npm - @waiaas/daemon - Versions diffs - 2.10.0-rc.10 → 2.10.0-rc.12 - Mend

@waiaas/daemon 2.10.0-rc.10 → 2.10.0-rc.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (43) hide show

package/dist/api/routes/admin-actions.d.ts ADDED Viewed

@@ -0,0 +1,46 @@
+/**
+ * Admin action routes: POST /v1/admin/actions/:provider/:action.
+ *
+ * Separate from `/v1/actions/*` (sessionAuth) to allow Admin UI (masterAuth)
+ * to execute actions directly. Admin context bypasses session_wallets access
+ * check since admin has full wallet access.
+ *
+ * @see #273 — Admin UI ERC-8004 에이전트 등록 시 sessionAuth 인증 실패
+ */
+import { OpenAPIHono } from '@hono/zod-openapi';
+import type { IPolicyEngine } from '@waiaas/core';
+import type { BetterSQLite3Database } from 'drizzle-orm/better-sqlite3';
+import type { Database as SQLiteDatabase } from 'better-sqlite3';
+import type { ActionProviderRegistry } from '../../infrastructure/action/action-provider-registry.js';
+import type { AdapterPool } from '../../infrastructure/adapter-pool.js';
+import type { MasterPasswordRef } from '../middleware/master-auth.js';
+import type { DaemonConfig } from '../../infrastructure/config/loader.js';
+import type { LocalKeyStore } from '../../infrastructure/keystore/keystore.js';
+import type * as schema from '../../infrastructure/database/schema.js';
+import type { ApprovalWorkflow } from '../../workflow/approval-workflow.js';
+import type { DelayQueue } from '../../workflow/delay-queue.js';
+import type { NotificationService } from '../../notifications/notification-service.js';
+import type { IPriceOracle } from '@waiaas/core';
+import type { SettingsService } from '../../infrastructure/settings/settings-service.js';
+export interface AdminActionRouteDeps {
+    registry: ActionProviderRegistry;
+    db: BetterSQLite3Database<typeof schema>;
+    adapterPool: AdapterPool;
+    config: DaemonConfig;
+    keyStore: LocalKeyStore;
+    policyEngine: IPolicyEngine;
+    masterPassword: string;
+    passwordRef?: MasterPasswordRef;
+    approvalWorkflow?: ApprovalWorkflow;
+    delayQueue?: DelayQueue;
+    sqlite?: SQLiteDatabase;
+    notificationService?: NotificationService;
+    priceOracle?: IPriceOracle;
+    settingsService: SettingsService;
+    wcSigningBridgeRef?: import('../../services/wc-signing-bridge.js').WcSigningBridgeRef;
+    approvalChannelRouter?: import('../../services/signing-sdk/approval-channel-router.js').ApprovalChannelRouter;
+    eventBus?: import('@waiaas/core').EventBus;
+    reputationCache?: import('../../services/erc8004/reputation-cache-service.js').ReputationCacheService;
+}
+export declare function adminActionRoutes(deps: AdminActionRouteDeps): OpenAPIHono;
+//# sourceMappingURL=admin-actions.d.ts.map

package/dist/api/routes/admin-actions.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"admin-actions.d.ts","sourceRoot":"","sources":["../../../src/api/routes/admin-actions.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,WAAW,EAAkB,MAAM,mBAAmB,CAAC;AAGhE,OAAO,KAAK,EAA2C,aAAa,EAAE,MAAM,cAAc,CAAC;AAC3F,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAC;AACxE,OAAO,KAAK,EAAE,QAAQ,IAAI,cAAc,EAAE,MAAM,gBAAgB,CAAC;AACjE,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,yDAAyD,CAAC;AACtG,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,sCAAsC,CAAC;AAExE,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,8BAA8B,CAAC;AACtE,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,uCAAuC,CAAC;AAC1E,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,2CAA2C,CAAC;AAC/E,OAAO,KAAK,KAAK,MAAM,MAAM,yCAAyC,CAAC;AAcvE,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,qCAAqC,CAAC;AAC5E,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,+BAA+B,CAAC;AAChE,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,6CAA6C,CAAC;AACvF,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AACjD,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,mDAAmD,CAAC;AAWzF,MAAM,WAAW,oBAAoB;IACnC,QAAQ,EAAE,sBAAsB,CAAC;IACjC,EAAE,EAAE,qBAAqB,CAAC,OAAO,MAAM,CAAC,CAAC;IACzC,WAAW,EAAE,WAAW,CAAC;IACzB,MAAM,EAAE,YAAY,CAAC;IACrB,QAAQ,EAAE,aAAa,CAAC;IACxB,YAAY,EAAE,aAAa,CAAC;IAC5B,cAAc,EAAE,MAAM,CAAC;IACvB,WAAW,CAAC,EAAE,iBAAiB,CAAC;IAChC,gBAAgB,CAAC,EAAE,gBAAgB,CAAC;IACpC,UAAU,CAAC,EAAE,UAAU,CAAC;IACxB,MAAM,CAAC,EAAE,cAAc,CAAC;IACxB,mBAAmB,CAAC,EAAE,mBAAmB,CAAC;IAC1C,WAAW,CAAC,EAAE,YAAY,CAAC;IAC3B,eAAe,EAAE,eAAe,CAAC;IACjC,kBAAkB,CAAC,EAAE,OAAO,qCAAqC,EAAE,kBAAkB,CAAC;IACtF,qBAAqB,CAAC,EAAE,OAAO,uDAAuD,EAAE,qBAAqB,CAAC;IAC9G,QAAQ,CAAC,EAAE,OAAO,cAAc,EAAE,QAAQ,CAAC;IAC3C,eAAe,CAAC,EAAE,OAAO,oDAAoD,EAAE,sBAAsB,CAAC;CACvG;AA6ED,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,oBAAoB,GAAG,WAAW,CA4RzE"}

package/dist/api/routes/admin-actions.js ADDED Viewed

@@ -0,0 +1,317 @@
+/**
+ * Admin action routes: POST /v1/admin/actions/:provider/:action.
+ *
+ * Separate from `/v1/actions/*` (sessionAuth) to allow Admin UI (masterAuth)
+ * to execute actions directly. Admin context bypasses session_wallets access
+ * check since admin has full wallet access.
+ *
+ * @see #273 — Admin UI ERC-8004 에이전트 등록 시 sessionAuth 인증 실패
+ */
+import { OpenAPIHono, createRoute, z } from '@hono/zod-openapi';
+import { eq } from 'drizzle-orm';
+import { WAIaaSError } from '@waiaas/core';
+import { resolveRpcUrl } from '../../infrastructure/adapter-pool.js';
+import { wallets, transactions } from '../../infrastructure/database/schema.js';
+import { stage1Validate, stage2Auth, stage3Policy, stage3_5GasCondition, stage4Wait, stage5Execute, stage6Confirm, getRequestTo, } from '../../pipeline/stages.js';
+import { resolveNetwork } from '../../pipeline/network-resolver.js';
+import { TxSendResponseSchema, buildErrorResponses, openApiValidationHook, } from './openapi-schemas.js';
+// ---------------------------------------------------------------------------
+// Schemas
+// ---------------------------------------------------------------------------
+const AdminActionExecuteRequestSchema = z
+    .object({
+    params: z.record(z.unknown()).optional().default({}),
+    network: z.string().optional(),
+    walletId: z.string().uuid().describe('Target wallet ID (required for admin context)'),
+})
+    .openapi('AdminActionExecuteRequest');
+// ---------------------------------------------------------------------------
+// Route definitions
+// ---------------------------------------------------------------------------
+const adminExecuteActionRoute = createRoute({
+    method: 'post',
+    path: '/admin/actions/{provider}/{action}',
+    tags: ['Admin', 'Actions'],
+    summary: 'Execute an action via provider (admin context)',
+    description: 'Admin-only action execution. Bypasses session-based wallet access check. Requires masterAuth.',
+    request: {
+        params: z.object({
+            provider: z.string(),
+            action: z.string(),
+        }),
+        body: {
+            content: {
+                'application/json': { schema: AdminActionExecuteRequestSchema },
+            },
+        },
+    },
+    responses: {
+        201: {
+            description: 'Action submitted to pipeline',
+            content: { 'application/json': { schema: TxSendResponseSchema } },
+        },
+        ...buildErrorResponses([
+            'ACTION_NOT_FOUND',
+            'API_KEY_REQUIRED',
+            'ACTION_VALIDATION_FAILED',
+            'ACTION_RESOLVE_FAILED',
+            'ACTION_RETURN_INVALID',
+            'WALLET_NOT_FOUND',
+        ]),
+    },
+});
+// ---------------------------------------------------------------------------
+// Helper: resolve EVM chainId from network identifier
+// ---------------------------------------------------------------------------
+function resolveChainId(network) {
+    const CHAIN_IDS = {
+        'ethereum-mainnet': 1,
+        'ethereum-sepolia': 11155111,
+        'ethereum-goerli': 5,
+        'polygon-mainnet': 137,
+        'polygon-mumbai': 80001,
+        'arbitrum-mainnet': 42161,
+        'arbitrum-sepolia': 421614,
+        'optimism-mainnet': 10,
+        'optimism-sepolia': 11155420,
+        'base-mainnet': 8453,
+        'base-sepolia': 84532,
+    };
+    return CHAIN_IDS[network] ?? 1;
+}
+// ---------------------------------------------------------------------------
+// Route factory
+// ---------------------------------------------------------------------------
+export function adminActionRoutes(deps) {
+    const router = new OpenAPIHono({ defaultHook: openApiValidationHook });
+    router.openapi(adminExecuteActionRoute, async (c) => {
+        const { provider, action } = c.req.valid('param');
+        const body = c.req.valid('json');
+        const actionKey = `${provider}/${action}`;
+        // 1. Look up action entry
+        const entry = deps.registry.getAction(actionKey);
+        if (!entry) {
+            throw new WAIaaSError('ACTION_NOT_FOUND', {
+                message: `Action '${actionKey}' not found`,
+                details: { provider, action },
+            });
+        }
+        // 2. Admin context: walletId is required from body (no session resolution)
+        const walletId = body.walletId;
+        // 3. Check API key requirement
+        if (entry.provider.metadata.requiresApiKey) {
+            if (!deps.settingsService.hasApiKey(entry.provider.metadata.name)) {
+                throw new WAIaaSError('API_KEY_REQUIRED', {
+                    message: `Admin > Settings에서 ${entry.provider.metadata.name} API 키를 설정하세요`,
+                    details: { provider: entry.provider.metadata.name },
+                });
+            }
+        }
+        // 4. Look up wallet
+        const wallet = await deps.db.select().from(wallets).where(eq(wallets.id, walletId)).get();
+        if (!wallet) {
+            throw new WAIaaSError('WALLET_NOT_FOUND', {
+                message: `Wallet '${walletId}' not found`,
+            });
+        }
+        if (wallet.status === 'TERMINATED') {
+            throw new WAIaaSError('WALLET_TERMINATED');
+        }
+        // 5. Build ActionContext (sessionId is null for admin context)
+        const actionContext = {
+            walletAddress: wallet.publicKey,
+            chain: wallet.chain,
+            walletId,
+            sessionId: undefined,
+        };
+        // 6. Execute resolve via registry
+        let contractCalls;
+        try {
+            contractCalls = await deps.registry.executeResolve(actionKey, body.params ?? {}, actionContext);
+        }
+        catch (err) {
+            if (err instanceof WAIaaSError)
+                throw err;
+            throw new WAIaaSError('ACTION_RESOLVE_FAILED', {
+                message: `Action resolve failed: ${err instanceof Error ? err.message : 'Unknown error'}`,
+                details: { actionKey },
+                cause: err instanceof Error ? err : undefined,
+            });
+        }
+        // 7. Resolve network
+        let resolvedNetwork;
+        try {
+            resolvedNetwork = resolveNetwork(body.network, wallet.environment, wallet.chain);
+        }
+        catch (err) {
+            if (err instanceof Error && err.message.includes('environment')) {
+                throw new WAIaaSError('ENVIRONMENT_NETWORK_MISMATCH', {
+                    message: err.message,
+                });
+            }
+            throw new WAIaaSError('ACTION_VALIDATION_FAILED', {
+                message: err instanceof Error ? err.message : 'Network validation failed',
+            });
+        }
+        // 8. Resolve adapter from pool
+        const rpcUrl = resolveRpcUrl(deps.config.rpc, wallet.chain, resolvedNetwork);
+        const adapter = await deps.adapterPool.resolve(wallet.chain, resolvedNetwork, rpcUrl);
+        // 9. Pipeline execution
+        const walletData = {
+            publicKey: wallet.publicKey,
+            chain: wallet.chain,
+            environment: wallet.environment,
+            accountType: wallet.accountType,
+            aaProvider: wallet.aaProvider,
+            aaProviderApiKeyEncrypted: wallet.aaProviderApiKeyEncrypted,
+            aaBundlerUrl: wallet.aaBundlerUrl,
+            aaPaymasterUrl: wallet.aaPaymasterUrl,
+            aaPaymasterPolicyId: wallet.aaPaymasterPolicyId,
+        };
+        const pipelineConfig = {
+            policy_defaults_delay_seconds: deps.config.security.policy_defaults_delay_seconds,
+            policy_defaults_approval_timeout: deps.config.security.policy_defaults_approval_timeout,
+        };
+        const pipelineResults = [];
+        for (const contractCall of contractCalls) {
+            // Extract EIP-712 metadata from resolve result
+            const eip712 = contractCall.eip712;
+            let eip712Metadata;
+            if (eip712) {
+                const ownerAddress = wallet.ownerAddress || '0x0000000000000000000000000000000000000000';
+                const typedData = JSON.parse(eip712.typedDataJson);
+                typedData.message.owner = ownerAddress;
+                typedData.domain.chainId = resolveChainId(resolvedNetwork);
+                eip712Metadata = {
+                    approvalType: 'EIP712',
+                    typedDataJson: JSON.stringify(typedData),
+                    agentId: eip712.agentId,
+                    newWallet: eip712.newWallet,
+                    deadline: eip712.deadline,
+                };
+            }
+            const ctx = {
+                db: deps.db,
+                adapter,
+                keyStore: deps.keyStore,
+                policyEngine: deps.policyEngine,
+                masterPassword: deps.passwordRef?.password ?? deps.masterPassword,
+                walletId,
+                wallet: walletData,
+                resolvedNetwork,
+                resolvedRpcUrl: rpcUrl,
+                request: contractCall,
+                txId: '',
+                sessionId: undefined, // Admin context -- no session
+                sqlite: deps.sqlite,
+                delayQueue: deps.delayQueue,
+                approvalWorkflow: deps.approvalWorkflow,
+                config: pipelineConfig,
+                notificationService: deps.notificationService,
+                priceOracle: deps.priceOracle,
+                settingsService: deps.settingsService,
+                eip712Metadata,
+                wcSigningBridge: deps.wcSigningBridgeRef?.current ?? undefined,
+                approvalChannelRouter: deps.approvalChannelRouter,
+                eventBus: deps.eventBus,
+                actionProviderKey: provider,
+                actionName: action,
+                actionDefaultTier: entry.action.defaultTier,
+            };
+            await stage1Validate(ctx);
+            // Persist action provider metadata
+            const existingTx = await deps.db
+                .select({ metadata: transactions.metadata })
+                .from(transactions)
+                .where(eq(transactions.id, ctx.txId))
+                .get();
+            const existingMeta = existingTx?.metadata ? JSON.parse(existingTx.metadata) : {};
+            await deps.db
+                .update(transactions)
+                .set({
+                metadata: JSON.stringify({ ...existingMeta, provider, action }),
+            })
+                .where(eq(transactions.id, ctx.txId));
+            pipelineResults.push({ id: ctx.txId, status: 'PENDING' });
+            // Stages 2-6 run asynchronously
+            void (async () => {
+                try {
+                    await stage2Auth(ctx);
+                    await stage3Policy(ctx);
+                    await stage3_5GasCondition(ctx);
+                    await stage4Wait(ctx);
+                    await stage5Execute(ctx);
+                    await stage6Confirm(ctx);
+                    // ERC-8004 notification events
+                    if (provider === 'erc8004_agent' && deps.notificationService) {
+                        const params = body.params ?? {};
+                        const registryAddress = getRequestTo(ctx.request);
+                        const erc8004NotifMap = {
+                            register_agent: {
+                                event: 'AGENT_REGISTERED',
+                                vars: {
+                                    chainAgentId: String(params.agentId ?? ctx.txId),
+                                    registryAddress,
+                                },
+                            },
+                            set_agent_wallet: {
+                                event: 'AGENT_WALLET_LINKED',
+                                vars: { registryAddress },
+                            },
+                            unset_agent_wallet: {
+                                event: 'AGENT_WALLET_UNLINKED',
+                                vars: { registryAddress },
+                            },
+                        };
+                        const notifEntry = erc8004NotifMap[action];
+                        if (notifEntry) {
+                            void deps.notificationService.notify(notifEntry.event, walletId, notifEntry.vars, { txId: ctx.txId });
+                        }
+                    }
+                    // Invalidate reputation cache after feedback actions
+                    if (provider === 'erc8004_agent' &&
+                        (action === 'give_feedback' || action === 'revoke_feedback') &&
+                        deps.reputationCache) {
+                        const targetAgentId = String((body.params ?? {}).agentId ?? '');
+                        if (targetAgentId) {
+                            deps.reputationCache.invalidate(targetAgentId);
+                        }
+                    }
+                }
+                catch (error) {
+                    if (error instanceof WAIaaSError && error.code === 'PIPELINE_HALTED') {
+                        return;
+                    }
+                    try {
+                        const tx = await deps.db
+                            .select()
+                            .from(transactions)
+                            .where(eq(transactions.id, ctx.txId))
+                            .get();
+                        if (tx && tx.status !== 'CONFIRMED' && tx.status !== 'FAILED' && tx.status !== 'CANCELLED') {
+                            const errorMessage = error instanceof Error ? error.message : 'Pipeline execution failed';
+                            await deps.db
+                                .update(transactions)
+                                .set({ status: 'FAILED', error: errorMessage })
+                                .where(eq(transactions.id, ctx.txId));
+                        }
+                    }
+                    catch {
+                        // Swallow DB update errors in background
+                    }
+                }
+            })();
+        }
+        const lastResult = pipelineResults[pipelineResults.length - 1];
+        if (pipelineResults.length === 1) {
+            return c.json({ id: lastResult.id, status: lastResult.status }, 201);
+        }
+        return c.json({
+            id: lastResult.id,
+            status: lastResult.status,
+            pipeline: pipelineResults,
+        }, 201);
+    });
+    return router;
+}
+//# sourceMappingURL=admin-actions.js.map

package/dist/api/routes/admin-actions.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"admin-actions.js","sourceRoot":"","sources":["../../../src/api/routes/admin-actions.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,CAAC,EAAE,MAAM,mBAAmB,CAAC;AAChE,OAAO,EAAE,EAAE,EAAE,MAAM,aAAa,CAAC;AACjC,OAAO,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAM3C,OAAO,EAAE,aAAa,EAAE,MAAM,sCAAsC,CAAC;AAKrE,OAAO,EAAE,OAAO,EAAE,YAAY,EAAE,MAAM,yCAAyC,CAAC;AAChF,OAAO,EACL,cAAc,EACd,UAAU,EACV,YAAY,EACZ,oBAAoB,EACpB,UAAU,EACV,aAAa,EACb,aAAa,EACb,YAAY,GACb,MAAM,0BAA0B,CAAC;AAElC,OAAO,EAAE,cAAc,EAAE,MAAM,oCAAoC,CAAC;AAMpE,OAAO,EACL,oBAAoB,EACpB,mBAAmB,EACnB,qBAAqB,GACtB,MAAM,sBAAsB,CAAC;AA2B9B,8EAA8E;AAC9E,UAAU;AACV,8EAA8E;AAE9E,MAAM,+BAA+B,GAAG,CAAC;KACtC,MAAM,CAAC;IACN,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;IACpD,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC9B,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,CAAC,QAAQ,CAAC,+CAA+C,CAAC;CACtF,CAAC;KACD,OAAO,CAAC,2BAA2B,CAAC,CAAC;AAExC,8EAA8E;AAC9E,oBAAoB;AACpB,8EAA8E;AAE9E,MAAM,uBAAuB,GAAG,WAAW,CAAC;IAC1C,MAAM,EAAE,MAAM;IACd,IAAI,EAAE,oCAAoC;IAC1C,IAAI,EAAE,CAAC,OAAO,EAAE,SAAS,CAAC;IAC1B,OAAO,EAAE,gDAAgD;IACzD,WAAW,EACT,+FAA+F;IACjG,OAAO,EAAE;QACP,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC;YACf,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE;YACpB,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE;SACnB,CAAC;QACF,IAAI,EAAE;YACJ,OAAO,EAAE;gBACP,kBAAkB,EAAE,EAAE,MAAM,EAAE,+BAA+B,EAAE;aAChE;SACF;KACF;IACD,SAAS,EAAE;QACT,GAAG,EAAE;YACH,WAAW,EAAE,8BAA8B;YAC3C,OAAO,EAAE,EAAE,kBAAkB,EAAE,EAAE,MAAM,EAAE,oBAAoB,EAAE,EAAE;SAClE;QACD,GAAG,mBAAmB,CAAC;YACrB,kBAAkB;YAClB,kBAAkB;YAClB,0BAA0B;YAC1B,uBAAuB;YACvB,uBAAuB;YACvB,kBAAkB;SACnB,CAAC;KACH;CACF,CAAC,CAAC;AAEH,8EAA8E;AAC9E,sDAAsD;AACtD,8EAA8E;AAE9E,SAAS,cAAc,CAAC,OAAe;IACrC,MAAM,SAAS,GAA2B;QACxC,kBAAkB,EAAE,CAAC;QACrB,kBAAkB,EAAE,QAAQ;QAC5B,iBAAiB,EAAE,CAAC;QACpB,iBAAiB,EAAE,GAAG;QACtB,gBAAgB,EAAE,KAAK;QACvB,kBAAkB,EAAE,KAAK;QACzB,kBAAkB,EAAE,MAAM;QAC1B,kBAAkB,EAAE,EAAE;QACtB,kBAAkB,EAAE,QAAQ;QAC5B,cAAc,EAAE,IAAI;QACpB,cAAc,EAAE,KAAK;KACtB,CAAC;IACF,OAAO,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;AACjC,CAAC;AAED,8EAA8E;AAC9E,gBAAgB;AAChB,8EAA8E;AAE9E,MAAM,UAAU,iBAAiB,CAAC,IAA0B;IAC1D,MAAM,MAAM,GAAG,IAAI,WAAW,CAAC,EAAE,WAAW,EAAE,qBAAqB,EAAE,CAAC,CAAC;IAEvE,MAAM,CAAC,OAAO,CAAC,uBAAuB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAClD,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAClD,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QACjC,MAAM,SAAS,GAAG,GAAG,QAAQ,IAAI,MAAM,EAAE,CAAC;QAE1C,0BAA0B;QAC1B,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QACjD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,IAAI,WAAW,CAAC,kBAAkB,EAAE;gBACxC,OAAO,EAAE,WAAW,SAAS,aAAa;gBAC1C,OAAO,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE;aAC9B,CAAC,CAAC;QACL,CAAC;QAED,2EAA2E;QAC3E,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;QAE/B,+BAA+B;QAC/B,IAAI,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,cAAc,EAAE,CAAC;YAC3C,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,SAAS,CAAC,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;gBAClE,MAAM,IAAI,WAAW,CAAC,kBAAkB,EAAE;oBACxC,OAAO,EAAE,sBAAsB,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,eAAe;oBAC1E,OAAO,EAAE,EAAE,QAAQ,EAAE,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,EAAE;iBACpD,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,oBAAoB;QACpB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC,OAAO,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC;QAC1F,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,WAAW,CAAC,kBAAkB,EAAE;gBACxC,OAAO,EAAE,WAAW,QAAQ,aAAa;aAC1C,CAAC,CAAC;QACL,CAAC;QACD,IAAI,MAAM,CAAC,MAAM,KAAK,YAAY,EAAE,CAAC;YACnC,MAAM,IAAI,WAAW,CAAC,mBAAmB,CAAC,CAAC;QAC7C,CAAC;QAED,+DAA+D;QAC/D,MAAM,aAAa,GAAG;YACpB,aAAa,EAAE,MAAM,CAAC,SAAS;YAC/B,KAAK,EAAE,MAAM,CAAC,KAAkB;YAChC,QAAQ;YACR,SAAS,EAAE,SAAS;SACrB,CAAC;QAEF,kCAAkC;QAClC,IAAI,aAAa,CAAC;QAClB,IAAI,CAAC;YACH,aAAa,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,cAAc,CAChD,SAAS,EACT,IAAI,CAAC,MAAM,IAAI,EAAE,EACjB,aAAa,CACd,CAAC;QACJ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,GAAG,YAAY,WAAW;gBAAE,MAAM,GAAG,CAAC;YAC1C,MAAM,IAAI,WAAW,CAAC,uBAAuB,EAAE;gBAC7C,OAAO,EAAE,0BAA0B,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE;gBACzF,OAAO,EAAE,EAAE,SAAS,EAAE;gBACtB,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,SAAS;aAC9C,CAAC,CAAC;QACL,CAAC;QAED,qBAAqB;QACrB,IAAI,eAAuB,CAAC;QAC5B,IAAI,CAAC;YACH,eAAe,GAAG,cAAc,CAC9B,IAAI,CAAC,OAAkC,EACvC,MAAM,CAAC,WAA8B,EACrC,MAAM,CAAC,KAAkB,CAC1B,CAAC;QACJ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,GAAG,YAAY,KAAK,IAAI,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;gBAChE,MAAM,IAAI,WAAW,CAAC,8BAA8B,EAAE;oBACpD,OAAO,EAAE,GAAG,CAAC,OAAO;iBACrB,CAAC,CAAC;YACL,CAAC;YACD,MAAM,IAAI,WAAW,CAAC,0BAA0B,EAAE;gBAChD,OAAO,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,2BAA2B;aAC1E,CAAC,CAAC;QACL,CAAC;QAED,+BAA+B;QAC/B,MAAM,MAAM,GAAG,aAAa,CAC1B,IAAI,CAAC,MAAM,CAAC,GAAwC,EACpD,MAAM,CAAC,KAAK,EACZ,eAAe,CAChB,CAAC;QACF,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,OAAO,CAC5C,MAAM,CAAC,KAAkB,EACzB,eAA8B,EAC9B,MAAM,CACP,CAAC;QAEF,wBAAwB;QACxB,MAAM,UAAU,GAAG;YACjB,SAAS,EAAE,MAAM,CAAC,SAAS;YAC3B,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,WAAW,EAAE,MAAM,CAAC,WAAW;YAC/B,WAAW,EAAE,MAAM,CAAC,WAAW;YAC/B,UAAU,EAAE,MAAM,CAAC,UAAU;YAC7B,yBAAyB,EAAE,MAAM,CAAC,yBAAyB;YAC3D,YAAY,EAAE,MAAM,CAAC,YAAY;YACjC,cAAc,EAAE,MAAM,CAAC,cAAc;YACrC,mBAAmB,EAAE,MAAM,CAAC,mBAAmB;SAChD,CAAC;QACF,MAAM,cAAc,GAAG;YACrB,6BAA6B,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,6BAA6B;YACjF,gCAAgC,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,gCAAgC;SACxF,CAAC;QAEF,MAAM,eAAe,GAA0C,EAAE,CAAC;QAElE,KAAK,MAAM,YAAY,IAAI,aAAa,EAAE,CAAC;YACzC,+CAA+C;YAC/C,MAAM,MAAM,GAAI,YAAoB,CAAC,MAExB,CAAC;YAEd,IAAI,cAAiD,CAAC;YACtD,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,YAAY,GAAG,MAAM,CAAC,YAAY,IAAI,4CAA4C,CAAC;gBACzF,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;gBACnD,SAAS,CAAC,OAAO,CAAC,KAAK,GAAG,YAAY,CAAC;gBACvC,SAAS,CAAC,MAAM,CAAC,OAAO,GAAG,cAAc,CAAC,eAAe,CAAC,CAAC;gBAC3D,cAAc,GAAG;oBACf,YAAY,EAAE,QAAQ;oBACtB,aAAa,EAAE,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC;oBACxC,OAAO,EAAE,MAAM,CAAC,OAAO;oBACvB,SAAS,EAAE,MAAM,CAAC,SAAS;oBAC3B,QAAQ,EAAE,MAAM,CAAC,QAAQ;iBAC1B,CAAC;YACJ,CAAC;YAED,MAAM,GAAG,GAAoB;gBAC3B,EAAE,EAAE,IAAI,CAAC,EAAE;gBACX,OAAO;gBACP,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,YAAY,EAAE,IAAI,CAAC,YAAY;gBAC/B,cAAc,EAAE,IAAI,CAAC,WAAW,EAAE,QAAQ,IAAI,IAAI,CAAC,cAAc;gBACjE,QAAQ;gBACR,MAAM,EAAE,UAAU;gBAClB,eAAe;gBACf,cAAc,EAAE,MAAM;gBACtB,OAAO,EAAE,YAAY;gBACrB,IAAI,EAAE,EAAE;gBACR,SAAS,EAAE,SAAS,EAAE,8BAA8B;gBACpD,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,UAAU,EAAE,IAAI,CAAC,UAAU;gBAC3B,gBAAgB,EAAE,IAAI,CAAC,gBAAgB;gBACvC,MAAM,EAAE,cAAc;gBACtB,mBAAmB,EAAE,IAAI,CAAC,mBAAmB;gBAC7C,WAAW,EAAE,IAAI,CAAC,WAAW;gBAC7B,eAAe,EAAE,IAAI,CAAC,eAAe;gBACrC,cAAc;gBACd,eAAe,EAAE,IAAI,CAAC,kBAAkB,EAAE,OAAO,IAAI,SAAS;gBAC9D,qBAAqB,EAAE,IAAI,CAAC,qBAAqB;gBACjD,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,iBAAiB,EAAE,QAAQ;gBAC3B,UAAU,EAAE,MAAM;gBAClB,iBAAiB,EAAE,KAAK,CAAC,MAAM,CAAC,WAAgD;aACjF,CAAC;YAEF,MAAM,cAAc,CAAC,GAAG,CAAC,CAAC;YAE1B,mCAAmC;YACnC,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,EAAE;iBAC7B,MAAM,CAAC,EAAE,QAAQ,EAAE,YAAY,CAAC,QAAQ,EAAE,CAAC;iBAC3C,IAAI,CAAC,YAAY,CAAC;iBAClB,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,EAAE,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC;iBACpC,GAAG,EAAE,CAAC;YACT,MAAM,YAAY,GAAG,UAAU,EAAE,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,QAAkB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAE3F,MAAM,IAAI,CAAC,EAAE;iBACV,MAAM,CAAC,YAAY,CAAC;iBACpB,GAAG,CAAC;gBACH,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,GAAG,YAAY,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC;aAChE,CAAC;iBACD,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,EAAE,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC;YAExC,eAAe,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,GAAG,CAAC,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,CAAC;YAE1D,gCAAgC;YAChC,KAAK,CAAC,KAAK,IAAI,EAAE;gBACf,IAAI,CAAC;oBACH,MAAM,UAAU,CAAC,GAAG,CAAC,CAAC;oBACtB,MAAM,YAAY,CAAC,GAAG,CAAC,CAAC;oBACxB,MAAM,oBAAoB,CAAC,GAAG,CAAC,CAAC;oBAChC,MAAM,UAAU,CAAC,GAAG,CAAC,CAAC;oBACtB,MAAM,aAAa,CAAC,GAAG,CAAC,CAAC;oBACzB,MAAM,aAAa,CAAC,GAAG,CAAC,CAAC;oBAEzB,+BAA+B;oBAC/B,IAAI,QAAQ,KAAK,eAAe,IAAI,IAAI,CAAC,mBAAmB,EAAE,CAAC;wBAC7D,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,IAAI,EAAE,CAAC;wBACjC,MAAM,eAAe,GAAG,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;wBAClD,MAAM,eAAe,GAAoE;4BACvF,cAAc,EAAE;gCACd,KAAK,EAAE,kBAAkB;gCACzB,IAAI,EAAE;oCACJ,YAAY,EAAE,MAAM,CAAC,MAAM,CAAC,OAAO,IAAI,GAAG,CAAC,IAAI,CAAC;oCAChD,eAAe;iCAChB;6BACF;4BACD,gBAAgB,EAAE;gCAChB,KAAK,EAAE,qBAAqB;gCAC5B,IAAI,EAAE,EAAE,eAAe,EAAE;6BAC1B;4BACD,kBAAkB,EAAE;gCAClB,KAAK,EAAE,uBAAuB;gCAC9B,IAAI,EAAE,EAAE,eAAe,EAAE;6BAC1B;yBACF,CAAC;wBACF,MAAM,UAAU,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC;wBAC3C,IAAI,UAAU,EAAE,CAAC;4BACf,KAAK,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAClC,UAAU,CAAC,KAAqD,EAChE,QAAQ,EACR,UAAU,CAAC,IAAI,EACf,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,CACnB,CAAC;wBACJ,CAAC;oBACH,CAAC;oBAED,qDAAqD;oBACrD,IACE,QAAQ,KAAK,eAAe;wBAC5B,CAAC,MAAM,KAAK,eAAe,IAAI,MAAM,KAAK,iBAAiB,CAAC;wBAC5D,IAAI,CAAC,eAAe,EACpB,CAAC;wBACD,MAAM,aAAa,GAAG,MAAM,CAAC,CAAC,IAAI,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC;wBAChE,IAAI,aAAa,EAAE,CAAC;4BAClB,IAAI,CAAC,eAAe,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;wBACjD,CAAC;oBACH,CAAC;gBACH,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,IAAI,KAAK,YAAY,WAAW,IAAI,KAAK,CAAC,IAAI,KAAK,iBAAiB,EAAE,CAAC;wBACrE,OAAO;oBACT,CAAC;oBAED,IAAI,CAAC;wBACH,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,EAAE;6BACrB,MAAM,EAAE;6BACR,IAAI,CAAC,YAAY,CAAC;6BAClB,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,EAAE,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC;6BACpC,GAAG,EAAE,CAAC;wBAET,IAAI,EAAE,IAAI,EAAE,CAAC,MAAM,KAAK,WAAW,IAAI,EAAE,CAAC,MAAM,KAAK,QAAQ,IAAI,EAAE,CAAC,MAAM,KAAK,WAAW,EAAE,CAAC;4BAC3F,MAAM,YAAY,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,2BAA2B,CAAC;4BAC1F,MAAM,IAAI,CAAC,EAAE;iCACV,MAAM,CAAC,YAAY,CAAC;iCACpB,GAAG,CAAC,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,YAAY,EAAE,CAAC;iCAC9C,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,EAAE,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC;wBAC1C,CAAC;oBACH,CAAC;oBAAC,MAAM,CAAC;wBACP,yCAAyC;oBAC3C,CAAC;gBACH,CAAC;YACH,CAAC,CAAC,EAAE,CAAC;QACP,CAAC;QAED,MAAM,UAAU,GAAG,eAAe,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC,CAAE,CAAC;QAEhE,IAAI,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACjC,OAAO,CAAC,CAAC,IAAI,CACX,EAAE,EAAE,EAAE,UAAU,CAAC,EAAE,EAAE,MAAM,EAAE,UAAU,CAAC,MAAM,EAAE,EAChD,GAAG,CACJ,CAAC;QACJ,CAAC;QAED,OAAO,CAAC,CAAC,IAAI,CACX;YACE,EAAE,EAAE,UAAU,CAAC,EAAE;YACjB,MAAM,EAAE,UAAU,CAAC,MAAM;YACzB,QAAQ,EAAE,eAAe;SAC1B,EACD,GAAG,CACJ,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC;AAChB,CAAC"}

package/dist/api/routes/admin.js CHANGED Viewed

@@ -805,7 +805,7 @@ export function adminRoutes(deps) {
         const activeSessionResult = deps.db
             .select({ count: sql `count(*)` })
             .from(sessions)
-            .where(sql `${sessions.revokedAt} IS NULL AND ${sessions.expiresAt} > ${nowSec}`)
+            .where(sql `${sessions.revokedAt} IS NULL AND (${sessions.expiresAt} = 0 OR ${sessions.expiresAt} > ${nowSec})`)
             .get();
         const activeSessionCount = activeSessionResult?.count ?? 0;
         // Count policies