@red-hat-developer-hub/backstage-plugin-orchestrator-backend 8.9.0 → 8.9.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,14 @@
|
|
|
1
1
|
# @red-hat-developer-hub/backstage-plugin-orchestrator-backend
|
|
2
2
|
|
|
3
|
+
## 8.9.1
|
|
4
|
+
|
|
5
|
+
### Patch Changes
|
|
6
|
+
|
|
7
|
+
- d85bf56: fix: add configurable bodyParser limit
|
|
8
|
+
- Updated dependencies [d85bf56]
|
|
9
|
+
- @red-hat-developer-hub/backstage-plugin-orchestrator-common@3.6.2
|
|
10
|
+
- @red-hat-developer-hub/backstage-plugin-orchestrator-node@1.2.2
|
|
11
|
+
|
|
3
12
|
## 8.9.0
|
|
4
13
|
|
|
5
14
|
### Minor Changes
|
|
@@ -107,7 +107,10 @@ async function createBackendRouter(options) {
|
|
|
107
107
|
const permissionsIntegrationRouter = pluginPermissionNode.createPermissionIntegrationRouter({
|
|
108
108
|
permissions: backstagePluginOrchestratorCommon.orchestratorPermissions
|
|
109
109
|
});
|
|
110
|
-
|
|
110
|
+
const contentLengthLimit = config.getOptionalString(
|
|
111
|
+
"orchestrator.contentLengthLimit"
|
|
112
|
+
);
|
|
113
|
+
router.use(express__default.default.json({ limit: contentLengthLimit }));
|
|
111
114
|
router.use(permissionsIntegrationRouter);
|
|
112
115
|
router.use("/workflows", express__default.default.text());
|
|
113
116
|
router.get("/health", (_, response) => {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"router.cjs.js","sources":["../../src/service/router.ts"],"sourcesContent":["/*\n * Copyright Red Hat, Inc.\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { MiddlewareFactory } from '@backstage/backend-defaults/rootHttpRouter';\nimport {\n AuditorService,\n AuditorServiceEvent,\n HttpAuthService,\n LoggerService,\n PermissionsService,\n SchedulerService,\n UserInfoService,\n} from '@backstage/backend-plugin-api';\nimport type { Config } from '@backstage/config';\nimport { NotAllowedError } from '@backstage/errors';\nimport {\n AuthorizePermissionRequest,\n AuthorizePermissionResponse,\n AuthorizeResult,\n BasicPermission,\n} from '@backstage/plugin-permission-common';\nimport { createPermissionIntegrationRouter } from '@backstage/plugin-permission-node';\nimport type { JsonObject } from '@backstage/types';\n\nimport { UnauthorizedError } from '@backstage-community/plugin-rbac-common';\nimport { fullFormats } from 'ajv-formats/dist/formats';\nimport express, { Router } from 'express';\nimport { Request as HttpRequest } from 'express-serve-static-core';\nimport { OpenAPIBackend, Request } from 'openapi-backend';\n\nimport {\n FieldFilter,\n Filter,\n NestedFilter,\n openApiDocument,\n orchestratorInstanceAdminViewPermission,\n orchestratorPermissions,\n orchestratorWorkflowPermission,\n orchestratorWorkflowSpecificPermission,\n orchestratorWorkflowUsePermission,\n orchestratorWorkflowUseSpecificPermission,\n WorkflowOverviewListResultDTO,\n} from '@red-hat-developer-hub/backstage-plugin-orchestrator-common';\n\nimport { WorkflowLogsProvidersRegistry } from '../providers/WorkflowLogsProvidersRegistry';\nimport { RouterOptions } from '../routerWrapper';\nimport { OrchestratorKafkaServiceOptions } from '../types/kafka';\nimport { buildPagination } from '../types/pagination';\nimport { V2 } from './api/v2';\nimport { DataIndexService } from './DataIndexService';\nimport { DataInputSchemaService } from './DataInputSchemaService';\nimport { OrchestratorService } from './OrchestratorService';\nimport { SonataFlowService } from './SonataFlowService';\nimport { WorkflowCacheService } from './WorkflowCacheService';\n\ninterface PublicServices {\n dataInputSchemaService: DataInputSchemaService;\n orchestratorService: OrchestratorService;\n}\n\ninterface RouterApi {\n openApiBackend: OpenAPIBackend;\n v2: V2;\n}\n\nconst authorize = async (\n request: HttpRequest,\n anyOfPermissions: BasicPermission[],\n permissionsSvc: PermissionsService,\n httpAuth: HttpAuthService,\n): Promise<AuthorizePermissionResponse> => {\n const credentials = await httpAuth.credentials(request);\n const decisionResponses: AuthorizePermissionResponse[][] = await Promise.all(\n anyOfPermissions.map(permission =>\n permissionsSvc.authorize([{ permission }], {\n credentials,\n }),\n ),\n );\n const decisions: AuthorizePermissionResponse[] = decisionResponses.map(\n d => d[0],\n );\n\n const allow = decisions.find(d => d.result === AuthorizeResult.ALLOW);\n return (\n allow || {\n result: AuthorizeResult.DENY,\n }\n );\n};\n\nconst isUserAuthorizedForInstanceAdminViewPermission = async (\n request: HttpRequest,\n permissionsSvc: PermissionsService,\n httpAuth: HttpAuthService,\n): Promise<boolean> => {\n const credentials = await httpAuth.credentials(request);\n const [decision] = await permissionsSvc.authorize(\n [{ permission: orchestratorInstanceAdminViewPermission }],\n { credentials },\n );\n\n return decision.result === AuthorizeResult.ALLOW;\n};\n\nconst filterAuthorizedWorkflowIds = async (\n request: HttpRequest,\n permissionsSvc: PermissionsService,\n httpAuth: HttpAuthService,\n workflowIds: string[],\n): Promise<string[]> => {\n const credentials = await httpAuth.credentials(request);\n const genericWorkflowPermissionDecision = await permissionsSvc.authorize(\n [{ permission: orchestratorWorkflowPermission }],\n {\n credentials,\n },\n );\n\n if (genericWorkflowPermissionDecision[0].result === AuthorizeResult.ALLOW) {\n // The user can see all workflows\n return workflowIds;\n }\n\n const specificWorkflowRequests: AuthorizePermissionRequest[] =\n workflowIds.map(workflowId => ({\n permission: orchestratorWorkflowSpecificPermission(workflowId),\n }));\n\n const decisions = await permissionsSvc.authorize(specificWorkflowRequests, {\n credentials,\n });\n\n return workflowIds.filter(\n (_, idx) => decisions[idx].result === AuthorizeResult.ALLOW,\n );\n};\n\nconst filterAuthorizedWorkflows = async (\n request: HttpRequest,\n permissionsSvc: PermissionsService,\n httpAuth: HttpAuthService,\n workflows: WorkflowOverviewListResultDTO,\n): Promise<WorkflowOverviewListResultDTO> => {\n if (!workflows.overviews) {\n return workflows;\n }\n\n const authorizedWorkflowIds = await filterAuthorizedWorkflowIds(\n request,\n permissionsSvc,\n httpAuth,\n workflows.overviews.map(w => w.workflowId),\n );\n\n const filtered = {\n ...workflows,\n overviews: workflows.overviews.filter(w =>\n authorizedWorkflowIds.includes(w.workflowId),\n ),\n };\n\n return filtered;\n};\n\nexport async function createBackendRouter(\n options: RouterOptions,\n): Promise<Router> {\n const {\n config,\n logger,\n auditor,\n scheduler,\n permissions,\n httpAuth,\n userInfo,\n workflowLogsProvidersRegistry,\n } = options;\n const publicServices = initPublicServices(\n logger,\n config,\n scheduler,\n workflowLogsProvidersRegistry,\n );\n\n const routerApi = await initRouterApi(publicServices.orchestratorService);\n\n const router = Router();\n const permissionsIntegrationRouter = createPermissionIntegrationRouter({\n permissions: orchestratorPermissions,\n });\n router.use(express.json());\n router.use(permissionsIntegrationRouter);\n router.use('/workflows', express.text());\n router.get('/health', (_, response) => {\n logger.info('PONG!');\n response.json({ status: 'ok' });\n });\n\n setupInternalRoutes(\n publicServices,\n routerApi,\n permissions,\n httpAuth,\n auditor,\n userInfo,\n );\n\n router.use((req, res, next) => {\n if (!next) {\n throw new Error('next is undefined');\n }\n\n return routerApi.openApiBackend\n .handleRequest(req as Request, req, res, next)\n .catch(error => {\n auditor\n .createEvent({\n eventId: 'generic-error-handler',\n request: req,\n // Keep at high since this is a fallback - any error should be caught in handlers\n severityLevel: 'high',\n meta: {},\n })\n .then(event => {\n event.fail({\n meta: {},\n error,\n });\n });\n\n next(error);\n });\n });\n\n const middleware = MiddlewareFactory.create({ logger, config });\n\n router.use(middleware.error({ logAllErrors: true })); // log also openapi errors\n\n return router;\n}\n\nfunction initPublicServices(\n logger: LoggerService,\n config: Config,\n scheduler: SchedulerService,\n workflowLogsProvidersRegistry: WorkflowLogsProvidersRegistry,\n): PublicServices {\n const dataIndexUrl = config.getString('orchestrator.dataIndexService.url');\n const orchestratorKafka: OrchestratorKafkaServiceOptions | undefined =\n config.getOptional('orchestrator.kafka');\n const dataIndexService = new DataIndexService(dataIndexUrl, logger);\n const sonataFlowService = new SonataFlowService(\n dataIndexService,\n logger,\n orchestratorKafka,\n );\n\n const workflowCacheService = new WorkflowCacheService(\n logger,\n dataIndexService,\n sonataFlowService,\n );\n workflowCacheService.schedule({ scheduler: scheduler });\n\n const isWorkflowLogProviderAdded = config.getOptional(\n 'orchestrator.workflowLogProvider',\n );\n let workflowLogProvider;\n if (isWorkflowLogProviderAdded) {\n workflowLogProvider = workflowLogsProvidersRegistry.getProvider('loki');\n }\n\n const orchestratorService = new OrchestratorService(\n sonataFlowService,\n dataIndexService,\n workflowCacheService,\n workflowLogProvider,\n );\n\n const dataInputSchemaService = new DataInputSchemaService();\n\n return {\n orchestratorService,\n dataInputSchemaService,\n };\n}\n\nasync function initRouterApi(\n orchestratorService: OrchestratorService,\n): Promise<RouterApi> {\n const openApiBackend = new OpenAPIBackend({\n definition: openApiDocument,\n strict: false,\n ajvOpts: {\n strict: false,\n strictSchema: false,\n verbose: true,\n addUsedSchema: false,\n formats: fullFormats, // open issue: https://github.com/openapistack/openapi-backend/issues/280\n },\n handlers: {\n validationFail: async (\n c,\n _req: express.Request,\n res: express.Response,\n ) => {\n console.log('OPENAPI validationFail', c.operation);\n res.status(400).json({ err: c.validation.errors });\n },\n notFound: async (_c, req: express.Request, res: express.Response) => {\n res.status(404).json({ err: `${req.path} path not found` });\n },\n notImplemented: async (_c, req: express.Request, res: express.Response) =>\n res.status(500).json({ err: `${req.path} not implemented` }),\n },\n });\n await openApiBackend.init();\n const v2 = new V2(orchestratorService);\n return { v2, openApiBackend };\n}\n\n// ======================================================\n// Internal Backstage API calls to delegate to SonataFlow\n// ======================================================\nfunction setupInternalRoutes(\n services: PublicServices,\n routerApi: RouterApi,\n permissions: PermissionsService,\n httpAuth: HttpAuthService,\n auditor: AuditorService,\n userInfo: UserInfoService,\n) {\n function manageDenyAuthorization(auditEvent: AuditorServiceEvent) {\n const error = new UnauthorizedError();\n auditEvent.fail({\n meta: {\n message: 'Not authorized to request the endpoint',\n },\n error: new UnauthorizedError(),\n });\n\n throw error;\n }\n // v2\n routerApi.openApiBackend.register(\n 'getWorkflowsOverviewForEntity',\n async (_c, req, res: express.Response, next) => {\n const auditEvent = await auditor.createEvent({\n eventId: 'get-workflow-overview-entity',\n request: req,\n });\n const targetEntity = req.body.targetEntity as string;\n const annotationWorkflowIds = req.body.annotationWorkflowIds as string[];\n try {\n const result = await routerApi.v2.getWorkflowsOverviewForEntity(\n targetEntity,\n annotationWorkflowIds,\n );\n\n const workflows = await filterAuthorizedWorkflows(\n req,\n permissions,\n httpAuth,\n result,\n );\n auditEvent.success({\n meta: {\n workflowsCount: workflows.overviews?.length,\n },\n });\n res.json(workflows);\n } catch (error) {\n auditEvent.fail({ error });\n next(error);\n }\n },\n );\n\n // v2\n routerApi.openApiBackend.register(\n 'getWorkflowsOverview',\n async (_c, req, res: express.Response, next) => {\n const auditEvent = await auditor.createEvent({\n eventId: 'get-workflow-overview',\n request: req,\n });\n\n try {\n const result = await routerApi.v2.getWorkflowsOverview(\n buildPagination(req),\n getRequestFilters(req),\n );\n\n const workflows = await filterAuthorizedWorkflows(\n req,\n permissions,\n httpAuth,\n result,\n );\n auditEvent.success({\n meta: {\n workflowsCount: workflows.overviews?.length,\n },\n });\n res.json(workflows);\n } catch (error) {\n auditEvent.fail({ error });\n next(error);\n }\n },\n );\n\n // v2\n routerApi.openApiBackend.register(\n 'getWorkflowSourceById',\n async (c, req, res, next) => {\n const workflowId = c.request.params.workflowId as string;\n\n const auditEvent = await auditor.createEvent({\n eventId: 'get-workflow-source',\n request: req,\n meta: {\n actionType: 'by-id',\n workflowId,\n },\n });\n\n const decision = await authorize(\n req,\n [\n orchestratorWorkflowPermission,\n orchestratorWorkflowSpecificPermission(workflowId),\n ],\n permissions,\n httpAuth,\n );\n if (decision.result === AuthorizeResult.DENY) {\n manageDenyAuthorization(auditEvent);\n }\n\n try {\n const result = await routerApi.v2.getWorkflowSourceById(workflowId);\n auditEvent.success();\n res.status(200).contentType('text/plain').send(result);\n } catch (error) {\n auditEvent.fail({ error });\n next(error);\n }\n },\n );\n\n // v2\n routerApi.openApiBackend.register(\n 'executeWorkflow',\n async (c, req: express.Request, res: express.Response, next) => {\n const workflowId = c.request.params.workflowId as string;\n const credentials = await httpAuth.credentials(req);\n const token = req.headers.authorization?.split(' ')[1];\n const initiatorEntity = await (\n await userInfo.getUserInfo(credentials)\n ).userEntityRef;\n\n const auditEvent = await auditor.createEvent({\n eventId: 'execute-workflow',\n request: req,\n meta: {\n workflowId,\n },\n });\n\n const decision = await authorize(\n req,\n [\n orchestratorWorkflowUsePermission,\n orchestratorWorkflowUseSpecificPermission(workflowId),\n ],\n permissions,\n httpAuth,\n );\n if (decision.result === AuthorizeResult.DENY) {\n manageDenyAuthorization(auditEvent);\n }\n\n const executeWorkflowRequestDTO = req.body;\n\n return routerApi.v2\n .executeWorkflow(\n executeWorkflowRequestDTO,\n workflowId,\n initiatorEntity,\n token,\n )\n .then(result => {\n auditEvent.success({ meta: { id: result.id } });\n return res.status(200).json(result);\n })\n .catch(error => {\n auditEvent.fail({ error });\n next(error);\n });\n },\n );\n\n // v2\n routerApi.openApiBackend.register(\n 'retriggerInstance',\n async (c, req: express.Request, res: express.Response, next) => {\n const workflowId = c.request.params.workflowId as string;\n const instanceId = c.request.params.instanceId as string;\n const token = req.headers.authorization?.split(' ')[1];\n const retriggerInstanceRequestDTO = req.body;\n\n const auditEvent = await auditor.createEvent({\n eventId: 'retrigger-instance',\n request: req,\n meta: {\n workflowId,\n instanceId,\n },\n });\n\n const decision = await authorize(\n req,\n [\n orchestratorWorkflowUsePermission,\n orchestratorWorkflowUseSpecificPermission(workflowId),\n ],\n permissions,\n httpAuth,\n );\n if (decision.result === AuthorizeResult.DENY) {\n manageDenyAuthorization(auditEvent);\n }\n\n await routerApi.v2\n .retriggerInstance(\n workflowId,\n instanceId,\n retriggerInstanceRequestDTO,\n token,\n )\n .then(result => {\n auditEvent.success();\n return res.status(200).json(result);\n })\n .catch(error => {\n auditEvent.fail({ error });\n next(error);\n });\n },\n );\n\n // v2\n routerApi.openApiBackend.register(\n 'getWorkflowOverviewById',\n async (c, req: express.Request, res: express.Response, next) => {\n const workflowId = c.request.params.workflowId as string;\n\n const auditEvent = await auditor.createEvent({\n eventId: 'get-workflow-overview',\n request: req,\n meta: {\n actionType: 'by-id',\n workflowId,\n },\n });\n\n const decision = await authorize(\n req,\n [\n orchestratorWorkflowPermission,\n orchestratorWorkflowSpecificPermission(workflowId),\n ],\n permissions,\n httpAuth,\n );\n if (decision.result === AuthorizeResult.DENY) {\n manageDenyAuthorization(auditEvent);\n }\n\n return routerApi.v2\n .getWorkflowOverviewById(workflowId)\n .then(result => {\n auditEvent.success({\n meta: {\n workflowId: result.workflowId,\n },\n });\n return res.json(result);\n })\n .catch(error => {\n auditEvent.fail({ error });\n next(error);\n });\n },\n );\n\n // v2\n routerApi.openApiBackend.register(\n 'getWorkflowStatuses',\n async (_c, request: express.Request, res: express.Response, next) => {\n const auditEvent = await auditor.createEvent({\n eventId: 'get-workflow-statuses',\n request,\n });\n\n // Anyone is authorized to call this endpoint\n\n return routerApi.v2\n .getWorkflowStatuses()\n .then(result => {\n auditEvent.success();\n res.status(200).json(result);\n })\n .catch(error => {\n auditEvent.fail({ error });\n next(error);\n });\n },\n );\n\n // v2\n routerApi.openApiBackend.register(\n 'getWorkflowInputSchemaById',\n async (c, req: express.Request, res: express.Response, next) => {\n const workflowId = c.request.params.workflowId as string;\n const instanceId = c.request.query.instanceId as string;\n\n const auditEvent = await auditor.createEvent({\n eventId: 'get-workflow-input-schema',\n request: req,\n meta: {\n actionType: 'by-id',\n workflowId,\n instanceId,\n },\n });\n\n try {\n const decision = await authorize(\n req,\n [\n orchestratorWorkflowPermission,\n orchestratorWorkflowSpecificPermission(workflowId),\n ],\n permissions,\n httpAuth,\n );\n if (decision.result === AuthorizeResult.DENY) {\n manageDenyAuthorization(auditEvent);\n }\n\n const workflowDefinition =\n await services.orchestratorService.fetchWorkflowInfo({\n definitionId: workflowId,\n });\n\n if (!workflowDefinition) {\n throw new Error(\n `Failed to fetch workflow info for workflow ${workflowId}`,\n );\n }\n const serviceUrl = workflowDefinition.serviceUrl;\n if (!serviceUrl) {\n throw new Error(\n `Service URL is not defined for workflow ${workflowId}`,\n );\n }\n\n const definition =\n await services.orchestratorService.fetchWorkflowDefinition({\n definitionId: workflowId,\n });\n\n if (!definition) {\n throw new Error(\n 'Failed to fetch workflow definition for workflow ${workflowId}',\n );\n }\n\n if (!definition.dataInputSchema) {\n res.status(200).json({});\n return;\n }\n\n const instanceVariables = instanceId\n ? await services.orchestratorService.fetchInstanceVariables({\n instanceId,\n })\n : undefined;\n\n const workflowData = instanceVariables\n ? services.dataInputSchemaService.extractWorkflowData(\n instanceVariables,\n )\n : undefined;\n\n const workflowInfo = await routerApi.v2.getWorkflowInputSchemaById(\n workflowId,\n serviceUrl,\n );\n\n if (!workflowInfo?.inputSchema?.properties) {\n auditEvent.success({\n meta: {\n message: 'Successfully found nothing.',\n },\n });\n res.status(200).json({});\n return;\n }\n\n const inputSchemaProps = workflowInfo.inputSchema.properties;\n let inputData;\n\n if (workflowData) {\n inputData = Object.keys(inputSchemaProps)\n .filter(k => k in workflowData)\n .reduce((result, k) => {\n if (workflowData[k] === undefined) {\n return result;\n }\n result[k] = workflowData[k];\n return result;\n }, {} as JsonObject);\n }\n\n auditEvent.success({\n meta: {\n workflowId: workflowInfo.id,\n },\n });\n res.status(200).json({\n inputSchema: workflowInfo.inputSchema,\n data: inputData,\n });\n } catch (error) {\n auditEvent.fail({ error });\n next(error);\n }\n },\n );\n\n // v2\n routerApi.openApiBackend.register(\n 'getWorkflowInstances',\n async (c, req: express.Request, res: express.Response, next) => {\n const workflowId = c.request.params.workflowId as string;\n\n const auditEvent = await auditor.createEvent({\n eventId: 'get-workflow-instances',\n request: req,\n });\n\n const decision = await authorize(\n req,\n [\n orchestratorWorkflowPermission,\n orchestratorWorkflowSpecificPermission(workflowId),\n ],\n permissions,\n httpAuth,\n );\n if (decision.result === AuthorizeResult.DENY) {\n manageDenyAuthorization(auditEvent);\n }\n\n return routerApi.v2\n .getInstances(buildPagination(req), getRequestFilters(req), [\n workflowId,\n ])\n .then(result => {\n auditEvent.success();\n res.json(result);\n })\n .catch(error => {\n auditEvent.fail({ error });\n next(error);\n });\n },\n );\n\n // v2\n routerApi.openApiBackend.register(\n 'pingWorkflowServiceById',\n async (c, req: express.Request, res: express.Response, next) => {\n const workflowId = c.request.params.workflowId as string;\n\n const auditEvent = await auditor.createEvent({\n eventId: 'ping-workflow-service',\n request: req,\n });\n\n const decision = await authorize(\n req,\n [\n orchestratorWorkflowPermission,\n orchestratorWorkflowSpecificPermission(workflowId),\n ],\n permissions,\n httpAuth,\n );\n if (decision.result === AuthorizeResult.DENY) {\n manageDenyAuthorization(auditEvent);\n }\n\n return routerApi.v2\n .pingWorkflowService(workflowId)\n .then(result => {\n auditEvent.success();\n res.json(result);\n })\n .catch(error => {\n auditEvent.fail({ error });\n next(error);\n });\n },\n );\n\n // v2\n routerApi.openApiBackend.register(\n 'getInstances',\n async (_c, req: express.Request, res: express.Response, next) => {\n const auditEvent = await auditor.createEvent({\n eventId: 'get-instances',\n request: req,\n });\n\n try {\n // Once we assign user to the instance in the future, we can rework this filtering\n const allWorkflowIds = routerApi.v2.getWorkflowIds();\n const authorizedWorkflowIds: string[] =\n await filterAuthorizedWorkflowIds(\n req,\n permissions,\n httpAuth,\n allWorkflowIds,\n );\n\n if (!authorizedWorkflowIds || authorizedWorkflowIds.length === 0)\n res.json([]);\n\n const credentials = await httpAuth.credentials(req);\n const initiatorEntity = (await userInfo.getUserInfo(credentials))\n .userEntityRef;\n const isUserAuthorizedForInstanceAdminView: boolean = // This permission will let user see ALL instances (including ones others created)\n await isUserAuthorizedForInstanceAdminViewPermission(\n req,\n permissions,\n httpAuth,\n );\n\n const requestFilters = getRequestFilters(req);\n\n let filters = requestFilters;\n\n if (!isUserAuthorizedForInstanceAdminView) {\n const initiatorEntityFilter: FieldFilter = {\n operator: 'EQ',\n value: initiatorEntity,\n field: 'initiatorEntity',\n };\n\n const nestedVariablesFilter: NestedFilter = {\n field: 'variables',\n nested: initiatorEntityFilter,\n };\n\n if (requestFilters === undefined) {\n filters = nestedVariablesFilter;\n } else {\n // combine filters\n filters = {\n operator: 'AND',\n filters: [nestedVariablesFilter, requestFilters],\n };\n }\n }\n\n const result = await routerApi.v2.getInstances(\n buildPagination(req),\n filters,\n authorizedWorkflowIds,\n );\n\n auditEvent.success({ meta: { authorizedWorkflowIds } });\n res.json(result);\n } catch (error) {\n auditEvent.fail({ error });\n next(error);\n }\n },\n );\n\n // v2\n routerApi.openApiBackend.register(\n 'getInstanceById',\n async (c, request: express.Request, res: express.Response, next) => {\n const instanceId = c.request.params.instanceId as string;\n\n const auditEvent = await auditor.createEvent({\n eventId: 'get-instance',\n request,\n meta: {\n actionType: 'by-id',\n instanceId,\n },\n });\n\n try {\n const instance = await routerApi.v2.getInstanceById(instanceId);\n\n const workflowId = instance.processId;\n\n const decision = await authorize(\n request,\n [\n orchestratorWorkflowPermission,\n orchestratorWorkflowSpecificPermission(workflowId),\n ],\n permissions,\n httpAuth,\n );\n if (decision.result === AuthorizeResult.DENY) {\n manageDenyAuthorization(auditEvent);\n }\n\n const credentials = await httpAuth.credentials(request);\n const initiatorEntity = (await userInfo.getUserInfo(credentials))\n .userEntityRef;\n // Check if user is authorized to view all instances\n const isUserAuthorizedForInstanceAdminView =\n await isUserAuthorizedForInstanceAdminViewPermission(\n request,\n permissions,\n httpAuth,\n );\n\n // If not an admin, enforce initiatorEntity check\n if (!isUserAuthorizedForInstanceAdminView) {\n const instanceInitiatorEntity = instance.initiatorEntity;\n\n // If the instance has no initiatorEntity recorded, we cannot determine ownership.\n // This can happen for:\n // 1. Workflow instances created before the initiatorEntity feature was added\n // 2. Workflow instances started externally (not through Backstage)\n // 3. Workflows that transform/overwrite their input variables\n if (!instanceInitiatorEntity) {\n throw new NotAllowedError(\n `Access denied for instance ${instanceId}. ` +\n `You have permission to view workflow '${workflowId}', but this workflow run ` +\n `does not have ownership information recorded. Since we cannot verify you ` +\n `initiated this run, the 'orchestrator.instanceAdminView' permission is required. ` +\n `Contact your administrator to grant this permission.`,\n );\n }\n\n if (instanceInitiatorEntity !== initiatorEntity) {\n throw new NotAllowedError(\n `Access denied for instance ${instanceId}. ` +\n `This workflow run was initiated by '${instanceInitiatorEntity}', not by you ('${initiatorEntity}'). ` +\n `With 'orchestrator.workflow' or 'orchestrator.workflow.${workflowId}' permissions, ` +\n `you can only view instances you created. To view all instances, you need the ` +\n `'orchestrator.instanceAdminView' permission.`,\n );\n }\n }\n\n auditEvent.success();\n res.status(200).json(instance);\n } catch (error) {\n auditEvent.fail({ error });\n next(error);\n }\n },\n );\n\n // v2\n routerApi.openApiBackend.register(\n 'getWorkflowLogById',\n async (c, request: express.Request, res: express.Response, next) => {\n const instanceId = c.request.params.instanceId as string;\n // will probably have to get the raw log at some point\n // const rawLog = c.request.query.instanceId as Boolean;\n\n const auditEvent = await auditor.createEvent({\n eventId: 'get-logs-by-instance',\n request,\n meta: {\n actionType: 'by-id',\n instanceId,\n },\n });\n\n try {\n // Check that a log provider has been setup\n if (!services.orchestratorService.hasLogProvider()) {\n throw new Error(`No log provider setup`);\n }\n const instance = await routerApi.v2.getInstanceById(instanceId);\n const workflowId = instance.processId;\n\n const decision = await authorize(\n request,\n [\n orchestratorWorkflowPermission,\n orchestratorWorkflowSpecificPermission(workflowId),\n ],\n permissions,\n httpAuth,\n );\n if (decision.result === AuthorizeResult.DENY) {\n manageDenyAuthorization(auditEvent);\n }\n\n const credentials = await httpAuth.credentials(request);\n const initiatorEntity = (await userInfo.getUserInfo(credentials))\n .userEntityRef;\n // Check if user is authorized to view all instances\n const isUserAuthorizedForInstanceAdminView =\n await isUserAuthorizedForInstanceAdminViewPermission(\n request,\n permissions,\n httpAuth,\n );\n\n // If not an admin, enforce initiatorEntity check\n if (!isUserAuthorizedForInstanceAdminView) {\n const instanceInitiatorEntity = instance.initiatorEntity;\n if (instanceInitiatorEntity !== initiatorEntity) {\n throw new Error(\n `Unauthorized to access instance ${instanceId} not initiated by user.`,\n );\n }\n }\n\n const logs = await routerApi.v2.getInstanceLogsByInstance(instance);\n\n auditEvent.success();\n res.status(200).json(logs);\n } catch (error) {\n auditEvent.fail({ error });\n next(error);\n }\n },\n );\n\n // v2\n routerApi.openApiBackend.register(\n 'abortWorkflow',\n async (c, request, res, next) => {\n const instanceId = c.request.params.instanceId as string;\n\n const auditEvent = await auditor.createEvent({\n eventId: 'abort-workflow',\n request,\n meta: {\n actionType: 'by-id',\n instanceId,\n },\n });\n\n try {\n const instance = await routerApi.v2.getInstanceById(instanceId);\n const workflowId = instance.processId;\n\n const decision = await authorize(\n request,\n [\n orchestratorWorkflowUsePermission,\n orchestratorWorkflowUseSpecificPermission(workflowId),\n ],\n permissions,\n httpAuth,\n );\n if (decision.result === AuthorizeResult.DENY) {\n manageDenyAuthorization(auditEvent);\n }\n\n const result = await routerApi.v2.abortWorkflow(workflowId, instanceId);\n auditEvent.success({ meta: { result } });\n res.status(200).json(result);\n } catch (error) {\n auditEvent.fail({ error });\n next(error);\n }\n },\n );\n}\n\nfunction getRequestFilters(req: HttpRequest): Filter | undefined {\n return req.body.filters ? (req.body.filters as Filter) : undefined;\n}\n"],"names":["AuthorizeResult","orchestratorInstanceAdminViewPermission","orchestratorWorkflowPermission","orchestratorWorkflowSpecificPermission","Router","createPermissionIntegrationRouter","orchestratorPermissions","express","MiddlewareFactory","DataIndexService","SonataFlowService","WorkflowCacheService","OrchestratorService","DataInputSchemaService","OpenAPIBackend","openApiDocument","fullFormats","v2","V2","UnauthorizedError","buildPagination","orchestratorWorkflowUsePermission","orchestratorWorkflowUseSpecificPermission","NotAllowedError"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;AA8EA,MAAM,SAAA,GAAY,OAChB,OAAA,EACA,gBAAA,EACA,gBACA,QAAA,KACyC;AACzC,EAAA,MAAM,WAAA,GAAc,MAAM,QAAA,CAAS,WAAA,CAAY,OAAO,CAAA;AACtD,EAAA,MAAM,iBAAA,GAAqD,MAAM,OAAA,CAAQ,GAAA;AAAA,IACvE,gBAAA,CAAiB,GAAA;AAAA,MAAI,gBACnB,cAAA,CAAe,SAAA,CAAU,CAAC,EAAE,UAAA,EAAY,CAAA,EAAG;AAAA,QACzC;AAAA,OACD;AAAA;AACH,GACF;AACA,EAAA,MAAM,YAA2C,iBAAA,CAAkB,GAAA;AAAA,IACjE,CAAA,CAAA,KAAK,EAAE,CAAC;AAAA,GACV;AAEA,EAAA,MAAM,QAAQ,SAAA,CAAU,IAAA,CAAK,OAAK,CAAA,CAAE,MAAA,KAAWA,uCAAgB,KAAK,CAAA;AACpE,EAAA,OACE,KAAA,IAAS;AAAA,IACP,QAAQA,sCAAA,CAAgB;AAAA,GAC1B;AAEJ,CAAA;AAEA,MAAM,8CAAA,GAAiD,OACrD,OAAA,EACA,cAAA,EACA,QAAA,KACqB;AACrB,EAAA,MAAM,WAAA,GAAc,MAAM,QAAA,CAAS,WAAA,CAAY,OAAO,CAAA;AACtD,EAAA,MAAM,CAAC,QAAQ,CAAA,GAAI,MAAM,cAAA,CAAe,SAAA;AAAA,IACtC,CAAC,EAAE,UAAA,EAAYC,yEAAA,EAAyC,CAAA;AAAA,IACxD,EAAE,WAAA;AAAY,GAChB;AAEA,EAAA,OAAO,QAAA,CAAS,WAAWD,sCAAA,CAAgB,KAAA;AAC7C,CAAA;AAEA,MAAM,2BAAA,GAA8B,OAClC,OAAA,EACA,cAAA,EACA,UACA,WAAA,KACsB;AACtB,EAAA,MAAM,WAAA,GAAc,MAAM,QAAA,CAAS,WAAA,CAAY,OAAO,CAAA;AACtD,EAAA,MAAM,iCAAA,GAAoC,MAAM,cAAA,CAAe,SAAA;AAAA,IAC7D,CAAC,EAAE,UAAA,EAAYE,gEAAA,EAAgC,CAAA;AAAA,IAC/C;AAAA,MACE;AAAA;AACF,GACF;AAEA,EAAA,IAAI,iCAAA,CAAkC,CAAC,CAAA,CAAE,MAAA,KAAWF,uCAAgB,KAAA,EAAO;AAEzE,IAAA,OAAO,WAAA;AAAA,EACT;AAEA,EAAA,MAAM,wBAAA,GACJ,WAAA,CAAY,GAAA,CAAI,CAAA,UAAA,MAAe;AAAA,IAC7B,UAAA,EAAYG,yEAAuC,UAAU;AAAA,GAC/D,CAAE,CAAA;AAEJ,EAAA,MAAM,SAAA,GAAY,MAAM,cAAA,CAAe,SAAA,CAAU,wBAAA,EAA0B;AAAA,IACzE;AAAA,GACD,CAAA;AAED,EAAA,OAAO,WAAA,CAAY,MAAA;AAAA,IACjB,CAAC,CAAA,EAAG,GAAA,KAAQ,UAAU,GAAG,CAAA,CAAE,WAAWH,sCAAA,CAAgB;AAAA,GACxD;AACF,CAAA;AAEA,MAAM,yBAAA,GAA4B,OAChC,OAAA,EACA,cAAA,EACA,UACA,SAAA,KAC2C;AAC3C,EAAA,IAAI,CAAC,UAAU,SAAA,EAAW;AACxB,IAAA,OAAO,SAAA;AAAA,EACT;AAEA,EAAA,MAAM,wBAAwB,MAAM,2BAAA;AAAA,IAClC,OAAA;AAAA,IACA,cAAA;AAAA,IACA,QAAA;AAAA,IACA,SAAA,CAAU,SAAA,CAAU,GAAA,CAAI,CAAA,CAAA,KAAK,EAAE,UAAU;AAAA,GAC3C;AAEA,EAAA,MAAM,QAAA,GAAW;AAAA,IACf,GAAG,SAAA;AAAA,IACH,SAAA,EAAW,UAAU,SAAA,CAAU,MAAA;AAAA,MAAO,CAAA,CAAA,KACpC,qBAAA,CAAsB,QAAA,CAAS,CAAA,CAAE,UAAU;AAAA;AAC7C,GACF;AAEA,EAAA,OAAO,QAAA;AACT,CAAA;AAEA,eAAsB,oBACpB,OAAA,EACiB;AACjB,EAAA,MAAM;AAAA,IACJ,MAAA;AAAA,IACA,MAAA;AAAA,IACA,OAAA;AAAA,IACA,SAAA;AAAA,IACA,WAAA;AAAA,IACA,QAAA;AAAA,IACA,QAAA;AAAA,IACA;AAAA,GACF,GAAI,OAAA;AACJ,EAAA,MAAM,cAAA,GAAiB,kBAAA;AAAA,IACrB,MAAA;AAAA,IACA,MAAA;AAAA,IACA,SAAA;AAAA,IACA;AAAA,GACF;AAEA,EAAA,MAAM,SAAA,GAAY,MAAM,aAAA,CAAc,cAAA,CAAe,mBAAmB,CAAA;AAExE,EAAA,MAAM,SAASI,cAAA,EAAO;AACtB,EAAA,MAAM,+BAA+BC,sDAAA,CAAkC;AAAA,IACrE,WAAA,EAAaC;AAAA,GACd,CAAA;AACD,EAAA,MAAA,CAAO,GAAA,CAAIC,wBAAA,CAAQ,IAAA,EAAM,CAAA;AACzB,EAAA,MAAA,CAAO,IAAI,4BAA4B,CAAA;AACvC,EAAA,MAAA,CAAO,GAAA,CAAI,YAAA,EAAcA,wBAAA,CAAQ,IAAA,EAAM,CAAA;AACvC,EAAA,MAAA,CAAO,GAAA,CAAI,SAAA,EAAW,CAAC,CAAA,EAAG,QAAA,KAAa;AACrC,IAAA,MAAA,CAAO,KAAK,OAAO,CAAA;AACnB,IAAA,QAAA,CAAS,IAAA,CAAK,EAAE,MAAA,EAAQ,IAAA,EAAM,CAAA;AAAA,EAChC,CAAC,CAAA;AAED,EAAA,mBAAA;AAAA,IACE,cAAA;AAAA,IACA,SAAA;AAAA,IACA,WAAA;AAAA,IACA,QAAA;AAAA,IACA,OAAA;AAAA,IACA;AAAA,GACF;AAEA,EAAA,MAAA,CAAO,GAAA,CAAI,CAAC,GAAA,EAAK,GAAA,EAAK,IAAA,KAAS;AAC7B,IAAA,IAAI,CAAC,IAAA,EAAM;AACT,MAAA,MAAM,IAAI,MAAM,mBAAmB,CAAA;AAAA,IACrC;AAEA,IAAA,OAAO,SAAA,CAAU,eACd,aAAA,CAAc,GAAA,EAAgB,KAAK,GAAA,EAAK,IAAI,CAAA,CAC5C,KAAA,CAAM,CAAA,KAAA,KAAS;AACd,MAAA,OAAA,CACG,WAAA,CAAY;AAAA,QACX,OAAA,EAAS,uBAAA;AAAA,QACT,OAAA,EAAS,GAAA;AAAA;AAAA,QAET,aAAA,EAAe,MAAA;AAAA,QACf,MAAM;AAAC,OACR,CAAA,CACA,IAAA,CAAK,CAAA,KAAA,KAAS;AACb,QAAA,KAAA,CAAM,IAAA,CAAK;AAAA,UACT,MAAM,EAAC;AAAA,UACP;AAAA,SACD,CAAA;AAAA,MACH,CAAC,CAAA;AAEH,MAAA,IAAA,CAAK,KAAK,CAAA;AAAA,IACZ,CAAC,CAAA;AAAA,EACL,CAAC,CAAA;AAED,EAAA,MAAM,aAAaC,gCAAA,CAAkB,MAAA,CAAO,EAAE,MAAA,EAAQ,QAAQ,CAAA;AAE9D,EAAA,MAAA,CAAO,IAAI,UAAA,CAAW,KAAA,CAAM,EAAE,YAAA,EAAc,IAAA,EAAM,CAAC,CAAA;AAEnD,EAAA,OAAO,MAAA;AACT;AAEA,SAAS,kBAAA,CACP,MAAA,EACA,MAAA,EACA,SAAA,EACA,6BAAA,EACgB;AAChB,EAAA,MAAM,YAAA,GAAe,MAAA,CAAO,SAAA,CAAU,mCAAmC,CAAA;AACzE,EAAA,MAAM,iBAAA,GACJ,MAAA,CAAO,WAAA,CAAY,oBAAoB,CAAA;AACzC,EAAA,MAAM,gBAAA,GAAmB,IAAIC,iCAAA,CAAiB,YAAA,EAAc,MAAM,CAAA;AAClE,EAAA,MAAM,oBAAoB,IAAIC,mCAAA;AAAA,IAC5B,gBAAA;AAAA,IACA,MAAA;AAAA,IACA;AAAA,GACF;AAEA,EAAA,MAAM,uBAAuB,IAAIC,yCAAA;AAAA,IAC/B,MAAA;AAAA,IACA,gBAAA;AAAA,IACA;AAAA,GACF;AACA,EAAA,oBAAA,CAAqB,QAAA,CAAS,EAAE,SAAA,EAAsB,CAAA;AAEtD,EAAA,MAAM,6BAA6B,MAAA,CAAO,WAAA;AAAA,IACxC;AAAA,GACF;AACA,EAAA,IAAI,mBAAA;AACJ,EAAA,IAAI,0BAAA,EAA4B;AAC9B,IAAA,mBAAA,GAAsB,6BAAA,CAA8B,YAAY,MAAM,CAAA;AAAA,EACxE;AAEA,EAAA,MAAM,sBAAsB,IAAIC,uCAAA;AAAA,IAC9B,iBAAA;AAAA,IACA,gBAAA;AAAA,IACA,oBAAA;AAAA,IACA;AAAA,GACF;AAEA,EAAA,MAAM,sBAAA,GAAyB,IAAIC,6CAAA,EAAuB;AAE1D,EAAA,OAAO;AAAA,IACL,mBAAA;AAAA,IACA;AAAA,GACF;AACF;AAEA,eAAe,cACb,mBAAA,EACoB;AACpB,EAAA,MAAM,cAAA,GAAiB,IAAIC,6BAAA,CAAe;AAAA,IACxC,UAAA,EAAYC,iDAAA;AAAA,IACZ,MAAA,EAAQ,KAAA;AAAA,IACR,OAAA,EAAS;AAAA,MACP,MAAA,EAAQ,KAAA;AAAA,MACR,YAAA,EAAc,KAAA;AAAA,MACd,OAAA,EAAS,IAAA;AAAA,MACT,aAAA,EAAe,KAAA;AAAA,MACf,OAAA,EAASC;AAAA;AAAA,KACX;AAAA,IACA,QAAA,EAAU;AAAA,MACR,cAAA,EAAgB,OACd,CAAA,EACA,IAAA,EACA,GAAA,KACG;AACH,QAAA,OAAA,CAAQ,GAAA,CAAI,wBAAA,EAA0B,CAAA,CAAE,SAAS,CAAA;AACjD,QAAA,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA,CAAE,IAAA,CAAK,EAAE,GAAA,EAAK,CAAA,CAAE,UAAA,CAAW,MAAA,EAAQ,CAAA;AAAA,MACnD,CAAA;AAAA,MACA,QAAA,EAAU,OAAO,EAAA,EAAI,GAAA,EAAsB,GAAA,KAA0B;AACnE,QAAA,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA,CAAE,IAAA,CAAK,EAAE,KAAK,CAAA,EAAG,GAAA,CAAI,IAAI,CAAA,eAAA,CAAA,EAAmB,CAAA;AAAA,MAC5D,CAAA;AAAA,MACA,gBAAgB,OAAO,EAAA,EAAI,GAAA,EAAsB,GAAA,KAC/C,IAAI,MAAA,CAAO,GAAG,CAAA,CAAE,IAAA,CAAK,EAAE,GAAA,EAAK,CAAA,EAAG,GAAA,CAAI,IAAI,oBAAoB;AAAA;AAC/D,GACD,CAAA;AACD,EAAA,MAAM,eAAe,IAAA,EAAK;AAC1B,EAAA,MAAMC,IAAA,GAAK,IAAIC,KAAA,CAAG,mBAAmB,CAAA;AACrC,EAAA,OAAO,MAAED,MAAI,cAAA,EAAe;AAC9B;AAKA,SAAS,oBACP,QAAA,EACA,SAAA,EACA,WAAA,EACA,QAAA,EACA,SACA,QAAA,EACA;AACA,EAAA,SAAS,wBAAwB,UAAA,EAAiC;AAChE,IAAA,MAAM,KAAA,GAAQ,IAAIE,kCAAA,EAAkB;AACpC,IAAA,UAAA,CAAW,IAAA,CAAK;AAAA,MACd,IAAA,EAAM;AAAA,QACJ,OAAA,EAAS;AAAA,OACX;AAAA,MACA,KAAA,EAAO,IAAIA,kCAAA;AAAkB,KAC9B,CAAA;AAED,IAAA,MAAM,KAAA;AAAA,EACR;AAEA,EAAA,SAAA,CAAU,cAAA,CAAe,QAAA;AAAA,IACvB,+BAAA;AAAA,IACA,OAAO,EAAA,EAAI,GAAA,EAAK,GAAA,EAAuB,IAAA,KAAS;AAC9C,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,WAAA,CAAY;AAAA,QAC3C,OAAA,EAAS,8BAAA;AAAA,QACT,OAAA,EAAS;AAAA,OACV,CAAA;AACD,MAAA,MAAM,YAAA,GAAe,IAAI,IAAA,CAAK,YAAA;AAC9B,MAAA,MAAM,qBAAA,GAAwB,IAAI,IAAA,CAAK,qBAAA;AACvC,MAAA,IAAI;AACF,QAAA,MAAM,MAAA,GAAS,MAAM,SAAA,CAAU,EAAA,CAAG,6BAAA;AAAA,UAChC,YAAA;AAAA,UACA;AAAA,SACF;AAEA,QAAA,MAAM,YAAY,MAAM,yBAAA;AAAA,UACtB,GAAA;AAAA,UACA,WAAA;AAAA,UACA,QAAA;AAAA,UACA;AAAA,SACF;AACA,QAAA,UAAA,CAAW,OAAA,CAAQ;AAAA,UACjB,IAAA,EAAM;AAAA,YACJ,cAAA,EAAgB,UAAU,SAAA,EAAW;AAAA;AACvC,SACD,CAAA;AACD,QAAA,GAAA,CAAI,KAAK,SAAS,CAAA;AAAA,MACpB,SAAS,KAAA,EAAO;AACd,QAAA,UAAA,CAAW,IAAA,CAAK,EAAE,KAAA,EAAO,CAAA;AACzB,QAAA,IAAA,CAAK,KAAK,CAAA;AAAA,MACZ;AAAA,IACF;AAAA,GACF;AAGA,EAAA,SAAA,CAAU,cAAA,CAAe,QAAA;AAAA,IACvB,sBAAA;AAAA,IACA,OAAO,EAAA,EAAI,GAAA,EAAK,GAAA,EAAuB,IAAA,KAAS;AAC9C,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,WAAA,CAAY;AAAA,QAC3C,OAAA,EAAS,uBAAA;AAAA,QACT,OAAA,EAAS;AAAA,OACV,CAAA;AAED,MAAA,IAAI;AACF,QAAA,MAAM,MAAA,GAAS,MAAM,SAAA,CAAU,EAAA,CAAG,oBAAA;AAAA,UAChCC,2BAAgB,GAAG,CAAA;AAAA,UACnB,kBAAkB,GAAG;AAAA,SACvB;AAEA,QAAA,MAAM,YAAY,MAAM,yBAAA;AAAA,UACtB,GAAA;AAAA,UACA,WAAA;AAAA,UACA,QAAA;AAAA,UACA;AAAA,SACF;AACA,QAAA,UAAA,CAAW,OAAA,CAAQ;AAAA,UACjB,IAAA,EAAM;AAAA,YACJ,cAAA,EAAgB,UAAU,SAAA,EAAW;AAAA;AACvC,SACD,CAAA;AACD,QAAA,GAAA,CAAI,KAAK,SAAS,CAAA;AAAA,MACpB,SAAS,KAAA,EAAO;AACd,QAAA,UAAA,CAAW,IAAA,CAAK,EAAE,KAAA,EAAO,CAAA;AACzB,QAAA,IAAA,CAAK,KAAK,CAAA;AAAA,MACZ;AAAA,IACF;AAAA,GACF;AAGA,EAAA,SAAA,CAAU,cAAA,CAAe,QAAA;AAAA,IACvB,uBAAA;AAAA,IACA,OAAO,CAAA,EAAG,GAAA,EAAK,GAAA,EAAK,IAAA,KAAS;AAC3B,MAAA,MAAM,UAAA,GAAa,CAAA,CAAE,OAAA,CAAQ,MAAA,CAAO,UAAA;AAEpC,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,WAAA,CAAY;AAAA,QAC3C,OAAA,EAAS,qBAAA;AAAA,QACT,OAAA,EAAS,GAAA;AAAA,QACT,IAAA,EAAM;AAAA,UACJ,UAAA,EAAY,OAAA;AAAA,UACZ;AAAA;AACF,OACD,CAAA;AAED,MAAA,MAAM,WAAW,MAAM,SAAA;AAAA,QACrB,GAAA;AAAA,QACA;AAAA,UACElB,gEAAA;AAAA,UACAC,yEAAuC,UAAU;AAAA,SACnD;AAAA,QACA,WAAA;AAAA,QACA;AAAA,OACF;AACA,MAAA,IAAI,QAAA,CAAS,MAAA,KAAWH,sCAAA,CAAgB,IAAA,EAAM;AAC5C,QAAA,uBAAA,CAAwB,UAAU,CAAA;AAAA,MACpC;AAEA,MAAA,IAAI;AACF,QAAA,MAAM,MAAA,GAAS,MAAM,SAAA,CAAU,EAAA,CAAG,sBAAsB,UAAU,CAAA;AAClE,QAAA,UAAA,CAAW,OAAA,EAAQ;AACnB,QAAA,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,YAAY,YAAY,CAAA,CAAE,KAAK,MAAM,CAAA;AAAA,MACvD,SAAS,KAAA,EAAO;AACd,QAAA,UAAA,CAAW,IAAA,CAAK,EAAE,KAAA,EAAO,CAAA;AACzB,QAAA,IAAA,CAAK,KAAK,CAAA;AAAA,MACZ;AAAA,IACF;AAAA,GACF;AAGA,EAAA,SAAA,CAAU,cAAA,CAAe,QAAA;AAAA,IACvB,iBAAA;AAAA,IACA,OAAO,CAAA,EAAG,GAAA,EAAsB,GAAA,EAAuB,IAAA,KAAS;AAC9D,MAAA,MAAM,UAAA,GAAa,CAAA,CAAE,OAAA,CAAQ,MAAA,CAAO,UAAA;AACpC,MAAA,MAAM,WAAA,GAAc,MAAM,QAAA,CAAS,WAAA,CAAY,GAAG,CAAA;AAClD,MAAA,MAAM,QAAQ,GAAA,CAAI,OAAA,CAAQ,eAAe,KAAA,CAAM,GAAG,EAAE,CAAC,CAAA;AACrD,MAAA,MAAM,kBAAkB,MAAA,CACtB,MAAM,QAAA,CAAS,WAAA,CAAY,WAAW,CAAA,EACtC,aAAA;AAEF,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,WAAA,CAAY;AAAA,QAC3C,OAAA,EAAS,kBAAA;AAAA,QACT,OAAA,EAAS,GAAA;AAAA,QACT,IAAA,EAAM;AAAA,UACJ;AAAA;AACF,OACD,CAAA;AAED,MAAA,MAAM,WAAW,MAAM,SAAA;AAAA,QACrB,GAAA;AAAA,QACA;AAAA,UACEqB,mEAAA;AAAA,UACAC,4EAA0C,UAAU;AAAA,SACtD;AAAA,QACA,WAAA;AAAA,QACA;AAAA,OACF;AACA,MAAA,IAAI,QAAA,CAAS,MAAA,KAAWtB,sCAAA,CAAgB,IAAA,EAAM;AAC5C,QAAA,uBAAA,CAAwB,UAAU,CAAA;AAAA,MACpC;AAEA,MAAA,MAAM,4BAA4B,GAAA,CAAI,IAAA;AAEtC,MAAA,OAAO,UAAU,EAAA,CACd,eAAA;AAAA,QACC,yBAAA;AAAA,QACA,UAAA;AAAA,QACA,eAAA;AAAA,QACA;AAAA,OACF,CACC,KAAK,CAAA,MAAA,KAAU;AACd,QAAA,UAAA,CAAW,OAAA,CAAQ,EAAE,IAAA,EAAM,EAAE,IAAI,MAAA,CAAO,EAAA,IAAM,CAAA;AAC9C,QAAA,OAAO,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA,CAAE,KAAK,MAAM,CAAA;AAAA,MACpC,CAAC,CAAA,CACA,KAAA,CAAM,CAAA,KAAA,KAAS;AACd,QAAA,UAAA,CAAW,IAAA,CAAK,EAAE,KAAA,EAAO,CAAA;AACzB,QAAA,IAAA,CAAK,KAAK,CAAA;AAAA,MACZ,CAAC,CAAA;AAAA,IACL;AAAA,GACF;AAGA,EAAA,SAAA,CAAU,cAAA,CAAe,QAAA;AAAA,IACvB,mBAAA;AAAA,IACA,OAAO,CAAA,EAAG,GAAA,EAAsB,GAAA,EAAuB,IAAA,KAAS;AAC9D,MAAA,MAAM,UAAA,GAAa,CAAA,CAAE,OAAA,CAAQ,MAAA,CAAO,UAAA;AACpC,MAAA,MAAM,UAAA,GAAa,CAAA,CAAE,OAAA,CAAQ,MAAA,CAAO,UAAA;AACpC,MAAA,MAAM,QAAQ,GAAA,CAAI,OAAA,CAAQ,eAAe,KAAA,CAAM,GAAG,EAAE,CAAC,CAAA;AACrD,MAAA,MAAM,8BAA8B,GAAA,CAAI,IAAA;AAExC,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,WAAA,CAAY;AAAA,QAC3C,OAAA,EAAS,oBAAA;AAAA,QACT,OAAA,EAAS,GAAA;AAAA,QACT,IAAA,EAAM;AAAA,UACJ,UAAA;AAAA,UACA;AAAA;AACF,OACD,CAAA;AAED,MAAA,MAAM,WAAW,MAAM,SAAA;AAAA,QACrB,GAAA;AAAA,QACA;AAAA,UACEqB,mEAAA;AAAA,UACAC,4EAA0C,UAAU;AAAA,SACtD;AAAA,QACA,WAAA;AAAA,QACA;AAAA,OACF;AACA,MAAA,IAAI,QAAA,CAAS,MAAA,KAAWtB,sCAAA,CAAgB,IAAA,EAAM;AAC5C,QAAA,uBAAA,CAAwB,UAAU,CAAA;AAAA,MACpC;AAEA,MAAA,MAAM,UAAU,EAAA,CACb,iBAAA;AAAA,QACC,UAAA;AAAA,QACA,UAAA;AAAA,QACA,2BAAA;AAAA,QACA;AAAA,OACF,CACC,KAAK,CAAA,MAAA,KAAU;AACd,QAAA,UAAA,CAAW,OAAA,EAAQ;AACnB,QAAA,OAAO,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA,CAAE,KAAK,MAAM,CAAA;AAAA,MACpC,CAAC,CAAA,CACA,KAAA,CAAM,CAAA,KAAA,KAAS;AACd,QAAA,UAAA,CAAW,IAAA,CAAK,EAAE,KAAA,EAAO,CAAA;AACzB,QAAA,IAAA,CAAK,KAAK,CAAA;AAAA,MACZ,CAAC,CAAA;AAAA,IACL;AAAA,GACF;AAGA,EAAA,SAAA,CAAU,cAAA,CAAe,QAAA;AAAA,IACvB,yBAAA;AAAA,IACA,OAAO,CAAA,EAAG,GAAA,EAAsB,GAAA,EAAuB,IAAA,KAAS;AAC9D,MAAA,MAAM,UAAA,GAAa,CAAA,CAAE,OAAA,CAAQ,MAAA,CAAO,UAAA;AAEpC,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,WAAA,CAAY;AAAA,QAC3C,OAAA,EAAS,uBAAA;AAAA,QACT,OAAA,EAAS,GAAA;AAAA,QACT,IAAA,EAAM;AAAA,UACJ,UAAA,EAAY,OAAA;AAAA,UACZ;AAAA;AACF,OACD,CAAA;AAED,MAAA,MAAM,WAAW,MAAM,SAAA;AAAA,QACrB,GAAA;AAAA,QACA;AAAA,UACEE,gEAAA;AAAA,UACAC,yEAAuC,UAAU;AAAA,SACnD;AAAA,QACA,WAAA;AAAA,QACA;AAAA,OACF;AACA,MAAA,IAAI,QAAA,CAAS,MAAA,KAAWH,sCAAA,CAAgB,IAAA,EAAM;AAC5C,QAAA,uBAAA,CAAwB,UAAU,CAAA;AAAA,MACpC;AAEA,MAAA,OAAO,UAAU,EAAA,CACd,uBAAA,CAAwB,UAAU,CAAA,CAClC,KAAK,CAAA,MAAA,KAAU;AACd,QAAA,UAAA,CAAW,OAAA,CAAQ;AAAA,UACjB,IAAA,EAAM;AAAA,YACJ,YAAY,MAAA,CAAO;AAAA;AACrB,SACD,CAAA;AACD,QAAA,OAAO,GAAA,CAAI,KAAK,MAAM,CAAA;AAAA,MACxB,CAAC,CAAA,CACA,KAAA,CAAM,CAAA,KAAA,KAAS;AACd,QAAA,UAAA,CAAW,IAAA,CAAK,EAAE,KAAA,EAAO,CAAA;AACzB,QAAA,IAAA,CAAK,KAAK,CAAA;AAAA,MACZ,CAAC,CAAA;AAAA,IACL;AAAA,GACF;AAGA,EAAA,SAAA,CAAU,cAAA,CAAe,QAAA;AAAA,IACvB,qBAAA;AAAA,IACA,OAAO,EAAA,EAAI,OAAA,EAA0B,GAAA,EAAuB,IAAA,KAAS;AACnE,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,WAAA,CAAY;AAAA,QAC3C,OAAA,EAAS,uBAAA;AAAA,QACT;AAAA,OACD,CAAA;AAID,MAAA,OAAO,SAAA,CAAU,EAAA,CACd,mBAAA,EAAoB,CACpB,KAAK,CAAA,MAAA,KAAU;AACd,QAAA,UAAA,CAAW,OAAA,EAAQ;AACnB,QAAA,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA,CAAE,IAAA,CAAK,MAAM,CAAA;AAAA,MAC7B,CAAC,CAAA,CACA,KAAA,CAAM,CAAA,KAAA,KAAS;AACd,QAAA,UAAA,CAAW,IAAA,CAAK,EAAE,KAAA,EAAO,CAAA;AACzB,QAAA,IAAA,CAAK,KAAK,CAAA;AAAA,MACZ,CAAC,CAAA;AAAA,IACL;AAAA,GACF;AAGA,EAAA,SAAA,CAAU,cAAA,CAAe,QAAA;AAAA,IACvB,4BAAA;AAAA,IACA,OAAO,CAAA,EAAG,GAAA,EAAsB,GAAA,EAAuB,IAAA,KAAS;AAC9D,MAAA,MAAM,UAAA,GAAa,CAAA,CAAE,OAAA,CAAQ,MAAA,CAAO,UAAA;AACpC,MAAA,MAAM,UAAA,GAAa,CAAA,CAAE,OAAA,CAAQ,KAAA,CAAM,UAAA;AAEnC,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,WAAA,CAAY;AAAA,QAC3C,OAAA,EAAS,2BAAA;AAAA,QACT,OAAA,EAAS,GAAA;AAAA,QACT,IAAA,EAAM;AAAA,UACJ,UAAA,EAAY,OAAA;AAAA,UACZ,UAAA;AAAA,UACA;AAAA;AACF,OACD,CAAA;AAED,MAAA,IAAI;AACF,QAAA,MAAM,WAAW,MAAM,SAAA;AAAA,UACrB,GAAA;AAAA,UACA;AAAA,YACEE,gEAAA;AAAA,YACAC,yEAAuC,UAAU;AAAA,WACnD;AAAA,UACA,WAAA;AAAA,UACA;AAAA,SACF;AACA,QAAA,IAAI,QAAA,CAAS,MAAA,KAAWH,sCAAA,CAAgB,IAAA,EAAM;AAC5C,UAAA,uBAAA,CAAwB,UAAU,CAAA;AAAA,QACpC;AAEA,QAAA,MAAM,kBAAA,GACJ,MAAM,QAAA,CAAS,mBAAA,CAAoB,iBAAA,CAAkB;AAAA,UACnD,YAAA,EAAc;AAAA,SACf,CAAA;AAEH,QAAA,IAAI,CAAC,kBAAA,EAAoB;AACvB,UAAA,MAAM,IAAI,KAAA;AAAA,YACR,8CAA8C,UAAU,CAAA;AAAA,WAC1D;AAAA,QACF;AACA,QAAA,MAAM,aAAa,kBAAA,CAAmB,UAAA;AACtC,QAAA,IAAI,CAAC,UAAA,EAAY;AACf,UAAA,MAAM,IAAI,KAAA;AAAA,YACR,2CAA2C,UAAU,CAAA;AAAA,WACvD;AAAA,QACF;AAEA,QAAA,MAAM,UAAA,GACJ,MAAM,QAAA,CAAS,mBAAA,CAAoB,uBAAA,CAAwB;AAAA,UACzD,YAAA,EAAc;AAAA,SACf,CAAA;AAEH,QAAA,IAAI,CAAC,UAAA,EAAY;AACf,UAAA,MAAM,IAAI,KAAA;AAAA,YACR;AAAA,WACF;AAAA,QACF;AAEA,QAAA,IAAI,CAAC,WAAW,eAAA,EAAiB;AAC/B,UAAA,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA,CAAE,IAAA,CAAK,EAAE,CAAA;AACvB,UAAA;AAAA,QACF;AAEA,QAAA,MAAM,iBAAA,GAAoB,UAAA,GACtB,MAAM,QAAA,CAAS,oBAAoB,sBAAA,CAAuB;AAAA,UACxD;AAAA,SACD,CAAA,GACD,KAAA,CAAA;AAEJ,QAAA,MAAM,YAAA,GAAe,iBAAA,GACjB,QAAA,CAAS,sBAAA,CAAuB,mBAAA;AAAA,UAC9B;AAAA,SACF,GACA,KAAA,CAAA;AAEJ,QAAA,MAAM,YAAA,GAAe,MAAM,SAAA,CAAU,EAAA,CAAG,0BAAA;AAAA,UACtC,UAAA;AAAA,UACA;AAAA,SACF;AAEA,QAAA,IAAI,CAAC,YAAA,EAAc,WAAA,EAAa,UAAA,EAAY;AAC1C,UAAA,UAAA,CAAW,OAAA,CAAQ;AAAA,YACjB,IAAA,EAAM;AAAA,cACJ,OAAA,EAAS;AAAA;AACX,WACD,CAAA;AACD,UAAA,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA,CAAE,IAAA,CAAK,EAAE,CAAA;AACvB,UAAA;AAAA,QACF;AAEA,QAAA,MAAM,gBAAA,GAAmB,aAAa,WAAA,CAAY,UAAA;AAClD,QAAA,IAAI,SAAA;AAEJ,QAAA,IAAI,YAAA,EAAc;AAChB,UAAA,SAAA,GAAY,MAAA,CAAO,IAAA,CAAK,gBAAgB,CAAA,CACrC,MAAA,CAAO,CAAA,CAAA,KAAK,CAAA,IAAK,YAAY,CAAA,CAC7B,MAAA,CAAO,CAAC,MAAA,EAAQ,CAAA,KAAM;AACrB,YAAA,IAAI,YAAA,CAAa,CAAC,CAAA,KAAM,KAAA,CAAA,EAAW;AACjC,cAAA,OAAO,MAAA;AAAA,YACT;AACA,YAAA,MAAA,CAAO,CAAC,CAAA,GAAI,YAAA,CAAa,CAAC,CAAA;AAC1B,YAAA,OAAO,MAAA;AAAA,UACT,CAAA,EAAG,EAAgB,CAAA;AAAA,QACvB;AAEA,QAAA,UAAA,CAAW,OAAA,CAAQ;AAAA,UACjB,IAAA,EAAM;AAAA,YACJ,YAAY,YAAA,CAAa;AAAA;AAC3B,SACD,CAAA;AACD,QAAA,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA,CAAE,IAAA,CAAK;AAAA,UACnB,aAAa,YAAA,CAAa,WAAA;AAAA,UAC1B,IAAA,EAAM;AAAA,SACP,CAAA;AAAA,MACH,SAAS,KAAA,EAAO;AACd,QAAA,UAAA,CAAW,IAAA,CAAK,EAAE,KAAA,EAAO,CAAA;AACzB,QAAA,IAAA,CAAK,KAAK,CAAA;AAAA,MACZ;AAAA,IACF;AAAA,GACF;AAGA,EAAA,SAAA,CAAU,cAAA,CAAe,QAAA;AAAA,IACvB,sBAAA;AAAA,IACA,OAAO,CAAA,EAAG,GAAA,EAAsB,GAAA,EAAuB,IAAA,KAAS;AAC9D,MAAA,MAAM,UAAA,GAAa,CAAA,CAAE,OAAA,CAAQ,MAAA,CAAO,UAAA;AAEpC,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,WAAA,CAAY;AAAA,QAC3C,OAAA,EAAS,wBAAA;AAAA,QACT,OAAA,EAAS;AAAA,OACV,CAAA;AAED,MAAA,MAAM,WAAW,MAAM,SAAA;AAAA,QACrB,GAAA;AAAA,QACA;AAAA,UACEE,gEAAA;AAAA,UACAC,yEAAuC,UAAU;AAAA,SACnD;AAAA,QACA,WAAA;AAAA,QACA;AAAA,OACF;AACA,MAAA,IAAI,QAAA,CAAS,MAAA,KAAWH,sCAAA,CAAgB,IAAA,EAAM;AAC5C,QAAA,uBAAA,CAAwB,UAAU,CAAA;AAAA,MACpC;AAEA,MAAA,OAAO,SAAA,CAAU,GACd,YAAA,CAAaoB,0BAAA,CAAgB,GAAG,CAAA,EAAG,iBAAA,CAAkB,GAAG,CAAA,EAAG;AAAA,QAC1D;AAAA,OACD,CAAA,CACA,IAAA,CAAK,CAAA,MAAA,KAAU;AACd,QAAA,UAAA,CAAW,OAAA,EAAQ;AACnB,QAAA,GAAA,CAAI,KAAK,MAAM,CAAA;AAAA,MACjB,CAAC,CAAA,CACA,KAAA,CAAM,CAAA,KAAA,KAAS;AACd,QAAA,UAAA,CAAW,IAAA,CAAK,EAAE,KAAA,EAAO,CAAA;AACzB,QAAA,IAAA,CAAK,KAAK,CAAA;AAAA,MACZ,CAAC,CAAA;AAAA,IACL;AAAA,GACF;AAGA,EAAA,SAAA,CAAU,cAAA,CAAe,QAAA;AAAA,IACvB,yBAAA;AAAA,IACA,OAAO,CAAA,EAAG,GAAA,EAAsB,GAAA,EAAuB,IAAA,KAAS;AAC9D,MAAA,MAAM,UAAA,GAAa,CAAA,CAAE,OAAA,CAAQ,MAAA,CAAO,UAAA;AAEpC,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,WAAA,CAAY;AAAA,QAC3C,OAAA,EAAS,uBAAA;AAAA,QACT,OAAA,EAAS;AAAA,OACV,CAAA;AAED,MAAA,MAAM,WAAW,MAAM,SAAA;AAAA,QACrB,GAAA;AAAA,QACA;AAAA,UACElB,gEAAA;AAAA,UACAC,yEAAuC,UAAU;AAAA,SACnD;AAAA,QACA,WAAA;AAAA,QACA;AAAA,OACF;AACA,MAAA,IAAI,QAAA,CAAS,MAAA,KAAWH,sCAAA,CAAgB,IAAA,EAAM;AAC5C,QAAA,uBAAA,CAAwB,UAAU,CAAA;AAAA,MACpC;AAEA,MAAA,OAAO,UAAU,EAAA,CACd,mBAAA,CAAoB,UAAU,CAAA,CAC9B,KAAK,CAAA,MAAA,KAAU;AACd,QAAA,UAAA,CAAW,OAAA,EAAQ;AACnB,QAAA,GAAA,CAAI,KAAK,MAAM,CAAA;AAAA,MACjB,CAAC,CAAA,CACA,KAAA,CAAM,CAAA,KAAA,KAAS;AACd,QAAA,UAAA,CAAW,IAAA,CAAK,EAAE,KAAA,EAAO,CAAA;AACzB,QAAA,IAAA,CAAK,KAAK,CAAA;AAAA,MACZ,CAAC,CAAA;AAAA,IACL;AAAA,GACF;AAGA,EAAA,SAAA,CAAU,cAAA,CAAe,QAAA;AAAA,IACvB,cAAA;AAAA,IACA,OAAO,EAAA,EAAI,GAAA,EAAsB,GAAA,EAAuB,IAAA,KAAS;AAC/D,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,WAAA,CAAY;AAAA,QAC3C,OAAA,EAAS,eAAA;AAAA,QACT,OAAA,EAAS;AAAA,OACV,CAAA;AAED,MAAA,IAAI;AAEF,QAAA,MAAM,cAAA,GAAiB,SAAA,CAAU,EAAA,CAAG,cAAA,EAAe;AACnD,QAAA,MAAM,wBACJ,MAAM,2BAAA;AAAA,UACJ,GAAA;AAAA,UACA,WAAA;AAAA,UACA,QAAA;AAAA,UACA;AAAA,SACF;AAEF,QAAA,IAAI,CAAC,qBAAA,IAAyB,qBAAA,CAAsB,MAAA,KAAW,CAAA;AAC7D,UAAA,GAAA,CAAI,IAAA,CAAK,EAAE,CAAA;AAEb,QAAA,MAAM,WAAA,GAAc,MAAM,QAAA,CAAS,WAAA,CAAY,GAAG,CAAA;AAClD,QAAA,MAAM,eAAA,GAAA,CAAmB,MAAM,QAAA,CAAS,WAAA,CAAY,WAAW,CAAA,EAC5D,aAAA;AACH,QAAA,MAAM,oCAAA;AAAA;AAAA,UACJ,MAAM,8CAAA;AAAA,YACJ,GAAA;AAAA,YACA,WAAA;AAAA,YACA;AAAA;AACF,SAAA;AAEF,QAAA,MAAM,cAAA,GAAiB,kBAAkB,GAAG,CAAA;AAE5C,QAAA,IAAI,OAAA,GAAU,cAAA;AAEd,QAAA,IAAI,CAAC,oCAAA,EAAsC;AACzC,UAAA,MAAM,qBAAA,GAAqC;AAAA,YACzC,QAAA,EAAU,IAAA;AAAA,YACV,KAAA,EAAO,eAAA;AAAA,YACP,KAAA,EAAO;AAAA,WACT;AAEA,UAAA,MAAM,qBAAA,GAAsC;AAAA,YAC1C,KAAA,EAAO,WAAA;AAAA,YACP,MAAA,EAAQ;AAAA,WACV;AAEA,UAAA,IAAI,mBAAmB,KAAA,CAAA,EAAW;AAChC,YAAA,OAAA,GAAU,qBAAA;AAAA,UACZ,CAAA,MAAO;AAEL,YAAA,OAAA,GAAU;AAAA,cACR,QAAA,EAAU,KAAA;AAAA,cACV,OAAA,EAAS,CAAC,qBAAA,EAAuB,cAAc;AAAA,aACjD;AAAA,UACF;AAAA,QACF;AAEA,QAAA,MAAM,MAAA,GAAS,MAAM,SAAA,CAAU,EAAA,CAAG,YAAA;AAAA,UAChCoB,2BAAgB,GAAG,CAAA;AAAA,UACnB,OAAA;AAAA,UACA;AAAA,SACF;AAEA,QAAA,UAAA,CAAW,QAAQ,EAAE,IAAA,EAAM,EAAE,qBAAA,IAAyB,CAAA;AACtD,QAAA,GAAA,CAAI,KAAK,MAAM,CAAA;AAAA,MACjB,SAAS,KAAA,EAAO;AACd,QAAA,UAAA,CAAW,IAAA,CAAK,EAAE,KAAA,EAAO,CAAA;AACzB,QAAA,IAAA,CAAK,KAAK,CAAA;AAAA,MACZ;AAAA,IACF;AAAA,GACF;AAGA,EAAA,SAAA,CAAU,cAAA,CAAe,QAAA;AAAA,IACvB,iBAAA;AAAA,IACA,OAAO,CAAA,EAAG,OAAA,EAA0B,GAAA,EAAuB,IAAA,KAAS;AAClE,MAAA,MAAM,UAAA,GAAa,CAAA,CAAE,OAAA,CAAQ,MAAA,CAAO,UAAA;AAEpC,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,WAAA,CAAY;AAAA,QAC3C,OAAA,EAAS,cAAA;AAAA,QACT,OAAA;AAAA,QACA,IAAA,EAAM;AAAA,UACJ,UAAA,EAAY,OAAA;AAAA,UACZ;AAAA;AACF,OACD,CAAA;AAED,MAAA,IAAI;AACF,QAAA,MAAM,QAAA,GAAW,MAAM,SAAA,CAAU,EAAA,CAAG,gBAAgB,UAAU,CAAA;AAE9D,QAAA,MAAM,aAAa,QAAA,CAAS,SAAA;AAE5B,QAAA,MAAM,WAAW,MAAM,SAAA;AAAA,UACrB,OAAA;AAAA,UACA;AAAA,YACElB,gEAAA;AAAA,YACAC,yEAAuC,UAAU;AAAA,WACnD;AAAA,UACA,WAAA;AAAA,UACA;AAAA,SACF;AACA,QAAA,IAAI,QAAA,CAAS,MAAA,KAAWH,sCAAA,CAAgB,IAAA,EAAM;AAC5C,UAAA,uBAAA,CAAwB,UAAU,CAAA;AAAA,QACpC;AAEA,QAAA,MAAM,WAAA,GAAc,MAAM,QAAA,CAAS,WAAA,CAAY,OAAO,CAAA;AACtD,QAAA,MAAM,eAAA,GAAA,CAAmB,MAAM,QAAA,CAAS,WAAA,CAAY,WAAW,CAAA,EAC5D,aAAA;AAEH,QAAA,MAAM,uCACJ,MAAM,8CAAA;AAAA,UACJ,OAAA;AAAA,UACA,WAAA;AAAA,UACA;AAAA,SACF;AAGF,QAAA,IAAI,CAAC,oCAAA,EAAsC;AACzC,UAAA,MAAM,0BAA0B,QAAA,CAAS,eAAA;AAOzC,UAAA,IAAI,CAAC,uBAAA,EAAyB;AAC5B,YAAA,MAAM,IAAIuB,sBAAA;AAAA,cACR,CAAA,2BAAA,EAA8B,UAAU,CAAA,wCAAA,EACG,UAAU,CAAA,uOAAA;AAAA,aAIvD;AAAA,UACF;AAEA,UAAA,IAAI,4BAA4B,eAAA,EAAiB;AAC/C,YAAA,MAAM,IAAIA,sBAAA;AAAA,cACR,8BAA8B,UAAU,CAAA,sCAAA,EACC,uBAAuB,CAAA,gBAAA,EAAmB,eAAe,8DACtC,UAAU,CAAA,wIAAA;AAAA,aAGxE;AAAA,UACF;AAAA,QACF;AAEA,QAAA,UAAA,CAAW,OAAA,EAAQ;AACnB,QAAA,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA,CAAE,IAAA,CAAK,QAAQ,CAAA;AAAA,MAC/B,SAAS,KAAA,EAAO;AACd,QAAA,UAAA,CAAW,IAAA,CAAK,EAAE,KAAA,EAAO,CAAA;AACzB,QAAA,IAAA,CAAK,KAAK,CAAA;AAAA,MACZ;AAAA,IACF;AAAA,GACF;AAGA,EAAA,SAAA,CAAU,cAAA,CAAe,QAAA;AAAA,IACvB,oBAAA;AAAA,IACA,OAAO,CAAA,EAAG,OAAA,EAA0B,GAAA,EAAuB,IAAA,KAAS;AAClE,MAAA,MAAM,UAAA,GAAa,CAAA,CAAE,OAAA,CAAQ,MAAA,CAAO,UAAA;AAIpC,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,WAAA,CAAY;AAAA,QAC3C,OAAA,EAAS,sBAAA;AAAA,QACT,OAAA;AAAA,QACA,IAAA,EAAM;AAAA,UACJ,UAAA,EAAY,OAAA;AAAA,UACZ;AAAA;AACF,OACD,CAAA;AAED,MAAA,IAAI;AAEF,QAAA,IAAI,CAAC,QAAA,CAAS,mBAAA,CAAoB,cAAA,EAAe,EAAG;AAClD,UAAA,MAAM,IAAI,MAAM,CAAA,qBAAA,CAAuB,CAAA;AAAA,QACzC;AACA,QAAA,MAAM,QAAA,GAAW,MAAM,SAAA,CAAU,EAAA,CAAG,gBAAgB,UAAU,CAAA;AAC9D,QAAA,MAAM,aAAa,QAAA,CAAS,SAAA;AAE5B,QAAA,MAAM,WAAW,MAAM,SAAA;AAAA,UACrB,OAAA;AAAA,UACA;AAAA,YACErB,gEAAA;AAAA,YACAC,yEAAuC,UAAU;AAAA,WACnD;AAAA,UACA,WAAA;AAAA,UACA;AAAA,SACF;AACA,QAAA,IAAI,QAAA,CAAS,MAAA,KAAWH,sCAAA,CAAgB,IAAA,EAAM;AAC5C,UAAA,uBAAA,CAAwB,UAAU,CAAA;AAAA,QACpC;AAEA,QAAA,MAAM,WAAA,GAAc,MAAM,QAAA,CAAS,WAAA,CAAY,OAAO,CAAA;AACtD,QAAA,MAAM,eAAA,GAAA,CAAmB,MAAM,QAAA,CAAS,WAAA,CAAY,WAAW,CAAA,EAC5D,aAAA;AAEH,QAAA,MAAM,uCACJ,MAAM,8CAAA;AAAA,UACJ,OAAA;AAAA,UACA,WAAA;AAAA,UACA;AAAA,SACF;AAGF,QAAA,IAAI,CAAC,oCAAA,EAAsC;AACzC,UAAA,MAAM,0BAA0B,QAAA,CAAS,eAAA;AACzC,UAAA,IAAI,4BAA4B,eAAA,EAAiB;AAC/C,YAAA,MAAM,IAAI,KAAA;AAAA,cACR,mCAAmC,UAAU,CAAA,uBAAA;AAAA,aAC/C;AAAA,UACF;AAAA,QACF;AAEA,QAAA,MAAM,IAAA,GAAO,MAAM,SAAA,CAAU,EAAA,CAAG,0BAA0B,QAAQ,CAAA;AAElE,QAAA,UAAA,CAAW,OAAA,EAAQ;AACnB,QAAA,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA,CAAE,IAAA,CAAK,IAAI,CAAA;AAAA,MAC3B,SAAS,KAAA,EAAO;AACd,QAAA,UAAA,CAAW,IAAA,CAAK,EAAE,KAAA,EAAO,CAAA;AACzB,QAAA,IAAA,CAAK,KAAK,CAAA;AAAA,MACZ;AAAA,IACF;AAAA,GACF;AAGA,EAAA,SAAA,CAAU,cAAA,CAAe,QAAA;AAAA,IACvB,eAAA;AAAA,IACA,OAAO,CAAA,EAAG,OAAA,EAAS,GAAA,EAAK,IAAA,KAAS;AAC/B,MAAA,MAAM,UAAA,GAAa,CAAA,CAAE,OAAA,CAAQ,MAAA,CAAO,UAAA;AAEpC,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,WAAA,CAAY;AAAA,QAC3C,OAAA,EAAS,gBAAA;AAAA,QACT,OAAA;AAAA,QACA,IAAA,EAAM;AAAA,UACJ,UAAA,EAAY,OAAA;AAAA,UACZ;AAAA;AACF,OACD,CAAA;AAED,MAAA,IAAI;AACF,QAAA,MAAM,QAAA,GAAW,MAAM,SAAA,CAAU,EAAA,CAAG,gBAAgB,UAAU,CAAA;AAC9D,QAAA,MAAM,aAAa,QAAA,CAAS,SAAA;AAE5B,QAAA,MAAM,WAAW,MAAM,SAAA;AAAA,UACrB,OAAA;AAAA,UACA;AAAA,YACEqB,mEAAA;AAAA,YACAC,4EAA0C,UAAU;AAAA,WACtD;AAAA,UACA,WAAA;AAAA,UACA;AAAA,SACF;AACA,QAAA,IAAI,QAAA,CAAS,MAAA,KAAWtB,sCAAA,CAAgB,IAAA,EAAM;AAC5C,UAAA,uBAAA,CAAwB,UAAU,CAAA;AAAA,QACpC;AAEA,QAAA,MAAM,SAAS,MAAM,SAAA,CAAU,EAAA,CAAG,aAAA,CAAc,YAAY,UAAU,CAAA;AACtE,QAAA,UAAA,CAAW,QAAQ,EAAE,IAAA,EAAM,EAAE,MAAA,IAAU,CAAA;AACvC,QAAA,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA,CAAE,IAAA,CAAK,MAAM,CAAA;AAAA,MAC7B,SAAS,KAAA,EAAO;AACd,QAAA,UAAA,CAAW,IAAA,CAAK,EAAE,KAAA,EAAO,CAAA;AACzB,QAAA,IAAA,CAAK,KAAK,CAAA;AAAA,MACZ;AAAA,IACF;AAAA,GACF;AACF;AAEA,SAAS,kBAAkB,GAAA,EAAsC;AAC/D,EAAA,OAAO,GAAA,CAAI,IAAA,CAAK,OAAA,GAAW,GAAA,CAAI,KAAK,OAAA,GAAqB,MAAA;AAC3D;;;;"}
|
|
1
|
+
{"version":3,"file":"router.cjs.js","sources":["../../src/service/router.ts"],"sourcesContent":["/*\n * Copyright Red Hat, Inc.\n *\n * Licensed under the Apache License, Version 2.0 (the \"License\");\n * you may not use this file except in compliance with the License.\n * You may obtain a copy of the License at\n *\n * http://www.apache.org/licenses/LICENSE-2.0\n *\n * Unless required by applicable law or agreed to in writing, software\n * distributed under the License is distributed on an \"AS IS\" BASIS,\n * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n * See the License for the specific language governing permissions and\n * limitations under the License.\n */\n\nimport { MiddlewareFactory } from '@backstage/backend-defaults/rootHttpRouter';\nimport {\n AuditorService,\n AuditorServiceEvent,\n HttpAuthService,\n LoggerService,\n PermissionsService,\n SchedulerService,\n UserInfoService,\n} from '@backstage/backend-plugin-api';\nimport type { Config } from '@backstage/config';\nimport { NotAllowedError } from '@backstage/errors';\nimport {\n AuthorizePermissionRequest,\n AuthorizePermissionResponse,\n AuthorizeResult,\n BasicPermission,\n} from '@backstage/plugin-permission-common';\nimport { createPermissionIntegrationRouter } from '@backstage/plugin-permission-node';\nimport type { JsonObject } from '@backstage/types';\n\nimport { UnauthorizedError } from '@backstage-community/plugin-rbac-common';\nimport { fullFormats } from 'ajv-formats/dist/formats';\nimport express, { Router } from 'express';\nimport { Request as HttpRequest } from 'express-serve-static-core';\nimport { OpenAPIBackend, Request } from 'openapi-backend';\n\nimport {\n FieldFilter,\n Filter,\n NestedFilter,\n openApiDocument,\n orchestratorInstanceAdminViewPermission,\n orchestratorPermissions,\n orchestratorWorkflowPermission,\n orchestratorWorkflowSpecificPermission,\n orchestratorWorkflowUsePermission,\n orchestratorWorkflowUseSpecificPermission,\n WorkflowOverviewListResultDTO,\n} from '@red-hat-developer-hub/backstage-plugin-orchestrator-common';\n\nimport { WorkflowLogsProvidersRegistry } from '../providers/WorkflowLogsProvidersRegistry';\nimport { RouterOptions } from '../routerWrapper';\nimport { OrchestratorKafkaServiceOptions } from '../types/kafka';\nimport { buildPagination } from '../types/pagination';\nimport { V2 } from './api/v2';\nimport { DataIndexService } from './DataIndexService';\nimport { DataInputSchemaService } from './DataInputSchemaService';\nimport { OrchestratorService } from './OrchestratorService';\nimport { SonataFlowService } from './SonataFlowService';\nimport { WorkflowCacheService } from './WorkflowCacheService';\n\ninterface PublicServices {\n dataInputSchemaService: DataInputSchemaService;\n orchestratorService: OrchestratorService;\n}\n\ninterface RouterApi {\n openApiBackend: OpenAPIBackend;\n v2: V2;\n}\n\nconst authorize = async (\n request: HttpRequest,\n anyOfPermissions: BasicPermission[],\n permissionsSvc: PermissionsService,\n httpAuth: HttpAuthService,\n): Promise<AuthorizePermissionResponse> => {\n const credentials = await httpAuth.credentials(request);\n const decisionResponses: AuthorizePermissionResponse[][] = await Promise.all(\n anyOfPermissions.map(permission =>\n permissionsSvc.authorize([{ permission }], {\n credentials,\n }),\n ),\n );\n const decisions: AuthorizePermissionResponse[] = decisionResponses.map(\n d => d[0],\n );\n\n const allow = decisions.find(d => d.result === AuthorizeResult.ALLOW);\n return (\n allow || {\n result: AuthorizeResult.DENY,\n }\n );\n};\n\nconst isUserAuthorizedForInstanceAdminViewPermission = async (\n request: HttpRequest,\n permissionsSvc: PermissionsService,\n httpAuth: HttpAuthService,\n): Promise<boolean> => {\n const credentials = await httpAuth.credentials(request);\n const [decision] = await permissionsSvc.authorize(\n [{ permission: orchestratorInstanceAdminViewPermission }],\n { credentials },\n );\n\n return decision.result === AuthorizeResult.ALLOW;\n};\n\nconst filterAuthorizedWorkflowIds = async (\n request: HttpRequest,\n permissionsSvc: PermissionsService,\n httpAuth: HttpAuthService,\n workflowIds: string[],\n): Promise<string[]> => {\n const credentials = await httpAuth.credentials(request);\n const genericWorkflowPermissionDecision = await permissionsSvc.authorize(\n [{ permission: orchestratorWorkflowPermission }],\n {\n credentials,\n },\n );\n\n if (genericWorkflowPermissionDecision[0].result === AuthorizeResult.ALLOW) {\n // The user can see all workflows\n return workflowIds;\n }\n\n const specificWorkflowRequests: AuthorizePermissionRequest[] =\n workflowIds.map(workflowId => ({\n permission: orchestratorWorkflowSpecificPermission(workflowId),\n }));\n\n const decisions = await permissionsSvc.authorize(specificWorkflowRequests, {\n credentials,\n });\n\n return workflowIds.filter(\n (_, idx) => decisions[idx].result === AuthorizeResult.ALLOW,\n );\n};\n\nconst filterAuthorizedWorkflows = async (\n request: HttpRequest,\n permissionsSvc: PermissionsService,\n httpAuth: HttpAuthService,\n workflows: WorkflowOverviewListResultDTO,\n): Promise<WorkflowOverviewListResultDTO> => {\n if (!workflows.overviews) {\n return workflows;\n }\n\n const authorizedWorkflowIds = await filterAuthorizedWorkflowIds(\n request,\n permissionsSvc,\n httpAuth,\n workflows.overviews.map(w => w.workflowId),\n );\n\n const filtered = {\n ...workflows,\n overviews: workflows.overviews.filter(w =>\n authorizedWorkflowIds.includes(w.workflowId),\n ),\n };\n\n return filtered;\n};\n\nexport async function createBackendRouter(\n options: RouterOptions,\n): Promise<Router> {\n const {\n config,\n logger,\n auditor,\n scheduler,\n permissions,\n httpAuth,\n userInfo,\n workflowLogsProvidersRegistry,\n } = options;\n const publicServices = initPublicServices(\n logger,\n config,\n scheduler,\n workflowLogsProvidersRegistry,\n );\n\n const routerApi = await initRouterApi(publicServices.orchestratorService);\n\n const router = Router();\n const permissionsIntegrationRouter = createPermissionIntegrationRouter({\n permissions: orchestratorPermissions,\n });\n const contentLengthLimit = config.getOptionalString(\n 'orchestrator.contentLengthLimit',\n );\n /**\n * Set the content length limit for the requests.\n * Defaults to 102400 bytes (100kb)\n *\n * There is a possiblity that some workflows will have a very large payload, which could cause a 413 error.\n * Increasing this value will allow larger payloads to be processed.\n *\n */\n router.use(express.json({ limit: contentLengthLimit }));\n router.use(permissionsIntegrationRouter);\n router.use('/workflows', express.text());\n router.get('/health', (_, response) => {\n logger.info('PONG!');\n response.json({ status: 'ok' });\n });\n\n setupInternalRoutes(\n publicServices,\n routerApi,\n permissions,\n httpAuth,\n auditor,\n userInfo,\n );\n\n router.use((req, res, next) => {\n if (!next) {\n throw new Error('next is undefined');\n }\n\n return routerApi.openApiBackend\n .handleRequest(req as Request, req, res, next)\n .catch(error => {\n auditor\n .createEvent({\n eventId: 'generic-error-handler',\n request: req,\n // Keep at high since this is a fallback - any error should be caught in handlers\n severityLevel: 'high',\n meta: {},\n })\n .then(event => {\n event.fail({\n meta: {},\n error,\n });\n });\n\n next(error);\n });\n });\n\n const middleware = MiddlewareFactory.create({ logger, config });\n\n router.use(middleware.error({ logAllErrors: true })); // log also openapi errors\n\n return router;\n}\n\nfunction initPublicServices(\n logger: LoggerService,\n config: Config,\n scheduler: SchedulerService,\n workflowLogsProvidersRegistry: WorkflowLogsProvidersRegistry,\n): PublicServices {\n const dataIndexUrl = config.getString('orchestrator.dataIndexService.url');\n const orchestratorKafka: OrchestratorKafkaServiceOptions | undefined =\n config.getOptional('orchestrator.kafka');\n const dataIndexService = new DataIndexService(dataIndexUrl, logger);\n const sonataFlowService = new SonataFlowService(\n dataIndexService,\n logger,\n orchestratorKafka,\n );\n\n const workflowCacheService = new WorkflowCacheService(\n logger,\n dataIndexService,\n sonataFlowService,\n );\n workflowCacheService.schedule({ scheduler: scheduler });\n\n const isWorkflowLogProviderAdded = config.getOptional(\n 'orchestrator.workflowLogProvider',\n );\n let workflowLogProvider;\n if (isWorkflowLogProviderAdded) {\n workflowLogProvider = workflowLogsProvidersRegistry.getProvider('loki');\n }\n\n const orchestratorService = new OrchestratorService(\n sonataFlowService,\n dataIndexService,\n workflowCacheService,\n workflowLogProvider,\n );\n\n const dataInputSchemaService = new DataInputSchemaService();\n\n return {\n orchestratorService,\n dataInputSchemaService,\n };\n}\n\nasync function initRouterApi(\n orchestratorService: OrchestratorService,\n): Promise<RouterApi> {\n const openApiBackend = new OpenAPIBackend({\n definition: openApiDocument,\n strict: false,\n ajvOpts: {\n strict: false,\n strictSchema: false,\n verbose: true,\n addUsedSchema: false,\n formats: fullFormats, // open issue: https://github.com/openapistack/openapi-backend/issues/280\n },\n handlers: {\n validationFail: async (\n c,\n _req: express.Request,\n res: express.Response,\n ) => {\n console.log('OPENAPI validationFail', c.operation);\n res.status(400).json({ err: c.validation.errors });\n },\n notFound: async (_c, req: express.Request, res: express.Response) => {\n res.status(404).json({ err: `${req.path} path not found` });\n },\n notImplemented: async (_c, req: express.Request, res: express.Response) =>\n res.status(500).json({ err: `${req.path} not implemented` }),\n },\n });\n await openApiBackend.init();\n const v2 = new V2(orchestratorService);\n return { v2, openApiBackend };\n}\n\n// ======================================================\n// Internal Backstage API calls to delegate to SonataFlow\n// ======================================================\nfunction setupInternalRoutes(\n services: PublicServices,\n routerApi: RouterApi,\n permissions: PermissionsService,\n httpAuth: HttpAuthService,\n auditor: AuditorService,\n userInfo: UserInfoService,\n) {\n function manageDenyAuthorization(auditEvent: AuditorServiceEvent) {\n const error = new UnauthorizedError();\n auditEvent.fail({\n meta: {\n message: 'Not authorized to request the endpoint',\n },\n error: new UnauthorizedError(),\n });\n\n throw error;\n }\n // v2\n routerApi.openApiBackend.register(\n 'getWorkflowsOverviewForEntity',\n async (_c, req, res: express.Response, next) => {\n const auditEvent = await auditor.createEvent({\n eventId: 'get-workflow-overview-entity',\n request: req,\n });\n const targetEntity = req.body.targetEntity as string;\n const annotationWorkflowIds = req.body.annotationWorkflowIds as string[];\n try {\n const result = await routerApi.v2.getWorkflowsOverviewForEntity(\n targetEntity,\n annotationWorkflowIds,\n );\n\n const workflows = await filterAuthorizedWorkflows(\n req,\n permissions,\n httpAuth,\n result,\n );\n auditEvent.success({\n meta: {\n workflowsCount: workflows.overviews?.length,\n },\n });\n res.json(workflows);\n } catch (error) {\n auditEvent.fail({ error });\n next(error);\n }\n },\n );\n\n // v2\n routerApi.openApiBackend.register(\n 'getWorkflowsOverview',\n async (_c, req, res: express.Response, next) => {\n const auditEvent = await auditor.createEvent({\n eventId: 'get-workflow-overview',\n request: req,\n });\n\n try {\n const result = await routerApi.v2.getWorkflowsOverview(\n buildPagination(req),\n getRequestFilters(req),\n );\n\n const workflows = await filterAuthorizedWorkflows(\n req,\n permissions,\n httpAuth,\n result,\n );\n auditEvent.success({\n meta: {\n workflowsCount: workflows.overviews?.length,\n },\n });\n res.json(workflows);\n } catch (error) {\n auditEvent.fail({ error });\n next(error);\n }\n },\n );\n\n // v2\n routerApi.openApiBackend.register(\n 'getWorkflowSourceById',\n async (c, req, res, next) => {\n const workflowId = c.request.params.workflowId as string;\n\n const auditEvent = await auditor.createEvent({\n eventId: 'get-workflow-source',\n request: req,\n meta: {\n actionType: 'by-id',\n workflowId,\n },\n });\n\n const decision = await authorize(\n req,\n [\n orchestratorWorkflowPermission,\n orchestratorWorkflowSpecificPermission(workflowId),\n ],\n permissions,\n httpAuth,\n );\n if (decision.result === AuthorizeResult.DENY) {\n manageDenyAuthorization(auditEvent);\n }\n\n try {\n const result = await routerApi.v2.getWorkflowSourceById(workflowId);\n auditEvent.success();\n res.status(200).contentType('text/plain').send(result);\n } catch (error) {\n auditEvent.fail({ error });\n next(error);\n }\n },\n );\n\n // v2\n routerApi.openApiBackend.register(\n 'executeWorkflow',\n async (c, req: express.Request, res: express.Response, next) => {\n const workflowId = c.request.params.workflowId as string;\n const credentials = await httpAuth.credentials(req);\n const token = req.headers.authorization?.split(' ')[1];\n const initiatorEntity = await (\n await userInfo.getUserInfo(credentials)\n ).userEntityRef;\n\n const auditEvent = await auditor.createEvent({\n eventId: 'execute-workflow',\n request: req,\n meta: {\n workflowId,\n },\n });\n\n const decision = await authorize(\n req,\n [\n orchestratorWorkflowUsePermission,\n orchestratorWorkflowUseSpecificPermission(workflowId),\n ],\n permissions,\n httpAuth,\n );\n if (decision.result === AuthorizeResult.DENY) {\n manageDenyAuthorization(auditEvent);\n }\n\n const executeWorkflowRequestDTO = req.body;\n\n return routerApi.v2\n .executeWorkflow(\n executeWorkflowRequestDTO,\n workflowId,\n initiatorEntity,\n token,\n )\n .then(result => {\n auditEvent.success({ meta: { id: result.id } });\n return res.status(200).json(result);\n })\n .catch(error => {\n auditEvent.fail({ error });\n next(error);\n });\n },\n );\n\n // v2\n routerApi.openApiBackend.register(\n 'retriggerInstance',\n async (c, req: express.Request, res: express.Response, next) => {\n const workflowId = c.request.params.workflowId as string;\n const instanceId = c.request.params.instanceId as string;\n const token = req.headers.authorization?.split(' ')[1];\n const retriggerInstanceRequestDTO = req.body;\n\n const auditEvent = await auditor.createEvent({\n eventId: 'retrigger-instance',\n request: req,\n meta: {\n workflowId,\n instanceId,\n },\n });\n\n const decision = await authorize(\n req,\n [\n orchestratorWorkflowUsePermission,\n orchestratorWorkflowUseSpecificPermission(workflowId),\n ],\n permissions,\n httpAuth,\n );\n if (decision.result === AuthorizeResult.DENY) {\n manageDenyAuthorization(auditEvent);\n }\n\n await routerApi.v2\n .retriggerInstance(\n workflowId,\n instanceId,\n retriggerInstanceRequestDTO,\n token,\n )\n .then(result => {\n auditEvent.success();\n return res.status(200).json(result);\n })\n .catch(error => {\n auditEvent.fail({ error });\n next(error);\n });\n },\n );\n\n // v2\n routerApi.openApiBackend.register(\n 'getWorkflowOverviewById',\n async (c, req: express.Request, res: express.Response, next) => {\n const workflowId = c.request.params.workflowId as string;\n\n const auditEvent = await auditor.createEvent({\n eventId: 'get-workflow-overview',\n request: req,\n meta: {\n actionType: 'by-id',\n workflowId,\n },\n });\n\n const decision = await authorize(\n req,\n [\n orchestratorWorkflowPermission,\n orchestratorWorkflowSpecificPermission(workflowId),\n ],\n permissions,\n httpAuth,\n );\n if (decision.result === AuthorizeResult.DENY) {\n manageDenyAuthorization(auditEvent);\n }\n\n return routerApi.v2\n .getWorkflowOverviewById(workflowId)\n .then(result => {\n auditEvent.success({\n meta: {\n workflowId: result.workflowId,\n },\n });\n return res.json(result);\n })\n .catch(error => {\n auditEvent.fail({ error });\n next(error);\n });\n },\n );\n\n // v2\n routerApi.openApiBackend.register(\n 'getWorkflowStatuses',\n async (_c, request: express.Request, res: express.Response, next) => {\n const auditEvent = await auditor.createEvent({\n eventId: 'get-workflow-statuses',\n request,\n });\n\n // Anyone is authorized to call this endpoint\n\n return routerApi.v2\n .getWorkflowStatuses()\n .then(result => {\n auditEvent.success();\n res.status(200).json(result);\n })\n .catch(error => {\n auditEvent.fail({ error });\n next(error);\n });\n },\n );\n\n // v2\n routerApi.openApiBackend.register(\n 'getWorkflowInputSchemaById',\n async (c, req: express.Request, res: express.Response, next) => {\n const workflowId = c.request.params.workflowId as string;\n const instanceId = c.request.query.instanceId as string;\n\n const auditEvent = await auditor.createEvent({\n eventId: 'get-workflow-input-schema',\n request: req,\n meta: {\n actionType: 'by-id',\n workflowId,\n instanceId,\n },\n });\n\n try {\n const decision = await authorize(\n req,\n [\n orchestratorWorkflowPermission,\n orchestratorWorkflowSpecificPermission(workflowId),\n ],\n permissions,\n httpAuth,\n );\n if (decision.result === AuthorizeResult.DENY) {\n manageDenyAuthorization(auditEvent);\n }\n\n const workflowDefinition =\n await services.orchestratorService.fetchWorkflowInfo({\n definitionId: workflowId,\n });\n\n if (!workflowDefinition) {\n throw new Error(\n `Failed to fetch workflow info for workflow ${workflowId}`,\n );\n }\n const serviceUrl = workflowDefinition.serviceUrl;\n if (!serviceUrl) {\n throw new Error(\n `Service URL is not defined for workflow ${workflowId}`,\n );\n }\n\n const definition =\n await services.orchestratorService.fetchWorkflowDefinition({\n definitionId: workflowId,\n });\n\n if (!definition) {\n throw new Error(\n 'Failed to fetch workflow definition for workflow ${workflowId}',\n );\n }\n\n if (!definition.dataInputSchema) {\n res.status(200).json({});\n return;\n }\n\n const instanceVariables = instanceId\n ? await services.orchestratorService.fetchInstanceVariables({\n instanceId,\n })\n : undefined;\n\n const workflowData = instanceVariables\n ? services.dataInputSchemaService.extractWorkflowData(\n instanceVariables,\n )\n : undefined;\n\n const workflowInfo = await routerApi.v2.getWorkflowInputSchemaById(\n workflowId,\n serviceUrl,\n );\n\n if (!workflowInfo?.inputSchema?.properties) {\n auditEvent.success({\n meta: {\n message: 'Successfully found nothing.',\n },\n });\n res.status(200).json({});\n return;\n }\n\n const inputSchemaProps = workflowInfo.inputSchema.properties;\n let inputData;\n\n if (workflowData) {\n inputData = Object.keys(inputSchemaProps)\n .filter(k => k in workflowData)\n .reduce((result, k) => {\n if (workflowData[k] === undefined) {\n return result;\n }\n result[k] = workflowData[k];\n return result;\n }, {} as JsonObject);\n }\n\n auditEvent.success({\n meta: {\n workflowId: workflowInfo.id,\n },\n });\n res.status(200).json({\n inputSchema: workflowInfo.inputSchema,\n data: inputData,\n });\n } catch (error) {\n auditEvent.fail({ error });\n next(error);\n }\n },\n );\n\n // v2\n routerApi.openApiBackend.register(\n 'getWorkflowInstances',\n async (c, req: express.Request, res: express.Response, next) => {\n const workflowId = c.request.params.workflowId as string;\n\n const auditEvent = await auditor.createEvent({\n eventId: 'get-workflow-instances',\n request: req,\n });\n\n const decision = await authorize(\n req,\n [\n orchestratorWorkflowPermission,\n orchestratorWorkflowSpecificPermission(workflowId),\n ],\n permissions,\n httpAuth,\n );\n if (decision.result === AuthorizeResult.DENY) {\n manageDenyAuthorization(auditEvent);\n }\n\n return routerApi.v2\n .getInstances(buildPagination(req), getRequestFilters(req), [\n workflowId,\n ])\n .then(result => {\n auditEvent.success();\n res.json(result);\n })\n .catch(error => {\n auditEvent.fail({ error });\n next(error);\n });\n },\n );\n\n // v2\n routerApi.openApiBackend.register(\n 'pingWorkflowServiceById',\n async (c, req: express.Request, res: express.Response, next) => {\n const workflowId = c.request.params.workflowId as string;\n\n const auditEvent = await auditor.createEvent({\n eventId: 'ping-workflow-service',\n request: req,\n });\n\n const decision = await authorize(\n req,\n [\n orchestratorWorkflowPermission,\n orchestratorWorkflowSpecificPermission(workflowId),\n ],\n permissions,\n httpAuth,\n );\n if (decision.result === AuthorizeResult.DENY) {\n manageDenyAuthorization(auditEvent);\n }\n\n return routerApi.v2\n .pingWorkflowService(workflowId)\n .then(result => {\n auditEvent.success();\n res.json(result);\n })\n .catch(error => {\n auditEvent.fail({ error });\n next(error);\n });\n },\n );\n\n // v2\n routerApi.openApiBackend.register(\n 'getInstances',\n async (_c, req: express.Request, res: express.Response, next) => {\n const auditEvent = await auditor.createEvent({\n eventId: 'get-instances',\n request: req,\n });\n\n try {\n // Once we assign user to the instance in the future, we can rework this filtering\n const allWorkflowIds = routerApi.v2.getWorkflowIds();\n const authorizedWorkflowIds: string[] =\n await filterAuthorizedWorkflowIds(\n req,\n permissions,\n httpAuth,\n allWorkflowIds,\n );\n\n if (!authorizedWorkflowIds || authorizedWorkflowIds.length === 0)\n res.json([]);\n\n const credentials = await httpAuth.credentials(req);\n const initiatorEntity = (await userInfo.getUserInfo(credentials))\n .userEntityRef;\n const isUserAuthorizedForInstanceAdminView: boolean = // This permission will let user see ALL instances (including ones others created)\n await isUserAuthorizedForInstanceAdminViewPermission(\n req,\n permissions,\n httpAuth,\n );\n\n const requestFilters = getRequestFilters(req);\n\n let filters = requestFilters;\n\n if (!isUserAuthorizedForInstanceAdminView) {\n const initiatorEntityFilter: FieldFilter = {\n operator: 'EQ',\n value: initiatorEntity,\n field: 'initiatorEntity',\n };\n\n const nestedVariablesFilter: NestedFilter = {\n field: 'variables',\n nested: initiatorEntityFilter,\n };\n\n if (requestFilters === undefined) {\n filters = nestedVariablesFilter;\n } else {\n // combine filters\n filters = {\n operator: 'AND',\n filters: [nestedVariablesFilter, requestFilters],\n };\n }\n }\n\n const result = await routerApi.v2.getInstances(\n buildPagination(req),\n filters,\n authorizedWorkflowIds,\n );\n\n auditEvent.success({ meta: { authorizedWorkflowIds } });\n res.json(result);\n } catch (error) {\n auditEvent.fail({ error });\n next(error);\n }\n },\n );\n\n // v2\n routerApi.openApiBackend.register(\n 'getInstanceById',\n async (c, request: express.Request, res: express.Response, next) => {\n const instanceId = c.request.params.instanceId as string;\n\n const auditEvent = await auditor.createEvent({\n eventId: 'get-instance',\n request,\n meta: {\n actionType: 'by-id',\n instanceId,\n },\n });\n\n try {\n const instance = await routerApi.v2.getInstanceById(instanceId);\n\n const workflowId = instance.processId;\n\n const decision = await authorize(\n request,\n [\n orchestratorWorkflowPermission,\n orchestratorWorkflowSpecificPermission(workflowId),\n ],\n permissions,\n httpAuth,\n );\n if (decision.result === AuthorizeResult.DENY) {\n manageDenyAuthorization(auditEvent);\n }\n\n const credentials = await httpAuth.credentials(request);\n const initiatorEntity = (await userInfo.getUserInfo(credentials))\n .userEntityRef;\n // Check if user is authorized to view all instances\n const isUserAuthorizedForInstanceAdminView =\n await isUserAuthorizedForInstanceAdminViewPermission(\n request,\n permissions,\n httpAuth,\n );\n\n // If not an admin, enforce initiatorEntity check\n if (!isUserAuthorizedForInstanceAdminView) {\n const instanceInitiatorEntity = instance.initiatorEntity;\n\n // If the instance has no initiatorEntity recorded, we cannot determine ownership.\n // This can happen for:\n // 1. Workflow instances created before the initiatorEntity feature was added\n // 2. Workflow instances started externally (not through Backstage)\n // 3. Workflows that transform/overwrite their input variables\n if (!instanceInitiatorEntity) {\n throw new NotAllowedError(\n `Access denied for instance ${instanceId}. ` +\n `You have permission to view workflow '${workflowId}', but this workflow run ` +\n `does not have ownership information recorded. Since we cannot verify you ` +\n `initiated this run, the 'orchestrator.instanceAdminView' permission is required. ` +\n `Contact your administrator to grant this permission.`,\n );\n }\n\n if (instanceInitiatorEntity !== initiatorEntity) {\n throw new NotAllowedError(\n `Access denied for instance ${instanceId}. ` +\n `This workflow run was initiated by '${instanceInitiatorEntity}', not by you ('${initiatorEntity}'). ` +\n `With 'orchestrator.workflow' or 'orchestrator.workflow.${workflowId}' permissions, ` +\n `you can only view instances you created. To view all instances, you need the ` +\n `'orchestrator.instanceAdminView' permission.`,\n );\n }\n }\n\n auditEvent.success();\n res.status(200).json(instance);\n } catch (error) {\n auditEvent.fail({ error });\n next(error);\n }\n },\n );\n\n // v2\n routerApi.openApiBackend.register(\n 'getWorkflowLogById',\n async (c, request: express.Request, res: express.Response, next) => {\n const instanceId = c.request.params.instanceId as string;\n // will probably have to get the raw log at some point\n // const rawLog = c.request.query.instanceId as Boolean;\n\n const auditEvent = await auditor.createEvent({\n eventId: 'get-logs-by-instance',\n request,\n meta: {\n actionType: 'by-id',\n instanceId,\n },\n });\n\n try {\n // Check that a log provider has been setup\n if (!services.orchestratorService.hasLogProvider()) {\n throw new Error(`No log provider setup`);\n }\n const instance = await routerApi.v2.getInstanceById(instanceId);\n const workflowId = instance.processId;\n\n const decision = await authorize(\n request,\n [\n orchestratorWorkflowPermission,\n orchestratorWorkflowSpecificPermission(workflowId),\n ],\n permissions,\n httpAuth,\n );\n if (decision.result === AuthorizeResult.DENY) {\n manageDenyAuthorization(auditEvent);\n }\n\n const credentials = await httpAuth.credentials(request);\n const initiatorEntity = (await userInfo.getUserInfo(credentials))\n .userEntityRef;\n // Check if user is authorized to view all instances\n const isUserAuthorizedForInstanceAdminView =\n await isUserAuthorizedForInstanceAdminViewPermission(\n request,\n permissions,\n httpAuth,\n );\n\n // If not an admin, enforce initiatorEntity check\n if (!isUserAuthorizedForInstanceAdminView) {\n const instanceInitiatorEntity = instance.initiatorEntity;\n if (instanceInitiatorEntity !== initiatorEntity) {\n throw new Error(\n `Unauthorized to access instance ${instanceId} not initiated by user.`,\n );\n }\n }\n\n const logs = await routerApi.v2.getInstanceLogsByInstance(instance);\n\n auditEvent.success();\n res.status(200).json(logs);\n } catch (error) {\n auditEvent.fail({ error });\n next(error);\n }\n },\n );\n\n // v2\n routerApi.openApiBackend.register(\n 'abortWorkflow',\n async (c, request, res, next) => {\n const instanceId = c.request.params.instanceId as string;\n\n const auditEvent = await auditor.createEvent({\n eventId: 'abort-workflow',\n request,\n meta: {\n actionType: 'by-id',\n instanceId,\n },\n });\n\n try {\n const instance = await routerApi.v2.getInstanceById(instanceId);\n const workflowId = instance.processId;\n\n const decision = await authorize(\n request,\n [\n orchestratorWorkflowUsePermission,\n orchestratorWorkflowUseSpecificPermission(workflowId),\n ],\n permissions,\n httpAuth,\n );\n if (decision.result === AuthorizeResult.DENY) {\n manageDenyAuthorization(auditEvent);\n }\n\n const result = await routerApi.v2.abortWorkflow(workflowId, instanceId);\n auditEvent.success({ meta: { result } });\n res.status(200).json(result);\n } catch (error) {\n auditEvent.fail({ error });\n next(error);\n }\n },\n );\n}\n\nfunction getRequestFilters(req: HttpRequest): Filter | undefined {\n return req.body.filters ? (req.body.filters as Filter) : undefined;\n}\n"],"names":["AuthorizeResult","orchestratorInstanceAdminViewPermission","orchestratorWorkflowPermission","orchestratorWorkflowSpecificPermission","Router","createPermissionIntegrationRouter","orchestratorPermissions","express","MiddlewareFactory","DataIndexService","SonataFlowService","WorkflowCacheService","OrchestratorService","DataInputSchemaService","OpenAPIBackend","openApiDocument","fullFormats","v2","V2","UnauthorizedError","buildPagination","orchestratorWorkflowUsePermission","orchestratorWorkflowUseSpecificPermission","NotAllowedError"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;AA8EA,MAAM,SAAA,GAAY,OAChB,OAAA,EACA,gBAAA,EACA,gBACA,QAAA,KACyC;AACzC,EAAA,MAAM,WAAA,GAAc,MAAM,QAAA,CAAS,WAAA,CAAY,OAAO,CAAA;AACtD,EAAA,MAAM,iBAAA,GAAqD,MAAM,OAAA,CAAQ,GAAA;AAAA,IACvE,gBAAA,CAAiB,GAAA;AAAA,MAAI,gBACnB,cAAA,CAAe,SAAA,CAAU,CAAC,EAAE,UAAA,EAAY,CAAA,EAAG;AAAA,QACzC;AAAA,OACD;AAAA;AACH,GACF;AACA,EAAA,MAAM,YAA2C,iBAAA,CAAkB,GAAA;AAAA,IACjE,CAAA,CAAA,KAAK,EAAE,CAAC;AAAA,GACV;AAEA,EAAA,MAAM,QAAQ,SAAA,CAAU,IAAA,CAAK,OAAK,CAAA,CAAE,MAAA,KAAWA,uCAAgB,KAAK,CAAA;AACpE,EAAA,OACE,KAAA,IAAS;AAAA,IACP,QAAQA,sCAAA,CAAgB;AAAA,GAC1B;AAEJ,CAAA;AAEA,MAAM,8CAAA,GAAiD,OACrD,OAAA,EACA,cAAA,EACA,QAAA,KACqB;AACrB,EAAA,MAAM,WAAA,GAAc,MAAM,QAAA,CAAS,WAAA,CAAY,OAAO,CAAA;AACtD,EAAA,MAAM,CAAC,QAAQ,CAAA,GAAI,MAAM,cAAA,CAAe,SAAA;AAAA,IACtC,CAAC,EAAE,UAAA,EAAYC,yEAAA,EAAyC,CAAA;AAAA,IACxD,EAAE,WAAA;AAAY,GAChB;AAEA,EAAA,OAAO,QAAA,CAAS,WAAWD,sCAAA,CAAgB,KAAA;AAC7C,CAAA;AAEA,MAAM,2BAAA,GAA8B,OAClC,OAAA,EACA,cAAA,EACA,UACA,WAAA,KACsB;AACtB,EAAA,MAAM,WAAA,GAAc,MAAM,QAAA,CAAS,WAAA,CAAY,OAAO,CAAA;AACtD,EAAA,MAAM,iCAAA,GAAoC,MAAM,cAAA,CAAe,SAAA;AAAA,IAC7D,CAAC,EAAE,UAAA,EAAYE,gEAAA,EAAgC,CAAA;AAAA,IAC/C;AAAA,MACE;AAAA;AACF,GACF;AAEA,EAAA,IAAI,iCAAA,CAAkC,CAAC,CAAA,CAAE,MAAA,KAAWF,uCAAgB,KAAA,EAAO;AAEzE,IAAA,OAAO,WAAA;AAAA,EACT;AAEA,EAAA,MAAM,wBAAA,GACJ,WAAA,CAAY,GAAA,CAAI,CAAA,UAAA,MAAe;AAAA,IAC7B,UAAA,EAAYG,yEAAuC,UAAU;AAAA,GAC/D,CAAE,CAAA;AAEJ,EAAA,MAAM,SAAA,GAAY,MAAM,cAAA,CAAe,SAAA,CAAU,wBAAA,EAA0B;AAAA,IACzE;AAAA,GACD,CAAA;AAED,EAAA,OAAO,WAAA,CAAY,MAAA;AAAA,IACjB,CAAC,CAAA,EAAG,GAAA,KAAQ,UAAU,GAAG,CAAA,CAAE,WAAWH,sCAAA,CAAgB;AAAA,GACxD;AACF,CAAA;AAEA,MAAM,yBAAA,GAA4B,OAChC,OAAA,EACA,cAAA,EACA,UACA,SAAA,KAC2C;AAC3C,EAAA,IAAI,CAAC,UAAU,SAAA,EAAW;AACxB,IAAA,OAAO,SAAA;AAAA,EACT;AAEA,EAAA,MAAM,wBAAwB,MAAM,2BAAA;AAAA,IAClC,OAAA;AAAA,IACA,cAAA;AAAA,IACA,QAAA;AAAA,IACA,SAAA,CAAU,SAAA,CAAU,GAAA,CAAI,CAAA,CAAA,KAAK,EAAE,UAAU;AAAA,GAC3C;AAEA,EAAA,MAAM,QAAA,GAAW;AAAA,IACf,GAAG,SAAA;AAAA,IACH,SAAA,EAAW,UAAU,SAAA,CAAU,MAAA;AAAA,MAAO,CAAA,CAAA,KACpC,qBAAA,CAAsB,QAAA,CAAS,CAAA,CAAE,UAAU;AAAA;AAC7C,GACF;AAEA,EAAA,OAAO,QAAA;AACT,CAAA;AAEA,eAAsB,oBACpB,OAAA,EACiB;AACjB,EAAA,MAAM;AAAA,IACJ,MAAA;AAAA,IACA,MAAA;AAAA,IACA,OAAA;AAAA,IACA,SAAA;AAAA,IACA,WAAA;AAAA,IACA,QAAA;AAAA,IACA,QAAA;AAAA,IACA;AAAA,GACF,GAAI,OAAA;AACJ,EAAA,MAAM,cAAA,GAAiB,kBAAA;AAAA,IACrB,MAAA;AAAA,IACA,MAAA;AAAA,IACA,SAAA;AAAA,IACA;AAAA,GACF;AAEA,EAAA,MAAM,SAAA,GAAY,MAAM,aAAA,CAAc,cAAA,CAAe,mBAAmB,CAAA;AAExE,EAAA,MAAM,SAASI,cAAA,EAAO;AACtB,EAAA,MAAM,+BAA+BC,sDAAA,CAAkC;AAAA,IACrE,WAAA,EAAaC;AAAA,GACd,CAAA;AACD,EAAA,MAAM,qBAAqB,MAAA,CAAO,iBAAA;AAAA,IAChC;AAAA,GACF;AASA,EAAA,MAAA,CAAO,IAAIC,wBAAA,CAAQ,IAAA,CAAK,EAAE,KAAA,EAAO,kBAAA,EAAoB,CAAC,CAAA;AACtD,EAAA,MAAA,CAAO,IAAI,4BAA4B,CAAA;AACvC,EAAA,MAAA,CAAO,GAAA,CAAI,YAAA,EAAcA,wBAAA,CAAQ,IAAA,EAAM,CAAA;AACvC,EAAA,MAAA,CAAO,GAAA,CAAI,SAAA,EAAW,CAAC,CAAA,EAAG,QAAA,KAAa;AACrC,IAAA,MAAA,CAAO,KAAK,OAAO,CAAA;AACnB,IAAA,QAAA,CAAS,IAAA,CAAK,EAAE,MAAA,EAAQ,IAAA,EAAM,CAAA;AAAA,EAChC,CAAC,CAAA;AAED,EAAA,mBAAA;AAAA,IACE,cAAA;AAAA,IACA,SAAA;AAAA,IACA,WAAA;AAAA,IACA,QAAA;AAAA,IACA,OAAA;AAAA,IACA;AAAA,GACF;AAEA,EAAA,MAAA,CAAO,GAAA,CAAI,CAAC,GAAA,EAAK,GAAA,EAAK,IAAA,KAAS;AAC7B,IAAA,IAAI,CAAC,IAAA,EAAM;AACT,MAAA,MAAM,IAAI,MAAM,mBAAmB,CAAA;AAAA,IACrC;AAEA,IAAA,OAAO,SAAA,CAAU,eACd,aAAA,CAAc,GAAA,EAAgB,KAAK,GAAA,EAAK,IAAI,CAAA,CAC5C,KAAA,CAAM,CAAA,KAAA,KAAS;AACd,MAAA,OAAA,CACG,WAAA,CAAY;AAAA,QACX,OAAA,EAAS,uBAAA;AAAA,QACT,OAAA,EAAS,GAAA;AAAA;AAAA,QAET,aAAA,EAAe,MAAA;AAAA,QACf,MAAM;AAAC,OACR,CAAA,CACA,IAAA,CAAK,CAAA,KAAA,KAAS;AACb,QAAA,KAAA,CAAM,IAAA,CAAK;AAAA,UACT,MAAM,EAAC;AAAA,UACP;AAAA,SACD,CAAA;AAAA,MACH,CAAC,CAAA;AAEH,MAAA,IAAA,CAAK,KAAK,CAAA;AAAA,IACZ,CAAC,CAAA;AAAA,EACL,CAAC,CAAA;AAED,EAAA,MAAM,aAAaC,gCAAA,CAAkB,MAAA,CAAO,EAAE,MAAA,EAAQ,QAAQ,CAAA;AAE9D,EAAA,MAAA,CAAO,IAAI,UAAA,CAAW,KAAA,CAAM,EAAE,YAAA,EAAc,IAAA,EAAM,CAAC,CAAA;AAEnD,EAAA,OAAO,MAAA;AACT;AAEA,SAAS,kBAAA,CACP,MAAA,EACA,MAAA,EACA,SAAA,EACA,6BAAA,EACgB;AAChB,EAAA,MAAM,YAAA,GAAe,MAAA,CAAO,SAAA,CAAU,mCAAmC,CAAA;AACzE,EAAA,MAAM,iBAAA,GACJ,MAAA,CAAO,WAAA,CAAY,oBAAoB,CAAA;AACzC,EAAA,MAAM,gBAAA,GAAmB,IAAIC,iCAAA,CAAiB,YAAA,EAAc,MAAM,CAAA;AAClE,EAAA,MAAM,oBAAoB,IAAIC,mCAAA;AAAA,IAC5B,gBAAA;AAAA,IACA,MAAA;AAAA,IACA;AAAA,GACF;AAEA,EAAA,MAAM,uBAAuB,IAAIC,yCAAA;AAAA,IAC/B,MAAA;AAAA,IACA,gBAAA;AAAA,IACA;AAAA,GACF;AACA,EAAA,oBAAA,CAAqB,QAAA,CAAS,EAAE,SAAA,EAAsB,CAAA;AAEtD,EAAA,MAAM,6BAA6B,MAAA,CAAO,WAAA;AAAA,IACxC;AAAA,GACF;AACA,EAAA,IAAI,mBAAA;AACJ,EAAA,IAAI,0BAAA,EAA4B;AAC9B,IAAA,mBAAA,GAAsB,6BAAA,CAA8B,YAAY,MAAM,CAAA;AAAA,EACxE;AAEA,EAAA,MAAM,sBAAsB,IAAIC,uCAAA;AAAA,IAC9B,iBAAA;AAAA,IACA,gBAAA;AAAA,IACA,oBAAA;AAAA,IACA;AAAA,GACF;AAEA,EAAA,MAAM,sBAAA,GAAyB,IAAIC,6CAAA,EAAuB;AAE1D,EAAA,OAAO;AAAA,IACL,mBAAA;AAAA,IACA;AAAA,GACF;AACF;AAEA,eAAe,cACb,mBAAA,EACoB;AACpB,EAAA,MAAM,cAAA,GAAiB,IAAIC,6BAAA,CAAe;AAAA,IACxC,UAAA,EAAYC,iDAAA;AAAA,IACZ,MAAA,EAAQ,KAAA;AAAA,IACR,OAAA,EAAS;AAAA,MACP,MAAA,EAAQ,KAAA;AAAA,MACR,YAAA,EAAc,KAAA;AAAA,MACd,OAAA,EAAS,IAAA;AAAA,MACT,aAAA,EAAe,KAAA;AAAA,MACf,OAAA,EAASC;AAAA;AAAA,KACX;AAAA,IACA,QAAA,EAAU;AAAA,MACR,cAAA,EAAgB,OACd,CAAA,EACA,IAAA,EACA,GAAA,KACG;AACH,QAAA,OAAA,CAAQ,GAAA,CAAI,wBAAA,EAA0B,CAAA,CAAE,SAAS,CAAA;AACjD,QAAA,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA,CAAE,IAAA,CAAK,EAAE,GAAA,EAAK,CAAA,CAAE,UAAA,CAAW,MAAA,EAAQ,CAAA;AAAA,MACnD,CAAA;AAAA,MACA,QAAA,EAAU,OAAO,EAAA,EAAI,GAAA,EAAsB,GAAA,KAA0B;AACnE,QAAA,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA,CAAE,IAAA,CAAK,EAAE,KAAK,CAAA,EAAG,GAAA,CAAI,IAAI,CAAA,eAAA,CAAA,EAAmB,CAAA;AAAA,MAC5D,CAAA;AAAA,MACA,gBAAgB,OAAO,EAAA,EAAI,GAAA,EAAsB,GAAA,KAC/C,IAAI,MAAA,CAAO,GAAG,CAAA,CAAE,IAAA,CAAK,EAAE,GAAA,EAAK,CAAA,EAAG,GAAA,CAAI,IAAI,oBAAoB;AAAA;AAC/D,GACD,CAAA;AACD,EAAA,MAAM,eAAe,IAAA,EAAK;AAC1B,EAAA,MAAMC,IAAA,GAAK,IAAIC,KAAA,CAAG,mBAAmB,CAAA;AACrC,EAAA,OAAO,MAAED,MAAI,cAAA,EAAe;AAC9B;AAKA,SAAS,oBACP,QAAA,EACA,SAAA,EACA,WAAA,EACA,QAAA,EACA,SACA,QAAA,EACA;AACA,EAAA,SAAS,wBAAwB,UAAA,EAAiC;AAChE,IAAA,MAAM,KAAA,GAAQ,IAAIE,kCAAA,EAAkB;AACpC,IAAA,UAAA,CAAW,IAAA,CAAK;AAAA,MACd,IAAA,EAAM;AAAA,QACJ,OAAA,EAAS;AAAA,OACX;AAAA,MACA,KAAA,EAAO,IAAIA,kCAAA;AAAkB,KAC9B,CAAA;AAED,IAAA,MAAM,KAAA;AAAA,EACR;AAEA,EAAA,SAAA,CAAU,cAAA,CAAe,QAAA;AAAA,IACvB,+BAAA;AAAA,IACA,OAAO,EAAA,EAAI,GAAA,EAAK,GAAA,EAAuB,IAAA,KAAS;AAC9C,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,WAAA,CAAY;AAAA,QAC3C,OAAA,EAAS,8BAAA;AAAA,QACT,OAAA,EAAS;AAAA,OACV,CAAA;AACD,MAAA,MAAM,YAAA,GAAe,IAAI,IAAA,CAAK,YAAA;AAC9B,MAAA,MAAM,qBAAA,GAAwB,IAAI,IAAA,CAAK,qBAAA;AACvC,MAAA,IAAI;AACF,QAAA,MAAM,MAAA,GAAS,MAAM,SAAA,CAAU,EAAA,CAAG,6BAAA;AAAA,UAChC,YAAA;AAAA,UACA;AAAA,SACF;AAEA,QAAA,MAAM,YAAY,MAAM,yBAAA;AAAA,UACtB,GAAA;AAAA,UACA,WAAA;AAAA,UACA,QAAA;AAAA,UACA;AAAA,SACF;AACA,QAAA,UAAA,CAAW,OAAA,CAAQ;AAAA,UACjB,IAAA,EAAM;AAAA,YACJ,cAAA,EAAgB,UAAU,SAAA,EAAW;AAAA;AACvC,SACD,CAAA;AACD,QAAA,GAAA,CAAI,KAAK,SAAS,CAAA;AAAA,MACpB,SAAS,KAAA,EAAO;AACd,QAAA,UAAA,CAAW,IAAA,CAAK,EAAE,KAAA,EAAO,CAAA;AACzB,QAAA,IAAA,CAAK,KAAK,CAAA;AAAA,MACZ;AAAA,IACF;AAAA,GACF;AAGA,EAAA,SAAA,CAAU,cAAA,CAAe,QAAA;AAAA,IACvB,sBAAA;AAAA,IACA,OAAO,EAAA,EAAI,GAAA,EAAK,GAAA,EAAuB,IAAA,KAAS;AAC9C,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,WAAA,CAAY;AAAA,QAC3C,OAAA,EAAS,uBAAA;AAAA,QACT,OAAA,EAAS;AAAA,OACV,CAAA;AAED,MAAA,IAAI;AACF,QAAA,MAAM,MAAA,GAAS,MAAM,SAAA,CAAU,EAAA,CAAG,oBAAA;AAAA,UAChCC,2BAAgB,GAAG,CAAA;AAAA,UACnB,kBAAkB,GAAG;AAAA,SACvB;AAEA,QAAA,MAAM,YAAY,MAAM,yBAAA;AAAA,UACtB,GAAA;AAAA,UACA,WAAA;AAAA,UACA,QAAA;AAAA,UACA;AAAA,SACF;AACA,QAAA,UAAA,CAAW,OAAA,CAAQ;AAAA,UACjB,IAAA,EAAM;AAAA,YACJ,cAAA,EAAgB,UAAU,SAAA,EAAW;AAAA;AACvC,SACD,CAAA;AACD,QAAA,GAAA,CAAI,KAAK,SAAS,CAAA;AAAA,MACpB,SAAS,KAAA,EAAO;AACd,QAAA,UAAA,CAAW,IAAA,CAAK,EAAE,KAAA,EAAO,CAAA;AACzB,QAAA,IAAA,CAAK,KAAK,CAAA;AAAA,MACZ;AAAA,IACF;AAAA,GACF;AAGA,EAAA,SAAA,CAAU,cAAA,CAAe,QAAA;AAAA,IACvB,uBAAA;AAAA,IACA,OAAO,CAAA,EAAG,GAAA,EAAK,GAAA,EAAK,IAAA,KAAS;AAC3B,MAAA,MAAM,UAAA,GAAa,CAAA,CAAE,OAAA,CAAQ,MAAA,CAAO,UAAA;AAEpC,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,WAAA,CAAY;AAAA,QAC3C,OAAA,EAAS,qBAAA;AAAA,QACT,OAAA,EAAS,GAAA;AAAA,QACT,IAAA,EAAM;AAAA,UACJ,UAAA,EAAY,OAAA;AAAA,UACZ;AAAA;AACF,OACD,CAAA;AAED,MAAA,MAAM,WAAW,MAAM,SAAA;AAAA,QACrB,GAAA;AAAA,QACA;AAAA,UACElB,gEAAA;AAAA,UACAC,yEAAuC,UAAU;AAAA,SACnD;AAAA,QACA,WAAA;AAAA,QACA;AAAA,OACF;AACA,MAAA,IAAI,QAAA,CAAS,MAAA,KAAWH,sCAAA,CAAgB,IAAA,EAAM;AAC5C,QAAA,uBAAA,CAAwB,UAAU,CAAA;AAAA,MACpC;AAEA,MAAA,IAAI;AACF,QAAA,MAAM,MAAA,GAAS,MAAM,SAAA,CAAU,EAAA,CAAG,sBAAsB,UAAU,CAAA;AAClE,QAAA,UAAA,CAAW,OAAA,EAAQ;AACnB,QAAA,GAAA,CAAI,OAAO,GAAG,CAAA,CAAE,YAAY,YAAY,CAAA,CAAE,KAAK,MAAM,CAAA;AAAA,MACvD,SAAS,KAAA,EAAO;AACd,QAAA,UAAA,CAAW,IAAA,CAAK,EAAE,KAAA,EAAO,CAAA;AACzB,QAAA,IAAA,CAAK,KAAK,CAAA;AAAA,MACZ;AAAA,IACF;AAAA,GACF;AAGA,EAAA,SAAA,CAAU,cAAA,CAAe,QAAA;AAAA,IACvB,iBAAA;AAAA,IACA,OAAO,CAAA,EAAG,GAAA,EAAsB,GAAA,EAAuB,IAAA,KAAS;AAC9D,MAAA,MAAM,UAAA,GAAa,CAAA,CAAE,OAAA,CAAQ,MAAA,CAAO,UAAA;AACpC,MAAA,MAAM,WAAA,GAAc,MAAM,QAAA,CAAS,WAAA,CAAY,GAAG,CAAA;AAClD,MAAA,MAAM,QAAQ,GAAA,CAAI,OAAA,CAAQ,eAAe,KAAA,CAAM,GAAG,EAAE,CAAC,CAAA;AACrD,MAAA,MAAM,kBAAkB,MAAA,CACtB,MAAM,QAAA,CAAS,WAAA,CAAY,WAAW,CAAA,EACtC,aAAA;AAEF,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,WAAA,CAAY;AAAA,QAC3C,OAAA,EAAS,kBAAA;AAAA,QACT,OAAA,EAAS,GAAA;AAAA,QACT,IAAA,EAAM;AAAA,UACJ;AAAA;AACF,OACD,CAAA;AAED,MAAA,MAAM,WAAW,MAAM,SAAA;AAAA,QACrB,GAAA;AAAA,QACA;AAAA,UACEqB,mEAAA;AAAA,UACAC,4EAA0C,UAAU;AAAA,SACtD;AAAA,QACA,WAAA;AAAA,QACA;AAAA,OACF;AACA,MAAA,IAAI,QAAA,CAAS,MAAA,KAAWtB,sCAAA,CAAgB,IAAA,EAAM;AAC5C,QAAA,uBAAA,CAAwB,UAAU,CAAA;AAAA,MACpC;AAEA,MAAA,MAAM,4BAA4B,GAAA,CAAI,IAAA;AAEtC,MAAA,OAAO,UAAU,EAAA,CACd,eAAA;AAAA,QACC,yBAAA;AAAA,QACA,UAAA;AAAA,QACA,eAAA;AAAA,QACA;AAAA,OACF,CACC,KAAK,CAAA,MAAA,KAAU;AACd,QAAA,UAAA,CAAW,OAAA,CAAQ,EAAE,IAAA,EAAM,EAAE,IAAI,MAAA,CAAO,EAAA,IAAM,CAAA;AAC9C,QAAA,OAAO,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA,CAAE,KAAK,MAAM,CAAA;AAAA,MACpC,CAAC,CAAA,CACA,KAAA,CAAM,CAAA,KAAA,KAAS;AACd,QAAA,UAAA,CAAW,IAAA,CAAK,EAAE,KAAA,EAAO,CAAA;AACzB,QAAA,IAAA,CAAK,KAAK,CAAA;AAAA,MACZ,CAAC,CAAA;AAAA,IACL;AAAA,GACF;AAGA,EAAA,SAAA,CAAU,cAAA,CAAe,QAAA;AAAA,IACvB,mBAAA;AAAA,IACA,OAAO,CAAA,EAAG,GAAA,EAAsB,GAAA,EAAuB,IAAA,KAAS;AAC9D,MAAA,MAAM,UAAA,GAAa,CAAA,CAAE,OAAA,CAAQ,MAAA,CAAO,UAAA;AACpC,MAAA,MAAM,UAAA,GAAa,CAAA,CAAE,OAAA,CAAQ,MAAA,CAAO,UAAA;AACpC,MAAA,MAAM,QAAQ,GAAA,CAAI,OAAA,CAAQ,eAAe,KAAA,CAAM,GAAG,EAAE,CAAC,CAAA;AACrD,MAAA,MAAM,8BAA8B,GAAA,CAAI,IAAA;AAExC,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,WAAA,CAAY;AAAA,QAC3C,OAAA,EAAS,oBAAA;AAAA,QACT,OAAA,EAAS,GAAA;AAAA,QACT,IAAA,EAAM;AAAA,UACJ,UAAA;AAAA,UACA;AAAA;AACF,OACD,CAAA;AAED,MAAA,MAAM,WAAW,MAAM,SAAA;AAAA,QACrB,GAAA;AAAA,QACA;AAAA,UACEqB,mEAAA;AAAA,UACAC,4EAA0C,UAAU;AAAA,SACtD;AAAA,QACA,WAAA;AAAA,QACA;AAAA,OACF;AACA,MAAA,IAAI,QAAA,CAAS,MAAA,KAAWtB,sCAAA,CAAgB,IAAA,EAAM;AAC5C,QAAA,uBAAA,CAAwB,UAAU,CAAA;AAAA,MACpC;AAEA,MAAA,MAAM,UAAU,EAAA,CACb,iBAAA;AAAA,QACC,UAAA;AAAA,QACA,UAAA;AAAA,QACA,2BAAA;AAAA,QACA;AAAA,OACF,CACC,KAAK,CAAA,MAAA,KAAU;AACd,QAAA,UAAA,CAAW,OAAA,EAAQ;AACnB,QAAA,OAAO,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA,CAAE,KAAK,MAAM,CAAA;AAAA,MACpC,CAAC,CAAA,CACA,KAAA,CAAM,CAAA,KAAA,KAAS;AACd,QAAA,UAAA,CAAW,IAAA,CAAK,EAAE,KAAA,EAAO,CAAA;AACzB,QAAA,IAAA,CAAK,KAAK,CAAA;AAAA,MACZ,CAAC,CAAA;AAAA,IACL;AAAA,GACF;AAGA,EAAA,SAAA,CAAU,cAAA,CAAe,QAAA;AAAA,IACvB,yBAAA;AAAA,IACA,OAAO,CAAA,EAAG,GAAA,EAAsB,GAAA,EAAuB,IAAA,KAAS;AAC9D,MAAA,MAAM,UAAA,GAAa,CAAA,CAAE,OAAA,CAAQ,MAAA,CAAO,UAAA;AAEpC,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,WAAA,CAAY;AAAA,QAC3C,OAAA,EAAS,uBAAA;AAAA,QACT,OAAA,EAAS,GAAA;AAAA,QACT,IAAA,EAAM;AAAA,UACJ,UAAA,EAAY,OAAA;AAAA,UACZ;AAAA;AACF,OACD,CAAA;AAED,MAAA,MAAM,WAAW,MAAM,SAAA;AAAA,QACrB,GAAA;AAAA,QACA;AAAA,UACEE,gEAAA;AAAA,UACAC,yEAAuC,UAAU;AAAA,SACnD;AAAA,QACA,WAAA;AAAA,QACA;AAAA,OACF;AACA,MAAA,IAAI,QAAA,CAAS,MAAA,KAAWH,sCAAA,CAAgB,IAAA,EAAM;AAC5C,QAAA,uBAAA,CAAwB,UAAU,CAAA;AAAA,MACpC;AAEA,MAAA,OAAO,UAAU,EAAA,CACd,uBAAA,CAAwB,UAAU,CAAA,CAClC,KAAK,CAAA,MAAA,KAAU;AACd,QAAA,UAAA,CAAW,OAAA,CAAQ;AAAA,UACjB,IAAA,EAAM;AAAA,YACJ,YAAY,MAAA,CAAO;AAAA;AACrB,SACD,CAAA;AACD,QAAA,OAAO,GAAA,CAAI,KAAK,MAAM,CAAA;AAAA,MACxB,CAAC,CAAA,CACA,KAAA,CAAM,CAAA,KAAA,KAAS;AACd,QAAA,UAAA,CAAW,IAAA,CAAK,EAAE,KAAA,EAAO,CAAA;AACzB,QAAA,IAAA,CAAK,KAAK,CAAA;AAAA,MACZ,CAAC,CAAA;AAAA,IACL;AAAA,GACF;AAGA,EAAA,SAAA,CAAU,cAAA,CAAe,QAAA;AAAA,IACvB,qBAAA;AAAA,IACA,OAAO,EAAA,EAAI,OAAA,EAA0B,GAAA,EAAuB,IAAA,KAAS;AACnE,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,WAAA,CAAY;AAAA,QAC3C,OAAA,EAAS,uBAAA;AAAA,QACT;AAAA,OACD,CAAA;AAID,MAAA,OAAO,SAAA,CAAU,EAAA,CACd,mBAAA,EAAoB,CACpB,KAAK,CAAA,MAAA,KAAU;AACd,QAAA,UAAA,CAAW,OAAA,EAAQ;AACnB,QAAA,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA,CAAE,IAAA,CAAK,MAAM,CAAA;AAAA,MAC7B,CAAC,CAAA,CACA,KAAA,CAAM,CAAA,KAAA,KAAS;AACd,QAAA,UAAA,CAAW,IAAA,CAAK,EAAE,KAAA,EAAO,CAAA;AACzB,QAAA,IAAA,CAAK,KAAK,CAAA;AAAA,MACZ,CAAC,CAAA;AAAA,IACL;AAAA,GACF;AAGA,EAAA,SAAA,CAAU,cAAA,CAAe,QAAA;AAAA,IACvB,4BAAA;AAAA,IACA,OAAO,CAAA,EAAG,GAAA,EAAsB,GAAA,EAAuB,IAAA,KAAS;AAC9D,MAAA,MAAM,UAAA,GAAa,CAAA,CAAE,OAAA,CAAQ,MAAA,CAAO,UAAA;AACpC,MAAA,MAAM,UAAA,GAAa,CAAA,CAAE,OAAA,CAAQ,KAAA,CAAM,UAAA;AAEnC,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,WAAA,CAAY;AAAA,QAC3C,OAAA,EAAS,2BAAA;AAAA,QACT,OAAA,EAAS,GAAA;AAAA,QACT,IAAA,EAAM;AAAA,UACJ,UAAA,EAAY,OAAA;AAAA,UACZ,UAAA;AAAA,UACA;AAAA;AACF,OACD,CAAA;AAED,MAAA,IAAI;AACF,QAAA,MAAM,WAAW,MAAM,SAAA;AAAA,UACrB,GAAA;AAAA,UACA;AAAA,YACEE,gEAAA;AAAA,YACAC,yEAAuC,UAAU;AAAA,WACnD;AAAA,UACA,WAAA;AAAA,UACA;AAAA,SACF;AACA,QAAA,IAAI,QAAA,CAAS,MAAA,KAAWH,sCAAA,CAAgB,IAAA,EAAM;AAC5C,UAAA,uBAAA,CAAwB,UAAU,CAAA;AAAA,QACpC;AAEA,QAAA,MAAM,kBAAA,GACJ,MAAM,QAAA,CAAS,mBAAA,CAAoB,iBAAA,CAAkB;AAAA,UACnD,YAAA,EAAc;AAAA,SACf,CAAA;AAEH,QAAA,IAAI,CAAC,kBAAA,EAAoB;AACvB,UAAA,MAAM,IAAI,KAAA;AAAA,YACR,8CAA8C,UAAU,CAAA;AAAA,WAC1D;AAAA,QACF;AACA,QAAA,MAAM,aAAa,kBAAA,CAAmB,UAAA;AACtC,QAAA,IAAI,CAAC,UAAA,EAAY;AACf,UAAA,MAAM,IAAI,KAAA;AAAA,YACR,2CAA2C,UAAU,CAAA;AAAA,WACvD;AAAA,QACF;AAEA,QAAA,MAAM,UAAA,GACJ,MAAM,QAAA,CAAS,mBAAA,CAAoB,uBAAA,CAAwB;AAAA,UACzD,YAAA,EAAc;AAAA,SACf,CAAA;AAEH,QAAA,IAAI,CAAC,UAAA,EAAY;AACf,UAAA,MAAM,IAAI,KAAA;AAAA,YACR;AAAA,WACF;AAAA,QACF;AAEA,QAAA,IAAI,CAAC,WAAW,eAAA,EAAiB;AAC/B,UAAA,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA,CAAE,IAAA,CAAK,EAAE,CAAA;AACvB,UAAA;AAAA,QACF;AAEA,QAAA,MAAM,iBAAA,GAAoB,UAAA,GACtB,MAAM,QAAA,CAAS,oBAAoB,sBAAA,CAAuB;AAAA,UACxD;AAAA,SACD,CAAA,GACD,KAAA,CAAA;AAEJ,QAAA,MAAM,YAAA,GAAe,iBAAA,GACjB,QAAA,CAAS,sBAAA,CAAuB,mBAAA;AAAA,UAC9B;AAAA,SACF,GACA,KAAA,CAAA;AAEJ,QAAA,MAAM,YAAA,GAAe,MAAM,SAAA,CAAU,EAAA,CAAG,0BAAA;AAAA,UACtC,UAAA;AAAA,UACA;AAAA,SACF;AAEA,QAAA,IAAI,CAAC,YAAA,EAAc,WAAA,EAAa,UAAA,EAAY;AAC1C,UAAA,UAAA,CAAW,OAAA,CAAQ;AAAA,YACjB,IAAA,EAAM;AAAA,cACJ,OAAA,EAAS;AAAA;AACX,WACD,CAAA;AACD,UAAA,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA,CAAE,IAAA,CAAK,EAAE,CAAA;AACvB,UAAA;AAAA,QACF;AAEA,QAAA,MAAM,gBAAA,GAAmB,aAAa,WAAA,CAAY,UAAA;AAClD,QAAA,IAAI,SAAA;AAEJ,QAAA,IAAI,YAAA,EAAc;AAChB,UAAA,SAAA,GAAY,MAAA,CAAO,IAAA,CAAK,gBAAgB,CAAA,CACrC,MAAA,CAAO,CAAA,CAAA,KAAK,CAAA,IAAK,YAAY,CAAA,CAC7B,MAAA,CAAO,CAAC,MAAA,EAAQ,CAAA,KAAM;AACrB,YAAA,IAAI,YAAA,CAAa,CAAC,CAAA,KAAM,KAAA,CAAA,EAAW;AACjC,cAAA,OAAO,MAAA;AAAA,YACT;AACA,YAAA,MAAA,CAAO,CAAC,CAAA,GAAI,YAAA,CAAa,CAAC,CAAA;AAC1B,YAAA,OAAO,MAAA;AAAA,UACT,CAAA,EAAG,EAAgB,CAAA;AAAA,QACvB;AAEA,QAAA,UAAA,CAAW,OAAA,CAAQ;AAAA,UACjB,IAAA,EAAM;AAAA,YACJ,YAAY,YAAA,CAAa;AAAA;AAC3B,SACD,CAAA;AACD,QAAA,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA,CAAE,IAAA,CAAK;AAAA,UACnB,aAAa,YAAA,CAAa,WAAA;AAAA,UAC1B,IAAA,EAAM;AAAA,SACP,CAAA;AAAA,MACH,SAAS,KAAA,EAAO;AACd,QAAA,UAAA,CAAW,IAAA,CAAK,EAAE,KAAA,EAAO,CAAA;AACzB,QAAA,IAAA,CAAK,KAAK,CAAA;AAAA,MACZ;AAAA,IACF;AAAA,GACF;AAGA,EAAA,SAAA,CAAU,cAAA,CAAe,QAAA;AAAA,IACvB,sBAAA;AAAA,IACA,OAAO,CAAA,EAAG,GAAA,EAAsB,GAAA,EAAuB,IAAA,KAAS;AAC9D,MAAA,MAAM,UAAA,GAAa,CAAA,CAAE,OAAA,CAAQ,MAAA,CAAO,UAAA;AAEpC,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,WAAA,CAAY;AAAA,QAC3C,OAAA,EAAS,wBAAA;AAAA,QACT,OAAA,EAAS;AAAA,OACV,CAAA;AAED,MAAA,MAAM,WAAW,MAAM,SAAA;AAAA,QACrB,GAAA;AAAA,QACA;AAAA,UACEE,gEAAA;AAAA,UACAC,yEAAuC,UAAU;AAAA,SACnD;AAAA,QACA,WAAA;AAAA,QACA;AAAA,OACF;AACA,MAAA,IAAI,QAAA,CAAS,MAAA,KAAWH,sCAAA,CAAgB,IAAA,EAAM;AAC5C,QAAA,uBAAA,CAAwB,UAAU,CAAA;AAAA,MACpC;AAEA,MAAA,OAAO,SAAA,CAAU,GACd,YAAA,CAAaoB,0BAAA,CAAgB,GAAG,CAAA,EAAG,iBAAA,CAAkB,GAAG,CAAA,EAAG;AAAA,QAC1D;AAAA,OACD,CAAA,CACA,IAAA,CAAK,CAAA,MAAA,KAAU;AACd,QAAA,UAAA,CAAW,OAAA,EAAQ;AACnB,QAAA,GAAA,CAAI,KAAK,MAAM,CAAA;AAAA,MACjB,CAAC,CAAA,CACA,KAAA,CAAM,CAAA,KAAA,KAAS;AACd,QAAA,UAAA,CAAW,IAAA,CAAK,EAAE,KAAA,EAAO,CAAA;AACzB,QAAA,IAAA,CAAK,KAAK,CAAA;AAAA,MACZ,CAAC,CAAA;AAAA,IACL;AAAA,GACF;AAGA,EAAA,SAAA,CAAU,cAAA,CAAe,QAAA;AAAA,IACvB,yBAAA;AAAA,IACA,OAAO,CAAA,EAAG,GAAA,EAAsB,GAAA,EAAuB,IAAA,KAAS;AAC9D,MAAA,MAAM,UAAA,GAAa,CAAA,CAAE,OAAA,CAAQ,MAAA,CAAO,UAAA;AAEpC,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,WAAA,CAAY;AAAA,QAC3C,OAAA,EAAS,uBAAA;AAAA,QACT,OAAA,EAAS;AAAA,OACV,CAAA;AAED,MAAA,MAAM,WAAW,MAAM,SAAA;AAAA,QACrB,GAAA;AAAA,QACA;AAAA,UACElB,gEAAA;AAAA,UACAC,yEAAuC,UAAU;AAAA,SACnD;AAAA,QACA,WAAA;AAAA,QACA;AAAA,OACF;AACA,MAAA,IAAI,QAAA,CAAS,MAAA,KAAWH,sCAAA,CAAgB,IAAA,EAAM;AAC5C,QAAA,uBAAA,CAAwB,UAAU,CAAA;AAAA,MACpC;AAEA,MAAA,OAAO,UAAU,EAAA,CACd,mBAAA,CAAoB,UAAU,CAAA,CAC9B,KAAK,CAAA,MAAA,KAAU;AACd,QAAA,UAAA,CAAW,OAAA,EAAQ;AACnB,QAAA,GAAA,CAAI,KAAK,MAAM,CAAA;AAAA,MACjB,CAAC,CAAA,CACA,KAAA,CAAM,CAAA,KAAA,KAAS;AACd,QAAA,UAAA,CAAW,IAAA,CAAK,EAAE,KAAA,EAAO,CAAA;AACzB,QAAA,IAAA,CAAK,KAAK,CAAA;AAAA,MACZ,CAAC,CAAA;AAAA,IACL;AAAA,GACF;AAGA,EAAA,SAAA,CAAU,cAAA,CAAe,QAAA;AAAA,IACvB,cAAA;AAAA,IACA,OAAO,EAAA,EAAI,GAAA,EAAsB,GAAA,EAAuB,IAAA,KAAS;AAC/D,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,WAAA,CAAY;AAAA,QAC3C,OAAA,EAAS,eAAA;AAAA,QACT,OAAA,EAAS;AAAA,OACV,CAAA;AAED,MAAA,IAAI;AAEF,QAAA,MAAM,cAAA,GAAiB,SAAA,CAAU,EAAA,CAAG,cAAA,EAAe;AACnD,QAAA,MAAM,wBACJ,MAAM,2BAAA;AAAA,UACJ,GAAA;AAAA,UACA,WAAA;AAAA,UACA,QAAA;AAAA,UACA;AAAA,SACF;AAEF,QAAA,IAAI,CAAC,qBAAA,IAAyB,qBAAA,CAAsB,MAAA,KAAW,CAAA;AAC7D,UAAA,GAAA,CAAI,IAAA,CAAK,EAAE,CAAA;AAEb,QAAA,MAAM,WAAA,GAAc,MAAM,QAAA,CAAS,WAAA,CAAY,GAAG,CAAA;AAClD,QAAA,MAAM,eAAA,GAAA,CAAmB,MAAM,QAAA,CAAS,WAAA,CAAY,WAAW,CAAA,EAC5D,aAAA;AACH,QAAA,MAAM,oCAAA;AAAA;AAAA,UACJ,MAAM,8CAAA;AAAA,YACJ,GAAA;AAAA,YACA,WAAA;AAAA,YACA;AAAA;AACF,SAAA;AAEF,QAAA,MAAM,cAAA,GAAiB,kBAAkB,GAAG,CAAA;AAE5C,QAAA,IAAI,OAAA,GAAU,cAAA;AAEd,QAAA,IAAI,CAAC,oCAAA,EAAsC;AACzC,UAAA,MAAM,qBAAA,GAAqC;AAAA,YACzC,QAAA,EAAU,IAAA;AAAA,YACV,KAAA,EAAO,eAAA;AAAA,YACP,KAAA,EAAO;AAAA,WACT;AAEA,UAAA,MAAM,qBAAA,GAAsC;AAAA,YAC1C,KAAA,EAAO,WAAA;AAAA,YACP,MAAA,EAAQ;AAAA,WACV;AAEA,UAAA,IAAI,mBAAmB,KAAA,CAAA,EAAW;AAChC,YAAA,OAAA,GAAU,qBAAA;AAAA,UACZ,CAAA,MAAO;AAEL,YAAA,OAAA,GAAU;AAAA,cACR,QAAA,EAAU,KAAA;AAAA,cACV,OAAA,EAAS,CAAC,qBAAA,EAAuB,cAAc;AAAA,aACjD;AAAA,UACF;AAAA,QACF;AAEA,QAAA,MAAM,MAAA,GAAS,MAAM,SAAA,CAAU,EAAA,CAAG,YAAA;AAAA,UAChCoB,2BAAgB,GAAG,CAAA;AAAA,UACnB,OAAA;AAAA,UACA;AAAA,SACF;AAEA,QAAA,UAAA,CAAW,QAAQ,EAAE,IAAA,EAAM,EAAE,qBAAA,IAAyB,CAAA;AACtD,QAAA,GAAA,CAAI,KAAK,MAAM,CAAA;AAAA,MACjB,SAAS,KAAA,EAAO;AACd,QAAA,UAAA,CAAW,IAAA,CAAK,EAAE,KAAA,EAAO,CAAA;AACzB,QAAA,IAAA,CAAK,KAAK,CAAA;AAAA,MACZ;AAAA,IACF;AAAA,GACF;AAGA,EAAA,SAAA,CAAU,cAAA,CAAe,QAAA;AAAA,IACvB,iBAAA;AAAA,IACA,OAAO,CAAA,EAAG,OAAA,EAA0B,GAAA,EAAuB,IAAA,KAAS;AAClE,MAAA,MAAM,UAAA,GAAa,CAAA,CAAE,OAAA,CAAQ,MAAA,CAAO,UAAA;AAEpC,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,WAAA,CAAY;AAAA,QAC3C,OAAA,EAAS,cAAA;AAAA,QACT,OAAA;AAAA,QACA,IAAA,EAAM;AAAA,UACJ,UAAA,EAAY,OAAA;AAAA,UACZ;AAAA;AACF,OACD,CAAA;AAED,MAAA,IAAI;AACF,QAAA,MAAM,QAAA,GAAW,MAAM,SAAA,CAAU,EAAA,CAAG,gBAAgB,UAAU,CAAA;AAE9D,QAAA,MAAM,aAAa,QAAA,CAAS,SAAA;AAE5B,QAAA,MAAM,WAAW,MAAM,SAAA;AAAA,UACrB,OAAA;AAAA,UACA;AAAA,YACElB,gEAAA;AAAA,YACAC,yEAAuC,UAAU;AAAA,WACnD;AAAA,UACA,WAAA;AAAA,UACA;AAAA,SACF;AACA,QAAA,IAAI,QAAA,CAAS,MAAA,KAAWH,sCAAA,CAAgB,IAAA,EAAM;AAC5C,UAAA,uBAAA,CAAwB,UAAU,CAAA;AAAA,QACpC;AAEA,QAAA,MAAM,WAAA,GAAc,MAAM,QAAA,CAAS,WAAA,CAAY,OAAO,CAAA;AACtD,QAAA,MAAM,eAAA,GAAA,CAAmB,MAAM,QAAA,CAAS,WAAA,CAAY,WAAW,CAAA,EAC5D,aAAA;AAEH,QAAA,MAAM,uCACJ,MAAM,8CAAA;AAAA,UACJ,OAAA;AAAA,UACA,WAAA;AAAA,UACA;AAAA,SACF;AAGF,QAAA,IAAI,CAAC,oCAAA,EAAsC;AACzC,UAAA,MAAM,0BAA0B,QAAA,CAAS,eAAA;AAOzC,UAAA,IAAI,CAAC,uBAAA,EAAyB;AAC5B,YAAA,MAAM,IAAIuB,sBAAA;AAAA,cACR,CAAA,2BAAA,EAA8B,UAAU,CAAA,wCAAA,EACG,UAAU,CAAA,uOAAA;AAAA,aAIvD;AAAA,UACF;AAEA,UAAA,IAAI,4BAA4B,eAAA,EAAiB;AAC/C,YAAA,MAAM,IAAIA,sBAAA;AAAA,cACR,8BAA8B,UAAU,CAAA,sCAAA,EACC,uBAAuB,CAAA,gBAAA,EAAmB,eAAe,8DACtC,UAAU,CAAA,wIAAA;AAAA,aAGxE;AAAA,UACF;AAAA,QACF;AAEA,QAAA,UAAA,CAAW,OAAA,EAAQ;AACnB,QAAA,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA,CAAE,IAAA,CAAK,QAAQ,CAAA;AAAA,MAC/B,SAAS,KAAA,EAAO;AACd,QAAA,UAAA,CAAW,IAAA,CAAK,EAAE,KAAA,EAAO,CAAA;AACzB,QAAA,IAAA,CAAK,KAAK,CAAA;AAAA,MACZ;AAAA,IACF;AAAA,GACF;AAGA,EAAA,SAAA,CAAU,cAAA,CAAe,QAAA;AAAA,IACvB,oBAAA;AAAA,IACA,OAAO,CAAA,EAAG,OAAA,EAA0B,GAAA,EAAuB,IAAA,KAAS;AAClE,MAAA,MAAM,UAAA,GAAa,CAAA,CAAE,OAAA,CAAQ,MAAA,CAAO,UAAA;AAIpC,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,WAAA,CAAY;AAAA,QAC3C,OAAA,EAAS,sBAAA;AAAA,QACT,OAAA;AAAA,QACA,IAAA,EAAM;AAAA,UACJ,UAAA,EAAY,OAAA;AAAA,UACZ;AAAA;AACF,OACD,CAAA;AAED,MAAA,IAAI;AAEF,QAAA,IAAI,CAAC,QAAA,CAAS,mBAAA,CAAoB,cAAA,EAAe,EAAG;AAClD,UAAA,MAAM,IAAI,MAAM,CAAA,qBAAA,CAAuB,CAAA;AAAA,QACzC;AACA,QAAA,MAAM,QAAA,GAAW,MAAM,SAAA,CAAU,EAAA,CAAG,gBAAgB,UAAU,CAAA;AAC9D,QAAA,MAAM,aAAa,QAAA,CAAS,SAAA;AAE5B,QAAA,MAAM,WAAW,MAAM,SAAA;AAAA,UACrB,OAAA;AAAA,UACA;AAAA,YACErB,gEAAA;AAAA,YACAC,yEAAuC,UAAU;AAAA,WACnD;AAAA,UACA,WAAA;AAAA,UACA;AAAA,SACF;AACA,QAAA,IAAI,QAAA,CAAS,MAAA,KAAWH,sCAAA,CAAgB,IAAA,EAAM;AAC5C,UAAA,uBAAA,CAAwB,UAAU,CAAA;AAAA,QACpC;AAEA,QAAA,MAAM,WAAA,GAAc,MAAM,QAAA,CAAS,WAAA,CAAY,OAAO,CAAA;AACtD,QAAA,MAAM,eAAA,GAAA,CAAmB,MAAM,QAAA,CAAS,WAAA,CAAY,WAAW,CAAA,EAC5D,aAAA;AAEH,QAAA,MAAM,uCACJ,MAAM,8CAAA;AAAA,UACJ,OAAA;AAAA,UACA,WAAA;AAAA,UACA;AAAA,SACF;AAGF,QAAA,IAAI,CAAC,oCAAA,EAAsC;AACzC,UAAA,MAAM,0BAA0B,QAAA,CAAS,eAAA;AACzC,UAAA,IAAI,4BAA4B,eAAA,EAAiB;AAC/C,YAAA,MAAM,IAAI,KAAA;AAAA,cACR,mCAAmC,UAAU,CAAA,uBAAA;AAAA,aAC/C;AAAA,UACF;AAAA,QACF;AAEA,QAAA,MAAM,IAAA,GAAO,MAAM,SAAA,CAAU,EAAA,CAAG,0BAA0B,QAAQ,CAAA;AAElE,QAAA,UAAA,CAAW,OAAA,EAAQ;AACnB,QAAA,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA,CAAE,IAAA,CAAK,IAAI,CAAA;AAAA,MAC3B,SAAS,KAAA,EAAO;AACd,QAAA,UAAA,CAAW,IAAA,CAAK,EAAE,KAAA,EAAO,CAAA;AACzB,QAAA,IAAA,CAAK,KAAK,CAAA;AAAA,MACZ;AAAA,IACF;AAAA,GACF;AAGA,EAAA,SAAA,CAAU,cAAA,CAAe,QAAA;AAAA,IACvB,eAAA;AAAA,IACA,OAAO,CAAA,EAAG,OAAA,EAAS,GAAA,EAAK,IAAA,KAAS;AAC/B,MAAA,MAAM,UAAA,GAAa,CAAA,CAAE,OAAA,CAAQ,MAAA,CAAO,UAAA;AAEpC,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,WAAA,CAAY;AAAA,QAC3C,OAAA,EAAS,gBAAA;AAAA,QACT,OAAA;AAAA,QACA,IAAA,EAAM;AAAA,UACJ,UAAA,EAAY,OAAA;AAAA,UACZ;AAAA;AACF,OACD,CAAA;AAED,MAAA,IAAI;AACF,QAAA,MAAM,QAAA,GAAW,MAAM,SAAA,CAAU,EAAA,CAAG,gBAAgB,UAAU,CAAA;AAC9D,QAAA,MAAM,aAAa,QAAA,CAAS,SAAA;AAE5B,QAAA,MAAM,WAAW,MAAM,SAAA;AAAA,UACrB,OAAA;AAAA,UACA;AAAA,YACEqB,mEAAA;AAAA,YACAC,4EAA0C,UAAU;AAAA,WACtD;AAAA,UACA,WAAA;AAAA,UACA;AAAA,SACF;AACA,QAAA,IAAI,QAAA,CAAS,MAAA,KAAWtB,sCAAA,CAAgB,IAAA,EAAM;AAC5C,UAAA,uBAAA,CAAwB,UAAU,CAAA;AAAA,QACpC;AAEA,QAAA,MAAM,SAAS,MAAM,SAAA,CAAU,EAAA,CAAG,aAAA,CAAc,YAAY,UAAU,CAAA;AACtE,QAAA,UAAA,CAAW,QAAQ,EAAE,IAAA,EAAM,EAAE,MAAA,IAAU,CAAA;AACvC,QAAA,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA,CAAE,IAAA,CAAK,MAAM,CAAA;AAAA,MAC7B,SAAS,KAAA,EAAO;AACd,QAAA,UAAA,CAAW,IAAA,CAAK,EAAE,KAAA,EAAO,CAAA;AACzB,QAAA,IAAA,CAAK,KAAK,CAAA;AAAA,MACZ;AAAA,IACF;AAAA,GACF;AACF;AAEA,SAAS,kBAAkB,GAAA,EAAsC;AAC/D,EAAA,OAAO,GAAA,CAAI,IAAA,CAAK,OAAA,GAAW,GAAA,CAAI,KAAK,OAAA,GAAqB,MAAA;AAC3D;;;;"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@red-hat-developer-hub/backstage-plugin-orchestrator-backend",
|
|
3
|
-
"version": "8.9.
|
|
3
|
+
"version": "8.9.1",
|
|
4
4
|
"license": "Apache-2.0",
|
|
5
5
|
"main": "./dist/index.cjs.js",
|
|
6
6
|
"types": "./dist/index.d.ts",
|
|
@@ -84,8 +84,8 @@
|
|
|
84
84
|
"@backstage/plugin-permission-node": "^0.10.11",
|
|
85
85
|
"@backstage/plugin-scaffolder-backend": "^3.2.0",
|
|
86
86
|
"@backstage/plugin-scaffolder-node": "^0.13.0",
|
|
87
|
-
"@red-hat-developer-hub/backstage-plugin-orchestrator-common": "^3.6.
|
|
88
|
-
"@red-hat-developer-hub/backstage-plugin-orchestrator-node": "^1.2.
|
|
87
|
+
"@red-hat-developer-hub/backstage-plugin-orchestrator-common": "^3.6.2",
|
|
88
|
+
"@red-hat-developer-hub/backstage-plugin-orchestrator-node": "^1.2.2",
|
|
89
89
|
"@urql/core": "^6.0.1",
|
|
90
90
|
"ajv-formats": "^2.1.1",
|
|
91
91
|
"cloudevents": "^10.0.0",
|
|
@@ -110,7 +110,7 @@
|
|
|
110
110
|
"@types/fs-extra": "11.0.4",
|
|
111
111
|
"@types/json-schema": "7.0.15",
|
|
112
112
|
"@types/luxon": "^3.7.1",
|
|
113
|
-
"prettier": "3.8.
|
|
113
|
+
"prettier": "3.8.3"
|
|
114
114
|
},
|
|
115
115
|
"peerDependencies": {
|
|
116
116
|
"@backstage-community/plugin-rbac-common": "^1.12.1",
|