', null),\n eb('action_logs.source_key', 'is', null),\n eb('action_logs.changed_fields', 'is', null),\n ])\n )\n }\n\n if (cursorCreatedAt && cursorId) {\n rowsQuery.where((eb: any) =>\n eb.or([\n eb('action_logs.created_at', '>', cursorCreatedAt),\n eb.and([\n eb('action_logs.created_at', '=', cursorCreatedAt),\n eb('action_logs.id', '>', cursorId),\n ]),\n ])\n )\n }\n\n const rows = await rowsQuery\n .orderBy('created_at', 'asc')\n .orderBy('id', 'asc')\n .limit(batchSize)\n\n if (rows.length === 0) break\n\n for (const row of rows) {\n result.scanned += 1\n\n try {\n const decrypted = await this.decryptEntryPayload(row as unknown as Record<string, unknown>)\n const projection = deriveActionLogProjection({\n actorUserId: readString(decrypted, 'actorUserId', 'actor_user_id'),\n actionLabel: readString(decrypted, 'actionLabel', 'action_label'),\n changes: readRecord(decrypted, 'changesJson', 'changes_json'),\n commandId: readString(decrypted, 'commandId', 'command_id') ?? 'unknown',\n context: readRecord(decrypted, 'contextJson', 'context_json'),\n snapshotBefore: readValue(decrypted, 'snapshotBefore', 'snapshot_before'),\n })\n\n const needsUpdate = options.force === true\n || row.action_type !== projection.actionType\n || row.source_key !== projection.sourceKey\n || row.primary_changed_field !== projection.primaryChangedField\n || !stringArraysEqual(row.changed_fields, projection.changedFields)\n\n if (!needsUpdate) {\n result.skipped += 1\n continue\n }\n\n await (this.em.getKysely<any>() as any)\n .updateTable('action_logs')\n .set({\n action_type: projection.actionType,\n changed_fields: projection.changedFields,\n primary_changed_field: projection.primaryChangedField,\n source_key: projection.sourceKey,\n })\n .where('id', '=', row.id)\n .execute()\n\n result.updated += 1\n } catch (err) {\n result.errors += 1\n logger(`[backfill] Failed for action log ${row.id}: ${err instanceof Error ? err.message : String(err)}`)\n }\n }\n\n const lastRow = rows[rows.length - 1]\n cursorCreatedAt = lastRow.created_at\n cursorId = lastRow.id\n\n logger(\n `[backfill] Processed ${result.scanned} action logs (updated: ${result.updated}, skipped: ${result.skipped}, errors: ${result.errors})`,\n )\n\n if (rows.length < batchSize) break\n }\n\n return result\n }\n}\n"],
5
+ "mappings": "AAEA,SAAS,WAAW;AACpB,SAAS,iBAAiB;AAC1B;AAAA,EACE;AAAA,EACA;AAAA,OAGK;AACP,SAAS,gBAAgB;AACzB;AAAA,EACE;AAAA,EAEA;AAAA,OACK;AACP,SAAS,yBAAyB;AAElC,SAAS,wBAAwB;AAEjC,IAAI,0BAA0B;AAC9B,IAAI,6BAA6C;AACjD,IAAI,0BAA0B;AAE9B,MAAM,sBAAsB,CAAC,QAAiB,eAAe,aAAa,OAAO,IAAI,YAAY,YAAY,IAAI,QAAQ,SAAS,MAAM;AAExI,MAAM,cAAc;AAAA,EAClB,WAAW;AACb;AAkCA,SAAS,WAAW,WAAoC,MAA+B;AACrF,aAAW,OAAO,MAAM;AACtB,UAAM,QAAQ,OAAO,GAAG;AACxB,QAAI,OAAO,UAAU,YAAY,MAAM,SAAS,EAAG,QAAO;AAAA,EAC5D;AAEA,SAAO;AACT;AAEA,SAAS,WAAW,WAAoC,MAAgD;AACtG,aAAW,OAAO,MAAM;AACtB,UAAM,QAAQ,OAAO,GAAG;AACxB,QAAI,SAAS,KAAK,EAAG,QAAO;AAAA,EAC9B;AAEA,SAAO;AACT;AAEA,SAAS,UAAU,WAAoC,MAAyB;AAC9E,aAAW,OAAO,MAAM;AACtB,QAAI,OAAO,UAAU,eAAe,KAAK,QAAQ,GAAG,EAAG,QAAO,OAAO,GAAG;AAAA,EAC1E;AAEA,SAAO;AACT;AAEA,SAAS,gBAAgB,WAAoC,MAAiC;AAC5F,aAAW,OAAO,MAAM;AACtB,UAAM,QAAQ,OAAO,GAAG;AACxB,QAAI,MAAM,QAAQ,KAAK,GAAG;AACxB,aAAO,MAAM,OAAO,CAAC,UAA2B,OAAO,UAAU,QAAQ;AAAA,IAC3E;AAAA,EACF;AAEA,SAAO;AACT;AAEA,SAAS,kBAAkB,MAAuB,OAA0B;AAC1E,MAAI,CAAC,MAAM,QAAQ,IAAI,EAAG,QAAO;AACjC,MAAI,KAAK,WAAW,MAAM,OAAQ,QAAO;AAEzC,SAAO,KAAK,MAAM,CAAC,OAAO,UAAU,UAAU,MAAM,KAAK,CAAC;AAC5D;AAEO,MAAM,iBAAiB;AAAA,EAC5B,YACmB,IACA,yBACjB;AAFiB;AACA;AAAA,EAChB;AAAA,EAEH,MAAc,oBAAuD,OAAsB;AACzF,QAAI,CAAC,KAAK,yBAAyB,UAAU,EAAG,QAAO;AAEvD,QAAI;AACF,YAAM,WAAW,WAAW,OAAO,YAAY,WAAW;AAC1D,YAAM,iBAAiB,WAAW,OAAO,kBAAkB,iBAAiB;AAC5E,YAAM,MAAM,MAAM,KAAK,wBAAwB,OAAO,QAAQ;AAC9D,YAAM,cAAc,CAAC,UAA4B;AAC/C,YAAI,CAAC,IAAK,QAAO;AACjB,YAAI,OAAO,UAAU,YAAY,MAAM,MAAM,GAAG,EAAE,WAAW,KAAK,MAAM,SAAS,KAAK,GAAG;AACvF,gBAAMA,aAAY,kBAAkB,OAAO,IAAI,GAAG;AAClD,cAAIA,eAAc,KAAM,QAAO;AAC/B,cAAI;AACF,mBAAO,KAAK,MAAMA,UAAS;AAAA,UAC7B,QAAQ;AACN,mBAAOA;AAAA,UACT;AAAA,QACF;AACA,YAAI,MAAM,QAAQ,KAAK,EAAG,QAAO,MAAM,IAAI,CAAC,SAAS,YAAY,IAAI,CAAC;AACtE,YAAI,SAAS,OAAO,UAAU,UAAU;AACtC,gBAAM,OAAgC,CAAC;AACvC,qBAAW,CAAC,KAAK,IAAI,KAAK,OAAO,QAAQ,KAAgC,GAAG;AAC1E,iBAAK,GAAG,IAAI,YAAY,IAAI;AAAA,UAC9B;AACA,iBAAO;AAAA,QACT;AACA,eAAO;AAAA,MACT;AAEA,YAAM,YAAY,MAAM,KAAK,wBAAwB;AAAA,QACnD;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,MACF;AAEA,YAAM,SAAS;AAAA,QACb,GAAG;AAAA,QACH,GAAG;AAAA,MACL;AAEA,aAAO,cAAc,YAAY,OAAO,eAAe,OAAO,gBAAgB,MAAM,eAAe,MAAM,YAAY;AACrH,aAAO,eAAe,OAAO;AAC7B,aAAO,iBAAiB,YAAY,OAAO,kBAAkB,OAAO,mBAAmB,MAAM,kBAAkB,MAAM,eAAe;AACpI,aAAO,kBAAkB,OAAO;AAChC,aAAO,gBAAgB,YAAY,OAAO,iBAAiB,OAAO,kBAAkB,MAAM,iBAAiB,MAAM,cAAc;AAC/H,aAAO,iBAAiB,OAAO;AAC/B,aAAO,iBAAiB,YAAY,OAAO,kBAAkB,OAAO,mBAAmB,MAAM,kBAAkB,MAAM,eAAe;AACpI,aAAO,kBAAkB,OAAO;AAChC,aAAO,cAAc,YAAY,OAAO,eAAe,OAAO,gBAAgB,MAAM,eAAe,MAAM,YAAY;AACrH,aAAO,eAAe,OAAO;AAE7B,aAAO;AAAA,IACT,SAAS,KAAK;AACZ,UAAI,CAAC,yBAAyB;AAC5B,kCAA0B;AAC1B,gBAAQ,KAAK,mDAAmD,GAAG;AAAA,MACrE;AACA,aAAO;AAAA,IACT;AAAA,EACF;AAAA,EAEA,MAAc,eAAe,SAAoE;AAC/F,QAAI,CAAC,QAAS;AAEd,UAAM,OAAO,MAAM,QAAQ,OAAO,IAAI,UAAU,CAAC,OAAO;AACxD,eAAW,SAAS,MAAM;AACxB,aAAO,OAAO,OAA6C,MAAM,KAAK,oBAAoB,KAA2C,CAAC;AAAA,IACxI;AAAA,EACF;AAAA,EAEA,MAAM,IAAI,OAAwD;AAChE,UAAM,OAAO,KAAK,iBAAiB,KAAK;AACxC,UAAM,OAAO,KAAK,GAAG,KAAK;AAC1B,UAAM,MAAM,KAAK,gBAAgB,MAAM,IAAI;AAC3C,UAAM,KAAK,QAAQ,GAAG,EAAE,MAAM;AAC9B,UAAM,KAAK,eAAe,GAAG;AAC7B,WAAO;AAAA,EACT;AAAA,EAEQ,iBAAiB,OAAmD;AAC1E,QAAI;AACJ,UAAM,SAAS;AACf,UAAM,cAAc,QAAQ,UAAU,OAAO,OAAO,UAAU,UAAU;AACxE,UAAM,iBAAiB,eAAe,+BAA+B;AAErE,QAAI,gBAAgB;AAClB,UAAI;AACF,eAAO,OAAO,MAAM,KAAK;AACzB,qCAA6B;AAAA,MAC/B,SAAS,KAAK;AACZ,YAAI,CAAC,oBAAoB,GAAG,KAAK,CAAC,yBAAyB;AACzD,oCAA0B;AAC1B,kBAAQ,KAAK,qEAAqE,GAAG;AAAA,QACvF;AACA,YAAI,oBAAoB,GAAG,EAAG,8BAA6B;AAC3D,eAAO,KAAK,eAAe,KAAK;AAAA,MAClC;AAAA,IACF,OAAO;AACL,aAAO,KAAK,eAAe,KAAK;AAAA,IAClC;AAEA,WAAO;AAAA,EACT;AAAA,EAEQ,gBAAgB,MAAqB,MAAuC;AAClF,UAAM,aAAa,0BAA0B;AAAA,MAC3C,aAAa,KAAK,eAAe;AAAA,MACjC,aAAa,KAAK,eAAe;AAAA,MACjC,SAAS,SAAS,KAAK,OAAO,IAAI,KAAK,UAAU;AAAA,MACjD,WAAW,KAAK;AAAA,MAChB,SAAS,SAAS,KAAK,OAAO,IAAI,KAAK,UAAU;AAAA,MACjD,gBAAgB,KAAK;AAAA,IACvB,CAAC;AAED,WAAO,KAAK,OAAO,WAAW;AAAA,MAC5B,UAAU,KAAK,YAAY;AAAA,MAC3B,gBAAgB,KAAK,kBAAkB;AAAA,MACvC,aAAa,KAAK,eAAe;AAAA,MACjC,WAAW,KAAK;AAAA,MAChB,aAAa,KAAK,eAAe;AAAA,MACjC,YAAY,WAAW;AAAA,MACvB,cAAc,KAAK,gBAAgB;AAAA,MACnC,YAAY,KAAK,cAAc;AAAA,MAC/B,oBAAoB,KAAK,sBAAsB;AAAA,MAC/C,kBAAkB,KAAK,oBAAoB;AAAA,MAC3C,gBAAgB,KAAK,kBAAkB;AAAA,MACvC,WAAW,KAAK,aAAa;AAAA,MAC7B,gBAAgB,KAAK,kBAAkB;AAAA,MACvC,gBAAgB,KAAK,kBAAkB;AAAA,MACvC,eAAe,KAAK,iBAAiB;AAAA,MACrC,aAAa,SAAS,KAAK,OAAO,IAAI,KAAK,UAAU;AAAA,MACrD,eAAe,WAAW;AAAA,MAC1B,qBAAqB,WAAW;AAAA,MAChC,aAAa,SAAS,KAAK,OAAO,IAAI,KAAK,UAAU;AAAA,MACrD,WAAW,WAAW;AAAA,MACtB,WAAW,oBAAI,KAAK;AAAA,MACpB,WAAW,oBAAI,KAAK;AAAA,IACtB,CAAC;AAAA,EACH;AAAA,EAEQ,eAAe,OAA+E;AACpG,QAAI,CAAC,OAAO;AACV,aAAO;AAAA,QACL,UAAU;AAAA,QACV,gBAAgB;AAAA,QAChB,aAAa;AAAA,QACb,WAAW;AAAA,QACX,aAAa;AAAA,QACb,cAAc;AAAA,QACd,YAAY;AAAA,QACZ,gBAAgB;AAAA,QAChB,WAAW;AAAA,QACX,gBAAgB;AAAA,QAChB,gBAAgB;AAAA,QAChB,eAAe;AAAA,QACf,SAAS;AAAA,QACT,SAAS;AAAA,MACX;AAAA,IACF;AAEA,UAAM,iBAAiB,CAAC,UAAmB;AACzC,UAAI,OAAO,UAAU,YAAY,MAAM,WAAW,EAAG,QAAO;AAC5D,UAAI,MAAM,WAAW,UAAU,EAAG,QAAO,MAAM,MAAM,WAAW,MAAM;AACtE,aAAO;AAAA,IACT;AAEA,UAAM,sBAAsB,CAAC,UAAoD;AAC/E,UAAI,UAAU,KAAM,QAAO;AAC3B,UAAI,MAAM,QAAQ,KAAK,EAAG,QAAO;AACjC,UAAI,OAAO,UAAU,SAAU,QAAO;AACtC,aAAO;AAAA,IACT;AAEA,UAAM,mBAAmB,CAAC,UACxB,OAAO,UAAU,YAAY,UAAU,QAAQ,CAAC,MAAM,QAAQ,KAAK,IAC/D,QACA;AAGN,WAAO;AAAA,MACL,UAAU,eAAe,MAAM,QAAQ;AAAA,MACvC,gBAAgB,eAAe,MAAM,cAAc;AAAA,MACnD,aAAa,eAAe,MAAM,WAAW;AAAA,MAC7C,WAAW,OAAO,MAAM,cAAc,YAAY,MAAM,UAAU,SAAS,IAAI,MAAM,YAAY;AAAA,MACjG,aAAa,iBAAiB,MAAM,WAAW,KAAK;AAAA,MACpD,cAAc,iBAAiB,MAAM,YAAY,KAAK;AAAA,MACtD,YAAY,iBAAiB,MAAM,UAAU,KAAK;AAAA,MAClD,oBAAoB,iBAAiB,MAAM,kBAAkB,KAAK;AAAA,MAClE,kBAAkB,iBAAiB,MAAM,gBAAgB,KAAK;AAAA,MAC9D,gBAAgB,MAAM,mBAAmB,YAAY,MAAM,mBAAmB,WAAW,MAAM,iBAAiB;AAAA,MAChH,WAAW,iBAAiB,MAAM,SAAS,KAAK;AAAA,MAChD,gBAAgB,MAAM;AAAA,MACtB,gBAAgB,MAAM;AAAA,MACtB,eAAe,MAAM;AAAA,MACrB,SAAS,oBAAoB,MAAM,OAAO;AAAA,MAC1C,SAAS,iBAAiB,MAAM,OAAO;AAAA,IACzC;AAAA,EACF;AAAA,EAEQ,eAAe,OAAoC;AACzD,WAAO,oBAAoB,MAAM;AAAA,MAC/B,GAAG;AAAA,IACL,CAAC;AAAA,EACH;AAAA,EAEQ,oBAAoB,QAAsC;AAChE,UAAM,SAAS,CAAC,GAAI,OAAO,gBAAgB,CAAC,CAAE;AAC9C,QAAI,OAAO,YAAa,QAAO,KAAK,OAAO,WAAW;AAEtD,WAAO,MAAM,KAAK,IAAI,IAAI,OAAO,IAAI,CAAC,UAAU,MAAM,KAAK,CAAC,EAAE,OAAO,OAAO,CAAC,CAAC;AAAA,EAChF;AAAA,EAEQ,kBAAkB,QAAsC;AAC9D,UAAM,SAAS,CAAC,GAAI,OAAO,cAAc,CAAC,CAAE;AAC5C,QAAI,OAAO,UAAW,QAAO,KAAK,OAAO,SAAS;AAElD,WAAO,MAAM,KAAK,IAAI,IAAI,OAAO,IAAI,CAAC,UAAU,MAAM,KAAK,CAAC,EAAE,OAAO,OAAO,CAAC,CAAC;AAAA,EAChF;AAAA,EAEQ,mBAAmB,QAAmD;AAC5E,UAAM,SAAS,CAAC,GAAI,OAAO,eAAe,CAAC,CAAE;AAC7C,QAAI,OAAO,WAAY,QAAO,KAAK,OAAO,UAAU;AAEpD,WAAO,MAAM,KAAK,IAAI,IAAI,MAAM,CAAC,EAC9B,OAAO,CAAC,UAAwC,wBAAwB,SAAS,KAA4B,CAAC;AAAA,EACnH;AAAA,EAEQ,kBAAkB,QAA+F;AACvH,UAAM,WACJ,OAAO,OAAO,aAAa,YAAY,OAAO,WAAW,IACrD,OAAO,WACP,OAAO,OAAO,UAAU,YAAY,OAAO,QAAQ,IACjD,OAAO,QACP;AACR,UAAM,OAAO,OAAO,OAAO,SAAS,YAAY,OAAO,OAAO,IAAI,OAAO,OAAO;AAChF,UAAM,SACJ,OAAO,OAAO,WAAW,YAAY,OAAO,UAAU,IAClD,OAAO,UACN,OAAO,KAAK;AACnB,WAAO,EAAE,MAAM,UAAU,QAAQ,OAAO,SAAS;AAAA,EACnD;AAAA,EAEA,MAAc,YAAY,QAA4B,SAAkC;AACtF,QAAI,QAAS,KAAK,eAAe,MAAM,EAAU,OAAO,sBAAsB;AAE9E,QAAI,SAAS,aAAa,OAAO;AAC/B,YAAM,EAAE,OAAO,OAAO,IAAI,KAAK,kBAAkB,MAAM;AACvD,cAAQ,MAAM,MAAM,KAAK,EAAE,OAAO,MAAM;AAAA,IAC1C;AAEA,UAAM,OAAO,MAAM,MAAM,QAAQ;AACjC,UAAM,MAAM,KAAK,IAAI,CAAC,QAAa,IAAI,EAAE,EAAE,OAAO,OAAO;AACzD,QAAI,IAAI,WAAW,EAAG,QAAO,CAAC;AAE9B,UAAM,UAAU,MAAM,KAAK,GAAG,KAAK,WAAW;AAAA,MAC5C,IAAI,EAAE,KAAK,IAAI;AAAA,MACf,WAAW;AAAA,IACb,CAAC;AACD,UAAM,KAAK,eAAe,OAAO;AAEjC,UAAM,OAAO,IAAI,IAAI,QAAQ,IAAI,CAAC,UAAe,CAAC,MAAM,IAAI,KAAK,CAAC,CAAC;AACnE,WAAO,IACJ,IAAI,CAAC,OAAY,KAAK,IAAI,EAAE,CAAC,EAC7B,OAAO,CAAC,UAAmC,QAAQ,KAAK,CAAC;AAAA,EAC9D;AAAA,EAEQ,eAAe,QAAiC;AACtD,QAAI,QAAS,KAAK,GAAG,UAAe,EACjC,WAAW,aAAa,EACxB,UAAU,EACV,MAAM,0BAA0B,MAAM,IAAI;AAE7C,QAAI,OAAO,SAAU,SAAQ,MAAM,MAAM,yBAAyB,KAAK,OAAO,QAAQ;AACtF,QAAI,OAAO,eAAgB,SAAQ,MAAM,MAAM,+BAA+B,KAAK,OAAO,cAAc;AAExG,UAAM,eAAe,KAAK,oBAAoB,MAAM;AACpD,QAAI,aAAa,WAAW,EAAG,SAAQ,MAAM,MAAM,6BAA6B,KAAK,aAAa,CAAC,CAAC;AACpG,QAAI,aAAa,SAAS,EAAG,SAAQ,MAAM,MAAM,6BAA6B,MAAM,YAAY;AAEhG,QAAI,OAAO,kBAAkB,OAAO,gBAAgB,OAAO,YAAY;AACrE,cAAQ,MAAM;AAAA,QAAM,CAAC,OACnB,GAAG,GAAG;AAAA,UACJ,GAAG,IAAI;AAAA,YACL,GAAG,6BAA6B,KAAK,OAAO,YAAY;AAAA,YACxD,GAAG,2BAA2B,KAAK,OAAO,UAAU;AAAA,UACtD,CAAC;AAAA,UACD,GAAG,IAAI;AAAA,YACL,GAAG,oCAAoC,KAAK,OAAO,YAAY;AAAA,YAC/D,GAAG,kCAAkC,KAAK,OAAO,UAAU;AAAA,UAC7D,CAAC;AAAA,QACH,CAAC;AAAA,MACH;AAAA,IACF,OAAO;AACL,UAAI,OAAO,aAAc,SAAQ,MAAM,MAAM,6BAA6B,KAAK,OAAO,YAAY;AAClG,UAAI,OAAO,WAAY,SAAQ,MAAM,MAAM,2BAA2B,KAAK,OAAO,UAAU;AAAA,IAC9F;AAEA,QAAI,OAAO,aAAc,SAAQ,MAAM,MAAM,0BAA0B,UAAU,IAAI;AACrF,QAAI,OAAO,OAAQ,SAAQ,MAAM,MAAM,0BAA0B,KAAK,OAAO,MAAM;AACnF,QAAI,OAAO,MAAO,SAAQ,MAAM,MAAM,0BAA0B,KAAK,OAAO,KAAK;AAEjF,UAAM,aAAa,KAAK,kBAAkB,MAAM;AAChD,QAAI,WAAW,WAAW,EAAG,SAAQ,MAAM,MAAM,qCAAqC,KAAK,WAAW,CAAC,CAAC;AACxG,QAAI,WAAW,SAAS,EAAG,SAAQ,MAAM,MAAM,qCAAqC,MAAM,UAAU;AAEpG,UAAM,cAAc,KAAK,mBAAmB,MAAM;AAClD,QAAI,YAAY,WAAW,EAAG,SAAQ,MAAM,MAAM,2BAA2B,KAAK,YAAY,CAAC,CAAC;AAChG,QAAI,YAAY,SAAS,EAAG,SAAQ,MAAM,MAAM,2BAA2B,MAAM,WAAW;AAE5F,QAAI,OAAO,cAAc,QAAQ;AAC/B,cAAQ,MAAM,SAAS,wBAAwB,kBAAkB,2BAA2B;AAAA,IAC9F;AAEA,UAAM,UAAU,OAAO,YAAY,QAAQ,QAAQ;AACnD,YAAQ,OAAO,WAAW;AAAA,MACxB,KAAK;AACH,gBAAQ,MAAM,QAAQ,oEAAoE,OAAO;AACjG;AAAA,MACF,KAAK;AACH,gBAAQ,MAAM,QAAQ,4CAA4C,OAAO;AACzE;AAAA,MACF,KAAK;AACH,gBAAQ,MAAM,QAAQ,sDAAsD,OAAO;AACnF;AAAA,MACF,KAAK;AACH,gBAAQ,MAAM,QAAQ,2CAA2C,OAAO;AACxE;AAAA,MACF,KAAK;AAAA,MACL;AACE,gBAAQ,MAAM,QAAQ,YAAY,WAAW,OAAO;AACpD,gBAAQ,MAAM,QAAQ,kBAAkB,OAAO;AAC/C,eAAO;AAAA,IACX;AAEA,YAAQ,MAAM,QAAQ,0BAA0B,MAAM;AACtD,YAAQ,MAAM,QAAQ,kBAAkB,MAAM;AAC9C,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,MAAM,OAAoC;AAC9C,UAAM,SAAS,KAAK,eAAe,KAAK;AACxC,UAAM,MAAM,MAAO,KAAK,eAAe,MAAM,EAC1C,YAAY,EACZ,aAAa,EACb,OAAO,cAAsB,GAAG,OAAO,CAAC,EACxC,iBAAiB;AAEpB,QAAI,CAAC,IAAK,QAAO;AACjB,UAAM,WAAW,IAAI,SAAS;AAC9B,WAAO,OAAO,aAAa,WAAW,WAAW,OAAO,SAAS,UAAU,EAAE,KAAK;AAAA,EACpF;AAAA,EAEA,MAAM,KAAK,OAAoC;AAC7C,UAAM,SAAS,KAAK,eAAe,KAAK;AACxC,UAAM,EAAE,MAAM,SAAS,IAAI,KAAK,kBAAkB,MAAM;AACxD,UAAM,CAAC,OAAO,KAAK,IAAI,MAAM,QAAQ,IAAI;AAAA,MACvC,KAAK,YAAY,MAAM;AAAA,MACvB,KAAK,MAAM,MAAM;AAAA,IACnB,CAAC;AACD,UAAM,aAAa,KAAK,IAAI,GAAG,KAAK,MAAM,SAAS,MAAM,YAAY,EAAE,CAAC;AACxE,WAAO,EAAE,OAAO,OAAO,MAAM,UAAU,WAAW;AAAA,EACpD;AAAA,EAEA,MAAM,uBAAuB,aAAqB,OAAqE;AACrH,UAAM,QAAgC;AAAA,MACpC;AAAA,MACA,WAAW,EAAE,KAAK,KAAK;AAAA,MACvB,gBAAgB;AAAA,MAChB,WAAW;AAAA,IACb;AACA,QAAI,MAAM,SAAU,OAAM,WAAW,MAAM;AAC3C,QAAI,MAAM,eAAgB,OAAM,iBAAiB,MAAM;AAEvD,UAAM,QAAQ,MAAM,KAAK,GAAG,QAAQ,WAAW,OAAO,EAAE,SAAS,EAAE,WAAW,OAAO,EAAE,CAAC;AACxF,UAAM,KAAK,eAAe,KAAK;AAC/B,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,WAAW,IAAY,YAAmC;AAC9D,UAAM,OAAO,KAAK,GAAG,KAAK;AAC1B,UAAM,MAAM,MAAM,KAAK,QAAQ,WAAW,EAAE,IAAI,WAAW,KAAK,CAAC;AACjE,QAAI,CAAC,IAAK,QAAO;AAEjB,QAAI,iBAAiB;AACrB,QAAI,YAAY;AAEhB,UAAM,WAAW,aAAa,KAAK,gBAAgB,MAAM,KAAK,iBAAiB,UAAU,CAAC,IAAI;AAC9F,QAAI,UAAU;AACZ,WAAK,QAAQ,QAAQ;AAAA,IACvB;AAEA,UAAM,KAAK,MAAM;AACjB,UAAM,KAAK,eAAe,GAAG;AAC7B,QAAI,SAAU,OAAM,KAAK,eAAe,QAAQ;AAEhD,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,gBAAgB,WAAmB;AACvC,UAAM,QAAQ,MAAM,KAAK,GAAG,QAAQ,WAAW,EAAE,WAAW,WAAW,KAAK,CAAC;AAC7E,UAAM,KAAK,eAAe,KAAK;AAC/B,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,SAAS,IAAY;AACzB,UAAM,QAAQ,MAAM,KAAK,GAAG,QAAQ,WAAW,EAAE,IAAI,WAAW,KAAK,CAAC;AACtE,UAAM,KAAK,eAAe,KAAK;AAC/B,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,0BAA0B,QAM7B;AACD,UAAM,QAAgC;AAAA,MACpC,aAAa,OAAO;AAAA,MACpB,WAAW,EAAE,KAAK,KAAK;AAAA,MACvB,gBAAgB;AAAA,MAChB,WAAW;AAAA,IACb;AACA,QAAI,OAAO,SAAU,OAAM,WAAW,OAAO;AAC7C,QAAI,OAAO,eAAgB,OAAM,iBAAiB,OAAO;AACzD,QAAI,OAAO,aAAc,OAAM,eAAe,OAAO;AACrD,QAAI,OAAO,WAAY,OAAM,aAAa,OAAO;AAEjD,UAAM,QAAQ,MAAM,KAAK,GAAG,QAAQ,WAAW,OAAO,EAAE,SAAS,EAAE,WAAW,OAAO,EAAE,CAAC;AACxF,UAAM,KAAK,eAAe,KAAK;AAC/B,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,qBAAqB,aAAqB,OAAqE;AACnH,UAAM,QAAgC;AAAA,MACpC;AAAA,MACA,gBAAgB;AAAA,MAChB,WAAW;AAAA,IACb;AACA,QAAI,MAAM,SAAU,OAAM,WAAW,MAAM;AAC3C,QAAI,MAAM,eAAgB,OAAM,iBAAiB,MAAM;AAEvD,UAAM,QAAQ,MAAM,KAAK,GAAG,QAAQ,WAAW,OAAO,EAAE,SAAS,EAAE,WAAW,OAAO,EAAE,CAAC;AACxF,UAAM,KAAK,eAAe,KAAK;AAC/B,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,WAAW,IAAY;AAC3B,UAAM,MAAM,MAAM,KAAK,GAAG,QAAQ,WAAW,EAAE,IAAI,WAAW,KAAK,CAAC;AACpE,QAAI,CAAC,IAAK,QAAO;AAEjB,QAAI,iBAAiB;AACrB,QAAI,YAAY;AAChB,UAAM,KAAK,GAAG,MAAM;AACpB,WAAO;AAAA,EACT;AAAA,EAEA,MAAM,oBAAoB,UAA8C,CAAC,GAA+C;AACtH,UAAM,YAAY,KAAK,IAAI,KAAK,IAAI,KAAK,MAAM,QAAQ,aAAa,GAAG,GAAG,CAAC,GAAG,GAAI;AAClF,UAAM,SAAS,QAAQ,WAAW,MAAM;AAAA,IAAC;AACzC,UAAM,SAA4C;AAAA,MAChD,QAAQ;AAAA,MACR,SAAS;AAAA,MACT,SAAS;AAAA,MACT,SAAS;AAAA,IACX;AAEA,QAAI,kBAA+B;AACnC,QAAI,WAA0B;AAE9B,WAAO,MAAM;AACX,YAAM,YAAa,KAAK,GAAG,UAAe,EACvC,WAAW,aAAa,EACxB,OAAO;AAAA,QACN;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,MACF,CAAC,EACA,MAAM,0BAA0B,MAAM,IAAI;AAE7C,UAAI,QAAQ,SAAU,WAAU,MAAM,yBAAyB,KAAK,QAAQ,QAAQ;AACpF,UAAI,QAAQ,eAAgB,WAAU,MAAM,+BAA+B,KAAK,QAAQ,cAAc;AAEtG,UAAI,CAAC,QAAQ,OAAO;AAClB,kBAAU;AAAA,UAAM,CAAC,OACf,GAAG,GAAG;AAAA,YACJ,GAAG,2BAA2B,MAAM,IAAI;AAAA,YACxC,GAAG,0BAA0B,MAAM,IAAI;AAAA,YACvC,GAAG,8BAA8B,MAAM,IAAI;AAAA,UAC7C,CAAC;AAAA,QACH;AAAA,MACF;AAEA,UAAI,mBAAmB,UAAU;AAC/B,kBAAU;AAAA,UAAM,CAAC,OACf,GAAG,GAAG;AAAA,YACJ,GAAG,0BAA0B,KAAK,eAAe;AAAA,YACjD,GAAG,IAAI;AAAA,cACL,GAAG,0BAA0B,KAAK,eAAe;AAAA,cACjD,GAAG,kBAAkB,KAAK,QAAQ;AAAA,YACpC,CAAC;AAAA,UACH,CAAC;AAAA,QACH;AAAA,MACF;AAEA,YAAM,OAAO,MAAM,UAChB,QAAQ,cAAc,KAAK,EAC3B,QAAQ,MAAM,KAAK,EACnB,MAAM,SAAS;AAElB,UAAI,KAAK,WAAW,EAAG;AAEvB,iBAAW,OAAO,MAAM;AACtB,eAAO,WAAW;AAElB,YAAI;AACF,gBAAM,YAAY,MAAM,KAAK,oBAAoB,GAAyC;AAC1F,gBAAM,aAAa,0BAA0B;AAAA,YAC3C,aAAa,WAAW,WAAW,eAAe,eAAe;AAAA,YACjE,aAAa,WAAW,WAAW,eAAe,cAAc;AAAA,YAChE,SAAS,WAAW,WAAW,eAAe,cAAc;AAAA,YAC5D,WAAW,WAAW,WAAW,aAAa,YAAY,KAAK;AAAA,YAC/D,SAAS,WAAW,WAAW,eAAe,cAAc;AAAA,YAC5D,gBAAgB,UAAU,WAAW,kBAAkB,iBAAiB;AAAA,UAC1E,CAAC;AAED,gBAAM,cAAc,QAAQ,UAAU,QACjC,IAAI,gBAAgB,WAAW,cAC/B,IAAI,eAAe,WAAW,aAC9B,IAAI,0BAA0B,WAAW,uBACzC,CAAC,kBAAkB,IAAI,gBAAgB,WAAW,aAAa;AAEpE,cAAI,CAAC,aAAa;AAChB,mBAAO,WAAW;AAClB;AAAA,UACF;AAEA,gBAAO,KAAK,GAAG,UAAe,EAC3B,YAAY,aAAa,EACzB,IAAI;AAAA,YACH,aAAa,WAAW;AAAA,YACxB,gBAAgB,WAAW;AAAA,YAC3B,uBAAuB,WAAW;AAAA,YAClC,YAAY,WAAW;AAAA,UACzB,CAAC,EACA,MAAM,MAAM,KAAK,IAAI,EAAE,EACvB,QAAQ;AAEX,iBAAO,WAAW;AAAA,QACpB,SAAS,KAAK;AACZ,iBAAO,UAAU;AACjB,iBAAO,oCAAoC,IAAI,EAAE,KAAK,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG,CAAC,EAAE;AAAA,QAC1G;AAAA,MACF;AAEA,YAAM,UAAU,KAAK,KAAK,SAAS,CAAC;AACpC,wBAAkB,QAAQ;AAC1B,iBAAW,QAAQ;AAEnB;AAAA,QACE,wBAAwB,OAAO,OAAO,0BAA0B,OAAO,OAAO,cAAc,OAAO,OAAO,aAAa,OAAO,MAAM;AAAA,MACtI;AAEA,UAAI,KAAK,SAAS,UAAW;AAAA,IAC/B;AAEA,WAAO;AAAA,EACT;AACF;",
6
6
  "names": ["decrypted"]
7
7
  }
package/dist/modules/auth/api/roles/acl/route.js CHANGED
@@ -137,7 +137,7 @@ async function PUT(req) {
137
137
  if (parsed.data.organizations !== void 0) acl.organizationsJson = parsed.data.organizations;
138
138
  acl.isSuperAdmin = effectiveIsSuperAdmin;
139
139
  acl.featuresJson = effectiveFeatures;
140
- await em.persistAndFlush(acl);
140
+ await em.persist(acl).flush();
141
141
  if (targetTenantId) {
142
142
  await rbacService.invalidateTenantCache(targetTenantId);
143
143
  try {
package/dist/modules/auth/api/roles/acl/route.js.map CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "version": 3,
3
3
  "sources": ["../../../../../../src/modules/auth/api/roles/acl/route.ts"],
4
- "sourcesContent": ["import { NextResponse } from 'next/server'\nimport { z } from 'zod'\nimport type { OpenApiRouteDoc } from '@open-mercato/shared/lib/openapi'\nimport { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { logCrudAccess } from '@open-mercato/shared/lib/crud/factory'\nimport { forbidden } from '@open-mercato/shared/lib/crud/errors'\nimport { RoleAcl, Role } from '@open-mercato/core/modules/auth/data/entities'\nimport type { EntityManager } from '@mikro-orm/postgresql'\nimport { resolveIsSuperAdmin } from '@open-mercato/core/modules/auth/lib/tenantAccess'\nimport { RbacService } from '@open-mercato/core/modules/auth/services/rbacService'\n\ntype TaggableCache = { deleteByTags?: (tags: string[]) => Promise<void> | void }\n\nconst getSchema = z.object({\n roleId: z.string().uuid(),\n tenantId: z.string().uuid().optional(),\n})\nconst putSchema = z.object({\n roleId: z.string().uuid(),\n isSuperAdmin: z.boolean().optional(),\n features: z.array(z.string()).optional(),\n organizations: z.array(z.string()).nullable().optional(),\n tenantId: z.string().uuid().optional(),\n})\n\nexport const metadata = {\n GET: { requireAuth: true, requireFeatures: ['auth.acl.manage'] },\n PUT: { requireAuth: true, requireFeatures: ['auth.acl.manage'] },\n}\n\nconst roleAclResponseSchema = z.object({\n isSuperAdmin: z.boolean(),\n features: z.array(z.string()),\n organizations: z.array(z.string()).nullable(),\n})\n\nconst roleAclUpdateResponseSchema = z.object({\n ok: z.literal(true),\n sanitized: z.boolean(),\n})\n\nconst roleAclErrorSchema = z.object({ error: z.string() })\n\nexport async function GET(req: Request) {\n const auth = await getAuthFromRequest(req)\n if (!auth) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n const url = new URL(req.url)\n const parsed = getSchema.safeParse({\n roleId: url.searchParams.get('roleId'),\n tenantId: url.searchParams.get('tenantId') || undefined,\n })\n if (!parsed.success) return NextResponse.json({ error: 'Invalid input' }, { status: 400 })\n const container = await createRequestContainer()\n const isSuperAdmin = await resolveIsSuperAdmin({ auth, container })\n const em = container.resolve('em') as EntityManager\n const authTenantId = auth.tenantId ?? null\n const roleFilter: Record<string, unknown> = { id: parsed.data.roleId }\n if (!isSuperAdmin && authTenantId) {\n roleFilter.$or = [{ tenantId: authTenantId }, { tenantId: null }]\n }\n const role = await em.findOne(Role, roleFilter)\n if (!role) return NextResponse.json({ error: 'Not found' }, { status: 404 })\n const roleTenantId = role?.tenantId ? String(role.tenantId) : null\n\n let tenantScope = parsed.data.tenantId ?? roleTenantId ?? authTenantId ?? null\n if (parsed.data.tenantId && parsed.data.tenantId !== tenantScope) {\n if (isSuperAdmin || parsed.data.tenantId === authTenantId) tenantScope = parsed.data.tenantId\n else return NextResponse.json({ error: 'Forbidden' }, { status: 403 })\n }\n if (!tenantScope && !isSuperAdmin) tenantScope = authTenantId ?? null\n\n const acl = tenantScope\n ? await em.findOne(RoleAcl, { role, tenantId: tenantScope })\n : null\n const response = acl\n ? {\n isSuperAdmin: !!acl.isSuperAdmin,\n features: Array.isArray(acl.featuresJson) ? acl.featuresJson : [],\n organizations: Array.isArray(acl.organizationsJson) ? acl.organizationsJson : null,\n }\n : { isSuperAdmin: false, features: [], organizations: null }\n\n await logCrudAccess({\n container,\n auth,\n request: req,\n items: [{ id: parsed.data.roleId, ...response }],\n idField: 'id',\n resourceKind: 'auth.role_acl',\n organizationId: auth.orgId ?? null,\n tenantId: tenantScope,\n query: { roleId: parsed.data.roleId, tenantId: tenantScope },\n accessType: 'read:item',\n })\n\n return NextResponse.json(response)\n}\n\nexport async function PUT(req: Request) {\n const auth = await getAuthFromRequest(req)\n if (!auth) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n const body = await req.json().catch(() => ({}))\n const parsed = putSchema.safeParse(body)\n if (!parsed.success) return NextResponse.json({ error: 'Invalid input' }, { status: 400 })\n const container = await createRequestContainer()\n const em = container.resolve('em') as EntityManager\n const isSuperAdmin = await resolveIsSuperAdmin({ auth, container })\n const rbacService = container.resolve('rbacService') as RbacService\n const authTenantId = auth.tenantId ?? null\n const putRoleFilter: Record<string, unknown> = { id: parsed.data.roleId }\n if (!isSuperAdmin && authTenantId) {\n putRoleFilter.$or = [{ tenantId: authTenantId }, { tenantId: null }]\n }\n const role = await em.findOne(Role, putRoleFilter)\n if (!role) return NextResponse.json({ error: 'Not found' }, { status: 404 })\n\n const roleTenantId = role?.tenantId ? String(role.tenantId) : null\n\n let targetTenantId = parsed.data.tenantId ?? roleTenantId ?? authTenantId ?? null\n if (parsed.data.tenantId && parsed.data.tenantId !== targetTenantId) {\n if (isSuperAdmin || parsed.data.tenantId === authTenantId) {\n targetTenantId = parsed.data.tenantId\n } else {\n return NextResponse.json({ error: 'Forbidden' }, { status: 403 })\n }\n }\n if (!targetTenantId && !isSuperAdmin) targetTenantId = authTenantId ?? null\n if (!targetTenantId) return NextResponse.json({ error: 'Tenant required' }, { status: 400 })\n\n if (!isSuperAdmin && targetTenantId !== authTenantId) {\n return NextResponse.json({ error: 'Forbidden' }, { status: 403 })\n }\n\n const actorAcl = auth.sub\n ? await rbacService.loadAcl(auth.sub, { tenantId: auth.tenantId ?? null, organizationId: auth.orgId ?? null })\n : null\n const actorIsSuperAdmin = !!actorAcl?.isSuperAdmin\n\n const requestedFeatures = normalizeFeatureList(parsed.data.features)\n let acl = await em.findOne(RoleAcl, { role, tenantId: targetTenantId })\n if (!acl) {\n acl = em.create(RoleAcl, {\n role,\n tenantId: targetTenantId,\n createdAt: new Date(),\n isSuperAdmin: false,\n })\n }\n\n const existingIsSuperAdmin = !!acl.isSuperAdmin\n const requestedIsSuperAdmin = parsed.data.isSuperAdmin ?? existingIsSuperAdmin\n let effectiveIsSuperAdmin = requestedIsSuperAdmin\n\n if (!actorIsSuperAdmin) {\n if (requestedIsSuperAdmin && !existingIsSuperAdmin) {\n throw forbidden('Only super administrators can mark a role as super admin.')\n }\n if (existingIsSuperAdmin && requestedIsSuperAdmin === false) {\n effectiveIsSuperAdmin = false\n } else {\n effectiveIsSuperAdmin = existingIsSuperAdmin\n }\n }\n\n const effectiveFeatures = actorIsSuperAdmin\n ? requestedFeatures\n : sanitizeTenantFeatures(requestedFeatures)\n\n if (parsed.data.organizations !== undefined) acl.organizationsJson = parsed.data.organizations\n acl.isSuperAdmin = effectiveIsSuperAdmin\n acl.featuresJson = effectiveFeatures\n await em.persistAndFlush(acl)\n \n // Invalidate cache for all users in this tenant since role ACL changed\n if (targetTenantId) {\n await rbacService.invalidateTenantCache(targetTenantId)\n // Sidebar nav caches depend on RBAC; invalidate tenant scope nav caches\n try {\n const cache = container.resolve('cache') as TaggableCache | undefined\n if (cache?.deleteByTags) await cache.deleteByTags([`rbac:tenant:${targetTenantId}`])\n } catch {}\n }\n \n return NextResponse.json({\n ok: true,\n sanitized: !actorIsSuperAdmin && (effectiveFeatures.length !== requestedFeatures.length || effectiveIsSuperAdmin !== requestedIsSuperAdmin),\n })\n}\n\nfunction normalizeFeatureList(features: unknown): string[] {\n if (!Array.isArray(features)) return []\n const dedup = new Set<string>()\n for (const value of features) {\n if (typeof value !== 'string') continue\n const trimmed = value.trim()\n if (!trimmed) continue\n dedup.add(trimmed)\n }\n return Array.from(dedup)\n}\n\nfunction sanitizeTenantFeatures(features: string[]): string[] {\n return features.filter((feature) => !isTenantRestrictedFeature(feature))\n}\n\nfunction isTenantRestrictedFeature(feature: string): boolean {\n if (feature === '*' || feature === 'directory.*') return true\n if (feature.startsWith('directory.tenants')) return true\n return false\n}\n\nexport const openApi: OpenApiRouteDoc = {\n tag: 'Authentication & Accounts',\n summary: 'Role ACL management',\n methods: {\n GET: {\n summary: 'Fetch role ACL',\n description: 'Returns the feature and organization assignments associated with a role within the current tenant.',\n query: getSchema,\n responses: [\n { status: 200, description: 'Role ACL entry', schema: roleAclResponseSchema },\n { status: 400, description: 'Invalid role id', schema: roleAclErrorSchema },\n { status: 401, description: 'Unauthorized', schema: roleAclErrorSchema },\n { status: 404, description: 'Role not found', schema: roleAclErrorSchema },\n ],\n },\n PUT: {\n summary: 'Update role ACL',\n description: 'Replaces the feature list, super admin flag, and optional organization assignments for a role.',\n requestBody: {\n contentType: 'application/json',\n schema: putSchema,\n },\n responses: [\n { status: 200, description: 'Role ACL updated', schema: roleAclUpdateResponseSchema },\n { status: 400, description: 'Invalid payload', schema: roleAclErrorSchema },\n { status: 401, description: 'Unauthorized', schema: roleAclErrorSchema },\n { status: 403, description: 'Insufficient privileges to modify ACL', schema: roleAclErrorSchema },\n { status: 404, description: 'Role not found', schema: roleAclErrorSchema },\n ],\n },\n },\n}\n"],
5
- "mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,SAAS;AAElB,SAAS,0BAA0B;AACnC,SAAS,8BAA8B;AACvC,SAAS,qBAAqB;AAC9B,SAAS,iBAAiB;AAC1B,SAAS,SAAS,YAAY;AAE9B,SAAS,2BAA2B;AAKpC,MAAM,YAAY,EAAE,OAAO;AAAA,EACzB,QAAQ,EAAE,OAAO,EAAE,KAAK;AAAA,EACxB,UAAU,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS;AACvC,CAAC;AACD,MAAM,YAAY,EAAE,OAAO;AAAA,EACzB,QAAQ,EAAE,OAAO,EAAE,KAAK;AAAA,EACxB,cAAc,EAAE,QAAQ,EAAE,SAAS;AAAA,EACnC,UAAU,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,SAAS;AAAA,EACvC,eAAe,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,SAAS,EAAE,SAAS;AAAA,EACvD,UAAU,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS;AACvC,CAAC;AAEM,MAAM,WAAW;AAAA,EACtB,KAAK,EAAE,aAAa,MAAM,iBAAiB,CAAC,iBAAiB,EAAE;AAAA,EAC/D,KAAK,EAAE,aAAa,MAAM,iBAAiB,CAAC,iBAAiB,EAAE;AACjE;AAEA,MAAM,wBAAwB,EAAE,OAAO;AAAA,EACrC,cAAc,EAAE,QAAQ;AAAA,EACxB,UAAU,EAAE,MAAM,EAAE,OAAO,CAAC;AAAA,EAC5B,eAAe,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,SAAS;AAC9C,CAAC;AAED,MAAM,8BAA8B,EAAE,OAAO;AAAA,EAC3C,IAAI,EAAE,QAAQ,IAAI;AAAA,EAClB,WAAW,EAAE,QAAQ;AACvB,CAAC;AAED,MAAM,qBAAqB,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC;AAEzD,eAAsB,IAAI,KAAc;AACtC,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,KAAM,QAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAC9E,QAAM,MAAM,IAAI,IAAI,IAAI,GAAG;AAC3B,QAAM,SAAS,UAAU,UAAU;AAAA,IACjC,QAAQ,IAAI,aAAa,IAAI,QAAQ;AAAA,IACrC,UAAU,IAAI,aAAa,IAAI,UAAU,KAAK;AAAA,EAChD,CAAC;AACD,MAAI,CAAC,OAAO,QAAS,QAAO,aAAa,KAAK,EAAE,OAAO,gBAAgB,GAAG,EAAE,QAAQ,IAAI,CAAC;AACzF,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,eAAe,MAAM,oBAAoB,EAAE,MAAM,UAAU,CAAC;AAClE,QAAM,KAAK,UAAU,QAAQ,IAAI;AACjC,QAAM,eAAe,KAAK,YAAY;AACtC,QAAM,aAAsC,EAAE,IAAI,OAAO,KAAK,OAAO;AACrE,MAAI,CAAC,gBAAgB,cAAc;AACjC,eAAW,MAAM,CAAC,EAAE,UAAU,aAAa,GAAG,EAAE,UAAU,KAAK,CAAC;AAAA,EAClE;AACA,QAAM,OAAO,MAAM,GAAG,QAAQ,MAAM,UAAU;AAC9C,MAAI,CAAC,KAAM,QAAO,aAAa,KAAK,EAAE,OAAO,YAAY,GAAG,EAAE,QAAQ,IAAI,CAAC;AAC3E,QAAM,eAAe,MAAM,WAAW,OAAO,KAAK,QAAQ,IAAI;AAE9D,MAAI,cAAc,OAAO,KAAK,YAAY,gBAAgB,gBAAgB;AAC1E,MAAI,OAAO,KAAK,YAAY,OAAO,KAAK,aAAa,aAAa;AAChE,QAAI,gBAAgB,OAAO,KAAK,aAAa,aAAc,eAAc,OAAO,KAAK;AAAA,QAChF,QAAO,aAAa,KAAK,EAAE,OAAO,YAAY,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACvE;AACA,MAAI,CAAC,eAAe,CAAC,aAAc,eAAc,gBAAgB;AAEjE,QAAM,MAAM,cACR,MAAM,GAAG,QAAQ,SAAS,EAAE,MAAM,UAAU,YAAY,CAAC,IACzD;AACJ,QAAM,WAAW,MACb;AAAA,IACE,cAAc,CAAC,CAAC,IAAI;AAAA,IACpB,UAAU,MAAM,QAAQ,IAAI,YAAY,IAAI,IAAI,eAAe,CAAC;AAAA,IAChE,eAAe,MAAM,QAAQ,IAAI,iBAAiB,IAAI,IAAI,oBAAoB;AAAA,EAChF,IACA,EAAE,cAAc,OAAO,UAAU,CAAC,GAAG,eAAe,KAAK;AAE7D,QAAM,cAAc;AAAA,IAClB;AAAA,IACA;AAAA,IACA,SAAS;AAAA,IACT,OAAO,CAAC,EAAE,IAAI,OAAO,KAAK,QAAQ,GAAG,SAAS,CAAC;AAAA,IAC/C,SAAS;AAAA,IACT,cAAc;AAAA,IACd,gBAAgB,KAAK,SAAS;AAAA,IAC9B,UAAU;AAAA,IACV,OAAO,EAAE,QAAQ,OAAO,KAAK,QAAQ,UAAU,YAAY;AAAA,IAC3D,YAAY;AAAA,EACd,CAAC;AAED,SAAO,aAAa,KAAK,QAAQ;AACnC;AAEA,eAAsB,IAAI,KAAc;AACtC,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,KAAM,QAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAC9E,QAAM,OAAO,MAAM,IAAI,KAAK,EAAE,MAAM,OAAO,CAAC,EAAE;AAC9C,QAAM,SAAS,UAAU,UAAU,IAAI;AACvC,MAAI,CAAC,OAAO,QAAS,QAAO,aAAa,KAAK,EAAE,OAAO,gBAAgB,GAAG,EAAE,QAAQ,IAAI,CAAC;AACzF,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,KAAK,UAAU,QAAQ,IAAI;AACjC,QAAM,eAAe,MAAM,oBAAoB,EAAE,MAAM,UAAU,CAAC;AAClE,QAAM,cAAc,UAAU,QAAQ,aAAa;AACnD,QAAM,eAAe,KAAK,YAAY;AACtC,QAAM,gBAAyC,EAAE,IAAI,OAAO,KAAK,OAAO;AACxE,MAAI,CAAC,gBAAgB,cAAc;AACjC,kBAAc,MAAM,CAAC,EAAE,UAAU,aAAa,GAAG,EAAE,UAAU,KAAK,CAAC;AAAA,EACrE;AACA,QAAM,OAAO,MAAM,GAAG,QAAQ,MAAM,aAAa;AACjD,MAAI,CAAC,KAAM,QAAO,aAAa,KAAK,EAAE,OAAO,YAAY,GAAG,EAAE,QAAQ,IAAI,CAAC;AAE3E,QAAM,eAAe,MAAM,WAAW,OAAO,KAAK,QAAQ,IAAI;AAE9D,MAAI,iBAAiB,OAAO,KAAK,YAAY,gBAAgB,gBAAgB;AAC7E,MAAI,OAAO,KAAK,YAAY,OAAO,KAAK,aAAa,gBAAgB;AACnE,QAAI,gBAAgB,OAAO,KAAK,aAAa,cAAc;AACzD,uBAAiB,OAAO,KAAK;AAAA,IAC/B,OAAO;AACL,aAAO,aAAa,KAAK,EAAE,OAAO,YAAY,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,IAClE;AAAA,EACF;AACA,MAAI,CAAC,kBAAkB,CAAC,aAAc,kBAAiB,gBAAgB;AACvE,MAAI,CAAC,eAAgB,QAAO,aAAa,KAAK,EAAE,OAAO,kBAAkB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAE3F,MAAI,CAAC,gBAAgB,mBAAmB,cAAc;AACpD,WAAO,aAAa,KAAK,EAAE,OAAO,YAAY,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAClE;AAEA,QAAM,WAAW,KAAK,MAClB,MAAM,YAAY,QAAQ,KAAK,KAAK,EAAE,UAAU,KAAK,YAAY,MAAM,gBAAgB,KAAK,SAAS,KAAK,CAAC,IAC3G;AACJ,QAAM,oBAAoB,CAAC,CAAC,UAAU;AAEtC,QAAM,oBAAoB,qBAAqB,OAAO,KAAK,QAAQ;AACnE,MAAI,MAAM,MAAM,GAAG,QAAQ,SAAS,EAAE,MAAM,UAAU,eAAe,CAAC;AACtE,MAAI,CAAC,KAAK;AACR,UAAM,GAAG,OAAO,SAAS;AAAA,MACvB;AAAA,MACA,UAAU;AAAA,MACV,WAAW,oBAAI,KAAK;AAAA,MACpB,cAAc;AAAA,IAChB,CAAC;AAAA,EACH;AAEA,QAAM,uBAAuB,CAAC,CAAC,IAAI;AACnC,QAAM,wBAAwB,OAAO,KAAK,gBAAgB;AAC1D,MAAI,wBAAwB;AAE5B,MAAI,CAAC,mBAAmB;AACtB,QAAI,yBAAyB,CAAC,sBAAsB;AAClD,YAAM,UAAU,2DAA2D;AAAA,IAC7E;AACA,QAAI,wBAAwB,0BAA0B,OAAO;AAC3D,8BAAwB;AAAA,IAC1B,OAAO;AACL,8BAAwB;AAAA,IAC1B;AAAA,EACF;AAEA,QAAM,oBAAoB,oBACtB,oBACA,uBAAuB,iBAAiB;AAE5C,MAAI,OAAO,KAAK,kBAAkB,OAAW,KAAI,oBAAoB,OAAO,KAAK;AACjF,MAAI,eAAe;AACnB,MAAI,eAAe;AACnB,QAAM,GAAG,gBAAgB,GAAG;AAG5B,MAAI,gBAAgB;AAClB,UAAM,YAAY,sBAAsB,cAAc;AAEtD,QAAI;AACF,YAAM,QAAQ,UAAU,QAAQ,OAAO;AACvC,UAAI,OAAO,aAAc,OAAM,MAAM,aAAa,CAAC,eAAe,cAAc,EAAE,CAAC;AAAA,IACrF,QAAQ;AAAA,IAAC;AAAA,EACX;AAEA,SAAO,aAAa,KAAK;AAAA,IACvB,IAAI;AAAA,IACJ,WAAW,CAAC,sBAAsB,kBAAkB,WAAW,kBAAkB,UAAU,0BAA0B;AAAA,EACvH,CAAC;AACH;AAEA,SAAS,qBAAqB,UAA6B;AACzD,MAAI,CAAC,MAAM,QAAQ,QAAQ,EAAG,QAAO,CAAC;AACtC,QAAM,QAAQ,oBAAI,IAAY;AAC9B,aAAW,SAAS,UAAU;AAC5B,QAAI,OAAO,UAAU,SAAU;AAC/B,UAAM,UAAU,MAAM,KAAK;AAC3B,QAAI,CAAC,QAAS;AACd,UAAM,IAAI,OAAO;AAAA,EACnB;AACA,SAAO,MAAM,KAAK,KAAK;AACzB;AAEA,SAAS,uBAAuB,UAA8B;AAC5D,SAAO,SAAS,OAAO,CAAC,YAAY,CAAC,0BAA0B,OAAO,CAAC;AACzE;AAEA,SAAS,0BAA0B,SAA0B;AAC3D,MAAI,YAAY,OAAO,YAAY,cAAe,QAAO;AACzD,MAAI,QAAQ,WAAW,mBAAmB,EAAG,QAAO;AACpD,SAAO;AACT;AAEO,MAAM,UAA2B;AAAA,EACtC,KAAK;AAAA,EACL,SAAS;AAAA,EACT,SAAS;AAAA,IACP,KAAK;AAAA,MACH,SAAS;AAAA,MACT,aAAa;AAAA,MACb,OAAO;AAAA,MACP,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,kBAAkB,QAAQ,sBAAsB;AAAA,QAC5E,EAAE,QAAQ,KAAK,aAAa,mBAAmB,QAAQ,mBAAmB;AAAA,QAC1E,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,mBAAmB;AAAA,QACvE,EAAE,QAAQ,KAAK,aAAa,kBAAkB,QAAQ,mBAAmB;AAAA,MAC3E;AAAA,IACF;AAAA,IACA,KAAK;AAAA,MACH,SAAS;AAAA,MACT,aAAa;AAAA,MACb,aAAa;AAAA,QACX,aAAa;AAAA,QACb,QAAQ;AAAA,MACV;AAAA,MACA,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,oBAAoB,QAAQ,4BAA4B;AAAA,QACpF,EAAE,QAAQ,KAAK,aAAa,mBAAmB,QAAQ,mBAAmB;AAAA,QAC1E,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,mBAAmB;AAAA,QACvE,EAAE,QAAQ,KAAK,aAAa,yCAAyC,QAAQ,mBAAmB;AAAA,QAChG,EAAE,QAAQ,KAAK,aAAa,kBAAkB,QAAQ,mBAAmB;AAAA,MAC3E;AAAA,IACF;AAAA,EACF;AACF;",
4
+ "sourcesContent": ["import { NextResponse } from 'next/server'\nimport { z } from 'zod'\nimport type { OpenApiRouteDoc } from '@open-mercato/shared/lib/openapi'\nimport { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'\nimport { createRequestContainer } from '@open-mercato/shared/lib/di/container'\nimport { logCrudAccess } from '@open-mercato/shared/lib/crud/factory'\nimport { forbidden } from '@open-mercato/shared/lib/crud/errors'\nimport { RoleAcl, Role } from '@open-mercato/core/modules/auth/data/entities'\nimport type { EntityManager } from '@mikro-orm/postgresql'\nimport { resolveIsSuperAdmin } from '@open-mercato/core/modules/auth/lib/tenantAccess'\nimport { RbacService } from '@open-mercato/core/modules/auth/services/rbacService'\n\ntype TaggableCache = { deleteByTags?: (tags: string[]) => Promise<void> | void }\n\nconst getSchema = z.object({\n roleId: z.string().uuid(),\n tenantId: z.string().uuid().optional(),\n})\nconst putSchema = z.object({\n roleId: z.string().uuid(),\n isSuperAdmin: z.boolean().optional(),\n features: z.array(z.string()).optional(),\n organizations: z.array(z.string()).nullable().optional(),\n tenantId: z.string().uuid().optional(),\n})\n\nexport const metadata = {\n GET: { requireAuth: true, requireFeatures: ['auth.acl.manage'] },\n PUT: { requireAuth: true, requireFeatures: ['auth.acl.manage'] },\n}\n\nconst roleAclResponseSchema = z.object({\n isSuperAdmin: z.boolean(),\n features: z.array(z.string()),\n organizations: z.array(z.string()).nullable(),\n})\n\nconst roleAclUpdateResponseSchema = z.object({\n ok: z.literal(true),\n sanitized: z.boolean(),\n})\n\nconst roleAclErrorSchema = z.object({ error: z.string() })\n\nexport async function GET(req: Request) {\n const auth = await getAuthFromRequest(req)\n if (!auth) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n const url = new URL(req.url)\n const parsed = getSchema.safeParse({\n roleId: url.searchParams.get('roleId'),\n tenantId: url.searchParams.get('tenantId') || undefined,\n })\n if (!parsed.success) return NextResponse.json({ error: 'Invalid input' }, { status: 400 })\n const container = await createRequestContainer()\n const isSuperAdmin = await resolveIsSuperAdmin({ auth, container })\n const em = container.resolve('em') as EntityManager\n const authTenantId = auth.tenantId ?? null\n const roleFilter: Record<string, unknown> = { id: parsed.data.roleId }\n if (!isSuperAdmin && authTenantId) {\n roleFilter.$or = [{ tenantId: authTenantId }, { tenantId: null }]\n }\n const role = await em.findOne(Role, roleFilter)\n if (!role) return NextResponse.json({ error: 'Not found' }, { status: 404 })\n const roleTenantId = role?.tenantId ? String(role.tenantId) : null\n\n let tenantScope = parsed.data.tenantId ?? roleTenantId ?? authTenantId ?? null\n if (parsed.data.tenantId && parsed.data.tenantId !== tenantScope) {\n if (isSuperAdmin || parsed.data.tenantId === authTenantId) tenantScope = parsed.data.tenantId\n else return NextResponse.json({ error: 'Forbidden' }, { status: 403 })\n }\n if (!tenantScope && !isSuperAdmin) tenantScope = authTenantId ?? null\n\n const acl = tenantScope\n ? await em.findOne(RoleAcl, { role, tenantId: tenantScope })\n : null\n const response = acl\n ? {\n isSuperAdmin: !!acl.isSuperAdmin,\n features: Array.isArray(acl.featuresJson) ? acl.featuresJson : [],\n organizations: Array.isArray(acl.organizationsJson) ? acl.organizationsJson : null,\n }\n : { isSuperAdmin: false, features: [], organizations: null }\n\n await logCrudAccess({\n container,\n auth,\n request: req,\n items: [{ id: parsed.data.roleId, ...response }],\n idField: 'id',\n resourceKind: 'auth.role_acl',\n organizationId: auth.orgId ?? null,\n tenantId: tenantScope,\n query: { roleId: parsed.data.roleId, tenantId: tenantScope },\n accessType: 'read:item',\n })\n\n return NextResponse.json(response)\n}\n\nexport async function PUT(req: Request) {\n const auth = await getAuthFromRequest(req)\n if (!auth) return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })\n const body = await req.json().catch(() => ({}))\n const parsed = putSchema.safeParse(body)\n if (!parsed.success) return NextResponse.json({ error: 'Invalid input' }, { status: 400 })\n const container = await createRequestContainer()\n const em = container.resolve('em') as EntityManager\n const isSuperAdmin = await resolveIsSuperAdmin({ auth, container })\n const rbacService = container.resolve('rbacService') as RbacService\n const authTenantId = auth.tenantId ?? null\n const putRoleFilter: Record<string, unknown> = { id: parsed.data.roleId }\n if (!isSuperAdmin && authTenantId) {\n putRoleFilter.$or = [{ tenantId: authTenantId }, { tenantId: null }]\n }\n const role = await em.findOne(Role, putRoleFilter)\n if (!role) return NextResponse.json({ error: 'Not found' }, { status: 404 })\n\n const roleTenantId = role?.tenantId ? String(role.tenantId) : null\n\n let targetTenantId = parsed.data.tenantId ?? roleTenantId ?? authTenantId ?? null\n if (parsed.data.tenantId && parsed.data.tenantId !== targetTenantId) {\n if (isSuperAdmin || parsed.data.tenantId === authTenantId) {\n targetTenantId = parsed.data.tenantId\n } else {\n return NextResponse.json({ error: 'Forbidden' }, { status: 403 })\n }\n }\n if (!targetTenantId && !isSuperAdmin) targetTenantId = authTenantId ?? null\n if (!targetTenantId) return NextResponse.json({ error: 'Tenant required' }, { status: 400 })\n\n if (!isSuperAdmin && targetTenantId !== authTenantId) {\n return NextResponse.json({ error: 'Forbidden' }, { status: 403 })\n }\n\n const actorAcl = auth.sub\n ? await rbacService.loadAcl(auth.sub, { tenantId: auth.tenantId ?? null, organizationId: auth.orgId ?? null })\n : null\n const actorIsSuperAdmin = !!actorAcl?.isSuperAdmin\n\n const requestedFeatures = normalizeFeatureList(parsed.data.features)\n let acl = await em.findOne(RoleAcl, { role, tenantId: targetTenantId })\n if (!acl) {\n acl = em.create(RoleAcl, {\n role,\n tenantId: targetTenantId,\n createdAt: new Date(),\n isSuperAdmin: false,\n })\n }\n\n const existingIsSuperAdmin = !!acl.isSuperAdmin\n const requestedIsSuperAdmin = parsed.data.isSuperAdmin ?? existingIsSuperAdmin\n let effectiveIsSuperAdmin = requestedIsSuperAdmin\n\n if (!actorIsSuperAdmin) {\n if (requestedIsSuperAdmin && !existingIsSuperAdmin) {\n throw forbidden('Only super administrators can mark a role as super admin.')\n }\n if (existingIsSuperAdmin && requestedIsSuperAdmin === false) {\n effectiveIsSuperAdmin = false\n } else {\n effectiveIsSuperAdmin = existingIsSuperAdmin\n }\n }\n\n const effectiveFeatures = actorIsSuperAdmin\n ? requestedFeatures\n : sanitizeTenantFeatures(requestedFeatures)\n\n if (parsed.data.organizations !== undefined) acl.organizationsJson = parsed.data.organizations\n acl.isSuperAdmin = effectiveIsSuperAdmin\n acl.featuresJson = effectiveFeatures\n await em.persist(acl).flush()\n \n // Invalidate cache for all users in this tenant since role ACL changed\n if (targetTenantId) {\n await rbacService.invalidateTenantCache(targetTenantId)\n // Sidebar nav caches depend on RBAC; invalidate tenant scope nav caches\n try {\n const cache = container.resolve('cache') as TaggableCache | undefined\n if (cache?.deleteByTags) await cache.deleteByTags([`rbac:tenant:${targetTenantId}`])\n } catch {}\n }\n \n return NextResponse.json({\n ok: true,\n sanitized: !actorIsSuperAdmin && (effectiveFeatures.length !== requestedFeatures.length || effectiveIsSuperAdmin !== requestedIsSuperAdmin),\n })\n}\n\nfunction normalizeFeatureList(features: unknown): string[] {\n if (!Array.isArray(features)) return []\n const dedup = new Set<string>()\n for (const value of features) {\n if (typeof value !== 'string') continue\n const trimmed = value.trim()\n if (!trimmed) continue\n dedup.add(trimmed)\n }\n return Array.from(dedup)\n}\n\nfunction sanitizeTenantFeatures(features: string[]): string[] {\n return features.filter((feature) => !isTenantRestrictedFeature(feature))\n}\n\nfunction isTenantRestrictedFeature(feature: string): boolean {\n if (feature === '*' || feature === 'directory.*') return true\n if (feature.startsWith('directory.tenants')) return true\n return false\n}\n\nexport const openApi: OpenApiRouteDoc = {\n tag: 'Authentication & Accounts',\n summary: 'Role ACL management',\n methods: {\n GET: {\n summary: 'Fetch role ACL',\n description: 'Returns the feature and organization assignments associated with a role within the current tenant.',\n query: getSchema,\n responses: [\n { status: 200, description: 'Role ACL entry', schema: roleAclResponseSchema },\n { status: 400, description: 'Invalid role id', schema: roleAclErrorSchema },\n { status: 401, description: 'Unauthorized', schema: roleAclErrorSchema },\n { status: 404, description: 'Role not found', schema: roleAclErrorSchema },\n ],\n },\n PUT: {\n summary: 'Update role ACL',\n description: 'Replaces the feature list, super admin flag, and optional organization assignments for a role.',\n requestBody: {\n contentType: 'application/json',\n schema: putSchema,\n },\n responses: [\n { status: 200, description: 'Role ACL updated', schema: roleAclUpdateResponseSchema },\n { status: 400, description: 'Invalid payload', schema: roleAclErrorSchema },\n { status: 401, description: 'Unauthorized', schema: roleAclErrorSchema },\n { status: 403, description: 'Insufficient privileges to modify ACL', schema: roleAclErrorSchema },\n { status: 404, description: 'Role not found', schema: roleAclErrorSchema },\n ],\n },\n },\n}\n"],
5
+ "mappings": "AAAA,SAAS,oBAAoB;AAC7B,SAAS,SAAS;AAElB,SAAS,0BAA0B;AACnC,SAAS,8BAA8B;AACvC,SAAS,qBAAqB;AAC9B,SAAS,iBAAiB;AAC1B,SAAS,SAAS,YAAY;AAE9B,SAAS,2BAA2B;AAKpC,MAAM,YAAY,EAAE,OAAO;AAAA,EACzB,QAAQ,EAAE,OAAO,EAAE,KAAK;AAAA,EACxB,UAAU,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS;AACvC,CAAC;AACD,MAAM,YAAY,EAAE,OAAO;AAAA,EACzB,QAAQ,EAAE,OAAO,EAAE,KAAK;AAAA,EACxB,cAAc,EAAE,QAAQ,EAAE,SAAS;AAAA,EACnC,UAAU,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,SAAS;AAAA,EACvC,eAAe,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,SAAS,EAAE,SAAS;AAAA,EACvD,UAAU,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS;AACvC,CAAC;AAEM,MAAM,WAAW;AAAA,EACtB,KAAK,EAAE,aAAa,MAAM,iBAAiB,CAAC,iBAAiB,EAAE;AAAA,EAC/D,KAAK,EAAE,aAAa,MAAM,iBAAiB,CAAC,iBAAiB,EAAE;AACjE;AAEA,MAAM,wBAAwB,EAAE,OAAO;AAAA,EACrC,cAAc,EAAE,QAAQ;AAAA,EACxB,UAAU,EAAE,MAAM,EAAE,OAAO,CAAC;AAAA,EAC5B,eAAe,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,SAAS;AAC9C,CAAC;AAED,MAAM,8BAA8B,EAAE,OAAO;AAAA,EAC3C,IAAI,EAAE,QAAQ,IAAI;AAAA,EAClB,WAAW,EAAE,QAAQ;AACvB,CAAC;AAED,MAAM,qBAAqB,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC;AAEzD,eAAsB,IAAI,KAAc;AACtC,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,KAAM,QAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAC9E,QAAM,MAAM,IAAI,IAAI,IAAI,GAAG;AAC3B,QAAM,SAAS,UAAU,UAAU;AAAA,IACjC,QAAQ,IAAI,aAAa,IAAI,QAAQ;AAAA,IACrC,UAAU,IAAI,aAAa,IAAI,UAAU,KAAK;AAAA,EAChD,CAAC;AACD,MAAI,CAAC,OAAO,QAAS,QAAO,aAAa,KAAK,EAAE,OAAO,gBAAgB,GAAG,EAAE,QAAQ,IAAI,CAAC;AACzF,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,eAAe,MAAM,oBAAoB,EAAE,MAAM,UAAU,CAAC;AAClE,QAAM,KAAK,UAAU,QAAQ,IAAI;AACjC,QAAM,eAAe,KAAK,YAAY;AACtC,QAAM,aAAsC,EAAE,IAAI,OAAO,KAAK,OAAO;AACrE,MAAI,CAAC,gBAAgB,cAAc;AACjC,eAAW,MAAM,CAAC,EAAE,UAAU,aAAa,GAAG,EAAE,UAAU,KAAK,CAAC;AAAA,EAClE;AACA,QAAM,OAAO,MAAM,GAAG,QAAQ,MAAM,UAAU;AAC9C,MAAI,CAAC,KAAM,QAAO,aAAa,KAAK,EAAE,OAAO,YAAY,GAAG,EAAE,QAAQ,IAAI,CAAC;AAC3E,QAAM,eAAe,MAAM,WAAW,OAAO,KAAK,QAAQ,IAAI;AAE9D,MAAI,cAAc,OAAO,KAAK,YAAY,gBAAgB,gBAAgB;AAC1E,MAAI,OAAO,KAAK,YAAY,OAAO,KAAK,aAAa,aAAa;AAChE,QAAI,gBAAgB,OAAO,KAAK,aAAa,aAAc,eAAc,OAAO,KAAK;AAAA,QAChF,QAAO,aAAa,KAAK,EAAE,OAAO,YAAY,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EACvE;AACA,MAAI,CAAC,eAAe,CAAC,aAAc,eAAc,gBAAgB;AAEjE,QAAM,MAAM,cACR,MAAM,GAAG,QAAQ,SAAS,EAAE,MAAM,UAAU,YAAY,CAAC,IACzD;AACJ,QAAM,WAAW,MACb;AAAA,IACE,cAAc,CAAC,CAAC,IAAI;AAAA,IACpB,UAAU,MAAM,QAAQ,IAAI,YAAY,IAAI,IAAI,eAAe,CAAC;AAAA,IAChE,eAAe,MAAM,QAAQ,IAAI,iBAAiB,IAAI,IAAI,oBAAoB;AAAA,EAChF,IACA,EAAE,cAAc,OAAO,UAAU,CAAC,GAAG,eAAe,KAAK;AAE7D,QAAM,cAAc;AAAA,IAClB;AAAA,IACA;AAAA,IACA,SAAS;AAAA,IACT,OAAO,CAAC,EAAE,IAAI,OAAO,KAAK,QAAQ,GAAG,SAAS,CAAC;AAAA,IAC/C,SAAS;AAAA,IACT,cAAc;AAAA,IACd,gBAAgB,KAAK,SAAS;AAAA,IAC9B,UAAU;AAAA,IACV,OAAO,EAAE,QAAQ,OAAO,KAAK,QAAQ,UAAU,YAAY;AAAA,IAC3D,YAAY;AAAA,EACd,CAAC;AAED,SAAO,aAAa,KAAK,QAAQ;AACnC;AAEA,eAAsB,IAAI,KAAc;AACtC,QAAM,OAAO,MAAM,mBAAmB,GAAG;AACzC,MAAI,CAAC,KAAM,QAAO,aAAa,KAAK,EAAE,OAAO,eAAe,GAAG,EAAE,QAAQ,IAAI,CAAC;AAC9E,QAAM,OAAO,MAAM,IAAI,KAAK,EAAE,MAAM,OAAO,CAAC,EAAE;AAC9C,QAAM,SAAS,UAAU,UAAU,IAAI;AACvC,MAAI,CAAC,OAAO,QAAS,QAAO,aAAa,KAAK,EAAE,OAAO,gBAAgB,GAAG,EAAE,QAAQ,IAAI,CAAC;AACzF,QAAM,YAAY,MAAM,uBAAuB;AAC/C,QAAM,KAAK,UAAU,QAAQ,IAAI;AACjC,QAAM,eAAe,MAAM,oBAAoB,EAAE,MAAM,UAAU,CAAC;AAClE,QAAM,cAAc,UAAU,QAAQ,aAAa;AACnD,QAAM,eAAe,KAAK,YAAY;AACtC,QAAM,gBAAyC,EAAE,IAAI,OAAO,KAAK,OAAO;AACxE,MAAI,CAAC,gBAAgB,cAAc;AACjC,kBAAc,MAAM,CAAC,EAAE,UAAU,aAAa,GAAG,EAAE,UAAU,KAAK,CAAC;AAAA,EACrE;AACA,QAAM,OAAO,MAAM,GAAG,QAAQ,MAAM,aAAa;AACjD,MAAI,CAAC,KAAM,QAAO,aAAa,KAAK,EAAE,OAAO,YAAY,GAAG,EAAE,QAAQ,IAAI,CAAC;AAE3E,QAAM,eAAe,MAAM,WAAW,OAAO,KAAK,QAAQ,IAAI;AAE9D,MAAI,iBAAiB,OAAO,KAAK,YAAY,gBAAgB,gBAAgB;AAC7E,MAAI,OAAO,KAAK,YAAY,OAAO,KAAK,aAAa,gBAAgB;AACnE,QAAI,gBAAgB,OAAO,KAAK,aAAa,cAAc;AACzD,uBAAiB,OAAO,KAAK;AAAA,IAC/B,OAAO;AACL,aAAO,aAAa,KAAK,EAAE,OAAO,YAAY,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,IAClE;AAAA,EACF;AACA,MAAI,CAAC,kBAAkB,CAAC,aAAc,kBAAiB,gBAAgB;AACvE,MAAI,CAAC,eAAgB,QAAO,aAAa,KAAK,EAAE,OAAO,kBAAkB,GAAG,EAAE,QAAQ,IAAI,CAAC;AAE3F,MAAI,CAAC,gBAAgB,mBAAmB,cAAc;AACpD,WAAO,aAAa,KAAK,EAAE,OAAO,YAAY,GAAG,EAAE,QAAQ,IAAI,CAAC;AAAA,EAClE;AAEA,QAAM,WAAW,KAAK,MAClB,MAAM,YAAY,QAAQ,KAAK,KAAK,EAAE,UAAU,KAAK,YAAY,MAAM,gBAAgB,KAAK,SAAS,KAAK,CAAC,IAC3G;AACJ,QAAM,oBAAoB,CAAC,CAAC,UAAU;AAEtC,QAAM,oBAAoB,qBAAqB,OAAO,KAAK,QAAQ;AACnE,MAAI,MAAM,MAAM,GAAG,QAAQ,SAAS,EAAE,MAAM,UAAU,eAAe,CAAC;AACtE,MAAI,CAAC,KAAK;AACR,UAAM,GAAG,OAAO,SAAS;AAAA,MACvB;AAAA,MACA,UAAU;AAAA,MACV,WAAW,oBAAI,KAAK;AAAA,MACpB,cAAc;AAAA,IAChB,CAAC;AAAA,EACH;AAEA,QAAM,uBAAuB,CAAC,CAAC,IAAI;AACnC,QAAM,wBAAwB,OAAO,KAAK,gBAAgB;AAC1D,MAAI,wBAAwB;AAE5B,MAAI,CAAC,mBAAmB;AACtB,QAAI,yBAAyB,CAAC,sBAAsB;AAClD,YAAM,UAAU,2DAA2D;AAAA,IAC7E;AACA,QAAI,wBAAwB,0BAA0B,OAAO;AAC3D,8BAAwB;AAAA,IAC1B,OAAO;AACL,8BAAwB;AAAA,IAC1B;AAAA,EACF;AAEA,QAAM,oBAAoB,oBACtB,oBACA,uBAAuB,iBAAiB;AAE5C,MAAI,OAAO,KAAK,kBAAkB,OAAW,KAAI,oBAAoB,OAAO,KAAK;AACjF,MAAI,eAAe;AACnB,MAAI,eAAe;AACnB,QAAM,GAAG,QAAQ,GAAG,EAAE,MAAM;AAG5B,MAAI,gBAAgB;AAClB,UAAM,YAAY,sBAAsB,cAAc;AAEtD,QAAI;AACF,YAAM,QAAQ,UAAU,QAAQ,OAAO;AACvC,UAAI,OAAO,aAAc,OAAM,MAAM,aAAa,CAAC,eAAe,cAAc,EAAE,CAAC;AAAA,IACrF,QAAQ;AAAA,IAAC;AAAA,EACX;AAEA,SAAO,aAAa,KAAK;AAAA,IACvB,IAAI;AAAA,IACJ,WAAW,CAAC,sBAAsB,kBAAkB,WAAW,kBAAkB,UAAU,0BAA0B;AAAA,EACvH,CAAC;AACH;AAEA,SAAS,qBAAqB,UAA6B;AACzD,MAAI,CAAC,MAAM,QAAQ,QAAQ,EAAG,QAAO,CAAC;AACtC,QAAM,QAAQ,oBAAI,IAAY;AAC9B,aAAW,SAAS,UAAU;AAC5B,QAAI,OAAO,UAAU,SAAU;AAC/B,UAAM,UAAU,MAAM,KAAK;AAC3B,QAAI,CAAC,QAAS;AACd,UAAM,IAAI,OAAO;AAAA,EACnB;AACA,SAAO,MAAM,KAAK,KAAK;AACzB;AAEA,SAAS,uBAAuB,UAA8B;AAC5D,SAAO,SAAS,OAAO,CAAC,YAAY,CAAC,0BAA0B,OAAO,CAAC;AACzE;AAEA,SAAS,0BAA0B,SAA0B;AAC3D,MAAI,YAAY,OAAO,YAAY,cAAe,QAAO;AACzD,MAAI,QAAQ,WAAW,mBAAmB,EAAG,QAAO;AACpD,SAAO;AACT;AAEO,MAAM,UAA2B;AAAA,EACtC,KAAK;AAAA,EACL,SAAS;AAAA,EACT,SAAS;AAAA,IACP,KAAK;AAAA,MACH,SAAS;AAAA,MACT,aAAa;AAAA,MACb,OAAO;AAAA,MACP,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,kBAAkB,QAAQ,sBAAsB;AAAA,QAC5E,EAAE,QAAQ,KAAK,aAAa,mBAAmB,QAAQ,mBAAmB;AAAA,QAC1E,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,mBAAmB;AAAA,QACvE,EAAE,QAAQ,KAAK,aAAa,kBAAkB,QAAQ,mBAAmB;AAAA,MAC3E;AAAA,IACF;AAAA,IACA,KAAK;AAAA,MACH,SAAS;AAAA,MACT,aAAa;AAAA,MACb,aAAa;AAAA,QACX,aAAa;AAAA,QACb,QAAQ;AAAA,MACV;AAAA,MACA,WAAW;AAAA,QACT,EAAE,QAAQ,KAAK,aAAa,oBAAoB,QAAQ,4BAA4B;AAAA,QACpF,EAAE,QAAQ,KAAK,aAAa,mBAAmB,QAAQ,mBAAmB;AAAA,QAC1E,EAAE,QAAQ,KAAK,aAAa,gBAAgB,QAAQ,mBAAmB;AAAA,QACvE,EAAE,QAAQ,KAAK,aAAa,yCAAyC,QAAQ,mBAAmB;AAAA,QAChG,EAAE,QAAQ,KAAK,aAAa,kBAAkB,QAAQ,mBAAmB;AAAA,MAC3E;AAAA,IACF;AAAA,EACF;AACF;",
6
6
  "names": []
7
7
  }
package/dist/modules/auth/api/users/acl/route.js CHANGED
@@ -87,7 +87,7 @@ async function PUT(req) {
87
87
  }
88
88
  const hasCustomAcl = effectiveIsSuperAdmin || effectiveFeatures.length > 0;
89
89
  if (!hasCustomAcl) {
90
- if (acl) await em.removeAndFlush(acl);
90
+ if (acl) await em.remove(acl).flush();
91
91
  } else {
92
92
  if (!acl) {
93
93
  acl = em.create(UserAcl, { user: parsed.data.userId, tenantId: auth.tenantId });
@@ -96,7 +96,7 @@ async function PUT(req) {
96
96
  aclRecord.isSuperAdmin = effectiveIsSuperAdmin;
97
97
  aclRecord.featuresJson = effectiveFeatures;
98
98
  aclRecord.organizationsJson = organizations;
99
- await em.persistAndFlush(acl);
99
+ await em.persist(acl).flush();
100
100
  }
101
101
  await rbacService.invalidateUserCache(parsed.data.userId);
102
102
  try {