@rockcarver/frodo-lib 0.12.2-8 → 0.12.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +33 -1
- package/cjs/index.js +3 -3
- package/cjs/index.js.map +1 -1
- package/cjs/ops/AdminOps.js +63 -34
- package/cjs/ops/AdminOps.js.map +1 -1
- package/cjs/ops/IdmOps.test.js.map +1 -0
- package/cjs/ops/IdpOps.js +75 -74
- package/cjs/ops/IdpOps.js.map +1 -1
- package/cjs/ops/IdpOps.test.js.map +1 -0
- package/cjs/ops/JourneyOps.js +5 -2
- package/cjs/ops/JourneyOps.js.map +1 -1
- package/cjs/ops/{SamlOps.js → Saml2Ops.js} +75 -73
- package/cjs/ops/Saml2Ops.js.map +1 -0
- package/cjs/ops/Saml2Ops.test.js.map +1 -0
- package/cjs/test/mocks/ForgeRockApiMockEngine.js +9 -0
- package/cjs/test/mocks/ForgeRockApiMockEngine.js.map +1 -1
- package/cjs/test/mocks/IdmConfigApi/getAllConfigEntities/entities.json +490 -0
- package/esm/index.mjs +1 -1
- package/esm/ops/AdminOps.mjs +32 -29
- package/esm/ops/IdmOps.test.mjs +43 -0
- package/esm/ops/IdpOps.mjs +30 -29
- package/esm/ops/IdpOps.test.mjs +63 -0
- package/esm/ops/JourneyOps.mjs +5 -2
- package/esm/ops/{SamlOps.mjs → Saml2Ops.mjs} +24 -22
- package/esm/ops/Saml2Ops.test.mjs +89 -0
- package/esm/test/mocks/ForgeRockApiMockEngine.mjs +7 -0
- package/esm/test/mocks/IdmConfigApi/getAllConfigEntities/entities.json +490 -0
- package/package.json +2 -2
- package/types/index.d.ts +1 -1
- package/types/index.d.ts.map +1 -1
- package/types/ops/AdminOps.d.ts +1 -0
- package/types/ops/AdminOps.d.ts.map +1 -1
- package/types/ops/IdpOps.d.ts +12 -12
- package/types/ops/IdpOps.d.ts.map +1 -1
- package/types/ops/JourneyOps.d.ts.map +1 -1
- package/types/ops/{SamlOps.d.ts → Saml2Ops.d.ts} +10 -10
- package/types/ops/Saml2Ops.d.ts.map +1 -0
- package/types/test/mocks/ForgeRockApiMockEngine.d.ts +1 -0
- package/types/test/mocks/ForgeRockApiMockEngine.d.ts.map +1 -1
- package/cjs/ops/SamlOps.js.map +0 -1
- package/types/ops/SamlOps.d.ts.map +0 -1
package/CHANGELOG.md
CHANGED
|
@@ -7,6 +7,32 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|
|
7
7
|
|
|
8
8
|
## [Unreleased]
|
|
9
9
|
|
|
10
|
+
## [0.12.2] - 2022-09-15
|
|
11
|
+
|
|
12
|
+
### Added
|
|
13
|
+
|
|
14
|
+
- More unit and regression tests
|
|
15
|
+
|
|
16
|
+
### Changed
|
|
17
|
+
|
|
18
|
+
- Typify code and restructure api and ops layers for library use. As frodo-lib prepares to be a real library for backend use, some of the existing functions will change to cater to that new role. This is an ongoing effort over the next few patch and minor releases.
|
|
19
|
+
|
|
20
|
+
### Fixed
|
|
21
|
+
|
|
22
|
+
- \#33: Describing all journeys in a realm (`frodo journey describe <host>`) now runs properly
|
|
23
|
+
- \#69: AM version is now included in export meta data. This will help identify if an export is suitable for import into a target environment based on both origin and target versions.
|
|
24
|
+
- \#70: AM version is now stored properly in session storage
|
|
25
|
+
- \#71: Importing applications into Catalyst demo environments now works properly
|
|
26
|
+
- \#78: `frodo journey list -l <host>` now runs properly
|
|
27
|
+
- \#80: `frodo idp export -A <host>` now runs properly
|
|
28
|
+
- \#83: `frodo saml export -A <host>` now runs properly
|
|
29
|
+
- \#85: `frodo journey export -A <host>` now runs properly
|
|
30
|
+
- \#90: Exporting journeys from bravo realm of a cloud tenant now works properly
|
|
31
|
+
|
|
32
|
+
## [0.12.2-10] - 2022-09-15
|
|
33
|
+
|
|
34
|
+
## [0.12.2-9] - 2022-09-13
|
|
35
|
+
|
|
10
36
|
## [0.12.2-8] - 2022-09-12
|
|
11
37
|
|
|
12
38
|
## [0.12.2-7] - 2022-09-12
|
|
@@ -469,7 +495,13 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|
|
469
495
|
- Fixed problem with adding connection profiles
|
|
470
496
|
- Miscellaneous bug fixes
|
|
471
497
|
|
|
472
|
-
[Unreleased]: https://github.com/rockcarver/frodo-lib/compare/v0.12.2
|
|
498
|
+
[Unreleased]: https://github.com/rockcarver/frodo-lib/compare/v0.12.2...HEAD
|
|
499
|
+
|
|
500
|
+
[0.12.2]: https://github.com/rockcarver/frodo-lib/compare/v0.12.2-10...v0.12.2
|
|
501
|
+
|
|
502
|
+
[0.12.2-10]: https://github.com/rockcarver/frodo-lib/compare/v0.12.2-9...v0.12.2-10
|
|
503
|
+
|
|
504
|
+
[0.12.2-9]: https://github.com/rockcarver/frodo-lib/compare/v0.12.2-8...v0.12.2-9
|
|
473
505
|
|
|
474
506
|
[0.12.2-8]: https://github.com/rockcarver/frodo-lib/compare/v0.12.2-7...v0.12.2-8
|
|
475
507
|
|
package/cjs/index.js
CHANGED
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
Object.defineProperty(exports, "__esModule", {
|
|
4
4
|
value: true
|
|
5
5
|
});
|
|
6
|
-
exports.VariablesRaw = exports.Variables = exports.Utils = exports.TreeRaw = exports.Theme = exports.StartupRaw = exports.Startup = exports.SecretsRaw = exports.Secrets = exports.Script = exports.
|
|
6
|
+
exports.VariablesRaw = exports.Variables = exports.Utils = exports.TreeRaw = exports.Theme = exports.StartupRaw = exports.Startup = exports.SecretsRaw = exports.Secrets = exports.Script = exports.Saml2 = exports.Realm = exports.Organization = exports.OAuth2OIDCApi = exports.OAuth2Client = exports.NodeRaw = exports.ManagedObject = exports.Log = exports.Journey = exports.Idp = exports.Idm = exports.EmailTemplate = exports.ConnectionProfile = exports.CirclesOfTrust = exports.Authenticate = exports.Admin = void 0;
|
|
7
7
|
exports.getVersion = getVersion;
|
|
8
8
|
exports.state = void 0;
|
|
9
9
|
|
|
@@ -85,9 +85,9 @@ var _Realm = _interopRequireWildcard(require("./ops/RealmOps"));
|
|
|
85
85
|
|
|
86
86
|
exports.Realm = _Realm;
|
|
87
87
|
|
|
88
|
-
var _Saml = _interopRequireWildcard(require("./ops/
|
|
88
|
+
var _Saml = _interopRequireWildcard(require("./ops/Saml2Ops"));
|
|
89
89
|
|
|
90
|
-
exports.
|
|
90
|
+
exports.Saml2 = _Saml;
|
|
91
91
|
|
|
92
92
|
var _Script = _interopRequireWildcard(require("./ops/ScriptOps"));
|
|
93
93
|
|
package/cjs/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","names":["__dirname","path","dirname","fileURLToPath","pkg","JSON","parse","fs","readFileSync","resolve","getVersion","version"],"sources":["index.ts"],"sourcesContent":["import fs from 'fs';\nimport path from 'path';\nimport { fileURLToPath } from 'url';\n\nconst __dirname = path.dirname(fileURLToPath(import.meta.url));\n\nconst pkg = JSON.parse(\n fs.readFileSync(path.resolve(__dirname, '../package.json'), 'utf8')\n);\n\nexport function getVersion() {\n return `v${pkg.version}`;\n}\n\n// Api Layer\nexport * as NodeRaw from './api/NodeApi';\nexport * as TreeRaw from './api/TreeApi';\nexport * as StartupRaw from './api/StartupApi';\nexport * as SecretsRaw from './api/SecretsApi';\nexport * as VariablesRaw from './api/VariablesApi';\n\n// Ops Layer\nexport * as Admin from './ops/AdminOps';\nexport * as Authenticate from './ops/AuthenticateOps';\nexport * as CirclesOfTrust from './ops/CirclesOfTrustOps';\nexport * as ConnectionProfile from './ops/ConnectionProfileOps';\nexport * as EmailTemplate from './ops/EmailTemplateOps';\nexport * as Idm from './ops/IdmOps';\nexport * as Idp from './ops/IdpOps';\nexport * as Journey from './ops/JourneyOps';\nexport * as Log from './ops/LogOps';\nexport * as ManagedObject from './ops/ManagedObjectOps';\nexport * as OAuth2Client from './ops/OAuth2ClientOps';\nexport * as Organization from './ops/OrganizationOps';\nexport * as Realm from './ops/RealmOps';\nexport * as
|
|
1
|
+
{"version":3,"file":"index.js","names":["__dirname","path","dirname","fileURLToPath","pkg","JSON","parse","fs","readFileSync","resolve","getVersion","version"],"sources":["index.ts"],"sourcesContent":["import fs from 'fs';\nimport path from 'path';\nimport { fileURLToPath } from 'url';\n\nconst __dirname = path.dirname(fileURLToPath(import.meta.url));\n\nconst pkg = JSON.parse(\n fs.readFileSync(path.resolve(__dirname, '../package.json'), 'utf8')\n);\n\nexport function getVersion() {\n return `v${pkg.version}`;\n}\n\n// Api Layer\nexport * as NodeRaw from './api/NodeApi';\nexport * as TreeRaw from './api/TreeApi';\nexport * as StartupRaw from './api/StartupApi';\nexport * as SecretsRaw from './api/SecretsApi';\nexport * as VariablesRaw from './api/VariablesApi';\n\n// Ops Layer\nexport * as Admin from './ops/AdminOps';\nexport * as Authenticate from './ops/AuthenticateOps';\nexport * as CirclesOfTrust from './ops/CirclesOfTrustOps';\nexport * as ConnectionProfile from './ops/ConnectionProfileOps';\nexport * as EmailTemplate from './ops/EmailTemplateOps';\nexport * as Idm from './ops/IdmOps';\nexport * as Idp from './ops/IdpOps';\nexport * as Journey from './ops/JourneyOps';\nexport * as Log from './ops/LogOps';\nexport * as ManagedObject from './ops/ManagedObjectOps';\nexport * as OAuth2Client from './ops/OAuth2ClientOps';\nexport * as Organization from './ops/OrganizationOps';\nexport * as Realm from './ops/RealmOps';\nexport * as Saml2 from './ops/Saml2Ops';\nexport * as Script from './ops/ScriptOps';\nexport * as Secrets from './ops/SecretsOps';\nexport * as Startup from './ops/StartupOps';\nexport * as Theme from './ops/ThemeOps';\nexport * as Variables from './ops/VariablesOps';\n// TODO: revisit if there are better ways\nexport * as Utils from './ops/utils/OpsUtils';\n// TODO: reconsider the aproach to pass in state from client\n// lib should be stateless, an aplication should own its state\nexport * as state from './storage/SessionStorage';\n// TODO: need to figure out if this is the right approach or if we should even\n// use a public oauth2/oidc library. might be ok for now since there is only\n// one place where the cli needs to execute an oauth flow.\nexport * as OAuth2OIDCApi from './api/OAuth2OIDCApi';\n"],"mappings":";;;;;;;;;AAAA;;AACA;;AACA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEA,IAAMA,QAAS,GAAGC,aAAA,CAAKC,OAAL,CAAa,IAAAC,kBAAA,sDAAb,CAAlB;;AAEA,IAAMC,GAAG,GAAGC,IAAI,CAACC,KAAL,CACVC,WAAA,CAAGC,YAAH,CAAgBP,aAAA,CAAKQ,OAAL,CAAaT,QAAb,EAAwB,iBAAxB,CAAhB,EAA4D,MAA5D,CADU,CAAZ;;AAIO,SAASU,UAAT,GAAsB;EAC3B,kBAAWN,GAAG,CAACO,OAAf;AACD,C,CAED"}
|
package/cjs/ops/AdminOps.js
CHANGED
|
@@ -12,6 +12,7 @@ exports.listNonOAuth2AdminStaticUserMappings = listNonOAuth2AdminStaticUserMappi
|
|
|
12
12
|
exports.listOAuth2AdminClients = listOAuth2AdminClients;
|
|
13
13
|
exports.listOAuth2CustomClients = listOAuth2CustomClients;
|
|
14
14
|
exports.removeStaticUserMapping = removeStaticUserMapping;
|
|
15
|
+
exports.repairOrgModel = repairOrgModel;
|
|
15
16
|
exports.revokeOAuth2ClientAdminPrivileges = revokeOAuth2ClientAdminPrivileges;
|
|
16
17
|
exports.showGenericExtensionAttributes = showGenericExtensionAttributes;
|
|
17
18
|
|
|
@@ -855,40 +856,7 @@ function _repairOrgModelUser() {
|
|
|
855
856
|
|
|
856
857
|
function repairOrgModelOrg(_x23) {
|
|
857
858
|
return _repairOrgModelOrg.apply(this, arguments);
|
|
858
|
-
}
|
|
859
|
-
// if (!dryRun) {
|
|
860
|
-
// // const rootOrgs = await findRootOrganizations();
|
|
861
|
-
// }
|
|
862
|
-
// }
|
|
863
|
-
// async function extendOrgModelPermissins(dryRun = false) {
|
|
864
|
-
// if (!dryRun) {
|
|
865
|
-
// // const rootOrgs = await findRootOrganizations();
|
|
866
|
-
// }
|
|
867
|
-
// }
|
|
868
|
-
// export async function repairOrgModel(
|
|
869
|
-
// excludeCustomized,
|
|
870
|
-
// extendPermissions,
|
|
871
|
-
// dryRun
|
|
872
|
-
// ) {
|
|
873
|
-
// let repairData = false;
|
|
874
|
-
// repairData = repairData || (await repairOrgModelUser(dryRun));
|
|
875
|
-
// repairData = repairData || (await repairOrgModelOrg(dryRun));
|
|
876
|
-
// if (repairData) {
|
|
877
|
-
// await repairOrgModelData(dryRun);
|
|
878
|
-
// }
|
|
879
|
-
// if (extendPermissions) {
|
|
880
|
-
// await extendOrgModelPermissins(dryRun);
|
|
881
|
-
// }
|
|
882
|
-
// if (dryRun) {
|
|
883
|
-
// printMessage('Dry-run only. Changes are not saved.', 'warn');
|
|
884
|
-
// }
|
|
885
|
-
// }
|
|
886
|
-
// suggested by John K.
|
|
887
|
-
// export async function removeRealmNameFromManagedObjectLabels() {}
|
|
888
|
-
// export async function addRealmNameToManagedObjectLabels() {}
|
|
889
|
-
// export async function cleanUpPostmanArtifacts() {}
|
|
890
|
-
// export async function createSampleThemes() {}
|
|
891
|
-
|
|
859
|
+
}
|
|
892
860
|
|
|
893
861
|
function _repairOrgModelOrg() {
|
|
894
862
|
_repairOrgModelOrg = _asyncToGenerator(function* (dryRun) {
|
|
@@ -929,4 +897,65 @@ function _repairOrgModelOrg() {
|
|
|
929
897
|
});
|
|
930
898
|
return _repairOrgModelOrg.apply(this, arguments);
|
|
931
899
|
}
|
|
900
|
+
|
|
901
|
+
function repairOrgModelData() {
|
|
902
|
+
return _repairOrgModelData.apply(this, arguments);
|
|
903
|
+
}
|
|
904
|
+
|
|
905
|
+
function _repairOrgModelData() {
|
|
906
|
+
_repairOrgModelData = _asyncToGenerator(function* () {
|
|
907
|
+
var dryRun = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : false;
|
|
908
|
+
|
|
909
|
+
if (!dryRun) {// const rootOrgs = await findRootOrganizations();
|
|
910
|
+
}
|
|
911
|
+
});
|
|
912
|
+
return _repairOrgModelData.apply(this, arguments);
|
|
913
|
+
}
|
|
914
|
+
|
|
915
|
+
function extendOrgModelPermissins() {
|
|
916
|
+
return _extendOrgModelPermissins.apply(this, arguments);
|
|
917
|
+
}
|
|
918
|
+
|
|
919
|
+
function _extendOrgModelPermissins() {
|
|
920
|
+
_extendOrgModelPermissins = _asyncToGenerator(function* () {
|
|
921
|
+
var dryRun = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : false;
|
|
922
|
+
|
|
923
|
+
if (!dryRun) {// const rootOrgs = await findRootOrganizations();
|
|
924
|
+
}
|
|
925
|
+
});
|
|
926
|
+
return _extendOrgModelPermissins.apply(this, arguments);
|
|
927
|
+
}
|
|
928
|
+
|
|
929
|
+
function repairOrgModel(_x24, _x25, _x26) {
|
|
930
|
+
return _repairOrgModel.apply(this, arguments);
|
|
931
|
+
} // suggested by John K.
|
|
932
|
+
// export async function removeRealmNameFromManagedObjectLabels() {}
|
|
933
|
+
// export async function addRealmNameToManagedObjectLabels() {}
|
|
934
|
+
// export async function cleanUpPostmanArtifacts() {}
|
|
935
|
+
// export async function createSampleThemes() {}
|
|
936
|
+
|
|
937
|
+
|
|
938
|
+
function _repairOrgModel() {
|
|
939
|
+
_repairOrgModel = _asyncToGenerator(function* (excludeCustomized, extendPermissions, dryRun) {
|
|
940
|
+
var repairData = false;
|
|
941
|
+
repairData = repairData || (yield repairOrgModelUser(dryRun));
|
|
942
|
+
repairData = repairData || (yield repairOrgModelOrg(dryRun));
|
|
943
|
+
|
|
944
|
+
if (excludeCustomized) {//
|
|
945
|
+
}
|
|
946
|
+
|
|
947
|
+
if (repairData) {
|
|
948
|
+
yield repairOrgModelData(dryRun);
|
|
949
|
+
}
|
|
950
|
+
|
|
951
|
+
if (extendPermissions) {
|
|
952
|
+
yield extendOrgModelPermissins(dryRun);
|
|
953
|
+
}
|
|
954
|
+
|
|
955
|
+
if (dryRun) {
|
|
956
|
+
(0, _Console.printMessage)('Dry-run only. Changes are not saved.', 'warn');
|
|
957
|
+
}
|
|
958
|
+
});
|
|
959
|
+
return _repairOrgModel.apply(this, arguments);
|
|
960
|
+
}
|
|
932
961
|
//# sourceMappingURL=AdminOps.js.map
|
package/cjs/ops/AdminOps.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"AdminOps.js","names":["__dirname","path","dirname","fileURLToPath","OAUTH2_CLIENT","JSON","parse","fs","readFileSync","resolve","GENERIC_EXTENSION_ATTRIBUTES","protectedClients","protectedSubjects","privilegedScopes","privilegedRoles","adminScopes","adminDefaultScopes","adminRoles","autoIdRoles","listOAuth2CustomClients","clients","getOAuth2Clients","data","result","map","client","_id","filter","includes","authentication","getConfigEntity","subjects","rsFilter","staticUserMapping","mapping","subject","adminClients","listOAuth2AdminClients","isPrivileged","coreOAuth2ClientConfig","scopes","forEach","scope","roles","role","listNonOAuth2AdminStaticUserMappings","showProtected","adminSubjects","getDynamicClientRegistrationScope","provider","getOAuth2Provider","clientDynamicRegistrationConfig","dynamicClientRegistrationScope","addAdminScopes","clientId","modClient","allAdminScopes","concat","addScopes","value","add","addDefaultScope","defaultScopes","length","printMessage","addClientCredentialsGrantType","modified","advancedOAuth2ClientConfig","grantTypes","push","inherited","addAdminStaticUserMapping","name","error","message","needsAdminMapping","addRoles","mappings","newMapping","localUser","userRoles","putConfigEntity","putConfigEntityError","addAutoIdStaticUserMapping","grantOAuth2ClientAdminPrivileges","getOAuth2Client","clientName","descriptions","startsWith","Date","toLocaleString","putOAuth2Client","removeAdminScopes","finalScopes","finalDefaultScopes","removeClientCredentialsGrantType","finalGrantTypes","grantType","removeAdminStaticUserMapping","finalRoles","removeMapping","revokeOAuth2ClientAdminPrivileges","createOAuth2ClientWithAdminPrivileges","clientSecret","userpassword","createLongLivedToken","secret","lifetime","rememberedLifetime","accessTokenLifetime","response","clientCredentialsGrant","expires","getTime","expires_in","expires_on","description","putSecret","access_token","_","get","newSecret","removeStaticUserMapping","hideGenericExtensionAttributes","includeCustomized","dryRun","managed","propertyNames","Object","keys","updatedObjects","objects","object","getRealmManagedUser","isEqualJson","schema","properties","viewable","showGenericExtensionAttributes","repairOrgModelUser","RDVPs","repairData","queryConfig","flattenProperties","repairOrgModelOrg","getRealmManagedOrganization"],"sources":["ops/AdminOps.ts"],"sourcesContent":["import fs from 'fs';\nimport _ from 'lodash';\nimport {\n getOAuth2Clients,\n getOAuth2Client,\n putOAuth2Client,\n} from '../api/OAuth2ClientApi';\nimport { getConfigEntity, putConfigEntity } from '../api/IdmConfigApi';\nimport { isEqualJson, getRealmManagedUser } from './utils/OpsUtils';\nimport { getRealmManagedOrganization } from './OrganizationOps';\nimport { getOAuth2Provider } from '../api/OAuth2ProviderApi';\nimport { putSecret } from '../api/SecretsApi';\nimport { clientCredentialsGrant } from '../api/OAuth2OIDCApi';\nimport { printMessage } from './utils/Console';\nimport path from 'path';\nimport { fileURLToPath } from 'url';\n\nconst __dirname = path.dirname(fileURLToPath(import.meta.url));\n\nconst OAUTH2_CLIENT = JSON.parse(\n fs.readFileSync(\n path.resolve(__dirname, './templates/OAuth2ClientTemplate.json'),\n 'utf8'\n )\n);\nconst GENERIC_EXTENSION_ATTRIBUTES = JSON.parse(\n fs.readFileSync(\n path.resolve(\n __dirname,\n './templates/cloud/GenericExtensionAttributesTemplate.json'\n ),\n 'utf8'\n )\n);\n\nconst protectedClients = ['ui', 'idm-provisioning'];\nconst protectedSubjects = ['amadmin', 'autoid-resource-server'];\n\nconst privilegedScopes = [\n 'am-introspect-all-tokens',\n 'fr:idm:*',\n 'fr:idc:esv:*',\n];\n// const privilegedUsers = ['openidm-admin'];\nconst privilegedRoles = [\n 'internal/role/openidm-authorized',\n 'internal/role/openidm-admin',\n];\n\nconst adminScopes = ['fr:idm:*', 'fr:idc:esv:*'];\nconst adminDefaultScopes = ['fr:idm:*'];\nconst adminRoles = [\n 'internal/role/openidm-authorized',\n 'internal/role/openidm-admin',\n];\nconst autoIdRoles = [\n 'internal/role/platform-provisioning',\n 'internal/role/openidm-authorized',\n 'internal/role/openidm-admin',\n];\n\n/*\n * List all oauth2 clients, which have a corresponding staticUserMapping\n * in the IDM authentication.json:\n {\n \"_id\": \"authentication\",\n \"rsFilter\": {\n ...\n \"staticUserMapping\": [\n {\n \"subject\": \"someOauth2ClientID\",\n \"localUser\": \"internal/user/openidm-admin\",\n \"userRoles\": \"authzRoles/*\",\n \"roles\": [\n \"internal/role/openidm-authorized\",\n \"internal/role/openidm-admin\"\n ]\n },\n {\n \"subject\": \"RCSClient\",\n \"localUser\": \"internal/user/idm-provisioning\"\n }\n ]\n }\n }\n */\nexport async function listOAuth2CustomClients() {\n let clients = (await getOAuth2Clients()).data.result;\n clients = clients\n .map((client) => client._id)\n .filter((client) => !protectedClients.includes(client));\n const authentication = await getConfigEntity('authentication');\n const subjects = authentication.rsFilter.staticUserMapping\n .map((mapping) => mapping.subject)\n .filter((subject) => !protectedSubjects.includes(subject));\n const adminClients = subjects.filter((subject) => clients.includes(subject));\n return adminClients;\n}\n\n/*\n * List all oauth2 clients, which have the fr:idm:* scope and a \n * corresponding staticUserMapping in the IDM authentication.json\n * and are assigned admin privileges:\n {\n \"_id\": \"authentication\",\n \"rsFilter\": {\n ...\n \"staticUserMapping\": [\n {\n \"subject\": \"someOauth2ClientID\",\n \"localUser\": \"internal/user/openidm-admin\",\n \"userRoles\": \"authzRoles/*\",\n \"roles\": [\n \"internal/role/openidm-authorized\",\n \"internal/role/openidm-admin\"\n ]\n }\n ]\n }\n }\n */\nexport async function listOAuth2AdminClients() {\n let clients = (await getOAuth2Clients()).data.result;\n clients = clients\n .filter((client) => {\n let isPrivileged = false;\n if (client.coreOAuth2ClientConfig.scopes) {\n client.coreOAuth2ClientConfig.scopes.forEach((scope) => {\n if (privilegedScopes.includes(scope)) {\n isPrivileged = true;\n }\n });\n }\n return isPrivileged;\n })\n .map((client) => client._id)\n .filter((client) => !protectedClients.includes(client));\n const authentication = await getConfigEntity('authentication');\n const subjects = authentication.rsFilter.staticUserMapping\n .filter((mapping) => {\n let isPrivileged = false;\n if (mapping.roles) {\n mapping.roles.forEach((role) => {\n if (privilegedRoles.includes(role)) {\n isPrivileged = true;\n }\n });\n }\n return isPrivileged;\n })\n .map((mapping) => mapping.subject)\n .filter((subject) => !protectedSubjects.includes(subject));\n const adminClients = subjects.filter((subject) => clients.includes(subject));\n return adminClients;\n}\n\n/*\n * List all static user mappings that are not oauth2 clients in authentication.json\n * and are assigned admin privileges:\n {\n \"_id\": \"authentication\",\n \"rsFilter\": {\n ...\n \"staticUserMapping\": [\n {\n \"subject\": \"amadmin\",\n \"localUser\": \"internal/user/openidm-admin\",\n \"userRoles\": \"authzRoles/*\",\n \"roles\": [\n \"internal/role/openidm-authorized\",\n \"internal/role/openidm-admin\"\n ]\n },\n {\n \"subject\": \"idm-provisioning\",\n \"localUser\": \"internal/user/idm-provisioning\",\n \"roles\": [\n \"internal/role/platform-provisioning\"\n ]\n },\n {\n \"subject\": \"RCSClient\",\n \"localUser\": \"internal/user/idm-provisioning\"\n },\n {\n \"subject\": \"autoid-resource-server\",\n \"localUser\": \"internal/user/idm-provisioning\",\n \"roles\": [\n \"internal/role/platform-provisioning\",\n \"internal/role/openidm-authorized\",\n \"internal/role/openidm-admin\"\n ]\n }\n ]\n }\n }\n */\nexport async function listNonOAuth2AdminStaticUserMappings(showProtected) {\n let clients = (await getOAuth2Clients()).data.result;\n clients = clients\n .map((client) => client._id)\n .filter((client) => !protectedClients.includes(client));\n const authentication = await getConfigEntity('authentication');\n let subjects = authentication.rsFilter.staticUserMapping\n .filter((mapping) => {\n let isPrivileged = false;\n if (mapping.roles) {\n mapping.roles.forEach((role) => {\n if (privilegedRoles.includes(role)) {\n isPrivileged = true;\n }\n });\n }\n return isPrivileged;\n })\n .map((mapping) => mapping.subject);\n if (!showProtected) {\n subjects = subjects.filter(\n (subject) => !protectedSubjects.includes(subject)\n );\n }\n const adminSubjects = subjects.filter(\n (subject) => !clients.includes(subject)\n );\n return adminSubjects;\n}\n\nasync function getDynamicClientRegistrationScope() {\n const provider = (await getOAuth2Provider()).data;\n return provider.clientDynamicRegistrationConfig\n .dynamicClientRegistrationScope;\n}\n\nasync function addAdminScopes(clientId, client) {\n const modClient = client;\n const allAdminScopes = adminScopes.concat([\n await getDynamicClientRegistrationScope(),\n ]);\n let addScopes = [];\n if (\n modClient.coreOAuth2ClientConfig.scopes &&\n modClient.coreOAuth2ClientConfig.scopes.value\n ) {\n addScopes = allAdminScopes.filter((scope) => {\n let add = false;\n if (!modClient.coreOAuth2ClientConfig.scopes.value.includes(scope)) {\n add = true;\n }\n return add;\n });\n modClient.coreOAuth2ClientConfig.scopes.value =\n modClient.coreOAuth2ClientConfig.scopes.value.concat(addScopes);\n } else {\n modClient.coreOAuth2ClientConfig.scopes.value = allAdminScopes;\n }\n let addDefaultScope = false;\n if (\n modClient.coreOAuth2ClientConfig.defaultScopes &&\n modClient.coreOAuth2ClientConfig.defaultScopes.value\n ) {\n if (modClient.coreOAuth2ClientConfig.defaultScopes.value.length === 0) {\n addDefaultScope = true;\n modClient.coreOAuth2ClientConfig.defaultScopes.value = adminDefaultScopes;\n } else {\n printMessage(\n `Client \"${clientId}\" already has default scopes configured, not adding admin default scope.`\n );\n }\n }\n if (addScopes.length > 0 || addDefaultScope) {\n printMessage(`Adding admin scopes to client \"${clientId}\"...`);\n } else {\n printMessage(`Client \"${clientId}\" already has admin scopes.`);\n }\n return modClient;\n}\n\nfunction addClientCredentialsGrantType(clientId, client) {\n const modClient = client;\n let modified = false;\n if (\n modClient.advancedOAuth2ClientConfig.grantTypes &&\n modClient.advancedOAuth2ClientConfig.grantTypes.value\n ) {\n if (\n !modClient.advancedOAuth2ClientConfig.grantTypes.value.includes(\n 'client_credentials'\n )\n ) {\n modified = true;\n modClient.advancedOAuth2ClientConfig.grantTypes.value.push(\n 'client_credentials'\n );\n }\n } else {\n modClient.advancedOAuth2ClientConfig.grantTypes.value = [\n 'client_credentials',\n ];\n }\n modClient.advancedOAuth2ClientConfig.grantTypes.inherited = false;\n if (modified) {\n printMessage(\n `Adding client credentials grant type to client \"${clientId}\"...`\n );\n } else {\n printMessage(\n `Client \"${clientId}\" already has client credentials grant type.`\n );\n }\n return modClient;\n}\n\nasync function addAdminStaticUserMapping(name) {\n let authentication = {};\n try {\n authentication = await getConfigEntity('authentication');\n } catch (error) {\n printMessage(\n `Error reading IDM authentication configuration: ${error.message}`,\n 'error'\n );\n }\n let needsAdminMapping = true;\n let addRoles = [];\n const mappings = authentication['rsFilter']['staticUserMapping'].map(\n (mapping) => {\n // ignore mappings for other subjects\n if (mapping.subject !== name) {\n return mapping;\n }\n needsAdminMapping = false;\n addRoles = adminRoles.filter((role) => {\n let add = false;\n if (!mapping.roles.includes(role)) {\n add = true;\n }\n return add;\n });\n const newMapping = mapping;\n newMapping.roles = newMapping.roles.concat(addRoles);\n return newMapping;\n }\n );\n if (needsAdminMapping) {\n printMessage(`Creating static user mapping for client \"${name}\"...`);\n mappings.push({\n subject: name,\n localUser: 'internal/user/openidm-admin',\n userRoles: 'authzRoles/*',\n roles: adminRoles,\n });\n }\n authentication['rsFilter']['staticUserMapping'] = mappings;\n if (addRoles.length > 0 || needsAdminMapping) {\n printMessage(\n `Adding admin roles to static user mapping for client \"${name}\"...`\n );\n try {\n await putConfigEntity('authentication', authentication);\n } catch (putConfigEntityError) {\n printMessage(putConfigEntityError, 'error');\n printMessage(`Error: ${putConfigEntityError}`, 'error');\n }\n } else {\n printMessage(\n `Static user mapping for client \"${name}\" already has admin roles.`\n );\n }\n}\n\n/*\n * Add AutoId static user mapping to authentication.json to enable dashboards and other AutoId-based functionality.\n {\n \"_id\": \"authentication\",\n \"rsFilter\": {\n ...\n \"staticUserMapping\": [\n ...\n {\n \"subject\": \"autoid-resource-server\",\n \"localUser\": \"internal/user/idm-provisioning\",\n \"roles\": [\n \"internal/role/platform-provisioning\",\n \"internal/role/openidm-authorized\",\n \"internal/role/openidm-admin\"\n ]\n }\n ]\n }\n }\n */\nexport async function addAutoIdStaticUserMapping() {\n const name = 'autoid-resource-server';\n const authentication = await getConfigEntity('authentication');\n let needsAdminMapping = true;\n let addRoles = [];\n const mappings = authentication.rsFilter.staticUserMapping.map((mapping) => {\n // ignore mappings for other subjects\n if (mapping.subject !== name) {\n return mapping;\n }\n needsAdminMapping = false;\n addRoles = autoIdRoles.filter((role) => {\n let add = false;\n if (!mapping.roles.includes(role)) {\n add = true;\n }\n return add;\n });\n const newMapping = mapping;\n newMapping.roles = newMapping.roles.concat(addRoles);\n return newMapping;\n });\n if (needsAdminMapping) {\n printMessage(`Creating static user mapping for AutoId client \"${name}\"...`);\n mappings.push({\n subject: name,\n localUser: 'internal/user/idm-provisioning',\n userRoles: 'authzRoles/*',\n roles: autoIdRoles,\n });\n }\n authentication.rsFilter.staticUserMapping = mappings;\n if (addRoles.length > 0 || needsAdminMapping) {\n printMessage(\n `Adding required roles to static user mapping for AutoId client \"${name}\"...`\n );\n try {\n await putConfigEntity('authentication', authentication);\n } catch (putConfigEntityError) {\n printMessage(putConfigEntityError, 'error');\n printMessage(`Error: ${putConfigEntityError}`, 'error');\n }\n } else {\n printMessage(\n `Static user mapping for AutoId client \"${name}\" already has all required roles.`\n );\n }\n}\n\nexport async function grantOAuth2ClientAdminPrivileges(clientId) {\n let client = (await getOAuth2Client(clientId)).data;\n if (client.coreOAuth2ClientConfig.clientName.value.length === 0) {\n client.coreOAuth2ClientConfig.clientName.value = [clientId];\n }\n if (\n client.advancedOAuth2ClientConfig.descriptions.value.length === 0 ||\n client.advancedOAuth2ClientConfig.descriptions.value[0].startsWith(\n 'Modified by Frodo'\n ) ||\n client.advancedOAuth2ClientConfig.descriptions.value[0].startsWith(\n 'Created by Frodo'\n )\n ) {\n client.advancedOAuth2ClientConfig.descriptions.value = [\n `Modified by Frodo on ${new Date().toLocaleString()}`,\n ];\n }\n client = await addAdminScopes(clientId, client);\n client = addClientCredentialsGrantType(clientId, client);\n await putOAuth2Client(clientId, client);\n await addAdminStaticUserMapping(clientId);\n}\n\nasync function removeAdminScopes(name, client) {\n const modClient = client;\n const allAdminScopes = adminScopes.concat([\n await getDynamicClientRegistrationScope(),\n ]);\n let finalScopes = [];\n if (\n modClient.coreOAuth2ClientConfig.scopes &&\n modClient.coreOAuth2ClientConfig.scopes.value\n ) {\n finalScopes = modClient.coreOAuth2ClientConfig.scopes.value.filter(\n (scope) => !allAdminScopes.includes(scope)\n );\n }\n if (\n modClient.coreOAuth2ClientConfig.scopes.value.length > finalScopes.length\n ) {\n printMessage(`Removing admin scopes from client \"${name}\"...`);\n modClient.coreOAuth2ClientConfig.scopes.value = finalScopes;\n } else {\n printMessage(`Client \"${name}\" has no admin scopes.`);\n }\n let finalDefaultScopes = [];\n if (\n modClient.coreOAuth2ClientConfig.defaultScopes &&\n modClient.coreOAuth2ClientConfig.defaultScopes.value\n ) {\n finalDefaultScopes =\n modClient.coreOAuth2ClientConfig.defaultScopes.value.filter(\n (scope) => !adminDefaultScopes.includes(scope)\n );\n }\n if (\n modClient.coreOAuth2ClientConfig.defaultScopes.value.length >\n finalDefaultScopes.length\n ) {\n printMessage(`Removing admin default scopes from client \"${name}\"...`);\n modClient.coreOAuth2ClientConfig.defaultScopes.value = finalDefaultScopes;\n } else {\n printMessage(`Client \"${name}\" has no admin default scopes.`);\n }\n return modClient;\n}\n\nfunction removeClientCredentialsGrantType(clientId, client) {\n const modClient = client;\n let modified = false;\n let finalGrantTypes = [];\n if (\n modClient.advancedOAuth2ClientConfig.grantTypes &&\n modClient.advancedOAuth2ClientConfig.grantTypes.value\n ) {\n finalGrantTypes =\n modClient.advancedOAuth2ClientConfig.grantTypes.value.filter(\n (grantType) => grantType !== 'client_credentials'\n );\n modified =\n modClient.advancedOAuth2ClientConfig.grantTypes.value.length >\n finalGrantTypes.length;\n }\n if (modified) {\n printMessage(\n `Removing client credentials grant type from client \"${clientId}\"...`\n );\n modClient.advancedOAuth2ClientConfig.grantTypes.value = finalGrantTypes;\n } else {\n printMessage(\n `Client \"${clientId}\" does not allow client credentials grant type.`\n );\n }\n return modClient;\n}\n\nasync function removeAdminStaticUserMapping(name) {\n const authentication = await getConfigEntity('authentication');\n let finalRoles = [];\n let removeMapping = false;\n let modified = false;\n const mappings = authentication.rsFilter.staticUserMapping\n .map((mapping) => {\n // ignore mappings for other subjects\n if (mapping.subject !== name) {\n return mapping;\n }\n finalRoles = mapping.roles.filter((role) => !adminRoles.includes(role));\n const newMapping = mapping;\n removeMapping = finalRoles.length === 0; // if there are no more roles left on this mapping, flag it for removal\n modified = mapping.roles.length > finalRoles.length; // if there were roles removed, set modified flag\n newMapping.roles = finalRoles;\n return newMapping;\n })\n .filter((mapping) => mapping.subject !== name || !removeMapping);\n authentication.rsFilter.staticUserMapping = mappings;\n if (modified || removeMapping) {\n if (removeMapping) {\n printMessage(`Removing static user mapping for client \"${name}\"...`);\n } else {\n printMessage(\n `Removing admin roles from static user mapping for client \"${name}\"...`\n );\n }\n try {\n await putConfigEntity('authentication', authentication);\n } catch (putConfigEntityError) {\n printMessage(putConfigEntityError, 'error');\n printMessage(`Error: ${putConfigEntityError}`, 'error');\n }\n } else {\n printMessage(\n `Static user mapping for client \"${name}\" has no admin roles.`\n );\n }\n}\n\nexport async function revokeOAuth2ClientAdminPrivileges(clientId) {\n let client = (await getOAuth2Client(clientId)).data;\n if (client.coreOAuth2ClientConfig.clientName.value.length === 0) {\n client.coreOAuth2ClientConfig.clientName.value = [clientId];\n }\n if (\n client.advancedOAuth2ClientConfig.descriptions.value.length === 0 ||\n client.advancedOAuth2ClientConfig.descriptions.value[0].startsWith(\n 'Modified by Frodo'\n ) ||\n client.advancedOAuth2ClientConfig.descriptions.value[0].startsWith(\n 'Created by Frodo'\n )\n ) {\n client.advancedOAuth2ClientConfig.descriptions.value = [\n `Modified by Frodo on ${new Date().toLocaleString()}`,\n ];\n }\n client = await removeAdminScopes(clientId, client);\n client = removeClientCredentialsGrantType(clientId, client);\n await putOAuth2Client(clientId, client);\n await removeAdminStaticUserMapping(clientId);\n}\n\nexport async function createOAuth2ClientWithAdminPrivileges(\n clientId,\n clientSecret\n) {\n let client = OAUTH2_CLIENT;\n client.coreOAuth2ClientConfig.userpassword = clientSecret;\n client.coreOAuth2ClientConfig.clientName.value = [clientId];\n client.advancedOAuth2ClientConfig.descriptions.value = [\n `Created by Frodo on ${new Date().toLocaleString()}`,\n ];\n try {\n client = await addAdminScopes(clientId, client);\n await putOAuth2Client(clientId, client);\n await addAdminStaticUserMapping(clientId);\n } catch (error) {\n printMessage(`Error creating oauth2 client: ${error.message}`, 'error');\n }\n}\n\nexport async function createLongLivedToken(\n clientId,\n clientSecret,\n scope,\n secret,\n lifetime\n) {\n // get oauth2 client\n const client = (await getOAuth2Client(clientId)).data;\n client.userpassword = clientSecret;\n // remember current lifetime\n const rememberedLifetime =\n client.coreOAuth2ClientConfig.accessTokenLifetime.value || 3600;\n // set long token lifetime\n client.coreOAuth2ClientConfig.accessTokenLifetime.value = lifetime;\n await putOAuth2Client(clientId, client);\n const response = (await clientCredentialsGrant(clientId, clientSecret, scope))\n .data;\n const expires = new Date().getTime() + 1000 * response.expires_in;\n response.expires_on = new Date(expires).toLocaleString();\n // reset token lifetime\n client.coreOAuth2ClientConfig.accessTokenLifetime.value = rememberedLifetime;\n await putOAuth2Client(clientId, client);\n // create secret with token as value\n const description = 'Long-lived admin token';\n try {\n await putSecret(secret, response.access_token, description);\n response.secret = secret;\n } catch (error) {\n if (\n _.get(error, 'response.data.code') === 400 &&\n _.get(error, 'response.data.message') ===\n 'Failed to create secret, the secret already exists'\n ) {\n const newSecret = `${secret}-${expires}`;\n printMessage(\n `esv '${secret}' already exists, using ${newSecret}`,\n 'warn'\n );\n await putSecret(newSecret, response.access_token, description);\n response.secret = newSecret;\n }\n }\n delete response.access_token;\n return response;\n}\n\nexport async function removeStaticUserMapping(subject) {\n const authentication = await getConfigEntity('authentication');\n let removeMapping = false;\n const mappings = authentication.rsFilter.staticUserMapping.filter(\n (mapping) => {\n // find the subject and flag it\n if (mapping.subject === subject) {\n removeMapping = true;\n }\n // ignore mappings for other subjects\n return mapping.subject !== subject;\n }\n );\n authentication.rsFilter.staticUserMapping = mappings;\n if (removeMapping) {\n printMessage(`Removing static user mapping for subject \"${subject}\"...`);\n try {\n await putConfigEntity('authentication', authentication);\n } catch (putConfigEntityError) {\n printMessage(putConfigEntityError, 'error');\n printMessage(`Error: ${putConfigEntityError}`, 'error');\n }\n } else {\n printMessage(`No static user mapping for subject \"${subject}\" found.`);\n }\n}\n\nexport async function hideGenericExtensionAttributes(\n includeCustomized,\n dryRun\n) {\n const managed = await getConfigEntity('managed');\n const propertyNames = Object.keys(GENERIC_EXTENSION_ATTRIBUTES);\n const updatedObjects = managed.objects.map((object) => {\n // ignore all other objects\n if (object.name !== getRealmManagedUser()) {\n return object;\n }\n propertyNames.forEach((name) => {\n if (\n isEqualJson(\n GENERIC_EXTENSION_ATTRIBUTES[name],\n object.schema.properties[name],\n ['viewable', 'usageDescription']\n ) ||\n includeCustomized\n ) {\n if (object.schema.properties[name].viewable) {\n printMessage(`${name}: hide`);\n // eslint-disable-next-line no-param-reassign\n object.schema.properties[name].viewable = false;\n } else {\n printMessage(`${name}: ignore (already hidden)`);\n }\n } else {\n printMessage(`${name}: skip (customized)`);\n }\n });\n return object;\n });\n managed.objects = updatedObjects;\n if (dryRun) {\n printMessage('Dry-run only. Changes are not saved.');\n } else {\n try {\n await putConfigEntity('managed', managed);\n } catch (putConfigEntityError) {\n printMessage(putConfigEntityError, 'error');\n printMessage(`Error: ${putConfigEntityError}`, 'error');\n }\n }\n}\n\nexport async function showGenericExtensionAttributes(\n includeCustomized,\n dryRun\n) {\n const managed = await getConfigEntity('managed');\n const propertyNames = Object.keys(GENERIC_EXTENSION_ATTRIBUTES);\n const updatedObjects = managed.objects.map((object) => {\n // ignore all other objects\n if (object.name !== getRealmManagedUser()) {\n return object;\n }\n propertyNames.forEach((name) => {\n if (\n isEqualJson(\n GENERIC_EXTENSION_ATTRIBUTES[name],\n object.schema.properties[name],\n ['viewable', 'usageDescription']\n ) ||\n includeCustomized\n ) {\n if (!object.schema.properties[name].viewable) {\n printMessage(`${name}: show`);\n // eslint-disable-next-line no-param-reassign\n object.schema.properties[name].viewable = true;\n } else {\n printMessage(`${name}: ignore (already showing)`);\n }\n } else {\n printMessage(`${name}: skip (customized)`);\n }\n });\n return object;\n });\n managed.objects = updatedObjects;\n if (dryRun) {\n printMessage('Dry-run only. Changes are not saved.');\n } else {\n try {\n await putConfigEntity('managed', managed);\n } catch (putConfigEntityError) {\n printMessage(putConfigEntityError, 'error');\n printMessage(`Error: ${putConfigEntityError}`, 'error');\n }\n }\n}\n\nasync function repairOrgModelUser(dryRun) {\n const managed = await getConfigEntity('managed');\n const RDVPs = ['memberOfOrgIDs'];\n let repairData = false;\n const updatedObjects = managed.objects.map((object) => {\n // ignore all other objects\n if (object.name !== getRealmManagedUser()) {\n return object;\n }\n printMessage(`${object.name}: checking...`);\n RDVPs.forEach((name) => {\n if (!object.schema.properties[name].queryConfig.flattenProperties) {\n printMessage(`- ${name}: repairing - needs flattening`, 'warn');\n // eslint-disable-next-line no-param-reassign\n object.schema.properties[name].queryConfig.flattenProperties = true;\n repairData = true;\n } else {\n printMessage(`- ${name}: OK`);\n }\n });\n return object;\n });\n managed.objects = updatedObjects;\n if (!dryRun) {\n try {\n await putConfigEntity('managed', managed);\n } catch (putConfigEntityError) {\n printMessage(putConfigEntityError, 'error');\n printMessage(`Error: ${putConfigEntityError}`, 'error');\n }\n }\n return repairData;\n}\n\nasync function repairOrgModelOrg(dryRun) {\n const managed = await getConfigEntity('managed');\n const RDVPs = [\n 'adminIDs',\n 'ownerIDs',\n 'parentAdminIDs',\n 'parentOwnerIDs',\n 'parentIDs',\n ];\n let repairData = false;\n const updatedObjects = managed.objects.map((object) => {\n // ignore all other objects\n if (object.name !== getRealmManagedOrganization()) {\n return object;\n }\n printMessage(`${object.name}: checking...`);\n RDVPs.forEach((name) => {\n if (!object.schema.properties[name].queryConfig.flattenProperties) {\n printMessage(`- ${name}: repairing - needs flattening`, 'warn');\n // eslint-disable-next-line no-param-reassign\n object.schema.properties[name].queryConfig.flattenProperties = true;\n repairData = true;\n } else {\n printMessage(`- ${name}: OK`);\n }\n });\n return object;\n });\n managed.objects = updatedObjects;\n if (!dryRun) {\n try {\n await putConfigEntity('managed', managed);\n } catch (putConfigEntityError) {\n printMessage(putConfigEntityError, 'error');\n printMessage(`Error: ${putConfigEntityError}`, 'error');\n }\n }\n return repairData;\n}\n\n// async function repairOrgModelData(dryRun = false) {\n// if (!dryRun) {\n// // const rootOrgs = await findRootOrganizations();\n// }\n// }\n\n// async function extendOrgModelPermissins(dryRun = false) {\n// if (!dryRun) {\n// // const rootOrgs = await findRootOrganizations();\n// }\n// }\n\n// export async function repairOrgModel(\n// excludeCustomized,\n// extendPermissions,\n// dryRun\n// ) {\n// let repairData = false;\n// repairData = repairData || (await repairOrgModelUser(dryRun));\n// repairData = repairData || (await repairOrgModelOrg(dryRun));\n// if (repairData) {\n// await repairOrgModelData(dryRun);\n// }\n// if (extendPermissions) {\n// await extendOrgModelPermissins(dryRun);\n// }\n// if (dryRun) {\n// printMessage('Dry-run only. Changes are not saved.', 'warn');\n// }\n// }\n\n// suggested by John K.\n// export async function removeRealmNameFromManagedObjectLabels() {}\n// export async function addRealmNameToManagedObjectLabels() {}\n// export async function cleanUpPostmanArtifacts() {}\n// export async function createSampleThemes() {}\n"],"mappings":";;;;;;;;;;;;;;;;;AAAA;;AACA;;AACA;;AAKA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;;;;;;;AAEA,IAAMA,QAAS,GAAGC,aAAA,CAAKC,OAAL,CAAa,IAAAC,kBAAA,sDAAb,CAAlB;;AAEA,IAAMC,aAAa,GAAGC,IAAI,CAACC,KAAL,CACpBC,WAAA,CAAGC,YAAH,CACEP,aAAA,CAAKQ,OAAL,CAAaT,QAAb,EAAwB,uCAAxB,CADF,EAEE,MAFF,CADoB,CAAtB;AAMA,IAAMU,4BAA4B,GAAGL,IAAI,CAACC,KAAL,CACnCC,WAAA,CAAGC,YAAH,CACEP,aAAA,CAAKQ,OAAL,CACET,QADF,EAEE,2DAFF,CADF,EAKE,MALF,CADmC,CAArC;AAUA,IAAMW,gBAAgB,GAAG,CAAC,IAAD,EAAO,kBAAP,CAAzB;AACA,IAAMC,iBAAiB,GAAG,CAAC,SAAD,EAAY,wBAAZ,CAA1B;AAEA,IAAMC,gBAAgB,GAAG,CACvB,0BADuB,EAEvB,UAFuB,EAGvB,cAHuB,CAAzB,C,CAKA;;AACA,IAAMC,eAAe,GAAG,CACtB,kCADsB,EAEtB,6BAFsB,CAAxB;AAKA,IAAMC,WAAW,GAAG,CAAC,UAAD,EAAa,cAAb,CAApB;AACA,IAAMC,kBAAkB,GAAG,CAAC,UAAD,CAA3B;AACA,IAAMC,UAAU,GAAG,CACjB,kCADiB,EAEjB,6BAFiB,CAAnB;AAIA,IAAMC,WAAW,GAAG,CAClB,qCADkB,EAElB,kCAFkB,EAGlB,6BAHkB,CAApB;AAMA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;SACsBC,uB;;;AAatB;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;+CAlCO,aAAyC;IAC9C,IAAIC,OAAO,GAAG,OAAO,IAAAC,iCAAA,GAAP,EAA2BC,IAA3B,CAAgCC,MAA9C;IACAH,OAAO,GAAGA,OAAO,CACdI,GADO,CACFC,MAAD,IAAYA,MAAM,CAACC,GADhB,EAEPC,MAFO,CAECF,MAAD,IAAY,CAACd,gBAAgB,CAACiB,QAAjB,CAA0BH,MAA1B,CAFb,CAAV;IAGA,IAAMI,cAAc,SAAS,IAAAC,6BAAA,EAAgB,gBAAhB,CAA7B;IACA,IAAMC,QAAQ,GAAGF,cAAc,CAACG,QAAf,CAAwBC,iBAAxB,CACdT,GADc,CACTU,OAAD,IAAaA,OAAO,CAACC,OADX,EAEdR,MAFc,CAENQ,OAAD,IAAa,CAACvB,iBAAiB,CAACgB,QAAlB,CAA2BO,OAA3B,CAFP,CAAjB;IAGA,IAAMC,YAAY,GAAGL,QAAQ,CAACJ,MAAT,CAAiBQ,OAAD,IAAaf,OAAO,CAACQ,QAAR,CAAiBO,OAAjB,CAA7B,CAArB;IACA,OAAOC,YAAP;EACD,C;;;;SAwBqBC,sB;;;AAmCtB;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;8CA3EO,aAAwC;IAC7C,IAAIjB,OAAO,GAAG,OAAO,IAAAC,iCAAA,GAAP,EAA2BC,IAA3B,CAAgCC,MAA9C;IACAH,OAAO,GAAGA,OAAO,CACdO,MADO,CACCF,MAAD,IAAY;MAClB,IAAIa,YAAY,GAAG,KAAnB;;MACA,IAAIb,MAAM,CAACc,sBAAP,CAA8BC,MAAlC,EAA0C;QACxCf,MAAM,CAACc,sBAAP,CAA8BC,MAA9B,CAAqCC,OAArC,CAA8CC,KAAD,IAAW;UACtD,IAAI7B,gBAAgB,CAACe,QAAjB,CAA0Bc,KAA1B,CAAJ,EAAsC;YACpCJ,YAAY,GAAG,IAAf;UACD;QACF,CAJD;MAKD;;MACD,OAAOA,YAAP;IACD,CAXO,EAYPd,GAZO,CAYFC,MAAD,IAAYA,MAAM,CAACC,GAZhB,EAaPC,MAbO,CAaCF,MAAD,IAAY,CAACd,gBAAgB,CAACiB,QAAjB,CAA0BH,MAA1B,CAbb,CAAV;IAcA,IAAMI,cAAc,SAAS,IAAAC,6BAAA,EAAgB,gBAAhB,CAA7B;IACA,IAAMC,QAAQ,GAAGF,cAAc,CAACG,QAAf,CAAwBC,iBAAxB,CACdN,MADc,CACNO,OAAD,IAAa;MACnB,IAAII,YAAY,GAAG,KAAnB;;MACA,IAAIJ,OAAO,CAACS,KAAZ,EAAmB;QACjBT,OAAO,CAACS,KAAR,CAAcF,OAAd,CAAuBG,IAAD,IAAU;UAC9B,IAAI9B,eAAe,CAACc,QAAhB,CAAyBgB,IAAzB,CAAJ,EAAoC;YAClCN,YAAY,GAAG,IAAf;UACD;QACF,CAJD;MAKD;;MACD,OAAOA,YAAP;IACD,CAXc,EAYdd,GAZc,CAYTU,OAAD,IAAaA,OAAO,CAACC,OAZX,EAadR,MAbc,CAaNQ,OAAD,IAAa,CAACvB,iBAAiB,CAACgB,QAAlB,CAA2BO,OAA3B,CAbP,CAAjB;IAcA,IAAMC,YAAY,GAAGL,QAAQ,CAACJ,MAAT,CAAiBQ,OAAD,IAAaf,OAAO,CAACQ,QAAR,CAAiBO,OAAjB,CAA7B,CAArB;IACA,OAAOC,YAAP;EACD,C;;;;SA2CqBS,oC;;;;;4DAAf,WAAoDC,aAApD,EAAmE;IACxE,IAAI1B,OAAO,GAAG,OAAO,IAAAC,iCAAA,GAAP,EAA2BC,IAA3B,CAAgCC,MAA9C;IACAH,OAAO,GAAGA,OAAO,CACdI,GADO,CACFC,MAAD,IAAYA,MAAM,CAACC,GADhB,EAEPC,MAFO,CAECF,MAAD,IAAY,CAACd,gBAAgB,CAACiB,QAAjB,CAA0BH,MAA1B,CAFb,CAAV;IAGA,IAAMI,cAAc,SAAS,IAAAC,6BAAA,EAAgB,gBAAhB,CAA7B;IACA,IAAIC,QAAQ,GAAGF,cAAc,CAACG,QAAf,CAAwBC,iBAAxB,CACZN,MADY,CACJO,OAAD,IAAa;MACnB,IAAII,YAAY,GAAG,KAAnB;;MACA,IAAIJ,OAAO,CAACS,KAAZ,EAAmB;QACjBT,OAAO,CAACS,KAAR,CAAcF,OAAd,CAAuBG,IAAD,IAAU;UAC9B,IAAI9B,eAAe,CAACc,QAAhB,CAAyBgB,IAAzB,CAAJ,EAAoC;YAClCN,YAAY,GAAG,IAAf;UACD;QACF,CAJD;MAKD;;MACD,OAAOA,YAAP;IACD,CAXY,EAYZd,GAZY,CAYPU,OAAD,IAAaA,OAAO,CAACC,OAZb,CAAf;;IAaA,IAAI,CAACW,aAAL,EAAoB;MAClBf,QAAQ,GAAGA,QAAQ,CAACJ,MAAT,CACRQ,OAAD,IAAa,CAACvB,iBAAiB,CAACgB,QAAlB,CAA2BO,OAA3B,CADL,CAAX;IAGD;;IACD,IAAMY,aAAa,GAAGhB,QAAQ,CAACJ,MAAT,CACnBQ,OAAD,IAAa,CAACf,OAAO,CAACQ,QAAR,CAAiBO,OAAjB,CADM,CAAtB;IAGA,OAAOY,aAAP;EACD,C;;;;SAEcC,iC;;;;;yDAAf,aAAmD;IACjD,IAAMC,QAAQ,GAAG,OAAO,IAAAC,oCAAA,GAAP,EAA4B5B,IAA7C;IACA,OAAO2B,QAAQ,CAACE,+BAAT,CACJC,8BADH;EAED,C;;;;SAEcC,c;;;;;sCAAf,WAA8BC,QAA9B,EAAwC7B,MAAxC,EAAgD;IAC9C,IAAM8B,SAAS,GAAG9B,MAAlB;IACA,IAAM+B,cAAc,GAAGzC,WAAW,CAAC0C,MAAZ,CAAmB,OAClCT,iCAAiC,EADC,CAAnB,CAAvB;IAGA,IAAIU,SAAS,GAAG,EAAhB;;IACA,IACEH,SAAS,CAAChB,sBAAV,CAAiCC,MAAjC,IACAe,SAAS,CAAChB,sBAAV,CAAiCC,MAAjC,CAAwCmB,KAF1C,EAGE;MACAD,SAAS,GAAGF,cAAc,CAAC7B,MAAf,CAAuBe,KAAD,IAAW;QAC3C,IAAIkB,GAAG,GAAG,KAAV;;QACA,IAAI,CAACL,SAAS,CAAChB,sBAAV,CAAiCC,MAAjC,CAAwCmB,KAAxC,CAA8C/B,QAA9C,CAAuDc,KAAvD,CAAL,EAAoE;UAClEkB,GAAG,GAAG,IAAN;QACD;;QACD,OAAOA,GAAP;MACD,CANW,CAAZ;MAOAL,SAAS,CAAChB,sBAAV,CAAiCC,MAAjC,CAAwCmB,KAAxC,GACEJ,SAAS,CAAChB,sBAAV,CAAiCC,MAAjC,CAAwCmB,KAAxC,CAA8CF,MAA9C,CAAqDC,SAArD,CADF;IAED,CAbD,MAaO;MACLH,SAAS,CAAChB,sBAAV,CAAiCC,MAAjC,CAAwCmB,KAAxC,GAAgDH,cAAhD;IACD;;IACD,IAAIK,eAAe,GAAG,KAAtB;;IACA,IACEN,SAAS,CAAChB,sBAAV,CAAiCuB,aAAjC,IACAP,SAAS,CAAChB,sBAAV,CAAiCuB,aAAjC,CAA+CH,KAFjD,EAGE;MACA,IAAIJ,SAAS,CAAChB,sBAAV,CAAiCuB,aAAjC,CAA+CH,KAA/C,CAAqDI,MAArD,KAAgE,CAApE,EAAuE;QACrEF,eAAe,GAAG,IAAlB;QACAN,SAAS,CAAChB,sBAAV,CAAiCuB,aAAjC,CAA+CH,KAA/C,GAAuD3C,kBAAvD;MACD,CAHD,MAGO;QACL,IAAAgD,qBAAA,qBACaV,QADb;MAGD;IACF;;IACD,IAAII,SAAS,CAACK,MAAV,GAAmB,CAAnB,IAAwBF,eAA5B,EAA6C;MAC3C,IAAAG,qBAAA,4CAA+CV,QAA/C;IACD,CAFD,MAEO;MACL,IAAAU,qBAAA,qBAAwBV,QAAxB;IACD;;IACD,OAAOC,SAAP;EACD,C;;;;AAED,SAASU,6BAAT,CAAuCX,QAAvC,EAAiD7B,MAAjD,EAAyD;EACvD,IAAM8B,SAAS,GAAG9B,MAAlB;EACA,IAAIyC,QAAQ,GAAG,KAAf;;EACA,IACEX,SAAS,CAACY,0BAAV,CAAqCC,UAArC,IACAb,SAAS,CAACY,0BAAV,CAAqCC,UAArC,CAAgDT,KAFlD,EAGE;IACA,IACE,CAACJ,SAAS,CAACY,0BAAV,CAAqCC,UAArC,CAAgDT,KAAhD,CAAsD/B,QAAtD,CACC,oBADD,CADH,EAIE;MACAsC,QAAQ,GAAG,IAAX;MACAX,SAAS,CAACY,0BAAV,CAAqCC,UAArC,CAAgDT,KAAhD,CAAsDU,IAAtD,CACE,oBADF;IAGD;EACF,CAdD,MAcO;IACLd,SAAS,CAACY,0BAAV,CAAqCC,UAArC,CAAgDT,KAAhD,GAAwD,CACtD,oBADsD,CAAxD;EAGD;;EACDJ,SAAS,CAACY,0BAAV,CAAqCC,UAArC,CAAgDE,SAAhD,GAA4D,KAA5D;;EACA,IAAIJ,QAAJ,EAAc;IACZ,IAAAF,qBAAA,6DACqDV,QADrD;EAGD,CAJD,MAIO;IACL,IAAAU,qBAAA,qBACaV,QADb;EAGD;;EACD,OAAOC,SAAP;AACD;;SAEcgB,yB;;;AA0Df;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;iDA9EA,WAAyCC,IAAzC,EAA+C;IAC7C,IAAI3C,cAAc,GAAG,EAArB;;IACA,IAAI;MACFA,cAAc,SAAS,IAAAC,6BAAA,EAAgB,gBAAhB,CAAvB;IACD,CAFD,CAEE,OAAO2C,KAAP,EAAc;MACd,IAAAT,qBAAA,4DACqDS,KAAK,CAACC,OAD3D,GAEE,OAFF;IAID;;IACD,IAAIC,iBAAiB,GAAG,IAAxB;IACA,IAAIC,QAAQ,GAAG,EAAf;IACA,IAAMC,QAAQ,GAAGhD,cAAc,CAAC,UAAD,CAAd,CAA2B,mBAA3B,EAAgDL,GAAhD,CACdU,OAAD,IAAa;MACX;MACA,IAAIA,OAAO,CAACC,OAAR,KAAoBqC,IAAxB,EAA8B;QAC5B,OAAOtC,OAAP;MACD;;MACDyC,iBAAiB,GAAG,KAApB;MACAC,QAAQ,GAAG3D,UAAU,CAACU,MAAX,CAAmBiB,IAAD,IAAU;QACrC,IAAIgB,GAAG,GAAG,KAAV;;QACA,IAAI,CAAC1B,OAAO,CAACS,KAAR,CAAcf,QAAd,CAAuBgB,IAAvB,CAAL,EAAmC;UACjCgB,GAAG,GAAG,IAAN;QACD;;QACD,OAAOA,GAAP;MACD,CANU,CAAX;MAOA,IAAMkB,UAAU,GAAG5C,OAAnB;MACA4C,UAAU,CAACnC,KAAX,GAAmBmC,UAAU,CAACnC,KAAX,CAAiBc,MAAjB,CAAwBmB,QAAxB,CAAnB;MACA,OAAOE,UAAP;IACD,CAjBc,CAAjB;;IAmBA,IAAIH,iBAAJ,EAAuB;MACrB,IAAAX,qBAAA,sDAAyDQ,IAAzD;MACAK,QAAQ,CAACR,IAAT,CAAc;QACZlC,OAAO,EAAEqC,IADG;QAEZO,SAAS,EAAE,6BAFC;QAGZC,SAAS,EAAE,cAHC;QAIZrC,KAAK,EAAE1B;MAJK,CAAd;IAMD;;IACDY,cAAc,CAAC,UAAD,CAAd,CAA2B,mBAA3B,IAAkDgD,QAAlD;;IACA,IAAID,QAAQ,CAACb,MAAT,GAAkB,CAAlB,IAAuBY,iBAA3B,EAA8C;MAC5C,IAAAX,qBAAA,mEAC2DQ,IAD3D;;MAGA,IAAI;QACF,MAAM,IAAAS,6BAAA,EAAgB,gBAAhB,EAAkCpD,cAAlC,CAAN;MACD,CAFD,CAEE,OAAOqD,oBAAP,EAA6B;QAC7B,IAAAlB,qBAAA,EAAakB,oBAAb,EAAmC,OAAnC;QACA,IAAAlB,qBAAA,mBAAuBkB,oBAAvB,GAA+C,OAA/C;MACD;IACF,CAVD,MAUO;MACL,IAAAlB,qBAAA,6CACqCQ,IADrC;IAGD;EACF,C;;;;SAuBqBW,0B;;;;;kDAAf,aAA4C;IACjD,IAAMX,IAAI,GAAG,wBAAb;IACA,IAAM3C,cAAc,SAAS,IAAAC,6BAAA,EAAgB,gBAAhB,CAA7B;IACA,IAAI6C,iBAAiB,GAAG,IAAxB;IACA,IAAIC,QAAQ,GAAG,EAAf;IACA,IAAMC,QAAQ,GAAGhD,cAAc,CAACG,QAAf,CAAwBC,iBAAxB,CAA0CT,GAA1C,CAA+CU,OAAD,IAAa;MAC1E;MACA,IAAIA,OAAO,CAACC,OAAR,KAAoBqC,IAAxB,EAA8B;QAC5B,OAAOtC,OAAP;MACD;;MACDyC,iBAAiB,GAAG,KAApB;MACAC,QAAQ,GAAG1D,WAAW,CAACS,MAAZ,CAAoBiB,IAAD,IAAU;QACtC,IAAIgB,GAAG,GAAG,KAAV;;QACA,IAAI,CAAC1B,OAAO,CAACS,KAAR,CAAcf,QAAd,CAAuBgB,IAAvB,CAAL,EAAmC;UACjCgB,GAAG,GAAG,IAAN;QACD;;QACD,OAAOA,GAAP;MACD,CANU,CAAX;MAOA,IAAMkB,UAAU,GAAG5C,OAAnB;MACA4C,UAAU,CAACnC,KAAX,GAAmBmC,UAAU,CAACnC,KAAX,CAAiBc,MAAjB,CAAwBmB,QAAxB,CAAnB;MACA,OAAOE,UAAP;IACD,CAhBgB,CAAjB;;IAiBA,IAAIH,iBAAJ,EAAuB;MACrB,IAAAX,qBAAA,6DAAgEQ,IAAhE;MACAK,QAAQ,CAACR,IAAT,CAAc;QACZlC,OAAO,EAAEqC,IADG;QAEZO,SAAS,EAAE,gCAFC;QAGZC,SAAS,EAAE,cAHC;QAIZrC,KAAK,EAAEzB;MAJK,CAAd;IAMD;;IACDW,cAAc,CAACG,QAAf,CAAwBC,iBAAxB,GAA4C4C,QAA5C;;IACA,IAAID,QAAQ,CAACb,MAAT,GAAkB,CAAlB,IAAuBY,iBAA3B,EAA8C;MAC5C,IAAAX,qBAAA,6EACqEQ,IADrE;;MAGA,IAAI;QACF,MAAM,IAAAS,6BAAA,EAAgB,gBAAhB,EAAkCpD,cAAlC,CAAN;MACD,CAFD,CAEE,OAAOqD,oBAAP,EAA6B;QAC7B,IAAAlB,qBAAA,EAAakB,oBAAb,EAAmC,OAAnC;QACA,IAAAlB,qBAAA,mBAAuBkB,oBAAvB,GAA+C,OAA/C;MACD;IACF,CAVD,MAUO;MACL,IAAAlB,qBAAA,oDAC4CQ,IAD5C;IAGD;EACF,C;;;;SAEqBY,gC;;;;;wDAAf,WAAgD9B,QAAhD,EAA0D;IAC/D,IAAI7B,MAAM,GAAG,OAAO,IAAA4D,gCAAA,EAAgB/B,QAAhB,CAAP,EAAkChC,IAA/C;;IACA,IAAIG,MAAM,CAACc,sBAAP,CAA8B+C,UAA9B,CAAyC3B,KAAzC,CAA+CI,MAA/C,KAA0D,CAA9D,EAAiE;MAC/DtC,MAAM,CAACc,sBAAP,CAA8B+C,UAA9B,CAAyC3B,KAAzC,GAAiD,CAACL,QAAD,CAAjD;IACD;;IACD,IACE7B,MAAM,CAAC0C,0BAAP,CAAkCoB,YAAlC,CAA+C5B,KAA/C,CAAqDI,MAArD,KAAgE,CAAhE,IACAtC,MAAM,CAAC0C,0BAAP,CAAkCoB,YAAlC,CAA+C5B,KAA/C,CAAqD,CAArD,EAAwD6B,UAAxD,CACE,mBADF,CADA,IAIA/D,MAAM,CAAC0C,0BAAP,CAAkCoB,YAAlC,CAA+C5B,KAA/C,CAAqD,CAArD,EAAwD6B,UAAxD,CACE,kBADF,CALF,EAQE;MACA/D,MAAM,CAAC0C,0BAAP,CAAkCoB,YAAlC,CAA+C5B,KAA/C,GAAuD,gCAC7B,IAAI8B,IAAJ,GAAWC,cAAX,EAD6B,EAAvD;IAGD;;IACDjE,MAAM,SAAS4B,cAAc,CAACC,QAAD,EAAW7B,MAAX,CAA7B;IACAA,MAAM,GAAGwC,6BAA6B,CAACX,QAAD,EAAW7B,MAAX,CAAtC;IACA,MAAM,IAAAkE,gCAAA,EAAgBrC,QAAhB,EAA0B7B,MAA1B,CAAN;IACA,MAAM8C,yBAAyB,CAACjB,QAAD,CAA/B;EACD,C;;;;SAEcsC,iB;;;;;yCAAf,WAAiCpB,IAAjC,EAAuC/C,MAAvC,EAA+C;IAC7C,IAAM8B,SAAS,GAAG9B,MAAlB;IACA,IAAM+B,cAAc,GAAGzC,WAAW,CAAC0C,MAAZ,CAAmB,OAClCT,iCAAiC,EADC,CAAnB,CAAvB;IAGA,IAAI6C,WAAW,GAAG,EAAlB;;IACA,IACEtC,SAAS,CAAChB,sBAAV,CAAiCC,MAAjC,IACAe,SAAS,CAAChB,sBAAV,CAAiCC,MAAjC,CAAwCmB,KAF1C,EAGE;MACAkC,WAAW,GAAGtC,SAAS,CAAChB,sBAAV,CAAiCC,MAAjC,CAAwCmB,KAAxC,CAA8ChC,MAA9C,CACXe,KAAD,IAAW,CAACc,cAAc,CAAC5B,QAAf,CAAwBc,KAAxB,CADA,CAAd;IAGD;;IACD,IACEa,SAAS,CAAChB,sBAAV,CAAiCC,MAAjC,CAAwCmB,KAAxC,CAA8CI,MAA9C,GAAuD8B,WAAW,CAAC9B,MADrE,EAEE;MACA,IAAAC,qBAAA,gDAAmDQ,IAAnD;MACAjB,SAAS,CAAChB,sBAAV,CAAiCC,MAAjC,CAAwCmB,KAAxC,GAAgDkC,WAAhD;IACD,CALD,MAKO;MACL,IAAA7B,qBAAA,qBAAwBQ,IAAxB;IACD;;IACD,IAAIsB,kBAAkB,GAAG,EAAzB;;IACA,IACEvC,SAAS,CAAChB,sBAAV,CAAiCuB,aAAjC,IACAP,SAAS,CAAChB,sBAAV,CAAiCuB,aAAjC,CAA+CH,KAFjD,EAGE;MACAmC,kBAAkB,GAChBvC,SAAS,CAAChB,sBAAV,CAAiCuB,aAAjC,CAA+CH,KAA/C,CAAqDhC,MAArD,CACGe,KAAD,IAAW,CAAC1B,kBAAkB,CAACY,QAAnB,CAA4Bc,KAA5B,CADd,CADF;IAID;;IACD,IACEa,SAAS,CAAChB,sBAAV,CAAiCuB,aAAjC,CAA+CH,KAA/C,CAAqDI,MAArD,GACA+B,kBAAkB,CAAC/B,MAFrB,EAGE;MACA,IAAAC,qBAAA,wDAA2DQ,IAA3D;MACAjB,SAAS,CAAChB,sBAAV,CAAiCuB,aAAjC,CAA+CH,KAA/C,GAAuDmC,kBAAvD;IACD,CAND,MAMO;MACL,IAAA9B,qBAAA,qBAAwBQ,IAAxB;IACD;;IACD,OAAOjB,SAAP;EACD,C;;;;AAED,SAASwC,gCAAT,CAA0CzC,QAA1C,EAAoD7B,MAApD,EAA4D;EAC1D,IAAM8B,SAAS,GAAG9B,MAAlB;EACA,IAAIyC,QAAQ,GAAG,KAAf;EACA,IAAI8B,eAAe,GAAG,EAAtB;;EACA,IACEzC,SAAS,CAACY,0BAAV,CAAqCC,UAArC,IACAb,SAAS,CAACY,0BAAV,CAAqCC,UAArC,CAAgDT,KAFlD,EAGE;IACAqC,eAAe,GACbzC,SAAS,CAACY,0BAAV,CAAqCC,UAArC,CAAgDT,KAAhD,CAAsDhC,MAAtD,CACGsE,SAAD,IAAeA,SAAS,KAAK,oBAD/B,CADF;IAIA/B,QAAQ,GACNX,SAAS,CAACY,0BAAV,CAAqCC,UAArC,CAAgDT,KAAhD,CAAsDI,MAAtD,GACAiC,eAAe,CAACjC,MAFlB;EAGD;;EACD,IAAIG,QAAJ,EAAc;IACZ,IAAAF,qBAAA,iEACyDV,QADzD;IAGAC,SAAS,CAACY,0BAAV,CAAqCC,UAArC,CAAgDT,KAAhD,GAAwDqC,eAAxD;EACD,CALD,MAKO;IACL,IAAAhC,qBAAA,qBACaV,QADb;EAGD;;EACD,OAAOC,SAAP;AACD;;SAEc2C,4B;;;;;oDAAf,WAA4C1B,IAA5C,EAAkD;IAChD,IAAM3C,cAAc,SAAS,IAAAC,6BAAA,EAAgB,gBAAhB,CAA7B;IACA,IAAIqE,UAAU,GAAG,EAAjB;IACA,IAAIC,aAAa,GAAG,KAApB;IACA,IAAIlC,QAAQ,GAAG,KAAf;IACA,IAAMW,QAAQ,GAAGhD,cAAc,CAACG,QAAf,CAAwBC,iBAAxB,CACdT,GADc,CACTU,OAAD,IAAa;MAChB;MACA,IAAIA,OAAO,CAACC,OAAR,KAAoBqC,IAAxB,EAA8B;QAC5B,OAAOtC,OAAP;MACD;;MACDiE,UAAU,GAAGjE,OAAO,CAACS,KAAR,CAAchB,MAAd,CAAsBiB,IAAD,IAAU,CAAC3B,UAAU,CAACW,QAAX,CAAoBgB,IAApB,CAAhC,CAAb;MACA,IAAMkC,UAAU,GAAG5C,OAAnB;MACAkE,aAAa,GAAGD,UAAU,CAACpC,MAAX,KAAsB,CAAtC,CAPgB,CAOyB;;MACzCG,QAAQ,GAAGhC,OAAO,CAACS,KAAR,CAAcoB,MAAd,GAAuBoC,UAAU,CAACpC,MAA7C,CARgB,CAQqC;;MACrDe,UAAU,CAACnC,KAAX,GAAmBwD,UAAnB;MACA,OAAOrB,UAAP;IACD,CAZc,EAadnD,MAbc,CAaNO,OAAD,IAAaA,OAAO,CAACC,OAAR,KAAoBqC,IAApB,IAA4B,CAAC4B,aAbnC,CAAjB;IAcAvE,cAAc,CAACG,QAAf,CAAwBC,iBAAxB,GAA4C4C,QAA5C;;IACA,IAAIX,QAAQ,IAAIkC,aAAhB,EAA+B;MAC7B,IAAIA,aAAJ,EAAmB;QACjB,IAAApC,qBAAA,sDAAyDQ,IAAzD;MACD,CAFD,MAEO;QACL,IAAAR,qBAAA,uEAC+DQ,IAD/D;MAGD;;MACD,IAAI;QACF,MAAM,IAAAS,6BAAA,EAAgB,gBAAhB,EAAkCpD,cAAlC,CAAN;MACD,CAFD,CAEE,OAAOqD,oBAAP,EAA6B;QAC7B,IAAAlB,qBAAA,EAAakB,oBAAb,EAAmC,OAAnC;QACA,IAAAlB,qBAAA,mBAAuBkB,oBAAvB,GAA+C,OAA/C;MACD;IACF,CAdD,MAcO;MACL,IAAAlB,qBAAA,6CACqCQ,IADrC;IAGD;EACF,C;;;;SAEqB6B,iC;;;;;yDAAf,WAAiD/C,QAAjD,EAA2D;IAChE,IAAI7B,MAAM,GAAG,OAAO,IAAA4D,gCAAA,EAAgB/B,QAAhB,CAAP,EAAkChC,IAA/C;;IACA,IAAIG,MAAM,CAACc,sBAAP,CAA8B+C,UAA9B,CAAyC3B,KAAzC,CAA+CI,MAA/C,KAA0D,CAA9D,EAAiE;MAC/DtC,MAAM,CAACc,sBAAP,CAA8B+C,UAA9B,CAAyC3B,KAAzC,GAAiD,CAACL,QAAD,CAAjD;IACD;;IACD,IACE7B,MAAM,CAAC0C,0BAAP,CAAkCoB,YAAlC,CAA+C5B,KAA/C,CAAqDI,MAArD,KAAgE,CAAhE,IACAtC,MAAM,CAAC0C,0BAAP,CAAkCoB,YAAlC,CAA+C5B,KAA/C,CAAqD,CAArD,EAAwD6B,UAAxD,CACE,mBADF,CADA,IAIA/D,MAAM,CAAC0C,0BAAP,CAAkCoB,YAAlC,CAA+C5B,KAA/C,CAAqD,CAArD,EAAwD6B,UAAxD,CACE,kBADF,CALF,EAQE;MACA/D,MAAM,CAAC0C,0BAAP,CAAkCoB,YAAlC,CAA+C5B,KAA/C,GAAuD,gCAC7B,IAAI8B,IAAJ,GAAWC,cAAX,EAD6B,EAAvD;IAGD;;IACDjE,MAAM,SAASmE,iBAAiB,CAACtC,QAAD,EAAW7B,MAAX,CAAhC;IACAA,MAAM,GAAGsE,gCAAgC,CAACzC,QAAD,EAAW7B,MAAX,CAAzC;IACA,MAAM,IAAAkE,gCAAA,EAAgBrC,QAAhB,EAA0B7B,MAA1B,CAAN;IACA,MAAMyE,4BAA4B,CAAC5C,QAAD,CAAlC;EACD,C;;;;SAEqBgD,qC;;;;;6DAAf,WACLhD,QADK,EAELiD,YAFK,EAGL;IACA,IAAI9E,MAAM,GAAGrB,aAAb;IACAqB,MAAM,CAACc,sBAAP,CAA8BiE,YAA9B,GAA6CD,YAA7C;IACA9E,MAAM,CAACc,sBAAP,CAA8B+C,UAA9B,CAAyC3B,KAAzC,GAAiD,CAACL,QAAD,CAAjD;IACA7B,MAAM,CAAC0C,0BAAP,CAAkCoB,YAAlC,CAA+C5B,KAA/C,GAAuD,+BAC9B,IAAI8B,IAAJ,GAAWC,cAAX,EAD8B,EAAvD;;IAGA,IAAI;MACFjE,MAAM,SAAS4B,cAAc,CAACC,QAAD,EAAW7B,MAAX,CAA7B;MACA,MAAM,IAAAkE,gCAAA,EAAgBrC,QAAhB,EAA0B7B,MAA1B,CAAN;MACA,MAAM8C,yBAAyB,CAACjB,QAAD,CAA/B;IACD,CAJD,CAIE,OAAOmB,KAAP,EAAc;MACd,IAAAT,qBAAA,0CAA8CS,KAAK,CAACC,OAApD,GAA+D,OAA/D;IACD;EACF,C;;;;SAEqB+B,oB;;;;;4CAAf,WACLnD,QADK,EAELiD,YAFK,EAGL7D,KAHK,EAILgE,MAJK,EAKLC,QALK,EAML;IACA;IACA,IAAMlF,MAAM,GAAG,OAAO,IAAA4D,gCAAA,EAAgB/B,QAAhB,CAAP,EAAkChC,IAAjD;IACAG,MAAM,CAAC+E,YAAP,GAAsBD,YAAtB,CAHA,CAIA;;IACA,IAAMK,kBAAkB,GACtBnF,MAAM,CAACc,sBAAP,CAA8BsE,mBAA9B,CAAkDlD,KAAlD,IAA2D,IAD7D,CALA,CAOA;;IACAlC,MAAM,CAACc,sBAAP,CAA8BsE,mBAA9B,CAAkDlD,KAAlD,GAA0DgD,QAA1D;IACA,MAAM,IAAAhB,gCAAA,EAAgBrC,QAAhB,EAA0B7B,MAA1B,CAAN;IACA,IAAMqF,QAAQ,GAAG,OAAO,IAAAC,qCAAA,EAAuBzD,QAAvB,EAAiCiD,YAAjC,EAA+C7D,KAA/C,CAAP,EACdpB,IADH;IAEA,IAAM0F,OAAO,GAAG,IAAIvB,IAAJ,GAAWwB,OAAX,KAAuB,OAAOH,QAAQ,CAACI,UAAvD;IACAJ,QAAQ,CAACK,UAAT,GAAsB,IAAI1B,IAAJ,CAASuB,OAAT,EAAkBtB,cAAlB,EAAtB,CAbA,CAcA;;IACAjE,MAAM,CAACc,sBAAP,CAA8BsE,mBAA9B,CAAkDlD,KAAlD,GAA0DiD,kBAA1D;IACA,MAAM,IAAAjB,gCAAA,EAAgBrC,QAAhB,EAA0B7B,MAA1B,CAAN,CAhBA,CAiBA;;IACA,IAAM2F,WAAW,GAAG,wBAApB;;IACA,IAAI;MACF,MAAM,IAAAC,qBAAA,EAAUX,MAAV,EAAkBI,QAAQ,CAACQ,YAA3B,EAAyCF,WAAzC,CAAN;MACAN,QAAQ,CAACJ,MAAT,GAAkBA,MAAlB;IACD,CAHD,CAGE,OAAOjC,KAAP,EAAc;MACd,IACE8C,eAAA,CAAEC,GAAF,CAAM/C,KAAN,EAAa,oBAAb,MAAuC,GAAvC,IACA8C,eAAA,CAAEC,GAAF,CAAM/C,KAAN,EAAa,uBAAb,MACE,oDAHJ,EAIE;QACA,IAAMgD,SAAS,aAAMf,MAAN,cAAgBM,OAAhB,CAAf;QACA,IAAAhD,qBAAA,iBACU0C,MADV,qCAC2Ce,SAD3C,GAEE,MAFF;QAIA,MAAM,IAAAJ,qBAAA,EAAUI,SAAV,EAAqBX,QAAQ,CAACQ,YAA9B,EAA4CF,WAA5C,CAAN;QACAN,QAAQ,CAACJ,MAAT,GAAkBe,SAAlB;MACD;IACF;;IACD,OAAOX,QAAQ,CAACQ,YAAhB;IACA,OAAOR,QAAP;EACD,C;;;;SAEqBY,uB;;;;;+CAAf,WAAuCvF,OAAvC,EAAgD;IACrD,IAAMN,cAAc,SAAS,IAAAC,6BAAA,EAAgB,gBAAhB,CAA7B;IACA,IAAIsE,aAAa,GAAG,KAApB;IACA,IAAMvB,QAAQ,GAAGhD,cAAc,CAACG,QAAf,CAAwBC,iBAAxB,CAA0CN,MAA1C,CACdO,OAAD,IAAa;MACX;MACA,IAAIA,OAAO,CAACC,OAAR,KAAoBA,OAAxB,EAAiC;QAC/BiE,aAAa,GAAG,IAAhB;MACD,CAJU,CAKX;;;MACA,OAAOlE,OAAO,CAACC,OAAR,KAAoBA,OAA3B;IACD,CARc,CAAjB;IAUAN,cAAc,CAACG,QAAf,CAAwBC,iBAAxB,GAA4C4C,QAA5C;;IACA,IAAIuB,aAAJ,EAAmB;MACjB,IAAApC,qBAAA,uDAA0D7B,OAA1D;;MACA,IAAI;QACF,MAAM,IAAA8C,6BAAA,EAAgB,gBAAhB,EAAkCpD,cAAlC,CAAN;MACD,CAFD,CAEE,OAAOqD,oBAAP,EAA6B;QAC7B,IAAAlB,qBAAA,EAAakB,oBAAb,EAAmC,OAAnC;QACA,IAAAlB,qBAAA,mBAAuBkB,oBAAvB,GAA+C,OAA/C;MACD;IACF,CARD,MAQO;MACL,IAAAlB,qBAAA,iDAAoD7B,OAApD;IACD;EACF,C;;;;SAEqBwF,8B;;;;;sDAAf,WACLC,iBADK,EAELC,MAFK,EAGL;IACA,IAAMC,OAAO,SAAS,IAAAhG,6BAAA,EAAgB,SAAhB,CAAtB;IACA,IAAMiG,aAAa,GAAGC,MAAM,CAACC,IAAP,CAAYvH,4BAAZ,CAAtB;IACA,IAAMwH,cAAc,GAAGJ,OAAO,CAACK,OAAR,CAAgB3G,GAAhB,CAAqB4G,MAAD,IAAY;MACrD;MACA,IAAIA,MAAM,CAAC5D,IAAP,KAAgB,IAAA6D,6BAAA,GAApB,EAA2C;QACzC,OAAOD,MAAP;MACD;;MACDL,aAAa,CAACtF,OAAd,CAAuB+B,IAAD,IAAU;QAC9B,IACE,IAAA8D,qBAAA,EACE5H,4BAA4B,CAAC8D,IAAD,CAD9B,EAEE4D,MAAM,CAACG,MAAP,CAAcC,UAAd,CAAyBhE,IAAzB,CAFF,EAGE,CAAC,UAAD,EAAa,kBAAb,CAHF,KAKAoD,iBANF,EAOE;UACA,IAAIQ,MAAM,CAACG,MAAP,CAAcC,UAAd,CAAyBhE,IAAzB,EAA+BiE,QAAnC,EAA6C;YAC3C,IAAAzE,qBAAA,YAAgBQ,IAAhB,aAD2C,CAE3C;;YACA4D,MAAM,CAACG,MAAP,CAAcC,UAAd,CAAyBhE,IAAzB,EAA+BiE,QAA/B,GAA0C,KAA1C;UACD,CAJD,MAIO;YACL,IAAAzE,qBAAA,YAAgBQ,IAAhB;UACD;QACF,CAfD,MAeO;UACL,IAAAR,qBAAA,YAAgBQ,IAAhB;QACD;MACF,CAnBD;MAoBA,OAAO4D,MAAP;IACD,CA1BsB,CAAvB;IA2BAN,OAAO,CAACK,OAAR,GAAkBD,cAAlB;;IACA,IAAIL,MAAJ,EAAY;MACV,IAAA7D,qBAAA,EAAa,sCAAb;IACD,CAFD,MAEO;MACL,IAAI;QACF,MAAM,IAAAiB,6BAAA,EAAgB,SAAhB,EAA2B6C,OAA3B,CAAN;MACD,CAFD,CAEE,OAAO5C,oBAAP,EAA6B;QAC7B,IAAAlB,qBAAA,EAAakB,oBAAb,EAAmC,OAAnC;QACA,IAAAlB,qBAAA,mBAAuBkB,oBAAvB,GAA+C,OAA/C;MACD;IACF;EACF,C;;;;SAEqBwD,8B;;;;;sDAAf,WACLd,iBADK,EAELC,MAFK,EAGL;IACA,IAAMC,OAAO,SAAS,IAAAhG,6BAAA,EAAgB,SAAhB,CAAtB;IACA,IAAMiG,aAAa,GAAGC,MAAM,CAACC,IAAP,CAAYvH,4BAAZ,CAAtB;IACA,IAAMwH,cAAc,GAAGJ,OAAO,CAACK,OAAR,CAAgB3G,GAAhB,CAAqB4G,MAAD,IAAY;MACrD;MACA,IAAIA,MAAM,CAAC5D,IAAP,KAAgB,IAAA6D,6BAAA,GAApB,EAA2C;QACzC,OAAOD,MAAP;MACD;;MACDL,aAAa,CAACtF,OAAd,CAAuB+B,IAAD,IAAU;QAC9B,IACE,IAAA8D,qBAAA,EACE5H,4BAA4B,CAAC8D,IAAD,CAD9B,EAEE4D,MAAM,CAACG,MAAP,CAAcC,UAAd,CAAyBhE,IAAzB,CAFF,EAGE,CAAC,UAAD,EAAa,kBAAb,CAHF,KAKAoD,iBANF,EAOE;UACA,IAAI,CAACQ,MAAM,CAACG,MAAP,CAAcC,UAAd,CAAyBhE,IAAzB,EAA+BiE,QAApC,EAA8C;YAC5C,IAAAzE,qBAAA,YAAgBQ,IAAhB,aAD4C,CAE5C;;YACA4D,MAAM,CAACG,MAAP,CAAcC,UAAd,CAAyBhE,IAAzB,EAA+BiE,QAA/B,GAA0C,IAA1C;UACD,CAJD,MAIO;YACL,IAAAzE,qBAAA,YAAgBQ,IAAhB;UACD;QACF,CAfD,MAeO;UACL,IAAAR,qBAAA,YAAgBQ,IAAhB;QACD;MACF,CAnBD;MAoBA,OAAO4D,MAAP;IACD,CA1BsB,CAAvB;IA2BAN,OAAO,CAACK,OAAR,GAAkBD,cAAlB;;IACA,IAAIL,MAAJ,EAAY;MACV,IAAA7D,qBAAA,EAAa,sCAAb;IACD,CAFD,MAEO;MACL,IAAI;QACF,MAAM,IAAAiB,6BAAA,EAAgB,SAAhB,EAA2B6C,OAA3B,CAAN;MACD,CAFD,CAEE,OAAO5C,oBAAP,EAA6B;QAC7B,IAAAlB,qBAAA,EAAakB,oBAAb,EAAmC,OAAnC;QACA,IAAAlB,qBAAA,mBAAuBkB,oBAAvB,GAA+C,OAA/C;MACD;IACF;EACF,C;;;;SAEcyD,kB;;;;;0CAAf,WAAkCd,MAAlC,EAA0C;IACxC,IAAMC,OAAO,SAAS,IAAAhG,6BAAA,EAAgB,SAAhB,CAAtB;IACA,IAAM8G,KAAK,GAAG,CAAC,gBAAD,CAAd;IACA,IAAIC,UAAU,GAAG,KAAjB;IACA,IAAMX,cAAc,GAAGJ,OAAO,CAACK,OAAR,CAAgB3G,GAAhB,CAAqB4G,MAAD,IAAY;MACrD;MACA,IAAIA,MAAM,CAAC5D,IAAP,KAAgB,IAAA6D,6BAAA,GAApB,EAA2C;QACzC,OAAOD,MAAP;MACD;;MACD,IAAApE,qBAAA,YAAgBoE,MAAM,CAAC5D,IAAvB;MACAoE,KAAK,CAACnG,OAAN,CAAe+B,IAAD,IAAU;QACtB,IAAI,CAAC4D,MAAM,CAACG,MAAP,CAAcC,UAAd,CAAyBhE,IAAzB,EAA+BsE,WAA/B,CAA2CC,iBAAhD,EAAmE;UACjE,IAAA/E,qBAAA,cAAkBQ,IAAlB,qCAAwD,MAAxD,EADiE,CAEjE;;UACA4D,MAAM,CAACG,MAAP,CAAcC,UAAd,CAAyBhE,IAAzB,EAA+BsE,WAA/B,CAA2CC,iBAA3C,GAA+D,IAA/D;UACAF,UAAU,GAAG,IAAb;QACD,CALD,MAKO;UACL,IAAA7E,qBAAA,cAAkBQ,IAAlB;QACD;MACF,CATD;MAUA,OAAO4D,MAAP;IACD,CAjBsB,CAAvB;IAkBAN,OAAO,CAACK,OAAR,GAAkBD,cAAlB;;IACA,IAAI,CAACL,MAAL,EAAa;MACX,IAAI;QACF,MAAM,IAAA5C,6BAAA,EAAgB,SAAhB,EAA2B6C,OAA3B,CAAN;MACD,CAFD,CAEE,OAAO5C,oBAAP,EAA6B;QAC7B,IAAAlB,qBAAA,EAAakB,oBAAb,EAAmC,OAAnC;QACA,IAAAlB,qBAAA,mBAAuBkB,oBAAvB,GAA+C,OAA/C;MACD;IACF;;IACD,OAAO2D,UAAP;EACD,C;;;;SAEcG,iB;;EAwCf;AACA;AACA;AACA;AACA;AAEA;AACA;AACA;AACA;AACA;AAEA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA;AACA;AACA;AACA;AACA;;;;yCA3EA,WAAiCnB,MAAjC,EAAyC;IACvC,IAAMC,OAAO,SAAS,IAAAhG,6BAAA,EAAgB,SAAhB,CAAtB;IACA,IAAM8G,KAAK,GAAG,CACZ,UADY,EAEZ,UAFY,EAGZ,gBAHY,EAIZ,gBAJY,EAKZ,WALY,CAAd;IAOA,IAAIC,UAAU,GAAG,KAAjB;IACA,IAAMX,cAAc,GAAGJ,OAAO,CAACK,OAAR,CAAgB3G,GAAhB,CAAqB4G,MAAD,IAAY;MACrD;MACA,IAAIA,MAAM,CAAC5D,IAAP,KAAgB,IAAAyE,4CAAA,GAApB,EAAmD;QACjD,OAAOb,MAAP;MACD;;MACD,IAAApE,qBAAA,YAAgBoE,MAAM,CAAC5D,IAAvB;MACAoE,KAAK,CAACnG,OAAN,CAAe+B,IAAD,IAAU;QACtB,IAAI,CAAC4D,MAAM,CAACG,MAAP,CAAcC,UAAd,CAAyBhE,IAAzB,EAA+BsE,WAA/B,CAA2CC,iBAAhD,EAAmE;UACjE,IAAA/E,qBAAA,cAAkBQ,IAAlB,qCAAwD,MAAxD,EADiE,CAEjE;;UACA4D,MAAM,CAACG,MAAP,CAAcC,UAAd,CAAyBhE,IAAzB,EAA+BsE,WAA/B,CAA2CC,iBAA3C,GAA+D,IAA/D;UACAF,UAAU,GAAG,IAAb;QACD,CALD,MAKO;UACL,IAAA7E,qBAAA,cAAkBQ,IAAlB;QACD;MACF,CATD;MAUA,OAAO4D,MAAP;IACD,CAjBsB,CAAvB;IAkBAN,OAAO,CAACK,OAAR,GAAkBD,cAAlB;;IACA,IAAI,CAACL,MAAL,EAAa;MACX,IAAI;QACF,MAAM,IAAA5C,6BAAA,EAAgB,SAAhB,EAA2B6C,OAA3B,CAAN;MACD,CAFD,CAEE,OAAO5C,oBAAP,EAA6B;QAC7B,IAAAlB,qBAAA,EAAakB,oBAAb,EAAmC,OAAnC;QACA,IAAAlB,qBAAA,mBAAuBkB,oBAAvB,GAA+C,OAA/C;MACD;IACF;;IACD,OAAO2D,UAAP;EACD,C"}
|
|
1
|
+
{"version":3,"file":"AdminOps.js","names":["__dirname","path","dirname","fileURLToPath","OAUTH2_CLIENT","JSON","parse","fs","readFileSync","resolve","GENERIC_EXTENSION_ATTRIBUTES","protectedClients","protectedSubjects","privilegedScopes","privilegedRoles","adminScopes","adminDefaultScopes","adminRoles","autoIdRoles","listOAuth2CustomClients","clients","getOAuth2Clients","data","result","map","client","_id","filter","includes","authentication","getConfigEntity","subjects","rsFilter","staticUserMapping","mapping","subject","adminClients","listOAuth2AdminClients","isPrivileged","coreOAuth2ClientConfig","scopes","forEach","scope","roles","role","listNonOAuth2AdminStaticUserMappings","showProtected","adminSubjects","getDynamicClientRegistrationScope","provider","getOAuth2Provider","clientDynamicRegistrationConfig","dynamicClientRegistrationScope","addAdminScopes","clientId","modClient","allAdminScopes","concat","addScopes","value","add","addDefaultScope","defaultScopes","length","printMessage","addClientCredentialsGrantType","modified","advancedOAuth2ClientConfig","grantTypes","push","inherited","addAdminStaticUserMapping","name","error","message","needsAdminMapping","addRoles","mappings","newMapping","localUser","userRoles","putConfigEntity","putConfigEntityError","addAutoIdStaticUserMapping","grantOAuth2ClientAdminPrivileges","getOAuth2Client","clientName","descriptions","startsWith","Date","toLocaleString","putOAuth2Client","removeAdminScopes","finalScopes","finalDefaultScopes","removeClientCredentialsGrantType","finalGrantTypes","grantType","removeAdminStaticUserMapping","finalRoles","removeMapping","revokeOAuth2ClientAdminPrivileges","createOAuth2ClientWithAdminPrivileges","clientSecret","userpassword","createLongLivedToken","secret","lifetime","rememberedLifetime","accessTokenLifetime","response","clientCredentialsGrant","expires","getTime","expires_in","expires_on","description","putSecret","access_token","_","get","newSecret","removeStaticUserMapping","hideGenericExtensionAttributes","includeCustomized","dryRun","managed","propertyNames","Object","keys","updatedObjects","objects","object","getRealmManagedUser","isEqualJson","schema","properties","viewable","showGenericExtensionAttributes","repairOrgModelUser","RDVPs","repairData","queryConfig","flattenProperties","repairOrgModelOrg","getRealmManagedOrganization","repairOrgModelData","extendOrgModelPermissins","repairOrgModel","excludeCustomized","extendPermissions"],"sources":["ops/AdminOps.ts"],"sourcesContent":["import fs from 'fs';\nimport _ from 'lodash';\nimport {\n getOAuth2Clients,\n getOAuth2Client,\n putOAuth2Client,\n} from '../api/OAuth2ClientApi';\nimport { getConfigEntity, putConfigEntity } from '../api/IdmConfigApi';\nimport { isEqualJson, getRealmManagedUser } from './utils/OpsUtils';\nimport { getRealmManagedOrganization } from './OrganizationOps';\nimport { getOAuth2Provider } from '../api/OAuth2ProviderApi';\nimport { putSecret } from '../api/SecretsApi';\nimport { clientCredentialsGrant } from '../api/OAuth2OIDCApi';\nimport { printMessage } from './utils/Console';\nimport path from 'path';\nimport { fileURLToPath } from 'url';\n\nconst __dirname = path.dirname(fileURLToPath(import.meta.url));\n\nconst OAUTH2_CLIENT = JSON.parse(\n fs.readFileSync(\n path.resolve(__dirname, './templates/OAuth2ClientTemplate.json'),\n 'utf8'\n )\n);\nconst GENERIC_EXTENSION_ATTRIBUTES = JSON.parse(\n fs.readFileSync(\n path.resolve(\n __dirname,\n './templates/cloud/GenericExtensionAttributesTemplate.json'\n ),\n 'utf8'\n )\n);\n\nconst protectedClients = ['ui', 'idm-provisioning'];\nconst protectedSubjects = ['amadmin', 'autoid-resource-server'];\n\nconst privilegedScopes = [\n 'am-introspect-all-tokens',\n 'fr:idm:*',\n 'fr:idc:esv:*',\n];\n// const privilegedUsers = ['openidm-admin'];\nconst privilegedRoles = [\n 'internal/role/openidm-authorized',\n 'internal/role/openidm-admin',\n];\n\nconst adminScopes = ['fr:idm:*', 'fr:idc:esv:*'];\nconst adminDefaultScopes = ['fr:idm:*'];\nconst adminRoles = [\n 'internal/role/openidm-authorized',\n 'internal/role/openidm-admin',\n];\nconst autoIdRoles = [\n 'internal/role/platform-provisioning',\n 'internal/role/openidm-authorized',\n 'internal/role/openidm-admin',\n];\n\n/*\n * List all oauth2 clients, which have a corresponding staticUserMapping\n * in the IDM authentication.json:\n {\n \"_id\": \"authentication\",\n \"rsFilter\": {\n ...\n \"staticUserMapping\": [\n {\n \"subject\": \"someOauth2ClientID\",\n \"localUser\": \"internal/user/openidm-admin\",\n \"userRoles\": \"authzRoles/*\",\n \"roles\": [\n \"internal/role/openidm-authorized\",\n \"internal/role/openidm-admin\"\n ]\n },\n {\n \"subject\": \"RCSClient\",\n \"localUser\": \"internal/user/idm-provisioning\"\n }\n ]\n }\n }\n */\nexport async function listOAuth2CustomClients() {\n let clients = (await getOAuth2Clients()).data.result;\n clients = clients\n .map((client) => client._id)\n .filter((client) => !protectedClients.includes(client));\n const authentication = await getConfigEntity('authentication');\n const subjects = authentication.rsFilter.staticUserMapping\n .map((mapping) => mapping.subject)\n .filter((subject) => !protectedSubjects.includes(subject));\n const adminClients = subjects.filter((subject) => clients.includes(subject));\n return adminClients;\n}\n\n/*\n * List all oauth2 clients, which have the fr:idm:* scope and a \n * corresponding staticUserMapping in the IDM authentication.json\n * and are assigned admin privileges:\n {\n \"_id\": \"authentication\",\n \"rsFilter\": {\n ...\n \"staticUserMapping\": [\n {\n \"subject\": \"someOauth2ClientID\",\n \"localUser\": \"internal/user/openidm-admin\",\n \"userRoles\": \"authzRoles/*\",\n \"roles\": [\n \"internal/role/openidm-authorized\",\n \"internal/role/openidm-admin\"\n ]\n }\n ]\n }\n }\n */\nexport async function listOAuth2AdminClients() {\n let clients = (await getOAuth2Clients()).data.result;\n clients = clients\n .filter((client) => {\n let isPrivileged = false;\n if (client.coreOAuth2ClientConfig.scopes) {\n client.coreOAuth2ClientConfig.scopes.forEach((scope) => {\n if (privilegedScopes.includes(scope)) {\n isPrivileged = true;\n }\n });\n }\n return isPrivileged;\n })\n .map((client) => client._id)\n .filter((client) => !protectedClients.includes(client));\n const authentication = await getConfigEntity('authentication');\n const subjects = authentication.rsFilter.staticUserMapping\n .filter((mapping) => {\n let isPrivileged = false;\n if (mapping.roles) {\n mapping.roles.forEach((role) => {\n if (privilegedRoles.includes(role)) {\n isPrivileged = true;\n }\n });\n }\n return isPrivileged;\n })\n .map((mapping) => mapping.subject)\n .filter((subject) => !protectedSubjects.includes(subject));\n const adminClients = subjects.filter((subject) => clients.includes(subject));\n return adminClients;\n}\n\n/*\n * List all static user mappings that are not oauth2 clients in authentication.json\n * and are assigned admin privileges:\n {\n \"_id\": \"authentication\",\n \"rsFilter\": {\n ...\n \"staticUserMapping\": [\n {\n \"subject\": \"amadmin\",\n \"localUser\": \"internal/user/openidm-admin\",\n \"userRoles\": \"authzRoles/*\",\n \"roles\": [\n \"internal/role/openidm-authorized\",\n \"internal/role/openidm-admin\"\n ]\n },\n {\n \"subject\": \"idm-provisioning\",\n \"localUser\": \"internal/user/idm-provisioning\",\n \"roles\": [\n \"internal/role/platform-provisioning\"\n ]\n },\n {\n \"subject\": \"RCSClient\",\n \"localUser\": \"internal/user/idm-provisioning\"\n },\n {\n \"subject\": \"autoid-resource-server\",\n \"localUser\": \"internal/user/idm-provisioning\",\n \"roles\": [\n \"internal/role/platform-provisioning\",\n \"internal/role/openidm-authorized\",\n \"internal/role/openidm-admin\"\n ]\n }\n ]\n }\n }\n */\nexport async function listNonOAuth2AdminStaticUserMappings(showProtected) {\n let clients = (await getOAuth2Clients()).data.result;\n clients = clients\n .map((client) => client._id)\n .filter((client) => !protectedClients.includes(client));\n const authentication = await getConfigEntity('authentication');\n let subjects = authentication.rsFilter.staticUserMapping\n .filter((mapping) => {\n let isPrivileged = false;\n if (mapping.roles) {\n mapping.roles.forEach((role) => {\n if (privilegedRoles.includes(role)) {\n isPrivileged = true;\n }\n });\n }\n return isPrivileged;\n })\n .map((mapping) => mapping.subject);\n if (!showProtected) {\n subjects = subjects.filter(\n (subject) => !protectedSubjects.includes(subject)\n );\n }\n const adminSubjects = subjects.filter(\n (subject) => !clients.includes(subject)\n );\n return adminSubjects;\n}\n\nasync function getDynamicClientRegistrationScope() {\n const provider = (await getOAuth2Provider()).data;\n return provider.clientDynamicRegistrationConfig\n .dynamicClientRegistrationScope;\n}\n\nasync function addAdminScopes(clientId, client) {\n const modClient = client;\n const allAdminScopes = adminScopes.concat([\n await getDynamicClientRegistrationScope(),\n ]);\n let addScopes = [];\n if (\n modClient.coreOAuth2ClientConfig.scopes &&\n modClient.coreOAuth2ClientConfig.scopes.value\n ) {\n addScopes = allAdminScopes.filter((scope) => {\n let add = false;\n if (!modClient.coreOAuth2ClientConfig.scopes.value.includes(scope)) {\n add = true;\n }\n return add;\n });\n modClient.coreOAuth2ClientConfig.scopes.value =\n modClient.coreOAuth2ClientConfig.scopes.value.concat(addScopes);\n } else {\n modClient.coreOAuth2ClientConfig.scopes.value = allAdminScopes;\n }\n let addDefaultScope = false;\n if (\n modClient.coreOAuth2ClientConfig.defaultScopes &&\n modClient.coreOAuth2ClientConfig.defaultScopes.value\n ) {\n if (modClient.coreOAuth2ClientConfig.defaultScopes.value.length === 0) {\n addDefaultScope = true;\n modClient.coreOAuth2ClientConfig.defaultScopes.value = adminDefaultScopes;\n } else {\n printMessage(\n `Client \"${clientId}\" already has default scopes configured, not adding admin default scope.`\n );\n }\n }\n if (addScopes.length > 0 || addDefaultScope) {\n printMessage(`Adding admin scopes to client \"${clientId}\"...`);\n } else {\n printMessage(`Client \"${clientId}\" already has admin scopes.`);\n }\n return modClient;\n}\n\nfunction addClientCredentialsGrantType(clientId, client) {\n const modClient = client;\n let modified = false;\n if (\n modClient.advancedOAuth2ClientConfig.grantTypes &&\n modClient.advancedOAuth2ClientConfig.grantTypes.value\n ) {\n if (\n !modClient.advancedOAuth2ClientConfig.grantTypes.value.includes(\n 'client_credentials'\n )\n ) {\n modified = true;\n modClient.advancedOAuth2ClientConfig.grantTypes.value.push(\n 'client_credentials'\n );\n }\n } else {\n modClient.advancedOAuth2ClientConfig.grantTypes.value = [\n 'client_credentials',\n ];\n }\n modClient.advancedOAuth2ClientConfig.grantTypes.inherited = false;\n if (modified) {\n printMessage(\n `Adding client credentials grant type to client \"${clientId}\"...`\n );\n } else {\n printMessage(\n `Client \"${clientId}\" already has client credentials grant type.`\n );\n }\n return modClient;\n}\n\nasync function addAdminStaticUserMapping(name) {\n let authentication = {};\n try {\n authentication = await getConfigEntity('authentication');\n } catch (error) {\n printMessage(\n `Error reading IDM authentication configuration: ${error.message}`,\n 'error'\n );\n }\n let needsAdminMapping = true;\n let addRoles = [];\n const mappings = authentication['rsFilter']['staticUserMapping'].map(\n (mapping) => {\n // ignore mappings for other subjects\n if (mapping.subject !== name) {\n return mapping;\n }\n needsAdminMapping = false;\n addRoles = adminRoles.filter((role) => {\n let add = false;\n if (!mapping.roles.includes(role)) {\n add = true;\n }\n return add;\n });\n const newMapping = mapping;\n newMapping.roles = newMapping.roles.concat(addRoles);\n return newMapping;\n }\n );\n if (needsAdminMapping) {\n printMessage(`Creating static user mapping for client \"${name}\"...`);\n mappings.push({\n subject: name,\n localUser: 'internal/user/openidm-admin',\n userRoles: 'authzRoles/*',\n roles: adminRoles,\n });\n }\n authentication['rsFilter']['staticUserMapping'] = mappings;\n if (addRoles.length > 0 || needsAdminMapping) {\n printMessage(\n `Adding admin roles to static user mapping for client \"${name}\"...`\n );\n try {\n await putConfigEntity('authentication', authentication);\n } catch (putConfigEntityError) {\n printMessage(putConfigEntityError, 'error');\n printMessage(`Error: ${putConfigEntityError}`, 'error');\n }\n } else {\n printMessage(\n `Static user mapping for client \"${name}\" already has admin roles.`\n );\n }\n}\n\n/*\n * Add AutoId static user mapping to authentication.json to enable dashboards and other AutoId-based functionality.\n {\n \"_id\": \"authentication\",\n \"rsFilter\": {\n ...\n \"staticUserMapping\": [\n ...\n {\n \"subject\": \"autoid-resource-server\",\n \"localUser\": \"internal/user/idm-provisioning\",\n \"roles\": [\n \"internal/role/platform-provisioning\",\n \"internal/role/openidm-authorized\",\n \"internal/role/openidm-admin\"\n ]\n }\n ]\n }\n }\n */\nexport async function addAutoIdStaticUserMapping() {\n const name = 'autoid-resource-server';\n const authentication = await getConfigEntity('authentication');\n let needsAdminMapping = true;\n let addRoles = [];\n const mappings = authentication.rsFilter.staticUserMapping.map((mapping) => {\n // ignore mappings for other subjects\n if (mapping.subject !== name) {\n return mapping;\n }\n needsAdminMapping = false;\n addRoles = autoIdRoles.filter((role) => {\n let add = false;\n if (!mapping.roles.includes(role)) {\n add = true;\n }\n return add;\n });\n const newMapping = mapping;\n newMapping.roles = newMapping.roles.concat(addRoles);\n return newMapping;\n });\n if (needsAdminMapping) {\n printMessage(`Creating static user mapping for AutoId client \"${name}\"...`);\n mappings.push({\n subject: name,\n localUser: 'internal/user/idm-provisioning',\n userRoles: 'authzRoles/*',\n roles: autoIdRoles,\n });\n }\n authentication.rsFilter.staticUserMapping = mappings;\n if (addRoles.length > 0 || needsAdminMapping) {\n printMessage(\n `Adding required roles to static user mapping for AutoId client \"${name}\"...`\n );\n try {\n await putConfigEntity('authentication', authentication);\n } catch (putConfigEntityError) {\n printMessage(putConfigEntityError, 'error');\n printMessage(`Error: ${putConfigEntityError}`, 'error');\n }\n } else {\n printMessage(\n `Static user mapping for AutoId client \"${name}\" already has all required roles.`\n );\n }\n}\n\nexport async function grantOAuth2ClientAdminPrivileges(clientId) {\n let client = (await getOAuth2Client(clientId)).data;\n if (client.coreOAuth2ClientConfig.clientName.value.length === 0) {\n client.coreOAuth2ClientConfig.clientName.value = [clientId];\n }\n if (\n client.advancedOAuth2ClientConfig.descriptions.value.length === 0 ||\n client.advancedOAuth2ClientConfig.descriptions.value[0].startsWith(\n 'Modified by Frodo'\n ) ||\n client.advancedOAuth2ClientConfig.descriptions.value[0].startsWith(\n 'Created by Frodo'\n )\n ) {\n client.advancedOAuth2ClientConfig.descriptions.value = [\n `Modified by Frodo on ${new Date().toLocaleString()}`,\n ];\n }\n client = await addAdminScopes(clientId, client);\n client = addClientCredentialsGrantType(clientId, client);\n await putOAuth2Client(clientId, client);\n await addAdminStaticUserMapping(clientId);\n}\n\nasync function removeAdminScopes(name, client) {\n const modClient = client;\n const allAdminScopes = adminScopes.concat([\n await getDynamicClientRegistrationScope(),\n ]);\n let finalScopes = [];\n if (\n modClient.coreOAuth2ClientConfig.scopes &&\n modClient.coreOAuth2ClientConfig.scopes.value\n ) {\n finalScopes = modClient.coreOAuth2ClientConfig.scopes.value.filter(\n (scope) => !allAdminScopes.includes(scope)\n );\n }\n if (\n modClient.coreOAuth2ClientConfig.scopes.value.length > finalScopes.length\n ) {\n printMessage(`Removing admin scopes from client \"${name}\"...`);\n modClient.coreOAuth2ClientConfig.scopes.value = finalScopes;\n } else {\n printMessage(`Client \"${name}\" has no admin scopes.`);\n }\n let finalDefaultScopes = [];\n if (\n modClient.coreOAuth2ClientConfig.defaultScopes &&\n modClient.coreOAuth2ClientConfig.defaultScopes.value\n ) {\n finalDefaultScopes =\n modClient.coreOAuth2ClientConfig.defaultScopes.value.filter(\n (scope) => !adminDefaultScopes.includes(scope)\n );\n }\n if (\n modClient.coreOAuth2ClientConfig.defaultScopes.value.length >\n finalDefaultScopes.length\n ) {\n printMessage(`Removing admin default scopes from client \"${name}\"...`);\n modClient.coreOAuth2ClientConfig.defaultScopes.value = finalDefaultScopes;\n } else {\n printMessage(`Client \"${name}\" has no admin default scopes.`);\n }\n return modClient;\n}\n\nfunction removeClientCredentialsGrantType(clientId, client) {\n const modClient = client;\n let modified = false;\n let finalGrantTypes = [];\n if (\n modClient.advancedOAuth2ClientConfig.grantTypes &&\n modClient.advancedOAuth2ClientConfig.grantTypes.value\n ) {\n finalGrantTypes =\n modClient.advancedOAuth2ClientConfig.grantTypes.value.filter(\n (grantType) => grantType !== 'client_credentials'\n );\n modified =\n modClient.advancedOAuth2ClientConfig.grantTypes.value.length >\n finalGrantTypes.length;\n }\n if (modified) {\n printMessage(\n `Removing client credentials grant type from client \"${clientId}\"...`\n );\n modClient.advancedOAuth2ClientConfig.grantTypes.value = finalGrantTypes;\n } else {\n printMessage(\n `Client \"${clientId}\" does not allow client credentials grant type.`\n );\n }\n return modClient;\n}\n\nasync function removeAdminStaticUserMapping(name) {\n const authentication = await getConfigEntity('authentication');\n let finalRoles = [];\n let removeMapping = false;\n let modified = false;\n const mappings = authentication.rsFilter.staticUserMapping\n .map((mapping) => {\n // ignore mappings for other subjects\n if (mapping.subject !== name) {\n return mapping;\n }\n finalRoles = mapping.roles.filter((role) => !adminRoles.includes(role));\n const newMapping = mapping;\n removeMapping = finalRoles.length === 0; // if there are no more roles left on this mapping, flag it for removal\n modified = mapping.roles.length > finalRoles.length; // if there were roles removed, set modified flag\n newMapping.roles = finalRoles;\n return newMapping;\n })\n .filter((mapping) => mapping.subject !== name || !removeMapping);\n authentication.rsFilter.staticUserMapping = mappings;\n if (modified || removeMapping) {\n if (removeMapping) {\n printMessage(`Removing static user mapping for client \"${name}\"...`);\n } else {\n printMessage(\n `Removing admin roles from static user mapping for client \"${name}\"...`\n );\n }\n try {\n await putConfigEntity('authentication', authentication);\n } catch (putConfigEntityError) {\n printMessage(putConfigEntityError, 'error');\n printMessage(`Error: ${putConfigEntityError}`, 'error');\n }\n } else {\n printMessage(\n `Static user mapping for client \"${name}\" has no admin roles.`\n );\n }\n}\n\nexport async function revokeOAuth2ClientAdminPrivileges(clientId) {\n let client = (await getOAuth2Client(clientId)).data;\n if (client.coreOAuth2ClientConfig.clientName.value.length === 0) {\n client.coreOAuth2ClientConfig.clientName.value = [clientId];\n }\n if (\n client.advancedOAuth2ClientConfig.descriptions.value.length === 0 ||\n client.advancedOAuth2ClientConfig.descriptions.value[0].startsWith(\n 'Modified by Frodo'\n ) ||\n client.advancedOAuth2ClientConfig.descriptions.value[0].startsWith(\n 'Created by Frodo'\n )\n ) {\n client.advancedOAuth2ClientConfig.descriptions.value = [\n `Modified by Frodo on ${new Date().toLocaleString()}`,\n ];\n }\n client = await removeAdminScopes(clientId, client);\n client = removeClientCredentialsGrantType(clientId, client);\n await putOAuth2Client(clientId, client);\n await removeAdminStaticUserMapping(clientId);\n}\n\nexport async function createOAuth2ClientWithAdminPrivileges(\n clientId,\n clientSecret\n) {\n let client = OAUTH2_CLIENT;\n client.coreOAuth2ClientConfig.userpassword = clientSecret;\n client.coreOAuth2ClientConfig.clientName.value = [clientId];\n client.advancedOAuth2ClientConfig.descriptions.value = [\n `Created by Frodo on ${new Date().toLocaleString()}`,\n ];\n try {\n client = await addAdminScopes(clientId, client);\n await putOAuth2Client(clientId, client);\n await addAdminStaticUserMapping(clientId);\n } catch (error) {\n printMessage(`Error creating oauth2 client: ${error.message}`, 'error');\n }\n}\n\nexport async function createLongLivedToken(\n clientId,\n clientSecret,\n scope,\n secret,\n lifetime\n) {\n // get oauth2 client\n const client = (await getOAuth2Client(clientId)).data;\n client.userpassword = clientSecret;\n // remember current lifetime\n const rememberedLifetime =\n client.coreOAuth2ClientConfig.accessTokenLifetime.value || 3600;\n // set long token lifetime\n client.coreOAuth2ClientConfig.accessTokenLifetime.value = lifetime;\n await putOAuth2Client(clientId, client);\n const response = (await clientCredentialsGrant(clientId, clientSecret, scope))\n .data;\n const expires = new Date().getTime() + 1000 * response.expires_in;\n response.expires_on = new Date(expires).toLocaleString();\n // reset token lifetime\n client.coreOAuth2ClientConfig.accessTokenLifetime.value = rememberedLifetime;\n await putOAuth2Client(clientId, client);\n // create secret with token as value\n const description = 'Long-lived admin token';\n try {\n await putSecret(secret, response.access_token, description);\n response.secret = secret;\n } catch (error) {\n if (\n _.get(error, 'response.data.code') === 400 &&\n _.get(error, 'response.data.message') ===\n 'Failed to create secret, the secret already exists'\n ) {\n const newSecret = `${secret}-${expires}`;\n printMessage(\n `esv '${secret}' already exists, using ${newSecret}`,\n 'warn'\n );\n await putSecret(newSecret, response.access_token, description);\n response.secret = newSecret;\n }\n }\n delete response.access_token;\n return response;\n}\n\nexport async function removeStaticUserMapping(subject) {\n const authentication = await getConfigEntity('authentication');\n let removeMapping = false;\n const mappings = authentication.rsFilter.staticUserMapping.filter(\n (mapping) => {\n // find the subject and flag it\n if (mapping.subject === subject) {\n removeMapping = true;\n }\n // ignore mappings for other subjects\n return mapping.subject !== subject;\n }\n );\n authentication.rsFilter.staticUserMapping = mappings;\n if (removeMapping) {\n printMessage(`Removing static user mapping for subject \"${subject}\"...`);\n try {\n await putConfigEntity('authentication', authentication);\n } catch (putConfigEntityError) {\n printMessage(putConfigEntityError, 'error');\n printMessage(`Error: ${putConfigEntityError}`, 'error');\n }\n } else {\n printMessage(`No static user mapping for subject \"${subject}\" found.`);\n }\n}\n\nexport async function hideGenericExtensionAttributes(\n includeCustomized,\n dryRun\n) {\n const managed = await getConfigEntity('managed');\n const propertyNames = Object.keys(GENERIC_EXTENSION_ATTRIBUTES);\n const updatedObjects = managed.objects.map((object) => {\n // ignore all other objects\n if (object.name !== getRealmManagedUser()) {\n return object;\n }\n propertyNames.forEach((name) => {\n if (\n isEqualJson(\n GENERIC_EXTENSION_ATTRIBUTES[name],\n object.schema.properties[name],\n ['viewable', 'usageDescription']\n ) ||\n includeCustomized\n ) {\n if (object.schema.properties[name].viewable) {\n printMessage(`${name}: hide`);\n // eslint-disable-next-line no-param-reassign\n object.schema.properties[name].viewable = false;\n } else {\n printMessage(`${name}: ignore (already hidden)`);\n }\n } else {\n printMessage(`${name}: skip (customized)`);\n }\n });\n return object;\n });\n managed.objects = updatedObjects;\n if (dryRun) {\n printMessage('Dry-run only. Changes are not saved.');\n } else {\n try {\n await putConfigEntity('managed', managed);\n } catch (putConfigEntityError) {\n printMessage(putConfigEntityError, 'error');\n printMessage(`Error: ${putConfigEntityError}`, 'error');\n }\n }\n}\n\nexport async function showGenericExtensionAttributes(\n includeCustomized,\n dryRun\n) {\n const managed = await getConfigEntity('managed');\n const propertyNames = Object.keys(GENERIC_EXTENSION_ATTRIBUTES);\n const updatedObjects = managed.objects.map((object) => {\n // ignore all other objects\n if (object.name !== getRealmManagedUser()) {\n return object;\n }\n propertyNames.forEach((name) => {\n if (\n isEqualJson(\n GENERIC_EXTENSION_ATTRIBUTES[name],\n object.schema.properties[name],\n ['viewable', 'usageDescription']\n ) ||\n includeCustomized\n ) {\n if (!object.schema.properties[name].viewable) {\n printMessage(`${name}: show`);\n // eslint-disable-next-line no-param-reassign\n object.schema.properties[name].viewable = true;\n } else {\n printMessage(`${name}: ignore (already showing)`);\n }\n } else {\n printMessage(`${name}: skip (customized)`);\n }\n });\n return object;\n });\n managed.objects = updatedObjects;\n if (dryRun) {\n printMessage('Dry-run only. Changes are not saved.');\n } else {\n try {\n await putConfigEntity('managed', managed);\n } catch (putConfigEntityError) {\n printMessage(putConfigEntityError, 'error');\n printMessage(`Error: ${putConfigEntityError}`, 'error');\n }\n }\n}\n\nasync function repairOrgModelUser(dryRun) {\n const managed = await getConfigEntity('managed');\n const RDVPs = ['memberOfOrgIDs'];\n let repairData = false;\n const updatedObjects = managed.objects.map((object) => {\n // ignore all other objects\n if (object.name !== getRealmManagedUser()) {\n return object;\n }\n printMessage(`${object.name}: checking...`);\n RDVPs.forEach((name) => {\n if (!object.schema.properties[name].queryConfig.flattenProperties) {\n printMessage(`- ${name}: repairing - needs flattening`, 'warn');\n // eslint-disable-next-line no-param-reassign\n object.schema.properties[name].queryConfig.flattenProperties = true;\n repairData = true;\n } else {\n printMessage(`- ${name}: OK`);\n }\n });\n return object;\n });\n managed.objects = updatedObjects;\n if (!dryRun) {\n try {\n await putConfigEntity('managed', managed);\n } catch (putConfigEntityError) {\n printMessage(putConfigEntityError, 'error');\n printMessage(`Error: ${putConfigEntityError}`, 'error');\n }\n }\n return repairData;\n}\n\nasync function repairOrgModelOrg(dryRun) {\n const managed = await getConfigEntity('managed');\n const RDVPs = [\n 'adminIDs',\n 'ownerIDs',\n 'parentAdminIDs',\n 'parentOwnerIDs',\n 'parentIDs',\n ];\n let repairData = false;\n const updatedObjects = managed.objects.map((object) => {\n // ignore all other objects\n if (object.name !== getRealmManagedOrganization()) {\n return object;\n }\n printMessage(`${object.name}: checking...`);\n RDVPs.forEach((name) => {\n if (!object.schema.properties[name].queryConfig.flattenProperties) {\n printMessage(`- ${name}: repairing - needs flattening`, 'warn');\n // eslint-disable-next-line no-param-reassign\n object.schema.properties[name].queryConfig.flattenProperties = true;\n repairData = true;\n } else {\n printMessage(`- ${name}: OK`);\n }\n });\n return object;\n });\n managed.objects = updatedObjects;\n if (!dryRun) {\n try {\n await putConfigEntity('managed', managed);\n } catch (putConfigEntityError) {\n printMessage(putConfigEntityError, 'error');\n printMessage(`Error: ${putConfigEntityError}`, 'error');\n }\n }\n return repairData;\n}\n\nasync function repairOrgModelData(dryRun = false) {\n if (!dryRun) {\n // const rootOrgs = await findRootOrganizations();\n }\n}\n\nasync function extendOrgModelPermissins(dryRun = false) {\n if (!dryRun) {\n // const rootOrgs = await findRootOrganizations();\n }\n}\n\nexport async function repairOrgModel(\n excludeCustomized,\n extendPermissions,\n dryRun\n) {\n let repairData = false;\n repairData = repairData || (await repairOrgModelUser(dryRun));\n repairData = repairData || (await repairOrgModelOrg(dryRun));\n if (excludeCustomized) {\n //\n }\n if (repairData) {\n await repairOrgModelData(dryRun);\n }\n if (extendPermissions) {\n await extendOrgModelPermissins(dryRun);\n }\n if (dryRun) {\n printMessage('Dry-run only. Changes are not saved.', 'warn');\n }\n}\n\n// suggested by John K.\n// export async function removeRealmNameFromManagedObjectLabels() {}\n// export async function addRealmNameToManagedObjectLabels() {}\n// export async function cleanUpPostmanArtifacts() {}\n// export async function createSampleThemes() {}\n"],"mappings":";;;;;;;;;;;;;;;;;;AAAA;;AACA;;AACA;;AAKA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;AACA;;;;;;;;AAEA,IAAMA,QAAS,GAAGC,aAAA,CAAKC,OAAL,CAAa,IAAAC,kBAAA,sDAAb,CAAlB;;AAEA,IAAMC,aAAa,GAAGC,IAAI,CAACC,KAAL,CACpBC,WAAA,CAAGC,YAAH,CACEP,aAAA,CAAKQ,OAAL,CAAaT,QAAb,EAAwB,uCAAxB,CADF,EAEE,MAFF,CADoB,CAAtB;AAMA,IAAMU,4BAA4B,GAAGL,IAAI,CAACC,KAAL,CACnCC,WAAA,CAAGC,YAAH,CACEP,aAAA,CAAKQ,OAAL,CACET,QADF,EAEE,2DAFF,CADF,EAKE,MALF,CADmC,CAArC;AAUA,IAAMW,gBAAgB,GAAG,CAAC,IAAD,EAAO,kBAAP,CAAzB;AACA,IAAMC,iBAAiB,GAAG,CAAC,SAAD,EAAY,wBAAZ,CAA1B;AAEA,IAAMC,gBAAgB,GAAG,CACvB,0BADuB,EAEvB,UAFuB,EAGvB,cAHuB,CAAzB,C,CAKA;;AACA,IAAMC,eAAe,GAAG,CACtB,kCADsB,EAEtB,6BAFsB,CAAxB;AAKA,IAAMC,WAAW,GAAG,CAAC,UAAD,EAAa,cAAb,CAApB;AACA,IAAMC,kBAAkB,GAAG,CAAC,UAAD,CAA3B;AACA,IAAMC,UAAU,GAAG,CACjB,kCADiB,EAEjB,6BAFiB,CAAnB;AAIA,IAAMC,WAAW,GAAG,CAClB,qCADkB,EAElB,kCAFkB,EAGlB,6BAHkB,CAApB;AAMA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;SACsBC,uB;;;AAatB;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;+CAlCO,aAAyC;IAC9C,IAAIC,OAAO,GAAG,OAAO,IAAAC,iCAAA,GAAP,EAA2BC,IAA3B,CAAgCC,MAA9C;IACAH,OAAO,GAAGA,OAAO,CACdI,GADO,CACFC,MAAD,IAAYA,MAAM,CAACC,GADhB,EAEPC,MAFO,CAECF,MAAD,IAAY,CAACd,gBAAgB,CAACiB,QAAjB,CAA0BH,MAA1B,CAFb,CAAV;IAGA,IAAMI,cAAc,SAAS,IAAAC,6BAAA,EAAgB,gBAAhB,CAA7B;IACA,IAAMC,QAAQ,GAAGF,cAAc,CAACG,QAAf,CAAwBC,iBAAxB,CACdT,GADc,CACTU,OAAD,IAAaA,OAAO,CAACC,OADX,EAEdR,MAFc,CAENQ,OAAD,IAAa,CAACvB,iBAAiB,CAACgB,QAAlB,CAA2BO,OAA3B,CAFP,CAAjB;IAGA,IAAMC,YAAY,GAAGL,QAAQ,CAACJ,MAAT,CAAiBQ,OAAD,IAAaf,OAAO,CAACQ,QAAR,CAAiBO,OAAjB,CAA7B,CAArB;IACA,OAAOC,YAAP;EACD,C;;;;SAwBqBC,sB;;;AAmCtB;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;8CA3EO,aAAwC;IAC7C,IAAIjB,OAAO,GAAG,OAAO,IAAAC,iCAAA,GAAP,EAA2BC,IAA3B,CAAgCC,MAA9C;IACAH,OAAO,GAAGA,OAAO,CACdO,MADO,CACCF,MAAD,IAAY;MAClB,IAAIa,YAAY,GAAG,KAAnB;;MACA,IAAIb,MAAM,CAACc,sBAAP,CAA8BC,MAAlC,EAA0C;QACxCf,MAAM,CAACc,sBAAP,CAA8BC,MAA9B,CAAqCC,OAArC,CAA8CC,KAAD,IAAW;UACtD,IAAI7B,gBAAgB,CAACe,QAAjB,CAA0Bc,KAA1B,CAAJ,EAAsC;YACpCJ,YAAY,GAAG,IAAf;UACD;QACF,CAJD;MAKD;;MACD,OAAOA,YAAP;IACD,CAXO,EAYPd,GAZO,CAYFC,MAAD,IAAYA,MAAM,CAACC,GAZhB,EAaPC,MAbO,CAaCF,MAAD,IAAY,CAACd,gBAAgB,CAACiB,QAAjB,CAA0BH,MAA1B,CAbb,CAAV;IAcA,IAAMI,cAAc,SAAS,IAAAC,6BAAA,EAAgB,gBAAhB,CAA7B;IACA,IAAMC,QAAQ,GAAGF,cAAc,CAACG,QAAf,CAAwBC,iBAAxB,CACdN,MADc,CACNO,OAAD,IAAa;MACnB,IAAII,YAAY,GAAG,KAAnB;;MACA,IAAIJ,OAAO,CAACS,KAAZ,EAAmB;QACjBT,OAAO,CAACS,KAAR,CAAcF,OAAd,CAAuBG,IAAD,IAAU;UAC9B,IAAI9B,eAAe,CAACc,QAAhB,CAAyBgB,IAAzB,CAAJ,EAAoC;YAClCN,YAAY,GAAG,IAAf;UACD;QACF,CAJD;MAKD;;MACD,OAAOA,YAAP;IACD,CAXc,EAYdd,GAZc,CAYTU,OAAD,IAAaA,OAAO,CAACC,OAZX,EAadR,MAbc,CAaNQ,OAAD,IAAa,CAACvB,iBAAiB,CAACgB,QAAlB,CAA2BO,OAA3B,CAbP,CAAjB;IAcA,IAAMC,YAAY,GAAGL,QAAQ,CAACJ,MAAT,CAAiBQ,OAAD,IAAaf,OAAO,CAACQ,QAAR,CAAiBO,OAAjB,CAA7B,CAArB;IACA,OAAOC,YAAP;EACD,C;;;;SA2CqBS,oC;;;;;4DAAf,WAAoDC,aAApD,EAAmE;IACxE,IAAI1B,OAAO,GAAG,OAAO,IAAAC,iCAAA,GAAP,EAA2BC,IAA3B,CAAgCC,MAA9C;IACAH,OAAO,GAAGA,OAAO,CACdI,GADO,CACFC,MAAD,IAAYA,MAAM,CAACC,GADhB,EAEPC,MAFO,CAECF,MAAD,IAAY,CAACd,gBAAgB,CAACiB,QAAjB,CAA0BH,MAA1B,CAFb,CAAV;IAGA,IAAMI,cAAc,SAAS,IAAAC,6BAAA,EAAgB,gBAAhB,CAA7B;IACA,IAAIC,QAAQ,GAAGF,cAAc,CAACG,QAAf,CAAwBC,iBAAxB,CACZN,MADY,CACJO,OAAD,IAAa;MACnB,IAAII,YAAY,GAAG,KAAnB;;MACA,IAAIJ,OAAO,CAACS,KAAZ,EAAmB;QACjBT,OAAO,CAACS,KAAR,CAAcF,OAAd,CAAuBG,IAAD,IAAU;UAC9B,IAAI9B,eAAe,CAACc,QAAhB,CAAyBgB,IAAzB,CAAJ,EAAoC;YAClCN,YAAY,GAAG,IAAf;UACD;QACF,CAJD;MAKD;;MACD,OAAOA,YAAP;IACD,CAXY,EAYZd,GAZY,CAYPU,OAAD,IAAaA,OAAO,CAACC,OAZb,CAAf;;IAaA,IAAI,CAACW,aAAL,EAAoB;MAClBf,QAAQ,GAAGA,QAAQ,CAACJ,MAAT,CACRQ,OAAD,IAAa,CAACvB,iBAAiB,CAACgB,QAAlB,CAA2BO,OAA3B,CADL,CAAX;IAGD;;IACD,IAAMY,aAAa,GAAGhB,QAAQ,CAACJ,MAAT,CACnBQ,OAAD,IAAa,CAACf,OAAO,CAACQ,QAAR,CAAiBO,OAAjB,CADM,CAAtB;IAGA,OAAOY,aAAP;EACD,C;;;;SAEcC,iC;;;;;yDAAf,aAAmD;IACjD,IAAMC,QAAQ,GAAG,OAAO,IAAAC,oCAAA,GAAP,EAA4B5B,IAA7C;IACA,OAAO2B,QAAQ,CAACE,+BAAT,CACJC,8BADH;EAED,C;;;;SAEcC,c;;;;;sCAAf,WAA8BC,QAA9B,EAAwC7B,MAAxC,EAAgD;IAC9C,IAAM8B,SAAS,GAAG9B,MAAlB;IACA,IAAM+B,cAAc,GAAGzC,WAAW,CAAC0C,MAAZ,CAAmB,OAClCT,iCAAiC,EADC,CAAnB,CAAvB;IAGA,IAAIU,SAAS,GAAG,EAAhB;;IACA,IACEH,SAAS,CAAChB,sBAAV,CAAiCC,MAAjC,IACAe,SAAS,CAAChB,sBAAV,CAAiCC,MAAjC,CAAwCmB,KAF1C,EAGE;MACAD,SAAS,GAAGF,cAAc,CAAC7B,MAAf,CAAuBe,KAAD,IAAW;QAC3C,IAAIkB,GAAG,GAAG,KAAV;;QACA,IAAI,CAACL,SAAS,CAAChB,sBAAV,CAAiCC,MAAjC,CAAwCmB,KAAxC,CAA8C/B,QAA9C,CAAuDc,KAAvD,CAAL,EAAoE;UAClEkB,GAAG,GAAG,IAAN;QACD;;QACD,OAAOA,GAAP;MACD,CANW,CAAZ;MAOAL,SAAS,CAAChB,sBAAV,CAAiCC,MAAjC,CAAwCmB,KAAxC,GACEJ,SAAS,CAAChB,sBAAV,CAAiCC,MAAjC,CAAwCmB,KAAxC,CAA8CF,MAA9C,CAAqDC,SAArD,CADF;IAED,CAbD,MAaO;MACLH,SAAS,CAAChB,sBAAV,CAAiCC,MAAjC,CAAwCmB,KAAxC,GAAgDH,cAAhD;IACD;;IACD,IAAIK,eAAe,GAAG,KAAtB;;IACA,IACEN,SAAS,CAAChB,sBAAV,CAAiCuB,aAAjC,IACAP,SAAS,CAAChB,sBAAV,CAAiCuB,aAAjC,CAA+CH,KAFjD,EAGE;MACA,IAAIJ,SAAS,CAAChB,sBAAV,CAAiCuB,aAAjC,CAA+CH,KAA/C,CAAqDI,MAArD,KAAgE,CAApE,EAAuE;QACrEF,eAAe,GAAG,IAAlB;QACAN,SAAS,CAAChB,sBAAV,CAAiCuB,aAAjC,CAA+CH,KAA/C,GAAuD3C,kBAAvD;MACD,CAHD,MAGO;QACL,IAAAgD,qBAAA,qBACaV,QADb;MAGD;IACF;;IACD,IAAII,SAAS,CAACK,MAAV,GAAmB,CAAnB,IAAwBF,eAA5B,EAA6C;MAC3C,IAAAG,qBAAA,4CAA+CV,QAA/C;IACD,CAFD,MAEO;MACL,IAAAU,qBAAA,qBAAwBV,QAAxB;IACD;;IACD,OAAOC,SAAP;EACD,C;;;;AAED,SAASU,6BAAT,CAAuCX,QAAvC,EAAiD7B,MAAjD,EAAyD;EACvD,IAAM8B,SAAS,GAAG9B,MAAlB;EACA,IAAIyC,QAAQ,GAAG,KAAf;;EACA,IACEX,SAAS,CAACY,0BAAV,CAAqCC,UAArC,IACAb,SAAS,CAACY,0BAAV,CAAqCC,UAArC,CAAgDT,KAFlD,EAGE;IACA,IACE,CAACJ,SAAS,CAACY,0BAAV,CAAqCC,UAArC,CAAgDT,KAAhD,CAAsD/B,QAAtD,CACC,oBADD,CADH,EAIE;MACAsC,QAAQ,GAAG,IAAX;MACAX,SAAS,CAACY,0BAAV,CAAqCC,UAArC,CAAgDT,KAAhD,CAAsDU,IAAtD,CACE,oBADF;IAGD;EACF,CAdD,MAcO;IACLd,SAAS,CAACY,0BAAV,CAAqCC,UAArC,CAAgDT,KAAhD,GAAwD,CACtD,oBADsD,CAAxD;EAGD;;EACDJ,SAAS,CAACY,0BAAV,CAAqCC,UAArC,CAAgDE,SAAhD,GAA4D,KAA5D;;EACA,IAAIJ,QAAJ,EAAc;IACZ,IAAAF,qBAAA,6DACqDV,QADrD;EAGD,CAJD,MAIO;IACL,IAAAU,qBAAA,qBACaV,QADb;EAGD;;EACD,OAAOC,SAAP;AACD;;SAEcgB,yB;;;AA0Df;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;;iDA9EA,WAAyCC,IAAzC,EAA+C;IAC7C,IAAI3C,cAAc,GAAG,EAArB;;IACA,IAAI;MACFA,cAAc,SAAS,IAAAC,6BAAA,EAAgB,gBAAhB,CAAvB;IACD,CAFD,CAEE,OAAO2C,KAAP,EAAc;MACd,IAAAT,qBAAA,4DACqDS,KAAK,CAACC,OAD3D,GAEE,OAFF;IAID;;IACD,IAAIC,iBAAiB,GAAG,IAAxB;IACA,IAAIC,QAAQ,GAAG,EAAf;IACA,IAAMC,QAAQ,GAAGhD,cAAc,CAAC,UAAD,CAAd,CAA2B,mBAA3B,EAAgDL,GAAhD,CACdU,OAAD,IAAa;MACX;MACA,IAAIA,OAAO,CAACC,OAAR,KAAoBqC,IAAxB,EAA8B;QAC5B,OAAOtC,OAAP;MACD;;MACDyC,iBAAiB,GAAG,KAApB;MACAC,QAAQ,GAAG3D,UAAU,CAACU,MAAX,CAAmBiB,IAAD,IAAU;QACrC,IAAIgB,GAAG,GAAG,KAAV;;QACA,IAAI,CAAC1B,OAAO,CAACS,KAAR,CAAcf,QAAd,CAAuBgB,IAAvB,CAAL,EAAmC;UACjCgB,GAAG,GAAG,IAAN;QACD;;QACD,OAAOA,GAAP;MACD,CANU,CAAX;MAOA,IAAMkB,UAAU,GAAG5C,OAAnB;MACA4C,UAAU,CAACnC,KAAX,GAAmBmC,UAAU,CAACnC,KAAX,CAAiBc,MAAjB,CAAwBmB,QAAxB,CAAnB;MACA,OAAOE,UAAP;IACD,CAjBc,CAAjB;;IAmBA,IAAIH,iBAAJ,EAAuB;MACrB,IAAAX,qBAAA,sDAAyDQ,IAAzD;MACAK,QAAQ,CAACR,IAAT,CAAc;QACZlC,OAAO,EAAEqC,IADG;QAEZO,SAAS,EAAE,6BAFC;QAGZC,SAAS,EAAE,cAHC;QAIZrC,KAAK,EAAE1B;MAJK,CAAd;IAMD;;IACDY,cAAc,CAAC,UAAD,CAAd,CAA2B,mBAA3B,IAAkDgD,QAAlD;;IACA,IAAID,QAAQ,CAACb,MAAT,GAAkB,CAAlB,IAAuBY,iBAA3B,EAA8C;MAC5C,IAAAX,qBAAA,mEAC2DQ,IAD3D;;MAGA,IAAI;QACF,MAAM,IAAAS,6BAAA,EAAgB,gBAAhB,EAAkCpD,cAAlC,CAAN;MACD,CAFD,CAEE,OAAOqD,oBAAP,EAA6B;QAC7B,IAAAlB,qBAAA,EAAakB,oBAAb,EAAmC,OAAnC;QACA,IAAAlB,qBAAA,mBAAuBkB,oBAAvB,GAA+C,OAA/C;MACD;IACF,CAVD,MAUO;MACL,IAAAlB,qBAAA,6CACqCQ,IADrC;IAGD;EACF,C;;;;SAuBqBW,0B;;;;;kDAAf,aAA4C;IACjD,IAAMX,IAAI,GAAG,wBAAb;IACA,IAAM3C,cAAc,SAAS,IAAAC,6BAAA,EAAgB,gBAAhB,CAA7B;IACA,IAAI6C,iBAAiB,GAAG,IAAxB;IACA,IAAIC,QAAQ,GAAG,EAAf;IACA,IAAMC,QAAQ,GAAGhD,cAAc,CAACG,QAAf,CAAwBC,iBAAxB,CAA0CT,GAA1C,CAA+CU,OAAD,IAAa;MAC1E;MACA,IAAIA,OAAO,CAACC,OAAR,KAAoBqC,IAAxB,EAA8B;QAC5B,OAAOtC,OAAP;MACD;;MACDyC,iBAAiB,GAAG,KAApB;MACAC,QAAQ,GAAG1D,WAAW,CAACS,MAAZ,CAAoBiB,IAAD,IAAU;QACtC,IAAIgB,GAAG,GAAG,KAAV;;QACA,IAAI,CAAC1B,OAAO,CAACS,KAAR,CAAcf,QAAd,CAAuBgB,IAAvB,CAAL,EAAmC;UACjCgB,GAAG,GAAG,IAAN;QACD;;QACD,OAAOA,GAAP;MACD,CANU,CAAX;MAOA,IAAMkB,UAAU,GAAG5C,OAAnB;MACA4C,UAAU,CAACnC,KAAX,GAAmBmC,UAAU,CAACnC,KAAX,CAAiBc,MAAjB,CAAwBmB,QAAxB,CAAnB;MACA,OAAOE,UAAP;IACD,CAhBgB,CAAjB;;IAiBA,IAAIH,iBAAJ,EAAuB;MACrB,IAAAX,qBAAA,6DAAgEQ,IAAhE;MACAK,QAAQ,CAACR,IAAT,CAAc;QACZlC,OAAO,EAAEqC,IADG;QAEZO,SAAS,EAAE,gCAFC;QAGZC,SAAS,EAAE,cAHC;QAIZrC,KAAK,EAAEzB;MAJK,CAAd;IAMD;;IACDW,cAAc,CAACG,QAAf,CAAwBC,iBAAxB,GAA4C4C,QAA5C;;IACA,IAAID,QAAQ,CAACb,MAAT,GAAkB,CAAlB,IAAuBY,iBAA3B,EAA8C;MAC5C,IAAAX,qBAAA,6EACqEQ,IADrE;;MAGA,IAAI;QACF,MAAM,IAAAS,6BAAA,EAAgB,gBAAhB,EAAkCpD,cAAlC,CAAN;MACD,CAFD,CAEE,OAAOqD,oBAAP,EAA6B;QAC7B,IAAAlB,qBAAA,EAAakB,oBAAb,EAAmC,OAAnC;QACA,IAAAlB,qBAAA,mBAAuBkB,oBAAvB,GAA+C,OAA/C;MACD;IACF,CAVD,MAUO;MACL,IAAAlB,qBAAA,oDAC4CQ,IAD5C;IAGD;EACF,C;;;;SAEqBY,gC;;;;;wDAAf,WAAgD9B,QAAhD,EAA0D;IAC/D,IAAI7B,MAAM,GAAG,OAAO,IAAA4D,gCAAA,EAAgB/B,QAAhB,CAAP,EAAkChC,IAA/C;;IACA,IAAIG,MAAM,CAACc,sBAAP,CAA8B+C,UAA9B,CAAyC3B,KAAzC,CAA+CI,MAA/C,KAA0D,CAA9D,EAAiE;MAC/DtC,MAAM,CAACc,sBAAP,CAA8B+C,UAA9B,CAAyC3B,KAAzC,GAAiD,CAACL,QAAD,CAAjD;IACD;;IACD,IACE7B,MAAM,CAAC0C,0BAAP,CAAkCoB,YAAlC,CAA+C5B,KAA/C,CAAqDI,MAArD,KAAgE,CAAhE,IACAtC,MAAM,CAAC0C,0BAAP,CAAkCoB,YAAlC,CAA+C5B,KAA/C,CAAqD,CAArD,EAAwD6B,UAAxD,CACE,mBADF,CADA,IAIA/D,MAAM,CAAC0C,0BAAP,CAAkCoB,YAAlC,CAA+C5B,KAA/C,CAAqD,CAArD,EAAwD6B,UAAxD,CACE,kBADF,CALF,EAQE;MACA/D,MAAM,CAAC0C,0BAAP,CAAkCoB,YAAlC,CAA+C5B,KAA/C,GAAuD,gCAC7B,IAAI8B,IAAJ,GAAWC,cAAX,EAD6B,EAAvD;IAGD;;IACDjE,MAAM,SAAS4B,cAAc,CAACC,QAAD,EAAW7B,MAAX,CAA7B;IACAA,MAAM,GAAGwC,6BAA6B,CAACX,QAAD,EAAW7B,MAAX,CAAtC;IACA,MAAM,IAAAkE,gCAAA,EAAgBrC,QAAhB,EAA0B7B,MAA1B,CAAN;IACA,MAAM8C,yBAAyB,CAACjB,QAAD,CAA/B;EACD,C;;;;SAEcsC,iB;;;;;yCAAf,WAAiCpB,IAAjC,EAAuC/C,MAAvC,EAA+C;IAC7C,IAAM8B,SAAS,GAAG9B,MAAlB;IACA,IAAM+B,cAAc,GAAGzC,WAAW,CAAC0C,MAAZ,CAAmB,OAClCT,iCAAiC,EADC,CAAnB,CAAvB;IAGA,IAAI6C,WAAW,GAAG,EAAlB;;IACA,IACEtC,SAAS,CAAChB,sBAAV,CAAiCC,MAAjC,IACAe,SAAS,CAAChB,sBAAV,CAAiCC,MAAjC,CAAwCmB,KAF1C,EAGE;MACAkC,WAAW,GAAGtC,SAAS,CAAChB,sBAAV,CAAiCC,MAAjC,CAAwCmB,KAAxC,CAA8ChC,MAA9C,CACXe,KAAD,IAAW,CAACc,cAAc,CAAC5B,QAAf,CAAwBc,KAAxB,CADA,CAAd;IAGD;;IACD,IACEa,SAAS,CAAChB,sBAAV,CAAiCC,MAAjC,CAAwCmB,KAAxC,CAA8CI,MAA9C,GAAuD8B,WAAW,CAAC9B,MADrE,EAEE;MACA,IAAAC,qBAAA,gDAAmDQ,IAAnD;MACAjB,SAAS,CAAChB,sBAAV,CAAiCC,MAAjC,CAAwCmB,KAAxC,GAAgDkC,WAAhD;IACD,CALD,MAKO;MACL,IAAA7B,qBAAA,qBAAwBQ,IAAxB;IACD;;IACD,IAAIsB,kBAAkB,GAAG,EAAzB;;IACA,IACEvC,SAAS,CAAChB,sBAAV,CAAiCuB,aAAjC,IACAP,SAAS,CAAChB,sBAAV,CAAiCuB,aAAjC,CAA+CH,KAFjD,EAGE;MACAmC,kBAAkB,GAChBvC,SAAS,CAAChB,sBAAV,CAAiCuB,aAAjC,CAA+CH,KAA/C,CAAqDhC,MAArD,CACGe,KAAD,IAAW,CAAC1B,kBAAkB,CAACY,QAAnB,CAA4Bc,KAA5B,CADd,CADF;IAID;;IACD,IACEa,SAAS,CAAChB,sBAAV,CAAiCuB,aAAjC,CAA+CH,KAA/C,CAAqDI,MAArD,GACA+B,kBAAkB,CAAC/B,MAFrB,EAGE;MACA,IAAAC,qBAAA,wDAA2DQ,IAA3D;MACAjB,SAAS,CAAChB,sBAAV,CAAiCuB,aAAjC,CAA+CH,KAA/C,GAAuDmC,kBAAvD;IACD,CAND,MAMO;MACL,IAAA9B,qBAAA,qBAAwBQ,IAAxB;IACD;;IACD,OAAOjB,SAAP;EACD,C;;;;AAED,SAASwC,gCAAT,CAA0CzC,QAA1C,EAAoD7B,MAApD,EAA4D;EAC1D,IAAM8B,SAAS,GAAG9B,MAAlB;EACA,IAAIyC,QAAQ,GAAG,KAAf;EACA,IAAI8B,eAAe,GAAG,EAAtB;;EACA,IACEzC,SAAS,CAACY,0BAAV,CAAqCC,UAArC,IACAb,SAAS,CAACY,0BAAV,CAAqCC,UAArC,CAAgDT,KAFlD,EAGE;IACAqC,eAAe,GACbzC,SAAS,CAACY,0BAAV,CAAqCC,UAArC,CAAgDT,KAAhD,CAAsDhC,MAAtD,CACGsE,SAAD,IAAeA,SAAS,KAAK,oBAD/B,CADF;IAIA/B,QAAQ,GACNX,SAAS,CAACY,0BAAV,CAAqCC,UAArC,CAAgDT,KAAhD,CAAsDI,MAAtD,GACAiC,eAAe,CAACjC,MAFlB;EAGD;;EACD,IAAIG,QAAJ,EAAc;IACZ,IAAAF,qBAAA,iEACyDV,QADzD;IAGAC,SAAS,CAACY,0BAAV,CAAqCC,UAArC,CAAgDT,KAAhD,GAAwDqC,eAAxD;EACD,CALD,MAKO;IACL,IAAAhC,qBAAA,qBACaV,QADb;EAGD;;EACD,OAAOC,SAAP;AACD;;SAEc2C,4B;;;;;oDAAf,WAA4C1B,IAA5C,EAAkD;IAChD,IAAM3C,cAAc,SAAS,IAAAC,6BAAA,EAAgB,gBAAhB,CAA7B;IACA,IAAIqE,UAAU,GAAG,EAAjB;IACA,IAAIC,aAAa,GAAG,KAApB;IACA,IAAIlC,QAAQ,GAAG,KAAf;IACA,IAAMW,QAAQ,GAAGhD,cAAc,CAACG,QAAf,CAAwBC,iBAAxB,CACdT,GADc,CACTU,OAAD,IAAa;MAChB;MACA,IAAIA,OAAO,CAACC,OAAR,KAAoBqC,IAAxB,EAA8B;QAC5B,OAAOtC,OAAP;MACD;;MACDiE,UAAU,GAAGjE,OAAO,CAACS,KAAR,CAAchB,MAAd,CAAsBiB,IAAD,IAAU,CAAC3B,UAAU,CAACW,QAAX,CAAoBgB,IAApB,CAAhC,CAAb;MACA,IAAMkC,UAAU,GAAG5C,OAAnB;MACAkE,aAAa,GAAGD,UAAU,CAACpC,MAAX,KAAsB,CAAtC,CAPgB,CAOyB;;MACzCG,QAAQ,GAAGhC,OAAO,CAACS,KAAR,CAAcoB,MAAd,GAAuBoC,UAAU,CAACpC,MAA7C,CARgB,CAQqC;;MACrDe,UAAU,CAACnC,KAAX,GAAmBwD,UAAnB;MACA,OAAOrB,UAAP;IACD,CAZc,EAadnD,MAbc,CAaNO,OAAD,IAAaA,OAAO,CAACC,OAAR,KAAoBqC,IAApB,IAA4B,CAAC4B,aAbnC,CAAjB;IAcAvE,cAAc,CAACG,QAAf,CAAwBC,iBAAxB,GAA4C4C,QAA5C;;IACA,IAAIX,QAAQ,IAAIkC,aAAhB,EAA+B;MAC7B,IAAIA,aAAJ,EAAmB;QACjB,IAAApC,qBAAA,sDAAyDQ,IAAzD;MACD,CAFD,MAEO;QACL,IAAAR,qBAAA,uEAC+DQ,IAD/D;MAGD;;MACD,IAAI;QACF,MAAM,IAAAS,6BAAA,EAAgB,gBAAhB,EAAkCpD,cAAlC,CAAN;MACD,CAFD,CAEE,OAAOqD,oBAAP,EAA6B;QAC7B,IAAAlB,qBAAA,EAAakB,oBAAb,EAAmC,OAAnC;QACA,IAAAlB,qBAAA,mBAAuBkB,oBAAvB,GAA+C,OAA/C;MACD;IACF,CAdD,MAcO;MACL,IAAAlB,qBAAA,6CACqCQ,IADrC;IAGD;EACF,C;;;;SAEqB6B,iC;;;;;yDAAf,WAAiD/C,QAAjD,EAA2D;IAChE,IAAI7B,MAAM,GAAG,OAAO,IAAA4D,gCAAA,EAAgB/B,QAAhB,CAAP,EAAkChC,IAA/C;;IACA,IAAIG,MAAM,CAACc,sBAAP,CAA8B+C,UAA9B,CAAyC3B,KAAzC,CAA+CI,MAA/C,KAA0D,CAA9D,EAAiE;MAC/DtC,MAAM,CAACc,sBAAP,CAA8B+C,UAA9B,CAAyC3B,KAAzC,GAAiD,CAACL,QAAD,CAAjD;IACD;;IACD,IACE7B,MAAM,CAAC0C,0BAAP,CAAkCoB,YAAlC,CAA+C5B,KAA/C,CAAqDI,MAArD,KAAgE,CAAhE,IACAtC,MAAM,CAAC0C,0BAAP,CAAkCoB,YAAlC,CAA+C5B,KAA/C,CAAqD,CAArD,EAAwD6B,UAAxD,CACE,mBADF,CADA,IAIA/D,MAAM,CAAC0C,0BAAP,CAAkCoB,YAAlC,CAA+C5B,KAA/C,CAAqD,CAArD,EAAwD6B,UAAxD,CACE,kBADF,CALF,EAQE;MACA/D,MAAM,CAAC0C,0BAAP,CAAkCoB,YAAlC,CAA+C5B,KAA/C,GAAuD,gCAC7B,IAAI8B,IAAJ,GAAWC,cAAX,EAD6B,EAAvD;IAGD;;IACDjE,MAAM,SAASmE,iBAAiB,CAACtC,QAAD,EAAW7B,MAAX,CAAhC;IACAA,MAAM,GAAGsE,gCAAgC,CAACzC,QAAD,EAAW7B,MAAX,CAAzC;IACA,MAAM,IAAAkE,gCAAA,EAAgBrC,QAAhB,EAA0B7B,MAA1B,CAAN;IACA,MAAMyE,4BAA4B,CAAC5C,QAAD,CAAlC;EACD,C;;;;SAEqBgD,qC;;;;;6DAAf,WACLhD,QADK,EAELiD,YAFK,EAGL;IACA,IAAI9E,MAAM,GAAGrB,aAAb;IACAqB,MAAM,CAACc,sBAAP,CAA8BiE,YAA9B,GAA6CD,YAA7C;IACA9E,MAAM,CAACc,sBAAP,CAA8B+C,UAA9B,CAAyC3B,KAAzC,GAAiD,CAACL,QAAD,CAAjD;IACA7B,MAAM,CAAC0C,0BAAP,CAAkCoB,YAAlC,CAA+C5B,KAA/C,GAAuD,+BAC9B,IAAI8B,IAAJ,GAAWC,cAAX,EAD8B,EAAvD;;IAGA,IAAI;MACFjE,MAAM,SAAS4B,cAAc,CAACC,QAAD,EAAW7B,MAAX,CAA7B;MACA,MAAM,IAAAkE,gCAAA,EAAgBrC,QAAhB,EAA0B7B,MAA1B,CAAN;MACA,MAAM8C,yBAAyB,CAACjB,QAAD,CAA/B;IACD,CAJD,CAIE,OAAOmB,KAAP,EAAc;MACd,IAAAT,qBAAA,0CAA8CS,KAAK,CAACC,OAApD,GAA+D,OAA/D;IACD;EACF,C;;;;SAEqB+B,oB;;;;;4CAAf,WACLnD,QADK,EAELiD,YAFK,EAGL7D,KAHK,EAILgE,MAJK,EAKLC,QALK,EAML;IACA;IACA,IAAMlF,MAAM,GAAG,OAAO,IAAA4D,gCAAA,EAAgB/B,QAAhB,CAAP,EAAkChC,IAAjD;IACAG,MAAM,CAAC+E,YAAP,GAAsBD,YAAtB,CAHA,CAIA;;IACA,IAAMK,kBAAkB,GACtBnF,MAAM,CAACc,sBAAP,CAA8BsE,mBAA9B,CAAkDlD,KAAlD,IAA2D,IAD7D,CALA,CAOA;;IACAlC,MAAM,CAACc,sBAAP,CAA8BsE,mBAA9B,CAAkDlD,KAAlD,GAA0DgD,QAA1D;IACA,MAAM,IAAAhB,gCAAA,EAAgBrC,QAAhB,EAA0B7B,MAA1B,CAAN;IACA,IAAMqF,QAAQ,GAAG,OAAO,IAAAC,qCAAA,EAAuBzD,QAAvB,EAAiCiD,YAAjC,EAA+C7D,KAA/C,CAAP,EACdpB,IADH;IAEA,IAAM0F,OAAO,GAAG,IAAIvB,IAAJ,GAAWwB,OAAX,KAAuB,OAAOH,QAAQ,CAACI,UAAvD;IACAJ,QAAQ,CAACK,UAAT,GAAsB,IAAI1B,IAAJ,CAASuB,OAAT,EAAkBtB,cAAlB,EAAtB,CAbA,CAcA;;IACAjE,MAAM,CAACc,sBAAP,CAA8BsE,mBAA9B,CAAkDlD,KAAlD,GAA0DiD,kBAA1D;IACA,MAAM,IAAAjB,gCAAA,EAAgBrC,QAAhB,EAA0B7B,MAA1B,CAAN,CAhBA,CAiBA;;IACA,IAAM2F,WAAW,GAAG,wBAApB;;IACA,IAAI;MACF,MAAM,IAAAC,qBAAA,EAAUX,MAAV,EAAkBI,QAAQ,CAACQ,YAA3B,EAAyCF,WAAzC,CAAN;MACAN,QAAQ,CAACJ,MAAT,GAAkBA,MAAlB;IACD,CAHD,CAGE,OAAOjC,KAAP,EAAc;MACd,IACE8C,eAAA,CAAEC,GAAF,CAAM/C,KAAN,EAAa,oBAAb,MAAuC,GAAvC,IACA8C,eAAA,CAAEC,GAAF,CAAM/C,KAAN,EAAa,uBAAb,MACE,oDAHJ,EAIE;QACA,IAAMgD,SAAS,aAAMf,MAAN,cAAgBM,OAAhB,CAAf;QACA,IAAAhD,qBAAA,iBACU0C,MADV,qCAC2Ce,SAD3C,GAEE,MAFF;QAIA,MAAM,IAAAJ,qBAAA,EAAUI,SAAV,EAAqBX,QAAQ,CAACQ,YAA9B,EAA4CF,WAA5C,CAAN;QACAN,QAAQ,CAACJ,MAAT,GAAkBe,SAAlB;MACD;IACF;;IACD,OAAOX,QAAQ,CAACQ,YAAhB;IACA,OAAOR,QAAP;EACD,C;;;;SAEqBY,uB;;;;;+CAAf,WAAuCvF,OAAvC,EAAgD;IACrD,IAAMN,cAAc,SAAS,IAAAC,6BAAA,EAAgB,gBAAhB,CAA7B;IACA,IAAIsE,aAAa,GAAG,KAApB;IACA,IAAMvB,QAAQ,GAAGhD,cAAc,CAACG,QAAf,CAAwBC,iBAAxB,CAA0CN,MAA1C,CACdO,OAAD,IAAa;MACX;MACA,IAAIA,OAAO,CAACC,OAAR,KAAoBA,OAAxB,EAAiC;QAC/BiE,aAAa,GAAG,IAAhB;MACD,CAJU,CAKX;;;MACA,OAAOlE,OAAO,CAACC,OAAR,KAAoBA,OAA3B;IACD,CARc,CAAjB;IAUAN,cAAc,CAACG,QAAf,CAAwBC,iBAAxB,GAA4C4C,QAA5C;;IACA,IAAIuB,aAAJ,EAAmB;MACjB,IAAApC,qBAAA,uDAA0D7B,OAA1D;;MACA,IAAI;QACF,MAAM,IAAA8C,6BAAA,EAAgB,gBAAhB,EAAkCpD,cAAlC,CAAN;MACD,CAFD,CAEE,OAAOqD,oBAAP,EAA6B;QAC7B,IAAAlB,qBAAA,EAAakB,oBAAb,EAAmC,OAAnC;QACA,IAAAlB,qBAAA,mBAAuBkB,oBAAvB,GAA+C,OAA/C;MACD;IACF,CARD,MAQO;MACL,IAAAlB,qBAAA,iDAAoD7B,OAApD;IACD;EACF,C;;;;SAEqBwF,8B;;;;;sDAAf,WACLC,iBADK,EAELC,MAFK,EAGL;IACA,IAAMC,OAAO,SAAS,IAAAhG,6BAAA,EAAgB,SAAhB,CAAtB;IACA,IAAMiG,aAAa,GAAGC,MAAM,CAACC,IAAP,CAAYvH,4BAAZ,CAAtB;IACA,IAAMwH,cAAc,GAAGJ,OAAO,CAACK,OAAR,CAAgB3G,GAAhB,CAAqB4G,MAAD,IAAY;MACrD;MACA,IAAIA,MAAM,CAAC5D,IAAP,KAAgB,IAAA6D,6BAAA,GAApB,EAA2C;QACzC,OAAOD,MAAP;MACD;;MACDL,aAAa,CAACtF,OAAd,CAAuB+B,IAAD,IAAU;QAC9B,IACE,IAAA8D,qBAAA,EACE5H,4BAA4B,CAAC8D,IAAD,CAD9B,EAEE4D,MAAM,CAACG,MAAP,CAAcC,UAAd,CAAyBhE,IAAzB,CAFF,EAGE,CAAC,UAAD,EAAa,kBAAb,CAHF,KAKAoD,iBANF,EAOE;UACA,IAAIQ,MAAM,CAACG,MAAP,CAAcC,UAAd,CAAyBhE,IAAzB,EAA+BiE,QAAnC,EAA6C;YAC3C,IAAAzE,qBAAA,YAAgBQ,IAAhB,aAD2C,CAE3C;;YACA4D,MAAM,CAACG,MAAP,CAAcC,UAAd,CAAyBhE,IAAzB,EAA+BiE,QAA/B,GAA0C,KAA1C;UACD,CAJD,MAIO;YACL,IAAAzE,qBAAA,YAAgBQ,IAAhB;UACD;QACF,CAfD,MAeO;UACL,IAAAR,qBAAA,YAAgBQ,IAAhB;QACD;MACF,CAnBD;MAoBA,OAAO4D,MAAP;IACD,CA1BsB,CAAvB;IA2BAN,OAAO,CAACK,OAAR,GAAkBD,cAAlB;;IACA,IAAIL,MAAJ,EAAY;MACV,IAAA7D,qBAAA,EAAa,sCAAb;IACD,CAFD,MAEO;MACL,IAAI;QACF,MAAM,IAAAiB,6BAAA,EAAgB,SAAhB,EAA2B6C,OAA3B,CAAN;MACD,CAFD,CAEE,OAAO5C,oBAAP,EAA6B;QAC7B,IAAAlB,qBAAA,EAAakB,oBAAb,EAAmC,OAAnC;QACA,IAAAlB,qBAAA,mBAAuBkB,oBAAvB,GAA+C,OAA/C;MACD;IACF;EACF,C;;;;SAEqBwD,8B;;;;;sDAAf,WACLd,iBADK,EAELC,MAFK,EAGL;IACA,IAAMC,OAAO,SAAS,IAAAhG,6BAAA,EAAgB,SAAhB,CAAtB;IACA,IAAMiG,aAAa,GAAGC,MAAM,CAACC,IAAP,CAAYvH,4BAAZ,CAAtB;IACA,IAAMwH,cAAc,GAAGJ,OAAO,CAACK,OAAR,CAAgB3G,GAAhB,CAAqB4G,MAAD,IAAY;MACrD;MACA,IAAIA,MAAM,CAAC5D,IAAP,KAAgB,IAAA6D,6BAAA,GAApB,EAA2C;QACzC,OAAOD,MAAP;MACD;;MACDL,aAAa,CAACtF,OAAd,CAAuB+B,IAAD,IAAU;QAC9B,IACE,IAAA8D,qBAAA,EACE5H,4BAA4B,CAAC8D,IAAD,CAD9B,EAEE4D,MAAM,CAACG,MAAP,CAAcC,UAAd,CAAyBhE,IAAzB,CAFF,EAGE,CAAC,UAAD,EAAa,kBAAb,CAHF,KAKAoD,iBANF,EAOE;UACA,IAAI,CAACQ,MAAM,CAACG,MAAP,CAAcC,UAAd,CAAyBhE,IAAzB,EAA+BiE,QAApC,EAA8C;YAC5C,IAAAzE,qBAAA,YAAgBQ,IAAhB,aAD4C,CAE5C;;YACA4D,MAAM,CAACG,MAAP,CAAcC,UAAd,CAAyBhE,IAAzB,EAA+BiE,QAA/B,GAA0C,IAA1C;UACD,CAJD,MAIO;YACL,IAAAzE,qBAAA,YAAgBQ,IAAhB;UACD;QACF,CAfD,MAeO;UACL,IAAAR,qBAAA,YAAgBQ,IAAhB;QACD;MACF,CAnBD;MAoBA,OAAO4D,MAAP;IACD,CA1BsB,CAAvB;IA2BAN,OAAO,CAACK,OAAR,GAAkBD,cAAlB;;IACA,IAAIL,MAAJ,EAAY;MACV,IAAA7D,qBAAA,EAAa,sCAAb;IACD,CAFD,MAEO;MACL,IAAI;QACF,MAAM,IAAAiB,6BAAA,EAAgB,SAAhB,EAA2B6C,OAA3B,CAAN;MACD,CAFD,CAEE,OAAO5C,oBAAP,EAA6B;QAC7B,IAAAlB,qBAAA,EAAakB,oBAAb,EAAmC,OAAnC;QACA,IAAAlB,qBAAA,mBAAuBkB,oBAAvB,GAA+C,OAA/C;MACD;IACF;EACF,C;;;;SAEcyD,kB;;;;;0CAAf,WAAkCd,MAAlC,EAA0C;IACxC,IAAMC,OAAO,SAAS,IAAAhG,6BAAA,EAAgB,SAAhB,CAAtB;IACA,IAAM8G,KAAK,GAAG,CAAC,gBAAD,CAAd;IACA,IAAIC,UAAU,GAAG,KAAjB;IACA,IAAMX,cAAc,GAAGJ,OAAO,CAACK,OAAR,CAAgB3G,GAAhB,CAAqB4G,MAAD,IAAY;MACrD;MACA,IAAIA,MAAM,CAAC5D,IAAP,KAAgB,IAAA6D,6BAAA,GAApB,EAA2C;QACzC,OAAOD,MAAP;MACD;;MACD,IAAApE,qBAAA,YAAgBoE,MAAM,CAAC5D,IAAvB;MACAoE,KAAK,CAACnG,OAAN,CAAe+B,IAAD,IAAU;QACtB,IAAI,CAAC4D,MAAM,CAACG,MAAP,CAAcC,UAAd,CAAyBhE,IAAzB,EAA+BsE,WAA/B,CAA2CC,iBAAhD,EAAmE;UACjE,IAAA/E,qBAAA,cAAkBQ,IAAlB,qCAAwD,MAAxD,EADiE,CAEjE;;UACA4D,MAAM,CAACG,MAAP,CAAcC,UAAd,CAAyBhE,IAAzB,EAA+BsE,WAA/B,CAA2CC,iBAA3C,GAA+D,IAA/D;UACAF,UAAU,GAAG,IAAb;QACD,CALD,MAKO;UACL,IAAA7E,qBAAA,cAAkBQ,IAAlB;QACD;MACF,CATD;MAUA,OAAO4D,MAAP;IACD,CAjBsB,CAAvB;IAkBAN,OAAO,CAACK,OAAR,GAAkBD,cAAlB;;IACA,IAAI,CAACL,MAAL,EAAa;MACX,IAAI;QACF,MAAM,IAAA5C,6BAAA,EAAgB,SAAhB,EAA2B6C,OAA3B,CAAN;MACD,CAFD,CAEE,OAAO5C,oBAAP,EAA6B;QAC7B,IAAAlB,qBAAA,EAAakB,oBAAb,EAAmC,OAAnC;QACA,IAAAlB,qBAAA,mBAAuBkB,oBAAvB,GAA+C,OAA/C;MACD;IACF;;IACD,OAAO2D,UAAP;EACD,C;;;;SAEcG,iB;;;;;yCAAf,WAAiCnB,MAAjC,EAAyC;IACvC,IAAMC,OAAO,SAAS,IAAAhG,6BAAA,EAAgB,SAAhB,CAAtB;IACA,IAAM8G,KAAK,GAAG,CACZ,UADY,EAEZ,UAFY,EAGZ,gBAHY,EAIZ,gBAJY,EAKZ,WALY,CAAd;IAOA,IAAIC,UAAU,GAAG,KAAjB;IACA,IAAMX,cAAc,GAAGJ,OAAO,CAACK,OAAR,CAAgB3G,GAAhB,CAAqB4G,MAAD,IAAY;MACrD;MACA,IAAIA,MAAM,CAAC5D,IAAP,KAAgB,IAAAyE,4CAAA,GAApB,EAAmD;QACjD,OAAOb,MAAP;MACD;;MACD,IAAApE,qBAAA,YAAgBoE,MAAM,CAAC5D,IAAvB;MACAoE,KAAK,CAACnG,OAAN,CAAe+B,IAAD,IAAU;QACtB,IAAI,CAAC4D,MAAM,CAACG,MAAP,CAAcC,UAAd,CAAyBhE,IAAzB,EAA+BsE,WAA/B,CAA2CC,iBAAhD,EAAmE;UACjE,IAAA/E,qBAAA,cAAkBQ,IAAlB,qCAAwD,MAAxD,EADiE,CAEjE;;UACA4D,MAAM,CAACG,MAAP,CAAcC,UAAd,CAAyBhE,IAAzB,EAA+BsE,WAA/B,CAA2CC,iBAA3C,GAA+D,IAA/D;UACAF,UAAU,GAAG,IAAb;QACD,CALD,MAKO;UACL,IAAA7E,qBAAA,cAAkBQ,IAAlB;QACD;MACF,CATD;MAUA,OAAO4D,MAAP;IACD,CAjBsB,CAAvB;IAkBAN,OAAO,CAACK,OAAR,GAAkBD,cAAlB;;IACA,IAAI,CAACL,MAAL,EAAa;MACX,IAAI;QACF,MAAM,IAAA5C,6BAAA,EAAgB,SAAhB,EAA2B6C,OAA3B,CAAN;MACD,CAFD,CAEE,OAAO5C,oBAAP,EAA6B;QAC7B,IAAAlB,qBAAA,EAAakB,oBAAb,EAAmC,OAAnC;QACA,IAAAlB,qBAAA,mBAAuBkB,oBAAvB,GAA+C,OAA/C;MACD;IACF;;IACD,OAAO2D,UAAP;EACD,C;;;;SAEcK,kB;;;;;0CAAf,aAAkD;IAAA,IAAhBrB,MAAgB,uEAAP,KAAO;;IAChD,IAAI,CAACA,MAAL,EAAa,CACX;IACD;EACF,C;;;;SAEcsB,wB;;;;;gDAAf,aAAwD;IAAA,IAAhBtB,MAAgB,uEAAP,KAAO;;IACtD,IAAI,CAACA,MAAL,EAAa,CACX;IACD;EACF,C;;;;SAEqBuB,c;;EAsBtB;AACA;AACA;AACA;AACA;;;;sCA1BO,WACLC,iBADK,EAELC,iBAFK,EAGLzB,MAHK,EAIL;IACA,IAAIgB,UAAU,GAAG,KAAjB;IACAA,UAAU,GAAGA,UAAU,WAAWF,kBAAkB,CAACd,MAAD,CAA7B,CAAvB;IACAgB,UAAU,GAAGA,UAAU,WAAWG,iBAAiB,CAACnB,MAAD,CAA5B,CAAvB;;IACA,IAAIwB,iBAAJ,EAAuB,CACrB;IACD;;IACD,IAAIR,UAAJ,EAAgB;MACd,MAAMK,kBAAkB,CAACrB,MAAD,CAAxB;IACD;;IACD,IAAIyB,iBAAJ,EAAuB;MACrB,MAAMH,wBAAwB,CAACtB,MAAD,CAA9B;IACD;;IACD,IAAIA,MAAJ,EAAY;MACV,IAAA7D,qBAAA,EAAa,sCAAb,EAAqD,MAArD;IACD;EACF,C"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"IdmOps.test.js","names":["mock","MockAdapter","axios","state","default","session","setTenant","setRealm","setCookieName","setCookieValue","setDeploymentType","global","CLOUD_DEPLOYMENT_TYPE_KEY","describe","test","expect","Idm","countManagedObjects","toBeDefined","exportAllConfigEntities","exportAllRawConfigEntities","exportConfigEntity","listAllConfigEntities","mockListAllConfigEntities","assertions","toBeTruthy"],"sources":["ops/IdmOps.test.ts"],"sourcesContent":["import axios from 'axios';\nimport MockAdapter from 'axios-mock-adapter';\nimport { Idm, state } from '../index';\nimport * as global from '../storage/StaticStorage';\nimport { mockListAllConfigEntities } from '../test/mocks/ForgeRockApiMockEngine';\n\nconst mock = new MockAdapter(axios);\n\nstate.default.session.setTenant('https://openam-frodo-dev.forgeblocks.com/am');\nstate.default.session.setRealm('alpha');\nstate.default.session.setCookieName('cookieName');\nstate.default.session.setCookieValue('cookieValue');\nstate.default.session.setDeploymentType(global.CLOUD_DEPLOYMENT_TYPE_KEY);\n\ndescribe('IdmOps - countManagedObjects()', () => {\n test('countManagedObjects() 0: Method is implemented', async () => {\n expect(Idm.countManagedObjects).toBeDefined();\n });\n});\n\ndescribe('IdmOps - exportAllConfigEntities()', () => {\n test('exportAllConfigEntities() 0: Method is implemented', async () => {\n expect(Idm.exportAllConfigEntities).toBeDefined();\n });\n});\n\ndescribe('IdmOps - exportAllRawConfigEntities()', () => {\n test('exportAllRawConfigEntities() 0: Method is implemented', async () => {\n expect(Idm.exportAllRawConfigEntities).toBeDefined();\n });\n});\n\ndescribe('IdmOps - exportConfigEntity()', () => {\n test('exportConfigEntity() 0: Method is implemented', async () => {\n expect(Idm.exportConfigEntity).toBeDefined();\n });\n});\n\ndescribe('IdmOps - listAllConfigEntities()', () => {\n test('listAllConfigEntities() 0: Method is implemented', async () => {\n expect(Idm.listAllConfigEntities).toBeDefined();\n });\n\n test('listSocialProviders() 1: List social identity providers', async () => {\n mockListAllConfigEntities(mock);\n expect.assertions(1);\n await Idm.listAllConfigEntities();\n expect(true).toBeTruthy();\n });\n});\n"],"mappings":";;AAAA;;AACA;;AACA;;AACA;;AACA;;;;;;;;;;;;AAEA,IAAMA,IAAI,GAAG,IAAIC,yBAAJ,CAAgBC,cAAhB,CAAb;;AAEAC,YAAA,CAAMC,OAAN,CAAcC,OAAd,CAAsBC,SAAtB,CAAgC,6CAAhC;;AACAH,YAAA,CAAMC,OAAN,CAAcC,OAAd,CAAsBE,QAAtB,CAA+B,OAA/B;;AACAJ,YAAA,CAAMC,OAAN,CAAcC,OAAd,CAAsBG,aAAtB,CAAoC,YAApC;;AACAL,YAAA,CAAMC,OAAN,CAAcC,OAAd,CAAsBI,cAAtB,CAAqC,aAArC;;AACAN,YAAA,CAAMC,OAAN,CAAcC,OAAd,CAAsBK,iBAAtB,CAAwCC,MAAM,CAACC,yBAA/C;;AAEAC,QAAQ,CAAC,gCAAD,EAAmC,MAAM;EAC/CC,IAAI,CAAC,gDAAD,iCAAmD,aAAY;IACjEC,MAAM,CAACC,UAAA,CAAIC,mBAAL,CAAN,CAAgCC,WAAhC;EACD,CAFG,EAAJ;AAGD,CAJO,CAAR;AAMAL,QAAQ,CAAC,oCAAD,EAAuC,MAAM;EACnDC,IAAI,CAAC,oDAAD,iCAAuD,aAAY;IACrEC,MAAM,CAACC,UAAA,CAAIG,uBAAL,CAAN,CAAoCD,WAApC;EACD,CAFG,EAAJ;AAGD,CAJO,CAAR;AAMAL,QAAQ,CAAC,uCAAD,EAA0C,MAAM;EACtDC,IAAI,CAAC,uDAAD,iCAA0D,aAAY;IACxEC,MAAM,CAACC,UAAA,CAAII,0BAAL,CAAN,CAAuCF,WAAvC;EACD,CAFG,EAAJ;AAGD,CAJO,CAAR;AAMAL,QAAQ,CAAC,+BAAD,EAAkC,MAAM;EAC9CC,IAAI,CAAC,+CAAD,iCAAkD,aAAY;IAChEC,MAAM,CAACC,UAAA,CAAIK,kBAAL,CAAN,CAA+BH,WAA/B;EACD,CAFG,EAAJ;AAGD,CAJO,CAAR;AAMAL,QAAQ,CAAC,kCAAD,EAAqC,MAAM;EACjDC,IAAI,CAAC,kDAAD,iCAAqD,aAAY;IACnEC,MAAM,CAACC,UAAA,CAAIM,qBAAL,CAAN,CAAkCJ,WAAlC;EACD,CAFG,EAAJ;EAIAJ,IAAI,CAAC,yDAAD,iCAA4D,aAAY;IAC1E,IAAAS,iDAAA,EAA0BvB,IAA1B;IACAe,MAAM,CAACS,UAAP,CAAkB,CAAlB;IACA,MAAMR,UAAA,CAAIM,qBAAJ,EAAN;IACAP,MAAM,CAAC,IAAD,CAAN,CAAaU,UAAb;EACD,CALG,EAAJ;AAMD,CAXO,CAAR"}
|