@strapi/admin 5.31.1 → 5.31.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (150) hide show
  1. package/dist/admin/admin/src/components/GuidedTour/Steps/ContentTypeBuilderSteps.js +2 -2
  2. package/dist/admin/admin/src/components/GuidedTour/Steps/ContentTypeBuilderSteps.js.map +1 -1
  3. package/dist/admin/admin/src/components/GuidedTour/Steps/ContentTypeBuilderSteps.mjs +1 -1
  4. package/dist/admin/admin/src/components/GuidedTour/Steps/ContentTypeBuilderSteps.mjs.map +1 -1
  5. package/dist/admin/admin/src/pages/Auth/components/Register.js +2 -1
  6. package/dist/admin/admin/src/pages/Auth/components/Register.js.map +1 -1
  7. package/dist/admin/admin/src/pages/Auth/components/Register.mjs +2 -1
  8. package/dist/admin/admin/src/pages/Auth/components/Register.mjs.map +1 -1
  9. package/dist/admin/admin/src/pages/Home/HomePage.js +1 -1
  10. package/dist/admin/admin/src/pages/Home/HomePage.js.map +1 -1
  11. package/dist/admin/admin/src/pages/Home/HomePage.mjs +1 -1
  12. package/dist/admin/admin/src/pages/Home/HomePage.mjs.map +1 -1
  13. package/dist/admin/admin/src/pages/ProfilePage.js +6 -0
  14. package/dist/admin/admin/src/pages/ProfilePage.js.map +1 -1
  15. package/dist/admin/admin/src/pages/ProfilePage.mjs +6 -0
  16. package/dist/admin/admin/src/pages/ProfilePage.mjs.map +1 -1
  17. package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/EditView/components/ActionBoundRoutes.js +2 -0
  18. package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/EditView/components/ActionBoundRoutes.js.map +1 -1
  19. package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/EditView/components/ActionBoundRoutes.mjs +2 -0
  20. package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/EditView/components/ActionBoundRoutes.mjs.map +1 -1
  21. package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/EditView/components/CollapsableContentType.js +2 -1
  22. package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/EditView/components/CollapsableContentType.js.map +1 -1
  23. package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/EditView/components/CollapsableContentType.mjs +2 -1
  24. package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/EditView/components/CollapsableContentType.mjs.map +1 -1
  25. package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/EditView/components/FormApiTokenContainer.js +4 -4
  26. package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/EditView/components/FormApiTokenContainer.js.map +1 -1
  27. package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/EditView/components/FormApiTokenContainer.mjs +4 -4
  28. package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/EditView/components/FormApiTokenContainer.mjs.map +1 -1
  29. package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/EditView/components/Permissions.js +1 -0
  30. package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/EditView/components/Permissions.js.map +1 -1
  31. package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/EditView/components/Permissions.mjs +1 -0
  32. package/dist/admin/admin/src/pages/Settings/pages/ApiTokens/EditView/components/Permissions.mjs.map +1 -1
  33. package/dist/admin/admin/src/pages/Settings/pages/ApplicationInfo/ApplicationInfoPage.js +5 -5
  34. package/dist/admin/admin/src/pages/Settings/pages/ApplicationInfo/ApplicationInfoPage.js.map +1 -1
  35. package/dist/admin/admin/src/pages/Settings/pages/ApplicationInfo/ApplicationInfoPage.mjs +5 -5
  36. package/dist/admin/admin/src/pages/Settings/pages/ApplicationInfo/ApplicationInfoPage.mjs.map +1 -1
  37. package/dist/admin/admin/src/pages/Settings/pages/PurchaseAuditLogs.js +4 -4
  38. package/dist/admin/admin/src/pages/Settings/pages/PurchaseAuditLogs.js.map +1 -1
  39. package/dist/admin/admin/src/pages/Settings/pages/PurchaseAuditLogs.mjs +4 -4
  40. package/dist/admin/admin/src/pages/Settings/pages/PurchaseAuditLogs.mjs.map +1 -1
  41. package/dist/admin/admin/src/pages/Settings/pages/PurchaseContentHistory.js +4 -4
  42. package/dist/admin/admin/src/pages/Settings/pages/PurchaseContentHistory.js.map +1 -1
  43. package/dist/admin/admin/src/pages/Settings/pages/PurchaseContentHistory.mjs +4 -4
  44. package/dist/admin/admin/src/pages/Settings/pages/PurchaseContentHistory.mjs.map +1 -1
  45. package/dist/admin/admin/src/pages/Settings/pages/PurchaseSingleSignOn.js +4 -2
  46. package/dist/admin/admin/src/pages/Settings/pages/PurchaseSingleSignOn.js.map +1 -1
  47. package/dist/admin/admin/src/pages/Settings/pages/PurchaseSingleSignOn.mjs +4 -2
  48. package/dist/admin/admin/src/pages/Settings/pages/PurchaseSingleSignOn.mjs.map +1 -1
  49. package/dist/admin/admin/src/pages/Settings/pages/Roles/CreatePage.js +4 -2
  50. package/dist/admin/admin/src/pages/Settings/pages/Roles/CreatePage.js.map +1 -1
  51. package/dist/admin/admin/src/pages/Settings/pages/Roles/CreatePage.mjs +4 -2
  52. package/dist/admin/admin/src/pages/Settings/pages/Roles/CreatePage.mjs.map +1 -1
  53. package/dist/admin/admin/src/pages/Settings/pages/Roles/components/PluginsAndSettings.js +3 -1
  54. package/dist/admin/admin/src/pages/Settings/pages/Roles/components/PluginsAndSettings.js.map +1 -1
  55. package/dist/admin/admin/src/pages/Settings/pages/Roles/components/PluginsAndSettings.mjs +3 -1
  56. package/dist/admin/admin/src/pages/Settings/pages/Roles/components/PluginsAndSettings.mjs.map +1 -1
  57. package/dist/admin/admin/src/pages/Settings/pages/Roles/components/RoleForm.js +2 -0
  58. package/dist/admin/admin/src/pages/Settings/pages/Roles/components/RoleForm.js.map +1 -1
  59. package/dist/admin/admin/src/pages/Settings/pages/Roles/components/RoleForm.mjs +2 -0
  60. package/dist/admin/admin/src/pages/Settings/pages/Roles/components/RoleForm.mjs.map +1 -1
  61. package/dist/admin/admin/src/pages/Settings/pages/Users/EditPage.js +2 -1
  62. package/dist/admin/admin/src/pages/Settings/pages/Users/EditPage.js.map +1 -1
  63. package/dist/admin/admin/src/pages/Settings/pages/Users/EditPage.mjs +2 -1
  64. package/dist/admin/admin/src/pages/Settings/pages/Users/EditPage.mjs.map +1 -1
  65. package/dist/admin/admin/src/pages/Settings/pages/Users/components/NewUserForm.js +2 -1
  66. package/dist/admin/admin/src/pages/Settings/pages/Users/components/NewUserForm.js.map +1 -1
  67. package/dist/admin/admin/src/pages/Settings/pages/Users/components/NewUserForm.mjs +2 -1
  68. package/dist/admin/admin/src/pages/Settings/pages/Users/components/NewUserForm.mjs.map +1 -1
  69. package/dist/admin/admin/src/pages/Settings/pages/Webhooks/components/HeadersInput.js +2 -0
  70. package/dist/admin/admin/src/pages/Settings/pages/Webhooks/components/HeadersInput.js.map +1 -1
  71. package/dist/admin/admin/src/pages/Settings/pages/Webhooks/components/HeadersInput.mjs +2 -0
  72. package/dist/admin/admin/src/pages/Settings/pages/Webhooks/components/HeadersInput.mjs.map +1 -1
  73. package/dist/admin/admin/src/pages/Settings/pages/Webhooks/components/WebhookForm.js +1 -0
  74. package/dist/admin/admin/src/pages/Settings/pages/Webhooks/components/WebhookForm.js.map +1 -1
  75. package/dist/admin/admin/src/pages/Settings/pages/Webhooks/components/WebhookForm.mjs +1 -0
  76. package/dist/admin/admin/src/pages/Settings/pages/Webhooks/components/WebhookForm.mjs.map +1 -1
  77. package/dist/admin/admin/src/services/auth.js +1 -12
  78. package/dist/admin/admin/src/services/auth.js.map +1 -1
  79. package/dist/admin/admin/src/services/auth.mjs +2 -11
  80. package/dist/admin/admin/src/services/auth.mjs.map +1 -1
  81. package/dist/admin/admin/src/translations/vi.json.js +772 -129
  82. package/dist/admin/admin/src/translations/vi.json.js.map +1 -1
  83. package/dist/admin/admin/src/translations/vi.json.mjs +764 -130
  84. package/dist/admin/admin/src/translations/vi.json.mjs.map +1 -1
  85. package/dist/admin/ee/admin/src/pages/AuthPage/components/SSOProviders.js +7 -0
  86. package/dist/admin/ee/admin/src/pages/AuthPage/components/SSOProviders.js.map +1 -1
  87. package/dist/admin/ee/admin/src/pages/AuthPage/components/SSOProviders.mjs +7 -0
  88. package/dist/admin/ee/admin/src/pages/AuthPage/components/SSOProviders.mjs.map +1 -1
  89. package/dist/admin/ee/admin/src/pages/SettingsPage/pages/ApplicationInfoPage/components/AdminSeatInfo.js +1 -1
  90. package/dist/admin/ee/admin/src/pages/SettingsPage/pages/ApplicationInfoPage/components/AdminSeatInfo.js.map +1 -1
  91. package/dist/admin/ee/admin/src/pages/SettingsPage/pages/ApplicationInfoPage/components/AdminSeatInfo.mjs +1 -1
  92. package/dist/admin/ee/admin/src/pages/SettingsPage/pages/ApplicationInfoPage/components/AdminSeatInfo.mjs.map +1 -1
  93. package/dist/admin/ee/admin/src/pages/SettingsPage/pages/SingleSignOnPage.js +1 -0
  94. package/dist/admin/ee/admin/src/pages/SettingsPage/pages/SingleSignOnPage.js.map +1 -1
  95. package/dist/admin/ee/admin/src/pages/SettingsPage/pages/SingleSignOnPage.mjs +1 -0
  96. package/dist/admin/ee/admin/src/pages/SettingsPage/pages/SingleSignOnPage.mjs.map +1 -1
  97. package/dist/admin/index.js +0 -2
  98. package/dist/admin/index.js.map +1 -1
  99. package/dist/admin/index.mjs +0 -1
  100. package/dist/admin/index.mjs.map +1 -1
  101. package/dist/admin/src/index.d.ts +0 -2
  102. package/dist/admin/src/services/auth.d.ts +2 -11
  103. package/dist/ee/server/src/ai/containers/ai.d.ts +4 -0
  104. package/dist/ee/server/src/ai/containers/ai.d.ts.map +1 -1
  105. package/dist/ee/server/src/ai/controllers/ai.d.ts.map +1 -1
  106. package/dist/ee/server/src/ai/routes/ai.d.ts.map +1 -1
  107. package/dist/server/ee/server/src/ai/containers/ai.js +143 -1
  108. package/dist/server/ee/server/src/ai/containers/ai.js.map +1 -1
  109. package/dist/server/ee/server/src/ai/containers/ai.mjs +143 -1
  110. package/dist/server/ee/server/src/ai/containers/ai.mjs.map +1 -1
  111. package/dist/server/ee/server/src/ai/controllers/ai.js +7 -106
  112. package/dist/server/ee/server/src/ai/controllers/ai.js.map +1 -1
  113. package/dist/server/ee/server/src/ai/controllers/ai.mjs +7 -106
  114. package/dist/server/ee/server/src/ai/controllers/ai.mjs.map +1 -1
  115. package/dist/server/ee/server/src/ai/routes/ai.js +0 -3
  116. package/dist/server/ee/server/src/ai/routes/ai.js.map +1 -1
  117. package/dist/server/ee/server/src/ai/routes/ai.mjs +0 -3
  118. package/dist/server/ee/server/src/ai/routes/ai.mjs.map +1 -1
  119. package/dist/server/server/src/controllers/authenticated-user.js +0 -15
  120. package/dist/server/server/src/controllers/authenticated-user.js.map +1 -1
  121. package/dist/server/server/src/controllers/authenticated-user.mjs +0 -15
  122. package/dist/server/server/src/controllers/authenticated-user.mjs.map +1 -1
  123. package/dist/server/server/src/routes/users.js +0 -10
  124. package/dist/server/server/src/routes/users.js.map +1 -1
  125. package/dist/server/server/src/routes/users.mjs +0 -10
  126. package/dist/server/server/src/routes/users.mjs.map +1 -1
  127. package/dist/server/server/src/services/user.js +1 -143
  128. package/dist/server/server/src/services/user.js.map +1 -1
  129. package/dist/server/server/src/services/user.mjs +1 -143
  130. package/dist/server/server/src/services/user.mjs.map +1 -1
  131. package/dist/server/src/controllers/authenticated-user.d.ts +0 -1
  132. package/dist/server/src/controllers/authenticated-user.d.ts.map +1 -1
  133. package/dist/server/src/controllers/index.d.ts +0 -1
  134. package/dist/server/src/controllers/index.d.ts.map +1 -1
  135. package/dist/server/src/index.d.ts +0 -5
  136. package/dist/server/src/index.d.ts.map +1 -1
  137. package/dist/server/src/routes/users.d.ts.map +1 -1
  138. package/dist/server/src/services/index.d.ts +0 -4
  139. package/dist/server/src/services/index.d.ts.map +1 -1
  140. package/dist/server/src/services/user.d.ts +0 -4
  141. package/dist/server/src/services/user.d.ts.map +1 -1
  142. package/dist/shared/contracts/ai.d.ts +1 -1
  143. package/dist/shared/contracts/users.d.ts +0 -32
  144. package/dist/shared/contracts/users.d.ts.map +1 -1
  145. package/package.json +9 -9
  146. package/dist/admin/admin/src/hooks/useAIAvailability.js +0 -13
  147. package/dist/admin/admin/src/hooks/useAIAvailability.js.map +0 -1
  148. package/dist/admin/admin/src/hooks/useAIAvailability.mjs +0 -11
  149. package/dist/admin/admin/src/hooks/useAIAvailability.mjs.map +0 -1
  150. package/dist/admin/src/hooks/useAIAvailability.d.ts +0 -5
package/dist/server/server/src/services/user.js CHANGED
@@ -3,9 +3,6 @@
3
3
  var _ = require('lodash');
4
4
  var fp = require('lodash/fp');
5
5
  var utils = require('@strapi/utils');
6
- var crypto = require('crypto');
7
- var fs = require('fs');
8
- var path = require('path');
9
6
  var user$1 = require('../domain/user.js');
10
7
  var commonValidators = require('../validation/common-validators.js');
11
8
  var index = require('../utils/index.js');
@@ -408,144 +405,6 @@ attributes)=>{
408
405
  });
409
406
  return users.map((user)=>user.preferedLanguage || 'en');
410
407
  };
411
- /**
412
- * In-memory cache for AI tokens
413
- * Key format: `${projectId}:${userId}`
414
- */ const aiTokenCache = new Map();
415
- /**
416
- * Generate an AI token for the user performing the request
417
- */ const getAiToken = async ()=>{
418
- const ERROR_PREFIX = 'AI token request failed:';
419
- // Check if EE features are enabled first
420
- if (!strapi.ee?.isEE) {
421
- strapi.log.error(`${ERROR_PREFIX} Enterprise Edition features are not enabled`);
422
- throw new Error('AI token request failed. Check server logs for details.');
423
- }
424
- // Get the EE license
425
- // First try environment variable, then try reading from file
426
- let eeLicense = process.env.STRAPI_LICENSE;
427
- if (!eeLicense) {
428
- try {
429
- const licensePath = path.join(strapi.dirs.app.root, 'license.txt');
430
- eeLicense = fs.readFileSync(licensePath).toString();
431
- } catch (error) {
432
- // License file doesn't exist or can't be read
433
- }
434
- }
435
- if (!eeLicense) {
436
- strapi.log.error(`${ERROR_PREFIX} No EE license found. Please ensure STRAPI_LICENSE environment variable is set or license.txt file exists.`);
437
- throw new Error('AI token request failed. Check server logs for details.');
438
- }
439
- const aiServerUrl = process.env.STRAPI_AI_URL || 'https://strapi-ai.apps.strapi.io';
440
- if (!aiServerUrl) {
441
- strapi.log.error(`${ERROR_PREFIX} AI server URL not configured. Please set STRAPI_AI_URL environment variable.`);
442
- throw new Error('AI token request failed. Check server logs for details.');
443
- }
444
- // Create a secure user identifier using only user ID
445
- const user = strapi.requestContext.get()?.state?.user;
446
- if (!user) {
447
- strapi.log.error(`${ERROR_PREFIX} No authenticated user in request context`);
448
- throw new Error('AI token request failed. Check server logs for details.');
449
- }
450
- const userIdentifier = user.id.toString();
451
- // Get project ID
452
- const projectId = strapi.config.get('uuid');
453
- if (!projectId) {
454
- strapi.log.error(`${ERROR_PREFIX} Project ID not configured`);
455
- throw new Error('AI token request failed. Check server logs for details.');
456
- }
457
- // Check cache for existing valid token
458
- const cacheKey = `${projectId}:${userIdentifier}`;
459
- const cachedToken = aiTokenCache.get(cacheKey);
460
- if (cachedToken) {
461
- const now = Date.now();
462
- // Check if token is still valid (with buffer so it has time to to be used)
463
- const bufferMs = 2 * 60 * 1000; // 2 minutes
464
- if (cachedToken.expiresAtMs && cachedToken.expiresAtMs - bufferMs > now) {
465
- strapi.log.info('Using cached AI token');
466
- return {
467
- token: cachedToken.token,
468
- expiresAt: cachedToken.expiresAt
469
- };
470
- }
471
- // Token expired or will expire soon, remove from cache
472
- aiTokenCache.delete(cacheKey);
473
- }
474
- strapi.log.http('Contacting AI Server for token generation');
475
- try {
476
- // Call the AI server's getAiJWT endpoint
477
- const response = await fetch(`${aiServerUrl}/auth/getAiJWT`, {
478
- method: 'POST',
479
- headers: {
480
- 'Content-Type': 'application/json',
481
- // No authorization header needed for public endpoint
482
- // Add request ID for tracing
483
- 'X-Request-Id': crypto.randomUUID()
484
- },
485
- body: JSON.stringify({
486
- eeLicense,
487
- userIdentifier,
488
- projectId
489
- })
490
- });
491
- if (!response.ok) {
492
- let errorData;
493
- let errorText;
494
- try {
495
- errorText = await response.text();
496
- errorData = JSON.parse(errorText);
497
- } catch {
498
- errorData = {
499
- error: errorText || 'Failed to parse error response'
500
- };
501
- }
502
- strapi.log.error(`${ERROR_PREFIX} ${errorData?.error || 'Unknown error'}`, {
503
- status: response.status,
504
- statusText: response.statusText,
505
- error: errorData,
506
- errorText,
507
- projectId
508
- });
509
- throw new Error('AI token request failed. Check server logs for details.');
510
- }
511
- let data;
512
- try {
513
- data = await response.json();
514
- } catch (parseError) {
515
- strapi.log.error(`${ERROR_PREFIX} Failed to parse AI server response`, parseError);
516
- throw new Error('AI token request failed. Check server logs for details.');
517
- }
518
- if (!data.jwt) {
519
- strapi.log.error(`${ERROR_PREFIX} Invalid response: missing JWT token`);
520
- throw new Error('AI token request failed. Check server logs for details.');
521
- }
522
- strapi.log.info('AI token generated successfully', {
523
- userId: user.id,
524
- expiresAt: data.expiresAt
525
- });
526
- // Cache the token if it has an expiration time
527
- if (data.expiresAt) {
528
- const expiresAtMs = new Date(data.expiresAt).getTime();
529
- aiTokenCache.set(cacheKey, {
530
- token: data.jwt,
531
- expiresAt: data.expiresAt,
532
- expiresAtMs
533
- });
534
- }
535
- // Return the AI JWT with metadata
536
- // Note: Token expires in 1 hour, client should handle refresh
537
- return {
538
- token: data.jwt,
539
- expiresAt: data.expiresAt
540
- };
541
- } catch (fetchError) {
542
- if (fetchError instanceof Error && fetchError.name === 'AbortError') {
543
- strapi.log.error(`${ERROR_PREFIX} Request to AI server timed out`);
544
- throw new Error('AI token request failed. Check server logs for details.');
545
- }
546
- throw fetchError;
547
- }
548
- };
549
408
  var user = {
550
409
  create,
551
410
  updateById,
@@ -564,8 +423,7 @@ var user = {
564
423
  displayWarningIfUsersDontHaveRole,
565
424
  resetPasswordByEmail,
566
425
  getLanguagesInUse,
567
- isFirstSuperAdminUser,
568
- getAiToken
426
+ isFirstSuperAdminUser
569
427
  };
570
428
 
571
429
  module.exports = user;
package/dist/server/server/src/services/user.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"user.js","sources":["../../../../../server/src/services/user.ts"],"sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\nimport _ from 'lodash';\nimport { defaults } from 'lodash/fp';\nimport { arrays, errors } from '@strapi/utils';\nimport type { Data } from '@strapi/types';\nimport crypto from 'crypto';\nimport fs from 'fs';\nimport path from 'path';\nimport { createUser, hasSuperAdminRole } from '../domain/user';\nimport type {\n AdminUser,\n AdminRole,\n AdminUserCreationPayload,\n SanitizedAdminUser,\n SanitizedAdminRole,\n AdminUserUpdatePayload,\n // eslint-disable-next-line node/no-unpublished-import\n} from '../../../shared/contracts/shared';\nimport { password as passwordValidator } from '../validation/common-validators';\nimport { getService } from '../utils';\nimport constants from './constants';\n\nconst { SUPER_ADMIN_CODE } = constants;\n\nconst { ValidationError } = errors;\nconst sanitizeUserRoles = (role: AdminRole): SanitizedAdminRole =>\n _.pick(role, ['id', 'name', 'description', 'code']);\n\nconst getSessionManager = () => {\n const manager = strapi.sessionManager;\n return manager ?? null;\n};\n\n/**\n * Remove private user fields\n * @param user - user to sanitize\n */\nconst sanitizeUser = (user: AdminUser): SanitizedAdminUser => {\n return {\n ..._.omit(user, ['password', 'resetPasswordToken', 'registrationToken', 'roles']),\n roles: user.roles && user.roles.map(sanitizeUserRoles),\n };\n};\n\n/**\n * Create and save a user in database\n * @param attributes A partial user object\n */\nconst create = async (\n // isActive is added in the controller, it's not sent by the API.\n attributes: Partial<AdminUserCreationPayload> & { isActive?: true }\n): Promise<AdminUser> => {\n const userInfo = {\n registrationToken: getService('token').createToken(),\n ...attributes,\n };\n\n if (_.has(attributes, 'password')) {\n userInfo.password = await getService('auth').hashPassword(attributes.password!);\n }\n\n const user = createUser(userInfo);\n\n const createdUser = await strapi.db\n .query('admin::user')\n .create({ data: user, populate: ['roles'] });\n\n getService('metrics').sendDidInviteUser();\n\n strapi.eventHub.emit('user.create', { user: sanitizeUser(createdUser) });\n\n return createdUser;\n};\n\n/**\n * Update a user in database\n * @param id query params to find the user to update\n * @param attributes A partial user object\n */\nconst updateById = async (\n id: Data.ID,\n attributes: Partial<AdminUserUpdatePayload>\n): Promise<AdminUser> => {\n // Check at least one super admin remains\n if (_.has(attributes, 'roles')) {\n const lastAdminUser = await isLastSuperAdminUser(id);\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n const willRemoveSuperAdminRole = !arrays.includesString(attributes.roles!, superAdminRole.id);\n\n if (lastAdminUser && willRemoveSuperAdminRole) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n\n // cannot disable last super admin\n if (attributes.isActive === false) {\n const lastAdminUser = await isLastSuperAdminUser(id);\n if (lastAdminUser) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n\n // hash password if a new one is sent\n if (_.has(attributes, 'password')) {\n const hashedPassword = await getService('auth').hashPassword(attributes.password!);\n\n const updatedUser = await strapi.db.query('admin::user').update({\n where: { id },\n data: {\n ...attributes,\n password: hashedPassword,\n },\n populate: ['roles'],\n });\n\n strapi.eventHub.emit('user.update', { user: sanitizeUser(updatedUser) });\n\n return updatedUser;\n }\n\n const updatedUser = await strapi.db.query('admin::user').update({\n where: { id },\n data: attributes,\n populate: ['roles'],\n });\n\n if (updatedUser) {\n strapi.eventHub.emit('user.update', { user: sanitizeUser(updatedUser) });\n }\n\n return updatedUser;\n};\n\n/**\n * Reset a user password by email. (Used in admin:reset CLI)\n * @param email - user email\n * @param password - new password\n */\nconst resetPasswordByEmail = async (email: string, password: string) => {\n const user = await strapi.db\n .query('admin::user')\n .findOne({ where: { email }, populate: ['roles'] });\n\n if (!user) {\n throw new Error(`User not found for email: ${email}`);\n }\n\n try {\n await passwordValidator.validate(password);\n } catch (error) {\n throw new ValidationError(\n 'Invalid password. Expected a minimum of 8 characters with at least one number and one uppercase letter'\n );\n }\n\n await updateById(user.id, { password });\n};\n\n/**\n * Check if a user is the last super admin\n * @param userId user's id to look for\n */\nconst isLastSuperAdminUser = async (userId: Data.ID): Promise<boolean> => {\n const user = (await findOne(userId)) as AdminUser | null;\n if (!user) return false;\n\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n\n return superAdminRole.usersCount === 1 && hasSuperAdminRole(user);\n};\n\n/**\n * Check if a user is the first super admin\n * @param userId user's id to look for\n */\nconst isFirstSuperAdminUser = async (userId: Data.ID): Promise<boolean> => {\n const currentUser = (await findOne(userId)) as AdminUser | null;\n\n if (!currentUser || !hasSuperAdminRole(currentUser)) return false;\n\n const [oldestUser] = await strapi.db.query('admin::user').findMany({\n populate: {\n roles: {\n where: {\n code: { $eq: SUPER_ADMIN_CODE },\n },\n },\n },\n orderBy: { createdAt: 'asc' },\n limit: 1,\n select: ['id'],\n });\n\n return oldestUser.id === currentUser.id;\n};\n\n/**\n * Check if a user with specific attributes exists in the database\n * @param attributes A partial user object\n */\nconst exists = async (attributes = {} as unknown): Promise<boolean> => {\n return (await strapi.db.query('admin::user').count({ where: attributes })) > 0;\n};\n\n/**\n * Returns a user registration info\n * @param registrationToken - a user registration token\n * @returns - Returns user email, firstname and lastname\n */\nconst findRegistrationInfo = async (\n registrationToken: string\n): Promise<Pick<AdminUser, 'email' | 'firstname' | 'lastname'> | undefined> => {\n const user = await strapi.db.query('admin::user').findOne({ where: { registrationToken } });\n\n if (!user) {\n return undefined;\n }\n\n return _.pick(user, ['email', 'firstname', 'lastname']);\n};\n\n/**\n * Registers a user based on a registrationToken and some informations to update\n * @param params\n * @param params.registrationToken registration token\n * @param params.userInfo user info\n */\nconst register = async ({\n registrationToken,\n userInfo,\n}: {\n registrationToken: string;\n userInfo: Partial<AdminUser>;\n}) => {\n const matchingUser = await strapi.db\n .query('admin::user')\n .findOne({ where: { registrationToken } });\n\n if (!matchingUser) {\n throw new ValidationError('Invalid registration info');\n }\n\n return getService('user').updateById(matchingUser.id, {\n password: userInfo.password,\n firstname: userInfo.firstname,\n lastname: userInfo.lastname,\n registrationToken: null,\n isActive: true,\n });\n};\n\n/**\n * Find one user\n */\nconst findOne = async (id: Data.ID, populate = ['roles']) => {\n return strapi.db.query('admin::user').findOne({ where: { id }, populate });\n};\n\n/**\n * Find one user by its email\n * @param email\n * @param populate\n * @returns\n */\nconst findOneByEmail = async (email: string, populate = []) => {\n return strapi.db.query('admin::user').findOne({\n where: { email: { $eqi: email } },\n populate,\n });\n};\n\n/** Find many users (paginated)\n * @param params\n */\nconst findPage = async (params = {}): Promise<unknown> => {\n const query = strapi\n .get('query-params')\n .transform('admin::user', defaults({ populate: ['roles'] }, params));\n\n return strapi.db.query('admin::user').findPage(query);\n};\n\n/** Delete a user\n * @param id id of the user to delete\n */\nconst deleteById = async (id: Data.ID): Promise<AdminUser | null> => {\n // Check at least one super admin remains\n const userToDelete: AdminUser | null = await strapi.db.query('admin::user').findOne({\n where: { id },\n populate: ['roles'],\n });\n\n if (!userToDelete) {\n return null;\n }\n\n if (userToDelete) {\n if (userToDelete.roles.some((r) => r.code === SUPER_ADMIN_CODE)) {\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n if (superAdminRole.usersCount === 1) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n }\n\n const deletedUser = await strapi.db\n .query('admin::user')\n .delete({ where: { id }, populate: ['roles'] });\n\n // Invalidate all sessions for the deleted user\n const sessionManager = getSessionManager();\n if (sessionManager && sessionManager.hasOrigin('admin')) {\n await sessionManager('admin').invalidateRefreshToken(String(id));\n }\n\n strapi.eventHub.emit('user.delete', { user: sanitizeUser(deletedUser) });\n\n return deletedUser;\n};\n\n/** Delete a user\n * @param ids ids of the users to delete\n */\nconst deleteByIds = async (ids: (string | number)[]): Promise<AdminUser[]> => {\n // Check at least one super admin remains\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n const nbOfSuperAdminToDelete = await strapi.db.query('admin::user').count({\n where: {\n id: ids,\n roles: { id: superAdminRole.id },\n },\n });\n\n if (superAdminRole.usersCount === nbOfSuperAdminToDelete) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n\n const deletedUsers = [] as AdminUser[];\n for (const id of ids) {\n const deletedUser = await strapi.db.query('admin::user').delete({\n where: { id },\n populate: ['roles'],\n });\n\n // Invalidate all sessions for the deleted user\n const sessionManager = getSessionManager();\n if (sessionManager && sessionManager.hasOrigin('admin')) {\n await sessionManager('admin').invalidateRefreshToken(String(id));\n }\n\n deletedUsers.push(deletedUser);\n }\n\n strapi.eventHub.emit('user.delete', {\n users: deletedUsers.map((deletedUser) => sanitizeUser(deletedUser)),\n });\n\n return deletedUsers;\n};\n\n/** Count the users that don't have any associated roles\n */\nconst countUsersWithoutRole = async (): Promise<number> => {\n return strapi.db.query('admin::user').count({\n where: {\n roles: {\n id: { $null: true },\n },\n },\n });\n};\n\n/**\n * Count the number of users based on search params\n * @param params params used for the query\n */\nconst count = async (where = {}): Promise<number> => {\n return strapi.db.query('admin::user').count({ where });\n};\n\n/**\n * Assign some roles to several users\n */\nconst assignARoleToAll = async (roleId: Data.ID): Promise<void> => {\n const users = await strapi.db.query('admin::user').findMany({\n select: ['id'],\n where: {\n roles: { id: { $null: true } },\n },\n });\n\n await Promise.all(\n users.map((user) => {\n return strapi.db.query('admin::user').update({\n where: { id: user.id },\n data: { roles: [roleId] },\n });\n })\n );\n};\n\n/** Display a warning if some users don't have at least one role\n */\nconst displayWarningIfUsersDontHaveRole = async (): Promise<void> => {\n const count = await countUsersWithoutRole();\n\n if (count > 0) {\n strapi.log.warn(`Some users (${count}) don't have any role.`);\n }\n};\n\n/** Returns an array of interface languages currently used by users\n */\nconst getLanguagesInUse = async (): Promise<string[]> => {\n const users = await strapi.db.query('admin::user').findMany({ select: ['preferedLanguage'] });\n\n return users.map((user) => user.preferedLanguage || 'en');\n};\n\n/**\n * In-memory cache for AI tokens\n * Key format: `${projectId}:${userId}`\n */\nconst aiTokenCache = new Map<\n string,\n {\n token: string;\n expiresAt?: string;\n expiresAtMs?: number;\n }\n>();\n\n/**\n * Generate an AI token for the user performing the request\n */\nconst getAiToken = async (): Promise<{ token: string; expiresAt?: string }> => {\n const ERROR_PREFIX = 'AI token request failed:';\n\n // Check if EE features are enabled first\n if (!strapi.ee?.isEE) {\n strapi.log.error(`${ERROR_PREFIX} Enterprise Edition features are not enabled`);\n throw new Error('AI token request failed. Check server logs for details.');\n }\n\n // Get the EE license\n // First try environment variable, then try reading from file\n let eeLicense = process.env.STRAPI_LICENSE;\n\n if (!eeLicense) {\n try {\n const licensePath = path.join(strapi.dirs.app.root, 'license.txt');\n eeLicense = fs.readFileSync(licensePath).toString();\n } catch (error) {\n // License file doesn't exist or can't be read\n }\n }\n\n if (!eeLicense) {\n strapi.log.error(\n `${ERROR_PREFIX} No EE license found. Please ensure STRAPI_LICENSE environment variable is set or license.txt file exists.`\n );\n throw new Error('AI token request failed. Check server logs for details.');\n }\n\n const aiServerUrl = process.env.STRAPI_AI_URL || 'https://strapi-ai.apps.strapi.io';\n\n if (!aiServerUrl) {\n strapi.log.error(\n `${ERROR_PREFIX} AI server URL not configured. Please set STRAPI_AI_URL environment variable.`\n );\n throw new Error('AI token request failed. Check server logs for details.');\n }\n\n // Create a secure user identifier using only user ID\n const user = strapi.requestContext.get()?.state?.user as AdminUser | undefined;\n if (!user) {\n strapi.log.error(`${ERROR_PREFIX} No authenticated user in request context`);\n throw new Error('AI token request failed. Check server logs for details.');\n }\n\n const userIdentifier = user.id.toString();\n\n // Get project ID\n const projectId = strapi.config.get('uuid');\n if (!projectId) {\n strapi.log.error(`${ERROR_PREFIX} Project ID not configured`);\n throw new Error('AI token request failed. Check server logs for details.');\n }\n\n // Check cache for existing valid token\n const cacheKey = `${projectId}:${userIdentifier}`;\n const cachedToken = aiTokenCache.get(cacheKey);\n\n if (cachedToken) {\n const now = Date.now();\n // Check if token is still valid (with buffer so it has time to to be used)\n const bufferMs = 2 * 60 * 1000; // 2 minutes\n\n if (cachedToken.expiresAtMs && cachedToken.expiresAtMs - bufferMs > now) {\n strapi.log.info('Using cached AI token');\n\n return {\n token: cachedToken.token,\n expiresAt: cachedToken.expiresAt,\n };\n }\n\n // Token expired or will expire soon, remove from cache\n aiTokenCache.delete(cacheKey);\n }\n\n strapi.log.http('Contacting AI Server for token generation');\n\n try {\n // Call the AI server's getAiJWT endpoint\n const response = await fetch(`${aiServerUrl}/auth/getAiJWT`, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n // No authorization header needed for public endpoint\n // Add request ID for tracing\n 'X-Request-Id': crypto.randomUUID(),\n },\n body: JSON.stringify({\n eeLicense,\n userIdentifier,\n projectId,\n }),\n });\n\n if (!response.ok) {\n let errorData;\n let errorText;\n try {\n errorText = await response.text();\n errorData = JSON.parse(errorText);\n } catch {\n errorData = { error: errorText || 'Failed to parse error response' };\n }\n\n strapi.log.error(`${ERROR_PREFIX} ${errorData?.error || 'Unknown error'}`, {\n status: response.status,\n statusText: response.statusText,\n error: errorData,\n errorText,\n projectId,\n });\n\n throw new Error('AI token request failed. Check server logs for details.');\n }\n\n let data;\n try {\n data = (await response.json()) as {\n jwt: string;\n expiresAt?: string;\n };\n } catch (parseError) {\n strapi.log.error(`${ERROR_PREFIX} Failed to parse AI server response`, parseError);\n throw new Error('AI token request failed. Check server logs for details.');\n }\n\n if (!data.jwt) {\n strapi.log.error(`${ERROR_PREFIX} Invalid response: missing JWT token`);\n throw new Error('AI token request failed. Check server logs for details.');\n }\n\n strapi.log.info('AI token generated successfully', {\n userId: user.id,\n expiresAt: data.expiresAt,\n });\n\n // Cache the token if it has an expiration time\n if (data.expiresAt) {\n const expiresAtMs = new Date(data.expiresAt).getTime();\n aiTokenCache.set(cacheKey, {\n token: data.jwt,\n expiresAt: data.expiresAt,\n expiresAtMs,\n });\n }\n\n // Return the AI JWT with metadata\n // Note: Token expires in 1 hour, client should handle refresh\n return {\n token: data.jwt,\n expiresAt: data.expiresAt, // 1 hour from generation\n };\n } catch (fetchError) {\n if (fetchError instanceof Error && fetchError.name === 'AbortError') {\n strapi.log.error(`${ERROR_PREFIX} Request to AI server timed out`);\n throw new Error('AI token request failed. Check server logs for details.');\n }\n\n throw fetchError;\n }\n};\n\nexport default {\n create,\n updateById,\n exists,\n findRegistrationInfo,\n register,\n sanitizeUser,\n findOne,\n findOneByEmail,\n findPage,\n deleteById,\n deleteByIds,\n countUsersWithoutRole,\n count,\n assignARoleToAll,\n displayWarningIfUsersDontHaveRole,\n resetPasswordByEmail,\n getLanguagesInUse,\n isFirstSuperAdminUser,\n getAiToken,\n};\n"],"names":["SUPER_ADMIN_CODE","constants","ValidationError","errors","sanitizeUserRoles","role","_","pick","getSessionManager","manager","strapi","sessionManager","sanitizeUser","user","omit","roles","map","create","attributes","userInfo","registrationToken","getService","createToken","has","password","hashPassword","createUser","createdUser","db","query","data","populate","sendDidInviteUser","eventHub","emit","updateById","id","lastAdminUser","isLastSuperAdminUser","superAdminRole","getSuperAdminWithUsersCount","willRemoveSuperAdminRole","arrays","includesString","isActive","hashedPassword","updatedUser","update","where","resetPasswordByEmail","email","findOne","Error","passwordValidator","validate","error","userId","usersCount","hasSuperAdminRole","isFirstSuperAdminUser","currentUser","oldestUser","findMany","code","$eq","orderBy","createdAt","limit","select","exists","count","findRegistrationInfo","undefined","register","matchingUser","firstname","lastname","findOneByEmail","$eqi","findPage","params","get","transform","defaults","deleteById","userToDelete","some","r","deletedUser","delete","hasOrigin","invalidateRefreshToken","String","deleteByIds","ids","nbOfSuperAdminToDelete","deletedUsers","push","users","countUsersWithoutRole","$null","assignARoleToAll","roleId","Promise","all","displayWarningIfUsersDontHaveRole","log","warn","getLanguagesInUse","preferedLanguage","aiTokenCache","Map","getAiToken","ERROR_PREFIX","ee","isEE","eeLicense","process","env","STRAPI_LICENSE","licensePath","path","join","dirs","app","root","fs","readFileSync","toString","aiServerUrl","STRAPI_AI_URL","requestContext","state","userIdentifier","projectId","config","cacheKey","cachedToken","now","Date","bufferMs","expiresAtMs","info","token","expiresAt","http","response","fetch","method","headers","crypto","randomUUID","body","JSON","stringify","ok","errorData","errorText","text","parse","status","statusText","json","parseError","jwt","getTime","set","fetchError","name"],"mappings":";;;;;;;;;;;;;AAsBA,MAAM,EAAEA,gBAAgB,EAAE,GAAGC,SAAAA;AAE7B,MAAM,EAAEC,eAAe,EAAE,GAAGC,YAAAA;AAC5B,MAAMC,oBAAoB,CAACC,IAAAA,GACzBC,CAAEC,CAAAA,IAAI,CAACF,IAAM,EAAA;AAAC,QAAA,IAAA;AAAM,QAAA,MAAA;AAAQ,QAAA,aAAA;AAAe,QAAA;AAAO,KAAA,CAAA;AAEpD,MAAMG,iBAAoB,GAAA,IAAA;IACxB,MAAMC,OAAAA,GAAUC,OAAOC,cAAc;AACrC,IAAA,OAAOF,OAAW,IAAA,IAAA;AACpB,CAAA;AAEA;;;IAIA,MAAMG,eAAe,CAACC,IAAAA,GAAAA;IACpB,OAAO;QACL,GAAGP,CAAAA,CAAEQ,IAAI,CAACD,IAAM,EAAA;AAAC,YAAA,UAAA;AAAY,YAAA,oBAAA;AAAsB,YAAA,mBAAA;AAAqB,YAAA;SAAQ,CAAC;AACjFE,QAAAA,KAAAA,EAAOF,KAAKE,KAAK,IAAIF,KAAKE,KAAK,CAACC,GAAG,CAACZ,iBAAAA;AACtC,KAAA;AACF,CAAA;AAEA;;;IAIA,MAAMa,MAAS,GAAA;AAEbC,UAAAA,GAAAA;AAEA,IAAA,MAAMC,QAAW,GAAA;QACfC,iBAAmBC,EAAAA,gBAAAA,CAAW,SAASC,WAAW,EAAA;AAClD,QAAA,GAAGJ;AACL,KAAA;AAEA,IAAA,IAAIZ,CAAEiB,CAAAA,GAAG,CAACL,UAAAA,EAAY,UAAa,CAAA,EAAA;QACjCC,QAASK,CAAAA,QAAQ,GAAG,MAAMH,gBAAAA,CAAW,QAAQI,YAAY,CAACP,WAAWM,QAAQ,CAAA;AAC/E;AAEA,IAAA,MAAMX,OAAOa,iBAAWP,CAAAA,QAAAA,CAAAA;IAExB,MAAMQ,WAAAA,GAAc,MAAMjB,MAAOkB,CAAAA,EAAE,CAChCC,KAAK,CAAC,aACNZ,CAAAA,CAAAA,MAAM,CAAC;QAAEa,IAAMjB,EAAAA,IAAAA;QAAMkB,QAAU,EAAA;AAAC,YAAA;AAAQ;AAAC,KAAA,CAAA;AAE5CV,IAAAA,gBAAAA,CAAW,WAAWW,iBAAiB,EAAA;AAEvCtB,IAAAA,MAAAA,CAAOuB,QAAQ,CAACC,IAAI,CAAC,aAAe,EAAA;AAAErB,QAAAA,IAAAA,EAAMD,YAAae,CAAAA,WAAAA;AAAa,KAAA,CAAA;IAEtE,OAAOA,WAAAA;AACT,CAAA;AAEA;;;;IAKA,MAAMQ,UAAa,GAAA,OACjBC,EACAlB,EAAAA,UAAAA,GAAAA;;AAGA,IAAA,IAAIZ,CAAEiB,CAAAA,GAAG,CAACL,UAAAA,EAAY,OAAU,CAAA,EAAA;QAC9B,MAAMmB,aAAAA,GAAgB,MAAMC,oBAAqBF,CAAAA,EAAAA,CAAAA;AACjD,QAAA,MAAMG,cAAiB,GAAA,MAAMlB,gBAAW,CAAA,MAAA,CAAA,CAAQmB,2BAA2B,EAAA;QAC3E,MAAMC,wBAAAA,GAA2B,CAACC,YAAOC,CAAAA,cAAc,CAACzB,UAAWH,CAAAA,KAAK,EAAGwB,cAAAA,CAAeH,EAAE,CAAA;AAE5F,QAAA,IAAIC,iBAAiBI,wBAA0B,EAAA;AAC7C,YAAA,MAAM,IAAIvC,eAAgB,CAAA,wDAAA,CAAA;AAC5B;AACF;;IAGA,IAAIgB,UAAAA,CAAW0B,QAAQ,KAAK,KAAO,EAAA;QACjC,MAAMP,aAAAA,GAAgB,MAAMC,oBAAqBF,CAAAA,EAAAA,CAAAA;AACjD,QAAA,IAAIC,aAAe,EAAA;AACjB,YAAA,MAAM,IAAInC,eAAgB,CAAA,wDAAA,CAAA;AAC5B;AACF;;AAGA,IAAA,IAAII,CAAEiB,CAAAA,GAAG,CAACL,UAAAA,EAAY,UAAa,CAAA,EAAA;AACjC,QAAA,MAAM2B,iBAAiB,MAAMxB,gBAAAA,CAAW,QAAQI,YAAY,CAACP,WAAWM,QAAQ,CAAA;QAEhF,MAAMsB,WAAAA,GAAc,MAAMpC,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAekB,CAAAA,CAAAA,MAAM,CAAC;YAC9DC,KAAO,EAAA;AAAEZ,gBAAAA;AAAG,aAAA;YACZN,IAAM,EAAA;AACJ,gBAAA,GAAGZ,UAAU;gBACbM,QAAUqB,EAAAA;AACZ,aAAA;YACAd,QAAU,EAAA;AAAC,gBAAA;AAAQ;AACrB,SAAA,CAAA;AAEArB,QAAAA,MAAAA,CAAOuB,QAAQ,CAACC,IAAI,CAAC,aAAe,EAAA;AAAErB,YAAAA,IAAAA,EAAMD,YAAakC,CAAAA,WAAAA;AAAa,SAAA,CAAA;QAEtE,OAAOA,WAAAA;AACT;IAEA,MAAMA,WAAAA,GAAc,MAAMpC,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAekB,CAAAA,CAAAA,MAAM,CAAC;QAC9DC,KAAO,EAAA;AAAEZ,YAAAA;AAAG,SAAA;QACZN,IAAMZ,EAAAA,UAAAA;QACNa,QAAU,EAAA;AAAC,YAAA;AAAQ;AACrB,KAAA,CAAA;AAEA,IAAA,IAAIe,WAAa,EAAA;AACfpC,QAAAA,MAAAA,CAAOuB,QAAQ,CAACC,IAAI,CAAC,aAAe,EAAA;AAAErB,YAAAA,IAAAA,EAAMD,YAAakC,CAAAA,WAAAA;AAAa,SAAA,CAAA;AACxE;IAEA,OAAOA,WAAAA;AACT,CAAA;AAEA;;;;IAKA,MAAMG,oBAAuB,GAAA,OAAOC,KAAe1B,EAAAA,QAAAA,GAAAA;IACjD,MAAMX,IAAAA,GAAO,MAAMH,MAAOkB,CAAAA,EAAE,CACzBC,KAAK,CAAC,aACNsB,CAAAA,CAAAA,OAAO,CAAC;QAAEH,KAAO,EAAA;AAAEE,YAAAA;AAAM,SAAA;QAAGnB,QAAU,EAAA;AAAC,YAAA;AAAQ;AAAC,KAAA,CAAA;AAEnD,IAAA,IAAI,CAAClB,IAAM,EAAA;AACT,QAAA,MAAM,IAAIuC,KAAAA,CAAM,CAAC,0BAA0B,EAAEF,KAAO,CAAA,CAAA,CAAA;AACtD;IAEA,IAAI;QACF,MAAMG,yBAAAA,CAAkBC,QAAQ,CAAC9B,QAAAA,CAAAA;AACnC,KAAA,CAAE,OAAO+B,KAAO,EAAA;AACd,QAAA,MAAM,IAAIrD,eACR,CAAA,wGAAA,CAAA;AAEJ;IAEA,MAAMiC,UAAAA,CAAWtB,IAAKuB,CAAAA,EAAE,EAAE;AAAEZ,QAAAA;AAAS,KAAA,CAAA;AACvC,CAAA;AAEA;;;IAIA,MAAMc,uBAAuB,OAAOkB,MAAAA,GAAAA;IAClC,MAAM3C,IAAAA,GAAQ,MAAMsC,OAAQK,CAAAA,MAAAA,CAAAA;IAC5B,IAAI,CAAC3C,MAAM,OAAO,KAAA;AAElB,IAAA,MAAM0B,cAAiB,GAAA,MAAMlB,gBAAW,CAAA,MAAA,CAAA,CAAQmB,2BAA2B,EAAA;AAE3E,IAAA,OAAOD,cAAekB,CAAAA,UAAU,KAAK,CAAA,IAAKC,wBAAkB7C,CAAAA,IAAAA,CAAAA;AAC9D,CAAA;AAEA;;;IAIA,MAAM8C,wBAAwB,OAAOH,MAAAA,GAAAA;IACnC,MAAMI,WAAAA,GAAe,MAAMT,OAAQK,CAAAA,MAAAA,CAAAA;AAEnC,IAAA,IAAI,CAACI,WAAAA,IAAe,CAACF,wBAAAA,CAAkBE,cAAc,OAAO,KAAA;IAE5D,MAAM,CAACC,UAAW,CAAA,GAAG,MAAMnD,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAeiC,CAAAA,CAAAA,QAAQ,CAAC;QACjE/B,QAAU,EAAA;YACRhB,KAAO,EAAA;gBACLiC,KAAO,EAAA;oBACLe,IAAM,EAAA;wBAAEC,GAAKhE,EAAAA;AAAiB;AAChC;AACF;AACF,SAAA;QACAiE,OAAS,EAAA;YAAEC,SAAW,EAAA;AAAM,SAAA;QAC5BC,KAAO,EAAA,CAAA;QACPC,MAAQ,EAAA;AAAC,YAAA;AAAK;AAChB,KAAA,CAAA;AAEA,IAAA,OAAOP,UAAWzB,CAAAA,EAAE,KAAKwB,WAAAA,CAAYxB,EAAE;AACzC,CAAA;AAEA;;;AAGC,IACD,MAAMiC,MAAAA,GAAS,OAAOnD,UAAAA,GAAa,EAAa,GAAA;IAC9C,OAAQ,MAAMR,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAeyC,CAAAA,CAAAA,KAAK,CAAC;QAAEtB,KAAO9B,EAAAA;KAAiB,CAAA,GAAA,CAAA;AAC/E,CAAA;AAEA;;;;IAKA,MAAMqD,uBAAuB,OAC3BnD,iBAAAA,GAAAA;IAEA,MAAMP,IAAAA,GAAO,MAAMH,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAesB,CAAAA,CAAAA,OAAO,CAAC;QAAEH,KAAO,EAAA;AAAE5B,YAAAA;AAAkB;AAAE,KAAA,CAAA;AAEzF,IAAA,IAAI,CAACP,IAAM,EAAA;QACT,OAAO2D,SAAAA;AACT;IAEA,OAAOlE,CAAAA,CAAEC,IAAI,CAACM,IAAM,EAAA;AAAC,QAAA,OAAA;AAAS,QAAA,WAAA;AAAa,QAAA;AAAW,KAAA,CAAA;AACxD,CAAA;AAEA;;;;;AAKC,IACD,MAAM4D,QAAW,GAAA,OAAO,EACtBrD,iBAAiB,EACjBD,QAAQ,EAIT,GAAA;IACC,MAAMuD,YAAAA,GAAe,MAAMhE,MAAOkB,CAAAA,EAAE,CACjCC,KAAK,CAAC,aACNsB,CAAAA,CAAAA,OAAO,CAAC;QAAEH,KAAO,EAAA;AAAE5B,YAAAA;AAAkB;AAAE,KAAA,CAAA;AAE1C,IAAA,IAAI,CAACsD,YAAc,EAAA;AACjB,QAAA,MAAM,IAAIxE,eAAgB,CAAA,2BAAA,CAAA;AAC5B;AAEA,IAAA,OAAOmB,iBAAW,MAAQc,CAAAA,CAAAA,UAAU,CAACuC,YAAAA,CAAatC,EAAE,EAAE;AACpDZ,QAAAA,QAAAA,EAAUL,SAASK,QAAQ;AAC3BmD,QAAAA,SAAAA,EAAWxD,SAASwD,SAAS;AAC7BC,QAAAA,QAAAA,EAAUzD,SAASyD,QAAQ;QAC3BxD,iBAAmB,EAAA,IAAA;QACnBwB,QAAU,EAAA;AACZ,KAAA,CAAA;AACF,CAAA;AAEA;;AAEC,IACD,MAAMO,OAAAA,GAAU,OAAOf,EAAAA,EAAaL,QAAW,GAAA;AAAC,IAAA;AAAQ,CAAA,GAAA;AACtD,IAAA,OAAOrB,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAesB,OAAO,CAAC;QAAEH,KAAO,EAAA;AAAEZ,YAAAA;AAAG,SAAA;AAAGL,QAAAA;AAAS,KAAA,CAAA;AAC1E,CAAA;AAEA;;;;;AAKC,IACD,MAAM8C,cAAAA,GAAiB,OAAO3B,KAAAA,EAAenB,WAAW,EAAE,GAAA;AACxD,IAAA,OAAOrB,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAesB,OAAO,CAAC;QAC5CH,KAAO,EAAA;YAAEE,KAAO,EAAA;gBAAE4B,IAAM5B,EAAAA;AAAM;AAAE,SAAA;AAChCnB,QAAAA;AACF,KAAA,CAAA;AACF,CAAA;AAEA;;AAEC,IACD,MAAMgD,QAAAA,GAAW,OAAOC,MAAAA,GAAS,EAAE,GAAA;IACjC,MAAMnD,KAAAA,GAAQnB,OACXuE,GAAG,CAAC,gBACJC,SAAS,CAAC,eAAeC,WAAS,CAAA;QAAEpD,QAAU,EAAA;AAAC,YAAA;AAAQ;KAAIiD,EAAAA,MAAAA,CAAAA,CAAAA;AAE9D,IAAA,OAAOtE,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAekD,QAAQ,CAAClD,KAAAA,CAAAA;AACjD,CAAA;AAEA;;IAGA,MAAMuD,aAAa,OAAOhD,EAAAA,GAAAA;;IAExB,MAAMiD,YAAAA,GAAiC,MAAM3E,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAesB,CAAAA,CAAAA,OAAO,CAAC;QAClFH,KAAO,EAAA;AAAEZ,YAAAA;AAAG,SAAA;QACZL,QAAU,EAAA;AAAC,YAAA;AAAQ;AACrB,KAAA,CAAA;AAEA,IAAA,IAAI,CAACsD,YAAc,EAAA;QACjB,OAAO,IAAA;AACT;AAEA,IAAA,IAAIA,YAAc,EAAA;QAChB,IAAIA,YAAAA,CAAatE,KAAK,CAACuE,IAAI,CAAC,CAACC,CAAMA,GAAAA,CAAAA,CAAExB,IAAI,KAAK/D,gBAAmB,CAAA,EAAA;AAC/D,YAAA,MAAMuC,cAAiB,GAAA,MAAMlB,gBAAW,CAAA,MAAA,CAAA,CAAQmB,2BAA2B,EAAA;YAC3E,IAAID,cAAAA,CAAekB,UAAU,KAAK,CAAG,EAAA;AACnC,gBAAA,MAAM,IAAIvD,eAAgB,CAAA,wDAAA,CAAA;AAC5B;AACF;AACF;IAEA,MAAMsF,WAAAA,GAAc,MAAM9E,MAAOkB,CAAAA,EAAE,CAChCC,KAAK,CAAC,aACN4D,CAAAA,CAAAA,MAAM,CAAC;QAAEzC,KAAO,EAAA;AAAEZ,YAAAA;AAAG,SAAA;QAAGL,QAAU,EAAA;AAAC,YAAA;AAAQ;AAAC,KAAA,CAAA;;AAG/C,IAAA,MAAMpB,cAAiBH,GAAAA,iBAAAA,EAAAA;AACvB,IAAA,IAAIG,cAAkBA,IAAAA,cAAAA,CAAe+E,SAAS,CAAC,OAAU,CAAA,EAAA;AACvD,QAAA,MAAM/E,cAAe,CAAA,OAAA,CAAA,CAASgF,sBAAsB,CAACC,MAAOxD,CAAAA,EAAAA,CAAAA,CAAAA;AAC9D;AAEA1B,IAAAA,MAAAA,CAAOuB,QAAQ,CAACC,IAAI,CAAC,aAAe,EAAA;AAAErB,QAAAA,IAAAA,EAAMD,YAAa4E,CAAAA,WAAAA;AAAa,KAAA,CAAA;IAEtE,OAAOA,WAAAA;AACT,CAAA;AAEA;;IAGA,MAAMK,cAAc,OAAOC,GAAAA,GAAAA;;AAEzB,IAAA,MAAMvD,cAAiB,GAAA,MAAMlB,gBAAW,CAAA,MAAA,CAAA,CAAQmB,2BAA2B,EAAA;IAC3E,MAAMuD,sBAAAA,GAAyB,MAAMrF,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAeyC,CAAAA,CAAAA,KAAK,CAAC;QACxEtB,KAAO,EAAA;YACLZ,EAAI0D,EAAAA,GAAAA;YACJ/E,KAAO,EAAA;AAAEqB,gBAAAA,EAAAA,EAAIG,eAAeH;AAAG;AACjC;AACF,KAAA,CAAA;IAEA,IAAIG,cAAAA,CAAekB,UAAU,KAAKsC,sBAAwB,EAAA;AACxD,QAAA,MAAM,IAAI7F,eAAgB,CAAA,wDAAA,CAAA;AAC5B;AAEA,IAAA,MAAM8F,eAAe,EAAE;IACvB,KAAK,MAAM5D,MAAM0D,GAAK,CAAA;QACpB,MAAMN,WAAAA,GAAc,MAAM9E,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAe4D,CAAAA,CAAAA,MAAM,CAAC;YAC9DzC,KAAO,EAAA;AAAEZ,gBAAAA;AAAG,aAAA;YACZL,QAAU,EAAA;AAAC,gBAAA;AAAQ;AACrB,SAAA,CAAA;;AAGA,QAAA,MAAMpB,cAAiBH,GAAAA,iBAAAA,EAAAA;AACvB,QAAA,IAAIG,cAAkBA,IAAAA,cAAAA,CAAe+E,SAAS,CAAC,OAAU,CAAA,EAAA;AACvD,YAAA,MAAM/E,cAAe,CAAA,OAAA,CAAA,CAASgF,sBAAsB,CAACC,MAAOxD,CAAAA,EAAAA,CAAAA,CAAAA;AAC9D;AAEA4D,QAAAA,YAAAA,CAAaC,IAAI,CAACT,WAAAA,CAAAA;AACpB;AAEA9E,IAAAA,MAAAA,CAAOuB,QAAQ,CAACC,IAAI,CAAC,aAAe,EAAA;AAClCgE,QAAAA,KAAAA,EAAOF,YAAahF,CAAAA,GAAG,CAAC,CAACwE,cAAgB5E,YAAa4E,CAAAA,WAAAA,CAAAA;AACxD,KAAA,CAAA;IAEA,OAAOQ,YAAAA;AACT,CAAA;AAEA;AACC,IACD,MAAMG,qBAAwB,GAAA,UAAA;AAC5B,IAAA,OAAOzF,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeyC,KAAK,CAAC;QAC1CtB,KAAO,EAAA;YACLjC,KAAO,EAAA;gBACLqB,EAAI,EAAA;oBAAEgE,KAAO,EAAA;AAAK;AACpB;AACF;AACF,KAAA,CAAA;AACF,CAAA;AAEA;;;AAGC,IACD,MAAM9B,KAAAA,GAAQ,OAAOtB,KAAAA,GAAQ,EAAE,GAAA;AAC7B,IAAA,OAAOtC,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeyC,KAAK,CAAC;AAAEtB,QAAAA;AAAM,KAAA,CAAA;AACtD,CAAA;AAEA;;IAGA,MAAMqD,mBAAmB,OAAOC,MAAAA,GAAAA;IAC9B,MAAMJ,KAAAA,GAAQ,MAAMxF,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAeiC,CAAAA,CAAAA,QAAQ,CAAC;QAC1DM,MAAQ,EAAA;AAAC,YAAA;AAAK,SAAA;QACdpB,KAAO,EAAA;YACLjC,KAAO,EAAA;gBAAEqB,EAAI,EAAA;oBAAEgE,KAAO,EAAA;AAAK;AAAE;AAC/B;AACF,KAAA,CAAA;AAEA,IAAA,MAAMG,QAAQC,GAAG,CACfN,KAAMlF,CAAAA,GAAG,CAAC,CAACH,IAAAA,GAAAA;AACT,QAAA,OAAOH,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAekB,MAAM,CAAC;YAC3CC,KAAO,EAAA;AAAEZ,gBAAAA,EAAAA,EAAIvB,KAAKuB;AAAG,aAAA;YACrBN,IAAM,EAAA;gBAAEf,KAAO,EAAA;AAACuF,oBAAAA;AAAO;AAAC;AAC1B,SAAA,CAAA;AACF,KAAA,CAAA,CAAA;AAEJ,CAAA;AAEA;AACC,IACD,MAAMG,iCAAoC,GAAA,UAAA;AACxC,IAAA,MAAMnC,QAAQ,MAAM6B,qBAAAA,EAAAA;AAEpB,IAAA,IAAI7B,QAAQ,CAAG,EAAA;QACb5D,MAAOgG,CAAAA,GAAG,CAACC,IAAI,CAAC,CAAC,YAAY,EAAErC,KAAM,CAAA,sBAAsB,CAAC,CAAA;AAC9D;AACF,CAAA;AAEA;AACC,IACD,MAAMsC,iBAAoB,GAAA,UAAA;IACxB,MAAMV,KAAAA,GAAQ,MAAMxF,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAeiC,CAAAA,CAAAA,QAAQ,CAAC;QAAEM,MAAQ,EAAA;AAAC,YAAA;AAAmB;AAAC,KAAA,CAAA;AAE3F,IAAA,OAAO8B,MAAMlF,GAAG,CAAC,CAACH,IAASA,GAAAA,IAAAA,CAAKgG,gBAAgB,IAAI,IAAA,CAAA;AACtD,CAAA;AAEA;;;IAIA,MAAMC,eAAe,IAAIC,GAAAA,EAAAA;AASzB;;AAEC,IACD,MAAMC,UAAa,GAAA,UAAA;AACjB,IAAA,MAAMC,YAAe,GAAA,0BAAA;;AAGrB,IAAA,IAAI,CAACvG,MAAAA,CAAOwG,EAAE,EAAEC,IAAM,EAAA;AACpBzG,QAAAA,MAAAA,CAAOgG,GAAG,CAACnD,KAAK,CAAC,CAAG0D,EAAAA,YAAAA,CAAa,4CAA4C,CAAC,CAAA;AAC9E,QAAA,MAAM,IAAI7D,KAAM,CAAA,yDAAA,CAAA;AAClB;;;AAIA,IAAA,IAAIgE,SAAYC,GAAAA,OAAAA,CAAQC,GAAG,CAACC,cAAc;AAE1C,IAAA,IAAI,CAACH,SAAW,EAAA;QACd,IAAI;YACF,MAAMI,WAAAA,GAAcC,IAAKC,CAAAA,IAAI,CAAChH,MAAAA,CAAOiH,IAAI,CAACC,GAAG,CAACC,IAAI,EAAE,aAAA,CAAA;AACpDT,YAAAA,SAAAA,GAAYU,EAAGC,CAAAA,YAAY,CAACP,WAAAA,CAAAA,CAAaQ,QAAQ,EAAA;AACnD,SAAA,CAAE,OAAOzE,KAAO,EAAA;;AAEhB;AACF;AAEA,IAAA,IAAI,CAAC6D,SAAW,EAAA;AACd1G,QAAAA,MAAAA,CAAOgG,GAAG,CAACnD,KAAK,CACd,CAAG0D,EAAAA,YAAAA,CAAa,0GAA0G,CAAC,CAAA;AAE7H,QAAA,MAAM,IAAI7D,KAAM,CAAA,yDAAA,CAAA;AAClB;AAEA,IAAA,MAAM6E,WAAcZ,GAAAA,OAAAA,CAAQC,GAAG,CAACY,aAAa,IAAI,kCAAA;AAEjD,IAAA,IAAI,CAACD,WAAa,EAAA;AAChBvH,QAAAA,MAAAA,CAAOgG,GAAG,CAACnD,KAAK,CACd,CAAG0D,EAAAA,YAAAA,CAAa,6EAA6E,CAAC,CAAA;AAEhG,QAAA,MAAM,IAAI7D,KAAM,CAAA,yDAAA,CAAA;AAClB;;AAGA,IAAA,MAAMvC,OAAOH,MAAOyH,CAAAA,cAAc,CAAClD,GAAG,IAAImD,KAAOvH,EAAAA,IAAAA;AACjD,IAAA,IAAI,CAACA,IAAM,EAAA;AACTH,QAAAA,MAAAA,CAAOgG,GAAG,CAACnD,KAAK,CAAC,CAAG0D,EAAAA,YAAAA,CAAa,yCAAyC,CAAC,CAAA;AAC3E,QAAA,MAAM,IAAI7D,KAAM,CAAA,yDAAA,CAAA;AAClB;AAEA,IAAA,MAAMiF,cAAiBxH,GAAAA,IAAAA,CAAKuB,EAAE,CAAC4F,QAAQ,EAAA;;AAGvC,IAAA,MAAMM,SAAY5H,GAAAA,MAAAA,CAAO6H,MAAM,CAACtD,GAAG,CAAC,MAAA,CAAA;AACpC,IAAA,IAAI,CAACqD,SAAW,EAAA;AACd5H,QAAAA,MAAAA,CAAOgG,GAAG,CAACnD,KAAK,CAAC,CAAG0D,EAAAA,YAAAA,CAAa,0BAA0B,CAAC,CAAA;AAC5D,QAAA,MAAM,IAAI7D,KAAM,CAAA,yDAAA,CAAA;AAClB;;AAGA,IAAA,MAAMoF,QAAW,GAAA,CAAA,EAAGF,SAAU,CAAA,CAAC,EAAED,cAAgB,CAAA,CAAA;IACjD,MAAMI,WAAAA,GAAc3B,YAAa7B,CAAAA,GAAG,CAACuD,QAAAA,CAAAA;AAErC,IAAA,IAAIC,WAAa,EAAA;QACf,MAAMC,GAAAA,GAAMC,KAAKD,GAAG,EAAA;;AAEpB,QAAA,MAAME,QAAW,GAAA,CAAA,GAAI,EAAK,GAAA,IAAA,CAAA;AAE1B,QAAA,IAAIH,YAAYI,WAAW,IAAIJ,YAAYI,WAAW,GAAGD,WAAWF,GAAK,EAAA;YACvEhI,MAAOgG,CAAAA,GAAG,CAACoC,IAAI,CAAC,uBAAA,CAAA;YAEhB,OAAO;AACLC,gBAAAA,KAAAA,EAAON,YAAYM,KAAK;AACxBC,gBAAAA,SAAAA,EAAWP,YAAYO;AACzB,aAAA;AACF;;AAGAlC,QAAAA,YAAAA,CAAarB,MAAM,CAAC+C,QAAAA,CAAAA;AACtB;IAEA9H,MAAOgG,CAAAA,GAAG,CAACuC,IAAI,CAAC,2CAAA,CAAA;IAEhB,IAAI;;AAEF,QAAA,MAAMC,WAAW,MAAMC,KAAAA,CAAM,GAAGlB,WAAY,CAAA,cAAc,CAAC,EAAE;YAC3DmB,MAAQ,EAAA,MAAA;YACRC,OAAS,EAAA;gBACP,cAAgB,EAAA,kBAAA;;;AAGhB,gBAAA,cAAA,EAAgBC,OAAOC,UAAU;AACnC,aAAA;YACAC,IAAMC,EAAAA,IAAAA,CAAKC,SAAS,CAAC;AACnBtC,gBAAAA,SAAAA;AACAiB,gBAAAA,cAAAA;AACAC,gBAAAA;AACF,aAAA;AACF,SAAA,CAAA;QAEA,IAAI,CAACY,QAASS,CAAAA,EAAE,EAAE;YAChB,IAAIC,SAAAA;YACJ,IAAIC,SAAAA;YACJ,IAAI;gBACFA,SAAY,GAAA,MAAMX,SAASY,IAAI,EAAA;gBAC/BF,SAAYH,GAAAA,IAAAA,CAAKM,KAAK,CAACF,SAAAA,CAAAA;AACzB,aAAA,CAAE,OAAM;gBACND,SAAY,GAAA;AAAErG,oBAAAA,KAAAA,EAAOsG,SAAa,IAAA;AAAiC,iBAAA;AACrE;YAEAnJ,MAAOgG,CAAAA,GAAG,CAACnD,KAAK,CAAC,CAAA,EAAG0D,YAAa,CAAA,CAAC,EAAE2C,SAAAA,EAAWrG,KAAS,IAAA,eAAA,CAAA,CAAiB,EAAE;AACzEyG,gBAAAA,MAAAA,EAAQd,SAASc,MAAM;AACvBC,gBAAAA,UAAAA,EAAYf,SAASe,UAAU;gBAC/B1G,KAAOqG,EAAAA,SAAAA;AACPC,gBAAAA,SAAAA;AACAvB,gBAAAA;AACF,aAAA,CAAA;AAEA,YAAA,MAAM,IAAIlF,KAAM,CAAA,yDAAA,CAAA;AAClB;QAEA,IAAItB,IAAAA;QACJ,IAAI;YACFA,IAAQ,GAAA,MAAMoH,SAASgB,IAAI,EAAA;AAI7B,SAAA,CAAE,OAAOC,UAAY,EAAA;YACnBzJ,MAAOgG,CAAAA,GAAG,CAACnD,KAAK,CAAC,GAAG0D,YAAa,CAAA,mCAAmC,CAAC,EAAEkD,UAAAA,CAAAA;AACvE,YAAA,MAAM,IAAI/G,KAAM,CAAA,yDAAA,CAAA;AAClB;QAEA,IAAI,CAACtB,IAAKsI,CAAAA,GAAG,EAAE;AACb1J,YAAAA,MAAAA,CAAOgG,GAAG,CAACnD,KAAK,CAAC,CAAG0D,EAAAA,YAAAA,CAAa,oCAAoC,CAAC,CAAA;AACtE,YAAA,MAAM,IAAI7D,KAAM,CAAA,yDAAA,CAAA;AAClB;AAEA1C,QAAAA,MAAAA,CAAOgG,GAAG,CAACoC,IAAI,CAAC,iCAAmC,EAAA;AACjDtF,YAAAA,MAAAA,EAAQ3C,KAAKuB,EAAE;AACf4G,YAAAA,SAAAA,EAAWlH,KAAKkH;AAClB,SAAA,CAAA;;QAGA,IAAIlH,IAAAA,CAAKkH,SAAS,EAAE;AAClB,YAAA,MAAMH,cAAc,IAAIF,IAAAA,CAAK7G,IAAKkH,CAAAA,SAAS,EAAEqB,OAAO,EAAA;YACpDvD,YAAawD,CAAAA,GAAG,CAAC9B,QAAU,EAAA;AACzBO,gBAAAA,KAAAA,EAAOjH,KAAKsI,GAAG;AACfpB,gBAAAA,SAAAA,EAAWlH,KAAKkH,SAAS;AACzBH,gBAAAA;AACF,aAAA,CAAA;AACF;;;QAIA,OAAO;AACLE,YAAAA,KAAAA,EAAOjH,KAAKsI,GAAG;AACfpB,YAAAA,SAAAA,EAAWlH,KAAKkH;AAClB,SAAA;AACF,KAAA,CAAE,OAAOuB,UAAY,EAAA;AACnB,QAAA,IAAIA,UAAsBnH,YAAAA,KAAAA,IAASmH,UAAWC,CAAAA,IAAI,KAAK,YAAc,EAAA;AACnE9J,YAAAA,MAAAA,CAAOgG,GAAG,CAACnD,KAAK,CAAC,CAAG0D,EAAAA,YAAAA,CAAa,+BAA+B,CAAC,CAAA;AACjE,YAAA,MAAM,IAAI7D,KAAM,CAAA,yDAAA,CAAA;AAClB;QAEA,MAAMmH,UAAAA;AACR;AACF,CAAA;AAEA,WAAe;AACbtJ,IAAAA,MAAAA;AACAkB,IAAAA,UAAAA;AACAkC,IAAAA,MAAAA;AACAE,IAAAA,oBAAAA;AACAE,IAAAA,QAAAA;AACA7D,IAAAA,YAAAA;AACAuC,IAAAA,OAAAA;AACA0B,IAAAA,cAAAA;AACAE,IAAAA,QAAAA;AACAK,IAAAA,UAAAA;AACAS,IAAAA,WAAAA;AACAM,IAAAA,qBAAAA;AACA7B,IAAAA,KAAAA;AACA+B,IAAAA,gBAAAA;AACAI,IAAAA,iCAAAA;AACAxD,IAAAA,oBAAAA;AACA2D,IAAAA,iBAAAA;AACAjD,IAAAA,qBAAAA;AACAqD,IAAAA;AACF,CAAE;;;;"}
1
+ {"version":3,"file":"user.js","sources":["../../../../../server/src/services/user.ts"],"sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\nimport _ from 'lodash';\nimport { defaults } from 'lodash/fp';\nimport { arrays, errors } from '@strapi/utils';\nimport type { Data } from '@strapi/types';\nimport { createUser, hasSuperAdminRole } from '../domain/user';\nimport type {\n AdminUser,\n AdminRole,\n AdminUserCreationPayload,\n SanitizedAdminUser,\n SanitizedAdminRole,\n AdminUserUpdatePayload,\n // eslint-disable-next-line node/no-unpublished-import\n} from '../../../shared/contracts/shared';\nimport { password as passwordValidator } from '../validation/common-validators';\nimport { getService } from '../utils';\nimport constants from './constants';\n\nconst { SUPER_ADMIN_CODE } = constants;\n\nconst { ValidationError } = errors;\nconst sanitizeUserRoles = (role: AdminRole): SanitizedAdminRole =>\n _.pick(role, ['id', 'name', 'description', 'code']);\n\nconst getSessionManager = () => {\n const manager = strapi.sessionManager;\n return manager ?? null;\n};\n\n/**\n * Remove private user fields\n * @param user - user to sanitize\n */\nconst sanitizeUser = (user: AdminUser): SanitizedAdminUser => {\n return {\n ..._.omit(user, ['password', 'resetPasswordToken', 'registrationToken', 'roles']),\n roles: user.roles && user.roles.map(sanitizeUserRoles),\n };\n};\n\n/**\n * Create and save a user in database\n * @param attributes A partial user object\n */\nconst create = async (\n // isActive is added in the controller, it's not sent by the API.\n attributes: Partial<AdminUserCreationPayload> & { isActive?: true }\n): Promise<AdminUser> => {\n const userInfo = {\n registrationToken: getService('token').createToken(),\n ...attributes,\n };\n\n if (_.has(attributes, 'password')) {\n userInfo.password = await getService('auth').hashPassword(attributes.password!);\n }\n\n const user = createUser(userInfo);\n\n const createdUser = await strapi.db\n .query('admin::user')\n .create({ data: user, populate: ['roles'] });\n\n getService('metrics').sendDidInviteUser();\n\n strapi.eventHub.emit('user.create', { user: sanitizeUser(createdUser) });\n\n return createdUser;\n};\n\n/**\n * Update a user in database\n * @param id query params to find the user to update\n * @param attributes A partial user object\n */\nconst updateById = async (\n id: Data.ID,\n attributes: Partial<AdminUserUpdatePayload>\n): Promise<AdminUser> => {\n // Check at least one super admin remains\n if (_.has(attributes, 'roles')) {\n const lastAdminUser = await isLastSuperAdminUser(id);\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n const willRemoveSuperAdminRole = !arrays.includesString(attributes.roles!, superAdminRole.id);\n\n if (lastAdminUser && willRemoveSuperAdminRole) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n\n // cannot disable last super admin\n if (attributes.isActive === false) {\n const lastAdminUser = await isLastSuperAdminUser(id);\n if (lastAdminUser) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n\n // hash password if a new one is sent\n if (_.has(attributes, 'password')) {\n const hashedPassword = await getService('auth').hashPassword(attributes.password!);\n\n const updatedUser = await strapi.db.query('admin::user').update({\n where: { id },\n data: {\n ...attributes,\n password: hashedPassword,\n },\n populate: ['roles'],\n });\n\n strapi.eventHub.emit('user.update', { user: sanitizeUser(updatedUser) });\n\n return updatedUser;\n }\n\n const updatedUser = await strapi.db.query('admin::user').update({\n where: { id },\n data: attributes,\n populate: ['roles'],\n });\n\n if (updatedUser) {\n strapi.eventHub.emit('user.update', { user: sanitizeUser(updatedUser) });\n }\n\n return updatedUser;\n};\n\n/**\n * Reset a user password by email. (Used in admin:reset CLI)\n * @param email - user email\n * @param password - new password\n */\nconst resetPasswordByEmail = async (email: string, password: string) => {\n const user = await strapi.db\n .query('admin::user')\n .findOne({ where: { email }, populate: ['roles'] });\n\n if (!user) {\n throw new Error(`User not found for email: ${email}`);\n }\n\n try {\n await passwordValidator.validate(password);\n } catch (error) {\n throw new ValidationError(\n 'Invalid password. Expected a minimum of 8 characters with at least one number and one uppercase letter'\n );\n }\n\n await updateById(user.id, { password });\n};\n\n/**\n * Check if a user is the last super admin\n * @param userId user's id to look for\n */\nconst isLastSuperAdminUser = async (userId: Data.ID): Promise<boolean> => {\n const user = (await findOne(userId)) as AdminUser | null;\n if (!user) return false;\n\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n\n return superAdminRole.usersCount === 1 && hasSuperAdminRole(user);\n};\n\n/**\n * Check if a user is the first super admin\n * @param userId user's id to look for\n */\nconst isFirstSuperAdminUser = async (userId: Data.ID): Promise<boolean> => {\n const currentUser = (await findOne(userId)) as AdminUser | null;\n\n if (!currentUser || !hasSuperAdminRole(currentUser)) return false;\n\n const [oldestUser] = await strapi.db.query('admin::user').findMany({\n populate: {\n roles: {\n where: {\n code: { $eq: SUPER_ADMIN_CODE },\n },\n },\n },\n orderBy: { createdAt: 'asc' },\n limit: 1,\n select: ['id'],\n });\n\n return oldestUser.id === currentUser.id;\n};\n\n/**\n * Check if a user with specific attributes exists in the database\n * @param attributes A partial user object\n */\nconst exists = async (attributes = {} as unknown): Promise<boolean> => {\n return (await strapi.db.query('admin::user').count({ where: attributes })) > 0;\n};\n\n/**\n * Returns a user registration info\n * @param registrationToken - a user registration token\n * @returns - Returns user email, firstname and lastname\n */\nconst findRegistrationInfo = async (\n registrationToken: string\n): Promise<Pick<AdminUser, 'email' | 'firstname' | 'lastname'> | undefined> => {\n const user = await strapi.db.query('admin::user').findOne({ where: { registrationToken } });\n\n if (!user) {\n return undefined;\n }\n\n return _.pick(user, ['email', 'firstname', 'lastname']);\n};\n\n/**\n * Registers a user based on a registrationToken and some informations to update\n * @param params\n * @param params.registrationToken registration token\n * @param params.userInfo user info\n */\nconst register = async ({\n registrationToken,\n userInfo,\n}: {\n registrationToken: string;\n userInfo: Partial<AdminUser>;\n}) => {\n const matchingUser = await strapi.db\n .query('admin::user')\n .findOne({ where: { registrationToken } });\n\n if (!matchingUser) {\n throw new ValidationError('Invalid registration info');\n }\n\n return getService('user').updateById(matchingUser.id, {\n password: userInfo.password,\n firstname: userInfo.firstname,\n lastname: userInfo.lastname,\n registrationToken: null,\n isActive: true,\n });\n};\n\n/**\n * Find one user\n */\nconst findOne = async (id: Data.ID, populate = ['roles']) => {\n return strapi.db.query('admin::user').findOne({ where: { id }, populate });\n};\n\n/**\n * Find one user by its email\n * @param email\n * @param populate\n * @returns\n */\nconst findOneByEmail = async (email: string, populate = []) => {\n return strapi.db.query('admin::user').findOne({\n where: { email: { $eqi: email } },\n populate,\n });\n};\n\n/** Find many users (paginated)\n * @param params\n */\nconst findPage = async (params = {}): Promise<unknown> => {\n const query = strapi\n .get('query-params')\n .transform('admin::user', defaults({ populate: ['roles'] }, params));\n\n return strapi.db.query('admin::user').findPage(query);\n};\n\n/** Delete a user\n * @param id id of the user to delete\n */\nconst deleteById = async (id: Data.ID): Promise<AdminUser | null> => {\n // Check at least one super admin remains\n const userToDelete: AdminUser | null = await strapi.db.query('admin::user').findOne({\n where: { id },\n populate: ['roles'],\n });\n\n if (!userToDelete) {\n return null;\n }\n\n if (userToDelete) {\n if (userToDelete.roles.some((r) => r.code === SUPER_ADMIN_CODE)) {\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n if (superAdminRole.usersCount === 1) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n }\n\n const deletedUser = await strapi.db\n .query('admin::user')\n .delete({ where: { id }, populate: ['roles'] });\n\n // Invalidate all sessions for the deleted user\n const sessionManager = getSessionManager();\n if (sessionManager && sessionManager.hasOrigin('admin')) {\n await sessionManager('admin').invalidateRefreshToken(String(id));\n }\n\n strapi.eventHub.emit('user.delete', { user: sanitizeUser(deletedUser) });\n\n return deletedUser;\n};\n\n/** Delete a user\n * @param ids ids of the users to delete\n */\nconst deleteByIds = async (ids: (string | number)[]): Promise<AdminUser[]> => {\n // Check at least one super admin remains\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n const nbOfSuperAdminToDelete = await strapi.db.query('admin::user').count({\n where: {\n id: ids,\n roles: { id: superAdminRole.id },\n },\n });\n\n if (superAdminRole.usersCount === nbOfSuperAdminToDelete) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n\n const deletedUsers = [] as AdminUser[];\n for (const id of ids) {\n const deletedUser = await strapi.db.query('admin::user').delete({\n where: { id },\n populate: ['roles'],\n });\n\n // Invalidate all sessions for the deleted user\n const sessionManager = getSessionManager();\n if (sessionManager && sessionManager.hasOrigin('admin')) {\n await sessionManager('admin').invalidateRefreshToken(String(id));\n }\n\n deletedUsers.push(deletedUser);\n }\n\n strapi.eventHub.emit('user.delete', {\n users: deletedUsers.map((deletedUser) => sanitizeUser(deletedUser)),\n });\n\n return deletedUsers;\n};\n\n/** Count the users that don't have any associated roles\n */\nconst countUsersWithoutRole = async (): Promise<number> => {\n return strapi.db.query('admin::user').count({\n where: {\n roles: {\n id: { $null: true },\n },\n },\n });\n};\n\n/**\n * Count the number of users based on search params\n * @param params params used for the query\n */\nconst count = async (where = {}): Promise<number> => {\n return strapi.db.query('admin::user').count({ where });\n};\n\n/**\n * Assign some roles to several users\n */\nconst assignARoleToAll = async (roleId: Data.ID): Promise<void> => {\n const users = await strapi.db.query('admin::user').findMany({\n select: ['id'],\n where: {\n roles: { id: { $null: true } },\n },\n });\n\n await Promise.all(\n users.map((user) => {\n return strapi.db.query('admin::user').update({\n where: { id: user.id },\n data: { roles: [roleId] },\n });\n })\n );\n};\n\n/** Display a warning if some users don't have at least one role\n */\nconst displayWarningIfUsersDontHaveRole = async (): Promise<void> => {\n const count = await countUsersWithoutRole();\n\n if (count > 0) {\n strapi.log.warn(`Some users (${count}) don't have any role.`);\n }\n};\n\n/** Returns an array of interface languages currently used by users\n */\nconst getLanguagesInUse = async (): Promise<string[]> => {\n const users = await strapi.db.query('admin::user').findMany({ select: ['preferedLanguage'] });\n\n return users.map((user) => user.preferedLanguage || 'en');\n};\nexport default {\n create,\n updateById,\n exists,\n findRegistrationInfo,\n register,\n sanitizeUser,\n findOne,\n findOneByEmail,\n findPage,\n deleteById,\n deleteByIds,\n countUsersWithoutRole,\n count,\n assignARoleToAll,\n displayWarningIfUsersDontHaveRole,\n resetPasswordByEmail,\n getLanguagesInUse,\n isFirstSuperAdminUser,\n};\n"],"names":["SUPER_ADMIN_CODE","constants","ValidationError","errors","sanitizeUserRoles","role","_","pick","getSessionManager","manager","strapi","sessionManager","sanitizeUser","user","omit","roles","map","create","attributes","userInfo","registrationToken","getService","createToken","has","password","hashPassword","createUser","createdUser","db","query","data","populate","sendDidInviteUser","eventHub","emit","updateById","id","lastAdminUser","isLastSuperAdminUser","superAdminRole","getSuperAdminWithUsersCount","willRemoveSuperAdminRole","arrays","includesString","isActive","hashedPassword","updatedUser","update","where","resetPasswordByEmail","email","findOne","Error","passwordValidator","validate","error","userId","usersCount","hasSuperAdminRole","isFirstSuperAdminUser","currentUser","oldestUser","findMany","code","$eq","orderBy","createdAt","limit","select","exists","count","findRegistrationInfo","undefined","register","matchingUser","firstname","lastname","findOneByEmail","$eqi","findPage","params","get","transform","defaults","deleteById","userToDelete","some","r","deletedUser","delete","hasOrigin","invalidateRefreshToken","String","deleteByIds","ids","nbOfSuperAdminToDelete","deletedUsers","push","users","countUsersWithoutRole","$null","assignARoleToAll","roleId","Promise","all","displayWarningIfUsersDontHaveRole","log","warn","getLanguagesInUse","preferedLanguage"],"mappings":";;;;;;;;;;AAmBA,MAAM,EAAEA,gBAAgB,EAAE,GAAGC,SAAAA;AAE7B,MAAM,EAAEC,eAAe,EAAE,GAAGC,YAAAA;AAC5B,MAAMC,oBAAoB,CAACC,IAAAA,GACzBC,CAAEC,CAAAA,IAAI,CAACF,IAAM,EAAA;AAAC,QAAA,IAAA;AAAM,QAAA,MAAA;AAAQ,QAAA,aAAA;AAAe,QAAA;AAAO,KAAA,CAAA;AAEpD,MAAMG,iBAAoB,GAAA,IAAA;IACxB,MAAMC,OAAAA,GAAUC,OAAOC,cAAc;AACrC,IAAA,OAAOF,OAAW,IAAA,IAAA;AACpB,CAAA;AAEA;;;IAIA,MAAMG,eAAe,CAACC,IAAAA,GAAAA;IACpB,OAAO;QACL,GAAGP,CAAAA,CAAEQ,IAAI,CAACD,IAAM,EAAA;AAAC,YAAA,UAAA;AAAY,YAAA,oBAAA;AAAsB,YAAA,mBAAA;AAAqB,YAAA;SAAQ,CAAC;AACjFE,QAAAA,KAAAA,EAAOF,KAAKE,KAAK,IAAIF,KAAKE,KAAK,CAACC,GAAG,CAACZ,iBAAAA;AACtC,KAAA;AACF,CAAA;AAEA;;;IAIA,MAAMa,MAAS,GAAA;AAEbC,UAAAA,GAAAA;AAEA,IAAA,MAAMC,QAAW,GAAA;QACfC,iBAAmBC,EAAAA,gBAAAA,CAAW,SAASC,WAAW,EAAA;AAClD,QAAA,GAAGJ;AACL,KAAA;AAEA,IAAA,IAAIZ,CAAEiB,CAAAA,GAAG,CAACL,UAAAA,EAAY,UAAa,CAAA,EAAA;QACjCC,QAASK,CAAAA,QAAQ,GAAG,MAAMH,gBAAAA,CAAW,QAAQI,YAAY,CAACP,WAAWM,QAAQ,CAAA;AAC/E;AAEA,IAAA,MAAMX,OAAOa,iBAAWP,CAAAA,QAAAA,CAAAA;IAExB,MAAMQ,WAAAA,GAAc,MAAMjB,MAAOkB,CAAAA,EAAE,CAChCC,KAAK,CAAC,aACNZ,CAAAA,CAAAA,MAAM,CAAC;QAAEa,IAAMjB,EAAAA,IAAAA;QAAMkB,QAAU,EAAA;AAAC,YAAA;AAAQ;AAAC,KAAA,CAAA;AAE5CV,IAAAA,gBAAAA,CAAW,WAAWW,iBAAiB,EAAA;AAEvCtB,IAAAA,MAAAA,CAAOuB,QAAQ,CAACC,IAAI,CAAC,aAAe,EAAA;AAAErB,QAAAA,IAAAA,EAAMD,YAAae,CAAAA,WAAAA;AAAa,KAAA,CAAA;IAEtE,OAAOA,WAAAA;AACT,CAAA;AAEA;;;;IAKA,MAAMQ,UAAa,GAAA,OACjBC,EACAlB,EAAAA,UAAAA,GAAAA;;AAGA,IAAA,IAAIZ,CAAEiB,CAAAA,GAAG,CAACL,UAAAA,EAAY,OAAU,CAAA,EAAA;QAC9B,MAAMmB,aAAAA,GAAgB,MAAMC,oBAAqBF,CAAAA,EAAAA,CAAAA;AACjD,QAAA,MAAMG,cAAiB,GAAA,MAAMlB,gBAAW,CAAA,MAAA,CAAA,CAAQmB,2BAA2B,EAAA;QAC3E,MAAMC,wBAAAA,GAA2B,CAACC,YAAOC,CAAAA,cAAc,CAACzB,UAAWH,CAAAA,KAAK,EAAGwB,cAAAA,CAAeH,EAAE,CAAA;AAE5F,QAAA,IAAIC,iBAAiBI,wBAA0B,EAAA;AAC7C,YAAA,MAAM,IAAIvC,eAAgB,CAAA,wDAAA,CAAA;AAC5B;AACF;;IAGA,IAAIgB,UAAAA,CAAW0B,QAAQ,KAAK,KAAO,EAAA;QACjC,MAAMP,aAAAA,GAAgB,MAAMC,oBAAqBF,CAAAA,EAAAA,CAAAA;AACjD,QAAA,IAAIC,aAAe,EAAA;AACjB,YAAA,MAAM,IAAInC,eAAgB,CAAA,wDAAA,CAAA;AAC5B;AACF;;AAGA,IAAA,IAAII,CAAEiB,CAAAA,GAAG,CAACL,UAAAA,EAAY,UAAa,CAAA,EAAA;AACjC,QAAA,MAAM2B,iBAAiB,MAAMxB,gBAAAA,CAAW,QAAQI,YAAY,CAACP,WAAWM,QAAQ,CAAA;QAEhF,MAAMsB,WAAAA,GAAc,MAAMpC,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAekB,CAAAA,CAAAA,MAAM,CAAC;YAC9DC,KAAO,EAAA;AAAEZ,gBAAAA;AAAG,aAAA;YACZN,IAAM,EAAA;AACJ,gBAAA,GAAGZ,UAAU;gBACbM,QAAUqB,EAAAA;AACZ,aAAA;YACAd,QAAU,EAAA;AAAC,gBAAA;AAAQ;AACrB,SAAA,CAAA;AAEArB,QAAAA,MAAAA,CAAOuB,QAAQ,CAACC,IAAI,CAAC,aAAe,EAAA;AAAErB,YAAAA,IAAAA,EAAMD,YAAakC,CAAAA,WAAAA;AAAa,SAAA,CAAA;QAEtE,OAAOA,WAAAA;AACT;IAEA,MAAMA,WAAAA,GAAc,MAAMpC,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAekB,CAAAA,CAAAA,MAAM,CAAC;QAC9DC,KAAO,EAAA;AAAEZ,YAAAA;AAAG,SAAA;QACZN,IAAMZ,EAAAA,UAAAA;QACNa,QAAU,EAAA;AAAC,YAAA;AAAQ;AACrB,KAAA,CAAA;AAEA,IAAA,IAAIe,WAAa,EAAA;AACfpC,QAAAA,MAAAA,CAAOuB,QAAQ,CAACC,IAAI,CAAC,aAAe,EAAA;AAAErB,YAAAA,IAAAA,EAAMD,YAAakC,CAAAA,WAAAA;AAAa,SAAA,CAAA;AACxE;IAEA,OAAOA,WAAAA;AACT,CAAA;AAEA;;;;IAKA,MAAMG,oBAAuB,GAAA,OAAOC,KAAe1B,EAAAA,QAAAA,GAAAA;IACjD,MAAMX,IAAAA,GAAO,MAAMH,MAAOkB,CAAAA,EAAE,CACzBC,KAAK,CAAC,aACNsB,CAAAA,CAAAA,OAAO,CAAC;QAAEH,KAAO,EAAA;AAAEE,YAAAA;AAAM,SAAA;QAAGnB,QAAU,EAAA;AAAC,YAAA;AAAQ;AAAC,KAAA,CAAA;AAEnD,IAAA,IAAI,CAAClB,IAAM,EAAA;AACT,QAAA,MAAM,IAAIuC,KAAAA,CAAM,CAAC,0BAA0B,EAAEF,KAAO,CAAA,CAAA,CAAA;AACtD;IAEA,IAAI;QACF,MAAMG,yBAAAA,CAAkBC,QAAQ,CAAC9B,QAAAA,CAAAA;AACnC,KAAA,CAAE,OAAO+B,KAAO,EAAA;AACd,QAAA,MAAM,IAAIrD,eACR,CAAA,wGAAA,CAAA;AAEJ;IAEA,MAAMiC,UAAAA,CAAWtB,IAAKuB,CAAAA,EAAE,EAAE;AAAEZ,QAAAA;AAAS,KAAA,CAAA;AACvC,CAAA;AAEA;;;IAIA,MAAMc,uBAAuB,OAAOkB,MAAAA,GAAAA;IAClC,MAAM3C,IAAAA,GAAQ,MAAMsC,OAAQK,CAAAA,MAAAA,CAAAA;IAC5B,IAAI,CAAC3C,MAAM,OAAO,KAAA;AAElB,IAAA,MAAM0B,cAAiB,GAAA,MAAMlB,gBAAW,CAAA,MAAA,CAAA,CAAQmB,2BAA2B,EAAA;AAE3E,IAAA,OAAOD,cAAekB,CAAAA,UAAU,KAAK,CAAA,IAAKC,wBAAkB7C,CAAAA,IAAAA,CAAAA;AAC9D,CAAA;AAEA;;;IAIA,MAAM8C,wBAAwB,OAAOH,MAAAA,GAAAA;IACnC,MAAMI,WAAAA,GAAe,MAAMT,OAAQK,CAAAA,MAAAA,CAAAA;AAEnC,IAAA,IAAI,CAACI,WAAAA,IAAe,CAACF,wBAAAA,CAAkBE,cAAc,OAAO,KAAA;IAE5D,MAAM,CAACC,UAAW,CAAA,GAAG,MAAMnD,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAeiC,CAAAA,CAAAA,QAAQ,CAAC;QACjE/B,QAAU,EAAA;YACRhB,KAAO,EAAA;gBACLiC,KAAO,EAAA;oBACLe,IAAM,EAAA;wBAAEC,GAAKhE,EAAAA;AAAiB;AAChC;AACF;AACF,SAAA;QACAiE,OAAS,EAAA;YAAEC,SAAW,EAAA;AAAM,SAAA;QAC5BC,KAAO,EAAA,CAAA;QACPC,MAAQ,EAAA;AAAC,YAAA;AAAK;AAChB,KAAA,CAAA;AAEA,IAAA,OAAOP,UAAWzB,CAAAA,EAAE,KAAKwB,WAAAA,CAAYxB,EAAE;AACzC,CAAA;AAEA;;;AAGC,IACD,MAAMiC,MAAAA,GAAS,OAAOnD,UAAAA,GAAa,EAAa,GAAA;IAC9C,OAAQ,MAAMR,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAeyC,CAAAA,CAAAA,KAAK,CAAC;QAAEtB,KAAO9B,EAAAA;KAAiB,CAAA,GAAA,CAAA;AAC/E,CAAA;AAEA;;;;IAKA,MAAMqD,uBAAuB,OAC3BnD,iBAAAA,GAAAA;IAEA,MAAMP,IAAAA,GAAO,MAAMH,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAesB,CAAAA,CAAAA,OAAO,CAAC;QAAEH,KAAO,EAAA;AAAE5B,YAAAA;AAAkB;AAAE,KAAA,CAAA;AAEzF,IAAA,IAAI,CAACP,IAAM,EAAA;QACT,OAAO2D,SAAAA;AACT;IAEA,OAAOlE,CAAAA,CAAEC,IAAI,CAACM,IAAM,EAAA;AAAC,QAAA,OAAA;AAAS,QAAA,WAAA;AAAa,QAAA;AAAW,KAAA,CAAA;AACxD,CAAA;AAEA;;;;;AAKC,IACD,MAAM4D,QAAW,GAAA,OAAO,EACtBrD,iBAAiB,EACjBD,QAAQ,EAIT,GAAA;IACC,MAAMuD,YAAAA,GAAe,MAAMhE,MAAOkB,CAAAA,EAAE,CACjCC,KAAK,CAAC,aACNsB,CAAAA,CAAAA,OAAO,CAAC;QAAEH,KAAO,EAAA;AAAE5B,YAAAA;AAAkB;AAAE,KAAA,CAAA;AAE1C,IAAA,IAAI,CAACsD,YAAc,EAAA;AACjB,QAAA,MAAM,IAAIxE,eAAgB,CAAA,2BAAA,CAAA;AAC5B;AAEA,IAAA,OAAOmB,iBAAW,MAAQc,CAAAA,CAAAA,UAAU,CAACuC,YAAAA,CAAatC,EAAE,EAAE;AACpDZ,QAAAA,QAAAA,EAAUL,SAASK,QAAQ;AAC3BmD,QAAAA,SAAAA,EAAWxD,SAASwD,SAAS;AAC7BC,QAAAA,QAAAA,EAAUzD,SAASyD,QAAQ;QAC3BxD,iBAAmB,EAAA,IAAA;QACnBwB,QAAU,EAAA;AACZ,KAAA,CAAA;AACF,CAAA;AAEA;;AAEC,IACD,MAAMO,OAAAA,GAAU,OAAOf,EAAAA,EAAaL,QAAW,GAAA;AAAC,IAAA;AAAQ,CAAA,GAAA;AACtD,IAAA,OAAOrB,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAesB,OAAO,CAAC;QAAEH,KAAO,EAAA;AAAEZ,YAAAA;AAAG,SAAA;AAAGL,QAAAA;AAAS,KAAA,CAAA;AAC1E,CAAA;AAEA;;;;;AAKC,IACD,MAAM8C,cAAAA,GAAiB,OAAO3B,KAAAA,EAAenB,WAAW,EAAE,GAAA;AACxD,IAAA,OAAOrB,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAesB,OAAO,CAAC;QAC5CH,KAAO,EAAA;YAAEE,KAAO,EAAA;gBAAE4B,IAAM5B,EAAAA;AAAM;AAAE,SAAA;AAChCnB,QAAAA;AACF,KAAA,CAAA;AACF,CAAA;AAEA;;AAEC,IACD,MAAMgD,QAAAA,GAAW,OAAOC,MAAAA,GAAS,EAAE,GAAA;IACjC,MAAMnD,KAAAA,GAAQnB,OACXuE,GAAG,CAAC,gBACJC,SAAS,CAAC,eAAeC,WAAS,CAAA;QAAEpD,QAAU,EAAA;AAAC,YAAA;AAAQ;KAAIiD,EAAAA,MAAAA,CAAAA,CAAAA;AAE9D,IAAA,OAAOtE,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAekD,QAAQ,CAAClD,KAAAA,CAAAA;AACjD,CAAA;AAEA;;IAGA,MAAMuD,aAAa,OAAOhD,EAAAA,GAAAA;;IAExB,MAAMiD,YAAAA,GAAiC,MAAM3E,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAesB,CAAAA,CAAAA,OAAO,CAAC;QAClFH,KAAO,EAAA;AAAEZ,YAAAA;AAAG,SAAA;QACZL,QAAU,EAAA;AAAC,YAAA;AAAQ;AACrB,KAAA,CAAA;AAEA,IAAA,IAAI,CAACsD,YAAc,EAAA;QACjB,OAAO,IAAA;AACT;AAEA,IAAA,IAAIA,YAAc,EAAA;QAChB,IAAIA,YAAAA,CAAatE,KAAK,CAACuE,IAAI,CAAC,CAACC,CAAMA,GAAAA,CAAAA,CAAExB,IAAI,KAAK/D,gBAAmB,CAAA,EAAA;AAC/D,YAAA,MAAMuC,cAAiB,GAAA,MAAMlB,gBAAW,CAAA,MAAA,CAAA,CAAQmB,2BAA2B,EAAA;YAC3E,IAAID,cAAAA,CAAekB,UAAU,KAAK,CAAG,EAAA;AACnC,gBAAA,MAAM,IAAIvD,eAAgB,CAAA,wDAAA,CAAA;AAC5B;AACF;AACF;IAEA,MAAMsF,WAAAA,GAAc,MAAM9E,MAAOkB,CAAAA,EAAE,CAChCC,KAAK,CAAC,aACN4D,CAAAA,CAAAA,MAAM,CAAC;QAAEzC,KAAO,EAAA;AAAEZ,YAAAA;AAAG,SAAA;QAAGL,QAAU,EAAA;AAAC,YAAA;AAAQ;AAAC,KAAA,CAAA;;AAG/C,IAAA,MAAMpB,cAAiBH,GAAAA,iBAAAA,EAAAA;AACvB,IAAA,IAAIG,cAAkBA,IAAAA,cAAAA,CAAe+E,SAAS,CAAC,OAAU,CAAA,EAAA;AACvD,QAAA,MAAM/E,cAAe,CAAA,OAAA,CAAA,CAASgF,sBAAsB,CAACC,MAAOxD,CAAAA,EAAAA,CAAAA,CAAAA;AAC9D;AAEA1B,IAAAA,MAAAA,CAAOuB,QAAQ,CAACC,IAAI,CAAC,aAAe,EAAA;AAAErB,QAAAA,IAAAA,EAAMD,YAAa4E,CAAAA,WAAAA;AAAa,KAAA,CAAA;IAEtE,OAAOA,WAAAA;AACT,CAAA;AAEA;;IAGA,MAAMK,cAAc,OAAOC,GAAAA,GAAAA;;AAEzB,IAAA,MAAMvD,cAAiB,GAAA,MAAMlB,gBAAW,CAAA,MAAA,CAAA,CAAQmB,2BAA2B,EAAA;IAC3E,MAAMuD,sBAAAA,GAAyB,MAAMrF,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAeyC,CAAAA,CAAAA,KAAK,CAAC;QACxEtB,KAAO,EAAA;YACLZ,EAAI0D,EAAAA,GAAAA;YACJ/E,KAAO,EAAA;AAAEqB,gBAAAA,EAAAA,EAAIG,eAAeH;AAAG;AACjC;AACF,KAAA,CAAA;IAEA,IAAIG,cAAAA,CAAekB,UAAU,KAAKsC,sBAAwB,EAAA;AACxD,QAAA,MAAM,IAAI7F,eAAgB,CAAA,wDAAA,CAAA;AAC5B;AAEA,IAAA,MAAM8F,eAAe,EAAE;IACvB,KAAK,MAAM5D,MAAM0D,GAAK,CAAA;QACpB,MAAMN,WAAAA,GAAc,MAAM9E,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAe4D,CAAAA,CAAAA,MAAM,CAAC;YAC9DzC,KAAO,EAAA;AAAEZ,gBAAAA;AAAG,aAAA;YACZL,QAAU,EAAA;AAAC,gBAAA;AAAQ;AACrB,SAAA,CAAA;;AAGA,QAAA,MAAMpB,cAAiBH,GAAAA,iBAAAA,EAAAA;AACvB,QAAA,IAAIG,cAAkBA,IAAAA,cAAAA,CAAe+E,SAAS,CAAC,OAAU,CAAA,EAAA;AACvD,YAAA,MAAM/E,cAAe,CAAA,OAAA,CAAA,CAASgF,sBAAsB,CAACC,MAAOxD,CAAAA,EAAAA,CAAAA,CAAAA;AAC9D;AAEA4D,QAAAA,YAAAA,CAAaC,IAAI,CAACT,WAAAA,CAAAA;AACpB;AAEA9E,IAAAA,MAAAA,CAAOuB,QAAQ,CAACC,IAAI,CAAC,aAAe,EAAA;AAClCgE,QAAAA,KAAAA,EAAOF,YAAahF,CAAAA,GAAG,CAAC,CAACwE,cAAgB5E,YAAa4E,CAAAA,WAAAA,CAAAA;AACxD,KAAA,CAAA;IAEA,OAAOQ,YAAAA;AACT,CAAA;AAEA;AACC,IACD,MAAMG,qBAAwB,GAAA,UAAA;AAC5B,IAAA,OAAOzF,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeyC,KAAK,CAAC;QAC1CtB,KAAO,EAAA;YACLjC,KAAO,EAAA;gBACLqB,EAAI,EAAA;oBAAEgE,KAAO,EAAA;AAAK;AACpB;AACF;AACF,KAAA,CAAA;AACF,CAAA;AAEA;;;AAGC,IACD,MAAM9B,KAAAA,GAAQ,OAAOtB,KAAAA,GAAQ,EAAE,GAAA;AAC7B,IAAA,OAAOtC,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeyC,KAAK,CAAC;AAAEtB,QAAAA;AAAM,KAAA,CAAA;AACtD,CAAA;AAEA;;IAGA,MAAMqD,mBAAmB,OAAOC,MAAAA,GAAAA;IAC9B,MAAMJ,KAAAA,GAAQ,MAAMxF,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAeiC,CAAAA,CAAAA,QAAQ,CAAC;QAC1DM,MAAQ,EAAA;AAAC,YAAA;AAAK,SAAA;QACdpB,KAAO,EAAA;YACLjC,KAAO,EAAA;gBAAEqB,EAAI,EAAA;oBAAEgE,KAAO,EAAA;AAAK;AAAE;AAC/B;AACF,KAAA,CAAA;AAEA,IAAA,MAAMG,QAAQC,GAAG,CACfN,KAAMlF,CAAAA,GAAG,CAAC,CAACH,IAAAA,GAAAA;AACT,QAAA,OAAOH,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAekB,MAAM,CAAC;YAC3CC,KAAO,EAAA;AAAEZ,gBAAAA,EAAAA,EAAIvB,KAAKuB;AAAG,aAAA;YACrBN,IAAM,EAAA;gBAAEf,KAAO,EAAA;AAACuF,oBAAAA;AAAO;AAAC;AAC1B,SAAA,CAAA;AACF,KAAA,CAAA,CAAA;AAEJ,CAAA;AAEA;AACC,IACD,MAAMG,iCAAoC,GAAA,UAAA;AACxC,IAAA,MAAMnC,QAAQ,MAAM6B,qBAAAA,EAAAA;AAEpB,IAAA,IAAI7B,QAAQ,CAAG,EAAA;QACb5D,MAAOgG,CAAAA,GAAG,CAACC,IAAI,CAAC,CAAC,YAAY,EAAErC,KAAM,CAAA,sBAAsB,CAAC,CAAA;AAC9D;AACF,CAAA;AAEA;AACC,IACD,MAAMsC,iBAAoB,GAAA,UAAA;IACxB,MAAMV,KAAAA,GAAQ,MAAMxF,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAeiC,CAAAA,CAAAA,QAAQ,CAAC;QAAEM,MAAQ,EAAA;AAAC,YAAA;AAAmB;AAAC,KAAA,CAAA;AAE3F,IAAA,OAAO8B,MAAMlF,GAAG,CAAC,CAACH,IAASA,GAAAA,IAAAA,CAAKgG,gBAAgB,IAAI,IAAA,CAAA;AACtD,CAAA;AACA,WAAe;AACb5F,IAAAA,MAAAA;AACAkB,IAAAA,UAAAA;AACAkC,IAAAA,MAAAA;AACAE,IAAAA,oBAAAA;AACAE,IAAAA,QAAAA;AACA7D,IAAAA,YAAAA;AACAuC,IAAAA,OAAAA;AACA0B,IAAAA,cAAAA;AACAE,IAAAA,QAAAA;AACAK,IAAAA,UAAAA;AACAS,IAAAA,WAAAA;AACAM,IAAAA,qBAAAA;AACA7B,IAAAA,KAAAA;AACA+B,IAAAA,gBAAAA;AACAI,IAAAA,iCAAAA;AACAxD,IAAAA,oBAAAA;AACA2D,IAAAA,iBAAAA;AACAjD,IAAAA;AACF,CAAE;;;;"}
package/dist/server/server/src/services/user.mjs CHANGED
@@ -1,9 +1,6 @@
1
1
  import ___default from 'lodash';
2
2
  import { defaults } from 'lodash/fp';
3
3
  import { arrays, errors } from '@strapi/utils';
4
- import crypto from 'crypto';
5
- import fs from 'fs';
6
- import path from 'path';
7
4
  import { createUser, hasSuperAdminRole } from '../domain/user.mjs';
8
5
  import { password } from '../validation/common-validators.mjs';
9
6
  import { getService } from '../utils/index.mjs';
@@ -406,144 +403,6 @@ attributes)=>{
406
403
  });
407
404
  return users.map((user)=>user.preferedLanguage || 'en');
408
405
  };
409
- /**
410
- * In-memory cache for AI tokens
411
- * Key format: `${projectId}:${userId}`
412
- */ const aiTokenCache = new Map();
413
- /**
414
- * Generate an AI token for the user performing the request
415
- */ const getAiToken = async ()=>{
416
- const ERROR_PREFIX = 'AI token request failed:';
417
- // Check if EE features are enabled first
418
- if (!strapi.ee?.isEE) {
419
- strapi.log.error(`${ERROR_PREFIX} Enterprise Edition features are not enabled`);
420
- throw new Error('AI token request failed. Check server logs for details.');
421
- }
422
- // Get the EE license
423
- // First try environment variable, then try reading from file
424
- let eeLicense = process.env.STRAPI_LICENSE;
425
- if (!eeLicense) {
426
- try {
427
- const licensePath = path.join(strapi.dirs.app.root, 'license.txt');
428
- eeLicense = fs.readFileSync(licensePath).toString();
429
- } catch (error) {
430
- // License file doesn't exist or can't be read
431
- }
432
- }
433
- if (!eeLicense) {
434
- strapi.log.error(`${ERROR_PREFIX} No EE license found. Please ensure STRAPI_LICENSE environment variable is set or license.txt file exists.`);
435
- throw new Error('AI token request failed. Check server logs for details.');
436
- }
437
- const aiServerUrl = process.env.STRAPI_AI_URL || 'https://strapi-ai.apps.strapi.io';
438
- if (!aiServerUrl) {
439
- strapi.log.error(`${ERROR_PREFIX} AI server URL not configured. Please set STRAPI_AI_URL environment variable.`);
440
- throw new Error('AI token request failed. Check server logs for details.');
441
- }
442
- // Create a secure user identifier using only user ID
443
- const user = strapi.requestContext.get()?.state?.user;
444
- if (!user) {
445
- strapi.log.error(`${ERROR_PREFIX} No authenticated user in request context`);
446
- throw new Error('AI token request failed. Check server logs for details.');
447
- }
448
- const userIdentifier = user.id.toString();
449
- // Get project ID
450
- const projectId = strapi.config.get('uuid');
451
- if (!projectId) {
452
- strapi.log.error(`${ERROR_PREFIX} Project ID not configured`);
453
- throw new Error('AI token request failed. Check server logs for details.');
454
- }
455
- // Check cache for existing valid token
456
- const cacheKey = `${projectId}:${userIdentifier}`;
457
- const cachedToken = aiTokenCache.get(cacheKey);
458
- if (cachedToken) {
459
- const now = Date.now();
460
- // Check if token is still valid (with buffer so it has time to to be used)
461
- const bufferMs = 2 * 60 * 1000; // 2 minutes
462
- if (cachedToken.expiresAtMs && cachedToken.expiresAtMs - bufferMs > now) {
463
- strapi.log.info('Using cached AI token');
464
- return {
465
- token: cachedToken.token,
466
- expiresAt: cachedToken.expiresAt
467
- };
468
- }
469
- // Token expired or will expire soon, remove from cache
470
- aiTokenCache.delete(cacheKey);
471
- }
472
- strapi.log.http('Contacting AI Server for token generation');
473
- try {
474
- // Call the AI server's getAiJWT endpoint
475
- const response = await fetch(`${aiServerUrl}/auth/getAiJWT`, {
476
- method: 'POST',
477
- headers: {
478
- 'Content-Type': 'application/json',
479
- // No authorization header needed for public endpoint
480
- // Add request ID for tracing
481
- 'X-Request-Id': crypto.randomUUID()
482
- },
483
- body: JSON.stringify({
484
- eeLicense,
485
- userIdentifier,
486
- projectId
487
- })
488
- });
489
- if (!response.ok) {
490
- let errorData;
491
- let errorText;
492
- try {
493
- errorText = await response.text();
494
- errorData = JSON.parse(errorText);
495
- } catch {
496
- errorData = {
497
- error: errorText || 'Failed to parse error response'
498
- };
499
- }
500
- strapi.log.error(`${ERROR_PREFIX} ${errorData?.error || 'Unknown error'}`, {
501
- status: response.status,
502
- statusText: response.statusText,
503
- error: errorData,
504
- errorText,
505
- projectId
506
- });
507
- throw new Error('AI token request failed. Check server logs for details.');
508
- }
509
- let data;
510
- try {
511
- data = await response.json();
512
- } catch (parseError) {
513
- strapi.log.error(`${ERROR_PREFIX} Failed to parse AI server response`, parseError);
514
- throw new Error('AI token request failed. Check server logs for details.');
515
- }
516
- if (!data.jwt) {
517
- strapi.log.error(`${ERROR_PREFIX} Invalid response: missing JWT token`);
518
- throw new Error('AI token request failed. Check server logs for details.');
519
- }
520
- strapi.log.info('AI token generated successfully', {
521
- userId: user.id,
522
- expiresAt: data.expiresAt
523
- });
524
- // Cache the token if it has an expiration time
525
- if (data.expiresAt) {
526
- const expiresAtMs = new Date(data.expiresAt).getTime();
527
- aiTokenCache.set(cacheKey, {
528
- token: data.jwt,
529
- expiresAt: data.expiresAt,
530
- expiresAtMs
531
- });
532
- }
533
- // Return the AI JWT with metadata
534
- // Note: Token expires in 1 hour, client should handle refresh
535
- return {
536
- token: data.jwt,
537
- expiresAt: data.expiresAt
538
- };
539
- } catch (fetchError) {
540
- if (fetchError instanceof Error && fetchError.name === 'AbortError') {
541
- strapi.log.error(`${ERROR_PREFIX} Request to AI server timed out`);
542
- throw new Error('AI token request failed. Check server logs for details.');
543
- }
544
- throw fetchError;
545
- }
546
- };
547
406
  var user = {
548
407
  create,
549
408
  updateById,
@@ -562,8 +421,7 @@ var user = {
562
421
  displayWarningIfUsersDontHaveRole,
563
422
  resetPasswordByEmail,
564
423
  getLanguagesInUse,
565
- isFirstSuperAdminUser,
566
- getAiToken
424
+ isFirstSuperAdminUser
567
425
  };
568
426
 
569
427
  export { user as default };
package/dist/server/server/src/services/user.mjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"user.mjs","sources":["../../../../../server/src/services/user.ts"],"sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\nimport _ from 'lodash';\nimport { defaults } from 'lodash/fp';\nimport { arrays, errors } from '@strapi/utils';\nimport type { Data } from '@strapi/types';\nimport crypto from 'crypto';\nimport fs from 'fs';\nimport path from 'path';\nimport { createUser, hasSuperAdminRole } from '../domain/user';\nimport type {\n AdminUser,\n AdminRole,\n AdminUserCreationPayload,\n SanitizedAdminUser,\n SanitizedAdminRole,\n AdminUserUpdatePayload,\n // eslint-disable-next-line node/no-unpublished-import\n} from '../../../shared/contracts/shared';\nimport { password as passwordValidator } from '../validation/common-validators';\nimport { getService } from '../utils';\nimport constants from './constants';\n\nconst { SUPER_ADMIN_CODE } = constants;\n\nconst { ValidationError } = errors;\nconst sanitizeUserRoles = (role: AdminRole): SanitizedAdminRole =>\n _.pick(role, ['id', 'name', 'description', 'code']);\n\nconst getSessionManager = () => {\n const manager = strapi.sessionManager;\n return manager ?? null;\n};\n\n/**\n * Remove private user fields\n * @param user - user to sanitize\n */\nconst sanitizeUser = (user: AdminUser): SanitizedAdminUser => {\n return {\n ..._.omit(user, ['password', 'resetPasswordToken', 'registrationToken', 'roles']),\n roles: user.roles && user.roles.map(sanitizeUserRoles),\n };\n};\n\n/**\n * Create and save a user in database\n * @param attributes A partial user object\n */\nconst create = async (\n // isActive is added in the controller, it's not sent by the API.\n attributes: Partial<AdminUserCreationPayload> & { isActive?: true }\n): Promise<AdminUser> => {\n const userInfo = {\n registrationToken: getService('token').createToken(),\n ...attributes,\n };\n\n if (_.has(attributes, 'password')) {\n userInfo.password = await getService('auth').hashPassword(attributes.password!);\n }\n\n const user = createUser(userInfo);\n\n const createdUser = await strapi.db\n .query('admin::user')\n .create({ data: user, populate: ['roles'] });\n\n getService('metrics').sendDidInviteUser();\n\n strapi.eventHub.emit('user.create', { user: sanitizeUser(createdUser) });\n\n return createdUser;\n};\n\n/**\n * Update a user in database\n * @param id query params to find the user to update\n * @param attributes A partial user object\n */\nconst updateById = async (\n id: Data.ID,\n attributes: Partial<AdminUserUpdatePayload>\n): Promise<AdminUser> => {\n // Check at least one super admin remains\n if (_.has(attributes, 'roles')) {\n const lastAdminUser = await isLastSuperAdminUser(id);\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n const willRemoveSuperAdminRole = !arrays.includesString(attributes.roles!, superAdminRole.id);\n\n if (lastAdminUser && willRemoveSuperAdminRole) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n\n // cannot disable last super admin\n if (attributes.isActive === false) {\n const lastAdminUser = await isLastSuperAdminUser(id);\n if (lastAdminUser) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n\n // hash password if a new one is sent\n if (_.has(attributes, 'password')) {\n const hashedPassword = await getService('auth').hashPassword(attributes.password!);\n\n const updatedUser = await strapi.db.query('admin::user').update({\n where: { id },\n data: {\n ...attributes,\n password: hashedPassword,\n },\n populate: ['roles'],\n });\n\n strapi.eventHub.emit('user.update', { user: sanitizeUser(updatedUser) });\n\n return updatedUser;\n }\n\n const updatedUser = await strapi.db.query('admin::user').update({\n where: { id },\n data: attributes,\n populate: ['roles'],\n });\n\n if (updatedUser) {\n strapi.eventHub.emit('user.update', { user: sanitizeUser(updatedUser) });\n }\n\n return updatedUser;\n};\n\n/**\n * Reset a user password by email. (Used in admin:reset CLI)\n * @param email - user email\n * @param password - new password\n */\nconst resetPasswordByEmail = async (email: string, password: string) => {\n const user = await strapi.db\n .query('admin::user')\n .findOne({ where: { email }, populate: ['roles'] });\n\n if (!user) {\n throw new Error(`User not found for email: ${email}`);\n }\n\n try {\n await passwordValidator.validate(password);\n } catch (error) {\n throw new ValidationError(\n 'Invalid password. Expected a minimum of 8 characters with at least one number and one uppercase letter'\n );\n }\n\n await updateById(user.id, { password });\n};\n\n/**\n * Check if a user is the last super admin\n * @param userId user's id to look for\n */\nconst isLastSuperAdminUser = async (userId: Data.ID): Promise<boolean> => {\n const user = (await findOne(userId)) as AdminUser | null;\n if (!user) return false;\n\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n\n return superAdminRole.usersCount === 1 && hasSuperAdminRole(user);\n};\n\n/**\n * Check if a user is the first super admin\n * @param userId user's id to look for\n */\nconst isFirstSuperAdminUser = async (userId: Data.ID): Promise<boolean> => {\n const currentUser = (await findOne(userId)) as AdminUser | null;\n\n if (!currentUser || !hasSuperAdminRole(currentUser)) return false;\n\n const [oldestUser] = await strapi.db.query('admin::user').findMany({\n populate: {\n roles: {\n where: {\n code: { $eq: SUPER_ADMIN_CODE },\n },\n },\n },\n orderBy: { createdAt: 'asc' },\n limit: 1,\n select: ['id'],\n });\n\n return oldestUser.id === currentUser.id;\n};\n\n/**\n * Check if a user with specific attributes exists in the database\n * @param attributes A partial user object\n */\nconst exists = async (attributes = {} as unknown): Promise<boolean> => {\n return (await strapi.db.query('admin::user').count({ where: attributes })) > 0;\n};\n\n/**\n * Returns a user registration info\n * @param registrationToken - a user registration token\n * @returns - Returns user email, firstname and lastname\n */\nconst findRegistrationInfo = async (\n registrationToken: string\n): Promise<Pick<AdminUser, 'email' | 'firstname' | 'lastname'> | undefined> => {\n const user = await strapi.db.query('admin::user').findOne({ where: { registrationToken } });\n\n if (!user) {\n return undefined;\n }\n\n return _.pick(user, ['email', 'firstname', 'lastname']);\n};\n\n/**\n * Registers a user based on a registrationToken and some informations to update\n * @param params\n * @param params.registrationToken registration token\n * @param params.userInfo user info\n */\nconst register = async ({\n registrationToken,\n userInfo,\n}: {\n registrationToken: string;\n userInfo: Partial<AdminUser>;\n}) => {\n const matchingUser = await strapi.db\n .query('admin::user')\n .findOne({ where: { registrationToken } });\n\n if (!matchingUser) {\n throw new ValidationError('Invalid registration info');\n }\n\n return getService('user').updateById(matchingUser.id, {\n password: userInfo.password,\n firstname: userInfo.firstname,\n lastname: userInfo.lastname,\n registrationToken: null,\n isActive: true,\n });\n};\n\n/**\n * Find one user\n */\nconst findOne = async (id: Data.ID, populate = ['roles']) => {\n return strapi.db.query('admin::user').findOne({ where: { id }, populate });\n};\n\n/**\n * Find one user by its email\n * @param email\n * @param populate\n * @returns\n */\nconst findOneByEmail = async (email: string, populate = []) => {\n return strapi.db.query('admin::user').findOne({\n where: { email: { $eqi: email } },\n populate,\n });\n};\n\n/** Find many users (paginated)\n * @param params\n */\nconst findPage = async (params = {}): Promise<unknown> => {\n const query = strapi\n .get('query-params')\n .transform('admin::user', defaults({ populate: ['roles'] }, params));\n\n return strapi.db.query('admin::user').findPage(query);\n};\n\n/** Delete a user\n * @param id id of the user to delete\n */\nconst deleteById = async (id: Data.ID): Promise<AdminUser | null> => {\n // Check at least one super admin remains\n const userToDelete: AdminUser | null = await strapi.db.query('admin::user').findOne({\n where: { id },\n populate: ['roles'],\n });\n\n if (!userToDelete) {\n return null;\n }\n\n if (userToDelete) {\n if (userToDelete.roles.some((r) => r.code === SUPER_ADMIN_CODE)) {\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n if (superAdminRole.usersCount === 1) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n }\n\n const deletedUser = await strapi.db\n .query('admin::user')\n .delete({ where: { id }, populate: ['roles'] });\n\n // Invalidate all sessions for the deleted user\n const sessionManager = getSessionManager();\n if (sessionManager && sessionManager.hasOrigin('admin')) {\n await sessionManager('admin').invalidateRefreshToken(String(id));\n }\n\n strapi.eventHub.emit('user.delete', { user: sanitizeUser(deletedUser) });\n\n return deletedUser;\n};\n\n/** Delete a user\n * @param ids ids of the users to delete\n */\nconst deleteByIds = async (ids: (string | number)[]): Promise<AdminUser[]> => {\n // Check at least one super admin remains\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n const nbOfSuperAdminToDelete = await strapi.db.query('admin::user').count({\n where: {\n id: ids,\n roles: { id: superAdminRole.id },\n },\n });\n\n if (superAdminRole.usersCount === nbOfSuperAdminToDelete) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n\n const deletedUsers = [] as AdminUser[];\n for (const id of ids) {\n const deletedUser = await strapi.db.query('admin::user').delete({\n where: { id },\n populate: ['roles'],\n });\n\n // Invalidate all sessions for the deleted user\n const sessionManager = getSessionManager();\n if (sessionManager && sessionManager.hasOrigin('admin')) {\n await sessionManager('admin').invalidateRefreshToken(String(id));\n }\n\n deletedUsers.push(deletedUser);\n }\n\n strapi.eventHub.emit('user.delete', {\n users: deletedUsers.map((deletedUser) => sanitizeUser(deletedUser)),\n });\n\n return deletedUsers;\n};\n\n/** Count the users that don't have any associated roles\n */\nconst countUsersWithoutRole = async (): Promise<number> => {\n return strapi.db.query('admin::user').count({\n where: {\n roles: {\n id: { $null: true },\n },\n },\n });\n};\n\n/**\n * Count the number of users based on search params\n * @param params params used for the query\n */\nconst count = async (where = {}): Promise<number> => {\n return strapi.db.query('admin::user').count({ where });\n};\n\n/**\n * Assign some roles to several users\n */\nconst assignARoleToAll = async (roleId: Data.ID): Promise<void> => {\n const users = await strapi.db.query('admin::user').findMany({\n select: ['id'],\n where: {\n roles: { id: { $null: true } },\n },\n });\n\n await Promise.all(\n users.map((user) => {\n return strapi.db.query('admin::user').update({\n where: { id: user.id },\n data: { roles: [roleId] },\n });\n })\n );\n};\n\n/** Display a warning if some users don't have at least one role\n */\nconst displayWarningIfUsersDontHaveRole = async (): Promise<void> => {\n const count = await countUsersWithoutRole();\n\n if (count > 0) {\n strapi.log.warn(`Some users (${count}) don't have any role.`);\n }\n};\n\n/** Returns an array of interface languages currently used by users\n */\nconst getLanguagesInUse = async (): Promise<string[]> => {\n const users = await strapi.db.query('admin::user').findMany({ select: ['preferedLanguage'] });\n\n return users.map((user) => user.preferedLanguage || 'en');\n};\n\n/**\n * In-memory cache for AI tokens\n * Key format: `${projectId}:${userId}`\n */\nconst aiTokenCache = new Map<\n string,\n {\n token: string;\n expiresAt?: string;\n expiresAtMs?: number;\n }\n>();\n\n/**\n * Generate an AI token for the user performing the request\n */\nconst getAiToken = async (): Promise<{ token: string; expiresAt?: string }> => {\n const ERROR_PREFIX = 'AI token request failed:';\n\n // Check if EE features are enabled first\n if (!strapi.ee?.isEE) {\n strapi.log.error(`${ERROR_PREFIX} Enterprise Edition features are not enabled`);\n throw new Error('AI token request failed. Check server logs for details.');\n }\n\n // Get the EE license\n // First try environment variable, then try reading from file\n let eeLicense = process.env.STRAPI_LICENSE;\n\n if (!eeLicense) {\n try {\n const licensePath = path.join(strapi.dirs.app.root, 'license.txt');\n eeLicense = fs.readFileSync(licensePath).toString();\n } catch (error) {\n // License file doesn't exist or can't be read\n }\n }\n\n if (!eeLicense) {\n strapi.log.error(\n `${ERROR_PREFIX} No EE license found. Please ensure STRAPI_LICENSE environment variable is set or license.txt file exists.`\n );\n throw new Error('AI token request failed. Check server logs for details.');\n }\n\n const aiServerUrl = process.env.STRAPI_AI_URL || 'https://strapi-ai.apps.strapi.io';\n\n if (!aiServerUrl) {\n strapi.log.error(\n `${ERROR_PREFIX} AI server URL not configured. Please set STRAPI_AI_URL environment variable.`\n );\n throw new Error('AI token request failed. Check server logs for details.');\n }\n\n // Create a secure user identifier using only user ID\n const user = strapi.requestContext.get()?.state?.user as AdminUser | undefined;\n if (!user) {\n strapi.log.error(`${ERROR_PREFIX} No authenticated user in request context`);\n throw new Error('AI token request failed. Check server logs for details.');\n }\n\n const userIdentifier = user.id.toString();\n\n // Get project ID\n const projectId = strapi.config.get('uuid');\n if (!projectId) {\n strapi.log.error(`${ERROR_PREFIX} Project ID not configured`);\n throw new Error('AI token request failed. Check server logs for details.');\n }\n\n // Check cache for existing valid token\n const cacheKey = `${projectId}:${userIdentifier}`;\n const cachedToken = aiTokenCache.get(cacheKey);\n\n if (cachedToken) {\n const now = Date.now();\n // Check if token is still valid (with buffer so it has time to to be used)\n const bufferMs = 2 * 60 * 1000; // 2 minutes\n\n if (cachedToken.expiresAtMs && cachedToken.expiresAtMs - bufferMs > now) {\n strapi.log.info('Using cached AI token');\n\n return {\n token: cachedToken.token,\n expiresAt: cachedToken.expiresAt,\n };\n }\n\n // Token expired or will expire soon, remove from cache\n aiTokenCache.delete(cacheKey);\n }\n\n strapi.log.http('Contacting AI Server for token generation');\n\n try {\n // Call the AI server's getAiJWT endpoint\n const response = await fetch(`${aiServerUrl}/auth/getAiJWT`, {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json',\n // No authorization header needed for public endpoint\n // Add request ID for tracing\n 'X-Request-Id': crypto.randomUUID(),\n },\n body: JSON.stringify({\n eeLicense,\n userIdentifier,\n projectId,\n }),\n });\n\n if (!response.ok) {\n let errorData;\n let errorText;\n try {\n errorText = await response.text();\n errorData = JSON.parse(errorText);\n } catch {\n errorData = { error: errorText || 'Failed to parse error response' };\n }\n\n strapi.log.error(`${ERROR_PREFIX} ${errorData?.error || 'Unknown error'}`, {\n status: response.status,\n statusText: response.statusText,\n error: errorData,\n errorText,\n projectId,\n });\n\n throw new Error('AI token request failed. Check server logs for details.');\n }\n\n let data;\n try {\n data = (await response.json()) as {\n jwt: string;\n expiresAt?: string;\n };\n } catch (parseError) {\n strapi.log.error(`${ERROR_PREFIX} Failed to parse AI server response`, parseError);\n throw new Error('AI token request failed. Check server logs for details.');\n }\n\n if (!data.jwt) {\n strapi.log.error(`${ERROR_PREFIX} Invalid response: missing JWT token`);\n throw new Error('AI token request failed. Check server logs for details.');\n }\n\n strapi.log.info('AI token generated successfully', {\n userId: user.id,\n expiresAt: data.expiresAt,\n });\n\n // Cache the token if it has an expiration time\n if (data.expiresAt) {\n const expiresAtMs = new Date(data.expiresAt).getTime();\n aiTokenCache.set(cacheKey, {\n token: data.jwt,\n expiresAt: data.expiresAt,\n expiresAtMs,\n });\n }\n\n // Return the AI JWT with metadata\n // Note: Token expires in 1 hour, client should handle refresh\n return {\n token: data.jwt,\n expiresAt: data.expiresAt, // 1 hour from generation\n };\n } catch (fetchError) {\n if (fetchError instanceof Error && fetchError.name === 'AbortError') {\n strapi.log.error(`${ERROR_PREFIX} Request to AI server timed out`);\n throw new Error('AI token request failed. Check server logs for details.');\n }\n\n throw fetchError;\n }\n};\n\nexport default {\n create,\n updateById,\n exists,\n findRegistrationInfo,\n register,\n sanitizeUser,\n findOne,\n findOneByEmail,\n findPage,\n deleteById,\n deleteByIds,\n countUsersWithoutRole,\n count,\n assignARoleToAll,\n displayWarningIfUsersDontHaveRole,\n resetPasswordByEmail,\n getLanguagesInUse,\n isFirstSuperAdminUser,\n getAiToken,\n};\n"],"names":["SUPER_ADMIN_CODE","constants","ValidationError","errors","sanitizeUserRoles","role","_","pick","getSessionManager","manager","strapi","sessionManager","sanitizeUser","user","omit","roles","map","create","attributes","userInfo","registrationToken","getService","createToken","has","password","hashPassword","createUser","createdUser","db","query","data","populate","sendDidInviteUser","eventHub","emit","updateById","id","lastAdminUser","isLastSuperAdminUser","superAdminRole","getSuperAdminWithUsersCount","willRemoveSuperAdminRole","arrays","includesString","isActive","hashedPassword","updatedUser","update","where","resetPasswordByEmail","email","findOne","Error","passwordValidator","validate","error","userId","usersCount","hasSuperAdminRole","isFirstSuperAdminUser","currentUser","oldestUser","findMany","code","$eq","orderBy","createdAt","limit","select","exists","count","findRegistrationInfo","undefined","register","matchingUser","firstname","lastname","findOneByEmail","$eqi","findPage","params","get","transform","defaults","deleteById","userToDelete","some","r","deletedUser","delete","hasOrigin","invalidateRefreshToken","String","deleteByIds","ids","nbOfSuperAdminToDelete","deletedUsers","push","users","countUsersWithoutRole","$null","assignARoleToAll","roleId","Promise","all","displayWarningIfUsersDontHaveRole","log","warn","getLanguagesInUse","preferedLanguage","aiTokenCache","Map","getAiToken","ERROR_PREFIX","ee","isEE","eeLicense","process","env","STRAPI_LICENSE","licensePath","path","join","dirs","app","root","fs","readFileSync","toString","aiServerUrl","STRAPI_AI_URL","requestContext","state","userIdentifier","projectId","config","cacheKey","cachedToken","now","Date","bufferMs","expiresAtMs","info","token","expiresAt","http","response","fetch","method","headers","crypto","randomUUID","body","JSON","stringify","ok","errorData","errorText","text","parse","status","statusText","json","parseError","jwt","getTime","set","fetchError","name"],"mappings":";;;;;;;;;;;AAsBA,MAAM,EAAEA,gBAAgB,EAAE,GAAGC,SAAAA;AAE7B,MAAM,EAAEC,eAAe,EAAE,GAAGC,MAAAA;AAC5B,MAAMC,oBAAoB,CAACC,IAAAA,GACzBC,UAAEC,CAAAA,IAAI,CAACF,IAAM,EAAA;AAAC,QAAA,IAAA;AAAM,QAAA,MAAA;AAAQ,QAAA,aAAA;AAAe,QAAA;AAAO,KAAA,CAAA;AAEpD,MAAMG,iBAAoB,GAAA,IAAA;IACxB,MAAMC,OAAAA,GAAUC,OAAOC,cAAc;AACrC,IAAA,OAAOF,OAAW,IAAA,IAAA;AACpB,CAAA;AAEA;;;IAIA,MAAMG,eAAe,CAACC,IAAAA,GAAAA;IACpB,OAAO;QACL,GAAGP,UAAAA,CAAEQ,IAAI,CAACD,IAAM,EAAA;AAAC,YAAA,UAAA;AAAY,YAAA,oBAAA;AAAsB,YAAA,mBAAA;AAAqB,YAAA;SAAQ,CAAC;AACjFE,QAAAA,KAAAA,EAAOF,KAAKE,KAAK,IAAIF,KAAKE,KAAK,CAACC,GAAG,CAACZ,iBAAAA;AACtC,KAAA;AACF,CAAA;AAEA;;;IAIA,MAAMa,MAAS,GAAA;AAEbC,UAAAA,GAAAA;AAEA,IAAA,MAAMC,QAAW,GAAA;QACfC,iBAAmBC,EAAAA,UAAAA,CAAW,SAASC,WAAW,EAAA;AAClD,QAAA,GAAGJ;AACL,KAAA;AAEA,IAAA,IAAIZ,UAAEiB,CAAAA,GAAG,CAACL,UAAAA,EAAY,UAAa,CAAA,EAAA;QACjCC,QAASK,CAAAA,QAAQ,GAAG,MAAMH,UAAAA,CAAW,QAAQI,YAAY,CAACP,WAAWM,QAAQ,CAAA;AAC/E;AAEA,IAAA,MAAMX,OAAOa,UAAWP,CAAAA,QAAAA,CAAAA;IAExB,MAAMQ,WAAAA,GAAc,MAAMjB,MAAOkB,CAAAA,EAAE,CAChCC,KAAK,CAAC,aACNZ,CAAAA,CAAAA,MAAM,CAAC;QAAEa,IAAMjB,EAAAA,IAAAA;QAAMkB,QAAU,EAAA;AAAC,YAAA;AAAQ;AAAC,KAAA,CAAA;AAE5CV,IAAAA,UAAAA,CAAW,WAAWW,iBAAiB,EAAA;AAEvCtB,IAAAA,MAAAA,CAAOuB,QAAQ,CAACC,IAAI,CAAC,aAAe,EAAA;AAAErB,QAAAA,IAAAA,EAAMD,YAAae,CAAAA,WAAAA;AAAa,KAAA,CAAA;IAEtE,OAAOA,WAAAA;AACT,CAAA;AAEA;;;;IAKA,MAAMQ,UAAa,GAAA,OACjBC,EACAlB,EAAAA,UAAAA,GAAAA;;AAGA,IAAA,IAAIZ,UAAEiB,CAAAA,GAAG,CAACL,UAAAA,EAAY,OAAU,CAAA,EAAA;QAC9B,MAAMmB,aAAAA,GAAgB,MAAMC,oBAAqBF,CAAAA,EAAAA,CAAAA;AACjD,QAAA,MAAMG,cAAiB,GAAA,MAAMlB,UAAW,CAAA,MAAA,CAAA,CAAQmB,2BAA2B,EAAA;QAC3E,MAAMC,wBAAAA,GAA2B,CAACC,MAAOC,CAAAA,cAAc,CAACzB,UAAWH,CAAAA,KAAK,EAAGwB,cAAAA,CAAeH,EAAE,CAAA;AAE5F,QAAA,IAAIC,iBAAiBI,wBAA0B,EAAA;AAC7C,YAAA,MAAM,IAAIvC,eAAgB,CAAA,wDAAA,CAAA;AAC5B;AACF;;IAGA,IAAIgB,UAAAA,CAAW0B,QAAQ,KAAK,KAAO,EAAA;QACjC,MAAMP,aAAAA,GAAgB,MAAMC,oBAAqBF,CAAAA,EAAAA,CAAAA;AACjD,QAAA,IAAIC,aAAe,EAAA;AACjB,YAAA,MAAM,IAAInC,eAAgB,CAAA,wDAAA,CAAA;AAC5B;AACF;;AAGA,IAAA,IAAII,UAAEiB,CAAAA,GAAG,CAACL,UAAAA,EAAY,UAAa,CAAA,EAAA;AACjC,QAAA,MAAM2B,iBAAiB,MAAMxB,UAAAA,CAAW,QAAQI,YAAY,CAACP,WAAWM,QAAQ,CAAA;QAEhF,MAAMsB,WAAAA,GAAc,MAAMpC,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAekB,CAAAA,CAAAA,MAAM,CAAC;YAC9DC,KAAO,EAAA;AAAEZ,gBAAAA;AAAG,aAAA;YACZN,IAAM,EAAA;AACJ,gBAAA,GAAGZ,UAAU;gBACbM,QAAUqB,EAAAA;AACZ,aAAA;YACAd,QAAU,EAAA;AAAC,gBAAA;AAAQ;AACrB,SAAA,CAAA;AAEArB,QAAAA,MAAAA,CAAOuB,QAAQ,CAACC,IAAI,CAAC,aAAe,EAAA;AAAErB,YAAAA,IAAAA,EAAMD,YAAakC,CAAAA,WAAAA;AAAa,SAAA,CAAA;QAEtE,OAAOA,WAAAA;AACT;IAEA,MAAMA,WAAAA,GAAc,MAAMpC,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAekB,CAAAA,CAAAA,MAAM,CAAC;QAC9DC,KAAO,EAAA;AAAEZ,YAAAA;AAAG,SAAA;QACZN,IAAMZ,EAAAA,UAAAA;QACNa,QAAU,EAAA;AAAC,YAAA;AAAQ;AACrB,KAAA,CAAA;AAEA,IAAA,IAAIe,WAAa,EAAA;AACfpC,QAAAA,MAAAA,CAAOuB,QAAQ,CAACC,IAAI,CAAC,aAAe,EAAA;AAAErB,YAAAA,IAAAA,EAAMD,YAAakC,CAAAA,WAAAA;AAAa,SAAA,CAAA;AACxE;IAEA,OAAOA,WAAAA;AACT,CAAA;AAEA;;;;IAKA,MAAMG,oBAAuB,GAAA,OAAOC,KAAe1B,EAAAA,UAAAA,GAAAA;IACjD,MAAMX,IAAAA,GAAO,MAAMH,MAAOkB,CAAAA,EAAE,CACzBC,KAAK,CAAC,aACNsB,CAAAA,CAAAA,OAAO,CAAC;QAAEH,KAAO,EAAA;AAAEE,YAAAA;AAAM,SAAA;QAAGnB,QAAU,EAAA;AAAC,YAAA;AAAQ;AAAC,KAAA,CAAA;AAEnD,IAAA,IAAI,CAAClB,IAAM,EAAA;AACT,QAAA,MAAM,IAAIuC,KAAAA,CAAM,CAAC,0BAA0B,EAAEF,KAAO,CAAA,CAAA,CAAA;AACtD;IAEA,IAAI;QACF,MAAMG,QAAAA,CAAkBC,QAAQ,CAAC9B,UAAAA,CAAAA;AACnC,KAAA,CAAE,OAAO+B,KAAO,EAAA;AACd,QAAA,MAAM,IAAIrD,eACR,CAAA,wGAAA,CAAA;AAEJ;IAEA,MAAMiC,UAAAA,CAAWtB,IAAKuB,CAAAA,EAAE,EAAE;AAAEZ,kBAAAA;AAAS,KAAA,CAAA;AACvC,CAAA;AAEA;;;IAIA,MAAMc,uBAAuB,OAAOkB,MAAAA,GAAAA;IAClC,MAAM3C,IAAAA,GAAQ,MAAMsC,OAAQK,CAAAA,MAAAA,CAAAA;IAC5B,IAAI,CAAC3C,MAAM,OAAO,KAAA;AAElB,IAAA,MAAM0B,cAAiB,GAAA,MAAMlB,UAAW,CAAA,MAAA,CAAA,CAAQmB,2BAA2B,EAAA;AAE3E,IAAA,OAAOD,cAAekB,CAAAA,UAAU,KAAK,CAAA,IAAKC,iBAAkB7C,CAAAA,IAAAA,CAAAA;AAC9D,CAAA;AAEA;;;IAIA,MAAM8C,wBAAwB,OAAOH,MAAAA,GAAAA;IACnC,MAAMI,WAAAA,GAAe,MAAMT,OAAQK,CAAAA,MAAAA,CAAAA;AAEnC,IAAA,IAAI,CAACI,WAAAA,IAAe,CAACF,iBAAAA,CAAkBE,cAAc,OAAO,KAAA;IAE5D,MAAM,CAACC,UAAW,CAAA,GAAG,MAAMnD,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAeiC,CAAAA,CAAAA,QAAQ,CAAC;QACjE/B,QAAU,EAAA;YACRhB,KAAO,EAAA;gBACLiC,KAAO,EAAA;oBACLe,IAAM,EAAA;wBAAEC,GAAKhE,EAAAA;AAAiB;AAChC;AACF;AACF,SAAA;QACAiE,OAAS,EAAA;YAAEC,SAAW,EAAA;AAAM,SAAA;QAC5BC,KAAO,EAAA,CAAA;QACPC,MAAQ,EAAA;AAAC,YAAA;AAAK;AAChB,KAAA,CAAA;AAEA,IAAA,OAAOP,UAAWzB,CAAAA,EAAE,KAAKwB,WAAAA,CAAYxB,EAAE;AACzC,CAAA;AAEA;;;AAGC,IACD,MAAMiC,MAAAA,GAAS,OAAOnD,UAAAA,GAAa,EAAa,GAAA;IAC9C,OAAQ,MAAMR,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAeyC,CAAAA,CAAAA,KAAK,CAAC;QAAEtB,KAAO9B,EAAAA;KAAiB,CAAA,GAAA,CAAA;AAC/E,CAAA;AAEA;;;;IAKA,MAAMqD,uBAAuB,OAC3BnD,iBAAAA,GAAAA;IAEA,MAAMP,IAAAA,GAAO,MAAMH,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAesB,CAAAA,CAAAA,OAAO,CAAC;QAAEH,KAAO,EAAA;AAAE5B,YAAAA;AAAkB;AAAE,KAAA,CAAA;AAEzF,IAAA,IAAI,CAACP,IAAM,EAAA;QACT,OAAO2D,SAAAA;AACT;IAEA,OAAOlE,UAAAA,CAAEC,IAAI,CAACM,IAAM,EAAA;AAAC,QAAA,OAAA;AAAS,QAAA,WAAA;AAAa,QAAA;AAAW,KAAA,CAAA;AACxD,CAAA;AAEA;;;;;AAKC,IACD,MAAM4D,QAAW,GAAA,OAAO,EACtBrD,iBAAiB,EACjBD,QAAQ,EAIT,GAAA;IACC,MAAMuD,YAAAA,GAAe,MAAMhE,MAAOkB,CAAAA,EAAE,CACjCC,KAAK,CAAC,aACNsB,CAAAA,CAAAA,OAAO,CAAC;QAAEH,KAAO,EAAA;AAAE5B,YAAAA;AAAkB;AAAE,KAAA,CAAA;AAE1C,IAAA,IAAI,CAACsD,YAAc,EAAA;AACjB,QAAA,MAAM,IAAIxE,eAAgB,CAAA,2BAAA,CAAA;AAC5B;AAEA,IAAA,OAAOmB,WAAW,MAAQc,CAAAA,CAAAA,UAAU,CAACuC,YAAAA,CAAatC,EAAE,EAAE;AACpDZ,QAAAA,QAAAA,EAAUL,SAASK,QAAQ;AAC3BmD,QAAAA,SAAAA,EAAWxD,SAASwD,SAAS;AAC7BC,QAAAA,QAAAA,EAAUzD,SAASyD,QAAQ;QAC3BxD,iBAAmB,EAAA,IAAA;QACnBwB,QAAU,EAAA;AACZ,KAAA,CAAA;AACF,CAAA;AAEA;;AAEC,IACD,MAAMO,OAAAA,GAAU,OAAOf,EAAAA,EAAaL,QAAW,GAAA;AAAC,IAAA;AAAQ,CAAA,GAAA;AACtD,IAAA,OAAOrB,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAesB,OAAO,CAAC;QAAEH,KAAO,EAAA;AAAEZ,YAAAA;AAAG,SAAA;AAAGL,QAAAA;AAAS,KAAA,CAAA;AAC1E,CAAA;AAEA;;;;;AAKC,IACD,MAAM8C,cAAAA,GAAiB,OAAO3B,KAAAA,EAAenB,WAAW,EAAE,GAAA;AACxD,IAAA,OAAOrB,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAesB,OAAO,CAAC;QAC5CH,KAAO,EAAA;YAAEE,KAAO,EAAA;gBAAE4B,IAAM5B,EAAAA;AAAM;AAAE,SAAA;AAChCnB,QAAAA;AACF,KAAA,CAAA;AACF,CAAA;AAEA;;AAEC,IACD,MAAMgD,QAAAA,GAAW,OAAOC,MAAAA,GAAS,EAAE,GAAA;IACjC,MAAMnD,KAAAA,GAAQnB,OACXuE,GAAG,CAAC,gBACJC,SAAS,CAAC,eAAeC,QAAS,CAAA;QAAEpD,QAAU,EAAA;AAAC,YAAA;AAAQ;KAAIiD,EAAAA,MAAAA,CAAAA,CAAAA;AAE9D,IAAA,OAAOtE,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAekD,QAAQ,CAAClD,KAAAA,CAAAA;AACjD,CAAA;AAEA;;IAGA,MAAMuD,aAAa,OAAOhD,EAAAA,GAAAA;;IAExB,MAAMiD,YAAAA,GAAiC,MAAM3E,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAesB,CAAAA,CAAAA,OAAO,CAAC;QAClFH,KAAO,EAAA;AAAEZ,YAAAA;AAAG,SAAA;QACZL,QAAU,EAAA;AAAC,YAAA;AAAQ;AACrB,KAAA,CAAA;AAEA,IAAA,IAAI,CAACsD,YAAc,EAAA;QACjB,OAAO,IAAA;AACT;AAEA,IAAA,IAAIA,YAAc,EAAA;QAChB,IAAIA,YAAAA,CAAatE,KAAK,CAACuE,IAAI,CAAC,CAACC,CAAMA,GAAAA,CAAAA,CAAExB,IAAI,KAAK/D,gBAAmB,CAAA,EAAA;AAC/D,YAAA,MAAMuC,cAAiB,GAAA,MAAMlB,UAAW,CAAA,MAAA,CAAA,CAAQmB,2BAA2B,EAAA;YAC3E,IAAID,cAAAA,CAAekB,UAAU,KAAK,CAAG,EAAA;AACnC,gBAAA,MAAM,IAAIvD,eAAgB,CAAA,wDAAA,CAAA;AAC5B;AACF;AACF;IAEA,MAAMsF,WAAAA,GAAc,MAAM9E,MAAOkB,CAAAA,EAAE,CAChCC,KAAK,CAAC,aACN4D,CAAAA,CAAAA,MAAM,CAAC;QAAEzC,KAAO,EAAA;AAAEZ,YAAAA;AAAG,SAAA;QAAGL,QAAU,EAAA;AAAC,YAAA;AAAQ;AAAC,KAAA,CAAA;;AAG/C,IAAA,MAAMpB,cAAiBH,GAAAA,iBAAAA,EAAAA;AACvB,IAAA,IAAIG,cAAkBA,IAAAA,cAAAA,CAAe+E,SAAS,CAAC,OAAU,CAAA,EAAA;AACvD,QAAA,MAAM/E,cAAe,CAAA,OAAA,CAAA,CAASgF,sBAAsB,CAACC,MAAOxD,CAAAA,EAAAA,CAAAA,CAAAA;AAC9D;AAEA1B,IAAAA,MAAAA,CAAOuB,QAAQ,CAACC,IAAI,CAAC,aAAe,EAAA;AAAErB,QAAAA,IAAAA,EAAMD,YAAa4E,CAAAA,WAAAA;AAAa,KAAA,CAAA;IAEtE,OAAOA,WAAAA;AACT,CAAA;AAEA;;IAGA,MAAMK,cAAc,OAAOC,GAAAA,GAAAA;;AAEzB,IAAA,MAAMvD,cAAiB,GAAA,MAAMlB,UAAW,CAAA,MAAA,CAAA,CAAQmB,2BAA2B,EAAA;IAC3E,MAAMuD,sBAAAA,GAAyB,MAAMrF,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAeyC,CAAAA,CAAAA,KAAK,CAAC;QACxEtB,KAAO,EAAA;YACLZ,EAAI0D,EAAAA,GAAAA;YACJ/E,KAAO,EAAA;AAAEqB,gBAAAA,EAAAA,EAAIG,eAAeH;AAAG;AACjC;AACF,KAAA,CAAA;IAEA,IAAIG,cAAAA,CAAekB,UAAU,KAAKsC,sBAAwB,EAAA;AACxD,QAAA,MAAM,IAAI7F,eAAgB,CAAA,wDAAA,CAAA;AAC5B;AAEA,IAAA,MAAM8F,eAAe,EAAE;IACvB,KAAK,MAAM5D,MAAM0D,GAAK,CAAA;QACpB,MAAMN,WAAAA,GAAc,MAAM9E,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAe4D,CAAAA,CAAAA,MAAM,CAAC;YAC9DzC,KAAO,EAAA;AAAEZ,gBAAAA;AAAG,aAAA;YACZL,QAAU,EAAA;AAAC,gBAAA;AAAQ;AACrB,SAAA,CAAA;;AAGA,QAAA,MAAMpB,cAAiBH,GAAAA,iBAAAA,EAAAA;AACvB,QAAA,IAAIG,cAAkBA,IAAAA,cAAAA,CAAe+E,SAAS,CAAC,OAAU,CAAA,EAAA;AACvD,YAAA,MAAM/E,cAAe,CAAA,OAAA,CAAA,CAASgF,sBAAsB,CAACC,MAAOxD,CAAAA,EAAAA,CAAAA,CAAAA;AAC9D;AAEA4D,QAAAA,YAAAA,CAAaC,IAAI,CAACT,WAAAA,CAAAA;AACpB;AAEA9E,IAAAA,MAAAA,CAAOuB,QAAQ,CAACC,IAAI,CAAC,aAAe,EAAA;AAClCgE,QAAAA,KAAAA,EAAOF,YAAahF,CAAAA,GAAG,CAAC,CAACwE,cAAgB5E,YAAa4E,CAAAA,WAAAA,CAAAA;AACxD,KAAA,CAAA;IAEA,OAAOQ,YAAAA;AACT,CAAA;AAEA;AACC,IACD,MAAMG,qBAAwB,GAAA,UAAA;AAC5B,IAAA,OAAOzF,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeyC,KAAK,CAAC;QAC1CtB,KAAO,EAAA;YACLjC,KAAO,EAAA;gBACLqB,EAAI,EAAA;oBAAEgE,KAAO,EAAA;AAAK;AACpB;AACF;AACF,KAAA,CAAA;AACF,CAAA;AAEA;;;AAGC,IACD,MAAM9B,KAAAA,GAAQ,OAAOtB,KAAAA,GAAQ,EAAE,GAAA;AAC7B,IAAA,OAAOtC,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeyC,KAAK,CAAC;AAAEtB,QAAAA;AAAM,KAAA,CAAA;AACtD,CAAA;AAEA;;IAGA,MAAMqD,mBAAmB,OAAOC,MAAAA,GAAAA;IAC9B,MAAMJ,KAAAA,GAAQ,MAAMxF,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAeiC,CAAAA,CAAAA,QAAQ,CAAC;QAC1DM,MAAQ,EAAA;AAAC,YAAA;AAAK,SAAA;QACdpB,KAAO,EAAA;YACLjC,KAAO,EAAA;gBAAEqB,EAAI,EAAA;oBAAEgE,KAAO,EAAA;AAAK;AAAE;AAC/B;AACF,KAAA,CAAA;AAEA,IAAA,MAAMG,QAAQC,GAAG,CACfN,KAAMlF,CAAAA,GAAG,CAAC,CAACH,IAAAA,GAAAA;AACT,QAAA,OAAOH,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAekB,MAAM,CAAC;YAC3CC,KAAO,EAAA;AAAEZ,gBAAAA,EAAAA,EAAIvB,KAAKuB;AAAG,aAAA;YACrBN,IAAM,EAAA;gBAAEf,KAAO,EAAA;AAACuF,oBAAAA;AAAO;AAAC;AAC1B,SAAA,CAAA;AACF,KAAA,CAAA,CAAA;AAEJ,CAAA;AAEA;AACC,IACD,MAAMG,iCAAoC,GAAA,UAAA;AACxC,IAAA,MAAMnC,QAAQ,MAAM6B,qBAAAA,EAAAA;AAEpB,IAAA,IAAI7B,QAAQ,CAAG,EAAA;QACb5D,MAAOgG,CAAAA,GAAG,CAACC,IAAI,CAAC,CAAC,YAAY,EAAErC,KAAM,CAAA,sBAAsB,CAAC,CAAA;AAC9D;AACF,CAAA;AAEA;AACC,IACD,MAAMsC,iBAAoB,GAAA,UAAA;IACxB,MAAMV,KAAAA,GAAQ,MAAMxF,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAeiC,CAAAA,CAAAA,QAAQ,CAAC;QAAEM,MAAQ,EAAA;AAAC,YAAA;AAAmB;AAAC,KAAA,CAAA;AAE3F,IAAA,OAAO8B,MAAMlF,GAAG,CAAC,CAACH,IAASA,GAAAA,IAAAA,CAAKgG,gBAAgB,IAAI,IAAA,CAAA;AACtD,CAAA;AAEA;;;IAIA,MAAMC,eAAe,IAAIC,GAAAA,EAAAA;AASzB;;AAEC,IACD,MAAMC,UAAa,GAAA,UAAA;AACjB,IAAA,MAAMC,YAAe,GAAA,0BAAA;;AAGrB,IAAA,IAAI,CAACvG,MAAAA,CAAOwG,EAAE,EAAEC,IAAM,EAAA;AACpBzG,QAAAA,MAAAA,CAAOgG,GAAG,CAACnD,KAAK,CAAC,CAAG0D,EAAAA,YAAAA,CAAa,4CAA4C,CAAC,CAAA;AAC9E,QAAA,MAAM,IAAI7D,KAAM,CAAA,yDAAA,CAAA;AAClB;;;AAIA,IAAA,IAAIgE,SAAYC,GAAAA,OAAAA,CAAQC,GAAG,CAACC,cAAc;AAE1C,IAAA,IAAI,CAACH,SAAW,EAAA;QACd,IAAI;YACF,MAAMI,WAAAA,GAAcC,IAAKC,CAAAA,IAAI,CAAChH,MAAAA,CAAOiH,IAAI,CAACC,GAAG,CAACC,IAAI,EAAE,aAAA,CAAA;AACpDT,YAAAA,SAAAA,GAAYU,EAAGC,CAAAA,YAAY,CAACP,WAAAA,CAAAA,CAAaQ,QAAQ,EAAA;AACnD,SAAA,CAAE,OAAOzE,KAAO,EAAA;;AAEhB;AACF;AAEA,IAAA,IAAI,CAAC6D,SAAW,EAAA;AACd1G,QAAAA,MAAAA,CAAOgG,GAAG,CAACnD,KAAK,CACd,CAAG0D,EAAAA,YAAAA,CAAa,0GAA0G,CAAC,CAAA;AAE7H,QAAA,MAAM,IAAI7D,KAAM,CAAA,yDAAA,CAAA;AAClB;AAEA,IAAA,MAAM6E,WAAcZ,GAAAA,OAAAA,CAAQC,GAAG,CAACY,aAAa,IAAI,kCAAA;AAEjD,IAAA,IAAI,CAACD,WAAa,EAAA;AAChBvH,QAAAA,MAAAA,CAAOgG,GAAG,CAACnD,KAAK,CACd,CAAG0D,EAAAA,YAAAA,CAAa,6EAA6E,CAAC,CAAA;AAEhG,QAAA,MAAM,IAAI7D,KAAM,CAAA,yDAAA,CAAA;AAClB;;AAGA,IAAA,MAAMvC,OAAOH,MAAOyH,CAAAA,cAAc,CAAClD,GAAG,IAAImD,KAAOvH,EAAAA,IAAAA;AACjD,IAAA,IAAI,CAACA,IAAM,EAAA;AACTH,QAAAA,MAAAA,CAAOgG,GAAG,CAACnD,KAAK,CAAC,CAAG0D,EAAAA,YAAAA,CAAa,yCAAyC,CAAC,CAAA;AAC3E,QAAA,MAAM,IAAI7D,KAAM,CAAA,yDAAA,CAAA;AAClB;AAEA,IAAA,MAAMiF,cAAiBxH,GAAAA,IAAAA,CAAKuB,EAAE,CAAC4F,QAAQ,EAAA;;AAGvC,IAAA,MAAMM,SAAY5H,GAAAA,MAAAA,CAAO6H,MAAM,CAACtD,GAAG,CAAC,MAAA,CAAA;AACpC,IAAA,IAAI,CAACqD,SAAW,EAAA;AACd5H,QAAAA,MAAAA,CAAOgG,GAAG,CAACnD,KAAK,CAAC,CAAG0D,EAAAA,YAAAA,CAAa,0BAA0B,CAAC,CAAA;AAC5D,QAAA,MAAM,IAAI7D,KAAM,CAAA,yDAAA,CAAA;AAClB;;AAGA,IAAA,MAAMoF,QAAW,GAAA,CAAA,EAAGF,SAAU,CAAA,CAAC,EAAED,cAAgB,CAAA,CAAA;IACjD,MAAMI,WAAAA,GAAc3B,YAAa7B,CAAAA,GAAG,CAACuD,QAAAA,CAAAA;AAErC,IAAA,IAAIC,WAAa,EAAA;QACf,MAAMC,GAAAA,GAAMC,KAAKD,GAAG,EAAA;;AAEpB,QAAA,MAAME,QAAW,GAAA,CAAA,GAAI,EAAK,GAAA,IAAA,CAAA;AAE1B,QAAA,IAAIH,YAAYI,WAAW,IAAIJ,YAAYI,WAAW,GAAGD,WAAWF,GAAK,EAAA;YACvEhI,MAAOgG,CAAAA,GAAG,CAACoC,IAAI,CAAC,uBAAA,CAAA;YAEhB,OAAO;AACLC,gBAAAA,KAAAA,EAAON,YAAYM,KAAK;AACxBC,gBAAAA,SAAAA,EAAWP,YAAYO;AACzB,aAAA;AACF;;AAGAlC,QAAAA,YAAAA,CAAarB,MAAM,CAAC+C,QAAAA,CAAAA;AACtB;IAEA9H,MAAOgG,CAAAA,GAAG,CAACuC,IAAI,CAAC,2CAAA,CAAA;IAEhB,IAAI;;AAEF,QAAA,MAAMC,WAAW,MAAMC,KAAAA,CAAM,GAAGlB,WAAY,CAAA,cAAc,CAAC,EAAE;YAC3DmB,MAAQ,EAAA,MAAA;YACRC,OAAS,EAAA;gBACP,cAAgB,EAAA,kBAAA;;;AAGhB,gBAAA,cAAA,EAAgBC,OAAOC,UAAU;AACnC,aAAA;YACAC,IAAMC,EAAAA,IAAAA,CAAKC,SAAS,CAAC;AACnBtC,gBAAAA,SAAAA;AACAiB,gBAAAA,cAAAA;AACAC,gBAAAA;AACF,aAAA;AACF,SAAA,CAAA;QAEA,IAAI,CAACY,QAASS,CAAAA,EAAE,EAAE;YAChB,IAAIC,SAAAA;YACJ,IAAIC,SAAAA;YACJ,IAAI;gBACFA,SAAY,GAAA,MAAMX,SAASY,IAAI,EAAA;gBAC/BF,SAAYH,GAAAA,IAAAA,CAAKM,KAAK,CAACF,SAAAA,CAAAA;AACzB,aAAA,CAAE,OAAM;gBACND,SAAY,GAAA;AAAErG,oBAAAA,KAAAA,EAAOsG,SAAa,IAAA;AAAiC,iBAAA;AACrE;YAEAnJ,MAAOgG,CAAAA,GAAG,CAACnD,KAAK,CAAC,CAAA,EAAG0D,YAAa,CAAA,CAAC,EAAE2C,SAAAA,EAAWrG,KAAS,IAAA,eAAA,CAAA,CAAiB,EAAE;AACzEyG,gBAAAA,MAAAA,EAAQd,SAASc,MAAM;AACvBC,gBAAAA,UAAAA,EAAYf,SAASe,UAAU;gBAC/B1G,KAAOqG,EAAAA,SAAAA;AACPC,gBAAAA,SAAAA;AACAvB,gBAAAA;AACF,aAAA,CAAA;AAEA,YAAA,MAAM,IAAIlF,KAAM,CAAA,yDAAA,CAAA;AAClB;QAEA,IAAItB,IAAAA;QACJ,IAAI;YACFA,IAAQ,GAAA,MAAMoH,SAASgB,IAAI,EAAA;AAI7B,SAAA,CAAE,OAAOC,UAAY,EAAA;YACnBzJ,MAAOgG,CAAAA,GAAG,CAACnD,KAAK,CAAC,GAAG0D,YAAa,CAAA,mCAAmC,CAAC,EAAEkD,UAAAA,CAAAA;AACvE,YAAA,MAAM,IAAI/G,KAAM,CAAA,yDAAA,CAAA;AAClB;QAEA,IAAI,CAACtB,IAAKsI,CAAAA,GAAG,EAAE;AACb1J,YAAAA,MAAAA,CAAOgG,GAAG,CAACnD,KAAK,CAAC,CAAG0D,EAAAA,YAAAA,CAAa,oCAAoC,CAAC,CAAA;AACtE,YAAA,MAAM,IAAI7D,KAAM,CAAA,yDAAA,CAAA;AAClB;AAEA1C,QAAAA,MAAAA,CAAOgG,GAAG,CAACoC,IAAI,CAAC,iCAAmC,EAAA;AACjDtF,YAAAA,MAAAA,EAAQ3C,KAAKuB,EAAE;AACf4G,YAAAA,SAAAA,EAAWlH,KAAKkH;AAClB,SAAA,CAAA;;QAGA,IAAIlH,IAAAA,CAAKkH,SAAS,EAAE;AAClB,YAAA,MAAMH,cAAc,IAAIF,IAAAA,CAAK7G,IAAKkH,CAAAA,SAAS,EAAEqB,OAAO,EAAA;YACpDvD,YAAawD,CAAAA,GAAG,CAAC9B,QAAU,EAAA;AACzBO,gBAAAA,KAAAA,EAAOjH,KAAKsI,GAAG;AACfpB,gBAAAA,SAAAA,EAAWlH,KAAKkH,SAAS;AACzBH,gBAAAA;AACF,aAAA,CAAA;AACF;;;QAIA,OAAO;AACLE,YAAAA,KAAAA,EAAOjH,KAAKsI,GAAG;AACfpB,YAAAA,SAAAA,EAAWlH,KAAKkH;AAClB,SAAA;AACF,KAAA,CAAE,OAAOuB,UAAY,EAAA;AACnB,QAAA,IAAIA,UAAsBnH,YAAAA,KAAAA,IAASmH,UAAWC,CAAAA,IAAI,KAAK,YAAc,EAAA;AACnE9J,YAAAA,MAAAA,CAAOgG,GAAG,CAACnD,KAAK,CAAC,CAAG0D,EAAAA,YAAAA,CAAa,+BAA+B,CAAC,CAAA;AACjE,YAAA,MAAM,IAAI7D,KAAM,CAAA,yDAAA,CAAA;AAClB;QAEA,MAAMmH,UAAAA;AACR;AACF,CAAA;AAEA,WAAe;AACbtJ,IAAAA,MAAAA;AACAkB,IAAAA,UAAAA;AACAkC,IAAAA,MAAAA;AACAE,IAAAA,oBAAAA;AACAE,IAAAA,QAAAA;AACA7D,IAAAA,YAAAA;AACAuC,IAAAA,OAAAA;AACA0B,IAAAA,cAAAA;AACAE,IAAAA,QAAAA;AACAK,IAAAA,UAAAA;AACAS,IAAAA,WAAAA;AACAM,IAAAA,qBAAAA;AACA7B,IAAAA,KAAAA;AACA+B,IAAAA,gBAAAA;AACAI,IAAAA,iCAAAA;AACAxD,IAAAA,oBAAAA;AACA2D,IAAAA,iBAAAA;AACAjD,IAAAA,qBAAAA;AACAqD,IAAAA;AACF,CAAE;;;;"}
1
+ {"version":3,"file":"user.mjs","sources":["../../../../../server/src/services/user.ts"],"sourcesContent":["/* eslint-disable @typescript-eslint/no-non-null-assertion */\nimport _ from 'lodash';\nimport { defaults } from 'lodash/fp';\nimport { arrays, errors } from '@strapi/utils';\nimport type { Data } from '@strapi/types';\nimport { createUser, hasSuperAdminRole } from '../domain/user';\nimport type {\n AdminUser,\n AdminRole,\n AdminUserCreationPayload,\n SanitizedAdminUser,\n SanitizedAdminRole,\n AdminUserUpdatePayload,\n // eslint-disable-next-line node/no-unpublished-import\n} from '../../../shared/contracts/shared';\nimport { password as passwordValidator } from '../validation/common-validators';\nimport { getService } from '../utils';\nimport constants from './constants';\n\nconst { SUPER_ADMIN_CODE } = constants;\n\nconst { ValidationError } = errors;\nconst sanitizeUserRoles = (role: AdminRole): SanitizedAdminRole =>\n _.pick(role, ['id', 'name', 'description', 'code']);\n\nconst getSessionManager = () => {\n const manager = strapi.sessionManager;\n return manager ?? null;\n};\n\n/**\n * Remove private user fields\n * @param user - user to sanitize\n */\nconst sanitizeUser = (user: AdminUser): SanitizedAdminUser => {\n return {\n ..._.omit(user, ['password', 'resetPasswordToken', 'registrationToken', 'roles']),\n roles: user.roles && user.roles.map(sanitizeUserRoles),\n };\n};\n\n/**\n * Create and save a user in database\n * @param attributes A partial user object\n */\nconst create = async (\n // isActive is added in the controller, it's not sent by the API.\n attributes: Partial<AdminUserCreationPayload> & { isActive?: true }\n): Promise<AdminUser> => {\n const userInfo = {\n registrationToken: getService('token').createToken(),\n ...attributes,\n };\n\n if (_.has(attributes, 'password')) {\n userInfo.password = await getService('auth').hashPassword(attributes.password!);\n }\n\n const user = createUser(userInfo);\n\n const createdUser = await strapi.db\n .query('admin::user')\n .create({ data: user, populate: ['roles'] });\n\n getService('metrics').sendDidInviteUser();\n\n strapi.eventHub.emit('user.create', { user: sanitizeUser(createdUser) });\n\n return createdUser;\n};\n\n/**\n * Update a user in database\n * @param id query params to find the user to update\n * @param attributes A partial user object\n */\nconst updateById = async (\n id: Data.ID,\n attributes: Partial<AdminUserUpdatePayload>\n): Promise<AdminUser> => {\n // Check at least one super admin remains\n if (_.has(attributes, 'roles')) {\n const lastAdminUser = await isLastSuperAdminUser(id);\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n const willRemoveSuperAdminRole = !arrays.includesString(attributes.roles!, superAdminRole.id);\n\n if (lastAdminUser && willRemoveSuperAdminRole) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n\n // cannot disable last super admin\n if (attributes.isActive === false) {\n const lastAdminUser = await isLastSuperAdminUser(id);\n if (lastAdminUser) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n\n // hash password if a new one is sent\n if (_.has(attributes, 'password')) {\n const hashedPassword = await getService('auth').hashPassword(attributes.password!);\n\n const updatedUser = await strapi.db.query('admin::user').update({\n where: { id },\n data: {\n ...attributes,\n password: hashedPassword,\n },\n populate: ['roles'],\n });\n\n strapi.eventHub.emit('user.update', { user: sanitizeUser(updatedUser) });\n\n return updatedUser;\n }\n\n const updatedUser = await strapi.db.query('admin::user').update({\n where: { id },\n data: attributes,\n populate: ['roles'],\n });\n\n if (updatedUser) {\n strapi.eventHub.emit('user.update', { user: sanitizeUser(updatedUser) });\n }\n\n return updatedUser;\n};\n\n/**\n * Reset a user password by email. (Used in admin:reset CLI)\n * @param email - user email\n * @param password - new password\n */\nconst resetPasswordByEmail = async (email: string, password: string) => {\n const user = await strapi.db\n .query('admin::user')\n .findOne({ where: { email }, populate: ['roles'] });\n\n if (!user) {\n throw new Error(`User not found for email: ${email}`);\n }\n\n try {\n await passwordValidator.validate(password);\n } catch (error) {\n throw new ValidationError(\n 'Invalid password. Expected a minimum of 8 characters with at least one number and one uppercase letter'\n );\n }\n\n await updateById(user.id, { password });\n};\n\n/**\n * Check if a user is the last super admin\n * @param userId user's id to look for\n */\nconst isLastSuperAdminUser = async (userId: Data.ID): Promise<boolean> => {\n const user = (await findOne(userId)) as AdminUser | null;\n if (!user) return false;\n\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n\n return superAdminRole.usersCount === 1 && hasSuperAdminRole(user);\n};\n\n/**\n * Check if a user is the first super admin\n * @param userId user's id to look for\n */\nconst isFirstSuperAdminUser = async (userId: Data.ID): Promise<boolean> => {\n const currentUser = (await findOne(userId)) as AdminUser | null;\n\n if (!currentUser || !hasSuperAdminRole(currentUser)) return false;\n\n const [oldestUser] = await strapi.db.query('admin::user').findMany({\n populate: {\n roles: {\n where: {\n code: { $eq: SUPER_ADMIN_CODE },\n },\n },\n },\n orderBy: { createdAt: 'asc' },\n limit: 1,\n select: ['id'],\n });\n\n return oldestUser.id === currentUser.id;\n};\n\n/**\n * Check if a user with specific attributes exists in the database\n * @param attributes A partial user object\n */\nconst exists = async (attributes = {} as unknown): Promise<boolean> => {\n return (await strapi.db.query('admin::user').count({ where: attributes })) > 0;\n};\n\n/**\n * Returns a user registration info\n * @param registrationToken - a user registration token\n * @returns - Returns user email, firstname and lastname\n */\nconst findRegistrationInfo = async (\n registrationToken: string\n): Promise<Pick<AdminUser, 'email' | 'firstname' | 'lastname'> | undefined> => {\n const user = await strapi.db.query('admin::user').findOne({ where: { registrationToken } });\n\n if (!user) {\n return undefined;\n }\n\n return _.pick(user, ['email', 'firstname', 'lastname']);\n};\n\n/**\n * Registers a user based on a registrationToken and some informations to update\n * @param params\n * @param params.registrationToken registration token\n * @param params.userInfo user info\n */\nconst register = async ({\n registrationToken,\n userInfo,\n}: {\n registrationToken: string;\n userInfo: Partial<AdminUser>;\n}) => {\n const matchingUser = await strapi.db\n .query('admin::user')\n .findOne({ where: { registrationToken } });\n\n if (!matchingUser) {\n throw new ValidationError('Invalid registration info');\n }\n\n return getService('user').updateById(matchingUser.id, {\n password: userInfo.password,\n firstname: userInfo.firstname,\n lastname: userInfo.lastname,\n registrationToken: null,\n isActive: true,\n });\n};\n\n/**\n * Find one user\n */\nconst findOne = async (id: Data.ID, populate = ['roles']) => {\n return strapi.db.query('admin::user').findOne({ where: { id }, populate });\n};\n\n/**\n * Find one user by its email\n * @param email\n * @param populate\n * @returns\n */\nconst findOneByEmail = async (email: string, populate = []) => {\n return strapi.db.query('admin::user').findOne({\n where: { email: { $eqi: email } },\n populate,\n });\n};\n\n/** Find many users (paginated)\n * @param params\n */\nconst findPage = async (params = {}): Promise<unknown> => {\n const query = strapi\n .get('query-params')\n .transform('admin::user', defaults({ populate: ['roles'] }, params));\n\n return strapi.db.query('admin::user').findPage(query);\n};\n\n/** Delete a user\n * @param id id of the user to delete\n */\nconst deleteById = async (id: Data.ID): Promise<AdminUser | null> => {\n // Check at least one super admin remains\n const userToDelete: AdminUser | null = await strapi.db.query('admin::user').findOne({\n where: { id },\n populate: ['roles'],\n });\n\n if (!userToDelete) {\n return null;\n }\n\n if (userToDelete) {\n if (userToDelete.roles.some((r) => r.code === SUPER_ADMIN_CODE)) {\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n if (superAdminRole.usersCount === 1) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n }\n }\n\n const deletedUser = await strapi.db\n .query('admin::user')\n .delete({ where: { id }, populate: ['roles'] });\n\n // Invalidate all sessions for the deleted user\n const sessionManager = getSessionManager();\n if (sessionManager && sessionManager.hasOrigin('admin')) {\n await sessionManager('admin').invalidateRefreshToken(String(id));\n }\n\n strapi.eventHub.emit('user.delete', { user: sanitizeUser(deletedUser) });\n\n return deletedUser;\n};\n\n/** Delete a user\n * @param ids ids of the users to delete\n */\nconst deleteByIds = async (ids: (string | number)[]): Promise<AdminUser[]> => {\n // Check at least one super admin remains\n const superAdminRole = await getService('role').getSuperAdminWithUsersCount();\n const nbOfSuperAdminToDelete = await strapi.db.query('admin::user').count({\n where: {\n id: ids,\n roles: { id: superAdminRole.id },\n },\n });\n\n if (superAdminRole.usersCount === nbOfSuperAdminToDelete) {\n throw new ValidationError('You must have at least one user with super admin role.');\n }\n\n const deletedUsers = [] as AdminUser[];\n for (const id of ids) {\n const deletedUser = await strapi.db.query('admin::user').delete({\n where: { id },\n populate: ['roles'],\n });\n\n // Invalidate all sessions for the deleted user\n const sessionManager = getSessionManager();\n if (sessionManager && sessionManager.hasOrigin('admin')) {\n await sessionManager('admin').invalidateRefreshToken(String(id));\n }\n\n deletedUsers.push(deletedUser);\n }\n\n strapi.eventHub.emit('user.delete', {\n users: deletedUsers.map((deletedUser) => sanitizeUser(deletedUser)),\n });\n\n return deletedUsers;\n};\n\n/** Count the users that don't have any associated roles\n */\nconst countUsersWithoutRole = async (): Promise<number> => {\n return strapi.db.query('admin::user').count({\n where: {\n roles: {\n id: { $null: true },\n },\n },\n });\n};\n\n/**\n * Count the number of users based on search params\n * @param params params used for the query\n */\nconst count = async (where = {}): Promise<number> => {\n return strapi.db.query('admin::user').count({ where });\n};\n\n/**\n * Assign some roles to several users\n */\nconst assignARoleToAll = async (roleId: Data.ID): Promise<void> => {\n const users = await strapi.db.query('admin::user').findMany({\n select: ['id'],\n where: {\n roles: { id: { $null: true } },\n },\n });\n\n await Promise.all(\n users.map((user) => {\n return strapi.db.query('admin::user').update({\n where: { id: user.id },\n data: { roles: [roleId] },\n });\n })\n );\n};\n\n/** Display a warning if some users don't have at least one role\n */\nconst displayWarningIfUsersDontHaveRole = async (): Promise<void> => {\n const count = await countUsersWithoutRole();\n\n if (count > 0) {\n strapi.log.warn(`Some users (${count}) don't have any role.`);\n }\n};\n\n/** Returns an array of interface languages currently used by users\n */\nconst getLanguagesInUse = async (): Promise<string[]> => {\n const users = await strapi.db.query('admin::user').findMany({ select: ['preferedLanguage'] });\n\n return users.map((user) => user.preferedLanguage || 'en');\n};\nexport default {\n create,\n updateById,\n exists,\n findRegistrationInfo,\n register,\n sanitizeUser,\n findOne,\n findOneByEmail,\n findPage,\n deleteById,\n deleteByIds,\n countUsersWithoutRole,\n count,\n assignARoleToAll,\n displayWarningIfUsersDontHaveRole,\n resetPasswordByEmail,\n getLanguagesInUse,\n isFirstSuperAdminUser,\n};\n"],"names":["SUPER_ADMIN_CODE","constants","ValidationError","errors","sanitizeUserRoles","role","_","pick","getSessionManager","manager","strapi","sessionManager","sanitizeUser","user","omit","roles","map","create","attributes","userInfo","registrationToken","getService","createToken","has","password","hashPassword","createUser","createdUser","db","query","data","populate","sendDidInviteUser","eventHub","emit","updateById","id","lastAdminUser","isLastSuperAdminUser","superAdminRole","getSuperAdminWithUsersCount","willRemoveSuperAdminRole","arrays","includesString","isActive","hashedPassword","updatedUser","update","where","resetPasswordByEmail","email","findOne","Error","passwordValidator","validate","error","userId","usersCount","hasSuperAdminRole","isFirstSuperAdminUser","currentUser","oldestUser","findMany","code","$eq","orderBy","createdAt","limit","select","exists","count","findRegistrationInfo","undefined","register","matchingUser","firstname","lastname","findOneByEmail","$eqi","findPage","params","get","transform","defaults","deleteById","userToDelete","some","r","deletedUser","delete","hasOrigin","invalidateRefreshToken","String","deleteByIds","ids","nbOfSuperAdminToDelete","deletedUsers","push","users","countUsersWithoutRole","$null","assignARoleToAll","roleId","Promise","all","displayWarningIfUsersDontHaveRole","log","warn","getLanguagesInUse","preferedLanguage"],"mappings":";;;;;;;;AAmBA,MAAM,EAAEA,gBAAgB,EAAE,GAAGC,SAAAA;AAE7B,MAAM,EAAEC,eAAe,EAAE,GAAGC,MAAAA;AAC5B,MAAMC,oBAAoB,CAACC,IAAAA,GACzBC,UAAEC,CAAAA,IAAI,CAACF,IAAM,EAAA;AAAC,QAAA,IAAA;AAAM,QAAA,MAAA;AAAQ,QAAA,aAAA;AAAe,QAAA;AAAO,KAAA,CAAA;AAEpD,MAAMG,iBAAoB,GAAA,IAAA;IACxB,MAAMC,OAAAA,GAAUC,OAAOC,cAAc;AACrC,IAAA,OAAOF,OAAW,IAAA,IAAA;AACpB,CAAA;AAEA;;;IAIA,MAAMG,eAAe,CAACC,IAAAA,GAAAA;IACpB,OAAO;QACL,GAAGP,UAAAA,CAAEQ,IAAI,CAACD,IAAM,EAAA;AAAC,YAAA,UAAA;AAAY,YAAA,oBAAA;AAAsB,YAAA,mBAAA;AAAqB,YAAA;SAAQ,CAAC;AACjFE,QAAAA,KAAAA,EAAOF,KAAKE,KAAK,IAAIF,KAAKE,KAAK,CAACC,GAAG,CAACZ,iBAAAA;AACtC,KAAA;AACF,CAAA;AAEA;;;IAIA,MAAMa,MAAS,GAAA;AAEbC,UAAAA,GAAAA;AAEA,IAAA,MAAMC,QAAW,GAAA;QACfC,iBAAmBC,EAAAA,UAAAA,CAAW,SAASC,WAAW,EAAA;AAClD,QAAA,GAAGJ;AACL,KAAA;AAEA,IAAA,IAAIZ,UAAEiB,CAAAA,GAAG,CAACL,UAAAA,EAAY,UAAa,CAAA,EAAA;QACjCC,QAASK,CAAAA,QAAQ,GAAG,MAAMH,UAAAA,CAAW,QAAQI,YAAY,CAACP,WAAWM,QAAQ,CAAA;AAC/E;AAEA,IAAA,MAAMX,OAAOa,UAAWP,CAAAA,QAAAA,CAAAA;IAExB,MAAMQ,WAAAA,GAAc,MAAMjB,MAAOkB,CAAAA,EAAE,CAChCC,KAAK,CAAC,aACNZ,CAAAA,CAAAA,MAAM,CAAC;QAAEa,IAAMjB,EAAAA,IAAAA;QAAMkB,QAAU,EAAA;AAAC,YAAA;AAAQ;AAAC,KAAA,CAAA;AAE5CV,IAAAA,UAAAA,CAAW,WAAWW,iBAAiB,EAAA;AAEvCtB,IAAAA,MAAAA,CAAOuB,QAAQ,CAACC,IAAI,CAAC,aAAe,EAAA;AAAErB,QAAAA,IAAAA,EAAMD,YAAae,CAAAA,WAAAA;AAAa,KAAA,CAAA;IAEtE,OAAOA,WAAAA;AACT,CAAA;AAEA;;;;IAKA,MAAMQ,UAAa,GAAA,OACjBC,EACAlB,EAAAA,UAAAA,GAAAA;;AAGA,IAAA,IAAIZ,UAAEiB,CAAAA,GAAG,CAACL,UAAAA,EAAY,OAAU,CAAA,EAAA;QAC9B,MAAMmB,aAAAA,GAAgB,MAAMC,oBAAqBF,CAAAA,EAAAA,CAAAA;AACjD,QAAA,MAAMG,cAAiB,GAAA,MAAMlB,UAAW,CAAA,MAAA,CAAA,CAAQmB,2BAA2B,EAAA;QAC3E,MAAMC,wBAAAA,GAA2B,CAACC,MAAOC,CAAAA,cAAc,CAACzB,UAAWH,CAAAA,KAAK,EAAGwB,cAAAA,CAAeH,EAAE,CAAA;AAE5F,QAAA,IAAIC,iBAAiBI,wBAA0B,EAAA;AAC7C,YAAA,MAAM,IAAIvC,eAAgB,CAAA,wDAAA,CAAA;AAC5B;AACF;;IAGA,IAAIgB,UAAAA,CAAW0B,QAAQ,KAAK,KAAO,EAAA;QACjC,MAAMP,aAAAA,GAAgB,MAAMC,oBAAqBF,CAAAA,EAAAA,CAAAA;AACjD,QAAA,IAAIC,aAAe,EAAA;AACjB,YAAA,MAAM,IAAInC,eAAgB,CAAA,wDAAA,CAAA;AAC5B;AACF;;AAGA,IAAA,IAAII,UAAEiB,CAAAA,GAAG,CAACL,UAAAA,EAAY,UAAa,CAAA,EAAA;AACjC,QAAA,MAAM2B,iBAAiB,MAAMxB,UAAAA,CAAW,QAAQI,YAAY,CAACP,WAAWM,QAAQ,CAAA;QAEhF,MAAMsB,WAAAA,GAAc,MAAMpC,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAekB,CAAAA,CAAAA,MAAM,CAAC;YAC9DC,KAAO,EAAA;AAAEZ,gBAAAA;AAAG,aAAA;YACZN,IAAM,EAAA;AACJ,gBAAA,GAAGZ,UAAU;gBACbM,QAAUqB,EAAAA;AACZ,aAAA;YACAd,QAAU,EAAA;AAAC,gBAAA;AAAQ;AACrB,SAAA,CAAA;AAEArB,QAAAA,MAAAA,CAAOuB,QAAQ,CAACC,IAAI,CAAC,aAAe,EAAA;AAAErB,YAAAA,IAAAA,EAAMD,YAAakC,CAAAA,WAAAA;AAAa,SAAA,CAAA;QAEtE,OAAOA,WAAAA;AACT;IAEA,MAAMA,WAAAA,GAAc,MAAMpC,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAekB,CAAAA,CAAAA,MAAM,CAAC;QAC9DC,KAAO,EAAA;AAAEZ,YAAAA;AAAG,SAAA;QACZN,IAAMZ,EAAAA,UAAAA;QACNa,QAAU,EAAA;AAAC,YAAA;AAAQ;AACrB,KAAA,CAAA;AAEA,IAAA,IAAIe,WAAa,EAAA;AACfpC,QAAAA,MAAAA,CAAOuB,QAAQ,CAACC,IAAI,CAAC,aAAe,EAAA;AAAErB,YAAAA,IAAAA,EAAMD,YAAakC,CAAAA,WAAAA;AAAa,SAAA,CAAA;AACxE;IAEA,OAAOA,WAAAA;AACT,CAAA;AAEA;;;;IAKA,MAAMG,oBAAuB,GAAA,OAAOC,KAAe1B,EAAAA,UAAAA,GAAAA;IACjD,MAAMX,IAAAA,GAAO,MAAMH,MAAOkB,CAAAA,EAAE,CACzBC,KAAK,CAAC,aACNsB,CAAAA,CAAAA,OAAO,CAAC;QAAEH,KAAO,EAAA;AAAEE,YAAAA;AAAM,SAAA;QAAGnB,QAAU,EAAA;AAAC,YAAA;AAAQ;AAAC,KAAA,CAAA;AAEnD,IAAA,IAAI,CAAClB,IAAM,EAAA;AACT,QAAA,MAAM,IAAIuC,KAAAA,CAAM,CAAC,0BAA0B,EAAEF,KAAO,CAAA,CAAA,CAAA;AACtD;IAEA,IAAI;QACF,MAAMG,QAAAA,CAAkBC,QAAQ,CAAC9B,UAAAA,CAAAA;AACnC,KAAA,CAAE,OAAO+B,KAAO,EAAA;AACd,QAAA,MAAM,IAAIrD,eACR,CAAA,wGAAA,CAAA;AAEJ;IAEA,MAAMiC,UAAAA,CAAWtB,IAAKuB,CAAAA,EAAE,EAAE;AAAEZ,kBAAAA;AAAS,KAAA,CAAA;AACvC,CAAA;AAEA;;;IAIA,MAAMc,uBAAuB,OAAOkB,MAAAA,GAAAA;IAClC,MAAM3C,IAAAA,GAAQ,MAAMsC,OAAQK,CAAAA,MAAAA,CAAAA;IAC5B,IAAI,CAAC3C,MAAM,OAAO,KAAA;AAElB,IAAA,MAAM0B,cAAiB,GAAA,MAAMlB,UAAW,CAAA,MAAA,CAAA,CAAQmB,2BAA2B,EAAA;AAE3E,IAAA,OAAOD,cAAekB,CAAAA,UAAU,KAAK,CAAA,IAAKC,iBAAkB7C,CAAAA,IAAAA,CAAAA;AAC9D,CAAA;AAEA;;;IAIA,MAAM8C,wBAAwB,OAAOH,MAAAA,GAAAA;IACnC,MAAMI,WAAAA,GAAe,MAAMT,OAAQK,CAAAA,MAAAA,CAAAA;AAEnC,IAAA,IAAI,CAACI,WAAAA,IAAe,CAACF,iBAAAA,CAAkBE,cAAc,OAAO,KAAA;IAE5D,MAAM,CAACC,UAAW,CAAA,GAAG,MAAMnD,MAAAA,CAAOkB,EAAE,CAACC,KAAK,CAAC,aAAeiC,CAAAA,CAAAA,QAAQ,CAAC;QACjE/B,QAAU,EAAA;YACRhB,KAAO,EAAA;gBACLiC,KAAO,EAAA;oBACLe,IAAM,EAAA;wBAAEC,GAAKhE,EAAAA;AAAiB;AAChC;AACF;AACF,SAAA;QACAiE,OAAS,EAAA;YAAEC,SAAW,EAAA;AAAM,SAAA;QAC5BC,KAAO,EAAA,CAAA;QACPC,MAAQ,EAAA;AAAC,YAAA;AAAK;AAChB,KAAA,CAAA;AAEA,IAAA,OAAOP,UAAWzB,CAAAA,EAAE,KAAKwB,WAAAA,CAAYxB,EAAE;AACzC,CAAA;AAEA;;;AAGC,IACD,MAAMiC,MAAAA,GAAS,OAAOnD,UAAAA,GAAa,EAAa,GAAA;IAC9C,OAAQ,MAAMR,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAeyC,CAAAA,CAAAA,KAAK,CAAC;QAAEtB,KAAO9B,EAAAA;KAAiB,CAAA,GAAA,CAAA;AAC/E,CAAA;AAEA;;;;IAKA,MAAMqD,uBAAuB,OAC3BnD,iBAAAA,GAAAA;IAEA,MAAMP,IAAAA,GAAO,MAAMH,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAesB,CAAAA,CAAAA,OAAO,CAAC;QAAEH,KAAO,EAAA;AAAE5B,YAAAA;AAAkB;AAAE,KAAA,CAAA;AAEzF,IAAA,IAAI,CAACP,IAAM,EAAA;QACT,OAAO2D,SAAAA;AACT;IAEA,OAAOlE,UAAAA,CAAEC,IAAI,CAACM,IAAM,EAAA;AAAC,QAAA,OAAA;AAAS,QAAA,WAAA;AAAa,QAAA;AAAW,KAAA,CAAA;AACxD,CAAA;AAEA;;;;;AAKC,IACD,MAAM4D,QAAW,GAAA,OAAO,EACtBrD,iBAAiB,EACjBD,QAAQ,EAIT,GAAA;IACC,MAAMuD,YAAAA,GAAe,MAAMhE,MAAOkB,CAAAA,EAAE,CACjCC,KAAK,CAAC,aACNsB,CAAAA,CAAAA,OAAO,CAAC;QAAEH,KAAO,EAAA;AAAE5B,YAAAA;AAAkB;AAAE,KAAA,CAAA;AAE1C,IAAA,IAAI,CAACsD,YAAc,EAAA;AACjB,QAAA,MAAM,IAAIxE,eAAgB,CAAA,2BAAA,CAAA;AAC5B;AAEA,IAAA,OAAOmB,WAAW,MAAQc,CAAAA,CAAAA,UAAU,CAACuC,YAAAA,CAAatC,EAAE,EAAE;AACpDZ,QAAAA,QAAAA,EAAUL,SAASK,QAAQ;AAC3BmD,QAAAA,SAAAA,EAAWxD,SAASwD,SAAS;AAC7BC,QAAAA,QAAAA,EAAUzD,SAASyD,QAAQ;QAC3BxD,iBAAmB,EAAA,IAAA;QACnBwB,QAAU,EAAA;AACZ,KAAA,CAAA;AACF,CAAA;AAEA;;AAEC,IACD,MAAMO,OAAAA,GAAU,OAAOf,EAAAA,EAAaL,QAAW,GAAA;AAAC,IAAA;AAAQ,CAAA,GAAA;AACtD,IAAA,OAAOrB,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAesB,OAAO,CAAC;QAAEH,KAAO,EAAA;AAAEZ,YAAAA;AAAG,SAAA;AAAGL,QAAAA;AAAS,KAAA,CAAA;AAC1E,CAAA;AAEA;;;;;AAKC,IACD,MAAM8C,cAAAA,GAAiB,OAAO3B,KAAAA,EAAenB,WAAW,EAAE,GAAA;AACxD,IAAA,OAAOrB,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAesB,OAAO,CAAC;QAC5CH,KAAO,EAAA;YAAEE,KAAO,EAAA;gBAAE4B,IAAM5B,EAAAA;AAAM;AAAE,SAAA;AAChCnB,QAAAA;AACF,KAAA,CAAA;AACF,CAAA;AAEA;;AAEC,IACD,MAAMgD,QAAAA,GAAW,OAAOC,MAAAA,GAAS,EAAE,GAAA;IACjC,MAAMnD,KAAAA,GAAQnB,OACXuE,GAAG,CAAC,gBACJC,SAAS,CAAC,eAAeC,QAAS,CAAA;QAAEpD,QAAU,EAAA;AAAC,YAAA;AAAQ;KAAIiD,EAAAA,MAAAA,CAAAA,CAAAA;AAE9D,IAAA,OAAOtE,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAekD,QAAQ,CAAClD,KAAAA,CAAAA;AACjD,CAAA;AAEA;;IAGA,MAAMuD,aAAa,OAAOhD,EAAAA,GAAAA;;IAExB,MAAMiD,YAAAA,GAAiC,MAAM3E,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAesB,CAAAA,CAAAA,OAAO,CAAC;QAClFH,KAAO,EAAA;AAAEZ,YAAAA;AAAG,SAAA;QACZL,QAAU,EAAA;AAAC,YAAA;AAAQ;AACrB,KAAA,CAAA;AAEA,IAAA,IAAI,CAACsD,YAAc,EAAA;QACjB,OAAO,IAAA;AACT;AAEA,IAAA,IAAIA,YAAc,EAAA;QAChB,IAAIA,YAAAA,CAAatE,KAAK,CAACuE,IAAI,CAAC,CAACC,CAAMA,GAAAA,CAAAA,CAAExB,IAAI,KAAK/D,gBAAmB,CAAA,EAAA;AAC/D,YAAA,MAAMuC,cAAiB,GAAA,MAAMlB,UAAW,CAAA,MAAA,CAAA,CAAQmB,2BAA2B,EAAA;YAC3E,IAAID,cAAAA,CAAekB,UAAU,KAAK,CAAG,EAAA;AACnC,gBAAA,MAAM,IAAIvD,eAAgB,CAAA,wDAAA,CAAA;AAC5B;AACF;AACF;IAEA,MAAMsF,WAAAA,GAAc,MAAM9E,MAAOkB,CAAAA,EAAE,CAChCC,KAAK,CAAC,aACN4D,CAAAA,CAAAA,MAAM,CAAC;QAAEzC,KAAO,EAAA;AAAEZ,YAAAA;AAAG,SAAA;QAAGL,QAAU,EAAA;AAAC,YAAA;AAAQ;AAAC,KAAA,CAAA;;AAG/C,IAAA,MAAMpB,cAAiBH,GAAAA,iBAAAA,EAAAA;AACvB,IAAA,IAAIG,cAAkBA,IAAAA,cAAAA,CAAe+E,SAAS,CAAC,OAAU,CAAA,EAAA;AACvD,QAAA,MAAM/E,cAAe,CAAA,OAAA,CAAA,CAASgF,sBAAsB,CAACC,MAAOxD,CAAAA,EAAAA,CAAAA,CAAAA;AAC9D;AAEA1B,IAAAA,MAAAA,CAAOuB,QAAQ,CAACC,IAAI,CAAC,aAAe,EAAA;AAAErB,QAAAA,IAAAA,EAAMD,YAAa4E,CAAAA,WAAAA;AAAa,KAAA,CAAA;IAEtE,OAAOA,WAAAA;AACT,CAAA;AAEA;;IAGA,MAAMK,cAAc,OAAOC,GAAAA,GAAAA;;AAEzB,IAAA,MAAMvD,cAAiB,GAAA,MAAMlB,UAAW,CAAA,MAAA,CAAA,CAAQmB,2BAA2B,EAAA;IAC3E,MAAMuD,sBAAAA,GAAyB,MAAMrF,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAeyC,CAAAA,CAAAA,KAAK,CAAC;QACxEtB,KAAO,EAAA;YACLZ,EAAI0D,EAAAA,GAAAA;YACJ/E,KAAO,EAAA;AAAEqB,gBAAAA,EAAAA,EAAIG,eAAeH;AAAG;AACjC;AACF,KAAA,CAAA;IAEA,IAAIG,cAAAA,CAAekB,UAAU,KAAKsC,sBAAwB,EAAA;AACxD,QAAA,MAAM,IAAI7F,eAAgB,CAAA,wDAAA,CAAA;AAC5B;AAEA,IAAA,MAAM8F,eAAe,EAAE;IACvB,KAAK,MAAM5D,MAAM0D,GAAK,CAAA;QACpB,MAAMN,WAAAA,GAAc,MAAM9E,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAe4D,CAAAA,CAAAA,MAAM,CAAC;YAC9DzC,KAAO,EAAA;AAAEZ,gBAAAA;AAAG,aAAA;YACZL,QAAU,EAAA;AAAC,gBAAA;AAAQ;AACrB,SAAA,CAAA;;AAGA,QAAA,MAAMpB,cAAiBH,GAAAA,iBAAAA,EAAAA;AACvB,QAAA,IAAIG,cAAkBA,IAAAA,cAAAA,CAAe+E,SAAS,CAAC,OAAU,CAAA,EAAA;AACvD,YAAA,MAAM/E,cAAe,CAAA,OAAA,CAAA,CAASgF,sBAAsB,CAACC,MAAOxD,CAAAA,EAAAA,CAAAA,CAAAA;AAC9D;AAEA4D,QAAAA,YAAAA,CAAaC,IAAI,CAACT,WAAAA,CAAAA;AACpB;AAEA9E,IAAAA,MAAAA,CAAOuB,QAAQ,CAACC,IAAI,CAAC,aAAe,EAAA;AAClCgE,QAAAA,KAAAA,EAAOF,YAAahF,CAAAA,GAAG,CAAC,CAACwE,cAAgB5E,YAAa4E,CAAAA,WAAAA,CAAAA;AACxD,KAAA,CAAA;IAEA,OAAOQ,YAAAA;AACT,CAAA;AAEA;AACC,IACD,MAAMG,qBAAwB,GAAA,UAAA;AAC5B,IAAA,OAAOzF,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeyC,KAAK,CAAC;QAC1CtB,KAAO,EAAA;YACLjC,KAAO,EAAA;gBACLqB,EAAI,EAAA;oBAAEgE,KAAO,EAAA;AAAK;AACpB;AACF;AACF,KAAA,CAAA;AACF,CAAA;AAEA;;;AAGC,IACD,MAAM9B,KAAAA,GAAQ,OAAOtB,KAAAA,GAAQ,EAAE,GAAA;AAC7B,IAAA,OAAOtC,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAeyC,KAAK,CAAC;AAAEtB,QAAAA;AAAM,KAAA,CAAA;AACtD,CAAA;AAEA;;IAGA,MAAMqD,mBAAmB,OAAOC,MAAAA,GAAAA;IAC9B,MAAMJ,KAAAA,GAAQ,MAAMxF,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAeiC,CAAAA,CAAAA,QAAQ,CAAC;QAC1DM,MAAQ,EAAA;AAAC,YAAA;AAAK,SAAA;QACdpB,KAAO,EAAA;YACLjC,KAAO,EAAA;gBAAEqB,EAAI,EAAA;oBAAEgE,KAAO,EAAA;AAAK;AAAE;AAC/B;AACF,KAAA,CAAA;AAEA,IAAA,MAAMG,QAAQC,GAAG,CACfN,KAAMlF,CAAAA,GAAG,CAAC,CAACH,IAAAA,GAAAA;AACT,QAAA,OAAOH,OAAOkB,EAAE,CAACC,KAAK,CAAC,aAAA,CAAA,CAAekB,MAAM,CAAC;YAC3CC,KAAO,EAAA;AAAEZ,gBAAAA,EAAAA,EAAIvB,KAAKuB;AAAG,aAAA;YACrBN,IAAM,EAAA;gBAAEf,KAAO,EAAA;AAACuF,oBAAAA;AAAO;AAAC;AAC1B,SAAA,CAAA;AACF,KAAA,CAAA,CAAA;AAEJ,CAAA;AAEA;AACC,IACD,MAAMG,iCAAoC,GAAA,UAAA;AACxC,IAAA,MAAMnC,QAAQ,MAAM6B,qBAAAA,EAAAA;AAEpB,IAAA,IAAI7B,QAAQ,CAAG,EAAA;QACb5D,MAAOgG,CAAAA,GAAG,CAACC,IAAI,CAAC,CAAC,YAAY,EAAErC,KAAM,CAAA,sBAAsB,CAAC,CAAA;AAC9D;AACF,CAAA;AAEA;AACC,IACD,MAAMsC,iBAAoB,GAAA,UAAA;IACxB,MAAMV,KAAAA,GAAQ,MAAMxF,MAAOkB,CAAAA,EAAE,CAACC,KAAK,CAAC,aAAeiC,CAAAA,CAAAA,QAAQ,CAAC;QAAEM,MAAQ,EAAA;AAAC,YAAA;AAAmB;AAAC,KAAA,CAAA;AAE3F,IAAA,OAAO8B,MAAMlF,GAAG,CAAC,CAACH,IAASA,GAAAA,IAAAA,CAAKgG,gBAAgB,IAAI,IAAA,CAAA;AACtD,CAAA;AACA,WAAe;AACb5F,IAAAA,MAAAA;AACAkB,IAAAA,UAAAA;AACAkC,IAAAA,MAAAA;AACAE,IAAAA,oBAAAA;AACAE,IAAAA,QAAAA;AACA7D,IAAAA,YAAAA;AACAuC,IAAAA,OAAAA;AACA0B,IAAAA,cAAAA;AACAE,IAAAA,QAAAA;AACAK,IAAAA,UAAAA;AACAS,IAAAA,WAAAA;AACAM,IAAAA,qBAAAA;AACA7B,IAAAA,KAAAA;AACA+B,IAAAA,gBAAAA;AACAI,IAAAA,iCAAAA;AACAxD,IAAAA,oBAAAA;AACA2D,IAAAA,iBAAAA;AACAjD,IAAAA;AACF,CAAE;;;;"}