@webiny/api-aco 0.0.0-unstable.99666aeb00 → 0.0.0-unstable.a9593f74dd

package/filter/filter.so.js

@@ -0,0 +1,98 @@
+"use strict";
+
+var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault").default;
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.createFilterOperations = void 0;
+var _omit = _interopRequireDefault(require("lodash/omit"));
+var _error = _interopRequireDefault(require("@webiny/error"));
+var _filter = require("./filter.model");
+var _createListSort = require("../utils/createListSort");
+var _createOperationsWrapper = require("../utils/createOperationsWrapper");
+var _pickEntryFieldValues = require("../utils/pickEntryFieldValues");
+var _constants = require("@webiny/api-headless-cms/constants");
+const createFilterOperations = params => {
+  const {
+    cms,
+    security
+  } = params;
+  const {
+    withModel
+  } = (0, _createOperationsWrapper.createOperationsWrapper)({
+    ...params,
+    modelName: _filter.FILTER_MODEL_ID
+  });
+  return {
+    getFilter({
+      id
+    }) {
+      return withModel(async model => {
+        const entry = await cms.getEntryById(model, id);
+        if (!entry) {
+          throw new _error.default("Could not load filter.", "GET_FILTER_ERROR", {
+            id
+          });
+        }
+        return (0, _pickEntryFieldValues.pickEntryFieldValues)(entry);
+      });
+    },
+    listFilters(params) {
+      return withModel(async model => {
+        const {
+          sort,
+          where
+        } = params;
+        const createdBy = security.getIdentity().id;
+        const [entries, meta] = await cms.listLatestEntries(model, {
+          ...params,
+          sort: (0, _createListSort.createListSort)(sort),
+          where: {
+            ...({
+              ...where,
+              createdBy
+            } || {})
+          }
+        });
+        return [entries.map(_pickEntryFieldValues.pickEntryFieldValues), meta];
+      });
+    },
+    createFilter({
+      data
+    }) {
+      return withModel(async model => {
+        const entry = await cms.createEntry(model, data);
+        return (0, _pickEntryFieldValues.pickEntryFieldValues)(entry);
+      });
+    },
+    updateFilter({
+      id,
+      data
+    }) {
+      return withModel(async model => {
+        const original = await cms.getEntryById(model, id);
+        const input = {
+          /**
+           *  We are omitting the standard entry meta fields:
+           *  we don't want to override them with the ones coming from the `original` entry.
+           */
+          ...(0, _omit.default)(original, _constants.ENTRY_META_FIELDS),
+          ...data
+        };
+        const entry = await cms.updateEntry(model, original.id, input);
+        return (0, _pickEntryFieldValues.pickEntryFieldValues)(entry);
+      });
+    },
+    deleteFilter({
+      id
+    }) {
+      return withModel(async model => {
+        await cms.deleteEntry(model, id);
+        return true;
+      });
+    }
+  };
+};
+exports.createFilterOperations = createFilterOperations;
+
+//# sourceMappingURL=filter.so.js.map

package/filter/filter.so.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["_omit","_interopRequireDefault","require","_error","_filter","_createListSort","_createOperationsWrapper","_pickEntryFieldValues","_constants","createFilterOperations","params","cms","security","withModel","createOperationsWrapper","modelName","FILTER_MODEL_ID","getFilter","id","model","entry","getEntryById","WebinyError","pickEntryFieldValues","listFilters","sort","where","createdBy","getIdentity","entries","meta","listLatestEntries","createListSort","map","createFilter","data","createEntry","updateFilter","original","input","omit","ENTRY_META_FIELDS","updateEntry","deleteFilter","deleteEntry","exports"],"sources":["filter.so.ts"],"sourcesContent":["import omit from \"lodash/omit\";\nimport WebinyError from \"@webiny/error\";\nimport { FILTER_MODEL_ID } from \"./filter.model\";\nimport { CreateAcoStorageOperationsParams } from \"~/createAcoStorageOperations\";\nimport { createListSort } from \"~/utils/createListSort\";\nimport { createOperationsWrapper } from \"~/utils/createOperationsWrapper\";\nimport { pickEntryFieldValues } from \"~/utils/pickEntryFieldValues\";\nimport { AcoFilterStorageOperations, Filter } from \"./filter.types\";\nimport { ENTRY_META_FIELDS } from \"@webiny/api-headless-cms/constants\";\n\nexport const createFilterOperations = (\n    params: CreateAcoStorageOperationsParams\n): AcoFilterStorageOperations => {\n    const { cms, security } = params;\n\n    const { withModel } = createOperationsWrapper({\n        ...params,\n        modelName: FILTER_MODEL_ID\n    });\n\n    return {\n        getFilter({ id }) {\n            return withModel(async model => {\n                const entry = await cms.getEntryById(model, id);\n\n                if (!entry) {\n                    throw new WebinyError(\"Could not load filter.\", \"GET_FILTER_ERROR\", {\n                        id\n                    });\n                }\n\n                return pickEntryFieldValues(entry);\n            });\n        },\n        listFilters(params) {\n            return withModel(async model => {\n                const { sort, where } = params;\n                const createdBy = security.getIdentity().id;\n\n                const [entries, meta] = await cms.listLatestEntries(model, {\n                    ...params,\n                    sort: createListSort(sort),\n                    where: {\n                        ...({ ...where, createdBy } || {})\n                    }\n                });\n\n                return [entries.map(pickEntryFieldValues<Filter>), meta];\n            });\n        },\n        createFilter({ data }) {\n            return withModel(async model => {\n                const entry = await cms.createEntry(model, data);\n                return pickEntryFieldValues(entry);\n            });\n        },\n        updateFilter({ id, data }) {\n            return withModel(async model => {\n                const original = await cms.getEntryById(model, id);\n\n                const input = {\n                    /**\n                     *  We are omitting the standard entry meta fields:\n                     *  we don't want to override them with the ones coming from the `original` entry.\n                     */\n                    ...omit(original, ENTRY_META_FIELDS),\n                    ...data\n                };\n\n                const entry = await cms.updateEntry(model, original.id, input);\n                return pickEntryFieldValues(entry);\n            });\n        },\n        deleteFilter({ id }) {\n            return withModel(async model => {\n                await cms.deleteEntry(model, id);\n                return true;\n            });\n        }\n    };\n};\n"],"mappings":";;;;;;;AAAA,IAAAA,KAAA,GAAAC,sBAAA,CAAAC,OAAA;AACA,IAAAC,MAAA,GAAAF,sBAAA,CAAAC,OAAA;AACA,IAAAE,OAAA,GAAAF,OAAA;AAEA,IAAAG,eAAA,GAAAH,OAAA;AACA,IAAAI,wBAAA,GAAAJ,OAAA;AACA,IAAAK,qBAAA,GAAAL,OAAA;AAEA,IAAAM,UAAA,GAAAN,OAAA;AAEO,MAAMO,sBAAsB,GAC/BC,MAAwC,IACX;EAC7B,MAAM;IAAEC,GAAG;IAAEC;EAAS,CAAC,GAAGF,MAAM;EAEhC,MAAM;IAAEG;EAAU,CAAC,GAAG,IAAAC,gDAAuB,EAAC;IAC1C,GAAGJ,MAAM;IACTK,SAAS,EAAEC;EACf,CAAC,CAAC;EAEF,OAAO;IACHC,SAASA,CAAC;MAAEC;IAAG,CAAC,EAAE;MACd,OAAOL,SAAS,CAAC,MAAMM,KAAK,IAAI;QAC5B,MAAMC,KAAK,GAAG,MAAMT,GAAG,CAACU,YAAY,CAACF,KAAK,EAAED,EAAE,CAAC;QAE/C,IAAI,CAACE,KAAK,EAAE;UACR,MAAM,IAAIE,cAAW,CAAC,wBAAwB,EAAE,kBAAkB,EAAE;YAChEJ;UACJ,CAAC,CAAC;QACN;QAEA,OAAO,IAAAK,0CAAoB,EAACH,KAAK,CAAC;MACtC,CAAC,CAAC;IACN,CAAC;IACDI,WAAWA,CAACd,MAAM,EAAE;MAChB,OAAOG,SAAS,CAAC,MAAMM,KAAK,IAAI;QAC5B,MAAM;UAAEM,IAAI;UAAEC;QAAM,CAAC,GAAGhB,MAAM;QAC9B,MAAMiB,SAAS,GAAGf,QAAQ,CAACgB,WAAW,CAAC,CAAC,CAACV,EAAE;QAE3C,MAAM,CAACW,OAAO,EAAEC,IAAI,CAAC,GAAG,MAAMnB,GAAG,CAACoB,iBAAiB,CAACZ,KAAK,EAAE;UACvD,GAAGT,MAAM;UACTe,IAAI,EAAE,IAAAO,8BAAc,EAACP,IAAI,CAAC;UAC1BC,KAAK,EAAE;YACH,IAAI;cAAE,GAAGA,KAAK;cAAEC;YAAU,CAAC,IAAI,CAAC,CAAC;UACrC;QACJ,CAAC,CAAC;QAEF,OAAO,CAACE,OAAO,CAACI,GAAG,CAACV,0CAA4B,CAAC,EAAEO,IAAI,CAAC;MAC5D,CAAC,CAAC;IACN,CAAC;IACDI,YAAYA,CAAC;MAAEC;IAAK,CAAC,EAAE;MACnB,OAAOtB,SAAS,CAAC,MAAMM,KAAK,IAAI;QAC5B,MAAMC,KAAK,GAAG,MAAMT,GAAG,CAACyB,WAAW,CAACjB,KAAK,EAAEgB,IAAI,CAAC;QAChD,OAAO,IAAAZ,0CAAoB,EAACH,KAAK,CAAC;MACtC,CAAC,CAAC;IACN,CAAC;IACDiB,YAAYA,CAAC;MAAEnB,EAAE;MAAEiB;IAAK,CAAC,EAAE;MACvB,OAAOtB,SAAS,CAAC,MAAMM,KAAK,IAAI;QAC5B,MAAMmB,QAAQ,GAAG,MAAM3B,GAAG,CAACU,YAAY,CAACF,KAAK,EAAED,EAAE,CAAC;QAElD,MAAMqB,KAAK,GAAG;UACV;AACpB;AACA;AACA;UACoB,GAAG,IAAAC,aAAI,EAACF,QAAQ,EAAEG,4BAAiB,CAAC;UACpC,GAAGN;QACP,CAAC;QAED,MAAMf,KAAK,GAAG,MAAMT,GAAG,CAAC+B,WAAW,CAACvB,KAAK,EAAEmB,QAAQ,CAACpB,EAAE,EAAEqB,KAAK,CAAC;QAC9D,OAAO,IAAAhB,0CAAoB,EAACH,KAAK,CAAC;MACtC,CAAC,CAAC;IACN,CAAC;IACDuB,YAAYA,CAAC;MAAEzB;IAAG,CAAC,EAAE;MACjB,OAAOL,SAAS,CAAC,MAAMM,KAAK,IAAI;QAC5B,MAAMR,GAAG,CAACiC,WAAW,CAACzB,KAAK,EAAED,EAAE,CAAC;QAChC,OAAO,IAAI;MACf,CAAC,CAAC;IACN;EACJ,CAAC;AACL,CAAC;AAAC2B,OAAA,CAAApC,sBAAA,GAAAA,sBAAA"}

package/filter/filter.types.d.ts

@@ -0,0 +1,95 @@
+import { AcoBaseFields, ListMeta, ListSort } from "../types";
+import { Topic } from "@webiny/pubsub/types";
+export declare enum Operation {
+    AND = "AND",
+    OR = "OR"
+}
+export interface GroupFilter {
+    field: string;
+    condition: string;
+    value: string;
+}
+export interface Group {
+    operation: Operation;
+    filters: GroupFilter[];
+}
+export interface Filter extends AcoBaseFields {
+    name: string;
+    description?: string;
+    namespace: string;
+    operation: Operation;
+    groups: Group[];
+}
+export interface ListFiltersWhere {
+    namespace: string;
+}
+export interface ListFiltersParams {
+    where: ListFiltersWhere;
+    sort?: ListSort;
+    limit?: number;
+    after?: string | null;
+}
+export declare type CreateFilterParams = Pick<Filter, "id" | "name" | "description" | "namespace" | "operation" | "groups">;
+export interface UpdateFilterParams {
+    name?: string;
+    description?: string;
+    namespace?: string;
+    operation?: Operation;
+    groups?: Group[];
+}
+export interface DeleteFilterParams {
+    id: string;
+}
+export interface StorageOperationsGetFilterParams {
+    id: string;
+}
+export declare type StorageOperationsListFiltersParams = ListFiltersParams;
+export interface StorageOperationsCreateFilterParams {
+    data: CreateFilterParams;
+}
+export interface StorageOperationsUpdateFilterParams {
+    id: string;
+    data: UpdateFilterParams;
+}
+export declare type StorageOperationsDeleteFilterParams = DeleteFilterParams;
+export interface OnFilterBeforeCreateTopicParams {
+    input: CreateFilterParams;
+}
+export interface OnFilterAfterCreateTopicParams {
+    filter: Filter;
+}
+export interface OnFilterBeforeUpdateTopicParams {
+    original: Filter;
+    input: Record<string, any>;
+}
+export interface OnFilterAfterUpdateTopicParams {
+    original: Filter;
+    filter: Filter;
+    input: Record<string, any>;
+}
+export interface OnFilterBeforeDeleteTopicParams {
+    filter: Filter;
+}
+export interface OnFilterAfterDeleteTopicParams {
+    filter: Filter;
+}
+export interface AcoFilterCrud {
+    get(id: string): Promise<Filter>;
+    list(params: ListFiltersParams): Promise<[Filter[], ListMeta]>;
+    create(data: CreateFilterParams): Promise<Filter>;
+    update(id: string, data: UpdateFilterParams): Promise<Filter>;
+    delete(id: string): Promise<boolean>;
+    onFilterBeforeCreate: Topic<OnFilterBeforeCreateTopicParams>;
+    onFilterAfterCreate: Topic<OnFilterAfterCreateTopicParams>;
+    onFilterBeforeUpdate: Topic<OnFilterBeforeUpdateTopicParams>;
+    onFilterAfterUpdate: Topic<OnFilterAfterUpdateTopicParams>;
+    onFilterBeforeDelete: Topic<OnFilterBeforeDeleteTopicParams>;
+    onFilterAfterDelete: Topic<OnFilterAfterDeleteTopicParams>;
+}
+export interface AcoFilterStorageOperations {
+    getFilter(params: StorageOperationsGetFilterParams): Promise<Filter>;
+    listFilters(params: StorageOperationsListFiltersParams): Promise<[Filter[], ListMeta]>;
+    createFilter(params: StorageOperationsCreateFilterParams): Promise<Filter>;
+    updateFilter(params: StorageOperationsUpdateFilterParams): Promise<Filter>;
+    deleteFilter(params: StorageOperationsDeleteFilterParams): Promise<boolean>;
+}

package/filter/filter.types.js

@@ -0,0 +1,14 @@
+"use strict";
+
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.Operation = void 0;
+let Operation = /*#__PURE__*/function (Operation) {
+  Operation["AND"] = "AND";
+  Operation["OR"] = "OR";
+  return Operation;
+}({});
+exports.Operation = Operation;
+
+//# sourceMappingURL=filter.types.js.map

package/filter/filter.types.js.map

@@ -0,0 +1 @@
+{"version":3,"names":["Operation","exports"],"sources":["filter.types.ts"],"sourcesContent":["import { AcoBaseFields, ListMeta, ListSort } from \"~/types\";\nimport { Topic } from \"@webiny/pubsub/types\";\n\nexport enum Operation {\n    AND = \"AND\",\n    OR = \"OR\"\n}\n\nexport interface GroupFilter {\n    field: string;\n    condition: string;\n    value: string;\n}\n\nexport interface Group {\n    operation: Operation;\n    filters: GroupFilter[];\n}\n\nexport interface Filter extends AcoBaseFields {\n    name: string;\n    description?: string;\n    namespace: string;\n    operation: Operation;\n    groups: Group[];\n}\n\nexport interface ListFiltersWhere {\n    namespace: string;\n}\n\nexport interface ListFiltersParams {\n    where: ListFiltersWhere;\n    sort?: ListSort;\n    limit?: number;\n    after?: string | null;\n}\n\nexport type CreateFilterParams = Pick<\n    Filter,\n    \"id\" | \"name\" | \"description\" | \"namespace\" | \"operation\" | \"groups\"\n>;\n\nexport interface UpdateFilterParams {\n    name?: string;\n    description?: string;\n    namespace?: string;\n    operation?: Operation;\n    groups?: Group[];\n}\n\nexport interface DeleteFilterParams {\n    id: string;\n}\n\nexport interface StorageOperationsGetFilterParams {\n    id: string;\n}\n\nexport type StorageOperationsListFiltersParams = ListFiltersParams;\n\nexport interface StorageOperationsCreateFilterParams {\n    data: CreateFilterParams;\n}\n\nexport interface StorageOperationsUpdateFilterParams {\n    id: string;\n    data: UpdateFilterParams;\n}\n\nexport type StorageOperationsDeleteFilterParams = DeleteFilterParams;\n\nexport interface OnFilterBeforeCreateTopicParams {\n    input: CreateFilterParams;\n}\n\nexport interface OnFilterAfterCreateTopicParams {\n    filter: Filter;\n}\n\nexport interface OnFilterBeforeUpdateTopicParams {\n    original: Filter;\n    input: Record<string, any>;\n}\n\nexport interface OnFilterAfterUpdateTopicParams {\n    original: Filter;\n    filter: Filter;\n    input: Record<string, any>;\n}\n\nexport interface OnFilterBeforeDeleteTopicParams {\n    filter: Filter;\n}\n\nexport interface OnFilterAfterDeleteTopicParams {\n    filter: Filter;\n}\n\nexport interface AcoFilterCrud {\n    get(id: string): Promise<Filter>;\n    list(params: ListFiltersParams): Promise<[Filter[], ListMeta]>;\n    create(data: CreateFilterParams): Promise<Filter>;\n    update(id: string, data: UpdateFilterParams): Promise<Filter>;\n    delete(id: string): Promise<boolean>;\n    onFilterBeforeCreate: Topic<OnFilterBeforeCreateTopicParams>;\n    onFilterAfterCreate: Topic<OnFilterAfterCreateTopicParams>;\n    onFilterBeforeUpdate: Topic<OnFilterBeforeUpdateTopicParams>;\n    onFilterAfterUpdate: Topic<OnFilterAfterUpdateTopicParams>;\n    onFilterBeforeDelete: Topic<OnFilterBeforeDeleteTopicParams>;\n    onFilterAfterDelete: Topic<OnFilterAfterDeleteTopicParams>;\n}\n\nexport interface AcoFilterStorageOperations {\n    getFilter(params: StorageOperationsGetFilterParams): Promise<Filter>;\n    listFilters(params: StorageOperationsListFiltersParams): Promise<[Filter[], ListMeta]>;\n    createFilter(params: StorageOperationsCreateFilterParams): Promise<Filter>;\n    updateFilter(params: StorageOperationsUpdateFilterParams): Promise<Filter>;\n    deleteFilter(params: StorageOperationsDeleteFilterParams): Promise<boolean>;\n}\n"],"mappings":";;;;;;IAGYA,SAAS,0BAATA,SAAS;EAATA,SAAS;EAATA,SAAS;EAAA,OAATA,SAAS;AAAA;AAAAC,OAAA,CAAAD,SAAA,GAAAA,SAAA"}

package/folder/folder.crud.d.ts

@@ -1,3 +1,10 @@
 import { CreateAcoParams } from "../types";
 import { AcoFolderCrud } from "./folder.types";
-export declare const createFolderCrudMethods: ({ storageOperations }: CreateAcoParams) => AcoFolderCrud;
+import { AdminUser } from "@webiny/api-admin-users/types";
+import { Team } from "@webiny/api-security/types";
+interface CreateFolderCrudMethodsParams extends CreateAcoParams {
+    listAdminUsers: () => Promise<AdminUser[]>;
+    listTeams: () => Promise<Team[]>;
+}
+export declare const createFolderCrudMethods: ({ storageOperations, folderLevelPermissions, listAdminUsers, listTeams }: CreateFolderCrudMethodsParams) => AcoFolderCrud;
+export {};

package/folder/folder.crud.js

@@ -1,13 +1,21 @@
 "use strict";
 
+var _interopRequireDefault = require("@babel/runtime/helpers/interopRequireDefault").default;
 Object.defineProperty(exports, "__esModule", {
   value: true
 });
 exports.createFolderCrudMethods = void 0;
 var _pubsub = require("@webiny/pubsub");
+var _validation = require("@webiny/validation");
 var _getFolderAndItsAncestors = require("../utils/getFolderAndItsAncestors");
+var _NotAuthorizedError = _interopRequireDefault(require("@webiny/api-security/NotAuthorizedError"));
+var _error = _interopRequireDefault(require("@webiny/error"));
+const FIXED_FOLDER_LISTING_LIMIT = 10_000;
 const createFolderCrudMethods = ({
-  storageOperations
+  storageOperations,
+  folderLevelPermissions,
+  listAdminUsers,
+  listTeams
 }) => {
   // create
   const onFolderBeforeCreate = (0, _pubsub.createTopic)("aco.onFolderBeforeCreate");
@@ -29,20 +37,81 @@ const createFolderCrudMethods = ({
     onFolderBeforeDelete,
     onFolderAfterDelete,
     async get(id) {
-      return storageOperations.getFolder({
+      const folder = await storageOperations.getFolder({
         id
       });
+      await folderLevelPermissions.ensureCanAccessFolder({
+        folder,
+        rwd: "r"
+      });
+      await folderLevelPermissions.assignFolderPermissions(folder);
+      return folder;
     },
     async list(params) {
-      return storageOperations.listFolders(params);
+      // No matter what was the limit set in the params, initially, we always retrieve
+      // all folders. The limit is then applied with the filtered folders list below.
+      const filteredFolders = await folderLevelPermissions.listAllFoldersWithPermissions(params.where.type).then(filteredFolders => {
+        // If `parentId` was included in the `where` clause, we need to filter the folders.
+        // TODO: we might want to incorporate this into the `listAllFoldersWithPermissions` method.
+        if (params.where.parentId) {
+          // Filter by parent ID.
+          return filteredFolders.filter(folder => folder.parentId === params.where.parentId);
+        }
+        return filteredFolders;
+      });
+      const totalCount = filteredFolders.length;
+      let hasMoreItems = false;
+      let cursor = null;
+
+      // Apply cursor/limit params.
+      if (params.after) {
+        const afterListItemIndex = filteredFolders.findIndex(folder => folder.id === params.after);
+        if (afterListItemIndex >= 0) {
+          // Remove all items below the "after" item.
+          filteredFolders.splice(0, afterListItemIndex + 1);
+        }
+      }
+      hasMoreItems = !!params.limit && filteredFolders.length > params.limit;
+      if (hasMoreItems) {
+        cursor = filteredFolders[params.limit - 1]?.id || null;
+        filteredFolders.splice(params.limit);
+      }
+      return [filteredFolders, {
+        totalCount,
+        hasMoreItems,
+        cursor
+      }];
+    },
+    async listAll(params) {
+      return this.list({
+        ...params,
+        limit: FIXED_FOLDER_LISTING_LIMIT
+      });
     },
     async create(data) {
+      let canCreateFolder = false;
+      if (data.parentId) {
+        const parentFolder = await storageOperations.getFolder({
+          id: data.parentId
+        });
+        canCreateFolder = await folderLevelPermissions.canAccessFolder({
+          folder: parentFolder,
+          rwd: "w"
+        });
+      } else {
+        canCreateFolder = await folderLevelPermissions.canCreateFolderInRoot();
+      }
+      if (!canCreateFolder) {
+        throw new _NotAuthorizedError.default();
+      }
       await onFolderBeforeCreate.publish({
         input: data
       });
       const folder = await storageOperations.createFolder({
         data
       });
+      folderLevelPermissions.invalidateCache();
+      await folderLevelPermissions.assignFolderPermissions(folder);
       await onFolderAfterCreate.publish({
         folder
       });
@@ -52,6 +121,63 @@ const createFolderCrudMethods = ({
       const original = await storageOperations.getFolder({
         id
       });
+      const canUpdateFolder = await folderLevelPermissions.canAccessFolder({
+        folder: original,
+        rwd: "w"
+      });
+      if (!canUpdateFolder) {
+        throw new _NotAuthorizedError.default();
+      }
+
+      // Validate data.
+      if (Array.isArray(data.permissions)) {
+        data.permissions.forEach(permission => {
+          const targetIsValid = permission.target.startsWith("admin:") || permission.target.startsWith("team:");
+          if (!targetIsValid) {
+            throw new Error(`Permission target "${permission.target}" is not valid.`);
+          }
+          if (permission.inheritedFrom) {
+            throw new Error(`Permission "inheritedFrom" cannot be set manually.`);
+          }
+        });
+      }
+
+      // Parent change is not allowed if the user doesn't have access to the new parent.
+      if (data.parentId && data.parentId !== original.parentId) {
+        try {
+          // Getting the parent folder will throw an error if the user doesn't have access.
+          await this.get(data.parentId);
+        } catch (e) {
+          if (e instanceof _NotAuthorizedError.default) {
+            throw new _error.default(`Cannot move folder to a new parent because you don't have access to the new parent.`, "CANNOT_MOVE_FOLDER_TO_NEW_PARENT");
+          }
+
+          // If we didn't receive the expected error, we still want to throw it.
+          throw e;
+        }
+      }
+
+      // Let's prepare a custom folder permissions list, where the folder contains the updated data.
+      const customFoldersList = await folderLevelPermissions.listAllFolders(original.type).then(folders => {
+        const foldersClone = structuredClone(folders);
+        return foldersClone.map(folder => {
+          if (folder.id === id) {
+            Object.assign(folder, data);
+          }
+          return folder;
+        });
+      });
+      const stillHasAccess = await folderLevelPermissions.canAccessFolder({
+        folder: {
+          id,
+          type: original.type
+        },
+        rwd: "w",
+        foldersList: customFoldersList
+      });
+      if (!stillHasAccess) {
+        throw new _error.default(`Cannot continue because you would loose access to this folder.`, "CANNOT_LOOSE_FOLDER_ACCESS");
+      }
       await onFolderBeforeUpdate.publish({
         original,
         input: {
@@ -71,12 +197,18 @@ const createFolderCrudMethods = ({
         },
         folder
       });
+      folderLevelPermissions.invalidateCache();
+      await folderLevelPermissions.assignFolderPermissions(folder);
       return folder;
     },
     async delete(id) {
       const folder = await storageOperations.getFolder({
         id
       });
+      await folderLevelPermissions.ensureCanAccessFolder({
+        folder,
+        rwd: "d"
+      });
       await onFolderBeforeDelete.publish({
         folder
       });
@@ -88,23 +220,70 @@ const createFolderCrudMethods = ({
       });
       return true;
     },
-    async getFolderWithAncestors(id) {
-      const {
-        type
-      } = await storageOperations.getFolder({
-        id
-      });
-      const [folders] = await storageOperations.listFolders({
+    async getAncestors(folder) {
+      const [folders] = await this.listAll({
         where: {
-          type
-        },
-        limit: 10000
+          type: folder.type
+        }
       });
       return (0, _getFolderAndItsAncestors.getFolderAndItsAncestors)({
-        id,
+        folder,
         folders
       });
+    },
+    /**
+     * @deprecated use `getAncestors` instead
+     */
+    async getFolderWithAncestors(id) {
+      const folder = await this.get(id);
+      return this.getAncestors(folder);
+    },
+    async listFolderLevelPermissionsTargets() {
+      const adminUsers = await listAdminUsers();
+      const teams = await listTeams();
+      const teamTargets = teams.map(team => ({
+        id: team.id,
+        type: "team",
+        target: `team:${team.id}`,
+        name: team.name || "",
+        meta: {}
+      }));
+      const adminUserTargets = adminUsers.map(user => {
+        let name = user.displayName;
+        if (!name) {
+          // For backwards compatibility, we also want to try concatenating first and last name.
+          name = [user.firstName, user.lastName].filter(Boolean).join(" ");
+        }
+
+        // We're doing the validation because, with non-Cognito IdPs (Okta, Auth0), the email
+        // field might actually contain a non-email value: `id:${IdP_Identity_ID}`. In that case,
+        // let's not assign anything to the `email` field.
+        let email = user.email;
+        try {
+          _validation.validation.validateSync(email, "email");
+        } catch {
+          email = null;
+        }
+        const image = user.avatar?.src || null;
+        return {
+          id: user.id,
+          type: "admin",
+          target: `admin:${user.id}`,
+          name,
+          meta: {
+            email,
+            image
+          }
+        };
+      });
+      const results = [...teamTargets, ...adminUserTargets];
+      const meta = {
+        totalCount: results.length
+      };
+      return [results, meta];
     }
   };
 };
-exports.createFolderCrudMethods = createFolderCrudMethods;
+exports.createFolderCrudMethods = createFolderCrudMethods;
+
+//# sourceMappingURL=folder.crud.js.map

package/folder/folder.crud.js.map

@@ -1 +1 @@
-{"version":3,"names":["createFolderCrudMethods","storageOperations","onFolderBeforeCreate","createTopic","onFolderAfterCreate","onFolderBeforeUpdate","onFolderAfterUpdate","onFolderBeforeDelete","onFolderAfterDelete","get","id","getFolder","list","params","listFolders","create","data","publish","input","folder","createFolder","update","original","updateFolder","delete","deleteFolder","getFolderWithAncestors","type","folders","where","limit","getFolderAndItsAncestors"],"sources":["folder.crud.ts"],"sourcesContent":["import { createTopic } from \"@webiny/pubsub\";\n\nimport { CreateAcoParams } from \"~/types\";\nimport {\n    AcoFolderCrud,\n    OnFolderAfterCreateTopicParams,\n    OnFolderAfterDeleteTopicParams,\n    OnFolderAfterUpdateTopicParams,\n    OnFolderBeforeCreateTopicParams,\n    OnFolderBeforeDeleteTopicParams,\n    OnFolderBeforeUpdateTopicParams\n} from \"./folder.types\";\n\nimport { getFolderAndItsAncestors } from \"~/utils/getFolderAndItsAncestors\";\n\nexport const createFolderCrudMethods = ({ storageOperations }: CreateAcoParams): AcoFolderCrud => {\n    // create\n    const onFolderBeforeCreate = createTopic<OnFolderBeforeCreateTopicParams>(\n        \"aco.onFolderBeforeCreate\"\n    );\n    const onFolderAfterCreate =\n        createTopic<OnFolderAfterCreateTopicParams>(\"aco.onFolderAfterCreate\");\n    // update\n    const onFolderBeforeUpdate = createTopic<OnFolderBeforeUpdateTopicParams>(\n        \"aco.onFolderBeforeUpdate\"\n    );\n    const onFolderAfterUpdate =\n        createTopic<OnFolderAfterUpdateTopicParams>(\"aco.onFolderAfterUpdate\");\n    // delete\n    const onFolderBeforeDelete = createTopic<OnFolderBeforeDeleteTopicParams>(\n        \"aco.onFolderBeforeDelete\"\n    );\n    const onFolderAfterDelete =\n        createTopic<OnFolderAfterDeleteTopicParams>(\"aco.onFolderAfterDelete\");\n\n    return {\n        /**\n         * Lifecycle events\n         */\n        onFolderBeforeCreate,\n        onFolderAfterCreate,\n        onFolderBeforeUpdate,\n        onFolderAfterUpdate,\n        onFolderBeforeDelete,\n        onFolderAfterDelete,\n        async get(id) {\n            return storageOperations.getFolder({ id });\n        },\n        async list(params) {\n            return storageOperations.listFolders(params);\n        },\n        async create(data) {\n            await onFolderBeforeCreate.publish({ input: data });\n            const folder = await storageOperations.createFolder({ data });\n            await onFolderAfterCreate.publish({ folder });\n            return folder;\n        },\n        async update(id, data) {\n            const original = await storageOperations.getFolder({ id });\n            await onFolderBeforeUpdate.publish({ original, input: { id, data } });\n            const folder = await storageOperations.updateFolder({ id, data });\n            await onFolderAfterUpdate.publish({ original, input: { id, data }, folder });\n            return folder;\n        },\n        async delete(id: string) {\n            const folder = await storageOperations.getFolder({ id });\n            await onFolderBeforeDelete.publish({ folder });\n            await storageOperations.deleteFolder({ id });\n            await onFolderAfterDelete.publish({ folder });\n            return true;\n        },\n        async getFolderWithAncestors(id: string) {\n            const { type } = await storageOperations.getFolder({ id });\n            const [folders] = await storageOperations.listFolders({\n                where: {\n                    type\n                },\n                limit: 10000\n            });\n            return getFolderAndItsAncestors({ id, folders });\n        }\n    };\n};\n"],"mappings":";;;;;;AAAA;AAaA;AAEO,MAAMA,uBAAuB,GAAG,CAAC;EAAEC;AAAmC,CAAC,KAAoB;EAC9F;EACA,MAAMC,oBAAoB,GAAG,IAAAC,mBAAW,EACpC,0BAA0B,CAC7B;EACD,MAAMC,mBAAmB,GACrB,IAAAD,mBAAW,EAAiC,yBAAyB,CAAC;EAC1E;EACA,MAAME,oBAAoB,GAAG,IAAAF,mBAAW,EACpC,0BAA0B,CAC7B;EACD,MAAMG,mBAAmB,GACrB,IAAAH,mBAAW,EAAiC,yBAAyB,CAAC;EAC1E;EACA,MAAMI,oBAAoB,GAAG,IAAAJ,mBAAW,EACpC,0BAA0B,CAC7B;EACD,MAAMK,mBAAmB,GACrB,IAAAL,mBAAW,EAAiC,yBAAyB,CAAC;EAE1E,OAAO;IACH;AACR;AACA;IACQD,oBAAoB;IACpBE,mBAAmB;IACnBC,oBAAoB;IACpBC,mBAAmB;IACnBC,oBAAoB;IACpBC,mBAAmB;IACnB,MAAMC,GAAG,CAACC,EAAE,EAAE;MACV,OAAOT,iBAAiB,CAACU,SAAS,CAAC;QAAED;MAAG,CAAC,CAAC;IAC9C,CAAC;IACD,MAAME,IAAI,CAACC,MAAM,EAAE;MACf,OAAOZ,iBAAiB,CAACa,WAAW,CAACD,MAAM,CAAC;IAChD,CAAC;IACD,MAAME,MAAM,CAACC,IAAI,EAAE;MACf,MAAMd,oBAAoB,CAACe,OAAO,CAAC;QAAEC,KAAK,EAAEF;MAAK,CAAC,CAAC;MACnD,MAAMG,MAAM,GAAG,MAAMlB,iBAAiB,CAACmB,YAAY,CAAC;QAAEJ;MAAK,CAAC,CAAC;MAC7D,MAAMZ,mBAAmB,CAACa,OAAO,CAAC;QAAEE;MAAO,CAAC,CAAC;MAC7C,OAAOA,MAAM;IACjB,CAAC;IACD,MAAME,MAAM,CAACX,EAAE,EAAEM,IAAI,EAAE;MACnB,MAAMM,QAAQ,GAAG,MAAMrB,iBAAiB,CAACU,SAAS,CAAC;QAAED;MAAG,CAAC,CAAC;MAC1D,MAAML,oBAAoB,CAACY,OAAO,CAAC;QAAEK,QAAQ;QAAEJ,KAAK,EAAE;UAAER,EAAE;UAAEM;QAAK;MAAE,CAAC,CAAC;MACrE,MAAMG,MAAM,GAAG,MAAMlB,iBAAiB,CAACsB,YAAY,CAAC;QAAEb,EAAE;QAAEM;MAAK,CAAC,CAAC;MACjE,MAAMV,mBAAmB,CAACW,OAAO,CAAC;QAAEK,QAAQ;QAAEJ,KAAK,EAAE;UAAER,EAAE;UAAEM;QAAK,CAAC;QAAEG;MAAO,CAAC,CAAC;MAC5E,OAAOA,MAAM;IACjB,CAAC;IACD,MAAMK,MAAM,CAACd,EAAU,EAAE;MACrB,MAAMS,MAAM,GAAG,MAAMlB,iBAAiB,CAACU,SAAS,CAAC;QAAED;MAAG,CAAC,CAAC;MACxD,MAAMH,oBAAoB,CAACU,OAAO,CAAC;QAAEE;MAAO,CAAC,CAAC;MAC9C,MAAMlB,iBAAiB,CAACwB,YAAY,CAAC;QAAEf;MAAG,CAAC,CAAC;MAC5C,MAAMF,mBAAmB,CAACS,OAAO,CAAC;QAAEE;MAAO,CAAC,CAAC;MAC7C,OAAO,IAAI;IACf,CAAC;IACD,MAAMO,sBAAsB,CAAChB,EAAU,EAAE;MACrC,MAAM;QAAEiB;MAAK,CAAC,GAAG,MAAM1B,iBAAiB,CAACU,SAAS,CAAC;QAAED;MAAG,CAAC,CAAC;MAC1D,MAAM,CAACkB,OAAO,CAAC,GAAG,MAAM3B,iBAAiB,CAACa,WAAW,CAAC;QAClDe,KAAK,EAAE;UACHF;QACJ,CAAC;QACDG,KAAK,EAAE;MACX,CAAC,CAAC;MACF,OAAO,IAAAC,kDAAwB,EAAC;QAAErB,EAAE;QAAEkB;MAAQ,CAAC,CAAC;IACpD;EACJ,CAAC;AACL,CAAC;AAAC"}
+{"version":3,"names":["_pubsub","require","_validation","_getFolderAndItsAncestors","_NotAuthorizedError","_interopRequireDefault","_error","FIXED_FOLDER_LISTING_LIMIT","createFolderCrudMethods","storageOperations","folderLevelPermissions","listAdminUsers","listTeams","onFolderBeforeCreate","createTopic","onFolderAfterCreate","onFolderBeforeUpdate","onFolderAfterUpdate","onFolderBeforeDelete","onFolderAfterDelete","get","id","folder","getFolder","ensureCanAccessFolder","rwd","assignFolderPermissions","list","params","filteredFolders","listAllFoldersWithPermissions","where","type","then","parentId","filter","totalCount","length","hasMoreItems","cursor","after","afterListItemIndex","findIndex","splice","limit","listAll","create","data","canCreateFolder","parentFolder","canAccessFolder","canCreateFolderInRoot","NotAuthorizedError","publish","input","createFolder","invalidateCache","update","original","canUpdateFolder","Array","isArray","permissions","forEach","permission","targetIsValid","target","startsWith","Error","inheritedFrom","e","WError","customFoldersList","listAllFolders","folders","foldersClone","structuredClone","map","Object","assign","stillHasAccess","foldersList","updateFolder","delete","deleteFolder","getAncestors","getFolderAndItsAncestors","getFolderWithAncestors","listFolderLevelPermissionsTargets","adminUsers","teams","teamTargets","team","name","meta","adminUserTargets","user","displayName","firstName","lastName","Boolean","join","email","validation","validateSync","image","avatar","src","results","exports"],"sources":["folder.crud.ts"],"sourcesContent":["import { createTopic } from \"@webiny/pubsub\";\nimport { validation } from \"@webiny/validation\";\nimport { CreateAcoParams, Folder } from \"~/types\";\nimport {\n    AcoFolderCrud,\n    OnFolderAfterCreateTopicParams,\n    OnFolderAfterDeleteTopicParams,\n    OnFolderAfterUpdateTopicParams,\n    OnFolderBeforeCreateTopicParams,\n    OnFolderBeforeDeleteTopicParams,\n    OnFolderBeforeUpdateTopicParams\n} from \"./folder.types\";\n\nimport { getFolderAndItsAncestors } from \"~/utils/getFolderAndItsAncestors\";\nimport NotAuthorizedError from \"@webiny/api-security/NotAuthorizedError\";\nimport { AdminUser } from \"@webiny/api-admin-users/types\";\nimport { Team } from \"@webiny/api-security/types\";\nimport WError from \"@webiny/error\";\n\nconst FIXED_FOLDER_LISTING_LIMIT = 10_000;\n\ninterface CreateFolderCrudMethodsParams extends CreateAcoParams {\n    listAdminUsers: () => Promise<AdminUser[]>;\n    listTeams: () => Promise<Team[]>;\n}\n\nexport const createFolderCrudMethods = ({\n    storageOperations,\n    folderLevelPermissions,\n    listAdminUsers,\n    listTeams\n}: CreateFolderCrudMethodsParams): AcoFolderCrud => {\n    // create\n    const onFolderBeforeCreate = createTopic<OnFolderBeforeCreateTopicParams>(\n        \"aco.onFolderBeforeCreate\"\n    );\n    const onFolderAfterCreate =\n        createTopic<OnFolderAfterCreateTopicParams>(\"aco.onFolderAfterCreate\");\n    // update\n    const onFolderBeforeUpdate = createTopic<OnFolderBeforeUpdateTopicParams>(\n        \"aco.onFolderBeforeUpdate\"\n    );\n    const onFolderAfterUpdate =\n        createTopic<OnFolderAfterUpdateTopicParams>(\"aco.onFolderAfterUpdate\");\n    // delete\n    const onFolderBeforeDelete = createTopic<OnFolderBeforeDeleteTopicParams>(\n        \"aco.onFolderBeforeDelete\"\n    );\n    const onFolderAfterDelete =\n        createTopic<OnFolderAfterDeleteTopicParams>(\"aco.onFolderAfterDelete\");\n\n    return {\n        /**\n         * Lifecycle events\n         */\n        onFolderBeforeCreate,\n        onFolderAfterCreate,\n        onFolderBeforeUpdate,\n        onFolderAfterUpdate,\n        onFolderBeforeDelete,\n        onFolderAfterDelete,\n\n        async get(id) {\n            const folder = await storageOperations.getFolder({ id });\n\n            await folderLevelPermissions.ensureCanAccessFolder({\n                folder,\n                rwd: \"r\"\n            });\n\n            await folderLevelPermissions.assignFolderPermissions(folder);\n            return folder;\n        },\n        async list(params) {\n            // No matter what was the limit set in the params, initially, we always retrieve\n            // all folders. The limit is then applied with the filtered folders list below.\n            const filteredFolders = await folderLevelPermissions\n                .listAllFoldersWithPermissions(params.where.type)\n                .then(filteredFolders => {\n                    // If `parentId` was included in the `where` clause, we need to filter the folders.\n                    // TODO: we might want to incorporate this into the `listAllFoldersWithPermissions` method.\n                    if (params.where.parentId) {\n                        // Filter by parent ID.\n                        return filteredFolders.filter(\n                            folder => folder.parentId === params.where.parentId\n                        );\n                    }\n                    return filteredFolders;\n                });\n\n            const totalCount = filteredFolders.length;\n            let hasMoreItems = false;\n            let cursor: string | null = null;\n\n            // Apply cursor/limit params.\n            if (params.after) {\n                const afterListItemIndex = filteredFolders.findIndex(\n                    folder => folder.id === params.after\n                );\n                if (afterListItemIndex >= 0) {\n                    // Remove all items below the \"after\" item.\n                    filteredFolders.splice(0, afterListItemIndex + 1);\n                }\n            }\n\n            hasMoreItems = !!params.limit && filteredFolders.length > params.limit;\n\n            if (hasMoreItems) {\n                cursor = filteredFolders[params.limit! - 1]?.id || null;\n                filteredFolders.splice(params.limit!);\n            }\n\n            return [filteredFolders, { totalCount, hasMoreItems, cursor }];\n        },\n\n        async listAll(params) {\n            return this.list({ ...params, limit: FIXED_FOLDER_LISTING_LIMIT });\n        },\n\n        async create(data) {\n            let canCreateFolder = false;\n            if (data.parentId) {\n                const parentFolder = await storageOperations.getFolder({ id: data.parentId });\n                canCreateFolder = await folderLevelPermissions.canAccessFolder({\n                    folder: parentFolder,\n                    rwd: \"w\"\n                });\n            } else {\n                canCreateFolder = await folderLevelPermissions.canCreateFolderInRoot();\n            }\n\n            if (!canCreateFolder) {\n                throw new NotAuthorizedError();\n            }\n\n            await onFolderBeforeCreate.publish({ input: data });\n            const folder = await storageOperations.createFolder({ data });\n\n            folderLevelPermissions.invalidateCache();\n            await folderLevelPermissions.assignFolderPermissions(folder);\n\n            await onFolderAfterCreate.publish({ folder });\n\n            return folder;\n        },\n\n        async update(id, data) {\n            const original = await storageOperations.getFolder({ id });\n\n            const canUpdateFolder = await folderLevelPermissions.canAccessFolder({\n                folder: original,\n                rwd: \"w\"\n            });\n\n            if (!canUpdateFolder) {\n                throw new NotAuthorizedError();\n            }\n\n            // Validate data.\n            if (Array.isArray(data.permissions)) {\n                data.permissions.forEach(permission => {\n                    const targetIsValid =\n                        permission.target.startsWith(\"admin:\") ||\n                        permission.target.startsWith(\"team:\");\n                    if (!targetIsValid) {\n                        throw new Error(`Permission target \"${permission.target}\" is not valid.`);\n                    }\n\n                    if (permission.inheritedFrom) {\n                        throw new Error(`Permission \"inheritedFrom\" cannot be set manually.`);\n                    }\n                });\n            }\n\n            // Parent change is not allowed if the user doesn't have access to the new parent.\n            if (data.parentId && data.parentId !== original.parentId) {\n                try {\n                    // Getting the parent folder will throw an error if the user doesn't have access.\n                    await this.get(data.parentId);\n                } catch (e) {\n                    if (e instanceof NotAuthorizedError) {\n                        throw new WError(\n                            `Cannot move folder to a new parent because you don't have access to the new parent.`,\n                            \"CANNOT_MOVE_FOLDER_TO_NEW_PARENT\"\n                        );\n                    }\n\n                    // If we didn't receive the expected error, we still want to throw it.\n                    throw e;\n                }\n            }\n\n            // Let's prepare a custom folder permissions list, where the folder contains the updated data.\n            const customFoldersList = await folderLevelPermissions\n                .listAllFolders(original.type)\n                .then(folders => {\n                    const foldersClone = structuredClone<Folder[]>(folders);\n                    return foldersClone.map(folder => {\n                        if (folder.id === id) {\n                            Object.assign(folder, data);\n                        }\n                        return folder;\n                    });\n                });\n\n            const stillHasAccess = await folderLevelPermissions.canAccessFolder({\n                folder: { id, type: original.type },\n                rwd: \"w\",\n                foldersList: customFoldersList\n            });\n\n            if (!stillHasAccess) {\n                throw new WError(\n                    `Cannot continue because you would loose access to this folder.`,\n                    \"CANNOT_LOOSE_FOLDER_ACCESS\"\n                );\n            }\n\n            await onFolderBeforeUpdate.publish({ original, input: { id, data } });\n            const folder = await storageOperations.updateFolder({ id, data });\n            await onFolderAfterUpdate.publish({ original, input: { id, data }, folder });\n\n            folderLevelPermissions.invalidateCache();\n            await folderLevelPermissions.assignFolderPermissions(folder);\n            return folder;\n        },\n\n        async delete(id: string) {\n            const folder = await storageOperations.getFolder({ id });\n\n            await folderLevelPermissions.ensureCanAccessFolder({\n                folder,\n                rwd: \"d\"\n            });\n\n            await onFolderBeforeDelete.publish({ folder });\n            await storageOperations.deleteFolder({ id });\n            await onFolderAfterDelete.publish({ folder });\n            return true;\n        },\n\n        async getAncestors(folder: Folder) {\n            const [folders] = await this.listAll({ where: { type: folder.type } });\n            return getFolderAndItsAncestors({ folder, folders });\n        },\n\n        /**\n         * @deprecated use `getAncestors` instead\n         */\n        async getFolderWithAncestors(id: string) {\n            const folder = await this.get(id);\n            return this.getAncestors(folder);\n        },\n\n        async listFolderLevelPermissionsTargets() {\n            const adminUsers = await listAdminUsers();\n            const teams = await listTeams();\n\n            const teamTargets = teams.map(team => ({\n                id: team.id,\n                type: \"team\",\n                target: `team:${team.id}`,\n                name: team.name || \"\",\n                meta: {}\n            }));\n\n            const adminUserTargets = adminUsers.map(user => {\n                let name = user.displayName;\n                if (!name) {\n                    // For backwards compatibility, we also want to try concatenating first and last name.\n                    name = [user.firstName, user.lastName].filter(Boolean).join(\" \");\n                }\n\n                // We're doing the validation because, with non-Cognito IdPs (Okta, Auth0), the email\n                // field might actually contain a non-email value: `id:${IdP_Identity_ID}`. In that case,\n                // let's not assign anything to the `email` field.\n                let email: string | null = user.email;\n                try {\n                    validation.validateSync(email, \"email\");\n                } catch {\n                    email = null;\n                }\n\n                const image = user.avatar?.src || null;\n\n                return {\n                    id: user.id,\n                    type: \"admin\",\n                    target: `admin:${user.id}`,\n                    name,\n                    meta: {\n                        email,\n                        image\n                    }\n                };\n            });\n\n            const results = [...teamTargets, ...adminUserTargets];\n            const meta = { totalCount: results.length };\n\n            return [results, meta];\n        }\n    };\n};\n"],"mappings":";;;;;;;AAAA,IAAAA,OAAA,GAAAC,OAAA;AACA,IAAAC,WAAA,GAAAD,OAAA;AAYA,IAAAE,yBAAA,GAAAF,OAAA;AACA,IAAAG,mBAAA,GAAAC,sBAAA,CAAAJ,OAAA;AAGA,IAAAK,MAAA,GAAAD,sBAAA,CAAAJ,OAAA;AAEA,MAAMM,0BAA0B,GAAG,MAAM;AAOlC,MAAMC,uBAAuB,GAAGA,CAAC;EACpCC,iBAAiB;EACjBC,sBAAsB;EACtBC,cAAc;EACdC;AAC2B,CAAC,KAAoB;EAChD;EACA,MAAMC,oBAAoB,GAAG,IAAAC,mBAAW,EACpC,0BACJ,CAAC;EACD,MAAMC,mBAAmB,GACrB,IAAAD,mBAAW,EAAiC,yBAAyB,CAAC;EAC1E;EACA,MAAME,oBAAoB,GAAG,IAAAF,mBAAW,EACpC,0BACJ,CAAC;EACD,MAAMG,mBAAmB,GACrB,IAAAH,mBAAW,EAAiC,yBAAyB,CAAC;EAC1E;EACA,MAAMI,oBAAoB,GAAG,IAAAJ,mBAAW,EACpC,0BACJ,CAAC;EACD,MAAMK,mBAAmB,GACrB,IAAAL,mBAAW,EAAiC,yBAAyB,CAAC;EAE1E,OAAO;IACH;AACR;AACA;IACQD,oBAAoB;IACpBE,mBAAmB;IACnBC,oBAAoB;IACpBC,mBAAmB;IACnBC,oBAAoB;IACpBC,mBAAmB;IAEnB,MAAMC,GAAGA,CAACC,EAAE,EAAE;MACV,MAAMC,MAAM,GAAG,MAAMb,iBAAiB,CAACc,SAAS,CAAC;QAAEF;MAAG,CAAC,CAAC;MAExD,MAAMX,sBAAsB,CAACc,qBAAqB,CAAC;QAC/CF,MAAM;QACNG,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,MAAMf,sBAAsB,CAACgB,uBAAuB,CAACJ,MAAM,CAAC;MAC5D,OAAOA,MAAM;IACjB,CAAC;IACD,MAAMK,IAAIA,CAACC,MAAM,EAAE;MACf;MACA;MACA,MAAMC,eAAe,GAAG,MAAMnB,sBAAsB,CAC/CoB,6BAA6B,CAACF,MAAM,CAACG,KAAK,CAACC,IAAI,CAAC,CAChDC,IAAI,CAACJ,eAAe,IAAI;QACrB;QACA;QACA,IAAID,MAAM,CAACG,KAAK,CAACG,QAAQ,EAAE;UACvB;UACA,OAAOL,eAAe,CAACM,MAAM,CACzBb,MAAM,IAAIA,MAAM,CAACY,QAAQ,KAAKN,MAAM,CAACG,KAAK,CAACG,QAC/C,CAAC;QACL;QACA,OAAOL,eAAe;MAC1B,CAAC,CAAC;MAEN,MAAMO,UAAU,GAAGP,eAAe,CAACQ,MAAM;MACzC,IAAIC,YAAY,GAAG,KAAK;MACxB,IAAIC,MAAqB,GAAG,IAAI;;MAEhC;MACA,IAAIX,MAAM,CAACY,KAAK,EAAE;QACd,MAAMC,kBAAkB,GAAGZ,eAAe,CAACa,SAAS,CAChDpB,MAAM,IAAIA,MAAM,CAACD,EAAE,KAAKO,MAAM,CAACY,KACnC,CAAC;QACD,IAAIC,kBAAkB,IAAI,CAAC,EAAE;UACzB;UACAZ,eAAe,CAACc,MAAM,CAAC,CAAC,EAAEF,kBAAkB,GAAG,CAAC,CAAC;QACrD;MACJ;MAEAH,YAAY,GAAG,CAAC,CAACV,MAAM,CAACgB,KAAK,IAAIf,eAAe,CAACQ,MAAM,GAAGT,MAAM,CAACgB,KAAK;MAEtE,IAAIN,YAAY,EAAE;QACdC,MAAM,GAAGV,eAAe,CAACD,MAAM,CAACgB,KAAK,GAAI,CAAC,CAAC,EAAEvB,EAAE,IAAI,IAAI;QACvDQ,eAAe,CAACc,MAAM,CAACf,MAAM,CAACgB,KAAM,CAAC;MACzC;MAEA,OAAO,CAACf,eAAe,EAAE;QAAEO,UAAU;QAAEE,YAAY;QAAEC;MAAO,CAAC,CAAC;IAClE,CAAC;IAED,MAAMM,OAAOA,CAACjB,MAAM,EAAE;MAClB,OAAO,IAAI,CAACD,IAAI,CAAC;QAAE,GAAGC,MAAM;QAAEgB,KAAK,EAAErC;MAA2B,CAAC,CAAC;IACtE,CAAC;IAED,MAAMuC,MAAMA,CAACC,IAAI,EAAE;MACf,IAAIC,eAAe,GAAG,KAAK;MAC3B,IAAID,IAAI,CAACb,QAAQ,EAAE;QACf,MAAMe,YAAY,GAAG,MAAMxC,iBAAiB,CAACc,SAAS,CAAC;UAAEF,EAAE,EAAE0B,IAAI,CAACb;QAAS,CAAC,CAAC;QAC7Ec,eAAe,GAAG,MAAMtC,sBAAsB,CAACwC,eAAe,CAAC;UAC3D5B,MAAM,EAAE2B,YAAY;UACpBxB,GAAG,EAAE;QACT,CAAC,CAAC;MACN,CAAC,MAAM;QACHuB,eAAe,GAAG,MAAMtC,sBAAsB,CAACyC,qBAAqB,CAAC,CAAC;MAC1E;MAEA,IAAI,CAACH,eAAe,EAAE;QAClB,MAAM,IAAII,2BAAkB,CAAC,CAAC;MAClC;MAEA,MAAMvC,oBAAoB,CAACwC,OAAO,CAAC;QAAEC,KAAK,EAAEP;MAAK,CAAC,CAAC;MACnD,MAAMzB,MAAM,GAAG,MAAMb,iBAAiB,CAAC8C,YAAY,CAAC;QAAER;MAAK,CAAC,CAAC;MAE7DrC,sBAAsB,CAAC8C,eAAe,CAAC,CAAC;MACxC,MAAM9C,sBAAsB,CAACgB,uBAAuB,CAACJ,MAAM,CAAC;MAE5D,MAAMP,mBAAmB,CAACsC,OAAO,CAAC;QAAE/B;MAAO,CAAC,CAAC;MAE7C,OAAOA,MAAM;IACjB,CAAC;IAED,MAAMmC,MAAMA,CAACpC,EAAE,EAAE0B,IAAI,EAAE;MACnB,MAAMW,QAAQ,GAAG,MAAMjD,iBAAiB,CAACc,SAAS,CAAC;QAAEF;MAAG,CAAC,CAAC;MAE1D,MAAMsC,eAAe,GAAG,MAAMjD,sBAAsB,CAACwC,eAAe,CAAC;QACjE5B,MAAM,EAAEoC,QAAQ;QAChBjC,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,IAAI,CAACkC,eAAe,EAAE;QAClB,MAAM,IAAIP,2BAAkB,CAAC,CAAC;MAClC;;MAEA;MACA,IAAIQ,KAAK,CAACC,OAAO,CAACd,IAAI,CAACe,WAAW,CAAC,EAAE;QACjCf,IAAI,CAACe,WAAW,CAACC,OAAO,CAACC,UAAU,IAAI;UACnC,MAAMC,aAAa,GACfD,UAAU,CAACE,MAAM,CAACC,UAAU,CAAC,QAAQ,CAAC,IACtCH,UAAU,CAACE,MAAM,CAACC,UAAU,CAAC,OAAO,CAAC;UACzC,IAAI,CAACF,aAAa,EAAE;YAChB,MAAM,IAAIG,KAAK,CAAE,sBAAqBJ,UAAU,CAACE,MAAO,iBAAgB,CAAC;UAC7E;UAEA,IAAIF,UAAU,CAACK,aAAa,EAAE;YAC1B,MAAM,IAAID,KAAK,CAAE,oDAAmD,CAAC;UACzE;QACJ,CAAC,CAAC;MACN;;MAEA;MACA,IAAIrB,IAAI,CAACb,QAAQ,IAAIa,IAAI,CAACb,QAAQ,KAAKwB,QAAQ,CAACxB,QAAQ,EAAE;QACtD,IAAI;UACA;UACA,MAAM,IAAI,CAACd,GAAG,CAAC2B,IAAI,CAACb,QAAQ,CAAC;QACjC,CAAC,CAAC,OAAOoC,CAAC,EAAE;UACR,IAAIA,CAAC,YAAYlB,2BAAkB,EAAE;YACjC,MAAM,IAAImB,cAAM,CACX,qFAAoF,EACrF,kCACJ,CAAC;UACL;;UAEA;UACA,MAAMD,CAAC;QACX;MACJ;;MAEA;MACA,MAAME,iBAAiB,GAAG,MAAM9D,sBAAsB,CACjD+D,cAAc,CAACf,QAAQ,CAAC1B,IAAI,CAAC,CAC7BC,IAAI,CAACyC,OAAO,IAAI;QACb,MAAMC,YAAY,GAAGC,eAAe,CAAWF,OAAO,CAAC;QACvD,OAAOC,YAAY,CAACE,GAAG,CAACvD,MAAM,IAAI;UAC9B,IAAIA,MAAM,CAACD,EAAE,KAAKA,EAAE,EAAE;YAClByD,MAAM,CAACC,MAAM,CAACzD,MAAM,EAAEyB,IAAI,CAAC;UAC/B;UACA,OAAOzB,MAAM;QACjB,CAAC,CAAC;MACN,CAAC,CAAC;MAEN,MAAM0D,cAAc,GAAG,MAAMtE,sBAAsB,CAACwC,eAAe,CAAC;QAChE5B,MAAM,EAAE;UAAED,EAAE;UAAEW,IAAI,EAAE0B,QAAQ,CAAC1B;QAAK,CAAC;QACnCP,GAAG,EAAE,GAAG;QACRwD,WAAW,EAAET;MACjB,CAAC,CAAC;MAEF,IAAI,CAACQ,cAAc,EAAE;QACjB,MAAM,IAAIT,cAAM,CACX,gEAA+D,EAChE,4BACJ,CAAC;MACL;MAEA,MAAMvD,oBAAoB,CAACqC,OAAO,CAAC;QAAEK,QAAQ;QAAEJ,KAAK,EAAE;UAAEjC,EAAE;UAAE0B;QAAK;MAAE,CAAC,CAAC;MACrE,MAAMzB,MAAM,GAAG,MAAMb,iBAAiB,CAACyE,YAAY,CAAC;QAAE7D,EAAE;QAAE0B;MAAK,CAAC,CAAC;MACjE,MAAM9B,mBAAmB,CAACoC,OAAO,CAAC;QAAEK,QAAQ;QAAEJ,KAAK,EAAE;UAAEjC,EAAE;UAAE0B;QAAK,CAAC;QAAEzB;MAAO,CAAC,CAAC;MAE5EZ,sBAAsB,CAAC8C,eAAe,CAAC,CAAC;MACxC,MAAM9C,sBAAsB,CAACgB,uBAAuB,CAACJ,MAAM,CAAC;MAC5D,OAAOA,MAAM;IACjB,CAAC;IAED,MAAM6D,MAAMA,CAAC9D,EAAU,EAAE;MACrB,MAAMC,MAAM,GAAG,MAAMb,iBAAiB,CAACc,SAAS,CAAC;QAAEF;MAAG,CAAC,CAAC;MAExD,MAAMX,sBAAsB,CAACc,qBAAqB,CAAC;QAC/CF,MAAM;QACNG,GAAG,EAAE;MACT,CAAC,CAAC;MAEF,MAAMP,oBAAoB,CAACmC,OAAO,CAAC;QAAE/B;MAAO,CAAC,CAAC;MAC9C,MAAMb,iBAAiB,CAAC2E,YAAY,CAAC;QAAE/D;MAAG,CAAC,CAAC;MAC5C,MAAMF,mBAAmB,CAACkC,OAAO,CAAC;QAAE/B;MAAO,CAAC,CAAC;MAC7C,OAAO,IAAI;IACf,CAAC;IAED,MAAM+D,YAAYA,CAAC/D,MAAc,EAAE;MAC/B,MAAM,CAACoD,OAAO,CAAC,GAAG,MAAM,IAAI,CAAC7B,OAAO,CAAC;QAAEd,KAAK,EAAE;UAAEC,IAAI,EAAEV,MAAM,CAACU;QAAK;MAAE,CAAC,CAAC;MACtE,OAAO,IAAAsD,kDAAwB,EAAC;QAAEhE,MAAM;QAAEoD;MAAQ,CAAC,CAAC;IACxD,CAAC;IAED;AACR;AACA;IACQ,MAAMa,sBAAsBA,CAAClE,EAAU,EAAE;MACrC,MAAMC,MAAM,GAAG,MAAM,IAAI,CAACF,GAAG,CAACC,EAAE,CAAC;MACjC,OAAO,IAAI,CAACgE,YAAY,CAAC/D,MAAM,CAAC;IACpC,CAAC;IAED,MAAMkE,iCAAiCA,CAAA,EAAG;MACtC,MAAMC,UAAU,GAAG,MAAM9E,cAAc,CAAC,CAAC;MACzC,MAAM+E,KAAK,GAAG,MAAM9E,SAAS,CAAC,CAAC;MAE/B,MAAM+E,WAAW,GAAGD,KAAK,CAACb,GAAG,CAACe,IAAI,KAAK;QACnCvE,EAAE,EAAEuE,IAAI,CAACvE,EAAE;QACXW,IAAI,EAAE,MAAM;QACZkC,MAAM,EAAG,QAAO0B,IAAI,CAACvE,EAAG,EAAC;QACzBwE,IAAI,EAAED,IAAI,CAACC,IAAI,IAAI,EAAE;QACrBC,IAAI,EAAE,CAAC;MACX,CAAC,CAAC,CAAC;MAEH,MAAMC,gBAAgB,GAAGN,UAAU,CAACZ,GAAG,CAACmB,IAAI,IAAI;QAC5C,IAAIH,IAAI,GAAGG,IAAI,CAACC,WAAW;QAC3B,IAAI,CAACJ,IAAI,EAAE;UACP;UACAA,IAAI,GAAG,CAACG,IAAI,CAACE,SAAS,EAAEF,IAAI,CAACG,QAAQ,CAAC,CAAChE,MAAM,CAACiE,OAAO,CAAC,CAACC,IAAI,CAAC,GAAG,CAAC;QACpE;;QAEA;QACA;QACA;QACA,IAAIC,KAAoB,GAAGN,IAAI,CAACM,KAAK;QACrC,IAAI;UACAC,sBAAU,CAACC,YAAY,CAACF,KAAK,EAAE,OAAO,CAAC;QAC3C,CAAC,CAAC,MAAM;UACJA,KAAK,GAAG,IAAI;QAChB;QAEA,MAAMG,KAAK,GAAGT,IAAI,CAACU,MAAM,EAAEC,GAAG,IAAI,IAAI;QAEtC,OAAO;UACHtF,EAAE,EAAE2E,IAAI,CAAC3E,EAAE;UACXW,IAAI,EAAE,OAAO;UACbkC,MAAM,EAAG,SAAQ8B,IAAI,CAAC3E,EAAG,EAAC;UAC1BwE,IAAI;UACJC,IAAI,EAAE;YACFQ,KAAK;YACLG;UACJ;QACJ,CAAC;MACL,CAAC,CAAC;MAEF,MAAMG,OAAO,GAAG,CAAC,GAAGjB,WAAW,EAAE,GAAGI,gBAAgB,CAAC;MACrD,MAAMD,IAAI,GAAG;QAAE1D,UAAU,EAAEwE,OAAO,CAACvE;MAAO,CAAC;MAE3C,OAAO,CAACuE,OAAO,EAAEd,IAAI,CAAC;IAC1B;EACJ,CAAC;AACL,CAAC;AAACe,OAAA,CAAArG,uBAAA,GAAAA,uBAAA"}