@sirketio/auth 0.0.1

package/dist/plugins/organization/routes/crud-members.mjs

@@ -0,0 +1,466 @@
+import { toZodSchema } from "../../../db/to-zod.mjs";
+import { getSessionFromCtx, sessionMiddleware } from "../../../api/routes/session.mjs";
+import "../../../api/index.mjs";
+import { ORGANIZATION_ERROR_CODES } from "../error-codes.mjs";
+import { getOrgAdapter } from "../adapter.mjs";
+import { orgMiddleware, orgSessionMiddleware } from "../call.mjs";
+import { hasPermission } from "../has-permission.mjs";
+import { parseRoles } from "../organization.mjs";
+import { APIError, BASE_ERROR_CODES } from "@better-auth/core/error";
+import { createAuthEndpoint } from "@better-auth/core/api";
+import * as z from "zod";
+import { whereOperators } from "@better-auth/core/db/adapter";
+
+//#region src/plugins/organization/routes/crud-members.ts
+const baseMemberSchema = z.object({
+	userId: z.coerce.string().meta({ description: "The user Id which represents the user to be added as a member. If `null` is provided, then it's expected to provide session headers. Eg: \"user-id\"" }),
+	role: z.union([z.string(), z.array(z.string())]).meta({ description: "The role(s) to assign to the new member. Eg: [\"admin\", \"sale\"]" }),
+	organizationId: z.string().meta({ description: "An optional organization ID to pass. If not provided, will default to the user's active organization. Eg: \"org-id\"" }).optional(),
+	teamId: z.string().meta({ description: "An optional team ID to add the member to. Eg: \"team-id\"" }).optional()
+});
+const addMember = (option) => {
+	const additionalFieldsSchema = toZodSchema({
+		fields: option?.schema?.member?.additionalFields || {},
+		isClientSide: true
+	});
+	return createAuthEndpoint({
+		method: "POST",
+		body: z.object({
+			...baseMemberSchema.shape,
+			...additionalFieldsSchema.shape
+		}),
+		use: [orgMiddleware],
+		metadata: {
+			$Infer: { body: {} },
+			openapi: {
+				operationId: "addOrganizationMember",
+				description: "Add a member to an organization"
+			}
+		}
+	}, async (ctx) => {
+		const session = ctx.body.userId ? await getSessionFromCtx(ctx).catch((e) => null) : null;
+		const orgId = ctx.body.organizationId || session?.session.activeOrganizationId;
+		if (!orgId) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.NO_ACTIVE_ORGANIZATION);
+		const teamId = "teamId" in ctx.body ? ctx.body.teamId : void 0;
+		if (teamId && !ctx.context.orgOptions.teams?.enabled) {
+			ctx.context.logger.error("Teams are not enabled");
+			throw APIError.fromStatus("BAD_REQUEST", { message: "Teams are not enabled" });
+		}
+		const adapter = getOrgAdapter(ctx.context, option);
+		const user = await ctx.context.internalAdapter.findUserById(ctx.body.userId);
+		if (!user) throw APIError.from("BAD_REQUEST", BASE_ERROR_CODES.USER_NOT_FOUND);
+		if (await adapter.findMemberByEmail({
+			email: user.email,
+			organizationId: orgId
+		})) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.USER_IS_ALREADY_A_MEMBER_OF_THIS_ORGANIZATION);
+		if (teamId) {
+			const team = await adapter.findTeamById({
+				teamId,
+				organizationId: orgId
+			});
+			if (!team || team.organizationId !== orgId) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.TEAM_NOT_FOUND);
+		}
+		const membershipLimit = ctx.context.orgOptions?.membershipLimit || 100;
+		const count = await adapter.countMembers({ organizationId: orgId });
+		const organization = await adapter.findOrganizationById(orgId);
+		if (!organization) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.ORGANIZATION_NOT_FOUND);
+		if (count >= (typeof membershipLimit === "number" ? membershipLimit : await membershipLimit(user, organization))) throw APIError.from("FORBIDDEN", ORGANIZATION_ERROR_CODES.ORGANIZATION_MEMBERSHIP_LIMIT_REACHED);
+		const { role: _, userId: __, organizationId: ___, ...additionalFields } = ctx.body;
+		let memberData = {
+			organizationId: orgId,
+			userId: user.id,
+			role: parseRoles(ctx.body.role),
+			createdAt: /* @__PURE__ */ new Date(),
+			...additionalFields ? additionalFields : {}
+		};
+		if (option?.organizationHooks?.beforeAddMember) {
+			const response = await option?.organizationHooks.beforeAddMember({
+				member: {
+					userId: user.id,
+					organizationId: orgId,
+					role: parseRoles(ctx.body.role),
+					...additionalFields
+				},
+				user,
+				organization
+			});
+			if (response && typeof response === "object" && "data" in response) memberData = {
+				...memberData,
+				...response.data
+			};
+		}
+		const createdMember = await adapter.createMember(memberData);
+		if (teamId) await adapter.findOrCreateTeamMember({
+			userId: user.id,
+			teamId
+		});
+		if (option?.organizationHooks?.afterAddMember) await option?.organizationHooks.afterAddMember({
+			member: createdMember,
+			user,
+			organization
+		});
+		return ctx.json(createdMember);
+	});
+};
+const removeMemberBodySchema = z.object({
+	memberIdOrEmail: z.string().meta({ description: "The ID or email of the member to remove" }),
+	organizationId: z.string().meta({ description: "The ID of the organization to remove the member from. If not provided, the active organization will be used. Eg: \"org-id\"" }).optional()
+});
+const removeMember = (options) => createAuthEndpoint("/organization/remove-member", {
+	method: "POST",
+	body: removeMemberBodySchema,
+	requireHeaders: true,
+	use: [orgMiddleware, orgSessionMiddleware],
+	metadata: { openapi: {
+		description: "Remove a member from an organization",
+		responses: { "200": {
+			description: "Success",
+			content: { "application/json": { schema: {
+				type: "object",
+				properties: { member: {
+					type: "object",
+					properties: {
+						id: { type: "string" },
+						userId: { type: "string" },
+						organizationId: { type: "string" },
+						role: { type: "string" }
+					},
+					required: [
+						"id",
+						"userId",
+						"organizationId",
+						"role"
+					]
+				} },
+				required: ["member"]
+			} } }
+		} }
+	} }
+}, async (ctx) => {
+	const session = ctx.context.session;
+	const organizationId = ctx.body.organizationId || session.session.activeOrganizationId;
+	if (!organizationId) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.NO_ACTIVE_ORGANIZATION);
+	const adapter = getOrgAdapter(ctx.context, options);
+	const member = await adapter.findMemberByOrgId({
+		userId: session.user.id,
+		organizationId
+	});
+	if (!member) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.MEMBER_NOT_FOUND);
+	let toBeRemovedMember = null;
+	if (ctx.body.memberIdOrEmail.includes("@")) toBeRemovedMember = await adapter.findMemberByEmail({
+		email: ctx.body.memberIdOrEmail,
+		organizationId
+	});
+	else {
+		const result = await adapter.findMemberById(ctx.body.memberIdOrEmail);
+		if (!result) toBeRemovedMember = null;
+		else {
+			const { user: _user, ...member } = result;
+			toBeRemovedMember = member;
+		}
+	}
+	if (!toBeRemovedMember) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.MEMBER_NOT_FOUND);
+	const roles = toBeRemovedMember.role.split(",");
+	const creatorRole = ctx.context.orgOptions?.creatorRole || "owner";
+	if (roles.includes(creatorRole)) {
+		if (member.role !== creatorRole) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.YOU_CANNOT_LEAVE_THE_ORGANIZATION_AS_THE_ONLY_OWNER);
+		const { members } = await adapter.listMembers({ organizationId });
+		if (members.filter((member) => {
+			return member.role.split(",").includes(creatorRole);
+		}).length <= 1) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.YOU_CANNOT_LEAVE_THE_ORGANIZATION_AS_THE_ONLY_OWNER);
+	}
+	if (!await hasPermission({
+		role: member.role,
+		options: ctx.context.orgOptions,
+		permissions: { member: ["delete"] },
+		organizationId
+	}, ctx)) throw APIError.from("UNAUTHORIZED", ORGANIZATION_ERROR_CODES.YOU_ARE_NOT_ALLOWED_TO_DELETE_THIS_MEMBER);
+	if (toBeRemovedMember?.organizationId !== organizationId) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.MEMBER_NOT_FOUND);
+	const organization = await adapter.findOrganizationById(organizationId);
+	if (!organization) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.ORGANIZATION_NOT_FOUND);
+	const userBeingRemoved = await ctx.context.internalAdapter.findUserById(toBeRemovedMember.userId);
+	if (!userBeingRemoved) throw APIError.fromStatus("BAD_REQUEST", { message: "User not found" });
+	if (options?.organizationHooks?.beforeRemoveMember) await options?.organizationHooks.beforeRemoveMember({
+		member: toBeRemovedMember,
+		user: userBeingRemoved,
+		organization
+	});
+	await adapter.deleteMember({
+		memberId: toBeRemovedMember.id,
+		organizationId,
+		userId: toBeRemovedMember.userId
+	});
+	if (session.user.id === toBeRemovedMember.userId && session.session.activeOrganizationId === toBeRemovedMember.organizationId) await adapter.setActiveOrganization(session.session.token, null, ctx);
+	if (options?.organizationHooks?.afterRemoveMember) await options?.organizationHooks.afterRemoveMember({
+		member: toBeRemovedMember,
+		user: userBeingRemoved,
+		organization
+	});
+	return ctx.json({ member: toBeRemovedMember });
+});
+const updateMemberRoleBodySchema = z.object({
+	role: z.union([z.string(), z.array(z.string())]).meta({ description: "The new role to be applied. This can be a string or array of strings representing the roles. Eg: [\"admin\", \"sale\"]" }),
+	memberId: z.string().meta({ description: "The member id to apply the role update to. Eg: \"member-id\"" }),
+	organizationId: z.string().meta({ description: "An optional organization ID which the member is a part of to apply the role update. If not provided, you must provide session headers to get the active organization. Eg: \"organization-id\"" }).optional()
+});
+const updateMemberRole = (option) => createAuthEndpoint("/organization/update-member-role", {
+	method: "POST",
+	body: updateMemberRoleBodySchema,
+	use: [orgMiddleware, orgSessionMiddleware],
+	requireHeaders: true,
+	metadata: {
+		$Infer: { body: {} },
+		openapi: {
+			operationId: "updateOrganizationMemberRole",
+			description: "Update the role of a member in an organization",
+			responses: { "200": {
+				description: "Success",
+				content: { "application/json": { schema: {
+					type: "object",
+					properties: { member: {
+						type: "object",
+						properties: {
+							id: { type: "string" },
+							userId: { type: "string" },
+							organizationId: { type: "string" },
+							role: { type: "string" }
+						},
+						required: [
+							"id",
+							"userId",
+							"organizationId",
+							"role"
+						]
+					} },
+					required: ["member"]
+				} } }
+			} }
+		}
+	}
+}, async (ctx) => {
+	const session = ctx.context.session;
+	if (!ctx.body.role) throw APIError.fromStatus("BAD_REQUEST");
+	const organizationId = ctx.body.organizationId || session.session.activeOrganizationId;
+	if (!organizationId) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.NO_ACTIVE_ORGANIZATION);
+	const adapter = getOrgAdapter(ctx.context, ctx.context.orgOptions);
+	const roleToSet = Array.isArray(ctx.body.role) ? ctx.body.role : ctx.body.role ? [ctx.body.role] : [];
+	const member = await adapter.findMemberByOrgId({
+		userId: session.user.id,
+		organizationId
+	});
+	if (!member) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.MEMBER_NOT_FOUND);
+	const toBeUpdatedMember = member.id !== ctx.body.memberId ? await adapter.findMemberById(ctx.body.memberId) : member;
+	if (!toBeUpdatedMember) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.MEMBER_NOT_FOUND);
+	if (!(toBeUpdatedMember.organizationId === organizationId)) throw APIError.from("FORBIDDEN", ORGANIZATION_ERROR_CODES.YOU_ARE_NOT_ALLOWED_TO_UPDATE_THIS_MEMBER);
+	const creatorRole = ctx.context.orgOptions?.creatorRole || "owner";
+	const updatingMemberRoles = member.role.split(",");
+	const isUpdatingCreator = toBeUpdatedMember.role.split(",").includes(creatorRole);
+	const updaterIsCreator = updatingMemberRoles.includes(creatorRole);
+	const isSettingCreatorRole = roleToSet.includes(creatorRole);
+	const memberIsUpdatingThemselves = member.id === toBeUpdatedMember.id;
+	if (isUpdatingCreator && !updaterIsCreator || isSettingCreatorRole && !updaterIsCreator) throw APIError.from("FORBIDDEN", ORGANIZATION_ERROR_CODES.YOU_ARE_NOT_ALLOWED_TO_UPDATE_THIS_MEMBER);
+	if (updaterIsCreator && memberIsUpdatingThemselves) {
+		if ((await ctx.context.adapter.findMany({
+			model: "member",
+			where: [{
+				field: "organizationId",
+				value: organizationId
+			}]
+		})).filter((member) => {
+			return member.role.split(",").includes(creatorRole);
+		}).length <= 1 && !isSettingCreatorRole) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.YOU_CANNOT_LEAVE_THE_ORGANIZATION_WITHOUT_AN_OWNER);
+	}
+	if (!await hasPermission({
+		role: member.role,
+		options: ctx.context.orgOptions,
+		permissions: { member: ["update"] },
+		allowCreatorAllPermissions: true,
+		organizationId
+	}, ctx)) throw APIError.from("FORBIDDEN", ORGANIZATION_ERROR_CODES.YOU_ARE_NOT_ALLOWED_TO_UPDATE_THIS_MEMBER);
+	const organization = await adapter.findOrganizationById(organizationId);
+	if (!organization) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.ORGANIZATION_NOT_FOUND);
+	const userBeingUpdated = await ctx.context.internalAdapter.findUserById(toBeUpdatedMember.userId);
+	if (!userBeingUpdated) throw APIError.fromStatus("BAD_REQUEST", { message: "User not found" });
+	const previousRole = toBeUpdatedMember.role;
+	const newRole = parseRoles(ctx.body.role);
+	if (option?.organizationHooks?.beforeUpdateMemberRole) {
+		const response = await option?.organizationHooks.beforeUpdateMemberRole({
+			member: toBeUpdatedMember,
+			newRole,
+			user: userBeingUpdated,
+			organization
+		});
+		if (response && typeof response === "object" && "data" in response) {
+			const updatedMember = await adapter.updateMember(ctx.body.memberId, response.data.role || newRole);
+			if (!updatedMember) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.MEMBER_NOT_FOUND);
+			if (option?.organizationHooks?.afterUpdateMemberRole) await option?.organizationHooks.afterUpdateMemberRole({
+				member: updatedMember,
+				previousRole,
+				user: userBeingUpdated,
+				organization
+			});
+			return ctx.json(updatedMember);
+		}
+	}
+	const updatedMember = await adapter.updateMember(ctx.body.memberId, newRole);
+	if (!updatedMember) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.MEMBER_NOT_FOUND);
+	if (option?.organizationHooks?.afterUpdateMemberRole) await option?.organizationHooks.afterUpdateMemberRole({
+		member: updatedMember,
+		previousRole,
+		user: userBeingUpdated,
+		organization
+	});
+	return ctx.json(updatedMember);
+});
+const getActiveMember = (options) => createAuthEndpoint("/organization/get-active-member", {
+	method: "GET",
+	use: [orgMiddleware, orgSessionMiddleware],
+	requireHeaders: true,
+	metadata: { openapi: {
+		description: "Get the member details of the active organization",
+		responses: { "200": {
+			description: "Success",
+			content: { "application/json": { schema: {
+				type: "object",
+				properties: {
+					id: { type: "string" },
+					userId: { type: "string" },
+					organizationId: { type: "string" },
+					role: { type: "string" }
+				},
+				required: [
+					"id",
+					"userId",
+					"organizationId",
+					"role"
+				]
+			} } }
+		} }
+	} }
+}, async (ctx) => {
+	const session = ctx.context.session;
+	const organizationId = session.session.activeOrganizationId;
+	if (!organizationId) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.NO_ACTIVE_ORGANIZATION);
+	const member = await getOrgAdapter(ctx.context, options).findMemberByOrgId({
+		userId: session.user.id,
+		organizationId
+	});
+	if (!member) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.MEMBER_NOT_FOUND);
+	return ctx.json(member);
+});
+const leaveOrganizationBodySchema = z.object({ organizationId: z.string().meta({ description: "The organization Id for the member to leave. Eg: \"organization-id\"" }) });
+const leaveOrganization = (options) => createAuthEndpoint("/organization/leave", {
+	method: "POST",
+	body: leaveOrganizationBodySchema,
+	requireHeaders: true,
+	use: [sessionMiddleware, orgMiddleware]
+}, async (ctx) => {
+	const session = ctx.context.session;
+	const adapter = getOrgAdapter(ctx.context, options);
+	const member = await adapter.findMemberByOrgId({
+		userId: session.user.id,
+		organizationId: ctx.body.organizationId
+	});
+	if (!member) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.MEMBER_NOT_FOUND);
+	const creatorRole = ctx.context.orgOptions?.creatorRole || "owner";
+	if (member.role.split(",").includes(creatorRole)) {
+		if ((await ctx.context.adapter.findMany({
+			model: "member",
+			where: [{
+				field: "organizationId",
+				value: ctx.body.organizationId
+			}]
+		})).filter((member) => member.role.split(",").includes(creatorRole)).length <= 1) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.YOU_CANNOT_LEAVE_THE_ORGANIZATION_AS_THE_ONLY_OWNER);
+	}
+	await adapter.deleteMember({
+		memberId: member.id,
+		organizationId: ctx.body.organizationId,
+		userId: session.user.id
+	});
+	if (session.session.activeOrganizationId === ctx.body.organizationId) await adapter.setActiveOrganization(session.session.token, null, ctx);
+	return ctx.json(member);
+});
+const listMembers = (options) => createAuthEndpoint("/organization/list-members", {
+	method: "GET",
+	query: z.object({
+		limit: z.string().meta({ description: "The number of users to return" }).or(z.number()).optional(),
+		offset: z.string().meta({ description: "The offset to start from" }).or(z.number()).optional(),
+		sortBy: z.string().meta({ description: "The field to sort by" }).optional(),
+		sortDirection: z.enum(["asc", "desc"]).meta({ description: "The direction to sort by" }).optional(),
+		filterField: z.string().meta({ description: "The field to filter by" }).optional(),
+		filterValue: z.string().meta({ description: "The value to filter by" }).or(z.number()).or(z.boolean()).or(z.array(z.string())).or(z.array(z.number())).optional(),
+		filterOperator: z.enum(whereOperators).meta({ description: "The operator to use for the filter" }).optional(),
+		organizationId: z.string().meta({ description: "The organization ID to list members for. If not provided, will default to the user's active organization. Eg: \"organization-id\"" }).optional(),
+		organizationSlug: z.string().meta({ description: "The organization slug to list members for. If not provided, will default to the user's active organization. Eg: \"organization-slug\"" }).optional()
+	}).optional(),
+	requireHeaders: true,
+	use: [orgMiddleware, orgSessionMiddleware]
+}, async (ctx) => {
+	const session = ctx.context.session;
+	let organizationId = ctx.query?.organizationId || session.session.activeOrganizationId;
+	const adapter = getOrgAdapter(ctx.context, options);
+	if (ctx.query?.organizationSlug) {
+		const organization = await adapter.findOrganizationBySlug(ctx.query?.organizationSlug);
+		if (!organization) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.ORGANIZATION_NOT_FOUND);
+		organizationId = organization.id;
+	}
+	if (!organizationId) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.NO_ACTIVE_ORGANIZATION);
+	if (!await adapter.findMemberByOrgId({
+		userId: session.user.id,
+		organizationId
+	})) throw APIError.from("FORBIDDEN", ORGANIZATION_ERROR_CODES.YOU_ARE_NOT_A_MEMBER_OF_THIS_ORGANIZATION);
+	const { members, total } = await adapter.listMembers({
+		organizationId,
+		limit: ctx.query?.limit ? Number(ctx.query.limit) : void 0,
+		offset: ctx.query?.offset ? Number(ctx.query.offset) : void 0,
+		sortBy: ctx.query?.sortBy,
+		sortOrder: ctx.query?.sortDirection,
+		filter: ctx.query?.filterField ? {
+			field: ctx.query?.filterField,
+			operator: ctx.query.filterOperator,
+			value: ctx.query.filterValue
+		} : void 0
+	});
+	return ctx.json({
+		members,
+		total
+	});
+});
+const getActiveMemberRoleQuerySchema = z.object({
+	userId: z.string().meta({ description: "The user ID to get the role for. If not provided, will default to the current user's" }).optional(),
+	organizationId: z.string().meta({ description: "The organization ID to list members for. If not provided, will default to the user's active organization. Eg: \"organization-id\"" }).optional(),
+	organizationSlug: z.string().meta({ description: "The organization slug to list members for. If not provided, will default to the user's active organization. Eg: \"organization-slug\"" }).optional()
+}).optional();
+const getActiveMemberRole = (options) => createAuthEndpoint("/organization/get-active-member-role", {
+	method: "GET",
+	query: getActiveMemberRoleQuerySchema,
+	requireHeaders: true,
+	use: [orgMiddleware, orgSessionMiddleware]
+}, async (ctx) => {
+	const session = ctx.context.session;
+	let organizationId = ctx.query?.organizationId || session.session.activeOrganizationId;
+	const adapter = getOrgAdapter(ctx.context, options);
+	if (ctx.query?.organizationSlug) {
+		const organization = await adapter.findOrganizationBySlug(ctx.query?.organizationSlug);
+		if (!organization) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.ORGANIZATION_NOT_FOUND);
+		organizationId = organization.id;
+	}
+	if (!organizationId) throw APIError.from("BAD_REQUEST", ORGANIZATION_ERROR_CODES.NO_ACTIVE_ORGANIZATION);
+	const isMember = await adapter.findMemberByOrgId({
+		userId: session.user.id,
+		organizationId
+	});
+	if (!isMember) throw APIError.from("FORBIDDEN", ORGANIZATION_ERROR_CODES.YOU_ARE_NOT_A_MEMBER_OF_THIS_ORGANIZATION);
+	if (!ctx.query?.userId) return ctx.json({ role: isMember.role });
+	const userIdToGetRole = ctx.query?.userId;
+	const member = await adapter.findMemberByOrgId({
+		userId: userIdToGetRole,
+		organizationId
+	});
+	if (!member) throw APIError.from("FORBIDDEN", ORGANIZATION_ERROR_CODES.YOU_ARE_NOT_A_MEMBER_OF_THIS_ORGANIZATION);
+	return ctx.json({ role: member?.role });
+});
+
+//#endregion
+export { addMember, getActiveMember, getActiveMemberRole, leaveOrganization, listMembers, removeMember, updateMemberRole };
+//# sourceMappingURL=crud-members.mjs.map

package/dist/plugins/organization/routes/crud-members.mjs.map

@@ -0,0 +1 @@
+{"version":3,"file":"crud-members.mjs","names":[],"sources":["../../../../src/plugins/organization/routes/crud-members.ts"],"sourcesContent":["import type { LiteralString } from \"@better-auth/core\";\nimport { createAuthEndpoint } from \"@better-auth/core/api\";\nimport { whereOperators } from \"@better-auth/core/db/adapter\";\nimport { APIError, BASE_ERROR_CODES } from \"@better-auth/core/error\";\nimport * as z from \"zod\";\nimport { getSessionFromCtx, sessionMiddleware } from \"../../../api\";\nimport type { InferAdditionalFieldsFromPluginOptions } from \"../../../db\";\nimport { toZodSchema } from \"../../../db/to-zod\";\nimport { getOrgAdapter } from \"../adapter\";\nimport { orgMiddleware, orgSessionMiddleware } from \"../call\";\nimport { ORGANIZATION_ERROR_CODES } from \"../error-codes\";\nimport { hasPermission } from \"../has-permission\";\nimport { parseRoles } from \"../organization\";\nimport type {\n\tInferMember,\n\tInferOrganizationRolesFromOption,\n\tMember,\n} from \"../schema\";\nimport type { OrganizationOptions } from \"../types\";\n\nconst baseMemberSchema = z.object({\n\tuserId: z.coerce.string().meta({\n\t\tdescription:\n\t\t\t'The user Id which represents the user to be added as a member. If `null` is provided, then it\\'s expected to provide session headers. Eg: \"user-id\"',\n\t}),\n\trole: z.union([z.string(), z.array(z.string())]).meta({\n\t\tdescription:\n\t\t\t'The role(s) to assign to the new member. Eg: [\"admin\", \"sale\"]',\n\t}),\n\torganizationId: z\n\t\t.string()\n\t\t.meta({\n\t\t\tdescription:\n\t\t\t\t'An optional organization ID to pass. If not provided, will default to the user\\'s active organization. Eg: \"org-id\"',\n\t\t})\n\t\t.optional(),\n\tteamId: z\n\t\t.string()\n\t\t.meta({\n\t\t\tdescription: 'An optional team ID to add the member to. Eg: \"team-id\"',\n\t\t})\n\t\t.optional(),\n});\n\nexport const addMember = <O extends OrganizationOptions>(option: O) => {\n\tconst additionalFieldsSchema = toZodSchema({\n\t\tfields: option?.schema?.member?.additionalFields || {},\n\t\tisClientSide: true,\n\t});\n\treturn createAuthEndpoint(\n\t\t{\n\t\t\tmethod: \"POST\",\n\t\t\tbody: z.object({\n\t\t\t\t...baseMemberSchema.shape,\n\t\t\t\t...additionalFieldsSchema.shape,\n\t\t\t}),\n\t\t\tuse: [orgMiddleware],\n\t\t\tmetadata: {\n\t\t\t\t$Infer: {\n\t\t\t\t\tbody: {} as {\n\t\t\t\t\t\tuserId: string;\n\t\t\t\t\t\trole:\n\t\t\t\t\t\t\t| InferOrganizationRolesFromOption<O>\n\t\t\t\t\t\t\t| InferOrganizationRolesFromOption<O>[];\n\t\t\t\t\t\torganizationId?: string | undefined;\n\t\t\t\t\t} & (O extends { teams: { enabled: true } }\n\t\t\t\t\t\t? { teamId?: string | undefined }\n\t\t\t\t\t\t: {}) &\n\t\t\t\t\t\tInferAdditionalFieldsFromPluginOptions<\"member\", O>,\n\t\t\t\t},\n\t\t\t\topenapi: {\n\t\t\t\t\toperationId: \"addOrganizationMember\",\n\t\t\t\t\tdescription: \"Add a member to an organization\",\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\t\tasync (ctx) => {\n\t\t\tconst session = ctx.body.userId\n\t\t\t\t? await getSessionFromCtx<{\n\t\t\t\t\t\tsession: {\n\t\t\t\t\t\t\tactiveOrganizationId?: string | undefined;\n\t\t\t\t\t\t};\n\t\t\t\t\t}>(ctx).catch((e) => null)\n\t\t\t\t: null;\n\t\t\tconst orgId =\n\t\t\t\tctx.body.organizationId || session?.session.activeOrganizationId;\n\t\t\tif (!orgId) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.NO_ACTIVE_ORGANIZATION,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\tconst teamId =\n\t\t\t\t\"teamId\" in ctx.body ? (ctx.body.teamId as string) : undefined;\n\t\t\tif (teamId && !ctx.context.orgOptions.teams?.enabled) {\n\t\t\t\tctx.context.logger.error(\"Teams are not enabled\");\n\t\t\t\tthrow APIError.fromStatus(\"BAD_REQUEST\", {\n\t\t\t\t\tmessage: \"Teams are not enabled\",\n\t\t\t\t});\n\t\t\t}\n\n\t\t\tconst adapter = getOrgAdapter<O>(ctx.context, option);\n\n\t\t\tconst user = await ctx.context.internalAdapter.findUserById(\n\t\t\t\tctx.body.userId,\n\t\t\t);\n\n\t\t\tif (!user) {\n\t\t\t\tthrow APIError.from(\"BAD_REQUEST\", BASE_ERROR_CODES.USER_NOT_FOUND);\n\t\t\t}\n\n\t\t\tconst alreadyMember = await adapter.findMemberByEmail({\n\t\t\t\temail: user.email,\n\t\t\t\torganizationId: orgId,\n\t\t\t});\n\n\t\t\tif (alreadyMember) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.USER_IS_ALREADY_A_MEMBER_OF_THIS_ORGANIZATION,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\tif (teamId) {\n\t\t\t\tconst team = await adapter.findTeamById({\n\t\t\t\t\tteamId,\n\t\t\t\t\torganizationId: orgId,\n\t\t\t\t});\n\t\t\t\tif (!team || team.organizationId !== orgId) {\n\t\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\t\tORGANIZATION_ERROR_CODES.TEAM_NOT_FOUND,\n\t\t\t\t\t);\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tconst membershipLimit = ctx.context.orgOptions?.membershipLimit || 100;\n\t\t\tconst count = await adapter.countMembers({ organizationId: orgId });\n\n\t\t\tconst organization = await adapter.findOrganizationById(orgId);\n\t\t\tif (!organization) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.ORGANIZATION_NOT_FOUND,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\tconst limit =\n\t\t\t\ttypeof membershipLimit === \"number\"\n\t\t\t\t\t? membershipLimit\n\t\t\t\t\t: await membershipLimit(user, organization);\n\n\t\t\tif (count >= limit) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"FORBIDDEN\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.ORGANIZATION_MEMBERSHIP_LIMIT_REACHED,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\tconst {\n\t\t\t\trole: _,\n\t\t\t\tuserId: __,\n\t\t\t\torganizationId: ___,\n\t\t\t\t...additionalFields\n\t\t\t} = ctx.body;\n\n\t\t\tlet memberData = {\n\t\t\t\torganizationId: orgId,\n\t\t\t\tuserId: user.id,\n\t\t\t\trole: parseRoles(ctx.body.role),\n\t\t\t\tcreatedAt: new Date(),\n\t\t\t\t...(additionalFields ? additionalFields : {}),\n\t\t\t};\n\n\t\t\t// Run beforeAddMember hook\n\t\t\tif (option?.organizationHooks?.beforeAddMember) {\n\t\t\t\tconst response = await option?.organizationHooks.beforeAddMember({\n\t\t\t\t\tmember: {\n\t\t\t\t\t\tuserId: user.id,\n\t\t\t\t\t\torganizationId: orgId,\n\t\t\t\t\t\trole: parseRoles(ctx.body.role as string | string[]),\n\t\t\t\t\t\t...additionalFields,\n\t\t\t\t\t},\n\t\t\t\t\tuser,\n\t\t\t\t\torganization,\n\t\t\t\t});\n\t\t\t\tif (response && typeof response === \"object\" && \"data\" in response) {\n\t\t\t\t\tmemberData = {\n\t\t\t\t\t\t...memberData,\n\t\t\t\t\t\t...response.data,\n\t\t\t\t\t};\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tconst createdMember = await adapter.createMember(memberData);\n\n\t\t\tif (teamId) {\n\t\t\t\tawait adapter.findOrCreateTeamMember({\n\t\t\t\t\tuserId: user.id,\n\t\t\t\t\tteamId,\n\t\t\t\t});\n\t\t\t}\n\n\t\t\t// Run afterAddMember hook\n\t\t\tif (option?.organizationHooks?.afterAddMember) {\n\t\t\t\tawait option?.organizationHooks.afterAddMember({\n\t\t\t\t\tmember: createdMember,\n\t\t\t\t\tuser,\n\t\t\t\t\torganization,\n\t\t\t\t});\n\t\t\t}\n\n\t\t\treturn ctx.json(createdMember);\n\t\t},\n\t);\n};\n\nconst removeMemberBodySchema = z.object({\n\tmemberIdOrEmail: z.string().meta({\n\t\tdescription: \"The ID or email of the member to remove\",\n\t}),\n\t/**\n\t * If not provided, the active organization will be used\n\t */\n\torganizationId: z\n\t\t.string()\n\t\t.meta({\n\t\t\tdescription:\n\t\t\t\t'The ID of the organization to remove the member from. If not provided, the active organization will be used. Eg: \"org-id\"',\n\t\t})\n\t\t.optional(),\n});\n\nexport const removeMember = <O extends OrganizationOptions>(options: O) =>\n\tcreateAuthEndpoint(\n\t\t\"/organization/remove-member\",\n\t\t{\n\t\t\tmethod: \"POST\",\n\t\t\tbody: removeMemberBodySchema,\n\t\t\trequireHeaders: true,\n\t\t\tuse: [orgMiddleware, orgSessionMiddleware],\n\t\t\tmetadata: {\n\t\t\t\topenapi: {\n\t\t\t\t\tdescription: \"Remove a member from an organization\",\n\t\t\t\t\tresponses: {\n\t\t\t\t\t\t\"200\": {\n\t\t\t\t\t\t\tdescription: \"Success\",\n\t\t\t\t\t\t\tcontent: {\n\t\t\t\t\t\t\t\t\"application/json\": {\n\t\t\t\t\t\t\t\t\tschema: {\n\t\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\t\tproperties: {\n\t\t\t\t\t\t\t\t\t\t\tmember: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\t\t\t\tproperties: {\n\t\t\t\t\t\t\t\t\t\t\t\t\tid: {\n\t\t\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\t\tuserId: {\n\t\t\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\t\torganizationId: {\n\t\t\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\t\trole: {\n\t\t\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\trequired: [\"id\", \"userId\", \"organizationId\", \"role\"],\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\trequired: [\"member\"],\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\t\tasync (ctx) => {\n\t\t\tconst session = ctx.context.session;\n\t\t\tconst organizationId =\n\t\t\t\tctx.body.organizationId || session.session.activeOrganizationId;\n\t\t\tif (!organizationId) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.NO_ACTIVE_ORGANIZATION,\n\t\t\t\t);\n\t\t\t}\n\t\t\tconst adapter = getOrgAdapter<O>(ctx.context, options);\n\t\t\tconst member = await adapter.findMemberByOrgId({\n\t\t\t\tuserId: session.user.id,\n\t\t\t\torganizationId: organizationId,\n\t\t\t});\n\t\t\tif (!member) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.MEMBER_NOT_FOUND,\n\t\t\t\t);\n\t\t\t}\n\t\t\tlet toBeRemovedMember: InferMember<O> | null = null;\n\t\t\tif (ctx.body.memberIdOrEmail.includes(\"@\")) {\n\t\t\t\ttoBeRemovedMember = await adapter.findMemberByEmail({\n\t\t\t\t\temail: ctx.body.memberIdOrEmail,\n\t\t\t\t\torganizationId: organizationId,\n\t\t\t\t});\n\t\t\t} else {\n\t\t\t\tconst result = await adapter.findMemberById(ctx.body.memberIdOrEmail);\n\t\t\t\tif (!result) toBeRemovedMember = null;\n\t\t\t\telse {\n\t\t\t\t\tconst { user: _user, ...member } = result;\n\t\t\t\t\ttoBeRemovedMember = member as unknown as InferMember<O>;\n\t\t\t\t}\n\t\t\t}\n\t\t\tif (!toBeRemovedMember) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.MEMBER_NOT_FOUND,\n\t\t\t\t);\n\t\t\t}\n\t\t\tconst roles = toBeRemovedMember.role.split(\",\");\n\t\t\tconst creatorRole = ctx.context.orgOptions?.creatorRole || \"owner\";\n\t\t\tconst isOwner = roles.includes(creatorRole);\n\t\t\tif (isOwner) {\n\t\t\t\tif (member.role !== creatorRole) {\n\t\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\t\tORGANIZATION_ERROR_CODES.YOU_CANNOT_LEAVE_THE_ORGANIZATION_AS_THE_ONLY_OWNER,\n\t\t\t\t\t);\n\t\t\t\t}\n\t\t\t\tconst { members } = await adapter.listMembers({\n\t\t\t\t\torganizationId: organizationId,\n\t\t\t\t});\n\t\t\t\tconst owners = members.filter((member) => {\n\t\t\t\t\tconst roles = member.role.split(\",\");\n\t\t\t\t\treturn roles.includes(creatorRole);\n\t\t\t\t});\n\t\t\t\tif (owners.length <= 1) {\n\t\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\t\tORGANIZATION_ERROR_CODES.YOU_CANNOT_LEAVE_THE_ORGANIZATION_AS_THE_ONLY_OWNER,\n\t\t\t\t\t);\n\t\t\t\t}\n\t\t\t}\n\t\t\tconst canDeleteMember = await hasPermission(\n\t\t\t\t{\n\t\t\t\t\trole: member.role,\n\t\t\t\t\toptions: ctx.context.orgOptions,\n\t\t\t\t\tpermissions: {\n\t\t\t\t\t\tmember: [\"delete\"],\n\t\t\t\t\t},\n\t\t\t\t\torganizationId,\n\t\t\t\t},\n\t\t\t\tctx,\n\t\t\t);\n\n\t\t\tif (!canDeleteMember) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"UNAUTHORIZED\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.YOU_ARE_NOT_ALLOWED_TO_DELETE_THIS_MEMBER,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\tif (toBeRemovedMember?.organizationId !== organizationId) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.MEMBER_NOT_FOUND,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\tconst organization = await adapter.findOrganizationById(organizationId);\n\t\t\tif (!organization) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.ORGANIZATION_NOT_FOUND,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\tconst userBeingRemoved = await ctx.context.internalAdapter.findUserById(\n\t\t\t\ttoBeRemovedMember.userId,\n\t\t\t);\n\t\t\tif (!userBeingRemoved) {\n\t\t\t\tthrow APIError.fromStatus(\"BAD_REQUEST\", {\n\t\t\t\t\tmessage: \"User not found\",\n\t\t\t\t});\n\t\t\t}\n\n\t\t\t// Run beforeRemoveMember hook\n\t\t\tif (options?.organizationHooks?.beforeRemoveMember) {\n\t\t\t\tawait options?.organizationHooks.beforeRemoveMember({\n\t\t\t\t\tmember: toBeRemovedMember,\n\t\t\t\t\tuser: userBeingRemoved,\n\t\t\t\t\torganization,\n\t\t\t\t});\n\t\t\t}\n\t\t\tawait adapter.deleteMember({\n\t\t\t\tmemberId: toBeRemovedMember.id,\n\t\t\t\torganizationId: organizationId,\n\t\t\t\tuserId: toBeRemovedMember.userId,\n\t\t\t});\n\t\t\tif (\n\t\t\t\tsession.user.id === toBeRemovedMember.userId &&\n\t\t\t\tsession.session.activeOrganizationId ===\n\t\t\t\t\ttoBeRemovedMember.organizationId\n\t\t\t) {\n\t\t\t\tawait adapter.setActiveOrganization(session.session.token, null, ctx);\n\t\t\t}\n\n\t\t\t// Run afterRemoveMember hook\n\t\t\tif (options?.organizationHooks?.afterRemoveMember) {\n\t\t\t\tawait options?.organizationHooks.afterRemoveMember({\n\t\t\t\t\tmember: toBeRemovedMember,\n\t\t\t\t\tuser: userBeingRemoved,\n\t\t\t\t\torganization,\n\t\t\t\t});\n\t\t\t}\n\n\t\t\treturn ctx.json({\n\t\t\t\tmember: toBeRemovedMember,\n\t\t\t});\n\t\t},\n\t);\n\nconst updateMemberRoleBodySchema = z.object({\n\trole: z.union([z.string(), z.array(z.string())]).meta({\n\t\tdescription:\n\t\t\t'The new role to be applied. This can be a string or array of strings representing the roles. Eg: [\"admin\", \"sale\"]',\n\t}),\n\tmemberId: z.string().meta({\n\t\tdescription: 'The member id to apply the role update to. Eg: \"member-id\"',\n\t}),\n\torganizationId: z\n\t\t.string()\n\t\t.meta({\n\t\t\tdescription:\n\t\t\t\t'An optional organization ID which the member is a part of to apply the role update. If not provided, you must provide session headers to get the active organization. Eg: \"organization-id\"',\n\t\t})\n\t\t.optional(),\n});\n\nexport const updateMemberRole = <O extends OrganizationOptions>(option: O) =>\n\tcreateAuthEndpoint(\n\t\t\"/organization/update-member-role\",\n\t\t{\n\t\t\tmethod: \"POST\",\n\t\t\tbody: updateMemberRoleBodySchema,\n\t\t\tuse: [orgMiddleware, orgSessionMiddleware],\n\t\t\trequireHeaders: true,\n\t\t\tmetadata: {\n\t\t\t\t$Infer: {\n\t\t\t\t\tbody: {} as {\n\t\t\t\t\t\trole:\n\t\t\t\t\t\t\t| InferOrganizationRolesFromOption<O>\n\t\t\t\t\t\t\t| InferOrganizationRolesFromOption<O>[]\n\t\t\t\t\t\t\t| LiteralString\n\t\t\t\t\t\t\t| LiteralString[];\n\t\t\t\t\t\tmemberId: string;\n\t\t\t\t\t\t/**\n\t\t\t\t\t\t * If not provided, the active organization will be used\n\t\t\t\t\t\t */\n\t\t\t\t\t\torganizationId?: string | undefined;\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t\topenapi: {\n\t\t\t\t\toperationId: \"updateOrganizationMemberRole\",\n\t\t\t\t\tdescription: \"Update the role of a member in an organization\",\n\t\t\t\t\tresponses: {\n\t\t\t\t\t\t\"200\": {\n\t\t\t\t\t\t\tdescription: \"Success\",\n\t\t\t\t\t\t\tcontent: {\n\t\t\t\t\t\t\t\t\"application/json\": {\n\t\t\t\t\t\t\t\t\tschema: {\n\t\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\t\tproperties: {\n\t\t\t\t\t\t\t\t\t\t\tmember: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\t\t\t\tproperties: {\n\t\t\t\t\t\t\t\t\t\t\t\t\tid: {\n\t\t\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\t\tuserId: {\n\t\t\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\t\torganizationId: {\n\t\t\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\t\trole: {\n\t\t\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\t\trequired: [\"id\", \"userId\", \"organizationId\", \"role\"],\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\trequired: [\"member\"],\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\t\tasync (ctx) => {\n\t\t\tconst session = ctx.context.session;\n\n\t\t\tif (!ctx.body.role) {\n\t\t\t\tthrow APIError.fromStatus(\"BAD_REQUEST\");\n\t\t\t}\n\n\t\t\tconst organizationId =\n\t\t\t\tctx.body.organizationId || session.session.activeOrganizationId;\n\n\t\t\tif (!organizationId) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.NO_ACTIVE_ORGANIZATION,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\tconst adapter = getOrgAdapter(ctx.context, ctx.context.orgOptions);\n\t\t\tconst roleToSet: string[] = Array.isArray(ctx.body.role)\n\t\t\t\t? ctx.body.role\n\t\t\t\t: ctx.body.role\n\t\t\t\t\t? [ctx.body.role]\n\t\t\t\t\t: [];\n\n\t\t\tconst member = await adapter.findMemberByOrgId({\n\t\t\t\tuserId: session.user.id,\n\t\t\t\torganizationId: organizationId,\n\t\t\t});\n\n\t\t\tif (!member) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.MEMBER_NOT_FOUND,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\tconst toBeUpdatedMember =\n\t\t\t\tmember.id !== ctx.body.memberId\n\t\t\t\t\t? await adapter.findMemberById(ctx.body.memberId)\n\t\t\t\t\t: member;\n\n\t\t\tif (!toBeUpdatedMember) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.MEMBER_NOT_FOUND,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\tconst memberBelongsToOrganization =\n\t\t\t\ttoBeUpdatedMember.organizationId === organizationId;\n\n\t\t\tif (!memberBelongsToOrganization) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"FORBIDDEN\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.YOU_ARE_NOT_ALLOWED_TO_UPDATE_THIS_MEMBER,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\tconst creatorRole = ctx.context.orgOptions?.creatorRole || \"owner\";\n\n\t\t\tconst updatingMemberRoles = member.role.split(\",\");\n\t\t\tconst toBeUpdatedMemberRoles = toBeUpdatedMember.role.split(\",\");\n\n\t\t\tconst isUpdatingCreator = toBeUpdatedMemberRoles.includes(creatorRole);\n\t\t\tconst updaterIsCreator = updatingMemberRoles.includes(creatorRole);\n\n\t\t\tconst isSettingCreatorRole = roleToSet.includes(creatorRole);\n\n\t\t\tconst memberIsUpdatingThemselves = member.id === toBeUpdatedMember.id;\n\n\t\t\tif (\n\t\t\t\t(isUpdatingCreator && !updaterIsCreator) ||\n\t\t\t\t(isSettingCreatorRole && !updaterIsCreator)\n\t\t\t) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"FORBIDDEN\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.YOU_ARE_NOT_ALLOWED_TO_UPDATE_THIS_MEMBER,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\tif (updaterIsCreator && memberIsUpdatingThemselves) {\n\t\t\t\tconst members = await ctx.context.adapter.findMany<Member>({\n\t\t\t\t\tmodel: \"member\",\n\t\t\t\t\twhere: [\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tfield: \"organizationId\",\n\t\t\t\t\t\t\tvalue: organizationId,\n\t\t\t\t\t\t},\n\t\t\t\t\t],\n\t\t\t\t});\n\t\t\t\tconst owners = members.filter((member: Member) => {\n\t\t\t\t\tconst roles = member.role.split(\",\");\n\t\t\t\t\treturn roles.includes(creatorRole);\n\t\t\t\t});\n\t\t\t\tif (owners.length <= 1 && !isSettingCreatorRole) {\n\t\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\t\tORGANIZATION_ERROR_CODES.YOU_CANNOT_LEAVE_THE_ORGANIZATION_WITHOUT_AN_OWNER,\n\t\t\t\t\t);\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tconst canUpdateMember = await hasPermission(\n\t\t\t\t{\n\t\t\t\t\trole: member.role,\n\t\t\t\t\toptions: ctx.context.orgOptions,\n\t\t\t\t\tpermissions: {\n\t\t\t\t\t\tmember: [\"update\"],\n\t\t\t\t\t},\n\t\t\t\t\tallowCreatorAllPermissions: true,\n\t\t\t\t\torganizationId,\n\t\t\t\t},\n\t\t\t\tctx,\n\t\t\t);\n\n\t\t\tif (!canUpdateMember) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"FORBIDDEN\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.YOU_ARE_NOT_ALLOWED_TO_UPDATE_THIS_MEMBER,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\tconst organization = await adapter.findOrganizationById(organizationId);\n\t\t\tif (!organization) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.ORGANIZATION_NOT_FOUND,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\tconst userBeingUpdated = await ctx.context.internalAdapter.findUserById(\n\t\t\t\ttoBeUpdatedMember.userId,\n\t\t\t);\n\t\t\tif (!userBeingUpdated) {\n\t\t\t\tthrow APIError.fromStatus(\"BAD_REQUEST\", {\n\t\t\t\t\tmessage: \"User not found\",\n\t\t\t\t});\n\t\t\t}\n\n\t\t\tconst previousRole = toBeUpdatedMember.role;\n\t\t\tconst newRole = parseRoles(ctx.body.role as string | string[]);\n\n\t\t\t// Run beforeUpdateMemberRole hook\n\t\t\tif (option?.organizationHooks?.beforeUpdateMemberRole) {\n\t\t\t\tconst response = await option?.organizationHooks.beforeUpdateMemberRole(\n\t\t\t\t\t{\n\t\t\t\t\t\tmember: toBeUpdatedMember,\n\t\t\t\t\t\tnewRole,\n\t\t\t\t\t\tuser: userBeingUpdated,\n\t\t\t\t\t\torganization,\n\t\t\t\t\t},\n\t\t\t\t);\n\t\t\t\tif (response && typeof response === \"object\" && \"data\" in response) {\n\t\t\t\t\t// Allow the hook to modify the role\n\t\t\t\t\tconst updatedMember = await adapter.updateMember(\n\t\t\t\t\t\tctx.body.memberId,\n\t\t\t\t\t\tresponse.data.role || newRole,\n\t\t\t\t\t);\n\t\t\t\t\tif (!updatedMember) {\n\t\t\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\t\t\tORGANIZATION_ERROR_CODES.MEMBER_NOT_FOUND,\n\t\t\t\t\t\t);\n\t\t\t\t\t}\n\n\t\t\t\t\t// Run afterUpdateMemberRole hook\n\t\t\t\t\tif (option?.organizationHooks?.afterUpdateMemberRole) {\n\t\t\t\t\t\tawait option?.organizationHooks.afterUpdateMemberRole({\n\t\t\t\t\t\t\tmember: updatedMember,\n\t\t\t\t\t\t\tpreviousRole,\n\t\t\t\t\t\t\tuser: userBeingUpdated,\n\t\t\t\t\t\t\torganization,\n\t\t\t\t\t\t});\n\t\t\t\t\t}\n\n\t\t\t\t\treturn ctx.json(updatedMember);\n\t\t\t\t}\n\t\t\t}\n\n\t\t\tconst updatedMember = await adapter.updateMember(\n\t\t\t\tctx.body.memberId,\n\t\t\t\tnewRole,\n\t\t\t);\n\t\t\tif (!updatedMember) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.MEMBER_NOT_FOUND,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\t// Run afterUpdateMemberRole hook\n\t\t\tif (option?.organizationHooks?.afterUpdateMemberRole) {\n\t\t\t\tawait option?.organizationHooks.afterUpdateMemberRole({\n\t\t\t\t\tmember: updatedMember,\n\t\t\t\t\tpreviousRole,\n\t\t\t\t\tuser: userBeingUpdated,\n\t\t\t\t\torganization,\n\t\t\t\t});\n\t\t\t}\n\n\t\t\treturn ctx.json(updatedMember);\n\t\t},\n\t);\n\nexport const getActiveMember = <O extends OrganizationOptions>(options: O) =>\n\tcreateAuthEndpoint(\n\t\t\"/organization/get-active-member\",\n\t\t{\n\t\t\tmethod: \"GET\",\n\t\t\tuse: [orgMiddleware, orgSessionMiddleware],\n\t\t\trequireHeaders: true,\n\t\t\tmetadata: {\n\t\t\t\topenapi: {\n\t\t\t\t\tdescription: \"Get the member details of the active organization\",\n\t\t\t\t\tresponses: {\n\t\t\t\t\t\t\"200\": {\n\t\t\t\t\t\t\tdescription: \"Success\",\n\t\t\t\t\t\t\tcontent: {\n\t\t\t\t\t\t\t\t\"application/json\": {\n\t\t\t\t\t\t\t\t\tschema: {\n\t\t\t\t\t\t\t\t\t\ttype: \"object\",\n\t\t\t\t\t\t\t\t\t\tproperties: {\n\t\t\t\t\t\t\t\t\t\t\tid: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\tuserId: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\torganizationId: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t\trole: {\n\t\t\t\t\t\t\t\t\t\t\t\ttype: \"string\",\n\t\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t\t\trequired: [\"id\", \"userId\", \"organizationId\", \"role\"],\n\t\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t\t},\n\t\t\t\t\t\t\t},\n\t\t\t\t\t\t},\n\t\t\t\t\t},\n\t\t\t\t},\n\t\t\t},\n\t\t},\n\t\tasync (ctx) => {\n\t\t\tconst session = ctx.context.session;\n\t\t\tconst organizationId = session.session.activeOrganizationId;\n\t\t\tif (!organizationId) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.NO_ACTIVE_ORGANIZATION,\n\t\t\t\t);\n\t\t\t}\n\t\t\tconst adapter = getOrgAdapter<O>(ctx.context, options);\n\t\t\tconst member = await adapter.findMemberByOrgId({\n\t\t\t\tuserId: session.user.id,\n\t\t\t\torganizationId: organizationId,\n\t\t\t});\n\t\t\tif (!member) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.MEMBER_NOT_FOUND,\n\t\t\t\t);\n\t\t\t}\n\t\t\treturn ctx.json(member);\n\t\t},\n\t);\n\nconst leaveOrganizationBodySchema = z.object({\n\torganizationId: z.string().meta({\n\t\tdescription:\n\t\t\t'The organization Id for the member to leave. Eg: \"organization-id\"',\n\t}),\n});\n\nexport const leaveOrganization = <O extends OrganizationOptions>(options: O) =>\n\tcreateAuthEndpoint(\n\t\t\"/organization/leave\",\n\t\t{\n\t\t\tmethod: \"POST\",\n\t\t\tbody: leaveOrganizationBodySchema,\n\t\t\trequireHeaders: true,\n\t\t\tuse: [sessionMiddleware, orgMiddleware],\n\t\t},\n\t\tasync (ctx) => {\n\t\t\tconst session = ctx.context.session;\n\t\t\tconst adapter = getOrgAdapter<O>(ctx.context, options);\n\t\t\tconst member = await adapter.findMemberByOrgId({\n\t\t\t\tuserId: session.user.id,\n\t\t\t\torganizationId: ctx.body.organizationId,\n\t\t\t});\n\n\t\t\tif (!member) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.MEMBER_NOT_FOUND,\n\t\t\t\t);\n\t\t\t}\n\t\t\tconst creatorRole = ctx.context.orgOptions?.creatorRole || \"owner\";\n\t\t\tconst isOwnerLeaving = member.role.split(\",\").includes(creatorRole);\n\t\t\tif (isOwnerLeaving) {\n\t\t\t\tconst members = await ctx.context.adapter.findMany<Member>({\n\t\t\t\t\tmodel: \"member\",\n\t\t\t\t\twhere: [\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tfield: \"organizationId\",\n\t\t\t\t\t\t\tvalue: ctx.body.organizationId,\n\t\t\t\t\t\t},\n\t\t\t\t\t],\n\t\t\t\t});\n\t\t\t\tconst owners = members.filter((member) =>\n\t\t\t\t\tmember.role.split(\",\").includes(creatorRole),\n\t\t\t\t);\n\t\t\t\tif (owners.length <= 1) {\n\t\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\t\tORGANIZATION_ERROR_CODES.YOU_CANNOT_LEAVE_THE_ORGANIZATION_AS_THE_ONLY_OWNER,\n\t\t\t\t\t);\n\t\t\t\t}\n\t\t\t}\n\t\t\tawait adapter.deleteMember({\n\t\t\t\tmemberId: member.id,\n\t\t\t\torganizationId: ctx.body.organizationId,\n\t\t\t\tuserId: session.user.id,\n\t\t\t});\n\t\t\tif (session.session.activeOrganizationId === ctx.body.organizationId) {\n\t\t\t\tawait adapter.setActiveOrganization(session.session.token, null, ctx);\n\t\t\t}\n\t\t\treturn ctx.json(member);\n\t\t},\n\t);\n\nexport const listMembers = <O extends OrganizationOptions>(options: O) =>\n\tcreateAuthEndpoint(\n\t\t\"/organization/list-members\",\n\t\t{\n\t\t\tmethod: \"GET\",\n\t\t\tquery: z\n\t\t\t\t.object({\n\t\t\t\t\tlimit: z\n\t\t\t\t\t\t.string()\n\t\t\t\t\t\t.meta({\n\t\t\t\t\t\t\tdescription: \"The number of users to return\",\n\t\t\t\t\t\t})\n\t\t\t\t\t\t.or(z.number())\n\t\t\t\t\t\t.optional(),\n\t\t\t\t\toffset: z\n\t\t\t\t\t\t.string()\n\t\t\t\t\t\t.meta({\n\t\t\t\t\t\t\tdescription: \"The offset to start from\",\n\t\t\t\t\t\t})\n\t\t\t\t\t\t.or(z.number())\n\t\t\t\t\t\t.optional(),\n\t\t\t\t\tsortBy: z\n\t\t\t\t\t\t.string()\n\t\t\t\t\t\t.meta({\n\t\t\t\t\t\t\tdescription: \"The field to sort by\",\n\t\t\t\t\t\t})\n\t\t\t\t\t\t.optional(),\n\t\t\t\t\tsortDirection: z\n\t\t\t\t\t\t.enum([\"asc\", \"desc\"])\n\t\t\t\t\t\t.meta({\n\t\t\t\t\t\t\tdescription: \"The direction to sort by\",\n\t\t\t\t\t\t})\n\t\t\t\t\t\t.optional(),\n\t\t\t\t\tfilterField: z\n\t\t\t\t\t\t.string()\n\t\t\t\t\t\t.meta({\n\t\t\t\t\t\t\tdescription: \"The field to filter by\",\n\t\t\t\t\t\t})\n\t\t\t\t\t\t.optional(),\n\t\t\t\t\tfilterValue: z\n\t\t\t\t\t\t.string()\n\t\t\t\t\t\t.meta({\n\t\t\t\t\t\t\tdescription: \"The value to filter by\",\n\t\t\t\t\t\t})\n\t\t\t\t\t\t.or(z.number())\n\t\t\t\t\t\t.or(z.boolean())\n\t\t\t\t\t\t.or(z.array(z.string()))\n\t\t\t\t\t\t.or(z.array(z.number()))\n\t\t\t\t\t\t.optional(),\n\t\t\t\t\tfilterOperator: z\n\t\t\t\t\t\t.enum(whereOperators)\n\t\t\t\t\t\t.meta({\n\t\t\t\t\t\t\tdescription: \"The operator to use for the filter\",\n\t\t\t\t\t\t})\n\t\t\t\t\t\t.optional(),\n\t\t\t\t\torganizationId: z\n\t\t\t\t\t\t.string()\n\t\t\t\t\t\t.meta({\n\t\t\t\t\t\t\tdescription:\n\t\t\t\t\t\t\t\t'The organization ID to list members for. If not provided, will default to the user\\'s active organization. Eg: \"organization-id\"',\n\t\t\t\t\t\t})\n\t\t\t\t\t\t.optional(),\n\t\t\t\t\torganizationSlug: z\n\t\t\t\t\t\t.string()\n\t\t\t\t\t\t.meta({\n\t\t\t\t\t\t\tdescription:\n\t\t\t\t\t\t\t\t'The organization slug to list members for. If not provided, will default to the user\\'s active organization. Eg: \"organization-slug\"',\n\t\t\t\t\t\t})\n\t\t\t\t\t\t.optional(),\n\t\t\t\t})\n\t\t\t\t.optional(),\n\t\t\trequireHeaders: true,\n\t\t\tuse: [orgMiddleware, orgSessionMiddleware],\n\t\t},\n\t\tasync (ctx) => {\n\t\t\tconst session = ctx.context.session;\n\t\t\tlet organizationId =\n\t\t\t\tctx.query?.organizationId || session.session.activeOrganizationId;\n\t\t\tconst adapter = getOrgAdapter<O>(ctx.context, options);\n\t\t\tif (ctx.query?.organizationSlug) {\n\t\t\t\tconst organization = await adapter.findOrganizationBySlug(\n\t\t\t\t\tctx.query?.organizationSlug,\n\t\t\t\t);\n\t\t\t\tif (!organization) {\n\t\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\t\tORGANIZATION_ERROR_CODES.ORGANIZATION_NOT_FOUND,\n\t\t\t\t\t);\n\t\t\t\t}\n\t\t\t\torganizationId = organization.id;\n\t\t\t}\n\t\t\tif (!organizationId) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.NO_ACTIVE_ORGANIZATION,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\tconst isMember = await adapter.findMemberByOrgId({\n\t\t\t\tuserId: session.user.id,\n\t\t\t\torganizationId,\n\t\t\t});\n\t\t\tif (!isMember) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"FORBIDDEN\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.YOU_ARE_NOT_A_MEMBER_OF_THIS_ORGANIZATION,\n\t\t\t\t);\n\t\t\t}\n\t\t\tconst { members, total } = await adapter.listMembers({\n\t\t\t\torganizationId,\n\t\t\t\tlimit: ctx.query?.limit ? Number(ctx.query.limit) : undefined,\n\t\t\t\toffset: ctx.query?.offset ? Number(ctx.query.offset) : undefined,\n\t\t\t\tsortBy: ctx.query?.sortBy,\n\t\t\t\tsortOrder: ctx.query?.sortDirection,\n\t\t\t\tfilter: ctx.query?.filterField\n\t\t\t\t\t? {\n\t\t\t\t\t\t\tfield: ctx.query?.filterField,\n\t\t\t\t\t\t\toperator: ctx.query.filterOperator,\n\t\t\t\t\t\t\tvalue: ctx.query.filterValue,\n\t\t\t\t\t\t}\n\t\t\t\t\t: undefined,\n\t\t\t});\n\t\t\treturn ctx.json({\n\t\t\t\tmembers,\n\t\t\t\ttotal,\n\t\t\t});\n\t\t},\n\t);\n\nconst getActiveMemberRoleQuerySchema = z\n\t.object({\n\t\tuserId: z\n\t\t\t.string()\n\t\t\t.meta({\n\t\t\t\tdescription:\n\t\t\t\t\t\"The user ID to get the role for. If not provided, will default to the current user's\",\n\t\t\t})\n\t\t\t.optional(),\n\t\torganizationId: z\n\t\t\t.string()\n\t\t\t.meta({\n\t\t\t\tdescription:\n\t\t\t\t\t'The organization ID to list members for. If not provided, will default to the user\\'s active organization. Eg: \"organization-id\"',\n\t\t\t})\n\t\t\t.optional(),\n\t\torganizationSlug: z\n\t\t\t.string()\n\t\t\t.meta({\n\t\t\t\tdescription:\n\t\t\t\t\t'The organization slug to list members for. If not provided, will default to the user\\'s active organization. Eg: \"organization-slug\"',\n\t\t\t})\n\t\t\t.optional(),\n\t})\n\t.optional();\n\nexport const getActiveMemberRole = <O extends OrganizationOptions>(\n\toptions: O,\n) =>\n\tcreateAuthEndpoint(\n\t\t\"/organization/get-active-member-role\",\n\t\t{\n\t\t\tmethod: \"GET\",\n\t\t\tquery: getActiveMemberRoleQuerySchema,\n\t\t\trequireHeaders: true,\n\t\t\tuse: [orgMiddleware, orgSessionMiddleware],\n\t\t},\n\t\tasync (ctx) => {\n\t\t\tconst session = ctx.context.session;\n\t\t\tlet organizationId =\n\t\t\t\tctx.query?.organizationId || session.session.activeOrganizationId;\n\t\t\tconst adapter = getOrgAdapter<O>(ctx.context, options);\n\t\t\tif (ctx.query?.organizationSlug) {\n\t\t\t\tconst organization = await adapter.findOrganizationBySlug(\n\t\t\t\t\tctx.query?.organizationSlug,\n\t\t\t\t);\n\t\t\t\tif (!organization) {\n\t\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\t\tORGANIZATION_ERROR_CODES.ORGANIZATION_NOT_FOUND,\n\t\t\t\t\t);\n\t\t\t\t}\n\t\t\t\torganizationId = organization.id;\n\t\t\t}\n\t\t\tif (!organizationId) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"BAD_REQUEST\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.NO_ACTIVE_ORGANIZATION,\n\t\t\t\t);\n\t\t\t}\n\t\t\tconst isMember = await adapter.findMemberByOrgId({\n\t\t\t\tuserId: session.user.id,\n\t\t\t\torganizationId,\n\t\t\t});\n\t\t\tif (!isMember) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"FORBIDDEN\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.YOU_ARE_NOT_A_MEMBER_OF_THIS_ORGANIZATION,\n\t\t\t\t);\n\t\t\t}\n\t\t\tif (!ctx.query?.userId) {\n\t\t\t\treturn ctx.json({\n\t\t\t\t\trole: isMember.role,\n\t\t\t\t});\n\t\t\t}\n\t\t\tconst userIdToGetRole = ctx.query?.userId;\n\t\t\tconst member = await adapter.findMemberByOrgId({\n\t\t\t\tuserId: userIdToGetRole,\n\t\t\t\torganizationId,\n\t\t\t});\n\t\t\tif (!member) {\n\t\t\t\tthrow APIError.from(\n\t\t\t\t\t\"FORBIDDEN\",\n\t\t\t\t\tORGANIZATION_ERROR_CODES.YOU_ARE_NOT_A_MEMBER_OF_THIS_ORGANIZATION,\n\t\t\t\t);\n\t\t\t}\n\n\t\t\treturn ctx.json({\n\t\t\t\trole: member?.role,\n\t\t\t});\n\t\t},\n\t);\n"],"mappings":";;;;;;;;;;;;;;AAoBA,MAAM,mBAAmB,EAAE,OAAO;CACjC,QAAQ,EAAE,OAAO,QAAQ,CAAC,KAAK,EAC9B,aACC,wJACD,CAAC;CACF,MAAM,EAAE,MAAM,CAAC,EAAE,QAAQ,EAAE,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,KAAK,EACrD,aACC,sEACD,CAAC;CACF,gBAAgB,EACd,QAAQ,CACR,KAAK,EACL,aACC,wHACD,CAAC,CACD,UAAU;CACZ,QAAQ,EACN,QAAQ,CACR,KAAK,EACL,aAAa,6DACb,CAAC,CACD,UAAU;CACZ,CAAC;AAEF,MAAa,aAA4C,WAAc;CACtE,MAAM,yBAAyB,YAAY;EAC1C,QAAQ,QAAQ,QAAQ,QAAQ,oBAAoB,EAAE;EACtD,cAAc;EACd,CAAC;AACF,QAAO,mBACN;EACC,QAAQ;EACR,MAAM,EAAE,OAAO;GACd,GAAG,iBAAiB;GACpB,GAAG,uBAAuB;GAC1B,CAAC;EACF,KAAK,CAAC,cAAc;EACpB,UAAU;GACT,QAAQ,EACP,MAAM,EAAE,EAUR;GACD,SAAS;IACR,aAAa;IACb,aAAa;IACb;GACD;EACD,EACD,OAAO,QAAQ;EACd,MAAM,UAAU,IAAI,KAAK,SACtB,MAAM,kBAIJ,IAAI,CAAC,OAAO,MAAM,KAAK,GACzB;EACH,MAAM,QACL,IAAI,KAAK,kBAAkB,SAAS,QAAQ;AAC7C,MAAI,CAAC,MACJ,OAAM,SAAS,KACd,eACA,yBAAyB,uBACzB;EAGF,MAAM,SACL,YAAY,IAAI,OAAQ,IAAI,KAAK,SAAoB;AACtD,MAAI,UAAU,CAAC,IAAI,QAAQ,WAAW,OAAO,SAAS;AACrD,OAAI,QAAQ,OAAO,MAAM,wBAAwB;AACjD,SAAM,SAAS,WAAW,eAAe,EACxC,SAAS,yBACT,CAAC;;EAGH,MAAM,UAAU,cAAiB,IAAI,SAAS,OAAO;EAErD,MAAM,OAAO,MAAM,IAAI,QAAQ,gBAAgB,aAC9C,IAAI,KAAK,OACT;AAED,MAAI,CAAC,KACJ,OAAM,SAAS,KAAK,eAAe,iBAAiB,eAAe;AAQpE,MALsB,MAAM,QAAQ,kBAAkB;GACrD,OAAO,KAAK;GACZ,gBAAgB;GAChB,CAAC,CAGD,OAAM,SAAS,KACd,eACA,yBAAyB,8CACzB;AAGF,MAAI,QAAQ;GACX,MAAM,OAAO,MAAM,QAAQ,aAAa;IACvC;IACA,gBAAgB;IAChB,CAAC;AACF,OAAI,CAAC,QAAQ,KAAK,mBAAmB,MACpC,OAAM,SAAS,KACd,eACA,yBAAyB,eACzB;;EAIH,MAAM,kBAAkB,IAAI,QAAQ,YAAY,mBAAmB;EACnE,MAAM,QAAQ,MAAM,QAAQ,aAAa,EAAE,gBAAgB,OAAO,CAAC;EAEnE,MAAM,eAAe,MAAM,QAAQ,qBAAqB,MAAM;AAC9D,MAAI,CAAC,aACJ,OAAM,SAAS,KACd,eACA,yBAAyB,uBACzB;AAQF,MAAI,UAJH,OAAO,oBAAoB,WACxB,kBACA,MAAM,gBAAgB,MAAM,aAAa,EAG5C,OAAM,SAAS,KACd,aACA,yBAAyB,sCACzB;EAGF,MAAM,EACL,MAAM,GACN,QAAQ,IACR,gBAAgB,KAChB,GAAG,qBACA,IAAI;EAER,IAAI,aAAa;GAChB,gBAAgB;GAChB,QAAQ,KAAK;GACb,MAAM,WAAW,IAAI,KAAK,KAAK;GAC/B,2BAAW,IAAI,MAAM;GACrB,GAAI,mBAAmB,mBAAmB,EAAE;GAC5C;AAGD,MAAI,QAAQ,mBAAmB,iBAAiB;GAC/C,MAAM,WAAW,MAAM,QAAQ,kBAAkB,gBAAgB;IAChE,QAAQ;KACP,QAAQ,KAAK;KACb,gBAAgB;KAChB,MAAM,WAAW,IAAI,KAAK,KAA0B;KACpD,GAAG;KACH;IACD;IACA;IACA,CAAC;AACF,OAAI,YAAY,OAAO,aAAa,YAAY,UAAU,SACzD,cAAa;IACZ,GAAG;IACH,GAAG,SAAS;IACZ;;EAIH,MAAM,gBAAgB,MAAM,QAAQ,aAAa,WAAW;AAE5D,MAAI,OACH,OAAM,QAAQ,uBAAuB;GACpC,QAAQ,KAAK;GACb;GACA,CAAC;AAIH,MAAI,QAAQ,mBAAmB,eAC9B,OAAM,QAAQ,kBAAkB,eAAe;GAC9C,QAAQ;GACR;GACA;GACA,CAAC;AAGH,SAAO,IAAI,KAAK,cAAc;GAE/B;;AAGF,MAAM,yBAAyB,EAAE,OAAO;CACvC,iBAAiB,EAAE,QAAQ,CAAC,KAAK,EAChC,aAAa,2CACb,CAAC;CAIF,gBAAgB,EACd,QAAQ,CACR,KAAK,EACL,aACC,+HACD,CAAC,CACD,UAAU;CACZ,CAAC;AAEF,MAAa,gBAA+C,YAC3D,mBACC,+BACA;CACC,QAAQ;CACR,MAAM;CACN,gBAAgB;CAChB,KAAK,CAAC,eAAe,qBAAqB;CAC1C,UAAU,EACT,SAAS;EACR,aAAa;EACb,WAAW,EACV,OAAO;GACN,aAAa;GACb,SAAS,EACR,oBAAoB,EACnB,QAAQ;IACP,MAAM;IACN,YAAY,EACX,QAAQ;KACP,MAAM;KACN,YAAY;MACX,IAAI,EACH,MAAM,UACN;MACD,QAAQ,EACP,MAAM,UACN;MACD,gBAAgB,EACf,MAAM,UACN;MACD,MAAM,EACL,MAAM,UACN;MACD;KACD,UAAU;MAAC;MAAM;MAAU;MAAkB;MAAO;KACpD,EACD;IACD,UAAU,CAAC,SAAS;IACpB,EACD,EACD;GACD,EACD;EACD,EACD;CACD,EACD,OAAO,QAAQ;CACd,MAAM,UAAU,IAAI,QAAQ;CAC5B,MAAM,iBACL,IAAI,KAAK,kBAAkB,QAAQ,QAAQ;AAC5C,KAAI,CAAC,eACJ,OAAM,SAAS,KACd,eACA,yBAAyB,uBACzB;CAEF,MAAM,UAAU,cAAiB,IAAI,SAAS,QAAQ;CACtD,MAAM,SAAS,MAAM,QAAQ,kBAAkB;EAC9C,QAAQ,QAAQ,KAAK;EACL;EAChB,CAAC;AACF,KAAI,CAAC,OACJ,OAAM,SAAS,KACd,eACA,yBAAyB,iBACzB;CAEF,IAAI,oBAA2C;AAC/C,KAAI,IAAI,KAAK,gBAAgB,SAAS,IAAI,CACzC,qBAAoB,MAAM,QAAQ,kBAAkB;EACnD,OAAO,IAAI,KAAK;EACA;EAChB,CAAC;MACI;EACN,MAAM,SAAS,MAAM,QAAQ,eAAe,IAAI,KAAK,gBAAgB;AACrE,MAAI,CAAC,OAAQ,qBAAoB;OAC5B;GACJ,MAAM,EAAE,MAAM,OAAO,GAAG,WAAW;AACnC,uBAAoB;;;AAGtB,KAAI,CAAC,kBACJ,OAAM,SAAS,KACd,eACA,yBAAyB,iBACzB;CAEF,MAAM,QAAQ,kBAAkB,KAAK,MAAM,IAAI;CAC/C,MAAM,cAAc,IAAI,QAAQ,YAAY,eAAe;AAE3D,KADgB,MAAM,SAAS,YAAY,EAC9B;AACZ,MAAI,OAAO,SAAS,YACnB,OAAM,SAAS,KACd,eACA,yBAAyB,oDACzB;EAEF,MAAM,EAAE,YAAY,MAAM,QAAQ,YAAY,EAC7B,gBAChB,CAAC;AAKF,MAJe,QAAQ,QAAQ,WAAW;AAEzC,UADc,OAAO,KAAK,MAAM,IAAI,CACvB,SAAS,YAAY;IACjC,CACS,UAAU,EACpB,OAAM,SAAS,KACd,eACA,yBAAyB,oDACzB;;AAeH,KAAI,CAZoB,MAAM,cAC7B;EACC,MAAM,OAAO;EACb,SAAS,IAAI,QAAQ;EACrB,aAAa,EACZ,QAAQ,CAAC,SAAS,EAClB;EACD;EACA,EACD,IACA,CAGA,OAAM,SAAS,KACd,gBACA,yBAAyB,0CACzB;AAGF,KAAI,mBAAmB,mBAAmB,eACzC,OAAM,SAAS,KACd,eACA,yBAAyB,iBACzB;CAGF,MAAM,eAAe,MAAM,QAAQ,qBAAqB,eAAe;AACvE,KAAI,CAAC,aACJ,OAAM,SAAS,KACd,eACA,yBAAyB,uBACzB;CAGF,MAAM,mBAAmB,MAAM,IAAI,QAAQ,gBAAgB,aAC1D,kBAAkB,OAClB;AACD,KAAI,CAAC,iBACJ,OAAM,SAAS,WAAW,eAAe,EACxC,SAAS,kBACT,CAAC;AAIH,KAAI,SAAS,mBAAmB,mBAC/B,OAAM,SAAS,kBAAkB,mBAAmB;EACnD,QAAQ;EACR,MAAM;EACN;EACA,CAAC;AAEH,OAAM,QAAQ,aAAa;EAC1B,UAAU,kBAAkB;EACZ;EAChB,QAAQ,kBAAkB;EAC1B,CAAC;AACF,KACC,QAAQ,KAAK,OAAO,kBAAkB,UACtC,QAAQ,QAAQ,yBACf,kBAAkB,eAEnB,OAAM,QAAQ,sBAAsB,QAAQ,QAAQ,OAAO,MAAM,IAAI;AAItE,KAAI,SAAS,mBAAmB,kBAC/B,OAAM,SAAS,kBAAkB,kBAAkB;EAClD,QAAQ;EACR,MAAM;EACN;EACA,CAAC;AAGH,QAAO,IAAI,KAAK,EACf,QAAQ,mBACR,CAAC;EAEH;AAEF,MAAM,6BAA6B,EAAE,OAAO;CAC3C,MAAM,EAAE,MAAM,CAAC,EAAE,QAAQ,EAAE,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,KAAK,EACrD,aACC,0HACD,CAAC;CACF,UAAU,EAAE,QAAQ,CAAC,KAAK,EACzB,aAAa,gEACb,CAAC;CACF,gBAAgB,EACd,QAAQ,CACR,KAAK,EACL,aACC,iMACD,CAAC,CACD,UAAU;CACZ,CAAC;AAEF,MAAa,oBAAmD,WAC/D,mBACC,oCACA;CACC,QAAQ;CACR,MAAM;CACN,KAAK,CAAC,eAAe,qBAAqB;CAC1C,gBAAgB;CAChB,UAAU;EACT,QAAQ,EACP,MAAM,EAAE,EAYR;EACD,SAAS;GACR,aAAa;GACb,aAAa;GACb,WAAW,EACV,OAAO;IACN,aAAa;IACb,SAAS,EACR,oBAAoB,EACnB,QAAQ;KACP,MAAM;KACN,YAAY,EACX,QAAQ;MACP,MAAM;MACN,YAAY;OACX,IAAI,EACH,MAAM,UACN;OACD,QAAQ,EACP,MAAM,UACN;OACD,gBAAgB,EACf,MAAM,UACN;OACD,MAAM,EACL,MAAM,UACN;OACD;MACD,UAAU;OAAC;OAAM;OAAU;OAAkB;OAAO;MACpD,EACD;KACD,UAAU,CAAC,SAAS;KACpB,EACD,EACD;IACD,EACD;GACD;EACD;CACD,EACD,OAAO,QAAQ;CACd,MAAM,UAAU,IAAI,QAAQ;AAE5B,KAAI,CAAC,IAAI,KAAK,KACb,OAAM,SAAS,WAAW,cAAc;CAGzC,MAAM,iBACL,IAAI,KAAK,kBAAkB,QAAQ,QAAQ;AAE5C,KAAI,CAAC,eACJ,OAAM,SAAS,KACd,eACA,yBAAyB,uBACzB;CAGF,MAAM,UAAU,cAAc,IAAI,SAAS,IAAI,QAAQ,WAAW;CAClE,MAAM,YAAsB,MAAM,QAAQ,IAAI,KAAK,KAAK,GACrD,IAAI,KAAK,OACT,IAAI,KAAK,OACR,CAAC,IAAI,KAAK,KAAK,GACf,EAAE;CAEN,MAAM,SAAS,MAAM,QAAQ,kBAAkB;EAC9C,QAAQ,QAAQ,KAAK;EACL;EAChB,CAAC;AAEF,KAAI,CAAC,OACJ,OAAM,SAAS,KACd,eACA,yBAAyB,iBACzB;CAGF,MAAM,oBACL,OAAO,OAAO,IAAI,KAAK,WACpB,MAAM,QAAQ,eAAe,IAAI,KAAK,SAAS,GAC/C;AAEJ,KAAI,CAAC,kBACJ,OAAM,SAAS,KACd,eACA,yBAAyB,iBACzB;AAMF,KAAI,EAFH,kBAAkB,mBAAmB,gBAGrC,OAAM,SAAS,KACd,aACA,yBAAyB,0CACzB;CAGF,MAAM,cAAc,IAAI,QAAQ,YAAY,eAAe;CAE3D,MAAM,sBAAsB,OAAO,KAAK,MAAM,IAAI;CAGlD,MAAM,oBAFyB,kBAAkB,KAAK,MAAM,IAAI,CAEf,SAAS,YAAY;CACtE,MAAM,mBAAmB,oBAAoB,SAAS,YAAY;CAElE,MAAM,uBAAuB,UAAU,SAAS,YAAY;CAE5D,MAAM,6BAA6B,OAAO,OAAO,kBAAkB;AAEnE,KACE,qBAAqB,CAAC,oBACtB,wBAAwB,CAAC,iBAE1B,OAAM,SAAS,KACd,aACA,yBAAyB,0CACzB;AAGF,KAAI,oBAAoB,4BAcvB;OAbgB,MAAM,IAAI,QAAQ,QAAQ,SAAiB;GAC1D,OAAO;GACP,OAAO,CACN;IACC,OAAO;IACP,OAAO;IACP,CACD;GACD,CAAC,EACqB,QAAQ,WAAmB;AAEjD,UADc,OAAO,KAAK,MAAM,IAAI,CACvB,SAAS,YAAY;IACjC,CACS,UAAU,KAAK,CAAC,qBAC1B,OAAM,SAAS,KACd,eACA,yBAAyB,mDACzB;;AAiBH,KAAI,CAboB,MAAM,cAC7B;EACC,MAAM,OAAO;EACb,SAAS,IAAI,QAAQ;EACrB,aAAa,EACZ,QAAQ,CAAC,SAAS,EAClB;EACD,4BAA4B;EAC5B;EACA,EACD,IACA,CAGA,OAAM,SAAS,KACd,aACA,yBAAyB,0CACzB;CAGF,MAAM,eAAe,MAAM,QAAQ,qBAAqB,eAAe;AACvE,KAAI,CAAC,aACJ,OAAM,SAAS,KACd,eACA,yBAAyB,uBACzB;CAGF,MAAM,mBAAmB,MAAM,IAAI,QAAQ,gBAAgB,aAC1D,kBAAkB,OAClB;AACD,KAAI,CAAC,iBACJ,OAAM,SAAS,WAAW,eAAe,EACxC,SAAS,kBACT,CAAC;CAGH,MAAM,eAAe,kBAAkB;CACvC,MAAM,UAAU,WAAW,IAAI,KAAK,KAA0B;AAG9D,KAAI,QAAQ,mBAAmB,wBAAwB;EACtD,MAAM,WAAW,MAAM,QAAQ,kBAAkB,uBAChD;GACC,QAAQ;GACR;GACA,MAAM;GACN;GACA,CACD;AACD,MAAI,YAAY,OAAO,aAAa,YAAY,UAAU,UAAU;GAEnE,MAAM,gBAAgB,MAAM,QAAQ,aACnC,IAAI,KAAK,UACT,SAAS,KAAK,QAAQ,QACtB;AACD,OAAI,CAAC,cACJ,OAAM,SAAS,KACd,eACA,yBAAyB,iBACzB;AAIF,OAAI,QAAQ,mBAAmB,sBAC9B,OAAM,QAAQ,kBAAkB,sBAAsB;IACrD,QAAQ;IACR;IACA,MAAM;IACN;IACA,CAAC;AAGH,UAAO,IAAI,KAAK,cAAc;;;CAIhC,MAAM,gBAAgB,MAAM,QAAQ,aACnC,IAAI,KAAK,UACT,QACA;AACD,KAAI,CAAC,cACJ,OAAM,SAAS,KACd,eACA,yBAAyB,iBACzB;AAIF,KAAI,QAAQ,mBAAmB,sBAC9B,OAAM,QAAQ,kBAAkB,sBAAsB;EACrD,QAAQ;EACR;EACA,MAAM;EACN;EACA,CAAC;AAGH,QAAO,IAAI,KAAK,cAAc;EAE/B;AAEF,MAAa,mBAAkD,YAC9D,mBACC,mCACA;CACC,QAAQ;CACR,KAAK,CAAC,eAAe,qBAAqB;CAC1C,gBAAgB;CAChB,UAAU,EACT,SAAS;EACR,aAAa;EACb,WAAW,EACV,OAAO;GACN,aAAa;GACb,SAAS,EACR,oBAAoB,EACnB,QAAQ;IACP,MAAM;IACN,YAAY;KACX,IAAI,EACH,MAAM,UACN;KACD,QAAQ,EACP,MAAM,UACN;KACD,gBAAgB,EACf,MAAM,UACN;KACD,MAAM,EACL,MAAM,UACN;KACD;IACD,UAAU;KAAC;KAAM;KAAU;KAAkB;KAAO;IACpD,EACD,EACD;GACD,EACD;EACD,EACD;CACD,EACD,OAAO,QAAQ;CACd,MAAM,UAAU,IAAI,QAAQ;CAC5B,MAAM,iBAAiB,QAAQ,QAAQ;AACvC,KAAI,CAAC,eACJ,OAAM,SAAS,KACd,eACA,yBAAyB,uBACzB;CAGF,MAAM,SAAS,MADC,cAAiB,IAAI,SAAS,QAAQ,CACzB,kBAAkB;EAC9C,QAAQ,QAAQ,KAAK;EACL;EAChB,CAAC;AACF,KAAI,CAAC,OACJ,OAAM,SAAS,KACd,eACA,yBAAyB,iBACzB;AAEF,QAAO,IAAI,KAAK,OAAO;EAExB;AAEF,MAAM,8BAA8B,EAAE,OAAO,EAC5C,gBAAgB,EAAE,QAAQ,CAAC,KAAK,EAC/B,aACC,wEACD,CAAC,EACF,CAAC;AAEF,MAAa,qBAAoD,YAChE,mBACC,uBACA;CACC,QAAQ;CACR,MAAM;CACN,gBAAgB;CAChB,KAAK,CAAC,mBAAmB,cAAc;CACvC,EACD,OAAO,QAAQ;CACd,MAAM,UAAU,IAAI,QAAQ;CAC5B,MAAM,UAAU,cAAiB,IAAI,SAAS,QAAQ;CACtD,MAAM,SAAS,MAAM,QAAQ,kBAAkB;EAC9C,QAAQ,QAAQ,KAAK;EACrB,gBAAgB,IAAI,KAAK;EACzB,CAAC;AAEF,KAAI,CAAC,OACJ,OAAM,SAAS,KACd,eACA,yBAAyB,iBACzB;CAEF,MAAM,cAAc,IAAI,QAAQ,YAAY,eAAe;AAE3D,KADuB,OAAO,KAAK,MAAM,IAAI,CAAC,SAAS,YAAY,EAclE;OAZgB,MAAM,IAAI,QAAQ,QAAQ,SAAiB;GAC1D,OAAO;GACP,OAAO,CACN;IACC,OAAO;IACP,OAAO,IAAI,KAAK;IAChB,CACD;GACD,CAAC,EACqB,QAAQ,WAC9B,OAAO,KAAK,MAAM,IAAI,CAAC,SAAS,YAAY,CAC5C,CACU,UAAU,EACpB,OAAM,SAAS,KACd,eACA,yBAAyB,oDACzB;;AAGH,OAAM,QAAQ,aAAa;EAC1B,UAAU,OAAO;EACjB,gBAAgB,IAAI,KAAK;EACzB,QAAQ,QAAQ,KAAK;EACrB,CAAC;AACF,KAAI,QAAQ,QAAQ,yBAAyB,IAAI,KAAK,eACrD,OAAM,QAAQ,sBAAsB,QAAQ,QAAQ,OAAO,MAAM,IAAI;AAEtE,QAAO,IAAI,KAAK,OAAO;EAExB;AAEF,MAAa,eAA8C,YAC1D,mBACC,8BACA;CACC,QAAQ;CACR,OAAO,EACL,OAAO;EACP,OAAO,EACL,QAAQ,CACR,KAAK,EACL,aAAa,iCACb,CAAC,CACD,GAAG,EAAE,QAAQ,CAAC,CACd,UAAU;EACZ,QAAQ,EACN,QAAQ,CACR,KAAK,EACL,aAAa,4BACb,CAAC,CACD,GAAG,EAAE,QAAQ,CAAC,CACd,UAAU;EACZ,QAAQ,EACN,QAAQ,CACR,KAAK,EACL,aAAa,wBACb,CAAC,CACD,UAAU;EACZ,eAAe,EACb,KAAK,CAAC,OAAO,OAAO,CAAC,CACrB,KAAK,EACL,aAAa,4BACb,CAAC,CACD,UAAU;EACZ,aAAa,EACX,QAAQ,CACR,KAAK,EACL,aAAa,0BACb,CAAC,CACD,UAAU;EACZ,aAAa,EACX,QAAQ,CACR,KAAK,EACL,aAAa,0BACb,CAAC,CACD,GAAG,EAAE,QAAQ,CAAC,CACd,GAAG,EAAE,SAAS,CAAC,CACf,GAAG,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC,CACvB,GAAG,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC,CACvB,UAAU;EACZ,gBAAgB,EACd,KAAK,eAAe,CACpB,KAAK,EACL,aAAa,sCACb,CAAC,CACD,UAAU;EACZ,gBAAgB,EACd,QAAQ,CACR,KAAK,EACL,aACC,qIACD,CAAC,CACD,UAAU;EACZ,kBAAkB,EAChB,QAAQ,CACR,KAAK,EACL,aACC,yIACD,CAAC,CACD,UAAU;EACZ,CAAC,CACD,UAAU;CACZ,gBAAgB;CAChB,KAAK,CAAC,eAAe,qBAAqB;CAC1C,EACD,OAAO,QAAQ;CACd,MAAM,UAAU,IAAI,QAAQ;CAC5B,IAAI,iBACH,IAAI,OAAO,kBAAkB,QAAQ,QAAQ;CAC9C,MAAM,UAAU,cAAiB,IAAI,SAAS,QAAQ;AACtD,KAAI,IAAI,OAAO,kBAAkB;EAChC,MAAM,eAAe,MAAM,QAAQ,uBAClC,IAAI,OAAO,iBACX;AACD,MAAI,CAAC,aACJ,OAAM,SAAS,KACd,eACA,yBAAyB,uBACzB;AAEF,mBAAiB,aAAa;;AAE/B,KAAI,CAAC,eACJ,OAAM,SAAS,KACd,eACA,yBAAyB,uBACzB;AAOF,KAAI,CAJa,MAAM,QAAQ,kBAAkB;EAChD,QAAQ,QAAQ,KAAK;EACrB;EACA,CAAC,CAED,OAAM,SAAS,KACd,aACA,yBAAyB,0CACzB;CAEF,MAAM,EAAE,SAAS,UAAU,MAAM,QAAQ,YAAY;EACpD;EACA,OAAO,IAAI,OAAO,QAAQ,OAAO,IAAI,MAAM,MAAM,GAAG;EACpD,QAAQ,IAAI,OAAO,SAAS,OAAO,IAAI,MAAM,OAAO,GAAG;EACvD,QAAQ,IAAI,OAAO;EACnB,WAAW,IAAI,OAAO;EACtB,QAAQ,IAAI,OAAO,cAChB;GACA,OAAO,IAAI,OAAO;GAClB,UAAU,IAAI,MAAM;GACpB,OAAO,IAAI,MAAM;GACjB,GACA;EACH,CAAC;AACF,QAAO,IAAI,KAAK;EACf;EACA;EACA,CAAC;EAEH;AAEF,MAAM,iCAAiC,EACrC,OAAO;CACP,QAAQ,EACN,QAAQ,CACR,KAAK,EACL,aACC,wFACD,CAAC,CACD,UAAU;CACZ,gBAAgB,EACd,QAAQ,CACR,KAAK,EACL,aACC,qIACD,CAAC,CACD,UAAU;CACZ,kBAAkB,EAChB,QAAQ,CACR,KAAK,EACL,aACC,yIACD,CAAC,CACD,UAAU;CACZ,CAAC,CACD,UAAU;AAEZ,MAAa,uBACZ,YAEA,mBACC,wCACA;CACC,QAAQ;CACR,OAAO;CACP,gBAAgB;CAChB,KAAK,CAAC,eAAe,qBAAqB;CAC1C,EACD,OAAO,QAAQ;CACd,MAAM,UAAU,IAAI,QAAQ;CAC5B,IAAI,iBACH,IAAI,OAAO,kBAAkB,QAAQ,QAAQ;CAC9C,MAAM,UAAU,cAAiB,IAAI,SAAS,QAAQ;AACtD,KAAI,IAAI,OAAO,kBAAkB;EAChC,MAAM,eAAe,MAAM,QAAQ,uBAClC,IAAI,OAAO,iBACX;AACD,MAAI,CAAC,aACJ,OAAM,SAAS,KACd,eACA,yBAAyB,uBACzB;AAEF,mBAAiB,aAAa;;AAE/B,KAAI,CAAC,eACJ,OAAM,SAAS,KACd,eACA,yBAAyB,uBACzB;CAEF,MAAM,WAAW,MAAM,QAAQ,kBAAkB;EAChD,QAAQ,QAAQ,KAAK;EACrB;EACA,CAAC;AACF,KAAI,CAAC,SACJ,OAAM,SAAS,KACd,aACA,yBAAyB,0CACzB;AAEF,KAAI,CAAC,IAAI,OAAO,OACf,QAAO,IAAI,KAAK,EACf,MAAM,SAAS,MACf,CAAC;CAEH,MAAM,kBAAkB,IAAI,OAAO;CACnC,MAAM,SAAS,MAAM,QAAQ,kBAAkB;EAC9C,QAAQ;EACR;EACA,CAAC;AACF,KAAI,CAAC,OACJ,OAAM,SAAS,KACd,aACA,yBAAyB,0CACzB;AAGF,QAAO,IAAI,KAAK,EACf,MAAM,QAAQ,MACd,CAAC;EAEH"}