npm - @strapi/admin - Versions diffs - 5.0.0-rc.7 → 5.0.0-rc.9 - Mend

@strapi/admin 5.0.0-rc.7 → 5.0.0-rc.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (233) hide show

package/dist/server/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.js","sources":["../../server/src/utils/index.js","../../server/src/config/admin-actions.ts","../../server/src/config/admin-conditions.ts","../../server/src/bootstrap.ts","../../server/src/routes/serve-admin-panel.ts","../../server/src/strategies/admin.ts","../../server/src/services/constants.ts","../../server/src/strategies/api-token.ts","../../server/src/register.ts","../../server/src/destroy.ts","../../server/src/config/email-templates/forgot-password.ts","../../server/src/config/index.ts","../../server/src/policies/isAuthenticatedAdmin.ts","../../server/src/validation/policies/hasPermissions.ts","../../server/src/policies/hasPermissions.ts","../../server/src/policies/isTelemetryEnabled.ts","../../server/src/policies/index.ts","../../server/src/routes/admin.ts","../../server/src/routes/authentication.ts","../../server/src/routes/permissions.ts","../../server/src/routes/users.ts","../../server/src/routes/roles.ts","../../server/src/routes/webhooks.ts","../../server/src/routes/api-tokens.ts","../../server/src/routes/content-api.ts","../../server/src/strategies/data-transfer.ts","../../server/src/routes/transfer.ts","../../server/src/routes/index.ts","../../server/src/services/auth.ts","../../server/src/domain/user.ts","../../server/src/domain/action/index.ts","../../server/src/validation/common-functions/check-fields-are-correctly-nested.ts","../../server/src/validation/common-functions/check-fields-dont-have-duplicates.ts","../../server/src/validation/common-validators.ts","../../server/src/services/user.ts","../../server/src/domain/permission/index.ts","../../server/src/validation/permission.ts","../../server/src/services/role.ts","../../server/src/services/passport/local-strategy.ts","../../server/src/services/passport.ts","../../server/src/services/metrics.ts","../../server/src/services/token.ts","../../server/src/validation/action-provider.ts","../../server/src/domain/action/provider.ts","../../server/src/domain/condition/index.ts","../../server/src/domain/condition/provider.ts","../../server/src/services/permission/permissions-manager/sanitize.ts","../../server/src/services/permission/permissions-manager/validate.ts","../../server/src/services/permission/permissions-manager/query-builders.ts","../../server/src/services/permission/permissions-manager/index.ts","../../server/src/services/permission/engine.ts","../../server/src/services/permission/sections-builder/section.ts","../../server/src/services/permission/sections-builder/builder.ts","../../server/src/services/permission/sections-builder/utils.ts","../../server/src/services/permission/sections-builder/handlers.ts","../../server/src/services/permission/sections-builder/index.ts","../../server/src/services/permission/queries.ts","../../server/src/services/permission.ts","../../server/src/services/content-type.ts","../../server/src/services/condition.ts","../../server/src/services/action.ts","../../server/src/services/api-token.ts","../../server/src/services/transfer/permission.ts","../../server/src/services/transfer/token.ts","../../server/src/services/transfer/utils.ts","../../server/src/services/project-settings.ts","../../server/src/services/index.ts","../../server/src/validation/project-settings.ts","../../server/src/controllers/admin.ts","../../server/src/validation/api-tokens.ts","../../server/src/controllers/api-token.ts","../../server/src/validation/user.ts","../../server/src/controllers/authenticated-user.ts","../../server/src/validation/authentication/register.ts","../../server/src/validation/authentication/forgot-password.ts","../../server/src/validation/authentication/reset-password.ts","../../server/src/validation/authentication/renew-token.ts","../../server/src/controllers/authentication.ts","../../server/src/controllers/formatters/conditions.ts","../../server/src/controllers/permission.ts","../../server/src/validation/role.ts","../../server/src/controllers/role.ts","../../server/src/controllers/transfer/runner.ts","../../server/src/validation/transfer/token.ts","../../server/src/controllers/transfer/token.ts","../../server/src/controllers/transfer/index.ts","../../server/src/controllers/user.ts","../../server/src/controllers/webhooks.ts","../../server/src/controllers/content-api.ts","../../server/src/controllers/index.ts","../../server/src/content-types/Permission.ts","../../server/src/content-types/User.ts","../../server/src/content-types/Role.ts","../../server/src/content-types/api-token.ts","../../server/src/content-types/api-token-permission.ts","../../server/src/content-types/transfer-token.ts","../../server/src/content-types/transfer-token-permission.ts","../../server/src/content-types/index.ts","../../server/src/middlewares/rateLimit.ts","../../server/src/middlewares/data-transfer.ts","../../server/src/middlewares/index.ts"],"sourcesContent":["const getService = (name) => {\n return strapi.service(`admin::${name}`);\n};\n\nexport { getService };\n","export const actions = [\n {\n uid: 'marketplace.read',\n displayName: 'Access the marketplace',\n pluginName: 'admin',\n section: 'settings',\n category: 'plugins and marketplace',\n subCategory: 'marketplace',\n },\n {\n uid: 'webhooks.create',\n displayName: 'Create',\n pluginName: 'admin',\n section: 'settings',\n category: 'webhooks',\n },\n {\n uid: 'webhooks.read',\n displayName: 'Read',\n pluginName: 'admin',\n section: 'settings',\n category: 'webhooks',\n },\n {\n uid: 'webhooks.update',\n displayName: 'Update',\n pluginName: 'admin',\n section: 'settings',\n category: 'webhooks',\n },\n {\n uid: 'webhooks.delete',\n displayName: 'Delete',\n pluginName: 'admin',\n section: 'settings',\n category: 'webhooks',\n },\n {\n uid: 'users.create',\n displayName: 'Create (invite)',\n pluginName: 'admin',\n section: 'settings',\n category: 'users and roles',\n subCategory: 'users',\n },\n {\n uid: 'users.read',\n displayName: 'Read',\n pluginName: 'admin',\n section: 'settings',\n category: 'users and roles',\n subCategory: 'users',\n },\n {\n uid: 'users.update',\n displayName: 'Update',\n pluginName: 'admin',\n section: 'settings',\n category: 'users and roles',\n subCategory: 'users',\n },\n {\n uid: 'users.delete',\n displayName: 'Delete',\n pluginName: 'admin',\n section: 'settings',\n category: 'users and roles',\n subCategory: 'users',\n },\n {\n uid: 'roles.create',\n displayName: 'Create',\n pluginName: 'admin',\n section: 'settings',\n category: 'users and roles',\n subCategory: 'roles',\n },\n {\n uid: 'roles.read',\n displayName: 'Read',\n pluginName: 'admin',\n section: 'settings',\n category: 'users and roles',\n subCategory: 'roles',\n },\n {\n uid: 'roles.update',\n displayName: 'Update',\n pluginName: 'admin',\n section: 'settings',\n category: 'users and roles',\n subCategory: 'roles',\n },\n {\n uid: 'roles.delete',\n displayName: 'Delete',\n pluginName: 'admin',\n section: 'settings',\n category: 'users and roles',\n subCategory: 'roles',\n },\n {\n uid: 'api-tokens.access',\n displayName: 'Access the API tokens settings page',\n pluginName: 'admin',\n section: 'settings',\n category: 'api tokens',\n subCategory: 'api Tokens',\n },\n {\n uid: 'api-tokens.create',\n displayName: 'Create (generate)',\n pluginName: 'admin',\n section: 'settings',\n category: 'api tokens',\n subCategory: 'general',\n },\n {\n uid: 'api-tokens.read',\n displayName: 'Read',\n pluginName: 'admin',\n section: 'settings',\n category: 'api tokens',\n subCategory: 'general',\n },\n {\n uid: 'api-tokens.update',\n displayName: 'Update',\n pluginName: 'admin',\n section: 'settings',\n category: 'api tokens',\n subCategory: 'general',\n },\n {\n uid: 'api-tokens.regenerate',\n displayName: 'Regenerate',\n pluginName: 'admin',\n section: 'settings',\n category: 'api tokens',\n subCategory: 'general',\n },\n {\n uid: 'api-tokens.delete',\n displayName: 'Delete (revoke)',\n pluginName: 'admin',\n section: 'settings',\n category: 'api tokens',\n subCategory: 'general',\n },\n {\n uid: 'project-settings.update',\n displayName: 'Update the project level settings',\n pluginName: 'admin',\n section: 'settings',\n category: 'project',\n },\n {\n uid: 'project-settings.read',\n displayName: 'Read the project level settings',\n pluginName: 'admin',\n section: 'settings',\n category: 'project',\n },\n {\n uid: 'transfer.tokens.access',\n displayName: 'Access the transfer tokens settings page',\n pluginName: 'admin',\n section: 'settings',\n category: 'transfer tokens',\n subCategory: 'transfer tokens',\n },\n {\n uid: 'transfer.tokens.create',\n displayName: 'Create (generate)',\n pluginName: 'admin',\n section: 'settings',\n category: 'transfer tokens',\n subCategory: 'general',\n },\n {\n uid: 'transfer.tokens.read',\n displayName: 'Read',\n pluginName: 'admin',\n section: 'settings',\n category: 'transfer tokens',\n subCategory: 'general',\n },\n {\n uid: 'transfer.tokens.update',\n displayName: 'Update',\n pluginName: 'admin',\n section: 'settings',\n category: 'transfer tokens',\n subCategory: 'general',\n },\n {\n uid: 'transfer.tokens.regenerate',\n displayName: 'Regenerate',\n pluginName: 'admin',\n section: 'settings',\n category: 'transfer tokens',\n subCategory: 'general',\n },\n {\n uid: 'transfer.tokens.delete',\n displayName: 'Delete (revoke)',\n pluginName: 'admin',\n section: 'settings',\n category: 'transfer tokens',\n subCategory: 'general',\n },\n];\n\nexport default {\n actions,\n};\n","// TODO: TS User and role type\ntype User = any;\ntype Role = any;\n\nexport const conditions = [\n {\n displayName: 'Is creator',\n name: 'is-creator',\n plugin: 'admin',\n handler: (user: User) => ({ 'createdBy.id': user.id }),\n },\n {\n displayName: 'Has same role as creator',\n name: 'has-same-role-as-creator',\n plugin: 'admin',\n handler: (user: User) => ({\n 'createdBy.roles': {\n $elemMatch: {\n id: {\n $in: user.roles.map((r: Role) => r.id),\n },\n },\n },\n }),\n },\n];\n\nexport default {\n conditions,\n};\n","import { merge, map, difference, uniq } from 'lodash/fp';\nimport type { Core } from '@strapi/types';\nimport { async } from '@strapi/utils';\nimport { getService } from './utils';\nimport adminActions from './config/admin-actions';\nimport adminConditions from './config/admin-conditions';\n\nconst defaultAdminAuthSettings = {\n providers: {\n autoRegister: false,\n defaultRole: null,\n ssoLockedRoles: null,\n },\n};\n\nconst registerPermissionActions = async () => {\n await getService('permission').actionProvider.registerMany(adminActions.actions);\n};\n\nconst registerAdminConditions = async () => {\n await getService('permission').conditionProvider.registerMany(adminConditions.conditions);\n};\n\nconst registerModelHooks = () => {\n const { sendDidChangeInterfaceLanguage } = getService('metrics');\n\n strapi.db.lifecycles.subscribe({\n models: ['admin::user'],\n afterCreate: sendDidChangeInterfaceLanguage,\n afterDelete: sendDidChangeInterfaceLanguage,\n afterUpdate({ params }) {\n if (params.data.preferedLanguage) {\n sendDidChangeInterfaceLanguage();\n }\n },\n });\n};\n\nconst syncAuthSettings = async () => {\n const adminStore = await strapi.store({ type: 'core', name: 'admin' });\n const adminAuthSettings = await adminStore.get({ key: 'auth' });\n const newAuthSettings = merge(defaultAdminAuthSettings, adminAuthSettings);\n\n const roleExists = await getService('role').exists({\n id: newAuthSettings.providers.defaultRole,\n });\n\n // Reset the default SSO role if it has been deleted manually\n if (!roleExists) {\n newAuthSettings.providers.defaultRole = null;\n }\n\n await adminStore.set({ key: 'auth', value: newAuthSettings });\n};\n\nconst syncAPITokensPermissions = async () => {\n const validPermissions = strapi.contentAPI.permissions.providers.action.keys();\n const permissionsInDB = await async.pipe(\n strapi.db.query('admin::api-token-permission').findMany,\n map('action')\n )();\n\n const unknownPermissions = uniq(difference(permissionsInDB, validPermissions));\n\n if (unknownPermissions.length > 0) {\n await strapi.db\n .query('admin::api-token-permission')\n .deleteMany({ where: { action: { $in: unknownPermissions } } });\n }\n};\n\nexport default async ({ strapi }: { strapi: Core.Strapi }) => {\n await registerAdminConditions();\n await registerPermissionActions();\n registerModelHooks();\n\n const permissionService = getService('permission');\n const userService = getService('user');\n const roleService = getService('role');\n const apiTokenService = getService('api-token');\n const transferService = getService('transfer');\n const tokenService = getService('token');\n\n await roleService.createRolesIfNoneExist();\n await roleService.resetSuperAdminPermissions();\n await roleService.displayWarningIfNoSuperAdmin();\n\n await permissionService.cleanPermissionsInDatabase();\n\n await userService.displayWarningIfUsersDontHaveRole();\n\n await syncAuthSettings();\n await syncAPITokensPermissions();\n\n await getService('metrics').sendUpdateProjectInformation(strapi);\n getService('metrics').startCron(strapi);\n\n apiTokenService.checkSaltIsDefined();\n transferService.token.checkSaltIsDefined();\n tokenService.checkSecretIsDefined();\n};\n","import type { Context, Next } from 'koa';\nimport { resolve, join, extname, basename } from 'path';\nimport fse from 'fs-extra';\nimport koaStatic from 'koa-static';\nimport type { Core } from '@strapi/types';\n\nconst registerAdminPanelRoute = ({ strapi }: { strapi: Core.Strapi }) => {\n let buildDir = resolve(strapi.dirs.dist.root, 'build');\n\n if (!fse.pathExistsSync(buildDir)) {\n buildDir = resolve(__dirname, '../../build');\n }\n\n const serveAdminMiddleware = async (ctx: Context, next: Next) => {\n await next();\n\n if (ctx.method !== 'HEAD' && ctx.method !== 'GET') {\n return;\n }\n\n if (ctx.body != null \|\| ctx.status !== 404) {\n return;\n }\n\n ctx.type = 'html';\n ctx.body = fse.createReadStream(join(buildDir, 'index.html'));\n };\n\n strapi.server.routes([\n {\n method: 'GET',\n path: `${strapi.config.admin.path}/:path`,\n handler: [\n serveAdminMiddleware,\n serveStatic(buildDir, {\n maxage: 31536000,\n defer: false,\n index: 'index.html',\n setHeaders(res: any, path: any) {\n const ext = extname(path);\n // publicly cache static files to avoid unnecessary network & disk access\n if (ext !== '.html') {\n res.setHeader('cache-control', 'public, max-age=31536000, immutable');\n }\n },\n }),\n ],\n config: { auth: false },\n },\n ]);\n};\n\n// serveStatic is not supposed to be used to serve a folder that have sub-folders\nconst serveStatic = (filesDir: any, koaStaticOptions = {}) => {\n const serve = koaStatic(filesDir, koaStaticOptions);\n\n return async (ctx: Context, next: Next) => {\n const prev = ctx.path;\n const newPath = basename(ctx.path);\n\n ctx.path = newPath;\n await serve(ctx, async () => {\n ctx.path = prev;\n await next();\n ctx.path = newPath;\n });\n ctx.path = prev;\n };\n};\n\nexport default registerAdminPanelRoute;\n","import type { Context } from 'koa';\nimport { getService } from '../utils';\n\n/* @type {import('.').AuthenticateFunction} /\nexport const authenticate = async (ctx: Context) => {\n const { authorization } = ctx.request.header;\n\n if (!authorization) {\n return { authenticated: false };\n }\n\n const parts = authorization.split(/\\s+/);\n\n if (parts[0].toLowerCase() !== 'bearer' \|\| parts.length !== 2) {\n return { authenticated: false };\n }\n\n const token = parts[1];\n const { payload, isValid } = getService('token').decodeJwtToken(token);\n\n if (!isValid) {\n return { authenticated: false };\n }\n\n const user = await strapi.db\n .query('admin::user')\n .findOne({ where: { id: payload.id }, populate: ['roles'] });\n\n if (!user \|\| !(user.isActive === true)) {\n return { authenticated: false };\n }\n\n const userAbility = await getService('permission').engine.generateUserAbility(user);\n\n // TODO: use the ability from ctx.state.auth instead of\n // ctx.state.userAbility, and remove the assign below\n ctx.state.userAbility = userAbility;\n ctx.state.user = user;\n\n return {\n authenticated: true,\n credentials: user,\n ability: userAbility,\n };\n};\n\nexport const name = 'admin';\n\n/* @type {import('.').AuthStrategy} /\nexport default {\n name,\n authenticate,\n};\n","const DAY_IN_MS = 24 60 * 60 * 1000;\n\nconst constants = {\n CONTENT_TYPE_SECTION: 'contentTypes',\n SUPER_ADMIN_CODE: 'strapi-super-admin',\n EDITOR_CODE: 'strapi-editor',\n AUTHOR_CODE: 'strapi-author',\n READ_ACTION: 'plugin::content-manager.explorer.read',\n CREATE_ACTION: 'plugin::content-manager.explorer.create',\n UPDATE_ACTION: 'plugin::content-manager.explorer.update',\n DELETE_ACTION: 'plugin::content-manager.explorer.delete',\n PUBLISH_ACTION: 'plugin::content-manager.explorer.publish',\n API_TOKEN_TYPE: {\n READ_ONLY: 'read-only',\n FULL_ACCESS: 'full-access',\n CUSTOM: 'custom',\n },\n // The front-end only displays these values\n API_TOKEN_LIFESPANS: {\n UNLIMITED: null,\n DAYS_7: 7 * DAY_IN_MS,\n DAYS_30: 30 * DAY_IN_MS,\n DAYS_90: 90 * DAY_IN_MS,\n },\n TRANSFER_TOKEN_TYPE: {\n PUSH: 'push',\n PULL: 'pull',\n },\n TRANSFER_TOKEN_LIFESPANS: {\n UNLIMITED: null,\n DAYS_7: 7 * DAY_IN_MS,\n DAYS_30: 30 * DAY_IN_MS,\n DAYS_90: 90 * DAY_IN_MS,\n },\n};\n\nexport default constants;\n","import type { Context } from 'koa';\nimport { castArray, isNil } from 'lodash/fp';\nimport { differenceInHours, parseISO } from 'date-fns';\nimport { errors } from '@strapi/utils';\nimport constants from '../services/constants';\nimport { getService } from '../utils';\nimport '@strapi/types';\n\nconst { UnauthorizedError, ForbiddenError } = errors;\n\nconst isReadScope = (scope: any) => scope.endsWith('find') \|\| scope.endsWith('findOne');\n\nconst extractToken = (ctx: Context) => {\n if (ctx.request && ctx.request.header && ctx.request.header.authorization) {\n const parts = ctx.request.header.authorization.split(/\\s+/);\n\n if (parts[0].toLowerCase() !== 'bearer' \|\| parts.length !== 2) {\n return null;\n }\n\n return parts[1];\n }\n\n return null;\n};\n\n/*\n Authenticate the validity of the token\n /\nexport const authenticate = async (ctx: Context) => {\n const apiTokenService = getService('api-token');\n const token = extractToken(ctx);\n\n if (!token) {\n return { authenticated: false };\n }\n\n const apiToken = await apiTokenService.getBy({\n accessKey: apiTokenService.hash(token),\n });\n\n // token not found\n if (!apiToken) {\n return { authenticated: false };\n }\n\n const currentDate = new Date();\n\n if (!isNil(apiToken.expiresAt)) {\n const expirationDate = new Date(apiToken.expiresAt);\n // token has expired\n if (expirationDate < currentDate) {\n return { authenticated: false, error: new UnauthorizedError('Token expired') };\n }\n }\n\n // update lastUsedAt if the token has not been used in the last hour\n // @ts-expect-error - FIXME: verify lastUsedAt is defined\n const hoursSinceLastUsed = differenceInHours(currentDate, parseISO(apiToken.lastUsedAt));\n if (hoursSinceLastUsed >= 1) {\n await strapi.db.query('admin::api-token').update({\n where: { id: apiToken.id },\n data: { lastUsedAt: currentDate },\n });\n }\n\n if (apiToken.type === constants.API_TOKEN_TYPE.CUSTOM) {\n const ability = await strapi.contentAPI.permissions.engine.generateAbility(\n apiToken.permissions.map((action: any) => ({ action }))\n );\n\n return { authenticated: true, ability, credentials: apiToken };\n }\n\n return { authenticated: true, credentials: apiToken };\n};\n\n/\n Verify the token has the required abilities for the requested scope\n \n @type {import('.').VerifyFunction}\n /\nexport const verify = (auth: any, config: any) => {\n const { credentials: apiToken, ability } = auth;\n\n if (!apiToken) {\n throw new UnauthorizedError('Token not found');\n }\n\n const currentDate = new Date();\n\n if (!isNil(apiToken.expiresAt)) {\n const expirationDate = new Date(apiToken.expiresAt);\n // token has expired\n if (expirationDate < currentDate) {\n throw new UnauthorizedError('Token expired');\n }\n }\n\n // Full access\n if (apiToken.type === constants.API_TOKEN_TYPE.FULL_ACCESS) {\n return;\n }\n\n // Read only\n if (apiToken.type === constants.API_TOKEN_TYPE.READ_ONLY) {\n /\n If you don't have `full-access` you can only access `find` and `findOne`\n * scopes. If the route has no scope, then you can't get access to it.\n /\n const scopes = castArray(config.scope);\n\n if (config.scope && scopes.every(isReadScope)) {\n return;\n }\n }\n\n // Custom\n else if (apiToken.type === constants.API_TOKEN_TYPE.CUSTOM) {\n if (!ability) {\n throw new ForbiddenError();\n }\n\n const scopes = castArray(config.scope);\n\n const isAllowed = scopes.every((scope) => ability.can(scope));\n\n if (isAllowed) {\n return;\n }\n }\n\n throw new ForbiddenError();\n};\n\nexport const name = 'api-token';\n\nexport default {\n name: 'api-token',\n authenticate,\n verify,\n};\n","import type { Core } from '@strapi/types';\nimport registerAdminPanelRoute from './routes/serve-admin-panel';\nimport adminAuthStrategy from './strategies/admin';\nimport apiTokenAuthStrategy from './strategies/api-token';\n\nexport default ({ strapi }: { strapi: Core.Strapi }) => {\n const passportMiddleware = strapi.service('admin::passport').init();\n\n strapi.server.api('admin').use(passportMiddleware);\n strapi.get('auth').register('admin', adminAuthStrategy);\n strapi.get('auth').register('content-api', apiTokenAuthStrategy);\n\n if (strapi.config.get('admin.serveAdminPanel')) {\n registerAdminPanelRoute({ strapi });\n }\n};\n","import { getService } from './utils';\n\nexport default async () => {\n const { conditionProvider, actionProvider } = getService('permission');\n\n await conditionProvider.clear();\n await actionProvider.clear();\n};\n","const subject = `Reset password`;\n\nconst html = `<p>We heard that you lost your password. Sorry about that!</p>\n\n<p>But don’t worry! You can use the following link to reset your password:</p>\n\n<p><%= url %></p>\n\n<p>Thanks.</p>`;\n\nconst text = `We heard that you lost your password. Sorry about that!\n\nBut don’t worry! You can use the following link to reset your password:\n\n<%= url %>\n\nThanks.`;\n\nexport default { subject, text, html };\n","import forgotPasswordTemplate from './email-templates/forgot-password';\n\nexport const forgotPassword = {\n emailTemplate: forgotPasswordTemplate,\n};\n\nexport default {\n forgotPassword,\n};\n","export default (policyCtx: any) => {\n return Boolean(policyCtx.state.isAuthenticated);\n};\n","import _ from 'lodash';\nimport { yup, validateYupSchema } from '@strapi/utils';\n\nconst hasPermissionsSchema = yup.object({\n actions: yup.array().of(\n // @ts-expect-error yup types\n yup.lazy((val) => {\n if (_.isArray(val)) {\n return yup.array().of(yup.string()).min(1).max(2);\n }\n\n if (_.isString(val)) {\n return yup.string().required();\n }\n\n return yup.object().shape({\n action: yup.string().required(),\n subject: yup.string(),\n });\n })\n ),\n});\n\nexport const validateHasPermissionsInput = validateYupSchema(hasPermissionsSchema);\n\nexport default {\n validateHasPermissionsInput,\n};\n","import _ from 'lodash';\nimport { policy } from '@strapi/utils';\nimport { validateHasPermissionsInput } from '../validation/policies/hasPermissions';\n\nconst { createPolicy } = policy;\n\nconst inputModifiers = [\n {\n check: _.isString,\n transform: (action: any) => ({ action }),\n },\n {\n check: _.isArray,\n transform: (arr: any) => ({ action: arr[0], subject: arr[1] }),\n },\n {\n // Has to be after the isArray check since _.isObject also matches arrays\n check: _.isObject,\n transform: (perm: any) => perm,\n },\n];\n\nexport default createPolicy({\n name: 'admin::hasPermissions',\n validator: validateHasPermissionsInput,\n handler(ctx, config) {\n const { actions } = config;\n const { userAbility: ability } = ctx.state;\n\n const permissions = actions.map((action: any) =>\n inputModifiers.find((modifier) => modifier.check(action))?.transform(action)\n );\n\n const isAuthorized = permissions.every(({ action, subject }: any) =>\n ability.can(action, subject)\n );\n\n return isAuthorized;\n },\n});\n","import { policy } from '@strapi/utils';\n\n// TODO: TS - Try to make { policy: { createPolicy } } from '@strapi/utils'; work\nconst { createPolicy } = policy;\n\n/\n This policy is used for routes dealing with telemetry and analytics content.\n * It will fails when the telemetry has been disabled on the server.\n /\nexport default createPolicy({\n name: 'admin::isTelemetryEnabled',\n handler(_ctx, _config, { strapi }) {\n if (strapi.telemetry.isDisabled) {\n return false;\n }\n },\n});\n","import isAuthenticatedAdmin from './isAuthenticatedAdmin';\nimport hasPermissions from './hasPermissions';\nimport isTelemetryEnabled from './isTelemetryEnabled';\n\nexport default { isAuthenticatedAdmin, hasPermissions, isTelemetryEnabled };\n","export default [\n {\n method: 'GET',\n path: '/init',\n handler: 'admin.init',\n config: { auth: false },\n },\n {\n method: 'GET',\n path: '/project-settings',\n handler: 'admin.getProjectSettings',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n {\n name: 'admin::hasPermissions',\n config: { actions: ['admin::project-settings.read'] },\n },\n ],\n },\n },\n {\n method: 'POST',\n path: '/project-settings',\n handler: 'admin.updateProjectSettings',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n {\n name: 'admin::hasPermissions',\n config: { actions: ['admin::project-settings.update'] },\n },\n ],\n },\n },\n {\n method: 'GET',\n path: '/project-type',\n handler: 'admin.getProjectType',\n config: { auth: false },\n },\n {\n method: 'GET',\n path: '/information',\n handler: 'admin.information',\n config: {\n policies: ['admin::isAuthenticatedAdmin'],\n },\n },\n {\n method: 'GET',\n path: '/telemetry-properties',\n handler: 'admin.telemetryProperties',\n config: {\n policies: ['admin::isAuthenticatedAdmin'],\n },\n },\n {\n method: 'GET',\n path: '/plugins',\n handler: 'admin.plugins',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::marketplace.read'] } },\n ],\n },\n },\n];\n","export default [\n {\n method: 'POST',\n path: '/login',\n handler: 'authentication.login',\n config: {\n auth: false,\n middlewares: ['admin::rateLimit'],\n },\n },\n {\n method: 'POST',\n path: '/renew-token',\n handler: 'authentication.renewToken',\n config: { auth: false },\n },\n {\n method: 'POST',\n path: '/register-admin',\n handler: 'authentication.registerAdmin',\n config: { auth: false },\n },\n {\n method: 'GET',\n path: '/registration-info',\n handler: 'authentication.registrationInfo',\n config: { auth: false },\n },\n {\n method: 'POST',\n path: '/register',\n handler: 'authentication.register',\n config: { auth: false },\n },\n {\n method: 'POST',\n path: '/forgot-password',\n handler: 'authentication.forgotPassword',\n config: { auth: false },\n },\n {\n method: 'POST',\n path: '/reset-password',\n handler: 'authentication.resetPassword',\n config: { auth: false },\n },\n {\n method: 'POST',\n path: '/logout',\n handler: 'authentication.logout',\n config: {\n policies: ['admin::isAuthenticatedAdmin'],\n },\n },\n];\n","export default [\n {\n method: 'GET',\n path: '/permissions',\n handler: 'permission.getAll',\n config: {\n policies: ['admin::isAuthenticatedAdmin'],\n },\n },\n {\n method: 'POST',\n path: '/permissions/check',\n handler: 'permission.check',\n config: {\n policies: ['admin::isAuthenticatedAdmin'],\n },\n },\n];\n","export default [\n {\n method: 'GET',\n path: '/users/me',\n handler: 'authenticated-user.getMe',\n config: {\n policies: ['admin::isAuthenticatedAdmin'],\n },\n },\n {\n method: 'PUT',\n path: '/users/me',\n handler: 'authenticated-user.updateMe',\n config: {\n policies: ['admin::isAuthenticatedAdmin'],\n },\n },\n {\n method: 'GET',\n path: '/users/me/permissions',\n handler: 'authenticated-user.getOwnPermissions',\n config: {\n policies: ['admin::isAuthenticatedAdmin'],\n },\n },\n {\n method: 'POST',\n path: '/users',\n handler: 'user.create',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::users.create'] } },\n ],\n },\n },\n {\n method: 'GET',\n path: '/users',\n handler: 'user.find',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::users.read'] } },\n ],\n },\n },\n {\n method: 'GET',\n path: '/users/:id',\n handler: 'user.findOne',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::users.read'] } },\n ],\n },\n },\n {\n method: 'PUT',\n path: '/users/:id',\n handler: 'user.update',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::users.update'] } },\n ],\n },\n },\n {\n method: 'DELETE',\n path: '/users/:id',\n handler: 'user.deleteOne',\n config: {\n policies: [{ name: 'admin::hasPermissions', config: { actions: ['admin::users.delete'] } }],\n },\n },\n {\n method: 'POST',\n path: '/users/batch-delete',\n handler: 'user.deleteMany',\n config: {\n policies: [{ name: 'admin::hasPermissions', config: { actions: ['admin::users.delete'] } }],\n },\n },\n];\n","export default [\n {\n method: 'GET',\n path: '/roles/:id/permissions',\n handler: 'role.getPermissions',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::roles.read'] } },\n ],\n },\n },\n {\n method: 'PUT',\n path: '/roles/:id/permissions',\n handler: 'role.updatePermissions',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::roles.update'] } },\n ],\n },\n },\n {\n method: 'GET',\n path: '/roles/:id',\n handler: 'role.findOne',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::roles.read'] } },\n ],\n },\n },\n {\n method: 'GET',\n path: '/roles',\n handler: 'role.findAll',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::roles.read'] } },\n ],\n },\n },\n {\n method: 'POST',\n path: '/roles',\n handler: 'role.create',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n {\n name: 'admin::hasPermissions',\n config: {\n actions: ['admin::roles.create'],\n },\n },\n ],\n },\n },\n {\n method: 'PUT',\n path: '/roles/:id',\n handler: 'role.update',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::roles.update'] } },\n ],\n },\n },\n {\n method: 'DELETE',\n path: '/roles/:id',\n handler: 'role.deleteOne',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n {\n name: 'admin::hasPermissions',\n config: {\n actions: ['admin::roles.delete'],\n },\n },\n ],\n },\n },\n {\n method: 'POST',\n path: '/roles/batch-delete',\n handler: 'role.deleteMany',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n {\n name: 'admin::hasPermissions',\n config: {\n actions: ['admin::roles.delete'],\n },\n },\n ],\n },\n },\n];\n","export default [\n {\n method: 'GET',\n path: '/webhooks',\n handler: 'webhooks.listWebhooks',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::webhooks.read'] } },\n ],\n },\n },\n {\n method: 'POST',\n path: '/webhooks',\n handler: 'webhooks.createWebhook',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::webhooks.create'] } },\n ],\n },\n },\n {\n method: 'GET',\n path: '/webhooks/:id',\n handler: 'webhooks.getWebhook',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::webhooks.read'] } },\n ],\n },\n },\n {\n method: 'PUT',\n path: '/webhooks/:id',\n handler: 'webhooks.updateWebhook',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::webhooks.update'] } },\n ],\n },\n },\n {\n method: 'DELETE',\n path: '/webhooks/:id',\n handler: 'webhooks.deleteWebhook',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::webhooks.delete'] } },\n ],\n },\n },\n {\n method: 'POST',\n path: '/webhooks/batch-delete',\n handler: 'webhooks.deleteWebhooks',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::webhooks.delete'] } },\n ],\n },\n },\n {\n method: 'POST',\n path: '/webhooks/:id/trigger',\n handler: 'webhooks.triggerWebhook',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::webhooks.update'] } },\n ],\n },\n },\n];\n","export default [\n {\n method: 'POST',\n path: '/api-tokens',\n handler: 'api-token.create',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::api-tokens.create'] } },\n ],\n },\n },\n {\n method: 'GET',\n path: '/api-tokens',\n handler: 'api-token.list',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::api-tokens.read'] } },\n ],\n },\n },\n {\n method: 'DELETE',\n path: '/api-tokens/:id',\n handler: 'api-token.revoke',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::api-tokens.delete'] } },\n ],\n },\n },\n {\n method: 'GET',\n path: '/api-tokens/:id',\n handler: 'api-token.get',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::api-tokens.read'] } },\n ],\n },\n },\n {\n method: 'PUT',\n path: '/api-tokens/:id',\n handler: 'api-token.update',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::api-tokens.update'] } },\n ],\n },\n },\n {\n method: 'POST',\n path: '/api-tokens/:id/regenerate',\n handler: 'api-token.regenerate',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::api-tokens.regenerate'] } },\n ],\n },\n },\n];\n","export default [\n {\n method: 'GET',\n path: '/content-api/permissions',\n handler: 'content-api.getPermissions',\n config: {\n policies: ['admin::isAuthenticatedAdmin'],\n },\n },\n {\n method: 'GET',\n path: '/content-api/routes',\n handler: 'content-api.getRoutes',\n config: {\n policies: ['admin::isAuthenticatedAdmin'],\n },\n },\n];\n","import type { Context } from 'koa';\nimport { differenceInHours, parseISO } from 'date-fns';\nimport { errors } from '@strapi/utils';\nimport { castArray, isNil } from 'lodash/fp';\n\nimport { getService } from '../utils';\n\nconst { UnauthorizedError, ForbiddenError } = errors;\n\nconst extractToken = (ctx: Context) => {\n if (ctx.request && ctx.request.header && ctx.request.header.authorization) {\n const parts = ctx.request.header.authorization.split(/\\s+/);\n\n if (parts[0].toLowerCase() !== 'bearer' \|\| parts.length !== 2) {\n return null;\n }\n\n return parts[1];\n }\n\n return null;\n};\n\n/\n Authenticate the validity of the token\n \n @type {import('.').AuthenticateFunction}\n /\nexport const authenticate = async (ctx: Context) => {\n const { token: tokenService } = getService('transfer');\n const token = extractToken(ctx);\n\n if (!token) {\n return { authenticated: false };\n }\n\n const transferToken = await tokenService.getBy({ accessKey: tokenService.hash(token) });\n\n // Check if the token exists\n if (!transferToken) {\n return { authenticated: false };\n }\n\n // Check if the token has expired\n const currentDate = new Date();\n\n if (!isNil(transferToken.expiresAt)) {\n const expirationDate = new Date(transferToken.expiresAt);\n\n if (expirationDate < currentDate) {\n return { authenticated: false, error: new UnauthorizedError('Token expired') };\n }\n }\n\n // Update token metadata if the token has not been used in the last hour\n // @ts-expect-error - FIXME: verify lastUsedAt is defined\n const hoursSinceLastUsed = differenceInHours(currentDate, parseISO(transferToken.lastUsedAt));\n if (hoursSinceLastUsed >= 1) {\n await strapi.db.query('admin::api-token').update({\n where: { id: transferToken.id },\n data: { lastUsedAt: currentDate },\n });\n }\n\n // Generate an ability based on the token permissions\n const ability = await getService('transfer').permission.engine.generateAbility(\n transferToken.permissions.map((action: any) => ({ action }))\n );\n\n return { authenticated: true, ability, credentials: transferToken };\n};\n\n/\n Verify the token has the required abilities for the requested scope\n \n @type {import('.').VerifyFunction}\n /\nexport const verify = async (auth: any, config: any = {}) => {\n const { credentials: transferToken, ability } = auth;\n\n if (!transferToken) {\n throw new UnauthorizedError('Token not found');\n }\n\n const currentDate = new Date();\n\n if (!isNil(transferToken.expiresAt)) {\n const expirationDate = new Date(transferToken.expiresAt);\n // token has expired\n if (expirationDate < currentDate) {\n throw new UnauthorizedError('Token expired');\n }\n }\n\n if (!ability) {\n throw new ForbiddenError();\n }\n\n const scopes = castArray(config.scope ?? []);\n\n const isAllowed = scopes.every((scope) => ability.can(scope));\n\n if (!isAllowed) {\n throw new ForbiddenError();\n }\n};\n\nexport const name = 'data-transfer';\n\n/* @type {import('.').AuthStrategy} /\nexport default {\n name,\n authenticate,\n verify,\n};\n","import dataTransferAuthStrategy from '../strategies/data-transfer';\n\nexport default [\n // Transfer Push\n {\n method: 'GET',\n path: '/transfer/runner/push',\n handler: 'transfer.runner-push',\n config: {\n middlewares: ['admin::data-transfer'],\n auth: { strategies: [dataTransferAuthStrategy], scope: ['push'] },\n },\n },\n // Transfer Pull\n {\n method: 'GET',\n path: '/transfer/runner/pull',\n handler: 'transfer.runner-pull',\n config: {\n middlewares: ['admin::data-transfer'],\n auth: { strategies: [dataTransferAuthStrategy], scope: ['pull'] },\n },\n },\n // Transfer Tokens\n {\n method: 'POST',\n path: '/transfer/tokens',\n handler: 'transfer.token-create',\n config: {\n middlewares: ['admin::data-transfer'],\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::transfer.tokens.create'] } },\n ],\n },\n },\n {\n method: 'GET',\n path: '/transfer/tokens',\n handler: 'transfer.token-list',\n config: {\n middlewares: ['admin::data-transfer'],\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::transfer.tokens.read'] } },\n ],\n },\n },\n {\n method: 'DELETE',\n path: '/transfer/tokens/:id',\n handler: 'transfer.token-revoke',\n config: {\n middlewares: ['admin::data-transfer'],\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::transfer.tokens.delete'] } },\n ],\n },\n },\n {\n method: 'GET',\n path: '/transfer/tokens/:id',\n handler: 'transfer.token-getById',\n config: {\n middlewares: ['admin::data-transfer'],\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::transfer.tokens.read'] } },\n ],\n },\n },\n {\n method: 'PUT',\n path: '/transfer/tokens/:id',\n handler: 'transfer.token-update',\n config: {\n middlewares: ['admin::data-transfer'],\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::transfer.tokens.update'] } },\n ],\n },\n },\n {\n method: 'POST',\n path: '/transfer/tokens/:id/regenerate',\n handler: 'transfer.token-regenerate',\n config: {\n middlewares: ['admin::data-transfer'],\n policies: [\n 'admin::isAuthenticatedAdmin',\n {\n name: 'admin::hasPermissions',\n config: { actions: ['admin::transfer.tokens.regenerate'] },\n },\n ],\n },\n },\n];\n","import admin from './admin';\nimport authentication from './authentication';\nimport permissions from './permissions';\nimport users from './users';\nimport roles from './roles';\nimport webhooks from './webhooks';\nimport apiTokens from './api-tokens';\nimport contentApi from './content-api';\nimport transfer from './transfer';\n\nconst routes = {\n admin: {\n type: 'admin',\n routes: [\n ...admin,\n ...authentication,\n ...permissions,\n ...users,\n ...roles,\n ...webhooks,\n ...apiTokens,\n ...contentApi,\n ...transfer,\n ],\n },\n};\n\nexport default routes;\n","import bcrypt from 'bcryptjs';\nimport _ from 'lodash';\nimport { errors } from '@strapi/utils';\nimport { getService } from '../utils';\nimport type { AdminUser } from '../../../shared/contracts/shared';\nimport '@strapi/types';\n\nconst { ApplicationError } = errors;\n\n/\n hashes a password\n * @param password - password to hash\n * @returns hashed password\n /\nconst hashPassword = (password: string) => bcrypt.hash(password, 10);\n\n/\n Validate a password\n * @param password\n * @param hash\n * @returns {Promise<boolean>} is the password valid\n /\nconst validatePassword = (password: string, hash: string) => bcrypt.compare(password, hash);\n\n/\n Check login credentials\n * @param email the users email address\n * @param password the users password\n /\nconst checkCredentials = async ({ email, password }: { email: string; password: string }) => {\n const user: AdminUser = await strapi.db.query('admin::user').findOne({ where: { email } });\n\n if (!user \|\| !user.password) {\n return [null, false, { message: 'Invalid credentials' }];\n }\n\n const isValid = await validatePassword(password, user.password);\n\n if (!isValid) {\n return [null, false, { message: 'Invalid credentials' }];\n }\n\n if (!(user.isActive === true)) {\n return [null, false, { message: 'User not active' }];\n }\n\n return [null, user];\n};\n\n/\n Send an email to the user if it exists or do nothing\n * @param email user email for which to reset the password\n /\nconst forgotPassword = async ({ email } = {} as { email: string }) => {\n const user: AdminUser = await strapi.db\n .query('admin::user')\n .findOne({ where: { email, isActive: true } });\n if (!user) {\n return;\n }\n\n const resetPasswordToken = getService('token').createToken();\n await getService('user').updateById(user.id, { resetPasswordToken });\n\n // Send an email to the admin.\n const url = `${strapi.config.get(\n 'admin.absoluteUrl'\n )}/auth/reset-password?code=${resetPasswordToken}`;\n\n return strapi\n .plugin('email')\n .service('email')\n .sendTemplatedEmail(\n {\n to: user.email,\n from: strapi.config.get('admin.forgotPassword.from'),\n replyTo: strapi.config.get('admin.forgotPassword.replyTo'),\n },\n strapi.config.get('admin.forgotPassword.emailTemplate'),\n {\n url,\n user: _.pick(user, ['email', 'firstname', 'lastname', 'username']),\n }\n )\n .catch((err: unknown) => {\n // log error server side but do not disclose it to the user to avoid leaking informations\n strapi.log.error(err);\n });\n};\n\n/\n Reset a user password\n * @param resetPasswordToken token generated to request a password reset\n * @param password new user password\n /\nconst resetPassword = async (\n { resetPasswordToken, password } = {} as { resetPasswordToken: string; password: string }\n) => {\n const matchingUser: AdminUser \| undefined = await strapi.db\n .query('admin::user')\n .findOne({ where: { resetPasswordToken, isActive: true } });\n\n if (!matchingUser) {\n throw new ApplicationError();\n }\n\n return getService('user').updateById(matchingUser.id, {\n password,\n resetPasswordToken: null,\n });\n};\n\nexport default { checkCredentials, validatePassword, hashPassword, forgotPassword, resetPassword };\n","import constants from '../services/constants';\n\nimport type {\n AdminUser,\n AdminRole,\n AdminUserCreationPayload,\n} from '../../../shared/contracts/shared';\n\nconst { SUPER_ADMIN_CODE } = constants;\n\n/\n Create a new user model by merging default and specified attributes\n * @param attributes A partial user object\n /\nexport function createUser(attributes: Partial<AdminUserCreationPayload>) {\n return {\n roles: [],\n isActive: false,\n username: null,\n ...attributes,\n };\n}\n\nexport const hasSuperAdminRole = (user: AdminUser) => {\n return user.roles.filter((role: AdminRole) => role.code === SUPER_ADMIN_CODE).length > 0;\n};\n\nexport const ADMIN_USER_ALLOWED_FIELDS = ['id', 'firstname', 'lastname', 'username'];\n\nexport default {\n createUser,\n hasSuperAdminRole,\n ADMIN_USER_ALLOWED_FIELDS,\n};\n","import type { Utils } from '@strapi/types';\n\nimport { curry, pipe, merge, set, pick, omit, includes, isArray, prop } from 'lodash/fp';\n\nexport type Action = {\n actionId: string; // The unique identifier of the action\n section: string; // The section linked to the action - These can be 'contentTypes' \| 'plugins' \| 'settings' \| 'internal'\n displayName: string; // The human readable name of an action\n category: string; // The main category of an action\n subCategory?: string; // The secondary category of an action (only for settings and plugins section)\n pluginName?: string; // The plugin which provide the action\n subjects?: string[]; // A list of subjects on which the action can be applied\n options: {\n // The options of an action\n applyToProperties: string[] \| null; // The list of properties that can be associated with an action\n };\n};\n\n/\n Set of attributes used to create a new {@link Action} object\n * @typedef {Action, { uid: string }} CreateActionPayload\n /\nexport type CreateActionPayload = Utils.Intersect<\n [\n Utils.Object.PartialBy<\n // Action Id is computed from the uid value\n Omit<Action, 'actionId'>,\n // Options is filled with default values\n 'options'\n >,\n { uid: string },\n ]\n>;\n\n/\n Return the default attributes of a new {@link Action}\n * @return Partial<Action>\n /\nconst getDefaultActionAttributes = (): Partial<Action> => ({\n options: {\n applyToProperties: null,\n },\n});\n\n/\n Get the list of all the valid attributes of an {@link Action}\n /\nconst actionFields = [\n 'section',\n 'displayName',\n 'category',\n 'subCategory',\n 'pluginName',\n 'subjects',\n 'options',\n 'actionId',\n] as const;\n\n/\n Remove unwanted attributes from an {@link Action}\n /\nconst sanitizeActionAttributes = pick(actionFields) as (\n action: Action \| CreateActionPayload\n) => Action;\n\n/\n Create and return an identifier for an {@link CreateActionPayload}.\n * The format is based on the action's source ({@link CreateActionPayload.pluginName} or 'application') and {@link CreateActionPayload.uid}.\n * @param {CreateActionPayload} attributes\n * @return {string}\n /\n// TODO: TS - Use Common.UID\nconst computeActionId = (attributes: CreateActionPayload): string => {\n const { pluginName, uid } = attributes;\n\n if (!pluginName) {\n return `api::${uid}`;\n }\n\n if (pluginName === 'admin') {\n return `admin::${uid}`;\n }\n\n return `plugin::${pluginName}.${uid}`;\n};\n\n/\n Assign an actionId attribute to an {@link CreateActionPayload} object\n /\nconst assignActionId = (attrs: CreateActionPayload) =>\n set('actionId', computeActionId(attrs), attrs);\n\n/\n Transform an action by adding or removing the {@link Action.subCategory} attribute\n * @param {Action} action - The action to process\n * @return {Action}\n /\nconst assignOrOmitSubCategory = (action: Action): Action => {\n const shouldHaveSubCategory = ['settings', 'plugins'].includes(action.section);\n\n return shouldHaveSubCategory\n ? set('subCategory', action.subCategory \|\| 'general', action)\n : omit('subCategory', action);\n};\n\n/\n Check if a property can be applied to an {@link Action}\n /\nconst appliesToProperty = curry((property: string, action: Action): boolean => {\n return pipe(prop('options.applyToProperties'), includes(property))(action);\n});\n\n/\n Check if an action applies to a subject\n /\nconst appliesToSubject = curry((subject: string, action: Action): boolean => {\n return isArray(action.subjects) && includes(subject, action.subjects);\n});\n\n/\n Transform the given attributes into a domain representation of an Action\n /\nconst create: (payload: CreateActionPayload) => Action = pipe(\n // Create and assign an action identifier to the action\n // (need to be done before the sanitizeActionAttributes since we need the uid here)\n assignActionId,\n // Add or remove the sub category field based on the pluginName attribute\n assignOrOmitSubCategory,\n // Remove unwanted attributes from the payload\n sanitizeActionAttributes,\n // Complete the action creation by adding default values for some attributes\n merge(getDefaultActionAttributes())\n);\n\nexport default {\n actionFields,\n appliesToProperty,\n appliesToSubject,\n assignActionId,\n assignOrOmitSubCategory,\n create,\n computeActionId,\n getDefaultActionAttributes,\n sanitizeActionAttributes,\n};\n","import _ from 'lodash';\n\nconst checkFieldsAreCorrectlyNested = (fields: unknown) => {\n if (_.isNil(fields)) {\n // Only check if the fields exist\n return true;\n }\n if (!Array.isArray(fields)) {\n return false;\n }\n\n let failed = false;\n for (let indexA = 0; indexA < fields.length; indexA += 1) {\n failed = fields\n .slice(indexA + 1)\n .some(\n (fieldB) =>\n fieldB.startsWith(`${fields[indexA]}.`) \|\| fields[indexA].startsWith(`${fieldB}.`)\n );\n if (failed) break;\n }\n\n return !failed;\n};\n\nexport default checkFieldsAreCorrectlyNested;\n","import _ from 'lodash';\n\nconst checkFieldsDontHaveDuplicates = (fields: unknown) => {\n if (_.isNil(fields)) {\n // Only check if the fields exist\n return true;\n }\n if (!Array.isArray(fields)) {\n return false;\n }\n\n return _.uniq(fields).length === fields.length;\n};\n\nexport default checkFieldsDontHaveDuplicates;\n","import { yup } from '@strapi/utils';\nimport _ from 'lodash';\nimport { isEmpty, has, isNil, isArray } from 'lodash/fp';\nimport { getService } from '../utils';\nimport actionDomain, { type Action } from '../domain/action';\nimport { checkFieldsAreCorrectlyNested, checkFieldsDontHaveDuplicates } from './common-functions';\nimport actions from '../domain/action/index';\n\nconst { actionFields } = actions;\n\nconst getActionFromProvider = (actionId: string) => {\n return getService('permission').actionProvider.get(actionId);\n};\n\nexport const email = yup.string().email().lowercase();\n\nexport const firstname = yup.string().trim().min(1);\n\nexport const lastname = yup.string();\n\nexport const username = yup.string().min(1);\n\nexport const password = yup\n .string()\n .min(8)\n .matches(/[a-z]/, '${path} must contain at least one lowercase character')\n .matches(/[A-Z]/, '${path} must contain at least one uppercase character')\n .matches(/\\d/, '${path} must contain at least one number');\n\nexport const roles = yup.array(yup.strapiID()).min(1);\n\nconst isAPluginName = yup\n .string()\n .test('is-a-plugin-name', 'is not a plugin name', function (value) {\n return [undefined, 'admin', ...Object.keys(strapi.plugins)].includes(value)\n ? true\n : this.createError({ path: this.path, message: `${this.path} is not an existing plugin` });\n });\n\nexport const arrayOfConditionNames = yup\n .array()\n .of(yup.string())\n .test('is-an-array-of-conditions', 'is not a plugin name', function (value) {\n const ids = strapi.service('admin::permission').conditionProvider.keys();\n return _.isUndefined(value) \|\| _.difference(value, ids).length === 0\n ? true\n : this.createError({ path: this.path, message: `contains conditions that don't exist` });\n });\n\nexport const permissionsAreEquals = (a: any, b: any) =>\n a.action === b.action && (a.subject === b.subject \|\| (_.isNil(a.subject) && _.isNil(b.subject)));\n\nconst checkNoDuplicatedPermissions = (permissions: unknown) =>\n !Array.isArray(permissions) \|\|\n permissions.every((permA, i) =>\n permissions.slice(i + 1).every((permB) => !permissionsAreEquals(permA, permB))\n );\n\nconst checkNilFields = (action: Action) =>\n function (fields: typeof actionFields) {\n // If the parent has no action field, then we ignore this test\n if (isNil(action)) {\n return true;\n }\n\n return actionDomain.appliesToProperty('fields', action) \|\| isNil(fields);\n };\n\nconst fieldsPropertyValidation = (action: Action) =>\n yup\n .array()\n .of(yup.string())\n .nullable()\n .test(\n 'field-nested',\n 'Fields format are incorrect (bad nesting).',\n checkFieldsAreCorrectlyNested\n )\n .test(\n 'field-nested',\n 'Fields format are incorrect (duplicates).',\n checkFieldsDontHaveDuplicates\n )\n .test(\n 'fields-restriction',\n 'The permission at ${path} must have fields set to null or undefined',\n // @ts-expect-error yup types\n checkNilFields(action)\n );\n\nexport const permission = yup\n .object()\n .shape({\n action: yup\n .string()\n .required()\n .test('action-validity', 'action is not an existing permission action', function (actionId) {\n // If the action field is Nil, ignore the test and let the required check handle the error\n if (isNil(actionId)) {\n return true;\n }\n\n return !!getActionFromProvider(actionId);\n }),\n actionParameters: yup.object().nullable(),\n subject: yup\n .string()\n .nullable()\n .test('subject-validity', 'Invalid subject submitted', function (subject) {\n // @ts-expect-error yup types\n const action = getActionFromProvider(this.options.parent.action);\n\n if (!action) {\n return true;\n }\n\n if (isNil(action.subjects)) {\n return isNil(subject);\n }\n\n if (isArray(action.subjects)) {\n return action.subjects.includes(subject);\n }\n\n return false;\n }),\n properties: yup\n .object()\n .test('properties-structure', 'Invalid property set at ${path}', function (properties) {\n // @ts-expect-error yup types\n const action = getActionFromProvider(this.options.parent.action) as any;\n const hasNoProperties = isEmpty(properties) \|\| isNil(properties);\n\n if (!has('options.applyToProperties', action)) {\n return hasNoProperties;\n }\n\n if (hasNoProperties) {\n return true;\n }\n\n const { applyToProperties } = action.options;\n\n if (!isArray(applyToProperties)) {\n return false;\n }\n\n return Object.keys(properties).every((property) => applyToProperties.includes(property));\n })\n .test(\n 'fields-property',\n 'Invalid fields property at ${path}',\n async function (properties = {}) {\n // @ts-expect-error yup types\n const action = getActionFromProvider(this.options.parent.action) as any;\n\n if (!action \|\| !properties) {\n return true;\n }\n\n if (!actionDomain.appliesToProperty('fields', action)) {\n return true;\n }\n\n try {\n await fieldsPropertyValidation(action).validate(properties.fields, {\n strict: true,\n abortEarly: false,\n });\n return true;\n } catch (e: any) {\n // Propagate fieldsPropertyValidation error with updated path\n throw this.createError({\n message: e.message,\n path: `${this.path}.fields`,\n });\n }\n }\n ),\n conditions: yup.array().of(yup.string()),\n })\n .noUnknown();\n\nexport const updatePermissions = yup\n .object()\n .shape({\n permissions: yup\n .array()\n .required()\n .of(permission)\n .test(\n 'duplicated-permissions',\n 'Some permissions are duplicated (same action and subject)',\n checkNoDuplicatedPermissions\n ),\n })\n .required()\n .noUnknown();\n\nexport default {\n email,\n firstname,\n lastname,\n username,\n password,\n roles,\n isAPluginName,\n arrayOfConditionNames,\n permission,\n updatePermissions,\n};\n","/ eslint-disable @typescript-eslint/no-non-null-assertion /\nimport _ from 'lodash';\nimport { defaults } from 'lodash/fp';\nimport { arrays, errors } from '@strapi/utils';\nimport type { Data } from '@strapi/types';\nimport { createUser, hasSuperAdminRole } from '../domain/user';\nimport type {\n AdminUser,\n AdminRole,\n AdminUserCreationPayload,\n SanitizedAdminUser,\n SanitizedAdminRole,\n AdminUserUpdatePayload,\n // eslint-disable-next-line node/no-unpublished-import\n} from '../../../shared/contracts/shared';\nimport { password as passwordValidator } from '../validation/common-validators';\nimport { getService } from '../utils';\nimport constants from './constants';\n\nconst { SUPER_ADMIN_CODE } = constants;\n\nconst { ValidationError } = errors;\nconst sanitizeUserRoles = (role: AdminRole): SanitizedAdminRole =>\n _.pick(role, ['id', 'name', 'description', 'code']);\n\n/\n Remove private user fields\n * @param user - user to sanitize\n /\nconst sanitizeUser = (user: AdminUser): SanitizedAdminUser => {\n return {\n ..._.omit(user, ['password', 'resetPasswordToken', 'registrationToken', 'roles']),\n roles: user.roles && user.roles.map(sanitizeUserRoles),\n };\n};\n\n/\n Create and save a user in database\n * @param attributes A partial user object\n /\nconst create = async (\n // isActive is added in the controller, it's not sent by the API.\n attributes: Partial<AdminUserCreationPayload> & { isActive?: true }\n): Promise<AdminUser> => {\n const userInfo = {\n registrationToken: getService('token').createToken(),\n ...attributes,\n };\n\n if (_.has(attributes, 'password')) {\n userInfo.password = await getService('auth').hashPassword(attributes.password!);\n }\n\n const user = createUser(userInfo);\n\n const createdUser = await strapi.db\n .query('admin::user')\n .create({ data: user, populate: ['roles'] });\n\n getService('metrics').sendDidInviteUser();\n\n strapi.eventHub.emit('user.create', { user: sanitizeUser(createdUser) });\n\n return createdUser;\n};\n\n/\n Update a user in database\n * @param id query params to find the user to update\n * @param attributes A partial user object\n /\nconst updateById = async (\n id: Data.ID,\n attributes: Partial<AdminUserUpdatePayload>\n): Promise<AdminUser> => {\n // Check at least one super admin remains\n if (_.has(attributes, 'roles')) {\n const lastAdminUser = await isLastSuperAdminUser(id);\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n const willRemoveSuperAdminRole = !arrays.includesString(attributes.roles!, superAdminRole.id);\n\n if (lastAdminUser && willRemoveSuperAdminRole) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n\n // cannot disable last super admin\n if (attributes.isActive === false) {\n const lastAdminUser = await isLastSuperAdminUser(id);\n if (lastAdminUser) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n\n // hash password if a new one is sent\n if (_.has(attributes, 'password')) {\n const hashedPassword = await getService('auth').hashPassword(attributes.password!);\n\n const updatedUser = await strapi.db.query('admin::user').update({\n where: { id },\n data: {\n ...attributes,\n password: hashedPassword,\n },\n populate: ['roles'],\n });\n\n strapi.eventHub.emit('user.update', { user: sanitizeUser(updatedUser) });\n\n return updatedUser;\n }\n\n const updatedUser = await strapi.db.query('admin::user').update({\n where: { id },\n data: attributes,\n populate: ['roles'],\n });\n\n if (updatedUser) {\n strapi.eventHub.emit('user.update', { user: sanitizeUser(updatedUser) });\n }\n\n return updatedUser;\n};\n\n/\n Reset a user password by email. (Used in admin:reset CLI)\n * @param email - user email\n * @param password - new password\n /\nconst resetPasswordByEmail = async (email: string, password: string) => {\n const user = await strapi.db\n .query('admin::user')\n .findOne({ where: { email }, populate: ['roles'] });\n\n if (!user) {\n throw new Error(`User not found for email: ${email}`);\n }\n\n try {\n await passwordValidator.validate(password);\n } catch (error) {\n throw new ValidationError(\n 'Invalid password. Expected a minimum of 8 characters with at least one number and one uppercase letter'\n );\n }\n\n await updateById(user.id, { password });\n};\n\n/\n Check if a user is the last super admin\n * @param userId user's id to look for\n /\nconst isLastSuperAdminUser = async (userId: Data.ID): Promise<boolean> => {\n const user = (await findOne(userId)) as AdminUser \| null;\n if (!user) return false;\n\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n\n return superAdminRole.usersCount === 1 && hasSuperAdminRole(user);\n};\n\n/\n Check if a user with specific attributes exists in the database\n * @param attributes A partial user object\n /\nconst exists = async (attributes = {} as unknown): Promise<boolean> => {\n return (await strapi.db.query('admin::user').count({ where: attributes })) > 0;\n};\n\n/\n Returns a user registration info\n * @param registrationToken - a user registration token\n * @returns - Returns user email, firstname and lastname\n /\nconst findRegistrationInfo = async (\n registrationToken: string\n): Promise<Pick<AdminUser, 'email' \| 'firstname' \| 'lastname'> \| undefined> => {\n const user = await strapi.db.query('admin::user').findOne({ where: { registrationToken } });\n\n if (!user) {\n return undefined;\n }\n\n return _.pick(user, ['email', 'firstname', 'lastname']);\n};\n\n/\n Registers a user based on a registrationToken and some informations to update\n * @param params\n * @param params.registrationToken registration token\n * @param params.userInfo user info\n /\nconst register = async ({\n registrationToken,\n userInfo,\n}: {\n registrationToken: string;\n userInfo: Partial<AdminUser>;\n}) => {\n const matchingUser = await strapi.db\n .query('admin::user')\n .findOne({ where: { registrationToken } });\n\n if (!matchingUser) {\n throw new ValidationError('Invalid registration info');\n }\n\n return getService('user').updateById(matchingUser.id, {\n password: userInfo.password,\n firstname: userInfo.firstname,\n lastname: userInfo.lastname,\n registrationToken: null,\n isActive: true,\n });\n};\n\n/\n Find one user\n /\nconst findOne = async (id: Data.ID, populate = ['roles']) => {\n return strapi.db.query('admin::user').findOne({ where: { id }, populate });\n};\n\n/\n Find one user by its email\n * @param email\n * @param populate\n * @returns\n /\nconst findOneByEmail = async (email: string, populate = []) => {\n return strapi.db.query('admin::user').findOne({\n where: { email: { $eqi: email } },\n populate,\n });\n};\n\n/* Find many users (paginated)\n * @param params\n /\nconst findPage = async (params = {}): Promise<unknown> => {\n const query = strapi\n .get('query-params')\n .transform('admin::user', defaults({ populate: ['roles'] }, params));\n\n return strapi.db.query('admin::user').findPage(query);\n};\n\n/* Delete a user\n * @param id id of the user to delete\n /\nconst deleteById = async (id: Data.ID): Promise<AdminUser \| null> => {\n // Check at least one super admin remains\n const userToDelete: AdminUser \| null = await strapi.db.query('admin::user').findOne({\n where: { id },\n populate: ['roles'],\n });\n\n if (!userToDelete) {\n return null;\n }\n\n if (userToDelete) {\n if (userToDelete.roles.some((r) => r.code === SUPER_ADMIN_CODE)) {\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n if (superAdminRole.usersCount === 1) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n }\n\n const deletedUser = await strapi.db\n .query('admin::user')\n .delete({ where: { id }, populate: ['roles'] });\n\n strapi.eventHub.emit('user.delete', { user: sanitizeUser(deletedUser) });\n\n return deletedUser;\n};\n\n/* Delete a user\n * @param ids ids of the users to delete\n /\nconst deleteByIds = async (ids: (string \| number)[]): Promise<AdminUser[]> => {\n // Check at least one super admin remains\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n const nbOfSuperAdminToDelete = await strapi.db.query('admin::user').count({\n where: {\n id: ids,\n roles: { id: superAdminRole.id },\n },\n });\n\n if (superAdminRole.usersCount === nbOfSuperAdminToDelete) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n\n const deletedUsers = [] as AdminUser[];\n for (const id of ids) {\n const deletedUser = await strapi.db.query('admin::user').delete({\n where: { id },\n populate: ['roles'],\n });\n\n deletedUsers.push(deletedUser);\n }\n\n strapi.eventHub.emit('user.delete', {\n users: deletedUsers.map((deletedUser) => sanitizeUser(deletedUser)),\n });\n\n return deletedUsers;\n};\n\n/* Count the users that don't have any associated roles\n /\nconst countUsersWithoutRole = async (): Promise<number> => {\n return strapi.db.query('admin::user').count({\n where: {\n roles: {\n id: { $null: true },\n },\n },\n });\n};\n\n/\n Count the number of users based on search params\n * @param params params used for the query\n /\nconst count = async (where = {}): Promise<number> => {\n return strapi.db.query('admin::user').count({ where });\n};\n\n/\n Assign some roles to several users\n /\nconst assignARoleToAll = async (roleId: Data.ID): Promise<void> => {\n const users = await strapi.db.query('admin::user').findMany({\n select: ['id'],\n where: {\n roles: { id: { $null: true } },\n },\n });\n\n await Promise.all(\n users.map((user) => {\n return strapi.db.query('admin::user').update({\n where: { id: user.id },\n data: { roles: [roleId] },\n });\n })\n );\n};\n\n/* Display a warning if some users don't have at least one role\n /\nconst displayWarningIfUsersDontHaveRole = async (): Promise<void> => {\n const count = await countUsersWithoutRole();\n\n if (count > 0) {\n strapi.log.warn(`Some users (${count}) don't have any role.`);\n }\n};\n\n/* Returns an array of interface languages currently used by users\n /\nconst getLanguagesInUse = async (): Promise<string[]> => {\n const users = await strapi.db.query('admin::user').findMany({ select: ['preferedLanguage'] });\n\n return users.map((user) => user.preferedLanguage \|\| 'en');\n};\n\nexport default {\n create,\n updateById,\n exists,\n findRegistrationInfo,\n register,\n sanitizeUser,\n findOne,\n findOneByEmail,\n findPage,\n deleteById,\n deleteByIds,\n countUsersWithoutRole,\n count,\n assignARoleToAll,\n displayWarningIfUsersDontHaveRole,\n resetPasswordByEmail,\n getLanguagesInUse,\n};\n","import type { Utils } from '@strapi/types';\n\nimport { providerFactory } from '@strapi/utils';\nimport {\n pipe,\n set,\n pick,\n eq,\n omit,\n remove,\n get,\n uniq,\n isArray,\n map,\n curry,\n merge,\n} from 'lodash/fp';\nimport { Permission } from '../../../../shared/contracts/shared';\nimport { SanitizedPermission } from '../../../../shared/contracts/roles';\n\nexport type CreatePermissionPayload = Utils.Object.PartialBy<\n Permission,\n 'actionParameters' \| 'conditions' \| 'properties' \| 'subject' \| 'id' \| 'createdAt' \| 'updatedAt'\n>;\n\ntype Provider = ReturnType<typeof providerFactory>;\n\nexport const permissionFields = [\n 'id',\n 'action',\n 'actionParameters',\n 'subject',\n 'properties',\n 'conditions',\n 'role',\n];\nexport const sanitizedPermissionFields = [\n 'id',\n 'action',\n 'actionParameters',\n 'subject',\n 'properties',\n 'conditions',\n] as const;\n\nexport const sanitizePermissionFields: (p: Permission) => SanitizedPermission =\n pick(sanitizedPermissionFields);\n\n/\n Creates a permission with default values\n /\nconst getDefaultPermission = () => ({\n actionParameters: {},\n conditions: [],\n properties: {},\n subject: null,\n});\n\n/\n Returns a new permission with the given condition\n * @param condition - The condition to add\n * @param permission - The permission on which we want to add the condition\n * @return\n /\nexport const addCondition = curry((condition: string, permission: Permission): Permission => {\n const { conditions } = permission;\n const newConditions = Array.isArray(conditions)\n ? uniq(conditions.concat(condition))\n : [condition];\n\n return set('conditions', newConditions, permission);\n});\n\n/\n Returns a new permission without the given condition\n * @param condition - The condition to remove\n * @param permission - The permission on which we want to remove the condition\n /\nexport const removeCondition = curry((condition: string, permission: Permission): Permission => {\n return set('conditions', remove(eq(condition), permission.conditions), permission);\n});\n\n/\n Gets a property or a part of a property from a permission.\n * @param property - The property to get\n * @param permission - The permission on which we want to access the property\n /\nexport const getProperty = curry(\n (property: string, permission: Permission): Permission =>\n get(`properties.${property}`, permission)\n);\n\n/\n Set a value for a given property on a new permission object\n * @param property - The name of the property\n * @param value - The value of the property\n * @param permission - The permission on which we want to set the property\n /\nexport const setProperty = (\n property: string,\n value: unknown,\n permission: Permission\n): Permission => {\n return set(`properties.${property}`, value, permission);\n};\n\n/\n Returns a new permission without the given property name set\n * @param property - The name of the property to delete\n * @param permission - The permission on which we want to remove the property\n /\nexport const deleteProperty = <TProperty extends string>(\n property: TProperty,\n permission: Permission\n) => omit(`properties.${property}`, permission) as Omit<Permission, TProperty>;\n\n/\n Creates a new {@link Permission} object from raw attributes. Set default values for certain fields\n * @param attributes\n /\nexport const create = (attributes: CreatePermissionPayload) => {\n return pipe(pick(permissionFields), merge(getDefaultPermission()))(attributes) as Permission;\n};\n\n/\n Using the given condition provider, check and remove invalid condition from the permission's condition array.\n * @param provider - The condition provider used to do the checks\n * @param permission - The condition to sanitize\n /\nexport const sanitizeConditions = curry(\n (provider: Provider, permission: Permission): Permission => {\n if (!isArray(permission.conditions)) {\n return permission;\n }\n\n return permission.conditions\n .filter((condition: string) => !provider.has(condition))\n .reduce(\n (perm: Permission, condition: string) => removeCondition(condition, perm),\n permission\n );\n }\n);\n\n/\n Transform raw attributes into valid permissions using the create domain function.\n * @param payload - Can either be a single object of attributes or an array of those objects.\n /\n\nfunction toPermission<T extends CreatePermissionPayload>(payload: T[]): Permission[];\nfunction toPermission<T extends CreatePermissionPayload>(payload: T): Permission;\nfunction toPermission<T extends CreatePermissionPayload>(\n payload: T[] \| T\n): Permission[] \| Permission {\n if (isArray(payload)) {\n return map((value) => create(value), payload);\n }\n\n return create(payload);\n}\n\nexport { toPermission };\n\nexport default {\n addCondition,\n removeCondition,\n create,\n deleteProperty,\n permissionFields,\n getProperty,\n sanitizedPermissionFields,\n sanitizeConditions,\n sanitizePermissionFields,\n setProperty,\n toPermission,\n};\n","import { yup, validateYupSchema } from '@strapi/utils';\nimport { getService } from '../utils';\nimport validators from './common-validators';\n\nconst checkPermissionsSchema = yup.object().shape({\n permissions: yup.array().of(\n yup\n .object()\n .shape({\n action: yup.string().required(),\n subject: yup.string().nullable(),\n field: yup.string(),\n })\n .noUnknown()\n ),\n});\n\nconst checkPermissionsExist = function (permissions: any) {\n const existingActions = getService('permission').actionProvider.values();\n const failIndex = permissions.findIndex(\n (permission: any) =>\n !existingActions.some(\n (action: any) =>\n action.actionId === permission.action &&\n (action.section !== 'contentTypes' \|\| action.subjects.includes(permission.subject))\n )\n );\n\n return failIndex === -1\n ? true\n : // @ts-expect-error yup types\n this.createError({\n path: 'permissions',\n message: `[${failIndex}] is not an existing permission action`,\n });\n};\n\nconst actionsExistSchema = yup\n .array()\n .of(\n yup.object().shape({\n conditions: yup.array().of(yup.string()),\n })\n )\n .test('actions-exist', '', checkPermissionsExist);\n\nexport const validatePermissionsExist = validateYupSchema(actionsExistSchema);\nexport const validateCheckPermissionsInput = validateYupSchema(checkPermissionsSchema);\nexport const validatedUpdatePermissionsInput = validateYupSchema(validators.updatePermissions);\n\nexport default {\n validatedUpdatePermissionsInput,\n validatePermissionsExist,\n validateCheckPermissionsInput,\n};\n","/ eslint-disable @typescript-eslint/no-explicit-any / // TODO: TS - Use database parameters interface when they are ready\n/ eslint-disable @typescript-eslint/default-param-last /\nimport _ from 'lodash';\nimport { set, omit, pick, prop, isArray, differenceWith, differenceBy, isEqual } from 'lodash/fp';\n\nimport { dates, arrays, hooks as hooksUtils, errors } from '@strapi/utils';\nimport type { Data } from '@strapi/types';\n\nimport permissionDomain from '../domain/permission';\nimport type { AdminUser, AdminRole, Permission } from '../../../shared/contracts/shared';\nimport type { Action } from '../domain/action';\n\nimport { validatePermissionsExist } from '../validation/permission';\nimport roleConstants from './constants';\nimport { getService } from '../utils';\n\nconst { SUPER_ADMIN_CODE, CONTENT_TYPE_SECTION } = roleConstants;\n\nconst { createAsyncSeriesWaterfallHook } = hooksUtils;\nconst { ApplicationError } = errors;\n\nconst hooks = {\n willResetSuperAdminPermissions: createAsyncSeriesWaterfallHook(),\n};\n\nconst ACTIONS = {\n publish: 'plugin::content-manager.explorer.publish',\n};\n\n// @ts-expect-error lodash types\nconst sanitizeRole: <T extends object>(obj: T) => Omit<T, 'users' \| 'permissions'> = omit([\n 'users',\n 'permissions',\n] as const);\n\nexport type AdminRoleWithUsersCount = AdminRole & { usersCount: number };\n\nconst COMPARABLE_FIELDS = ['conditions', 'properties', 'subject', 'action', 'actionParameters'];\nconst pickComparableFields = pick(COMPARABLE_FIELDS);\n\nconst jsonClean = <T extends object>(data: T): T => JSON.parse(JSON.stringify(data));\n\n/\n Compare two permissions\n /\nconst arePermissionsEqual = (p1: Permission, p2: Permission): boolean => {\n if (p1.action === p2.action) {\n return isEqual(jsonClean(pickComparableFields(p1)), jsonClean(pickComparableFields(p2)));\n }\n\n return false;\n};\n\n/\n Create and save a role in database\n * @param attributes A partial role object\n /\nconst create = async (attributes: Partial<AdminRole>): Promise<AdminRole> => {\n const alreadyExists = await exists({ name: attributes.name });\n\n if (alreadyExists) {\n throw new ApplicationError(\n `The name must be unique and a role with name \\`${attributes.name}\\` already exists.`\n );\n }\n const autoGeneratedCode = `${_.kebabCase(attributes.name)}-${dates.timestampCode()}`;\n\n const rolesWithCode = {\n ...attributes,\n code: attributes.code \|\| autoGeneratedCode,\n };\n\n const result = await strapi.db.query('admin::role').create({ data: rolesWithCode });\n strapi.eventHub.emit('role.create', { role: sanitizeRole(result) });\n\n return result;\n};\n\n/\n Find a role in database\n * @param params query params to find the role\n * @param populate\n /\nconst findOne = (params = {}, populate?: unknown): Promise<AdminRole> => {\n return strapi.db.query('admin::role').findOne({ where: params, populate });\n};\n\n/\n Find a role in database with usersCounts\n * @param params query params to find the role\n * @param populate\n /\nconst findOneWithUsersCount = async (\n params = {},\n populate?: unknown\n): Promise<AdminRoleWithUsersCount> => {\n const role = await strapi.db.query('admin::role').findOne({ where: params, populate });\n\n if (role) {\n role.usersCount = await getUsersCount(role.id);\n }\n\n return role;\n};\n\n/\n Find roles in database\n * @param params query params to find the roles\n * @param populate\n /\nconst find = (params = {}, populate: unknown): Promise<AdminRole[]> => {\n return strapi.db.query('admin::role').findMany({ where: params, populate });\n};\n\n/\n Find all roles in database\n /\nconst findAllWithUsersCount = async (params: any): Promise<AdminRoleWithUsersCount[]> => {\n const roles: AdminRoleWithUsersCount[] = await strapi.db\n .query('admin::role')\n .findMany(strapi.get('query-params').transform('admin::role', params));\n\n for (const role of roles) {\n role.usersCount = await getUsersCount(role.id);\n }\n\n return roles;\n};\n\n/\n Update a role in database\n * @param params query params to find the role to update\n * @param attributes A partial role object\n /\nconst update = async (params: any, attributes: Partial<AdminRole>): Promise<AdminRole> => {\n const sanitizedAttributes = _.omit(attributes, ['code']);\n\n if (_.has(params, 'id') && _.has(sanitizedAttributes, 'name')) {\n const alreadyExists = await exists({\n name: sanitizedAttributes.name,\n id: { $ne: params.id },\n });\n if (alreadyExists) {\n throw new ApplicationError(\n `The name must be unique and a role with name \\`${sanitizedAttributes.name}\\` already exists.`\n );\n }\n }\n\n const result = await strapi.db\n .query('admin::role')\n .update({ where: params, data: sanitizedAttributes });\n\n strapi.eventHub.emit('role.update', { role: sanitizeRole(result) });\n\n return result;\n};\n\n/\n Check if a role exists in database\n * @param params query params to find the role\n /\nconst exists = async (params = {} as unknown): Promise<boolean> => {\n const count = await strapi.db.query('admin::role').count({ where: params });\n return count > 0;\n};\n\n/\n Count the number of roles based on search params\n * @param params params used for the query\n /\nconst count = async (params = {} as any): Promise<number> => {\n return strapi.db.query('admin::role').count(params);\n};\n\n/\n Check if the given roles id can be deleted safely, throw otherwise\n * @param ids\n /\nconst checkRolesIdForDeletion = async (ids = [] as Data.ID[]) => {\n const superAdminRole = await getSuperAdmin();\n\n if (superAdminRole && arrays.includesString(ids, superAdminRole.id)) {\n throw new ApplicationError('You cannot delete the super admin role');\n }\n\n for (const roleId of ids) {\n const usersCount = await getUsersCount(roleId);\n if (usersCount !== 0) {\n throw new ApplicationError('Some roles are still assigned to some users');\n }\n }\n};\n\n/\n Delete roles in database if they have no user assigned\n * @param ids query params to find the roles\n /\nconst deleteByIds = async (ids = [] as Data.ID[]): Promise<AdminRole[]> => {\n await checkRolesIdForDeletion(ids);\n\n await getService('permission').deleteByRolesIds(ids);\n\n const deletedRoles: AdminRole[] = [];\n for (const id of ids) {\n const deletedRole = await strapi.db.query('admin::role').delete({ where: { id } });\n\n if (deletedRole) {\n strapi.eventHub.emit('role.delete', { role: deletedRole });\n deletedRoles.push(deletedRole);\n }\n }\n\n return deletedRoles;\n};\n\n/* Count the number of users for some roles\n /\nconst getUsersCount = async (roleId: Data.ID): Promise<number> => {\n return strapi.db.query('admin::user').count({ where: { roles: { id: roleId } } });\n};\n\n/* Returns admin role\n /\nconst getSuperAdmin = (): Promise<AdminRole \| undefined> => findOne({ code: SUPER_ADMIN_CODE });\n\n/* Returns admin role with userCount\n * @returns {Promise<role>}\n /\nconst getSuperAdminWithUsersCount = () => findOneWithUsersCount({ code: SUPER_ADMIN_CODE });\n\n/* Create superAdmin, Author and Editor role is no role already exist\n /\nconst createRolesIfNoneExist = async () => {\n const someRolesExist = await exists();\n if (someRolesExist) {\n return;\n }\n\n const { actionProvider } = getService('permission');\n\n const allActions = actionProvider.values();\n const contentTypesActions = allActions.filter((a) => a.section === 'contentTypes');\n\n // create 3 roles\n const superAdminRole = await create({\n name: 'Super Admin',\n code: 'strapi-super-admin',\n description: 'Super Admins can access and manage all features and settings.',\n });\n\n await getService('user').assignARoleToAll(superAdminRole.id);\n\n const editorRole = await create({\n name: 'Editor',\n code: 'strapi-editor',\n description: 'Editors can manage and publish contents including those of other users.',\n });\n\n const authorRole = await create({\n name: 'Author',\n code: 'strapi-author',\n description: 'Authors can manage the content they have created.',\n });\n\n // create content-type permissions for each role\n const editorPermissions = getService('content-type').getPermissionsWithNestedFields(\n contentTypesActions,\n {\n restrictedSubjects: ['plugin::users-permissions.user'],\n }\n );\n\n const authorPermissions = editorPermissions\n .filter(({ action }: any) => action !== ACTIONS.publish)\n .map((permission: any) =>\n permissionDomain.create({ ...permission, conditions: ['admin::is-creator'] })\n );\n\n editorPermissions.push(...getDefaultPluginPermissions());\n authorPermissions.push(...getDefaultPluginPermissions({ isAuthor: true }));\n\n // assign permissions to roles\n await addPermissions(editorRole.id, editorPermissions);\n await addPermissions(authorRole.id, authorPermissions);\n};\n\nconst getDefaultPluginPermissions = ({ isAuthor = false } = {}) => {\n const conditions = isAuthor ? ['admin::is-creator'] : [];\n\n // add plugin permissions for each role\n return [\n { action: 'plugin::upload.read', conditions },\n { action: 'plugin::upload.configure-view' },\n { action: 'plugin::upload.assets.create' },\n { action: 'plugin::upload.assets.update', conditions },\n { action: 'plugin::upload.assets.download' },\n { action: 'plugin::upload.assets.copy-link' },\n ].map(permissionDomain.create);\n};\n\n/* Display a warning if the role superAdmin doesn't exist\n * or if the role is not assigned to at least one user\n /\nconst displayWarningIfNoSuperAdmin = async () => {\n const superAdminRole = await getSuperAdminWithUsersCount();\n const someUsersExists = await getService('user').exists();\n\n if (!superAdminRole) {\n strapi.log.warn(\"Your application doesn't have a super admin role.\");\n } else if (someUsersExists && superAdminRole.usersCount === 0) {\n strapi.log.warn(\"Your application doesn't have a super admin user.\");\n }\n};\n\n/\n Assign permissions to a role\n * @param roleId - role Data.ID\n * @param {Array<Permission{action,subject,fields,conditions}>} permissions - permissions to assign to the role\n /\nconst assignPermissions = async (\n roleId: Data.ID,\n permissions: Array<Pick<Permission, 'action' \| 'subject' \| 'conditions'>> = []\n) => {\n await validatePermissionsExist(permissions);\n\n // Internal actions are not handled by the role service, so any permission\n // with an internal action is filtered out\n const internalActions = getService('permission')\n .actionProvider.values()\n .filter((action) => action.section === 'internal')\n .map((action) => action.actionId);\n\n const superAdmin = await getService('role').getSuperAdmin();\n const isSuperAdmin = superAdmin && superAdmin.id === roleId;\n const assignRole = set('role', roleId);\n\n const permissionsWithRole = permissions\n // Add the role attribute to every permission\n .map(assignRole)\n // Transform each permission into a Permission instance\n // @ts-expect-error - lodash set doesn't resolve the type appropriately\n .map(permissionDomain.create);\n\n const existingPermissions = await getService('permission').findMany({\n where: { role: { id: roleId } },\n populate: ['role'],\n });\n\n const permissionsToAdd = differenceWith(\n arePermissionsEqual,\n permissionsWithRole,\n existingPermissions\n ).filter((permission: Permission) => !internalActions.includes(permission.action));\n\n const permissionsToDelete = differenceWith(\n arePermissionsEqual,\n existingPermissions,\n permissionsWithRole\n ).filter((permission: Permission) => !internalActions.includes(permission.action));\n\n const permissionsToReturn = differenceBy('id', permissionsToDelete, existingPermissions);\n\n if (permissionsToDelete.length > 0) {\n // @ts-expect-error - lodash prop doesn't resolve the type appropriately\n await getService('permission').deleteByIds(permissionsToDelete.map(prop('id')));\n }\n\n if (permissionsToAdd.length > 0) {\n const newPermissions = await addPermissions(roleId, permissionsToAdd);\n permissionsToReturn.push(...newPermissions);\n }\n\n if (!isSuperAdmin && (permissionsToAdd.length \|\| permissionsToDelete.length)) {\n await getService('metrics').sendDidUpdateRolePermissions();\n }\n\n return permissionsToReturn;\n};\n\nconst addPermissions = async (roleId: Data.ID, permissions: any) => {\n const { conditionProvider, createMany } = getService('permission');\n const { sanitizeConditions } = permissionDomain;\n\n const permissionsWithRole = permissions\n .map(set('role', roleId))\n // @ts-expect-error - refactor domain/permission Condition type, as it's now expecting\n // a string but it should be a Condition interface\n .map(sanitizeConditions(conditionProvider))\n .map(permissionDomain.create);\n\n return createMany(permissionsWithRole);\n};\n\nconst isContentTypeAction = (action: Action) => action.section === CONTENT_TYPE_SECTION;\n\n/\n Reset super admin permissions (giving it all permissions)\n /\nconst resetSuperAdminPermissions = async () => {\n const superAdminRole = await getService('role').getSuperAdmin();\n if (!superAdminRole) {\n return;\n }\n\n const permissionService = getService('permission');\n const contentTypeService = getService('content-type');\n\n const allActions = permissionService.actionProvider.values() as Action[];\n\n const contentTypesActions = allActions.filter((action) => isContentTypeAction(action));\n const otherActions = allActions.filter((action) => !isContentTypeAction(action));\n\n // First, get the content-types permissions\n const permissions = contentTypeService.getPermissionsWithNestedFields(\n contentTypesActions\n ) as Permission[];\n\n // Then add every other permission\n const otherPermissions = otherActions.reduce((acc, action) => {\n const { actionId, subjects } = action;\n\n if (isArray(subjects)) {\n acc.push(\n ...subjects.map((subject) => permissionDomain.create({ action: actionId, subject }))\n );\n } else {\n acc.push(permissionDomain.create({ action: actionId }));\n }\n\n return acc;\n }, [] as Permission[]);\n\n permissions.push(...otherPermissions);\n\n const transformedPermissions = (await hooks.willResetSuperAdminPermissions.call(\n permissions\n )) as Permission[];\n\n await assignPermissions(superAdminRole.id, transformedPermissions);\n};\n\n/\n Check if a user object includes the super admin role\n /\nconst hasSuperAdminRole = (user: AdminUser): boolean => {\n const roles = _.get(user, 'roles', []) as AdminRole[];\n\n return roles.map(prop('code')).includes(SUPER_ADMIN_CODE);\n};\n\nconst constants = {\n superAdminCode: SUPER_ADMIN_CODE,\n};\n\nexport default {\n hooks,\n sanitizeRole,\n create,\n findOne,\n findOneWithUsersCount,\n find,\n findAllWithUsersCount,\n update,\n exists,\n count,\n deleteByIds,\n getUsersCount,\n getSuperAdmin,\n getSuperAdminWithUsersCount,\n createRolesIfNoneExist,\n displayWarningIfNoSuperAdmin,\n addPermissions,\n hasSuperAdminRole,\n assignPermissions,\n resetSuperAdminPermissions,\n checkRolesIdForDeletion,\n constants,\n};\n","import { toLower } from 'lodash/fp';\nimport { Strategy as LocalStrategy } from 'passport-local';\nimport type { Core } from '@strapi/types';\nimport { getService } from '../../utils';\n\nconst createLocalStrategy = (strapi: Core.Strapi, middleware?: any) => {\n return new LocalStrategy(\n {\n usernameField: 'email',\n passwordField: 'password',\n session: false,\n },\n (email: string, password: string, done: any) => {\n return getService('auth')\n .checkCredentials({ email: toLower(email), password })\n .then(async ([error, user, message]) => {\n if (middleware) {\n return middleware([error, user, message], done);\n }\n\n return done(error, user, message);\n })\n .catch((error) => done(error));\n }\n );\n};\n\nexport default createLocalStrategy;\n","import passport from 'koa-passport';\nimport type { Strategy } from 'passport-local';\nimport { isFunction } from 'lodash/fp';\n\nimport createLocalStrategy from './passport/local-strategy';\n\nconst authEventsMapper = {\n onConnectionSuccess: 'admin.auth.success',\n onConnectionError: 'admin.auth.error',\n};\n\nconst valueIsFunctionType = ([, value]: [any, any]) => isFunction(value);\nconst keyIsValidEventName = ([key]: any) => {\n return Object.keys(strapi.service('admin::passport').authEventsMapper).includes(key);\n};\n\nconst getPassportStrategies = () => [createLocalStrategy(strapi)] as Strategy[];\n\nconst registerAuthEvents = () => {\n // @ts-expect-error - TODO: migrate auth service to TS\n const { events = {} } = strapi.config.get('admin.auth', {});\n const { authEventsMapper } = strapi.service('admin::passport');\n\n const eventList = Object.entries(events).filter(keyIsValidEventName).filter(valueIsFunctionType);\n\n for (const [eventName, handler] of eventList) {\n // TODO - TS: ensure the handler is an EventHub.Listener\n strapi.eventHub.on(authEventsMapper[eventName], handler as any);\n }\n};\n\nconst init = () => {\n strapi\n .service('admin::passport')\n .getPassportStrategies()\n .forEach((strategy: Strategy) => passport.use(strategy));\n\n registerAuthEvents();\n\n return passport.initialize();\n};\n\nexport default { init, getPassportStrategies, authEventsMapper };\n","import type { Core } from '@strapi/types';\nimport { getService } from '../utils';\n\nconst sendDidInviteUser = async () => {\n const numberOfUsers = await getService('user').count();\n const numberOfRoles = await getService('role').count();\n strapi.telemetry.send('didInviteUser', {\n groupProperties: { numberOfRoles, numberOfUsers },\n });\n};\n\nconst sendDidUpdateRolePermissions = async () => {\n strapi.telemetry.send('didUpdateRolePermissions');\n};\n\nconst sendDidChangeInterfaceLanguage = async () => {\n const languagesInUse = await getService('user').getLanguagesInUse();\n // This event is anonymous\n strapi.telemetry.send('didChangeInterfaceLanguage', { userProperties: { languagesInUse } });\n};\n\nconst sendUpdateProjectInformation = async (strapi: Core.Strapi) => {\n const numberOfActiveAdminUsers = await getService('user').count({ isActive: true });\n const numberOfAdminUsers = await getService('user').count();\n\n strapi.telemetry.send('didUpdateProjectInformation', {\n groupProperties: { numberOfActiveAdminUsers, numberOfAdminUsers },\n });\n};\n\nconst startCron = (strapi: Core.Strapi) => {\n strapi.cron.add({\n '0 0 0 * ': () => sendUpdateProjectInformation(strapi),\n });\n};\n\nexport default {\n sendDidInviteUser,\n sendDidUpdateRolePermissions,\n sendDidChangeInterfaceLanguage,\n sendUpdateProjectInformation,\n startCron,\n};\n","import crypto from 'crypto';\nimport _ from 'lodash';\nimport jwt from 'jsonwebtoken';\nimport type { AdminUser } from '../../../shared/contracts/shared';\n\nconst defaultJwtOptions = { expiresIn: '30d' };\n\nexport type TokenOptions = {\n expiresIn?: string;\n [key: string]: unknown;\n};\n\nexport type TokenPayload = {\n id: AdminUser['id'];\n};\n\nexport type AdminAuthConfig = {\n secret: string;\n options: TokenOptions;\n};\n\nconst getTokenOptions = () => {\n const { options, secret } = strapi.config.get<AdminAuthConfig>(\n 'admin.auth',\n {} as AdminAuthConfig\n );\n\n return {\n secret,\n options: _.merge(defaultJwtOptions, options),\n };\n};\n\n/\n Create a random token\n /\nconst createToken = (): string => {\n return crypto.randomBytes(20).toString('hex');\n};\n\n/\n Creates a JWT token for an administration user\n * @param user - admin user\n /\nconst createJwtToken = (user: { id: AdminUser['id'] }) => {\n const { options, secret } = getTokenOptions();\n\n return jwt.sign({ id: user.id }, secret, options);\n};\n\n/\n Tries to decode a token an return its payload and if it is valid\n * @param token - a token to decode\n * @return decodeInfo - the decoded info\n /\nconst decodeJwtToken = (\n token: string\n): { payload: TokenPayload; isValid: true } \| { payload: null; isValid: false } => {\n const { secret } = getTokenOptions();\n\n try {\n const payload = jwt.verify(token, secret) as TokenPayload;\n return { payload, isValid: true };\n } catch (err) {\n return { payload: null, isValid: false };\n }\n};\n\nconst checkSecretIsDefined = () => {\n if (strapi.config.get('admin.serveAdminPanel') && !strapi.config.get('admin.auth.secret')) {\n throw new Error(\n `Missing auth.secret. Please set auth.secret in config/admin.js (ex: you can generate one using Node with \\`crypto.randomBytes(16).toString('base64')\\`).\nFor security reasons, prefer storing the secret in an environment variable and read it in config/admin.js. See https://docs.strapi.io/developer-docs/latest/setup-deployment-guides/configurations/optional/environment.html#configuration-using-environment-variables.`\n );\n }\n};\n\nexport { createToken, createJwtToken, getTokenOptions, decodeJwtToken, checkSecretIsDefined };\n","import { yup, validateYupSchemaSync } from '@strapi/utils';\nimport validators from './common-validators';\n\nconst registerProviderActionSchema = yup\n .array()\n .required()\n .of(\n yup\n .object()\n .shape({\n uid: yup\n .string()\n .matches(\n /^[a-z]([a-z\|.\|-]+)[a-z]$/,\n (v) => `${v.path}: The id can only contain lowercase letters, dots and hyphens.`\n )\n .required(),\n section: yup.string().oneOf(['contentTypes', 'plugins', 'settings', 'internal']).required(),\n pluginName: yup.mixed().when('section', {\n is: 'plugins',\n then: validators.isAPluginName.required(),\n otherwise: validators.isAPluginName,\n }),\n subjects: yup.mixed().when('section', {\n is: 'contentTypes',\n then: yup.array().of(yup.string()).required(),\n otherwise: yup\n .mixed()\n .oneOf([undefined], 'subjects should only be defined for the \"contentTypes\" section'),\n }),\n displayName: yup.string().required(),\n category: yup.mixed().when('section', {\n is: 'settings',\n then: yup.string().required(),\n otherwise: yup\n .mixed()\n .test(\n 'settingsCategory',\n 'category should only be defined for the \"settings\" section',\n (cat) => cat === undefined\n ),\n }),\n subCategory: yup.mixed().when('section', {\n is: (section: any) => ['settings', 'plugins'].includes(section),\n then: yup.string(),\n otherwise: yup\n .mixed()\n .test(\n 'settingsSubCategory',\n 'subCategory should only be defined for \"plugins\" and \"settings\" sections',\n (subCat) => {\n return subCat === undefined;\n }\n ),\n }),\n options: yup.object({\n applyToProperties: yup.array().of(yup.string()),\n }),\n })\n .noUnknown()\n );\n\nexport const validateRegisterProviderAction = validateYupSchemaSync(registerProviderActionSchema);\n\nexport default {\n validateRegisterProviderAction,\n};\n","import { providerFactory, hooks, errors } from '@strapi/utils';\nimport { validateRegisterProviderAction } from '../../validation/action-provider';\n\nimport domain from './index';\nimport type { Action, CreateActionPayload } from './index';\nimport type { Permission } from '../../../../shared/contracts/shared';\n\ntype Options = Parameters<typeof providerFactory>['0'];\n\nconst { ApplicationError } = errors;\n\n/\n Creates a new instance of an action provider\n /\nconst createActionProvider = (options?: Options) => {\n const provider = providerFactory(options);\n const actionHooks = {\n appliesPropertyToSubject: hooks.createAsyncParallelHook(),\n };\n\n return {\n ...provider,\n\n hooks: {\n ...provider.hooks,\n ...actionHooks,\n },\n\n async register(actionAttributes: CreateActionPayload) {\n if (strapi.isLoaded) {\n throw new Error(`You can't register new actions outside of the bootstrap function.`);\n }\n\n validateRegisterProviderAction([actionAttributes]);\n\n const action = domain.create(actionAttributes);\n\n return provider.register(action.actionId, action);\n },\n\n async registerMany(actionsAttributes: CreateActionPayload[]) {\n validateRegisterProviderAction(actionsAttributes);\n\n for (const attributes of actionsAttributes) {\n await this.register(attributes);\n }\n\n return this;\n },\n\n async appliesToProperty(property: string, actionId: string, subject: Permission['subject']) {\n const action = provider.get(actionId) as Action \| undefined;\n if (!action) {\n throw new ApplicationError(`No action found with id \"${actionId}\"`);\n }\n\n const appliesToAction = domain.appliesToProperty(property, action);\n\n // If the property isn't valid for this action, ignore the rest of the checks\n if (!appliesToAction) {\n return false;\n }\n\n // If the property is valid for this action and there isn't any subject\n if (!subject) {\n return true;\n }\n\n // If the property is valid for this action and the subject is not handled by the action\n if (!domain.appliesToSubject(subject, action)) {\n return false;\n }\n\n const results = await actionHooks.appliesPropertyToSubject.call({\n property,\n action,\n subject,\n });\n\n return results.every((result) => result !== false);\n },\n };\n};\n\nexport default createActionProvider;\n","import { pipe, merge, set, pick } from 'lodash/fp';\n\nexport type Condition = {\n id: string;\n displayName: string;\n name: string;\n plugin?: string;\n category?: string;\n /\n The handler of a {@link Condition}\n /\n handler: (user: object, options: object) => object \| boolean;\n};\n\n/\n Set of attributes used to create a new {@link Action} object\n /\nexport type CreateConditionPayload = Omit<Condition, 'id'>;\n\nconst DEFAULT_CATEGORY = 'default';\n\n/\n Get the default value used for every condition\n * @return {Condition}\n /\nexport const getDefaultConditionAttributes = () => ({\n category: DEFAULT_CATEGORY,\n});\n\n/\n Get the list of all the valid attributes of a {@link Condition}\n * @return {string[]}\n /\nexport const conditionFields = ['id', 'displayName', 'handler', 'plugin', 'category'] as const;\n\n/\n Remove unwanted attributes from a {@link Condition}\n /\nexport const sanitizeConditionAttributes = pick(conditionFields);\n\nexport const computeConditionId = (condition: CreateConditionPayload) => {\n const { name, plugin } = condition;\n\n if (!plugin) {\n return `api::${name}`;\n }\n\n if (plugin === 'admin') {\n return `admin::${name}`;\n }\n\n return `plugin::${plugin}.${name}`;\n};\n\n/\n Assign an id attribute to a {@link CreateConditionPayload} object\n * @param attrs - Payload used to create a condition\n /\nexport const assignConditionId = (attrs: CreateConditionPayload): Condition => {\n const condition = set('id', computeConditionId(attrs), attrs) as CreateConditionPayload & {\n id: string;\n };\n return condition;\n};\n\n/\n Transform the given attributes into a domain representation of a Condition\n * @param payload - The condition payload containing the attributes needed to create a {@link Condition}\n /\nexport const create = pipe(\n assignConditionId,\n sanitizeConditionAttributes,\n merge(getDefaultConditionAttributes())\n) as (payload: CreateConditionPayload) => Condition;\n\nexport default {\n assignConditionId,\n computeConditionId,\n conditionFields,\n create,\n getDefaultConditionAttributes,\n sanitizeConditionAttributes,\n};\n","import { providerFactory } from '@strapi/utils';\nimport domain from '.';\nimport type { CreateConditionPayload } from '.';\n\n/\n @typedef ConditionProviderOverride\n * @property {function(CreateConditionPayload)} register\n * @property {function(attributes CreateConditionPayload[]): Promise<this>} registerMany\n /\n\n/\n Creates a new instance of a condition provider\n * @return {Provider & ConditionProviderOverride}\n /\nconst createConditionProvider = () => {\n const provider = providerFactory();\n\n return {\n ...provider,\n\n async register(conditionAttributes: CreateConditionPayload) {\n if (strapi.isLoaded) {\n throw new Error(`You can't register new conditions outside of the bootstrap function.`);\n }\n\n const condition = domain.create(conditionAttributes);\n\n return provider.register(condition.id, condition);\n },\n\n async registerMany(conditionsAttributes: CreateConditionPayload[]) {\n for (const attributes of conditionsAttributes) {\n await this.register(attributes);\n }\n\n return this;\n },\n };\n};\n\nexport default createConditionProvider;\n","import { subject as asSubject, detectSubjectType } from '@casl/ability';\nimport { permittedFieldsOf } from '@casl/ability/extra';\nimport {\n defaults,\n omit,\n isArray,\n isEmpty,\n isNil,\n flatMap,\n some,\n prop,\n uniq,\n intersection,\n pick,\n getOr,\n isObject,\n cloneDeep,\n} from 'lodash/fp';\n\nimport type { UID } from '@strapi/types';\n\nimport { contentTypes, traverseEntity, sanitize, async, traverse } from '@strapi/utils';\nimport { ADMIN_USER_ALLOWED_FIELDS } from '../../../domain/user';\n\nconst {\n visitors: { removePassword, expandWildcardPopulate },\n} = sanitize;\n\nconst {\n constants,\n isScalarAttribute,\n getNonVisibleAttributes,\n getNonWritableAttributes,\n getWritableAttributes,\n} = contentTypes;\nconst {\n ID_ATTRIBUTE,\n DOC_ID_ATTRIBUTE,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n PUBLISHED_AT_ATTRIBUTE,\n CREATED_BY_ATTRIBUTE,\n UPDATED_BY_ATTRIBUTE,\n} = constants;\n\nconst COMPONENT_FIELDS = ['__component'];\nconst STATIC_FIELDS = [ID_ATTRIBUTE, DOC_ID_ATTRIBUTE];\n\nexport default ({ action, ability, model }: any) => {\n const schema = strapi.getModel(model);\n\n const { removeDisallowedFields } = sanitize.visitors;\n\n const ctx = {\n schema,\n getModel: strapi.getModel.bind(strapi),\n };\n\n const createSanitizeQuery = (options = {} as any) => {\n const { fields } = options;\n\n // TODO: sanitize relations to admin users in all sanitizers\n const permittedFields = fields.shouldIncludeAll ? null : getQueryFields(fields.permitted);\n\n const sanitizeFilters = async.pipe(\n traverse.traverseQueryFilters(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryFilters(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQueryFilters(omitHiddenFields, ctx),\n traverse.traverseQueryFilters(removePassword, ctx),\n traverse.traverseQueryFilters(({ key, value }, { remove }) => {\n if (isObject(value) && isEmpty(value)) {\n remove(key);\n }\n }, ctx)\n );\n\n const sanitizeSort = async.pipe(\n traverse.traverseQuerySort(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQuerySort(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQuerySort(omitHiddenFields, ctx),\n traverse.traverseQuerySort(removePassword, ctx),\n traverse.traverseQuerySort(({ key, attribute, value }, { remove }) => {\n if (!isScalarAttribute(attribute) && isEmpty(value)) {\n remove(key);\n }\n }, ctx)\n );\n\n const sanitizePopulate = async.pipe(\n traverse.traverseQueryPopulate(expandWildcardPopulate, ctx),\n traverse.traverseQueryPopulate(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryPopulate(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQueryPopulate(omitHiddenFields, ctx),\n traverse.traverseQueryPopulate(removePassword, ctx)\n );\n\n const sanitizeFields = async.pipe(\n traverse.traverseQueryFields(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryFields(omitHiddenFields, ctx),\n traverse.traverseQueryFields(removePassword, ctx)\n );\n\n return async (query: any) => {\n const sanitizedQuery = cloneDeep(query);\n\n if (query.filters) {\n Object.assign(sanitizedQuery, { filters: await sanitizeFilters(query.filters) });\n }\n\n if (query.sort) {\n Object.assign(sanitizedQuery, { sort: await sanitizeSort(query.sort) });\n }\n\n if (query.populate) {\n Object.assign(sanitizedQuery, { populate: await sanitizePopulate(query.populate) });\n }\n\n if (query.fields) {\n Object.assign(sanitizedQuery, { fields: await sanitizeFields(query.fields) });\n }\n\n return sanitizedQuery;\n };\n };\n\n const createSanitizeOutput = (options = {} as any) => {\n const { fields } = options;\n\n const permittedFields = fields.shouldIncludeAll ? null : getOutputFields(fields.permitted);\n\n return async.pipe(\n // Remove fields hidden from the admin\n traverseEntity(omitHiddenFields, ctx),\n // Remove unallowed fields from admin::user relations\n traverseEntity(pickAllowedAdminUserFields, ctx),\n // Remove not allowed fields (RBAC)\n traverseEntity(removeDisallowedFields(permittedFields), ctx),\n // Remove all fields of type 'password'\n sanitize.sanitizers.sanitizePasswords({\n schema,\n getModel(uid: string) {\n return strapi.getModel(uid as UID.Schema);\n },\n })\n );\n };\n\n const createSanitizeInput = (options = {} as any) => {\n const { fields } = options;\n\n const permittedFields = fields.shouldIncludeAll ? null : getInputFields(fields.permitted);\n\n return async.pipe(\n // Remove fields hidden from the admin\n traverseEntity(omitHiddenFields, ctx),\n // Remove not allowed fields (RBAC)\n traverseEntity(removeDisallowedFields(permittedFields), ctx),\n // Remove roles from createdBy & updatedBy fields\n omitCreatorRoles\n );\n };\n\n const wrapSanitize = (createSanitizeFunction: any) => {\n // TODO\n // @ts-expect-error define the correct return type\n const wrappedSanitize = async (data: unknown, options = {} as any) => {\n if (isArray(data)) {\n return Promise.all(data.map((entity: unknown) => wrappedSanitize(entity, options)));\n }\n\n const { subject, action: actionOverride } = getDefaultOptions(data, options);\n\n const permittedFields = permittedFieldsOf(ability, actionOverride, subject, {\n fieldsFrom: (rule) => rule.fields \|\| [],\n });\n\n const hasAtLeastOneRegistered = some(\n (fields) => !isNil(fields),\n flatMap(prop('fields'), ability.rulesFor(actionOverride, detectSubjectType(subject)))\n );\n const shouldIncludeAllFields = isEmpty(permittedFields) && !hasAtLeastOneRegistered;\n\n const sanitizeOptions = {\n ...options,\n fields: {\n shouldIncludeAll: shouldIncludeAllFields,\n permitted: permittedFields,\n hasAtLeastOneRegistered,\n },\n };\n\n const sanitizeFunction = createSanitizeFunction(sanitizeOptions);\n\n return sanitizeFunction(data);\n };\n\n return wrappedSanitize;\n };\n\n const getDefaultOptions = (data: any, options: unknown) => {\n return defaults({ subject: asSubject(model, data), action }, options);\n };\n\n /\n Omit creator fields' (createdBy & updatedBy) roles from the admin API responses\n /\n const omitCreatorRoles = omit([`${CREATED_BY_ATTRIBUTE}.roles`, `${UPDATED_BY_ATTRIBUTE}.roles`]);\n\n /\n Visitor used to remove hidden fields from the admin API responses\n /\n const omitHiddenFields = ({ key, schema }: any, { remove }: any) => {\n const isHidden = getOr(false, ['config', 'attributes', key, 'hidden'], schema);\n\n if (isHidden) {\n remove(key);\n }\n };\n\n /\n Visitor used to only select needed fields from the admin users entities & avoid leaking sensitive information\n /\n const pickAllowedAdminUserFields = ({ attribute, key, value }: any, { set }: any) => {\n const pickAllowedFields = pick(ADMIN_USER_ALLOWED_FIELDS);\n if (!attribute) {\n return;\n }\n\n if (attribute.type === 'relation' && attribute.target === 'admin::user' && value) {\n if (Array.isArray(value)) {\n set(key, value.map(pickAllowedFields));\n } else {\n set(key, pickAllowedFields(value));\n }\n }\n };\n\n /\n Visitor used to omit disallowed fields from the admin users entities & avoid leaking sensitive information\n /\n const omitDisallowedAdminUserFields = ({ key, attribute, schema }: any, { remove }: any) => {\n if (schema.uid === 'admin::user' && attribute && !ADMIN_USER_ALLOWED_FIELDS.includes(key)) {\n remove(key);\n }\n };\n\n const getInputFields = (fields = []) => {\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n const writableAttributes = getWritableAttributes(schema);\n\n const nonVisibleWritableAttributes = intersection(nonVisibleAttributes, writableAttributes);\n\n return uniq([...fields, ...COMPONENT_FIELDS, ...nonVisibleWritableAttributes]);\n };\n\n const getOutputFields = (fields = []) => {\n const nonWritableAttributes = getNonWritableAttributes(schema);\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n\n return uniq([\n ...fields,\n ...STATIC_FIELDS,\n ...COMPONENT_FIELDS,\n ...nonWritableAttributes,\n ...nonVisibleAttributes,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n ]);\n };\n\n const getQueryFields = (fields = []) => {\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n const writableAttributes = getWritableAttributes(schema);\n\n const nonVisibleWritableAttributes = intersection(nonVisibleAttributes, writableAttributes);\n\n return uniq([\n ...fields,\n ...STATIC_FIELDS,\n ...COMPONENT_FIELDS,\n ...nonVisibleWritableAttributes,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n PUBLISHED_AT_ATTRIBUTE,\n CREATED_BY_ATTRIBUTE,\n UPDATED_BY_ATTRIBUTE,\n ]);\n };\n\n return {\n sanitizeOutput: wrapSanitize(createSanitizeOutput),\n sanitizeInput: wrapSanitize(createSanitizeInput),\n sanitizeQuery: wrapSanitize(createSanitizeQuery),\n };\n};\n","import { subject as asSubject, detectSubjectType } from '@casl/ability';\nimport { permittedFieldsOf } from '@casl/ability/extra';\nimport {\n defaults,\n omit,\n isArray,\n isEmpty,\n isNil,\n flatMap,\n some,\n prop,\n uniq,\n intersection,\n getOr,\n isObject,\n} from 'lodash/fp';\n\nimport { contentTypes, traverseEntity, traverse, validate, async, errors } from '@strapi/utils';\nimport { ADMIN_USER_ALLOWED_FIELDS } from '../../../domain/user';\n\nconst { ValidationError } = errors;\nconst { throwPassword, throwDisallowedFields } = validate.visitors;\n\nconst { constants, isScalarAttribute, getNonVisibleAttributes, getWritableAttributes } =\n contentTypes;\nconst {\n ID_ATTRIBUTE,\n DOC_ID_ATTRIBUTE,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n PUBLISHED_AT_ATTRIBUTE,\n CREATED_BY_ATTRIBUTE,\n UPDATED_BY_ATTRIBUTE,\n} = constants;\n\nconst COMPONENT_FIELDS = ['__component'];\n\nconst STATIC_FIELDS = [ID_ATTRIBUTE, DOC_ID_ATTRIBUTE];\n\nconst throwInvalidKey = ({ key, path }: { key: string; path?: string \| null }) => {\n const msg = path && path !== key ? `Invalid key ${key} at ${path}` : `Invalid key ${key}`;\n\n throw new ValidationError(msg);\n};\n\nexport default ({ action, ability, model }: any) => {\n const schema = strapi.getModel(model);\n\n const ctx = {\n schema,\n getModel: strapi.getModel.bind(strapi),\n };\n\n const createValidateQuery = (options = {} as any) => {\n const { fields } = options;\n\n // TODO: validate relations to admin users in all validators\n const permittedFields = fields.shouldIncludeAll ? null : getQueryFields(fields.permitted);\n\n const validateFilters = async.pipe(\n traverse.traverseQueryFilters(throwDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryFilters(throwDisallowedAdminUserFields, ctx),\n traverse.traverseQueryFilters(throwPassword, ctx),\n traverse.traverseQueryFilters(({ key, value, path }) => {\n if (isObject(value) && isEmpty(value)) {\n throwInvalidKey({ key, path: path.attribute });\n }\n }, ctx)\n );\n\n const validateSort = async.pipe(\n traverse.traverseQuerySort(throwDisallowedFields(permittedFields), ctx),\n traverse.traverseQuerySort(throwDisallowedAdminUserFields, ctx),\n traverse.traverseQuerySort(throwPassword, ctx),\n traverse.traverseQuerySort(({ key, attribute, value, path }) => {\n if (!isScalarAttribute(attribute) && isEmpty(value)) {\n throwInvalidKey({ key, path: path.attribute });\n }\n }, ctx)\n );\n\n const validateFields = async.pipe(\n traverse.traverseQueryFields(throwDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryFields(throwPassword, ctx)\n );\n\n const validatePopulate = async.pipe(\n traverse.traverseQueryPopulate(throwDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryPopulate(throwDisallowedAdminUserFields, ctx),\n traverse.traverseQueryPopulate(throwHiddenFields, ctx),\n traverse.traverseQueryPopulate(throwPassword, ctx)\n );\n\n return async (query: any) => {\n if (query.filters) {\n await validateFilters(query.filters);\n }\n\n if (query.sort) {\n await validateSort(query.sort);\n }\n\n if (query.fields) {\n await validateFields(query.fields);\n }\n\n // a wildcard is always valid; its conversion will be handled by the entity service and can be optimized with sanitizer\n if (query.populate && query.populate !== '') {\n await validatePopulate(query.populate);\n }\n\n return true;\n };\n };\n\n const createValidateInput = (options = {} as any) => {\n const { fields } = options;\n\n const permittedFields = fields.shouldIncludeAll ? null : getInputFields(fields.permitted);\n\n return async.pipe(\n // Remove fields hidden from the admin\n traverseEntity(throwHiddenFields, ctx),\n // Remove not allowed fields (RBAC)\n traverseEntity(throwDisallowedFields(permittedFields), ctx),\n // Remove roles from createdBy & updatedBy fields\n omitCreatorRoles\n );\n };\n\n const wrapValidate = (createValidateFunction: any) => {\n // TODO\n // @ts-expect-error define the correct return type\n const wrappedValidate = async (data, options = {}): Promise<unknown> => {\n if (isArray(data)) {\n return Promise.all(data.map((entity: unknown) => wrappedValidate(entity, options)));\n }\n\n const { subject, action: actionOverride } = getDefaultOptions(data, options);\n\n const permittedFields = permittedFieldsOf(ability, actionOverride, subject, {\n fieldsFrom: (rule) => rule.fields \|\| [],\n });\n\n const hasAtLeastOneRegistered = some(\n (fields) => !isNil(fields),\n flatMap(prop('fields'), ability.rulesFor(actionOverride, detectSubjectType(subject)))\n );\n const shouldIncludeAllFields = isEmpty(permittedFields) && !hasAtLeastOneRegistered;\n\n const validateOptions = {\n ...options,\n fields: {\n shouldIncludeAll: shouldIncludeAllFields,\n permitted: permittedFields,\n hasAtLeastOneRegistered,\n },\n };\n\n const validateFunction = createValidateFunction(validateOptions);\n\n return validateFunction(data);\n };\n\n return wrappedValidate;\n };\n\n const getDefaultOptions = (data: any, options: unknown) => {\n return defaults({ subject: asSubject(model, data), action }, options);\n };\n\n /*\n Omit creator fields' (createdBy & updatedBy) roles from the admin API responses\n /\n const omitCreatorRoles = omit([`${CREATED_BY_ATTRIBUTE}.roles`, `${UPDATED_BY_ATTRIBUTE}.roles`]);\n\n /\n Visitor used to remove hidden fields from the admin API responses\n /\n const throwHiddenFields = ({ key, schema, path }: any) => {\n const isHidden = getOr(false, ['config', 'attributes', key, 'hidden'], schema);\n\n if (isHidden) {\n throwInvalidKey({ key, path: path.attribute });\n }\n };\n\n /\n Visitor used to omit disallowed fields from the admin users entities & avoid leaking sensitive information\n /\n const throwDisallowedAdminUserFields = ({ key, attribute, schema, path }: any) => {\n if (schema.uid === 'admin::user' && attribute && !ADMIN_USER_ALLOWED_FIELDS.includes(key)) {\n throwInvalidKey({ key, path: path.attribute });\n }\n };\n\n const getInputFields = (fields = []) => {\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n const writableAttributes = getWritableAttributes(schema);\n\n const nonVisibleWritableAttributes = intersection(nonVisibleAttributes, writableAttributes);\n\n return uniq([...fields, ...COMPONENT_FIELDS, ...nonVisibleWritableAttributes]);\n };\n\n const getQueryFields = (fields = []) => {\n return uniq([\n ...fields,\n ...STATIC_FIELDS,\n ...COMPONENT_FIELDS,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n PUBLISHED_AT_ATTRIBUTE,\n ]);\n };\n\n return {\n validateQuery: wrapValidate(createValidateQuery),\n validateInput: wrapValidate(createValidateInput),\n };\n};\n","// TODO: migration\nimport _ from 'lodash';\nimport { rulesToQuery } from '@casl/ability/extra';\n\nconst operatorsMap = {\n $in: '$in',\n $nin: '$notIn',\n $exists: '$notNull',\n $gte: '$gte',\n $gt: '$gt',\n $lte: '$lte',\n $lt: '$lt',\n $eq: '$eq',\n $ne: '$ne',\n $and: '$and',\n $or: '$or',\n $not: '$not',\n} as const;\n\nconst mapKey = (key: keyof typeof operatorsMap) => {\n if (_.isString(key) && key.startsWith('$') && key in operatorsMap) {\n return operatorsMap[key];\n }\n return key;\n};\n\nconst buildCaslQuery = (ability: unknown, action: unknown, model: unknown) => {\n // @ts-expect-error casl types\n return rulesToQuery(ability, action, model, (o) => o.conditions);\n};\n\nconst buildStrapiQuery = (caslQuery: unknown) => {\n return unwrapDeep(caslQuery);\n};\n\nconst unwrapDeep = (obj: any): unknown => {\n if (!_.isPlainObject(obj) && !_.isArray(obj)) {\n return obj;\n }\n if (_.isArray(obj)) {\n return obj.map((v: unknown) => unwrapDeep(v));\n }\n\n return _.reduce(\n obj,\n (acc, v, k: any) => {\n const key = mapKey(k);\n\n if (_.isPlainObject(v)) {\n if ('$elemMatch' in v) {\n _.setWith(acc, key, unwrapDeep(v.$elemMatch));\n } else {\n _.setWith(acc, key, unwrapDeep(v));\n }\n } else if (_.isArray(v)) {\n // prettier-ignore\n _.setWith(acc, key, v.map(v => unwrapDeep(v)));\n } else {\n _.setWith(acc, key, v);\n }\n\n return acc;\n },\n {}\n );\n};\n\nexport { buildCaslQuery, buildStrapiQuery };\n","import _ from 'lodash';\nimport { cloneDeep, isPlainObject } from 'lodash/fp';\nimport { subject as asSubject } from '@casl/ability';\nimport createSanitizeHelpers from './sanitize';\nimport createValidateHelpers from './validate';\n\nimport { buildStrapiQuery, buildCaslQuery } from './query-builders';\n\nexport default ({ ability, action, model }: any) => ({\n ability,\n action,\n model,\n\n get isAllowed(): unknown {\n return this.ability.can(action, model);\n },\n\n toSubject(target: any, subjectType = model) {\n return asSubject(subjectType, target);\n },\n\n pickPermittedFieldsOf(data: unknown, options = {}) {\n return this.sanitizeInput(data, options);\n },\n\n getQuery(queryAction = action) {\n if (_.isUndefined(queryAction)) {\n throw new Error('Action must be defined to build a permission query');\n }\n\n return buildStrapiQuery(buildCaslQuery(ability, queryAction, model));\n },\n\n // eslint-disable-next-line @typescript-eslint/default-param-last\n addPermissionsQueryTo(query = {} as any, action: unknown) {\n const newQuery = cloneDeep(query);\n const permissionQuery = this.getQuery(action) ?? undefined;\n\n if (isPlainObject(query.filters)) {\n newQuery.filters = permissionQuery\n ? { $and: [query.filters, permissionQuery] }\n : query.filters;\n } else {\n newQuery.filters = permissionQuery;\n }\n\n return newQuery;\n },\n\n ...createSanitizeHelpers({ action, ability, model }),\n ...createValidateHelpers({ action, ability, model }),\n});\n","import { curry, isArray, isEmpty, difference } from 'lodash/fp';\nimport permissions, { type engine } from '@strapi/permissions';\nimport type { Ability } from '@casl/ability';\nimport permissionDomain from '../../domain/permission';\nimport { getService } from '../../utils';\nimport { Action } from '../../domain/action';\nimport type { AdminUser, Permission } from '../../../../shared/contracts/shared';\n\nexport default (params: { providers: engine.EngineParams['providers'] }) => {\n const { providers } = params;\n\n const engine = permissions.engine\n .new({ providers })\n /\n Validate the permission's action exists in the action registry\n /\n .on('before-format::validate.permission', ({ permission }) => {\n const action = providers.action.get(permission.action);\n\n // If the action isn't registered into the action provider, then ignore the permission\n if (!action) {\n strapi.log.debug(\n `Unknown action \"${permission.action}\" supplied when registering a new permission in engine`\n );\n return false;\n }\n })\n\n /\n Remove invalid properties from the permission based on the action (applyToProperties)\n /\n .on('format.permission', (permission: Permission) => {\n const action = providers.action.get(permission.action) as Action;\n const properties = permission.properties \|\| {};\n\n // Only keep the properties allowed by the action (action.applyToProperties)\n const propertiesName = Object.keys(properties);\n const invalidProperties = difference(\n propertiesName,\n // @ts-expect-error - applyToProperties is defined inside the options of an action\n action.applyToProperties \|\| propertiesName\n );\n\n const permissionWithSanitizedProperties = invalidProperties.reduce(\n // @ts-expect-error - fix reduce, property should be a string but it's actually the permission object\n (property) => permissionDomain.deleteProperty(property, permission) as Permission,\n permission\n );\n\n return permissionWithSanitizedProperties;\n })\n\n /\n Ignore the permission if the fields property is an empty array (access to no field)\n /\n .on('after-format::validate.permission', ({ permission }) => {\n const { fields } = permission.properties;\n\n if (isArray(fields) && isEmpty(fields)) {\n return false;\n }\n });\n\n return {\n get hooks() {\n return engine.hooks;\n },\n\n /\n Generate an ability based on the given user (using associated roles & permissions)\n * @param user\n /\n async generateUserAbility(user: AdminUser): Promise<Ability> {\n const permissions = (await getService('permission').findUserPermissions(user)) as any;\n\n return engine.generateAbility(permissions, user);\n },\n\n /\n Check many permissions based on an ability\n /\n checkMany: curry((ability: Ability, permissions: Permission[]) => {\n // @ts-expect-error - Permissions does not contain any field property\n return permissions.map(({ action, subject, field }) => ability.can(action, subject, field));\n }),\n };\n};\n","import { eq } from 'lodash/fp';\nimport { hooks } from '@strapi/utils';\nimport type { Action } from '../../../domain/action';\n\nexport type SectionOptions = {\n initialStateFactory?: (...args: any) => unknown; // A factory function that returns the default shape of the section\n handlers?: ((...args: any) => unknown)[]; // An initial collection of handlers which will be registered in the handlers hook\n matchers?: ((...args: any) => unknown)[]; // An initial collection of matchers which will be registered in the matchers hook\n};\n\nconst emptyObjectFactory = () => ({});\n\n/\n Upon call, creates a new section object\n /\nconst createSection = (\n { initialStateFactory = emptyObjectFactory, handlers = [], matchers = [] } = {} as SectionOptions\n) => {\n const state = {\n hooks: {\n handlers: hooks.createAsyncSeriesHook(),\n matchers: hooks.createAsyncParallelHook(),\n },\n };\n\n // Register initial hooks\n handlers.forEach((handler) => state.hooks.handlers.register(handler));\n matchers.forEach((matcher) => state.hooks.matchers.register(matcher));\n\n return {\n hooks: state.hooks,\n\n /\n Verifies if an action can be applied to the section by running the matchers hook.\n * If any of the registered matcher functions returns true, then the condition applies.\n /\n async appliesToAction(action: Action): Promise<boolean> {\n const results = await state.hooks.matchers.call(action);\n\n return results.some(eq(true));\n },\n\n /\n Init, build and returns a section object based on the given actions\n * @param actions - A list of actions used to populate the section\n /\n async build(actions = [] as Action[]) {\n const section = initialStateFactory();\n\n for (const action of actions) {\n const applies = await this.appliesToAction(action);\n\n if (applies) {\n await state.hooks.handlers.call({ action, section });\n }\n }\n\n return section;\n },\n };\n};\n\nexport default createSection;\n","import { Action } from '../../../domain/action';\nimport createSection, { SectionOptions } from './section';\n\n/\n Create a new section builder with its own sections registry\n /\nconst createSectionBuilder = () => {\n const state = {\n sections: new Map(),\n };\n\n return {\n /\n Create & add a section to the builder's registry\n * @param sectionName - The unique name of the section\n * @param options - The options used to build a {@link Section}\n /\n createSection(sectionName: string, options: SectionOptions) {\n const section = createSection(options);\n\n state.sections.set(sectionName, section);\n\n return this;\n },\n\n /\n Removes a section from the builder's registry using its unique name\n * @param sectionName - The name of the section to delete\n /\n deleteSection(sectionName: string) {\n state.sections.delete(sectionName);\n\n return this;\n },\n\n /\n Register a handler function for a given section\n * @param sectionName - The name of the section\n * @param handler - The handler to register\n /\n addHandler(sectionName: string, handler: () => unknown) {\n if (state.sections.has(sectionName)) {\n state.sections.get(sectionName).hooks.handlers.register(handler);\n }\n\n return this;\n },\n\n /\n Register a matcher function for a given section\n * @param sectionName - The name of the section\n * @param matcher - The handler to register\n\n /\n addMatcher(sectionName: string, matcher: () => unknown) {\n if (state.sections.has(sectionName)) {\n state.sections.get(sectionName).hooks.matchers.register(matcher);\n }\n\n return this;\n },\n\n /\n Build a section tree based on the registered actions and the given actions\n * @param actions - The actions used to build each section\n /\n async build(actions = [] as Action[]) {\n const sections = {} as any;\n\n for (const [sectionName, section] of state.sections.entries()) {\n sections[sectionName] = await section.build(actions);\n }\n\n return sections;\n },\n };\n};\n\nexport default createSectionBuilder;\n","import { curry, matchesProperty, pick } from 'lodash/fp';\nimport type { Internal, Struct } from '@strapi/types';\n\nconst isOfKind = (kind: unknown) => matchesProperty('kind', kind);\n\nconst resolveContentType = (uid: Internal.UID.ContentType): Struct.ContentTypeSchema => {\n return strapi.contentTypes[uid];\n};\n\nconst isNotInSubjects = (subjects: any) => (uid: unknown) =>\n !subjects.find((subject: any) => subject.uid === uid);\n\nconst hasProperty = curry((property: unknown, subject: any) => {\n return !!subject.properties.find((prop: any) => prop.value === property);\n});\n\nconst getValidOptions = pick(['applyToProperties']);\n\nconst toSubjectTemplate = (ct: any) => ({\n uid: ct.uid,\n label: ct.info.singularName,\n properties: [],\n});\n\nexport {\n isOfKind,\n resolveContentType,\n isNotInSubjects,\n hasProperty,\n getValidOptions,\n toSubjectTemplate,\n};\n","import type { Internal } from '@strapi/types';\nimport { contentTypes } from '@strapi/utils';\nimport {\n toSubjectTemplate,\n getValidOptions,\n hasProperty,\n isNotInSubjects,\n resolveContentType,\n isOfKind,\n} from './utils';\nimport type { Action } from '../../../domain/action';\n\nconst { isVisibleAttribute } = contentTypes;\n\nexport type ContentTypesSection = {\n actions: Action[];\n subjects: any[];\n};\n\nexport type ActionArraySection = Action[];\n\n/\n Transforms & adds the given setting action to the section\n * Note: The action is transformed to a setting specific format\n * @param options\n * @param options.action\n * @param section\n /\nconst settings = ({ action, section }: { action: Action; section: ActionArraySection }) => {\n const { category, subCategory, displayName, actionId } = action;\n\n section.push({\n displayName,\n category,\n subCategory,\n // TODO: Investigate at which point the action property is transformed to actionId\n // @ts-expect-error - action should be actionID\n action: actionId,\n });\n};\n\n/\n Transforms & adds the given plugin action to the section\n * Note: The action is transformed to a plugin specific format\n * @param {object} options\n * @param {Action} options.action\n * @param {ActionArraySection} section\n /\nconst plugins = ({ action, section }: { action: Action; section: ActionArraySection }) => {\n const { pluginName, subCategory, displayName, actionId } = action;\n\n section.push({\n displayName,\n // @ts-expect-error - plugin should be pluginName, TODO: Investigate at which point the plugin property\n plugin: pluginName,\n subCategory,\n action: actionId,\n });\n};\n\n/\n Transforms & adds the given action to the section's actions field\n * Note: The action is transformed to a content-type specific format\n * @param {object} options\n * @param {Action} options.action\n * @param {ContentTypesSection} section\n /\nconst contentTypesBase = ({\n action,\n section,\n}: {\n action: Action;\n section: ContentTypesSection;\n}) => {\n const { displayName, actionId, subjects, options } = action;\n\n section.actions.push({\n // @ts-expect-error - label should be displayName, TODO: Investigate at which point the label property\n label: displayName,\n actionId,\n subjects,\n ...getValidOptions(options),\n });\n};\n\n/\n Initialize the subjects array of a section based on the action's subjects\n /\nconst subjectsHandlerFor =\n (kind: string) =>\n ({ action, section: contentTypesSection }: { action: Action; section: ContentTypesSection }) => {\n // TODO: add a type guard for UID.ContentType\n const subjects = action.subjects as Internal.UID.ContentType[];\n\n if (!subjects?.length) {\n return;\n }\n\n const newSubjects = subjects\n // Ignore already added subjects\n .filter(isNotInSubjects(contentTypesSection.subjects))\n // Transform UIDs into content-types\n .map(resolveContentType)\n // Only keep specific kind of content-types\n .filter(isOfKind(kind))\n // Transform the content-types into section's subjects\n .map(toSubjectTemplate);\n\n contentTypesSection.subjects.push(...newSubjects);\n };\n\nconst buildNode = (model: any, attributeName: string, attribute: any) => {\n if (!isVisibleAttribute(model, attributeName)) {\n return null;\n }\n\n const node = { label: attributeName, value: attributeName };\n\n if (attribute.required) {\n Object.assign(node, { required: true });\n }\n\n if (attribute.type === 'component') {\n const component = strapi.components[attribute.component];\n return { ...node, children: buildDeepAttributesCollection(component) };\n }\n\n return node;\n};\n\nconst buildDeepAttributesCollection = (model: any): unknown => {\n return Object.entries(model.attributes)\n .map(([attributeName, attribute]) => buildNode(model, attributeName, attribute))\n .filter((node) => node !== null);\n};\n\n/\n Create and populate the fields property for section's subjects based on the action's subjects list\n /\nconst fieldsProperty = ({ action, section }: { action: Action; section: ContentTypesSection }) => {\n const { subjects } = action;\n\n section.subjects\n .filter((subject) => subjects?.includes(subject.uid))\n .forEach((subject) => {\n const { uid } = subject;\n const contentType = resolveContentType(uid);\n\n if (hasProperty('fields', subject)) {\n return;\n }\n\n const fields = buildDeepAttributesCollection(contentType);\n const fieldsProp = { label: 'Fields', value: 'fields', children: fields };\n\n subject.properties.push(fieldsProp);\n });\n};\n\nexport { plugins, settings, subjectsHandlerFor, contentTypesBase, fieldsProperty };\n","import { propEq } from 'lodash/fp';\nimport createSectionBuilder from './builder';\nimport {\n subjectsHandlerFor,\n contentTypesBase,\n fieldsProperty,\n plugins as pluginsHandler,\n settings as settingsHandler,\n} from './handlers';\n\nconst sectionPropMatcher = propEq('section');\n\nconst createContentTypesInitialState = () => ({\n actions: [],\n subjects: [],\n});\n\nconst createDefaultSectionBuilder = () => {\n const builder = createSectionBuilder();\n\n builder.createSection('plugins', {\n initialStateFactory: () => [],\n handlers: [pluginsHandler],\n matchers: [sectionPropMatcher('plugins')],\n });\n\n builder.createSection('settings', {\n initialStateFactory: () => [],\n handlers: [settingsHandler],\n matchers: [sectionPropMatcher('settings')],\n });\n\n builder.createSection('singleTypes', {\n initialStateFactory: createContentTypesInitialState,\n handlers: [contentTypesBase, subjectsHandlerFor('singleType'), fieldsProperty],\n matchers: [sectionPropMatcher('contentTypes')],\n });\n\n builder.createSection('collectionTypes', {\n initialStateFactory: createContentTypesInitialState,\n handlers: [contentTypesBase, subjectsHandlerFor('collectionType'), fieldsProperty],\n matchers: [sectionPropMatcher('contentTypes')],\n });\n\n return builder;\n};\n\nexport default createDefaultSectionBuilder;\n","import { isNil, isArray, prop, xor, eq, map, differenceWith } from 'lodash/fp';\nimport pmap from 'p-map';\nimport type { Data } from '@strapi/types';\nimport { getService } from '../../utils';\nimport permissionDomain, { CreatePermissionPayload } from '../../domain/permission';\nimport type { AdminUser, Permission } from '../../../../shared/contracts/shared';\nimport { Action } from '../../domain/action';\n\n/\n Delete permissions of roles in database\n * @param rolesIds ids of roles\n /\nexport const deleteByRolesIds = async (rolesIds: Data.ID[]): Promise<void> => {\n const permissionsToDelete = await strapi.db.query('admin::permission').findMany({\n select: ['id'],\n where: {\n role: { id: rolesIds },\n },\n });\n\n if (permissionsToDelete.length > 0) {\n await deleteByIds(permissionsToDelete.map(prop('id')));\n }\n};\n\n/\n Delete permissions\n * @param ids ids of permissions\n /\nexport const deleteByIds = async (ids: Data.ID[]): Promise<void> => {\n const result: unknown[] = [];\n for (const id of ids) {\n const queryResult = await strapi.db.query('admin::permission').delete({ where: { id } });\n result.push(queryResult);\n }\n strapi.eventHub.emit('permission.delete', { permissions: result });\n};\n\n/\n Create many permissions\n * @param permissions\n /\nexport const createMany = async (permissions: CreatePermissionPayload[]): Promise<Permission[]> => {\n const createdPermissions: CreatePermissionPayload[] = [];\n for (const permission of permissions) {\n const newPerm = await strapi.db.query('admin::permission').create({ data: permission });\n createdPermissions.push(newPerm);\n }\n\n const permissionsToReturn = permissionDomain.toPermission(createdPermissions);\n strapi.eventHub.emit('permission.create', { permissions: permissionsToReturn });\n\n return permissionsToReturn;\n};\n\n/\n Update a permission\n * @param params\n * @param attributes\n /\nconst update = async (params: unknown, attributes: Partial<Permission>) => {\n const updatedPermission = (await strapi.db\n .query('admin::permission')\n .update({ where: params, data: attributes })) as Permission;\n\n const permissionToReturn = permissionDomain.toPermission(updatedPermission);\n strapi.eventHub.emit('permission.update', { permissions: permissionToReturn });\n\n return permissionToReturn;\n};\n\n/\n Find assigned permissions in the database\n * @param params query params to find the permissions\n /\nexport const findMany = async (params = {}): Promise<Permission[]> => {\n const rawPermissions = await strapi.db.query('admin::permission').findMany(params);\n\n return permissionDomain.toPermission(rawPermissions);\n};\n\n/\n Find all permissions for a user\n * @param user - user\n /\nexport const findUserPermissions = async (user: AdminUser): Promise<Permission[]> => {\n return findMany({ where: { role: { users: { id: user.id } } } });\n};\n\nconst filterPermissionsToRemove = async (permissions: Permission[]) => {\n const { actionProvider } = getService('permission');\n\n const permissionsToRemove: Permission[] = [];\n\n for (const permission of permissions) {\n const { subjects, options = {} as Action['options'] } =\n (actionProvider.get(permission.action) as Action) \|\| {};\n const { applyToProperties } = options;\n\n const invalidProperties = await Promise.all(\n (applyToProperties \|\| []).map(async (property) => {\n const applies = await actionProvider.appliesToProperty(\n property,\n permission.action,\n permission.subject\n );\n\n return applies && isNil(permissionDomain.getProperty(property, permission));\n })\n );\n\n const isRegisteredAction = actionProvider.has(permission.action);\n const hasInvalidProperties = isArray(applyToProperties) && invalidProperties.every(eq(true));\n const isInvalidSubject = isArray(subjects) && !subjects.includes(permission.subject as string);\n\n // If the permission has an invalid action, an invalid subject or invalid properties, then add it to the toBeRemoved collection\n if (!isRegisteredAction \|\| isInvalidSubject \|\| hasInvalidProperties) {\n permissionsToRemove.push(permission);\n }\n }\n\n return permissionsToRemove;\n};\n\n/\n Removes permissions in database that don't exist anymore\n /\nexport const cleanPermissionsInDatabase = async (): Promise<void> => {\n const pageSize = 200;\n\n const contentTypeService = getService('content-type');\n\n const total = await strapi.db.query('admin::permission').count();\n const pageCount = Math.ceil(total / pageSize);\n\n for (let page = 0; page < pageCount; page += 1) {\n // 1. Find invalid permissions and collect their ID to delete them later\n const results = (await strapi.db\n .query('admin::permission')\n .findMany({ limit: pageSize, offset: page pageSize })) as Permission[];\n\n const permissions = permissionDomain.toPermission(results);\n const permissionsToRemove = await filterPermissionsToRemove(permissions);\n const permissionsIdToRemove = map(prop('id'), permissionsToRemove);\n\n // 2. Clean permissions' fields (add required ones, remove the non-existing ones)\n const remainingPermissions = permissions.filter(\n (permission: Permission) => !permissionsIdToRemove.includes(permission.id)\n );\n\n const permissionsWithCleanFields = contentTypeService.cleanPermissionFields(\n remainingPermissions\n ) as Permission[];\n\n // Update only the ones that need to be updated\n const permissionsNeedingToBeUpdated = differenceWith(\n (a: Permission, b: Permission) => {\n return a.id === b.id && xor(a.properties.fields, b.properties.fields).length === 0;\n },\n permissionsWithCleanFields,\n remainingPermissions\n );\n\n const updatePromiseProvider = (permission: Permission) => {\n return update({ id: permission.id }, permission);\n };\n\n // Execute all the queries, update the database\n await Promise.all([\n deleteByIds(permissionsIdToRemove),\n pmap(permissionsNeedingToBeUpdated, updatePromiseProvider, {\n concurrency: 100,\n stopOnError: true,\n }),\n ]);\n }\n};\n\nexport default {\n createMany,\n findMany,\n deleteByRolesIds,\n deleteByIds,\n findUserPermissions,\n cleanPermissionsInDatabase,\n};\n","import domain from '../domain/permission';\nimport createActionProvider from '../domain/action/provider';\nimport createConditionProvider from '../domain/condition/provider';\nimport createPermissionsManager from './permission/permissions-manager';\nimport createPermissionEngine from './permission/engine';\nimport createSectionsBuilder from './permission/sections-builder';\nimport {\n cleanPermissionsInDatabase,\n createMany,\n deleteByIds,\n deleteByRolesIds,\n findMany,\n findUserPermissions,\n} from './permission/queries';\n\nconst actionProvider = createActionProvider();\nconst conditionProvider = createConditionProvider();\nconst sectionsBuilder = createSectionsBuilder();\n\nconst sanitizePermission = domain.sanitizePermissionFields;\n\nconst engine = createPermissionEngine({\n providers: { action: actionProvider, condition: conditionProvider },\n});\n\nexport {\n // Queries / Actions\n cleanPermissionsInDatabase,\n createMany,\n deleteByIds,\n deleteByRolesIds,\n findMany,\n findUserPermissions,\n // Utils\n createPermissionsManager,\n sectionsBuilder,\n sanitizePermission,\n // Engine\n engine,\n // Providers\n actionProvider,\n conditionProvider,\n};\n","import _ from 'lodash';\nimport { uniq, startsWith, intersection } from 'lodash/fp';\nimport { contentTypes as contentTypesUtils } from '@strapi/utils';\nimport type { Modules, Struct } from '@strapi/types';\nimport { getService } from '../utils';\nimport actionDomain from '../domain/action';\nimport permissionDomain from '../domain/permission';\n\ninterface FieldOptions {\n prefix?: string; // prefix to add to the path\n nestingLevel?: number; // level of nesting to achieve\n requiredOnly?: boolean; // only returns required nestedFields\n existingFields?: string[]; // fields that are already selected, meaning that some sub-fields may be required\n restrictedSubjects?: string[]; // subjectsId to ignore\n components?: {\n // components where components attributes can be found\n [key: string]: any;\n };\n}\n\n/*\n Creates an array of paths to the fields and nested fields, without path nodes\n /\nconst getNestedFields = (\n model: Struct.ContentTypeSchema,\n {\n prefix = '',\n nestingLevel = 15,\n components = {},\n requiredOnly = false,\n existingFields = [],\n }: FieldOptions\n): string[] => {\n if (nestingLevel === 0) {\n return prefix ? [prefix] : [];\n }\n\n const nonAuthorizableFields = contentTypesUtils.getNonVisibleAttributes(model);\n\n return _.reduce(\n model.attributes,\n (fields: any, attr: any, key: any) => {\n if (nonAuthorizableFields.includes(key)) return fields;\n\n const fieldPath = prefix ? `${prefix}.${key}` : key;\n const shouldBeIncluded = !requiredOnly \|\| attr.required === true;\n const insideExistingFields = existingFields && existingFields.some(startsWith(fieldPath));\n\n if (attr.type === 'component') {\n if (shouldBeIncluded \|\| insideExistingFields) {\n const compoFields = getNestedFields(components[attr.component], {\n nestingLevel: nestingLevel - 1,\n prefix: fieldPath,\n components,\n requiredOnly,\n existingFields,\n });\n\n if (compoFields.length === 0 && shouldBeIncluded) {\n return fields.concat(fieldPath);\n }\n\n return fields.concat(compoFields);\n }\n return fields;\n }\n\n if (shouldBeIncluded) {\n return fields.concat(fieldPath);\n }\n\n return fields;\n },\n []\n );\n};\n\n/\n Creates an array of paths to the fields and nested fields, with path nodes\n /\nconst getNestedFieldsWithIntermediate = (\n model: Struct.ContentTypeSchema,\n { prefix = '', nestingLevel = 15, components = {} }: FieldOptions\n): string[] => {\n if (nestingLevel === 0) {\n return [];\n }\n\n const nonAuthorizableFields = contentTypesUtils.getNonVisibleAttributes(model);\n\n return _.reduce(\n model.attributes,\n (fields: any, attr: any, key: any) => {\n if (nonAuthorizableFields.includes(key)) return fields;\n\n const fieldPath = prefix ? `${prefix}.${key}` : key;\n fields.push(fieldPath);\n\n if (attr.type === 'component') {\n const compoFields = getNestedFieldsWithIntermediate(components[attr.component], {\n nestingLevel: nestingLevel - 1,\n prefix: fieldPath,\n components,\n });\n\n fields.push(...compoFields);\n }\n\n return fields;\n },\n []\n );\n};\n\n/\n Creates an array of permissions with the \"properties.fields\" attribute filled\n /\nconst getPermissionsWithNestedFields = (\n actions: any[],\n { nestingLevel, restrictedSubjects = [] }: FieldOptions = {}\n): Modules.Permissions.PermissionRule[] => {\n return actions.reduce((permissions, action) => {\n const validSubjects = action.subjects.filter(\n (subject: any) => !restrictedSubjects.includes(subject)\n );\n\n // Create a Permission for each subject (content-type uid) within the action\n for (const subject of validSubjects) {\n const fields = actionDomain.appliesToProperty('fields', action)\n ? getNestedFields(strapi.contentTypes[subject], {\n components: strapi.components,\n nestingLevel,\n })\n : undefined;\n\n const permission = permissionDomain.create({\n action: action.actionId,\n subject,\n properties: { fields },\n });\n\n permissions.push(permission);\n }\n\n return permissions;\n }, []);\n};\n\n/\n Cleans permissions' fields (add required ones, remove the non-existing ones)\n /\nconst cleanPermissionFields = (\n permissions: Modules.Permissions.PermissionRule[],\n { nestingLevel }: FieldOptions = {}\n): Modules.Permissions.PermissionRule[] => {\n const { actionProvider } = getService('permission');\n\n return permissions.map((permission: any) => {\n const {\n action: actionId,\n subject,\n properties: { fields },\n } = permission;\n\n const action = actionProvider.get(actionId) as any;\n\n // todo see if it's possible to check property on action + subject (async)\n if (!actionDomain.appliesToProperty('fields', action)) {\n return permissionDomain.deleteProperty('fields', permission);\n }\n\n if (!subject \|\| !strapi.contentTypes[subject]) {\n return permission;\n }\n\n const possibleFields = getNestedFieldsWithIntermediate(strapi.contentTypes[subject], {\n components: strapi.components,\n nestingLevel,\n });\n\n const requiredFields = getNestedFields(strapi.contentTypes[subject], {\n components: strapi.components,\n requiredOnly: true,\n nestingLevel,\n existingFields: fields,\n });\n\n // @ts-expect-error lodash types\n const badNestedFields = uniq([...intersection(fields, possibleFields), ...requiredFields]);\n\n const newFields = badNestedFields.filter(\n (field) => !badNestedFields.some(startsWith(`${field}.`))\n );\n\n return permissionDomain.setProperty('fields', newFields, permission);\n }, []);\n};\n\nexport {\n getNestedFields,\n getPermissionsWithNestedFields,\n cleanPermissionFields,\n getNestedFieldsWithIntermediate,\n};\n","import { isString } from 'lodash/fp';\nimport { getService } from '../utils';\n\nconst isValidCondition = (condition: unknown) => {\n const { conditionProvider } = getService('permission');\n\n return isString(condition) && conditionProvider.has(condition);\n};\n\nexport { isValidCondition };\n","import { isNil } from 'lodash/fp';\nimport { errors } from '@strapi/utils';\nimport { getService } from '../utils';\nimport constants from './constants';\nimport type { AdminRole } from '../../../shared/contracts/shared';\n\nconst { AUTHOR_CODE, PUBLISH_ACTION } = constants;\n\nconst { NotFoundError } = errors;\n// TODO: move actionProvider here instead of in the permission service\n\n/\n Returns actions available for a role.\n * @param {string\|number} roleId\n * @returns {object[]}\n /\nconst getAllowedActionsForRole = async (roleId?: string) => {\n const { actionProvider } = getService('permission');\n\n if (!isNil(roleId)) {\n const role: AdminRole = await getService('role').findOne({ id: roleId });\n\n if (!role) {\n throw new NotFoundError('role.notFound');\n }\n\n if (role.code === AUTHOR_CODE) {\n return actionProvider.values().filter(({ actionId }: any) => actionId !== PUBLISH_ACTION);\n }\n }\n\n return actionProvider.values();\n};\n\nexport { getAllowedActionsForRole };\n","import crypto from 'crypto';\nimport { omit, difference, isNil, isEmpty, map, isArray, uniq, isNumber } from 'lodash/fp';\nimport { errors } from '@strapi/utils';\nimport type { Update, ApiToken, ApiTokenBody } from '../../../shared/contracts/api-token';\nimport constants from './constants';\n\nconst { ValidationError, NotFoundError } = errors;\n\ntype ApiTokenPermission = {\n id: number \| `${number}`;\n action: string;\n token: DBApiToken \| number;\n};\n\ntype DBApiToken = ApiToken & {\n permissions: (number \| ApiTokenPermission)[];\n};\n\nconst SELECT_FIELDS = [\n 'id',\n 'name',\n 'description',\n 'lastUsedAt',\n 'type',\n 'lifespan',\n 'expiresAt',\n 'createdAt',\n 'updatedAt',\n];\n\nconst POPULATE_FIELDS = ['permissions'];\n\n// TODO: we need to ensure the permissions are actually valid registered permissions!\n\n/\n Assert that a token's permissions attribute is valid for its type\n /\nconst assertCustomTokenPermissionsValidity = (\n type: ApiTokenBody['type'],\n permissions: ApiTokenBody['permissions']\n) => {\n // Ensure non-custom tokens doesn't have permissions\n if (type !== constants.API_TOKEN_TYPE.CUSTOM && !isEmpty(permissions)) {\n throw new ValidationError('Non-custom tokens should not reference permissions');\n }\n\n // Custom type tokens should always have permissions attached to them\n if (type === constants.API_TOKEN_TYPE.CUSTOM && !isArray(permissions)) {\n throw new ValidationError('Missing permissions attribute for custom token');\n }\n\n // Permissions provided for a custom type token should be valid/registered permissions UID\n if (type === constants.API_TOKEN_TYPE.CUSTOM) {\n const validPermissions = strapi.contentAPI.permissions.providers.action.keys();\n const invalidPermissions = difference(permissions, validPermissions) as string[];\n\n if (!isEmpty(invalidPermissions)) {\n throw new ValidationError(`Unknown permissions provided: ${invalidPermissions.join(', ')}`);\n }\n }\n};\n\n/\n Check if a token's lifespan is valid\n /\nconst isValidLifespan = (lifespan: unknown) => {\n if (isNil(lifespan)) {\n return true;\n }\n\n if (!isNumber(lifespan) \|\| !Object.values(constants.API_TOKEN_LIFESPANS).includes(lifespan)) {\n return false;\n }\n\n return true;\n};\n\n/\n Assert that a token's lifespan is valid\n /\nconst assertValidLifespan = (lifespan: unknown) => {\n if (!isValidLifespan(lifespan)) {\n throw new ValidationError(\n `lifespan must be one of the following values:\n ${Object.values(constants.API_TOKEN_LIFESPANS).join(', ')}`\n );\n }\n};\n\n/\n Flatten a token's database permissions objects to an array of strings\n /\nconst flattenTokenPermissions = (token: DBApiToken): ApiToken => {\n if (!token) {\n return token;\n }\n\n return {\n ...token,\n permissions: isArray(token.permissions) ? map('action', token.permissions) : token.permissions,\n };\n};\n\ntype WhereParams = {\n id?: string \| number;\n name?: string;\n lastUsedAt?: number;\n description?: string;\n accessKey?: string;\n};\n\n/\n Get a token\n /\nconst getBy = async (whereParams: WhereParams = {}): Promise<ApiToken \| null> => {\n if (Object.keys(whereParams).length === 0) {\n return null;\n }\n\n const token = await strapi.db\n .query('admin::api-token')\n .findOne({ select: SELECT_FIELDS, populate: POPULATE_FIELDS, where: whereParams });\n\n if (!token) {\n return token;\n }\n\n return flattenTokenPermissions(token);\n};\n\n/\n Check if token exists\n /\nconst exists = async (whereParams: WhereParams = {}): Promise<boolean> => {\n const apiToken = await getBy(whereParams);\n\n return !!apiToken;\n};\n\n/\n Return a secure sha512 hash of an accessKey\n /\nconst hash = (accessKey: string) => {\n return crypto\n .createHmac('sha512', strapi.config.get('admin.apiToken.salt'))\n .update(accessKey)\n .digest('hex');\n};\n\nconst getExpirationFields = (lifespan: ApiTokenBody['lifespan']) => {\n // it must be nil or a finite number >= 0\n const isValidNumber = isNumber(lifespan) && Number.isFinite(lifespan) && lifespan > 0;\n if (!isValidNumber && !isNil(lifespan)) {\n throw new ValidationError('lifespan must be a positive number or null');\n }\n\n return {\n lifespan: lifespan \|\| null,\n expiresAt: lifespan ? Date.now() + lifespan : null,\n };\n};\n\n/\n Create a token and its permissions\n /\nconst create = async (attributes: ApiTokenBody): Promise<ApiToken> => {\n const accessKey = crypto.randomBytes(128).toString('hex');\n\n assertCustomTokenPermissionsValidity(attributes.type, attributes.permissions);\n assertValidLifespan(attributes.lifespan);\n\n // Create the token\n const apiToken: ApiToken = await strapi.db.query('admin::api-token').create({\n select: SELECT_FIELDS,\n populate: POPULATE_FIELDS,\n data: {\n ...omit('permissions', attributes),\n accessKey: hash(accessKey),\n ...getExpirationFields(attributes.lifespan),\n },\n });\n\n const result: ApiToken = { ...apiToken, accessKey };\n\n // If this is a custom type token, create and the related permissions\n if (attributes.type === constants.API_TOKEN_TYPE.CUSTOM) {\n // TODO: createMany doesn't seem to create relation properly, implement a better way rather than a ton of queries\n // const permissionsCount = await strapi.db.query('admin::api-token-permission').createMany({\n // populate: POPULATE_FIELDS,\n // data: attributes.permissions.map(action => ({ action, token: apiToken })),\n // });\n await Promise.all(\n uniq(attributes.permissions).map((action) =>\n strapi.db.query('admin::api-token-permission').create({\n data: { action, token: apiToken },\n })\n )\n );\n\n const currentPermissions = await strapi.db\n .query('admin::api-token')\n .load(apiToken, 'permissions');\n\n if (currentPermissions) {\n Object.assign(result, { permissions: map('action', currentPermissions) });\n }\n }\n\n return result;\n};\n\nconst regenerate = async (id: string \| number): Promise<ApiToken> => {\n const accessKey = crypto.randomBytes(128).toString('hex');\n\n const apiToken: ApiToken = await strapi.db.query('admin::api-token').update({\n select: ['id', 'accessKey'],\n where: { id },\n data: {\n accessKey: hash(accessKey),\n },\n });\n\n if (!apiToken) {\n throw new NotFoundError('The provided token id does not exist');\n }\n\n return {\n ...apiToken,\n accessKey,\n };\n};\n\nconst checkSaltIsDefined = () => {\n if (!strapi.config.get('admin.apiToken.salt')) {\n // TODO V5: stop reading API_TOKEN_SALT\n if (process.env.API_TOKEN_SALT) {\n process.emitWarning(`[deprecated] In future versions, Strapi will stop reading directly from the environment variable API_TOKEN_SALT. Please set apiToken.salt in config/admin.js instead.\nFor security reasons, keep storing the secret in an environment variable and use env() to read it in config/admin.js (ex: \\`apiToken: { salt: env('API_TOKEN_SALT') }\\`). See https://docs.strapi.io/developer-docs/latest/setup-deployment-guides/configurations/optional/environment.html#configuration-using-environment-variables.`);\n\n strapi.config.set('admin.apiToken.salt', process.env.API_TOKEN_SALT);\n } else {\n throw new Error(\n `Missing apiToken.salt. Please set apiToken.salt in config/admin.js (ex: you can generate one using Node with \\`crypto.randomBytes(16).toString('base64')\\`).\nFor security reasons, prefer storing the secret in an environment variable and read it in config/admin.js. See https://docs.strapi.io/developer-docs/latest/setup-deployment-guides/configurations/optional/environment.html#configuration-using-environment-variables.`\n );\n }\n }\n};\n\n/\n Return a list of all tokens and their permissions\n /\nconst list = async (): Promise<Array<ApiToken>> => {\n const tokens: Array<DBApiToken> = await strapi.db.query('admin::api-token').findMany({\n select: SELECT_FIELDS,\n populate: POPULATE_FIELDS,\n orderBy: { name: 'ASC' },\n });\n\n if (!tokens) {\n return tokens;\n }\n\n return tokens.map((token) => flattenTokenPermissions(token));\n};\n\n/\n Revoke (delete) a token\n /\nconst revoke = async (id: string \| number): Promise<ApiToken> => {\n return strapi.db\n .query('admin::api-token')\n .delete({ select: SELECT_FIELDS, populate: POPULATE_FIELDS, where: { id } });\n};\n\n/\n Retrieve a token by id\n /\nconst getById = async (id: string \| number) => {\n return getBy({ id });\n};\n\n/\n Retrieve a token by name\n /\nconst getByName = async (name: string) => {\n return getBy({ name });\n};\n\n/\n Update a token and its permissions\n /\nconst update = async (\n id: string \| number,\n attributes: Update.Request['body']\n): Promise<ApiToken> => {\n // retrieve token without permissions\n const originalToken: DBApiToken = await strapi.db\n .query('admin::api-token')\n .findOne({ where: { id } });\n\n if (!originalToken) {\n throw new NotFoundError('Token not found');\n }\n\n const changingTypeToCustom =\n attributes.type === constants.API_TOKEN_TYPE.CUSTOM &&\n originalToken.type !== constants.API_TOKEN_TYPE.CUSTOM;\n\n // if we're updating the permissions on any token type, or changing from non-custom to custom, ensure they're still valid\n // if neither type nor permissions are changing, we don't need to validate again or else we can't allow partial update\n if (attributes.permissions \|\| changingTypeToCustom) {\n assertCustomTokenPermissionsValidity(\n attributes.type \|\| originalToken.type,\n attributes.permissions \|\| originalToken.permissions\n );\n }\n\n assertValidLifespan(attributes.lifespan);\n\n const updatedToken: ApiToken = await strapi.db.query('admin::api-token').update({\n select: SELECT_FIELDS,\n where: { id },\n data: omit('permissions', attributes),\n });\n\n // custom tokens need to have their permissions updated as well\n if (updatedToken.type === constants.API_TOKEN_TYPE.CUSTOM && attributes.permissions) {\n const currentPermissionsResult = await strapi.db\n .query('admin::api-token')\n .load(updatedToken, 'permissions');\n\n const currentPermissions = map('action', currentPermissionsResult \|\| []);\n const newPermissions = uniq(attributes.permissions);\n\n const actionsToDelete = difference(currentPermissions, newPermissions);\n const actionsToAdd = difference(newPermissions, currentPermissions);\n\n // TODO: improve efficiency here\n // method using a loop -- works but very inefficient\n await Promise.all(\n actionsToDelete.map((action) =>\n strapi.db.query('admin::api-token-permission').delete({\n where: { action, token: id },\n })\n )\n );\n\n // TODO: improve efficiency here\n // using a loop -- works but very inefficient\n await Promise.all(\n actionsToAdd.map((action) =>\n strapi.db.query('admin::api-token-permission').create({\n data: { action, token: id },\n })\n )\n );\n }\n // if type is not custom, make sure any old permissions get removed\n else if (updatedToken.type !== constants.API_TOKEN_TYPE.CUSTOM) {\n await strapi.db.query('admin::api-token-permission').delete({\n where: { token: id },\n });\n }\n\n // retrieve permissions\n const permissionsFromDb = await strapi.db\n .query('admin::api-token')\n .load(updatedToken, 'permissions');\n\n return {\n ...updatedToken,\n permissions: permissionsFromDb ? permissionsFromDb.map((p: any) => p.action) : undefined,\n };\n};\n\nexport {\n create,\n regenerate,\n exists,\n checkSaltIsDefined,\n hash,\n list,\n revoke,\n getById,\n update,\n getByName,\n getBy,\n};\n","import permissions from '@strapi/permissions';\nimport { providerFactory } from '@strapi/utils';\n\nconst DEFAULT_TRANSFER_ACTIONS = ['push', 'pull'];\n\nconst providers = {\n action: providerFactory(),\n condition: providerFactory(),\n};\n\nDEFAULT_TRANSFER_ACTIONS.forEach((action) => {\n providers.action.register(action, { action });\n});\n\nconst engine = permissions.engine.new({ providers });\n\nexport { engine, providers };\n","import crypto from 'crypto';\nimport assert from 'assert';\nimport { map, isArray, omit, uniq, isNil, difference, isEmpty, isNumber } from 'lodash/fp';\nimport { errors } from '@strapi/utils';\nimport '@strapi/types';\nimport constants from '../constants';\nimport { getService } from '../../utils';\nimport {\n DatabaseTransferToken,\n SanitizedTransferToken,\n TokenCreatePayload,\n TokenUpdatePayload,\n TransferToken,\n TransferTokenPermission,\n} from '../../../../shared/contracts/transfer';\n\nconst { ValidationError, NotFoundError } = errors;\n\nconst TRANSFER_TOKEN_UID = 'admin::transfer-token';\nconst TRANSFER_TOKEN_PERMISSION_UID = 'admin::transfer-token-permission';\n\nconst SELECT_FIELDS = [\n 'id',\n 'name',\n 'description',\n 'lastUsedAt',\n 'lifespan',\n 'expiresAt',\n 'createdAt',\n 'updatedAt',\n] as const;\n\nconst POPULATE_FIELDS = ['permissions'] as const;\n\n/\n Return a list of all tokens and their permissions\n /\nconst list = async (): Promise<SanitizedTransferToken[]> => {\n const tokens: DatabaseTransferToken[] = await strapi.db.query(TRANSFER_TOKEN_UID).findMany({\n select: SELECT_FIELDS,\n populate: POPULATE_FIELDS,\n orderBy: { name: 'ASC' },\n });\n\n if (!tokens) return tokens;\n return tokens.map((token) => flattenTokenPermissions(token));\n};\n\n/\n Create a random token's access key\n /\nconst generateRandomAccessKey = (): string => crypto.randomBytes(128).toString('hex');\n\n/\n Validate the given access key's format and returns it if valid\n /\nconst validateAccessKey = (accessKey: string): string => {\n assert(typeof accessKey === 'string', 'Access key needs to be a string');\n assert(accessKey.length >= 15, 'Access key needs to have at least 15 characters');\n\n return accessKey;\n};\n\nexport const hasAccessKey = <T extends { accessKey?: string }>(\n attributes: T\n): attributes is T & { accessKey: string } => {\n return 'accessKey' in attributes;\n};\n\n/\n Create a token and its permissions\n /\nconst create = async (attributes: TokenCreatePayload): Promise<TransferToken> => {\n const accessKey = hasAccessKey(attributes)\n ? validateAccessKey(attributes.accessKey)\n : generateRandomAccessKey();\n\n // Make sure the access key isn't picked up directly from the attributes for the next steps\n delete attributes.accessKey;\n\n assertTokenPermissionsValidity(attributes);\n assertValidLifespan(attributes.lifespan);\n\n const result = (await strapi.db.transaction(async () => {\n const transferToken = await strapi.db.query(TRANSFER_TOKEN_UID).create({\n select: SELECT_FIELDS,\n populate: POPULATE_FIELDS,\n data: {\n ...omit('permissions', attributes),\n accessKey: hash(accessKey),\n ...getExpirationFields(attributes.lifespan),\n },\n });\n\n await Promise.all(\n uniq(attributes.permissions).map((action) =>\n strapi.db\n .query(TRANSFER_TOKEN_PERMISSION_UID)\n .create({ data: { action, token: transferToken } })\n )\n );\n\n const currentPermissions: TransferTokenPermission[] = await strapi.db\n .query(TRANSFER_TOKEN_UID)\n .load(transferToken, 'permissions');\n\n if (currentPermissions) {\n Object.assign(transferToken, { permissions: map('action', currentPermissions) });\n }\n\n return transferToken;\n })) as TransferToken;\n\n return { ...result, accessKey };\n};\n\n/\n Update a token and its permissions\n /\nconst update = async (\n id: string \| number,\n attributes: TokenUpdatePayload\n): Promise<SanitizedTransferToken> => {\n // retrieve token without permissions\n const originalToken = await strapi.db.query(TRANSFER_TOKEN_UID).findOne({ where: { id } });\n\n if (!originalToken) {\n throw new NotFoundError('Token not found');\n }\n\n assertTokenPermissionsValidity(attributes);\n assertValidLifespan(attributes.lifespan);\n\n return strapi.db.transaction(async () => {\n const updatedToken = await strapi.db.query(TRANSFER_TOKEN_UID).update({\n select: SELECT_FIELDS,\n where: { id },\n data: {\n ...omit('permissions', attributes),\n },\n });\n\n if (attributes.permissions) {\n const currentPermissionsResult = await strapi.db\n .query(TRANSFER_TOKEN_UID)\n .load(updatedToken, 'permissions');\n\n const currentPermissions = map('action', currentPermissionsResult \|\| []);\n const newPermissions = uniq(attributes.permissions);\n\n const actionsToDelete = difference(currentPermissions, newPermissions);\n const actionsToAdd = difference(newPermissions, currentPermissions);\n\n // TODO: improve efficiency here\n // method using a loop -- works but very inefficient\n await Promise.all(\n actionsToDelete.map((action) =>\n strapi.db.query(TRANSFER_TOKEN_PERMISSION_UID).delete({\n where: { action, token: id },\n })\n )\n );\n\n // TODO: improve efficiency here\n // using a loop -- works but very inefficient\n await Promise.all(\n actionsToAdd.map((action) =>\n strapi.db.query(TRANSFER_TOKEN_PERMISSION_UID).create({\n data: { action, token: id },\n })\n )\n );\n }\n\n // retrieve permissions\n const permissionsFromDb: TransferTokenPermission[] = await strapi.db\n .query(TRANSFER_TOKEN_UID)\n .load(updatedToken, 'permissions');\n\n return {\n ...updatedToken,\n permissions: permissionsFromDb ? permissionsFromDb.map((p) => p.action) : undefined,\n };\n }) as unknown as Promise<SanitizedTransferToken>;\n};\n\n/\n Revoke (delete) a token\n /\nconst revoke = async (id: string \| number): Promise<SanitizedTransferToken> => {\n return strapi.db.transaction(async () =>\n strapi.db\n .query(TRANSFER_TOKEN_UID)\n .delete({ select: SELECT_FIELDS, populate: POPULATE_FIELDS, where: { id } })\n ) as unknown as Promise<SanitizedTransferToken>;\n};\n\n/\n Get a token\n /\nconst getBy = async (\n whereParams = {} as {\n id?: string \| number;\n name?: string;\n lastUsedAt?: number;\n description?: string;\n accessKey?: string;\n }\n): Promise<SanitizedTransferToken \| null> => {\n if (Object.keys(whereParams).length === 0) {\n return null;\n }\n\n const token = await strapi.db\n .query(TRANSFER_TOKEN_UID)\n .findOne({ select: SELECT_FIELDS, populate: POPULATE_FIELDS, where: whereParams });\n\n if (!token) {\n return token;\n }\n\n return flattenTokenPermissions(token);\n};\n\n/\n Retrieve a token by id\n /\nconst getById = async (id: string \| number): Promise<SanitizedTransferToken \| null> => {\n return getBy({ id });\n};\n\n/\n Retrieve a token by name\n /\nconst getByName = async (name: string): Promise<SanitizedTransferToken \| null> => {\n return getBy({ name });\n};\n\n/\n Check if token exists\n /\nconst exists = async (\n whereParams = {} as {\n id?: string \| number;\n name?: string;\n lastUsedAt?: number;\n description?: string;\n accessKey?: string;\n }\n): Promise<boolean> => {\n const transferToken = await getBy(whereParams);\n\n return !!transferToken;\n};\n\nconst regenerate = async (id: string \| number): Promise<TransferToken> => {\n const accessKey = crypto.randomBytes(128).toString('hex');\n const transferToken = (await strapi.db.transaction(async () =>\n strapi.db.query(TRANSFER_TOKEN_UID).update({\n select: ['id', 'accessKey'],\n where: { id },\n data: {\n accessKey: hash(accessKey),\n },\n })\n )) as Promise<TransferToken>;\n\n if (!transferToken) {\n throw new NotFoundError('The provided token id does not exist');\n }\n\n return {\n ...transferToken,\n accessKey,\n };\n};\n\nconst getExpirationFields = (lifespan: TransferToken['lifespan']) => {\n // it must be nil or a finite number >= 0\n const isValidNumber = isNumber(lifespan) && Number.isFinite(lifespan) && lifespan > 0;\n if (!isValidNumber && !isNil(lifespan)) {\n throw new ValidationError('lifespan must be a positive number or null');\n }\n\n return {\n lifespan: lifespan \|\| null,\n expiresAt: lifespan ? Date.now() + lifespan : null,\n };\n};\n\n/\n Return a secure sha512 hash of an accessKey\n /\nconst hash = (accessKey: string): string => {\n const { hasValidTokenSalt } = getService('transfer').utils;\n\n if (!hasValidTokenSalt()) {\n throw new TypeError('Required token salt is not defined');\n }\n\n return crypto\n .createHmac('sha512', strapi.config.get('admin.transfer.token.salt'))\n .update(accessKey)\n .digest('hex');\n};\n\nconst checkSaltIsDefined = () => {\n const { hasValidTokenSalt } = getService('transfer').utils;\n\n // Ignore the check if the data-transfer feature is manually disabled\n if (!strapi.config.get('server.transfer.remote.enabled')) {\n return;\n }\n\n if (!hasValidTokenSalt()) {\n process.emitWarning(\n `Missing transfer.token.salt: Data transfer features have been disabled.\nPlease set transfer.token.salt in config/admin.js (ex: you can generate one using Node with \\`crypto.randomBytes(16).toString('base64')\\`)\nFor security reasons, prefer storing the secret in an environment variable and read it in config/admin.js. See https://docs.strapi.io/developer-docs/latest/setup-deployment-guides/configurations/optional/environment.html#configuration-using-environment-variables.`\n );\n }\n};\n\n/\n Flatten a token's database permissions objects to an array of strings\n /\nconst flattenTokenPermissions = (token: DatabaseTransferToken): TransferToken => {\n if (!token) {\n return token;\n }\n\n return {\n ...token,\n permissions: isArray(token.permissions)\n ? map('action', token.permissions as TransferTokenPermission[])\n : token.permissions,\n };\n};\n\n/\n Assert that a token's permissions are valid\n /\nconst assertTokenPermissionsValidity = (attributes: TokenUpdatePayload) => {\n const permissionService = strapi.service('admin::transfer').permission;\n const validPermissions = permissionService.providers.action.keys();\n const invalidPermissions = difference(attributes.permissions, validPermissions);\n\n if (!isEmpty(invalidPermissions)) {\n throw new ValidationError(`Unknown permissions provided: ${invalidPermissions.join(', ')}`);\n }\n};\n\n/\n Check if a token's lifespan is valid\n /\nconst isValidLifespan = (lifespan: unknown) => {\n if (isNil(lifespan)) {\n return true;\n }\n\n if (\n !isNumber(lifespan) \|\|\n !Object.values(constants.TRANSFER_TOKEN_LIFESPANS).includes(lifespan)\n ) {\n return false;\n }\n\n return true;\n};\n\n/\n Assert that a token's lifespan is valid\n /\nconst assertValidLifespan = (lifespan: unknown) => {\n if (!isValidLifespan(lifespan)) {\n throw new ValidationError(\n `lifespan must be one of the following values:\n ${Object.values(constants.TRANSFER_TOKEN_LIFESPANS).join(', ')}`\n );\n }\n};\n\nexport {\n create,\n list,\n exists,\n getBy,\n getById,\n getByName,\n update,\n revoke,\n regenerate,\n hash,\n checkSaltIsDefined,\n};\n","import { env } from '@strapi/utils';\nimport { getService } from '../../utils';\n\n/\n A valid transfer token salt must be a non-empty string defined in the Strapi config\n /\nconst hasValidTokenSalt = (): boolean => {\n const salt = strapi.config.get('admin.transfer.token.salt', null) as string \| null;\n\n return typeof salt === 'string' && salt.length > 0;\n};\n\n/\n Checks whether data transfer features are enabled\n /\nconst isRemoteTransferEnabled = (): boolean => {\n const { utils } = getService('transfer');\n\n // TODO v6: Remove this warning\n if (env.bool('STRAPI_DISABLE_REMOTE_DATA_TRANSFER') !== undefined) {\n strapi.log.warn(\n 'STRAPI_DISABLE_REMOTE_DATA_TRANSFER is no longer supported. Instead, set transfer.remote.enabled to false in your server configuration'\n );\n }\n\n return utils.hasValidTokenSalt() && strapi.config.get('server.transfer.remote.enabled');\n};\n\nexport { isRemoteTransferEnabled, hasValidTokenSalt };\n","import fs from 'fs';\nimport { pick } from 'lodash';\nimport { GetProjectSettings, UpdateProjectSettings } from '../../../shared/contracts/admin';\n\nconst PROJECT_SETTINGS_FILE_INPUTS = ['menuLogo', 'authLogo'] as const;\n\ninterface UploadFile {\n name: string;\n path: string;\n type: string;\n size: number;\n stream: fs.ReadStream;\n tmpPath: string;\n hash: string;\n url: string;\n width: number;\n height: number;\n ext: string;\n provider: unknown;\n}\n\ntype FormattedFiles = Partial<\n Record<keyof UpdateProjectSettings.Request['files'], Partial<UploadFile>>\n>;\n\nconst parseFilesData = async (files: UpdateProjectSettings.Request['files']) => {\n const formatedFilesData: FormattedFiles = {};\n\n await Promise.all(\n PROJECT_SETTINGS_FILE_INPUTS.map(async (inputName) => {\n const file = files[inputName];\n\n // Skip empty file inputs\n if (!file) {\n return;\n }\n\n const getStream = () => fs.createReadStream(file.filepath);\n\n // Add formated data for the upload provider\n formatedFilesData[inputName] = await strapi\n .plugin('upload')\n .service('upload')\n .formatFileInfo({\n filename: file.originalFilename,\n type: file.mimetype,\n size: file.size,\n });\n\n // Add image dimensions\n Object.assign(\n formatedFilesData[inputName]!,\n await strapi.plugin('upload').service('image-manipulation').getDimensions({ getStream })\n );\n\n // Add file path, and stream\n Object.assign(formatedFilesData[inputName]!, {\n stream: getStream(),\n tmpPath: file.filepath,\n // TODO\n // @ts-expect-error define the correct return type\n provider: strapi.config.get('plugin::upload').provider,\n });\n })\n );\n\n return formatedFilesData;\n};\n\nconst getProjectSettings = async (): Promise<GetProjectSettings.Response> => {\n const store = strapi.store({ type: 'core', name: 'admin' });\n\n // Returns an object with file inputs names as key and null as value\n const defaultProjectSettings = PROJECT_SETTINGS_FILE_INPUTS.reduce((prev: any, cur: any) => {\n prev[cur] = null;\n return prev;\n }, {});\n\n const projectSettings = {\n ...defaultProjectSettings,\n // @ts-expect-error spread can be applied to return value\n ...(await store.get({ key: 'project-settings' })),\n };\n\n // Filter file input fields\n PROJECT_SETTINGS_FILE_INPUTS.forEach((inputName) => {\n if (!projectSettings[inputName]) {\n return;\n }\n\n projectSettings[inputName] = pick(projectSettings[inputName], [\n 'name',\n 'url',\n 'width',\n 'height',\n 'ext',\n 'size',\n ]);\n });\n\n return projectSettings;\n};\n\nconst uploadFiles = async (files: LogoFiles = {}) => {\n // Call the provider upload function for each file\n return Promise.all(\n Object.values(files)\n .filter((file) => file?.stream instanceof fs.ReadStream)\n .map((file) => strapi.plugin('upload').provider.uploadStream(file))\n );\n};\n\nconst deleteOldFiles = async ({ previousSettings, newSettings }: any) => {\n return Promise.all(\n PROJECT_SETTINGS_FILE_INPUTS.map(async (inputName) => {\n // Skip if the store doesn't contain project settings\n if (!previousSettings) {\n return;\n }\n\n // Skip if there was no previous file\n if (!previousSettings[inputName]) {\n return;\n }\n\n // Skip if the file was not changed\n if (\n newSettings[inputName] &&\n previousSettings[inputName].hash === newSettings[inputName].hash\n ) {\n return;\n }\n\n // Skip if the file was not uploaded with the current provider\n // TODO\n // @ts-expect-error define the correct return type\n if (strapi.config.get('plugin::upload').provider !== previousSettings[inputName].provider) {\n return;\n }\n\n // There was a previous file and an new file was uploaded\n // Remove the previous file\n strapi.plugin('upload').provider.delete(previousSettings[inputName]);\n })\n );\n};\n\ntype LogoFiles = { [K in keyof FormattedFiles]: FormattedFiles[K] \| null };\n\nconst updateProjectSettings = async (\n newSettings: Omit<UpdateProjectSettings.Request['body'], 'menuLogo' \| 'authLogo'> & LogoFiles\n) => {\n const store = strapi.store({ type: 'core', name: 'admin' });\n const previousSettings = (await store.get({ key: 'project-settings' })) as any;\n const files = pick(newSettings, PROJECT_SETTINGS_FILE_INPUTS);\n\n await uploadFiles(files);\n\n PROJECT_SETTINGS_FILE_INPUTS.forEach((inputName) => {\n // If the user input exists but is not a formdata \"file\" remove it\n if (newSettings[inputName] !== undefined && !(typeof newSettings[inputName] === 'object')) {\n newSettings[inputName] = null;\n return;\n }\n\n // If the user input is undefined reuse previous setting (do not update field)\n if (!newSettings[inputName] && previousSettings) {\n newSettings[inputName] = previousSettings[inputName];\n return;\n }\n\n // Update the file\n newSettings[inputName] = pick(newSettings[inputName], [\n 'name',\n 'hash',\n 'url',\n 'width',\n 'height',\n 'ext',\n 'size',\n 'provider',\n ]);\n });\n\n // No await to proceed asynchronously\n deleteOldFiles({ previousSettings, newSettings });\n\n await store.set({\n key: 'project-settings',\n value: { ...previousSettings, ...newSettings },\n });\n\n return getProjectSettings();\n};\n\nexport { deleteOldFiles, parseFilesData, getProjectSettings, updateProjectSettings };\n","// NOTE: Make sure to use default export for services overwritten in EE\nimport auth from './auth';\nimport user from './user';\nimport role from './role';\nimport passport from './passport';\nimport metrics from './metrics';\nimport as token from './token';\nimport * as permission from './permission';\nimport * as contentType from './content-type';\nimport * as constants from './constants';\nimport * as condition from './condition';\nimport * as action from './action';\nimport * as apiToken from './api-token';\nimport * as transfer from './transfer';\nimport * as projectSettings from './project-settings';\n\n// TODO: TS - Export services one by one as this export is cjs\nexport default {\n auth,\n user,\n role,\n passport,\n token,\n permission,\n metrics,\n 'content-type': contentType,\n constants,\n condition,\n action,\n 'api-token': apiToken,\n transfer,\n 'project-settings': projectSettings,\n};\n","import { z } from 'zod';\nimport { validateZod } from '@strapi/utils';\n\nconst MAX_IMAGE_WIDTH = 750;\nconst MAX_IMAGE_HEIGHT = MAX_IMAGE_WIDTH;\nconst MAX_IMAGE_FILE_SIZE = 1024 * 1024; // 1Mo\n\nconst updateProjectSettings = z\n .object({\n menuLogo: z.string().nullish(),\n authLogo: z.string().nullish(),\n })\n .strict();\n\nconst updateProjectSettingsLogo = z.object({\n originalFilename: z.string().nullish(),\n mimetype: z.enum(['image/jpeg', 'image/png', 'image/svg+xml']),\n size: z.number().max(MAX_IMAGE_FILE_SIZE).nullish(),\n});\n\nconst updateProjectSettingsFiles = z\n .object({\n menuLogo: updateProjectSettingsLogo.nullish(),\n authLogo: updateProjectSettingsLogo.nullish(),\n })\n .strict();\n\nconst logoDimensions = z.object({\n width: z.number().max(MAX_IMAGE_WIDTH).nullish(),\n height: z.number().max(MAX_IMAGE_HEIGHT).nullish(),\n});\n\nconst updateProjectSettingsImagesDimensions = z\n .object({\n menuLogo: logoDimensions.nullish(),\n authLogo: logoDimensions.nullish(),\n })\n .strict();\n\nexport const validateUpdateProjectSettings = validateZod(updateProjectSettings);\nexport const validateUpdateProjectSettingsFiles = validateZod(updateProjectSettingsFiles);\nexport const validateUpdateProjectSettingsImagesDimensions = validateZod(\n updateProjectSettingsImagesDimensions\n);\n\nexport default {\n validateUpdateProjectSettings,\n validateUpdateProjectSettingsFiles,\n validateUpdateProjectSettingsImagesDimensions,\n};\n","import type { Context } from 'koa';\n\nimport path from 'path';\n\nimport { map, values, sumBy, pipe, flatMap, propEq } from 'lodash/fp';\nimport _ from 'lodash';\nimport { exists } from 'fs-extra';\nimport '@strapi/types';\nimport { env } from '@strapi/utils';\nimport tsUtils from '@strapi/typescript-utils';\nimport {\n validateUpdateProjectSettings,\n validateUpdateProjectSettingsFiles,\n validateUpdateProjectSettingsImagesDimensions,\n} from '../validation/project-settings';\nimport { getService } from '../utils';\n\nimport type {\n Init,\n GetProjectSettings,\n Information,\n Plugins,\n TelemetryProperties,\n UpdateProjectSettings,\n} from '../../../shared/contracts/admin';\n\nconst { isUsingTypeScript } = tsUtils;\n\n/*\n A set of functions called \"actions\" for `Admin`\n /\nexport default {\n // TODO very temporary to check the switch ee/ce\n // When removing this we need to update the /admin/src/index.js file\n // whe,re we set the strapi.window.isEE value\n\n // NOTE: admin/ee/server overrides this controller, and adds the EE features\n // This returns an empty feature list for CE\n async getProjectType() {\n const flags = strapi.config.get('admin.flags', {});\n return { data: { isEE: false, features: [], flags } };\n },\n\n async init() {\n let uuid = strapi.config.get('uuid', false);\n const hasAdmin = await getService('user').exists();\n const { menuLogo, authLogo } = await getService('project-settings').getProjectSettings();\n // set to null if telemetryDisabled flag not avaialble in package.json\n const telemetryDisabled: boolean \| null = strapi.config.get(\n 'packageJsonStrapi.telemetryDisabled',\n null\n );\n\n if (telemetryDisabled !== null && telemetryDisabled === true) {\n uuid = false;\n }\n\n return {\n data: {\n uuid,\n hasAdmin,\n menuLogo: menuLogo ? menuLogo.url : null,\n authLogo: authLogo ? authLogo.url : null,\n },\n } satisfies Init.Response;\n },\n\n async getProjectSettings() {\n return getService(\n 'project-settings'\n ).getProjectSettings() satisfies Promise<GetProjectSettings.Response>;\n },\n\n async updateProjectSettings(ctx: Context) {\n const {\n request: { files, body },\n } = ctx as { request: UpdateProjectSettings.Request };\n\n const projectSettingsService = getService('project-settings');\n\n await validateUpdateProjectSettings(body);\n await validateUpdateProjectSettingsFiles(files);\n\n const formatedFiles = await projectSettingsService.parseFilesData(files);\n await validateUpdateProjectSettingsImagesDimensions(formatedFiles);\n\n return projectSettingsService.updateProjectSettings({\n ...body,\n ...formatedFiles,\n }) satisfies Promise<UpdateProjectSettings.Response>;\n },\n\n async telemetryProperties(ctx: Context) {\n // If the telemetry is disabled, ignore the request and return early\n if (strapi.telemetry.isDisabled) {\n ctx.status = 204;\n return;\n }\n\n const useTypescriptOnServer = await isUsingTypeScript(strapi.dirs.app.root);\n const useTypescriptOnAdmin = await isUsingTypeScript(\n path.join(strapi.dirs.app.root, 'src', 'admin')\n );\n const isHostedOnStrapiCloud = env('STRAPI_HOSTING', null) === 'strapi.cloud';\n\n const numberOfAllContentTypes = _.size(strapi.contentTypes);\n const numberOfComponents = _.size(strapi.components);\n\n const getNumberOfDynamicZones = () => {\n return pipe(\n map('attributes'),\n flatMap(values),\n // @ts-expect-error lodash types\n sumBy(propEq('type', 'dynamiczone'))\n )(strapi.contentTypes as any);\n };\n\n return {\n data: {\n useTypescriptOnServer,\n useTypescriptOnAdmin,\n isHostedOnStrapiCloud,\n numberOfAllContentTypes, // TODO: V5: This event should be renamed numberOfContentTypes in V5 as the name is already taken to describe the number of content types using i18n.\n numberOfComponents,\n numberOfDynamicZones: getNumberOfDynamicZones(),\n },\n } satisfies TelemetryProperties.Response;\n },\n\n async information() {\n const currentEnvironment: string = strapi.config.get('environment');\n const autoReload = strapi.config.get('autoReload', false);\n const strapiVersion = strapi.config.get('info.strapi', null);\n const dependencies = strapi.config.get('info.dependencies', {});\n const projectId = strapi.config.get('uuid', null);\n const nodeVersion = process.version;\n const communityEdition = !strapi.EE;\n const useYarn: boolean = await exists(path.join(process.cwd(), 'yarn.lock'));\n\n return {\n data: {\n currentEnvironment,\n autoReload,\n strapiVersion,\n dependencies,\n projectId,\n nodeVersion,\n communityEdition,\n useYarn,\n },\n } satisfies Information.Response;\n },\n\n async plugins(ctx: Context) {\n const enabledPlugins = strapi.config.get('enabledPlugins') as any;\n\n // List of core plugins that are always enabled,\n // and so it's not necessary to display them in the plugins list\n const CORE_PLUGINS = [\n 'content-manager',\n 'content-type-builder',\n 'email',\n 'upload',\n 'i18n',\n 'content-releases',\n 'review-workflows',\n ];\n\n const plugins = Object.entries(enabledPlugins)\n .filter(([key]: any) => !CORE_PLUGINS.includes(key))\n .map(([key, plugin]: any) => ({\n name: plugin.info.name \|\| key,\n displayName: plugin.info.displayName \|\| plugin.info.name \|\| key,\n description: plugin.info.description \|\| '',\n packageName: plugin.info.packageName,\n }));\n\n ctx.send({ plugins }) satisfies Plugins.Response;\n },\n};\n","import { yup, validateYupSchema } from '@strapi/utils';\nimport constants from '../services/constants';\n\nconst apiTokenCreationSchema = yup\n .object()\n .shape({\n name: yup.string().min(1).required(),\n description: yup.string().optional(),\n type: yup.string().oneOf(Object.values(constants.API_TOKEN_TYPE)).required(),\n permissions: yup.array().of(yup.string()).nullable(),\n lifespan: yup.number().min(1).oneOf(Object.values(constants.API_TOKEN_LIFESPANS)).nullable(),\n })\n .noUnknown()\n .strict();\n\nconst apiTokenUpdateSchema = yup\n .object()\n .shape({\n name: yup.string().min(1).notNull(),\n description: yup.string().nullable(),\n type: yup.string().oneOf(Object.values(constants.API_TOKEN_TYPE)).notNull(),\n permissions: yup.array().of(yup.string()).nullable(),\n })\n .noUnknown()\n .strict();\n\nexport const validateApiTokenCreationInput = validateYupSchema(apiTokenCreationSchema);\nexport const validateApiTokenUpdateInput = validateYupSchema(apiTokenUpdateSchema);\n\nexport default {\n validateApiTokenCreationInput,\n validateApiTokenUpdateInput,\n};\n","import type { Context } from 'koa';\n\nimport { strings, errors } from '@strapi/utils';\nimport { trim, has } from 'lodash/fp';\nimport { getService } from '../utils';\nimport {\n validateApiTokenCreationInput,\n validateApiTokenUpdateInput,\n} from '../validation/api-tokens';\n\nimport { Create, List, Revoke, Get, Update } from '../../../shared/contracts/api-token';\n\nconst { ApplicationError } = errors;\n\nexport default {\n async create(ctx: Context) {\n const { body } = ctx.request as Create.Request;\n const apiTokenService = getService('api-token');\n\n /\n We trim both field to avoid having issues with either:\n * - having a space at the end or start of the value.\n * - having only spaces as value;\n /\n const attributes = {\n name: trim(body.name),\n description: trim(body.description),\n type: body.type,\n permissions: body.permissions,\n lifespan: body.lifespan,\n };\n\n await validateApiTokenCreationInput(attributes);\n\n const alreadyExists = await apiTokenService.exists({ name: attributes.name });\n if (alreadyExists) {\n throw new ApplicationError('Name already taken');\n }\n\n const apiToken = await apiTokenService.create(attributes);\n ctx.created({ data: apiToken } satisfies Create.Response);\n },\n\n async regenerate(ctx: Context) {\n const { id } = ctx.params;\n const apiTokenService = getService('api-token');\n\n const apiTokenExists = await apiTokenService.getById(id);\n if (!apiTokenExists) {\n ctx.notFound('API Token not found');\n return;\n }\n\n const accessToken = await apiTokenService.regenerate(id);\n\n ctx.created({ data: accessToken });\n },\n\n async list(ctx: Context) {\n const apiTokenService = getService('api-token');\n const apiTokens = await apiTokenService.list();\n\n ctx.send({ data: apiTokens } satisfies List.Response);\n },\n\n async revoke(ctx: Context) {\n const { id } = ctx.params as Revoke.Params;\n const apiTokenService = getService('api-token');\n const apiToken = await apiTokenService.revoke(id);\n\n ctx.deleted({ data: apiToken } satisfies Revoke.Response);\n },\n\n async get(ctx: Context) {\n const { id } = ctx.params;\n const apiTokenService = getService('api-token');\n const apiToken = await apiTokenService.getById(id);\n\n if (!apiToken) {\n ctx.notFound('API Token not found');\n return;\n }\n\n ctx.send({ data: apiToken } satisfies Get.Response);\n },\n\n async update(ctx: Context) {\n const { body } = ctx.request as Update.Request;\n const { id } = ctx.params as Update.Params;\n const apiTokenService = getService('api-token');\n\n const attributes = body;\n /\n We trim both field to avoid having issues with either:\n * - having a space at the end or start of the value.\n * - having only spaces as value;\n /\n if (has('name', attributes)) {\n attributes.name = trim(body.name);\n }\n\n if (has('description', attributes) \|\| attributes.description === null) {\n attributes.description = trim(body.description);\n }\n\n await validateApiTokenUpdateInput(attributes);\n\n const apiTokenExists = await apiTokenService.getById(id);\n if (!apiTokenExists) {\n return ctx.notFound('API Token not found');\n }\n\n if (has('name', attributes)) {\n const nameAlreadyTaken = await apiTokenService.getByName(attributes.name);\n\n /\n We cast the ids as string as the one coming from the ctx isn't cast\n * as a Number in case it is supposed to be an integer. It remains\n * as a string. This way we avoid issues with integers in the db.\n /\n if (!!nameAlreadyTaken && !strings.isEqual(nameAlreadyTaken.id, id)) {\n throw new ApplicationError('Name already taken');\n }\n }\n\n const apiToken = await apiTokenService.update(id, attributes);\n ctx.send({ data: apiToken } satisfies Update.Response);\n },\n\n async getLayout(ctx: Context) {\n const apiTokenService = getService('api-token');\n // TODO\n // @ts-expect-error remove this controller if not used\n const layout = await apiTokenService.getApiTokenLayout();\n\n ctx.send({ data: layout });\n },\n};\n","import { isUndefined } from 'lodash/fp';\nimport { yup, validateYupSchema } from '@strapi/utils';\nimport validators from './common-validators';\n\nconst userCreationSchema = yup\n .object()\n .shape({\n email: validators.email.required(),\n firstname: validators.firstname.required(),\n lastname: validators.lastname,\n roles: validators.roles.min(1),\n preferedLanguage: yup.string().nullable(),\n })\n .noUnknown();\n\nconst profileUpdateSchema = yup\n .object()\n .shape({\n email: validators.email.notNull(),\n firstname: validators.firstname.notNull(),\n lastname: validators.lastname.nullable(),\n username: validators.username.nullable(),\n password: validators.password.notNull(),\n currentPassword: yup\n .string()\n .when('password', (password: string, schema: any) =>\n !isUndefined(password) ? schema.required() : schema\n )\n .notNull(),\n preferedLanguage: yup.string().nullable(),\n })\n .noUnknown();\n\nconst userUpdateSchema = yup\n .object()\n .shape({\n email: validators.email.notNull(),\n firstname: validators.firstname.notNull(),\n lastname: validators.lastname.nullable(),\n username: validators.username.nullable(),\n password: validators.password.notNull(),\n isActive: yup.bool().notNull(),\n roles: validators.roles.min(1).notNull(),\n })\n .noUnknown();\n\nconst usersDeleteSchema = yup\n .object()\n .shape({\n ids: yup.array().of(yup.strapiID()).min(1).required(),\n })\n .noUnknown();\n\nexport const validateUserCreationInput = validateYupSchema(userCreationSchema);\nexport const validateProfileUpdateInput = validateYupSchema(profileUpdateSchema);\nexport const validateUserUpdateInput = validateYupSchema(userUpdateSchema);\nexport const validateUsersDeleteInput = validateYupSchema(usersDeleteSchema);\nexport const schemas = {\n userCreationSchema,\n usersDeleteSchema,\n userUpdateSchema,\n};\n\nexport default {\n validateUserCreationInput,\n validateProfileUpdateInput,\n validateUserUpdateInput,\n validateUsersDeleteInput,\n schemas,\n};\n","import type { Context } from 'koa';\nimport type { AdminUser } from '../../../shared/contracts/shared';\n\nimport { getService } from '../utils';\nimport { validateProfileUpdateInput } from '../validation/user';\nimport { GetMe, GetOwnPermissions, UpdateMe } from '../../../shared/contracts/users';\n\nexport default {\n async getMe(ctx: Context) {\n const userInfo = getService('user').sanitizeUser(ctx.state.user as AdminUser);\n\n ctx.body = {\n data: userInfo,\n } satisfies GetMe.Response;\n },\n\n async updateMe(ctx: Context) {\n const input = ctx.request.body as UpdateMe.Request['body'];\n\n await validateProfileUpdateInput(input);\n\n const userService = getService('user');\n const authServer = getService('auth');\n\n const { currentPassword, ...userInfo } = input;\n\n if (currentPassword && userInfo.password) {\n const isValid = await authServer.validatePassword(currentPassword, ctx.state.user.password);\n\n if (!isValid) {\n // @ts-expect-error - refactor ctx bad request to take a second argument\n return ctx.badRequest('ValidationError', {\n currentPassword: ['Invalid credentials'],\n });\n }\n }\n\n const updatedUser = await userService.updateById(ctx.state.user.id, userInfo);\n\n ctx.body = {\n data: userService.sanitizeUser(updatedUser),\n } satisfies UpdateMe.Response;\n },\n\n async getOwnPermissions(ctx: Context) {\n const { findUserPermissions, sanitizePermission } = getService('permission');\n const { user } = ctx.state;\n\n const userPermissions = await findUserPermissions(user as AdminUser);\n\n ctx.body = {\n // @ts-expect-error - transform response type to sanitized permission\n data: userPermissions.map(sanitizePermission),\n } satisfies GetOwnPermissions.Response;\n },\n};\n","import { yup, validateYupSchema } from '@strapi/utils';\nimport validators from '../common-validators';\n\nconst registrationSchema = yup\n .object()\n .shape({\n registrationToken: yup.string().required(),\n userInfo: yup\n .object()\n .shape({\n firstname: validators.firstname.required(),\n lastname: validators.lastname.nullable(),\n password: validators.password.required(),\n })\n .required()\n .noUnknown(),\n })\n .noUnknown();\n\nconst registrationInfoQuerySchema = yup\n .object()\n .shape({\n registrationToken: yup.string().required(),\n })\n .required()\n .noUnknown();\n\nconst adminRegistrationSchema = yup\n .object()\n .shape({\n email: validators.email.required(),\n firstname: validators.firstname.required(),\n lastname: validators.lastname.nullable(),\n password: validators.password.required(),\n })\n .required()\n .noUnknown();\n\nexport const validateRegistrationInput = validateYupSchema(registrationSchema);\nexport const validateRegistrationInfoQuery = validateYupSchema(registrationInfoQuerySchema);\nexport const validateAdminRegistrationInput = validateYupSchema(adminRegistrationSchema);\n\nexport default {\n validateRegistrationInput,\n validateRegistrationInfoQuery,\n validateAdminRegistrationInput,\n};\n","import { yup, validateYupSchema } from '@strapi/utils';\nimport validators from '../common-validators';\n\nconst forgotPasswordSchema = yup\n .object()\n .shape({\n email: validators.email.required(),\n })\n .required()\n .noUnknown();\n\nexport default validateYupSchema(forgotPasswordSchema);\n","import { yup, validateYupSchema } from '@strapi/utils';\nimport validators from '../common-validators';\n\nconst resetPasswordSchema = yup\n .object()\n .shape({\n resetPasswordToken: yup.string().required(),\n password: validators.password.required(),\n })\n .required()\n .noUnknown();\n\nexport default validateYupSchema(resetPasswordSchema);\n","import { yup, validateYupSchema } from '@strapi/utils';\n\nconst renewToken = yup.object().shape({ token: yup.string().required() }).required().noUnknown();\n\nexport default validateYupSchema(renewToken);\n","import type { Context, Next } from 'koa';\nimport passport from 'koa-passport';\nimport compose from 'koa-compose';\nimport '@strapi/types';\nimport { errors } from '@strapi/utils';\nimport { getService } from '../utils';\nimport {\n validateRegistrationInput,\n validateAdminRegistrationInput,\n validateRegistrationInfoQuery,\n validateForgotPasswordInput,\n validateResetPasswordInput,\n validateRenewTokenInput,\n} from '../validation/authentication';\n\nimport type {\n ForgotPassword,\n Login,\n Register,\n RegistrationInfo,\n RenewToken,\n ResetPassword,\n} from '../../../shared/contracts/authentication';\nimport { AdminUser } from '../../../shared/contracts/shared';\n\nconst { ApplicationError, ValidationError } = errors;\n\nexport default {\n login: compose([\n (ctx: Context, next: Next) => {\n return passport.authenticate('local', { session: false }, (err, user, info) => {\n if (err) {\n strapi.eventHub.emit('admin.auth.error', { error: err, provider: 'local' });\n // if this is a recognized error, allow it to bubble up to user\n if (err.details?.code === 'LOGIN_NOT_ALLOWED') {\n throw err;\n }\n\n // for all other errors throw a generic error to prevent leaking info\n return ctx.notImplemented();\n }\n\n if (!user) {\n strapi.eventHub.emit('admin.auth.error', {\n error: new Error(info.message),\n provider: 'local',\n });\n throw new ApplicationError(info.message);\n }\n\n const query = ctx.state as Login.Request['query'];\n query.user = user;\n\n const sanitizedUser = getService('user').sanitizeUser(user);\n strapi.eventHub.emit('admin.auth.success', { user: sanitizedUser, provider: 'local' });\n\n return next();\n })(ctx, next);\n },\n (ctx: Context) => {\n const { user } = ctx.state as { user: AdminUser };\n\n ctx.body = {\n data: {\n token: getService('token').createJwtToken(user),\n user: getService('user').sanitizeUser(ctx.state.user), // TODO: fetch more detailed info\n },\n } satisfies Login.Response;\n },\n ]),\n\n async renewToken(ctx: Context) {\n await validateRenewTokenInput(ctx.request.body);\n\n const { token } = ctx.request.body as RenewToken.Request['body'];\n\n const { isValid, payload } = getService('token').decodeJwtToken(token);\n\n if (!isValid) {\n throw new ValidationError('Invalid token');\n }\n\n ctx.body = {\n data: {\n token: getService('token').createJwtToken({ id: payload.id }),\n },\n } satisfies RenewToken.Response;\n },\n\n async registrationInfo(ctx: Context) {\n await validateRegistrationInfoQuery(ctx.request.query);\n\n const { registrationToken } = ctx.request.query as RegistrationInfo.Request['query'];\n\n const registrationInfo = await getService('user').findRegistrationInfo(registrationToken);\n\n if (!registrationInfo) {\n throw new ValidationError('Invalid registrationToken');\n }\n\n ctx.body = { data: registrationInfo } satisfies RegistrationInfo.Response;\n },\n\n async register(ctx: Context) {\n const input = ctx.request.body as Register.Request['body'];\n\n await validateRegistrationInput(input);\n\n const user = await getService('user').register(input);\n\n ctx.body = {\n data: {\n token: getService('token').createJwtToken(user),\n user: getService('user').sanitizeUser(user),\n },\n } satisfies Register.Response;\n },\n\n async registerAdmin(ctx: Context) {\n const input = ctx.request.body as Register.Request['body'];\n\n await validateAdminRegistrationInput(input);\n\n const hasAdmin = await getService('user').exists();\n\n if (hasAdmin) {\n throw new ApplicationError('You cannot register a new super admin');\n }\n\n const superAdminRole = await getService('role').getSuperAdmin();\n\n if (!superAdminRole) {\n throw new ApplicationError(\n \"Cannot register the first admin because the super admin role doesn't exist.\"\n );\n }\n\n const user = await getService('user').create({\n ...input,\n registrationToken: null,\n isActive: true,\n roles: superAdminRole ? [superAdminRole.id] : [],\n });\n\n strapi.telemetry.send('didCreateFirstAdmin');\n\n ctx.body = {\n data: {\n token: getService('token').createJwtToken(user),\n user: getService('user').sanitizeUser(user),\n },\n };\n },\n\n async forgotPassword(ctx: Context) {\n const input = ctx.request.body as ForgotPassword.Request['body'];\n\n await validateForgotPasswordInput(input);\n\n getService('auth').forgotPassword(input);\n\n ctx.status = 204;\n },\n\n async resetPassword(ctx: Context) {\n const input = ctx.request.body as ResetPassword.Request['body'];\n\n await validateResetPasswordInput(input);\n\n const user = await getService('auth').resetPassword(input);\n\n ctx.body = {\n data: {\n token: getService('token').createJwtToken(user),\n user: getService('user').sanitizeUser(user),\n },\n } satisfies ResetPassword.Response;\n },\n\n logout(ctx: Context) {\n const sanitizedUser = getService('user').sanitizeUser(ctx.state.user);\n strapi.eventHub.emit('admin.logout', { user: sanitizedUser });\n ctx.body = { data: {} };\n },\n};\n","import { pick, map } from 'lodash/fp';\n\n// visible fields for the API\nconst publicFields = ['id', 'displayName', 'category'];\n\nconst formatConditions = map(pick(publicFields));\n\nexport { formatConditions };\n","import type { Context } from 'koa';\nimport { validateCheckPermissionsInput } from '../validation/permission';\nimport { getService } from '../utils';\nimport { formatConditions } from './formatters';\nimport type { Action } from '../domain/action';\nimport type { GetAll, Check } from '../../../shared/contracts/permissions';\nimport { Condition } from '../domain/condition';\nimport { Permission } from '../../../shared/contracts/shared';\n\nexport default {\n /\n Check each permissions from `request.body.permissions` and returns an array of booleans\n * @param {KoaContext} ctx - koa context\n /\n async check(ctx: Context) {\n const { body: input } = ctx.request as Check.Request;\n const { userAbility } = ctx.state;\n\n await validateCheckPermissionsInput(input);\n\n const { engine } = getService('permission');\n\n const checkPermissionsFn = engine.checkMany(userAbility);\n\n ctx.body = {\n data: checkPermissionsFn(input.permissions as Permission[]),\n } satisfies Check.Response;\n },\n\n /\n Returns every permissions, in nested format\n * @param {KoaContext} ctx - koa context\n /\n async getAll(ctx: Context) {\n const { sectionsBuilder, actionProvider, conditionProvider } = getService('permission');\n\n const actions = actionProvider.values() as Action[];\n const conditions = conditionProvider.values() as Condition[];\n const sections = await sectionsBuilder.build(actions);\n\n ctx.body = {\n data: {\n // @ts-expect-error - refactor to use a proper type\n conditions: formatConditions(conditions),\n sections,\n },\n } satisfies GetAll.Response;\n },\n};\n","import { yup, validateYupSchema } from '@strapi/utils';\n\nconst roleCreateSchema = yup\n .object()\n .shape({\n name: yup.string().min(1).required(),\n description: yup.string().nullable(),\n })\n .noUnknown();\n\nconst rolesDeleteSchema = yup\n .object()\n .shape({\n ids: yup\n .array()\n .of(yup.strapiID())\n .min(1)\n .required()\n .test('roles-deletion-checks', 'Roles deletion checks have failed', async function (ids) {\n try {\n await strapi.service('admin::role').checkRolesIdForDeletion(ids);\n } catch (e) {\n // @ts-expect-error yup types\n return this.createError({ path: 'ids', message: e.message });\n }\n\n return true;\n }),\n })\n .noUnknown();\n\nconst roleDeleteSchema = yup\n .strapiID()\n .required()\n .test('no-admin-single-delete', 'Role deletion checks have failed', async function (id) {\n try {\n await strapi.service('admin::role').checkRolesIdForDeletion([id]);\n } catch (e) {\n // @ts-expect-error yup types\n return this.createError({ path: 'id', message: e.message });\n }\n\n return true;\n });\n\nconst roleUpdateSchema = yup\n .object()\n .shape({\n name: yup.string().min(1),\n description: yup.string().nullable(),\n })\n .noUnknown();\n\nexport const validateRoleCreateInput = validateYupSchema(roleCreateSchema);\nexport const validateRoleUpdateInput = validateYupSchema(roleUpdateSchema);\nexport const validateRolesDeleteInput = validateYupSchema(rolesDeleteSchema);\nexport const validateRoleDeleteInput = validateYupSchema(roleDeleteSchema);\n\nexport default {\n validateRoleUpdateInput,\n validateRoleCreateInput,\n validateRolesDeleteInput,\n validateRoleDeleteInput,\n};\n","import type { Context } from 'koa';\nimport { errors } from '@strapi/utils';\nimport {\n validateRoleUpdateInput,\n validateRoleCreateInput,\n validateRoleDeleteInput,\n validateRolesDeleteInput,\n} from '../validation/role';\nimport { validatedUpdatePermissionsInput } from '../validation/permission';\nimport constants from '../services/constants';\nimport { getService } from '../utils';\nimport type {\n Create,\n FindRoles,\n FindRole,\n Update,\n GetPermissions,\n UpdatePermissions,\n Delete,\n BatchDelete,\n} from '../../../shared/contracts/roles';\nimport { AdminRole } from '../../../shared/contracts/shared';\n\nconst { ApplicationError } = errors;\nconst { SUPER_ADMIN_CODE } = constants;\n\nexport default {\n /\n Create a new role\n * @param {KoaContext} ctx - koa context\n /\n async create(ctx: Context) {\n const { body } = ctx.request as Create.Request;\n await validateRoleCreateInput(body);\n\n const roleService = getService('role');\n\n const role = await roleService.create(body);\n const sanitizedRole = roleService.sanitizeRole(role) as Omit<AdminRole, 'users' \| 'permission'>;\n\n ctx.created({ data: sanitizedRole } satisfies Create.Response);\n },\n\n /\n Returns on role by id\n * @param {KoaContext} ctx - koa context\n /\n async findOne(ctx: Context) {\n const { id } = ctx.params as FindRole.Request['params'];\n const role = await getService('role').findOneWithUsersCount({ id });\n\n if (!role) {\n return ctx.notFound('role.notFound');\n }\n\n ctx.body = {\n data: role,\n } satisfies FindRole.Response;\n },\n\n /\n Returns every roles\n * @param {KoaContext} ctx - koa context\n /\n async findAll(ctx: Context) {\n const { query } = ctx.request as FindRoles.Request;\n\n const permissionsManager = getService('permission').createPermissionsManager({\n ability: ctx.state.userAbility,\n model: 'admin::role',\n });\n\n await permissionsManager.validateQuery(query);\n const sanitizedQuery = await permissionsManager.sanitizeQuery(query);\n\n const roles = await getService('role').findAllWithUsersCount(sanitizedQuery);\n\n ctx.body = {\n data: roles,\n } satisfies FindRoles.Response;\n },\n\n /\n Updates a role by id\n * @param {KoaContext} ctx - koa context\n /\n async update(ctx: Context) {\n const { id } = ctx.params as Update.Request['params'];\n const { body } = ctx.request as Omit<Update.Request, 'params'>;\n\n const roleService = getService('role');\n\n await validateRoleUpdateInput(body);\n\n const role = await roleService.findOne({ id });\n\n if (!role) {\n return ctx.notFound('role.notFound');\n }\n\n if (role.code === SUPER_ADMIN_CODE) {\n throw new ApplicationError(\"Super admin can't be edited.\");\n }\n\n const updatedRole = await roleService.update({ id }, body);\n const sanitizedRole = roleService.sanitizeRole(updatedRole) as Omit<\n AdminRole,\n 'users' \| 'permission'\n >;\n\n ctx.body = {\n data: sanitizedRole,\n } satisfies Update.Response;\n },\n\n /\n Returns the permissions assigned to a role\n * @param {KoaContext} ctx - koa context\n /\n async getPermissions(ctx: Context) {\n const { id } = ctx.params as GetPermissions.Request['params'];\n\n const roleService = getService('role');\n const permissionService = getService('permission');\n\n const role = await roleService.findOne({ id });\n\n if (!role) {\n return ctx.notFound('role.notFound');\n }\n\n const permissions = await permissionService.findMany({ where: { role: { id: role.id } } });\n\n const sanitizedPermissions = permissions.map(permissionService.sanitizePermission);\n\n ctx.body = {\n // @ts-expect-error - transform response type to sanitized permission\n data: sanitizedPermissions,\n } satisfies GetPermissions.Response;\n },\n\n /\n Updates the permissions assigned to a role\n * @param {KoaContext} ctx - koa context\n /\n async updatePermissions(ctx: Context) {\n const { id } = ctx.params as UpdatePermissions.Request['params'];\n const { body: input } = ctx.request as Omit<UpdatePermissions.Request, 'params'>;\n\n const roleService = getService('role');\n const permissionService = getService('permission');\n\n const role = await roleService.findOne({ id });\n\n if (!role) {\n return ctx.notFound('role.notFound');\n }\n\n if (role.code === SUPER_ADMIN_CODE) {\n throw new ApplicationError(\"Super admin permissions can't be edited.\");\n }\n\n await validatedUpdatePermissionsInput(input);\n\n if (!role) {\n return ctx.notFound('role.notFound');\n }\n\n const permissions = await roleService.assignPermissions(role.id, input.permissions);\n\n const sanitizedPermissions = permissions.map(permissionService.sanitizePermission);\n\n ctx.body = {\n data: sanitizedPermissions,\n } satisfies UpdatePermissions.Response;\n },\n\n /\n Delete a role\n * @param {KoaContext} ctx - koa context\n /\n async deleteOne(ctx: Context) {\n const { id } = ctx.params as Delete.Request['params'];\n\n await validateRoleDeleteInput(id);\n\n const roleService = getService('role');\n\n const roles = await roleService.deleteByIds([id]);\n\n const sanitizedRole = roles.map((role) => roleService.sanitizeRole(role))[0] \|\| null;\n\n return ctx.deleted({\n data: sanitizedRole,\n } satisfies Delete.Response);\n },\n\n /\n delete several roles\n * @param {KoaContext} ctx - koa context\n /\n async deleteMany(ctx: Context) {\n const { body } = ctx.request as BatchDelete.Request;\n\n await validateRolesDeleteInput(body);\n\n const roleService = getService('role');\n\n const roles = await roleService.deleteByIds(body.ids);\n const sanitizedRoles = roles.map(roleService.sanitizeRole);\n\n return ctx.deleted({\n data: sanitizedRoles,\n } satisfies BatchDelete.Response);\n },\n};\n","import { Context } from 'koa';\n\nimport { strapi as dataTransferStrapi } from '@strapi/data-transfer';\nimport { errors } from '@strapi/utils';\nimport dataTransferAuthStrategy from '../../strategies/data-transfer';\n\nconst {\n remote: {\n handlers: { createPushController, createPullController },\n },\n} = dataTransferStrapi;\n\nconst { UnauthorizedError } = errors;\n\n/\n @param ctx the koa context\n * @param scope the scope to verify\n /\nconst verify = async (ctx: Context, scope?: dataTransferStrapi.remote.constants.TransferMethod) => {\n const { auth } = ctx.state;\n\n if (!auth) {\n throw new UnauthorizedError();\n }\n\n await dataTransferAuthStrategy.verify(auth, { scope });\n};\n\nexport const push = createPushController({ verify });\nexport const pull = createPullController({ verify });\n\nexport default {\n push,\n pull,\n};\n","import { yup, validateYupSchema } from '@strapi/utils';\nimport constants from '../../services/constants';\n\nconst transferTokenCreationSchema = yup\n .object()\n .shape({\n name: yup.string().min(1).required(),\n description: yup.string().optional(),\n permissions: yup\n .array()\n .min(1)\n .of(yup.string().oneOf(Object.values(constants.TRANSFER_TOKEN_TYPE)))\n .required(),\n lifespan: yup\n .number()\n .min(1)\n .oneOf(Object.values(constants.TRANSFER_TOKEN_LIFESPANS))\n .nullable(),\n })\n .noUnknown()\n .strict();\n\nconst transferTokenUpdateSchema = yup\n .object()\n .shape({\n name: yup.string().min(1).notNull(),\n description: yup.string().nullable(),\n permissions: yup\n .array()\n .min(1)\n .of(yup.string().oneOf(Object.values(constants.TRANSFER_TOKEN_TYPE)))\n .nullable(),\n })\n .noUnknown()\n .strict();\n\nexport const validateTransferTokenCreationInput = validateYupSchema(transferTokenCreationSchema);\nexport const validateTransferTokenUpdateInput = validateYupSchema(transferTokenUpdateSchema);\n\nexport default {\n validateTransferTokenCreationInput,\n validateTransferTokenUpdateInput,\n};\n","import { Context } from 'koa';\nimport { trim, has } from 'lodash/fp';\nimport { errors, strings } from '@strapi/utils';\nimport { getService } from '../../utils';\nimport { token } from '../../validation/transfer';\n\nimport type {\n TokenCreate,\n TokenGetById,\n TokenList,\n TokenRegenerate,\n TokenRevoke,\n TokenUpdate,\n} from '../../../../shared/contracts/transfer';\n\nconst { ApplicationError } = errors;\n\nconst { validateTransferTokenCreationInput, validateTransferTokenUpdateInput } = token;\n\nexport default {\n async list(ctx: Context) {\n const transferService = getService('transfer');\n const transferTokens = await transferService.token.list();\n\n ctx.body = { data: transferTokens } satisfies TokenList.Response;\n },\n\n async getById(ctx: Context) {\n const { id } = ctx.params as TokenGetById.Params;\n const tokenService = getService('transfer').token;\n\n const transferToken = await tokenService.getById(id);\n\n if (!transferToken) {\n ctx.notFound('Transfer token not found');\n return;\n }\n\n ctx.body = { data: transferToken } satisfies TokenGetById.Response;\n },\n\n async create(ctx: Context) {\n const { body } = ctx.request as TokenCreate.Request;\n const { token: tokenService } = getService('transfer');\n\n /\n We trim fields to avoid having issues with either:\n * - having a space at the end or start of the value\n * - having only spaces as value (so that an empty field can be caught in validation)\n /\n const attributes = {\n name: trim(body.name),\n description: trim(body.description),\n permissions: body.permissions,\n lifespan: body.lifespan,\n };\n\n await validateTransferTokenCreationInput(attributes);\n\n const alreadyExists = await tokenService.exists({ name: attributes.name });\n if (alreadyExists) {\n throw new ApplicationError('Name already taken');\n }\n\n const transferTokens = await tokenService.create(attributes);\n\n ctx.created({ data: transferTokens } satisfies TokenCreate.Response);\n },\n\n async update(ctx: Context) {\n const { body } = ctx.request as TokenUpdate.Request;\n const { id } = ctx.params as TokenUpdate.Params;\n const { token: tokenService } = getService('transfer');\n\n const attributes = body;\n /\n We trim fields to avoid having issues with either:\n * - having a space at the end or start of the value\n * - having only spaces as value (so that an empty field can be caught in validation)\n /\n if (has('name', attributes)) {\n attributes.name = trim(body.name);\n }\n\n if (has('description', attributes) \|\| attributes.description === null) {\n attributes.description = trim(body.description);\n }\n\n await validateTransferTokenUpdateInput(attributes);\n\n const apiTokenExists = await tokenService.getById(id);\n if (!apiTokenExists) {\n return ctx.notFound('Transfer token not found');\n }\n\n if (has('name', attributes)) {\n const nameAlreadyTaken = await tokenService.getByName(attributes.name);\n\n /\n We cast the ids as string as the one coming from the ctx isn't cast\n * as a Number in case it is supposed to be an integer. It remains\n * as a string. This way we avoid issues with integers in the db.\n /\n if (!!nameAlreadyTaken && !strings.isEqual(nameAlreadyTaken.id, id)) {\n throw new ApplicationError('Name already taken');\n }\n }\n\n const apiToken = await tokenService.update(id, attributes);\n\n ctx.body = { data: apiToken } satisfies TokenUpdate.Response;\n },\n\n async revoke(ctx: Context) {\n const { id } = ctx.params as TokenRevoke.Params;\n const { token: tokenService } = getService('transfer');\n\n const transferToken = await tokenService.revoke(id);\n\n ctx.deleted({ data: transferToken } satisfies TokenRevoke.Response);\n },\n\n async regenerate(ctx: Context) {\n const { id } = ctx.params as TokenRegenerate.Params;\n const { token: tokenService } = getService('transfer');\n\n const exists = await tokenService.getById(id);\n if (!exists) {\n ctx.notFound('Transfer token not found');\n return;\n }\n\n const accessToken = await tokenService.regenerate(id);\n\n ctx.created({ data: accessToken } satisfies TokenRegenerate.Response);\n },\n};\n","import { mapKeys } from 'lodash/fp';\nimport runner from './runner';\nimport token from './token';\n\nconst prefixActionsName = (prefix: string, dict: any) => mapKeys((key) => `${prefix}-${key}`, dict);\n\nexport default {\n ...prefixActionsName('runner', runner),\n ...prefixActionsName('token', token),\n};\n","import type { Context } from 'koa';\n\nimport as _ from 'lodash';\nimport { errors } from '@strapi/utils';\nimport {\n validateUserCreationInput,\n validateUserUpdateInput,\n validateUsersDeleteInput,\n} from '../validation/user';\nimport { getService } from '../utils';\nimport {\n Create,\n DeleteMany,\n DeleteOne,\n FindAll,\n FindOne,\n Update,\n} from '../../../shared/contracts/user';\nimport { AdminUser } from '../../../shared/contracts/shared';\n\nconst { ApplicationError } = errors;\n\nexport default {\n async create(ctx: Context) {\n const { body } = ctx.request as Create.Request;\n const cleanData = { ...body, email: _.get(body, `email`, ``).toLowerCase() };\n\n await validateUserCreationInput(cleanData);\n\n const attributes = _.pick(cleanData, [\n 'firstname',\n 'lastname',\n 'email',\n 'roles',\n 'preferedLanguage',\n ]);\n\n const userAlreadyExists = await getService('user').exists({\n email: attributes.email,\n });\n\n if (userAlreadyExists) {\n throw new ApplicationError('Email already taken');\n }\n\n const createdUser = await getService('user').create(attributes);\n\n const userInfo = getService('user').sanitizeUser(createdUser);\n\n // Note: We need to assign manually the registrationToken to the\n // final user payload so that it's not removed in the sanitation process.\n Object.assign(userInfo, { registrationToken: createdUser.registrationToken });\n\n // Send 201 created\n ctx.created({ data: userInfo } satisfies Create.Response);\n },\n\n async find(ctx: Context) {\n const userService = getService('user');\n\n const permissionsManager = strapi.service('admin::permission').createPermissionsManager({\n ability: ctx.state.userAbility,\n model: 'admin::user',\n });\n\n await permissionsManager.validateQuery(ctx.query);\n const sanitizedQuery = await permissionsManager.sanitizeQuery(ctx.query);\n\n // @ts-expect-error update the service type\n const { results, pagination } = await userService.findPage(sanitizedQuery);\n\n ctx.body = {\n data: {\n results: results.map((user: AdminUser) => userService.sanitizeUser(user)),\n pagination,\n },\n } satisfies FindAll.Response;\n },\n\n async findOne(ctx: Context) {\n const { id } = ctx.params as FindOne.Params;\n\n const user = await getService('user').findOne(id);\n\n if (!user) {\n return ctx.notFound('User does not exist');\n }\n\n ctx.body = {\n data: getService('user').sanitizeUser(user as AdminUser),\n } as FindOne.Response;\n },\n\n async update(ctx: Context) {\n const { id } = ctx.params as Update.Params;\n const { body: input } = ctx.request as Update.Request;\n\n await validateUserUpdateInput(input);\n\n if (_.has(input, 'email')) {\n const uniqueEmailCheck = await getService('user').exists({\n id: { $ne: id },\n email: input.email,\n });\n\n if (uniqueEmailCheck) {\n throw new ApplicationError('A user with this email address already exists');\n }\n }\n\n const updatedUser = await getService('user').updateById(id, input);\n\n if (!updatedUser) {\n return ctx.notFound('User does not exist');\n }\n\n ctx.body = {\n data: getService('user').sanitizeUser(updatedUser),\n } satisfies Update.Response;\n },\n\n async deleteOne(ctx: Context) {\n const { id } = ctx.params as DeleteOne.Params;\n\n const deletedUser = await getService('user').deleteById(id);\n\n if (!deletedUser) {\n return ctx.notFound('User not found');\n }\n\n return ctx.deleted({\n data: getService('user').sanitizeUser(deletedUser),\n } satisfies DeleteOne.Response);\n },\n\n /*\n Delete several users\n * @param ctx - koa context\n /\n async deleteMany(ctx: Context) {\n const { body } = ctx.request as DeleteMany.Request;\n await validateUsersDeleteInput(body);\n\n const users = await getService('user').deleteByIds(body.ids);\n\n const sanitizedUsers = users.map(getService('user').sanitizeUser);\n\n return ctx.deleted({\n data: sanitizedUsers,\n } satisfies DeleteMany.Response);\n },\n};\n","import isLocalhostIp from 'is-localhost-ip';\n// Regular import references a deprecated node module,\n// See https://www.npmjs.com/package/punycode.js#installation\nimport punycode from 'punycode/';\nimport type { Context } from 'koa';\nimport _ from 'lodash';\n\nimport { yup, validateYupSchema } from '@strapi/utils';\n\nimport type { Modules } from '@strapi/types';\n\nimport {\n CreateWebhook,\n DeleteWebhook,\n DeleteWebhooks,\n GetWebhook,\n UpdateWebhook,\n TriggerWebhook,\n GetWebhooks,\n} from '../../../shared/contracts/webhooks';\n\nconst urlRegex =\n /^(?:([a-z0-9+.-]+):\\/\\/)(?:\\S+(?::\\S)?@)?(?:(?:[1-9]\\d?\|1\\d\\d\|2[01]\\d\|22[0-3])(?:\\.(?:1?\\d{1,2}\|2[0-4]\\d\|25[0-5])){2}(?:\\.(?:[1-9]\\d?\|1\\d\\d\|2[0-4]\\d\|25[0-4]))\|(?:(?:[a-z\\u00a1-\\uffff0-9_]-)[a-z\\u00a1-\\uffff0-9_]+)(?:\\.(?:[a-z\\u00a1-\\uffff0-9_]-)[a-z\\u00a1-\\uffff0-9_]+)\\.?)(?::\\d{2,5})?(?:[/?#]\\S)?$/;\n\nconst webhookValidator = yup\n .object({\n name: yup.string().required(),\n url: yup\n .string()\n .matches(urlRegex, 'url must be a valid URL')\n .required()\n .test(\n 'is-public-url',\n \"Url is not supported because it isn't reachable over the public internet\",\n async (url) => {\n if (process.env.NODE_ENV !== 'production') {\n return true;\n }\n\n try {\n const parsedUrl = new URL(punycode.toASCII(url!));\n const isLocalUrl = await isLocalhostIp(parsedUrl.hostname);\n return !isLocalUrl;\n } catch {\n return false;\n }\n }\n ),\n headers: yup.lazy((data) => {\n if (typeof data !== 'object') {\n return yup.object().required();\n }\n\n return yup\n .object(\n // @ts-expect-error lodash types\n _.mapValues(data, () => {\n yup.string().min(1).required();\n })\n )\n .required();\n }),\n events: yup.array().of(yup.string()).required(),\n })\n .noUnknown();\n\nconst updateWebhookValidator = webhookValidator.shape({\n isEnabled: yup.boolean(),\n});\n\nexport default {\n async listWebhooks(ctx: Context) {\n const webhooks = await strapi.get('webhookStore').findWebhooks();\n ctx.send({ data: webhooks } satisfies GetWebhooks.Response);\n },\n\n async getWebhook(ctx: Context) {\n const { id } = ctx.params;\n const webhook = await strapi.get('webhookStore').findWebhook(id);\n\n if (!webhook) {\n return ctx.notFound('webhook.notFound');\n }\n\n ctx.send({ data: webhook } satisfies GetWebhook.Response);\n },\n\n async createWebhook(ctx: Context) {\n const { body } = ctx.request as CreateWebhook.Request;\n\n await validateYupSchema(webhookValidator)(body);\n\n const webhook = await strapi.get('webhookStore').createWebhook(body);\n\n strapi.get('webhookRunner').add(webhook);\n\n ctx.created({ data: webhook } satisfies CreateWebhook.Response);\n },\n\n async updateWebhook(ctx: Context) {\n const { id } = ctx.params as UpdateWebhook.Params;\n const { body } = ctx.request as UpdateWebhook.Request;\n\n await validateYupSchema(updateWebhookValidator)(body);\n\n const webhook = await strapi.get('webhookStore').findWebhook(id);\n\n if (!webhook) {\n return ctx.notFound('webhook.notFound');\n }\n\n const updatedWebhook = await strapi.get('webhookStore').updateWebhook(id, {\n ...webhook,\n ...body,\n });\n\n if (!updatedWebhook) {\n return ctx.notFound('webhook.notFound');\n }\n\n strapi.get('webhookRunner').update(updatedWebhook);\n\n ctx.send({ data: updatedWebhook } satisfies UpdateWebhook.Response);\n },\n\n async deleteWebhook(ctx: Context) {\n const { id } = ctx.params;\n const webhook = await strapi.get('webhookStore').findWebhook(id);\n\n if (!webhook) {\n return ctx.notFound('webhook.notFound');\n }\n\n await strapi.get('webhookStore').deleteWebhook(id);\n\n strapi.get('webhookRunner').remove(webhook);\n\n ctx.body = { data: webhook } satisfies DeleteWebhook.Response;\n },\n\n async deleteWebhooks(ctx: Context) {\n const { ids } = ctx.request.body as DeleteWebhooks.Request['body'];\n\n if (!Array.isArray(ids) \|\| ids.length === 0) {\n return ctx.badRequest('ids must be an array of id');\n }\n\n for (const id of ids) {\n const webhook = await strapi.get('webhookStore').findWebhook(id);\n\n if (webhook) {\n await strapi.get('webhookStore').deleteWebhook(id);\n strapi.get('webhookRunner').remove(webhook);\n }\n }\n\n ctx.send({ data: ids } satisfies DeleteWebhooks.Response);\n },\n\n async triggerWebhook(ctx: Context) {\n const { id } = ctx.params;\n\n const webhook = await strapi.get('webhookStore').findWebhook(id);\n\n const response = await strapi\n .get('webhookRunner')\n .run(webhook as Modules.WebhookStore.Webhook, 'trigger-test', {});\n\n ctx.body = { data: response } satisfies TriggerWebhook.Response;\n },\n};\n","import type { Context } from 'koa';\nimport type { GetRoutes, GetPermissions } from '../../../shared/contracts/content-api';\nimport '@strapi/types';\n\nexport default {\n async getPermissions(ctx: Context) {\n const actionsMap = await strapi.contentAPI.permissions.getActionsMap();\n\n ctx.send({ data: actionsMap } satisfies GetPermissions.Response);\n },\n\n async getRoutes(ctx: Context) {\n const routesMap = await strapi.contentAPI.getRoutesMap();\n\n ctx.send({ data: routesMap } satisfies GetRoutes.Response);\n },\n};\n","import type {} from 'koa-body';\n\nimport admin from './admin';\nimport apiToken from './api-token';\nimport authenticatedUser from './authenticated-user';\nimport authentication from './authentication';\nimport permission from './permission';\nimport role from './role';\nimport transfer from './transfer';\nimport user from './user';\nimport webhooks from './webhooks';\nimport contentApi from './content-api';\n\nexport default {\n admin,\n 'api-token': apiToken,\n 'authenticated-user': authenticatedUser,\n authentication,\n permission,\n role,\n transfer,\n user,\n webhooks,\n 'content-api': contentApi,\n};\n","/*\n Lifecycle callbacks for the `Permission` model.\n /\n\nexport default {\n collectionName: 'admin_permissions',\n info: {\n name: 'Permission',\n description: '',\n singularName: 'permission',\n pluralName: 'permissions',\n displayName: 'Permission',\n },\n options: {},\n pluginOptions: {\n 'content-manager': {\n visible: false,\n },\n 'content-type-builder': {\n visible: false,\n },\n },\n attributes: {\n action: {\n type: 'string',\n minLength: 1,\n configurable: false,\n required: true,\n },\n actionParameters: {\n type: 'json',\n configurable: false,\n required: false,\n default: {},\n },\n subject: {\n type: 'string',\n minLength: 1,\n configurable: false,\n required: false,\n },\n properties: {\n type: 'json',\n configurable: false,\n required: false,\n default: {},\n },\n conditions: {\n type: 'json',\n configurable: false,\n required: false,\n default: [],\n },\n role: {\n configurable: false,\n type: 'relation',\n relation: 'manyToOne',\n inversedBy: 'permissions',\n target: 'admin::role',\n },\n },\n};\n","export default {\n collectionName: 'admin_users',\n info: {\n name: 'User',\n description: '',\n singularName: 'user',\n pluralName: 'users',\n displayName: 'User',\n },\n pluginOptions: {\n 'content-manager': {\n visible: false,\n },\n 'content-type-builder': {\n visible: false,\n },\n },\n attributes: {\n firstname: {\n type: 'string',\n unique: false,\n minLength: 1,\n configurable: false,\n required: false,\n },\n lastname: {\n type: 'string',\n unique: false,\n minLength: 1,\n configurable: false,\n required: false,\n },\n username: {\n type: 'string',\n unique: false,\n configurable: false,\n required: false,\n },\n email: {\n type: 'email',\n minLength: 6,\n configurable: false,\n required: true,\n unique: true,\n private: true,\n },\n password: {\n type: 'password',\n minLength: 6,\n configurable: false,\n required: false,\n private: true,\n searchable: false,\n },\n resetPasswordToken: {\n type: 'string',\n configurable: false,\n private: true,\n searchable: false,\n },\n registrationToken: {\n type: 'string',\n configurable: false,\n private: true,\n searchable: false,\n },\n isActive: {\n type: 'boolean',\n default: false,\n configurable: false,\n private: true,\n },\n roles: {\n configurable: false,\n private: true,\n type: 'relation',\n relation: 'manyToMany',\n inversedBy: 'users',\n target: 'admin::role',\n // FIXME: Allow setting this\n collectionName: 'strapi_users_roles',\n },\n blocked: {\n type: 'boolean',\n default: false,\n configurable: false,\n private: true,\n },\n preferedLanguage: {\n type: 'string',\n configurable: false,\n required: false,\n searchable: false,\n },\n },\n config: {\n attributes: {\n resetPasswordToken: {\n hidden: true,\n },\n registrationToken: {\n hidden: true,\n },\n },\n },\n};\n","/\n Lifecycle callbacks for the `Role` model.\n */\n\nexport default {\n collectionName: 'admin_roles',\n info: {\n name: 'Role',\n description: '',\n singularName: 'role',\n pluralName: 'roles',\n displayName: 'Role',\n },\n options: {},\n pluginOptions: {\n 'content-manager': {\n visible: false,\n },\n 'content-type-builder': {\n visible: false,\n },\n },\n attributes: {\n name: {\n type: 'string',\n minLength: 1,\n unique: true,\n configurable: false,\n required: true,\n },\n code: {\n type: 'string',\n minLength: 1,\n unique: true,\n configurable: false,\n required: true,\n },\n description: {\n type: 'string',\n configurable: false,\n },\n users: {\n configurable: false,\n type: 'relation',\n relation: 'manyToMany',\n mappedBy: 'roles',\n target: 'admin::user',\n },\n permissions: {\n configurable: false,\n type: 'relation',\n relation: 'oneToMany',\n mappedBy: 'role',\n target: 'admin::permission',\n },\n },\n};\n","import constants from '../services/constants';\n\nexport default {\n collectionName: 'strapi_api_tokens',\n info: {\n name: 'Api Token',\n singularName: 'api-token',\n pluralName: 'api-tokens',\n displayName: 'Api Token',\n description: '',\n },\n options: {},\n pluginOptions: {\n 'content-manager': {\n visible: false,\n },\n 'content-type-builder': {\n visible: false,\n },\n },\n attributes: {\n name: {\n type: 'string',\n minLength: 1,\n configurable: false,\n required: true,\n unique: true,\n },\n description: {\n type: 'string',\n minLength: 1,\n configurable: false,\n required: false,\n default: '',\n },\n type: {\n type: 'enumeration',\n enum: Object.values(constants.API_TOKEN_TYPE),\n configurable: false,\n required: true,\n default: constants.API_TOKEN_TYPE.READ_ONLY,\n },\n accessKey: {\n type: 'string',\n minLength: 1,\n configurable: false,\n required: true,\n searchable: false,\n },\n lastUsedAt: {\n type: 'datetime',\n configurable: false,\n required: false,\n },\n permissions: {\n type: 'relation',\n target: 'admin::api-token-permission',\n relation: 'oneToMany',\n mappedBy: 'token',\n configurable: false,\n required: false,\n },\n expiresAt: {\n type: 'datetime',\n configurable: false,\n required: false,\n },\n lifespan: {\n type: 'biginteger',\n configurable: false,\n required: false,\n },\n },\n};\n","export default {\n collectionName: 'strapi_api_token_permissions',\n info: {\n name: 'API Token Permission',\n description: '',\n singularName: 'api-token-permission',\n pluralName: 'api-token-permissions',\n displayName: 'API Token Permission',\n },\n options: {},\n pluginOptions: {\n 'content-manager': {\n visible: false,\n },\n 'content-type-builder': {\n visible: false,\n },\n },\n attributes: {\n action: {\n type: 'string',\n minLength: 1,\n configurable: false,\n required: true,\n },\n token: {\n configurable: false,\n type: 'relation',\n relation: 'manyToOne',\n inversedBy: 'permissions',\n target: 'admin::api-token',\n },\n },\n};\n","export default {\n collectionName: 'strapi_transfer_tokens',\n info: {\n name: 'Transfer Token',\n singularName: 'transfer-token',\n pluralName: 'transfer-tokens',\n displayName: 'Transfer Token',\n description: '',\n },\n options: {},\n pluginOptions: {\n 'content-manager': {\n visible: false,\n },\n 'content-type-builder': {\n visible: false,\n },\n },\n attributes: {\n name: {\n type: 'string',\n minLength: 1,\n configurable: false,\n required: true,\n unique: true,\n },\n description: {\n type: 'string',\n minLength: 1,\n configurable: false,\n required: false,\n default: '',\n },\n accessKey: {\n type: 'string',\n minLength: 1,\n configurable: false,\n required: true,\n },\n lastUsedAt: {\n type: 'datetime',\n configurable: false,\n required: false,\n },\n permissions: {\n type: 'relation',\n target: 'admin::transfer-token-permission',\n relation: 'oneToMany',\n mappedBy: 'token',\n configurable: false,\n required: false,\n },\n expiresAt: {\n type: 'datetime',\n configurable: false,\n required: false,\n },\n lifespan: {\n type: 'biginteger',\n configurable: false,\n required: false,\n },\n },\n};\n","export default {\n collectionName: 'strapi_transfer_token_permissions',\n info: {\n name: 'Transfer Token Permission',\n description: '',\n singularName: 'transfer-token-permission',\n pluralName: 'transfer-token-permissions',\n displayName: 'Transfer Token Permission',\n },\n options: {},\n pluginOptions: {\n 'content-manager': {\n visible: false,\n },\n 'content-type-builder': {\n visible: false,\n },\n },\n attributes: {\n action: {\n type: 'string',\n minLength: 1,\n configurable: false,\n required: true,\n },\n token: {\n configurable: false,\n type: 'relation',\n relation: 'manyToOne',\n inversedBy: 'permissions',\n target: 'admin::transfer-token',\n },\n },\n};\n","import Permission from './Permission';\nimport User from './User';\nimport Role from './Role';\nimport apiToken from './api-token';\nimport apiTokenPermission from './api-token-permission';\nimport transferToken from './transfer-token';\nimport transferTokenPermission from './transfer-token-permission';\n\nexport default {\n permission: { schema: Permission },\n user: { schema: User },\n role: { schema: Role },\n 'api-token': { schema: apiToken },\n 'api-token-permission': { schema: apiTokenPermission },\n 'transfer-token': { schema: transferToken },\n 'transfer-token-permission': { schema: transferTokenPermission },\n};\n","import type { Context, Next } from 'koa';\nimport path from 'path';\nimport utils from '@strapi/utils';\nimport { isString, has, toLower, get } from 'lodash/fp';\nimport type { Core } from '@strapi/types';\n\nconst { RateLimitError } = utils.errors;\n\nexport default (config: any, { strapi }: { strapi: Core.Strapi }) =>\n async (ctx: Context, next: Next) => {\n let rateLimitConfig = strapi.config.get('admin.rateLimit') as any;\n\n if (!rateLimitConfig) {\n rateLimitConfig = {\n enabled: true,\n };\n }\n\n if (!has('enabled', rateLimitConfig)) {\n rateLimitConfig.enabled = true;\n }\n\n if (rateLimitConfig.enabled === true) {\n // TODO: TS - Do the dynamic import\n // eslint-disable-next-line @typescript-eslint/no-var-requires\n const rateLimit = require('koa2-ratelimit').RateLimit;\n\n const requestEmail = get('request.body.email')(ctx);\n const userEmail = isString(requestEmail) ? requestEmail.toLowerCase() : 'unknownEmail';\n\n const requestPath = isString(ctx.request.path)\n ? toLower(path.normalize(ctx.request.path)).replace(/\\/$/, '')\n : 'invalidPath';\n\n const loadConfig = {\n interval: { min: 5 },\n max: 5,\n prefixKey: `${userEmail}:${requestPath}:${ctx.request.ip}`,\n handler() {\n throw new RateLimitError();\n },\n ...rateLimitConfig,\n ...config,\n };\n\n return rateLimit.middleware(loadConfig)(ctx, next);\n }\n\n return next();\n };\n","import type { Context, Next } from 'koa';\n\nimport { getService } from '../utils';\n\nexport default () => async (ctx: Context, next: Next) => {\n const transferUtils = getService('transfer').utils;\n\n const { hasValidTokenSalt, isRemoteTransferEnabled } = transferUtils;\n\n // verify that data transfer is enabled\n if (isRemoteTransferEnabled()) {\n return next();\n }\n\n // if it has been manually disabled, return a not found\n if (strapi.config.get('server.transfer.remote.enabled') === false) {\n return ctx.notFound();\n }\n\n // if it's enabled but doesn't have a valid salt, throw a not implemented\n if (!hasValidTokenSalt()) {\n return ctx.notImplemented(\n 'The server configuration for data transfer is invalid. Please contact your server administrator.',\n {\n code: 'INVALID_TOKEN_SALT',\n }\n );\n }\n\n // This should never happen as long as we're handling individual scenarios above\n throw new Error('Unexpected error while trying to access a data transfer route');\n};\n","import rateLimit from './rateLimit';\nimport dataTransfer from './data-transfer';\n\nexport { default as rateLimit } from './rateLimit';\nexport { default as dataTransfer } from './data-transfer';\n\nexport default {\n rateLimit,\n 'data-transfer': dataTransfer,\n};\n"],"names":["name","user","sendDidChangeInterfaceLanguage","merge","async","map","uniq","difference","strapi","resolve","fse","join","path","extname","koaStatic","basename","authenticate","token","constants","UnauthorizedError","ForbiddenError","errors","extractToken","apiToken","isNil","differenceInHours","parseISO","ability","action","verify","auth","castArray","conditionProvider","actionProvider","forgotPassword","yup","_","validateYupSchema","createPolicy","policy","actions","permissions","subject","transferToken","admin","authentication","roles","webhooks","contentApi","transfer","ApplicationError","password","bcrypt","hash","email","SUPER_ADMIN_CODE","hasSuperAdminRole","role","pick","set","omit","curry","pipe","prop","includes","isArray","create","permission","isEmpty","has","ValidationError","arrays","updatedUser","passwordValidator","findOne","exists","defaults","deleteByIds","count","users","condition","conditions","remove","eq","get","roleConstants","hooksUtils","isEqual","dates","update","differenceWith","differenceBy","createMany","sanitizeConditions","LocalStrategy","toLower","isFunction","authEventsMapper","passport","crypto","jwt","validateYupSchemaSync","providerFactory","hooks","domain","sanitize","isScalarAttribute","getNonVisibleAttributes","getWritableAttributes","contentTypes","ID_ATTRIBUTE","DOC_ID_ATTRIBUTE","CREATED_AT_ATTRIBUTE","UPDATED_AT_ATTRIBUTE","PUBLISHED_AT_ATTRIBUTE","CREATED_BY_ATTRIBUTE","UPDATED_BY_ATTRIBUTE","COMPONENT_FIELDS","STATIC_FIELDS","traverse","isObject","cloneDeep","traverseEntity","permittedFieldsOf","some","flatMap","detectSubjectType","asSubject","schema","getOr","intersection","validate","rulesToQuery","v","isPlainObject","providers","engine","matchesProperty","contentType","propEq","pluginsHandler","settingsHandler","xor","pmap","createSectionsBuilder","contentTypesUtils","startsWith","isString","NotFoundError","SELECT_FIELDS","POPULATE_FIELDS","isValidLifespan","isNumber","assertValidLifespan","flattenTokenPermissions","getBy","getExpirationFields","regenerate","checkSaltIsDefined","list","revoke","getById","getByName","assert","hasValidTokenSalt","utils","env","fs","projectSettings","updateProjectSettings","z","validateZod","tsUtils","values","sumBy","plugins","trim","apiTokens","strings","isUndefined","findUserPermissions","sanitizePermission","compose","sectionsBuilder","dataTransferStrapi","validateTransferTokenCreationInput","validateTransferTokenUpdateInput","mapKeys","punycode","isLocalhostIp","rateLimit","isRemoteTransferEnabled"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,MAAM,aAAa,CAACA,UAAS;AAC3B,SAAO,OAAO,QAAQ,UAAUA,KAAI,EAAE;AACxC;ACFO,MAAM,UAAU;AAAA,EACrB;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,EACZ;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,EACZ;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,EACZ;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,EACZ;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,EACZ;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,EACZ;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AACF;AAEA,MAAe,eAAA;AAAA,EACb;AACF;ACnNO,MAAM,aAAa;AAAA,EACxB;AAAA,IACE,aAAa;AAAA,IACb,MAAM;AAAA,IACN,QAAQ;AAAA,IACR,SAAS,CAACC,WAAgB,EAAE,gBAAgBA,MAAK,GAAG;AAAA,EACtD;AAAA,EACA;AAAA,IACE,aAAa;AAAA,IACb,MAAM;AAAA,IACN,QAAQ;AAAA,IACR,SAAS,CAACA,WAAgB;AAAA,MACxB,mBAAmB;AAAA,QACjB,YAAY;AAAA,UACV,IAAI;AAAA,YACF,KAAKA,MAAK,MAAM,IAAI,CAAC,MAAY,EAAE,EAAE;AAAA,UACvC;AAAA,QACF;AAAA,MACF;AAAA,IAAA;AAAA,EAEJ;AACF;AAEA,MAAe,kBAAA;AAAA,EACb;AACF;ACtBA,MAAM,2BAA2B;AAAA,EAC/B,WAAW;AAAA,IACT,cAAc;AAAA,IACd,aAAa;AAAA,IACb,gBAAgB;AAAA,EAClB;AACF;AAEA,MAAM,4BAA4B,YAAY;AAC5C,QAAM,WAAW,YAAY,EAAE,eAAe,aAAa,aAAa,OAAO;AACjF;AAEA,MAAM,0BAA0B,YAAY;AAC1C,QAAM,WAAW,YAAY,EAAE,kBAAkB,aAAa,gBAAgB,UAAU;AAC1F;AAEA,MAAM,qBAAqB,MAAM;AAC/B,QAAM,EAAE,gCAAAC,gCAAA,IAAmC,WAAW,SAAS;AAExD,SAAA,GAAG,WAAW,UAAU;AAAA,IAC7B,QAAQ,CAAC,aAAa;AAAA,IACtB,aAAaA;AAAA,IACb,aAAaA;AAAA,IACb,YAAY,EAAE,UAAU;AAClB,UAAA,OAAO,KAAK,kBAAkB;AACD,QAAAA;MACjC;AAAA,IACF;AAAA,EAAA,CACD;AACH;AAEA,MAAM,mBAAmB,YAAY;AAC7B,QAAA,aAAa,MAAM,OAAO,MAAM,EAAE,MAAM,QAAQ,MAAM,QAAA,CAAS;AACrE,QAAM,oBAAoB,MAAM,WAAW,IAAI,EAAE,KAAK,QAAQ;AACxD,QAAA,kBAAkBC,GAAAA,MAAM,0BAA0B,iBAAiB;AAEzE,QAAM,aAAa,MAAM,WAAW,MAAM,EAAE,OAAO;AAAA,IACjD,IAAI,gBAAgB,UAAU;AAAA,EAAA,CAC/B;AAGD,MAAI,CAAC,YAAY;AACf,oBAAgB,UAAU,cAAc;AAAA,EAC1C;AAEA,QAAM,WAAW,IAAI,EAAE,KAAK,QAAQ,OAAO,iBAAiB;AAC9D;AAEA,MAAM,2BAA2B,YAAY;AAC3C,QAAM,mBAAmB,OAAO,WAAW,YAAY,UAAU,OAAO;AAClE,QAAA,kBAAkB,MAAMC,QAAAA,MAAM;AAAA,IAClC,OAAO,GAAG,MAAM,6BAA6B,EAAE;AAAA,IAC/CC,GAAAA,IAAI,QAAQ;AAAA,EAAA;AAGd,QAAM,qBAAqBC,GAAAA,KAAKC,GAAAA,WAAW,iBAAiB,gBAAgB,CAAC;AAEzE,MAAA,mBAAmB,SAAS,GAAG;AACjC,UAAM,OAAO,GACV,MAAM,6BAA6B,EACnC,WAAW,EAAE,OAAO,EAAE,QAAQ,EAAE,KAAK,mBAAmB,EAAA,EAAK,CAAA;AAAA,EAClE;AACF;AAEA,MAAA,YAAe,OAAO,EAAE,QAAAC,cAAsC;AAC5D,QAAM,wBAAwB;AAC9B,QAAM,0BAA0B;AACb;AAEb,QAAA,oBAAoB,WAAW,YAAY;AAC3C,QAAA,cAAc,WAAW,MAAM;AAC/B,QAAA,cAAc,WAAW,MAAM;AAC/B,QAAA,kBAAkB,WAAW,WAAW;AACxC,QAAA,kBAAkB,WAAW,UAAU;AACvC,QAAA,eAAe,WAAW,OAAO;AAEvC,QAAM,YAAY;AAClB,QAAM,YAAY;AAClB,QAAM,YAAY;AAElB,QAAM,kBAAkB;AAExB,QAAM,YAAY;AAElB,QAAM,iBAAiB;AACvB,QAAM,yBAAyB;AAE/B,QAAM,WAAW,SAAS,EAAE,6BAA6BA,OAAM;AACpD,aAAA,SAAS,EAAE,UAAUA,OAAM;AAEtC,kBAAgB,mBAAmB;AACnC,kBAAgB,MAAM;AACtB,eAAa,qBAAqB;AACpC;AC9FA,MAAM,0BAA0B,CAAC,EAAE,QAAAA,cAAsC;AACvE,MAAI,WAAWC,KAAAA,QAAQD,QAAO,KAAK,KAAK,MAAM,OAAO;AAErD,MAAI,CAACE,aAAA,QAAI,eAAe,QAAQ,GAAG;AACtB,eAAAD,KAAA,QAAQ,WAAW,aAAa;AAAA,EAC7C;AAEM,QAAA,uBAAuB,OAAO,KAAc,SAAe;AAC/D,UAAM,KAAK;AAEX,QAAI,IAAI,WAAW,UAAU,IAAI,WAAW,OAAO;AACjD;AAAA,IACF;AAEA,QAAI,IAAI,QAAQ,QAAQ,IAAI,WAAW,KAAK;AAC1C;AAAA,IACF;AAEA,QAAI,OAAO;AACX,QAAI,OAAOC,qBAAI,iBAAiBC,KAAAA,KAAK,UAAU,YAAY,CAAC;AAAA,EAAA;AAG9D,EAAAH,QAAO,OAAO,OAAO;AAAA,IACnB;AAAA,MACE,QAAQ;AAAA,MACR,MAAM,GAAGA,QAAO,OAAO,MAAM,IAAI;AAAA,MACjC,SAAS;AAAA,QACP;AAAA,QACA,YAAY,UAAU;AAAA,UACpB,QAAQ;AAAA,UACR,OAAO;AAAA,UACP,OAAO;AAAA,UACP,WAAW,KAAUI,QAAW;AACxB,kBAAA,MAAMC,aAAQD,MAAI;AAExB,gBAAI,QAAQ,SAAS;AACf,kBAAA,UAAU,iBAAiB,qCAAqC;AAAA,YACtE;AAAA,UACF;AAAA,QAAA,CACD;AAAA,MACH;AAAA,MACA,QAAQ,EAAE,MAAM,MAAM;AAAA,IACxB;AAAA,EAAA,CACD;AACH;AAGA,MAAM,cAAc,CAAC,UAAe,mBAAmB,OAAO;AACtD,QAAA,QAAQE,mBAAAA,QAAU,UAAU,gBAAgB;AAE3C,SAAA,OAAO,KAAc,SAAe;AACzC,UAAM,OAAO,IAAI;AACX,UAAA,UAAUC,KAAAA,SAAS,IAAI,IAAI;AAEjC,QAAI,OAAO;AACL,UAAA,MAAM,KAAK,YAAY;AAC3B,UAAI,OAAO;AACX,YAAM,KAAK;AACX,UAAI,OAAO;AAAA,IAAA,CACZ;AACD,QAAI,OAAO;AAAA,EAAA;AAEf;AChEa,MAAAC,iBAAe,OAAO,QAAiB;AAClD,QAAM,EAAE,cAAkB,IAAA,IAAI,QAAQ;AAEtC,MAAI,CAAC,eAAe;AACX,WAAA,EAAE,eAAe;EAC1B;AAEM,QAAA,QAAQ,cAAc,MAAM,KAAK;AAEnC,MAAA,MAAM,CAAC,EAAE,YAAA,MAAkB,YAAY,MAAM,WAAW,GAAG;AACtD,WAAA,EAAE,eAAe;EAC1B;AAEM,QAAAC,SAAQ,MAAM,CAAC;AACf,QAAA,EAAE,SAAS,YAAY,WAAW,OAAO,EAAE,eAAeA,MAAK;AAErE,MAAI,CAAC,SAAS;AACL,WAAA,EAAE,eAAe;EAC1B;AAEA,QAAMhB,QAAO,MAAM,OAAO,GACvB,MAAM,aAAa,EACnB,QAAQ,EAAE,OAAO,EAAE,IAAI,QAAQ,GAAG,GAAG,UAAU,CAAC,OAAO,GAAG;AAE7D,MAAI,CAACA,SAAQ,EAAEA,MAAK,aAAa,OAAO;AAC/B,WAAA,EAAE,eAAe;EAC1B;AAEA,QAAM,cAAc,MAAM,WAAW,YAAY,EAAE,OAAO,oBAAoBA,KAAI;AAIlF,MAAI,MAAM,cAAc;AACxB,MAAI,MAAM,OAAOA;AAEV,SAAA;AAAA,IACL,eAAe;AAAA,IACf,aAAaA;AAAA,IACb,SAAS;AAAA,EAAA;AAEb;AAEO,MAAMD,SAAO;AAGpB,MAAe,oBAAA;AAAA,EAAA,MACbA;AAAAA,EAAA,cACAgB;AACF;ACpDA,MAAM,YAAY,KAAK,KAAK,KAAK;AAEjC,MAAME,cAAY;AAAA,EAChB,sBAAsB;AAAA,EACtB,kBAAkB;AAAA,EAClB,aAAa;AAAA,EACb,aAAa;AAAA,EACb,aAAa;AAAA,EACb,eAAe;AAAA,EACf,eAAe;AAAA,EACf,eAAe;AAAA,EACf,gBAAgB;AAAA,EAChB,gBAAgB;AAAA,IACd,WAAW;AAAA,IACX,aAAa;AAAA,IACb,QAAQ;AAAA,EACV;AAAA;AAAA,EAEA,qBAAqB;AAAA,IACnB,WAAW;AAAA,IACX,QAAQ,IAAI;AAAA,IACZ,SAAS,KAAK;AAAA,IACd,SAAS,KAAK;AAAA,EAChB;AAAA,EACA,qBAAqB;AAAA,IACnB,MAAM;AAAA,IACN,MAAM;AAAA,EACR;AAAA,EACA,0BAA0B;AAAA,IACxB,WAAW;AAAA,IACX,QAAQ,IAAI;AAAA,IACZ,SAAS,KAAK;AAAA,IACd,SAAS,KAAK;AAAA,EAChB;AACF;;;;;AC1BA,MAAM,qBAAEC,qBAAmB,gBAAAC,iBAAmB,IAAAC;AAE9C,MAAM,cAAc,CAAC,UAAe,MAAM,SAAS,MAAM,KAAK,MAAM,SAAS,SAAS;AAEtF,MAAMC,iBAAe,CAAC,QAAiB;AACjC,MAAA,IAAI,WAAW,IAAI,QAAQ,UAAU,IAAI,QAAQ,OAAO,eAAe;AACzE,UAAM,QAAQ,IAAI,QAAQ,OAAO,cAAc,MAAM,KAAK;AAEtD,QAAA,MAAM,CAAC,EAAE,YAAA,MAAkB,YAAY,MAAM,WAAW,GAAG;AACtD,aAAA;AAAA,IACT;AAEA,WAAO,MAAM,CAAC;AAAA,EAChB;AAEO,SAAA;AACT;AAKa,MAAAN,iBAAe,OAAO,QAAiB;AAC5C,QAAA,kBAAkB,WAAW,WAAW;AACxC,QAAAC,SAAQK,eAAa,GAAG;AAE9B,MAAI,CAACL,QAAO;AACH,WAAA,EAAE,eAAe;EAC1B;AAEM,QAAAM,YAAW,MAAM,gBAAgB,MAAM;AAAA,IAC3C,WAAW,gBAAgB,KAAKN,MAAK;AAAA,EAAA,CACtC;AAGD,MAAI,CAACM,WAAU;AACN,WAAA,EAAE,eAAe;EAC1B;AAEM,QAAA,kCAAkB;AAExB,MAAI,CAACC,GAAA,MAAMD,UAAS,SAAS,GAAG;AAC9B,UAAM,iBAAiB,IAAI,KAAKA,UAAS,SAAS;AAElD,QAAI,iBAAiB,aAAa;AAChC,aAAO,EAAE,eAAe,OAAO,OAAO,IAAIJ,oBAAkB,eAAe;IAC7E;AAAA,EACF;AAIA,QAAM,qBAAqBM,QAAAA,kBAAkB,aAAaC,QAAS,SAAAH,UAAS,UAAU,CAAC;AACvF,MAAI,sBAAsB,GAAG;AAC3B,UAAM,OAAO,GAAG,MAAM,kBAAkB,EAAE,OAAO;AAAA,MAC/C,OAAO,EAAE,IAAIA,UAAS,GAAG;AAAA,MACzB,MAAM,EAAE,YAAY,YAAY;AAAA,IAAA,CACjC;AAAA,EACH;AAEA,MAAIA,UAAS,SAASL,YAAU,eAAe,QAAQ;AACrD,UAAMS,WAAU,MAAM,OAAO,WAAW,YAAY,OAAO;AAAA,MACzDJ,UAAS,YAAY,IAAI,CAACK,aAAiB,EAAE,QAAAA,UAAS;AAAA,IAAA;AAGxD,WAAO,EAAE,eAAe,MAAM,SAAAD,UAAS,aAAaJ,UAAS;AAAA,EAC/D;AAEA,SAAO,EAAE,eAAe,MAAM,aAAaA,UAAS;AACtD;AAOa,MAAAM,WAAS,CAACC,OAAW,WAAgB;AAChD,QAAM,EAAE,aAAaP,WAAU,SAAAI,SAAA,IAAYG;AAE3C,MAAI,CAACP,WAAU;AACP,UAAA,IAAIJ,oBAAkB,iBAAiB;AAAA,EAC/C;AAEM,QAAA,kCAAkB;AAExB,MAAI,CAACK,GAAA,MAAMD,UAAS,SAAS,GAAG;AAC9B,UAAM,iBAAiB,IAAI,KAAKA,UAAS,SAAS;AAElD,QAAI,iBAAiB,aAAa;AAC1B,YAAA,IAAIJ,oBAAkB,eAAe;AAAA,IAC7C;AAAA,EACF;AAGA,MAAII,UAAS,SAASL,YAAU,eAAe,aAAa;AAC1D;AAAA,EACF;AAGA,MAAIK,UAAS,SAASL,YAAU,eAAe,WAAW;AAKlD,UAAA,SAASa,GAAAA,UAAU,OAAO,KAAK;AAErC,QAAI,OAAO,SAAS,OAAO,MAAM,WAAW,GAAG;AAC7C;AAAA,IACF;AAAA,EAIO,WAAAR,UAAS,SAASL,YAAU,eAAe,QAAQ;AAC1D,QAAI,CAACS,UAAS;AACZ,YAAM,IAAIP,iBAAe;AAAA,IAC3B;AAEM,UAAA,SAASW,GAAAA,UAAU,OAAO,KAAK;AAE/B,UAAA,YAAY,OAAO,MAAM,CAAC,UAAUJ,SAAQ,IAAI,KAAK,CAAC;AAE5D,QAAI,WAAW;AACb;AAAA,IACF;AAAA,EACF;AAEA,QAAM,IAAIP,iBAAe;AAC3B;AAIA,MAAe,uBAAA;AAAA,EACb,MAAM;AAAA,EAAA,cACNJ;AAAAA,EAAA,QACAa;AACF;ACxIA,MAAA,aAAe,CAAC,EAAE,QAAArB,QAAA,MAAsC;AACtD,QAAM,qBAAqBA,QAAO,QAAQ,iBAAiB,EAAE,KAAK;AAElE,EAAAA,QAAO,OAAO,IAAI,OAAO,EAAE,IAAI,kBAAkB;AACjD,EAAAA,QAAO,IAAI,MAAM,EAAE,SAAS,SAAS,iBAAiB;AACtD,EAAAA,QAAO,IAAI,MAAM,EAAE,SAAS,eAAe,oBAAoB;AAE/D,MAAIA,QAAO,OAAO,IAAI,uBAAuB,GAAG;AACtB,4BAAA,EAAE,QAAAA,SAAQ;AAAA,EACpC;AACF;ACbA,MAAA,UAAe,YAAY;AACzB,QAAM,EAAE,mBAAAwB,oBAAmB,gBAAAC,gBAAe,IAAI,WAAW,YAAY;AAErE,QAAMD,mBAAkB;AACxB,QAAMC,gBAAe;AACvB;ACPA,MAAM,UAAU;AAEhB,MAAM,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAQb,MAAM,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAQb,MAAA,yBAAe,EAAE,SAAS,MAAM,KAAK;AChB9B,MAAMC,mBAAiB;AAAA,EAC5B,eAAe;AACjB;AAEA,MAAe,UAAA;AAAA,EAAA,gBACbA;AACF;ACRA,MAAe,uBAAA,CAAC,cAAmB;AAC1B,SAAA,QAAQ,UAAU,MAAM,eAAe;AAChD;ACCA,MAAM,uBAAuBC,YAAI,OAAO;AAAA,EACtC,SAASA,QAAAA,IAAI,MAAA,EAAQ;AAAA;AAAA,IAEnBA,YAAI,KAAK,CAAC,QAAQ;AACZ,UAAAC,aAAA,QAAE,QAAQ,GAAG,GAAG;AAClB,eAAOD,YAAI,QAAQ,GAAGA,QAAAA,IAAI,QAAQ,EAAE,IAAI,CAAC,EAAE,IAAI,CAAC;AAAA,MAClD;AAEI,UAAAC,aAAA,QAAE,SAAS,GAAG,GAAG;AACZ,eAAAD,YAAI,SAAS;MACtB;AAEO,aAAAA,QAAA,IAAI,OAAO,EAAE,MAAM;AAAA,QACxB,QAAQA,QAAA,IAAI,OAAO,EAAE,SAAS;AAAA,QAC9B,SAASA,YAAI,OAAO;AAAA,MAAA,CACrB;AAAA,IAAA,CACF;AAAA,EACH;AACF,CAAC;AAEY,MAAA,8BAA8BE,0BAAkB,oBAAoB;ACnBjF,MAAM,EAAEC,cAAAA,eAAiB,IAAAC;AAEzB,MAAM,iBAAiB;AAAA,EACrB;AAAA,IACE,OAAOH,aAAE,QAAA;AAAA,IACT,WAAW,CAACR,aAAiB,EAAE,QAAAA;EACjC;AAAA,EACA;AAAA,IACE,OAAOQ,aAAE,QAAA;AAAA,IACT,WAAW,CAAC,SAAc,EAAE,QAAQ,IAAI,CAAC,GAAG,SAAS,IAAI,CAAC;EAC5D;AAAA,EACA;AAAA;AAAA,IAEE,OAAOA,aAAE,QAAA;AAAA,IACT,WAAW,CAAC,SAAc;AAAA,EAC5B;AACF;AAEA,MAAA,iBAAeE,eAAa;AAAA,EAC1B,MAAM;AAAA,EACN,WAAW;AAAA,EACX,QAAQ,KAAK,QAAQ;AACb,UAAA,EAAE,SAAAE,SAAY,IAAA;AACpB,UAAM,EAAE,aAAab,aAAY,IAAI;AAErC,UAAMc,eAAcD,SAAQ;AAAA,MAAI,CAACZ,YAC/B,eAAe,KAAK,CAAC,aAAa,SAAS,MAAMA,OAAM,CAAC,GAAG,UAAUA,OAAM;AAAA,IAAA;AAG7E,UAAM,eAAea,aAAY;AAAA,MAAM,CAAC,EAAE,QAAAb,SAAQ,SAAAc,eAChDf,SAAQ,IAAIC,SAAQc,QAAO;AAAA,IAAA;AAGtB,WAAA;AAAA,EACT;AACF,CAAC;ACpCD,MAAM,EAAE,aAAiB,IAAAH;AAMzB,MAAA,qBAAe,aAAa;AAAA,EAC1B,MAAM;AAAA,EACN,QAAQ,MAAM,SAAS,EAAE,QAAA/B,WAAU;AAC7B,QAAAA,QAAO,UAAU,YAAY;AACxB,aAAA;AAAA,IACT;AAAA,EACF;AACF,CAAC;ACZD,MAAA,UAAe,EAAE,sBAAsB,gBAAgB,mBAAmB;ACJ1E,MAAe,UAAA;AAAA,EACb;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ,EAAE,MAAM,MAAM;AAAA,EACxB;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,QAAQ,EAAE,SAAS,CAAC,8BAA8B,EAAE;AAAA,QACtD;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,QAAQ,EAAE,SAAS,CAAC,gCAAgC,EAAE;AAAA,QACxD;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ,EAAE,MAAM,MAAM;AAAA,EACxB;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU,CAAC,6BAA6B;AAAA,IAC1C;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU,CAAC,6BAA6B;AAAA,IAC1C;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,yBAAyB,IAAI;AAAA,MACpF;AAAA,IACF;AAAA,EACF;AACF;ACpEA,MAAe,mBAAA;AAAA,EACb;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,MAAM;AAAA,MACN,aAAa,CAAC,kBAAkB;AAAA,IAClC;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ,EAAE,MAAM,MAAM;AAAA,EACxB;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ,EAAE,MAAM,MAAM;AAAA,EACxB;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ,EAAE,MAAM,MAAM;AAAA,EACxB;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ,EAAE,MAAM,MAAM;AAAA,EACxB;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ,EAAE,MAAM,MAAM;AAAA,EACxB;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ,EAAE,MAAM,MAAM;AAAA,EACxB;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU,CAAC,6BAA6B;AAAA,IAC1C;AAAA,EACF;AACF;ACtDA,MAAe,cAAA;AAAA,EACb;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU,CAAC,6BAA6B;AAAA,IAC1C;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU,CAAC,6BAA6B;AAAA,IAC1C;AAAA,EACF;AACF;ACjBA,MAAe,QAAA;AAAA,EACb;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU,CAAC,6BAA6B;AAAA,IAC1C;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU,CAAC,6BAA6B;AAAA,IAC1C;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU,CAAC,6BAA6B;AAAA,IAC1C;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,qBAAqB,IAAI;AAAA,MAChF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,mBAAmB,IAAI;AAAA,MAC9E;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,mBAAmB,IAAI;AAAA,MAC9E;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,qBAAqB,IAAI;AAAA,MAChF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU,CAAC,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,qBAAqB,EAAE,GAAG;AAAA,IAC5F;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU,CAAC,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,qBAAqB,EAAE,GAAG;AAAA,IAC5F;AAAA,EACF;AACF;ACrFA,MAAe,UAAA;AAAA,EACb;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,mBAAmB,IAAI;AAAA,MAC9E;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,qBAAqB,IAAI;AAAA,MAChF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,mBAAmB,IAAI;AAAA,MAC9E;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,mBAAmB,IAAI;AAAA,MAC9E;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,QAAQ;AAAA,YACN,SAAS,CAAC,qBAAqB;AAAA,UACjC;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,qBAAqB,IAAI;AAAA,MAChF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,QAAQ;AAAA,YACN,SAAS,CAAC,qBAAqB;AAAA,UACjC;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,QAAQ;AAAA,YACN,SAAS,CAAC,qBAAqB;AAAA,UACjC;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA,EACF;AACF;ACxGA,MAAe,aAAA;AAAA,EACb;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,sBAAsB,IAAI;AAAA,MACjF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,wBAAwB,IAAI;AAAA,MACnF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,sBAAsB,IAAI;AAAA,MACjF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,wBAAwB,IAAI;AAAA,MACnF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,wBAAwB,IAAI;AAAA,MACnF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,wBAAwB,IAAI;AAAA,MACnF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,wBAAwB,IAAI;AAAA,MACnF;AAAA,IACF;AAAA,EACF;AACF;AC9EA,MAAe,YAAA;AAAA,EACb;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,0BAA0B,IAAI;AAAA,MACrF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,wBAAwB,IAAI;AAAA,MACnF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,0BAA0B,IAAI;AAAA,MACrF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,wBAAwB,IAAI;AAAA,MACnF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,0BAA0B,IAAI;AAAA,MACrF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,8BAA8B,IAAI;AAAA,MACzF;AAAA,IACF;AAAA,EACF;AACF;ACnEA,MAAe,eAAA;AAAA,EACb;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU,CAAC,6BAA6B;AAAA,IAC1C;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU,CAAC,6BAA6B;AAAA,IAC1C;AAAA,EACF;AACF;ACVA,MAAM,qBAAEW,qBAAmB,eAAmB,IAAAE;AAE9C,MAAM,eAAe,CAAC,QAAiB;AACjC,MAAA,IAAI,WAAW,IAAI,QAAQ,UAAU,IAAI,QAAQ,OAAO,eAAe;AACzE,UAAM,QAAQ,IAAI,QAAQ,OAAO,cAAc,MAAM,KAAK;AAEtD,QAAA,MAAM,CAAC,EAAE,YAAA,MAAkB,YAAY,MAAM,WAAW,GAAG;AACtD,aAAA;AAAA,IACT;AAEA,WAAO,MAAM,CAAC;AAAA,EAChB;AAEO,SAAA;AACT;AAOa,MAAA,eAAe,OAAO,QAAiB;AAClD,QAAM,EAAE,OAAO,aAAa,IAAI,WAAW,UAAU;AAC/C,QAAAJ,SAAQ,aAAa,GAAG;AAE9B,MAAI,CAACA,QAAO;AACH,WAAA,EAAE,eAAe;EAC1B;AAEM,QAAA0B,iBAAgB,MAAM,aAAa,MAAM,EAAE,WAAW,aAAa,KAAK1B,MAAK,EAAA,CAAG;AAGtF,MAAI,CAAC0B,gBAAe;AACX,WAAA,EAAE,eAAe;EAC1B;AAGM,QAAA,kCAAkB;AAExB,MAAI,CAACnB,GAAA,MAAMmB,eAAc,SAAS,GAAG;AACnC,UAAM,iBAAiB,IAAI,KAAKA,eAAc,SAAS;AAEvD,QAAI,iBAAiB,aAAa;AAChC,aAAO,EAAE,eAAe,OAAO,OAAO,IAAIxB,oBAAkB,eAAe;IAC7E;AAAA,EACF;AAIA,QAAM,qBAAqBM,QAAAA,kBAAkB,aAAaC,QAAS,SAAAiB,eAAc,UAAU,CAAC;AAC5F,MAAI,sBAAsB,GAAG;AAC3B,UAAM,OAAO,GAAG,MAAM,kBAAkB,EAAE,OAAO;AAAA,MAC/C,OAAO,EAAE,IAAIA,eAAc,GAAG;AAAA,MAC9B,MAAM,EAAE,YAAY,YAAY;AAAA,IAAA,CACjC;AAAA,EACH;AAGA,QAAMhB,WAAU,MAAM,WAAW,UAAU,EAAE,WAAW,OAAO;AAAA,IAC7DgB,eAAc,YAAY,IAAI,CAACf,aAAiB,EAAE,QAAAA,UAAS;AAAA,EAAA;AAG7D,SAAO,EAAE,eAAe,MAAM,SAAAD,UAAS,aAAagB,eAAc;AACpE;AAOO,MAAMd,WAAS,OAAOC,OAAW,SAAc,OAAO;AAC3D,QAAM,EAAE,aAAaa,gBAAe,SAAAhB,SAAA,IAAYG;AAEhD,MAAI,CAACa,gBAAe;AACZ,UAAA,IAAIxB,oBAAkB,iBAAiB;AAAA,EAC/C;AAEM,QAAA,kCAAkB;AAExB,MAAI,CAACK,GAAA,MAAMmB,eAAc,SAAS,GAAG;AACnC,UAAM,iBAAiB,IAAI,KAAKA,eAAc,SAAS;AAEvD,QAAI,iBAAiB,aAAa;AAC1B,YAAA,IAAIxB,oBAAkB,eAAe;AAAA,IAC7C;AAAA,EACF;AAEA,MAAI,CAACQ,UAAS;AACZ,UAAM,IAAI,eAAe;AAAA,EAC3B;AAEA,QAAM,SAASI,GAAA,UAAU,OAAO,SAAS,CAAE,CAAA;AAErC,QAAA,YAAY,OAAO,MAAM,CAAC,UAAUJ,SAAQ,IAAI,KAAK,CAAC;AAE5D,MAAI,CAAC,WAAW;AACd,UAAM,IAAI,eAAe;AAAA,EAC3B;AACF;AAEO,MAAM,OAAO;AAGpB,MAAe,2BAAA;AAAA,EACb;AAAA,EACA;AAAA,EAAA,QACAE;AACF;AChHA,MAAe,aAAA;AAAA;AAAA,EAEb;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,aAAa,CAAC,sBAAsB;AAAA,MACpC,MAAM,EAAE,YAAY,CAAC,wBAAwB,GAAG,OAAO,CAAC,MAAM,EAAE;AAAA,IAClE;AAAA,EACF;AAAA;AAAA,EAEA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,aAAa,CAAC,sBAAsB;AAAA,MACpC,MAAM,EAAE,YAAY,CAAC,wBAAwB,GAAG,OAAO,CAAC,MAAM,EAAE;AAAA,IAClE;AAAA,EACF;AAAA;AAAA,EAEA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,aAAa,CAAC,sBAAsB;AAAA,MACpC,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,+BAA+B,IAAI;AAAA,MAC1F;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,aAAa,CAAC,sBAAsB;AAAA,MACpC,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,6BAA6B,IAAI;AAAA,MACxF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,aAAa,CAAC,sBAAsB;AAAA,MACpC,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,+BAA+B,IAAI;AAAA,MAC1F;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,aAAa,CAAC,sBAAsB;AAAA,MACpC,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,6BAA6B,IAAI;AAAA,MACxF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,aAAa,CAAC,sBAAsB;AAAA,MACpC,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,+BAA+B,IAAI;AAAA,MAC1F;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,aAAa,CAAC,sBAAsB;AAAA,MACpC,UAAU;AAAA,QACR;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,QAAQ,EAAE,SAAS,CAAC,mCAAmC,EAAE;AAAA,QAC3D;AAAA,MACF;AAAA,IACF;AAAA,EACF;AACF;ACzFA,MAAM,SAAS;AAAA,EACb,OAAO;AAAA,IACL,MAAM;AAAA,IACN,QAAQ;AAAA,MACN,GAAGe;AAAAA,MACH,GAAGC;AAAAA,MACH,GAAG;AAAA,MACH,GAAG;AAAA,MACH,GAAGC;AAAAA,MACH,GAAGC;AAAAA,MACH,GAAG;AAAA,MACH,GAAGC;AAAAA,MACH,GAAGC;AAAAA,IACL;AAAA,EACF;AACF;AClBA,MAAM,EAAEC,kBAAAA,mBAAqB,IAAA7B;AAO7B,MAAM,eAAe,CAAC8B,cAAqBC,gBAAAA,QAAO,KAAKD,WAAU,EAAE;AAQnE,MAAM,mBAAmB,CAACA,WAAkBE,UAAiBD,gBAAO,QAAA,QAAQD,WAAUE,KAAI;AAO1F,MAAM,mBAAmB,OAAO,EAAE,OAAAC,QAAO,UAAAH,gBAAoD;AAC3F,QAAMlD,QAAkB,MAAM,OAAO,GAAG,MAAM,aAAa,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAAqD,OAAA,EAAS,CAAA;AAEzF,MAAI,CAACrD,SAAQ,CAACA,MAAK,UAAU;AAC3B,WAAO,CAAC,MAAM,OAAO,EAAE,SAAS,sBAAuB,CAAA;AAAA,EACzD;AAEA,QAAM,UAAU,MAAM,iBAAiBkD,WAAUlD,MAAK,QAAQ;AAE9D,MAAI,CAAC,SAAS;AACZ,WAAO,CAAC,MAAM,OAAO,EAAE,SAAS,sBAAuB,CAAA;AAAA,EACzD;AAEI,MAAA,EAAEA,MAAK,aAAa,OAAO;AAC7B,WAAO,CAAC,MAAM,OAAO,EAAE,SAAS,kBAAmB,CAAA;AAAA,EACrD;AAEO,SAAA,CAAC,MAAMA,KAAI;AACpB;AAMA,MAAM,iBAAiB,OAAO,EAAE,OAAAqD,OAAM,IAAI,OAA4B;AACpE,QAAMrD,QAAkB,MAAM,OAAO,GAClC,MAAM,aAAa,EACnB,QAAQ,EAAE,OAAO,EAAE,OAAAqD,QAAO,UAAU,KAAA,EAAQ,CAAA;AAC/C,MAAI,CAACrD,OAAM;AACT;AAAA,EACF;AAEA,QAAM,qBAAqB,WAAW,OAAO,EAAE,YAAY;AACrD,QAAA,WAAW,MAAM,EAAE,WAAWA,MAAK,IAAI,EAAE,oBAAoB;AAG7D,QAAA,MAAM,GAAG,OAAO,OAAO;AAAA,IAC3B;AAAA,EAAA,CACD,6BAA6B,kBAAkB;AAEhD,SAAO,OACJ,OAAO,OAAO,EACd,QAAQ,OAAO,EACf;AAAA,IACC;AAAA,MACE,IAAIA,MAAK;AAAA,MACT,MAAM,OAAO,OAAO,IAAI,2BAA2B;AAAA,MACnD,SAAS,OAAO,OAAO,IAAI,8BAA8B;AAAA,IAC3D;AAAA,IACA,OAAO,OAAO,IAAI,oCAAoC;AAAA,IACtD;AAAA,MACE;AAAA,MACA,MAAMmC,aAAAA,QAAE,KAAKnC,OAAM,CAAC,SAAS,aAAa,YAAY,UAAU,CAAC;AAAA,IACnE;AAAA,EAAA,EAED,MAAM,CAAC,QAAiB;AAEhB,WAAA,IAAI,MAAM,GAAG;AAAA,EAAA,CACrB;AACL;AAOA,MAAM,gBAAgB,OACpB,EAAE,oBAAoB,UAAAkD,UAAS,IAAI,CAAA,MAChC;AACH,QAAM,eAAsC,MAAM,OAAO,GACtD,MAAM,aAAa,EACnB,QAAQ,EAAE,OAAO,EAAE,oBAAoB,UAAU,KAAA,EAAQ,CAAA;AAE5D,MAAI,CAAC,cAAc;AACjB,UAAM,IAAID,mBAAiB;AAAA,EAC7B;AAEA,SAAO,WAAW,MAAM,EAAE,WAAW,aAAa,IAAI;AAAA,IACpD,UAAAC;AAAA,IACA,oBAAoB;AAAA,EAAA,CACrB;AACH;AAEA,MAAe,OAAA,EAAE,kBAAkB,kBAAkB,cAAc,gBAAgB,cAAc;ACxGjG,MAAM,EAAEI,kBAAAA,mBAAqB,IAAArC;AAMtB,SAAS,WAAW,YAA+C;AACjE,SAAA;AAAA,IACL,OAAO,CAAC;AAAA,IACR,UAAU;AAAA,IACV,UAAU;AAAA,IACV,GAAG;AAAA,EAAA;AAEP;AAEa,MAAAsC,sBAAoB,CAACvD,UAAoB;AAC7C,SAAAA,MAAK,MAAM,OAAO,CAACwD,UAAoBA,MAAK,SAASF,kBAAgB,EAAE,SAAS;AACzF;AAEO,MAAM,4BAA4B,CAAC,MAAM,aAAa,YAAY,UAAU;ACWnF,MAAM,6BAA6B,OAAwB;AAAA,EACzD,SAAS;AAAA,IACP,mBAAmB;AAAA,EACrB;AACF;AAKA,MAAM,eAAe;AAAA,EACnB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF;AAKA,MAAM,2BAA2BG,GAAAA,KAAK,YAAY;AAWlD,MAAM,kBAAkB,CAAC,eAA4C;AAC7D,QAAA,EAAE,YAAY,IAAQ,IAAA;AAE5B,MAAI,CAAC,YAAY;AACf,WAAO,QAAQ,GAAG;AAAA,EACpB;AAEA,MAAI,eAAe,SAAS;AAC1B,WAAO,UAAU,GAAG;AAAA,EACtB;AAEO,SAAA,WAAW,UAAU,IAAI,GAAG;AACrC;AAKA,MAAM,iBAAiB,CAAC,UACtBC,OAAI,YAAY,gBAAgB,KAAK,GAAG,KAAK;AAO/C,MAAM,0BAA0B,CAAC/B,YAA2B;AAC1D,QAAM,wBAAwB,CAAC,YAAY,SAAS,EAAE,SAASA,QAAO,OAAO;AAEtE,SAAA,wBACH+B,GAAAA,IAAI,eAAe/B,QAAO,eAAe,WAAWA,OAAM,IAC1DgC,GAAAA,KAAK,eAAehC,OAAM;AAChC;AAKA,MAAM,oBAAoBiC,GAAA,MAAM,CAAC,UAAkBjC,YAA4B;AACtE,SAAAkC,GAAA,KAAKC,QAAK,2BAA2B,GAAGC,YAAS,QAAQ,CAAC,EAAEpC,OAAM;AAC3E,CAAC;AAKD,MAAM,mBAAmBiC,GAAA,MAAM,CAACnB,UAAiBd,YAA4B;AAC3E,SAAOqC,WAAQrC,QAAO,QAAQ,KAAKoC,GAAS,SAAAtB,UAASd,QAAO,QAAQ;AACtE,CAAC;AAKD,MAAMsC,WAAmDJ,GAAA;AAAA;AAAA;AAAA,EAGvD;AAAA;AAAA,EAEA;AAAA;AAAA,EAEA;AAAA;AAAA,EAEA3D,GAAA,MAAM,4BAA4B;AACpC;AAEA,MAAe,eAAA;AAAA,EACb;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAAA,QACA+D;AAAAA,EACA;AAAA,EACA;AAAA,EACA;AACF;AC9IA,MAAM,gCAAgC,CAAC,WAAoB;AACrD,MAAA9B,aAAA,QAAE,MAAM,MAAM,GAAG;AAEZ,WAAA;AAAA,EACT;AACA,MAAI,CAAC,MAAM,QAAQ,MAAM,GAAG;AACnB,WAAA;AAAA,EACT;AAEA,MAAI,SAAS;AACb,WAAS,SAAS,GAAG,SAAS,OAAO,QAAQ,UAAU,GAAG;AACxD,aAAS,OACN,MAAM,SAAS,CAAC,EAChB;AAAA,MACC,CAAC,WACC,OAAO,WAAW,GAAG,OAAO,MAAM,CAAC,GAAG,KAAK,OAAO,MAAM,EAAE,WAAW,GAAG,MAAM,GAAG;AAAA,IAAA;AAEnF,QAAA;AAAQ;AAAA,EACd;AAEA,SAAO,CAAC;AACV;ACrBA,MAAM,gCAAgC,CAAC,WAAoB;AACrD,MAAAA,aAAA,QAAE,MAAM,MAAM,GAAG;AAEZ,WAAA;AAAA,EACT;AACA,MAAI,CAAC,MAAM,QAAQ,MAAM,GAAG;AACnB,WAAA;AAAA,EACT;AAEA,SAAOA,aAAAA,QAAE,KAAK,MAAM,EAAE,WAAW,OAAO;AAC1C;ACFA,MAAM,wBAAwB,CAAC,aAAqB;AAClD,SAAO,WAAW,YAAY,EAAE,eAAe,IAAI,QAAQ;AAC7D;AAEO,MAAM,QAAQD,QAAI,IAAA,OAAA,EAAS,QAAQ,UAAU;AAE7C,MAAM,YAAYA,QAAI,IAAA,SAAS,KAAK,EAAE,IAAI,CAAC;AAErC,MAAA,WAAWA,QAAAA,IAAI;AAErB,MAAM,WAAWA,QAAAA,IAAI,OAAO,EAAE,IAAI,CAAC;AAEnC,MAAM,WAAWA,QACrB,IAAA,OACA,EAAA,IAAI,CAAC,EACL,QAAQ,SAAS,uDAAuD,EACxE,QAAQ,SAAS,uDAAuD,EACxE,QAAQ,MAAM,0CAA0C;AAE9C,MAAA,QAAQA,QAAAA,IAAI,MAAMA,QAAA,IAAI,UAAU,EAAE,IAAI,CAAC;AAEpD,MAAM,gBAAgBA,YACnB,OAAO,EACP,KAAK,oBAAoB,wBAAwB,SAAU,OAAO;AAC1D,SAAA,CAAC,QAAW,SAAS,GAAG,OAAO,KAAK,OAAO,OAAO,CAAC,EAAE,SAAS,KAAK,IACtE,OACA,KAAK,YAAY,EAAE,MAAM,KAAK,MAAM,SAAS,GAAG,KAAK,IAAI,6BAA8B,CAAA;AAC7F,CAAC;AAEI,MAAM,wBAAwBA,QAAA,IAClC,MAAM,EACN,GAAGA,QAAA,IAAI,OAAQ,CAAA,EACf,KAAK,6BAA6B,wBAAwB,SAAU,OAAO;AAC1E,QAAM,MAAM,OAAO,QAAQ,mBAAmB,EAAE,kBAAkB;AAC3D,SAAAC,aAAA,QAAE,YAAY,KAAK,KAAKA,aAAAA,QAAE,WAAW,OAAO,GAAG,EAAE,WAAW,IAC/D,OACA,KAAK,YAAY,EAAE,MAAM,KAAK,MAAM,SAAS,wCAAwC;AAC3F,CAAC;AAEU,MAAA,uBAAuB,CAAC,GAAQ,MAC3C,EAAE,WAAW,EAAE,WAAW,EAAE,YAAY,EAAE,WAAYA,aAAA,QAAE,MAAM,EAAE,OAAO,KAAKA,aAAE,QAAA,MAAM,EAAE,OAAO;AAE/F,MAAM,+BAA+B,CAACK,iBACpC,CAAC,MAAM,QAAQA,YAAW,KAC1BA,aAAY;AAAA,EAAM,CAAC,OAAO,MACxBA,aAAY,MAAM,IAAI,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC,qBAAqB,OAAO,KAAK,CAAC;AAC/E;AAEF,MAAM,iBAAiB,CAACb,YACtB,SAAU,QAA6B;AAEjC,MAAAJ,GAAAA,MAAMI,OAAM,GAAG;AACV,WAAA;AAAA,EACT;AAEA,SAAO,aAAa,kBAAkB,UAAUA,OAAM,KAAKJ,GAAAA,MAAM,MAAM;AACzE;AAEF,MAAM,2BAA2B,CAACI,YAChCO,QAAA,IACG,MAAM,EACN,GAAGA,QAAAA,IAAI,OAAO,CAAC,EACf,SACA,EAAA;AAAA,EACC;AAAA,EACA;AAAA,EACA;AACF,EACC;AAAA,EACC;AAAA,EACA;AAAA,EACA;AACF,EACC;AAAA,EACC;AAAA,EACA;AAAA;AAAA,EAEA,eAAeP,OAAM;AACvB;AAEG,MAAMuC,eAAahC,QAAA,IACvB,OAAO,EACP,MAAM;AAAA,EACL,QAAQA,QAAAA,IACL,OAAA,EACA,SAAA,EACA,KAAK,mBAAmB,+CAA+C,SAAU,UAAU;AAEtF,QAAAX,GAAAA,MAAM,QAAQ,GAAG;AACZ,aAAA;AAAA,IACT;AAEO,WAAA,CAAC,CAAC,sBAAsB,QAAQ;AAAA,EAAA,CACxC;AAAA,EACH,kBAAkBW,QAAA,IAAI,OAAO,EAAE,SAAS;AAAA,EACxC,SAASA,QAAAA,IACN,OAAA,EACA,SAAA,EACA,KAAK,oBAAoB,6BAA6B,SAAUO,UAAS;AAExE,UAAMd,UAAS,sBAAsB,KAAK,QAAQ,OAAO,MAAM;AAE/D,QAAI,CAACA,SAAQ;AACJ,aAAA;AAAA,IACT;AAEI,QAAAJ,GAAA,MAAMI,QAAO,QAAQ,GAAG;AAC1B,aAAOJ,GAAAA,MAAMkB,QAAO;AAAA,IACtB;AAEI,QAAAuB,GAAA,QAAQrC,QAAO,QAAQ,GAAG;AACrB,aAAAA,QAAO,SAAS,SAASc,QAAO;AAAA,IACzC;AAEO,WAAA;AAAA,EAAA,CACR;AAAA,EACH,YAAYP,YACT,OAAO,EACP,KAAK,wBAAwB,mCAAmC,SAAU,YAAY;AAErF,UAAMP,UAAS,sBAAsB,KAAK,QAAQ,OAAO,MAAM;AAC/D,UAAM,kBAAkBwC,GAAAA,QAAQ,UAAU,KAAK5C,SAAM,UAAU;AAE/D,QAAI,CAAC6C,GAAA,IAAI,6BAA6BzC,OAAM,GAAG;AACtC,aAAA;AAAA,IACT;AAEA,QAAI,iBAAiB;AACZ,aAAA;AAAA,IACT;AAEM,UAAA,EAAE,kBAAkB,IAAIA,QAAO;AAEjC,QAAA,CAACqC,GAAAA,QAAQ,iBAAiB,GAAG;AACxB,aAAA;AAAA,IACT;AAEO,WAAA,OAAO,KAAK,UAAU,EAAE,MAAM,CAAC,aAAa,kBAAkB,SAAS,QAAQ,CAAC;AAAA,EACxF,CAAA,EACA;AAAA,IACC;AAAA,IACA;AAAA,IACA,eAAgB,aAAa,CAAA,GAAI;AAE/B,YAAMrC,UAAS,sBAAsB,KAAK,QAAQ,OAAO,MAAM;AAE3D,UAAA,CAACA,WAAU,CAAC,YAAY;AACnB,eAAA;AAAA,MACT;AAEA,UAAI,CAAC,aAAa,kBAAkB,UAAUA,OAAM,GAAG;AAC9C,eAAA;AAAA,MACT;AAEI,UAAA;AACF,cAAM,yBAAyBA,OAAM,EAAE,SAAS,WAAW,QAAQ;AAAA,UACjE,QAAQ;AAAA,UACR,YAAY;AAAA,QAAA,CACb;AACM,eAAA;AAAA,eACA,GAAQ;AAEf,cAAM,KAAK,YAAY;AAAA,UACrB,SAAS,EAAE;AAAA,UACX,MAAM,GAAG,KAAK,IAAI;AAAA,QAAA,CACnB;AAAA,MACH;AAAA,IACF;AAAA,EACF;AAAA,EACF,YAAYO,QAAI,IAAA,MAAA,EAAQ,GAAGA,QAAAA,IAAI,QAAQ;AACzC,CAAC,EACA,UAAU;AAEN,MAAM,oBAAoBA,QAAA,IAC9B,OAAO,EACP,MAAM;AAAA,EACL,aAAaA,YACV,MAAM,EACN,WACA,GAAGgC,YAAU,EACb;AAAA,IACC;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACJ,CAAC,EACA,WACA;AAEH,MAAe,aAAA;AAAA,EACb;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAAA,YACAA;AAAAA,EACA;AACF;AC/LA,MAAM,EAAEZ,kBAAAA,mBAAqB,IAAArC;AAE7B,MAAM,EAAEoD,iBAAAA,kBAAoB,IAAAjD;AAC5B,MAAM,oBAAoB,CAACoC,UACzBrB,aAAE,QAAA,KAAKqB,OAAM,CAAC,MAAM,QAAQ,eAAe,MAAM,CAAC;AAMpD,MAAM,eAAe,CAACxD,UAAwC;AACrD,SAAA;AAAA,IACL,GAAGmC,qBAAE,KAAKnC,OAAM,CAAC,YAAY,sBAAsB,qBAAqB,OAAO,CAAC;AAAA,IAChF,OAAOA,MAAK,SAASA,MAAK,MAAM,IAAI,iBAAiB;AAAA,EAAA;AAEzD;AAMA,MAAMiE,WAAS,OAEb,eACuB;AACvB,QAAM,WAAW;AAAA,IACf,mBAAmB,WAAW,OAAO,EAAE,YAAY;AAAA,IACnD,GAAG;AAAA,EAAA;AAGL,MAAI9B,qBAAE,IAAI,YAAY,UAAU,GAAG;AACjC,aAAS,WAAW,MAAM,WAAW,MAAM,EAAE,aAAa,WAAW,QAAS;AAAA,EAChF;AAEM,QAAAnC,QAAO,WAAW,QAAQ;AAEhC,QAAM,cAAc,MAAM,OAAO,GAC9B,MAAM,aAAa,EACnB,OAAO,EAAE,MAAMA,OAAM,UAAU,CAAC,OAAO,EAAG,CAAA;AAElC,aAAA,SAAS,EAAE;AAEf,SAAA,SAAS,KAAK,eAAe,EAAE,MAAM,aAAa,WAAW,GAAG;AAEhE,SAAA;AACT;AAOA,MAAM,aAAa,OACjB,IACA,eACuB;AAEvB,MAAImC,qBAAE,IAAI,YAAY,OAAO,GAAG;AACxB,UAAA,gBAAgB,MAAM,qBAAqB,EAAE;AACnD,UAAM,iBAAiB,MAAM,WAAW,MAAM,EAAE,4BAA4B;AAC5E,UAAM,2BAA2B,CAACmC,QAAAA,OAAO,eAAe,WAAW,OAAQ,eAAe,EAAE;AAE5F,QAAI,iBAAiB,0BAA0B;AACvC,YAAA,IAAID,kBAAgB,wDAAwD;AAAA,IACpF;AAAA,EACF;AAGI,MAAA,WAAW,aAAa,OAAO;AAC3B,UAAA,gBAAgB,MAAM,qBAAqB,EAAE;AACnD,QAAI,eAAe;AACX,YAAA,IAAIA,kBAAgB,wDAAwD;AAAA,IACpF;AAAA,EACF;AAGA,MAAIlC,qBAAE,IAAI,YAAY,UAAU,GAAG;AACjC,UAAM,iBAAiB,MAAM,WAAW,MAAM,EAAE,aAAa,WAAW,QAAS;AAEjF,UAAMoC,eAAc,MAAM,OAAO,GAAG,MAAM,aAAa,EAAE,OAAO;AAAA,MAC9D,OAAO,EAAE,GAAG;AAAA,MACZ,MAAM;AAAA,QACJ,GAAG;AAAA,QACH,UAAU;AAAA,MACZ;AAAA,MACA,UAAU,CAAC,OAAO;AAAA,IAAA,CACnB;AAEM,WAAA,SAAS,KAAK,eAAe,EAAE,MAAM,aAAaA,YAAW,GAAG;AAEhEA,WAAAA;AAAAA,EACT;AAEA,QAAM,cAAc,MAAM,OAAO,GAAG,MAAM,aAAa,EAAE,OAAO;AAAA,IAC9D,OAAO,EAAE,GAAG;AAAA,IACZ,MAAM;AAAA,IACN,UAAU,CAAC,OAAO;AAAA,EAAA,CACnB;AAED,MAAI,aAAa;AACR,WAAA,SAAS,KAAK,eAAe,EAAE,MAAM,aAAa,WAAW,GAAG;AAAA,EACzE;AAEO,SAAA;AACT;AAOA,MAAM,uBAAuB,OAAOlB,QAAeH,eAAqB;AACtE,QAAMlD,QAAO,MAAM,OAAO,GACvB,MAAM,aAAa,EACnB,QAAQ,EAAE,OAAO,EAAE,OAAAqD,OAAM,GAAG,UAAU,CAAC,OAAO,GAAG;AAEpD,MAAI,CAACrD,OAAM;AACT,UAAM,IAAI,MAAM,6BAA6BqD,MAAK,EAAE;AAAA,EACtD;AAEI,MAAA;AACI,UAAAmB,SAAkB,SAAStB,UAAQ;AAAA,WAClC,OAAO;AACd,UAAM,IAAImB;AAAAA,MACR;AAAA,IAAA;AAAA,EAEJ;AAEA,QAAM,WAAWrE,MAAK,IAAI,EAAEkD,UAAAA,WAAU,CAAA;AACxC;AAMA,MAAM,uBAAuB,OAAO,WAAsC;AAClE,QAAAlD,QAAQ,MAAMyE,UAAQ,MAAM;AAClC,MAAI,CAACzE;AAAa,WAAA;AAElB,QAAM,iBAAiB,MAAM,WAAW,MAAM,EAAE,4BAA4B;AAE5E,SAAO,eAAe,eAAe,KAAKuD,oBAAkBvD,KAAI;AAClE;AAMA,MAAM0E,WAAS,OAAO,aAAa,OAAoC;AAC7D,SAAA,MAAM,OAAO,GAAG,MAAM,aAAa,EAAE,MAAM,EAAE,OAAO,WAAY,CAAA,IAAK;AAC/E;AAOA,MAAM,uBAAuB,OAC3B,sBAC6E;AAC7E,QAAM1E,QAAO,MAAM,OAAO,GAAG,MAAM,aAAa,EAAE,QAAQ,EAAE,OAAO,EAAE,kBAAA,EAAqB,CAAA;AAE1F,MAAI,CAACA,OAAM;AACF,WAAA;AAAA,EACT;AAEA,SAAOmC,aAAAA,QAAE,KAAKnC,OAAM,CAAC,SAAS,aAAa,UAAU,CAAC;AACxD;AAQA,MAAM,WAAW,OAAO;AAAA,EACtB;AAAA,EACA;AACF,MAGM;AACJ,QAAM,eAAe,MAAM,OAAO,GAC/B,MAAM,aAAa,EACnB,QAAQ,EAAE,OAAO,EAAE,kBAAA,EAAqB,CAAA;AAE3C,MAAI,CAAC,cAAc;AACX,UAAA,IAAIqE,kBAAgB,2BAA2B;AAAA,EACvD;AAEA,SAAO,WAAW,MAAM,EAAE,WAAW,aAAa,IAAI;AAAA,IACpD,UAAU,SAAS;AAAA,IACnB,WAAW,SAAS;AAAA,IACpB,UAAU,SAAS;AAAA,IACnB,mBAAmB;AAAA,IACnB,UAAU;AAAA,EAAA,CACX;AACH;AAKA,MAAMI,YAAU,OAAO,IAAa,WAAW,CAAC,OAAO,MAAM;AAC3D,SAAO,OAAO,GAAG,MAAM,aAAa,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,SAAU,CAAA;AAC3E;AAQA,MAAM,iBAAiB,OAAOpB,QAAe,WAAW,OAAO;AAC7D,SAAO,OAAO,GAAG,MAAM,aAAa,EAAE,QAAQ;AAAA,IAC5C,OAAO,EAAE,OAAO,EAAE,MAAMA,SAAQ;AAAA,IAChC;AAAA,EAAA,CACD;AACH;AAKA,MAAM,WAAW,OAAO,SAAS,OAAyB;AACxD,QAAM,QAAQ,OACX,IAAI,cAAc,EAClB,UAAU,eAAesB,GAAAA,SAAS,EAAE,UAAU,CAAC,OAAO,EAAE,GAAG,MAAM,CAAC;AAErE,SAAO,OAAO,GAAG,MAAM,aAAa,EAAE,SAAS,KAAK;AACtD;AAKA,MAAM,aAAa,OAAO,OAA2C;AAEnE,QAAM,eAAiC,MAAM,OAAO,GAAG,MAAM,aAAa,EAAE,QAAQ;AAAA,IAClF,OAAO,EAAE,GAAG;AAAA,IACZ,UAAU,CAAC,OAAO;AAAA,EAAA,CACnB;AAED,MAAI,CAAC,cAAc;AACV,WAAA;AAAA,EACT;AAEA,MAAI,cAAc;AACZ,QAAA,aAAa,MAAM,KAAK,CAAC,MAAM,EAAE,SAASrB,kBAAgB,GAAG;AAC/D,YAAM,iBAAiB,MAAM,WAAW,MAAM,EAAE,4BAA4B;AACxE,UAAA,eAAe,eAAe,GAAG;AAC7B,cAAA,IAAIe,kBAAgB,wDAAwD;AAAA,MACpF;AAAA,IACF;AAAA,EACF;AAEA,QAAM,cAAc,MAAM,OAAO,GAC9B,MAAM,aAAa,EACnB,OAAO,EAAE,OAAO,EAAE,GAAG,GAAG,UAAU,CAAC,OAAO,GAAG;AAEzC,SAAA,SAAS,KAAK,eAAe,EAAE,MAAM,aAAa,WAAW,GAAG;AAEhE,SAAA;AACT;AAKA,MAAMO,gBAAc,OAAO,QAAmD;AAE5E,QAAM,iBAAiB,MAAM,WAAW,MAAM,EAAE,4BAA4B;AAC5E,QAAM,yBAAyB,MAAM,OAAO,GAAG,MAAM,aAAa,EAAE,MAAM;AAAA,IACxE,OAAO;AAAA,MACL,IAAI;AAAA,MACJ,OAAO,EAAE,IAAI,eAAe,GAAG;AAAA,IACjC;AAAA,EAAA,CACD;AAEG,MAAA,eAAe,eAAe,wBAAwB;AAClD,UAAA,IAAIP,kBAAgB,wDAAwD;AAAA,EACpF;AAEA,QAAM,eAAe,CAAA;AACrB,aAAW,MAAM,KAAK;AACpB,UAAM,cAAc,MAAM,OAAO,GAAG,MAAM,aAAa,EAAE,OAAO;AAAA,MAC9D,OAAO,EAAE,GAAG;AAAA,MACZ,UAAU,CAAC,OAAO;AAAA,IAAA,CACnB;AAED,iBAAa,KAAK,WAAW;AAAA,EAC/B;AAEO,SAAA,SAAS,KAAK,eAAe;AAAA,IAClC,OAAO,aAAa,IAAI,CAAC,gBAAgB,aAAa,WAAW,CAAC;AAAA,EAAA,CACnE;AAEM,SAAA;AACT;AAIA,MAAM,wBAAwB,YAA6B;AACzD,SAAO,OAAO,GAAG,MAAM,aAAa,EAAE,MAAM;AAAA,IAC1C,OAAO;AAAA,MACL,OAAO;AAAA,QACL,IAAI,EAAE,OAAO,KAAK;AAAA,MACpB;AAAA,IACF;AAAA,EAAA,CACD;AACH;AAMA,MAAMQ,UAAQ,OAAO,QAAQ,OAAwB;AAC5C,SAAA,OAAO,GAAG,MAAM,aAAa,EAAE,MAAM,EAAE,OAAO;AACvD;AAKA,MAAM,mBAAmB,OAAO,WAAmC;AACjE,QAAMC,SAAQ,MAAM,OAAO,GAAG,MAAM,aAAa,EAAE,SAAS;AAAA,IAC1D,QAAQ,CAAC,IAAI;AAAA,IACb,OAAO;AAAA,MACL,OAAO,EAAE,IAAI,EAAE,OAAO,OAAO;AAAA,IAC/B;AAAA,EAAA,CACD;AAED,QAAM,QAAQ;AAAA,IACZA,OAAM,IAAI,CAAC9E,UAAS;AAClB,aAAO,OAAO,GAAG,MAAM,aAAa,EAAE,OAAO;AAAA,QAC3C,OAAO,EAAE,IAAIA,MAAK,GAAG;AAAA,QACrB,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE;AAAA,MAAA,CACzB;AAAA,IAAA,CACF;AAAA,EAAA;AAEL;AAIA,MAAM,oCAAoC,YAA2B;AAC7D6E,QAAAA,SAAQ,MAAM;AAEpB,MAAIA,SAAQ,GAAG;AACb,WAAO,IAAI,KAAK,eAAeA,MAAK,wBAAwB;AAAA,EAC9D;AACF;AAIA,MAAM,oBAAoB,YAA+B;AACvD,QAAMC,SAAQ,MAAM,OAAO,GAAG,MAAM,aAAa,EAAE,SAAS,EAAE,QAAQ,CAAC,kBAAkB,EAAG,CAAA;AAE5F,SAAOA,OAAM,IAAI,CAAC9E,UAASA,MAAK,oBAAoB,IAAI;AAC1D;AAEA,MAAe,SAAA;AAAA,EAAA,QACbiE;AAAAA,EACA;AAAA,EAAA,QACAS;AAAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAAA,SACAD;AAAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAAA,aACAG;AAAAA,EACA;AAAA,EAAA,OACAC;AAAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF;AC7WO,MAAM,mBAAmB;AAAA,EAC9B;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF;AACO,MAAM,4BAA4B;AAAA,EACvC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF;AAEa,MAAA,2BACXpB,GAAAA,KAAK,yBAAyB;AAKhC,MAAM,uBAAuB,OAAO;AAAA,EAClC,kBAAkB,CAAC;AAAA,EACnB,YAAY,CAAC;AAAA,EACb,YAAY,CAAC;AAAA,EACb,SAAS;AACX;AAQO,MAAM,eAAeG,GAAA,MAAM,CAACmB,YAAmBb,gBAAuC;AACrF,QAAA,EAAE,YAAAc,YAAe,IAAAd;AACvB,QAAM,gBAAgB,MAAM,QAAQc,WAAU,IAC1C3E,GAAAA,KAAK2E,YAAW,OAAOD,UAAS,CAAC,IACjC,CAACA,UAAS;AAEP,SAAArB,OAAI,cAAc,eAAeQ,WAAU;AACpD,CAAC;AAOM,MAAM,kBAAkBN,GAAA,MAAM,CAACmB,YAAmBb,gBAAuC;AACvF,SAAAR,GAAA,IAAI,cAAcuB,GAAAA,OAAOC,GAAA,GAAGH,UAAS,GAAGb,YAAW,UAAU,GAAGA,WAAU;AACnF,CAAC;AAOM,MAAM,cAAcN,GAAA;AAAA,EACzB,CAAC,UAAkBM,gBACjBiB,OAAI,cAAc,QAAQ,IAAIjB,WAAU;AAC5C;AAQO,MAAM,cAAc,CACzB,UACA,OACAA,gBACe;AACf,SAAOR,GAAAA,IAAI,cAAc,QAAQ,IAAI,OAAOQ,WAAU;AACxD;AAOa,MAAA,iBAAiB,CAC5B,UACAA,gBACGP,QAAK,cAAc,QAAQ,IAAIO,WAAU;AAMjC,MAAAD,WAAS,CAAC,eAAwC;AACtD,SAAAJ,GAAA,KAAKJ,QAAK,gBAAgB,GAAGvD,SAAM,qBAAsB,CAAA,CAAC,EAAE,UAAU;AAC/E;AAOO,MAAM,qBAAqB0D,GAAA;AAAA,EAChC,CAAC,UAAoBM,gBAAuC;AAC1D,QAAI,CAACF,GAAA,QAAQE,YAAW,UAAU,GAAG;AAC5B,aAAAA;AAAA,IACT;AAEO,WAAAA,YAAW,WACf,OAAO,CAACa,eAAsB,CAAC,SAAS,IAAIA,UAAS,CAAC,EACtD;AAAA,MACC,CAAC,MAAkBA,eAAsB,gBAAgBA,YAAW,IAAI;AAAA,MACxEb;AAAA,IAAA;AAAA,EAEN;AACF;AASA,SAAS,aACP,SAC2B;AACvB,MAAAF,GAAAA,QAAQ,OAAO,GAAG;AACpB,WAAO5D,GAAAA,IAAI,CAAC,UAAU6D,SAAO,KAAK,GAAG,OAAO;AAAA,EAC9C;AAEA,SAAOA,SAAO,OAAO;AACvB;AAIA,MAAe,mBAAA;AAAA,EACb;AAAA,EACA;AAAA,EAAA,QACAA;AAAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF;AC3KA,MAAM,yBAAyB/B,QAAA,IAAI,OAAO,EAAE,MAAM;AAAA,EAChD,aAAaA,QAAAA,IAAI,MAAA,EAAQ;AAAA,IACvBA,YACG,OAAO,EACP,MAAM;AAAA,MACL,QAAQA,QAAA,IAAI,OAAO,EAAE,SAAS;AAAA,MAC9B,SAASA,QAAA,IAAI,OAAO,EAAE,SAAS;AAAA,MAC/B,OAAOA,YAAI,OAAO;AAAA,IACnB,CAAA,EACA,UAAU;AAAA,EACf;AACF,CAAC;AAED,MAAM,wBAAwB,SAAUM,cAAkB;AACxD,QAAM,kBAAkB,WAAW,YAAY,EAAE,eAAe,OAAO;AACvE,QAAM,YAAYA,aAAY;AAAA,IAC5B,CAAC0B,gBACC,CAAC,gBAAgB;AAAA,MACf,CAACvC,YACCA,QAAO,aAAauC,YAAW,WAC9BvC,QAAO,YAAY,kBAAkBA,QAAO,SAAS,SAASuC,YAAW,OAAO;AAAA,IACrF;AAAA,EAAA;AAGJ,SAAO,cAAc,KACjB;AAAA;AAAA,IAEA,KAAK,YAAY;AAAA,MACf,MAAM;AAAA,MACN,SAAS,IAAI,SAAS;AAAA,IAAA,CACvB;AAAA;AACP;AAEA,MAAM,qBAAqBhC,QAAAA,IACxB,MAAA,EACA;AAAA,EACCA,YAAI,OAAO,EAAE,MAAM;AAAA,IACjB,YAAYA,QAAI,IAAA,MAAA,EAAQ,GAAGA,QAAAA,IAAI,QAAQ;AAAA,EAAA,CACxC;AACH,EACC,KAAK,iBAAiB,IAAI,qBAAqB;AAErC,MAAA,2BAA2BE,QAAAA,kBAAkB,kBAAkB;AAC/D,MAAA,gCAAgCA,QAAAA,kBAAkB,sBAAsB;AACxE,MAAA,kCAAkCA,QAAAA,kBAAkB,WAAW,iBAAiB;AChC7F,MAAM,oBAAEkB,oBAAkB,qBAAyB,IAAA8B;AAEnD,MAAM,EAAE,+BAAmC,IAAAC;AAC3C,MAAM,EAAEpC,kBAAAA,mBAAqB,IAAA7B;AAE7B,MAAM,QAAQ;AAAA,EACZ,gCAAgC,+BAA+B;AACjE;AAEA,MAAM,UAAU;AAAA,EACd,SAAS;AACX;AAGA,MAAM,eAA+EuC,GAAAA,KAAK;AAAA,EACxF;AAAA,EACA;AACF,CAAU;AAIV,MAAM,oBAAoB,CAAC,cAAc,cAAc,WAAW,UAAU,kBAAkB;AAC9F,MAAM,uBAAuBF,GAAAA,KAAK,iBAAiB;AAEnD,MAAM,YAAY,CAAmB,SAAe,KAAK,MAAM,KAAK,UAAU,IAAI,CAAC;AAKnF,MAAM,sBAAsB,CAAC,IAAgB,OAA4B;AACnE,MAAA,GAAG,WAAW,GAAG,QAAQ;AACpB,WAAA6B,GAAA,QAAQ,UAAU,qBAAqB,EAAE,CAAC,GAAG,UAAU,qBAAqB,EAAE,CAAC,CAAC;AAAA,EACzF;AAEO,SAAA;AACT;AAMA,MAAMrB,WAAS,OAAO,eAAuD;AAC3E,QAAM,gBAAgB,MAAMS,SAAO,EAAE,MAAM,WAAW,MAAM;AAE5D,MAAI,eAAe;AACjB,UAAM,IAAIzB;AAAAA,MACR,kDAAkD,WAAW,IAAI;AAAA,IAAA;AAAA,EAErE;AACM,QAAA,oBAAoB,GAAGd,aAAA,QAAE,UAAU,WAAW,IAAI,CAAC,IAAIoD,QAAAA,MAAM,cAAA,CAAe;AAElF,QAAM,gBAAgB;AAAA,IACpB,GAAG;AAAA,IACH,MAAM,WAAW,QAAQ;AAAA,EAAA;AAGrB,QAAA,SAAS,MAAM,OAAO,GAAG,MAAM,aAAa,EAAE,OAAO,EAAE,MAAM,cAAe,CAAA;AAC3E,SAAA,SAAS,KAAK,eAAe,EAAE,MAAM,aAAa,MAAM,GAAG;AAE3D,SAAA;AACT;AAOA,MAAM,UAAU,CAAC,SAAS,IAAI,aAA2C;AAChE,SAAA,OAAO,GAAG,MAAM,aAAa,EAAE,QAAQ,EAAE,OAAO,QAAQ,SAAA,CAAU;AAC3E;AAOA,MAAM,wBAAwB,OAC5B,SAAS,IACT,aACqC;AACrC,QAAM/B,QAAO,MAAM,OAAO,GAAG,MAAM,aAAa,EAAE,QAAQ,EAAE,OAAO,QAAQ,SAAU,CAAA;AAErF,MAAIA,OAAM;AACR,IAAAA,MAAK,aAAa,MAAM,cAAcA,MAAK,EAAE;AAAA,EAC/C;AAEO,SAAAA;AACT;AAOA,MAAM,OAAO,CAAC,SAAS,IAAI,aAA4C;AAC9D,SAAA,OAAO,GAAG,MAAM,aAAa,EAAE,SAAS,EAAE,OAAO,QAAQ,SAAA,CAAU;AAC5E;AAKA,MAAM,wBAAwB,OAAO,WAAoD;AACvF,QAAMX,SAAmC,MAAM,OAAO,GACnD,MAAM,aAAa,EACnB,SAAS,OAAO,IAAI,cAAc,EAAE,UAAU,eAAe,MAAM,CAAC;AAEvE,aAAWW,SAAQX,QAAO;AACxB,IAAAW,MAAK,aAAa,MAAM,cAAcA,MAAK,EAAE;AAAA,EAC/C;AAEO,SAAAX;AACT;AAOA,MAAM2C,WAAS,OAAO,QAAa,eAAuD;AACxF,QAAM,sBAAsBrD,aAAAA,QAAE,KAAK,YAAY,CAAC,MAAM,CAAC;AAEnD,MAAAA,aAAA,QAAE,IAAI,QAAQ,IAAI,KAAKA,aAAAA,QAAE,IAAI,qBAAqB,MAAM,GAAG;AACvD,UAAA,gBAAgB,MAAMuC,SAAO;AAAA,MACjC,MAAM,oBAAoB;AAAA,MAC1B,IAAI,EAAE,KAAK,OAAO,GAAG;AAAA,IAAA,CACtB;AACD,QAAI,eAAe;AACjB,YAAM,IAAIzB;AAAAA,QACR,kDAAkD,oBAAoB,IAAI;AAAA,MAAA;AAAA,IAE9E;AAAA,EACF;AAEA,QAAM,SAAS,MAAM,OAAO,GACzB,MAAM,aAAa,EACnB,OAAO,EAAE,OAAO,QAAQ,MAAM,oBAAqB,CAAA;AAE/C,SAAA,SAAS,KAAK,eAAe,EAAE,MAAM,aAAa,MAAM,GAAG;AAE3D,SAAA;AACT;AAMA,MAAMyB,WAAS,OAAO,SAAS,OAAoC;AAC3DG,QAAAA,SAAQ,MAAM,OAAO,GAAG,MAAM,aAAa,EAAE,MAAM,EAAE,OAAO,OAAQ,CAAA;AAC1E,SAAOA,SAAQ;AACjB;AAMA,MAAM,QAAQ,OAAO,SAAS,OAA+B;AAC3D,SAAO,OAAO,GAAG,MAAM,aAAa,EAAE,MAAM,MAAM;AACpD;AAMA,MAAM,0BAA0B,OAAO,MAAM,OAAoB;AACzD,QAAA,iBAAiB,MAAM;AAE7B,MAAI,kBAAkBP,QAAAA,OAAO,eAAe,KAAK,eAAe,EAAE,GAAG;AAC7D,UAAA,IAAIrB,mBAAiB,wCAAwC;AAAA,EACrE;AAEA,aAAW,UAAU,KAAK;AAClB,UAAA,aAAa,MAAM,cAAc,MAAM;AAC7C,QAAI,eAAe,GAAG;AACd,YAAA,IAAIA,mBAAiB,6CAA6C;AAAA,IAC1E;AAAA,EACF;AACF;AAMA,MAAM2B,gBAAc,OAAO,MAAM,OAA0C;AACzE,QAAM,wBAAwB,GAAG;AAEjC,QAAM,WAAW,YAAY,EAAE,iBAAiB,GAAG;AAEnD,QAAM,eAA4B,CAAA;AAClC,aAAW,MAAM,KAAK;AACpB,UAAM,cAAc,MAAM,OAAO,GAAG,MAAM,aAAa,EAAE,OAAO,EAAE,OAAO,EAAE,GAAA,EAAM,CAAA;AAEjF,QAAI,aAAa;AACf,aAAO,SAAS,KAAK,eAAe,EAAE,MAAM,aAAa;AACzD,mBAAa,KAAK,WAAW;AAAA,IAC/B;AAAA,EACF;AAEO,SAAA;AACT;AAIA,MAAM,gBAAgB,OAAO,WAAqC;AAChE,SAAO,OAAO,GAAG,MAAM,aAAa,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,IAAI,OAAO,EAAA,EAAK,CAAA;AAClF;AAIA,MAAM,gBAAgB,MAAsC,QAAQ,EAAE,MAAMtB,mBAAkB,CAAA;AAK9F,MAAM,8BAA8B,MAAM,sBAAsB,EAAE,MAAMA,mBAAkB,CAAA;AAI1F,MAAM,yBAAyB,YAAY;AACnC,QAAA,iBAAiB,MAAMoB;AAC7B,MAAI,gBAAgB;AAClB;AAAA,EACF;AAEA,QAAM,EAAE,gBAAA1C,gBAAA,IAAmB,WAAW,YAAY;AAE5C,QAAA,aAAaA,gBAAe;AAClC,QAAM,sBAAsB,WAAW,OAAO,CAAC,MAAM,EAAE,YAAY,cAAc;AAG3E,QAAA,iBAAiB,MAAMiC,SAAO;AAAA,IAClC,MAAM;AAAA,IACN,MAAM;AAAA,IACN,aAAa;AAAA,EAAA,CACd;AAED,QAAM,WAAW,MAAM,EAAE,iBAAiB,eAAe,EAAE;AAErD,QAAA,aAAa,MAAMA,SAAO;AAAA,IAC9B,MAAM;AAAA,IACN,MAAM;AAAA,IACN,aAAa;AAAA,EAAA,CACd;AAEK,QAAA,aAAa,MAAMA,SAAO;AAAA,IAC9B,MAAM;AAAA,IACN,MAAM;AAAA,IACN,aAAa;AAAA,EAAA,CACd;AAGK,QAAA,oBAAoB,WAAW,cAAc,EAAE;AAAA,IACnD;AAAA,IACA;AAAA,MACE,oBAAoB,CAAC,gCAAgC;AAAA,IACvD;AAAA,EAAA;AAGI,QAAA,oBAAoB,kBACvB,OAAO,CAAC,EAAE,QAAAtC,QAAkB,MAAAA,YAAW,QAAQ,OAAO,EACtD;AAAA,IAAI,CAACuC,gBACJ,iBAAiB,OAAO,EAAE,GAAGA,aAAY,YAAY,CAAC,mBAAmB,GAAG;AAAA,EAAA;AAG9D,oBAAA,KAAK,GAAG,4BAAA,CAA6B;AACvD,oBAAkB,KAAK,GAAG,4BAA4B,EAAE,UAAU,KAAM,CAAA,CAAC;AAGnE,QAAA,eAAe,WAAW,IAAI,iBAAiB;AAC/C,QAAA,eAAe,WAAW,IAAI,iBAAiB;AACvD;AAEA,MAAM,8BAA8B,CAAC,EAAE,WAAW,MAAM,IAAI,CAAA,MAAO;AACjE,QAAMc,cAAa,WAAW,CAAC,mBAAmB,IAAI,CAAA;AAG/C,SAAA;AAAA,IACL,EAAE,QAAQ,uBAAuB,YAAAA,YAAW;AAAA,IAC5C,EAAE,QAAQ,gCAAgC;AAAA,IAC1C,EAAE,QAAQ,+BAA+B;AAAA,IACzC,EAAE,QAAQ,gCAAgC,YAAAA,YAAW;AAAA,IACrD,EAAE,QAAQ,iCAAiC;AAAA,IAC3C,EAAE,QAAQ,kCAAkC;AAAA,EAAA,EAC5C,IAAI,iBAAiB,MAAM;AAC/B;AAKA,MAAM,+BAA+B,YAAY;AACzC,QAAA,iBAAiB,MAAM;AAC7B,QAAM,kBAAkB,MAAM,WAAW,MAAM,EAAE,OAAO;AAExD,MAAI,CAAC,gBAAgB;AACZ,WAAA,IAAI,KAAK,mDAAmD;AAAA,EAC1D,WAAA,mBAAmB,eAAe,eAAe,GAAG;AACtD,WAAA,IAAI,KAAK,mDAAmD;AAAA,EACrE;AACF;AAOA,MAAM,oBAAoB,OACxB,QACAxC,eAA4E,OACzE;AACH,QAAM,yBAAyBA,YAAW;AAI1C,QAAM,kBAAkB,WAAW,YAAY,EAC5C,eAAe,OAAA,EACf,OAAO,CAACb,YAAWA,QAAO,YAAY,UAAU,EAChD,IAAI,CAACA,YAAWA,QAAO,QAAQ;AAElC,QAAM,aAAa,MAAM,WAAW,MAAM,EAAE,cAAc;AACpD,QAAA,eAAe,cAAc,WAAW,OAAO;AAC/C,QAAA,aAAa+B,GAAAA,IAAI,QAAQ,MAAM;AAErC,QAAM,sBAAsBlB,aAEzB,IAAI,UAAU,EAGd,IAAI,iBAAiB,MAAM;AAE9B,QAAM,sBAAsB,MAAM,WAAW,YAAY,EAAE,SAAS;AAAA,IAClE,OAAO,EAAE,MAAM,EAAE,IAAI,SAAS;AAAA,IAC9B,UAAU,CAAC,MAAM;AAAA,EAAA,CAClB;AAED,QAAM,mBAAmBiD,GAAA;AAAA,IACvB;AAAA,IACA;AAAA,IACA;AAAA,EAAA,EACA,OAAO,CAACvB,gBAA2B,CAAC,gBAAgB,SAASA,YAAW,MAAM,CAAC;AAEjF,QAAM,sBAAsBuB,GAAA;AAAA,IAC1B;AAAA,IACA;AAAA,IACA;AAAA,EAAA,EACA,OAAO,CAACvB,gBAA2B,CAAC,gBAAgB,SAASA,YAAW,MAAM,CAAC;AAEjF,QAAM,sBAAsBwB,GAAA,aAAa,MAAM,qBAAqB,mBAAmB;AAEnF,MAAA,oBAAoB,SAAS,GAAG;AAE5B,UAAA,WAAW,YAAY,EAAE,YAAY,oBAAoB,IAAI5B,GAAA,KAAK,IAAI,CAAC,CAAC;AAAA,EAChF;AAEI,MAAA,iBAAiB,SAAS,GAAG;AAC/B,UAAM,iBAAiB,MAAM,eAAe,QAAQ,gBAAgB;AAChD,wBAAA,KAAK,GAAG,cAAc;AAAA,EAC5C;AAEA,MAAI,CAAC,iBAAiB,iBAAiB,UAAU,oBAAoB,SAAS;AACtE,UAAA,WAAW,SAAS,EAAE;EAC9B;AAEO,SAAA;AACT;AAEA,MAAM,iBAAiB,OAAO,QAAiBtB,iBAAqB;AAClE,QAAM,EAAE,mBAAAT,oBAAmB,YAAA4D,YAAW,IAAI,WAAW,YAAY;AAC3D,QAAA,EAAE,oBAAAC,oBAAuB,IAAA;AAE/B,QAAM,sBAAsBpD,aACzB,IAAIkB,GAAAA,IAAI,QAAQ,MAAM,CAAC,EAGvB,IAAIkC,oBAAmB7D,kBAAiB,CAAC,EACzC,IAAI,iBAAiB,MAAM;AAE9B,SAAO4D,YAAW,mBAAmB;AACvC;AAEA,MAAM,sBAAsB,CAAChE,YAAmBA,QAAO,YAAY;AAKnE,MAAM,6BAA6B,YAAY;AAC7C,QAAM,iBAAiB,MAAM,WAAW,MAAM,EAAE,cAAc;AAC9D,MAAI,CAAC,gBAAgB;AACnB;AAAA,EACF;AAEM,QAAA,oBAAoB,WAAW,YAAY;AAC3C,QAAA,qBAAqB,WAAW,cAAc;AAE9C,QAAA,aAAa,kBAAkB,eAAe,OAAO;AAE3D,QAAM,sBAAsB,WAAW,OAAO,CAACA,YAAW,oBAAoBA,OAAM,CAAC;AAC/E,QAAA,eAAe,WAAW,OAAO,CAACA,YAAW,CAAC,oBAAoBA,OAAM,CAAC;AAG/E,QAAMa,eAAc,mBAAmB;AAAA,IACrC;AAAA,EAAA;AAIF,QAAM,mBAAmB,aAAa,OAAO,CAAC,KAAKb,YAAW;AACtD,UAAA,EAAE,UAAU,SAAa,IAAAA;AAE3B,QAAAqC,GAAAA,QAAQ,QAAQ,GAAG;AACjB,UAAA;AAAA,QACF,GAAG,SAAS,IAAI,CAACvB,aAAY,iBAAiB,OAAO,EAAE,QAAQ,UAAU,SAAAA,SAAQ,CAAC,CAAC;AAAA,MAAA;AAAA,IACrF,OACK;AACL,UAAI,KAAK,iBAAiB,OAAO,EAAE,QAAQ,SAAU,CAAA,CAAC;AAAA,IACxD;AAEO,WAAA;AAAA,EACT,GAAG,CAAkB,CAAA;AAET,EAAAD,aAAA,KAAK,GAAG,gBAAgB;AAE9B,QAAA,yBAA0B,MAAM,MAAM,+BAA+B;AAAA,IACzEA;AAAA,EAAA;AAGI,QAAA,kBAAkB,eAAe,IAAI,sBAAsB;AACnE;AAKA,MAAM,oBAAoB,CAACxC,UAA6B;AACtD,QAAM6C,SAAQV,aAAAA,QAAE,IAAInC,OAAM,SAAS,CAAA,CAAE;AAErC,SAAO6C,OAAM,IAAIiB,GAAA,KAAK,MAAM,CAAC,EAAE,SAASR,kBAAgB;AAC1D;AAEA,MAAMrC,cAAY;AAAA,EAChB,gBAAgBqC;AAClB;AAEA,MAAe,SAAA;AAAA,EACb;AAAA,EACA;AAAA,EAAA,QACAW;AAAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAAA,QACAuB;AAAAA,EAAA,QACAd;AAAAA,EACA;AAAA,EAAA,aACAE;AAAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAAA,WACA3D;AACF;ACzdA,MAAM,sBAAsB,CAACV,SAAqB,eAAqB;AACrE,SAAO,IAAIsF,cAAA;AAAA,IACT;AAAA,MACE,eAAe;AAAA,MACf,eAAe;AAAA,MACf,SAAS;AAAA,IACX;AAAA,IACA,CAACxC,QAAeH,WAAkB,SAAc;AAC9C,aAAO,WAAW,MAAM,EACrB,iBAAiB,EAAE,OAAO4C,GAAAA,QAAQzC,MAAK,GAAG,UAAAH,UAAU,CAAA,EACpD,KAAK,OAAO,CAAC,OAAOlD,OAAM,OAAO,MAAM;AACtC,YAAI,YAAY;AACd,iBAAO,WAAW,CAAC,OAAOA,OAAM,OAAO,GAAG,IAAI;AAAA,QAChD;AAEO,eAAA,KAAK,OAAOA,OAAM,OAAO;AAAA,MAAA,CACjC,EACA,MAAM,CAAC,UAAU,KAAK,KAAK,CAAC;AAAA,IACjC;AAAA,EAAA;AAEJ;ACnBA,MAAM,mBAAmB;AAAA,EACvB,qBAAqB;AAAA,EACrB,mBAAmB;AACrB;AAEA,MAAM,sBAAsB,CAAC,CAAG,EAAA,KAAK,MAAkB+F,cAAW,KAAK;AACvE,MAAM,sBAAsB,CAAC,CAAC,GAAG,MAAW;AACnC,SAAA,OAAO,KAAK,OAAO,QAAQ,iBAAiB,EAAE,gBAAgB,EAAE,SAAS,GAAG;AACrF;AAEA,MAAM,wBAAwB,MAAM,CAAC,oBAAoB,MAAM,CAAC;AAEhE,MAAM,qBAAqB,MAAM;AAEzB,QAAA,EAAE,SAAS,CAAA,MAAO,OAAO,OAAO,IAAI,cAAc,CAAA,CAAE;AAC1D,QAAM,EAAE,kBAAAC,kBAAAA,IAAqB,OAAO,QAAQ,iBAAiB;AAEvD,QAAA,YAAY,OAAO,QAAQ,MAAM,EAAE,OAAO,mBAAmB,EAAE,OAAO,mBAAmB;AAE/F,aAAW,CAAC,WAAW,OAAO,KAAK,WAAW;AAE5C,WAAO,SAAS,GAAGA,kBAAiB,SAAS,GAAG,OAAc;AAAA,EAChE;AACF;AAEA,MAAM,OAAO,MAAM;AAEd,SAAA,QAAQ,iBAAiB,EACzB,sBAAsB,EACtB,QAAQ,CAAC,aAAuBC,kBAAA,QAAS,IAAI,QAAQ,CAAC;AAEtC;AAEnB,SAAOA,kBAAAA,QAAS;AAClB;AAEA,MAAA,WAAe,EAAE,MAAM,uBAAuB,iBAAiB;ACvC/D,MAAM,oBAAoB,YAAY;AACpC,QAAM,gBAAgB,MAAM,WAAW,MAAM,EAAE,MAAM;AACrD,QAAM,gBAAgB,MAAM,WAAW,MAAM,EAAE,MAAM;AAC9C,SAAA,UAAU,KAAK,iBAAiB;AAAA,IACrC,iBAAiB,EAAE,eAAe,cAAc;AAAA,EAAA,CACjD;AACH;AAEA,MAAM,+BAA+B,YAAY;AACxC,SAAA,UAAU,KAAK,0BAA0B;AAClD;AAEA,MAAM,iCAAiC,YAAY;AACjD,QAAM,iBAAiB,MAAM,WAAW,MAAM,EAAE,kBAAkB;AAE3D,SAAA,UAAU,KAAK,8BAA8B,EAAE,gBAAgB,EAAE,kBAAkB;AAC5F;AAEA,MAAM,+BAA+B,OAAO1F,YAAwB;AAC5D,QAAA,2BAA2B,MAAM,WAAW,MAAM,EAAE,MAAM,EAAE,UAAU,KAAA,CAAM;AAClF,QAAM,qBAAqB,MAAM,WAAW,MAAM,EAAE,MAAM;AAE1DA,UAAO,UAAU,KAAK,+BAA+B;AAAA,IACnD,iBAAiB,EAAE,0BAA0B,mBAAmB;AAAA,EAAA,CACjE;AACH;AAEA,MAAM,YAAY,CAACA,YAAwB;AACzCA,UAAO,KAAK,IAAI;AAAA,IACd,eAAe,MAAM,6BAA6BA,OAAM;AAAA,EAAA,CACzD;AACH;AAEA,MAAe,UAAA;AAAA,EACb;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF;ACrCA,MAAM,oBAAoB,EAAE,WAAW;AAgBvC,MAAM,kBAAkB,MAAM;AAC5B,QAAM,EAAE,SAAS,OAAO,IAAI,OAAO,OAAO;AAAA,IACxC;AAAA,IACA,CAAC;AAAA,EAAA;AAGI,SAAA;AAAA,IACL;AAAA,IACA,SAAS4B,aAAA,QAAE,MAAM,mBAAmB,OAAO;AAAA,EAAA;AAE/C;AAKA,MAAM,cAAc,MAAc;AAChC,SAAO+D,gBAAAA,QAAO,YAAY,EAAE,EAAE,SAAS,KAAK;AAC9C;AAMA,MAAM,iBAAiB,CAAClG,UAAkC;AACxD,QAAM,EAAE,SAAS,OAAO,IAAI,gBAAgB;AAErC,SAAAmG,aAAA,QAAI,KAAK,EAAE,IAAInG,MAAK,GAAG,GAAG,QAAQ,OAAO;AAClD;AAOA,MAAM,iBAAiB,CACrBgB,WACiF;AAC3E,QAAA,EAAE,WAAW;AAEf,MAAA;AACF,UAAM,UAAUmF,aAAA,QAAI,OAAOnF,QAAO,MAAM;AACjC,WAAA,EAAE,SAAS,SAAS;WACpB,KAAK;AACZ,WAAO,EAAE,SAAS,MAAM,SAAS,MAAM;AAAA,EACzC;AACF;AAEA,MAAM,uBAAuB,MAAM;AAC7B,MAAA,OAAO,OAAO,IAAI,uBAAuB,KAAK,CAAC,OAAO,OAAO,IAAI,mBAAmB,GAAG;AACzF,UAAM,IAAI;AAAA,MACR;AAAA;AAAA,IAAA;AAAA,EAGJ;AACF;;;;;;;;;ACxEA,MAAM,+BAA+BkB,QAAAA,IAClC,QACA,SACA,EAAA;AAAA,EACCA,YACG,OAAO,EACP,MAAM;AAAA,IACL,KAAKA,QAAAA,IACF,OAAA,EACA;AAAA,MACC;AAAA,MACA,CAAC,MAAM,GAAG,EAAE,IAAI;AAAA,MAEjB,SAAS;AAAA,IACZ,SAASA,QAAA,IAAI,OAAO,EAAE,MAAM,CAAC,gBAAgB,WAAW,YAAY,UAAU,CAAC,EAAE,SAAS;AAAA,IAC1F,YAAYA,QAAAA,IAAI,QAAQ,KAAK,WAAW;AAAA,MACtC,IAAI;AAAA,MACJ,MAAM,WAAW,cAAc,SAAS;AAAA,MACxC,WAAW,WAAW;AAAA,IAAA,CACvB;AAAA,IACD,UAAUA,QAAAA,IAAI,QAAQ,KAAK,WAAW;AAAA,MACpC,IAAI;AAAA,MACJ,MAAMA,QAAAA,IAAI,QAAQ,GAAGA,QAAAA,IAAI,OAAA,CAAQ,EAAE,SAAS;AAAA,MAC5C,WAAWA,YACR,MAAM,EACN,MAAM,CAAC,MAAS,GAAG,gEAAgE;AAAA,IAAA,CACvF;AAAA,IACD,aAAaA,QAAA,IAAI,OAAO,EAAE,SAAS;AAAA,IACnC,UAAUA,QAAAA,IAAI,QAAQ,KAAK,WAAW;AAAA,MACpC,IAAI;AAAA,MACJ,MAAMA,QAAA,IAAI,OAAO,EAAE,SAAS;AAAA,MAC5B,WAAWA,QAAAA,IACR,MAAA,EACA;AAAA,QACC;AAAA,QACA;AAAA,QACA,CAAC,QAAQ,QAAQ;AAAA,MACnB;AAAA,IAAA,CACH;AAAA,IACD,aAAaA,QAAAA,IAAI,QAAQ,KAAK,WAAW;AAAA,MACvC,IAAI,CAAC,YAAiB,CAAC,YAAY,SAAS,EAAE,SAAS,OAAO;AAAA,MAC9D,MAAMA,YAAI,OAAO;AAAA,MACjB,WAAWA,QAAAA,IACR,MAAA,EACA;AAAA,QACC;AAAA,QACA;AAAA,QACA,CAAC,WAAW;AACV,iBAAO,WAAW;AAAA,QACpB;AAAA,MACF;AAAA,IAAA,CACH;AAAA,IACD,SAASA,YAAI,OAAO;AAAA,MAClB,mBAAmBA,QAAI,IAAA,MAAA,EAAQ,GAAGA,QAAAA,IAAI,QAAQ;AAAA,IAAA,CAC/C;AAAA,EACF,CAAA,EACA,UAAU;AACf;AAEW,MAAA,iCAAiCkE,8BAAsB,4BAA4B;ACrDhG,MAAM,EAAEnD,kBAAAA,mBAAqB,IAAA7B;AAK7B,MAAM,uBAAuB,CAAC,YAAsB;AAC5C,QAAA,WAAWiF,wBAAgB,OAAO;AACxC,QAAM,cAAc;AAAA,IAClB,0BAA0BC,cAAM,wBAAwB;AAAA,EAAA;AAGnD,SAAA;AAAA,IACL,GAAG;AAAA,IAEH,OAAO;AAAA,MACL,GAAG,SAAS;AAAA,MACZ,GAAG;AAAA,IACL;AAAA,IAEA,MAAM,SAAS,kBAAuC;AACpD,UAAI,OAAO,UAAU;AACb,cAAA,IAAI,MAAM,mEAAmE;AAAA,MACrF;AAE+B,qCAAA,CAAC,gBAAgB,CAAC;AAE3C,YAAA3E,UAAS4E,aAAO,OAAO,gBAAgB;AAE7C,aAAO,SAAS,SAAS5E,QAAO,UAAUA,OAAM;AAAA,IAClD;AAAA,IAEA,MAAM,aAAa,mBAA0C;AAC3D,qCAA+B,iBAAiB;AAEhD,iBAAW,cAAc,mBAAmB;AACpC,cAAA,KAAK,SAAS,UAAU;AAAA,MAChC;AAEO,aAAA;AAAA,IACT;AAAA,IAEA,MAAM,kBAAkB,UAAkB,UAAkBc,UAAgC;AACpF,YAAAd,UAAS,SAAS,IAAI,QAAQ;AACpC,UAAI,CAACA,SAAQ;AACX,cAAM,IAAIsB,mBAAiB,4BAA4B,QAAQ,GAAG;AAAA,MACpE;AAEA,YAAM,kBAAkBsD,aAAO,kBAAkB,UAAU5E,OAAM;AAGjE,UAAI,CAAC,iBAAiB;AACb,eAAA;AAAA,MACT;AAGA,UAAI,CAACc,UAAS;AACL,eAAA;AAAA,MACT;AAGA,UAAI,CAAC8D,aAAO,iBAAiB9D,UAASd,OAAM,GAAG;AACtC,eAAA;AAAA,MACT;AAEA,YAAM,UAAU,MAAM,YAAY,yBAAyB,KAAK;AAAA,QAC9D;AAAA,QACA,QAAAA;AAAA,QACA,SAAAc;AAAA,MAAA,CACD;AAED,aAAO,QAAQ,MAAM,CAAC,WAAW,WAAW,KAAK;AAAA,IACnD;AAAA,EAAA;AAEJ;AC/DA,MAAM,mBAAmB;AAMlB,MAAM,gCAAgC,OAAO;AAAA,EAClD,UAAU;AACZ;AAMO,MAAM,kBAAkB,CAAC,MAAM,eAAe,WAAW,UAAU,UAAU;AAKvE,MAAA,8BAA8BgB,GAAAA,KAAK,eAAe;AAElD,MAAA,qBAAqB,CAACsB,eAAsC;AACjE,QAAA,EAAE,MAAAhF,OAAM,OAAW,IAAAgF;AAEzB,MAAI,CAAC,QAAQ;AACX,WAAO,QAAQhF,KAAI;AAAA,EACrB;AAEA,MAAI,WAAW,SAAS;AACtB,WAAO,UAAUA,KAAI;AAAA,EACvB;AAEO,SAAA,WAAW,MAAM,IAAIA,KAAI;AAClC;AAMa,MAAA,oBAAoB,CAAC,UAA6C;AAC7E,QAAMgF,aAAYrB,GAAAA,IAAI,MAAM,mBAAmB,KAAK,GAAG,KAAK;AAGrD,SAAAqB;AACT;AAMO,MAAMd,WAASJ,GAAA;AAAA,EACpB;AAAA,EACA;AAAA,EACA3D,GAAA,MAAM,+BAA+B;AACvC;AAEA,MAAe,SAAA;AAAA,EACb;AAAA,EACA;AAAA,EACA;AAAA,EAAA,QACA+D;AAAAA,EACA;AAAA,EACA;AACF;ACpEA,MAAM,0BAA0B,MAAM;AACpC,QAAM,WAAWoC,QAAAA;AAEV,SAAA;AAAA,IACL,GAAG;AAAA,IAEH,MAAM,SAAS,qBAA6C;AAC1D,UAAI,OAAO,UAAU;AACb,cAAA,IAAI,MAAM,sEAAsE;AAAA,MACxF;AAEM,YAAAtB,aAAY,OAAO,OAAO,mBAAmB;AAEnD,aAAO,SAAS,SAASA,WAAU,IAAIA,UAAS;AAAA,IAClD;AAAA,IAEA,MAAM,aAAa,sBAAgD;AACjE,iBAAW,cAAc,sBAAsB;AACvC,cAAA,KAAK,SAAS,UAAU;AAAA,MAChC;AAEO,aAAA;AAAA,IACT;AAAA,EAAA;AAEJ;ACdA,MAAM;AAAA,EACJ,UAAU,EAAE,gBAAgB,uBAAuB;AACrD,IAAIyB;AAEJ,MAAM;AAAA,EAAA,WACJvF;AAAAA,EAAA,mBACAwF;AAAAA,EAAA,yBACAC;AAAAA,EACA;AAAA,EAAA,uBACAC;AACF,IAAIC;AACJ,MAAM;AAAA,EAAA,cACJC;AAAAA,EAAA,kBACAC;AAAAA,EAAA,sBACAC;AAAAA,EAAA,sBACAC;AAAAA,EAAA,wBACAC;AAAAA,EAAA,sBACAC;AAAAA,EAAA,sBACAC;AACF,IAAIlG;AAEJ,MAAMmG,qBAAmB,CAAC,aAAa;AACvC,MAAMC,kBAAgB,CAACR,gBAAcC,kBAAgB;AAErD,MAAe,wBAAA,CAAC,EAAE,QAAAnF,SAAQ,SAAAD,WAAS,YAAiB;AAC5C,QAAA,SAAS,OAAO,SAAS,KAAK;AAE9B,QAAA,EAAE,uBAAuB,IAAI8E,QAAS,SAAA;AAE5C,QAAM,MAAM;AAAA,IACV;AAAA,IACA,UAAU,OAAO,SAAS,KAAK,MAAM;AAAA,EAAA;AAGvC,QAAM,sBAAsB,CAAC,UAAU,OAAc;AAC7C,UAAA,EAAE,OAAW,IAAA;AAGnB,UAAM,kBAAkB,OAAO,mBAAmB,OAAO,eAAe,OAAO,SAAS;AAExF,UAAM,kBAAkBrG,QAAAA,MAAM;AAAA,MAC5BmH,QAAAA,SAAS,qBAAqB,uBAAuB,eAAe,GAAG,GAAG;AAAA,MAC1EA,iBAAS,qBAAqB,+BAA+B,GAAG;AAAA,MAChEA,iBAAS,qBAAqB,kBAAkB,GAAG;AAAA,MACnDA,iBAAS,qBAAqB,gBAAgB,GAAG;AAAA,MACjDA,QAAA,SAAS,qBAAqB,CAAC,EAAE,KAAK,MAAM,GAAG,EAAE,aAAa;AAC5D,YAAIC,GAAS,SAAA,KAAK,KAAKpD,GAAA,QAAQ,KAAK,GAAG;AACrC,iBAAO,GAAG;AAAA,QACZ;AAAA,SACC,GAAG;AAAA,IAAA;AAGR,UAAM,eAAehE,QAAAA,MAAM;AAAA,MACzBmH,QAAAA,SAAS,kBAAkB,uBAAuB,eAAe,GAAG,GAAG;AAAA,MACvEA,iBAAS,kBAAkB,+BAA+B,GAAG;AAAA,MAC7DA,iBAAS,kBAAkB,kBAAkB,GAAG;AAAA,MAChDA,iBAAS,kBAAkB,gBAAgB,GAAG;AAAA,MAC9CA,iBAAS,kBAAkB,CAAC,EAAE,KAAK,WAAW,MAAM,GAAG,EAAE,aAAa;AACpE,YAAI,CAACb,oBAAkB,SAAS,KAAKtC,GAAA,QAAQ,KAAK,GAAG;AACnD,iBAAO,GAAG;AAAA,QACZ;AAAA,SACC,GAAG;AAAA,IAAA;AAGR,UAAM,mBAAmBhE,QAAAA,MAAM;AAAA,MAC7BmH,iBAAS,sBAAsB,wBAAwB,GAAG;AAAA,MAC1DA,QAAAA,SAAS,sBAAsB,uBAAuB,eAAe,GAAG,GAAG;AAAA,MAC3EA,iBAAS,sBAAsB,+BAA+B,GAAG;AAAA,MACjEA,iBAAS,sBAAsB,kBAAkB,GAAG;AAAA,MACpDA,iBAAS,sBAAsB,gBAAgB,GAAG;AAAA,IAAA;AAGpD,UAAM,iBAAiBnH,QAAAA,MAAM;AAAA,MAC3BmH,QAAAA,SAAS,oBAAoB,uBAAuB,eAAe,GAAG,GAAG;AAAA,MACzEA,iBAAS,oBAAoB,kBAAkB,GAAG;AAAA,MAClDA,iBAAS,oBAAoB,gBAAgB,GAAG;AAAA,IAAA;AAGlD,WAAO,OAAO,UAAe;AACrB,YAAA,iBAAiBE,aAAU,KAAK;AAEtC,UAAI,MAAM,SAAS;AACV,eAAA,OAAO,gBAAgB,EAAE,SAAS,MAAM,gBAAgB,MAAM,OAAO,EAAA,CAAG;AAAA,MACjF;AAEA,UAAI,MAAM,MAAM;AACP,eAAA,OAAO,gBAAgB,EAAE,MAAM,MAAM,aAAa,MAAM,IAAI,EAAA,CAAG;AAAA,MACxE;AAEA,UAAI,MAAM,UAAU;AACX,eAAA,OAAO,gBAAgB,EAAE,UAAU,MAAM,iBAAiB,MAAM,QAAQ,EAAA,CAAG;AAAA,MACpF;AAEA,UAAI,MAAM,QAAQ;AACT,eAAA,OAAO,gBAAgB,EAAE,QAAQ,MAAM,eAAe,MAAM,MAAM,EAAA,CAAG;AAAA,MAC9E;AAEO,aAAA;AAAA,IAAA;AAAA,EACT;AAGF,QAAM,uBAAuB,CAAC,UAAU,OAAc;AAC9C,UAAA,EAAE,OAAW,IAAA;AAEnB,UAAM,kBAAkB,OAAO,mBAAmB,OAAO,gBAAgB,OAAO,SAAS;AAEzF,WAAOrH,QAAM,MAAA;AAAA;AAAA,MAEXsH,QAAA,eAAe,kBAAkB,GAAG;AAAA;AAAA,MAEpCA,QAAA,eAAe,4BAA4B,GAAG;AAAA;AAAA,MAE9CA,QAAAA,eAAe,uBAAuB,eAAe,GAAG,GAAG;AAAA;AAAA,MAE3DjB,QAAA,SAAS,WAAW,kBAAkB;AAAA,QACpC;AAAA,QACA,SAAS,KAAa;AACb,iBAAA,OAAO,SAAS,GAAiB;AAAA,QAC1C;AAAA,MAAA,CACD;AAAA,IAAA;AAAA,EACH;AAGF,QAAM,sBAAsB,CAAC,UAAU,OAAc;AAC7C,UAAA,EAAE,OAAW,IAAA;AAEnB,UAAM,kBAAkB,OAAO,mBAAmB,OAAO,eAAe,OAAO,SAAS;AAExF,WAAOrG,QAAM,MAAA;AAAA;AAAA,MAEXsH,QAAA,eAAe,kBAAkB,GAAG;AAAA;AAAA,MAEpCA,QAAAA,eAAe,uBAAuB,eAAe,GAAG,GAAG;AAAA;AAAA,MAE3D;AAAA,IAAA;AAAA,EACF;AAGI,QAAA,eAAe,CAAC,2BAAgC;AAGpD,UAAM,kBAAkB,OAAO,MAAe,UAAU,CAAA,MAAc;AAChE,UAAAzD,GAAAA,QAAQ,IAAI,GAAG;AACV,eAAA,QAAQ,IAAI,KAAK,IAAI,CAAC,WAAoB,gBAAgB,QAAQ,OAAO,CAAC,CAAC;AAAA,MACpF;AAEA,YAAM,EAAE,SAAAvB,UAAS,QAAQ,eAAmB,IAAA,kBAAkB,MAAM,OAAO;AAE3E,YAAM,kBAAkBiF,MAAA,kBAAkBhG,WAAS,gBAAgBe,UAAS;AAAA,QAC1E,YAAY,CAAC,SAAS,KAAK,UAAU,CAAC;AAAA,MAAA,CACvC;AAED,YAAM,0BAA0BkF,GAAA;AAAA,QAC9B,CAAC,WAAW,CAACpG,GAAA,MAAM,MAAM;AAAA,QACzBqG,WAAQ9D,GAAAA,KAAK,QAAQ,GAAGpC,UAAQ,SAAS,gBAAgBmG,QAAAA,kBAAkBpF,QAAO,CAAC,CAAC;AAAA,MAAA;AAEtF,YAAM,yBAAyB0B,GAAA,QAAQ,eAAe,KAAK,CAAC;AAE5D,YAAM,kBAAkB;AAAA,QACtB,GAAG;AAAA,QACH,QAAQ;AAAA,UACN,kBAAkB;AAAA,UAClB,WAAW;AAAA,UACX;AAAA,QACF;AAAA,MAAA;AAGI,YAAA,mBAAmB,uBAAuB,eAAe;AAE/D,aAAO,iBAAiB,IAAI;AAAA,IAAA;AAGvB,WAAA;AAAA,EAAA;AAGH,QAAA,oBAAoB,CAAC,MAAW,YAAqB;AAClD,WAAAQ,GAAA,SAAS,EAAE,SAASmD,gBAAU,OAAO,IAAI,GAAG,QAAAnG,WAAU,OAAO;AAAA,EAAA;AAMhE,QAAA,mBAAmBgC,GAAAA,KAAK,CAAC,GAAGuD,sBAAoB,UAAU,GAAGC,sBAAoB,QAAQ,CAAC;AAK1F,QAAA,mBAAmB,CAAC,EAAE,KAAK,QAAAY,QAAO,GAAQ,EAAE,aAAkB;AAC5D,UAAA,WAAWC,SAAM,OAAO,CAAC,UAAU,cAAc,KAAK,QAAQ,GAAGD,OAAM;AAE7E,QAAI,UAAU;AACZ,aAAO,GAAG;AAAA,IACZ;AAAA,EAAA;AAMI,QAAA,6BAA6B,CAAC,EAAE,WAAW,KAAK,MAAM,GAAQ,EAAE,UAAe;AAC7E,UAAA,oBAAoBtE,QAAK,yBAAyB;AACxD,QAAI,CAAC,WAAW;AACd;AAAA,IACF;AAEA,QAAI,UAAU,SAAS,cAAc,UAAU,WAAW,iBAAiB,OAAO;AAC5E,UAAA,MAAM,QAAQ,KAAK,GAAG;AACxB,YAAI,KAAK,MAAM,IAAI,iBAAiB,CAAC;AAAA,MAAA,OAChC;AACD,YAAA,KAAK,kBAAkB,KAAK,CAAC;AAAA,MACnC;AAAA,IACF;AAAA,EAAA;AAMI,QAAA,gCAAgC,CAAC,EAAE,KAAK,WAAW,QAAAsE,QAAO,GAAQ,EAAE,aAAkB;AACtFA,QAAAA,QAAO,QAAQ,iBAAiB,aAAa,CAAC,0BAA0B,SAAS,GAAG,GAAG;AACzF,aAAO,GAAG;AAAA,IACZ;AAAA,EAAA;AAGF,QAAM,iBAAiB,CAAC,SAAS,OAAO;AAChC,UAAA,uBAAuBrB,0BAAwB,MAAM;AACrD,UAAA,qBAAqBC,wBAAsB,MAAM;AAEjD,UAAA,+BAA+BsB,GAAAA,aAAa,sBAAsB,kBAAkB;AAEnF,WAAA5H,GAAAA,KAAK,CAAC,GAAG,QAAQ,GAAG+G,oBAAkB,GAAG,4BAA4B,CAAC;AAAA,EAAA;AAG/E,QAAM,kBAAkB,CAAC,SAAS,OAAO;AACjC,UAAA,wBAAwB,yBAAyB,MAAM;AACvD,UAAA,uBAAuBV,0BAAwB,MAAM;AAE3D,WAAOrG,QAAK;AAAA,MACV,GAAG;AAAA,MACH,GAAGgH;AAAAA,MACH,GAAGD;AAAAA,MACH,GAAG;AAAA,MACH,GAAG;AAAA,MACHL;AAAAA,MACAC;AAAAA,IAAA,CACD;AAAA,EAAA;AAGH,QAAM,iBAAiB,CAAC,SAAS,OAAO;AAChC,UAAA,uBAAuBN,0BAAwB,MAAM;AACrD,UAAA,qBAAqBC,wBAAsB,MAAM;AAEjD,UAAA,+BAA+BsB,GAAAA,aAAa,sBAAsB,kBAAkB;AAE1F,WAAO5H,QAAK;AAAA,MACV,GAAG;AAAA,MACH,GAAGgH;AAAAA,MACH,GAAGD;AAAAA,MACH,GAAG;AAAA,MACHL;AAAAA,MACAC;AAAAA,MACAC;AAAAA,MACAC;AAAAA,MACAC;AAAAA,IAAA,CACD;AAAA,EAAA;AAGI,SAAA;AAAA,IACL,gBAAgB,aAAa,oBAAoB;AAAA,IACjD,eAAe,aAAa,mBAAmB;AAAA,IAC/C,eAAe,aAAa,mBAAmB;AAAA,EAAA;AAEnD;AClRA,MAAM,EAAE9C,iBAAAA,kBAAoB,IAAAjD;AAC5B,MAAM,EAAE,eAAe,0BAA0B8G,QAAAA,SAAS;AAE1D,MAAM,EAAE,WAAW,mBAAmB,yBAAyB,0BAC7DtB,QAAAA;AACF,MAAM;AAAA,EACJ;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,IAAI;AAEJ,MAAM,mBAAmB,CAAC,aAAa;AAEvC,MAAM,gBAAgB,CAAC,cAAc,gBAAgB;AAErD,MAAM,kBAAkB,CAAC,EAAE,KAAK,MAAAjG,YAAkD;AAC1E,QAAA,MAAMA,SAAQA,UAAS,MAAM,eAAe,GAAG,OAAOA,KAAI,KAAK,eAAe,GAAG;AAEjF,QAAA,IAAI0D,kBAAgB,GAAG;AAC/B;AAEA,MAAe,wBAAA,CAAC,EAAE,QAAA1C,SAAQ,SAAAD,WAAS,YAAiB;AAC5C,QAAA,SAAS,OAAO,SAAS,KAAK;AAEpC,QAAM,MAAM;AAAA,IACV;AAAA,IACA,UAAU,OAAO,SAAS,KAAK,MAAM;AAAA,EAAA;AAGvC,QAAM,sBAAsB,CAAC,UAAU,OAAc;AAC7C,UAAA,EAAE,OAAW,IAAA;AAGnB,UAAM,kBAAkB,OAAO,mBAAmB,OAAO,eAAe,OAAO,SAAS;AAExF,UAAM,kBAAkBvB,QAAAA,MAAM;AAAA,MAC5BmH,QAAAA,SAAS,qBAAqB,sBAAsB,eAAe,GAAG,GAAG;AAAA,MACzEA,iBAAS,qBAAqB,gCAAgC,GAAG;AAAA,MACjEA,iBAAS,qBAAqB,eAAe,GAAG;AAAA,MAChDA,iBAAS,qBAAqB,CAAC,EAAE,KAAK,OAAO,MAAA3G,YAAW;AACtD,YAAI4G,GAAS,SAAA,KAAK,KAAKpD,GAAA,QAAQ,KAAK,GAAG;AACrC,0BAAgB,EAAE,KAAK,MAAMxD,MAAK,UAAW,CAAA;AAAA,QAC/C;AAAA,SACC,GAAG;AAAA,IAAA;AAGR,UAAM,eAAeR,QAAAA,MAAM;AAAA,MACzBmH,QAAAA,SAAS,kBAAkB,sBAAsB,eAAe,GAAG,GAAG;AAAA,MACtEA,iBAAS,kBAAkB,gCAAgC,GAAG;AAAA,MAC9DA,iBAAS,kBAAkB,eAAe,GAAG;AAAA,MAC7CA,QAAA,SAAS,kBAAkB,CAAC,EAAE,KAAK,WAAW,OAAO,MAAA3G,YAAW;AAC9D,YAAI,CAAC,kBAAkB,SAAS,KAAKwD,GAAA,QAAQ,KAAK,GAAG;AACnD,0BAAgB,EAAE,KAAK,MAAMxD,MAAK,UAAW,CAAA;AAAA,QAC/C;AAAA,SACC,GAAG;AAAA,IAAA;AAGR,UAAM,iBAAiBR,QAAAA,MAAM;AAAA,MAC3BmH,QAAAA,SAAS,oBAAoB,sBAAsB,eAAe,GAAG,GAAG;AAAA,MACxEA,iBAAS,oBAAoB,eAAe,GAAG;AAAA,IAAA;AAGjD,UAAM,mBAAmBnH,QAAAA,MAAM;AAAA,MAC7BmH,QAAAA,SAAS,sBAAsB,sBAAsB,eAAe,GAAG,GAAG;AAAA,MAC1EA,iBAAS,sBAAsB,gCAAgC,GAAG;AAAA,MAClEA,iBAAS,sBAAsB,mBAAmB,GAAG;AAAA,MACrDA,iBAAS,sBAAsB,eAAe,GAAG;AAAA,IAAA;AAGnD,WAAO,OAAO,UAAe;AAC3B,UAAI,MAAM,SAAS;AACX,cAAA,gBAAgB,MAAM,OAAO;AAAA,MACrC;AAEA,UAAI,MAAM,MAAM;AACR,cAAA,aAAa,MAAM,IAAI;AAAA,MAC/B;AAEA,UAAI,MAAM,QAAQ;AACV,cAAA,eAAe,MAAM,MAAM;AAAA,MACnC;AAGA,UAAI,MAAM,YAAY,MAAM,aAAa,KAAK;AACtC,cAAA,iBAAiB,MAAM,QAAQ;AAAA,MACvC;AAEO,aAAA;AAAA,IAAA;AAAA,EACT;AAGF,QAAM,sBAAsB,CAAC,UAAU,OAAc;AAC7C,UAAA,EAAE,OAAW,IAAA;AAEnB,UAAM,kBAAkB,OAAO,mBAAmB,OAAO,eAAe,OAAO,SAAS;AAExF,WAAOnH,QAAM,MAAA;AAAA;AAAA,MAEXsH,QAAA,eAAe,mBAAmB,GAAG;AAAA;AAAA,MAErCA,QAAAA,eAAe,sBAAsB,eAAe,GAAG,GAAG;AAAA;AAAA,MAE1D;AAAA,IAAA;AAAA,EACF;AAGI,QAAA,eAAe,CAAC,2BAAgC;AAGpD,UAAM,kBAAkB,OAAO,MAAM,UAAU,CAAA,MAAyB;AAClE,UAAAzD,GAAAA,QAAQ,IAAI,GAAG;AACV,eAAA,QAAQ,IAAI,KAAK,IAAI,CAAC,WAAoB,gBAAgB,QAAQ,OAAO,CAAC,CAAC;AAAA,MACpF;AAEA,YAAM,EAAE,SAAAvB,UAAS,QAAQ,eAAmB,IAAA,kBAAkB,MAAM,OAAO;AAE3E,YAAM,kBAAkBiF,MAAA,kBAAkBhG,WAAS,gBAAgBe,UAAS;AAAA,QAC1E,YAAY,CAAC,SAAS,KAAK,UAAU,CAAC;AAAA,MAAA,CACvC;AAED,YAAM,0BAA0BkF,GAAA;AAAA,QAC9B,CAAC,WAAW,CAACpG,GAAA,MAAM,MAAM;AAAA,QACzBqG,WAAQ9D,GAAAA,KAAK,QAAQ,GAAGpC,UAAQ,SAAS,gBAAgBmG,QAAAA,kBAAkBpF,QAAO,CAAC,CAAC;AAAA,MAAA;AAEtF,YAAM,yBAAyB0B,GAAA,QAAQ,eAAe,KAAK,CAAC;AAE5D,YAAM,kBAAkB;AAAA,QACtB,GAAG;AAAA,QACH,QAAQ;AAAA,UACN,kBAAkB;AAAA,UAClB,WAAW;AAAA,UACX;AAAA,QACF;AAAA,MAAA;AAGI,YAAA,mBAAmB,uBAAuB,eAAe;AAE/D,aAAO,iBAAiB,IAAI;AAAA,IAAA;AAGvB,WAAA;AAAA,EAAA;AAGH,QAAA,oBAAoB,CAAC,MAAW,YAAqB;AAClD,WAAAQ,GAAA,SAAS,EAAE,SAASmD,gBAAU,OAAO,IAAI,GAAG,QAAAnG,WAAU,OAAO;AAAA,EAAA;AAMhE,QAAA,mBAAmBgC,GAAAA,KAAK,CAAC,GAAG,oBAAoB,UAAU,GAAG,oBAAoB,QAAQ,CAAC;AAKhG,QAAM,oBAAoB,CAAC,EAAE,KAAK,QAAAoE,SAAQ,MAAApH,YAAgB;AAClD,UAAA,WAAWqH,SAAM,OAAO,CAAC,UAAU,cAAc,KAAK,QAAQ,GAAGD,OAAM;AAE7E,QAAI,UAAU;AACZ,sBAAgB,EAAE,KAAK,MAAMpH,MAAK,UAAW,CAAA;AAAA,IAC/C;AAAA,EAAA;AAMI,QAAA,iCAAiC,CAAC,EAAE,KAAK,WAAW,QAAAoH,SAAQ,MAAApH,YAAgB;AAC5EoH,QAAAA,QAAO,QAAQ,iBAAiB,aAAa,CAAC,0BAA0B,SAAS,GAAG,GAAG;AACzF,sBAAgB,EAAE,KAAK,MAAMpH,MAAK,UAAW,CAAA;AAAA,IAC/C;AAAA,EAAA;AAGF,QAAM,iBAAiB,CAAC,SAAS,OAAO;AAChC,UAAA,uBAAuB,wBAAwB,MAAM;AACrD,UAAA,qBAAqB,sBAAsB,MAAM;AAEjD,UAAA,+BAA+BsH,GAAAA,aAAa,sBAAsB,kBAAkB;AAEnF,WAAA5H,GAAAA,KAAK,CAAC,GAAG,QAAQ,GAAG,kBAAkB,GAAG,4BAA4B,CAAC;AAAA,EAAA;AAG/E,QAAM,iBAAiB,CAAC,SAAS,OAAO;AACtC,WAAOA,QAAK;AAAA,MACV,GAAG;AAAA,MACH,GAAG;AAAA,MACH,GAAG;AAAA,MACH;AAAA,MACA;AAAA,MACA;AAAA,IAAA,CACD;AAAA,EAAA;AAGI,SAAA;AAAA,IACL,eAAe,aAAa,mBAAmB;AAAA,IAC/C,eAAe,aAAa,mBAAmB;AAAA,EAAA;AAEnD;ACxNA,MAAM,eAAe;AAAA,EACnB,KAAK;AAAA,EACL,MAAM;AAAA,EACN,SAAS;AAAA,EACT,MAAM;AAAA,EACN,KAAK;AAAA,EACL,MAAM;AAAA,EACN,KAAK;AAAA,EACL,KAAK;AAAA,EACL,KAAK;AAAA,EACL,MAAM;AAAA,EACN,KAAK;AAAA,EACL,MAAM;AACR;AAEA,MAAM,SAAS,CAAC,QAAmC;AAC7C,MAAA8B,aAAA,QAAE,SAAS,GAAG,KAAK,IAAI,WAAW,GAAG,KAAK,OAAO,cAAc;AACjE,WAAO,aAAa,GAAG;AAAA,EACzB;AACO,SAAA;AACT;AAEA,MAAM,iBAAiB,CAACT,UAAkBC,SAAiB,UAAmB;AAE5E,SAAOwG,mBAAazG,UAASC,SAAQ,OAAO,CAAC,MAAM,EAAE,UAAU;AACjE;AAEA,MAAM,mBAAmB,CAAC,cAAuB;AAC/C,SAAO,WAAW,SAAS;AAC7B;AAEA,MAAM,aAAa,CAAC,QAAsB;AACpC,MAAA,CAACQ,aAAAA,QAAE,cAAc,GAAG,KAAK,CAACA,qBAAE,QAAQ,GAAG,GAAG;AACrC,WAAA;AAAA,EACT;AACI,MAAAA,aAAA,QAAE,QAAQ,GAAG,GAAG;AAClB,WAAO,IAAI,IAAI,CAAC,MAAe,WAAW,CAAC,CAAC;AAAA,EAC9C;AAEA,SAAOA,aAAE,QAAA;AAAA,IACP;AAAA,IACA,CAAC,KAAK,GAAG,MAAW;AACZ,YAAA,MAAM,OAAO,CAAC;AAEhB,UAAAA,aAAA,QAAE,cAAc,CAAC,GAAG;AACtB,YAAI,gBAAgB,GAAG;AACrBA,uBAAA,QAAE,QAAQ,KAAK,KAAK,WAAW,EAAE,UAAU,CAAC;AAAA,QAAA,OACvC;AACLA,uBAAA,QAAE,QAAQ,KAAK,KAAK,WAAW,CAAC,CAAC;AAAA,QACnC;AAAA,MACS,WAAAA,aAAA,QAAE,QAAQ,CAAC,GAAG;AAErBA,qBAAAA,QAAA,QAAQ,KAAK,KAAK,EAAE,IAAI,CAAAiG,OAAK,WAAWA,EAAC,CAAC,CAAC;AAAA,MAAA,OACxC;AACHjG,qBAAAA,QAAA,QAAQ,KAAK,KAAK,CAAC;AAAA,MACvB;AAEO,aAAA;AAAA,IACT;AAAA,IACA,CAAC;AAAA,EAAA;AAEL;ACzDA,MAAe,UAAA,CAAC,WAAET,WAAS,QAAAC,SAAQ,aAAkB;AAAA,EAAA,SACnDD;AAAAA,EACA,QAAAC;AAAA,EACA;AAAA,EAEA,IAAI,YAAqB;AACvB,WAAO,KAAK,QAAQ,IAAIA,SAAQ,KAAK;AAAA,EACvC;AAAA,EAEA,UAAU,QAAa,cAAc,OAAO;AACnC,WAAAmG,QAAA,QAAU,aAAa,MAAM;AAAA,EACtC;AAAA,EAEA,sBAAsB,MAAe,UAAU,IAAI;AAC1C,WAAA,KAAK,cAAc,MAAM,OAAO;AAAA,EACzC;AAAA,EAEA,SAAS,cAAcnG,SAAQ;AACzB,QAAAQ,aAAA,QAAE,YAAY,WAAW,GAAG;AACxB,YAAA,IAAI,MAAM,oDAAoD;AAAA,IACtE;AAEA,WAAO,iBAAiB,eAAeT,WAAS,aAAa,KAAK,CAAC;AAAA,EACrE;AAAA;AAAA,EAGA,sBAAsB,QAAQ,CAAC,GAAUC,UAAiB;AAClD,UAAA,WAAW6F,aAAU,KAAK;AAChC,UAAM,kBAAkB,KAAK,SAAS7F,QAAM,KAAK;AAE7C,QAAA0G,GAAA,cAAc,MAAM,OAAO,GAAG;AACvB,eAAA,UAAU,kBACf,EAAE,MAAM,CAAC,MAAM,SAAS,eAAe,MACvC,MAAM;AAAA,IAAA,OACL;AACL,eAAS,UAAU;AAAA,IACrB;AAEO,WAAA;AAAA,EACT;AAAA,EAEA,GAAG,sBAAsB,EAAE,QAAA1G,kBAAQD,WAAS,OAAO;AAAA,EACnD,GAAG,sBAAsB,EAAE,QAAAC,kBAAQD,WAAS,OAAO;AACrD;AC3CA,MAAe,yBAAA,CAAC,WAA4D;AACpE,QAAA,EAAE,WAAA4G,WAAc,IAAA;AAEtB,QAAMC,UAAS/F,qBAAAA,QAAY,OACxB,IAAI,EAAE,WAAA8F,YAAW,EAIjB,GAAG,sCAAsC,CAAC,EAAE,YAAApE,kBAAiB;AAC5D,UAAMvC,UAAS2G,WAAU,OAAO,IAAIpE,YAAW,MAAM;AAGrD,QAAI,CAACvC,SAAQ;AACX,aAAO,IAAI;AAAA,QACT,mBAAmBuC,YAAW,MAAM;AAAA,MAAA;AAE/B,aAAA;AAAA,IACT;AAAA,EACD,CAAA,EAKA,GAAG,qBAAqB,CAACA,gBAA2B;AACnD,UAAMvC,UAAS2G,WAAU,OAAO,IAAIpE,YAAW,MAAM;AAC/C,UAAA,aAAaA,YAAW,cAAc;AAGtC,UAAA,iBAAiB,OAAO,KAAK,UAAU;AAC7C,UAAM,oBAAoB5D,GAAA;AAAA,MACxB;AAAA;AAAA,MAEAqB,QAAO,qBAAqB;AAAA,IAAA;AAG9B,UAAM,oCAAoC,kBAAkB;AAAA;AAAA,MAE1D,CAAC,aAAa,iBAAiB,eAAe,UAAUuC,WAAU;AAAA,MAClEA;AAAA,IAAA;AAGK,WAAA;AAAA,EACR,CAAA,EAKA,GAAG,qCAAqC,CAAC,EAAE,YAAAA,kBAAiB;AACrD,UAAA,EAAE,OAAO,IAAIA,YAAW;AAE9B,QAAIF,GAAQ,QAAA,MAAM,KAAKG,GAAA,QAAQ,MAAM,GAAG;AAC/B,aAAA;AAAA,IACT;AAAA,EAAA,CACD;AAEI,SAAA;AAAA,IACL,IAAI,QAAQ;AACV,aAAOoE,QAAO;AAAA,IAChB;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,MAAM,oBAAoBvI,OAAmC;AAC3D,YAAMwC,eAAe,MAAM,WAAW,YAAY,EAAE,oBAAoBxC,KAAI;AAErE,aAAAuI,QAAO,gBAAgB/F,cAAaxC,KAAI;AAAA,IACjD;AAAA;AAAA;AAAA;AAAA,IAKA,WAAW4D,GAAA,MAAM,CAAClC,UAAkBc,iBAA8B;AAEhE,aAAOA,aAAY,IAAI,CAAC,EAAE,QAAAb,SAAQ,SAAAc,UAAS,YAAYf,SAAQ,IAAIC,SAAQc,UAAS,KAAK,CAAC;AAAA,IAAA,CAC3F;AAAA,EAAA;AAEL;AC5EA,MAAM,qBAAqB,OAAO,CAAA;AAKlC,MAAM,gBAAgB,CACpB,EAAE,sBAAsB,oBAAoB,WAAW,CAAA,GAAI,WAAW,GAAG,IAAI,OAC1E;AACH,QAAM,QAAQ;AAAA,IACZ,OAAO;AAAA,MACL,UAAU6D,cAAM,sBAAsB;AAAA,MACtC,UAAUA,cAAM,wBAAwB;AAAA,IAC1C;AAAA,EAAA;AAIO,WAAA,QAAQ,CAAC,YAAY,MAAM,MAAM,SAAS,SAAS,OAAO,CAAC;AAC3D,WAAA,QAAQ,CAAC,YAAY,MAAM,MAAM,SAAS,SAAS,OAAO,CAAC;AAE7D,SAAA;AAAA,IACL,OAAO,MAAM;AAAA;AAAA;AAAA;AAAA;AAAA,IAMb,MAAM,gBAAgB3E,SAAkC;AACtD,YAAM,UAAU,MAAM,MAAM,MAAM,SAAS,KAAKA,OAAM;AAEtD,aAAO,QAAQ,KAAKuD,MAAG,IAAI,CAAC;AAAA,IAC9B;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,MAAM,MAAM3C,WAAU,IAAgB;AACpC,YAAM,UAAU;AAEhB,iBAAWZ,WAAUY,UAAS;AAC5B,cAAM,UAAU,MAAM,KAAK,gBAAgBZ,OAAM;AAEjD,YAAI,SAAS;AACX,gBAAM,MAAM,MAAM,SAAS,KAAK,EAAE,QAAAA,SAAQ,SAAS;AAAA,QACrD;AAAA,MACF;AAEO,aAAA;AAAA,IACT;AAAA,EAAA;AAEJ;ACtDA,MAAM,uBAAuB,MAAM;AACjC,QAAM,QAAQ;AAAA,IACZ,8BAAc,IAAI;AAAA,EAAA;AAGb,SAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAML,cAAc,aAAqB,SAAyB;AACpD,YAAA,UAAU,cAAc,OAAO;AAE/B,YAAA,SAAS,IAAI,aAAa,OAAO;AAEhC,aAAA;AAAA,IACT;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,cAAc,aAAqB;AAC3B,YAAA,SAAS,OAAO,WAAW;AAE1B,aAAA;AAAA,IACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAOA,WAAW,aAAqB,SAAwB;AACtD,UAAI,MAAM,SAAS,IAAI,WAAW,GAAG;AACnC,cAAM,SAAS,IAAI,WAAW,EAAE,MAAM,SAAS,SAAS,OAAO;AAAA,MACjE;AAEO,aAAA;AAAA,IACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAQA,WAAW,aAAqB,SAAwB;AACtD,UAAI,MAAM,SAAS,IAAI,WAAW,GAAG;AACnC,cAAM,SAAS,IAAI,WAAW,EAAE,MAAM,SAAS,SAAS,OAAO;AAAA,MACjE;AAEO,aAAA;AAAA,IACT;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,MAAM,MAAMY,WAAU,IAAgB;AACpC,YAAM,WAAW,CAAA;AAEjB,iBAAW,CAAC,aAAa,OAAO,KAAK,MAAM,SAAS,WAAW;AAC7D,iBAAS,WAAW,IAAI,MAAM,QAAQ,MAAMA,QAAO;AAAA,MACrD;AAEO,aAAA;AAAA,IACT;AAAA,EAAA;AAEJ;ACzEA,MAAM,WAAW,CAAC,SAAkBiG,GAAA,gBAAgB,QAAQ,IAAI;AAEhE,MAAM,qBAAqB,CAAC,QAA4D;AAC/E,SAAA,OAAO,aAAa,GAAG;AAChC;AAEA,MAAM,kBAAkB,CAAC,aAAkB,CAAC,QAC1C,CAAC,SAAS,KAAK,CAAC/F,aAAiBA,SAAQ,QAAQ,GAAG;AAEtD,MAAM,cAAcmB,GAAA,MAAM,CAAC,UAAmBnB,aAAiB;AACtD,SAAA,CAAC,CAACA,SAAQ,WAAW,KAAK,CAAC,SAAc,KAAK,UAAU,QAAQ;AACzE,CAAC;AAED,MAAM,kBAAkBgB,GAAA,KAAK,CAAC,mBAAmB,CAAC;AAElD,MAAM,oBAAoB,CAAC,QAAa;AAAA,EACtC,KAAK,GAAG;AAAA,EACR,OAAO,GAAG,KAAK;AAAA,EACf,YAAY,CAAC;AACf;ACVA,MAAM,EAAE,mBAAuB,IAAAmD;AAgB/B,MAAM,WAAW,CAAC,EAAE,QAAAjF,SAAQ,cAA+D;AACzF,QAAM,EAAE,UAAU,aAAa,aAAa,aAAaA;AAEzD,UAAQ,KAAK;AAAA,IACX;AAAA,IACA;AAAA,IACA;AAAA;AAAA;AAAA,IAGA,QAAQ;AAAA,EAAA,CACT;AACH;AASA,MAAM,UAAU,CAAC,EAAE,QAAAA,SAAQ,cAA+D;AACxF,QAAM,EAAE,YAAY,aAAa,aAAa,aAAaA;AAE3D,UAAQ,KAAK;AAAA,IACX;AAAA;AAAA,IAEA,QAAQ;AAAA,IACR;AAAA,IACA,QAAQ;AAAA,EAAA,CACT;AACH;AASA,MAAM,mBAAmB,CAAC;AAAA,EACxB,QAAAA;AAAA,EACA;AACF,MAGM;AACJ,QAAM,EAAE,aAAa,UAAU,UAAU,YAAYA;AAErD,UAAQ,QAAQ,KAAK;AAAA;AAAA,IAEnB,OAAO;AAAA,IACP;AAAA,IACA;AAAA,IACA,GAAG,gBAAgB,OAAO;AAAA,EAAA,CAC3B;AACH;AAKA,MAAM,qBACJ,CAAC,SACD,CAAC,EAAE,QAAAA,SAAQ,SAAS,0BAA4E;AAE9F,QAAM,WAAWA,QAAO;AAEpB,MAAA,CAAC,UAAU,QAAQ;AACrB;AAAA,EACF;AAEA,QAAM,cAAc,SAEjB,OAAO,gBAAgB,oBAAoB,QAAQ,CAAC,EAEpD,IAAI,kBAAkB,EAEtB,OAAO,SAAS,IAAI,CAAC,EAErB,IAAI,iBAAiB;AAEJ,sBAAA,SAAS,KAAK,GAAG,WAAW;AAClD;AAEF,MAAM,YAAY,CAAC,OAAY,eAAuB,cAAmB;AACvE,MAAI,CAAC,mBAAmB,OAAO,aAAa,GAAG;AACtC,WAAA;AAAA,EACT;AAEA,QAAM,OAAO,EAAE,OAAO,eAAe,OAAO,cAAc;AAE1D,MAAI,UAAU,UAAU;AACtB,WAAO,OAAO,MAAM,EAAE,UAAU,KAAM,CAAA;AAAA,EACxC;AAEI,MAAA,UAAU,SAAS,aAAa;AAClC,UAAM,YAAY,OAAO,WAAW,UAAU,SAAS;AACvD,WAAO,EAAE,GAAG,MAAM,UAAU,8BAA8B,SAAS,EAAE;AAAA,EACvE;AAEO,SAAA;AACT;AAEA,MAAM,gCAAgC,CAAC,UAAwB;AACtD,SAAA,OAAO,QAAQ,MAAM,UAAU,EACnC,IAAI,CAAC,CAAC,eAAe,SAAS,MAAM,UAAU,OAAO,eAAe,SAAS,CAAC,EAC9E,OAAO,CAAC,SAAS,SAAS,IAAI;AACnC;AAKA,MAAM,iBAAiB,CAAC,EAAE,QAAAA,SAAQ,cAAgE;AAC1F,QAAA,EAAE,SAAa,IAAAA;AAErB,UAAQ,SACL,OAAO,CAACc,aAAY,UAAU,SAASA,SAAQ,GAAG,CAAC,EACnD,QAAQ,CAACA,aAAY;AACd,UAAA,EAAE,IAAQ,IAAAA;AACV,UAAAgG,eAAc,mBAAmB,GAAG;AAEtC,QAAA,YAAY,UAAUhG,QAAO,GAAG;AAClC;AAAA,IACF;AAEM,UAAA,SAAS,8BAA8BgG,YAAW;AACxD,UAAM,aAAa,EAAE,OAAO,UAAU,OAAO,UAAU,UAAU;AAEzD,IAAAhG,SAAA,WAAW,KAAK,UAAU;AAAA,EAAA,CACnC;AACL;ACnJA,MAAM,qBAAqBiG,GAAAA,OAAO,SAAS;AAE3C,MAAM,iCAAiC,OAAO;AAAA,EAC5C,SAAS,CAAC;AAAA,EACV,UAAU,CAAC;AACb;AAEA,MAAM,8BAA8B,MAAM;AACxC,QAAM,UAAU;AAEhB,UAAQ,cAAc,WAAW;AAAA,IAC/B,qBAAqB,MAAM,CAAC;AAAA,IAC5B,UAAU,CAACC,OAAc;AAAA,IACzB,UAAU,CAAC,mBAAmB,SAAS,CAAC;AAAA,EAAA,CACzC;AAED,UAAQ,cAAc,YAAY;AAAA,IAChC,qBAAqB,MAAM,CAAC;AAAA,IAC5B,UAAU,CAACC,QAAe;AAAA,IAC1B,UAAU,CAAC,mBAAmB,UAAU,CAAC;AAAA,EAAA,CAC1C;AAED,UAAQ,cAAc,eAAe;AAAA,IACnC,qBAAqB;AAAA,IACrB,UAAU,CAAC,kBAAkB,mBAAmB,YAAY,GAAG,cAAc;AAAA,IAC7E,UAAU,CAAC,mBAAmB,cAAc,CAAC;AAAA,EAAA,CAC9C;AAED,UAAQ,cAAc,mBAAmB;AAAA,IACvC,qBAAqB;AAAA,IACrB,UAAU,CAAC,kBAAkB,mBAAmB,gBAAgB,GAAG,cAAc;AAAA,IACjF,UAAU,CAAC,mBAAmB,cAAc,CAAC;AAAA,EAAA,CAC9C;AAEM,SAAA;AACT;ACjCa,MAAA,mBAAmB,OAAO,aAAuC;AAC5E,QAAM,sBAAsB,MAAM,OAAO,GAAG,MAAM,mBAAmB,EAAE,SAAS;AAAA,IAC9E,QAAQ,CAAC,IAAI;AAAA,IACb,OAAO;AAAA,MACL,MAAM,EAAE,IAAI,SAAS;AAAA,IACvB;AAAA,EAAA,CACD;AAEG,MAAA,oBAAoB,SAAS,GAAG;AAClC,UAAM,YAAY,oBAAoB,IAAI9E,GAAAA,KAAK,IAAI,CAAC,CAAC;AAAA,EACvD;AACF;AAMa,MAAA,cAAc,OAAO,QAAkC;AAClE,QAAM,SAAoB,CAAA;AAC1B,aAAW,MAAM,KAAK;AACpB,UAAM,cAAc,MAAM,OAAO,GAAG,MAAM,mBAAmB,EAAE,OAAO,EAAE,OAAO,EAAE,GAAA,EAAM,CAAA;AACvF,WAAO,KAAK,WAAW;AAAA,EACzB;AACA,SAAO,SAAS,KAAK,qBAAqB,EAAE,aAAa,QAAQ;AACnE;AAMa,MAAA,aAAa,OAAOtB,iBAAkE;AACjG,QAAM,qBAAgD,CAAA;AACtD,aAAW0B,eAAc1B,cAAa;AAC9B,UAAA,UAAU,MAAM,OAAO,GAAG,MAAM,mBAAmB,EAAE,OAAO,EAAE,MAAM0B,YAAY,CAAA;AACtF,uBAAmB,KAAK,OAAO;AAAA,EACjC;AAEM,QAAA,sBAAsB,iBAAiB,aAAa,kBAAkB;AAC5E,SAAO,SAAS,KAAK,qBAAqB,EAAE,aAAa,qBAAqB;AAEvE,SAAA;AACT;AAOA,MAAMsB,WAAS,OAAO,QAAiB,eAAoC;AACzE,QAAM,oBAAqB,MAAM,OAAO,GACrC,MAAM,mBAAmB,EACzB,OAAO,EAAE,OAAO,QAAQ,MAAM,WAAY,CAAA;AAEvC,QAAA,qBAAqB,iBAAiB,aAAa,iBAAiB;AAC1E,SAAO,SAAS,KAAK,qBAAqB,EAAE,aAAa,oBAAoB;AAEtE,SAAA;AACT;AAMO,MAAM,WAAW,OAAO,SAAS,OAA8B;AAC9D,QAAA,iBAAiB,MAAM,OAAO,GAAG,MAAM,mBAAmB,EAAE,SAAS,MAAM;AAE1E,SAAA,iBAAiB,aAAa,cAAc;AACrD;AAMa,MAAA,sBAAsB,OAAOxF,UAA2C;AACnF,SAAO,SAAS,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,IAAIA,MAAK,KAAK,EAAA,EAAK,CAAA;AACjE;AAEA,MAAM,4BAA4B,OAAOwC,iBAA8B;AACrE,QAAM,EAAE,gBAAAR,gBAAA,IAAmB,WAAW,YAAY;AAElD,QAAM,sBAAoC,CAAA;AAE1C,aAAWkC,eAAc1B,cAAa;AAC9B,UAAA,EAAE,UAAU,UAAU,GACzB,IAAAR,gBAAe,IAAIkC,YAAW,MAAM,KAAgB;AACjD,UAAA,EAAE,kBAAsB,IAAA;AAExB,UAAA,oBAAoB,MAAM,QAAQ;AAAA,OACrC,qBAAqB,CAAA,GAAI,IAAI,OAAO,aAAa;AAC1C,cAAA,UAAU,MAAMlC,gBAAe;AAAA,UACnC;AAAA,UACAkC,YAAW;AAAA,UACXA,YAAW;AAAA,QAAA;AAGb,eAAO,WAAW3C,GAAAA,MAAM,iBAAiB,YAAY,UAAU2C,WAAU,CAAC;AAAA,MAAA,CAC3E;AAAA,IAAA;AAGH,UAAM,qBAAqBlC,gBAAe,IAAIkC,YAAW,MAAM;AACzD,UAAA,uBAAuBF,WAAQ,iBAAiB,KAAK,kBAAkB,MAAMkB,GAAAA,GAAG,IAAI,CAAC;AACrF,UAAA,mBAAmBlB,WAAQ,QAAQ,KAAK,CAAC,SAAS,SAASE,YAAW,OAAiB;AAGzF,QAAA,CAAC,sBAAsB,oBAAoB,sBAAsB;AACnE,0BAAoB,KAAKA,WAAU;AAAA,IACrC;AAAA,EACF;AAEO,SAAA;AACT;AAKO,MAAM,6BAA6B,YAA2B;AACnE,QAAM,WAAW;AAEX,QAAA,qBAAqB,WAAW,cAAc;AAEpD,QAAM,QAAQ,MAAM,OAAO,GAAG,MAAM,mBAAmB,EAAE;AACzD,QAAM,YAAY,KAAK,KAAK,QAAQ,QAAQ;AAE5C,WAAS,OAAO,GAAG,OAAO,WAAW,QAAQ,GAAG;AAE9C,UAAM,UAAW,MAAM,OAAO,GAC3B,MAAM,mBAAmB,EACzB,SAAS,EAAE,OAAO,UAAU,QAAQ,OAAO,SAAU,CAAA;AAElD,UAAA1B,eAAc,iBAAiB,aAAa,OAAO;AACnD,UAAA,sBAAsB,MAAM,0BAA0BA,YAAW;AACvE,UAAM,wBAAwBpC,GAAAA,IAAI0D,GAAAA,KAAK,IAAI,GAAG,mBAAmB;AAGjE,UAAM,uBAAuBtB,aAAY;AAAA,MACvC,CAAC0B,gBAA2B,CAAC,sBAAsB,SAASA,YAAW,EAAE;AAAA,IAAA;AAG3E,UAAM,6BAA6B,mBAAmB;AAAA,MACpD;AAAA,IAAA;AAIF,UAAM,gCAAgCuB,GAAA;AAAA,MACpC,CAAC,GAAe,MAAkB;AAChC,eAAO,EAAE,OAAO,EAAE,MAAMoD,GAAI,IAAA,EAAE,WAAW,QAAQ,EAAE,WAAW,MAAM,EAAE,WAAW;AAAA,MACnF;AAAA,MACA;AAAA,MACA;AAAA,IAAA;AAGI,UAAA,wBAAwB,CAAC3E,gBAA2B;AACxD,aAAOsB,SAAO,EAAE,IAAItB,YAAW,GAAA,GAAMA,WAAU;AAAA,IAAA;AAIjD,UAAM,QAAQ,IAAI;AAAA,MAChB,YAAY,qBAAqB;AAAA,MACjC4E,cAAA,QAAK,+BAA+B,uBAAuB;AAAA,QACzD,aAAa;AAAA,QACb,aAAa;AAAA,MAAA,CACd;AAAA,IAAA,CACF;AAAA,EACH;AACF;ACjKA,MAAM,iBAAiB,qBAAqB;AAC5C,MAAM,oBAAoB,wBAAwB;AAClD,MAAM,kBAAkBC,4BAAsB;AAE9C,MAAM,qBAAqBxC,iBAAO;AAElC,MAAMgC,WAAS,uBAAuB;AAAA,EACpC,WAAW,EAAE,QAAQ,gBAAgB,WAAW,kBAAkB;AACpE,CAAC;;;;;;;;;;;;;;;;ACAD,MAAM,kBAAkB,CACtB,OACA;AAAA,EACE,SAAS;AAAA,EACT,eAAe;AAAA,EACf,aAAa,CAAC;AAAA,EACd,eAAe;AAAA,EACf,iBAAiB,CAAC;AACpB,MACa;AACb,MAAI,iBAAiB,GAAG;AACtB,WAAO,SAAS,CAAC,MAAM,IAAI;EAC7B;AAEM,QAAA,wBAAwBS,QAAAA,aAAkB,wBAAwB,KAAK;AAE7E,SAAO7G,aAAE,QAAA;AAAA,IACP,MAAM;AAAA,IACN,CAAC,QAAa,MAAW,QAAa;AAChC,UAAA,sBAAsB,SAAS,GAAG;AAAU,eAAA;AAEhD,YAAM,YAAY,SAAS,GAAG,MAAM,IAAI,GAAG,KAAK;AAChD,YAAM,mBAAmB,CAAC,gBAAgB,KAAK,aAAa;AAC5D,YAAM,uBAAuB,kBAAkB,eAAe,KAAK8G,GAAA,WAAW,SAAS,CAAC;AAEpF,UAAA,KAAK,SAAS,aAAa;AAC7B,YAAI,oBAAoB,sBAAsB;AAC5C,gBAAM,cAAc,gBAAgB,WAAW,KAAK,SAAS,GAAG;AAAA,YAC9D,cAAc,eAAe;AAAA,YAC7B,QAAQ;AAAA,YACR;AAAA,YACA;AAAA,YACA;AAAA,UAAA,CACD;AAEG,cAAA,YAAY,WAAW,KAAK,kBAAkB;AACzC,mBAAA,OAAO,OAAO,SAAS;AAAA,UAChC;AAEO,iBAAA,OAAO,OAAO,WAAW;AAAA,QAClC;AACO,eAAA;AAAA,MACT;AAEA,UAAI,kBAAkB;AACb,eAAA,OAAO,OAAO,SAAS;AAAA,MAChC;AAEO,aAAA;AAAA,IACT;AAAA,IACA,CAAC;AAAA,EAAA;AAEL;AAKA,MAAM,kCAAkC,CACtC,OACA,EAAE,SAAS,IAAI,eAAe,IAAI,aAAa,CAAA,QAClC;AACb,MAAI,iBAAiB,GAAG;AACtB,WAAO;EACT;AAEM,QAAA,wBAAwBD,QAAAA,aAAkB,wBAAwB,KAAK;AAE7E,SAAO7G,aAAE,QAAA;AAAA,IACP,MAAM;AAAA,IACN,CAAC,QAAa,MAAW,QAAa;AAChC,UAAA,sBAAsB,SAAS,GAAG;AAAU,eAAA;AAEhD,YAAM,YAAY,SAAS,GAAG,MAAM,IAAI,GAAG,KAAK;AAChD,aAAO,KAAK,SAAS;AAEjB,UAAA,KAAK,SAAS,aAAa;AAC7B,cAAM,cAAc,gCAAgC,WAAW,KAAK,SAAS,GAAG;AAAA,UAC9E,cAAc,eAAe;AAAA,UAC7B,QAAQ;AAAA,UACR;AAAA,QAAA,CACD;AAEM,eAAA,KAAK,GAAG,WAAW;AAAA,MAC5B;AAEO,aAAA;AAAA,IACT;AAAA,IACA,CAAC;AAAA,EAAA;AAEL;AAKA,MAAM,iCAAiC,CACrCI,UACA,EAAE,cAAc,qBAAqB,CAAA,EAAqB,IAAA,OACjB;AACzC,SAAOA,SAAQ,OAAO,CAACC,cAAab,YAAW;AACvC,UAAA,gBAAgBA,QAAO,SAAS;AAAA,MACpC,CAACc,aAAiB,CAAC,mBAAmB,SAASA,QAAO;AAAA,IAAA;AAIxD,eAAWA,YAAW,eAAe;AAC7B,YAAA,SAAS,aAAa,kBAAkB,UAAUd,OAAM,IAC1D,gBAAgB,OAAO,aAAac,QAAO,GAAG;AAAA,QAC5C,YAAY,OAAO;AAAA,QACnB;AAAA,MAAA,CACD,IACD;AAEE,YAAAyB,cAAa,iBAAiB,OAAO;AAAA,QACzC,QAAQvC,QAAO;AAAA,QACf,SAAAc;AAAA,QACA,YAAY,EAAE,OAAO;AAAA,MAAA,CACtB;AAED,MAAAD,aAAY,KAAK0B,WAAU;AAAA,IAC7B;AAEO,WAAA1B;AAAA,EACT,GAAG,CAAE,CAAA;AACP;AAKA,MAAM,wBAAwB,CAC5BA,cACA,EAAE,aAAa,IAAkB,CAAA,MACQ;AACzC,QAAM,EAAE,gBAAAR,gBAAA,IAAmB,WAAW,YAAY;AAE3C,SAAAQ,aAAY,IAAI,CAAC0B,gBAAoB;AACpC,UAAA;AAAA,MACJ,QAAQ;AAAA,MACR,SAAAzB;AAAA,MACA,YAAY,EAAE,OAAO;AAAA,IACnB,IAAAyB;AAEE,UAAAvC,UAASK,gBAAe,IAAI,QAAQ;AAG1C,QAAI,CAAC,aAAa,kBAAkB,UAAUL,OAAM,GAAG;AAC9C,aAAA,iBAAiB,eAAe,UAAUuC,WAAU;AAAA,IAC7D;AAEA,QAAI,CAACzB,YAAW,CAAC,OAAO,aAAaA,QAAO,GAAG;AACtC,aAAAyB;AAAA,IACT;AAEA,UAAM,iBAAiB,gCAAgC,OAAO,aAAazB,QAAO,GAAG;AAAA,MACnF,YAAY,OAAO;AAAA,MACnB;AAAA,IAAA,CACD;AAED,UAAM,iBAAiB,gBAAgB,OAAO,aAAaA,QAAO,GAAG;AAAA,MACnE,YAAY,OAAO;AAAA,MACnB,cAAc;AAAA,MACd;AAAA,MACA,gBAAgB;AAAA,IAAA,CACjB;AAGK,UAAA,kBAAkBpC,QAAK,CAAC,GAAG4H,GAAA,aAAa,QAAQ,cAAc,GAAG,GAAG,cAAc,CAAC;AAEzF,UAAM,YAAY,gBAAgB;AAAA,MAChC,CAAC,UAAU,CAAC,gBAAgB,KAAKgB,GAAW,WAAA,GAAG,KAAK,GAAG,CAAC;AAAA,IAAA;AAG1D,WAAO,iBAAiB,YAAY,UAAU,WAAW/E,WAAU;AAAA,EACrE,GAAG,CAAE,CAAA;AACP;;;;;;;;ACjMA,MAAM,mBAAmB,CAACa,eAAuB;AAC/C,QAAM,EAAE,mBAAAhD,mBAAA,IAAsB,WAAW,YAAY;AAErD,SAAOmH,GAAAA,SAASnE,UAAS,KAAKhD,mBAAkB,IAAIgD,UAAS;AAC/D;;;;;ACDA,MAAM,EAAE,aAAa,eAAmB,IAAA9D;AAExC,MAAM,EAAEkI,eAAAA,gBAAkB,IAAA/H;AAQ1B,MAAM,2BAA2B,OAAO,WAAoB;AAC1D,QAAM,EAAE,gBAAAY,gBAAA,IAAmB,WAAW,YAAY;AAE9C,MAAA,CAACT,GAAAA,MAAM,MAAM,GAAG;AACZ,UAAAiC,QAAkB,MAAM,WAAW,MAAM,EAAE,QAAQ,EAAE,IAAI,OAAA,CAAQ;AAEvE,QAAI,CAACA,OAAM;AACH,YAAA,IAAI2F,gBAAc,eAAe;AAAA,IACzC;AAEI,QAAA3F,MAAK,SAAS,aAAa;AACtB,aAAAxB,gBAAe,SAAS,OAAO,CAAC,EAAE,SAAoB,MAAA,aAAa,cAAc;AAAA,IAC1F;AAAA,EACF;AAEA,SAAOA,gBAAe;AACxB;;;;;AC1BA,MAAM,mBAAEqC,mBAAiB,eAAA8E,gBAAkB,IAAA/H;AAY3C,MAAMgI,kBAAgB;AAAA,EACpB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF;AAEA,MAAMC,oBAAkB,CAAC,aAAa;AAOtC,MAAM,uCAAuC,CAC3C,MACA7G,iBACG;AAEH,MAAI,SAASvB,YAAU,eAAe,UAAU,CAACkD,GAAAA,QAAQ3B,YAAW,GAAG;AAC/D,UAAA,IAAI6B,kBAAgB,oDAAoD;AAAA,EAChF;AAGA,MAAI,SAASpD,YAAU,eAAe,UAAU,CAAC+C,GAAAA,QAAQxB,YAAW,GAAG;AAC/D,UAAA,IAAI6B,kBAAgB,gDAAgD;AAAA,EAC5E;AAGI,MAAA,SAASpD,YAAU,eAAe,QAAQ;AAC5C,UAAM,mBAAmB,OAAO,WAAW,YAAY,UAAU,OAAO;AAClE,UAAA,qBAAqBX,GAAAA,WAAWkC,cAAa,gBAAgB;AAE/D,QAAA,CAAC2B,GAAAA,QAAQ,kBAAkB,GAAG;AAChC,YAAM,IAAIE,kBAAgB,iCAAiC,mBAAmB,KAAK,IAAI,CAAC,EAAE;AAAA,IAC5F;AAAA,EACF;AACF;AAKA,MAAMiF,oBAAkB,CAAC,aAAsB;AACzC,MAAA/H,GAAAA,MAAM,QAAQ,GAAG;AACZ,WAAA;AAAA,EACT;AAEA,MAAI,CAACgI,GAAA,SAAS,QAAQ,KAAK,CAAC,OAAO,OAAOtI,YAAU,mBAAmB,EAAE,SAAS,QAAQ,GAAG;AACpF,WAAA;AAAA,EACT;AAEO,SAAA;AACT;AAKA,MAAMuI,wBAAsB,CAAC,aAAsB;AAC7C,MAAA,CAACF,kBAAgB,QAAQ,GAAG;AAC9B,UAAM,IAAIjF;AAAAA,MACR;AAAA,QACE,OAAO,OAAOpD,YAAU,mBAAmB,EAAE,KAAK,IAAI,CAAC;AAAA,IAAA;AAAA,EAE7D;AACF;AAKA,MAAMwI,4BAA0B,CAACzI,WAAgC;AAC/D,MAAI,CAACA,QAAO;AACH,WAAAA;AAAA,EACT;AAEO,SAAA;AAAA,IACL,GAAGA;AAAA,IACH,aAAagD,GAAQ,QAAAhD,OAAM,WAAW,IAAIZ,GAAAA,IAAI,UAAUY,OAAM,WAAW,IAAIA,OAAM;AAAA,EAAA;AAEvF;AAaA,MAAM0I,UAAQ,OAAO,cAA2B,OAAiC;AAC/E,MAAI,OAAO,KAAK,WAAW,EAAE,WAAW,GAAG;AAClC,WAAA;AAAA,EACT;AAEA,QAAM1I,SAAQ,MAAM,OAAO,GACxB,MAAM,kBAAkB,EACxB,QAAQ,EAAE,QAAQoI,iBAAe,UAAUC,mBAAiB,OAAO,aAAa;AAEnF,MAAI,CAACrI,QAAO;AACH,WAAAA;AAAA,EACT;AAEA,SAAOyI,0BAAwBzI,MAAK;AACtC;AAKA,MAAM0D,WAAS,OAAO,cAA2B,OAAyB;AAClE,QAAApD,YAAW,MAAMoI,QAAM,WAAW;AAExC,SAAO,CAAC,CAACpI;AACX;AAKA,MAAM8B,SAAO,CAAC,cAAsB;AAClC,SAAO8C,gBACJ,QAAA,WAAW,UAAU,OAAO,OAAO,IAAI,qBAAqB,CAAC,EAC7D,OAAO,SAAS,EAChB,OAAO,KAAK;AACjB;AAEA,MAAMyD,wBAAsB,CAAC,aAAuC;AAE5D,QAAA,gBAAgBJ,YAAS,QAAQ,KAAK,OAAO,SAAS,QAAQ,KAAK,WAAW;AACpF,MAAI,CAAC,iBAAiB,CAAChI,GAAA,MAAM,QAAQ,GAAG;AAChC,UAAA,IAAI8C,kBAAgB,4CAA4C;AAAA,EACxE;AAEO,SAAA;AAAA,IACL,UAAU,YAAY;AAAA,IACtB,WAAW,WAAW,KAAK,QAAQ,WAAW;AAAA,EAAA;AAElD;AAKA,MAAMJ,WAAS,OAAO,eAAgD;AACpE,QAAM,YAAYiC,gBAAAA,QAAO,YAAY,GAAG,EAAE,SAAS,KAAK;AAEnB,uCAAA,WAAW,MAAM,WAAW,WAAW;AAC5EsD,wBAAoB,WAAW,QAAQ;AAGvC,QAAMlI,YAAqB,MAAM,OAAO,GAAG,MAAM,kBAAkB,EAAE,OAAO;AAAA,IAC1E,QAAQ8H;AAAAA,IACR,UAAUC;AAAAA,IACV,MAAM;AAAA,MACJ,GAAG1F,GAAK,KAAA,eAAe,UAAU;AAAA,MACjC,WAAWP,OAAK,SAAS;AAAA,MACzB,GAAGuG,sBAAoB,WAAW,QAAQ;AAAA,IAC5C;AAAA,EAAA,CACD;AAED,QAAM,SAAmB,EAAE,GAAGrI,WAAU,UAAU;AAGlD,MAAI,WAAW,SAASL,YAAU,eAAe,QAAQ;AAMvD,UAAM,QAAQ;AAAA,MACZZ,QAAK,WAAW,WAAW,EAAE;AAAA,QAAI,CAACsB,YAChC,OAAO,GAAG,MAAM,6BAA6B,EAAE,OAAO;AAAA,UACpD,MAAM,EAAE,QAAAA,SAAQ,OAAOL,UAAS;AAAA,QAAA,CACjC;AAAA,MACH;AAAA,IAAA;AAGI,UAAA,qBAAqB,MAAM,OAAO,GACrC,MAAM,kBAAkB,EACxB,KAAKA,WAAU,aAAa;AAE/B,QAAI,oBAAoB;AACf,aAAA,OAAO,QAAQ,EAAE,aAAalB,GAAAA,IAAI,UAAU,kBAAkB,GAAG;AAAA,IAC1E;AAAA,EACF;AAEO,SAAA;AACT;AAEA,MAAMwJ,eAAa,OAAO,OAA2C;AACnE,QAAM,YAAY1D,gBAAAA,QAAO,YAAY,GAAG,EAAE,SAAS,KAAK;AAExD,QAAM5E,YAAqB,MAAM,OAAO,GAAG,MAAM,kBAAkB,EAAE,OAAO;AAAA,IAC1E,QAAQ,CAAC,MAAM,WAAW;AAAA,IAC1B,OAAO,EAAE,GAAG;AAAA,IACZ,MAAM;AAAA,MACJ,WAAW8B,OAAK,SAAS;AAAA,IAC3B;AAAA,EAAA,CACD;AAED,MAAI,CAAC9B,WAAU;AACP,UAAA,IAAI6H,gBAAc,sCAAsC;AAAA,EAChE;AAEO,SAAA;AAAA,IACL,GAAG7H;AAAA,IACH;AAAA,EAAA;AAEJ;AAEA,MAAMuI,uBAAqB,MAAM;AAC/B,MAAI,CAAC,OAAO,OAAO,IAAI,qBAAqB,GAAG;AAEzC,QAAA,QAAQ,IAAI,gBAAgB;AAC9B,cAAQ,YAAY;AAAA,uUAC6S;AAEjU,aAAO,OAAO,IAAI,uBAAuB,QAAQ,IAAI,cAAc;AAAA,IAAA,OAC9D;AACL,YAAM,IAAI;AAAA,QACR;AAAA;AAAA,MAAA;AAAA,IAGJ;AAAA,EACF;AACF;AAKA,MAAMC,SAAO,YAAsC;AACjD,QAAM,SAA4B,MAAM,OAAO,GAAG,MAAM,kBAAkB,EAAE,SAAS;AAAA,IACnF,QAAQV;AAAAA,IACR,UAAUC;AAAAA,IACV,SAAS,EAAE,MAAM,MAAM;AAAA,EAAA,CACxB;AAED,MAAI,CAAC,QAAQ;AACJ,WAAA;AAAA,EACT;AAEA,SAAO,OAAO,IAAI,CAACrI,WAAUyI,0BAAwBzI,MAAK,CAAC;AAC7D;AAKA,MAAM+I,WAAS,OAAO,OAA2C;AAC/D,SAAO,OAAO,GACX,MAAM,kBAAkB,EACxB,OAAO,EAAE,QAAQX,iBAAe,UAAUC,mBAAiB,OAAO,EAAE,GAAA,EAAM,CAAA;AAC/E;AAKA,MAAMW,YAAU,OAAO,OAAwB;AACtC,SAAAN,QAAM,EAAE,GAAA,CAAI;AACrB;AAKA,MAAMO,cAAY,OAAOlK,UAAiB;AACjC,SAAA2J,QAAM,EAAE,MAAA3J,MAAA,CAAM;AACvB;AAKA,MAAMyF,WAAS,OACb,IACA,eACsB;AAEtB,QAAM,gBAA4B,MAAM,OAAO,GAC5C,MAAM,kBAAkB,EACxB,QAAQ,EAAE,OAAO,EAAE,GAAA,EAAM,CAAA;AAE5B,MAAI,CAAC,eAAe;AACZ,UAAA,IAAI2D,gBAAc,iBAAiB;AAAA,EAC3C;AAEM,QAAA,uBACJ,WAAW,SAASlI,YAAU,eAAe,UAC7C,cAAc,SAASA,YAAU,eAAe;AAI9C,MAAA,WAAW,eAAe,sBAAsB;AAClD;AAAA,MACE,WAAW,QAAQ,cAAc;AAAA,MACjC,WAAW,eAAe,cAAc;AAAA,IAAA;AAAA,EAE5C;AAEAuI,wBAAoB,WAAW,QAAQ;AAEvC,QAAM,eAAyB,MAAM,OAAO,GAAG,MAAM,kBAAkB,EAAE,OAAO;AAAA,IAC9E,QAAQJ;AAAAA,IACR,OAAO,EAAE,GAAG;AAAA,IACZ,MAAMzF,GAAAA,KAAK,eAAe,UAAU;AAAA,EAAA,CACrC;AAGD,MAAI,aAAa,SAAS1C,YAAU,eAAe,UAAU,WAAW,aAAa;AAC7E,UAAA,2BAA2B,MAAM,OAAO,GAC3C,MAAM,kBAAkB,EACxB,KAAK,cAAc,aAAa;AAEnC,UAAM,qBAAqBb,GAAA,IAAI,UAAU,4BAA4B,CAAE,CAAA;AACjE,UAAA,iBAAiBC,GAAAA,KAAK,WAAW,WAAW;AAE5C,UAAA,kBAAkBC,GAAAA,WAAW,oBAAoB,cAAc;AAC/D,UAAA,eAAeA,GAAAA,WAAW,gBAAgB,kBAAkB;AAIlE,UAAM,QAAQ;AAAA,MACZ,gBAAgB;AAAA,QAAI,CAACqB,YACnB,OAAO,GAAG,MAAM,6BAA6B,EAAE,OAAO;AAAA,UACpD,OAAO,EAAE,QAAAA,SAAQ,OAAO,GAAG;AAAA,QAAA,CAC5B;AAAA,MACH;AAAA,IAAA;AAKF,UAAM,QAAQ;AAAA,MACZ,aAAa;AAAA,QAAI,CAACA,YAChB,OAAO,GAAG,MAAM,6BAA6B,EAAE,OAAO;AAAA,UACpD,MAAM,EAAE,QAAAA,SAAQ,OAAO,GAAG;AAAA,QAAA,CAC3B;AAAA,MACH;AAAA,IAAA;AAAA,EAIK,WAAA,aAAa,SAASV,YAAU,eAAe,QAAQ;AAC9D,UAAM,OAAO,GAAG,MAAM,6BAA6B,EAAE,OAAO;AAAA,MAC1D,OAAO,EAAE,OAAO,GAAG;AAAA,IAAA,CACpB;AAAA,EACH;AAGM,QAAA,oBAAoB,MAAM,OAAO,GACpC,MAAM,kBAAkB,EACxB,KAAK,cAAc,aAAa;AAE5B,SAAA;AAAA,IACL,GAAG;AAAA,IACH,aAAa,oBAAoB,kBAAkB,IAAI,CAAC,MAAW,EAAE,MAAM,IAAI;AAAA,EAAA;AAEnF;;;;;;;;;;;;;;;ACnXA,MAAM,2BAA2B,CAAC,QAAQ,MAAM;AAEhD,MAAM,YAAY;AAAA,EAChB,QAAQoF,QAAAA,gBAAgB;AAAA,EACxB,WAAWA,QAAAA,gBAAgB;AAC7B;AAEA,yBAAyB,QAAQ,CAAC1E,YAAW;AAC3C,YAAU,OAAO,SAASA,SAAQ,EAAE,QAAAA,QAAQ,CAAA;AAC9C,CAAC;AAED,MAAM,SAASa,qBAAAA,QAAY,OAAO,IAAI,EAAE,WAAW;;;;;;ACEnD,MAAM,mBAAE6B,mBAAiB,cAAkB,IAAAjD;AAE3C,MAAM,qBAAqB;AAC3B,MAAM,gCAAgC;AAEtC,MAAM,gBAAgB;AAAA,EACpB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF;AAEA,MAAM,kBAAkB,CAAC,aAAa;AAKtC,MAAM,OAAO,YAA+C;AAC1D,QAAM,SAAkC,MAAM,OAAO,GAAG,MAAM,kBAAkB,EAAE,SAAS;AAAA,IACzF,QAAQ;AAAA,IACR,UAAU;AAAA,IACV,SAAS,EAAE,MAAM,MAAM;AAAA,EAAA,CACxB;AAED,MAAI,CAAC;AAAe,WAAA;AACpB,SAAO,OAAO,IAAI,CAACJ,WAAU,wBAAwBA,MAAK,CAAC;AAC7D;AAKA,MAAM,0BAA0B,MAAckF,gBAAAA,QAAO,YAAY,GAAG,EAAE,SAAS,KAAK;AAKpF,MAAM,oBAAoB,CAAC,cAA8B;AAChDgE,kBAAAA,QAAA,OAAO,cAAc,UAAU,iCAAiC;AAChEA,kBAAAA,QAAA,UAAU,UAAU,IAAI,iDAAiD;AAEzE,SAAA;AACT;AAEa,MAAA,eAAe,CAC1B,eAC4C;AAC5C,SAAO,eAAe;AACxB;AAKA,MAAM,SAAS,OAAO,eAA2D;AACzE,QAAA,YAAY,aAAa,UAAU,IACrC,kBAAkB,WAAW,SAAS,IACtC;AAGJ,SAAO,WAAW;AAElB,iCAA+B,UAAU;AACzC,sBAAoB,WAAW,QAAQ;AAEvC,QAAM,SAAU,MAAM,OAAO,GAAG,YAAY,YAAY;AACtD,UAAMxH,iBAAgB,MAAM,OAAO,GAAG,MAAM,kBAAkB,EAAE,OAAO;AAAA,MACrE,QAAQ;AAAA,MACR,UAAU;AAAA,MACV,MAAM;AAAA,QACJ,GAAGiB,GAAK,KAAA,eAAe,UAAU;AAAA,QACjC,WAAW,KAAK,SAAS;AAAA,QACzB,GAAG,oBAAoB,WAAW,QAAQ;AAAA,MAC5C;AAAA,IAAA,CACD;AAED,UAAM,QAAQ;AAAA,MACZtD,QAAK,WAAW,WAAW,EAAE;AAAA,QAAI,CAACsB,YAChC,OAAO,GACJ,MAAM,6BAA6B,EACnC,OAAO,EAAE,MAAM,EAAE,QAAAA,SAAQ,OAAOe,kBAAiB;AAAA,MACtD;AAAA,IAAA;AAGI,UAAA,qBAAgD,MAAM,OAAO,GAChE,MAAM,kBAAkB,EACxB,KAAKA,gBAAe,aAAa;AAEpC,QAAI,oBAAoB;AACf,aAAA,OAAOA,gBAAe,EAAE,aAAatC,GAAAA,IAAI,UAAU,kBAAkB,GAAG;AAAA,IACjF;AAEO,WAAAsC;AAAA,EAAA,CACR;AAEM,SAAA,EAAE,GAAG,QAAQ;AACtB;AAKA,MAAM,SAAS,OACb,IACA,eACoC;AAEpC,QAAM,gBAAgB,MAAM,OAAO,GAAG,MAAM,kBAAkB,EAAE,QAAQ,EAAE,OAAO,EAAE,GAAA,EAAM,CAAA;AAEzF,MAAI,CAAC,eAAe;AACZ,UAAA,IAAI,cAAc,iBAAiB;AAAA,EAC3C;AAEA,iCAA+B,UAAU;AACzC,sBAAoB,WAAW,QAAQ;AAEhC,SAAA,OAAO,GAAG,YAAY,YAAY;AACvC,UAAM,eAAe,MAAM,OAAO,GAAG,MAAM,kBAAkB,EAAE,OAAO;AAAA,MACpE,QAAQ;AAAA,MACR,OAAO,EAAE,GAAG;AAAA,MACZ,MAAM;AAAA,QACJ,GAAGiB,GAAK,KAAA,eAAe,UAAU;AAAA,MACnC;AAAA,IAAA,CACD;AAED,QAAI,WAAW,aAAa;AACpB,YAAA,2BAA2B,MAAM,OAAO,GAC3C,MAAM,kBAAkB,EACxB,KAAK,cAAc,aAAa;AAEnC,YAAM,qBAAqBvD,GAAA,IAAI,UAAU,4BAA4B,CAAE,CAAA;AACjE,YAAA,iBAAiBC,GAAAA,KAAK,WAAW,WAAW;AAE5C,YAAA,kBAAkBC,GAAAA,WAAW,oBAAoB,cAAc;AAC/D,YAAA,eAAeA,GAAAA,WAAW,gBAAgB,kBAAkB;AAIlE,YAAM,QAAQ;AAAA,QACZ,gBAAgB;AAAA,UAAI,CAACqB,YACnB,OAAO,GAAG,MAAM,6BAA6B,EAAE,OAAO;AAAA,YACpD,OAAO,EAAE,QAAAA,SAAQ,OAAO,GAAG;AAAA,UAAA,CAC5B;AAAA,QACH;AAAA,MAAA;AAKF,YAAM,QAAQ;AAAA,QACZ,aAAa;AAAA,UAAI,CAACA,YAChB,OAAO,GAAG,MAAM,6BAA6B,EAAE,OAAO;AAAA,YACpD,MAAM,EAAE,QAAAA,SAAQ,OAAO,GAAG;AAAA,UAAA,CAC3B;AAAA,QACH;AAAA,MAAA;AAAA,IAEJ;AAGM,UAAA,oBAA+C,MAAM,OAAO,GAC/D,MAAM,kBAAkB,EACxB,KAAK,cAAc,aAAa;AAE5B,WAAA;AAAA,MACL,GAAG;AAAA,MACH,aAAa,oBAAoB,kBAAkB,IAAI,CAAC,MAAM,EAAE,MAAM,IAAI;AAAA,IAAA;AAAA,EAC5E,CACD;AACH;AAKA,MAAM,SAAS,OAAO,OAAyD;AAC7E,SAAO,OAAO,GAAG;AAAA,IAAY,YAC3B,OAAO,GACJ,MAAM,kBAAkB,EACxB,OAAO,EAAE,QAAQ,eAAe,UAAU,iBAAiB,OAAO,EAAE,MAAM;AAAA,EAAA;AAEjF;AAKA,MAAM,QAAQ,OACZ,cAAc,OAO6B;AAC3C,MAAI,OAAO,KAAK,WAAW,EAAE,WAAW,GAAG;AAClC,WAAA;AAAA,EACT;AAEA,QAAMX,SAAQ,MAAM,OAAO,GACxB,MAAM,kBAAkB,EACxB,QAAQ,EAAE,QAAQ,eAAe,UAAU,iBAAiB,OAAO,aAAa;AAEnF,MAAI,CAACA,QAAO;AACH,WAAAA;AAAA,EACT;AAEA,SAAO,wBAAwBA,MAAK;AACtC;AAKA,MAAM,UAAU,OAAO,OAAgE;AAC9E,SAAA,MAAM,EAAE,GAAA,CAAI;AACrB;AAKA,MAAM,YAAY,OAAOjB,UAAyD;AACzE,SAAA,MAAM,EAAE,MAAAA,MAAA,CAAM;AACvB;AAKA,MAAM,SAAS,OACb,cAAc,OAOO;AACf,QAAA2C,iBAAgB,MAAM,MAAM,WAAW;AAE7C,SAAO,CAAC,CAACA;AACX;AAEA,MAAM,aAAa,OAAO,OAAgD;AACxE,QAAM,YAAYwD,gBAAAA,QAAO,YAAY,GAAG,EAAE,SAAS,KAAK;AAClD,QAAAxD,iBAAiB,MAAM,OAAO,GAAG;AAAA,IAAY,YACjD,OAAO,GAAG,MAAM,kBAAkB,EAAE,OAAO;AAAA,MACzC,QAAQ,CAAC,MAAM,WAAW;AAAA,MAC1B,OAAO,EAAE,GAAG;AAAA,MACZ,MAAM;AAAA,QACJ,WAAW,KAAK,SAAS;AAAA,MAC3B;AAAA,IAAA,CACD;AAAA,EAAA;AAGH,MAAI,CAACA,gBAAe;AACZ,UAAA,IAAI,cAAc,sCAAsC;AAAA,EAChE;AAEO,SAAA;AAAA,IACL,GAAGA;AAAA,IACH;AAAA,EAAA;AAEJ;AAEA,MAAM,sBAAsB,CAAC,aAAwC;AAE7D,QAAA,gBAAgB6G,YAAS,QAAQ,KAAK,OAAO,SAAS,QAAQ,KAAK,WAAW;AACpF,MAAI,CAAC,iBAAiB,CAAChI,GAAA,MAAM,QAAQ,GAAG;AAChC,UAAA,IAAI8C,kBAAgB,4CAA4C;AAAA,EACxE;AAEO,SAAA;AAAA,IACL,UAAU,YAAY;AAAA,IACtB,WAAW,WAAW,KAAK,QAAQ,WAAW;AAAA,EAAA;AAElD;AAKA,MAAM,OAAO,CAAC,cAA8B;AAC1C,QAAM,EAAE,mBAAA8F,mBAAsB,IAAA,WAAW,UAAU,EAAE;AAEjD,MAAA,CAACA,sBAAqB;AAClB,UAAA,IAAI,UAAU,oCAAoC;AAAA,EAC1D;AAEA,SAAOjE,gBACJ,QAAA,WAAW,UAAU,OAAO,OAAO,IAAI,2BAA2B,CAAC,EACnE,OAAO,SAAS,EAChB,OAAO,KAAK;AACjB;AAEA,MAAM,qBAAqB,MAAM;AAC/B,QAAM,EAAE,mBAAAiE,mBAAsB,IAAA,WAAW,UAAU,EAAE;AAGrD,MAAI,CAAC,OAAO,OAAO,IAAI,gCAAgC,GAAG;AACxD;AAAA,EACF;AAEI,MAAA,CAACA,sBAAqB;AAChB,YAAA;AAAA,MACN;AAAA;AAAA;AAAA,IAAA;AAAA,EAIJ;AACF;AAKA,MAAM,0BAA0B,CAACnJ,WAAgD;AAC/E,MAAI,CAACA,QAAO;AACH,WAAAA;AAAA,EACT;AAEO,SAAA;AAAA,IACL,GAAGA;AAAA,IACH,aAAagD,GAAQ,QAAAhD,OAAM,WAAW,IAClCZ,GAAAA,IAAI,UAAUY,OAAM,WAAwC,IAC5DA,OAAM;AAAA,EAAA;AAEd;AAKA,MAAM,iCAAiC,CAAC,eAAmC;AACzE,QAAM,oBAAoB,OAAO,QAAQ,iBAAiB,EAAE;AAC5D,QAAM,mBAAmB,kBAAkB,UAAU,OAAO,KAAK;AACjE,QAAM,qBAAqBV,GAAA,WAAW,WAAW,aAAa,gBAAgB;AAE1E,MAAA,CAAC6D,GAAAA,QAAQ,kBAAkB,GAAG;AAChC,UAAM,IAAIE,kBAAgB,iCAAiC,mBAAmB,KAAK,IAAI,CAAC,EAAE;AAAA,EAC5F;AACF;AAKA,MAAM,kBAAkB,CAAC,aAAsB;AACzC,MAAA9C,GAAAA,MAAM,QAAQ,GAAG;AACZ,WAAA;AAAA,EACT;AAEA,MACE,CAACgI,GAAA,SAAS,QAAQ,KAClB,CAAC,OAAO,OAAOtI,YAAU,wBAAwB,EAAE,SAAS,QAAQ,GACpE;AACO,WAAA;AAAA,EACT;AAEO,SAAA;AACT;AAKA,MAAM,sBAAsB,CAAC,aAAsB;AAC7C,MAAA,CAAC,gBAAgB,QAAQ,GAAG;AAC9B,UAAM,IAAIoD;AAAAA,MACR;AAAA,QACE,OAAO,OAAOpD,YAAU,wBAAwB,EAAE,KAAK,IAAI,CAAC;AAAA,IAAA;AAAA,EAElE;AACF;;;;;;;;;;;;;;;;ACtXA,MAAM,oBAAoB,MAAe;AACvC,QAAM,OAAO,OAAO,OAAO,IAAI,6BAA6B,IAAI;AAEhE,SAAO,OAAO,SAAS,YAAY,KAAK,SAAS;AACnD;AAKA,MAAM,0BAA0B,MAAe;AAC7C,QAAM,EAAE,OAAAmJ,OAAA,IAAU,WAAW,UAAU;AAGvC,MAAIC,QAAI,IAAA,KAAK,qCAAqC,MAAM,QAAW;AACjE,WAAO,IAAI;AAAA,MACT;AAAA,IAAA;AAAA,EAEJ;AAEA,SAAOD,OAAM,uBAAuB,OAAO,OAAO,IAAI,gCAAgC;AACxF;;;;;;;;;;;;ACtBA,MAAM,+BAA+B,CAAC,YAAY,UAAU;AAqB5D,MAAM,iBAAiB,OAAO,UAAkD;AAC9E,QAAM,oBAAoC,CAAA;AAE1C,QAAM,QAAQ;AAAA,IACZ,6BAA6B,IAAI,OAAO,cAAc;AAC9C,YAAA,OAAO,MAAM,SAAS;AAG5B,UAAI,CAAC,MAAM;AACT;AAAA,MACF;AAEA,YAAM,YAAY,MAAME,YAAG,QAAA,iBAAiB,KAAK,QAAQ;AAGvC,wBAAA,SAAS,IAAI,MAAM,OAClC,OAAO,QAAQ,EACf,QAAQ,QAAQ,EAChB,eAAe;AAAA,QACd,UAAU,KAAK;AAAA,QACf,MAAM,KAAK;AAAA,QACX,MAAM,KAAK;AAAA,MAAA,CACZ;AAGI,aAAA;AAAA,QACL,kBAAkB,SAAS;AAAA,QAC3B,MAAM,OAAO,OAAO,QAAQ,EAAE,QAAQ,oBAAoB,EAAE,cAAc,EAAE,WAAW;AAAA,MAAA;AAIlF,aAAA,OAAO,kBAAkB,SAAS,GAAI;AAAA,QAC3C,QAAQ,UAAU;AAAA,QAClB,SAAS,KAAK;AAAA;AAAA;AAAA,QAGd,UAAU,OAAO,OAAO,IAAI,gBAAgB,EAAE;AAAA,MAAA,CAC/C;AAAA,IAAA,CACF;AAAA,EAAA;AAGI,SAAA;AACT;AAEA,MAAM,qBAAqB,YAAkD;AACrE,QAAA,QAAQ,OAAO,MAAM,EAAE,MAAM,QAAQ,MAAM,SAAS;AAG1D,QAAM,yBAAyB,6BAA6B,OAAO,CAAC,MAAW,QAAa;AAC1F,SAAK,GAAG,IAAI;AACL,WAAA;AAAA,EACT,GAAG,CAAE,CAAA;AAEL,QAAMC,mBAAkB;AAAA,IACtB,GAAG;AAAA;AAAA,IAEH,GAAI,MAAM,MAAM,IAAI,EAAE,KAAK,oBAAoB;AAAA,EAAA;AAIpB,+BAAA,QAAQ,CAAC,cAAc;AAC9C,QAAA,CAACA,iBAAgB,SAAS,GAAG;AAC/B;AAAA,IACF;AAEA,IAAAA,iBAAgB,SAAS,IAAI9G,EAAK,KAAA8G,iBAAgB,SAAS,GAAG;AAAA,MAC5D;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IAAA,CACD;AAAA,EAAA,CACF;AAEM,SAAAA;AACT;AAEA,MAAM,cAAc,OAAO,QAAmB,OAAO;AAEnD,SAAO,QAAQ;AAAA,IACb,OAAO,OAAO,KAAK,EAChB,OAAO,CAAC,SAAS,MAAM,kBAAkBD,oBAAG,UAAU,EACtD,IAAI,CAAC,SAAS,OAAO,OAAO,QAAQ,EAAE,SAAS,aAAa,IAAI,CAAC;AAAA,EAAA;AAExE;AAEA,MAAM,iBAAiB,OAAO,EAAE,kBAAkB,kBAAuB;AACvE,SAAO,QAAQ;AAAA,IACb,6BAA6B,IAAI,OAAO,cAAc;AAEpD,UAAI,CAAC,kBAAkB;AACrB;AAAA,MACF;AAGI,UAAA,CAAC,iBAAiB,SAAS,GAAG;AAChC;AAAA,MACF;AAIE,UAAA,YAAY,SAAS,KACrB,iBAAiB,SAAS,EAAE,SAAS,YAAY,SAAS,EAAE,MAC5D;AACA;AAAA,MACF;AAKI,UAAA,OAAO,OAAO,IAAI,gBAAgB,EAAE,aAAa,iBAAiB,SAAS,EAAE,UAAU;AACzF;AAAA,MACF;AAIA,aAAO,OAAO,QAAQ,EAAE,SAAS,OAAO,iBAAiB,SAAS,CAAC;AAAA,IAAA,CACpE;AAAA,EAAA;AAEL;AAIA,MAAME,0BAAwB,OAC5B,gBACG;AACG,QAAA,QAAQ,OAAO,MAAM,EAAE,MAAM,QAAQ,MAAM,SAAS;AAC1D,QAAM,mBAAoB,MAAM,MAAM,IAAI,EAAE,KAAK,oBAAoB;AAC/D,QAAA,QAAQ/G,EAAAA,KAAK,aAAa,4BAA4B;AAE5D,QAAM,YAAY,KAAK;AAEM,+BAAA,QAAQ,CAAC,cAAc;AAE9C,QAAA,YAAY,SAAS,MAAM,UAAa,EAAE,OAAO,YAAY,SAAS,MAAM,WAAW;AACzF,kBAAY,SAAS,IAAI;AACzB;AAAA,IACF;AAGA,QAAI,CAAC,YAAY,SAAS,KAAK,kBAAkB;AACnC,kBAAA,SAAS,IAAI,iBAAiB,SAAS;AACnD;AAAA,IACF;AAGA,gBAAY,SAAS,IAAIA,EAAK,KAAA,YAAY,SAAS,GAAG;AAAA,MACpD;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IAAA,CACD;AAAA,EAAA,CACF;AAGc,iBAAA,EAAE,kBAAkB,YAAA,CAAa;AAEhD,QAAM,MAAM,IAAI;AAAA,IACd,KAAK;AAAA,IACL,OAAO,EAAE,GAAG,kBAAkB,GAAG,YAAY;AAAA,EAAA,CAC9C;AAED,SAAO,mBAAmB;AAC5B;;;;;;;;AChLA,MAAe,UAAA;AAAA,EACb;AAAA,EAAA,MACAzD;AAAAA,EAAA,MACAwD;AAAAA,EACA;AAAA,EAAA,OACAxC;AAAAA,EAAA,YACAkD;AAAAA,EACA;AAAA,EACA,gBAAgB;AAAA,EAAA,WAChBjD;AAAAA,EACA;AAAA,EACA;AAAA,EACA,aAAaK;AAAAA,EAAA,UACb0B;AAAAA,EACA,oBAAoB;AACtB;AC7BA,MAAM,kBAAkB;AACxB,MAAM,mBAAmB;AACzB,MAAM,sBAAsB,OAAO;AAEnC,MAAM,wBAAwByH,MAC3B,OAAO;AAAA,EACN,UAAUA,IAAA,EAAE,OAAO,EAAE,QAAQ;AAAA,EAC7B,UAAUA,IAAA,EAAE,OAAO,EAAE,QAAQ;AAC/B,CAAC,EACA,OAAO;AAEV,MAAM,4BAA4BA,MAAE,OAAO;AAAA,EACzC,kBAAkBA,IAAA,EAAE,OAAO,EAAE,QAAQ;AAAA,EACrC,UAAUA,IAAE,EAAA,KAAK,CAAC,cAAc,aAAa,eAAe,CAAC;AAAA,EAC7D,MAAMA,IAAE,EAAA,OAAA,EAAS,IAAI,mBAAmB,EAAE,QAAQ;AACpD,CAAC;AAED,MAAM,6BAA6BA,MAChC,OAAO;AAAA,EACN,UAAU,0BAA0B,QAAQ;AAAA,EAC5C,UAAU,0BAA0B,QAAQ;AAC9C,CAAC,EACA,OAAO;AAEV,MAAM,iBAAiBA,MAAE,OAAO;AAAA,EAC9B,OAAOA,IAAE,EAAA,OAAA,EAAS,IAAI,eAAe,EAAE,QAAQ;AAAA,EAC/C,QAAQA,IAAE,EAAA,OAAA,EAAS,IAAI,gBAAgB,EAAE,QAAQ;AACnD,CAAC;AAED,MAAM,wCAAwCA,MAC3C,OAAO;AAAA,EACN,UAAU,eAAe,QAAQ;AAAA,EACjC,UAAU,eAAe,QAAQ;AACnC,CAAC,EACA,OAAO;AAEG,MAAA,gCAAgCC,QAAAA,YAAY,qBAAqB;AACjE,MAAA,qCAAqCA,QAAAA,YAAY,0BAA0B;AACjF,MAAM,gDAAgDA,QAAA;AAAA,EAC3D;AACF;ACjBA,MAAM,EAAE,kBAAsB,IAAAC;AAK9B,MAAe,QAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOb,MAAM,iBAAiB;AACrB,UAAM,QAAQ,OAAO,OAAO,IAAI,eAAe,CAAA,CAAE;AAC1C,WAAA,EAAE,MAAM,EAAE,MAAM,OAAO,UAAU,CAAI,GAAA,MAAA;EAC9C;AAAA,EAEA,MAAM,OAAO;AACX,QAAI,OAAO,OAAO,OAAO,IAAI,QAAQ,KAAK;AAC1C,UAAM,WAAW,MAAM,WAAW,MAAM,EAAE,OAAO;AAC3C,UAAA,EAAE,UAAU,SAAS,IAAI,MAAM,WAAW,kBAAkB,EAAE;AAE9D,UAAA,oBAAoC,OAAO,OAAO;AAAA,MACtD;AAAA,MACA;AAAA,IAAA;AAGE,QAAA,sBAAsB,QAAQ,sBAAsB,MAAM;AACrD,aAAA;AAAA,IACT;AAEO,WAAA;AAAA,MACL,MAAM;AAAA,QACJ;AAAA,QACA;AAAA,QACA,UAAU,WAAW,SAAS,MAAM;AAAA,QACpC,UAAU,WAAW,SAAS,MAAM;AAAA,MACtC;AAAA,IAAA;AAAA,EAEJ;AAAA,EAEA,MAAM,qBAAqB;AAClB,WAAA;AAAA,MACL;AAAA,MACA,mBAAmB;AAAA,EACvB;AAAA,EAEA,MAAM,sBAAsB,KAAc;AAClC,UAAA;AAAA,MACJ,SAAS,EAAE,OAAO,KAAK;AAAA,IACrB,IAAA;AAEE,UAAA,yBAAyB,WAAW,kBAAkB;AAE5D,UAAM,8BAA8B,IAAI;AACxC,UAAM,mCAAmC,KAAK;AAE9C,UAAM,gBAAgB,MAAM,uBAAuB,eAAe,KAAK;AACvE,UAAM,8CAA8C,aAAa;AAEjE,WAAO,uBAAuB,sBAAsB;AAAA,MAClD,GAAG;AAAA,MACH,GAAG;AAAA,IAAA,CACJ;AAAA,EACH;AAAA,EAEA,MAAM,oBAAoB,KAAc;AAElC,QAAA,OAAO,UAAU,YAAY;AAC/B,UAAI,SAAS;AACb;AAAA,IACF;AAEA,UAAM,wBAAwB,MAAM,kBAAkB,OAAO,KAAK,IAAI,IAAI;AAC1E,UAAM,uBAAuB,MAAM;AAAA,MACjChK,sBAAK,KAAK,OAAO,KAAK,IAAI,MAAM,OAAO,OAAO;AAAA,IAAA;AAEhD,UAAM,wBAAwB0J,QAAA,IAAI,kBAAkB,IAAI,MAAM;AAE9D,UAAM,0BAA0BlI,aAAA,QAAE,KAAK,OAAO,YAAY;AAC1D,UAAM,qBAAqBA,aAAA,QAAE,KAAK,OAAO,UAAU;AAEnD,UAAM,0BAA0B,MAAM;AAC7B,aAAA0B,GAAA;AAAA,QACLzD,GAAAA,IAAI,YAAY;AAAA,QAChBwH,GAAAA,QAAQgD,GAAAA,MAAM;AAAA;AAAA,QAEdC,GAAAA,MAAMnC,GAAA,OAAO,QAAQ,aAAa,CAAC;AAAA,MAAA,EACnC,OAAO,YAAmB;AAAA,IAAA;AAGvB,WAAA;AAAA,MACL,MAAM;AAAA,QACJ;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA;AAAA,QACA;AAAA,QACA,sBAAsB,wBAAwB;AAAA,MAChD;AAAA,IAAA;AAAA,EAEJ;AAAA,EAEA,MAAM,cAAc;AAClB,UAAM,qBAA6B,OAAO,OAAO,IAAI,aAAa;AAClE,UAAM,aAAa,OAAO,OAAO,IAAI,cAAc,KAAK;AACxD,UAAM,gBAAgB,OAAO,OAAO,IAAI,eAAe,IAAI;AAC3D,UAAM,eAAe,OAAO,OAAO,IAAI,qBAAqB,CAAA,CAAE;AAC9D,UAAM,YAAY,OAAO,OAAO,IAAI,QAAQ,IAAI;AAChD,UAAM,cAAc,QAAQ;AACtB,UAAA,mBAAmB,CAAC,OAAO;AAC3B,UAAA,UAAmB,MAAMhE,IAAO,OAAA/D,sBAAK,KAAK,QAAQ,IAAA,GAAO,WAAW,CAAC;AAEpE,WAAA;AAAA,MACL,MAAM;AAAA,QACJ;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,MACF;AAAA,IAAA;AAAA,EAEJ;AAAA,EAEA,MAAM,QAAQ,KAAc;AAC1B,UAAM,iBAAiB,OAAO,OAAO,IAAI,gBAAgB;AAIzD,UAAM,eAAe;AAAA,MACnB;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IAAA;AAGI,UAAAmK,WAAU,OAAO,QAAQ,cAAc,EAC1C,OAAO,CAAC,CAAC,GAAG,MAAW,CAAC,aAAa,SAAS,GAAG,CAAC,EAClD,IAAI,CAAC,CAAC,KAAK,MAAM,OAAY;AAAA,MAC5B,MAAM,OAAO,KAAK,QAAQ;AAAA,MAC1B,aAAa,OAAO,KAAK,eAAe,OAAO,KAAK,QAAQ;AAAA,MAC5D,aAAa,OAAO,KAAK,eAAe;AAAA,MACxC,aAAa,OAAO,KAAK;AAAA,IACzB,EAAA;AAEA,QAAA,KAAK,EAAE,SAAAA,SAAA,CAAS;AAAA,EACtB;AACF;AChLA,MAAM,yBAAyB5I,QAAA,IAC5B,OAAO,EACP,MAAM;AAAA,EACL,MAAMA,QAAI,IAAA,OAAA,EAAS,IAAI,CAAC,EAAE,SAAS;AAAA,EACnC,aAAaA,QAAA,IAAI,OAAO,EAAE,SAAS;AAAA,EACnC,MAAMA,QAAI,IAAA,OAAS,EAAA,MAAM,OAAO,OAAOjB,YAAU,cAAc,CAAC,EAAE,SAAS;AAAA,EAC3E,aAAaiB,QAAAA,IAAI,QAAQ,GAAGA,QAAAA,IAAI,OAAA,CAAQ,EAAE,SAAS;AAAA,EACnD,UAAUA,QAAAA,IAAI,SAAS,IAAI,CAAC,EAAE,MAAM,OAAO,OAAOjB,YAAU,mBAAmB,CAAC,EAAE,SAAS;AAC7F,CAAC,EACA,YACA;AAEH,MAAM,uBAAuBiB,QAAA,IAC1B,OAAO,EACP,MAAM;AAAA,EACL,MAAMA,QAAI,IAAA,OAAA,EAAS,IAAI,CAAC,EAAE,QAAQ;AAAA,EAClC,aAAaA,QAAA,IAAI,OAAO,EAAE,SAAS;AAAA,EACnC,MAAMA,QAAI,IAAA,OAAS,EAAA,MAAM,OAAO,OAAOjB,YAAU,cAAc,CAAC,EAAE,QAAQ;AAAA,EAC1E,aAAaiB,QAAAA,IAAI,QAAQ,GAAGA,QAAAA,IAAI,OAAA,CAAQ,EAAE,SAAS;AACrD,CAAC,EACA,YACA;AAEU,MAAA,gCAAgCE,QAAAA,kBAAkB,sBAAsB;AACxE,MAAA,8BAA8BA,0BAAkB,oBAAoB;ACfjF,MAAM,EAAEa,kBAAAA,mBAAqB,IAAA7B;AAE7B,MAAe,aAAA;AAAA,EACb,MAAM,OAAO,KAAc;AACnB,UAAA,EAAE,KAAK,IAAI,IAAI;AACf,UAAA,kBAAkB,WAAW,WAAW;AAO9C,UAAM,aAAa;AAAA,MACjB,MAAM2J,GAAAA,KAAK,KAAK,IAAI;AAAA,MACpB,aAAaA,GAAAA,KAAK,KAAK,WAAW;AAAA,MAClC,MAAM,KAAK;AAAA,MACX,aAAa,KAAK;AAAA,MAClB,UAAU,KAAK;AAAA,IAAA;AAGjB,UAAM,8BAA8B,UAAU;AAExC,UAAA,gBAAgB,MAAM,gBAAgB,OAAO,EAAE,MAAM,WAAW,MAAM;AAC5E,QAAI,eAAe;AACX,YAAA,IAAI9H,mBAAiB,oBAAoB;AAAA,IACjD;AAEA,UAAM3B,YAAW,MAAM,gBAAgB,OAAO,UAAU;AACxD,QAAI,QAAQ,EAAE,MAAMA,UAAoC,CAAA;AAAA,EAC1D;AAAA,EAEA,MAAM,WAAW,KAAc;AACvB,UAAA,EAAE,GAAG,IAAI,IAAI;AACb,UAAA,kBAAkB,WAAW,WAAW;AAE9C,UAAM,iBAAiB,MAAM,gBAAgB,QAAQ,EAAE;AACvD,QAAI,CAAC,gBAAgB;AACnB,UAAI,SAAS,qBAAqB;AAClC;AAAA,IACF;AAEA,UAAM,cAAc,MAAM,gBAAgB,WAAW,EAAE;AAEvD,QAAI,QAAQ,EAAE,MAAM,YAAa,CAAA;AAAA,EACnC;AAAA,EAEA,MAAM,KAAK,KAAc;AACjB,UAAA,kBAAkB,WAAW,WAAW;AACxC,UAAA0J,aAAY,MAAM,gBAAgB;AAExC,QAAI,KAAK,EAAE,MAAMA,WAAmC,CAAA;AAAA,EACtD;AAAA,EAEA,MAAM,OAAO,KAAc;AACnB,UAAA,EAAE,GAAG,IAAI,IAAI;AACb,UAAA,kBAAkB,WAAW,WAAW;AAC9C,UAAM1J,YAAW,MAAM,gBAAgB,OAAO,EAAE;AAEhD,QAAI,QAAQ,EAAE,MAAMA,UAAoC,CAAA;AAAA,EAC1D;AAAA,EAEA,MAAM,IAAI,KAAc;AAChB,UAAA,EAAE,GAAG,IAAI,IAAI;AACb,UAAA,kBAAkB,WAAW,WAAW;AAC9C,UAAMA,YAAW,MAAM,gBAAgB,QAAQ,EAAE;AAEjD,QAAI,CAACA,WAAU;AACb,UAAI,SAAS,qBAAqB;AAClC;AAAA,IACF;AAEA,QAAI,KAAK,EAAE,MAAMA,UAAiC,CAAA;AAAA,EACpD;AAAA,EAEA,MAAM,OAAO,KAAc;AACnB,UAAA,EAAE,KAAK,IAAI,IAAI;AACf,UAAA,EAAE,GAAG,IAAI,IAAI;AACb,UAAA,kBAAkB,WAAW,WAAW;AAE9C,UAAM,aAAa;AAMf,QAAA8C,GAAA,IAAI,QAAQ,UAAU,GAAG;AAChB,iBAAA,OAAO2G,GAAAA,KAAK,KAAK,IAAI;AAAA,IAClC;AAEA,QAAI3G,GAAAA,IAAI,eAAe,UAAU,KAAK,WAAW,gBAAgB,MAAM;AAC1D,iBAAA,cAAc2G,GAAAA,KAAK,KAAK,WAAW;AAAA,IAChD;AAEA,UAAM,4BAA4B,UAAU;AAE5C,UAAM,iBAAiB,MAAM,gBAAgB,QAAQ,EAAE;AACvD,QAAI,CAAC,gBAAgB;AACZ,aAAA,IAAI,SAAS,qBAAqB;AAAA,IAC3C;AAEI,QAAA3G,GAAA,IAAI,QAAQ,UAAU,GAAG;AAC3B,YAAM,mBAAmB,MAAM,gBAAgB,UAAU,WAAW,IAAI;AAOpE,UAAA,CAAC,CAAC,oBAAoB,CAAC6G,gBAAQ,QAAQ,iBAAiB,IAAI,EAAE,GAAG;AAC7D,cAAA,IAAIhI,mBAAiB,oBAAoB;AAAA,MACjD;AAAA,IACF;AAEA,UAAM3B,YAAW,MAAM,gBAAgB,OAAO,IAAI,UAAU;AAC5D,QAAI,KAAK,EAAE,MAAMA,UAAoC,CAAA;AAAA,EACvD;AAAA,EAEA,MAAM,UAAU,KAAc;AACtB,UAAA,kBAAkB,WAAW,WAAW;AAGxC,UAAA,SAAS,MAAM,gBAAgB;AAErC,QAAI,KAAK,EAAE,MAAM,OAAQ,CAAA;AAAA,EAC3B;AACF;ACrIA,MAAM,qBAAqBY,QAAA,IACxB,OAAO,EACP,MAAM;AAAA,EACL,OAAO,WAAW,MAAM,SAAS;AAAA,EACjC,WAAW,WAAW,UAAU,SAAS;AAAA,EACzC,UAAU,WAAW;AAAA,EACrB,OAAO,WAAW,MAAM,IAAI,CAAC;AAAA,EAC7B,kBAAkBA,QAAA,IAAI,OAAO,EAAE,SAAS;AAC1C,CAAC,EACA,UAAU;AAEb,MAAM,sBAAsBA,QAAA,IACzB,OAAO,EACP,MAAM;AAAA,EACL,OAAO,WAAW,MAAM,QAAQ;AAAA,EAChC,WAAW,WAAW,UAAU,QAAQ;AAAA,EACxC,UAAU,WAAW,SAAS,SAAS;AAAA,EACvC,UAAU,WAAW,SAAS,SAAS;AAAA,EACvC,UAAU,WAAW,SAAS,QAAQ;AAAA,EACtC,iBAAiBA,QAAAA,IACd,OAAA,EACA;AAAA,IAAK;AAAA,IAAY,CAACgB,WAAkB,WACnC,CAACgI,eAAYhI,SAAQ,IAAI,OAAO,SAAA,IAAa;AAAA,IAE9C,QAAQ;AAAA,EACX,kBAAkBhB,QAAA,IAAI,OAAO,EAAE,SAAS;AAC1C,CAAC,EACA,UAAU;AAEb,MAAM,mBAAmBA,QAAA,IACtB,OAAO,EACP,MAAM;AAAA,EACL,OAAO,WAAW,MAAM,QAAQ;AAAA,EAChC,WAAW,WAAW,UAAU,QAAQ;AAAA,EACxC,UAAU,WAAW,SAAS,SAAS;AAAA,EACvC,UAAU,WAAW,SAAS,SAAS;AAAA,EACvC,UAAU,WAAW,SAAS,QAAQ;AAAA,EACtC,UAAUA,QAAA,IAAI,KAAK,EAAE,QAAQ;AAAA,EAC7B,OAAO,WAAW,MAAM,IAAI,CAAC,EAAE,QAAQ;AACzC,CAAC,EACA,UAAU;AAEb,MAAM,oBAAoBA,QAAA,IACvB,OAAO,EACP,MAAM;AAAA,EACL,KAAKA,QAAA,IAAI,MAAM,EAAE,GAAGA,QAAAA,IAAI,SAAS,CAAC,EAAE,IAAI,CAAC,EAAE,SAAS;AACtD,CAAC,EACA,UAAU;AAEA,MAAA,4BAA4BE,QAAAA,kBAAkB,kBAAkB;AAChE,MAAA,6BAA6BA,QAAAA,kBAAkB,mBAAmB;AAClE,MAAA,0BAA0BA,QAAAA,kBAAkB,gBAAgB;AAC5D,MAAA,2BAA2BA,0BAAkB,iBAAiB;ACjD3E,MAAe,oBAAA;AAAA,EACb,MAAM,MAAM,KAAc;AACxB,UAAM,WAAW,WAAW,MAAM,EAAE,aAAa,IAAI,MAAM,IAAiB;AAE5E,QAAI,OAAO;AAAA,MACT,MAAM;AAAA,IAAA;AAAA,EAEV;AAAA,EAEA,MAAM,SAAS,KAAc;AACrB,UAAA,QAAQ,IAAI,QAAQ;AAE1B,UAAM,2BAA2B,KAAK;AAEhC,UAAA,cAAc,WAAW,MAAM;AAC/B,UAAA,aAAa,WAAW,MAAM;AAEpC,UAAM,EAAE,iBAAiB,GAAG,SAAA,IAAa;AAErC,QAAA,mBAAmB,SAAS,UAAU;AAClC,YAAA,UAAU,MAAM,WAAW,iBAAiB,iBAAiB,IAAI,MAAM,KAAK,QAAQ;AAE1F,UAAI,CAAC,SAAS;AAEL,eAAA,IAAI,WAAW,mBAAmB;AAAA,UACvC,iBAAiB,CAAC,qBAAqB;AAAA,QAAA,CACxC;AAAA,MACH;AAAA,IACF;AAEM,UAAA,cAAc,MAAM,YAAY,WAAW,IAAI,MAAM,KAAK,IAAI,QAAQ;AAE5E,QAAI,OAAO;AAAA,MACT,MAAM,YAAY,aAAa,WAAW;AAAA,IAAA;AAAA,EAE9C;AAAA,EAEA,MAAM,kBAAkB,KAAc;AACpC,UAAM,EAAE,qBAAA+I,sBAAqB,oBAAAC,oBAAmB,IAAI,WAAW,YAAY;AACrE,UAAA,EAAE,MAAApL,MAAK,IAAI,IAAI;AAEf,UAAA,kBAAkB,MAAMmL,qBAAoBnL,KAAiB;AAEnE,QAAI,OAAO;AAAA;AAAA,MAET,MAAM,gBAAgB,IAAIoL,mBAAkB;AAAA,IAAA;AAAA,EAEhD;AACF;ACpDA,MAAM,qBAAqBlJ,QAAA,IACxB,OAAO,EACP,MAAM;AAAA,EACL,mBAAmBA,QAAA,IAAI,OAAO,EAAE,SAAS;AAAA,EACzC,UAAUA,QAAA,IACP,OAAO,EACP,MAAM;AAAA,IACL,WAAW,WAAW,UAAU,SAAS;AAAA,IACzC,UAAU,WAAW,SAAS,SAAS;AAAA,IACvC,UAAU,WAAW,SAAS,SAAS;AAAA,EAAA,CACxC,EACA,SAAS,EACT,UAAU;AACf,CAAC,EACA,UAAU;AAEb,MAAM,8BAA8BA,QAAA,IACjC,OAAO,EACP,MAAM;AAAA,EACL,mBAAmBA,QAAA,IAAI,OAAO,EAAE,SAAS;AAC3C,CAAC,EACA,WACA;AAEH,MAAM,0BAA0BA,QAAA,IAC7B,OAAO,EACP,MAAM;AAAA,EACL,OAAO,WAAW,MAAM,SAAS;AAAA,EACjC,WAAW,WAAW,UAAU,SAAS;AAAA,EACzC,UAAU,WAAW,SAAS,SAAS;AAAA,EACvC,UAAU,WAAW,SAAS,SAAS;AACzC,CAAC,EACA,WACA;AAEU,MAAA,4BAA4BE,QAAAA,kBAAkB,kBAAkB;AAChE,MAAA,gCAAgCA,QAAAA,kBAAkB,2BAA2B;AAC7E,MAAA,iCAAiCA,0BAAkB,uBAAuB;ACrCvF,MAAM,uBAAuBF,QAAA,IAC1B,OAAO,EACP,MAAM;AAAA,EACL,OAAO,WAAW,MAAM,SAAS;AACnC,CAAC,EACA,WACA;AAEH,MAAeE,8BAAAA,QAAAA,kBAAkB,oBAAoB;ACRrD,MAAM,sBAAsBF,QAAA,IACzB,OAAO,EACP,MAAM;AAAA,EACL,oBAAoBA,QAAA,IAAI,OAAO,EAAE,SAAS;AAAA,EAC1C,UAAU,WAAW,SAAS,SAAS;AACzC,CAAC,EACA,WACA;AAEH,MAAeE,6BAAAA,QAAAA,kBAAkB,mBAAmB;ACVpD,MAAM,aAAaF,QAAAA,IAAI,OAAS,EAAA,MAAM,EAAE,OAAOA,QAAAA,IAAI,OAAO,EAAE,WAAY,CAAA,EAAE,WAAW,UAAU;AAE/F,MAAeE,0BAAAA,QAAAA,kBAAkB,UAAU;ACqB3C,MAAM,oBAAEa,oBAAkB,gBAAoB,IAAA7B;AAE9C,MAAe,iBAAA;AAAA,EACb,OAAOiK,iBAAAA,QAAQ;AAAA,IACb,CAAC,KAAc,SAAe;AACrB,aAAApF,kBAAA,QAAS,aAAa,SAAS,EAAE,SAAS,SAAS,CAAC,KAAKjG,OAAM,SAAS;AAC7E,YAAI,KAAK;AACA,iBAAA,SAAS,KAAK,oBAAoB,EAAE,OAAO,KAAK,UAAU,SAAS;AAEtE,cAAA,IAAI,SAAS,SAAS,qBAAqB;AACvC,kBAAA;AAAA,UACR;AAGA,iBAAO,IAAI;QACb;AAEA,YAAI,CAACA,OAAM;AACF,iBAAA,SAAS,KAAK,oBAAoB;AAAA,YACvC,OAAO,IAAI,MAAM,KAAK,OAAO;AAAA,YAC7B,UAAU;AAAA,UAAA,CACX;AACK,gBAAA,IAAIiD,mBAAiB,KAAK,OAAO;AAAA,QACzC;AAEA,cAAM,QAAQ,IAAI;AAClB,cAAM,OAAOjD;AAEb,cAAM,gBAAgB,WAAW,MAAM,EAAE,aAAaA,KAAI;AACnD,eAAA,SAAS,KAAK,sBAAsB,EAAE,MAAM,eAAe,UAAU,SAAS;AAErF,eAAO,KAAK;AAAA,MAAA,CACb,EAAE,KAAK,IAAI;AAAA,IACd;AAAA,IACA,CAAC,QAAiB;AACV,YAAA,EAAE,MAAAA,MAAK,IAAI,IAAI;AAErB,UAAI,OAAO;AAAA,QACT,MAAM;AAAA,UACJ,OAAO,WAAW,OAAO,EAAE,eAAeA,KAAI;AAAA,UAC9C,MAAM,WAAW,MAAM,EAAE,aAAa,IAAI,MAAM,IAAI;AAAA;AAAA,QACtD;AAAA,MAAA;AAAA,IAEJ;AAAA,EAAA,CACD;AAAA,EAED,MAAM,WAAW,KAAc;AACvB,UAAA,wBAAwB,IAAI,QAAQ,IAAI;AAE9C,UAAM,EAAE,OAAAgB,OAAU,IAAA,IAAI,QAAQ;AAExB,UAAA,EAAE,SAAS,YAAY,WAAW,OAAO,EAAE,eAAeA,MAAK;AAErE,QAAI,CAAC,SAAS;AACN,YAAA,IAAI,gBAAgB,eAAe;AAAA,IAC3C;AAEA,QAAI,OAAO;AAAA,MACT,MAAM;AAAA,QACJ,OAAO,WAAW,OAAO,EAAE,eAAe,EAAE,IAAI,QAAQ,IAAI;AAAA,MAC9D;AAAA,IAAA;AAAA,EAEJ;AAAA,EAEA,MAAM,iBAAiB,KAAc;AAC7B,UAAA,8BAA8B,IAAI,QAAQ,KAAK;AAErD,UAAM,EAAE,kBAAsB,IAAA,IAAI,QAAQ;AAE1C,UAAM,mBAAmB,MAAM,WAAW,MAAM,EAAE,qBAAqB,iBAAiB;AAExF,QAAI,CAAC,kBAAkB;AACf,YAAA,IAAI,gBAAgB,2BAA2B;AAAA,IACvD;AAEI,QAAA,OAAO,EAAE,MAAM,iBAAiB;AAAA,EACtC;AAAA,EAEA,MAAM,SAAS,KAAc;AACrB,UAAA,QAAQ,IAAI,QAAQ;AAE1B,UAAM,0BAA0B,KAAK;AAErC,UAAMhB,QAAO,MAAM,WAAW,MAAM,EAAE,SAAS,KAAK;AAEpD,QAAI,OAAO;AAAA,MACT,MAAM;AAAA,QACJ,OAAO,WAAW,OAAO,EAAE,eAAeA,KAAI;AAAA,QAC9C,MAAM,WAAW,MAAM,EAAE,aAAaA,KAAI;AAAA,MAC5C;AAAA,IAAA;AAAA,EAEJ;AAAA,EAEA,MAAM,cAAc,KAAc;AAC1B,UAAA,QAAQ,IAAI,QAAQ;AAE1B,UAAM,+BAA+B,KAAK;AAE1C,UAAM,WAAW,MAAM,WAAW,MAAM,EAAE,OAAO;AAEjD,QAAI,UAAU;AACN,YAAA,IAAIiD,mBAAiB,uCAAuC;AAAA,IACpE;AAEA,UAAM,iBAAiB,MAAM,WAAW,MAAM,EAAE,cAAc;AAE9D,QAAI,CAAC,gBAAgB;AACnB,YAAM,IAAIA;AAAAA,QACR;AAAA,MAAA;AAAA,IAEJ;AAEA,UAAMjD,QAAO,MAAM,WAAW,MAAM,EAAE,OAAO;AAAA,MAC3C,GAAG;AAAA,MACH,mBAAmB;AAAA,MACnB,UAAU;AAAA,MACV,OAAO,iBAAiB,CAAC,eAAe,EAAE,IAAI,CAAC;AAAA,IAAA,CAChD;AAEM,WAAA,UAAU,KAAK,qBAAqB;AAE3C,QAAI,OAAO;AAAA,MACT,MAAM;AAAA,QACJ,OAAO,WAAW,OAAO,EAAE,eAAeA,KAAI;AAAA,QAC9C,MAAM,WAAW,MAAM,EAAE,aAAaA,KAAI;AAAA,MAC5C;AAAA,IAAA;AAAA,EAEJ;AAAA,EAEA,MAAM,eAAe,KAAc;AAC3B,UAAA,QAAQ,IAAI,QAAQ;AAE1B,UAAM,4BAA4B,KAAK;AAE5B,eAAA,MAAM,EAAE,eAAe,KAAK;AAEvC,QAAI,SAAS;AAAA,EACf;AAAA,EAEA,MAAM,cAAc,KAAc;AAC1B,UAAA,QAAQ,IAAI,QAAQ;AAE1B,UAAM,2BAA2B,KAAK;AAEtC,UAAMA,QAAO,MAAM,WAAW,MAAM,EAAE,cAAc,KAAK;AAEzD,QAAI,OAAO;AAAA,MACT,MAAM;AAAA,QACJ,OAAO,WAAW,OAAO,EAAE,eAAeA,KAAI;AAAA,QAC9C,MAAM,WAAW,MAAM,EAAE,aAAaA,KAAI;AAAA,MAC5C;AAAA,IAAA;AAAA,EAEJ;AAAA,EAEA,OAAO,KAAc;AACnB,UAAM,gBAAgB,WAAW,MAAM,EAAE,aAAa,IAAI,MAAM,IAAI;AACpE,WAAO,SAAS,KAAK,gBAAgB,EAAE,MAAM,eAAe;AAC5D,QAAI,OAAO,EAAE,MAAM,CAAG,EAAA;AAAA,EACxB;AACF;ACrLA,MAAM,eAAe,CAAC,MAAM,eAAe,UAAU;AAErD,MAAM,mBAAmBI,GAAA,IAAIqD,QAAK,YAAY,CAAC;ACI/C,MAAe,aAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAKb,MAAM,MAAM,KAAc;AACxB,UAAM,EAAE,MAAM,UAAU,IAAI;AACtB,UAAA,EAAE,YAAY,IAAI,IAAI;AAE5B,UAAM,8BAA8B,KAAK;AAEzC,UAAM,EAAE,QAAA8E,QAAA,IAAW,WAAW,YAAY;AAEpC,UAAA,qBAAqBA,QAAO,UAAU,WAAW;AAEvD,QAAI,OAAO;AAAA,MACT,MAAM,mBAAmB,MAAM,WAA2B;AAAA,IAAA;AAAA,EAE9D;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,OAAO,KAAc;AACzB,UAAM,EAAE,iBAAA+C,kBAAiB,gBAAAtJ,iBAAgB,mBAAAD,mBAAkB,IAAI,WAAW,YAAY;AAEhF,UAAAQ,WAAUP,gBAAe;AACzB,UAAAgD,cAAajD,mBAAkB;AACrC,UAAM,WAAW,MAAMuJ,iBAAgB,MAAM/I,QAAO;AAEpD,QAAI,OAAO;AAAA,MACT,MAAM;AAAA;AAAA,QAEJ,YAAY,iBAAiByC,WAAU;AAAA,QACvC;AAAA,MACF;AAAA,IAAA;AAAA,EAEJ;AACF;AC9CA,MAAM,mBAAmB9C,QAAA,IACtB,OAAO,EACP,MAAM;AAAA,EACL,MAAMA,QAAI,IAAA,OAAA,EAAS,IAAI,CAAC,EAAE,SAAS;AAAA,EACnC,aAAaA,QAAA,IAAI,OAAO,EAAE,SAAS;AACrC,CAAC,EACA,UAAU;AAEb,MAAM,oBAAoBA,QAAA,IACvB,OAAO,EACP,MAAM;AAAA,EACL,KAAKA,QACF,IAAA,MAAA,EACA,GAAGA,QAAAA,IAAI,UAAU,EACjB,IAAI,CAAC,EACL,WACA,KAAK,yBAAyB,qCAAqC,eAAgB,KAAK;AACnF,QAAA;AACF,YAAM,OAAO,QAAQ,aAAa,EAAE,wBAAwB,GAAG;AAAA,aACxD,GAAG;AAEH,aAAA,KAAK,YAAY,EAAE,MAAM,OAAO,SAAS,EAAE,SAAS;AAAA,IAC7D;AAEO,WAAA;AAAA,EAAA,CACR;AACL,CAAC,EACA,UAAU;AAEb,MAAM,mBAAmBA,QAAAA,IACtB,SAAA,EACA,SAAA,EACA,KAAK,0BAA0B,oCAAoC,eAAgB,IAAI;AAClF,MAAA;AACF,UAAM,OAAO,QAAQ,aAAa,EAAE,wBAAwB,CAAC,EAAE,CAAC;AAAA,WACzD,GAAG;AAEH,WAAA,KAAK,YAAY,EAAE,MAAM,MAAM,SAAS,EAAE,SAAS;AAAA,EAC5D;AAEO,SAAA;AACT,CAAC;AAEH,MAAM,mBAAmBA,QAAA,IACtB,OAAO,EACP,MAAM;AAAA,EACL,MAAMA,QAAAA,IAAI,SAAS,IAAI,CAAC;AAAA,EACxB,aAAaA,QAAA,IAAI,OAAO,EAAE,SAAS;AACrC,CAAC,EACA,UAAU;AAEA,MAAA,0BAA0BE,QAAAA,kBAAkB,gBAAgB;AAC5D,MAAA,0BAA0BA,QAAAA,kBAAkB,gBAAgB;AAC5D,MAAA,2BAA2BA,QAAAA,kBAAkB,iBAAiB;AAC9D,MAAA,0BAA0BA,0BAAkB,gBAAgB;ACjCzE,MAAM,EAAEa,kBAAAA,mBAAqB,IAAA7B;AAC7B,MAAM,EAAE,iBAAqB,IAAAH;AAE7B,MAAe,OAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAKb,MAAM,OAAO,KAAc;AACnB,UAAA,EAAE,KAAK,IAAI,IAAI;AACrB,UAAM,wBAAwB,IAAI;AAE5B,UAAA,cAAc,WAAW,MAAM;AAErC,UAAMuC,QAAO,MAAM,YAAY,OAAO,IAAI;AACpC,UAAA,gBAAgB,YAAY,aAAaA,KAAI;AAEnD,QAAI,QAAQ,EAAE,MAAM,cAAyC,CAAA;AAAA,EAC/D;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,QAAQ,KAAc;AACpB,UAAA,EAAE,GAAG,IAAI,IAAI;AACb,UAAAA,QAAO,MAAM,WAAW,MAAM,EAAE,sBAAsB,EAAE,IAAI;AAElE,QAAI,CAACA,OAAM;AACF,aAAA,IAAI,SAAS,eAAe;AAAA,IACrC;AAEA,QAAI,OAAO;AAAA,MACT,MAAMA;AAAA,IAAA;AAAA,EAEV;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,QAAQ,KAAc;AACpB,UAAA,EAAE,MAAM,IAAI,IAAI;AAEtB,UAAM,qBAAqB,WAAW,YAAY,EAAE,yBAAyB;AAAA,MAC3E,SAAS,IAAI,MAAM;AAAA,MACnB,OAAO;AAAA,IAAA,CACR;AAEK,UAAA,mBAAmB,cAAc,KAAK;AAC5C,UAAM,iBAAiB,MAAM,mBAAmB,cAAc,KAAK;AAEnE,UAAMX,SAAQ,MAAM,WAAW,MAAM,EAAE,sBAAsB,cAAc;AAE3E,QAAI,OAAO;AAAA,MACT,MAAMA;AAAA,IAAA;AAAA,EAEV;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,OAAO,KAAc;AACnB,UAAA,EAAE,GAAG,IAAI,IAAI;AACb,UAAA,EAAE,KAAK,IAAI,IAAI;AAEf,UAAA,cAAc,WAAW,MAAM;AAErC,UAAM,wBAAwB,IAAI;AAElC,UAAMW,QAAO,MAAM,YAAY,QAAQ,EAAE,GAAI,CAAA;AAE7C,QAAI,CAACA,OAAM;AACF,aAAA,IAAI,SAAS,eAAe;AAAA,IACrC;AAEI,QAAAA,MAAK,SAAS,kBAAkB;AAC5B,YAAA,IAAIP,mBAAiB,8BAA8B;AAAA,IAC3D;AAEA,UAAM,cAAc,MAAM,YAAY,OAAO,EAAE,GAAA,GAAM,IAAI;AACnD,UAAA,gBAAgB,YAAY,aAAa,WAAW;AAK1D,QAAI,OAAO;AAAA,MACT,MAAM;AAAA,IAAA;AAAA,EAEV;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,eAAe,KAAc;AAC3B,UAAA,EAAE,GAAG,IAAI,IAAI;AAEb,UAAA,cAAc,WAAW,MAAM;AAC/B,UAAA,oBAAoB,WAAW,YAAY;AAEjD,UAAMO,QAAO,MAAM,YAAY,QAAQ,EAAE,GAAI,CAAA;AAE7C,QAAI,CAACA,OAAM;AACF,aAAA,IAAI,SAAS,eAAe;AAAA,IACrC;AAEA,UAAMhB,eAAc,MAAM,kBAAkB,SAAS,EAAE,OAAO,EAAE,MAAM,EAAE,IAAIgB,MAAK,GAAG,EAAA,EAAK,CAAA;AAEzF,UAAM,uBAAuBhB,aAAY,IAAI,kBAAkB,kBAAkB;AAEjF,QAAI,OAAO;AAAA;AAAA,MAET,MAAM;AAAA,IAAA;AAAA,EAEV;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,kBAAkB,KAAc;AAC9B,UAAA,EAAE,GAAG,IAAI,IAAI;AACnB,UAAM,EAAE,MAAM,UAAU,IAAI;AAEtB,UAAA,cAAc,WAAW,MAAM;AAC/B,UAAA,oBAAoB,WAAW,YAAY;AAEjD,UAAMgB,QAAO,MAAM,YAAY,QAAQ,EAAE,GAAI,CAAA;AAE7C,QAAI,CAACA,OAAM;AACF,aAAA,IAAI,SAAS,eAAe;AAAA,IACrC;AAEI,QAAAA,MAAK,SAAS,kBAAkB;AAC5B,YAAA,IAAIP,mBAAiB,0CAA0C;AAAA,IACvE;AAEA,UAAM,gCAAgC,KAAK;AAE3C,QAAI,CAACO,OAAM;AACF,aAAA,IAAI,SAAS,eAAe;AAAA,IACrC;AAEA,UAAMhB,eAAc,MAAM,YAAY,kBAAkBgB,MAAK,IAAI,MAAM,WAAW;AAElF,UAAM,uBAAuBhB,aAAY,IAAI,kBAAkB,kBAAkB;AAEjF,QAAI,OAAO;AAAA,MACT,MAAM;AAAA,IAAA;AAAA,EAEV;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,UAAU,KAAc;AACtB,UAAA,EAAE,GAAG,IAAI,IAAI;AAEnB,UAAM,wBAAwB,EAAE;AAE1B,UAAA,cAAc,WAAW,MAAM;AAErC,UAAMK,SAAQ,MAAM,YAAY,YAAY,CAAC,EAAE,CAAC;AAE1C,UAAA,gBAAgBA,OAAM,IAAI,CAACW,UAAS,YAAY,aAAaA,KAAI,CAAC,EAAE,CAAC,KAAK;AAEhF,WAAO,IAAI,QAAQ;AAAA,MACjB,MAAM;AAAA,IAAA,CACmB;AAAA,EAC7B;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,WAAW,KAAc;AACvB,UAAA,EAAE,KAAK,IAAI,IAAI;AAErB,UAAM,yBAAyB,IAAI;AAE7B,UAAA,cAAc,WAAW,MAAM;AAErC,UAAMX,SAAQ,MAAM,YAAY,YAAY,KAAK,GAAG;AACpD,UAAM,iBAAiBA,OAAM,IAAI,YAAY,YAAY;AAEzD,WAAO,IAAI,QAAQ;AAAA,MACjB,MAAM;AAAA,IAAA,CACwB;AAAA,EAClC;AACF;ACjNA,MAAM;AAAA,EACJ,QAAQ;AAAA,IACN,UAAU,EAAE,sBAAsB,qBAAqB;AAAA,EACzD;AACF,IAAI0I;AAEJ,MAAM,EAAE,kBAAsB,IAAAnK;AAM9B,MAAM,SAAS,OAAO,KAAc,UAA+D;AAC3F,QAAA,EAAE,MAAAS,MAAK,IAAI,IAAI;AAErB,MAAI,CAACA,OAAM;AACT,UAAM,IAAI,kBAAkB;AAAA,EAC9B;AAEA,QAAM,yBAAyB,OAAOA,OAAM,EAAE,MAAO,CAAA;AACvD;AAEO,MAAM,OAAO,qBAAqB,EAAE,OAAA,CAAQ;AAC5C,MAAM,OAAO,qBAAqB,EAAE,OAAA,CAAQ;AAEnD,MAAe,SAAA;AAAA,EACb;AAAA,EACA;AACF;AC/BA,MAAM,8BAA8BK,QAAA,IACjC,OAAO,EACP,MAAM;AAAA,EACL,MAAMA,QAAI,IAAA,OAAA,EAAS,IAAI,CAAC,EAAE,SAAS;AAAA,EACnC,aAAaA,QAAA,IAAI,OAAO,EAAE,SAAS;AAAA,EACnC,aAAaA,QACV,IAAA,QACA,IAAI,CAAC,EACL,GAAGA,QAAA,IAAI,SAAS,MAAM,OAAO,OAAOjB,YAAU,mBAAmB,CAAC,CAAC,EACnE,SAAS;AAAA,EACZ,UAAUiB,QAAAA,IACP,SACA,IAAI,CAAC,EACL,MAAM,OAAO,OAAOjB,YAAU,wBAAwB,CAAC,EACvD,SAAS;AACd,CAAC,EACA,YACA;AAEH,MAAM,4BAA4BiB,QAAA,IAC/B,OAAO,EACP,MAAM;AAAA,EACL,MAAMA,QAAI,IAAA,OAAA,EAAS,IAAI,CAAC,EAAE,QAAQ;AAAA,EAClC,aAAaA,QAAA,IAAI,OAAO,EAAE,SAAS;AAAA,EACnC,aAAaA,QACV,IAAA,QACA,IAAI,CAAC,EACL,GAAGA,QAAA,IAAI,SAAS,MAAM,OAAO,OAAOjB,YAAU,mBAAmB,CAAC,CAAC,EACnE,SAAS;AACd,CAAC,EACA,YACA;AAEU,MAAAuK,uCAAqCpJ,QAAAA,kBAAkB,2BAA2B;AAClF,MAAAqJ,qCAAmCrJ,QAAAA,kBAAkB,yBAAyB;AAE3F,MAAe,UAAA;AAAA,EAAA,oCACboJ;AAAAA,EAAA,kCACAC;AACF;AC3BA,MAAM,EAAExI,kBAAAA,mBAAqB,IAAA7B;AAE7B,MAAM,EAAE,oCAAoC,iCAAqC,IAAAJ;AAEjF,MAAe,QAAA;AAAA,EACb,MAAM,KAAK,KAAc;AACjB,UAAA,kBAAkB,WAAW,UAAU;AAC7C,UAAM,iBAAiB,MAAM,gBAAgB,MAAM,KAAK;AAEpD,QAAA,OAAO,EAAE,MAAM,eAAe;AAAA,EACpC;AAAA,EAEA,MAAM,QAAQ,KAAc;AACpB,UAAA,EAAE,GAAG,IAAI,IAAI;AACb,UAAA,eAAe,WAAW,UAAU,EAAE;AAE5C,UAAM0B,iBAAgB,MAAM,aAAa,QAAQ,EAAE;AAEnD,QAAI,CAACA,gBAAe;AAClB,UAAI,SAAS,0BAA0B;AACvC;AAAA,IACF;AAEI,QAAA,OAAO,EAAE,MAAMA,eAAc;AAAA,EACnC;AAAA,EAEA,MAAM,OAAO,KAAc;AACnB,UAAA,EAAE,KAAK,IAAI,IAAI;AACrB,UAAM,EAAE,OAAO,aAAa,IAAI,WAAW,UAAU;AAOrD,UAAM,aAAa;AAAA,MACjB,MAAMqI,GAAAA,KAAK,KAAK,IAAI;AAAA,MACpB,aAAaA,GAAAA,KAAK,KAAK,WAAW;AAAA,MAClC,aAAa,KAAK;AAAA,MAClB,UAAU,KAAK;AAAA,IAAA;AAGjB,UAAM,mCAAmC,UAAU;AAE7C,UAAA,gBAAgB,MAAM,aAAa,OAAO,EAAE,MAAM,WAAW,MAAM;AACzE,QAAI,eAAe;AACX,YAAA,IAAI9H,mBAAiB,oBAAoB;AAAA,IACjD;AAEA,UAAM,iBAAiB,MAAM,aAAa,OAAO,UAAU;AAE3D,QAAI,QAAQ,EAAE,MAAM,eAA+C,CAAA;AAAA,EACrE;AAAA,EAEA,MAAM,OAAO,KAAc;AACnB,UAAA,EAAE,KAAK,IAAI,IAAI;AACf,UAAA,EAAE,GAAG,IAAI,IAAI;AACnB,UAAM,EAAE,OAAO,aAAa,IAAI,WAAW,UAAU;AAErD,UAAM,aAAa;AAMf,QAAAmB,GAAA,IAAI,QAAQ,UAAU,GAAG;AAChB,iBAAA,OAAO2G,GAAAA,KAAK,KAAK,IAAI;AAAA,IAClC;AAEA,QAAI3G,GAAAA,IAAI,eAAe,UAAU,KAAK,WAAW,gBAAgB,MAAM;AAC1D,iBAAA,cAAc2G,GAAAA,KAAK,KAAK,WAAW;AAAA,IAChD;AAEA,UAAM,iCAAiC,UAAU;AAEjD,UAAM,iBAAiB,MAAM,aAAa,QAAQ,EAAE;AACpD,QAAI,CAAC,gBAAgB;AACZ,aAAA,IAAI,SAAS,0BAA0B;AAAA,IAChD;AAEI,QAAA3G,GAAA,IAAI,QAAQ,UAAU,GAAG;AAC3B,YAAM,mBAAmB,MAAM,aAAa,UAAU,WAAW,IAAI;AAOjE,UAAA,CAAC,CAAC,oBAAoB,CAAC6G,gBAAQ,QAAQ,iBAAiB,IAAI,EAAE,GAAG;AAC7D,cAAA,IAAIhI,mBAAiB,oBAAoB;AAAA,MACjD;AAAA,IACF;AAEA,UAAM3B,YAAW,MAAM,aAAa,OAAO,IAAI,UAAU;AAErD,QAAA,OAAO,EAAE,MAAMA,UAAS;AAAA,EAC9B;AAAA,EAEA,MAAM,OAAO,KAAc;AACnB,UAAA,EAAE,GAAG,IAAI,IAAI;AACnB,UAAM,EAAE,OAAO,aAAa,IAAI,WAAW,UAAU;AAErD,UAAMoB,iBAAgB,MAAM,aAAa,OAAO,EAAE;AAElD,QAAI,QAAQ,EAAE,MAAMA,eAA8C,CAAA;AAAA,EACpE;AAAA,EAEA,MAAM,WAAW,KAAc;AACvB,UAAA,EAAE,GAAG,IAAI,IAAI;AACnB,UAAM,EAAE,OAAO,aAAa,IAAI,WAAW,UAAU;AAErD,UAAMgC,UAAS,MAAM,aAAa,QAAQ,EAAE;AAC5C,QAAI,CAACA,SAAQ;AACX,UAAI,SAAS,0BAA0B;AACvC;AAAA,IACF;AAEA,UAAM,cAAc,MAAM,aAAa,WAAW,EAAE;AAEpD,QAAI,QAAQ,EAAE,MAAM,YAAgD,CAAA;AAAA,EACtE;AACF;ACpIA,MAAM,oBAAoB,CAAC,QAAgB,SAAcgH,GAAAA,QAAQ,CAAC,QAAQ,GAAG,MAAM,IAAI,GAAG,IAAI,IAAI;AAElG,MAAe,WAAA;AAAA,EACb,GAAG,kBAAkB,UAAU,MAAM;AAAA,EACrC,GAAG,kBAAkB,SAAS,KAAK;AACrC;ACWA,MAAM,EAAE,iBAAqB,IAAAtK;AAE7B,MAAe,OAAA;AAAA,EACb,MAAM,OAAO,KAAc;AACnB,UAAA,EAAE,KAAK,IAAI,IAAI;AACrB,UAAM,YAAY,EAAE,GAAG,MAAM,OAAOe,aAAE,IAAI,MAAM,SAAS,EAAE,EAAE,YAAc,EAAA;AAE3E,UAAM,0BAA0B,SAAS;AAEnC,UAAA,aAAaA,aAAE,KAAK,WAAW;AAAA,MACnC;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IAAA,CACD;AAED,UAAM,oBAAoB,MAAM,WAAW,MAAM,EAAE,OAAO;AAAA,MACxD,OAAO,WAAW;AAAA,IAAA,CACnB;AAED,QAAI,mBAAmB;AACf,YAAA,IAAI,iBAAiB,qBAAqB;AAAA,IAClD;AAEA,UAAM,cAAc,MAAM,WAAW,MAAM,EAAE,OAAO,UAAU;AAE9D,UAAM,WAAW,WAAW,MAAM,EAAE,aAAa,WAAW;AAI5D,WAAO,OAAO,UAAU,EAAE,mBAAmB,YAAY,mBAAmB;AAG5E,QAAI,QAAQ,EAAE,MAAM,SAAoC,CAAA;AAAA,EAC1D;AAAA,EAEA,MAAM,KAAK,KAAc;AACjB,UAAA,cAAc,WAAW,MAAM;AAErC,UAAM,qBAAqB,OAAO,QAAQ,mBAAmB,EAAE,yBAAyB;AAAA,MACtF,SAAS,IAAI,MAAM;AAAA,MACnB,OAAO;AAAA,IAAA,CACR;AAEK,UAAA,mBAAmB,cAAc,IAAI,KAAK;AAChD,UAAM,iBAAiB,MAAM,mBAAmB,cAAc,IAAI,KAAK;AAGvE,UAAM,EAAE,SAAS,eAAe,MAAM,YAAY,SAAS,cAAc;AAEzE,QAAI,OAAO;AAAA,MACT,MAAM;AAAA,QACJ,SAAS,QAAQ,IAAI,CAACnC,UAAoB,YAAY,aAAaA,KAAI,CAAC;AAAA,QACxE;AAAA,MACF;AAAA,IAAA;AAAA,EAEJ;AAAA,EAEA,MAAM,QAAQ,KAAc;AACpB,UAAA,EAAE,GAAG,IAAI,IAAI;AAEnB,UAAMA,QAAO,MAAM,WAAW,MAAM,EAAE,QAAQ,EAAE;AAEhD,QAAI,CAACA,OAAM;AACF,aAAA,IAAI,SAAS,qBAAqB;AAAA,IAC3C;AAEA,QAAI,OAAO;AAAA,MACT,MAAM,WAAW,MAAM,EAAE,aAAaA,KAAiB;AAAA,IAAA;AAAA,EAE3D;AAAA,EAEA,MAAM,OAAO,KAAc;AACnB,UAAA,EAAE,GAAG,IAAI,IAAI;AACnB,UAAM,EAAE,MAAM,UAAU,IAAI;AAE5B,UAAM,wBAAwB,KAAK;AAEnC,QAAImC,aAAE,IAAI,OAAO,OAAO,GAAG;AACzB,YAAM,mBAAmB,MAAM,WAAW,MAAM,EAAE,OAAO;AAAA,QACvD,IAAI,EAAE,KAAK,GAAG;AAAA,QACd,OAAO,MAAM;AAAA,MAAA,CACd;AAED,UAAI,kBAAkB;AACd,cAAA,IAAI,iBAAiB,+CAA+C;AAAA,MAC5E;AAAA,IACF;AAEA,UAAM,cAAc,MAAM,WAAW,MAAM,EAAE,WAAW,IAAI,KAAK;AAEjE,QAAI,CAAC,aAAa;AACT,aAAA,IAAI,SAAS,qBAAqB;AAAA,IAC3C;AAEA,QAAI,OAAO;AAAA,MACT,MAAM,WAAW,MAAM,EAAE,aAAa,WAAW;AAAA,IAAA;AAAA,EAErD;AAAA,EAEA,MAAM,UAAU,KAAc;AACtB,UAAA,EAAE,GAAG,IAAI,IAAI;AAEnB,UAAM,cAAc,MAAM,WAAW,MAAM,EAAE,WAAW,EAAE;AAE1D,QAAI,CAAC,aAAa;AACT,aAAA,IAAI,SAAS,gBAAgB;AAAA,IACtC;AAEA,WAAO,IAAI,QAAQ;AAAA,MACjB,MAAM,WAAW,MAAM,EAAE,aAAa,WAAW;AAAA,IAAA,CACrB;AAAA,EAChC;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,WAAW,KAAc;AACvB,UAAA,EAAE,KAAK,IAAI,IAAI;AACrB,UAAM,yBAAyB,IAAI;AAEnC,UAAM2C,SAAQ,MAAM,WAAW,MAAM,EAAE,YAAY,KAAK,GAAG;AAE3D,UAAM,iBAAiBA,OAAM,IAAI,WAAW,MAAM,EAAE,YAAY;AAEhE,WAAO,IAAI,QAAQ;AAAA,MACjB,MAAM;AAAA,IAAA,CACuB;AAAA,EACjC;AACF;AClIA,MAAM,WACJ;AAEF,MAAM,mBAAmB5C,YACtB,OAAO;AAAA,EACN,MAAMA,QAAA,IAAI,OAAO,EAAE,SAAS;AAAA,EAC5B,KAAKA,QAAAA,IACF,SACA,QAAQ,UAAU,yBAAyB,EAC3C,SAAA,EACA;AAAA,IACC;AAAA,IACA;AAAA,IACA,OAAO,QAAQ;AACT,UAAA,QAAQ,IAAI,aAAa,cAAc;AAClC,eAAA;AAAA,MACT;AAEI,UAAA;AACF,cAAM,YAAY,IAAI,IAAIyJ,kBAAS,QAAA,QAAQ,GAAI,CAAC;AAChD,cAAM,aAAa,MAAMC,uBAAAA,QAAc,UAAU,QAAQ;AACzD,eAAO,CAAC;AAAA,MAAA,QACF;AACC,eAAA;AAAA,MACT;AAAA,IACF;AAAA,EACF;AAAA,EACF,SAAS1J,QAAA,IAAI,KAAK,CAAC,SAAS;AACtB,QAAA,OAAO,SAAS,UAAU;AACrB,aAAAA,YAAI,SAAS;IACtB;AAEA,WAAOA,QACJ,IAAA;AAAA;AAAA,MAECC,qBAAE,UAAU,MAAM,MAAM;AACtBD,gBAAA,IAAI,OAAO,EAAE,IAAI,CAAC,EAAE,SAAS;AAAA,MAAA,CAC9B;AAAA,MAEF,SAAS;AAAA,EAAA,CACb;AAAA,EACD,QAAQA,QAAAA,IAAI,QAAQ,GAAGA,QAAAA,IAAI,OAAA,CAAQ,EAAE,SAAS;AAChD,CAAC,EACA,UAAU;AAEb,MAAM,yBAAyB,iBAAiB,MAAM;AAAA,EACpD,WAAWA,YAAI,QAAQ;AACzB,CAAC;AAED,MAAe,WAAA;AAAA,EACb,MAAM,aAAa,KAAc;AAC/B,UAAMY,YAAW,MAAM,OAAO,IAAI,cAAc,EAAE;AAClD,QAAI,KAAK,EAAE,MAAMA,UAAyC,CAAA;AAAA,EAC5D;AAAA,EAEA,MAAM,WAAW,KAAc;AACvB,UAAA,EAAE,GAAG,IAAI,IAAI;AACnB,UAAM,UAAU,MAAM,OAAO,IAAI,cAAc,EAAE,YAAY,EAAE;AAE/D,QAAI,CAAC,SAAS;AACL,aAAA,IAAI,SAAS,kBAAkB;AAAA,IACxC;AAEA,QAAI,KAAK,EAAE,MAAM,QAAuC,CAAA;AAAA,EAC1D;AAAA,EAEA,MAAM,cAAc,KAAc;AAC1B,UAAA,EAAE,KAAK,IAAI,IAAI;AAEf,UAAAV,0BAAkB,gBAAgB,EAAE,IAAI;AAE9C,UAAM,UAAU,MAAM,OAAO,IAAI,cAAc,EAAE,cAAc,IAAI;AAEnE,WAAO,IAAI,eAAe,EAAE,IAAI,OAAO;AAEvC,QAAI,QAAQ,EAAE,MAAM,QAA0C,CAAA;AAAA,EAChE;AAAA,EAEA,MAAM,cAAc,KAAc;AAC1B,UAAA,EAAE,GAAG,IAAI,IAAI;AACb,UAAA,EAAE,KAAK,IAAI,IAAI;AAEf,UAAAA,0BAAkB,sBAAsB,EAAE,IAAI;AAEpD,UAAM,UAAU,MAAM,OAAO,IAAI,cAAc,EAAE,YAAY,EAAE;AAE/D,QAAI,CAAC,SAAS;AACL,aAAA,IAAI,SAAS,kBAAkB;AAAA,IACxC;AAEA,UAAM,iBAAiB,MAAM,OAAO,IAAI,cAAc,EAAE,cAAc,IAAI;AAAA,MACxE,GAAG;AAAA,MACH,GAAG;AAAA,IAAA,CACJ;AAED,QAAI,CAAC,gBAAgB;AACZ,aAAA,IAAI,SAAS,kBAAkB;AAAA,IACxC;AAEA,WAAO,IAAI,eAAe,EAAE,OAAO,cAAc;AAEjD,QAAI,KAAK,EAAE,MAAM,eAAiD,CAAA;AAAA,EACpE;AAAA,EAEA,MAAM,cAAc,KAAc;AAC1B,UAAA,EAAE,GAAG,IAAI,IAAI;AACnB,UAAM,UAAU,MAAM,OAAO,IAAI,cAAc,EAAE,YAAY,EAAE;AAE/D,QAAI,CAAC,SAAS;AACL,aAAA,IAAI,SAAS,kBAAkB;AAAA,IACxC;AAEA,UAAM,OAAO,IAAI,cAAc,EAAE,cAAc,EAAE;AAEjD,WAAO,IAAI,eAAe,EAAE,OAAO,OAAO;AAEtC,QAAA,OAAO,EAAE,MAAM,QAAQ;AAAA,EAC7B;AAAA,EAEA,MAAM,eAAe,KAAc;AACjC,UAAM,EAAE,IAAQ,IAAA,IAAI,QAAQ;AAE5B,QAAI,CAAC,MAAM,QAAQ,GAAG,KAAK,IAAI,WAAW,GAAG;AACpC,aAAA,IAAI,WAAW,4BAA4B;AAAA,IACpD;AAEA,eAAW,MAAM,KAAK;AACpB,YAAM,UAAU,MAAM,OAAO,IAAI,cAAc,EAAE,YAAY,EAAE;AAE/D,UAAI,SAAS;AACX,cAAM,OAAO,IAAI,cAAc,EAAE,cAAc,EAAE;AACjD,eAAO,IAAI,eAAe,EAAE,OAAO,OAAO;AAAA,MAC5C;AAAA,IACF;AAEA,QAAI,KAAK,EAAE,MAAM,IAAuC,CAAA;AAAA,EAC1D;AAAA,EAEA,MAAM,eAAe,KAAc;AAC3B,UAAA,EAAE,GAAG,IAAI,IAAI;AAEnB,UAAM,UAAU,MAAM,OAAO,IAAI,cAAc,EAAE,YAAY,EAAE;AAEzD,UAAA,WAAW,MAAM,OACpB,IAAI,eAAe,EACnB,IAAI,SAAyC,gBAAgB,CAAA,CAAE;AAE9D,QAAA,OAAO,EAAE,MAAM,SAAS;AAAA,EAC9B;AACF;ACtKA,MAAe,aAAA;AAAA,EACb,MAAM,eAAe,KAAc;AACjC,UAAM,aAAa,MAAM,OAAO,WAAW,YAAY,cAAc;AAErE,QAAI,KAAK,EAAE,MAAM,WAA8C,CAAA;AAAA,EACjE;AAAA,EAEA,MAAM,UAAU,KAAc;AAC5B,UAAM,YAAY,MAAM,OAAO,WAAW,aAAa;AAEvD,QAAI,KAAK,EAAE,MAAM,UAAwC,CAAA;AAAA,EAC3D;AACF;ACHA,MAAe,UAAA;AAAA,EACb;AAAA,EACA,aAAad;AAAAA,EACb,sBAAsB;AAAA,EACtB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA,eAAe;AACjB;ACpBA,MAAe,aAAA;AAAA,EACb,gBAAgB;AAAA,EAChB,MAAM;AAAA,IACJ,MAAM;AAAA,IACN,aAAa;AAAA,IACb,cAAc;AAAA,IACd,YAAY;AAAA,IACZ,aAAa;AAAA,EACf;AAAA,EACA,SAAS,CAAC;AAAA,EACV,eAAe;AAAA,IACb,mBAAmB;AAAA,MACjB,SAAS;AAAA,IACX;AAAA,IACA,wBAAwB;AAAA,MACtB,SAAS;AAAA,IACX;AAAA,EACF;AAAA,EACA,YAAY;AAAA,IACV,QAAQ;AAAA,MACN,MAAM;AAAA,MACN,WAAW;AAAA,MACX,cAAc;AAAA,MACd,UAAU;AAAA,IACZ;AAAA,IACA,kBAAkB;AAAA,MAChB,MAAM;AAAA,MACN,cAAc;AAAA,MACd,UAAU;AAAA,MACV,SAAS,CAAC;AAAA,IACZ;AAAA,IACA,SAAS;AAAA,MACP,MAAM;AAAA,MACN,WAAW;AAAA,MACX,cAAc;AAAA,MACd,UAAU;AAAA,IACZ;AAAA,IACA,YAAY;AAAA,MACV,MAAM;AAAA,MACN,cAAc;AAAA,MACd,UAAU;AAAA,MACV,SAAS,CAAC;AAAA,IACZ;AAAA,IACA,YAAY;AAAA,MACV,MAAM;AAAA,MACN,cAAc;AAAA,MACd,UAAU;AAAA,MACV,SAAS,CAAC;AAAA,IACZ;AAAA,IACA,MAAM;AAAA,MACJ,cAAc;AAAA,MACd,MAAM;AAAA,MACN,UAAU;AAAA,MACV,YAAY;AAAA,MACZ,QAAQ;AAAA,IACV;AAAA,EACF;AACF;AC7DA,MAAe,OAAA;AAAA,EACb,gBAAgB;AAAA,EAChB,MAAM;AAAA,IACJ,MAAM;AAAA,IACN,aAAa;AAAA,IACb,cAAc;AAAA,IACd,YAAY;AAAA,IACZ,aAAa;AAAA,EACf;AAAA,EACA,eAAe;AAAA,IACb,mBAAmB;AAAA,MACjB,SAAS;AAAA,IACX;AAAA,IACA,wBAAwB;AAAA,MACtB,SAAS;AAAA,IACX;AAAA,EACF;AAAA,EACA,YAAY;AAAA,IACV,WAAW;AAAA,MACT,MAAM;AAAA,MACN,QAAQ;AAAA,MACR,WAAW;AAAA,MACX,cAAc;AAAA,MACd,UAAU;AAAA,IACZ;AAAA,IACA,UAAU;AAAA,MACR,MAAM;AAAA,MACN,QAAQ;AAAA,MACR,WAAW;AAAA,MACX,cAAc;AAAA,MACd,UAAU;AAAA,IACZ;AAAA,IACA,UAAU;AAAA,MACR,MAAM;AAAA,MACN,QAAQ;AAAA,MACR,cAAc;AAAA,MACd,UAAU;AAAA,IACZ;AAAA,IACA,OAAO;AAAA,MACL,MAAM;AAAA,MACN,WAAW;AAAA,MACX,cAAc;AAAA,MACd,UAAU;AAAA,MACV,QAAQ;AAAA,MACR,SAAS;AAAA,IACX;AAAA,IACA,UAAU;AAAA,MACR,MAAM;AAAA,MACN,WAAW;AAAA,MACX,cAAc;AAAA,MACd,UAAU;AAAA,MACV,SAAS;AAAA,MACT,YAAY;AAAA,IACd;AAAA,IACA,oBAAoB;AAAA,MAClB,MAAM;AAAA,MACN,cAAc;AAAA,MACd,SAAS;AAAA,MACT,YAAY;AAAA,IACd;AAAA,IACA,mBAAmB;AAAA,MACjB,MAAM;AAAA,MACN,cAAc;AAAA,MACd,SAAS;AAAA,MACT,YAAY;AAAA,IACd;AAAA,IACA,UAAU;AAAA,MACR,MAAM;AAAA,MACN,SAAS;AAAA,MACT,cAAc;AAAA,MACd,SAAS;AAAA,IACX;AAAA,IACA,OAAO;AAAA,MACL,cAAc;AAAA,MACd,SAAS;AAAA,MACT,MAAM;AAAA,MACN,UAAU;AAAA,MACV,YAAY;AAAA,MACZ,QAAQ;AAAA;AAAA,MAER,gBAAgB;AAAA,IAClB;AAAA,IACA,SAAS;AAAA,MACP,MAAM;AAAA,MACN,SAAS;AAAA,MACT,cAAc;AAAA,MACd,SAAS;AAAA,IACX;AAAA,IACA,kBAAkB;AAAA,MAChB,MAAM;AAAA,MACN,cAAc;AAAA,MACd,UAAU;AAAA,MACV,YAAY;AAAA,IACd;AAAA,EACF;AAAA,EACA,QAAQ;AAAA,IACN,YAAY;AAAA,MACV,oBAAoB;AAAA,QAClB,QAAQ;AAAA,MACV;AAAA,MACA,mBAAmB;AAAA,QACjB,QAAQ;AAAA,MACV;AAAA,IACF;AAAA,EACF;AACF;ACrGA,MAAe,OAAA;AAAA,EACb,gBAAgB;AAAA,EAChB,MAAM;AAAA,IACJ,MAAM;AAAA,IACN,aAAa;AAAA,IACb,cAAc;AAAA,IACd,YAAY;AAAA,IACZ,aAAa;AAAA,EACf;AAAA,EACA,SAAS,CAAC;AAAA,EACV,eAAe;AAAA,IACb,mBAAmB;AAAA,MACjB,SAAS;AAAA,IACX;AAAA,IACA,wBAAwB;AAAA,MACtB,SAAS;AAAA,IACX;AAAA,EACF;AAAA,EACA,YAAY;AAAA,IACV,MAAM;AAAA,MACJ,MAAM;AAAA,MACN,WAAW;AAAA,MACX,QAAQ;AAAA,MACR,cAAc;AAAA,MACd,UAAU;AAAA,IACZ;AAAA,IACA,MAAM;AAAA,MACJ,MAAM;AAAA,MACN,WAAW;AAAA,MACX,QAAQ;AAAA,MACR,cAAc;AAAA,MACd,UAAU;AAAA,IACZ;AAAA,IACA,aAAa;AAAA,MACX,MAAM;AAAA,MACN,cAAc;AAAA,IAChB;AAAA,IACA,OAAO;AAAA,MACL,cAAc;AAAA,MACd,MAAM;AAAA,MACN,UAAU;AAAA,MACV,UAAU;AAAA,MACV,QAAQ;AAAA,IACV;AAAA,IACA,aAAa;AAAA,MACX,cAAc;AAAA,MACd,MAAM;AAAA,MACN,UAAU;AAAA,MACV,UAAU;AAAA,MACV,QAAQ;AAAA,IACV;AAAA,EACF;AACF;ACtDA,MAAe,WAAA;AAAA,EACb,gBAAgB;AAAA,EAChB,MAAM;AAAA,IACJ,MAAM;AAAA,IACN,cAAc;AAAA,IACd,YAAY;AAAA,IACZ,aAAa;AAAA,IACb,aAAa;AAAA,EACf;AAAA,EACA,SAAS,CAAC;AAAA,EACV,eAAe;AAAA,IACb,mBAAmB;AAAA,MACjB,SAAS;AAAA,IACX;AAAA,IACA,wBAAwB;AAAA,MACtB,SAAS;AAAA,IACX;AAAA,EACF;AAAA,EACA,YAAY;AAAA,IACV,MAAM;AAAA,MACJ,MAAM;AAAA,MACN,WAAW;AAAA,MACX,cAAc;AAAA,MACd,UAAU;AAAA,MACV,QAAQ;AAAA,IACV;AAAA,IACA,aAAa;AAAA,MACX,MAAM;AAAA,MACN,WAAW;AAAA,MACX,cAAc;AAAA,MACd,UAAU;AAAA,MACV,SAAS;AAAA,IACX;AAAA,IACA,MAAM;AAAA,MACJ,MAAM;AAAA,MACN,MAAM,OAAO,OAAOL,YAAU,cAAc;AAAA,MAC5C,cAAc;AAAA,MACd,UAAU;AAAA,MACV,SAASA,YAAU,eAAe;AAAA,IACpC;AAAA,IACA,WAAW;AAAA,MACT,MAAM;AAAA,MACN,WAAW;AAAA,MACX,cAAc;AAAA,MACd,UAAU;AAAA,MACV,YAAY;AAAA,IACd;AAAA,IACA,YAAY;AAAA,MACV,MAAM;AAAA,MACN,cAAc;AAAA,MACd,UAAU;AAAA,IACZ;AAAA,IACA,aAAa;AAAA,MACX,MAAM;AAAA,MACN,QAAQ;AAAA,MACR,UAAU;AAAA,MACV,UAAU;AAAA,MACV,cAAc;AAAA,MACd,UAAU;AAAA,IACZ;AAAA,IACA,WAAW;AAAA,MACT,MAAM;AAAA,MACN,cAAc;AAAA,MACd,UAAU;AAAA,IACZ;AAAA,IACA,UAAU;AAAA,MACR,MAAM;AAAA,MACN,cAAc;AAAA,MACd,UAAU;AAAA,IACZ;AAAA,EACF;AACF;ACzEA,MAAe,qBAAA;AAAA,EACb,gBAAgB;AAAA,EAChB,MAAM;AAAA,IACJ,MAAM;AAAA,IACN,aAAa;AAAA,IACb,cAAc;AAAA,IACd,YAAY;AAAA,IACZ,aAAa;AAAA,EACf;AAAA,EACA,SAAS,CAAC;AAAA,EACV,eAAe;AAAA,IACb,mBAAmB;AAAA,MACjB,SAAS;AAAA,IACX;AAAA,IACA,wBAAwB;AAAA,MACtB,SAAS;AAAA,IACX;AAAA,EACF;AAAA,EACA,YAAY;AAAA,IACV,QAAQ;AAAA,MACN,MAAM;AAAA,MACN,WAAW;AAAA,MACX,cAAc;AAAA,MACd,UAAU;AAAA,IACZ;AAAA,IACA,OAAO;AAAA,MACL,cAAc;AAAA,MACd,MAAM;AAAA,MACN,UAAU;AAAA,MACV,YAAY;AAAA,MACZ,QAAQ;AAAA,IACV;AAAA,EACF;AACF;ACjCA,MAAe,gBAAA;AAAA,EACb,gBAAgB;AAAA,EAChB,MAAM;AAAA,IACJ,MAAM;AAAA,IACN,cAAc;AAAA,IACd,YAAY;AAAA,IACZ,aAAa;AAAA,IACb,aAAa;AAAA,EACf;AAAA,EACA,SAAS,CAAC;AAAA,EACV,eAAe;AAAA,IACb,mBAAmB;AAAA,MACjB,SAAS;AAAA,IACX;AAAA,IACA,wBAAwB;AAAA,MACtB,SAAS;AAAA,IACX;AAAA,EACF;AAAA,EACA,YAAY;AAAA,IACV,MAAM;AAAA,MACJ,MAAM;AAAA,MACN,WAAW;AAAA,MACX,cAAc;AAAA,MACd,UAAU;AAAA,MACV,QAAQ;AAAA,IACV;AAAA,IACA,aAAa;AAAA,MACX,MAAM;AAAA,MACN,WAAW;AAAA,MACX,cAAc;AAAA,MACd,UAAU;AAAA,MACV,SAAS;AAAA,IACX;AAAA,IACA,WAAW;AAAA,MACT,MAAM;AAAA,MACN,WAAW;AAAA,MACX,cAAc;AAAA,MACd,UAAU;AAAA,IACZ;AAAA,IACA,YAAY;AAAA,MACV,MAAM;AAAA,MACN,cAAc;AAAA,MACd,UAAU;AAAA,IACZ;AAAA,IACA,aAAa;AAAA,MACX,MAAM;AAAA,MACN,QAAQ;AAAA,MACR,UAAU;AAAA,MACV,UAAU;AAAA,MACV,cAAc;AAAA,MACd,UAAU;AAAA,IACZ;AAAA,IACA,WAAW;AAAA,MACT,MAAM;AAAA,MACN,cAAc;AAAA,MACd,UAAU;AAAA,IACZ;AAAA,IACA,UAAU;AAAA,MACR,MAAM;AAAA,MACN,cAAc;AAAA,MACd,UAAU;AAAA,IACZ;AAAA,EACF;AACF;AC/DA,MAAe,0BAAA;AAAA,EACb,gBAAgB;AAAA,EAChB,MAAM;AAAA,IACJ,MAAM;AAAA,IACN,aAAa;AAAA,IACb,cAAc;AAAA,IACd,YAAY;AAAA,IACZ,aAAa;AAAA,EACf;AAAA,EACA,SAAS,CAAC;AAAA,EACV,eAAe;AAAA,IACb,mBAAmB;AAAA,MACjB,SAAS;AAAA,IACX;AAAA,IACA,wBAAwB;AAAA,MACtB,SAAS;AAAA,IACX;AAAA,EACF;AAAA,EACA,YAAY;AAAA,IACV,QAAQ;AAAA,MACN,MAAM;AAAA,MACN,WAAW;AAAA,MACX,cAAc;AAAA,MACd,UAAU;AAAA,IACZ;AAAA,IACA,OAAO;AAAA,MACL,cAAc;AAAA,MACd,MAAM;AAAA,MACN,UAAU;AAAA,MACV,YAAY;AAAA,MACZ,QAAQ;AAAA,IACV;AAAA,EACF;AACF;ACzBA,MAAe,UAAA;AAAA,EACb,YAAY,EAAE,QAAQ,WAAW;AAAA,EACjC,MAAM,EAAE,QAAQ,KAAK;AAAA,EACrB,MAAM,EAAE,QAAQ,KAAK;AAAA,EACrB,aAAa,EAAE,QAAQ,SAAS;AAAA,EAChC,wBAAwB,EAAE,QAAQ,mBAAmB;AAAA,EACrD,kBAAkB,EAAE,QAAQ,cAAc;AAAA,EAC1C,6BAA6B,EAAE,QAAQ,wBAAwB;AACjE;ACVA,MAAM,EAAE,eAAe,IAAImJ,eAAM,QAAA;AAEjC,MAAe,YAAA,CAAC,QAAa,EAAE,QAAA7J,QAC7B,MAAA,OAAO,KAAc,SAAe;AAClC,MAAI,kBAAkBA,QAAO,OAAO,IAAI,iBAAiB;AAEzD,MAAI,CAAC,iBAAiB;AACF,sBAAA;AAAA,MAChB,SAAS;AAAA,IAAA;AAAA,EAEb;AAEA,MAAI,CAAC6D,GAAA,IAAI,WAAW,eAAe,GAAG;AACpC,oBAAgB,UAAU;AAAA,EAC5B;AAEI,MAAA,gBAAgB,YAAY,MAAM;AAG9B,UAAAyH,aAAY,QAAQ,gBAAgB,EAAE;AAE5C,UAAM,eAAe1G,GAAA,IAAI,oBAAoB,EAAE,GAAG;AAClD,UAAM,YAAY+D,GAAAA,SAAS,YAAY,IAAI,aAAa,YAAgB,IAAA;AAExE,UAAM,cAAcA,GAAAA,SAAS,IAAI,QAAQ,IAAI,IACzCpD,GAAQ,QAAAnF,sBAAK,UAAU,IAAI,QAAQ,IAAI,CAAC,EAAE,QAAQ,OAAO,EAAE,IAC3D;AAEJ,UAAM,aAAa;AAAA,MACjB,UAAU,EAAE,KAAK,EAAE;AAAA,MACnB,KAAK;AAAA,MACL,WAAW,GAAG,SAAS,IAAI,WAAW,IAAI,IAAI,QAAQ,EAAE;AAAA,MACxD,UAAU;AACR,cAAM,IAAI,eAAe;AAAA,MAC3B;AAAA,MACA,GAAG;AAAA,MACH,GAAG;AAAA,IAAA;AAGL,WAAOkL,WAAU,WAAW,UAAU,EAAE,KAAK,IAAI;AAAA,EACnD;AAEA,SAAO,KAAK;AACd;AC7CF,MAAA,eAAe,MAAM,OAAO,KAAc,SAAe;AACjD,QAAA,gBAAgB,WAAW,UAAU,EAAE;AAEvC,QAAA,EAAE,mBAAA1B,oBAAmB,yBAAA2B,yBAA4B,IAAA;AAGvD,MAAIA,4BAA2B;AAC7B,WAAO,KAAK;AAAA,EACd;AAGA,MAAI,OAAO,OAAO,IAAI,gCAAgC,MAAM,OAAO;AACjE,WAAO,IAAI;EACb;AAGI,MAAA,CAAC3B,sBAAqB;AACxB,WAAO,IAAI;AAAA,MACT;AAAA,MACA;AAAA,QACE,MAAM;AAAA,MACR;AAAA,IAAA;AAAA,EAEJ;AAGM,QAAA,IAAI,MAAM,+DAA+D;AACjF;ACzBA,MAAe,QAAA;AAAA,EACb;AAAA,EACA,iBAAiB;AACnB;;;;;;;;;;;"}
1	+ {"version":3,"file":"index.js","sources":["../../server/src/utils/index.js","../../server/src/config/admin-actions.ts","../../server/src/config/admin-conditions.ts","../../server/src/bootstrap.ts","../../server/src/routes/serve-admin-panel.ts","../../server/src/strategies/admin.ts","../../server/src/services/constants.ts","../../server/src/strategies/api-token.ts","../../server/src/register.ts","../../server/src/destroy.ts","../../server/src/config/email-templates/forgot-password.ts","../../server/src/config/index.ts","../../server/src/policies/isAuthenticatedAdmin.ts","../../server/src/validation/policies/hasPermissions.ts","../../server/src/policies/hasPermissions.ts","../../server/src/policies/isTelemetryEnabled.ts","../../server/src/policies/index.ts","../../server/src/routes/admin.ts","../../server/src/routes/authentication.ts","../../server/src/routes/permissions.ts","../../server/src/routes/users.ts","../../server/src/routes/roles.ts","../../server/src/routes/webhooks.ts","../../server/src/routes/api-tokens.ts","../../server/src/routes/content-api.ts","../../server/src/strategies/data-transfer.ts","../../server/src/routes/transfer.ts","../../server/src/routes/index.ts","../../server/src/services/auth.ts","../../server/src/domain/user.ts","../../server/src/domain/action/index.ts","../../server/src/validation/common-functions/check-fields-are-correctly-nested.ts","../../server/src/validation/common-functions/check-fields-dont-have-duplicates.ts","../../server/src/validation/common-validators.ts","../../server/src/services/user.ts","../../server/src/domain/permission/index.ts","../../server/src/validation/permission.ts","../../server/src/services/role.ts","../../server/src/services/passport/local-strategy.ts","../../server/src/services/passport.ts","../../server/src/services/metrics.ts","../../server/src/services/token.ts","../../server/src/validation/action-provider.ts","../../server/src/domain/action/provider.ts","../../server/src/domain/condition/index.ts","../../server/src/domain/condition/provider.ts","../../server/src/services/permission/permissions-manager/sanitize.ts","../../server/src/services/permission/permissions-manager/validate.ts","../../server/src/services/permission/permissions-manager/query-builders.ts","../../server/src/services/permission/permissions-manager/index.ts","../../server/src/services/permission/engine.ts","../../server/src/services/permission/sections-builder/section.ts","../../server/src/services/permission/sections-builder/builder.ts","../../server/src/services/permission/sections-builder/utils.ts","../../server/src/services/permission/sections-builder/handlers.ts","../../server/src/services/permission/sections-builder/index.ts","../../server/src/services/permission/queries.ts","../../server/src/services/permission.ts","../../server/src/services/content-type.ts","../../server/src/services/condition.ts","../../server/src/services/action.ts","../../server/src/services/api-token.ts","../../server/src/services/transfer/permission.ts","../../server/src/services/transfer/token.ts","../../server/src/services/transfer/utils.ts","../../server/src/services/project-settings.ts","../../server/src/services/index.ts","../../server/src/validation/project-settings.ts","../../server/src/controllers/admin.ts","../../server/src/validation/api-tokens.ts","../../server/src/controllers/api-token.ts","../../server/src/validation/user.ts","../../server/src/controllers/authenticated-user.ts","../../server/src/validation/authentication/register.ts","../../server/src/validation/authentication/forgot-password.ts","../../server/src/validation/authentication/reset-password.ts","../../server/src/validation/authentication/renew-token.ts","../../server/src/controllers/authentication.ts","../../server/src/controllers/formatters/conditions.ts","../../server/src/controllers/permission.ts","../../server/src/validation/role.ts","../../server/src/controllers/role.ts","../../server/src/controllers/transfer/runner.ts","../../server/src/validation/transfer/token.ts","../../server/src/controllers/transfer/token.ts","../../server/src/controllers/transfer/index.ts","../../server/src/controllers/user.ts","../../server/src/controllers/webhooks.ts","../../server/src/controllers/content-api.ts","../../server/src/controllers/index.ts","../../server/src/content-types/Permission.ts","../../server/src/content-types/User.ts","../../server/src/content-types/Role.ts","../../server/src/content-types/api-token.ts","../../server/src/content-types/api-token-permission.ts","../../server/src/content-types/transfer-token.ts","../../server/src/content-types/transfer-token-permission.ts","../../server/src/content-types/index.ts","../../server/src/middlewares/rateLimit.ts","../../server/src/middlewares/data-transfer.ts","../../server/src/middlewares/index.ts"],"sourcesContent":["const getService = (name) => {\n return strapi.service(`admin::${name}`);\n};\n\nexport { getService };\n","export const actions = [\n {\n uid: 'marketplace.read',\n displayName: 'Access the marketplace',\n pluginName: 'admin',\n section: 'settings',\n category: 'plugins and marketplace',\n subCategory: 'marketplace',\n },\n {\n uid: 'webhooks.create',\n displayName: 'Create',\n pluginName: 'admin',\n section: 'settings',\n category: 'webhooks',\n },\n {\n uid: 'webhooks.read',\n displayName: 'Read',\n pluginName: 'admin',\n section: 'settings',\n category: 'webhooks',\n },\n {\n uid: 'webhooks.update',\n displayName: 'Update',\n pluginName: 'admin',\n section: 'settings',\n category: 'webhooks',\n },\n {\n uid: 'webhooks.delete',\n displayName: 'Delete',\n pluginName: 'admin',\n section: 'settings',\n category: 'webhooks',\n },\n {\n uid: 'users.create',\n displayName: 'Create (invite)',\n pluginName: 'admin',\n section: 'settings',\n category: 'users and roles',\n subCategory: 'users',\n },\n {\n uid: 'users.read',\n displayName: 'Read',\n pluginName: 'admin',\n section: 'settings',\n category: 'users and roles',\n subCategory: 'users',\n aliases: [\n {\n actionId: 'plugin::content-manager.explorer.read',\n subjects: ['admin::user'],\n },\n ],\n },\n {\n uid: 'users.update',\n displayName: 'Update',\n pluginName: 'admin',\n section: 'settings',\n category: 'users and roles',\n subCategory: 'users',\n },\n {\n uid: 'users.delete',\n displayName: 'Delete',\n pluginName: 'admin',\n section: 'settings',\n category: 'users and roles',\n subCategory: 'users',\n },\n {\n uid: 'roles.create',\n displayName: 'Create',\n pluginName: 'admin',\n section: 'settings',\n category: 'users and roles',\n subCategory: 'roles',\n },\n {\n uid: 'roles.read',\n displayName: 'Read',\n pluginName: 'admin',\n section: 'settings',\n category: 'users and roles',\n subCategory: 'roles',\n aliases: [\n {\n actionId: 'plugin::content-manager.explorer.read',\n subjects: ['admin::role'],\n },\n ],\n },\n {\n uid: 'roles.update',\n displayName: 'Update',\n pluginName: 'admin',\n section: 'settings',\n category: 'users and roles',\n subCategory: 'roles',\n },\n {\n uid: 'roles.delete',\n displayName: 'Delete',\n pluginName: 'admin',\n section: 'settings',\n category: 'users and roles',\n subCategory: 'roles',\n },\n {\n uid: 'api-tokens.access',\n displayName: 'Access the API tokens settings page',\n pluginName: 'admin',\n section: 'settings',\n category: 'api tokens',\n subCategory: 'api Tokens',\n },\n {\n uid: 'api-tokens.create',\n displayName: 'Create (generate)',\n pluginName: 'admin',\n section: 'settings',\n category: 'api tokens',\n subCategory: 'general',\n },\n {\n uid: 'api-tokens.read',\n displayName: 'Read',\n pluginName: 'admin',\n section: 'settings',\n category: 'api tokens',\n subCategory: 'general',\n },\n {\n uid: 'api-tokens.update',\n displayName: 'Update',\n pluginName: 'admin',\n section: 'settings',\n category: 'api tokens',\n subCategory: 'general',\n },\n {\n uid: 'api-tokens.regenerate',\n displayName: 'Regenerate',\n pluginName: 'admin',\n section: 'settings',\n category: 'api tokens',\n subCategory: 'general',\n },\n {\n uid: 'api-tokens.delete',\n displayName: 'Delete (revoke)',\n pluginName: 'admin',\n section: 'settings',\n category: 'api tokens',\n subCategory: 'general',\n },\n {\n uid: 'project-settings.update',\n displayName: 'Update the project level settings',\n pluginName: 'admin',\n section: 'settings',\n category: 'project',\n },\n {\n uid: 'project-settings.read',\n displayName: 'Read the project level settings',\n pluginName: 'admin',\n section: 'settings',\n category: 'project',\n },\n {\n uid: 'transfer.tokens.access',\n displayName: 'Access the transfer tokens settings page',\n pluginName: 'admin',\n section: 'settings',\n category: 'transfer tokens',\n subCategory: 'transfer tokens',\n },\n {\n uid: 'transfer.tokens.create',\n displayName: 'Create (generate)',\n pluginName: 'admin',\n section: 'settings',\n category: 'transfer tokens',\n subCategory: 'general',\n },\n {\n uid: 'transfer.tokens.read',\n displayName: 'Read',\n pluginName: 'admin',\n section: 'settings',\n category: 'transfer tokens',\n subCategory: 'general',\n },\n {\n uid: 'transfer.tokens.update',\n displayName: 'Update',\n pluginName: 'admin',\n section: 'settings',\n category: 'transfer tokens',\n subCategory: 'general',\n },\n {\n uid: 'transfer.tokens.regenerate',\n displayName: 'Regenerate',\n pluginName: 'admin',\n section: 'settings',\n category: 'transfer tokens',\n subCategory: 'general',\n },\n {\n uid: 'transfer.tokens.delete',\n displayName: 'Delete (revoke)',\n pluginName: 'admin',\n section: 'settings',\n category: 'transfer tokens',\n subCategory: 'general',\n },\n];\n\nexport default {\n actions,\n};\n","// TODO: TS User and role type\ntype User = any;\ntype Role = any;\n\nexport const conditions = [\n {\n displayName: 'Is creator',\n name: 'is-creator',\n plugin: 'admin',\n handler: (user: User) => ({ 'createdBy.id': user.id }),\n },\n {\n displayName: 'Has same role as creator',\n name: 'has-same-role-as-creator',\n plugin: 'admin',\n handler: (user: User) => ({\n 'createdBy.roles': {\n $elemMatch: {\n id: {\n $in: user.roles.map((r: Role) => r.id),\n },\n },\n },\n }),\n },\n];\n\nexport default {\n conditions,\n};\n","import { merge, map, difference, uniq } from 'lodash/fp';\nimport type { Core } from '@strapi/types';\nimport { async } from '@strapi/utils';\nimport { getService } from './utils';\nimport adminActions from './config/admin-actions';\nimport adminConditions from './config/admin-conditions';\n\nconst defaultAdminAuthSettings = {\n providers: {\n autoRegister: false,\n defaultRole: null,\n ssoLockedRoles: null,\n },\n};\n\nconst registerPermissionActions = async () => {\n await getService('permission').actionProvider.registerMany(adminActions.actions);\n};\n\nconst registerAdminConditions = async () => {\n await getService('permission').conditionProvider.registerMany(adminConditions.conditions);\n};\n\nconst registerModelHooks = () => {\n const { sendDidChangeInterfaceLanguage } = getService('metrics');\n\n strapi.db.lifecycles.subscribe({\n models: ['admin::user'],\n afterCreate: sendDidChangeInterfaceLanguage,\n afterDelete: sendDidChangeInterfaceLanguage,\n afterUpdate({ params }) {\n if (params.data.preferedLanguage) {\n sendDidChangeInterfaceLanguage();\n }\n },\n });\n};\n\nconst syncAuthSettings = async () => {\n const adminStore = await strapi.store({ type: 'core', name: 'admin' });\n const adminAuthSettings = await adminStore.get({ key: 'auth' });\n const newAuthSettings = merge(defaultAdminAuthSettings, adminAuthSettings);\n\n const roleExists = await getService('role').exists({\n id: newAuthSettings.providers.defaultRole,\n });\n\n // Reset the default SSO role if it has been deleted manually\n if (!roleExists) {\n newAuthSettings.providers.defaultRole = null;\n }\n\n await adminStore.set({ key: 'auth', value: newAuthSettings });\n};\n\nconst syncAPITokensPermissions = async () => {\n const validPermissions = strapi.contentAPI.permissions.providers.action.keys();\n const permissionsInDB = await async.pipe(\n strapi.db.query('admin::api-token-permission').findMany,\n map('action')\n )();\n\n const unknownPermissions = uniq(difference(permissionsInDB, validPermissions));\n\n if (unknownPermissions.length > 0) {\n await strapi.db\n .query('admin::api-token-permission')\n .deleteMany({ where: { action: { $in: unknownPermissions } } });\n }\n};\n\nexport default async ({ strapi }: { strapi: Core.Strapi }) => {\n await registerAdminConditions();\n await registerPermissionActions();\n registerModelHooks();\n\n const permissionService = getService('permission');\n const userService = getService('user');\n const roleService = getService('role');\n const apiTokenService = getService('api-token');\n const transferService = getService('transfer');\n const tokenService = getService('token');\n\n await roleService.createRolesIfNoneExist();\n await roleService.resetSuperAdminPermissions();\n await roleService.displayWarningIfNoSuperAdmin();\n\n await permissionService.cleanPermissionsInDatabase();\n\n await userService.displayWarningIfUsersDontHaveRole();\n\n await syncAuthSettings();\n await syncAPITokensPermissions();\n\n await getService('metrics').sendUpdateProjectInformation(strapi);\n getService('metrics').startCron(strapi);\n\n apiTokenService.checkSaltIsDefined();\n transferService.token.checkSaltIsDefined();\n tokenService.checkSecretIsDefined();\n};\n","import type { Context, Next } from 'koa';\nimport { resolve, join, extname, basename } from 'path';\nimport fse from 'fs-extra';\nimport koaStatic from 'koa-static';\nimport type { Core } from '@strapi/types';\n\nconst registerAdminPanelRoute = ({ strapi }: { strapi: Core.Strapi }) => {\n let buildDir = resolve(strapi.dirs.dist.root, 'build');\n\n if (!fse.pathExistsSync(buildDir)) {\n buildDir = resolve(__dirname, '../../build');\n }\n\n const serveAdminMiddleware = async (ctx: Context, next: Next) => {\n await next();\n\n if (ctx.method !== 'HEAD' && ctx.method !== 'GET') {\n return;\n }\n\n if (ctx.body != null \|\| ctx.status !== 404) {\n return;\n }\n\n ctx.type = 'html';\n ctx.body = fse.createReadStream(join(buildDir, 'index.html'));\n };\n\n strapi.server.routes([\n {\n method: 'GET',\n path: `${strapi.config.admin.path}/:path`,\n handler: [\n serveAdminMiddleware,\n serveStatic(buildDir, {\n maxage: 31536000,\n defer: false,\n index: 'index.html',\n setHeaders(res: any, path: any) {\n const ext = extname(path);\n // publicly cache static files to avoid unnecessary network & disk access\n if (ext !== '.html') {\n res.setHeader('cache-control', 'public, max-age=31536000, immutable');\n }\n },\n }),\n ],\n config: { auth: false },\n },\n ]);\n};\n\n// serveStatic is not supposed to be used to serve a folder that have sub-folders\nconst serveStatic = (filesDir: any, koaStaticOptions = {}) => {\n const serve = koaStatic(filesDir, koaStaticOptions);\n\n return async (ctx: Context, next: Next) => {\n const prev = ctx.path;\n const newPath = basename(ctx.path);\n\n ctx.path = newPath;\n await serve(ctx, async () => {\n ctx.path = prev;\n await next();\n ctx.path = newPath;\n });\n ctx.path = prev;\n };\n};\n\nexport default registerAdminPanelRoute;\n","import type { Context } from 'koa';\nimport { getService } from '../utils';\n\n/* @type {import('.').AuthenticateFunction} /\nexport const authenticate = async (ctx: Context) => {\n const { authorization } = ctx.request.header;\n\n if (!authorization) {\n return { authenticated: false };\n }\n\n const parts = authorization.split(/\\s+/);\n\n if (parts[0].toLowerCase() !== 'bearer' \|\| parts.length !== 2) {\n return { authenticated: false };\n }\n\n const token = parts[1];\n const { payload, isValid } = getService('token').decodeJwtToken(token);\n\n if (!isValid) {\n return { authenticated: false };\n }\n\n const user = await strapi.db\n .query('admin::user')\n .findOne({ where: { id: payload.id }, populate: ['roles'] });\n\n if (!user \|\| !(user.isActive === true)) {\n return { authenticated: false };\n }\n\n const userAbility = await getService('permission').engine.generateUserAbility(user);\n\n // TODO: use the ability from ctx.state.auth instead of\n // ctx.state.userAbility, and remove the assign below\n ctx.state.userAbility = userAbility;\n ctx.state.user = user;\n\n return {\n authenticated: true,\n credentials: user,\n ability: userAbility,\n };\n};\n\nexport const name = 'admin';\n\n/* @type {import('.').AuthStrategy} /\nexport default {\n name,\n authenticate,\n};\n","const DAY_IN_MS = 24 60 * 60 * 1000;\n\nconst constants = {\n CONTENT_TYPE_SECTION: 'contentTypes',\n SUPER_ADMIN_CODE: 'strapi-super-admin',\n EDITOR_CODE: 'strapi-editor',\n AUTHOR_CODE: 'strapi-author',\n READ_ACTION: 'plugin::content-manager.explorer.read',\n CREATE_ACTION: 'plugin::content-manager.explorer.create',\n UPDATE_ACTION: 'plugin::content-manager.explorer.update',\n DELETE_ACTION: 'plugin::content-manager.explorer.delete',\n PUBLISH_ACTION: 'plugin::content-manager.explorer.publish',\n API_TOKEN_TYPE: {\n READ_ONLY: 'read-only',\n FULL_ACCESS: 'full-access',\n CUSTOM: 'custom',\n },\n // The front-end only displays these values\n API_TOKEN_LIFESPANS: {\n UNLIMITED: null,\n DAYS_7: 7 * DAY_IN_MS,\n DAYS_30: 30 * DAY_IN_MS,\n DAYS_90: 90 * DAY_IN_MS,\n },\n TRANSFER_TOKEN_TYPE: {\n PUSH: 'push',\n PULL: 'pull',\n },\n TRANSFER_TOKEN_LIFESPANS: {\n UNLIMITED: null,\n DAYS_7: 7 * DAY_IN_MS,\n DAYS_30: 30 * DAY_IN_MS,\n DAYS_90: 90 * DAY_IN_MS,\n },\n};\n\nexport default constants;\n","import type { Context } from 'koa';\nimport { castArray, isNil } from 'lodash/fp';\nimport { differenceInHours, parseISO } from 'date-fns';\nimport { errors } from '@strapi/utils';\nimport constants from '../services/constants';\nimport { getService } from '../utils';\nimport '@strapi/types';\n\nconst { UnauthorizedError, ForbiddenError } = errors;\n\nconst isReadScope = (scope: any) => scope.endsWith('find') \|\| scope.endsWith('findOne');\n\nconst extractToken = (ctx: Context) => {\n if (ctx.request && ctx.request.header && ctx.request.header.authorization) {\n const parts = ctx.request.header.authorization.split(/\\s+/);\n\n if (parts[0].toLowerCase() !== 'bearer' \|\| parts.length !== 2) {\n return null;\n }\n\n return parts[1];\n }\n\n return null;\n};\n\n/*\n Authenticate the validity of the token\n /\nexport const authenticate = async (ctx: Context) => {\n const apiTokenService = getService('api-token');\n const token = extractToken(ctx);\n\n if (!token) {\n return { authenticated: false };\n }\n\n const apiToken = await apiTokenService.getBy({\n accessKey: apiTokenService.hash(token),\n });\n\n // token not found\n if (!apiToken) {\n return { authenticated: false };\n }\n\n const currentDate = new Date();\n\n if (!isNil(apiToken.expiresAt)) {\n const expirationDate = new Date(apiToken.expiresAt);\n // token has expired\n if (expirationDate < currentDate) {\n return { authenticated: false, error: new UnauthorizedError('Token expired') };\n }\n }\n\n // update lastUsedAt if the token has not been used in the last hour\n // @ts-expect-error - FIXME: verify lastUsedAt is defined\n const hoursSinceLastUsed = differenceInHours(currentDate, parseISO(apiToken.lastUsedAt));\n if (hoursSinceLastUsed >= 1) {\n await strapi.db.query('admin::api-token').update({\n where: { id: apiToken.id },\n data: { lastUsedAt: currentDate },\n });\n }\n\n if (apiToken.type === constants.API_TOKEN_TYPE.CUSTOM) {\n const ability = await strapi.contentAPI.permissions.engine.generateAbility(\n apiToken.permissions.map((action: any) => ({ action }))\n );\n\n return { authenticated: true, ability, credentials: apiToken };\n }\n\n return { authenticated: true, credentials: apiToken };\n};\n\n/\n Verify the token has the required abilities for the requested scope\n \n @type {import('.').VerifyFunction}\n /\nexport const verify = (auth: any, config: any) => {\n const { credentials: apiToken, ability } = auth;\n\n if (!apiToken) {\n throw new UnauthorizedError('Token not found');\n }\n\n const currentDate = new Date();\n\n if (!isNil(apiToken.expiresAt)) {\n const expirationDate = new Date(apiToken.expiresAt);\n // token has expired\n if (expirationDate < currentDate) {\n throw new UnauthorizedError('Token expired');\n }\n }\n\n // Full access\n if (apiToken.type === constants.API_TOKEN_TYPE.FULL_ACCESS) {\n return;\n }\n\n // Read only\n if (apiToken.type === constants.API_TOKEN_TYPE.READ_ONLY) {\n /\n If you don't have `full-access` you can only access `find` and `findOne`\n * scopes. If the route has no scope, then you can't get access to it.\n /\n const scopes = castArray(config.scope);\n\n if (config.scope && scopes.every(isReadScope)) {\n return;\n }\n }\n\n // Custom\n else if (apiToken.type === constants.API_TOKEN_TYPE.CUSTOM) {\n if (!ability) {\n throw new ForbiddenError();\n }\n\n const scopes = castArray(config.scope);\n\n const isAllowed = scopes.every((scope) => ability.can(scope));\n\n if (isAllowed) {\n return;\n }\n }\n\n throw new ForbiddenError();\n};\n\nexport const name = 'api-token';\n\nexport default {\n name: 'api-token',\n authenticate,\n verify,\n};\n","import type { Core } from '@strapi/types';\nimport registerAdminPanelRoute from './routes/serve-admin-panel';\nimport adminAuthStrategy from './strategies/admin';\nimport apiTokenAuthStrategy from './strategies/api-token';\n\nexport default ({ strapi }: { strapi: Core.Strapi }) => {\n const passportMiddleware = strapi.service('admin::passport').init();\n\n strapi.server.api('admin').use(passportMiddleware);\n strapi.get('auth').register('admin', adminAuthStrategy);\n strapi.get('auth').register('content-api', apiTokenAuthStrategy);\n\n if (strapi.config.get('admin.serveAdminPanel')) {\n registerAdminPanelRoute({ strapi });\n }\n};\n","import { getService } from './utils';\n\nexport default async () => {\n const { conditionProvider, actionProvider } = getService('permission');\n\n await conditionProvider.clear();\n await actionProvider.clear();\n};\n","const subject = `Reset password`;\n\nconst html = `<p>We heard that you lost your password. Sorry about that!</p>\n\n<p>But don’t worry! You can use the following link to reset your password:</p>\n\n<p><%= url %></p>\n\n<p>Thanks.</p>`;\n\nconst text = `We heard that you lost your password. Sorry about that!\n\nBut don’t worry! You can use the following link to reset your password:\n\n<%= url %>\n\nThanks.`;\n\nexport default { subject, text, html };\n","import forgotPasswordTemplate from './email-templates/forgot-password';\n\nexport const forgotPassword = {\n emailTemplate: forgotPasswordTemplate,\n};\n\nexport default {\n forgotPassword,\n};\n","export default (policyCtx: any) => {\n return Boolean(policyCtx.state.isAuthenticated);\n};\n","import _ from 'lodash';\nimport { yup, validateYupSchema } from '@strapi/utils';\n\nconst hasPermissionsSchema = yup.object({\n actions: yup.array().of(\n // @ts-expect-error yup types\n yup.lazy((val) => {\n if (_.isArray(val)) {\n return yup.array().of(yup.string()).min(1).max(2);\n }\n\n if (_.isString(val)) {\n return yup.string().required();\n }\n\n return yup.object().shape({\n action: yup.string().required(),\n subject: yup.string(),\n });\n })\n ),\n});\n\nexport const validateHasPermissionsInput = validateYupSchema(hasPermissionsSchema);\n\nexport default {\n validateHasPermissionsInput,\n};\n","import _ from 'lodash';\nimport { policy } from '@strapi/utils';\nimport { validateHasPermissionsInput } from '../validation/policies/hasPermissions';\n\nconst { createPolicy } = policy;\n\nconst inputModifiers = [\n {\n check: _.isString,\n transform: (action: any) => ({ action }),\n },\n {\n check: _.isArray,\n transform: (arr: any) => ({ action: arr[0], subject: arr[1] }),\n },\n {\n // Has to be after the isArray check since _.isObject also matches arrays\n check: _.isObject,\n transform: (perm: any) => perm,\n },\n];\n\nexport default createPolicy({\n name: 'admin::hasPermissions',\n validator: validateHasPermissionsInput,\n handler(ctx, config) {\n const { actions } = config;\n const { userAbility: ability } = ctx.state;\n\n const permissions = actions.map((action: any) =>\n inputModifiers.find((modifier) => modifier.check(action))?.transform(action)\n );\n\n const isAuthorized = permissions.every(({ action, subject }: any) =>\n ability.can(action, subject)\n );\n\n return isAuthorized;\n },\n});\n","import { policy } from '@strapi/utils';\n\n// TODO: TS - Try to make { policy: { createPolicy } } from '@strapi/utils'; work\nconst { createPolicy } = policy;\n\n/\n This policy is used for routes dealing with telemetry and analytics content.\n * It will fails when the telemetry has been disabled on the server.\n /\nexport default createPolicy({\n name: 'admin::isTelemetryEnabled',\n handler(_ctx, _config, { strapi }) {\n if (strapi.telemetry.isDisabled) {\n return false;\n }\n },\n});\n","import isAuthenticatedAdmin from './isAuthenticatedAdmin';\nimport hasPermissions from './hasPermissions';\nimport isTelemetryEnabled from './isTelemetryEnabled';\n\nexport default { isAuthenticatedAdmin, hasPermissions, isTelemetryEnabled };\n","export default [\n {\n method: 'GET',\n path: '/init',\n handler: 'admin.init',\n config: { auth: false },\n },\n {\n method: 'GET',\n path: '/project-settings',\n handler: 'admin.getProjectSettings',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n {\n name: 'admin::hasPermissions',\n config: { actions: ['admin::project-settings.read'] },\n },\n ],\n },\n },\n {\n method: 'POST',\n path: '/project-settings',\n handler: 'admin.updateProjectSettings',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n {\n name: 'admin::hasPermissions',\n config: { actions: ['admin::project-settings.update'] },\n },\n ],\n },\n },\n {\n method: 'GET',\n path: '/project-type',\n handler: 'admin.getProjectType',\n config: { auth: false },\n },\n {\n method: 'GET',\n path: '/information',\n handler: 'admin.information',\n config: {\n policies: ['admin::isAuthenticatedAdmin'],\n },\n },\n {\n method: 'GET',\n path: '/telemetry-properties',\n handler: 'admin.telemetryProperties',\n config: {\n policies: ['admin::isAuthenticatedAdmin'],\n },\n },\n {\n method: 'GET',\n path: '/plugins',\n handler: 'admin.plugins',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::marketplace.read'] } },\n ],\n },\n },\n];\n","export default [\n {\n method: 'POST',\n path: '/login',\n handler: 'authentication.login',\n config: {\n auth: false,\n middlewares: ['admin::rateLimit'],\n },\n },\n {\n method: 'POST',\n path: '/renew-token',\n handler: 'authentication.renewToken',\n config: { auth: false },\n },\n {\n method: 'POST',\n path: '/register-admin',\n handler: 'authentication.registerAdmin',\n config: { auth: false },\n },\n {\n method: 'GET',\n path: '/registration-info',\n handler: 'authentication.registrationInfo',\n config: { auth: false },\n },\n {\n method: 'POST',\n path: '/register',\n handler: 'authentication.register',\n config: { auth: false },\n },\n {\n method: 'POST',\n path: '/forgot-password',\n handler: 'authentication.forgotPassword',\n config: { auth: false },\n },\n {\n method: 'POST',\n path: '/reset-password',\n handler: 'authentication.resetPassword',\n config: { auth: false },\n },\n {\n method: 'POST',\n path: '/logout',\n handler: 'authentication.logout',\n config: {\n policies: ['admin::isAuthenticatedAdmin'],\n },\n },\n];\n","export default [\n {\n method: 'GET',\n path: '/permissions',\n handler: 'permission.getAll',\n config: {\n policies: ['admin::isAuthenticatedAdmin'],\n },\n },\n {\n method: 'POST',\n path: '/permissions/check',\n handler: 'permission.check',\n config: {\n policies: ['admin::isAuthenticatedAdmin'],\n },\n },\n];\n","export default [\n {\n method: 'GET',\n path: '/users/me',\n handler: 'authenticated-user.getMe',\n config: {\n policies: ['admin::isAuthenticatedAdmin'],\n },\n },\n {\n method: 'PUT',\n path: '/users/me',\n handler: 'authenticated-user.updateMe',\n config: {\n policies: ['admin::isAuthenticatedAdmin'],\n },\n },\n {\n method: 'GET',\n path: '/users/me/permissions',\n handler: 'authenticated-user.getOwnPermissions',\n config: {\n policies: ['admin::isAuthenticatedAdmin'],\n },\n },\n {\n method: 'POST',\n path: '/users',\n handler: 'user.create',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::users.create'] } },\n ],\n },\n },\n {\n method: 'GET',\n path: '/users',\n handler: 'user.find',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::users.read'] } },\n ],\n },\n },\n {\n method: 'GET',\n path: '/users/:id',\n handler: 'user.findOne',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::users.read'] } },\n ],\n },\n },\n {\n method: 'PUT',\n path: '/users/:id',\n handler: 'user.update',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::users.update'] } },\n ],\n },\n },\n {\n method: 'DELETE',\n path: '/users/:id',\n handler: 'user.deleteOne',\n config: {\n policies: [{ name: 'admin::hasPermissions', config: { actions: ['admin::users.delete'] } }],\n },\n },\n {\n method: 'POST',\n path: '/users/batch-delete',\n handler: 'user.deleteMany',\n config: {\n policies: [{ name: 'admin::hasPermissions', config: { actions: ['admin::users.delete'] } }],\n },\n },\n];\n","export default [\n {\n method: 'GET',\n path: '/roles/:id/permissions',\n handler: 'role.getPermissions',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::roles.read'] } },\n ],\n },\n },\n {\n method: 'PUT',\n path: '/roles/:id/permissions',\n handler: 'role.updatePermissions',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::roles.update'] } },\n ],\n },\n },\n {\n method: 'GET',\n path: '/roles/:id',\n handler: 'role.findOne',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::roles.read'] } },\n ],\n },\n },\n {\n method: 'GET',\n path: '/roles',\n handler: 'role.findAll',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::roles.read'] } },\n ],\n },\n },\n {\n method: 'POST',\n path: '/roles',\n handler: 'role.create',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n {\n name: 'admin::hasPermissions',\n config: {\n actions: ['admin::roles.create'],\n },\n },\n ],\n },\n },\n {\n method: 'PUT',\n path: '/roles/:id',\n handler: 'role.update',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::roles.update'] } },\n ],\n },\n },\n {\n method: 'DELETE',\n path: '/roles/:id',\n handler: 'role.deleteOne',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n {\n name: 'admin::hasPermissions',\n config: {\n actions: ['admin::roles.delete'],\n },\n },\n ],\n },\n },\n {\n method: 'POST',\n path: '/roles/batch-delete',\n handler: 'role.deleteMany',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n {\n name: 'admin::hasPermissions',\n config: {\n actions: ['admin::roles.delete'],\n },\n },\n ],\n },\n },\n];\n","export default [\n {\n method: 'GET',\n path: '/webhooks',\n handler: 'webhooks.listWebhooks',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::webhooks.read'] } },\n ],\n },\n },\n {\n method: 'POST',\n path: '/webhooks',\n handler: 'webhooks.createWebhook',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::webhooks.create'] } },\n ],\n },\n },\n {\n method: 'GET',\n path: '/webhooks/:id',\n handler: 'webhooks.getWebhook',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::webhooks.read'] } },\n ],\n },\n },\n {\n method: 'PUT',\n path: '/webhooks/:id',\n handler: 'webhooks.updateWebhook',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::webhooks.update'] } },\n ],\n },\n },\n {\n method: 'DELETE',\n path: '/webhooks/:id',\n handler: 'webhooks.deleteWebhook',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::webhooks.delete'] } },\n ],\n },\n },\n {\n method: 'POST',\n path: '/webhooks/batch-delete',\n handler: 'webhooks.deleteWebhooks',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::webhooks.delete'] } },\n ],\n },\n },\n {\n method: 'POST',\n path: '/webhooks/:id/trigger',\n handler: 'webhooks.triggerWebhook',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::webhooks.update'] } },\n ],\n },\n },\n];\n","export default [\n {\n method: 'POST',\n path: '/api-tokens',\n handler: 'api-token.create',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::api-tokens.create'] } },\n ],\n },\n },\n {\n method: 'GET',\n path: '/api-tokens',\n handler: 'api-token.list',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::api-tokens.read'] } },\n ],\n },\n },\n {\n method: 'DELETE',\n path: '/api-tokens/:id',\n handler: 'api-token.revoke',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::api-tokens.delete'] } },\n ],\n },\n },\n {\n method: 'GET',\n path: '/api-tokens/:id',\n handler: 'api-token.get',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::api-tokens.read'] } },\n ],\n },\n },\n {\n method: 'PUT',\n path: '/api-tokens/:id',\n handler: 'api-token.update',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::api-tokens.update'] } },\n ],\n },\n },\n {\n method: 'POST',\n path: '/api-tokens/:id/regenerate',\n handler: 'api-token.regenerate',\n config: {\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::api-tokens.regenerate'] } },\n ],\n },\n },\n];\n","export default [\n {\n method: 'GET',\n path: '/content-api/permissions',\n handler: 'content-api.getPermissions',\n config: {\n policies: ['admin::isAuthenticatedAdmin'],\n },\n },\n {\n method: 'GET',\n path: '/content-api/routes',\n handler: 'content-api.getRoutes',\n config: {\n policies: ['admin::isAuthenticatedAdmin'],\n },\n },\n];\n","import type { Context } from 'koa';\nimport { differenceInHours, parseISO } from 'date-fns';\nimport { errors } from '@strapi/utils';\nimport { castArray, isNil } from 'lodash/fp';\n\nimport { getService } from '../utils';\n\nconst { UnauthorizedError, ForbiddenError } = errors;\n\nconst extractToken = (ctx: Context) => {\n if (ctx.request && ctx.request.header && ctx.request.header.authorization) {\n const parts = ctx.request.header.authorization.split(/\\s+/);\n\n if (parts[0].toLowerCase() !== 'bearer' \|\| parts.length !== 2) {\n return null;\n }\n\n return parts[1];\n }\n\n return null;\n};\n\n/\n Authenticate the validity of the token\n \n @type {import('.').AuthenticateFunction}\n /\nexport const authenticate = async (ctx: Context) => {\n const { token: tokenService } = getService('transfer');\n const token = extractToken(ctx);\n\n if (!token) {\n return { authenticated: false };\n }\n\n const transferToken = await tokenService.getBy({ accessKey: tokenService.hash(token) });\n\n // Check if the token exists\n if (!transferToken) {\n return { authenticated: false };\n }\n\n // Check if the token has expired\n const currentDate = new Date();\n\n if (!isNil(transferToken.expiresAt)) {\n const expirationDate = new Date(transferToken.expiresAt);\n\n if (expirationDate < currentDate) {\n return { authenticated: false, error: new UnauthorizedError('Token expired') };\n }\n }\n\n // Update token metadata if the token has not been used in the last hour\n // @ts-expect-error - FIXME: verify lastUsedAt is defined\n const hoursSinceLastUsed = differenceInHours(currentDate, parseISO(transferToken.lastUsedAt));\n if (hoursSinceLastUsed >= 1) {\n await strapi.db.query('admin::api-token').update({\n where: { id: transferToken.id },\n data: { lastUsedAt: currentDate },\n });\n }\n\n // Generate an ability based on the token permissions\n const ability = await getService('transfer').permission.engine.generateAbility(\n transferToken.permissions.map((action: any) => ({ action }))\n );\n\n return { authenticated: true, ability, credentials: transferToken };\n};\n\n/\n Verify the token has the required abilities for the requested scope\n \n @type {import('.').VerifyFunction}\n /\nexport const verify = async (auth: any, config: any = {}) => {\n const { credentials: transferToken, ability } = auth;\n\n if (!transferToken) {\n throw new UnauthorizedError('Token not found');\n }\n\n const currentDate = new Date();\n\n if (!isNil(transferToken.expiresAt)) {\n const expirationDate = new Date(transferToken.expiresAt);\n // token has expired\n if (expirationDate < currentDate) {\n throw new UnauthorizedError('Token expired');\n }\n }\n\n if (!ability) {\n throw new ForbiddenError();\n }\n\n const scopes = castArray(config.scope ?? []);\n\n const isAllowed = scopes.every((scope) => ability.can(scope));\n\n if (!isAllowed) {\n throw new ForbiddenError();\n }\n};\n\nexport const name = 'data-transfer';\n\n/* @type {import('.').AuthStrategy} /\nexport default {\n name,\n authenticate,\n verify,\n};\n","import dataTransferAuthStrategy from '../strategies/data-transfer';\n\nexport default [\n // Transfer Push\n {\n method: 'GET',\n path: '/transfer/runner/push',\n handler: 'transfer.runner-push',\n config: {\n middlewares: ['admin::data-transfer'],\n auth: { strategies: [dataTransferAuthStrategy], scope: ['push'] },\n },\n },\n // Transfer Pull\n {\n method: 'GET',\n path: '/transfer/runner/pull',\n handler: 'transfer.runner-pull',\n config: {\n middlewares: ['admin::data-transfer'],\n auth: { strategies: [dataTransferAuthStrategy], scope: ['pull'] },\n },\n },\n // Transfer Tokens\n {\n method: 'POST',\n path: '/transfer/tokens',\n handler: 'transfer.token-create',\n config: {\n middlewares: ['admin::data-transfer'],\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::transfer.tokens.create'] } },\n ],\n },\n },\n {\n method: 'GET',\n path: '/transfer/tokens',\n handler: 'transfer.token-list',\n config: {\n middlewares: ['admin::data-transfer'],\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::transfer.tokens.read'] } },\n ],\n },\n },\n {\n method: 'DELETE',\n path: '/transfer/tokens/:id',\n handler: 'transfer.token-revoke',\n config: {\n middlewares: ['admin::data-transfer'],\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::transfer.tokens.delete'] } },\n ],\n },\n },\n {\n method: 'GET',\n path: '/transfer/tokens/:id',\n handler: 'transfer.token-getById',\n config: {\n middlewares: ['admin::data-transfer'],\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::transfer.tokens.read'] } },\n ],\n },\n },\n {\n method: 'PUT',\n path: '/transfer/tokens/:id',\n handler: 'transfer.token-update',\n config: {\n middlewares: ['admin::data-transfer'],\n policies: [\n 'admin::isAuthenticatedAdmin',\n { name: 'admin::hasPermissions', config: { actions: ['admin::transfer.tokens.update'] } },\n ],\n },\n },\n {\n method: 'POST',\n path: '/transfer/tokens/:id/regenerate',\n handler: 'transfer.token-regenerate',\n config: {\n middlewares: ['admin::data-transfer'],\n policies: [\n 'admin::isAuthenticatedAdmin',\n {\n name: 'admin::hasPermissions',\n config: { actions: ['admin::transfer.tokens.regenerate'] },\n },\n ],\n },\n },\n];\n","import admin from './admin';\nimport authentication from './authentication';\nimport permissions from './permissions';\nimport users from './users';\nimport roles from './roles';\nimport webhooks from './webhooks';\nimport apiTokens from './api-tokens';\nimport contentApi from './content-api';\nimport transfer from './transfer';\n\nconst routes = {\n admin: {\n type: 'admin',\n routes: [\n ...admin,\n ...authentication,\n ...permissions,\n ...users,\n ...roles,\n ...webhooks,\n ...apiTokens,\n ...contentApi,\n ...transfer,\n ],\n },\n};\n\nexport default routes;\n","import bcrypt from 'bcryptjs';\nimport _ from 'lodash';\nimport { errors } from '@strapi/utils';\nimport { getService } from '../utils';\nimport type { AdminUser } from '../../../shared/contracts/shared';\nimport '@strapi/types';\n\nconst { ApplicationError } = errors;\n\n/\n hashes a password\n * @param password - password to hash\n * @returns hashed password\n /\nconst hashPassword = (password: string) => bcrypt.hash(password, 10);\n\n/\n Validate a password\n * @param password\n * @param hash\n * @returns {Promise<boolean>} is the password valid\n /\nconst validatePassword = (password: string, hash: string) => bcrypt.compare(password, hash);\n\n/\n Check login credentials\n * @param email the users email address\n * @param password the users password\n /\nconst checkCredentials = async ({ email, password }: { email: string; password: string }) => {\n const user: AdminUser = await strapi.db.query('admin::user').findOne({ where: { email } });\n\n if (!user \|\| !user.password) {\n return [null, false, { message: 'Invalid credentials' }];\n }\n\n const isValid = await validatePassword(password, user.password);\n\n if (!isValid) {\n return [null, false, { message: 'Invalid credentials' }];\n }\n\n if (!(user.isActive === true)) {\n return [null, false, { message: 'User not active' }];\n }\n\n return [null, user];\n};\n\n/\n Send an email to the user if it exists or do nothing\n * @param email user email for which to reset the password\n /\nconst forgotPassword = async ({ email } = {} as { email: string }) => {\n const user: AdminUser = await strapi.db\n .query('admin::user')\n .findOne({ where: { email, isActive: true } });\n if (!user) {\n return;\n }\n\n const resetPasswordToken = getService('token').createToken();\n await getService('user').updateById(user.id, { resetPasswordToken });\n\n // Send an email to the admin.\n const url = `${strapi.config.get(\n 'admin.absoluteUrl'\n )}/auth/reset-password?code=${resetPasswordToken}`;\n\n return strapi\n .plugin('email')\n .service('email')\n .sendTemplatedEmail(\n {\n to: user.email,\n from: strapi.config.get('admin.forgotPassword.from'),\n replyTo: strapi.config.get('admin.forgotPassword.replyTo'),\n },\n strapi.config.get('admin.forgotPassword.emailTemplate'),\n {\n url,\n user: _.pick(user, ['email', 'firstname', 'lastname', 'username']),\n }\n )\n .catch((err: unknown) => {\n // log error server side but do not disclose it to the user to avoid leaking informations\n strapi.log.error(err);\n });\n};\n\n/\n Reset a user password\n * @param resetPasswordToken token generated to request a password reset\n * @param password new user password\n /\nconst resetPassword = async (\n { resetPasswordToken, password } = {} as { resetPasswordToken: string; password: string }\n) => {\n const matchingUser: AdminUser \| undefined = await strapi.db\n .query('admin::user')\n .findOne({ where: { resetPasswordToken, isActive: true } });\n\n if (!matchingUser) {\n throw new ApplicationError();\n }\n\n return getService('user').updateById(matchingUser.id, {\n password,\n resetPasswordToken: null,\n });\n};\n\nexport default { checkCredentials, validatePassword, hashPassword, forgotPassword, resetPassword };\n","import constants from '../services/constants';\n\nimport type {\n AdminUser,\n AdminRole,\n AdminUserCreationPayload,\n} from '../../../shared/contracts/shared';\n\nconst { SUPER_ADMIN_CODE } = constants;\n\n/\n Create a new user model by merging default and specified attributes\n * @param attributes A partial user object\n /\nexport function createUser(attributes: Partial<AdminUserCreationPayload>) {\n return {\n roles: [],\n isActive: false,\n username: null,\n ...attributes,\n };\n}\n\nexport const hasSuperAdminRole = (user: AdminUser) => {\n return user.roles.filter((role: AdminRole) => role.code === SUPER_ADMIN_CODE).length > 0;\n};\n\nexport const ADMIN_USER_ALLOWED_FIELDS = ['id', 'firstname', 'lastname', 'username'];\n\nexport default {\n createUser,\n hasSuperAdminRole,\n ADMIN_USER_ALLOWED_FIELDS,\n};\n","import type { Utils } from '@strapi/types';\n\nimport { curry, pipe, merge, set, pick, omit, includes, isArray, prop } from 'lodash/fp';\n\nexport interface ActionAlias {\n /\n The action ID to alias\n /\n actionId: string;\n\n /\n An optional array of subject to restrict the alias usage\n /\n subjects?: string[];\n}\n\nexport type Action = {\n /\n The unique identifier of the action\n /\n actionId: string;\n\n /\n The section linked to the action - These can be 'contentTypes' \| 'plugins' \| 'settings' \| 'internal'\n /\n section: string;\n\n /\n The human readable name of an action\n /\n displayName: string;\n\n /\n The main category of an action\n /\n category: string;\n\n /\n The secondary category of an action (only for settings and plugins section)\n /\n subCategory?: string;\n\n /\n The plugin that provides the action\n /\n pluginName?: string;\n\n /\n A list of subjects on which the action can be applied\n /\n subjects?: string[];\n\n /\n The options of an action\n /\n options: {\n /\n The list of properties that can be associated with an action\n /\n applyToProperties: string[] \| null;\n };\n\n /\n An optional array of @see {@link ActionAlias}.\n \n It represents the possible aliases for the current action.\n \n Aliases are unidirectional.\n \n Note: This is an internal property and probably shouldn't be used outside Strapi core features.\n * Its behavior might change at any time without notice.\n \n @internal\n /\n aliases?: ActionAlias[];\n};\n\n/\n Set of attributes used to create a new {@link Action} object\n * @typedef {Action, { uid: string }} CreateActionPayload\n /\nexport type CreateActionPayload = Utils.Intersect<\n [\n Utils.Object.PartialBy<\n // Action Id is computed from the uid value\n Omit<Action, 'actionId'>,\n // Options is filled with default values\n 'options'\n >,\n { uid: string },\n ]\n>;\n\n/\n Return the default attributes of a new {@link Action}\n * @return Partial<Action>\n /\nconst getDefaultActionAttributes = (): Partial<Action> => ({\n options: {\n applyToProperties: null,\n },\n});\n\n/\n Get the list of all the valid attributes of an {@link Action}\n /\nconst actionFields = [\n 'section',\n 'displayName',\n 'category',\n 'subCategory',\n 'pluginName',\n 'subjects',\n 'options',\n 'actionId',\n 'aliases',\n] as const;\n\n/\n Remove unwanted attributes from an {@link Action}\n /\nconst sanitizeActionAttributes = pick(actionFields) as (\n action: Action \| CreateActionPayload\n) => Action;\n\n/\n Create and return an identifier for an {@link CreateActionPayload}.\n * The format is based on the action's source ({@link CreateActionPayload.pluginName} or 'application') and {@link CreateActionPayload.uid}.\n * @param {CreateActionPayload} attributes\n * @return {string}\n /\n// TODO: TS - Use Common.UID\nconst computeActionId = (attributes: CreateActionPayload): string => {\n const { pluginName, uid } = attributes;\n\n if (!pluginName) {\n return `api::${uid}`;\n }\n\n if (pluginName === 'admin') {\n return `admin::${uid}`;\n }\n\n return `plugin::${pluginName}.${uid}`;\n};\n\n/\n Assign an actionId attribute to an {@link CreateActionPayload} object\n /\nconst assignActionId = (attrs: CreateActionPayload) =>\n set('actionId', computeActionId(attrs), attrs);\n\n/\n Transform an action by adding or removing the {@link Action.subCategory} attribute\n * @param {Action} action - The action to process\n * @return {Action}\n /\nconst assignOrOmitSubCategory = (action: Action): Action => {\n const shouldHaveSubCategory = ['settings', 'plugins'].includes(action.section);\n\n return shouldHaveSubCategory\n ? set('subCategory', action.subCategory \|\| 'general', action)\n : omit('subCategory', action);\n};\n\n/\n Check if a property can be applied to an {@link Action}\n /\nconst appliesToProperty = curry((property: string, action: Action): boolean => {\n return pipe(prop('options.applyToProperties'), includes(property))(action);\n});\n\n/\n Check if an action applies to a subject\n /\nconst appliesToSubject = curry((subject: string, action: Action): boolean => {\n return isArray(action.subjects) && includes(subject, action.subjects);\n});\n\n/\n Transform the given attributes into a domain representation of an Action\n /\nconst create: (payload: CreateActionPayload) => Action = pipe(\n // Create and assign an action identifier to the action\n // (need to be done before the sanitizeActionAttributes since we need the uid here)\n assignActionId,\n // Add or remove the sub category field based on the pluginName attribute\n assignOrOmitSubCategory,\n // Remove unwanted attributes from the payload\n sanitizeActionAttributes,\n // Complete the action creation by adding default values for some attributes\n merge(getDefaultActionAttributes())\n);\n\nexport default {\n actionFields,\n appliesToProperty,\n appliesToSubject,\n assignActionId,\n assignOrOmitSubCategory,\n create,\n computeActionId,\n getDefaultActionAttributes,\n sanitizeActionAttributes,\n};\n","import _ from 'lodash';\n\nconst checkFieldsAreCorrectlyNested = (fields: unknown) => {\n if (_.isNil(fields)) {\n // Only check if the fields exist\n return true;\n }\n if (!Array.isArray(fields)) {\n return false;\n }\n\n let failed = false;\n for (let indexA = 0; indexA < fields.length; indexA += 1) {\n failed = fields\n .slice(indexA + 1)\n .some(\n (fieldB) =>\n fieldB.startsWith(`${fields[indexA]}.`) \|\| fields[indexA].startsWith(`${fieldB}.`)\n );\n if (failed) break;\n }\n\n return !failed;\n};\n\nexport default checkFieldsAreCorrectlyNested;\n","import _ from 'lodash';\n\nconst checkFieldsDontHaveDuplicates = (fields: unknown) => {\n if (_.isNil(fields)) {\n // Only check if the fields exist\n return true;\n }\n if (!Array.isArray(fields)) {\n return false;\n }\n\n return _.uniq(fields).length === fields.length;\n};\n\nexport default checkFieldsDontHaveDuplicates;\n","import { yup } from '@strapi/utils';\nimport _ from 'lodash';\nimport { isEmpty, has, isNil, isArray } from 'lodash/fp';\nimport { getService } from '../utils';\nimport actionDomain, { type Action } from '../domain/action';\nimport { checkFieldsAreCorrectlyNested, checkFieldsDontHaveDuplicates } from './common-functions';\nimport actions from '../domain/action/index';\n\nconst { actionFields } = actions;\n\nconst getActionFromProvider = (actionId: string) => {\n return getService('permission').actionProvider.get(actionId);\n};\n\nexport const email = yup.string().email().lowercase();\n\nexport const firstname = yup.string().trim().min(1);\n\nexport const lastname = yup.string();\n\nexport const username = yup.string().min(1);\n\nexport const password = yup\n .string()\n .min(8)\n .matches(/[a-z]/, '${path} must contain at least one lowercase character')\n .matches(/[A-Z]/, '${path} must contain at least one uppercase character')\n .matches(/\\d/, '${path} must contain at least one number');\n\nexport const roles = yup.array(yup.strapiID()).min(1);\n\nconst isAPluginName = yup\n .string()\n .test('is-a-plugin-name', 'is not a plugin name', function (value) {\n return [undefined, 'admin', ...Object.keys(strapi.plugins)].includes(value)\n ? true\n : this.createError({ path: this.path, message: `${this.path} is not an existing plugin` });\n });\n\nexport const arrayOfConditionNames = yup\n .array()\n .of(yup.string())\n .test('is-an-array-of-conditions', 'is not a plugin name', function (value) {\n const ids = strapi.service('admin::permission').conditionProvider.keys();\n return _.isUndefined(value) \|\| _.difference(value, ids).length === 0\n ? true\n : this.createError({ path: this.path, message: `contains conditions that don't exist` });\n });\n\nexport const permissionsAreEquals = (a: any, b: any) =>\n a.action === b.action && (a.subject === b.subject \|\| (_.isNil(a.subject) && _.isNil(b.subject)));\n\nconst checkNoDuplicatedPermissions = (permissions: unknown) =>\n !Array.isArray(permissions) \|\|\n permissions.every((permA, i) =>\n permissions.slice(i + 1).every((permB) => !permissionsAreEquals(permA, permB))\n );\n\nconst checkNilFields = (action: Action) =>\n function (fields: typeof actionFields) {\n // If the parent has no action field, then we ignore this test\n if (isNil(action)) {\n return true;\n }\n\n return actionDomain.appliesToProperty('fields', action) \|\| isNil(fields);\n };\n\nconst fieldsPropertyValidation = (action: Action) =>\n yup\n .array()\n .of(yup.string())\n .nullable()\n .test(\n 'field-nested',\n 'Fields format are incorrect (bad nesting).',\n checkFieldsAreCorrectlyNested\n )\n .test(\n 'field-nested',\n 'Fields format are incorrect (duplicates).',\n checkFieldsDontHaveDuplicates\n )\n .test(\n 'fields-restriction',\n 'The permission at ${path} must have fields set to null or undefined',\n // @ts-expect-error yup types\n checkNilFields(action)\n );\n\nexport const permission = yup\n .object()\n .shape({\n action: yup\n .string()\n .required()\n .test('action-validity', 'action is not an existing permission action', function (actionId) {\n // If the action field is Nil, ignore the test and let the required check handle the error\n if (isNil(actionId)) {\n return true;\n }\n\n return !!getActionFromProvider(actionId);\n }),\n actionParameters: yup.object().nullable(),\n subject: yup\n .string()\n .nullable()\n .test('subject-validity', 'Invalid subject submitted', function (subject) {\n // @ts-expect-error yup types\n const action = getActionFromProvider(this.options.parent.action);\n\n if (!action) {\n return true;\n }\n\n if (isNil(action.subjects)) {\n return isNil(subject);\n }\n\n if (isArray(action.subjects) && !isNil(subject)) {\n return action.subjects.includes(subject);\n }\n\n return false;\n }),\n properties: yup\n .object()\n .test('properties-structure', 'Invalid property set at ${path}', function (properties) {\n // @ts-expect-error yup types\n const action = getActionFromProvider(this.options.parent.action) as any;\n const hasNoProperties = isEmpty(properties) \|\| isNil(properties);\n\n if (!has('options.applyToProperties', action)) {\n return hasNoProperties;\n }\n\n if (hasNoProperties) {\n return true;\n }\n\n const { applyToProperties } = action.options;\n\n if (!isArray(applyToProperties)) {\n return false;\n }\n\n return Object.keys(properties).every((property) => applyToProperties.includes(property));\n })\n .test(\n 'fields-property',\n 'Invalid fields property at ${path}',\n async function (properties = {}) {\n // @ts-expect-error yup types\n const action = getActionFromProvider(this.options.parent.action) as any;\n\n if (!action \|\| !properties) {\n return true;\n }\n\n if (!actionDomain.appliesToProperty('fields', action)) {\n return true;\n }\n\n try {\n await fieldsPropertyValidation(action).validate(properties.fields, {\n strict: true,\n abortEarly: false,\n });\n return true;\n } catch (e: any) {\n // Propagate fieldsPropertyValidation error with updated path\n throw this.createError({\n message: e.message,\n path: `${this.path}.fields`,\n });\n }\n }\n ),\n conditions: yup.array().of(yup.string()),\n })\n .noUnknown();\n\nexport const updatePermissions = yup\n .object()\n .shape({\n permissions: yup\n .array()\n .required()\n .of(permission)\n .test(\n 'duplicated-permissions',\n 'Some permissions are duplicated (same action and subject)',\n checkNoDuplicatedPermissions\n ),\n })\n .required()\n .noUnknown();\n\nexport default {\n email,\n firstname,\n lastname,\n username,\n password,\n roles,\n isAPluginName,\n arrayOfConditionNames,\n permission,\n updatePermissions,\n};\n","/ eslint-disable @typescript-eslint/no-non-null-assertion /\nimport _ from 'lodash';\nimport { defaults } from 'lodash/fp';\nimport { arrays, errors } from '@strapi/utils';\nimport type { Data } from '@strapi/types';\nimport { createUser, hasSuperAdminRole } from '../domain/user';\nimport type {\n AdminUser,\n AdminRole,\n AdminUserCreationPayload,\n SanitizedAdminUser,\n SanitizedAdminRole,\n AdminUserUpdatePayload,\n // eslint-disable-next-line node/no-unpublished-import\n} from '../../../shared/contracts/shared';\nimport { password as passwordValidator } from '../validation/common-validators';\nimport { getService } from '../utils';\nimport constants from './constants';\n\nconst { SUPER_ADMIN_CODE } = constants;\n\nconst { ValidationError } = errors;\nconst sanitizeUserRoles = (role: AdminRole): SanitizedAdminRole =>\n _.pick(role, ['id', 'name', 'description', 'code']);\n\n/\n Remove private user fields\n * @param user - user to sanitize\n /\nconst sanitizeUser = (user: AdminUser): SanitizedAdminUser => {\n return {\n ..._.omit(user, ['password', 'resetPasswordToken', 'registrationToken', 'roles']),\n roles: user.roles && user.roles.map(sanitizeUserRoles),\n };\n};\n\n/\n Create and save a user in database\n * @param attributes A partial user object\n /\nconst create = async (\n // isActive is added in the controller, it's not sent by the API.\n attributes: Partial<AdminUserCreationPayload> & { isActive?: true }\n): Promise<AdminUser> => {\n const userInfo = {\n registrationToken: getService('token').createToken(),\n ...attributes,\n };\n\n if (_.has(attributes, 'password')) {\n userInfo.password = await getService('auth').hashPassword(attributes.password!);\n }\n\n const user = createUser(userInfo);\n\n const createdUser = await strapi.db\n .query('admin::user')\n .create({ data: user, populate: ['roles'] });\n\n getService('metrics').sendDidInviteUser();\n\n strapi.eventHub.emit('user.create', { user: sanitizeUser(createdUser) });\n\n return createdUser;\n};\n\n/\n Update a user in database\n * @param id query params to find the user to update\n * @param attributes A partial user object\n /\nconst updateById = async (\n id: Data.ID,\n attributes: Partial<AdminUserUpdatePayload>\n): Promise<AdminUser> => {\n // Check at least one super admin remains\n if (_.has(attributes, 'roles')) {\n const lastAdminUser = await isLastSuperAdminUser(id);\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n const willRemoveSuperAdminRole = !arrays.includesString(attributes.roles!, superAdminRole.id);\n\n if (lastAdminUser && willRemoveSuperAdminRole) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n\n // cannot disable last super admin\n if (attributes.isActive === false) {\n const lastAdminUser = await isLastSuperAdminUser(id);\n if (lastAdminUser) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n\n // hash password if a new one is sent\n if (_.has(attributes, 'password')) {\n const hashedPassword = await getService('auth').hashPassword(attributes.password!);\n\n const updatedUser = await strapi.db.query('admin::user').update({\n where: { id },\n data: {\n ...attributes,\n password: hashedPassword,\n },\n populate: ['roles'],\n });\n\n strapi.eventHub.emit('user.update', { user: sanitizeUser(updatedUser) });\n\n return updatedUser;\n }\n\n const updatedUser = await strapi.db.query('admin::user').update({\n where: { id },\n data: attributes,\n populate: ['roles'],\n });\n\n if (updatedUser) {\n strapi.eventHub.emit('user.update', { user: sanitizeUser(updatedUser) });\n }\n\n return updatedUser;\n};\n\n/\n Reset a user password by email. (Used in admin:reset CLI)\n * @param email - user email\n * @param password - new password\n /\nconst resetPasswordByEmail = async (email: string, password: string) => {\n const user = await strapi.db\n .query('admin::user')\n .findOne({ where: { email }, populate: ['roles'] });\n\n if (!user) {\n throw new Error(`User not found for email: ${email}`);\n }\n\n try {\n await passwordValidator.validate(password);\n } catch (error) {\n throw new ValidationError(\n 'Invalid password. Expected a minimum of 8 characters with at least one number and one uppercase letter'\n );\n }\n\n await updateById(user.id, { password });\n};\n\n/\n Check if a user is the last super admin\n * @param userId user's id to look for\n /\nconst isLastSuperAdminUser = async (userId: Data.ID): Promise<boolean> => {\n const user = (await findOne(userId)) as AdminUser \| null;\n if (!user) return false;\n\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n\n return superAdminRole.usersCount === 1 && hasSuperAdminRole(user);\n};\n\n/\n Check if a user with specific attributes exists in the database\n * @param attributes A partial user object\n /\nconst exists = async (attributes = {} as unknown): Promise<boolean> => {\n return (await strapi.db.query('admin::user').count({ where: attributes })) > 0;\n};\n\n/\n Returns a user registration info\n * @param registrationToken - a user registration token\n * @returns - Returns user email, firstname and lastname\n /\nconst findRegistrationInfo = async (\n registrationToken: string\n): Promise<Pick<AdminUser, 'email' \| 'firstname' \| 'lastname'> \| undefined> => {\n const user = await strapi.db.query('admin::user').findOne({ where: { registrationToken } });\n\n if (!user) {\n return undefined;\n }\n\n return _.pick(user, ['email', 'firstname', 'lastname']);\n};\n\n/\n Registers a user based on a registrationToken and some informations to update\n * @param params\n * @param params.registrationToken registration token\n * @param params.userInfo user info\n /\nconst register = async ({\n registrationToken,\n userInfo,\n}: {\n registrationToken: string;\n userInfo: Partial<AdminUser>;\n}) => {\n const matchingUser = await strapi.db\n .query('admin::user')\n .findOne({ where: { registrationToken } });\n\n if (!matchingUser) {\n throw new ValidationError('Invalid registration info');\n }\n\n return getService('user').updateById(matchingUser.id, {\n password: userInfo.password,\n firstname: userInfo.firstname,\n lastname: userInfo.lastname,\n registrationToken: null,\n isActive: true,\n });\n};\n\n/\n Find one user\n /\nconst findOne = async (id: Data.ID, populate = ['roles']) => {\n return strapi.db.query('admin::user').findOne({ where: { id }, populate });\n};\n\n/\n Find one user by its email\n * @param email\n * @param populate\n * @returns\n /\nconst findOneByEmail = async (email: string, populate = []) => {\n return strapi.db.query('admin::user').findOne({\n where: { email: { $eqi: email } },\n populate,\n });\n};\n\n/* Find many users (paginated)\n * @param params\n /\nconst findPage = async (params = {}): Promise<unknown> => {\n const query = strapi\n .get('query-params')\n .transform('admin::user', defaults({ populate: ['roles'] }, params));\n\n return strapi.db.query('admin::user').findPage(query);\n};\n\n/* Delete a user\n * @param id id of the user to delete\n /\nconst deleteById = async (id: Data.ID): Promise<AdminUser \| null> => {\n // Check at least one super admin remains\n const userToDelete: AdminUser \| null = await strapi.db.query('admin::user').findOne({\n where: { id },\n populate: ['roles'],\n });\n\n if (!userToDelete) {\n return null;\n }\n\n if (userToDelete) {\n if (userToDelete.roles.some((r) => r.code === SUPER_ADMIN_CODE)) {\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n if (superAdminRole.usersCount === 1) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n }\n\n const deletedUser = await strapi.db\n .query('admin::user')\n .delete({ where: { id }, populate: ['roles'] });\n\n strapi.eventHub.emit('user.delete', { user: sanitizeUser(deletedUser) });\n\n return deletedUser;\n};\n\n/* Delete a user\n * @param ids ids of the users to delete\n /\nconst deleteByIds = async (ids: (string \| number)[]): Promise<AdminUser[]> => {\n // Check at least one super admin remains\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n const nbOfSuperAdminToDelete = await strapi.db.query('admin::user').count({\n where: {\n id: ids,\n roles: { id: superAdminRole.id },\n },\n });\n\n if (superAdminRole.usersCount === nbOfSuperAdminToDelete) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n\n const deletedUsers = [] as AdminUser[];\n for (const id of ids) {\n const deletedUser = await strapi.db.query('admin::user').delete({\n where: { id },\n populate: ['roles'],\n });\n\n deletedUsers.push(deletedUser);\n }\n\n strapi.eventHub.emit('user.delete', {\n users: deletedUsers.map((deletedUser) => sanitizeUser(deletedUser)),\n });\n\n return deletedUsers;\n};\n\n/* Count the users that don't have any associated roles\n /\nconst countUsersWithoutRole = async (): Promise<number> => {\n return strapi.db.query('admin::user').count({\n where: {\n roles: {\n id: { $null: true },\n },\n },\n });\n};\n\n/\n Count the number of users based on search params\n * @param params params used for the query\n /\nconst count = async (where = {}): Promise<number> => {\n return strapi.db.query('admin::user').count({ where });\n};\n\n/\n Assign some roles to several users\n /\nconst assignARoleToAll = async (roleId: Data.ID): Promise<void> => {\n const users = await strapi.db.query('admin::user').findMany({\n select: ['id'],\n where: {\n roles: { id: { $null: true } },\n },\n });\n\n await Promise.all(\n users.map((user) => {\n return strapi.db.query('admin::user').update({\n where: { id: user.id },\n data: { roles: [roleId] },\n });\n })\n );\n};\n\n/* Display a warning if some users don't have at least one role\n /\nconst displayWarningIfUsersDontHaveRole = async (): Promise<void> => {\n const count = await countUsersWithoutRole();\n\n if (count > 0) {\n strapi.log.warn(`Some users (${count}) don't have any role.`);\n }\n};\n\n/* Returns an array of interface languages currently used by users\n /\nconst getLanguagesInUse = async (): Promise<string[]> => {\n const users = await strapi.db.query('admin::user').findMany({ select: ['preferedLanguage'] });\n\n return users.map((user) => user.preferedLanguage \|\| 'en');\n};\n\nexport default {\n create,\n updateById,\n exists,\n findRegistrationInfo,\n register,\n sanitizeUser,\n findOne,\n findOneByEmail,\n findPage,\n deleteById,\n deleteByIds,\n countUsersWithoutRole,\n count,\n assignARoleToAll,\n displayWarningIfUsersDontHaveRole,\n resetPasswordByEmail,\n getLanguagesInUse,\n};\n","import type { Utils } from '@strapi/types';\n\nimport { providerFactory } from '@strapi/utils';\nimport {\n pipe,\n set,\n pick,\n eq,\n omit,\n remove,\n get,\n uniq,\n isArray,\n map,\n curry,\n merge,\n} from 'lodash/fp';\nimport { Permission } from '../../../../shared/contracts/shared';\nimport { SanitizedPermission } from '../../../../shared/contracts/roles';\n\nexport type CreatePermissionPayload = Utils.Object.PartialBy<\n Permission,\n 'actionParameters' \| 'conditions' \| 'properties' \| 'subject' \| 'id' \| 'createdAt' \| 'updatedAt'\n>;\n\ntype Provider = ReturnType<typeof providerFactory>;\n\nexport const permissionFields = [\n 'id',\n 'action',\n 'actionParameters',\n 'subject',\n 'properties',\n 'conditions',\n 'role',\n];\nexport const sanitizedPermissionFields = [\n 'id',\n 'action',\n 'actionParameters',\n 'subject',\n 'properties',\n 'conditions',\n] as const;\n\nexport const sanitizePermissionFields: (p: Permission) => SanitizedPermission =\n pick(sanitizedPermissionFields);\n\n/\n Creates a permission with default values\n /\nconst getDefaultPermission = () => ({\n actionParameters: {},\n conditions: [],\n properties: {},\n subject: null,\n});\n\n/\n Returns a new permission with the given condition\n * @param condition - The condition to add\n * @param permission - The permission on which we want to add the condition\n * @return\n /\nexport const addCondition = curry((condition: string, permission: Permission): Permission => {\n const { conditions } = permission;\n const newConditions = Array.isArray(conditions)\n ? uniq(conditions.concat(condition))\n : [condition];\n\n return set('conditions', newConditions, permission);\n});\n\n/\n Returns a new permission without the given condition\n * @param condition - The condition to remove\n * @param permission - The permission on which we want to remove the condition\n /\nexport const removeCondition = curry((condition: string, permission: Permission): Permission => {\n return set('conditions', remove(eq(condition), permission.conditions), permission);\n});\n\n/\n Gets a property or a part of a property from a permission.\n * @param property - The property to get\n * @param permission - The permission on which we want to access the property\n /\nexport const getProperty = curry(\n (property: string, permission: Permission): Permission =>\n get(`properties.${property}`, permission)\n);\n\n/\n Set a value for a given property on a new permission object\n * @param property - The name of the property\n * @param value - The value of the property\n * @param permission - The permission on which we want to set the property\n /\nexport const setProperty = (\n property: string,\n value: unknown,\n permission: Permission\n): Permission => {\n return set(`properties.${property}`, value, permission);\n};\n\n/\n Returns a new permission without the given property name set\n * @param property - The name of the property to delete\n * @param permission - The permission on which we want to remove the property\n /\nexport const deleteProperty = <TProperty extends string>(\n property: TProperty,\n permission: Permission\n) => omit(`properties.${property}`, permission) as Omit<Permission, TProperty>;\n\n/\n Creates a new {@link Permission} object from raw attributes. Set default values for certain fields\n * @param attributes\n /\nexport const create = (attributes: CreatePermissionPayload) => {\n return pipe(pick(permissionFields), merge(getDefaultPermission()))(attributes) as Permission;\n};\n\n/\n Using the given condition provider, check and remove invalid condition from the permission's condition array.\n * @param provider - The condition provider used to do the checks\n * @param permission - The condition to sanitize\n /\nexport const sanitizeConditions = curry(\n (provider: Provider, permission: Permission): Permission => {\n if (!isArray(permission.conditions)) {\n return permission;\n }\n\n return permission.conditions\n .filter((condition: string) => !provider.has(condition))\n .reduce(\n (perm: Permission, condition: string) => removeCondition(condition, perm),\n permission\n );\n }\n);\n\n/\n Transform raw attributes into valid permissions using the create domain function.\n * @param payload - Can either be a single object of attributes or an array of those objects.\n /\n\nfunction toPermission<T extends CreatePermissionPayload>(payload: T[]): Permission[];\nfunction toPermission<T extends CreatePermissionPayload>(payload: T): Permission;\nfunction toPermission<T extends CreatePermissionPayload>(\n payload: T[] \| T\n): Permission[] \| Permission {\n if (isArray(payload)) {\n return map((value) => create(value), payload);\n }\n\n return create(payload);\n}\n\nexport { toPermission };\n\nexport default {\n addCondition,\n removeCondition,\n create,\n deleteProperty,\n permissionFields,\n getProperty,\n sanitizedPermissionFields,\n sanitizeConditions,\n sanitizePermissionFields,\n setProperty,\n toPermission,\n};\n","import { yup, validateYupSchema } from '@strapi/utils';\nimport { getService } from '../utils';\nimport validators from './common-validators';\n\nconst checkPermissionsSchema = yup.object().shape({\n permissions: yup.array().of(\n yup\n .object()\n .shape({\n action: yup.string().required(),\n subject: yup.string().nullable(),\n field: yup.string(),\n })\n .noUnknown()\n ),\n});\n\nconst checkPermissionsExist = function (permissions: any) {\n const existingActions = getService('permission').actionProvider.values();\n const failIndex = permissions.findIndex(\n (permission: any) =>\n !existingActions.some(\n (action: any) =>\n action.actionId === permission.action &&\n (action.section !== 'contentTypes' \|\| action.subjects.includes(permission.subject))\n )\n );\n\n return failIndex === -1\n ? true\n : // @ts-expect-error yup types\n this.createError({\n path: 'permissions',\n message: `[${failIndex}] is not an existing permission action`,\n });\n};\n\nconst actionsExistSchema = yup\n .array()\n .of(\n yup.object().shape({\n conditions: yup.array().of(yup.string()),\n })\n )\n .test('actions-exist', '', checkPermissionsExist);\n\nexport const validatePermissionsExist = validateYupSchema(actionsExistSchema);\nexport const validateCheckPermissionsInput = validateYupSchema(checkPermissionsSchema);\nexport const validatedUpdatePermissionsInput = validateYupSchema(validators.updatePermissions);\n\nexport default {\n validatedUpdatePermissionsInput,\n validatePermissionsExist,\n validateCheckPermissionsInput,\n};\n","/ eslint-disable @typescript-eslint/no-explicit-any / // TODO: TS - Use database parameters interface when they are ready\n/ eslint-disable @typescript-eslint/default-param-last /\nimport _ from 'lodash';\nimport { set, omit, pick, prop, isArray, differenceWith, differenceBy, isEqual } from 'lodash/fp';\n\nimport { dates, arrays, hooks as hooksUtils, errors } from '@strapi/utils';\nimport type { Data } from '@strapi/types';\n\nimport permissionDomain from '../domain/permission';\nimport type { AdminUser, AdminRole, Permission } from '../../../shared/contracts/shared';\nimport type { Action } from '../domain/action';\n\nimport { validatePermissionsExist } from '../validation/permission';\nimport roleConstants from './constants';\nimport { getService } from '../utils';\n\nconst { SUPER_ADMIN_CODE, CONTENT_TYPE_SECTION } = roleConstants;\n\nconst { createAsyncSeriesWaterfallHook } = hooksUtils;\nconst { ApplicationError } = errors;\n\nconst hooks = {\n willResetSuperAdminPermissions: createAsyncSeriesWaterfallHook(),\n};\n\nconst ACTIONS = {\n publish: 'plugin::content-manager.explorer.publish',\n};\n\n// @ts-expect-error lodash types\nconst sanitizeRole: <T extends object>(obj: T) => Omit<T, 'users' \| 'permissions'> = omit([\n 'users',\n 'permissions',\n] as const);\n\nexport type AdminRoleWithUsersCount = AdminRole & { usersCount: number };\n\nconst COMPARABLE_FIELDS = ['conditions', 'properties', 'subject', 'action', 'actionParameters'];\nconst pickComparableFields = pick(COMPARABLE_FIELDS);\n\nconst jsonClean = <T extends object>(data: T): T => JSON.parse(JSON.stringify(data));\n\n/\n Compare two permissions\n /\nconst arePermissionsEqual = (p1: Permission, p2: Permission): boolean => {\n if (p1.action === p2.action) {\n return isEqual(jsonClean(pickComparableFields(p1)), jsonClean(pickComparableFields(p2)));\n }\n\n return false;\n};\n\n/\n Create and save a role in database\n * @param attributes A partial role object\n /\nconst create = async (attributes: Partial<AdminRole>): Promise<AdminRole> => {\n const alreadyExists = await exists({ name: attributes.name });\n\n if (alreadyExists) {\n throw new ApplicationError(\n `The name must be unique and a role with name \\`${attributes.name}\\` already exists.`\n );\n }\n const autoGeneratedCode = `${_.kebabCase(attributes.name)}-${dates.timestampCode()}`;\n\n const rolesWithCode = {\n ...attributes,\n code: attributes.code \|\| autoGeneratedCode,\n };\n\n const result = await strapi.db.query('admin::role').create({ data: rolesWithCode });\n strapi.eventHub.emit('role.create', { role: sanitizeRole(result) });\n\n return result;\n};\n\n/\n Find a role in database\n * @param params query params to find the role\n * @param populate\n /\nconst findOne = (params = {}, populate?: unknown): Promise<AdminRole> => {\n return strapi.db.query('admin::role').findOne({ where: params, populate });\n};\n\n/\n Find a role in database with usersCounts\n * @param params query params to find the role\n * @param populate\n /\nconst findOneWithUsersCount = async (\n params = {},\n populate?: unknown\n): Promise<AdminRoleWithUsersCount> => {\n const role = await strapi.db.query('admin::role').findOne({ where: params, populate });\n\n if (role) {\n role.usersCount = await getUsersCount(role.id);\n }\n\n return role;\n};\n\n/\n Find roles in database\n * @param params query params to find the roles\n * @param populate\n /\nconst find = (params = {}, populate: unknown): Promise<AdminRole[]> => {\n return strapi.db.query('admin::role').findMany({ where: params, populate });\n};\n\n/\n Find all roles in database\n /\nconst findAllWithUsersCount = async (params: any): Promise<AdminRoleWithUsersCount[]> => {\n const roles: AdminRoleWithUsersCount[] = await strapi.db\n .query('admin::role')\n .findMany(strapi.get('query-params').transform('admin::role', params));\n\n for (const role of roles) {\n role.usersCount = await getUsersCount(role.id);\n }\n\n return roles;\n};\n\n/\n Update a role in database\n * @param params query params to find the role to update\n * @param attributes A partial role object\n /\nconst update = async (params: any, attributes: Partial<AdminRole>): Promise<AdminRole> => {\n const sanitizedAttributes = _.omit(attributes, ['code']);\n\n if (_.has(params, 'id') && _.has(sanitizedAttributes, 'name')) {\n const alreadyExists = await exists({\n name: sanitizedAttributes.name,\n id: { $ne: params.id },\n });\n if (alreadyExists) {\n throw new ApplicationError(\n `The name must be unique and a role with name \\`${sanitizedAttributes.name}\\` already exists.`\n );\n }\n }\n\n const result = await strapi.db\n .query('admin::role')\n .update({ where: params, data: sanitizedAttributes });\n\n strapi.eventHub.emit('role.update', { role: sanitizeRole(result) });\n\n return result;\n};\n\n/\n Check if a role exists in database\n * @param params query params to find the role\n /\nconst exists = async (params = {} as unknown): Promise<boolean> => {\n const count = await strapi.db.query('admin::role').count({ where: params });\n return count > 0;\n};\n\n/\n Count the number of roles based on search params\n * @param params params used for the query\n /\nconst count = async (params = {} as any): Promise<number> => {\n return strapi.db.query('admin::role').count(params);\n};\n\n/\n Check if the given roles id can be deleted safely, throw otherwise\n * @param ids\n /\nconst checkRolesIdForDeletion = async (ids = [] as Data.ID[]) => {\n const superAdminRole = await getSuperAdmin();\n\n if (superAdminRole && arrays.includesString(ids, superAdminRole.id)) {\n throw new ApplicationError('You cannot delete the super admin role');\n }\n\n for (const roleId of ids) {\n const usersCount = await getUsersCount(roleId);\n if (usersCount !== 0) {\n throw new ApplicationError('Some roles are still assigned to some users');\n }\n }\n};\n\n/\n Delete roles in database if they have no user assigned\n * @param ids query params to find the roles\n /\nconst deleteByIds = async (ids = [] as Data.ID[]): Promise<AdminRole[]> => {\n await checkRolesIdForDeletion(ids);\n\n await getService('permission').deleteByRolesIds(ids);\n\n const deletedRoles: AdminRole[] = [];\n for (const id of ids) {\n const deletedRole = await strapi.db.query('admin::role').delete({ where: { id } });\n\n if (deletedRole) {\n strapi.eventHub.emit('role.delete', { role: deletedRole });\n deletedRoles.push(deletedRole);\n }\n }\n\n return deletedRoles;\n};\n\n/* Count the number of users for some roles\n /\nconst getUsersCount = async (roleId: Data.ID): Promise<number> => {\n return strapi.db.query('admin::user').count({ where: { roles: { id: roleId } } });\n};\n\n/* Returns admin role\n /\nconst getSuperAdmin = (): Promise<AdminRole \| undefined> => findOne({ code: SUPER_ADMIN_CODE });\n\n/* Returns admin role with userCount\n * @returns {Promise<role>}\n /\nconst getSuperAdminWithUsersCount = () => findOneWithUsersCount({ code: SUPER_ADMIN_CODE });\n\n/* Create superAdmin, Author and Editor role is no role already exist\n /\nconst createRolesIfNoneExist = async () => {\n const someRolesExist = await exists();\n if (someRolesExist) {\n return;\n }\n\n const { actionProvider } = getService('permission');\n\n const allActions = actionProvider.values();\n const contentTypesActions = allActions.filter((a) => a.section === 'contentTypes');\n\n // create 3 roles\n const superAdminRole = await create({\n name: 'Super Admin',\n code: 'strapi-super-admin',\n description: 'Super Admins can access and manage all features and settings.',\n });\n\n await getService('user').assignARoleToAll(superAdminRole.id);\n\n const editorRole = await create({\n name: 'Editor',\n code: 'strapi-editor',\n description: 'Editors can manage and publish contents including those of other users.',\n });\n\n const authorRole = await create({\n name: 'Author',\n code: 'strapi-author',\n description: 'Authors can manage the content they have created.',\n });\n\n // create content-type permissions for each role\n const editorPermissions = getService('content-type').getPermissionsWithNestedFields(\n contentTypesActions,\n {\n restrictedSubjects: ['plugin::users-permissions.user'],\n }\n );\n\n const authorPermissions = editorPermissions\n .filter(({ action }: any) => action !== ACTIONS.publish)\n .map((permission: any) =>\n permissionDomain.create({ ...permission, conditions: ['admin::is-creator'] })\n );\n\n editorPermissions.push(...getDefaultPluginPermissions());\n authorPermissions.push(...getDefaultPluginPermissions({ isAuthor: true }));\n\n // assign permissions to roles\n await addPermissions(editorRole.id, editorPermissions);\n await addPermissions(authorRole.id, authorPermissions);\n};\n\nconst getDefaultPluginPermissions = ({ isAuthor = false } = {}) => {\n const conditions = isAuthor ? ['admin::is-creator'] : [];\n\n // add plugin permissions for each role\n return [\n { action: 'plugin::upload.read', conditions },\n { action: 'plugin::upload.configure-view' },\n { action: 'plugin::upload.assets.create' },\n { action: 'plugin::upload.assets.update', conditions },\n { action: 'plugin::upload.assets.download' },\n { action: 'plugin::upload.assets.copy-link' },\n ].map(permissionDomain.create);\n};\n\n/* Display a warning if the role superAdmin doesn't exist\n * or if the role is not assigned to at least one user\n /\nconst displayWarningIfNoSuperAdmin = async () => {\n const superAdminRole = await getSuperAdminWithUsersCount();\n const someUsersExists = await getService('user').exists();\n\n if (!superAdminRole) {\n strapi.log.warn(\"Your application doesn't have a super admin role.\");\n } else if (someUsersExists && superAdminRole.usersCount === 0) {\n strapi.log.warn(\"Your application doesn't have a super admin user.\");\n }\n};\n\n/\n Assign permissions to a role\n * @param roleId - role Data.ID\n * @param {Array<Permission{action,subject,fields,conditions}>} permissions - permissions to assign to the role\n /\nconst assignPermissions = async (\n roleId: Data.ID,\n permissions: Array<Pick<Permission, 'action' \| 'subject' \| 'conditions'>> = []\n) => {\n await validatePermissionsExist(permissions);\n\n // Internal actions are not handled by the role service, so any permission\n // with an internal action is filtered out\n const internalActions = getService('permission')\n .actionProvider.values()\n .filter((action) => action.section === 'internal')\n .map((action) => action.actionId);\n\n const superAdmin = await getService('role').getSuperAdmin();\n const isSuperAdmin = superAdmin && superAdmin.id === roleId;\n const assignRole = set('role', roleId);\n\n const permissionsWithRole = permissions\n // Add the role attribute to every permission\n .map(assignRole)\n // Transform each permission into a Permission instance\n // @ts-expect-error - lodash set doesn't resolve the type appropriately\n .map(permissionDomain.create);\n\n const existingPermissions = await getService('permission').findMany({\n where: { role: { id: roleId } },\n populate: ['role'],\n });\n\n const permissionsToAdd = differenceWith(\n arePermissionsEqual,\n permissionsWithRole,\n existingPermissions\n ).filter((permission: Permission) => !internalActions.includes(permission.action));\n\n const permissionsToDelete = differenceWith(\n arePermissionsEqual,\n existingPermissions,\n permissionsWithRole\n ).filter((permission: Permission) => !internalActions.includes(permission.action));\n\n const permissionsToReturn = differenceBy('id', permissionsToDelete, existingPermissions);\n\n if (permissionsToDelete.length > 0) {\n // @ts-expect-error - lodash prop doesn't resolve the type appropriately\n await getService('permission').deleteByIds(permissionsToDelete.map(prop('id')));\n }\n\n if (permissionsToAdd.length > 0) {\n const newPermissions = await addPermissions(roleId, permissionsToAdd);\n permissionsToReturn.push(...newPermissions);\n }\n\n if (!isSuperAdmin && (permissionsToAdd.length \|\| permissionsToDelete.length)) {\n await getService('metrics').sendDidUpdateRolePermissions();\n }\n\n return permissionsToReturn;\n};\n\nconst addPermissions = async (roleId: Data.ID, permissions: any) => {\n const { conditionProvider, createMany } = getService('permission');\n const { sanitizeConditions } = permissionDomain;\n\n const permissionsWithRole = permissions\n .map(set('role', roleId))\n // @ts-expect-error - refactor domain/permission Condition type, as it's now expecting\n // a string but it should be a Condition interface\n .map(sanitizeConditions(conditionProvider))\n .map(permissionDomain.create);\n\n return createMany(permissionsWithRole);\n};\n\nconst isContentTypeAction = (action: Action) => action.section === CONTENT_TYPE_SECTION;\n\n/\n Reset super admin permissions (giving it all permissions)\n /\nconst resetSuperAdminPermissions = async () => {\n const superAdminRole = await getService('role').getSuperAdmin();\n if (!superAdminRole) {\n return;\n }\n\n const permissionService = getService('permission');\n const contentTypeService = getService('content-type');\n\n const allActions = permissionService.actionProvider.values() as Action[];\n\n const contentTypesActions = allActions.filter((action) => isContentTypeAction(action));\n const otherActions = allActions.filter((action) => !isContentTypeAction(action));\n\n // First, get the content-types permissions\n const permissions = contentTypeService.getPermissionsWithNestedFields(\n contentTypesActions\n ) as Permission[];\n\n // Then add every other permission\n const otherPermissions = otherActions.reduce((acc, action) => {\n const { actionId, subjects } = action;\n\n if (isArray(subjects)) {\n acc.push(\n ...subjects.map((subject) => permissionDomain.create({ action: actionId, subject }))\n );\n } else {\n acc.push(permissionDomain.create({ action: actionId }));\n }\n\n return acc;\n }, [] as Permission[]);\n\n permissions.push(...otherPermissions);\n\n const transformedPermissions = (await hooks.willResetSuperAdminPermissions.call(\n permissions\n )) as Permission[];\n\n await assignPermissions(superAdminRole.id, transformedPermissions);\n};\n\n/\n Check if a user object includes the super admin role\n /\nconst hasSuperAdminRole = (user: AdminUser): boolean => {\n const roles = _.get(user, 'roles', []) as AdminRole[];\n\n return roles.map(prop('code')).includes(SUPER_ADMIN_CODE);\n};\n\nconst constants = {\n superAdminCode: SUPER_ADMIN_CODE,\n};\n\nexport default {\n hooks,\n sanitizeRole,\n create,\n findOne,\n findOneWithUsersCount,\n find,\n findAllWithUsersCount,\n update,\n exists,\n count,\n deleteByIds,\n getUsersCount,\n getSuperAdmin,\n getSuperAdminWithUsersCount,\n createRolesIfNoneExist,\n displayWarningIfNoSuperAdmin,\n addPermissions,\n hasSuperAdminRole,\n assignPermissions,\n resetSuperAdminPermissions,\n checkRolesIdForDeletion,\n constants,\n};\n","import { toLower } from 'lodash/fp';\nimport { Strategy as LocalStrategy } from 'passport-local';\nimport type { Core } from '@strapi/types';\nimport { getService } from '../../utils';\n\nconst createLocalStrategy = (strapi: Core.Strapi, middleware?: any) => {\n return new LocalStrategy(\n {\n usernameField: 'email',\n passwordField: 'password',\n session: false,\n },\n (email: string, password: string, done: any) => {\n return getService('auth')\n .checkCredentials({ email: toLower(email), password })\n .then(async ([error, user, message]) => {\n if (middleware) {\n return middleware([error, user, message], done);\n }\n\n return done(error, user, message);\n })\n .catch((error) => done(error));\n }\n );\n};\n\nexport default createLocalStrategy;\n","import passport from 'koa-passport';\nimport type { Strategy } from 'passport-local';\nimport { isFunction } from 'lodash/fp';\n\nimport createLocalStrategy from './passport/local-strategy';\n\nconst authEventsMapper = {\n onConnectionSuccess: 'admin.auth.success',\n onConnectionError: 'admin.auth.error',\n};\n\nconst valueIsFunctionType = ([, value]: [any, any]) => isFunction(value);\nconst keyIsValidEventName = ([key]: any) => {\n return Object.keys(strapi.service('admin::passport').authEventsMapper).includes(key);\n};\n\nconst getPassportStrategies = () => [createLocalStrategy(strapi)] as Strategy[];\n\nconst registerAuthEvents = () => {\n // @ts-expect-error - TODO: migrate auth service to TS\n const { events = {} } = strapi.config.get('admin.auth', {});\n const { authEventsMapper } = strapi.service('admin::passport');\n\n const eventList = Object.entries(events).filter(keyIsValidEventName).filter(valueIsFunctionType);\n\n for (const [eventName, handler] of eventList) {\n // TODO - TS: ensure the handler is an EventHub.Listener\n strapi.eventHub.on(authEventsMapper[eventName], handler as any);\n }\n};\n\nconst init = () => {\n strapi\n .service('admin::passport')\n .getPassportStrategies()\n .forEach((strategy: Strategy) => passport.use(strategy));\n\n registerAuthEvents();\n\n return passport.initialize();\n};\n\nexport default { init, getPassportStrategies, authEventsMapper };\n","import type { Core } from '@strapi/types';\nimport { getService } from '../utils';\n\nconst sendDidInviteUser = async () => {\n const numberOfUsers = await getService('user').count();\n const numberOfRoles = await getService('role').count();\n strapi.telemetry.send('didInviteUser', {\n groupProperties: { numberOfRoles, numberOfUsers },\n });\n};\n\nconst sendDidUpdateRolePermissions = async () => {\n strapi.telemetry.send('didUpdateRolePermissions');\n};\n\nconst sendDidChangeInterfaceLanguage = async () => {\n const languagesInUse = await getService('user').getLanguagesInUse();\n // This event is anonymous\n strapi.telemetry.send('didChangeInterfaceLanguage', { userProperties: { languagesInUse } });\n};\n\nconst sendUpdateProjectInformation = async (strapi: Core.Strapi) => {\n const numberOfActiveAdminUsers = await getService('user').count({ isActive: true });\n const numberOfAdminUsers = await getService('user').count();\n\n strapi.telemetry.send('didUpdateProjectInformation', {\n groupProperties: { numberOfActiveAdminUsers, numberOfAdminUsers },\n });\n};\n\nconst startCron = (strapi: Core.Strapi) => {\n strapi.cron.add({\n '0 0 0 * ': () => sendUpdateProjectInformation(strapi),\n });\n};\n\nexport default {\n sendDidInviteUser,\n sendDidUpdateRolePermissions,\n sendDidChangeInterfaceLanguage,\n sendUpdateProjectInformation,\n startCron,\n};\n","import crypto from 'crypto';\nimport _ from 'lodash';\nimport jwt from 'jsonwebtoken';\nimport type { AdminUser } from '../../../shared/contracts/shared';\n\nconst defaultJwtOptions = { expiresIn: '30d' };\n\nexport type TokenOptions = {\n expiresIn?: string;\n [key: string]: unknown;\n};\n\nexport type TokenPayload = {\n id: AdminUser['id'];\n};\n\nexport type AdminAuthConfig = {\n secret: string;\n options: TokenOptions;\n};\n\nconst getTokenOptions = () => {\n const { options, secret } = strapi.config.get<AdminAuthConfig>(\n 'admin.auth',\n {} as AdminAuthConfig\n );\n\n return {\n secret,\n options: _.merge(defaultJwtOptions, options),\n };\n};\n\n/\n Create a random token\n /\nconst createToken = (): string => {\n return crypto.randomBytes(20).toString('hex');\n};\n\n/\n Creates a JWT token for an administration user\n * @param user - admin user\n /\nconst createJwtToken = (user: { id: AdminUser['id'] }) => {\n const { options, secret } = getTokenOptions();\n\n return jwt.sign({ id: user.id }, secret, options);\n};\n\n/\n Tries to decode a token an return its payload and if it is valid\n * @param token - a token to decode\n * @return decodeInfo - the decoded info\n /\nconst decodeJwtToken = (\n token: string\n): { payload: TokenPayload; isValid: true } \| { payload: null; isValid: false } => {\n const { secret } = getTokenOptions();\n\n try {\n const payload = jwt.verify(token, secret) as TokenPayload;\n return { payload, isValid: true };\n } catch (err) {\n return { payload: null, isValid: false };\n }\n};\n\nconst checkSecretIsDefined = () => {\n if (strapi.config.get('admin.serveAdminPanel') && !strapi.config.get('admin.auth.secret')) {\n throw new Error(\n `Missing auth.secret. Please set auth.secret in config/admin.js (ex: you can generate one using Node with \\`crypto.randomBytes(16).toString('base64')\\`).\nFor security reasons, prefer storing the secret in an environment variable and read it in config/admin.js. See https://docs.strapi.io/developer-docs/latest/setup-deployment-guides/configurations/optional/environment.html#configuration-using-environment-variables.`\n );\n }\n};\n\nexport { createToken, createJwtToken, getTokenOptions, decodeJwtToken, checkSecretIsDefined };\n","import { yup, validateYupSchemaSync } from '@strapi/utils';\nimport validators from './common-validators';\n\nconst registerProviderActionSchema = yup\n .array()\n .required()\n .of(\n yup\n .object()\n .shape({\n uid: yup\n .string()\n .matches(\n /^[a-z]([a-z\|.\|-]+)[a-z]$/,\n (v) => `${v.path}: The id can only contain lowercase letters, dots and hyphens.`\n )\n .required(),\n section: yup.string().oneOf(['contentTypes', 'plugins', 'settings', 'internal']).required(),\n pluginName: yup.mixed().when('section', {\n is: 'plugins',\n then: validators.isAPluginName.required(),\n otherwise: validators.isAPluginName,\n }),\n subjects: yup.mixed().when('section', {\n is: 'contentTypes',\n then: yup.array().of(yup.string()).required(),\n otherwise: yup\n .mixed()\n .oneOf([undefined], 'subjects should only be defined for the \"contentTypes\" section'),\n }),\n displayName: yup.string().required(),\n category: yup.mixed().when('section', {\n is: 'settings',\n then: yup.string().required(),\n otherwise: yup\n .mixed()\n .test(\n 'settingsCategory',\n 'category should only be defined for the \"settings\" section',\n (cat) => cat === undefined\n ),\n }),\n subCategory: yup.mixed().when('section', {\n is: (section: any) => ['settings', 'plugins'].includes(section),\n then: yup.string(),\n otherwise: yup\n .mixed()\n .test(\n 'settingsSubCategory',\n 'subCategory should only be defined for \"plugins\" and \"settings\" sections',\n (subCat) => {\n return subCat === undefined;\n }\n ),\n }),\n options: yup.object({\n applyToProperties: yup.array().of(yup.string()),\n }),\n aliases: yup\n .array(\n yup.object({\n actionId: yup.string(),\n subjects: yup.array(yup.string()).nullable(),\n })\n )\n .nullable(),\n })\n .noUnknown()\n );\n\nexport const validateRegisterProviderAction = validateYupSchemaSync(registerProviderActionSchema);\n\nexport default {\n validateRegisterProviderAction,\n};\n","import { providerFactory, hooks, errors } from '@strapi/utils';\nimport { validateRegisterProviderAction } from '../../validation/action-provider';\n\nimport domain from './index';\nimport type { Action, CreateActionPayload } from './index';\nimport type { Permission } from '../../../../shared/contracts/shared';\n\ntype Options = Parameters<typeof providerFactory>['0'];\n\nconst { ApplicationError } = errors;\n\n/\n Creates a new instance of an action provider\n /\nconst createActionProvider = (options?: Options) => {\n const provider = providerFactory<Action>(options);\n const actionHooks = {\n appliesPropertyToSubject: hooks.createAsyncParallelHook(),\n };\n\n return {\n ...provider,\n\n hooks: {\n ...provider.hooks,\n ...actionHooks,\n },\n\n async register(actionAttributes: CreateActionPayload) {\n if (strapi.isLoaded) {\n throw new Error(`You can't register new actions outside of the bootstrap function.`);\n }\n\n validateRegisterProviderAction([actionAttributes]);\n\n const action = domain.create(actionAttributes);\n\n return provider.register(action.actionId, action);\n },\n\n async registerMany(actionsAttributes: CreateActionPayload[]) {\n validateRegisterProviderAction(actionsAttributes);\n\n for (const attributes of actionsAttributes) {\n await this.register(attributes);\n }\n\n return this;\n },\n\n async appliesToProperty(property: string, actionId: string, subject: Permission['subject']) {\n const action = provider.get(actionId) as Action \| undefined;\n if (!action) {\n throw new ApplicationError(`No action found with id \"${actionId}\"`);\n }\n\n const appliesToAction = domain.appliesToProperty(property, action);\n\n // If the property isn't valid for this action, ignore the rest of the checks\n if (!appliesToAction) {\n return false;\n }\n\n // If the property is valid for this action and there isn't any subject\n if (!subject) {\n return true;\n }\n\n // If the property is valid for this action and the subject is not handled by the action\n if (!domain.appliesToSubject(subject, action)) {\n return false;\n }\n\n const results = await actionHooks.appliesPropertyToSubject.call({\n property,\n action,\n subject,\n });\n\n return results.every((result) => result !== false);\n },\n\n /\n @experimental\n /\n unstable_aliases(actionId: string, subject?: string \| null): string[] {\n const isRegistered = this.has(actionId);\n\n if (!isRegistered) {\n return [];\n }\n\n return this.values()\n .filter((action) =>\n action.aliases?.some((alias) => {\n // Only look at alias with the correct actionId\n if (alias.actionId !== actionId) {\n return false;\n }\n\n // If the alias don't have a list of required subjects, keep it\n if (!Array.isArray(alias.subjects)) {\n return true;\n }\n\n // If the alias require specific subjects but none is provided, skip it\n if (!subject) {\n return false;\n }\n\n // Else, make sure the given subject is allowed\n return alias.subjects.includes(subject);\n })\n )\n .map((action) => action.actionId);\n },\n };\n};\n\nexport default createActionProvider;\n","import { pipe, merge, set, pick } from 'lodash/fp';\n\nexport type Condition = {\n id: string;\n displayName: string;\n name: string;\n plugin?: string;\n category?: string;\n /\n The handler of a {@link Condition}\n /\n handler: (user: object, options: object) => object \| boolean;\n};\n\n/\n Set of attributes used to create a new {@link Action} object\n /\nexport type CreateConditionPayload = Omit<Condition, 'id'>;\n\nconst DEFAULT_CATEGORY = 'default';\n\n/\n Get the default value used for every condition\n * @return {Condition}\n /\nexport const getDefaultConditionAttributes = () => ({\n category: DEFAULT_CATEGORY,\n});\n\n/\n Get the list of all the valid attributes of a {@link Condition}\n * @return {string[]}\n /\nexport const conditionFields = ['id', 'displayName', 'handler', 'plugin', 'category'] as const;\n\n/\n Remove unwanted attributes from a {@link Condition}\n /\nexport const sanitizeConditionAttributes = pick(conditionFields);\n\nexport const computeConditionId = (condition: CreateConditionPayload) => {\n const { name, plugin } = condition;\n\n if (!plugin) {\n return `api::${name}`;\n }\n\n if (plugin === 'admin') {\n return `admin::${name}`;\n }\n\n return `plugin::${plugin}.${name}`;\n};\n\n/\n Assign an id attribute to a {@link CreateConditionPayload} object\n * @param attrs - Payload used to create a condition\n /\nexport const assignConditionId = (attrs: CreateConditionPayload): Condition => {\n const condition = set('id', computeConditionId(attrs), attrs) as CreateConditionPayload & {\n id: string;\n };\n return condition;\n};\n\n/\n Transform the given attributes into a domain representation of a Condition\n * @param payload - The condition payload containing the attributes needed to create a {@link Condition}\n /\nexport const create = pipe(\n assignConditionId,\n sanitizeConditionAttributes,\n merge(getDefaultConditionAttributes())\n) as (payload: CreateConditionPayload) => Condition;\n\nexport default {\n assignConditionId,\n computeConditionId,\n conditionFields,\n create,\n getDefaultConditionAttributes,\n sanitizeConditionAttributes,\n};\n","import { providerFactory } from '@strapi/utils';\nimport domain from '.';\nimport type { CreateConditionPayload } from '.';\n\n/\n @typedef ConditionProviderOverride\n * @property {function(CreateConditionPayload)} register\n * @property {function(attributes CreateConditionPayload[]): Promise<this>} registerMany\n /\n\n/\n Creates a new instance of a condition provider\n * @return {Provider & ConditionProviderOverride}\n /\nconst createConditionProvider = () => {\n const provider = providerFactory();\n\n return {\n ...provider,\n\n async register(conditionAttributes: CreateConditionPayload) {\n if (strapi.isLoaded) {\n throw new Error(`You can't register new conditions outside of the bootstrap function.`);\n }\n\n const condition = domain.create(conditionAttributes);\n\n return provider.register(condition.id, condition);\n },\n\n async registerMany(conditionsAttributes: CreateConditionPayload[]) {\n for (const attributes of conditionsAttributes) {\n await this.register(attributes);\n }\n\n return this;\n },\n };\n};\n\nexport default createConditionProvider;\n","import { subject as asSubject, detectSubjectType } from '@casl/ability';\nimport { permittedFieldsOf } from '@casl/ability/extra';\nimport {\n defaults,\n omit,\n isArray,\n isEmpty,\n isNil,\n flatMap,\n some,\n prop,\n uniq,\n intersection,\n pick,\n getOr,\n isObject,\n cloneDeep,\n} from 'lodash/fp';\n\nimport type { UID } from '@strapi/types';\n\nimport { contentTypes, traverseEntity, sanitize, async, traverse } from '@strapi/utils';\nimport { ADMIN_USER_ALLOWED_FIELDS } from '../../../domain/user';\n\nconst {\n visitors: { removePassword, expandWildcardPopulate },\n} = sanitize;\n\nconst {\n constants,\n isScalarAttribute,\n getNonVisibleAttributes,\n getNonWritableAttributes,\n getWritableAttributes,\n} = contentTypes;\nconst {\n ID_ATTRIBUTE,\n DOC_ID_ATTRIBUTE,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n PUBLISHED_AT_ATTRIBUTE,\n CREATED_BY_ATTRIBUTE,\n UPDATED_BY_ATTRIBUTE,\n} = constants;\n\nconst COMPONENT_FIELDS = ['__component'];\nconst STATIC_FIELDS = [ID_ATTRIBUTE, DOC_ID_ATTRIBUTE];\n\nexport default ({ action, ability, model }: any) => {\n const schema = strapi.getModel(model);\n\n const { removeDisallowedFields } = sanitize.visitors;\n\n const ctx = {\n schema,\n getModel: strapi.getModel.bind(strapi),\n };\n\n const createSanitizeQuery = (options = {} as any) => {\n const { fields } = options;\n\n // TODO: sanitize relations to admin users in all sanitizers\n const permittedFields = fields.shouldIncludeAll ? null : getQueryFields(fields.permitted);\n\n const sanitizeFilters = async.pipe(\n traverse.traverseQueryFilters(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryFilters(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQueryFilters(omitHiddenFields, ctx),\n traverse.traverseQueryFilters(removePassword, ctx),\n traverse.traverseQueryFilters(({ key, value }, { remove }) => {\n if (isObject(value) && isEmpty(value)) {\n remove(key);\n }\n }, ctx)\n );\n\n const sanitizeSort = async.pipe(\n traverse.traverseQuerySort(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQuerySort(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQuerySort(omitHiddenFields, ctx),\n traverse.traverseQuerySort(removePassword, ctx),\n traverse.traverseQuerySort(({ key, attribute, value }, { remove }) => {\n if (!isScalarAttribute(attribute) && isEmpty(value)) {\n remove(key);\n }\n }, ctx)\n );\n\n const sanitizePopulate = async.pipe(\n traverse.traverseQueryPopulate(expandWildcardPopulate, ctx),\n traverse.traverseQueryPopulate(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryPopulate(omitDisallowedAdminUserFields, ctx),\n traverse.traverseQueryPopulate(omitHiddenFields, ctx),\n traverse.traverseQueryPopulate(removePassword, ctx)\n );\n\n const sanitizeFields = async.pipe(\n traverse.traverseQueryFields(removeDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryFields(omitHiddenFields, ctx),\n traverse.traverseQueryFields(removePassword, ctx)\n );\n\n return async (query: any) => {\n const sanitizedQuery = cloneDeep(query);\n\n if (query.filters) {\n Object.assign(sanitizedQuery, { filters: await sanitizeFilters(query.filters) });\n }\n\n if (query.sort) {\n Object.assign(sanitizedQuery, { sort: await sanitizeSort(query.sort) });\n }\n\n if (query.populate) {\n Object.assign(sanitizedQuery, { populate: await sanitizePopulate(query.populate) });\n }\n\n if (query.fields) {\n Object.assign(sanitizedQuery, { fields: await sanitizeFields(query.fields) });\n }\n\n return sanitizedQuery;\n };\n };\n\n const createSanitizeOutput = (options = {} as any) => {\n const { fields } = options;\n\n const permittedFields = fields.shouldIncludeAll ? null : getOutputFields(fields.permitted);\n\n return async.pipe(\n // Remove fields hidden from the admin\n traverseEntity(omitHiddenFields, ctx),\n // Remove unallowed fields from admin::user relations\n traverseEntity(pickAllowedAdminUserFields, ctx),\n // Remove not allowed fields (RBAC)\n traverseEntity(removeDisallowedFields(permittedFields), ctx),\n // Remove all fields of type 'password'\n sanitize.sanitizers.sanitizePasswords({\n schema,\n getModel(uid: string) {\n return strapi.getModel(uid as UID.Schema);\n },\n })\n );\n };\n\n const createSanitizeInput = (options = {} as any) => {\n const { fields } = options;\n\n const permittedFields = fields.shouldIncludeAll ? null : getInputFields(fields.permitted);\n\n return async.pipe(\n // Remove fields hidden from the admin\n traverseEntity(omitHiddenFields, ctx),\n // Remove not allowed fields (RBAC)\n traverseEntity(removeDisallowedFields(permittedFields), ctx),\n // Remove roles from createdBy & updatedBy fields\n omitCreatorRoles\n );\n };\n\n const wrapSanitize = (createSanitizeFunction: any) => {\n // TODO\n // @ts-expect-error define the correct return type\n const wrappedSanitize = async (data: unknown, options = {} as any) => {\n if (isArray(data)) {\n return Promise.all(data.map((entity: unknown) => wrappedSanitize(entity, options)));\n }\n\n const { subject, action: actionOverride } = getDefaultOptions(data, options);\n\n const permittedFields = permittedFieldsOf(ability, actionOverride, subject, {\n fieldsFrom: (rule) => rule.fields \|\| [],\n });\n\n const hasAtLeastOneRegistered = some(\n (fields) => !isNil(fields),\n flatMap(prop('fields'), ability.rulesFor(actionOverride, detectSubjectType(subject)))\n );\n const shouldIncludeAllFields = isEmpty(permittedFields) && !hasAtLeastOneRegistered;\n\n const sanitizeOptions = {\n ...options,\n fields: {\n shouldIncludeAll: shouldIncludeAllFields,\n permitted: permittedFields,\n hasAtLeastOneRegistered,\n },\n };\n\n const sanitizeFunction = createSanitizeFunction(sanitizeOptions);\n\n return sanitizeFunction(data);\n };\n\n return wrappedSanitize;\n };\n\n const getDefaultOptions = (data: any, options: unknown) => {\n return defaults({ subject: asSubject(model, data), action }, options);\n };\n\n /\n Omit creator fields' (createdBy & updatedBy) roles from the admin API responses\n /\n const omitCreatorRoles = omit([`${CREATED_BY_ATTRIBUTE}.roles`, `${UPDATED_BY_ATTRIBUTE}.roles`]);\n\n /\n Visitor used to remove hidden fields from the admin API responses\n /\n const omitHiddenFields = ({ key, schema }: any, { remove }: any) => {\n const isHidden = getOr(false, ['config', 'attributes', key, 'hidden'], schema);\n\n if (isHidden) {\n remove(key);\n }\n };\n\n /\n Visitor used to only select needed fields from the admin users entities & avoid leaking sensitive information\n /\n const pickAllowedAdminUserFields = ({ attribute, key, value }: any, { set }: any) => {\n const pickAllowedFields = pick(ADMIN_USER_ALLOWED_FIELDS);\n if (!attribute) {\n return;\n }\n\n if (attribute.type === 'relation' && attribute.target === 'admin::user' && value) {\n if (Array.isArray(value)) {\n set(key, value.map(pickAllowedFields));\n } else {\n set(key, pickAllowedFields(value));\n }\n }\n };\n\n /\n Visitor used to omit disallowed fields from the admin users entities & avoid leaking sensitive information\n /\n const omitDisallowedAdminUserFields = ({ key, attribute, schema }: any, { remove }: any) => {\n if (schema.uid === 'admin::user' && attribute && !ADMIN_USER_ALLOWED_FIELDS.includes(key)) {\n remove(key);\n }\n };\n\n const getInputFields = (fields = []) => {\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n const writableAttributes = getWritableAttributes(schema);\n\n const nonVisibleWritableAttributes = intersection(nonVisibleAttributes, writableAttributes);\n\n return uniq([...fields, ...COMPONENT_FIELDS, ...nonVisibleWritableAttributes]);\n };\n\n const getOutputFields = (fields = []) => {\n const nonWritableAttributes = getNonWritableAttributes(schema);\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n\n return uniq([\n ...fields,\n ...STATIC_FIELDS,\n ...COMPONENT_FIELDS,\n ...nonWritableAttributes,\n ...nonVisibleAttributes,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n ]);\n };\n\n const getQueryFields = (fields = []) => {\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n const writableAttributes = getWritableAttributes(schema);\n\n const nonVisibleWritableAttributes = intersection(nonVisibleAttributes, writableAttributes);\n\n return uniq([\n ...fields,\n ...STATIC_FIELDS,\n ...COMPONENT_FIELDS,\n ...nonVisibleWritableAttributes,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n PUBLISHED_AT_ATTRIBUTE,\n CREATED_BY_ATTRIBUTE,\n UPDATED_BY_ATTRIBUTE,\n ]);\n };\n\n return {\n sanitizeOutput: wrapSanitize(createSanitizeOutput),\n sanitizeInput: wrapSanitize(createSanitizeInput),\n sanitizeQuery: wrapSanitize(createSanitizeQuery),\n };\n};\n","import { subject as asSubject, detectSubjectType } from '@casl/ability';\nimport { permittedFieldsOf } from '@casl/ability/extra';\nimport {\n defaults,\n omit,\n isArray,\n isEmpty,\n isNil,\n flatMap,\n some,\n prop,\n uniq,\n intersection,\n getOr,\n isObject,\n} from 'lodash/fp';\n\nimport { contentTypes, traverseEntity, traverse, validate, async, errors } from '@strapi/utils';\nimport { ADMIN_USER_ALLOWED_FIELDS } from '../../../domain/user';\n\nconst { ValidationError } = errors;\nconst { throwPassword, throwDisallowedFields } = validate.visitors;\n\nconst { constants, isScalarAttribute, getNonVisibleAttributes, getWritableAttributes } =\n contentTypes;\nconst {\n ID_ATTRIBUTE,\n DOC_ID_ATTRIBUTE,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n PUBLISHED_AT_ATTRIBUTE,\n CREATED_BY_ATTRIBUTE,\n UPDATED_BY_ATTRIBUTE,\n} = constants;\n\nconst COMPONENT_FIELDS = ['__component'];\n\nconst STATIC_FIELDS = [ID_ATTRIBUTE, DOC_ID_ATTRIBUTE];\n\nconst throwInvalidKey = ({ key, path }: { key: string; path?: string \| null }) => {\n const msg = path && path !== key ? `Invalid key ${key} at ${path}` : `Invalid key ${key}`;\n\n throw new ValidationError(msg);\n};\n\nexport default ({ action, ability, model }: any) => {\n const schema = strapi.getModel(model);\n\n const ctx = {\n schema,\n getModel: strapi.getModel.bind(strapi),\n };\n\n const createValidateQuery = (options = {} as any) => {\n const { fields } = options;\n\n // TODO: validate relations to admin users in all validators\n const permittedFields = fields.shouldIncludeAll ? null : getQueryFields(fields.permitted);\n\n const validateFilters = async.pipe(\n traverse.traverseQueryFilters(throwDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryFilters(throwDisallowedAdminUserFields, ctx),\n traverse.traverseQueryFilters(throwPassword, ctx),\n traverse.traverseQueryFilters(({ key, value, path }) => {\n if (isObject(value) && isEmpty(value)) {\n throwInvalidKey({ key, path: path.attribute });\n }\n }, ctx)\n );\n\n const validateSort = async.pipe(\n traverse.traverseQuerySort(throwDisallowedFields(permittedFields), ctx),\n traverse.traverseQuerySort(throwDisallowedAdminUserFields, ctx),\n traverse.traverseQuerySort(throwPassword, ctx),\n traverse.traverseQuerySort(({ key, attribute, value, path }) => {\n if (!isScalarAttribute(attribute) && isEmpty(value)) {\n throwInvalidKey({ key, path: path.attribute });\n }\n }, ctx)\n );\n\n const validateFields = async.pipe(\n traverse.traverseQueryFields(throwDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryFields(throwPassword, ctx)\n );\n\n const validatePopulate = async.pipe(\n traverse.traverseQueryPopulate(throwDisallowedFields(permittedFields), ctx),\n traverse.traverseQueryPopulate(throwDisallowedAdminUserFields, ctx),\n traverse.traverseQueryPopulate(throwHiddenFields, ctx),\n traverse.traverseQueryPopulate(throwPassword, ctx)\n );\n\n return async (query: any) => {\n if (query.filters) {\n await validateFilters(query.filters);\n }\n\n if (query.sort) {\n await validateSort(query.sort);\n }\n\n if (query.fields) {\n await validateFields(query.fields);\n }\n\n // a wildcard is always valid; its conversion will be handled by the entity service and can be optimized with sanitizer\n if (query.populate && query.populate !== '') {\n await validatePopulate(query.populate);\n }\n\n return true;\n };\n };\n\n const createValidateInput = (options = {} as any) => {\n const { fields } = options;\n\n const permittedFields = fields.shouldIncludeAll ? null : getInputFields(fields.permitted);\n\n return async.pipe(\n // Remove fields hidden from the admin\n traverseEntity(throwHiddenFields, ctx),\n // Remove not allowed fields (RBAC)\n traverseEntity(throwDisallowedFields(permittedFields), ctx),\n // Remove roles from createdBy & updatedBy fields\n omitCreatorRoles\n );\n };\n\n const wrapValidate = (createValidateFunction: any) => {\n // TODO\n // @ts-expect-error define the correct return type\n const wrappedValidate = async (data, options = {}): Promise<unknown> => {\n if (isArray(data)) {\n return Promise.all(data.map((entity: unknown) => wrappedValidate(entity, options)));\n }\n\n const { subject, action: actionOverride } = getDefaultOptions(data, options);\n\n const permittedFields = permittedFieldsOf(ability, actionOverride, subject, {\n fieldsFrom: (rule) => rule.fields \|\| [],\n });\n\n const hasAtLeastOneRegistered = some(\n (fields) => !isNil(fields),\n flatMap(prop('fields'), ability.rulesFor(actionOverride, detectSubjectType(subject)))\n );\n const shouldIncludeAllFields = isEmpty(permittedFields) && !hasAtLeastOneRegistered;\n\n const validateOptions = {\n ...options,\n fields: {\n shouldIncludeAll: shouldIncludeAllFields,\n permitted: permittedFields,\n hasAtLeastOneRegistered,\n },\n };\n\n const validateFunction = createValidateFunction(validateOptions);\n\n return validateFunction(data);\n };\n\n return wrappedValidate;\n };\n\n const getDefaultOptions = (data: any, options: unknown) => {\n return defaults({ subject: asSubject(model, data), action }, options);\n };\n\n /*\n Omit creator fields' (createdBy & updatedBy) roles from the admin API responses\n /\n const omitCreatorRoles = omit([`${CREATED_BY_ATTRIBUTE}.roles`, `${UPDATED_BY_ATTRIBUTE}.roles`]);\n\n /\n Visitor used to remove hidden fields from the admin API responses\n /\n const throwHiddenFields = ({ key, schema, path }: any) => {\n const isHidden = getOr(false, ['config', 'attributes', key, 'hidden'], schema);\n\n if (isHidden) {\n throwInvalidKey({ key, path: path.attribute });\n }\n };\n\n /\n Visitor used to omit disallowed fields from the admin users entities & avoid leaking sensitive information\n /\n const throwDisallowedAdminUserFields = ({ key, attribute, schema, path }: any) => {\n if (schema.uid === 'admin::user' && attribute && !ADMIN_USER_ALLOWED_FIELDS.includes(key)) {\n throwInvalidKey({ key, path: path.attribute });\n }\n };\n\n const getInputFields = (fields = []) => {\n const nonVisibleAttributes = getNonVisibleAttributes(schema);\n const writableAttributes = getWritableAttributes(schema);\n\n const nonVisibleWritableAttributes = intersection(nonVisibleAttributes, writableAttributes);\n\n return uniq([...fields, ...COMPONENT_FIELDS, ...nonVisibleWritableAttributes]);\n };\n\n const getQueryFields = (fields = []) => {\n return uniq([\n ...fields,\n ...STATIC_FIELDS,\n ...COMPONENT_FIELDS,\n CREATED_AT_ATTRIBUTE,\n UPDATED_AT_ATTRIBUTE,\n PUBLISHED_AT_ATTRIBUTE,\n ]);\n };\n\n return {\n validateQuery: wrapValidate(createValidateQuery),\n validateInput: wrapValidate(createValidateInput),\n };\n};\n","// TODO: migration\nimport _ from 'lodash';\nimport { rulesToQuery } from '@casl/ability/extra';\n\nconst operatorsMap = {\n $in: '$in',\n $nin: '$notIn',\n $exists: '$notNull',\n $gte: '$gte',\n $gt: '$gt',\n $lte: '$lte',\n $lt: '$lt',\n $eq: '$eq',\n $ne: '$ne',\n $and: '$and',\n $or: '$or',\n $not: '$not',\n} as const;\n\nconst mapKey = (key: keyof typeof operatorsMap) => {\n if (_.isString(key) && key.startsWith('$') && key in operatorsMap) {\n return operatorsMap[key];\n }\n return key;\n};\n\nconst buildCaslQuery = (ability: unknown, action: unknown, model: unknown) => {\n // @ts-expect-error casl types\n return rulesToQuery(ability, action, model, (o) => o.conditions);\n};\n\nconst buildStrapiQuery = (caslQuery: unknown) => {\n return unwrapDeep(caslQuery);\n};\n\nconst unwrapDeep = (obj: any): unknown => {\n if (!_.isPlainObject(obj) && !_.isArray(obj)) {\n return obj;\n }\n if (_.isArray(obj)) {\n return obj.map((v: unknown) => unwrapDeep(v));\n }\n\n return _.reduce(\n obj,\n (acc, v, k: any) => {\n const key = mapKey(k);\n\n if (_.isPlainObject(v)) {\n if ('$elemMatch' in v) {\n _.setWith(acc, key, unwrapDeep(v.$elemMatch));\n } else {\n _.setWith(acc, key, unwrapDeep(v));\n }\n } else if (_.isArray(v)) {\n // prettier-ignore\n _.setWith(acc, key, v.map(v => unwrapDeep(v)));\n } else {\n _.setWith(acc, key, v);\n }\n\n return acc;\n },\n {}\n );\n};\n\nexport { buildCaslQuery, buildStrapiQuery };\n","import _ from 'lodash';\nimport { cloneDeep, isPlainObject } from 'lodash/fp';\nimport { subject as asSubject } from '@casl/ability';\nimport createSanitizeHelpers from './sanitize';\nimport createValidateHelpers from './validate';\n\nimport { buildStrapiQuery, buildCaslQuery } from './query-builders';\n\nexport default ({ ability, action, model }: any) => ({\n ability,\n action,\n model,\n\n get isAllowed(): unknown {\n return this.ability.can(action, model);\n },\n\n toSubject(target: any, subjectType = model) {\n return asSubject(subjectType, target);\n },\n\n pickPermittedFieldsOf(data: unknown, options = {}) {\n return this.sanitizeInput(data, options);\n },\n\n getQuery(queryAction = action) {\n if (_.isUndefined(queryAction)) {\n throw new Error('Action must be defined to build a permission query');\n }\n\n return buildStrapiQuery(buildCaslQuery(ability, queryAction, model));\n },\n\n // eslint-disable-next-line @typescript-eslint/default-param-last\n addPermissionsQueryTo(query = {} as any, action: unknown) {\n const newQuery = cloneDeep(query);\n const permissionQuery = this.getQuery(action) ?? undefined;\n\n if (isPlainObject(query.filters)) {\n newQuery.filters = permissionQuery\n ? { $and: [query.filters, permissionQuery] }\n : query.filters;\n } else {\n newQuery.filters = permissionQuery;\n }\n\n return newQuery;\n },\n\n ...createSanitizeHelpers({ action, ability, model }),\n ...createValidateHelpers({ action, ability, model }),\n});\n","import { curry, isArray, isEmpty, difference } from 'lodash/fp';\nimport permissions, { type engine } from '@strapi/permissions';\nimport type { Ability } from '@casl/ability';\nimport permissionDomain from '../../domain/permission';\nimport { getService } from '../../utils';\nimport { Action } from '../../domain/action';\nimport type { AdminUser, Permission } from '../../../../shared/contracts/shared';\n\nexport default (params: { providers: engine.EngineParams['providers'] }) => {\n const { providers } = params;\n\n const engine = permissions.engine\n .new({ providers })\n /\n Validate the permission's action exists in the action registry\n /\n .on('before-format::validate.permission', ({ permission }) => {\n const action = providers.action.get(permission.action);\n\n // If the action isn't registered into the action provider, then ignore the permission\n if (!action) {\n strapi.log.debug(\n `Unknown action \"${permission.action}\" supplied when registering a new permission in engine`\n );\n return false;\n }\n })\n\n /\n Remove invalid properties from the permission based on the action (applyToProperties)\n /\n .on('format.permission', (permission: Permission) => {\n const action = providers.action.get(permission.action) as Action;\n const properties = permission.properties \|\| {};\n\n // Only keep the properties allowed by the action (action.applyToProperties)\n const propertiesName = Object.keys(properties);\n const invalidProperties = difference(\n propertiesName,\n // @ts-expect-error - applyToProperties is defined inside the options of an action\n action.applyToProperties \|\| propertiesName\n );\n\n const permissionWithSanitizedProperties = invalidProperties.reduce(\n // @ts-expect-error - fix reduce, property should be a string but it's actually the permission object\n (property) => permissionDomain.deleteProperty(property, permission) as Permission,\n permission\n );\n\n return permissionWithSanitizedProperties;\n })\n\n /\n Ignore the permission if the fields property is an empty array (access to no field)\n /\n .on('after-format::validate.permission', ({ permission }) => {\n const { fields } = permission.properties;\n\n if (isArray(fields) && isEmpty(fields)) {\n return false;\n }\n });\n\n return {\n get hooks() {\n return engine.hooks;\n },\n\n /\n Generate an ability based on the given user (using associated roles & permissions)\n * @param user\n /\n async generateUserAbility(user: AdminUser): Promise<Ability> {\n const permissions = (await getService('permission').findUserPermissions(user)) as any;\n\n return engine.generateAbility(permissions, user);\n },\n\n /\n Check many permissions based on an ability\n /\n checkMany: curry((ability: Ability, permissions: Permission[]) => {\n // @ts-expect-error - Permissions does not contain any field property\n return permissions.map(({ action, subject, field }) => ability.can(action, subject, field));\n }),\n };\n};\n","import { eq } from 'lodash/fp';\nimport { hooks } from '@strapi/utils';\nimport type { Action } from '../../../domain/action';\n\nexport type SectionOptions = {\n initialStateFactory?: (...args: any) => unknown; // A factory function that returns the default shape of the section\n handlers?: ((...args: any) => unknown)[]; // An initial collection of handlers which will be registered in the handlers hook\n matchers?: ((...args: any) => unknown)[]; // An initial collection of matchers which will be registered in the matchers hook\n};\n\nconst emptyObjectFactory = () => ({});\n\n/\n Upon call, creates a new section object\n /\nconst createSection = (\n { initialStateFactory = emptyObjectFactory, handlers = [], matchers = [] } = {} as SectionOptions\n) => {\n const state = {\n hooks: {\n handlers: hooks.createAsyncSeriesHook(),\n matchers: hooks.createAsyncParallelHook(),\n },\n };\n\n // Register initial hooks\n handlers.forEach((handler) => state.hooks.handlers.register(handler));\n matchers.forEach((matcher) => state.hooks.matchers.register(matcher));\n\n return {\n hooks: state.hooks,\n\n /\n Verifies if an action can be applied to the section by running the matchers hook.\n * If any of the registered matcher functions returns true, then the condition applies.\n /\n async appliesToAction(action: Action): Promise<boolean> {\n const results = await state.hooks.matchers.call(action);\n\n return results.some(eq(true));\n },\n\n /\n Init, build and returns a section object based on the given actions\n * @param actions - A list of actions used to populate the section\n /\n async build(actions = [] as Action[]) {\n const section = initialStateFactory();\n\n for (const action of actions) {\n const applies = await this.appliesToAction(action);\n\n if (applies) {\n await state.hooks.handlers.call({ action, section });\n }\n }\n\n return section;\n },\n };\n};\n\nexport default createSection;\n","import { Action } from '../../../domain/action';\nimport createSection, { SectionOptions } from './section';\n\n/\n Create a new section builder with its own sections registry\n /\nconst createSectionBuilder = () => {\n const state = {\n sections: new Map(),\n };\n\n return {\n /\n Create & add a section to the builder's registry\n * @param sectionName - The unique name of the section\n * @param options - The options used to build a {@link Section}\n /\n createSection(sectionName: string, options: SectionOptions) {\n const section = createSection(options);\n\n state.sections.set(sectionName, section);\n\n return this;\n },\n\n /\n Removes a section from the builder's registry using its unique name\n * @param sectionName - The name of the section to delete\n /\n deleteSection(sectionName: string) {\n state.sections.delete(sectionName);\n\n return this;\n },\n\n /\n Register a handler function for a given section\n * @param sectionName - The name of the section\n * @param handler - The handler to register\n /\n addHandler(sectionName: string, handler: () => unknown) {\n if (state.sections.has(sectionName)) {\n state.sections.get(sectionName).hooks.handlers.register(handler);\n }\n\n return this;\n },\n\n /\n Register a matcher function for a given section\n * @param sectionName - The name of the section\n * @param matcher - The handler to register\n\n /\n addMatcher(sectionName: string, matcher: () => unknown) {\n if (state.sections.has(sectionName)) {\n state.sections.get(sectionName).hooks.matchers.register(matcher);\n }\n\n return this;\n },\n\n /\n Build a section tree based on the registered actions and the given actions\n * @param actions - The actions used to build each section\n /\n async build(actions = [] as Action[]) {\n const sections = {} as any;\n\n for (const [sectionName, section] of state.sections.entries()) {\n sections[sectionName] = await section.build(actions);\n }\n\n return sections;\n },\n };\n};\n\nexport default createSectionBuilder;\n","import { curry, matchesProperty, pick } from 'lodash/fp';\nimport type { Internal, Struct } from '@strapi/types';\n\nconst isOfKind = (kind: unknown) => matchesProperty('kind', kind);\n\nconst resolveContentType = (uid: Internal.UID.ContentType): Struct.ContentTypeSchema => {\n return strapi.contentTypes[uid];\n};\n\nconst isNotInSubjects = (subjects: any) => (uid: unknown) =>\n !subjects.find((subject: any) => subject.uid === uid);\n\nconst hasProperty = curry((property: unknown, subject: any) => {\n return !!subject.properties.find((prop: any) => prop.value === property);\n});\n\nconst getValidOptions = pick(['applyToProperties']);\n\nconst toSubjectTemplate = (ct: any) => ({\n uid: ct.uid,\n label: ct.info.singularName,\n properties: [],\n});\n\nexport {\n isOfKind,\n resolveContentType,\n isNotInSubjects,\n hasProperty,\n getValidOptions,\n toSubjectTemplate,\n};\n","import type { Internal } from '@strapi/types';\nimport { contentTypes } from '@strapi/utils';\nimport {\n toSubjectTemplate,\n getValidOptions,\n hasProperty,\n isNotInSubjects,\n resolveContentType,\n isOfKind,\n} from './utils';\nimport type { Action } from '../../../domain/action';\n\nconst { isVisibleAttribute } = contentTypes;\n\nexport type ContentTypesSection = {\n actions: Action[];\n subjects: any[];\n};\n\nexport type ActionArraySection = Action[];\n\n/\n Transforms & adds the given setting action to the section\n * Note: The action is transformed to a setting specific format\n * @param options\n * @param options.action\n * @param section\n /\nconst settings = ({ action, section }: { action: Action; section: ActionArraySection }) => {\n const { category, subCategory, displayName, actionId } = action;\n\n section.push({\n displayName,\n category,\n subCategory,\n // TODO: Investigate at which point the action property is transformed to actionId\n // @ts-expect-error - action should be actionID\n action: actionId,\n });\n};\n\n/\n Transforms & adds the given plugin action to the section\n * Note: The action is transformed to a plugin specific format\n * @param {object} options\n * @param {Action} options.action\n * @param {ActionArraySection} section\n /\nconst plugins = ({ action, section }: { action: Action; section: ActionArraySection }) => {\n const { pluginName, subCategory, displayName, actionId } = action;\n\n section.push({\n displayName,\n // @ts-expect-error - plugin should be pluginName, TODO: Investigate at which point the plugin property\n plugin: pluginName,\n subCategory,\n action: actionId,\n });\n};\n\n/\n Transforms & adds the given action to the section's actions field\n * Note: The action is transformed to a content-type specific format\n * @param {object} options\n * @param {Action} options.action\n * @param {ContentTypesSection} section\n /\nconst contentTypesBase = ({\n action,\n section,\n}: {\n action: Action;\n section: ContentTypesSection;\n}) => {\n const { displayName, actionId, subjects, options } = action;\n\n section.actions.push({\n // @ts-expect-error - label should be displayName, TODO: Investigate at which point the label property\n label: displayName,\n actionId,\n subjects,\n ...getValidOptions(options),\n });\n};\n\n/\n Initialize the subjects array of a section based on the action's subjects\n /\nconst subjectsHandlerFor =\n (kind: string) =>\n ({ action, section: contentTypesSection }: { action: Action; section: ContentTypesSection }) => {\n // TODO: add a type guard for UID.ContentType\n const subjects = action.subjects as Internal.UID.ContentType[];\n\n if (!subjects?.length) {\n return;\n }\n\n const newSubjects = subjects\n // Ignore already added subjects\n .filter(isNotInSubjects(contentTypesSection.subjects))\n // Transform UIDs into content-types\n .map(resolveContentType)\n // Only keep specific kind of content-types\n .filter(isOfKind(kind))\n // Transform the content-types into section's subjects\n .map(toSubjectTemplate);\n\n contentTypesSection.subjects.push(...newSubjects);\n };\n\nconst buildNode = (model: any, attributeName: string, attribute: any) => {\n if (!isVisibleAttribute(model, attributeName)) {\n return null;\n }\n\n const node = { label: attributeName, value: attributeName };\n\n if (attribute.required) {\n Object.assign(node, { required: true });\n }\n\n if (attribute.type === 'component') {\n const component = strapi.components[attribute.component];\n return { ...node, children: buildDeepAttributesCollection(component) };\n }\n\n return node;\n};\n\nconst buildDeepAttributesCollection = (model: any): unknown => {\n return Object.entries(model.attributes)\n .map(([attributeName, attribute]) => buildNode(model, attributeName, attribute))\n .filter((node) => node !== null);\n};\n\n/\n Create and populate the fields property for section's subjects based on the action's subjects list\n /\nconst fieldsProperty = ({ action, section }: { action: Action; section: ContentTypesSection }) => {\n const { subjects } = action;\n\n section.subjects\n .filter((subject) => subjects?.includes(subject.uid))\n .forEach((subject) => {\n const { uid } = subject;\n const contentType = resolveContentType(uid);\n\n if (hasProperty('fields', subject)) {\n return;\n }\n\n const fields = buildDeepAttributesCollection(contentType);\n const fieldsProp = { label: 'Fields', value: 'fields', children: fields };\n\n subject.properties.push(fieldsProp);\n });\n};\n\nexport { plugins, settings, subjectsHandlerFor, contentTypesBase, fieldsProperty };\n","import { propEq } from 'lodash/fp';\nimport createSectionBuilder from './builder';\nimport {\n subjectsHandlerFor,\n contentTypesBase,\n fieldsProperty,\n plugins as pluginsHandler,\n settings as settingsHandler,\n} from './handlers';\n\nconst sectionPropMatcher = propEq('section');\n\nconst createContentTypesInitialState = () => ({\n actions: [],\n subjects: [],\n});\n\nconst createDefaultSectionBuilder = () => {\n const builder = createSectionBuilder();\n\n builder.createSection('plugins', {\n initialStateFactory: () => [],\n handlers: [pluginsHandler],\n matchers: [sectionPropMatcher('plugins')],\n });\n\n builder.createSection('settings', {\n initialStateFactory: () => [],\n handlers: [settingsHandler],\n matchers: [sectionPropMatcher('settings')],\n });\n\n builder.createSection('singleTypes', {\n initialStateFactory: createContentTypesInitialState,\n handlers: [contentTypesBase, subjectsHandlerFor('singleType'), fieldsProperty],\n matchers: [sectionPropMatcher('contentTypes')],\n });\n\n builder.createSection('collectionTypes', {\n initialStateFactory: createContentTypesInitialState,\n handlers: [contentTypesBase, subjectsHandlerFor('collectionType'), fieldsProperty],\n matchers: [sectionPropMatcher('contentTypes')],\n });\n\n return builder;\n};\n\nexport default createDefaultSectionBuilder;\n","import { isNil, isArray, prop, xor, eq, map, differenceWith } from 'lodash/fp';\nimport pmap from 'p-map';\nimport type { Data } from '@strapi/types';\nimport { getService } from '../../utils';\nimport permissionDomain, { CreatePermissionPayload } from '../../domain/permission';\nimport type { AdminUser, Permission } from '../../../../shared/contracts/shared';\nimport { Action } from '../../domain/action';\n\n/\n Delete permissions of roles in database\n * @param rolesIds ids of roles\n /\nexport const deleteByRolesIds = async (rolesIds: Data.ID[]): Promise<void> => {\n const permissionsToDelete = await strapi.db.query('admin::permission').findMany({\n select: ['id'],\n where: {\n role: { id: rolesIds },\n },\n });\n\n if (permissionsToDelete.length > 0) {\n await deleteByIds(permissionsToDelete.map(prop('id')));\n }\n};\n\n/\n Delete permissions\n * @param ids ids of permissions\n /\nexport const deleteByIds = async (ids: Data.ID[]): Promise<void> => {\n const result: unknown[] = [];\n for (const id of ids) {\n const queryResult = await strapi.db.query('admin::permission').delete({ where: { id } });\n result.push(queryResult);\n }\n strapi.eventHub.emit('permission.delete', { permissions: result });\n};\n\n/\n Create many permissions\n * @param permissions\n /\nexport const createMany = async (permissions: CreatePermissionPayload[]): Promise<Permission[]> => {\n const createdPermissions: CreatePermissionPayload[] = [];\n for (const permission of permissions) {\n const newPerm = await strapi.db.query('admin::permission').create({ data: permission });\n createdPermissions.push(newPerm);\n }\n\n const permissionsToReturn = permissionDomain.toPermission(createdPermissions);\n strapi.eventHub.emit('permission.create', { permissions: permissionsToReturn });\n\n return permissionsToReturn;\n};\n\n/\n Update a permission\n * @param params\n * @param attributes\n /\nconst update = async (params: unknown, attributes: Partial<Permission>) => {\n const updatedPermission = (await strapi.db\n .query('admin::permission')\n .update({ where: params, data: attributes })) as Permission;\n\n const permissionToReturn = permissionDomain.toPermission(updatedPermission);\n strapi.eventHub.emit('permission.update', { permissions: permissionToReturn });\n\n return permissionToReturn;\n};\n\n/\n Find assigned permissions in the database\n * @param params query params to find the permissions\n /\nexport const findMany = async (params = {}): Promise<Permission[]> => {\n const rawPermissions = await strapi.db.query('admin::permission').findMany(params);\n\n return permissionDomain.toPermission(rawPermissions);\n};\n\n/\n Find all permissions for a user\n * @param user - user\n /\nexport const findUserPermissions = async (user: AdminUser): Promise<Permission[]> => {\n return findMany({ where: { role: { users: { id: user.id } } } });\n};\n\nconst filterPermissionsToRemove = async (permissions: Permission[]) => {\n const { actionProvider } = getService('permission');\n\n const permissionsToRemove: Permission[] = [];\n\n for (const permission of permissions) {\n const { subjects, options = {} as Action['options'] } =\n (actionProvider.get(permission.action) as Action) \|\| {};\n const { applyToProperties } = options;\n\n const invalidProperties = await Promise.all(\n (applyToProperties \|\| []).map(async (property) => {\n const applies = await actionProvider.appliesToProperty(\n property,\n permission.action,\n permission.subject\n );\n\n return applies && isNil(permissionDomain.getProperty(property, permission));\n })\n );\n\n const isRegisteredAction = actionProvider.has(permission.action);\n const hasInvalidProperties = isArray(applyToProperties) && invalidProperties.every(eq(true));\n const isInvalidSubject = isArray(subjects) && !subjects.includes(permission.subject as string);\n\n // If the permission has an invalid action, an invalid subject or invalid properties, then add it to the toBeRemoved collection\n if (!isRegisteredAction \|\| isInvalidSubject \|\| hasInvalidProperties) {\n permissionsToRemove.push(permission);\n }\n }\n\n return permissionsToRemove;\n};\n\n/\n Removes permissions in database that don't exist anymore\n /\nexport const cleanPermissionsInDatabase = async (): Promise<void> => {\n const pageSize = 200;\n\n const contentTypeService = getService('content-type');\n\n const total = await strapi.db.query('admin::permission').count();\n const pageCount = Math.ceil(total / pageSize);\n\n for (let page = 0; page < pageCount; page += 1) {\n // 1. Find invalid permissions and collect their ID to delete them later\n const results = (await strapi.db\n .query('admin::permission')\n .findMany({ limit: pageSize, offset: page pageSize })) as Permission[];\n\n const permissions = permissionDomain.toPermission(results);\n const permissionsToRemove = await filterPermissionsToRemove(permissions);\n const permissionsIdToRemove = map(prop('id'), permissionsToRemove);\n\n // 2. Clean permissions' fields (add required ones, remove the non-existing ones)\n const remainingPermissions = permissions.filter(\n (permission: Permission) => !permissionsIdToRemove.includes(permission.id)\n );\n\n const permissionsWithCleanFields = contentTypeService.cleanPermissionFields(\n remainingPermissions\n ) as Permission[];\n\n // Update only the ones that need to be updated\n const permissionsNeedingToBeUpdated = differenceWith(\n (a: Permission, b: Permission) => {\n return a.id === b.id && xor(a.properties.fields, b.properties.fields).length === 0;\n },\n permissionsWithCleanFields,\n remainingPermissions\n );\n\n const updatePromiseProvider = (permission: Permission) => {\n return update({ id: permission.id }, permission);\n };\n\n // Execute all the queries, update the database\n await Promise.all([\n deleteByIds(permissionsIdToRemove),\n pmap(permissionsNeedingToBeUpdated, updatePromiseProvider, {\n concurrency: 100,\n stopOnError: true,\n }),\n ]);\n }\n};\n\nexport default {\n createMany,\n findMany,\n deleteByRolesIds,\n deleteByIds,\n findUserPermissions,\n cleanPermissionsInDatabase,\n};\n","import domain from '../domain/permission';\nimport createActionProvider from '../domain/action/provider';\nimport createConditionProvider from '../domain/condition/provider';\nimport createPermissionsManager from './permission/permissions-manager';\nimport createPermissionEngine from './permission/engine';\nimport createSectionsBuilder from './permission/sections-builder';\nimport {\n cleanPermissionsInDatabase,\n createMany,\n deleteByIds,\n deleteByRolesIds,\n findMany,\n findUserPermissions,\n} from './permission/queries';\n\nconst actionProvider = createActionProvider();\nconst conditionProvider = createConditionProvider();\nconst sectionsBuilder = createSectionsBuilder();\n\nconst sanitizePermission = domain.sanitizePermissionFields;\n\nconst engine = createPermissionEngine({\n providers: { action: actionProvider, condition: conditionProvider },\n});\n\nexport {\n // Queries / Actions\n cleanPermissionsInDatabase,\n createMany,\n deleteByIds,\n deleteByRolesIds,\n findMany,\n findUserPermissions,\n // Utils\n createPermissionsManager,\n sectionsBuilder,\n sanitizePermission,\n // Engine\n engine,\n // Providers\n actionProvider,\n conditionProvider,\n};\n","import _ from 'lodash';\nimport { uniq, startsWith, intersection } from 'lodash/fp';\nimport { contentTypes as contentTypesUtils } from '@strapi/utils';\nimport type { Modules, Struct } from '@strapi/types';\nimport { getService } from '../utils';\nimport actionDomain from '../domain/action';\nimport permissionDomain from '../domain/permission';\n\ninterface FieldOptions {\n prefix?: string; // prefix to add to the path\n nestingLevel?: number; // level of nesting to achieve\n requiredOnly?: boolean; // only returns required nestedFields\n existingFields?: string[]; // fields that are already selected, meaning that some sub-fields may be required\n restrictedSubjects?: string[]; // subjectsId to ignore\n components?: {\n // components where components attributes can be found\n [key: string]: any;\n };\n}\n\n/*\n Creates an array of paths to the fields and nested fields, without path nodes\n /\nconst getNestedFields = (\n model: Struct.ContentTypeSchema,\n {\n prefix = '',\n nestingLevel = 15,\n components = {},\n requiredOnly = false,\n existingFields = [],\n }: FieldOptions\n): string[] => {\n if (nestingLevel === 0) {\n return prefix ? [prefix] : [];\n }\n\n const nonAuthorizableFields = contentTypesUtils.getNonVisibleAttributes(model);\n\n return _.reduce(\n model.attributes,\n (fields: any, attr: any, key: any) => {\n if (nonAuthorizableFields.includes(key)) return fields;\n\n const fieldPath = prefix ? `${prefix}.${key}` : key;\n const shouldBeIncluded = !requiredOnly \|\| attr.required === true;\n const insideExistingFields = existingFields && existingFields.some(startsWith(fieldPath));\n\n if (attr.type === 'component') {\n if (shouldBeIncluded \|\| insideExistingFields) {\n const compoFields = getNestedFields(components[attr.component], {\n nestingLevel: nestingLevel - 1,\n prefix: fieldPath,\n components,\n requiredOnly,\n existingFields,\n });\n\n if (compoFields.length === 0 && shouldBeIncluded) {\n return fields.concat(fieldPath);\n }\n\n return fields.concat(compoFields);\n }\n return fields;\n }\n\n if (shouldBeIncluded) {\n return fields.concat(fieldPath);\n }\n\n return fields;\n },\n []\n );\n};\n\n/\n Creates an array of paths to the fields and nested fields, with path nodes\n /\nconst getNestedFieldsWithIntermediate = (\n model: Struct.ContentTypeSchema,\n { prefix = '', nestingLevel = 15, components = {} }: FieldOptions\n): string[] => {\n if (nestingLevel === 0) {\n return [];\n }\n\n const nonAuthorizableFields = contentTypesUtils.getNonVisibleAttributes(model);\n\n return _.reduce(\n model.attributes,\n (fields: any, attr: any, key: any) => {\n if (nonAuthorizableFields.includes(key)) return fields;\n\n const fieldPath = prefix ? `${prefix}.${key}` : key;\n fields.push(fieldPath);\n\n if (attr.type === 'component') {\n const compoFields = getNestedFieldsWithIntermediate(components[attr.component], {\n nestingLevel: nestingLevel - 1,\n prefix: fieldPath,\n components,\n });\n\n fields.push(...compoFields);\n }\n\n return fields;\n },\n []\n );\n};\n\n/\n Creates an array of permissions with the \"properties.fields\" attribute filled\n /\nconst getPermissionsWithNestedFields = (\n actions: any[],\n { nestingLevel, restrictedSubjects = [] }: FieldOptions = {}\n): Modules.Permissions.PermissionRule[] => {\n return actions.reduce((permissions, action) => {\n const validSubjects = action.subjects.filter(\n (subject: any) => !restrictedSubjects.includes(subject)\n );\n\n // Create a Permission for each subject (content-type uid) within the action\n for (const subject of validSubjects) {\n const fields = actionDomain.appliesToProperty('fields', action)\n ? getNestedFields(strapi.contentTypes[subject], {\n components: strapi.components,\n nestingLevel,\n })\n : undefined;\n\n const permission = permissionDomain.create({\n action: action.actionId,\n subject,\n properties: { fields },\n });\n\n permissions.push(permission);\n }\n\n return permissions;\n }, []);\n};\n\n/\n Cleans permissions' fields (add required ones, remove the non-existing ones)\n /\nconst cleanPermissionFields = (\n permissions: Modules.Permissions.PermissionRule[],\n { nestingLevel }: FieldOptions = {}\n): Modules.Permissions.PermissionRule[] => {\n const { actionProvider } = getService('permission');\n\n return permissions.map((permission: any) => {\n const {\n action: actionId,\n subject,\n properties: { fields },\n } = permission;\n\n const action = actionProvider.get(actionId) as any;\n\n // todo see if it's possible to check property on action + subject (async)\n if (!actionDomain.appliesToProperty('fields', action)) {\n return permissionDomain.deleteProperty('fields', permission);\n }\n\n if (!subject \|\| !strapi.contentTypes[subject]) {\n return permission;\n }\n\n const possibleFields = getNestedFieldsWithIntermediate(strapi.contentTypes[subject], {\n components: strapi.components,\n nestingLevel,\n });\n\n const requiredFields = getNestedFields(strapi.contentTypes[subject], {\n components: strapi.components,\n requiredOnly: true,\n nestingLevel,\n existingFields: fields,\n });\n\n // @ts-expect-error lodash types\n const badNestedFields = uniq([...intersection(fields, possibleFields), ...requiredFields]);\n\n const newFields = badNestedFields.filter(\n (field) => !badNestedFields.some(startsWith(`${field}.`))\n );\n\n return permissionDomain.setProperty('fields', newFields, permission);\n }, []);\n};\n\nexport {\n getNestedFields,\n getPermissionsWithNestedFields,\n cleanPermissionFields,\n getNestedFieldsWithIntermediate,\n};\n","import { isString } from 'lodash/fp';\nimport { getService } from '../utils';\n\nconst isValidCondition = (condition: unknown) => {\n const { conditionProvider } = getService('permission');\n\n return isString(condition) && conditionProvider.has(condition);\n};\n\nexport { isValidCondition };\n","import { isNil } from 'lodash/fp';\nimport { errors } from '@strapi/utils';\nimport { getService } from '../utils';\nimport constants from './constants';\nimport type { AdminRole } from '../../../shared/contracts/shared';\n\nconst { AUTHOR_CODE, PUBLISH_ACTION } = constants;\n\nconst { NotFoundError } = errors;\n// TODO: move actionProvider here instead of in the permission service\n\n/\n Returns actions available for a role.\n * @param {string\|number} roleId\n * @returns {object[]}\n /\nconst getAllowedActionsForRole = async (roleId?: string) => {\n const { actionProvider } = getService('permission');\n\n if (!isNil(roleId)) {\n const role: AdminRole = await getService('role').findOne({ id: roleId });\n\n if (!role) {\n throw new NotFoundError('role.notFound');\n }\n\n if (role.code === AUTHOR_CODE) {\n return actionProvider.values().filter(({ actionId }: any) => actionId !== PUBLISH_ACTION);\n }\n }\n\n return actionProvider.values();\n};\n\nexport { getAllowedActionsForRole };\n","import crypto from 'crypto';\nimport { omit, difference, isNil, isEmpty, map, isArray, uniq, isNumber } from 'lodash/fp';\nimport { errors } from '@strapi/utils';\nimport type { Update, ApiToken, ApiTokenBody } from '../../../shared/contracts/api-token';\nimport constants from './constants';\n\nconst { ValidationError, NotFoundError } = errors;\n\ntype ApiTokenPermission = {\n id: number \| `${number}`;\n action: string;\n token: DBApiToken \| number;\n};\n\ntype DBApiToken = ApiToken & {\n permissions: (number \| ApiTokenPermission)[];\n};\n\nconst SELECT_FIELDS = [\n 'id',\n 'name',\n 'description',\n 'lastUsedAt',\n 'type',\n 'lifespan',\n 'expiresAt',\n 'createdAt',\n 'updatedAt',\n];\n\nconst POPULATE_FIELDS = ['permissions'];\n\n// TODO: we need to ensure the permissions are actually valid registered permissions!\n\n/\n Assert that a token's permissions attribute is valid for its type\n /\nconst assertCustomTokenPermissionsValidity = (\n type: ApiTokenBody['type'],\n permissions: ApiTokenBody['permissions']\n) => {\n // Ensure non-custom tokens doesn't have permissions\n if (type !== constants.API_TOKEN_TYPE.CUSTOM && !isEmpty(permissions)) {\n throw new ValidationError('Non-custom tokens should not reference permissions');\n }\n\n // Custom type tokens should always have permissions attached to them\n if (type === constants.API_TOKEN_TYPE.CUSTOM && !isArray(permissions)) {\n throw new ValidationError('Missing permissions attribute for custom token');\n }\n\n // Permissions provided for a custom type token should be valid/registered permissions UID\n if (type === constants.API_TOKEN_TYPE.CUSTOM) {\n const validPermissions = strapi.contentAPI.permissions.providers.action.keys();\n const invalidPermissions = difference(permissions, validPermissions) as string[];\n\n if (!isEmpty(invalidPermissions)) {\n throw new ValidationError(`Unknown permissions provided: ${invalidPermissions.join(', ')}`);\n }\n }\n};\n\n/\n Check if a token's lifespan is valid\n /\nconst isValidLifespan = (lifespan: unknown) => {\n if (isNil(lifespan)) {\n return true;\n }\n\n if (!isNumber(lifespan) \|\| !Object.values(constants.API_TOKEN_LIFESPANS).includes(lifespan)) {\n return false;\n }\n\n return true;\n};\n\n/\n Assert that a token's lifespan is valid\n /\nconst assertValidLifespan = (lifespan: unknown) => {\n if (!isValidLifespan(lifespan)) {\n throw new ValidationError(\n `lifespan must be one of the following values:\n ${Object.values(constants.API_TOKEN_LIFESPANS).join(', ')}`\n );\n }\n};\n\n/\n Flatten a token's database permissions objects to an array of strings\n /\nconst flattenTokenPermissions = (token: DBApiToken): ApiToken => {\n if (!token) {\n return token;\n }\n\n return {\n ...token,\n permissions: isArray(token.permissions) ? map('action', token.permissions) : token.permissions,\n };\n};\n\ntype WhereParams = {\n id?: string \| number;\n name?: string;\n lastUsedAt?: number;\n description?: string;\n accessKey?: string;\n};\n\n/\n Get a token\n /\nconst getBy = async (whereParams: WhereParams = {}): Promise<ApiToken \| null> => {\n if (Object.keys(whereParams).length === 0) {\n return null;\n }\n\n const token = await strapi.db\n .query('admin::api-token')\n .findOne({ select: SELECT_FIELDS, populate: POPULATE_FIELDS, where: whereParams });\n\n if (!token) {\n return token;\n }\n\n return flattenTokenPermissions(token);\n};\n\n/\n Check if token exists\n /\nconst exists = async (whereParams: WhereParams = {}): Promise<boolean> => {\n const apiToken = await getBy(whereParams);\n\n return !!apiToken;\n};\n\n/\n Return a secure sha512 hash of an accessKey\n /\nconst hash = (accessKey: string) => {\n return crypto\n .createHmac('sha512', strapi.config.get('admin.apiToken.salt'))\n .update(accessKey)\n .digest('hex');\n};\n\nconst getExpirationFields = (lifespan: ApiTokenBody['lifespan']) => {\n // it must be nil or a finite number >= 0\n const isValidNumber = isNumber(lifespan) && Number.isFinite(lifespan) && lifespan > 0;\n if (!isValidNumber && !isNil(lifespan)) {\n throw new ValidationError('lifespan must be a positive number or null');\n }\n\n return {\n lifespan: lifespan \|\| null,\n expiresAt: lifespan ? Date.now() + lifespan : null,\n };\n};\n\n/\n Create a token and its permissions\n /\nconst create = async (attributes: ApiTokenBody): Promise<ApiToken> => {\n const accessKey = crypto.randomBytes(128).toString('hex');\n\n assertCustomTokenPermissionsValidity(attributes.type, attributes.permissions);\n assertValidLifespan(attributes.lifespan);\n\n // Create the token\n const apiToken: ApiToken = await strapi.db.query('admin::api-token').create({\n select: SELECT_FIELDS,\n populate: POPULATE_FIELDS,\n data: {\n ...omit('permissions', attributes),\n accessKey: hash(accessKey),\n ...getExpirationFields(attributes.lifespan),\n },\n });\n\n const result: ApiToken = { ...apiToken, accessKey };\n\n // If this is a custom type token, create and the related permissions\n if (attributes.type === constants.API_TOKEN_TYPE.CUSTOM) {\n // TODO: createMany doesn't seem to create relation properly, implement a better way rather than a ton of queries\n // const permissionsCount = await strapi.db.query('admin::api-token-permission').createMany({\n // populate: POPULATE_FIELDS,\n // data: attributes.permissions.map(action => ({ action, token: apiToken })),\n // });\n await Promise.all(\n uniq(attributes.permissions).map((action) =>\n strapi.db.query('admin::api-token-permission').create({\n data: { action, token: apiToken },\n })\n )\n );\n\n const currentPermissions = await strapi.db\n .query('admin::api-token')\n .load(apiToken, 'permissions');\n\n if (currentPermissions) {\n Object.assign(result, { permissions: map('action', currentPermissions) });\n }\n }\n\n return result;\n};\n\nconst regenerate = async (id: string \| number): Promise<ApiToken> => {\n const accessKey = crypto.randomBytes(128).toString('hex');\n\n const apiToken: ApiToken = await strapi.db.query('admin::api-token').update({\n select: ['id', 'accessKey'],\n where: { id },\n data: {\n accessKey: hash(accessKey),\n },\n });\n\n if (!apiToken) {\n throw new NotFoundError('The provided token id does not exist');\n }\n\n return {\n ...apiToken,\n accessKey,\n };\n};\n\nconst checkSaltIsDefined = () => {\n if (!strapi.config.get('admin.apiToken.salt')) {\n // TODO V5: stop reading API_TOKEN_SALT\n if (process.env.API_TOKEN_SALT) {\n process.emitWarning(`[deprecated] In future versions, Strapi will stop reading directly from the environment variable API_TOKEN_SALT. Please set apiToken.salt in config/admin.js instead.\nFor security reasons, keep storing the secret in an environment variable and use env() to read it in config/admin.js (ex: \\`apiToken: { salt: env('API_TOKEN_SALT') }\\`). See https://docs.strapi.io/developer-docs/latest/setup-deployment-guides/configurations/optional/environment.html#configuration-using-environment-variables.`);\n\n strapi.config.set('admin.apiToken.salt', process.env.API_TOKEN_SALT);\n } else {\n throw new Error(\n `Missing apiToken.salt. Please set apiToken.salt in config/admin.js (ex: you can generate one using Node with \\`crypto.randomBytes(16).toString('base64')\\`).\nFor security reasons, prefer storing the secret in an environment variable and read it in config/admin.js. See https://docs.strapi.io/developer-docs/latest/setup-deployment-guides/configurations/optional/environment.html#configuration-using-environment-variables.`\n );\n }\n }\n};\n\n/\n Return a list of all tokens and their permissions\n /\nconst list = async (): Promise<Array<ApiToken>> => {\n const tokens: Array<DBApiToken> = await strapi.db.query('admin::api-token').findMany({\n select: SELECT_FIELDS,\n populate: POPULATE_FIELDS,\n orderBy: { name: 'ASC' },\n });\n\n if (!tokens) {\n return tokens;\n }\n\n return tokens.map((token) => flattenTokenPermissions(token));\n};\n\n/\n Revoke (delete) a token\n /\nconst revoke = async (id: string \| number): Promise<ApiToken> => {\n return strapi.db\n .query('admin::api-token')\n .delete({ select: SELECT_FIELDS, populate: POPULATE_FIELDS, where: { id } });\n};\n\n/\n Retrieve a token by id\n /\nconst getById = async (id: string \| number) => {\n return getBy({ id });\n};\n\n/\n Retrieve a token by name\n /\nconst getByName = async (name: string) => {\n return getBy({ name });\n};\n\n/\n Update a token and its permissions\n /\nconst update = async (\n id: string \| number,\n attributes: Update.Request['body']\n): Promise<ApiToken> => {\n // retrieve token without permissions\n const originalToken: DBApiToken = await strapi.db\n .query('admin::api-token')\n .findOne({ where: { id } });\n\n if (!originalToken) {\n throw new NotFoundError('Token not found');\n }\n\n const changingTypeToCustom =\n attributes.type === constants.API_TOKEN_TYPE.CUSTOM &&\n originalToken.type !== constants.API_TOKEN_TYPE.CUSTOM;\n\n // if we're updating the permissions on any token type, or changing from non-custom to custom, ensure they're still valid\n // if neither type nor permissions are changing, we don't need to validate again or else we can't allow partial update\n if (attributes.permissions \|\| changingTypeToCustom) {\n assertCustomTokenPermissionsValidity(\n attributes.type \|\| originalToken.type,\n attributes.permissions \|\| originalToken.permissions\n );\n }\n\n assertValidLifespan(attributes.lifespan);\n\n const updatedToken: ApiToken = await strapi.db.query('admin::api-token').update({\n select: SELECT_FIELDS,\n where: { id },\n data: omit('permissions', attributes),\n });\n\n // custom tokens need to have their permissions updated as well\n if (updatedToken.type === constants.API_TOKEN_TYPE.CUSTOM && attributes.permissions) {\n const currentPermissionsResult = await strapi.db\n .query('admin::api-token')\n .load(updatedToken, 'permissions');\n\n const currentPermissions = map('action', currentPermissionsResult \|\| []);\n const newPermissions = uniq(attributes.permissions);\n\n const actionsToDelete = difference(currentPermissions, newPermissions);\n const actionsToAdd = difference(newPermissions, currentPermissions);\n\n // TODO: improve efficiency here\n // method using a loop -- works but very inefficient\n await Promise.all(\n actionsToDelete.map((action) =>\n strapi.db.query('admin::api-token-permission').delete({\n where: { action, token: id },\n })\n )\n );\n\n // TODO: improve efficiency here\n // using a loop -- works but very inefficient\n await Promise.all(\n actionsToAdd.map((action) =>\n strapi.db.query('admin::api-token-permission').create({\n data: { action, token: id },\n })\n )\n );\n }\n // if type is not custom, make sure any old permissions get removed\n else if (updatedToken.type !== constants.API_TOKEN_TYPE.CUSTOM) {\n await strapi.db.query('admin::api-token-permission').delete({\n where: { token: id },\n });\n }\n\n // retrieve permissions\n const permissionsFromDb = await strapi.db\n .query('admin::api-token')\n .load(updatedToken, 'permissions');\n\n return {\n ...updatedToken,\n permissions: permissionsFromDb ? permissionsFromDb.map((p: any) => p.action) : undefined,\n };\n};\n\nexport {\n create,\n regenerate,\n exists,\n checkSaltIsDefined,\n hash,\n list,\n revoke,\n getById,\n update,\n getByName,\n getBy,\n};\n","import permissions from '@strapi/permissions';\nimport { providerFactory } from '@strapi/utils';\n\nconst DEFAULT_TRANSFER_ACTIONS = ['push', 'pull'];\n\nconst providers = {\n action: providerFactory(),\n condition: providerFactory(),\n};\n\nDEFAULT_TRANSFER_ACTIONS.forEach((action) => {\n providers.action.register(action, { action });\n});\n\nconst engine = permissions.engine.new({ providers });\n\nexport { engine, providers };\n","import crypto from 'crypto';\nimport assert from 'assert';\nimport { map, isArray, omit, uniq, isNil, difference, isEmpty, isNumber } from 'lodash/fp';\nimport { errors } from '@strapi/utils';\nimport '@strapi/types';\nimport constants from '../constants';\nimport { getService } from '../../utils';\nimport {\n DatabaseTransferToken,\n SanitizedTransferToken,\n TokenCreatePayload,\n TokenUpdatePayload,\n TransferToken,\n TransferTokenPermission,\n} from '../../../../shared/contracts/transfer';\n\nconst { ValidationError, NotFoundError } = errors;\n\nconst TRANSFER_TOKEN_UID = 'admin::transfer-token';\nconst TRANSFER_TOKEN_PERMISSION_UID = 'admin::transfer-token-permission';\n\nconst SELECT_FIELDS = [\n 'id',\n 'name',\n 'description',\n 'lastUsedAt',\n 'lifespan',\n 'expiresAt',\n 'createdAt',\n 'updatedAt',\n] as const;\n\nconst POPULATE_FIELDS = ['permissions'] as const;\n\n/\n Return a list of all tokens and their permissions\n /\nconst list = async (): Promise<SanitizedTransferToken[]> => {\n const tokens: DatabaseTransferToken[] = await strapi.db.query(TRANSFER_TOKEN_UID).findMany({\n select: SELECT_FIELDS,\n populate: POPULATE_FIELDS,\n orderBy: { name: 'ASC' },\n });\n\n if (!tokens) return tokens;\n return tokens.map((token) => flattenTokenPermissions(token));\n};\n\n/\n Create a random token's access key\n /\nconst generateRandomAccessKey = (): string => crypto.randomBytes(128).toString('hex');\n\n/\n Validate the given access key's format and returns it if valid\n /\nconst validateAccessKey = (accessKey: string): string => {\n assert(typeof accessKey === 'string', 'Access key needs to be a string');\n assert(accessKey.length >= 15, 'Access key needs to have at least 15 characters');\n\n return accessKey;\n};\n\nexport const hasAccessKey = <T extends { accessKey?: string }>(\n attributes: T\n): attributes is T & { accessKey: string } => {\n return 'accessKey' in attributes;\n};\n\n/\n Create a token and its permissions\n /\nconst create = async (attributes: TokenCreatePayload): Promise<TransferToken> => {\n const accessKey = hasAccessKey(attributes)\n ? validateAccessKey(attributes.accessKey)\n : generateRandomAccessKey();\n\n // Make sure the access key isn't picked up directly from the attributes for the next steps\n delete attributes.accessKey;\n\n assertTokenPermissionsValidity(attributes);\n assertValidLifespan(attributes.lifespan);\n\n const result = (await strapi.db.transaction(async () => {\n const transferToken = await strapi.db.query(TRANSFER_TOKEN_UID).create({\n select: SELECT_FIELDS,\n populate: POPULATE_FIELDS,\n data: {\n ...omit('permissions', attributes),\n accessKey: hash(accessKey),\n ...getExpirationFields(attributes.lifespan),\n },\n });\n\n await Promise.all(\n uniq(attributes.permissions).map((action) =>\n strapi.db\n .query(TRANSFER_TOKEN_PERMISSION_UID)\n .create({ data: { action, token: transferToken } })\n )\n );\n\n const currentPermissions: TransferTokenPermission[] = await strapi.db\n .query(TRANSFER_TOKEN_UID)\n .load(transferToken, 'permissions');\n\n if (currentPermissions) {\n Object.assign(transferToken, { permissions: map('action', currentPermissions) });\n }\n\n return transferToken;\n })) as TransferToken;\n\n return { ...result, accessKey };\n};\n\n/\n Update a token and its permissions\n /\nconst update = async (\n id: string \| number,\n attributes: TokenUpdatePayload\n): Promise<SanitizedTransferToken> => {\n // retrieve token without permissions\n const originalToken = await strapi.db.query(TRANSFER_TOKEN_UID).findOne({ where: { id } });\n\n if (!originalToken) {\n throw new NotFoundError('Token not found');\n }\n\n assertTokenPermissionsValidity(attributes);\n assertValidLifespan(attributes.lifespan);\n\n return strapi.db.transaction(async () => {\n const updatedToken = await strapi.db.query(TRANSFER_TOKEN_UID).update({\n select: SELECT_FIELDS,\n where: { id },\n data: {\n ...omit('permissions', attributes),\n },\n });\n\n if (attributes.permissions) {\n const currentPermissionsResult = await strapi.db\n .query(TRANSFER_TOKEN_UID)\n .load(updatedToken, 'permissions');\n\n const currentPermissions = map('action', currentPermissionsResult \|\| []);\n const newPermissions = uniq(attributes.permissions);\n\n const actionsToDelete = difference(currentPermissions, newPermissions);\n const actionsToAdd = difference(newPermissions, currentPermissions);\n\n // TODO: improve efficiency here\n // method using a loop -- works but very inefficient\n await Promise.all(\n actionsToDelete.map((action) =>\n strapi.db.query(TRANSFER_TOKEN_PERMISSION_UID).delete({\n where: { action, token: id },\n })\n )\n );\n\n // TODO: improve efficiency here\n // using a loop -- works but very inefficient\n await Promise.all(\n actionsToAdd.map((action) =>\n strapi.db.query(TRANSFER_TOKEN_PERMISSION_UID).create({\n data: { action, token: id },\n })\n )\n );\n }\n\n // retrieve permissions\n const permissionsFromDb: TransferTokenPermission[] = await strapi.db\n .query(TRANSFER_TOKEN_UID)\n .load(updatedToken, 'permissions');\n\n return {\n ...updatedToken,\n permissions: permissionsFromDb ? permissionsFromDb.map((p) => p.action) : undefined,\n };\n }) as unknown as Promise<SanitizedTransferToken>;\n};\n\n/\n Revoke (delete) a token\n /\nconst revoke = async (id: string \| number): Promise<SanitizedTransferToken> => {\n return strapi.db.transaction(async () =>\n strapi.db\n .query(TRANSFER_TOKEN_UID)\n .delete({ select: SELECT_FIELDS, populate: POPULATE_FIELDS, where: { id } })\n ) as unknown as Promise<SanitizedTransferToken>;\n};\n\n/\n Get a token\n /\nconst getBy = async (\n whereParams = {} as {\n id?: string \| number;\n name?: string;\n lastUsedAt?: number;\n description?: string;\n accessKey?: string;\n }\n): Promise<SanitizedTransferToken \| null> => {\n if (Object.keys(whereParams).length === 0) {\n return null;\n }\n\n const token = await strapi.db\n .query(TRANSFER_TOKEN_UID)\n .findOne({ select: SELECT_FIELDS, populate: POPULATE_FIELDS, where: whereParams });\n\n if (!token) {\n return token;\n }\n\n return flattenTokenPermissions(token);\n};\n\n/\n Retrieve a token by id\n /\nconst getById = async (id: string \| number): Promise<SanitizedTransferToken \| null> => {\n return getBy({ id });\n};\n\n/\n Retrieve a token by name\n /\nconst getByName = async (name: string): Promise<SanitizedTransferToken \| null> => {\n return getBy({ name });\n};\n\n/\n Check if token exists\n /\nconst exists = async (\n whereParams = {} as {\n id?: string \| number;\n name?: string;\n lastUsedAt?: number;\n description?: string;\n accessKey?: string;\n }\n): Promise<boolean> => {\n const transferToken = await getBy(whereParams);\n\n return !!transferToken;\n};\n\nconst regenerate = async (id: string \| number): Promise<TransferToken> => {\n const accessKey = crypto.randomBytes(128).toString('hex');\n const transferToken = (await strapi.db.transaction(async () =>\n strapi.db.query(TRANSFER_TOKEN_UID).update({\n select: ['id', 'accessKey'],\n where: { id },\n data: {\n accessKey: hash(accessKey),\n },\n })\n )) as Promise<TransferToken>;\n\n if (!transferToken) {\n throw new NotFoundError('The provided token id does not exist');\n }\n\n return {\n ...transferToken,\n accessKey,\n };\n};\n\nconst getExpirationFields = (lifespan: TransferToken['lifespan']) => {\n // it must be nil or a finite number >= 0\n const isValidNumber = isNumber(lifespan) && Number.isFinite(lifespan) && lifespan > 0;\n if (!isValidNumber && !isNil(lifespan)) {\n throw new ValidationError('lifespan must be a positive number or null');\n }\n\n return {\n lifespan: lifespan \|\| null,\n expiresAt: lifespan ? Date.now() + lifespan : null,\n };\n};\n\n/\n Return a secure sha512 hash of an accessKey\n /\nconst hash = (accessKey: string): string => {\n const { hasValidTokenSalt } = getService('transfer').utils;\n\n if (!hasValidTokenSalt()) {\n throw new TypeError('Required token salt is not defined');\n }\n\n return crypto\n .createHmac('sha512', strapi.config.get('admin.transfer.token.salt'))\n .update(accessKey)\n .digest('hex');\n};\n\nconst checkSaltIsDefined = () => {\n const { hasValidTokenSalt } = getService('transfer').utils;\n\n // Ignore the check if the data-transfer feature is manually disabled\n if (!strapi.config.get('server.transfer.remote.enabled')) {\n return;\n }\n\n if (!hasValidTokenSalt()) {\n process.emitWarning(\n `Missing transfer.token.salt: Data transfer features have been disabled.\nPlease set transfer.token.salt in config/admin.js (ex: you can generate one using Node with \\`crypto.randomBytes(16).toString('base64')\\`)\nFor security reasons, prefer storing the secret in an environment variable and read it in config/admin.js. See https://docs.strapi.io/developer-docs/latest/setup-deployment-guides/configurations/optional/environment.html#configuration-using-environment-variables.`\n );\n }\n};\n\n/\n Flatten a token's database permissions objects to an array of strings\n /\nconst flattenTokenPermissions = (token: DatabaseTransferToken): TransferToken => {\n if (!token) {\n return token;\n }\n\n return {\n ...token,\n permissions: isArray(token.permissions)\n ? map('action', token.permissions as TransferTokenPermission[])\n : token.permissions,\n };\n};\n\n/\n Assert that a token's permissions are valid\n /\nconst assertTokenPermissionsValidity = (attributes: TokenUpdatePayload) => {\n const permissionService = strapi.service('admin::transfer').permission;\n const validPermissions = permissionService.providers.action.keys();\n const invalidPermissions = difference(attributes.permissions, validPermissions);\n\n if (!isEmpty(invalidPermissions)) {\n throw new ValidationError(`Unknown permissions provided: ${invalidPermissions.join(', ')}`);\n }\n};\n\n/\n Check if a token's lifespan is valid\n /\nconst isValidLifespan = (lifespan: unknown) => {\n if (isNil(lifespan)) {\n return true;\n }\n\n if (\n !isNumber(lifespan) \|\|\n !Object.values(constants.TRANSFER_TOKEN_LIFESPANS).includes(lifespan)\n ) {\n return false;\n }\n\n return true;\n};\n\n/\n Assert that a token's lifespan is valid\n /\nconst assertValidLifespan = (lifespan: unknown) => {\n if (!isValidLifespan(lifespan)) {\n throw new ValidationError(\n `lifespan must be one of the following values:\n ${Object.values(constants.TRANSFER_TOKEN_LIFESPANS).join(', ')}`\n );\n }\n};\n\nexport {\n create,\n list,\n exists,\n getBy,\n getById,\n getByName,\n update,\n revoke,\n regenerate,\n hash,\n checkSaltIsDefined,\n};\n","import { env } from '@strapi/utils';\nimport { getService } from '../../utils';\n\n/\n A valid transfer token salt must be a non-empty string defined in the Strapi config\n /\nconst hasValidTokenSalt = (): boolean => {\n const salt = strapi.config.get('admin.transfer.token.salt', null) as string \| null;\n\n return typeof salt === 'string' && salt.length > 0;\n};\n\n/\n Checks whether data transfer features are enabled\n /\nconst isRemoteTransferEnabled = (): boolean => {\n const { utils } = getService('transfer');\n\n // TODO v6: Remove this warning\n if (env.bool('STRAPI_DISABLE_REMOTE_DATA_TRANSFER') !== undefined) {\n strapi.log.warn(\n 'STRAPI_DISABLE_REMOTE_DATA_TRANSFER is no longer supported. Instead, set transfer.remote.enabled to false in your server configuration'\n );\n }\n\n return utils.hasValidTokenSalt() && strapi.config.get('server.transfer.remote.enabled');\n};\n\nexport { isRemoteTransferEnabled, hasValidTokenSalt };\n","import fs from 'fs';\nimport { pick } from 'lodash';\nimport { GetProjectSettings, UpdateProjectSettings } from '../../../shared/contracts/admin';\n\nconst PROJECT_SETTINGS_FILE_INPUTS = ['menuLogo', 'authLogo'] as const;\n\ninterface UploadFile {\n name: string;\n path: string;\n type: string;\n size: number;\n stream: fs.ReadStream;\n tmpPath: string;\n hash: string;\n url: string;\n width: number;\n height: number;\n ext: string;\n provider: unknown;\n}\n\ntype FormattedFiles = Partial<\n Record<keyof UpdateProjectSettings.Request['files'], Partial<UploadFile>>\n>;\n\nconst parseFilesData = async (files: UpdateProjectSettings.Request['files']) => {\n const formatedFilesData: FormattedFiles = {};\n\n await Promise.all(\n PROJECT_SETTINGS_FILE_INPUTS.map(async (inputName) => {\n const file = files[inputName];\n\n // Skip empty file inputs\n if (!file) {\n return;\n }\n\n const getStream = () => fs.createReadStream(file.filepath);\n\n // Add formated data for the upload provider\n formatedFilesData[inputName] = await strapi\n .plugin('upload')\n .service('upload')\n .formatFileInfo({\n filename: file.originalFilename,\n type: file.mimetype,\n size: file.size,\n });\n\n // Add image dimensions\n Object.assign(\n formatedFilesData[inputName]!,\n await strapi.plugin('upload').service('image-manipulation').getDimensions({ getStream })\n );\n\n // Add file path, and stream\n Object.assign(formatedFilesData[inputName]!, {\n stream: getStream(),\n tmpPath: file.filepath,\n // TODO\n // @ts-expect-error define the correct return type\n provider: strapi.config.get('plugin::upload').provider,\n });\n })\n );\n\n return formatedFilesData;\n};\n\nconst getProjectSettings = async (): Promise<GetProjectSettings.Response> => {\n const store = strapi.store({ type: 'core', name: 'admin' });\n\n // Returns an object with file inputs names as key and null as value\n const defaultProjectSettings = PROJECT_SETTINGS_FILE_INPUTS.reduce((prev: any, cur: any) => {\n prev[cur] = null;\n return prev;\n }, {});\n\n const projectSettings = {\n ...defaultProjectSettings,\n // @ts-expect-error spread can be applied to return value\n ...(await store.get({ key: 'project-settings' })),\n };\n\n // Filter file input fields\n PROJECT_SETTINGS_FILE_INPUTS.forEach((inputName) => {\n if (!projectSettings[inputName]) {\n return;\n }\n\n projectSettings[inputName] = pick(projectSettings[inputName], [\n 'name',\n 'url',\n 'width',\n 'height',\n 'ext',\n 'size',\n ]);\n });\n\n return projectSettings;\n};\n\nconst uploadFiles = async (files: LogoFiles = {}) => {\n // Call the provider upload function for each file\n return Promise.all(\n Object.values(files)\n .filter((file) => file?.stream instanceof fs.ReadStream)\n .map((file) => strapi.plugin('upload').provider.uploadStream(file))\n );\n};\n\nconst deleteOldFiles = async ({ previousSettings, newSettings }: any) => {\n return Promise.all(\n PROJECT_SETTINGS_FILE_INPUTS.map(async (inputName) => {\n // Skip if the store doesn't contain project settings\n if (!previousSettings) {\n return;\n }\n\n // Skip if there was no previous file\n if (!previousSettings[inputName]) {\n return;\n }\n\n // Skip if the file was not changed\n if (\n newSettings[inputName] &&\n previousSettings[inputName].hash === newSettings[inputName].hash\n ) {\n return;\n }\n\n // Skip if the file was not uploaded with the current provider\n // TODO\n // @ts-expect-error define the correct return type\n if (strapi.config.get('plugin::upload').provider !== previousSettings[inputName].provider) {\n return;\n }\n\n // There was a previous file and an new file was uploaded\n // Remove the previous file\n strapi.plugin('upload').provider.delete(previousSettings[inputName]);\n })\n );\n};\n\ntype LogoFiles = { [K in keyof FormattedFiles]: FormattedFiles[K] \| null };\n\nconst updateProjectSettings = async (\n newSettings: Omit<UpdateProjectSettings.Request['body'], 'menuLogo' \| 'authLogo'> & LogoFiles\n) => {\n const store = strapi.store({ type: 'core', name: 'admin' });\n const previousSettings = (await store.get({ key: 'project-settings' })) as any;\n const files = pick(newSettings, PROJECT_SETTINGS_FILE_INPUTS);\n\n await uploadFiles(files);\n\n PROJECT_SETTINGS_FILE_INPUTS.forEach((inputName) => {\n // If the user input exists but is not a formdata \"file\" remove it\n if (newSettings[inputName] !== undefined && !(typeof newSettings[inputName] === 'object')) {\n newSettings[inputName] = null;\n return;\n }\n\n // If the user input is undefined reuse previous setting (do not update field)\n if (!newSettings[inputName] && previousSettings) {\n newSettings[inputName] = previousSettings[inputName];\n return;\n }\n\n // Update the file\n newSettings[inputName] = pick(newSettings[inputName], [\n 'name',\n 'hash',\n 'url',\n 'width',\n 'height',\n 'ext',\n 'size',\n 'provider',\n ]);\n });\n\n // No await to proceed asynchronously\n deleteOldFiles({ previousSettings, newSettings });\n\n await store.set({\n key: 'project-settings',\n value: { ...previousSettings, ...newSettings },\n });\n\n return getProjectSettings();\n};\n\nexport { deleteOldFiles, parseFilesData, getProjectSettings, updateProjectSettings };\n","// NOTE: Make sure to use default export for services overwritten in EE\nimport auth from './auth';\nimport user from './user';\nimport role from './role';\nimport passport from './passport';\nimport metrics from './metrics';\nimport as token from './token';\nimport * as permission from './permission';\nimport * as contentType from './content-type';\nimport * as constants from './constants';\nimport * as condition from './condition';\nimport * as action from './action';\nimport * as apiToken from './api-token';\nimport * as transfer from './transfer';\nimport * as projectSettings from './project-settings';\n\n// TODO: TS - Export services one by one as this export is cjs\nexport default {\n auth,\n user,\n role,\n passport,\n token,\n permission,\n metrics,\n 'content-type': contentType,\n constants,\n condition,\n action,\n 'api-token': apiToken,\n transfer,\n 'project-settings': projectSettings,\n};\n","import { z } from 'zod';\nimport { validateZod } from '@strapi/utils';\n\nconst MAX_IMAGE_WIDTH = 750;\nconst MAX_IMAGE_HEIGHT = MAX_IMAGE_WIDTH;\nconst MAX_IMAGE_FILE_SIZE = 1024 * 1024; // 1Mo\n\nconst updateProjectSettings = z\n .object({\n menuLogo: z.string().nullish(),\n authLogo: z.string().nullish(),\n })\n .strict();\n\nconst updateProjectSettingsLogo = z.object({\n originalFilename: z.string().nullish(),\n mimetype: z.enum(['image/jpeg', 'image/png', 'image/svg+xml']),\n size: z.number().max(MAX_IMAGE_FILE_SIZE).nullish(),\n});\n\nconst updateProjectSettingsFiles = z\n .object({\n menuLogo: updateProjectSettingsLogo.nullish(),\n authLogo: updateProjectSettingsLogo.nullish(),\n })\n .strict();\n\nconst logoDimensions = z.object({\n width: z.number().max(MAX_IMAGE_WIDTH).nullish(),\n height: z.number().max(MAX_IMAGE_HEIGHT).nullish(),\n});\n\nconst updateProjectSettingsImagesDimensions = z\n .object({\n menuLogo: logoDimensions.nullish(),\n authLogo: logoDimensions.nullish(),\n })\n .strict();\n\nexport const validateUpdateProjectSettings = validateZod(updateProjectSettings);\nexport const validateUpdateProjectSettingsFiles = validateZod(updateProjectSettingsFiles);\nexport const validateUpdateProjectSettingsImagesDimensions = validateZod(\n updateProjectSettingsImagesDimensions\n);\n\nexport default {\n validateUpdateProjectSettings,\n validateUpdateProjectSettingsFiles,\n validateUpdateProjectSettingsImagesDimensions,\n};\n","import type { Context } from 'koa';\n\nimport path from 'path';\n\nimport { map, values, sumBy, pipe, flatMap, propEq } from 'lodash/fp';\nimport _ from 'lodash';\nimport { exists } from 'fs-extra';\nimport '@strapi/types';\nimport { env } from '@strapi/utils';\nimport tsUtils from '@strapi/typescript-utils';\nimport {\n validateUpdateProjectSettings,\n validateUpdateProjectSettingsFiles,\n validateUpdateProjectSettingsImagesDimensions,\n} from '../validation/project-settings';\nimport { getService } from '../utils';\n\nimport type {\n Init,\n GetProjectSettings,\n Information,\n Plugins,\n TelemetryProperties,\n UpdateProjectSettings,\n} from '../../../shared/contracts/admin';\n\nconst { isUsingTypeScript } = tsUtils;\n\n/*\n A set of functions called \"actions\" for `Admin`\n /\nexport default {\n // TODO very temporary to check the switch ee/ce\n // When removing this we need to update the /admin/src/index.js file\n // whe,re we set the strapi.window.isEE value\n\n // NOTE: admin/ee/server overrides this controller, and adds the EE features\n // This returns an empty feature list for CE\n async getProjectType() {\n const flags = strapi.config.get('admin.flags', {});\n return { data: { isEE: false, features: [], flags } };\n },\n\n async init() {\n let uuid = strapi.config.get('uuid', false);\n const hasAdmin = await getService('user').exists();\n const { menuLogo, authLogo } = await getService('project-settings').getProjectSettings();\n // set to null if telemetryDisabled flag not avaialble in package.json\n const telemetryDisabled: boolean \| null = strapi.config.get(\n 'packageJsonStrapi.telemetryDisabled',\n null\n );\n\n if (telemetryDisabled !== null && telemetryDisabled === true) {\n uuid = false;\n }\n\n return {\n data: {\n uuid,\n hasAdmin,\n menuLogo: menuLogo ? menuLogo.url : null,\n authLogo: authLogo ? authLogo.url : null,\n },\n } satisfies Init.Response;\n },\n\n async getProjectSettings() {\n return getService(\n 'project-settings'\n ).getProjectSettings() satisfies Promise<GetProjectSettings.Response>;\n },\n\n async updateProjectSettings(ctx: Context) {\n const {\n request: { files, body },\n } = ctx as { request: UpdateProjectSettings.Request };\n\n const projectSettingsService = getService('project-settings');\n\n await validateUpdateProjectSettings(body);\n await validateUpdateProjectSettingsFiles(files);\n\n const formatedFiles = await projectSettingsService.parseFilesData(files);\n await validateUpdateProjectSettingsImagesDimensions(formatedFiles);\n\n return projectSettingsService.updateProjectSettings({\n ...body,\n ...formatedFiles,\n }) satisfies Promise<UpdateProjectSettings.Response>;\n },\n\n async telemetryProperties(ctx: Context) {\n // If the telemetry is disabled, ignore the request and return early\n if (strapi.telemetry.isDisabled) {\n ctx.status = 204;\n return;\n }\n\n const useTypescriptOnServer = await isUsingTypeScript(strapi.dirs.app.root);\n const useTypescriptOnAdmin = await isUsingTypeScript(\n path.join(strapi.dirs.app.root, 'src', 'admin')\n );\n const isHostedOnStrapiCloud = env('STRAPI_HOSTING', null) === 'strapi.cloud';\n\n const numberOfAllContentTypes = _.size(strapi.contentTypes);\n const numberOfComponents = _.size(strapi.components);\n\n const getNumberOfDynamicZones = () => {\n return pipe(\n map('attributes'),\n flatMap(values),\n // @ts-expect-error lodash types\n sumBy(propEq('type', 'dynamiczone'))\n )(strapi.contentTypes as any);\n };\n\n return {\n data: {\n useTypescriptOnServer,\n useTypescriptOnAdmin,\n isHostedOnStrapiCloud,\n numberOfAllContentTypes, // TODO: V5: This event should be renamed numberOfContentTypes in V5 as the name is already taken to describe the number of content types using i18n.\n numberOfComponents,\n numberOfDynamicZones: getNumberOfDynamicZones(),\n },\n } satisfies TelemetryProperties.Response;\n },\n\n async information() {\n const currentEnvironment: string = strapi.config.get('environment');\n const autoReload = strapi.config.get('autoReload', false);\n const strapiVersion = strapi.config.get('info.strapi', null);\n const dependencies = strapi.config.get('info.dependencies', {});\n const projectId = strapi.config.get('uuid', null);\n const nodeVersion = process.version;\n const communityEdition = !strapi.EE;\n const useYarn: boolean = await exists(path.join(process.cwd(), 'yarn.lock'));\n\n return {\n data: {\n currentEnvironment,\n autoReload,\n strapiVersion,\n dependencies,\n projectId,\n nodeVersion,\n communityEdition,\n useYarn,\n },\n } satisfies Information.Response;\n },\n\n async plugins(ctx: Context) {\n const enabledPlugins = strapi.config.get('enabledPlugins') as any;\n\n // List of core plugins that are always enabled,\n // and so it's not necessary to display them in the plugins list\n const CORE_PLUGINS = [\n 'content-manager',\n 'content-type-builder',\n 'email',\n 'upload',\n 'i18n',\n 'content-releases',\n 'review-workflows',\n ];\n\n const plugins = Object.entries(enabledPlugins)\n .filter(([key]: any) => !CORE_PLUGINS.includes(key))\n .map(([key, plugin]: any) => ({\n name: plugin.info.name \|\| key,\n displayName: plugin.info.displayName \|\| plugin.info.name \|\| key,\n description: plugin.info.description \|\| '',\n packageName: plugin.info.packageName,\n }));\n\n ctx.send({ plugins }) satisfies Plugins.Response;\n },\n};\n","import { yup, validateYupSchema } from '@strapi/utils';\nimport constants from '../services/constants';\n\nconst apiTokenCreationSchema = yup\n .object()\n .shape({\n name: yup.string().min(1).required(),\n description: yup.string().optional(),\n type: yup.string().oneOf(Object.values(constants.API_TOKEN_TYPE)).required(),\n permissions: yup.array().of(yup.string()).nullable(),\n lifespan: yup.number().min(1).oneOf(Object.values(constants.API_TOKEN_LIFESPANS)).nullable(),\n })\n .noUnknown()\n .strict();\n\nconst apiTokenUpdateSchema = yup\n .object()\n .shape({\n name: yup.string().min(1).notNull(),\n description: yup.string().nullable(),\n type: yup.string().oneOf(Object.values(constants.API_TOKEN_TYPE)).notNull(),\n permissions: yup.array().of(yup.string()).nullable(),\n })\n .noUnknown()\n .strict();\n\nexport const validateApiTokenCreationInput = validateYupSchema(apiTokenCreationSchema);\nexport const validateApiTokenUpdateInput = validateYupSchema(apiTokenUpdateSchema);\n\nexport default {\n validateApiTokenCreationInput,\n validateApiTokenUpdateInput,\n};\n","import type { Context } from 'koa';\n\nimport { strings, errors } from '@strapi/utils';\nimport { trim, has } from 'lodash/fp';\nimport { getService } from '../utils';\nimport {\n validateApiTokenCreationInput,\n validateApiTokenUpdateInput,\n} from '../validation/api-tokens';\n\nimport { Create, List, Revoke, Get, Update } from '../../../shared/contracts/api-token';\n\nconst { ApplicationError } = errors;\n\nexport default {\n async create(ctx: Context) {\n const { body } = ctx.request as Create.Request;\n const apiTokenService = getService('api-token');\n\n /\n We trim both field to avoid having issues with either:\n * - having a space at the end or start of the value.\n * - having only spaces as value;\n /\n const attributes = {\n name: trim(body.name),\n description: trim(body.description),\n type: body.type,\n permissions: body.permissions,\n lifespan: body.lifespan,\n };\n\n await validateApiTokenCreationInput(attributes);\n\n const alreadyExists = await apiTokenService.exists({ name: attributes.name });\n if (alreadyExists) {\n throw new ApplicationError('Name already taken');\n }\n\n const apiToken = await apiTokenService.create(attributes);\n ctx.created({ data: apiToken } satisfies Create.Response);\n },\n\n async regenerate(ctx: Context) {\n const { id } = ctx.params;\n const apiTokenService = getService('api-token');\n\n const apiTokenExists = await apiTokenService.getById(id);\n if (!apiTokenExists) {\n ctx.notFound('API Token not found');\n return;\n }\n\n const accessToken = await apiTokenService.regenerate(id);\n\n ctx.created({ data: accessToken });\n },\n\n async list(ctx: Context) {\n const apiTokenService = getService('api-token');\n const apiTokens = await apiTokenService.list();\n\n ctx.send({ data: apiTokens } satisfies List.Response);\n },\n\n async revoke(ctx: Context) {\n const { id } = ctx.params as Revoke.Params;\n const apiTokenService = getService('api-token');\n const apiToken = await apiTokenService.revoke(id);\n\n ctx.deleted({ data: apiToken } satisfies Revoke.Response);\n },\n\n async get(ctx: Context) {\n const { id } = ctx.params;\n const apiTokenService = getService('api-token');\n const apiToken = await apiTokenService.getById(id);\n\n if (!apiToken) {\n ctx.notFound('API Token not found');\n return;\n }\n\n ctx.send({ data: apiToken } satisfies Get.Response);\n },\n\n async update(ctx: Context) {\n const { body } = ctx.request as Update.Request;\n const { id } = ctx.params as Update.Params;\n const apiTokenService = getService('api-token');\n\n const attributes = body;\n /\n We trim both field to avoid having issues with either:\n * - having a space at the end or start of the value.\n * - having only spaces as value;\n /\n if (has('name', attributes)) {\n attributes.name = trim(body.name);\n }\n\n if (has('description', attributes) \|\| attributes.description === null) {\n attributes.description = trim(body.description);\n }\n\n await validateApiTokenUpdateInput(attributes);\n\n const apiTokenExists = await apiTokenService.getById(id);\n if (!apiTokenExists) {\n return ctx.notFound('API Token not found');\n }\n\n if (has('name', attributes)) {\n const nameAlreadyTaken = await apiTokenService.getByName(attributes.name);\n\n /\n We cast the ids as string as the one coming from the ctx isn't cast\n * as a Number in case it is supposed to be an integer. It remains\n * as a string. This way we avoid issues with integers in the db.\n /\n if (!!nameAlreadyTaken && !strings.isEqual(nameAlreadyTaken.id, id)) {\n throw new ApplicationError('Name already taken');\n }\n }\n\n const apiToken = await apiTokenService.update(id, attributes);\n ctx.send({ data: apiToken } satisfies Update.Response);\n },\n\n async getLayout(ctx: Context) {\n const apiTokenService = getService('api-token');\n // TODO\n // @ts-expect-error remove this controller if not used\n const layout = await apiTokenService.getApiTokenLayout();\n\n ctx.send({ data: layout });\n },\n};\n","import { isUndefined } from 'lodash/fp';\nimport { yup, validateYupSchema } from '@strapi/utils';\nimport validators from './common-validators';\n\nconst userCreationSchema = yup\n .object()\n .shape({\n email: validators.email.required(),\n firstname: validators.firstname.required(),\n lastname: validators.lastname,\n roles: validators.roles.min(1),\n preferedLanguage: yup.string().nullable(),\n })\n .noUnknown();\n\nconst profileUpdateSchema = yup\n .object()\n .shape({\n email: validators.email.notNull(),\n firstname: validators.firstname.notNull(),\n lastname: validators.lastname.nullable(),\n username: validators.username.nullable(),\n password: validators.password.notNull(),\n currentPassword: yup\n .string()\n .when('password', (password: string, schema: any) =>\n !isUndefined(password) ? schema.required() : schema\n )\n .notNull(),\n preferedLanguage: yup.string().nullable(),\n })\n .noUnknown();\n\nconst userUpdateSchema = yup\n .object()\n .shape({\n email: validators.email.notNull(),\n firstname: validators.firstname.notNull(),\n lastname: validators.lastname.nullable(),\n username: validators.username.nullable(),\n password: validators.password.notNull(),\n isActive: yup.bool().notNull(),\n roles: validators.roles.min(1).notNull(),\n })\n .noUnknown();\n\nconst usersDeleteSchema = yup\n .object()\n .shape({\n ids: yup.array().of(yup.strapiID()).min(1).required(),\n })\n .noUnknown();\n\nexport const validateUserCreationInput = validateYupSchema(userCreationSchema);\nexport const validateProfileUpdateInput = validateYupSchema(profileUpdateSchema);\nexport const validateUserUpdateInput = validateYupSchema(userUpdateSchema);\nexport const validateUsersDeleteInput = validateYupSchema(usersDeleteSchema);\nexport const schemas = {\n userCreationSchema,\n usersDeleteSchema,\n userUpdateSchema,\n};\n\nexport default {\n validateUserCreationInput,\n validateProfileUpdateInput,\n validateUserUpdateInput,\n validateUsersDeleteInput,\n schemas,\n};\n","import type { Context } from 'koa';\nimport type { AdminUser } from '../../../shared/contracts/shared';\n\nimport { getService } from '../utils';\nimport { validateProfileUpdateInput } from '../validation/user';\nimport { GetMe, GetOwnPermissions, UpdateMe } from '../../../shared/contracts/users';\n\nexport default {\n async getMe(ctx: Context) {\n const userInfo = getService('user').sanitizeUser(ctx.state.user as AdminUser);\n\n ctx.body = {\n data: userInfo,\n } satisfies GetMe.Response;\n },\n\n async updateMe(ctx: Context) {\n const input = ctx.request.body as UpdateMe.Request['body'];\n\n await validateProfileUpdateInput(input);\n\n const userService = getService('user');\n const authServer = getService('auth');\n\n const { currentPassword, ...userInfo } = input;\n\n if (currentPassword && userInfo.password) {\n const isValid = await authServer.validatePassword(currentPassword, ctx.state.user.password);\n\n if (!isValid) {\n // @ts-expect-error - refactor ctx bad request to take a second argument\n return ctx.badRequest('ValidationError', {\n currentPassword: ['Invalid credentials'],\n });\n }\n }\n\n const updatedUser = await userService.updateById(ctx.state.user.id, userInfo);\n\n ctx.body = {\n data: userService.sanitizeUser(updatedUser),\n } satisfies UpdateMe.Response;\n },\n\n async getOwnPermissions(ctx: Context) {\n const { findUserPermissions, sanitizePermission } = getService('permission');\n const { user } = ctx.state;\n\n const userPermissions = await findUserPermissions(user as AdminUser);\n\n ctx.body = {\n // @ts-expect-error - transform response type to sanitized permission\n data: userPermissions.map(sanitizePermission),\n } satisfies GetOwnPermissions.Response;\n },\n};\n","import { yup, validateYupSchema } from '@strapi/utils';\nimport validators from '../common-validators';\n\nconst registrationSchema = yup\n .object()\n .shape({\n registrationToken: yup.string().required(),\n userInfo: yup\n .object()\n .shape({\n firstname: validators.firstname.required(),\n lastname: validators.lastname.nullable(),\n password: validators.password.required(),\n })\n .required()\n .noUnknown(),\n })\n .noUnknown();\n\nconst registrationInfoQuerySchema = yup\n .object()\n .shape({\n registrationToken: yup.string().required(),\n })\n .required()\n .noUnknown();\n\nconst adminRegistrationSchema = yup\n .object()\n .shape({\n email: validators.email.required(),\n firstname: validators.firstname.required(),\n lastname: validators.lastname.nullable(),\n password: validators.password.required(),\n })\n .required()\n .noUnknown();\n\nexport const validateRegistrationInput = validateYupSchema(registrationSchema);\nexport const validateRegistrationInfoQuery = validateYupSchema(registrationInfoQuerySchema);\nexport const validateAdminRegistrationInput = validateYupSchema(adminRegistrationSchema);\n\nexport default {\n validateRegistrationInput,\n validateRegistrationInfoQuery,\n validateAdminRegistrationInput,\n};\n","import { yup, validateYupSchema } from '@strapi/utils';\nimport validators from '../common-validators';\n\nconst forgotPasswordSchema = yup\n .object()\n .shape({\n email: validators.email.required(),\n })\n .required()\n .noUnknown();\n\nexport default validateYupSchema(forgotPasswordSchema);\n","import { yup, validateYupSchema } from '@strapi/utils';\nimport validators from '../common-validators';\n\nconst resetPasswordSchema = yup\n .object()\n .shape({\n resetPasswordToken: yup.string().required(),\n password: validators.password.required(),\n })\n .required()\n .noUnknown();\n\nexport default validateYupSchema(resetPasswordSchema);\n","import { yup, validateYupSchema } from '@strapi/utils';\n\nconst renewToken = yup.object().shape({ token: yup.string().required() }).required().noUnknown();\n\nexport default validateYupSchema(renewToken);\n","import type { Context, Next } from 'koa';\nimport passport from 'koa-passport';\nimport compose from 'koa-compose';\nimport '@strapi/types';\nimport { errors } from '@strapi/utils';\nimport { getService } from '../utils';\nimport {\n validateRegistrationInput,\n validateAdminRegistrationInput,\n validateRegistrationInfoQuery,\n validateForgotPasswordInput,\n validateResetPasswordInput,\n validateRenewTokenInput,\n} from '../validation/authentication';\n\nimport type {\n ForgotPassword,\n Login,\n Register,\n RegistrationInfo,\n RenewToken,\n ResetPassword,\n} from '../../../shared/contracts/authentication';\nimport { AdminUser } from '../../../shared/contracts/shared';\n\nconst { ApplicationError, ValidationError } = errors;\n\nexport default {\n login: compose([\n (ctx: Context, next: Next) => {\n return passport.authenticate('local', { session: false }, (err, user, info) => {\n if (err) {\n strapi.eventHub.emit('admin.auth.error', { error: err, provider: 'local' });\n // if this is a recognized error, allow it to bubble up to user\n if (err.details?.code === 'LOGIN_NOT_ALLOWED') {\n throw err;\n }\n\n // for all other errors throw a generic error to prevent leaking info\n return ctx.notImplemented();\n }\n\n if (!user) {\n strapi.eventHub.emit('admin.auth.error', {\n error: new Error(info.message),\n provider: 'local',\n });\n throw new ApplicationError(info.message);\n }\n\n const query = ctx.state as Login.Request['query'];\n query.user = user;\n\n const sanitizedUser = getService('user').sanitizeUser(user);\n strapi.eventHub.emit('admin.auth.success', { user: sanitizedUser, provider: 'local' });\n\n return next();\n })(ctx, next);\n },\n (ctx: Context) => {\n const { user } = ctx.state as { user: AdminUser };\n\n ctx.body = {\n data: {\n token: getService('token').createJwtToken(user),\n user: getService('user').sanitizeUser(ctx.state.user), // TODO: fetch more detailed info\n },\n } satisfies Login.Response;\n },\n ]),\n\n async renewToken(ctx: Context) {\n await validateRenewTokenInput(ctx.request.body);\n\n const { token } = ctx.request.body as RenewToken.Request['body'];\n\n const { isValid, payload } = getService('token').decodeJwtToken(token);\n\n if (!isValid) {\n throw new ValidationError('Invalid token');\n }\n\n ctx.body = {\n data: {\n token: getService('token').createJwtToken({ id: payload.id }),\n },\n } satisfies RenewToken.Response;\n },\n\n async registrationInfo(ctx: Context) {\n await validateRegistrationInfoQuery(ctx.request.query);\n\n const { registrationToken } = ctx.request.query as RegistrationInfo.Request['query'];\n\n const registrationInfo = await getService('user').findRegistrationInfo(registrationToken);\n\n if (!registrationInfo) {\n throw new ValidationError('Invalid registrationToken');\n }\n\n ctx.body = { data: registrationInfo } satisfies RegistrationInfo.Response;\n },\n\n async register(ctx: Context) {\n const input = ctx.request.body as Register.Request['body'];\n\n await validateRegistrationInput(input);\n\n const user = await getService('user').register(input);\n\n ctx.body = {\n data: {\n token: getService('token').createJwtToken(user),\n user: getService('user').sanitizeUser(user),\n },\n } satisfies Register.Response;\n },\n\n async registerAdmin(ctx: Context) {\n const input = ctx.request.body as Register.Request['body'];\n\n await validateAdminRegistrationInput(input);\n\n const hasAdmin = await getService('user').exists();\n\n if (hasAdmin) {\n throw new ApplicationError('You cannot register a new super admin');\n }\n\n const superAdminRole = await getService('role').getSuperAdmin();\n\n if (!superAdminRole) {\n throw new ApplicationError(\n \"Cannot register the first admin because the super admin role doesn't exist.\"\n );\n }\n\n const user = await getService('user').create({\n ...input,\n registrationToken: null,\n isActive: true,\n roles: superAdminRole ? [superAdminRole.id] : [],\n });\n\n strapi.telemetry.send('didCreateFirstAdmin');\n\n ctx.body = {\n data: {\n token: getService('token').createJwtToken(user),\n user: getService('user').sanitizeUser(user),\n },\n };\n },\n\n async forgotPassword(ctx: Context) {\n const input = ctx.request.body as ForgotPassword.Request['body'];\n\n await validateForgotPasswordInput(input);\n\n getService('auth').forgotPassword(input);\n\n ctx.status = 204;\n },\n\n async resetPassword(ctx: Context) {\n const input = ctx.request.body as ResetPassword.Request['body'];\n\n await validateResetPasswordInput(input);\n\n const user = await getService('auth').resetPassword(input);\n\n ctx.body = {\n data: {\n token: getService('token').createJwtToken(user),\n user: getService('user').sanitizeUser(user),\n },\n } satisfies ResetPassword.Response;\n },\n\n logout(ctx: Context) {\n const sanitizedUser = getService('user').sanitizeUser(ctx.state.user);\n strapi.eventHub.emit('admin.logout', { user: sanitizedUser });\n ctx.body = { data: {} };\n },\n};\n","import { pick, map } from 'lodash/fp';\n\n// visible fields for the API\nconst publicFields = ['id', 'displayName', 'category'];\n\nconst formatConditions = map(pick(publicFields));\n\nexport { formatConditions };\n","import type { Context } from 'koa';\nimport { validateCheckPermissionsInput } from '../validation/permission';\nimport { getService } from '../utils';\nimport { formatConditions } from './formatters';\nimport type { Action } from '../domain/action';\nimport type { GetAll, Check } from '../../../shared/contracts/permissions';\nimport { Condition } from '../domain/condition';\nimport { Permission } from '../../../shared/contracts/shared';\n\nexport default {\n /\n Check each permissions from `request.body.permissions` and returns an array of booleans\n * @param {KoaContext} ctx - koa context\n /\n async check(ctx: Context) {\n const { body: input } = ctx.request as Check.Request;\n const { userAbility } = ctx.state;\n\n await validateCheckPermissionsInput(input);\n\n const { engine } = getService('permission');\n\n const checkPermissionsFn = engine.checkMany(userAbility);\n\n ctx.body = {\n data: checkPermissionsFn(input.permissions as Permission[]),\n } satisfies Check.Response;\n },\n\n /\n Returns every permissions, in nested format\n * @param {KoaContext} ctx - koa context\n /\n async getAll(ctx: Context) {\n const { sectionsBuilder, actionProvider, conditionProvider } = getService('permission');\n\n const actions = actionProvider.values() as Action[];\n const conditions = conditionProvider.values() as Condition[];\n const sections = await sectionsBuilder.build(actions);\n\n ctx.body = {\n data: {\n // @ts-expect-error - refactor to use a proper type\n conditions: formatConditions(conditions),\n sections,\n },\n } satisfies GetAll.Response;\n },\n};\n","import { yup, validateYupSchema } from '@strapi/utils';\n\nconst roleCreateSchema = yup\n .object()\n .shape({\n name: yup.string().min(1).required(),\n description: yup.string().nullable(),\n })\n .noUnknown();\n\nconst rolesDeleteSchema = yup\n .object()\n .shape({\n ids: yup\n .array()\n .of(yup.strapiID())\n .min(1)\n .required()\n .test('roles-deletion-checks', 'Roles deletion checks have failed', async function (ids) {\n try {\n await strapi.service('admin::role').checkRolesIdForDeletion(ids);\n } catch (e) {\n // @ts-expect-error yup types\n return this.createError({ path: 'ids', message: e.message });\n }\n\n return true;\n }),\n })\n .noUnknown();\n\nconst roleDeleteSchema = yup\n .strapiID()\n .required()\n .test('no-admin-single-delete', 'Role deletion checks have failed', async function (id) {\n try {\n await strapi.service('admin::role').checkRolesIdForDeletion([id]);\n } catch (e) {\n // @ts-expect-error yup types\n return this.createError({ path: 'id', message: e.message });\n }\n\n return true;\n });\n\nconst roleUpdateSchema = yup\n .object()\n .shape({\n name: yup.string().min(1),\n description: yup.string().nullable(),\n })\n .noUnknown();\n\nexport const validateRoleCreateInput = validateYupSchema(roleCreateSchema);\nexport const validateRoleUpdateInput = validateYupSchema(roleUpdateSchema);\nexport const validateRolesDeleteInput = validateYupSchema(rolesDeleteSchema);\nexport const validateRoleDeleteInput = validateYupSchema(roleDeleteSchema);\n\nexport default {\n validateRoleUpdateInput,\n validateRoleCreateInput,\n validateRolesDeleteInput,\n validateRoleDeleteInput,\n};\n","import type { Context } from 'koa';\nimport { errors } from '@strapi/utils';\nimport {\n validateRoleUpdateInput,\n validateRoleCreateInput,\n validateRoleDeleteInput,\n validateRolesDeleteInput,\n} from '../validation/role';\nimport { validatedUpdatePermissionsInput } from '../validation/permission';\nimport constants from '../services/constants';\nimport { getService } from '../utils';\nimport type {\n Create,\n FindRoles,\n FindRole,\n Update,\n GetPermissions,\n UpdatePermissions,\n Delete,\n BatchDelete,\n} from '../../../shared/contracts/roles';\nimport { AdminRole } from '../../../shared/contracts/shared';\n\nconst { ApplicationError } = errors;\nconst { SUPER_ADMIN_CODE } = constants;\n\nexport default {\n /\n Create a new role\n * @param {KoaContext} ctx - koa context\n /\n async create(ctx: Context) {\n const { body } = ctx.request as Create.Request;\n await validateRoleCreateInput(body);\n\n const roleService = getService('role');\n\n const role = await roleService.create(body);\n const sanitizedRole = roleService.sanitizeRole(role) as Omit<AdminRole, 'users' \| 'permission'>;\n\n ctx.created({ data: sanitizedRole } satisfies Create.Response);\n },\n\n /\n Returns on role by id\n * @param {KoaContext} ctx - koa context\n /\n async findOne(ctx: Context) {\n const { id } = ctx.params as FindRole.Request['params'];\n const role = await getService('role').findOneWithUsersCount({ id });\n\n if (!role) {\n return ctx.notFound('role.notFound');\n }\n\n ctx.body = {\n data: role,\n } satisfies FindRole.Response;\n },\n\n /\n Returns every roles\n * @param {KoaContext} ctx - koa context\n /\n async findAll(ctx: Context) {\n const { query } = ctx.request as FindRoles.Request;\n\n const permissionsManager = getService('permission').createPermissionsManager({\n ability: ctx.state.userAbility,\n model: 'admin::role',\n });\n\n await permissionsManager.validateQuery(query);\n const sanitizedQuery = await permissionsManager.sanitizeQuery(query);\n\n const roles = await getService('role').findAllWithUsersCount(sanitizedQuery);\n\n ctx.body = {\n data: roles,\n } satisfies FindRoles.Response;\n },\n\n /\n Updates a role by id\n * @param {KoaContext} ctx - koa context\n /\n async update(ctx: Context) {\n const { id } = ctx.params as Update.Request['params'];\n const { body } = ctx.request as Omit<Update.Request, 'params'>;\n\n const roleService = getService('role');\n\n await validateRoleUpdateInput(body);\n\n const role = await roleService.findOne({ id });\n\n if (!role) {\n return ctx.notFound('role.notFound');\n }\n\n if (role.code === SUPER_ADMIN_CODE) {\n throw new ApplicationError(\"Super admin can't be edited.\");\n }\n\n const updatedRole = await roleService.update({ id }, body);\n const sanitizedRole = roleService.sanitizeRole(updatedRole) as Omit<\n AdminRole,\n 'users' \| 'permission'\n >;\n\n ctx.body = {\n data: sanitizedRole,\n } satisfies Update.Response;\n },\n\n /\n Returns the permissions assigned to a role\n * @param {KoaContext} ctx - koa context\n /\n async getPermissions(ctx: Context) {\n const { id } = ctx.params as GetPermissions.Request['params'];\n\n const roleService = getService('role');\n const permissionService = getService('permission');\n\n const role = await roleService.findOne({ id });\n\n if (!role) {\n return ctx.notFound('role.notFound');\n }\n\n const permissions = await permissionService.findMany({ where: { role: { id: role.id } } });\n\n const sanitizedPermissions = permissions.map(permissionService.sanitizePermission);\n\n ctx.body = {\n // @ts-expect-error - transform response type to sanitized permission\n data: sanitizedPermissions,\n } satisfies GetPermissions.Response;\n },\n\n /\n Updates the permissions assigned to a role\n * @param {KoaContext} ctx - koa context\n /\n async updatePermissions(ctx: Context) {\n const { id } = ctx.params as UpdatePermissions.Request['params'];\n const { body: input } = ctx.request as Omit<UpdatePermissions.Request, 'params'>;\n\n const roleService = getService('role');\n const permissionService = getService('permission');\n\n const role = await roleService.findOne({ id });\n\n if (!role) {\n return ctx.notFound('role.notFound');\n }\n\n if (role.code === SUPER_ADMIN_CODE) {\n throw new ApplicationError(\"Super admin permissions can't be edited.\");\n }\n\n await validatedUpdatePermissionsInput(input);\n\n if (!role) {\n return ctx.notFound('role.notFound');\n }\n\n const permissions = await roleService.assignPermissions(role.id, input.permissions);\n\n const sanitizedPermissions = permissions.map(permissionService.sanitizePermission);\n\n ctx.body = {\n data: sanitizedPermissions,\n } satisfies UpdatePermissions.Response;\n },\n\n /\n Delete a role\n * @param {KoaContext} ctx - koa context\n /\n async deleteOne(ctx: Context) {\n const { id } = ctx.params as Delete.Request['params'];\n\n await validateRoleDeleteInput(id);\n\n const roleService = getService('role');\n\n const roles = await roleService.deleteByIds([id]);\n\n const sanitizedRole = roles.map((role) => roleService.sanitizeRole(role))[0] \|\| null;\n\n return ctx.deleted({\n data: sanitizedRole,\n } satisfies Delete.Response);\n },\n\n /\n delete several roles\n * @param {KoaContext} ctx - koa context\n /\n async deleteMany(ctx: Context) {\n const { body } = ctx.request as BatchDelete.Request;\n\n await validateRolesDeleteInput(body);\n\n const roleService = getService('role');\n\n const roles = await roleService.deleteByIds(body.ids);\n const sanitizedRoles = roles.map(roleService.sanitizeRole);\n\n return ctx.deleted({\n data: sanitizedRoles,\n } satisfies BatchDelete.Response);\n },\n};\n","import { Context } from 'koa';\n\nimport { strapi as dataTransferStrapi } from '@strapi/data-transfer';\nimport { errors } from '@strapi/utils';\nimport dataTransferAuthStrategy from '../../strategies/data-transfer';\n\nconst {\n remote: {\n handlers: { createPushController, createPullController },\n },\n} = dataTransferStrapi;\n\nconst { UnauthorizedError } = errors;\n\n/\n @param ctx the koa context\n * @param scope the scope to verify\n /\nconst verify = async (ctx: Context, scope?: dataTransferStrapi.remote.constants.TransferMethod) => {\n const { auth } = ctx.state;\n\n if (!auth) {\n throw new UnauthorizedError();\n }\n\n await dataTransferAuthStrategy.verify(auth, { scope });\n};\n\nexport const push = createPushController({ verify });\nexport const pull = createPullController({ verify });\n\nexport default {\n push,\n pull,\n};\n","import { yup, validateYupSchema } from '@strapi/utils';\nimport constants from '../../services/constants';\n\nconst transferTokenCreationSchema = yup\n .object()\n .shape({\n name: yup.string().min(1).required(),\n description: yup.string().optional(),\n permissions: yup\n .array()\n .min(1)\n .of(yup.string().oneOf(Object.values(constants.TRANSFER_TOKEN_TYPE)))\n .required(),\n lifespan: yup\n .number()\n .min(1)\n .oneOf(Object.values(constants.TRANSFER_TOKEN_LIFESPANS))\n .nullable(),\n })\n .noUnknown()\n .strict();\n\nconst transferTokenUpdateSchema = yup\n .object()\n .shape({\n name: yup.string().min(1).notNull(),\n description: yup.string().nullable(),\n permissions: yup\n .array()\n .min(1)\n .of(yup.string().oneOf(Object.values(constants.TRANSFER_TOKEN_TYPE)))\n .nullable(),\n })\n .noUnknown()\n .strict();\n\nexport const validateTransferTokenCreationInput = validateYupSchema(transferTokenCreationSchema);\nexport const validateTransferTokenUpdateInput = validateYupSchema(transferTokenUpdateSchema);\n\nexport default {\n validateTransferTokenCreationInput,\n validateTransferTokenUpdateInput,\n};\n","import { Context } from 'koa';\nimport { trim, has } from 'lodash/fp';\nimport { errors, strings } from '@strapi/utils';\nimport { getService } from '../../utils';\nimport { token } from '../../validation/transfer';\n\nimport type {\n TokenCreate,\n TokenGetById,\n TokenList,\n TokenRegenerate,\n TokenRevoke,\n TokenUpdate,\n} from '../../../../shared/contracts/transfer';\n\nconst { ApplicationError } = errors;\n\nconst { validateTransferTokenCreationInput, validateTransferTokenUpdateInput } = token;\n\nexport default {\n async list(ctx: Context) {\n const transferService = getService('transfer');\n const transferTokens = await transferService.token.list();\n\n ctx.body = { data: transferTokens } satisfies TokenList.Response;\n },\n\n async getById(ctx: Context) {\n const { id } = ctx.params as TokenGetById.Params;\n const tokenService = getService('transfer').token;\n\n const transferToken = await tokenService.getById(id);\n\n if (!transferToken) {\n ctx.notFound('Transfer token not found');\n return;\n }\n\n ctx.body = { data: transferToken } satisfies TokenGetById.Response;\n },\n\n async create(ctx: Context) {\n const { body } = ctx.request as TokenCreate.Request;\n const { token: tokenService } = getService('transfer');\n\n /\n We trim fields to avoid having issues with either:\n * - having a space at the end or start of the value\n * - having only spaces as value (so that an empty field can be caught in validation)\n /\n const attributes = {\n name: trim(body.name),\n description: trim(body.description),\n permissions: body.permissions,\n lifespan: body.lifespan,\n };\n\n await validateTransferTokenCreationInput(attributes);\n\n const alreadyExists = await tokenService.exists({ name: attributes.name });\n if (alreadyExists) {\n throw new ApplicationError('Name already taken');\n }\n\n const transferTokens = await tokenService.create(attributes);\n\n ctx.created({ data: transferTokens } satisfies TokenCreate.Response);\n },\n\n async update(ctx: Context) {\n const { body } = ctx.request as TokenUpdate.Request;\n const { id } = ctx.params as TokenUpdate.Params;\n const { token: tokenService } = getService('transfer');\n\n const attributes = body;\n /\n We trim fields to avoid having issues with either:\n * - having a space at the end or start of the value\n * - having only spaces as value (so that an empty field can be caught in validation)\n /\n if (has('name', attributes)) {\n attributes.name = trim(body.name);\n }\n\n if (has('description', attributes) \|\| attributes.description === null) {\n attributes.description = trim(body.description);\n }\n\n await validateTransferTokenUpdateInput(attributes);\n\n const apiTokenExists = await tokenService.getById(id);\n if (!apiTokenExists) {\n return ctx.notFound('Transfer token not found');\n }\n\n if (has('name', attributes)) {\n const nameAlreadyTaken = await tokenService.getByName(attributes.name);\n\n /\n We cast the ids as string as the one coming from the ctx isn't cast\n * as a Number in case it is supposed to be an integer. It remains\n * as a string. This way we avoid issues with integers in the db.\n /\n if (!!nameAlreadyTaken && !strings.isEqual(nameAlreadyTaken.id, id)) {\n throw new ApplicationError('Name already taken');\n }\n }\n\n const apiToken = await tokenService.update(id, attributes);\n\n ctx.body = { data: apiToken } satisfies TokenUpdate.Response;\n },\n\n async revoke(ctx: Context) {\n const { id } = ctx.params as TokenRevoke.Params;\n const { token: tokenService } = getService('transfer');\n\n const transferToken = await tokenService.revoke(id);\n\n ctx.deleted({ data: transferToken } satisfies TokenRevoke.Response);\n },\n\n async regenerate(ctx: Context) {\n const { id } = ctx.params as TokenRegenerate.Params;\n const { token: tokenService } = getService('transfer');\n\n const exists = await tokenService.getById(id);\n if (!exists) {\n ctx.notFound('Transfer token not found');\n return;\n }\n\n const accessToken = await tokenService.regenerate(id);\n\n ctx.created({ data: accessToken } satisfies TokenRegenerate.Response);\n },\n};\n","import { mapKeys } from 'lodash/fp';\nimport runner from './runner';\nimport token from './token';\n\nconst prefixActionsName = (prefix: string, dict: any) => mapKeys((key) => `${prefix}-${key}`, dict);\n\nexport default {\n ...prefixActionsName('runner', runner),\n ...prefixActionsName('token', token),\n};\n","import type { Context } from 'koa';\n\nimport as _ from 'lodash';\nimport { errors } from '@strapi/utils';\nimport {\n validateUserCreationInput,\n validateUserUpdateInput,\n validateUsersDeleteInput,\n} from '../validation/user';\nimport { getService } from '../utils';\nimport {\n Create,\n DeleteMany,\n DeleteOne,\n FindAll,\n FindOne,\n Update,\n} from '../../../shared/contracts/user';\nimport { AdminUser } from '../../../shared/contracts/shared';\n\nconst { ApplicationError } = errors;\n\nexport default {\n async create(ctx: Context) {\n const { body } = ctx.request as Create.Request;\n const cleanData = { ...body, email: _.get(body, `email`, ``).toLowerCase() };\n\n await validateUserCreationInput(cleanData);\n\n const attributes = _.pick(cleanData, [\n 'firstname',\n 'lastname',\n 'email',\n 'roles',\n 'preferedLanguage',\n ]);\n\n const userAlreadyExists = await getService('user').exists({\n email: attributes.email,\n });\n\n if (userAlreadyExists) {\n throw new ApplicationError('Email already taken');\n }\n\n const createdUser = await getService('user').create(attributes);\n\n const userInfo = getService('user').sanitizeUser(createdUser);\n\n // Note: We need to assign manually the registrationToken to the\n // final user payload so that it's not removed in the sanitation process.\n Object.assign(userInfo, { registrationToken: createdUser.registrationToken });\n\n // Send 201 created\n ctx.created({ data: userInfo } satisfies Create.Response);\n },\n\n async find(ctx: Context) {\n const userService = getService('user');\n\n const permissionsManager = strapi.service('admin::permission').createPermissionsManager({\n ability: ctx.state.userAbility,\n model: 'admin::user',\n });\n\n await permissionsManager.validateQuery(ctx.query);\n const sanitizedQuery = await permissionsManager.sanitizeQuery(ctx.query);\n\n // @ts-expect-error update the service type\n const { results, pagination } = await userService.findPage(sanitizedQuery);\n\n ctx.body = {\n data: {\n results: results.map((user: AdminUser) => userService.sanitizeUser(user)),\n pagination,\n },\n } satisfies FindAll.Response;\n },\n\n async findOne(ctx: Context) {\n const { id } = ctx.params as FindOne.Params;\n\n const user = await getService('user').findOne(id);\n\n if (!user) {\n return ctx.notFound('User does not exist');\n }\n\n ctx.body = {\n data: getService('user').sanitizeUser(user as AdminUser),\n } as FindOne.Response;\n },\n\n async update(ctx: Context) {\n const { id } = ctx.params as Update.Params;\n const { body: input } = ctx.request as Update.Request;\n\n await validateUserUpdateInput(input);\n\n if (_.has(input, 'email')) {\n const uniqueEmailCheck = await getService('user').exists({\n id: { $ne: id },\n email: input.email,\n });\n\n if (uniqueEmailCheck) {\n throw new ApplicationError('A user with this email address already exists');\n }\n }\n\n const updatedUser = await getService('user').updateById(id, input);\n\n if (!updatedUser) {\n return ctx.notFound('User does not exist');\n }\n\n ctx.body = {\n data: getService('user').sanitizeUser(updatedUser),\n } satisfies Update.Response;\n },\n\n async deleteOne(ctx: Context) {\n const { id } = ctx.params as DeleteOne.Params;\n\n const deletedUser = await getService('user').deleteById(id);\n\n if (!deletedUser) {\n return ctx.notFound('User not found');\n }\n\n return ctx.deleted({\n data: getService('user').sanitizeUser(deletedUser),\n } satisfies DeleteOne.Response);\n },\n\n /*\n Delete several users\n * @param ctx - koa context\n /\n async deleteMany(ctx: Context) {\n const { body } = ctx.request as DeleteMany.Request;\n await validateUsersDeleteInput(body);\n\n const users = await getService('user').deleteByIds(body.ids);\n\n const sanitizedUsers = users.map(getService('user').sanitizeUser);\n\n return ctx.deleted({\n data: sanitizedUsers,\n } satisfies DeleteMany.Response);\n },\n};\n","import isLocalhostIp from 'is-localhost-ip';\n// Regular import references a deprecated node module,\n// See https://www.npmjs.com/package/punycode.js#installation\nimport punycode from 'punycode/';\nimport type { Context } from 'koa';\nimport _ from 'lodash';\n\nimport { yup, validateYupSchema } from '@strapi/utils';\n\nimport type { Modules } from '@strapi/types';\n\nimport {\n CreateWebhook,\n DeleteWebhook,\n DeleteWebhooks,\n GetWebhook,\n UpdateWebhook,\n TriggerWebhook,\n GetWebhooks,\n} from '../../../shared/contracts/webhooks';\n\nconst urlRegex =\n /^(?:([a-z0-9+.-]+):\\/\\/)(?:\\S+(?::\\S)?@)?(?:(?:[1-9]\\d?\|1\\d\\d\|2[01]\\d\|22[0-3])(?:\\.(?:1?\\d{1,2}\|2[0-4]\\d\|25[0-5])){2}(?:\\.(?:[1-9]\\d?\|1\\d\\d\|2[0-4]\\d\|25[0-4]))\|(?:(?:[a-z\\u00a1-\\uffff0-9_]-)[a-z\\u00a1-\\uffff0-9_]+)(?:\\.(?:[a-z\\u00a1-\\uffff0-9_]-)[a-z\\u00a1-\\uffff0-9_]+)\\.?)(?::\\d{2,5})?(?:[/?#]\\S)?$/;\n\nconst webhookValidator = yup\n .object({\n name: yup.string().required(),\n url: yup\n .string()\n .matches(urlRegex, 'url must be a valid URL')\n .required()\n .test(\n 'is-public-url',\n \"Url is not supported because it isn't reachable over the public internet\",\n async (url) => {\n if (process.env.NODE_ENV !== 'production') {\n return true;\n }\n\n try {\n const parsedUrl = new URL(punycode.toASCII(url!));\n const isLocalUrl = await isLocalhostIp(parsedUrl.hostname);\n return !isLocalUrl;\n } catch {\n return false;\n }\n }\n ),\n headers: yup.lazy((data) => {\n if (typeof data !== 'object') {\n return yup.object().required();\n }\n\n return yup\n .object(\n // @ts-expect-error lodash types\n _.mapValues(data, () => {\n yup.string().min(1).required();\n })\n )\n .required();\n }),\n events: yup.array().of(yup.string()).required(),\n })\n .noUnknown();\n\nconst updateWebhookValidator = webhookValidator.shape({\n isEnabled: yup.boolean(),\n});\n\nexport default {\n async listWebhooks(ctx: Context) {\n const webhooks = await strapi.get('webhookStore').findWebhooks();\n ctx.send({ data: webhooks } satisfies GetWebhooks.Response);\n },\n\n async getWebhook(ctx: Context) {\n const { id } = ctx.params;\n const webhook = await strapi.get('webhookStore').findWebhook(id);\n\n if (!webhook) {\n return ctx.notFound('webhook.notFound');\n }\n\n ctx.send({ data: webhook } satisfies GetWebhook.Response);\n },\n\n async createWebhook(ctx: Context) {\n const { body } = ctx.request as CreateWebhook.Request;\n\n await validateYupSchema(webhookValidator)(body);\n\n const webhook = await strapi.get('webhookStore').createWebhook(body);\n\n strapi.get('webhookRunner').add(webhook);\n\n ctx.created({ data: webhook } satisfies CreateWebhook.Response);\n },\n\n async updateWebhook(ctx: Context) {\n const { id } = ctx.params as UpdateWebhook.Params;\n const { body } = ctx.request as UpdateWebhook.Request;\n\n await validateYupSchema(updateWebhookValidator)(body);\n\n const webhook = await strapi.get('webhookStore').findWebhook(id);\n\n if (!webhook) {\n return ctx.notFound('webhook.notFound');\n }\n\n const updatedWebhook = await strapi.get('webhookStore').updateWebhook(id, {\n ...webhook,\n ...body,\n });\n\n if (!updatedWebhook) {\n return ctx.notFound('webhook.notFound');\n }\n\n strapi.get('webhookRunner').update(updatedWebhook);\n\n ctx.send({ data: updatedWebhook } satisfies UpdateWebhook.Response);\n },\n\n async deleteWebhook(ctx: Context) {\n const { id } = ctx.params;\n const webhook = await strapi.get('webhookStore').findWebhook(id);\n\n if (!webhook) {\n return ctx.notFound('webhook.notFound');\n }\n\n await strapi.get('webhookStore').deleteWebhook(id);\n\n strapi.get('webhookRunner').remove(webhook);\n\n ctx.body = { data: webhook } satisfies DeleteWebhook.Response;\n },\n\n async deleteWebhooks(ctx: Context) {\n const { ids } = ctx.request.body as DeleteWebhooks.Request['body'];\n\n if (!Array.isArray(ids) \|\| ids.length === 0) {\n return ctx.badRequest('ids must be an array of id');\n }\n\n for (const id of ids) {\n const webhook = await strapi.get('webhookStore').findWebhook(id);\n\n if (webhook) {\n await strapi.get('webhookStore').deleteWebhook(id);\n strapi.get('webhookRunner').remove(webhook);\n }\n }\n\n ctx.send({ data: ids } satisfies DeleteWebhooks.Response);\n },\n\n async triggerWebhook(ctx: Context) {\n const { id } = ctx.params;\n\n const webhook = await strapi.get('webhookStore').findWebhook(id);\n\n const response = await strapi\n .get('webhookRunner')\n .run(webhook as Modules.WebhookStore.Webhook, 'trigger-test', {});\n\n ctx.body = { data: response } satisfies TriggerWebhook.Response;\n },\n};\n","import type { Context } from 'koa';\nimport type { GetRoutes, GetPermissions } from '../../../shared/contracts/content-api';\nimport '@strapi/types';\n\nexport default {\n async getPermissions(ctx: Context) {\n const actionsMap = await strapi.contentAPI.permissions.getActionsMap();\n\n ctx.send({ data: actionsMap } satisfies GetPermissions.Response);\n },\n\n async getRoutes(ctx: Context) {\n const routesMap = await strapi.contentAPI.getRoutesMap();\n\n ctx.send({ data: routesMap } satisfies GetRoutes.Response);\n },\n};\n","import type {} from 'koa-body';\n\nimport admin from './admin';\nimport apiToken from './api-token';\nimport authenticatedUser from './authenticated-user';\nimport authentication from './authentication';\nimport permission from './permission';\nimport role from './role';\nimport transfer from './transfer';\nimport user from './user';\nimport webhooks from './webhooks';\nimport contentApi from './content-api';\n\nexport default {\n admin,\n 'api-token': apiToken,\n 'authenticated-user': authenticatedUser,\n authentication,\n permission,\n role,\n transfer,\n user,\n webhooks,\n 'content-api': contentApi,\n};\n","/*\n Lifecycle callbacks for the `Permission` model.\n /\n\nexport default {\n collectionName: 'admin_permissions',\n info: {\n name: 'Permission',\n description: '',\n singularName: 'permission',\n pluralName: 'permissions',\n displayName: 'Permission',\n },\n options: {},\n pluginOptions: {\n 'content-manager': {\n visible: false,\n },\n 'content-type-builder': {\n visible: false,\n },\n },\n attributes: {\n action: {\n type: 'string',\n minLength: 1,\n configurable: false,\n required: true,\n },\n actionParameters: {\n type: 'json',\n configurable: false,\n required: false,\n default: {},\n },\n subject: {\n type: 'string',\n minLength: 1,\n configurable: false,\n required: false,\n },\n properties: {\n type: 'json',\n configurable: false,\n required: false,\n default: {},\n },\n conditions: {\n type: 'json',\n configurable: false,\n required: false,\n default: [],\n },\n role: {\n configurable: false,\n type: 'relation',\n relation: 'manyToOne',\n inversedBy: 'permissions',\n target: 'admin::role',\n },\n },\n};\n","export default {\n collectionName: 'admin_users',\n info: {\n name: 'User',\n description: '',\n singularName: 'user',\n pluralName: 'users',\n displayName: 'User',\n },\n pluginOptions: {\n 'content-manager': {\n visible: false,\n },\n 'content-type-builder': {\n visible: false,\n },\n },\n attributes: {\n firstname: {\n type: 'string',\n unique: false,\n minLength: 1,\n configurable: false,\n required: false,\n },\n lastname: {\n type: 'string',\n unique: false,\n minLength: 1,\n configurable: false,\n required: false,\n },\n username: {\n type: 'string',\n unique: false,\n configurable: false,\n required: false,\n },\n email: {\n type: 'email',\n minLength: 6,\n configurable: false,\n required: true,\n unique: true,\n private: true,\n },\n password: {\n type: 'password',\n minLength: 6,\n configurable: false,\n required: false,\n private: true,\n searchable: false,\n },\n resetPasswordToken: {\n type: 'string',\n configurable: false,\n private: true,\n searchable: false,\n },\n registrationToken: {\n type: 'string',\n configurable: false,\n private: true,\n searchable: false,\n },\n isActive: {\n type: 'boolean',\n default: false,\n configurable: false,\n private: true,\n },\n roles: {\n configurable: false,\n private: true,\n type: 'relation',\n relation: 'manyToMany',\n inversedBy: 'users',\n target: 'admin::role',\n // FIXME: Allow setting this\n collectionName: 'strapi_users_roles',\n },\n blocked: {\n type: 'boolean',\n default: false,\n configurable: false,\n private: true,\n },\n preferedLanguage: {\n type: 'string',\n configurable: false,\n required: false,\n searchable: false,\n },\n },\n config: {\n attributes: {\n resetPasswordToken: {\n hidden: true,\n },\n registrationToken: {\n hidden: true,\n },\n },\n },\n};\n","/\n Lifecycle callbacks for the `Role` model.\n */\n\nexport default {\n collectionName: 'admin_roles',\n info: {\n name: 'Role',\n description: '',\n singularName: 'role',\n pluralName: 'roles',\n displayName: 'Role',\n },\n options: {},\n pluginOptions: {\n 'content-manager': {\n visible: false,\n },\n 'content-type-builder': {\n visible: false,\n },\n },\n attributes: {\n name: {\n type: 'string',\n minLength: 1,\n unique: true,\n configurable: false,\n required: true,\n },\n code: {\n type: 'string',\n minLength: 1,\n unique: true,\n configurable: false,\n required: true,\n },\n description: {\n type: 'string',\n configurable: false,\n },\n users: {\n configurable: false,\n type: 'relation',\n relation: 'manyToMany',\n mappedBy: 'roles',\n target: 'admin::user',\n },\n permissions: {\n configurable: false,\n type: 'relation',\n relation: 'oneToMany',\n mappedBy: 'role',\n target: 'admin::permission',\n },\n },\n};\n","import constants from '../services/constants';\n\nexport default {\n collectionName: 'strapi_api_tokens',\n info: {\n name: 'Api Token',\n singularName: 'api-token',\n pluralName: 'api-tokens',\n displayName: 'Api Token',\n description: '',\n },\n options: {},\n pluginOptions: {\n 'content-manager': {\n visible: false,\n },\n 'content-type-builder': {\n visible: false,\n },\n },\n attributes: {\n name: {\n type: 'string',\n minLength: 1,\n configurable: false,\n required: true,\n unique: true,\n },\n description: {\n type: 'string',\n minLength: 1,\n configurable: false,\n required: false,\n default: '',\n },\n type: {\n type: 'enumeration',\n enum: Object.values(constants.API_TOKEN_TYPE),\n configurable: false,\n required: true,\n default: constants.API_TOKEN_TYPE.READ_ONLY,\n },\n accessKey: {\n type: 'string',\n minLength: 1,\n configurable: false,\n required: true,\n searchable: false,\n },\n lastUsedAt: {\n type: 'datetime',\n configurable: false,\n required: false,\n },\n permissions: {\n type: 'relation',\n target: 'admin::api-token-permission',\n relation: 'oneToMany',\n mappedBy: 'token',\n configurable: false,\n required: false,\n },\n expiresAt: {\n type: 'datetime',\n configurable: false,\n required: false,\n },\n lifespan: {\n type: 'biginteger',\n configurable: false,\n required: false,\n },\n },\n};\n","export default {\n collectionName: 'strapi_api_token_permissions',\n info: {\n name: 'API Token Permission',\n description: '',\n singularName: 'api-token-permission',\n pluralName: 'api-token-permissions',\n displayName: 'API Token Permission',\n },\n options: {},\n pluginOptions: {\n 'content-manager': {\n visible: false,\n },\n 'content-type-builder': {\n visible: false,\n },\n },\n attributes: {\n action: {\n type: 'string',\n minLength: 1,\n configurable: false,\n required: true,\n },\n token: {\n configurable: false,\n type: 'relation',\n relation: 'manyToOne',\n inversedBy: 'permissions',\n target: 'admin::api-token',\n },\n },\n};\n","export default {\n collectionName: 'strapi_transfer_tokens',\n info: {\n name: 'Transfer Token',\n singularName: 'transfer-token',\n pluralName: 'transfer-tokens',\n displayName: 'Transfer Token',\n description: '',\n },\n options: {},\n pluginOptions: {\n 'content-manager': {\n visible: false,\n },\n 'content-type-builder': {\n visible: false,\n },\n },\n attributes: {\n name: {\n type: 'string',\n minLength: 1,\n configurable: false,\n required: true,\n unique: true,\n },\n description: {\n type: 'string',\n minLength: 1,\n configurable: false,\n required: false,\n default: '',\n },\n accessKey: {\n type: 'string',\n minLength: 1,\n configurable: false,\n required: true,\n },\n lastUsedAt: {\n type: 'datetime',\n configurable: false,\n required: false,\n },\n permissions: {\n type: 'relation',\n target: 'admin::transfer-token-permission',\n relation: 'oneToMany',\n mappedBy: 'token',\n configurable: false,\n required: false,\n },\n expiresAt: {\n type: 'datetime',\n configurable: false,\n required: false,\n },\n lifespan: {\n type: 'biginteger',\n configurable: false,\n required: false,\n },\n },\n};\n","export default {\n collectionName: 'strapi_transfer_token_permissions',\n info: {\n name: 'Transfer Token Permission',\n description: '',\n singularName: 'transfer-token-permission',\n pluralName: 'transfer-token-permissions',\n displayName: 'Transfer Token Permission',\n },\n options: {},\n pluginOptions: {\n 'content-manager': {\n visible: false,\n },\n 'content-type-builder': {\n visible: false,\n },\n },\n attributes: {\n action: {\n type: 'string',\n minLength: 1,\n configurable: false,\n required: true,\n },\n token: {\n configurable: false,\n type: 'relation',\n relation: 'manyToOne',\n inversedBy: 'permissions',\n target: 'admin::transfer-token',\n },\n },\n};\n","import Permission from './Permission';\nimport User from './User';\nimport Role from './Role';\nimport apiToken from './api-token';\nimport apiTokenPermission from './api-token-permission';\nimport transferToken from './transfer-token';\nimport transferTokenPermission from './transfer-token-permission';\n\nexport default {\n permission: { schema: Permission },\n user: { schema: User },\n role: { schema: Role },\n 'api-token': { schema: apiToken },\n 'api-token-permission': { schema: apiTokenPermission },\n 'transfer-token': { schema: transferToken },\n 'transfer-token-permission': { schema: transferTokenPermission },\n};\n","import type { Context, Next } from 'koa';\nimport path from 'path';\nimport utils from '@strapi/utils';\nimport { isString, has, toLower, get } from 'lodash/fp';\nimport type { Core } from '@strapi/types';\n\nconst { RateLimitError } = utils.errors;\n\nexport default (config: any, { strapi }: { strapi: Core.Strapi }) =>\n async (ctx: Context, next: Next) => {\n let rateLimitConfig = strapi.config.get('admin.rateLimit') as any;\n\n if (!rateLimitConfig) {\n rateLimitConfig = {\n enabled: true,\n };\n }\n\n if (!has('enabled', rateLimitConfig)) {\n rateLimitConfig.enabled = true;\n }\n\n if (rateLimitConfig.enabled === true) {\n // TODO: TS - Do the dynamic import\n // eslint-disable-next-line @typescript-eslint/no-var-requires\n const rateLimit = require('koa2-ratelimit').RateLimit;\n\n const requestEmail = get('request.body.email')(ctx);\n const userEmail = isString(requestEmail) ? requestEmail.toLowerCase() : 'unknownEmail';\n\n const requestPath = isString(ctx.request.path)\n ? toLower(path.normalize(ctx.request.path)).replace(/\\/$/, '')\n : 'invalidPath';\n\n const loadConfig = {\n interval: { min: 5 },\n max: 5,\n prefixKey: `${userEmail}:${requestPath}:${ctx.request.ip}`,\n handler() {\n throw new RateLimitError();\n },\n ...rateLimitConfig,\n ...config,\n };\n\n return rateLimit.middleware(loadConfig)(ctx, next);\n }\n\n return next();\n };\n","import type { Context, Next } from 'koa';\n\nimport { getService } from '../utils';\n\nexport default () => async (ctx: Context, next: Next) => {\n const transferUtils = getService('transfer').utils;\n\n const { hasValidTokenSalt, isRemoteTransferEnabled } = transferUtils;\n\n // verify that data transfer is enabled\n if (isRemoteTransferEnabled()) {\n return next();\n }\n\n // if it has been manually disabled, return a not found\n if (strapi.config.get('server.transfer.remote.enabled') === false) {\n return ctx.notFound();\n }\n\n // if it's enabled but doesn't have a valid salt, throw a not implemented\n if (!hasValidTokenSalt()) {\n return ctx.notImplemented(\n 'The server configuration for data transfer is invalid. Please contact your server administrator.',\n {\n code: 'INVALID_TOKEN_SALT',\n }\n );\n }\n\n // This should never happen as long as we're handling individual scenarios above\n throw new Error('Unexpected error while trying to access a data transfer route');\n};\n","import rateLimit from './rateLimit';\nimport dataTransfer from './data-transfer';\n\nexport { default as rateLimit } from './rateLimit';\nexport { default as dataTransfer } from './data-transfer';\n\nexport default {\n rateLimit,\n 'data-transfer': dataTransfer,\n};\n"],"names":["name","user","sendDidChangeInterfaceLanguage","merge","async","map","uniq","difference","strapi","resolve","fse","join","path","extname","koaStatic","basename","authenticate","token","constants","UnauthorizedError","ForbiddenError","errors","extractToken","apiToken","isNil","differenceInHours","parseISO","ability","action","verify","auth","castArray","conditionProvider","actionProvider","forgotPassword","yup","_","validateYupSchema","createPolicy","policy","actions","permissions","subject","transferToken","admin","authentication","roles","webhooks","contentApi","transfer","ApplicationError","password","bcrypt","hash","email","SUPER_ADMIN_CODE","hasSuperAdminRole","role","pick","set","omit","curry","pipe","prop","includes","isArray","create","permission","isEmpty","has","ValidationError","arrays","updatedUser","passwordValidator","findOne","exists","defaults","deleteByIds","count","users","condition","conditions","remove","eq","get","roleConstants","hooksUtils","isEqual","dates","update","differenceWith","differenceBy","createMany","sanitizeConditions","LocalStrategy","toLower","isFunction","authEventsMapper","passport","crypto","jwt","validateYupSchemaSync","providerFactory","hooks","domain","sanitize","isScalarAttribute","getNonVisibleAttributes","getWritableAttributes","contentTypes","ID_ATTRIBUTE","DOC_ID_ATTRIBUTE","CREATED_AT_ATTRIBUTE","UPDATED_AT_ATTRIBUTE","PUBLISHED_AT_ATTRIBUTE","CREATED_BY_ATTRIBUTE","UPDATED_BY_ATTRIBUTE","COMPONENT_FIELDS","STATIC_FIELDS","traverse","isObject","cloneDeep","traverseEntity","permittedFieldsOf","some","flatMap","detectSubjectType","asSubject","schema","getOr","intersection","validate","rulesToQuery","v","isPlainObject","providers","engine","matchesProperty","contentType","propEq","pluginsHandler","settingsHandler","xor","pmap","createSectionsBuilder","contentTypesUtils","startsWith","isString","NotFoundError","SELECT_FIELDS","POPULATE_FIELDS","isValidLifespan","isNumber","assertValidLifespan","flattenTokenPermissions","getBy","getExpirationFields","regenerate","checkSaltIsDefined","list","revoke","getById","getByName","assert","hasValidTokenSalt","utils","env","fs","projectSettings","updateProjectSettings","z","validateZod","tsUtils","values","sumBy","plugins","trim","apiTokens","strings","isUndefined","findUserPermissions","sanitizePermission","compose","sectionsBuilder","dataTransferStrapi","validateTransferTokenCreationInput","validateTransferTokenUpdateInput","mapKeys","punycode","isLocalhostIp","rateLimit","isRemoteTransferEnabled"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,MAAM,aAAa,CAACA,UAAS;AAC3B,SAAO,OAAO,QAAQ,UAAUA,KAAI,EAAE;AACxC;ACFO,MAAM,UAAU;AAAA,EACrB;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,EACZ;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,EACZ;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,EACZ;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,EACZ;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,IACb,SAAS;AAAA,MACP;AAAA,QACE,UAAU;AAAA,QACV,UAAU,CAAC,aAAa;AAAA,MAC1B;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,IACb,SAAS;AAAA,MACP;AAAA,QACE,UAAU;AAAA,QACV,UAAU,CAAC,aAAa;AAAA,MAC1B;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,EACZ;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,EACZ;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,KAAK;AAAA,IACL,aAAa;AAAA,IACb,YAAY;AAAA,IACZ,SAAS;AAAA,IACT,UAAU;AAAA,IACV,aAAa;AAAA,EACf;AACF;AAEA,MAAe,eAAA;AAAA,EACb;AACF;AC/NO,MAAM,aAAa;AAAA,EACxB;AAAA,IACE,aAAa;AAAA,IACb,MAAM;AAAA,IACN,QAAQ;AAAA,IACR,SAAS,CAACC,WAAgB,EAAE,gBAAgBA,MAAK,GAAG;AAAA,EACtD;AAAA,EACA;AAAA,IACE,aAAa;AAAA,IACb,MAAM;AAAA,IACN,QAAQ;AAAA,IACR,SAAS,CAACA,WAAgB;AAAA,MACxB,mBAAmB;AAAA,QACjB,YAAY;AAAA,UACV,IAAI;AAAA,YACF,KAAKA,MAAK,MAAM,IAAI,CAAC,MAAY,EAAE,EAAE;AAAA,UACvC;AAAA,QACF;AAAA,MACF;AAAA,IAAA;AAAA,EAEJ;AACF;AAEA,MAAe,kBAAA;AAAA,EACb;AACF;ACtBA,MAAM,2BAA2B;AAAA,EAC/B,WAAW;AAAA,IACT,cAAc;AAAA,IACd,aAAa;AAAA,IACb,gBAAgB;AAAA,EAClB;AACF;AAEA,MAAM,4BAA4B,YAAY;AAC5C,QAAM,WAAW,YAAY,EAAE,eAAe,aAAa,aAAa,OAAO;AACjF;AAEA,MAAM,0BAA0B,YAAY;AAC1C,QAAM,WAAW,YAAY,EAAE,kBAAkB,aAAa,gBAAgB,UAAU;AAC1F;AAEA,MAAM,qBAAqB,MAAM;AAC/B,QAAM,EAAE,gCAAAC,gCAAA,IAAmC,WAAW,SAAS;AAExD,SAAA,GAAG,WAAW,UAAU;AAAA,IAC7B,QAAQ,CAAC,aAAa;AAAA,IACtB,aAAaA;AAAA,IACb,aAAaA;AAAA,IACb,YAAY,EAAE,UAAU;AAClB,UAAA,OAAO,KAAK,kBAAkB;AACD,QAAAA;MACjC;AAAA,IACF;AAAA,EAAA,CACD;AACH;AAEA,MAAM,mBAAmB,YAAY;AAC7B,QAAA,aAAa,MAAM,OAAO,MAAM,EAAE,MAAM,QAAQ,MAAM,QAAA,CAAS;AACrE,QAAM,oBAAoB,MAAM,WAAW,IAAI,EAAE,KAAK,QAAQ;AACxD,QAAA,kBAAkBC,GAAAA,MAAM,0BAA0B,iBAAiB;AAEzE,QAAM,aAAa,MAAM,WAAW,MAAM,EAAE,OAAO;AAAA,IACjD,IAAI,gBAAgB,UAAU;AAAA,EAAA,CAC/B;AAGD,MAAI,CAAC,YAAY;AACf,oBAAgB,UAAU,cAAc;AAAA,EAC1C;AAEA,QAAM,WAAW,IAAI,EAAE,KAAK,QAAQ,OAAO,iBAAiB;AAC9D;AAEA,MAAM,2BAA2B,YAAY;AAC3C,QAAM,mBAAmB,OAAO,WAAW,YAAY,UAAU,OAAO;AAClE,QAAA,kBAAkB,MAAMC,QAAAA,MAAM;AAAA,IAClC,OAAO,GAAG,MAAM,6BAA6B,EAAE;AAAA,IAC/CC,GAAAA,IAAI,QAAQ;AAAA,EAAA;AAGd,QAAM,qBAAqBC,GAAAA,KAAKC,GAAAA,WAAW,iBAAiB,gBAAgB,CAAC;AAEzE,MAAA,mBAAmB,SAAS,GAAG;AACjC,UAAM,OAAO,GACV,MAAM,6BAA6B,EACnC,WAAW,EAAE,OAAO,EAAE,QAAQ,EAAE,KAAK,mBAAmB,EAAA,EAAK,CAAA;AAAA,EAClE;AACF;AAEA,MAAA,YAAe,OAAO,EAAE,QAAAC,cAAsC;AAC5D,QAAM,wBAAwB;AAC9B,QAAM,0BAA0B;AACb;AAEb,QAAA,oBAAoB,WAAW,YAAY;AAC3C,QAAA,cAAc,WAAW,MAAM;AAC/B,QAAA,cAAc,WAAW,MAAM;AAC/B,QAAA,kBAAkB,WAAW,WAAW;AACxC,QAAA,kBAAkB,WAAW,UAAU;AACvC,QAAA,eAAe,WAAW,OAAO;AAEvC,QAAM,YAAY;AAClB,QAAM,YAAY;AAClB,QAAM,YAAY;AAElB,QAAM,kBAAkB;AAExB,QAAM,YAAY;AAElB,QAAM,iBAAiB;AACvB,QAAM,yBAAyB;AAE/B,QAAM,WAAW,SAAS,EAAE,6BAA6BA,OAAM;AACpD,aAAA,SAAS,EAAE,UAAUA,OAAM;AAEtC,kBAAgB,mBAAmB;AACnC,kBAAgB,MAAM;AACtB,eAAa,qBAAqB;AACpC;AC9FA,MAAM,0BAA0B,CAAC,EAAE,QAAAA,cAAsC;AACvE,MAAI,WAAWC,KAAAA,QAAQD,QAAO,KAAK,KAAK,MAAM,OAAO;AAErD,MAAI,CAACE,aAAA,QAAI,eAAe,QAAQ,GAAG;AACtB,eAAAD,KAAA,QAAQ,WAAW,aAAa;AAAA,EAC7C;AAEM,QAAA,uBAAuB,OAAO,KAAc,SAAe;AAC/D,UAAM,KAAK;AAEX,QAAI,IAAI,WAAW,UAAU,IAAI,WAAW,OAAO;AACjD;AAAA,IACF;AAEA,QAAI,IAAI,QAAQ,QAAQ,IAAI,WAAW,KAAK;AAC1C;AAAA,IACF;AAEA,QAAI,OAAO;AACX,QAAI,OAAOC,qBAAI,iBAAiBC,KAAAA,KAAK,UAAU,YAAY,CAAC;AAAA,EAAA;AAG9D,EAAAH,QAAO,OAAO,OAAO;AAAA,IACnB;AAAA,MACE,QAAQ;AAAA,MACR,MAAM,GAAGA,QAAO,OAAO,MAAM,IAAI;AAAA,MACjC,SAAS;AAAA,QACP;AAAA,QACA,YAAY,UAAU;AAAA,UACpB,QAAQ;AAAA,UACR,OAAO;AAAA,UACP,OAAO;AAAA,UACP,WAAW,KAAUI,QAAW;AACxB,kBAAA,MAAMC,aAAQD,MAAI;AAExB,gBAAI,QAAQ,SAAS;AACf,kBAAA,UAAU,iBAAiB,qCAAqC;AAAA,YACtE;AAAA,UACF;AAAA,QAAA,CACD;AAAA,MACH;AAAA,MACA,QAAQ,EAAE,MAAM,MAAM;AAAA,IACxB;AAAA,EAAA,CACD;AACH;AAGA,MAAM,cAAc,CAAC,UAAe,mBAAmB,OAAO;AACtD,QAAA,QAAQE,mBAAAA,QAAU,UAAU,gBAAgB;AAE3C,SAAA,OAAO,KAAc,SAAe;AACzC,UAAM,OAAO,IAAI;AACX,UAAA,UAAUC,KAAAA,SAAS,IAAI,IAAI;AAEjC,QAAI,OAAO;AACL,UAAA,MAAM,KAAK,YAAY;AAC3B,UAAI,OAAO;AACX,YAAM,KAAK;AACX,UAAI,OAAO;AAAA,IAAA,CACZ;AACD,QAAI,OAAO;AAAA,EAAA;AAEf;AChEa,MAAAC,iBAAe,OAAO,QAAiB;AAClD,QAAM,EAAE,cAAkB,IAAA,IAAI,QAAQ;AAEtC,MAAI,CAAC,eAAe;AACX,WAAA,EAAE,eAAe;EAC1B;AAEM,QAAA,QAAQ,cAAc,MAAM,KAAK;AAEnC,MAAA,MAAM,CAAC,EAAE,YAAA,MAAkB,YAAY,MAAM,WAAW,GAAG;AACtD,WAAA,EAAE,eAAe;EAC1B;AAEM,QAAAC,SAAQ,MAAM,CAAC;AACf,QAAA,EAAE,SAAS,YAAY,WAAW,OAAO,EAAE,eAAeA,MAAK;AAErE,MAAI,CAAC,SAAS;AACL,WAAA,EAAE,eAAe;EAC1B;AAEA,QAAMhB,QAAO,MAAM,OAAO,GACvB,MAAM,aAAa,EACnB,QAAQ,EAAE,OAAO,EAAE,IAAI,QAAQ,GAAG,GAAG,UAAU,CAAC,OAAO,GAAG;AAE7D,MAAI,CAACA,SAAQ,EAAEA,MAAK,aAAa,OAAO;AAC/B,WAAA,EAAE,eAAe;EAC1B;AAEA,QAAM,cAAc,MAAM,WAAW,YAAY,EAAE,OAAO,oBAAoBA,KAAI;AAIlF,MAAI,MAAM,cAAc;AACxB,MAAI,MAAM,OAAOA;AAEV,SAAA;AAAA,IACL,eAAe;AAAA,IACf,aAAaA;AAAA,IACb,SAAS;AAAA,EAAA;AAEb;AAEO,MAAMD,SAAO;AAGpB,MAAe,oBAAA;AAAA,EAAA,MACbA;AAAAA,EAAA,cACAgB;AACF;ACpDA,MAAM,YAAY,KAAK,KAAK,KAAK;AAEjC,MAAME,cAAY;AAAA,EAChB,sBAAsB;AAAA,EACtB,kBAAkB;AAAA,EAClB,aAAa;AAAA,EACb,aAAa;AAAA,EACb,aAAa;AAAA,EACb,eAAe;AAAA,EACf,eAAe;AAAA,EACf,eAAe;AAAA,EACf,gBAAgB;AAAA,EAChB,gBAAgB;AAAA,IACd,WAAW;AAAA,IACX,aAAa;AAAA,IACb,QAAQ;AAAA,EACV;AAAA;AAAA,EAEA,qBAAqB;AAAA,IACnB,WAAW;AAAA,IACX,QAAQ,IAAI;AAAA,IACZ,SAAS,KAAK;AAAA,IACd,SAAS,KAAK;AAAA,EAChB;AAAA,EACA,qBAAqB;AAAA,IACnB,MAAM;AAAA,IACN,MAAM;AAAA,EACR;AAAA,EACA,0BAA0B;AAAA,IACxB,WAAW;AAAA,IACX,QAAQ,IAAI;AAAA,IACZ,SAAS,KAAK;AAAA,IACd,SAAS,KAAK;AAAA,EAChB;AACF;;;;;AC1BA,MAAM,qBAAEC,qBAAmB,gBAAAC,iBAAmB,IAAAC;AAE9C,MAAM,cAAc,CAAC,UAAe,MAAM,SAAS,MAAM,KAAK,MAAM,SAAS,SAAS;AAEtF,MAAMC,iBAAe,CAAC,QAAiB;AACjC,MAAA,IAAI,WAAW,IAAI,QAAQ,UAAU,IAAI,QAAQ,OAAO,eAAe;AACzE,UAAM,QAAQ,IAAI,QAAQ,OAAO,cAAc,MAAM,KAAK;AAEtD,QAAA,MAAM,CAAC,EAAE,YAAA,MAAkB,YAAY,MAAM,WAAW,GAAG;AACtD,aAAA;AAAA,IACT;AAEA,WAAO,MAAM,CAAC;AAAA,EAChB;AAEO,SAAA;AACT;AAKa,MAAAN,iBAAe,OAAO,QAAiB;AAC5C,QAAA,kBAAkB,WAAW,WAAW;AACxC,QAAAC,SAAQK,eAAa,GAAG;AAE9B,MAAI,CAACL,QAAO;AACH,WAAA,EAAE,eAAe;EAC1B;AAEM,QAAAM,YAAW,MAAM,gBAAgB,MAAM;AAAA,IAC3C,WAAW,gBAAgB,KAAKN,MAAK;AAAA,EAAA,CACtC;AAGD,MAAI,CAACM,WAAU;AACN,WAAA,EAAE,eAAe;EAC1B;AAEM,QAAA,kCAAkB;AAExB,MAAI,CAACC,GAAA,MAAMD,UAAS,SAAS,GAAG;AAC9B,UAAM,iBAAiB,IAAI,KAAKA,UAAS,SAAS;AAElD,QAAI,iBAAiB,aAAa;AAChC,aAAO,EAAE,eAAe,OAAO,OAAO,IAAIJ,oBAAkB,eAAe;IAC7E;AAAA,EACF;AAIA,QAAM,qBAAqBM,QAAAA,kBAAkB,aAAaC,QAAS,SAAAH,UAAS,UAAU,CAAC;AACvF,MAAI,sBAAsB,GAAG;AAC3B,UAAM,OAAO,GAAG,MAAM,kBAAkB,EAAE,OAAO;AAAA,MAC/C,OAAO,EAAE,IAAIA,UAAS,GAAG;AAAA,MACzB,MAAM,EAAE,YAAY,YAAY;AAAA,IAAA,CACjC;AAAA,EACH;AAEA,MAAIA,UAAS,SAASL,YAAU,eAAe,QAAQ;AACrD,UAAMS,WAAU,MAAM,OAAO,WAAW,YAAY,OAAO;AAAA,MACzDJ,UAAS,YAAY,IAAI,CAACK,aAAiB,EAAE,QAAAA,UAAS;AAAA,IAAA;AAGxD,WAAO,EAAE,eAAe,MAAM,SAAAD,UAAS,aAAaJ,UAAS;AAAA,EAC/D;AAEA,SAAO,EAAE,eAAe,MAAM,aAAaA,UAAS;AACtD;AAOa,MAAAM,WAAS,CAACC,OAAW,WAAgB;AAChD,QAAM,EAAE,aAAaP,WAAU,SAAAI,SAAA,IAAYG;AAE3C,MAAI,CAACP,WAAU;AACP,UAAA,IAAIJ,oBAAkB,iBAAiB;AAAA,EAC/C;AAEM,QAAA,kCAAkB;AAExB,MAAI,CAACK,GAAA,MAAMD,UAAS,SAAS,GAAG;AAC9B,UAAM,iBAAiB,IAAI,KAAKA,UAAS,SAAS;AAElD,QAAI,iBAAiB,aAAa;AAC1B,YAAA,IAAIJ,oBAAkB,eAAe;AAAA,IAC7C;AAAA,EACF;AAGA,MAAII,UAAS,SAASL,YAAU,eAAe,aAAa;AAC1D;AAAA,EACF;AAGA,MAAIK,UAAS,SAASL,YAAU,eAAe,WAAW;AAKlD,UAAA,SAASa,GAAAA,UAAU,OAAO,KAAK;AAErC,QAAI,OAAO,SAAS,OAAO,MAAM,WAAW,GAAG;AAC7C;AAAA,IACF;AAAA,EAIO,WAAAR,UAAS,SAASL,YAAU,eAAe,QAAQ;AAC1D,QAAI,CAACS,UAAS;AACZ,YAAM,IAAIP,iBAAe;AAAA,IAC3B;AAEM,UAAA,SAASW,GAAAA,UAAU,OAAO,KAAK;AAE/B,UAAA,YAAY,OAAO,MAAM,CAAC,UAAUJ,SAAQ,IAAI,KAAK,CAAC;AAE5D,QAAI,WAAW;AACb;AAAA,IACF;AAAA,EACF;AAEA,QAAM,IAAIP,iBAAe;AAC3B;AAIA,MAAe,uBAAA;AAAA,EACb,MAAM;AAAA,EAAA,cACNJ;AAAAA,EAAA,QACAa;AACF;ACxIA,MAAA,aAAe,CAAC,EAAE,QAAArB,QAAA,MAAsC;AACtD,QAAM,qBAAqBA,QAAO,QAAQ,iBAAiB,EAAE,KAAK;AAElE,EAAAA,QAAO,OAAO,IAAI,OAAO,EAAE,IAAI,kBAAkB;AACjD,EAAAA,QAAO,IAAI,MAAM,EAAE,SAAS,SAAS,iBAAiB;AACtD,EAAAA,QAAO,IAAI,MAAM,EAAE,SAAS,eAAe,oBAAoB;AAE/D,MAAIA,QAAO,OAAO,IAAI,uBAAuB,GAAG;AACtB,4BAAA,EAAE,QAAAA,SAAQ;AAAA,EACpC;AACF;ACbA,MAAA,UAAe,YAAY;AACzB,QAAM,EAAE,mBAAAwB,oBAAmB,gBAAAC,gBAAe,IAAI,WAAW,YAAY;AAErE,QAAMD,mBAAkB;AACxB,QAAMC,gBAAe;AACvB;ACPA,MAAM,UAAU;AAEhB,MAAM,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAQb,MAAM,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAQb,MAAA,yBAAe,EAAE,SAAS,MAAM,KAAK;AChB9B,MAAMC,mBAAiB;AAAA,EAC5B,eAAe;AACjB;AAEA,MAAe,UAAA;AAAA,EAAA,gBACbA;AACF;ACRA,MAAe,uBAAA,CAAC,cAAmB;AAC1B,SAAA,QAAQ,UAAU,MAAM,eAAe;AAChD;ACCA,MAAM,uBAAuBC,YAAI,OAAO;AAAA,EACtC,SAASA,QAAAA,IAAI,MAAA,EAAQ;AAAA;AAAA,IAEnBA,YAAI,KAAK,CAAC,QAAQ;AACZ,UAAAC,aAAA,QAAE,QAAQ,GAAG,GAAG;AAClB,eAAOD,YAAI,QAAQ,GAAGA,QAAAA,IAAI,QAAQ,EAAE,IAAI,CAAC,EAAE,IAAI,CAAC;AAAA,MAClD;AAEI,UAAAC,aAAA,QAAE,SAAS,GAAG,GAAG;AACZ,eAAAD,YAAI,SAAS;MACtB;AAEO,aAAAA,QAAA,IAAI,OAAO,EAAE,MAAM;AAAA,QACxB,QAAQA,QAAA,IAAI,OAAO,EAAE,SAAS;AAAA,QAC9B,SAASA,YAAI,OAAO;AAAA,MAAA,CACrB;AAAA,IAAA,CACF;AAAA,EACH;AACF,CAAC;AAEY,MAAA,8BAA8BE,0BAAkB,oBAAoB;ACnBjF,MAAM,EAAEC,cAAAA,eAAiB,IAAAC;AAEzB,MAAM,iBAAiB;AAAA,EACrB;AAAA,IACE,OAAOH,aAAE,QAAA;AAAA,IACT,WAAW,CAACR,aAAiB,EAAE,QAAAA;EACjC;AAAA,EACA;AAAA,IACE,OAAOQ,aAAE,QAAA;AAAA,IACT,WAAW,CAAC,SAAc,EAAE,QAAQ,IAAI,CAAC,GAAG,SAAS,IAAI,CAAC;EAC5D;AAAA,EACA;AAAA;AAAA,IAEE,OAAOA,aAAE,QAAA;AAAA,IACT,WAAW,CAAC,SAAc;AAAA,EAC5B;AACF;AAEA,MAAA,iBAAeE,eAAa;AAAA,EAC1B,MAAM;AAAA,EACN,WAAW;AAAA,EACX,QAAQ,KAAK,QAAQ;AACb,UAAA,EAAE,SAAAE,SAAY,IAAA;AACpB,UAAM,EAAE,aAAab,aAAY,IAAI;AAErC,UAAMc,eAAcD,SAAQ;AAAA,MAAI,CAACZ,YAC/B,eAAe,KAAK,CAAC,aAAa,SAAS,MAAMA,OAAM,CAAC,GAAG,UAAUA,OAAM;AAAA,IAAA;AAG7E,UAAM,eAAea,aAAY;AAAA,MAAM,CAAC,EAAE,QAAAb,SAAQ,SAAAc,eAChDf,SAAQ,IAAIC,SAAQc,QAAO;AAAA,IAAA;AAGtB,WAAA;AAAA,EACT;AACF,CAAC;ACpCD,MAAM,EAAE,aAAiB,IAAAH;AAMzB,MAAA,qBAAe,aAAa;AAAA,EAC1B,MAAM;AAAA,EACN,QAAQ,MAAM,SAAS,EAAE,QAAA/B,WAAU;AAC7B,QAAAA,QAAO,UAAU,YAAY;AACxB,aAAA;AAAA,IACT;AAAA,EACF;AACF,CAAC;ACZD,MAAA,UAAe,EAAE,sBAAsB,gBAAgB,mBAAmB;ACJ1E,MAAe,UAAA;AAAA,EACb;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ,EAAE,MAAM,MAAM;AAAA,EACxB;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,QAAQ,EAAE,SAAS,CAAC,8BAA8B,EAAE;AAAA,QACtD;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,QAAQ,EAAE,SAAS,CAAC,gCAAgC,EAAE;AAAA,QACxD;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ,EAAE,MAAM,MAAM;AAAA,EACxB;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU,CAAC,6BAA6B;AAAA,IAC1C;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU,CAAC,6BAA6B;AAAA,IAC1C;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,yBAAyB,IAAI;AAAA,MACpF;AAAA,IACF;AAAA,EACF;AACF;ACpEA,MAAe,mBAAA;AAAA,EACb;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,MAAM;AAAA,MACN,aAAa,CAAC,kBAAkB;AAAA,IAClC;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ,EAAE,MAAM,MAAM;AAAA,EACxB;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ,EAAE,MAAM,MAAM;AAAA,EACxB;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ,EAAE,MAAM,MAAM;AAAA,EACxB;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ,EAAE,MAAM,MAAM;AAAA,EACxB;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ,EAAE,MAAM,MAAM;AAAA,EACxB;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ,EAAE,MAAM,MAAM;AAAA,EACxB;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU,CAAC,6BAA6B;AAAA,IAC1C;AAAA,EACF;AACF;ACtDA,MAAe,cAAA;AAAA,EACb;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU,CAAC,6BAA6B;AAAA,IAC1C;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU,CAAC,6BAA6B;AAAA,IAC1C;AAAA,EACF;AACF;ACjBA,MAAe,QAAA;AAAA,EACb;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU,CAAC,6BAA6B;AAAA,IAC1C;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU,CAAC,6BAA6B;AAAA,IAC1C;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU,CAAC,6BAA6B;AAAA,IAC1C;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,qBAAqB,IAAI;AAAA,MAChF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,mBAAmB,IAAI;AAAA,MAC9E;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,mBAAmB,IAAI;AAAA,MAC9E;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,qBAAqB,IAAI;AAAA,MAChF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU,CAAC,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,qBAAqB,EAAE,GAAG;AAAA,IAC5F;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU,CAAC,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,qBAAqB,EAAE,GAAG;AAAA,IAC5F;AAAA,EACF;AACF;ACrFA,MAAe,UAAA;AAAA,EACb;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,mBAAmB,IAAI;AAAA,MAC9E;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,qBAAqB,IAAI;AAAA,MAChF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,mBAAmB,IAAI;AAAA,MAC9E;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,mBAAmB,IAAI;AAAA,MAC9E;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,QAAQ;AAAA,YACN,SAAS,CAAC,qBAAqB;AAAA,UACjC;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,qBAAqB,IAAI;AAAA,MAChF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,QAAQ;AAAA,YACN,SAAS,CAAC,qBAAqB;AAAA,UACjC;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,QAAQ;AAAA,YACN,SAAS,CAAC,qBAAqB;AAAA,UACjC;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAAA,EACF;AACF;ACxGA,MAAe,aAAA;AAAA,EACb;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,sBAAsB,IAAI;AAAA,MACjF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,wBAAwB,IAAI;AAAA,MACnF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,sBAAsB,IAAI;AAAA,MACjF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,wBAAwB,IAAI;AAAA,MACnF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,wBAAwB,IAAI;AAAA,MACnF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,wBAAwB,IAAI;AAAA,MACnF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,wBAAwB,IAAI;AAAA,MACnF;AAAA,IACF;AAAA,EACF;AACF;AC9EA,MAAe,YAAA;AAAA,EACb;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,0BAA0B,IAAI;AAAA,MACrF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,wBAAwB,IAAI;AAAA,MACnF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,0BAA0B,IAAI;AAAA,MACrF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,wBAAwB,IAAI;AAAA,MACnF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,0BAA0B,IAAI;AAAA,MACrF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,8BAA8B,IAAI;AAAA,MACzF;AAAA,IACF;AAAA,EACF;AACF;ACnEA,MAAe,eAAA;AAAA,EACb;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU,CAAC,6BAA6B;AAAA,IAC1C;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,UAAU,CAAC,6BAA6B;AAAA,IAC1C;AAAA,EACF;AACF;ACVA,MAAM,qBAAEW,qBAAmB,eAAmB,IAAAE;AAE9C,MAAM,eAAe,CAAC,QAAiB;AACjC,MAAA,IAAI,WAAW,IAAI,QAAQ,UAAU,IAAI,QAAQ,OAAO,eAAe;AACzE,UAAM,QAAQ,IAAI,QAAQ,OAAO,cAAc,MAAM,KAAK;AAEtD,QAAA,MAAM,CAAC,EAAE,YAAA,MAAkB,YAAY,MAAM,WAAW,GAAG;AACtD,aAAA;AAAA,IACT;AAEA,WAAO,MAAM,CAAC;AAAA,EAChB;AAEO,SAAA;AACT;AAOa,MAAA,eAAe,OAAO,QAAiB;AAClD,QAAM,EAAE,OAAO,aAAa,IAAI,WAAW,UAAU;AAC/C,QAAAJ,SAAQ,aAAa,GAAG;AAE9B,MAAI,CAACA,QAAO;AACH,WAAA,EAAE,eAAe;EAC1B;AAEM,QAAA0B,iBAAgB,MAAM,aAAa,MAAM,EAAE,WAAW,aAAa,KAAK1B,MAAK,EAAA,CAAG;AAGtF,MAAI,CAAC0B,gBAAe;AACX,WAAA,EAAE,eAAe;EAC1B;AAGM,QAAA,kCAAkB;AAExB,MAAI,CAACnB,GAAA,MAAMmB,eAAc,SAAS,GAAG;AACnC,UAAM,iBAAiB,IAAI,KAAKA,eAAc,SAAS;AAEvD,QAAI,iBAAiB,aAAa;AAChC,aAAO,EAAE,eAAe,OAAO,OAAO,IAAIxB,oBAAkB,eAAe;IAC7E;AAAA,EACF;AAIA,QAAM,qBAAqBM,QAAAA,kBAAkB,aAAaC,QAAS,SAAAiB,eAAc,UAAU,CAAC;AAC5F,MAAI,sBAAsB,GAAG;AAC3B,UAAM,OAAO,GAAG,MAAM,kBAAkB,EAAE,OAAO;AAAA,MAC/C,OAAO,EAAE,IAAIA,eAAc,GAAG;AAAA,MAC9B,MAAM,EAAE,YAAY,YAAY;AAAA,IAAA,CACjC;AAAA,EACH;AAGA,QAAMhB,WAAU,MAAM,WAAW,UAAU,EAAE,WAAW,OAAO;AAAA,IAC7DgB,eAAc,YAAY,IAAI,CAACf,aAAiB,EAAE,QAAAA,UAAS;AAAA,EAAA;AAG7D,SAAO,EAAE,eAAe,MAAM,SAAAD,UAAS,aAAagB,eAAc;AACpE;AAOO,MAAMd,WAAS,OAAOC,OAAW,SAAc,OAAO;AAC3D,QAAM,EAAE,aAAaa,gBAAe,SAAAhB,SAAA,IAAYG;AAEhD,MAAI,CAACa,gBAAe;AACZ,UAAA,IAAIxB,oBAAkB,iBAAiB;AAAA,EAC/C;AAEM,QAAA,kCAAkB;AAExB,MAAI,CAACK,GAAA,MAAMmB,eAAc,SAAS,GAAG;AACnC,UAAM,iBAAiB,IAAI,KAAKA,eAAc,SAAS;AAEvD,QAAI,iBAAiB,aAAa;AAC1B,YAAA,IAAIxB,oBAAkB,eAAe;AAAA,IAC7C;AAAA,EACF;AAEA,MAAI,CAACQ,UAAS;AACZ,UAAM,IAAI,eAAe;AAAA,EAC3B;AAEA,QAAM,SAASI,GAAA,UAAU,OAAO,SAAS,CAAE,CAAA;AAErC,QAAA,YAAY,OAAO,MAAM,CAAC,UAAUJ,SAAQ,IAAI,KAAK,CAAC;AAE5D,MAAI,CAAC,WAAW;AACd,UAAM,IAAI,eAAe;AAAA,EAC3B;AACF;AAEO,MAAM,OAAO;AAGpB,MAAe,2BAAA;AAAA,EACb;AAAA,EACA;AAAA,EAAA,QACAE;AACF;AChHA,MAAe,aAAA;AAAA;AAAA,EAEb;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,aAAa,CAAC,sBAAsB;AAAA,MACpC,MAAM,EAAE,YAAY,CAAC,wBAAwB,GAAG,OAAO,CAAC,MAAM,EAAE;AAAA,IAClE;AAAA,EACF;AAAA;AAAA,EAEA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,aAAa,CAAC,sBAAsB;AAAA,MACpC,MAAM,EAAE,YAAY,CAAC,wBAAwB,GAAG,OAAO,CAAC,MAAM,EAAE;AAAA,IAClE;AAAA,EACF;AAAA;AAAA,EAEA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,aAAa,CAAC,sBAAsB;AAAA,MACpC,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,+BAA+B,IAAI;AAAA,MAC1F;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,aAAa,CAAC,sBAAsB;AAAA,MACpC,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,6BAA6B,IAAI;AAAA,MACxF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,aAAa,CAAC,sBAAsB;AAAA,MACpC,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,+BAA+B,IAAI;AAAA,MAC1F;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,aAAa,CAAC,sBAAsB;AAAA,MACpC,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,6BAA6B,IAAI;AAAA,MACxF;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,aAAa,CAAC,sBAAsB;AAAA,MACpC,UAAU;AAAA,QACR;AAAA,QACA,EAAE,MAAM,yBAAyB,QAAQ,EAAE,SAAS,CAAC,+BAA+B,IAAI;AAAA,MAC1F;AAAA,IACF;AAAA,EACF;AAAA,EACA;AAAA,IACE,QAAQ;AAAA,IACR,MAAM;AAAA,IACN,SAAS;AAAA,IACT,QAAQ;AAAA,MACN,aAAa,CAAC,sBAAsB;AAAA,MACpC,UAAU;AAAA,QACR;AAAA,QACA;AAAA,UACE,MAAM;AAAA,UACN,QAAQ,EAAE,SAAS,CAAC,mCAAmC,EAAE;AAAA,QAC3D;AAAA,MACF;AAAA,IACF;AAAA,EACF;AACF;ACzFA,MAAM,SAAS;AAAA,EACb,OAAO;AAAA,IACL,MAAM;AAAA,IACN,QAAQ;AAAA,MACN,GAAGe;AAAAA,MACH,GAAGC;AAAAA,MACH,GAAG;AAAA,MACH,GAAG;AAAA,MACH,GAAGC;AAAAA,MACH,GAAGC;AAAAA,MACH,GAAG;AAAA,MACH,GAAGC;AAAAA,MACH,GAAGC;AAAAA,IACL;AAAA,EACF;AACF;AClBA,MAAM,EAAEC,kBAAAA,mBAAqB,IAAA7B;AAO7B,MAAM,eAAe,CAAC8B,cAAqBC,gBAAAA,QAAO,KAAKD,WAAU,EAAE;AAQnE,MAAM,mBAAmB,CAACA,WAAkBE,UAAiBD,gBAAO,QAAA,QAAQD,WAAUE,KAAI;AAO1F,MAAM,mBAAmB,OAAO,EAAE,OAAAC,QAAO,UAAAH,gBAAoD;AAC3F,QAAMlD,QAAkB,MAAM,OAAO,GAAG,MAAM,aAAa,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAAqD,OAAA,EAAS,CAAA;AAEzF,MAAI,CAACrD,SAAQ,CAACA,MAAK,UAAU;AAC3B,WAAO,CAAC,MAAM,OAAO,EAAE,SAAS,sBAAuB,CAAA;AAAA,EACzD;AAEA,QAAM,UAAU,MAAM,iBAAiBkD,WAAUlD,MAAK,QAAQ;AAE9D,MAAI,CAAC,SAAS;AACZ,WAAO,CAAC,MAAM,OAAO,EAAE,SAAS,sBAAuB,CAAA;AAAA,EACzD;AAEI,MAAA,EAAEA,MAAK,aAAa,OAAO;AAC7B,WAAO,CAAC,MAAM,OAAO,EAAE,SAAS,kBAAmB,CAAA;AAAA,EACrD;AAEO,SAAA,CAAC,MAAMA,KAAI;AACpB;AAMA,MAAM,iBAAiB,OAAO,EAAE,OAAAqD,OAAM,IAAI,OAA4B;AACpE,QAAMrD,QAAkB,MAAM,OAAO,GAClC,MAAM,aAAa,EACnB,QAAQ,EAAE,OAAO,EAAE,OAAAqD,QAAO,UAAU,KAAA,EAAQ,CAAA;AAC/C,MAAI,CAACrD,OAAM;AACT;AAAA,EACF;AAEA,QAAM,qBAAqB,WAAW,OAAO,EAAE,YAAY;AACrD,QAAA,WAAW,MAAM,EAAE,WAAWA,MAAK,IAAI,EAAE,oBAAoB;AAG7D,QAAA,MAAM,GAAG,OAAO,OAAO;AAAA,IAC3B;AAAA,EAAA,CACD,6BAA6B,kBAAkB;AAEhD,SAAO,OACJ,OAAO,OAAO,EACd,QAAQ,OAAO,EACf;AAAA,IACC;AAAA,MACE,IAAIA,MAAK;AAAA,MACT,MAAM,OAAO,OAAO,IAAI,2BAA2B;AAAA,MACnD,SAAS,OAAO,OAAO,IAAI,8BAA8B;AAAA,IAC3D;AAAA,IACA,OAAO,OAAO,IAAI,oCAAoC;AAAA,IACtD;AAAA,MACE;AAAA,MACA,MAAMmC,aAAAA,QAAE,KAAKnC,OAAM,CAAC,SAAS,aAAa,YAAY,UAAU,CAAC;AAAA,IACnE;AAAA,EAAA,EAED,MAAM,CAAC,QAAiB;AAEhB,WAAA,IAAI,MAAM,GAAG;AAAA,EAAA,CACrB;AACL;AAOA,MAAM,gBAAgB,OACpB,EAAE,oBAAoB,UAAAkD,UAAS,IAAI,CAAA,MAChC;AACH,QAAM,eAAsC,MAAM,OAAO,GACtD,MAAM,aAAa,EACnB,QAAQ,EAAE,OAAO,EAAE,oBAAoB,UAAU,KAAA,EAAQ,CAAA;AAE5D,MAAI,CAAC,cAAc;AACjB,UAAM,IAAID,mBAAiB;AAAA,EAC7B;AAEA,SAAO,WAAW,MAAM,EAAE,WAAW,aAAa,IAAI;AAAA,IACpD,UAAAC;AAAA,IACA,oBAAoB;AAAA,EAAA,CACrB;AACH;AAEA,MAAe,OAAA,EAAE,kBAAkB,kBAAkB,cAAc,gBAAgB,cAAc;ACxGjG,MAAM,EAAEI,kBAAAA,mBAAqB,IAAArC;AAMtB,SAAS,WAAW,YAA+C;AACjE,SAAA;AAAA,IACL,OAAO,CAAC;AAAA,IACR,UAAU;AAAA,IACV,UAAU;AAAA,IACV,GAAG;AAAA,EAAA;AAEP;AAEa,MAAAsC,sBAAoB,CAACvD,UAAoB;AAC7C,SAAAA,MAAK,MAAM,OAAO,CAACwD,UAAoBA,MAAK,SAASF,kBAAgB,EAAE,SAAS;AACzF;AAEO,MAAM,4BAA4B,CAAC,MAAM,aAAa,YAAY,UAAU;ACsEnF,MAAM,6BAA6B,OAAwB;AAAA,EACzD,SAAS;AAAA,IACP,mBAAmB;AAAA,EACrB;AACF;AAKA,MAAM,eAAe;AAAA,EACnB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF;AAKA,MAAM,2BAA2BG,GAAAA,KAAK,YAAY;AAWlD,MAAM,kBAAkB,CAAC,eAA4C;AAC7D,QAAA,EAAE,YAAY,IAAQ,IAAA;AAE5B,MAAI,CAAC,YAAY;AACf,WAAO,QAAQ,GAAG;AAAA,EACpB;AAEA,MAAI,eAAe,SAAS;AAC1B,WAAO,UAAU,GAAG;AAAA,EACtB;AAEO,SAAA,WAAW,UAAU,IAAI,GAAG;AACrC;AAKA,MAAM,iBAAiB,CAAC,UACtBC,OAAI,YAAY,gBAAgB,KAAK,GAAG,KAAK;AAO/C,MAAM,0BAA0B,CAAC/B,YAA2B;AAC1D,QAAM,wBAAwB,CAAC,YAAY,SAAS,EAAE,SAASA,QAAO,OAAO;AAEtE,SAAA,wBACH+B,GAAAA,IAAI,eAAe/B,QAAO,eAAe,WAAWA,OAAM,IAC1DgC,GAAAA,KAAK,eAAehC,OAAM;AAChC;AAKA,MAAM,oBAAoBiC,GAAA,MAAM,CAAC,UAAkBjC,YAA4B;AACtE,SAAAkC,GAAA,KAAKC,QAAK,2BAA2B,GAAGC,YAAS,QAAQ,CAAC,EAAEpC,OAAM;AAC3E,CAAC;AAKD,MAAM,mBAAmBiC,GAAA,MAAM,CAACnB,UAAiBd,YAA4B;AAC3E,SAAOqC,WAAQrC,QAAO,QAAQ,KAAKoC,GAAS,SAAAtB,UAASd,QAAO,QAAQ;AACtE,CAAC;AAKD,MAAMsC,WAAmDJ,GAAA;AAAA;AAAA;AAAA,EAGvD;AAAA;AAAA,EAEA;AAAA;AAAA,EAEA;AAAA;AAAA,EAEA3D,GAAA,MAAM,4BAA4B;AACpC;AAEA,MAAe,eAAA;AAAA,EACb;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAAA,QACA+D;AAAAA,EACA;AAAA,EACA;AAAA,EACA;AACF;AC1MA,MAAM,gCAAgC,CAAC,WAAoB;AACrD,MAAA9B,aAAA,QAAE,MAAM,MAAM,GAAG;AAEZ,WAAA;AAAA,EACT;AACA,MAAI,CAAC,MAAM,QAAQ,MAAM,GAAG;AACnB,WAAA;AAAA,EACT;AAEA,MAAI,SAAS;AACb,WAAS,SAAS,GAAG,SAAS,OAAO,QAAQ,UAAU,GAAG;AACxD,aAAS,OACN,MAAM,SAAS,CAAC,EAChB;AAAA,MACC,CAAC,WACC,OAAO,WAAW,GAAG,OAAO,MAAM,CAAC,GAAG,KAAK,OAAO,MAAM,EAAE,WAAW,GAAG,MAAM,GAAG;AAAA,IAAA;AAEnF,QAAA;AAAQ;AAAA,EACd;AAEA,SAAO,CAAC;AACV;ACrBA,MAAM,gCAAgC,CAAC,WAAoB;AACrD,MAAAA,aAAA,QAAE,MAAM,MAAM,GAAG;AAEZ,WAAA;AAAA,EACT;AACA,MAAI,CAAC,MAAM,QAAQ,MAAM,GAAG;AACnB,WAAA;AAAA,EACT;AAEA,SAAOA,aAAAA,QAAE,KAAK,MAAM,EAAE,WAAW,OAAO;AAC1C;ACFA,MAAM,wBAAwB,CAAC,aAAqB;AAClD,SAAO,WAAW,YAAY,EAAE,eAAe,IAAI,QAAQ;AAC7D;AAEO,MAAM,QAAQD,QAAI,IAAA,OAAA,EAAS,QAAQ,UAAU;AAE7C,MAAM,YAAYA,QAAI,IAAA,SAAS,KAAK,EAAE,IAAI,CAAC;AAErC,MAAA,WAAWA,QAAAA,IAAI;AAErB,MAAM,WAAWA,QAAAA,IAAI,OAAO,EAAE,IAAI,CAAC;AAEnC,MAAM,WAAWA,QACrB,IAAA,OACA,EAAA,IAAI,CAAC,EACL,QAAQ,SAAS,uDAAuD,EACxE,QAAQ,SAAS,uDAAuD,EACxE,QAAQ,MAAM,0CAA0C;AAE9C,MAAA,QAAQA,QAAAA,IAAI,MAAMA,QAAA,IAAI,UAAU,EAAE,IAAI,CAAC;AAEpD,MAAM,gBAAgBA,YACnB,OAAO,EACP,KAAK,oBAAoB,wBAAwB,SAAU,OAAO;AAC1D,SAAA,CAAC,QAAW,SAAS,GAAG,OAAO,KAAK,OAAO,OAAO,CAAC,EAAE,SAAS,KAAK,IACtE,OACA,KAAK,YAAY,EAAE,MAAM,KAAK,MAAM,SAAS,GAAG,KAAK,IAAI,6BAA8B,CAAA;AAC7F,CAAC;AAEI,MAAM,wBAAwBA,QAAA,IAClC,MAAM,EACN,GAAGA,QAAA,IAAI,OAAQ,CAAA,EACf,KAAK,6BAA6B,wBAAwB,SAAU,OAAO;AAC1E,QAAM,MAAM,OAAO,QAAQ,mBAAmB,EAAE,kBAAkB;AAC3D,SAAAC,aAAA,QAAE,YAAY,KAAK,KAAKA,aAAAA,QAAE,WAAW,OAAO,GAAG,EAAE,WAAW,IAC/D,OACA,KAAK,YAAY,EAAE,MAAM,KAAK,MAAM,SAAS,wCAAwC;AAC3F,CAAC;AAEU,MAAA,uBAAuB,CAAC,GAAQ,MAC3C,EAAE,WAAW,EAAE,WAAW,EAAE,YAAY,EAAE,WAAYA,aAAA,QAAE,MAAM,EAAE,OAAO,KAAKA,aAAE,QAAA,MAAM,EAAE,OAAO;AAE/F,MAAM,+BAA+B,CAACK,iBACpC,CAAC,MAAM,QAAQA,YAAW,KAC1BA,aAAY;AAAA,EAAM,CAAC,OAAO,MACxBA,aAAY,MAAM,IAAI,CAAC,EAAE,MAAM,CAAC,UAAU,CAAC,qBAAqB,OAAO,KAAK,CAAC;AAC/E;AAEF,MAAM,iBAAiB,CAACb,YACtB,SAAU,QAA6B;AAEjC,MAAAJ,GAAAA,MAAMI,OAAM,GAAG;AACV,WAAA;AAAA,EACT;AAEA,SAAO,aAAa,kBAAkB,UAAUA,OAAM,KAAKJ,GAAAA,MAAM,MAAM;AACzE;AAEF,MAAM,2BAA2B,CAACI,YAChCO,QAAA,IACG,MAAM,EACN,GAAGA,QAAAA,IAAI,OAAO,CAAC,EACf,SACA,EAAA;AAAA,EACC;AAAA,EACA;AAAA,EACA;AACF,EACC;AAAA,EACC;AAAA,EACA;AAAA,EACA;AACF,EACC;AAAA,EACC;AAAA,EACA;AAAA;AAAA,EAEA,eAAeP,OAAM;AACvB;AAEG,MAAMuC,eAAahC,QAAA,IACvB,OAAO,EACP,MAAM;AAAA,EACL,QAAQA,QAAAA,IACL,OAAA,EACA,SAAA,EACA,KAAK,mBAAmB,+CAA+C,SAAU,UAAU;AAEtF,QAAAX,GAAAA,MAAM,QAAQ,GAAG;AACZ,aAAA;AAAA,IACT;AAEO,WAAA,CAAC,CAAC,sBAAsB,QAAQ;AAAA,EAAA,CACxC;AAAA,EACH,kBAAkBW,QAAA,IAAI,OAAO,EAAE,SAAS;AAAA,EACxC,SAASA,QAAAA,IACN,OAAA,EACA,SAAA,EACA,KAAK,oBAAoB,6BAA6B,SAAUO,UAAS;AAExE,UAAMd,UAAS,sBAAsB,KAAK,QAAQ,OAAO,MAAM;AAE/D,QAAI,CAACA,SAAQ;AACJ,aAAA;AAAA,IACT;AAEI,QAAAJ,GAAA,MAAMI,QAAO,QAAQ,GAAG;AAC1B,aAAOJ,GAAAA,MAAMkB,QAAO;AAAA,IACtB;AAEA,QAAIuB,GAAAA,QAAQrC,QAAO,QAAQ,KAAK,CAACJ,GAAAA,MAAMkB,QAAO,GAAG;AACxC,aAAAd,QAAO,SAAS,SAASc,QAAO;AAAA,IACzC;AAEO,WAAA;AAAA,EAAA,CACR;AAAA,EACH,YAAYP,YACT,OAAO,EACP,KAAK,wBAAwB,mCAAmC,SAAU,YAAY;AAErF,UAAMP,UAAS,sBAAsB,KAAK,QAAQ,OAAO,MAAM;AAC/D,UAAM,kBAAkBwC,GAAAA,QAAQ,UAAU,KAAK5C,SAAM,UAAU;AAE/D,QAAI,CAAC6C,GAAA,IAAI,6BAA6BzC,OAAM,GAAG;AACtC,aAAA;AAAA,IACT;AAEA,QAAI,iBAAiB;AACZ,aAAA;AAAA,IACT;AAEM,UAAA,EAAE,kBAAkB,IAAIA,QAAO;AAEjC,QAAA,CAACqC,GAAAA,QAAQ,iBAAiB,GAAG;AACxB,aAAA;AAAA,IACT;AAEO,WAAA,OAAO,KAAK,UAAU,EAAE,MAAM,CAAC,aAAa,kBAAkB,SAAS,QAAQ,CAAC;AAAA,EACxF,CAAA,EACA;AAAA,IACC;AAAA,IACA;AAAA,IACA,eAAgB,aAAa,CAAA,GAAI;AAE/B,YAAMrC,UAAS,sBAAsB,KAAK,QAAQ,OAAO,MAAM;AAE3D,UAAA,CAACA,WAAU,CAAC,YAAY;AACnB,eAAA;AAAA,MACT;AAEA,UAAI,CAAC,aAAa,kBAAkB,UAAUA,OAAM,GAAG;AAC9C,eAAA;AAAA,MACT;AAEI,UAAA;AACF,cAAM,yBAAyBA,OAAM,EAAE,SAAS,WAAW,QAAQ;AAAA,UACjE,QAAQ;AAAA,UACR,YAAY;AAAA,QAAA,CACb;AACM,eAAA;AAAA,eACA,GAAQ;AAEf,cAAM,KAAK,YAAY;AAAA,UACrB,SAAS,EAAE;AAAA,UACX,MAAM,GAAG,KAAK,IAAI;AAAA,QAAA,CACnB;AAAA,MACH;AAAA,IACF;AAAA,EACF;AAAA,EACF,YAAYO,QAAI,IAAA,MAAA,EAAQ,GAAGA,QAAAA,IAAI,QAAQ;AACzC,CAAC,EACA,UAAU;AAEN,MAAM,oBAAoBA,QAAA,IAC9B,OAAO,EACP,MAAM;AAAA,EACL,aAAaA,YACV,MAAM,EACN,WACA,GAAGgC,YAAU,EACb;AAAA,IACC;AAAA,IACA;AAAA,IACA;AAAA,EACF;AACJ,CAAC,EACA,WACA;AAEH,MAAe,aAAA;AAAA,EACb;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAAA,YACAA;AAAAA,EACA;AACF;AC/LA,MAAM,EAAEZ,kBAAAA,mBAAqB,IAAArC;AAE7B,MAAM,EAAEoD,iBAAAA,kBAAoB,IAAAjD;AAC5B,MAAM,oBAAoB,CAACoC,UACzBrB,aAAE,QAAA,KAAKqB,OAAM,CAAC,MAAM,QAAQ,eAAe,MAAM,CAAC;AAMpD,MAAM,eAAe,CAACxD,UAAwC;AACrD,SAAA;AAAA,IACL,GAAGmC,qBAAE,KAAKnC,OAAM,CAAC,YAAY,sBAAsB,qBAAqB,OAAO,CAAC;AAAA,IAChF,OAAOA,MAAK,SAASA,MAAK,MAAM,IAAI,iBAAiB;AAAA,EAAA;AAEzD;AAMA,MAAMiE,WAAS,OAEb,eACuB;AACvB,QAAM,WAAW;AAAA,IACf,mBAAmB,WAAW,OAAO,EAAE,YAAY;AAAA,IACnD,GAAG;AAAA,EAAA;AAGL,MAAI9B,qBAAE,IAAI,YAAY,UAAU,GAAG;AACjC,aAAS,WAAW,MAAM,WAAW,MAAM,EAAE,aAAa,WAAW,QAAS;AAAA,EAChF;AAEM,QAAAnC,QAAO,WAAW,QAAQ;AAEhC,QAAM,cAAc,MAAM,OAAO,GAC9B,MAAM,aAAa,EACnB,OAAO,EAAE,MAAMA,OAAM,UAAU,CAAC,OAAO,EAAG,CAAA;AAElC,aAAA,SAAS,EAAE;AAEf,SAAA,SAAS,KAAK,eAAe,EAAE,MAAM,aAAa,WAAW,GAAG;AAEhE,SAAA;AACT;AAOA,MAAM,aAAa,OACjB,IACA,eACuB;AAEvB,MAAImC,qBAAE,IAAI,YAAY,OAAO,GAAG;AACxB,UAAA,gBAAgB,MAAM,qBAAqB,EAAE;AACnD,UAAM,iBAAiB,MAAM,WAAW,MAAM,EAAE,4BAA4B;AAC5E,UAAM,2BAA2B,CAACmC,QAAAA,OAAO,eAAe,WAAW,OAAQ,eAAe,EAAE;AAE5F,QAAI,iBAAiB,0BAA0B;AACvC,YAAA,IAAID,kBAAgB,wDAAwD;AAAA,IACpF;AAAA,EACF;AAGI,MAAA,WAAW,aAAa,OAAO;AAC3B,UAAA,gBAAgB,MAAM,qBAAqB,EAAE;AACnD,QAAI,eAAe;AACX,YAAA,IAAIA,kBAAgB,wDAAwD;AAAA,IACpF;AAAA,EACF;AAGA,MAAIlC,qBAAE,IAAI,YAAY,UAAU,GAAG;AACjC,UAAM,iBAAiB,MAAM,WAAW,MAAM,EAAE,aAAa,WAAW,QAAS;AAEjF,UAAMoC,eAAc,MAAM,OAAO,GAAG,MAAM,aAAa,EAAE,OAAO;AAAA,MAC9D,OAAO,EAAE,GAAG;AAAA,MACZ,MAAM;AAAA,QACJ,GAAG;AAAA,QACH,UAAU;AAAA,MACZ;AAAA,MACA,UAAU,CAAC,OAAO;AAAA,IAAA,CACnB;AAEM,WAAA,SAAS,KAAK,eAAe,EAAE,MAAM,aAAaA,YAAW,GAAG;AAEhEA,WAAAA;AAAAA,EACT;AAEA,QAAM,cAAc,MAAM,OAAO,GAAG,MAAM,aAAa,EAAE,OAAO;AAAA,IAC9D,OAAO,EAAE,GAAG;AAAA,IACZ,MAAM;AAAA,IACN,UAAU,CAAC,OAAO;AAAA,EAAA,CACnB;AAED,MAAI,aAAa;AACR,WAAA,SAAS,KAAK,eAAe,EAAE,MAAM,aAAa,WAAW,GAAG;AAAA,EACzE;AAEO,SAAA;AACT;AAOA,MAAM,uBAAuB,OAAOlB,QAAeH,eAAqB;AACtE,QAAMlD,QAAO,MAAM,OAAO,GACvB,MAAM,aAAa,EACnB,QAAQ,EAAE,OAAO,EAAE,OAAAqD,OAAM,GAAG,UAAU,CAAC,OAAO,GAAG;AAEpD,MAAI,CAACrD,OAAM;AACT,UAAM,IAAI,MAAM,6BAA6BqD,MAAK,EAAE;AAAA,EACtD;AAEI,MAAA;AACI,UAAAmB,SAAkB,SAAStB,UAAQ;AAAA,WAClC,OAAO;AACd,UAAM,IAAImB;AAAAA,MACR;AAAA,IAAA;AAAA,EAEJ;AAEA,QAAM,WAAWrE,MAAK,IAAI,EAAEkD,UAAAA,WAAU,CAAA;AACxC;AAMA,MAAM,uBAAuB,OAAO,WAAsC;AAClE,QAAAlD,QAAQ,MAAMyE,UAAQ,MAAM;AAClC,MAAI,CAACzE;AAAa,WAAA;AAElB,QAAM,iBAAiB,MAAM,WAAW,MAAM,EAAE,4BAA4B;AAE5E,SAAO,eAAe,eAAe,KAAKuD,oBAAkBvD,KAAI;AAClE;AAMA,MAAM0E,WAAS,OAAO,aAAa,OAAoC;AAC7D,SAAA,MAAM,OAAO,GAAG,MAAM,aAAa,EAAE,MAAM,EAAE,OAAO,WAAY,CAAA,IAAK;AAC/E;AAOA,MAAM,uBAAuB,OAC3B,sBAC6E;AAC7E,QAAM1E,QAAO,MAAM,OAAO,GAAG,MAAM,aAAa,EAAE,QAAQ,EAAE,OAAO,EAAE,kBAAA,EAAqB,CAAA;AAE1F,MAAI,CAACA,OAAM;AACF,WAAA;AAAA,EACT;AAEA,SAAOmC,aAAAA,QAAE,KAAKnC,OAAM,CAAC,SAAS,aAAa,UAAU,CAAC;AACxD;AAQA,MAAM,WAAW,OAAO;AAAA,EACtB;AAAA,EACA;AACF,MAGM;AACJ,QAAM,eAAe,MAAM,OAAO,GAC/B,MAAM,aAAa,EACnB,QAAQ,EAAE,OAAO,EAAE,kBAAA,EAAqB,CAAA;AAE3C,MAAI,CAAC,cAAc;AACX,UAAA,IAAIqE,kBAAgB,2BAA2B;AAAA,EACvD;AAEA,SAAO,WAAW,MAAM,EAAE,WAAW,aAAa,IAAI;AAAA,IACpD,UAAU,SAAS;AAAA,IACnB,WAAW,SAAS;AAAA,IACpB,UAAU,SAAS;AAAA,IACnB,mBAAmB;AAAA,IACnB,UAAU;AAAA,EAAA,CACX;AACH;AAKA,MAAMI,YAAU,OAAO,IAAa,WAAW,CAAC,OAAO,MAAM;AAC3D,SAAO,OAAO,GAAG,MAAM,aAAa,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,SAAU,CAAA;AAC3E;AAQA,MAAM,iBAAiB,OAAOpB,QAAe,WAAW,OAAO;AAC7D,SAAO,OAAO,GAAG,MAAM,aAAa,EAAE,QAAQ;AAAA,IAC5C,OAAO,EAAE,OAAO,EAAE,MAAMA,SAAQ;AAAA,IAChC;AAAA,EAAA,CACD;AACH;AAKA,MAAM,WAAW,OAAO,SAAS,OAAyB;AACxD,QAAM,QAAQ,OACX,IAAI,cAAc,EAClB,UAAU,eAAesB,GAAAA,SAAS,EAAE,UAAU,CAAC,OAAO,EAAE,GAAG,MAAM,CAAC;AAErE,SAAO,OAAO,GAAG,MAAM,aAAa,EAAE,SAAS,KAAK;AACtD;AAKA,MAAM,aAAa,OAAO,OAA2C;AAEnE,QAAM,eAAiC,MAAM,OAAO,GAAG,MAAM,aAAa,EAAE,QAAQ;AAAA,IAClF,OAAO,EAAE,GAAG;AAAA,IACZ,UAAU,CAAC,OAAO;AAAA,EAAA,CACnB;AAED,MAAI,CAAC,cAAc;AACV,WAAA;AAAA,EACT;AAEA,MAAI,cAAc;AACZ,QAAA,aAAa,MAAM,KAAK,CAAC,MAAM,EAAE,SAASrB,kBAAgB,GAAG;AAC/D,YAAM,iBAAiB,MAAM,WAAW,MAAM,EAAE,4BAA4B;AACxE,UAAA,eAAe,eAAe,GAAG;AAC7B,cAAA,IAAIe,kBAAgB,wDAAwD;AAAA,MACpF;AAAA,IACF;AAAA,EACF;AAEA,QAAM,cAAc,MAAM,OAAO,GAC9B,MAAM,aAAa,EACnB,OAAO,EAAE,OAAO,EAAE,GAAG,GAAG,UAAU,CAAC,OAAO,GAAG;AAEzC,SAAA,SAAS,KAAK,eAAe,EAAE,MAAM,aAAa,WAAW,GAAG;AAEhE,SAAA;AACT;AAKA,MAAMO,gBAAc,OAAO,QAAmD;AAE5E,QAAM,iBAAiB,MAAM,WAAW,MAAM,EAAE,4BAA4B;AAC5E,QAAM,yBAAyB,MAAM,OAAO,GAAG,MAAM,aAAa,EAAE,MAAM;AAAA,IACxE,OAAO;AAAA,MACL,IAAI;AAAA,MACJ,OAAO,EAAE,IAAI,eAAe,GAAG;AAAA,IACjC;AAAA,EAAA,CACD;AAEG,MAAA,eAAe,eAAe,wBAAwB;AAClD,UAAA,IAAIP,kBAAgB,wDAAwD;AAAA,EACpF;AAEA,QAAM,eAAe,CAAA;AACrB,aAAW,MAAM,KAAK;AACpB,UAAM,cAAc,MAAM,OAAO,GAAG,MAAM,aAAa,EAAE,OAAO;AAAA,MAC9D,OAAO,EAAE,GAAG;AAAA,MACZ,UAAU,CAAC,OAAO;AAAA,IAAA,CACnB;AAED,iBAAa,KAAK,WAAW;AAAA,EAC/B;AAEO,SAAA,SAAS,KAAK,eAAe;AAAA,IAClC,OAAO,aAAa,IAAI,CAAC,gBAAgB,aAAa,WAAW,CAAC;AAAA,EAAA,CACnE;AAEM,SAAA;AACT;AAIA,MAAM,wBAAwB,YAA6B;AACzD,SAAO,OAAO,GAAG,MAAM,aAAa,EAAE,MAAM;AAAA,IAC1C,OAAO;AAAA,MACL,OAAO;AAAA,QACL,IAAI,EAAE,OAAO,KAAK;AAAA,MACpB;AAAA,IACF;AAAA,EAAA,CACD;AACH;AAMA,MAAMQ,UAAQ,OAAO,QAAQ,OAAwB;AAC5C,SAAA,OAAO,GAAG,MAAM,aAAa,EAAE,MAAM,EAAE,OAAO;AACvD;AAKA,MAAM,mBAAmB,OAAO,WAAmC;AACjE,QAAMC,SAAQ,MAAM,OAAO,GAAG,MAAM,aAAa,EAAE,SAAS;AAAA,IAC1D,QAAQ,CAAC,IAAI;AAAA,IACb,OAAO;AAAA,MACL,OAAO,EAAE,IAAI,EAAE,OAAO,OAAO;AAAA,IAC/B;AAAA,EAAA,CACD;AAED,QAAM,QAAQ;AAAA,IACZA,OAAM,IAAI,CAAC9E,UAAS;AAClB,aAAO,OAAO,GAAG,MAAM,aAAa,EAAE,OAAO;AAAA,QAC3C,OAAO,EAAE,IAAIA,MAAK,GAAG;AAAA,QACrB,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE;AAAA,MAAA,CACzB;AAAA,IAAA,CACF;AAAA,EAAA;AAEL;AAIA,MAAM,oCAAoC,YAA2B;AAC7D6E,QAAAA,SAAQ,MAAM;AAEpB,MAAIA,SAAQ,GAAG;AACb,WAAO,IAAI,KAAK,eAAeA,MAAK,wBAAwB;AAAA,EAC9D;AACF;AAIA,MAAM,oBAAoB,YAA+B;AACvD,QAAMC,SAAQ,MAAM,OAAO,GAAG,MAAM,aAAa,EAAE,SAAS,EAAE,QAAQ,CAAC,kBAAkB,EAAG,CAAA;AAE5F,SAAOA,OAAM,IAAI,CAAC9E,UAASA,MAAK,oBAAoB,IAAI;AAC1D;AAEA,MAAe,SAAA;AAAA,EAAA,QACbiE;AAAAA,EACA;AAAA,EAAA,QACAS;AAAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAAA,SACAD;AAAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAAA,aACAG;AAAAA,EACA;AAAA,EAAA,OACAC;AAAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF;AC7WO,MAAM,mBAAmB;AAAA,EAC9B;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF;AACO,MAAM,4BAA4B;AAAA,EACvC;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF;AAEa,MAAA,2BACXpB,GAAAA,KAAK,yBAAyB;AAKhC,MAAM,uBAAuB,OAAO;AAAA,EAClC,kBAAkB,CAAC;AAAA,EACnB,YAAY,CAAC;AAAA,EACb,YAAY,CAAC;AAAA,EACb,SAAS;AACX;AAQO,MAAM,eAAeG,GAAA,MAAM,CAACmB,YAAmBb,gBAAuC;AACrF,QAAA,EAAE,YAAAc,YAAe,IAAAd;AACvB,QAAM,gBAAgB,MAAM,QAAQc,WAAU,IAC1C3E,GAAAA,KAAK2E,YAAW,OAAOD,UAAS,CAAC,IACjC,CAACA,UAAS;AAEP,SAAArB,OAAI,cAAc,eAAeQ,WAAU;AACpD,CAAC;AAOM,MAAM,kBAAkBN,GAAA,MAAM,CAACmB,YAAmBb,gBAAuC;AACvF,SAAAR,GAAA,IAAI,cAAcuB,GAAAA,OAAOC,GAAA,GAAGH,UAAS,GAAGb,YAAW,UAAU,GAAGA,WAAU;AACnF,CAAC;AAOM,MAAM,cAAcN,GAAA;AAAA,EACzB,CAAC,UAAkBM,gBACjBiB,OAAI,cAAc,QAAQ,IAAIjB,WAAU;AAC5C;AAQO,MAAM,cAAc,CACzB,UACA,OACAA,gBACe;AACf,SAAOR,GAAAA,IAAI,cAAc,QAAQ,IAAI,OAAOQ,WAAU;AACxD;AAOa,MAAA,iBAAiB,CAC5B,UACAA,gBACGP,QAAK,cAAc,QAAQ,IAAIO,WAAU;AAMjC,MAAAD,WAAS,CAAC,eAAwC;AACtD,SAAAJ,GAAA,KAAKJ,QAAK,gBAAgB,GAAGvD,SAAM,qBAAsB,CAAA,CAAC,EAAE,UAAU;AAC/E;AAOO,MAAM,qBAAqB0D,GAAA;AAAA,EAChC,CAAC,UAAoBM,gBAAuC;AAC1D,QAAI,CAACF,GAAA,QAAQE,YAAW,UAAU,GAAG;AAC5B,aAAAA;AAAA,IACT;AAEO,WAAAA,YAAW,WACf,OAAO,CAACa,eAAsB,CAAC,SAAS,IAAIA,UAAS,CAAC,EACtD;AAAA,MACC,CAAC,MAAkBA,eAAsB,gBAAgBA,YAAW,IAAI;AAAA,MACxEb;AAAA,IAAA;AAAA,EAEN;AACF;AASA,SAAS,aACP,SAC2B;AACvB,MAAAF,GAAAA,QAAQ,OAAO,GAAG;AACpB,WAAO5D,GAAAA,IAAI,CAAC,UAAU6D,SAAO,KAAK,GAAG,OAAO;AAAA,EAC9C;AAEA,SAAOA,SAAO,OAAO;AACvB;AAIA,MAAe,mBAAA;AAAA,EACb;AAAA,EACA;AAAA,EAAA,QACAA;AAAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF;AC3KA,MAAM,yBAAyB/B,QAAA,IAAI,OAAO,EAAE,MAAM;AAAA,EAChD,aAAaA,QAAAA,IAAI,MAAA,EAAQ;AAAA,IACvBA,YACG,OAAO,EACP,MAAM;AAAA,MACL,QAAQA,QAAA,IAAI,OAAO,EAAE,SAAS;AAAA,MAC9B,SAASA,QAAA,IAAI,OAAO,EAAE,SAAS;AAAA,MAC/B,OAAOA,YAAI,OAAO;AAAA,IACnB,CAAA,EACA,UAAU;AAAA,EACf;AACF,CAAC;AAED,MAAM,wBAAwB,SAAUM,cAAkB;AACxD,QAAM,kBAAkB,WAAW,YAAY,EAAE,eAAe,OAAO;AACvE,QAAM,YAAYA,aAAY;AAAA,IAC5B,CAAC0B,gBACC,CAAC,gBAAgB;AAAA,MACf,CAACvC,YACCA,QAAO,aAAauC,YAAW,WAC9BvC,QAAO,YAAY,kBAAkBA,QAAO,SAAS,SAASuC,YAAW,OAAO;AAAA,IACrF;AAAA,EAAA;AAGJ,SAAO,cAAc,KACjB;AAAA;AAAA,IAEA,KAAK,YAAY;AAAA,MACf,MAAM;AAAA,MACN,SAAS,IAAI,SAAS;AAAA,IAAA,CACvB;AAAA;AACP;AAEA,MAAM,qBAAqBhC,QAAAA,IACxB,MAAA,EACA;AAAA,EACCA,YAAI,OAAO,EAAE,MAAM;AAAA,IACjB,YAAYA,QAAI,IAAA,MAAA,EAAQ,GAAGA,QAAAA,IAAI,QAAQ;AAAA,EAAA,CACxC;AACH,EACC,KAAK,iBAAiB,IAAI,qBAAqB;AAErC,MAAA,2BAA2BE,QAAAA,kBAAkB,kBAAkB;AAC/D,MAAA,gCAAgCA,QAAAA,kBAAkB,sBAAsB;AACxE,MAAA,kCAAkCA,QAAAA,kBAAkB,WAAW,iBAAiB;AChC7F,MAAM,oBAAEkB,oBAAkB,qBAAyB,IAAA8B;AAEnD,MAAM,EAAE,+BAAmC,IAAAC;AAC3C,MAAM,EAAEpC,kBAAAA,mBAAqB,IAAA7B;AAE7B,MAAM,QAAQ;AAAA,EACZ,gCAAgC,+BAA+B;AACjE;AAEA,MAAM,UAAU;AAAA,EACd,SAAS;AACX;AAGA,MAAM,eAA+EuC,GAAAA,KAAK;AAAA,EACxF;AAAA,EACA;AACF,CAAU;AAIV,MAAM,oBAAoB,CAAC,cAAc,cAAc,WAAW,UAAU,kBAAkB;AAC9F,MAAM,uBAAuBF,GAAAA,KAAK,iBAAiB;AAEnD,MAAM,YAAY,CAAmB,SAAe,KAAK,MAAM,KAAK,UAAU,IAAI,CAAC;AAKnF,MAAM,sBAAsB,CAAC,IAAgB,OAA4B;AACnE,MAAA,GAAG,WAAW,GAAG,QAAQ;AACpB,WAAA6B,GAAA,QAAQ,UAAU,qBAAqB,EAAE,CAAC,GAAG,UAAU,qBAAqB,EAAE,CAAC,CAAC;AAAA,EACzF;AAEO,SAAA;AACT;AAMA,MAAMrB,WAAS,OAAO,eAAuD;AAC3E,QAAM,gBAAgB,MAAMS,SAAO,EAAE,MAAM,WAAW,MAAM;AAE5D,MAAI,eAAe;AACjB,UAAM,IAAIzB;AAAAA,MACR,kDAAkD,WAAW,IAAI;AAAA,IAAA;AAAA,EAErE;AACM,QAAA,oBAAoB,GAAGd,aAAA,QAAE,UAAU,WAAW,IAAI,CAAC,IAAIoD,QAAAA,MAAM,cAAA,CAAe;AAElF,QAAM,gBAAgB;AAAA,IACpB,GAAG;AAAA,IACH,MAAM,WAAW,QAAQ;AAAA,EAAA;AAGrB,QAAA,SAAS,MAAM,OAAO,GAAG,MAAM,aAAa,EAAE,OAAO,EAAE,MAAM,cAAe,CAAA;AAC3E,SAAA,SAAS,KAAK,eAAe,EAAE,MAAM,aAAa,MAAM,GAAG;AAE3D,SAAA;AACT;AAOA,MAAM,UAAU,CAAC,SAAS,IAAI,aAA2C;AAChE,SAAA,OAAO,GAAG,MAAM,aAAa,EAAE,QAAQ,EAAE,OAAO,QAAQ,SAAA,CAAU;AAC3E;AAOA,MAAM,wBAAwB,OAC5B,SAAS,IACT,aACqC;AACrC,QAAM/B,QAAO,MAAM,OAAO,GAAG,MAAM,aAAa,EAAE,QAAQ,EAAE,OAAO,QAAQ,SAAU,CAAA;AAErF,MAAIA,OAAM;AACR,IAAAA,MAAK,aAAa,MAAM,cAAcA,MAAK,EAAE;AAAA,EAC/C;AAEO,SAAAA;AACT;AAOA,MAAM,OAAO,CAAC,SAAS,IAAI,aAA4C;AAC9D,SAAA,OAAO,GAAG,MAAM,aAAa,EAAE,SAAS,EAAE,OAAO,QAAQ,SAAA,CAAU;AAC5E;AAKA,MAAM,wBAAwB,OAAO,WAAoD;AACvF,QAAMX,SAAmC,MAAM,OAAO,GACnD,MAAM,aAAa,EACnB,SAAS,OAAO,IAAI,cAAc,EAAE,UAAU,eAAe,MAAM,CAAC;AAEvE,aAAWW,SAAQX,QAAO;AACxB,IAAAW,MAAK,aAAa,MAAM,cAAcA,MAAK,EAAE;AAAA,EAC/C;AAEO,SAAAX;AACT;AAOA,MAAM2C,WAAS,OAAO,QAAa,eAAuD;AACxF,QAAM,sBAAsBrD,aAAAA,QAAE,KAAK,YAAY,CAAC,MAAM,CAAC;AAEnD,MAAAA,aAAA,QAAE,IAAI,QAAQ,IAAI,KAAKA,aAAAA,QAAE,IAAI,qBAAqB,MAAM,GAAG;AACvD,UAAA,gBAAgB,MAAMuC,SAAO;AAAA,MACjC,MAAM,oBAAoB;AAAA,MAC1B,IAAI,EAAE,KAAK,OAAO,GAAG;AAAA,IAAA,CACtB;AACD,QAAI,eAAe;AACjB,YAAM,IAAIzB;AAAAA,QACR,kDAAkD,oBAAoB,IAAI;AAAA,MAAA;AAAA,IAE9E;AAAA,EACF;AAEA,QAAM,SAAS,MAAM,OAAO,GACzB,MAAM,aAAa,EACnB,OAAO,EAAE,OAAO,QAAQ,MAAM,oBAAqB,CAAA;AAE/C,SAAA,SAAS,KAAK,eAAe,EAAE,MAAM,aAAa,MAAM,GAAG;AAE3D,SAAA;AACT;AAMA,MAAMyB,WAAS,OAAO,SAAS,OAAoC;AAC3DG,QAAAA,SAAQ,MAAM,OAAO,GAAG,MAAM,aAAa,EAAE,MAAM,EAAE,OAAO,OAAQ,CAAA;AAC1E,SAAOA,SAAQ;AACjB;AAMA,MAAM,QAAQ,OAAO,SAAS,OAA+B;AAC3D,SAAO,OAAO,GAAG,MAAM,aAAa,EAAE,MAAM,MAAM;AACpD;AAMA,MAAM,0BAA0B,OAAO,MAAM,OAAoB;AACzD,QAAA,iBAAiB,MAAM;AAE7B,MAAI,kBAAkBP,QAAAA,OAAO,eAAe,KAAK,eAAe,EAAE,GAAG;AAC7D,UAAA,IAAIrB,mBAAiB,wCAAwC;AAAA,EACrE;AAEA,aAAW,UAAU,KAAK;AAClB,UAAA,aAAa,MAAM,cAAc,MAAM;AAC7C,QAAI,eAAe,GAAG;AACd,YAAA,IAAIA,mBAAiB,6CAA6C;AAAA,IAC1E;AAAA,EACF;AACF;AAMA,MAAM2B,gBAAc,OAAO,MAAM,OAA0C;AACzE,QAAM,wBAAwB,GAAG;AAEjC,QAAM,WAAW,YAAY,EAAE,iBAAiB,GAAG;AAEnD,QAAM,eAA4B,CAAA;AAClC,aAAW,MAAM,KAAK;AACpB,UAAM,cAAc,MAAM,OAAO,GAAG,MAAM,aAAa,EAAE,OAAO,EAAE,OAAO,EAAE,GAAA,EAAM,CAAA;AAEjF,QAAI,aAAa;AACf,aAAO,SAAS,KAAK,eAAe,EAAE,MAAM,aAAa;AACzD,mBAAa,KAAK,WAAW;AAAA,IAC/B;AAAA,EACF;AAEO,SAAA;AACT;AAIA,MAAM,gBAAgB,OAAO,WAAqC;AAChE,SAAO,OAAO,GAAG,MAAM,aAAa,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,IAAI,OAAO,EAAA,EAAK,CAAA;AAClF;AAIA,MAAM,gBAAgB,MAAsC,QAAQ,EAAE,MAAMtB,mBAAkB,CAAA;AAK9F,MAAM,8BAA8B,MAAM,sBAAsB,EAAE,MAAMA,mBAAkB,CAAA;AAI1F,MAAM,yBAAyB,YAAY;AACnC,QAAA,iBAAiB,MAAMoB;AAC7B,MAAI,gBAAgB;AAClB;AAAA,EACF;AAEA,QAAM,EAAE,gBAAA1C,gBAAA,IAAmB,WAAW,YAAY;AAE5C,QAAA,aAAaA,gBAAe;AAClC,QAAM,sBAAsB,WAAW,OAAO,CAAC,MAAM,EAAE,YAAY,cAAc;AAG3E,QAAA,iBAAiB,MAAMiC,SAAO;AAAA,IAClC,MAAM;AAAA,IACN,MAAM;AAAA,IACN,aAAa;AAAA,EAAA,CACd;AAED,QAAM,WAAW,MAAM,EAAE,iBAAiB,eAAe,EAAE;AAErD,QAAA,aAAa,MAAMA,SAAO;AAAA,IAC9B,MAAM;AAAA,IACN,MAAM;AAAA,IACN,aAAa;AAAA,EAAA,CACd;AAEK,QAAA,aAAa,MAAMA,SAAO;AAAA,IAC9B,MAAM;AAAA,IACN,MAAM;AAAA,IACN,aAAa;AAAA,EAAA,CACd;AAGK,QAAA,oBAAoB,WAAW,cAAc,EAAE;AAAA,IACnD;AAAA,IACA;AAAA,MACE,oBAAoB,CAAC,gCAAgC;AAAA,IACvD;AAAA,EAAA;AAGI,QAAA,oBAAoB,kBACvB,OAAO,CAAC,EAAE,QAAAtC,QAAkB,MAAAA,YAAW,QAAQ,OAAO,EACtD;AAAA,IAAI,CAACuC,gBACJ,iBAAiB,OAAO,EAAE,GAAGA,aAAY,YAAY,CAAC,mBAAmB,GAAG;AAAA,EAAA;AAG9D,oBAAA,KAAK,GAAG,4BAAA,CAA6B;AACvD,oBAAkB,KAAK,GAAG,4BAA4B,EAAE,UAAU,KAAM,CAAA,CAAC;AAGnE,QAAA,eAAe,WAAW,IAAI,iBAAiB;AAC/C,QAAA,eAAe,WAAW,IAAI,iBAAiB;AACvD;AAEA,MAAM,8BAA8B,CAAC,EAAE,WAAW,MAAM,IAAI,CAAA,MAAO;AACjE,QAAMc,cAAa,WAAW,CAAC,mBAAmB,IAAI,CAAA;AAG/C,SAAA;AAAA,IACL,EAAE,QAAQ,uBAAuB,YAAAA,YAAW;AAAA,IAC5C,EAAE,QAAQ,gCAAgC;AAAA,IAC1C,EAAE,QAAQ,+BAA+B;AAAA,IACzC,EAAE,QAAQ,gCAAgC,YAAAA,YAAW;AAAA,IACrD,EAAE,QAAQ,iCAAiC;AAAA,IAC3C,EAAE,QAAQ,kCAAkC;AAAA,EAAA,EAC5C,IAAI,iBAAiB,MAAM;AAC/B;AAKA,MAAM,+BAA+B,YAAY;AACzC,QAAA,iBAAiB,MAAM;AAC7B,QAAM,kBAAkB,MAAM,WAAW,MAAM,EAAE,OAAO;AAExD,MAAI,CAAC,gBAAgB;AACZ,WAAA,IAAI,KAAK,mDAAmD;AAAA,EAC1D,WAAA,mBAAmB,eAAe,eAAe,GAAG;AACtD,WAAA,IAAI,KAAK,mDAAmD;AAAA,EACrE;AACF;AAOA,MAAM,oBAAoB,OACxB,QACAxC,eAA4E,OACzE;AACH,QAAM,yBAAyBA,YAAW;AAI1C,QAAM,kBAAkB,WAAW,YAAY,EAC5C,eAAe,OAAA,EACf,OAAO,CAACb,YAAWA,QAAO,YAAY,UAAU,EAChD,IAAI,CAACA,YAAWA,QAAO,QAAQ;AAElC,QAAM,aAAa,MAAM,WAAW,MAAM,EAAE,cAAc;AACpD,QAAA,eAAe,cAAc,WAAW,OAAO;AAC/C,QAAA,aAAa+B,GAAAA,IAAI,QAAQ,MAAM;AAErC,QAAM,sBAAsBlB,aAEzB,IAAI,UAAU,EAGd,IAAI,iBAAiB,MAAM;AAE9B,QAAM,sBAAsB,MAAM,WAAW,YAAY,EAAE,SAAS;AAAA,IAClE,OAAO,EAAE,MAAM,EAAE,IAAI,SAAS;AAAA,IAC9B,UAAU,CAAC,MAAM;AAAA,EAAA,CAClB;AAED,QAAM,mBAAmBiD,GAAA;AAAA,IACvB;AAAA,IACA;AAAA,IACA;AAAA,EAAA,EACA,OAAO,CAACvB,gBAA2B,CAAC,gBAAgB,SAASA,YAAW,MAAM,CAAC;AAEjF,QAAM,sBAAsBuB,GAAA;AAAA,IAC1B;AAAA,IACA;AAAA,IACA;AAAA,EAAA,EACA,OAAO,CAACvB,gBAA2B,CAAC,gBAAgB,SAASA,YAAW,MAAM,CAAC;AAEjF,QAAM,sBAAsBwB,GAAA,aAAa,MAAM,qBAAqB,mBAAmB;AAEnF,MAAA,oBAAoB,SAAS,GAAG;AAE5B,UAAA,WAAW,YAAY,EAAE,YAAY,oBAAoB,IAAI5B,GAAA,KAAK,IAAI,CAAC,CAAC;AAAA,EAChF;AAEI,MAAA,iBAAiB,SAAS,GAAG;AAC/B,UAAM,iBAAiB,MAAM,eAAe,QAAQ,gBAAgB;AAChD,wBAAA,KAAK,GAAG,cAAc;AAAA,EAC5C;AAEA,MAAI,CAAC,iBAAiB,iBAAiB,UAAU,oBAAoB,SAAS;AACtE,UAAA,WAAW,SAAS,EAAE;EAC9B;AAEO,SAAA;AACT;AAEA,MAAM,iBAAiB,OAAO,QAAiBtB,iBAAqB;AAClE,QAAM,EAAE,mBAAAT,oBAAmB,YAAA4D,YAAW,IAAI,WAAW,YAAY;AAC3D,QAAA,EAAE,oBAAAC,oBAAuB,IAAA;AAE/B,QAAM,sBAAsBpD,aACzB,IAAIkB,GAAAA,IAAI,QAAQ,MAAM,CAAC,EAGvB,IAAIkC,oBAAmB7D,kBAAiB,CAAC,EACzC,IAAI,iBAAiB,MAAM;AAE9B,SAAO4D,YAAW,mBAAmB;AACvC;AAEA,MAAM,sBAAsB,CAAChE,YAAmBA,QAAO,YAAY;AAKnE,MAAM,6BAA6B,YAAY;AAC7C,QAAM,iBAAiB,MAAM,WAAW,MAAM,EAAE,cAAc;AAC9D,MAAI,CAAC,gBAAgB;AACnB;AAAA,EACF;AAEM,QAAA,oBAAoB,WAAW,YAAY;AAC3C,QAAA,qBAAqB,WAAW,cAAc;AAE9C,QAAA,aAAa,kBAAkB,eAAe,OAAO;AAE3D,QAAM,sBAAsB,WAAW,OAAO,CAACA,YAAW,oBAAoBA,OAAM,CAAC;AAC/E,QAAA,eAAe,WAAW,OAAO,CAACA,YAAW,CAAC,oBAAoBA,OAAM,CAAC;AAG/E,QAAMa,eAAc,mBAAmB;AAAA,IACrC;AAAA,EAAA;AAIF,QAAM,mBAAmB,aAAa,OAAO,CAAC,KAAKb,YAAW;AACtD,UAAA,EAAE,UAAU,SAAa,IAAAA;AAE3B,QAAAqC,GAAAA,QAAQ,QAAQ,GAAG;AACjB,UAAA;AAAA,QACF,GAAG,SAAS,IAAI,CAACvB,aAAY,iBAAiB,OAAO,EAAE,QAAQ,UAAU,SAAAA,SAAQ,CAAC,CAAC;AAAA,MAAA;AAAA,IACrF,OACK;AACL,UAAI,KAAK,iBAAiB,OAAO,EAAE,QAAQ,SAAU,CAAA,CAAC;AAAA,IACxD;AAEO,WAAA;AAAA,EACT,GAAG,CAAkB,CAAA;AAET,EAAAD,aAAA,KAAK,GAAG,gBAAgB;AAE9B,QAAA,yBAA0B,MAAM,MAAM,+BAA+B;AAAA,IACzEA;AAAA,EAAA;AAGI,QAAA,kBAAkB,eAAe,IAAI,sBAAsB;AACnE;AAKA,MAAM,oBAAoB,CAACxC,UAA6B;AACtD,QAAM6C,SAAQV,aAAAA,QAAE,IAAInC,OAAM,SAAS,CAAA,CAAE;AAErC,SAAO6C,OAAM,IAAIiB,GAAA,KAAK,MAAM,CAAC,EAAE,SAASR,kBAAgB;AAC1D;AAEA,MAAMrC,cAAY;AAAA,EAChB,gBAAgBqC;AAClB;AAEA,MAAe,SAAA;AAAA,EACb;AAAA,EACA;AAAA,EAAA,QACAW;AAAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAAA,QACAuB;AAAAA,EAAA,QACAd;AAAAA,EACA;AAAA,EAAA,aACAE;AAAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EAAA,WACA3D;AACF;ACzdA,MAAM,sBAAsB,CAACV,SAAqB,eAAqB;AACrE,SAAO,IAAIsF,cAAA;AAAA,IACT;AAAA,MACE,eAAe;AAAA,MACf,eAAe;AAAA,MACf,SAAS;AAAA,IACX;AAAA,IACA,CAACxC,QAAeH,WAAkB,SAAc;AAC9C,aAAO,WAAW,MAAM,EACrB,iBAAiB,EAAE,OAAO4C,GAAAA,QAAQzC,MAAK,GAAG,UAAAH,UAAU,CAAA,EACpD,KAAK,OAAO,CAAC,OAAOlD,OAAM,OAAO,MAAM;AACtC,YAAI,YAAY;AACd,iBAAO,WAAW,CAAC,OAAOA,OAAM,OAAO,GAAG,IAAI;AAAA,QAChD;AAEO,eAAA,KAAK,OAAOA,OAAM,OAAO;AAAA,MAAA,CACjC,EACA,MAAM,CAAC,UAAU,KAAK,KAAK,CAAC;AAAA,IACjC;AAAA,EAAA;AAEJ;ACnBA,MAAM,mBAAmB;AAAA,EACvB,qBAAqB;AAAA,EACrB,mBAAmB;AACrB;AAEA,MAAM,sBAAsB,CAAC,CAAG,EAAA,KAAK,MAAkB+F,cAAW,KAAK;AACvE,MAAM,sBAAsB,CAAC,CAAC,GAAG,MAAW;AACnC,SAAA,OAAO,KAAK,OAAO,QAAQ,iBAAiB,EAAE,gBAAgB,EAAE,SAAS,GAAG;AACrF;AAEA,MAAM,wBAAwB,MAAM,CAAC,oBAAoB,MAAM,CAAC;AAEhE,MAAM,qBAAqB,MAAM;AAEzB,QAAA,EAAE,SAAS,CAAA,MAAO,OAAO,OAAO,IAAI,cAAc,CAAA,CAAE;AAC1D,QAAM,EAAE,kBAAAC,kBAAAA,IAAqB,OAAO,QAAQ,iBAAiB;AAEvD,QAAA,YAAY,OAAO,QAAQ,MAAM,EAAE,OAAO,mBAAmB,EAAE,OAAO,mBAAmB;AAE/F,aAAW,CAAC,WAAW,OAAO,KAAK,WAAW;AAE5C,WAAO,SAAS,GAAGA,kBAAiB,SAAS,GAAG,OAAc;AAAA,EAChE;AACF;AAEA,MAAM,OAAO,MAAM;AAEd,SAAA,QAAQ,iBAAiB,EACzB,sBAAsB,EACtB,QAAQ,CAAC,aAAuBC,kBAAA,QAAS,IAAI,QAAQ,CAAC;AAEtC;AAEnB,SAAOA,kBAAAA,QAAS;AAClB;AAEA,MAAA,WAAe,EAAE,MAAM,uBAAuB,iBAAiB;ACvC/D,MAAM,oBAAoB,YAAY;AACpC,QAAM,gBAAgB,MAAM,WAAW,MAAM,EAAE,MAAM;AACrD,QAAM,gBAAgB,MAAM,WAAW,MAAM,EAAE,MAAM;AAC9C,SAAA,UAAU,KAAK,iBAAiB;AAAA,IACrC,iBAAiB,EAAE,eAAe,cAAc;AAAA,EAAA,CACjD;AACH;AAEA,MAAM,+BAA+B,YAAY;AACxC,SAAA,UAAU,KAAK,0BAA0B;AAClD;AAEA,MAAM,iCAAiC,YAAY;AACjD,QAAM,iBAAiB,MAAM,WAAW,MAAM,EAAE,kBAAkB;AAE3D,SAAA,UAAU,KAAK,8BAA8B,EAAE,gBAAgB,EAAE,kBAAkB;AAC5F;AAEA,MAAM,+BAA+B,OAAO1F,YAAwB;AAC5D,QAAA,2BAA2B,MAAM,WAAW,MAAM,EAAE,MAAM,EAAE,UAAU,KAAA,CAAM;AAClF,QAAM,qBAAqB,MAAM,WAAW,MAAM,EAAE,MAAM;AAE1DA,UAAO,UAAU,KAAK,+BAA+B;AAAA,IACnD,iBAAiB,EAAE,0BAA0B,mBAAmB;AAAA,EAAA,CACjE;AACH;AAEA,MAAM,YAAY,CAACA,YAAwB;AACzCA,UAAO,KAAK,IAAI;AAAA,IACd,eAAe,MAAM,6BAA6BA,OAAM;AAAA,EAAA,CACzD;AACH;AAEA,MAAe,UAAA;AAAA,EACb;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF;ACrCA,MAAM,oBAAoB,EAAE,WAAW;AAgBvC,MAAM,kBAAkB,MAAM;AAC5B,QAAM,EAAE,SAAS,OAAO,IAAI,OAAO,OAAO;AAAA,IACxC;AAAA,IACA,CAAC;AAAA,EAAA;AAGI,SAAA;AAAA,IACL;AAAA,IACA,SAAS4B,aAAA,QAAE,MAAM,mBAAmB,OAAO;AAAA,EAAA;AAE/C;AAKA,MAAM,cAAc,MAAc;AAChC,SAAO+D,gBAAAA,QAAO,YAAY,EAAE,EAAE,SAAS,KAAK;AAC9C;AAMA,MAAM,iBAAiB,CAAClG,UAAkC;AACxD,QAAM,EAAE,SAAS,OAAO,IAAI,gBAAgB;AAErC,SAAAmG,aAAA,QAAI,KAAK,EAAE,IAAInG,MAAK,GAAG,GAAG,QAAQ,OAAO;AAClD;AAOA,MAAM,iBAAiB,CACrBgB,WACiF;AAC3E,QAAA,EAAE,WAAW;AAEf,MAAA;AACF,UAAM,UAAUmF,aAAA,QAAI,OAAOnF,QAAO,MAAM;AACjC,WAAA,EAAE,SAAS,SAAS;WACpB,KAAK;AACZ,WAAO,EAAE,SAAS,MAAM,SAAS,MAAM;AAAA,EACzC;AACF;AAEA,MAAM,uBAAuB,MAAM;AAC7B,MAAA,OAAO,OAAO,IAAI,uBAAuB,KAAK,CAAC,OAAO,OAAO,IAAI,mBAAmB,GAAG;AACzF,UAAM,IAAI;AAAA,MACR;AAAA;AAAA,IAAA;AAAA,EAGJ;AACF;;;;;;;;;ACxEA,MAAM,+BAA+BkB,QAAAA,IAClC,QACA,SACA,EAAA;AAAA,EACCA,YACG,OAAO,EACP,MAAM;AAAA,IACL,KAAKA,QAAAA,IACF,OAAA,EACA;AAAA,MACC;AAAA,MACA,CAAC,MAAM,GAAG,EAAE,IAAI;AAAA,MAEjB,SAAS;AAAA,IACZ,SAASA,QAAA,IAAI,OAAO,EAAE,MAAM,CAAC,gBAAgB,WAAW,YAAY,UAAU,CAAC,EAAE,SAAS;AAAA,IAC1F,YAAYA,QAAAA,IAAI,QAAQ,KAAK,WAAW;AAAA,MACtC,IAAI;AAAA,MACJ,MAAM,WAAW,cAAc,SAAS;AAAA,MACxC,WAAW,WAAW;AAAA,IAAA,CACvB;AAAA,IACD,UAAUA,QAAAA,IAAI,QAAQ,KAAK,WAAW;AAAA,MACpC,IAAI;AAAA,MACJ,MAAMA,QAAAA,IAAI,QAAQ,GAAGA,QAAAA,IAAI,OAAA,CAAQ,EAAE,SAAS;AAAA,MAC5C,WAAWA,YACR,MAAM,EACN,MAAM,CAAC,MAAS,GAAG,gEAAgE;AAAA,IAAA,CACvF;AAAA,IACD,aAAaA,QAAA,IAAI,OAAO,EAAE,SAAS;AAAA,IACnC,UAAUA,QAAAA,IAAI,QAAQ,KAAK,WAAW;AAAA,MACpC,IAAI;AAAA,MACJ,MAAMA,QAAA,IAAI,OAAO,EAAE,SAAS;AAAA,MAC5B,WAAWA,QAAAA,IACR,MAAA,EACA;AAAA,QACC;AAAA,QACA;AAAA,QACA,CAAC,QAAQ,QAAQ;AAAA,MACnB;AAAA,IAAA,CACH;AAAA,IACD,aAAaA,QAAAA,IAAI,QAAQ,KAAK,WAAW;AAAA,MACvC,IAAI,CAAC,YAAiB,CAAC,YAAY,SAAS,EAAE,SAAS,OAAO;AAAA,MAC9D,MAAMA,YAAI,OAAO;AAAA,MACjB,WAAWA,QAAAA,IACR,MAAA,EACA;AAAA,QACC;AAAA,QACA;AAAA,QACA,CAAC,WAAW;AACV,iBAAO,WAAW;AAAA,QACpB;AAAA,MACF;AAAA,IAAA,CACH;AAAA,IACD,SAASA,YAAI,OAAO;AAAA,MAClB,mBAAmBA,QAAI,IAAA,MAAA,EAAQ,GAAGA,QAAAA,IAAI,QAAQ;AAAA,IAAA,CAC/C;AAAA,IACD,SAASA,QACN,IAAA;AAAA,MACCA,QAAAA,IAAI,OAAO;AAAA,QACT,UAAUA,YAAI,OAAO;AAAA,QACrB,UAAUA,QAAI,IAAA,MAAMA,YAAI,OAAO,CAAC,EAAE,SAAS;AAAA,MAAA,CAC5C;AAAA,MAEF,SAAS;AAAA,EACb,CAAA,EACA,UAAU;AACf;AAEW,MAAA,iCAAiCkE,8BAAsB,4BAA4B;AC7DhG,MAAM,EAAEnD,kBAAAA,mBAAqB,IAAA7B;AAK7B,MAAM,uBAAuB,CAAC,YAAsB;AAC5C,QAAA,WAAWiF,wBAAwB,OAAO;AAChD,QAAM,cAAc;AAAA,IAClB,0BAA0BC,cAAM,wBAAwB;AAAA,EAAA;AAGnD,SAAA;AAAA,IACL,GAAG;AAAA,IAEH,OAAO;AAAA,MACL,GAAG,SAAS;AAAA,MACZ,GAAG;AAAA,IACL;AAAA,IAEA,MAAM,SAAS,kBAAuC;AACpD,UAAI,OAAO,UAAU;AACb,cAAA,IAAI,MAAM,mEAAmE;AAAA,MACrF;AAE+B,qCAAA,CAAC,gBAAgB,CAAC;AAE3C,YAAA3E,UAAS4E,aAAO,OAAO,gBAAgB;AAE7C,aAAO,SAAS,SAAS5E,QAAO,UAAUA,OAAM;AAAA,IAClD;AAAA,IAEA,MAAM,aAAa,mBAA0C;AAC3D,qCAA+B,iBAAiB;AAEhD,iBAAW,cAAc,mBAAmB;AACpC,cAAA,KAAK,SAAS,UAAU;AAAA,MAChC;AAEO,aAAA;AAAA,IACT;AAAA,IAEA,MAAM,kBAAkB,UAAkB,UAAkBc,UAAgC;AACpF,YAAAd,UAAS,SAAS,IAAI,QAAQ;AACpC,UAAI,CAACA,SAAQ;AACX,cAAM,IAAIsB,mBAAiB,4BAA4B,QAAQ,GAAG;AAAA,MACpE;AAEA,YAAM,kBAAkBsD,aAAO,kBAAkB,UAAU5E,OAAM;AAGjE,UAAI,CAAC,iBAAiB;AACb,eAAA;AAAA,MACT;AAGA,UAAI,CAACc,UAAS;AACL,eAAA;AAAA,MACT;AAGA,UAAI,CAAC8D,aAAO,iBAAiB9D,UAASd,OAAM,GAAG;AACtC,eAAA;AAAA,MACT;AAEA,YAAM,UAAU,MAAM,YAAY,yBAAyB,KAAK;AAAA,QAC9D;AAAA,QACA,QAAAA;AAAA,QACA,SAAAc;AAAA,MAAA,CACD;AAED,aAAO,QAAQ,MAAM,CAAC,WAAW,WAAW,KAAK;AAAA,IACnD;AAAA;AAAA;AAAA;AAAA,IAKA,iBAAiB,UAAkBA,UAAmC;AAC9D,YAAA,eAAe,KAAK,IAAI,QAAQ;AAEtC,UAAI,CAAC,cAAc;AACjB,eAAO;MACT;AAEO,aAAA,KAAK,SACT;AAAA,QAAO,CAACd,YACPA,QAAO,SAAS,KAAK,CAAC,UAAU;AAE1B,cAAA,MAAM,aAAa,UAAU;AACxB,mBAAA;AAAA,UACT;AAGA,cAAI,CAAC,MAAM,QAAQ,MAAM,QAAQ,GAAG;AAC3B,mBAAA;AAAA,UACT;AAGA,cAAI,CAACc,UAAS;AACL,mBAAA;AAAA,UACT;AAGO,iBAAA,MAAM,SAAS,SAASA,QAAO;AAAA,QAAA,CACvC;AAAA,MAEF,EAAA,IAAI,CAACd,YAAWA,QAAO,QAAQ;AAAA,IACpC;AAAA,EAAA;AAEJ;AClGA,MAAM,mBAAmB;AAMlB,MAAM,gCAAgC,OAAO;AAAA,EAClD,UAAU;AACZ;AAMO,MAAM,kBAAkB,CAAC,MAAM,eAAe,WAAW,UAAU,UAAU;AAKvE,MAAA,8BAA8B8B,GAAAA,KAAK,eAAe;AAElD,MAAA,qBAAqB,CAACsB,eAAsC;AACjE,QAAA,EAAE,MAAAhF,OAAM,OAAW,IAAAgF;AAEzB,MAAI,CAAC,QAAQ;AACX,WAAO,QAAQhF,KAAI;AAAA,EACrB;AAEA,MAAI,WAAW,SAAS;AACtB,WAAO,UAAUA,KAAI;AAAA,EACvB;AAEO,SAAA,WAAW,MAAM,IAAIA,KAAI;AAClC;AAMa,MAAA,oBAAoB,CAAC,UAA6C;AAC7E,QAAMgF,aAAYrB,GAAAA,IAAI,MAAM,mBAAmB,KAAK,GAAG,KAAK;AAGrD,SAAAqB;AACT;AAMO,MAAMd,WAASJ,GAAA;AAAA,EACpB;AAAA,EACA;AAAA,EACA3D,GAAA,MAAM,+BAA+B;AACvC;AAEA,MAAe,SAAA;AAAA,EACb;AAAA,EACA;AAAA,EACA;AAAA,EAAA,QACA+D;AAAAA,EACA;AAAA,EACA;AACF;ACpEA,MAAM,0BAA0B,MAAM;AACpC,QAAM,WAAWoC,QAAAA;AAEV,SAAA;AAAA,IACL,GAAG;AAAA,IAEH,MAAM,SAAS,qBAA6C;AAC1D,UAAI,OAAO,UAAU;AACb,cAAA,IAAI,MAAM,sEAAsE;AAAA,MACxF;AAEM,YAAAtB,aAAY,OAAO,OAAO,mBAAmB;AAEnD,aAAO,SAAS,SAASA,WAAU,IAAIA,UAAS;AAAA,IAClD;AAAA,IAEA,MAAM,aAAa,sBAAgD;AACjE,iBAAW,cAAc,sBAAsB;AACvC,cAAA,KAAK,SAAS,UAAU;AAAA,MAChC;AAEO,aAAA;AAAA,IACT;AAAA,EAAA;AAEJ;ACdA,MAAM;AAAA,EACJ,UAAU,EAAE,gBAAgB,uBAAuB;AACrD,IAAIyB;AAEJ,MAAM;AAAA,EAAA,WACJvF;AAAAA,EAAA,mBACAwF;AAAAA,EAAA,yBACAC;AAAAA,EACA;AAAA,EAAA,uBACAC;AACF,IAAIC;AACJ,MAAM;AAAA,EAAA,cACJC;AAAAA,EAAA,kBACAC;AAAAA,EAAA,sBACAC;AAAAA,EAAA,sBACAC;AAAAA,EAAA,wBACAC;AAAAA,EAAA,sBACAC;AAAAA,EAAA,sBACAC;AACF,IAAIlG;AAEJ,MAAMmG,qBAAmB,CAAC,aAAa;AACvC,MAAMC,kBAAgB,CAACR,gBAAcC,kBAAgB;AAErD,MAAe,wBAAA,CAAC,EAAE,QAAAnF,SAAQ,SAAAD,WAAS,YAAiB;AAC5C,QAAA,SAAS,OAAO,SAAS,KAAK;AAE9B,QAAA,EAAE,uBAAuB,IAAI8E,QAAS,SAAA;AAE5C,QAAM,MAAM;AAAA,IACV;AAAA,IACA,UAAU,OAAO,SAAS,KAAK,MAAM;AAAA,EAAA;AAGvC,QAAM,sBAAsB,CAAC,UAAU,OAAc;AAC7C,UAAA,EAAE,OAAW,IAAA;AAGnB,UAAM,kBAAkB,OAAO,mBAAmB,OAAO,eAAe,OAAO,SAAS;AAExF,UAAM,kBAAkBrG,QAAAA,MAAM;AAAA,MAC5BmH,QAAAA,SAAS,qBAAqB,uBAAuB,eAAe,GAAG,GAAG;AAAA,MAC1EA,iBAAS,qBAAqB,+BAA+B,GAAG;AAAA,MAChEA,iBAAS,qBAAqB,kBAAkB,GAAG;AAAA,MACnDA,iBAAS,qBAAqB,gBAAgB,GAAG;AAAA,MACjDA,QAAA,SAAS,qBAAqB,CAAC,EAAE,KAAK,MAAM,GAAG,EAAE,aAAa;AAC5D,YAAIC,GAAS,SAAA,KAAK,KAAKpD,GAAA,QAAQ,KAAK,GAAG;AACrC,iBAAO,GAAG;AAAA,QACZ;AAAA,SACC,GAAG;AAAA,IAAA;AAGR,UAAM,eAAehE,QAAAA,MAAM;AAAA,MACzBmH,QAAAA,SAAS,kBAAkB,uBAAuB,eAAe,GAAG,GAAG;AAAA,MACvEA,iBAAS,kBAAkB,+BAA+B,GAAG;AAAA,MAC7DA,iBAAS,kBAAkB,kBAAkB,GAAG;AAAA,MAChDA,iBAAS,kBAAkB,gBAAgB,GAAG;AAAA,MAC9CA,iBAAS,kBAAkB,CAAC,EAAE,KAAK,WAAW,MAAM,GAAG,EAAE,aAAa;AACpE,YAAI,CAACb,oBAAkB,SAAS,KAAKtC,GAAA,QAAQ,KAAK,GAAG;AACnD,iBAAO,GAAG;AAAA,QACZ;AAAA,SACC,GAAG;AAAA,IAAA;AAGR,UAAM,mBAAmBhE,QAAAA,MAAM;AAAA,MAC7BmH,iBAAS,sBAAsB,wBAAwB,GAAG;AAAA,MAC1DA,QAAAA,SAAS,sBAAsB,uBAAuB,eAAe,GAAG,GAAG;AAAA,MAC3EA,iBAAS,sBAAsB,+BAA+B,GAAG;AAAA,MACjEA,iBAAS,sBAAsB,kBAAkB,GAAG;AAAA,MACpDA,iBAAS,sBAAsB,gBAAgB,GAAG;AAAA,IAAA;AAGpD,UAAM,iBAAiBnH,QAAAA,MAAM;AAAA,MAC3BmH,QAAAA,SAAS,oBAAoB,uBAAuB,eAAe,GAAG,GAAG;AAAA,MACzEA,iBAAS,oBAAoB,kBAAkB,GAAG;AAAA,MAClDA,iBAAS,oBAAoB,gBAAgB,GAAG;AAAA,IAAA;AAGlD,WAAO,OAAO,UAAe;AACrB,YAAA,iBAAiBE,aAAU,KAAK;AAEtC,UAAI,MAAM,SAAS;AACV,eAAA,OAAO,gBAAgB,EAAE,SAAS,MAAM,gBAAgB,MAAM,OAAO,EAAA,CAAG;AAAA,MACjF;AAEA,UAAI,MAAM,MAAM;AACP,eAAA,OAAO,gBAAgB,EAAE,MAAM,MAAM,aAAa,MAAM,IAAI,EAAA,CAAG;AAAA,MACxE;AAEA,UAAI,MAAM,UAAU;AACX,eAAA,OAAO,gBAAgB,EAAE,UAAU,MAAM,iBAAiB,MAAM,QAAQ,EAAA,CAAG;AAAA,MACpF;AAEA,UAAI,MAAM,QAAQ;AACT,eAAA,OAAO,gBAAgB,EAAE,QAAQ,MAAM,eAAe,MAAM,MAAM,EAAA,CAAG;AAAA,MAC9E;AAEO,aAAA;AAAA,IAAA;AAAA,EACT;AAGF,QAAM,uBAAuB,CAAC,UAAU,OAAc;AAC9C,UAAA,EAAE,OAAW,IAAA;AAEnB,UAAM,kBAAkB,OAAO,mBAAmB,OAAO,gBAAgB,OAAO,SAAS;AAEzF,WAAOrH,QAAM,MAAA;AAAA;AAAA,MAEXsH,QAAA,eAAe,kBAAkB,GAAG;AAAA;AAAA,MAEpCA,QAAA,eAAe,4BAA4B,GAAG;AAAA;AAAA,MAE9CA,QAAAA,eAAe,uBAAuB,eAAe,GAAG,GAAG;AAAA;AAAA,MAE3DjB,QAAA,SAAS,WAAW,kBAAkB;AAAA,QACpC;AAAA,QACA,SAAS,KAAa;AACb,iBAAA,OAAO,SAAS,GAAiB;AAAA,QAC1C;AAAA,MAAA,CACD;AAAA,IAAA;AAAA,EACH;AAGF,QAAM,sBAAsB,CAAC,UAAU,OAAc;AAC7C,UAAA,EAAE,OAAW,IAAA;AAEnB,UAAM,kBAAkB,OAAO,mBAAmB,OAAO,eAAe,OAAO,SAAS;AAExF,WAAOrG,QAAM,MAAA;AAAA;AAAA,MAEXsH,QAAA,eAAe,kBAAkB,GAAG;AAAA;AAAA,MAEpCA,QAAAA,eAAe,uBAAuB,eAAe,GAAG,GAAG;AAAA;AAAA,MAE3D;AAAA,IAAA;AAAA,EACF;AAGI,QAAA,eAAe,CAAC,2BAAgC;AAGpD,UAAM,kBAAkB,OAAO,MAAe,UAAU,CAAA,MAAc;AAChE,UAAAzD,GAAAA,QAAQ,IAAI,GAAG;AACV,eAAA,QAAQ,IAAI,KAAK,IAAI,CAAC,WAAoB,gBAAgB,QAAQ,OAAO,CAAC,CAAC;AAAA,MACpF;AAEA,YAAM,EAAE,SAAAvB,UAAS,QAAQ,eAAmB,IAAA,kBAAkB,MAAM,OAAO;AAE3E,YAAM,kBAAkBiF,MAAA,kBAAkBhG,WAAS,gBAAgBe,UAAS;AAAA,QAC1E,YAAY,CAAC,SAAS,KAAK,UAAU,CAAC;AAAA,MAAA,CACvC;AAED,YAAM,0BAA0BkF,GAAA;AAAA,QAC9B,CAAC,WAAW,CAACpG,GAAA,MAAM,MAAM;AAAA,QACzBqG,WAAQ9D,GAAAA,KAAK,QAAQ,GAAGpC,UAAQ,SAAS,gBAAgBmG,QAAAA,kBAAkBpF,QAAO,CAAC,CAAC;AAAA,MAAA;AAEtF,YAAM,yBAAyB0B,GAAA,QAAQ,eAAe,KAAK,CAAC;AAE5D,YAAM,kBAAkB;AAAA,QACtB,GAAG;AAAA,QACH,QAAQ;AAAA,UACN,kBAAkB;AAAA,UAClB,WAAW;AAAA,UACX;AAAA,QACF;AAAA,MAAA;AAGI,YAAA,mBAAmB,uBAAuB,eAAe;AAE/D,aAAO,iBAAiB,IAAI;AAAA,IAAA;AAGvB,WAAA;AAAA,EAAA;AAGH,QAAA,oBAAoB,CAAC,MAAW,YAAqB;AAClD,WAAAQ,GAAA,SAAS,EAAE,SAASmD,gBAAU,OAAO,IAAI,GAAG,QAAAnG,WAAU,OAAO;AAAA,EAAA;AAMhE,QAAA,mBAAmBgC,GAAAA,KAAK,CAAC,GAAGuD,sBAAoB,UAAU,GAAGC,sBAAoB,QAAQ,CAAC;AAK1F,QAAA,mBAAmB,CAAC,EAAE,KAAK,QAAAY,QAAO,GAAQ,EAAE,aAAkB;AAC5D,UAAA,WAAWC,SAAM,OAAO,CAAC,UAAU,cAAc,KAAK,QAAQ,GAAGD,OAAM;AAE7E,QAAI,UAAU;AACZ,aAAO,GAAG;AAAA,IACZ;AAAA,EAAA;AAMI,QAAA,6BAA6B,CAAC,EAAE,WAAW,KAAK,MAAM,GAAQ,EAAE,UAAe;AAC7E,UAAA,oBAAoBtE,QAAK,yBAAyB;AACxD,QAAI,CAAC,WAAW;AACd;AAAA,IACF;AAEA,QAAI,UAAU,SAAS,cAAc,UAAU,WAAW,iBAAiB,OAAO;AAC5E,UAAA,MAAM,QAAQ,KAAK,GAAG;AACxB,YAAI,KAAK,MAAM,IAAI,iBAAiB,CAAC;AAAA,MAAA,OAChC;AACD,YAAA,KAAK,kBAAkB,KAAK,CAAC;AAAA,MACnC;AAAA,IACF;AAAA,EAAA;AAMI,QAAA,gCAAgC,CAAC,EAAE,KAAK,WAAW,QAAAsE,QAAO,GAAQ,EAAE,aAAkB;AACtFA,QAAAA,QAAO,QAAQ,iBAAiB,aAAa,CAAC,0BAA0B,SAAS,GAAG,GAAG;AACzF,aAAO,GAAG;AAAA,IACZ;AAAA,EAAA;AAGF,QAAM,iBAAiB,CAAC,SAAS,OAAO;AAChC,UAAA,uBAAuBrB,0BAAwB,MAAM;AACrD,UAAA,qBAAqBC,wBAAsB,MAAM;AAEjD,UAAA,+BAA+BsB,GAAAA,aAAa,sBAAsB,kBAAkB;AAEnF,WAAA5H,GAAAA,KAAK,CAAC,GAAG,QAAQ,GAAG+G,oBAAkB,GAAG,4BAA4B,CAAC;AAAA,EAAA;AAG/E,QAAM,kBAAkB,CAAC,SAAS,OAAO;AACjC,UAAA,wBAAwB,yBAAyB,MAAM;AACvD,UAAA,uBAAuBV,0BAAwB,MAAM;AAE3D,WAAOrG,QAAK;AAAA,MACV,GAAG;AAAA,MACH,GAAGgH;AAAAA,MACH,GAAGD;AAAAA,MACH,GAAG;AAAA,MACH,GAAG;AAAA,MACHL;AAAAA,MACAC;AAAAA,IAAA,CACD;AAAA,EAAA;AAGH,QAAM,iBAAiB,CAAC,SAAS,OAAO;AAChC,UAAA,uBAAuBN,0BAAwB,MAAM;AACrD,UAAA,qBAAqBC,wBAAsB,MAAM;AAEjD,UAAA,+BAA+BsB,GAAAA,aAAa,sBAAsB,kBAAkB;AAE1F,WAAO5H,QAAK;AAAA,MACV,GAAG;AAAA,MACH,GAAGgH;AAAAA,MACH,GAAGD;AAAAA,MACH,GAAG;AAAA,MACHL;AAAAA,MACAC;AAAAA,MACAC;AAAAA,MACAC;AAAAA,MACAC;AAAAA,IAAA,CACD;AAAA,EAAA;AAGI,SAAA;AAAA,IACL,gBAAgB,aAAa,oBAAoB;AAAA,IACjD,eAAe,aAAa,mBAAmB;AAAA,IAC/C,eAAe,aAAa,mBAAmB;AAAA,EAAA;AAEnD;AClRA,MAAM,EAAE9C,iBAAAA,kBAAoB,IAAAjD;AAC5B,MAAM,EAAE,eAAe,0BAA0B8G,QAAAA,SAAS;AAE1D,MAAM,EAAE,WAAW,mBAAmB,yBAAyB,0BAC7DtB,QAAAA;AACF,MAAM;AAAA,EACJ;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,IAAI;AAEJ,MAAM,mBAAmB,CAAC,aAAa;AAEvC,MAAM,gBAAgB,CAAC,cAAc,gBAAgB;AAErD,MAAM,kBAAkB,CAAC,EAAE,KAAK,MAAAjG,YAAkD;AAC1E,QAAA,MAAMA,SAAQA,UAAS,MAAM,eAAe,GAAG,OAAOA,KAAI,KAAK,eAAe,GAAG;AAEjF,QAAA,IAAI0D,kBAAgB,GAAG;AAC/B;AAEA,MAAe,wBAAA,CAAC,EAAE,QAAA1C,SAAQ,SAAAD,WAAS,YAAiB;AAC5C,QAAA,SAAS,OAAO,SAAS,KAAK;AAEpC,QAAM,MAAM;AAAA,IACV;AAAA,IACA,UAAU,OAAO,SAAS,KAAK,MAAM;AAAA,EAAA;AAGvC,QAAM,sBAAsB,CAAC,UAAU,OAAc;AAC7C,UAAA,EAAE,OAAW,IAAA;AAGnB,UAAM,kBAAkB,OAAO,mBAAmB,OAAO,eAAe,OAAO,SAAS;AAExF,UAAM,kBAAkBvB,QAAAA,MAAM;AAAA,MAC5BmH,QAAAA,SAAS,qBAAqB,sBAAsB,eAAe,GAAG,GAAG;AAAA,MACzEA,iBAAS,qBAAqB,gCAAgC,GAAG;AAAA,MACjEA,iBAAS,qBAAqB,eAAe,GAAG;AAAA,MAChDA,iBAAS,qBAAqB,CAAC,EAAE,KAAK,OAAO,MAAA3G,YAAW;AACtD,YAAI4G,GAAS,SAAA,KAAK,KAAKpD,GAAA,QAAQ,KAAK,GAAG;AACrC,0BAAgB,EAAE,KAAK,MAAMxD,MAAK,UAAW,CAAA;AAAA,QAC/C;AAAA,SACC,GAAG;AAAA,IAAA;AAGR,UAAM,eAAeR,QAAAA,MAAM;AAAA,MACzBmH,QAAAA,SAAS,kBAAkB,sBAAsB,eAAe,GAAG,GAAG;AAAA,MACtEA,iBAAS,kBAAkB,gCAAgC,GAAG;AAAA,MAC9DA,iBAAS,kBAAkB,eAAe,GAAG;AAAA,MAC7CA,QAAA,SAAS,kBAAkB,CAAC,EAAE,KAAK,WAAW,OAAO,MAAA3G,YAAW;AAC9D,YAAI,CAAC,kBAAkB,SAAS,KAAKwD,GAAA,QAAQ,KAAK,GAAG;AACnD,0BAAgB,EAAE,KAAK,MAAMxD,MAAK,UAAW,CAAA;AAAA,QAC/C;AAAA,SACC,GAAG;AAAA,IAAA;AAGR,UAAM,iBAAiBR,QAAAA,MAAM;AAAA,MAC3BmH,QAAAA,SAAS,oBAAoB,sBAAsB,eAAe,GAAG,GAAG;AAAA,MACxEA,iBAAS,oBAAoB,eAAe,GAAG;AAAA,IAAA;AAGjD,UAAM,mBAAmBnH,QAAAA,MAAM;AAAA,MAC7BmH,QAAAA,SAAS,sBAAsB,sBAAsB,eAAe,GAAG,GAAG;AAAA,MAC1EA,iBAAS,sBAAsB,gCAAgC,GAAG;AAAA,MAClEA,iBAAS,sBAAsB,mBAAmB,GAAG;AAAA,MACrDA,iBAAS,sBAAsB,eAAe,GAAG;AAAA,IAAA;AAGnD,WAAO,OAAO,UAAe;AAC3B,UAAI,MAAM,SAAS;AACX,cAAA,gBAAgB,MAAM,OAAO;AAAA,MACrC;AAEA,UAAI,MAAM,MAAM;AACR,cAAA,aAAa,MAAM,IAAI;AAAA,MAC/B;AAEA,UAAI,MAAM,QAAQ;AACV,cAAA,eAAe,MAAM,MAAM;AAAA,MACnC;AAGA,UAAI,MAAM,YAAY,MAAM,aAAa,KAAK;AACtC,cAAA,iBAAiB,MAAM,QAAQ;AAAA,MACvC;AAEO,aAAA;AAAA,IAAA;AAAA,EACT;AAGF,QAAM,sBAAsB,CAAC,UAAU,OAAc;AAC7C,UAAA,EAAE,OAAW,IAAA;AAEnB,UAAM,kBAAkB,OAAO,mBAAmB,OAAO,eAAe,OAAO,SAAS;AAExF,WAAOnH,QAAM,MAAA;AAAA;AAAA,MAEXsH,QAAA,eAAe,mBAAmB,GAAG;AAAA;AAAA,MAErCA,QAAAA,eAAe,sBAAsB,eAAe,GAAG,GAAG;AAAA;AAAA,MAE1D;AAAA,IAAA;AAAA,EACF;AAGI,QAAA,eAAe,CAAC,2BAAgC;AAGpD,UAAM,kBAAkB,OAAO,MAAM,UAAU,CAAA,MAAyB;AAClE,UAAAzD,GAAAA,QAAQ,IAAI,GAAG;AACV,eAAA,QAAQ,IAAI,KAAK,IAAI,CAAC,WAAoB,gBAAgB,QAAQ,OAAO,CAAC,CAAC;AAAA,MACpF;AAEA,YAAM,EAAE,SAAAvB,UAAS,QAAQ,eAAmB,IAAA,kBAAkB,MAAM,OAAO;AAE3E,YAAM,kBAAkBiF,MAAA,kBAAkBhG,WAAS,gBAAgBe,UAAS;AAAA,QAC1E,YAAY,CAAC,SAAS,KAAK,UAAU,CAAC;AAAA,MAAA,CACvC;AAED,YAAM,0BAA0BkF,GAAA;AAAA,QAC9B,CAAC,WAAW,CAACpG,GAAA,MAAM,MAAM;AAAA,QACzBqG,WAAQ9D,GAAAA,KAAK,QAAQ,GAAGpC,UAAQ,SAAS,gBAAgBmG,QAAAA,kBAAkBpF,QAAO,CAAC,CAAC;AAAA,MAAA;AAEtF,YAAM,yBAAyB0B,GAAA,QAAQ,eAAe,KAAK,CAAC;AAE5D,YAAM,kBAAkB;AAAA,QACtB,GAAG;AAAA,QACH,QAAQ;AAAA,UACN,kBAAkB;AAAA,UAClB,WAAW;AAAA,UACX;AAAA,QACF;AAAA,MAAA;AAGI,YAAA,mBAAmB,uBAAuB,eAAe;AAE/D,aAAO,iBAAiB,IAAI;AAAA,IAAA;AAGvB,WAAA;AAAA,EAAA;AAGH,QAAA,oBAAoB,CAAC,MAAW,YAAqB;AAClD,WAAAQ,GAAA,SAAS,EAAE,SAASmD,gBAAU,OAAO,IAAI,GAAG,QAAAnG,WAAU,OAAO;AAAA,EAAA;AAMhE,QAAA,mBAAmBgC,GAAAA,KAAK,CAAC,GAAG,oBAAoB,UAAU,GAAG,oBAAoB,QAAQ,CAAC;AAKhG,QAAM,oBAAoB,CAAC,EAAE,KAAK,QAAAoE,SAAQ,MAAApH,YAAgB;AAClD,UAAA,WAAWqH,SAAM,OAAO,CAAC,UAAU,cAAc,KAAK,QAAQ,GAAGD,OAAM;AAE7E,QAAI,UAAU;AACZ,sBAAgB,EAAE,KAAK,MAAMpH,MAAK,UAAW,CAAA;AAAA,IAC/C;AAAA,EAAA;AAMI,QAAA,iCAAiC,CAAC,EAAE,KAAK,WAAW,QAAAoH,SAAQ,MAAApH,YAAgB;AAC5EoH,QAAAA,QAAO,QAAQ,iBAAiB,aAAa,CAAC,0BAA0B,SAAS,GAAG,GAAG;AACzF,sBAAgB,EAAE,KAAK,MAAMpH,MAAK,UAAW,CAAA;AAAA,IAC/C;AAAA,EAAA;AAGF,QAAM,iBAAiB,CAAC,SAAS,OAAO;AAChC,UAAA,uBAAuB,wBAAwB,MAAM;AACrD,UAAA,qBAAqB,sBAAsB,MAAM;AAEjD,UAAA,+BAA+BsH,GAAAA,aAAa,sBAAsB,kBAAkB;AAEnF,WAAA5H,GAAAA,KAAK,CAAC,GAAG,QAAQ,GAAG,kBAAkB,GAAG,4BAA4B,CAAC;AAAA,EAAA;AAG/E,QAAM,iBAAiB,CAAC,SAAS,OAAO;AACtC,WAAOA,QAAK;AAAA,MACV,GAAG;AAAA,MACH,GAAG;AAAA,MACH,GAAG;AAAA,MACH;AAAA,MACA;AAAA,MACA;AAAA,IAAA,CACD;AAAA,EAAA;AAGI,SAAA;AAAA,IACL,eAAe,aAAa,mBAAmB;AAAA,IAC/C,eAAe,aAAa,mBAAmB;AAAA,EAAA;AAEnD;ACxNA,MAAM,eAAe;AAAA,EACnB,KAAK;AAAA,EACL,MAAM;AAAA,EACN,SAAS;AAAA,EACT,MAAM;AAAA,EACN,KAAK;AAAA,EACL,MAAM;AAAA,EACN,KAAK;AAAA,EACL,KAAK;AAAA,EACL,KAAK;AAAA,EACL,MAAM;AAAA,EACN,KAAK;AAAA,EACL,MAAM;AACR;AAEA,MAAM,SAAS,CAAC,QAAmC;AAC7C,MAAA8B,aAAA,QAAE,SAAS,GAAG,KAAK,IAAI,WAAW,GAAG,KAAK,OAAO,cAAc;AACjE,WAAO,aAAa,GAAG;AAAA,EACzB;AACO,SAAA;AACT;AAEA,MAAM,iBAAiB,CAACT,UAAkBC,SAAiB,UAAmB;AAE5E,SAAOwG,mBAAazG,UAASC,SAAQ,OAAO,CAAC,MAAM,EAAE,UAAU;AACjE;AAEA,MAAM,mBAAmB,CAAC,cAAuB;AAC/C,SAAO,WAAW,SAAS;AAC7B;AAEA,MAAM,aAAa,CAAC,QAAsB;AACpC,MAAA,CAACQ,aAAAA,QAAE,cAAc,GAAG,KAAK,CAACA,qBAAE,QAAQ,GAAG,GAAG;AACrC,WAAA;AAAA,EACT;AACI,MAAAA,aAAA,QAAE,QAAQ,GAAG,GAAG;AAClB,WAAO,IAAI,IAAI,CAAC,MAAe,WAAW,CAAC,CAAC;AAAA,EAC9C;AAEA,SAAOA,aAAE,QAAA;AAAA,IACP;AAAA,IACA,CAAC,KAAK,GAAG,MAAW;AACZ,YAAA,MAAM,OAAO,CAAC;AAEhB,UAAAA,aAAA,QAAE,cAAc,CAAC,GAAG;AACtB,YAAI,gBAAgB,GAAG;AACrBA,uBAAA,QAAE,QAAQ,KAAK,KAAK,WAAW,EAAE,UAAU,CAAC;AAAA,QAAA,OACvC;AACLA,uBAAA,QAAE,QAAQ,KAAK,KAAK,WAAW,CAAC,CAAC;AAAA,QACnC;AAAA,MACS,WAAAA,aAAA,QAAE,QAAQ,CAAC,GAAG;AAErBA,qBAAAA,QAAA,QAAQ,KAAK,KAAK,EAAE,IAAI,CAAAiG,OAAK,WAAWA,EAAC,CAAC,CAAC;AAAA,MAAA,OACxC;AACHjG,qBAAAA,QAAA,QAAQ,KAAK,KAAK,CAAC;AAAA,MACvB;AAEO,aAAA;AAAA,IACT;AAAA,IACA,CAAC;AAAA,EAAA;AAEL;ACzDA,MAAe,UAAA,CAAC,WAAET,WAAS,QAAAC,SAAQ,aAAkB;AAAA,EAAA,SACnDD;AAAAA,EACA,QAAAC;AAAA,EACA;AAAA,EAEA,IAAI,YAAqB;AACvB,WAAO,KAAK,QAAQ,IAAIA,SAAQ,KAAK;AAAA,EACvC;AAAA,EAEA,UAAU,QAAa,cAAc,OAAO;AACnC,WAAAmG,QAAA,QAAU,aAAa,MAAM;AAAA,EACtC;AAAA,EAEA,sBAAsB,MAAe,UAAU,IAAI;AAC1C,WAAA,KAAK,cAAc,MAAM,OAAO;AAAA,EACzC;AAAA,EAEA,SAAS,cAAcnG,SAAQ;AACzB,QAAAQ,aAAA,QAAE,YAAY,WAAW,GAAG;AACxB,YAAA,IAAI,MAAM,oDAAoD;AAAA,IACtE;AAEA,WAAO,iBAAiB,eAAeT,WAAS,aAAa,KAAK,CAAC;AAAA,EACrE;AAAA;AAAA,EAGA,sBAAsB,QAAQ,CAAC,GAAUC,UAAiB;AAClD,UAAA,WAAW6F,aAAU,KAAK;AAChC,UAAM,kBAAkB,KAAK,SAAS7F,QAAM,KAAK;AAE7C,QAAA0G,GAAA,cAAc,MAAM,OAAO,GAAG;AACvB,eAAA,UAAU,kBACf,EAAE,MAAM,CAAC,MAAM,SAAS,eAAe,MACvC,MAAM;AAAA,IAAA,OACL;AACL,eAAS,UAAU;AAAA,IACrB;AAEO,WAAA;AAAA,EACT;AAAA,EAEA,GAAG,sBAAsB,EAAE,QAAA1G,kBAAQD,WAAS,OAAO;AAAA,EACnD,GAAG,sBAAsB,EAAE,QAAAC,kBAAQD,WAAS,OAAO;AACrD;AC3CA,MAAe,yBAAA,CAAC,WAA4D;AACpE,QAAA,EAAE,WAAA4G,WAAc,IAAA;AAEtB,QAAMC,UAAS/F,qBAAAA,QAAY,OACxB,IAAI,EAAE,WAAA8F,YAAW,EAIjB,GAAG,sCAAsC,CAAC,EAAE,YAAApE,kBAAiB;AAC5D,UAAMvC,UAAS2G,WAAU,OAAO,IAAIpE,YAAW,MAAM;AAGrD,QAAI,CAACvC,SAAQ;AACX,aAAO,IAAI;AAAA,QACT,mBAAmBuC,YAAW,MAAM;AAAA,MAAA;AAE/B,aAAA;AAAA,IACT;AAAA,EACD,CAAA,EAKA,GAAG,qBAAqB,CAACA,gBAA2B;AACnD,UAAMvC,UAAS2G,WAAU,OAAO,IAAIpE,YAAW,MAAM;AAC/C,UAAA,aAAaA,YAAW,cAAc;AAGtC,UAAA,iBAAiB,OAAO,KAAK,UAAU;AAC7C,UAAM,oBAAoB5D,GAAA;AAAA,MACxB;AAAA;AAAA,MAEAqB,QAAO,qBAAqB;AAAA,IAAA;AAG9B,UAAM,oCAAoC,kBAAkB;AAAA;AAAA,MAE1D,CAAC,aAAa,iBAAiB,eAAe,UAAUuC,WAAU;AAAA,MAClEA;AAAA,IAAA;AAGK,WAAA;AAAA,EACR,CAAA,EAKA,GAAG,qCAAqC,CAAC,EAAE,YAAAA,kBAAiB;AACrD,UAAA,EAAE,OAAO,IAAIA,YAAW;AAE9B,QAAIF,GAAQ,QAAA,MAAM,KAAKG,GAAA,QAAQ,MAAM,GAAG;AAC/B,aAAA;AAAA,IACT;AAAA,EAAA,CACD;AAEI,SAAA;AAAA,IACL,IAAI,QAAQ;AACV,aAAOoE,QAAO;AAAA,IAChB;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,MAAM,oBAAoBvI,OAAmC;AAC3D,YAAMwC,eAAe,MAAM,WAAW,YAAY,EAAE,oBAAoBxC,KAAI;AAErE,aAAAuI,QAAO,gBAAgB/F,cAAaxC,KAAI;AAAA,IACjD;AAAA;AAAA;AAAA;AAAA,IAKA,WAAW4D,GAAA,MAAM,CAAClC,UAAkBc,iBAA8B;AAEhE,aAAOA,aAAY,IAAI,CAAC,EAAE,QAAAb,SAAQ,SAAAc,UAAS,YAAYf,SAAQ,IAAIC,SAAQc,UAAS,KAAK,CAAC;AAAA,IAAA,CAC3F;AAAA,EAAA;AAEL;AC5EA,MAAM,qBAAqB,OAAO,CAAA;AAKlC,MAAM,gBAAgB,CACpB,EAAE,sBAAsB,oBAAoB,WAAW,CAAA,GAAI,WAAW,GAAG,IAAI,OAC1E;AACH,QAAM,QAAQ;AAAA,IACZ,OAAO;AAAA,MACL,UAAU6D,cAAM,sBAAsB;AAAA,MACtC,UAAUA,cAAM,wBAAwB;AAAA,IAC1C;AAAA,EAAA;AAIO,WAAA,QAAQ,CAAC,YAAY,MAAM,MAAM,SAAS,SAAS,OAAO,CAAC;AAC3D,WAAA,QAAQ,CAAC,YAAY,MAAM,MAAM,SAAS,SAAS,OAAO,CAAC;AAE7D,SAAA;AAAA,IACL,OAAO,MAAM;AAAA;AAAA;AAAA;AAAA;AAAA,IAMb,MAAM,gBAAgB3E,SAAkC;AACtD,YAAM,UAAU,MAAM,MAAM,MAAM,SAAS,KAAKA,OAAM;AAEtD,aAAO,QAAQ,KAAKuD,MAAG,IAAI,CAAC;AAAA,IAC9B;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,MAAM,MAAM3C,WAAU,IAAgB;AACpC,YAAM,UAAU;AAEhB,iBAAWZ,WAAUY,UAAS;AAC5B,cAAM,UAAU,MAAM,KAAK,gBAAgBZ,OAAM;AAEjD,YAAI,SAAS;AACX,gBAAM,MAAM,MAAM,SAAS,KAAK,EAAE,QAAAA,SAAQ,SAAS;AAAA,QACrD;AAAA,MACF;AAEO,aAAA;AAAA,IACT;AAAA,EAAA;AAEJ;ACtDA,MAAM,uBAAuB,MAAM;AACjC,QAAM,QAAQ;AAAA,IACZ,8BAAc,IAAI;AAAA,EAAA;AAGb,SAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAML,cAAc,aAAqB,SAAyB;AACpD,YAAA,UAAU,cAAc,OAAO;AAE/B,YAAA,SAAS,IAAI,aAAa,OAAO;AAEhC,aAAA;AAAA,IACT;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,cAAc,aAAqB;AAC3B,YAAA,SAAS,OAAO,WAAW;AAE1B,aAAA;AAAA,IACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAOA,WAAW,aAAqB,SAAwB;AACtD,UAAI,MAAM,SAAS,IAAI,WAAW,GAAG;AACnC,cAAM,SAAS,IAAI,WAAW,EAAE,MAAM,SAAS,SAAS,OAAO;AAAA,MACjE;AAEO,aAAA;AAAA,IACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAQA,WAAW,aAAqB,SAAwB;AACtD,UAAI,MAAM,SAAS,IAAI,WAAW,GAAG;AACnC,cAAM,SAAS,IAAI,WAAW,EAAE,MAAM,SAAS,SAAS,OAAO;AAAA,MACjE;AAEO,aAAA;AAAA,IACT;AAAA;AAAA;AAAA;AAAA;AAAA,IAMA,MAAM,MAAMY,WAAU,IAAgB;AACpC,YAAM,WAAW,CAAA;AAEjB,iBAAW,CAAC,aAAa,OAAO,KAAK,MAAM,SAAS,WAAW;AAC7D,iBAAS,WAAW,IAAI,MAAM,QAAQ,MAAMA,QAAO;AAAA,MACrD;AAEO,aAAA;AAAA,IACT;AAAA,EAAA;AAEJ;ACzEA,MAAM,WAAW,CAAC,SAAkBiG,GAAA,gBAAgB,QAAQ,IAAI;AAEhE,MAAM,qBAAqB,CAAC,QAA4D;AAC/E,SAAA,OAAO,aAAa,GAAG;AAChC;AAEA,MAAM,kBAAkB,CAAC,aAAkB,CAAC,QAC1C,CAAC,SAAS,KAAK,CAAC/F,aAAiBA,SAAQ,QAAQ,GAAG;AAEtD,MAAM,cAAcmB,GAAA,MAAM,CAAC,UAAmBnB,aAAiB;AACtD,SAAA,CAAC,CAACA,SAAQ,WAAW,KAAK,CAAC,SAAc,KAAK,UAAU,QAAQ;AACzE,CAAC;AAED,MAAM,kBAAkBgB,GAAA,KAAK,CAAC,mBAAmB,CAAC;AAElD,MAAM,oBAAoB,CAAC,QAAa;AAAA,EACtC,KAAK,GAAG;AAAA,EACR,OAAO,GAAG,KAAK;AAAA,EACf,YAAY,CAAC;AACf;ACVA,MAAM,EAAE,mBAAuB,IAAAmD;AAgB/B,MAAM,WAAW,CAAC,EAAE,QAAAjF,SAAQ,cAA+D;AACzF,QAAM,EAAE,UAAU,aAAa,aAAa,aAAaA;AAEzD,UAAQ,KAAK;AAAA,IACX;AAAA,IACA;AAAA,IACA;AAAA;AAAA;AAAA,IAGA,QAAQ;AAAA,EAAA,CACT;AACH;AASA,MAAM,UAAU,CAAC,EAAE,QAAAA,SAAQ,cAA+D;AACxF,QAAM,EAAE,YAAY,aAAa,aAAa,aAAaA;AAE3D,UAAQ,KAAK;AAAA,IACX;AAAA;AAAA,IAEA,QAAQ;AAAA,IACR;AAAA,IACA,QAAQ;AAAA,EAAA,CACT;AACH;AASA,MAAM,mBAAmB,CAAC;AAAA,EACxB,QAAAA;AAAA,EACA;AACF,MAGM;AACJ,QAAM,EAAE,aAAa,UAAU,UAAU,YAAYA;AAErD,UAAQ,QAAQ,KAAK;AAAA;AAAA,IAEnB,OAAO;AAAA,IACP;AAAA,IACA;AAAA,IACA,GAAG,gBAAgB,OAAO;AAAA,EAAA,CAC3B;AACH;AAKA,MAAM,qBACJ,CAAC,SACD,CAAC,EAAE,QAAAA,SAAQ,SAAS,0BAA4E;AAE9F,QAAM,WAAWA,QAAO;AAEpB,MAAA,CAAC,UAAU,QAAQ;AACrB;AAAA,EACF;AAEA,QAAM,cAAc,SAEjB,OAAO,gBAAgB,oBAAoB,QAAQ,CAAC,EAEpD,IAAI,kBAAkB,EAEtB,OAAO,SAAS,IAAI,CAAC,EAErB,IAAI,iBAAiB;AAEJ,sBAAA,SAAS,KAAK,GAAG,WAAW;AAClD;AAEF,MAAM,YAAY,CAAC,OAAY,eAAuB,cAAmB;AACvE,MAAI,CAAC,mBAAmB,OAAO,aAAa,GAAG;AACtC,WAAA;AAAA,EACT;AAEA,QAAM,OAAO,EAAE,OAAO,eAAe,OAAO,cAAc;AAE1D,MAAI,UAAU,UAAU;AACtB,WAAO,OAAO,MAAM,EAAE,UAAU,KAAM,CAAA;AAAA,EACxC;AAEI,MAAA,UAAU,SAAS,aAAa;AAClC,UAAM,YAAY,OAAO,WAAW,UAAU,SAAS;AACvD,WAAO,EAAE,GAAG,MAAM,UAAU,8BAA8B,SAAS,EAAE;AAAA,EACvE;AAEO,SAAA;AACT;AAEA,MAAM,gCAAgC,CAAC,UAAwB;AACtD,SAAA,OAAO,QAAQ,MAAM,UAAU,EACnC,IAAI,CAAC,CAAC,eAAe,SAAS,MAAM,UAAU,OAAO,eAAe,SAAS,CAAC,EAC9E,OAAO,CAAC,SAAS,SAAS,IAAI;AACnC;AAKA,MAAM,iBAAiB,CAAC,EAAE,QAAAA,SAAQ,cAAgE;AAC1F,QAAA,EAAE,SAAa,IAAAA;AAErB,UAAQ,SACL,OAAO,CAACc,aAAY,UAAU,SAASA,SAAQ,GAAG,CAAC,EACnD,QAAQ,CAACA,aAAY;AACd,UAAA,EAAE,IAAQ,IAAAA;AACV,UAAAgG,eAAc,mBAAmB,GAAG;AAEtC,QAAA,YAAY,UAAUhG,QAAO,GAAG;AAClC;AAAA,IACF;AAEM,UAAA,SAAS,8BAA8BgG,YAAW;AACxD,UAAM,aAAa,EAAE,OAAO,UAAU,OAAO,UAAU,UAAU;AAEzD,IAAAhG,SAAA,WAAW,KAAK,UAAU;AAAA,EAAA,CACnC;AACL;ACnJA,MAAM,qBAAqBiG,GAAAA,OAAO,SAAS;AAE3C,MAAM,iCAAiC,OAAO;AAAA,EAC5C,SAAS,CAAC;AAAA,EACV,UAAU,CAAC;AACb;AAEA,MAAM,8BAA8B,MAAM;AACxC,QAAM,UAAU;AAEhB,UAAQ,cAAc,WAAW;AAAA,IAC/B,qBAAqB,MAAM,CAAC;AAAA,IAC5B,UAAU,CAACC,OAAc;AAAA,IACzB,UAAU,CAAC,mBAAmB,SAAS,CAAC;AAAA,EAAA,CACzC;AAED,UAAQ,cAAc,YAAY;AAAA,IAChC,qBAAqB,MAAM,CAAC;AAAA,IAC5B,UAAU,CAACC,QAAe;AAAA,IAC1B,UAAU,CAAC,mBAAmB,UAAU,CAAC;AAAA,EAAA,CAC1C;AAED,UAAQ,cAAc,eAAe;AAAA,IACnC,qBAAqB;AAAA,IACrB,UAAU,CAAC,kBAAkB,mBAAmB,YAAY,GAAG,cAAc;AAAA,IAC7E,UAAU,CAAC,mBAAmB,cAAc,CAAC;AAAA,EAAA,CAC9C;AAED,UAAQ,cAAc,mBAAmB;AAAA,IACvC,qBAAqB;AAAA,IACrB,UAAU,CAAC,kBAAkB,mBAAmB,gBAAgB,GAAG,cAAc;AAAA,IACjF,UAAU,CAAC,mBAAmB,cAAc,CAAC;AAAA,EAAA,CAC9C;AAEM,SAAA;AACT;ACjCa,MAAA,mBAAmB,OAAO,aAAuC;AAC5E,QAAM,sBAAsB,MAAM,OAAO,GAAG,MAAM,mBAAmB,EAAE,SAAS;AAAA,IAC9E,QAAQ,CAAC,IAAI;AAAA,IACb,OAAO;AAAA,MACL,MAAM,EAAE,IAAI,SAAS;AAAA,IACvB;AAAA,EAAA,CACD;AAEG,MAAA,oBAAoB,SAAS,GAAG;AAClC,UAAM,YAAY,oBAAoB,IAAI9E,GAAAA,KAAK,IAAI,CAAC,CAAC;AAAA,EACvD;AACF;AAMa,MAAA,cAAc,OAAO,QAAkC;AAClE,QAAM,SAAoB,CAAA;AAC1B,aAAW,MAAM,KAAK;AACpB,UAAM,cAAc,MAAM,OAAO,GAAG,MAAM,mBAAmB,EAAE,OAAO,EAAE,OAAO,EAAE,GAAA,EAAM,CAAA;AACvF,WAAO,KAAK,WAAW;AAAA,EACzB;AACA,SAAO,SAAS,KAAK,qBAAqB,EAAE,aAAa,QAAQ;AACnE;AAMa,MAAA,aAAa,OAAOtB,iBAAkE;AACjG,QAAM,qBAAgD,CAAA;AACtD,aAAW0B,eAAc1B,cAAa;AAC9B,UAAA,UAAU,MAAM,OAAO,GAAG,MAAM,mBAAmB,EAAE,OAAO,EAAE,MAAM0B,YAAY,CAAA;AACtF,uBAAmB,KAAK,OAAO;AAAA,EACjC;AAEM,QAAA,sBAAsB,iBAAiB,aAAa,kBAAkB;AAC5E,SAAO,SAAS,KAAK,qBAAqB,EAAE,aAAa,qBAAqB;AAEvE,SAAA;AACT;AAOA,MAAMsB,WAAS,OAAO,QAAiB,eAAoC;AACzE,QAAM,oBAAqB,MAAM,OAAO,GACrC,MAAM,mBAAmB,EACzB,OAAO,EAAE,OAAO,QAAQ,MAAM,WAAY,CAAA;AAEvC,QAAA,qBAAqB,iBAAiB,aAAa,iBAAiB;AAC1E,SAAO,SAAS,KAAK,qBAAqB,EAAE,aAAa,oBAAoB;AAEtE,SAAA;AACT;AAMO,MAAM,WAAW,OAAO,SAAS,OAA8B;AAC9D,QAAA,iBAAiB,MAAM,OAAO,GAAG,MAAM,mBAAmB,EAAE,SAAS,MAAM;AAE1E,SAAA,iBAAiB,aAAa,cAAc;AACrD;AAMa,MAAA,sBAAsB,OAAOxF,UAA2C;AACnF,SAAO,SAAS,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,IAAIA,MAAK,KAAK,EAAA,EAAK,CAAA;AACjE;AAEA,MAAM,4BAA4B,OAAOwC,iBAA8B;AACrE,QAAM,EAAE,gBAAAR,gBAAA,IAAmB,WAAW,YAAY;AAElD,QAAM,sBAAoC,CAAA;AAE1C,aAAWkC,eAAc1B,cAAa;AAC9B,UAAA,EAAE,UAAU,UAAU,GACzB,IAAAR,gBAAe,IAAIkC,YAAW,MAAM,KAAgB;AACjD,UAAA,EAAE,kBAAsB,IAAA;AAExB,UAAA,oBAAoB,MAAM,QAAQ;AAAA,OACrC,qBAAqB,CAAA,GAAI,IAAI,OAAO,aAAa;AAC1C,cAAA,UAAU,MAAMlC,gBAAe;AAAA,UACnC;AAAA,UACAkC,YAAW;AAAA,UACXA,YAAW;AAAA,QAAA;AAGb,eAAO,WAAW3C,GAAAA,MAAM,iBAAiB,YAAY,UAAU2C,WAAU,CAAC;AAAA,MAAA,CAC3E;AAAA,IAAA;AAGH,UAAM,qBAAqBlC,gBAAe,IAAIkC,YAAW,MAAM;AACzD,UAAA,uBAAuBF,WAAQ,iBAAiB,KAAK,kBAAkB,MAAMkB,GAAAA,GAAG,IAAI,CAAC;AACrF,UAAA,mBAAmBlB,WAAQ,QAAQ,KAAK,CAAC,SAAS,SAASE,YAAW,OAAiB;AAGzF,QAAA,CAAC,sBAAsB,oBAAoB,sBAAsB;AACnE,0BAAoB,KAAKA,WAAU;AAAA,IACrC;AAAA,EACF;AAEO,SAAA;AACT;AAKO,MAAM,6BAA6B,YAA2B;AACnE,QAAM,WAAW;AAEX,QAAA,qBAAqB,WAAW,cAAc;AAEpD,QAAM,QAAQ,MAAM,OAAO,GAAG,MAAM,mBAAmB,EAAE;AACzD,QAAM,YAAY,KAAK,KAAK,QAAQ,QAAQ;AAE5C,WAAS,OAAO,GAAG,OAAO,WAAW,QAAQ,GAAG;AAE9C,UAAM,UAAW,MAAM,OAAO,GAC3B,MAAM,mBAAmB,EACzB,SAAS,EAAE,OAAO,UAAU,QAAQ,OAAO,SAAU,CAAA;AAElD,UAAA1B,eAAc,iBAAiB,aAAa,OAAO;AACnD,UAAA,sBAAsB,MAAM,0BAA0BA,YAAW;AACvE,UAAM,wBAAwBpC,GAAAA,IAAI0D,GAAAA,KAAK,IAAI,GAAG,mBAAmB;AAGjE,UAAM,uBAAuBtB,aAAY;AAAA,MACvC,CAAC0B,gBAA2B,CAAC,sBAAsB,SAASA,YAAW,EAAE;AAAA,IAAA;AAG3E,UAAM,6BAA6B,mBAAmB;AAAA,MACpD;AAAA,IAAA;AAIF,UAAM,gCAAgCuB,GAAA;AAAA,MACpC,CAAC,GAAe,MAAkB;AAChC,eAAO,EAAE,OAAO,EAAE,MAAMoD,GAAI,IAAA,EAAE,WAAW,QAAQ,EAAE,WAAW,MAAM,EAAE,WAAW;AAAA,MACnF;AAAA,MACA;AAAA,MACA;AAAA,IAAA;AAGI,UAAA,wBAAwB,CAAC3E,gBAA2B;AACxD,aAAOsB,SAAO,EAAE,IAAItB,YAAW,GAAA,GAAMA,WAAU;AAAA,IAAA;AAIjD,UAAM,QAAQ,IAAI;AAAA,MAChB,YAAY,qBAAqB;AAAA,MACjC4E,cAAA,QAAK,+BAA+B,uBAAuB;AAAA,QACzD,aAAa;AAAA,QACb,aAAa;AAAA,MAAA,CACd;AAAA,IAAA,CACF;AAAA,EACH;AACF;ACjKA,MAAM,iBAAiB,qBAAqB;AAC5C,MAAM,oBAAoB,wBAAwB;AAClD,MAAM,kBAAkBC,4BAAsB;AAE9C,MAAM,qBAAqBxC,iBAAO;AAElC,MAAMgC,WAAS,uBAAuB;AAAA,EACpC,WAAW,EAAE,QAAQ,gBAAgB,WAAW,kBAAkB;AACpE,CAAC;;;;;;;;;;;;;;;;ACAD,MAAM,kBAAkB,CACtB,OACA;AAAA,EACE,SAAS;AAAA,EACT,eAAe;AAAA,EACf,aAAa,CAAC;AAAA,EACd,eAAe;AAAA,EACf,iBAAiB,CAAC;AACpB,MACa;AACb,MAAI,iBAAiB,GAAG;AACtB,WAAO,SAAS,CAAC,MAAM,IAAI;EAC7B;AAEM,QAAA,wBAAwBS,QAAAA,aAAkB,wBAAwB,KAAK;AAE7E,SAAO7G,aAAE,QAAA;AAAA,IACP,MAAM;AAAA,IACN,CAAC,QAAa,MAAW,QAAa;AAChC,UAAA,sBAAsB,SAAS,GAAG;AAAU,eAAA;AAEhD,YAAM,YAAY,SAAS,GAAG,MAAM,IAAI,GAAG,KAAK;AAChD,YAAM,mBAAmB,CAAC,gBAAgB,KAAK,aAAa;AAC5D,YAAM,uBAAuB,kBAAkB,eAAe,KAAK8G,GAAA,WAAW,SAAS,CAAC;AAEpF,UAAA,KAAK,SAAS,aAAa;AAC7B,YAAI,oBAAoB,sBAAsB;AAC5C,gBAAM,cAAc,gBAAgB,WAAW,KAAK,SAAS,GAAG;AAAA,YAC9D,cAAc,eAAe;AAAA,YAC7B,QAAQ;AAAA,YACR;AAAA,YACA;AAAA,YACA;AAAA,UAAA,CACD;AAEG,cAAA,YAAY,WAAW,KAAK,kBAAkB;AACzC,mBAAA,OAAO,OAAO,SAAS;AAAA,UAChC;AAEO,iBAAA,OAAO,OAAO,WAAW;AAAA,QAClC;AACO,eAAA;AAAA,MACT;AAEA,UAAI,kBAAkB;AACb,eAAA,OAAO,OAAO,SAAS;AAAA,MAChC;AAEO,aAAA;AAAA,IACT;AAAA,IACA,CAAC;AAAA,EAAA;AAEL;AAKA,MAAM,kCAAkC,CACtC,OACA,EAAE,SAAS,IAAI,eAAe,IAAI,aAAa,CAAA,QAClC;AACb,MAAI,iBAAiB,GAAG;AACtB,WAAO;EACT;AAEM,QAAA,wBAAwBD,QAAAA,aAAkB,wBAAwB,KAAK;AAE7E,SAAO7G,aAAE,QAAA;AAAA,IACP,MAAM;AAAA,IACN,CAAC,QAAa,MAAW,QAAa;AAChC,UAAA,sBAAsB,SAAS,GAAG;AAAU,eAAA;AAEhD,YAAM,YAAY,SAAS,GAAG,MAAM,IAAI,GAAG,KAAK;AAChD,aAAO,KAAK,SAAS;AAEjB,UAAA,KAAK,SAAS,aAAa;AAC7B,cAAM,cAAc,gCAAgC,WAAW,KAAK,SAAS,GAAG;AAAA,UAC9E,cAAc,eAAe;AAAA,UAC7B,QAAQ;AAAA,UACR;AAAA,QAAA,CACD;AAEM,eAAA,KAAK,GAAG,WAAW;AAAA,MAC5B;AAEO,aAAA;AAAA,IACT;AAAA,IACA,CAAC;AAAA,EAAA;AAEL;AAKA,MAAM,iCAAiC,CACrCI,UACA,EAAE,cAAc,qBAAqB,CAAA,EAAqB,IAAA,OACjB;AACzC,SAAOA,SAAQ,OAAO,CAACC,cAAab,YAAW;AACvC,UAAA,gBAAgBA,QAAO,SAAS;AAAA,MACpC,CAACc,aAAiB,CAAC,mBAAmB,SAASA,QAAO;AAAA,IAAA;AAIxD,eAAWA,YAAW,eAAe;AAC7B,YAAA,SAAS,aAAa,kBAAkB,UAAUd,OAAM,IAC1D,gBAAgB,OAAO,aAAac,QAAO,GAAG;AAAA,QAC5C,YAAY,OAAO;AAAA,QACnB;AAAA,MAAA,CACD,IACD;AAEE,YAAAyB,cAAa,iBAAiB,OAAO;AAAA,QACzC,QAAQvC,QAAO;AAAA,QACf,SAAAc;AAAA,QACA,YAAY,EAAE,OAAO;AAAA,MAAA,CACtB;AAED,MAAAD,aAAY,KAAK0B,WAAU;AAAA,IAC7B;AAEO,WAAA1B;AAAA,EACT,GAAG,CAAE,CAAA;AACP;AAKA,MAAM,wBAAwB,CAC5BA,cACA,EAAE,aAAa,IAAkB,CAAA,MACQ;AACzC,QAAM,EAAE,gBAAAR,gBAAA,IAAmB,WAAW,YAAY;AAE3C,SAAAQ,aAAY,IAAI,CAAC0B,gBAAoB;AACpC,UAAA;AAAA,MACJ,QAAQ;AAAA,MACR,SAAAzB;AAAA,MACA,YAAY,EAAE,OAAO;AAAA,IACnB,IAAAyB;AAEE,UAAAvC,UAASK,gBAAe,IAAI,QAAQ;AAG1C,QAAI,CAAC,aAAa,kBAAkB,UAAUL,OAAM,GAAG;AAC9C,aAAA,iBAAiB,eAAe,UAAUuC,WAAU;AAAA,IAC7D;AAEA,QAAI,CAACzB,YAAW,CAAC,OAAO,aAAaA,QAAO,GAAG;AACtC,aAAAyB;AAAA,IACT;AAEA,UAAM,iBAAiB,gCAAgC,OAAO,aAAazB,QAAO,GAAG;AAAA,MACnF,YAAY,OAAO;AAAA,MACnB;AAAA,IAAA,CACD;AAED,UAAM,iBAAiB,gBAAgB,OAAO,aAAaA,QAAO,GAAG;AAAA,MACnE,YAAY,OAAO;AAAA,MACnB,cAAc;AAAA,MACd;AAAA,MACA,gBAAgB;AAAA,IAAA,CACjB;AAGK,UAAA,kBAAkBpC,QAAK,CAAC,GAAG4H,GAAA,aAAa,QAAQ,cAAc,GAAG,GAAG,cAAc,CAAC;AAEzF,UAAM,YAAY,gBAAgB;AAAA,MAChC,CAAC,UAAU,CAAC,gBAAgB,KAAKgB,GAAW,WAAA,GAAG,KAAK,GAAG,CAAC;AAAA,IAAA;AAG1D,WAAO,iBAAiB,YAAY,UAAU,WAAW/E,WAAU;AAAA,EACrE,GAAG,CAAE,CAAA;AACP;;;;;;;;ACjMA,MAAM,mBAAmB,CAACa,eAAuB;AAC/C,QAAM,EAAE,mBAAAhD,mBAAA,IAAsB,WAAW,YAAY;AAErD,SAAOmH,GAAAA,SAASnE,UAAS,KAAKhD,mBAAkB,IAAIgD,UAAS;AAC/D;;;;;ACDA,MAAM,EAAE,aAAa,eAAmB,IAAA9D;AAExC,MAAM,EAAEkI,eAAAA,gBAAkB,IAAA/H;AAQ1B,MAAM,2BAA2B,OAAO,WAAoB;AAC1D,QAAM,EAAE,gBAAAY,gBAAA,IAAmB,WAAW,YAAY;AAE9C,MAAA,CAACT,GAAAA,MAAM,MAAM,GAAG;AACZ,UAAAiC,QAAkB,MAAM,WAAW,MAAM,EAAE,QAAQ,EAAE,IAAI,OAAA,CAAQ;AAEvE,QAAI,CAACA,OAAM;AACH,YAAA,IAAI2F,gBAAc,eAAe;AAAA,IACzC;AAEI,QAAA3F,MAAK,SAAS,aAAa;AACtB,aAAAxB,gBAAe,SAAS,OAAO,CAAC,EAAE,SAAoB,MAAA,aAAa,cAAc;AAAA,IAC1F;AAAA,EACF;AAEA,SAAOA,gBAAe;AACxB;;;;;AC1BA,MAAM,mBAAEqC,mBAAiB,eAAA8E,gBAAkB,IAAA/H;AAY3C,MAAMgI,kBAAgB;AAAA,EACpB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF;AAEA,MAAMC,oBAAkB,CAAC,aAAa;AAOtC,MAAM,uCAAuC,CAC3C,MACA7G,iBACG;AAEH,MAAI,SAASvB,YAAU,eAAe,UAAU,CAACkD,GAAAA,QAAQ3B,YAAW,GAAG;AAC/D,UAAA,IAAI6B,kBAAgB,oDAAoD;AAAA,EAChF;AAGA,MAAI,SAASpD,YAAU,eAAe,UAAU,CAAC+C,GAAAA,QAAQxB,YAAW,GAAG;AAC/D,UAAA,IAAI6B,kBAAgB,gDAAgD;AAAA,EAC5E;AAGI,MAAA,SAASpD,YAAU,eAAe,QAAQ;AAC5C,UAAM,mBAAmB,OAAO,WAAW,YAAY,UAAU,OAAO;AAClE,UAAA,qBAAqBX,GAAAA,WAAWkC,cAAa,gBAAgB;AAE/D,QAAA,CAAC2B,GAAAA,QAAQ,kBAAkB,GAAG;AAChC,YAAM,IAAIE,kBAAgB,iCAAiC,mBAAmB,KAAK,IAAI,CAAC,EAAE;AAAA,IAC5F;AAAA,EACF;AACF;AAKA,MAAMiF,oBAAkB,CAAC,aAAsB;AACzC,MAAA/H,GAAAA,MAAM,QAAQ,GAAG;AACZ,WAAA;AAAA,EACT;AAEA,MAAI,CAACgI,GAAA,SAAS,QAAQ,KAAK,CAAC,OAAO,OAAOtI,YAAU,mBAAmB,EAAE,SAAS,QAAQ,GAAG;AACpF,WAAA;AAAA,EACT;AAEO,SAAA;AACT;AAKA,MAAMuI,wBAAsB,CAAC,aAAsB;AAC7C,MAAA,CAACF,kBAAgB,QAAQ,GAAG;AAC9B,UAAM,IAAIjF;AAAAA,MACR;AAAA,QACE,OAAO,OAAOpD,YAAU,mBAAmB,EAAE,KAAK,IAAI,CAAC;AAAA,IAAA;AAAA,EAE7D;AACF;AAKA,MAAMwI,4BAA0B,CAACzI,WAAgC;AAC/D,MAAI,CAACA,QAAO;AACH,WAAAA;AAAA,EACT;AAEO,SAAA;AAAA,IACL,GAAGA;AAAA,IACH,aAAagD,GAAQ,QAAAhD,OAAM,WAAW,IAAIZ,GAAAA,IAAI,UAAUY,OAAM,WAAW,IAAIA,OAAM;AAAA,EAAA;AAEvF;AAaA,MAAM0I,UAAQ,OAAO,cAA2B,OAAiC;AAC/E,MAAI,OAAO,KAAK,WAAW,EAAE,WAAW,GAAG;AAClC,WAAA;AAAA,EACT;AAEA,QAAM1I,SAAQ,MAAM,OAAO,GACxB,MAAM,kBAAkB,EACxB,QAAQ,EAAE,QAAQoI,iBAAe,UAAUC,mBAAiB,OAAO,aAAa;AAEnF,MAAI,CAACrI,QAAO;AACH,WAAAA;AAAA,EACT;AAEA,SAAOyI,0BAAwBzI,MAAK;AACtC;AAKA,MAAM0D,WAAS,OAAO,cAA2B,OAAyB;AAClE,QAAApD,YAAW,MAAMoI,QAAM,WAAW;AAExC,SAAO,CAAC,CAACpI;AACX;AAKA,MAAM8B,SAAO,CAAC,cAAsB;AAClC,SAAO8C,gBACJ,QAAA,WAAW,UAAU,OAAO,OAAO,IAAI,qBAAqB,CAAC,EAC7D,OAAO,SAAS,EAChB,OAAO,KAAK;AACjB;AAEA,MAAMyD,wBAAsB,CAAC,aAAuC;AAE5D,QAAA,gBAAgBJ,YAAS,QAAQ,KAAK,OAAO,SAAS,QAAQ,KAAK,WAAW;AACpF,MAAI,CAAC,iBAAiB,CAAChI,GAAA,MAAM,QAAQ,GAAG;AAChC,UAAA,IAAI8C,kBAAgB,4CAA4C;AAAA,EACxE;AAEO,SAAA;AAAA,IACL,UAAU,YAAY;AAAA,IACtB,WAAW,WAAW,KAAK,QAAQ,WAAW;AAAA,EAAA;AAElD;AAKA,MAAMJ,WAAS,OAAO,eAAgD;AACpE,QAAM,YAAYiC,gBAAAA,QAAO,YAAY,GAAG,EAAE,SAAS,KAAK;AAEnB,uCAAA,WAAW,MAAM,WAAW,WAAW;AAC5EsD,wBAAoB,WAAW,QAAQ;AAGvC,QAAMlI,YAAqB,MAAM,OAAO,GAAG,MAAM,kBAAkB,EAAE,OAAO;AAAA,IAC1E,QAAQ8H;AAAAA,IACR,UAAUC;AAAAA,IACV,MAAM;AAAA,MACJ,GAAG1F,GAAK,KAAA,eAAe,UAAU;AAAA,MACjC,WAAWP,OAAK,SAAS;AAAA,MACzB,GAAGuG,sBAAoB,WAAW,QAAQ;AAAA,IAC5C;AAAA,EAAA,CACD;AAED,QAAM,SAAmB,EAAE,GAAGrI,WAAU,UAAU;AAGlD,MAAI,WAAW,SAASL,YAAU,eAAe,QAAQ;AAMvD,UAAM,QAAQ;AAAA,MACZZ,QAAK,WAAW,WAAW,EAAE;AAAA,QAAI,CAACsB,YAChC,OAAO,GAAG,MAAM,6BAA6B,EAAE,OAAO;AAAA,UACpD,MAAM,EAAE,QAAAA,SAAQ,OAAOL,UAAS;AAAA,QAAA,CACjC;AAAA,MACH;AAAA,IAAA;AAGI,UAAA,qBAAqB,MAAM,OAAO,GACrC,MAAM,kBAAkB,EACxB,KAAKA,WAAU,aAAa;AAE/B,QAAI,oBAAoB;AACf,aAAA,OAAO,QAAQ,EAAE,aAAalB,GAAAA,IAAI,UAAU,kBAAkB,GAAG;AAAA,IAC1E;AAAA,EACF;AAEO,SAAA;AACT;AAEA,MAAMwJ,eAAa,OAAO,OAA2C;AACnE,QAAM,YAAY1D,gBAAAA,QAAO,YAAY,GAAG,EAAE,SAAS,KAAK;AAExD,QAAM5E,YAAqB,MAAM,OAAO,GAAG,MAAM,kBAAkB,EAAE,OAAO;AAAA,IAC1E,QAAQ,CAAC,MAAM,WAAW;AAAA,IAC1B,OAAO,EAAE,GAAG;AAAA,IACZ,MAAM;AAAA,MACJ,WAAW8B,OAAK,SAAS;AAAA,IAC3B;AAAA,EAAA,CACD;AAED,MAAI,CAAC9B,WAAU;AACP,UAAA,IAAI6H,gBAAc,sCAAsC;AAAA,EAChE;AAEO,SAAA;AAAA,IACL,GAAG7H;AAAA,IACH;AAAA,EAAA;AAEJ;AAEA,MAAMuI,uBAAqB,MAAM;AAC/B,MAAI,CAAC,OAAO,OAAO,IAAI,qBAAqB,GAAG;AAEzC,QAAA,QAAQ,IAAI,gBAAgB;AAC9B,cAAQ,YAAY;AAAA,uUAC6S;AAEjU,aAAO,OAAO,IAAI,uBAAuB,QAAQ,IAAI,cAAc;AAAA,IAAA,OAC9D;AACL,YAAM,IAAI;AAAA,QACR;AAAA;AAAA,MAAA;AAAA,IAGJ;AAAA,EACF;AACF;AAKA,MAAMC,SAAO,YAAsC;AACjD,QAAM,SAA4B,MAAM,OAAO,GAAG,MAAM,kBAAkB,EAAE,SAAS;AAAA,IACnF,QAAQV;AAAAA,IACR,UAAUC;AAAAA,IACV,SAAS,EAAE,MAAM,MAAM;AAAA,EAAA,CACxB;AAED,MAAI,CAAC,QAAQ;AACJ,WAAA;AAAA,EACT;AAEA,SAAO,OAAO,IAAI,CAACrI,WAAUyI,0BAAwBzI,MAAK,CAAC;AAC7D;AAKA,MAAM+I,WAAS,OAAO,OAA2C;AAC/D,SAAO,OAAO,GACX,MAAM,kBAAkB,EACxB,OAAO,EAAE,QAAQX,iBAAe,UAAUC,mBAAiB,OAAO,EAAE,GAAA,EAAM,CAAA;AAC/E;AAKA,MAAMW,YAAU,OAAO,OAAwB;AACtC,SAAAN,QAAM,EAAE,GAAA,CAAI;AACrB;AAKA,MAAMO,cAAY,OAAOlK,UAAiB;AACjC,SAAA2J,QAAM,EAAE,MAAA3J,MAAA,CAAM;AACvB;AAKA,MAAMyF,WAAS,OACb,IACA,eACsB;AAEtB,QAAM,gBAA4B,MAAM,OAAO,GAC5C,MAAM,kBAAkB,EACxB,QAAQ,EAAE,OAAO,EAAE,GAAA,EAAM,CAAA;AAE5B,MAAI,CAAC,eAAe;AACZ,UAAA,IAAI2D,gBAAc,iBAAiB;AAAA,EAC3C;AAEM,QAAA,uBACJ,WAAW,SAASlI,YAAU,eAAe,UAC7C,cAAc,SAASA,YAAU,eAAe;AAI9C,MAAA,WAAW,eAAe,sBAAsB;AAClD;AAAA,MACE,WAAW,QAAQ,cAAc;AAAA,MACjC,WAAW,eAAe,cAAc;AAAA,IAAA;AAAA,EAE5C;AAEAuI,wBAAoB,WAAW,QAAQ;AAEvC,QAAM,eAAyB,MAAM,OAAO,GAAG,MAAM,kBAAkB,EAAE,OAAO;AAAA,IAC9E,QAAQJ;AAAAA,IACR,OAAO,EAAE,GAAG;AAAA,IACZ,MAAMzF,GAAAA,KAAK,eAAe,UAAU;AAAA,EAAA,CACrC;AAGD,MAAI,aAAa,SAAS1C,YAAU,eAAe,UAAU,WAAW,aAAa;AAC7E,UAAA,2BAA2B,MAAM,OAAO,GAC3C,MAAM,kBAAkB,EACxB,KAAK,cAAc,aAAa;AAEnC,UAAM,qBAAqBb,GAAA,IAAI,UAAU,4BAA4B,CAAE,CAAA;AACjE,UAAA,iBAAiBC,GAAAA,KAAK,WAAW,WAAW;AAE5C,UAAA,kBAAkBC,GAAAA,WAAW,oBAAoB,cAAc;AAC/D,UAAA,eAAeA,GAAAA,WAAW,gBAAgB,kBAAkB;AAIlE,UAAM,QAAQ;AAAA,MACZ,gBAAgB;AAAA,QAAI,CAACqB,YACnB,OAAO,GAAG,MAAM,6BAA6B,EAAE,OAAO;AAAA,UACpD,OAAO,EAAE,QAAAA,SAAQ,OAAO,GAAG;AAAA,QAAA,CAC5B;AAAA,MACH;AAAA,IAAA;AAKF,UAAM,QAAQ;AAAA,MACZ,aAAa;AAAA,QAAI,CAACA,YAChB,OAAO,GAAG,MAAM,6BAA6B,EAAE,OAAO;AAAA,UACpD,MAAM,EAAE,QAAAA,SAAQ,OAAO,GAAG;AAAA,QAAA,CAC3B;AAAA,MACH;AAAA,IAAA;AAAA,EAIK,WAAA,aAAa,SAASV,YAAU,eAAe,QAAQ;AAC9D,UAAM,OAAO,GAAG,MAAM,6BAA6B,EAAE,OAAO;AAAA,MAC1D,OAAO,EAAE,OAAO,GAAG;AAAA,IAAA,CACpB;AAAA,EACH;AAGM,QAAA,oBAAoB,MAAM,OAAO,GACpC,MAAM,kBAAkB,EACxB,KAAK,cAAc,aAAa;AAE5B,SAAA;AAAA,IACL,GAAG;AAAA,IACH,aAAa,oBAAoB,kBAAkB,IAAI,CAAC,MAAW,EAAE,MAAM,IAAI;AAAA,EAAA;AAEnF;;;;;;;;;;;;;;;ACnXA,MAAM,2BAA2B,CAAC,QAAQ,MAAM;AAEhD,MAAM,YAAY;AAAA,EAChB,QAAQoF,QAAAA,gBAAgB;AAAA,EACxB,WAAWA,QAAAA,gBAAgB;AAC7B;AAEA,yBAAyB,QAAQ,CAAC1E,YAAW;AAC3C,YAAU,OAAO,SAASA,SAAQ,EAAE,QAAAA,QAAQ,CAAA;AAC9C,CAAC;AAED,MAAM,SAASa,qBAAAA,QAAY,OAAO,IAAI,EAAE,WAAW;;;;;;ACEnD,MAAM,mBAAE6B,mBAAiB,cAAkB,IAAAjD;AAE3C,MAAM,qBAAqB;AAC3B,MAAM,gCAAgC;AAEtC,MAAM,gBAAgB;AAAA,EACpB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF;AAEA,MAAM,kBAAkB,CAAC,aAAa;AAKtC,MAAM,OAAO,YAA+C;AAC1D,QAAM,SAAkC,MAAM,OAAO,GAAG,MAAM,kBAAkB,EAAE,SAAS;AAAA,IACzF,QAAQ;AAAA,IACR,UAAU;AAAA,IACV,SAAS,EAAE,MAAM,MAAM;AAAA,EAAA,CACxB;AAED,MAAI,CAAC;AAAe,WAAA;AACpB,SAAO,OAAO,IAAI,CAACJ,WAAU,wBAAwBA,MAAK,CAAC;AAC7D;AAKA,MAAM,0BAA0B,MAAckF,gBAAAA,QAAO,YAAY,GAAG,EAAE,SAAS,KAAK;AAKpF,MAAM,oBAAoB,CAAC,cAA8B;AAChDgE,kBAAAA,QAAA,OAAO,cAAc,UAAU,iCAAiC;AAChEA,kBAAAA,QAAA,UAAU,UAAU,IAAI,iDAAiD;AAEzE,SAAA;AACT;AAEa,MAAA,eAAe,CAC1B,eAC4C;AAC5C,SAAO,eAAe;AACxB;AAKA,MAAM,SAAS,OAAO,eAA2D;AACzE,QAAA,YAAY,aAAa,UAAU,IACrC,kBAAkB,WAAW,SAAS,IACtC;AAGJ,SAAO,WAAW;AAElB,iCAA+B,UAAU;AACzC,sBAAoB,WAAW,QAAQ;AAEvC,QAAM,SAAU,MAAM,OAAO,GAAG,YAAY,YAAY;AACtD,UAAMxH,iBAAgB,MAAM,OAAO,GAAG,MAAM,kBAAkB,EAAE,OAAO;AAAA,MACrE,QAAQ;AAAA,MACR,UAAU;AAAA,MACV,MAAM;AAAA,QACJ,GAAGiB,GAAK,KAAA,eAAe,UAAU;AAAA,QACjC,WAAW,KAAK,SAAS;AAAA,QACzB,GAAG,oBAAoB,WAAW,QAAQ;AAAA,MAC5C;AAAA,IAAA,CACD;AAED,UAAM,QAAQ;AAAA,MACZtD,QAAK,WAAW,WAAW,EAAE;AAAA,QAAI,CAACsB,YAChC,OAAO,GACJ,MAAM,6BAA6B,EACnC,OAAO,EAAE,MAAM,EAAE,QAAAA,SAAQ,OAAOe,kBAAiB;AAAA,MACtD;AAAA,IAAA;AAGI,UAAA,qBAAgD,MAAM,OAAO,GAChE,MAAM,kBAAkB,EACxB,KAAKA,gBAAe,aAAa;AAEpC,QAAI,oBAAoB;AACf,aAAA,OAAOA,gBAAe,EAAE,aAAatC,GAAAA,IAAI,UAAU,kBAAkB,GAAG;AAAA,IACjF;AAEO,WAAAsC;AAAA,EAAA,CACR;AAEM,SAAA,EAAE,GAAG,QAAQ;AACtB;AAKA,MAAM,SAAS,OACb,IACA,eACoC;AAEpC,QAAM,gBAAgB,MAAM,OAAO,GAAG,MAAM,kBAAkB,EAAE,QAAQ,EAAE,OAAO,EAAE,GAAA,EAAM,CAAA;AAEzF,MAAI,CAAC,eAAe;AACZ,UAAA,IAAI,cAAc,iBAAiB;AAAA,EAC3C;AAEA,iCAA+B,UAAU;AACzC,sBAAoB,WAAW,QAAQ;AAEhC,SAAA,OAAO,GAAG,YAAY,YAAY;AACvC,UAAM,eAAe,MAAM,OAAO,GAAG,MAAM,kBAAkB,EAAE,OAAO;AAAA,MACpE,QAAQ;AAAA,MACR,OAAO,EAAE,GAAG;AAAA,MACZ,MAAM;AAAA,QACJ,GAAGiB,GAAK,KAAA,eAAe,UAAU;AAAA,MACnC;AAAA,IAAA,CACD;AAED,QAAI,WAAW,aAAa;AACpB,YAAA,2BAA2B,MAAM,OAAO,GAC3C,MAAM,kBAAkB,EACxB,KAAK,cAAc,aAAa;AAEnC,YAAM,qBAAqBvD,GAAA,IAAI,UAAU,4BAA4B,CAAE,CAAA;AACjE,YAAA,iBAAiBC,GAAAA,KAAK,WAAW,WAAW;AAE5C,YAAA,kBAAkBC,GAAAA,WAAW,oBAAoB,cAAc;AAC/D,YAAA,eAAeA,GAAAA,WAAW,gBAAgB,kBAAkB;AAIlE,YAAM,QAAQ;AAAA,QACZ,gBAAgB;AAAA,UAAI,CAACqB,YACnB,OAAO,GAAG,MAAM,6BAA6B,EAAE,OAAO;AAAA,YACpD,OAAO,EAAE,QAAAA,SAAQ,OAAO,GAAG;AAAA,UAAA,CAC5B;AAAA,QACH;AAAA,MAAA;AAKF,YAAM,QAAQ;AAAA,QACZ,aAAa;AAAA,UAAI,CAACA,YAChB,OAAO,GAAG,MAAM,6BAA6B,EAAE,OAAO;AAAA,YACpD,MAAM,EAAE,QAAAA,SAAQ,OAAO,GAAG;AAAA,UAAA,CAC3B;AAAA,QACH;AAAA,MAAA;AAAA,IAEJ;AAGM,UAAA,oBAA+C,MAAM,OAAO,GAC/D,MAAM,kBAAkB,EACxB,KAAK,cAAc,aAAa;AAE5B,WAAA;AAAA,MACL,GAAG;AAAA,MACH,aAAa,oBAAoB,kBAAkB,IAAI,CAAC,MAAM,EAAE,MAAM,IAAI;AAAA,IAAA;AAAA,EAC5E,CACD;AACH;AAKA,MAAM,SAAS,OAAO,OAAyD;AAC7E,SAAO,OAAO,GAAG;AAAA,IAAY,YAC3B,OAAO,GACJ,MAAM,kBAAkB,EACxB,OAAO,EAAE,QAAQ,eAAe,UAAU,iBAAiB,OAAO,EAAE,MAAM;AAAA,EAAA;AAEjF;AAKA,MAAM,QAAQ,OACZ,cAAc,OAO6B;AAC3C,MAAI,OAAO,KAAK,WAAW,EAAE,WAAW,GAAG;AAClC,WAAA;AAAA,EACT;AAEA,QAAMX,SAAQ,MAAM,OAAO,GACxB,MAAM,kBAAkB,EACxB,QAAQ,EAAE,QAAQ,eAAe,UAAU,iBAAiB,OAAO,aAAa;AAEnF,MAAI,CAACA,QAAO;AACH,WAAAA;AAAA,EACT;AAEA,SAAO,wBAAwBA,MAAK;AACtC;AAKA,MAAM,UAAU,OAAO,OAAgE;AAC9E,SAAA,MAAM,EAAE,GAAA,CAAI;AACrB;AAKA,MAAM,YAAY,OAAOjB,UAAyD;AACzE,SAAA,MAAM,EAAE,MAAAA,MAAA,CAAM;AACvB;AAKA,MAAM,SAAS,OACb,cAAc,OAOO;AACf,QAAA2C,iBAAgB,MAAM,MAAM,WAAW;AAE7C,SAAO,CAAC,CAACA;AACX;AAEA,MAAM,aAAa,OAAO,OAAgD;AACxE,QAAM,YAAYwD,gBAAAA,QAAO,YAAY,GAAG,EAAE,SAAS,KAAK;AAClD,QAAAxD,iBAAiB,MAAM,OAAO,GAAG;AAAA,IAAY,YACjD,OAAO,GAAG,MAAM,kBAAkB,EAAE,OAAO;AAAA,MACzC,QAAQ,CAAC,MAAM,WAAW;AAAA,MAC1B,OAAO,EAAE,GAAG;AAAA,MACZ,MAAM;AAAA,QACJ,WAAW,KAAK,SAAS;AAAA,MAC3B;AAAA,IAAA,CACD;AAAA,EAAA;AAGH,MAAI,CAACA,gBAAe;AACZ,UAAA,IAAI,cAAc,sCAAsC;AAAA,EAChE;AAEO,SAAA;AAAA,IACL,GAAGA;AAAA,IACH;AAAA,EAAA;AAEJ;AAEA,MAAM,sBAAsB,CAAC,aAAwC;AAE7D,QAAA,gBAAgB6G,YAAS,QAAQ,KAAK,OAAO,SAAS,QAAQ,KAAK,WAAW;AACpF,MAAI,CAAC,iBAAiB,CAAChI,GAAA,MAAM,QAAQ,GAAG;AAChC,UAAA,IAAI8C,kBAAgB,4CAA4C;AAAA,EACxE;AAEO,SAAA;AAAA,IACL,UAAU,YAAY;AAAA,IACtB,WAAW,WAAW,KAAK,QAAQ,WAAW;AAAA,EAAA;AAElD;AAKA,MAAM,OAAO,CAAC,cAA8B;AAC1C,QAAM,EAAE,mBAAA8F,mBAAsB,IAAA,WAAW,UAAU,EAAE;AAEjD,MAAA,CAACA,sBAAqB;AAClB,UAAA,IAAI,UAAU,oCAAoC;AAAA,EAC1D;AAEA,SAAOjE,gBACJ,QAAA,WAAW,UAAU,OAAO,OAAO,IAAI,2BAA2B,CAAC,EACnE,OAAO,SAAS,EAChB,OAAO,KAAK;AACjB;AAEA,MAAM,qBAAqB,MAAM;AAC/B,QAAM,EAAE,mBAAAiE,mBAAsB,IAAA,WAAW,UAAU,EAAE;AAGrD,MAAI,CAAC,OAAO,OAAO,IAAI,gCAAgC,GAAG;AACxD;AAAA,EACF;AAEI,MAAA,CAACA,sBAAqB;AAChB,YAAA;AAAA,MACN;AAAA;AAAA;AAAA,IAAA;AAAA,EAIJ;AACF;AAKA,MAAM,0BAA0B,CAACnJ,WAAgD;AAC/E,MAAI,CAACA,QAAO;AACH,WAAAA;AAAA,EACT;AAEO,SAAA;AAAA,IACL,GAAGA;AAAA,IACH,aAAagD,GAAQ,QAAAhD,OAAM,WAAW,IAClCZ,GAAAA,IAAI,UAAUY,OAAM,WAAwC,IAC5DA,OAAM;AAAA,EAAA;AAEd;AAKA,MAAM,iCAAiC,CAAC,eAAmC;AACzE,QAAM,oBAAoB,OAAO,QAAQ,iBAAiB,EAAE;AAC5D,QAAM,mBAAmB,kBAAkB,UAAU,OAAO,KAAK;AACjE,QAAM,qBAAqBV,GAAA,WAAW,WAAW,aAAa,gBAAgB;AAE1E,MAAA,CAAC6D,GAAAA,QAAQ,kBAAkB,GAAG;AAChC,UAAM,IAAIE,kBAAgB,iCAAiC,mBAAmB,KAAK,IAAI,CAAC,EAAE;AAAA,EAC5F;AACF;AAKA,MAAM,kBAAkB,CAAC,aAAsB;AACzC,MAAA9C,GAAAA,MAAM,QAAQ,GAAG;AACZ,WAAA;AAAA,EACT;AAEA,MACE,CAACgI,GAAA,SAAS,QAAQ,KAClB,CAAC,OAAO,OAAOtI,YAAU,wBAAwB,EAAE,SAAS,QAAQ,GACpE;AACO,WAAA;AAAA,EACT;AAEO,SAAA;AACT;AAKA,MAAM,sBAAsB,CAAC,aAAsB;AAC7C,MAAA,CAAC,gBAAgB,QAAQ,GAAG;AAC9B,UAAM,IAAIoD;AAAAA,MACR;AAAA,QACE,OAAO,OAAOpD,YAAU,wBAAwB,EAAE,KAAK,IAAI,CAAC;AAAA,IAAA;AAAA,EAElE;AACF;;;;;;;;;;;;;;;;ACtXA,MAAM,oBAAoB,MAAe;AACvC,QAAM,OAAO,OAAO,OAAO,IAAI,6BAA6B,IAAI;AAEhE,SAAO,OAAO,SAAS,YAAY,KAAK,SAAS;AACnD;AAKA,MAAM,0BAA0B,MAAe;AAC7C,QAAM,EAAE,OAAAmJ,OAAA,IAAU,WAAW,UAAU;AAGvC,MAAIC,QAAI,IAAA,KAAK,qCAAqC,MAAM,QAAW;AACjE,WAAO,IAAI;AAAA,MACT;AAAA,IAAA;AAAA,EAEJ;AAEA,SAAOD,OAAM,uBAAuB,OAAO,OAAO,IAAI,gCAAgC;AACxF;;;;;;;;;;;;ACtBA,MAAM,+BAA+B,CAAC,YAAY,UAAU;AAqB5D,MAAM,iBAAiB,OAAO,UAAkD;AAC9E,QAAM,oBAAoC,CAAA;AAE1C,QAAM,QAAQ;AAAA,IACZ,6BAA6B,IAAI,OAAO,cAAc;AAC9C,YAAA,OAAO,MAAM,SAAS;AAG5B,UAAI,CAAC,MAAM;AACT;AAAA,MACF;AAEA,YAAM,YAAY,MAAME,YAAG,QAAA,iBAAiB,KAAK,QAAQ;AAGvC,wBAAA,SAAS,IAAI,MAAM,OAClC,OAAO,QAAQ,EACf,QAAQ,QAAQ,EAChB,eAAe;AAAA,QACd,UAAU,KAAK;AAAA,QACf,MAAM,KAAK;AAAA,QACX,MAAM,KAAK;AAAA,MAAA,CACZ;AAGI,aAAA;AAAA,QACL,kBAAkB,SAAS;AAAA,QAC3B,MAAM,OAAO,OAAO,QAAQ,EAAE,QAAQ,oBAAoB,EAAE,cAAc,EAAE,WAAW;AAAA,MAAA;AAIlF,aAAA,OAAO,kBAAkB,SAAS,GAAI;AAAA,QAC3C,QAAQ,UAAU;AAAA,QAClB,SAAS,KAAK;AAAA;AAAA;AAAA,QAGd,UAAU,OAAO,OAAO,IAAI,gBAAgB,EAAE;AAAA,MAAA,CAC/C;AAAA,IAAA,CACF;AAAA,EAAA;AAGI,SAAA;AACT;AAEA,MAAM,qBAAqB,YAAkD;AACrE,QAAA,QAAQ,OAAO,MAAM,EAAE,MAAM,QAAQ,MAAM,SAAS;AAG1D,QAAM,yBAAyB,6BAA6B,OAAO,CAAC,MAAW,QAAa;AAC1F,SAAK,GAAG,IAAI;AACL,WAAA;AAAA,EACT,GAAG,CAAE,CAAA;AAEL,QAAMC,mBAAkB;AAAA,IACtB,GAAG;AAAA;AAAA,IAEH,GAAI,MAAM,MAAM,IAAI,EAAE,KAAK,oBAAoB;AAAA,EAAA;AAIpB,+BAAA,QAAQ,CAAC,cAAc;AAC9C,QAAA,CAACA,iBAAgB,SAAS,GAAG;AAC/B;AAAA,IACF;AAEA,IAAAA,iBAAgB,SAAS,IAAI9G,EAAK,KAAA8G,iBAAgB,SAAS,GAAG;AAAA,MAC5D;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IAAA,CACD;AAAA,EAAA,CACF;AAEM,SAAAA;AACT;AAEA,MAAM,cAAc,OAAO,QAAmB,OAAO;AAEnD,SAAO,QAAQ;AAAA,IACb,OAAO,OAAO,KAAK,EAChB,OAAO,CAAC,SAAS,MAAM,kBAAkBD,oBAAG,UAAU,EACtD,IAAI,CAAC,SAAS,OAAO,OAAO,QAAQ,EAAE,SAAS,aAAa,IAAI,CAAC;AAAA,EAAA;AAExE;AAEA,MAAM,iBAAiB,OAAO,EAAE,kBAAkB,kBAAuB;AACvE,SAAO,QAAQ;AAAA,IACb,6BAA6B,IAAI,OAAO,cAAc;AAEpD,UAAI,CAAC,kBAAkB;AACrB;AAAA,MACF;AAGI,UAAA,CAAC,iBAAiB,SAAS,GAAG;AAChC;AAAA,MACF;AAIE,UAAA,YAAY,SAAS,KACrB,iBAAiB,SAAS,EAAE,SAAS,YAAY,SAAS,EAAE,MAC5D;AACA;AAAA,MACF;AAKI,UAAA,OAAO,OAAO,IAAI,gBAAgB,EAAE,aAAa,iBAAiB,SAAS,EAAE,UAAU;AACzF;AAAA,MACF;AAIA,aAAO,OAAO,QAAQ,EAAE,SAAS,OAAO,iBAAiB,SAAS,CAAC;AAAA,IAAA,CACpE;AAAA,EAAA;AAEL;AAIA,MAAME,0BAAwB,OAC5B,gBACG;AACG,QAAA,QAAQ,OAAO,MAAM,EAAE,MAAM,QAAQ,MAAM,SAAS;AAC1D,QAAM,mBAAoB,MAAM,MAAM,IAAI,EAAE,KAAK,oBAAoB;AAC/D,QAAA,QAAQ/G,EAAAA,KAAK,aAAa,4BAA4B;AAE5D,QAAM,YAAY,KAAK;AAEM,+BAAA,QAAQ,CAAC,cAAc;AAE9C,QAAA,YAAY,SAAS,MAAM,UAAa,EAAE,OAAO,YAAY,SAAS,MAAM,WAAW;AACzF,kBAAY,SAAS,IAAI;AACzB;AAAA,IACF;AAGA,QAAI,CAAC,YAAY,SAAS,KAAK,kBAAkB;AACnC,kBAAA,SAAS,IAAI,iBAAiB,SAAS;AACnD;AAAA,IACF;AAGA,gBAAY,SAAS,IAAIA,EAAK,KAAA,YAAY,SAAS,GAAG;AAAA,MACpD;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IAAA,CACD;AAAA,EAAA,CACF;AAGc,iBAAA,EAAE,kBAAkB,YAAA,CAAa;AAEhD,QAAM,MAAM,IAAI;AAAA,IACd,KAAK;AAAA,IACL,OAAO,EAAE,GAAG,kBAAkB,GAAG,YAAY;AAAA,EAAA,CAC9C;AAED,SAAO,mBAAmB;AAC5B;;;;;;;;AChLA,MAAe,UAAA;AAAA,EACb;AAAA,EAAA,MACAzD;AAAAA,EAAA,MACAwD;AAAAA,EACA;AAAA,EAAA,OACAxC;AAAAA,EAAA,YACAkD;AAAAA,EACA;AAAA,EACA,gBAAgB;AAAA,EAAA,WAChBjD;AAAAA,EACA;AAAA,EACA;AAAA,EACA,aAAaK;AAAAA,EAAA,UACb0B;AAAAA,EACA,oBAAoB;AACtB;AC7BA,MAAM,kBAAkB;AACxB,MAAM,mBAAmB;AACzB,MAAM,sBAAsB,OAAO;AAEnC,MAAM,wBAAwByH,MAC3B,OAAO;AAAA,EACN,UAAUA,IAAA,EAAE,OAAO,EAAE,QAAQ;AAAA,EAC7B,UAAUA,IAAA,EAAE,OAAO,EAAE,QAAQ;AAC/B,CAAC,EACA,OAAO;AAEV,MAAM,4BAA4BA,MAAE,OAAO;AAAA,EACzC,kBAAkBA,IAAA,EAAE,OAAO,EAAE,QAAQ;AAAA,EACrC,UAAUA,IAAE,EAAA,KAAK,CAAC,cAAc,aAAa,eAAe,CAAC;AAAA,EAC7D,MAAMA,IAAE,EAAA,OAAA,EAAS,IAAI,mBAAmB,EAAE,QAAQ;AACpD,CAAC;AAED,MAAM,6BAA6BA,MAChC,OAAO;AAAA,EACN,UAAU,0BAA0B,QAAQ;AAAA,EAC5C,UAAU,0BAA0B,QAAQ;AAC9C,CAAC,EACA,OAAO;AAEV,MAAM,iBAAiBA,MAAE,OAAO;AAAA,EAC9B,OAAOA,IAAE,EAAA,OAAA,EAAS,IAAI,eAAe,EAAE,QAAQ;AAAA,EAC/C,QAAQA,IAAE,EAAA,OAAA,EAAS,IAAI,gBAAgB,EAAE,QAAQ;AACnD,CAAC;AAED,MAAM,wCAAwCA,MAC3C,OAAO;AAAA,EACN,UAAU,eAAe,QAAQ;AAAA,EACjC,UAAU,eAAe,QAAQ;AACnC,CAAC,EACA,OAAO;AAEG,MAAA,gCAAgCC,QAAAA,YAAY,qBAAqB;AACjE,MAAA,qCAAqCA,QAAAA,YAAY,0BAA0B;AACjF,MAAM,gDAAgDA,QAAA;AAAA,EAC3D;AACF;ACjBA,MAAM,EAAE,kBAAsB,IAAAC;AAK9B,MAAe,QAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOb,MAAM,iBAAiB;AACrB,UAAM,QAAQ,OAAO,OAAO,IAAI,eAAe,CAAA,CAAE;AAC1C,WAAA,EAAE,MAAM,EAAE,MAAM,OAAO,UAAU,CAAI,GAAA,MAAA;EAC9C;AAAA,EAEA,MAAM,OAAO;AACX,QAAI,OAAO,OAAO,OAAO,IAAI,QAAQ,KAAK;AAC1C,UAAM,WAAW,MAAM,WAAW,MAAM,EAAE,OAAO;AAC3C,UAAA,EAAE,UAAU,SAAS,IAAI,MAAM,WAAW,kBAAkB,EAAE;AAE9D,UAAA,oBAAoC,OAAO,OAAO;AAAA,MACtD;AAAA,MACA;AAAA,IAAA;AAGE,QAAA,sBAAsB,QAAQ,sBAAsB,MAAM;AACrD,aAAA;AAAA,IACT;AAEO,WAAA;AAAA,MACL,MAAM;AAAA,QACJ;AAAA,QACA;AAAA,QACA,UAAU,WAAW,SAAS,MAAM;AAAA,QACpC,UAAU,WAAW,SAAS,MAAM;AAAA,MACtC;AAAA,IAAA;AAAA,EAEJ;AAAA,EAEA,MAAM,qBAAqB;AAClB,WAAA;AAAA,MACL;AAAA,MACA,mBAAmB;AAAA,EACvB;AAAA,EAEA,MAAM,sBAAsB,KAAc;AAClC,UAAA;AAAA,MACJ,SAAS,EAAE,OAAO,KAAK;AAAA,IACrB,IAAA;AAEE,UAAA,yBAAyB,WAAW,kBAAkB;AAE5D,UAAM,8BAA8B,IAAI;AACxC,UAAM,mCAAmC,KAAK;AAE9C,UAAM,gBAAgB,MAAM,uBAAuB,eAAe,KAAK;AACvE,UAAM,8CAA8C,aAAa;AAEjE,WAAO,uBAAuB,sBAAsB;AAAA,MAClD,GAAG;AAAA,MACH,GAAG;AAAA,IAAA,CACJ;AAAA,EACH;AAAA,EAEA,MAAM,oBAAoB,KAAc;AAElC,QAAA,OAAO,UAAU,YAAY;AAC/B,UAAI,SAAS;AACb;AAAA,IACF;AAEA,UAAM,wBAAwB,MAAM,kBAAkB,OAAO,KAAK,IAAI,IAAI;AAC1E,UAAM,uBAAuB,MAAM;AAAA,MACjChK,sBAAK,KAAK,OAAO,KAAK,IAAI,MAAM,OAAO,OAAO;AAAA,IAAA;AAEhD,UAAM,wBAAwB0J,QAAA,IAAI,kBAAkB,IAAI,MAAM;AAE9D,UAAM,0BAA0BlI,aAAA,QAAE,KAAK,OAAO,YAAY;AAC1D,UAAM,qBAAqBA,aAAA,QAAE,KAAK,OAAO,UAAU;AAEnD,UAAM,0BAA0B,MAAM;AAC7B,aAAA0B,GAAA;AAAA,QACLzD,GAAAA,IAAI,YAAY;AAAA,QAChBwH,GAAAA,QAAQgD,GAAAA,MAAM;AAAA;AAAA,QAEdC,GAAAA,MAAMnC,GAAA,OAAO,QAAQ,aAAa,CAAC;AAAA,MAAA,EACnC,OAAO,YAAmB;AAAA,IAAA;AAGvB,WAAA;AAAA,MACL,MAAM;AAAA,QACJ;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA;AAAA,QACA;AAAA,QACA,sBAAsB,wBAAwB;AAAA,MAChD;AAAA,IAAA;AAAA,EAEJ;AAAA,EAEA,MAAM,cAAc;AAClB,UAAM,qBAA6B,OAAO,OAAO,IAAI,aAAa;AAClE,UAAM,aAAa,OAAO,OAAO,IAAI,cAAc,KAAK;AACxD,UAAM,gBAAgB,OAAO,OAAO,IAAI,eAAe,IAAI;AAC3D,UAAM,eAAe,OAAO,OAAO,IAAI,qBAAqB,CAAA,CAAE;AAC9D,UAAM,YAAY,OAAO,OAAO,IAAI,QAAQ,IAAI;AAChD,UAAM,cAAc,QAAQ;AACtB,UAAA,mBAAmB,CAAC,OAAO;AAC3B,UAAA,UAAmB,MAAMhE,IAAO,OAAA/D,sBAAK,KAAK,QAAQ,IAAA,GAAO,WAAW,CAAC;AAEpE,WAAA;AAAA,MACL,MAAM;AAAA,QACJ;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,MACF;AAAA,IAAA;AAAA,EAEJ;AAAA,EAEA,MAAM,QAAQ,KAAc;AAC1B,UAAM,iBAAiB,OAAO,OAAO,IAAI,gBAAgB;AAIzD,UAAM,eAAe;AAAA,MACnB;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IAAA;AAGI,UAAAmK,WAAU,OAAO,QAAQ,cAAc,EAC1C,OAAO,CAAC,CAAC,GAAG,MAAW,CAAC,aAAa,SAAS,GAAG,CAAC,EAClD,IAAI,CAAC,CAAC,KAAK,MAAM,OAAY;AAAA,MAC5B,MAAM,OAAO,KAAK,QAAQ;AAAA,MAC1B,aAAa,OAAO,KAAK,eAAe,OAAO,KAAK,QAAQ;AAAA,MAC5D,aAAa,OAAO,KAAK,eAAe;AAAA,MACxC,aAAa,OAAO,KAAK;AAAA,IACzB,EAAA;AAEA,QAAA,KAAK,EAAE,SAAAA,SAAA,CAAS;AAAA,EACtB;AACF;AChLA,MAAM,yBAAyB5I,QAAA,IAC5B,OAAO,EACP,MAAM;AAAA,EACL,MAAMA,QAAI,IAAA,OAAA,EAAS,IAAI,CAAC,EAAE,SAAS;AAAA,EACnC,aAAaA,QAAA,IAAI,OAAO,EAAE,SAAS;AAAA,EACnC,MAAMA,QAAI,IAAA,OAAS,EAAA,MAAM,OAAO,OAAOjB,YAAU,cAAc,CAAC,EAAE,SAAS;AAAA,EAC3E,aAAaiB,QAAAA,IAAI,QAAQ,GAAGA,QAAAA,IAAI,OAAA,CAAQ,EAAE,SAAS;AAAA,EACnD,UAAUA,QAAAA,IAAI,SAAS,IAAI,CAAC,EAAE,MAAM,OAAO,OAAOjB,YAAU,mBAAmB,CAAC,EAAE,SAAS;AAC7F,CAAC,EACA,YACA;AAEH,MAAM,uBAAuBiB,QAAA,IAC1B,OAAO,EACP,MAAM;AAAA,EACL,MAAMA,QAAI,IAAA,OAAA,EAAS,IAAI,CAAC,EAAE,QAAQ;AAAA,EAClC,aAAaA,QAAA,IAAI,OAAO,EAAE,SAAS;AAAA,EACnC,MAAMA,QAAI,IAAA,OAAS,EAAA,MAAM,OAAO,OAAOjB,YAAU,cAAc,CAAC,EAAE,QAAQ;AAAA,EAC1E,aAAaiB,QAAAA,IAAI,QAAQ,GAAGA,QAAAA,IAAI,OAAA,CAAQ,EAAE,SAAS;AACrD,CAAC,EACA,YACA;AAEU,MAAA,gCAAgCE,QAAAA,kBAAkB,sBAAsB;AACxE,MAAA,8BAA8BA,0BAAkB,oBAAoB;ACfjF,MAAM,EAAEa,kBAAAA,mBAAqB,IAAA7B;AAE7B,MAAe,aAAA;AAAA,EACb,MAAM,OAAO,KAAc;AACnB,UAAA,EAAE,KAAK,IAAI,IAAI;AACf,UAAA,kBAAkB,WAAW,WAAW;AAO9C,UAAM,aAAa;AAAA,MACjB,MAAM2J,GAAAA,KAAK,KAAK,IAAI;AAAA,MACpB,aAAaA,GAAAA,KAAK,KAAK,WAAW;AAAA,MAClC,MAAM,KAAK;AAAA,MACX,aAAa,KAAK;AAAA,MAClB,UAAU,KAAK;AAAA,IAAA;AAGjB,UAAM,8BAA8B,UAAU;AAExC,UAAA,gBAAgB,MAAM,gBAAgB,OAAO,EAAE,MAAM,WAAW,MAAM;AAC5E,QAAI,eAAe;AACX,YAAA,IAAI9H,mBAAiB,oBAAoB;AAAA,IACjD;AAEA,UAAM3B,YAAW,MAAM,gBAAgB,OAAO,UAAU;AACxD,QAAI,QAAQ,EAAE,MAAMA,UAAoC,CAAA;AAAA,EAC1D;AAAA,EAEA,MAAM,WAAW,KAAc;AACvB,UAAA,EAAE,GAAG,IAAI,IAAI;AACb,UAAA,kBAAkB,WAAW,WAAW;AAE9C,UAAM,iBAAiB,MAAM,gBAAgB,QAAQ,EAAE;AACvD,QAAI,CAAC,gBAAgB;AACnB,UAAI,SAAS,qBAAqB;AAClC;AAAA,IACF;AAEA,UAAM,cAAc,MAAM,gBAAgB,WAAW,EAAE;AAEvD,QAAI,QAAQ,EAAE,MAAM,YAAa,CAAA;AAAA,EACnC;AAAA,EAEA,MAAM,KAAK,KAAc;AACjB,UAAA,kBAAkB,WAAW,WAAW;AACxC,UAAA0J,aAAY,MAAM,gBAAgB;AAExC,QAAI,KAAK,EAAE,MAAMA,WAAmC,CAAA;AAAA,EACtD;AAAA,EAEA,MAAM,OAAO,KAAc;AACnB,UAAA,EAAE,GAAG,IAAI,IAAI;AACb,UAAA,kBAAkB,WAAW,WAAW;AAC9C,UAAM1J,YAAW,MAAM,gBAAgB,OAAO,EAAE;AAEhD,QAAI,QAAQ,EAAE,MAAMA,UAAoC,CAAA;AAAA,EAC1D;AAAA,EAEA,MAAM,IAAI,KAAc;AAChB,UAAA,EAAE,GAAG,IAAI,IAAI;AACb,UAAA,kBAAkB,WAAW,WAAW;AAC9C,UAAMA,YAAW,MAAM,gBAAgB,QAAQ,EAAE;AAEjD,QAAI,CAACA,WAAU;AACb,UAAI,SAAS,qBAAqB;AAClC;AAAA,IACF;AAEA,QAAI,KAAK,EAAE,MAAMA,UAAiC,CAAA;AAAA,EACpD;AAAA,EAEA,MAAM,OAAO,KAAc;AACnB,UAAA,EAAE,KAAK,IAAI,IAAI;AACf,UAAA,EAAE,GAAG,IAAI,IAAI;AACb,UAAA,kBAAkB,WAAW,WAAW;AAE9C,UAAM,aAAa;AAMf,QAAA8C,GAAA,IAAI,QAAQ,UAAU,GAAG;AAChB,iBAAA,OAAO2G,GAAAA,KAAK,KAAK,IAAI;AAAA,IAClC;AAEA,QAAI3G,GAAAA,IAAI,eAAe,UAAU,KAAK,WAAW,gBAAgB,MAAM;AAC1D,iBAAA,cAAc2G,GAAAA,KAAK,KAAK,WAAW;AAAA,IAChD;AAEA,UAAM,4BAA4B,UAAU;AAE5C,UAAM,iBAAiB,MAAM,gBAAgB,QAAQ,EAAE;AACvD,QAAI,CAAC,gBAAgB;AACZ,aAAA,IAAI,SAAS,qBAAqB;AAAA,IAC3C;AAEI,QAAA3G,GAAA,IAAI,QAAQ,UAAU,GAAG;AAC3B,YAAM,mBAAmB,MAAM,gBAAgB,UAAU,WAAW,IAAI;AAOpE,UAAA,CAAC,CAAC,oBAAoB,CAAC6G,gBAAQ,QAAQ,iBAAiB,IAAI,EAAE,GAAG;AAC7D,cAAA,IAAIhI,mBAAiB,oBAAoB;AAAA,MACjD;AAAA,IACF;AAEA,UAAM3B,YAAW,MAAM,gBAAgB,OAAO,IAAI,UAAU;AAC5D,QAAI,KAAK,EAAE,MAAMA,UAAoC,CAAA;AAAA,EACvD;AAAA,EAEA,MAAM,UAAU,KAAc;AACtB,UAAA,kBAAkB,WAAW,WAAW;AAGxC,UAAA,SAAS,MAAM,gBAAgB;AAErC,QAAI,KAAK,EAAE,MAAM,OAAQ,CAAA;AAAA,EAC3B;AACF;ACrIA,MAAM,qBAAqBY,QAAA,IACxB,OAAO,EACP,MAAM;AAAA,EACL,OAAO,WAAW,MAAM,SAAS;AAAA,EACjC,WAAW,WAAW,UAAU,SAAS;AAAA,EACzC,UAAU,WAAW;AAAA,EACrB,OAAO,WAAW,MAAM,IAAI,CAAC;AAAA,EAC7B,kBAAkBA,QAAA,IAAI,OAAO,EAAE,SAAS;AAC1C,CAAC,EACA,UAAU;AAEb,MAAM,sBAAsBA,QAAA,IACzB,OAAO,EACP,MAAM;AAAA,EACL,OAAO,WAAW,MAAM,QAAQ;AAAA,EAChC,WAAW,WAAW,UAAU,QAAQ;AAAA,EACxC,UAAU,WAAW,SAAS,SAAS;AAAA,EACvC,UAAU,WAAW,SAAS,SAAS;AAAA,EACvC,UAAU,WAAW,SAAS,QAAQ;AAAA,EACtC,iBAAiBA,QAAAA,IACd,OAAA,EACA;AAAA,IAAK;AAAA,IAAY,CAACgB,WAAkB,WACnC,CAACgI,eAAYhI,SAAQ,IAAI,OAAO,SAAA,IAAa;AAAA,IAE9C,QAAQ;AAAA,EACX,kBAAkBhB,QAAA,IAAI,OAAO,EAAE,SAAS;AAC1C,CAAC,EACA,UAAU;AAEb,MAAM,mBAAmBA,QAAA,IACtB,OAAO,EACP,MAAM;AAAA,EACL,OAAO,WAAW,MAAM,QAAQ;AAAA,EAChC,WAAW,WAAW,UAAU,QAAQ;AAAA,EACxC,UAAU,WAAW,SAAS,SAAS;AAAA,EACvC,UAAU,WAAW,SAAS,SAAS;AAAA,EACvC,UAAU,WAAW,SAAS,QAAQ;AAAA,EACtC,UAAUA,QAAA,IAAI,KAAK,EAAE,QAAQ;AAAA,EAC7B,OAAO,WAAW,MAAM,IAAI,CAAC,EAAE,QAAQ;AACzC,CAAC,EACA,UAAU;AAEb,MAAM,oBAAoBA,QAAA,IACvB,OAAO,EACP,MAAM;AAAA,EACL,KAAKA,QAAA,IAAI,MAAM,EAAE,GAAGA,QAAAA,IAAI,SAAS,CAAC,EAAE,IAAI,CAAC,EAAE,SAAS;AACtD,CAAC,EACA,UAAU;AAEA,MAAA,4BAA4BE,QAAAA,kBAAkB,kBAAkB;AAChE,MAAA,6BAA6BA,QAAAA,kBAAkB,mBAAmB;AAClE,MAAA,0BAA0BA,QAAAA,kBAAkB,gBAAgB;AAC5D,MAAA,2BAA2BA,0BAAkB,iBAAiB;ACjD3E,MAAe,oBAAA;AAAA,EACb,MAAM,MAAM,KAAc;AACxB,UAAM,WAAW,WAAW,MAAM,EAAE,aAAa,IAAI,MAAM,IAAiB;AAE5E,QAAI,OAAO;AAAA,MACT,MAAM;AAAA,IAAA;AAAA,EAEV;AAAA,EAEA,MAAM,SAAS,KAAc;AACrB,UAAA,QAAQ,IAAI,QAAQ;AAE1B,UAAM,2BAA2B,KAAK;AAEhC,UAAA,cAAc,WAAW,MAAM;AAC/B,UAAA,aAAa,WAAW,MAAM;AAEpC,UAAM,EAAE,iBAAiB,GAAG,SAAA,IAAa;AAErC,QAAA,mBAAmB,SAAS,UAAU;AAClC,YAAA,UAAU,MAAM,WAAW,iBAAiB,iBAAiB,IAAI,MAAM,KAAK,QAAQ;AAE1F,UAAI,CAAC,SAAS;AAEL,eAAA,IAAI,WAAW,mBAAmB;AAAA,UACvC,iBAAiB,CAAC,qBAAqB;AAAA,QAAA,CACxC;AAAA,MACH;AAAA,IACF;AAEM,UAAA,cAAc,MAAM,YAAY,WAAW,IAAI,MAAM,KAAK,IAAI,QAAQ;AAE5E,QAAI,OAAO;AAAA,MACT,MAAM,YAAY,aAAa,WAAW;AAAA,IAAA;AAAA,EAE9C;AAAA,EAEA,MAAM,kBAAkB,KAAc;AACpC,UAAM,EAAE,qBAAA+I,sBAAqB,oBAAAC,oBAAmB,IAAI,WAAW,YAAY;AACrE,UAAA,EAAE,MAAApL,MAAK,IAAI,IAAI;AAEf,UAAA,kBAAkB,MAAMmL,qBAAoBnL,KAAiB;AAEnE,QAAI,OAAO;AAAA;AAAA,MAET,MAAM,gBAAgB,IAAIoL,mBAAkB;AAAA,IAAA;AAAA,EAEhD;AACF;ACpDA,MAAM,qBAAqBlJ,QAAA,IACxB,OAAO,EACP,MAAM;AAAA,EACL,mBAAmBA,QAAA,IAAI,OAAO,EAAE,SAAS;AAAA,EACzC,UAAUA,QAAA,IACP,OAAO,EACP,MAAM;AAAA,IACL,WAAW,WAAW,UAAU,SAAS;AAAA,IACzC,UAAU,WAAW,SAAS,SAAS;AAAA,IACvC,UAAU,WAAW,SAAS,SAAS;AAAA,EAAA,CACxC,EACA,SAAS,EACT,UAAU;AACf,CAAC,EACA,UAAU;AAEb,MAAM,8BAA8BA,QAAA,IACjC,OAAO,EACP,MAAM;AAAA,EACL,mBAAmBA,QAAA,IAAI,OAAO,EAAE,SAAS;AAC3C,CAAC,EACA,WACA;AAEH,MAAM,0BAA0BA,QAAA,IAC7B,OAAO,EACP,MAAM;AAAA,EACL,OAAO,WAAW,MAAM,SAAS;AAAA,EACjC,WAAW,WAAW,UAAU,SAAS;AAAA,EACzC,UAAU,WAAW,SAAS,SAAS;AAAA,EACvC,UAAU,WAAW,SAAS,SAAS;AACzC,CAAC,EACA,WACA;AAEU,MAAA,4BAA4BE,QAAAA,kBAAkB,kBAAkB;AAChE,MAAA,gCAAgCA,QAAAA,kBAAkB,2BAA2B;AAC7E,MAAA,iCAAiCA,0BAAkB,uBAAuB;ACrCvF,MAAM,uBAAuBF,QAAA,IAC1B,OAAO,EACP,MAAM;AAAA,EACL,OAAO,WAAW,MAAM,SAAS;AACnC,CAAC,EACA,WACA;AAEH,MAAeE,8BAAAA,QAAAA,kBAAkB,oBAAoB;ACRrD,MAAM,sBAAsBF,QAAA,IACzB,OAAO,EACP,MAAM;AAAA,EACL,oBAAoBA,QAAA,IAAI,OAAO,EAAE,SAAS;AAAA,EAC1C,UAAU,WAAW,SAAS,SAAS;AACzC,CAAC,EACA,WACA;AAEH,MAAeE,6BAAAA,QAAAA,kBAAkB,mBAAmB;ACVpD,MAAM,aAAaF,QAAAA,IAAI,OAAS,EAAA,MAAM,EAAE,OAAOA,QAAAA,IAAI,OAAO,EAAE,WAAY,CAAA,EAAE,WAAW,UAAU;AAE/F,MAAeE,0BAAAA,QAAAA,kBAAkB,UAAU;ACqB3C,MAAM,oBAAEa,oBAAkB,gBAAoB,IAAA7B;AAE9C,MAAe,iBAAA;AAAA,EACb,OAAOiK,iBAAAA,QAAQ;AAAA,IACb,CAAC,KAAc,SAAe;AACrB,aAAApF,kBAAA,QAAS,aAAa,SAAS,EAAE,SAAS,SAAS,CAAC,KAAKjG,OAAM,SAAS;AAC7E,YAAI,KAAK;AACA,iBAAA,SAAS,KAAK,oBAAoB,EAAE,OAAO,KAAK,UAAU,SAAS;AAEtE,cAAA,IAAI,SAAS,SAAS,qBAAqB;AACvC,kBAAA;AAAA,UACR;AAGA,iBAAO,IAAI;QACb;AAEA,YAAI,CAACA,OAAM;AACF,iBAAA,SAAS,KAAK,oBAAoB;AAAA,YACvC,OAAO,IAAI,MAAM,KAAK,OAAO;AAAA,YAC7B,UAAU;AAAA,UAAA,CACX;AACK,gBAAA,IAAIiD,mBAAiB,KAAK,OAAO;AAAA,QACzC;AAEA,cAAM,QAAQ,IAAI;AAClB,cAAM,OAAOjD;AAEb,cAAM,gBAAgB,WAAW,MAAM,EAAE,aAAaA,KAAI;AACnD,eAAA,SAAS,KAAK,sBAAsB,EAAE,MAAM,eAAe,UAAU,SAAS;AAErF,eAAO,KAAK;AAAA,MAAA,CACb,EAAE,KAAK,IAAI;AAAA,IACd;AAAA,IACA,CAAC,QAAiB;AACV,YAAA,EAAE,MAAAA,MAAK,IAAI,IAAI;AAErB,UAAI,OAAO;AAAA,QACT,MAAM;AAAA,UACJ,OAAO,WAAW,OAAO,EAAE,eAAeA,KAAI;AAAA,UAC9C,MAAM,WAAW,MAAM,EAAE,aAAa,IAAI,MAAM,IAAI;AAAA;AAAA,QACtD;AAAA,MAAA;AAAA,IAEJ;AAAA,EAAA,CACD;AAAA,EAED,MAAM,WAAW,KAAc;AACvB,UAAA,wBAAwB,IAAI,QAAQ,IAAI;AAE9C,UAAM,EAAE,OAAAgB,OAAU,IAAA,IAAI,QAAQ;AAExB,UAAA,EAAE,SAAS,YAAY,WAAW,OAAO,EAAE,eAAeA,MAAK;AAErE,QAAI,CAAC,SAAS;AACN,YAAA,IAAI,gBAAgB,eAAe;AAAA,IAC3C;AAEA,QAAI,OAAO;AAAA,MACT,MAAM;AAAA,QACJ,OAAO,WAAW,OAAO,EAAE,eAAe,EAAE,IAAI,QAAQ,IAAI;AAAA,MAC9D;AAAA,IAAA;AAAA,EAEJ;AAAA,EAEA,MAAM,iBAAiB,KAAc;AAC7B,UAAA,8BAA8B,IAAI,QAAQ,KAAK;AAErD,UAAM,EAAE,kBAAsB,IAAA,IAAI,QAAQ;AAE1C,UAAM,mBAAmB,MAAM,WAAW,MAAM,EAAE,qBAAqB,iBAAiB;AAExF,QAAI,CAAC,kBAAkB;AACf,YAAA,IAAI,gBAAgB,2BAA2B;AAAA,IACvD;AAEI,QAAA,OAAO,EAAE,MAAM,iBAAiB;AAAA,EACtC;AAAA,EAEA,MAAM,SAAS,KAAc;AACrB,UAAA,QAAQ,IAAI,QAAQ;AAE1B,UAAM,0BAA0B,KAAK;AAErC,UAAMhB,QAAO,MAAM,WAAW,MAAM,EAAE,SAAS,KAAK;AAEpD,QAAI,OAAO;AAAA,MACT,MAAM;AAAA,QACJ,OAAO,WAAW,OAAO,EAAE,eAAeA,KAAI;AAAA,QAC9C,MAAM,WAAW,MAAM,EAAE,aAAaA,KAAI;AAAA,MAC5C;AAAA,IAAA;AAAA,EAEJ;AAAA,EAEA,MAAM,cAAc,KAAc;AAC1B,UAAA,QAAQ,IAAI,QAAQ;AAE1B,UAAM,+BAA+B,KAAK;AAE1C,UAAM,WAAW,MAAM,WAAW,MAAM,EAAE,OAAO;AAEjD,QAAI,UAAU;AACN,YAAA,IAAIiD,mBAAiB,uCAAuC;AAAA,IACpE;AAEA,UAAM,iBAAiB,MAAM,WAAW,MAAM,EAAE,cAAc;AAE9D,QAAI,CAAC,gBAAgB;AACnB,YAAM,IAAIA;AAAAA,QACR;AAAA,MAAA;AAAA,IAEJ;AAEA,UAAMjD,QAAO,MAAM,WAAW,MAAM,EAAE,OAAO;AAAA,MAC3C,GAAG;AAAA,MACH,mBAAmB;AAAA,MACnB,UAAU;AAAA,MACV,OAAO,iBAAiB,CAAC,eAAe,EAAE,IAAI,CAAC;AAAA,IAAA,CAChD;AAEM,WAAA,UAAU,KAAK,qBAAqB;AAE3C,QAAI,OAAO;AAAA,MACT,MAAM;AAAA,QACJ,OAAO,WAAW,OAAO,EAAE,eAAeA,KAAI;AAAA,QAC9C,MAAM,WAAW,MAAM,EAAE,aAAaA,KAAI;AAAA,MAC5C;AAAA,IAAA;AAAA,EAEJ;AAAA,EAEA,MAAM,eAAe,KAAc;AAC3B,UAAA,QAAQ,IAAI,QAAQ;AAE1B,UAAM,4BAA4B,KAAK;AAE5B,eAAA,MAAM,EAAE,eAAe,KAAK;AAEvC,QAAI,SAAS;AAAA,EACf;AAAA,EAEA,MAAM,cAAc,KAAc;AAC1B,UAAA,QAAQ,IAAI,QAAQ;AAE1B,UAAM,2BAA2B,KAAK;AAEtC,UAAMA,QAAO,MAAM,WAAW,MAAM,EAAE,cAAc,KAAK;AAEzD,QAAI,OAAO;AAAA,MACT,MAAM;AAAA,QACJ,OAAO,WAAW,OAAO,EAAE,eAAeA,KAAI;AAAA,QAC9C,MAAM,WAAW,MAAM,EAAE,aAAaA,KAAI;AAAA,MAC5C;AAAA,IAAA;AAAA,EAEJ;AAAA,EAEA,OAAO,KAAc;AACnB,UAAM,gBAAgB,WAAW,MAAM,EAAE,aAAa,IAAI,MAAM,IAAI;AACpE,WAAO,SAAS,KAAK,gBAAgB,EAAE,MAAM,eAAe;AAC5D,QAAI,OAAO,EAAE,MAAM,CAAG,EAAA;AAAA,EACxB;AACF;ACrLA,MAAM,eAAe,CAAC,MAAM,eAAe,UAAU;AAErD,MAAM,mBAAmBI,GAAA,IAAIqD,QAAK,YAAY,CAAC;ACI/C,MAAe,aAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAKb,MAAM,MAAM,KAAc;AACxB,UAAM,EAAE,MAAM,UAAU,IAAI;AACtB,UAAA,EAAE,YAAY,IAAI,IAAI;AAE5B,UAAM,8BAA8B,KAAK;AAEzC,UAAM,EAAE,QAAA8E,QAAA,IAAW,WAAW,YAAY;AAEpC,UAAA,qBAAqBA,QAAO,UAAU,WAAW;AAEvD,QAAI,OAAO;AAAA,MACT,MAAM,mBAAmB,MAAM,WAA2B;AAAA,IAAA;AAAA,EAE9D;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,OAAO,KAAc;AACzB,UAAM,EAAE,iBAAA+C,kBAAiB,gBAAAtJ,iBAAgB,mBAAAD,mBAAkB,IAAI,WAAW,YAAY;AAEhF,UAAAQ,WAAUP,gBAAe;AACzB,UAAAgD,cAAajD,mBAAkB;AACrC,UAAM,WAAW,MAAMuJ,iBAAgB,MAAM/I,QAAO;AAEpD,QAAI,OAAO;AAAA,MACT,MAAM;AAAA;AAAA,QAEJ,YAAY,iBAAiByC,WAAU;AAAA,QACvC;AAAA,MACF;AAAA,IAAA;AAAA,EAEJ;AACF;AC9CA,MAAM,mBAAmB9C,QAAA,IACtB,OAAO,EACP,MAAM;AAAA,EACL,MAAMA,QAAI,IAAA,OAAA,EAAS,IAAI,CAAC,EAAE,SAAS;AAAA,EACnC,aAAaA,QAAA,IAAI,OAAO,EAAE,SAAS;AACrC,CAAC,EACA,UAAU;AAEb,MAAM,oBAAoBA,QAAA,IACvB,OAAO,EACP,MAAM;AAAA,EACL,KAAKA,QACF,IAAA,MAAA,EACA,GAAGA,QAAAA,IAAI,UAAU,EACjB,IAAI,CAAC,EACL,WACA,KAAK,yBAAyB,qCAAqC,eAAgB,KAAK;AACnF,QAAA;AACF,YAAM,OAAO,QAAQ,aAAa,EAAE,wBAAwB,GAAG;AAAA,aACxD,GAAG;AAEH,aAAA,KAAK,YAAY,EAAE,MAAM,OAAO,SAAS,EAAE,SAAS;AAAA,IAC7D;AAEO,WAAA;AAAA,EAAA,CACR;AACL,CAAC,EACA,UAAU;AAEb,MAAM,mBAAmBA,QAAAA,IACtB,SAAA,EACA,SAAA,EACA,KAAK,0BAA0B,oCAAoC,eAAgB,IAAI;AAClF,MAAA;AACF,UAAM,OAAO,QAAQ,aAAa,EAAE,wBAAwB,CAAC,EAAE,CAAC;AAAA,WACzD,GAAG;AAEH,WAAA,KAAK,YAAY,EAAE,MAAM,MAAM,SAAS,EAAE,SAAS;AAAA,EAC5D;AAEO,SAAA;AACT,CAAC;AAEH,MAAM,mBAAmBA,QAAA,IACtB,OAAO,EACP,MAAM;AAAA,EACL,MAAMA,QAAAA,IAAI,SAAS,IAAI,CAAC;AAAA,EACxB,aAAaA,QAAA,IAAI,OAAO,EAAE,SAAS;AACrC,CAAC,EACA,UAAU;AAEA,MAAA,0BAA0BE,QAAAA,kBAAkB,gBAAgB;AAC5D,MAAA,0BAA0BA,QAAAA,kBAAkB,gBAAgB;AAC5D,MAAA,2BAA2BA,QAAAA,kBAAkB,iBAAiB;AAC9D,MAAA,0BAA0BA,0BAAkB,gBAAgB;ACjCzE,MAAM,EAAEa,kBAAAA,mBAAqB,IAAA7B;AAC7B,MAAM,EAAE,iBAAqB,IAAAH;AAE7B,MAAe,OAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAKb,MAAM,OAAO,KAAc;AACnB,UAAA,EAAE,KAAK,IAAI,IAAI;AACrB,UAAM,wBAAwB,IAAI;AAE5B,UAAA,cAAc,WAAW,MAAM;AAErC,UAAMuC,QAAO,MAAM,YAAY,OAAO,IAAI;AACpC,UAAA,gBAAgB,YAAY,aAAaA,KAAI;AAEnD,QAAI,QAAQ,EAAE,MAAM,cAAyC,CAAA;AAAA,EAC/D;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,QAAQ,KAAc;AACpB,UAAA,EAAE,GAAG,IAAI,IAAI;AACb,UAAAA,QAAO,MAAM,WAAW,MAAM,EAAE,sBAAsB,EAAE,IAAI;AAElE,QAAI,CAACA,OAAM;AACF,aAAA,IAAI,SAAS,eAAe;AAAA,IACrC;AAEA,QAAI,OAAO;AAAA,MACT,MAAMA;AAAA,IAAA;AAAA,EAEV;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,QAAQ,KAAc;AACpB,UAAA,EAAE,MAAM,IAAI,IAAI;AAEtB,UAAM,qBAAqB,WAAW,YAAY,EAAE,yBAAyB;AAAA,MAC3E,SAAS,IAAI,MAAM;AAAA,MACnB,OAAO;AAAA,IAAA,CACR;AAEK,UAAA,mBAAmB,cAAc,KAAK;AAC5C,UAAM,iBAAiB,MAAM,mBAAmB,cAAc,KAAK;AAEnE,UAAMX,SAAQ,MAAM,WAAW,MAAM,EAAE,sBAAsB,cAAc;AAE3E,QAAI,OAAO;AAAA,MACT,MAAMA;AAAA,IAAA;AAAA,EAEV;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,OAAO,KAAc;AACnB,UAAA,EAAE,GAAG,IAAI,IAAI;AACb,UAAA,EAAE,KAAK,IAAI,IAAI;AAEf,UAAA,cAAc,WAAW,MAAM;AAErC,UAAM,wBAAwB,IAAI;AAElC,UAAMW,QAAO,MAAM,YAAY,QAAQ,EAAE,GAAI,CAAA;AAE7C,QAAI,CAACA,OAAM;AACF,aAAA,IAAI,SAAS,eAAe;AAAA,IACrC;AAEI,QAAAA,MAAK,SAAS,kBAAkB;AAC5B,YAAA,IAAIP,mBAAiB,8BAA8B;AAAA,IAC3D;AAEA,UAAM,cAAc,MAAM,YAAY,OAAO,EAAE,GAAA,GAAM,IAAI;AACnD,UAAA,gBAAgB,YAAY,aAAa,WAAW;AAK1D,QAAI,OAAO;AAAA,MACT,MAAM;AAAA,IAAA;AAAA,EAEV;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,eAAe,KAAc;AAC3B,UAAA,EAAE,GAAG,IAAI,IAAI;AAEb,UAAA,cAAc,WAAW,MAAM;AAC/B,UAAA,oBAAoB,WAAW,YAAY;AAEjD,UAAMO,QAAO,MAAM,YAAY,QAAQ,EAAE,GAAI,CAAA;AAE7C,QAAI,CAACA,OAAM;AACF,aAAA,IAAI,SAAS,eAAe;AAAA,IACrC;AAEA,UAAMhB,eAAc,MAAM,kBAAkB,SAAS,EAAE,OAAO,EAAE,MAAM,EAAE,IAAIgB,MAAK,GAAG,EAAA,EAAK,CAAA;AAEzF,UAAM,uBAAuBhB,aAAY,IAAI,kBAAkB,kBAAkB;AAEjF,QAAI,OAAO;AAAA;AAAA,MAET,MAAM;AAAA,IAAA;AAAA,EAEV;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,kBAAkB,KAAc;AAC9B,UAAA,EAAE,GAAG,IAAI,IAAI;AACnB,UAAM,EAAE,MAAM,UAAU,IAAI;AAEtB,UAAA,cAAc,WAAW,MAAM;AAC/B,UAAA,oBAAoB,WAAW,YAAY;AAEjD,UAAMgB,QAAO,MAAM,YAAY,QAAQ,EAAE,GAAI,CAAA;AAE7C,QAAI,CAACA,OAAM;AACF,aAAA,IAAI,SAAS,eAAe;AAAA,IACrC;AAEI,QAAAA,MAAK,SAAS,kBAAkB;AAC5B,YAAA,IAAIP,mBAAiB,0CAA0C;AAAA,IACvE;AAEA,UAAM,gCAAgC,KAAK;AAE3C,QAAI,CAACO,OAAM;AACF,aAAA,IAAI,SAAS,eAAe;AAAA,IACrC;AAEA,UAAMhB,eAAc,MAAM,YAAY,kBAAkBgB,MAAK,IAAI,MAAM,WAAW;AAElF,UAAM,uBAAuBhB,aAAY,IAAI,kBAAkB,kBAAkB;AAEjF,QAAI,OAAO;AAAA,MACT,MAAM;AAAA,IAAA;AAAA,EAEV;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,UAAU,KAAc;AACtB,UAAA,EAAE,GAAG,IAAI,IAAI;AAEnB,UAAM,wBAAwB,EAAE;AAE1B,UAAA,cAAc,WAAW,MAAM;AAErC,UAAMK,SAAQ,MAAM,YAAY,YAAY,CAAC,EAAE,CAAC;AAE1C,UAAA,gBAAgBA,OAAM,IAAI,CAACW,UAAS,YAAY,aAAaA,KAAI,CAAC,EAAE,CAAC,KAAK;AAEhF,WAAO,IAAI,QAAQ;AAAA,MACjB,MAAM;AAAA,IAAA,CACmB;AAAA,EAC7B;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,WAAW,KAAc;AACvB,UAAA,EAAE,KAAK,IAAI,IAAI;AAErB,UAAM,yBAAyB,IAAI;AAE7B,UAAA,cAAc,WAAW,MAAM;AAErC,UAAMX,SAAQ,MAAM,YAAY,YAAY,KAAK,GAAG;AACpD,UAAM,iBAAiBA,OAAM,IAAI,YAAY,YAAY;AAEzD,WAAO,IAAI,QAAQ;AAAA,MACjB,MAAM;AAAA,IAAA,CACwB;AAAA,EAClC;AACF;ACjNA,MAAM;AAAA,EACJ,QAAQ;AAAA,IACN,UAAU,EAAE,sBAAsB,qBAAqB;AAAA,EACzD;AACF,IAAI0I;AAEJ,MAAM,EAAE,kBAAsB,IAAAnK;AAM9B,MAAM,SAAS,OAAO,KAAc,UAA+D;AAC3F,QAAA,EAAE,MAAAS,MAAK,IAAI,IAAI;AAErB,MAAI,CAACA,OAAM;AACT,UAAM,IAAI,kBAAkB;AAAA,EAC9B;AAEA,QAAM,yBAAyB,OAAOA,OAAM,EAAE,MAAO,CAAA;AACvD;AAEO,MAAM,OAAO,qBAAqB,EAAE,OAAA,CAAQ;AAC5C,MAAM,OAAO,qBAAqB,EAAE,OAAA,CAAQ;AAEnD,MAAe,SAAA;AAAA,EACb;AAAA,EACA;AACF;AC/BA,MAAM,8BAA8BK,QAAA,IACjC,OAAO,EACP,MAAM;AAAA,EACL,MAAMA,QAAI,IAAA,OAAA,EAAS,IAAI,CAAC,EAAE,SAAS;AAAA,EACnC,aAAaA,QAAA,IAAI,OAAO,EAAE,SAAS;AAAA,EACnC,aAAaA,QACV,IAAA,QACA,IAAI,CAAC,EACL,GAAGA,QAAA,IAAI,SAAS,MAAM,OAAO,OAAOjB,YAAU,mBAAmB,CAAC,CAAC,EACnE,SAAS;AAAA,EACZ,UAAUiB,QAAAA,IACP,SACA,IAAI,CAAC,EACL,MAAM,OAAO,OAAOjB,YAAU,wBAAwB,CAAC,EACvD,SAAS;AACd,CAAC,EACA,YACA;AAEH,MAAM,4BAA4BiB,QAAA,IAC/B,OAAO,EACP,MAAM;AAAA,EACL,MAAMA,QAAI,IAAA,OAAA,EAAS,IAAI,CAAC,EAAE,QAAQ;AAAA,EAClC,aAAaA,QAAA,IAAI,OAAO,EAAE,SAAS;AAAA,EACnC,aAAaA,QACV,IAAA,QACA,IAAI,CAAC,EACL,GAAGA,QAAA,IAAI,SAAS,MAAM,OAAO,OAAOjB,YAAU,mBAAmB,CAAC,CAAC,EACnE,SAAS;AACd,CAAC,EACA,YACA;AAEU,MAAAuK,uCAAqCpJ,QAAAA,kBAAkB,2BAA2B;AAClF,MAAAqJ,qCAAmCrJ,QAAAA,kBAAkB,yBAAyB;AAE3F,MAAe,UAAA;AAAA,EAAA,oCACboJ;AAAAA,EAAA,kCACAC;AACF;AC3BA,MAAM,EAAExI,kBAAAA,mBAAqB,IAAA7B;AAE7B,MAAM,EAAE,oCAAoC,iCAAqC,IAAAJ;AAEjF,MAAe,QAAA;AAAA,EACb,MAAM,KAAK,KAAc;AACjB,UAAA,kBAAkB,WAAW,UAAU;AAC7C,UAAM,iBAAiB,MAAM,gBAAgB,MAAM,KAAK;AAEpD,QAAA,OAAO,EAAE,MAAM,eAAe;AAAA,EACpC;AAAA,EAEA,MAAM,QAAQ,KAAc;AACpB,UAAA,EAAE,GAAG,IAAI,IAAI;AACb,UAAA,eAAe,WAAW,UAAU,EAAE;AAE5C,UAAM0B,iBAAgB,MAAM,aAAa,QAAQ,EAAE;AAEnD,QAAI,CAACA,gBAAe;AAClB,UAAI,SAAS,0BAA0B;AACvC;AAAA,IACF;AAEI,QAAA,OAAO,EAAE,MAAMA,eAAc;AAAA,EACnC;AAAA,EAEA,MAAM,OAAO,KAAc;AACnB,UAAA,EAAE,KAAK,IAAI,IAAI;AACrB,UAAM,EAAE,OAAO,aAAa,IAAI,WAAW,UAAU;AAOrD,UAAM,aAAa;AAAA,MACjB,MAAMqI,GAAAA,KAAK,KAAK,IAAI;AAAA,MACpB,aAAaA,GAAAA,KAAK,KAAK,WAAW;AAAA,MAClC,aAAa,KAAK;AAAA,MAClB,UAAU,KAAK;AAAA,IAAA;AAGjB,UAAM,mCAAmC,UAAU;AAE7C,UAAA,gBAAgB,MAAM,aAAa,OAAO,EAAE,MAAM,WAAW,MAAM;AACzE,QAAI,eAAe;AACX,YAAA,IAAI9H,mBAAiB,oBAAoB;AAAA,IACjD;AAEA,UAAM,iBAAiB,MAAM,aAAa,OAAO,UAAU;AAE3D,QAAI,QAAQ,EAAE,MAAM,eAA+C,CAAA;AAAA,EACrE;AAAA,EAEA,MAAM,OAAO,KAAc;AACnB,UAAA,EAAE,KAAK,IAAI,IAAI;AACf,UAAA,EAAE,GAAG,IAAI,IAAI;AACnB,UAAM,EAAE,OAAO,aAAa,IAAI,WAAW,UAAU;AAErD,UAAM,aAAa;AAMf,QAAAmB,GAAA,IAAI,QAAQ,UAAU,GAAG;AAChB,iBAAA,OAAO2G,GAAAA,KAAK,KAAK,IAAI;AAAA,IAClC;AAEA,QAAI3G,GAAAA,IAAI,eAAe,UAAU,KAAK,WAAW,gBAAgB,MAAM;AAC1D,iBAAA,cAAc2G,GAAAA,KAAK,KAAK,WAAW;AAAA,IAChD;AAEA,UAAM,iCAAiC,UAAU;AAEjD,UAAM,iBAAiB,MAAM,aAAa,QAAQ,EAAE;AACpD,QAAI,CAAC,gBAAgB;AACZ,aAAA,IAAI,SAAS,0BAA0B;AAAA,IAChD;AAEI,QAAA3G,GAAA,IAAI,QAAQ,UAAU,GAAG;AAC3B,YAAM,mBAAmB,MAAM,aAAa,UAAU,WAAW,IAAI;AAOjE,UAAA,CAAC,CAAC,oBAAoB,CAAC6G,gBAAQ,QAAQ,iBAAiB,IAAI,EAAE,GAAG;AAC7D,cAAA,IAAIhI,mBAAiB,oBAAoB;AAAA,MACjD;AAAA,IACF;AAEA,UAAM3B,YAAW,MAAM,aAAa,OAAO,IAAI,UAAU;AAErD,QAAA,OAAO,EAAE,MAAMA,UAAS;AAAA,EAC9B;AAAA,EAEA,MAAM,OAAO,KAAc;AACnB,UAAA,EAAE,GAAG,IAAI,IAAI;AACnB,UAAM,EAAE,OAAO,aAAa,IAAI,WAAW,UAAU;AAErD,UAAMoB,iBAAgB,MAAM,aAAa,OAAO,EAAE;AAElD,QAAI,QAAQ,EAAE,MAAMA,eAA8C,CAAA;AAAA,EACpE;AAAA,EAEA,MAAM,WAAW,KAAc;AACvB,UAAA,EAAE,GAAG,IAAI,IAAI;AACnB,UAAM,EAAE,OAAO,aAAa,IAAI,WAAW,UAAU;AAErD,UAAMgC,UAAS,MAAM,aAAa,QAAQ,EAAE;AAC5C,QAAI,CAACA,SAAQ;AACX,UAAI,SAAS,0BAA0B;AACvC;AAAA,IACF;AAEA,UAAM,cAAc,MAAM,aAAa,WAAW,EAAE;AAEpD,QAAI,QAAQ,EAAE,MAAM,YAAgD,CAAA;AAAA,EACtE;AACF;ACpIA,MAAM,oBAAoB,CAAC,QAAgB,SAAcgH,GAAAA,QAAQ,CAAC,QAAQ,GAAG,MAAM,IAAI,GAAG,IAAI,IAAI;AAElG,MAAe,WAAA;AAAA,EACb,GAAG,kBAAkB,UAAU,MAAM;AAAA,EACrC,GAAG,kBAAkB,SAAS,KAAK;AACrC;ACWA,MAAM,EAAE,iBAAqB,IAAAtK;AAE7B,MAAe,OAAA;AAAA,EACb,MAAM,OAAO,KAAc;AACnB,UAAA,EAAE,KAAK,IAAI,IAAI;AACrB,UAAM,YAAY,EAAE,GAAG,MAAM,OAAOe,aAAE,IAAI,MAAM,SAAS,EAAE,EAAE,YAAc,EAAA;AAE3E,UAAM,0BAA0B,SAAS;AAEnC,UAAA,aAAaA,aAAE,KAAK,WAAW;AAAA,MACnC;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IAAA,CACD;AAED,UAAM,oBAAoB,MAAM,WAAW,MAAM,EAAE,OAAO;AAAA,MACxD,OAAO,WAAW;AAAA,IAAA,CACnB;AAED,QAAI,mBAAmB;AACf,YAAA,IAAI,iBAAiB,qBAAqB;AAAA,IAClD;AAEA,UAAM,cAAc,MAAM,WAAW,MAAM,EAAE,OAAO,UAAU;AAE9D,UAAM,WAAW,WAAW,MAAM,EAAE,aAAa,WAAW;AAI5D,WAAO,OAAO,UAAU,EAAE,mBAAmB,YAAY,mBAAmB;AAG5E,QAAI,QAAQ,EAAE,MAAM,SAAoC,CAAA;AAAA,EAC1D;AAAA,EAEA,MAAM,KAAK,KAAc;AACjB,UAAA,cAAc,WAAW,MAAM;AAErC,UAAM,qBAAqB,OAAO,QAAQ,mBAAmB,EAAE,yBAAyB;AAAA,MACtF,SAAS,IAAI,MAAM;AAAA,MACnB,OAAO;AAAA,IAAA,CACR;AAEK,UAAA,mBAAmB,cAAc,IAAI,KAAK;AAChD,UAAM,iBAAiB,MAAM,mBAAmB,cAAc,IAAI,KAAK;AAGvE,UAAM,EAAE,SAAS,eAAe,MAAM,YAAY,SAAS,cAAc;AAEzE,QAAI,OAAO;AAAA,MACT,MAAM;AAAA,QACJ,SAAS,QAAQ,IAAI,CAACnC,UAAoB,YAAY,aAAaA,KAAI,CAAC;AAAA,QACxE;AAAA,MACF;AAAA,IAAA;AAAA,EAEJ;AAAA,EAEA,MAAM,QAAQ,KAAc;AACpB,UAAA,EAAE,GAAG,IAAI,IAAI;AAEnB,UAAMA,QAAO,MAAM,WAAW,MAAM,EAAE,QAAQ,EAAE;AAEhD,QAAI,CAACA,OAAM;AACF,aAAA,IAAI,SAAS,qBAAqB;AAAA,IAC3C;AAEA,QAAI,OAAO;AAAA,MACT,MAAM,WAAW,MAAM,EAAE,aAAaA,KAAiB;AAAA,IAAA;AAAA,EAE3D;AAAA,EAEA,MAAM,OAAO,KAAc;AACnB,UAAA,EAAE,GAAG,IAAI,IAAI;AACnB,UAAM,EAAE,MAAM,UAAU,IAAI;AAE5B,UAAM,wBAAwB,KAAK;AAEnC,QAAImC,aAAE,IAAI,OAAO,OAAO,GAAG;AACzB,YAAM,mBAAmB,MAAM,WAAW,MAAM,EAAE,OAAO;AAAA,QACvD,IAAI,EAAE,KAAK,GAAG;AAAA,QACd,OAAO,MAAM;AAAA,MAAA,CACd;AAED,UAAI,kBAAkB;AACd,cAAA,IAAI,iBAAiB,+CAA+C;AAAA,MAC5E;AAAA,IACF;AAEA,UAAM,cAAc,MAAM,WAAW,MAAM,EAAE,WAAW,IAAI,KAAK;AAEjE,QAAI,CAAC,aAAa;AACT,aAAA,IAAI,SAAS,qBAAqB;AAAA,IAC3C;AAEA,QAAI,OAAO;AAAA,MACT,MAAM,WAAW,MAAM,EAAE,aAAa,WAAW;AAAA,IAAA;AAAA,EAErD;AAAA,EAEA,MAAM,UAAU,KAAc;AACtB,UAAA,EAAE,GAAG,IAAI,IAAI;AAEnB,UAAM,cAAc,MAAM,WAAW,MAAM,EAAE,WAAW,EAAE;AAE1D,QAAI,CAAC,aAAa;AACT,aAAA,IAAI,SAAS,gBAAgB;AAAA,IACtC;AAEA,WAAO,IAAI,QAAQ;AAAA,MACjB,MAAM,WAAW,MAAM,EAAE,aAAa,WAAW;AAAA,IAAA,CACrB;AAAA,EAChC;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,WAAW,KAAc;AACvB,UAAA,EAAE,KAAK,IAAI,IAAI;AACrB,UAAM,yBAAyB,IAAI;AAEnC,UAAM2C,SAAQ,MAAM,WAAW,MAAM,EAAE,YAAY,KAAK,GAAG;AAE3D,UAAM,iBAAiBA,OAAM,IAAI,WAAW,MAAM,EAAE,YAAY;AAEhE,WAAO,IAAI,QAAQ;AAAA,MACjB,MAAM;AAAA,IAAA,CACuB;AAAA,EACjC;AACF;AClIA,MAAM,WACJ;AAEF,MAAM,mBAAmB5C,YACtB,OAAO;AAAA,EACN,MAAMA,QAAA,IAAI,OAAO,EAAE,SAAS;AAAA,EAC5B,KAAKA,QAAAA,IACF,SACA,QAAQ,UAAU,yBAAyB,EAC3C,SAAA,EACA;AAAA,IACC;AAAA,IACA;AAAA,IACA,OAAO,QAAQ;AACT,UAAA,QAAQ,IAAI,aAAa,cAAc;AAClC,eAAA;AAAA,MACT;AAEI,UAAA;AACF,cAAM,YAAY,IAAI,IAAIyJ,kBAAS,QAAA,QAAQ,GAAI,CAAC;AAChD,cAAM,aAAa,MAAMC,uBAAAA,QAAc,UAAU,QAAQ;AACzD,eAAO,CAAC;AAAA,MAAA,QACF;AACC,eAAA;AAAA,MACT;AAAA,IACF;AAAA,EACF;AAAA,EACF,SAAS1J,QAAA,IAAI,KAAK,CAAC,SAAS;AACtB,QAAA,OAAO,SAAS,UAAU;AACrB,aAAAA,YAAI,SAAS;IACtB;AAEA,WAAOA,QACJ,IAAA;AAAA;AAAA,MAECC,qBAAE,UAAU,MAAM,MAAM;AACtBD,gBAAA,IAAI,OAAO,EAAE,IAAI,CAAC,EAAE,SAAS;AAAA,MAAA,CAC9B;AAAA,MAEF,SAAS;AAAA,EAAA,CACb;AAAA,EACD,QAAQA,QAAAA,IAAI,QAAQ,GAAGA,QAAAA,IAAI,OAAA,CAAQ,EAAE,SAAS;AAChD,CAAC,EACA,UAAU;AAEb,MAAM,yBAAyB,iBAAiB,MAAM;AAAA,EACpD,WAAWA,YAAI,QAAQ;AACzB,CAAC;AAED,MAAe,WAAA;AAAA,EACb,MAAM,aAAa,KAAc;AAC/B,UAAMY,YAAW,MAAM,OAAO,IAAI,cAAc,EAAE;AAClD,QAAI,KAAK,EAAE,MAAMA,UAAyC,CAAA;AAAA,EAC5D;AAAA,EAEA,MAAM,WAAW,KAAc;AACvB,UAAA,EAAE,GAAG,IAAI,IAAI;AACnB,UAAM,UAAU,MAAM,OAAO,IAAI,cAAc,EAAE,YAAY,EAAE;AAE/D,QAAI,CAAC,SAAS;AACL,aAAA,IAAI,SAAS,kBAAkB;AAAA,IACxC;AAEA,QAAI,KAAK,EAAE,MAAM,QAAuC,CAAA;AAAA,EAC1D;AAAA,EAEA,MAAM,cAAc,KAAc;AAC1B,UAAA,EAAE,KAAK,IAAI,IAAI;AAEf,UAAAV,0BAAkB,gBAAgB,EAAE,IAAI;AAE9C,UAAM,UAAU,MAAM,OAAO,IAAI,cAAc,EAAE,cAAc,IAAI;AAEnE,WAAO,IAAI,eAAe,EAAE,IAAI,OAAO;AAEvC,QAAI,QAAQ,EAAE,MAAM,QAA0C,CAAA;AAAA,EAChE;AAAA,EAEA,MAAM,cAAc,KAAc;AAC1B,UAAA,EAAE,GAAG,IAAI,IAAI;AACb,UAAA,EAAE,KAAK,IAAI,IAAI;AAEf,UAAAA,0BAAkB,sBAAsB,EAAE,IAAI;AAEpD,UAAM,UAAU,MAAM,OAAO,IAAI,cAAc,EAAE,YAAY,EAAE;AAE/D,QAAI,CAAC,SAAS;AACL,aAAA,IAAI,SAAS,kBAAkB;AAAA,IACxC;AAEA,UAAM,iBAAiB,MAAM,OAAO,IAAI,cAAc,EAAE,cAAc,IAAI;AAAA,MACxE,GAAG;AAAA,MACH,GAAG;AAAA,IAAA,CACJ;AAED,QAAI,CAAC,gBAAgB;AACZ,aAAA,IAAI,SAAS,kBAAkB;AAAA,IACxC;AAEA,WAAO,IAAI,eAAe,EAAE,OAAO,cAAc;AAEjD,QAAI,KAAK,EAAE,MAAM,eAAiD,CAAA;AAAA,EACpE;AAAA,EAEA,MAAM,cAAc,KAAc;AAC1B,UAAA,EAAE,GAAG,IAAI,IAAI;AACnB,UAAM,UAAU,MAAM,OAAO,IAAI,cAAc,EAAE,YAAY,EAAE;AAE/D,QAAI,CAAC,SAAS;AACL,aAAA,IAAI,SAAS,kBAAkB;AAAA,IACxC;AAEA,UAAM,OAAO,IAAI,cAAc,EAAE,cAAc,EAAE;AAEjD,WAAO,IAAI,eAAe,EAAE,OAAO,OAAO;AAEtC,QAAA,OAAO,EAAE,MAAM,QAAQ;AAAA,EAC7B;AAAA,EAEA,MAAM,eAAe,KAAc;AACjC,UAAM,EAAE,IAAQ,IAAA,IAAI,QAAQ;AAE5B,QAAI,CAAC,MAAM,QAAQ,GAAG,KAAK,IAAI,WAAW,GAAG;AACpC,aAAA,IAAI,WAAW,4BAA4B;AAAA,IACpD;AAEA,eAAW,MAAM,KAAK;AACpB,YAAM,UAAU,MAAM,OAAO,IAAI,cAAc,EAAE,YAAY,EAAE;AAE/D,UAAI,SAAS;AACX,cAAM,OAAO,IAAI,cAAc,EAAE,cAAc,EAAE;AACjD,eAAO,IAAI,eAAe,EAAE,OAAO,OAAO;AAAA,MAC5C;AAAA,IACF;AAEA,QAAI,KAAK,EAAE,MAAM,IAAuC,CAAA;AAAA,EAC1D;AAAA,EAEA,MAAM,eAAe,KAAc;AAC3B,UAAA,EAAE,GAAG,IAAI,IAAI;AAEnB,UAAM,UAAU,MAAM,OAAO,IAAI,cAAc,EAAE,YAAY,EAAE;AAEzD,UAAA,WAAW,MAAM,OACpB,IAAI,eAAe,EACnB,IAAI,SAAyC,gBAAgB,CAAA,CAAE;AAE9D,QAAA,OAAO,EAAE,MAAM,SAAS;AAAA,EAC9B;AACF;ACtKA,MAAe,aAAA;AAAA,EACb,MAAM,eAAe,KAAc;AACjC,UAAM,aAAa,MAAM,OAAO,WAAW,YAAY,cAAc;AAErE,QAAI,KAAK,EAAE,MAAM,WAA8C,CAAA;AAAA,EACjE;AAAA,EAEA,MAAM,UAAU,KAAc;AAC5B,UAAM,YAAY,MAAM,OAAO,WAAW,aAAa;AAEvD,QAAI,KAAK,EAAE,MAAM,UAAwC,CAAA;AAAA,EAC3D;AACF;ACHA,MAAe,UAAA;AAAA,EACb;AAAA,EACA,aAAad;AAAAA,EACb,sBAAsB;AAAA,EACtB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA,eAAe;AACjB;ACpBA,MAAe,aAAA;AAAA,EACb,gBAAgB;AAAA,EAChB,MAAM;AAAA,IACJ,MAAM;AAAA,IACN,aAAa;AAAA,IACb,cAAc;AAAA,IACd,YAAY;AAAA,IACZ,aAAa;AAAA,EACf;AAAA,EACA,SAAS,CAAC;AAAA,EACV,eAAe;AAAA,IACb,mBAAmB;AAAA,MACjB,SAAS;AAAA,IACX;AAAA,IACA,wBAAwB;AAAA,MACtB,SAAS;AAAA,IACX;AAAA,EACF;AAAA,EACA,YAAY;AAAA,IACV,QAAQ;AAAA,MACN,MAAM;AAAA,MACN,WAAW;AAAA,MACX,cAAc;AAAA,MACd,UAAU;AAAA,IACZ;AAAA,IACA,kBAAkB;AAAA,MAChB,MAAM;AAAA,MACN,cAAc;AAAA,MACd,UAAU;AAAA,MACV,SAAS,CAAC;AAAA,IACZ;AAAA,IACA,SAAS;AAAA,MACP,MAAM;AAAA,MACN,WAAW;AAAA,MACX,cAAc;AAAA,MACd,UAAU;AAAA,IACZ;AAAA,IACA,YAAY;AAAA,MACV,MAAM;AAAA,MACN,cAAc;AAAA,MACd,UAAU;AAAA,MACV,SAAS,CAAC;AAAA,IACZ;AAAA,IACA,YAAY;AAAA,MACV,MAAM;AAAA,MACN,cAAc;AAAA,MACd,UAAU;AAAA,MACV,SAAS,CAAC;AAAA,IACZ;AAAA,IACA,MAAM;AAAA,MACJ,cAAc;AAAA,MACd,MAAM;AAAA,MACN,UAAU;AAAA,MACV,YAAY;AAAA,MACZ,QAAQ;AAAA,IACV;AAAA,EACF;AACF;AC7DA,MAAe,OAAA;AAAA,EACb,gBAAgB;AAAA,EAChB,MAAM;AAAA,IACJ,MAAM;AAAA,IACN,aAAa;AAAA,IACb,cAAc;AAAA,IACd,YAAY;AAAA,IACZ,aAAa;AAAA,EACf;AAAA,EACA,eAAe;AAAA,IACb,mBAAmB;AAAA,MACjB,SAAS;AAAA,IACX;AAAA,IACA,wBAAwB;AAAA,MACtB,SAAS;AAAA,IACX;AAAA,EACF;AAAA,EACA,YAAY;AAAA,IACV,WAAW;AAAA,MACT,MAAM;AAAA,MACN,QAAQ;AAAA,MACR,WAAW;AAAA,MACX,cAAc;AAAA,MACd,UAAU;AAAA,IACZ;AAAA,IACA,UAAU;AAAA,MACR,MAAM;AAAA,MACN,QAAQ;AAAA,MACR,WAAW;AAAA,MACX,cAAc;AAAA,MACd,UAAU;AAAA,IACZ;AAAA,IACA,UAAU;AAAA,MACR,MAAM;AAAA,MACN,QAAQ;AAAA,MACR,cAAc;AAAA,MACd,UAAU;AAAA,IACZ;AAAA,IACA,OAAO;AAAA,MACL,MAAM;AAAA,MACN,WAAW;AAAA,MACX,cAAc;AAAA,MACd,UAAU;AAAA,MACV,QAAQ;AAAA,MACR,SAAS;AAAA,IACX;AAAA,IACA,UAAU;AAAA,MACR,MAAM;AAAA,MACN,WAAW;AAAA,MACX,cAAc;AAAA,MACd,UAAU;AAAA,MACV,SAAS;AAAA,MACT,YAAY;AAAA,IACd;AAAA,IACA,oBAAoB;AAAA,MAClB,MAAM;AAAA,MACN,cAAc;AAAA,MACd,SAAS;AAAA,MACT,YAAY;AAAA,IACd;AAAA,IACA,mBAAmB;AAAA,MACjB,MAAM;AAAA,MACN,cAAc;AAAA,MACd,SAAS;AAAA,MACT,YAAY;AAAA,IACd;AAAA,IACA,UAAU;AAAA,MACR,MAAM;AAAA,MACN,SAAS;AAAA,MACT,cAAc;AAAA,MACd,SAAS;AAAA,IACX;AAAA,IACA,OAAO;AAAA,MACL,cAAc;AAAA,MACd,SAAS;AAAA,MACT,MAAM;AAAA,MACN,UAAU;AAAA,MACV,YAAY;AAAA,MACZ,QAAQ;AAAA;AAAA,MAER,gBAAgB;AAAA,IAClB;AAAA,IACA,SAAS;AAAA,MACP,MAAM;AAAA,MACN,SAAS;AAAA,MACT,cAAc;AAAA,MACd,SAAS;AAAA,IACX;AAAA,IACA,kBAAkB;AAAA,MAChB,MAAM;AAAA,MACN,cAAc;AAAA,MACd,UAAU;AAAA,MACV,YAAY;AAAA,IACd;AAAA,EACF;AAAA,EACA,QAAQ;AAAA,IACN,YAAY;AAAA,MACV,oBAAoB;AAAA,QAClB,QAAQ;AAAA,MACV;AAAA,MACA,mBAAmB;AAAA,QACjB,QAAQ;AAAA,MACV;AAAA,IACF;AAAA,EACF;AACF;ACrGA,MAAe,OAAA;AAAA,EACb,gBAAgB;AAAA,EAChB,MAAM;AAAA,IACJ,MAAM;AAAA,IACN,aAAa;AAAA,IACb,cAAc;AAAA,IACd,YAAY;AAAA,IACZ,aAAa;AAAA,EACf;AAAA,EACA,SAAS,CAAC;AAAA,EACV,eAAe;AAAA,IACb,mBAAmB;AAAA,MACjB,SAAS;AAAA,IACX;AAAA,IACA,wBAAwB;AAAA,MACtB,SAAS;AAAA,IACX;AAAA,EACF;AAAA,EACA,YAAY;AAAA,IACV,MAAM;AAAA,MACJ,MAAM;AAAA,MACN,WAAW;AAAA,MACX,QAAQ;AAAA,MACR,cAAc;AAAA,MACd,UAAU;AAAA,IACZ;AAAA,IACA,MAAM;AAAA,MACJ,MAAM;AAAA,MACN,WAAW;AAAA,MACX,QAAQ;AAAA,MACR,cAAc;AAAA,MACd,UAAU;AAAA,IACZ;AAAA,IACA,aAAa;AAAA,MACX,MAAM;AAAA,MACN,cAAc;AAAA,IAChB;AAAA,IACA,OAAO;AAAA,MACL,cAAc;AAAA,MACd,MAAM;AAAA,MACN,UAAU;AAAA,MACV,UAAU;AAAA,MACV,QAAQ;AAAA,IACV;AAAA,IACA,aAAa;AAAA,MACX,cAAc;AAAA,MACd,MAAM;AAAA,MACN,UAAU;AAAA,MACV,UAAU;AAAA,MACV,QAAQ;AAAA,IACV;AAAA,EACF;AACF;ACtDA,MAAe,WAAA;AAAA,EACb,gBAAgB;AAAA,EAChB,MAAM;AAAA,IACJ,MAAM;AAAA,IACN,cAAc;AAAA,IACd,YAAY;AAAA,IACZ,aAAa;AAAA,IACb,aAAa;AAAA,EACf;AAAA,EACA,SAAS,CAAC;AAAA,EACV,eAAe;AAAA,IACb,mBAAmB;AAAA,MACjB,SAAS;AAAA,IACX;AAAA,IACA,wBAAwB;AAAA,MACtB,SAAS;AAAA,IACX;AAAA,EACF;AAAA,EACA,YAAY;AAAA,IACV,MAAM;AAAA,MACJ,MAAM;AAAA,MACN,WAAW;AAAA,MACX,cAAc;AAAA,MACd,UAAU;AAAA,MACV,QAAQ;AAAA,IACV;AAAA,IACA,aAAa;AAAA,MACX,MAAM;AAAA,MACN,WAAW;AAAA,MACX,cAAc;AAAA,MACd,UAAU;AAAA,MACV,SAAS;AAAA,IACX;AAAA,IACA,MAAM;AAAA,MACJ,MAAM;AAAA,MACN,MAAM,OAAO,OAAOL,YAAU,cAAc;AAAA,MAC5C,cAAc;AAAA,MACd,UAAU;AAAA,MACV,SAASA,YAAU,eAAe;AAAA,IACpC;AAAA,IACA,WAAW;AAAA,MACT,MAAM;AAAA,MACN,WAAW;AAAA,MACX,cAAc;AAAA,MACd,UAAU;AAAA,MACV,YAAY;AAAA,IACd;AAAA,IACA,YAAY;AAAA,MACV,MAAM;AAAA,MACN,cAAc;AAAA,MACd,UAAU;AAAA,IACZ;AAAA,IACA,aAAa;AAAA,MACX,MAAM;AAAA,MACN,QAAQ;AAAA,MACR,UAAU;AAAA,MACV,UAAU;AAAA,MACV,cAAc;AAAA,MACd,UAAU;AAAA,IACZ;AAAA,IACA,WAAW;AAAA,MACT,MAAM;AAAA,MACN,cAAc;AAAA,MACd,UAAU;AAAA,IACZ;AAAA,IACA,UAAU;AAAA,MACR,MAAM;AAAA,MACN,cAAc;AAAA,MACd,UAAU;AAAA,IACZ;AAAA,EACF;AACF;ACzEA,MAAe,qBAAA;AAAA,EACb,gBAAgB;AAAA,EAChB,MAAM;AAAA,IACJ,MAAM;AAAA,IACN,aAAa;AAAA,IACb,cAAc;AAAA,IACd,YAAY;AAAA,IACZ,aAAa;AAAA,EACf;AAAA,EACA,SAAS,CAAC;AAAA,EACV,eAAe;AAAA,IACb,mBAAmB;AAAA,MACjB,SAAS;AAAA,IACX;AAAA,IACA,wBAAwB;AAAA,MACtB,SAAS;AAAA,IACX;AAAA,EACF;AAAA,EACA,YAAY;AAAA,IACV,QAAQ;AAAA,MACN,MAAM;AAAA,MACN,WAAW;AAAA,MACX,cAAc;AAAA,MACd,UAAU;AAAA,IACZ;AAAA,IACA,OAAO;AAAA,MACL,cAAc;AAAA,MACd,MAAM;AAAA,MACN,UAAU;AAAA,MACV,YAAY;AAAA,MACZ,QAAQ;AAAA,IACV;AAAA,EACF;AACF;ACjCA,MAAe,gBAAA;AAAA,EACb,gBAAgB;AAAA,EAChB,MAAM;AAAA,IACJ,MAAM;AAAA,IACN,cAAc;AAAA,IACd,YAAY;AAAA,IACZ,aAAa;AAAA,IACb,aAAa;AAAA,EACf;AAAA,EACA,SAAS,CAAC;AAAA,EACV,eAAe;AAAA,IACb,mBAAmB;AAAA,MACjB,SAAS;AAAA,IACX;AAAA,IACA,wBAAwB;AAAA,MACtB,SAAS;AAAA,IACX;AAAA,EACF;AAAA,EACA,YAAY;AAAA,IACV,MAAM;AAAA,MACJ,MAAM;AAAA,MACN,WAAW;AAAA,MACX,cAAc;AAAA,MACd,UAAU;AAAA,MACV,QAAQ;AAAA,IACV;AAAA,IACA,aAAa;AAAA,MACX,MAAM;AAAA,MACN,WAAW;AAAA,MACX,cAAc;AAAA,MACd,UAAU;AAAA,MACV,SAAS;AAAA,IACX;AAAA,IACA,WAAW;AAAA,MACT,MAAM;AAAA,MACN,WAAW;AAAA,MACX,cAAc;AAAA,MACd,UAAU;AAAA,IACZ;AAAA,IACA,YAAY;AAAA,MACV,MAAM;AAAA,MACN,cAAc;AAAA,MACd,UAAU;AAAA,IACZ;AAAA,IACA,aAAa;AAAA,MACX,MAAM;AAAA,MACN,QAAQ;AAAA,MACR,UAAU;AAAA,MACV,UAAU;AAAA,MACV,cAAc;AAAA,MACd,UAAU;AAAA,IACZ;AAAA,IACA,WAAW;AAAA,MACT,MAAM;AAAA,MACN,cAAc;AAAA,MACd,UAAU;AAAA,IACZ;AAAA,IACA,UAAU;AAAA,MACR,MAAM;AAAA,MACN,cAAc;AAAA,MACd,UAAU;AAAA,IACZ;AAAA,EACF;AACF;AC/DA,MAAe,0BAAA;AAAA,EACb,gBAAgB;AAAA,EAChB,MAAM;AAAA,IACJ,MAAM;AAAA,IACN,aAAa;AAAA,IACb,cAAc;AAAA,IACd,YAAY;AAAA,IACZ,aAAa;AAAA,EACf;AAAA,EACA,SAAS,CAAC;AAAA,EACV,eAAe;AAAA,IACb,mBAAmB;AAAA,MACjB,SAAS;AAAA,IACX;AAAA,IACA,wBAAwB;AAAA,MACtB,SAAS;AAAA,IACX;AAAA,EACF;AAAA,EACA,YAAY;AAAA,IACV,QAAQ;AAAA,MACN,MAAM;AAAA,MACN,WAAW;AAAA,MACX,cAAc;AAAA,MACd,UAAU;AAAA,IACZ;AAAA,IACA,OAAO;AAAA,MACL,cAAc;AAAA,MACd,MAAM;AAAA,MACN,UAAU;AAAA,MACV,YAAY;AAAA,MACZ,QAAQ;AAAA,IACV;AAAA,EACF;AACF;ACzBA,MAAe,UAAA;AAAA,EACb,YAAY,EAAE,QAAQ,WAAW;AAAA,EACjC,MAAM,EAAE,QAAQ,KAAK;AAAA,EACrB,MAAM,EAAE,QAAQ,KAAK;AAAA,EACrB,aAAa,EAAE,QAAQ,SAAS;AAAA,EAChC,wBAAwB,EAAE,QAAQ,mBAAmB;AAAA,EACrD,kBAAkB,EAAE,QAAQ,cAAc;AAAA,EAC1C,6BAA6B,EAAE,QAAQ,wBAAwB;AACjE;ACVA,MAAM,EAAE,eAAe,IAAImJ,eAAM,QAAA;AAEjC,MAAe,YAAA,CAAC,QAAa,EAAE,QAAA7J,QAC7B,MAAA,OAAO,KAAc,SAAe;AAClC,MAAI,kBAAkBA,QAAO,OAAO,IAAI,iBAAiB;AAEzD,MAAI,CAAC,iBAAiB;AACF,sBAAA;AAAA,MAChB,SAAS;AAAA,IAAA;AAAA,EAEb;AAEA,MAAI,CAAC6D,GAAA,IAAI,WAAW,eAAe,GAAG;AACpC,oBAAgB,UAAU;AAAA,EAC5B;AAEI,MAAA,gBAAgB,YAAY,MAAM;AAG9B,UAAAyH,aAAY,QAAQ,gBAAgB,EAAE;AAE5C,UAAM,eAAe1G,GAAA,IAAI,oBAAoB,EAAE,GAAG;AAClD,UAAM,YAAY+D,GAAAA,SAAS,YAAY,IAAI,aAAa,YAAgB,IAAA;AAExE,UAAM,cAAcA,GAAAA,SAAS,IAAI,QAAQ,IAAI,IACzCpD,GAAQ,QAAAnF,sBAAK,UAAU,IAAI,QAAQ,IAAI,CAAC,EAAE,QAAQ,OAAO,EAAE,IAC3D;AAEJ,UAAM,aAAa;AAAA,MACjB,UAAU,EAAE,KAAK,EAAE;AAAA,MACnB,KAAK;AAAA,MACL,WAAW,GAAG,SAAS,IAAI,WAAW,IAAI,IAAI,QAAQ,EAAE;AAAA,MACxD,UAAU;AACR,cAAM,IAAI,eAAe;AAAA,MAC3B;AAAA,MACA,GAAG;AAAA,MACH,GAAG;AAAA,IAAA;AAGL,WAAOkL,WAAU,WAAW,UAAU,EAAE,KAAK,IAAI;AAAA,EACnD;AAEA,SAAO,KAAK;AACd;AC7CF,MAAA,eAAe,MAAM,OAAO,KAAc,SAAe;AACjD,QAAA,gBAAgB,WAAW,UAAU,EAAE;AAEvC,QAAA,EAAE,mBAAA1B,oBAAmB,yBAAA2B,yBAA4B,IAAA;AAGvD,MAAIA,4BAA2B;AAC7B,WAAO,KAAK;AAAA,EACd;AAGA,MAAI,OAAO,OAAO,IAAI,gCAAgC,MAAM,OAAO;AACjE,WAAO,IAAI;EACb;AAGI,MAAA,CAAC3B,sBAAqB;AACxB,WAAO,IAAI;AAAA,MACT;AAAA,MACA;AAAA,QACE,MAAM;AAAA,MACR;AAAA,IAAA;AAAA,EAEJ;AAGM,QAAA,IAAI,MAAM,+DAA+D;AACjF;ACzBA,MAAe,QAAA;AAAA,EACb;AAAA,EACA,iBAAiB;AACnB;;;;;;;;;;;"}