asaihost-nodejs 0.0.9 → 0.0.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (44) hide show
  1. package/dist/InterventionLog-WNVDQFAH.cjs.map +1 -1
  2. package/dist/LogStore-AP4T2CFD.cjs.map +1 -1
  3. package/dist/asaihost-nodejs.cjs +684 -492
  4. package/dist/asaihost-nodejs.cjs.map +1 -1
  5. package/dist/asaihost-nodejs.es.js +291 -99
  6. package/dist/asaihost-nodejs.es.js.map +1 -1
  7. package/dist/chunk-2BCIIKRG.cjs.map +1 -1
  8. package/dist/{chunk-OTL2B4WS.es.js → chunk-3E4Y5ATG.es.js} +2 -2
  9. package/dist/{chunk-ZK4O4Z2O.cjs → chunk-5EWEKXQI.cjs} +20 -20
  10. package/dist/chunk-5EWEKXQI.cjs.map +1 -0
  11. package/dist/chunk-ARHPHWT5.cjs.map +1 -1
  12. package/dist/{chunk-GXOFLFFW.cjs → chunk-FRPN33BY.cjs} +3 -2
  13. package/dist/chunk-FRPN33BY.cjs.map +1 -0
  14. package/dist/{chunk-WXW5DYNU.cjs → chunk-H2QP5J7X.cjs} +9 -9
  15. package/dist/chunk-H2QP5J7X.cjs.map +1 -0
  16. package/dist/chunk-HR5JKN7Y.cjs.map +1 -1
  17. package/dist/{chunk-BOIRAQXE.es.js → chunk-M3NURHGU.es.js} +2 -1
  18. package/dist/chunk-O6LVLSNB.cjs.map +1 -1
  19. package/dist/chunk-OCEBEEP5.cjs.map +1 -1
  20. package/dist/chunk-SMVZ3ZDJ.cjs.map +1 -1
  21. package/dist/chunk-U2YJH2RW.cjs.map +1 -1
  22. package/dist/{chunk-5WJQD4RZ.es.js → chunk-UKZ3DP37.es.js} +3 -3
  23. package/dist/intervention-hooks-4NAAAZK3.cjs.map +1 -1
  24. package/dist/log-alert-LAJ6VSAG.cjs.map +1 -1
  25. package/dist/log-formats-TUXGMCCU.cjs.map +1 -1
  26. package/dist/{password-4P7IZUDQ.es.js → password-2ZBHQQBF.es.js} +3 -3
  27. package/dist/password-T762KJOI.cjs +20 -0
  28. package/dist/password-T762KJOI.cjs.map +1 -0
  29. package/dist/user-store-6QNAL4CK.cjs +12 -0
  30. package/dist/user-store-6QNAL4CK.cjs.map +1 -0
  31. package/dist/{user-store-FXD2N55G.es.js → user-store-ZI67TXSI.es.js} +3 -3
  32. package/package.json +1 -1
  33. package/dist/chunk-GXOFLFFW.cjs.map +0 -1
  34. package/dist/chunk-WXW5DYNU.cjs.map +0 -1
  35. package/dist/chunk-ZK4O4Z2O.cjs.map +0 -1
  36. package/dist/password-MDYRL6ZD.cjs +0 -20
  37. package/dist/password-MDYRL6ZD.cjs.map +0 -1
  38. package/dist/user-store-55HOLHEM.cjs +0 -12
  39. package/dist/user-store-55HOLHEM.cjs.map +0 -1
  40. /package/dist/{chunk-OTL2B4WS.es.js.map → chunk-3E4Y5ATG.es.js.map} +0 -0
  41. /package/dist/{chunk-BOIRAQXE.es.js.map → chunk-M3NURHGU.es.js.map} +0 -0
  42. /package/dist/{chunk-5WJQD4RZ.es.js.map → chunk-UKZ3DP37.es.js.map} +0 -0
  43. /package/dist/{password-4P7IZUDQ.es.js.map → password-2ZBHQQBF.es.js.map} +0 -0
  44. /package/dist/{user-store-FXD2N55G.es.js.map → user-store-ZI67TXSI.es.js.map} +0 -0
@@ -50,7 +50,7 @@ var _chunkO6LVLSNBcjs = require('./chunk-O6LVLSNB.cjs');
50
50
 
51
51
 
52
52
 
53
- var _chunkWXW5DYNUcjs = require('./chunk-WXW5DYNU.cjs');
53
+ var _chunkH2QP5J7Xcjs = require('./chunk-H2QP5J7X.cjs');
54
54
 
55
55
 
56
56
 
@@ -62,7 +62,7 @@ var _chunkWXW5DYNUcjs = require('./chunk-WXW5DYNU.cjs');
62
62
 
63
63
 
64
64
 
65
- var _chunkZK4O4Z2Ocjs = require('./chunk-ZK4O4Z2O.cjs');
65
+ var _chunk5EWEKXQIcjs = require('./chunk-5EWEKXQI.cjs');
66
66
 
67
67
 
68
68
 
@@ -75,7 +75,8 @@ var _chunkZK4O4Z2Ocjs = require('./chunk-ZK4O4Z2O.cjs');
75
75
 
76
76
 
77
77
 
78
- var _chunkGXOFLFFWcjs = require('./chunk-GXOFLFFW.cjs');
78
+
79
+ var _chunkFRPN33BYcjs = require('./chunk-FRPN33BY.cjs');
79
80
 
80
81
 
81
82
  var _chunk2BCIIKRGcjs = require('./chunk-2BCIIKRG.cjs');
@@ -814,8 +815,8 @@ _chunkSMVZ3ZDJcjs.__name.call(void 0, checkNtpOffset, "checkNtpOffset");
814
815
 
815
816
  // src/infra/config-integrity.ts
816
817
  var _crypto = require('crypto'); var _crypto2 = _interopRequireDefault(_crypto);
817
- var _fs = require('fs'); var fs3 = _interopRequireWildcard(_fs); var fs6 = _interopRequireWildcard(_fs); var fs4 = _interopRequireWildcard(_fs); var fs5 = _interopRequireWildcard(_fs); var fs8 = _interopRequireWildcard(_fs); var fs10 = _interopRequireWildcard(_fs);
818
- var _path = require('path'); var nodePath2 = _interopRequireWildcard(_path); var path2 = _interopRequireWildcard(_path); var nodePath = _interopRequireWildcard(_path); var nodePath3 = _interopRequireWildcard(_path); var path4 = _interopRequireWildcard(_path); var path6 = _interopRequireWildcard(_path); var path7 = _interopRequireWildcard(_path);
818
+ var _fs = require('fs'); var fs3 = _interopRequireWildcard(_fs); var fs6 = _interopRequireWildcard(_fs); var fs4 = _interopRequireWildcard(_fs); var fs5 = _interopRequireWildcard(_fs); var fs8 = _interopRequireWildcard(_fs); var fs11 = _interopRequireWildcard(_fs);
819
+ var _path = require('path'); var nodePath2 = _interopRequireWildcard(_path); var path2 = _interopRequireWildcard(_path); var nodePath = _interopRequireWildcard(_path); var nodePath3 = _interopRequireWildcard(_path); var path5 = _interopRequireWildcard(_path); var path7 = _interopRequireWildcard(_path); var path8 = _interopRequireWildcard(_path);
819
820
  function computeConfigHash(configPath) {
820
821
  try {
821
822
  const raw = fs3.default.readFileSync(configPath);
@@ -869,7 +870,7 @@ function initAsaiHostNodejs($asai, _opt) {
869
870
  resAES
870
871
  };
871
872
  }
872
- if (_chunkZK4O4Z2Ocjs.isDevDefaultPassword.call(void 0, _optionalChain([$asai, 'access', _102 => _102.hostconfig, 'optionalAccess', _103 => _103.password]) || "")) {
873
+ if (_chunk5EWEKXQIcjs.isDevDefaultPassword.call(void 0, _optionalChain([$asai, 'access', _102 => _102.hostconfig, 'optionalAccess', _103 => _103.password]) || "")) {
873
874
  logSecurityEvent($asai, {
874
875
  type: "CONFIG_WARN",
875
876
  detail: "Using dev-only password; set ASAI_HOST_PASSWORD for production (IEC 62443-4-2 CR 1.7)"
@@ -1000,15 +1001,20 @@ async function clearStaleWsIfDead($asai, hostdir, us, existingWs) {
1000
1001
  if (_optionalChain([map, 'optionalAccess', _122 => _122[us]])) delete map[us];
1001
1002
  return true;
1002
1003
  }
1003
- if (!isWsStillActive(existingWs)) {
1004
+ if (existingWs._asaiKicked) {
1004
1005
  terminateWs(existingWs);
1005
1006
  if (_optionalChain([map, 'optionalAccess', _123 => _123[us]]) === existingWs) delete map[us];
1006
1007
  return true;
1007
1008
  }
1009
+ if (!isWsStillActive(existingWs)) {
1010
+ terminateWs(existingWs);
1011
+ if (_optionalChain([map, 'optionalAccess', _124 => _124[us]]) === existingWs) delete map[us];
1012
+ return true;
1013
+ }
1008
1014
  const alive = await probeWsAlive($asai, existingWs);
1009
1015
  if (alive) return false;
1010
1016
  terminateWs(existingWs);
1011
- if (_optionalChain([map, 'optionalAccess', _124 => _124[us]]) === existingWs) delete map[us];
1017
+ if (_optionalChain([map, 'optionalAccess', _125 => _125[us]]) === existingWs) delete map[us];
1012
1018
  return true;
1013
1019
  }
1014
1020
  _chunkSMVZ3ZDJcjs.__name.call(void 0, clearStaleWsIfDead, "clearStaleWsIfDead");
@@ -1016,7 +1022,7 @@ _chunkSMVZ3ZDJcjs.__name.call(void 0, clearStaleWsIfDead, "clearStaleWsIfDead");
1016
1022
  // src/ws/auth.ts
1017
1023
  function getWsUserinfo(req, $asai) {
1018
1024
  try {
1019
- const raw = _optionalChain([req, 'access', _125 => _125.headers, 'optionalAccess', _126 => _126["sec-websocket-protocol"]]);
1025
+ const raw = _optionalChain([req, 'access', _126 => _126.headers, 'optionalAccess', _127 => _127["sec-websocket-protocol"]]);
1020
1026
  if (!raw) return null;
1021
1027
  return deUserInfoWithAsai(raw.split("##"), $asai);
1022
1028
  } catch (e20) {
@@ -1025,57 +1031,127 @@ function getWsUserinfo(req, $asai) {
1025
1031
  }
1026
1032
  _chunkSMVZ3ZDJcjs.__name.call(void 0, getWsUserinfo, "getWsUserinfo");
1027
1033
  function listOnlineWsUsers($asai, hostdir) {
1034
+ return listOnlineWsEntries($asai, hostdir).map((e) => e.us);
1035
+ }
1036
+ _chunkSMVZ3ZDJcjs.__name.call(void 0, listOnlineWsUsers, "listOnlineWsUsers");
1037
+ function listOnlineWsEntries($asai, hostdir) {
1028
1038
  const users = [];
1039
+ const seen = /* @__PURE__ */ new Set();
1029
1040
  const map = $asai.connectionsws || {};
1030
1041
  const dirs = hostdir ? [hostdir] : Object.keys(map);
1031
1042
  for (const dir of dirs) {
1032
1043
  for (const [us, ws2] of Object.entries(map[dir] || {})) {
1033
1044
  if (!us || us === "asai") continue;
1034
1045
  if (isWsStillActive(ws2)) {
1035
- users.push(us);
1036
- } else if (_optionalChain([map, 'access', _127 => _127[dir], 'optionalAccess', _128 => _128[us]]) === ws2) {
1046
+ if (seen.has(us)) continue;
1047
+ seen.add(us);
1048
+ const rawLv = _optionalChain([ws2, 'optionalAccess', _128 => _128.Userinfo, 'optionalAccess', _129 => _129[1]]);
1049
+ if (rawLv === "" || rawLv == null) {
1050
+ users.push({ us, lv: null });
1051
+ } else {
1052
+ const lvNum = Number(rawLv);
1053
+ users.push({
1054
+ us,
1055
+ lv: Number.isFinite(lvNum) ? lvNum : null
1056
+ });
1057
+ }
1058
+ } else if (_optionalChain([map, 'access', _130 => _130[dir], 'optionalAccess', _131 => _131[us]]) === ws2) {
1037
1059
  delete map[dir][us];
1038
1060
  }
1039
1061
  }
1040
1062
  }
1041
- return [...new Set(users)];
1063
+ return users;
1042
1064
  }
1043
- _chunkSMVZ3ZDJcjs.__name.call(void 0, listOnlineWsUsers, "listOnlineWsUsers");
1065
+ _chunkSMVZ3ZDJcjs.__name.call(void 0, listOnlineWsEntries, "listOnlineWsEntries");
1044
1066
  function isUserOnlineOnWs($asai, us, hostdir) {
1045
1067
  if (!us || us === "asai") return false;
1046
1068
  const map = $asai.connectionsws || {};
1047
1069
  const dirs = hostdir ? [hostdir] : Object.keys(map);
1048
1070
  for (const dir of dirs) {
1049
- const ws2 = _optionalChain([map, 'access', _129 => _129[dir], 'optionalAccess', _130 => _130[us]]);
1071
+ const ws2 = _optionalChain([map, 'access', _132 => _132[dir], 'optionalAccess', _133 => _133[us]]);
1050
1072
  if (!ws2) continue;
1051
1073
  if (isWsStillActive(ws2)) return true;
1052
- if (_optionalChain([map, 'access', _131 => _131[dir], 'optionalAccess', _132 => _132[us]]) === ws2) delete map[dir][us];
1074
+ if (_optionalChain([map, 'access', _134 => _134[dir], 'optionalAccess', _135 => _135[us]]) === ws2) delete map[dir][us];
1053
1075
  }
1054
1076
  return false;
1055
1077
  }
1056
1078
  _chunkSMVZ3ZDJcjs.__name.call(void 0, isUserOnlineOnWs, "isUserOnlineOnWs");
1057
- function kickUserWs($asai, us, hostdir) {
1079
+ async function kickUserWs($asai, us, hostdir) {
1058
1080
  if (!us || us === "asai") return;
1059
1081
  const map = $asai.connectionsws || {};
1060
1082
  const dirs = hostdir ? [hostdir] : Object.keys(map);
1083
+ const waits = [];
1061
1084
  for (const dir of dirs) {
1062
- const ws2 = _optionalChain([map, 'access', _133 => _133[dir], 'optionalAccess', _134 => _134[us]]);
1085
+ const ws2 = _optionalChain([map, 'access', _136 => _136[dir], 'optionalAccess', _137 => _137[us]]);
1063
1086
  if (!ws2) continue;
1087
+ if (_optionalChain([map, 'access', _138 => _138[dir], 'optionalAccess', _139 => _139[us]]) === ws2) delete map[dir][us];
1064
1088
  try {
1065
- ws2.close();
1089
+ ws2._asaiKicked = Date.now();
1066
1090
  } catch (e21) {
1067
1091
  }
1068
- if (_optionalChain([map, 'access', _135 => _135[dir], 'optionalAccess', _136 => _136[us]]) === ws2) delete map[dir][us];
1092
+ waits.push(
1093
+ new Promise((resolve6) => {
1094
+ let done = false;
1095
+ const finish = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, () => {
1096
+ if (done) return;
1097
+ done = true;
1098
+ try {
1099
+ _optionalChain([ws2, 'access', _140 => _140.off, 'optionalCall', _141 => _141("close", finish)]);
1100
+ } catch (e22) {
1101
+ }
1102
+ resolve6();
1103
+ }, "finish");
1104
+ try {
1105
+ _optionalChain([ws2, 'access', _142 => _142.once, 'optionalCall', _143 => _143("close", finish)]);
1106
+ } catch (e23) {
1107
+ }
1108
+ const payload = JSON.stringify({
1109
+ ty: "publish/web",
1110
+ db: {
1111
+ exit: 1,
1112
+ type: "err",
1113
+ lang: "forcedout",
1114
+ langpm: `${us}`,
1115
+ con: `${us} forced out by another login`
1116
+ }
1117
+ });
1118
+ const hardClose = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, () => {
1119
+ try {
1120
+ if (typeof ws2.terminate === "function") ws2.terminate();
1121
+ else ws2.close();
1122
+ } catch (e24) {
1123
+ try {
1124
+ ws2.close();
1125
+ } catch (e25) {
1126
+ }
1127
+ }
1128
+ }, "hardClose");
1129
+ try {
1130
+ ws2.send(payload, () => {
1131
+ hardClose();
1132
+ finish();
1133
+ });
1134
+ } catch (e26) {
1135
+ hardClose();
1136
+ finish();
1137
+ }
1138
+ setTimeout(() => {
1139
+ hardClose();
1140
+ finish();
1141
+ }, 150);
1142
+ })
1143
+ );
1069
1144
  }
1145
+ if (waits.length) await Promise.all(waits);
1070
1146
  }
1071
1147
  _chunkSMVZ3ZDJcjs.__name.call(void 0, kickUserWs, "kickUserWs");
1072
1148
  async function removeSessionOnWsClose($asai, us, token) {
1073
1149
  try {
1074
- const store = _chunkZK4O4Z2Ocjs.createUserStore.call(void 0, $asai);
1150
+ const store = _chunk5EWEKXQIcjs.createUserStore.call(void 0, $asai);
1075
1151
  const sessions = await store.getSessions();
1076
1152
  const match = sessions.find((s) => s.us === us && s.pub === token);
1077
1153
  if (match) await store.removeSession(match.id);
1078
- } catch (e22) {
1154
+ } catch (e27) {
1079
1155
  }
1080
1156
  }
1081
1157
  _chunkSMVZ3ZDJcjs.__name.call(void 0, removeSessionOnWsClose, "removeSessionOnWsClose");
@@ -1085,13 +1161,13 @@ function rejectIncomingWs(ws2, db) {
1085
1161
  ws2.send(payload, () => {
1086
1162
  try {
1087
1163
  ws2.close();
1088
- } catch (e23) {
1164
+ } catch (e28) {
1089
1165
  }
1090
1166
  });
1091
- } catch (e24) {
1167
+ } catch (e29) {
1092
1168
  try {
1093
1169
  ws2.close();
1094
- } catch (e25) {
1170
+ } catch (e30) {
1095
1171
  }
1096
1172
  }
1097
1173
  }
@@ -1102,20 +1178,21 @@ async function isOkWs($asai, hostdir, ws2, _req, hostcfg) {
1102
1178
  ws2.close();
1103
1179
  return false;
1104
1180
  }
1105
- if (us !== "asai" && _optionalChain([$asai, 'access', _137 => _137.connectionsws, 'access', _138 => _138[hostdir], 'optionalAccess', _139 => _139[us]])) {
1181
+ if (us !== "asai" && _optionalChain([$asai, 'access', _144 => _144.connectionsws, 'access', _145 => _145[hostdir], 'optionalAccess', _146 => _146[us]])) {
1106
1182
  const existingWs = $asai.connectionsws[hostdir][us];
1107
- if (_optionalChain([existingWs, 'optionalAccess', _140 => _140.Userinfo, 'optionalAccess', _141 => _141[2]]) === tk) {
1183
+ if (_optionalChain([existingWs, 'optionalAccess', _147 => _147.Userinfo, 'optionalAccess', _148 => _148[2]]) === tk) {
1108
1184
  if (isWsStillActive(existingWs)) {
1109
1185
  rejectIncomingWs(ws2, {
1110
1186
  lang: "pageworking",
1111
1187
  langpm: `${us}`,
1112
- con: `${us} page already running`
1188
+ con: `${us} page already running`,
1189
+ online: listOnlineWsEntries($asai, hostdir)
1113
1190
  });
1114
1191
  return false;
1115
1192
  }
1116
1193
  try {
1117
1194
  existingWs.close();
1118
- } catch (e26) {
1195
+ } catch (e31) {
1119
1196
  }
1120
1197
  delete $asai.connectionsws[hostdir][us];
1121
1198
  return true;
@@ -1125,7 +1202,8 @@ async function isOkWs($asai, hostdir, ws2, _req, hostcfg) {
1125
1202
  rejectIncomingWs(ws2, {
1126
1203
  lang: "logged",
1127
1204
  langpm: `${us}`,
1128
- con: `${us} logged in!`
1205
+ con: `${us} logged in!`,
1206
+ online: listOnlineWsEntries($asai, hostdir)
1129
1207
  });
1130
1208
  return false;
1131
1209
  }
@@ -1134,22 +1212,25 @@ async function isOkWs($asai, hostdir, ws2, _req, hostcfg) {
1134
1212
  if (us !== "asai") {
1135
1213
  const connections = $asai.connectionsws[hostdir] || {};
1136
1214
  const sameTkWs = Object.values(connections).find(
1137
- (item) => _optionalChain([item, 'access', _142 => _142.Userinfo, 'optionalAccess', _143 => _143[2]]) === tk && _optionalChain([item, 'access', _144 => _144.Userinfo, 'optionalAccess', _145 => _145[0]]) !== us
1215
+ (item) => _optionalChain([item, 'access', _149 => _149.Userinfo, 'optionalAccess', _150 => _150[2]]) === tk && _optionalChain([item, 'access', _151 => _151.Userinfo, 'optionalAccess', _152 => _152[0]]) !== us
1138
1216
  );
1139
1217
  const maxOnline = hostcfg.maxonline || 100;
1218
+ const online = listOnlineWsEntries($asai, hostdir);
1140
1219
  if (sameTkWs) {
1141
1220
  rejectIncomingWs(ws2, {
1142
1221
  lang: "loggedsametk",
1143
1222
  langpm: `${us}(${sameTkWs.Userinfo[0]})`,
1144
- con: `${us}(${sameTkWs.Userinfo[0]}) logged in!`
1223
+ con: `${us}(${sameTkWs.Userinfo[0]}) logged in!`,
1224
+ online
1145
1225
  });
1146
1226
  return false;
1147
1227
  }
1148
- if (Object.keys(connections).length >= maxOnline) {
1228
+ if (online.length >= maxOnline) {
1149
1229
  rejectIncomingWs(ws2, {
1150
1230
  lang: "maxlogged",
1151
1231
  langpm: `${maxOnline}`,
1152
- con: `max ${maxOnline} users online!`
1232
+ con: `max ${maxOnline} users online!`,
1233
+ online
1153
1234
  });
1154
1235
  return false;
1155
1236
  }
@@ -1168,15 +1249,15 @@ function loginWs($asai, hostdir, ws2, req, hostcfg, wsWorkHandler, logWsMessage)
1168
1249
  }
1169
1250
  ws2.on("message", (msg) => {
1170
1251
  if (logWsMessage) $asai.$log("WS", "message", msg.toString());
1171
- _optionalChain([wsWorkHandler, 'optionalCall', _146 => _146(msg, ws2, hostdir, req)]);
1252
+ _optionalChain([wsWorkHandler, 'optionalCall', _153 => _153(msg, ws2, hostdir, req)]);
1172
1253
  });
1173
1254
  ws2.on("close", () => {
1174
- const token = _optionalChain([ws2, 'access', _147 => _147.Userinfo, 'optionalAccess', _148 => _148[2]]);
1255
+ const token = _optionalChain([ws2, 'access', _154 => _154.Userinfo, 'optionalAccess', _155 => _155[2]]);
1175
1256
  if (hostcfg.ckws && ws2.tasksws) {
1176
1257
  Object.values(ws2.tasksws).forEach((el) => el && clearInterval(el));
1177
1258
  ws2.tasksws = void 0;
1178
1259
  }
1179
- if (us && _optionalChain([$asai, 'access', _149 => _149.connectionsws, 'access', _150 => _150[hostdir], 'optionalAccess', _151 => _151[us]]) === ws2) delete $asai.connectionsws[hostdir][us];
1260
+ if (us && _optionalChain([$asai, 'access', _156 => _156.connectionsws, 'access', _157 => _157[hostdir], 'optionalAccess', _158 => _158[us]]) === ws2) delete $asai.connectionsws[hostdir][us];
1180
1261
  if (us && token && !isUserOnlineOnWs($asai, us, hostdir)) {
1181
1262
  void removeSessionOnWsClose($asai, us, String(token));
1182
1263
  }
@@ -1200,7 +1281,7 @@ _chunkSMVZ3ZDJcjs.__name.call(void 0, clearWsServerTasks, "clearWsServerTasks");
1200
1281
  function resWsMsg(msg, $asai) {
1201
1282
  if (msg === "ping" || msg === "pong") return msg;
1202
1283
  if (typeof msg !== "object" || msg === null) return msg;
1203
- if ((_optionalChain([msg, 'optionalAccess', _152 => _152.aes]) || _optionalChain([$asai, 'access', _153 => _153.$lib, 'access', _154 => _154.aesfns, 'optionalAccess', _155 => _155.allaes])) && _optionalChain([msg, 'optionalAccess', _156 => _156.db]) && _optionalChain([$asai, 'access', _157 => _157.$lib, 'optionalAccess', _158 => _158.aesfns, 'optionalAccess', _159 => _159.resAES])) {
1284
+ if ((_optionalChain([msg, 'optionalAccess', _159 => _159.aes]) || _optionalChain([$asai, 'access', _160 => _160.$lib, 'access', _161 => _161.aesfns, 'optionalAccess', _162 => _162.allaes])) && _optionalChain([msg, 'optionalAccess', _163 => _163.db]) && _optionalChain([$asai, 'access', _164 => _164.$lib, 'optionalAccess', _165 => _165.aesfns, 'optionalAccess', _166 => _166.resAES])) {
1204
1285
  msg.db = $asai.$lib.aesfns.resAES(msg.db);
1205
1286
  }
1206
1287
  return JSON.stringify(msg);
@@ -1222,7 +1303,7 @@ function attachWssHelpers(wss, $asai) {
1222
1303
  wss.broadws = (msg) => {
1223
1304
  const data = resWsMsg(msg, $asai);
1224
1305
  wss.clients.forEach((client) => {
1225
- if (_optionalChain([client, 'optionalAccess', _160 => _160.readyState]) === _ws.WebSocket.OPEN) client.send(data);
1306
+ if (_optionalChain([client, 'optionalAccess', _167 => _167.readyState]) === _ws.WebSocket.OPEN) client.send(data);
1226
1307
  });
1227
1308
  };
1228
1309
  }
@@ -1235,7 +1316,7 @@ var apiPerIp = /* @__PURE__ */ new Map();
1235
1316
  var apiRatePerIp = /* @__PURE__ */ new Map();
1236
1317
  var wsPerIp = /* @__PURE__ */ new Map();
1237
1318
  function getQuota($asai) {
1238
- return _optionalChain([$asai, 'optionalAccess', _161 => _161.hostconfig, 'optionalAccess', _162 => _162.security, 'optionalAccess', _163 => _163.quota]) || {};
1319
+ return _optionalChain([$asai, 'optionalAccess', _168 => _168.hostconfig, 'optionalAccess', _169 => _169.security, 'optionalAccess', _170 => _170.quota]) || {};
1239
1320
  }
1240
1321
  _chunkSMVZ3ZDJcjs.__name.call(void 0, getQuota, "getQuota");
1241
1322
  function isEnabled($asai) {
@@ -1325,7 +1406,7 @@ function getMaxWebConnections($asai, hostcfg) {
1325
1406
  const q = getQuota($asai);
1326
1407
  const fromQuota = Number(q.maxWebConnections);
1327
1408
  if (fromQuota > 0) return fromQuota;
1328
- return Number(_optionalChain([hostcfg, 'optionalAccess', _164 => _164.maxws])) > 0 ? Number(hostcfg.maxws) : 100;
1409
+ return Number(_optionalChain([hostcfg, 'optionalAccess', _171 => _171.maxws])) > 0 ? Number(hostcfg.maxws) : 100;
1329
1410
  }
1330
1411
  _chunkSMVZ3ZDJcjs.__name.call(void 0, getMaxWebConnections, "getMaxWebConnections");
1331
1412
  function countActiveWsConnections(wss, incoming, $asai, hostdir, hostcfg, userinfo) {
@@ -1335,12 +1416,12 @@ function countActiveWsConnections(wss, incoming, $asai, hostdir, hostcfg, userin
1335
1416
  if (client === incoming) continue;
1336
1417
  if (client.readyState === _ws.WebSocket.CLOSED || client.readyState === _ws.WebSocket.CLOSING) continue;
1337
1418
  const cInfo = client.Userinfo;
1338
- const cUs = _optionalChain([cInfo, 'optionalAccess', _165 => _165[0]]);
1339
- const cTk = _optionalChain([cInfo, 'optionalAccess', _166 => _166[2]]);
1419
+ const cUs = _optionalChain([cInfo, 'optionalAccess', _172 => _172[0]]);
1420
+ const cTk = _optionalChain([cInfo, 'optionalAccess', _173 => _173[2]]);
1340
1421
  if (us && tk && cUs === us && cTk === tk) continue;
1341
- if (_optionalChain([hostcfg, 'optionalAccess', _167 => _167.ckws]) && us && tk) {
1342
- const existing = _optionalChain([$asai, 'optionalAccess', _168 => _168.connectionsws, 'optionalAccess', _169 => _169[hostdir], 'optionalAccess', _170 => _170[us]]);
1343
- if (existing === client && _optionalChain([existing, 'optionalAccess', _171 => _171.Userinfo, 'optionalAccess', _172 => _172[2]]) === tk) continue;
1422
+ if (_optionalChain([hostcfg, 'optionalAccess', _174 => _174.ckws]) && us && tk) {
1423
+ const existing = _optionalChain([$asai, 'optionalAccess', _175 => _175.connectionsws, 'optionalAccess', _176 => _176[hostdir], 'optionalAccess', _177 => _177[us]]);
1424
+ if (existing === client && _optionalChain([existing, 'optionalAccess', _178 => _178.Userinfo, 'optionalAccess', _179 => _179[2]]) === tk) continue;
1344
1425
  }
1345
1426
  count += 1;
1346
1427
  }
@@ -1352,7 +1433,7 @@ _chunkSMVZ3ZDJcjs.__name.call(void 0, countActiveWsConnections, "countActiveWsCo
1352
1433
  function createWSHost($asai, hostdir) {
1353
1434
  const hostcfg = getHostCFG(hostdir, $asai);
1354
1435
  const wsWorkHandler = getWorkHandler("wsWork");
1355
- const logWsMessage = !!_optionalChain([$asai, 'access', _173 => _173.hostconfig, 'access', _174 => _174.logger, 'optionalAccess', _175 => _175.lv, 'optionalAccess', _176 => _176.view]);
1436
+ const logWsMessage = !!_optionalChain([$asai, 'access', _180 => _180.hostconfig, 'access', _181 => _181.logger, 'optionalAccess', _182 => _182.lv, 'optionalAccess', _183 => _183.view]);
1356
1437
  try {
1357
1438
  if ($asai.serversws[hostdir]) return;
1358
1439
  if (hostcfg.ckws && !$asai.connectionsws[hostdir]) {
@@ -1364,14 +1445,14 @@ function createWSHost($asai, hostdir) {
1364
1445
  wss.on("error", (err) => {
1365
1446
  clearWsServerTasks($asai, hostdir);
1366
1447
  $asai.$log("WS", "WS Server error!", err);
1367
- _optionalChain([wss, 'access', _177 => _177.close, 'optionalCall', _178 => _178(() => {
1448
+ _optionalChain([wss, 'access', _184 => _184.close, 'optionalCall', _185 => _185(() => {
1368
1449
  $asai.$log("WS", "WS Server closed");
1369
1450
  delete $asai.serversws[hostdir];
1370
1451
  })]);
1371
1452
  });
1372
1453
  wss.on("close", (code, reason) => {
1373
1454
  try {
1374
- $asai.$log("WS", `WebSocket closed, server ${hostdir}, code: ${code}, reason: ${_optionalChain([reason, 'optionalAccess', _179 => _179.toString, 'call', _180 => _180()])}`);
1455
+ $asai.$log("WS", `WebSocket closed, server ${hostdir}, code: ${code}, reason: ${_optionalChain([reason, 'optionalAccess', _186 => _186.toString, 'call', _187 => _187()])}`);
1375
1456
  clearWsServerTasks($asai, hostdir);
1376
1457
  } catch (err) {
1377
1458
  $asai.$log("WS", "WS close handler error:", err);
@@ -1461,7 +1542,7 @@ var StaticPathCache = class {
1461
1542
  const stat = fs3.statSync(entry.filePath);
1462
1543
  if (!stat.isFile() || stat.mtimeMs !== entry.mtimeMs) return null;
1463
1544
  return stat;
1464
- } catch (e27) {
1545
+ } catch (e32) {
1465
1546
  return null;
1466
1547
  }
1467
1548
  }
@@ -1480,8 +1561,8 @@ function applySecurityHeaders(res, isHttps = false, hostconfig) {
1480
1561
  if (isHttps) {
1481
1562
  res.setHeader("Strict-Transport-Security", "max-age=31536000; includeSubDomains");
1482
1563
  }
1483
- const sec = _optionalChain([hostconfig, 'optionalAccess', _181 => _181.security]);
1484
- if (_optionalChain([sec, 'optionalAccess', _182 => _182.csp])) {
1564
+ const sec = _optionalChain([hostconfig, 'optionalAccess', _188 => _188.security]);
1565
+ if (_optionalChain([sec, 'optionalAccess', _189 => _189.csp])) {
1485
1566
  const csp = typeof sec.cspPolicy === "string" && sec.cspPolicy.length > 0 ? sec.cspPolicy : DEFAULT_CSP;
1486
1567
  res.setHeader("Content-Security-Policy", csp);
1487
1568
  }
@@ -1489,9 +1570,9 @@ function applySecurityHeaders(res, isHttps = false, hostconfig) {
1489
1570
  _chunkSMVZ3ZDJcjs.__name.call(void 0, applySecurityHeaders, "applySecurityHeaders");
1490
1571
  function getHttpUserinfo(req, $asai) {
1491
1572
  try {
1492
- const userinfo = _optionalChain([req, 'access', _183 => _183.headers, 'optionalAccess', _184 => _184["userinfo"], 'optionalAccess', _185 => _185.split, 'call', _186 => _186("##")]);
1573
+ const userinfo = _optionalChain([req, 'access', _190 => _190.headers, 'optionalAccess', _191 => _191["userinfo"], 'optionalAccess', _192 => _192.split, 'call', _193 => _193("##")]);
1493
1574
  return deUserInfoWithAsai(userinfo, $asai);
1494
- } catch (e28) {
1575
+ } catch (e33) {
1495
1576
  return "";
1496
1577
  }
1497
1578
  }
@@ -1522,7 +1603,7 @@ function normalizeRequestPath(url) {
1522
1603
  }
1523
1604
  _chunkSMVZ3ZDJcjs.__name.call(void 0, normalizeRequestPath, "normalizeRequestPath");
1524
1605
  function createSkipChecker($asai) {
1525
- const skip = _optionalChain([$asai, 'access', _187 => _187.hostconfig, 'optionalAccess', _188 => _188.logger, 'optionalAccess', _189 => _189.skip]);
1606
+ const skip = _optionalChain([$asai, 'access', _194 => _194.hostconfig, 'optionalAccess', _195 => _195.logger, 'optionalAccess', _196 => _196.skip]);
1526
1607
  if (!Array.isArray(skip) || skip.length === 0) return () => false;
1527
1608
  const exact = /* @__PURE__ */ new Set();
1528
1609
  const prefixes = [];
@@ -1533,11 +1614,11 @@ function createSkipChecker($asai) {
1533
1614
  }
1534
1615
  if (exact.size === 0 && prefixes.length === 0) return () => false;
1535
1616
  return (url) => {
1536
- const path8 = normalizeRequestPath(url);
1537
- if (!path8) return false;
1538
- if (exact.has(path8)) return true;
1617
+ const path9 = normalizeRequestPath(url);
1618
+ if (!path9) return false;
1619
+ if (exact.has(path9)) return true;
1539
1620
  for (let i = 0; i < prefixes.length; i++) {
1540
- if (path8.startsWith(prefixes[i])) return true;
1621
+ if (path9.startsWith(prefixes[i])) return true;
1541
1622
  }
1542
1623
  return false;
1543
1624
  };
@@ -1558,7 +1639,7 @@ function attachAccessLog($asai, req, res, logType) {
1558
1639
  try {
1559
1640
  const entry = _chunkOCEBEEP5cjs.buildAccessEntry.call(void 0, req, res, logType);
1560
1641
  void $asai.appendAccessLog(_chunkOCEBEEP5cjs.formatCLF.call(void 0, entry), _chunkOCEBEEP5cjs.formatW3CAccessRecord.call(void 0, entry));
1561
- } catch (e29) {
1642
+ } catch (e34) {
1562
1643
  }
1563
1644
  }, "onFinish");
1564
1645
  if (res.writableEnded || res.finished) onFinish();
@@ -1617,7 +1698,7 @@ function findExistingFileUnderRoots(requestedPath, allowedRoots) {
1617
1698
  if (stat.isFile()) {
1618
1699
  return { filePath: absTarget, stat };
1619
1700
  }
1620
- } catch (e30) {
1701
+ } catch (e35) {
1621
1702
  }
1622
1703
  }
1623
1704
  return null;
@@ -1630,13 +1711,13 @@ function getHostAllowedRoots(hostconfig) {
1630
1711
  try {
1631
1712
  const abs = path2.resolve("./" + dir.replace(/\\/g, "/"));
1632
1713
  if (fs4.existsSync(abs)) roots.add(abs);
1633
- } catch (e31) {
1714
+ } catch (e36) {
1634
1715
  }
1635
1716
  }, "push");
1636
- for (const dir of _optionalChain([hostconfig, 'optionalAccess', _190 => _190.hostdirs]) || []) push(dir);
1717
+ for (const dir of _optionalChain([hostconfig, 'optionalAccess', _197 => _197.hostdirs]) || []) push(dir);
1637
1718
  push("webdata");
1638
1719
  push("websys");
1639
- if (_optionalChain([hostconfig, 'optionalAccess', _191 => _191.weburls, 'optionalAccess', _192 => _192.webdir])) push(hostconfig.weburls.webdir);
1720
+ if (_optionalChain([hostconfig, 'optionalAccess', _198 => _198.weburls, 'optionalAccess', _199 => _199.webdir])) push(hostconfig.weburls.webdir);
1640
1721
  const result = [];
1641
1722
  roots.forEach((r) => result.push(r));
1642
1723
  return result;
@@ -1667,7 +1748,7 @@ function getStaticBaseDirs($asai) {
1667
1748
  _chunkSMVZ3ZDJcjs.__name.call(void 0, getStaticBaseDirs, "getStaticBaseDirs");
1668
1749
  function shouldForceHostdirs($asai) {
1669
1750
  if ($asai.pkgSnapshotDir) return true;
1670
- return _optionalChain([$asai, 'access', _193 => _193.hostconfig, 'optionalAccess', _194 => _194.pkg, 'optionalAccess', _195 => _195.type]) === 1;
1751
+ return _optionalChain([$asai, 'access', _200 => _200.hostconfig, 'optionalAccess', _201 => _201.pkg, 'optionalAccess', _202 => _202.type]) === 1;
1671
1752
  }
1672
1753
  _chunkSMVZ3ZDJcjs.__name.call(void 0, shouldForceHostdirs, "shouldForceHostdirs");
1673
1754
  function buildStaticSearchDirs(hostcfg, $asai) {
@@ -1688,12 +1769,12 @@ function buildStaticSearchDirs(hostcfg, $asai) {
1688
1769
  ordered.push(dir);
1689
1770
  return;
1690
1771
  }
1691
- } catch (e32) {
1772
+ } catch (e37) {
1692
1773
  }
1693
1774
  }
1694
1775
  }, "pushDir");
1695
1776
  for (const dir of hostcfg.hostdirs || []) pushDir(dir);
1696
- if (_optionalChain([hostcfg, 'access', _196 => _196.weburls, 'optionalAccess', _197 => _197.webdir])) pushDir(hostcfg.weburls.webdir);
1777
+ if (_optionalChain([hostcfg, 'access', _203 => _203.weburls, 'optionalAccess', _204 => _204.webdir])) pushDir(hostcfg.weburls.webdir);
1697
1778
  return ordered;
1698
1779
  }
1699
1780
  _chunkSMVZ3ZDJcjs.__name.call(void 0, buildStaticSearchDirs, "buildStaticSearchDirs");
@@ -1721,7 +1802,7 @@ function parseUrlPath(requrl) {
1721
1802
  if (!requrl) return "/";
1722
1803
  const safeUrl = requrl.startsWith("http") ? requrl : encodeURI(requrl);
1723
1804
  return new URL(safeUrl, "http://localhost").pathname;
1724
- } catch (e33) {
1805
+ } catch (e38) {
1725
1806
  return requrl;
1726
1807
  }
1727
1808
  }
@@ -1820,8 +1901,8 @@ function serveStaticFile(req, res, foundPath, mimeType, stat, $asai, urlPath = "
1820
1901
  _chunkSMVZ3ZDJcjs.__name.call(void 0, serveStaticFile, "serveStaticFile");
1821
1902
  function createStaticHandler(ctx) {
1822
1903
  const { hostcfg, hostdir, indexFile, $asai, staticPathCache } = ctx;
1823
- const hasRewrite = !!(_optionalChain([hostcfg, 'access', _198 => _198.weburls, 'optionalAccess', _199 => _199.rewrite]) && _optionalChain([hostcfg, 'access', _200 => _200.weburls, 'optionalAccess', _201 => _201.webdir]) && _optionalChain([hostcfg, 'access', _202 => _202.weburls, 'optionalAccess', _203 => _203.keys, 'optionalAccess', _204 => _204.length]));
1824
- const rewriteKeys = hasRewrite ? _optionalChain([hostcfg, 'access', _205 => _205.weburls, 'optionalAccess', _206 => _206.keys]) || [] : [];
1904
+ const hasRewrite = !!(_optionalChain([hostcfg, 'access', _205 => _205.weburls, 'optionalAccess', _206 => _206.rewrite]) && _optionalChain([hostcfg, 'access', _207 => _207.weburls, 'optionalAccess', _208 => _208.webdir]) && _optionalChain([hostcfg, 'access', _209 => _209.weburls, 'optionalAccess', _210 => _210.keys, 'optionalAccess', _211 => _211.length]));
1905
+ const rewriteKeys = hasRewrite ? _optionalChain([hostcfg, 'access', _212 => _212.weburls, 'optionalAccess', _213 => _213.keys]) || [] : [];
1825
1906
  const checkWebUrls = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, (rurl) => {
1826
1907
  if (!hasRewrite || !rurl) return false;
1827
1908
  for (let i = 0; i < rewriteKeys.length; i++) {
@@ -1836,7 +1917,7 @@ function createStaticHandler(ctx) {
1836
1917
  const roots = rhostdirs.join("|") === primaryDirs.join("|") ? buildStaticRoots(primaryDirs, $asai) : buildStaticRoots(rhostdirs, $asai);
1837
1918
  const findValidFile = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, (urlPath) => {
1838
1919
  const hit = staticPathCache.get(cacheKey);
1839
- if (_optionalChain([hit, 'optionalAccess', _207 => _207.is404])) return null;
1920
+ if (_optionalChain([hit, 'optionalAccess', _214 => _214.is404])) return null;
1840
1921
  if (hit && !hit.is404) {
1841
1922
  const verified = staticPathCache.verify(hit);
1842
1923
  if (verified) return { filePath: hit.filePath, stat: verified };
@@ -1860,7 +1941,7 @@ function createStaticHandler(ctx) {
1860
1941
  showHostDirs(req, res, [hostcfg.weburls.webdir], "/" + indexFile, primaryDirs, rtm + 1);
1861
1942
  return;
1862
1943
  }
1863
- const mimeType = _optionalChain([hostcfg, 'access', _208 => _208.mimetypes, 'optionalAccess', _209 => _209[nodePath2.extname(found.filePath)]]) || "application/octet-stream";
1944
+ const mimeType = _optionalChain([hostcfg, 'access', _215 => _215.mimetypes, 'optionalAccess', _216 => _216[nodePath2.extname(found.filePath)]]) || "application/octet-stream";
1864
1945
  serveStaticFile(req, res, found.filePath, mimeType, found.stat, $asai, processedUrl);
1865
1946
  }, "showHostDirs");
1866
1947
  return (req, res, url) => {
@@ -1885,7 +1966,7 @@ _chunkSMVZ3ZDJcjs.__name.call(void 0, createStaticHandler, "createStaticHandler"
1885
1966
  function setupHttpConnectionMonitor($asai, hostdir, server, hostcfg) {
1886
1967
  const maxHttp = hostcfg.maxhttp || 100;
1887
1968
  const monitorInterval = setInterval(() => {
1888
- const connCount = _optionalChain([$asai, 'access', _210 => _210.connectionshttp, 'access', _211 => _211[hostdir], 'optionalAccess', _212 => _212.size]) || 0;
1969
+ const connCount = _optionalChain([$asai, 'access', _217 => _217.connectionshttp, 'access', _218 => _218[hostdir], 'optionalAccess', _219 => _219.size]) || 0;
1889
1970
  if (connCount > maxHttp * 0.8) {
1890
1971
  $asai.$log("HTTP", `HTTP Connection HIGH (${connCount}/${maxHttp})`);
1891
1972
  }
@@ -1956,10 +2037,10 @@ function findListeningPids(port) {
1956
2037
  stdio: ["pipe", "pipe", "ignore"]
1957
2038
  });
1958
2039
  return out.split(/\r?\n/).map((s) => parseInt(s.trim(), 10)).filter((n) => n > 0);
1959
- } catch (e34) {
2040
+ } catch (e39) {
1960
2041
  return [];
1961
2042
  }
1962
- } catch (e35) {
2043
+ } catch (e40) {
1963
2044
  return [];
1964
2045
  }
1965
2046
  }
@@ -1970,10 +2051,10 @@ function formatOccupants(port, exclude) {
1970
2051
  }
1971
2052
  _chunkSMVZ3ZDJcjs.__name.call(void 0, formatOccupants, "formatOccupants");
1972
2053
  function releasePort(port, opts) {
1973
- const exclude = _nullishCoalesce(_optionalChain([opts, 'optionalAccess', _213 => _213.excludePid]), () => ( OWN_PID));
2054
+ const exclude = _nullishCoalesce(_optionalChain([opts, 'optionalAccess', _220 => _220.excludePid]), () => ( OWN_PID));
1974
2055
  const occupants = formatOccupants(port, exclude);
1975
2056
  if (!occupants) return true;
1976
- const label = _optionalChain([opts, 'optionalAccess', _214 => _214.label]) ? `[${opts.label}] ` : "";
2057
+ const label = _optionalChain([opts, 'optionalAccess', _221 => _221.label]) ? `[${opts.label}] ` : "";
1977
2058
  console.warn(
1978
2059
  `[AsaiHostNodejs] ${label}\u7AEF\u53E3 ${port} \u88AB\u5360\u7528\uFF08PID: ${occupants}\uFF09\uFF0C\u8BF7\u624B\u52A8\u7ED3\u675F\u5360\u7528\u8FDB\u7A0B\u540E\u91CD\u8BD5`
1979
2060
  );
@@ -1982,23 +2063,23 @@ function releasePort(port, opts) {
1982
2063
  _chunkSMVZ3ZDJcjs.__name.call(void 0, releasePort, "releasePort");
1983
2064
  function collectStartupPorts($asai) {
1984
2065
  const ports = /* @__PURE__ */ new Set();
1985
- const hosts = _optionalChain([$asai, 'access', _215 => _215.hostconfig, 'optionalAccess', _216 => _216.hosts]);
2066
+ const hosts = _optionalChain([$asai, 'access', _222 => _222.hostconfig, 'optionalAccess', _223 => _223.hosts]);
1986
2067
  if (hosts) {
1987
2068
  for (const el of Object.keys(hosts)) {
1988
2069
  if (el === "default") continue;
1989
2070
  if (el !== "asai" && !validateHostdir(el)) continue;
1990
2071
  const cfg = getHostCFG(el, $asai);
1991
- if (_optionalChain([cfg, 'optionalAccess', _217 => _217.close])) continue;
1992
- if (_optionalChain([cfg, 'optionalAccess', _218 => _218.port])) ports.add(Number(cfg.port));
2072
+ if (_optionalChain([cfg, 'optionalAccess', _224 => _224.close])) continue;
2073
+ if (_optionalChain([cfg, 'optionalAccess', _225 => _225.port])) ports.add(Number(cfg.port));
1993
2074
  }
1994
2075
  }
1995
- const proxyhosts = _optionalChain([$asai, 'access', _219 => _219.hostconfig, 'optionalAccess', _220 => _220.proxyhosts]);
2076
+ const proxyhosts = _optionalChain([$asai, 'access', _226 => _226.hostconfig, 'optionalAccess', _227 => _227.proxyhosts]);
1996
2077
  if (proxyhosts) {
1997
2078
  for (const el of Object.keys(proxyhosts)) {
1998
2079
  if (el === "default") continue;
1999
2080
  if (!validateHostdir(el)) continue;
2000
2081
  const cfg = getProxyHostCFG(el, $asai);
2001
- if (_optionalChain([cfg, 'optionalAccess', _221 => _221.proxyport])) ports.add(Number(cfg.proxyport));
2082
+ if (_optionalChain([cfg, 'optionalAccess', _228 => _228.proxyport])) ports.add(Number(cfg.proxyport));
2002
2083
  }
2003
2084
  }
2004
2085
  return [...ports];
@@ -2023,7 +2104,7 @@ function scheduleHttpRetry($asai, hostdir) {
2023
2104
  clearTimeout($asai.hostconfig.guardtm);
2024
2105
  $asai.hostconfig.guardtm = null;
2025
2106
  }
2026
- }, _optionalChain([$asai, 'access', _222 => _222.hostconfig, 'access', _223 => _223.tm, 'optionalAccess', _224 => _224.d]) || 2e3);
2107
+ }, _optionalChain([$asai, 'access', _229 => _229.hostconfig, 'access', _230 => _230.tm, 'optionalAccess', _231 => _231.d]) || 2e3);
2027
2108
  }
2028
2109
  _chunkSMVZ3ZDJcjs.__name.call(void 0, scheduleHttpRetry, "scheduleHttpRetry");
2029
2110
  function clearFailedHttpHost($asai, hostdir, ws2) {
@@ -2036,7 +2117,7 @@ function getHTTPServer(httptype = "", cfg, $asai) {
2036
2117
  if (httptype.startsWith("https")) {
2037
2118
  return {
2038
2119
  AsCreateServer: /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, (callback) => {
2039
- return https.createServer(_optionalChain([cfg, 'optionalAccess', _225 => _225.httpscert]) || $asai.hostconfig.httpscert, callback);
2120
+ return https.createServer(_optionalChain([cfg, 'optionalAccess', _232 => _232.httpscert]) || $asai.hostconfig.httpscert, callback);
2040
2121
  }, "AsCreateServer"),
2041
2122
  Agent: https.Agent,
2042
2123
  request: https.request
@@ -2088,13 +2169,13 @@ function startHTTPServer($asai, hostdir) {
2088
2169
  return;
2089
2170
  }
2090
2171
  applySecurityHeaders(res, isHttps, $asai.hostconfig);
2091
- if (_optionalChain([req, 'access', _226 => _226.url, 'optionalAccess', _227 => _227.startsWith, 'call', _228 => _228("/sys")]) && sysWork) {
2172
+ if (_optionalChain([req, 'access', _233 => _233.url, 'optionalAccess', _234 => _234.startsWith, 'call', _235 => _235("/sys")]) && sysWork) {
2092
2173
  logHttp($asai, "SYS", req.method, req.url, skipChecker, req, res);
2093
2174
  sysWork(req, res, hostdir);
2094
- } else if (_optionalChain([req, 'access', _229 => _229.url, 'optionalAccess', _230 => _230.startsWith, 'call', _231 => _231("/api")]) && apiWork) {
2175
+ } else if (_optionalChain([req, 'access', _236 => _236.url, 'optionalAccess', _237 => _237.startsWith, 'call', _238 => _238("/api")]) && apiWork) {
2095
2176
  logHttp($asai, "API", req.method, req.url, skipChecker, req, res);
2096
2177
  apiWork(req, res, hostdir);
2097
- } else if (_optionalChain([req, 'access', _232 => _232.url, 'optionalAccess', _233 => _233.startsWith, 'call', _234 => _234("/jsonp")]) && jsonpWork) {
2178
+ } else if (_optionalChain([req, 'access', _239 => _239.url, 'optionalAccess', _240 => _240.startsWith, 'call', _241 => _241("/jsonp")]) && jsonpWork) {
2098
2179
  logHttp($asai, "JSONP", req.method, req.url, skipChecker, req, res);
2099
2180
  jsonpWork(req, res, hostdir);
2100
2181
  } else if (handleStatic) {
@@ -2165,7 +2246,7 @@ function findSameProcessPortOwner($asai, port, excludeHostdir) {
2165
2246
  for (const hostdir of Object.keys($asai.servershttp || {})) {
2166
2247
  if (hostdir === excludeHostdir) continue;
2167
2248
  const cfg = getHostCFG(hostdir, $asai);
2168
- if (_optionalChain([cfg, 'optionalAccess', _235 => _235.port]) === port) return hostdir;
2249
+ if (_optionalChain([cfg, 'optionalAccess', _242 => _242.port]) === port) return hostdir;
2169
2250
  }
2170
2251
  return null;
2171
2252
  }
@@ -2173,7 +2254,7 @@ _chunkSMVZ3ZDJcjs.__name.call(void 0, findSameProcessPortOwner, "findSameProcess
2173
2254
  function asaiGuard($asai, failedHostdir = "asai") {
2174
2255
  const conflictPorts = $asai.hostconfig.asaiport || [];
2175
2256
  const hostcfg = getHostCFG(failedHostdir, $asai);
2176
- const port = _optionalChain([hostcfg, 'optionalAccess', _236 => _236.port]);
2257
+ const port = _optionalChain([hostcfg, 'optionalAccess', _243 => _243.port]);
2177
2258
  if (!port || !conflictPorts.includes(port)) {
2178
2259
  scheduleHttpRetry($asai, failedHostdir);
2179
2260
  return;
@@ -2205,7 +2286,7 @@ var PROXY_SKIP_HEADERS = /* @__PURE__ */ new Set([
2205
2286
  function startProxyServer($asai, proxyhostdir) {
2206
2287
  const proxycfg = getProxyHostCFG(proxyhostdir, $asai);
2207
2288
  if (!proxycfg.url) return;
2208
- if (_optionalChain([$asai, 'access', _237 => _237.serversproxy, 'optionalAccess', _238 => _238[proxyhostdir]])) return;
2289
+ if (_optionalChain([$asai, 'access', _244 => _244.serversproxy, 'optionalAccess', _245 => _245[proxyhostdir]])) return;
2209
2290
  try {
2210
2291
  const httpServer = getHTTPServer(proxycfg.proxyhttptype, proxycfg, $asai);
2211
2292
  const targetHttp = getHTTPServer(proxycfg.url, proxycfg, $asai);
@@ -2287,12 +2368,12 @@ function startProxyServer($asai, proxyhostdir) {
2287
2368
  proxyServer.on("error", (err) => {
2288
2369
  if (err.code === "EADDRINUSE") {
2289
2370
  $asai.$log("PROXY", `\x1B[41mPort ${proxycfg.proxyport} is already start!\x1B[0m`);
2290
- _optionalChainDelete([$asai, 'access', _239 => _239.serversproxy, 'optionalAccess', _240 => delete _240[proxyhostdir]]);
2371
+ _optionalChainDelete([$asai, 'access', _246 => _246.serversproxy, 'optionalAccess', _247 => delete _247[proxyhostdir]]);
2291
2372
  releasePort(proxycfg.proxyport, {
2292
2373
  excludePid: process.pid,
2293
2374
  label: proxyhostdir
2294
2375
  });
2295
- setTimeout(() => startProxyServer($asai, proxyhostdir), _optionalChain([$asai, 'access', _241 => _241.hostconfig, 'access', _242 => _242.tm, 'optionalAccess', _243 => _243.d]) || 2e3);
2376
+ setTimeout(() => startProxyServer($asai, proxyhostdir), _optionalChain([$asai, 'access', _248 => _248.hostconfig, 'access', _249 => _249.tm, 'optionalAccess', _250 => _250.d]) || 2e3);
2296
2377
  } else {
2297
2378
  $asai.$log("PROXY", "Proxy server error:", err);
2298
2379
  }
@@ -2332,7 +2413,7 @@ function src_default($asai, opt) {
2332
2413
  initAsaiHostNodejs($asai, opt);
2333
2414
  console.log(`\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B\u203B`);
2334
2415
  releaseConfiguredPorts($asai);
2335
- if (_optionalChain([$asai, 'access', _244 => _244.hostconfig, 'optionalAccess', _245 => _245.hosts])) {
2416
+ if (_optionalChain([$asai, 'access', _251 => _251.hostconfig, 'optionalAccess', _252 => _252.hosts])) {
2336
2417
  $asai.startHTTPServer = (hostdir) => startHTTPServer($asai, hostdir);
2337
2418
  Object.keys($asai.hostconfig.hosts).forEach((el) => {
2338
2419
  if (validateHostdir(el)) {
@@ -2343,7 +2424,7 @@ function src_default($asai, opt) {
2343
2424
  startHTTPServer($asai, "asai");
2344
2425
  }
2345
2426
  }
2346
- if (_optionalChain([$asai, 'access', _246 => _246.hostconfig, 'optionalAccess', _247 => _247.proxyhosts])) {
2427
+ if (_optionalChain([$asai, 'access', _253 => _253.hostconfig, 'optionalAccess', _254 => _254.proxyhosts])) {
2347
2428
  Object.keys($asai.hostconfig.proxyhosts).forEach((el) => {
2348
2429
  if (validateHostdir(el)) {
2349
2430
  startProxyServer($asai, el);
@@ -2366,22 +2447,22 @@ _chunkSMVZ3ZDJcjs.__export.call(void 0, utils_exports, {
2366
2447
  // src/utils/ws-mock.ts
2367
2448
  function wsMock($asai) {
2368
2449
  function getKeyByData(reqdata, hostdir) {
2369
- return "_wstask_" + (hostdir || "") + "_" + (_optionalChain([reqdata, 'optionalAccess', _248 => _248.id]) || _optionalChain([reqdata, 'optionalAccess', _249 => _249.ty]) + "." + _optionalChain([reqdata, 'optionalAccess', _250 => _250.ac]));
2450
+ return "_wstask_" + (hostdir || "") + "_" + (_optionalChain([reqdata, 'optionalAccess', _255 => _255.id]) || _optionalChain([reqdata, 'optionalAccess', _256 => _256.ty]) + "." + _optionalChain([reqdata, 'optionalAccess', _257 => _257.ac]));
2370
2451
  }
2371
2452
  _chunkSMVZ3ZDJcjs.__name.call(void 0, getKeyByData, "getKeyByData");
2372
2453
  function getMockDb(workopt) {
2373
2454
  const { reqdata, mockdata } = workopt;
2374
- const wsfn = _optionalChain([mockdata, 'optionalAccess', _251 => _251.fn]) ? _optionalChain([$asai, 'access', _252 => _252.asaimock, 'access', _253 => _253.fn, 'optionalAccess', _254 => _254[mockdata.fn]]) : null;
2455
+ const wsfn = _optionalChain([mockdata, 'optionalAccess', _258 => _258.fn]) ? _optionalChain([$asai, 'access', _259 => _259.asaimock, 'access', _260 => _260.fn, 'optionalAccess', _261 => _261[mockdata.fn]]) : null;
2375
2456
  if (wsfn) return wsfn({ workopt, $asai, mockName: mockdata.fn });
2376
2457
  return { ...reqdata, ...mockdata || {} };
2377
2458
  }
2378
2459
  _chunkSMVZ3ZDJcjs.__name.call(void 0, getMockDb, "getMockDb");
2379
2460
  function wsWorkApi(workopt) {
2380
- _optionalChain([$asai, 'access', _255 => _255.serversws, 'access', _256 => _256[workopt.hostdir], 'optionalAccess', _257 => _257.sendws, 'optionalCall', _258 => _258(workopt.reqdataisobj ? getMockDb(workopt) : workopt.reqdata, 0, workopt.ws)]);
2461
+ _optionalChain([$asai, 'access', _262 => _262.serversws, 'access', _263 => _263[workopt.hostdir], 'optionalAccess', _264 => _264.sendws, 'optionalCall', _265 => _265(workopt.reqdataisobj ? getMockDb(workopt) : workopt.reqdata, 0, workopt.ws)]);
2381
2462
  }
2382
2463
  _chunkSMVZ3ZDJcjs.__name.call(void 0, wsWorkApi, "wsWorkApi");
2383
2464
  function wsWorkListen(workopt, reqkey) {
2384
- if (_optionalChain([workopt, 'access', _259 => _259.reqdata, 'optionalAccess', _260 => _260.off])) {
2465
+ if (_optionalChain([workopt, 'access', _266 => _266.reqdata, 'optionalAccess', _267 => _267.off])) {
2385
2466
  if ($asai.tasksws[workopt.hostdir][reqkey]) {
2386
2467
  clearInterval($asai.tasksws[workopt.hostdir][reqkey]);
2387
2468
  $asai.tasksws[workopt.hostdir][reqkey] = null;
@@ -2396,9 +2477,9 @@ function wsMock($asai) {
2396
2477
  if (!$asai.tasksws[workopt.hostdir][reqkey]) {
2397
2478
  clearInterval($asai.tasksws[workopt.hostdir][reqkey]);
2398
2479
  }
2399
- }, _optionalChain([newDataMock, 'optionalAccess', _261 => _261.tc]) || 2e3);
2400
- _optionalChain([workopt, 'access', _262 => _262.ws, 'optionalAccess', _263 => _263.once, 'optionalCall', _264 => _264("close", () => {
2401
- if (_optionalChain([$asai, 'access', _265 => _265.tasksws, 'access', _266 => _266[workopt.hostdir], 'optionalAccess', _267 => _267[reqkey]])) {
2480
+ }, _optionalChain([newDataMock, 'optionalAccess', _268 => _268.tc]) || 2e3);
2481
+ _optionalChain([workopt, 'access', _269 => _269.ws, 'optionalAccess', _270 => _270.once, 'optionalCall', _271 => _271("close", () => {
2482
+ if (_optionalChain([$asai, 'access', _272 => _272.tasksws, 'access', _273 => _273[workopt.hostdir], 'optionalAccess', _274 => _274[reqkey]])) {
2402
2483
  clearInterval($asai.tasksws[workopt.hostdir][reqkey]);
2403
2484
  delete $asai.tasksws[workopt.hostdir][reqkey];
2404
2485
  }
@@ -2406,8 +2487,8 @@ function wsMock($asai) {
2406
2487
  }
2407
2488
  _chunkSMVZ3ZDJcjs.__name.call(void 0, wsWorkListen, "wsWorkListen");
2408
2489
  function wsWorkMock(workopt) {
2409
- workopt.mockdata = workopt.reqdataisobj && _optionalChain([$asai, 'access', _268 => _268.asaimock, 'optionalAccess', _269 => _269.db, 'optionalAccess', _270 => _270[workopt.hostdir], 'optionalAccess', _271 => _271[_optionalChain([workopt, 'access', _272 => _272.reqdata, 'optionalAccess', _273 => _273.ty])]]) || {};
2410
- if (_optionalChain([workopt, 'access', _274 => _274.mockdata, 'optionalAccess', _275 => _275.wc])) {
2490
+ workopt.mockdata = workopt.reqdataisobj && _optionalChain([$asai, 'access', _275 => _275.asaimock, 'optionalAccess', _276 => _276.db, 'optionalAccess', _277 => _277[workopt.hostdir], 'optionalAccess', _278 => _278[_optionalChain([workopt, 'access', _279 => _279.reqdata, 'optionalAccess', _280 => _280.ty])]]) || {};
2491
+ if (_optionalChain([workopt, 'access', _281 => _281.mockdata, 'optionalAccess', _282 => _282.wc])) {
2411
2492
  wsWorkListen(workopt, getKeyByData(workopt.reqdata, workopt.hostdir));
2412
2493
  } else {
2413
2494
  wsWorkApi(workopt);
@@ -2420,11 +2501,11 @@ _chunkSMVZ3ZDJcjs.__name.call(void 0, wsMock, "wsMock");
2420
2501
 
2421
2502
  // src/infra/user-auth.ts
2422
2503
  async function attachServerUserLevel(req, $asai) {
2423
- const userinfo = _optionalChain([req, 'optionalAccess', _276 => _276.Userinfo]);
2504
+ const userinfo = _optionalChain([req, 'optionalAccess', _283 => _283.Userinfo]);
2424
2505
  if (!Array.isArray(userinfo) || !userinfo[0]) return;
2425
2506
  const us = String(userinfo[0]);
2426
2507
  try {
2427
- const { createUserStore: createUserStore2 } = await Promise.resolve().then(() => _interopRequireWildcard(require("./user-store-55HOLHEM.cjs")));
2508
+ const { createUserStore: createUserStore2 } = await Promise.resolve().then(() => _interopRequireWildcard(require("./user-store-6QNAL4CK.cjs")));
2428
2509
  const user = await createUserStore2($asai).findByUsername(us);
2429
2510
  if (user && user.status === "active") {
2430
2511
  req._serverUser = { us: user.us, lv: user.lv, status: user.status };
@@ -2432,34 +2513,34 @@ async function attachServerUserLevel(req, $asai) {
2432
2513
  } else {
2433
2514
  req._serverUser = null;
2434
2515
  }
2435
- } catch (e36) {
2516
+ } catch (e41) {
2436
2517
  req._serverUser = null;
2437
2518
  }
2438
2519
  }
2439
2520
  _chunkSMVZ3ZDJcjs.__name.call(void 0, attachServerUserLevel, "attachServerUserLevel");
2440
2521
  function getRequestUserLevel(req) {
2441
- if (_optionalChain([req, 'optionalAccess', _277 => _277._serverUser, 'optionalAccess', _278 => _278.lv]) != null) return Number(req._serverUser.lv);
2442
- const n = Number(_nullishCoalesce(_optionalChain([req, 'optionalAccess', _279 => _279.Userinfo, 'optionalAccess', _280 => _280[1]]), () => ( -1)));
2522
+ if (_optionalChain([req, 'optionalAccess', _284 => _284._serverUser, 'optionalAccess', _285 => _285.lv]) != null) return Number(req._serverUser.lv);
2523
+ const n = Number(_nullishCoalesce(_optionalChain([req, 'optionalAccess', _286 => _286.Userinfo, 'optionalAccess', _287 => _287[1]]), () => ( -1)));
2443
2524
  return Number.isFinite(n) ? n : -1;
2444
2525
  }
2445
2526
  _chunkSMVZ3ZDJcjs.__name.call(void 0, getRequestUserLevel, "getRequestUserLevel");
2446
2527
  function getRequestUsername(req) {
2447
- if (_optionalChain([req, 'optionalAccess', _281 => _281._serverUser, 'optionalAccess', _282 => _282.us])) return String(req._serverUser.us);
2448
- const us = _optionalChain([req, 'optionalAccess', _283 => _283.Userinfo, 'optionalAccess', _284 => _284[0]]);
2528
+ if (_optionalChain([req, 'optionalAccess', _288 => _288._serverUser, 'optionalAccess', _289 => _289.us])) return String(req._serverUser.us);
2529
+ const us = _optionalChain([req, 'optionalAccess', _290 => _290.Userinfo, 'optionalAccess', _291 => _291[0]]);
2449
2530
  return us ? String(us) : void 0;
2450
2531
  }
2451
2532
  _chunkSMVZ3ZDJcjs.__name.call(void 0, getRequestUsername, "getRequestUsername");
2452
2533
 
2453
2534
  // src/infra/access-control.ts
2454
2535
  function getSecurityConfig($asai) {
2455
- return _optionalChain([$asai, 'optionalAccess', _285 => _285.hostconfig, 'optionalAccess', _286 => _286.security]) || {};
2536
+ return _optionalChain([$asai, 'optionalAccess', _292 => _292.hostconfig, 'optionalAccess', _293 => _293.security]) || {};
2456
2537
  }
2457
2538
  _chunkSMVZ3ZDJcjs.__name.call(void 0, getSecurityConfig, "getSecurityConfig");
2458
- function pathMatchesPattern(path8, pattern) {
2539
+ function pathMatchesPattern(path9, pattern) {
2459
2540
  if (pattern.endsWith("*")) {
2460
- return path8.startsWith(pattern.slice(0, -1));
2541
+ return path9.startsWith(pattern.slice(0, -1));
2461
2542
  }
2462
- return path8 === pattern;
2543
+ return path9 === pattern;
2463
2544
  }
2464
2545
  _chunkSMVZ3ZDJcjs.__name.call(void 0, pathMatchesPattern, "pathMatchesPattern");
2465
2546
  function isAuthSkipped($asai, pathname) {
@@ -2486,13 +2567,13 @@ function validateHttpAuth(req, $asai, pathname) {
2486
2567
  if (!isAuthRequired($asai, pathname)) {
2487
2568
  return { ok: true };
2488
2569
  }
2489
- const userinfo = _optionalChain([req, 'optionalAccess', _287 => _287.Userinfo]);
2570
+ const userinfo = _optionalChain([req, 'optionalAccess', _294 => _294.Userinfo]);
2490
2571
  const ip = getClientIp(req);
2491
2572
  if (!Array.isArray(userinfo) || userinfo.length < 3 || !userinfo[0]) {
2492
2573
  logSecurityEvent($asai, {
2493
2574
  type: "AUTH_MISSING",
2494
2575
  path: pathname,
2495
- method: _optionalChain([req, 'optionalAccess', _288 => _288.method]),
2576
+ method: _optionalChain([req, 'optionalAccess', _295 => _295.method]),
2496
2577
  ip,
2497
2578
  detail: "Userinfo header missing or invalid"
2498
2579
  });
@@ -2506,7 +2587,7 @@ function validateHttpAuth(req, $asai, pathname) {
2506
2587
  logSecurityEvent($asai, {
2507
2588
  type: "ACCESS_DENIED",
2508
2589
  path: pathname,
2509
- method: _optionalChain([req, 'optionalAccess', _289 => _289.method]),
2590
+ method: _optionalChain([req, 'optionalAccess', _296 => _296.method]),
2510
2591
  user: String(us),
2511
2592
  level: userLevel,
2512
2593
  ip,
@@ -2518,13 +2599,13 @@ function validateHttpAuth(req, $asai, pathname) {
2518
2599
  }
2519
2600
  _chunkSMVZ3ZDJcjs.__name.call(void 0, validateHttpAuth, "validateHttpAuth");
2520
2601
  async function validateHttpAuthAsync(req, $asai, pathname) {
2521
- if (Array.isArray(_optionalChain([req, 'optionalAccess', _290 => _290.Userinfo])) && req.Userinfo[0]) {
2602
+ if (Array.isArray(_optionalChain([req, 'optionalAccess', _297 => _297.Userinfo])) && req.Userinfo[0]) {
2522
2603
  await attachServerUserLevel(req, $asai);
2523
2604
  if (!req._serverUser && isAuthRequired($asai, pathname)) {
2524
2605
  logSecurityEvent($asai, {
2525
2606
  type: "ACCESS_DENIED",
2526
2607
  path: pathname,
2527
- method: _optionalChain([req, 'optionalAccess', _291 => _291.method]),
2608
+ method: _optionalChain([req, 'optionalAccess', _298 => _298.method]),
2528
2609
  user: String(req.Userinfo[0]),
2529
2610
  ip: getClientIp(req),
2530
2611
  detail: "User not found or inactive"
@@ -2586,7 +2667,7 @@ function resolveApiCorsOrigin(req, hostcfg, getHeader) {
2586
2667
  if (referer) {
2587
2668
  try {
2588
2669
  origin = new URL(referer).origin;
2589
- } catch (e37) {
2670
+ } catch (e42) {
2590
2671
  const parts = referer.split("/");
2591
2672
  if (parts.length >= 3) origin = `${parts[0]}//${parts[2]}`;
2592
2673
  }
@@ -2598,7 +2679,7 @@ _chunkSMVZ3ZDJcjs.__name.call(void 0, resolveApiCorsOrigin, "resolveApiCorsOrigi
2598
2679
  function isApiCorsAllowed(origin, hostcfg, hostHeader) {
2599
2680
  if (!origin) return false;
2600
2681
  if (origin === "*") return true;
2601
- const corsList = _optionalChain([hostcfg, 'optionalAccess', _292 => _292.cors]);
2682
+ const corsList = _optionalChain([hostcfg, 'optionalAccess', _299 => _299.cors]);
2602
2683
  if (!Array.isArray(corsList) || !corsList.length) return true;
2603
2684
  if (corsList.includes(origin)) return true;
2604
2685
  if (hostHeader && origin.includes(hostHeader)) return true;
@@ -2644,19 +2725,19 @@ _chunkSMVZ3ZDJcjs.__name.call(void 0, isPlainSourcePost, "isPlainSourcePost");
2644
2725
  function processPostPayload($asai, req, postdata, pm) {
2645
2726
  let isAes = false;
2646
2727
  let out = postdata;
2647
- if ($asai.$lib.aesfns && _optionalChain([out, 'optionalAccess', _293 => _293.startsWith, 'optionalCall', _294 => _294('{"aes":')])) {
2728
+ if ($asai.$lib.aesfns && _optionalChain([out, 'optionalAccess', _300 => _300.startsWith, 'optionalCall', _301 => _301('{"aes":')])) {
2648
2729
  isAes = true;
2649
2730
  const aesData = JSON.parse(out);
2650
2731
  out = $asai.$lib.aesfns.reqAES({ data: aesData });
2651
- if (_optionalChain([aesData, 'optionalAccess', _295 => _295.aes]) === 2 && typeof out === "string") {
2732
+ if (_optionalChain([aesData, 'optionalAccess', _302 => _302.aes]) === 2 && typeof out === "string") {
2652
2733
  try {
2653
2734
  out = JSON.parse(out);
2654
- } catch (e38) {
2735
+ } catch (e43) {
2655
2736
  }
2656
2737
  }
2657
2738
  }
2658
2739
  const plainJson = typeof out === "string" && out.trimStart().startsWith("{");
2659
- if (_optionalChain([req, 'optionalAccess', _296 => _296.Userinfo, 'optionalAccess', _297 => _297[2]]) && !plainJson && !isRawUploadPost(_optionalChain([req, 'optionalAccess', _298 => _298.url])) && !isPlainSourcePost(_optionalChain([req, 'optionalAccess', _299 => _299.url]))) {
2740
+ if (_optionalChain([req, 'optionalAccess', _303 => _303.Userinfo, 'optionalAccess', _304 => _304[2]]) && !plainJson && !isRawUploadPost(_optionalChain([req, 'optionalAccess', _305 => _305.url])) && !isPlainSourcePost(_optionalChain([req, 'optionalAccess', _306 => _306.url]))) {
2660
2741
  pm = req.Userinfo[2];
2661
2742
  out = $asai.$lib.AsCode.asdecode(out, pm);
2662
2743
  }
@@ -2664,7 +2745,7 @@ function processPostPayload($asai, req, postdata, pm) {
2664
2745
  }
2665
2746
  _chunkSMVZ3ZDJcjs.__name.call(void 0, processPostPayload, "processPostPayload");
2666
2747
  var Api_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai, opt = {}) => {
2667
- _optionalChain([opt, 'optionalAccess', _300 => _300.fn, 'optionalCall', _301 => _301($asai)]);
2748
+ _optionalChain([opt, 'optionalAccess', _307 => _307.fn, 'optionalCall', _308 => _308($asai)]);
2668
2749
  function getHeader(req, key) {
2669
2750
  return req.headers[key.toLowerCase()] || "";
2670
2751
  }
@@ -2673,7 +2754,7 @@ var Api_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
2673
2754
  let apiRouteCacheLen = -1;
2674
2755
  function findApiHandler($asai2, pathname) {
2675
2756
  const apis = $asai2.hostserverapis;
2676
- if (!_optionalChain([apis, 'optionalAccess', _302 => _302.length])) return void 0;
2757
+ if (!_optionalChain([apis, 'optionalAccess', _309 => _309.length])) return void 0;
2677
2758
  if (!apiRouteCache || apiRouteCacheLen !== apis.length) {
2678
2759
  apiRouteCache = apis.map((elp) => ({ key: elp, path: `/api/${elp}` }));
2679
2760
  apiRouteCacheLen = apis.length;
@@ -2721,9 +2802,9 @@ var Api_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
2721
2802
  pm: decodeURIComponent(urlParse.search.substring(4))
2722
2803
  };
2723
2804
  if (req.url.indexOf("binary") === -1) {
2724
- if (_optionalChain([req, 'optionalAccess', _303 => _303.Userinfo]) && _optionalChain([req, 'optionalAccess', _304 => _304.Userinfo, 'access', _305 => _305[2]]) && _optionalChain([query, 'optionalAccess', _306 => _306.pm])) {
2805
+ if (_optionalChain([req, 'optionalAccess', _310 => _310.Userinfo]) && _optionalChain([req, 'optionalAccess', _311 => _311.Userinfo, 'access', _312 => _312[2]]) && _optionalChain([query, 'optionalAccess', _313 => _313.pm])) {
2725
2806
  pm = req.Userinfo[2];
2726
- query = $asai.$lib.AsCode.asdecode(_optionalChain([query, 'optionalAccess', _307 => _307.pm]), pm);
2807
+ query = $asai.$lib.AsCode.asdecode(_optionalChain([query, 'optionalAccess', _314 => _314.pm]), pm);
2727
2808
  query = Object.fromEntries(new URLSearchParams("?" + query).entries());
2728
2809
  }
2729
2810
  }
@@ -2742,7 +2823,7 @@ var Api_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
2742
2823
  const releaseSlot = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, () => releaseApiSlot(hostdir, clientIp), "releaseSlot");
2743
2824
  res.once("finish", releaseSlot);
2744
2825
  res.once("close", releaseSlot);
2745
- const maxBody = _optionalChain([$asai, 'access', _308 => _308.hostconfig, 'optionalAccess', _309 => _309.maxbody]) || 100 * 1024 * 1024;
2826
+ const maxBody = _optionalChain([$asai, 'access', _315 => _315.hostconfig, 'optionalAccess', _316 => _316.maxbody]) || 100 * 1024 * 1024;
2746
2827
  const isTextPost = req.method === "POST" && req.url.indexOf("binary") === -1;
2747
2828
  const bodyPromise = isTextPost ? readRequestBody(req, maxBody) : null;
2748
2829
  void (async () => {
@@ -2756,16 +2837,16 @@ var Api_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
2756
2837
  ]);
2757
2838
  } catch (err) {
2758
2839
  releaseSlot();
2759
- if (_optionalChain([err, 'optionalAccess', _310 => _310.message]) === "PAYLOAD_TOO_LARGE") {
2840
+ if (_optionalChain([err, 'optionalAccess', _317 => _317.message]) === "PAYLOAD_TOO_LARGE") {
2760
2841
  return sendError(res, 413, "Payload Too Large");
2761
2842
  }
2762
- return sendError(res, 400, _optionalChain([err, 'optionalAccess', _311 => _311.message]) || "Bad Request");
2843
+ return sendError(res, 400, _optionalChain([err, 'optionalAccess', _318 => _318.message]) || "Bad Request");
2763
2844
  }
2764
2845
  if (!authResult.ok) {
2765
2846
  releaseSlot();
2766
2847
  return sendAuthError(res, authResult);
2767
2848
  }
2768
- let apiFn = _optionalChain([$asai, 'access', _312 => _312.hostserverapi, 'access', _313 => _313[apiHandlerKey], 'optionalCall', _314 => _314($asai, query)]);
2849
+ let apiFn = _optionalChain([$asai, 'access', _319 => _319.hostserverapi, 'access', _320 => _320[apiHandlerKey], 'optionalCall', _321 => _321($asai, query)]);
2769
2850
  if (!apiFn) {
2770
2851
  return sendError(res, 501, "Not Implemented");
2771
2852
  }
@@ -2781,23 +2862,23 @@ var Api_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
2781
2862
  postdata = processed.postdata;
2782
2863
  pm = processed.pm;
2783
2864
  isAes = processed.isAes;
2784
- } catch (e39) {
2865
+ } catch (e44) {
2785
2866
  return sendError(res, 400, "AES decrypt failed");
2786
2867
  }
2787
- if (_optionalChain([apiFn, 'optionalAccess', _315 => _315.post]) && typeof _optionalChain([apiFn, 'optionalAccess', _316 => _316.post]) === "function") {
2868
+ if (_optionalChain([apiFn, 'optionalAccess', _322 => _322.post]) && typeof _optionalChain([apiFn, 'optionalAccess', _323 => _323.post]) === "function") {
2788
2869
  const optTmp = { qrdata, data: postdata, pm };
2789
- if (isAes || _optionalChain([$asai, 'access', _317 => _317.$lib, 'access', _318 => _318.aesfns, 'optionalAccess', _319 => _319.allaes])) {
2790
- optTmp.resAES = _optionalChain([$asai, 'access', _320 => _320.$lib, 'access', _321 => _321.aesfns, 'optionalAccess', _322 => _322.resAES]);
2870
+ if (isAes || _optionalChain([$asai, 'access', _324 => _324.$lib, 'access', _325 => _325.aesfns, 'optionalAccess', _326 => _326.allaes])) {
2871
+ optTmp.resAES = _optionalChain([$asai, 'access', _327 => _327.$lib, 'access', _328 => _328.aesfns, 'optionalAccess', _329 => _329.resAES]);
2791
2872
  }
2792
2873
  apiFn.post(req, res, hostdir, optTmp);
2793
2874
  } else {
2794
2875
  res.end(typeof postdata === "string" ? postdata : JSON.stringify(_nullishCoalesce(postdata, () => ( ""))));
2795
2876
  }
2796
2877
  } else if (req.method === "GET") {
2797
- if (_optionalChain([apiFn, 'optionalAccess', _323 => _323.get]) && typeof _optionalChain([apiFn, 'optionalAccess', _324 => _324.get]) === "function") {
2878
+ if (_optionalChain([apiFn, 'optionalAccess', _330 => _330.get]) && typeof _optionalChain([apiFn, 'optionalAccess', _331 => _331.get]) === "function") {
2798
2879
  const optTmp = { qrdata, data: qrdata, pm };
2799
- if (isAes || _optionalChain([$asai, 'access', _325 => _325.$lib, 'access', _326 => _326.aesfns, 'optionalAccess', _327 => _327.allaes])) {
2800
- optTmp.resAES = _optionalChain([$asai, 'access', _328 => _328.$lib, 'access', _329 => _329.aesfns, 'optionalAccess', _330 => _330.resAES]);
2880
+ if (isAes || _optionalChain([$asai, 'access', _332 => _332.$lib, 'access', _333 => _333.aesfns, 'optionalAccess', _334 => _334.allaes])) {
2881
+ optTmp.resAES = _optionalChain([$asai, 'access', _335 => _335.$lib, 'access', _336 => _336.aesfns, 'optionalAccess', _337 => _337.resAES]);
2801
2882
  }
2802
2883
  apiFn.get(req, res, hostdir, optTmp);
2803
2884
  } else {
@@ -2805,12 +2886,12 @@ var Api_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
2805
2886
  }
2806
2887
  }
2807
2888
  } else {
2808
- if (_optionalChain([Object, 'access', _331 => _331.keys, 'call', _332 => _332(query), 'optionalAccess', _333 => _333.length])) {
2889
+ if (_optionalChain([Object, 'access', _338 => _338.keys, 'call', _339 => _339(query), 'optionalAccess', _340 => _340.length])) {
2809
2890
  qrdata = query;
2810
2891
  }
2811
2892
  if (req.method === "POST") {
2812
2893
  $asai.$lib.AsNodeTool.upBinary(req).then((postdata2) => {
2813
- if (_optionalChain([apiFn, 'optionalAccess', _334 => _334.post]) && typeof _optionalChain([apiFn, 'optionalAccess', _335 => _335.post]) === "function") {
2894
+ if (_optionalChain([apiFn, 'optionalAccess', _341 => _341.post]) && typeof _optionalChain([apiFn, 'optionalAccess', _342 => _342.post]) === "function") {
2814
2895
  apiFn.post(req, res, hostdir, {
2815
2896
  qrdata,
2816
2897
  data: postdata2
@@ -2826,13 +2907,13 @@ var Api_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
2826
2907
  } catch (err) {
2827
2908
  releaseSlot();
2828
2909
  if (!res.headersSent) {
2829
- return sendError(res, 500, _optionalChain([err, 'optionalAccess', _336 => _336.message]) || "Internal Server Error");
2910
+ return sendError(res, 500, _optionalChain([err, 'optionalAccess', _343 => _343.message]) || "Internal Server Error");
2830
2911
  }
2831
2912
  }
2832
2913
  })().catch((err) => {
2833
2914
  releaseSlot();
2834
2915
  if (!res.headersSent) {
2835
- sendError(res, 500, _optionalChain([err, 'optionalAccess', _337 => _337.message]) || "Internal Server Error");
2916
+ sendError(res, 500, _optionalChain([err, 'optionalAccess', _344 => _344.message]) || "Internal Server Error");
2836
2917
  }
2837
2918
  });
2838
2919
  } else {
@@ -2845,12 +2926,12 @@ var Api_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
2845
2926
 
2846
2927
  // src/common/server/Ws.ts
2847
2928
  var Ws_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai, opt = {}) => {
2848
- _optionalChain([opt, 'optionalAccess', _338 => _338.fn, 'optionalCall', _339 => _339($asai)]);
2929
+ _optionalChain([opt, 'optionalAccess', _345 => _345.fn, 'optionalCall', _346 => _346($asai)]);
2849
2930
  const wsHandlerCache = /* @__PURE__ */ new Map();
2850
2931
  const routeIndex = ensureWsRouteIndex($asai);
2851
2932
  function getWsHandler(handlerKey) {
2852
2933
  if (!wsHandlerCache.has(handlerKey)) {
2853
- wsHandlerCache.set(handlerKey, _optionalChain([$asai, 'access', _340 => _340.hostserverws, 'access', _341 => _341[handlerKey], 'optionalCall', _342 => _342($asai)]));
2934
+ wsHandlerCache.set(handlerKey, _optionalChain([$asai, 'access', _347 => _347.hostserverws, 'access', _348 => _348[handlerKey], 'optionalCall', _349 => _349($asai)]));
2854
2935
  }
2855
2936
  return wsHandlerCache.get(handlerKey);
2856
2937
  }
@@ -2874,21 +2955,21 @@ var Ws_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai, o
2874
2955
  let reqdata = parseMessage(msg);
2875
2956
  let handlerKey;
2876
2957
  if (reqdata === "ping") {
2877
- _optionalChain([ws2, 'access', _343 => _343.send, 'optionalCall', _344 => _344("pong")]);
2958
+ _optionalChain([ws2, 'access', _350 => _350.send, 'optionalCall', _351 => _351("pong")]);
2878
2959
  return;
2879
2960
  } else {
2880
2961
  const reqdataisobj = typeof reqdata === "object" && reqdata !== null;
2881
- handlerKey = reqdataisobj ? routeIndex.matchTy(_optionalChain([reqdata, 'optionalAccess', _345 => _345.ty])) : routeIndex.matchString(reqdata);
2882
- if (!handlerKey && _optionalChain([$asai, 'access', _346 => _346.hostserverwss, 'optionalAccess', _347 => _347.length])) {
2962
+ handlerKey = reqdataisobj ? routeIndex.matchTy(_optionalChain([reqdata, 'optionalAccess', _352 => _352.ty])) : routeIndex.matchString(reqdata);
2963
+ if (!handlerKey && _optionalChain([$asai, 'access', _353 => _353.hostserverwss, 'optionalAccess', _354 => _354.length])) {
2883
2964
  handlerKey = $asai.hostserverwss.find((elp) => {
2884
2965
  if (reqdataisobj) {
2885
- return _optionalChain([reqdata, 'optionalAccess', _348 => _348.ty, 'optionalAccess', _349 => _349.startsWith, 'call', _350 => _350(elp)]);
2966
+ return _optionalChain([reqdata, 'optionalAccess', _355 => _355.ty, 'optionalAccess', _356 => _356.startsWith, 'call', _357 => _357(elp)]);
2886
2967
  }
2887
2968
  return typeof reqdata === "string" && reqdata.startsWith(elp);
2888
2969
  });
2889
2970
  }
2890
2971
  if (!handlerKey) {
2891
- _optionalChain([$asai, 'access', _351 => _351.asaimock, 'optionalAccess', _352 => _352.wsWorkMock, 'call', _353 => _353({
2972
+ _optionalChain([$asai, 'access', _358 => _358.asaimock, 'optionalAccess', _359 => _359.wsWorkMock, 'call', _360 => _360({
2892
2973
  msg,
2893
2974
  ws: ws2,
2894
2975
  hostdir,
@@ -2900,14 +2981,14 @@ var Ws_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai, o
2900
2981
  }
2901
2982
  }
2902
2983
  if (!handlerKey) return;
2903
- _optionalChain([getWsHandler, 'call', _354 => _354(handlerKey), 'optionalAccess', _355 => _355.work, 'optionalCall', _356 => _356(reqdata, ws2, hostdir, req)]);
2984
+ _optionalChain([getWsHandler, 'call', _361 => _361(handlerKey), 'optionalAccess', _362 => _362.work, 'optionalCall', _363 => _363(reqdata, ws2, hostdir, req)]);
2904
2985
  } catch (err) {
2905
- _optionalChain([($asai.$log || console.error), 'optionalCall', _357 => _357("WS", "handler error", err instanceof Error ? err.message : err)]);
2986
+ _optionalChain([($asai.$log || console.error), 'optionalCall', _364 => _364("WS", "handler error", err instanceof Error ? err.message : err)]);
2906
2987
  }
2907
2988
  }
2908
2989
  _chunkSMVZ3ZDJcjs.__name.call(void 0, wsWork, "wsWork");
2909
2990
  function _getMessage(msg) {
2910
- if (_optionalChain([msg, 'optionalAccess', _358 => _358.db, 'optionalAccess', _359 => _359.aes]) && _optionalChain([$asai, 'access', _360 => _360.$lib, 'optionalAccess', _361 => _361.aesfns, 'optionalAccess', _362 => _362.reqAES])) {
2991
+ if (_optionalChain([msg, 'optionalAccess', _365 => _365.db, 'optionalAccess', _366 => _366.aes]) && _optionalChain([$asai, 'access', _367 => _367.$lib, 'optionalAccess', _368 => _368.aesfns, 'optionalAccess', _369 => _369.reqAES])) {
2911
2992
  msg.db = $asai.$lib.aesfns.reqAES({ data: msg.db });
2912
2993
  }
2913
2994
  return msg;
@@ -2934,12 +3015,12 @@ var Ws_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai, o
2934
3015
 
2935
3016
  // src/common/server/Sys.ts
2936
3017
  var Sys_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai, opt = {}) => {
2937
- _optionalChain([opt, 'optionalAccess', _363 => _363.fn, 'optionalCall', _364 => _364($asai)]);
3018
+ _optionalChain([opt, 'optionalAccess', _370 => _370.fn, 'optionalCall', _371 => _371($asai)]);
2938
3019
  let sysRouteCache = null;
2939
3020
  let sysRouteCacheLen = -1;
2940
3021
  function findSystemHandler(req) {
2941
3022
  const routes = $asai.hostserversyss;
2942
- if (!_optionalChain([routes, 'optionalAccess', _365 => _365.length])) return void 0;
3023
+ if (!_optionalChain([routes, 'optionalAccess', _372 => _372.length])) return void 0;
2943
3024
  if (!sysRouteCache || sysRouteCacheLen !== routes.length) {
2944
3025
  sysRouteCache = routes.map((elp) => ({ key: elp, route: `/${elp}` }));
2945
3026
  sysRouteCacheLen = routes.length;
@@ -2973,21 +3054,21 @@ var Sys_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
2973
3054
  if (!authResult.ok) {
2974
3055
  return sendAuthError(res, authResult);
2975
3056
  }
2976
- const handler = _optionalChain([$asai, 'access', _366 => _366.hostserversys, 'access', _367 => _367[handlerKey], 'optionalCall', _368 => _368($asai)]);
3057
+ const handler = _optionalChain([$asai, 'access', _373 => _373.hostserversys, 'access', _374 => _374[handlerKey], 'optionalCall', _375 => _375($asai)]);
2977
3058
  if (!handler) {
2978
3059
  return sendError(res, 500, "Handler Initialization Failed");
2979
3060
  }
2980
- if (_optionalChain([handler, 'optionalAccess', _369 => _369.show]) && typeof _optionalChain([handler, 'optionalAccess', _370 => _370.show]) === "function") {
3061
+ if (_optionalChain([handler, 'optionalAccess', _376 => _376.show]) && typeof _optionalChain([handler, 'optionalAccess', _377 => _377.show]) === "function") {
2981
3062
  handler.show(req, res, hostdir);
2982
3063
  } else {
2983
3064
  res.end("postdata");
2984
3065
  }
2985
3066
  } catch (err) {
2986
- return sendError(res, 500, _optionalChain([err, 'optionalAccess', _371 => _371.message]) || "Internal Server Error");
3067
+ return sendError(res, 500, _optionalChain([err, 'optionalAccess', _378 => _378.message]) || "Internal Server Error");
2987
3068
  }
2988
3069
  })().catch((err) => {
2989
3070
  if (!res.headersSent) {
2990
- sendError(res, 500, _optionalChain([err, 'optionalAccess', _372 => _372.message]) || "Internal Server Error");
3071
+ sendError(res, 500, _optionalChain([err, 'optionalAccess', _379 => _379.message]) || "Internal Server Error");
2991
3072
  }
2992
3073
  });
2993
3074
  }
@@ -2997,14 +3078,14 @@ var Sys_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
2997
3078
 
2998
3079
  // src/common/server/WsClient.ts
2999
3080
  var WsClient_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai, wsname) => {
3000
- if (!_optionalChain([$asai, 'optionalAccess', _373 => _373.clientws])) {
3081
+ if (!_optionalChain([$asai, 'optionalAccess', _380 => _380.clientws])) {
3001
3082
  $asai.clientws = {};
3002
3083
  }
3003
3084
  if (!$asai.clientws[wsname]) {
3004
3085
  $asai.clientws[wsname] = { tasks: /* @__PURE__ */ new Map() };
3005
3086
  }
3006
3087
  function getKeyByData(msgdata) {
3007
- return _optionalChain([msgdata, 'optionalAccess', _374 => _374.id]) || _optionalChain([msgdata, 'optionalAccess', _375 => _375.ty]);
3088
+ return _optionalChain([msgdata, 'optionalAccess', _381 => _381.id]) || _optionalChain([msgdata, 'optionalAccess', _382 => _382.ty]);
3008
3089
  }
3009
3090
  _chunkSMVZ3ZDJcjs.__name.call(void 0, getKeyByData, "getKeyByData");
3010
3091
  function clientwsInit() {
@@ -3017,7 +3098,7 @@ var WsClient_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($a
3017
3098
  };
3018
3099
  $asai.clientws[wsname].socket.on("error", (err) => {
3019
3100
  $asai.clientws[wsname].open = 0;
3020
- _optionalChain([$asai, 'access', _376 => _376.hostconfig, 'access', _377 => _377.logger, 'optionalAccess', _378 => _378.lv, 'optionalAccess', _379 => _379.view]) && console.error(
3101
+ _optionalChain([$asai, 'access', _383 => _383.hostconfig, 'access', _384 => _384.logger, 'optionalAccess', _385 => _385.lv, 'optionalAccess', _386 => _386.view]) && console.error(
3021
3102
  666.2203,
3022
3103
  `${wsname}=${$asai.command.commandconfig.clientws[wsname]} is error.`,
3023
3104
  err
@@ -3026,14 +3107,14 @@ var WsClient_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($a
3026
3107
  });
3027
3108
  $asai.clientws[wsname].socket.on("close", () => {
3028
3109
  $asai.clientws[wsname].open = 0;
3029
- _optionalChain([$asai, 'access', _380 => _380.hostconfig, 'access', _381 => _381.logger, 'optionalAccess', _382 => _382.lv, 'optionalAccess', _383 => _383.view]) && console.error(
3110
+ _optionalChain([$asai, 'access', _387 => _387.hostconfig, 'access', _388 => _388.logger, 'optionalAccess', _389 => _389.lv, 'optionalAccess', _390 => _390.view]) && console.error(
3030
3111
  666.2205,
3031
3112
  `${wsname}=${$asai.command.commandconfig.clientws[wsname]} is close.`
3032
3113
  );
3033
3114
  reject();
3034
3115
  });
3035
3116
  $asai.clientws[wsname].socket.onopen = () => {
3036
- _optionalChain([$asai, 'access', _384 => _384.hostconfig, 'access', _385 => _385.logger, 'optionalAccess', _386 => _386.lv, 'optionalAccess', _387 => _387.view]) && console.log(
3117
+ _optionalChain([$asai, 'access', _391 => _391.hostconfig, 'access', _392 => _392.logger, 'optionalAccess', _393 => _393.lv, 'optionalAccess', _394 => _394.view]) && console.log(
3037
3118
  666.2201,
3038
3119
  `${wsname}=${$asai.command.commandconfig.clientws[wsname]} is open.`
3039
3120
  );
@@ -3056,7 +3137,7 @@ var WsClient_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($a
3056
3137
  const key = getKeyByData(messageData);
3057
3138
  const task = $asai.clientws[wsname].tasks.get(key);
3058
3139
  if (task) {
3059
- _optionalChain([task, 'optionalAccess', _388 => _388.callback, 'call', _389 => _389(messageData)]);
3140
+ _optionalChain([task, 'optionalAccess', _395 => _395.callback, 'call', _396 => _396(messageData)]);
3060
3141
  if (messageData.ty && !messageData.id) {
3061
3142
  } else {
3062
3143
  $asai.clientws[wsname].tasks.delete(key);
@@ -3110,7 +3191,7 @@ var WsClient_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($a
3110
3191
  }
3111
3192
  _chunkSMVZ3ZDJcjs.__name.call(void 0, clientwsWatch, "clientwsWatch");
3112
3193
  function clientwsWatchOff(messageData) {
3113
- if (_optionalChain([messageData, 'optionalAccess', _390 => _390.ty]) === "clear") {
3194
+ if (_optionalChain([messageData, 'optionalAccess', _397 => _397.ty]) === "clear") {
3114
3195
  $asai.clientws[wsname].tasks = /* @__PURE__ */ new Map();
3115
3196
  } else {
3116
3197
  const key = getKeyByData(messageData);
@@ -3151,7 +3232,7 @@ var ping_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai)
3151
3232
  var web_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai) => {
3152
3233
  function chatBoard(msgdata, ws2, hostdir, req) {
3153
3234
  let room;
3154
- if (_optionalChain([msgdata, 'access', _391 => _391.db, 'optionalAccess', _392 => _392.room]) && typeof msgdata.db.room === "string") {
3235
+ if (_optionalChain([msgdata, 'access', _398 => _398.db, 'optionalAccess', _399 => _399.room]) && typeof msgdata.db.room === "string") {
3155
3236
  room = msgdata.db.room;
3156
3237
  delete msgdata.db.room;
3157
3238
  } else {
@@ -3208,26 +3289,26 @@ var logmanage_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($
3208
3289
  removeFile: removeFile2,
3209
3290
  resolvePathUnderBase: resolvePathUnderBase2
3210
3291
  } = $asai.$lib.AsFs;
3211
- const { sendSuccess, sendFail, mnLog } = _optionalChain([$asai, 'access', _393 => _393.$lib, 'optionalAccess', _394 => _394.reqWork, 'optionalCall', _395 => _395($asai)]);
3292
+ const { sendSuccess, sendFail, mnLog } = _optionalChain([$asai, 'access', _400 => _400.$lib, 'optionalAccess', _401 => _401.reqWork, 'optionalCall', _402 => _402($asai)]);
3212
3293
  function mgLog(...arg) {
3213
3294
  mnLog("LOG", ...arg);
3214
3295
  }
3215
3296
  _chunkSMVZ3ZDJcjs.__name.call(void 0, mgLog, "mgLog");
3216
3297
  function getDir(opt) {
3217
- let tmpDir = _optionalChain([opt, 'access', _396 => _396.qrdata, 'optionalAccess', _397 => _397.dir]) || _optionalChain([opt, 'access', _398 => _398.data, 'optionalAccess', _399 => _399.dir]);
3298
+ let tmpDir = _optionalChain([opt, 'access', _403 => _403.qrdata, 'optionalAccess', _404 => _404.dir]) || _optionalChain([opt, 'access', _405 => _405.data, 'optionalAccess', _406 => _406.dir]);
3218
3299
  if (tmpDir) {
3219
3300
  tmpDir = decodeURIComponent(tmpDir);
3220
3301
  } else {
3221
- tmpDir = _optionalChain([opt, 'access', _400 => _400.qrdata, 'optionalAccess', _401 => _401.ty]) || _optionalChain([opt, 'access', _402 => _402.data, 'optionalAccess', _403 => _403.ty]);
3302
+ tmpDir = _optionalChain([opt, 'access', _407 => _407.qrdata, 'optionalAccess', _408 => _408.ty]) || _optionalChain([opt, 'access', _409 => _409.data, 'optionalAccess', _410 => _410.ty]);
3222
3303
  if (tmpDir) {
3223
3304
  tmpDir = decodeURIComponent(tmpDir);
3224
3305
  if (tmpDir === "access-clf" || tmpDir === "access-w3c") {
3225
- tmpDir = _optionalChain([$asai, 'access', _404 => _404.hostconfig, 'access', _405 => _405.logger, 'optionalAccess', _406 => _406.path, 'optionalAccess', _407 => _407.access]) || "";
3306
+ tmpDir = _optionalChain([$asai, 'access', _411 => _411.hostconfig, 'access', _412 => _412.logger, 'optionalAccess', _413 => _413.path, 'optionalAccess', _414 => _414.access]) || "";
3226
3307
  } else {
3227
- tmpDir = _optionalChain([$asai, 'access', _408 => _408.hostconfig, 'access', _409 => _409.logger, 'optionalAccess', _410 => _410.path, 'optionalAccess', _411 => _411[tmpDir]]) || "";
3308
+ tmpDir = _optionalChain([$asai, 'access', _415 => _415.hostconfig, 'access', _416 => _416.logger, 'optionalAccess', _417 => _417.path, 'optionalAccess', _418 => _418[tmpDir]]) || "";
3228
3309
  }
3229
3310
  } else {
3230
- tmpDir = _optionalChain([$asai, 'access', _412 => _412.hostconfig, 'access', _413 => _413.logger, 'optionalAccess', _414 => _414.path, 'optionalAccess', _415 => _415.client]) || "";
3311
+ tmpDir = _optionalChain([$asai, 'access', _419 => _419.hostconfig, 'access', _420 => _420.logger, 'optionalAccess', _421 => _421.path, 'optionalAccess', _422 => _422.client]) || "";
3231
3312
  }
3232
3313
  }
3233
3314
  return tmpDir;
@@ -3245,7 +3326,7 @@ var logmanage_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($
3245
3326
  return;
3246
3327
  }
3247
3328
  if (url.startsWith("/api/asailog/manage/add/")) {
3248
- if (!await ensureLv(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3329
+ if (!await ensureLv(req, $asai, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3249
3330
  try {
3250
3331
  mgLog("add", "server:", opt.data);
3251
3332
  await $asai.$log("LOG", "ADD", opt.data);
@@ -3259,7 +3340,7 @@ var logmanage_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($
3259
3340
  if (!await ensureLv(req, $asai, 3)) return sendFail(res, "Forbidden", opt);
3260
3341
  try {
3261
3342
  const baseDir = getDir(opt);
3262
- const relPath = decodeURIComponent(_optionalChain([opt, 'access', _416 => _416.qrdata, 'optionalAccess', _417 => _417.path]) || _optionalChain([opt, 'access', _418 => _418.data, 'optionalAccess', _419 => _419.path]));
3343
+ const relPath = decodeURIComponent(_optionalChain([opt, 'access', _423 => _423.qrdata, 'optionalAccess', _424 => _424.path]) || _optionalChain([opt, 'access', _425 => _425.data, 'optionalAccess', _426 => _426.path]));
3263
3344
  const jsonpath = resolvePathUnderBase2(baseDir, relPath);
3264
3345
  await ensureFile2(jsonpath);
3265
3346
  mgLog("ENSURE", jsonpath);
@@ -3278,9 +3359,9 @@ var logmanage_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($
3278
3359
  async function get(req, res, hostdir, opt) {
3279
3360
  const url = req.url;
3280
3361
  if (url.startsWith("/api/asailog/manage/selectlist/")) {
3281
- if (!await ensureLv(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3362
+ if (!await ensureLv(req, $asai, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3282
3363
  try {
3283
- const ty = decodeURIComponent(_optionalChain([opt, 'access', _420 => _420.qrdata, 'optionalAccess', _421 => _421.ty]) || _optionalChain([opt, 'access', _422 => _422.data, 'optionalAccess', _423 => _423.ty]) || "client");
3364
+ const ty = decodeURIComponent(_optionalChain([opt, 'access', _427 => _427.qrdata, 'optionalAccess', _428 => _428.ty]) || _optionalChain([opt, 'access', _429 => _429.data, 'optionalAccess', _430 => _430.ty]) || "client");
3284
3365
  if (!_chunkHR5JKN7Ycjs.prefersDiskLogAccess.call(void 0, $asai) && _chunkHR5JKN7Ycjs.isLogStoreEnabled.call(void 0, $asai) && (ty === "client" || ty === "server" || ty === "sec")) {
3285
3366
  const kind = ty === "sec" ? "sec" : "web";
3286
3367
  const groups = await _chunkHR5JKN7Ycjs.listUnifiedGroups.call(void 0, $asai, { kind, source: ty === "sec" ? "sec" : ty });
@@ -3306,10 +3387,10 @@ var logmanage_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($
3306
3387
  return;
3307
3388
  }
3308
3389
  if (url.startsWith("/api/asailog/manage/select/")) {
3309
- if (!await ensureLv(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3390
+ if (!await ensureLv(req, $asai, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3310
3391
  try {
3311
- const ty = decodeURIComponent(_optionalChain([opt, 'access', _424 => _424.qrdata, 'optionalAccess', _425 => _425.ty]) || _optionalChain([opt, 'access', _426 => _426.data, 'optionalAccess', _427 => _427.ty]) || "client");
3312
- const relPath = decodeURIComponent(_optionalChain([opt, 'access', _428 => _428.qrdata, 'optionalAccess', _429 => _429.path]) || _optionalChain([opt, 'access', _430 => _430.data, 'optionalAccess', _431 => _431.path]));
3392
+ const ty = decodeURIComponent(_optionalChain([opt, 'access', _431 => _431.qrdata, 'optionalAccess', _432 => _432.ty]) || _optionalChain([opt, 'access', _433 => _433.data, 'optionalAccess', _434 => _434.ty]) || "client");
3393
+ const relPath = decodeURIComponent(_optionalChain([opt, 'access', _435 => _435.qrdata, 'optionalAccess', _436 => _436.path]) || _optionalChain([opt, 'access', _437 => _437.data, 'optionalAccess', _438 => _438.path]));
3313
3394
  if (!_chunkHR5JKN7Ycjs.prefersDiskLogAccess.call(void 0, $asai) && _chunkHR5JKN7Ycjs.isLogStoreEnabled.call(void 0, $asai) && (ty === "client" || ty === "server" || ty === "sec")) {
3314
3395
  const data2 = await _chunkHR5JKN7Ycjs.readWebLogFromStore.call(void 0, $asai, ty, relPath);
3315
3396
  if (data2) {
@@ -3337,7 +3418,7 @@ var logmanage_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($
3337
3418
  if (!await ensureLv(req, $asai, 3)) return sendFail(res, "Forbidden", opt);
3338
3419
  try {
3339
3420
  const baseDir = getDir(opt);
3340
- const relPath = decodeURIComponent(_optionalChain([opt, 'access', _432 => _432.qrdata, 'optionalAccess', _433 => _433.path]) || _optionalChain([opt, 'access', _434 => _434.data, 'optionalAccess', _435 => _435.path]));
3421
+ const relPath = decodeURIComponent(_optionalChain([opt, 'access', _439 => _439.qrdata, 'optionalAccess', _440 => _440.path]) || _optionalChain([opt, 'access', _441 => _441.data, 'optionalAccess', _442 => _442.path]));
3341
3422
  const fileName = relPath.split(/[/\\]/).pop() || relPath;
3342
3423
  if (_chunkHR5JKN7Ycjs.isLogStoreEnabled.call(void 0, $asai)) {
3343
3424
  await _chunkHR5JKN7Ycjs.purgeStoreEntriesForFile.call(void 0, $asai, fileName).catch(() => void 0);
@@ -3360,14 +3441,14 @@ var logmanage_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($
3360
3441
 
3361
3442
  // src/infra/siem-auth.ts
3362
3443
  function isSiemEnabled($asai) {
3363
- const cfg = _optionalChain([$asai, 'optionalAccess', _436 => _436.hostconfig, 'optionalAccess', _437 => _437.logger, 'optionalAccess', _438 => _438.siem]);
3364
- return !!(_optionalChain([cfg, 'optionalAccess', _439 => _439.enabled]) && getSiemToken($asai));
3444
+ const cfg = _optionalChain([$asai, 'optionalAccess', _443 => _443.hostconfig, 'optionalAccess', _444 => _444.logger, 'optionalAccess', _445 => _445.siem]);
3445
+ return !!(_optionalChain([cfg, 'optionalAccess', _446 => _446.enabled]) && getSiemToken($asai));
3365
3446
  }
3366
3447
  _chunkSMVZ3ZDJcjs.__name.call(void 0, isSiemEnabled, "isSiemEnabled");
3367
3448
  function getSiemToken($asai) {
3368
3449
  const fromEnv = process.env.ASAI_SIEM_TOKEN;
3369
3450
  if (typeof fromEnv === "string" && fromEnv.trim()) return fromEnv.trim();
3370
- const fromCfg = _optionalChain([$asai, 'optionalAccess', _440 => _440.hostconfig, 'optionalAccess', _441 => _441.logger, 'optionalAccess', _442 => _442.siem, 'optionalAccess', _443 => _443.token]);
3451
+ const fromCfg = _optionalChain([$asai, 'optionalAccess', _447 => _447.hostconfig, 'optionalAccess', _448 => _448.logger, 'optionalAccess', _449 => _449.siem, 'optionalAccess', _450 => _450.token]);
3371
3452
  return typeof fromCfg === "string" ? fromCfg.trim() : "";
3372
3453
  }
3373
3454
  _chunkSMVZ3ZDJcjs.__name.call(void 0, getSiemToken, "getSiemToken");
@@ -3375,9 +3456,9 @@ function isSiemTokenValid($asai, req) {
3375
3456
  if (!isSiemEnabled($asai)) return false;
3376
3457
  const expected = getSiemToken($asai);
3377
3458
  if (!expected) return false;
3378
- const header = _optionalChain([req, 'optionalAccess', _444 => _444.headers, 'optionalAccess', _445 => _445["x-siem-token"]]) || _optionalChain([req, 'optionalAccess', _446 => _446.headers, 'optionalAccess', _447 => _447["x-api-key"]]);
3459
+ const header = _optionalChain([req, 'optionalAccess', _451 => _451.headers, 'optionalAccess', _452 => _452["x-siem-token"]]) || _optionalChain([req, 'optionalAccess', _453 => _453.headers, 'optionalAccess', _454 => _454["x-api-key"]]);
3379
3460
  if (typeof header === "string" && header === expected) return true;
3380
- const q = _optionalChain([req, 'optionalAccess', _448 => _448.query]) || {};
3461
+ const q = _optionalChain([req, 'optionalAccess', _455 => _455.query]) || {};
3381
3462
  const qToken = q.siem_token || q.token;
3382
3463
  return typeof qToken === "string" && qToken === expected;
3383
3464
  }
@@ -3401,20 +3482,20 @@ function getNs(raw) {
3401
3482
  }
3402
3483
  _chunkSMVZ3ZDJcjs.__name.call(void 0, getNs, "getNs");
3403
3484
  async function ensureServerUser(req, $asai) {
3404
- if (Array.isArray(_optionalChain([req, 'optionalAccess', _449 => _449.Userinfo])) && req.Userinfo[0]) {
3485
+ if (Array.isArray(_optionalChain([req, 'optionalAccess', _456 => _456.Userinfo])) && req.Userinfo[0]) {
3405
3486
  await attachServerUserLevel(req, $asai);
3406
3487
  }
3407
3488
  }
3408
3489
  _chunkSMVZ3ZDJcjs.__name.call(void 0, ensureServerUser, "ensureServerUser");
3409
3490
  var interventionlog_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai) => {
3410
- const { sendSuccess, sendFail } = _optionalChain([$asai, 'access', _450 => _450.$lib, 'optionalAccess', _451 => _451.reqWork, 'optionalCall', _452 => _452($asai)]) || {};
3491
+ const { sendSuccess, sendFail } = _optionalChain([$asai, 'access', _457 => _457.$lib, 'optionalAccess', _458 => _458.reqWork, 'optionalCall', _459 => _459($asai)]) || {};
3411
3492
  const IL = $asai.$lib.InterventionLog;
3412
3493
  async function get(req, res, hostdir, opt) {
3413
3494
  const url = req.url || "";
3414
3495
  if (url.startsWith("/api/asailog/intervention/selectlist/")) {
3415
- if (!await ensureLogReadAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3496
+ if (!await ensureLogReadAccess(req, $asai, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3416
3497
  try {
3417
- const ns = getNs(_optionalChain([opt, 'access', _453 => _453.qrdata, 'optionalAccess', _454 => _454.ns]) || _optionalChain([opt, 'access', _455 => _455.data, 'optionalAccess', _456 => _456.ns]));
3498
+ const ns = getNs(_optionalChain([opt, 'access', _460 => _460.qrdata, 'optionalAccess', _461 => _461.ns]) || _optionalChain([opt, 'access', _462 => _462.data, 'optionalAccess', _463 => _463.ns]));
3418
3499
  let list = await IL.listInterventionFiles($asai, ns);
3419
3500
  if (_chunkHR5JKN7Ycjs.isLogStoreEnabled.call(void 0, $asai) && !_chunkHR5JKN7Ycjs.prefersDiskLogAccess.call(void 0, $asai)) {
3420
3501
  const groups = await _chunkHR5JKN7Ycjs.listUnifiedGroups.call(void 0, $asai, { kind: "intervention", ns });
@@ -3426,27 +3507,27 @@ var interventionlog_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void
3426
3507
  }
3427
3508
  return sendSuccess(res, { ns, files: list }, opt);
3428
3509
  } catch (err) {
3429
- return sendFail(res, _optionalChain([err, 'optionalAccess', _457 => _457.message]) || err, opt);
3510
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _464 => _464.message]) || err, opt);
3430
3511
  }
3431
3512
  }
3432
3513
  if (url.startsWith("/api/asailog/intervention/select/")) {
3433
- if (!await ensureLogReadAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3514
+ if (!await ensureLogReadAccess(req, $asai, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3434
3515
  try {
3435
- const name = decodeURIComponent(_optionalChain([opt, 'access', _458 => _458.qrdata, 'optionalAccess', _459 => _459.name]) || _optionalChain([opt, 'access', _460 => _460.data, 'optionalAccess', _461 => _461.name]) || "");
3436
- const ns = getNs(_optionalChain([opt, 'access', _462 => _462.qrdata, 'optionalAccess', _463 => _463.ns]) || _optionalChain([opt, 'access', _464 => _464.data, 'optionalAccess', _465 => _465.ns]));
3516
+ const name = decodeURIComponent(_optionalChain([opt, 'access', _465 => _465.qrdata, 'optionalAccess', _466 => _466.name]) || _optionalChain([opt, 'access', _467 => _467.data, 'optionalAccess', _468 => _468.name]) || "");
3517
+ const ns = getNs(_optionalChain([opt, 'access', _469 => _469.qrdata, 'optionalAccess', _470 => _470.ns]) || _optionalChain([opt, 'access', _471 => _471.data, 'optionalAccess', _472 => _472.ns]));
3437
3518
  if (!name) return sendFail(res, "name required", opt);
3438
3519
  const content = await IL.readInterventionFile($asai, name, ns);
3439
3520
  return sendSuccess(res, { ns, ...content }, opt);
3440
3521
  } catch (err) {
3441
- return sendFail(res, _optionalChain([err, 'optionalAccess', _466 => _466.message]) || err, opt);
3522
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _473 => _473.message]) || err, opt);
3442
3523
  }
3443
3524
  }
3444
3525
  if (url.startsWith("/api/asailog/intervention/types/")) {
3445
- if (!await ensureLogReadAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3526
+ if (!await ensureLogReadAccess(req, $asai, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3446
3527
  try {
3447
3528
  return sendSuccess(res, IL.getInterventionTaxonomy($asai), opt);
3448
3529
  } catch (err) {
3449
- return sendFail(res, _optionalChain([err, 'optionalAccess', _467 => _467.message]) || err, opt);
3530
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _474 => _474.message]) || err, opt);
3450
3531
  }
3451
3532
  }
3452
3533
  }
@@ -3454,7 +3535,7 @@ var interventionlog_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void
3454
3535
  async function post(req, res, hostdir, opt) {
3455
3536
  const url = req.url || "";
3456
3537
  if (url.startsWith("/api/asailog/intervention/delete/")) {
3457
- if (!await ensureLogWriteAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "adminWrite"))) return sendFail(res, "Forbidden", opt);
3538
+ if (!await ensureLogWriteAccess(req, $asai, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "adminWrite"))) return sendFail(res, "Forbidden", opt);
3458
3539
  await ensureServerUser(req, $asai);
3459
3540
  const lv = getRequestUserLevel(req);
3460
3541
  const us = getRequestUsername(req);
@@ -3476,7 +3557,7 @@ var interventionlog_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void
3476
3557
  );
3477
3558
  return sendSuccess(res, { ns, ...result }, opt);
3478
3559
  } catch (err) {
3479
- return sendFail(res, _optionalChain([err, 'optionalAccess', _468 => _468.message]) || err, opt);
3560
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _475 => _475.message]) || err, opt);
3480
3561
  }
3481
3562
  }
3482
3563
  }
@@ -3495,11 +3576,11 @@ function parseQuery(opt) {
3495
3576
  }
3496
3577
  _chunkSMVZ3ZDJcjs.__name.call(void 0, parseQuery, "parseQuery");
3497
3578
  function parseBody(opt) {
3498
- if (!_optionalChain([opt, 'optionalAccess', _469 => _469.data])) return {};
3579
+ if (!_optionalChain([opt, 'optionalAccess', _476 => _476.data])) return {};
3499
3580
  if (typeof opt.data === "string") {
3500
3581
  try {
3501
3582
  return JSON.parse(opt.data);
3502
- } catch (e40) {
3583
+ } catch (e45) {
3503
3584
  return {};
3504
3585
  }
3505
3586
  }
@@ -3507,21 +3588,21 @@ function parseBody(opt) {
3507
3588
  }
3508
3589
  _chunkSMVZ3ZDJcjs.__name.call(void 0, parseBody, "parseBody");
3509
3590
  var unifiedlog_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai) => {
3510
- const { sendSuccess, sendFail } = _optionalChain([$asai, 'access', _470 => _470.$lib, 'optionalAccess', _471 => _471.reqWork, 'optionalCall', _472 => _472($asai)]) || {};
3591
+ const { sendSuccess, sendFail } = _optionalChain([$asai, 'access', _477 => _477.$lib, 'optionalAccess', _478 => _478.reqWork, 'optionalCall', _479 => _479($asai)]) || {};
3511
3592
  const IL = $asai.$lib.InterventionLog;
3512
3593
  async function get(req, res, hostdir, opt) {
3513
3594
  const url = req.url || "";
3514
3595
  const q = parseQuery(opt);
3515
3596
  if (url.startsWith("/api/asailog/store/config/")) {
3516
- if (!await ensureLogReadAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3597
+ if (!await ensureLogReadAccess(req, $asai, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3517
3598
  try {
3518
3599
  return sendSuccess(res, _chunkHR5JKN7Ycjs.getLogStoreMeta.call(void 0, $asai), opt);
3519
3600
  } catch (err) {
3520
- return sendFail(res, _optionalChain([err, 'optionalAccess', _473 => _473.message]) || err, opt);
3601
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _480 => _480.message]) || err, opt);
3521
3602
  }
3522
3603
  }
3523
3604
  if (url.startsWith("/api/asailog/store/stats/")) {
3524
- if (!await ensureLogReadAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3605
+ if (!await ensureLogReadAccess(req, $asai, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3525
3606
  if (!_chunkHR5JKN7Ycjs.isLogStoreEnabled.call(void 0, $asai)) {
3526
3607
  return sendSuccess(res, { store: "disabled", message: "logger.store not configured", config: _chunkHR5JKN7Ycjs.getLogStoreMeta.call(void 0, $asai) }, opt);
3527
3608
  }
@@ -3530,21 +3611,21 @@ var unifiedlog_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, (
3530
3611
  const stats = await _chunkHR5JKN7Ycjs.getUnifiedStats.call(void 0, $asai);
3531
3612
  return sendSuccess(res, { store: storeType, stats, config: _chunkHR5JKN7Ycjs.getLogStoreMeta.call(void 0, $asai) }, opt);
3532
3613
  } catch (err) {
3533
- return sendFail(res, _optionalChain([err, 'optionalAccess', _474 => _474.message]) || err, opt);
3614
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _481 => _481.message]) || err, opt);
3534
3615
  }
3535
3616
  }
3536
3617
  if (url.startsWith("/api/asailog/store/compliance/")) {
3537
- if (!await ensureLogReadAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3618
+ if (!await ensureLogReadAccess(req, $asai, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3538
3619
  try {
3539
3620
  const ns = q.ns === "test" ? "test" : "prod";
3540
3621
  const report = await _chunkHR5JKN7Ycjs.getComplianceReport.call(void 0, $asai, ns);
3541
3622
  return sendSuccess(res, report, opt);
3542
3623
  } catch (err) {
3543
- return sendFail(res, _optionalChain([err, 'optionalAccess', _475 => _475.message]) || err, opt);
3624
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _482 => _482.message]) || err, opt);
3544
3625
  }
3545
3626
  }
3546
3627
  if (url.startsWith("/api/asailog/store/search/")) {
3547
- if (!await ensureLogReadAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3628
+ if (!await ensureLogReadAccess(req, $asai, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3548
3629
  if (!_chunkHR5JKN7Ycjs.isLogStoreEnabled.call(void 0, $asai)) return sendFail(res, "Log store not enabled", opt);
3549
3630
  try {
3550
3631
  const result = await _chunkHR5JKN7Ycjs.searchUnifiedLogs.call(void 0, $asai, {
@@ -3562,11 +3643,11 @@ var unifiedlog_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, (
3562
3643
  });
3563
3644
  return sendSuccess(res, result, opt);
3564
3645
  } catch (err) {
3565
- return sendFail(res, _optionalChain([err, 'optionalAccess', _476 => _476.message]) || err, opt);
3646
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _483 => _483.message]) || err, opt);
3566
3647
  }
3567
3648
  }
3568
3649
  if (url.startsWith("/api/asailog/store/export/")) {
3569
- if (!await ensureLogReadAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3650
+ if (!await ensureLogReadAccess(req, $asai, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3570
3651
  try {
3571
3652
  const kind = q.kind || "intervention";
3572
3653
  const format = q.format || "raw";
@@ -3583,28 +3664,28 @@ var unifiedlog_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, (
3583
3664
  });
3584
3665
  return sendSuccess(res, payload, opt);
3585
3666
  } catch (err) {
3586
- return sendFail(res, _optionalChain([err, 'optionalAccess', _477 => _477.message]) || err, opt);
3667
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _484 => _484.message]) || err, opt);
3587
3668
  }
3588
3669
  }
3589
3670
  if (url.startsWith("/api/asailog/store/taxonomy/")) {
3590
- if (!await ensureLogReadAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3671
+ if (!await ensureLogReadAccess(req, $asai, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3591
3672
  try {
3592
3673
  return sendSuccess(res, IL.getInterventionTaxonomy($asai), opt);
3593
3674
  } catch (err) {
3594
- return sendFail(res, _optionalChain([err, 'optionalAccess', _478 => _478.message]) || err, opt);
3675
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _485 => _485.message]) || err, opt);
3595
3676
  }
3596
3677
  }
3597
3678
  if (url.startsWith("/api/asailog/store/formats/")) {
3598
- if (!await ensureLogReadAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3679
+ if (!await ensureLogReadAccess(req, $asai, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3599
3680
  try {
3600
3681
  const { getLogFormatTaxonomy } = await Promise.resolve().then(() => _interopRequireWildcard(require("./log-formats-TUXGMCCU.cjs")));
3601
3682
  return sendSuccess(res, getLogFormatTaxonomy($asai), opt);
3602
3683
  } catch (err) {
3603
- return sendFail(res, _optionalChain([err, 'optionalAccess', _479 => _479.message]) || err, opt);
3684
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _486 => _486.message]) || err, opt);
3604
3685
  }
3605
3686
  }
3606
3687
  if (url.startsWith("/api/asailog/store/selectlist/")) {
3607
- if (!await ensureLogReadAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3688
+ if (!await ensureLogReadAccess(req, $asai, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3608
3689
  if (!_chunkHR5JKN7Ycjs.isLogStoreEnabled.call(void 0, $asai)) return sendFail(res, "Log store not enabled", opt);
3609
3690
  try {
3610
3691
  const kind = q.kind ? String(q.kind) : void 0;
@@ -3627,11 +3708,11 @@ var unifiedlog_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, (
3627
3708
  }
3628
3709
  return sendSuccess(res, { groups }, opt);
3629
3710
  } catch (err) {
3630
- return sendFail(res, _optionalChain([err, 'optionalAccess', _480 => _480.message]) || err, opt);
3711
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _487 => _487.message]) || err, opt);
3631
3712
  }
3632
3713
  }
3633
3714
  if (url.startsWith("/api/asailog/store/select/")) {
3634
- if (!await ensureLogReadAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3715
+ if (!await ensureLogReadAccess(req, $asai, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "logRead"))) return sendFail(res, "Forbidden", opt);
3635
3716
  if (!_chunkHR5JKN7Ycjs.isLogStoreEnabled.call(void 0, $asai)) return sendFail(res, "Log store not enabled", opt);
3636
3717
  try {
3637
3718
  const id = q.id;
@@ -3661,7 +3742,7 @@ var unifiedlog_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, (
3661
3742
  });
3662
3743
  return sendSuccess(res, { entries: rows }, opt);
3663
3744
  } catch (err) {
3664
- return sendFail(res, _optionalChain([err, 'optionalAccess', _481 => _481.message]) || err, opt);
3745
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _488 => _488.message]) || err, opt);
3665
3746
  }
3666
3747
  }
3667
3748
  }
@@ -3669,7 +3750,7 @@ var unifiedlog_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, (
3669
3750
  async function post(req, res, hostdir, opt) {
3670
3751
  const url = req.url || "";
3671
3752
  if (!url.startsWith("/api/asailog/store/archive/")) return;
3672
- if (!await ensureLogWriteAccess(req, $asai, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "adminWrite"))) return sendFail(res, "Forbidden", opt);
3753
+ if (!await ensureLogWriteAccess(req, $asai, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "adminWrite"))) return sendFail(res, "Forbidden", opt);
3673
3754
  try {
3674
3755
  const body = parseBody(opt);
3675
3756
  const year = Number(body.year);
@@ -3683,7 +3764,7 @@ var unifiedlog_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, (
3683
3764
  });
3684
3765
  return sendSuccess(res, result, opt);
3685
3766
  } catch (err) {
3686
- return sendFail(res, _optionalChain([err, 'optionalAccess', _482 => _482.message]) || err, opt);
3767
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _489 => _489.message]) || err, opt);
3687
3768
  }
3688
3769
  }
3689
3770
  _chunkSMVZ3ZDJcjs.__name.call(void 0, post, "post");
@@ -3695,7 +3776,7 @@ var unifiedlog_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, (
3695
3776
 
3696
3777
  var registry = null;
3697
3778
  function resolveFilePath($asai) {
3698
- const root = _optionalChain([$asai, 'optionalAccess', _483 => _483.serverRoot]) || process.cwd();
3779
+ const root = _optionalChain([$asai, 'optionalAccess', _490 => _490.serverRoot]) || process.cwd();
3699
3780
  return nodePath3.join(root, "websys/sys/errorcodes.json");
3700
3781
  }
3701
3782
  _chunkSMVZ3ZDJcjs.__name.call(void 0, resolveFilePath, "resolveFilePath");
@@ -3705,7 +3786,7 @@ function loadErrorCodes($asai) {
3705
3786
  try {
3706
3787
  const raw = fs8.readFileSync(filePath, "utf8");
3707
3788
  registry = JSON.parse(raw);
3708
- } catch (e41) {
3789
+ } catch (e46) {
3709
3790
  registry = { version: "0", errors: {} };
3710
3791
  }
3711
3792
  if ($asai) $asai.errorcodes = registry;
@@ -3713,7 +3794,7 @@ function loadErrorCodes($asai) {
3713
3794
  }
3714
3795
  _chunkSMVZ3ZDJcjs.__name.call(void 0, loadErrorCodes, "loadErrorCodes");
3715
3796
  function getError(ec) {
3716
- return _optionalChain([registry, 'optionalAccess', _484 => _484.errors, 'optionalAccess', _485 => _485[ec]]) || null;
3797
+ return _optionalChain([registry, 'optionalAccess', _491 => _491.errors, 'optionalAccess', _492 => _492[ec]]) || null;
3717
3798
  }
3718
3799
  _chunkSMVZ3ZDJcjs.__name.call(void 0, getError, "getError");
3719
3800
  function hasError(ec) {
@@ -3722,11 +3803,11 @@ function hasError(ec) {
3722
3803
  _chunkSMVZ3ZDJcjs.__name.call(void 0, hasError, "hasError");
3723
3804
  function logError($asai, ec, params) {
3724
3805
  const entry = getError(ec);
3725
- const logFn = _optionalChain([$asai, 'optionalAccess', _486 => _486.$log]) || console.warn;
3806
+ const logFn = _optionalChain([$asai, 'optionalAccess', _493 => _493.$log]) || console.warn;
3726
3807
  if (entry) {
3727
- logFn(`[EC:${ec}]`, entry.id || "", entry.detail || "", _optionalChain([params, 'optionalAccess', _487 => _487.length]) ? params : "");
3808
+ logFn(`[EC:${ec}]`, entry.id || "", entry.detail || "", _optionalChain([params, 'optionalAccess', _494 => _494.length]) ? params : "");
3728
3809
  } else {
3729
- logFn(`[EC:${ec}]`, "(unregistered)", _optionalChain([params, 'optionalAccess', _488 => _488.length]) ? params : "");
3810
+ logFn(`[EC:${ec}]`, "(unregistered)", _optionalChain([params, 'optionalAccess', _495 => _495.length]) ? params : "");
3730
3811
  }
3731
3812
  }
3732
3813
  _chunkSMVZ3ZDJcjs.__name.call(void 0, logError, "logError");
@@ -3754,14 +3835,14 @@ var ErrorCode_default = {
3754
3835
 
3755
3836
  // src/sysserver/api/common/errorcodes.ts
3756
3837
  var errorcodes_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai) => {
3757
- const { sendSuccess, sendFail } = _optionalChain([$asai, 'access', _489 => _489.$lib, 'optionalAccess', _490 => _490.reqWork, 'optionalCall', _491 => _491($asai)]) || {};
3838
+ const { sendSuccess, sendFail } = _optionalChain([$asai, 'access', _496 => _496.$lib, 'optionalAccess', _497 => _497.reqWork, 'optionalCall', _498 => _498($asai)]) || {};
3758
3839
  function get(req, res, _hostdir, opt) {
3759
3840
  const url = req.url || "";
3760
3841
  if (url.startsWith("/api/sys/errorcodes/")) {
3761
3842
  try {
3762
3843
  return sendSuccess(res, loadErrorCodes($asai), opt);
3763
3844
  } catch (err) {
3764
- return sendFail(res, _optionalChain([err, 'optionalAccess', _492 => _492.message]) || err, opt);
3845
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _499 => _499.message]) || err, opt);
3765
3846
  }
3766
3847
  }
3767
3848
  }
@@ -3771,9 +3852,9 @@ var errorcodes_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, (
3771
3852
 
3772
3853
  // src/sysserver/api/common/sqlitemanage.ts
3773
3854
  var sqlitemanage_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai) => {
3774
- const { sendSuccess, sendFail, mnLog } = _optionalChain([$asai, 'optionalAccess', _493 => _493.$lib, 'optionalAccess', _494 => _494.reqWork, 'optionalCall', _495 => _495($asai)]) || {};
3855
+ const { sendSuccess, sendFail, mnLog } = _optionalChain([$asai, 'optionalAccess', _500 => _500.$lib, 'optionalAccess', _501 => _501.reqWork, 'optionalCall', _502 => _502($asai)]) || {};
3775
3856
  function mgLog(...arg) {
3776
- _optionalChain([mnLog, 'optionalCall', _496 => _496("SQLite", ...arg)]);
3857
+ _optionalChain([mnLog, 'optionalCall', _503 => _503("SQLite", ...arg)]);
3777
3858
  }
3778
3859
  _chunkSMVZ3ZDJcjs.__name.call(void 0, mgLog, "mgLog");
3779
3860
  return $asai.$lib.AsDb($asai, {
@@ -3791,7 +3872,7 @@ var sqlitemanage_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0,
3791
3872
  if (req.url.startsWith("/api/asaisqlite/manage/post")) {
3792
3873
  try {
3793
3874
  mgLog("POST", "custom handler triggered");
3794
- _optionalChain([sendSuccess, 'optionalCall', _497 => _497(res, { data: "post" }, opt)]);
3875
+ _optionalChain([sendSuccess, 'optionalCall', _504 => _504(res, { data: "post" }, opt)]);
3795
3876
  } catch (err) {
3796
3877
  mgLog("ERROR", "post handler", err);
3797
3878
  }
@@ -3808,10 +3889,10 @@ var sqlitemanage_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0,
3808
3889
  table: dataObj.table
3809
3890
  });
3810
3891
  mgLog("SELECT", "completed");
3811
- _optionalChain([sendSuccess, 'optionalCall', _498 => _498(res, resdb, opt)]);
3892
+ _optionalChain([sendSuccess, 'optionalCall', _505 => _505(res, resdb, opt)]);
3812
3893
  } catch (errdb) {
3813
3894
  mgLog("ERROR", "select", errdb);
3814
- _optionalChain([sendFail, 'optionalCall', _499 => _499(res, errdb, opt)]);
3895
+ _optionalChain([sendFail, 'optionalCall', _506 => _506(res, errdb, opt)]);
3815
3896
  }
3816
3897
  return "ok";
3817
3898
  }
@@ -3827,7 +3908,7 @@ function promLine(name, value, labels) {
3827
3908
  }
3828
3909
  _chunkSMVZ3ZDJcjs.__name.call(void 0, promLine, "promLine");
3829
3910
  var health_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai) => {
3830
- const { sendSuccess, sendFail } = _optionalChain([$asai, 'access', _500 => _500.$lib, 'optionalAccess', _501 => _501.reqWork, 'optionalCall', _502 => _502($asai)]) || {};
3911
+ const { sendSuccess, sendFail } = _optionalChain([$asai, 'access', _507 => _507.$lib, 'optionalAccess', _508 => _508.reqWork, 'optionalCall', _509 => _509($asai)]) || {};
3831
3912
  async function get(req, res, _hostdir, opt) {
3832
3913
  const url = req.url || "";
3833
3914
  if (url.startsWith("/api/sys/health/metrics/")) {
@@ -3836,10 +3917,10 @@ var health_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asa
3836
3917
  let httpTotal = 0;
3837
3918
  let wsTotal = 0;
3838
3919
  for (const set of Object.values($asai.connectionshttp || {})) {
3839
- httpTotal += _optionalChain([set, 'optionalAccess', _503 => _503.size]) || 0;
3920
+ httpTotal += _optionalChain([set, 'optionalAccess', _510 => _510.size]) || 0;
3840
3921
  }
3841
3922
  for (const set of Object.values($asai.connectionsws || {})) {
3842
- wsTotal += _optionalChain([set, 'optionalAccess', _504 => _504.size]) || 0;
3923
+ wsTotal += _optionalChain([set, 'optionalAccess', _511 => _511.size]) || 0;
3843
3924
  }
3844
3925
  const lines = [
3845
3926
  "# HELP asai_uptime_seconds Process uptime",
@@ -3861,7 +3942,7 @@ var health_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asa
3861
3942
  res.writeHead(200, { "Content-Type": "text/plain; charset=utf-8" });
3862
3943
  return res.end(lines.join("\n") + "\n");
3863
3944
  } catch (err) {
3864
- return sendFail(res, _optionalChain([err, 'optionalAccess', _505 => _505.message]) || err, opt);
3945
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _512 => _512.message]) || err, opt);
3865
3946
  }
3866
3947
  }
3867
3948
  if (url.startsWith("/api/sys/health/status/")) {
@@ -3874,10 +3955,10 @@ var health_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asa
3874
3955
  memory: process.memoryUsage(),
3875
3956
  quota: {
3876
3957
  http: Object.fromEntries(
3877
- Object.entries($asai.connectionshttp || {}).map(([k, v]) => [k, _optionalChain([v, 'optionalAccess', _506 => _506.size]) || 0])
3958
+ Object.entries($asai.connectionshttp || {}).map(([k, v]) => [k, _optionalChain([v, 'optionalAccess', _513 => _513.size]) || 0])
3878
3959
  ),
3879
3960
  ws: Object.fromEntries(
3880
- Object.entries($asai.connectionsws || {}).map(([k, v]) => [k, _optionalChain([v, 'optionalAccess', _507 => _507.size]) || 0])
3961
+ Object.entries($asai.connectionsws || {}).map(([k, v]) => [k, _optionalChain([v, 'optionalAccess', _514 => _514.size]) || 0])
3881
3962
  )
3882
3963
  }
3883
3964
  },
@@ -3918,7 +3999,7 @@ _chunkSMVZ3ZDJcjs.__name.call(void 0, sanitizeString, "sanitizeString");
3918
3999
  // src/sysserver/api/login/service/session.ts
3919
4000
 
3920
4001
  function getSessionTtlMs($asai) {
3921
- const hours = _nullishCoalesce(_optionalChain([$asai, 'optionalAccess', _508 => _508.hostconfig, 'optionalAccess', _509 => _509.security, 'optionalAccess', _510 => _510.sessionTtlHours]), () => ( 24));
4002
+ const hours = _nullishCoalesce(_optionalChain([$asai, 'optionalAccess', _515 => _515.hostconfig, 'optionalAccess', _516 => _516.security, 'optionalAccess', _517 => _517.sessionTtlHours]), () => ( 24));
3922
4003
  return Number(hours) * 3600 * 1e3;
3923
4004
  }
3924
4005
  _chunkSMVZ3ZDJcjs.__name.call(void 0, getSessionTtlMs, "getSessionTtlMs");
@@ -3935,7 +4016,7 @@ _chunkSMVZ3ZDJcjs.__name.call(void 0, generatePriKey, "generatePriKey");
3935
4016
  function createSessionKeys($asai) {
3936
4017
  const sessionId = _crypto.randomUUID.call(void 0, );
3937
4018
  const pri = generatePriKey();
3938
- const sn = _optionalChain([$asai, 'optionalAccess', _511 => _511.hostconfig, 'optionalAccess', _512 => _512.asaisn]);
4019
+ const sn = _optionalChain([$asai, 'optionalAccess', _518 => _518.hostconfig, 'optionalAccess', _519 => _519.asaisn]);
3939
4020
  if (!sn) throw new Error("[session] ASAI_ASAISN \u672A\u914D\u7F6E");
3940
4021
  const pub = $asai.$lib.AsCode.asencode(pri, sn);
3941
4022
  return { pri, pub, sessionId };
@@ -3962,9 +4043,9 @@ var API_ADMIN_PREFIXES = ["/api/user/login/admin/"];
3962
4043
  function getMinLevelForApiPath(pathname, $asai) {
3963
4044
  if (API_ADMIN_PREFIXES.some((p) => pathname.startsWith(p))) {
3964
4045
  if (pathname.includes("/admin/update") || pathname.includes("/admin/kick") || pathname.includes("/admin/delete") || pathname.includes("/admin/resetpass")) {
3965
- return $asai ? _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "adminWrite") : _chunkZK4O4Z2Ocjs.USER_LV.DEVELOPER;
4046
+ return $asai ? _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "adminWrite") : _chunk5EWEKXQIcjs.USER_LV.DEVELOPER;
3966
4047
  }
3967
- return $asai ? _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "adminRead") : _chunkZK4O4Z2Ocjs.USER_LV.ADMIN;
4048
+ return $asai ? _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "adminRead") : _chunk5EWEKXQIcjs.USER_LV.ADMIN;
3968
4049
  }
3969
4050
  return 0;
3970
4051
  }
@@ -3985,20 +4066,20 @@ function unwrapJsonString(value) {
3985
4066
  if (!text.startsWith("{") && !text.startsWith("[")) return value;
3986
4067
  try {
3987
4068
  return JSON.parse(text);
3988
- } catch (e42) {
4069
+ } catch (e47) {
3989
4070
  return value;
3990
4071
  }
3991
4072
  }
3992
4073
  _chunkSMVZ3ZDJcjs.__name.call(void 0, unwrapJsonString, "unwrapJsonString");
3993
4074
  function parseAuthBody(opt) {
3994
- let raw = _optionalChain([opt, 'optionalAccess', _513 => _513.data]);
4075
+ let raw = _optionalChain([opt, 'optionalAccess', _520 => _520.data]);
3995
4076
  if (raw == null || raw === "") return {};
3996
4077
  if (typeof raw === "string") {
3997
4078
  const text = raw.trim();
3998
4079
  if (!text) return {};
3999
4080
  try {
4000
4081
  raw = JSON.parse(text);
4001
- } catch (e43) {
4082
+ } catch (e48) {
4002
4083
  if (text.includes("=") && !text.startsWith("{") && !text.startsWith("[")) {
4003
4084
  raw = Object.fromEntries(new URLSearchParams(text));
4004
4085
  } else {
@@ -4066,8 +4147,39 @@ async function purgeOfflineSessions($asai, hostdir, store) {
4066
4147
  _chunkSMVZ3ZDJcjs.__name.call(void 0, purgeOfflineSessions, "purgeOfflineSessions");
4067
4148
 
4068
4149
  // src/sysserver/api/login/index.ts
4150
+
4151
+
4152
+ async function resolveUserLv($asai, store, us, wsLv) {
4153
+ if (!us) return null;
4154
+ try {
4155
+ const user = await store.findByUsername(us);
4156
+ if (user && user.lv != null && Number.isFinite(Number(user.lv))) {
4157
+ return Number(user.lv);
4158
+ }
4159
+ } catch (e49) {
4160
+ }
4161
+ try {
4162
+ const cfg = _chunkFRPN33BYcjs.getUserStoreConfig.call(void 0, $asai);
4163
+ const dir = String(_optionalChain([cfg, 'optionalAccess', _521 => _521.opt, 'optionalAccess', _522 => _522.dir]) || "");
4164
+ if (dir) {
4165
+ const base = nodePath2.default.isAbsolute(dir) ? dir : nodePath2.default.join(process.cwd(), dir);
4166
+ const safeUs = us.replace(/[\\/:*?"<>|]/g, "");
4167
+ const file = nodePath2.default.join(base, "json", `${safeUs}.json`);
4168
+ if (safeUs && fs3.default.existsSync(file)) {
4169
+ const raw = JSON.parse(fs3.default.readFileSync(file, "utf8"));
4170
+ const lv = Number(_optionalChain([raw, 'optionalAccess', _523 => _523.lv]));
4171
+ if (Number.isFinite(lv)) return lv;
4172
+ }
4173
+ }
4174
+ } catch (e50) {
4175
+ }
4176
+ if (wsLv === null || wsLv === void 0 || wsLv === "") return null;
4177
+ const n = Number(wsLv);
4178
+ return Number.isFinite(n) ? n : null;
4179
+ }
4180
+ _chunkSMVZ3ZDJcjs.__name.call(void 0, resolveUserLv, "resolveUserLv");
4069
4181
  function getSecurity($asai) {
4070
- return _optionalChain([$asai, 'optionalAccess', _514 => _514.hostconfig, 'optionalAccess', _515 => _515.security]) || {};
4182
+ return _optionalChain([$asai, 'optionalAccess', _524 => _524.hostconfig, 'optionalAccess', _525 => _525.security]) || {};
4071
4183
  }
4072
4184
  _chunkSMVZ3ZDJcjs.__name.call(void 0, getSecurity, "getSecurity");
4073
4185
  function getQuota2($asai) {
@@ -4078,9 +4190,9 @@ _chunkSMVZ3ZDJcjs.__name.call(void 0, getQuota2, "getQuota");
4078
4190
  async function canLogin($asai, us, hostdir) {
4079
4191
  const quota = getQuota2($asai);
4080
4192
  if (!quota.enabled) return { ok: true };
4081
- const store = _chunkZK4O4Z2Ocjs.createUserStore.call(void 0, $asai);
4193
+ const store = _chunk5EWEKXQIcjs.createUserStore.call(void 0, $asai);
4082
4194
  const total = await countOnlineSessions($asai, hostdir, store);
4083
- const maxLogin = _nullishCoalesce(_nullishCoalesce(quota.maxLoginSessions, () => ( _optionalChain([$asai, 'optionalAccess', _516 => _516.hostconfig, 'optionalAccess', _517 => _517.hosts, 'optionalAccess', _518 => _518.default, 'optionalAccess', _519 => _519.maxonline]))), () => ( 100));
4195
+ const maxLogin = _nullishCoalesce(_nullishCoalesce(quota.maxLoginSessions, () => ( _optionalChain([$asai, 'optionalAccess', _526 => _526.hostconfig, 'optionalAccess', _527 => _527.hosts, 'optionalAccess', _528 => _528.default, 'optionalAccess', _529 => _529.maxonline]))), () => ( 100));
4084
4196
  if (total >= maxLogin) {
4085
4197
  return { ok: false, message: "LOGIN_QUOTA_FULL" };
4086
4198
  }
@@ -4093,7 +4205,7 @@ async function canLogin($asai, us, hostdir) {
4093
4205
  }
4094
4206
  _chunkSMVZ3ZDJcjs.__name.call(void 0, canLogin, "canLogin");
4095
4207
  function publicUser($asai, user) {
4096
- const role = user.role || _chunkGXOFLFFWcjs.resolveRoleForLevel.call(void 0, $asai, user.lv).name;
4208
+ const role = user.role || _chunkFRPN33BYcjs.resolveRoleForLevel.call(void 0, $asai, user.lv).name;
4097
4209
  return {
4098
4210
  us: user.us,
4099
4211
  lv: user.lv,
@@ -4107,14 +4219,14 @@ _chunkSMVZ3ZDJcjs.__name.call(void 0, publicUser, "publicUser");
4107
4219
  var bootstrapPromise = null;
4108
4220
  function ensureReady($asai) {
4109
4221
  if (!bootstrapPromise) {
4110
- bootstrapPromise = Promise.all([_chunkZK4O4Z2Ocjs.ensureBootstrapAdmin.call(void 0, $asai), _chunkGXOFLFFWcjs.loadUserLevelConfig.call(void 0, $asai)]).then(() => void 0);
4222
+ bootstrapPromise = Promise.all([_chunk5EWEKXQIcjs.ensureBootstrapAdmin.call(void 0, $asai), _chunkFRPN33BYcjs.loadUserLevelConfig.call(void 0, $asai)]).then(() => void 0);
4111
4223
  }
4112
4224
  return bootstrapPromise;
4113
4225
  }
4114
4226
  _chunkSMVZ3ZDJcjs.__name.call(void 0, ensureReady, "ensureReady");
4115
4227
  var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai) => {
4116
- const { sendSuccess, sendFail, sendErr } = _optionalChain([$asai, 'access', _520 => _520.$lib, 'optionalAccess', _521 => _521.reqWork, 'optionalCall', _522 => _522($asai)]) || {};
4117
- const store = _chunkZK4O4Z2Ocjs.createUserStore.call(void 0, $asai);
4228
+ const { sendSuccess, sendFail, sendErr } = _optionalChain([$asai, 'access', _530 => _530.$lib, 'optionalAccess', _531 => _531.reqWork, 'optionalCall', _532 => _532($asai)]) || {};
4229
+ const store = _chunk5EWEKXQIcjs.createUserStore.call(void 0, $asai);
4118
4230
  async function checkAdmin(req, pathname, minOverride) {
4119
4231
  await attachServerUserLevel(req, $asai);
4120
4232
  const minLv = _nullishCoalesce(minOverride, () => ( getMinLevelForApiPath(pathname, $asai)));
@@ -4133,17 +4245,17 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4133
4245
  const newPass = sanitizeString(pickAuthField(body, "newPass", "newPassword", "newpass"), 128);
4134
4246
  if (!us || !pass || !newPass) return sendErr(res, "AUTH_CREDENTIALS_REQUIRED", void 0, opt);
4135
4247
  const user = await store.findByUsername(us);
4136
- if (!user || !_chunkWXW5DYNUcjs.verifyPassword.call(void 0, pass, user.passHash, user.passSalt)) {
4248
+ if (!user || !_chunkH2QP5J7Xcjs.verifyPassword.call(void 0, pass, user.passHash, user.passSalt)) {
4137
4249
  return sendErr(res, "AUTH_INVALID_CREDENTIALS", void 0, opt);
4138
4250
  }
4139
- const policy = _chunkGXOFLFFWcjs.getPasswordPolicy.call(void 0, $asai);
4140
- const policyErr = _chunkWXW5DYNUcjs.validatePasswordChange.call(void 0, newPass, $asai, user.passHistory);
4251
+ const policy = _chunkFRPN33BYcjs.getPasswordPolicy.call(void 0, $asai);
4252
+ const policyErr = _chunkH2QP5J7Xcjs.validatePasswordChange.call(void 0, newPass, $asai, user.passHistory);
4141
4253
  if (policyErr === "PASSWORD_TOO_SHORT") {
4142
4254
  return sendErr(res, policyErr, [String(policy.minLength)], opt);
4143
4255
  }
4144
4256
  if (policyErr) return sendErr(res, policyErr, void 0, opt);
4145
- const { passHash, passSalt } = _chunkWXW5DYNUcjs.hashPassword.call(void 0, newPass);
4146
- const passHistory = _chunkWXW5DYNUcjs.nextPassHistory.call(void 0, pass, user.passHistory, policy.historyCount);
4257
+ const { passHash, passSalt } = _chunkH2QP5J7Xcjs.hashPassword.call(void 0, newPass);
4258
+ const passHistory = _chunkH2QP5J7Xcjs.nextPassHistory.call(void 0, pass, user.passHistory, policy.historyCount);
4147
4259
  await store.updateUser(us, {
4148
4260
  passHash,
4149
4261
  passSalt,
@@ -4154,7 +4266,7 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4154
4266
  logSecurityEvent($asai, { type: "AUTH_SUCCESS", path: url, method: "POST", user: us, ip, detail: "password_changed" });
4155
4267
  return sendSuccess(res, { ok: true }, opt);
4156
4268
  } catch (err) {
4157
- return sendFail(res, _optionalChain([err, 'optionalAccess', _523 => _523.message]) || err, opt);
4269
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _533 => _533.message]) || err, opt);
4158
4270
  }
4159
4271
  }
4160
4272
  if (url.startsWith("/api/user/login/register/")) {
@@ -4169,12 +4281,12 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4169
4281
  const emailRaw = pickAuthField(body, "email");
4170
4282
  const email = emailRaw ? sanitizeString(emailRaw, 128) : void 0;
4171
4283
  if (!us || !pass) return sendErr(res, "AUTH_CREDENTIALS_REQUIRED", void 0, opt);
4172
- const policyErr = _chunkWXW5DYNUcjs.validatePasswordChange.call(void 0, pass, $asai);
4284
+ const policyErr = _chunkH2QP5J7Xcjs.validatePasswordChange.call(void 0, pass, $asai);
4173
4285
  if (policyErr === "PASSWORD_TOO_SHORT") {
4174
- return sendErr(res, policyErr, [String(_chunkGXOFLFFWcjs.getPasswordPolicy.call(void 0, $asai).minLength)], opt);
4286
+ return sendErr(res, policyErr, [String(_chunkFRPN33BYcjs.getPasswordPolicy.call(void 0, $asai).minLength)], opt);
4175
4287
  }
4176
4288
  if (policyErr) return sendErr(res, policyErr, void 0, opt);
4177
- const { passHash, passSalt } = _chunkWXW5DYNUcjs.hashPassword.call(void 0, pass);
4289
+ const { passHash, passSalt } = _chunkH2QP5J7Xcjs.hashPassword.call(void 0, pass);
4178
4290
  const user = await store.createUser({
4179
4291
  us,
4180
4292
  email,
@@ -4187,11 +4299,11 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4187
4299
  logSecurityEvent($asai, { type: "AUTH_SUCCESS", path: url, method: "POST", user: us, ip, detail: "register_ok" });
4188
4300
  return sendSuccess(res, { user: publicUser($asai, user) }, opt);
4189
4301
  } catch (err) {
4190
- const msg = _optionalChain([err, 'optionalAccess', _524 => _524.message]) || String(err);
4302
+ const msg = _optionalChain([err, 'optionalAccess', _534 => _534.message]) || String(err);
4191
4303
  if (msg.includes("exists") || msg.includes("\u5DF2\u5B58\u5728")) {
4192
4304
  return sendErr(res, "USER_ALREADY_EXISTS", void 0, opt);
4193
4305
  }
4194
- return sendFail(res, _optionalChain([err, 'optionalAccess', _525 => _525.message]) || err, opt);
4306
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _535 => _535.message]) || err, opt);
4195
4307
  }
4196
4308
  }
4197
4309
  if (url.startsWith("/api/user/login/auth/")) {
@@ -4201,7 +4313,7 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4201
4313
  const pass = sanitizeString(pickAuthField(body, "pass", "password", "pwd"), 128);
4202
4314
  if (!us || !pass) return sendErr(res, "AUTH_CREDENTIALS_REQUIRED", void 0, opt);
4203
4315
  const user = await store.findByUsername(us);
4204
- if (!user || !_chunkWXW5DYNUcjs.verifyPassword.call(void 0, pass, user.passHash, user.passSalt)) {
4316
+ if (!user || !_chunkH2QP5J7Xcjs.verifyPassword.call(void 0, pass, user.passHash, user.passSalt)) {
4205
4317
  if (user) {
4206
4318
  const sec = getSecurity($asai);
4207
4319
  const lockoutMax = _nullishCoalesce(sec.lockoutMaxFails, () => ( 5));
@@ -4223,16 +4335,13 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4223
4335
  if (user.status === "locked" && user.lockedUntil && user.lockedUntil > Date.now()) {
4224
4336
  return sendErr(res, "AUTH_ACCOUNT_LOCKED", void 0, opt);
4225
4337
  }
4226
- const policy = _chunkGXOFLFFWcjs.getPasswordPolicy.call(void 0, $asai);
4227
- const mustChange = !!user.mustChangePassword || _chunkGXOFLFFWcjs.isPasswordExpired.call(void 0, user.passwordChangedAt, policy.maxAgeDays);
4228
- const hostcfg = _optionalChain([$asai, 'access', _526 => _526.getHost, 'optionalCall', _527 => _527(hostdir)]) || {};
4338
+ const policy = _chunkFRPN33BYcjs.getPasswordPolicy.call(void 0, $asai);
4339
+ const mustChange = !!user.mustChangePassword || _chunkFRPN33BYcjs.isPasswordExpired.call(void 0, user.passwordChangedAt, policy.maxAgeDays);
4340
+ const hostcfg = _optionalChain([$asai, 'access', _536 => _536.getHost, 'optionalCall', _537 => _537(hostdir)]) || {};
4229
4341
  if (hostcfg.ckws) {
4230
- const existingWs = _optionalChain([$asai, 'access', _528 => _528.connectionsws, 'optionalAccess', _529 => _529[hostdir], 'optionalAccess', _530 => _530[us]]);
4342
+ const existingWs = _optionalChain([$asai, 'access', _538 => _538.connectionsws, 'optionalAccess', _539 => _539[hostdir], 'optionalAccess', _540 => _540[us]]);
4231
4343
  if (existingWs) {
4232
- const cleared = await clearStaleWsIfDead($asai, hostdir, us, existingWs);
4233
- if (!cleared) {
4234
- kickUserWs($asai, us, hostdir);
4235
- }
4344
+ await clearStaleWsIfDead($asai, hostdir, us, existingWs);
4236
4345
  }
4237
4346
  }
4238
4347
  const quotaCheck = await canLogin($asai, us, hostdir);
@@ -4256,13 +4365,13 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4256
4365
  opt
4257
4366
  );
4258
4367
  } catch (err) {
4259
- return sendFail(res, _optionalChain([err, 'optionalAccess', _531 => _531.message]) || err, opt);
4368
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _541 => _541.message]) || err, opt);
4260
4369
  }
4261
4370
  }
4262
4371
  if (url.startsWith("/api/user/login/logout/")) {
4263
4372
  try {
4264
4373
  const bodySid = body.sessionId ? sanitizeString(body.sessionId, 64) : "";
4265
- const us = _optionalChain([req, 'optionalAccess', _532 => _532.Userinfo, 'optionalAccess', _533 => _533[0]]);
4374
+ const us = _optionalChain([req, 'optionalAccess', _542 => _542.Userinfo, 'optionalAccess', _543 => _543[0]]);
4266
4375
  if (bodySid) {
4267
4376
  if (!us) {
4268
4377
  return sendErr(res, "AUTH_MISSING", void 0, opt);
@@ -4276,11 +4385,61 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4276
4385
  if (us) logSecurityEvent($asai, { type: "AUTH_SUCCESS", path: url, method: "POST", user: String(us), ip, detail: "logout" });
4277
4386
  return sendSuccess(res, "ok", opt);
4278
4387
  } catch (err) {
4279
- return sendFail(res, _optionalChain([err, 'optionalAccess', _534 => _534.message]) || err, opt);
4388
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _544 => _544.message]) || err, opt);
4389
+ }
4390
+ }
4391
+ if (url.startsWith("/api/user/login/force/")) {
4392
+ try {
4393
+ const us = sanitizeString(String(_optionalChain([req, 'optionalAccess', _545 => _545.Userinfo, 'optionalAccess', _546 => _546[0]]) || ""), 64);
4394
+ if (!us) return sendErr(res, "AUTH_MISSING", void 0, opt);
4395
+ const myLv = Number(_nullishCoalesce(_optionalChain([req, 'optionalAccess', _547 => _547.Userinfo, 'optionalAccess', _548 => _548[1]]), () => ( 0)));
4396
+ const targetUs = sanitizeString(String(_optionalChain([body, 'optionalAccess', _549 => _549.targetUs]) || _optionalChain([body, 'optionalAccess', _550 => _550.us]) || ""), 64);
4397
+ const kicked = [];
4398
+ if (isUserOnlineOnWs($asai, us, hostdir)) {
4399
+ await kickUserWs($asai, us, hostdir);
4400
+ kicked.push(us);
4401
+ }
4402
+ const onlineRaw = listOnlineWsEntries($asai, hostdir).filter((e) => e.us !== us);
4403
+ const online = await Promise.all(
4404
+ onlineRaw.map(async (e) => ({
4405
+ us: e.us,
4406
+ lv: await resolveUserLv($asai, store, e.us, e.lv)
4407
+ }))
4408
+ );
4409
+ const candidates = targetUs ? online.filter((e) => e.us === targetUs) : online;
4410
+ for (const entry of candidates) {
4411
+ const entryLv = entry.lv == null ? NaN : Number(entry.lv);
4412
+ if (!Number.isFinite(entryLv) || myLv < entryLv) {
4413
+ if (targetUs) {
4414
+ return sendErr(res, "AUTH_FORBIDDEN", void 0, opt);
4415
+ }
4416
+ continue;
4417
+ }
4418
+ await kickUserWs($asai, entry.us, hostdir);
4419
+ kicked.push(entry.us);
4420
+ }
4421
+ if (!kicked.length && online.length) {
4422
+ return sendErr(res, "AUTH_FORBIDDEN", void 0, opt);
4423
+ }
4424
+ logSecurityEvent($asai, {
4425
+ type: "AUTH_SUCCESS",
4426
+ path: url,
4427
+ method: "POST",
4428
+ user: us,
4429
+ ip,
4430
+ detail: `force_login_kick:${kicked.join(",") || "none"}`
4431
+ });
4432
+ return sendSuccess(
4433
+ res,
4434
+ { ok: true, us, kicked, online: listOnlineWsEntries($asai, hostdir) },
4435
+ opt
4436
+ );
4437
+ } catch (err) {
4438
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _551 => _551.message]) || err, opt);
4280
4439
  }
4281
4440
  }
4282
4441
  if (url.startsWith("/api/user/login/admin/kick/")) {
4283
- if (!await checkAdmin(req, url, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "adminWrite"))) {
4442
+ if (!await checkAdmin(req, url, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "adminWrite"))) {
4284
4443
  return sendErr(res, "AUTH_FORBIDDEN", void 0, opt);
4285
4444
  }
4286
4445
  try {
@@ -4292,9 +4451,9 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4292
4451
  if (!isSessionUserOnline($asai, target.us, hostdir)) {
4293
4452
  return sendErr(res, "SESSION_NOT_ONLINE", void 0, opt);
4294
4453
  }
4295
- kickUserWs($asai, target.us, hostdir);
4454
+ await kickUserWs($asai, target.us, hostdir);
4296
4455
  await store.removeSession(sessionId);
4297
- const operator = String(_optionalChain([req, 'optionalAccess', _535 => _535.Userinfo, 'optionalAccess', _536 => _536[0]]) || "");
4456
+ const operator = String(_optionalChain([req, 'optionalAccess', _552 => _552.Userinfo, 'optionalAccess', _553 => _553[0]]) || "");
4298
4457
  await _chunkARHPHWT5cjs.logSessionTerminate.call(void 0, $asai, {
4299
4458
  operator,
4300
4459
  sessionId,
@@ -4303,11 +4462,11 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4303
4462
  });
4304
4463
  return sendSuccess(res, { ok: true }, opt);
4305
4464
  } catch (err) {
4306
- return sendFail(res, _optionalChain([err, 'optionalAccess', _537 => _537.message]) || err, opt);
4465
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _554 => _554.message]) || err, opt);
4307
4466
  }
4308
4467
  }
4309
4468
  if (url.startsWith("/api/user/login/admin/delete/")) {
4310
- if (!await checkAdmin(req, url, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "adminWrite"))) {
4469
+ if (!await checkAdmin(req, url, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "adminWrite"))) {
4311
4470
  return sendErr(res, "AUTH_FORBIDDEN", void 0, opt);
4312
4471
  }
4313
4472
  try {
@@ -4315,15 +4474,15 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4315
4474
  if (!targetUs || targetUs === "admin") return sendErr(res, "AUTH_FORBIDDEN", void 0, opt);
4316
4475
  const ok = await store.deleteUser(targetUs);
4317
4476
  if (!ok) return sendErr(res, "AUTH_USER_NOT_FOUND", void 0, opt);
4318
- const operator = String(_optionalChain([req, 'optionalAccess', _538 => _538.Userinfo, 'optionalAccess', _539 => _539[0]]) || "");
4477
+ const operator = String(_optionalChain([req, 'optionalAccess', _555 => _555.Userinfo, 'optionalAccess', _556 => _556[0]]) || "");
4319
4478
  await _chunkARHPHWT5cjs.logAccountPurge.call(void 0, $asai, { operator, targetUs, ip });
4320
4479
  return sendSuccess(res, { ok: true }, opt);
4321
4480
  } catch (err) {
4322
- return sendFail(res, _optionalChain([err, 'optionalAccess', _540 => _540.message]) || err, opt);
4481
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _557 => _557.message]) || err, opt);
4323
4482
  }
4324
4483
  }
4325
4484
  if (url.startsWith("/api/user/login/admin/levels/")) {
4326
- if (!await checkAdmin(req, url, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "adminWrite"))) {
4485
+ if (!await checkAdmin(req, url, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "adminWrite"))) {
4327
4486
  return sendErr(res, "AUTH_FORBIDDEN", void 0, opt);
4328
4487
  }
4329
4488
  try {
@@ -4331,8 +4490,8 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4331
4490
  const thresholds = body.thresholds && typeof body.thresholds === "object" ? body.thresholds : void 0;
4332
4491
  const routeRights = Array.isArray(body.routeRights) ? body.routeRights : void 0;
4333
4492
  const defaultResetPassword = typeof body.defaultResetPassword === "string" ? body.defaultResetPassword : void 0;
4334
- const operator = String(_optionalChain([req, 'optionalAccess', _541 => _541.Userinfo, 'optionalAccess', _542 => _542[0]]) || "");
4335
- const cfg = await _chunkGXOFLFFWcjs.saveUserLevelConfig.call(void 0,
4493
+ const operator = String(_optionalChain([req, 'optionalAccess', _558 => _558.Userinfo, 'optionalAccess', _559 => _559[0]]) || "");
4494
+ const cfg = await _chunkFRPN33BYcjs.saveUserLevelConfig.call(void 0,
4336
4495
  $asai,
4337
4496
  {
4338
4497
  levels,
@@ -4344,18 +4503,18 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4344
4503
  );
4345
4504
  await _chunkARHPHWT5cjs.logSecurityConfigIntervention.call(void 0, $asai, {
4346
4505
  section: "user_levels",
4347
- detail: JSON.stringify({ levels: _optionalChain([levels, 'optionalAccess', _543 => _543.length]), thresholds: !!thresholds, routeRights: _optionalChain([routeRights, 'optionalAccess', _544 => _544.length]) }),
4506
+ detail: JSON.stringify({ levels: _optionalChain([levels, 'optionalAccess', _560 => _560.length]), thresholds: !!thresholds, routeRights: _optionalChain([routeRights, 'optionalAccess', _561 => _561.length]) }),
4348
4507
  operator,
4349
4508
  ip
4350
4509
  });
4351
4510
  return sendSuccess(res, cfg, opt);
4352
4511
  } catch (err) {
4353
- return sendFail(res, _optionalChain([err, 'optionalAccess', _545 => _545.message]) || err, opt);
4512
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _562 => _562.message]) || err, opt);
4354
4513
  }
4355
4514
  }
4356
4515
  if (url.startsWith("/api/user/login/admin/resetpass/")) {
4357
4516
  await ensureReady($asai);
4358
- if (!await checkAdmin(req, url, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "adminWrite"))) {
4517
+ if (!await checkAdmin(req, url, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "adminWrite"))) {
4359
4518
  logSecurityEvent($asai, { type: "ACCESS_DENIED", path: url, method: "POST", ip });
4360
4519
  return sendErr(res, "AUTH_FORBIDDEN", void 0, opt);
4361
4520
  }
@@ -4363,16 +4522,16 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4363
4522
  const targetUs = sanitizeString(body.us, 64);
4364
4523
  if (!targetUs) return sendErr(res, "AUTH_USER_NOT_FOUND", void 0, opt);
4365
4524
  let newPass = sanitizeString(pickAuthField(body, "newPass", "newPassword", "newpass"), 128);
4366
- if (!newPass) newPass = _chunkGXOFLFFWcjs.getDefaultResetPassword.call(void 0, $asai);
4367
- const policy = _chunkGXOFLFFWcjs.getPasswordPolicy.call(void 0, $asai);
4368
- const policyErr = _chunkGXOFLFFWcjs.validatePasswordWithPolicy.call(void 0, newPass, policy);
4525
+ if (!newPass) newPass = _chunkFRPN33BYcjs.getDefaultResetPassword.call(void 0, $asai);
4526
+ const policy = _chunkFRPN33BYcjs.getPasswordPolicy.call(void 0, $asai);
4527
+ const policyErr = _chunkFRPN33BYcjs.validatePasswordWithPolicy.call(void 0, newPass, policy);
4369
4528
  if (policyErr === "PASSWORD_TOO_SHORT") {
4370
4529
  return sendErr(res, policyErr, [String(policy.minLength)], opt);
4371
4530
  }
4372
4531
  if (policyErr) return sendErr(res, policyErr, void 0, opt);
4373
4532
  const user = await store.findByUsername(targetUs);
4374
4533
  if (!user) return sendErr(res, "AUTH_USER_NOT_FOUND", void 0, opt);
4375
- const { passHash, passSalt } = _chunkWXW5DYNUcjs.hashPassword.call(void 0, newPass);
4534
+ const { passHash, passSalt } = _chunkH2QP5J7Xcjs.hashPassword.call(void 0, newPass);
4376
4535
  const updated = await store.updateUser(targetUs, {
4377
4536
  passHash,
4378
4537
  passSalt,
@@ -4384,7 +4543,7 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4384
4543
  passHistory: "[]"
4385
4544
  });
4386
4545
  if (!updated) return sendErr(res, "AUTH_USER_NOT_FOUND", void 0, opt);
4387
- const operator = String(_optionalChain([req, 'optionalAccess', _546 => _546.Userinfo, 'optionalAccess', _547 => _547[0]]) || "");
4546
+ const operator = String(_optionalChain([req, 'optionalAccess', _563 => _563.Userinfo, 'optionalAccess', _564 => _564[0]]) || "");
4388
4547
  await _chunkARHPHWT5cjs.logUserRbacChange.call(void 0, $asai, {
4389
4548
  operator,
4390
4549
  targetUs,
@@ -4401,7 +4560,7 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4401
4560
  });
4402
4561
  return sendSuccess(res, { user: publicUser($asai, updated) }, opt);
4403
4562
  } catch (err) {
4404
- return sendFail(res, _optionalChain([err, 'optionalAccess', _548 => _548.message]) || err, opt);
4563
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _565 => _565.message]) || err, opt);
4405
4564
  }
4406
4565
  }
4407
4566
  if (url.startsWith("/api/user/login/admin/update/")) {
@@ -4415,11 +4574,11 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4415
4574
  const patch = {};
4416
4575
  if (body.lv != null) {
4417
4576
  const newLv = Number(body.lv);
4418
- if (!Number.isFinite(newLv) || !_chunkGXOFLFFWcjs.isValidUserLv.call(void 0, $asai, newLv)) {
4577
+ if (!Number.isFinite(newLv) || !_chunkFRPN33BYcjs.isValidUserLv.call(void 0, $asai, newLv)) {
4419
4578
  return sendErr(res, "AUTH_FORBIDDEN", void 0, opt);
4420
4579
  }
4421
4580
  patch.lv = newLv;
4422
- patch.role = _chunkGXOFLFFWcjs.resolveRoleForLevel.call(void 0, $asai, newLv).name;
4581
+ patch.role = _chunkFRPN33BYcjs.resolveRoleForLevel.call(void 0, $asai, newLv).name;
4423
4582
  }
4424
4583
  if (body.status) patch.status = sanitizeString(body.status, 16);
4425
4584
  if (body.resetLock) {
@@ -4432,7 +4591,7 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4432
4591
  if (!updated) return sendErr(res, "AUTH_USER_NOT_FOUND", void 0, opt);
4433
4592
  if (Object.keys(patch).length) {
4434
4593
  await _chunkARHPHWT5cjs.logUserRbacChange.call(void 0, $asai, {
4435
- operator: String(_optionalChain([req, 'optionalAccess', _549 => _549.Userinfo, 'optionalAccess', _550 => _550[0]]) || ""),
4594
+ operator: String(_optionalChain([req, 'optionalAccess', _566 => _566.Userinfo, 'optionalAccess', _567 => _567[0]]) || ""),
4436
4595
  targetUs,
4437
4596
  patch,
4438
4597
  ip
@@ -4440,33 +4599,33 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4440
4599
  }
4441
4600
  return sendSuccess(res, { user: publicUser($asai, updated) }, opt);
4442
4601
  } catch (err) {
4443
- return sendFail(res, _optionalChain([err, 'optionalAccess', _551 => _551.message]) || err, opt);
4602
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _568 => _568.message]) || err, opt);
4444
4603
  }
4445
4604
  }
4446
4605
  if (url.startsWith("/api/user/login/profile/")) {
4447
- const us = _optionalChain([req, 'optionalAccess', _552 => _552.Userinfo, 'optionalAccess', _553 => _553[0]]);
4606
+ const us = _optionalChain([req, 'optionalAccess', _569 => _569.Userinfo, 'optionalAccess', _570 => _570[0]]);
4448
4607
  if (!us) return sendErr(res, "AUTH_UNAUTHORIZED", void 0, opt);
4449
4608
  try {
4450
4609
  const user = await store.findByUsername(String(us));
4451
4610
  if (!user) return sendErr(res, "AUTH_USER_NOT_FOUND", void 0, opt);
4452
4611
  if (pickAuthField(body, "newPass", "newPassword", "newpass")) {
4453
4612
  const newPass = sanitizeString(pickAuthField(body, "newPass", "newPassword", "newpass"), 128);
4454
- const policy = _chunkGXOFLFFWcjs.getPasswordPolicy.call(void 0, $asai);
4613
+ const policy = _chunkFRPN33BYcjs.getPasswordPolicy.call(void 0, $asai);
4455
4614
  const oldPass = pickAuthField(body, "pass", "password", "pwd");
4456
4615
  if (oldPass) {
4457
- if (!_chunkWXW5DYNUcjs.verifyPassword.call(void 0, oldPass, user.passHash, user.passSalt)) {
4616
+ if (!_chunkH2QP5J7Xcjs.verifyPassword.call(void 0, oldPass, user.passHash, user.passSalt)) {
4458
4617
  return sendErr(res, "AUTH_INVALID_PASSWORD", void 0, opt);
4459
4618
  }
4460
4619
  } else if (!user.mustChangePassword) {
4461
4620
  return sendErr(res, "AUTH_INVALID_PASSWORD", void 0, opt);
4462
4621
  }
4463
- const policyErr = _chunkWXW5DYNUcjs.validatePasswordChange.call(void 0, newPass, $asai, user.passHistory);
4622
+ const policyErr = _chunkH2QP5J7Xcjs.validatePasswordChange.call(void 0, newPass, $asai, user.passHistory);
4464
4623
  if (policyErr === "PASSWORD_TOO_SHORT") {
4465
4624
  return sendErr(res, policyErr, [String(policy.minLength)], opt);
4466
4625
  }
4467
4626
  if (policyErr) return sendErr(res, policyErr, void 0, opt);
4468
- const { passHash, passSalt } = _chunkWXW5DYNUcjs.hashPassword.call(void 0, newPass);
4469
- const passHistory = _chunkWXW5DYNUcjs.nextPassHistory.call(void 0, oldPass || newPass, user.passHistory, policy.historyCount);
4627
+ const { passHash, passSalt } = _chunkH2QP5J7Xcjs.hashPassword.call(void 0, newPass);
4628
+ const passHistory = _chunkH2QP5J7Xcjs.nextPassHistory.call(void 0, oldPass || newPass, user.passHistory, policy.historyCount);
4470
4629
  await store.updateUser(String(us), {
4471
4630
  passHash,
4472
4631
  passSalt,
@@ -4478,7 +4637,7 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4478
4637
  const fresh = await store.findByUsername(String(us));
4479
4638
  return sendSuccess(res, { user: fresh ? publicUser($asai, fresh) : null }, opt);
4480
4639
  } catch (err) {
4481
- return sendFail(res, _optionalChain([err, 'optionalAccess', _554 => _554.message]) || err, opt);
4640
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _571 => _571.message]) || err, opt);
4482
4641
  }
4483
4642
  }
4484
4643
  }
@@ -4487,16 +4646,49 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4487
4646
  const url = req.url || "";
4488
4647
  const ip = getClientIp(req);
4489
4648
  if (url.startsWith("/api/user/login/config/")) {
4490
- const lang = String(_optionalChain([req, 'optionalAccess', _555 => _555.headers, 'optionalAccess', _556 => _556["accept-language"]]) || _optionalChain([opt, 'optionalAccess', _557 => _557.headers, 'optionalAccess', _558 => _558["accept-language"]]) || "zh-CN").split(",")[0];
4491
- await _chunkGXOFLFFWcjs.loadUserLevelConfig.call(void 0, $asai);
4492
- return sendSuccess(res, _chunkGXOFLFFWcjs.getPublicSecurityConfig.call(void 0, $asai, lang), opt);
4649
+ const lang = String(_optionalChain([req, 'optionalAccess', _572 => _572.headers, 'optionalAccess', _573 => _573["accept-language"]]) || _optionalChain([opt, 'optionalAccess', _574 => _574.headers, 'optionalAccess', _575 => _575["accept-language"]]) || "zh-CN").split(",")[0];
4650
+ await _chunkFRPN33BYcjs.loadUserLevelConfig.call(void 0, $asai);
4651
+ return sendSuccess(res, _chunkFRPN33BYcjs.getPublicSecurityConfig.call(void 0, $asai, lang), opt);
4652
+ }
4653
+ if (url.startsWith("/api/user/login/online/")) {
4654
+ try {
4655
+ const us = sanitizeString(String(_optionalChain([req, 'optionalAccess', _576 => _576.Userinfo, 'optionalAccess', _577 => _577[0]]) || ""), 64);
4656
+ if (!us) return sendErr(res, "AUTH_MISSING", void 0, opt);
4657
+ const rawOnline = listOnlineWsEntries($asai, hostdir);
4658
+ const online = await Promise.all(
4659
+ rawOnline.map(async (e) => ({
4660
+ us: e.us,
4661
+ lv: await resolveUserLv($asai, store, e.us, e.lv)
4662
+ }))
4663
+ );
4664
+ const rawMy = _optionalChain([req, 'optionalAccess', _578 => _578.Userinfo, 'optionalAccess', _579 => _579[1]]);
4665
+ const wsMyLv = rawMy === null || rawMy === void 0 || rawMy === "" ? null : Number(rawMy);
4666
+ const myLvOut = await resolveUserLv(
4667
+ $asai,
4668
+ store,
4669
+ us,
4670
+ Number.isFinite(wsMyLv) ? wsMyLv : null
4671
+ );
4672
+ return sendSuccess(
4673
+ res,
4674
+ {
4675
+ us,
4676
+ lv: myLvOut,
4677
+ online,
4678
+ maxonline: _nullishCoalesce(_optionalChain([$asai, 'access', _580 => _580.getHost, 'optionalCall', _581 => _581(hostdir), 'optionalAccess', _582 => _582.maxonline]), () => ( 100))
4679
+ },
4680
+ opt
4681
+ );
4682
+ } catch (err) {
4683
+ return sendFail(res, _optionalChain([err, 'optionalAccess', _583 => _583.message]) || err, opt);
4684
+ }
4493
4685
  }
4494
4686
  if (url.startsWith("/api/user/login/admin/levels/")) {
4495
- if (!await checkAdmin(req, url, _chunkGXOFLFFWcjs.getPermissionThreshold.call(void 0, $asai, "adminRead"))) {
4687
+ if (!await checkAdmin(req, url, _chunkFRPN33BYcjs.getPermissionThreshold.call(void 0, $asai, "adminRead"))) {
4496
4688
  return sendErr(res, "AUTH_FORBIDDEN", void 0, opt);
4497
4689
  }
4498
- await _chunkGXOFLFFWcjs.loadUserLevelConfig.call(void 0, $asai);
4499
- return sendSuccess(res, _chunkGXOFLFFWcjs.getUserLevelConfigSync.call(void 0, $asai), opt);
4690
+ await _chunkFRPN33BYcjs.loadUserLevelConfig.call(void 0, $asai);
4691
+ return sendSuccess(res, _chunkFRPN33BYcjs.getUserLevelConfigSync.call(void 0, $asai), opt);
4500
4692
  }
4501
4693
  if (url.startsWith("/api/user/login/admin/sessions/")) {
4502
4694
  if (!await checkAdmin(req, url)) {
@@ -4548,7 +4740,7 @@ var login_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4548
4740
  );
4549
4741
  }
4550
4742
  if (url.startsWith("/api/user/login/profile/")) {
4551
- const us = _optionalChain([req, 'optionalAccess', _559 => _559.Userinfo, 'optionalAccess', _560 => _560[0]]);
4743
+ const us = _optionalChain([req, 'optionalAccess', _584 => _584.Userinfo, 'optionalAccess', _585 => _585[0]]);
4552
4744
  if (!us) return sendErr(res, "AUTH_UNAUTHORIZED", void 0, opt);
4553
4745
  const user = await store.findByUsername(String(us));
4554
4746
  return sendSuccess(res, { user: user ? publicUser($asai, user) : null }, opt);
@@ -4590,16 +4782,16 @@ var As_default = {
4590
4782
  return { code: 908, data: val };
4591
4783
  },
4592
4784
  ctxSuccess(val, opt = null) {
4593
- if (typeof _optionalChain([opt, 'optionalAccess', _561 => _561.resAES]) === "function") {
4785
+ if (typeof _optionalChain([opt, 'optionalAccess', _586 => _586.resAES]) === "function") {
4594
4786
  val = opt.resAES(val);
4595
4787
  }
4596
4788
  return { code: 909, data: val };
4597
4789
  },
4598
4790
  getPath(str = "-") {
4599
- return _optionalChain([str, 'optionalAccess', _562 => _562.replace, 'call', _563 => _563(/[^a-zA-Z0-9.\-_\\\/]/g, "")]);
4791
+ return _optionalChain([str, 'optionalAccess', _587 => _587.replace, 'call', _588 => _588(/[^a-zA-Z0-9.\-_\\\/]/g, "")]);
4600
4792
  },
4601
4793
  getName(str = "-") {
4602
- return _optionalChain([str, 'optionalAccess', _564 => _564.replace, 'call', _565 => _565(/[^a-zA-Z0-9.\-_]/g, "")]);
4794
+ return _optionalChain([str, 'optionalAccess', _589 => _589.replace, 'call', _590 => _590(/[^a-zA-Z0-9.\-_]/g, "")]);
4603
4795
  },
4604
4796
  toDirPath(relativePath) {
4605
4797
  const pathArr = relativePath.split("/");
@@ -4613,10 +4805,10 @@ var As_default = {
4613
4805
  return relativePath;
4614
4806
  },
4615
4807
  //创建多层文件夹 同步
4616
- ensureDir(fs11, relativePath) {
4808
+ ensureDir(fs12, relativePath) {
4617
4809
  const absPathDir = this.toDirPath(relativePath);
4618
4810
  const absPath = this.toAbsolutePath(relativePath);
4619
- if (!fs11.existsSync(absPath)) {
4811
+ if (!fs12.existsSync(absPath)) {
4620
4812
  let pathTmp = "";
4621
4813
  absPathDir.split("/").forEach((el) => {
4622
4814
  if (el) {
@@ -4624,8 +4816,8 @@ var As_default = {
4624
4816
  pathTmp += "/";
4625
4817
  }
4626
4818
  pathTmp += el;
4627
- if (!fs11.existsSync(pathTmp)) {
4628
- if (!fs11.mkdirSync(pathTmp, { recursive: true })) {
4819
+ if (!fs12.existsSync(pathTmp)) {
4820
+ if (!fs12.mkdirSync(pathTmp, { recursive: true })) {
4629
4821
  return absPath;
4630
4822
  }
4631
4823
  }
@@ -4634,10 +4826,10 @@ var As_default = {
4634
4826
  }
4635
4827
  return absPath;
4636
4828
  },
4637
- makeDir(fs11, filePaths) {
4829
+ makeDir(fs12, filePaths) {
4638
4830
  return new Promise((resolve6, reject) => {
4639
4831
  try {
4640
- const newPath = this.ensureDir(fs11, filePaths);
4832
+ const newPath = this.ensureDir(fs12, filePaths);
4641
4833
  resolve6(newPath);
4642
4834
  } catch (err) {
4643
4835
  reject(err);
@@ -4670,7 +4862,7 @@ var As_default = {
4670
4862
  // immediate: false,
4671
4863
  // });
4672
4864
  dtImmediate(fn, opt) {
4673
- if (_optionalChain([opt, 'optionalAccess', _566 => _566.immediate])) {
4865
+ if (_optionalChain([opt, 'optionalAccess', _591 => _591.immediate])) {
4674
4866
  fn();
4675
4867
  opt.immediate = false;
4676
4868
  }
@@ -4692,7 +4884,7 @@ var As_default = {
4692
4884
  if (opt.endtime - opt.starttime < opt.wait) {
4693
4885
  this.dtClearTimeout(opt);
4694
4886
  }
4695
- if (!_optionalChain([opt, 'optionalAccess', _567 => _567.timeout])) {
4887
+ if (!_optionalChain([opt, 'optionalAccess', _592 => _592.timeout])) {
4696
4888
  opt.starttime = opt.endtime;
4697
4889
  opt.timeout = this.dtSetTimeout(fn, opt);
4698
4890
  }
@@ -4700,7 +4892,7 @@ var As_default = {
4700
4892
  // 节流:指定长度时间内有多次触发,只fn最后一次触发
4701
4893
  throttle(fn, opt) {
4702
4894
  this.dtImmediate(fn, opt);
4703
- if (!_optionalChain([opt, 'optionalAccess', _568 => _568.timeout])) {
4895
+ if (!_optionalChain([opt, 'optionalAccess', _593 => _593.timeout])) {
4704
4896
  opt.timeout = this.dtSetTimeout(fn, opt);
4705
4897
  }
4706
4898
  },
@@ -4736,8 +4928,8 @@ var As_default = {
4736
4928
  var AsCode_default = {
4737
4929
  // 加密
4738
4930
  asencode(str, keys) {
4739
- const strlen = _optionalChain([str, 'optionalAccess', _569 => _569.length]) || 0;
4740
- const keyslen = _optionalChain([keys, 'optionalAccess', _570 => _570.length]) || 0;
4931
+ const strlen = _optionalChain([str, 'optionalAccess', _594 => _594.length]) || 0;
4932
+ const keyslen = _optionalChain([keys, 'optionalAccess', _595 => _595.length]) || 0;
4741
4933
  let newstr = "";
4742
4934
  for (let i = 0; i < strlen; i++) {
4743
4935
  const rnum = Math.round(Math.random() * 1e3) % keyslen;
@@ -4762,7 +4954,7 @@ var AsCode_default = {
4762
4954
  const rnum = keys.indexOf(str[i + 3]);
4763
4955
  const rnumx = Number(rnum.toString().slice(-1)) + 1;
4764
4956
  const ylen = keyslen - rnumx;
4765
- newstr += _optionalChain([String, 'optionalAccess', _571 => _571.fromCodePoint, 'call', _572 => _572(
4957
+ newstr += _optionalChain([String, 'optionalAccess', _596 => _596.fromCodePoint, 'call', _597 => _597(
4766
4958
  (keys.indexOf(str[i++]) - rnumx) * ylen * ylen + (keys.indexOf(str[i++]) - rnumx) * ylen + (keys.indexOf(str[i++]) - rnumx)
4767
4959
  )]);
4768
4960
  }
@@ -4809,7 +5001,7 @@ var AsAES_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4809
5001
  if (typeof value !== "string") return value;
4810
5002
  try {
4811
5003
  return JSON.parse(value);
4812
- } catch (e44) {
5004
+ } catch (e51) {
4813
5005
  return value;
4814
5006
  }
4815
5007
  }
@@ -4845,7 +5037,7 @@ var AsAES_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4845
5037
  }
4846
5038
  _chunkSMVZ3ZDJcjs.__name.call(void 0, decrypt, "decrypt");
4847
5039
  function validateFields(payload, fields) {
4848
- return fields.every((key) => typeof _optionalChain([payload, 'optionalAccess', _573 => _573[key]]) === "string" && payload[key].length > 0);
5040
+ return fields.every((key) => typeof _optionalChain([payload, 'optionalAccess', _598 => _598[key]]) === "string" && payload[key].length > 0);
4849
5041
  }
4850
5042
  _chunkSMVZ3ZDJcjs.__name.call(void 0, validateFields, "validateFields");
4851
5043
  function reqAES(opt, fn = (data) => data) {
@@ -4853,7 +5045,7 @@ var AsAES_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4853
5045
  try {
4854
5046
  if (validateFields(reqData, ["data", "iv", "auth"])) {
4855
5047
  let aesData = decrypt(reqData);
4856
- if (_optionalChain([reqData, 'optionalAccess', _574 => _574.aes]) === 2) {
5048
+ if (_optionalChain([reqData, 'optionalAccess', _599 => _599.aes]) === 2) {
4857
5049
  aesData = JSON.parse(aesData);
4858
5050
  }
4859
5051
  return fn(aesData);
@@ -4887,24 +5079,24 @@ var AsAES_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai
4887
5079
  // src/sysserver/lib/common/AsDb.ts
4888
5080
  var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai, cfg) => {
4889
5081
  const DataServer = _chunk2BCIIKRGcjs.getDataServerForAsDb.call(void 0, $asai, {
4890
- type: _optionalChain([cfg, 'optionalAccess', _575 => _575.type]) || "sqlite",
5082
+ type: _optionalChain([cfg, 'optionalAccess', _600 => _600.type]) || "sqlite",
4891
5083
  opt: {
4892
- ..._optionalChain([cfg, 'optionalAccess', _576 => _576.opt]) || {
5084
+ ..._optionalChain([cfg, 'optionalAccess', _601 => _601.opt]) || {
4893
5085
  database: "./webdata/webdb/sqlite/asaisqlite.db",
4894
5086
  create: 1
4895
5087
  }
4896
5088
  },
4897
- storeKey: _optionalChain([cfg, 'optionalAccess', _577 => _577.storeKey])
5089
+ storeKey: _optionalChain([cfg, 'optionalAccess', _602 => _602.storeKey])
4898
5090
  });
4899
5091
  function reqwherestr(str) {
4900
- if (_optionalChain([cfg, 'optionalAccess', _578 => _578.type]) === "sqlite" || _optionalChain([cfg, 'optionalAccess', _579 => _579.type]) === "mysql") {
5092
+ if (_optionalChain([cfg, 'optionalAccess', _603 => _603.type]) === "sqlite" || _optionalChain([cfg, 'optionalAccess', _604 => _604.type]) === "mysql") {
4901
5093
  return `'${str}'`;
4902
5094
  }
4903
5095
  return str;
4904
5096
  }
4905
5097
  _chunkSMVZ3ZDJcjs.__name.call(void 0, reqwherestr, "reqwherestr");
4906
5098
  function reqfield(queryData) {
4907
- if (_optionalChain([queryData, 'optionalAccess', _580 => _580.fd])) {
5099
+ if (_optionalChain([queryData, 'optionalAccess', _605 => _605.fd])) {
4908
5100
  return queryData.fd.split("-");
4909
5101
  }
4910
5102
  return cfg.field.data;
@@ -4912,14 +5104,14 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
4912
5104
  _chunkSMVZ3ZDJcjs.__name.call(void 0, reqfield, "reqfield");
4913
5105
  function reqwhere(queryData) {
4914
5106
  const wheretmp = [];
4915
- if ((_optionalChain([cfg, 'optionalAccess', _581 => _581.type]) === "sqlite" || _optionalChain([cfg, 'optionalAccess', _582 => _582.type]) === "mysql") && _optionalChain([queryData, 'optionalAccess', _583 => _583.wlv])) {
5107
+ if ((_optionalChain([cfg, 'optionalAccess', _606 => _606.type]) === "sqlite" || _optionalChain([cfg, 'optionalAccess', _607 => _607.type]) === "mysql") && _optionalChain([queryData, 'optionalAccess', _608 => _608.wlv])) {
4916
5108
  const wlvarr = queryData.wlv.split("-");
4917
5109
  wheretmp.push([wlvarr[0], ">", Number(wlvarr[1] || 0)]);
4918
5110
  }
4919
- if (_optionalChain([queryData, 'optionalAccess', _584 => _584.fl])) {
5111
+ if (_optionalChain([queryData, 'optionalAccess', _609 => _609.fl])) {
4920
5112
  wheretmp.push([cfg.field.class, "LIKE", reqwherestr(`${queryData.fl}%`)]);
4921
5113
  }
4922
- if (_optionalChain([queryData, 'optionalAccess', _585 => _585.ss]) && _optionalChain([queryData, 'optionalAccess', _586 => _586.ssty])) {
5114
+ if (_optionalChain([queryData, 'optionalAccess', _610 => _610.ss]) && _optionalChain([queryData, 'optionalAccess', _611 => _611.ssty])) {
4923
5115
  wheretmp.push([queryData.ssty, "LIKE", reqwherestr(`%${queryData.ss}%`)]);
4924
5116
  }
4925
5117
  if (wheretmp.length > 1) {
@@ -4930,16 +5122,16 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
4930
5122
  _chunkSMVZ3ZDJcjs.__name.call(void 0, reqwhere, "reqwhere");
4931
5123
  function reqorder(queryData) {
4932
5124
  const ordertmp = [];
4933
- if (_optionalChain([queryData, 'optionalAccess', _587 => _587.sx])) {
4934
- ordertmp.push([queryData.sx, _optionalChain([queryData, 'optionalAccess', _588 => _588.sxty]) == 1 ? "DESC" : "ASC"]);
5125
+ if (_optionalChain([queryData, 'optionalAccess', _612 => _612.sx])) {
5126
+ ordertmp.push([queryData.sx, _optionalChain([queryData, 'optionalAccess', _613 => _613.sxty]) == 1 ? "DESC" : "ASC"]);
4935
5127
  }
4936
5128
  return ordertmp;
4937
5129
  }
4938
5130
  _chunkSMVZ3ZDJcjs.__name.call(void 0, reqorder, "reqorder");
4939
5131
  function reqlimit(queryData) {
4940
5132
  let limittmp = "";
4941
- let limitps = _optionalChain([queryData, 'optionalAccess', _589 => _589.ps]);
4942
- if (_optionalChain([queryData, 'optionalAccess', _590 => _590.pg])) {
5133
+ let limitps = _optionalChain([queryData, 'optionalAccess', _614 => _614.ps]);
5134
+ if (_optionalChain([queryData, 'optionalAccess', _615 => _615.pg])) {
4943
5135
  limitps = limitps || 20;
4944
5136
  limittmp = `${(queryData.pg - 1) * limitps},${limitps}`;
4945
5137
  } else if (limitps) {
@@ -4951,7 +5143,7 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
4951
5143
  function decodePathSegment(seg) {
4952
5144
  try {
4953
5145
  return decodeURIComponent(seg);
4954
- } catch (e45) {
5146
+ } catch (e52) {
4955
5147
  return seg;
4956
5148
  }
4957
5149
  }
@@ -4967,7 +5159,7 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
4967
5159
  if (typeof body === "string") {
4968
5160
  try {
4969
5161
  body = JSON.parse(body);
4970
- } catch (e46) {
5162
+ } catch (e53) {
4971
5163
  return { content: body };
4972
5164
  }
4973
5165
  }
@@ -4992,8 +5184,8 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
4992
5184
  _chunkSMVZ3ZDJcjs.__name.call(void 0, fileKeyFromSegment, "fileKeyFromSegment");
4993
5185
  function getSqlParamsByUrl(req, opt) {
4994
5186
  let tmpSqlParams;
4995
- const reqArr = _optionalChain([req, 'optionalAccess', _591 => _591.url, 'optionalAccess', _592 => _592.split, 'call', _593 => _593("?"), 'access', _594 => _594[0], 'optionalAccess', _595 => _595.split, 'call', _596 => _596("/")]) || [];
4996
- const table = (_optionalChain([opt, 'optionalAccess', _597 => _597.qrdata, 'optionalAccess', _598 => _598.table]) || _optionalChain([opt, 'optionalAccess', _599 => _599.data, 'optionalAccess', _600 => _600.table]) || reqArr[3]).replaceAll("_", "/");
5187
+ const reqArr = _optionalChain([req, 'optionalAccess', _616 => _616.url, 'optionalAccess', _617 => _617.split, 'call', _618 => _618("?"), 'access', _619 => _619[0], 'optionalAccess', _620 => _620.split, 'call', _621 => _621("/")]) || [];
5188
+ const table = (_optionalChain([opt, 'optionalAccess', _622 => _622.qrdata, 'optionalAccess', _623 => _623.table]) || _optionalChain([opt, 'optionalAccess', _624 => _624.data, 'optionalAccess', _625 => _625.table]) || reqArr[3]).replaceAll("_", "/");
4997
5189
  if (!table) return tmpSqlParams;
4998
5190
  tmpSqlParams = {
4999
5191
  type: "select",
@@ -5002,7 +5194,7 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
5002
5194
  if (reqArr[5]) {
5003
5195
  if (reqArr[4] === "insert") {
5004
5196
  tmpSqlParams.type = reqArr[4];
5005
- if (_optionalChain([cfg, 'optionalAccess', _601 => _601.type]) === "file") {
5197
+ if (_optionalChain([cfg, 'optionalAccess', _626 => _626.type]) === "file") {
5006
5198
  const { name: bodyName, content } = parseFileBody(opt.data);
5007
5199
  const fileKey = fileKeyFromSegment(reqArr[5], bodyName);
5008
5200
  tmpSqlParams.field = cfg.field.data;
@@ -5026,11 +5218,11 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
5026
5218
  }
5027
5219
  } else if (reqArr[4] === "update") {
5028
5220
  tmpSqlParams.type = reqArr[4];
5029
- const rowKey = _optionalChain([cfg, 'optionalAccess', _602 => _602.type]) === "file" ? fileKeyFromSegment(reqArr[5]) : decodePathSegment(reqArr[5]);
5221
+ const rowKey = _optionalChain([cfg, 'optionalAccess', _627 => _627.type]) === "file" ? fileKeyFromSegment(reqArr[5]) : decodePathSegment(reqArr[5]);
5030
5222
  tmpSqlParams.where = [[cfg.field.key, "=", reqwherestr(rowKey)]];
5031
- if (_optionalChain([cfg, 'optionalAccess', _603 => _603.type]) === "file") {
5223
+ if (_optionalChain([cfg, 'optionalAccess', _628 => _628.type]) === "file") {
5032
5224
  const { content } = parseFileBody(opt.data);
5033
- const contentField = _optionalChain([cfg, 'access', _604 => _604.field, 'access', _605 => _605.data, 'optionalAccess', _606 => _606[1]]) || "content";
5225
+ const contentField = _optionalChain([cfg, 'access', _629 => _629.field, 'access', _630 => _630.data, 'optionalAccess', _631 => _631[1]]) || "content";
5034
5226
  tmpSqlParams.set = [[contentField, fileContentString(content)]];
5035
5227
  } else {
5036
5228
  tmpSqlParams.set = [];
@@ -5047,18 +5239,18 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
5047
5239
  }
5048
5240
  } else if (reqArr[4] === "delete") {
5049
5241
  tmpSqlParams.type = reqArr[4];
5050
- const rowKey = _optionalChain([cfg, 'optionalAccess', _607 => _607.type]) === "file" ? fileKeyFromSegment(reqArr[5]) : decodePathSegment(reqArr[5]);
5242
+ const rowKey = _optionalChain([cfg, 'optionalAccess', _632 => _632.type]) === "file" ? fileKeyFromSegment(reqArr[5]) : decodePathSegment(reqArr[5]);
5051
5243
  tmpSqlParams.where = [[cfg.field.key, "=", reqwherestr(rowKey)]];
5052
5244
  } else {
5053
- if (_optionalChain([cfg, 'optionalAccess', _608 => _608.as]) > 1) {
5245
+ if (_optionalChain([cfg, 'optionalAccess', _633 => _633.as]) > 1) {
5054
5246
  tmpSqlParams.as = +cfg.as - 1;
5055
5247
  }
5056
5248
  tmpSqlParams.field = cfg.field.data;
5057
- const rowKey = _optionalChain([cfg, 'optionalAccess', _609 => _609.type]) === "file" ? fileKeyFromSegment(reqArr[5]) : decodePathSegment(reqArr[5]);
5249
+ const rowKey = _optionalChain([cfg, 'optionalAccess', _634 => _634.type]) === "file" ? fileKeyFromSegment(reqArr[5]) : decodePathSegment(reqArr[5]);
5058
5250
  tmpSqlParams.where = [[cfg.field.key, "=", reqwherestr(rowKey)]];
5059
5251
  }
5060
5252
  } else {
5061
- tmpSqlParams.as = _optionalChain([cfg, 'optionalAccess', _610 => _610.as]);
5253
+ tmpSqlParams.as = _optionalChain([cfg, 'optionalAccess', _635 => _635.as]);
5062
5254
  tmpSqlParams.field = reqfield(opt.data);
5063
5255
  tmpSqlParams.where = reqwhere(opt.data);
5064
5256
  tmpSqlParams.order = reqorder(opt.data);
@@ -5068,8 +5260,8 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
5068
5260
  }
5069
5261
  _chunkSMVZ3ZDJcjs.__name.call(void 0, getSqlParamsByUrl, "getSqlParamsByUrl");
5070
5262
  function dbFresh(req, resdb) {
5071
- if (_optionalChain([req, 'optionalAccess', _611 => _611.url, 'optionalAccess', _612 => _612.includes, 'call', _613 => _613("/selectlist/")])) {
5072
- const list = Array.isArray(resdb) ? resdb : _optionalChain([resdb, 'optionalAccess', _614 => _614.data]);
5263
+ if (_optionalChain([req, 'optionalAccess', _636 => _636.url, 'optionalAccess', _637 => _637.includes, 'call', _638 => _638("/selectlist/")])) {
5264
+ const list = Array.isArray(resdb) ? resdb : _optionalChain([resdb, 'optionalAccess', _639 => _639.data]);
5073
5265
  if (Array.isArray(list)) {
5074
5266
  const names = list.map((el) => {
5075
5267
  if (typeof el === "string") {
@@ -5091,8 +5283,8 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
5091
5283
  }
5092
5284
  _chunkSMVZ3ZDJcjs.__name.call(void 0, dbFresh, "dbFresh");
5093
5285
  function normalizeFileSelectRow(row) {
5094
- const nameKey = _optionalChain([cfg, 'access', _615 => _615.field, 'optionalAccess', _616 => _616.data, 'optionalAccess', _617 => _617[0]]) || "name";
5095
- const contentKey = _optionalChain([cfg, 'access', _618 => _618.field, 'optionalAccess', _619 => _619.data, 'optionalAccess', _620 => _620[1]]) || "content";
5286
+ const nameKey = _optionalChain([cfg, 'access', _640 => _640.field, 'optionalAccess', _641 => _641.data, 'optionalAccess', _642 => _642[0]]) || "name";
5287
+ const contentKey = _optionalChain([cfg, 'access', _643 => _643.field, 'optionalAccess', _644 => _644.data, 'optionalAccess', _645 => _645[1]]) || "content";
5096
5288
  if (!row || typeof row !== "object") return row;
5097
5289
  const out = { ...row };
5098
5290
  if (out[nameKey] != null) {
@@ -5106,7 +5298,7 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
5106
5298
  }
5107
5299
  _chunkSMVZ3ZDJcjs.__name.call(void 0, normalizeFileSelectRow, "normalizeFileSelectRow");
5108
5300
  function isFileSingleNameSelect(params) {
5109
- return _optionalChain([cfg, 'optionalAccess', _621 => _621.type]) === "file" && _optionalChain([params, 'optionalAccess', _622 => _622.type]) === "select" && !!_optionalChain([params, 'optionalAccess', _623 => _623.where, 'optionalAccess', _624 => _624.length]);
5301
+ return _optionalChain([cfg, 'optionalAccess', _646 => _646.type]) === "file" && _optionalChain([params, 'optionalAccess', _647 => _647.type]) === "select" && !!_optionalChain([params, 'optionalAccess', _648 => _648.where, 'optionalAccess', _649 => _649.length]);
5110
5302
  }
5111
5303
  _chunkSMVZ3ZDJcjs.__name.call(void 0, isFileSingleNameSelect, "isFileSingleNameSelect");
5112
5304
  function normalizeSelectResult(params, resdb) {
@@ -5120,12 +5312,12 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
5120
5312
  }
5121
5313
  return data;
5122
5314
  }
5123
- if (_optionalChain([params, 'optionalAccess', _625 => _625.where, 'optionalAccess', _626 => _626.length]) && Array.isArray(data) && data.length === 1) {
5315
+ if (_optionalChain([params, 'optionalAccess', _650 => _650.where, 'optionalAccess', _651 => _651.length]) && Array.isArray(data) && data.length === 1) {
5124
5316
  data = data[0];
5125
5317
  }
5126
- if (_optionalChain([cfg, 'optionalAccess', _627 => _627.type]) === "file" && data && typeof data === "object" && !Array.isArray(data)) {
5127
- const nameKey = _optionalChain([cfg, 'access', _628 => _628.field, 'optionalAccess', _629 => _629.data, 'optionalAccess', _630 => _630[0]]) || "name";
5128
- const contentKey = _optionalChain([cfg, 'access', _631 => _631.field, 'optionalAccess', _632 => _632.data, 'optionalAccess', _633 => _633[1]]) || "content";
5318
+ if (_optionalChain([cfg, 'optionalAccess', _652 => _652.type]) === "file" && data && typeof data === "object" && !Array.isArray(data)) {
5319
+ const nameKey = _optionalChain([cfg, 'access', _653 => _653.field, 'optionalAccess', _654 => _654.data, 'optionalAccess', _655 => _655[0]]) || "name";
5320
+ const contentKey = _optionalChain([cfg, 'access', _656 => _656.field, 'optionalAccess', _657 => _657.data, 'optionalAccess', _658 => _658[1]]) || "content";
5129
5321
  if (data[nameKey] != null) {
5130
5322
  data[nameKey] = bareFileName(String(data[nameKey]));
5131
5323
  }
@@ -5135,7 +5327,7 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
5135
5327
  if (text.startsWith("{") || text.startsWith("[")) {
5136
5328
  try {
5137
5329
  data[contentKey] = JSON.parse(text);
5138
- } catch (e47) {
5330
+ } catch (e54) {
5139
5331
  }
5140
5332
  }
5141
5333
  }
@@ -5144,7 +5336,7 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
5144
5336
  }
5145
5337
  _chunkSMVZ3ZDJcjs.__name.call(void 0, normalizeSelectResult, "normalizeSelectResult");
5146
5338
  function dbCodePm(req, resdb) {
5147
- if (_optionalChain([req, 'optionalAccess', _634 => _634.Userinfo]) && _optionalChain([req, 'optionalAccess', _635 => _635.Userinfo, 'access', _636 => _636[2]])) {
5339
+ if (_optionalChain([req, 'optionalAccess', _659 => _659.Userinfo]) && _optionalChain([req, 'optionalAccess', _660 => _660.Userinfo, 'access', _661 => _661[2]])) {
5148
5340
  if (resdb != null && typeof resdb === "object") {
5149
5341
  resdb.data = $asai.$lib.AsCode.asencode(JSON.stringify(resdb.data), req.Userinfo[2]);
5150
5342
  }
@@ -5158,8 +5350,8 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
5158
5350
  DataServer.sqlDb(params).then((resdb) => {
5159
5351
  res.end(JSON.stringify($asai.$lib.As.ctxSuccess(dbCodePm(req, dbFresh(req, resdb)), opt)));
5160
5352
  }).catch((errdb) => {
5161
- const msg = String(_optionalChain([errdb, 'optionalAccess', _637 => _637.message]) || errdb || "");
5162
- if (_optionalChain([params, 'optionalAccess', _638 => _638.type]) === "select" && msg.includes("no such table")) {
5353
+ const msg = String(_optionalChain([errdb, 'optionalAccess', _662 => _662.message]) || errdb || "");
5354
+ if (_optionalChain([params, 'optionalAccess', _663 => _663.type]) === "select" && msg.includes("no such table")) {
5163
5355
  res.end(JSON.stringify($asai.$lib.As.ctxSuccess([], opt)));
5164
5356
  return;
5165
5357
  }
@@ -5176,29 +5368,29 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
5176
5368
  try {
5177
5369
  DataServer.sqlDb(params).then((resdb) => {
5178
5370
  let resData = normalizeSelectResult(params, dbFresh(req, resdb));
5179
- if (_optionalChain([params, 'optionalAccess', _639 => _639.as]) === 2 && _optionalChain([params, 'optionalAccess', _640 => _640.field, 'optionalAccess', _641 => _641.length]) > 1) {
5371
+ if (_optionalChain([params, 'optionalAccess', _664 => _664.as]) === 2 && _optionalChain([params, 'optionalAccess', _665 => _665.field, 'optionalAccess', _666 => _666.length]) > 1) {
5180
5372
  let limitArr = [];
5181
- if (_optionalChain([params, 'access', _642 => _642.limit, 'optionalAccess', _643 => _643.split, 'call', _644 => _644(","), 'optionalAccess', _645 => _645.length]) < 2) {
5182
- limitArr = [0, +_optionalChain([params, 'access', _646 => _646.limit, 'optionalAccess', _647 => _647.split, 'call', _648 => _648(","), 'optionalAccess', _649 => _649[0]])];
5373
+ if (_optionalChain([params, 'access', _667 => _667.limit, 'optionalAccess', _668 => _668.split, 'call', _669 => _669(","), 'optionalAccess', _670 => _670.length]) < 2) {
5374
+ limitArr = [0, +_optionalChain([params, 'access', _671 => _671.limit, 'optionalAccess', _672 => _672.split, 'call', _673 => _673(","), 'optionalAccess', _674 => _674[0]])];
5183
5375
  } else {
5184
5376
  limitArr = params.limit.split(",");
5185
5377
  limitArr = [+limitArr[0], +limitArr[0] + +limitArr[1]];
5186
5378
  }
5187
- if (_optionalChain([resData, 'access', _650 => _650.data, 'optionalAccess', _651 => _651.length])) {
5379
+ if (_optionalChain([resData, 'access', _675 => _675.data, 'optionalAccess', _676 => _676.length])) {
5188
5380
  resData.data = resData.data.slice(+limitArr[0], +limitArr[1]);
5189
5381
  }
5190
5382
  }
5191
5383
  resData = dbCodePm(req, resData);
5192
5384
  res.end(JSON.stringify($asai.$lib.As.ctxSuccess(resData, opt)));
5193
5385
  }).catch((errdb) => {
5194
- const msg = String(_optionalChain([errdb, 'optionalAccess', _652 => _652.message]) || errdb || "");
5195
- if (_optionalChain([params, 'optionalAccess', _653 => _653.type]) === "select" && msg.includes("no such table")) {
5386
+ const msg = String(_optionalChain([errdb, 'optionalAccess', _677 => _677.message]) || errdb || "");
5387
+ if (_optionalChain([params, 'optionalAccess', _678 => _678.type]) === "select" && msg.includes("no such table")) {
5196
5388
  res.end(JSON.stringify($asai.$lib.As.ctxSuccess([], opt)));
5197
5389
  return;
5198
5390
  }
5199
5391
  res.end(JSON.stringify($asai.$lib.As.ctxFail(errdb)));
5200
5392
  });
5201
- } catch (e48) {
5393
+ } catch (e55) {
5202
5394
  res.end(JSON.stringify({ code: 901 }));
5203
5395
  }
5204
5396
  } else {
@@ -5207,7 +5399,7 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
5207
5399
  }
5208
5400
  _chunkSMVZ3ZDJcjs.__name.call(void 0, runDefaultGet, "runDefaultGet");
5209
5401
  function post(req, res, hostdir, opt) {
5210
- if (_optionalChain([cfg, 'optionalAccess', _654 => _654.post]) && typeof cfg.post === "function") {
5402
+ if (_optionalChain([cfg, 'optionalAccess', _679 => _679.post]) && typeof cfg.post === "function") {
5211
5403
  Promise.resolve(cfg.post(req, res, hostdir, opt, DataServer)).then((reqstat) => {
5212
5404
  if (!reqstat) runDefaultPost(req, res, opt);
5213
5405
  }).catch((errdb) => {
@@ -5219,7 +5411,7 @@ var AsDb_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($asai,
5219
5411
  }
5220
5412
  _chunkSMVZ3ZDJcjs.__name.call(void 0, post, "post");
5221
5413
  function get(req, res, hostdir, opt) {
5222
- if (_optionalChain([cfg, 'optionalAccess', _655 => _655.get]) && typeof cfg.get === "function") {
5414
+ if (_optionalChain([cfg, 'optionalAccess', _680 => _680.get]) && typeof cfg.get === "function") {
5223
5415
  Promise.resolve(cfg.get(req, res, hostdir, opt, DataServer)).then((reqstat) => {
5224
5416
  if (!reqstat) runDefaultGet(req, res, opt);
5225
5417
  }).catch((errdb) => {
@@ -5245,30 +5437,30 @@ var reqWork_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($as
5245
5437
  }
5246
5438
  _chunkSMVZ3ZDJcjs.__name.call(void 0, hostDefault2, "hostDefault");
5247
5439
  function getPathFromOpt(opt) {
5248
- const rawPath = _optionalChain([opt, 'access', _656 => _656.qrdata, 'optionalAccess', _657 => _657.path]) || _optionalChain([opt, 'access', _658 => _658.data, 'optionalAccess', _659 => _659.path]);
5440
+ const rawPath = _optionalChain([opt, 'access', _681 => _681.qrdata, 'optionalAccess', _682 => _682.path]) || _optionalChain([opt, 'access', _683 => _683.data, 'optionalAccess', _684 => _684.path]);
5249
5441
  if (!rawPath) {
5250
5442
  throw new Error("Missing path");
5251
5443
  }
5252
5444
  const decoded = decodeURIComponent(String(rawPath));
5253
- if (path4.isAbsolute(decoded)) {
5254
- return path4.normalize(decoded);
5445
+ if (path5.isAbsolute(decoded)) {
5446
+ return path5.normalize(decoded);
5255
5447
  }
5256
5448
  const rel = decoded.replace(/^\.(\/)?/, "");
5257
- const serverRoot = _optionalChain([$asai, 'optionalAccess', _660 => _660.serverRoot]);
5449
+ const serverRoot = _optionalChain([$asai, 'optionalAccess', _685 => _685.serverRoot]);
5258
5450
  if (serverRoot && rel) {
5259
- const absRoot = path4.resolve(serverRoot);
5260
- const abs = path4.resolve(absRoot, rel);
5261
- const relCheck = path4.relative(absRoot, abs);
5262
- if (relCheck === "" || !relCheck.startsWith("..") && !path4.isAbsolute(relCheck)) {
5451
+ const absRoot = path5.resolve(serverRoot);
5452
+ const abs = path5.resolve(absRoot, rel);
5453
+ const relCheck = path5.relative(absRoot, abs);
5454
+ if (relCheck === "" || !relCheck.startsWith("..") && !path5.isAbsolute(relCheck)) {
5263
5455
  return abs;
5264
5456
  }
5265
5457
  }
5266
- const roots = _optionalChain([$asai, 'optionalAccess', _661 => _661.asaihost, 'optionalAccess', _662 => _662.getHostAllowedRoots, 'optionalCall', _663 => _663(_optionalChain([$asai, 'optionalAccess', _664 => _664.hostconfig]))]) || [];
5458
+ const roots = _optionalChain([$asai, 'optionalAccess', _686 => _686.asaihost, 'optionalAccess', _687 => _687.getHostAllowedRoots, 'optionalCall', _688 => _688(_optionalChain([$asai, 'optionalAccess', _689 => _689.hostconfig]))]) || [];
5267
5459
  if (!roots.length) {
5268
- const fallback = _optionalChain([$asai, 'optionalAccess', _665 => _665.serverRoot]) || process.cwd();
5460
+ const fallback = _optionalChain([$asai, 'optionalAccess', _690 => _690.serverRoot]) || process.cwd();
5269
5461
  if (fallback) roots.push(fallback);
5270
5462
  }
5271
- if (!_optionalChain([$asai, 'optionalAccess', _666 => _666.asaihost, 'optionalAccess', _667 => _667.resolvePathUnderRoots])) {
5463
+ if (!_optionalChain([$asai, 'optionalAccess', _691 => _691.asaihost, 'optionalAccess', _692 => _692.resolvePathUnderRoots])) {
5272
5464
  throw new Error("Path resolver unavailable");
5273
5465
  }
5274
5466
  return $asai.asaihost.resolvePathUnderRoots(decoded, roots);
@@ -5280,18 +5472,18 @@ var reqWork_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($as
5280
5472
  }
5281
5473
  _chunkSMVZ3ZDJcjs.__name.call(void 0, sendSuccess, "sendSuccess");
5282
5474
  function sendErr(res, ec, params, opt) {
5283
- const ErrorCode = _optionalChain([$asai, 'access', _668 => _668.$lib, 'optionalAccess', _669 => _669.ErrorCode]);
5284
- _optionalChain([ErrorCode, 'optionalAccess', _670 => _670.loadErrorCodes, 'optionalCall', _671 => _671($asai)]);
5285
- _optionalChain([ErrorCode, 'optionalAccess', _672 => _672.logError, 'optionalCall', _673 => _673($asai, ec, Array.isArray(params) ? params.map(String) : params != null ? [String(params)] : void 0)]);
5475
+ const ErrorCode = _optionalChain([$asai, 'access', _693 => _693.$lib, 'optionalAccess', _694 => _694.ErrorCode]);
5476
+ _optionalChain([ErrorCode, 'optionalAccess', _695 => _695.loadErrorCodes, 'optionalCall', _696 => _696($asai)]);
5477
+ _optionalChain([ErrorCode, 'optionalAccess', _697 => _697.logError, 'optionalCall', _698 => _698($asai, ec, Array.isArray(params) ? params.map(String) : params != null ? [String(params)] : void 0)]);
5286
5478
  const response = $asai.$lib.As.ctxErr(ec, params, opt);
5287
5479
  res.end(JSON.stringify(response));
5288
5480
  }
5289
5481
  _chunkSMVZ3ZDJcjs.__name.call(void 0, sendErr, "sendErr");
5290
5482
  function sendFail(res, err, opt) {
5291
- const ErrorCode = _optionalChain([$asai, 'access', _674 => _674.$lib, 'optionalAccess', _675 => _675.ErrorCode]);
5292
- _optionalChain([ErrorCode, 'optionalAccess', _676 => _676.loadErrorCodes, 'optionalCall', _677 => _677($asai)]);
5293
- const normalized = _optionalChain([ErrorCode, 'optionalAccess', _678 => _678.normalizeErrPayload, 'optionalCall', _679 => _679(err)]);
5294
- if (_optionalChain([normalized, 'optionalAccess', _680 => _680.ec])) {
5483
+ const ErrorCode = _optionalChain([$asai, 'access', _699 => _699.$lib, 'optionalAccess', _700 => _700.ErrorCode]);
5484
+ _optionalChain([ErrorCode, 'optionalAccess', _701 => _701.loadErrorCodes, 'optionalCall', _702 => _702($asai)]);
5485
+ const normalized = _optionalChain([ErrorCode, 'optionalAccess', _703 => _703.normalizeErrPayload, 'optionalCall', _704 => _704(err)]);
5486
+ if (_optionalChain([normalized, 'optionalAccess', _705 => _705.ec])) {
5295
5487
  return sendErr(res, normalized.ec, normalized.pm, opt);
5296
5488
  }
5297
5489
  const response = $asai.$lib.As.ctxFail(err);
@@ -5299,7 +5491,7 @@ var reqWork_default = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, ($as
5299
5491
  }
5300
5492
  _chunkSMVZ3ZDJcjs.__name.call(void 0, sendFail, "sendFail");
5301
5493
  function mnLog(...arg) {
5302
- (_optionalChain([$asai, 'optionalAccess', _681 => _681.$log]) || console.log)(...arg);
5494
+ (_optionalChain([$asai, 'optionalAccess', _706 => _706.$log]) || console.log)(...arg);
5303
5495
  }
5304
5496
  _chunkSMVZ3ZDJcjs.__name.call(void 0, mnLog, "mnLog");
5305
5497
  return { hostDefault: hostDefault2, getPathFromOpt, sendSuccess, sendFail, sendErr, mnLog };
@@ -5332,7 +5524,7 @@ async function pathExists(filePath) {
5332
5524
  try {
5333
5525
  await _promises2.default.access(nodePath2.default.normalize(filePath));
5334
5526
  return true;
5335
- } catch (e49) {
5527
+ } catch (e56) {
5336
5528
  return false;
5337
5529
  }
5338
5530
  }
@@ -5399,7 +5591,7 @@ async function removeFile(filePath) {
5399
5591
  try {
5400
5592
  await _promises2.default.unlink(nodePath2.default.normalize(filePath));
5401
5593
  } catch (err) {
5402
- if (_optionalChain([err, 'optionalAccess', _682 => _682.code]) !== "ENOENT") throw err;
5594
+ if (_optionalChain([err, 'optionalAccess', _707 => _707.code]) !== "ENOENT") throw err;
5403
5595
  }
5404
5596
  }
5405
5597
  _chunkSMVZ3ZDJcjs.__name.call(void 0, removeFile, "removeFile");
@@ -5512,11 +5704,11 @@ function toInsertRows(sql) {
5512
5704
  }
5513
5705
  _chunkSMVZ3ZDJcjs.__name.call(void 0, toInsertRows, "toInsertRows");
5514
5706
  function isPathInside(baseDir, targetPath) {
5515
- const base = path6.resolve(baseDir);
5516
- const target = path6.resolve(targetPath);
5517
- const relative5 = path6.relative(base, target);
5707
+ const base = path7.resolve(baseDir);
5708
+ const target = path7.resolve(targetPath);
5709
+ const relative5 = path7.relative(base, target);
5518
5710
  if (!relative5) return true;
5519
- return !relative5.startsWith("..") && !path6.isAbsolute(relative5);
5711
+ return !relative5.startsWith("..") && !path7.isAbsolute(relative5);
5520
5712
  }
5521
5713
  _chunkSMVZ3ZDJcjs.__name.call(void 0, isPathInside, "isPathInside");
5522
5714
  function joinTablePath(table, ...segments) {
@@ -5711,21 +5903,21 @@ function dbDriver(opt = {}) {
5711
5903
  this.fileExt = config.ext === ".*" ? "" : config.ext || "";
5712
5904
  this.fileDel = (config.del || 0) !== 0;
5713
5905
  this.createDir = config.create || false;
5714
- const root = _optionalChain([config, 'access', _683 => _683.$asai, 'optionalAccess', _684 => _684.serverRoot]) || _chunkHR5JKN7Ycjs.getPrimaryServerRoot.call(void 0, );
5715
- this.baseDirAbs = path7.resolve(root, config.dir);
5906
+ const root = _optionalChain([config, 'access', _708 => _708.$asai, 'optionalAccess', _709 => _709.serverRoot]) || _chunkHR5JKN7Ycjs.getPrimaryServerRoot.call(void 0, );
5907
+ this.baseDirAbs = path8.resolve(root, config.dir);
5716
5908
  }
5717
5909
  dbLog(...args) {
5718
- (_optionalChain([this, 'access', _685 => _685.config, 'optionalAccess', _686 => _686.$asai, 'optionalAccess', _687 => _687.$log]) || console.log)("FILE", ...args);
5910
+ (_optionalChain([this, 'access', _710 => _710.config, 'optionalAccess', _711 => _711.$asai, 'optionalAccess', _712 => _712.$log]) || console.log)("FILE", ...args);
5719
5911
  }
5720
5912
  checkFile(file) {
5721
- return fs10.existsSync(this.getAbsPath(file, false));
5913
+ return fs11.existsSync(this.getAbsPath(file, false));
5722
5914
  }
5723
5915
  /** 解析相对路径并限制在数据根目录内,防止路径穿越(跨平台) */
5724
5916
  resolvePath(relPath) {
5725
5917
  if (!relPath) {
5726
5918
  return this.baseDirAbs;
5727
5919
  }
5728
- const abs = path7.isAbsolute(relPath) ? path7.normalize(relPath) : path7.resolve(this.baseDirAbs, relPath);
5920
+ const abs = path8.isAbsolute(relPath) ? path8.normalize(relPath) : path8.resolve(this.baseDirAbs, relPath);
5729
5921
  if (!isPathInside2(this.baseDirAbs, abs)) {
5730
5922
  throw new Error("Path not allowed");
5731
5923
  }
@@ -5739,15 +5931,15 @@ function dbDriver(opt = {}) {
5739
5931
  if (!relPath) {
5740
5932
  return "";
5741
5933
  }
5742
- return path7.isAbsolute(relPath) ? path7.relative(this.baseDirAbs, relPath) : relPath;
5934
+ return path8.isAbsolute(relPath) ? path8.relative(this.baseDirAbs, relPath) : relPath;
5743
5935
  }
5744
5936
  ensureDir(relPath) {
5745
5937
  const relative5 = this.normalizeRelPath(relPath);
5746
- const dirPath = path7.dirname(relative5);
5938
+ const dirPath = path8.dirname(relative5);
5747
5939
  const absDir = this.resolvePath(dirPath === "." ? "" : dirPath);
5748
- if (this.createDir && !fs10.existsSync(absDir)) {
5940
+ if (this.createDir && !fs11.existsSync(absDir)) {
5749
5941
  this.dbLog("mkdir", "[MKDIR]", absDir);
5750
- fs10.mkdirSync(absDir, { recursive: true });
5942
+ fs11.mkdirSync(absDir, { recursive: true });
5751
5943
  }
5752
5944
  return absDir;
5753
5945
  }
@@ -5763,34 +5955,34 @@ function dbDriver(opt = {}) {
5763
5955
  }
5764
5956
  deldir(relativePath) {
5765
5957
  const absPath = this.resolvePath(relativePath);
5766
- if (!fs10.existsSync(absPath)) {
5958
+ if (!fs11.existsSync(absPath)) {
5767
5959
  return;
5768
5960
  }
5769
5961
  this.dbLog("delete", "[RMDIR]", absPath);
5770
- const entries = fs10.readdirSync(absPath, { withFileTypes: true });
5962
+ const entries = fs11.readdirSync(absPath, { withFileTypes: true });
5771
5963
  for (const entry of entries) {
5772
- const current = path7.join(absPath, entry.name);
5964
+ const current = path8.join(absPath, entry.name);
5773
5965
  if (entry.isDirectory()) {
5774
- this.deldir(path7.join(relativePath, entry.name));
5966
+ this.deldir(path8.join(relativePath, entry.name));
5775
5967
  } else {
5776
5968
  this.dbLog("delete", "[UNLINK]", current);
5777
- fs10.unlinkSync(current);
5969
+ fs11.unlinkSync(current);
5778
5970
  }
5779
5971
  }
5780
- fs10.rmdirSync(absPath);
5972
+ fs11.rmdirSync(absPath);
5781
5973
  }
5782
5974
  getReadPath(file, sql) {
5783
5975
  const candidates = [];
5784
- if (_optionalChain([sql, 'optionalAccess', _688 => _688.filename])) {
5785
- candidates.push({ dir: path7.join(file, sql.filename) });
5786
- candidates.push({ dir: path7.join(file + ".delete" + this.fileExt, sql.filename) });
5976
+ if (_optionalChain([sql, 'optionalAccess', _713 => _713.filename])) {
5977
+ candidates.push({ dir: path8.join(file, sql.filename) });
5978
+ candidates.push({ dir: path8.join(file + ".delete" + this.fileExt, sql.filename) });
5787
5979
  } else {
5788
5980
  candidates.push({ dir: file });
5789
5981
  candidates.push({ dir: file + this.fileExt + ".delete" });
5790
5982
  }
5791
5983
  for (const candidate of candidates) {
5792
5984
  const abs = this.getAbsPath(candidate.dir, false);
5793
- if (fs10.existsSync(abs)) {
5985
+ if (fs11.existsSync(abs)) {
5794
5986
  return { path: abs, dir: candidate.dir };
5795
5987
  }
5796
5988
  }
@@ -5801,22 +5993,22 @@ function dbDriver(opt = {}) {
5801
5993
  if (!read2.path) {
5802
5994
  return { path: "", dir: read2.dir };
5803
5995
  }
5804
- if (_optionalChain([sql, 'optionalAccess', _689 => _689.filename])) {
5805
- return { path: path7.dirname(read2.path), dir: path7.dirname(read2.dir) };
5996
+ if (_optionalChain([sql, 'optionalAccess', _714 => _714.filename])) {
5997
+ return { path: path8.dirname(read2.path), dir: path8.dirname(read2.dir) };
5806
5998
  }
5807
5999
  return { path: read2.path, dir: read2.dir };
5808
6000
  }
5809
6001
  getNewPath(file, sql) {
5810
- if (_optionalChain([sql, 'optionalAccess', _690 => _690.filename])) {
5811
- return this.getAbsPath(path7.join(file, sql.filename), true);
6002
+ if (_optionalChain([sql, 'optionalAccess', _715 => _715.filename])) {
6003
+ return this.getAbsPath(path8.join(file, sql.filename), true);
5812
6004
  }
5813
6005
  return this.getAbsPath(file, true);
5814
6006
  }
5815
6007
  write(file, data, sql) {
5816
6008
  try {
5817
- const filePath = _optionalChain([sql, 'optionalAccess', _691 => _691.type]) === "insert" ? this.getNewPath(file, sql) : this.getReadPath(file, sql).path || this.getNewPath(file, sql);
6009
+ const filePath = _optionalChain([sql, 'optionalAccess', _716 => _716.type]) === "insert" ? this.getNewPath(file, sql) : this.getReadPath(file, sql).path || this.getNewPath(file, sql);
5818
6010
  this.dbLog("write", "[WRITE]", filePath);
5819
- fs10.writeFileSync(filePath, data, "utf8");
6011
+ fs11.writeFileSync(filePath, data, "utf8");
5820
6012
  return "ok";
5821
6013
  } catch (e) {
5822
6014
  this.dbLog("write failed", "[WRITE ERROR]", e);
@@ -5830,7 +6022,7 @@ function dbDriver(opt = {}) {
5830
6022
  return { error: "empty" };
5831
6023
  }
5832
6024
  this.dbLog("read", "[READ]", read2.path);
5833
- const data = fs10.readFileSync(read2.path, { encoding }) || "";
6025
+ const data = fs11.readFileSync(read2.path, { encoding }) || "";
5834
6026
  const fileName = this.fileExt && read2.dir.endsWith(this.fileExt) ? read2.dir : read2.dir + this.fileExt;
5835
6027
  return [{ data, file: fileName }];
5836
6028
  } catch (e) {
@@ -5844,15 +6036,15 @@ function dbDriver(opt = {}) {
5844
6036
  if (!del.path) {
5845
6037
  return "";
5846
6038
  }
5847
- if (this.fileDel && _optionalChain([sql, 'optionalAccess', _692 => _692.deltrue])) {
6039
+ if (this.fileDel && _optionalChain([sql, 'optionalAccess', _717 => _717.deltrue])) {
5848
6040
  const target = del.path + ".delete" + this.fileExt;
5849
6041
  this.dbLog("soft delete", "[SOFT DELETE]", `${del.path} -> ${target}`);
5850
- fs10.renameSync(del.path, target);
5851
- } else if (_optionalChain([sql, 'optionalAccess', _693 => _693.filename])) {
6042
+ fs11.renameSync(del.path, target);
6043
+ } else if (_optionalChain([sql, 'optionalAccess', _718 => _718.filename])) {
5852
6044
  this.deldir(del.dir);
5853
6045
  } else {
5854
6046
  this.dbLog("delete", "[DELETE]", del.path);
5855
- fs10.unlinkSync(del.path);
6047
+ fs11.unlinkSync(del.path);
5856
6048
  }
5857
6049
  return "ok";
5858
6050
  } catch (e) {
@@ -5871,11 +6063,11 @@ function dbDriver(opt = {}) {
5871
6063
  const original = del.path.replace(new RegExp(`.delete${extPattern}$`), "");
5872
6064
  if (original !== del.path) {
5873
6065
  this.dbLog("restore", "[RESTORE]", `${del.path} -> ${original}`);
5874
- fs10.renameSync(del.path, original);
6066
+ fs11.renameSync(del.path, original);
5875
6067
  }
5876
6068
  } else {
5877
6069
  this.dbLog("force delete", "[FORCE DELETE]", del.path);
5878
- fs10.unlinkSync(del.path);
6070
+ fs11.unlinkSync(del.path);
5879
6071
  }
5880
6072
  return "ok";
5881
6073
  } catch (e) {
@@ -5889,9 +6081,9 @@ function dbDriver(opt = {}) {
5889
6081
  this.dbLog("list", "[LIST]", absDir);
5890
6082
  let entries;
5891
6083
  try {
5892
- entries = fs10.readdirSync(absDir, { withFileTypes: true });
5893
- } catch (e50) {
5894
- return _optionalChain([sql, 'optionalAccess', _694 => _694.list]) ? { open: [], delete: [] } : [];
6084
+ entries = fs11.readdirSync(absDir, { withFileTypes: true });
6085
+ } catch (e57) {
6086
+ return _optionalChain([sql, 'optionalAccess', _719 => _719.list]) ? { open: [], delete: [] } : [];
5895
6087
  }
5896
6088
  const result = { open: [], delete: [] };
5897
6089
  const deleteSuffix = ".delete" + this.fileExt;
@@ -5901,19 +6093,19 @@ function dbDriver(opt = {}) {
5901
6093
  const isDelete = fileName.endsWith(deleteSuffix);
5902
6094
  const baseName = isDelete ? fileName.slice(0, -deleteSuffix.length) : fileName;
5903
6095
  if (this.fileExt && !baseName.endsWith(this.fileExt)) continue;
5904
- const fullPath = path7.join(absDir, fileName);
6096
+ const fullPath = path8.join(absDir, fileName);
5905
6097
  try {
5906
- const data = fs10.readFileSync(fullPath, "utf8");
6098
+ const data = fs11.readFileSync(fullPath, "utf8");
5907
6099
  const entryData = { data, file: baseName };
5908
6100
  if (isDelete) {
5909
- if (_optionalChain([sql, 'optionalAccess', _695 => _695.list])) result.delete.push(entryData);
6101
+ if (_optionalChain([sql, 'optionalAccess', _720 => _720.list])) result.delete.push(entryData);
5910
6102
  } else {
5911
6103
  result.open.push(entryData);
5912
6104
  }
5913
- } catch (e51) {
6105
+ } catch (e58) {
5914
6106
  }
5915
6107
  }
5916
- return _optionalChain([sql, 'optionalAccess', _696 => _696.list]) ? result : result.open;
6108
+ return _optionalChain([sql, 'optionalAccess', _721 => _721.list]) ? result : result.open;
5917
6109
  } catch (e) {
5918
6110
  this.dbLog("list failed", "[LIST ERROR]", e);
5919
6111
  return e;
@@ -5923,7 +6115,7 @@ function dbDriver(opt = {}) {
5923
6115
  getFileNameFromWhere(where) {
5924
6116
  if (!where || !Array.isArray(where)) return "";
5925
6117
  const first = where.find((item) => Array.isArray(item));
5926
- const raw = _optionalChain([first, 'optionalAccess', _697 => _697[2]]);
6118
+ const raw = _optionalChain([first, 'optionalAccess', _722 => _722[2]]);
5927
6119
  if (typeof raw === "string") {
5928
6120
  return raw.replace(/^'+|'+$/g, "");
5929
6121
  }
@@ -5948,22 +6140,22 @@ function dbDriver(opt = {}) {
5948
6140
  const data = sql.set[0][1];
5949
6141
  result = this.write(this.tableFilePath(sql.table, file), data, sql);
5950
6142
  } else if (sql.type === "select") {
5951
- if (_optionalChain([sql, 'optionalAccess', _698 => _698.where, 'optionalAccess', _699 => _699.length]) && _optionalChain([sql, 'optionalAccess', _700 => _700.as]) !== 2) {
6143
+ if (_optionalChain([sql, 'optionalAccess', _723 => _723.where, 'optionalAccess', _724 => _724.length]) && _optionalChain([sql, 'optionalAccess', _725 => _725.as]) !== 2) {
5952
6144
  const file = this.getFileNameFromWhere(sql.where);
5953
6145
  const readRes = this.read(this.tableFilePath(sql.table, file), sql);
5954
6146
  const resObj = {};
5955
- if (_optionalChain([readRes, 'optionalAccess', _701 => _701[0], 'optionalAccess', _702 => _702.file]) && !readRes.error) {
6147
+ if (_optionalChain([readRes, 'optionalAccess', _726 => _726[0], 'optionalAccess', _727 => _727.file]) && !readRes.error) {
5956
6148
  if (sql.as === 1) {
5957
6149
  try {
5958
6150
  const parsed = JSON.parse(readRes[0].data);
5959
- if (_optionalChain([sql, 'access', _703 => _703.field, 'optionalAccess', _704 => _704.length])) {
6151
+ if (_optionalChain([sql, 'access', _728 => _728.field, 'optionalAccess', _729 => _729.length])) {
5960
6152
  sql.field.forEach((f) => {
5961
6153
  resObj[f] = _nullishCoalesce(parsed[f], () => ( ""));
5962
6154
  });
5963
6155
  } else {
5964
6156
  Object.assign(resObj, parsed);
5965
6157
  }
5966
- } catch (e52) {
6158
+ } catch (e59) {
5967
6159
  }
5968
6160
  } else {
5969
6161
  const fields = sql.field;
@@ -5977,7 +6169,7 @@ function dbDriver(opt = {}) {
5977
6169
  } else {
5978
6170
  const listRes = this.list(tableDir, sql);
5979
6171
  if (listRes && !listRes.error) {
5980
- if (_optionalChain([sql, 'optionalAccess', _705 => _705.list])) {
6172
+ if (_optionalChain([sql, 'optionalAccess', _730 => _730.list])) {
5981
6173
  const mapEntry = /* @__PURE__ */ _chunkSMVZ3ZDJcjs.__name.call(void 0, (el) => {
5982
6174
  const fields = sql.field;
5983
6175
  const item = { [fields[0]]: el.file };
@@ -5988,9 +6180,9 @@ function dbDriver(opt = {}) {
5988
6180
  if (listRes.delete) listRes.delete = listRes.delete.map(mapEntry);
5989
6181
  result = listRes;
5990
6182
  } else {
5991
- if (_optionalChain([sql, 'optionalAccess', _706 => _706.as]) === 2) {
6183
+ if (_optionalChain([sql, 'optionalAccess', _731 => _731.as]) === 2) {
5992
6184
  let items = listRes;
5993
- if (_optionalChain([sql, 'access', _707 => _707.where, 'optionalAccess', _708 => _708.length])) {
6185
+ if (_optionalChain([sql, 'access', _732 => _732.where, 'optionalAccess', _733 => _733.length])) {
5994
6186
  const where = sql.where;
5995
6187
  const whereType = typeof where[0] === "string" ? where[0] : "and";
5996
6188
  items = items.filter((el) => {
@@ -6004,7 +6196,7 @@ function dbDriver(opt = {}) {
6004
6196
  let fieldVal = "";
6005
6197
  try {
6006
6198
  fieldVal = _nullishCoalesce(JSON.parse(el.data)[field], () => ( ""));
6007
- } catch (e53) {
6199
+ } catch (e60) {
6008
6200
  }
6009
6201
  const condMatch = String(fieldVal).includes(searchVal);
6010
6202
  if (whereType === "and") {
@@ -6022,18 +6214,18 @@ function dbDriver(opt = {}) {
6022
6214
  const obj = {};
6023
6215
  try {
6024
6216
  const parsed = JSON.parse(el.data);
6025
- if (_optionalChain([sql, 'access', _709 => _709.field, 'optionalAccess', _710 => _710.length])) {
6217
+ if (_optionalChain([sql, 'access', _734 => _734.field, 'optionalAccess', _735 => _735.length])) {
6026
6218
  sql.field.forEach((f) => {
6027
6219
  obj[f] = _nullishCoalesce(parsed[f], () => ( ""));
6028
6220
  });
6029
6221
  } else {
6030
6222
  Object.assign(obj, parsed);
6031
6223
  }
6032
- } catch (e54) {
6224
+ } catch (e61) {
6033
6225
  }
6034
6226
  return obj;
6035
6227
  });
6036
- if (_optionalChain([sql, 'access', _711 => _711.order, 'optionalAccess', _712 => _712.length])) {
6228
+ if (_optionalChain([sql, 'access', _736 => _736.order, 'optionalAccess', _737 => _737.length])) {
6037
6229
  const orderField = sql.order[0];
6038
6230
  const orderFieldName = typeof orderField === "string" ? orderField : orderField[0];
6039
6231
  const direction = typeof orderField === "string" ? "ASC" : String(orderField[1]).toUpperCase();
@@ -6054,7 +6246,7 @@ function dbDriver(opt = {}) {
6054
6246
  }
6055
6247
  }
6056
6248
  } else {
6057
- result = _optionalChain([sql, 'optionalAccess', _713 => _713.list]) ? { open: [], delete: [] } : [];
6249
+ result = _optionalChain([sql, 'optionalAccess', _738 => _738.list]) ? { open: [], delete: [] } : [];
6058
6250
  }
6059
6251
  }
6060
6252
  }
@@ -6110,7 +6302,7 @@ function sysserver($asai, opt = {}) {
6110
6302
  if (!$asai.$lib) $asai.$lib = {};
6111
6303
  $asai.$lib = { ...lib_default, ...$asai.$lib, ...opt || {} };
6112
6304
  $asai.dataserver = db_default;
6113
- _optionalChain([$asai, 'access', _714 => _714.$lib, 'access', _715 => _715.ErrorCode, 'optionalAccess', _716 => _716.loadErrorCodes, 'optionalCall', _717 => _717($asai)]);
6305
+ _optionalChain([$asai, 'access', _739 => _739.$lib, 'access', _740 => _740.ErrorCode, 'optionalAccess', _741 => _741.loadErrorCodes, 'optionalCall', _742 => _742($asai)]);
6114
6306
  if (!$asai.$lib.api) $asai.$lib.api = {};
6115
6307
  $asai.$lib.api = { ...api_default, ...$asai.$lib.api };
6116
6308
  if (!$asai.$lib.ws) $asai.$lib.ws = {};
@@ -6303,7 +6495,7 @@ function normalizeDataStoresConfig(cfg) {
6303
6495
  }
6304
6496
  if (userStore.opt.create == null) userStore.opt.create = 1;
6305
6497
  }
6306
- if (!stores.log && _optionalChain([cfg, 'access', _718 => _718.logger, 'optionalAccess', _719 => _719.store])) {
6498
+ if (!stores.log && _optionalChain([cfg, 'access', _743 => _743.logger, 'optionalAccess', _744 => _744.store])) {
6307
6499
  const s = cfg.logger.store;
6308
6500
  stores.log = {
6309
6501
  type: s.type || "file",
@@ -6367,13 +6559,13 @@ function validateHostConfig(cfg) {
6367
6559
  if (cfg.asaisn != null) {
6368
6560
  errors.push("asaisn \u7981\u6B62\u5199\u5165 asaihost.json\uFF0C\u8BF7\u4F7F\u7528 ASAI_ASAISN");
6369
6561
  }
6370
- if (_optionalChain([cfg, 'access', _720 => _720.aes, 'optionalAccess', _721 => _721.keybase64]) != null) {
6562
+ if (_optionalChain([cfg, 'access', _745 => _745.aes, 'optionalAccess', _746 => _746.keybase64]) != null) {
6371
6563
  errors.push("aes.keybase64 \u7981\u6B62\u5199\u5165 asaihost.json\uFF0C\u8BF7\u4F7F\u7528 ASAI_AES_KEYBASE64");
6372
6564
  }
6373
- if (_optionalChain([cfg, 'access', _722 => _722.httpscert, 'optionalAccess', _723 => _723.key]) != null || _optionalChain([cfg, 'access', _724 => _724.httpscert, 'optionalAccess', _725 => _725.cert]) != null) {
6565
+ if (_optionalChain([cfg, 'access', _747 => _747.httpscert, 'optionalAccess', _748 => _748.key]) != null || _optionalChain([cfg, 'access', _749 => _749.httpscert, 'optionalAccess', _750 => _750.cert]) != null) {
6374
6566
  errors.push("httpscert.key/cert \u7981\u6B62\u5185\u8054\u4E8E asaihost.json\uFF0C\u8BF7\u4F7F\u7528 keyPath/certPath \u6216\u73AF\u5883\u53D8\u91CF");
6375
6567
  }
6376
- if (_optionalChain([cfg, 'access', _726 => _726.security, 'optionalAccess', _727 => _727.sessionSecret]) != null) {
6568
+ if (_optionalChain([cfg, 'access', _751 => _751.security, 'optionalAccess', _752 => _752.sessionSecret]) != null) {
6377
6569
  errors.push("security.sessionSecret \u7981\u6B62\u5199\u5165 asaihost.json\uFF0C\u8BF7\u4F7F\u7528 ASAI_SESSION_SECRET");
6378
6570
  }
6379
6571
  if (Array.isArray(cfg.wssec) && typeof cfg.wssec[0] === "string" && cfg.wssec[0].length > 0) {
@@ -6428,10 +6620,10 @@ function validateHostConfig(cfg) {
6428
6620
  validateHostSiteLimits(name, h, errors);
6429
6621
  }
6430
6622
  }
6431
- if (_optionalChain([cfg, 'access', _728 => _728.logger, 'optionalAccess', _729 => _729.sample]) && typeof cfg.logger.sample !== "object") {
6623
+ if (_optionalChain([cfg, 'access', _753 => _753.logger, 'optionalAccess', _754 => _754.sample]) && typeof cfg.logger.sample !== "object") {
6432
6624
  errors.push('logger.sample \u5FC5\u987B\u4E3A\u5BF9\u8C61\uFF08\u5982 { "REQ_OTHER": 0.1 }\uFF09');
6433
6625
  }
6434
- if (_optionalChain([cfg, 'access', _730 => _730.logger, 'optionalAccess', _731 => _731.skip]) != null && !Array.isArray(cfg.logger.skip)) {
6626
+ if (_optionalChain([cfg, 'access', _755 => _755.logger, 'optionalAccess', _756 => _756.skip]) != null && !Array.isArray(cfg.logger.skip)) {
6435
6627
  errors.push('logger.skip \u5FC5\u987B\u4E3A\u5B57\u7B26\u4E32\u6570\u7EC4\uFF08\u5982 ["/sys/info/metrics"]\uFF09');
6436
6628
  }
6437
6629
  if (cfg.proxyhosts && typeof cfg.proxyhosts === "object") {
@@ -6465,7 +6657,7 @@ _chunkSMVZ3ZDJcjs.__name.call(void 0, validateHostSiteLimits, "validateHostSiteL
6465
6657
  function validateProductionSecurity(cfg) {
6466
6658
  const errors = [];
6467
6659
  if (process.env.NODE_ENV !== "production") return errors;
6468
- const sec = _optionalChain([cfg, 'optionalAccess', _732 => _732.security]);
6660
+ const sec = _optionalChain([cfg, 'optionalAccess', _757 => _757.security]);
6469
6661
  if (!sec || typeof sec !== "object") {
6470
6662
  errors.push("\u751F\u4EA7\u73AF\u5883\u5FC5\u987B\u914D\u7F6E security \u5BF9\u8C61");
6471
6663
  return errors;
@@ -6476,7 +6668,7 @@ function validateProductionSecurity(cfg) {
6476
6668
  if (sec.allowRegister === 1) {
6477
6669
  errors.push("\u751F\u4EA7\u73AF\u5883 security.allowRegister \u5E94\u4E3A 0\uFF08CR 1.3 \u7981\u6B62\u5F00\u653E\u6CE8\u518C\uFF09");
6478
6670
  }
6479
- if (!_optionalChain([sec, 'access', _733 => _733.quota, 'optionalAccess', _734 => _734.enabled])) {
6671
+ if (!_optionalChain([sec, 'access', _758 => _758.quota, 'optionalAccess', _759 => _759.enabled])) {
6480
6672
  errors.push("\u751F\u4EA7\u73AF\u5883 security.quota.enabled \u5E94\u4E3A 1\uFF08CR 7.1 \u8D44\u6E90\u9650\u5236\uFF09");
6481
6673
  }
6482
6674
  if (sec.csp !== 1) {
@@ -6485,7 +6677,7 @@ function validateProductionSecurity(cfg) {
6485
6677
  if (typeof sec.minUserLevel !== "number" || sec.minUserLevel < 0) {
6486
6678
  errors.push("\u751F\u4EA7\u73AF\u5883 security.minUserLevel \u5E94\u663E\u5F0F\u914D\u7F6E");
6487
6679
  }
6488
- if (sec.forceWss === 1 && !_optionalChain([cfg, 'optionalAccess', _735 => _735.httpscert, 'optionalAccess', _736 => _736.keyPath]) && !_optionalChain([cfg, 'optionalAccess', _737 => _737.httpscert, 'optionalAccess', _738 => _738.key])) {
6680
+ if (sec.forceWss === 1 && !_optionalChain([cfg, 'optionalAccess', _760 => _760.httpscert, 'optionalAccess', _761 => _761.keyPath]) && !_optionalChain([cfg, 'optionalAccess', _762 => _762.httpscert, 'optionalAccess', _763 => _763.key])) {
6489
6681
  errors.push("\u751F\u4EA7\u73AF\u5883 security.forceWss=1 \u65F6\u9700\u914D\u7F6E HTTPS \u8BC1\u4E66");
6490
6682
  }
6491
6683
  return errors;
@@ -6504,12 +6696,12 @@ var DEFAULT_RECONNECT = {
6504
6696
  rs485: { enabled: true, maxRetries: 60, initialDelay: 3e3, maxDelay: 3e4, factor: 2 }
6505
6697
  };
6506
6698
  function getTransportBlock(cfg, kind) {
6507
- const block = _optionalChain([cfg, 'optionalAccess', _739 => _739[kind]]);
6699
+ const block = _optionalChain([cfg, 'optionalAccess', _764 => _764[kind]]);
6508
6700
  return block && typeof block === "object" ? block : null;
6509
6701
  }
6510
6702
  _chunkSMVZ3ZDJcjs.__name.call(void 0, getTransportBlock, "getTransportBlock");
6511
6703
  function getTransportDefault(cfg, kind) {
6512
- const def = _optionalChain([getTransportBlock, 'call', _740 => _740(cfg, kind), 'optionalAccess', _741 => _741.default]);
6704
+ const def = _optionalChain([getTransportBlock, 'call', _765 => _765(cfg, kind), 'optionalAccess', _766 => _766.default]);
6513
6705
  return def && typeof def === "object" ? def : null;
6514
6706
  }
6515
6707
  _chunkSMVZ3ZDJcjs.__name.call(void 0, getTransportDefault, "getTransportDefault");
@@ -6519,7 +6711,7 @@ function hasTransportDefault(cfg, kind) {
6519
6711
  _chunkSMVZ3ZDJcjs.__name.call(void 0, hasTransportDefault, "hasTransportDefault");
6520
6712
  function getDefaultConnId(cfg, kind) {
6521
6713
  const def = getTransportDefault(cfg, kind);
6522
- const id = _optionalChain([def, 'optionalAccess', _742 => _742.id]);
6714
+ const id = _optionalChain([def, 'optionalAccess', _767 => _767.id]);
6523
6715
  return typeof id === "string" && id.length > 0 ? id : DEFAULT_CONN_ID[kind];
6524
6716
  }
6525
6717
  _chunkSMVZ3ZDJcjs.__name.call(void 0, getDefaultConnId, "getDefaultConnId");
@@ -6530,14 +6722,14 @@ function shouldAutoConnect(def) {
6530
6722
  _chunkSMVZ3ZDJcjs.__name.call(void 0, shouldAutoConnect, "shouldAutoConnect");
6531
6723
  function resolveReconnectOptions(def, kind, cfg) {
6532
6724
  const base = DEFAULT_RECONNECT[kind];
6533
- const rc = _optionalChain([def, 'optionalAccess', _743 => _743.reconnect]);
6534
- const tmMaxTry = _optionalChain([cfg, 'optionalAccess', _744 => _744.tm, 'optionalAccess', _745 => _745.maxtry]);
6725
+ const rc = _optionalChain([def, 'optionalAccess', _768 => _768.reconnect]);
6726
+ const tmMaxTry = _optionalChain([cfg, 'optionalAccess', _769 => _769.tm, 'optionalAccess', _770 => _770.maxtry]);
6535
6727
  return {
6536
- enabled: _optionalChain([rc, 'optionalAccess', _746 => _746.enabled]) !== false && base.enabled !== false,
6537
- maxRetries: _nullishCoalesce(_nullishCoalesce(_nullishCoalesce(_optionalChain([rc, 'optionalAccess', _747 => _747.maxRetries]), () => ( tmMaxTry)), () => ( base.maxRetries)), () => ( 60)),
6538
- initialDelay: _nullishCoalesce(_nullishCoalesce(_optionalChain([rc, 'optionalAccess', _748 => _748.initialDelay]), () => ( base.initialDelay)), () => ( 1e3)),
6539
- maxDelay: _nullishCoalesce(_nullishCoalesce(_optionalChain([rc, 'optionalAccess', _749 => _749.maxDelay]), () => ( base.maxDelay)), () => ( 3e4)),
6540
- factor: _nullishCoalesce(_nullishCoalesce(_optionalChain([rc, 'optionalAccess', _750 => _750.factor]), () => ( base.factor)), () => ( 2))
6728
+ enabled: _optionalChain([rc, 'optionalAccess', _771 => _771.enabled]) !== false && base.enabled !== false,
6729
+ maxRetries: _nullishCoalesce(_nullishCoalesce(_nullishCoalesce(_optionalChain([rc, 'optionalAccess', _772 => _772.maxRetries]), () => ( tmMaxTry)), () => ( base.maxRetries)), () => ( 60)),
6730
+ initialDelay: _nullishCoalesce(_nullishCoalesce(_optionalChain([rc, 'optionalAccess', _773 => _773.initialDelay]), () => ( base.initialDelay)), () => ( 1e3)),
6731
+ maxDelay: _nullishCoalesce(_nullishCoalesce(_optionalChain([rc, 'optionalAccess', _774 => _774.maxDelay]), () => ( base.maxDelay)), () => ( 3e4)),
6732
+ factor: _nullishCoalesce(_nullishCoalesce(_optionalChain([rc, 'optionalAccess', _775 => _775.factor]), () => ( base.factor)), () => ( 2))
6541
6733
  };
6542
6734
  }
6543
6735
  _chunkSMVZ3ZDJcjs.__name.call(void 0, resolveReconnectOptions, "resolveReconnectOptions");
@@ -6587,17 +6779,17 @@ function createTransportDataHandler($asai, manager) {
6587
6779
  if (typeof event.data === "string") {
6588
6780
  try {
6589
6781
  event.data = JSON.parse(event.data);
6590
- } catch (e55) {
6782
+ } catch (e62) {
6591
6783
  }
6592
6784
  }
6593
- if (_optionalChain([event, 'access', _751 => _751.data, 'optionalAccess', _752 => _752.id])) {
6785
+ if (_optionalChain([event, 'access', _776 => _776.data, 'optionalAccess', _777 => _777.id])) {
6594
6786
  manager.watch(event.id, event.data);
6595
6787
  return;
6596
6788
  }
6597
6789
  try {
6598
- const wsKey = _optionalChain([$asai, 'optionalAccess', _753 => _753.command, 'optionalAccess', _754 => _754.commandconfig, 'optionalAccess', _755 => _755.config, 'optionalAccess', _756 => _756.commandclient]);
6599
- _optionalChain([$asai, 'access', _757 => _757.serversws, 'optionalAccess', _758 => _758[wsKey], 'optionalAccess', _759 => _759.broadws, 'optionalCall', _760 => _760(event.data)]);
6600
- } catch (e56) {
6790
+ const wsKey = _optionalChain([$asai, 'optionalAccess', _778 => _778.command, 'optionalAccess', _779 => _779.commandconfig, 'optionalAccess', _780 => _780.config, 'optionalAccess', _781 => _781.commandclient]);
6791
+ _optionalChain([$asai, 'access', _782 => _782.serversws, 'optionalAccess', _783 => _783[wsKey], 'optionalAccess', _784 => _784.broadws, 'optionalCall', _785 => _785(event.data)]);
6792
+ } catch (e63) {
6601
6793
  }
6602
6794
  };
6603
6795
  }
@@ -6644,20 +6836,20 @@ var initAsaiHostNodejs2 = {
6644
6836
  initHostserverWs,
6645
6837
  syncApiRouteKeys,
6646
6838
  syncWsRouteKeys,
6647
- secureCompare: _chunkWXW5DYNUcjs.secureCompare,
6839
+ secureCompare: _chunkH2QP5J7Xcjs.secureCompare,
6648
6840
  resolvePathUnderRoots,
6649
6841
  getHostAllowedRoots,
6650
6842
  logSecurityEvent,
6651
6843
  sanitizeString,
6652
6844
  validateHttpAuth,
6653
6845
  normalizeSecurityConfig,
6654
- stripForbiddenSecretsFromHostConfig: _chunkZK4O4Z2Ocjs.stripForbiddenSecretsFromHostConfig,
6655
- loadAsaiSecrets: _chunkZK4O4Z2Ocjs.loadAsaiSecrets,
6656
- loadDotEnvFile: _chunkZK4O4Z2Ocjs.loadDotEnvFile,
6657
- applySecretsToHostConfig: _chunkZK4O4Z2Ocjs.applySecretsToHostConfig,
6658
- resolveHttpsCertFromPaths: _chunkZK4O4Z2Ocjs.resolveHttpsCertFromPaths,
6659
- validateAsaiSecrets: _chunkZK4O4Z2Ocjs.validateAsaiSecrets,
6660
- isDevDefaultPassword: _chunkZK4O4Z2Ocjs.isDevDefaultPassword,
6846
+ stripForbiddenSecretsFromHostConfig: _chunk5EWEKXQIcjs.stripForbiddenSecretsFromHostConfig,
6847
+ loadAsaiSecrets: _chunk5EWEKXQIcjs.loadAsaiSecrets,
6848
+ loadDotEnvFile: _chunk5EWEKXQIcjs.loadDotEnvFile,
6849
+ applySecretsToHostConfig: _chunk5EWEKXQIcjs.applySecretsToHostConfig,
6850
+ resolveHttpsCertFromPaths: _chunk5EWEKXQIcjs.resolveHttpsCertFromPaths,
6851
+ validateAsaiSecrets: _chunk5EWEKXQIcjs.validateAsaiSecrets,
6852
+ isDevDefaultPassword: _chunk5EWEKXQIcjs.isDevDefaultPassword,
6661
6853
  getTransportBlock,
6662
6854
  getTransportDefault,
6663
6855
  hasTransportDefault,
@@ -6669,7 +6861,7 @@ var initAsaiHostNodejs2 = {
6669
6861
  createTransportDataHandler,
6670
6862
  wireTransportConnectionLogs
6671
6863
  };
6672
- var PLUGIN_VERSION = true ? "0.0.9" : "0.0.1";
6864
+ var PLUGIN_VERSION = true ? "0.0.10" : "0.0.1";
6673
6865
  var index_default = initAsaiHostNodejs2;
6674
6866
 
6675
6867
 
@@ -6712,5 +6904,5 @@ var index_default = initAsaiHostNodejs2;
6712
6904
 
6713
6905
 
6714
6906
 
6715
- exports.AsaiCommon = Index_default; exports.AsaiUtils = utils_exports; exports.PLUGIN_NAME = PLUGIN_NAME; exports.PLUGIN_VERSION = PLUGIN_VERSION; exports.applySecretsToHostConfig = _chunkZK4O4Z2Ocjs.applySecretsToHostConfig; exports.createTransportDataHandler = createTransportDataHandler; exports.default = index_default; exports.ensureDefaultConnection = ensureDefaultConnection; exports.getDefaultConnId = getDefaultConnId; exports.getHostAllowedRoots = getHostAllowedRoots; exports.getTransportBlock = getTransportBlock; exports.getTransportDefault = getTransportDefault; exports.hasTransportDefault = hasTransportDefault; exports.initAsaiHostNodejs = initAsaiHostNodejs2; exports.initHostserverApi = initHostserverApi; exports.initHostserverWs = initHostserverWs; exports.initTransportBridge = initTransportBridge; exports.isDevDefaultPassword = _chunkZK4O4Z2Ocjs.isDevDefaultPassword; exports.loadAsaiSecrets = _chunkZK4O4Z2Ocjs.loadAsaiSecrets; exports.loadDotEnvFile = _chunkZK4O4Z2Ocjs.loadDotEnvFile; exports.logSecurityEvent = logSecurityEvent; exports.normalizeHostConfig = normalizeHostConfig; exports.normalizeSecurityConfig = normalizeSecurityConfig; exports.registerApi = registerApi; exports.registerWs = registerWs; exports.resolveHttpsCertFromPaths = _chunkZK4O4Z2Ocjs.resolveHttpsCertFromPaths; exports.resolvePathUnderRoots = resolvePathUnderRoots; exports.resolveReconnectOptions = resolveReconnectOptions; exports.sanitizeString = sanitizeString; exports.secureCompare = _chunkWXW5DYNUcjs.secureCompare; exports.shouldAutoConnect = shouldAutoConnect; exports.stripForbiddenSecretsFromHostConfig = _chunkZK4O4Z2Ocjs.stripForbiddenSecretsFromHostConfig; exports.syncApiRouteKeys = syncApiRouteKeys; exports.syncWsRouteKeys = syncWsRouteKeys; exports.sysserver = sysserver; exports.validateAsaiSecrets = _chunkZK4O4Z2Ocjs.validateAsaiSecrets; exports.validateHostConfig = validateHostConfig; exports.validateHttpAuth = validateHttpAuth; exports.validateProductionSecurity = validateProductionSecurity; exports.wireTransportConnectionLogs = wireTransportConnectionLogs;
6907
+ exports.AsaiCommon = Index_default; exports.AsaiUtils = utils_exports; exports.PLUGIN_NAME = PLUGIN_NAME; exports.PLUGIN_VERSION = PLUGIN_VERSION; exports.applySecretsToHostConfig = _chunk5EWEKXQIcjs.applySecretsToHostConfig; exports.createTransportDataHandler = createTransportDataHandler; exports.default = index_default; exports.ensureDefaultConnection = ensureDefaultConnection; exports.getDefaultConnId = getDefaultConnId; exports.getHostAllowedRoots = getHostAllowedRoots; exports.getTransportBlock = getTransportBlock; exports.getTransportDefault = getTransportDefault; exports.hasTransportDefault = hasTransportDefault; exports.initAsaiHostNodejs = initAsaiHostNodejs2; exports.initHostserverApi = initHostserverApi; exports.initHostserverWs = initHostserverWs; exports.initTransportBridge = initTransportBridge; exports.isDevDefaultPassword = _chunk5EWEKXQIcjs.isDevDefaultPassword; exports.loadAsaiSecrets = _chunk5EWEKXQIcjs.loadAsaiSecrets; exports.loadDotEnvFile = _chunk5EWEKXQIcjs.loadDotEnvFile; exports.logSecurityEvent = logSecurityEvent; exports.normalizeHostConfig = normalizeHostConfig; exports.normalizeSecurityConfig = normalizeSecurityConfig; exports.registerApi = registerApi; exports.registerWs = registerWs; exports.resolveHttpsCertFromPaths = _chunk5EWEKXQIcjs.resolveHttpsCertFromPaths; exports.resolvePathUnderRoots = resolvePathUnderRoots; exports.resolveReconnectOptions = resolveReconnectOptions; exports.sanitizeString = sanitizeString; exports.secureCompare = _chunkH2QP5J7Xcjs.secureCompare; exports.shouldAutoConnect = shouldAutoConnect; exports.stripForbiddenSecretsFromHostConfig = _chunk5EWEKXQIcjs.stripForbiddenSecretsFromHostConfig; exports.syncApiRouteKeys = syncApiRouteKeys; exports.syncWsRouteKeys = syncWsRouteKeys; exports.sysserver = sysserver; exports.validateAsaiSecrets = _chunk5EWEKXQIcjs.validateAsaiSecrets; exports.validateHostConfig = validateHostConfig; exports.validateHttpAuth = validateHttpAuth; exports.validateProductionSecurity = validateProductionSecurity; exports.wireTransportConnectionLogs = wireTransportConnectionLogs;
6716
6908
  //# sourceMappingURL=asaihost-nodejs.cjs.map