npm - @powerhousedao/reactor-api - Versions diffs - 6.2.0-dev.2 → 6.2.0-dev.20 - Mend

@powerhousedao/reactor-api 6.2.0-dev.2 → 6.2.0-dev.20

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

package/README.md +0 -2
package/dist/index.d.mts +148 -178
package/dist/index.d.mts.map +1 -1
package/dist/index.mjs +536 -524
package/dist/index.mjs.map +1 -1
package/dist/src/packages/vite-loader.mjs +3 -3
package/dist/src/packages/vite-loader.mjs.map +1 -1
package/dist/utils-Dh9tl892.mjs +530 -0
package/dist/utils-Dh9tl892.mjs.map +1 -0
package/package.json +13 -13
package/dist/utils-BFkbSO_H.mjs +0 -296
package/dist/utils-BFkbSO_H.mjs.map +0 -1

package/dist/utils-Dh9tl892.mjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"utils-Dh9tl892.mjs","sources":["../src/services/authorization.service.ts","../src/graphql/base-subgraph.ts","../src/packages/import-resolver.ts","../src/packages/util.ts","../src/graphql/utils.ts"],"sourcesContent":["import type { DocumentPermissionLevel } from \"../utils/db.js\";\nimport type {\n DocumentPermissionService,\n GetParentIdsFn,\n} from \"./document-permission.service.js\";\n\n/**\n * A document id that has been resolved to its canonical form, never a slug.\n *\n * Protection and grant rows are written under the canonical id, while the\n * read/operation data paths accept an id-or-slug identifier. The decision layer\n * must key on the canonical id, so branding it forces every caller to resolve a\n * slug to its id before consulting this service, closing the slug-aliasing\n * bypass (S-C1). The only sanctioned cast from string to CanonicalDocumentId\n * lives in the BaseSubgraph resolution helpers, immediately after the shared\n * resolveIdOrSlug lookup returns.\n */\nexport type CanonicalDocumentId = string & {\n readonly __canonicalDocumentId: unique symbol;\n};\n\n/**\n * Result of a passed per-document authorization check. `fetchIdentifier` is\n * always safe for the data fetch: the canonical id when resolved, or the raw\n * identifier when the check was skipped for a policy-wide caller.\n */\nexport class AuthorizedDocumentHandle {\n private constructor(\n readonly fetchIdentifier: string,\n readonly isResolved: boolean,\n ) {}\n\n static resolved(documentId: CanonicalDocumentId): AuthorizedDocumentHandle {\n return new AuthorizedDocumentHandle(documentId, true);\n }\n\n static skipped(identifier: string): AuthorizedDocumentHandle {\n return new AuthorizedDocumentHandle(identifier, false);\n }\n\n /** The verified canonical id; throws when resolution was skipped. */\n canonicalId(): CanonicalDocumentId {\n if (!this.isResolved) {\n throw new Error(\n \"Canonical document id is unavailable: the authorization check was skipped for a policy-wide caller\",\n );\n }\n return this.fetchIdentifier as CanonicalDocumentId;\n }\n}\n\nexport const AuthorizationPolicy = {\n OPEN: \"OPEN\",\n ADMIN_ONLY: \"ADMIN_ONLY\",\n DOCUMENT_PERMISSIONS: \"DOCUMENT_PERMISSIONS\",\n} as const;\n\nexport type AuthorizationPolicy =\n (typeof AuthorizationPolicy)[keyof typeof AuthorizationPolicy];\n\nexport interface AuthorizationConfig {\n admins: string[];\n defaultProtection: boolean;\n policy: AuthorizationPolicy;\n}\n\n/**\n * Single source of truth for every permission decision. Always present (never\n * null) so callers branch on data, not on the existence of a service.\n *\n * The policy selects an implementation once at boot:\n * - OPEN: authentication disabled — everyone (incl. anonymous) is allowed.\n * - ADMIN_ONLY: authentication on, document permissions off — only ADMINS.\n * - DOCUMENT_PERMISSIONS: the full per-document protection + grant model.\n *\n * Permission inheritance walks the parent-document hierarchy through a\n * parent resolver injected at construction; callers never supply one.\n */\nexport interface IAuthorizationService {\n readonly config: AuthorizationConfig;\n\n /**\n * Whether the user has unrestricted, policy-wide access. Under OPEN this is\n * true for everyone (including anonymous callers) by design: OPEN means \"no\n * restrictions\", and consumers use this check to skip per-document\n * filtering. It does NOT mean the caller is in the ADMINS list.\n */\n isSupremeAdmin(userAddress?: string): boolean;\n\n /**\n * Whether the user may create new documents under the current policy:\n * everyone in OPEN, only admins in ADMIN_ONLY, any authenticated user in\n * DOCUMENT_PERMISSIONS.\n */\n canCreate(userAddress?: string): boolean;\n\n canRead(\n documentId: CanonicalDocumentId,\n userAddress?: string,\n ): Promise<boolean>;\n\n canWrite(\n documentId: CanonicalDocumentId,\n userAddress?: string,\n ): Promise<boolean>;\n\n /**\n * Whether the user administers the document: supreme admin, document\n * owner, or holder of an ADMIN grant (direct or via group).\n */\n canManage(\n documentId: CanonicalDocumentId,\n userAddress?: string,\n ): Promise<boolean>;\n\n canMutate(\n documentId: CanonicalDocumentId,\n operationType: string,\n userAddress?: string,\n ): Promise<boolean>;\n}\n\n/** Shared config holder and admin-list check for the policy strategies. */\nabstract class BaseAuthorizationService implements IAuthorizationService {\n constructor(readonly config: AuthorizationConfig) {}\n\n isSupremeAdmin(userAddress?: string): boolean {\n if (!userAddress) return false;\n return this.config.admins.includes(userAddress.toLowerCase());\n }\n\n abstract canCreate(userAddress?: string): boolean;\n\n abstract canRead(\n documentId: CanonicalDocumentId,\n userAddress?: string,\n ): Promise<boolean>;\n\n abstract canWrite(\n documentId: CanonicalDocumentId,\n userAddress?: string,\n ): Promise<boolean>;\n\n abstract canManage(\n documentId: CanonicalDocumentId,\n userAddress?: string,\n ): Promise<boolean>;\n\n abstract canMutate(\n documentId: CanonicalDocumentId,\n operationType: string,\n userAddress?: string,\n ): Promise<boolean>;\n}\n\n/** OPEN: authentication disabled — everyone (incl. anonymous) is allowed. */\nclass OpenAuthorizationService extends BaseAuthorizationService {\n isSupremeAdmin(): boolean {\n return true;\n }\n\n canCreate(): boolean {\n return true;\n }\n\n canRead(): Promise<boolean> {\n return Promise.resolve(true);\n }\n\n canWrite(): Promise<boolean> {\n return Promise.resolve(true);\n }\n\n canManage(): Promise<boolean> {\n return Promise.resolve(true);\n }\n\n canMutate(): Promise<boolean> {\n return Promise.resolve(true);\n }\n}\n\n/** ADMIN_ONLY: authentication on, document permissions off — only ADMINS. */\nclass AdminOnlyAuthorizationService extends BaseAuthorizationService {\n canCreate(userAddress?: string): boolean {\n return this.isSupremeAdmin(userAddress);\n }\n\n canRead(\n _documentId: CanonicalDocumentId,\n userAddress?: string,\n ): Promise<boolean> {\n return Promise.resolve(this.isSupremeAdmin(userAddress));\n }\n\n canWrite(\n _documentId: CanonicalDocumentId,\n userAddress?: string,\n ): Promise<boolean> {\n return Promise.resolve(this.isSupremeAdmin(userAddress));\n }\n\n canManage(\n _documentId: CanonicalDocumentId,\n userAddress?: string,\n ): Promise<boolean> {\n return Promise.resolve(this.isSupremeAdmin(userAddress));\n }\n\n canMutate(\n _documentId: CanonicalDocumentId,\n _operationType: string,\n userAddress?: string,\n ): Promise<boolean> {\n return Promise.resolve(this.isSupremeAdmin(userAddress));\n }\n}\n\nconst PERMISSION_RANK: Record<DocumentPermissionLevel, number> = {\n READ: 1,\n WRITE: 2,\n ADMIN: 3,\n};\n\nfunction satisfies(\n level: DocumentPermissionLevel | null,\n required: DocumentPermissionLevel,\n): boolean {\n return level !== null && PERMISSION_RANK[level] >= PERMISSION_RANK[required];\n}\n\n/**\n * DOCUMENT_PERMISSIONS: the full per-document protection + grant model.\n *\n * All decisions live here; DocumentPermissionService is the data-access\n * layer underneath (grants, groups, protection rows, owners).\n */\nclass DocumentPermissionsAuthorizationService extends BaseAuthorizationService {\n readonly #permissions: DocumentPermissionService;\n readonly #getParentIds: GetParentIdsFn;\n\n constructor(\n permissions: DocumentPermissionService,\n getParentIds: GetParentIdsFn,\n config: AuthorizationConfig,\n ) {\n super(config);\n this.#permissions = permissions;\n this.#getParentIds = getParentIds;\n }\n\n canCreate(userAddress?: string): boolean {\n return this.isSupremeAdmin(userAddress) || !!userAddress;\n }\n\n canRead(\n documentId: CanonicalDocumentId,\n userAddress?: string,\n ): Promise<boolean> {\n return this.#canAccess(documentId, \"READ\", userAddress);\n }\n\n canWrite(\n documentId: CanonicalDocumentId,\n userAddress?: string,\n ): Promise<boolean> {\n return this.#canAccess(documentId, \"WRITE\", userAddress);\n }\n\n canManage(\n documentId: CanonicalDocumentId,\n userAddress?: string,\n ): Promise<boolean> {\n return this.#isDocumentAdmin(documentId, userAddress);\n }\n\n async canMutate(\n documentId: CanonicalDocumentId,\n operationType: string,\n userAddress?: string,\n ): Promise<boolean> {\n if (this.isSupremeAdmin(userAddress)) return true;\n\n const isRestricted = await this.#permissions.isOperationRestricted(\n documentId,\n operationType,\n );\n if (isRestricted) {\n if (!userAddress) return false;\n if (await this.#isDocumentAdmin(documentId, userAddress)) return true;\n return this.#permissions.hasOperationGrant(\n documentId,\n operationType,\n userAddress,\n );\n }\n\n return this.#canAccess(documentId, \"WRITE\", userAddress);\n }\n\n /**\n * The one \"administers this document\" predicate: supreme admin, document\n * owner, or ADMIN grant (direct or via group) on the document itself.\n */\n async #isDocumentAdmin(\n documentId: string,\n userAddress?: string,\n ): Promise<boolean> {\n if (this.isSupremeAdmin(userAddress)) return true;\n if (!userAddress) return false;\n\n const owner = await this.#permissions.getDocumentOwner(documentId);\n if (owner && owner === userAddress.toLowerCase()) return true;\n\n return satisfies(await this.#grantLevel(documentId, userAddress), \"ADMIN\");\n }\n\n /**\n * The one read/write decision shape: supreme admin → unprotected (self or\n * ancestor) → owner → inherited grant of at least the required level.\n */\n async #canAccess(\n documentId: string,\n required: DocumentPermissionLevel,\n userAddress?: string,\n ): Promise<boolean> {\n if (this.isSupremeAdmin(userAddress)) return true;\n\n const isProtected = await this.#permissions.isProtectedWithAncestors(\n documentId,\n this.#getParentIds,\n );\n if (!isProtected) return true;\n if (!userAddress) return false;\n\n const owner = await this.#permissions.getDocumentOwner(documentId);\n if (owner && owner === userAddress.toLowerCase()) return true;\n\n return this.#hasGrantInHierarchy(documentId, userAddress, required);\n }\n\n /** Best grant the user holds on the document, direct or via group. */\n async #grantLevel(\n documentId: string,\n userAddress: string,\n ): Promise<DocumentPermissionLevel | null> {\n const direct = await this.#permissions.getUserPermission(\n documentId,\n userAddress,\n );\n if (direct === \"ADMIN\") return direct;\n\n const group = await this.#permissions.getUserGroupPermission(\n documentId,\n userAddress,\n );\n if (group === null) return direct;\n if (direct === null) return group;\n return PERMISSION_RANK[direct] >= PERMISSION_RANK[group] ? direct : group;\n }\n\n /**\n * Walks the parent hierarchy (with cycle protection) looking for a grant of\n * at least the required level on the document or any ancestor.\n */\n async #hasGrantInHierarchy(\n documentId: string,\n userAddress: string,\n required: DocumentPermissionLevel,\n ): Promise<boolean> {\n const visited = new Set<string>();\n const queue = [documentId];\n\n while (queue.length > 0) {\n const current = queue.shift()!;\n if (visited.has(current)) continue;\n visited.add(current);\n\n const level = await this.#grantLevel(current, userAddress);\n if (satisfies(level, required)) return true;\n\n for (const parentId of await this.#getParentIds(current)) {\n if (!visited.has(parentId)) queue.push(parentId);\n }\n }\n\n return false;\n }\n}\n\n/**\n * Selects the strategy for the configured policy. The strategy classes are\n * not exported, so this guard is the only construction path.\n */\nexport function createAuthorizationService(\n config: AuthorizationConfig,\n documentPermissionService?: DocumentPermissionService,\n getParentIds?: GetParentIdsFn,\n): IAuthorizationService {\n if (config.policy === AuthorizationPolicy.OPEN) {\n return new OpenAuthorizationService(config);\n }\n if (config.policy === AuthorizationPolicy.ADMIN_ONLY) {\n return new AdminOnlyAuthorizationService(config);\n }\n if (!documentPermissionService) {\n throw new Error(\n \"DocumentPermissionService is required for the DOCUMENT_PERMISSIONS policy\",\n );\n }\n if (!getParentIds) {\n throw new Error(\n \"A getParentIds resolver is required for the DOCUMENT_PERMISSIONS policy\",\n );\n }\n return new DocumentPermissionsAuthorizationService(\n documentPermissionService,\n getParentIds,\n config,\n );\n}\n","import type {\n IReactorClient,\n IRelationalDb,\n ISyncManager,\n} from \"@powerhousedao/reactor\";\nimport type {\n GraphQLManager,\n ISubgraph,\n SubgraphArgs,\n} from \"@powerhousedao/reactor-api\";\nimport type { DocumentNode } from \"graphql\";\nimport { GraphQLError } from \"graphql\";\nimport { gql } from \"graphql-tag\";\nimport {\n AuthorizationPolicy,\n AuthorizedDocumentHandle,\n type CanonicalDocumentId,\n type IAuthorizationService,\n} from \"../services/authorization.service.js\";\nimport type { DocumentPermissionService } from \"../services/document-permission.service.js\";\nimport type { Context } from \"./types.js\";\n\nexport class BaseSubgraph implements ISubgraph {\n name = \"example\";\n path = \"\";\n resolvers: Record<string, any> = {\n Query: {\n hello: () => this.name,\n },\n };\n typeDefs: DocumentNode = gql`\n type Query {\n hello: String\n }\n `;\n reactorClient: IReactorClient;\n graphqlManager: GraphQLManager;\n relationalDb: IRelationalDb;\n syncManager: ISyncManager;\n documentPermissionService?: DocumentPermissionService;\n authorizationService: IAuthorizationService;\n\n /**\n * Per-request memo of raw identifier to canonical document id, keyed on the\n * request context object so entries are released when the request ends. Lets\n * batch resolvers resolve each distinct identifier at most once.\n */\n readonly #canonicalIdMemo = new WeakMap<\n object,\n Map<string, CanonicalDocumentId>\n >();\n\n constructor(args: SubgraphArgs) {\n this.reactorClient = args.reactorClient;\n this.graphqlManager = args.graphqlManager;\n this.relationalDb = args.relationalDb;\n this.syncManager = args.syncManager;\n this.documentPermissionService = args.documentPermissionService;\n this.authorizationService = args.authorizationService;\n this.path = args.path ?? \"\";\n }\n\n async onSetup() {\n // noop\n }\n\n // ============================================\n // Shared permission helpers\n // ============================================\n\n /**\n * Resolves a caller-supplied identifier (id or slug) to its canonical\n * document id, memoized per request. Both the decision layer and the data\n * layer must agree on the subject, so this runs the same resolveIdOrSlug\n * lookup the data path uses. A resolution failure (not found, ambiguous, or\n * transient) surfaces as a generic Forbidden, fail-closed, so a bad\n * identifier cannot be used as a document-existence oracle.\n */\n async resolveCanonicalDocumentId(\n identifier: string,\n requestKey: object,\n ): Promise<CanonicalDocumentId> {\n let cache = this.#canonicalIdMemo.get(requestKey);\n if (!cache) {\n cache = new Map<string, CanonicalDocumentId>();\n this.#canonicalIdMemo.set(requestKey, cache);\n }\n\n const cached = cache.get(identifier);\n if (cached !== undefined) return cached;\n\n let resolved: string;\n try {\n resolved = await this.reactorClient.resolveIdOrSlug(identifier);\n } catch {\n throw new GraphQLError(\"Forbidden: insufficient permissions\");\n }\n\n const canonical = resolved as CanonicalDocumentId;\n cache.set(identifier, canonical);\n return canonical;\n }\n\n /**\n * Resolves the args' `documentId` to canonical form. Unconditional (unlike the\n * assertCan* helpers, no admin skip): ACL rows are keyed on the canonical id.\n */\n async withCanonicalDocumentId<T extends { documentId: string }>(\n args: T,\n requestKey: object,\n ): Promise<T & { documentId: CanonicalDocumentId }> {\n const documentId = await this.resolveCanonicalDocumentId(\n args.documentId,\n requestKey,\n );\n return { ...args, documentId };\n }\n\n /**\n * Resolves an identifier for a per-document check, or null when the caller has\n * policy-wide access (OPEN or supreme admin) and the check can be skipped.\n * Only DOCUMENT_PERMISSIONS keys on the document id, so other policies fail\n * closed without resolving.\n */\n async #resolveForCheck(\n identifier: string,\n ctx: Context,\n ): Promise<CanonicalDocumentId | null> {\n if (this.authorizationService.isSupremeAdmin(ctx.user?.address)) {\n return null;\n }\n if (\n this.authorizationService.config.policy !==\n AuthorizationPolicy.DOCUMENT_PERMISSIONS\n ) {\n throw new GraphQLError(\"Forbidden: insufficient permissions\");\n }\n return this.resolveCanonicalDocumentId(identifier, ctx);\n }\n\n /**\n * Read filter for an already-canonical document id (one sourced from the data\n * layer, such as a fetched document's id). Performs no slug resolution.\n */\n async canReadDocument(\n documentId: CanonicalDocumentId,\n ctx: Context,\n ): Promise<boolean> {\n return this.authorizationService.canRead(documentId, ctx.user?.address);\n }\n\n /**\n * Asserts read access, resolving a slug first. Returns a handle whose\n * `fetchIdentifier` the caller reuses for the data fetch; a denial throws.\n */\n async assertCanRead(\n identifier: string,\n ctx: Context,\n ): Promise<AuthorizedDocumentHandle> {\n const documentId = await this.#resolveForCheck(identifier, ctx);\n if (documentId === null)\n return AuthorizedDocumentHandle.skipped(identifier);\n await this.assertCanReadCanonical(documentId, ctx);\n return AuthorizedDocumentHandle.resolved(documentId);\n }\n\n async assertCanWrite(\n identifier: string,\n ctx: Context,\n ): Promise<AuthorizedDocumentHandle> {\n const documentId = await this.#resolveForCheck(identifier, ctx);\n if (documentId === null)\n return AuthorizedDocumentHandle.skipped(identifier);\n await this.assertCanWriteCanonical(documentId, ctx);\n return AuthorizedDocumentHandle.resolved(documentId);\n }\n\n async assertCanExecuteOperation(\n identifier: string,\n operationType: string,\n ctx: Context,\n ): Promise<AuthorizedDocumentHandle> {\n const documentId = await this.#resolveForCheck(identifier, ctx);\n if (documentId === null)\n return AuthorizedDocumentHandle.skipped(identifier);\n await this.assertCanExecuteOperationCanonical(\n documentId,\n operationType,\n ctx,\n );\n return AuthorizedDocumentHandle.resolved(documentId);\n }\n\n /**\n * Read assertion for an already-canonical document id. No slug resolution;\n * use only with ids sourced from the data layer or already resolved.\n */\n async assertCanReadCanonical(\n documentId: CanonicalDocumentId,\n ctx: Context,\n ): Promise<void> {\n const canRead = await this.authorizationService.canRead(\n documentId,\n ctx.user?.address,\n );\n if (!canRead) {\n throw new GraphQLError(\n \"Forbidden: insufficient permissions to read this document\",\n );\n }\n }\n\n async assertCanWriteCanonical(\n documentId: CanonicalDocumentId,\n ctx: Context,\n ): Promise<void> {\n const canWrite = await this.authorizationService.canWrite(\n documentId,\n ctx.user?.address,\n );\n if (!canWrite) {\n throw new GraphQLError(\n \"Forbidden: insufficient permissions to write to this document\",\n );\n }\n }\n\n async assertCanExecuteOperationCanonical(\n documentId: CanonicalDocumentId,\n operationType: string,\n ctx: Context,\n ): Promise<void> {\n const canMutate = await this.authorizationService.canMutate(\n documentId,\n operationType,\n ctx.user?.address,\n );\n if (!canMutate) {\n throw new GraphQLError(\n `Forbidden: insufficient permissions to execute operation \"${operationType}\" on this document`,\n );\n }\n }\n\n assertCanCreate(ctx: Context): void {\n if (this.authorizationService.canCreate(ctx.user?.address)) return;\n throw new GraphQLError(\n ctx.user?.address\n ? \"Forbidden: insufficient permissions to create documents\"\n : \"Forbidden: authentication required to create documents\",\n );\n }\n}\n","import path from \"node:path\";\n\n/**\n * Attempts to import from suggested Node.js paths\n */\nasync function tryNodeSuggestedPaths<T>(\n packageName: string,\n subPath: string,\n): Promise<T | null> {\n const suggestedPaths = [\n `${packageName}/dist/node/${subPath}/index.mjs`,\n `${packageName}/dist/node/${subPath}.mjs`,\n `${packageName}/dist/${subPath}/index.js`,\n `${packageName}/dist/${subPath}.js`,\n ];\n\n for (const suggestedPath of suggestedPaths) {\n try {\n return (await import(/* @vite-ignore */ suggestedPath)) as T;\n } catch {\n // Continue to next attempt\n }\n }\n\n return null;\n}\n\n/**\n * Attempts to resolve package using import.meta.resolve\n */\nasync function tryImportMetaResolve<T>(\n packageName: string,\n subPath: string,\n): Promise<T | null> {\n try {\n const resolvedUrl = import.meta.resolve?.(`${packageName}/package.json`);\n if (!resolvedUrl) return null;\n\n const packageRoot = path.dirname(new URL(resolvedUrl).pathname);\n const pathsToTry = [\n path.join(packageRoot, \"dist\", \"node\", subPath, \"index.mjs\"),\n path.join(packageRoot, \"dist\", \"node\", `${subPath}.mjs`),\n path.join(packageRoot, \"dist\", subPath, \"index.js\"),\n path.join(packageRoot, \"dist\", `${subPath}.js`),\n path.join(packageRoot, subPath, \"index.js\"),\n path.join(packageRoot, `${subPath}.js`),\n ];\n\n for (const attemptPath of pathsToTry) {\n try {\n return (await import(/* @vite-ignore */ attemptPath)) as T;\n } catch {\n // Continue to next attempt\n }\n }\n } catch {\n // import.meta.resolve failed\n }\n\n return null;\n}\n\n/**\n * Resolves symlinks in node_modules to find the real package location\n */\nasync function resolveSymlinkedPaths(\n packageName: string,\n subPath: string,\n): Promise<string[]> {\n const packageBaseName = packageName.includes(\"/\")\n ? packageName.split(\"/\").pop()\n : packageName;\n const nodeModulesPatterns = [\n path.join(process.cwd(), \"node_modules\", packageName),\n path.join(process.cwd(), \"node_modules\", packageBaseName || packageName),\n ];\n\n const workspacePatterns: string[] = [];\n\n for (const nodeModulesPath of nodeModulesPatterns) {\n try {\n const fs = await import(\"node:fs\");\n if (fs.existsSync(nodeModulesPath)) {\n const realPath = fs.realpathSync(nodeModulesPath);\n\n workspacePatterns.push(\n path.join(realPath, \"dist\", \"node\", subPath, \"index.mjs\"),\n path.join(realPath, \"dist\", \"node\", `${subPath}.mjs`),\n path.join(realPath, \"dist\", subPath, \"index.js\"),\n path.join(realPath, \"dist\", `${subPath}.js`),\n path.join(realPath, subPath, \"index.js\"),\n path.join(realPath, `${subPath}.js`),\n );\n }\n } catch {\n // Continue to next attempt\n }\n }\n\n return workspacePatterns;\n}\n\n/**\n * Generates common workspace pattern paths\n */\nfunction getCommonWorkspacePaths(\n packageName: string,\n subPath: string,\n): string[] {\n const packageBaseName = packageName.includes(\"/\")\n ? packageName.split(\"/\").pop()\n : packageName;\n const commonRoots = [process.cwd(), path.dirname(process.cwd())];\n\n const workspacePatterns: string[] = [];\n for (const root of commonRoots) {\n workspacePatterns.push(\n path.join(\n root,\n \"packages\",\n packageBaseName || packageName,\n \"dist\",\n \"node\",\n subPath,\n \"index.mjs\",\n ),\n path.join(\n root,\n \"packages\",\n packageBaseName || packageName,\n \"dist\",\n \"node\",\n `${subPath}.mjs`,\n ),\n path.join(\n root,\n \"packages\",\n packageBaseName || packageName,\n \"dist\",\n subPath,\n \"index.js\",\n ),\n path.join(\n root,\n \"packages\",\n packageBaseName || packageName,\n \"dist\",\n `${subPath}.js`,\n ),\n );\n }\n\n return workspacePatterns;\n}\n\n/**\n * Attempts to import from a list of workspace patterns\n */\nasync function tryWorkspacePatterns<T>(patterns: string[]): Promise<T | null> {\n for (const workspacePath of patterns) {\n try {\n return (await import(/* @vite-ignore */ workspacePath)) as T;\n } catch {\n // Continue to next attempt\n }\n }\n\n return null;\n}\n\n/**\n * Attempts to resolve linked packages using various fallback strategies\n */\nexport async function resolveLinkedPackage<T>(\n packageName: string,\n subPath: string,\n): Promise<T | null> {\n // Try Node.js suggested paths first\n let result = await tryNodeSuggestedPaths<T>(packageName, subPath);\n if (result) return result;\n\n // Try import.meta.resolve\n result = await tryImportMetaResolve<T>(packageName, subPath);\n if (result) return result;\n\n // Try symlink resolution\n const symlinkPaths = await resolveSymlinkedPaths(packageName, subPath);\n result = await tryWorkspacePatterns<T>(symlinkPaths);\n if (result) return result;\n\n // Try common workspace patterns as final fallback\n const commonPaths = getCommonWorkspacePaths(packageName, subPath);\n result = await tryWorkspacePatterns<T>(commonPaths);\n if (result) return result;\n\n return null;\n}\n","import type {\n ProcessorFactoryBuilder,\n SubgraphClass,\n} from \"@powerhousedao/reactor-api\";\nimport type { DocumentModelModule } from \"@powerhousedao/shared/document-model\";\nimport { childLogger } from \"document-model\";\nimport { execSync } from \"node:child_process\";\nimport path from \"node:path\";\nimport { resolveLinkedPackage } from \"./import-resolver.js\";\n\n// Define the expected module export structures\ntype DocumentModelsExport = Record<string, DocumentModelModule>;\ntype SubgraphsExport = Record<string, Record<string, SubgraphClass>>;\ntype ProcessorsExport = {\n processorFactory?: ProcessorFactoryBuilder;\n processorFactoryLegacy?: ProcessorFactoryBuilder;\n};\n\nconst _logger = childLogger([\"reactor-api\", \"packages/util\"]);\n\nexport const installPackages = (packages: string[]): Promise<void> => {\n for (const packageName of packages) {\n execSync(`ph install ${packageName}`);\n }\n return Promise.resolve();\n};\n\nexport const readManifest = () => {\n const manifest = execSync(`ph manifest`).toString();\n return manifest;\n};\n\n/**\n * Tries to import document models from a package. This function cannot throw.\n */\nexport async function loadDocumentModels(\n packageName: string,\n): Promise<DocumentModelsExport | null> {\n return loadDependency(packageName, \"document-models\");\n}\n\n/**\n * Tries to import subgraphs from a package. This function cannot throw.\n */\nexport async function loadSubgraphs(\n packageName: string,\n): Promise<SubgraphsExport | null> {\n return loadDependency(packageName, \"subgraphs\");\n}\n\n/**\n * Tries to import processors from a package. This function cannot throw.\n */\nexport async function loadProcessors(\n packageName: string,\n): Promise<ProcessorsExport | null> {\n return loadDependency(packageName, \"processors\");\n}\n\n/**\n * Generic dependency loader - tries to import a dependency from a package. This function cannot throw.\n * Returns null if the dependency cannot be loaded.\n */\nasync function loadDependency<T = unknown>(\n packageName: string,\n subPath: string,\n): Promise<T> {\n const fullPath = `${packageName}/${subPath}`;\n\n // Try the standard import first\n try {\n // vite does not support this, but that's okay as we have provided the\n // vite-loader for this purpose\n\n const module = (await import(/* @vite-ignore */ fullPath)) as T;\n return module;\n } catch (e) {\n // Handle module not found errors with fallback resolution\n if (\n e instanceof Error &&\n \"code\" in e &&\n (e.code === \"ERR_MODULE_NOT_FOUND\" ||\n e.code === \"ERR_UNSUPPORTED_DIR_IMPORT\")\n ) {\n const result = await resolveLinkedPackage<T>(packageName, subPath);\n if (result) return result;\n }\n throw e;\n }\n}\n\nexport function debounce<T extends unknown[], R>(\n func: (...args: T) => Promise<R>,\n delay = 250,\n) {\n let timer: number;\n return (immediate = false, ...args: T) => {\n if (timer) {\n clearTimeout(timer);\n }\n return new Promise<R>((resolve, reject) => {\n if (immediate) {\n func(...args)\n .then(resolve)\n .catch(reject);\n } else {\n timer = setTimeout(() => {\n func(...args)\n .then(resolve)\n .catch(reject);\n }, delay) as unknown as number;\n }\n });\n };\n}\n\nexport function isSubpath(parent: string, dir: string) {\n const relative = path.relative(parent, dir);\n return relative && !relative.startsWith(\"..\") && !path.isAbsolute(relative);\n}\n","import type {\n GqlDocument,\n GqlDriveDocument,\n GqlOperation,\n SubgraphClass,\n} from \"@powerhousedao/reactor-api\";\nimport type { DocumentDriveDocument } from \"@powerhousedao/shared/document-drive\";\nimport type {\n Operation,\n PHDocument,\n} from \"@powerhousedao/shared/document-model\";\nimport { BaseSubgraph } from \"./base-subgraph.js\";\n\nexport function isSubgraphClass(\n candidate: unknown,\n): candidate is SubgraphClass {\n if (typeof candidate !== \"function\") return false;\n\n let proto: unknown = Object.getPrototypeOf(candidate);\n while (proto) {\n if (Object.prototype.isPrototypeOf.call(proto, BaseSubgraph)) return true;\n\n proto = Object.getPrototypeOf(proto);\n }\n\n return false;\n}\n\nexport function buildGraphqlOperations(\n operations: Operation[],\n skip: number,\n first: number,\n): GqlOperation[] {\n return operations.slice(skip, skip + first).map(buildGraphqlOperation);\n}\n\nexport function buildGraphqlOperation(operation: Operation): GqlOperation {\n const signer = operation.action.context?.signer;\n return {\n id: operation.id ?? \"\",\n type: operation.action.type,\n index: operation.index,\n timestampUtcMs: operation.timestampUtcMs,\n hash: operation.hash,\n skip: operation.skip,\n inputText:\n typeof operation.action.input === \"string\"\n ? operation.action.input\n : JSON.stringify(operation.action.input),\n error: operation.error,\n context: {\n signer: signer\n ? {\n user: signer.user,\n app: signer.app,\n signatures: signer.signatures.map((sig) =>\n Array.isArray(sig) ? sig.join(\", \") : sig,\n ),\n }\n : undefined,\n },\n };\n}\n\nexport function buildGraphQlDocument(doc: PHDocument): GqlDocument {\n // Return full state with all scopes (auth, document, global, local)\n // This matches the ReactorSubgraph pattern in adapters.ts\n const state = doc.state;\n const initialState = doc.initialState;\n // For stateJSON, use global state for backward compatibility\n const globalState = \"global\" in doc.state ? doc.state.global : {};\n return {\n id: doc.header.id,\n name: doc.header.name,\n documentType: doc.header.documentType,\n revision: doc.header.revision.global || 0,\n createdAtUtcIso: doc.header.createdAtUtcIso,\n lastModifiedAtUtcIso: doc.header.lastModifiedAtUtcIso,\n operations: [],\n stateJSON: globalState as JSON,\n state,\n initialState,\n };\n}\n\nexport function buildGraphQlDriveDocument(\n doc: DocumentDriveDocument,\n): GqlDriveDocument {\n const gqlDoc = buildGraphQlDocument(doc);\n return {\n ...gqlDoc,\n meta: {\n preferredEditor: doc.header.meta?.preferredEditor,\n },\n slug: doc.header.slug,\n state: doc.state.global,\n initialState: doc.state.global,\n };\n}\n"],"names":["#permissions","#getParentIds","#canAccess","#isDocumentAdmin","#grantLevel","#hasGrantInHierarchy","#canonicalIdMemo","#resolveForCheck"],"mappings":";;;;;;;;;;;;AA0BA,IAAa,2BAAb,MAAa,yBAAyB;CACpC,YACE,iBACA,YACA;AAFS,OAAA,kBAAA;AACA,OAAA,aAAA;;CAGX,OAAO,SAAS,YAA2D;AACzE,SAAO,IAAI,yBAAyB,YAAY,KAAK;;CAGvD,OAAO,QAAQ,YAA8C;AAC3D,SAAO,IAAI,yBAAyB,YAAY,MAAM;;;CAIxD,cAAmC;AACjC,MAAI,CAAC,KAAK,WACR,OAAM,IAAI,MACR,qGACD;AAEH,SAAO,KAAK;;;AAIhB,MAAa,sBAAsB;CACjC,MAAM;CACN,YAAY;CACZ,sBAAsB;CACvB;;AAoED,IAAe,2BAAf,MAAyE;CACvE,YAAY,QAAsC;AAA7B,OAAA,SAAA;;CAErB,eAAe,aAA+B;AAC5C,MAAI,CAAC,YAAa,QAAO;AACzB,SAAO,KAAK,OAAO,OAAO,SAAS,YAAY,aAAa,CAAC;;;;AA4BjE,IAAM,2BAAN,cAAuC,yBAAyB;CAC9D,iBAA0B;AACxB,SAAO;;CAGT,YAAqB;AACnB,SAAO;;CAGT,UAA4B;AAC1B,SAAO,QAAQ,QAAQ,KAAK;;CAG9B,WAA6B;AAC3B,SAAO,QAAQ,QAAQ,KAAK;;CAG9B,YAA8B;AAC5B,SAAO,QAAQ,QAAQ,KAAK;;CAG9B,YAA8B;AAC5B,SAAO,QAAQ,QAAQ,KAAK;;;;AAKhC,IAAM,gCAAN,cAA4C,yBAAyB;CACnE,UAAU,aAA+B;AACvC,SAAO,KAAK,eAAe,YAAY;;CAGzC,QACE,aACA,aACkB;AAClB,SAAO,QAAQ,QAAQ,KAAK,eAAe,YAAY,CAAC;;CAG1D,SACE,aACA,aACkB;AAClB,SAAO,QAAQ,QAAQ,KAAK,eAAe,YAAY,CAAC;;CAG1D,UACE,aACA,aACkB;AAClB,SAAO,QAAQ,QAAQ,KAAK,eAAe,YAAY,CAAC;;CAG1D,UACE,aACA,gBACA,aACkB;AAClB,SAAO,QAAQ,QAAQ,KAAK,eAAe,YAAY,CAAC;;;AAI5D,MAAM,kBAA2D;CAC/D,MAAM;CACN,OAAO;CACP,OAAO;CACR;AAED,SAAS,UACP,OACA,UACS;AACT,QAAO,UAAU,QAAQ,gBAAgB,UAAU,gBAAgB;;;;;;;;AASrE,IAAM,0CAAN,cAAsD,yBAAyB;CAC7E;CACA;CAEA,YACE,aACA,cACA,QACA;AACA,QAAM,OAAO;AACb,QAAA,cAAoB;AACpB,QAAA,eAAqB;;CAGvB,UAAU,aAA+B;AACvC,SAAO,KAAK,eAAe,YAAY,IAAI,CAAC,CAAC;;CAG/C,QACE,YACA,aACkB;AAClB,SAAO,MAAA,UAAgB,YAAY,QAAQ,YAAY;;CAGzD,SACE,YACA,aACkB;AAClB,SAAO,MAAA,UAAgB,YAAY,SAAS,YAAY;;CAG1D,UACE,YACA,aACkB;AAClB,SAAO,MAAA,gBAAsB,YAAY,YAAY;;CAGvD,MAAM,UACJ,YACA,eACA,aACkB;AAClB,MAAI,KAAK,eAAe,YAAY,CAAE,QAAO;AAM7C,MAJqB,MAAM,MAAA,YAAkB,sBAC3C,YACA,cACD,EACiB;AAChB,OAAI,CAAC,YAAa,QAAO;AACzB,OAAI,MAAM,MAAA,gBAAsB,YAAY,YAAY,CAAE,QAAO;AACjE,UAAO,MAAA,YAAkB,kBACvB,YACA,eACA,YACD;;AAGH,SAAO,MAAA,UAAgB,YAAY,SAAS,YAAY;;;;;;CAO1D,OAAA,gBACE,YACA,aACkB;AAClB,MAAI,KAAK,eAAe,YAAY,CAAE,QAAO;AAC7C,MAAI,CAAC,YAAa,QAAO;EAEzB,MAAM,QAAQ,MAAM,MAAA,YAAkB,iBAAiB,WAAW;AAClE,MAAI,SAAS,UAAU,YAAY,aAAa,CAAE,QAAO;AAEzD,SAAO,UAAU,MAAM,MAAA,WAAiB,YAAY,YAAY,EAAE,QAAQ;;;;;;CAO5E,OAAA,UACE,YACA,UACA,aACkB;AAClB,MAAI,KAAK,eAAe,YAAY,CAAE,QAAO;AAM7C,MAAI,CAJgB,MAAM,MAAA,YAAkB,yBAC1C,YACA,MAAA,aACD,CACiB,QAAO;AACzB,MAAI,CAAC,YAAa,QAAO;EAEzB,MAAM,QAAQ,MAAM,MAAA,YAAkB,iBAAiB,WAAW;AAClE,MAAI,SAAS,UAAU,YAAY,aAAa,CAAE,QAAO;AAEzD,SAAO,MAAA,oBAA0B,YAAY,aAAa,SAAS;;;CAIrE,OAAA,WACE,YACA,aACyC;EACzC,MAAM,SAAS,MAAM,MAAA,YAAkB,kBACrC,YACA,YACD;AACD,MAAI,WAAW,QAAS,QAAO;EAE/B,MAAM,QAAQ,MAAM,MAAA,YAAkB,uBACpC,YACA,YACD;AACD,MAAI,UAAU,KAAM,QAAO;AAC3B,MAAI,WAAW,KAAM,QAAO;AAC5B,SAAO,gBAAgB,WAAW,gBAAgB,SAAS,SAAS;;;;;;CAOtE,OAAA,oBACE,YACA,aACA,UACkB;EAClB,MAAM,0BAAU,IAAI,KAAa;EACjC,MAAM,QAAQ,CAAC,WAAW;AAE1B,SAAO,MAAM,SAAS,GAAG;GACvB,MAAM,UAAU,MAAM,OAAO;AAC7B,OAAI,QAAQ,IAAI,QAAQ,CAAE;AAC1B,WAAQ,IAAI,QAAQ;AAGpB,OAAI,UADU,MAAM,MAAA,WAAiB,SAAS,YAAY,EACrC,SAAS,CAAE,QAAO;AAEvC,QAAK,MAAM,YAAY,MAAM,MAAA,aAAmB,QAAQ,CACtD,KAAI,CAAC,QAAQ,IAAI,SAAS,CAAE,OAAM,KAAK,SAAS;;AAIpD,SAAO;;;;;;;AAQX,SAAgB,2BACd,QACA,2BACA,cACuB;AACvB,KAAI,OAAO,WAAW,oBAAoB,KACxC,QAAO,IAAI,yBAAyB,OAAO;AAE7C,KAAI,OAAO,WAAW,oBAAoB,WACxC,QAAO,IAAI,8BAA8B,OAAO;AAElD,KAAI,CAAC,0BACH,OAAM,IAAI,MACR,4EACD;AAEH,KAAI,CAAC,aACH,OAAM,IAAI,MACR,0EACD;AAEH,QAAO,IAAI,wCACT,2BACA,cACA,OACD;;;;AC7YH,IAAa,eAAb,MAA+C;CAC7C,OAAO;CACP,OAAO;CACP,YAAiC,EAC/B,OAAO,EACL,aAAa,KAAK,MACnB,EACF;CACD,WAAyB,GAAG;;;;;CAK5B;CACA;CACA;CACA;CACA;CACA;;;;;;CAOA,mCAA4B,IAAI,SAG7B;CAEH,YAAY,MAAoB;AAC9B,OAAK,gBAAgB,KAAK;AAC1B,OAAK,iBAAiB,KAAK;AAC3B,OAAK,eAAe,KAAK;AACzB,OAAK,cAAc,KAAK;AACxB,OAAK,4BAA4B,KAAK;AACtC,OAAK,uBAAuB,KAAK;AACjC,OAAK,OAAO,KAAK,QAAQ;;CAG3B,MAAM,UAAU;;;;;;;;;CAgBhB,MAAM,2BACJ,YACA,YAC8B;EAC9B,IAAI,QAAQ,MAAA,gBAAsB,IAAI,WAAW;AACjD,MAAI,CAAC,OAAO;AACV,2BAAQ,IAAI,KAAkC;AAC9C,SAAA,gBAAsB,IAAI,YAAY,MAAM;;EAG9C,MAAM,SAAS,MAAM,IAAI,WAAW;AACpC,MAAI,WAAW,KAAA,EAAW,QAAO;EAEjC,IAAI;AACJ,MAAI;AACF,cAAW,MAAM,KAAK,cAAc,gBAAgB,WAAW;UACzD;AACN,SAAM,IAAI,aAAa,sCAAsC;;EAG/D,MAAM,YAAY;AAClB,QAAM,IAAI,YAAY,UAAU;AAChC,SAAO;;;;;;CAOT,MAAM,wBACJ,MACA,YACkD;EAClD,MAAM,aAAa,MAAM,KAAK,2BAC5B,KAAK,YACL,WACD;AACD,SAAO;GAAE,GAAG;GAAM;GAAY;;;;;;;;CAShC,OAAA,gBACE,YACA,KACqC;AACrC,MAAI,KAAK,qBAAqB,eAAe,IAAI,MAAM,QAAQ,CAC7D,QAAO;AAET,MACE,KAAK,qBAAqB,OAAO,WACjC,oBAAoB,qBAEpB,OAAM,IAAI,aAAa,sCAAsC;AAE/D,SAAO,KAAK,2BAA2B,YAAY,IAAI;;;;;;CAOzD,MAAM,gBACJ,YACA,KACkB;AAClB,SAAO,KAAK,qBAAqB,QAAQ,YAAY,IAAI,MAAM,QAAQ;;;;;;CAOzE,MAAM,cACJ,YACA,KACmC;EACnC,MAAM,aAAa,MAAM,MAAA,gBAAsB,YAAY,IAAI;AAC/D,MAAI,eAAe,KACjB,QAAO,yBAAyB,QAAQ,WAAW;AACrD,QAAM,KAAK,uBAAuB,YAAY,IAAI;AAClD,SAAO,yBAAyB,SAAS,WAAW;;CAGtD,MAAM,eACJ,YACA,KACmC;EACnC,MAAM,aAAa,MAAM,MAAA,gBAAsB,YAAY,IAAI;AAC/D,MAAI,eAAe,KACjB,QAAO,yBAAyB,QAAQ,WAAW;AACrD,QAAM,KAAK,wBAAwB,YAAY,IAAI;AACnD,SAAO,yBAAyB,SAAS,WAAW;;CAGtD,MAAM,0BACJ,YACA,eACA,KACmC;EACnC,MAAM,aAAa,MAAM,MAAA,gBAAsB,YAAY,IAAI;AAC/D,MAAI,eAAe,KACjB,QAAO,yBAAyB,QAAQ,WAAW;AACrD,QAAM,KAAK,mCACT,YACA,eACA,IACD;AACD,SAAO,yBAAyB,SAAS,WAAW;;;;;;CAOtD,MAAM,uBACJ,YACA,KACe;AAKf,MAAI,CAJY,MAAM,KAAK,qBAAqB,QAC9C,YACA,IAAI,MAAM,QACX,CAEC,OAAM,IAAI,aACR,4DACD;;CAIL,MAAM,wBACJ,YACA,KACe;AAKf,MAAI,CAJa,MAAM,KAAK,qBAAqB,SAC/C,YACA,IAAI,MAAM,QACX,CAEC,OAAM,IAAI,aACR,gEACD;;CAIL,MAAM,mCACJ,YACA,eACA,KACe;AAMf,MAAI,CALc,MAAM,KAAK,qBAAqB,UAChD,YACA,eACA,IAAI,MAAM,QACX,CAEC,OAAM,IAAI,aACR,6DAA6D,cAAc,oBAC5E;;CAIL,gBAAgB,KAAoB;AAClC,MAAI,KAAK,qBAAqB,UAAU,IAAI,MAAM,QAAQ,CAAE;AAC5D,QAAM,IAAI,aACR,IAAI,MAAM,UACN,4DACA,yDACL;;;;;;;;ACrPL,eAAe,sBACb,aACA,SACmB;CACnB,MAAM,iBAAiB;EACrB,GAAG,YAAY,aAAa,QAAQ;EACpC,GAAG,YAAY,aAAa,QAAQ;EACpC,GAAG,YAAY,QAAQ,QAAQ;EAC/B,GAAG,YAAY,QAAQ,QAAQ;EAChC;AAED,MAAK,MAAM,iBAAiB,eAC1B,KAAI;AACF,SAAQ,MAAM;;GAA0B;;SAClC;AAKV,QAAO;;;;;AAMT,eAAe,qBACb,aACA,SACmB;AACnB,KAAI;EACF,MAAM,cAAc,OAAO,KAAK,UAAU,GAAG,YAAY,eAAe;AACxE,MAAI,CAAC,YAAa,QAAO;EAEzB,MAAM,cAAc,KAAK,QAAQ,IAAI,IAAI,YAAY,CAAC,SAAS;EAC/D,MAAM,aAAa;GACjB,KAAK,KAAK,aAAa,QAAQ,QAAQ,SAAS,YAAY;GAC5D,KAAK,KAAK,aAAa,QAAQ,QAAQ,GAAG,QAAQ,MAAM;GACxD,KAAK,KAAK,aAAa,QAAQ,SAAS,WAAW;GACnD,KAAK,KAAK,aAAa,QAAQ,GAAG,QAAQ,KAAK;GAC/C,KAAK,KAAK,aAAa,SAAS,WAAW;GAC3C,KAAK,KAAK,aAAa,GAAG,QAAQ,KAAK;GACxC;AAED,OAAK,MAAM,eAAe,WACxB,KAAI;AACF,UAAQ,MAAM;;IAA0B;;UAClC;SAIJ;AAIR,QAAO;;;;;AAMT,eAAe,sBACb,aACA,SACmB;CACnB,MAAM,kBAAkB,YAAY,SAAS,IAAI,GAC7C,YAAY,MAAM,IAAI,CAAC,KAAK,GAC5B;CACJ,MAAM,sBAAsB,CAC1B,KAAK,KAAK,QAAQ,KAAK,EAAE,gBAAgB,YAAY,EACrD,KAAK,KAAK,QAAQ,KAAK,EAAE,gBAAgB,mBAAmB,YAAY,CACzE;CAED,MAAM,oBAA8B,EAAE;AAEtC,MAAK,MAAM,mBAAmB,oBAC5B,KAAI;EACF,MAAM,KAAK,MAAM,OAAO;AACxB,MAAI,GAAG,WAAW,gBAAgB,EAAE;GAClC,MAAM,WAAW,GAAG,aAAa,gBAAgB;AAEjD,qBAAkB,KAChB,KAAK,KAAK,UAAU,QAAQ,QAAQ,SAAS,YAAY,EACzD,KAAK,KAAK,UAAU,QAAQ,QAAQ,GAAG,QAAQ,MAAM,EACrD,KAAK,KAAK,UAAU,QAAQ,SAAS,WAAW,EAChD,KAAK,KAAK,UAAU,QAAQ,GAAG,QAAQ,KAAK,EAC5C,KAAK,KAAK,UAAU,SAAS,WAAW,EACxC,KAAK,KAAK,UAAU,GAAG,QAAQ,KAAK,CACrC;;SAEG;AAKV,QAAO;;;;;AAMT,SAAS,wBACP,aACA,SACU;CACV,MAAM,kBAAkB,YAAY,SAAS,IAAI,GAC7C,YAAY,MAAM,IAAI,CAAC,KAAK,GAC5B;CACJ,MAAM,cAAc,CAAC,QAAQ,KAAK,EAAE,KAAK,QAAQ,QAAQ,KAAK,CAAC,CAAC;CAEhE,MAAM,oBAA8B,EAAE;AACtC,MAAK,MAAM,QAAQ,YACjB,mBAAkB,KAChB,KAAK,KACH,MACA,YACA,mBAAmB,aACnB,QACA,QACA,SACA,YACD,EACD,KAAK,KACH,MACA,YACA,mBAAmB,aACnB,QACA,QACA,GAAG,QAAQ,MACZ,EACD,KAAK,KACH,MACA,YACA,mBAAmB,aACnB,QACA,SACA,WACD,EACD,KAAK,KACH,MACA,YACA,mBAAmB,aACnB,QACA,GAAG,QAAQ,KACZ,CACF;AAGH,QAAO;;;;;AAMT,eAAe,qBAAwB,UAAuC;AAC5E,MAAK,MAAM,iBAAiB,SAC1B,KAAI;AACF,SAAQ,MAAM;;GAA0B;;SAClC;AAKV,QAAO;;;;;AAMT,eAAsB,qBACpB,aACA,SACmB;CAEnB,IAAI,SAAS,MAAM,sBAAyB,aAAa,QAAQ;AACjE,KAAI,OAAQ,QAAO;AAGnB,UAAS,MAAM,qBAAwB,aAAa,QAAQ;AAC5D,KAAI,OAAQ,QAAO;AAInB,UAAS,MAAM,qBADM,MAAM,sBAAsB,aAAa,QAAQ,CAClB;AACpD,KAAI,OAAQ,QAAO;AAInB,UAAS,MAAM,qBADK,wBAAwB,aAAa,QAAQ,CACd;AACnD,KAAI,OAAQ,QAAO;AAEnB,QAAO;;;;ACjLO,YAAY,CAAC,eAAe,gBAAgB,CAAC;;;;AAiB7D,eAAsB,mBACpB,aACsC;AACtC,QAAO,eAAe,aAAa,kBAAkB;;;;;AAMvD,eAAsB,cACpB,aACiC;AACjC,QAAO,eAAe,aAAa,YAAY;;;;;AAMjD,eAAsB,eACpB,aACkC;AAClC,QAAO,eAAe,aAAa,aAAa;;;;;;AAOlD,eAAe,eACb,aACA,SACY;CACZ,MAAM,WAAW,GAAG,YAAY,GAAG;AAGnC,KAAI;AAKF,SADgB,MAAM;;GAA0B;;UAEzC,GAAG;AAEV,MACE,aAAa,SACb,UAAU,MACT,EAAE,SAAS,0BACV,EAAE,SAAS,+BACb;GACA,MAAM,SAAS,MAAM,qBAAwB,aAAa,QAAQ;AAClE,OAAI,OAAQ,QAAO;;AAErB,QAAM;;;AAIV,SAAgB,SACd,MACA,QAAQ,KACR;CACA,IAAI;AACJ,SAAQ,YAAY,OAAO,GAAG,SAAY;AACxC,MAAI,MACF,cAAa,MAAM;AAErB,SAAO,IAAI,SAAY,SAAS,WAAW;AACzC,OAAI,UACF,MAAK,GAAG,KAAK,CACV,KAAK,QAAQ,CACb,MAAM,OAAO;OAEhB,SAAQ,iBAAiB;AACvB,SAAK,GAAG,KAAK,CACV,KAAK,QAAQ,CACb,MAAM,OAAO;MACf,MAAM;IAEX;;;AAIN,SAAgB,UAAU,QAAgB,KAAa;CACrD,MAAM,WAAW,KAAK,SAAS,QAAQ,IAAI;AAC3C,QAAO,YAAY,CAAC,SAAS,WAAW,KAAK,IAAI,CAAC,KAAK,WAAW,SAAS;;;;ACzG7E,SAAgB,gBACd,WAC4B;AAC5B,KAAI,OAAO,cAAc,WAAY,QAAO;CAE5C,IAAI,QAAiB,OAAO,eAAe,UAAU;AACrD,QAAO,OAAO;AACZ,MAAI,OAAO,UAAU,cAAc,KAAK,OAAO,aAAa,CAAE,QAAO;AAErE,UAAQ,OAAO,eAAe,MAAM;;AAGtC,QAAO;;AAGT,SAAgB,uBACd,YACA,MACA,OACgB;AAChB,QAAO,WAAW,MAAM,MAAM,OAAO,MAAM,CAAC,IAAI,sBAAsB;;AAGxE,SAAgB,sBAAsB,WAAoC;CACxE,MAAM,SAAS,UAAU,OAAO,SAAS;AACzC,QAAO;EACL,IAAI,UAAU,MAAM;EACpB,MAAM,UAAU,OAAO;EACvB,OAAO,UAAU;EACjB,gBAAgB,UAAU;EAC1B,MAAM,UAAU;EAChB,MAAM,UAAU;EAChB,WACE,OAAO,UAAU,OAAO,UAAU,WAC9B,UAAU,OAAO,QACjB,KAAK,UAAU,UAAU,OAAO,MAAM;EAC5C,OAAO,UAAU;EACjB,SAAS,EACP,QAAQ,SACJ;GACE,MAAM,OAAO;GACb,KAAK,OAAO;GACZ,YAAY,OAAO,WAAW,KAAK,QACjC,MAAM,QAAQ,IAAI,GAAG,IAAI,KAAK,KAAK,GAAG,IACvC;GACF,GACD,KAAA,GACL;EACF;;AAGH,SAAgB,qBAAqB,KAA8B;CAGjE,MAAM,QAAQ,IAAI;CAClB,MAAM,eAAe,IAAI;CAEzB,MAAM,cAAc,YAAY,IAAI,QAAQ,IAAI,MAAM,SAAS,EAAE;AACjE,QAAO;EACL,IAAI,IAAI,OAAO;EACf,MAAM,IAAI,OAAO;EACjB,cAAc,IAAI,OAAO;EACzB,UAAU,IAAI,OAAO,SAAS,UAAU;EACxC,iBAAiB,IAAI,OAAO;EAC5B,sBAAsB,IAAI,OAAO;EACjC,YAAY,EAAE;EACd,WAAW;EACX;EACA;EACD;;AAGH,SAAgB,0BACd,KACkB;AAElB,QAAO;EACL,GAFa,qBAAqB,IAAI;EAGtC,MAAM,EACJ,iBAAiB,IAAI,OAAO,MAAM,iBACnC;EACD,MAAM,IAAI,OAAO;EACjB,OAAO,IAAI,MAAM;EACjB,cAAc,IAAI,MAAM;EACzB","debug_id":"02ee5aff-26c7-5e45-b81e-6ec7bce7f7ec"}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@powerhousedao/reactor-api",
-  "version": "6.2.0-dev.2",
+  "version": "6.2.0-dev.20",
   "description": "",
   "type": "module",
   "repository": {
@@ -65,18 +65,18 @@
     "read-pkg": "10.1.0",
     "ws": "^8.18.3",
     "zod": "4.3.6",
-    "@powerhousedao/analytics-engine-core": "6.2.0-dev.2",
-    "@powerhousedao/analytics-engine-graphql": "6.2.0-dev.2",
-    "@powerhousedao/analytics-engine-pg": "6.2.0-dev.2",
-    "@powerhousedao/config": "6.2.0-dev.2",
-    "@powerhousedao/pglite-fs": "6.2.0-dev.2",
-    "@powerhousedao/reactor": "6.2.0-dev.2",
-    "@powerhousedao/reactor-drive": "6.2.0-dev.2",
-    "@powerhousedao/shared": "6.2.0-dev.2",
-    "@powerhousedao/reactor-mcp": "6.2.0-dev.2",
-    "@powerhousedao/reactor-attachments": "6.2.0-dev.2",
-    "@renown/sdk": "6.2.0-dev.2",
-    "document-model": "6.2.0-dev.2"
+    "@powerhousedao/analytics-engine-core": "6.2.0-dev.20",
+    "@powerhousedao/analytics-engine-graphql": "6.2.0-dev.20",
+    "@powerhousedao/config": "6.2.0-dev.20",
+    "@powerhousedao/analytics-engine-pg": "6.2.0-dev.20",
+    "@powerhousedao/pglite-fs": "6.2.0-dev.20",
+    "@powerhousedao/reactor": "6.2.0-dev.20",
+    "@powerhousedao/reactor-attachments": "6.2.0-dev.20",
+    "@powerhousedao/reactor-drive": "6.2.0-dev.20",
+    "@powerhousedao/reactor-mcp": "6.2.0-dev.20",
+    "@renown/sdk": "6.2.0-dev.20",
+    "@powerhousedao/shared": "6.2.0-dev.20",
+    "document-model": "6.2.0-dev.20"
   },
   "devDependencies": {
     "@fastify/cors": "^11.0.1",

package/dist/utils-BFkbSO_H.mjs DELETED Viewed

@@ -1,296 +0,0 @@
-!function(){try{var e="undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof globalThis?globalThis:"undefined"!=typeof self?self:{},n=(new e.Error).stack;n&&(e._sentryDebugIds=e._sentryDebugIds||{},e._sentryDebugIds[n]="f64c0238-0280-5fb7-9cf2-93c99d05e219")}catch(e){}}();
-import { gql } from "graphql-tag";
-import { GraphQLError } from "graphql";
-import { childLogger } from "document-model";
-import path from "node:path";
-//#region src/graphql/base-subgraph.ts
-var BaseSubgraph = class {
-	name = "example";
-	path = "";
-	resolvers = { Query: { hello: () => this.name } };
-	typeDefs = gql`
-    type Query {
-      hello: String
-    }
-  `;
-	reactorClient;
-	graphqlManager;
-	relationalDb;
-	syncManager;
-	documentPermissionService;
-	authorizationService;
-	constructor(args) {
-		this.reactorClient = args.reactorClient;
-		this.graphqlManager = args.graphqlManager;
-		this.relationalDb = args.relationalDb;
-		this.syncManager = args.syncManager;
-		this.documentPermissionService = args.documentPermissionService;
-		this.authorizationService = args.authorizationService;
-		this.path = args.path ?? "";
-	}
-	async onSetup() {}
-	getParentIdsFn() {
-		return async (documentId) => {
-			try {
-				return (await this.reactorClient.getIncomingRelationships(documentId, "child")).results.map((doc) => doc.header.id);
-			} catch {
-				return [];
-			}
-		};
-	}
-	hasGlobalAdminAccess(ctx) {
-		return !!ctx.isAdmin?.(ctx.user?.address ?? "");
-	}
-	async canReadDocument(documentId, ctx) {
-		if (this.authorizationService) return this.authorizationService.canRead(documentId, ctx.user?.address, this.getParentIdsFn());
-		if (this.hasGlobalAdminAccess(ctx)) return true;
-		if (this.documentPermissionService) return this.documentPermissionService.canRead(documentId, ctx.user?.address, this.getParentIdsFn());
-		return false;
-	}
-	async assertCanRead(documentId, ctx) {
-		if (this.authorizationService) {
-			if (!await this.authorizationService.canRead(documentId, ctx.user?.address, this.getParentIdsFn())) throw new GraphQLError("Forbidden: insufficient permissions to read this document");
-			return;
-		}
-		if (!this.hasGlobalAdminAccess(ctx)) if (this.documentPermissionService) {
-			if (!await this.documentPermissionService.canRead(documentId, ctx.user?.address, this.getParentIdsFn())) throw new GraphQLError("Forbidden: insufficient permissions to read this document");
-		} else throw new GraphQLError("Forbidden: insufficient permissions to read this document");
-	}
-	async assertCanWrite(documentId, ctx) {
-		if (this.authorizationService) {
-			if (!await this.authorizationService.canWrite(documentId, ctx.user?.address, this.getParentIdsFn())) throw new GraphQLError("Forbidden: insufficient permissions to write to this document");
-			return;
-		}
-		if (!this.hasGlobalAdminAccess(ctx)) if (this.documentPermissionService) {
-			if (!await this.documentPermissionService.canWrite(documentId, ctx.user?.address, this.getParentIdsFn())) throw new GraphQLError("Forbidden: insufficient permissions to write to this document");
-		} else throw new GraphQLError("Forbidden: insufficient permissions to write to this document");
-	}
-	async assertCanExecuteOperation(documentId, operationType, ctx) {
-		if (this.authorizationService) {
-			if (!await this.authorizationService.canMutate(documentId, operationType, ctx.user?.address, this.getParentIdsFn())) throw new GraphQLError(`Forbidden: insufficient permissions to execute operation "${operationType}" on this document`);
-			return;
-		}
-		if (!this.documentPermissionService) return;
-		if (ctx.isAdmin?.(ctx.user?.address ?? "")) return;
-		if (await this.documentPermissionService.isOperationRestricted(documentId, operationType)) {
-			if (!await this.documentPermissionService.canExecuteOperation(documentId, operationType, ctx.user?.address)) throw new GraphQLError(`Forbidden: insufficient permissions to execute operation "${operationType}" on this document`);
-		}
-	}
-};
-//#endregion
-//#region src/packages/import-resolver.ts
-/**
-* Attempts to import from suggested Node.js paths
-*/
-async function tryNodeSuggestedPaths(packageName, subPath) {
-	const suggestedPaths = [
-		`${packageName}/dist/node/${subPath}/index.mjs`,
-		`${packageName}/dist/node/${subPath}.mjs`,
-		`${packageName}/dist/${subPath}/index.js`,
-		`${packageName}/dist/${subPath}.js`
-	];
-	for (const suggestedPath of suggestedPaths) try {
-		return await import(
-			/* @vite-ignore */
-			suggestedPath
-);
-	} catch {}
-	return null;
-}
-/**
-* Attempts to resolve package using import.meta.resolve
-*/
-async function tryImportMetaResolve(packageName, subPath) {
-	try {
-		const resolvedUrl = import.meta.resolve?.(`${packageName}/package.json`);
-		if (!resolvedUrl) return null;
-		const packageRoot = path.dirname(new URL(resolvedUrl).pathname);
-		const pathsToTry = [
-			path.join(packageRoot, "dist", "node", subPath, "index.mjs"),
-			path.join(packageRoot, "dist", "node", `${subPath}.mjs`),
-			path.join(packageRoot, "dist", subPath, "index.js"),
-			path.join(packageRoot, "dist", `${subPath}.js`),
-			path.join(packageRoot, subPath, "index.js"),
-			path.join(packageRoot, `${subPath}.js`)
-		];
-		for (const attemptPath of pathsToTry) try {
-			return await import(
-				/* @vite-ignore */
-				attemptPath
-);
-		} catch {}
-	} catch {}
-	return null;
-}
-/**
-* Resolves symlinks in node_modules to find the real package location
-*/
-async function resolveSymlinkedPaths(packageName, subPath) {
-	const packageBaseName = packageName.includes("/") ? packageName.split("/").pop() : packageName;
-	const nodeModulesPatterns = [path.join(process.cwd(), "node_modules", packageName), path.join(process.cwd(), "node_modules", packageBaseName || packageName)];
-	const workspacePatterns = [];
-	for (const nodeModulesPath of nodeModulesPatterns) try {
-		const fs = await import("node:fs");
-		if (fs.existsSync(nodeModulesPath)) {
-			const realPath = fs.realpathSync(nodeModulesPath);
-			workspacePatterns.push(path.join(realPath, "dist", "node", subPath, "index.mjs"), path.join(realPath, "dist", "node", `${subPath}.mjs`), path.join(realPath, "dist", subPath, "index.js"), path.join(realPath, "dist", `${subPath}.js`), path.join(realPath, subPath, "index.js"), path.join(realPath, `${subPath}.js`));
-		}
-	} catch {}
-	return workspacePatterns;
-}
-/**
-* Generates common workspace pattern paths
-*/
-function getCommonWorkspacePaths(packageName, subPath) {
-	const packageBaseName = packageName.includes("/") ? packageName.split("/").pop() : packageName;
-	const commonRoots = [process.cwd(), path.dirname(process.cwd())];
-	const workspacePatterns = [];
-	for (const root of commonRoots) workspacePatterns.push(path.join(root, "packages", packageBaseName || packageName, "dist", "node", subPath, "index.mjs"), path.join(root, "packages", packageBaseName || packageName, "dist", "node", `${subPath}.mjs`), path.join(root, "packages", packageBaseName || packageName, "dist", subPath, "index.js"), path.join(root, "packages", packageBaseName || packageName, "dist", `${subPath}.js`));
-	return workspacePatterns;
-}
-/**
-* Attempts to import from a list of workspace patterns
-*/
-async function tryWorkspacePatterns(patterns) {
-	for (const workspacePath of patterns) try {
-		return await import(
-			/* @vite-ignore */
-			workspacePath
-);
-	} catch {}
-	return null;
-}
-/**
-* Attempts to resolve linked packages using various fallback strategies
-*/
-async function resolveLinkedPackage(packageName, subPath) {
-	let result = await tryNodeSuggestedPaths(packageName, subPath);
-	if (result) return result;
-	result = await tryImportMetaResolve(packageName, subPath);
-	if (result) return result;
-	result = await tryWorkspacePatterns(await resolveSymlinkedPaths(packageName, subPath));
-	if (result) return result;
-	result = await tryWorkspacePatterns(getCommonWorkspacePaths(packageName, subPath));
-	if (result) return result;
-	return null;
-}
-//#endregion
-//#region src/packages/util.ts
-childLogger(["reactor-api", "packages/util"]);
-/**
-* Tries to import document models from a package. This function cannot throw.
-*/
-async function loadDocumentModels(packageName) {
-	return loadDependency(packageName, "document-models");
-}
-/**
-* Tries to import subgraphs from a package. This function cannot throw.
-*/
-async function loadSubgraphs(packageName) {
-	return loadDependency(packageName, "subgraphs");
-}
-/**
-* Tries to import processors from a package. This function cannot throw.
-*/
-async function loadProcessors(packageName) {
-	return loadDependency(packageName, "processors");
-}
-/**
-* Generic dependency loader - tries to import a dependency from a package. This function cannot throw.
-* Returns null if the dependency cannot be loaded.
-*/
-async function loadDependency(packageName, subPath) {
-	const fullPath = `${packageName}/${subPath}`;
-	try {
-		return await import(
-			/* @vite-ignore */
-			fullPath
-);
-	} catch (e) {
-		if (e instanceof Error && "code" in e && (e.code === "ERR_MODULE_NOT_FOUND" || e.code === "ERR_UNSUPPORTED_DIR_IMPORT")) {
-			const result = await resolveLinkedPackage(packageName, subPath);
-			if (result) return result;
-		}
-		throw e;
-	}
-}
-function debounce(func, delay = 250) {
-	let timer;
-	return (immediate = false, ...args) => {
-		if (timer) clearTimeout(timer);
-		return new Promise((resolve, reject) => {
-			if (immediate) func(...args).then(resolve).catch(reject);
-			else timer = setTimeout(() => {
-				func(...args).then(resolve).catch(reject);
-			}, delay);
-		});
-	};
-}
-function isSubpath(parent, dir) {
-	const relative = path.relative(parent, dir);
-	return relative && !relative.startsWith("..") && !path.isAbsolute(relative);
-}
-//#endregion
-//#region src/graphql/utils.ts
-function isSubgraphClass(candidate) {
-	if (typeof candidate !== "function") return false;
-	let proto = Object.getPrototypeOf(candidate);
-	while (proto) {
-		if (Object.prototype.isPrototypeOf.call(proto, BaseSubgraph)) return true;
-		proto = Object.getPrototypeOf(proto);
-	}
-	return false;
-}
-function buildGraphqlOperations(operations, skip, first) {
-	return operations.slice(skip, skip + first).map(buildGraphqlOperation);
-}
-function buildGraphqlOperation(operation) {
-	const signer = operation.action.context?.signer;
-	return {
-		id: operation.id ?? "",
-		type: operation.action.type,
-		index: operation.index,
-		timestampUtcMs: operation.timestampUtcMs,
-		hash: operation.hash,
-		skip: operation.skip,
-		inputText: typeof operation.action.input === "string" ? operation.action.input : JSON.stringify(operation.action.input),
-		error: operation.error,
-		context: { signer: signer ? {
-			user: signer.user,
-			app: signer.app,
-			signatures: signer.signatures.map((sig) => Array.isArray(sig) ? sig.join(", ") : sig)
-		} : void 0 }
-	};
-}
-function buildGraphQlDocument(doc) {
-	const state = doc.state;
-	const initialState = doc.initialState;
-	const globalState = "global" in doc.state ? doc.state.global : {};
-	return {
-		id: doc.header.id,
-		name: doc.header.name,
-		documentType: doc.header.documentType,
-		revision: doc.header.revision.global || 0,
-		createdAtUtcIso: doc.header.createdAtUtcIso,
-		lastModifiedAtUtcIso: doc.header.lastModifiedAtUtcIso,
-		operations: [],
-		stateJSON: globalState,
-		state,
-		initialState
-	};
-}
-function buildGraphQlDriveDocument(doc) {
-	return {
-		...buildGraphQlDocument(doc),
-		meta: { preferredEditor: doc.header.meta?.preferredEditor },
-		slug: doc.header.slug,
-		state: doc.state.global,
-		initialState: doc.state.global
-	};
-}
-//#endregion
-export { isSubgraphClass as a, loadDocumentModels as c, BaseSubgraph as d, buildGraphqlOperations as i, loadProcessors as l, buildGraphQlDriveDocument as n, debounce as o, buildGraphqlOperation as r, isSubpath as s, buildGraphQlDocument as t, loadSubgraphs as u };
-//# sourceMappingURL=utils-BFkbSO_H.mjs.map
-//# debugId=f64c0238-0280-5fb7-9cf2-93c99d05e219

package/dist/utils-BFkbSO_H.mjs.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"file":"utils-BFkbSO_H.mjs","sources":["../src/graphql/base-subgraph.ts","../src/packages/import-resolver.ts","../src/packages/util.ts","../src/graphql/utils.ts"],"sourcesContent":["import type {\n IReactorClient,\n IRelationalDb,\n ISyncManager,\n} from \"@powerhousedao/reactor\";\nimport type {\n GraphQLManager,\n ISubgraph,\n SubgraphArgs,\n} from \"@powerhousedao/reactor-api\";\nimport type { DocumentNode } from \"graphql\";\nimport { GraphQLError } from \"graphql\";\nimport { gql } from \"graphql-tag\";\nimport type { AuthorizationService } from \"../services/authorization.service.js\";\nimport type {\n DocumentPermissionService,\n GetParentIdsFn,\n} from \"../services/document-permission.service.js\";\nimport type { Context } from \"./types.js\";\n\nexport class BaseSubgraph implements ISubgraph {\n name = \"example\";\n path = \"\";\n resolvers: Record<string, any> = {\n Query: {\n hello: () => this.name,\n },\n };\n typeDefs: DocumentNode = gql`\n type Query {\n hello: String\n }\n `;\n reactorClient: IReactorClient;\n graphqlManager: GraphQLManager;\n relationalDb: IRelationalDb;\n syncManager: ISyncManager;\n documentPermissionService?: DocumentPermissionService;\n authorizationService?: AuthorizationService;\n\n constructor(args: SubgraphArgs) {\n this.reactorClient = args.reactorClient;\n this.graphqlManager = args.graphqlManager;\n this.relationalDb = args.relationalDb;\n this.syncManager = args.syncManager;\n this.documentPermissionService = args.documentPermissionService;\n this.authorizationService = args.authorizationService;\n this.path = args.path ?? \"\";\n }\n\n async onSetup() {\n // noop\n }\n\n // ============================================\n // Shared permission helpers\n // ============================================\n\n protected getParentIdsFn(): GetParentIdsFn {\n return async (documentId: string): Promise<string[]> => {\n try {\n const result = await this.reactorClient.getIncomingRelationships(\n documentId,\n \"child\",\n );\n return result.results.map((doc) => doc.header.id);\n } catch {\n return [];\n }\n };\n }\n\n protected hasGlobalAdminAccess(ctx: Context): boolean {\n return !!ctx.isAdmin?.(ctx.user?.address ?? \"\");\n }\n\n protected async canReadDocument(\n documentId: string,\n ctx: Context,\n ): Promise<boolean> {\n if (this.authorizationService) {\n return this.authorizationService.canRead(\n documentId,\n ctx.user?.address,\n this.getParentIdsFn(),\n );\n }\n if (this.hasGlobalAdminAccess(ctx)) return true;\n if (this.documentPermissionService) {\n return this.documentPermissionService.canRead(\n documentId,\n ctx.user?.address,\n this.getParentIdsFn(),\n );\n }\n return false;\n }\n\n protected async assertCanRead(\n documentId: string,\n ctx: Context,\n ): Promise<void> {\n if (this.authorizationService) {\n const canRead = await this.authorizationService.canRead(\n documentId,\n ctx.user?.address,\n this.getParentIdsFn(),\n );\n if (!canRead) {\n throw new GraphQLError(\n \"Forbidden: insufficient permissions to read this document\",\n );\n }\n return;\n }\n // Legacy fallback\n if (!this.hasGlobalAdminAccess(ctx)) {\n if (this.documentPermissionService) {\n const canRead = await this.documentPermissionService.canRead(\n documentId,\n ctx.user?.address,\n this.getParentIdsFn(),\n );\n if (!canRead) {\n throw new GraphQLError(\n \"Forbidden: insufficient permissions to read this document\",\n );\n }\n } else {\n throw new GraphQLError(\n \"Forbidden: insufficient permissions to read this document\",\n );\n }\n }\n }\n\n protected async assertCanWrite(\n documentId: string,\n ctx: Context,\n ): Promise<void> {\n if (this.authorizationService) {\n const canWrite = await this.authorizationService.canWrite(\n documentId,\n ctx.user?.address,\n this.getParentIdsFn(),\n );\n if (!canWrite) {\n throw new GraphQLError(\n \"Forbidden: insufficient permissions to write to this document\",\n );\n }\n return;\n }\n // Legacy fallback\n if (!this.hasGlobalAdminAccess(ctx)) {\n if (this.documentPermissionService) {\n const canWrite = await this.documentPermissionService.canWrite(\n documentId,\n ctx.user?.address,\n this.getParentIdsFn(),\n );\n if (!canWrite) {\n throw new GraphQLError(\n \"Forbidden: insufficient permissions to write to this document\",\n );\n }\n } else {\n throw new GraphQLError(\n \"Forbidden: insufficient permissions to write to this document\",\n );\n }\n }\n }\n\n protected async assertCanExecuteOperation(\n documentId: string,\n operationType: string,\n ctx: Context,\n ): Promise<void> {\n if (this.authorizationService) {\n const canMutate = await this.authorizationService.canMutate(\n documentId,\n operationType,\n ctx.user?.address,\n this.getParentIdsFn(),\n );\n if (!canMutate) {\n throw new GraphQLError(\n `Forbidden: insufficient permissions to execute operation \"${operationType}\" on this document`,\n );\n }\n return;\n }\n // Legacy fallback\n if (!this.documentPermissionService) return;\n if (ctx.isAdmin?.(ctx.user?.address ?? \"\")) return;\n const isRestricted =\n await this.documentPermissionService.isOperationRestricted(\n documentId,\n operationType,\n );\n if (isRestricted) {\n const canExecute =\n await this.documentPermissionService.canExecuteOperation(\n documentId,\n operationType,\n ctx.user?.address,\n );\n if (!canExecute) {\n throw new GraphQLError(\n `Forbidden: insufficient permissions to execute operation \"${operationType}\" on this document`,\n );\n }\n }\n }\n}\n","import path from \"node:path\";\n\n/**\n * Attempts to import from suggested Node.js paths\n */\nasync function tryNodeSuggestedPaths<T>(\n packageName: string,\n subPath: string,\n): Promise<T | null> {\n const suggestedPaths = [\n `${packageName}/dist/node/${subPath}/index.mjs`,\n `${packageName}/dist/node/${subPath}.mjs`,\n `${packageName}/dist/${subPath}/index.js`,\n `${packageName}/dist/${subPath}.js`,\n ];\n\n for (const suggestedPath of suggestedPaths) {\n try {\n return (await import(/* @vite-ignore */ suggestedPath)) as T;\n } catch {\n // Continue to next attempt\n }\n }\n\n return null;\n}\n\n/**\n * Attempts to resolve package using import.meta.resolve\n */\nasync function tryImportMetaResolve<T>(\n packageName: string,\n subPath: string,\n): Promise<T | null> {\n try {\n const resolvedUrl = import.meta.resolve?.(`${packageName}/package.json`);\n if (!resolvedUrl) return null;\n\n const packageRoot = path.dirname(new URL(resolvedUrl).pathname);\n const pathsToTry = [\n path.join(packageRoot, \"dist\", \"node\", subPath, \"index.mjs\"),\n path.join(packageRoot, \"dist\", \"node\", `${subPath}.mjs`),\n path.join(packageRoot, \"dist\", subPath, \"index.js\"),\n path.join(packageRoot, \"dist\", `${subPath}.js`),\n path.join(packageRoot, subPath, \"index.js\"),\n path.join(packageRoot, `${subPath}.js`),\n ];\n\n for (const attemptPath of pathsToTry) {\n try {\n return (await import(/* @vite-ignore */ attemptPath)) as T;\n } catch {\n // Continue to next attempt\n }\n }\n } catch {\n // import.meta.resolve failed\n }\n\n return null;\n}\n\n/**\n * Resolves symlinks in node_modules to find the real package location\n */\nasync function resolveSymlinkedPaths(\n packageName: string,\n subPath: string,\n): Promise<string[]> {\n const packageBaseName = packageName.includes(\"/\")\n ? packageName.split(\"/\").pop()\n : packageName;\n const nodeModulesPatterns = [\n path.join(process.cwd(), \"node_modules\", packageName),\n path.join(process.cwd(), \"node_modules\", packageBaseName || packageName),\n ];\n\n const workspacePatterns: string[] = [];\n\n for (const nodeModulesPath of nodeModulesPatterns) {\n try {\n const fs = await import(\"node:fs\");\n if (fs.existsSync(nodeModulesPath)) {\n const realPath = fs.realpathSync(nodeModulesPath);\n\n workspacePatterns.push(\n path.join(realPath, \"dist\", \"node\", subPath, \"index.mjs\"),\n path.join(realPath, \"dist\", \"node\", `${subPath}.mjs`),\n path.join(realPath, \"dist\", subPath, \"index.js\"),\n path.join(realPath, \"dist\", `${subPath}.js`),\n path.join(realPath, subPath, \"index.js\"),\n path.join(realPath, `${subPath}.js`),\n );\n }\n } catch {\n // Continue to next attempt\n }\n }\n\n return workspacePatterns;\n}\n\n/**\n * Generates common workspace pattern paths\n */\nfunction getCommonWorkspacePaths(\n packageName: string,\n subPath: string,\n): string[] {\n const packageBaseName = packageName.includes(\"/\")\n ? packageName.split(\"/\").pop()\n : packageName;\n const commonRoots = [process.cwd(), path.dirname(process.cwd())];\n\n const workspacePatterns: string[] = [];\n for (const root of commonRoots) {\n workspacePatterns.push(\n path.join(\n root,\n \"packages\",\n packageBaseName || packageName,\n \"dist\",\n \"node\",\n subPath,\n \"index.mjs\",\n ),\n path.join(\n root,\n \"packages\",\n packageBaseName || packageName,\n \"dist\",\n \"node\",\n `${subPath}.mjs`,\n ),\n path.join(\n root,\n \"packages\",\n packageBaseName || packageName,\n \"dist\",\n subPath,\n \"index.js\",\n ),\n path.join(\n root,\n \"packages\",\n packageBaseName || packageName,\n \"dist\",\n `${subPath}.js`,\n ),\n );\n }\n\n return workspacePatterns;\n}\n\n/**\n * Attempts to import from a list of workspace patterns\n */\nasync function tryWorkspacePatterns<T>(patterns: string[]): Promise<T | null> {\n for (const workspacePath of patterns) {\n try {\n return (await import(/* @vite-ignore */ workspacePath)) as T;\n } catch {\n // Continue to next attempt\n }\n }\n\n return null;\n}\n\n/**\n * Attempts to resolve linked packages using various fallback strategies\n */\nexport async function resolveLinkedPackage<T>(\n packageName: string,\n subPath: string,\n): Promise<T | null> {\n // Try Node.js suggested paths first\n let result = await tryNodeSuggestedPaths<T>(packageName, subPath);\n if (result) return result;\n\n // Try import.meta.resolve\n result = await tryImportMetaResolve<T>(packageName, subPath);\n if (result) return result;\n\n // Try symlink resolution\n const symlinkPaths = await resolveSymlinkedPaths(packageName, subPath);\n result = await tryWorkspacePatterns<T>(symlinkPaths);\n if (result) return result;\n\n // Try common workspace patterns as final fallback\n const commonPaths = getCommonWorkspacePaths(packageName, subPath);\n result = await tryWorkspacePatterns<T>(commonPaths);\n if (result) return result;\n\n return null;\n}\n","import type {\n ProcessorFactoryBuilder,\n SubgraphClass,\n} from \"@powerhousedao/reactor-api\";\nimport type { DocumentModelModule } from \"@powerhousedao/shared/document-model\";\nimport { childLogger } from \"document-model\";\nimport { execSync } from \"node:child_process\";\nimport path from \"node:path\";\nimport { resolveLinkedPackage } from \"./import-resolver.js\";\n\n// Define the expected module export structures\ntype DocumentModelsExport = Record<string, DocumentModelModule>;\ntype SubgraphsExport = Record<string, Record<string, SubgraphClass>>;\ntype ProcessorsExport = {\n processorFactory?: ProcessorFactoryBuilder;\n processorFactoryLegacy?: ProcessorFactoryBuilder;\n};\n\nconst _logger = childLogger([\"reactor-api\", \"packages/util\"]);\n\nexport const installPackages = (packages: string[]): Promise<void> => {\n for (const packageName of packages) {\n execSync(`ph install ${packageName}`);\n }\n return Promise.resolve();\n};\n\nexport const readManifest = () => {\n const manifest = execSync(`ph manifest`).toString();\n return manifest;\n};\n\n/**\n * Tries to import document models from a package. This function cannot throw.\n */\nexport async function loadDocumentModels(\n packageName: string,\n): Promise<DocumentModelsExport | null> {\n return loadDependency(packageName, \"document-models\");\n}\n\n/**\n * Tries to import subgraphs from a package. This function cannot throw.\n */\nexport async function loadSubgraphs(\n packageName: string,\n): Promise<SubgraphsExport | null> {\n return loadDependency(packageName, \"subgraphs\");\n}\n\n/**\n * Tries to import processors from a package. This function cannot throw.\n */\nexport async function loadProcessors(\n packageName: string,\n): Promise<ProcessorsExport | null> {\n return loadDependency(packageName, \"processors\");\n}\n\n/**\n * Generic dependency loader - tries to import a dependency from a package. This function cannot throw.\n * Returns null if the dependency cannot be loaded.\n */\nasync function loadDependency<T = unknown>(\n packageName: string,\n subPath: string,\n): Promise<T> {\n const fullPath = `${packageName}/${subPath}`;\n\n // Try the standard import first\n try {\n // vite does not support this, but that's okay as we have provided the\n // vite-loader for this purpose\n\n const module = (await import(/* @vite-ignore */ fullPath)) as T;\n return module;\n } catch (e) {\n // Handle module not found errors with fallback resolution\n if (\n e instanceof Error &&\n \"code\" in e &&\n (e.code === \"ERR_MODULE_NOT_FOUND\" ||\n e.code === \"ERR_UNSUPPORTED_DIR_IMPORT\")\n ) {\n const result = await resolveLinkedPackage<T>(packageName, subPath);\n if (result) return result;\n }\n throw e;\n }\n}\n\nexport function debounce<T extends unknown[], R>(\n func: (...args: T) => Promise<R>,\n delay = 250,\n) {\n let timer: number;\n return (immediate = false, ...args: T) => {\n if (timer) {\n clearTimeout(timer);\n }\n return new Promise<R>((resolve, reject) => {\n if (immediate) {\n func(...args)\n .then(resolve)\n .catch(reject);\n } else {\n timer = setTimeout(() => {\n func(...args)\n .then(resolve)\n .catch(reject);\n }, delay) as unknown as number;\n }\n });\n };\n}\n\nexport function isSubpath(parent: string, dir: string) {\n const relative = path.relative(parent, dir);\n return relative && !relative.startsWith(\"..\") && !path.isAbsolute(relative);\n}\n","import type {\n GqlDocument,\n GqlDriveDocument,\n GqlOperation,\n SubgraphClass,\n} from \"@powerhousedao/reactor-api\";\nimport type { DocumentDriveDocument } from \"@powerhousedao/shared/document-drive\";\nimport type {\n Operation,\n PHDocument,\n} from \"@powerhousedao/shared/document-model\";\nimport { BaseSubgraph } from \"./base-subgraph.js\";\n\nexport function isSubgraphClass(\n candidate: unknown,\n): candidate is SubgraphClass {\n if (typeof candidate !== \"function\") return false;\n\n let proto: unknown = Object.getPrototypeOf(candidate);\n while (proto) {\n if (Object.prototype.isPrototypeOf.call(proto, BaseSubgraph)) return true;\n\n proto = Object.getPrototypeOf(proto);\n }\n\n return false;\n}\n\nexport function buildGraphqlOperations(\n operations: Operation[],\n skip: number,\n first: number,\n): GqlOperation[] {\n return operations.slice(skip, skip + first).map(buildGraphqlOperation);\n}\n\nexport function buildGraphqlOperation(operation: Operation): GqlOperation {\n const signer = operation.action.context?.signer;\n return {\n id: operation.id ?? \"\",\n type: operation.action.type,\n index: operation.index,\n timestampUtcMs: operation.timestampUtcMs,\n hash: operation.hash,\n skip: operation.skip,\n inputText:\n typeof operation.action.input === \"string\"\n ? operation.action.input\n : JSON.stringify(operation.action.input),\n error: operation.error,\n context: {\n signer: signer\n ? {\n user: signer.user,\n app: signer.app,\n signatures: signer.signatures.map((sig) =>\n Array.isArray(sig) ? sig.join(\", \") : sig,\n ),\n }\n : undefined,\n },\n };\n}\n\nexport function buildGraphQlDocument(doc: PHDocument): GqlDocument {\n // Return full state with all scopes (auth, document, global, local)\n // This matches the ReactorSubgraph pattern in adapters.ts\n const state = doc.state;\n const initialState = doc.initialState;\n // For stateJSON, use global state for backward compatibility\n const globalState = \"global\" in doc.state ? doc.state.global : {};\n return {\n id: doc.header.id,\n name: doc.header.name,\n documentType: doc.header.documentType,\n revision: doc.header.revision.global || 0,\n createdAtUtcIso: doc.header.createdAtUtcIso,\n lastModifiedAtUtcIso: doc.header.lastModifiedAtUtcIso,\n operations: [],\n stateJSON: globalState as JSON,\n state,\n initialState,\n };\n}\n\nexport function buildGraphQlDriveDocument(\n doc: DocumentDriveDocument,\n): GqlDriveDocument {\n const gqlDoc = buildGraphQlDocument(doc);\n return {\n ...gqlDoc,\n meta: {\n preferredEditor: doc.header.meta?.preferredEditor,\n },\n slug: doc.header.slug,\n state: doc.state.global,\n initialState: doc.state.global,\n };\n}\n"],"names":[],"mappings":";;;;;;;AAoBA,IAAa,eAAb,MAA+C;CAC7C,OAAO;CACP,OAAO;CACP,YAAiC,EAC/B,OAAO,EACL,aAAa,KAAK,MACnB,EACF;CACD,WAAyB,GAAG;;;;;CAK5B;CACA;CACA;CACA;CACA;CACA;CAEA,YAAY,MAAoB;AAC9B,OAAK,gBAAgB,KAAK;AAC1B,OAAK,iBAAiB,KAAK;AAC3B,OAAK,eAAe,KAAK;AACzB,OAAK,cAAc,KAAK;AACxB,OAAK,4BAA4B,KAAK;AACtC,OAAK,uBAAuB,KAAK;AACjC,OAAK,OAAO,KAAK,QAAQ;;CAG3B,MAAM,UAAU;CAQhB,iBAA2C;AACzC,SAAO,OAAO,eAA0C;AACtD,OAAI;AAKF,YAJe,MAAM,KAAK,cAAc,yBACtC,YACA,QACD,EACa,QAAQ,KAAK,QAAQ,IAAI,OAAO,GAAG;WAC3C;AACN,WAAO,EAAE;;;;CAKf,qBAA+B,KAAuB;AACpD,SAAO,CAAC,CAAC,IAAI,UAAU,IAAI,MAAM,WAAW,GAAG;;CAGjD,MAAgB,gBACd,YACA,KACkB;AAClB,MAAI,KAAK,qBACP,QAAO,KAAK,qBAAqB,QAC/B,YACA,IAAI,MAAM,SACV,KAAK,gBAAgB,CACtB;AAEH,MAAI,KAAK,qBAAqB,IAAI,CAAE,QAAO;AAC3C,MAAI,KAAK,0BACP,QAAO,KAAK,0BAA0B,QACpC,YACA,IAAI,MAAM,SACV,KAAK,gBAAgB,CACtB;AAEH,SAAO;;CAGT,MAAgB,cACd,YACA,KACe;AACf,MAAI,KAAK,sBAAsB;AAM7B,OAAI,CALY,MAAM,KAAK,qBAAqB,QAC9C,YACA,IAAI,MAAM,SACV,KAAK,gBAAgB,CACtB,CAEC,OAAM,IAAI,aACR,4DACD;AAEH;;AAGF,MAAI,CAAC,KAAK,qBAAqB,IAAI,CACjC,KAAI,KAAK;OAMH,CALY,MAAM,KAAK,0BAA0B,QACnD,YACA,IAAI,MAAM,SACV,KAAK,gBAAgB,CACtB,CAEC,OAAM,IAAI,aACR,4DACD;QAGH,OAAM,IAAI,aACR,4DACD;;CAKP,MAAgB,eACd,YACA,KACe;AACf,MAAI,KAAK,sBAAsB;AAM7B,OAAI,CALa,MAAM,KAAK,qBAAqB,SAC/C,YACA,IAAI,MAAM,SACV,KAAK,gBAAgB,CACtB,CAEC,OAAM,IAAI,aACR,gEACD;AAEH;;AAGF,MAAI,CAAC,KAAK,qBAAqB,IAAI,CACjC,KAAI,KAAK;OAMH,CALa,MAAM,KAAK,0BAA0B,SACpD,YACA,IAAI,MAAM,SACV,KAAK,gBAAgB,CACtB,CAEC,OAAM,IAAI,aACR,gEACD;QAGH,OAAM,IAAI,aACR,gEACD;;CAKP,MAAgB,0BACd,YACA,eACA,KACe;AACf,MAAI,KAAK,sBAAsB;AAO7B,OAAI,CANc,MAAM,KAAK,qBAAqB,UAChD,YACA,eACA,IAAI,MAAM,SACV,KAAK,gBAAgB,CACtB,CAEC,OAAM,IAAI,aACR,6DAA6D,cAAc,oBAC5E;AAEH;;AAGF,MAAI,CAAC,KAAK,0BAA2B;AACrC,MAAI,IAAI,UAAU,IAAI,MAAM,WAAW,GAAG,CAAE;AAM5C,MAJE,MAAM,KAAK,0BAA0B,sBACnC,YACA,cACD;OAQG,CALF,MAAM,KAAK,0BAA0B,oBACnC,YACA,eACA,IAAI,MAAM,QACX,CAED,OAAM,IAAI,aACR,6DAA6D,cAAc,oBAC5E;;;;;;;;;AC9MT,eAAe,sBACb,aACA,SACmB;CACnB,MAAM,iBAAiB;EACrB,GAAG,YAAY,aAAa,QAAQ;EACpC,GAAG,YAAY,aAAa,QAAQ;EACpC,GAAG,YAAY,QAAQ,QAAQ;EAC/B,GAAG,YAAY,QAAQ,QAAQ;EAChC;AAED,MAAK,MAAM,iBAAiB,eAC1B,KAAI;AACF,SAAQ,MAAM;;GAA0B;;SAClC;AAKV,QAAO;;;;;AAMT,eAAe,qBACb,aACA,SACmB;AACnB,KAAI;EACF,MAAM,cAAc,OAAO,KAAK,UAAU,GAAG,YAAY,eAAe;AACxE,MAAI,CAAC,YAAa,QAAO;EAEzB,MAAM,cAAc,KAAK,QAAQ,IAAI,IAAI,YAAY,CAAC,SAAS;EAC/D,MAAM,aAAa;GACjB,KAAK,KAAK,aAAa,QAAQ,QAAQ,SAAS,YAAY;GAC5D,KAAK,KAAK,aAAa,QAAQ,QAAQ,GAAG,QAAQ,MAAM;GACxD,KAAK,KAAK,aAAa,QAAQ,SAAS,WAAW;GACnD,KAAK,KAAK,aAAa,QAAQ,GAAG,QAAQ,KAAK;GAC/C,KAAK,KAAK,aAAa,SAAS,WAAW;GAC3C,KAAK,KAAK,aAAa,GAAG,QAAQ,KAAK;GACxC;AAED,OAAK,MAAM,eAAe,WACxB,KAAI;AACF,UAAQ,MAAM;;IAA0B;;UAClC;SAIJ;AAIR,QAAO;;;;;AAMT,eAAe,sBACb,aACA,SACmB;CACnB,MAAM,kBAAkB,YAAY,SAAS,IAAI,GAC7C,YAAY,MAAM,IAAI,CAAC,KAAK,GAC5B;CACJ,MAAM,sBAAsB,CAC1B,KAAK,KAAK,QAAQ,KAAK,EAAE,gBAAgB,YAAY,EACrD,KAAK,KAAK,QAAQ,KAAK,EAAE,gBAAgB,mBAAmB,YAAY,CACzE;CAED,MAAM,oBAA8B,EAAE;AAEtC,MAAK,MAAM,mBAAmB,oBAC5B,KAAI;EACF,MAAM,KAAK,MAAM,OAAO;AACxB,MAAI,GAAG,WAAW,gBAAgB,EAAE;GAClC,MAAM,WAAW,GAAG,aAAa,gBAAgB;AAEjD,qBAAkB,KAChB,KAAK,KAAK,UAAU,QAAQ,QAAQ,SAAS,YAAY,EACzD,KAAK,KAAK,UAAU,QAAQ,QAAQ,GAAG,QAAQ,MAAM,EACrD,KAAK,KAAK,UAAU,QAAQ,SAAS,WAAW,EAChD,KAAK,KAAK,UAAU,QAAQ,GAAG,QAAQ,KAAK,EAC5C,KAAK,KAAK,UAAU,SAAS,WAAW,EACxC,KAAK,KAAK,UAAU,GAAG,QAAQ,KAAK,CACrC;;SAEG;AAKV,QAAO;;;;;AAMT,SAAS,wBACP,aACA,SACU;CACV,MAAM,kBAAkB,YAAY,SAAS,IAAI,GAC7C,YAAY,MAAM,IAAI,CAAC,KAAK,GAC5B;CACJ,MAAM,cAAc,CAAC,QAAQ,KAAK,EAAE,KAAK,QAAQ,QAAQ,KAAK,CAAC,CAAC;CAEhE,MAAM,oBAA8B,EAAE;AACtC,MAAK,MAAM,QAAQ,YACjB,mBAAkB,KAChB,KAAK,KACH,MACA,YACA,mBAAmB,aACnB,QACA,QACA,SACA,YACD,EACD,KAAK,KACH,MACA,YACA,mBAAmB,aACnB,QACA,QACA,GAAG,QAAQ,MACZ,EACD,KAAK,KACH,MACA,YACA,mBAAmB,aACnB,QACA,SACA,WACD,EACD,KAAK,KACH,MACA,YACA,mBAAmB,aACnB,QACA,GAAG,QAAQ,KACZ,CACF;AAGH,QAAO;;;;;AAMT,eAAe,qBAAwB,UAAuC;AAC5E,MAAK,MAAM,iBAAiB,SAC1B,KAAI;AACF,SAAQ,MAAM;;GAA0B;;SAClC;AAKV,QAAO;;;;;AAMT,eAAsB,qBACpB,aACA,SACmB;CAEnB,IAAI,SAAS,MAAM,sBAAyB,aAAa,QAAQ;AACjE,KAAI,OAAQ,QAAO;AAGnB,UAAS,MAAM,qBAAwB,aAAa,QAAQ;AAC5D,KAAI,OAAQ,QAAO;AAInB,UAAS,MAAM,qBADM,MAAM,sBAAsB,aAAa,QAAQ,CAClB;AACpD,KAAI,OAAQ,QAAO;AAInB,UAAS,MAAM,qBADK,wBAAwB,aAAa,QAAQ,CACd;AACnD,KAAI,OAAQ,QAAO;AAEnB,QAAO;;;;ACjLO,YAAY,CAAC,eAAe,gBAAgB,CAAC;;;;AAiB7D,eAAsB,mBACpB,aACsC;AACtC,QAAO,eAAe,aAAa,kBAAkB;;;;;AAMvD,eAAsB,cACpB,aACiC;AACjC,QAAO,eAAe,aAAa,YAAY;;;;;AAMjD,eAAsB,eACpB,aACkC;AAClC,QAAO,eAAe,aAAa,aAAa;;;;;;AAOlD,eAAe,eACb,aACA,SACY;CACZ,MAAM,WAAW,GAAG,YAAY,GAAG;AAGnC,KAAI;AAKF,SADgB,MAAM;;GAA0B;;UAEzC,GAAG;AAEV,MACE,aAAa,SACb,UAAU,MACT,EAAE,SAAS,0BACV,EAAE,SAAS,+BACb;GACA,MAAM,SAAS,MAAM,qBAAwB,aAAa,QAAQ;AAClE,OAAI,OAAQ,QAAO;;AAErB,QAAM;;;AAIV,SAAgB,SACd,MACA,QAAQ,KACR;CACA,IAAI;AACJ,SAAQ,YAAY,OAAO,GAAG,SAAY;AACxC,MAAI,MACF,cAAa,MAAM;AAErB,SAAO,IAAI,SAAY,SAAS,WAAW;AACzC,OAAI,UACF,MAAK,GAAG,KAAK,CACV,KAAK,QAAQ,CACb,MAAM,OAAO;OAEhB,SAAQ,iBAAiB;AACvB,SAAK,GAAG,KAAK,CACV,KAAK,QAAQ,CACb,MAAM,OAAO;MACf,MAAM;IAEX;;;AAIN,SAAgB,UAAU,QAAgB,KAAa;CACrD,MAAM,WAAW,KAAK,SAAS,QAAQ,IAAI;AAC3C,QAAO,YAAY,CAAC,SAAS,WAAW,KAAK,IAAI,CAAC,KAAK,WAAW,SAAS;;;;ACzG7E,SAAgB,gBACd,WAC4B;AAC5B,KAAI,OAAO,cAAc,WAAY,QAAO;CAE5C,IAAI,QAAiB,OAAO,eAAe,UAAU;AACrD,QAAO,OAAO;AACZ,MAAI,OAAO,UAAU,cAAc,KAAK,OAAO,aAAa,CAAE,QAAO;AAErE,UAAQ,OAAO,eAAe,MAAM;;AAGtC,QAAO;;AAGT,SAAgB,uBACd,YACA,MACA,OACgB;AAChB,QAAO,WAAW,MAAM,MAAM,OAAO,MAAM,CAAC,IAAI,sBAAsB;;AAGxE,SAAgB,sBAAsB,WAAoC;CACxE,MAAM,SAAS,UAAU,OAAO,SAAS;AACzC,QAAO;EACL,IAAI,UAAU,MAAM;EACpB,MAAM,UAAU,OAAO;EACvB,OAAO,UAAU;EACjB,gBAAgB,UAAU;EAC1B,MAAM,UAAU;EAChB,MAAM,UAAU;EAChB,WACE,OAAO,UAAU,OAAO,UAAU,WAC9B,UAAU,OAAO,QACjB,KAAK,UAAU,UAAU,OAAO,MAAM;EAC5C,OAAO,UAAU;EACjB,SAAS,EACP,QAAQ,SACJ;GACE,MAAM,OAAO;GACb,KAAK,OAAO;GACZ,YAAY,OAAO,WAAW,KAAK,QACjC,MAAM,QAAQ,IAAI,GAAG,IAAI,KAAK,KAAK,GAAG,IACvC;GACF,GACD,KAAA,GACL;EACF;;AAGH,SAAgB,qBAAqB,KAA8B;CAGjE,MAAM,QAAQ,IAAI;CAClB,MAAM,eAAe,IAAI;CAEzB,MAAM,cAAc,YAAY,IAAI,QAAQ,IAAI,MAAM,SAAS,EAAE;AACjE,QAAO;EACL,IAAI,IAAI,OAAO;EACf,MAAM,IAAI,OAAO;EACjB,cAAc,IAAI,OAAO;EACzB,UAAU,IAAI,OAAO,SAAS,UAAU;EACxC,iBAAiB,IAAI,OAAO;EAC5B,sBAAsB,IAAI,OAAO;EACjC,YAAY,EAAE;EACd,WAAW;EACX;EACA;EACD;;AAGH,SAAgB,0BACd,KACkB;AAElB,QAAO;EACL,GAFa,qBAAqB,IAAI;EAGtC,MAAM,EACJ,iBAAiB,IAAI,OAAO,MAAM,iBACnC;EACD,MAAM,IAAI,OAAO;EACjB,OAAO,IAAI,MAAM;EACjB,cAAc,IAAI,MAAM;EACzB","debug_id":"f64c0238-0280-5fb7-9cf2-93c99d05e219"}