npm - @yz-xingtu/ops-cli - Versions diffs - 0.1.1 - Mend

@yz-xingtu/ops-cli 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/dist/index.js +1274 -0
package/package.json +36 -0

package/dist/index.js ADDED Viewed

@@ -0,0 +1,1274 @@
+#!/usr/bin/env node
+// src/index.ts
+import { Command } from "commander";
+import axios from "axios";
+// ../shared/src/logger.ts
+import pino from "pino";
+var isDev = process.env.NODE_ENV !== "production";
+var isNextRuntime = Boolean(process.env.NEXT_RUNTIME);
+var baseOptions = {
+  level: process.env.LOG_LEVEL ?? (isDev ? "debug" : "info"),
+  base: {
+    env: process.env.NODE_ENV ?? "development"
+  },
+  redact: {
+    paths: [
+      "*.password",
+      "*.hashedPassword",
+      "*.cookie",
+      "*.encryptedCookie",
+      "*.encryptedApiKey",
+      "*.encryptedAntiContent",
+      "headers.authorization",
+      "headers.cookie"
+    ],
+    censor: "[REDACTED]"
+  }
+};
+var transport = isDev && !isNextRuntime ? {
+  target: "pino-pretty",
+  options: { colorize: true, translateTime: "SYS:standard", singleLine: false }
+} : void 0;
+var rootLogger = pino({
+  ...baseOptions,
+  ...transport ? { transport } : {}
+});
+// ../shared/src/rbac.ts
+var RESOURCES = {
+  TENANT: "tenant",
+  USER: "user",
+  ROLE: "role",
+  SHOP: "shop",
+  PDD_ACCOUNT: "pdd_account",
+  WAREHOUSE: "warehouse",
+  WAREHOUSE_GROUP: "warehouse_group",
+  AREA: "area",
+  PRODUCT: "product",
+  PRODUCT_COST: "product_cost",
+  WAREHOUSE_MAPPING: "warehouse_mapping",
+  SALES: "sales",
+  INVENTORY: "inventory",
+  STORAGE_FEE: "storage_fee",
+  PROFIT: "profit",
+  JOB: "job",
+  JOB_RUN: "job_run",
+  ALERT: "alert",
+  NOTIFICATION_CHANNEL: "notification_channel",
+  NOTIFICATION_RULE: "notification_rule",
+  EXPORT: "export",
+  AI_CONFIG: "ai_config",
+  PROMPT_TEMPLATE: "prompt_template",
+  AUDIT_LOG: "audit_log",
+  TENANT_CONFIG: "tenant_config"
+};
+var ACTIONS = {
+  CREATE: "create",
+  READ: "read",
+  UPDATE: "update",
+  DELETE: "delete",
+  RUN: "run",
+  EXPORT: "export",
+  MANAGE: "manage"
+};
+function p(resource, action) {
+  return `${resource}:${action}`;
+}
+var ALL_READ = Object.values(RESOURCES).map(
+  (r) => p(r, ACTIONS.READ)
+);
+var ALL_WRITE = Object.values(RESOURCES).flatMap((r) => [
+  p(r, ACTIONS.CREATE),
+  p(r, ACTIONS.UPDATE),
+  p(r, ACTIONS.DELETE)
+]);
+var OPERATOR_PERMS = [
+  ...ALL_READ,
+  p(RESOURCES.SHOP, ACTIONS.CREATE),
+  p(RESOURCES.SHOP, ACTIONS.UPDATE),
+  p(RESOURCES.PDD_ACCOUNT, ACTIONS.CREATE),
+  p(RESOURCES.PDD_ACCOUNT, ACTIONS.UPDATE),
+  p(RESOURCES.WAREHOUSE, ACTIONS.CREATE),
+  p(RESOURCES.WAREHOUSE, ACTIONS.UPDATE),
+  p(RESOURCES.PRODUCT, ACTIONS.CREATE),
+  p(RESOURCES.PRODUCT, ACTIONS.UPDATE),
+  p(RESOURCES.PRODUCT_COST, ACTIONS.CREATE),
+  p(RESOURCES.PRODUCT_COST, ACTIONS.UPDATE),
+  p(RESOURCES.JOB, ACTIONS.RUN),
+  p(RESOURCES.EXPORT, ACTIONS.CREATE)
+];
+var SYSTEM_ROLES = {
+  OWNER: {
+    code: "owner",
+    name: "Owner",
+    description: "\u79DF\u6237\u6240\u6709\u8005\uFF0C\u5168\u90E8\u6743\u9650\u3002",
+    permissions: [
+      ...ALL_READ,
+      ...ALL_WRITE,
+      p(RESOURCES.JOB, ACTIONS.RUN),
+      p(RESOURCES.EXPORT, ACTIONS.CREATE),
+      p(RESOURCES.TENANT, ACTIONS.MANAGE),
+      p(RESOURCES.USER, ACTIONS.MANAGE),
+      p(RESOURCES.ROLE, ACTIONS.MANAGE)
+    ]
+  },
+  ADMIN: {
+    code: "admin",
+    name: "Admin",
+    description: "\u7BA1\u7406\u5458\uFF0C\u53EF\u7BA1\u7406\u7528\u6237\u4E0E\u914D\u7F6E\u3002",
+    permissions: [
+      ...ALL_READ,
+      ...ALL_WRITE,
+      p(RESOURCES.JOB, ACTIONS.RUN),
+      p(RESOURCES.EXPORT, ACTIONS.CREATE),
+      p(RESOURCES.USER, ACTIONS.MANAGE)
+    ]
+  },
+  OPERATOR: {
+    code: "operator",
+    name: "Operator",
+    description: "\u8FD0\u8425\uFF0C\u53EF\u7BA1\u7406\u5E97\u94FA/\u91C7\u96C6\u4E0E\u5BFC\u51FA\u3002",
+    permissions: OPERATOR_PERMS
+  },
+  VIEWER: {
+    code: "viewer",
+    name: "Viewer",
+    description: "\u53EA\u8BFB\uFF0C\u4EC5\u67E5\u770B\u6570\u636E\u3002",
+    permissions: ALL_READ
+  }
+};
+// ../../node_modules/jose/dist/node/esm/runtime/base64url.js
+import { Buffer as Buffer2 } from "buffer";
+// ../../node_modules/jose/dist/node/esm/lib/buffer_utils.js
+var encoder = new TextEncoder();
+var decoder = new TextDecoder();
+var MAX_INT32 = 2 ** 32;
+function concat(...buffers) {
+  const size = buffers.reduce((acc, { length }) => acc + length, 0);
+  const buf = new Uint8Array(size);
+  let i = 0;
+  for (const buffer of buffers) {
+    buf.set(buffer, i);
+    i += buffer.length;
+  }
+  return buf;
+}
+// ../../node_modules/jose/dist/node/esm/runtime/base64url.js
+var encode = (input) => Buffer2.from(input).toString("base64url");
+// ../../node_modules/jose/dist/node/esm/util/errors.js
+var JOSEError = class extends Error {
+  static code = "ERR_JOSE_GENERIC";
+  code = "ERR_JOSE_GENERIC";
+  constructor(message2, options) {
+    super(message2, options);
+    this.name = this.constructor.name;
+    Error.captureStackTrace?.(this, this.constructor);
+  }
+};
+var JOSENotSupported = class extends JOSEError {
+  static code = "ERR_JOSE_NOT_SUPPORTED";
+  code = "ERR_JOSE_NOT_SUPPORTED";
+};
+var JWSInvalid = class extends JOSEError {
+  static code = "ERR_JWS_INVALID";
+  code = "ERR_JWS_INVALID";
+};
+var JWTInvalid = class extends JOSEError {
+  static code = "ERR_JWT_INVALID";
+  code = "ERR_JWT_INVALID";
+};
+// ../../node_modules/jose/dist/node/esm/runtime/is_key_object.js
+import * as util from "util";
+var is_key_object_default = (obj) => util.types.isKeyObject(obj);
+// ../../node_modules/jose/dist/node/esm/runtime/webcrypto.js
+import * as crypto from "crypto";
+import * as util2 from "util";
+var webcrypto2 = crypto.webcrypto;
+var webcrypto_default = webcrypto2;
+var isCryptoKey = (key) => util2.types.isCryptoKey(key);
+// ../../node_modules/jose/dist/node/esm/lib/crypto_key.js
+function unusable(name, prop = "algorithm.name") {
+  return new TypeError(`CryptoKey does not support this operation, its ${prop} must be ${name}`);
+}
+function isAlgorithm(algorithm, name) {
+  return algorithm.name === name;
+}
+function getHashLength(hash) {
+  return parseInt(hash.name.slice(4), 10);
+}
+function getNamedCurve(alg) {
+  switch (alg) {
+    case "ES256":
+      return "P-256";
+    case "ES384":
+      return "P-384";
+    case "ES512":
+      return "P-521";
+    default:
+      throw new Error("unreachable");
+  }
+}
+function checkUsage(key, usages) {
+  if (usages.length && !usages.some((expected) => key.usages.includes(expected))) {
+    let msg = "CryptoKey does not support this operation, its usages must include ";
+    if (usages.length > 2) {
+      const last = usages.pop();
+      msg += `one of ${usages.join(", ")}, or ${last}.`;
+    } else if (usages.length === 2) {
+      msg += `one of ${usages[0]} or ${usages[1]}.`;
+    } else {
+      msg += `${usages[0]}.`;
+    }
+    throw new TypeError(msg);
+  }
+}
+function checkSigCryptoKey(key, alg, ...usages) {
+  switch (alg) {
+    case "HS256":
+    case "HS384":
+    case "HS512": {
+      if (!isAlgorithm(key.algorithm, "HMAC"))
+        throw unusable("HMAC");
+      const expected = parseInt(alg.slice(2), 10);
+      const actual = getHashLength(key.algorithm.hash);
+      if (actual !== expected)
+        throw unusable(`SHA-${expected}`, "algorithm.hash");
+      break;
+    }
+    case "RS256":
+    case "RS384":
+    case "RS512": {
+      if (!isAlgorithm(key.algorithm, "RSASSA-PKCS1-v1_5"))
+        throw unusable("RSASSA-PKCS1-v1_5");
+      const expected = parseInt(alg.slice(2), 10);
+      const actual = getHashLength(key.algorithm.hash);
+      if (actual !== expected)
+        throw unusable(`SHA-${expected}`, "algorithm.hash");
+      break;
+    }
+    case "PS256":
+    case "PS384":
+    case "PS512": {
+      if (!isAlgorithm(key.algorithm, "RSA-PSS"))
+        throw unusable("RSA-PSS");
+      const expected = parseInt(alg.slice(2), 10);
+      const actual = getHashLength(key.algorithm.hash);
+      if (actual !== expected)
+        throw unusable(`SHA-${expected}`, "algorithm.hash");
+      break;
+    }
+    case "EdDSA": {
+      if (key.algorithm.name !== "Ed25519" && key.algorithm.name !== "Ed448") {
+        throw unusable("Ed25519 or Ed448");
+      }
+      break;
+    }
+    case "Ed25519": {
+      if (!isAlgorithm(key.algorithm, "Ed25519"))
+        throw unusable("Ed25519");
+      break;
+    }
+    case "ES256":
+    case "ES384":
+    case "ES512": {
+      if (!isAlgorithm(key.algorithm, "ECDSA"))
+        throw unusable("ECDSA");
+      const expected = getNamedCurve(alg);
+      const actual = key.algorithm.namedCurve;
+      if (actual !== expected)
+        throw unusable(expected, "algorithm.namedCurve");
+      break;
+    }
+    default:
+      throw new TypeError("CryptoKey does not support this operation");
+  }
+  checkUsage(key, usages);
+}
+// ../../node_modules/jose/dist/node/esm/lib/invalid_key_input.js
+function message(msg, actual, ...types4) {
+  types4 = types4.filter(Boolean);
+  if (types4.length > 2) {
+    const last = types4.pop();
+    msg += `one of type ${types4.join(", ")}, or ${last}.`;
+  } else if (types4.length === 2) {
+    msg += `one of type ${types4[0]} or ${types4[1]}.`;
+  } else {
+    msg += `of type ${types4[0]}.`;
+  }
+  if (actual == null) {
+    msg += ` Received ${actual}`;
+  } else if (typeof actual === "function" && actual.name) {
+    msg += ` Received function ${actual.name}`;
+  } else if (typeof actual === "object" && actual != null) {
+    if (actual.constructor?.name) {
+      msg += ` Received an instance of ${actual.constructor.name}`;
+    }
+  }
+  return msg;
+}
+var invalid_key_input_default = (actual, ...types4) => {
+  return message("Key must be ", actual, ...types4);
+};
+function withAlg(alg, actual, ...types4) {
+  return message(`Key for the ${alg} algorithm must be `, actual, ...types4);
+}
+// ../../node_modules/jose/dist/node/esm/runtime/is_key_like.js
+var is_key_like_default = (key) => is_key_object_default(key) || isCryptoKey(key);
+var types3 = ["KeyObject"];
+if (globalThis.CryptoKey || webcrypto_default?.CryptoKey) {
+  types3.push("CryptoKey");
+}
+// ../../node_modules/jose/dist/node/esm/lib/is_disjoint.js
+var isDisjoint = (...headers) => {
+  const sources = headers.filter(Boolean);
+  if (sources.length === 0 || sources.length === 1) {
+    return true;
+  }
+  let acc;
+  for (const header of sources) {
+    const parameters = Object.keys(header);
+    if (!acc || acc.size === 0) {
+      acc = new Set(parameters);
+      continue;
+    }
+    for (const parameter of parameters) {
+      if (acc.has(parameter)) {
+        return false;
+      }
+      acc.add(parameter);
+    }
+  }
+  return true;
+};
+var is_disjoint_default = isDisjoint;
+// ../../node_modules/jose/dist/node/esm/lib/is_object.js
+function isObjectLike(value) {
+  return typeof value === "object" && value !== null;
+}
+function isObject(input) {
+  if (!isObjectLike(input) || Object.prototype.toString.call(input) !== "[object Object]") {
+    return false;
+  }
+  if (Object.getPrototypeOf(input) === null) {
+    return true;
+  }
+  let proto = input;
+  while (Object.getPrototypeOf(proto) !== null) {
+    proto = Object.getPrototypeOf(proto);
+  }
+  return Object.getPrototypeOf(input) === proto;
+}
+// ../../node_modules/jose/dist/node/esm/runtime/get_named_curve.js
+import { KeyObject } from "crypto";
+// ../../node_modules/jose/dist/node/esm/lib/is_jwk.js
+function isJWK(key) {
+  return isObject(key) && typeof key.kty === "string";
+}
+function isPrivateJWK(key) {
+  return key.kty !== "oct" && typeof key.d === "string";
+}
+function isPublicJWK(key) {
+  return key.kty !== "oct" && typeof key.d === "undefined";
+}
+function isSecretJWK(key) {
+  return isJWK(key) && key.kty === "oct" && typeof key.k === "string";
+}
+// ../../node_modules/jose/dist/node/esm/runtime/get_named_curve.js
+var namedCurveToJOSE = (namedCurve) => {
+  switch (namedCurve) {
+    case "prime256v1":
+      return "P-256";
+    case "secp384r1":
+      return "P-384";
+    case "secp521r1":
+      return "P-521";
+    case "secp256k1":
+      return "secp256k1";
+    default:
+      throw new JOSENotSupported("Unsupported key curve for this operation");
+  }
+};
+var getNamedCurve2 = (kee, raw) => {
+  let key;
+  if (isCryptoKey(kee)) {
+    key = KeyObject.from(kee);
+  } else if (is_key_object_default(kee)) {
+    key = kee;
+  } else if (isJWK(kee)) {
+    return kee.crv;
+  } else {
+    throw new TypeError(invalid_key_input_default(kee, ...types3));
+  }
+  if (key.type === "secret") {
+    throw new TypeError('only "private" or "public" type keys can be used for this operation');
+  }
+  switch (key.asymmetricKeyType) {
+    case "ed25519":
+    case "ed448":
+      return `Ed${key.asymmetricKeyType.slice(2)}`;
+    case "x25519":
+    case "x448":
+      return `X${key.asymmetricKeyType.slice(1)}`;
+    case "ec": {
+      const namedCurve = key.asymmetricKeyDetails.namedCurve;
+      if (raw) {
+        return namedCurve;
+      }
+      return namedCurveToJOSE(namedCurve);
+    }
+    default:
+      throw new TypeError("Invalid asymmetric key type for this operation");
+  }
+};
+var get_named_curve_default = getNamedCurve2;
+// ../../node_modules/jose/dist/node/esm/runtime/check_key_length.js
+import { KeyObject as KeyObject2 } from "crypto";
+var check_key_length_default = (key, alg) => {
+  let modulusLength;
+  try {
+    if (key instanceof KeyObject2) {
+      modulusLength = key.asymmetricKeyDetails?.modulusLength;
+    } else {
+      modulusLength = Buffer.from(key.n, "base64url").byteLength << 3;
+    }
+  } catch {
+  }
+  if (typeof modulusLength !== "number" || modulusLength < 2048) {
+    throw new TypeError(`${alg} requires key modulusLength to be 2048 bits or larger`);
+  }
+};
+// ../../node_modules/jose/dist/node/esm/lib/check_key_type.js
+var tag = (key) => key?.[Symbol.toStringTag];
+var jwkMatchesOp = (alg, key, usage) => {
+  if (key.use !== void 0 && key.use !== "sig") {
+    throw new TypeError("Invalid key for this operation, when present its use must be sig");
+  }
+  if (key.key_ops !== void 0 && key.key_ops.includes?.(usage) !== true) {
+    throw new TypeError(`Invalid key for this operation, when present its key_ops must include ${usage}`);
+  }
+  if (key.alg !== void 0 && key.alg !== alg) {
+    throw new TypeError(`Invalid key for this operation, when present its alg must be ${alg}`);
+  }
+  return true;
+};
+var symmetricTypeCheck = (alg, key, usage, allowJwk) => {
+  if (key instanceof Uint8Array)
+    return;
+  if (allowJwk && isJWK(key)) {
+    if (isSecretJWK(key) && jwkMatchesOp(alg, key, usage))
+      return;
+    throw new TypeError(`JSON Web Key for symmetric algorithms must have JWK "kty" (Key Type) equal to "oct" and the JWK "k" (Key Value) present`);
+  }
+  if (!is_key_like_default(key)) {
+    throw new TypeError(withAlg(alg, key, ...types3, "Uint8Array", allowJwk ? "JSON Web Key" : null));
+  }
+  if (key.type !== "secret") {
+    throw new TypeError(`${tag(key)} instances for symmetric algorithms must be of type "secret"`);
+  }
+};
+var asymmetricTypeCheck = (alg, key, usage, allowJwk) => {
+  if (allowJwk && isJWK(key)) {
+    switch (usage) {
+      case "sign":
+        if (isPrivateJWK(key) && jwkMatchesOp(alg, key, usage))
+          return;
+        throw new TypeError(`JSON Web Key for this operation be a private JWK`);
+      case "verify":
+        if (isPublicJWK(key) && jwkMatchesOp(alg, key, usage))
+          return;
+        throw new TypeError(`JSON Web Key for this operation be a public JWK`);
+    }
+  }
+  if (!is_key_like_default(key)) {
+    throw new TypeError(withAlg(alg, key, ...types3, allowJwk ? "JSON Web Key" : null));
+  }
+  if (key.type === "secret") {
+    throw new TypeError(`${tag(key)} instances for asymmetric algorithms must not be of type "secret"`);
+  }
+  if (usage === "sign" && key.type === "public") {
+    throw new TypeError(`${tag(key)} instances for asymmetric algorithm signing must be of type "private"`);
+  }
+  if (usage === "decrypt" && key.type === "public") {
+    throw new TypeError(`${tag(key)} instances for asymmetric algorithm decryption must be of type "private"`);
+  }
+  if (key.algorithm && usage === "verify" && key.type === "private") {
+    throw new TypeError(`${tag(key)} instances for asymmetric algorithm verifying must be of type "public"`);
+  }
+  if (key.algorithm && usage === "encrypt" && key.type === "private") {
+    throw new TypeError(`${tag(key)} instances for asymmetric algorithm encryption must be of type "public"`);
+  }
+};
+function checkKeyType(allowJwk, alg, key, usage) {
+  const symmetric = alg.startsWith("HS") || alg === "dir" || alg.startsWith("PBES2") || /^A\d{3}(?:GCM)?KW$/.test(alg);
+  if (symmetric) {
+    symmetricTypeCheck(alg, key, usage, allowJwk);
+  } else {
+    asymmetricTypeCheck(alg, key, usage, allowJwk);
+  }
+}
+var check_key_type_default = checkKeyType.bind(void 0, false);
+var checkKeyTypeWithJwk = checkKeyType.bind(void 0, true);
+// ../../node_modules/jose/dist/node/esm/lib/validate_crit.js
+function validateCrit(Err, recognizedDefault, recognizedOption, protectedHeader, joseHeader) {
+  if (joseHeader.crit !== void 0 && protectedHeader?.crit === void 0) {
+    throw new Err('"crit" (Critical) Header Parameter MUST be integrity protected');
+  }
+  if (!protectedHeader || protectedHeader.crit === void 0) {
+    return /* @__PURE__ */ new Set();
+  }
+  if (!Array.isArray(protectedHeader.crit) || protectedHeader.crit.length === 0 || protectedHeader.crit.some((input) => typeof input !== "string" || input.length === 0)) {
+    throw new Err('"crit" (Critical) Header Parameter MUST be an array of non-empty strings when present');
+  }
+  let recognized;
+  if (recognizedOption !== void 0) {
+    recognized = new Map([...Object.entries(recognizedOption), ...recognizedDefault.entries()]);
+  } else {
+    recognized = recognizedDefault;
+  }
+  for (const parameter of protectedHeader.crit) {
+    if (!recognized.has(parameter)) {
+      throw new JOSENotSupported(`Extension Header Parameter "${parameter}" is not recognized`);
+    }
+    if (joseHeader[parameter] === void 0) {
+      throw new Err(`Extension Header Parameter "${parameter}" is missing`);
+    }
+    if (recognized.get(parameter) && protectedHeader[parameter] === void 0) {
+      throw new Err(`Extension Header Parameter "${parameter}" MUST be integrity protected`);
+    }
+  }
+  return new Set(protectedHeader.crit);
+}
+var validate_crit_default = validateCrit;
+// ../../node_modules/jose/dist/node/esm/runtime/dsa_digest.js
+function dsaDigest(alg) {
+  switch (alg) {
+    case "PS256":
+    case "RS256":
+    case "ES256":
+    case "ES256K":
+      return "sha256";
+    case "PS384":
+    case "RS384":
+    case "ES384":
+      return "sha384";
+    case "PS512":
+    case "RS512":
+    case "ES512":
+      return "sha512";
+    case "Ed25519":
+    case "EdDSA":
+      return void 0;
+    default:
+      throw new JOSENotSupported(`alg ${alg} is not supported either by JOSE or your javascript runtime`);
+  }
+}
+// ../../node_modules/jose/dist/node/esm/runtime/node_key.js
+import { constants, KeyObject as KeyObject3 } from "crypto";
+var ecCurveAlgMap = /* @__PURE__ */ new Map([
+  ["ES256", "P-256"],
+  ["ES256K", "secp256k1"],
+  ["ES384", "P-384"],
+  ["ES512", "P-521"]
+]);
+function keyForCrypto(alg, key) {
+  let asymmetricKeyType;
+  let asymmetricKeyDetails;
+  let isJWK2;
+  if (key instanceof KeyObject3) {
+    asymmetricKeyType = key.asymmetricKeyType;
+    asymmetricKeyDetails = key.asymmetricKeyDetails;
+  } else {
+    isJWK2 = true;
+    switch (key.kty) {
+      case "RSA":
+        asymmetricKeyType = "rsa";
+        break;
+      case "EC":
+        asymmetricKeyType = "ec";
+        break;
+      case "OKP": {
+        if (key.crv === "Ed25519") {
+          asymmetricKeyType = "ed25519";
+          break;
+        }
+        if (key.crv === "Ed448") {
+          asymmetricKeyType = "ed448";
+          break;
+        }
+        throw new TypeError("Invalid key for this operation, its crv must be Ed25519 or Ed448");
+      }
+      default:
+        throw new TypeError("Invalid key for this operation, its kty must be RSA, OKP, or EC");
+    }
+  }
+  let options;
+  switch (alg) {
+    case "Ed25519":
+      if (asymmetricKeyType !== "ed25519") {
+        throw new TypeError(`Invalid key for this operation, its asymmetricKeyType must be ed25519`);
+      }
+      break;
+    case "EdDSA":
+      if (!["ed25519", "ed448"].includes(asymmetricKeyType)) {
+        throw new TypeError("Invalid key for this operation, its asymmetricKeyType must be ed25519 or ed448");
+      }
+      break;
+    case "RS256":
+    case "RS384":
+    case "RS512":
+      if (asymmetricKeyType !== "rsa") {
+        throw new TypeError("Invalid key for this operation, its asymmetricKeyType must be rsa");
+      }
+      check_key_length_default(key, alg);
+      break;
+    case "PS256":
+    case "PS384":
+    case "PS512":
+      if (asymmetricKeyType === "rsa-pss") {
+        const { hashAlgorithm, mgf1HashAlgorithm, saltLength } = asymmetricKeyDetails;
+        const length = parseInt(alg.slice(-3), 10);
+        if (hashAlgorithm !== void 0 && (hashAlgorithm !== `sha${length}` || mgf1HashAlgorithm !== hashAlgorithm)) {
+          throw new TypeError(`Invalid key for this operation, its RSA-PSS parameters do not meet the requirements of "alg" ${alg}`);
+        }
+        if (saltLength !== void 0 && saltLength > length >> 3) {
+          throw new TypeError(`Invalid key for this operation, its RSA-PSS parameter saltLength does not meet the requirements of "alg" ${alg}`);
+        }
+      } else if (asymmetricKeyType !== "rsa") {
+        throw new TypeError("Invalid key for this operation, its asymmetricKeyType must be rsa or rsa-pss");
+      }
+      check_key_length_default(key, alg);
+      options = {
+        padding: constants.RSA_PKCS1_PSS_PADDING,
+        saltLength: constants.RSA_PSS_SALTLEN_DIGEST
+      };
+      break;
+    case "ES256":
+    case "ES256K":
+    case "ES384":
+    case "ES512": {
+      if (asymmetricKeyType !== "ec") {
+        throw new TypeError("Invalid key for this operation, its asymmetricKeyType must be ec");
+      }
+      const actual = get_named_curve_default(key);
+      const expected = ecCurveAlgMap.get(alg);
+      if (actual !== expected) {
+        throw new TypeError(`Invalid key curve for the algorithm, its curve must be ${expected}, got ${actual}`);
+      }
+      options = { dsaEncoding: "ieee-p1363" };
+      break;
+    }
+    default:
+      throw new JOSENotSupported(`alg ${alg} is not supported either by JOSE or your javascript runtime`);
+  }
+  if (isJWK2) {
+    return { format: "jwk", key, ...options };
+  }
+  return options ? { ...options, key } : key;
+}
+// ../../node_modules/jose/dist/node/esm/runtime/sign.js
+import * as crypto2 from "crypto";
+import { promisify } from "util";
+// ../../node_modules/jose/dist/node/esm/runtime/hmac_digest.js
+function hmacDigest(alg) {
+  switch (alg) {
+    case "HS256":
+      return "sha256";
+    case "HS384":
+      return "sha384";
+    case "HS512":
+      return "sha512";
+    default:
+      throw new JOSENotSupported(`alg ${alg} is not supported either by JOSE or your javascript runtime`);
+  }
+}
+// ../../node_modules/jose/dist/node/esm/runtime/get_sign_verify_key.js
+import { KeyObject as KeyObject4, createSecretKey } from "crypto";
+function getSignVerifyKey(alg, key, usage) {
+  if (key instanceof Uint8Array) {
+    if (!alg.startsWith("HS")) {
+      throw new TypeError(invalid_key_input_default(key, ...types3));
+    }
+    return createSecretKey(key);
+  }
+  if (key instanceof KeyObject4) {
+    return key;
+  }
+  if (isCryptoKey(key)) {
+    checkSigCryptoKey(key, alg, usage);
+    return KeyObject4.from(key);
+  }
+  if (isJWK(key)) {
+    if (alg.startsWith("HS")) {
+      return createSecretKey(Buffer.from(key.k, "base64url"));
+    }
+    return key;
+  }
+  throw new TypeError(invalid_key_input_default(key, ...types3, "Uint8Array", "JSON Web Key"));
+}
+// ../../node_modules/jose/dist/node/esm/runtime/sign.js
+var oneShotSign = promisify(crypto2.sign);
+var sign2 = async (alg, key, data) => {
+  const k = getSignVerifyKey(alg, key, "sign");
+  if (alg.startsWith("HS")) {
+    const hmac = crypto2.createHmac(hmacDigest(alg), k);
+    hmac.update(data);
+    return hmac.digest();
+  }
+  return oneShotSign(dsaDigest(alg), data, keyForCrypto(alg, k));
+};
+var sign_default = sign2;
+// ../../node_modules/jose/dist/node/esm/lib/epoch.js
+var epoch_default = (date) => Math.floor(date.getTime() / 1e3);
+// ../../node_modules/jose/dist/node/esm/lib/secs.js
+var minute = 60;
+var hour = minute * 60;
+var day = hour * 24;
+var week = day * 7;
+var year = day * 365.25;
+var REGEX = /^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i;
+var secs_default = (str) => {
+  const matched = REGEX.exec(str);
+  if (!matched || matched[4] && matched[1]) {
+    throw new TypeError("Invalid time period format");
+  }
+  const value = parseFloat(matched[2]);
+  const unit = matched[3].toLowerCase();
+  let numericDate;
+  switch (unit) {
+    case "sec":
+    case "secs":
+    case "second":
+    case "seconds":
+    case "s":
+      numericDate = Math.round(value);
+      break;
+    case "minute":
+    case "minutes":
+    case "min":
+    case "mins":
+    case "m":
+      numericDate = Math.round(value * minute);
+      break;
+    case "hour":
+    case "hours":
+    case "hr":
+    case "hrs":
+    case "h":
+      numericDate = Math.round(value * hour);
+      break;
+    case "day":
+    case "days":
+    case "d":
+      numericDate = Math.round(value * day);
+      break;
+    case "week":
+    case "weeks":
+    case "w":
+      numericDate = Math.round(value * week);
+      break;
+    default:
+      numericDate = Math.round(value * year);
+      break;
+  }
+  if (matched[1] === "-" || matched[4] === "ago") {
+    return -numericDate;
+  }
+  return numericDate;
+};
+// ../../node_modules/jose/dist/node/esm/jws/flattened/sign.js
+var FlattenedSign = class {
+  _payload;
+  _protectedHeader;
+  _unprotectedHeader;
+  constructor(payload) {
+    if (!(payload instanceof Uint8Array)) {
+      throw new TypeError("payload must be an instance of Uint8Array");
+    }
+    this._payload = payload;
+  }
+  setProtectedHeader(protectedHeader) {
+    if (this._protectedHeader) {
+      throw new TypeError("setProtectedHeader can only be called once");
+    }
+    this._protectedHeader = protectedHeader;
+    return this;
+  }
+  setUnprotectedHeader(unprotectedHeader) {
+    if (this._unprotectedHeader) {
+      throw new TypeError("setUnprotectedHeader can only be called once");
+    }
+    this._unprotectedHeader = unprotectedHeader;
+    return this;
+  }
+  async sign(key, options) {
+    if (!this._protectedHeader && !this._unprotectedHeader) {
+      throw new JWSInvalid("either setProtectedHeader or setUnprotectedHeader must be called before #sign()");
+    }
+    if (!is_disjoint_default(this._protectedHeader, this._unprotectedHeader)) {
+      throw new JWSInvalid("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");
+    }
+    const joseHeader = {
+      ...this._protectedHeader,
+      ...this._unprotectedHeader
+    };
+    const extensions = validate_crit_default(JWSInvalid, /* @__PURE__ */ new Map([["b64", true]]), options?.crit, this._protectedHeader, joseHeader);
+    let b64 = true;
+    if (extensions.has("b64")) {
+      b64 = this._protectedHeader.b64;
+      if (typeof b64 !== "boolean") {
+        throw new JWSInvalid('The "b64" (base64url-encode payload) Header Parameter must be a boolean');
+      }
+    }
+    const { alg } = joseHeader;
+    if (typeof alg !== "string" || !alg) {
+      throw new JWSInvalid('JWS "alg" (Algorithm) Header Parameter missing or invalid');
+    }
+    checkKeyTypeWithJwk(alg, key, "sign");
+    let payload = this._payload;
+    if (b64) {
+      payload = encoder.encode(encode(payload));
+    }
+    let protectedHeader;
+    if (this._protectedHeader) {
+      protectedHeader = encoder.encode(encode(JSON.stringify(this._protectedHeader)));
+    } else {
+      protectedHeader = encoder.encode("");
+    }
+    const data = concat(protectedHeader, encoder.encode("."), payload);
+    const signature = await sign_default(alg, key, data);
+    const jws = {
+      signature: encode(signature),
+      payload: ""
+    };
+    if (b64) {
+      jws.payload = decoder.decode(payload);
+    }
+    if (this._unprotectedHeader) {
+      jws.header = this._unprotectedHeader;
+    }
+    if (this._protectedHeader) {
+      jws.protected = decoder.decode(protectedHeader);
+    }
+    return jws;
+  }
+};
+// ../../node_modules/jose/dist/node/esm/jws/compact/sign.js
+var CompactSign = class {
+  _flattened;
+  constructor(payload) {
+    this._flattened = new FlattenedSign(payload);
+  }
+  setProtectedHeader(protectedHeader) {
+    this._flattened.setProtectedHeader(protectedHeader);
+    return this;
+  }
+  async sign(key, options) {
+    const jws = await this._flattened.sign(key, options);
+    if (jws.payload === void 0) {
+      throw new TypeError("use the flattened module for creating JWS with b64: false");
+    }
+    return `${jws.protected}.${jws.payload}.${jws.signature}`;
+  }
+};
+// ../../node_modules/jose/dist/node/esm/jwt/produce.js
+function validateInput(label, input) {
+  if (!Number.isFinite(input)) {
+    throw new TypeError(`Invalid ${label} input`);
+  }
+  return input;
+}
+var ProduceJWT = class {
+  _payload;
+  constructor(payload = {}) {
+    if (!isObject(payload)) {
+      throw new TypeError("JWT Claims Set MUST be an object");
+    }
+    this._payload = payload;
+  }
+  setIssuer(issuer) {
+    this._payload = { ...this._payload, iss: issuer };
+    return this;
+  }
+  setSubject(subject) {
+    this._payload = { ...this._payload, sub: subject };
+    return this;
+  }
+  setAudience(audience) {
+    this._payload = { ...this._payload, aud: audience };
+    return this;
+  }
+  setJti(jwtId) {
+    this._payload = { ...this._payload, jti: jwtId };
+    return this;
+  }
+  setNotBefore(input) {
+    if (typeof input === "number") {
+      this._payload = { ...this._payload, nbf: validateInput("setNotBefore", input) };
+    } else if (input instanceof Date) {
+      this._payload = { ...this._payload, nbf: validateInput("setNotBefore", epoch_default(input)) };
+    } else {
+      this._payload = { ...this._payload, nbf: epoch_default(/* @__PURE__ */ new Date()) + secs_default(input) };
+    }
+    return this;
+  }
+  setExpirationTime(input) {
+    if (typeof input === "number") {
+      this._payload = { ...this._payload, exp: validateInput("setExpirationTime", input) };
+    } else if (input instanceof Date) {
+      this._payload = { ...this._payload, exp: validateInput("setExpirationTime", epoch_default(input)) };
+    } else {
+      this._payload = { ...this._payload, exp: epoch_default(/* @__PURE__ */ new Date()) + secs_default(input) };
+    }
+    return this;
+  }
+  setIssuedAt(input) {
+    if (typeof input === "undefined") {
+      this._payload = { ...this._payload, iat: epoch_default(/* @__PURE__ */ new Date()) };
+    } else if (input instanceof Date) {
+      this._payload = { ...this._payload, iat: validateInput("setIssuedAt", epoch_default(input)) };
+    } else if (typeof input === "string") {
+      this._payload = {
+        ...this._payload,
+        iat: validateInput("setIssuedAt", epoch_default(/* @__PURE__ */ new Date()) + secs_default(input))
+      };
+    } else {
+      this._payload = { ...this._payload, iat: validateInput("setIssuedAt", input) };
+    }
+    return this;
+  }
+};
+// ../../node_modules/jose/dist/node/esm/jwt/sign.js
+var SignJWT = class extends ProduceJWT {
+  _protectedHeader;
+  setProtectedHeader(protectedHeader) {
+    this._protectedHeader = protectedHeader;
+    return this;
+  }
+  async sign(key, options) {
+    const sig = new CompactSign(encoder.encode(JSON.stringify(this._payload)));
+    sig.setProtectedHeader(this._protectedHeader);
+    if (Array.isArray(this._protectedHeader?.crit) && this._protectedHeader.crit.includes("b64") && this._protectedHeader.b64 === false) {
+      throw new JWTInvalid("JWTs MUST NOT use unencoded payload");
+    }
+    return sig.sign(key, options);
+  }
+};
+// ../shared/src/jwt.ts
+var enc = new TextEncoder();
+async function signOpsToken(secret, payload, ttlSeconds = 30 * 24 * 3600) {
+  return await new SignJWT(payload).setProtectedHeader({ alg: "HS256" }).setIssuedAt().setExpirationTime(`${ttlSeconds}s`).setIssuer("duoduo-ops").setAudience("duoduo-ops").sign(enc.encode(secret));
+}
+// ../shared/src/paths.ts
+import { existsSync } from "fs";
+import path from "path";
+// ../shared/src/env-loader.ts
+import { existsSync as existsSync2 } from "fs";
+import path2 from "path";
+async function loadEnvFiles(opts = {}) {
+  const dotenv = (await import("dotenv")).default;
+  const start = path2.resolve(opts.startDir ?? process.cwd());
+  const candidateDirs = /* @__PURE__ */ new Set();
+  let dir = start;
+  for (; ; ) {
+    candidateDirs.add(dir);
+    if (existsSync2(path2.join(dir, "turbo.json"))) break;
+    const parent = path2.dirname(dir);
+    if (parent === dir) break;
+    dir = parent;
+  }
+  const root = dir;
+  for (const sub of ["apps/web", "packages/db"]) {
+    candidateDirs.add(path2.join(root, sub));
+  }
+  for (const p2 of opts.extra ?? []) {
+    candidateDirs.add(path2.dirname(path2.resolve(p2)));
+  }
+  const loaded = [];
+  const skipped = [];
+  for (const d of candidateDirs) {
+    const p2 = path2.join(d, ".env");
+    if (!existsSync2(p2)) {
+      skipped.push(p2);
+      continue;
+    }
+    dotenv.config({ path: p2, override: opts.override ?? false });
+    loaded.push(p2);
+  }
+  for (const p2 of opts.extra ?? []) {
+    if (!existsSync2(p2)) continue;
+    if (loaded.includes(path2.resolve(p2))) continue;
+    dotenv.config({ path: p2, override: opts.override ?? false });
+    loaded.push(p2);
+  }
+  if (!opts.silent && loaded.length > 0) {
+    console.log(`[env-loader] loaded ${loaded.length} .env file(s): ${loaded.join(", ")}`);
+  }
+  return { loaded, skipped };
+}
+// src/index.ts
+await loadEnvFiles({ silent: true });
+function out(data, pretty) {
+  process.stdout.write(JSON.stringify(data, null, pretty ? 2 : 0) + "\n");
+}
+function die(msg, data) {
+  process.stderr.write(
+    JSON.stringify({ ok: false, error: msg, ...data ? { detail: data } : {} }, null, 2) + "\n"
+  );
+  process.exit(1);
+}
+function makeClient(api, token) {
+  return axios.create({
+    baseURL: api.replace(/\/$/, ""),
+    headers: { Authorization: `Bearer ${token}`, "Content-Type": "application/json" },
+    timeout: 3e4
+  });
+}
+async function call(client, method, path3, payload) {
+  try {
+    const res = method === "get" ? await client.get(path3, { params: payload }) : await client.post(path3, payload);
+    if (!res.data.ok) die(res.data.message ?? "API error", res.data);
+    return res.data.data;
+  } catch (err) {
+    if (axios.isAxiosError(err)) {
+      const d = err.response?.data;
+      die(d?.message ?? err.message, { status: err.response?.status });
+    }
+    throw err;
+  }
+}
+var program = new Command();
+program.name("duoduo-ops").description("\u591A\u591A\u8FD0\u8425\u540E\u53F0 CLI\uFF1A\u67E5\u8BE2\u9500\u552E/\u5E93\u5B58/\u5229\u6DA6/\u4ED3\u50A8\u8D39\uFF0C\u7BA1\u7406\u4E3B\u6570\u636E").version("0.1.0").option("--api <url>", "\u4E91\u7AEF API \u5730\u5740", process.env.INGEST_API_BASE ?? "http://localhost:3000").option("--token <jwt>", "Ops JWT\uFF08\u4F18\u5148\u7EA7\uFF1A--token > OPS_JWT \u73AF\u5883\u53D8\u91CF\uFF09", process.env.OPS_JWT).option("--pretty", "\u7F8E\u5316 JSON \u8F93\u51FA", false);
+function globalOpts(cmd) {
+  const root = cmd.parent ?? cmd;
+  return root.opts();
+}
+function requireToken(cmd) {
+  const g = globalOpts(cmd);
+  if (!g.token) die("\u7F3A\u5C11 Ops JWT\uFF0C\u8BF7\u901A\u8FC7 --token \u6216 OPS_JWT \u73AF\u5883\u53D8\u91CF\u63D0\u4F9B");
+  return { api: g.api, token: g.token, pretty: g.pretty };
+}
+program.command("gen-token").description("\u751F\u6210 Ops JWT\uFF08\u9700\u8981 WORKER_JWT_SECRET \u548C\u79DF\u6237 slug\uFF09").requiredOption("--tenant-slug <slug>", "\u79DF\u6237 slug\uFF08\u53EF\u5728\u540E\u53F0\u300C\u8BBE\u7F6E\u300D\u9875\u6216\u6CE8\u518C\u90AE\u4EF6\u4E2D\u67E5\u770B\uFF09").option("--tenant-id <uuid>", "\u79DF\u6237 UUID\uFF08\u53EF\u9009\uFF0C\u9ED8\u8BA4\u81EA\u52A8\u4F7F\u7528 slug\uFF09").option("--ttl <days>", "\u6709\u6548\u671F\uFF08\u5929\uFF09", "30").action(async (opts, cmd) => {
+  const g = globalOpts(cmd);
+  const secret = process.env.WORKER_JWT_SECRET;
+  if (!secret) die("\u7F3A\u5C11 WORKER_JWT_SECRET \u73AF\u5883\u53D8\u91CF");
+  const tenantId = opts.tenantId ?? opts.tenantSlug;
+  const ttlSeconds = Math.round(parseFloat(opts.ttl) * 24 * 3600);
+  const token = await signOpsToken(
+    secret,
+    { sub: "ops-cli", tenantId, tenantSlug: opts.tenantSlug },
+    ttlSeconds
+  );
+  out({ token, tenantId, tenantSlug: opts.tenantSlug, ttlDays: opts.ttl }, g.pretty);
+});
+var salesCmd = program.command("sales").description("\u9500\u552E\u76F8\u5173\u64CD\u4F5C");
+salesCmd.command("query").description("\u67E5\u8BE2\u9500\u552E\u660E\u7EC6").option("--from <date>", "\u8D77\u59CB\u65E5\u671F YYYY-MM-DD").option("--to <date>", "\u7ED3\u675F\u65E5\u671F YYYY-MM-DD").option("--shop <id>", "\u6309\u5E97\u94FA UUID \u8FC7\u6EE4\uFF08\u4ECE shops list \u83B7\u53D6\uFF09").option("--warehouse <id>", "\u6309\u4ED3\u5E93 UUID \u8FC7\u6EE4\uFF08\u4ECE warehouses list \u83B7\u53D6\uFF09").option("--sku <sku>", "\u6309 SKU \u6A21\u7CCA\u8FC7\u6EE4").option("--limit <n>", "\u6700\u591A\u8FD4\u56DE\u6761\u6570\uFF08\u2264500\uFF09", "200").action(async (opts, cmd) => {
+  const { api, token, pretty } = requireToken(cmd.parent);
+  const client = makeClient(api, token);
+  const params = {};
+  if (opts.from) params.from = opts.from;
+  if (opts.to) params.to = opts.to;
+  if (opts.shop) params.shopId = opts.shop;
+  if (opts.warehouse) params.warehouseId = opts.warehouse;
+  if (opts.sku) params.sku = opts.sku;
+  params.limit = opts.limit;
+  const data = await call(client, "get", "/api/sales", params);
+  out(data, pretty);
+});
+var invCmd = program.command("inventory").description("\u5E93\u5B58\u76F8\u5173\u64CD\u4F5C");
+invCmd.command("query").description("\u67E5\u8BE2\u5E93\u5B58\u5FEB\u7167").option("--from <date>", "\u8D77\u59CB\u65E5\u671F YYYY-MM-DD").option("--to <date>", "\u7ED3\u675F\u65E5\u671F YYYY-MM-DD").option("--shop <id>", "\u6309\u5E97\u94FA UUID \u8FC7\u6EE4\uFF08\u4ECE shops list \u83B7\u53D6\uFF09").option("--warehouse <id>", "\u6309\u4ED3\u5E93 UUID \u8FC7\u6EE4").option("--sku <sku>", "\u6309 SKU \u6A21\u7CCA\u8FC7\u6EE4").option("--is-shared <bool>", "true=\u4EC5\u5171\u4EAB\u4ED3 / false=\u4EC5\u4E2D\u5FC3\u4ED3").option("--page <n>", "\u9875\u7801", "1").option("--page-size <n>", "\u6BCF\u9875\u6761\u6570\uFF08\u2264200\uFF09", "50").action(async (opts, cmd) => {
+  const { api, token, pretty } = requireToken(cmd.parent);
+  const client = makeClient(api, token);
+  const params = {};
+  if (opts.from) params.from = opts.from;
+  if (opts.to) params.to = opts.to;
+  if (opts.shop) params.shopId = opts.shop;
+  if (opts.warehouse) params.warehouseId = opts.warehouse;
+  if (opts.sku) params.sku = opts.sku;
+  if (opts.isShared) params.isShared = opts.isShared;
+  params.page = opts.page;
+  params.pageSize = opts.pageSize;
+  const data = await call(client, "get", "/api/inventory", params);
+  out(data, pretty);
+});
+var profitCmd = program.command("profit").description("\u5229\u6DA6\u76F8\u5173\u64CD\u4F5C");
+profitCmd.command("query").description("\u67E5\u8BE2\u5229\u6DA6\u6C47\u603B").option("--from <date>", "\u8D77\u59CB\u65E5\u671F YYYY-MM-DD").option("--to <date>", "\u7ED3\u675F\u65E5\u671F YYYY-MM-DD").option("--warehouses <ids>", "\u4ED3\u5E93 ID \u5217\u8868\uFF08\u9017\u53F7\u5206\u9694\uFF09").option("--shops <ids>", "\u5E97\u94FA ID \u5217\u8868\uFF08\u9017\u53F7\u5206\u9694\uFF09").option("--page <n>", "\u9875\u7801", "1").option("--page-size <n>", "\u6BCF\u9875\u6761\u6570\uFF08\u2264500\uFF09", "100").action(async (opts, cmd) => {
+  const { api, token, pretty } = requireToken(cmd.parent);
+  const client = makeClient(api, token);
+  const params = {};
+  if (opts.from) params.from = opts.from;
+  if (opts.to) params.to = opts.to;
+  if (opts.warehouses) params.warehouseIds = opts.warehouses;
+  if (opts.shops) params.shopIds = opts.shops;
+  params.page = opts.page;
+  params.pageSize = opts.pageSize;
+  const data = await call(client, "get", "/api/profit", params);
+  out(data, pretty);
+});
+profitCmd.command("recompute").description("\u91CD\u7B97\u6307\u5B9A\u65E5\u671F\u533A\u95F4\u5185\u7684\u5229\u6DA6").requiredOption("--from <date>", "\u8D77\u59CB\u65E5\u671F YYYY-MM-DD").requiredOption("--to <date>", "\u7ED3\u675F\u65E5\u671F YYYY-MM-DD").action(async (opts, cmd) => {
+  const { api, token, pretty } = requireToken(cmd.parent);
+  const client = makeClient(api, token);
+  const data = await call(client, "post", "/api/profit/recompute", {
+    fromDate: opts.from,
+    toDate: opts.to
+  });
+  out(data, pretty);
+});
+var sfCmd = program.command("storage-fees").description("\u4ED3\u50A8\u8D39\u76F8\u5173\u64CD\u4F5C");
+sfCmd.command("query").description("\u67E5\u8BE2\u4ED3\u50A8\u8D39\u660E\u7EC6").option("--from <date>", "\u8D77\u59CB\u65E5\u671F YYYY-MM-DD").option("--to <date>", "\u7ED3\u675F\u65E5\u671F YYYY-MM-DD").option("--warehouse <id>", "\u6309\u5171\u4EAB\u4ED3 ID \u8FC7\u6EE4").option("--shop <id>", "\u6309\u5E97\u94FA ID \u8FC7\u6EE4").option("--page <n>", "\u9875\u7801", "1").option("--page-size <n>", "\u6BCF\u9875\u6761\u6570\uFF08\u2264200\uFF09", "50").action(async (opts, cmd) => {
+  const { api, token, pretty } = requireToken(cmd.parent);
+  const client = makeClient(api, token);
+  const params = {};
+  if (opts.from) params.from = opts.from;
+  if (opts.to) params.to = opts.to;
+  if (opts.warehouse) params.warehouseId = opts.warehouse;
+  if (opts.shop) params.shopId = opts.shop;
+  params.page = opts.page;
+  params.pageSize = opts.pageSize;
+  const data = await call(client, "get", "/api/storage-fees", params);
+  out(data, pretty);
+});
+var shopsCmd = program.command("shops").description("\u5E97\u94FA\u76F8\u5173\u64CD\u4F5C");
+shopsCmd.command("list").description("\u5217\u51FA\u6240\u6709\u5E97\u94FA").action(async (_opts, cmd) => {
+  const { api, token, pretty } = requireToken(cmd.parent);
+  const client = makeClient(api, token);
+  const data = await call(client, "get", "/api/shops", {});
+  out(data, pretty);
+});
+var productsCmd = program.command("products").description("\u5546\u54C1\uFF08\u4E3B\u6570\u636E\uFF09\u76F8\u5173\u64CD\u4F5C");
+productsCmd.command("list").description("\u67E5\u8BE2\u5546\u54C1\u5217\u8868\uFF08\u6309 SKU/\u540D\u79F0\u6A21\u7CCA\u641C\u7D22\uFF09").option("--q <keyword>", "\u6A21\u7CCA\u641C\u7D22 SKU \u6216\u5546\u54C1\u540D").action(async (opts, cmd) => {
+  const { api, token, pretty } = requireToken(cmd.parent);
+  const client = makeClient(api, token);
+  const params = {};
+  if (opts.q) params.q = opts.q;
+  const data = await call(client, "get", "/api/products", params);
+  out(data, pretty);
+});
+var warehousesCmd = program.command("warehouses").description("\u4ED3\u5E93\uFF08\u4E3B\u6570\u636E\uFF09\u76F8\u5173\u64CD\u4F5C");
+warehousesCmd.command("list").description("\u5217\u51FA\u6240\u6709\u4ED3\u5E93\uFF08\u542B\u4ED3\u5E93\u7EC4\u3001\u533A\u57DF\u4FE1\u606F\uFF09").action(async (_opts, cmd) => {
+  const { api, token, pretty } = requireToken(cmd.parent);
+  const client = makeClient(api, token);
+  const data = await call(client, "get", "/api/warehouses", {});
+  out(data, pretty);
+});
+var pcCmd = program.command("product-costs").description("\u5546\u54C1\u6210\u672C\u76F8\u5173\u64CD\u4F5C");
+pcCmd.command("add").description("\u6DFB\u52A0/\u66F4\u65B0\u5546\u54C1\u6210\u672C\uFF08\u6309\u5546\u54C1+\u751F\u6548\u65E5\u671F\u5E42\u7B49\u5199\u5165\uFF09").requiredOption("--product-id <id>", "\u5546\u54C1 UUID\uFF08\u53EF\u4ECE products list \u83B7\u53D6\uFF09").requiredOption("--cost <fen>", "\u6210\u672C\u4EF7\uFF08\u5355\u4F4D\uFF1A\u5206\uFF0C\u6574\u6570\uFF09").requiredOption("--date <date>", "\u751F\u6548\u65E5\u671F YYYY-MM-DD").option("--remark <text>", "\u5907\u6CE8").action(async (opts, cmd) => {
+  const { api, token, pretty } = requireToken(cmd.parent);
+  const client = makeClient(api, token);
+  const costFen = parseInt(opts.cost, 10);
+  if (isNaN(costFen) || costFen < 0) die("--cost \u5FC5\u987B\u662F\u975E\u8D1F\u6574\u6570\uFF08\u5206\uFF09");
+  const data = await call(client, "post", "/api/product-costs", {
+    productId: opts.productId,
+    costPriceFen: costFen,
+    effectiveDate: opts.date,
+    ...opts.remark ? { remark: opts.remark } : {}
+  });
+  out(data, pretty);
+});
+pcCmd.command("list").description("\u67E5\u8BE2\u5546\u54C1\u6210\u672C\u8BB0\u5F55").option("--product-id <id>", "\u6309\u5546\u54C1 ID \u8FC7\u6EE4").action(async (opts, cmd) => {
+  const { api, token, pretty } = requireToken(cmd.parent);
+  const client = makeClient(api, token);
+  const params = {};
+  if (opts.productId) params.productId = opts.productId;
+  const data = await call(client, "get", "/api/product-costs", params);
+  out(data, pretty);
+});
+var wmCmd = program.command("warehouse-mappings").description("\u4ED3\u5E93\u6620\u5C04\uFF08\u5171\u4EAB\u4ED3\u2192\u4E2D\u5FC3\u4ED3\uFF09\u76F8\u5173\u64CD\u4F5C");
+wmCmd.command("add").description("\u6DFB\u52A0/\u66F4\u65B0\u4ED3\u5E93\u6620\u5C04\uFF08\u6309\u4ED3\u5E93\u5BF9\u5E42\u7B49\u5199\u5165\uFF09").requiredOption("--shared <code>", "\u5171\u4EAB\u4ED3 code").requiredOption("--center <code>", "\u4E2D\u5FC3\u4ED3 code").option("--weight <n>", "\u5206\u644A\u6743\u91CD\uFF08\u9ED8\u8BA4 1\uFF09", "1").action(async (opts, cmd) => {
+  const { api, token, pretty } = requireToken(cmd.parent);
+  const client = makeClient(api, token);
+  const data = await call(client, "post", "/api/warehouse-mappings", {
+    sharedWarehouseCode: opts.shared,
+    centerWarehouseCode: opts.center,
+    weight: parseFloat(opts.weight)
+  });
+  out(data, pretty);
+});
+wmCmd.command("list").description("\u5217\u51FA\u6240\u6709\u4ED3\u5E93\u6620\u5C04").action(async (_opts, cmd) => {
+  const { api, token, pretty } = requireToken(cmd.parent);
+  const client = makeClient(api, token);
+  const data = await call(client, "get", "/api/warehouse-mappings", {});
+  out(data, pretty);
+});
+var exportsCmd = program.command("exports").description("\u5F02\u6B65\u5BFC\u51FA\u4EFB\u52A1\u76F8\u5173\u64CD\u4F5C");
+exportsCmd.command("create").description("\u53D1\u8D77\u5F02\u6B65\u5BFC\u51FA\u4EFB\u52A1").requiredOption("--type <type>", "\u5BFC\u51FA\u7C7B\u578B\uFF1ASALES | INVENTORY | PROFIT | STORAGE_FEE | ORDER_RAW").option("--from <date>", "\u8D77\u59CB\u65E5\u671F YYYY-MM-DD").option("--to <date>", "\u7ED3\u675F\u65E5\u671F YYYY-MM-DD").option("--shop <id>", "\u6309\u5E97\u94FA ID \u8FC7\u6EE4").option("--warehouse <id>", "\u6309\u4ED3\u5E93 ID \u8FC7\u6EE4").option("--sku <sku>", "\u6309 SKU \u8FC7\u6EE4\uFF08SALES / INVENTORY\uFF09").option("--group-by <dim>", "\u5229\u6DA6\u805A\u5408\u7EF4\u5EA6\uFF1Aday | warehouse | shop").action(async (opts, cmd) => {
+  const { api, token, pretty } = requireToken(cmd.parent);
+  const client = makeClient(api, token);
+  const validTypes = ["SALES", "INVENTORY", "PROFIT", "STORAGE_FEE", "ORDER_RAW"];
+  if (!validTypes.includes(opts.type)) die(`--type \u5FC5\u987B\u662F\u4EE5\u4E0B\u4E4B\u4E00: ${validTypes.join(" | ")}`);
+  const body = { type: opts.type };
+  if (opts.from) body.from = opts.from;
+  if (opts.to) body.to = opts.to;
+  if (opts.shop) body.shopId = opts.shop;
+  if (opts.warehouse) body.warehouseId = opts.warehouse;
+  if (opts.sku) body.sku = opts.sku;
+  if (opts.groupBy) body.groupBy = opts.groupBy;
+  const data = await call(client, "post", "/api/exports", body);
+  out(data, pretty);
+});
+exportsCmd.command("list").description("\u5217\u51FA\u6700\u8FD1 100 \u6761\u5BFC\u51FA\u8BB0\u5F55").action(async (_opts, cmd) => {
+  const { api, token, pretty } = requireToken(cmd.parent);
+  const client = makeClient(api, token);
+  const data = await call(client, "get", "/api/exports", {});
+  out(data, pretty);
+});
+exportsCmd.command("get <id>").description("\u67E5\u8BE2\u5355\u6761\u5BFC\u51FA\u4EFB\u52A1\u7684\u72B6\u6001\uFF08\u53EF\u8F6E\u8BE2\u76F4\u5230 status=SUCCESS\uFF09").action(async (id, _opts, cmd) => {
+  const { api, token, pretty } = requireToken(cmd.parent);
+  const client = makeClient(api, token);
+  const data = await call(client, "get", `/api/exports/${id}`, {});
+  out(data, pretty);
+});
+exportsCmd.command("download <id>").description("\u4E0B\u8F7D\u5DF2\u5B8C\u6210\u7684\u5BFC\u51FA\u6587\u4EF6\uFF08status=SUCCESS \u540E\u53EF\u7528\uFF09").requiredOption("--output <path>", "\u4FDD\u5B58\u8DEF\u5F84\uFF0C\u4F8B\u5982 ./sales.xlsx").action(async (id, opts, cmd) => {
+  const { api, token } = requireToken(cmd.parent);
+  const client = makeClient(api, token);
+  const job = await call(client, "get", `/api/exports/${id}`, {});
+  if (job.status !== "SUCCESS") die(`\u4EFB\u52A1\u5C1A\u672A\u5B8C\u6210\uFF0C\u5F53\u524D\u72B6\u6001: ${job.status}`, { id, status: job.status });
+  const { createWriteStream } = await import("fs");
+  const res = await client.get(`/api/exports/${id}/download`, { responseType: "stream" });
+  await new Promise((resolve, reject) => {
+    const ws = createWriteStream(opts.output);
+    res.data.pipe(ws);
+    ws.on("finish", resolve);
+    ws.on("error", reject);
+  });
+  process.stderr.write(`\u6587\u4EF6\u5DF2\u4FDD\u5B58\u81F3: ${opts.output}
+`);
+  out({ ok: true, path: opts.output }, false);
+});
+program.parseAsync(process.argv).catch((err) => {
+  die(String(err));
+});

package/package.json ADDED Viewed

@@ -0,0 +1,36 @@
+{
+  "name": "@yz-xingtu/ops-cli",
+  "version": "0.1.1",
+  "type": "module",
+  "description": "多多运营后台 CLI — 销售/库存/利润/仓储费查询、主数据管理，通过 OPS_JWT 与云端 API 交互",
+  "keywords": ["duoduo", "ops", "cli", "sales", "inventory", "profit"],
+  "files": ["dist"],
+  "bin": {
+    "duoduo-ops": "dist/index.js"
+  },
+  "publishConfig": {
+    "access": "public",
+    "registry": "https://registry.npmjs.org/"
+  },
+  "scripts": {
+    "build": "tsup",
+    "dev": "tsx src/index.ts",
+    "lint": "echo \"(ops-cli) lint skipped\"",
+    "typecheck": "tsc --noEmit"
+  },
+  "dependencies": {
+    "axios": "^1.7.7",
+    "commander": "^12.1.0",
+    "dotenv": "^16.4.5"
+  },
+  "devDependencies": {
+    "@duoduo/shared": "*",
+    "@types/node": "^20.12.7",
+    "tsup": "^8.3.0",
+    "tsx": "^4.7.1",
+    "typescript": "^5.4.5"
+  },
+  "engines": {
+    "node": ">=18.18"
+  }
+}