@robelest/convex-auth 0.0.2 → 0.0.3-preview

package/dist/server/portal.d.ts

@@ -1,116 +0,0 @@
-import type { HttpRouter } from "convex/server";
-import type { ComponentApi as AuthComponentApi } from "../component/_generated/component.js";
-/**
- * Configure the Convex Auth Portal. Returns all the functions needed to
- * serve the portal admin UI, manage invite links, and query auth data.
- *
- * The portal dogfoods the same `Auth()` instance as your app. Portal admins
- * sign in via email magic link and are identified by accepted invites with
- * `role: "portalAdmin"`.
- *
- * ```ts filename="convex/portal.ts"
- * import { Portal } from "@robelest/convex-auth/component";
- * import { auth } from "./auth";
- * import { components } from "./_generated/api";
- *
- * export const {
- *   hosting, getCurrentDeployment,
- *   portalQuery, portalMutation,
- *   validateInvite, acceptInvite, createPortalInvite,
- *   portal,
- * } = Portal(components.auth, components.selfHosting, auth);
- * ```
- *
- * ## Setup
- *
- * 1. Configure an email provider in your `Auth()` config (e.g. Resend).
- * 2. Generate an admin invite link:
- *    `npx @robelest/convex-auth portal link [--prod]`
- * 3. Visit the link, enter your email, click the magic link, and you're in.
- *
- * The portal URL is auto-derived from `CONVEX_SITE_URL` (always set by Convex).
- * Override with `options.portalUrl` if you need a custom URL.
- */
-export declare function Portal(authComponent: AuthComponentApi, selfHostingComponent: any, auth: any, options?: {
-    portalUrl?: string;
-}): {
-    /**
-     * Combined internal mutation for self-hosting operations.
-     * Used by the CLI (`@robelest/convex-auth portal upload`) to
-     * upload static assets and manage deployments.
-     */
-    hosting: import("convex/server").RegisteredMutation<"internal", any, Promise<any>>;
-    getCurrentDeployment: import("convex/server").RegisteredQuery<"public", {}, Promise<any>>;
-    /**
-     * Validate an invite token. Returns the invite if valid and pending,
-     * or `null` otherwise. Used by the portal UI to check if an invite
-     * link is valid before showing the registration form.
-     */
-    validateInvite: import("convex/server").RegisteredQuery<"public", {
-        tokenHash: string;
-    }, Promise<{
-        _id: any;
-        role: any;
-    } | null>>;
-    /**
-     * Accept a portal invite. Must be called by an authenticated user.
-     * Marks the invite as accepted and records the accepting user's ID.
-     *
-     * The portal UI calls this after the user has signed in via magic link
-     * following an invite link.
-     */
-    acceptInvite: import("convex/server").RegisteredMutation<"public", {
-        tokenHash: string;
-    }, Promise<void>>;
-    /**
-     * Create a portal admin invite. Internal mutation called by the CLI
-     * (`npx @robelest/convex-auth portal link`).
-     */
-    createPortalInvite: import("convex/server").RegisteredMutation<"internal", {
-        tokenHash: string;
-    }, Promise<{
-        portalUrl: string;
-    }>>;
-    /**
-     * Combined portal query for all auth data reads.
-     * Requires the caller to be an authenticated portal admin.
-     *
-     * Actions:
-     * - `listUsers` — List all users
-     * - `listSessions` — List all sessions
-     * - `getUser` — Get a single user by ID (requires `userId`)
-     * - `getUserSessions` — List sessions for a user (requires `userId`)
-     * - `getUserAccounts` — List auth accounts for a user (requires `userId`)
-     * - `isAdmin` — Check if the current user is a portal admin
-     */
-    portalQuery: import("convex/server").RegisteredQuery<"public", {
-        action: string;
-        userId?: string;
-    }, Promise<any>>;
-    /**
-     * Combined portal mutation for all auth data writes.
-     * Requires the caller to be an authenticated portal admin.
-     *
-     * Actions:
-     * - `revokeSession` — Revoke (delete) a session (requires `sessionId`)
-     */
-    portalMutation: import("convex/server").RegisteredMutation<"public", {
-        action: string;
-        sessionId?: string;
-    }, Promise<void>>;
-    portal: {
-        /**
-         * The URL where the portal is served. Used by the Svelte client
-         * as the `redirectTo` for magic link sign-in.
-         */
-        portalUrl: string;
-        /**
-         * Register HTTP routes that serve the portal static UI.
-         */
-        addHttpRoutes: (http: HttpRouter, opts?: {
-            pathPrefix?: string;
-            spaFallback?: boolean;
-        }) => void;
-    };
-};
-//# sourceMappingURL=portal.d.ts.map

package/dist/server/portal.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"portal.d.ts","sourceRoot":"","sources":["../../src/server/portal.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAEhD,OAAO,KAAK,EAAE,YAAY,IAAI,gBAAgB,EAAE,MAAM,sCAAsC,CAAC;AAiC7F;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8BG;AACH,wBAAgB,MAAM,CACpB,aAAa,EAAE,gBAAgB,EAC/B,oBAAoB,EAAE,GAAG,EACzB,IAAI,EAAE,GAAG,EACT,OAAO,CAAC,EAAE;IAAE,SAAS,CAAC,EAAE,MAAM,CAAA;CAAE;IAW9B;;;;OAIG;;;IAoFH;;;;OAIG;;mBAGqD,MAAM;;;;;IAe9D;;;;;;OAMG;;mBAGqD,MAAM;;IAwB9D;;;OAGG;;mBAGqD,MAAM;;;;IAY9D;;;;;;;;;;;OAWG;;gBAQ+B,MAAM;iBAAW,MAAM;;IAkDzD;;;;;;OAMG;;gBAQkC,MAAM;oBAAc,MAAM;;;QAqB7D;;;WAGG;;QAGH;;WAEG;8BAEK,UAAU,SACT;YAAE,UAAU,CAAC,EAAE,MAAM,CAAC;YAAC,WAAW,CAAC,EAAE,OAAO,CAAA;SAAE;;EAY5D"}

package/dist/server/portal.js

@@ -1,294 +0,0 @@
-import { queryGeneric, mutationGeneric, internalMutationGeneric, } from "convex/server";
-import { v } from "convex/values";
-import { registerStaticRoutes } from "@convex-dev/self-hosting";
-// ============================================================================
-// Helpers
-// ============================================================================
-/**
- * Check if the authenticated user is a portal admin.
- * Portal admins are identified by having an accepted invite
- * with `role: "portalAdmin"`.
- */
-async function requirePortalAdmin(ctx, authComponent, userId) {
-    const invites = await ctx.runQuery(authComponent.public.inviteList, {
-        status: "accepted",
-    });
-    const isAdmin = invites.some((invite) => invite.role === "portalAdmin" && invite.acceptedByUserId === userId);
-    if (!isAdmin) {
-        throw new Error("Not authorized: portal admin access required");
-    }
-}
-// ============================================================================
-// Portal() factory
-// ============================================================================
-/**
- * Configure the Convex Auth Portal. Returns all the functions needed to
- * serve the portal admin UI, manage invite links, and query auth data.
- *
- * The portal dogfoods the same `Auth()` instance as your app. Portal admins
- * sign in via email magic link and are identified by accepted invites with
- * `role: "portalAdmin"`.
- *
- * ```ts filename="convex/portal.ts"
- * import { Portal } from "@robelest/convex-auth/component";
- * import { auth } from "./auth";
- * import { components } from "./_generated/api";
- *
- * export const {
- *   hosting, getCurrentDeployment,
- *   portalQuery, portalMutation,
- *   validateInvite, acceptInvite, createPortalInvite,
- *   portal,
- * } = Portal(components.auth, components.selfHosting, auth);
- * ```
- *
- * ## Setup
- *
- * 1. Configure an email provider in your `Auth()` config (e.g. Resend).
- * 2. Generate an admin invite link:
- *    `npx @robelest/convex-auth portal link [--prod]`
- * 3. Visit the link, enter your email, click the magic link, and you're in.
- *
- * The portal URL is auto-derived from `CONVEX_SITE_URL` (always set by Convex).
- * Override with `options.portalUrl` if you need a custom URL.
- */
-export function Portal(authComponent, selfHostingComponent, auth, options) {
-    const portalUrl = options?.portalUrl ??
-        (process.env.CONVEX_SITE_URL
-            ? `${process.env.CONVEX_SITE_URL.replace(/\/$/, "")}/portal`
-            : "/portal");
-    return {
-        // ---- Self-hosting: combined internal mutation for CLI ----
-        /**
-         * Combined internal mutation for self-hosting operations.
-         * Used by the CLI (`@robelest/convex-auth portal upload`) to
-         * upload static assets and manage deployments.
-         */
-        hosting: internalMutationGeneric({
-            args: {
-                action: v.string(),
-                path: v.optional(v.string()),
-                storageId: v.optional(v.string()),
-                blobId: v.optional(v.string()),
-                contentType: v.optional(v.string()),
-                deploymentId: v.optional(v.string()),
-                currentDeploymentId: v.optional(v.string()),
-                limit: v.optional(v.number()),
-            },
-            handler: async (ctx, args) => {
-                switch (args.action) {
-                    case "generateUploadUrl": {
-                        return await ctx.storage.generateUploadUrl();
-                    }
-                    case "recordAsset": {
-                        const { oldStorageId, oldBlobId } = await ctx.runMutation(selfHostingComponent.lib.recordAsset, {
-                            path: args.path,
-                            ...(args.storageId ? { storageId: args.storageId } : {}),
-                            ...(args.blobId ? { blobId: args.blobId } : {}),
-                            contentType: args.contentType,
-                            deploymentId: args.deploymentId,
-                        });
-                        if (oldStorageId) {
-                            try {
-                                await ctx.storage.delete(oldStorageId);
-                            }
-                            catch {
-                                // Ignore — old file may have been in different storage
-                            }
-                        }
-                        return oldBlobId ?? null;
-                    }
-                    case "gcOldAssets": {
-                        const { storageIds, blobIds } = await ctx.runMutation(selfHostingComponent.lib.gcOldAssets, { currentDeploymentId: args.currentDeploymentId });
-                        for (const storageId of storageIds) {
-                            try {
-                                await ctx.storage.delete(storageId);
-                            }
-                            catch {
-                                // Ignore
-                            }
-                        }
-                        await ctx.runMutation(selfHostingComponent.lib.setCurrentDeployment, { deploymentId: args.currentDeploymentId });
-                        return { deleted: storageIds.length, blobIds };
-                    }
-                    case "listAssets": {
-                        return await ctx.runQuery(selfHostingComponent.lib.listAssets, {
-                            limit: args.limit,
-                        });
-                    }
-                    default:
-                        throw new Error(`Unknown hosting action: ${args.action}`);
-                }
-            },
-        }),
-        // ---- Deployment query (public, for client live-reload) ----
-        getCurrentDeployment: queryGeneric({
-            args: {},
-            handler: async (ctx) => {
-                return await ctx.runQuery(selfHostingComponent.lib.getCurrentDeployment, {});
-            },
-        }),
-        // ---- Invite management ----
-        /**
-         * Validate an invite token. Returns the invite if valid and pending,
-         * or `null` otherwise. Used by the portal UI to check if an invite
-         * link is valid before showing the registration form.
-         */
-        validateInvite: queryGeneric({
-            args: { tokenHash: v.string() },
-            handler: async (ctx, { tokenHash }) => {
-                const invite = await ctx.runQuery(authComponent.public.inviteGetByTokenHash, { tokenHash });
-                if (!invite || invite.status !== "pending") {
-                    return null;
-                }
-                if (invite.expiresTime && invite.expiresTime < Date.now()) {
-                    return null;
-                }
-                return { _id: invite._id, role: invite.role };
-            },
-        }),
-        /**
-         * Accept a portal invite. Must be called by an authenticated user.
-         * Marks the invite as accepted and records the accepting user's ID.
-         *
-         * The portal UI calls this after the user has signed in via magic link
-         * following an invite link.
-         */
-        acceptInvite: mutationGeneric({
-            args: { tokenHash: v.string() },
-            handler: async (ctx, { tokenHash }) => {
-                const userId = await auth.user.require(ctx);
-                const invite = await ctx.runQuery(authComponent.public.inviteGetByTokenHash, { tokenHash });
-                if (!invite) {
-                    throw new Error("Invalid invite token");
-                }
-                if (invite.status !== "pending") {
-                    throw new Error(`Invite already ${invite.status}`);
-                }
-                if (invite.expiresTime && invite.expiresTime < Date.now()) {
-                    throw new Error("Invite has expired");
-                }
-                await ctx.runMutation(authComponent.public.inviteAccept, {
-                    inviteId: invite._id,
-                    acceptedByUserId: userId,
-                });
-            },
-        }),
-        /**
-         * Create a portal admin invite. Internal mutation called by the CLI
-         * (`npx @robelest/convex-auth portal link`).
-         */
-        createPortalInvite: internalMutationGeneric({
-            args: { tokenHash: v.string() },
-            handler: async (ctx, { tokenHash }) => {
-                await ctx.runMutation(authComponent.public.inviteCreate, {
-                    tokenHash,
-                    role: "portalAdmin",
-                    status: "pending",
-                });
-                return { portalUrl };
-            },
-        }),
-        // ---- Portal data query (auth-gated) ----
-        /**
-         * Combined portal query for all auth data reads.
-         * Requires the caller to be an authenticated portal admin.
-         *
-         * Actions:
-         * - `listUsers` — List all users
-         * - `listSessions` — List all sessions
-         * - `getUser` — Get a single user by ID (requires `userId`)
-         * - `getUserSessions` — List sessions for a user (requires `userId`)
-         * - `getUserAccounts` — List auth accounts for a user (requires `userId`)
-         * - `isAdmin` — Check if the current user is a portal admin
-         */
-        portalQuery: queryGeneric({
-            args: {
-                action: v.string(),
-                userId: v.optional(v.string()),
-            },
-            handler: async (ctx, { action, userId }) => {
-                const currentUserId = await auth.user.require(ctx);
-                // Allow isAdmin check without admin requirement
-                if (action === "isAdmin") {
-                    try {
-                        await requirePortalAdmin(ctx, authComponent, currentUserId);
-                        return true;
-                    }
-                    catch {
-                        return false;
-                    }
-                }
-                await requirePortalAdmin(ctx, authComponent, currentUserId);
-                switch (action) {
-                    case "listUsers":
-                        return await ctx.runQuery(authComponent.public.userList);
-                    case "listSessions":
-                        return await ctx.runQuery(authComponent.public.sessionList);
-                    case "getUser":
-                        return await ctx.runQuery(authComponent.public.userGetById, {
-                            userId: userId,
-                        });
-                    case "getUserSessions":
-                        return await ctx.runQuery(authComponent.public.sessionListByUser, {
-                            userId: userId,
-                        });
-                    case "getUserAccounts": {
-                        const accounts = await ctx.runQuery(authComponent.public.accountListByUser, { userId: userId });
-                        // Strip secrets — never send password hashes to the frontend
-                        return accounts.map(({ secret: _, ...rest }) => rest);
-                    }
-                    default:
-                        throw new Error(`Unknown portal query action: ${action}`);
-                }
-            },
-        }),
-        // ---- Portal mutation (auth-gated) ----
-        /**
-         * Combined portal mutation for all auth data writes.
-         * Requires the caller to be an authenticated portal admin.
-         *
-         * Actions:
-         * - `revokeSession` — Revoke (delete) a session (requires `sessionId`)
-         */
-        portalMutation: mutationGeneric({
-            args: {
-                action: v.string(),
-                sessionId: v.optional(v.string()),
-            },
-            handler: async (ctx, { action, sessionId }) => {
-                const currentUserId = await auth.user.require(ctx);
-                await requirePortalAdmin(ctx, authComponent, currentUserId);
-                switch (action) {
-                    case "revokeSession":
-                        await ctx.runMutation(authComponent.public.sessionDelete, {
-                            sessionId: sessionId,
-                        });
-                        return;
-                    default:
-                        throw new Error(`Unknown portal mutation action: ${action}`);
-                }
-            },
-        }),
-        // ---- Portal namespace ----
-        portal: {
-            /**
-             * The URL where the portal is served. Used by the Svelte client
-             * as the `redirectTo` for magic link sign-in.
-             */
-            portalUrl,
-            /**
-             * Register HTTP routes that serve the portal static UI.
-             */
-            addHttpRoutes: (http, opts) => {
-                const prefix = opts?.pathPrefix ?? "/portal";
-                // Static file serving
-                registerStaticRoutes(http, selfHostingComponent, {
-                    pathPrefix: prefix,
-                    spaFallback: opts?.spaFallback ?? true,
-                });
-            },
-        },
-    };
-}
-//# sourceMappingURL=portal.js.map

package/dist/server/portal.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"portal.js","sourceRoot":"","sources":["../../src/server/portal.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,YAAY,EACZ,eAAe,EACf,uBAAuB,GACxB,MAAM,eAAe,CAAC;AAEvB,OAAO,EAAE,CAAC,EAAE,MAAM,eAAe,CAAC;AAElC,OAAO,EAAE,oBAAoB,EAAE,MAAM,0BAA0B,CAAC;AAEhE,+EAA+E;AAC/E,UAAU;AACV,+EAA+E;AAE/E;;;;GAIG;AACH,KAAK,UAAU,kBAAkB,CAC/B,GAAQ,EACR,aAA+B,EAC/B,MAAc;IAEd,MAAM,OAAO,GAAG,MAAM,GAAG,CAAC,QAAQ,CAAC,aAAa,CAAC,MAAM,CAAC,UAAU,EAAE;QAClE,MAAM,EAAE,UAAU;KACnB,CAAC,CAAC;IACH,MAAM,OAAO,GAAG,OAAO,CAAC,IAAI,CAC1B,CAAC,MAAW,EAAE,EAAE,CACd,MAAM,CAAC,IAAI,KAAK,aAAa,IAAI,MAAM,CAAC,gBAAgB,KAAK,MAAM,CACtE,CAAC;IACF,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IAClE,CAAC;AACH,CAAC;AAED,+EAA+E;AAC/E,mBAAmB;AACnB,+EAA+E;AAE/E;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8BG;AACH,MAAM,UAAU,MAAM,CACpB,aAA+B,EAC/B,oBAAyB,EACzB,IAAS,EACT,OAAgC;IAEhC,MAAM,SAAS,GACb,OAAO,EAAE,SAAS;QAClB,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe;YAC1B,CAAC,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,SAAS;YAC5D,CAAC,CAAC,SAAS,CAAC,CAAC;IAEjB,OAAO;QACL,6DAA6D;QAE7D;;;;WAIG;QACH,OAAO,EAAE,uBAAuB,CAAC;YAC/B,IAAI,EAAE;gBACJ,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE;gBAClB,IAAI,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;gBAC5B,SAAS,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;gBACjC,MAAM,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;gBAC9B,WAAW,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;gBACnC,YAAY,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;gBACpC,mBAAmB,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;gBAC3C,KAAK,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;aAC9B;YACD,OAAO,EAAE,KAAK,EAAE,GAAQ,EAAE,IAAS,EAAE,EAAE;gBACrC,QAAQ,IAAI,CAAC,MAAM,EAAE,CAAC;oBACpB,KAAK,mBAAmB,CAAC,CAAC,CAAC;wBACzB,OAAO,MAAM,GAAG,CAAC,OAAO,CAAC,iBAAiB,EAAE,CAAC;oBAC/C,CAAC;oBAED,KAAK,aAAa,CAAC,CAAC,CAAC;wBACnB,MAAM,EAAE,YAAY,EAAE,SAAS,EAAE,GAAG,MAAM,GAAG,CAAC,WAAW,CACvD,oBAAoB,CAAC,GAAG,CAAC,WAAW,EACpC;4BACE,IAAI,EAAE,IAAI,CAAC,IAAI;4BACf,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;4BACxD,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;4BAC/C,WAAW,EAAE,IAAI,CAAC,WAAW;4BAC7B,YAAY,EAAE,IAAI,CAAC,YAAY;yBAChC,CACF,CAAC;wBACF,IAAI,YAAY,EAAE,CAAC;4BACjB,IAAI,CAAC;gCACH,MAAM,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;4BACzC,CAAC;4BAAC,MAAM,CAAC;gCACP,uDAAuD;4BACzD,CAAC;wBACH,CAAC;wBACD,OAAO,SAAS,IAAI,IAAI,CAAC;oBAC3B,CAAC;oBAED,KAAK,aAAa,CAAC,CAAC,CAAC;wBACnB,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,GAAG,MAAM,GAAG,CAAC,WAAW,CACnD,oBAAoB,CAAC,GAAG,CAAC,WAAW,EACpC,EAAE,mBAAmB,EAAE,IAAI,CAAC,mBAAmB,EAAE,CAClD,CAAC;wBACF,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;4BACnC,IAAI,CAAC;gCACH,MAAM,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;4BACtC,CAAC;4BAAC,MAAM,CAAC;gCACP,SAAS;4BACX,CAAC;wBACH,CAAC;wBACD,MAAM,GAAG,CAAC,WAAW,CACnB,oBAAoB,CAAC,GAAG,CAAC,oBAAoB,EAC7C,EAAE,YAAY,EAAE,IAAI,CAAC,mBAAmB,EAAE,CAC3C,CAAC;wBACF,OAAO,EAAE,OAAO,EAAE,UAAU,CAAC,MAAM,EAAE,OAAO,EAAE,CAAC;oBACjD,CAAC;oBAED,KAAK,YAAY,CAAC,CAAC,CAAC;wBAClB,OAAO,MAAM,GAAG,CAAC,QAAQ,CAAC,oBAAoB,CAAC,GAAG,CAAC,UAAU,EAAE;4BAC7D,KAAK,EAAE,IAAI,CAAC,KAAK;yBAClB,CAAC,CAAC;oBACL,CAAC;oBAED;wBACE,MAAM,IAAI,KAAK,CAAC,2BAA2B,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;gBAC9D,CAAC;YACH,CAAC;SACF,CAAC;QAEF,8DAA8D;QAE9D,oBAAoB,EAAE,YAAY,CAAC;YACjC,IAAI,EAAE,EAAE;YACR,OAAO,EAAE,KAAK,EAAE,GAAQ,EAAE,EAAE;gBAC1B,OAAO,MAAM,GAAG,CAAC,QAAQ,CACvB,oBAAoB,CAAC,GAAG,CAAC,oBAAoB,EAC7C,EAAE,CACH,CAAC;YACJ,CAAC;SACF,CAAC;QAEF,8BAA8B;QAE9B;;;;WAIG;QACH,cAAc,EAAE,YAAY,CAAC;YAC3B,IAAI,EAAE,EAAE,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE;YAC/B,OAAO,EAAE,KAAK,EAAE,GAAQ,EAAE,EAAE,SAAS,EAAyB,EAAE,EAAE;gBAChE,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,QAAQ,CAC/B,aAAa,CAAC,MAAM,CAAC,oBAAoB,EACzC,EAAE,SAAS,EAAE,CACd,CAAC;gBACF,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;oBAC3C,OAAO,IAAI,CAAC;gBACd,CAAC;gBACD,IAAI,MAAM,CAAC,WAAW,IAAI,MAAM,CAAC,WAAW,GAAG,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;oBAC1D,OAAO,IAAI,CAAC;gBACd,CAAC;gBACD,OAAO,EAAE,GAAG,EAAE,MAAM,CAAC,GAAG,EAAE,IAAI,EAAE,MAAM,CAAC,IAAI,EAAE,CAAC;YAChD,CAAC;SACF,CAAC;QAEF;;;;;;WAMG;QACH,YAAY,EAAE,eAAe,CAAC;YAC5B,IAAI,EAAE,EAAE,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE;YAC/B,OAAO,EAAE,KAAK,EAAE,GAAQ,EAAE,EAAE,SAAS,EAAyB,EAAE,EAAE;gBAChE,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;gBAE5C,MAAM,MAAM,GAAG,MAAM,GAAG,CAAC,QAAQ,CAC/B,aAAa,CAAC,MAAM,CAAC,oBAAoB,EACzC,EAAE,SAAS,EAAE,CACd,CAAC;gBACF,IAAI,CAAC,MAAM,EAAE,CAAC;oBACZ,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;gBAC1C,CAAC;gBACD,IAAI,MAAM,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;oBAChC,MAAM,IAAI,KAAK,CAAC,kBAAkB,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;gBACrD,CAAC;gBACD,IAAI,MAAM,CAAC,WAAW,IAAI,MAAM,CAAC,WAAW,GAAG,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;oBAC1D,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;gBACxC,CAAC;gBAED,MAAM,GAAG,CAAC,WAAW,CAAC,aAAa,CAAC,MAAM,CAAC,YAAY,EAAE;oBACvD,QAAQ,EAAE,MAAM,CAAC,GAAG;oBACpB,gBAAgB,EAAE,MAAM;iBACzB,CAAC,CAAC;YACL,CAAC;SACF,CAAC;QAEF;;;WAGG;QACH,kBAAkB,EAAE,uBAAuB,CAAC;YAC1C,IAAI,EAAE,EAAE,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE;YAC/B,OAAO,EAAE,KAAK,EAAE,GAAQ,EAAE,EAAE,SAAS,EAAyB,EAAE,EAAE;gBAChE,MAAM,GAAG,CAAC,WAAW,CAAC,aAAa,CAAC,MAAM,CAAC,YAAY,EAAE;oBACvD,SAAS;oBACT,IAAI,EAAE,aAAa;oBACnB,MAAM,EAAE,SAAkB;iBAC3B,CAAC,CAAC;gBACH,OAAO,EAAE,SAAS,EAAE,CAAC;YACvB,CAAC;SACF,CAAC;QAEF,2CAA2C;QAE3C;;;;;;;;;;;WAWG;QACH,WAAW,EAAE,YAAY,CAAC;YACxB,IAAI,EAAE;gBACJ,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE;gBAClB,MAAM,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;aAC/B;YACD,OAAO,EAAE,KAAK,EACZ,GAAQ,EACR,EAAE,MAAM,EAAE,MAAM,EAAuC,EACvD,EAAE;gBACF,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;gBAEnD,gDAAgD;gBAChD,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;oBACzB,IAAI,CAAC;wBACH,MAAM,kBAAkB,CAAC,GAAG,EAAE,aAAa,EAAE,aAAa,CAAC,CAAC;wBAC5D,OAAO,IAAI,CAAC;oBACd,CAAC;oBAAC,MAAM,CAAC;wBACP,OAAO,KAAK,CAAC;oBACf,CAAC;gBACH,CAAC;gBAED,MAAM,kBAAkB,CAAC,GAAG,EAAE,aAAa,EAAE,aAAa,CAAC,CAAC;gBAE5D,QAAQ,MAAM,EAAE,CAAC;oBACf,KAAK,WAAW;wBACd,OAAO,MAAM,GAAG,CAAC,QAAQ,CAAC,aAAa,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;oBAE3D,KAAK,cAAc;wBACjB,OAAO,MAAM,GAAG,CAAC,QAAQ,CAAC,aAAa,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;oBAE9D,KAAK,SAAS;wBACZ,OAAO,MAAM,GAAG,CAAC,QAAQ,CAAC,aAAa,CAAC,MAAM,CAAC,WAAW,EAAE;4BAC1D,MAAM,EAAE,MAAO;yBAChB,CAAC,CAAC;oBAEL,KAAK,iBAAiB;wBACpB,OAAO,MAAM,GAAG,CAAC,QAAQ,CAAC,aAAa,CAAC,MAAM,CAAC,iBAAiB,EAAE;4BAChE,MAAM,EAAE,MAAO;yBAChB,CAAC,CAAC;oBAEL,KAAK,iBAAiB,CAAC,CAAC,CAAC;wBACvB,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,QAAQ,CACjC,aAAa,CAAC,MAAM,CAAC,iBAAiB,EACtC,EAAE,MAAM,EAAE,MAAO,EAAE,CACpB,CAAC;wBACF,6DAA6D;wBAC7D,OAAO,QAAQ,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,IAAI,EAAO,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC;oBAC7D,CAAC;oBAED;wBACE,MAAM,IAAI,KAAK,CAAC,gCAAgC,MAAM,EAAE,CAAC,CAAC;gBAC9D,CAAC;YACH,CAAC;SACF,CAAC;QAEF,yCAAyC;QAEzC;;;;;;WAMG;QACH,cAAc,EAAE,eAAe,CAAC;YAC9B,IAAI,EAAE;gBACJ,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE;gBAClB,SAAS,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;aAClC;YACD,OAAO,EAAE,KAAK,EACZ,GAAQ,EACR,EAAE,MAAM,EAAE,SAAS,EAA0C,EAC7D,EAAE;gBACF,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;gBACnD,MAAM,kBAAkB,CAAC,GAAG,EAAE,aAAa,EAAE,aAAa,CAAC,CAAC;gBAE5D,QAAQ,MAAM,EAAE,CAAC;oBACf,KAAK,eAAe;wBAClB,MAAM,GAAG,CAAC,WAAW,CAAC,aAAa,CAAC,MAAM,CAAC,aAAa,EAAE;4BACxD,SAAS,EAAE,SAAU;yBACtB,CAAC,CAAC;wBACH,OAAO;oBAET;wBACE,MAAM,IAAI,KAAK,CAAC,mCAAmC,MAAM,EAAE,CAAC,CAAC;gBACjE,CAAC;YACH,CAAC;SACF,CAAC;QAEF,6BAA6B;QAE7B,MAAM,EAAE;YACN;;;eAGG;YACH,SAAS;YAET;;eAEG;YACH,aAAa,EAAE,CACb,IAAgB,EAChB,IAAqD,EACrD,EAAE;gBACF,MAAM,MAAM,GAAG,IAAI,EAAE,UAAU,IAAI,SAAS,CAAC;gBAE7C,sBAAsB;gBACtB,oBAAoB,CAAC,IAAI,EAAE,oBAAoB,EAAE;oBAC/C,UAAU,EAAE,MAAM;oBAClB,WAAW,EAAE,IAAI,EAAE,WAAW,IAAI,IAAI;iBACvC,CAAC,CAAC;YACL,CAAC;SACF;KACF,CAAC;AACJ,CAAC"}