@serve.zone/dcrouter 7.4.3 → 8.1.0

package/dist_ts/opsserver/handlers/certificate.handler.js

@@ -1,419 +0,0 @@
-import * as plugins from '../../plugins.js';
-import * as interfaces from '../../../dist_ts_interfaces/index.js';
-export class CertificateHandler {
-    opsServerRef;
-    typedrouter = new plugins.typedrequest.TypedRouter();
-    constructor(opsServerRef) {
-        this.opsServerRef = opsServerRef;
-        this.opsServerRef.typedrouter.addTypedRouter(this.typedrouter);
-        this.registerHandlers();
-    }
-    registerHandlers() {
-        // Get Certificate Overview
-        this.typedrouter.addTypedHandler(new plugins.typedrequest.TypedHandler('getCertificateOverview', async (dataArg) => {
-            const certificates = await this.buildCertificateOverview();
-            const summary = this.buildSummary(certificates);
-            return { certificates, summary };
-        }));
-        // Legacy route-based reprovision (backward compat)
-        this.typedrouter.addTypedHandler(new plugins.typedrequest.TypedHandler('reprovisionCertificate', async (dataArg) => {
-            return this.reprovisionCertificateByRoute(dataArg.routeName);
-        }));
-        // Domain-based reprovision (preferred)
-        this.typedrouter.addTypedHandler(new plugins.typedrequest.TypedHandler('reprovisionCertificateDomain', async (dataArg) => {
-            return this.reprovisionCertificateDomain(dataArg.domain);
-        }));
-        // Delete certificate
-        this.typedrouter.addTypedHandler(new plugins.typedrequest.TypedHandler('deleteCertificate', async (dataArg) => {
-            return this.deleteCertificate(dataArg.domain);
-        }));
-        // Export certificate
-        this.typedrouter.addTypedHandler(new plugins.typedrequest.TypedHandler('exportCertificate', async (dataArg) => {
-            return this.exportCertificate(dataArg.domain);
-        }));
-        // Import certificate
-        this.typedrouter.addTypedHandler(new plugins.typedrequest.TypedHandler('importCertificate', async (dataArg) => {
-            return this.importCertificate(dataArg.cert);
-        }));
-    }
-    /**
-     * Build domain-centric certificate overview.
-     * Instead of one row per route, we produce one row per unique domain.
-     */
-    async buildCertificateOverview() {
-        const dcRouter = this.opsServerRef.dcRouterRef;
-        const smartProxy = dcRouter.smartProxy;
-        if (!smartProxy)
-            return [];
-        const routes = smartProxy.routeManager.getRoutes();
-        // Phase 1: Collect unique domains with their associated route info
-        const domainMap = new Map();
-        for (const route of routes) {
-            if (!route.name)
-                continue;
-            const tls = route.action?.tls;
-            if (!tls)
-                continue;
-            // Skip passthrough routes - they don't manage certificates
-            if (tls.mode === 'passthrough')
-                continue;
-            const routeDomains = route.match.domains
-                ? (Array.isArray(route.match.domains) ? route.match.domains : [route.match.domains])
-                : [];
-            // Determine source
-            let source = 'none';
-            if (tls.certificate === 'auto') {
-                if (smartProxy.settings.certProvisionFunction) {
-                    source = 'provision-function';
-                }
-                else {
-                    source = 'acme';
-                }
-            }
-            else if (tls.certificate && typeof tls.certificate === 'object') {
-                source = 'static';
-            }
-            const canReprovision = source === 'acme' || source === 'provision-function';
-            const tlsMode = tls.mode;
-            for (const domain of routeDomains) {
-                const existing = domainMap.get(domain);
-                if (existing) {
-                    // Add this route name to the existing domain entry
-                    if (!existing.routeNames.includes(route.name)) {
-                        existing.routeNames.push(route.name);
-                    }
-                    // Upgrade source if more specific
-                    if (existing.source === 'none' && source !== 'none') {
-                        existing.source = source;
-                        existing.canReprovision = canReprovision;
-                    }
-                }
-                else {
-                    domainMap.set(domain, {
-                        routeNames: [route.name],
-                        source,
-                        tlsMode,
-                        canReprovision,
-                    });
-                }
-            }
-        }
-        // Phase 2: Resolve status for each unique domain
-        const certificates = [];
-        for (const [domain, info] of domainMap) {
-            let status = 'unknown';
-            let expiryDate;
-            let issuedAt;
-            let issuer;
-            let error;
-            // Check event-based status from certificateStatusMap (now keyed by domain)
-            const eventStatus = dcRouter.certificateStatusMap.get(domain);
-            if (eventStatus) {
-                status = eventStatus.status;
-                expiryDate = eventStatus.expiryDate;
-                issuedAt = eventStatus.issuedAt;
-                error = eventStatus.error;
-                if (eventStatus.source) {
-                    issuer = eventStatus.source;
-                }
-            }
-            // Try SmartProxy certificate status if no event data
-            if (status === 'unknown' && info.routeNames.length > 0) {
-                try {
-                    const rustStatus = await smartProxy.getCertificateStatus(info.routeNames[0]);
-                    if (rustStatus) {
-                        if (rustStatus.expiryDate)
-                            expiryDate = rustStatus.expiryDate;
-                        if (rustStatus.issuer)
-                            issuer = rustStatus.issuer;
-                        if (rustStatus.issuedAt)
-                            issuedAt = rustStatus.issuedAt;
-                        if (rustStatus.status === 'valid' || rustStatus.status === 'expired') {
-                            status = rustStatus.status;
-                        }
-                    }
-                }
-                catch {
-                    // Rust bridge may not support this command yet — ignore
-                }
-            }
-            // Check persisted cert data from StorageManager
-            if (status === 'unknown') {
-                const cleanDomain = domain.replace(/^\*\.?/, '');
-                let certData = await dcRouter.storageManager.getJSON(`/certs/${cleanDomain}`);
-                if (!certData) {
-                    // Also check certStore path (proxy-certs)
-                    certData = await dcRouter.storageManager.getJSON(`/proxy-certs/${domain}`);
-                }
-                if (certData?.validUntil) {
-                    expiryDate = new Date(certData.validUntil).toISOString();
-                    if (certData.created) {
-                        issuedAt = new Date(certData.created).toISOString();
-                    }
-                    issuer = 'smartacme-dns-01';
-                }
-                else if (certData?.publicKey) {
-                    // certStore has the cert — parse PEM for expiry
-                    try {
-                        const x509 = new plugins.crypto.X509Certificate(certData.publicKey);
-                        expiryDate = new Date(x509.validTo).toISOString();
-                        issuedAt = new Date(x509.validFrom).toISOString();
-                    }
-                    catch { /* PEM parsing failed */ }
-                    status = 'valid';
-                    issuer = 'cert-store';
-                }
-                else if (certData) {
-                    status = 'valid';
-                    issuer = 'cert-store';
-                }
-            }
-            // Compute status from expiry date
-            if (expiryDate && (status === 'valid' || status === 'unknown')) {
-                const expiry = new Date(expiryDate);
-                const now = new Date();
-                const daysUntilExpiry = (expiry.getTime() - now.getTime()) / (1000 * 60 * 60 * 24);
-                if (daysUntilExpiry < 0) {
-                    status = 'expired';
-                }
-                else if (daysUntilExpiry < 30) {
-                    status = 'expiring';
-                }
-                else {
-                    status = 'valid';
-                }
-            }
-            // Static certs with no other info default to 'valid'
-            if (info.source === 'static' && status === 'unknown') {
-                status = 'valid';
-            }
-            // ACME/provision-function routes with no cert data are still provisioning
-            if (status === 'unknown' && (info.source === 'acme' || info.source === 'provision-function')) {
-                status = 'provisioning';
-            }
-            // Phase 3: Attach backoff info
-            let backoffInfo;
-            if (dcRouter.certProvisionScheduler) {
-                const bi = await dcRouter.certProvisionScheduler.getBackoffInfo(domain);
-                if (bi) {
-                    backoffInfo = bi;
-                }
-            }
-            certificates.push({
-                domain,
-                routeNames: info.routeNames,
-                status,
-                source: info.source,
-                tlsMode: info.tlsMode,
-                expiryDate,
-                issuer,
-                issuedAt,
-                error,
-                canReprovision: info.canReprovision,
-                backoffInfo,
-            });
-        }
-        return certificates;
-    }
-    buildSummary(certificates) {
-        const summary = { total: 0, valid: 0, expiring: 0, expired: 0, failed: 0, unknown: 0 };
-        summary.total = certificates.length;
-        for (const cert of certificates) {
-            switch (cert.status) {
-                case 'valid':
-                    summary.valid++;
-                    break;
-                case 'expiring':
-                    summary.expiring++;
-                    break;
-                case 'expired':
-                    summary.expired++;
-                    break;
-                case 'failed':
-                    summary.failed++;
-                    break;
-                case 'provisioning': // count as unknown
-                case 'unknown':
-                    summary.unknown++;
-                    break;
-            }
-        }
-        return summary;
-    }
-    /**
-     * Legacy route-based reprovisioning
-     */
-    async reprovisionCertificateByRoute(routeName) {
-        const dcRouter = this.opsServerRef.dcRouterRef;
-        const smartProxy = dcRouter.smartProxy;
-        if (!smartProxy) {
-            return { success: false, message: 'SmartProxy is not running' };
-        }
-        try {
-            await smartProxy.provisionCertificate(routeName);
-            // Clear event-based status for domains in this route
-            for (const [domain, entry] of dcRouter.certificateStatusMap) {
-                if (entry.routeNames.includes(routeName)) {
-                    dcRouter.certificateStatusMap.delete(domain);
-                }
-            }
-            return { success: true, message: `Certificate reprovisioning triggered for route '${routeName}'` };
-        }
-        catch (err) {
-            return { success: false, message: err.message || 'Failed to reprovision certificate' };
-        }
-    }
-    /**
-     * Domain-based reprovisioning — clears backoff first, then triggers provision
-     */
-    async reprovisionCertificateDomain(domain) {
-        const dcRouter = this.opsServerRef.dcRouterRef;
-        const smartProxy = dcRouter.smartProxy;
-        if (!smartProxy) {
-            return { success: false, message: 'SmartProxy is not running' };
-        }
-        // Clear backoff for this domain (user override)
-        if (dcRouter.certProvisionScheduler) {
-            await dcRouter.certProvisionScheduler.clearBackoff(domain);
-        }
-        // Clear status map entry so it gets refreshed
-        dcRouter.certificateStatusMap.delete(domain);
-        // Try to provision via SmartAcme directly
-        if (dcRouter.smartAcme) {
-            try {
-                await dcRouter.smartAcme.getCertificateForDomain(domain);
-                return { success: true, message: `Certificate reprovisioning triggered for domain '${domain}'` };
-            }
-            catch (err) {
-                return { success: false, message: err.message || `Failed to reprovision certificate for ${domain}` };
-            }
-        }
-        // Fallback: try provisioning via the first matching route
-        const routeNames = dcRouter.findRouteNamesForDomain(domain);
-        if (routeNames.length > 0) {
-            try {
-                await smartProxy.provisionCertificate(routeNames[0]);
-                return { success: true, message: `Certificate reprovisioning triggered for domain '${domain}' via route '${routeNames[0]}'` };
-            }
-            catch (err) {
-                return { success: false, message: err.message || `Failed to reprovision certificate for ${domain}` };
-            }
-        }
-        return { success: false, message: `No routes found for domain '${domain}'` };
-    }
-    /**
-     * Delete certificate data for a domain from storage
-     */
-    async deleteCertificate(domain) {
-        const dcRouter = this.opsServerRef.dcRouterRef;
-        const cleanDomain = domain.replace(/^\*\.?/, '');
-        // Delete from all known storage paths
-        const paths = [
-            `/proxy-certs/${domain}`,
-            `/proxy-certs/${cleanDomain}`,
-            `/certs/${cleanDomain}`,
-        ];
-        for (const path of paths) {
-            try {
-                await dcRouter.storageManager.delete(path);
-            }
-            catch {
-                // Path may not exist — ignore
-            }
-        }
-        // Clear from in-memory status map
-        dcRouter.certificateStatusMap.delete(domain);
-        // Clear backoff info
-        if (dcRouter.certProvisionScheduler) {
-            await dcRouter.certProvisionScheduler.clearBackoff(domain);
-        }
-        return { success: true, message: `Certificate data deleted for '${domain}'` };
-    }
-    /**
-     * Export certificate data for a domain as ICert-shaped JSON
-     */
-    async exportCertificate(domain) {
-        const dcRouter = this.opsServerRef.dcRouterRef;
-        const cleanDomain = domain.replace(/^\*\.?/, '');
-        // Try SmartAcme /certs/ path first (has full ICert fields)
-        let certData = await dcRouter.storageManager.getJSON(`/certs/${cleanDomain}`);
-        if (certData && certData.publicKey && certData.privateKey) {
-            return {
-                success: true,
-                cert: {
-                    id: certData.id || plugins.crypto.randomUUID(),
-                    domainName: certData.domainName || domain,
-                    created: certData.created || Date.now(),
-                    validUntil: certData.validUntil || 0,
-                    privateKey: certData.privateKey,
-                    publicKey: certData.publicKey,
-                    csr: certData.csr || '',
-                },
-            };
-        }
-        // Fallback: try /proxy-certs/ with original domain
-        certData = await dcRouter.storageManager.getJSON(`/proxy-certs/${domain}`);
-        if (!certData || !certData.publicKey) {
-            // Try with clean domain
-            certData = await dcRouter.storageManager.getJSON(`/proxy-certs/${cleanDomain}`);
-        }
-        if (certData && certData.publicKey && certData.privateKey) {
-            return {
-                success: true,
-                cert: {
-                    id: plugins.crypto.randomUUID(),
-                    domainName: domain,
-                    created: certData.validFrom || Date.now(),
-                    validUntil: certData.validUntil || 0,
-                    privateKey: certData.privateKey,
-                    publicKey: certData.publicKey,
-                    csr: '',
-                },
-            };
-        }
-        return { success: false, message: `No certificate data found for '${domain}'` };
-    }
-    /**
-     * Import a certificate from ICert-shaped JSON
-     */
-    async importCertificate(cert) {
-        // Validate PEM content
-        if (!cert.publicKey || !cert.publicKey.includes('-----BEGIN CERTIFICATE-----')) {
-            return { success: false, message: 'Invalid publicKey: must contain a PEM-encoded certificate' };
-        }
-        if (!cert.privateKey || !cert.privateKey.includes('-----BEGIN')) {
-            return { success: false, message: 'Invalid privateKey: must contain a PEM-encoded key' };
-        }
-        const dcRouter = this.opsServerRef.dcRouterRef;
-        const cleanDomain = cert.domainName.replace(/^\*\.?/, '');
-        // Save to /certs/ (SmartAcme-compatible path)
-        await dcRouter.storageManager.setJSON(`/certs/${cleanDomain}`, {
-            id: cert.id,
-            domainName: cert.domainName,
-            created: cert.created,
-            validUntil: cert.validUntil,
-            privateKey: cert.privateKey,
-            publicKey: cert.publicKey,
-            csr: cert.csr || '',
-        });
-        // Also save to /proxy-certs/ (proxy-cert format)
-        await dcRouter.storageManager.setJSON(`/proxy-certs/${cert.domainName}`, {
-            domain: cert.domainName,
-            publicKey: cert.publicKey,
-            privateKey: cert.privateKey,
-            ca: undefined,
-            validUntil: cert.validUntil,
-            validFrom: cert.created,
-        });
-        // Update in-memory status map
-        dcRouter.certificateStatusMap.set(cert.domainName, {
-            status: 'valid',
-            source: 'static',
-            expiryDate: cert.validUntil ? new Date(cert.validUntil).toISOString() : undefined,
-            issuedAt: cert.created ? new Date(cert.created).toISOString() : undefined,
-            routeNames: [],
-        });
-        return { success: true, message: `Certificate imported for '${cert.domainName}'` };
-    }
-}
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2VydGlmaWNhdGUuaGFuZGxlci5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uL3RzL29wc3NlcnZlci9oYW5kbGVycy9jZXJ0aWZpY2F0ZS5oYW5kbGVyLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLE9BQU8sS0FBSyxPQUFPLE1BQU0sa0JBQWtCLENBQUM7QUFFNUMsT0FBTyxLQUFLLFVBQVUsTUFBTSxpQ0FBaUMsQ0FBQztBQUU5RCxNQUFNLE9BQU8sa0JBQWtCO0lBR1Q7SUFGYixXQUFXLEdBQUcsSUFBSSxPQUFPLENBQUMsWUFBWSxDQUFDLFdBQVcsRUFBRSxDQUFDO0lBRTVELFlBQW9CLFlBQXVCO1FBQXZCLGlCQUFZLEdBQVosWUFBWSxDQUFXO1FBQ3pDLElBQUksQ0FBQyxZQUFZLENBQUMsV0FBVyxDQUFDLGNBQWMsQ0FBQyxJQUFJLENBQUMsV0FBVyxDQUFDLENBQUM7UUFDL0QsSUFBSSxDQUFDLGdCQUFnQixFQUFFLENBQUM7SUFDMUIsQ0FBQztJQUVPLGdCQUFnQjtRQUN0QiwyQkFBMkI7UUFDM0IsSUFBSSxDQUFDLFdBQVcsQ0FBQyxlQUFlLENBQzlCLElBQUksT0FBTyxDQUFDLFlBQVksQ0FBQyxZQUFZLENBQ25DLHdCQUF3QixFQUN4QixLQUFLLEVBQUUsT0FBTyxFQUFFLEVBQUU7WUFDaEIsTUFBTSxZQUFZLEdBQUcsTUFBTSxJQUFJLENBQUMsd0JBQXdCLEVBQUUsQ0FBQztZQUMzRCxNQUFNLE9BQU8sR0FBRyxJQUFJLENBQUMsWUFBWSxDQUFDLFlBQVksQ0FBQyxDQUFDO1lBQ2hELE9BQU8sRUFBRSxZQUFZLEVBQUUsT0FBTyxFQUFFLENBQUM7UUFDbkMsQ0FBQyxDQUNGLENBQ0YsQ0FBQztRQUVGLG1EQUFtRDtRQUNuRCxJQUFJLENBQUMsV0FBVyxDQUFDLGVBQWUsQ0FDOUIsSUFBSSxPQUFPLENBQUMsWUFBWSxDQUFDLFlBQVksQ0FDbkMsd0JBQXdCLEVBQ3hCLEtBQUssRUFBRSxPQUFPLEVBQUUsRUFBRTtZQUNoQixPQUFPLElBQUksQ0FBQyw2QkFBNkIsQ0FBQyxPQUFPLENBQUMsU0FBUyxDQUFDLENBQUM7UUFDL0QsQ0FBQyxDQUNGLENBQ0YsQ0FBQztRQUVGLHVDQUF1QztRQUN2QyxJQUFJLENBQUMsV0FBVyxDQUFDLGVBQWUsQ0FDOUIsSUFBSSxPQUFPLENBQUMsWUFBWSxDQUFDLFlBQVksQ0FDbkMsOEJBQThCLEVBQzlCLEtBQUssRUFBRSxPQUFPLEVBQUUsRUFBRTtZQUNoQixPQUFPLElBQUksQ0FBQyw0QkFBNEIsQ0FBQyxPQUFPLENBQUMsTUFBTSxDQUFDLENBQUM7UUFDM0QsQ0FBQyxDQUNGLENBQ0YsQ0FBQztRQUVGLHFCQUFxQjtRQUNyQixJQUFJLENBQUMsV0FBVyxDQUFDLGVBQWUsQ0FDOUIsSUFBSSxPQUFPLENBQUMsWUFBWSxDQUFDLFlBQVksQ0FDbkMsbUJBQW1CLEVBQ25CLEtBQUssRUFBRSxPQUFPLEVBQUUsRUFBRTtZQUNoQixPQUFPLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQUMsTUFBTSxDQUFDLENBQUM7UUFDaEQsQ0FBQyxDQUNGLENBQ0YsQ0FBQztRQUVGLHFCQUFxQjtRQUNyQixJQUFJLENBQUMsV0FBVyxDQUFDLGVBQWUsQ0FDOUIsSUFBSSxPQUFPLENBQUMsWUFBWSxDQUFDLFlBQVksQ0FDbkMsbUJBQW1CLEVBQ25CLEtBQUssRUFBRSxPQUFPLEVBQUUsRUFBRTtZQUNoQixPQUFPLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQUMsTUFBTSxDQUFDLENBQUM7UUFDaEQsQ0FBQyxDQUNGLENBQ0YsQ0FBQztRQUVGLHFCQUFxQjtRQUNyQixJQUFJLENBQUMsV0FBVyxDQUFDLGVBQWUsQ0FDOUIsSUFBSSxPQUFPLENBQUMsWUFBWSxDQUFDLFlBQVksQ0FDbkMsbUJBQW1CLEVBQ25CLEtBQUssRUFBRSxPQUFPLEVBQUUsRUFBRTtZQUNoQixPQUFPLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDLENBQUM7UUFDOUMsQ0FBQyxDQUNGLENBQ0YsQ0FBQztJQUNKLENBQUM7SUFFRDs7O09BR0c7SUFDSyxLQUFLLENBQUMsd0JBQXdCO1FBQ3BDLE1BQU0sUUFBUSxHQUFHLElBQUksQ0FBQyxZQUFZLENBQUMsV0FBVyxDQUFDO1FBQy9DLE1BQU0sVUFBVSxHQUFHLFFBQVEsQ0FBQyxVQUFVLENBQUM7UUFDdkMsSUFBSSxDQUFDLFVBQVU7WUFBRSxPQUFPLEVBQUUsQ0FBQztRQUUzQixNQUFNLE1BQU0sR0FBRyxVQUFVLENBQUMsWUFBWSxDQUFDLFNBQVMsRUFBRSxDQUFDO1FBRW5ELG1FQUFtRTtRQUNuRSxNQUFNLFNBQVMsR0FBRyxJQUFJLEdBQUcsRUFLckIsQ0FBQztRQUVMLEtBQUssTUFBTSxLQUFLLElBQUksTUFBTSxFQUFFLENBQUM7WUFDM0IsSUFBSSxDQUFDLEtBQUssQ0FBQyxJQUFJO2dCQUFFLFNBQVM7WUFFMUIsTUFBTSxHQUFHLEdBQUcsS0FBSyxDQUFDLE1BQU0sRUFBRSxHQUFHLENBQUM7WUFDOUIsSUFBSSxDQUFDLEdBQUc7Z0JBQUUsU0FBUztZQUVuQiwyREFBMkQ7WUFDM0QsSUFBSSxHQUFHLENBQUMsSUFBSSxLQUFLLGFBQWE7Z0JBQUUsU0FBUztZQUV6QyxNQUFNLFlBQVksR0FBRyxLQUFLLENBQUMsS0FBSyxDQUFDLE9BQU87Z0JBQ3RDLENBQUMsQ0FBQyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUMsS0FBSyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUMsQ0FBQztnQkFDcEYsQ0FBQyxDQUFDLEVBQUUsQ0FBQztZQUVQLG1CQUFtQjtZQUNuQixJQUFJLE1BQU0sR0FBMkMsTUFBTSxDQUFDO1lBQzVELElBQUksR0FBRyxDQUFDLFdBQVcsS0FBSyxNQUFNLEVBQUUsQ0FBQztnQkFDL0IsSUFBSyxVQUFVLENBQUMsUUFBZ0IsQ0FBQyxxQkFBcUIsRUFBRSxDQUFDO29CQUN2RCxNQUFNLEdBQUcsb0JBQW9CLENBQUM7Z0JBQ2hDLENBQUM7cUJBQU0sQ0FBQztvQkFDTixNQUFNLEdBQUcsTUFBTSxDQUFDO2dCQUNsQixDQUFDO1lBQ0gsQ0FBQztpQkFBTSxJQUFJLEdBQUcsQ0FBQyxXQUFXLElBQUksT0FBTyxHQUFHLENBQUMsV0FBVyxLQUFLLFFBQVEsRUFBRSxDQUFDO2dCQUNsRSxNQUFNLEdBQUcsUUFBUSxDQUFDO1lBQ3BCLENBQUM7WUFFRCxNQUFNLGNBQWMsR0FBRyxNQUFNLEtBQUssTUFBTSxJQUFJLE1BQU0sS0FBSyxvQkFBb0IsQ0FBQztZQUM1RSxNQUFNLE9BQU8sR0FBRyxHQUFHLENBQUMsSUFBK0QsQ0FBQztZQUVwRixLQUFLLE1BQU0sTUFBTSxJQUFJLFlBQVksRUFBRSxDQUFDO2dCQUNsQyxNQUFNLFFBQVEsR0FBRyxTQUFTLENBQUMsR0FBRyxDQUFDLE1BQU0sQ0FBQyxDQUFDO2dCQUN2QyxJQUFJLFFBQVEsRUFBRSxDQUFDO29CQUNiLG1EQUFtRDtvQkFDbkQsSUFBSSxDQUFDLFFBQVEsQ0FBQyxVQUFVLENBQUMsUUFBUSxDQUFDLEtBQUssQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDO3dCQUM5QyxRQUFRLENBQUMsVUFBVSxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDLENBQUM7b0JBQ3ZDLENBQUM7b0JBQ0Qsa0NBQWtDO29CQUNsQyxJQUFJLFFBQVEsQ0FBQyxNQUFNLEtBQUssTUFBTSxJQUFJLE1BQU0sS0FBSyxNQUFNLEVBQUUsQ0FBQzt3QkFDcEQsUUFBUSxDQUFDLE1BQU0sR0FBRyxNQUFNLENBQUM7d0JBQ3pCLFFBQVEsQ0FBQyxjQUFjLEdBQUcsY0FBYyxDQUFDO29CQUMzQyxDQUFDO2dCQUNILENBQUM7cUJBQU0sQ0FBQztvQkFDTixTQUFTLENBQUMsR0FBRyxDQUFDLE1BQU0sRUFBRTt3QkFDcEIsVUFBVSxFQUFFLENBQUMsS0FBSyxDQUFDLElBQUksQ0FBQzt3QkFDeEIsTUFBTTt3QkFDTixPQUFPO3dCQUNQLGNBQWM7cUJBQ2YsQ0FBQyxDQUFDO2dCQUNMLENBQUM7WUFDSCxDQUFDO1FBQ0gsQ0FBQztRQUVELGlEQUFpRDtRQUNqRCxNQUFNLFlBQVksR0FBMkMsRUFBRSxDQUFDO1FBRWhFLEtBQUssTUFBTSxDQUFDLE1BQU0sRUFBRSxJQUFJLENBQUMsSUFBSSxTQUFTLEVBQUUsQ0FBQztZQUN2QyxJQUFJLE1BQU0sR0FBMkMsU0FBUyxDQUFDO1lBQy9ELElBQUksVUFBOEIsQ0FBQztZQUNuQyxJQUFJLFFBQTRCLENBQUM7WUFDakMsSUFBSSxNQUEwQixDQUFDO1lBQy9CLElBQUksS0FBeUIsQ0FBQztZQUU5QiwyRUFBMkU7WUFDM0UsTUFBTSxXQUFXLEdBQUcsUUFBUSxDQUFDLG9CQUFvQixDQUFDLEdBQUcsQ0FBQyxNQUFNLENBQUMsQ0FBQztZQUM5RCxJQUFJLFdBQVcsRUFBRSxDQUFDO2dCQUNoQixNQUFNLEdBQUcsV0FBVyxDQUFDLE1BQU0sQ0FBQztnQkFDNUIsVUFBVSxHQUFHLFdBQVcsQ0FBQyxVQUFVLENBQUM7Z0JBQ3BDLFFBQVEsR0FBRyxXQUFXLENBQUMsUUFBUSxDQUFDO2dCQUNoQyxLQUFLLEdBQUcsV0FBVyxDQUFDLEtBQUssQ0FBQztnQkFDMUIsSUFBSSxXQUFXLENBQUMsTUFBTSxFQUFFLENBQUM7b0JBQ3ZCLE1BQU0sR0FBRyxXQUFXLENBQUMsTUFBTSxDQUFDO2dCQUM5QixDQUFDO1lBQ0gsQ0FBQztZQUVELHFEQUFxRDtZQUNyRCxJQUFJLE1BQU0sS0FBSyxTQUFTLElBQUksSUFBSSxDQUFDLFVBQVUsQ0FBQyxNQUFNLEdBQUcsQ0FBQyxFQUFFLENBQUM7Z0JBQ3ZELElBQUksQ0FBQztvQkFDSCxNQUFNLFVBQVUsR0FBRyxNQUFNLFVBQVUsQ0FBQyxvQkFBb0IsQ0FBQyxJQUFJLENBQUMsVUFBVSxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUM7b0JBQzdFLElBQUksVUFBVSxFQUFFLENBQUM7d0JBQ2YsSUFBSSxVQUFVLENBQUMsVUFBVTs0QkFBRSxVQUFVLEdBQUcsVUFBVSxDQUFDLFVBQVUsQ0FBQzt3QkFDOUQsSUFBSSxVQUFVLENBQUMsTUFBTTs0QkFBRSxNQUFNLEdBQUcsVUFBVSxDQUFDLE1BQU0sQ0FBQzt3QkFDbEQsSUFBSSxVQUFVLENBQUMsUUFBUTs0QkFBRSxRQUFRLEdBQUcsVUFBVSxDQUFDLFFBQVEsQ0FBQzt3QkFDeEQsSUFBSSxVQUFVLENBQUMsTUFBTSxLQUFLLE9BQU8sSUFBSSxVQUFVLENBQUMsTUFBTSxLQUFLLFNBQVMsRUFBRSxDQUFDOzRCQUNyRSxNQUFNLEdBQUcsVUFBVSxDQUFDLE1BQU0sQ0FBQzt3QkFDN0IsQ0FBQztvQkFDSCxDQUFDO2dCQUNILENBQUM7Z0JBQUMsTUFBTSxDQUFDO29CQUNQLHdEQUF3RDtnQkFDMUQsQ0FBQztZQUNILENBQUM7WUFFRCxnREFBZ0Q7WUFDaEQsSUFBSSxNQUFNLEtBQUssU0FBUyxFQUFFLENBQUM7Z0JBQ3pCLE1BQU0sV0FBVyxHQUFHLE1BQU0sQ0FBQyxPQUFPLENBQUMsUUFBUSxFQUFFLEVBQUUsQ0FBQyxDQUFDO2dCQUNqRCxJQUFJLFFBQVEsR0FBRyxNQUFNLFFBQVEsQ0FBQyxjQUFjLENBQUMsT0FBTyxDQUFDLFVBQVUsV0FBVyxFQUFFLENBQUMsQ0FBQztnQkFDOUUsSUFBSSxDQUFDLFFBQVEsRUFBRSxDQUFDO29CQUNkLDBDQUEwQztvQkFDMUMsUUFBUSxHQUFHLE1BQU0sUUFBUSxDQUFDLGNBQWMsQ0FBQyxPQUFPLENBQUMsZ0JBQWdCLE1BQU0sRUFBRSxDQUFDLENBQUM7Z0JBQzdFLENBQUM7Z0JBQ0QsSUFBSSxRQUFRLEVBQUUsVUFBVSxFQUFFLENBQUM7b0JBQ3pCLFVBQVUsR0FBRyxJQUFJLElBQUksQ0FBQyxRQUFRLENBQUMsVUFBVSxDQUFDLENBQUMsV0FBVyxFQUFFLENBQUM7b0JBQ3pELElBQUksUUFBUSxDQUFDLE9BQU8sRUFBRSxDQUFDO3dCQUNyQixRQUFRLEdBQUcsSUFBSSxJQUFJLENBQUMsUUFBUSxDQUFDLE9BQU8sQ0FBQyxDQUFDLFdBQVcsRUFBRSxDQUFDO29CQUN0RCxDQUFDO29CQUNELE1BQU0sR0FBRyxrQkFBa0IsQ0FBQztnQkFDOUIsQ0FBQztxQkFBTSxJQUFJLFFBQVEsRUFBRSxTQUFTLEVBQUUsQ0FBQztvQkFDL0IsZ0RBQWdEO29CQUNoRCxJQUFJLENBQUM7d0JBQ0gsTUFBTSxJQUFJLEdBQUcsSUFBSSxPQUFPLENBQUMsTUFBTSxDQUFDLGVBQWUsQ0FBQyxRQUFRLENBQUMsU0FBUyxDQUFDLENBQUM7d0JBQ3BFLFVBQVUsR0FBRyxJQUFJLElBQUksQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFDLENBQUMsV0FBVyxFQUFFLENBQUM7d0JBQ2xELFFBQVEsR0FBRyxJQUFJLElBQUksQ0FBQyxJQUFJLENBQUMsU0FBUyxDQUFDLENBQUMsV0FBVyxFQUFFLENBQUM7b0JBQ3BELENBQUM7b0JBQUMsTUFBTSxDQUFDLENBQUMsd0JBQXdCLENBQUMsQ0FBQztvQkFDcEMsTUFBTSxHQUFHLE9BQU8sQ0FBQztvQkFDakIsTUFBTSxHQUFHLFlBQVksQ0FBQztnQkFDeEIsQ0FBQztxQkFBTSxJQUFJLFFBQVEsRUFBRSxDQUFDO29CQUNwQixNQUFNLEdBQUcsT0FBTyxDQUFDO29CQUNqQixNQUFNLEdBQUcsWUFBWSxDQUFDO2dCQUN4QixDQUFDO1lBQ0gsQ0FBQztZQUVELGtDQUFrQztZQUNsQyxJQUFJLFVBQVUsSUFBSSxDQUFDLE1BQU0sS0FBSyxPQUFPLElBQUksTUFBTSxLQUFLLFNBQVMsQ0FBQyxFQUFFLENBQUM7Z0JBQy9ELE1BQU0sTUFBTSxHQUFHLElBQUksSUFBSSxDQUFDLFVBQVUsQ0FBQyxDQUFDO2dCQUNwQyxNQUFNLEdBQUcsR0FBRyxJQUFJLElBQUksRUFBRSxDQUFDO2dCQUN2QixNQUFNLGVBQWUsR0FBRyxDQUFDLE1BQU0sQ0FBQyxPQUFPLEVBQUUsR0FBRyxHQUFHLENBQUMsT0FBTyxFQUFFLENBQUMsR0FBRyxDQUFDLElBQUksR0FBRyxFQUFFLEdBQUcsRUFBRSxHQUFHLEVBQUUsQ0FBQyxDQUFDO2dCQUVuRixJQUFJLGVBQWUsR0FBRyxDQUFDLEVBQUUsQ0FBQztvQkFDeEIsTUFBTSxHQUFHLFNBQVMsQ0FBQztnQkFDckIsQ0FBQztxQkFBTSxJQUFJLGVBQWUsR0FBRyxFQUFFLEVBQUUsQ0FBQztvQkFDaEMsTUFBTSxHQUFHLFVBQVUsQ0FBQztnQkFDdEIsQ0FBQztxQkFBTSxDQUFDO29CQUNOLE1BQU0sR0FBRyxPQUFPLENBQUM7Z0JBQ25CLENBQUM7WUFDSCxDQUFDO1lBRUQscURBQXFEO1lBQ3JELElBQUksSUFBSSxDQUFDLE1BQU0sS0FBSyxRQUFRLElBQUksTUFBTSxLQUFLLFNBQVMsRUFBRSxDQUFDO2dCQUNyRCxNQUFNLEdBQUcsT0FBTyxDQUFDO1lBQ25CLENBQUM7WUFFRCwwRUFBMEU7WUFDMUUsSUFBSSxNQUFNLEtBQUssU0FBUyxJQUFJLENBQUMsSUFBSSxDQUFDLE1BQU0sS0FBSyxNQUFNLElBQUksSUFBSSxDQUFDLE1BQU0sS0FBSyxvQkFBb0IsQ0FBQyxFQUFFLENBQUM7Z0JBQzdGLE1BQU0sR0FBRyxjQUFjLENBQUM7WUFDMUIsQ0FBQztZQUVELCtCQUErQjtZQUMvQixJQUFJLFdBQWdFLENBQUM7WUFDckUsSUFBSSxRQUFRLENBQUMsc0JBQXNCLEVBQUUsQ0FBQztnQkFDcEMsTUFBTSxFQUFFLEdBQUcsTUFBTSxRQUFRLENBQUMsc0JBQXNCLENBQUMsY0FBYyxDQUFDLE1BQU0sQ0FBQyxDQUFDO2dCQUN4RSxJQUFJLEVBQUUsRUFBRSxDQUFDO29CQUNQLFdBQVcsR0FBRyxFQUFFLENBQUM7Z0JBQ25CLENBQUM7WUFDSCxDQUFDO1lBRUQsWUFBWSxDQUFDLElBQUksQ0FBQztnQkFDaEIsTUFBTTtnQkFDTixVQUFVLEVBQUUsSUFBSSxDQUFDLFVBQVU7Z0JBQzNCLE1BQU07Z0JBQ04sTUFBTSxFQUFFLElBQUksQ0FBQyxNQUFNO2dCQUNuQixPQUFPLEVBQUUsSUFBSSxDQUFDLE9BQU87Z0JBQ3JCLFVBQVU7Z0JBQ1YsTUFBTTtnQkFDTixRQUFRO2dCQUNSLEtBQUs7Z0JBQ0wsY0FBYyxFQUFFLElBQUksQ0FBQyxjQUFjO2dCQUNuQyxXQUFXO2FBQ1osQ0FBQyxDQUFDO1FBQ0wsQ0FBQztRQUVELE9BQU8sWUFBWSxDQUFDO0lBQ3RCLENBQUM7SUFFTyxZQUFZLENBQUMsWUFBb0Q7UUFRdkUsTUFBTSxPQUFPLEdBQUcsRUFBRSxLQUFLLEVBQUUsQ0FBQyxFQUFFLEtBQUssRUFBRSxDQUFDLEVBQUUsUUFBUSxFQUFFLENBQUMsRUFBRSxPQUFPLEVBQUUsQ0FBQyxFQUFFLE1BQU0sRUFBRSxDQUFDLEVBQUUsT0FBTyxFQUFFLENBQUMsRUFBRSxDQUFDO1FBQ3ZGLE9BQU8sQ0FBQyxLQUFLLEdBQUcsWUFBWSxDQUFDLE1BQU0sQ0FBQztRQUNwQyxLQUFLLE1BQU0sSUFBSSxJQUFJLFlBQVksRUFBRSxDQUFDO1lBQ2hDLFFBQVEsSUFBSSxDQUFDLE1BQU0sRUFBRSxDQUFDO2dCQUNwQixLQUFLLE9BQU87b0JBQUUsT0FBTyxDQUFDLEtBQUssRUFBRSxDQUFDO29CQUFDLE1BQU07Z0JBQ3JDLEtBQUssVUFBVTtvQkFBRSxPQUFPLENBQUMsUUFBUSxFQUFFLENBQUM7b0JBQUMsTUFBTTtnQkFDM0MsS0FBSyxTQUFTO29CQUFFLE9BQU8sQ0FBQyxPQUFPLEVBQUUsQ0FBQztvQkFBQyxNQUFNO2dCQUN6QyxLQUFLLFFBQVE7b0JBQUUsT0FBTyxDQUFDLE1BQU0sRUFBRSxDQUFDO29CQUFDLE1BQU07Z0JBQ3ZDLEtBQUssY0FBYyxDQUFDLENBQUMsbUJBQW1CO2dCQUN4QyxLQUFLLFNBQVM7b0JBQUUsT0FBTyxDQUFDLE9BQU8sRUFBRSxDQUFDO29CQUFDLE1BQU07WUFDM0MsQ0FBQztRQUNILENBQUM7UUFDRCxPQUFPLE9BQU8sQ0FBQztJQUNqQixDQUFDO0lBRUQ7O09BRUc7SUFDSyxLQUFLLENBQUMsNkJBQTZCLENBQUMsU0FBaUI7UUFDM0QsTUFBTSxRQUFRLEdBQUcsSUFBSSxDQUFDLFlBQVksQ0FBQyxXQUFXLENBQUM7UUFDL0MsTUFBTSxVQUFVLEdBQUcsUUFBUSxDQUFDLFVBQVUsQ0FBQztRQUV2QyxJQUFJLENBQUMsVUFBVSxFQUFFLENBQUM7WUFDaEIsT0FBTyxFQUFFLE9BQU8sRUFBRSxLQUFLLEVBQUUsT0FBTyxFQUFFLDJCQUEyQixFQUFFLENBQUM7UUFDbEUsQ0FBQztRQUVELElBQUksQ0FBQztZQUNILE1BQU0sVUFBVSxDQUFDLG9CQUFvQixDQUFDLFNBQVMsQ0FBQyxDQUFDO1lBQ2pELHFEQUFxRDtZQUNyRCxLQUFLLE1BQU0sQ0FBQyxNQUFNLEVBQUUsS0FBSyxDQUFDLElBQUksUUFBUSxDQUFDLG9CQUFvQixFQUFFLENBQUM7Z0JBQzVELElBQUksS0FBSyxDQUFDLFVBQVUsQ0FBQyxRQUFRLENBQUMsU0FBUyxDQUFDLEVBQUUsQ0FBQztvQkFDekMsUUFBUSxDQUFDLG9CQUFvQixDQUFDLE1BQU0sQ0FBQyxNQUFNLENBQUMsQ0FBQztnQkFDL0MsQ0FBQztZQUNILENBQUM7WUFDRCxPQUFPLEVBQUUsT0FBTyxFQUFFLElBQUksRUFBRSxPQUFPLEVBQUUsbURBQW1ELFNBQVMsR0FBRyxFQUFFLENBQUM7UUFDckcsQ0FBQztRQUFDLE9BQU8sR0FBRyxFQUFFLENBQUM7WUFDYixPQUFPLEVBQUUsT0FBTyxFQUFFLEtBQUssRUFBRSxPQUFPLEVBQUUsR0FBRyxDQUFDLE9BQU8sSUFBSSxtQ0FBbUMsRUFBRSxDQUFDO1FBQ3pGLENBQUM7SUFDSCxDQUFDO0lBRUQ7O09BRUc7SUFDSyxLQUFLLENBQUMsNEJBQTRCLENBQUMsTUFBYztRQUN2RCxNQUFNLFFBQVEsR0FBRyxJQUFJLENBQUMsWUFBWSxDQUFDLFdBQVcsQ0FBQztRQUMvQyxNQUFNLFVBQVUsR0FBRyxRQUFRLENBQUMsVUFBVSxDQUFDO1FBRXZDLElBQUksQ0FBQyxVQUFVLEVBQUUsQ0FBQztZQUNoQixPQUFPLEVBQUUsT0FBTyxFQUFFLEtBQUssRUFBRSxPQUFPLEVBQUUsMkJBQTJCLEVBQUUsQ0FBQztRQUNsRSxDQUFDO1FBRUQsZ0RBQWdEO1FBQ2hELElBQUksUUFBUSxDQUFDLHNCQUFzQixFQUFFLENBQUM7WUFDcEMsTUFBTSxRQUFRLENBQUMsc0JBQXNCLENBQUMsWUFBWSxDQUFDLE1BQU0sQ0FBQyxDQUFDO1FBQzdELENBQUM7UUFFRCw4Q0FBOEM7UUFDOUMsUUFBUSxDQUFDLG9CQUFvQixDQUFDLE1BQU0sQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUU3QywwQ0FBMEM7UUFDMUMsSUFBSSxRQUFRLENBQUMsU0FBUyxFQUFFLENBQUM7WUFDdkIsSUFBSSxDQUFDO2dCQUNILE1BQU0sUUFBUSxDQUFDLFNBQVMsQ0FBQyx1QkFBdUIsQ0FBQyxNQUFNLENBQUMsQ0FBQztnQkFDekQsT0FBTyxFQUFFLE9BQU8sRUFBRSxJQUFJLEVBQUUsT0FBTyxFQUFFLG9EQUFvRCxNQUFNLEdBQUcsRUFBRSxDQUFDO1lBQ25HLENBQUM7WUFBQyxPQUFPLEdBQUcsRUFBRSxDQUFDO2dCQUNiLE9BQU8sRUFBRSxPQUFPLEVBQUUsS0FBSyxFQUFFLE9BQU8sRUFBRSxHQUFHLENBQUMsT0FBTyxJQUFJLHlDQUF5QyxNQUFNLEVBQUUsRUFBRSxDQUFDO1lBQ3ZHLENBQUM7UUFDSCxDQUFDO1FBRUQsMERBQTBEO1FBQzFELE1BQU0sVUFBVSxHQUFHLFFBQVEsQ0FBQyx1QkFBdUIsQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUM1RCxJQUFJLFVBQVUsQ0FBQyxNQUFNLEdBQUcsQ0FBQyxFQUFFLENBQUM7WUFDMUIsSUFBSSxDQUFDO2dCQUNILE1BQU0sVUFBVSxDQUFDLG9CQUFvQixDQUFDLFVBQVUsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDO2dCQUNyRCxPQUFPLEVBQUUsT0FBTyxFQUFFLElBQUksRUFBRSxPQUFPLEVBQUUsb0RBQW9ELE1BQU0sZ0JBQWdCLFVBQVUsQ0FBQyxDQUFDLENBQUMsR0FBRyxFQUFFLENBQUM7WUFDaEksQ0FBQztZQUFDLE9BQU8sR0FBRyxFQUFFLENBQUM7Z0JBQ2IsT0FBTyxFQUFFLE9BQU8sRUFBRSxLQUFLLEVBQUUsT0FBTyxFQUFFLEdBQUcsQ0FBQyxPQUFPLElBQUkseUNBQXlDLE1BQU0sRUFBRSxFQUFFLENBQUM7WUFDdkcsQ0FBQztRQUNILENBQUM7UUFFRCxPQUFPLEVBQUUsT0FBTyxFQUFFLEtBQUssRUFBRSxPQUFPLEVBQUUsK0JBQStCLE1BQU0sR0FBRyxFQUFFLENBQUM7SUFDL0UsQ0FBQztJQUVEOztPQUVHO0lBQ0ssS0FBSyxDQUFDLGlCQUFpQixDQUFDLE1BQWM7UUFDNUMsTUFBTSxRQUFRLEdBQUcsSUFBSSxDQUFDLFlBQVksQ0FBQyxXQUFXLENBQUM7UUFDL0MsTUFBTSxXQUFXLEdBQUcsTUFBTSxDQUFDLE9BQU8sQ0FBQyxRQUFRLEVBQUUsRUFBRSxDQUFDLENBQUM7UUFFakQsc0NBQXNDO1FBQ3RDLE1BQU0sS0FBSyxHQUFHO1lBQ1osZ0JBQWdCLE1BQU0sRUFBRTtZQUN4QixnQkFBZ0IsV0FBVyxFQUFFO1lBQzdCLFVBQVUsV0FBVyxFQUFFO1NBQ3hCLENBQUM7UUFFRixLQUFLLE1BQU0sSUFBSSxJQUFJLEtBQUssRUFBRSxDQUFDO1lBQ3pCLElBQUksQ0FBQztnQkFDSCxNQUFNLFFBQVEsQ0FBQyxjQUFjLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxDQUFDO1lBQzdDLENBQUM7WUFBQyxNQUFNLENBQUM7Z0JBQ1AsOEJBQThCO1lBQ2hDLENBQUM7UUFDSCxDQUFDO1FBRUQsa0NBQWtDO1FBQ2xDLFFBQVEsQ0FBQyxvQkFBb0IsQ0FBQyxNQUFNLENBQUMsTUFBTSxDQUFDLENBQUM7UUFFN0MscUJBQXFCO1FBQ3JCLElBQUksUUFBUSxDQUFDLHNCQUFzQixFQUFFLENBQUM7WUFDcEMsTUFBTSxRQUFRLENBQUMsc0JBQXNCLENBQUMsWUFBWSxDQUFDLE1BQU0sQ0FBQyxDQUFDO1FBQzdELENBQUM7UUFFRCxPQUFPLEVBQUUsT0FBTyxFQUFFLElBQUksRUFBRSxPQUFPLEVBQUUsaUNBQWlDLE1BQU0sR0FBRyxFQUFFLENBQUM7SUFDaEYsQ0FBQztJQUVEOztPQUVHO0lBQ0ssS0FBSyxDQUFDLGlCQUFpQixDQUFDLE1BQWM7UUFhNUMsTUFBTSxRQUFRLEdBQUcsSUFBSSxDQUFDLFlBQVksQ0FBQyxXQUFXLENBQUM7UUFDL0MsTUFBTSxXQUFXLEdBQUcsTUFBTSxDQUFDLE9BQU8sQ0FBQyxRQUFRLEVBQUUsRUFBRSxDQUFDLENBQUM7UUFFakQsMkRBQTJEO1FBQzNELElBQUksUUFBUSxHQUFHLE1BQU0sUUFBUSxDQUFDLGNBQWMsQ0FBQyxPQUFPLENBQUMsVUFBVSxXQUFXLEVBQUUsQ0FBQyxDQUFDO1FBQzlFLElBQUksUUFBUSxJQUFJLFFBQVEsQ0FBQyxTQUFTLElBQUksUUFBUSxDQUFDLFVBQVUsRUFBRSxDQUFDO1lBQzFELE9BQU87Z0JBQ0wsT0FBTyxFQUFFLElBQUk7Z0JBQ2IsSUFBSSxFQUFFO29CQUNKLEVBQUUsRUFBRSxRQUFRLENBQUMsRUFBRSxJQUFJLE9BQU8sQ0FBQyxNQUFNLENBQUMsVUFBVSxFQUFFO29CQUM5QyxVQUFVLEVBQUUsUUFBUSxDQUFDLFVBQVUsSUFBSSxNQUFNO29CQUN6QyxPQUFPLEVBQUUsUUFBUSxDQUFDLE9BQU8sSUFBSSxJQUFJLENBQUMsR0FBRyxFQUFFO29CQUN2QyxVQUFVLEVBQUUsUUFBUSxDQUFDLFVBQVUsSUFBSSxDQUFDO29CQUNwQyxVQUFVLEVBQUUsUUFBUSxDQUFDLFVBQVU7b0JBQy9CLFNBQVMsRUFBRSxRQUFRLENBQUMsU0FBUztvQkFDN0IsR0FBRyxFQUFFLFFBQVEsQ0FBQyxHQUFHLElBQUksRUFBRTtpQkFDeEI7YUFDRixDQUFDO1FBQ0osQ0FBQztRQUVELG1EQUFtRDtRQUNuRCxRQUFRLEdBQUcsTUFBTSxRQUFRLENBQUMsY0FBYyxDQUFDLE9BQU8sQ0FBQyxnQkFBZ0IsTUFBTSxFQUFFLENBQUMsQ0FBQztRQUMzRSxJQUFJLENBQUMsUUFBUSxJQUFJLENBQUMsUUFBUSxDQUFDLFNBQVMsRUFBRSxDQUFDO1lBQ3JDLHdCQUF3QjtZQUN4QixRQUFRLEdBQUcsTUFBTSxRQUFRLENBQUMsY0FBYyxDQUFDLE9BQU8sQ0FBQyxnQkFBZ0IsV0FBVyxFQUFFLENBQUMsQ0FBQztRQUNsRixDQUFDO1FBRUQsSUFBSSxRQUFRLElBQUksUUFBUSxDQUFDLFNBQVMsSUFBSSxRQUFRLENBQUMsVUFBVSxFQUFFLENBQUM7WUFDMUQsT0FBTztnQkFDTCxPQUFPLEVBQUUsSUFBSTtnQkFDYixJQUFJLEVBQUU7b0JBQ0osRUFBRSxFQUFFLE9BQU8sQ0FBQyxNQUFNLENBQUMsVUFBVSxFQUFFO29CQUMvQixVQUFVLEVBQUUsTUFBTTtvQkFDbEIsT0FBTyxFQUFFLFFBQVEsQ0FBQyxTQUFTLElBQUksSUFBSSxDQUFDLEdBQUcsRUFBRTtvQkFDekMsVUFBVSxFQUFFLFFBQVEsQ0FBQyxVQUFVLElBQUksQ0FBQztvQkFDcEMsVUFBVSxFQUFFLFFBQVEsQ0FBQyxVQUFVO29CQUMvQixTQUFTLEVBQUUsUUFBUSxDQUFDLFNBQVM7b0JBQzdCLEdBQUcsRUFBRSxFQUFFO2lCQUNSO2FBQ0YsQ0FBQztRQUNKLENBQUM7UUFFRCxPQUFPLEVBQUUsT0FBTyxFQUFFLEtBQUssRUFBRSxPQUFPLEVBQUUsa0NBQWtDLE1BQU0sR0FBRyxFQUFFLENBQUM7SUFDbEYsQ0FBQztJQUVEOztPQUVHO0lBQ0ssS0FBSyxDQUFDLGlCQUFpQixDQUFDLElBUS9CO1FBQ0MsdUJBQXVCO1FBQ3ZCLElBQUksQ0FBQyxJQUFJLENBQUMsU0FBUyxJQUFJLENBQUMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxRQUFRLENBQUMsNkJBQTZCLENBQUMsRUFBRSxDQUFDO1lBQy9FLE9BQU8sRUFBRSxPQUFPLEVBQUUsS0FBSyxFQUFFLE9BQU8sRUFBRSwyREFBMkQsRUFBRSxDQUFDO1FBQ2xHLENBQUM7UUFDRCxJQUFJLENBQUMsSUFBSSxDQUFDLFVBQVUsSUFBSSxDQUFDLElBQUksQ0FBQyxVQUFVLENBQUMsUUFBUSxDQUFDLFlBQVksQ0FBQyxFQUFFLENBQUM7WUFDaEUsT0FBTyxFQUFFLE9BQU8sRUFBRSxLQUFLLEVBQUUsT0FBTyxFQUFFLG9EQUFvRCxFQUFFLENBQUM7UUFDM0YsQ0FBQztRQUVELE1BQU0sUUFBUSxHQUFHLElBQUksQ0FBQyxZQUFZLENBQUMsV0FBVyxDQUFDO1FBQy9DLE1BQU0sV0FBVyxHQUFHLElBQUksQ0FBQyxVQUFVLENBQUMsT0FBTyxDQUFDLFFBQVEsRUFBRSxFQUFFLENBQUMsQ0FBQztRQUUxRCw4Q0FBOEM7UUFDOUMsTUFBTSxRQUFRLENBQUMsY0FBYyxDQUFDLE9BQU8sQ0FBQyxVQUFVLFdBQVcsRUFBRSxFQUFFO1lBQzdELEVBQUUsRUFBRSxJQUFJLENBQUMsRUFBRTtZQUNYLFVBQVUsRUFBRSxJQUFJLENBQUMsVUFBVTtZQUMzQixPQUFPLEVBQUUsSUFBSSxDQUFDLE9BQU87WUFDckIsVUFBVSxFQUFFLElBQUksQ0FBQyxVQUFVO1lBQzNCLFVBQVUsRUFBRSxJQUFJLENBQUMsVUFBVTtZQUMzQixTQUFTLEVBQUUsSUFBSSxDQUFDLFNBQVM7WUFDekIsR0FBRyxFQUFFLElBQUksQ0FBQyxHQUFHLElBQUksRUFBRTtTQUNwQixDQUFDLENBQUM7UUFFSCxpREFBaUQ7UUFDakQsTUFBTSxRQUFRLENBQUMsY0FBYyxDQUFDLE9BQU8sQ0FBQyxnQkFBZ0IsSUFBSSxDQUFDLFVBQVUsRUFBRSxFQUFFO1lBQ3ZFLE1BQU0sRUFBRSxJQUFJLENBQUMsVUFBVTtZQUN2QixTQUFTLEVBQUUsSUFBSSxDQUFDLFNBQVM7WUFDekIsVUFBVSxFQUFFLElBQUksQ0FBQyxVQUFVO1lBQzNCLEVBQUUsRUFBRSxTQUFTO1lBQ2IsVUFBVSxFQUFFLElBQUksQ0FBQyxVQUFVO1lBQzNCLFNBQVMsRUFBRSxJQUFJLENBQUMsT0FBTztTQUN4QixDQUFDLENBQUM7UUFFSCw4QkFBOEI7UUFDOUIsUUFBUSxDQUFDLG9CQUFvQixDQUFDLEdBQUcsQ0FBQyxJQUFJLENBQUMsVUFBVSxFQUFFO1lBQ2pELE1BQU0sRUFBRSxPQUFPO1lBQ2YsTUFBTSxFQUFFLFFBQVE7WUFDaEIsVUFBVSxFQUFFLElBQUksQ0FBQyxVQUFVLENBQUMsQ0FBQyxDQUFDLElBQUksSUFBSSxDQUFDLElBQUksQ0FBQyxVQUFVLENBQUMsQ0FBQyxXQUFXLEVBQUUsQ0FBQyxDQUFDLENBQUMsU0FBUztZQUNqRixRQUFRLEVBQUUsSUFBSSxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsSUFBSSxJQUFJLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxDQUFDLFdBQVcsRUFBRSxDQUFDLENBQUMsQ0FBQyxTQUFTO1lBQ3pFLFVBQVUsRUFBRSxFQUFFO1NBQ2YsQ0FBQyxDQUFDO1FBRUgsT0FBTyxFQUFFLE9BQU8sRUFBRSxJQUFJLEVBQUUsT0FBTyxFQUFFLDZCQUE2QixJQUFJLENBQUMsVUFBVSxHQUFHLEVBQUUsQ0FBQztJQUNyRixDQUFDO0NBQ0YifQ==

package/dist_ts/opsserver/handlers/config.handler.d.ts

@@ -1,9 +0,0 @@
-import * as plugins from '../../plugins.js';
-import type { OpsServer } from '../classes.opsserver.js';
-export declare class ConfigHandler {
-    private opsServerRef;
-    typedrouter: plugins.typedrequest.TypedRouter;
-    constructor(opsServerRef: OpsServer);
-    private registerHandlers;
-    private getConfiguration;
-}

package/dist_ts/opsserver/handlers/config.handler.js

@@ -1,67 +0,0 @@
-import * as plugins from '../../plugins.js';
-import * as interfaces from '../../../dist_ts_interfaces/index.js';
-export class ConfigHandler {
-    opsServerRef;
-    typedrouter = new plugins.typedrequest.TypedRouter();
-    constructor(opsServerRef) {
-        this.opsServerRef = opsServerRef;
-        // Add this handler's router to the parent
-        this.opsServerRef.typedrouter.addTypedRouter(this.typedrouter);
-        this.registerHandlers();
-    }
-    registerHandlers() {
-        // Get Configuration Handler (read-only)
-        this.typedrouter.addTypedHandler(new plugins.typedrequest.TypedHandler('getConfiguration', async (dataArg, toolsArg) => {
-            const config = await this.getConfiguration(dataArg.section);
-            return {
-                config,
-                section: dataArg.section,
-            };
-        }));
-    }
-    async getConfiguration(section) {
-        const dcRouter = this.opsServerRef.dcRouterRef;
-        // Get email domains if email server is configured
-        let emailDomains = [];
-        if (dcRouter.emailServer && dcRouter.emailServer.domainRegistry) {
-            emailDomains = dcRouter.emailServer.domainRegistry.getAllDomains();
-        }
-        else if (dcRouter.options.emailConfig?.domains) {
-            // Fallback: get domains from email config options
-            emailDomains = dcRouter.options.emailConfig.domains.map(d => typeof d === 'string' ? d : d.domain);
-        }
-        return {
-            email: {
-                enabled: !!dcRouter.emailServer,
-                ports: dcRouter.emailServer ? [25, 465, 587, 2525] : [],
-                maxMessageSize: 10 * 1024 * 1024, // 10MB default
-                rateLimits: {
-                    perMinute: 10,
-                    perHour: 100,
-                    perDay: 1000,
-                },
-                domains: emailDomains,
-            },
-            dns: {
-                enabled: !!dcRouter.dnsServer,
-                port: 53,
-                nameservers: dcRouter.options.dnsNsDomains || [],
-                caching: true,
-                ttl: 300,
-            },
-            proxy: {
-                enabled: !!dcRouter.smartProxy,
-                httpPort: 80,
-                httpsPort: 443,
-                maxConnections: 1000,
-            },
-            security: {
-                blockList: [],
-                rateLimit: true,
-                spamDetection: true,
-                tlsRequired: false,
-            },
-        };
-    }
-}
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29uZmlnLmhhbmRsZXIuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi90cy9vcHNzZXJ2ZXIvaGFuZGxlcnMvY29uZmlnLmhhbmRsZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxLQUFLLE9BQU8sTUFBTSxrQkFBa0IsQ0FBQztBQUU1QyxPQUFPLEtBQUssVUFBVSxNQUFNLGlDQUFpQyxDQUFDO0FBRTlELE1BQU0sT0FBTyxhQUFhO0lBR0o7SUFGYixXQUFXLEdBQUcsSUFBSSxPQUFPLENBQUMsWUFBWSxDQUFDLFdBQVcsRUFBRSxDQUFDO0lBRTVELFlBQW9CLFlBQXVCO1FBQXZCLGlCQUFZLEdBQVosWUFBWSxDQUFXO1FBQ3pDLDBDQUEwQztRQUMxQyxJQUFJLENBQUMsWUFBWSxDQUFDLFdBQVcsQ0FBQyxjQUFjLENBQUMsSUFBSSxDQUFDLFdBQVcsQ0FBQyxDQUFDO1FBQy9ELElBQUksQ0FBQyxnQkFBZ0IsRUFBRSxDQUFDO0lBQzFCLENBQUM7SUFFTyxnQkFBZ0I7UUFDdEIsd0NBQXdDO1FBQ3hDLElBQUksQ0FBQyxXQUFXLENBQUMsZUFBZSxDQUM5QixJQUFJLE9BQU8sQ0FBQyxZQUFZLENBQUMsWUFBWSxDQUNuQyxrQkFBa0IsRUFDbEIsS0FBSyxFQUFFLE9BQU8sRUFBRSxRQUFRLEVBQUUsRUFBRTtZQUMxQixNQUFNLE1BQU0sR0FBRyxNQUFNLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxPQUFPLENBQUMsT0FBTyxDQUFDLENBQUM7WUFDNUQsT0FBTztnQkFDTCxNQUFNO2dCQUNOLE9BQU8sRUFBRSxPQUFPLENBQUMsT0FBTzthQUN6QixDQUFDO1FBQ0osQ0FBQyxDQUNGLENBQ0YsQ0FBQztJQUNKLENBQUM7SUFFTyxLQUFLLENBQUMsZ0JBQWdCLENBQUMsT0FBZ0I7UUFnQzdDLE1BQU0sUUFBUSxHQUFHLElBQUksQ0FBQyxZQUFZLENBQUMsV0FBVyxDQUFDO1FBRS9DLGtEQUFrRDtRQUNsRCxJQUFJLFlBQVksR0FBYSxFQUFFLENBQUM7UUFDaEMsSUFBSSxRQUFRLENBQUMsV0FBVyxJQUFJLFFBQVEsQ0FBQyxXQUFXLENBQUMsY0FBYyxFQUFFLENBQUM7WUFDaEUsWUFBWSxHQUFHLFFBQVEsQ0FBQyxXQUFXLENBQUMsY0FBYyxDQUFDLGFBQWEsRUFBRSxDQUFDO1FBQ3JFLENBQUM7YUFBTSxJQUFJLFFBQVEsQ0FBQyxPQUFPLENBQUMsV0FBVyxFQUFFLE9BQU8sRUFBRSxDQUFDO1lBQ2pELGtEQUFrRDtZQUNsRCxZQUFZLEdBQUcsUUFBUSxDQUFDLE9BQU8sQ0FBQyxXQUFXLENBQUMsT0FBTyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUMxRCxPQUFPLENBQUMsS0FBSyxRQUFRLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLE1BQU0sQ0FDckMsQ0FBQztRQUNKLENBQUM7UUFFRCxPQUFPO1lBQ0wsS0FBSyxFQUFFO2dCQUNMLE9BQU8sRUFBRSxDQUFDLENBQUMsUUFBUSxDQUFDLFdBQVc7Z0JBQy9CLEtBQUssRUFBRSxRQUFRLENBQUMsV0FBVyxDQUFDLENBQUMsQ0FBQyxDQUFDLEVBQUUsRUFBRSxHQUFHLEVBQUUsR0FBRyxFQUFFLElBQUksQ0FBQyxDQUFDLENBQUMsQ0FBQyxFQUFFO2dCQUN2RCxjQUFjLEVBQUUsRUFBRSxHQUFHLElBQUksR0FBRyxJQUFJLEVBQUUsZUFBZTtnQkFDakQsVUFBVSxFQUFFO29CQUNWLFNBQVMsRUFBRSxFQUFFO29CQUNiLE9BQU8sRUFBRSxHQUFHO29CQUNaLE1BQU0sRUFBRSxJQUFJO2lCQUNiO2dCQUNELE9BQU8sRUFBRSxZQUFZO2FBQ3RCO1lBQ0QsR0FBRyxFQUFFO2dCQUNILE9BQU8sRUFBRSxDQUFDLENBQUMsUUFBUSxDQUFDLFNBQVM7Z0JBQzdCLElBQUksRUFBRSxFQUFFO2dCQUNSLFdBQVcsRUFBRSxRQUFRLENBQUMsT0FBTyxDQUFDLFlBQVksSUFBSSxFQUFFO2dCQUNoRCxPQUFPLEVBQUUsSUFBSTtnQkFDYixHQUFHLEVBQUUsR0FBRzthQUNUO1lBQ0QsS0FBSyxFQUFFO2dCQUNMLE9BQU8sRUFBRSxDQUFDLENBQUMsUUFBUSxDQUFDLFVBQVU7Z0JBQzlCLFFBQVEsRUFBRSxFQUFFO2dCQUNaLFNBQVMsRUFBRSxHQUFHO2dCQUNkLGNBQWMsRUFBRSxJQUFJO2FBQ3JCO1lBQ0QsUUFBUSxFQUFFO2dCQUNSLFNBQVMsRUFBRSxFQUFFO2dCQUNiLFNBQVMsRUFBRSxJQUFJO2dCQUNmLGFBQWEsRUFBRSxJQUFJO2dCQUNuQixXQUFXLEVBQUUsS0FBSzthQUNuQjtTQUNGLENBQUM7SUFDSixDQUFDO0NBQ0YifQ==