@sync-in/server 1.8.1 → 1.9.1

package/server/applications/users/services/users-queries.service.js

@@ -381,83 +381,82 @@ let UsersQueries = class UsersQueries {
     }
     async usersWhitelist(userId, lowerOrEqualUserRole = _user.USER_ROLE.GUEST) {
         /* Get the list of user ids allowed to the current user
-      - all users with no groups (except link users)
-      - all users who are members of the current user's groups (excluding link users and members of isolated groups)
-      - all guests managed by the current user
-      - all managers who manage the current guest
-    */ const usersAlias = (0, _mysqlcore.alias)(_usersschema.users, 'usersAlias');
-        const groupsAlias = (0, _mysqlcore.alias)(_groupsschema.groups, 'groupsAlias');
-        const userIds = (0, _drizzleorm.sql)`
-      WITH RECURSIVE children (id, parentId) AS
-                       (SELECT ${_groupsschema.groups.id},
-                               ${_groupsschema.groups.parentId}
-                        FROM ${_groupsschema.groups}
-                        WHERE (${_groupsschema.groups.id} IN (SELECT ${_usersgroupsschema.usersGroups.groupId}
-                                                FROM ${_usersgroupsschema.usersGroups}
-                                                WHERE ${_usersgroupsschema.usersGroups.userId} = ${userId}
-                                                  AND ${_groupsschema.groups.visibility} != ${_group.GROUP_VISIBILITY.ISOLATED}))
-                        UNION
-                        SELECT ${groupsAlias.id},
-                               ${groupsAlias.parentId}
-                        FROM ${_groupsschema.groups} AS groupsAlias
-                               INNER JOIN children cs ON ${groupsAlias.parentId} = cs.id AND ${groupsAlias.visibility} = ${_drizzleorm.sql.raw(`${_group.GROUP_VISIBILITY.VISIBLE}`)})
-      SELECT JSON_ARRAYAGG(id) AS ids
-      FROM (
-             -- Users from visible child groups
-             SELECT ${_usersschema.users.id} AS id
-             FROM children
-                    INNER JOIN ${_usersgroupsschema.usersGroups} ON ${_usersgroupsschema.usersGroups.groupId} = children.id
-                    INNER JOIN ${_usersschema.users} ON ${_usersgroupsschema.usersGroups.userId} = ${_usersschema.users.id} AND ${_usersschema.users.role} <= ${_drizzleorm.sql.raw(`${lowerOrEqualUserRole}`)}
+       - all users with no groups (except users with a role higher than lowerOrEqualUserRole)
+       - all users who are members of groups visible to the current user
+         (VISIBLE groups for everyone, PRIVATE groups only if the current user is a member, never members of ISOLATED groups)
+       - all guests managed by the current user
+       - all managers who manage the current guest
+    */ const userIds = (0, _drizzleorm.sql)`
+    WITH visible_groups AS (
+      SELECT ${_groupsschema.groups.id} AS id
+      FROM ${_groupsschema.groups}
+      LEFT JOIN ${_usersgroupsschema.usersGroups}
+        ON ${_usersgroupsschema.usersGroups.groupId} = ${_groupsschema.groups.id}
+       AND ${_usersgroupsschema.usersGroups.userId} = ${userId}
+      WHERE
+        ${_groupsschema.groups.visibility} != ${_group.GROUP_VISIBILITY.ISOLATED}
+        AND (
+          ${_groupsschema.groups.visibility} = ${_group.GROUP_VISIBILITY.VISIBLE}
+          OR (
+            ${_groupsschema.groups.visibility} = ${_group.GROUP_VISIBILITY.PRIVATE}
+            AND ${_usersgroupsschema.usersGroups.userId} IS NOT NULL
+          )
+        )
+    )
+    SELECT JSON_ARRAYAGG(id) AS ids
+    FROM (
+      -- 1) Users from groups visible to the current user
+      SELECT ${_usersschema.users.id} AS id
+      FROM ${_usersschema.users}
+      INNER JOIN ${_usersgroupsschema.usersGroups}
+        ON ${_usersgroupsschema.usersGroups.userId} = ${_usersschema.users.id}
+      INNER JOIN visible_groups
+        ON visible_groups.id = ${_usersgroupsschema.usersGroups.groupId}
+      WHERE ${_usersschema.users.role} <= ${_drizzleorm.sql.raw(`${lowerOrEqualUserRole}`)}
 
-             UNION
-             -- Users visible but not assigned to groups
-             SELECT ${usersAlias.id} AS id
-             FROM ${_usersschema.users} AS usersAlias
-                    INNER JOIN ${_usersschema.users} ON ${_usersschema.users.id} = ${usersAlias.id} AND ${_usersschema.users.role} <= ${_drizzleorm.sql.raw(`${lowerOrEqualUserRole}`)}
-             WHERE NOT EXISTS (SELECT ${_usersgroupsschema.usersGroups.userId} FROM ${_usersgroupsschema.usersGroups} WHERE ${_usersgroupsschema.usersGroups.userId} = ${usersAlias.id})
-             UNION
-             -- Users or guests that are manager/managed
-             SELECT CASE
-                      WHEN ${_usersguestsschema.usersGuests.userId} = ${userId} THEN ${_usersguestsschema.usersGuests.guestId}
-                      WHEN ${_usersguestsschema.usersGuests.guestId} = ${userId} THEN ${_usersguestsschema.usersGuests.userId}
-                      END AS id
-             FROM ${_usersguestsschema.usersGuests}
-             WHERE ${_usersguestsschema.usersGuests.userId} = ${userId}
-                OR ${_usersguestsschema.usersGuests.guestId} = ${userId}) AS usersUnion
-    `;
+      UNION
+
+      -- 2) Users with no groups
+      SELECT ${_usersschema.users.id} AS id
+      FROM ${_usersschema.users}
+      WHERE
+        ${_usersschema.users.role} <= ${_drizzleorm.sql.raw(`${lowerOrEqualUserRole}`)}
+        AND NOT EXISTS (
+          SELECT 1
+          FROM ${_usersgroupsschema.usersGroups}
+          WHERE ${_usersgroupsschema.usersGroups.userId} = ${_usersschema.users.id}
+        )
+
+      UNION
+
+      -- 3) Guests managed by the user and managers of the current guest
+      SELECT CASE
+               WHEN ${_usersguestsschema.usersGuests.userId} = ${userId} THEN ${_usersguestsschema.usersGuests.guestId}
+               WHEN ${_usersguestsschema.usersGuests.guestId} = ${userId} THEN ${_usersguestsschema.usersGuests.userId}
+             END AS id
+      FROM ${_usersguestsschema.usersGuests}
+      WHERE ${_usersguestsschema.usersGuests.userId} = ${userId}
+         OR ${_usersguestsschema.usersGuests.guestId} = ${userId}
+    ) AS usersUnion
+  `;
         const [r] = await this.db.execute(userIds);
         return JSON.parse(r[0].ids) || [];
     }
     async groupsWhitelist(userId) {
-        /* Get the list of groups ids allowed to the current user
-      - all parent groups for which the user is a member (includes personal groups, excludes isolated groups)
-      - all subgroups inherited from parent groups
-    */ const groupsAlias = (0, _mysqlcore.alias)(_groupsschema.groups, 'groupsAlias');
-        const groupIds = (0, _drizzleorm.sql)`
-      WITH RECURSIVE children (id, parentId, type) AS
-                       (SELECT ${_groupsschema.groups.id},
-                               ${_groupsschema.groups.parentId},
-                               ${_groupsschema.groups.type}
-                        FROM ${_groupsschema.groups}
-                        WHERE (${_groupsschema.groups.id} IN (SELECT ${_usersgroupsschema.usersGroups.groupId}
-                                                FROM ${_usersgroupsschema.usersGroups}
-                                                WHERE ${_usersgroupsschema.usersGroups.userId} = ${userId}
-                                                  AND ${_groupsschema.groups.visibility} != ${_group.GROUP_VISIBILITY.ISOLATED}))
-                        UNION
-                        SELECT ${groupsAlias.id},
-                               ${groupsAlias.parentId},
-                               ${groupsAlias.type}
-                        FROM ${_groupsschema.groups} AS groupsAlias
-                               INNER JOIN children cs ON ${groupsAlias.parentId} = cs.id AND ${groupsAlias.visibility} = ${_group.GROUP_VISIBILITY.VISIBLE})
-      SELECT JSON_ARRAYAGG(children.id) as ids
-      FROM children
-    `;
-        const [r] = await this.db.execute(groupIds);
+        /* Get the list of group IDs the current user is allowed to see.
+       - A group marked VISIBLE is always included.
+       - A group marked ISOLATED is always excluded.
+       - A PRIVATE group is included only if the user is a direct member of it.
+       - Visibility does not inherit from parent or child groups.
+    */ const q = this.db.select({
+            id: (0, _drizzleorm.sql)`JSON_ARRAYAGG(${_groupsschema.groups.id}) as ids`
+        }).from(_groupsschema.groups).leftJoin(_usersgroupsschema.usersGroups, (0, _drizzleorm.and)((0, _drizzleorm.eq)(_usersgroupsschema.usersGroups.groupId, _groupsschema.groups.id), (0, _drizzleorm.eq)(_usersgroupsschema.usersGroups.userId, userId))).where((0, _drizzleorm.and)((0, _drizzleorm.ne)(_groupsschema.groups.visibility, _group.GROUP_VISIBILITY.ISOLATED), (0, _drizzleorm.or)((0, _drizzleorm.eq)(_groupsschema.groups.visibility, _group.GROUP_VISIBILITY.VISIBLE), (0, _drizzleorm.and)((0, _drizzleorm.eq)(_groupsschema.groups.visibility, _group.GROUP_VISIBILITY.PRIVATE), (0, _drizzleorm.isNotNull)(_usersgroupsschema.usersGroups.userId)))));
+        const [r] = await this.db.execute(q);
         return JSON.parse(r[0].ids) || [];
     }
     clearWhiteListCaches(userIds) {
         if (userIds === '*') {
-            // means all entries
+            // Means all entries
             for (const pattern of [
                 this.cache.genSlugKey(this.constructor.name, this.usersWhitelist.name, userIds),
                 this.cache.genSlugKey(this.constructor.name, this.groupsWhitelist.name, userIds)

package/server/applications/users/services/users-queries.service.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../../backend/src/applications/users/services/users-queries.service.ts"],"sourcesContent":["/*\n * Copyright (C) 2012-2025 Johan Legrand <johan.legrand@sync-in.com>\n * This file is part of Sync-in | The open source file sync and share solution\n * See the LICENSE file for licensing details\n */\n\nimport { Inject, Injectable, Logger } from '@nestjs/common'\nimport { and, countDistinct, eq, inArray, like, lte, ne, notInArray, or, SelectedFields, SQL, sql } from 'drizzle-orm'\nimport { alias } from 'drizzle-orm/mysql-core'\nimport { MySql2PreparedQuery, MySqlQueryResult } from 'drizzle-orm/mysql2'\nimport { anonymizePassword, comparePassword, uniquePermissions } from '../../../common/functions'\nimport { CacheDecorator } from '../../../infrastructure/cache/cache.decorator'\nimport { Cache } from '../../../infrastructure/cache/services/cache.service'\nimport { DB_TOKEN_PROVIDER } from '../../../infrastructure/database/constants'\nimport { DBSchema } from '../../../infrastructure/database/interfaces/database.interface'\nimport {\n  concatDistinctObjectsInArray,\n  convertToSelect,\n  dateTimeUTC,\n  dbCheckAffectedRows,\n  dbGetInsertedId\n} from '../../../infrastructure/database/utils'\nimport { GROUP_TYPE, GROUP_VISIBILITY } from '../constants/group'\nimport { MEMBER_TYPE } from '../constants/member'\nimport { USER_GROUP_ROLE, USER_ONLINE_STATUS, USER_PERMS_SEP, USER_ROLE } from '../constants/user'\nimport { UserCreateOrUpdateGroupDto } from '../dto/create-or-update-group.dto'\nimport { CreateUserDto } from '../dto/create-or-update-user.dto'\nimport { SearchMembersDto } from '../dto/search-members.dto'\nimport { GroupMember, GroupWithMembers } from '../interfaces/group-member'\nimport { GuestUser } from '../interfaces/guest-user.interface'\nimport { Member } from '../interfaces/member.interface'\nimport { UserSecrets } from '../interfaces/user-secrets.interface'\nimport { UserOnline } from '../interfaces/websocket.interface'\nimport { UserModel } from '../models/user.model'\nimport { Group } from '../schemas/group.interface'\nimport { groups } from '../schemas/groups.schema'\nimport { UserGroup } from '../schemas/user-group.interface'\nimport { User } from '../schemas/user.interface'\nimport { usersGroups } from '../schemas/users-groups.schema'\nimport { usersGuests } from '../schemas/users-guests.schema'\nimport { userFullNameSQL, users } from '../schemas/users.schema'\n\n@Injectable()\nexport class UsersQueries {\n  private readonly logger = new Logger(UsersQueries.name)\n  private fromLoginOrEmailPermissionsQuery: MySql2PreparedQuery<any> = null\n  private fromIdPermissionsQuery: MySql2PreparedQuery<any> = null\n\n  constructor(\n    @Inject(DB_TOKEN_PROVIDER) private readonly db: DBSchema,\n    private readonly cache: Cache\n  ) {}\n\n  checkUserExists(login?: string, email?: string): Promise<{ login?: string; email?: string }> {\n    if (!login && !email) {\n      throw new Error('login or email must be specified')\n    }\n    const columns: { login?: boolean; email?: boolean } = {}\n    const where: SQL[] = []\n    if (login) {\n      columns.login = true\n      where.push(eq(users.login, login))\n    }\n    if (email) {\n      columns.email = true\n      where.push(eq(users.email, email))\n    }\n    const operator = login && email ? or : and\n    return this.db.query.users.findFirst({\n      columns: columns,\n      where: operator(...where)\n    })\n  }\n\n  setOnlineStatus(userId: number, onlineStatus: USER_ONLINE_STATUS): Promise<boolean> {\n    return this.updateUserOrGuest(userId, { onlineStatus: onlineStatus })\n  }\n\n  getOnlineUsers(userIds: number[]): Promise<UserOnline[]> {\n    return this.db\n      .select({\n        id: users.id,\n        login: users.login,\n        email: users.email,\n        fullName: userFullNameSQL(users),\n        onlineStatus: users.onlineStatus\n      } satisfies UserOnline | SelectedFields<any, any>)\n      .from(users)\n      .where(inArray(users.id, userIds))\n  }\n\n  async checkGroupNameExists(groupName: string): Promise<boolean> {\n    const [group] = await this.db.select({ name: groups.name }).from(groups).where(eq(groups.name, groupName)).limit(1)\n    return !!group?.name\n  }\n\n  async compareUserPassword(userId: number, password: string): Promise<boolean> {\n    const [hash] = (await this.selectUsers(['password'], [eq(users.id, userId)])) as { password: string }[]\n    if (!hash) return false\n    return comparePassword(password, hash.password)\n  }\n\n  async from(userId?: number, loginOrEmail?: string): Promise<User> {\n    // retrieve user with application permissions\n    let pQuery: MySql2PreparedQuery<any> = userId ? this.fromIdPermissionsQuery : this.fromLoginOrEmailPermissionsQuery\n    if (!pQuery) {\n      const where = userId\n        ? eq(users.id, sql.placeholder('userId'))\n        : or(eq(users.login, sql.placeholder('loginOrEmail')), eq(users.email, sql.placeholder('loginOrEmail')))\n      pQuery = this.db\n        .select({\n          user: users,\n          groupsPermissions: sql`GROUP_CONCAT(DISTINCT (${groups.permissions}) SEPARATOR ${USER_PERMS_SEP})`\n        })\n        .from(users)\n        .leftJoin(usersGroups, eq(usersGroups.userId, users.id))\n        .leftJoin(groups, and(eq(groups.id, usersGroups.groupId), ne(groups.permissions, '')))\n        .where(where)\n        .groupBy(users.id)\n        .limit(1)\n        .prepare()\n      if (userId) {\n        this.fromIdPermissionsQuery = pQuery\n      } else {\n        this.fromLoginOrEmailPermissionsQuery = pQuery\n      }\n    }\n    const r = await pQuery.execute(userId ? { userId } : { loginOrEmail })\n    if (!r.length) return null\n    const [user, groupsPermissions] = [r[0].user, r[0].groupsPermissions]\n    // merge user and groups permissions\n    user.permissions = uniquePermissions(`${user.permissions},${groupsPermissions}`, USER_PERMS_SEP)\n    return user\n  }\n\n  async getUserSecrets(userId: number): Promise<UserSecrets> {\n    const [r]: { secrets: UserSecrets }[] = await this.db.select({ secrets: users.secrets }).from(users).where(eq(users.id, userId)).limit(1)\n    return r.secrets || {}\n  }\n\n  selectUsers(fields: Partial<keyof User>[] = ['id', 'login', 'email'], where: SQL[]): Promise<Partial<User>[]> {\n    const select: Record<keyof User, any> = convertToSelect(users, fields)\n    return this.db\n      .select(select)\n      .from(users)\n      .where(and(...where))\n  }\n\n  async selectUserProperties(userId: number, fields: Partial<keyof User>[]): Promise<Partial<User>> {\n    const select: Record<keyof User, any> = convertToSelect(users, fields)\n    const [r]: Record<string, any>[] = await this.db.select(select).from(users).where(eq(users.id, userId)).limit(1)\n    return r\n  }\n\n  async createUserOrGuest(createUserDto: CreateUserDto, userRole: USER_ROLE): Promise<User['id']> {\n    const userId: number = dbGetInsertedId(await this.db.insert(users).values({ ...createUserDto, role: userRole } as User))\n    if (userRole === USER_ROLE.USER && createUserDto.groups?.length) {\n      await this.db.insert(usersGroups).values(createUserDto.groups.map((gid: number) => ({ userId: userId, groupId: gid })))\n    }\n    if (userRole === USER_ROLE.GUEST && createUserDto.managers?.length) {\n      await this.db.insert(usersGuests).values(createUserDto.managers.map((uid: number) => ({ guestId: userId, userId: uid })))\n    }\n    return userId\n  }\n\n  async updateUserOrGuest(userId: number, set: Partial<Record<keyof User, any>>, userRole?: USER_ROLE): Promise<boolean> {\n    try {\n      dbCheckAffectedRows(\n        await this.db\n          .update(users)\n          .set({ ...set, ...(userRole && { role: userRole }) } as User)\n          .where(eq(users.id, userId)),\n        1\n      )\n      this.logger.verbose(`${this.updateUserOrGuest.name} - user (${userId}) was updated : ${JSON.stringify(anonymizePassword(set))}`)\n      return true\n    } catch (e) {\n      this.logger.error(`${this.updateUserOrGuest.name} - user (${userId}) was not updated : ${JSON.stringify(anonymizePassword(set))} : ${e}`)\n      return false\n    }\n  }\n\n  async deleteGuestLink(userId: number): Promise<void> {\n    dbCheckAffectedRows(await this.db.delete(users).where(and(eq(users.id, userId), eq(users.role, USER_ROLE.LINK))), 1)\n  }\n\n  async searchUsersOrGroups(searchMembersDto: SearchMembersDto, userId?: number): Promise<Member[]> {\n    const limit = searchMembersDto.onlyUsers || searchMembersDto.onlyGroups ? 6 : 3\n    const members: Member[] = []\n    if (!searchMembersDto.onlyGroups) {\n      for (const u of await this.searchUsers(searchMembersDto, userId, limit)) {\n        members.push({\n          id: u.id,\n          login: u.login,\n          name: u.fullName,\n          description: u.email,\n          type: u.role === USER_ROLE.GUEST ? MEMBER_TYPE.GUEST : MEMBER_TYPE.USER,\n          permissions: searchMembersDto.withPermissions ? u.permissions : undefined\n        })\n      }\n    }\n    if (!searchMembersDto.onlyUsers) {\n      for (const g of await this.searchGroups(searchMembersDto, userId, limit)) {\n        members.push({\n          id: g.id,\n          name: g.name,\n          description: g.description,\n          type: g.type === GROUP_TYPE.USER ? MEMBER_TYPE.GROUP : MEMBER_TYPE.PGROUP,\n          permissions: searchMembersDto.withPermissions ? g.permissions : undefined\n        })\n      }\n    }\n    return members\n  }\n\n  async groupFromName(userId: number, name: string): Promise<Pick<Group, 'id' | 'name' | 'type'> & { role: UserGroup['role'] }> {\n    const [group] = await this.db\n      .select({\n        id: groups.id,\n        name: groups.name,\n        type: groups.type,\n        role: usersGroups.role\n      } satisfies (Pick<Group, 'id' | 'name' | 'type'> & { role: UserGroup['role'] }) | SelectedFields<any, any>)\n      .from(usersGroups)\n      .innerJoin(groups, eq(groups.id, usersGroups.groupId))\n      .where(and(eq(usersGroups.userId, userId), eq(groups.name, name)))\n      .limit(1)\n    return group\n  }\n\n  async browseRootGroups(userId: number): Promise<Member[]> {\n    const members = alias(usersGroups, 'members')\n    return this.db\n      .select({\n        id: groups.id,\n        name: groups.name,\n        description: groups.description,\n        createdAt: groups.createdAt,\n        modifiedAt: groups.modifiedAt,\n        type: sql<MEMBER_TYPE>`IF(${groups.type} = ${GROUP_TYPE.USER}, ${MEMBER_TYPE.GROUP}, ${MEMBER_TYPE.PGROUP})`,\n        groupRole: sql<USER_GROUP_ROLE>`${usersGroups.role}`,\n        counts: { users: countDistinct(members.userId) }\n      } satisfies Member | SelectedFields<any, any>)\n      .from(usersGroups)\n      .innerJoin(groups, and(eq(groups.id, usersGroups.groupId), eq(usersGroups.userId, userId)))\n      .leftJoin(members, eq(members.groupId, groups.id))\n      .groupBy(groups.id)\n  }\n\n  async browseGroupMembers(groupId: number): Promise<Member[]> {\n    return this.db\n      .select({\n        id: users.id,\n        login: users.login,\n        name: userFullNameSQL(users).as('name'),\n        description: users.email,\n        createdAt: usersGroups.createdAt,\n        type: sql<MEMBER_TYPE>`${MEMBER_TYPE.USER}`,\n        groupRole: sql<USER_GROUP_ROLE>`${usersGroups.role}`\n      } satisfies Member | SelectedFields<any, any>)\n      .from(groups)\n      .innerJoin(usersGroups, and(eq(usersGroups.groupId, groups.id), eq(usersGroups.groupId, groupId)))\n      .leftJoin(users, eq(users.id, usersGroups.userId))\n      .groupBy(users.id)\n  }\n\n  async canDeletePersonalGroup(userId: number, groupId: number): Promise<boolean> {\n    const [group] = await this.db\n      .select({ id: usersGroups.groupId })\n      .from(usersGroups)\n      .innerJoin(groups, and(eq(groups.id, usersGroups.groupId)))\n      .where(\n        and(\n          eq(groups.type, GROUP_TYPE.PERSONAL),\n          eq(usersGroups.userId, userId),\n          eq(usersGroups.groupId, groupId),\n          eq(usersGroups.role, USER_GROUP_ROLE.MANAGER)\n        )\n      )\n      .limit(1)\n    return !!group?.id\n  }\n\n  async getGroup(userId: number, groupId: number, asAdmin = false): Promise<GroupMember> {\n    const [group] = await this.db\n      .select({\n        id: groups.id,\n        name: groups.name,\n        description: groups.description,\n        createdAt: groups.createdAt,\n        modifiedAt: groups.modifiedAt,\n        type: sql<MEMBER_TYPE>`IF(${groups.type} = ${GROUP_TYPE.USER}, ${MEMBER_TYPE.GROUP}, ${MEMBER_TYPE.PGROUP})`\n      })\n      .from(usersGroups)\n      .innerJoin(groups, and(eq(groups.id, usersGroups.groupId)))\n      .where(\n        and(\n          eq(usersGroups.groupId, groupId),\n          sql`IF(${+asAdmin} = 0, ${usersGroups.userId} = ${userId} AND ${usersGroups.role} = ${USER_GROUP_ROLE.MANAGER}, 1)`\n        )\n      )\n      .limit(1)\n    return group\n  }\n\n  async getGroupWithMembers(userId: number, groupId: number, asAdmin = false): Promise<GroupWithMembers> {\n    const usersGroupsAlias: any = alias(usersGroups, 'usersFromGroups')\n    const [group] = await this.db\n      .select({\n        id: groups.id,\n        name: groups.name,\n        description: groups.description,\n        createdAt: groups.createdAt,\n        modifiedAt: groups.modifiedAt,\n        type: sql<MEMBER_TYPE>`IF(${groups.type} = ${GROUP_TYPE.USER}, ${sql.raw(`'${MEMBER_TYPE.GROUP}'`)}, ${sql.raw(`'${MEMBER_TYPE.PGROUP}'`)})`,\n        members: concatDistinctObjectsInArray(users.id, {\n          id: users.id,\n          login: users.login,\n          name: userFullNameSQL(users),\n          description: users.email,\n          type: sql.raw(`'${MEMBER_TYPE.USER}'`),\n          groupRole: usersGroupsAlias.role,\n          createdAt: dateTimeUTC(usersGroupsAlias.createdAt)\n        } satisfies Record<keyof Pick<Member, 'id' | 'name' | 'login' | 'description' | 'type' | 'groupRole' | 'createdAt'>, any>)\n      } satisfies GroupWithMembers | SelectedFields<any, any>)\n      .from(usersGroups)\n      .innerJoin(groups, eq(groups.id, usersGroups.groupId))\n      .leftJoin(usersGroupsAlias, and(eq(usersGroupsAlias.groupId, groups.id)))\n      .leftJoin(users, eq(users.id, usersGroupsAlias.userId))\n      .where(\n        and(\n          eq(usersGroups.groupId, groupId),\n          sql`IF(${+asAdmin} = 0, ${usersGroups.userId} = ${userId} AND ${usersGroups.role} = ${USER_GROUP_ROLE.MANAGER}, 1)`\n        )\n      )\n      .groupBy(groups.id)\n      .limit(1)\n    return group\n  }\n\n  async deletePersonalGroup(groupId: number): Promise<boolean> {\n    return dbCheckAffectedRows(\n      await this.db\n        .delete(groups)\n        .where(and(eq(groups.id, groupId), eq(groups.type, GROUP_TYPE.PERSONAL)))\n        .limit(1),\n      1,\n      false\n    )\n  }\n\n  async createPersonalGroup(managerId: number, userCreateOrUpdateGroupDto: UserCreateOrUpdateGroupDto): Promise<Group['id']> {\n    const groupId: number = dbGetInsertedId(\n      await this.db.insert(groups).values({\n        ...userCreateOrUpdateGroupDto,\n        type: GROUP_TYPE.PERSONAL,\n        visibility: GROUP_VISIBILITY.PRIVATE\n      } as Group)\n    )\n    await this.db.insert(usersGroups).values({ userId: managerId, groupId: groupId, role: USER_GROUP_ROLE.MANAGER } as UserGroup)\n    return groupId\n  }\n\n  async updateGroup(groupId: number, set: Partial<Record<keyof Group, any>>) {\n    if (Object.keys(set).length) {\n      try {\n        await this.db.update(groups).set(set).where(eq(groups.id, groupId))\n        this.logger.log(`${this.updateGroup.name} - group (${groupId}) was updated : ${JSON.stringify(set)}`)\n      } catch (e) {\n        this.logger.error(`${this.updateGroup.name} - group (${groupId}) was not updated : ${JSON.stringify(set)} : ${e}`)\n        throw new Error('Group was not updated')\n      }\n    }\n  }\n\n  async updateGroupMembers(\n    groupId: number,\n    members: {\n      add?: Pick<Member, 'id' | 'groupRole'>[]\n      remove?: UserGroup['userId'][]\n    }\n  ): Promise<void> {\n    if (members?.add?.length) {\n      try {\n        await this.db.insert(usersGroups).values(members.add.map((m) => ({ userId: m.id, groupId: groupId, role: m.groupRole })))\n        // clear cache\n        this.clearWhiteListCaches(members.add.map((m) => m.id))\n        this.logger.log(`${this.updateGroupMembers.name} - users ${JSON.stringify(members.add.map((m) => m.id))} was added to group (${groupId})`)\n      } catch (e) {\n        this.logger.error(\n          `${this.updateGroupMembers.name} - users ${JSON.stringify(members.add.map((m) => m.id))} was not added to group (${groupId}) : ${e}`\n        )\n        throw new Error('Group members was not added')\n      }\n    }\n    if (members?.remove?.length) {\n      try {\n        await this.db\n          .delete(usersGroups)\n          .where(and(eq(usersGroups.groupId, groupId), inArray(usersGroups.userId, members.remove)))\n          .limit(members.remove.length)\n        // clear cache\n        this.clearWhiteListCaches(members.remove)\n        this.logger.log(`${this.updateGroupMembers.name} - users ${JSON.stringify(members.remove)} was removed from group (${groupId})`)\n      } catch (e) {\n        this.logger.error(`${this.updateGroupMembers.name} - users ${JSON.stringify(members.remove)} was not removed from group (${groupId}) : ${e}`)\n        throw new Error('Group members was not removed')\n      }\n    }\n  }\n\n  async listGuests(guestId: null, managerId?: number, asAdmin?: boolean): Promise<GuestUser[]>\n  async listGuests(guestId: number, managerId?: number, asAdmin?: boolean): Promise<GuestUser>\n  async listGuests(guestId: number | null, managerId?: number, asAdmin = false): Promise<GuestUser | GuestUser[]> {\n    const where: SQL[] = [...(guestId ? [eq(usersGuests.guestId, guestId)] : []), ...(asAdmin ? [] : [eq(usersGuests.userId, managerId)])]\n    const managersGuestAlias: any = alias(usersGuests, 'managersGuestAlias')\n    const managersAlias: any = alias(users, 'managersAlias')\n    const guests = await this.db\n      .select({\n        id: users.id,\n        login: users.login,\n        email: users.email,\n        firstName: users.firstName,\n        lastName: users.lastName,\n        fullName: userFullNameSQL(users),\n        role: users.role,\n        isActive: users.isActive,\n        passwordAttempts: users.passwordAttempts,\n        language: users.language,\n        notification: users.notification,\n        currentAccess: users.currentAccess,\n        lastAccess: users.lastAccess,\n        currentIp: users.currentIp,\n        lastIp: users.lastIp,\n        createdAt: users.createdAt,\n        managers: concatDistinctObjectsInArray(managersAlias.id, {\n          id: managersAlias.id,\n          login: managersAlias.login,\n          name: userFullNameSQL(managersAlias),\n          type: sql.raw(`'${MEMBER_TYPE.USER}'`),\n          description: managersAlias.email,\n          createdAt: dateTimeUTC(managersGuestAlias.createdAt)\n        } satisfies Record<keyof Pick<Member, 'id' | 'name' | 'login' | 'description' | 'type' | 'createdAt'>, any>)\n      } satisfies GuestUser | SelectedFields<any, any>)\n      .from(usersGuests)\n      .innerJoin(users, and(eq(users.id, usersGuests.guestId), eq(users.role, USER_ROLE.GUEST)))\n      .leftJoin(managersGuestAlias, eq(managersGuestAlias.guestId, users.id))\n      .leftJoin(managersAlias, eq(managersAlias.id, managersGuestAlias.userId))\n      .where(and(...where))\n      .groupBy(users.id)\n      .limit(guestId ? 1 : undefined)\n    return guestId ? guests[0] : guests\n  }\n\n  async isGuestManager(managerId: number, guestId: number): Promise<{ id: number; login: string } | undefined> {\n    const [guest] = await this.db\n      .select({ id: usersGuests.guestId, login: users.login })\n      .from(usersGuests)\n      .innerJoin(users, eq(users.id, usersGuests.guestId))\n      .where(and(eq(usersGuests.userId, managerId), eq(usersGuests.guestId, guestId), eq(users.role, USER_ROLE.GUEST)))\n      .limit(1)\n    return guest\n  }\n\n  @CacheDecorator(900)\n  async usersWhitelist(userId: number, lowerOrEqualUserRole: USER_ROLE = USER_ROLE.GUEST): Promise<number[]> {\n    /* Get the list of user ids allowed to the current user\n      - all users with no groups (except link users)\n      - all users who are members of the current user's groups (excluding link users and members of isolated groups)\n      - all guests managed by the current user\n      - all managers who manage the current guest\n    */\n    const usersAlias: any = alias(users, 'usersAlias')\n    const groupsAlias: any = alias(groups, 'groupsAlias')\n    const userIds: any = sql`\n      WITH RECURSIVE children (id, parentId) AS\n                       (SELECT ${groups.id},\n                               ${groups.parentId}\n                        FROM ${groups}\n                        WHERE (${groups.id} IN (SELECT ${usersGroups.groupId}\n                                                FROM ${usersGroups}\n                                                WHERE ${usersGroups.userId} = ${userId}\n                                                  AND ${groups.visibility} != ${GROUP_VISIBILITY.ISOLATED}))\n                        UNION\n                        SELECT ${groupsAlias.id},\n                               ${groupsAlias.parentId}\n                        FROM ${groups} AS groupsAlias\n                               INNER JOIN children cs ON ${groupsAlias.parentId} = cs.id AND ${groupsAlias.visibility} = ${sql.raw(`${GROUP_VISIBILITY.VISIBLE}`)})\n      SELECT JSON_ARRAYAGG(id) AS ids\n      FROM (\n             -- Users from visible child groups\n             SELECT ${users.id} AS id\n             FROM children\n                    INNER JOIN ${usersGroups} ON ${usersGroups.groupId} = children.id\n                    INNER JOIN ${users} ON ${usersGroups.userId} = ${users.id} AND ${users.role} <= ${sql.raw(`${lowerOrEqualUserRole}`)}\n\n             UNION\n             -- Users visible but not assigned to groups\n             SELECT ${usersAlias.id} AS id\n             FROM ${users} AS usersAlias\n                    INNER JOIN ${users} ON ${users.id} = ${usersAlias.id} AND ${users.role} <= ${sql.raw(`${lowerOrEqualUserRole}`)}\n             WHERE NOT EXISTS (SELECT ${usersGroups.userId} FROM ${usersGroups} WHERE ${usersGroups.userId} = ${usersAlias.id})\n             UNION\n             -- Users or guests that are manager/managed\n             SELECT CASE\n                      WHEN ${usersGuests.userId} = ${userId} THEN ${usersGuests.guestId}\n                      WHEN ${usersGuests.guestId} = ${userId} THEN ${usersGuests.userId}\n                      END AS id\n             FROM ${usersGuests}\n             WHERE ${usersGuests.userId} = ${userId}\n                OR ${usersGuests.guestId} = ${userId}) AS usersUnion\n    `\n    const [r] = await this.db.execute(userIds)\n    return JSON.parse(r[0].ids) || []\n  }\n\n  @CacheDecorator(900)\n  async groupsWhitelist(userId: number): Promise<number[]> {\n    /* Get the list of groups ids allowed to the current user\n      - all parent groups for which the user is a member (includes personal groups, excludes isolated groups)\n      - all subgroups inherited from parent groups\n    */\n    const groupsAlias: any = alias(groups, 'groupsAlias')\n    const groupIds: any = sql`\n      WITH RECURSIVE children (id, parentId, type) AS\n                       (SELECT ${groups.id},\n                               ${groups.parentId},\n                               ${groups.type}\n                        FROM ${groups}\n                        WHERE (${groups.id} IN (SELECT ${usersGroups.groupId}\n                                                FROM ${usersGroups}\n                                                WHERE ${usersGroups.userId} = ${userId}\n                                                  AND ${groups.visibility} != ${GROUP_VISIBILITY.ISOLATED}))\n                        UNION\n                        SELECT ${groupsAlias.id},\n                               ${groupsAlias.parentId},\n                               ${groupsAlias.type}\n                        FROM ${groups} AS groupsAlias\n                               INNER JOIN children cs ON ${groupsAlias.parentId} = cs.id AND ${groupsAlias.visibility} = ${GROUP_VISIBILITY.VISIBLE})\n      SELECT JSON_ARRAYAGG(children.id) as ids\n      FROM children\n    `\n    const [r] = await this.db.execute(groupIds)\n    return JSON.parse(r[0].ids) || []\n  }\n\n  clearWhiteListCaches(userIds: number[] | '*') {\n    if (userIds === '*') {\n      // means all entries\n      for (const pattern of [\n        this.cache.genSlugKey(this.constructor.name, this.usersWhitelist.name, userIds),\n        this.cache.genSlugKey(this.constructor.name, this.groupsWhitelist.name, userIds)\n      ]) {\n        this.cache\n          .keys(pattern)\n          .then((keys: string[]) => {\n            if (!keys.length) return\n            this.logger.verbose(`${this.clearWhiteListCaches.name} - ${JSON.stringify(keys)}`)\n            this.cache.mdel(keys).catch((e: Error) => this.logger.error(`${this.clearWhiteListCaches.name} - ${e}`))\n          })\n          .catch((e: Error) => this.logger.error(`${this.clearWhiteListCaches.name} - ${e}`))\n      }\n    } else {\n      this.cache\n        .mdel([\n          ...userIds.map((id: number) => this.cache.genSlugKey(this.constructor.name, this.usersWhitelist.name, id)),\n          ...userIds.map((id: number) => this.cache.genSlugKey(this.constructor.name, this.groupsWhitelist.name, id))\n        ])\n        .catch((e: Error) => this.logger.error(`${this.clearWhiteListCaches.name} - ${e}`))\n    }\n  }\n\n  async allUserIdsFromGroupsAndSubGroups(groupIds: number[]): Promise<number[]> {\n    if (!groupIds.length) return []\n    const subGroup: any = alias(groups, 'subGroup')\n    const withChildren: any = sql`\n      WITH RECURSIVE child (id, parentId) AS\n                       (SELECT ${groups.id}, ${groups.parentId}\n                        FROM ${groups}\n                        WHERE ${inArray(groups.id, groupIds)}\n                        UNION\n                        SELECT ${subGroup.id},\n                               ${subGroup.parentId}\n                        FROM ${groups} AS subGroup\n                               INNER JOIN child AS cs ON ${subGroup.parentId} = cs.id)\n      SELECT DISTINCT ${usersGroups.userId} as userId\n      FROM child\n             INNER JOIN ${usersGroups} ON child.id = ${usersGroups.groupId}\n    `\n    const [r]: { userId: number }[][] = (await this.db.execute(withChildren)) as MySqlQueryResult\n    return r.length ? r.map((r) => r.userId) : []\n  }\n\n  private async searchGroups(\n    searchMembersDto: SearchMembersDto,\n    userId?: number,\n    limit = 3\n  ): Promise<Pick<Group, 'id' | 'name' | 'description' | 'type' | 'permissions'>[]> {\n    /* Search for groups */\n    const where: SQL[] = [like(groups.name, `%${searchMembersDto.search}%`)]\n    if (userId) {\n      let idsWhitelist: number[] = await this.groupsWhitelist(userId)\n      if (searchMembersDto.ignoreGroupIds?.length) {\n        idsWhitelist = idsWhitelist.filter((id) => searchMembersDto.ignoreGroupIds.indexOf(id) === -1)\n      }\n      where.unshift(inArray(groups.id, idsWhitelist))\n    } else if (searchMembersDto.ignoreGroupIds?.length) {\n      where.unshift(notInArray(groups.id, searchMembersDto.ignoreGroupIds))\n    }\n    if (searchMembersDto.excludePersonalGroups) {\n      where.unshift(eq(groups.type, GROUP_TYPE.USER))\n    }\n    return this.db\n      .select({ id: groups.id, name: groups.name, description: groups.description, type: groups.type, permissions: groups.permissions })\n      .from(groups)\n      .where(and(...where))\n      .limit(limit)\n  }\n\n  private async searchUsers(\n    searchMembersDto: SearchMembersDto,\n    userId?: number,\n    limit = 3\n  ): Promise<Pick<UserModel, 'id' | 'login' | 'email' | 'fullName' | 'role' | 'permissions'>[]> {\n    /* Search for users */\n    const where: SQL[] = [\n      ne(users.role, USER_ROLE.LINK),\n      or(like(sql`CONCAT_WS('-', ${users.login}, ${users.email}, ${users.firstName}, ${users.lastName})`, `%${searchMembersDto.search}%`))\n    ]\n    if (userId) {\n      let idsWhitelist: number[] = await this.usersWhitelist(userId)\n      if (searchMembersDto.ignoreUserIds?.length) {\n        idsWhitelist = idsWhitelist.filter((id) => searchMembersDto.ignoreUserIds.indexOf(id) === -1)\n      }\n      where.unshift(inArray(users.id, idsWhitelist))\n    } else {\n      if (searchMembersDto.ignoreUserIds?.length) {\n        where.unshift(notInArray(users.id, searchMembersDto.ignoreUserIds))\n      }\n    }\n    if (typeof searchMembersDto.usersRole !== 'undefined') {\n      if (searchMembersDto.usersRole === USER_ROLE.USER) {\n        // allow admin users\n        where.unshift(lte(users.role, searchMembersDto.usersRole))\n      } else {\n        where.unshift(eq(users.role, searchMembersDto.usersRole))\n      }\n    }\n    return this.db\n      .select({\n        id: users.id,\n        login: users.login,\n        email: users.email,\n        fullName: userFullNameSQL(users),\n        role: users.role,\n        permissions: users.permissions\n      })\n      .from(users)\n      .where(and(...where))\n      .limit(limit)\n  }\n}\n"],"names":["UsersQueries","checkUserExists","login","email","Error","columns","where","push","eq","users","operator","or","and","db","query","findFirst","setOnlineStatus","userId","onlineStatus","updateUserOrGuest","getOnlineUsers","userIds","select","id","fullName","userFullNameSQL","from","inArray","checkGroupNameExists","groupName","group","name","groups","limit","compareUserPassword","password","hash","selectUsers","comparePassword","loginOrEmail","pQuery","fromIdPermissionsQuery","fromLoginOrEmailPermissionsQuery","sql","placeholder","user","groupsPermissions","permissions","USER_PERMS_SEP","leftJoin","usersGroups","groupId","ne","groupBy","prepare","r","execute","length","uniquePermissions","getUserSecrets","secrets","fields","convertToSelect","selectUserProperties","createUserOrGuest","createUserDto","userRole","dbGetInsertedId","insert","values","role","USER_ROLE","USER","map","gid","GUEST","managers","usersGuests","uid","guestId","set","dbCheckAffectedRows","update","logger","verbose","JSON","stringify","anonymizePassword","e","error","deleteGuestLink","delete","LINK","searchUsersOrGroups","searchMembersDto","onlyUsers","onlyGroups","members","u","searchUsers","description","type","MEMBER_TYPE","withPermissions","undefined","g","searchGroups","GROUP_TYPE","GROUP","PGROUP","groupFromName","innerJoin","browseRootGroups","alias","createdAt","modifiedAt","groupRole","counts","countDistinct","browseGroupMembers","as","canDeletePersonalGroup","PERSONAL","USER_GROUP_ROLE","MANAGER","getGroup","asAdmin","getGroupWithMembers","usersGroupsAlias","raw","concatDistinctObjectsInArray","dateTimeUTC","deletePersonalGroup","createPersonalGroup","managerId","userCreateOrUpdateGroupDto","visibility","GROUP_VISIBILITY","PRIVATE","updateGroup","Object","keys","log","updateGroupMembers","add","m","clearWhiteListCaches","remove","listGuests","managersGuestAlias","managersAlias","guests","firstName","lastName","isActive","passwordAttempts","language","notification","currentAccess","lastAccess","currentIp","lastIp","isGuestManager","guest","usersWhitelist","lowerOrEqualUserRole","usersAlias","groupsAlias","parentId","ISOLATED","VISIBLE","parse","ids","groupsWhitelist","groupIds","pattern","cache","genSlugKey","then","mdel","catch","allUserIdsFromGroupsAndSubGroups","subGroup","withChildren","like","search","idsWhitelist","ignoreGroupIds","filter","indexOf","unshift","notInArray","excludePersonalGroups","ignoreUserIds","usersRole","lte","Logger"],"mappings":"AAAA;;;;CAIC;;;;+BAuCYA;;;eAAAA;;;wBArC8B;4BAC8D;2BACnF;2BAEgD;gCACvC;8BACT;2BACY;mCACT;uBAOlB;uBACsC;wBACjB;sBACmD;8BAWxD;mCAGK;mCACA;6BACW;;;;;;;;;;;;;;;AAGhC,IAAA,AAAMA,eAAN,MAAMA;IAUXC,gBAAgBC,KAAc,EAAEC,KAAc,EAA+C;QAC3F,IAAI,CAACD,SAAS,CAACC,OAAO;YACpB,MAAM,IAAIC,MAAM;QAClB;QACA,MAAMC,UAAgD,CAAC;QACvD,MAAMC,QAAe,EAAE;QACvB,IAAIJ,OAAO;YACTG,QAAQH,KAAK,GAAG;YAChBI,MAAMC,IAAI,CAACC,IAAAA,cAAE,EAACC,kBAAK,CAACP,KAAK,EAAEA;QAC7B;QACA,IAAIC,OAAO;YACTE,QAAQF,KAAK,GAAG;YAChBG,MAAMC,IAAI,CAACC,IAAAA,cAAE,EAACC,kBAAK,CAACN,KAAK,EAAEA;QAC7B;QACA,MAAMO,WAAWR,SAASC,QAAQQ,cAAE,GAAGC,eAAG;QAC1C,OAAO,IAAI,CAACC,EAAE,CAACC,KAAK,CAACL,KAAK,CAACM,SAAS,CAAC;YACnCV,SAASA;YACTC,OAAOI,YAAYJ;QACrB;IACF;IAEAU,gBAAgBC,MAAc,EAAEC,YAAgC,EAAoB;QAClF,OAAO,IAAI,CAACC,iBAAiB,CAACF,QAAQ;YAAEC,cAAcA;QAAa;IACrE;IAEAE,eAAeC,OAAiB,EAAyB;QACvD,OAAO,IAAI,CAACR,EAAE,CACXS,MAAM,CAAC;YACNC,IAAId,kBAAK,CAACc,EAAE;YACZrB,OAAOO,kBAAK,CAACP,KAAK;YAClBC,OAAOM,kBAAK,CAACN,KAAK;YAClBqB,UAAUC,IAAAA,4BAAe,EAAChB,kBAAK;YAC/BS,cAAcT,kBAAK,CAACS,YAAY;QAClC,GACCQ,IAAI,CAACjB,kBAAK,EACVH,KAAK,CAACqB,IAAAA,mBAAO,EAAClB,kBAAK,CAACc,EAAE,EAAEF;IAC7B;IAEA,MAAMO,qBAAqBC,SAAiB,EAAoB;QAC9D,MAAM,CAACC,MAAM,GAAG,MAAM,IAAI,CAACjB,EAAE,CAACS,MAAM,CAAC;YAAES,MAAMC,oBAAM,CAACD,IAAI;QAAC,GAAGL,IAAI,CAACM,oBAAM,EAAE1B,KAAK,CAACE,IAAAA,cAAE,EAACwB,oBAAM,CAACD,IAAI,EAAEF,YAAYI,KAAK,CAAC;QACjH,OAAO,CAAC,CAACH,OAAOC;IAClB;IAEA,MAAMG,oBAAoBjB,MAAc,EAAEkB,QAAgB,EAAoB;QAC5E,MAAM,CAACC,KAAK,GAAI,MAAM,IAAI,CAACC,WAAW,CAAC;YAAC;SAAW,EAAE;YAAC7B,IAAAA,cAAE,EAACC,kBAAK,CAACc,EAAE,EAAEN;SAAQ;QAC3E,IAAI,CAACmB,MAAM,OAAO;QAClB,OAAOE,IAAAA,0BAAe,EAACH,UAAUC,KAAKD,QAAQ;IAChD;IAEA,MAAMT,KAAKT,MAAe,EAAEsB,YAAqB,EAAiB;QAChE,6CAA6C;QAC7C,IAAIC,SAAmCvB,SAAS,IAAI,CAACwB,sBAAsB,GAAG,IAAI,CAACC,gCAAgC;QACnH,IAAI,CAACF,QAAQ;YACX,MAAMlC,QAAQW,SACVT,IAAAA,cAAE,EAACC,kBAAK,CAACc,EAAE,EAAEoB,eAAG,CAACC,WAAW,CAAC,aAC7BjC,IAAAA,cAAE,EAACH,IAAAA,cAAE,EAACC,kBAAK,CAACP,KAAK,EAAEyC,eAAG,CAACC,WAAW,CAAC,kBAAkBpC,IAAAA,cAAE,EAACC,kBAAK,CAACN,KAAK,EAAEwC,eAAG,CAACC,WAAW,CAAC;YACzFJ,SAAS,IAAI,CAAC3B,EAAE,CACbS,MAAM,CAAC;gBACNuB,MAAMpC,kBAAK;gBACXqC,mBAAmBH,IAAAA,eAAG,CAAA,CAAC,uBAAuB,EAAEX,oBAAM,CAACe,WAAW,CAAC,YAAY,EAAEC,oBAAc,CAAC,CAAC,CAAC;YACpG,GACCtB,IAAI,CAACjB,kBAAK,EACVwC,QAAQ,CAACC,8BAAW,EAAE1C,IAAAA,cAAE,EAAC0C,8BAAW,CAACjC,MAAM,EAAER,kBAAK,CAACc,EAAE,GACrD0B,QAAQ,CAACjB,oBAAM,EAAEpB,IAAAA,eAAG,EAACJ,IAAAA,cAAE,EAACwB,oBAAM,CAACT,EAAE,EAAE2B,8BAAW,CAACC,OAAO,GAAGC,IAAAA,cAAE,EAACpB,oBAAM,CAACe,WAAW,EAAE,MAChFzC,KAAK,CAACA,OACN+C,OAAO,CAAC5C,kBAAK,CAACc,EAAE,EAChBU,KAAK,CAAC,GACNqB,OAAO;YACV,IAAIrC,QAAQ;gBACV,IAAI,CAACwB,sBAAsB,GAAGD;YAChC,OAAO;gBACL,IAAI,CAACE,gCAAgC,GAAGF;YAC1C;QACF;QACA,MAAMe,IAAI,MAAMf,OAAOgB,OAAO,CAACvC,SAAS;YAAEA;QAAO,IAAI;YAAEsB;QAAa;QACpE,IAAI,CAACgB,EAAEE,MAAM,EAAE,OAAO;QACtB,MAAM,CAACZ,MAAMC,kBAAkB,GAAG;YAACS,CAAC,CAAC,EAAE,CAACV,IAAI;YAAEU,CAAC,CAAC,EAAE,CAACT,iBAAiB;SAAC;QACrE,oCAAoC;QACpCD,KAAKE,WAAW,GAAGW,IAAAA,4BAAiB,EAAC,GAAGb,KAAKE,WAAW,CAAC,CAAC,EAAED,mBAAmB,EAAEE,oBAAc;QAC/F,OAAOH;IACT;IAEA,MAAMc,eAAe1C,MAAc,EAAwB;QACzD,MAAM,CAACsC,EAAE,GAA+B,MAAM,IAAI,CAAC1C,EAAE,CAACS,MAAM,CAAC;YAAEsC,SAASnD,kBAAK,CAACmD,OAAO;QAAC,GAAGlC,IAAI,CAACjB,kBAAK,EAAEH,KAAK,CAACE,IAAAA,cAAE,EAACC,kBAAK,CAACc,EAAE,EAAEN,SAASgB,KAAK,CAAC;QACvI,OAAOsB,EAAEK,OAAO,IAAI,CAAC;IACvB;IAEAvB,YAAYwB,SAAgC;QAAC;QAAM;QAAS;KAAQ,EAAEvD,KAAY,EAA4B;QAC5G,MAAMgB,SAAkCwC,IAAAA,sBAAe,EAACrD,kBAAK,EAAEoD;QAC/D,OAAO,IAAI,CAAChD,EAAE,CACXS,MAAM,CAACA,QACPI,IAAI,CAACjB,kBAAK,EACVH,KAAK,CAACM,IAAAA,eAAG,KAAIN;IAClB;IAEA,MAAMyD,qBAAqB9C,MAAc,EAAE4C,MAA6B,EAA0B;QAChG,MAAMvC,SAAkCwC,IAAAA,sBAAe,EAACrD,kBAAK,EAAEoD;QAC/D,MAAM,CAACN,EAAE,GAA0B,MAAM,IAAI,CAAC1C,EAAE,CAACS,MAAM,CAACA,QAAQI,IAAI,CAACjB,kBAAK,EAAEH,KAAK,CAACE,IAAAA,cAAE,EAACC,kBAAK,CAACc,EAAE,EAAEN,SAASgB,KAAK,CAAC;QAC9G,OAAOsB;IACT;IAEA,MAAMS,kBAAkBC,aAA4B,EAAEC,QAAmB,EAAuB;QAC9F,MAAMjD,SAAiBkD,IAAAA,sBAAe,EAAC,MAAM,IAAI,CAACtD,EAAE,CAACuD,MAAM,CAAC3D,kBAAK,EAAE4D,MAAM,CAAC;YAAE,GAAGJ,aAAa;YAAEK,MAAMJ;QAAS;QAC7G,IAAIA,aAAaK,eAAS,CAACC,IAAI,IAAIP,cAAcjC,MAAM,EAAEyB,QAAQ;YAC/D,MAAM,IAAI,CAAC5C,EAAE,CAACuD,MAAM,CAAClB,8BAAW,EAAEmB,MAAM,CAACJ,cAAcjC,MAAM,CAACyC,GAAG,CAAC,CAACC,MAAiB,CAAA;oBAAEzD,QAAQA;oBAAQkC,SAASuB;gBAAI,CAAA;QACrH;QACA,IAAIR,aAAaK,eAAS,CAACI,KAAK,IAAIV,cAAcW,QAAQ,EAAEnB,QAAQ;YAClE,MAAM,IAAI,CAAC5C,EAAE,CAACuD,MAAM,CAACS,8BAAW,EAAER,MAAM,CAACJ,cAAcW,QAAQ,CAACH,GAAG,CAAC,CAACK,MAAiB,CAAA;oBAAEC,SAAS9D;oBAAQA,QAAQ6D;gBAAI,CAAA;QACvH;QACA,OAAO7D;IACT;IAEA,MAAME,kBAAkBF,MAAc,EAAE+D,GAAqC,EAAEd,QAAoB,EAAoB;QACrH,IAAI;YACFe,IAAAA,0BAAmB,EACjB,MAAM,IAAI,CAACpE,EAAE,CACVqE,MAAM,CAACzE,kBAAK,EACZuE,GAAG,CAAC;gBAAE,GAAGA,GAAG;gBAAE,GAAId,YAAY;oBAAEI,MAAMJ;gBAAS,CAAC;YAAE,GAClD5D,KAAK,CAACE,IAAAA,cAAE,EAACC,kBAAK,CAACc,EAAE,EAAEN,UACtB;YAEF,IAAI,CAACkE,MAAM,CAACC,OAAO,CAAC,GAAG,IAAI,CAACjE,iBAAiB,CAACY,IAAI,CAAC,SAAS,EAAEd,OAAO,gBAAgB,EAAEoE,KAAKC,SAAS,CAACC,IAAAA,4BAAiB,EAACP,OAAO;YAC/H,OAAO;QACT,EAAE,OAAOQ,GAAG;YACV,IAAI,CAACL,MAAM,CAACM,KAAK,CAAC,GAAG,IAAI,CAACtE,iBAAiB,CAACY,IAAI,CAAC,SAAS,EAAEd,OAAO,oBAAoB,EAAEoE,KAAKC,SAAS,CAACC,IAAAA,4BAAiB,EAACP,MAAM,GAAG,EAAEQ,GAAG;YACxI,OAAO;QACT;IACF;IAEA,MAAME,gBAAgBzE,MAAc,EAAiB;QACnDgE,IAAAA,0BAAmB,EAAC,MAAM,IAAI,CAACpE,EAAE,CAAC8E,MAAM,CAAClF,kBAAK,EAAEH,KAAK,CAACM,IAAAA,eAAG,EAACJ,IAAAA,cAAE,EAACC,kBAAK,CAACc,EAAE,EAAEN,SAAST,IAAAA,cAAE,EAACC,kBAAK,CAAC6D,IAAI,EAAEC,eAAS,CAACqB,IAAI,KAAK;IACpH;IAEA,MAAMC,oBAAoBC,gBAAkC,EAAE7E,MAAe,EAAqB;QAChG,MAAMgB,QAAQ6D,iBAAiBC,SAAS,IAAID,iBAAiBE,UAAU,GAAG,IAAI;QAC9E,MAAMC,UAAoB,EAAE;QAC5B,IAAI,CAACH,iBAAiBE,UAAU,EAAE;YAChC,KAAK,MAAME,KAAK,CAAA,MAAM,IAAI,CAACC,WAAW,CAACL,kBAAkB7E,QAAQgB,MAAK,EAAG;gBACvEgE,QAAQ1F,IAAI,CAAC;oBACXgB,IAAI2E,EAAE3E,EAAE;oBACRrB,OAAOgG,EAAEhG,KAAK;oBACd6B,MAAMmE,EAAE1E,QAAQ;oBAChB4E,aAAaF,EAAE/F,KAAK;oBACpBkG,MAAMH,EAAE5B,IAAI,KAAKC,eAAS,CAACI,KAAK,GAAG2B,mBAAW,CAAC3B,KAAK,GAAG2B,mBAAW,CAAC9B,IAAI;oBACvEzB,aAAa+C,iBAAiBS,eAAe,GAAGL,EAAEnD,WAAW,GAAGyD;gBAClE;YACF;QACF;QACA,IAAI,CAACV,iBAAiBC,SAAS,EAAE;YAC/B,KAAK,MAAMU,KAAK,CAAA,MAAM,IAAI,CAACC,YAAY,CAACZ,kBAAkB7E,QAAQgB,MAAK,EAAG;gBACxEgE,QAAQ1F,IAAI,CAAC;oBACXgB,IAAIkF,EAAElF,EAAE;oBACRQ,MAAM0E,EAAE1E,IAAI;oBACZqE,aAAaK,EAAEL,WAAW;oBAC1BC,MAAMI,EAAEJ,IAAI,KAAKM,iBAAU,CAACnC,IAAI,GAAG8B,mBAAW,CAACM,KAAK,GAAGN,mBAAW,CAACO,MAAM;oBACzE9D,aAAa+C,iBAAiBS,eAAe,GAAGE,EAAE1D,WAAW,GAAGyD;gBAClE;YACF;QACF;QACA,OAAOP;IACT;IAEA,MAAMa,cAAc7F,MAAc,EAAEc,IAAY,EAA8E;QAC5H,MAAM,CAACD,MAAM,GAAG,MAAM,IAAI,CAACjB,EAAE,CAC1BS,MAAM,CAAC;YACNC,IAAIS,oBAAM,CAACT,EAAE;YACbQ,MAAMC,oBAAM,CAACD,IAAI;YACjBsE,MAAMrE,oBAAM,CAACqE,IAAI;YACjB/B,MAAMpB,8BAAW,CAACoB,IAAI;QACxB,GACC5C,IAAI,CAACwB,8BAAW,EAChB6D,SAAS,CAAC/E,oBAAM,EAAExB,IAAAA,cAAE,EAACwB,oBAAM,CAACT,EAAE,EAAE2B,8BAAW,CAACC,OAAO,GACnD7C,KAAK,CAACM,IAAAA,eAAG,EAACJ,IAAAA,cAAE,EAAC0C,8BAAW,CAACjC,MAAM,EAAEA,SAAST,IAAAA,cAAE,EAACwB,oBAAM,CAACD,IAAI,EAAEA,QAC1DE,KAAK,CAAC;QACT,OAAOH;IACT;IAEA,MAAMkF,iBAAiB/F,MAAc,EAAqB;QACxD,MAAMgF,UAAUgB,IAAAA,gBAAK,EAAC/D,8BAAW,EAAE;QACnC,OAAO,IAAI,CAACrC,EAAE,CACXS,MAAM,CAAC;YACNC,IAAIS,oBAAM,CAACT,EAAE;YACbQ,MAAMC,oBAAM,CAACD,IAAI;YACjBqE,aAAapE,oBAAM,CAACoE,WAAW;YAC/Bc,WAAWlF,oBAAM,CAACkF,SAAS;YAC3BC,YAAYnF,oBAAM,CAACmF,UAAU;YAC7Bd,MAAM1D,IAAAA,eAAG,CAAa,CAAC,GAAG,EAAEX,oBAAM,CAACqE,IAAI,CAAC,GAAG,EAAEM,iBAAU,CAACnC,IAAI,CAAC,EAAE,EAAE8B,mBAAW,CAACM,KAAK,CAAC,EAAE,EAAEN,mBAAW,CAACO,MAAM,CAAC,CAAC,CAAC;YAC5GO,WAAWzE,IAAAA,eAAG,CAAiB,CAAC,EAAEO,8BAAW,CAACoB,IAAI,CAAC,CAAC;YACpD+C,QAAQ;gBAAE5G,OAAO6G,IAAAA,yBAAa,EAACrB,QAAQhF,MAAM;YAAE;QACjD,GACCS,IAAI,CAACwB,8BAAW,EAChB6D,SAAS,CAAC/E,oBAAM,EAAEpB,IAAAA,eAAG,EAACJ,IAAAA,cAAE,EAACwB,oBAAM,CAACT,EAAE,EAAE2B,8BAAW,CAACC,OAAO,GAAG3C,IAAAA,cAAE,EAAC0C,8BAAW,CAACjC,MAAM,EAAEA,UACjFgC,QAAQ,CAACgD,SAASzF,IAAAA,cAAE,EAACyF,QAAQ9C,OAAO,EAAEnB,oBAAM,CAACT,EAAE,GAC/C8B,OAAO,CAACrB,oBAAM,CAACT,EAAE;IACtB;IAEA,MAAMgG,mBAAmBpE,OAAe,EAAqB;QAC3D,OAAO,IAAI,CAACtC,EAAE,CACXS,MAAM,CAAC;YACNC,IAAId,kBAAK,CAACc,EAAE;YACZrB,OAAOO,kBAAK,CAACP,KAAK;YAClB6B,MAAMN,IAAAA,4BAAe,EAAChB,kBAAK,EAAE+G,EAAE,CAAC;YAChCpB,aAAa3F,kBAAK,CAACN,KAAK;YACxB+G,WAAWhE,8BAAW,CAACgE,SAAS;YAChCb,MAAM1D,IAAAA,eAAG,CAAa,CAAC,EAAE2D,mBAAW,CAAC9B,IAAI,CAAC,CAAC;YAC3C4C,WAAWzE,IAAAA,eAAG,CAAiB,CAAC,EAAEO,8BAAW,CAACoB,IAAI,CAAC,CAAC;QACtD,GACC5C,IAAI,CAACM,oBAAM,EACX+E,SAAS,CAAC7D,8BAAW,EAAEtC,IAAAA,eAAG,EAACJ,IAAAA,cAAE,EAAC0C,8BAAW,CAACC,OAAO,EAAEnB,oBAAM,CAACT,EAAE,GAAGf,IAAAA,cAAE,EAAC0C,8BAAW,CAACC,OAAO,EAAEA,WACvFF,QAAQ,CAACxC,kBAAK,EAAED,IAAAA,cAAE,EAACC,kBAAK,CAACc,EAAE,EAAE2B,8BAAW,CAACjC,MAAM,GAC/CoC,OAAO,CAAC5C,kBAAK,CAACc,EAAE;IACrB;IAEA,MAAMkG,uBAAuBxG,MAAc,EAAEkC,OAAe,EAAoB;QAC9E,MAAM,CAACrB,MAAM,GAAG,MAAM,IAAI,CAACjB,EAAE,CAC1BS,MAAM,CAAC;YAAEC,IAAI2B,8BAAW,CAACC,OAAO;QAAC,GACjCzB,IAAI,CAACwB,8BAAW,EAChB6D,SAAS,CAAC/E,oBAAM,EAAEpB,IAAAA,eAAG,EAACJ,IAAAA,cAAE,EAACwB,oBAAM,CAACT,EAAE,EAAE2B,8BAAW,CAACC,OAAO,IACvD7C,KAAK,CACJM,IAAAA,eAAG,EACDJ,IAAAA,cAAE,EAACwB,oBAAM,CAACqE,IAAI,EAAEM,iBAAU,CAACe,QAAQ,GACnClH,IAAAA,cAAE,EAAC0C,8BAAW,CAACjC,MAAM,EAAEA,SACvBT,IAAAA,cAAE,EAAC0C,8BAAW,CAACC,OAAO,EAAEA,UACxB3C,IAAAA,cAAE,EAAC0C,8BAAW,CAACoB,IAAI,EAAEqD,qBAAe,CAACC,OAAO,IAG/C3F,KAAK,CAAC;QACT,OAAO,CAAC,CAACH,OAAOP;IAClB;IAEA,MAAMsG,SAAS5G,MAAc,EAAEkC,OAAe,EAAE2E,UAAU,KAAK,EAAwB;QACrF,MAAM,CAAChG,MAAM,GAAG,MAAM,IAAI,CAACjB,EAAE,CAC1BS,MAAM,CAAC;YACNC,IAAIS,oBAAM,CAACT,EAAE;YACbQ,MAAMC,oBAAM,CAACD,IAAI;YACjBqE,aAAapE,oBAAM,CAACoE,WAAW;YAC/Bc,WAAWlF,oBAAM,CAACkF,SAAS;YAC3BC,YAAYnF,oBAAM,CAACmF,UAAU;YAC7Bd,MAAM1D,IAAAA,eAAG,CAAa,CAAC,GAAG,EAAEX,oBAAM,CAACqE,IAAI,CAAC,GAAG,EAAEM,iBAAU,CAACnC,IAAI,CAAC,EAAE,EAAE8B,mBAAW,CAACM,KAAK,CAAC,EAAE,EAAEN,mBAAW,CAACO,MAAM,CAAC,CAAC,CAAC;QAC9G,GACCnF,IAAI,CAACwB,8BAAW,EAChB6D,SAAS,CAAC/E,oBAAM,EAAEpB,IAAAA,eAAG,EAACJ,IAAAA,cAAE,EAACwB,oBAAM,CAACT,EAAE,EAAE2B,8BAAW,CAACC,OAAO,IACvD7C,KAAK,CACJM,IAAAA,eAAG,EACDJ,IAAAA,cAAE,EAAC0C,8BAAW,CAACC,OAAO,EAAEA,UACxBR,IAAAA,eAAG,CAAA,CAAC,GAAG,EAAE,CAACmF,QAAQ,MAAM,EAAE5E,8BAAW,CAACjC,MAAM,CAAC,GAAG,EAAEA,OAAO,KAAK,EAAEiC,8BAAW,CAACoB,IAAI,CAAC,GAAG,EAAEqD,qBAAe,CAACC,OAAO,CAAC,IAAI,CAAC,GAGtH3F,KAAK,CAAC;QACT,OAAOH;IACT;IAEA,MAAMiG,oBAAoB9G,MAAc,EAAEkC,OAAe,EAAE2E,UAAU,KAAK,EAA6B;QACrG,MAAME,mBAAwBf,IAAAA,gBAAK,EAAC/D,8BAAW,EAAE;QACjD,MAAM,CAACpB,MAAM,GAAG,MAAM,IAAI,CAACjB,EAAE,CAC1BS,MAAM,CAAC;YACNC,IAAIS,oBAAM,CAACT,EAAE;YACbQ,MAAMC,oBAAM,CAACD,IAAI;YACjBqE,aAAapE,oBAAM,CAACoE,WAAW;YAC/Bc,WAAWlF,oBAAM,CAACkF,SAAS;YAC3BC,YAAYnF,oBAAM,CAACmF,UAAU;YAC7Bd,MAAM1D,IAAAA,eAAG,CAAa,CAAC,GAAG,EAAEX,oBAAM,CAACqE,IAAI,CAAC,GAAG,EAAEM,iBAAU,CAACnC,IAAI,CAAC,EAAE,EAAE7B,eAAG,CAACsF,GAAG,CAAC,CAAC,CAAC,EAAE3B,mBAAW,CAACM,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,EAAEjE,eAAG,CAACsF,GAAG,CAAC,CAAC,CAAC,EAAE3B,mBAAW,CAACO,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;YAC5IZ,SAASiC,IAAAA,mCAA4B,EAACzH,kBAAK,CAACc,EAAE,EAAE;gBAC9CA,IAAId,kBAAK,CAACc,EAAE;gBACZrB,OAAOO,kBAAK,CAACP,KAAK;gBAClB6B,MAAMN,IAAAA,4BAAe,EAAChB,kBAAK;gBAC3B2F,aAAa3F,kBAAK,CAACN,KAAK;gBACxBkG,MAAM1D,eAAG,CAACsF,GAAG,CAAC,CAAC,CAAC,EAAE3B,mBAAW,CAAC9B,IAAI,CAAC,CAAC,CAAC;gBACrC4C,WAAWY,iBAAiB1D,IAAI;gBAChC4C,WAAWiB,IAAAA,kBAAW,EAACH,iBAAiBd,SAAS;YACnD;QACF,GACCxF,IAAI,CAACwB,8BAAW,EAChB6D,SAAS,CAAC/E,oBAAM,EAAExB,IAAAA,cAAE,EAACwB,oBAAM,CAACT,EAAE,EAAE2B,8BAAW,CAACC,OAAO,GACnDF,QAAQ,CAAC+E,kBAAkBpH,IAAAA,eAAG,EAACJ,IAAAA,cAAE,EAACwH,iBAAiB7E,OAAO,EAAEnB,oBAAM,CAACT,EAAE,IACrE0B,QAAQ,CAACxC,kBAAK,EAAED,IAAAA,cAAE,EAACC,kBAAK,CAACc,EAAE,EAAEyG,iBAAiB/G,MAAM,GACpDX,KAAK,CACJM,IAAAA,eAAG,EACDJ,IAAAA,cAAE,EAAC0C,8BAAW,CAACC,OAAO,EAAEA,UACxBR,IAAAA,eAAG,CAAA,CAAC,GAAG,EAAE,CAACmF,QAAQ,MAAM,EAAE5E,8BAAW,CAACjC,MAAM,CAAC,GAAG,EAAEA,OAAO,KAAK,EAAEiC,8BAAW,CAACoB,IAAI,CAAC,GAAG,EAAEqD,qBAAe,CAACC,OAAO,CAAC,IAAI,CAAC,GAGtHvE,OAAO,CAACrB,oBAAM,CAACT,EAAE,EACjBU,KAAK,CAAC;QACT,OAAOH;IACT;IAEA,MAAMsG,oBAAoBjF,OAAe,EAAoB;QAC3D,OAAO8B,IAAAA,0BAAmB,EACxB,MAAM,IAAI,CAACpE,EAAE,CACV8E,MAAM,CAAC3D,oBAAM,EACb1B,KAAK,CAACM,IAAAA,eAAG,EAACJ,IAAAA,cAAE,EAACwB,oBAAM,CAACT,EAAE,EAAE4B,UAAU3C,IAAAA,cAAE,EAACwB,oBAAM,CAACqE,IAAI,EAAEM,iBAAU,CAACe,QAAQ,IACrEzF,KAAK,CAAC,IACT,GACA;IAEJ;IAEA,MAAMoG,oBAAoBC,SAAiB,EAAEC,0BAAsD,EAAwB;QACzH,MAAMpF,UAAkBgB,IAAAA,sBAAe,EACrC,MAAM,IAAI,CAACtD,EAAE,CAACuD,MAAM,CAACpC,oBAAM,EAAEqC,MAAM,CAAC;YAClC,GAAGkE,0BAA0B;YAC7BlC,MAAMM,iBAAU,CAACe,QAAQ;YACzBc,YAAYC,uBAAgB,CAACC,OAAO;QACtC;QAEF,MAAM,IAAI,CAAC7H,EAAE,CAACuD,MAAM,CAAClB,8BAAW,EAAEmB,MAAM,CAAC;YAAEpD,QAAQqH;YAAWnF,SAASA;YAASmB,MAAMqD,qBAAe,CAACC,OAAO;QAAC;QAC9G,OAAOzE;IACT;IAEA,MAAMwF,YAAYxF,OAAe,EAAE6B,GAAsC,EAAE;QACzE,IAAI4D,OAAOC,IAAI,CAAC7D,KAAKvB,MAAM,EAAE;YAC3B,IAAI;gBACF,MAAM,IAAI,CAAC5C,EAAE,CAACqE,MAAM,CAAClD,oBAAM,EAAEgD,GAAG,CAACA,KAAK1E,KAAK,CAACE,IAAAA,cAAE,EAACwB,oBAAM,CAACT,EAAE,EAAE4B;gBAC1D,IAAI,CAACgC,MAAM,CAAC2D,GAAG,CAAC,GAAG,IAAI,CAACH,WAAW,CAAC5G,IAAI,CAAC,UAAU,EAAEoB,QAAQ,gBAAgB,EAAEkC,KAAKC,SAAS,CAACN,MAAM;YACtG,EAAE,OAAOQ,GAAG;gBACV,IAAI,CAACL,MAAM,CAACM,KAAK,CAAC,GAAG,IAAI,CAACkD,WAAW,CAAC5G,IAAI,CAAC,UAAU,EAAEoB,QAAQ,oBAAoB,EAAEkC,KAAKC,SAAS,CAACN,KAAK,GAAG,EAAEQ,GAAG;gBACjH,MAAM,IAAIpF,MAAM;YAClB;QACF;IACF;IAEA,MAAM2I,mBACJ5F,OAAe,EACf8C,OAGC,EACc;QACf,IAAIA,SAAS+C,KAAKvF,QAAQ;YACxB,IAAI;gBACF,MAAM,IAAI,CAAC5C,EAAE,CAACuD,MAAM,CAAClB,8BAAW,EAAEmB,MAAM,CAAC4B,QAAQ+C,GAAG,CAACvE,GAAG,CAAC,CAACwE,IAAO,CAAA;wBAAEhI,QAAQgI,EAAE1H,EAAE;wBAAE4B,SAASA;wBAASmB,MAAM2E,EAAE7B,SAAS;oBAAC,CAAA;gBACrH,cAAc;gBACd,IAAI,CAAC8B,oBAAoB,CAACjD,QAAQ+C,GAAG,CAACvE,GAAG,CAAC,CAACwE,IAAMA,EAAE1H,EAAE;gBACrD,IAAI,CAAC4D,MAAM,CAAC2D,GAAG,CAAC,GAAG,IAAI,CAACC,kBAAkB,CAAChH,IAAI,CAAC,SAAS,EAAEsD,KAAKC,SAAS,CAACW,QAAQ+C,GAAG,CAACvE,GAAG,CAAC,CAACwE,IAAMA,EAAE1H,EAAE,GAAG,qBAAqB,EAAE4B,QAAQ,CAAC,CAAC;YAC3I,EAAE,OAAOqC,GAAG;gBACV,IAAI,CAACL,MAAM,CAACM,KAAK,CACf,GAAG,IAAI,CAACsD,kBAAkB,CAAChH,IAAI,CAAC,SAAS,EAAEsD,KAAKC,SAAS,CAACW,QAAQ+C,GAAG,CAACvE,GAAG,CAAC,CAACwE,IAAMA,EAAE1H,EAAE,GAAG,yBAAyB,EAAE4B,QAAQ,IAAI,EAAEqC,GAAG;gBAEtI,MAAM,IAAIpF,MAAM;YAClB;QACF;QACA,IAAI6F,SAASkD,QAAQ1F,QAAQ;YAC3B,IAAI;gBACF,MAAM,IAAI,CAAC5C,EAAE,CACV8E,MAAM,CAACzC,8BAAW,EAClB5C,KAAK,CAACM,IAAAA,eAAG,EAACJ,IAAAA,cAAE,EAAC0C,8BAAW,CAACC,OAAO,EAAEA,UAAUxB,IAAAA,mBAAO,EAACuB,8BAAW,CAACjC,MAAM,EAAEgF,QAAQkD,MAAM,IACtFlH,KAAK,CAACgE,QAAQkD,MAAM,CAAC1F,MAAM;gBAC9B,cAAc;gBACd,IAAI,CAACyF,oBAAoB,CAACjD,QAAQkD,MAAM;gBACxC,IAAI,CAAChE,MAAM,CAAC2D,GAAG,CAAC,GAAG,IAAI,CAACC,kBAAkB,CAAChH,IAAI,CAAC,SAAS,EAAEsD,KAAKC,SAAS,CAACW,QAAQkD,MAAM,EAAE,yBAAyB,EAAEhG,QAAQ,CAAC,CAAC;YACjI,EAAE,OAAOqC,GAAG;gBACV,IAAI,CAACL,MAAM,CAACM,KAAK,CAAC,GAAG,IAAI,CAACsD,kBAAkB,CAAChH,IAAI,CAAC,SAAS,EAAEsD,KAAKC,SAAS,CAACW,QAAQkD,MAAM,EAAE,6BAA6B,EAAEhG,QAAQ,IAAI,EAAEqC,GAAG;gBAC5I,MAAM,IAAIpF,MAAM;YAClB;QACF;IACF;IAIA,MAAMgJ,WAAWrE,OAAsB,EAAEuD,SAAkB,EAAER,UAAU,KAAK,EAAoC;QAC9G,MAAMxH,QAAe;eAAKyE,UAAU;gBAACvE,IAAAA,cAAE,EAACqE,8BAAW,CAACE,OAAO,EAAEA;aAAS,GAAG,EAAE;eAAO+C,UAAU,EAAE,GAAG;gBAACtH,IAAAA,cAAE,EAACqE,8BAAW,CAAC5D,MAAM,EAAEqH;aAAW;SAAE;QACtI,MAAMe,qBAA0BpC,IAAAA,gBAAK,EAACpC,8BAAW,EAAE;QACnD,MAAMyE,gBAAqBrC,IAAAA,gBAAK,EAACxG,kBAAK,EAAE;QACxC,MAAM8I,SAAS,MAAM,IAAI,CAAC1I,EAAE,CACzBS,MAAM,CAAC;YACNC,IAAId,kBAAK,CAACc,EAAE;YACZrB,OAAOO,kBAAK,CAACP,KAAK;YAClBC,OAAOM,kBAAK,CAACN,KAAK;YAClBqJ,WAAW/I,kBAAK,CAAC+I,SAAS;YAC1BC,UAAUhJ,kBAAK,CAACgJ,QAAQ;YACxBjI,UAAUC,IAAAA,4BAAe,EAAChB,kBAAK;YAC/B6D,MAAM7D,kBAAK,CAAC6D,IAAI;YAChBoF,UAAUjJ,kBAAK,CAACiJ,QAAQ;YACxBC,kBAAkBlJ,kBAAK,CAACkJ,gBAAgB;YACxCC,UAAUnJ,kBAAK,CAACmJ,QAAQ;YACxBC,cAAcpJ,kBAAK,CAACoJ,YAAY;YAChCC,eAAerJ,kBAAK,CAACqJ,aAAa;YAClCC,YAAYtJ,kBAAK,CAACsJ,UAAU;YAC5BC,WAAWvJ,kBAAK,CAACuJ,SAAS;YAC1BC,QAAQxJ,kBAAK,CAACwJ,MAAM;YACpB/C,WAAWzG,kBAAK,CAACyG,SAAS;YAC1BtC,UAAUsD,IAAAA,mCAA4B,EAACoB,cAAc/H,EAAE,EAAE;gBACvDA,IAAI+H,cAAc/H,EAAE;gBACpBrB,OAAOoJ,cAAcpJ,KAAK;gBAC1B6B,MAAMN,IAAAA,4BAAe,EAAC6H;gBACtBjD,MAAM1D,eAAG,CAACsF,GAAG,CAAC,CAAC,CAAC,EAAE3B,mBAAW,CAAC9B,IAAI,CAAC,CAAC,CAAC;gBACrC4B,aAAakD,cAAcnJ,KAAK;gBAChC+G,WAAWiB,IAAAA,kBAAW,EAACkB,mBAAmBnC,SAAS;YACrD;QACF,GACCxF,IAAI,CAACmD,8BAAW,EAChBkC,SAAS,CAACtG,kBAAK,EAAEG,IAAAA,eAAG,EAACJ,IAAAA,cAAE,EAACC,kBAAK,CAACc,EAAE,EAAEsD,8BAAW,CAACE,OAAO,GAAGvE,IAAAA,cAAE,EAACC,kBAAK,CAAC6D,IAAI,EAAEC,eAAS,CAACI,KAAK,IACtF1B,QAAQ,CAACoG,oBAAoB7I,IAAAA,cAAE,EAAC6I,mBAAmBtE,OAAO,EAAEtE,kBAAK,CAACc,EAAE,GACpE0B,QAAQ,CAACqG,eAAe9I,IAAAA,cAAE,EAAC8I,cAAc/H,EAAE,EAAE8H,mBAAmBpI,MAAM,GACtEX,KAAK,CAACM,IAAAA,eAAG,KAAIN,QACb+C,OAAO,CAAC5C,kBAAK,CAACc,EAAE,EAChBU,KAAK,CAAC8C,UAAU,IAAIyB;QACvB,OAAOzB,UAAUwE,MAAM,CAAC,EAAE,GAAGA;IAC/B;IAEA,MAAMW,eAAe5B,SAAiB,EAAEvD,OAAe,EAAsD;QAC3G,MAAM,CAACoF,MAAM,GAAG,MAAM,IAAI,CAACtJ,EAAE,CAC1BS,MAAM,CAAC;YAAEC,IAAIsD,8BAAW,CAACE,OAAO;YAAE7E,OAAOO,kBAAK,CAACP,KAAK;QAAC,GACrDwB,IAAI,CAACmD,8BAAW,EAChBkC,SAAS,CAACtG,kBAAK,EAAED,IAAAA,cAAE,EAACC,kBAAK,CAACc,EAAE,EAAEsD,8BAAW,CAACE,OAAO,GACjDzE,KAAK,CAACM,IAAAA,eAAG,EAACJ,IAAAA,cAAE,EAACqE,8BAAW,CAAC5D,MAAM,EAAEqH,YAAY9H,IAAAA,cAAE,EAACqE,8BAAW,CAACE,OAAO,EAAEA,UAAUvE,IAAAA,cAAE,EAACC,kBAAK,CAAC6D,IAAI,EAAEC,eAAS,CAACI,KAAK,IAC7G1C,KAAK,CAAC;QACT,OAAOkI;IACT;IAEA,MACMC,eAAenJ,MAAc,EAAEoJ,uBAAkC9F,eAAS,CAACI,KAAK,EAAqB;QACzG;;;;;IAKA,GACA,MAAM2F,aAAkBrD,IAAAA,gBAAK,EAACxG,kBAAK,EAAE;QACrC,MAAM8J,cAAmBtD,IAAAA,gBAAK,EAACjF,oBAAM,EAAE;QACvC,MAAMX,UAAesB,IAAAA,eAAG,CAAA,CAAC;;+BAEE,EAAEX,oBAAM,CAACT,EAAE,CAAC;+BACZ,EAAES,oBAAM,CAACwI,QAAQ,CAAC;6BACpB,EAAExI,oBAAM,CAAC;+BACP,EAAEA,oBAAM,CAACT,EAAE,CAAC,YAAY,EAAE2B,8BAAW,CAACC,OAAO,CAAC;qDACxB,EAAED,8BAAW,CAAC;sDACb,EAAEA,8BAAW,CAACjC,MAAM,CAAC,GAAG,EAAEA,OAAO;sDACjC,EAAEe,oBAAM,CAACwG,UAAU,CAAC,IAAI,EAAEC,uBAAgB,CAACgC,QAAQ,CAAC;;+BAE3E,EAAEF,YAAYhJ,EAAE,CAAC;+BACjB,EAAEgJ,YAAYC,QAAQ,CAAC;6BACzB,EAAExI,oBAAM,CAAC;yDACmB,EAAEuI,YAAYC,QAAQ,CAAC,aAAa,EAAED,YAAY/B,UAAU,CAAC,GAAG,EAAE7F,eAAG,CAACsF,GAAG,CAAC,GAAGQ,uBAAgB,CAACiC,OAAO,EAAE,EAAE;;;;oBAI9I,EAAEjK,kBAAK,CAACc,EAAE,CAAC;;+BAEA,EAAE2B,8BAAW,CAAC,IAAI,EAAEA,8BAAW,CAACC,OAAO,CAAC;+BACxC,EAAE1C,kBAAK,CAAC,IAAI,EAAEyC,8BAAW,CAACjC,MAAM,CAAC,GAAG,EAAER,kBAAK,CAACc,EAAE,CAAC,KAAK,EAAEd,kBAAK,CAAC6D,IAAI,CAAC,IAAI,EAAE3B,eAAG,CAACsF,GAAG,CAAC,GAAGoC,sBAAsB,EAAE;;;;oBAIrH,EAAEC,WAAW/I,EAAE,CAAC;kBAClB,EAAEd,kBAAK,CAAC;+BACK,EAAEA,kBAAK,CAAC,IAAI,EAAEA,kBAAK,CAACc,EAAE,CAAC,GAAG,EAAE+I,WAAW/I,EAAE,CAAC,KAAK,EAAEd,kBAAK,CAAC6D,IAAI,CAAC,IAAI,EAAE3B,eAAG,CAACsF,GAAG,CAAC,GAAGoC,sBAAsB,EAAE;sCAC9F,EAAEnH,8BAAW,CAACjC,MAAM,CAAC,MAAM,EAAEiC,8BAAW,CAAC,OAAO,EAAEA,8BAAW,CAACjC,MAAM,CAAC,GAAG,EAAEqJ,WAAW/I,EAAE,CAAC;;;;2BAInG,EAAEsD,8BAAW,CAAC5D,MAAM,CAAC,GAAG,EAAEA,OAAO,MAAM,EAAE4D,8BAAW,CAACE,OAAO,CAAC;2BAC7D,EAAEF,8BAAW,CAACE,OAAO,CAAC,GAAG,EAAE9D,OAAO,MAAM,EAAE4D,8BAAW,CAAC5D,MAAM,CAAC;;kBAEtE,EAAE4D,8BAAW,CAAC;mBACb,EAAEA,8BAAW,CAAC5D,MAAM,CAAC,GAAG,EAAEA,OAAO;mBACjC,EAAE4D,8BAAW,CAACE,OAAO,CAAC,GAAG,EAAE9D,OAAO;IACjD,CAAC;QACD,MAAM,CAACsC,EAAE,GAAG,MAAM,IAAI,CAAC1C,EAAE,CAAC2C,OAAO,CAACnC;QAClC,OAAOgE,KAAKsF,KAAK,CAACpH,CAAC,CAAC,EAAE,CAACqH,GAAG,KAAK,EAAE;IACnC;IAEA,MACMC,gBAAgB5J,MAAc,EAAqB;QACvD;;;IAGA,GACA,MAAMsJ,cAAmBtD,IAAAA,gBAAK,EAACjF,oBAAM,EAAE;QACvC,MAAM8I,WAAgBnI,IAAAA,eAAG,CAAA,CAAC;;+BAEC,EAAEX,oBAAM,CAACT,EAAE,CAAC;+BACZ,EAAES,oBAAM,CAACwI,QAAQ,CAAC;+BAClB,EAAExI,oBAAM,CAACqE,IAAI,CAAC;6BAChB,EAAErE,oBAAM,CAAC;+BACP,EAAEA,oBAAM,CAACT,EAAE,CAAC,YAAY,EAAE2B,8BAAW,CAACC,OAAO,CAAC;qDACxB,EAAED,8BAAW,CAAC;sDACb,EAAEA,8BAAW,CAACjC,MAAM,CAAC,GAAG,EAAEA,OAAO;sDACjC,EAAEe,oBAAM,CAACwG,UAAU,CAAC,IAAI,EAAEC,uBAAgB,CAACgC,QAAQ,CAAC;;+BAE3E,EAAEF,YAAYhJ,EAAE,CAAC;+BACjB,EAAEgJ,YAAYC,QAAQ,CAAC;+BACvB,EAAED,YAAYlE,IAAI,CAAC;6BACrB,EAAErE,oBAAM,CAAC;yDACmB,EAAEuI,YAAYC,QAAQ,CAAC,aAAa,EAAED,YAAY/B,UAAU,CAAC,GAAG,EAAEC,uBAAgB,CAACiC,OAAO,CAAC;;;IAGhJ,CAAC;QACD,MAAM,CAACnH,EAAE,GAAG,MAAM,IAAI,CAAC1C,EAAE,CAAC2C,OAAO,CAACsH;QAClC,OAAOzF,KAAKsF,KAAK,CAACpH,CAAC,CAAC,EAAE,CAACqH,GAAG,KAAK,EAAE;IACnC;IAEA1B,qBAAqB7H,OAAuB,EAAE;QAC5C,IAAIA,YAAY,KAAK;YACnB,oBAAoB;YACpB,KAAK,MAAM0J,WAAW;gBACpB,IAAI,CAACC,KAAK,CAACC,UAAU,CAAC,IAAI,CAAC,WAAW,CAAClJ,IAAI,EAAE,IAAI,CAACqI,cAAc,CAACrI,IAAI,EAAEV;gBACvE,IAAI,CAAC2J,KAAK,CAACC,UAAU,CAAC,IAAI,CAAC,WAAW,CAAClJ,IAAI,EAAE,IAAI,CAAC8I,eAAe,CAAC9I,IAAI,EAAEV;aACzE,CAAE;gBACD,IAAI,CAAC2J,KAAK,CACPnC,IAAI,CAACkC,SACLG,IAAI,CAAC,CAACrC;oBACL,IAAI,CAACA,KAAKpF,MAAM,EAAE;oBAClB,IAAI,CAAC0B,MAAM,CAACC,OAAO,CAAC,GAAG,IAAI,CAAC8D,oBAAoB,CAACnH,IAAI,CAAC,GAAG,EAAEsD,KAAKC,SAAS,CAACuD,OAAO;oBACjF,IAAI,CAACmC,KAAK,CAACG,IAAI,CAACtC,MAAMuC,KAAK,CAAC,CAAC5F,IAAa,IAAI,CAACL,MAAM,CAACM,KAAK,CAAC,GAAG,IAAI,CAACyD,oBAAoB,CAACnH,IAAI,CAAC,GAAG,EAAEyD,GAAG;gBACxG,GACC4F,KAAK,CAAC,CAAC5F,IAAa,IAAI,CAACL,MAAM,CAACM,KAAK,CAAC,GAAG,IAAI,CAACyD,oBAAoB,CAACnH,IAAI,CAAC,GAAG,EAAEyD,GAAG;YACrF;QACF,OAAO;YACL,IAAI,CAACwF,KAAK,CACPG,IAAI,CAAC;mBACD9J,QAAQoD,GAAG,CAAC,CAAClD,KAAe,IAAI,CAACyJ,KAAK,CAACC,UAAU,CAAC,IAAI,CAAC,WAAW,CAAClJ,IAAI,EAAE,IAAI,CAACqI,cAAc,CAACrI,IAAI,EAAER;mBACnGF,QAAQoD,GAAG,CAAC,CAAClD,KAAe,IAAI,CAACyJ,KAAK,CAACC,UAAU,CAAC,IAAI,CAAC,WAAW,CAAClJ,IAAI,EAAE,IAAI,CAAC8I,eAAe,CAAC9I,IAAI,EAAER;aACxG,EACA6J,KAAK,CAAC,CAAC5F,IAAa,IAAI,CAACL,MAAM,CAACM,KAAK,CAAC,GAAG,IAAI,CAACyD,oBAAoB,CAACnH,IAAI,CAAC,GAAG,EAAEyD,GAAG;QACrF;IACF;IAEA,MAAM6F,iCAAiCP,QAAkB,EAAqB;QAC5E,IAAI,CAACA,SAASrH,MAAM,EAAE,OAAO,EAAE;QAC/B,MAAM6H,WAAgBrE,IAAAA,gBAAK,EAACjF,oBAAM,EAAE;QACpC,MAAMuJ,eAAoB5I,IAAAA,eAAG,CAAA,CAAC;;+BAEH,EAAEX,oBAAM,CAACT,EAAE,CAAC,EAAE,EAAES,oBAAM,CAACwI,QAAQ,CAAC;6BAClC,EAAExI,oBAAM,CAAC;8BACR,EAAEL,IAAAA,mBAAO,EAACK,oBAAM,CAACT,EAAE,EAAEuJ,UAAU;;+BAE9B,EAAEQ,SAAS/J,EAAE,CAAC;+BACd,EAAE+J,SAASd,QAAQ,CAAC;6BACtB,EAAExI,oBAAM,CAAC;yDACmB,EAAEsJ,SAASd,QAAQ,CAAC;sBACvD,EAAEtH,8BAAW,CAACjC,MAAM,CAAC;;wBAEnB,EAAEiC,8BAAW,CAAC,eAAe,EAAEA,8BAAW,CAACC,OAAO,CAAC;IACvE,CAAC;QACD,MAAM,CAACI,EAAE,GAA4B,MAAM,IAAI,CAAC1C,EAAE,CAAC2C,OAAO,CAAC+H;QAC3D,OAAOhI,EAAEE,MAAM,GAAGF,EAAEkB,GAAG,CAAC,CAAClB,IAAMA,EAAEtC,MAAM,IAAI,EAAE;IAC/C;IAEA,MAAcyF,aACZZ,gBAAkC,EAClC7E,MAAe,EACfgB,QAAQ,CAAC,EACuE;QAChF,qBAAqB,GACrB,MAAM3B,QAAe;YAACkL,IAAAA,gBAAI,EAACxJ,oBAAM,CAACD,IAAI,EAAE,CAAC,CAAC,EAAE+D,iBAAiB2F,MAAM,CAAC,CAAC,CAAC;SAAE;QACxE,IAAIxK,QAAQ;YACV,IAAIyK,eAAyB,MAAM,IAAI,CAACb,eAAe,CAAC5J;YACxD,IAAI6E,iBAAiB6F,cAAc,EAAElI,QAAQ;gBAC3CiI,eAAeA,aAAaE,MAAM,CAAC,CAACrK,KAAOuE,iBAAiB6F,cAAc,CAACE,OAAO,CAACtK,QAAQ,CAAC;YAC9F;YACAjB,MAAMwL,OAAO,CAACnK,IAAAA,mBAAO,EAACK,oBAAM,CAACT,EAAE,EAAEmK;QACnC,OAAO,IAAI5F,iBAAiB6F,cAAc,EAAElI,QAAQ;YAClDnD,MAAMwL,OAAO,CAACC,IAAAA,sBAAU,EAAC/J,oBAAM,CAACT,EAAE,EAAEuE,iBAAiB6F,cAAc;QACrE;QACA,IAAI7F,iBAAiBkG,qBAAqB,EAAE;YAC1C1L,MAAMwL,OAAO,CAACtL,IAAAA,cAAE,EAACwB,oBAAM,CAACqE,IAAI,EAAEM,iBAAU,CAACnC,IAAI;QAC/C;QACA,OAAO,IAAI,CAAC3D,EAAE,CACXS,MAAM,CAAC;YAAEC,IAAIS,oBAAM,CAACT,EAAE;YAAEQ,MAAMC,oBAAM,CAACD,IAAI;YAAEqE,aAAapE,oBAAM,CAACoE,WAAW;YAAEC,MAAMrE,oBAAM,CAACqE,IAAI;YAAEtD,aAAaf,oBAAM,CAACe,WAAW;QAAC,GAC/HrB,IAAI,CAACM,oBAAM,EACX1B,KAAK,CAACM,IAAAA,eAAG,KAAIN,QACb2B,KAAK,CAACA;IACX;IAEA,MAAckE,YACZL,gBAAkC,EAClC7E,MAAe,EACfgB,QAAQ,CAAC,EACmF;QAC5F,oBAAoB,GACpB,MAAM3B,QAAe;YACnB8C,IAAAA,cAAE,EAAC3C,kBAAK,CAAC6D,IAAI,EAAEC,eAAS,CAACqB,IAAI;YAC7BjF,IAAAA,cAAE,EAAC6K,IAAAA,gBAAI,EAAC7I,IAAAA,eAAG,CAAA,CAAC,eAAe,EAAElC,kBAAK,CAACP,KAAK,CAAC,EAAE,EAAEO,kBAAK,CAACN,KAAK,CAAC,EAAE,EAAEM,kBAAK,CAAC+I,SAAS,CAAC,EAAE,EAAE/I,kBAAK,CAACgJ,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE3D,iBAAiB2F,MAAM,CAAC,CAAC,CAAC;SACnI;QACD,IAAIxK,QAAQ;YACV,IAAIyK,eAAyB,MAAM,IAAI,CAACtB,cAAc,CAACnJ;YACvD,IAAI6E,iBAAiBmG,aAAa,EAAExI,QAAQ;gBAC1CiI,eAAeA,aAAaE,MAAM,CAAC,CAACrK,KAAOuE,iBAAiBmG,aAAa,CAACJ,OAAO,CAACtK,QAAQ,CAAC;YAC7F;YACAjB,MAAMwL,OAAO,CAACnK,IAAAA,mBAAO,EAAClB,kBAAK,CAACc,EAAE,EAAEmK;QAClC,OAAO;YACL,IAAI5F,iBAAiBmG,aAAa,EAAExI,QAAQ;gBAC1CnD,MAAMwL,OAAO,CAACC,IAAAA,sBAAU,EAACtL,kBAAK,CAACc,EAAE,EAAEuE,iBAAiBmG,aAAa;YACnE;QACF;QACA,IAAI,OAAOnG,iBAAiBoG,SAAS,KAAK,aAAa;YACrD,IAAIpG,iBAAiBoG,SAAS,KAAK3H,eAAS,CAACC,IAAI,EAAE;gBACjD,oBAAoB;gBACpBlE,MAAMwL,OAAO,CAACK,IAAAA,eAAG,EAAC1L,kBAAK,CAAC6D,IAAI,EAAEwB,iBAAiBoG,SAAS;YAC1D,OAAO;gBACL5L,MAAMwL,OAAO,CAACtL,IAAAA,cAAE,EAACC,kBAAK,CAAC6D,IAAI,EAAEwB,iBAAiBoG,SAAS;YACzD;QACF;QACA,OAAO,IAAI,CAACrL,EAAE,CACXS,MAAM,CAAC;YACNC,IAAId,kBAAK,CAACc,EAAE;YACZrB,OAAOO,kBAAK,CAACP,KAAK;YAClBC,OAAOM,kBAAK,CAACN,KAAK;YAClBqB,UAAUC,IAAAA,4BAAe,EAAChB,kBAAK;YAC/B6D,MAAM7D,kBAAK,CAAC6D,IAAI;YAChBvB,aAAatC,kBAAK,CAACsC,WAAW;QAChC,GACCrB,IAAI,CAACjB,kBAAK,EACVH,KAAK,CAACM,IAAAA,eAAG,KAAIN,QACb2B,KAAK,CAACA;IACX;IApmBA,YACE,AAA4CpB,EAAY,EACxD,AAAiBmK,KAAY,CAC7B;aAF4CnK,KAAAA;aAC3BmK,QAAAA;aANF7F,SAAS,IAAIiH,cAAM,CAACpM,aAAa+B,IAAI;aAC9CW,mCAA6D;aAC7DD,yBAAmD;IAKxD;AAkmBL"}
+{"version":3,"sources":["../../../../../backend/src/applications/users/services/users-queries.service.ts"],"sourcesContent":["/*\n * Copyright (C) 2012-2025 Johan Legrand <johan.legrand@sync-in.com>\n * This file is part of Sync-in | The open source file sync and share solution\n * See the LICENSE file for licensing details\n */\n\nimport { Inject, Injectable, Logger } from '@nestjs/common'\nimport { and, countDistinct, eq, inArray, isNotNull, like, lte, ne, notInArray, or, SelectedFields, SQL, sql } from 'drizzle-orm'\nimport { alias } from 'drizzle-orm/mysql-core'\nimport { MySql2PreparedQuery, MySqlQueryResult } from 'drizzle-orm/mysql2'\nimport { anonymizePassword, comparePassword, uniquePermissions } from '../../../common/functions'\nimport { CacheDecorator } from '../../../infrastructure/cache/cache.decorator'\nimport { Cache } from '../../../infrastructure/cache/services/cache.service'\nimport { DB_TOKEN_PROVIDER } from '../../../infrastructure/database/constants'\nimport { DBSchema } from '../../../infrastructure/database/interfaces/database.interface'\nimport {\n  concatDistinctObjectsInArray,\n  convertToSelect,\n  dateTimeUTC,\n  dbCheckAffectedRows,\n  dbGetInsertedId\n} from '../../../infrastructure/database/utils'\nimport { GROUP_TYPE, GROUP_VISIBILITY } from '../constants/group'\nimport { MEMBER_TYPE } from '../constants/member'\nimport { USER_GROUP_ROLE, USER_ONLINE_STATUS, USER_PERMS_SEP, USER_ROLE } from '../constants/user'\nimport { UserCreateOrUpdateGroupDto } from '../dto/create-or-update-group.dto'\nimport { CreateUserDto } from '../dto/create-or-update-user.dto'\nimport { SearchMembersDto } from '../dto/search-members.dto'\nimport { GroupMember, GroupWithMembers } from '../interfaces/group-member'\nimport { GuestUser } from '../interfaces/guest-user.interface'\nimport { Member } from '../interfaces/member.interface'\nimport { UserSecrets } from '../interfaces/user-secrets.interface'\nimport { UserOnline } from '../interfaces/websocket.interface'\nimport { UserModel } from '../models/user.model'\nimport { Group } from '../schemas/group.interface'\nimport { groups } from '../schemas/groups.schema'\nimport { UserGroup } from '../schemas/user-group.interface'\nimport { User } from '../schemas/user.interface'\nimport { usersGroups } from '../schemas/users-groups.schema'\nimport { usersGuests } from '../schemas/users-guests.schema'\nimport { userFullNameSQL, users } from '../schemas/users.schema'\n\n@Injectable()\nexport class UsersQueries {\n  private readonly logger = new Logger(UsersQueries.name)\n  private fromLoginOrEmailPermissionsQuery: MySql2PreparedQuery<any> = null\n  private fromIdPermissionsQuery: MySql2PreparedQuery<any> = null\n\n  constructor(\n    @Inject(DB_TOKEN_PROVIDER) private readonly db: DBSchema,\n    private readonly cache: Cache\n  ) {}\n\n  checkUserExists(login?: string, email?: string): Promise<{ login?: string; email?: string }> {\n    if (!login && !email) {\n      throw new Error('login or email must be specified')\n    }\n    const columns: { login?: boolean; email?: boolean } = {}\n    const where: SQL[] = []\n    if (login) {\n      columns.login = true\n      where.push(eq(users.login, login))\n    }\n    if (email) {\n      columns.email = true\n      where.push(eq(users.email, email))\n    }\n    const operator = login && email ? or : and\n    return this.db.query.users.findFirst({\n      columns: columns,\n      where: operator(...where)\n    })\n  }\n\n  setOnlineStatus(userId: number, onlineStatus: USER_ONLINE_STATUS): Promise<boolean> {\n    return this.updateUserOrGuest(userId, { onlineStatus: onlineStatus })\n  }\n\n  getOnlineUsers(userIds: number[]): Promise<UserOnline[]> {\n    return this.db\n      .select({\n        id: users.id,\n        login: users.login,\n        email: users.email,\n        fullName: userFullNameSQL(users),\n        onlineStatus: users.onlineStatus\n      } satisfies UserOnline | SelectedFields<any, any>)\n      .from(users)\n      .where(inArray(users.id, userIds))\n  }\n\n  async checkGroupNameExists(groupName: string): Promise<boolean> {\n    const [group] = await this.db.select({ name: groups.name }).from(groups).where(eq(groups.name, groupName)).limit(1)\n    return !!group?.name\n  }\n\n  async compareUserPassword(userId: number, password: string): Promise<boolean> {\n    const [hash] = (await this.selectUsers(['password'], [eq(users.id, userId)])) as { password: string }[]\n    if (!hash) return false\n    return comparePassword(password, hash.password)\n  }\n\n  async from(userId?: number, loginOrEmail?: string): Promise<User> {\n    // retrieve user with application permissions\n    let pQuery: MySql2PreparedQuery<any> = userId ? this.fromIdPermissionsQuery : this.fromLoginOrEmailPermissionsQuery\n    if (!pQuery) {\n      const where = userId\n        ? eq(users.id, sql.placeholder('userId'))\n        : or(eq(users.login, sql.placeholder('loginOrEmail')), eq(users.email, sql.placeholder('loginOrEmail')))\n      pQuery = this.db\n        .select({\n          user: users,\n          groupsPermissions: sql`GROUP_CONCAT(DISTINCT (${groups.permissions}) SEPARATOR ${USER_PERMS_SEP})`\n        })\n        .from(users)\n        .leftJoin(usersGroups, eq(usersGroups.userId, users.id))\n        .leftJoin(groups, and(eq(groups.id, usersGroups.groupId), ne(groups.permissions, '')))\n        .where(where)\n        .groupBy(users.id)\n        .limit(1)\n        .prepare()\n      if (userId) {\n        this.fromIdPermissionsQuery = pQuery\n      } else {\n        this.fromLoginOrEmailPermissionsQuery = pQuery\n      }\n    }\n    const r = await pQuery.execute(userId ? { userId } : { loginOrEmail })\n    if (!r.length) return null\n    const [user, groupsPermissions] = [r[0].user, r[0].groupsPermissions]\n    // merge user and groups permissions\n    user.permissions = uniquePermissions(`${user.permissions},${groupsPermissions}`, USER_PERMS_SEP)\n    return user\n  }\n\n  async getUserSecrets(userId: number): Promise<UserSecrets> {\n    const [r]: { secrets: UserSecrets }[] = await this.db.select({ secrets: users.secrets }).from(users).where(eq(users.id, userId)).limit(1)\n    return r.secrets || {}\n  }\n\n  selectUsers(fields: Partial<keyof User>[] = ['id', 'login', 'email'], where: SQL[]): Promise<Partial<User>[]> {\n    const select: Record<keyof User, any> = convertToSelect(users, fields)\n    return this.db\n      .select(select)\n      .from(users)\n      .where(and(...where))\n  }\n\n  async selectUserProperties(userId: number, fields: Partial<keyof User>[]): Promise<Partial<User>> {\n    const select: Record<keyof User, any> = convertToSelect(users, fields)\n    const [r]: Record<string, any>[] = await this.db.select(select).from(users).where(eq(users.id, userId)).limit(1)\n    return r\n  }\n\n  async createUserOrGuest(createUserDto: CreateUserDto, userRole: USER_ROLE): Promise<User['id']> {\n    const userId: number = dbGetInsertedId(await this.db.insert(users).values({ ...createUserDto, role: userRole } as User))\n    if (userRole === USER_ROLE.USER && createUserDto.groups?.length) {\n      await this.db.insert(usersGroups).values(createUserDto.groups.map((gid: number) => ({ userId: userId, groupId: gid })))\n    }\n    if (userRole === USER_ROLE.GUEST && createUserDto.managers?.length) {\n      await this.db.insert(usersGuests).values(createUserDto.managers.map((uid: number) => ({ guestId: userId, userId: uid })))\n    }\n    return userId\n  }\n\n  async updateUserOrGuest(userId: number, set: Partial<Record<keyof User, any>>, userRole?: USER_ROLE): Promise<boolean> {\n    try {\n      dbCheckAffectedRows(\n        await this.db\n          .update(users)\n          .set({ ...set, ...(userRole && { role: userRole }) } as User)\n          .where(eq(users.id, userId)),\n        1\n      )\n      this.logger.verbose(`${this.updateUserOrGuest.name} - user (${userId}) was updated : ${JSON.stringify(anonymizePassword(set))}`)\n      return true\n    } catch (e) {\n      this.logger.error(`${this.updateUserOrGuest.name} - user (${userId}) was not updated : ${JSON.stringify(anonymizePassword(set))} : ${e}`)\n      return false\n    }\n  }\n\n  async deleteGuestLink(userId: number): Promise<void> {\n    dbCheckAffectedRows(await this.db.delete(users).where(and(eq(users.id, userId), eq(users.role, USER_ROLE.LINK))), 1)\n  }\n\n  async searchUsersOrGroups(searchMembersDto: SearchMembersDto, userId?: number): Promise<Member[]> {\n    const limit = searchMembersDto.onlyUsers || searchMembersDto.onlyGroups ? 6 : 3\n    const members: Member[] = []\n    if (!searchMembersDto.onlyGroups) {\n      for (const u of await this.searchUsers(searchMembersDto, userId, limit)) {\n        members.push({\n          id: u.id,\n          login: u.login,\n          name: u.fullName,\n          description: u.email,\n          type: u.role === USER_ROLE.GUEST ? MEMBER_TYPE.GUEST : MEMBER_TYPE.USER,\n          permissions: searchMembersDto.withPermissions ? u.permissions : undefined\n        })\n      }\n    }\n    if (!searchMembersDto.onlyUsers) {\n      for (const g of await this.searchGroups(searchMembersDto, userId, limit)) {\n        members.push({\n          id: g.id,\n          name: g.name,\n          description: g.description,\n          type: g.type === GROUP_TYPE.USER ? MEMBER_TYPE.GROUP : MEMBER_TYPE.PGROUP,\n          permissions: searchMembersDto.withPermissions ? g.permissions : undefined\n        })\n      }\n    }\n    return members\n  }\n\n  async groupFromName(userId: number, name: string): Promise<Pick<Group, 'id' | 'name' | 'type'> & { role: UserGroup['role'] }> {\n    const [group] = await this.db\n      .select({\n        id: groups.id,\n        name: groups.name,\n        type: groups.type,\n        role: usersGroups.role\n      } satisfies (Pick<Group, 'id' | 'name' | 'type'> & { role: UserGroup['role'] }) | SelectedFields<any, any>)\n      .from(usersGroups)\n      .innerJoin(groups, eq(groups.id, usersGroups.groupId))\n      .where(and(eq(usersGroups.userId, userId), eq(groups.name, name)))\n      .limit(1)\n    return group\n  }\n\n  async browseRootGroups(userId: number): Promise<Member[]> {\n    const members = alias(usersGroups, 'members')\n    return this.db\n      .select({\n        id: groups.id,\n        name: groups.name,\n        description: groups.description,\n        createdAt: groups.createdAt,\n        modifiedAt: groups.modifiedAt,\n        type: sql<MEMBER_TYPE>`IF(${groups.type} = ${GROUP_TYPE.USER}, ${MEMBER_TYPE.GROUP}, ${MEMBER_TYPE.PGROUP})`,\n        groupRole: sql<USER_GROUP_ROLE>`${usersGroups.role}`,\n        counts: { users: countDistinct(members.userId) }\n      } satisfies Member | SelectedFields<any, any>)\n      .from(usersGroups)\n      .innerJoin(groups, and(eq(groups.id, usersGroups.groupId), eq(usersGroups.userId, userId)))\n      .leftJoin(members, eq(members.groupId, groups.id))\n      .groupBy(groups.id)\n  }\n\n  async browseGroupMembers(groupId: number): Promise<Member[]> {\n    return this.db\n      .select({\n        id: users.id,\n        login: users.login,\n        name: userFullNameSQL(users).as('name'),\n        description: users.email,\n        createdAt: usersGroups.createdAt,\n        type: sql<MEMBER_TYPE>`${MEMBER_TYPE.USER}`,\n        groupRole: sql<USER_GROUP_ROLE>`${usersGroups.role}`\n      } satisfies Member | SelectedFields<any, any>)\n      .from(groups)\n      .innerJoin(usersGroups, and(eq(usersGroups.groupId, groups.id), eq(usersGroups.groupId, groupId)))\n      .leftJoin(users, eq(users.id, usersGroups.userId))\n      .groupBy(users.id)\n  }\n\n  async canDeletePersonalGroup(userId: number, groupId: number): Promise<boolean> {\n    const [group] = await this.db\n      .select({ id: usersGroups.groupId })\n      .from(usersGroups)\n      .innerJoin(groups, and(eq(groups.id, usersGroups.groupId)))\n      .where(\n        and(\n          eq(groups.type, GROUP_TYPE.PERSONAL),\n          eq(usersGroups.userId, userId),\n          eq(usersGroups.groupId, groupId),\n          eq(usersGroups.role, USER_GROUP_ROLE.MANAGER)\n        )\n      )\n      .limit(1)\n    return !!group?.id\n  }\n\n  async getGroup(userId: number, groupId: number, asAdmin = false): Promise<GroupMember> {\n    const [group] = await this.db\n      .select({\n        id: groups.id,\n        name: groups.name,\n        description: groups.description,\n        createdAt: groups.createdAt,\n        modifiedAt: groups.modifiedAt,\n        type: sql<MEMBER_TYPE>`IF(${groups.type} = ${GROUP_TYPE.USER}, ${MEMBER_TYPE.GROUP}, ${MEMBER_TYPE.PGROUP})`\n      })\n      .from(usersGroups)\n      .innerJoin(groups, and(eq(groups.id, usersGroups.groupId)))\n      .where(\n        and(\n          eq(usersGroups.groupId, groupId),\n          sql`IF(${+asAdmin} = 0, ${usersGroups.userId} = ${userId} AND ${usersGroups.role} = ${USER_GROUP_ROLE.MANAGER}, 1)`\n        )\n      )\n      .limit(1)\n    return group\n  }\n\n  async getGroupWithMembers(userId: number, groupId: number, asAdmin = false): Promise<GroupWithMembers> {\n    const usersGroupsAlias: any = alias(usersGroups, 'usersFromGroups')\n    const [group] = await this.db\n      .select({\n        id: groups.id,\n        name: groups.name,\n        description: groups.description,\n        createdAt: groups.createdAt,\n        modifiedAt: groups.modifiedAt,\n        type: sql<MEMBER_TYPE>`IF(${groups.type} = ${GROUP_TYPE.USER}, ${sql.raw(`'${MEMBER_TYPE.GROUP}'`)}, ${sql.raw(`'${MEMBER_TYPE.PGROUP}'`)})`,\n        members: concatDistinctObjectsInArray(users.id, {\n          id: users.id,\n          login: users.login,\n          name: userFullNameSQL(users),\n          description: users.email,\n          type: sql.raw(`'${MEMBER_TYPE.USER}'`),\n          groupRole: usersGroupsAlias.role,\n          createdAt: dateTimeUTC(usersGroupsAlias.createdAt)\n        } satisfies Record<keyof Pick<Member, 'id' | 'name' | 'login' | 'description' | 'type' | 'groupRole' | 'createdAt'>, any>)\n      } satisfies GroupWithMembers | SelectedFields<any, any>)\n      .from(usersGroups)\n      .innerJoin(groups, eq(groups.id, usersGroups.groupId))\n      .leftJoin(usersGroupsAlias, and(eq(usersGroupsAlias.groupId, groups.id)))\n      .leftJoin(users, eq(users.id, usersGroupsAlias.userId))\n      .where(\n        and(\n          eq(usersGroups.groupId, groupId),\n          sql`IF(${+asAdmin} = 0, ${usersGroups.userId} = ${userId} AND ${usersGroups.role} = ${USER_GROUP_ROLE.MANAGER}, 1)`\n        )\n      )\n      .groupBy(groups.id)\n      .limit(1)\n    return group\n  }\n\n  async deletePersonalGroup(groupId: number): Promise<boolean> {\n    return dbCheckAffectedRows(\n      await this.db\n        .delete(groups)\n        .where(and(eq(groups.id, groupId), eq(groups.type, GROUP_TYPE.PERSONAL)))\n        .limit(1),\n      1,\n      false\n    )\n  }\n\n  async createPersonalGroup(managerId: number, userCreateOrUpdateGroupDto: UserCreateOrUpdateGroupDto): Promise<Group['id']> {\n    const groupId: number = dbGetInsertedId(\n      await this.db.insert(groups).values({\n        ...userCreateOrUpdateGroupDto,\n        type: GROUP_TYPE.PERSONAL,\n        visibility: GROUP_VISIBILITY.PRIVATE\n      } as Group)\n    )\n    await this.db.insert(usersGroups).values({ userId: managerId, groupId: groupId, role: USER_GROUP_ROLE.MANAGER } as UserGroup)\n    return groupId\n  }\n\n  async updateGroup(groupId: number, set: Partial<Record<keyof Group, any>>) {\n    if (Object.keys(set).length) {\n      try {\n        await this.db.update(groups).set(set).where(eq(groups.id, groupId))\n        this.logger.log(`${this.updateGroup.name} - group (${groupId}) was updated : ${JSON.stringify(set)}`)\n      } catch (e) {\n        this.logger.error(`${this.updateGroup.name} - group (${groupId}) was not updated : ${JSON.stringify(set)} : ${e}`)\n        throw new Error('Group was not updated')\n      }\n    }\n  }\n\n  async updateGroupMembers(\n    groupId: number,\n    members: {\n      add?: Pick<Member, 'id' | 'groupRole'>[]\n      remove?: UserGroup['userId'][]\n    }\n  ): Promise<void> {\n    if (members?.add?.length) {\n      try {\n        await this.db.insert(usersGroups).values(members.add.map((m) => ({ userId: m.id, groupId: groupId, role: m.groupRole })))\n        // clear cache\n        this.clearWhiteListCaches(members.add.map((m) => m.id))\n        this.logger.log(`${this.updateGroupMembers.name} - users ${JSON.stringify(members.add.map((m) => m.id))} was added to group (${groupId})`)\n      } catch (e) {\n        this.logger.error(\n          `${this.updateGroupMembers.name} - users ${JSON.stringify(members.add.map((m) => m.id))} was not added to group (${groupId}) : ${e}`\n        )\n        throw new Error('Group members was not added')\n      }\n    }\n    if (members?.remove?.length) {\n      try {\n        await this.db\n          .delete(usersGroups)\n          .where(and(eq(usersGroups.groupId, groupId), inArray(usersGroups.userId, members.remove)))\n          .limit(members.remove.length)\n        // clear cache\n        this.clearWhiteListCaches(members.remove)\n        this.logger.log(`${this.updateGroupMembers.name} - users ${JSON.stringify(members.remove)} was removed from group (${groupId})`)\n      } catch (e) {\n        this.logger.error(`${this.updateGroupMembers.name} - users ${JSON.stringify(members.remove)} was not removed from group (${groupId}) : ${e}`)\n        throw new Error('Group members was not removed')\n      }\n    }\n  }\n\n  async listGuests(guestId: null, managerId?: number, asAdmin?: boolean): Promise<GuestUser[]>\n  async listGuests(guestId: number, managerId?: number, asAdmin?: boolean): Promise<GuestUser>\n  async listGuests(guestId: number | null, managerId?: number, asAdmin = false): Promise<GuestUser | GuestUser[]> {\n    const where: SQL[] = [...(guestId ? [eq(usersGuests.guestId, guestId)] : []), ...(asAdmin ? [] : [eq(usersGuests.userId, managerId)])]\n    const managersGuestAlias: any = alias(usersGuests, 'managersGuestAlias')\n    const managersAlias: any = alias(users, 'managersAlias')\n    const guests = await this.db\n      .select({\n        id: users.id,\n        login: users.login,\n        email: users.email,\n        firstName: users.firstName,\n        lastName: users.lastName,\n        fullName: userFullNameSQL(users),\n        role: users.role,\n        isActive: users.isActive,\n        passwordAttempts: users.passwordAttempts,\n        language: users.language,\n        notification: users.notification,\n        currentAccess: users.currentAccess,\n        lastAccess: users.lastAccess,\n        currentIp: users.currentIp,\n        lastIp: users.lastIp,\n        createdAt: users.createdAt,\n        managers: concatDistinctObjectsInArray(managersAlias.id, {\n          id: managersAlias.id,\n          login: managersAlias.login,\n          name: userFullNameSQL(managersAlias),\n          type: sql.raw(`'${MEMBER_TYPE.USER}'`),\n          description: managersAlias.email,\n          createdAt: dateTimeUTC(managersGuestAlias.createdAt)\n        } satisfies Record<keyof Pick<Member, 'id' | 'name' | 'login' | 'description' | 'type' | 'createdAt'>, any>)\n      } satisfies GuestUser | SelectedFields<any, any>)\n      .from(usersGuests)\n      .innerJoin(users, and(eq(users.id, usersGuests.guestId), eq(users.role, USER_ROLE.GUEST)))\n      .leftJoin(managersGuestAlias, eq(managersGuestAlias.guestId, users.id))\n      .leftJoin(managersAlias, eq(managersAlias.id, managersGuestAlias.userId))\n      .where(and(...where))\n      .groupBy(users.id)\n      .limit(guestId ? 1 : undefined)\n    return guestId ? guests[0] : guests\n  }\n\n  async isGuestManager(managerId: number, guestId: number): Promise<{ id: number; login: string } | undefined> {\n    const [guest] = await this.db\n      .select({ id: usersGuests.guestId, login: users.login })\n      .from(usersGuests)\n      .innerJoin(users, eq(users.id, usersGuests.guestId))\n      .where(and(eq(usersGuests.userId, managerId), eq(usersGuests.guestId, guestId), eq(users.role, USER_ROLE.GUEST)))\n      .limit(1)\n    return guest\n  }\n\n  @CacheDecorator(900)\n  async usersWhitelist(userId: number, lowerOrEqualUserRole: USER_ROLE = USER_ROLE.GUEST): Promise<number[]> {\n    /* Get the list of user ids allowed to the current user\n       - all users with no groups (except users with a role higher than lowerOrEqualUserRole)\n       - all users who are members of groups visible to the current user\n         (VISIBLE groups for everyone, PRIVATE groups only if the current user is a member, never members of ISOLATED groups)\n       - all guests managed by the current user\n       - all managers who manage the current guest\n    */\n    const userIds: any = sql`\n    WITH visible_groups AS (\n      SELECT ${groups.id} AS id\n      FROM ${groups}\n      LEFT JOIN ${usersGroups}\n        ON ${usersGroups.groupId} = ${groups.id}\n       AND ${usersGroups.userId} = ${userId}\n      WHERE\n        ${groups.visibility} != ${GROUP_VISIBILITY.ISOLATED}\n        AND (\n          ${groups.visibility} = ${GROUP_VISIBILITY.VISIBLE}\n          OR (\n            ${groups.visibility} = ${GROUP_VISIBILITY.PRIVATE}\n            AND ${usersGroups.userId} IS NOT NULL\n          )\n        )\n    )\n    SELECT JSON_ARRAYAGG(id) AS ids\n    FROM (\n      -- 1) Users from groups visible to the current user\n      SELECT ${users.id} AS id\n      FROM ${users}\n      INNER JOIN ${usersGroups}\n        ON ${usersGroups.userId} = ${users.id}\n      INNER JOIN visible_groups\n        ON visible_groups.id = ${usersGroups.groupId}\n      WHERE ${users.role} <= ${sql.raw(`${lowerOrEqualUserRole}`)}\n\n      UNION\n\n      -- 2) Users with no groups\n      SELECT ${users.id} AS id\n      FROM ${users}\n      WHERE\n        ${users.role} <= ${sql.raw(`${lowerOrEqualUserRole}`)}\n        AND NOT EXISTS (\n          SELECT 1\n          FROM ${usersGroups}\n          WHERE ${usersGroups.userId} = ${users.id}\n        )\n\n      UNION\n\n      -- 3) Guests managed by the user and managers of the current guest\n      SELECT CASE\n               WHEN ${usersGuests.userId} = ${userId} THEN ${usersGuests.guestId}\n               WHEN ${usersGuests.guestId} = ${userId} THEN ${usersGuests.userId}\n             END AS id\n      FROM ${usersGuests}\n      WHERE ${usersGuests.userId} = ${userId}\n         OR ${usersGuests.guestId} = ${userId}\n    ) AS usersUnion\n  `\n    const [r] = await this.db.execute(userIds)\n    return JSON.parse(r[0].ids) || []\n  }\n\n  @CacheDecorator(900)\n  async groupsWhitelist(userId: number): Promise<number[]> {\n    /* Get the list of group IDs the current user is allowed to see.\n       - A group marked VISIBLE is always included.\n       - A group marked ISOLATED is always excluded.\n       - A PRIVATE group is included only if the user is a direct member of it.\n       - Visibility does not inherit from parent or child groups.\n    */\n    const q = this.db\n      .select({ id: sql`JSON_ARRAYAGG(${groups.id}) as ids` })\n      .from(groups)\n      .leftJoin(usersGroups, and(eq(usersGroups.groupId, groups.id), eq(usersGroups.userId, userId)))\n      .where(\n        and(\n          ne(groups.visibility, GROUP_VISIBILITY.ISOLATED),\n          or(eq(groups.visibility, GROUP_VISIBILITY.VISIBLE), and(eq(groups.visibility, GROUP_VISIBILITY.PRIVATE), isNotNull(usersGroups.userId)))\n        )\n      )\n    const [r] = await this.db.execute(q)\n    return JSON.parse(r[0].ids) || []\n  }\n\n  clearWhiteListCaches(userIds: number[] | '*') {\n    if (userIds === '*') {\n      // Means all entries\n      for (const pattern of [\n        this.cache.genSlugKey(this.constructor.name, this.usersWhitelist.name, userIds),\n        this.cache.genSlugKey(this.constructor.name, this.groupsWhitelist.name, userIds)\n      ]) {\n        this.cache\n          .keys(pattern)\n          .then((keys: string[]) => {\n            if (!keys.length) return\n            this.logger.verbose(`${this.clearWhiteListCaches.name} - ${JSON.stringify(keys)}`)\n            this.cache.mdel(keys).catch((e: Error) => this.logger.error(`${this.clearWhiteListCaches.name} - ${e}`))\n          })\n          .catch((e: Error) => this.logger.error(`${this.clearWhiteListCaches.name} - ${e}`))\n      }\n    } else {\n      this.cache\n        .mdel([\n          ...userIds.map((id: number) => this.cache.genSlugKey(this.constructor.name, this.usersWhitelist.name, id)),\n          ...userIds.map((id: number) => this.cache.genSlugKey(this.constructor.name, this.groupsWhitelist.name, id))\n        ])\n        .catch((e: Error) => this.logger.error(`${this.clearWhiteListCaches.name} - ${e}`))\n    }\n  }\n\n  async allUserIdsFromGroupsAndSubGroups(groupIds: number[]): Promise<number[]> {\n    if (!groupIds.length) return []\n    const subGroup: any = alias(groups, 'subGroup')\n    const withChildren: any = sql`\n      WITH RECURSIVE child (id, parentId) AS\n                       (SELECT ${groups.id}, ${groups.parentId}\n                        FROM ${groups}\n                        WHERE ${inArray(groups.id, groupIds)}\n                        UNION\n                        SELECT ${subGroup.id},\n                               ${subGroup.parentId}\n                        FROM ${groups} AS subGroup\n                               INNER JOIN child AS cs ON ${subGroup.parentId} = cs.id)\n      SELECT DISTINCT ${usersGroups.userId} as userId\n      FROM child\n             INNER JOIN ${usersGroups} ON child.id = ${usersGroups.groupId}\n    `\n    const [r]: { userId: number }[][] = (await this.db.execute(withChildren)) as MySqlQueryResult\n    return r.length ? r.map((r) => r.userId) : []\n  }\n\n  private async searchGroups(\n    searchMembersDto: SearchMembersDto,\n    userId?: number,\n    limit = 3\n  ): Promise<Pick<Group, 'id' | 'name' | 'description' | 'type' | 'permissions'>[]> {\n    /* Search for groups */\n    const where: SQL[] = [like(groups.name, `%${searchMembersDto.search}%`)]\n    if (userId) {\n      let idsWhitelist: number[] = await this.groupsWhitelist(userId)\n      if (searchMembersDto.ignoreGroupIds?.length) {\n        idsWhitelist = idsWhitelist.filter((id) => searchMembersDto.ignoreGroupIds.indexOf(id) === -1)\n      }\n      where.unshift(inArray(groups.id, idsWhitelist))\n    } else if (searchMembersDto.ignoreGroupIds?.length) {\n      where.unshift(notInArray(groups.id, searchMembersDto.ignoreGroupIds))\n    }\n    if (searchMembersDto.excludePersonalGroups) {\n      where.unshift(eq(groups.type, GROUP_TYPE.USER))\n    }\n    return this.db\n      .select({ id: groups.id, name: groups.name, description: groups.description, type: groups.type, permissions: groups.permissions })\n      .from(groups)\n      .where(and(...where))\n      .limit(limit)\n  }\n\n  private async searchUsers(\n    searchMembersDto: SearchMembersDto,\n    userId?: number,\n    limit = 3\n  ): Promise<Pick<UserModel, 'id' | 'login' | 'email' | 'fullName' | 'role' | 'permissions'>[]> {\n    /* Search for users */\n    const where: SQL[] = [\n      ne(users.role, USER_ROLE.LINK),\n      or(like(sql`CONCAT_WS('-', ${users.login}, ${users.email}, ${users.firstName}, ${users.lastName})`, `%${searchMembersDto.search}%`))\n    ]\n    if (userId) {\n      let idsWhitelist: number[] = await this.usersWhitelist(userId)\n      if (searchMembersDto.ignoreUserIds?.length) {\n        idsWhitelist = idsWhitelist.filter((id) => searchMembersDto.ignoreUserIds.indexOf(id) === -1)\n      }\n      where.unshift(inArray(users.id, idsWhitelist))\n    } else {\n      if (searchMembersDto.ignoreUserIds?.length) {\n        where.unshift(notInArray(users.id, searchMembersDto.ignoreUserIds))\n      }\n    }\n    if (typeof searchMembersDto.usersRole !== 'undefined') {\n      if (searchMembersDto.usersRole === USER_ROLE.USER) {\n        // allow admin users\n        where.unshift(lte(users.role, searchMembersDto.usersRole))\n      } else {\n        where.unshift(eq(users.role, searchMembersDto.usersRole))\n      }\n    }\n    return this.db\n      .select({\n        id: users.id,\n        login: users.login,\n        email: users.email,\n        fullName: userFullNameSQL(users),\n        role: users.role,\n        permissions: users.permissions\n      })\n      .from(users)\n      .where(and(...where))\n      .limit(limit)\n  }\n}\n"],"names":["UsersQueries","checkUserExists","login","email","Error","columns","where","push","eq","users","operator","or","and","db","query","findFirst","setOnlineStatus","userId","onlineStatus","updateUserOrGuest","getOnlineUsers","userIds","select","id","fullName","userFullNameSQL","from","inArray","checkGroupNameExists","groupName","group","name","groups","limit","compareUserPassword","password","hash","selectUsers","comparePassword","loginOrEmail","pQuery","fromIdPermissionsQuery","fromLoginOrEmailPermissionsQuery","sql","placeholder","user","groupsPermissions","permissions","USER_PERMS_SEP","leftJoin","usersGroups","groupId","ne","groupBy","prepare","r","execute","length","uniquePermissions","getUserSecrets","secrets","fields","convertToSelect","selectUserProperties","createUserOrGuest","createUserDto","userRole","dbGetInsertedId","insert","values","role","USER_ROLE","USER","map","gid","GUEST","managers","usersGuests","uid","guestId","set","dbCheckAffectedRows","update","logger","verbose","JSON","stringify","anonymizePassword","e","error","deleteGuestLink","delete","LINK","searchUsersOrGroups","searchMembersDto","onlyUsers","onlyGroups","members","u","searchUsers","description","type","MEMBER_TYPE","withPermissions","undefined","g","searchGroups","GROUP_TYPE","GROUP","PGROUP","groupFromName","innerJoin","browseRootGroups","alias","createdAt","modifiedAt","groupRole","counts","countDistinct","browseGroupMembers","as","canDeletePersonalGroup","PERSONAL","USER_GROUP_ROLE","MANAGER","getGroup","asAdmin","getGroupWithMembers","usersGroupsAlias","raw","concatDistinctObjectsInArray","dateTimeUTC","deletePersonalGroup","createPersonalGroup","managerId","userCreateOrUpdateGroupDto","visibility","GROUP_VISIBILITY","PRIVATE","updateGroup","Object","keys","log","updateGroupMembers","add","m","clearWhiteListCaches","remove","listGuests","managersGuestAlias","managersAlias","guests","firstName","lastName","isActive","passwordAttempts","language","notification","currentAccess","lastAccess","currentIp","lastIp","isGuestManager","guest","usersWhitelist","lowerOrEqualUserRole","ISOLATED","VISIBLE","parse","ids","groupsWhitelist","q","isNotNull","pattern","cache","genSlugKey","then","mdel","catch","allUserIdsFromGroupsAndSubGroups","groupIds","subGroup","withChildren","parentId","like","search","idsWhitelist","ignoreGroupIds","filter","indexOf","unshift","notInArray","excludePersonalGroups","ignoreUserIds","usersRole","lte","Logger"],"mappings":"AAAA;;;;CAIC;;;;+BAuCYA;;;eAAAA;;;wBArC8B;4BACyE;2BAC9F;2BAEgD;gCACvC;8BACT;2BACY;mCACT;uBAOlB;uBACsC;wBACjB;sBACmD;8BAWxD;mCAGK;mCACA;6BACW;;;;;;;;;;;;;;;AAGhC,IAAA,AAAMA,eAAN,MAAMA;IAUXC,gBAAgBC,KAAc,EAAEC,KAAc,EAA+C;QAC3F,IAAI,CAACD,SAAS,CAACC,OAAO;YACpB,MAAM,IAAIC,MAAM;QAClB;QACA,MAAMC,UAAgD,CAAC;QACvD,MAAMC,QAAe,EAAE;QACvB,IAAIJ,OAAO;YACTG,QAAQH,KAAK,GAAG;YAChBI,MAAMC,IAAI,CAACC,IAAAA,cAAE,EAACC,kBAAK,CAACP,KAAK,EAAEA;QAC7B;QACA,IAAIC,OAAO;YACTE,QAAQF,KAAK,GAAG;YAChBG,MAAMC,IAAI,CAACC,IAAAA,cAAE,EAACC,kBAAK,CAACN,KAAK,EAAEA;QAC7B;QACA,MAAMO,WAAWR,SAASC,QAAQQ,cAAE,GAAGC,eAAG;QAC1C,OAAO,IAAI,CAACC,EAAE,CAACC,KAAK,CAACL,KAAK,CAACM,SAAS,CAAC;YACnCV,SAASA;YACTC,OAAOI,YAAYJ;QACrB;IACF;IAEAU,gBAAgBC,MAAc,EAAEC,YAAgC,EAAoB;QAClF,OAAO,IAAI,CAACC,iBAAiB,CAACF,QAAQ;YAAEC,cAAcA;QAAa;IACrE;IAEAE,eAAeC,OAAiB,EAAyB;QACvD,OAAO,IAAI,CAACR,EAAE,CACXS,MAAM,CAAC;YACNC,IAAId,kBAAK,CAACc,EAAE;YACZrB,OAAOO,kBAAK,CAACP,KAAK;YAClBC,OAAOM,kBAAK,CAACN,KAAK;YAClBqB,UAAUC,IAAAA,4BAAe,EAAChB,kBAAK;YAC/BS,cAAcT,kBAAK,CAACS,YAAY;QAClC,GACCQ,IAAI,CAACjB,kBAAK,EACVH,KAAK,CAACqB,IAAAA,mBAAO,EAAClB,kBAAK,CAACc,EAAE,EAAEF;IAC7B;IAEA,MAAMO,qBAAqBC,SAAiB,EAAoB;QAC9D,MAAM,CAACC,MAAM,GAAG,MAAM,IAAI,CAACjB,EAAE,CAACS,MAAM,CAAC;YAAES,MAAMC,oBAAM,CAACD,IAAI;QAAC,GAAGL,IAAI,CAACM,oBAAM,EAAE1B,KAAK,CAACE,IAAAA,cAAE,EAACwB,oBAAM,CAACD,IAAI,EAAEF,YAAYI,KAAK,CAAC;QACjH,OAAO,CAAC,CAACH,OAAOC;IAClB;IAEA,MAAMG,oBAAoBjB,MAAc,EAAEkB,QAAgB,EAAoB;QAC5E,MAAM,CAACC,KAAK,GAAI,MAAM,IAAI,CAACC,WAAW,CAAC;YAAC;SAAW,EAAE;YAAC7B,IAAAA,cAAE,EAACC,kBAAK,CAACc,EAAE,EAAEN;SAAQ;QAC3E,IAAI,CAACmB,MAAM,OAAO;QAClB,OAAOE,IAAAA,0BAAe,EAACH,UAAUC,KAAKD,QAAQ;IAChD;IAEA,MAAMT,KAAKT,MAAe,EAAEsB,YAAqB,EAAiB;QAChE,6CAA6C;QAC7C,IAAIC,SAAmCvB,SAAS,IAAI,CAACwB,sBAAsB,GAAG,IAAI,CAACC,gCAAgC;QACnH,IAAI,CAACF,QAAQ;YACX,MAAMlC,QAAQW,SACVT,IAAAA,cAAE,EAACC,kBAAK,CAACc,EAAE,EAAEoB,eAAG,CAACC,WAAW,CAAC,aAC7BjC,IAAAA,cAAE,EAACH,IAAAA,cAAE,EAACC,kBAAK,CAACP,KAAK,EAAEyC,eAAG,CAACC,WAAW,CAAC,kBAAkBpC,IAAAA,cAAE,EAACC,kBAAK,CAACN,KAAK,EAAEwC,eAAG,CAACC,WAAW,CAAC;YACzFJ,SAAS,IAAI,CAAC3B,EAAE,CACbS,MAAM,CAAC;gBACNuB,MAAMpC,kBAAK;gBACXqC,mBAAmBH,IAAAA,eAAG,CAAA,CAAC,uBAAuB,EAAEX,oBAAM,CAACe,WAAW,CAAC,YAAY,EAAEC,oBAAc,CAAC,CAAC,CAAC;YACpG,GACCtB,IAAI,CAACjB,kBAAK,EACVwC,QAAQ,CAACC,8BAAW,EAAE1C,IAAAA,cAAE,EAAC0C,8BAAW,CAACjC,MAAM,EAAER,kBAAK,CAACc,EAAE,GACrD0B,QAAQ,CAACjB,oBAAM,EAAEpB,IAAAA,eAAG,EAACJ,IAAAA,cAAE,EAACwB,oBAAM,CAACT,EAAE,EAAE2B,8BAAW,CAACC,OAAO,GAAGC,IAAAA,cAAE,EAACpB,oBAAM,CAACe,WAAW,EAAE,MAChFzC,KAAK,CAACA,OACN+C,OAAO,CAAC5C,kBAAK,CAACc,EAAE,EAChBU,KAAK,CAAC,GACNqB,OAAO;YACV,IAAIrC,QAAQ;gBACV,IAAI,CAACwB,sBAAsB,GAAGD;YAChC,OAAO;gBACL,IAAI,CAACE,gCAAgC,GAAGF;YAC1C;QACF;QACA,MAAMe,IAAI,MAAMf,OAAOgB,OAAO,CAACvC,SAAS;YAAEA;QAAO,IAAI;YAAEsB;QAAa;QACpE,IAAI,CAACgB,EAAEE,MAAM,EAAE,OAAO;QACtB,MAAM,CAACZ,MAAMC,kBAAkB,GAAG;YAACS,CAAC,CAAC,EAAE,CAACV,IAAI;YAAEU,CAAC,CAAC,EAAE,CAACT,iBAAiB;SAAC;QACrE,oCAAoC;QACpCD,KAAKE,WAAW,GAAGW,IAAAA,4BAAiB,EAAC,GAAGb,KAAKE,WAAW,CAAC,CAAC,EAAED,mBAAmB,EAAEE,oBAAc;QAC/F,OAAOH;IACT;IAEA,MAAMc,eAAe1C,MAAc,EAAwB;QACzD,MAAM,CAACsC,EAAE,GAA+B,MAAM,IAAI,CAAC1C,EAAE,CAACS,MAAM,CAAC;YAAEsC,SAASnD,kBAAK,CAACmD,OAAO;QAAC,GAAGlC,IAAI,CAACjB,kBAAK,EAAEH,KAAK,CAACE,IAAAA,cAAE,EAACC,kBAAK,CAACc,EAAE,EAAEN,SAASgB,KAAK,CAAC;QACvI,OAAOsB,EAAEK,OAAO,IAAI,CAAC;IACvB;IAEAvB,YAAYwB,SAAgC;QAAC;QAAM;QAAS;KAAQ,EAAEvD,KAAY,EAA4B;QAC5G,MAAMgB,SAAkCwC,IAAAA,sBAAe,EAACrD,kBAAK,EAAEoD;QAC/D,OAAO,IAAI,CAAChD,EAAE,CACXS,MAAM,CAACA,QACPI,IAAI,CAACjB,kBAAK,EACVH,KAAK,CAACM,IAAAA,eAAG,KAAIN;IAClB;IAEA,MAAMyD,qBAAqB9C,MAAc,EAAE4C,MAA6B,EAA0B;QAChG,MAAMvC,SAAkCwC,IAAAA,sBAAe,EAACrD,kBAAK,EAAEoD;QAC/D,MAAM,CAACN,EAAE,GAA0B,MAAM,IAAI,CAAC1C,EAAE,CAACS,MAAM,CAACA,QAAQI,IAAI,CAACjB,kBAAK,EAAEH,KAAK,CAACE,IAAAA,cAAE,EAACC,kBAAK,CAACc,EAAE,EAAEN,SAASgB,KAAK,CAAC;QAC9G,OAAOsB;IACT;IAEA,MAAMS,kBAAkBC,aAA4B,EAAEC,QAAmB,EAAuB;QAC9F,MAAMjD,SAAiBkD,IAAAA,sBAAe,EAAC,MAAM,IAAI,CAACtD,EAAE,CAACuD,MAAM,CAAC3D,kBAAK,EAAE4D,MAAM,CAAC;YAAE,GAAGJ,aAAa;YAAEK,MAAMJ;QAAS;QAC7G,IAAIA,aAAaK,eAAS,CAACC,IAAI,IAAIP,cAAcjC,MAAM,EAAEyB,QAAQ;YAC/D,MAAM,IAAI,CAAC5C,EAAE,CAACuD,MAAM,CAAClB,8BAAW,EAAEmB,MAAM,CAACJ,cAAcjC,MAAM,CAACyC,GAAG,CAAC,CAACC,MAAiB,CAAA;oBAAEzD,QAAQA;oBAAQkC,SAASuB;gBAAI,CAAA;QACrH;QACA,IAAIR,aAAaK,eAAS,CAACI,KAAK,IAAIV,cAAcW,QAAQ,EAAEnB,QAAQ;YAClE,MAAM,IAAI,CAAC5C,EAAE,CAACuD,MAAM,CAACS,8BAAW,EAAER,MAAM,CAACJ,cAAcW,QAAQ,CAACH,GAAG,CAAC,CAACK,MAAiB,CAAA;oBAAEC,SAAS9D;oBAAQA,QAAQ6D;gBAAI,CAAA;QACvH;QACA,OAAO7D;IACT;IAEA,MAAME,kBAAkBF,MAAc,EAAE+D,GAAqC,EAAEd,QAAoB,EAAoB;QACrH,IAAI;YACFe,IAAAA,0BAAmB,EACjB,MAAM,IAAI,CAACpE,EAAE,CACVqE,MAAM,CAACzE,kBAAK,EACZuE,GAAG,CAAC;gBAAE,GAAGA,GAAG;gBAAE,GAAId,YAAY;oBAAEI,MAAMJ;gBAAS,CAAC;YAAE,GAClD5D,KAAK,CAACE,IAAAA,cAAE,EAACC,kBAAK,CAACc,EAAE,EAAEN,UACtB;YAEF,IAAI,CAACkE,MAAM,CAACC,OAAO,CAAC,GAAG,IAAI,CAACjE,iBAAiB,CAACY,IAAI,CAAC,SAAS,EAAEd,OAAO,gBAAgB,EAAEoE,KAAKC,SAAS,CAACC,IAAAA,4BAAiB,EAACP,OAAO;YAC/H,OAAO;QACT,EAAE,OAAOQ,GAAG;YACV,IAAI,CAACL,MAAM,CAACM,KAAK,CAAC,GAAG,IAAI,CAACtE,iBAAiB,CAACY,IAAI,CAAC,SAAS,EAAEd,OAAO,oBAAoB,EAAEoE,KAAKC,SAAS,CAACC,IAAAA,4BAAiB,EAACP,MAAM,GAAG,EAAEQ,GAAG;YACxI,OAAO;QACT;IACF;IAEA,MAAME,gBAAgBzE,MAAc,EAAiB;QACnDgE,IAAAA,0BAAmB,EAAC,MAAM,IAAI,CAACpE,EAAE,CAAC8E,MAAM,CAAClF,kBAAK,EAAEH,KAAK,CAACM,IAAAA,eAAG,EAACJ,IAAAA,cAAE,EAACC,kBAAK,CAACc,EAAE,EAAEN,SAAST,IAAAA,cAAE,EAACC,kBAAK,CAAC6D,IAAI,EAAEC,eAAS,CAACqB,IAAI,KAAK;IACpH;IAEA,MAAMC,oBAAoBC,gBAAkC,EAAE7E,MAAe,EAAqB;QAChG,MAAMgB,QAAQ6D,iBAAiBC,SAAS,IAAID,iBAAiBE,UAAU,GAAG,IAAI;QAC9E,MAAMC,UAAoB,EAAE;QAC5B,IAAI,CAACH,iBAAiBE,UAAU,EAAE;YAChC,KAAK,MAAME,KAAK,CAAA,MAAM,IAAI,CAACC,WAAW,CAACL,kBAAkB7E,QAAQgB,MAAK,EAAG;gBACvEgE,QAAQ1F,IAAI,CAAC;oBACXgB,IAAI2E,EAAE3E,EAAE;oBACRrB,OAAOgG,EAAEhG,KAAK;oBACd6B,MAAMmE,EAAE1E,QAAQ;oBAChB4E,aAAaF,EAAE/F,KAAK;oBACpBkG,MAAMH,EAAE5B,IAAI,KAAKC,eAAS,CAACI,KAAK,GAAG2B,mBAAW,CAAC3B,KAAK,GAAG2B,mBAAW,CAAC9B,IAAI;oBACvEzB,aAAa+C,iBAAiBS,eAAe,GAAGL,EAAEnD,WAAW,GAAGyD;gBAClE;YACF;QACF;QACA,IAAI,CAACV,iBAAiBC,SAAS,EAAE;YAC/B,KAAK,MAAMU,KAAK,CAAA,MAAM,IAAI,CAACC,YAAY,CAACZ,kBAAkB7E,QAAQgB,MAAK,EAAG;gBACxEgE,QAAQ1F,IAAI,CAAC;oBACXgB,IAAIkF,EAAElF,EAAE;oBACRQ,MAAM0E,EAAE1E,IAAI;oBACZqE,aAAaK,EAAEL,WAAW;oBAC1BC,MAAMI,EAAEJ,IAAI,KAAKM,iBAAU,CAACnC,IAAI,GAAG8B,mBAAW,CAACM,KAAK,GAAGN,mBAAW,CAACO,MAAM;oBACzE9D,aAAa+C,iBAAiBS,eAAe,GAAGE,EAAE1D,WAAW,GAAGyD;gBAClE;YACF;QACF;QACA,OAAOP;IACT;IAEA,MAAMa,cAAc7F,MAAc,EAAEc,IAAY,EAA8E;QAC5H,MAAM,CAACD,MAAM,GAAG,MAAM,IAAI,CAACjB,EAAE,CAC1BS,MAAM,CAAC;YACNC,IAAIS,oBAAM,CAACT,EAAE;YACbQ,MAAMC,oBAAM,CAACD,IAAI;YACjBsE,MAAMrE,oBAAM,CAACqE,IAAI;YACjB/B,MAAMpB,8BAAW,CAACoB,IAAI;QACxB,GACC5C,IAAI,CAACwB,8BAAW,EAChB6D,SAAS,CAAC/E,oBAAM,EAAExB,IAAAA,cAAE,EAACwB,oBAAM,CAACT,EAAE,EAAE2B,8BAAW,CAACC,OAAO,GACnD7C,KAAK,CAACM,IAAAA,eAAG,EAACJ,IAAAA,cAAE,EAAC0C,8BAAW,CAACjC,MAAM,EAAEA,SAAST,IAAAA,cAAE,EAACwB,oBAAM,CAACD,IAAI,EAAEA,QAC1DE,KAAK,CAAC;QACT,OAAOH;IACT;IAEA,MAAMkF,iBAAiB/F,MAAc,EAAqB;QACxD,MAAMgF,UAAUgB,IAAAA,gBAAK,EAAC/D,8BAAW,EAAE;QACnC,OAAO,IAAI,CAACrC,EAAE,CACXS,MAAM,CAAC;YACNC,IAAIS,oBAAM,CAACT,EAAE;YACbQ,MAAMC,oBAAM,CAACD,IAAI;YACjBqE,aAAapE,oBAAM,CAACoE,WAAW;YAC/Bc,WAAWlF,oBAAM,CAACkF,SAAS;YAC3BC,YAAYnF,oBAAM,CAACmF,UAAU;YAC7Bd,MAAM1D,IAAAA,eAAG,CAAa,CAAC,GAAG,EAAEX,oBAAM,CAACqE,IAAI,CAAC,GAAG,EAAEM,iBAAU,CAACnC,IAAI,CAAC,EAAE,EAAE8B,mBAAW,CAACM,KAAK,CAAC,EAAE,EAAEN,mBAAW,CAACO,MAAM,CAAC,CAAC,CAAC;YAC5GO,WAAWzE,IAAAA,eAAG,CAAiB,CAAC,EAAEO,8BAAW,CAACoB,IAAI,CAAC,CAAC;YACpD+C,QAAQ;gBAAE5G,OAAO6G,IAAAA,yBAAa,EAACrB,QAAQhF,MAAM;YAAE;QACjD,GACCS,IAAI,CAACwB,8BAAW,EAChB6D,SAAS,CAAC/E,oBAAM,EAAEpB,IAAAA,eAAG,EAACJ,IAAAA,cAAE,EAACwB,oBAAM,CAACT,EAAE,EAAE2B,8BAAW,CAACC,OAAO,GAAG3C,IAAAA,cAAE,EAAC0C,8BAAW,CAACjC,MAAM,EAAEA,UACjFgC,QAAQ,CAACgD,SAASzF,IAAAA,cAAE,EAACyF,QAAQ9C,OAAO,EAAEnB,oBAAM,CAACT,EAAE,GAC/C8B,OAAO,CAACrB,oBAAM,CAACT,EAAE;IACtB;IAEA,MAAMgG,mBAAmBpE,OAAe,EAAqB;QAC3D,OAAO,IAAI,CAACtC,EAAE,CACXS,MAAM,CAAC;YACNC,IAAId,kBAAK,CAACc,EAAE;YACZrB,OAAOO,kBAAK,CAACP,KAAK;YAClB6B,MAAMN,IAAAA,4BAAe,EAAChB,kBAAK,EAAE+G,EAAE,CAAC;YAChCpB,aAAa3F,kBAAK,CAACN,KAAK;YACxB+G,WAAWhE,8BAAW,CAACgE,SAAS;YAChCb,MAAM1D,IAAAA,eAAG,CAAa,CAAC,EAAE2D,mBAAW,CAAC9B,IAAI,CAAC,CAAC;YAC3C4C,WAAWzE,IAAAA,eAAG,CAAiB,CAAC,EAAEO,8BAAW,CAACoB,IAAI,CAAC,CAAC;QACtD,GACC5C,IAAI,CAACM,oBAAM,EACX+E,SAAS,CAAC7D,8BAAW,EAAEtC,IAAAA,eAAG,EAACJ,IAAAA,cAAE,EAAC0C,8BAAW,CAACC,OAAO,EAAEnB,oBAAM,CAACT,EAAE,GAAGf,IAAAA,cAAE,EAAC0C,8BAAW,CAACC,OAAO,EAAEA,WACvFF,QAAQ,CAACxC,kBAAK,EAAED,IAAAA,cAAE,EAACC,kBAAK,CAACc,EAAE,EAAE2B,8BAAW,CAACjC,MAAM,GAC/CoC,OAAO,CAAC5C,kBAAK,CAACc,EAAE;IACrB;IAEA,MAAMkG,uBAAuBxG,MAAc,EAAEkC,OAAe,EAAoB;QAC9E,MAAM,CAACrB,MAAM,GAAG,MAAM,IAAI,CAACjB,EAAE,CAC1BS,MAAM,CAAC;YAAEC,IAAI2B,8BAAW,CAACC,OAAO;QAAC,GACjCzB,IAAI,CAACwB,8BAAW,EAChB6D,SAAS,CAAC/E,oBAAM,EAAEpB,IAAAA,eAAG,EAACJ,IAAAA,cAAE,EAACwB,oBAAM,CAACT,EAAE,EAAE2B,8BAAW,CAACC,OAAO,IACvD7C,KAAK,CACJM,IAAAA,eAAG,EACDJ,IAAAA,cAAE,EAACwB,oBAAM,CAACqE,IAAI,EAAEM,iBAAU,CAACe,QAAQ,GACnClH,IAAAA,cAAE,EAAC0C,8BAAW,CAACjC,MAAM,EAAEA,SACvBT,IAAAA,cAAE,EAAC0C,8BAAW,CAACC,OAAO,EAAEA,UACxB3C,IAAAA,cAAE,EAAC0C,8BAAW,CAACoB,IAAI,EAAEqD,qBAAe,CAACC,OAAO,IAG/C3F,KAAK,CAAC;QACT,OAAO,CAAC,CAACH,OAAOP;IAClB;IAEA,MAAMsG,SAAS5G,MAAc,EAAEkC,OAAe,EAAE2E,UAAU,KAAK,EAAwB;QACrF,MAAM,CAAChG,MAAM,GAAG,MAAM,IAAI,CAACjB,EAAE,CAC1BS,MAAM,CAAC;YACNC,IAAIS,oBAAM,CAACT,EAAE;YACbQ,MAAMC,oBAAM,CAACD,IAAI;YACjBqE,aAAapE,oBAAM,CAACoE,WAAW;YAC/Bc,WAAWlF,oBAAM,CAACkF,SAAS;YAC3BC,YAAYnF,oBAAM,CAACmF,UAAU;YAC7Bd,MAAM1D,IAAAA,eAAG,CAAa,CAAC,GAAG,EAAEX,oBAAM,CAACqE,IAAI,CAAC,GAAG,EAAEM,iBAAU,CAACnC,IAAI,CAAC,EAAE,EAAE8B,mBAAW,CAACM,KAAK,CAAC,EAAE,EAAEN,mBAAW,CAACO,MAAM,CAAC,CAAC,CAAC;QAC9G,GACCnF,IAAI,CAACwB,8BAAW,EAChB6D,SAAS,CAAC/E,oBAAM,EAAEpB,IAAAA,eAAG,EAACJ,IAAAA,cAAE,EAACwB,oBAAM,CAACT,EAAE,EAAE2B,8BAAW,CAACC,OAAO,IACvD7C,KAAK,CACJM,IAAAA,eAAG,EACDJ,IAAAA,cAAE,EAAC0C,8BAAW,CAACC,OAAO,EAAEA,UACxBR,IAAAA,eAAG,CAAA,CAAC,GAAG,EAAE,CAACmF,QAAQ,MAAM,EAAE5E,8BAAW,CAACjC,MAAM,CAAC,GAAG,EAAEA,OAAO,KAAK,EAAEiC,8BAAW,CAACoB,IAAI,CAAC,GAAG,EAAEqD,qBAAe,CAACC,OAAO,CAAC,IAAI,CAAC,GAGtH3F,KAAK,CAAC;QACT,OAAOH;IACT;IAEA,MAAMiG,oBAAoB9G,MAAc,EAAEkC,OAAe,EAAE2E,UAAU,KAAK,EAA6B;QACrG,MAAME,mBAAwBf,IAAAA,gBAAK,EAAC/D,8BAAW,EAAE;QACjD,MAAM,CAACpB,MAAM,GAAG,MAAM,IAAI,CAACjB,EAAE,CAC1BS,MAAM,CAAC;YACNC,IAAIS,oBAAM,CAACT,EAAE;YACbQ,MAAMC,oBAAM,CAACD,IAAI;YACjBqE,aAAapE,oBAAM,CAACoE,WAAW;YAC/Bc,WAAWlF,oBAAM,CAACkF,SAAS;YAC3BC,YAAYnF,oBAAM,CAACmF,UAAU;YAC7Bd,MAAM1D,IAAAA,eAAG,CAAa,CAAC,GAAG,EAAEX,oBAAM,CAACqE,IAAI,CAAC,GAAG,EAAEM,iBAAU,CAACnC,IAAI,CAAC,EAAE,EAAE7B,eAAG,CAACsF,GAAG,CAAC,CAAC,CAAC,EAAE3B,mBAAW,CAACM,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,EAAEjE,eAAG,CAACsF,GAAG,CAAC,CAAC,CAAC,EAAE3B,mBAAW,CAACO,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;YAC5IZ,SAASiC,IAAAA,mCAA4B,EAACzH,kBAAK,CAACc,EAAE,EAAE;gBAC9CA,IAAId,kBAAK,CAACc,EAAE;gBACZrB,OAAOO,kBAAK,CAACP,KAAK;gBAClB6B,MAAMN,IAAAA,4BAAe,EAAChB,kBAAK;gBAC3B2F,aAAa3F,kBAAK,CAACN,KAAK;gBACxBkG,MAAM1D,eAAG,CAACsF,GAAG,CAAC,CAAC,CAAC,EAAE3B,mBAAW,CAAC9B,IAAI,CAAC,CAAC,CAAC;gBACrC4C,WAAWY,iBAAiB1D,IAAI;gBAChC4C,WAAWiB,IAAAA,kBAAW,EAACH,iBAAiBd,SAAS;YACnD;QACF,GACCxF,IAAI,CAACwB,8BAAW,EAChB6D,SAAS,CAAC/E,oBAAM,EAAExB,IAAAA,cAAE,EAACwB,oBAAM,CAACT,EAAE,EAAE2B,8BAAW,CAACC,OAAO,GACnDF,QAAQ,CAAC+E,kBAAkBpH,IAAAA,eAAG,EAACJ,IAAAA,cAAE,EAACwH,iBAAiB7E,OAAO,EAAEnB,oBAAM,CAACT,EAAE,IACrE0B,QAAQ,CAACxC,kBAAK,EAAED,IAAAA,cAAE,EAACC,kBAAK,CAACc,EAAE,EAAEyG,iBAAiB/G,MAAM,GACpDX,KAAK,CACJM,IAAAA,eAAG,EACDJ,IAAAA,cAAE,EAAC0C,8BAAW,CAACC,OAAO,EAAEA,UACxBR,IAAAA,eAAG,CAAA,CAAC,GAAG,EAAE,CAACmF,QAAQ,MAAM,EAAE5E,8BAAW,CAACjC,MAAM,CAAC,GAAG,EAAEA,OAAO,KAAK,EAAEiC,8BAAW,CAACoB,IAAI,CAAC,GAAG,EAAEqD,qBAAe,CAACC,OAAO,CAAC,IAAI,CAAC,GAGtHvE,OAAO,CAACrB,oBAAM,CAACT,EAAE,EACjBU,KAAK,CAAC;QACT,OAAOH;IACT;IAEA,MAAMsG,oBAAoBjF,OAAe,EAAoB;QAC3D,OAAO8B,IAAAA,0BAAmB,EACxB,MAAM,IAAI,CAACpE,EAAE,CACV8E,MAAM,CAAC3D,oBAAM,EACb1B,KAAK,CAACM,IAAAA,eAAG,EAACJ,IAAAA,cAAE,EAACwB,oBAAM,CAACT,EAAE,EAAE4B,UAAU3C,IAAAA,cAAE,EAACwB,oBAAM,CAACqE,IAAI,EAAEM,iBAAU,CAACe,QAAQ,IACrEzF,KAAK,CAAC,IACT,GACA;IAEJ;IAEA,MAAMoG,oBAAoBC,SAAiB,EAAEC,0BAAsD,EAAwB;QACzH,MAAMpF,UAAkBgB,IAAAA,sBAAe,EACrC,MAAM,IAAI,CAACtD,EAAE,CAACuD,MAAM,CAACpC,oBAAM,EAAEqC,MAAM,CAAC;YAClC,GAAGkE,0BAA0B;YAC7BlC,MAAMM,iBAAU,CAACe,QAAQ;YACzBc,YAAYC,uBAAgB,CAACC,OAAO;QACtC;QAEF,MAAM,IAAI,CAAC7H,EAAE,CAACuD,MAAM,CAAClB,8BAAW,EAAEmB,MAAM,CAAC;YAAEpD,QAAQqH;YAAWnF,SAASA;YAASmB,MAAMqD,qBAAe,CAACC,OAAO;QAAC;QAC9G,OAAOzE;IACT;IAEA,MAAMwF,YAAYxF,OAAe,EAAE6B,GAAsC,EAAE;QACzE,IAAI4D,OAAOC,IAAI,CAAC7D,KAAKvB,MAAM,EAAE;YAC3B,IAAI;gBACF,MAAM,IAAI,CAAC5C,EAAE,CAACqE,MAAM,CAAClD,oBAAM,EAAEgD,GAAG,CAACA,KAAK1E,KAAK,CAACE,IAAAA,cAAE,EAACwB,oBAAM,CAACT,EAAE,EAAE4B;gBAC1D,IAAI,CAACgC,MAAM,CAAC2D,GAAG,CAAC,GAAG,IAAI,CAACH,WAAW,CAAC5G,IAAI,CAAC,UAAU,EAAEoB,QAAQ,gBAAgB,EAAEkC,KAAKC,SAAS,CAACN,MAAM;YACtG,EAAE,OAAOQ,GAAG;gBACV,IAAI,CAACL,MAAM,CAACM,KAAK,CAAC,GAAG,IAAI,CAACkD,WAAW,CAAC5G,IAAI,CAAC,UAAU,EAAEoB,QAAQ,oBAAoB,EAAEkC,KAAKC,SAAS,CAACN,KAAK,GAAG,EAAEQ,GAAG;gBACjH,MAAM,IAAIpF,MAAM;YAClB;QACF;IACF;IAEA,MAAM2I,mBACJ5F,OAAe,EACf8C,OAGC,EACc;QACf,IAAIA,SAAS+C,KAAKvF,QAAQ;YACxB,IAAI;gBACF,MAAM,IAAI,CAAC5C,EAAE,CAACuD,MAAM,CAAClB,8BAAW,EAAEmB,MAAM,CAAC4B,QAAQ+C,GAAG,CAACvE,GAAG,CAAC,CAACwE,IAAO,CAAA;wBAAEhI,QAAQgI,EAAE1H,EAAE;wBAAE4B,SAASA;wBAASmB,MAAM2E,EAAE7B,SAAS;oBAAC,CAAA;gBACrH,cAAc;gBACd,IAAI,CAAC8B,oBAAoB,CAACjD,QAAQ+C,GAAG,CAACvE,GAAG,CAAC,CAACwE,IAAMA,EAAE1H,EAAE;gBACrD,IAAI,CAAC4D,MAAM,CAAC2D,GAAG,CAAC,GAAG,IAAI,CAACC,kBAAkB,CAAChH,IAAI,CAAC,SAAS,EAAEsD,KAAKC,SAAS,CAACW,QAAQ+C,GAAG,CAACvE,GAAG,CAAC,CAACwE,IAAMA,EAAE1H,EAAE,GAAG,qBAAqB,EAAE4B,QAAQ,CAAC,CAAC;YAC3I,EAAE,OAAOqC,GAAG;gBACV,IAAI,CAACL,MAAM,CAACM,KAAK,CACf,GAAG,IAAI,CAACsD,kBAAkB,CAAChH,IAAI,CAAC,SAAS,EAAEsD,KAAKC,SAAS,CAACW,QAAQ+C,GAAG,CAACvE,GAAG,CAAC,CAACwE,IAAMA,EAAE1H,EAAE,GAAG,yBAAyB,EAAE4B,QAAQ,IAAI,EAAEqC,GAAG;gBAEtI,MAAM,IAAIpF,MAAM;YAClB;QACF;QACA,IAAI6F,SAASkD,QAAQ1F,QAAQ;YAC3B,IAAI;gBACF,MAAM,IAAI,CAAC5C,EAAE,CACV8E,MAAM,CAACzC,8BAAW,EAClB5C,KAAK,CAACM,IAAAA,eAAG,EAACJ,IAAAA,cAAE,EAAC0C,8BAAW,CAACC,OAAO,EAAEA,UAAUxB,IAAAA,mBAAO,EAACuB,8BAAW,CAACjC,MAAM,EAAEgF,QAAQkD,MAAM,IACtFlH,KAAK,CAACgE,QAAQkD,MAAM,CAAC1F,MAAM;gBAC9B,cAAc;gBACd,IAAI,CAACyF,oBAAoB,CAACjD,QAAQkD,MAAM;gBACxC,IAAI,CAAChE,MAAM,CAAC2D,GAAG,CAAC,GAAG,IAAI,CAACC,kBAAkB,CAAChH,IAAI,CAAC,SAAS,EAAEsD,KAAKC,SAAS,CAACW,QAAQkD,MAAM,EAAE,yBAAyB,EAAEhG,QAAQ,CAAC,CAAC;YACjI,EAAE,OAAOqC,GAAG;gBACV,IAAI,CAACL,MAAM,CAACM,KAAK,CAAC,GAAG,IAAI,CAACsD,kBAAkB,CAAChH,IAAI,CAAC,SAAS,EAAEsD,KAAKC,SAAS,CAACW,QAAQkD,MAAM,EAAE,6BAA6B,EAAEhG,QAAQ,IAAI,EAAEqC,GAAG;gBAC5I,MAAM,IAAIpF,MAAM;YAClB;QACF;IACF;IAIA,MAAMgJ,WAAWrE,OAAsB,EAAEuD,SAAkB,EAAER,UAAU,KAAK,EAAoC;QAC9G,MAAMxH,QAAe;eAAKyE,UAAU;gBAACvE,IAAAA,cAAE,EAACqE,8BAAW,CAACE,OAAO,EAAEA;aAAS,GAAG,EAAE;eAAO+C,UAAU,EAAE,GAAG;gBAACtH,IAAAA,cAAE,EAACqE,8BAAW,CAAC5D,MAAM,EAAEqH;aAAW;SAAE;QACtI,MAAMe,qBAA0BpC,IAAAA,gBAAK,EAACpC,8BAAW,EAAE;QACnD,MAAMyE,gBAAqBrC,IAAAA,gBAAK,EAACxG,kBAAK,EAAE;QACxC,MAAM8I,SAAS,MAAM,IAAI,CAAC1I,EAAE,CACzBS,MAAM,CAAC;YACNC,IAAId,kBAAK,CAACc,EAAE;YACZrB,OAAOO,kBAAK,CAACP,KAAK;YAClBC,OAAOM,kBAAK,CAACN,KAAK;YAClBqJ,WAAW/I,kBAAK,CAAC+I,SAAS;YAC1BC,UAAUhJ,kBAAK,CAACgJ,QAAQ;YACxBjI,UAAUC,IAAAA,4BAAe,EAAChB,kBAAK;YAC/B6D,MAAM7D,kBAAK,CAAC6D,IAAI;YAChBoF,UAAUjJ,kBAAK,CAACiJ,QAAQ;YACxBC,kBAAkBlJ,kBAAK,CAACkJ,gBAAgB;YACxCC,UAAUnJ,kBAAK,CAACmJ,QAAQ;YACxBC,cAAcpJ,kBAAK,CAACoJ,YAAY;YAChCC,eAAerJ,kBAAK,CAACqJ,aAAa;YAClCC,YAAYtJ,kBAAK,CAACsJ,UAAU;YAC5BC,WAAWvJ,kBAAK,CAACuJ,SAAS;YAC1BC,QAAQxJ,kBAAK,CAACwJ,MAAM;YACpB/C,WAAWzG,kBAAK,CAACyG,SAAS;YAC1BtC,UAAUsD,IAAAA,mCAA4B,EAACoB,cAAc/H,EAAE,EAAE;gBACvDA,IAAI+H,cAAc/H,EAAE;gBACpBrB,OAAOoJ,cAAcpJ,KAAK;gBAC1B6B,MAAMN,IAAAA,4BAAe,EAAC6H;gBACtBjD,MAAM1D,eAAG,CAACsF,GAAG,CAAC,CAAC,CAAC,EAAE3B,mBAAW,CAAC9B,IAAI,CAAC,CAAC,CAAC;gBACrC4B,aAAakD,cAAcnJ,KAAK;gBAChC+G,WAAWiB,IAAAA,kBAAW,EAACkB,mBAAmBnC,SAAS;YACrD;QACF,GACCxF,IAAI,CAACmD,8BAAW,EAChBkC,SAAS,CAACtG,kBAAK,EAAEG,IAAAA,eAAG,EAACJ,IAAAA,cAAE,EAACC,kBAAK,CAACc,EAAE,EAAEsD,8BAAW,CAACE,OAAO,GAAGvE,IAAAA,cAAE,EAACC,kBAAK,CAAC6D,IAAI,EAAEC,eAAS,CAACI,KAAK,IACtF1B,QAAQ,CAACoG,oBAAoB7I,IAAAA,cAAE,EAAC6I,mBAAmBtE,OAAO,EAAEtE,kBAAK,CAACc,EAAE,GACpE0B,QAAQ,CAACqG,eAAe9I,IAAAA,cAAE,EAAC8I,cAAc/H,EAAE,EAAE8H,mBAAmBpI,MAAM,GACtEX,KAAK,CAACM,IAAAA,eAAG,KAAIN,QACb+C,OAAO,CAAC5C,kBAAK,CAACc,EAAE,EAChBU,KAAK,CAAC8C,UAAU,IAAIyB;QACvB,OAAOzB,UAAUwE,MAAM,CAAC,EAAE,GAAGA;IAC/B;IAEA,MAAMW,eAAe5B,SAAiB,EAAEvD,OAAe,EAAsD;QAC3G,MAAM,CAACoF,MAAM,GAAG,MAAM,IAAI,CAACtJ,EAAE,CAC1BS,MAAM,CAAC;YAAEC,IAAIsD,8BAAW,CAACE,OAAO;YAAE7E,OAAOO,kBAAK,CAACP,KAAK;QAAC,GACrDwB,IAAI,CAACmD,8BAAW,EAChBkC,SAAS,CAACtG,kBAAK,EAAED,IAAAA,cAAE,EAACC,kBAAK,CAACc,EAAE,EAAEsD,8BAAW,CAACE,OAAO,GACjDzE,KAAK,CAACM,IAAAA,eAAG,EAACJ,IAAAA,cAAE,EAACqE,8BAAW,CAAC5D,MAAM,EAAEqH,YAAY9H,IAAAA,cAAE,EAACqE,8BAAW,CAACE,OAAO,EAAEA,UAAUvE,IAAAA,cAAE,EAACC,kBAAK,CAAC6D,IAAI,EAAEC,eAAS,CAACI,KAAK,IAC7G1C,KAAK,CAAC;QACT,OAAOkI;IACT;IAEA,MACMC,eAAenJ,MAAc,EAAEoJ,uBAAkC9F,eAAS,CAACI,KAAK,EAAqB;QACzG;;;;;;IAMA,GACA,MAAMtD,UAAesB,IAAAA,eAAG,CAAA,CAAC;;aAEhB,EAAEX,oBAAM,CAACT,EAAE,CAAC;WACd,EAAES,oBAAM,CAAC;gBACJ,EAAEkB,8BAAW,CAAC;WACnB,EAAEA,8BAAW,CAACC,OAAO,CAAC,GAAG,EAAEnB,oBAAM,CAACT,EAAE,CAAC;WACrC,EAAE2B,8BAAW,CAACjC,MAAM,CAAC,GAAG,EAAEA,OAAO;;QAEpC,EAAEe,oBAAM,CAACwG,UAAU,CAAC,IAAI,EAAEC,uBAAgB,CAAC6B,QAAQ,CAAC;;UAElD,EAAEtI,oBAAM,CAACwG,UAAU,CAAC,GAAG,EAAEC,uBAAgB,CAAC8B,OAAO,CAAC;;YAEhD,EAAEvI,oBAAM,CAACwG,UAAU,CAAC,GAAG,EAAEC,uBAAgB,CAACC,OAAO,CAAC;gBAC9C,EAAExF,8BAAW,CAACjC,MAAM,CAAC;;;;;;;aAOxB,EAAER,kBAAK,CAACc,EAAE,CAAC;WACb,EAAEd,kBAAK,CAAC;iBACF,EAAEyC,8BAAW,CAAC;WACpB,EAAEA,8BAAW,CAACjC,MAAM,CAAC,GAAG,EAAER,kBAAK,CAACc,EAAE,CAAC;;+BAEf,EAAE2B,8BAAW,CAACC,OAAO,CAAC;YACzC,EAAE1C,kBAAK,CAAC6D,IAAI,CAAC,IAAI,EAAE3B,eAAG,CAACsF,GAAG,CAAC,GAAGoC,sBAAsB,EAAE;;;;;aAKrD,EAAE5J,kBAAK,CAACc,EAAE,CAAC;WACb,EAAEd,kBAAK,CAAC;;QAEX,EAAEA,kBAAK,CAAC6D,IAAI,CAAC,IAAI,EAAE3B,eAAG,CAACsF,GAAG,CAAC,GAAGoC,sBAAsB,EAAE;;;eAG/C,EAAEnH,8BAAW,CAAC;gBACb,EAAEA,8BAAW,CAACjC,MAAM,CAAC,GAAG,EAAER,kBAAK,CAACc,EAAE,CAAC;;;;;;;oBAO/B,EAAEsD,8BAAW,CAAC5D,MAAM,CAAC,GAAG,EAAEA,OAAO,MAAM,EAAE4D,8BAAW,CAACE,OAAO,CAAC;oBAC7D,EAAEF,8BAAW,CAACE,OAAO,CAAC,GAAG,EAAE9D,OAAO,MAAM,EAAE4D,8BAAW,CAAC5D,MAAM,CAAC;;WAEtE,EAAE4D,8BAAW,CAAC;YACb,EAAEA,8BAAW,CAAC5D,MAAM,CAAC,GAAG,EAAEA,OAAO;YACjC,EAAE4D,8BAAW,CAACE,OAAO,CAAC,GAAG,EAAE9D,OAAO;;EAE5C,CAAC;QACC,MAAM,CAACsC,EAAE,GAAG,MAAM,IAAI,CAAC1C,EAAE,CAAC2C,OAAO,CAACnC;QAClC,OAAOgE,KAAKmF,KAAK,CAACjH,CAAC,CAAC,EAAE,CAACkH,GAAG,KAAK,EAAE;IACnC;IAEA,MACMC,gBAAgBzJ,MAAc,EAAqB;QACvD;;;;;IAKA,GACA,MAAM0J,IAAI,IAAI,CAAC9J,EAAE,CACdS,MAAM,CAAC;YAAEC,IAAIoB,IAAAA,eAAG,CAAA,CAAC,cAAc,EAAEX,oBAAM,CAACT,EAAE,CAAC,QAAQ,CAAC;QAAC,GACrDG,IAAI,CAACM,oBAAM,EACXiB,QAAQ,CAACC,8BAAW,EAAEtC,IAAAA,eAAG,EAACJ,IAAAA,cAAE,EAAC0C,8BAAW,CAACC,OAAO,EAAEnB,oBAAM,CAACT,EAAE,GAAGf,IAAAA,cAAE,EAAC0C,8BAAW,CAACjC,MAAM,EAAEA,UACrFX,KAAK,CACJM,IAAAA,eAAG,EACDwC,IAAAA,cAAE,EAACpB,oBAAM,CAACwG,UAAU,EAAEC,uBAAgB,CAAC6B,QAAQ,GAC/C3J,IAAAA,cAAE,EAACH,IAAAA,cAAE,EAACwB,oBAAM,CAACwG,UAAU,EAAEC,uBAAgB,CAAC8B,OAAO,GAAG3J,IAAAA,eAAG,EAACJ,IAAAA,cAAE,EAACwB,oBAAM,CAACwG,UAAU,EAAEC,uBAAgB,CAACC,OAAO,GAAGkC,IAAAA,qBAAS,EAAC1H,8BAAW,CAACjC,MAAM;QAG3I,MAAM,CAACsC,EAAE,GAAG,MAAM,IAAI,CAAC1C,EAAE,CAAC2C,OAAO,CAACmH;QAClC,OAAOtF,KAAKmF,KAAK,CAACjH,CAAC,CAAC,EAAE,CAACkH,GAAG,KAAK,EAAE;IACnC;IAEAvB,qBAAqB7H,OAAuB,EAAE;QAC5C,IAAIA,YAAY,KAAK;YACnB,oBAAoB;YACpB,KAAK,MAAMwJ,WAAW;gBACpB,IAAI,CAACC,KAAK,CAACC,UAAU,CAAC,IAAI,CAAC,WAAW,CAAChJ,IAAI,EAAE,IAAI,CAACqI,cAAc,CAACrI,IAAI,EAAEV;gBACvE,IAAI,CAACyJ,KAAK,CAACC,UAAU,CAAC,IAAI,CAAC,WAAW,CAAChJ,IAAI,EAAE,IAAI,CAAC2I,eAAe,CAAC3I,IAAI,EAAEV;aACzE,CAAE;gBACD,IAAI,CAACyJ,KAAK,CACPjC,IAAI,CAACgC,SACLG,IAAI,CAAC,CAACnC;oBACL,IAAI,CAACA,KAAKpF,MAAM,EAAE;oBAClB,IAAI,CAAC0B,MAAM,CAACC,OAAO,CAAC,GAAG,IAAI,CAAC8D,oBAAoB,CAACnH,IAAI,CAAC,GAAG,EAAEsD,KAAKC,SAAS,CAACuD,OAAO;oBACjF,IAAI,CAACiC,KAAK,CAACG,IAAI,CAACpC,MAAMqC,KAAK,CAAC,CAAC1F,IAAa,IAAI,CAACL,MAAM,CAACM,KAAK,CAAC,GAAG,IAAI,CAACyD,oBAAoB,CAACnH,IAAI,CAAC,GAAG,EAAEyD,GAAG;gBACxG,GACC0F,KAAK,CAAC,CAAC1F,IAAa,IAAI,CAACL,MAAM,CAACM,KAAK,CAAC,GAAG,IAAI,CAACyD,oBAAoB,CAACnH,IAAI,CAAC,GAAG,EAAEyD,GAAG;YACrF;QACF,OAAO;YACL,IAAI,CAACsF,KAAK,CACPG,IAAI,CAAC;mBACD5J,QAAQoD,GAAG,CAAC,CAAClD,KAAe,IAAI,CAACuJ,KAAK,CAACC,UAAU,CAAC,IAAI,CAAC,WAAW,CAAChJ,IAAI,EAAE,IAAI,CAACqI,cAAc,CAACrI,IAAI,EAAER;mBACnGF,QAAQoD,GAAG,CAAC,CAAClD,KAAe,IAAI,CAACuJ,KAAK,CAACC,UAAU,CAAC,IAAI,CAAC,WAAW,CAAChJ,IAAI,EAAE,IAAI,CAAC2I,eAAe,CAAC3I,IAAI,EAAER;aACxG,EACA2J,KAAK,CAAC,CAAC1F,IAAa,IAAI,CAACL,MAAM,CAACM,KAAK,CAAC,GAAG,IAAI,CAACyD,oBAAoB,CAACnH,IAAI,CAAC,GAAG,EAAEyD,GAAG;QACrF;IACF;IAEA,MAAM2F,iCAAiCC,QAAkB,EAAqB;QAC5E,IAAI,CAACA,SAAS3H,MAAM,EAAE,OAAO,EAAE;QAC/B,MAAM4H,WAAgBpE,IAAAA,gBAAK,EAACjF,oBAAM,EAAE;QACpC,MAAMsJ,eAAoB3I,IAAAA,eAAG,CAAA,CAAC;;+BAEH,EAAEX,oBAAM,CAACT,EAAE,CAAC,EAAE,EAAES,oBAAM,CAACuJ,QAAQ,CAAC;6BAClC,EAAEvJ,oBAAM,CAAC;8BACR,EAAEL,IAAAA,mBAAO,EAACK,oBAAM,CAACT,EAAE,EAAE6J,UAAU;;+BAE9B,EAAEC,SAAS9J,EAAE,CAAC;+BACd,EAAE8J,SAASE,QAAQ,CAAC;6BACtB,EAAEvJ,oBAAM,CAAC;yDACmB,EAAEqJ,SAASE,QAAQ,CAAC;sBACvD,EAAErI,8BAAW,CAACjC,MAAM,CAAC;;wBAEnB,EAAEiC,8BAAW,CAAC,eAAe,EAAEA,8BAAW,CAACC,OAAO,CAAC;IACvE,CAAC;QACD,MAAM,CAACI,EAAE,GAA4B,MAAM,IAAI,CAAC1C,EAAE,CAAC2C,OAAO,CAAC8H;QAC3D,OAAO/H,EAAEE,MAAM,GAAGF,EAAEkB,GAAG,CAAC,CAAClB,IAAMA,EAAEtC,MAAM,IAAI,EAAE;IAC/C;IAEA,MAAcyF,aACZZ,gBAAkC,EAClC7E,MAAe,EACfgB,QAAQ,CAAC,EACuE;QAChF,qBAAqB,GACrB,MAAM3B,QAAe;YAACkL,IAAAA,gBAAI,EAACxJ,oBAAM,CAACD,IAAI,EAAE,CAAC,CAAC,EAAE+D,iBAAiB2F,MAAM,CAAC,CAAC,CAAC;SAAE;QACxE,IAAIxK,QAAQ;YACV,IAAIyK,eAAyB,MAAM,IAAI,CAAChB,eAAe,CAACzJ;YACxD,IAAI6E,iBAAiB6F,cAAc,EAAElI,QAAQ;gBAC3CiI,eAAeA,aAAaE,MAAM,CAAC,CAACrK,KAAOuE,iBAAiB6F,cAAc,CAACE,OAAO,CAACtK,QAAQ,CAAC;YAC9F;YACAjB,MAAMwL,OAAO,CAACnK,IAAAA,mBAAO,EAACK,oBAAM,CAACT,EAAE,EAAEmK;QACnC,OAAO,IAAI5F,iBAAiB6F,cAAc,EAAElI,QAAQ;YAClDnD,MAAMwL,OAAO,CAACC,IAAAA,sBAAU,EAAC/J,oBAAM,CAACT,EAAE,EAAEuE,iBAAiB6F,cAAc;QACrE;QACA,IAAI7F,iBAAiBkG,qBAAqB,EAAE;YAC1C1L,MAAMwL,OAAO,CAACtL,IAAAA,cAAE,EAACwB,oBAAM,CAACqE,IAAI,EAAEM,iBAAU,CAACnC,IAAI;QAC/C;QACA,OAAO,IAAI,CAAC3D,EAAE,CACXS,MAAM,CAAC;YAAEC,IAAIS,oBAAM,CAACT,EAAE;YAAEQ,MAAMC,oBAAM,CAACD,IAAI;YAAEqE,aAAapE,oBAAM,CAACoE,WAAW;YAAEC,MAAMrE,oBAAM,CAACqE,IAAI;YAAEtD,aAAaf,oBAAM,CAACe,WAAW;QAAC,GAC/HrB,IAAI,CAACM,oBAAM,EACX1B,KAAK,CAACM,IAAAA,eAAG,KAAIN,QACb2B,KAAK,CAACA;IACX;IAEA,MAAckE,YACZL,gBAAkC,EAClC7E,MAAe,EACfgB,QAAQ,CAAC,EACmF;QAC5F,oBAAoB,GACpB,MAAM3B,QAAe;YACnB8C,IAAAA,cAAE,EAAC3C,kBAAK,CAAC6D,IAAI,EAAEC,eAAS,CAACqB,IAAI;YAC7BjF,IAAAA,cAAE,EAAC6K,IAAAA,gBAAI,EAAC7I,IAAAA,eAAG,CAAA,CAAC,eAAe,EAAElC,kBAAK,CAACP,KAAK,CAAC,EAAE,EAAEO,kBAAK,CAACN,KAAK,CAAC,EAAE,EAAEM,kBAAK,CAAC+I,SAAS,CAAC,EAAE,EAAE/I,kBAAK,CAACgJ,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE3D,iBAAiB2F,MAAM,CAAC,CAAC,CAAC;SACnI;QACD,IAAIxK,QAAQ;YACV,IAAIyK,eAAyB,MAAM,IAAI,CAACtB,cAAc,CAACnJ;YACvD,IAAI6E,iBAAiBmG,aAAa,EAAExI,QAAQ;gBAC1CiI,eAAeA,aAAaE,MAAM,CAAC,CAACrK,KAAOuE,iBAAiBmG,aAAa,CAACJ,OAAO,CAACtK,QAAQ,CAAC;YAC7F;YACAjB,MAAMwL,OAAO,CAACnK,IAAAA,mBAAO,EAAClB,kBAAK,CAACc,EAAE,EAAEmK;QAClC,OAAO;YACL,IAAI5F,iBAAiBmG,aAAa,EAAExI,QAAQ;gBAC1CnD,MAAMwL,OAAO,CAACC,IAAAA,sBAAU,EAACtL,kBAAK,CAACc,EAAE,EAAEuE,iBAAiBmG,aAAa;YACnE;QACF;QACA,IAAI,OAAOnG,iBAAiBoG,SAAS,KAAK,aAAa;YACrD,IAAIpG,iBAAiBoG,SAAS,KAAK3H,eAAS,CAACC,IAAI,EAAE;gBACjD,oBAAoB;gBACpBlE,MAAMwL,OAAO,CAACK,IAAAA,eAAG,EAAC1L,kBAAK,CAAC6D,IAAI,EAAEwB,iBAAiBoG,SAAS;YAC1D,OAAO;gBACL5L,MAAMwL,OAAO,CAACtL,IAAAA,cAAE,EAACC,kBAAK,CAAC6D,IAAI,EAAEwB,iBAAiBoG,SAAS;YACzD;QACF;QACA,OAAO,IAAI,CAACrL,EAAE,CACXS,MAAM,CAAC;YACNC,IAAId,kBAAK,CAACc,EAAE;YACZrB,OAAOO,kBAAK,CAACP,KAAK;YAClBC,OAAOM,kBAAK,CAACN,KAAK;YAClBqB,UAAUC,IAAAA,4BAAe,EAAChB,kBAAK;YAC/B6D,MAAM7D,kBAAK,CAAC6D,IAAI;YAChBvB,aAAatC,kBAAK,CAACsC,WAAW;QAChC,GACCrB,IAAI,CAACjB,kBAAK,EACVH,KAAK,CAACM,IAAAA,eAAG,KAAIN,QACb2B,KAAK,CAACA;IACX;IA1mBA,YACE,AAA4CpB,EAAY,EACxD,AAAiBiK,KAAY,CAC7B;aAF4CjK,KAAAA;aAC3BiK,QAAAA;aANF3F,SAAS,IAAIiH,cAAM,CAACpM,aAAa+B,IAAI;aAC9CW,mCAA6D;aAC7DD,yBAAmD;IAKxD;AAwmBL"}

package/server/applications/users/users.module.js

@@ -48,8 +48,9 @@ UsersModule = _ts_decorate([
         ],
         exports: [
             _usersmanagerservice.UsersManager,
+            _usersqueriesservice.UsersQueries,
             _adminusersmanagerservice.AdminUsersManager,
-            _usersqueriesservice.UsersQueries
+            _adminusersqueriesservice.AdminUsersQueries
         ]
     })
 ], UsersModule);

package/server/applications/users/users.module.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../backend/src/applications/users/users.module.ts"],"sourcesContent":["/*\n * Copyright (C) 2012-2025 Johan Legrand <johan.legrand@sync-in.com>\n * This file is part of Sync-in | The open source file sync and share solution\n * See the LICENSE file for licensing details\n */\n\nimport { Global, Module } from '@nestjs/common'\nimport { AdminUsersController } from './admin-users.controller'\nimport { UserPermissionsGuard } from './guards/permissions.guard'\nimport { UserRolesGuard } from './guards/roles.guard'\nimport { AdminUsersManager } from './services/admin-users-manager.service'\nimport { AdminUsersQueries } from './services/admin-users-queries.service'\nimport { UsersManager } from './services/users-manager.service'\nimport { UsersQueries } from './services/users-queries.service'\nimport { UsersController } from './users.controller'\nimport { WebSocketUsers } from './users.gateway'\n\n@Global()\n@Module({\n  controllers: [UsersController, AdminUsersController],\n  providers: [WebSocketUsers, UserRolesGuard, UserPermissionsGuard, UsersManager, UsersQueries, AdminUsersManager, AdminUsersQueries],\n  exports: [UsersManager, AdminUsersManager, UsersQueries]\n})\nexport class UsersModule {}\n"],"names":["UsersModule","controllers","UsersController","AdminUsersController","providers","WebSocketUsers","UserRolesGuard","UserPermissionsGuard","UsersManager","UsersQueries","AdminUsersManager","AdminUsersQueries","exports"],"mappings":"AAAA;;;;CAIC;;;;+BAmBYA;;;eAAAA;;;wBAjBkB;sCACM;kCACA;4BACN;0CACG;0CACA;qCACL;qCACA;iCACG;8BACD;;;;;;;AAQxB,IAAA,AAAMA,cAAN,MAAMA;AAAa;;;;QAJxBC,aAAa;YAACC,gCAAe;YAAEC,0CAAoB;SAAC;QACpDC,WAAW;YAACC,4BAAc;YAAEC,0BAAc;YAAEC,sCAAoB;YAAEC,iCAAY;YAAEC,iCAAY;YAAEC,2CAAiB;YAAEC,2CAAiB;SAAC;QACnIC,SAAS;YAACJ,iCAAY;YAAEE,2CAAiB;YAAED,iCAAY;SAAC"}
+{"version":3,"sources":["../../../../backend/src/applications/users/users.module.ts"],"sourcesContent":["/*\n * Copyright (C) 2012-2025 Johan Legrand <johan.legrand@sync-in.com>\n * This file is part of Sync-in | The open source file sync and share solution\n * See the LICENSE file for licensing details\n */\n\nimport { Global, Module } from '@nestjs/common'\nimport { AdminUsersController } from './admin-users.controller'\nimport { UserPermissionsGuard } from './guards/permissions.guard'\nimport { UserRolesGuard } from './guards/roles.guard'\nimport { AdminUsersManager } from './services/admin-users-manager.service'\nimport { AdminUsersQueries } from './services/admin-users-queries.service'\nimport { UsersManager } from './services/users-manager.service'\nimport { UsersQueries } from './services/users-queries.service'\nimport { UsersController } from './users.controller'\nimport { WebSocketUsers } from './users.gateway'\n\n@Global()\n@Module({\n  controllers: [UsersController, AdminUsersController],\n  providers: [WebSocketUsers, UserRolesGuard, UserPermissionsGuard, UsersManager, UsersQueries, AdminUsersManager, AdminUsersQueries],\n  exports: [UsersManager, UsersQueries, AdminUsersManager, AdminUsersQueries]\n})\nexport class UsersModule {}\n"],"names":["UsersModule","controllers","UsersController","AdminUsersController","providers","WebSocketUsers","UserRolesGuard","UserPermissionsGuard","UsersManager","UsersQueries","AdminUsersManager","AdminUsersQueries","exports"],"mappings":"AAAA;;;;CAIC;;;;+BAmBYA;;;eAAAA;;;wBAjBkB;sCACM;kCACA;4BACN;0CACG;0CACA;qCACL;qCACA;iCACG;8BACD;;;;;;;AAQxB,IAAA,AAAMA,cAAN,MAAMA;AAAa;;;;QAJxBC,aAAa;YAACC,gCAAe;YAAEC,0CAAoB;SAAC;QACpDC,WAAW;YAACC,4BAAc;YAAEC,0BAAc;YAAEC,sCAAoB;YAAEC,iCAAY;YAAEC,iCAAY;YAAEC,2CAAiB;YAAEC,2CAAiB;SAAC;QACnIC,SAAS;YAACJ,iCAAY;YAAEC,iCAAY;YAAEC,2CAAiB;YAAEC,2CAAiB;SAAC"}

package/server/applications/webdav/guards/webdav-protocol.guard.js

@@ -16,7 +16,7 @@ const _common = require("@nestjs/common");
 const _functions = require("../../../common/functions");
 const _shared = require("../../../common/shared");
 const _applicationsconstants = require("../../applications.constants");
-const _fileslockmanagerservice = require("../../files/services/files-lock-manager.service");
+const _cache = require("../../files/constants/cache");
 const _user = require("../../users/constants/user");
 const _webdav = require("../constants/webdav");
 const _ifheader = require("../utils/if-header");
@@ -157,15 +157,15 @@ let WebDAVProtocolGuard = class WebDAVProtocolGuard {
             // timeout: 'Infinite, Second-4100000000' | 'Second-4100000000' | 'Infinite'
             const timeout = req.headers[_webdav.HEADER.TIMEOUT];
             if (timeout.toLowerCase() === 'infinite') {
-                req.dav.lock.timeout = _fileslockmanagerservice.FilesLockManager.defaultLockTimeoutSeconds;
+                req.dav.lock.timeout = _cache.CACHE_LOCK_DEFAULT_TTL;
             } else {
                 try {
                     const timeoutSplit = timeout.split('-');
                     const seconds = parseInt(timeoutSplit[timeoutSplit.length - 1], 10);
-                    req.dav.lock.timeout = seconds > _fileslockmanagerservice.FilesLockManager.defaultLockTimeoutSeconds ? _fileslockmanagerservice.FilesLockManager.defaultLockTimeoutSeconds : seconds;
+                    req.dav.lock.timeout = seconds > _cache.CACHE_LOCK_DEFAULT_TTL ? _cache.CACHE_LOCK_DEFAULT_TTL : seconds;
                 } catch (e) {
                     this.logger.warn(`${this.lockMethod.name} - unable to set timeout, use the default value : ${e}`);
-                    req.dav.lock.timeout = _fileslockmanagerservice.FilesLockManager.defaultLockTimeoutSeconds;
+                    req.dav.lock.timeout = _cache.CACHE_LOCK_DEFAULT_TTL;
                 }
             }
         }

package/server/applications/webdav/guards/webdav-protocol.guard.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../../../../backend/src/applications/webdav/guards/webdav-protocol.guard.ts"],"sourcesContent":["/*\n * Copyright (C) 2012-2025 Johan Legrand <johan.legrand@sync-in.com>\n * This file is part of Sync-in | The open source file sync and share solution\n * See the LICENSE file for licensing details\n */\n\nimport { CanActivate, ExecutionContext, HttpException, HttpStatus, Injectable, Logger } from '@nestjs/common'\nimport { ValidationError } from 'fast-xml-parser'\nimport { FastifyReply } from 'fastify'\nimport { urlToPath } from '../../../common/functions'\nimport { decodeUrl } from '../../../common/shared'\nimport { HTTP_METHOD } from '../../applications.constants'\nimport { FilesLockManager } from '../../files/services/files-lock-manager.service'\nimport { USER_PERMISSION } from '../../users/constants/user'\nimport {\n  ALLOW_EMPTY_BODY_METHODS,\n  DEPTH,\n  HEADER,\n  LOCK_SCOPE,\n  OPTIONS_HEADERS,\n  PROPPATCH_PROP_UPDATE,\n  PROPSTAT,\n  REGEX_BASE_PATH\n} from '../constants/webdav'\nimport { IfHeader } from '../interfaces/if-header.interface'\nimport { FastifyDAVRequest, WebDAVContext } from '../interfaces/webdav.interface'\nimport { parseIfHeader } from '../utils/if-header'\nimport { PROPFIND_ALL_PROP } from '../utils/webdav'\nimport { xmlIsValid, xmlParse } from '../utils/xml'\n\n@Injectable()\nexport class WebDAVProtocolGuard implements CanActivate {\n  private readonly logger = new Logger(WebDAVProtocolGuard.name)\n\n  async canActivate(ctx: ExecutionContext): Promise<boolean> {\n    const req: FastifyDAVRequest = ctx.switchToHttp().getRequest()\n    const res: FastifyReply = ctx.switchToHttp().getResponse()\n    this.checkUserPermission(req)\n    this.setDAVContext(req)\n    switch (req.method) {\n      case HTTP_METHOD.OPTIONS:\n        // hook to stop propagation and return headers on all webdav routes\n        res.headers(OPTIONS_HEADERS)\n        throw new HttpException(null, HttpStatus.OK)\n      case HTTP_METHOD.PROPFIND:\n        return this.propfindMethod(req)\n      case HTTP_METHOD.LOCK:\n        return this.lockMethod(req)\n      case HTTP_METHOD.UNLOCK:\n        return this.unlockMethod(req)\n      case HTTP_METHOD.PUT:\n        return this.putMethod(req)\n      case HTTP_METHOD.DELETE:\n        return this.deleteMethod(req)\n      case HTTP_METHOD.PROPPATCH:\n        return this.proppatchMethod(req)\n      case HTTP_METHOD.MKCOL:\n        return this.mkcolMethod(req)\n      case HTTP_METHOD.COPY:\n        return this.copyMoveMethod(req)\n      case HTTP_METHOD.MOVE:\n        return this.copyMoveMethod(req, true)\n      default:\n        return true\n    }\n  }\n\n  private checkUserPermission(req: FastifyDAVRequest) {\n    if (req.method !== HTTP_METHOD.OPTIONS && !req.user.havePermission(USER_PERMISSION.WEBDAV)) {\n      this.logger.warn(`does not have permission : ${USER_PERMISSION.WEBDAV}`)\n      throw new HttpException('Missing permission', HttpStatus.FORBIDDEN)\n    }\n  }\n\n  private setDAVContext(req: FastifyDAVRequest) {\n    req.dav = {\n      url: decodeUrl(req.originalUrl),\n      depth: DEPTH.RESOURCE\n    } as WebDAVContext\n  }\n\n  private parseBody(req: FastifyDAVRequest) {\n    let body = null\n    let valid: true | ValidationError\n    try {\n      valid = xmlIsValid(req.body.toString())\n    } catch (e) {\n      valid = { err: { code: e.code, msg: `Invalid body content: ${e.message}`, line: 0, col: 0 } }\n    }\n    if (valid === true) {\n      body = xmlParse(req.body)\n    } else if (valid.err.code === undefined && ALLOW_EMPTY_BODY_METHODS.indexOf(req.method) > -1) {\n      body = null\n    } else {\n      throw new HttpException(`${valid.err.code} : ${valid.err.msg}`, HttpStatus.BAD_REQUEST)\n    }\n    req.dav.httpVersion = `${req.protocol.toUpperCase()}/${req.raw['httpVersion']}`\n    req.dav.body = body\n    return true\n  }\n\n  private parseIfHeader(req: FastifyDAVRequest) {\n    // stores if headers, examine it later\n    if (req.headers[HEADER.IF]) {\n      this.logger.verbose(`If header before : ${JSON.stringify(req.headers[HEADER.IF])}`)\n      const ifHeaders: IfHeader[] = parseIfHeader(req.headers[HEADER.IF] as string)\n      this.logger.verbose(`If header after : ${JSON.stringify(ifHeaders)}`)\n      if (ifHeaders.length) req.dav.ifHeaders = ifHeaders\n    }\n  }\n\n  private propfindMethod(req: FastifyDAVRequest) {\n    req.dav.depth = (req.headers[HEADER.DEPTH] as string | undefined)?.toLowerCase()\n    if (!req.dav.depth || (req.dav.depth !== DEPTH.MEMBERS && req.dav.depth !== DEPTH.RESOURCE)) {\n      if (!req.dav.depth) {\n        this.logger.warn('Missing propfind depth, default value 1 was set')\n      } else if (req.dav.depth === DEPTH.INFINITY) {\n        this.logger.warn('Infinite depth is disabled for security reasons, default value 1 was set')\n      } else {\n        this.logger.warn(`Invalid propfind depth header : ${req.dav.depth}, default value 1 was set`)\n      }\n      req.dav.depth = DEPTH.MEMBERS\n    }\n    if (this.parseBody(req)) {\n      if (req.dav.body) {\n        for (const propType in req.dav.body.propfind) {\n          if (Object.values(PROPSTAT).indexOf(propType as PROPSTAT) > -1) {\n            req.dav.propfindMode = propType as PROPSTAT\n            break\n          }\n        }\n        if (!req.dav.propfindMode) {\n          this.logger.warn(`Invalid propfind mode : ${JSON.stringify(Object.keys(req.dav.body.propfind))}`)\n          throw new HttpException('Invalid propfind mode', HttpStatus.BAD_REQUEST)\n        }\n      } else {\n        // propfind request allow empty body\n        req.dav.body = PROPFIND_ALL_PROP\n        req.dav.propfindMode = PROPSTAT.ALLPROP\n      }\n    }\n    this.parseIfHeader(req)\n    return true\n  }\n\n  private proppatchMethod(req: FastifyDAVRequest) {\n    req.dav.depth = ((req.headers[HEADER.DEPTH] as any) || DEPTH.RESOURCE).toLowerCase()\n    this.parseBody(req)\n    if (!req.dav.body || Object.keys(req.dav.body).indexOf(PROPPATCH_PROP_UPDATE) === -1) {\n      this.logger.debug(`'${PROPPATCH_PROP_UPDATE}' is missing : ${JSON.stringify(req.dav.body)}`)\n      throw new HttpException(`'${PROPPATCH_PROP_UPDATE}' is missing`, HttpStatus.BAD_REQUEST)\n    }\n    this.parseIfHeader(req)\n    return true\n  }\n\n  private lockMethod(req: FastifyDAVRequest) {\n    req.dav.lock = {}\n    if (req.headers[HEADER.TIMEOUT]) {\n      // timeout: 'Infinite, Second-4100000000' | 'Second-4100000000' | 'Infinite'\n      const timeout = req.headers[HEADER.TIMEOUT] as string\n      if (timeout.toLowerCase() === 'infinite') {\n        req.dav.lock.timeout = FilesLockManager.defaultLockTimeoutSeconds\n      } else {\n        try {\n          const timeoutSplit = timeout.split('-')\n          const seconds = parseInt(timeoutSplit[timeoutSplit.length - 1], 10)\n          req.dav.lock.timeout = seconds > FilesLockManager.defaultLockTimeoutSeconds ? FilesLockManager.defaultLockTimeoutSeconds : seconds\n        } catch (e) {\n          this.logger.warn(`${this.lockMethod.name} - unable to set timeout, use the default value : ${e}`)\n          req.dav.lock.timeout = FilesLockManager.defaultLockTimeoutSeconds\n        }\n      }\n    }\n    this.parseBody(req)\n    if (req.dav.body) {\n      if (!req.dav.body['lockinfo']) {\n        this.logger.warn(`Missing lockinfo : ${JSON.stringify(req.dav.body)}`)\n        throw new HttpException('Missing lockinfo', HttpStatus.BAD_REQUEST)\n      }\n      try {\n        req.dav.lock.lockscope = Object.keys(req.dav.body['lockinfo']['lockscope'])[0] as LOCK_SCOPE\n      } catch (e) {\n        this.logger.warn(`${this.parseBody.name} - invalid or undefined lockscope : ${JSON.stringify(req.dav.body['lockinfo'])} : ${e}`)\n        throw new HttpException('Invalid or undefined lockscope', HttpStatus.BAD_REQUEST)\n      }\n      if (Object.values(LOCK_SCOPE).indexOf(req.dav.lock.lockscope) === -1) {\n        this.logger.warn(`${this.parseBody.name} - invalid or undefined lockscope : ${JSON.stringify(req.dav.body['lockinfo'])}`)\n        throw new HttpException('Invalid or undefined lockscope', HttpStatus.BAD_REQUEST)\n      }\n      if (req.dav.body['lockinfo']['owner'] && typeof req.dav.body['lockinfo']['owner'] === 'string') {\n        req.dav.lock.owner = `${req.dav.body['lockinfo']['owner']} ${req.user.fullName} (${req.user.email})`\n      } else {\n        req.dav.lock.owner = `WebDAV - ${req.user.fullName} (${req.user.email})`\n      }\n      const depth: DEPTH = ((req.headers[HEADER.DEPTH] as any) || '').toLowerCase()\n      req.dav.depth = [DEPTH.INFINITY, DEPTH.RESOURCE].indexOf(depth) === -1 ? DEPTH.INFINITY : depth\n    } else {\n      // must ignore depth header on lock refresh request\n      req.dav.depth = null\n    }\n    this.parseIfHeader(req)\n    return true\n  }\n\n  private unlockMethod(req: FastifyDAVRequest) {\n    if (!req.headers[HEADER.LOCK_TOKEN]) {\n      throw new HttpException('Missing lock token', HttpStatus.BAD_REQUEST)\n    }\n    req.dav.lock = { token: (req.headers[HEADER.LOCK_TOKEN] as string).replace('<', '').replace('>', '').trim() }\n    this.parseIfHeader(req)\n    return true\n  }\n\n  private putMethod(req: FastifyDAVRequest) {\n    req.dav.depth = DEPTH.RESOURCE\n    this.parseIfHeader(req)\n    return true\n  }\n\n  private deleteMethod(req: FastifyDAVRequest) {\n    this.parseIfHeader(req)\n    return true\n  }\n\n  private mkcolMethod(req: FastifyDAVRequest) {\n    if (req.headers['content-length'] && req.headers['content-length'] !== '0') {\n      throw new HttpException('no body content required', HttpStatus.UNSUPPORTED_MEDIA_TYPE)\n    }\n    req.dav.depth = DEPTH.RESOURCE\n    this.parseIfHeader(req)\n    return true\n  }\n\n  private copyMoveMethod(req: FastifyDAVRequest, isMove = false) {\n    if (!req.headers[HEADER.DESTINATION]) {\n      throw new HttpException(`Missing ${HEADER.DESTINATION} header`, HttpStatus.BAD_REQUEST)\n    }\n    const destination = decodeUrl(urlToPath(req.headers[HEADER.DESTINATION] as string))\n    if (!REGEX_BASE_PATH.test(destination)) {\n      this.logger.warn(`The destination does not match the webdav base path : ${destination}`)\n      throw new HttpException('The destination does not match', HttpStatus.BAD_REQUEST)\n    }\n    req.dav.depth = ((req.headers[HEADER.DEPTH] as any) || DEPTH.INFINITY).toLowerCase()\n    req.dav.copyMove = {\n      overwrite: ((req.headers[HEADER.OVERWRITE] as any) || 't').toLowerCase() === 't',\n      destination: destination,\n      isMove: isMove\n    }\n    this.parseIfHeader(req)\n    return true\n  }\n}\n"],"names":["WebDAVProtocolGuard","canActivate","ctx","req","switchToHttp","getRequest","res","getResponse","checkUserPermission","setDAVContext","method","HTTP_METHOD","OPTIONS","headers","OPTIONS_HEADERS","HttpException","HttpStatus","OK","PROPFIND","propfindMethod","LOCK","lockMethod","UNLOCK","unlockMethod","PUT","putMethod","DELETE","deleteMethod","PROPPATCH","proppatchMethod","MKCOL","mkcolMethod","COPY","copyMoveMethod","MOVE","user","havePermission","USER_PERMISSION","WEBDAV","logger","warn","FORBIDDEN","dav","url","decodeUrl","originalUrl","depth","DEPTH","RESOURCE","parseBody","body","valid","xmlIsValid","toString","e","err","code","msg","message","line","col","xmlParse","undefined","ALLOW_EMPTY_BODY_METHODS","indexOf","BAD_REQUEST","httpVersion","protocol","toUpperCase","raw","parseIfHeader","HEADER","IF","verbose","JSON","stringify","ifHeaders","length","toLowerCase","MEMBERS","INFINITY","propType","propfind","Object","values","PROPSTAT","propfindMode","keys","PROPFIND_ALL_PROP","ALLPROP","PROPPATCH_PROP_UPDATE","debug","lock","TIMEOUT","timeout","FilesLockManager","defaultLockTimeoutSeconds","timeoutSplit","split","seconds","parseInt","name","lockscope","LOCK_SCOPE","owner","fullName","email","LOCK_TOKEN","token","replace","trim","UNSUPPORTED_MEDIA_TYPE","isMove","DESTINATION","destination","urlToPath","REGEX_BASE_PATH","test","copyMove","overwrite","OVERWRITE","Logger"],"mappings":"AAAA;;;;CAIC;;;;+BA2BYA;;;eAAAA;;;wBAzBgF;2BAGnE;wBACA;uCACE;yCACK;sBACD;wBAUzB;0BAGuB;yBACI;qBACG;;;;;;;AAG9B,IAAA,AAAMA,sBAAN,MAAMA;IAGX,MAAMC,YAAYC,GAAqB,EAAoB;QACzD,MAAMC,MAAyBD,IAAIE,YAAY,GAAGC,UAAU;QAC5D,MAAMC,MAAoBJ,IAAIE,YAAY,GAAGG,WAAW;QACxD,IAAI,CAACC,mBAAmB,CAACL;QACzB,IAAI,CAACM,aAAa,CAACN;QACnB,OAAQA,IAAIO,MAAM;YAChB,KAAKC,kCAAW,CAACC,OAAO;gBACtB,mEAAmE;gBACnEN,IAAIO,OAAO,CAACC,uBAAe;gBAC3B,MAAM,IAAIC,qBAAa,CAAC,MAAMC,kBAAU,CAACC,EAAE;YAC7C,KAAKN,kCAAW,CAACO,QAAQ;gBACvB,OAAO,IAAI,CAACC,cAAc,CAAChB;YAC7B,KAAKQ,kCAAW,CAACS,IAAI;gBACnB,OAAO,IAAI,CAACC,UAAU,CAAClB;YACzB,KAAKQ,kCAAW,CAACW,MAAM;gBACrB,OAAO,IAAI,CAACC,YAAY,CAACpB;YAC3B,KAAKQ,kCAAW,CAACa,GAAG;gBAClB,OAAO,IAAI,CAACC,SAAS,CAACtB;YACxB,KAAKQ,kCAAW,CAACe,MAAM;gBACrB,OAAO,IAAI,CAACC,YAAY,CAACxB;YAC3B,KAAKQ,kCAAW,CAACiB,SAAS;gBACxB,OAAO,IAAI,CAACC,eAAe,CAAC1B;YAC9B,KAAKQ,kCAAW,CAACmB,KAAK;gBACpB,OAAO,IAAI,CAACC,WAAW,CAAC5B;YAC1B,KAAKQ,kCAAW,CAACqB,IAAI;gBACnB,OAAO,IAAI,CAACC,cAAc,CAAC9B;YAC7B,KAAKQ,kCAAW,CAACuB,IAAI;gBACnB,OAAO,IAAI,CAACD,cAAc,CAAC9B,KAAK;YAClC;gBACE,OAAO;QACX;IACF;IAEQK,oBAAoBL,GAAsB,EAAE;QAClD,IAAIA,IAAIO,MAAM,KAAKC,kCAAW,CAACC,OAAO,IAAI,CAACT,IAAIgC,IAAI,CAACC,cAAc,CAACC,qBAAe,CAACC,MAAM,GAAG;YAC1F,IAAI,CAACC,MAAM,CAACC,IAAI,CAAC,CAAC,2BAA2B,EAAEH,qBAAe,CAACC,MAAM,EAAE;YACvE,MAAM,IAAIvB,qBAAa,CAAC,sBAAsBC,kBAAU,CAACyB,SAAS;QACpE;IACF;IAEQhC,cAAcN,GAAsB,EAAE;QAC5CA,IAAIuC,GAAG,GAAG;YACRC,KAAKC,IAAAA,iBAAS,EAACzC,IAAI0C,WAAW;YAC9BC,OAAOC,aAAK,CAACC,QAAQ;QACvB;IACF;IAEQC,UAAU9C,GAAsB,EAAE;QACxC,IAAI+C,OAAO;QACX,IAAIC;QACJ,IAAI;YACFA,QAAQC,IAAAA,eAAU,EAACjD,IAAI+C,IAAI,CAACG,QAAQ;QACtC,EAAE,OAAOC,GAAG;YACVH,QAAQ;gBAAEI,KAAK;oBAAEC,MAAMF,EAAEE,IAAI;oBAAEC,KAAK,CAAC,sBAAsB,EAAEH,EAAEI,OAAO,EAAE;oBAAEC,MAAM;oBAAGC,KAAK;gBAAE;YAAE;QAC9F;QACA,IAAIT,UAAU,MAAM;YAClBD,OAAOW,IAAAA,aAAQ,EAAC1D,IAAI+C,IAAI;QAC1B,OAAO,IAAIC,MAAMI,GAAG,CAACC,IAAI,KAAKM,aAAaC,gCAAwB,CAACC,OAAO,CAAC7D,IAAIO,MAAM,IAAI,CAAC,GAAG;YAC5FwC,OAAO;QACT,OAAO;YACL,MAAM,IAAInC,qBAAa,CAAC,GAAGoC,MAAMI,GAAG,CAACC,IAAI,CAAC,GAAG,EAAEL,MAAMI,GAAG,CAACE,GAAG,EAAE,EAAEzC,kBAAU,CAACiD,WAAW;QACxF;QACA9D,IAAIuC,GAAG,CAACwB,WAAW,GAAG,GAAG/D,IAAIgE,QAAQ,CAACC,WAAW,GAAG,CAAC,EAAEjE,IAAIkE,GAAG,CAAC,cAAc,EAAE;QAC/ElE,IAAIuC,GAAG,CAACQ,IAAI,GAAGA;QACf,OAAO;IACT;IAEQoB,cAAcnE,GAAsB,EAAE;QAC5C,sCAAsC;QACtC,IAAIA,IAAIU,OAAO,CAAC0D,cAAM,CAACC,EAAE,CAAC,EAAE;YAC1B,IAAI,CAACjC,MAAM,CAACkC,OAAO,CAAC,CAAC,mBAAmB,EAAEC,KAAKC,SAAS,CAACxE,IAAIU,OAAO,CAAC0D,cAAM,CAACC,EAAE,CAAC,GAAG;YAClF,MAAMI,YAAwBN,IAAAA,uBAAa,EAACnE,IAAIU,OAAO,CAAC0D,cAAM,CAACC,EAAE,CAAC;YAClE,IAAI,CAACjC,MAAM,CAACkC,OAAO,CAAC,CAAC,kBAAkB,EAAEC,KAAKC,SAAS,CAACC,YAAY;YACpE,IAAIA,UAAUC,MAAM,EAAE1E,IAAIuC,GAAG,CAACkC,SAAS,GAAGA;QAC5C;IACF;IAEQzD,eAAehB,GAAsB,EAAE;QAC7CA,IAAIuC,GAAG,CAACI,KAAK,GAAI3C,IAAIU,OAAO,CAAC0D,cAAM,CAACxB,KAAK,CAAC,EAAyB+B;QACnE,IAAI,CAAC3E,IAAIuC,GAAG,CAACI,KAAK,IAAK3C,IAAIuC,GAAG,CAACI,KAAK,KAAKC,aAAK,CAACgC,OAAO,IAAI5E,IAAIuC,GAAG,CAACI,KAAK,KAAKC,aAAK,CAACC,QAAQ,EAAG;YAC3F,IAAI,CAAC7C,IAAIuC,GAAG,CAACI,KAAK,EAAE;gBAClB,IAAI,CAACP,MAAM,CAACC,IAAI,CAAC;YACnB,OAAO,IAAIrC,IAAIuC,GAAG,CAACI,KAAK,KAAKC,aAAK,CAACiC,QAAQ,EAAE;gBAC3C,IAAI,CAACzC,MAAM,CAACC,IAAI,CAAC;YACnB,OAAO;gBACL,IAAI,CAACD,MAAM,CAACC,IAAI,CAAC,CAAC,gCAAgC,EAAErC,IAAIuC,GAAG,CAACI,KAAK,CAAC,yBAAyB,CAAC;YAC9F;YACA3C,IAAIuC,GAAG,CAACI,KAAK,GAAGC,aAAK,CAACgC,OAAO;QAC/B;QACA,IAAI,IAAI,CAAC9B,SAAS,CAAC9C,MAAM;YACvB,IAAIA,IAAIuC,GAAG,CAACQ,IAAI,EAAE;gBAChB,IAAK,MAAM+B,YAAY9E,IAAIuC,GAAG,CAACQ,IAAI,CAACgC,QAAQ,CAAE;oBAC5C,IAAIC,OAAOC,MAAM,CAACC,gBAAQ,EAAErB,OAAO,CAACiB,YAAwB,CAAC,GAAG;wBAC9D9E,IAAIuC,GAAG,CAAC4C,YAAY,GAAGL;wBACvB;oBACF;gBACF;gBACA,IAAI,CAAC9E,IAAIuC,GAAG,CAAC4C,YAAY,EAAE;oBACzB,IAAI,CAAC/C,MAAM,CAACC,IAAI,CAAC,CAAC,wBAAwB,EAAEkC,KAAKC,SAAS,CAACQ,OAAOI,IAAI,CAACpF,IAAIuC,GAAG,CAACQ,IAAI,CAACgC,QAAQ,IAAI;oBAChG,MAAM,IAAInE,qBAAa,CAAC,yBAAyBC,kBAAU,CAACiD,WAAW;gBACzE;YACF,OAAO;gBACL,oCAAoC;gBACpC9D,IAAIuC,GAAG,CAACQ,IAAI,GAAGsC,0BAAiB;gBAChCrF,IAAIuC,GAAG,CAAC4C,YAAY,GAAGD,gBAAQ,CAACI,OAAO;YACzC;QACF;QACA,IAAI,CAACnB,aAAa,CAACnE;QACnB,OAAO;IACT;IAEQ0B,gBAAgB1B,GAAsB,EAAE;QAC9CA,IAAIuC,GAAG,CAACI,KAAK,GAAG,AAAC,CAAA,AAAC3C,IAAIU,OAAO,CAAC0D,cAAM,CAACxB,KAAK,CAAC,IAAYA,aAAK,CAACC,QAAQ,AAAD,EAAG8B,WAAW;QAClF,IAAI,CAAC7B,SAAS,CAAC9C;QACf,IAAI,CAACA,IAAIuC,GAAG,CAACQ,IAAI,IAAIiC,OAAOI,IAAI,CAACpF,IAAIuC,GAAG,CAACQ,IAAI,EAAEc,OAAO,CAAC0B,6BAAqB,MAAM,CAAC,GAAG;YACpF,IAAI,CAACnD,MAAM,CAACoD,KAAK,CAAC,CAAC,CAAC,EAAED,6BAAqB,CAAC,eAAe,EAAEhB,KAAKC,SAAS,CAACxE,IAAIuC,GAAG,CAACQ,IAAI,GAAG;YAC3F,MAAM,IAAInC,qBAAa,CAAC,CAAC,CAAC,EAAE2E,6BAAqB,CAAC,YAAY,CAAC,EAAE1E,kBAAU,CAACiD,WAAW;QACzF;QACA,IAAI,CAACK,aAAa,CAACnE;QACnB,OAAO;IACT;IAEQkB,WAAWlB,GAAsB,EAAE;QACzCA,IAAIuC,GAAG,CAACkD,IAAI,GAAG,CAAC;QAChB,IAAIzF,IAAIU,OAAO,CAAC0D,cAAM,CAACsB,OAAO,CAAC,EAAE;YAC/B,4EAA4E;YAC5E,MAAMC,UAAU3F,IAAIU,OAAO,CAAC0D,cAAM,CAACsB,OAAO,CAAC;YAC3C,IAAIC,QAAQhB,WAAW,OAAO,YAAY;gBACxC3E,IAAIuC,GAAG,CAACkD,IAAI,CAACE,OAAO,GAAGC,yCAAgB,CAACC,yBAAyB;YACnE,OAAO;gBACL,IAAI;oBACF,MAAMC,eAAeH,QAAQI,KAAK,CAAC;oBACnC,MAAMC,UAAUC,SAASH,YAAY,CAACA,aAAapB,MAAM,GAAG,EAAE,EAAE;oBAChE1E,IAAIuC,GAAG,CAACkD,IAAI,CAACE,OAAO,GAAGK,UAAUJ,yCAAgB,CAACC,yBAAyB,GAAGD,yCAAgB,CAACC,yBAAyB,GAAGG;gBAC7H,EAAE,OAAO7C,GAAG;oBACV,IAAI,CAACf,MAAM,CAACC,IAAI,CAAC,GAAG,IAAI,CAACnB,UAAU,CAACgF,IAAI,CAAC,kDAAkD,EAAE/C,GAAG;oBAChGnD,IAAIuC,GAAG,CAACkD,IAAI,CAACE,OAAO,GAAGC,yCAAgB,CAACC,yBAAyB;gBACnE;YACF;QACF;QACA,IAAI,CAAC/C,SAAS,CAAC9C;QACf,IAAIA,IAAIuC,GAAG,CAACQ,IAAI,EAAE;YAChB,IAAI,CAAC/C,IAAIuC,GAAG,CAACQ,IAAI,CAAC,WAAW,EAAE;gBAC7B,IAAI,CAACX,MAAM,CAACC,IAAI,CAAC,CAAC,mBAAmB,EAAEkC,KAAKC,SAAS,CAACxE,IAAIuC,GAAG,CAACQ,IAAI,GAAG;gBACrE,MAAM,IAAInC,qBAAa,CAAC,oBAAoBC,kBAAU,CAACiD,WAAW;YACpE;YACA,IAAI;gBACF9D,IAAIuC,GAAG,CAACkD,IAAI,CAACU,SAAS,GAAGnB,OAAOI,IAAI,CAACpF,IAAIuC,GAAG,CAACQ,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC,EAAE;YAChF,EAAE,OAAOI,GAAG;gBACV,IAAI,CAACf,MAAM,CAACC,IAAI,CAAC,GAAG,IAAI,CAACS,SAAS,CAACoD,IAAI,CAAC,oCAAoC,EAAE3B,KAAKC,SAAS,CAACxE,IAAIuC,GAAG,CAACQ,IAAI,CAAC,WAAW,EAAE,GAAG,EAAEI,GAAG;gBAC/H,MAAM,IAAIvC,qBAAa,CAAC,kCAAkCC,kBAAU,CAACiD,WAAW;YAClF;YACA,IAAIkB,OAAOC,MAAM,CAACmB,kBAAU,EAAEvC,OAAO,CAAC7D,IAAIuC,GAAG,CAACkD,IAAI,CAACU,SAAS,MAAM,CAAC,GAAG;gBACpE,IAAI,CAAC/D,MAAM,CAACC,IAAI,CAAC,GAAG,IAAI,CAACS,SAAS,CAACoD,IAAI,CAAC,oCAAoC,EAAE3B,KAAKC,SAAS,CAACxE,IAAIuC,GAAG,CAACQ,IAAI,CAAC,WAAW,GAAG;gBACxH,MAAM,IAAInC,qBAAa,CAAC,kCAAkCC,kBAAU,CAACiD,WAAW;YAClF;YACA,IAAI9D,IAAIuC,GAAG,CAACQ,IAAI,CAAC,WAAW,CAAC,QAAQ,IAAI,OAAO/C,IAAIuC,GAAG,CAACQ,IAAI,CAAC,WAAW,CAAC,QAAQ,KAAK,UAAU;gBAC9F/C,IAAIuC,GAAG,CAACkD,IAAI,CAACY,KAAK,GAAG,GAAGrG,IAAIuC,GAAG,CAACQ,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC,EAAE/C,IAAIgC,IAAI,CAACsE,QAAQ,CAAC,EAAE,EAAEtG,IAAIgC,IAAI,CAACuE,KAAK,CAAC,CAAC,CAAC;YACtG,OAAO;gBACLvG,IAAIuC,GAAG,CAACkD,IAAI,CAACY,KAAK,GAAG,CAAC,SAAS,EAAErG,IAAIgC,IAAI,CAACsE,QAAQ,CAAC,EAAE,EAAEtG,IAAIgC,IAAI,CAACuE,KAAK,CAAC,CAAC,CAAC;YAC1E;YACA,MAAM5D,QAAe,AAAC,CAAA,AAAC3C,IAAIU,OAAO,CAAC0D,cAAM,CAACxB,KAAK,CAAC,IAAY,EAAC,EAAG+B,WAAW;YAC3E3E,IAAIuC,GAAG,CAACI,KAAK,GAAG;gBAACC,aAAK,CAACiC,QAAQ;gBAAEjC,aAAK,CAACC,QAAQ;aAAC,CAACgB,OAAO,CAAClB,WAAW,CAAC,IAAIC,aAAK,CAACiC,QAAQ,GAAGlC;QAC5F,OAAO;YACL,mDAAmD;YACnD3C,IAAIuC,GAAG,CAACI,KAAK,GAAG;QAClB;QACA,IAAI,CAACwB,aAAa,CAACnE;QACnB,OAAO;IACT;IAEQoB,aAAapB,GAAsB,EAAE;QAC3C,IAAI,CAACA,IAAIU,OAAO,CAAC0D,cAAM,CAACoC,UAAU,CAAC,EAAE;YACnC,MAAM,IAAI5F,qBAAa,CAAC,sBAAsBC,kBAAU,CAACiD,WAAW;QACtE;QACA9D,IAAIuC,GAAG,CAACkD,IAAI,GAAG;YAAEgB,OAAO,AAACzG,IAAIU,OAAO,CAAC0D,cAAM,CAACoC,UAAU,CAAC,CAAYE,OAAO,CAAC,KAAK,IAAIA,OAAO,CAAC,KAAK,IAAIC,IAAI;QAAG;QAC5G,IAAI,CAACxC,aAAa,CAACnE;QACnB,OAAO;IACT;IAEQsB,UAAUtB,GAAsB,EAAE;QACxCA,IAAIuC,GAAG,CAACI,KAAK,GAAGC,aAAK,CAACC,QAAQ;QAC9B,IAAI,CAACsB,aAAa,CAACnE;QACnB,OAAO;IACT;IAEQwB,aAAaxB,GAAsB,EAAE;QAC3C,IAAI,CAACmE,aAAa,CAACnE;QACnB,OAAO;IACT;IAEQ4B,YAAY5B,GAAsB,EAAE;QAC1C,IAAIA,IAAIU,OAAO,CAAC,iBAAiB,IAAIV,IAAIU,OAAO,CAAC,iBAAiB,KAAK,KAAK;YAC1E,MAAM,IAAIE,qBAAa,CAAC,4BAA4BC,kBAAU,CAAC+F,sBAAsB;QACvF;QACA5G,IAAIuC,GAAG,CAACI,KAAK,GAAGC,aAAK,CAACC,QAAQ;QAC9B,IAAI,CAACsB,aAAa,CAACnE;QACnB,OAAO;IACT;IAEQ8B,eAAe9B,GAAsB,EAAE6G,SAAS,KAAK,EAAE;QAC7D,IAAI,CAAC7G,IAAIU,OAAO,CAAC0D,cAAM,CAAC0C,WAAW,CAAC,EAAE;YACpC,MAAM,IAAIlG,qBAAa,CAAC,CAAC,QAAQ,EAAEwD,cAAM,CAAC0C,WAAW,CAAC,OAAO,CAAC,EAAEjG,kBAAU,CAACiD,WAAW;QACxF;QACA,MAAMiD,cAActE,IAAAA,iBAAS,EAACuE,IAAAA,oBAAS,EAAChH,IAAIU,OAAO,CAAC0D,cAAM,CAAC0C,WAAW,CAAC;QACvE,IAAI,CAACG,uBAAe,CAACC,IAAI,CAACH,cAAc;YACtC,IAAI,CAAC3E,MAAM,CAACC,IAAI,CAAC,CAAC,sDAAsD,EAAE0E,aAAa;YACvF,MAAM,IAAInG,qBAAa,CAAC,kCAAkCC,kBAAU,CAACiD,WAAW;QAClF;QACA9D,IAAIuC,GAAG,CAACI,KAAK,GAAG,AAAC,CAAA,AAAC3C,IAAIU,OAAO,CAAC0D,cAAM,CAACxB,KAAK,CAAC,IAAYA,aAAK,CAACiC,QAAQ,AAAD,EAAGF,WAAW;QAClF3E,IAAIuC,GAAG,CAAC4E,QAAQ,GAAG;YACjBC,WAAW,AAAC,CAAA,AAACpH,IAAIU,OAAO,CAAC0D,cAAM,CAACiD,SAAS,CAAC,IAAY,GAAE,EAAG1C,WAAW,OAAO;YAC7EoC,aAAaA;YACbF,QAAQA;QACV;QACA,IAAI,CAAC1C,aAAa,CAACnE;QACnB,OAAO;IACT;;aA3NiBoC,SAAS,IAAIkF,cAAM,CAACzH,oBAAoBqG,IAAI;;AA4N/D"}
+{"version":3,"sources":["../../../../../backend/src/applications/webdav/guards/webdav-protocol.guard.ts"],"sourcesContent":["/*\n * Copyright (C) 2012-2025 Johan Legrand <johan.legrand@sync-in.com>\n * This file is part of Sync-in | The open source file sync and share solution\n * See the LICENSE file for licensing details\n */\n\nimport { CanActivate, ExecutionContext, HttpException, HttpStatus, Injectable, Logger } from '@nestjs/common'\nimport { ValidationError } from 'fast-xml-parser'\nimport { FastifyReply } from 'fastify'\nimport { urlToPath } from '../../../common/functions'\nimport { decodeUrl } from '../../../common/shared'\nimport { HTTP_METHOD } from '../../applications.constants'\nimport { CACHE_LOCK_DEFAULT_TTL } from '../../files/constants/cache'\nimport { USER_PERMISSION } from '../../users/constants/user'\nimport {\n  ALLOW_EMPTY_BODY_METHODS,\n  DEPTH,\n  HEADER,\n  LOCK_SCOPE,\n  OPTIONS_HEADERS,\n  PROPPATCH_PROP_UPDATE,\n  PROPSTAT,\n  REGEX_BASE_PATH\n} from '../constants/webdav'\nimport { IfHeader } from '../interfaces/if-header.interface'\nimport { FastifyDAVRequest, WebDAVContext } from '../interfaces/webdav.interface'\nimport { parseIfHeader } from '../utils/if-header'\nimport { PROPFIND_ALL_PROP } from '../utils/webdav'\nimport { xmlIsValid, xmlParse } from '../utils/xml'\n\n@Injectable()\nexport class WebDAVProtocolGuard implements CanActivate {\n  private readonly logger = new Logger(WebDAVProtocolGuard.name)\n\n  async canActivate(ctx: ExecutionContext): Promise<boolean> {\n    const req: FastifyDAVRequest = ctx.switchToHttp().getRequest()\n    const res: FastifyReply = ctx.switchToHttp().getResponse()\n    this.checkUserPermission(req)\n    this.setDAVContext(req)\n    switch (req.method) {\n      case HTTP_METHOD.OPTIONS:\n        // hook to stop propagation and return headers on all webdav routes\n        res.headers(OPTIONS_HEADERS)\n        throw new HttpException(null, HttpStatus.OK)\n      case HTTP_METHOD.PROPFIND:\n        return this.propfindMethod(req)\n      case HTTP_METHOD.LOCK:\n        return this.lockMethod(req)\n      case HTTP_METHOD.UNLOCK:\n        return this.unlockMethod(req)\n      case HTTP_METHOD.PUT:\n        return this.putMethod(req)\n      case HTTP_METHOD.DELETE:\n        return this.deleteMethod(req)\n      case HTTP_METHOD.PROPPATCH:\n        return this.proppatchMethod(req)\n      case HTTP_METHOD.MKCOL:\n        return this.mkcolMethod(req)\n      case HTTP_METHOD.COPY:\n        return this.copyMoveMethod(req)\n      case HTTP_METHOD.MOVE:\n        return this.copyMoveMethod(req, true)\n      default:\n        return true\n    }\n  }\n\n  private checkUserPermission(req: FastifyDAVRequest) {\n    if (req.method !== HTTP_METHOD.OPTIONS && !req.user.havePermission(USER_PERMISSION.WEBDAV)) {\n      this.logger.warn(`does not have permission : ${USER_PERMISSION.WEBDAV}`)\n      throw new HttpException('Missing permission', HttpStatus.FORBIDDEN)\n    }\n  }\n\n  private setDAVContext(req: FastifyDAVRequest) {\n    req.dav = {\n      url: decodeUrl(req.originalUrl),\n      depth: DEPTH.RESOURCE\n    } as WebDAVContext\n  }\n\n  private parseBody(req: FastifyDAVRequest) {\n    let body = null\n    let valid: true | ValidationError\n    try {\n      valid = xmlIsValid(req.body.toString())\n    } catch (e) {\n      valid = { err: { code: e.code, msg: `Invalid body content: ${e.message}`, line: 0, col: 0 } }\n    }\n    if (valid === true) {\n      body = xmlParse(req.body)\n    } else if (valid.err.code === undefined && ALLOW_EMPTY_BODY_METHODS.indexOf(req.method) > -1) {\n      body = null\n    } else {\n      throw new HttpException(`${valid.err.code} : ${valid.err.msg}`, HttpStatus.BAD_REQUEST)\n    }\n    req.dav.httpVersion = `${req.protocol.toUpperCase()}/${req.raw['httpVersion']}`\n    req.dav.body = body\n    return true\n  }\n\n  private parseIfHeader(req: FastifyDAVRequest) {\n    // stores if headers, examine it later\n    if (req.headers[HEADER.IF]) {\n      this.logger.verbose(`If header before : ${JSON.stringify(req.headers[HEADER.IF])}`)\n      const ifHeaders: IfHeader[] = parseIfHeader(req.headers[HEADER.IF] as string)\n      this.logger.verbose(`If header after : ${JSON.stringify(ifHeaders)}`)\n      if (ifHeaders.length) req.dav.ifHeaders = ifHeaders\n    }\n  }\n\n  private propfindMethod(req: FastifyDAVRequest) {\n    req.dav.depth = (req.headers[HEADER.DEPTH] as string | undefined)?.toLowerCase()\n    if (!req.dav.depth || (req.dav.depth !== DEPTH.MEMBERS && req.dav.depth !== DEPTH.RESOURCE)) {\n      if (!req.dav.depth) {\n        this.logger.warn('Missing propfind depth, default value 1 was set')\n      } else if (req.dav.depth === DEPTH.INFINITY) {\n        this.logger.warn('Infinite depth is disabled for security reasons, default value 1 was set')\n      } else {\n        this.logger.warn(`Invalid propfind depth header : ${req.dav.depth}, default value 1 was set`)\n      }\n      req.dav.depth = DEPTH.MEMBERS\n    }\n    if (this.parseBody(req)) {\n      if (req.dav.body) {\n        for (const propType in req.dav.body.propfind) {\n          if (Object.values(PROPSTAT).indexOf(propType as PROPSTAT) > -1) {\n            req.dav.propfindMode = propType as PROPSTAT\n            break\n          }\n        }\n        if (!req.dav.propfindMode) {\n          this.logger.warn(`Invalid propfind mode : ${JSON.stringify(Object.keys(req.dav.body.propfind))}`)\n          throw new HttpException('Invalid propfind mode', HttpStatus.BAD_REQUEST)\n        }\n      } else {\n        // propfind request allow empty body\n        req.dav.body = PROPFIND_ALL_PROP\n        req.dav.propfindMode = PROPSTAT.ALLPROP\n      }\n    }\n    this.parseIfHeader(req)\n    return true\n  }\n\n  private proppatchMethod(req: FastifyDAVRequest) {\n    req.dav.depth = ((req.headers[HEADER.DEPTH] as any) || DEPTH.RESOURCE).toLowerCase()\n    this.parseBody(req)\n    if (!req.dav.body || Object.keys(req.dav.body).indexOf(PROPPATCH_PROP_UPDATE) === -1) {\n      this.logger.debug(`'${PROPPATCH_PROP_UPDATE}' is missing : ${JSON.stringify(req.dav.body)}`)\n      throw new HttpException(`'${PROPPATCH_PROP_UPDATE}' is missing`, HttpStatus.BAD_REQUEST)\n    }\n    this.parseIfHeader(req)\n    return true\n  }\n\n  private lockMethod(req: FastifyDAVRequest) {\n    req.dav.lock = {}\n    if (req.headers[HEADER.TIMEOUT]) {\n      // timeout: 'Infinite, Second-4100000000' | 'Second-4100000000' | 'Infinite'\n      const timeout = req.headers[HEADER.TIMEOUT] as string\n      if (timeout.toLowerCase() === 'infinite') {\n        req.dav.lock.timeout = CACHE_LOCK_DEFAULT_TTL\n      } else {\n        try {\n          const timeoutSplit = timeout.split('-')\n          const seconds = parseInt(timeoutSplit[timeoutSplit.length - 1], 10)\n          req.dav.lock.timeout = seconds > CACHE_LOCK_DEFAULT_TTL ? CACHE_LOCK_DEFAULT_TTL : seconds\n        } catch (e) {\n          this.logger.warn(`${this.lockMethod.name} - unable to set timeout, use the default value : ${e}`)\n          req.dav.lock.timeout = CACHE_LOCK_DEFAULT_TTL\n        }\n      }\n    }\n    this.parseBody(req)\n    if (req.dav.body) {\n      if (!req.dav.body['lockinfo']) {\n        this.logger.warn(`Missing lockinfo : ${JSON.stringify(req.dav.body)}`)\n        throw new HttpException('Missing lockinfo', HttpStatus.BAD_REQUEST)\n      }\n      try {\n        req.dav.lock.lockscope = Object.keys(req.dav.body['lockinfo']['lockscope'])[0] as LOCK_SCOPE\n      } catch (e) {\n        this.logger.warn(`${this.parseBody.name} - invalid or undefined lockscope : ${JSON.stringify(req.dav.body['lockinfo'])} : ${e}`)\n        throw new HttpException('Invalid or undefined lockscope', HttpStatus.BAD_REQUEST)\n      }\n      if (Object.values(LOCK_SCOPE).indexOf(req.dav.lock.lockscope) === -1) {\n        this.logger.warn(`${this.parseBody.name} - invalid or undefined lockscope : ${JSON.stringify(req.dav.body['lockinfo'])}`)\n        throw new HttpException('Invalid or undefined lockscope', HttpStatus.BAD_REQUEST)\n      }\n      if (req.dav.body['lockinfo']['owner'] && typeof req.dav.body['lockinfo']['owner'] === 'string') {\n        req.dav.lock.owner = `${req.dav.body['lockinfo']['owner']} ${req.user.fullName} (${req.user.email})`\n      } else {\n        req.dav.lock.owner = `WebDAV - ${req.user.fullName} (${req.user.email})`\n      }\n      const depth: DEPTH = ((req.headers[HEADER.DEPTH] as any) || '').toLowerCase()\n      req.dav.depth = [DEPTH.INFINITY, DEPTH.RESOURCE].indexOf(depth) === -1 ? DEPTH.INFINITY : depth\n    } else {\n      // must ignore depth header on lock refresh request\n      req.dav.depth = null\n    }\n    this.parseIfHeader(req)\n    return true\n  }\n\n  private unlockMethod(req: FastifyDAVRequest) {\n    if (!req.headers[HEADER.LOCK_TOKEN]) {\n      throw new HttpException('Missing lock token', HttpStatus.BAD_REQUEST)\n    }\n    req.dav.lock = { token: (req.headers[HEADER.LOCK_TOKEN] as string).replace('<', '').replace('>', '').trim() }\n    this.parseIfHeader(req)\n    return true\n  }\n\n  private putMethod(req: FastifyDAVRequest) {\n    req.dav.depth = DEPTH.RESOURCE\n    this.parseIfHeader(req)\n    return true\n  }\n\n  private deleteMethod(req: FastifyDAVRequest) {\n    this.parseIfHeader(req)\n    return true\n  }\n\n  private mkcolMethod(req: FastifyDAVRequest) {\n    if (req.headers['content-length'] && req.headers['content-length'] !== '0') {\n      throw new HttpException('no body content required', HttpStatus.UNSUPPORTED_MEDIA_TYPE)\n    }\n    req.dav.depth = DEPTH.RESOURCE\n    this.parseIfHeader(req)\n    return true\n  }\n\n  private copyMoveMethod(req: FastifyDAVRequest, isMove = false) {\n    if (!req.headers[HEADER.DESTINATION]) {\n      throw new HttpException(`Missing ${HEADER.DESTINATION} header`, HttpStatus.BAD_REQUEST)\n    }\n    const destination = decodeUrl(urlToPath(req.headers[HEADER.DESTINATION] as string))\n    if (!REGEX_BASE_PATH.test(destination)) {\n      this.logger.warn(`The destination does not match the webdav base path : ${destination}`)\n      throw new HttpException('The destination does not match', HttpStatus.BAD_REQUEST)\n    }\n    req.dav.depth = ((req.headers[HEADER.DEPTH] as any) || DEPTH.INFINITY).toLowerCase()\n    req.dav.copyMove = {\n      overwrite: ((req.headers[HEADER.OVERWRITE] as any) || 't').toLowerCase() === 't',\n      destination: destination,\n      isMove: isMove\n    }\n    this.parseIfHeader(req)\n    return true\n  }\n}\n"],"names":["WebDAVProtocolGuard","canActivate","ctx","req","switchToHttp","getRequest","res","getResponse","checkUserPermission","setDAVContext","method","HTTP_METHOD","OPTIONS","headers","OPTIONS_HEADERS","HttpException","HttpStatus","OK","PROPFIND","propfindMethod","LOCK","lockMethod","UNLOCK","unlockMethod","PUT","putMethod","DELETE","deleteMethod","PROPPATCH","proppatchMethod","MKCOL","mkcolMethod","COPY","copyMoveMethod","MOVE","user","havePermission","USER_PERMISSION","WEBDAV","logger","warn","FORBIDDEN","dav","url","decodeUrl","originalUrl","depth","DEPTH","RESOURCE","parseBody","body","valid","xmlIsValid","toString","e","err","code","msg","message","line","col","xmlParse","undefined","ALLOW_EMPTY_BODY_METHODS","indexOf","BAD_REQUEST","httpVersion","protocol","toUpperCase","raw","parseIfHeader","HEADER","IF","verbose","JSON","stringify","ifHeaders","length","toLowerCase","MEMBERS","INFINITY","propType","propfind","Object","values","PROPSTAT","propfindMode","keys","PROPFIND_ALL_PROP","ALLPROP","PROPPATCH_PROP_UPDATE","debug","lock","TIMEOUT","timeout","CACHE_LOCK_DEFAULT_TTL","timeoutSplit","split","seconds","parseInt","name","lockscope","LOCK_SCOPE","owner","fullName","email","LOCK_TOKEN","token","replace","trim","UNSUPPORTED_MEDIA_TYPE","isMove","DESTINATION","destination","urlToPath","REGEX_BASE_PATH","test","copyMove","overwrite","OVERWRITE","Logger"],"mappings":"AAAA;;;;CAIC;;;;+BA2BYA;;;eAAAA;;;wBAzBgF;2BAGnE;wBACA;uCACE;uBACW;sBACP;wBAUzB;0BAGuB;yBACI;qBACG;;;;;;;AAG9B,IAAA,AAAMA,sBAAN,MAAMA;IAGX,MAAMC,YAAYC,GAAqB,EAAoB;QACzD,MAAMC,MAAyBD,IAAIE,YAAY,GAAGC,UAAU;QAC5D,MAAMC,MAAoBJ,IAAIE,YAAY,GAAGG,WAAW;QACxD,IAAI,CAACC,mBAAmB,CAACL;QACzB,IAAI,CAACM,aAAa,CAACN;QACnB,OAAQA,IAAIO,MAAM;YAChB,KAAKC,kCAAW,CAACC,OAAO;gBACtB,mEAAmE;gBACnEN,IAAIO,OAAO,CAACC,uBAAe;gBAC3B,MAAM,IAAIC,qBAAa,CAAC,MAAMC,kBAAU,CAACC,EAAE;YAC7C,KAAKN,kCAAW,CAACO,QAAQ;gBACvB,OAAO,IAAI,CAACC,cAAc,CAAChB;YAC7B,KAAKQ,kCAAW,CAACS,IAAI;gBACnB,OAAO,IAAI,CAACC,UAAU,CAAClB;YACzB,KAAKQ,kCAAW,CAACW,MAAM;gBACrB,OAAO,IAAI,CAACC,YAAY,CAACpB;YAC3B,KAAKQ,kCAAW,CAACa,GAAG;gBAClB,OAAO,IAAI,CAACC,SAAS,CAACtB;YACxB,KAAKQ,kCAAW,CAACe,MAAM;gBACrB,OAAO,IAAI,CAACC,YAAY,CAACxB;YAC3B,KAAKQ,kCAAW,CAACiB,SAAS;gBACxB,OAAO,IAAI,CAACC,eAAe,CAAC1B;YAC9B,KAAKQ,kCAAW,CAACmB,KAAK;gBACpB,OAAO,IAAI,CAACC,WAAW,CAAC5B;YAC1B,KAAKQ,kCAAW,CAACqB,IAAI;gBACnB,OAAO,IAAI,CAACC,cAAc,CAAC9B;YAC7B,KAAKQ,kCAAW,CAACuB,IAAI;gBACnB,OAAO,IAAI,CAACD,cAAc,CAAC9B,KAAK;YAClC;gBACE,OAAO;QACX;IACF;IAEQK,oBAAoBL,GAAsB,EAAE;QAClD,IAAIA,IAAIO,MAAM,KAAKC,kCAAW,CAACC,OAAO,IAAI,CAACT,IAAIgC,IAAI,CAACC,cAAc,CAACC,qBAAe,CAACC,MAAM,GAAG;YAC1F,IAAI,CAACC,MAAM,CAACC,IAAI,CAAC,CAAC,2BAA2B,EAAEH,qBAAe,CAACC,MAAM,EAAE;YACvE,MAAM,IAAIvB,qBAAa,CAAC,sBAAsBC,kBAAU,CAACyB,SAAS;QACpE;IACF;IAEQhC,cAAcN,GAAsB,EAAE;QAC5CA,IAAIuC,GAAG,GAAG;YACRC,KAAKC,IAAAA,iBAAS,EAACzC,IAAI0C,WAAW;YAC9BC,OAAOC,aAAK,CAACC,QAAQ;QACvB;IACF;IAEQC,UAAU9C,GAAsB,EAAE;QACxC,IAAI+C,OAAO;QACX,IAAIC;QACJ,IAAI;YACFA,QAAQC,IAAAA,eAAU,EAACjD,IAAI+C,IAAI,CAACG,QAAQ;QACtC,EAAE,OAAOC,GAAG;YACVH,QAAQ;gBAAEI,KAAK;oBAAEC,MAAMF,EAAEE,IAAI;oBAAEC,KAAK,CAAC,sBAAsB,EAAEH,EAAEI,OAAO,EAAE;oBAAEC,MAAM;oBAAGC,KAAK;gBAAE;YAAE;QAC9F;QACA,IAAIT,UAAU,MAAM;YAClBD,OAAOW,IAAAA,aAAQ,EAAC1D,IAAI+C,IAAI;QAC1B,OAAO,IAAIC,MAAMI,GAAG,CAACC,IAAI,KAAKM,aAAaC,gCAAwB,CAACC,OAAO,CAAC7D,IAAIO,MAAM,IAAI,CAAC,GAAG;YAC5FwC,OAAO;QACT,OAAO;YACL,MAAM,IAAInC,qBAAa,CAAC,GAAGoC,MAAMI,GAAG,CAACC,IAAI,CAAC,GAAG,EAAEL,MAAMI,GAAG,CAACE,GAAG,EAAE,EAAEzC,kBAAU,CAACiD,WAAW;QACxF;QACA9D,IAAIuC,GAAG,CAACwB,WAAW,GAAG,GAAG/D,IAAIgE,QAAQ,CAACC,WAAW,GAAG,CAAC,EAAEjE,IAAIkE,GAAG,CAAC,cAAc,EAAE;QAC/ElE,IAAIuC,GAAG,CAACQ,IAAI,GAAGA;QACf,OAAO;IACT;IAEQoB,cAAcnE,GAAsB,EAAE;QAC5C,sCAAsC;QACtC,IAAIA,IAAIU,OAAO,CAAC0D,cAAM,CAACC,EAAE,CAAC,EAAE;YAC1B,IAAI,CAACjC,MAAM,CAACkC,OAAO,CAAC,CAAC,mBAAmB,EAAEC,KAAKC,SAAS,CAACxE,IAAIU,OAAO,CAAC0D,cAAM,CAACC,EAAE,CAAC,GAAG;YAClF,MAAMI,YAAwBN,IAAAA,uBAAa,EAACnE,IAAIU,OAAO,CAAC0D,cAAM,CAACC,EAAE,CAAC;YAClE,IAAI,CAACjC,MAAM,CAACkC,OAAO,CAAC,CAAC,kBAAkB,EAAEC,KAAKC,SAAS,CAACC,YAAY;YACpE,IAAIA,UAAUC,MAAM,EAAE1E,IAAIuC,GAAG,CAACkC,SAAS,GAAGA;QAC5C;IACF;IAEQzD,eAAehB,GAAsB,EAAE;QAC7CA,IAAIuC,GAAG,CAACI,KAAK,GAAI3C,IAAIU,OAAO,CAAC0D,cAAM,CAACxB,KAAK,CAAC,EAAyB+B;QACnE,IAAI,CAAC3E,IAAIuC,GAAG,CAACI,KAAK,IAAK3C,IAAIuC,GAAG,CAACI,KAAK,KAAKC,aAAK,CAACgC,OAAO,IAAI5E,IAAIuC,GAAG,CAACI,KAAK,KAAKC,aAAK,CAACC,QAAQ,EAAG;YAC3F,IAAI,CAAC7C,IAAIuC,GAAG,CAACI,KAAK,EAAE;gBAClB,IAAI,CAACP,MAAM,CAACC,IAAI,CAAC;YACnB,OAAO,IAAIrC,IAAIuC,GAAG,CAACI,KAAK,KAAKC,aAAK,CAACiC,QAAQ,EAAE;gBAC3C,IAAI,CAACzC,MAAM,CAACC,IAAI,CAAC;YACnB,OAAO;gBACL,IAAI,CAACD,MAAM,CAACC,IAAI,CAAC,CAAC,gCAAgC,EAAErC,IAAIuC,GAAG,CAACI,KAAK,CAAC,yBAAyB,CAAC;YAC9F;YACA3C,IAAIuC,GAAG,CAACI,KAAK,GAAGC,aAAK,CAACgC,OAAO;QAC/B;QACA,IAAI,IAAI,CAAC9B,SAAS,CAAC9C,MAAM;YACvB,IAAIA,IAAIuC,GAAG,CAACQ,IAAI,EAAE;gBAChB,IAAK,MAAM+B,YAAY9E,IAAIuC,GAAG,CAACQ,IAAI,CAACgC,QAAQ,CAAE;oBAC5C,IAAIC,OAAOC,MAAM,CAACC,gBAAQ,EAAErB,OAAO,CAACiB,YAAwB,CAAC,GAAG;wBAC9D9E,IAAIuC,GAAG,CAAC4C,YAAY,GAAGL;wBACvB;oBACF;gBACF;gBACA,IAAI,CAAC9E,IAAIuC,GAAG,CAAC4C,YAAY,EAAE;oBACzB,IAAI,CAAC/C,MAAM,CAACC,IAAI,CAAC,CAAC,wBAAwB,EAAEkC,KAAKC,SAAS,CAACQ,OAAOI,IAAI,CAACpF,IAAIuC,GAAG,CAACQ,IAAI,CAACgC,QAAQ,IAAI;oBAChG,MAAM,IAAInE,qBAAa,CAAC,yBAAyBC,kBAAU,CAACiD,WAAW;gBACzE;YACF,OAAO;gBACL,oCAAoC;gBACpC9D,IAAIuC,GAAG,CAACQ,IAAI,GAAGsC,0BAAiB;gBAChCrF,IAAIuC,GAAG,CAAC4C,YAAY,GAAGD,gBAAQ,CAACI,OAAO;YACzC;QACF;QACA,IAAI,CAACnB,aAAa,CAACnE;QACnB,OAAO;IACT;IAEQ0B,gBAAgB1B,GAAsB,EAAE;QAC9CA,IAAIuC,GAAG,CAACI,KAAK,GAAG,AAAC,CAAA,AAAC3C,IAAIU,OAAO,CAAC0D,cAAM,CAACxB,KAAK,CAAC,IAAYA,aAAK,CAACC,QAAQ,AAAD,EAAG8B,WAAW;QAClF,IAAI,CAAC7B,SAAS,CAAC9C;QACf,IAAI,CAACA,IAAIuC,GAAG,CAACQ,IAAI,IAAIiC,OAAOI,IAAI,CAACpF,IAAIuC,GAAG,CAACQ,IAAI,EAAEc,OAAO,CAAC0B,6BAAqB,MAAM,CAAC,GAAG;YACpF,IAAI,CAACnD,MAAM,CAACoD,KAAK,CAAC,CAAC,CAAC,EAAED,6BAAqB,CAAC,eAAe,EAAEhB,KAAKC,SAAS,CAACxE,IAAIuC,GAAG,CAACQ,IAAI,GAAG;YAC3F,MAAM,IAAInC,qBAAa,CAAC,CAAC,CAAC,EAAE2E,6BAAqB,CAAC,YAAY,CAAC,EAAE1E,kBAAU,CAACiD,WAAW;QACzF;QACA,IAAI,CAACK,aAAa,CAACnE;QACnB,OAAO;IACT;IAEQkB,WAAWlB,GAAsB,EAAE;QACzCA,IAAIuC,GAAG,CAACkD,IAAI,GAAG,CAAC;QAChB,IAAIzF,IAAIU,OAAO,CAAC0D,cAAM,CAACsB,OAAO,CAAC,EAAE;YAC/B,4EAA4E;YAC5E,MAAMC,UAAU3F,IAAIU,OAAO,CAAC0D,cAAM,CAACsB,OAAO,CAAC;YAC3C,IAAIC,QAAQhB,WAAW,OAAO,YAAY;gBACxC3E,IAAIuC,GAAG,CAACkD,IAAI,CAACE,OAAO,GAAGC,6BAAsB;YAC/C,OAAO;gBACL,IAAI;oBACF,MAAMC,eAAeF,QAAQG,KAAK,CAAC;oBACnC,MAAMC,UAAUC,SAASH,YAAY,CAACA,aAAanB,MAAM,GAAG,EAAE,EAAE;oBAChE1E,IAAIuC,GAAG,CAACkD,IAAI,CAACE,OAAO,GAAGI,UAAUH,6BAAsB,GAAGA,6BAAsB,GAAGG;gBACrF,EAAE,OAAO5C,GAAG;oBACV,IAAI,CAACf,MAAM,CAACC,IAAI,CAAC,GAAG,IAAI,CAACnB,UAAU,CAAC+E,IAAI,CAAC,kDAAkD,EAAE9C,GAAG;oBAChGnD,IAAIuC,GAAG,CAACkD,IAAI,CAACE,OAAO,GAAGC,6BAAsB;gBAC/C;YACF;QACF;QACA,IAAI,CAAC9C,SAAS,CAAC9C;QACf,IAAIA,IAAIuC,GAAG,CAACQ,IAAI,EAAE;YAChB,IAAI,CAAC/C,IAAIuC,GAAG,CAACQ,IAAI,CAAC,WAAW,EAAE;gBAC7B,IAAI,CAACX,MAAM,CAACC,IAAI,CAAC,CAAC,mBAAmB,EAAEkC,KAAKC,SAAS,CAACxE,IAAIuC,GAAG,CAACQ,IAAI,GAAG;gBACrE,MAAM,IAAInC,qBAAa,CAAC,oBAAoBC,kBAAU,CAACiD,WAAW;YACpE;YACA,IAAI;gBACF9D,IAAIuC,GAAG,CAACkD,IAAI,CAACS,SAAS,GAAGlB,OAAOI,IAAI,CAACpF,IAAIuC,GAAG,CAACQ,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC,EAAE;YAChF,EAAE,OAAOI,GAAG;gBACV,IAAI,CAACf,MAAM,CAACC,IAAI,CAAC,GAAG,IAAI,CAACS,SAAS,CAACmD,IAAI,CAAC,oCAAoC,EAAE1B,KAAKC,SAAS,CAACxE,IAAIuC,GAAG,CAACQ,IAAI,CAAC,WAAW,EAAE,GAAG,EAAEI,GAAG;gBAC/H,MAAM,IAAIvC,qBAAa,CAAC,kCAAkCC,kBAAU,CAACiD,WAAW;YAClF;YACA,IAAIkB,OAAOC,MAAM,CAACkB,kBAAU,EAAEtC,OAAO,CAAC7D,IAAIuC,GAAG,CAACkD,IAAI,CAACS,SAAS,MAAM,CAAC,GAAG;gBACpE,IAAI,CAAC9D,MAAM,CAACC,IAAI,CAAC,GAAG,IAAI,CAACS,SAAS,CAACmD,IAAI,CAAC,oCAAoC,EAAE1B,KAAKC,SAAS,CAACxE,IAAIuC,GAAG,CAACQ,IAAI,CAAC,WAAW,GAAG;gBACxH,MAAM,IAAInC,qBAAa,CAAC,kCAAkCC,kBAAU,CAACiD,WAAW;YAClF;YACA,IAAI9D,IAAIuC,GAAG,CAACQ,IAAI,CAAC,WAAW,CAAC,QAAQ,IAAI,OAAO/C,IAAIuC,GAAG,CAACQ,IAAI,CAAC,WAAW,CAAC,QAAQ,KAAK,UAAU;gBAC9F/C,IAAIuC,GAAG,CAACkD,IAAI,CAACW,KAAK,GAAG,GAAGpG,IAAIuC,GAAG,CAACQ,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC,EAAE/C,IAAIgC,IAAI,CAACqE,QAAQ,CAAC,EAAE,EAAErG,IAAIgC,IAAI,CAACsE,KAAK,CAAC,CAAC,CAAC;YACtG,OAAO;gBACLtG,IAAIuC,GAAG,CAACkD,IAAI,CAACW,KAAK,GAAG,CAAC,SAAS,EAAEpG,IAAIgC,IAAI,CAACqE,QAAQ,CAAC,EAAE,EAAErG,IAAIgC,IAAI,CAACsE,KAAK,CAAC,CAAC,CAAC;YAC1E;YACA,MAAM3D,QAAe,AAAC,CAAA,AAAC3C,IAAIU,OAAO,CAAC0D,cAAM,CAACxB,KAAK,CAAC,IAAY,EAAC,EAAG+B,WAAW;YAC3E3E,IAAIuC,GAAG,CAACI,KAAK,GAAG;gBAACC,aAAK,CAACiC,QAAQ;gBAAEjC,aAAK,CAACC,QAAQ;aAAC,CAACgB,OAAO,CAAClB,WAAW,CAAC,IAAIC,aAAK,CAACiC,QAAQ,GAAGlC;QAC5F,OAAO;YACL,mDAAmD;YACnD3C,IAAIuC,GAAG,CAACI,KAAK,GAAG;QAClB;QACA,IAAI,CAACwB,aAAa,CAACnE;QACnB,OAAO;IACT;IAEQoB,aAAapB,GAAsB,EAAE;QAC3C,IAAI,CAACA,IAAIU,OAAO,CAAC0D,cAAM,CAACmC,UAAU,CAAC,EAAE;YACnC,MAAM,IAAI3F,qBAAa,CAAC,sBAAsBC,kBAAU,CAACiD,WAAW;QACtE;QACA9D,IAAIuC,GAAG,CAACkD,IAAI,GAAG;YAAEe,OAAO,AAACxG,IAAIU,OAAO,CAAC0D,cAAM,CAACmC,UAAU,CAAC,CAAYE,OAAO,CAAC,KAAK,IAAIA,OAAO,CAAC,KAAK,IAAIC,IAAI;QAAG;QAC5G,IAAI,CAACvC,aAAa,CAACnE;QACnB,OAAO;IACT;IAEQsB,UAAUtB,GAAsB,EAAE;QACxCA,IAAIuC,GAAG,CAACI,KAAK,GAAGC,aAAK,CAACC,QAAQ;QAC9B,IAAI,CAACsB,aAAa,CAACnE;QACnB,OAAO;IACT;IAEQwB,aAAaxB,GAAsB,EAAE;QAC3C,IAAI,CAACmE,aAAa,CAACnE;QACnB,OAAO;IACT;IAEQ4B,YAAY5B,GAAsB,EAAE;QAC1C,IAAIA,IAAIU,OAAO,CAAC,iBAAiB,IAAIV,IAAIU,OAAO,CAAC,iBAAiB,KAAK,KAAK;YAC1E,MAAM,IAAIE,qBAAa,CAAC,4BAA4BC,kBAAU,CAAC8F,sBAAsB;QACvF;QACA3G,IAAIuC,GAAG,CAACI,KAAK,GAAGC,aAAK,CAACC,QAAQ;QAC9B,IAAI,CAACsB,aAAa,CAACnE;QACnB,OAAO;IACT;IAEQ8B,eAAe9B,GAAsB,EAAE4G,SAAS,KAAK,EAAE;QAC7D,IAAI,CAAC5G,IAAIU,OAAO,CAAC0D,cAAM,CAACyC,WAAW,CAAC,EAAE;YACpC,MAAM,IAAIjG,qBAAa,CAAC,CAAC,QAAQ,EAAEwD,cAAM,CAACyC,WAAW,CAAC,OAAO,CAAC,EAAEhG,kBAAU,CAACiD,WAAW;QACxF;QACA,MAAMgD,cAAcrE,IAAAA,iBAAS,EAACsE,IAAAA,oBAAS,EAAC/G,IAAIU,OAAO,CAAC0D,cAAM,CAACyC,WAAW,CAAC;QACvE,IAAI,CAACG,uBAAe,CAACC,IAAI,CAACH,cAAc;YACtC,IAAI,CAAC1E,MAAM,CAACC,IAAI,CAAC,CAAC,sDAAsD,EAAEyE,aAAa;YACvF,MAAM,IAAIlG,qBAAa,CAAC,kCAAkCC,kBAAU,CAACiD,WAAW;QAClF;QACA9D,IAAIuC,GAAG,CAACI,KAAK,GAAG,AAAC,CAAA,AAAC3C,IAAIU,OAAO,CAAC0D,cAAM,CAACxB,KAAK,CAAC,IAAYA,aAAK,CAACiC,QAAQ,AAAD,EAAGF,WAAW;QAClF3E,IAAIuC,GAAG,CAAC2E,QAAQ,GAAG;YACjBC,WAAW,AAAC,CAAA,AAACnH,IAAIU,OAAO,CAAC0D,cAAM,CAACgD,SAAS,CAAC,IAAY,GAAE,EAAGzC,WAAW,OAAO;YAC7EmC,aAAaA;YACbF,QAAQA;QACV;QACA,IAAI,CAACzC,aAAa,CAACnE;QACnB,OAAO;IACT;;aA3NiBoC,SAAS,IAAIiF,cAAM,CAACxH,oBAAoBoG,IAAI;;AA4N/D"}